From: Jonathon Anderson <janderson@rice.edu>
To: libc-alpha@sourceware.org
Cc: Florian Weimer <fweimer@redhat.com>, Carlos O'Donell <carlos@redhat.com>
Subject: RFC: Auditor access to program headers
Date: Wed, 16 Mar 2022 13:25:53 -0500 [thread overview]
Message-ID: <975db62c-dd23-9dbf-ba91-d41e04282961@rice.edu> (raw)
Hello all,
We (the HPCToolkit team) recently encountered a new complication using
LD_AUDIT as part of the HPCToolkit performance tools. In one shared
library we encountered, the program headers are mapped in a PT_LOAD
segment to a different virtual offset than their file offset. This
caused our auditor to crash since we had previously assumed these
offsets would be identical. Without this assumption, we cannot access
the mapped program headers for a binary. While we can work around the
issue (with a serious performance hit) by opening the file to read the
headers ourselves, it does concern us that there is no secure (or fast)
way for an auditor to access the program headers for a loaded binary
without horrific dl_iterate_phdr shims.
We propose two changes to support this use case:
- Addition of a new dlinfo request that fills a dl_phdr_info (or
similar) structure identically to how dl_iterate_phdr would. This would
enable access to a load module's program headers without use of
dl_iterate_phdr.
- A fix for the bug that causes dl* functions to crash in early
auditor notifications (one of our Tier 2 issues). This is required to
allow use of dlinfo within an auditor. Fixing this involves adjusting
rtld_active to return true during auditor notifications in dl_main.
These two changes should have no ABI impact. It would help us greatly if
these changes were made and backported to supported Red Hat versions,
including the upcoming Fedora 36 release.
For additional clarity, it would also be helpful to have either:
- documentation that a link_map* is in fact a dlopen handle and thus
can be passed to any dl* function in current and future versions of
Glibc, or
- the prototype of la_objopen altered to take a void* dlopen handle
instead of a link_map* (which AFAIK currently has no or minimal ABI impact).
-Jonathon
next reply other threads:[~2022-03-16 18:25 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-16 18:25 Jonathon Anderson [this message]
2022-03-17 14:59 ` Florian Weimer
2022-03-17 20:16 ` Jonathon Anderson
2022-04-20 18:57 ` Florian Weimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=975db62c-dd23-9dbf-ba91-d41e04282961@rice.edu \
--to=janderson@rice.edu \
--cc=carlos@redhat.com \
--cc=fweimer@redhat.com \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).