Commit Graph

2478 Commits

Author SHA1 Message Date
Florian Weimer
31563b6841 elf: Remove extra hwcap mechanism from ldconfig
Historically, this mechanism was used to process "nosegneg"
subdirectories, and it is still used to include the "tls"
subdirectories.  With nosegneg support gone from ld.so, this is part
no longer useful.

The entire mechanism is not well-designed because it causes the
meaning of hwcap bits in ld.so.cache to depend on the kernel version
that was used to generate the cache, which makes it difficult to use
this mechanism for anything else in the future.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-05-28 10:21:17 +02:00
Florian Weimer
dcbc6b83ef elf: Do not read hwcaps from the vDSO in ld.so
This was only ever used for the "nosegneg" flag.  This approach for
passing hardware capability information creates a subtle dependency
between the kernel and userspace, and ld.so.cache contents.  It seems
inappropriate for toady, where people expect to be able to run
system images which very different kernel versions.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-05-28 10:20:57 +02:00
Florian Weimer
de42613540 elf: Turn _dl_printf, _dl_error_printf, _dl_fatal_printf into functions
This change makes it easier to set a breakpoint on these calls.

This also addresses the issue that including <ldsodefs.h> without
<unistd.h> does not result usable _dl_*printf macros because of the
use of the STD*_FILENO macros there.

(The private symbol for _dl_fatal_printf will go away again
once the exception handling implementation is unified between
libc and ld.so.)

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-05-25 18:17:27 +02:00
Szabolcs Nagy
03acbc1f71 elf.h: add aarch64 property definitions
These property values are specified by the AArch64 ELF ABI and
binutils can create binaries marked with them.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-05-21 09:55:43 +01:00
Szabolcs Nagy
7787a35fd0 elf.h: Add PT_GNU_PROPERTY
This program header type is already used in binaries on x86 and
aarch64 targets.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-05-21 09:55:43 +01:00
Josh Triplett
cad64f778a ldconfig: Default to the new format for ld.so.cache
glibc has supported this format for close to 20 years.
2020-05-19 14:41:48 +02:00
Florian Weimer
ce12fc7113 Remove NO_CTORS_DTORS_SECTIONS macro
This was originally added to support binutils older than version
2.22:

  <https://sourceware.org/ml/libc-alpha/2010-12/msg00051.html>

Since 2.22 is older than the minimum required binutils version
for building glibc, we no longer need this.  (The changes do
not impact the statically linked startup code.)
2020-05-18 15:39:34 +02:00
Florian Weimer
7b5bfe7783 elf: Assert that objects are relocated before their constructors run
If we try to run constructors before relocation, this is always
a dynamic linker bug.  An assert is easier to notice than a call
via an invalid function pointer (which may not even produce a valid
call stack).

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-05-18 15:30:09 +02:00
H.J. Lu
674ea88294 x86: Move CET control to _dl_x86_feature_control [BZ #25887]
1. Include <dl-procruntime.c> to get architecture specific initializer in
rtld_global.
2. Change _dl_x86_feature_1[2] to _dl_x86_feature_1.
3. Add _dl_x86_feature_control after _dl_x86_feature_1, which is a
struct of 2 bitfields for IBT and SHSTK control

This fixes [BZ #25887].
2020-05-18 06:15:02 -07:00
Florian Weimer
ad78d70275 elf: Remove redundant add_to_global_resize_failure call from dl_open_args
The second call does not do anything because the data structures have
already been resized by the call that comes before the demarcation
point.  Fixes commit a509eb117f
("Avoid late dlopen failure due to scope, TLS slotinfo updates
[BZ #25112]").

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-05-12 19:06:18 +02:00
Paul E. Murphy
e2239af353 Rename __LONG_DOUBLE_USES_FLOAT128 to __LDOUBLE_REDIRECTS_TO_FLOAT128_ABI
Improve the commentary to aid future developers who will stumble
upon this novel, yet not always perfect, mechanism to support
alternative formats for long double.

Likewise, rename __LONG_DOUBLE_USES_FLOAT128 to
__LDOUBLE_REDIRECTS_TO_FLOAT128_ABI now that development work
has settled down.  The command used was

git grep -l __LONG_DOUBLE_USES_FLOAT128 ':!./ChangeLog*' | \
  xargs sed -i 's/__LONG_DOUBLE_USES_FLOAT128/__LDOUBLE_REDIRECTS_TO_FLOAT128_ABI/g'

Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>
2020-04-30 08:52:08 -05:00
Florian Weimer
03e187a41d elf: Add initial flag argument to __libc_early_init
The rseq initialization should happen only for the libc in the base
namespace (in the dynamic case) or the statically linked libc.  The
__libc_multiple_libcs flag does not quite cover this case at present,
so this commit introduces a flag argument to __libc_early_init,
indicating whether the libc being libc is the primary one (of the main
program).

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-04-29 15:44:03 +02:00
Florian Weimer
ec935dea63 elf: Implement __libc_early_init
This function is defined in libc.so, and the dynamic loader calls
right after relocation has been finished, before any ELF constructors
or the preinit function is invoked.  It is also used in the static
build for initializing parts of the static libc.

To locate __libc_early_init, a direct symbol lookup function is used,
_dl_lookup_direct.  It does not search the entire symbol scope and
consults merely a single link map.  This function could also be used
to implement lookups in the vDSO (as an optimization).

A per-namespace variable (libc_map) is added for locating libc.so,
to avoid repeated traversals of the search scope.  It is similar to
GL(dl_initfirst).  An alternative would have been to thread a context
argument from _dl_open down to _dl_map_object_from_fd (where libc.so
is identified).  This could have avoided the global variable, but
the change would be larger as a result.  It would not have been
possible to use this to replace GL(dl_initfirst) because that global
variable is used to pass the function pointer past the stack switch
from dl_main to the main program.  Replacing that requires adding
a new argument to _dl_init, which in turn needs changes to the
architecture-specific libc.so startup code written in assembler.

__libc_early_init should not be used to replace _dl_var_init (as
it exists today on some architectures).  Instead, _dl_lookup_direct
should be used to look up a new variable symbol in libc.so, and
that should then be initialized from the dynamic loader, immediately
after the object has been loaded in _dl_map_object_from_fd (before
relocation is run).  This way, more IFUNC resolvers which depend on
these variables will work.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-04-24 22:32:09 +02:00
Florian Weimer
50a2d83c08 elf: Introduce <elf_machine_sym_no_match.h>
MIPS needs to ignore certain existing symbols during symbol lookup.
The old scheme uses the ELF_MACHINE_SYM_NO_MATCH macro, with an
inline function, within its own header, with a sysdeps override for
MIPS.  This allows re-use of the function from another file (without
having to include <dl-machine.h> or providing the default definition
for ELF_MACHINE_SYM_NO_MATCH).

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-04-24 22:13:03 +02:00
Fangrui Song
eb06601bb4 elf: Support lld-style link map for librtld.map
GNU ld and gold's -Map include a line like:

  path/to/build/libc_pic.a(check_fds.os)

lld -Map does not have the archive member list, but we can still derive the
members from the following output

             VMA              LMA     Size Align Out     In      Symbol
...
           1a1c0            1a1c0       e2    16         path/to/build/libc_pic.a(check_fds.os):(.text)
2020-04-21 15:10:10 -03:00
Florian Weimer
8f7a75d700 elf: Implement DT_AUDIT, DT_DEPAUDIT support [BZ #24943]
binutils ld has supported --audit, --depaudit for a long time,
only support in glibc has been missing.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-04-03 16:26:10 +02:00
Florian Weimer
4c6e0415ef elf: Simplify handling of lists of audit strings
All list elements are colon-separated strings, and there is a hard
upper limit for the number of audit modules, so it is possible to
pre-allocate a fixed-size array of strings to which the LD_AUDIT
environment variable and --audit arguments are added.

Also eliminate the global variables for the audit list because
the list is only needed briefly during startup.

There is a slight behavior change: All duplicate LD_AUDIT environment
variables are now processed, not just the last one as before.  However,
such environment vectors are invalid anyway.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-04-03 16:26:10 +02:00
Vineet Gupta
e8a0f5831e ARC: add definitions to elf/elf.h
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2020-03-25 18:48:48 -07:00
Paul E. Murphy
d0d1811fb9 Fix tests which expose ldbl -> _Float128 redirects
The ldbl redirects for ieee128 have some jagged edges when
inspecting and manipulating symbols directly.

e.g asprintf is unconditionally redirected to __asprintfieee128
thus any tests relying on GCC's redirect behavior will encounter
problems if they inspect the symbol names too closely.

I've mitigated tests which expose the limitations of the
ldbl -> f128 redirects by giving them knowledge about the
redirected symbol names.

Hopefully there isn't much user code which depends on this
implementation specific behavior.

Reviewed-by: Tulio Magno Quites Machado Filho <tuliom@linux.ibm.com>
2020-03-25 14:34:23 -05:00
Jonathan Wakely
2de7fe6253 parse_tunables: Fix typo in comment 2020-03-13 10:27:23 +00:00
DJ Delorie
b7176cc2af ldconfig: trace origin paths with -v
With this patch, -v turns on a "from" trace for each directory
searched, that tells you WHY that directory is being searched -
is it a builtin, from the command line, or from some config file?
2020-03-11 16:02:05 -04:00
Adhemerval Zanella
fbaf0bae57 elf: Fix wrong indentation from commit eb447b7b4b 2020-03-10 16:11:29 -03:00
Florian Weimer
0499a353a6 elf: Add elf/check-wx-segment, a test for the presence of WX segments
Writable, executable segments defeat security hardening.  The
existing check for DT_TEXTREL does not catch this.

hppa and SPARC currently keep the PLT in an RWX load segment.
2020-03-02 14:25:20 +01:00
Florian Weimer
758599bc9d elf: Apply attribute_relro to pointers in elf/dl-minimal.c
The present code leaves the function pointers unprotected, but moves
some of the static functions into .data.rel.ro instead.  This causes
the linker to produce an allocatable, executable, writable section
and eventually an RWX load segment.  Not only do we really do not
want that, it also breaks valgrind because valgrind does not load
debuginfo from the mmap interceptor if all it sees are RX and RWX
mappings.

Fixes commit 3a0ecccb59 ("ld.so: Do not
export free/calloc/malloc/realloc functions [BZ #25486]").
2020-02-26 16:53:38 +01:00
Florian Weimer
783e641fba csu: Use ELF constructor instead of _init in libc.so
On !ELF_INITFINI architectures, _init is no longer called by the
dynamic linker.  We can use an ELF constructor instead because the
constructor order does not matter.  (The other constructors are used
to set up libio vtable bypasses and do not depend on this
initialization routine.)
2020-02-25 14:58:52 +01:00
Florian Weimer
f4349837d9 Introduce <elf-initfini.h> and ELF_INITFINI for all architectures
This supersedes the init_array sysdeps directory.  It allows us to
check for ELF_INITFINI in both C and assembler code, and skip DT_INIT
and DT_FINI processing completely on newer architectures.

A new header file is needed because <dl-machine.h> is incompatible
with assembler code.  <sysdep.h> is compatible with assembler code,
but it cannot be included in all assembler files because on some
architectures, it redefines register names, and some assembler files
conflict with that.

<elf-initfini.h> is replicated for legacy architectures which need
DT_INIT/DT_FINI support.  New architectures follow the generic default
and disable it.
2020-02-18 15:12:25 +01:00
Florian Weimer
3a0ecccb59 ld.so: Do not export free/calloc/malloc/realloc functions [BZ #25486]
Exporting functions and relying on symbol interposition from libc.so
makes the choice of implementation dependent on DT_NEEDED order, which
is not what some compiler drivers expect.

This commit replaces one magic mechanism (symbol interposition) with
another one (preprocessor-/compiler-based redirection).  This makes
the hand-over from the minimal malloc to the full malloc more
explicit.

Removing the ABI symbols is backwards-compatible because libc.so is
always in scope, and the dynamic loader will find the malloc-related
symbols there since commit f0b2132b35
("ld.so: Support moving versioned symbols between sonames
[BZ #24741]").

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-02-15 11:01:23 +01:00
Florian Weimer
c76147afe9 elf: Extract _dl_sym_post, _dl_sym_find_caller_map from elf/dl-sym.c
The definitions are moved into a new file, elf/dl-sym-post.h, so that
this code can be used by the dynamic loader as well.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-02-15 11:00:45 +01:00
Florian Weimer
abcc039d2e elf: Introduce the rtld-stubbed-symbols makefile variable
This generalizes a mechanism used for stack-protector support, so
that it can be applied to other symbols if required.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-02-15 11:00:27 +01:00
David Kilroy
0a8ce6a096 elf: avoid stack allocation in dl_open_worker
As the sort was removed, there's no need to keep a separate map of
links. Instead, when relocating objects iterate over l_initfini
directly.

This allows us to remove the loop copying l_initfini elements into
map. We still need a loop to identify the first and last elements that
need relocation.

Tested by running the testsuite on x86_64.
2020-02-12 14:31:17 -03:00
David Kilroy
71bcfa6245 elf: avoid redundant sort in dlopen
l_initfini is already sorted by dependency in _dl_map_object_deps(),
so avoid sorting again in dl_open_worker().

Tested by running the testsuite on x86_64.
2020-02-12 14:30:31 -03:00
David Kilroy
eb447b7b4b elf: Allow dlopen of filter object to work [BZ #16272]
There are two fixes that are needed to be able to dlopen filter
objects. First _dl_map_object_deps cannot assume that map will be at
the beginning of l_searchlist.r_list[], as filtees are inserted before
map. Secondly dl_open_worker needs to ensure that filtees get
relocated.

In _dl_map_object_deps:

* avoiding removing relocation dependencies of map by setting
  l_reserved to 0 and otherwise processing the rest of the search
  list.

* ensure that map remains at the beginning of l_initfini - the list
  of things that need initialisation (and destruction). Do this by
  splitting the copy up. This may not be required, but matches the
  initialization order without dlopen.

Modify dl_open_worker to relocate the objects in new->l_inifini.
new->l_initfini is constructed in _dl_map_object_deps, and lists the
objects that need initialization and destruction. Originally the list
of objects in new->l_next are relocated. All of these objects should
also be included in new->l_initfini (both lists are populated with
dependencies in _dl_map_object_deps). We can't use new->l_prev to pick
up filtees, as during a recursive dlopen from an interposed malloc
call, l->prev can contain objects that are not ready for relocation.

Add tests to verify that symbols resolve to the filtee implementation
when auxiliary and filter objects are used, both as a normal link and
when dlopen'd.

Tested by running the testsuite on x86_64.
2020-02-12 14:29:48 -03:00
Fangrui Song
ec44e1efcd elf.h: Add R_RISCV_IRELATIVE
The number has been officially assigned by
https://github.com/riscv/riscv-elf-psabi-doc/pull/131
d21ca40a7f
2020-02-12 01:14:38 -05:00
Joseph Myers
d01fd5f0ce Fix elf/tst-rtld-preload cross-testing.
As noted in
<https://sourceware.org/ml/libc-alpha/2019-06/msg00824.html>,
elf/tst-rtld-preload fails when cross-testing because it attempts to
run the test wrapper with itself.  Unfortunately, that thread never
resulted in a complete and correct patch for that test.

This patch addresses the issues with that test more thoroughly.  The
test is changed not to use the wrapper twice, including updating the
message it prints about the command it runs to be more complete and
accurate after the change; the Makefile is changed not to pass the
redundant '$(test-wrapper)' argument.

Tested for Arm that this fixes the failure seen for that test in
cross-testing.
2020-01-24 17:22:13 +00:00
Joseph Myers
00167b531d Fix cross-testing of tst-ifunc-fault-* tests.
The tests elf/tst-ifunc-fault-bindnow and elf/tst-ifunc-fault-lazy
fail in cross-testing because they run the dynamic linker directly
without using the test wrapper.  This patch fixes them to use the test
wrapper instead.

Tested that this fixes the failure of those two tests for powerpc
soft-float.
2020-01-23 14:34:59 +00:00
Tulio Magno Quites Machado Filho
18363b4f01 powerpc: Move cache line size to rtld_global_ro
GCC 10.0 enabled -fno-common by default and this started to point that
__cache_line_size had been implemented in 2 different places: loader and
libc.

In order to avoid this duplication, the libc variable has been removed
and the loader variable is moved to rtld_global_ro.

File sysdeps/unix/sysv/linux/powerpc/dl-auxv.h has been added in order
to reuse code for both static and dynamic linking scenarios.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-01-17 09:05:03 -03:00
Florian Weimer
a332bd1518 elf: Add elf/tst-dlopenfail-2 [BZ #25396]
Without CET, a jump into a newly loaded object through an overwritten
link map often does not crash, it just executes some random code.
CET detects this in some cases because the function pointer does not
point to the start of a function in the replacement shared object,
so there is no ENDBR instruction.

The new test uses a small shared object and the existing dangling
link map to trigger the bug.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2020-01-16 16:53:58 +01:00
H.J. Lu
5177d85b0c Clear GL(dl_initfirst) when freeing its link_map memory [BZ# 25396]
We should clear GL(dl_initfirst) when freeing its link_map memory.

Tested on Fedora 31/x86-64 with CET.

Reviewed-by: Florian Weimer <fweimer@redhat.com>
2020-01-16 07:41:53 -08:00
Stefan Liebler
3c8639b02e Fix "elf: Add tst-ldconfig-ld_so_conf-update test" on 32bit.
This new test was introduced with recent commit
591236f1a3.
If run on 32bit, it fails while renaming tst-ldconfig-ld-mod.so as there is no
/usr/lib64 directory. This patch is constructing the file name with help of
support_libdir_prefix.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2020-01-13 11:06:41 +01:00
Alexandra Hájková
591236f1a3 elf: Add tst-ldconfig-ld_so_conf-update test
Test ldconfig after /etc/ld.so.conf update and verify a running process
 observes changes to /etc/ld.so.cache.
 The test uses the test-in-container framework.

 Reviewed-by: Arjun Shankar <arjun@redhat.com>
2020-01-09 20:47:19 +01:00
Adhemerval Zanella
1bdda52fe9 elf: Move vDSO setup to rtld (BZ#24967)
This patch moves the vDSO setup from libc to loader code, just after
the vDSO link_map setup.  For static case the initialization
is moved to _dl_non_dynamic_init instead.

Instead of using the mangled pointer, the vDSO data is set as
attribute_relro (on _rtld_global_ro for shared or _dl_vdso_* for
static).  It is read-only even with partial relro.

It fixes BZ#24967 now that the vDSO pointer is setup earlier than
malloc interposition is called.

Also, vDSO calls should not be a problem for static dlopen as
indicated by BZ#20802.  The vDSO pointer would be zero-initialized
and the syscall will be issued instead.

Checked on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu,
arm-linux-gnueabihf, powerpc64le-linux-gnu, powerpc64-linux-gnu,
powerpc-linux-gnu, s390x-linux-gnu, sparc64-linux-gnu, and
sparcv9-linux-gnu.  I also run some tests on mips.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2020-01-03 11:22:07 -03:00
Adhemerval Zanella
57013650f7 elf: Enable relro for static build
The code is similar to the one at elf/dl-reloc.c, where it checks for
the l_relro_size from the link_map (obtained from PT_GNU_RELRO header
from program headers) and calls_dl_protected_relro.

For testing I will use the ones proposed by Florian's patch
'elf: Add tests for working RELRO protection' [1].

Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
aarch64-linux-gnu, s390x-linux-gnu, and sparc64-linux-gnu.  I also
check with --enable-static pie on x86_64-linux-gnu, i686-linux-gnu,
and aarch64-linux-gnu which seems the only architectures where
static PIE is actually working (as per 9d7a3741c9, on
arm-linux-gnueabihf, powerpc64{le}-linux-gnu, and s390x-linux-gnu
I am seeing runtime issues not related to my patch).

[1] https://sourceware.org/ml/libc-alpha/2019-10/msg00059.html

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2020-01-03 11:22:07 -03:00
Joseph Myers
5f72f9800b Update copyright dates not handled by scripts/update-copyrights.
I've updated copyright dates in glibc for 2020.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.  As well as the usual annual
updates, mainly dates in --version output (minus libc.texinfo which
previously had to be handled manually but is now successfully updated
by update-copyrights), there is a fix to
sysdeps/unix/sysv/linux/powerpc/bits/termios-c_lflag.h where a typo in
the copyright notice meant it failed to be updated automatically.

Please remember to include 2020 in the dates for any new files added
in future (which means updating any existing uncommitted patches you
have that add new files to use the new copyright dates in them).
2020-01-01 00:21:22 +00:00
Joseph Myers
d614a75396 Update copyright dates with scripts/update-copyrights. 2020-01-01 00:14:33 +00:00
Florian Weimer
6a265e577e Fix test isolation for elf/tst-ifunc-fault-lazy, elf/tst-ifunc-fault-bindnow
Previously, ld.so was invoked only with the elf subdirectory on the
library search path.  Since the soname link for libc.so only exists in
the top-level build directory, this leaked the system libc into the
test.
2019-12-19 16:06:50 +01:00
DJ Delorie
a059f9505b tunables: report sbrk() failure
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2019-12-16 16:51:00 -05:00
Florian Weimer
f7649d5780 dlopen: Do not block signals
Blocking signals causes issues with certain anti-malware solutions
which rely on an unblocked SIGSYS signal for system calls they
intercept.

This reverts commit a2e8aa0d9e
("Block signals during the initial part of dlopen") and adds
comments related to async signal safety to active_nodelete and
its caller.

Note that this does not make lazy binding async-signal-safe with regards
to dlopen.  It merely avoids introducing new async-signal-safety hazards
as part of the NODELETE changes.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2019-12-13 10:23:10 +01:00
Florian Weimer
f8ed116aa5 dlopen: Rework handling of pending NODELETE status
Commit a2e8aa0d9e ("Block signals during
the initial part of dlopen") was deemed necessary because of
read-modify-write operations like the one in  add_dependency in
elf/dl-lookup.c.  In the old code, we check for any kind of NODELETE
status and bail out:

      /* Redo the NODELETE check, as when dl_load_lock wasn't held
	 yet this could have changed.  */
      if (map->l_nodelete != link_map_nodelete_inactive)
	goto out;

And then set pending status (during relocation):

	  if (flags & DL_LOOKUP_FOR_RELOCATE)
	    map->l_nodelete = link_map_nodelete_pending;
	  else
	    map->l_nodelete = link_map_nodelete_active;

If a signal arrives during relocation and the signal handler, through
lazy binding, adds a global scope dependency on the same map, it will
set map->l_nodelete to link_map_nodelete_active.  This will be
overwritten with link_map_nodelete_pending by the dlopen relocation
code.

To avoid such problems in relation to the l_nodelete member, this
commit introduces two flags for active NODELETE status (irrevocable)
and pending NODELETE status (revocable until activate_nodelete is
invoked).  As a result, NODELETE processing in dlopen does not
introduce further reasons why lazy binding from signal handlers
is unsafe during dlopen, and a subsequent commit can remove signal
blocking from dlopen.

This does not address pre-existing issues (unrelated to the NODELETE
changes) which make lazy binding in a signal handler during dlopen
unsafe, such as the use of malloc in both cases.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2019-12-13 10:18:46 +01:00
Florian Weimer
365624e2d2 dlopen: Fix issues related to NODELETE handling and relocations
The assumption behind the assert in activate_nodelete was wrong:

Inconsistency detected by ld.so: dl-open.c: 459: activate_nodelete:
Assertion `!imap->l_init_called || imap->l_type != lt_loaded' failed! (edit)

It can happen that an already-loaded object that is in the local
scope is promoted to NODELETE status, via binding to a unique
symbol.

Similarly, it is possible that such NODELETE promotion occurs to
an already-loaded object from the global scope.  This is why the
loop in activate_nodelete has to cover all objects in the namespace
of the new object.

In do_lookup_unique, it could happen that the NODELETE status of
an already-loaded object was overwritten with a pending NODELETE
status.  As a result, if dlopen fails, this could cause a loss of
the NODELETE status of the affected object, eventually resulting
in an incorrect unload.

Fixes commit f63b73814f ("Remove all
loaded objects if dlopen fails, ignoring NODELETE [BZ #20839]").
2019-12-13 10:18:24 +01:00
Florian Weimer
b5a1271c76 ldconfig: Do not print a warning for a missing ld.so.conf file
The configuration file is not needed for working system, so printing a
warning is not helpful.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2019-12-11 09:19:39 +01:00