On Wed, 09/11 11:46, Richard Henderson wrote: > On 09/11/2013 08:48 AM, Daniel P. Berrange wrote: > > We know the precise list of valid modules when building QEMU, > > so IMHO, this should just explicitly load each known module > > name, and *not* readdir. Also it should do something along the > > lines suggested their of poisoning exported symbols with a > > build hash to guarantee the modules loaded match the original > > binary and that the symbols change on every rebuild. > > We need not mangle the symbols, which could be complicated to > actually implement, and irritating to work around within gdb. > Agree with this, some id or hash check should be enough.
> We could instead just add the build-id as a variable within > the module. Read and compare the build-id after loading the > module; unload and reject on mismatch. > > > r~