From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from forward108p.mail.yandex.net (forward108p.mail.yandex.net [IPv6:2a02:6b8:0:1472:2741:0:8b7:116]) by sourceware.org (Postfix) with ESMTPS id 334323858422 for ; Wed, 1 Mar 2023 15:08:28 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 334323858422 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=yandex.ru Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=yandex.ru Received: from forward100q.mail.yandex.net (forward100q.mail.yandex.net [IPv6:2a02:6b8:c0e:4b:0:640:4012:bb97]) by forward108p.mail.yandex.net (Yandex) with ESMTP id 4C52026789C0 for ; Wed, 1 Mar 2023 18:08:26 +0300 (MSK) Received: from vla1-19b50e1e87d6.qloud-c.yandex.net (vla1-19b50e1e87d6.qloud-c.yandex.net [IPv6:2a02:6b8:c0d:3e8b:0:640:19b5:e1e]) by forward100q.mail.yandex.net (Yandex) with ESMTP id 4863C6F40002 for ; Wed, 1 Mar 2023 18:08:26 +0300 (MSK) Received: by vla1-19b50e1e87d6.qloud-c.yandex.net (smtp/Yandex) with ESMTPSA id O8Xsp04cwKo1-3XXyvpjh; Wed, 01 Mar 2023 18:08:25 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1677683306; bh=mXUL0Jy/H+0YWjF5/8AY21BSurfabAdq27b4GgUf5NY=; h=Message-Id:Date:Cc:Subject:To:From; b=F2H2Rb4BT1EW53Go5pGs/FjZSTebmlQGCwL5tOnV0tdV3PHTrWlz53xzRysw5dxyt lBFw/N+3Kdu1JAepgMHbETJ5tMKCXozvzfEhYZn36jaFY5dqXQjcCBZ/Aw6s+r0zeA KUZoL3twJ27v0Kzns1F6Lr3fVuCM0tdTWIHSI4Og= Authentication-Results: vla1-19b50e1e87d6.qloud-c.yandex.net; dkim=pass header.i=@yandex.ru From: Stas Sergeev To: libc-alpha@sourceware.org Cc: Stas Sergeev Subject: [PATCH v6 0/2] minimal run-time audit support Date: Wed, 1 Mar 2023 20:08:16 +0500 Message-Id: <20230301150818.31815-1-stsp2@yandex.ru> X-Mailer: git-send-email 2.37.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-3.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Changes in v6: fix what seems to be a problem in v5: call unload_audit_module() before _dl_signal_error(), rather than after. It seems _dl_signal_error() may involve longjmp() so it should be called the last, after any clean-ups. Changes in v5: address the review comment of Jonathon Anderson: Disabling existing audit call-backs may break some existing auditors if they attempted to be loaded with dlload_audit_module(). Instead return an error EINVAL and refuse to load an audit module that has the unallowed call-backs (symbind, pltenter, pltexit). Extend test to make sure the error is reported as expected. Changes in v4: rebased, conflicts resolved. Changes in v3: address the review comment of Jonathon Anderson: Disable 3 audit call-backs for dynamically loaded modules. Namely symbind, pltenter, pltexit. Extend test-case to make sure they are not resolved and not called. Changes in v2: address the review comment of Jonathon Anderson: Add per-linkmap l_naudit counter to make sure each object is audited only with the modules loaded before it. That avoids the possibility of getting the "unrecognized" cookie. Test-case was enhanced to check for unrecognized cookies. This patch-set introduces the bare minimum functionality for working with audit modules at run-time. Patch1 fixes the check in dlmopen() which avoids loading solibs into the auditing namespace. But RTLD_NOLOAD was forgotten to check, and with that flags nothing gets loaded into auditing namespace, so dlmopen() should succeed and return the handle for auditing object. Patch2 adds dlload_audit_module() function and a test-case for it. -- 2.37.2