From: Florian Weimer <fweimer@redhat.com>
To: Joseph Myers <joseph@codesourcery.com>
Cc: libc-alpha@sourceware.org
Subject: Re: Enable linknamespace testing for libdl and libcrypt
Date: Fri, 18 Nov 2016 14:36:00 -0000 [thread overview]
Message-ID: <89cc35ab-e4f8-4a82-b736-40915a945941@redhat.com> (raw)
In-Reply-To: <alpine.DEB.2.20.1611171429220.2016@digraph.polyomino.org.uk>
On 11/17/2016 03:31 PM, Joseph Myers wrote:
> On Thu, 17 Nov 2016, Florian Weimer wrote:
>
>>> Assuming there are no implementation-namespace exports of those functions
>>> that libcrypt could use instead, that indicates whitelisting in
>>> linknamespace.pl with a comment referencing a bug filed for nss-crypt
>>> namespace issues.
>>
>> Well, this is only relevant if we actually had a libfreebl.a which defines the
>> functions above. I don't think such a thing exists. Fedora and downstreams
>> don't have it, and neither does Debian jessie.
>
> As a cross-library namespace issue I'd expect it's just as relevant when
> shared libcrypt is referencing these functions from another shared
> library.
This is correct. The library with the NSSLOW_* names is just a stub,
and it attempts to dlopen the real thing (without RTLD_GLOBAL), to
conserve the symbol footprint. But that library uses quite a few
functions which may have been interposed by the application, and
RTLD_LOCAL does not guard against that.
Note that moving these libraries into the implementation namespace is
counterproductive because we don't want non-toolchain libraries to be
located there because then we don't own that space anymore and cannot
argue that names in it are safe to use for us. But such low-level
libraries (libidn will be in the same boat soon) could certainly use
glibc functionality under names in the implementation namespace without
ill effect.
For the symbols they define, we need to make sure (at the distribution
level) that these symbols are reasonably prefixed in some way. Names
like “mutex“, “buffer”, ”yyin” are really not a good idea.
> That is, this configuration involves a namespace bug,
Agreed.
> which is hard to fix so the names in question are whitelisted.
Sorry, I don't understand this part.
Florian
next prev parent reply other threads:[~2016-11-18 14:36 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-16 19:06 Joseph Myers
2016-11-16 19:47 ` Florian Weimer
2016-11-16 22:45 ` Joseph Myers
2016-11-17 9:08 ` Florian Weimer
2016-11-17 14:18 ` Joseph Myers
2016-11-17 14:23 ` Florian Weimer
2016-11-17 14:31 ` Joseph Myers
2016-11-18 14:36 ` Florian Weimer [this message]
2016-11-18 18:07 ` Joseph Myers
2016-11-21 10:42 ` Florian Weimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=89cc35ab-e4f8-4a82-b736-40915a945941@redhat.com \
--to=fweimer@redhat.com \
--cc=joseph@codesourcery.com \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).