[v10,2/4] elf: Fix initial-exec TLS access on audit modules (BZ #28096)
Checks
Context |
Check |
Description |
dj/TryBot-apply_patch |
success
|
Patch applied to master at the time it was sent
|
Commit Message
For audit modules and dependencies with initial-exec TLS, we can not
set the initial TLS image on default loader initialization because it
would already be set by the audit setup. However, subsequent thread
creation would need to follow the default behaviour.
This patch fixes it by setting l_auditing link_map field not only
for the audit modules, but also for all its dependencies. This is
used on _dl_allocate_tls_init to avoid the static TLS initialization
only at loading time.
Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu.
---
elf/Makefile | 8 ++++
elf/dl-load.c | 3 ++
elf/dl-tls.c | 13 +++++--
elf/rtld.c | 5 +--
elf/tst-audit21.c | 42 ++++++++++++++++++++
elf/tst-auditmod21a.c | 80 ++++++++++++++++++++++++++++++++++++++
elf/tst-auditmod21b.c | 22 +++++++++++
nptl/allocatestack.c | 2 +-
sysdeps/generic/ldsodefs.h | 2 +-
9 files changed, 168 insertions(+), 9 deletions(-)
create mode 100644 elf/tst-audit21.c
create mode 100644 elf/tst-auditmod21a.c
create mode 100644 elf/tst-auditmod21b.c
Comments
* Adhemerval Zanella via Libc-alpha:
> diff --git a/elf/dl-tls.c b/elf/dl-tls.c
> index 8ba70c9a9d..8ed91ff599 100644
> --- a/elf/dl-tls.c
> +++ b/elf/dl-tls.c
> @@ -520,7 +520,7 @@ _dl_resize_dtv (dtv_t *dtv, size_t max_modid)
>
>
> void *
> -_dl_allocate_tls_init (void *result)
> +_dl_allocate_tls_init (void *result, bool init_tls)
> {
> if (result == NULL)
> /* The memory allocation failed. */
> @@ -593,7 +593,14 @@ _dl_allocate_tls_init (void *result)
> some platforms use in static programs requires it. */
> dtv[map->l_tls_modid].pointer.val = dest;
>
> - /* Copy the initialization image and clear the BSS part. */
> + /* Copy the initialization image and clear the BSS part. For
> + audit modules or depedencies with initial-exec TLS, we can not
> + set the initial TLS image on default loader initialization
> + because it would already be set by the audit setup. However,
> + subsequent thread creation would need to follow the default
> + behaviour. */
> + if (__glibc_unlikely (map->l_auditing && !init_tls))
> + continue;
> memset (__mempcpy (dest, map->l_tls_initimage,
> map->l_tls_initimage_size), '\0',
> map->l_tls_blocksize - map->l_tls_initimage_size);
I don't understand why the map->l_auditing condition is correct.
Shouldn't it be
map->l_ns == LM_ID_BASE && !init_tls
? Everything else has been loaded via dlopen or dlmopen, so TLS
initialization for the main thread has already happened.
Thanks,
Florian
On 18/01/2022 08:33, Florian Weimer wrote:
> * Adhemerval Zanella via Libc-alpha:
>
>> diff --git a/elf/dl-tls.c b/elf/dl-tls.c
>> index 8ba70c9a9d..8ed91ff599 100644
>> --- a/elf/dl-tls.c
>> +++ b/elf/dl-tls.c
>> @@ -520,7 +520,7 @@ _dl_resize_dtv (dtv_t *dtv, size_t max_modid)
>>
>>
>> void *
>> -_dl_allocate_tls_init (void *result)
>> +_dl_allocate_tls_init (void *result, bool init_tls)
>> {
>> if (result == NULL)
>> /* The memory allocation failed. */
>> @@ -593,7 +593,14 @@ _dl_allocate_tls_init (void *result)
>> some platforms use in static programs requires it. */
>> dtv[map->l_tls_modid].pointer.val = dest;
>>
>> - /* Copy the initialization image and clear the BSS part. */
>> + /* Copy the initialization image and clear the BSS part. For
>> + audit modules or depedencies with initial-exec TLS, we can not
>> + set the initial TLS image on default loader initialization
>> + because it would already be set by the audit setup. However,
>> + subsequent thread creation would need to follow the default
>> + behaviour. */
>> + if (__glibc_unlikely (map->l_auditing && !init_tls))
>> + continue;
>> memset (__mempcpy (dest, map->l_tls_initimage,
>> map->l_tls_initimage_size), '\0',
>> map->l_tls_blocksize - map->l_tls_initimage_size);
>
> I don't understand why the map->l_auditing condition is correct.
> Shouldn't it be
>
> map->l_ns == LM_ID_BASE && !init_tls
>
> ? Everything else has been loaded via dlopen or dlmopen, so TLS
> initialization for the main thread has already happened.
This is not suffice (I tried before in fact) because we need to skip
solely for the audit modules and dependencies at the startup. For
instance with tst-audit21 we have with some _dl_debug_printf to
show what is happening
1533769: [rtld.c:966] load_audit_module
1533769: [rtld.c:973] load_audit_module
1533769: [rtld.c:2465] dl_main
1533769: [../elf/dl-tls.c:603] map->l_name= map->l_ns=0 map->l_auditing=0 init_tls=0 [INIT]
1533769: [../elf/dl-tls.c:603] map->l_name=[...]/elf/tst-auditmod21a.so map->l_ns=1 map->l_auditing=1 init_tls=0
1533769: [../elf/dl-tls.c:603] map->l_name=[...]/libc.so.6 map->l_ns=1 map->l_auditing=1 init_tls=0
1533769: [../elf/dl-tls.c:603] map->l_name=[...]/libc.so.6 map->l_ns=0 map->l_auditing=0 init_tls=0 [INIT]
1533769: [../elf/dl-tls.c:621]
1533769: [rtld.c:2467] dl_main
[allocatestack.c:435] allocate_stack
1533769: [../elf/dl-tls.c:633] _dl_allocate_tls
1533769: [../elf/dl-tls.c:603] map->l_name= map->l_ns=0 map->l_auditing=0 init_tls=1 [INIT]
1533769: [../elf/dl-tls.c:603] [...]/elf/tst-auditmod21a.so map->l_ns=1 map->l_auditing=1 init_tls=1 [INIT]
1533769: [../elf/dl-tls.c:603] [...]/libc.so.6 map->l_ns=1 map->l_auditing=1 init_tls=1 [INIT]
1533769: [../elf/dl-tls.c:603] [...]/libc.so.6 map->l_ns=0 map->l_auditing=0 init_tls=1 [INIT]
1533769: [../elf/dl-tls.c:621]
1533769: [../elf/dl-tls.c:642] _dl_allocate_tls
[allocatestack.c:446] allocate_stack
So we need to avoid initialization only for the libc.so loading by audit libraries,
the default one should still be initialized (marked as [INIT]). Later when new
threads are created we need to initialized everything.
* Adhemerval Zanella:
> On 18/01/2022 08:33, Florian Weimer wrote:
>> * Adhemerval Zanella via Libc-alpha:
>>
>>> diff --git a/elf/dl-tls.c b/elf/dl-tls.c
>>> index 8ba70c9a9d..8ed91ff599 100644
>>> --- a/elf/dl-tls.c
>>> +++ b/elf/dl-tls.c
>>> @@ -520,7 +520,7 @@ _dl_resize_dtv (dtv_t *dtv, size_t max_modid)
>>>
>>>
>>> void *
>>> -_dl_allocate_tls_init (void *result)
>>> +_dl_allocate_tls_init (void *result, bool init_tls)
>>> {
>>> if (result == NULL)
>>> /* The memory allocation failed. */
>>> @@ -593,7 +593,14 @@ _dl_allocate_tls_init (void *result)
>>> some platforms use in static programs requires it. */
>>> dtv[map->l_tls_modid].pointer.val = dest;
>>>
>>> - /* Copy the initialization image and clear the BSS part. */
>>> + /* Copy the initialization image and clear the BSS part. For
>>> + audit modules or depedencies with initial-exec TLS, we can not
>>> + set the initial TLS image on default loader initialization
>>> + because it would already be set by the audit setup. However,
>>> + subsequent thread creation would need to follow the default
>>> + behaviour. */
>>> + if (__glibc_unlikely (map->l_auditing && !init_tls))
>>> + continue;
>>> memset (__mempcpy (dest, map->l_tls_initimage,
>>> map->l_tls_initimage_size), '\0',
>>> map->l_tls_blocksize - map->l_tls_initimage_size);
>>
>> I don't understand why the map->l_auditing condition is correct.
>> Shouldn't it be
>>
>> map->l_ns == LM_ID_BASE && !init_tls
Not sure if this is what I meant, the “continue” inverts the condition.
The initialization should happen for pthread_create or l_ns == LM_ID_BASE.
>> ? Everything else has been loaded via dlopen or dlmopen, so TLS
>> initialization for the main thread has already happened.
>
> This is not suffice (I tried before in fact) because we need to skip
> solely for the audit modules and dependencies at the startup. For
> instance with tst-audit21 we have with some _dl_debug_printf to
> show what is happening
>
> 1533769: [rtld.c:966] load_audit_module
> 1533769: [rtld.c:973] load_audit_module
> 1533769: [rtld.c:2465] dl_main
> 1533769: [../elf/dl-tls.c:603] map->l_name= map->l_ns=0 map->l_auditing=0 init_tls=0 [INIT]
> 1533769: [../elf/dl-tls.c:603] map->l_name=[...]/elf/tst-auditmod21a.so map->l_ns=1 map->l_auditing=1 init_tls=0
> 1533769: [../elf/dl-tls.c:603] map->l_name=[...]/libc.so.6 map->l_ns=1 map->l_auditing=1 init_tls=0
> 1533769: [../elf/dl-tls.c:603] map->l_name=[...]/libc.so.6 map->l_ns=0 map->l_auditing=0 init_tls=0 [INIT]
> 1533769: [../elf/dl-tls.c:621]
> 1533769: [rtld.c:2467] dl_main
> [allocatestack.c:435] allocate_stack
> 1533769: [../elf/dl-tls.c:633] _dl_allocate_tls
> 1533769: [../elf/dl-tls.c:603] map->l_name= map->l_ns=0 map->l_auditing=0 init_tls=1 [INIT]
> 1533769: [../elf/dl-tls.c:603] [...]/elf/tst-auditmod21a.so map->l_ns=1 map->l_auditing=1 init_tls=1 [INIT]
> 1533769: [../elf/dl-tls.c:603] [...]/libc.so.6 map->l_ns=1 map->l_auditing=1 init_tls=1 [INIT]
> 1533769: [../elf/dl-tls.c:603] [...]/libc.so.6 map->l_ns=0 map->l_auditing=0 init_tls=1 [INIT]
> 1533769: [../elf/dl-tls.c:621]
> 1533769: [../elf/dl-tls.c:642] _dl_allocate_tls
> [allocatestack.c:446] allocate_stack
>
>
> So we need to avoid initialization only for the libc.so loading by
> audit libraries, the default one should still be initialized (marked
> as [INIT]). Later when new threads are created we need to initialized
> everything.
That's what I tried to express with the LM_ID_BASE check.
Thanks,
Florian
On 18/01/2022 10:02, Florian Weimer wrote:
> * Adhemerval Zanella:
>
>> On 18/01/2022 08:33, Florian Weimer wrote:
>>> * Adhemerval Zanella via Libc-alpha:
>>>
>>>> diff --git a/elf/dl-tls.c b/elf/dl-tls.c
>>>> index 8ba70c9a9d..8ed91ff599 100644
>>>> --- a/elf/dl-tls.c
>>>> +++ b/elf/dl-tls.c
>>>> @@ -520,7 +520,7 @@ _dl_resize_dtv (dtv_t *dtv, size_t max_modid)
>>>>
>>>>
>>>> void *
>>>> -_dl_allocate_tls_init (void *result)
>>>> +_dl_allocate_tls_init (void *result, bool init_tls)
>>>> {
>>>> if (result == NULL)
>>>> /* The memory allocation failed. */
>>>> @@ -593,7 +593,14 @@ _dl_allocate_tls_init (void *result)
>>>> some platforms use in static programs requires it. */
>>>> dtv[map->l_tls_modid].pointer.val = dest;
>>>>
>>>> - /* Copy the initialization image and clear the BSS part. */
>>>> + /* Copy the initialization image and clear the BSS part. For
>>>> + audit modules or depedencies with initial-exec TLS, we can not
>>>> + set the initial TLS image on default loader initialization
>>>> + because it would already be set by the audit setup. However,
>>>> + subsequent thread creation would need to follow the default
>>>> + behaviour. */
>>>> + if (__glibc_unlikely (map->l_auditing && !init_tls))
>>>> + continue;
>>>> memset (__mempcpy (dest, map->l_tls_initimage,
>>>> map->l_tls_initimage_size), '\0',
>>>> map->l_tls_blocksize - map->l_tls_initimage_size);
>>>
>>> I don't understand why the map->l_auditing condition is correct.
>>> Shouldn't it be
>>>
>>> map->l_ns == LM_ID_BASE && !init_tls
>
> Not sure if this is what I meant, the “continue” inverts the condition.
>
> The initialization should happen for pthread_create or l_ns == LM_ID_BASE.
>
>>> ? Everything else has been loaded via dlopen or dlmopen, so TLS
>>> initialization for the main thread has already happened.
>>
>> This is not suffice (I tried before in fact) because we need to skip
>> solely for the audit modules and dependencies at the startup. For
>> instance with tst-audit21 we have with some _dl_debug_printf to
>> show what is happening
>>
>> 1533769: [rtld.c:966] load_audit_module
>> 1533769: [rtld.c:973] load_audit_module
>> 1533769: [rtld.c:2465] dl_main
>> 1533769: [../elf/dl-tls.c:603] map->l_name= map->l_ns=0 map->l_auditing=0 init_tls=0 [INIT]
>> 1533769: [../elf/dl-tls.c:603] map->l_name=[...]/elf/tst-auditmod21a.so map->l_ns=1 map->l_auditing=1 init_tls=0
>> 1533769: [../elf/dl-tls.c:603] map->l_name=[...]/libc.so.6 map->l_ns=1 map->l_auditing=1 init_tls=0
>> 1533769: [../elf/dl-tls.c:603] map->l_name=[...]/libc.so.6 map->l_ns=0 map->l_auditing=0 init_tls=0 [INIT]
>> 1533769: [../elf/dl-tls.c:621]
>> 1533769: [rtld.c:2467] dl_main
>> [allocatestack.c:435] allocate_stack
>> 1533769: [../elf/dl-tls.c:633] _dl_allocate_tls
>> 1533769: [../elf/dl-tls.c:603] map->l_name= map->l_ns=0 map->l_auditing=0 init_tls=1 [INIT]
>> 1533769: [../elf/dl-tls.c:603] [...]/elf/tst-auditmod21a.so map->l_ns=1 map->l_auditing=1 init_tls=1 [INIT]
>> 1533769: [../elf/dl-tls.c:603] [...]/libc.so.6 map->l_ns=1 map->l_auditing=1 init_tls=1 [INIT]
>> 1533769: [../elf/dl-tls.c:603] [...]/libc.so.6 map->l_ns=0 map->l_auditing=0 init_tls=1 [INIT]
>> 1533769: [../elf/dl-tls.c:621]
>> 1533769: [../elf/dl-tls.c:642] _dl_allocate_tls
>> [allocatestack.c:446] allocate_stack
>>
>>
>> So we need to avoid initialization only for the libc.so loading by
>> audit libraries, the default one should still be initialized (marked
>> as [INIT]). Later when new threads are created we need to initialized
>> everything.
>
> That's what I tried to express with the LM_ID_BASE check.
The problem is 'map->l_ns == LM_ID_BASE && !init_tls' will not initilize
the required libc.so for main application during audit module loading.
With tst-audit21:
1593586: [rtld.c:965] load_audit_module
1593586: [rtld.c:972] load_audit_module
1593586: [rtld.c:2464] dl_main
1593586: [../elf/dl-tls.c:605] map->l_name= map->l_ns=0 map->l_auditing=0 init_tls=0
1593586: [../elf/dl-tls.c:610] map->l_name=[...]/elf/tst-auditmod21a.so map->l_ns=1 map->l_auditing=1 init_tls=0 [INIT]
1593586: [../elf/dl-tls.c:610] map->l_name=[...]/libc.so.6 map->l_ns=1 map->l_auditing=1 init_tls=0 [INIT]
1593586: [../elf/dl-tls.c:605] map->l_name=[...]/libc.so.6 map->l_ns=0 map->l_auditing=0 init_tls=0
1593586: [../elf/dl-tls.c:627]
1593586: [rtld.c:2466] dl_main
Segmentation fault (core dumped)
* Adhemerval Zanella:
>>> So we need to avoid initialization only for the libc.so loading by
>>> audit libraries, the default one should still be initialized (marked
>>> as [INIT]). Later when new threads are created we need to initialized
>>> everything.
>>
>> That's what I tried to express with the LM_ID_BASE check.
>
> The problem is 'map->l_ns == LM_ID_BASE && !init_tls' will not initilize
> the required libc.so for main application during audit module loading.
> With tst-audit21:
>
> 1593586: [rtld.c:965] load_audit_module
> 1593586: [rtld.c:972] load_audit_module
> 1593586: [rtld.c:2464] dl_main
> 1593586: [../elf/dl-tls.c:605] map->l_name= map->l_ns=0 map->l_auditing=0 init_tls=0
> 1593586: [../elf/dl-tls.c:610] map->l_name=[...]/elf/tst-auditmod21a.so map->l_ns=1 map->l_auditing=1 init_tls=0 [INIT]
> 1593586: [../elf/dl-tls.c:610] map->l_name=[...]/libc.so.6 map->l_ns=1 map->l_auditing=1 init_tls=0 [INIT]
> 1593586: [../elf/dl-tls.c:605] map->l_name=[...]/libc.so.6 map->l_ns=0 map->l_auditing=0 init_tls=0
> 1593586: [../elf/dl-tls.c:627]
> 1593586: [rtld.c:2466] dl_main
> Segmentation fault (core dumped)
Looks like the condition is simply reversed? [INIT] should only appear
for map->l_ns == 0, right?
Thanks,
Florian
On 18/01/2022 10:29, Florian Weimer wrote:
> * Adhemerval Zanella:
>
>>>> So we need to avoid initialization only for the libc.so loading by
>>>> audit libraries, the default one should still be initialized (marked
>>>> as [INIT]). Later when new threads are created we need to initialized
>>>> everything.
>>>
>>> That's what I tried to express with the LM_ID_BASE check.
>>
>> The problem is 'map->l_ns == LM_ID_BASE && !init_tls' will not initilize
>> the required libc.so for main application during audit module loading.
>> With tst-audit21:
>>
>> 1593586: [rtld.c:965] load_audit_module
>> 1593586: [rtld.c:972] load_audit_module
>> 1593586: [rtld.c:2464] dl_main
>> 1593586: [../elf/dl-tls.c:605] map->l_name= map->l_ns=0 map->l_auditing=0 init_tls=0
>> 1593586: [../elf/dl-tls.c:610] map->l_name=[...]/elf/tst-auditmod21a.so map->l_ns=1 map->l_auditing=1 init_tls=0 [INIT]
>> 1593586: [../elf/dl-tls.c:610] map->l_name=[...]/libc.so.6 map->l_ns=1 map->l_auditing=1 init_tls=0 [INIT]
>> 1593586: [../elf/dl-tls.c:605] map->l_name=[...]/libc.so.6 map->l_ns=0 map->l_auditing=0 init_tls=0
>> 1593586: [../elf/dl-tls.c:627]
>> 1593586: [rtld.c:2466] dl_main
>> Segmentation fault (core dumped)
>
> Looks like the condition is simply reversed? [INIT] should only appear
> for map->l_ns == 0, right?
Hum, 'if (map->l_ns != LM_ID_BASE && !init_tls)' seems correct indeed.
Let me run a full make check to certify it.
On 18/01/2022 10:33, Adhemerval Zanella wrote:
>
>
> On 18/01/2022 10:29, Florian Weimer wrote:
>> * Adhemerval Zanella:
>>
>>>>> So we need to avoid initialization only for the libc.so loading by
>>>>> audit libraries, the default one should still be initialized (marked
>>>>> as [INIT]). Later when new threads are created we need to initialized
>>>>> everything.
>>>>
>>>> That's what I tried to express with the LM_ID_BASE check.
>>>
>>> The problem is 'map->l_ns == LM_ID_BASE && !init_tls' will not initilize
>>> the required libc.so for main application during audit module loading.
>>> With tst-audit21:
>>>
>>> 1593586: [rtld.c:965] load_audit_module
>>> 1593586: [rtld.c:972] load_audit_module
>>> 1593586: [rtld.c:2464] dl_main
>>> 1593586: [../elf/dl-tls.c:605] map->l_name= map->l_ns=0 map->l_auditing=0 init_tls=0
>>> 1593586: [../elf/dl-tls.c:610] map->l_name=[...]/elf/tst-auditmod21a.so map->l_ns=1 map->l_auditing=1 init_tls=0 [INIT]
>>> 1593586: [../elf/dl-tls.c:610] map->l_name=[...]/libc.so.6 map->l_ns=1 map->l_auditing=1 init_tls=0 [INIT]
>>> 1593586: [../elf/dl-tls.c:605] map->l_name=[...]/libc.so.6 map->l_ns=0 map->l_auditing=0 init_tls=0
>>> 1593586: [../elf/dl-tls.c:627]
>>> 1593586: [rtld.c:2466] dl_main
>>> Segmentation fault (core dumped)
>>
>> Looks like the condition is simply reversed? [INIT] should only appear
>> for map->l_ns == 0, right?
>
> Hum, 'if (map->l_ns != LM_ID_BASE && !init_tls)' seems correct indeed.
> Let me run a full make check to certify it.
Yes, it is correct. I will remove the 'l_auditing' field.
On 18/01/2022 10:46, Adhemerval Zanella wrote:
>
>
> On 18/01/2022 10:33, Adhemerval Zanella wrote:
>>
>>
>> On 18/01/2022 10:29, Florian Weimer wrote:
>>> * Adhemerval Zanella:
>>>
>>>>>> So we need to avoid initialization only for the libc.so loading by
>>>>>> audit libraries, the default one should still be initialized (marked
>>>>>> as [INIT]). Later when new threads are created we need to initialized
>>>>>> everything.
>>>>>
>>>>> That's what I tried to express with the LM_ID_BASE check.
>>>>
>>>> The problem is 'map->l_ns == LM_ID_BASE && !init_tls' will not initilize
>>>> the required libc.so for main application during audit module loading.
>>>> With tst-audit21:
>>>>
>>>> 1593586: [rtld.c:965] load_audit_module
>>>> 1593586: [rtld.c:972] load_audit_module
>>>> 1593586: [rtld.c:2464] dl_main
>>>> 1593586: [../elf/dl-tls.c:605] map->l_name= map->l_ns=0 map->l_auditing=0 init_tls=0
>>>> 1593586: [../elf/dl-tls.c:610] map->l_name=[...]/elf/tst-auditmod21a.so map->l_ns=1 map->l_auditing=1 init_tls=0 [INIT]
>>>> 1593586: [../elf/dl-tls.c:610] map->l_name=[...]/libc.so.6 map->l_ns=1 map->l_auditing=1 init_tls=0 [INIT]
>>>> 1593586: [../elf/dl-tls.c:605] map->l_name=[...]/libc.so.6 map->l_ns=0 map->l_auditing=0 init_tls=0
>>>> 1593586: [../elf/dl-tls.c:627]
>>>> 1593586: [rtld.c:2466] dl_main
>>>> Segmentation fault (core dumped)
>>>
>>> Looks like the condition is simply reversed? [INIT] should only appear
>>> for map->l_ns == 0, right?
>>
>> Hum, 'if (map->l_ns != LM_ID_BASE && !init_tls)' seems correct indeed.
>> Let me run a full make check to certify it.
>
> Yes, it is correct. I will remove the 'l_auditing' field.
Oops, the 'l_auditing' usage I meant.
@@ -374,6 +374,7 @@ tests += \
tst-audit18 \
tst-audit19b \
tst-audit20 \
+ tst-audit21 \
tst-audit22 \
tst-audit23 \
tst-auditmany \
@@ -681,6 +682,8 @@ modules-names = \
tst-auditmod19a \
tst-auditmod19b \
tst-auditmod20 \
+ tst-auditmod21a \
+ tst-auditmod21b \
tst-auditmod22 \
tst-auditmod23 \
tst-auxvalmod \
@@ -2113,6 +2116,11 @@ tst-audit19b-ARGS = -- $(host-test-program-cmd)
$(objpfx)tst-audit20.out: $(objpfx)tst-auditmod20.so
tst-audit20-ENV = LD_AUDIT=$(objpfx)tst-auditmod20.so
+$(objpfx)tst-audit21: $(shared-thread-library)
+$(objpfx)tst-audit21.out: $(objpfx)tst-auditmod21a.so
+$(objpfx)tst-auditmod21a.so: $(objpfx)tst-auditmod21b.so
+tst-audit21-ENV = LD_AUDIT=$(objpfx)tst-auditmod21a.so
+
$(objpfx)tst-audit22.out: $(objpfx)tst-auditmod22.so
tst-audit22-ARGS = -- $(host-test-program-cmd)
@@ -1502,6 +1502,9 @@ cannot enable executable stack as shared object requires");
/* Auditing checkpoint: we have a new object. */
if (!GL(dl_ns)[l->l_ns]._ns_loaded->l_auditing)
_dl_audit_objopen (l, nsid);
+
+ if ((mode & __RTLD_AUDIT))
+ l->l_auditing = 1;
#endif
return l;
@@ -520,7 +520,7 @@ _dl_resize_dtv (dtv_t *dtv, size_t max_modid)
void *
-_dl_allocate_tls_init (void *result)
+_dl_allocate_tls_init (void *result, bool init_tls)
{
if (result == NULL)
/* The memory allocation failed. */
@@ -593,7 +593,14 @@ _dl_allocate_tls_init (void *result)
some platforms use in static programs requires it. */
dtv[map->l_tls_modid].pointer.val = dest;
- /* Copy the initialization image and clear the BSS part. */
+ /* Copy the initialization image and clear the BSS part. For
+ audit modules or depedencies with initial-exec TLS, we can not
+ set the initial TLS image on default loader initialization
+ because it would already be set by the audit setup. However,
+ subsequent thread creation would need to follow the default
+ behaviour. */
+ if (__glibc_unlikely (map->l_auditing && !init_tls))
+ continue;
memset (__mempcpy (dest, map->l_tls_initimage,
map->l_tls_initimage_size), '\0',
map->l_tls_blocksize - map->l_tls_initimage_size);
@@ -620,7 +627,7 @@ _dl_allocate_tls (void *mem)
{
return _dl_allocate_tls_init (mem == NULL
? _dl_allocate_tls_storage ()
- : allocate_dtv (mem));
+ : allocate_dtv (mem), true);
}
rtld_hidden_def (_dl_allocate_tls)
@@ -1062,9 +1062,6 @@ ERROR: audit interface '%s' requires version %d (maximum supported version %d);
= (intptr_t) &GL (dl_rtld_map);
++GLRO(dl_naudit);
-
- /* Mark the DSO as being used for auditing. */
- dlmargs.map->l_auditing = 1;
}
/* Load all audit modules. */
@@ -2462,7 +2459,7 @@ dl_main (const ElfW(Phdr) *phdr,
into the main thread's TLS area, which we allocated above.
Note: thread-local variables must only be accessed after completing
the next step. */
- _dl_allocate_tls_init (tcbp);
+ _dl_allocate_tls_init (tcbp, false);
/* And finally install it for the main thread. */
if (! tls_init_tp_called)
new file mode 100644
@@ -0,0 +1,42 @@
+/* Check DT_AUDIT with static TLS.
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <ctype.h>
+#include <support/xthread.h>
+#include <support/check.h>
+
+static volatile __thread int out __attribute__ ((tls_model ("initial-exec")));
+
+static void *
+tf (void *arg)
+{
+ TEST_COMPARE (out, 0);
+ out = isspace (' ');
+ return NULL;
+}
+
+int main (int argc, char *argv[])
+{
+ TEST_COMPARE (out, 0);
+ out = isspace (' ');
+
+ pthread_t t = xpthread_create (NULL, tf, NULL);
+ xpthread_join (t);
+
+ return 0;
+}
new file mode 100644
@@ -0,0 +1,80 @@
+/* Check DT_AUDIT with static TLS.
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <ctype.h>
+#include <stdlib.h>
+#include <link.h>
+
+#define tls_ie __attribute__ ((tls_model ("initial-exec")))
+
+__thread int tls_var0 tls_ie;
+__thread int tls_var1 tls_ie = 0x10;
+
+/* Defined at tst-auditmod21b.so */
+extern __thread int tls_var2;
+extern __thread int tls_var3;
+
+static volatile int out;
+
+static void
+call_libc (void)
+{
+ /* isspace access the initial-exec glibc TLS variables, which are
+ setup in glibc initialization. */
+ out = isspace (' ');
+}
+
+unsigned int
+la_version (unsigned int v)
+{
+ tls_var0 = 0x1;
+ if (tls_var1 != 0x10)
+ abort ();
+ tls_var1 = 0x20;
+
+ tls_var2 = 0x2;
+ if (tls_var3 != 0x20)
+ abort ();
+ tls_var3 = 0x40;
+
+ call_libc ();
+
+ return LAV_CURRENT;
+}
+
+unsigned int
+la_objopen (struct link_map* map, Lmid_t lmid, uintptr_t* cookie)
+{
+ call_libc ();
+ *cookie = (uintptr_t) map;
+ return 0;
+}
+
+void
+la_activity (uintptr_t* cookie, unsigned int flag)
+{
+ if (tls_var0 != 0x1 || tls_var1 != 0x20)
+ abort ();
+ call_libc ();
+}
+
+void
+la_preinit (uintptr_t* cookie)
+{
+ call_libc ();
+}
new file mode 100644
@@ -0,0 +1,22 @@
+/* Check DT_AUDIT with static TLS.
+ Copyright (C) 2021 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#define tls_ie __attribute__ ((tls_model ("initial-exec")))
+
+__thread int tls_var2 tls_ie;
+__thread int tls_var3 tls_ie = 0x20;
@@ -138,7 +138,7 @@ get_cached_stack (size_t *sizep, void **memp)
memset (dtv, '\0', (dtv[-1].counter + 1) * sizeof (dtv_t));
/* Re-initialize the TLS. */
- _dl_allocate_tls_init (TLS_TPADJ (result));
+ _dl_allocate_tls_init (TLS_TPADJ (result), true);
return result;
}
@@ -1282,7 +1282,7 @@ extern void _dl_allocate_static_tls (struct link_map *map) attribute_hidden;
/* These are internal entry points to the two halves of _dl_allocate_tls,
only used within rtld.c itself at startup time. */
extern void *_dl_allocate_tls_storage (void) attribute_hidden;
-extern void *_dl_allocate_tls_init (void *);
+extern void *_dl_allocate_tls_init (void *, bool);
rtld_hidden_proto (_dl_allocate_tls_init)
/* Deallocate memory allocated with _dl_allocate_tls. */