From: Carlos O'Donell <carlos@redhat.com>
To: munroesj@linux.vnet.ibm.com, tulioqm@br.ibm.com
Cc: Florian Weimer <fweimer@redhat.com>,
Ulrich Drepper <drepper@gmail.com>,
GNU C Library <libc-alpha@sourceware.org>
Subject: Re: Library auditing interface stability?
Date: Thu, 05 May 2016 15:57:00 -0000 [thread overview]
Message-ID: <572B6D65.1040502@redhat.com> (raw)
In-Reply-To: <1462460184.9421.3.camel@oc7878010663>
On 05/05/2016 10:56 AM, Steven Munroe wrote:
> On Thu, 2016-04-28 at 15:21 -0400, Carlos O'Donell wrote:
>> On 04/28/2016 04:20 AM, Florian Weimer wrote:
>>> On 04/20/2016 04:24 PM, Ulrich Drepper wrote:
>>>> On Tue, Apr 19, 2016 at 5:03 PM, Carlos O'Donell
>>>> <carlos@redhat.com> wrote:
>>>>> In particular the La_*_regs and La_*_retval which contains
>>>>> additional registers as we expand the supported ISAs.
>>>>
>>>> la_version is there to preserve unlimited backward compatibility.
>>>
>>> We have not used this mechanism when we added support for additional
>>> registers to be passed to the PLT callbacks. Looking at commits
>>> 14c5cbabc2d11004ab223ae5eae761ddf83ef99e and
>>> 5cdd1989d1d2f135d02e66250f37ba8e767f9772, there is no way for an
>>> audit module to notice if these additional fields are maintained by
>>> glibc.
>>
>> I think we should have bumped the la_version number for all changes
>> to the structure for any architecture.
>>
>> Do we fix this by bumping LAV_CURRENT?
>>
>> diff --git a/elf/link.h b/elf/link.h
>> index f448141..cbf94a3 100644
>> --- a/elf/link.h
>> +++ b/elf/link.h
>> @@ -95,8 +95,13 @@ struct link_map
>>
>> #ifdef __USE_GNU
>>
>> -/* Version numbers for la_version handshake interface. */
>> -#define LAV_CURRENT 1
>> +/* Version numbers for la_version handshake interface.
>> + 1 - Initial implementation.
>> + 2 - Added lrv_bnd0 and lrv_bnd1 to La_i86_retval.
>> + 3 - Added lr_v[24,25,26,27,28,29,30,31] to La_s390_64_regs, and
>> + La_s390_32_regs. Added lrv_v24 to La_s390_64_retval and
>> + La_s390_64_retval. */
>> +#define LAV_CURRENT 3
>>
>> /* Activity types signaled through la_activity. */
>> enum
>> ---
>>
>> We can't fix audit modules in the field which return 1.
>>
>> We can fix newly compiled audit modules, making them expect
>> a LAV_CURRENT of 3, such that they can't be run with older
>> LAV_CURRENT 1 glibc which doesn't have BIND on x86 or
>> VSX on s390?
>>
>
> I am not sure if the audit modules need to now or care about PPC VSX or
> TAR, but if memory serves. VSX was added after the audit API.
Is VSX or TAR part of the procedure call sequence?
The La_*_regs structure allows an audit module to modify incoming
registers to the function using the PLT hook being provided by the
audit infrastructure.
Cheers,
Carlos.
--
Cheers,
Carlos.
next prev parent reply other threads:[~2016-05-05 15:57 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-19 21:03 Carlos O'Donell
2016-04-20 14:25 ` Ulrich Drepper
2016-04-28 8:20 ` Florian Weimer
2016-04-28 19:22 ` Carlos O'Donell
2016-05-05 14:56 ` Steven Munroe
2016-05-05 15:57 ` Carlos O'Donell [this message]
2016-05-05 21:29 ` Steven Munroe
2016-05-06 14:22 ` Carlos O'Donell
2016-05-10 14:28 ` Steven Munroe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=572B6D65.1040502@redhat.com \
--to=carlos@redhat.com \
--cc=drepper@gmail.com \
--cc=fweimer@redhat.com \
--cc=libc-alpha@sourceware.org \
--cc=munroesj@linux.vnet.ibm.com \
--cc=tulioqm@br.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).