diff --git a/sbin/ldconfig/elfhints.c b/sbin/ldconfig/elfhints.c index 72b9273ab93a..d6ee5e0918d6 100644 --- a/sbin/ldconfig/elfhints.c +++ b/sbin/ldconfig/elfhints.c @@ -1,301 +1,319 @@ /*- * SPDX-License-Identifier: BSD-2-Clause * * Copyright (c) 1998 John D. Polstra * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include +#include #include #include #include #include #include #include #include #include #include #include #include #include #include "ldconfig.h" #define MAXDIRS 1024 /* Maximum directories in path */ #define MAXFILESIZE (16*1024) /* Maximum hints file size */ static void add_dir(const char *, const char *, bool); static void read_dirs_from_file(const char *, const char *); -static void read_elf_hints(const char *, bool); +static void read_elf_hints(const char *, bool, bool); static void write_elf_hints(const char *); static const char *dirs[MAXDIRS]; static int ndirs; +static bool is_be; bool insecure; static void add_dir(const char *hintsfile, const char *name, bool trusted) { struct stat stbuf; int i; /* Do some security checks */ if (!trusted && !insecure) { if (stat(name, &stbuf) == -1) { warn("%s", name); return; } if (stbuf.st_uid != 0) { warnx("%s: ignoring directory not owned by root", name); return; } if ((stbuf.st_mode & S_IWOTH) != 0) { warnx("%s: ignoring world-writable directory", name); return; } if ((stbuf.st_mode & S_IWGRP) != 0) { warnx("%s: ignoring group-writable directory", name); return; } } for (i = 0; i < ndirs; i++) if (strcmp(dirs[i], name) == 0) return; if (ndirs >= MAXDIRS) errx(1, "\"%s\": Too many directories in path", hintsfile); dirs[ndirs++] = name; } void list_elf_hints(const char *hintsfile) { int i; int nlibs; - read_elf_hints(hintsfile, 1); + read_elf_hints(hintsfile, true, false); printf("%s:\n", hintsfile); printf("\tsearch directories:"); for (i = 0; i < ndirs; i++) printf("%c%s", i == 0 ? ' ' : ':', dirs[i]); printf("\n"); nlibs = 0; for (i = 0; i < ndirs; i++) { DIR *dirp; struct dirent *dp; if ((dirp = opendir(dirs[i])) == NULL) continue; while ((dp = readdir(dirp)) != NULL) { int len; int namelen; const char *name; const char *vers; /* Name can't be shorter than "libx.so.0" */ if ((len = strlen(dp->d_name)) < 9 || strncmp(dp->d_name, "lib", 3) != 0) continue; name = dp->d_name + 3; vers = dp->d_name + len; while (vers > dp->d_name && isdigit(*(vers-1))) vers--; if (vers == dp->d_name + len) continue; if (vers < dp->d_name + 4 || strncmp(vers - 4, ".so.", 4) != 0) continue; /* We have a valid shared library name. */ namelen = (vers - 4) - name; printf("\t%d:-l%.*s.%s => %s/%s\n", nlibs, namelen, name, vers, dirs[i], dp->d_name); nlibs++; } closedir(dirp); } } static void read_dirs_from_file(const char *hintsfile, const char *listfile) { FILE *fp; char buf[MAXPATHLEN]; int linenum; if ((fp = fopen(listfile, "r")) == NULL) err(1, "%s", listfile); linenum = 0; while (fgets(buf, sizeof buf, fp) != NULL) { char *cp, *sp; linenum++; cp = buf; /* Skip leading white space. */ while (isspace(*cp)) cp++; if (*cp == '#' || *cp == '\0') continue; sp = cp; /* Advance over the directory name. */ while (!isspace(*cp) && *cp != '\0') cp++; /* Terminate the string and skip trailing white space. */ if (*cp != '\0') { *cp++ = '\0'; while (isspace(*cp)) cp++; } /* Now we had better be at the end of the line. */ if (*cp != '\0') warnx("%s:%d: trailing characters ignored", listfile, linenum); if ((sp = strdup(sp)) == NULL) errx(1, "Out of memory"); add_dir(hintsfile, sp, 0); } fclose(fp); } +/* Convert between native byte order and forced little resp. big endian. */ +#define COND_SWAP(n) (is_be ? be32toh(n) : le32toh(n)) + static void -read_elf_hints(const char *hintsfile, bool must_exist) +read_elf_hints(const char *hintsfile, bool must_exist, bool force_be) { int fd; struct stat s; void *mapbase; struct elfhints_hdr *hdr; char *strtab; char *dirlist; char *p; + int hdr_version; if ((fd = open(hintsfile, O_RDONLY)) == -1) { if (errno == ENOENT && !must_exist) return; err(1, "Cannot open \"%s\"", hintsfile); } if (fstat(fd, &s) == -1) err(1, "Cannot stat \"%s\"", hintsfile); if (s.st_size > MAXFILESIZE) errx(1, "\"%s\" is unreasonably large", hintsfile); /* * We use a read-write, private mapping so that we can null-terminate * some strings in it without affecting the underlying file. */ mapbase = mmap(NULL, s.st_size, PROT_READ|PROT_WRITE, MAP_PRIVATE, fd, 0); if (mapbase == MAP_FAILED) err(1, "Cannot mmap \"%s\"", hintsfile); close(fd); hdr = (struct elfhints_hdr *)mapbase; - if (hdr->magic != ELFHINTS_MAGIC) + is_be = be32toh(hdr->magic) == ELFHINTS_MAGIC; + if (COND_SWAP(hdr->magic) != ELFHINTS_MAGIC) errx(1, "\"%s\": invalid file format", hintsfile); - if (hdr->version != 1) + if (force_be && !is_be) + errx(1, "\"%s\": incompatible endianness requested", hintsfile); + hdr_version = COND_SWAP(hdr->version); + if (hdr_version != 1) errx(1, "\"%s\": unrecognized file version (%d)", hintsfile, - hdr->version); + hdr_version); - strtab = (char *)mapbase + hdr->strtab; - dirlist = strtab + hdr->dirlist; + strtab = (char *)mapbase + COND_SWAP(hdr->strtab); + dirlist = strtab + COND_SWAP(hdr->dirlist); if (*dirlist != '\0') while ((p = strsep(&dirlist, ":")) != NULL) add_dir(hintsfile, p, 1); } void -update_elf_hints(const char *hintsfile, int argc, char **argv, bool merge) +update_elf_hints(const char *hintsfile, int argc, char **argv, bool merge, + bool force_be) { struct stat s; int i; + /* + * Remove "be32toh(1) == 1" from this condition to create + * little-endian hints files on all architectures by default. + */ + is_be = be32toh(1) == 1 || force_be; if (merge) - read_elf_hints(hintsfile, false); + read_elf_hints(hintsfile, false, force_be); for (i = 0; i < argc; i++) { if (stat(argv[i], &s) == -1) warn("warning: %s", argv[i]); else if (S_ISREG(s.st_mode)) read_dirs_from_file(hintsfile, argv[i]); else add_dir(hintsfile, argv[i], 0); } write_elf_hints(hintsfile); } static void write_elf_hints(const char *hintsfile) { struct elfhints_hdr hdr; char *tempname; int fd; FILE *fp; int i; if (asprintf(&tempname, "%s.XXXXXX", hintsfile) == -1) errx(1, "Out of memory"); if ((fd = mkstemp(tempname)) == -1) err(1, "mkstemp(%s)", tempname); if (fchmod(fd, 0444) == -1) err(1, "fchmod(%s)", tempname); if ((fp = fdopen(fd, "wb")) == NULL) err(1, "fdopen(%s)", tempname); - hdr.magic = ELFHINTS_MAGIC; - hdr.version = 1; - hdr.strtab = sizeof hdr; + hdr.magic = COND_SWAP(ELFHINTS_MAGIC); + hdr.version = COND_SWAP(1); + hdr.strtab = COND_SWAP(sizeof hdr); hdr.strsize = 0; hdr.dirlist = 0; memset(hdr.spare, 0, sizeof hdr.spare); /* Count up the size of the string table. */ if (ndirs > 0) { hdr.strsize += strlen(dirs[0]); for (i = 1; i < ndirs; i++) hdr.strsize += 1 + strlen(dirs[i]); } - hdr.dirlistlen = hdr.strsize; + hdr.dirlistlen = COND_SWAP(hdr.strsize); hdr.strsize++; /* For the null terminator */ + /* convert in-place from native to target endianness */ + hdr.strsize = COND_SWAP(hdr.strsize); /* Write the header. */ if (fwrite(&hdr, 1, sizeof hdr, fp) != sizeof hdr) err(1, "%s: write error", tempname); /* Write the strings. */ if (ndirs > 0) { if (fputs(dirs[0], fp) == EOF) err(1, "%s: write error", tempname); for (i = 1; i < ndirs; i++) if (fprintf(fp, ":%s", dirs[i]) < 0) err(1, "%s: write error", tempname); } if (putc('\0', fp) == EOF || fclose(fp) == EOF) err(1, "%s: write error", tempname); if (rename(tempname, hintsfile) == -1) err(1, "rename %s to %s", tempname, hintsfile); free(tempname); } diff --git a/sbin/ldconfig/ldconfig.8 b/sbin/ldconfig/ldconfig.8 index 47e0dfa99b50..88d99567912e 100644 --- a/sbin/ldconfig/ldconfig.8 +++ b/sbin/ldconfig/ldconfig.8 @@ -1,173 +1,178 @@ .\" .\" Copyright (c) 1993 Paul Kranenburg .\" All rights reserved. .\" Copyright (c) 2021 The FreeBSD Foundation, Inc. .\" .\" Portions of this documentation were written by .\" Konstantin Belousov under sponsorship .\" from the FreeBSD Foundation. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. All advertising materials mentioning features or use of this software .\" must display the following acknowledgement: .\" This product includes software developed by Paul Kranenburg. .\" 3. The name of the author may not be used to endorse or promote products .\" derived from this software without specific prior written permission .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd May 15, 2021 +.Dd February 28, 2024 .Dt LDCONFIG 8 .Os .Sh NAME .Nm ldconfig .Nd configure the dynamic linker search path for shared libraries .Sh SYNOPSIS .Nm .Op Fl 32 -.Op Fl Rimrv +.Op Fl BRimrv .Op Fl f Ar hints_file .Op Ar directory | Ar .Sh DESCRIPTION .Nm utility is used to configure the set of paths used by the dynamic linker .Xr ld-elf.so.1 1 when searching for shared libraries. The dynamic linker looks for libraries in a set of built-in system directories and any directories specified in the hints file. This obviates the need for storing search paths within the executable, see the .Fl rpath option for the static linker .Xr ld 1 . .Pp The hints file is maintained by .Nm . The .Ar directories list to be stored in the hints file is supplied on the command line. .Pp Alternatively to the .Ar directories list on the command line, .Ar files may be specified; these are expected to contain directories to scan for shared libraries. Each directory's pathname must start on a new line. Blank lines and lines starting with the comment character .Ql \&# are ignored. .Pp For security reasons, directories which are world or group-writable or which are not owned by root produce warning messages and are skipped, unless the .Fl i option is present. .Pp The .Ev LD_LIBRARY_PATH environment variable can be used to specify additional shared library search directories. .Ev LD_LIBRARY_PATH is a .Sq \&: separated list of directory paths which are searched by the dynamic linker when it needs to load a shared library. It can be viewed as the run-time equivalent of the .Fl L switch of .Xr ld 1 . .Pp The following options are recognized by .Nm : .Bl -tag -width indent .It Fl 32 Generate the hints for 32-bit ABI shared libraries on 64-bit systems that support running 32-bit binaries. .It Fl elf Ignored for backwards compatibility. +.It Fl B +Force writing big-endian binary data´to the hints file. +The default is to create little-endian hints files on all architectures. +Reading of and merging into hints files preserves the endianness of the +existing hints file. .It Fl R Appends pathnames on the command line to the directory list from the hints file. .Pp This is the default action when no options are given. .It Fl f Ar hints_file Read and/or update the specified hints file, instead of the standard file. This option is provided primarily for testing. .It Fl i Run in insecure mode. The security checks will not be performed. .It Fl m Instead of replacing the list of the directories to search with the directories specified on the command line, merge existing list with the specified directories, and write the result to the hints file. .It Fl r List the current list of the directories from the hints file on the standard output. The hints file is not modified. .Pp Scan and print all libraries found on the directories list. .It Fl v Switch on verbose mode. .El .Sh SECURITY Special care must be taken when loading shared libraries into the address space of .Ev set-user-Id programs. Whenever such a program is run by any user except the owner of the program, the dynamic linker will only load shared libraries from paths found in the hints file. In particular, the .Ev LD_LIBRARY_PATH is not used to search for libraries. Thus, .Nm serves to specify the trusted collection of directories from which shared objects can be safely loaded. .Sh FILES .Bl -tag -width /var/run/ld-elf.so.hintsxxx -compact .It Pa /var/run/ld-elf.so.hints Standard hints file for the ELF dynamic linker. .It Pa /etc/ld-elf.so.conf Conventional configuration file containing directory names for invocations with .Fl elf . .It Pa /var/run/ld-elf32.so.hints Conventional configuration files containing directory names for invocations with .Fl 32 . .El .Sh SEE ALSO .Xr ld 1 , -.Xr ld-elf.so.1 , +.Xr ld-elf.so.1 1 , .Xr link 5 .Sh HISTORY A .Nm utility first appeared in SunOS 4.0, it appeared in its current form in .Fx 1.1 . .Pp The name 'hints file' is historic from the times when the file also contained hints to the dynamic linker. This functionality is not provided for ELF. diff --git a/sbin/ldconfig/ldconfig.c b/sbin/ldconfig/ldconfig.c index 2f5cdbd6505e..0eb9cb801ac2 100644 --- a/sbin/ldconfig/ldconfig.c +++ b/sbin/ldconfig/ldconfig.c @@ -1,130 +1,133 @@ /*- * SPDX-License-Identifier: BSD-4-Clause * * Copyright (c) 1993,1995 Paul Kranenburg * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by Paul Kranenburg. * 4. The name of the author may not be used to endorse or promote products * derived from this software without specific prior written permission * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "ldconfig.h" #include "rtld_paths.h" static void usage(void) __dead2; int main(int argc, char **argv) { const char *hints_file; int c; - bool is_32, justread, merge, rescan, verbose; + bool is_32, justread, merge, rescan, force_be, verbose; - is_32 = justread = merge = rescan = verbose = false; + force_be = is_32 = justread = merge = rescan = verbose = false; while (argc > 1) { if (strcmp(argv[1], "-aout") == 0) { errx(1, "aout is not supported"); } else if (strcmp(argv[1], "-elf") == 0) { argc--; argv++; } else if (strcmp(argv[1], "-32") == 0) { is_32 = true; argc--; argv++; } else { break; } } if (is_32) hints_file = __PATH_ELF_HINTS("32"); else hints_file = _PATH_ELF_HINTS; - while((c = getopt(argc, argv, "Rf:imrsv")) != -1) { + while((c = getopt(argc, argv, "BRf:imrsv")) != -1) { switch (c) { + case 'B': + force_be = true; + break; case 'R': rescan = true; break; case 'f': hints_file = optarg; break; case 'i': insecure = true; break; case 'm': merge = true; break; case 'r': justread = true; break; case 's': /* was nostd */ break; case 'v': verbose = true; break; default: usage(); break; } } if (justread) { list_elf_hints(hints_file); } else { if (argc == optind) rescan = true; update_elf_hints(hints_file, argc - optind, - argv + optind, merge || rescan); + argv + optind, merge || rescan, force_be); } exit(0); } static void usage(void) { fprintf(stderr, - "usage: ldconfig [-32] [-elf] [-Rimrv] [-f hints_file] " + "usage: ldconfig [-32] [-elf] [-BRimrv] [-f hints_file]" "[directory | file ...]\n"); exit(1); } diff --git a/sbin/ldconfig/ldconfig.h b/sbin/ldconfig/ldconfig.h index e03ba928be7d..aa7ad810bacd 100644 --- a/sbin/ldconfig/ldconfig.h +++ b/sbin/ldconfig/ldconfig.h @@ -1,42 +1,42 @@ /*- * SPDX-License-Identifier: BSD-2-Clause * * Copyright (c) 1998 John D. Polstra * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef LDCONFIG_H #define LDCONFIG_H 1 #include #include extern bool insecure; /* -i flag, needed here for elfhints.c */ __BEGIN_DECLS void list_elf_hints(const char *); -void update_elf_hints(const char *, int, char **, bool); +void update_elf_hints(const char *, int, char **, bool, bool); __END_DECLS #endif