On Sun, Nov 13, 2016 at 08:02:41PM +0100, Martin Jambor wrote:
> @@ -143,6 +240,12 @@ init_enviroment_variables (void)
> suppress_host_fallback = true;
> else
> suppress_host_fallback = false;
> +
> + hsa_runtime_lib = getenv ("HSA_RUNTIME_LIB");
> + if (hsa_runtime_lib == NULL)
> + hsa_runtime_lib = HSA_RUNTIME_LIB "libhsa-runtime64.so";
libgomp is very much env var driven, but the above one is IMHO just
too dangerous in suid/sgid apps, allowing one to select a library
of their own choice to dlopen is an instant exploit possibility,
so such env var should be only considered in non-priviledged processes.
It is possible to try dlopen (hsa_runtime_lib) and if that fails, try
dlopen ("libhsa-runtime64.so"), where it would search the library only
in the system paths (note, the dynamic linker handles LD_LIBRARY_PATH,
LD_PRELOAD etc. safely in priviledges processes).
So I'd recommend to use secure_getenv instead. E.g. see how libgfortran
checks for it in configure and even provides a fallback version for it.
In the HSA plugin case, I think the fallback should be static function
in the plugin.
Otherwise it looks reasonable, thanks for working on that.
Jakub
