Author: markj
Date: Thu Dec 22 17:44:27 2016
New Revision: 310422
URL: https://svnweb.freebsd.org/changeset/base/310422
Log:
rtld: Fix a couple of bugs around the unloading of ELF filters.
- Pass the correct object to unload_filtees().
- Use a marker to restart iteration after unload_filtees() has returned.
It calls dlclose() and may recursively remove entries from the global
object list, so TAILQ_FOREACH_SAFE is not sufficient.
Reviewed by: kib
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Modified:
head/libexec/rtld-elf/rtld.c
Modified: head/libexec/rtld-elf/rtld.c
==============================================================================
--- head/libexec/rtld-elf/rtld.c Thu Dec 22 17:41:32 2016
(r310421)
+++ head/libexec/rtld-elf/rtld.c Thu Dec 22 17:44:27 2016
(r310422)
@@ -90,6 +90,7 @@ static const char *gethints(bool);
static void hold_object(Obj_Entry *);
static void unhold_object(Obj_Entry *);
static void init_dag(Obj_Entry *);
+static void init_marker(Obj_Entry *);
static void init_pagesizes(Elf_Auxinfo **aux_info);
static void init_rtld(caddr_t, Elf_Auxinfo **);
static void initlist_add_neededs(Needed_Entry *, Objlist *);
@@ -1829,6 +1830,14 @@ init_dag(Obj_Entry *root)
root->dag_inited = true;
}
+static void
+init_marker(Obj_Entry *marker)
+{
+
+ bzero(marker, sizeof(*marker));
+ marker->marker = true;
+}
+
Obj_Entry *
globallist_curr(const Obj_Entry *obj)
{
@@ -3566,8 +3575,7 @@ dl_iterate_phdr(__dl_iterate_hdr_callbac
RtldLockState bind_lockstate, phdr_lockstate;
int error;
- bzero(&marker, sizeof(marker));
- marker.marker = true;
+ init_marker(&marker);
error = 0;
wlock_acquire(rtld_phdr_lock, &phdr_lockstate);
@@ -4419,7 +4427,7 @@ trace_loaded_objects(Obj_Entry *obj)
static void
unload_object(Obj_Entry *root)
{
- Obj_Entry *obj, *obj1;
+ Obj_Entry marker, *obj, *next;
assert(root->refcount == 0);
@@ -4430,7 +4438,8 @@ unload_object(Obj_Entry *root)
unlink_object(root);
/* Unmap all objects that are no longer referenced. */
- TAILQ_FOREACH_SAFE(obj, &obj_list, next, obj1) {
+ for (obj = TAILQ_FIRST(&obj_list); obj != NULL; obj = next) {
+ next = TAILQ_NEXT(obj, next);
if (obj->marker || obj->refcount != 0)
continue;
LD_UTRACE(UTRACE_UNLOAD_OBJECT, obj, obj->mapbase,
@@ -4444,7 +4453,16 @@ unload_object(Obj_Entry *root)
TAILQ_REMOVE(&obj_list, obj, next);
obj_count--;
- unload_filtees(root);
+ if (obj->filtees_loaded) {
+ if (next != NULL) {
+ init_marker(&marker);
+ TAILQ_INSERT_BEFORE(next, &marker, next);
+ unload_filtees(obj);
+ next = TAILQ_NEXT(&marker, next);
+ TAILQ_REMOVE(&obj_list, &marker, next);
+ } else
+ unload_filtees(obj);
+ }
release_object(obj);
}
}
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
