LoadLibrary: Support For Loading Windows DLLs On Linux

A Google researcher has been developing "LoadLibrary" as a means of being able to load Windows Dynamic Link Libraries (DLLs) that in turn can be used by native Linux code.

LoadLibrary isn't a replacement for Wine or the like but is intended to allow Windows DLL libraries to be loaded that can then be accessed by native Linux code, not trying to run Windows programs and the like on Linux but simply loading the libraries.

This project is being developed by Tavis Ormandy, a well known Google employee focused on vulnerability research. He worked on a custom PE/COFF loader based on old ndiswrapper code, the project that was about allowing Windows networking drivers to function on Linux. LoadLibrary will handle relocations and imports and offers an API inspired by dlopen. LoadLibrary at this stage appears to be working well with self-contained Windows libraries and Tavis is using the project in part for fuzzing Windows libraries on Linux.

Tavis noted, "Distributed, scalable fuzzing on Windows can be challenging and inefficient. This is especially true for endpoint security products, which use complex interconnected components that span across kernel and user space. This often requires spinning up an entire virtualized Windows environment to fuzz them or collect coverage data. This is less of a problem on Linux, and I've found that porting components of Windows Antivirus products to Linux is often possible. This allows me to run the code I’m testing in minimal containers with very little overhead, and easily scale up testing."

More details on LoadLibrary for loading Windows DLLs on Linux via GitHub where he also demonstrated porting Windows Defender libraries to Linux.