file: Disable all hardening checks for Relocatable Objects

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/libpakfire/file.c b/src/libpakfire/file.c
index 20df1dc988f5b64aea552506c42832546cbb9218..f917e7b932ee13ccd3e00800981f964d2d6d675b 100644 (file)
--- a/src/libpakfire/file.c
+++ b/src/libpakfire/file.c
@@ -1615,6 +1615,33 @@ ERROR:
        return r;
 }
 
+static int __pakfire_file_get_elf_type(struct pakfire_file* file, Elf* elf, void* data) {
+       int* type = (int*)data;
+       GElf_Ehdr ehdr;
+
+       // Fetch the ELF header
+       if (!gelf_getehdr(elf, &ehdr)) {
+               ERROR(file->pakfire, "Could not parse ELF header: %s\n", elf_errmsg(-1));
+               return 1;
+       }
+
+       // Store the type
+       *type = ehdr.e_type;
+
+       return 0;
+}
+
+static int pakfire_file_get_elf_type(struct pakfire_file* file) {
+       int type = ET_NONE;
+       int r;
+
+       r = pakfire_file_open_elf(file, __pakfire_file_get_elf_type, &type);
+       if (r)
+               return -1;
+
+       return type;
+}
+
 static int __pakfire_file_is_stripped(struct pakfire_file* file, Elf* elf, void* data) {
        Elf_Scn* section = NULL;
        GElf_Shdr shdr;
@@ -1648,6 +1675,16 @@ int pakfire_file_is_stripped(struct pakfire_file* file) {
                return -1;
        }
 
+       switch (pakfire_file_get_elf_type(file)) {
+               // Do not check Relocatable Objects
+               case ET_REL:
+                       return 0;
+
+               // Check everything else
+               default:
+                       break;
+       }
+
        return pakfire_file_open_elf(file, __pakfire_file_is_stripped, NULL);
 }
 
@@ -1719,33 +1756,16 @@ static int pakfire_file_hardening_check_ssp(struct pakfire_file* file) {
        return pakfire_file_open_elf(file, __pakfire_file_hardening_check_ssp, NULL);
 }
 
-static int __pakfire_file_hardening_check_pie(
-               struct pakfire_file* file, Elf* elf, void* data) {
-       GElf_Ehdr eheader;
-
-       // Fetch the ELF header
-       if (!gelf_getehdr(elf, &eheader)) {
-               ERROR(file->pakfire, "Could not parse ELF header: %s\n", elf_errmsg(-1));
-               return 1;
-       }
-
-       // Check for the correct header type
-       switch (eheader.e_type) {
-               // Dynamic Objects are good
+static int pakfire_file_hardening_check_pie(struct pakfire_file* file) {
+       switch (pakfire_file_get_elf_type(file)) {
+               // Shared Object files are good
                case ET_DYN:
-                       break;
+                       return 0;
 
-               // Anything else is bad
+               // Everything else is bad
                default:
-                       file->hardening_issues |= PAKFIRE_FILE_NO_PIE;
-                       break;
+                       return 1;
        }
-
-       return 0;
-}
-
-static int pakfire_file_hardening_check_pie(struct pakfire_file* file) {
-       return pakfire_file_open_elf(file, __pakfire_file_hardening_check_pie, NULL);
 }
 
 static int __pakfire_file_hardening_check_execstack(
@@ -1846,6 +1866,16 @@ int pakfire_file_check_hardening(struct pakfire_file* file, int* issues) {
 
        // Return previous result if this has been run before
        if (!file->hardening_check_done) {
+               switch (pakfire_file_get_elf_type(file)) {
+                       // Do not check Relocatable Objects
+                       case ET_REL:
+                               goto DONE;
+
+                       // Check everything else
+                       default:
+                               break;
+               }
+
                // Check for SSP
                r = pakfire_file_hardening_check_ssp(file);
                if (r)
@@ -1866,6 +1896,7 @@ int pakfire_file_check_hardening(struct pakfire_file* file, int* issues) {
                if (r)
                        return r;
 
+DONE:
                // All checks done
                file->hardening_check_done = 1;
        }