Skip to content

Runtime ELF patching and rtld_audit removal#810

Open
wdcui wants to merge 4 commits intomainfrom
wdcui/pr4-runtime-patch
Open

Runtime ELF patching and rtld_audit removal#810
wdcui wants to merge 4 commits intomainfrom
wdcui/pr4-runtime-patch

Conversation

@wdcui
Copy link
Copy Markdown
Member

@wdcui wdcui commented Apr 25, 2026

Summary

Replace the rtld_audit LD_AUDIT-based syscall interception with runtime ELF patching during mmap. When a PROT_EXEC segment is mapped, the shim now patches syscall instructions in-place and places trampoline stubs in a dynamically-allocated region near the code.

This is part of a series splitting PR #739 into independent PRs:

  • PR4 (this PR): Runtime patching + rtld_audit removal
  • PR1: Syscall rewriter format change (redzone, R11)
  • PR2: Syscall rewriter improvement (IP-relative instructions)
  • PR3: Syscall rewriter cleanup (remove x86-32)

Key changes

  • Add patch_code_segment() public API to syscall rewriter for runtime use
  • Add ElfPatchState/ElfPatchCache for per-fd tracking of patch state
  • Add maybe_patch_exec_segment() called from do_mmap_file for PROT_EXEC segments
  • Add init_elf_patch_state() to parse ELF headers and detect pre-patched binaries via trampoline magic at file tail
  • Add finalize_elf_patch() on fd close to clean up trampoline mappings
  • Add reserve_trampoline parameter to ElfParsedFile::load() to bump brk past the runtime trampoline region
  • Add UnpatchedBinary error variant for loader trampoline parsing
  • Remove litebox_rtld_audit/ (C LD_AUDIT library)
  • Remove rtld_audit.so packaging from litebox_packager and runner crates
  • Remove LD_AUDIT environment variable injection from runners
  • Remove build.rs files that compiled rtld_audit.so

Testing

All non-TUN tests pass locally (TUN tests require EPERM capabilities not available in dev environments).

wdcui added 2 commits April 24, 2026 18:22
@wdcui
Runtime ELF patching and rtld_audit removal
7b76480 
Replace the rtld_audit LD_AUDIT-based syscall interception with runtime
ELF patching during mmap. When a PROT_EXEC segment is mapped, the shim
now patches syscall instructions in-place and places trampoline stubs
in a dynamically-allocated region near the code.

Key changes:
- Add patch_code_segment() public API to syscall rewriter for runtime use
- Add ElfPatchState/ElfPatchCache for per-fd tracking of patch state
- Add maybe_patch_exec_segment() called from do_mmap_file for PROT_EXEC
- Add init_elf_patch_state() to parse ELF headers and detect pre-patched
  binaries via trampoline magic at file tail
- Add finalize_elf_patch() on fd close to clean up trampoline mappings
- Add reserve_trampoline parameter to ElfParsedFile::load() to bump brk
  past the runtime trampoline region for unpatched binaries
- Add UnpatchedBinary error variant for loader trampoline parsing
- Remove litebox_rtld_audit/ (C LD_AUDIT library)
- Remove rtld_audit.so packaging from litebox_packager and runner crates
- Remove LD_AUDIT environment variable injection from runners
- Remove build.rs files that compiled rtld_audit.so
@wdcui
Remove duplicate doc comment on maybe_patch_exec_segment
2225fd2
@wdcui wdcui mentioned this pull request Apr 25, 2026
Open
wdcui added 2 commits April 25, 2026 14:48
@wdcui
Handle unpatched binaries in optee shim ELF loader
4b1b4aa 
Mirror the linux shim's parse_trampoline/load_mapped pattern: tolerate
UnpatchedBinary errors and reserve trampoline space for runtime patching.
@wdcui
update comment
78d0cb6
@wdcui wdcui marked this pull request as ready for review April 25, 2026 21:54
@wdcui
Copy link
Copy Markdown
Member Author

wdcui commented Apr 25, 2026

This PR is ready for review. Thanks!

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 25, 2026

🤖 SemverChecks 🤖 ⚠️ Potential breaking API changes detected ⚠️

Click for details 
--- failure enum_variant_added: enum variant added on exhaustive enum ---

Description:
A publicly-visible enum without #[non_exhaustive] has a new variant.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#enum-variant-new
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.47.0/src/lints/enum_variant_added.ron

Failed in:
  variant ElfParseError:UnpatchedBinary in /home/runner/work/litebox/litebox/litebox_common_linux/src/loader.rs:130

--- failure method_parameter_count_changed: pub method parameter count changed ---

Description:
A publicly-visible method now takes a different number of parameters, not counting the receiver (self) parameter.
        ref: https://doc.rust-lang.org/cargo/reference/semver.html#fn-change-arity
       impl: https://github.com/obi1kenobi/cargo-semver-checks/tree/v0.47.0/src/lints/method_parameter_count_changed.ron

Failed in:
  litebox_common_linux::loader::ElfParsedFile::load takes 2 parameters in /home/runner/work/litebox/litebox/target/semver-checks/git-main/b16d89910d07fd5a1ed27c82df5b110d657dae5f/litebox_common_linux/src/loader.rs:365, but now takes 3 parameters in /home/runner/work/litebox/litebox/litebox_common_linux/src/loader.rs:375

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sangho2 sangho2 Awaiting requested review from sangho2

@CvvT CvvT Awaiting requested review from CvvT

@jaybosamiya-ms jaybosamiya-ms Awaiting requested review from jaybosamiya-ms

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@wdcui