Fixed multi-archness of the `demo' script.

[libobjid.git] / README

Usage
-----

Provide `/usr/lib/libobjid.so' to the list of libraries in `LD_PRELOAD':
  LD_PRELOAD=/usr/lib/libobjid.so programname programarguments

It will extend the stored core file info in the case the program segfaults.
In this case you can check it got activated by its STDERR message:
  libobjid: core

You need patched GDB and its --objectdirectory option to use the location info.
Copy all the shared libraries used by the program to a common storage directory
and invoke gdb as:
  gdb --objectdirectory=storage/directory --core=path/to/core.xyz

You should keep the original filenames and store them only to different
directories, according to their version.  Be sure to also store the debuginfo
files along:
  /path/to/libc.so.6
  /path/to/libc.so.6.debug

More debug info during segfault can be seen by setting the `LIBOBJID' level:

  LIBOBJID=9 LD_PRELOAD=/usr/lib/libobjid.so programname programarguments


Limitations
-----------

The code currently does not undo any relocations.  Any (ineffective) non-PIC
shared libraries will not be located by libobjid.

Non-PIE executable files are loaded at their compiled location - OK.
PIC shared libraries do not use any relocations in their readonly sections - OK.
x86_64 fails to load non-PIC shared libraries during tests - N/A.
i386 permits running non-PIC shared libraries - FAIL but these are ineffective.


Implementation Principle
------------------------

During SIGSEGV handling dl_iterate_phdr() is used to iterate program headers
and the readonly sections get checksummed and stored to a newly mapped
PAGE_SIZE-based memory being identified by its magic header.

Stored information structure can be found in "objid.h".

Unfortunately it cannot be linked to existing ELF structures as locating them
requires the pages of the original executable binary which we try identify and
find by them.
The original executable's shared libraries list can be found from its
program header DYNAMIC / section .dynamic - DT_NEEDED tag.
While this section is located in writable memory stored in the core file the
program headers / section headers table is in the executable read only pages
not present in the core file.


Implementation Invocation
-------------------------

Currently the code binary-patches (after mprotect (PROT_WRITE)) glibc itself as
it does not provide PLT to replace its `__sigaction' function being called by
`__signal' and many others.
It is currently the only architecture-dependent part of libobjid now.

Later with available `__sigaction' glibc PLT entry one would still need to
`LD_PRELOAD=/usr/lib/libobjid.so'.  With integrating this library to Red Hat
glibc it would apply to all the binaries except the ones statically built on
non-libobjid glibc systems.  But statically built binaries do not need any
libobjid functionality so it makes no problem.


Proper Reimplementation
-----------------------

Linux kernel should core dump the page(s) containing original executable's
program headers, the page(s) containing its `DYNAMIC' segment and according to
its `DT_GNU_LIBLIST' and `DT_GNU_LIBLISTSZ' also the page(s) containing its
`.gnu.liblist' section.

prelink(8) should provide DYNAMIC's `DT_CHECKSUM' field even for executables.

GDB would be afterwards able locate `AUXVEC->AT_PHDR->DYNAMIC->DT_CHECKSUM' for
the main executable checksum and `AUXVEC->AT_PHDR->DYNAMIC->DT_GNU_LIBLIST' for
the list of the needed libraries identified by its `l_checksum' field.

Only the executables/libraries properly prelink(8)ed together would be
identifiable by GDB.


$Id$