When audit modules are loaded, ld.so initialization is not yet
complete, and rtld_active () returns false even though ld.so is
mostly working. Instead, the static dlopen hook is used, but that
does not work at all because this is not a static dlopen situation.
Commit 466c1ea15f ("dlfcn: Rework
static dlopen hooks") moved the hook pointer into _rtld_global_ro,
which means that separate protection is not needed anymore and the
hook pointer can be checked directly.
The guard for disabling libio vtable hardening in _IO_vtable_check
should stay for now.
Fixes commit 8e1472d2c1 ("ld.so:
Examine GLRO to detect inactive loader [BZ #20204]").
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
(cherry picked from commit 8dcb6d0af0)
Consolidate all hooks structures into a single one. There are
no static dlopen ABI concerns because glibc 2.34 already comes
with substantial ABI-incompatible changes in this area. (Static
dlopen requires the exact same dynamic glibc version that was used
for static linking.)
The new approach uses a pointer to the hooks structure into
_rtld_global_ro and initalizes it in __rtld_static_init. This avoids
a back-and-forth with various callback functions.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
I used these shell commands:
../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")
and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 6694 files FOO.
I then removed trailing white space from benchtests/bench-pthread-locks.c
and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this
diagnostic from Savannah:
remote: *** pre-commit check failed ...
remote: *** error: lines with trailing whitespace found
remote: error: hook declined to update refs/heads/master
GLRO (_rtld_global_ro) is read-only after initialization and can
therefore not be patched at run time, unlike the hook table addresses
and their contents, so this is a desirable hardening feature.
The hooks are only needed if ld.so has not been initialized, and this
happens only after static dlopen (dlmopen uses a single ld.so object
across all namespaces).
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2004-10-18 Jakub Jelinek <jakub@redhat.com>
* elf/dl-libc.c (__libc_dlsym_private, __libc_register_dl_open_hook):
New functions.
(__libc_dlopen_mode): Call __libc_register_dl_open_hook and
__libc_register_dlfcn_hook.
* dlfcn/Makefile (routines, elide-routines.os): Set.
Add rules to build and test tststatic2.
* dlfcn/tststatic2.c: New test.
* dlfcn/modstatic2.c: New test module.
* dlfcn/dladdr.c: Call _dlfcn_hook from libdl.so if not NULL.
Define __ prefixed routine in libc.a and in libdl.a just call it.
* dlfcn/dladdr1.c: Likewise.
* dlfcn/dlclose.c: Likewise.
* dlfcn/dlerror.c: Likewise.
* dlfcn/dlinfo.c: Likewise.
* dlfcn/dlmopen.c: Likewise.
* dlfcn/dlopen.c: Likewise.
* dlfcn/dlopenold.c: Likewise.
* dlfcn/dlsym.c: Likewise.
* dlfcn/dlvsym.c: Likewise.
* dlfcn/sdladdr.c: New file.
* dlfcn/sdladdr1.c: New file.
* dlfcn/sdlclose.c: New file.
* dlfcn/sdlerror.c: New file.
* dlfcn/sdlinfo.c: New file.
* dlfcn/sdlopen.c: New file.
* dlfcn/sdlsym.c: New file.
* dlfcn/sdlvsym.c: New file.
* dlfcn/Versions (libdl): Export _dlfcn_hook@GLIBC_PRIVATE.
* include/dlfcn.h (DL_CALLER_DECL, DL_CALLER RETURN_ADDRESS): Define.
(struct dlfcn_hook): New type.
(_dlfcn_hook): New extern decl.
(__dlopen, __dlclose, __dlsym, __dlerror, __dladdr, __dladdr1,
__dlinfo, __dlmopen, __libc_dlsym_private,
__libc_register_dl_open_hook, __libc_register_dlfcn_hook): New
prototypes.
(__dlvsym): Use DL_CALLER_DECL.
* include/libc-symbols.h: Define libdl_hidden_proto and friends.
* malloc/arena.c (_dl_open_hook): Extern decl.
(ptmalloc_init): Don't call _dl_addr when dlopened from statically
linked programs but don't use brk for them either.
Update.
Add support for namespaces in the dynamic linker.
* dlfcn/Makefile (libdl-routines): Add dlmopen.
* dlfcn/Versions [libdl, GLIBC_2.3.4]: Add dlmopen.
* dlfcn/dlfcn.h: Define Lmid_t, LM_ID_BASE, and LM_ID_NEWLM.
Declare dlmopen. Document RTLD_DI_LMID.
* dlfcn/dlinfo.c: Handle RTLD_DI_LMID.
* dlfcn/dlmopen.c: New file.
* dlfcn/dlopen.c: Pass new parameter to _dl_open.
* dlfcn/dlopenold.c: Likewise.
* elf/dl-addr.c: Adjust for removal of GL(dl_loaded).
* elf/dl-caller.c: Likewise.
* elf/dl-close.c: Likewise.
* elf/dl-conflict.c: Likewise.
* elf/dl-debug.c: Likewise.
* elf/dl-lookup.c: Likewise.
* elf/dl-sym.c: Likewise.
* elf/dl-version.c: Likewise.
* elf/do-lookup.h: Likewise.
* elf/rtld.c: Likewise.
* sysdeps/unix/sysv/linux/i386/dl-librecon.h: Likewise.
* elf/dl-depsc: Likewise. Add new parameter to _dl_map_object.
* elf/dl-fini.c: Call destructors in all namespaces.
* elf/dl-iteratephdr.c: Compute total nloaded. Adjust for removal of
GL(dl_loaded).
* elf/dl-libc.c: Pass new parameter to _dl_open. Adjust for removal
of GL(dl_loaded).
* elf/dl-load.c (_dl_map_object_from_fd): Don't load ld.so a second
time. Reuse the one from the main namespace in all others.
Pass new parameter to _dl_new_object.
Adjust for removal of GL(dl_loaded).
* elf/dl-object.c: Take new parameter. Use it to initialize l_ns.
Adjust for removal of GL(dl_loaded).
* elf/dl-open.c (_dl_open): Take new parameter.
Adjust for removal of GL(dl_loaded).
* elf/dl-support.c: Replace global _dl_loaded etc variables with
_dl_ns variable.
* include/dlfcn.h: Adjust prototype of _dl_open.
Define __LM_ID_CALLER.
* include/link.h: Add l_real, l_ns, and l_direct_opencount elements.
* sysdeps/generic/dl-tls.c: Bump TLS_STATIC_SURPLUS. Since libc is
using TLS we need memory appropriate to the number of namespaces.
* sysdeps/generic/ldsodefs.h (struct rtld_global): Replace _dl_loaded,
_dl_nloaded, _dl_global_scope, _dl_main_searchlist, and
_dl_global_scope_alloc with _dl_ns element. Define DL_NNS.
Adjust prototypes of _dl_map_object and member in rtld_global_ro.
* malloc/malloc.c: Include <dlfcn.h>.
* malloc/arena.c (ptmalloc_init): If libc is not in primary namespace,
never use brk.
* elf/Makefile: Add rules to build and run tst-dlmopen1 and
tst-dlmopen2.
* elf/tst-dlmopen1.c: New file.
* elf/tst-dlmopen1mod.c: New file.
* elf/tst-dlmopen2.c: New file.
* elf/dl-close.c: Improve reference counting by tracking direct loads.
* elf/dl-lookup.c (add_dependency): Likewise.
* elf/dl-open.c (dl_open_worker): Likewise.
* elf/rtld.c (dl_main): Likewise.
2004-09-09 GOTO Masanori <gotom@debian.or.jp>
[BZ #77]
* elf/dl-close.c: Count down l_opencount to check not only for
l_reldeps, but also l_initfini.
2004-10-13 Ulrich Drepper <drepper@redhat.com>
2001-07-06 Paul Eggert <eggert@twinsun.com>
* manual/argp.texi: Remove ignored LGPL copyright notice; it's
not appropriate for documentation anyway.
* manual/libc-texinfo.sh: "Library General Public License" ->
"Lesser General Public License".
2001-07-06 Andreas Jaeger <aj@suse.de>
* All files under GPL/LGPL version 2: Place under LGPL version
2.1.
* elf/Makefile (tests): Add nodlopen. Add rules to generate nodlopen.
* include/dlfcn.h: Define __RTLD_DLOPEN.
* elf/dl-load.c (_dl_map_object_from_fd): If DF_1_NOOPEN is set
and this is a dlopen() call, do not load the binary.
* dlfcn/dlopen.c: Add __RTLD_DLOPEN to mode passed down to _dl_open.
* dlfcn/dlopenold.c: Likewise.
* configure.in: Add test for -z nodelete option.
* config.make.in: Define have-z-nodelete with libc_cv_z_nodelete.
2000-07-20 Mark Kettenis <kettenis@gnu.org>
Make Hesiod NSS module thread-safe.
* hesiod/README.hesiod: Update.
* hesiod/Versions [GLIBC_2.2]: Add _nss_hesiod_getservbyport_r,
_nss_hesiod_setprotoent, _nss_hesiod_endprotoent,
_nss_hesiod_getprotobyname_r, and _nss_hesiod_getprotobynumber_r.
* hesiod/Makefile (libnss_hesiod-routines): Add hesiod-init and
hesiod-proto.
* hesiod/nss_hesiod/hesiod-init.c: New file.
* hesiod/nss_hesiod/hesiod-pwd.c: Rewritten for thread-safeness.
* hesiod/nss_hesiod/hesiod-grp.c: Likewise.
* hesiod/nss_hesiod/nss_hesiod.h: New file.
* hesiod/nss_hesiod/hesiod-service.c
(_nss_hesiod_getservbyport_r): New function. Provide support for
looking up services by port number.
* hesiod/nss_hesiod/hesiod-proto.c: New file.
* hesiod/hesiod.c: Update from BIND 8.2.3-T5B.
* hesiod/hesiod.h: Likewise.
* hesiod/hesiod_p.h: Likewise.
2000-07-20 Mark Kettenis <kettenis@gnu.org>
Fix problems with `struct __res_state' getting too big.
* resolv/resolv.h (struct __sockaddr_in): New definition.
(struct __res_state): Use __sockaddr_in instead of sockaddr_in in
the private parts of the structure to save some space.
* resolv/res_send.c (res_nsend): Cast &EXT(statp).nsaddrs[ns] to
(struct sockaddr_in *) in call to sock_eq.
Use memcpy to copy statp->nsaddr_list[ns] to &EXT(statp).nsaddrs[ns].
2000-07-20 Ulrich Drepper <drepper@redhat.com>
* sysdeps/mach/hurd/dl-sysdep.c: Likewise.
2000-07-18 Kaz Kylheku <kaz@ashi.footprints.net>
* spinlock.c (__pthread_alt_lock, __pthread_alt_timedlock): Fixed
bug whereby thr field of waitnode structure would not be correctly
set unless a null self pointer is passed to the functions.
Eliminated redundant calls to thread_self().
* sysdeps/gnu/Makefile (libdl-routines): Add eval.
1999-07-06 Zack Weinberg <zack@rabi.columbia.edu>
* dlfcn: New directory. Move the following files from elf:
dladdr.c, dlclose.c, dlerror.c, dlfcn.h, dlopen.c,
dlopenold.c, dlsym.c, dlvsym.c.
* dlfcn/Makefile: New file.
* dlfcn/Versions: New file.
* dlfcn/dlsym.c: All ELF-specific code split out to new
function _dl_sym.
* dlfcn/dlvsym.c: All ELF-specific code split out to new
function _dl_vsym.
* elf/dl-sym.c: New file. _dl_sym and _dl_vsym are
implemented here.
* dlfcn/dladdr.c: Remove all references to ELF data structures
or headers.
* dlfcn/dlclose.c: Likewise.
* dlfcn/dlerror.c: Likewise.
* dlfcn/dlopen.c: Likewise.
* dlfcn/dlopenold.c: Likewise.
* Makeconfig (dlfcn): New variable - set to `dlfcn' if elf is
yes, empty otherwise.
(libdl): Set to dlfcn/libdl.so or libdl.a if elf is yes,
depending on build-shared.
(subdirs): Add $(dlfcn).
(rpath-dirs): Add dlfcn.
* elf/Makefile: Remove all references to libdl or its
components, except the ones relating to the test cases.
(routines): Add dl-sym.
* elf/Versions (libc): Add _dl_sym and _dl_vsym for GLIBC_2.2.
(libdl): Delete.
* elf/dl-close.c (_dl_close): Change argument to void *.
* elf/dl-open.c (_dl_open): Change return type to void *.
* elf/eval.c: Removed.
* elf/ldsodefs.h: Move prototypes of _dl_catch_error,
_dlerror_run, _dl_open, _dl_close, _dl_addr, and
_dl_mcount_wrapper_check to include/dlfcn.h. Delete
_CALL_DL_FCT macro.
* include/dlfcn.h: Also prototype _dl_sym and _dl_vsym here.
Include real header from dlfcn directory.
* include/ldsodefs.h: Removed.
* grp/initgroups.c: Use DL_CALL_FCT not _CALL_DL_FCT.
* nss/getXXbyYY_r.c: Likewise.
* nss/getXXent_r.c: Likewise.
* iconv/gconv.c: Likewise. Don't include ldsodefs.h.
* iconv/gconv_db.c: Likewise. Don't include ldsodefs.h.
* iconv/skeleton.c: Don't include ldsodefs.h.
* nss/nsswitch.h: Don't include ldsodefs.h. Include dlfcn.h.
1999-07-07 Ulrich Drepper <drepper@cygnus.com>