From 4b2caaad18bf54c9a4dd10d60826b4ad64188055 Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Tue, 5 Apr 2011 12:10:57 -0400 Subject: [PATCH] Add patch from dbhole@redhat.com to initialize thread keys to -1 Errors were being seen in libpthread/libdl that were related to corrupt thread specific keys. Global destructors that are called on dl unload. During destruction delete a thread specific key without checking if it has been initialized. Since the constructor is not called each time (i.e. key is not initialized with pthread_key_create each time), and the default is 0, there is a possibility that key 0 for an active thread gets deleted. This is exactly what is happening in case of OpenJDK. --- libselinux-rhat.patch | 24 +++++++++++++++++++++++- libselinux.spec | 16 +++++++++++++++- 2 files changed, 38 insertions(+), 2 deletions(-) diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch index af4b819..96f6577 100644 --- a/libselinux-rhat.patch +++ b/libselinux-rhat.patch @@ -239,7 +239,7 @@ index 36ce029..83d2143 100644 /* * If we failed to disable, SELinux will still be diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c -index f3e45af..2f3c16a 100644 +index f3e45af..1333aa0 100644 --- a/libselinux/src/matchpathcon.c +++ b/libselinux/src/matchpathcon.c @@ -2,6 +2,7 @@ @@ -250,6 +250,15 @@ index f3e45af..2f3c16a 100644 #include "selinux_internal.h" #include "label_internal.h" #include "callbacks.h" +@@ -16,7 +17,7 @@ static __thread int con_array_size; + static __thread int con_array_used; + + static pthread_once_t once = PTHREAD_ONCE_INIT; +-static pthread_key_t destructor_key; ++static pthread_key_t destructor_key = -1; + + static int add_array_elt(char *con) + { @@ -60,7 +61,7 @@ static void { va_list ap; @@ -1407,3 +1416,16 @@ index e0884f6..e60a3d3 100644 SWIG_Python_SetConstant(d, "SELINUX_AVD_FLAGS_PERMISSIVE",SWIG_From_int((int)(0x0001))); SWIG_Python_SetConstant(d, "SELINUX_CB_LOG",SWIG_From_int((int)(0))); SWIG_Python_SetConstant(d, "SELINUX_CB_AUDIT",SWIG_From_int((int)(1))); +diff --git a/libselinux/src/setrans_client.c b/libselinux/src/setrans_client.c +index 4bdbe08..eb18ca0 100644 +--- a/libselinux/src/setrans_client.c ++++ b/libselinux/src/setrans_client.c +@@ -34,7 +34,7 @@ static __thread char *prev_r2c_trans = NULL; + static __thread security_context_t prev_r2c_raw = NULL; + + static pthread_once_t once = PTHREAD_ONCE_INIT; +-static pthread_key_t destructor_key; ++static pthread_key_t destructor_key = -1; + static __thread char destructor_initialized; + + /* diff --git a/libselinux.spec b/libselinux.spec index 1769062..796a7de 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -7,7 +7,7 @@ Summary: SELinux library and simple utilities Name: libselinux Version: 2.0.99 -Release: 3%{?dist} +Release: 4%{?dist} License: Public Domain Group: System Environment/Libraries Source: http://www.nsa.gov/research/selinux/%{name}-%{version}.tgz @@ -236,6 +236,20 @@ exit 0 %{ruby_sitearch}/selinux.so %changelog +* Tue Apr 5 2011 Dan Walsh - 2.0.99-4 +Add patch from dbhole@redhat.com to initialize thread keys to -1 +Errors were being seen in libpthread/libdl that were related +to corrupt thread specific keys. Global destructors that are called on dl +unload. During destruction delete a thread specific key without checking +if it has been initialized. Since the constructor is not called each time +(i.e. key is not initialized with pthread_key_create each time), and the +default is 0, there is a possibility that key 0 for an active thread gets +deleted. This is exactly what is happening in case of OpenJDK. + +Workaround patch that initializes the key to -1. Thus if the constructor is not +called, the destructor tries to delete key -1 which is deemed invalid by +pthread_key_delete, and is ignored. + * Tue Apr 5 2011 Dan Walsh - 2.0.99-3 - Call fini_selinuxmnt if selinux is disabled, to cause is_selinux_disabled() to report correct data