From 3e539cb47e9fabfdda295926b4270b0f3cc7fa65 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Thu, 13 Jan 2005 02:08:37 +0000 Subject: * elf/dl-load.c (_dl_map_object_from_fd): We don't have to allow callers from libc anymore. * elf/dl-open.c (dl_open_worker): Pass __RTLD_AUDIT flag from caller to _dl_map_object_deps. * elf/dl-load.c (_dl_map_object_from_fd): Don't change memory protections when loading auditing modules. * dlfcn/dlopen.c (dlopen_doit): Catch invalid mode arguments and fail. --- elf/dl-load.c | 4 ++-- elf/dl-open.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'elf') diff --git a/elf/dl-load.c b/elf/dl-load.c index 363f77bcdf..f74f98f91e 100644 --- a/elf/dl-load.c +++ b/elf/dl-load.c @@ -1359,14 +1359,14 @@ cannot allocate TLS data structures for initial thread"); protection of the variable which contains the flags used in the mprotect calls. */ #ifdef HAVE_Z_RELRO - if (mode & __RTLD_DLOPEN) + if ((mode & (__RTLD_DLOPEN | __RTLD_AUDIT)) == __RTLD_DLOPEN) { uintptr_t p = ((uintptr_t) &__stack_prot) & ~(GLRO(dl_pagesize) - 1); size_t s = (uintptr_t) &__stack_prot - p + sizeof (int); __mprotect ((void *) p, s, PROT_READ|PROT_WRITE); if (__builtin_expect (__check_caller (RETURN_ADDRESS (0), - allow_ldso|allow_libc) == 0, + allow_ldso) == 0, 0)) __stack_prot |= PROT_EXEC; __mprotect ((void *) p, s, PROT_READ); diff --git a/elf/dl-open.c b/elf/dl-open.c index c2cf1dbf13..4de20720ed 100644 --- a/elf/dl-open.c +++ b/elf/dl-open.c @@ -305,7 +305,7 @@ dl_open_worker (void *a) /* Load that object's dependencies. */ _dl_map_object_deps (new, NULL, 0, 0, - mode & (__RTLD_DLOPEN | RTLD_DEEPBIND)); + mode & (__RTLD_DLOPEN | RTLD_DEEPBIND | __RTLD_AUDIT)); /* So far, so good. Now check the versions. */ for (i = 0; i < new->l_searchlist.r_nlist; ++i) -- cgit v1.2.3