From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <fw@sourceware.org>
Received: by sourceware.org (Postfix, from userid 2178)
	id B081238582B7; Fri, 14 Oct 2022 11:03:12 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org B081238582B7
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1665745393;
	bh=AWCWVraZi+MMz57fm85kppFjRgRfWbBPok7ougUeWB4=;
	h=From:To:Subject:Date:From;
	b=m4pQSYiimVgGVIW4DKU0MppuGy5xJnekTbTOeCH4ydFzDRRqsOISbBSfTxtlv4nIN
	 zsh88y0vt7wz0QA+09+jmwbkJHa9peVQP10TdAI60wyTvHp5hZEzRmplDThL9rDQND
	 63P26MfwT2IRW2B2AJ5i1wAvPIY26b4QYuAL7dII=
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Florian Weimer <fw@sourceware.org>
To: glibc-cvs@sourceware.org
Subject: [glibc/release/2.34/master] elf: Do not completely clear reused
 namespace in dlmopen (bug 29600)
X-Act-Checkin: glibc
X-Git-Author: Florian Weimer <fweimer@redhat.com>
X-Git-Refname: refs/heads/release/2.34/master
X-Git-Oldrev: d5313bcb7e56cd949ca920bb0c741a1d1d4093cf
X-Git-Newrev: 9f55d2e7c42e6ca862a25d3ee3eb2b367811c30d
Message-Id: <20221014110313.B081238582B7@sourceware.org>
Date: Fri, 14 Oct 2022 11:03:12 +0000 (GMT)
List-Id: <glibc-cvs.sourceware.org>

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9f55d2e7c42e6ca862a25d3ee3eb2b367811c30d

commit 9f55d2e7c42e6ca862a25d3ee3eb2b367811c30d
Author: Florian Weimer <fweimer@redhat.com>
Date:   Fri Oct 14 12:43:07 2022 +0200

    elf: Do not completely clear reused namespace in dlmopen (bug 29600)
    
    The data in the _ns_debug member must be preserved, otherwise
    _dl_debug_initialize enters an infinite loop.  To be conservative,
    only clear the libc_map member for now, to fix bug 29528.
    
    Fixes commit d0e357ff45a75553dee3b17ed7d303bfa544f6fe
    ("elf: Call __libc_early_init for reused namespaces (bug 29528)"),
    by reverting most of it.
    
    Reviewed-by: Carlos O'Donell <carlos@redhat.com>
    Tested-by: Carlos O'Donell <carlos@redhat.com>
    (cherry picked from commit 2c42257314536b94cc8d52edede86e94e98c1436)
    (Conflict in elf/dl-open.c due to missing _r_debug namespace support.)

Diff:
---
 NEWS                    |  1 +
 elf/dl-open.c           | 14 ++++++--------
 elf/tst-dlmopen-twice.c | 28 ++++++++++++++++++++++++----
 3 files changed, 31 insertions(+), 12 deletions(-)

diff --git a/NEWS b/NEWS
index 08a11329c0..45952e7c14 100644
--- a/NEWS
+++ b/NEWS
@@ -126,6 +126,7 @@ The following bugs are resolved with this release:
   [29490] alpha: New __brk_call implementation is broken
   [29528] elf: Call __libc_early_init for reused namespaces
   [29583] Use 64-bit interfaces in gconv_parseconfdir
+  [29600] Do not completely clear reused namespace in dlmopen
 
 
 Version 2.34
diff --git a/elf/dl-open.c b/elf/dl-open.c
index 1ab3c7b5ac..633b047ad2 100644
--- a/elf/dl-open.c
+++ b/elf/dl-open.c
@@ -839,15 +839,13 @@ _dl_open (const char *file, int mode, const void *caller_dlopen, Lmid_t nsid,
 	  _dl_signal_error (EINVAL, file, NULL, N_("\
 no more namespaces available for dlmopen()"));
 	}
+      else if (nsid == GL(dl_nns))
+	{
+	  __rtld_lock_initialize (GL(dl_ns)[nsid]._ns_unique_sym_table.lock);
+	  ++GL(dl_nns);
+	}
 
-      if (nsid == GL(dl_nns))
-	++GL(dl_nns);
-
-      /* Initialize the new namespace.  Most members are
-	 zero-initialized, only the lock needs special treatment.  */
-      memset (&GL(dl_ns)[nsid], 0, sizeof (GL(dl_ns)[nsid]));
-      __rtld_lock_initialize (GL(dl_ns)[nsid]._ns_unique_sym_table.lock);
-
+      GL(dl_ns)[nsid].libc_map = NULL;
       _dl_debug_initialize (0, nsid)->r_state = RT_CONSISTENT;
     }
   /* Never allow loading a DSO in a namespace which is empty.  Such
diff --git a/elf/tst-dlmopen-twice.c b/elf/tst-dlmopen-twice.c
index 449f3c8fa9..70c71fe19c 100644
--- a/elf/tst-dlmopen-twice.c
+++ b/elf/tst-dlmopen-twice.c
@@ -16,18 +16,38 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
-#include <support/xdlfcn.h>
+#include <stdio.h>
 #include <support/check.h>
+#include <support/xdlfcn.h>
 
-static int
-do_test (void)
+/* Run the test multiple times, to check finding a new namespace while
+   another namespace is already in use.  This used to trigger bug 29600.  */
+static void
+recurse (int depth)
 {
-  void *handle = xdlmopen (LM_ID_NEWLM, "tst-dlmopen-twice-mod1.so", RTLD_NOW);
+  if (depth == 0)
+    return;
+
+  printf ("info: running at depth %d\n", depth);
+  void *handle = xdlmopen (LM_ID_NEWLM, "tst-dlmopen-twice-mod1.so",
+                           RTLD_NOW);
   xdlclose (handle);
   handle = xdlmopen (LM_ID_NEWLM, "tst-dlmopen-twice-mod2.so", RTLD_NOW);
   int (*run_check) (void) = xdlsym (handle, "run_check");
   TEST_COMPARE (run_check (), 0);
+  recurse (depth - 1);
   xdlclose (handle);
+}
+
+static int
+do_test (void)
+{
+  /* First run the test without nesting.  */
+  recurse (1);
+
+  /* Then with nesting.  The constant needs to be less than the
+     internal DL_NNS namespace constant.  */
+  recurse (10);
   return 0;
 }