From d722231bca3ee608f25ebed66c31a590e6d06d7e Mon Sep 17 00:00:00 2001
From: John Baldwin <jhb@FreeBSD.org>
Date: Mon, 5 Feb 2018 23:27:42 +0000
Subject: [PATCH] Always give ELF brands a chance to veto a match.
If a brand provides a header_supported hook, check it when trying to
find a brand based on a matching interpreter as well as in the final
loop for the fallback brand. Previously a brand might reject a binary
via a header_supported hook in one of the earlier loops, but still be
chosen by one of these later loops.
Reviewed by: kib
Obtained from: CheriBSD
MFC after: 2 weeks
Sponsored by: DARPA / AFRL
Differential Revision: https://reviews.freebsd.org/D13945
---
sys/kern/imgact_elf.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c
index 28ebfff62577..bc6aa187387a 100644
--- a/sys/kern/imgact_elf.c
+++ b/sys/kern/imgact_elf.c
@@ -321,7 +321,7 @@ __elfN(get_brandinfo)(struct image_params *imgp, const char *interp,
strcmp((const char *)&hdr->e_ident[OLD_EI_BRAND],
bi->compat_3_brand) == 0))) {
/* Looks good, but give brand a chance to veto */
- if (!bi->header_supported ||
+ if (bi->header_supported == NULL ||
bi->header_supported(imgp)) {
/*
* Again, prefer strictly matching
@@ -369,7 +369,8 @@ __elfN(get_brandinfo)(struct image_params *imgp, const char *interp,
/* ELF image p_filesz includes terminating zero */
strlen(bi->interp_path) + 1 == interp_name_len &&
strncmp(interp, bi->interp_path, interp_name_len)
- == 0)
+ == 0 && (bi->header_supported == NULL ||
+ bi->header_supported(imgp)))
return (bi);
}
}
@@ -381,7 +382,9 @@ __elfN(get_brandinfo)(struct image_params *imgp, const char *interp,
(interp != NULL && (bi->flags & BI_BRAND_ONLY_STATIC) != 0))
continue;
if (hdr->e_machine == bi->machine &&
- __elfN(fallback_brand) == bi->brand)
+ __elfN(fallback_brand) == bi->brand &&
+ (bi->header_supported == NULL ||
+ bi->header_supported(imgp)))
return (bi);
}
return (NULL);