This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug dynamic-link/22745] _nptl_setxid can loop forever if a dlmopen namespace tries to initialise pthreads after the main namespace does
- From: "carlos at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Fri, 26 Jan 2018 05:03:02 +0000
- Subject: [Bug dynamic-link/22745] _nptl_setxid can loop forever if a dlmopen namespace tries to initialise pthreads after the main namespace does
- Auto-submitted: auto-generated
- References: <bug-22745-131@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=22745
--- Comment #6 from Carlos O'Donell <carlos at redhat dot com> ---
(In reply to Vivek Das Mohapatra from comment #5)
> (In reply to Carlos O'Donell from comment #4)
> > We should try to flesh out partial isolation first, but must keep full
> > isolation working for LD_AUDIT.
> >
> > https://sourceware.org/glibc/wiki/LinkerNamespaces
>
> I take your point(s) about the limitations of RTLD_UNIQUE - my thought was
> that to start with I could use it for libc/libpthread (by using the flag
> explicitly in libcapsule) which don't have further dependencies - everything
> else I need to share is/would be handled by creating a shim library which
> managed data sharing at a higher level.
>
> The default behaviour would still be total isolation, as happens now.
Consider the case where a new library in a new namespace dlopen's libpthread to
create new threads. This dlopen will not be made with RTLD_UNIQUE and these new
threads will be unknown to the base namespace. Instead the base namespace
should load libpthread and make it available in the non-base namespace. This
way the base namespace is aware that there are threads now, and that seteuid
must iterate over them properly. I expect we need a SONAME list and all load's
from that SONAME list must first happen in the base namespace, and then be
linked into the non-base namespace. The SONAME list is minimally libc.so.6,
libpthread.so.0, libdl.so.2, libgcc_s.so.1 (from gcc for unwinding), with maybe
libm.so.6 for future proofing, basically anything that constitutes the
implementation. This filtered loading should be turned off for total isolation
namespaces required for LD_AUDIT using an internal dlopen flag.
--
You are receiving this mail because:
You are on the CC list for the bug.