From nobody Sat Nov 06 04:40:28 2021 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 00F7A183ADF1; Sat, 6 Nov 2021 04:40:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4HmPnT1Sd1z3GQ5; Sat, 6 Nov 2021 04:40:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1055424EEC; Sat, 6 Nov 2021 04:40:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1A64eSa3059887; Sat, 6 Nov 2021 04:40:28 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1A64eSK1059886; Sat, 6 Nov 2021 04:40:28 GMT (envelope-from git) Date: Sat, 6 Nov 2021 04:40:28 GMT Message-Id: <202111060440.1A64eSK1059886@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: c5637b8be8a5 - main - rtld: ignore fstatfs(2) errors when checking MNT_NOEXEC flag List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c5637b8be8a5b6aaf663a58b0027f7f924d78b04 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=c5637b8be8a5b6aaf663a58b0027f7f924d78b04 commit c5637b8be8a5b6aaf663a58b0027f7f924d78b04 Author: Konstantin Belousov AuthorDate: 2021-11-06 03:06:34 +0000 Commit: Konstantin Belousov CommitDate: 2021-11-06 04:40:17 +0000 rtld: ignore fstatfs(2) errors when checking MNT_NOEXEC flag File descriptor we operate on might reference something that is not a file, e.g. shmfd. In this case, we cannot check MNT_NOEXEC in principle. If fstatfs(2) caused some failure on normal filesystem, then typical expectation is that read or mmap of this file would also fail. If not, mmap(2) PROT_EXEC on MNT_NOEXEC filesystem returns EACCES. Reported by: obiwac@gmail.com Sponsored by: The FreeBSD Foundation MFC after: 1 week --- libexec/rtld-elf/rtld.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c index 5a8e4f6bbc96..db89a878c5f9 100644 --- a/libexec/rtld-elf/rtld.c +++ b/libexec/rtld-elf/rtld.c @@ -2773,19 +2773,17 @@ do_load_object(int fd, const char *name, char *path, struct stat *sbp, struct statfs fs; /* - * but first, make sure that environment variables haven't been + * First, make sure that environment variables haven't been * used to circumvent the noexec flag on a filesystem. + * We ignore fstatfs(2) failures, since fd might reference + * not a file, e.g. shmfd. */ - if (dangerous_ld_env) { - if (fstatfs(fd, &fs) != 0) { - _rtld_error("Cannot fstatfs \"%s\"", printable_path(path)); - return NULL; - } - if (fs.f_flags & MNT_NOEXEC) { + if (dangerous_ld_env && fstatfs(fd, &fs) == 0 && + (fs.f_flags & MNT_NOEXEC) != 0) { _rtld_error("Cannot execute objects on %s", fs.f_mntonname); - return NULL; - } + return (NULL); } + dbg("loading \"%s\"", printable_path(path)); obj = map_object(fd, printable_path(path), sbp); if (obj == NULL)