public inbox for libc-alpha@sourceware.org
 help / color / mirror / Atom feed
* Backporting LD_AUDIT fixes to the glibc 2.34 release branch?
@ 2022-03-29 20:46 Carlos O'Donell
  2022-03-29 21:05 ` Carlos O'Donell
                   ` (3 more replies)
  0 siblings, 4 replies; 6+ messages in thread
From: Carlos O'Donell @ 2022-03-29 20:46 UTC (permalink / raw)
  To: libc-alpha, Adhemerval Zanella, Aurelien Jarno,
	Michael Hudson-Doyle, Andreas Schwab

I have the opportunity to backport the LD_AUDIT fixes to glibc 2.34.

In total the set looks like this (no regressions on x86_64 and some minor
conflicts):

80a08d0faa9b224019f895800c4d97de4e23e1aa - Fix elf/tst-audit25a with default bind now toolchains
ce9a68c57c260c8417afc93972849ac9ad243ec4 - elf: Fix runtime linker auditing on aarch64 (BZ #26643)
32612615c58b394c3eb09f020f31310797ad3854 - elf: Issue la_symbind for bind-now (BZ #23734)
54816ae98d57930b7c945f17485714a5574bfe47 - elf: Move LAV_CURRENT to link_lavcurrent.h
254d3d5aef2fd8430c469e1938209ac100ebf132 - elf: Fix initial-exec TLS access on audit modules (BZ #28096)
484e672ddabe0a919a692520e6ac8f2580866235 - elf: Do not fail for failed dlmopen on audit modules (BZ #28061)
5fa11a2bc94c912c3b25860065086902674537ba - elf: Add la_activity during application exit
f0e23d34a7bdf6b90fba954ee741419171ac41b2 - elf: Issue audit la_objopen for vDSO
d1b38173c9255b1a4ae00018ad9b35404a7c74d0 - elf: Add audit tests for modules with TLSDESC
063f9ba220f434c7f30dd65c4cff17c0c458a7cf - elf: Avoid unnecessary slowdown from profiling with audit (BZ#15533)
8c0664e2b861fd3789602cc0b0b1922b0e20cb3a - elf: Add _dl_audit_pltexit
eff687e8462b0eaf65992a6031b54a4b1cd16796 - elf: Add _dl_audit_pltenter
0b98a8748759e88b58927882a8714109abe0a2d6 - elf: Add _dl_audit_preinit
cda4f265c65fb6c4ce38ca1cf0a7e527c5e77cd5 - elf: Add _dl_audit_symbind_alt and _dl_audit_symbind
311c9ee54ea963ff69bd3a2e6981c37e893b4c3e - elf: Add _dl_audit_objclose
c91008d3490e4e3ce29520068405f081f0d368ca - elf: Add _dl_audit_objsearch
3dac3959a5cb585b065cef2cb8a8d909c907e202 - elf: Add _dl_audit_activity_map and _dl_audit_activity_nsid
aee6e90f93e285016b6cd9c8bd00402c19ba271b - elf: Add _dl_audit_objopen
ed3ce71f5c64c5f07cbde0ef03554ea8950d8f2c - elf: Move la_activity (LA_ACT_ADD) after _dl_add_to_namespace_list() (BZ #28062)
d6d89608ac8cf2b37c75debad1fff653f6939f90 - elf: Fix dynamic-link.h usage on rtld.c
4af6982e4c9fc465ffb7a54b794aaaa134241f05 - elf: Fix elf_get_dynamic_info definition
490e6c62aa31a8aa5c4a059f6e646ede121edf0a - elf: Avoid nested functions in the loader [BZ #27220]

I exclude the _r_debug changes (3 commits) because of the gdb and tooling
impact. I have the option to add one more commit to reinstate tst-audit17
(haven't tested it yet).

Backporting these changes to glibc 2.34 release branch would allow me to more
easily make them available in Fedora 35 (Fedora 36 already has them) and share
their overall maintenance with other distributions.

The downsides are as follows:
- LAV_CURRENT is bumped, so existing auditors would need to be rebuilt.
  - The loader will not load the old auditors and the error message is clear.

The upsides are that we get LD_AUDIT fixed and have wider coverage for the
recent changes.

I expect the most impacted distributions will be Debian/Ubuntu since they
actively use the release branches like Fedora.

Aurelien,

Any objections?

Michael,

Any objections?

Andreas,

Would a backport into 2.34 release branch impact OpenSUSE? Any objections?

-- 
Cheers,
Carlos.


^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: Backporting LD_AUDIT fixes to the glibc 2.34 release branch?
  2022-03-29 20:46 Backporting LD_AUDIT fixes to the glibc 2.34 release branch? Carlos O'Donell
@ 2022-03-29 21:05 ` Carlos O'Donell
  2022-03-29 22:36 ` Michael Hudson-Doyle
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 6+ messages in thread
From: Carlos O'Donell @ 2022-03-29 21:05 UTC (permalink / raw)
  To: libc-alpha, Adhemerval Zanella, Aurelien Jarno,
	Michael Hudson-Doyle, Andreas Schwab

On 3/29/22 16:46, Carlos O'Donell wrote:
> I have the opportunity to backport the LD_AUDIT fixes to glibc 2.34.

Pushed as codonell/ld-audit if anyone wants to review the final backports.

> I expect the most impacted distributions will be Debian/Ubuntu since they
> actively use the release branches like Fedora.


-- 
Cheers,
Carlos.


^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: Backporting LD_AUDIT fixes to the glibc 2.34 release branch?
  2022-03-29 20:46 Backporting LD_AUDIT fixes to the glibc 2.34 release branch? Carlos O'Donell
  2022-03-29 21:05 ` Carlos O'Donell
@ 2022-03-29 22:36 ` Michael Hudson-Doyle
  2022-03-30  9:19 ` Andreas Schwab
  2022-03-30 16:18 ` Aurelien Jarno
  3 siblings, 0 replies; 6+ messages in thread
From: Michael Hudson-Doyle @ 2022-03-29 22:36 UTC (permalink / raw)
  To: Carlos O'Donell
  Cc: libc-alpha, Adhemerval Zanella, Aurelien Jarno, Andreas Schwab

On Wed, 30 Mar 2022 at 09:46, Carlos O'Donell <carlos@redhat.com> wrote:

> Michael,
>
> Any objections?
>

2.34 is only in the non-LTS 21.10 release and I am not currently planning
to update glibc there, so no objections from me.

(I want to do a much better job than we have been doing at following the
2.35 branch for the to-be-LTS 22.04 release though!)

Cheers,
mwh

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: Backporting LD_AUDIT fixes to the glibc 2.34 release branch?
  2022-03-29 20:46 Backporting LD_AUDIT fixes to the glibc 2.34 release branch? Carlos O'Donell
  2022-03-29 21:05 ` Carlos O'Donell
  2022-03-29 22:36 ` Michael Hudson-Doyle
@ 2022-03-30  9:19 ` Andreas Schwab
  2022-03-30 16:18 ` Aurelien Jarno
  3 siblings, 0 replies; 6+ messages in thread
From: Andreas Schwab @ 2022-03-30  9:19 UTC (permalink / raw)
  To: Carlos O'Donell
  Cc: libc-alpha, Adhemerval Zanella, Aurelien Jarno, Michael Hudson-Doyle

I generally only pick up changes from the branch to openSUSE Factory
when there is a known problem.

-- 
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: Backporting LD_AUDIT fixes to the glibc 2.34 release branch?
  2022-03-29 20:46 Backporting LD_AUDIT fixes to the glibc 2.34 release branch? Carlos O'Donell
                   ` (2 preceding siblings ...)
  2022-03-30  9:19 ` Andreas Schwab
@ 2022-03-30 16:18 ` Aurelien Jarno
  3 siblings, 0 replies; 6+ messages in thread
From: Aurelien Jarno @ 2022-03-30 16:18 UTC (permalink / raw)
  To: Carlos O'Donell
  Cc: libc-alpha, Adhemerval Zanella, Michael Hudson-Doyle, Andreas Schwab

Hi Carlos,

On 2022-03-29 16:46, Carlos O'Donell wrote:
> I have the opportunity to backport the LD_AUDIT fixes to glibc 2.34.
> 
> In total the set looks like this (no regressions on x86_64 and some minor
> conflicts):
> 
> 80a08d0faa9b224019f895800c4d97de4e23e1aa - Fix elf/tst-audit25a with default bind now toolchains
> ce9a68c57c260c8417afc93972849ac9ad243ec4 - elf: Fix runtime linker auditing on aarch64 (BZ #26643)
> 32612615c58b394c3eb09f020f31310797ad3854 - elf: Issue la_symbind for bind-now (BZ #23734)
> 54816ae98d57930b7c945f17485714a5574bfe47 - elf: Move LAV_CURRENT to link_lavcurrent.h
> 254d3d5aef2fd8430c469e1938209ac100ebf132 - elf: Fix initial-exec TLS access on audit modules (BZ #28096)
> 484e672ddabe0a919a692520e6ac8f2580866235 - elf: Do not fail for failed dlmopen on audit modules (BZ #28061)
> 5fa11a2bc94c912c3b25860065086902674537ba - elf: Add la_activity during application exit
> f0e23d34a7bdf6b90fba954ee741419171ac41b2 - elf: Issue audit la_objopen for vDSO
> d1b38173c9255b1a4ae00018ad9b35404a7c74d0 - elf: Add audit tests for modules with TLSDESC
> 063f9ba220f434c7f30dd65c4cff17c0c458a7cf - elf: Avoid unnecessary slowdown from profiling with audit (BZ#15533)
> 8c0664e2b861fd3789602cc0b0b1922b0e20cb3a - elf: Add _dl_audit_pltexit
> eff687e8462b0eaf65992a6031b54a4b1cd16796 - elf: Add _dl_audit_pltenter
> 0b98a8748759e88b58927882a8714109abe0a2d6 - elf: Add _dl_audit_preinit
> cda4f265c65fb6c4ce38ca1cf0a7e527c5e77cd5 - elf: Add _dl_audit_symbind_alt and _dl_audit_symbind
> 311c9ee54ea963ff69bd3a2e6981c37e893b4c3e - elf: Add _dl_audit_objclose
> c91008d3490e4e3ce29520068405f081f0d368ca - elf: Add _dl_audit_objsearch
> 3dac3959a5cb585b065cef2cb8a8d909c907e202 - elf: Add _dl_audit_activity_map and _dl_audit_activity_nsid
> aee6e90f93e285016b6cd9c8bd00402c19ba271b - elf: Add _dl_audit_objopen
> ed3ce71f5c64c5f07cbde0ef03554ea8950d8f2c - elf: Move la_activity (LA_ACT_ADD) after _dl_add_to_namespace_list() (BZ #28062)
> d6d89608ac8cf2b37c75debad1fff653f6939f90 - elf: Fix dynamic-link.h usage on rtld.c
> 4af6982e4c9fc465ffb7a54b794aaaa134241f05 - elf: Fix elf_get_dynamic_info definition
> 490e6c62aa31a8aa5c4a059f6e646ede121edf0a - elf: Avoid nested functions in the loader [BZ #27220]
> 
> I exclude the _r_debug changes (3 commits) because of the gdb and tooling
> impact. I have the option to add one more commit to reinstate tst-audit17
> (haven't tested it yet).
> 
> Backporting these changes to glibc 2.34 release branch would allow me to more
> easily make them available in Fedora 35 (Fedora 36 already has them) and share
> their overall maintenance with other distributions.
> 
> The downsides are as follows:
> - LAV_CURRENT is bumped, so existing auditors would need to be rebuilt.
>   - The loader will not load the old auditors and the error message is clear.
> 
> The upsides are that we get LD_AUDIT fixed and have wider coverage for the
> recent changes.
> 
> I expect the most impacted distributions will be Debian/Ubuntu since they
> actively use the release branches like Fedora.
> 
> Aurelien,
> 
> Any objections?

No objection from my side. I still haven't been able to get everything
in shape to get glibc 2.34 into sid, so no worry about any rebuild.

Cheers
Aurelien

-- 
Aurelien Jarno                          GPG: 4096R/1DDD8C9B
aurelien@aurel32.net                 http://www.aurel32.net

^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: Backporting LD_AUDIT fixes to the glibc 2.34 release branch?
       [not found] <mailman.20300.1648586803.2100866.libc-alpha@sourceware.org>
@ 2022-03-31 19:58 ` John Mellor-Crummey
  0 siblings, 0 replies; 6+ messages in thread
From: John Mellor-Crummey @ 2022-03-31 19:58 UTC (permalink / raw)
  To: John Mellor-Crummey via Libc-alpha
  Cc: John Mellor-Crummey, Carlos O'Donell, Adhemerval Zanella,
	Aurelien Jarno, Michael Hudson-Doyle, Andreas Schwab, Eachempati,
	Deepak

We appreciate the plan to backport LD_AUDIT fixes to earlier glibc versions.

We are more than happy to rebuild all of our auditors to pickup the new LAV_CURRENT to get these fixes.

Besides a backport in RHEL, we would like to see the backport in a SUSE version delivered on Cray platforms
--
John Mellor-Crummey		Professor
Dept of Computer Science	Rice University
email: johnmc@rice.edu		phone: 713-348-5179

^ permalink raw reply	[flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-03-31 19:58 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-29 20:46 Backporting LD_AUDIT fixes to the glibc 2.34 release branch? Carlos O'Donell
2022-03-29 21:05 ` Carlos O'Donell
2022-03-29 22:36 ` Michael Hudson-Doyle
2022-03-30  9:19 ` Andreas Schwab
2022-03-30 16:18 ` Aurelien Jarno
     [not found] <mailman.20300.1648586803.2100866.libc-alpha@sourceware.org>
2022-03-31 19:58 ` John Mellor-Crummey

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).