From patchwork Fri Jul 5 18:40:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 33611 Received: (qmail 37915 invoked by alias); 5 Jul 2019 18:40:07 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 37501 invoked by uid 89); 5 Jul 2019 18:40:07 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-18.6 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, KAM_SHORT, SPF_HELO_PASS autolearn=ham version=3.3.1 spammy=comprehensive, shortly X-HELO: mx1.redhat.com From: Florian Weimer To: libc-alpha@sourceware.org Subject: Re: [PATCH] dlfcn: Failures after dlmopen should not terminate process [BZ #24772] References: <874l40a3dw.fsf@oldenburg2.str.redhat.com> Date: Fri, 05 Jul 2019 20:40:01 +0200 In-Reply-To: <874l40a3dw.fsf@oldenburg2.str.redhat.com> (Florian Weimer's message of "Fri, 05 Jul 2019 17:48:43 +0200") Message-ID: <87imsg72bi.fsf@oldenburg2.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) MIME-Version: 1.0 Sorry, there was a C&P issue in the test case. The follow-up fix I will post hopefully shortly should include a more comprehensive test case, also including dlerror calls. Thanks, Florian dlfcn: Failures after dlmopen should not terminate process [BZ #24772] Commit 9e78f6f6e7134a5f299cc8de77370218f8019237 ("Implement _dl_catch_error, _dl_signal_error in libc.so [BZ #16628]") has the side effect that distinct namespaces, as created by dlmopen, now have separate implementations of the rtld exception mechanism. This means that the call to _dl_catch_error from libdl in a secondary namespace does not actually install an exception handler because the thread-local variable catch_hook in the libc.so copy in the secondary namespace is distinct from that of the base namepace. As a result, a dlsym/dlopen/… failure in a secondary namespace terminates the process with a dynamic linker error because it looks to the exception handler mechanism as if no handler has been installed. This commit restores GLRO (dl_catch_error) and uses it to set the handler in the base namespace. 2019-07-05 Florian Weimer [BZ #24772] * dlfcn/dlerror.c (_dlerror_run): Call _dl_catch_error from the base namespace, via GLRO (dl_catch_error). * elf/Makefile [$(build-shared)] (tests): Add tst-dlmopen-dlerror. (modules-names): Add tst-dlmopen-dlerror-mod. (tst-dlmopen-dlerror): Link with -ldl. (tst-dlmopen-dlerror-mod.so): Link with -ldl and libsupport.a. (tst-dlmopen-dlerror.out): Depend on tst-dlmopen-dlerror-mod.so. * elf/dl-error-skeleton.c [DL_ERROR_BOOTSTRAP] (_rtld_catch_error): Define. * elf/rtld.c (_rtld_global_ro): Initialize _dl_catch_error. * elf/tst-dlmopen-dlerror-mod.c: New file. * elf/tst-dlmopen-dlerror.c: Likewise. * sysdeps/generic/ldsodefs.h (struct rtld_global_ro): Add _dl_catch_error member. (_rtld_catch_error): Declare. diff --git a/dlfcn/dlerror.c b/dlfcn/dlerror.c index ca42c126c1..c2b08c7fc4 100644 --- a/dlfcn/dlerror.c +++ b/dlfcn/dlerror.c @@ -167,8 +167,10 @@ _dlerror_run (void (*operate) (void *), void *args) result->errstring = NULL; } - result->errcode = _dl_catch_error (&result->objname, &result->errstring, - &result->malloced, operate, args); + result->errcode = GLRO (dl_catch_error) (&result->objname, + &result->errstring, + &result->malloced, + operate, args); /* If no error we mark that no error string is available. */ result->returned = result->errstring == NULL; diff --git a/elf/Makefile b/elf/Makefile index a3eefd1b1f..b8dd5b30db 100644 --- a/elf/Makefile +++ b/elf/Makefile @@ -192,7 +192,7 @@ tests += restest1 preloadtest loadfail multiload origtest resolvfail \ tst-latepthread tst-tls-manydynamic tst-nodelete-dlclose \ tst-debug1 tst-main1 tst-absolute-sym tst-absolute-zero tst-big-note \ tst-unwind-ctor tst-unwind-main tst-audit13 \ - tst-sonamemove-link tst-sonamemove-dlopen + tst-sonamemove-link tst-sonamemove-dlopen tst-dlmopen-dlerror # reldep9 tests-internal += loadtest unload unload2 circleload1 \ neededtest neededtest2 neededtest3 neededtest4 \ @@ -283,7 +283,8 @@ modules-names = testobj1 testobj2 testobj3 testobj4 testobj5 testobj6 \ tst-main1mod tst-libc_dlvsym-dso tst-absolute-sym-lib \ tst-absolute-zero-lib tst-big-note-lib tst-unwind-ctor-lib \ tst-audit13mod1 tst-sonamemove-linkmod1 \ - tst-sonamemove-runmod1 tst-sonamemove-runmod2 + tst-sonamemove-runmod1 tst-sonamemove-runmod2 \ + tst-dlmopen-dlerror-mod # Most modules build with _ISOMAC defined, but those filtered out # depend on internal headers. modules-names-tests = $(filter-out ifuncmod% tst-libc_dlvsym-dso tst-tlsmod%,\ @@ -1434,6 +1435,10 @@ $(objpfx)tst-sonamemove-dlopen.out: \ $(objpfx)tst-sonamemove-runmod1.so \ $(objpfx)tst-sonamemove-runmod2.so +$(objpfx)tst-dlmopen-dlerror: $(libdl) +$(objpfx)tst-dlmopen-dlerror-mod.so: $(libdl) $(libsupport) +$(objpfx)tst-dlmopen-dlerror.out: $(objpfx)tst-dlmopen-dlerror-mod.so + # Override -z defs, so that we can reference an undefined symbol. # Force lazy binding for the same reason. LDFLAGS-tst-latepthreadmod.so = \ diff --git a/elf/dl-error-skeleton.c b/elf/dl-error-skeleton.c index 248c185a74..5c2b1d4fb7 100644 --- a/elf/dl-error-skeleton.c +++ b/elf/dl-error-skeleton.c @@ -236,4 +236,16 @@ _dl_receive_error (receiver_fct fct, void (*operate) (void *), void *args) catch_hook = old_catch; receiver = old_receiver; } + +/* Forwarder used for initializing GLRO (_dl_catch_error). */ +int +_rtld_catch_error (const char **objname, const char **errstring, + bool *mallocedp, void (*operate) (void *), + void *args) +{ + /* The reference to _dl_catch_error will eventually be relocated to + point to the implementation in libc.so. */ + return _dl_catch_error (objname, errstring, mallocedp, operate, args); +} + #endif /* DL_ERROR_BOOTSTRAP */ diff --git a/elf/rtld.c b/elf/rtld.c index c9490ff694..ba2323baa1 100644 --- a/elf/rtld.c +++ b/elf/rtld.c @@ -325,6 +325,7 @@ struct rtld_global_ro _rtld_global_ro attribute_relro = ._dl_lookup_symbol_x = _dl_lookup_symbol_x, ._dl_open = _dl_open, ._dl_close = _dl_close, + ._dl_catch_error = _rtld_catch_error, ._dl_tls_get_addr_soft = _dl_tls_get_addr_soft, #ifdef HAVE_DL_DISCOVER_OSVERSION ._dl_discover_osversion = _dl_discover_osversion diff --git a/elf/tst-dlmopen-dlerror-mod.c b/elf/tst-dlmopen-dlerror-mod.c new file mode 100644 index 0000000000..dcb94320b4 --- /dev/null +++ b/elf/tst-dlmopen-dlerror-mod.c @@ -0,0 +1,41 @@ +/* Check that dlfcn errors are reported properly after dlmopen. Test module. + Copyright (C) 2019 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include + +/* Note: This object is not linked into the main program, so we cannot + use delayed test failure reporting via TEST_VERIFY etc., and have + to use FAIL_EXIT1 (or something else that calls exit). */ + +void +call_dlsym (void) +{ + void *ptr = dlsym (NULL, "does not exist"); + if (ptr != NULL) + FAIL_EXIT1 ("dlsym did not fail as expected"); +} + +void +call_dlopen (void) +{ + void *handle = dlopen ("tst-dlmopen-dlerror does not exist", RTLD_NOW); + if (handle != NULL) + FAIL_EXIT1 ("dlopen did not fail as expected"); +} diff --git a/elf/tst-dlmopen-dlerror.c b/elf/tst-dlmopen-dlerror.c new file mode 100644 index 0000000000..65638f7f38 --- /dev/null +++ b/elf/tst-dlmopen-dlerror.c @@ -0,0 +1,37 @@ +/* Check that dlfcn errors are reported properly after dlmopen. + Copyright (C) 2019 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include + +static int +do_test (void) +{ + void *handle = xdlmopen (LM_ID_NEWLM, "tst-dlmopen-dlerror-mod.so", + RTLD_NOW); + void (*call_dlsym) (void) = xdlsym (handle, "call_dlsym"); + void (*call_dlopen) (void) = xdlsym (handle, "call_dlopen"); + + call_dlsym (); + call_dlopen (); + + return 0; +} + +#include diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h index b1fc5c31f9..c8894e9518 100644 --- a/sysdeps/generic/ldsodefs.h +++ b/sysdeps/generic/ldsodefs.h @@ -604,6 +604,12 @@ struct rtld_global_ro void *(*_dl_open) (const char *file, int mode, const void *caller_dlopen, Lmid_t nsid, int argc, char *argv[], char *env[]); void (*_dl_close) (void *map); + /* libdl in a secondary namespace (after dlopen) must use + _dl_catch_error from the main namespace, so it has to be + exported in some way. */ + int (*_dl_catch_error) (const char **objname, const char **errstring, + bool *mallocedp, void (*operate) (void *), + void *args); void *(*_dl_tls_get_addr_soft) (struct link_map *); #ifdef HAVE_DL_DISCOVER_OSVERSION int (*_dl_discover_osversion) (void); @@ -841,6 +847,9 @@ extern int _dl_catch_error (const char **objname, const char **errstring, void *args); libc_hidden_proto (_dl_catch_error) +/* Used for initializing GLRO (_dl_catch_error). */ +extern __typeof__ (_dl_catch_error) _rtld_catch_error attribute_hidden; + /* Call OPERATE (ARGS). If no error occurs, set *EXCEPTION to zero. Otherwise, store a copy of the raised exception in *EXCEPTION, which has to be freed by _dl_exception_free. */