[libselinux] Add patch from dbhole at redhat.com to initialize thread keys to -1 Errors were being seen in libpthrea
Daniel J Walsh
dwalsh at fedoraproject.org
Tue Apr 5 16:11:02 UTC 2011
commit 4b2caaad18bf54c9a4dd10d60826b4ad64188055
Author: Dan Walsh <dwalsh at redhat.com>
Date: Tue Apr 5 12:10:57 2011 -0400
Add patch from dbhole at redhat.com to initialize thread keys to -1
Errors were being seen in libpthread/libdl that were related
to corrupt thread specific keys. Global destructors that are called on dl
unload. During destruction delete a thread specific key without checking
if it has been initialized. Since the constructor is not called each time
(i.e. key is not initialized with pthread_key_create each time), and the
default is 0, there is a possibility that key 0 for an active thread gets
deleted. This is exactly what is happening in case of OpenJDK.
libselinux-rhat.patch | 24 +++++++++++++++++++++++-
libselinux.spec | 16 +++++++++++++++-
2 files changed, 38 insertions(+), 2 deletions(-)
---
diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index af4b819..96f6577 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -239,7 +239,7 @@ index 36ce029..83d2143 100644
/*
* If we failed to disable, SELinux will still be
diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
-index f3e45af..2f3c16a 100644
+index f3e45af..1333aa0 100644
--- a/libselinux/src/matchpathcon.c
+++ b/libselinux/src/matchpathcon.c
@@ -2,6 +2,7 @@
@@ -250,6 +250,15 @@ index f3e45af..2f3c16a 100644
#include "selinux_internal.h"
#include "label_internal.h"
#include "callbacks.h"
+@@ -16,7 +17,7 @@ static __thread int con_array_size;
+ static __thread int con_array_used;
+
+ static pthread_once_t once = PTHREAD_ONCE_INIT;
+-static pthread_key_t destructor_key;
++static pthread_key_t destructor_key = -1;
+
+ static int add_array_elt(char *con)
+ {
@@ -60,7 +61,7 @@ static void
{
va_list ap;
@@ -1407,3 +1416,16 @@ index e0884f6..e60a3d3 100644
SWIG_Python_SetConstant(d, "SELINUX_AVD_FLAGS_PERMISSIVE",SWIG_From_int((int)(0x0001)));
SWIG_Python_SetConstant(d, "SELINUX_CB_LOG",SWIG_From_int((int)(0)));
SWIG_Python_SetConstant(d, "SELINUX_CB_AUDIT",SWIG_From_int((int)(1)));
+diff --git a/libselinux/src/setrans_client.c b/libselinux/src/setrans_client.c
+index 4bdbe08..eb18ca0 100644
+--- a/libselinux/src/setrans_client.c
++++ b/libselinux/src/setrans_client.c
+@@ -34,7 +34,7 @@ static __thread char *prev_r2c_trans = NULL;
+ static __thread security_context_t prev_r2c_raw = NULL;
+
+ static pthread_once_t once = PTHREAD_ONCE_INIT;
+-static pthread_key_t destructor_key;
++static pthread_key_t destructor_key = -1;
+ static __thread char destructor_initialized;
+
+ /*
diff --git a/libselinux.spec b/libselinux.spec
index 1769062..796a7de 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -7,7 +7,7 @@
Summary: SELinux library and simple utilities
Name: libselinux
Version: 2.0.99
-Release: 3%{?dist}
+Release: 4%{?dist}
License: Public Domain
Group: System Environment/Libraries
Source: http://www.nsa.gov/research/selinux/%{name}-%{version}.tgz
@@ -236,6 +236,20 @@ exit 0
%{ruby_sitearch}/selinux.so
%changelog
+* Tue Apr 5 2011 Dan Walsh <dwalsh at redhat.com> - 2.0.99-4
+Add patch from dbhole at redhat.com to initialize thread keys to -1
+Errors were being seen in libpthread/libdl that were related
+to corrupt thread specific keys. Global destructors that are called on dl
+unload. During destruction delete a thread specific key without checking
+if it has been initialized. Since the constructor is not called each time
+(i.e. key is not initialized with pthread_key_create each time), and the
+default is 0, there is a possibility that key 0 for an active thread gets
+deleted. This is exactly what is happening in case of OpenJDK.
+
+Workaround patch that initializes the key to -1. Thus if the constructor is not
+called, the destructor tries to delete key -1 which is deemed invalid by
+pthread_key_delete, and is ignored.
+
* Tue Apr 5 2011 Dan Walsh <dwalsh at redhat.com> - 2.0.99-3
- Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data
More information about the scm-commits
mailing list