mbox series

[RFC,v7,00/20] Implementation of RTLD_SHARED for dlmopen

Message ID 20201216132650.22949-1-vivek@collabora.com
Headers show
Series Implementation of RTLD_SHARED for dlmopen | expand

Message

Vivek Das Mohapatra Dec. 16, 2020, 1:26 p.m. UTC 
This is a revision of a previous patchset that I posted here
regarding https://sourceware.org/bugzilla/show_bug.cgi?id=22745 

Introduction:

=======================================================================
  As discussed in the URL above dlmopen requires a mechanism for
  [optionally] sharing some objects between more than one namespace.

  The following patchset provides an implementation for this: If an
  object is loaded with the new RTLD_SHARED flag we instead ensure
  that a "master" copy exists (and is flagged as no-delete) in the
  main namespace and a thin wrapper or clone is placed in the target
  namespace.

  This patch series should address all the comments received on the
  earlier (v1) series, and fixes a bug in the previous (v2) series
  which left the r_debug struct in an inconsistent state when creating
  a proxy triggered the initial load of a DSO into the main namespace.
=======================================================================

In addition this patch series implements the following:

 - dlmopen will implicitly apply RTLD_SHARED to the libc/libpthread group
   (requires a patched binutils/ld so that the libc family DSOs can
   be flagged as requiring this behaviour)

   - binutils patchset accepted upstream;
   - https://sourceware.org/git/?p=binutils-gdb.git
   - commit 8a87b2791181eb7fc1533ffaeb95df8d87d41493

 - LD_AUDIT paths will NOT apply this implict sharing rule:
   audit libraries will continue to be completely isolated.

 - The mechanism for tagging DSOs as implicitly shared has been changed
   from a DT_FLAGS_1 flag to a DT_VALRNGHI/LO range dynamic section tag.
   (Based on feedback on the binutils side of this patch series).

  - DT_GNU_FLAGS_1/DF_GNU_1_UNIQUE

 - A flag RTLD_ISOLATE which is used inernally to suppress RTLD_SHARED
   behaviour when audit libraries are being loaded, and is also made available
   to users who really want a completely separate copy of glibc in their new
   namespace.

 - Tests for the new dlmopen behaviour

 - Adds the unique dso flag to htl/libpthread.so as well as nptl

I have not yet implemented, but plan to address once this series is
accepted/acceptable:

 - Sensible RTLD_GLOBAL semantics for dlmopened DSOs in non-base namespaces

 - dl_iterate_ns_phdr (cf dl_iterate_phdr but taking a namespace argument)

Vivek Das Mohapatra (20):
  Declare and describe the dlmopen RTLD_SHARED flag
  include/link.h: Update the link_map struct to allow proxies
  elf/dl-object.c: Implement a helper function to proxy link_map entries
  elf/dl-load.c, elf-dl-open.c: Implement RTLD_SHARED dlmopen proxying
  elf/dl-fini.c: Handle proxy link_map entries in the shutdown path
  elf/dl-init.c: Skip proxied link map entries in the dl init path
  elf/dl-open.c: Don't try libc linit in namespaces with no libc mapping
  elf/dl-open.c: when creating a proxy check the libc_map in NS 0
  Define a new dynamic section tag - DT_GNU_FLAGS_1
  Abstract the loaded-DSO search code into a private helper function
  Compare loaded DSOs by file ID and check for DF_GNU_1_UNIQUE
  Use the new DSO finder helper function since we have it
  Use the DSO search helper to check for preloaded DT_GNU_UNIQUE DSOs
  When loading DSOs into alternate namespaces check for DT_GNU_UNIQUE
  Suppress audit calls when a (new) namespace is empty
  Suppress inter-namespace DSO sharing for audit libraries
  dlsym, dlvsym should be able to look up symbols via DSO proxies
  Add DT_GNU_FLAGS_1/DF_GNU_1_UNIQUE dynamic section+flag to glibc DSOs
  Add dlmopen / RTLD_SHARED tests
  Restore separate libc loading for the TLS/namespace storage test

 Makeconfig                           |    1 +
 Makerules                            |    2 +-
 bits/dlfcn.h                         |   10 +
 elf/Makefile                         |   97 ++-
 elf/dl-close.c                       |   43 +-
 elf/dl-fini.c                        |    6 +-
 elf/dl-init.c                        |    4 +-
 elf/dl-load.c                        |  227 +++++-
 elf/dl-object.c                      |   84 +++
 elf/dl-open.c                        |  108 ++-
 elf/dl-sym.c                         |   14 +
 elf/elf.h                            |    7 +-
 elf/get-dynamic-info.h               |   12 +
 elf/rtld.c                           |    2 +-
 elf/tst-dlmopen-auditmod.c           |   23 +
 elf/tst-dlmopen-common.h             |   33 +
 elf/tst-dlmopen-main.h               | 1022 ++++++++++++++++++++++++++
 elf/tst-dlmopen-modules.h            |   20 +
 elf/tst-dlmopen-rtld-audit-shared1.c |   11 +
 elf/tst-dlmopen-rtld-audit-shared2.c |   11 +
 elf/tst-dlmopen-rtld-audit-shared3.c |   11 +
 elf/tst-dlmopen-rtld-audit-shared4.c |   11 +
 elf/tst-dlmopen-rtld-audit-shared5.c |   11 +
 elf/tst-dlmopen-rtld-audit-shared6.c |   11 +
 elf/tst-dlmopen-rtld-audit-unique1.c |   11 +
 elf/tst-dlmopen-rtld-audit-unique2.c |   11 +
 elf/tst-dlmopen-rtld-audit-unique3.c |   11 +
 elf/tst-dlmopen-rtld-audit-unique4.c |   11 +
 elf/tst-dlmopen-rtld-audit-unique5.c |   11 +
 elf/tst-dlmopen-rtld-audit-unique6.c |   11 +
 elf/tst-dlmopen-rtld-shared1.c       |   11 +
 elf/tst-dlmopen-rtld-shared1.h       |   65 ++
 elf/tst-dlmopen-rtld-shared2.c       |   11 +
 elf/tst-dlmopen-rtld-shared2.h       |   67 ++
 elf/tst-dlmopen-rtld-shared3.c       |   11 +
 elf/tst-dlmopen-rtld-shared3.h       |   44 ++
 elf/tst-dlmopen-rtld-shared4.c       |   11 +
 elf/tst-dlmopen-rtld-shared4.h       |   15 +
 elf/tst-dlmopen-rtld-shared5.c       |   11 +
 elf/tst-dlmopen-rtld-shared5.h       |   26 +
 elf/tst-dlmopen-rtld-shared6.c       |   11 +
 elf/tst-dlmopen-rtld-shared6.h       |   37 +
 elf/tst-dlmopen-rtld-unique1.c       |   11 +
 elf/tst-dlmopen-rtld-unique1.h       |   87 +++
 elf/tst-dlmopen-rtld-unique2.c       |   11 +
 elf/tst-dlmopen-rtld-unique2.h       |   26 +
 elf/tst-dlmopen-rtld-unique3.c       |   11 +
 elf/tst-dlmopen-rtld-unique3.h       |   14 +
 elf/tst-dlmopen-rtld-unique4.c       |   11 +
 elf/tst-dlmopen-rtld-unique4.h       |   15 +
 elf/tst-dlmopen-rtld-unique5.c       |   11 +
 elf/tst-dlmopen-rtld-unique5.h       |   59 ++
 elf/tst-dlmopen-rtld-unique6.c       |   11 +
 elf/tst-dlmopen-rtld-unique6.h       |   52 ++
 elf/tst-dlmopen-sharedmod-norm.c     |   11 +
 elf/tst-dlmopen-sharedmod-uniq.c     |   11 +
 elf/tst-dlmopen-std-do-test.h        |   11 +
 elf/tst-tls-ie-dlmopen.c             |    4 +-
 htl/Makefile                         |    2 +-
 iconvdata/Makefile                   |    1 +
 include/elf.h                        |    2 +
 include/link.h                       |    7 +-
 nptl/Makefile                        |    2 +-
 sysdeps/generic/ldsodefs.h           |    9 +
 sysdeps/mips/bits/dlfcn.h            |   10 +
 65 files changed, 2493 insertions(+), 63 deletions(-)
 create mode 100644 elf/tst-dlmopen-auditmod.c
 create mode 100644 elf/tst-dlmopen-common.h
 create mode 100644 elf/tst-dlmopen-main.h
 create mode 100644 elf/tst-dlmopen-modules.h
 create mode 100644 elf/tst-dlmopen-rtld-audit-shared1.c
 create mode 100644 elf/tst-dlmopen-rtld-audit-shared2.c
 create mode 100644 elf/tst-dlmopen-rtld-audit-shared3.c
 create mode 100644 elf/tst-dlmopen-rtld-audit-shared4.c
 create mode 100644 elf/tst-dlmopen-rtld-audit-shared5.c
 create mode 100644 elf/tst-dlmopen-rtld-audit-shared6.c
 create mode 100644 elf/tst-dlmopen-rtld-audit-unique1.c
 create mode 100644 elf/tst-dlmopen-rtld-audit-unique2.c
 create mode 100644 elf/tst-dlmopen-rtld-audit-unique3.c
 create mode 100644 elf/tst-dlmopen-rtld-audit-unique4.c
 create mode 100644 elf/tst-dlmopen-rtld-audit-unique5.c
 create mode 100644 elf/tst-dlmopen-rtld-audit-unique6.c
 create mode 100644 elf/tst-dlmopen-rtld-shared1.c
 create mode 100644 elf/tst-dlmopen-rtld-shared1.h
 create mode 100644 elf/tst-dlmopen-rtld-shared2.c
 create mode 100644 elf/tst-dlmopen-rtld-shared2.h
 create mode 100644 elf/tst-dlmopen-rtld-shared3.c
 create mode 100644 elf/tst-dlmopen-rtld-shared3.h
 create mode 100644 elf/tst-dlmopen-rtld-shared4.c
 create mode 100644 elf/tst-dlmopen-rtld-shared4.h
 create mode 100644 elf/tst-dlmopen-rtld-shared5.c
 create mode 100644 elf/tst-dlmopen-rtld-shared5.h
 create mode 100644 elf/tst-dlmopen-rtld-shared6.c
 create mode 100644 elf/tst-dlmopen-rtld-shared6.h
 create mode 100644 elf/tst-dlmopen-rtld-unique1.c
 create mode 100644 elf/tst-dlmopen-rtld-unique1.h
 create mode 100644 elf/tst-dlmopen-rtld-unique2.c
 create mode 100644 elf/tst-dlmopen-rtld-unique2.h
 create mode 100644 elf/tst-dlmopen-rtld-unique3.c
 create mode 100644 elf/tst-dlmopen-rtld-unique3.h
 create mode 100644 elf/tst-dlmopen-rtld-unique4.c
 create mode 100644 elf/tst-dlmopen-rtld-unique4.h
 create mode 100644 elf/tst-dlmopen-rtld-unique5.c
 create mode 100644 elf/tst-dlmopen-rtld-unique5.h
 create mode 100644 elf/tst-dlmopen-rtld-unique6.c
 create mode 100644 elf/tst-dlmopen-rtld-unique6.h
 create mode 100644 elf/tst-dlmopen-sharedmod-norm.c
 create mode 100644 elf/tst-dlmopen-sharedmod-uniq.c
 create mode 100644 elf/tst-dlmopen-std-do-test.h