aboutsummaryrefslogtreecommitdiff
path: root/sysdeps
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2017-12-18 20:04:13 +0100
committerFlorian Weimer <fweimer@redhat.com>2017-12-18 20:04:13 +0100
commit8e1472d2c1e25e6eabc2059170731365f6d5b3d1 (patch)
tree5b29308e6b00178a34422b6f7bb7b4f9252801dc /sysdeps
parent49b036bce9f021ae994a85aee8b410d20b29c8b7 (diff)
downloadglibc-8e1472d2c1e25e6eabc2059170731365f6d5b3d1.tar
glibc-8e1472d2c1e25e6eabc2059170731365f6d5b3d1.tar.gz
glibc-8e1472d2c1e25e6eabc2059170731365f6d5b3d1.tar.bz2
glibc-8e1472d2c1e25e6eabc2059170731365f6d5b3d1.zip
ld.so: Examine GLRO to detect inactive loader [BZ #20204]
GLRO (_rtld_global_ro) is read-only after initialization and can therefore not be patched at run time, unlike the hook table addresses and their contents, so this is a desirable hardening feature. The hooks are only needed if ld.so has not been initialized, and this happens only after static dlopen (dlmopen uses a single ld.so object across all namespaces). Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Diffstat (limited to 'sysdeps')
-rw-r--r--sysdeps/generic/ldsodefs.h20
1 files changed, 19 insertions, 1 deletions
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
index 196513851f..658a4f20b4 100644
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@@ -558,7 +558,11 @@ struct rtld_global_ro
/* Map of shared object to be prelink traced. */
EXTERN struct link_map *_dl_trace_prelink_map;
- /* All search directories defined at startup. */
+ /* All search directories defined at startup. This is assigned a
+ non-NULL pointer by the ld.so startup code (after initialization
+ to NULL), so this can also serve as an indicator whether a copy
+ of ld.so is initialized and active. See the rtld_active function
+ below. */
EXTERN struct r_search_path_elem *_dl_init_all_dirs;
#ifdef NEED_DL_SYSINFO
@@ -1144,6 +1148,20 @@ extern void _dl_non_dynamic_init (void)
extern void _dl_aux_init (ElfW(auxv_t) *av)
attribute_hidden;
+/* Return true if the ld.so copy in this namespace is actually active
+ and working. If false, the dl_open/dlfcn hooks have to be used to
+ call into the outer dynamic linker (which happens after static
+ dlopen). */
+#ifdef SHARED
+static inline bool
+rtld_active (void)
+{
+ /* The default-initialized variable does not have a non-zero
+ dl_init_all_dirs member, so this allows us to recognize an
+ initialized and active ld.so copy. */
+ return GLRO(dl_init_all_dirs) != NULL;
+}
+#endif
__END_DECLS