* Alexander Monakov: > Well, the first paragraph in your initial mail was talking very explicitly > about making a tailcall from the wrapper, so I guess the goalpost has moved.
Uhm, I meant a tailcall from the trampoline, not the wrapper. >> LD_AUDIT offers outright replacement of the address for this scenario, >> but it breaks down if the targeted shared object is loaded multiple >> times (either literally into different dynamic linker namespaces, or >> conceptually, with different sonames). This is where LD_PRELOAD >> wrapping becomes problematic, true. With address replacement, there is >> just no contextual information at all provided by the dynamic linker. >> If you need it, you need to generate your own trampoline. And then we >> end up with the question how the trampoline can forward the information >> to the wrapping function. (Without multiple instances, you could just >> store the real implementation address and information about the shared >> object or the implementation in global variables.) > > If audit authors need that kind of dynamic granularity, teach them how > to create new copies of hooks at runtime (place hooks in a DSO without > an soname, create a new symlink to that dso, dlopen the symlink). Or > provide a dlopen flag to achieve the same without the symlink. It makes deployment more difficult (even with the dlopen flag), but maybe that's the best option.
