1*1cddb830SAndroid Build Coastguard Worker /* 2*1cddb830SAndroid Build Coastguard Worker * Copyright (c) 2016-2019 The Khronos Group Inc. 3*1cddb830SAndroid Build Coastguard Worker * 4*1cddb830SAndroid Build Coastguard Worker * Licensed under the Apache License, Version 2.0 (the "License"); 5*1cddb830SAndroid Build Coastguard Worker * you may not use this file except in compliance with the License. 6*1cddb830SAndroid Build Coastguard Worker * You may obtain a copy of the License at 7*1cddb830SAndroid Build Coastguard Worker * 8*1cddb830SAndroid Build Coastguard Worker * http://www.apache.org/licenses/LICENSE-2.0 9*1cddb830SAndroid Build Coastguard Worker * 10*1cddb830SAndroid Build Coastguard Worker * Unless required by applicable law or agreed to in writing, software 11*1cddb830SAndroid Build Coastguard Worker * distributed under the License is distributed on an "AS IS" BASIS, 12*1cddb830SAndroid Build Coastguard Worker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13*1cddb830SAndroid Build Coastguard Worker * See the License for the specific language governing permissions and 14*1cddb830SAndroid Build Coastguard Worker * limitations under the License. 15*1cddb830SAndroid Build Coastguard Worker * 16*1cddb830SAndroid Build Coastguard Worker * OpenCL is a trademark of Apple Inc. used under license by Khronos. 17*1cddb830SAndroid Build Coastguard Worker */ 18*1cddb830SAndroid Build Coastguard Worker 19*1cddb830SAndroid Build Coastguard Worker // for secure_getenv(): 20*1cddb830SAndroid Build Coastguard Worker #ifndef _GNU_SOURCE 21*1cddb830SAndroid Build Coastguard Worker #define _GNU_SOURCE 22*1cddb830SAndroid Build Coastguard Worker #endif 23*1cddb830SAndroid Build Coastguard Worker 24*1cddb830SAndroid Build Coastguard Worker #include "icd_cmake_config.h" 25*1cddb830SAndroid Build Coastguard Worker 26*1cddb830SAndroid Build Coastguard Worker #include <stdlib.h> 27*1cddb830SAndroid Build Coastguard Worker #include <unistd.h> 28*1cddb830SAndroid Build Coastguard Worker khrIcd_getenv(const char * name)29*1cddb830SAndroid Build Coastguard Workerchar *khrIcd_getenv(const char *name) { 30*1cddb830SAndroid Build Coastguard Worker // No allocation of memory necessary for Linux. 31*1cddb830SAndroid Build Coastguard Worker return getenv(name); 32*1cddb830SAndroid Build Coastguard Worker } 33*1cddb830SAndroid Build Coastguard Worker khrIcd_secure_getenv(const char * name)34*1cddb830SAndroid Build Coastguard Workerchar *khrIcd_secure_getenv(const char *name) { 35*1cddb830SAndroid Build Coastguard Worker #if defined(__APPLE__) 36*1cddb830SAndroid Build Coastguard Worker // Apple does not appear to have a secure getenv implementation. 37*1cddb830SAndroid Build Coastguard Worker // The main difference between secure getenv and getenv is that secure getenv 38*1cddb830SAndroid Build Coastguard Worker // returns NULL if the process is being run with elevated privileges by a normal user. 39*1cddb830SAndroid Build Coastguard Worker // The idea is to prevent the reading of malicious environment variables by a process 40*1cddb830SAndroid Build Coastguard Worker // that can do damage. 41*1cddb830SAndroid Build Coastguard Worker // This algorithm is derived from glibc code that sets an internal 42*1cddb830SAndroid Build Coastguard Worker // variable (__libc_enable_secure) if the process is running under setuid or setgid. 43*1cddb830SAndroid Build Coastguard Worker return geteuid() != getuid() || getegid() != getgid() ? NULL : khrIcd_getenv(name); 44*1cddb830SAndroid Build Coastguard Worker #else 45*1cddb830SAndroid Build Coastguard Worker // Linux 46*1cddb830SAndroid Build Coastguard Worker #ifdef HAVE_SECURE_GETENV 47*1cddb830SAndroid Build Coastguard Worker return secure_getenv(name); 48*1cddb830SAndroid Build Coastguard Worker #elif defined(HAVE___SECURE_GETENV) 49*1cddb830SAndroid Build Coastguard Worker return __secure_getenv(name); 50*1cddb830SAndroid Build Coastguard Worker #else 51*1cddb830SAndroid Build Coastguard Worker #pragma message( \ 52*1cddb830SAndroid Build Coastguard Worker "Warning: Falling back to non-secure getenv for environmental lookups! Consider" \ 53*1cddb830SAndroid Build Coastguard Worker " updating to a different libc.") 54*1cddb830SAndroid Build Coastguard Worker return khrIcd_getenv(name); 55*1cddb830SAndroid Build Coastguard Worker #endif 56*1cddb830SAndroid Build Coastguard Worker #endif 57*1cddb830SAndroid Build Coastguard Worker } 58*1cddb830SAndroid Build Coastguard Worker khrIcd_free_getenv(char * val)59*1cddb830SAndroid Build Coastguard Workervoid khrIcd_free_getenv(char *val) { 60*1cddb830SAndroid Build Coastguard Worker // No freeing of memory necessary for Linux, but we should at least touch 61*1cddb830SAndroid Build Coastguard Worker // val to get rid of compiler warnings. 62*1cddb830SAndroid Build Coastguard Worker (void)val; 63*1cddb830SAndroid Build Coastguard Worker } 64