Bug 206093

Summary:	Investigate whether libpsx can be built as a shared library.
Product:	Tools	Reporter:	Andrew G. Morgan (morgan)
Component:	libcap	Assignee:	Andrew G. Morgan (morgan)
Status:	RESOLVED CODE_FIX
Severity:	enhancement	CC:	morgan
Priority:	P3
Hardware:	All
OS:	Linux
Kernel Version:	all	Subsystem:
Regression:	No	Bisected commit-id:

Description Andrew G. Morgan 2020-01-05 23:42:43 UTC

With libcap-2.28 we started to include a mini library: libpsx. Through some linker magic, libpsx provides a way for pthreads to all share kernel security state - it provides an extension of the nptl:setxid support internal to glibc.

Currently, this library is only built as an un-versioned static ".a" library. Empirically, the API is still evolving, and the ABI provided by this library has changed (backward-incompatibly) in the libcap-2.29 and 2.30 releases.

For now, I'm reluctant to offer libpsx as a versioned ".so" file because I want some API stability confidence in the face of real world usage. I may also need to adjust the API further if the Go package requirements on the "libcap/cap" package from the upstream golang sources, change dramatically. That is, the eventual state of https://go-review.googlesource.com/c/go/+/210639/ .

That being said, at some point, the API will stabilize and producing "libpsx.so" will make sense. I'll tentatively set a date of 2020-10-10 as a rough timescale for adding this support. But will fine tune this date the closer we get to it.

Comment 1 Andrew G. Morgan 2020-01-05 23:47:18 UTC

Adjusting this to being classed as a possible enhancement.

Comment 2 Andrew G. Morgan 2020-10-14 04:43:43 UTC

I've started to look at this.

Comment 3 Andrew G. Morgan 2020-10-18 01:37:16 UTC

This should be fixed with the following patch (which will eventually be included in 2.45):

https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=6b1d98b7d6463a1773a217423d82994fb70d2a48

I'm going to mark this feature request fixed, but feel free to confirm, or raise an issue via this present bug.