Re: [PATCH v1] linux-user: Add option to run `execve`d programs through QEMU

[Noah Goldstein <goldstein.w.n@gmail.com>]

On Wed, Oct 2, 2024 at 11:14 AM Ilya Leoshkevich <iii@linux.ibm.com> wrote:
>
> On Wed, 2024-10-02 at 10:10 -0500, Noah Goldstein wrote:
> > On Wed, Oct 2, 2024 at 9:53 AM Ilya Leoshkevich <iii@linux.ibm.com>
> > wrote:
> > >
> > > On Wed, 2024-10-02 at 09:44 -0500, Noah Goldstein wrote:
> > > > On Wed, Oct 2, 2024 at 9:38 AM Ilya Leoshkevich
> > > > <iii@linux.ibm.com>
> > > > wrote:
> > > > >
> > > > > On Wed, 2024-10-02 at 16:08 +0200, Laurent Vivier wrote:
> > > > > > Le 02/10/2024 à 10:08, Ilya Leoshkevich a écrit :
> > > > > > > On Fri, 2024-08-30 at 15:36 -0700, Noah Goldstein wrote:
> > > > > > > > The new option '-qemu-children' makes it so that on
> > > > > > > > `execve`
> > > > > > > > the
> > > > > > > > child
> > > > > > > > process will be launch by the same `qemu` executable that
> > > > > > > > is
> > > > > > > > currently
> > > > > > > > running along with its current commandline arguments.
> > > > > > > >
> > > > > > > > The motivation for the change is to make it so that
> > > > > > > > plugins
> > > > > > > > running
> > > > > > > > through `qemu` can continue to run on children.  Why not
> > > > > > > > just
> > > > > > > > `binfmt`?: Plugins can be desirable regardless of
> > > > > > > > system/architecture
> > > > > > > > emulation, and can sometimes be useful for elf files that
> > > > > > > > can
> > > > > > > > run
> > > > > > > > natively. Enabling `binfmt` for all natively runnable elf
> > > > > > > > files
> > > > > > > > may
> > > > > > > > not be desirable.
> > > > > > >
> > > > > > > Another reason to have this is that one may not have root
> > > > > > > permissions
> > > > > > > to configure binfmt-misc.
> > > > > >
> > > > > > A little note on that: binfmt_misc is now part of the user
> > > > > > namespace
> > > > > > (since linux v6.7), so you can
> > > > > > configure binfmt_misc as a non root user in a given namepace.
> > > > > >
> > > > > > There is helper to use it with unshare from util-linux, you
> > > > > > can
> > > > > > do
> > > > > > things like that:
> > > > > >
> > > > > >    With 'F' flag, load the interpreter from the initial
> > > > > > namespace:
> > > > > >
> > > > > >      $ /bin/qemu-m68k-static --version
> > > > > >      qemu-m68k version 8.2.2 (qemu-8.2.2-1.fc40)
> > > > > >      Copyright (c) 2003-2023 Fabrice Bellard and the QEMU
> > > > > > Project
> > > > > > developers
> > > > > >      $ unshare --map-root-user --fork --pid
> > > > > > --load-interp=":qemu-
> > > > > > m68k:M::\\x7fELF\\x01\\x02\\x01\\x00\\x00\\x00\\x00\\x00\\x00
> > > > > > \\x0
> > > > > > 0\\x
> > > > > > 00\\x00\\x00\\x02\\x00\\x04:\\xff\\xff\\xff\\xff\\xff\\xff\\x
> > > > > > fe\\
> > > > > > x00\
> > > > > > \xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xfe\\xff\\xff:/
> > > > > > bin/
> > > > > > qemu
> > > > > > -m68k-static:OCF"
> > > > > > --root=chroot/m68k/sid
> > > > > >      # QEMU_VERSION= ls
> > > > > >      qemu-m68k version 8.2.2 (qemu-8.2.2-1.fc40)
> > > > > >      Copyright (c) 2003-2023 Fabrice Bellard and the QEMU
> > > > > > Project
> > > > > > developers
> > > > > >      # /qemu-m68k  --version
> > > > > >      qemu-m68k version 8.0.50 (v8.0.0-340-gb1cff5e2da95)
> > > > > >      Copyright (c) 2003-2022 Fabrice Bellard and the QEMU
> > > > > > Project
> > > > > > developers
> > > > > >
> > > > > >    Without 'F' flag, from inside the namespace:
> > > > > >
> > > > > >      $ unshare --map-root-user --fork --pid
> > > > > > --load-interp=":qemu-
> > > > > > m68k:M::\\x7fELF\\x01\\x02\\x01\\x00\\x00\\x00\\x00\\x00\\x00
> > > > > > \\x0
> > > > > > 0\\x
> > > > > > 00\\x00\\x00\\x02\\x00\\x04:\\xff\\xff\\xff\\xff\\xff\\xff\\x
> > > > > > fe\\
> > > > > > x00\
> > > > > > \xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xfe\\xff\\xff:/
> > > > > > qemu
> > > > > > -
> > > > > > m68k:OC"
> > > > > > --root=chroot/m68k/sid
> > > > > >      # QEMU_VERSION= ls
> > > > > >      qemu-m68k version 8.0.50 (v8.0.0-340-gb1cff5e2da95)
> > > > > >      Copyright (c) 2003-2022 Fabrice Bellard and the QEMU
> > > > > > Project
> > > > > > developers
> > > > > >      # /qemu-m68k  --version
> > > > > >      qemu-m68k version 8.0.50 (v8.0.0-340-gb1cff5e2da95)
> > > > > >      Copyright (c) 2003-2022 Fabrice Bellard and the QEMU
> > > > > > Project
> > > > > > developers
> > > > > >
> > > > > > Thanks,
> > > > > > Laurent
> > > > > >
> > > > >
> > > > > Thanks for posting this, I wasn't aware of this feature and it
> > > > > looks
> > > > > really useful.
> > > > >
> > > > > IIUC it also resolves the main problem this patch is dealing
> > > > > with:
> > > >
> > > > I might misunderstand, but I don't think it does in the sense
> > > > that it still might not be desirable to use the same qemu flags
> > > > for the entire class of executables.
> > > >
> > > > I.e the original motivating case was wanting to attach
> > > > some plugins to a process and its children and AFAICT
> > > > binfmt still doesn't give that level of control.
> > >
> > > I think if you start a process in a user namespace, which has a
> > > binfmt_misc handler for a certain class of binaries, then this
> > > handler
> > > will affect only this process and its children, and not the rest of
> > > the
> > > system.
> >
> > It won't also affect other binaries in the user namespace?
>
> It would, but you should be able to create a user namespace just
> for your program. It should also be possible to nest user namespaces.

Okay fair enough. Still pro this patch as an easier means
but guess it loses any necessity.

To be clear, are you rejecting?
>
> > > > >   Enabling `binfmt` for all natively runnable elf files may
> > > > >   not be desirable.
>