[Bug dynamic-link/28096] New: elf: audit calls that uses static tls might fail

[Bug dynamic-link/28096] New: elf: audit calls that uses static tls might fail

[adhemerval.zanella at linaro dot org]

https://sourceware.org/bugzilla/show_bug.cgi?id=28096

            Bug ID: 28096
           Summary: elf: audit calls that uses static tls might fail
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: dynamic-link
          Assignee: unassigned at sourceware dot org
          Reporter: adhemerval.zanella at linaro dot org
  Target Milestone: ---

The following test fails when calling la_activity().  It is because the loader
will load the audit.so modules dependencies, the libc.so will initialize its
TLS static code (for the locales support), but after the audit modules loading,
the loader will initialize the TLS bss with _dl_allocate_tls_init().  It will
then clear the already set TLS variables from libc.so used by audit.so. 

$ cat audit.c 
#define _GNU_SOURCE
#include <ctype.h>
#include <link.h>

volatile int out;

unsigned int la_version
(unsigned int v)
{
  return LAV_CURRENT;
}

void la_activity (uintptr_t* cookie, unsigned int flag)
{
  out = isspace(' ');
}

$ cat main.c 
int main (int argc, char *argv[])
{
  return 0;
}
$ gcc -Wall -fpic -shared audit.c -o audit.so 
$ gcc -Wall main.c -o main
$ LD_AUDIT=./audit.so ./main 
Segmentation fault (core dumped)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/28096] elf: audit calls that uses static tls might fail

[adhemerval.zanella at linaro dot org]

https://sourceware.org/bugzilla/show_bug.cgi?id=28096

Adhemerval Zanella <adhemerval.zanella at linaro dot org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|unassigned at sourceware dot org   |adhemerval.zanella at linaro dot o
                   |                            |rg

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug dynamic-link/28096] elf: audit calls that uses static tls might fail

[carlos at redhat dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=28096

Carlos O'Donell <carlos at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
             Status|NEW                         |RESOLVED
   Target Milestone|---                         |2.35
                 CC|                            |carlos at redhat dot com

--- Comment #1 from Carlos O'Donell <carlos at redhat dot com> ---
Fixed in glibc 2.35 with commit 254d3d5aef2fd8430c469e1938209ac100ebf132.

commit 254d3d5aef2fd8430c469e1938209ac100ebf132
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Date:   Mon Jan 24 10:46:16 2022 -0300

    elf: Fix initial-exec TLS access on audit modules (BZ #28096)

    For audit modules and dependencies with initial-exec TLS, we can not
    set the initial TLS image on default loader initialization because it
    would already be set by the audit setup.  However, subsequent thread
    creation would need to follow the default behaviour.

    This patch fixes it by setting l_auditing link_map field not only
    for the audit modules, but also for all its dependencies.  This is
    used on _dl_allocate_tls_init to avoid the static TLS initialization
    at load time.

    Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu.

    Reviewed-by: Carlos O'Donell <carlos@redhat.com>
    Tested-by: Carlos O'Donell <carlos@redhat.com>

-- 
You are receiving this mail because:
You are on the CC list for the bug.