Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20191202043943.tmevimy6aoytfrg3@gmail.com>
Date: Sun, 1 Dec 2019 20:39:43 -0800
From: Fangrui Song <i@...kray.me>
To: Jon Chesterfield <jonathanchesterfield@...il.com>
Cc: musl@...ts.openwall.com
Subject: Re: libc.so, Bsymbolic no longer necessary?

On 2019-12-02, Jon Chesterfield wrote:
>Hey,
>
>The early design notes for musl mention linking with Bsymbolic, which seemed
>reasonable. I don't see that in the current Makefile, or the equivalent
>protected visibility.
>
>This seems to suggest that LD_PRELOAD can override calls to libc from within
>libc. That seems dubious. Is there a use case for this? Or is it avoided by the
>control flow in the loader itself?
>
>I'm thinking of building the musl loader/libc elf with protected visibility on
>the exported symbols and wondered whether I'm missing something.

-Bsymbolic-functions was changed to --dynamic-list in commit
b9410061e2ad6fe91bb3910c3adc7d4a315b7ce9 (2018-04). 
The file dynamic.list lists the symbols that can be interposed.
Among the list you can find allocator functions (malloc and its
friends) See commit c9f415d7ea2dace5bf77f6518b6afc36bb7a5732

Some notes:

An empty --dynamic-list is identical to -Bsymbolic.

--dynamic-list with a list that specifies all STT_OBJECT symbols is
similar to -Bsymbolic-function. Specifying STT_OBJECT symbols (e.g.
stdin/stdout/environ) is to support COPY relocations.

   // lld/ELF/Writer.cpp
   static bool computeIsPreemptible(const Symbol &b) {
     assert(!b.isLocal());
   
     // Only symbols that appear in dynsym can be preempted.
     if (!b.includeInDynsym())
       return false;
   
     // Only default visibility symbols can be preempted.
     if (b.visibility != STV_DEFAULT)
       return false;
   
     // At this point copy relocations have not been created yet, so any
     // symbol that is not defined locally is preemptible.
     if (!b.isDefined())
       return true;
   
     if (!config->shared)
       return false;
   
     // If the dynamic list is present, it specifies preemptable symbols in a DSO.
     if (config->hasDynamicList)
       return b.inDynamicList;
   
     // -Bsymbolic means that definitions are not preempted.
     if (config->bsymbolic || (config->bsymbolicFunctions && b.isFunc()))
       return false;
     return true;
   }

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.