Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 4 Jul 2017 09:41:55 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: re-opening a shared object

On Tue, Jul 04, 2017 at 04:21:00PM +0300, Timo Teras wrote:
> Hi,
> 
> I mentioned this issue earlier in the IRC, but wanted to write it as an
> email so this does not get forgotten.
> 
> Basically the issue at hand is that at least Asterisk and Kamailio
> (possibly others too) have a plugin system, where the plugin can
> request whether it's symbols should be global or not. To implement this
> the core code may dlopen the library, then dlclose, and finally dlopen
> again with different flags. This does not work in musl since dlclose is
> a stub, and dlopening again with different flags seems to not do
> anything.
> 
> As example the sequence for kamailio is mostly:
>  1. dlopen(file, RTLD_NOW)
>  2. call library to figure out it wants RTLD_GLOBAL
>  3. dlclose()
>  4. dlopen(file, RTLD_NOW|RTLD_GLOBAL)
> 
> But I also think the Asterisk code is doing the opposite - defaulting
> to RTLD_GLOBAL|RTLD_LAZY, and re-opening with RTLD_LOCAL|RTLD_NOW if
> needed (which I think should be the other way around).
> 
> Anyway, would it be feasible to implement the above in musl? Perhaps,
> by having dlopen() explicitly support promoting RTLD_LAZY to RTLD_NOW;
> and RTLD_LOCAL to RTLD_GLOBAL? What would be the way to implement this?

I think your statement of the problem is likely wrong. musl has always
supported (this is required by POSIX) promotion from RTLD_LOCAL to
RTLD_GLOBAL. Perhaps calling dlopen with RTLD_NOW when the requested
library was already opened with RTLD_LAZY is not enforcing symbol
resolution success as a condition for dlopen success; if that's the
case it's a bug and I'll fix it.

The other direction, demotion from global to local, is not possible to
do safely for many of the same reasons unloading isn't safe. But it
really should not be needed; if applications are trying to do this
it's an application bug and likely can also fail under more obscure
conditions on glibc too.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.