diff options
| author | Florian Weimer <fweimer@redhat.com> | 2024-11-06 10:33:44 +0100 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2024-11-06 10:33:44 +0100 |
| commit | c1560f3f75c0e892b5522c16f91b4e303f677094 (patch) | |
| tree | 2bc23ca5a02629376cd1edbdefb736ea62782de4 /elf/rtld.c | |
| parent | f2326c2ec0a0a8db7bc7f4db8cce3002768fc3b6 (diff) | |
| download | glibc-c1560f3f75c0e892b5522c16f91b4e303f677094.zip glibc-c1560f3f75c0e892b5522c16f91b4e303f677094.tar.gz glibc-c1560f3f75c0e892b5522c16f91b4e303f677094.tar.bz2 | |
elf: Switch to main malloc after final ld.so self-relocation
Before commit ee1ada1bdb8074de6e1bdc956ab19aef7b6a7872
("elf: Rework exception handling in the dynamic loader
[BZ #25486]"), the previous order called the main calloc
to allocate a shadow GOT/PLT array for auditing support.
This happened before libc.so.6 ELF constructors were run, so
a user malloc could run without libc.so.6 having been
initialized fully. One observable effect was that
environ was NULL at this point.
It does not seem to be possible at present to trigger such
an allocation, but it seems more robust to delay switching
to main malloc after ld.so self-relocation is complete.
The elf/tst-rtld-no-malloc-audit test case fails with a
2.34-era glibc that does not have this fix.
Reviewed-by: DJ Delorie <dj@redhat.com>
Diffstat (limited to 'elf/rtld.c')
| -rw-r--r-- | elf/rtld.c | 25 |
1 files changed, 11 insertions, 14 deletions
@@ -2321,30 +2321,27 @@ dl_main (const ElfW(Phdr) *phdr, /* Make sure no new search directories have been added. */ assert (GLRO(dl_init_all_dirs) == GL(dl_all_dirs)); - /* Re-relocate ourselves with user-controlled symbol definitions. - - We must do this after TLS initialization in case after this - re-relocation, we might call a user-supplied function - (e.g. calloc from _dl_relocate_object) that uses TLS data. */ - /* Set up the object lookup structures. */ _dl_find_object_init (); - /* The malloc implementation has been relocated, so resolving - its symbols (and potentially calling IFUNC resolvers) is safe - at this point. */ - __rtld_malloc_init_real (main_map); - /* Likewise for the locking implementation. */ __rtld_mutex_init (); + /* Re-relocate ourselves with user-controlled symbol definitions. */ + { RTLD_TIMING_VAR (start); rtld_timer_start (&start); - /* Mark the link map as not yet relocated again. */ - GL(dl_rtld_map).l_relocated = 0; - _dl_relocate_object (&GL(dl_rtld_map), main_map->l_scope, 0, 0); + _dl_relocate_object_no_relro (&GL(dl_rtld_map), main_map->l_scope, 0, 0); + + /* The malloc implementation has been relocated, so resolving + its symbols (and potentially calling IFUNC resolvers) is safe + at this point. */ + __rtld_malloc_init_real (main_map); + + if (GL(dl_rtld_map).l_relro_size != 0) + _dl_protect_relro (&GL(dl_rtld_map)); rtld_timer_accum (&relocate_time, start); } |