Bug 206093

Summary: Investigate whether libpsx can be built as a shared library.
Product: Tools Reporter: Andrew G. Morgan (morgan)
Component: libcapAssignee: Andrew G. Morgan (morgan)
Status: RESOLVED CODE_FIX    
Severity: enhancement CC: morgan
Priority: P3    
Hardware: All   
OS: Linux   
Kernel Version: all Subsystem:
Regression: No Bisected commit-id:

Description Andrew G. Morgan 2020-01-05 23:42:43 UTC
With libcap-2.28 we started to include a mini library: libpsx. Through some linker magic, libpsx provides a way for pthreads to all share kernel security state - it provides an extension of the nptl:setxid support internal to glibc.

Currently, this library is only built as an un-versioned static ".a" library. Empirically, the API is still evolving, and the ABI provided by this library has changed (backward-incompatibly) in the libcap-2.29 and 2.30 releases.

For now, I'm reluctant to offer libpsx as a versioned ".so" file because I want some API stability confidence in the face of real world usage. I may also need to adjust the API further if the Go package requirements on the "libcap/cap" package from the upstream golang sources, change dramatically. That is, the eventual state of https://go-review.googlesource.com/c/go/+/210639/ .

That being said, at some point, the API will stabilize and producing "libpsx.so" will make sense. I'll tentatively set a date of 2020-10-10 as a rough timescale for adding this support. But will fine tune this date the closer we get to it.
Comment 1 Andrew G. Morgan 2020-01-05 23:47:18 UTC
Adjusting this to being classed as a possible enhancement.
Comment 2 Andrew G. Morgan 2020-10-14 04:43:43 UTC
I've started to look at this.
Comment 3 Andrew G. Morgan 2020-10-18 01:37:16 UTC
This should be fixed with the following patch (which will eventually be included in 2.45):

https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=6b1d98b7d6463a1773a217423d82994fb70d2a48

I'm going to mark this feature request fixed, but feel free to confirm, or raise an issue via this present bug.