LD_PRELOAD work in progress

Martin Pitt martin.pitt at ubuntu.com
Tue Mar 3 06:18:02 UTC 2015

Hey Michael,

Michael Terry [2015-03-02 10:47 -0500]:
> > > - Is hairy to get right for all cases (many obscure low-level entry
> > points that
> > > take a filename, pitti warns there are gaps)
> > > - App might make a direct ioctl calls that can't be intercepted

This is supposed to be "syscall", not ioctl.

> > I'm somewhat confused by this: doesn't the ioctl(2) call take an open fd
> > and
> > therefore we wouldn't need to do anything special for it?
> Fair point!  I copied that talking point from an email without thinking it
> through.  Though arguments to the ioctl can't be interpreted, if they are
> filenames... (does that happen?)
> Pitti, does it change your feeling of dread at all to consider that we only
> want to intercept calls that use filenames?

There might indeed be ioctls which take filenames, but the main
problems are direct syscalls. I. e. mostly stuff that's written in
languages which don't directly use libc, but use syscall() directly;
I've also seen those in projects which have some portability shims.

Anyway, these were just some warnings about issues you are likely to
run into for larger projects. However, with fakechroot and to some
degree also umockdev there are precedents and ready-to-steal code
available at least, and strace is your friend in debugging those :-)

I agree to you that LD_PRELOAD is probably the most immediately
applicable solution right now, for packages that it works for.

Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)

More information about the snappy-devel mailing list