Page MenuHomeFreeBSD

Indicate issetugid in AT_BSDFLAGS
AbandonedPublic

Authored by mjg on Feb 21 2020, 12:16 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Nov 4, 7:41 AM
Unknown Object (File)
Wed, Oct 23, 10:58 PM
Unknown Object (File)
Tue, Oct 22, 1:22 PM
Unknown Object (File)
Oct 1 2024, 4:43 AM
Unknown Object (File)
Sep 21 2024, 7:09 AM
Unknown Object (File)
Sep 11 2024, 1:41 PM
Unknown Object (File)
Sep 9 2024, 1:39 AM
Unknown Object (File)
Sep 8 2024, 9:34 AM
Subscribers

Details

Reviewers
kib
Summary

This saves one issetugid for every exec. Note there is another call coming from something deeper which probably cannot be easily taken care of in the same manner.

Test Plan

Verified with debug printfs that trust is NOT set when running 'su' et al and is set otherwise.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 29518

Event Timeline

libexec/rtld-elf/rtld.c
454

If you allocate one more flag in bsdflags. used to indicate support for BSDF_ISSETUGID, you do not need to rely on osreldate() which is better IMO. Check the new flag, and if set, ELF_BSDF_ISSETUGID presence is equal to trust. Also right now you rely on bsdflags presence, adding that flag would make zero initialization of bsdflags do the right thing.

Another option is to allocate new auxv entry with the value indicating issetugid, but flags are fine since they are already there.

sys/kern/kern_prot.c
1233

!= 0

  • use an extra flag instead of reldate
kib added inline comments.
sys/sys/elf_common.h
1461

_VALID instead of _PASSED ?

This revision is now accepted and ready to land.Feb 21 2020, 12:46 PM
mjg planned changes to this revision.Feb 21 2020, 3:07 PM

Upon further testing this is buggy - sometimes the passed down value disagrees with what the syscall returns later as setugid call on exec happens only after copyout.

In D23779#522553, @mjg wrote:

Upon further testing this is buggy - sometimes the passed down value disagrees with what the syscall returns later as setugid call on exec happens only after copyout.

You should directly pass result of calculation with credential_changing in imgparam.