Skip to content

fatelf-exec: Execute FatElf binaries #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
M3Henry wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fatelf-exec: Execute FatElf binaries #3

M3Henry wants to merge 1 commit into from

Conversation

@M3Henry
Copy link

@M3Henry M3Henry commented Oct 12, 2024
edited
Loading

Thanks for your work coming up with a sensible spec. I stumbled across systemd-binfmt recently and remembered FatElf.

As it stands, fatelf-exec copies the contained ELF into an anonymous memory backed file and executes it. This works for statically linked binaries and dynamically linked binaries that are linked to normal ELF dynamic libraries.
For the use case of FatElf dynamic libraries, this does not provide a solution, though it could be possible in theory to shim ld-linux.so somehow.

It turns out there is demand for this sort of thing. Though it seems one only gets support when done with clever tricks: APE

@M3Henry
Copy link
Author

M3Henry commented Oct 12, 2024

Made binfmt only handle v1 FatElf binaries.

M3Henry
M3Henry commented Oct 12, 2024
View reviewed changes
CMakeLists.txt
if(MEMFD)
add_fatelf_executable(fatelf-exec)

find_program(BINFMT systemd-binfmt PATHS /usr/lib/systemd)
Copy link
Author

@M3Henry M3Henry Oct 12, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm on the fence as to whether /usr/lib ought to be replaced with ${CMAKE_INSTALL_FULL_LIBDIR}.

M3Henry
M3Henry commented Oct 12, 2024
View reviewed changes
fatelf-exec: Execute FatElf binaries
f496863 
Add the ability to execute fatelf binaries from a memfd with fatelf-exec.
It reads its own ELF header via /proc/self/exe to determine the target.

Use systemd-binfmt to tell the kernel to execute FatElf with fatelf-exec.

Future improvements:
* Read into a mmap of the memfd.
* Be aware of non-exact record matches which are compatible with the OS.
  e.g. Linux x86 & x32 binaries can run on x86_64.
* Compile time knowledge of current architecture to avoid /proc/self/exe.
* OpenBSD support may be possible with shm_mkstemp.
* Defer to other binfmt handlers?
@tkchia tkchia mentioned this pull request Apr 10, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@M3Henry