Stream: wg-secure-code

Topic: project ideas?


Shnatsel (Nov 05 2018 at 19:36, on Zulip):

My new job is so awesome that I get 2 weeks of paid work time to work with a small team on a project of our choosing. It will most likely be coded in Go. Any ideas on what it could be that would be beneficial to Rust ecosystem?
No guarantees on whether it would be released to the public, but I could get something prototyped for you at least

Joshua Liebow-Feeser (Nov 05 2018 at 19:39, on Zulip):

Add support for modifying symbols in object files. Currently the Go standard library only supports parsing object files.

Joshua Liebow-Feeser (Nov 05 2018 at 19:40, on Zulip):

That may sound out of left field, but it would unlock using multiple different versions of a Rust crate which depends on a C library.

Joshua Liebow-Feeser (Nov 05 2018 at 19:41, on Zulip):

Obviously even better if it's in Rust rather than Go, but anything would be great.

Shnatsel (Nov 05 2018 at 19:48, on Zulip):

I'm not sure I understand the task. Are we talking about .o files? What kind of modifications do you expect and what are the use cases?

Joshua Liebow-Feeser (Nov 05 2018 at 19:50, on Zulip):

Whatever the platform-specific object file format is. Mach-O for Mac, ELF for Linux, PE for Windows, etc. I think those three would be the biggest deal. Most crates probably don't target outside of those three.

Joshua Liebow-Feeser (Nov 05 2018 at 19:50, on Zulip):

And the modifications are simply symbol renaming.

Joshua Liebow-Feeser (Nov 05 2018 at 19:50, on Zulip):

The goal is to compile and then rename the objects in the object file with a custom prefix which is specific to this version of your crate.

Joshua Liebow-Feeser (Nov 05 2018 at 19:51, on Zulip):

E.g., say you have a crate called foo. If you were compiling version 1.2.3 of that crate, you'd add the prefix __FOO_1_2_3_ to all of the symbols. That way, two different object files build from the same library but built for different versions of the crate would have no overlapping symbols, and so linking would succeed.

Shnatsel (Nov 05 2018 at 19:52, on Zulip):

That... sounds actually pretty trivial. Is there any reason it hasn't been done before?

Joshua Liebow-Feeser (Nov 05 2018 at 19:52, on Zulip):

Not sure why. I suspect it just wasn't needed for their use cases.

Joshua Liebow-Feeser (Nov 05 2018 at 19:53, on Zulip):

If you want more details on how this works - and the awful lengths you have to go to if you don't have object-file-level symbol renaming - see the README here: https://github.com/google/mundane/tree/master/boringssl

Shnatsel (Nov 05 2018 at 20:05, on Zulip):

Why have I never heard of Mundane before? It actually looks very interesting

Joshua Liebow-Feeser (Nov 05 2018 at 20:06, on Zulip):

We haven't officially announced it yet. It's been on my back burner, but I got super swamped with other stuff recently.

Alex Gaynor (Nov 05 2018 at 20:06, on Zulip):

Is mundane no longer developed on the fuschia git?

Joshua Liebow-Feeser (Nov 05 2018 at 20:06, on Zulip):

It is, but it's mirrored to GitHub.

Joshua Liebow-Feeser (Nov 05 2018 at 20:07, on Zulip):

The source of truth is in a separate repo now, but still in fuchsia.googlesource.com: https://fuchsia.googlesource.com/mundane

Joshua Liebow-Feeser (Nov 05 2018 at 20:07, on Zulip):

And @Shnatsel, to give you a sense of how awesome it'd be to have object file symbol renaming, it took me probably a month of full time work to get the symbol renaming in Mundane working.

Joshua Liebow-Feeser (Nov 05 2018 at 20:08, on Zulip):

Part of that was adding symbol prefixing support to BoringSSL, and part of it was integrating it into Mundane. It was a giant PITA.

Shnatsel (Nov 05 2018 at 20:08, on Zulip):

C build systems are always a giant PITA

Shnatsel (Nov 05 2018 at 20:10, on Zulip):

I trust you've written the Go program to discover symbols as well?

Shnatsel (Nov 05 2018 at 20:11, on Zulip):

Anyway, thanks for the input, I'll float that idea to the team

Tony Arcieri (Nov 05 2018 at 20:24, on Zulip):

@Shnatsel productionize https://blog.filippo.io/rustgo/ ? :stuck_out_tongue_wink:

Shnatsel (Nov 05 2018 at 20:25, on Zulip):

Why is that different from linking C libraries? Or that's somehow made a PITA in Go?

Tony Arcieri (Nov 05 2018 at 20:26, on Zulip):

it avoids CGo and libffi and the associated overhead

Shnatsel (Nov 05 2018 at 20:33, on Zulip):

Okay, that's pretty cool, but I'm not sure I can handle that much unsafety, and I have no clue how to debug what's going on. Still, that's neat. I'll float this idea

Tony Arcieri (Nov 05 2018 at 21:49, on Zulip):

indeed it seems hard :dizzy:

Last update: Nov 11 2019 at 22:40UTC