Running programs from
a recent guest distro
on an obsolete host distro
Why would you do such a thing?
•Validate programs for the guest distro
•Use programs available only for the guest distro
•...
How could you do such a thing?
• Full virtualisation : virtual hardware booting the
guest OS (VirtualBox, VMWare, …)
• Par...
Risk with partial virtualisation ... 4
“FATAL: kernel too old”
Solution ! 5
PRoot makes
your kernel
grow younger!
Kernel features emulated by PRoot 6
kernel
version
Emulated features
2.6.16 openat, linkat, ... syscalls
2.6.19 epoll_pwai...
How does it work?
•Syscall emulation : replace unsupported
syscalls with something equivalent.
Example :
openat(<fd>, <pat...
How does it work?
•Flag emulation : append one or several calls to
fcntl right after the original syscall :
Example :
open...
How does it work in PRoot?
•ELF auxiliary vectors : read/write the process
memory right after execve
•heap allocation: rep...
Demo time !
1.On Redhat 4.7, only VLC 0.8.6 is officially available
2.It’s way too old !
3.Let’s build the VLC 2.0.8 on Re...
Demo dynamic statistics 11
●
115.000 syscalls
●
200 emulated syscalls
●
1700 emulated flags
●
50 ELF auxiliary vector chan...
When? 12
This kernel compatibility support
will be available in
PRoot and CARE
by the end of Septembre (2013).
Upcoming SlideShare
Loading in …5
×

PRoot improved kernel compatibility

575 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
575
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

PRoot improved kernel compatibility

  1. 1. Running programs from a recent guest distro on an obsolete host distro
  2. 2. Why would you do such a thing? •Validate programs for the guest distro •Use programs available only for the guest distro •Publish programs with their original environment for the sake of reproducibility (CARE, CDE) •… 2
  3. 3. How could you do such a thing? • Full virtualisation : virtual hardware booting the guest OS (VirtualBox, VMWare, …) • Partial virtualisation : guest programs requests are redirected to the host kernel – Kernel based : chroot – LD_PRELOAD based : ScratchBox2, fakechroot, … – ptrace based : PRoot, CDE, fakeroot-ng, ... 3
  4. 4. Risk with partial virtualisation ... 4 “FATAL: kernel too old”
  5. 5. Solution ! 5 PRoot makes your kernel grow younger!
  6. 6. Kernel features emulated by PRoot 6 kernel version Emulated features 2.6.16 openat, linkat, ... syscalls 2.6.19 epoll_pwait syscall 2.6.23 CLOEXEC flag for open 2.6.24 DUPFD_CLOEXEC command for fcntl 2.6.27 CLOEXEC, NONBLOCK flags for many syscalls 2.6.28 accept4 syscall 2.6.29 AT_RANDOM ELF auxiliary vector * AT_SYSINFO ELF auxiliary vector (discarded) * heap allocation
  7. 7. How does it work? •Syscall emulation : replace unsupported syscalls with something equivalent. Example : openat(<fd>, <path>, …) is converted into : open(canon( readlink(/proc/<pid>/fd/<fd>) + <path>), …) 7
  8. 8. How does it work? •Flag emulation : append one or several calls to fcntl right after the original syscall : Example : open(<path>, <flags> | O_CLOEXEC) is converted into : fcntl(open(<path>, <flags>), FD_CLOEXEC) 8
  9. 9. How does it work in PRoot? •ELF auxiliary vectors : read/write the process memory right after execve •heap allocation: replace call to brk with call to mmap or mremap 9
  10. 10. Demo time ! 1.On Redhat 4.7, only VLC 0.8.6 is officially available 2.It’s way too old ! 3.Let’s build the VLC 2.0.8 on Redhat 4.7 … 4.… never mind, 57 packages are missing or outdated 5.Let’s run VLC 2.0.8 from Ubuntu 13.04 (Linux 3.8.0, 2012-06-04) on Redhat 4.7 (Linux 2.6.9, 2004-10-19): 1.without proot -k : « FATAL : kernel too old » 2.with proot -k : http://youtu.be/AJ5kaO1HKlU 6.It works whatever the host and guest systems are ! 10
  11. 11. Demo dynamic statistics 11 ● 115.000 syscalls ● 200 emulated syscalls ● 1700 emulated flags ● 50 ELF auxiliary vector changes ● 400 emulated heap syscalls
  12. 12. When? 12 This kernel compatibility support will be available in PRoot and CARE by the end of Septembre (2013).

×