Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20160915151426.GH15995@brightrain.aerifal.cx>
Date: Thu, 15 Sep 2016 11:14:26 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: Deploying a dynamic executable on glibc systems - how?

On Thu, Sep 15, 2016 at 02:20:27PM +0100, Jon Chesterfield wrote:
> Hi all,
> 
> I have just been through the process of shipping a program built on a
> recent glibc system for use on an old one. This has left me looking for an
> alternative.
> 
> In general, I like the approach of statically linking everything and
> shipping the single enormous binary. This solves the compatibility problems
> in exchange for removing dynamic linking.
> 
> Unfortunately I also like dlopen and the combination of static linking and
> dlopen is an unhappy one.
> 
> My thoughts on resolving this are:
> 1/ link the entire musl libc into a static main executable
> 2/ put all the symbols in a table analogous to a plt in this executable
> 3/ hack the loader to look in said table
> 4/ open plugin using dlopen
> 
> The idea is to keep main static enough that it doesn't need the system
> loader to start, yet dynamic enough that libc can be exported.
> 
> However, "first hack the loader" suggests there may be a better way. I'm
> essentially looking for a way of deploying an application that can load
> plugins without also installing the musl loader to the host. Can someone
> see a better solution?

The simplest way to achieve what you want is a shell script that does:

	exec "$loc/ld-musl-$arch.so.1" -- "$loc/your.bin" "$@"

The location $loc could be hard-coded at install time or the script
could derive it from its own location somehow. This doesn't achieve
single-file deployment but it is very easy to do.

A more elaborate idea is to make a utility that glues together a
collection of ELF files into a single executable. But in order for the
result to successfully execute, some different code is needed so that
the dynamic linker knows where to find the (glued-in) main program
entry point and knows the names of all the libraries (so that it
doesn't try to load them again when it sees them as dependencies for
DT_NEEDED entries of dlopen'd libraries). Some minor changes could
probably be made to the loader code to make this work. Ideally the
necessary data for the loader to use to make sense of the
glued-together libs and main program should be something clean in the
ELF scheme of things that other implementations could adopt (so the
same glue-together tool could be used with glibc, etc.)

Alternatively we could make static-linked dlopen work, but this is
complicated and has lots of its own difficulties.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.