From: Yonghong Song <yhs@fb.com>
To: Hengqi Chen <hengqi.chen@gmail.com>,
bpf@vger.kernel.org, andrii@kernel.org
Cc: Goro Fuji <goro@fastly.com>
Subject: Re: [PATCH bpf-next] libbpf: Do not require executable permission for shared libraries
Date: Mon, 8 Aug 2022 10:18:06 -0700 [thread overview]
Message-ID: <4d99b1f7-3970-53e4-0d12-c65a0dca7885@fb.com> (raw)
In-Reply-To: <20220806102021.3867130-1-hengqi.chen@gmail.com>
On 8/6/22 3:20 AM, Hengqi Chen wrote:
> Currently, resolve_full_path() requires executable permission for both
> programs and shared libraries. This causes failures on distos like Debian
> since the shared libraries are not installed executable ([0]). Let's remove
> executable permission check for shared libraries.
>
> [0]: https://www.debian.org/doc/debian-policy/
The document is too big. Could you be more specific about
which chapter and copy-paste related statements in the commit message?
>
> Reported-by: Goro Fuji <goro@fastly.com>
> Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com>
> ---
> tools/lib/bpf/libbpf.c | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> index 77e3797cf75a..f0ce7423afb8 100644
> --- a/tools/lib/bpf/libbpf.c
> +++ b/tools/lib/bpf/libbpf.c
> @@ -10666,7 +10666,7 @@ static const char *arch_specific_lib_paths(void)
> static int resolve_full_path(const char *file, char *result, size_t result_sz)
> {
> const char *search_paths[3] = {};
> - int i;
> + int i, perm = R_OK;
>
> if (str_has_sfx(file, ".so") || strstr(file, ".so.")) {
> search_paths[0] = getenv("LD_LIBRARY_PATH");
> @@ -10675,6 +10675,7 @@ static int resolve_full_path(const char *file, char *result, size_t result_sz)
> } else {
> search_paths[0] = getenv("PATH");
> search_paths[1] = "/usr/bin:/usr/sbin";
> + perm |= X_OK;
> }
>
> for (i = 0; i < ARRAY_SIZE(search_paths); i++) {
> @@ -10693,8 +10694,8 @@ static int resolve_full_path(const char *file, char *result, size_t result_sz)
> if (!seg_len)
> continue;
> snprintf(result, result_sz, "%.*s/%s", seg_len, s, file);
> - /* ensure it is an executable file/link */
> - if (access(result, R_OK | X_OK) < 0)
> + /* ensure it has required permissions */
> + if (access(result, perm) < 0)
> continue;
> pr_debug("resolved '%s' to '%s'\n", file, result);
> return 0;
next prev parent reply other threads:[~2022-08-08 17:18 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-06 10:20 [PATCH bpf-next] libbpf: Do not require executable permission for shared libraries Hengqi Chen
2022-08-08 17:18 ` Yonghong Song [this message]
2022-08-08 22:10 ` Andrii Nakryiko
2022-08-08 22:20 ` patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4d99b1f7-3970-53e4-0d12-c65a0dca7885@fb.com \
--to=yhs@fb.com \
--cc=andrii@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=goro@fastly.com \
--cc=hengqi.chen@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox