From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HTML_MESSAGE,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,RDNS_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: (qmail 13131 invoked from network); 23 Mar 2020 16:27:18 -0000 Received-SPF: pass (mother.openwall.net: domain of lists.openwall.com designates 195.42.179.200 as permitted sender) receiver=inbox.vuxu.org; client-ip=195.42.179.200 envelope-from= Received: from unknown (HELO mother.openwall.net) (195.42.179.200) by inbox.vuxu.org with ESMTP; 23 Mar 2020 16:27:18 -0000 Received: (qmail 22487 invoked by uid 550); 23 Mar 2020 16:27:12 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 18286 invoked from network); 23 Mar 2020 16:11:03 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sqreen-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to:cc; bh=KrDmzz/12OI4RA9/qGnbQUt6i63cnFEz6wN0Q3DWOcY=; b=lnsvJGAAZdYW6z1VM7+3J4QSqiOm7lzH3h32F7M+jX6T8NvGXwVFKJf0OC12yi6Pzj jjmGW+BAB7oQIllovcx5Og4GiCN+FSyhFnkwdptQL8ful9a12JMuQgYz9LR9CPVs50uo fPLKvpdqCxGZMs/YMsvfobkclhv8dByaPW0wcG2WOub7OxZ2QF8vdblpuckvVbSo5Kdr FS85VViY8OQ6/jz/hRYY52pJ/H593ATEHgskWIYqLt6NxJEAPI6VpoGCXeUbGXEkhi5l uuIGfg4pF9TEMq7GGSxDynCbvhZHgqjDgw25Y2aZNWpLfT2UCLQeBaf1IC60CMu5VvJL jgGQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=KrDmzz/12OI4RA9/qGnbQUt6i63cnFEz6wN0Q3DWOcY=; b=lYbV0tOLsaRto553RSMuPCKy7ppnJPzvzXOQaFCskNGBKsEHcGPPcYdrK09FWfBk3C OD99OfcENEedQzqvsvppYN0uVclo+evhXsbX5lYBptM3Jq1alxliPaanqdOkjeQGSPzW 7WN7+6fXSIaf0ymGMuT48xVU9Cw2Dx5TwF2g7dxoaYYFz+86tlIKFdSSwRtmmHPs559u NYza+Lt6CqEpXKpr5V7Dq/+blOV0Ox1FbbTld4XOqhTlMOk5RrRN5CvRwYoR4V+TfgFa XehVjxfeWrGhaLL14BHULbrULCKffYgvI04ily94SCo2C1rNtaHziPj1I/ylNYPtzNqj iNaQ== X-Gm-Message-State: ANhLgQ21sfzcgU4/g0imDNWB0Y9mXNgHLOcujA76FbcaSH9jcoVebHJq SpyTE94FROtnvv5FRJwCjXLyT9AuKo5C4CN47TmlKzjvtIt2 X-Google-Smtp-Source: ADFU+vvgTkp3Bb7Xf44C0yokqeRqAy+dd54a2Adn7EOlunjwdOPAsIfMae77tWEFXbFFuo/x/PHJ8VhIyFfaa/zc1Z0= X-Received: by 2002:a1f:200c:: with SMTP id g12mr13284276vkg.84.1584979851394; Mon, 23 Mar 2020 09:10:51 -0700 (PDT) MIME-Version: 1.0 From: Julio Guerra Date: Mon, 23 Mar 2020 17:10:40 +0100 Message-ID: To: musl@lists.openwall.com Cc: Vladimir de Turckheim Content-Type: multipart/alternative; boundary="00000000000004d2ba05a187e1dd" Subject: [musl] [Bug] Do not ignore membarrier return code --00000000000004d2ba05a187e1dd Content-Type: text/plain; charset="UTF-8" Hello, The implementation of dlopen() uses membarrier() ( https://git.musl-libc.org/cgit/musl/tree/ldso/dynlink.c#n1579) while currently forbidden by the default docker seccomp profile. I perfectly understand that it's on docker's end and I suggested them to add it in this PR but such a critical syscall shouldn't be silently ignored. And it for example leads to random segfaults on nodejs. I also saw opened qemu issues related to membarrier + alpine. dlopen() should therefore fail when membarrier fails (ie. in this case when __membarrier(MEMBARRIER_CMD_PRIVATE_EXPEDITED, 0) != 0). Happy to provide the patch if agreed! All the best, Julio Guerra --00000000000004d2ba05a187e1dd Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello,

The implementation of dlopen() uses membarrier() (<= a href=3D"https://git.musl-libc.org/cgit/musl/tree/ldso/dynlink.c#n1579" st= yle=3D"font-family:Arial,Helvetica,sans-serif">https://git.musl-libc.org/cg= it/musl/tree/ldso/dynlink.c#n1579) while currently forbidden by the def= ault docker seccomp profile.

I perfectly understand that it's on= docker's end and I suggested them to add it in this PR but such a critical syscall should= n't be silently ignored. And it for example leads to random segfaults o= n nodejs. I also saw opened qemu issues related to membarrier=C2=A0+ alpine= .

dlopen() should therefore fail when membarrier fails (ie. in this ca= se when=C2=A0__membarrier(MEMBARRIER_CMD_PRIVATE_EXPEDITED= , 0)=C2=A0!=3D 0).

Happy to provide the patch if agreed!
<= div class=3D"gmail_default" style=3D"font-family:verdana,sans-serif">All th= e best,
Julio Guerra
--00000000000004d2ba05a187e1dd--