0

I want to load a shared object to certain processes, there are certain conditions that are required:

  • Loading to only specific processes and not all of them;
  • It has to be done before the process code starts executing;
  • The processes are not mine.

What are the available ways to support this functionality on Linux?

Can it be accomplished with "/etc/ld.so.preload" or "LD_PRELOAD=/my/lib.so"? Is a kernel module needed for this?

Rachid K.
  • 4,490
  • 3
  • 11
  • 30
ALsec
  • 11
  • 2
  • If you have conflicting shared libraries, use containers to separate them. – stark Aug 30 '22 at 10:56
  • hi @stark, thanks, however it's not about conflicts, I want to control certain functionality so containers are irrelevant in my case – ALsec Aug 30 '22 at 10:59
  • There is no way to easily do what you want under Linux. If you do not have control over what starts the process (and how), but you need to have a shared object preloaded into it before the process starts executing its own code, you can't do much from another process. The only way I can think of doing this is replacing the dynamic loader of the system with a custom version created by you. – Marco Bonelli Aug 30 '22 at 16:29
  • @MarcoBonelli thanks, I will check about replacing the dynamic loader. would it be possible to control the behavior with a kernel module? – ALsec Aug 30 '22 at 20:33
  • @ALsec AFAIK not with a kernel module because the kernel ELF loader is built-in into the kernel, so adding a kernel module wouldn't do much as it wouldn't be able to "replace" or "control" the loader... you could use it to attach some hooks but that'd be pretty clumsy. – Marco Bonelli Aug 30 '22 at 21:11
  • thanks @MarcoBonelli I'll check /etc/ld.so.preload as you & Rachid suggested below and search for other avenues – ALsec Aug 31 '22 at 06:22

1 Answers1

1

LD_PRELOAD could be used to load a specific generic tiny library which on its side will load any additional library the process needs with dlopen() service. Typically, applications able to load plugins, look into a specific directory and call dlopen() for all the library files found into it.
You need to define an entry point in the generic library which will be triggered at loading time. With gccyou can define this entry point with a constructor attribute:

void __attribute__ ((constructor)) lib_initialize(void);

void lib_initialize(void)
{
  // Look into a specific directory to see if there are libs to
  // load with dlopen()
}

This mechanism does not need any specific kernel module.

If LD_PRELOAD environment variable has too much limitations for the OP's use case, the libraries (or at least the tiny generic library discussed above) can be put in /etc/ld.so.preload. Look at the manual of ld.so, section FILES.

Rachid K.
  • 4,490
  • 3
  • 11
  • 30
  • thanks @Rachid K. I'm unclear on how it can be used when I'm not the one who starts the target processes... if I hold off execution in lib_initialize(), e.g. by waiting on a file/socket, will it delay execution until the function returns or continue in another thread? appreciated! – ALsec Aug 30 '22 at 12:52
  • I updated the answer to discuss about /etc/ld.so.preload mechanism. – Rachid K. Aug 30 '22 at 19:09
  • Ah, that is interesting, I forgot about that system wide file. @ALsec it could be a good solution for you. – Marco Bonelli Aug 30 '22 at 21:10