Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20200423023941.GQ11469@brightrain.aerifal.cx>
Date: Wed, 22 Apr 2020 22:39:41 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: foreign-dlopen: dlopen() from static binary, again (and
 not the way you think!)

On Thu, Apr 23, 2020 at 02:25:31AM +0300, Paul Sokolovsky wrote:
> Hello,
> 
> Just as many (well, few) people I was surprised by the inability to
> dlopen() from a static binary
> (https://www.openwall.com/lists/musl/2012/12/08/4 , etc.). I started to
> hack into musl's dynamic linker, just to find it a bit ... tangled.
> That of course was nothing compared to taking a standalone ELF loader
> and trying to deal with glibc's dynamic loader, that was total mess
> (just look at https://github.com/robgjansen/elf-loader, which tried to
> do that; tried, because it doesn't work with recent glibc versions,
> and need constant patching).
> 
> Oh, forgot to say that I'm not looking for a way to load a
> particular musl-dynlinked shared library into musl-staticlinked binary.
> So, arguments like "but you'll need to carry around musl's libc.so"
> don't apply. What I'm looking for is a way to have a static closed-world
> application, but let it, at the user's request, to interface with
> whatever system may be outside.
> 
> So, seeing what a mess is doing "honest" dynamic loading for real
> world, and given my usecase, which is about wanting to touch that mess
> as little as possible with bare hands, I came to a cute blackbox'ish
> solution to an issue. The rest of the story and proof of concept code
> is at https://github.com/pfalcon/foreign-dlopen .

In your example it looks like you're foreign_dlopen'ing glibc. That
simply *can't* work, because part of the interface contract of all
glibc functions is that they're called with the thread pointer
register (%gs or %fs on i386 or x86_64 respectively) pointing to a
glibc TCB, which will not be the case when they're invoked from a
musl-linked (or other non-glibc-linked) program.

If you relax to the case where you're not doing that, and instead only
opening *pure library* code which has no tie-in to global state or TLS
contracts, then it should be able to work.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.