-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Load dependencies by name #1594
base: master
Are you sure you want to change the base?
Conversation
3872b7b
to
4605226
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From the security standpoint, this is good for now.
A few notes:
- This is still up for discussion but anything beside ERROR_SUCCESS from WinVerifyTrust should result in an error instead of a warning sometimes. The user always has to option to turn off signature verification if they want, so once it's on, it's either success or failure.
- Might also need review from the TBB team.
- If there are some testing results that we can share, that will be great.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Update to use SearchPathA is good from the security point of view.
dd5a544
to
5e6c672
Compare
Thanks, @egfefey! Then I proceed with productization of this patch. |
CMakeLists.txt
Outdated
@@ -122,6 +122,7 @@ cmake_dependent_option(TBBMALLOC_PROXY_BUILD "Enable tbbmalloc_proxy build" ON " | |||
option(TBB_CPF "Enable preview features of the library" OFF) | |||
option(TBB_FIND_PACKAGE "Enable search for external oneTBB using find_package instead of build from sources" OFF) | |||
option(TBB_DISABLE_HWLOC_AUTOMATIC_SEARCH "Disable HWLOC automatic search by pkg-config tool" ${CMAKE_CROSSCOMPILING}) | |||
option(TBB_VERIFY_DEPENDENCY_SIGNATURE "Verify signature of a dependency during its dynamic run-time linking" ON) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please document this option in cmake/README.md as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point!
Also, I wanted reverting the meaning by re-naming it as, for example, TBB_SKIP_DEPENDENCY_SIGNATURE_VALIDATION
to extend the compilation command only if user disables validation, and miss it for the normal builds.
Additionally, but less important is to make the option longer so that users are less leaner towards using it. 🙂
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I personally prefer the current name :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed to not change the user-facing option, but amend the internal.
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
Signed-off-by: Fedotov, Aleksei <aleksei.fedotov@intel.com>
6f001d1
to
65b3f89
Compare
case dl_lib_not_found: | ||
str = va_arg(args, const char*); | ||
error = va_arg(args, dlerr_t); | ||
TBB_FPRINTF(stdout, "%s The module \"%s\" was not found. System error: " |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe replace stdout by stderr?
Description
This PR allows loading dependencies by module name only as it is proposed in this RFC. In particular, it:
The signature verification is enabled by default. To disable it explicitly, user needs specifying
-DTBB_VERIFY_DEPENDENCY_SIGNATURE=OFF
in the invocation command of CMake. In this case the warning message appears:The patch also adds optional reporting of dynamic link issues. Examples of the output:
The issues reporting is disabled by default and can be enabled by setting
TBB_DYNAMIC_LINK_WARNING
macro during the build.