[compiler-rt] [sanitizer] Disable writes to log files for binaries in a secure context. (PR #92593)

[via llvm-commits]

https://github.com/bigb4ng updated https://github.com/llvm/llvm-project/pull/92593

>From eabfad12703841b83b60e2c8e3df201457f479b2 Mon Sep 17 00:00:00 2001
From: bigb4ng <130478744+bigb4ng at users.noreply.github.com>
Date: Fri, 17 May 2024 07:26:39 +0300
Subject: [PATCH] [sanitizer] Disable writes to log files for binaries with
 AT_SECURE.

Fix for https://github.com/google/sanitizers/issues/1130.

An original issue described by Szabolcs Nagy at https://seclists.org/oss-sec/2016/q1/363.
---
 .../lib/sanitizer_common/sanitizer_file.cpp   | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_file.cpp b/compiler-rt/lib/sanitizer_common/sanitizer_file.cpp
index 7ef499ce07b13..bb70143329c4b 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_file.cpp
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_file.cpp
@@ -19,6 +19,13 @@
 
 #include "sanitizer_common.h"
 #include "sanitizer_file.h"
+
+#if SANITIZER_LINUX || (SANITIZER_ANDROID && __ANDROID_API__ >= 18)
+// Android API as per https://developer.android.com/ndk/guides/cpu-features#features_using_libcs_getauxval3
+#  include <sys/auxv.h>
+#  define HAS_GETAUXVAL
+#endif
+
 #  include "sanitizer_interface_internal.h"
 
 namespace __sanitizer {
@@ -104,6 +111,18 @@ void ReportFile::SetReportPath(const char *path) {
     }
   }
 
+#ifdef HAS_GETAUXVAL
+  if (getauxval(AT_SECURE) != 0 && path &&
+      internal_strcmp(path, "stderr") != 0 &&
+      internal_strcmp(path, "stdout") != 0) {
+    Report(
+        "ERROR: log_path must be 'stderr' or 'stdin' for AT_SECURE "
+        "(e.g. setuid binaries), is '%s'\n",
+        path);
+    Die();
+  }
+#endif
+
   SpinMutexLock l(mu);
   if (fd != kStdoutFd && fd != kStderrFd && fd != kInvalidFd)
     CloseFile(fd);