linux-stable/arch
Johannes Berg 0c626de2ce um: Mark all kernel symbols as local
[ Upstream commit d5027ca63e ]

Ritesh reported a bug [1] against UML, noting that it crashed on
startup. The backtrace shows the following (heavily redacted):

(gdb) bt
...
 #26 0x0000000060015b5d in sem_init () at ipc/sem.c:268
 #27 0x00007f89906d92f7 in ?? () from /lib/x86_64-linux-gnu/libcom_err.so.2
 #28 0x00007f8990ab8fb2 in call_init (...) at dl-init.c:72
...
 #40 0x00007f89909bf3a6 in nss_load_library (...) at nsswitch.c:359
...
 #44 0x00007f8990895e35 in _nss_compat_getgrnam_r (...) at nss_compat/compat-grp.c:486
 #45 0x00007f8990968b85 in __getgrnam_r [...]
 #46 0x00007f89909d6b77 in grantpt [...]
 #47 0x00007f8990a9394e in __GI_openpty [...]
 #48 0x00000000604a1f65 in openpty_cb (...) at arch/um/os-Linux/sigio.c:407
 #49 0x00000000604a58d0 in start_idle_thread (...) at arch/um/os-Linux/skas/process.c:598
 #50 0x0000000060004a3d in start_uml () at arch/um/kernel/skas/process.c:45
 #51 0x00000000600047b2 in linux_main (...) at arch/um/kernel/um_arch.c:334
 #52 0x000000006000574f in main (...) at arch/um/os-Linux/main.c:144

indicating that the UML function openpty_cb() calls openpty(),
which internally calls __getgrnam_r(), which causes the nsswitch
machinery to get started.

This loads, through lots of indirection that I snipped, the
libcom_err.so.2 library, which (in an unknown function, "??")
calls sem_init().

Now, of course it wants to get libpthread's sem_init(), since
it's linked against libpthread. However, the dynamic linker
looks up that symbol against the binary first, and gets the
kernel's sem_init().

Hajime Tazaki noted that "objcopy -L" can localize a symbol,
so the dynamic linker wouldn't do the lookup this way. I tried,
but for some reason that didn't seem to work.

Doing the same thing in the linker script instead does seem to
work, though I cannot entirely explain - it *also* works if I
just add "VERSION { { global: *; }; }" instead, indicating that
something else is happening that I don't really understand. It
may be that explicitly doing that marks them with some kind of
empty version, and that's different from the default.

Explicitly marking them with a version breaks kallsyms, so that
doesn't seem to be possible.

Marking all the symbols as local seems correct, and does seem
to address the issue, so do that. Also do it for static link,
nsswitch libraries could still be loaded there.

[1] https://bugs.debian.org/983379

Reported-by: Ritesh Raj Sarraf <rrs@debian.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Acked-By: Anton Ivanov <anton.ivanov@cambridgegreys.com>
Tested-By: Ritesh Raj Sarraf <rrs@debian.org>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-05-22 10:57:42 +02:00
..
alpha alpha: fix annotation of io{read,write}{16,32}be() 2020-08-26 10:29:57 +02:00
arc ARC: entry: fix off-by-one error in syscall number validation 2021-05-22 10:57:39 +02:00
arm ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend() 2021-05-22 10:57:42 +02:00
arm64 arm64/vdso: Discard .note.gnu.property sections in vDSO 2021-05-22 10:57:21 +02:00
blackfin
c6x
cris
frv
h8300 h8300: fix PREEMPTION build, TI_PRE_COUNT undefined 2021-02-23 14:00:33 +01:00
hexagon
ia64 ia64: fix discontig.c section mismatches 2021-04-28 12:08:43 +02:00
m32r
m68k m68k: q40: Fix info-leak in rtc_ioctl 2020-10-01 13:12:26 +02:00
metag
microblaze microblaze: Prevent the overflow of the start 2020-02-28 16:36:08 +01:00
mips MIPS: Avoid handcoded DIVU in `__div64_32' altogether 2021-05-22 10:57:41 +02:00
mn10300
nios2 nios2: ksyms: Add missing symbol exports 2020-01-27 14:46:24 +01:00
openrisc openrisc: Fix issue with argument clobbering for clone/fork 2020-06-25 15:41:56 +02:00
parisc parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers 2021-04-16 11:57:48 +02:00
powerpc powerpc/64s: Fix crashes when toggling entry flush barrier 2021-05-22 10:57:39 +02:00
s390 KVM: s390: split kvm_s390_real_to_abs 2021-05-22 10:57:26 +02:00
score
sh sh: dma: fix kconfig dependency for G2_DMA 2021-01-30 13:31:15 +01:00
sparc sparc64: Fix opcode filtering in handling of no fault loads 2021-03-30 14:40:09 +02:00
tile
um um: Mark all kernel symbols as local 2021-05-22 10:57:42 +02:00
unicore32
x86 x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes 2021-05-22 10:57:41 +02:00
xtensa xtensa: disable preemption around cache alias management calls 2020-11-24 13:05:56 +01:00
.gitignore
Kconfig mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race 2020-11-18 18:28:03 +01:00