svn commit: r310025 - head/libexec/rtld-elf

Bryan Drewery bdrewery at FreeBSD.org
Tue Dec 13 18:05:15 UTC 2016


Author: bdrewery
Date: Tue Dec 13 18:05:14 2016
New Revision: 310025
URL: https://svnweb.freebsd.org/changeset/base/310025

Log:
  Take write lock for rtld_bind before modifying obj_list in dl_iterate_phdr().
  
  This avoids a race with readers such as dladdr(3)/dlinfo(3)/dlsym(3) and
  the atexit(3) handler.  This race was introduced in r294373.
  
  Reviewed by:	markj, kib, kan
  MFC after:	2 weeks
  Sponsored by:	Dell EMC Isilon

Modified:
  head/libexec/rtld-elf/rtld.c

Modified: head/libexec/rtld-elf/rtld.c
==============================================================================
--- head/libexec/rtld-elf/rtld.c	Tue Dec 13 16:53:58 2016	(r310024)
+++ head/libexec/rtld-elf/rtld.c	Tue Dec 13 18:05:14 2016	(r310025)
@@ -3549,7 +3549,7 @@ dl_iterate_phdr(__dl_iterate_hdr_callbac
 	error = 0;
 
 	wlock_acquire(rtld_phdr_lock, &phdr_lockstate);
-	rlock_acquire(rtld_bind_lock, &bind_lockstate);
+	wlock_acquire(rtld_bind_lock, &bind_lockstate);
 	for (obj = globallist_curr(TAILQ_FIRST(&obj_list)); obj != NULL;) {
 		TAILQ_INSERT_AFTER(&obj_list, obj, &marker, next);
 		rtld_fill_dl_phdr_info(obj, &phdr_info);
@@ -3557,7 +3557,7 @@ dl_iterate_phdr(__dl_iterate_hdr_callbac
 
 		error = callback(&phdr_info, sizeof phdr_info, param);
 
-		rlock_acquire(rtld_bind_lock, &bind_lockstate);
+		wlock_acquire(rtld_bind_lock, &bind_lockstate);
 		obj = globallist_next(&marker);
 		TAILQ_REMOVE(&obj_list, &marker, next);
 		if (error != 0) {


More information about the svn-src-all mailing list