[PATCH v5 04/22] elf: Suppress audit calls when a (new) namespace is empty (BZ #28062)

Adhemerval Zanella adhemerval.zanella@linaro.org
Thu Nov 11 13:02:30 GMT 2021



On 11/11/2021 09:33, Florian Weimer wrote:
> * Adhemerval Zanella:
> 
>>> Hmm.  I had a peeked at the Solaris documentation, and it says that
>>> LA_ACT_ADD uses the head link map of the namespace as a cookie.
>>>
>>> I really dislike that we produce a LA_ACT_DELETE without the
>>> corresponding LA_ACT_ADD due to this issue.
>>>
>>> Can we use the link map allocated used _dl_new_object as the cookie if
>>> the namespace is empty?  This seems like the right thing to do here.
>>> The allocation happens just a few lines further down.
>>
>> But afaiu the LA_ACT_ADD activity is to inform already loaded objects
>> that a new object is being processed.  Both man-pages and Solaris
>> documentation states 'objects are *being added*...', so I think passing
>> the cookie of the new allocated is not what the interface is suppose
>> to do.
> 
> It's the only way to get a matching LA_ACT_DELETE call with the same
> cookie.  It's not particularly clean, I agree, but I think it's better
> than a dropped LA_ACT_ADD.

I think we can move the la_activity (LA_ACT_ADD) *after*
_dl_add_to_namespace_list() on _dl_map_object_from_fd(), so the 
GL(dl_ns)[nsid]._ns_loaded is always valid and it will call both
LA_ACT_ADD and LA_ACT_DELETE will a consistent set of cookies.


More information about the Libc-alpha mailing list