Re: [kronosnet/kronosnet] a2f08e: Switch over all plugins to the module system

"Fabio M. Di Nitto" &lt;fdinitto(a)redhat.com&gt; writes: Apparently more than me... I'm at home with a sick child, sorry for the slow reaction. I think it's a sharp observation. While knet is evolving faster than all the plugin dependencies taken together, keeping dlopen at the outer boundary can be advantageous. Yes, on ELF platforms that's true. It's the only way I know of to avoid hardwiring foreign library sonames. Which differ from platform to platform. Detecting them (as we currently do) works well enough in simple cases, but NSS is a pig already, having its symbols spread into several shared objects. That would be rather complicated to emulate with dlopens, not to mention symbol versioning. Honestly, I haven't had the courage to dwelve into that yet. I'd think keeping both sides in the same upstream makes the internal API/ABI a non-issue at the upstream level. Packaging can use strict versioned dependencies between the plugin packages and the main library to force upgrading them together (this only exposes the need to restart the application after library/plugin upgrades). Other solutions are module versioning (like library versioning, but independent) or plugin directory versioning, which enable coexistence of different module ABI versions (again, the module ABI could change keeping the library ABI undisturbed). See also below. For what it's worth, gdb works fine for me... wferi@lant:~/ha/kronosnet/kronosnet/libknet/tests$ LD_LIBRARY_PATH=../.libs gdb .libs/int_crypto_test [...] Reading symbols from .libs/int_crypto_test...done. (gdb) b encrypt_nss Function "encrypt_nss" not defined. Make breakpoint pending on future shared library load? (y or [n]) y Breakpoint 1 (encrypt_nss) pending. (gdb) r Starting program: /home/wferi/ha/kronosnet/kronosnet/libknet/tests/.libs/int_crypto_test [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". [New Thread 0x7ffff5054700 (LWP 1856)] [New Thread 0x7ffff4853700 (LWP 1857)] [New Thread 0x7ffff4052700 (LWP 1858)] [New Thread 0x7ffff3851700 (LWP 1859)] [New Thread 0x7ffff3050700 (LWP 1860)] [New Thread 0x7ffff284f700 (LWP 1861)] [New Thread 0x7ffff204e700 (LWP 1862)] Test knet_handle_crypto with nss/aes128/sha1 and normal key knet logs: [info] common: crypto_nss.so has been loaded from /home/wferi/ha/kronosnet/kronosnet/libknet/tests/../.libs/crypto_nss.so knet logs: [debug] crypto: Initizializing crypto module [nss/aes128/sha1] knet logs: [debug] nsscrypto: Initizializing nss crypto module [aes128/sha1] knet logs: [debug] crypto: security network overhead: 68 Source Data: Encrypt me! Thread 1 "int_crypto_test" hit Breakpoint 1, nsscrypto_encrypt_and_signv (iovcnt_in=1, buf_out_len=0x7fffffffd0b0, buf_out=0x5555579090e0 "", iov_in=0x7fffffffd030, knet_h=0x7ffff5055010) at crypto_nss.c:625 625 if (encrypt_nss(knet_h, iov_in, iovcnt_in, buf_out, buf_out_len) < 0) { (gdb) Nothing threatening comes to my mind at the moment, but I'd be happy to look into any concrete problems brought up. Well, yes. But at least it's in one hand: with modules you've got a small internal ABI to watch out for, with direct dlopens you've got several foreign ABIs to follow. Yes, development speed matters, but as knet matures, the balance will inevitably tip, if it hasn't already. That sounds somewhat overkill... why not just use a version number if we really must? Or introduce an extensible module ABI (with an explicit size at the front of the model definition) and stay safe for a longer term? Just thinking out loudly... Yeah, that's a wart. I don't know how to make that symbol accessible in the usual way in the modules without including its code. And I wonder what other internal symbols may need to be exposed later. Does the format used in the log pipe constitute ABI? This might even be a show stopper. -- Thanks, Feri