elf: Enable RTLD_NODELETE on __libc_unwind_link_get
The libgcc_s.so can also be sealed. The library is loaded once
and not unloaded during process execution (only for memory debug
with __libc_unwind_link_freeres).
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
The new Linux mseal syscall allows seal memory mappings to avoid
further changes such as memory protection or remap. The sealing
is done in multiple places where the memory is supposed to
be immutable over program execution:
* All shared library dependencies from the binary, including the
read-only segments after PT_GNU_RELRO setup.
* The binary itself, including dynamic and static links. In both
It is up either to binary or the loader to set up the sealing.
* The vDSO vma provided by the kernel (if existent).
* Any preload libraries.
* Any library loaded with dlopen with RTLD_NODELETE flag.
For binary dependencies, the RTLD_NODELETE signals the
link_map should be sealed. It also makes dlopen objects with the
flag sealed as well.
The sealing is controlled by a new tunable, glibc.rtld.seal, with
three different states:
0. Disabled where no sealing is done. This is the default.
1. Enabled, where the loader will issue the mseal syscall on the
memory mappings but any failure will be ignored. This is
the default.
2. Enforce, similar to Enabled but any failure from the mseal
will terminate the process.
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
It as added on Linux 6.10 (8be7258aad44b5e25977a98db136f677fa6f4370)
as way to block operations as unmaping, moving to another location,
shrinking the size, expanding the size, or modifying to a pre-existent
memory mapping.
Although the systecall only work on 64 bit CPU, the entrypoint was
added for all ABIs (since kernel might eventually implement it to
additional ones and/or the abi can execute on a 64 bit kernel).
Checked on x86_64-linux-gnu.
19f6d6a...
by
Stefan Liebler <email address hidden>
s390x: Regenerate ULPs.
Needed due to:
- "Implement C23 log10p1"
commit ID 55eb99e9a9d840ba452b128be14d6529c2dde039
- "Implement C23 exp2m1, exp10m1"
commit ID 7ec903e028271d029818378fd60ddaf6b76b89ac
HWCAP value is overwritten at the first comparison of the LASX case.
The second comparison at LSX get incorrect result.
Change to use t0 to save HWCAP value, and use t1 to save comparison
result.