This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug dynamic-link/21209] LD_HWCAP_MASK read in setuid binaries

From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Tue, 20 Jun 2017 04:02:58 +0000
Subject: [Bug dynamic-link/21209] LD_HWCAP_MASK read in setuid binaries
Auto-submitted: auto-generated
References: <bug-21209-131@http.sourceware.org/bugzilla/>

https://sourceware.org/bugzilla/show_bug.cgi?id=21209

--- Comment #4 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, release/2.25/master has been updated
       via  3776f38fcd267c127ba5eb222e2c614c191744aa (commit)
      from  c69d4a0f680a24fdbe323764a50382ad324041e9 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3776f38fcd267c127ba5eb222e2c614c191744aa

commit 3776f38fcd267c127ba5eb222e2c614c191744aa
Author: Siddhesh Poyarekar <siddhesh@sourceware.org>
Date:   Tue Jun 20 05:59:17 2017 +0200

    Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (bug #21209)

    The LD_HWCAP_MASK environment variable may alter the selection of
    function variants for some architectures.  For AT_SECURE process it
    means that if an outdated routine has a bug that would otherwise not
    affect newer platforms by default, LD_HWCAP_MASK will allow that bug
    to be exploited.

    To be on the safe side, ignore and disable LD_HWCAP_MASK for setuid
    binaries.

        [BZ #21209]
        * elf/rtld.c (process_envvars): Ignore LD_HWCAP_MASK for
        AT_SECURE processes.
        * sysdeps/generic/unsecvars.h: Add LD_HWCAP_MASK.
        * elf/tst-env-setuid.c (test_parent): Test LD_HWCAP_MASK.
        (test_child): Likewise.
        * elf/Makefile (tst-env-setuid-ENV): Add LD_HWCAP_MASK.

    (cherry picked from commit 1c1243b6fc33c029488add276e56570a07803bfd)

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                   |   10 ++++++++++
 NEWS                        |    1 +
 elf/Makefile                |    3 ++-
 elf/rtld.c                  |    3 ++-
 elf/tst-env-setuid.c        |   12 ++++++++++++
 sysdeps/generic/unsecvars.h |    1 +
 6 files changed, 28 insertions(+), 2 deletions(-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]