We're currently seeing how hard it would be to run CloudABI binaries on
operating systems cannot be modified easily (Windows, Mac OS X). The
idea is that we want to just run them without any sandboxing. Now
that CloudABI executables are PIE, this is already a bit easier, but TLS
is still problematic:
- CloudABI executables want to write to %fs, which typically requires extra system calls by the emulator every time it needs to switch between CloudABI's and its own TLS.
- If CloudABI executables overwrite %fs unconditionally, it also becomes harder for the emulator to store a backup of the old value of %fs.
To solve this, let's no longer overwrite %fs, but just %fs:0. As
CloudABI's C library does not use a TCB, this space can now be used by
an emulator to keep track of its internal state. The executable can now
safely overwrite %fs:0, as long as it makes sure that the TCB is copied
over to the new TLS area.
Ensure that there is an initial TLS area set up when the process starts,
only containing a bogus TCB. We don't really care about its contents on