Skip to main content

vsdo

Nathaniel
So the next one we will look at is the vdso crate. And the vdso crate, I'll also pull up the documentation for that as well. So the vdso crate gives us access to symbols in the virtual dynamic shared object, which is a Linux of functionality. So this is only available on Linux, it's not portable to other operating systems. And what happens is that there are certain ways that the kernel can share information with user space. One of them that we already saw was the crt0stack. But there are other times when the Linux kernel wants to share information with userspace. But it needs to do so and guarantee that userspace is going to run code in a particular way. And so the way that this actually works is that Linux generates on the fly a, a vdso, the virtual dynamic shared object, you can think of this as like a .so library, and it actually injects it into the memory space. And this is at a known location in the user space. And so user space application can actually look up that loaded, dynamic shared object in memory and can resolve symbols from it. And then if those symbols are executable, then you can actually execute this. And so this is a very, very trivial crate. The first method on vdso is the one that creates it. And it's the Locate object, and that just simply finds the vdso in memory, and returns an instance of this vdso struct, which contains a reference to where the vdso is in memory. And then you can look up symbols in the vdso. You look it up by its name, and you get back a reference to the symbol, which is really just a pointer. And you have to cast that to some other type based upon what that symbol name of the symbol is, we can't do that safely for you. But the only thing that this is actually used for in Enarx is for the SGX case. And the reason for this is because when you want to enter an enclave from user space, there's a bunch of really, really tricky code to get right. And so they decided to implement a vdso function for entering an enclave. And so this is used by the SGX code in order to look up that function dynamically at runtime and then execute it. But it is a generic crate, like you can look up. Another interesting symbol in the vdso, for example, is gettime. And the reason for this is that the Linux kernel wants to make it very, very fast for you to get the current time. But if you actually do a context, a full context switch into the kernel, then, you know, you're gonna basically not get time that's as accurate. It'll be a performance overhead. So they actually expose a vdso function for getting the system time where you don't even have to do a context switch. There's a variety of other interesting symbols in the vdso. We don't currently use any of them except for the SGX enclave enter function.