From: Florian Weimer <fweimer@redhat.com>
To: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Cc: libc-alpha@sourceware.org, John Mellor-Crummey <johnmc@rice.edu>,
Ben Woodard <woodard@redhat.com>
Subject: Re: [PATCH v7 12/16] elf: Fix initial-exec TLS access on audit modules (BZ #28096)
Date: Fri, 24 Dec 2021 18:17:14 +0100 [thread overview]
Message-ID: <87o8559b39.fsf@oldenburg.str.redhat.com> (raw)
In-Reply-To: <20211222132712.523295-13-adhemerval.zanella@linaro.org> (Adhemerval Zanella's message of "Wed, 22 Dec 2021 10:27:08 -0300")
* Adhemerval Zanella:
> For audit modules or dependencies with initial-exec TLS, we can not
> set the initial TLS image on default loader initialization because it
> would already be set by the audit setup. However, subsequent thread
> creation would need to follow the default behaviour.
>
> This patch fixes by making_dl_new_object sets a new link_map flag
> 'l_dont_set_tls_static' for namespaces different than the default
> one. The flag is later reset on _dl_allocate_tls_init.
Typo: making[ ]dl_new-object
> diff --git a/elf/dl-object.c b/elf/dl-object.c
> index 1875599eb2..f3d637ac27 100644
> --- a/elf/dl-object.c
> +++ b/elf/dl-object.c
> @@ -175,6 +175,9 @@ _dl_new_object (char *realname, const char *libname, int type,
>
> new->l_local_scope[0] = &new->l_searchlist;
>
> + if (nsid != LM_ID_BASE)
> + new->l_dont_set_tls_static = 1;
> +
> /* Determine the origin. If allocating the link map for the main
> executable, the realname is not known and "". In this case, the
> origin needs to be determined by other means. However, in case
> diff --git a/elf/dl-tls.c b/elf/dl-tls.c
> index 273f60f233..89200ccc48 100644
> --- a/elf/dl-tls.c
> +++ b/elf/dl-tls.c
> @@ -593,10 +593,18 @@ _dl_allocate_tls_init (void *result)
> some platforms use in static programs requires it. */
> dtv[map->l_tls_modid].pointer.val = dest;
>
> - /* Copy the initialization image and clear the BSS part. */
> - memset (__mempcpy (dest, map->l_tls_initimage,
> - map->l_tls_initimage_size), '\0',
> - map->l_tls_blocksize - map->l_tls_initimage_size);
> + /* Copy the initialization image and clear the BSS part. For
> + audit modules or depedencies with initial-exec TLS, we can not
> + set the initial TLS image on default loader initialization
> + because it would already be set by the audit setup. However,
> + subsequent thread creation would need to follow the default
> + behaviour. */
> + if (__glibc_unlikely (!map->l_dont_set_tls_static))
> + memset (__mempcpy (dest, map->l_tls_initimage,
> + map->l_tls_initimage_size), '\0',
> + map->l_tls_blocksize - map->l_tls_initimage_size);
> + else
> + map->l_dont_set_tls_static = 0;
> }
Wouldn't it be simpler to skip the memcpy/memset for non-base namespaces
if a flag is pased to _dl_allocate_tls_init? I still don't think it's
the status as an audit module what matters here, it applies to
everything that is loaded through the dlopen implementation (as opposed
to _dl_map_object_deps for the main executable).
Thanks,
Florian
next prev parent reply other threads:[~2021-12-24 17:17 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-22 13:26 [PATCH v7 00/16] Multiple rtld-audit fixes Adhemerval Zanella
2021-12-22 13:26 ` [PATCH v7 01/16] elf: Add _dl_audit_objopen Adhemerval Zanella
2021-12-24 11:50 ` Florian Weimer
2021-12-22 13:26 ` [PATCH v7 02/16] elf: Add _dl_audit_activity_map and _dl_audit_activity_nsid Adhemerval Zanella
2021-12-24 11:58 ` Florian Weimer
2021-12-27 12:10 ` Adhemerval Zanella
2021-12-22 13:26 ` [PATCH v7 03/16] elf: Add _dl_audit_objsearch Adhemerval Zanella
2021-12-24 12:05 ` Florian Weimer
2021-12-27 12:20 ` Adhemerval Zanella
2021-12-22 13:27 ` [PATCH v7 04/16] elf: Add _dl_audit_objclose Adhemerval Zanella
2021-12-24 12:10 ` Florian Weimer
2021-12-22 13:27 ` [PATCH v7 05/16] elf: Add _dl_audit_symbind_alt and _dl_audit_symbind Adhemerval Zanella
2021-12-24 12:42 ` Florian Weimer
2021-12-22 13:27 ` [PATCH v7 06/16] elf: Add _dl_audit_preinit Adhemerval Zanella
2021-12-24 12:47 ` Florian Weimer
2021-12-24 12:53 ` Florian Weimer
2021-12-22 13:27 ` [PATCH v7 07/16] elf: Add _dl_audit_pltenter Adhemerval Zanella
2021-12-24 13:57 ` Florian Weimer
2021-12-22 13:27 ` [PATCH v7 08/16] elf: Add _dl_audit_pltexit Adhemerval Zanella
2021-12-24 14:17 ` Florian Weimer
2021-12-22 13:27 ` [PATCH v7 09/16] elf: Avoid unnecessary slowdown from profiling with audit (BZ#15533) Adhemerval Zanella
2021-12-24 16:05 ` Florian Weimer
2021-12-22 13:27 ` [PATCH v7 10/16] elf: Add audit tests for modules with TLSDESC Adhemerval Zanella
2021-12-24 16:55 ` Florian Weimer
2021-12-22 13:27 ` [PATCH v7 11/16] elf: Do not fail for failed dlmopen on audit modules (BZ #28061) Adhemerval Zanella
2021-12-22 13:27 ` [PATCH v7 12/16] elf: Fix initial-exec TLS access on audit modules (BZ #28096) Adhemerval Zanella
2021-12-24 17:17 ` Florian Weimer [this message]
2021-12-27 20:13 ` Adhemerval Zanella
2021-12-22 13:27 ` [PATCH v7 13/16] elf: Issue audit la_objopen for vDSO Adhemerval Zanella
2021-12-24 17:44 ` Florian Weimer
2021-12-22 13:27 ` [PATCH v7 14/16] elf: Add la_activity during application exit Adhemerval Zanella
2021-12-24 17:50 ` Florian Weimer
2021-12-22 13:27 ` [PATCH v7 15/16] elf: Issue la_symbind for bind-now (BZ #23734) Adhemerval Zanella
2021-12-24 18:50 ` Florian Weimer
2021-12-27 20:17 ` Adhemerval Zanella
2021-12-22 13:27 ` [PATCH v7 16/16] elf: Fix runtime linker auditing on aarch64 (BZ #26643) Adhemerval Zanella
2021-12-24 18:53 ` Florian Weimer
2021-12-27 20:31 ` Adhemerval Zanella
2021-12-24 11:49 ` [PATCH v7 00/16] Multiple rtld-audit fixes Florian Weimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87o8559b39.fsf@oldenburg.str.redhat.com \
--to=fweimer@redhat.com \
--cc=adhemerval.zanella@linaro.org \
--cc=johnmc@rice.edu \
--cc=libc-alpha@sourceware.org \
--cc=woodard@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).