From eec8b6cae586451deadf30c371f7b5e4c9d573d1 Mon Sep 17 00:00:00 2001
From: Ulrich Drepper <drepper@redhat.com>
Date: Sat, 27 Mar 2004 03:40:33 +0000
Subject: Update.

2004-03-26  Ulrich Drepper  <drepper@redhat.com>

	* elf/dl-caller.c: New file.
	* include/caller.h: New file.
	* Makefile (distribute): Add include/caller.h.
	* elf/Makefile (dl-routines): Add dl-caller.
	* elf/dl-load.c (_dl_map_object_from_fd): Record l_text_end.
	* elf/dl-open.c (check_libc_caller): Removed.
	(dl_open_worker): Use __check_caller instead.
	* elf/rtld.c (_rtld_global_ro): Initialize _dl_check_caller.
	(_dl_start_final): Record l_text_end for ld.so map.
	(dl_main): Record l_text_end for main object and vdso.
	* include/link.h (struct link_map): Add l_text_end field.
	* sysdeps/generic/ldsodefs.h (struct rtld_global_ro): Add
	_dl_check_caller field.
	Define enum allowmask.  Add declaration of _dl_check_caller.
	* sysdeps/unix/sysv/linux/dl-execstack.c: Also use __check_caller test.
---
 sysdeps/generic/ldsodefs.h             | 16 ++++++++++++++++
 sysdeps/unix/sysv/linux/dl-execstack.c | 12 +++++++++---
 2 files changed, 25 insertions(+), 3 deletions(-)

(limited to 'sysdeps')

diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
index 4ff8bbf217..53c3290e01 100644
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@@ -171,6 +171,17 @@ struct libname_list
   };
 
 
+/* Bit masks for the objects which valid callers can come from to
+   functions with restricted interface.  */
+enum allowmask
+  {
+    allow_libc = 1,
+    allow_libdl = 2,
+    allow_libpthread = 4,
+    allow_ldso = 8
+  };
+
+
 /* Test whether given NAME matches any of the names of the given object.  */
 extern int _dl_name_match_p (const char *__name, struct link_map *__map)
      internal_function;
@@ -492,6 +503,7 @@ struct rtld_global_ro
 						     const struct r_found_version *,
 						     int, int,
 						     struct link_map *);
+  int (*_dl_check_caller) (const void *, enum allowmask);
 
 };
 # define __rtld_global_attribute__
@@ -878,6 +890,10 @@ extern size_t _dl_dst_count (const char *name, int is_path) attribute_hidden;
 extern char *_dl_dst_substitute (struct link_map *l, const char *name,
 				 char *result, int is_path) attribute_hidden;
 
+/* Check validity of the caller.  */
+extern int _dl_check_caller (const void *caller, enum allowmask mask)
+     attribute_hidden;
+
 __END_DECLS
 
 #endif /* ldsodefs.h */
diff --git a/sysdeps/unix/sysv/linux/dl-execstack.c b/sysdeps/unix/sysv/linux/dl-execstack.c
index d3b048192c..248196040a 100644
--- a/sysdeps/unix/sysv/linux/dl-execstack.c
+++ b/sysdeps/unix/sysv/linux/dl-execstack.c
@@ -20,8 +20,10 @@
 #include <ldsodefs.h>
 #include <sys/mman.h>
 #include <errno.h>
+#include <libintl.h>
 #include <stdbool.h>
 #include <stackinfo.h>
+#include <caller.h>
 
 #include "kernel-features.h"
 
@@ -31,13 +33,14 @@ internal_function
 _dl_make_stack_executable (void **stack_endp)
 {
   /* This gives us the highest/lowest page that needs to be changed.  */
-  uintptr_t page = ((uintptr_t) __libc_stack_end
+  uintptr_t page = ((uintptr_t) *stack_endp
 		    & -(intptr_t) GLRO(dl_pagesize));
 
   /* Challenge the caller.  */
-  if (__builtin_expect (*stack_endp != __libc_stack_end, 0))
+  if (__builtin_expect (__check_caller (__builtin_return_address (0),
+					allow_ldso|allow_libpthread) != 0, 0)
+      || __builtin_expect (*stack_endp != __libc_stack_end, 0))
     return EPERM;
-  *stack_endp = NULL;
 
 #if _STACK_GROWS_DOWN
   /* Newer Linux kernels support a flag to make our job easy.  */
@@ -151,6 +154,9 @@ _dl_make_stack_executable (void **stack_endp)
 #endif
 
  return_success:
+  /* Clear the address.  */
+  *stack_endp = NULL;
+
   /* Remember that we changed the permission.  */
   GL(dl_stack_flags) |= PF_X;
 
-- 
cgit 1.4.1