This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Increase robustness of internal dlopen() by using RTLD_NOW [BZ #22766]
- From: Carlos O'Donell <carlos at redhat dot com>
- To: Tulio Magno Quites Machado Filho <tuliom at linux dot ibm dot com>, libc-alpha at sourceware dot org, szabolcs dot nagy at arm dot com, Florian Weimer <fweimer at redhat dot com>
- Date: Wed, 25 Apr 2018 08:08:03 -0500
- Subject: Re: [PATCH] Increase robustness of internal dlopen() by using RTLD_NOW [BZ #22766]
- Autocrypt: addr=carlos at redhat dot com; prefer-encrypt=mutual; keydata= xsFNBFef5BoBEACvJ15QMMZh4stKHbz0rs78XsOdxuug37dumTx6ngrDCwZ61k7nHQ+uxLuo QvLSc6YJGBEfiNFbs1hvhRFNR7xJbzRYmin7kJZZ/06fH2cgTkQhN0mRBP8KsKKT+7SvvBL7 85ZfAhArWf5m5Tl0CktZ8yoG8g9dM4SgdvdSdzZUaWBVHc6TjdAb9YEQ1/jpyfHsQp+PWLuQ ZI8nZUm+I3IBDLkbbuJVQklKzpT1b8yxVSsHCyIPFRqDDUjPL5G4WnUVy529OzfrciBvHdxG sYYDV8FX7fv6V/S3eL6qmZbObivIbLD2NbeDqw6vNpr+aehEwgwNbMVuVfH1PVHJV8Qkgxg4 PqPgQC7GbIhxxYroGbLJCQ41j25M+oqCO/XW/FUu/9x0vY5w0RsZFhlmSP5lBDcaiy3SUgp3 MSTePGuxpPlLVMePxKvabSS7EErLKlrAEmDgnUYYdPqGCefA+5N9Rn2JPfP7SoQEp2pHhEyM 6Xg9x7TJ+JNuDowQCgwussmeDt2ZUeMl3s1f6/XePfTd3l8c8Yn5Fc8reRa28dFANU6oXiZf 7/h3iQXPg81BsLMJK3aA/nyajRrNxL8dHIx7BjKX0/gxpOozlUHZHl73KhAvrBRaqLrr2tIP LkKrf3d7wdz4llg4NAGIU4ERdTTne1QAwS6x2tNa9GO9tXGPawARAQABzSlDYXJsb3MgTydE b25lbGwgPGNhcmxvc0BzeXN0ZW1oYWx0ZWQub3JnPsLBgQQTAQIAKwIbAwYLCQgHAwIGFQgC CQoLBBYCAwECHgECF4ACGQEFAle9yycFCQPB+4cACgkQFnkrTqJTQPjGbA//VKfjZs1Bv0fW wWWwpIK5gFfU+TyKJ1jp3hjZPwM8Z+/tJdoio1CEWeMpg603FueiTYj5iYHi6ueWWCpF6Lro 1/vtLaeJJF29PByu/DsIc5MKXpwA4btoNGu1LkUsLP5ksNOzG2bWcorP4us7Lkho+6DuZTY1 SsM5Zh236TtAqaWbBczHUmIECZM616n/3Hjp0UN9WnlAw0izTkEcXh3MQd5IVh/bmgW6f60s TIc1D9GSHcJDZq0XYDllZv+hHSfmJry7zzeoA9CCVPqcMJ3aZcPYd6d9HHDyeTPxQ6ra0Nu7 i1glvNyDu1ZyZq//AOlm2Rhx5y2msblPLQuW6HcBDeOhJjXPZ5b8Rjw3TM9ZM/lSD63GMTuW yA9bBl+qpXqcEA87H5s1qg+JTrSXx76f0t4bNuL58Nj3ABxiPC8/yzlPJ8G+hIVp787HynEO /2fzWOmdUF8emAJ6GeVaGpwwV/U0AJY1n2zPmSMQdEgAP/m58psAnJ/p9aklDmG9EjH2solE uXBKIDnnPQi8sUxbt+ewtKB+XZkn+GgmXymLQjbiuRMnSoY1jdN9xOQSys7dRveZIQvLjOYJ GoiWyPM/yK2XiNoX90n8JB6snI7fIPAOXat9j42WrGn9qwlk6w3XU0ffWG8PMxfQwTIBPv2R PsUfK0GoDPCJL0uWrfXE1OfOwU0EV5/kGgEQAKvTJke+QSjATmz11ALKle/SSEpUwL5QOpt3 xomEATcYAamww0HADfGTKdUR+aWgOK3vqu6Sicr1zbuZjHCs2GaIgRoqh1HKVgCmaJYjizvi dHluqrox6qqc9PG0bWb0f5xGQw+X2z+bEinzv4qaep1G1OuYgvG49OpHTgZMiJq9ncHCxkD2 VEJKgMywGJ4Agdl+NWVn0T7w6J+/5QmBIE8hh4NzpYfrxzWCJ9iZ3skG4zBGB4YEacc3+oeE oybc10h6tqhQNrtIiSRJH+SUJvOiNH8oMXPLAjfFVy3d4BOgyxJhE0UhmQIQHMJxCBw81fQD 10d0dcru0rAIEldEpt2UXqOr0rOALDievMF/2BKQiOA7PbMC3/dwuNHDlClQzdjil8O7UsIg f3IMFaIbQoUEvjlgf5cm9a94gWABcfI1xadAq9vcIB5v+9fM71xDgdELnZThTd8LByrG99Ex VMcG2PZYXJllVDQDZqYA1PjD9e0yHq5whJi3BrZgwDaL5vYZEb1EMyH+BQLO3Zw/Caj8W6mo oGHgNveRQ1g9FYn3NUp7UvS22Zt/KW4pCpbgkQZefxupKO6QVNwwggV44cTQ37z5onGbNPD8 +2k2mmC0OEtGBkj+VH39tRk+uLOcuXlGNSVk3xOyxni0Nk9M0GvTvPKoah9gkvL/+AofN/31 ABEBAAHCwWUEGAECAA8CGwwFAle9yxIFCQPB+zAACgkQFnkrTqJTQPggQRAAhTX+TRu+M47v 5OzzPUNv+nW70MZQMIXkf4NueFyiPGyad44fNxC0gsmbQVIswPOxfqH0VSpil03iyTXzkI+y o0BdGfKO8fZ1PT70ZJkaj1t6tIBP17gM3VjftxNcYCwOnGgyDoODAb/8mF6oQZJ3JjOCVj8m wYk59/1cvjVffKzFhnkrPU+Xojz0ut7fy2uvrkzyx5bx/dD2x9Ft/YdFtGOceLLCnK4vET2E 4htjNVhSBWtSvxqv5uMJMAyN1UfG4BDMPNXPH80uSHjk2rpOb9yG6rQmdN64ZIIE/zCRAJ/s NCNiwq7UGZijRXMqt16qDelcqtQZMlIf+MU6pQpoiIZg1WKl6bZg8qPg8PW7xMxJcaraNka0 ajOzg2FzJxBfAIno4qaze8G5BMhud+MuA4ihXTphFolKuk9qSMpyCSVKakWhWSz2fwBbkLxG IRK/5o0MuU8xKhH9YH3w36lHMWkKWGUd5+YRihdthDljxeIAtr6XgWVKqlFeB3VimfL2fDaW 3w6yUkKfPiZ2rVAkj7Xi1ftJ46CSda0iwFRK+0Qu0aKiBL4aH+gFv6KbQYi81gonIc5DQ2xi txZ/miw3M9PT4/+X+fG5eXgaAhs4E1m+YwOUaHydnuCaK69JemZYiMiWLdZqzicbpAJidHSA ibHNRWhRbl/5Vl7TzYVDjJI=
- Openpgp: preference=signencrypt
- References: <20180425124256.6562-1-tuliom@linux.ibm.com>
On 04/25/2018 07:42 AM, Tulio Magno Quites Machado Filho wrote:
> Prevent random runtime crashes due to missing symbols caused by mixed
> libnss_* versions.
You are arguing that this should fail at the first call into the NSS
service, which causes the initial dlopen? That is OK with me.
An even further patch would be to load all NSS modules early, and that's
something Florian and I have discussed. However, I'm not recommending
you do that now, but I wanted to be clear about a direction that this
code might take. Eventually we need a mechanism that will also work for
static applications since we have deprecated dlopen there, but I'm not
sure what Florian's ideas might be in this area.
> 2018-04-25 Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>
>
> [BZ #22766]
> * include/dlfcn.h [__libc_dl_open]: Replace RTLD_LAZY with RTLD_NOW.
>
> Signed-off-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>
> ---
> include/dlfcn.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/include/dlfcn.h b/include/dlfcn.h
> index 12ef913e19..2c4bfe86b4 100644
> --- a/include/dlfcn.h
> +++ b/include/dlfcn.h
> @@ -32,7 +32,7 @@ extern char **__libc_argv attribute_hidden;
> /* Now define the internal interfaces. */
>
> #define __libc_dlopen(name) \
> - __libc_dlopen_mode (name, RTLD_LAZY | __RTLD_DLOPEN)
> + __libc_dlopen_mode (name, RTLD_NOW | __RTLD_DLOPEN)
> extern void *__libc_dlopen_mode (const char *__name, int __mode);
> extern void *__libc_dlsym (void *__map, const char *__name);
> extern void *__libc_dlvsym (void *map, const char *name, const char *version);
>
We should cleanup more.
sysdeps/gnu/unwind-resume.c: handle = __libc_dlopen_mode (LIBGCC_S_SO, RTLD_NOW | __RTLD_DLOPEN);
sysdeps/nptl/unwind-forcedunwind.c: handle = __libc_dlopen_mode (LIBGCC_S_SO, RTLD_NOW | __RTLD_DLOPEN);
Since we are now using RTLD_NOW:
* Switch back to __libc_dlopen (effectively reverting part of
Florian's 08c6e95234c, but leave the comments)
* Add a big comment in dlfcn.h to explain why RTLD_NOW is needed:
* Same comment as in commit 08c6e95234c, plus NSS case.
Thoughts?
--
Cheers,
Carlos.