glibc/ld-hwcap-mask-suid.patch

2017-03-07  Siddhesh Poyarekar  <siddhesh@sourceware.org>

	[BZ #21209]
	* elf/rtld.c (process_envvars): Ignore LD_HWCAP_MASK for
	AT_SECURE processes.
	* sysdeps/generic/unsecvars.h: Add LD_HWCAP_MASK.

Index: glibc-2.25/elf/rtld.c
===================================================================
--- glibc-2.25.orig/elf/rtld.c
+++ glibc-2.25/elf/rtld.c
@@ -2450,7 +2450,8 @@ process_envvars (enum mode *modep)
 
 	case 10:
 	  /* Mask for the important hardware capabilities.  */
-	  if (memcmp (envline, "HWCAP_MASK", 10) == 0)
+	  if (!__libc_enable_secure
+	      && memcmp (envline, "HWCAP_MASK", 10) == 0)
 	    GLRO(dl_hwcap_mask) = __strtoul_internal (&envline[11], NULL,
 						      0, 0);
 	  break;
Index: glibc-2.25/sysdeps/generic/unsecvars.h
===================================================================
--- glibc-2.25.orig/sysdeps/generic/unsecvars.h
+++ glibc-2.25/sysdeps/generic/unsecvars.h
@@ -16,6 +16,7 @@
   "LD_DEBUG\0"								      \
   "LD_DEBUG_OUTPUT\0"							      \
   "LD_DYNAMIC_WEAK\0"							      \
+  "LD_HWCAP_MASK\0"							      \
   "LD_LIBRARY_PATH\0"							      \
   "LD_ORIGIN_PATH\0"							      \
   "LD_PRELOAD\0"							      \