From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS3215 2.6.0.0/16 X-Spam-Status: No, score=-4.1 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI,NICE_REPLY_A, RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id A0F5B1F8C6 for ; Mon, 9 Aug 2021 20:36:38 +0000 (UTC) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id C5557393A424 for ; Mon, 9 Aug 2021 20:36:37 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org C5557393A424 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1628541397; bh=eYXkKok17LiWJ0KJns/xPOaFHe5uh5Hn3YARSqapZ74=; h=Subject:To:References:Date:In-Reply-To:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=xF2XpDok6TfQP2J6xX3WAMm0ns9a7JxQmJUs+5xcCqIMkuWcbHoJgYW37qTrSQD5f r+uzfCXFCWr2iHR5aQq77EvtGYWwtXdzxXuPe/iY4uZvp7/qGjLkjxg6MtNmsNQguI 8O9+uj1WQXtg9IHlcuRV4liQNDm+TMBSD0FjekhE= Received: from mail-pj1-x102e.google.com (mail-pj1-x102e.google.com [IPv6:2607:f8b0:4864:20::102e]) by sourceware.org (Postfix) with ESMTPS id 640F9393A405 for ; Mon, 9 Aug 2021 20:30:56 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 640F9393A405 Received: by mail-pj1-x102e.google.com with SMTP id j1so29838088pjv.3 for ; Mon, 09 Aug 2021 13:30:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=eYXkKok17LiWJ0KJns/xPOaFHe5uh5Hn3YARSqapZ74=; b=JYs5B/85Fx6kWJcUBhroqZndDTMQvhGY177bKt7pCvUQmSZYtx2UbZZcCDI1d+Ub9u M8Ac/T6r+iB3UlJF2PeSLM6zWnEM2QHoB4sz2ypMYfXHYTJu23aLmwit5Fn43XRPQS2P 1k1OXIW9MVQDg7ObFEG2CH5ZQZfSles37prI0JRouaU8pbmhr/KNq+p9wSEVIzrR0mrL HUDzMD0YV/vZeQkimXrwJF2ugXk3bKdcEJ3lT+iDGxymBifxLkFZ172RRI+Sm2QPabHI CbJnyk+TEt6lAmk4mNmgJLxX17WkKzBfzCi8mOXvEsQzklFVLxN4HSn2bRWaSmbqGirF kJ4Q== X-Gm-Message-State: AOAM532dkZZecpy3pttxLzXvjRqKvhgb2D+Q2+7OCoTY+OeTbAbl9eri RDIdXYMvBiZwbN/issXyMR1wRTiw4TXhGQ== X-Google-Smtp-Source: ABdhPJw9mDA3lWCx/3nl5g0Ln6QNo1AaOtqGk2/88ePxf7m0TrlUUjZYliVSkSzoEwhskwmiY3AxKQ== X-Received: by 2002:a17:90a:7884:: with SMTP id x4mr943070pjk.53.1628541054482; Mon, 09 Aug 2021 13:30:54 -0700 (PDT) Received: from ?IPv6:2804:431:c7cb:9dce:a96c:8a7f:2ffc:f373? ([2804:431:c7cb:9dce:a96c:8a7f:2ffc:f373]) by smtp.gmail.com with ESMTPSA id l12sm20528336pff.182.2021.08.09.13.30.53 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 09 Aug 2021 13:30:53 -0700 (PDT) Subject: Re: [RFC][PATCH v12 5/8] Implement dlmopen RTLD_SHARED flag (bug 22745) To: libc-alpha@sourceware.org References: <20210708163255.812-1-vivek@collabora.com> <20210708163255.812-6-vivek@collabora.com> Message-ID: Date: Mon, 9 Aug 2021 17:30:52 -0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: <20210708163255.812-6-vivek@collabora.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Adhemerval Zanella via Libc-alpha Reply-To: Adhemerval Zanella Errors-To: libc-alpha-bounces+e=80x24.org@sourceware.org Sender: "Libc-alpha" On 08/07/2021 13:32, Vivek Das Mohapatra via Libc-alpha wrote: > This flag will instruct dlmopen to create a shared object present > in the main namespace and accessible from the selected namespace > when supplied in the MODE argument. > > include/link.h: Update the link_map struct to allow proxies > > We already have an l_real pointer, used for a similar purpose by > the linker for copies of ld.so in secondary namespaces. Update its > documentation and add a bitfield to indicate when link_map entry > is a proxy. > > elf/dl-object.c: Implement a helper function to proxy link_map entries > > Provides the minimal functionality needed to take an existing > link_map entry and create a proxy for it in the specified namespace. > > elf/dl-load.c, elf/dl-open.c: Implement RTLD_SHARED dlmopen proxying > > This uses the new infrastructure to implement RTLD_SHARED object > proxying via dlmopen: Instead of opening the specified object in > the requested namespace we open it in the main namespace (if it > is not already present there) and proxy it to the destination. > > The following rules apply: > > If a proxy of the object is already present in the requested namespace, > we simply return it (with an incremented direct-open count). > > If the object is already present in the requested namespace, a dl > error is signalled, since we cannot satisfy the user's request. > > Proxies are never created in the main namespace: RTLD_SHARED has no > effect when the requested namespace is LM_ID_BASE. > > elf/dl-fini.c: Handle proxy link_maps in the shutdown path (bug 22745) > > When cleaning up before exit we should not call destructors or > otherwise free [most of] the contents of proxied link_map entries > since they share [most of] their contents with the LM_ID_BASE > objects to which they point. > > elf/dl-init.c: Skip proxy link_map entries in dl init path > > Proxies should not trigger calls to DT_INIT constructors since they're > just shims that point to the real, already loaded and initialised, objects. > > elf/dl-open.c: Skip libc init if namespace has no libc map > > Secondary namespaces which share their libc mapping with the main > namespace cannot (and should not) have _dl_call_libc_early_init > called for them by dl_open_worker. > > elf/dl-open.c: When creating a proxy check NS 0 libc map > > The libc_already_loaded check normally considers the libc_map entry > in GL(dl_ns)[args->nsid].libc_map. > > This is not correct for proxies, which use the libc_map from > the default namespace (as proxies are dummy entries that point > to the base namespace via their l_real members). > > elf/dl-load.c, dl-open.c: Compare DSOs by file ID & check DF_GNU_1_UNIQUE > > If _dl_map_object_from_fd finds that a DSO it was asked to > load into a non-base namespace is already loaded (into the > main namespace) and is flagged DF_GNU_1_UNIQUE then it should > return that DSO's link map entry. > > In such cases _dl_open_worker must notice that this has > happened and continue down the link map proxy generation > path instead of normal link map entry preparation. > > elf/dl-load.c: error if RTLD_SHARED = DF_GNU_1_UNIQUE semantics violated > > elf/dl-open.c: Use search helper to find preloaded DT_GNU_UNIQUE DSOs > > If a DSO already exists (with the same name) in the base namespace > and it is flagged DT_GNU_UNIQUE then we should behave as if a proxy > had been requested. > > elf/dl-load.c: When loading DSOs in other namespaces check DT_GNU_UNIQUE > > If a DSO has not already been loaded and the target is not the main > namespace then we must check to see if it's been DT_GNU_UNIQUE tagged > and load it into the main namespace instead. > > dl_open_worker has alread been modified to notice the discrepancy > between the request and the result in such cases, and will set up > a proxy in the target namespace. > > elf/dl-load.c: Suppress audit calls when a (new) namespace is empty > > When preparing an RTLD_SHARED proxy in a new namespace > it is possible for the target namespace to be empty: > > This can happen for RTLD_SHARED + LM_ID_NEWLM. > > The audit infrastructure should not be invoked at this > point (as there's nothing there to audit yet). > > bits/dlfcn.h, elf/dl-load.c, elf/dl-open.c, elf/rtld.c, > sysdeps/mips/bits/dlfcn.h: > Suppress inter-namespace DSO sharing for audit libraries > > Audit libraries should not participate in DSO sharing: In > particular libraries tagged with DF_GNU_1_UNIQUE should not > be shared between the audit namespace and any others - they > should get their own copy. > > This is signalled to the loader code by passing the RTLD_ISOLATE > flag from the relevant entry point in the dl modes argument. > > elf/dl-sym.c: dlsym, dlvsym must be able to resolve symbols via proxies This new features should also have a NEWS entry.