elf/tst-env-setuid.c

   1 /* Copyright (C) 2012-2023 Free Software Foundation, Inc.
   2    This file is part of the GNU C Library.
   3
   4    The GNU C Library is free software; you can redistribute it and/or
   5    modify it under the terms of the GNU Lesser General Public
   6    License as published by the Free Software Foundation; either
   7    version 2.1 of the License, or (at your option) any later version.
   8
   9    The GNU C Library is distributed in the hope that it will be useful,
  10    but WITHOUT ANY WARRANTY; without even the implied warranty of
  11    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12    Lesser General Public License for more details.
  13
  14    You should have received a copy of the GNU Lesser General Public
  15    License along with the GNU C Library; if not, see
  16    <https://www.gnu.org/licenses/>.  */
  17
  18 /* Verify that correctly filter out unsafe environment variables defined
  19    in unsecvars.h.  */
  20
  21 #include <array_length.h>
  22 #include <gnu/lib-names.h>
  23 #include <stdio.h>
  24 #include <stdlib.h>
  25 #include <string.h>
  26 #include <unistd.h>
  27
  28 #include <support/check.h>
  29 #include <support/support.h>
  30 #include <support/test-driver.h>
  31 #include <support/capture_subprocess.h>
  32
  33 static char SETGID_CHILD[] = "setgid-child";
  34
  35 #define FILTERED_VALUE   "some-filtered-value"
  36 #define UNFILTERED_VALUE "some-unfiltered-value"
  37 /* It assumes no other programs is being profile with a library with same
  38    SONAME using the default folder.  */
  39 #define PROFILE_LIB      "tst-sonamemove-runmod2.so"
  40
  41 struct envvar_t
  42 {
  43   const char *env;
  44   const char *value;
  45 };
  46
  47 /* That is not an extensible list of all filtered out environment
  48    variables.  */
  49 static const struct envvar_t filtered_envvars[] =
  50 {
  51   { "GLIBC_TUNABLES",          FILTERED_VALUE },
  52   { "LD_AUDIT",                FILTERED_VALUE },
  53   { "LD_HWCAP_MASK",           FILTERED_VALUE },
  54   { "LD_LIBRARY_PATH",         FILTERED_VALUE },
  55   { "LD_PRELOAD",              FILTERED_VALUE },
  56   { "LD_PROFILE",              "tst-sonamemove-runmod2.so" },
  57   { "MALLOC_ARENA_MAX",        FILTERED_VALUE },
  58   { "MALLOC_PERTURB_",         FILTERED_VALUE },
  59   { "MALLOC_TRACE",            FILTERED_VALUE },
  60   { "MALLOC_TRIM_THRESHOLD_",  FILTERED_VALUE },
  61   { "RES_OPTIONS",             FILTERED_VALUE },
  62 };
  63
  64 static const struct envvar_t unfiltered_envvars[] =
  65 {
  66   { "LD_BIND_NOW",             "0" },
  67   { "LD_BIND_NOT",             "1" },
  68   /* Non longer supported option.  */
  69   { "LD_ASSUME_KERNEL",        UNFILTERED_VALUE },
  70 };
  71
  72 static int
  73 test_child (void)
  74 {
  75   int ret = 0;
  76
  77   for (const struct envvar_t *e = filtered_envvars;
  78        e != array_end (filtered_envvars);
  79        e++)
  80     {
  81       const char *env = getenv (e->env);
  82       ret |= env != NULL;
  83     }
  84
  85   for (const struct envvar_t *e = unfiltered_envvars;
  86        e != array_end (unfiltered_envvars);
  87        e++)
  88     {
  89       const char *env = getenv (e->env);
  90       ret |= !(env != NULL && strcmp (env, e->value) == 0);
  91     }
  92
  93   /* Also check if no profile file was created.  */
  94   {
  95     char *profilepath = xasprintf ("/var/tmp/%s.profile", PROFILE_LIB);
  96     ret |= !access (profilepath, R_OK);
  97     free (profilepath);
  98   }
  99
 100   return ret;
 101 }
 102
 103 static int
 104 do_test (int argc, char **argv)
 105 {
 106   /* For dynamic loader, the test requires --enable-hardcoded-path-in-tests so
 107      the kernel sets the AT_SECURE on process initialization.  */
 108   if (argc >= 2 && strstr (argv[1], LD_SO) != 0)
 109     FAIL_UNSUPPORTED ("dynamic test requires --enable-hardcoded-path-in-tests");
 110
 111   /* Setgid child process.  */
 112   if (argc == 2 && strcmp (argv[1], SETGID_CHILD) == 0)
 113     {
 114       if (getgid () == getegid ())
 115         /* This can happen if the file system is mounted nosuid.  */
 116         FAIL_UNSUPPORTED ("SGID failed: GID and EGID match (%jd)\n",
 117                           (intmax_t) getgid ());
 118
 119       int ret = test_child ();
 120
 121       if (ret != 0)
 122         exit (1);
 123
 124       /* Special return code to make sure that the child executed all the way
 125          through.  */
 126       exit (42);
 127     }
 128   else
 129     {
 130       for (const struct envvar_t *e = filtered_envvars;
 131            e != array_end (filtered_envvars);
 132            e++)
 133         setenv (e->env, e->value, 1);
 134
 135       for (const struct envvar_t *e = unfiltered_envvars;
 136            e != array_end (unfiltered_envvars);
 137            e++)
 138         setenv (e->env, e->value, 1);
 139
 140       int status = support_capture_subprogram_self_sgid (SETGID_CHILD);
 141
 142       if (WEXITSTATUS (status) == EXIT_UNSUPPORTED)
 143         exit (EXIT_UNSUPPORTED);
 144
 145       if (WEXITSTATUS (status) != 42)
 146         {
 147           printf ("    child failed with status %d\n",
 148                   WEXITSTATUS (status));
 149           support_record_failure ();
 150         }
 151
 152       return 0;
 153     }
 154 }
 155
 156 #define TEST_FUNCTION_ARGV do_test
 157 #include <support/test-driver.c>