LoadLibrary: Support For Loading Windows DLLs On Linux

Written by Michael Larabel in Microsoft on 11 March 2020 at 10:03 AM EDT. 74 Comments
MICROSOFT
A Google researcher has been developing "LoadLibrary" as a means of being able to load Windows Dynamic Link Libraries (DLLs) that in turn can be used by native Linux code.

LoadLibrary isn't a replacement for Wine or the like but is intended to allow Windows DLL libraries to be loaded that can then be accessed by native Linux code, not trying to run Windows programs and the like on Linux but simply loading the libraries.

This project is being developed by Tavis Ormandy, a well known Google employee focused on vulnerability research. He worked on a custom PE/COFF loader based on old ndiswrapper code, the project that was about allowing Windows networking drivers to function on Linux. LoadLibrary will handle relocations and imports and offers an API inspired by dlopen. LoadLibrary at this stage appears to be working well with self-contained Windows libraries and Tavis is using the project in part for fuzzing Windows libraries on Linux.

Tavis noted, "Distributed, scalable fuzzing on Windows can be challenging and inefficient. This is especially true for endpoint security products, which use complex interconnected components that span across kernel and user space. This often requires spinning up an entire virtualized Windows environment to fuzz them or collect coverage data. This is less of a problem on Linux, and I've found that porting components of Windows Antivirus products to Linux is often possible. This allows me to run the code I’m testing in minimal containers with very little overhead, and easily scale up testing."

More details on LoadLibrary for loading Windows DLLs on Linux via GitHub where he also demonstrated porting Windows Defender libraries to Linux.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week