From: Florian Weimer <fweimer@redhat.com>
To: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Cc: libc-alpha@sourceware.org, John Mellor-Crummey <johnmc@rice.edu>,
Ben Woodard <woodard@redhat.com>
Subject: Re: [PATCH v5 05/22] elf: Fix initial-exec TLS access on audit modules (BZ #28096)
Date: Wed, 10 Nov 2021 14:23:47 +0100 [thread overview]
Message-ID: <87v9105el8.fsf@oldenburg.str.redhat.com> (raw)
In-Reply-To: <20211109183347.2943786-6-adhemerval.zanella@linaro.org> (Adhemerval Zanella's message of "Tue, 9 Nov 2021 15:33:30 -0300")
* Adhemerval Zanella:
> diff --git a/elf/Makefile b/elf/Makefile
> index 4758cb23c4..861e83236e 100644
> --- a/elf/Makefile
> +++ b/elf/Makefile
> +$(objpfx)tst-audit21.out: $(objpfx)tst-auditmod21.so
> +tst-audit21-ENV = LD_AUDIT=$(objpfx)tst-auditmod21.so
This is needed to fix a Hurd build failure:
$(objpfx)tst-audit21: $(shared-thread-library)
> diff --git a/elf/dl-object.c b/elf/dl-object.c
> index 1875599eb2..eb2158a84b 100644
> --- a/elf/dl-object.c
> +++ b/elf/dl-object.c
> @@ -175,6 +175,9 @@ _dl_new_object (char *realname, const char *libname, int type,
>
> new->l_local_scope[0] = &new->l_searchlist;
>
> + if (mode & __RTLD_AUDIT)
> + new->l_dont_set_tls_static = 1;
> +
> /* Determine the origin. If allocating the link map for the main
> executable, the realname is not known and "". In this case, the
> origin needs to be determined by other means. However, in case
> diff --git a/elf/rtld.c b/elf/rtld.c
> index 8953347b00..db1817655f 100644
> --- a/elf/rtld.c
> +++ b/elf/rtld.c
> @@ -1055,6 +1055,8 @@ ERROR: audit interface '%s' requires version %d (maximum supported version %d);
>
> /* Mark the DSO as being used for auditing. */
> dlmargs.map->l_auditing = 1;
> + /* Mark the DSO to not clear the TLS bss in tls initialization. */
> + dlmargs.map->l_dont_set_tls_static = 1;
> }
>
> /* Notify the the audit modules that the object MAP has already been
I'm not sure if this actually works. As far as I understand it,
everything in an audit namespace needs this special treatment, and not
just the audit module itself.
I think we shuld add a parameter to _dl_allocate_tls_init and that
indicates the initialization should only be applied to objects in the
base namespace. This way, initialization is also skipped for dlopen'ed
modules in an audit namespace.
Thanks,
Florian
next prev parent reply other threads:[~2021-11-10 13:23 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-09 18:33 [PATCH v5 00/22] Multiple rtld-audit fixes Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 01/22] elf: Avoid unnecessary slowdown from profiling with audit (BZ#15533) Adhemerval Zanella
2021-11-10 12:11 ` Florian Weimer
2021-11-10 19:53 ` Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 02/22] elf: Add audit tests for modules with TLSDESC Adhemerval Zanella
2021-11-10 13:55 ` Florian Weimer
2021-11-11 19:18 ` Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 03/22] elf: Do not fail for failed dlopem on audit modules (BZ #28061) Adhemerval Zanella
2021-11-09 18:51 ` H.J. Lu
2021-11-11 17:24 ` Adhemerval Zanella
2021-11-10 14:00 ` Florian Weimer
2021-11-11 17:29 ` Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 04/22] elf: Suppress audit calls when a (new) namespace is empty (BZ #28062) Adhemerval Zanella
2021-11-10 14:15 ` Florian Weimer
2021-11-11 11:51 ` Adhemerval Zanella
2021-11-11 12:02 ` Florian Weimer
2021-11-11 12:25 ` Adhemerval Zanella
2021-11-11 12:33 ` Florian Weimer
2021-11-11 13:02 ` Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 05/22] elf: Fix initial-exec TLS access on audit modules (BZ #28096) Adhemerval Zanella
2021-11-10 13:23 ` Florian Weimer [this message]
2021-11-11 18:54 ` Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 06/22] elf: Add _dl_audit_objopen Adhemerval Zanella
2021-11-10 16:51 ` Florian Weimer
2021-11-09 18:33 ` [PATCH v5 07/22] elf: Add _dl_audit_activity_map and _dl_audit_activity_nsid Adhemerval Zanella
2021-11-10 16:59 ` Florian Weimer
2021-11-09 18:33 ` [PATCH v5 08/22] elf: Add _dl_audit_objsearch Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 09/22] elf: Add _dl_audit_objclose Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 10/22] elf: Add _dl_audit_symbind_alt and _dl_audit_symbind Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 11/22] elf: Add _dl_audit_preinit Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 12/22] elf: Add _dl_audit_pltenter Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 13/22] elf: Add _dl_audit_pltexit Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 14/22] elf: Issue audit la_objopen() for vDSO Adhemerval Zanella
2021-11-11 17:50 ` Florian Weimer
2021-11-11 20:16 ` Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 15/22] elf: Run constructors if executable has a soname of a dependency Adhemerval Zanella
2021-11-11 12:30 ` Florian Weimer
2021-11-12 19:02 ` Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 16/22] elf: Add main application on main_map l_name Adhemerval Zanella
2021-11-11 12:39 ` Florian Weimer
2021-11-12 19:30 ` Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 17/22] elf: Add la_activity during application exit Adhemerval Zanella
2021-11-11 12:50 ` Florian Weimer
2021-11-12 19:32 ` Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 18/22] elf: Issue la_symbind() for bind-now (BZ #23734) Adhemerval Zanella
2021-11-11 17:39 ` Florian Weimer
2021-11-15 14:20 ` Adhemerval Zanella
2021-11-15 14:23 ` Florian Weimer
2021-11-15 15:54 ` Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 19/22] elf: Add LA_SYMB_BINDNOW Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 20/22] elf: Move LAV_CURRENT to link_lavcurrent.h Adhemerval Zanella
2021-11-11 17:42 ` Florian Weimer
2021-11-15 14:21 ` Adhemerval Zanella
2021-11-09 18:33 ` [PATCH v5 21/22] elf: Fix runtime linker auditing on aarch64 (BZ #26643) Adhemerval Zanella
2021-11-09 18:33 ` [RFC v5 22/22] elf: Add SVE support for aarch64 rtld-audit Adhemerval Zanella
2021-11-10 13:52 ` Florian Weimer
2021-11-15 17:04 ` Adhemerval Zanella
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87v9105el8.fsf@oldenburg.str.redhat.com \
--to=fweimer@redhat.com \
--cc=adhemerval.zanella@linaro.org \
--cc=johnmc@rice.edu \
--cc=libc-alpha@sourceware.org \
--cc=woodard@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).