Backporting LD_AUDIT fixes to the glibc 2.34 release branch?
Carlos O'Donell
carlos@redhat.com
Tue Mar 29 20:46:36 GMT 2022
I have the opportunity to backport the LD_AUDIT fixes to glibc 2.34.
In total the set looks like this (no regressions on x86_64 and some minor
conflicts):
80a08d0faa9b224019f895800c4d97de4e23e1aa - Fix elf/tst-audit25a with default bind now toolchains
ce9a68c57c260c8417afc93972849ac9ad243ec4 - elf: Fix runtime linker auditing on aarch64 (BZ #26643)
32612615c58b394c3eb09f020f31310797ad3854 - elf: Issue la_symbind for bind-now (BZ #23734)
54816ae98d57930b7c945f17485714a5574bfe47 - elf: Move LAV_CURRENT to link_lavcurrent.h
254d3d5aef2fd8430c469e1938209ac100ebf132 - elf: Fix initial-exec TLS access on audit modules (BZ #28096)
484e672ddabe0a919a692520e6ac8f2580866235 - elf: Do not fail for failed dlmopen on audit modules (BZ #28061)
5fa11a2bc94c912c3b25860065086902674537ba - elf: Add la_activity during application exit
f0e23d34a7bdf6b90fba954ee741419171ac41b2 - elf: Issue audit la_objopen for vDSO
d1b38173c9255b1a4ae00018ad9b35404a7c74d0 - elf: Add audit tests for modules with TLSDESC
063f9ba220f434c7f30dd65c4cff17c0c458a7cf - elf: Avoid unnecessary slowdown from profiling with audit (BZ#15533)
8c0664e2b861fd3789602cc0b0b1922b0e20cb3a - elf: Add _dl_audit_pltexit
eff687e8462b0eaf65992a6031b54a4b1cd16796 - elf: Add _dl_audit_pltenter
0b98a8748759e88b58927882a8714109abe0a2d6 - elf: Add _dl_audit_preinit
cda4f265c65fb6c4ce38ca1cf0a7e527c5e77cd5 - elf: Add _dl_audit_symbind_alt and _dl_audit_symbind
311c9ee54ea963ff69bd3a2e6981c37e893b4c3e - elf: Add _dl_audit_objclose
c91008d3490e4e3ce29520068405f081f0d368ca - elf: Add _dl_audit_objsearch
3dac3959a5cb585b065cef2cb8a8d909c907e202 - elf: Add _dl_audit_activity_map and _dl_audit_activity_nsid
aee6e90f93e285016b6cd9c8bd00402c19ba271b - elf: Add _dl_audit_objopen
ed3ce71f5c64c5f07cbde0ef03554ea8950d8f2c - elf: Move la_activity (LA_ACT_ADD) after _dl_add_to_namespace_list() (BZ #28062)
d6d89608ac8cf2b37c75debad1fff653f6939f90 - elf: Fix dynamic-link.h usage on rtld.c
4af6982e4c9fc465ffb7a54b794aaaa134241f05 - elf: Fix elf_get_dynamic_info definition
490e6c62aa31a8aa5c4a059f6e646ede121edf0a - elf: Avoid nested functions in the loader [BZ #27220]
I exclude the _r_debug changes (3 commits) because of the gdb and tooling
impact. I have the option to add one more commit to reinstate tst-audit17
(haven't tested it yet).
Backporting these changes to glibc 2.34 release branch would allow me to more
easily make them available in Fedora 35 (Fedora 36 already has them) and share
their overall maintenance with other distributions.
The downsides are as follows:
- LAV_CURRENT is bumped, so existing auditors would need to be rebuilt.
- The loader will not load the old auditors and the error message is clear.
The upsides are that we get LD_AUDIT fixed and have wider coverage for the
recent changes.
I expect the most impacted distributions will be Debian/Ubuntu since they
actively use the release branches like Fedora.
Aurelien,
Any objections?
Michael,
Any objections?
Andreas,
Would a backport into 2.34 release branch impact OpenSUSE? Any objections?
--
Cheers,
Carlos.
More information about the Libc-alpha
mailing list