This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [RFC][PATCH v1 0/5] Proof-of-Concept implementation of RTLD_SHARED for dlmopen
On 05/18/2018 03:05 PM, Vivek Das Mohapatra wrote:
> Further things I should mention:
>
> - I was wondering if anything other than the core cluster mentioned
> above needed to be shared.
I was going to talk about this, but forgot.
You must group all libraries that use GLIBC_PRIVATE interfaces into
a cluster, otherwise you risk mix-matched versions of glibc attempting
to communicate with each other via non-existant or incorrect versions
of the unversioned GLIBC_PRIVATE APIs.
In truth this turns out to be possible in *all* of the shared objects
installed by the implementation. So I think this is really going to have
to be "namespace split *above* glibc" and *everything* in glibc is shared
among all the namespaces.
> - On a semi related note: The runtime-isolation work that triggered
> the original project needs to capture the whole of the libc cluster:
> would you be averse to there being some sort of mechanism that would
> allow a program to determine the list of .so files that constituted
> the GLIBC installation? Could be API returning a list of sonames, or
> a canonical manifest file would probably also do.
I think we want a markup approach to this.
Define a new DT_LMNS and set it to a string value "$PROXY" if the object
should be part of the global set of loaded objects which are loaded into
the base namespace and proxied into all other namespaces.
Likewise we could say DT_LMNS can be equal to a string that represents
a unique namespace, and any other objects with the same string will be
loaded into the same namespace. With all strings starting with "$" being
reserved.
We need to fix binutils to add DT_LMNS, and set it via a new command line
flag, and then build all glibc SOs with DT_LMNS set to "$PROXY" so they
appear in all link namespaces.
Now we have a few good win/win scenarios:
* You can now force objects into a dlmopen namespace even if you link
directly with them by setting DT_LMNS to a value other than $.*
You would have to look these objects up to use them via a namespaced
dl_iterate_phtr?
* You can add new objects to $PROXY if you want them to be exposed
through all of the namespaces too.
Thoughts?
--
Cheers,
Carlos.