From owner-freebsd-current@FreeBSD.ORG Mon Jul 29 15:55:42 2013 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 305A97BB; Mon, 29 Jul 2013 15:55:42 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: from mail-qc0-x229.google.com (mail-qc0-x229.google.com [IPv6:2607:f8b0:400d:c01::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D254B2EC4; Mon, 29 Jul 2013 15:55:41 +0000 (UTC) Received: by mail-qc0-f169.google.com with SMTP id c10so3001872qcz.28 for ; Mon, 29 Jul 2013 08:55:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=VaDfdswBDcll70hbo8ciVHWCsJZhHa46JZyrOgu7pQU=; b=CdUDKDHU7x+0dzDAqtOKbLw+vAeDalnQpylFProQw4w64m0vqQWYS+CR7dWIO+evlT mF//QtaEXLmiedA7r3Dh7HHmurUcj9JEfFzkwV1vOmApNT/wymsVrqwU7kYETa9N5YT9 WQDj/r7rLT9xwdybhcKDGSBURtqbDMNGs9qJqsB7HzKVFU3wWIAvy8BWwUy/RRjRhPIB OxL7iuueV+1CwbjnMyKu/kq/0NMqmzxOHleiGegJWG1oivmdP5btNlt9GrQOKD9J4ygk uFJ/Cah71XppgrPGMrdAwsNvu5BM5sRJvGXbnHUmyzAeu9O9jzpeuMHCZussZb7zXonw j2xw== X-Received: by 10.224.112.134 with SMTP id w6mr52650257qap.24.1375113340658; Mon, 29 Jul 2013 08:55:40 -0700 (PDT) Received: from charmander (mail1.sandvine.com. [64.7.137.162]) by mx.google.com with ESMTPSA id y1sm12439312qaj.2.2013.07.29.08.55.39 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 29 Jul 2013 08:55:39 -0700 (PDT) Sender: Mark Johnston Date: Mon, 29 Jul 2013 11:56:25 -0400 From: Mark Johnston To: Mateusz Guzik , Julian Elischer , Gennady Proskurin , freebsd-current@freebsd.org Subject: Re: ldd runs linux programs Message-ID: <20130729155625.GA2544@charmander> References: <20130728193110.GB17514@gpr.nnz-home.ru> <20130728204958.GA32322@dft-labs.eu> <51F5D491.1080803@freebsd.org> <20130729081254.GB32322@dft-labs.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20130729081254.GB32322@dft-labs.eu> User-Agent: Mutt/1.5.21 (2010-09-15) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 15:55:42 -0000 On Mon, Jul 29, 2013 at 10:12:54AM +0200, Mateusz Guzik wrote: > On Mon, Jul 29, 2013 at 10:33:53AM +0800, Julian Elischer wrote: > > On 7/29/13 4:49 AM, Mateusz Guzik wrote: > > >On Sun, Jul 28, 2013 at 11:31:10PM +0400, Gennady Proskurin wrote: > > >>Hello. > > >>When linux binary is passed to FreeBSD's ldd as argument, this binary is executed. > > >>I'm sure this is bug :) > > >>(with security involved) > > >> > > >I have a patch for this, but never got around to commit it. > > > > > >http://people.freebsd.org/~mjg/patches/ldd-non-freebsd-ignore.diff > > > > > >If someone wants, go ahead and steal it. > > > > > For those of us that are not ldd experts, why does this happen, > > what's the history and > > what happends on Linux? > > I vagualy remember that linux may somehow execute something in this > > case but my memory is very vague on the topic. > > right, sorry. > > Short version is that both FreeBSD and Linux ldd set > LD_TRACE_LOADED_OBJECTS environment variable and run the binary > expecting runtime linker to act accordingly. > > However, FreeBSD sets LD*32*_TRACE_LOADED_OBJECTS for 32-bit binaries, > thus Linux linker just proceeds with execution. > > Looks like we have several PRs related to this, notably > http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/127276 . > > and looks like markj (cc-ed) took another PR, someone should clean this > up. > > 127276 suggests running the binary as is (which I don't like) and > achieves this with a hacky way. So if we really want to do this, the > patch should be reworked to detect Linux binaries properly. > > In general we should gain linux_ldd (like linux_kdump) and our ldd > should work only on FreeBSD binaries. The last part is achieved with my > patch. > > markj, are you working on this? Not really; my original fix for this problem was essentially the same as yours. That is, just change ldd(1) to bail if the OS ABI byte isn't equal to ELFOSABI_FREEBSD. That's the change I have committed in my local tree right now. Then I thought I'd try to get ldd to work properly with Linux binaries as well, but wasn't sure what the right approach should be. As the above PR suggests, the easy thing to do is to just pass LD_TRACE_LOADED_OBJECTS and not LD_32_TRACE_LOADED_OBJECTS for 32-bit ELF objects if the OS isn't FreeBSD. This feels somewhat hacky to me, but I didn't really see another approach. That said, I think your patch should be committed since it's clearly an improvement over the current behaviour. I'm willing to test and commit it, and clean up the open PRs. If you could expand on the right way to handle Linux binaries, I'd be willing to implement and commit that too. I don't quite understand your reference to linux_kdump though - I have no such program on my laptop running CURRENT, and ktrace+kdump seem to work fine with the Linux binaries under /compat/linux. Thanks, -Mark