public inbox for glibc-bugs@sourceware.org help / color / mirror / Atom feed
From: "janderson at rice dot edu" <sourceware-bugzilla@sourceware.org> To: glibc-bugs@sourceware.org Subject: [Bug dynamic-link/30127] [rfe]: enable ld audit at run-time Date: Fri, 03 Mar 2023 06:20:41 +0000 [thread overview] Message-ID: <bug-30127-131-B2pQxWoAvP@http.sourceware.org/bugzilla/> (raw) In-Reply-To: <bug-30127-131@http.sourceware.org/bugzilla/> https://sourceware.org/bugzilla/show_bug.cgi?id=30127 --- Comment #33 from Jonathon Anderson <janderson at rice dot edu> --- (In reply to Stas Sergeev from comment #32) > (In reply to Jonathon Anderson from comment #31) > > I can't say the current solutions are appealing. You've made it very > > difficult for a dynamically-loaded auditor to accomplish any auditor-like > > Posted v7 which just calls la_objopen() > for pre-existing libs, similar to dl_main(). So, my group currently assumes la_objopen() happens before the init constructors of the referenced objects. It turns out to be an important callback for registering callbacks in runtime libraries before transferring control back to the application. Is there a way to indicate to the auditor that it's "missed the boat" so auditors that need this timing can recover gracefully? > > > You mentioned in another ticket > > (https://sourceware.org/bugzilla/show_bug.cgi?id=30007#c2) that the whole > > point of this is to access data objects in the solib. Do you write this > > solib? > > I write a shim that should load (via dlmem()) other > libs, built from some 30 years old sources (that neither > me nor anyone else writes today), and allows them to work > on a current system. I.e. this is a compatibility layer. > Compatibility layer, unfortunately, can't require changing > the legacy code. What you propose, will require mostly a > full rewrites, eg I have no idea how would the one identify > all pointers to all vars and change all such vars to a heap > objects... Why would you have to lift the variables in the legacy code? Those are already "inside" the VM, right? What it sounds like you're trying to do is pass a pointer to the data segment of a 64-bit library "outside" the VM to the 32-bit legacy code running "inside" the VM. Which it will then dereference to access or alter some variable shared "across the VM gap." Does this match your use case? If you control this 64-bit library, you should be able to lift the shared variables to pointers. Just allocate them "inside" the VM's more restrictive address space and reference from "outside." In this case Glibc doesn't even get involved. The only reason you would require dlmem() or la_premap is if you didn't control the 64-bit library who's data segment needs to be shared "across the gap." Is this the case? > > > Could you override mmap itself for the files you want mapped in the right > > locations? > > But it won't be relocated to that address. The result of the first call to mmap() for an solib decides the base address for the solib, which is the address all relocations are relative to. So it should relocate to the right address if your mmap wrapper is sane. See _dl_map_segments (esp. lines 85-95 and 106) and _dl_map_segment. There's a performance penalty to syscall wrapping (and it's arch-specific and ugly), but AFAICT it should work just fine for this case. > > > You mentioned DT_AUDIT wouldn't work, so I presume the executable is out of > > your control, e.g. you're extending a VM with an solib plugin? If so, do you > > not have the access to set LD_AUDIT in the environment before launching the > > executable? You can always make your auditor "no-op" except when needed. > > This is possible but a quite clumsy solution IMO. > And of course it would still need all other patches > (dlmem etc) except this one. So I'd rather concentrate > on making dlload_audit_module() suitable for your needs. This solution matches well with the (few) use cases auditors have been tested in so far. If you want something that *works* (reliably) for this rather specific use case, a little clumsiness is the least of your worries IMHO. -- You are receiving this mail because: You are on the CC list for the bug.
next prev parent reply other threads:[~2023-03-03 6:20 UTC|newest] Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top 2023-02-15 8:23 [Bug dynamic-link/30127] New: " stsp at users dot sourceforge.net 2023-02-16 18:42 ` [Bug dynamic-link/30127] " fweimer at redhat dot com 2023-02-17 2:54 ` stsp at users dot sourceforge.net 2023-02-17 7:17 ` stsp at users dot sourceforge.net 2023-02-17 8:08 ` fweimer at redhat dot com 2023-02-17 8:38 ` stsp at users dot sourceforge.net 2023-02-17 8:56 ` fweimer at redhat dot com 2023-02-17 9:32 ` stsp at users dot sourceforge.net 2023-02-17 9:38 ` stsp at users dot sourceforge.net 2023-02-17 9:44 ` stsp at users dot sourceforge.net 2023-02-17 10:23 ` fweimer at redhat dot com 2023-02-17 10:59 ` stsp at users dot sourceforge.net 2023-02-17 12:46 ` fweimer at redhat dot com 2023-02-17 13:43 ` schwab@linux-m68k.org 2023-02-17 13:55 ` stsp at users dot sourceforge.net 2023-02-17 13:57 ` stsp at users dot sourceforge.net 2023-02-20 8:33 ` fweimer at redhat dot com 2023-02-21 15:39 ` stsp at users dot sourceforge.net 2023-02-21 19:43 ` janderson at rice dot edu 2023-02-21 20:09 ` stsp at users dot sourceforge.net 2023-02-22 16:46 ` stsp at users dot sourceforge.net 2023-02-23 16:02 ` janderson at rice dot edu 2023-02-23 16:35 ` stsp at users dot sourceforge.net 2023-02-24 18:02 ` stsp at users dot sourceforge.net 2023-02-25 16:57 ` stsp at users dot sourceforge.net 2023-02-25 18:49 ` carlos at redhat dot com 2023-02-25 19:00 ` stsp at users dot sourceforge.net 2023-02-26 16:54 ` janderson at rice dot edu 2023-02-26 17:22 ` stsp at users dot sourceforge.net 2023-02-26 19:22 ` stsp at users dot sourceforge.net 2023-03-02 14:39 ` stsp at users dot sourceforge.net 2023-03-02 16:13 ` janderson at rice dot edu 2023-03-02 19:56 ` stsp at users dot sourceforge.net 2023-03-03 6:20 ` janderson at rice dot edu [this message] 2023-03-03 12:36 ` stsp at users dot sourceforge.net 2023-03-04 11:33 ` stsp at users dot sourceforge.net 2023-03-06 9:12 ` janderson at rice dot edu 2023-03-06 10:09 ` stsp at users dot sourceforge.net 2023-03-06 10:56 ` stsp at users dot sourceforge.net 2023-03-07 8:54 ` janderson at rice dot edu 2023-03-07 16:50 ` stsp at users dot sourceforge.net 2023-03-12 8:42 ` stsp at users dot sourceforge.net 2023-03-13 9:22 ` janderson at rice dot edu 2023-03-13 9:41 ` janderson at rice dot edu 2023-03-13 10:01 ` stsp at users dot sourceforge.net 2023-03-13 10:46 ` stsp at users dot sourceforge.net 2023-03-13 11:17 ` stsp at users dot sourceforge.net 2023-03-13 20:26 ` stsp at users dot sourceforge.net 2023-03-14 15:11 ` stsp at users dot sourceforge.net 2023-03-15 5:34 ` janderson at rice dot edu
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-30127-131-B2pQxWoAvP@http.sourceware.org/bugzilla/ \ --to=sourceware-bugzilla@sourceware.org \ --cc=glibc-bugs@sourceware.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).