[Dev] Loading shared objects of application from platform libraries

Tomasz Swierczek t.swierczek at samsung.com
Thu May 9 04:31:42 UTC 2019


+1 on that: if we could see your code & some test case for it, it would be way easier.

Parichay, from your description I see that its technically the application process that is performing the dlopen() call, on its own library – that should not fail, especially, since you say you’re passing full absolute path to the call.

BTW (maybe an obvious thing, but still) did you try to get error via dlerror() function? 

Best Regards,

Samsung_Logo_for_Mail_Signature

 

Tomasz Świerczek

Samsung R&D Institute Poland

Samsung Electronics

Office +48 22 377 95 59

Cell +48 503 135 021

t.swierczek at samsung.com

 

From: Dev [mailto:dev-bounces at lists.tizen.org] On Behalf Of MyungJoo Ham
Sent: Wednesday, May 08, 2019 3:26 PM
To: Parichay Kapoor; dev at lists.tizen.org
Subject: Re: [Dev] Loading shared objects of application from platform libraries

 

There is a correction: it's Tizen 5.5 (tizen branch), not 5.0, of Tizen:Unified, which is already "released".

 

Parichay, you may share your code, rephrased as a minimal code along with full build script and test environment, via github.com (your personal repo). Your related code is already an open source code. It would be great if you could make a .spec file that tests what you want is accomplished or not (i.e., gbs build fails if the custom filter is not loaded). Based on this, you can easily and automatically get a regression test as well.

 

Cheers,

MyungJoo 

--------- Original Message ---------

Hello Tomasz Swierczek

 

Thanks for the response.

 

1) The system component is a multimedia framework (which is the RPM) for running neural network models. This framework will support running various models for inference. So, an application can call the system component to run its own model (this is the SO file) for inference.

 

2) Yes, the system component is an SO file along with a c-api + static library. An application can use the c-api provided to use it. No, its not a system service, just a library.

 

3) The SO file in the application is located in the ./lib/ folder of the application. The full path of the SO in the system is /opt/usr/globalapps/org.example.application/lib/libxyz.so. The output of chsmack <path> - access="User::Pkg::org.example.application::RO"

The current owner of the file is tizenglobalapp and the group is root. I have tried with permissions of 644 and 775, but still no success.

 

I am using Tizen version 5.0.  

Regarding how the SO file is loaded - currently, the SO file is a custom model file, which is being loaded using dlopen()/dlsys() in the library and loaded functions are correspondingly called.

For the purpose of testing, the full path of the SO file is being passed to the system library from the application.

 

Regards

Parichay Kapoor

 

--------- Original Message ---------

Sender : Tomasz Swierczek <t.swierczek at samsung.com> Staff Engineer/Head of Part/Security (PLT) /SRPOL/Samsung Electronics

Date : 2019-05-07 14:21 (GMT+9)

Title : RE: [Dev] Loading shared objects of application from platform libraries

 

Hello Parichay, Kapoor,

 

1)      Can you elaborate more on why a system component – which you RPM will be – should open an SO file provided by application?

 

2)      From your earlier emails from the mailing list I can see that your system component is an SO file (subject “[Dev] Adding new rpm package to tizen emulator+SDK”) – how is it run? Which process uses it? Is it a system service? If yes, which one?

 

3)      Can you list up the attributes if SO file *provided by the application* (its location after the application is installed, with full path on the system plus output of chsmack <the path>?)

 

In general, depending on which Tizen version your device has (I am assuming Tizen version 3.0 or higher), there should be nothing that prevents system components (run with Smack labels User, System or System::Privileged) to manipulate application binaries (execute/read them) – most importantly, because application launcher (also a system component!) needs to be able to properly execute applications, which can freely contain some SO files of their own (like ie. org.tizen.contacts app has under its ./lib/ subdirectory where it is installed). However, in principle, running application code (considered typically unsafe) in context of a system service (which I’m assuming you’re not doing, however, I’m asking number 2. just to be sure), can possibly be a little bit dangerous.

 

Also, if you say that you try to load the SO file of the app somehow and cannot do it – how exactly do you try to do it? Can you list some errors/actions taken to do it so I could help you more? For sure the system loader doesn’t have the apps/<id>/lib path of each application in its searching path – are you sure you’re trying to load the SO file from proper location?

 

Best Regards,

 


 

Tomasz Świerczek

Samsung R&D Institute Poland

Samsung Electronics

Office +48 22 377 95 59

Cell +48 503 135 021

t.swierczek at samsung.com

 



From: Dev [mailto:dev-bounces at lists.tizen.org] On Behalf Of Parichay Kapoor 
Sent: Friday, April 19, 2019 12:20 PM 
To: dev at lists.tizen.org 
Subject: [Dev] Loading shared objects of application from platform libraries

 

Hello

 

We are making a new package for tizen along with its c-api for Tizen. One of the features of the package is to run a shared-object .so file provided by the application. (package loads model.so from the application and executes it)


However, I am not able to load the shared object from the application in the package.

This is most likely due tizen security policy, which does not allow loading shared objects of application from platform libraries.

 

Is there any work around for this?

 

Regards

Parichay

_______________________________________________

Dev mailing list

Dev at lists.tizen.org

https://lists.tizen.org/listinfo/dev

 

 

--

MyungJoo Ham (함명주), Ph.D.

On-Device Lab, Platform Team, Samsung Research.
Cell: +82-10-6714-2858


 

 


 

  <http://ext.samsung.net/mail/ext/v1/external/status/update?userid=myungjoo.ham&do=bWFpbElEPTIwMTkwNTA4MTMyNTUwZXBjbXMxcDJmMWQxMjAzZjVlMjYwOGU3Zjc4YzE5OGZjM2RhMzg5YiZyZWNpcGllbnRBZGRyZXNzPWRldkBsaXN0cy50aXplbi5vcmc_> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.tizen.org/pipermail/dev/attachments/20190509/5fb3fc6f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 13168 bytes
Desc: not available
URL: <https://lists.tizen.org/pipermail/dev/attachments/20190509/5fb3fc6f/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 9754 bytes
Desc: not available
URL: <https://lists.tizen.org/pipermail/dev/attachments/20190509/5fb3fc6f/attachment-0001.png>


More information about the Dev mailing list