From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 533E63858D28 for ; Sat, 18 Dec 2021 18:01:16 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 533E63858D28 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-607-ti5mQzZ-P6KHI8u0gm3btA-1; Sat, 18 Dec 2021 13:01:15 -0500 X-MC-Unique: ti5mQzZ-P6KHI8u0gm3btA-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id EFF2D1898291; Sat, 18 Dec 2021 18:01:13 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.39.192.46]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9B5EE5E482; Sat, 18 Dec 2021 18:01:08 +0000 (UTC) From: Florian Weimer To: Adhemerval Zanella Cc: libc-alpha@sourceware.org, John Mellor-Crummey , Ben Woodard Subject: Re: [PATCH v6 13/20] elf: Fix initial-exec TLS access on audit modules (BZ #28096) References: <20211115183734.531155-1-adhemerval.zanella@linaro.org> <20211115183734.531155-14-adhemerval.zanella@linaro.org> Date: Sat, 18 Dec 2021 19:01:06 +0100 In-Reply-To: <20211115183734.531155-14-adhemerval.zanella@linaro.org> (Adhemerval Zanella's message of "Mon, 15 Nov 2021 15:37:27 -0300") Message-ID: <87sfuphjx9.fsf@oldenburg.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Dec 2021 18:01:17 -0000 * Adhemerval Zanella: > diff --git a/elf/dl-object.c b/elf/dl-object.c > index 1875599eb2..eb2158a84b 100644 > --- a/elf/dl-object.c > +++ b/elf/dl-object.c > @@ -175,6 +175,9 @@ _dl_new_object (char *realname, const char *libname, int type, > > new->l_local_scope[0] = &new->l_searchlist; > > + if (mode & __RTLD_AUDIT) > + new->l_dont_set_tls_static = 1; > + > /* Determine the origin. If allocating the link map for the main > executable, the realname is not known and "". In this case, the > origin needs to be determined by other means. However, in case Is this sufficient? What happens if an auditor calls dlopen? I don't see anything that causes that dlopen call to use __RTLD_AUDIT, so I suspect the change in initialization logic needs to be changed for audit namespaces, not just each audit module contained in them. Thanks, Florian