From owner-dev-commits-src-main@freebsd.org Wed Jun 2 21:56:04 2021 Return-Path: Delivered-To: dev-commits-src-main@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 12F5464C706; Wed, 2 Jun 2021 21:56:04 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FwNBq3sYxz4rkN; Wed, 2 Jun 2021 21:56:02 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.16.1/8.16.1) with ESMTPS id 152LtlMM045720 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Thu, 3 Jun 2021 00:55:50 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua 152LtlMM045720 Received: (from kostik@localhost) by tom.home (8.16.1/8.16.1/Submit) id 152Ltl6r045719; Thu, 3 Jun 2021 00:55:47 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Thu, 3 Jun 2021 00:55:47 +0300 From: Konstantin Belousov To: Alexander Richardson Cc: src-committers , "" , dev-commits-src-main@freebsd.org Subject: Re: git: d81f999ac223 - main - rtld direct exec: add option to ignore LD_ variables Message-ID: References: <202105291459.14TExadZ056959@gitrepo.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FORGED_GMAIL_RCVD,FREEMAIL_FROM, NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.5 X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20) on tom.home X-Rspamd-Queue-Id: 4FwNBq3sYxz4rkN X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: dev-commits-src-main@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for the main branch of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Jun 2021 21:56:04 -0000 On Wed, Jun 02, 2021 at 10:00:13PM +0100, Alexander Richardson wrote: > On Sat, 29 May 2021 at 15:59, Konstantin Belousov wrote: > > > > The branch main has been updated by kib: > > > > URL: https://cgit.FreeBSD.org/src/commit/?id=d81f999ac22342789f2b3e21206d83d410be4df3 > > > > commit d81f999ac22342789f2b3e21206d83d410be4df3 > > Author: Konstantin Belousov > > AuthorDate: 2021-05-28 23:59:07 +0000 > > Commit: Konstantin Belousov > > CommitDate: 2021-05-29 14:59:09 +0000 > > > > rtld direct exec: add option to ignore LD_ variables > > > > Sponsored by: The FreeBSD Foundation > > MFC after: 1 week > > --- > > libexec/rtld-elf/rtld.1 | 10 +++++++++- > > libexec/rtld-elf/rtld.c | 3 +++ > > 2 files changed, 12 insertions(+), 1 deletion(-) > > > > diff --git a/libexec/rtld-elf/rtld.1 b/libexec/rtld-elf/rtld.1 > > index 7f633ce0b486..16466c7a853e 100644 > > --- a/libexec/rtld-elf/rtld.1 > > +++ b/libexec/rtld-elf/rtld.1 > > @@ -28,7 +28,7 @@ > > .\" > > .\" $FreeBSD$ > > .\" > > -.Dd March 24, 2021 > > +.Dd May 29, 2021 > > .Dt RTLD 1 > > .Os > > .Sh NAME > > @@ -131,6 +131,7 @@ all the environment variables listed below, but is being prefixed with > > .Ev LD_32_ , > > for example: > > .Ev LD_32_TRACE_LOADED_OBJECTS . > > +If the activated image is setuid or setgid, the variables are ignored. > > .Bl -tag -width ".Ev LD_LIBMAP_DISABLE" > > .It Ev LD_DUMP_REL_POST > > If set, > > @@ -313,6 +314,8 @@ The syntax of the direct invocation is > > .Op Fl b Ar exe > > .Op Fl f Ar fd > > .Op Fl p > > +.Op Fl t > > +.Op Fl v > > .Op Fl - > > .Pa image_path > > .Op Ar image arguments > > @@ -353,6 +356,11 @@ character, > > uses the search path provided by the environment variable > > .Dv PATH > > to find the binary to execute. > > +.It Fl t > > +Ignore all > > +.Ev LD_ > > +environment variables that otherwise affect the dynamic > > +linker behavior. > > .It Fl v > > Display information about this run-time linker binary, then exit. > > .It Fl - > > diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c > > index 75c502e8cc85..a517de83b8f5 100644 > > --- a/libexec/rtld-elf/rtld.c > > +++ b/libexec/rtld-elf/rtld.c > > @@ -5793,6 +5793,8 @@ parse_args(char* argv[], int argc, bool *use_pathp, int *fdp, > > break; > > } else if (opt == 'p') { > > *use_pathp = true; > > + } else if (opt == 't') { > > + trust = false; > > Hi, > > In CheriBSD I used the -t flag to set ld_tracing = "yes" (we used this > in ldd). I've been meaning to submit this as a review, but haven't got > around to it yet. How do you feel about using "-u" for "untrusted" or > "-i" for "ignore" here instead of "-t"? I am fine with renaming it to -u. I will do it slightly later.