elf: Signal LA_ACT_CONSISTENT to auditors after RT_CONSISTENT switch

Auditors can call into the dynamic loader again if
LA_ACT_CONSISTENT, and  those recursive calls could observe
r_state != RT_CONSISTENT.

We should consider failing dlopen/dlmopen/dlclose if
r_state != RT_CONSISTENT.  The dynamic linker is probably not
in a state in which it can handle reentrant calls.  This
needs further investigation.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>

diff --git a/elf/dl-close.c b/elf/dl-close.c
index 88226245eb4b7a81a9318a035c7ea3a5c4344ad4..b6f4daac792b8a9072f7e285c51e88e39f766a90 100644 (file)
--- a/elf/dl-close.c
+++ b/elf/dl-close.c
@@ -723,6 +723,11 @@ _dl_close_worker (struct link_map *map, bool force)
   /* TLS is cleaned up for the unloaded modules.  */
   __rtld_lock_unlock_recursive (GL(dl_load_tls_lock));
 
+  /* Notify the debugger those objects are finalized and gone.  */
+  r->r_state = RT_CONSISTENT;
+  _dl_debug_state ();
+  LIBC_PROBE (unmap_complete, 2, nsid, r);
+
 #ifdef SHARED
   /* Auditing checkpoint: we have deleted all objects.  Also, do not notify
      auditors of the cleanup of a failed audit module loading attempt.  */
@@ -735,11 +740,6 @@ _dl_close_worker (struct link_map *map, bool force)
       --GL(dl_nns);
     while (GL(dl_ns)[GL(dl_nns) - 1]._ns_loaded == NULL);
 
-  /* Notify the debugger those objects are finalized and gone.  */
-  r->r_state = RT_CONSISTENT;
-  _dl_debug_state ();
-  LIBC_PROBE (unmap_complete, 2, nsid, r);
-
   /* Recheck if we need to retry, release the lock.  */
  out:
   if (dl_close_state == rerun)

diff --git a/elf/dl-open.c b/elf/dl-open.c
index 2c20aa1df97bd3aa7fb036e380cfa8b7cbaea069..5e74807d23805a6c68d327ae6a478e74180cf04e 100644 (file)
--- a/elf/dl-open.c
+++ b/elf/dl-open.c
@@ -628,17 +628,17 @@ dl_open_worker_begin (void *a)
 #endif
       }
 
-#ifdef SHARED
-  /* Auditing checkpoint: we have added all objects.  */
-  _dl_audit_activity_nsid (new->l_ns, LA_ACT_CONSISTENT);
-#endif
-
   /* Notify the debugger all new objects are now ready to go.  */
   struct r_debug *r = _dl_debug_update (args->nsid);
   r->r_state = RT_CONSISTENT;
   _dl_debug_state ();
   LIBC_PROBE (map_complete, 3, args->nsid, r, new);
 
+#ifdef SHARED
+  /* Auditing checkpoint: we have added all objects.  */
+  _dl_audit_activity_nsid (new->l_ns, LA_ACT_CONSISTENT);
+#endif
+
   _dl_open_check (new);
 
   /* Print scope information.  */

diff --git a/elf/rtld.c b/elf/rtld.c
index cb6b61d5705c438f2c017de6fb110b2851bfe06d..cb6199aa6121448b00d63e62851b604fd84ff798 100644 (file)
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -2369,9 +2369,6 @@ dl_main (const ElfW(Phdr) *phdr,
      _dl_relocate_object might need to call `mprotect' for DT_TEXTREL.  */
   _dl_sysdep_start_cleanup ();
 
-  /* Auditing checkpoint: we have added all objects.  */
-  _dl_audit_activity_nsid (LM_ID_BASE, LA_ACT_CONSISTENT);
-
   /* Notify the debugger all new objects are now ready to go.  We must re-get
      the address since by now the variable might be in another object.  */
   r = _dl_debug_update (LM_ID_BASE);
@@ -2379,6 +2376,9 @@ dl_main (const ElfW(Phdr) *phdr,
   _dl_debug_state ();
   LIBC_PROBE (init_complete, 2, LM_ID_BASE, r);
 
+  /* Auditing checkpoint: we have added all objects.  */
+  _dl_audit_activity_nsid (LM_ID_BASE, LA_ACT_CONSISTENT);
+
 #if defined USE_LDCONFIG && !defined MAP_COPY
   /* We must munmap() the cache file.  */
   _dl_unload_cache ();