Enhance detection of MUSL-based Linux systems (xgboost4j) #7915
Comments
|
Thank you for the proposal. @Craigacp would you like to join the discussion when you are available? |
|
I think my preference would be to remove the MUSL section from NativeLibraryLoader and supply a single JVM system property override for users which allows them to supply the path to the XGBoost native library on startup, rather than have a two phase approach where the user can override MUSL detection but has a leaky fallback. That's what we do in ONNX Runtime (https://github.com/microsoft/onnxruntime/blob/master/java/src/main/java/ai/onnxruntime/OnnxRuntime.java#L273) to support other use cases as well as this one (e.g. frozen containers which don't have a writable That said, I'll ask around with some Java people to see if there is a way to reliably detect it from within the JVM (e.g. I'm not sure how stable the output of |
|
The consensus opinion from the Java people I talked to is that there are only bad ways to detect if you're running on top of musl directly from within the JVM and that those shouldn't be in production code. |
|
Thank you for the comments. Is there a way to fail gracefully? |
|
@Craigacp Concerning your suggestion that the user could specify the path of the shared library to load via an system property:
WDYT? @trivialfis |
|
@snoopcheri WRT to security issues, while I'm not a security person if a bad actor has control over the command line used to run the JVM then there are bigger problems for the system because they could induce any kind of behaviour in the system by altering the classpath. |
|
I've created a PR which replaced the auto-detection for MUSL-based Linux systems with system properties. |
Context
With the release 1.6 of xgboost, a feature was added that would automatically detect under Linux, whether it is a regular or a MUSL-based system. Depending on this, the proper Native shared library would be loaded (MUSL-based systems cannot load shared libraries using
glibc).The check whether a Linux system is MUSL-based is done by inspecting memory-mapped files in
/proc/self/map_files. This is the same logic as the sqllite-jdbc project is doing here.Problem
While this typically works well, there are cases, where this directory is not accessible. There are at least two cases:
/proc/self/map_fileswas added in Linux kernel 3.3, for older kernels this directory simply does not existThis problem has also been discussed on the sqlite-jdbc forums. See here for a good summary of the problem.
The current implementation in xgboost assumes, that if this directory cannot be read for some reason, the Linux system is not MUSL-based.
Unfortunately, this assumption is not always correct.
Proposal
We need another way to determine whether a Linux system is MUSL-based or not. It seems, there is no simple auto-detection, that works 100% for all cases and environments. Therefore, I propose that the user can give a hint to xgboost, whether the Linux system is MUSL-based or not.
(1)
In the class NativeLibraryLoader we check for the presence of a custom environment variable like
IS_MUSL. If this env variable is present and its value is truthy (trueor1), xgboost assumes the system is MUSL-based, no matter whether memory-mapped files in/proc/self/map_filescan be read or not.(2)
If this custom environment variable is not present, then detection falls back to the current solution.
This could be simplified by defining that you always have to configure the
IS_MUSLenvironment variable, if you're running on a MUSL-based system. But since it seems to work most of the time, it still seems convenient for most users to keep the current detection mechanism.How does this work for the end user?
IS_MUSLenvironment variable to override this.Please let me know what you think! I can create a PR with the suggested change.
The text was updated successfully, but these errors were encountered: