[Bug dynamic-link/26075] New: Static TLS usage in audit modules should affect static TLS reservation

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug dynamic-link/26075] New: Static TLS usage in audit modules should affect static TLS reservation

Sourceware - glibc-bugs mailing list
https://sourceware.org/bugzilla/show_bug.cgi?id=26075

            Bug ID: 26075
           Summary: Static TLS usage in audit modules should affect static
                    TLS reservation
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: minor
          Priority: P2
         Component: dynamic-link
          Assignee: unassigned at sourceware dot org
          Reporter: fweimer at redhat dot com
  Target Milestone: ---
             Flags: security-

TLS usage from audit modules is not taken into account for sizing the static
TLS area. As a result, too much TLS usage from audit modules causes all
programs to fail to load. This also happens for static TLS usage in glibc
itself, so it cannot be fully worked around by using dynamic TLS in audit
modules.

(Due to the early TCB reservation necessary to run audit code, the static TLS
reservation is also needed for loading the main program, I think, but this bug
is not about that.)

--
You are receiving this mail because:
You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug dynamic-link/26075] Static TLS usage in audit modules should affect static TLS reservation

Sourceware - glibc-bugs mailing list
https://sourceware.org/bugzilla/show_bug.cgi?id=26075

Florian Weimer <fweimer at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |fweimer at redhat dot com
         Resolution|---                         |WORKSFORME

--- Comment #1 from Florian Weimer <fweimer at redhat dot com> ---
It turns out that elf/dl-tls.c attempts to account for this already, it's just
that the limit has not been updated in a while:

/* Amount of excess space to allocate in the static TLS area
   to allow dynamic loading of modules defining IE-model TLS data.  */
#define TLS_STATIC_SURPLUS     64 + DL_NNS * 100

There cannot be more than DL_NNS - 1 audit modules, so if the magic constant
100 reflects implementation TLS usage (it currently does not, it is more like
144 bytes),

--
You are receiving this mail because:
You are on the CC list for the bug.