Re: [RFC PATCH 0/2] Introduce a way to expose the interpreted file with binfmt_misc

From: "Guilherme G. Piccoli" <gpiccoli@igalia.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>, sonicadvance1@gmail.com
Cc: Kees Cook <keescook@chromium.org>,
	David Hildenbrand <david@redhat.com>,
	linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
	linux-mm@kvack.org, kernel-dev@igalia.com, kernel@gpiccoli.net,
	oleg@redhat.com, yzaikin@google.com, mcgrof@kernel.org,
	akpm@linux-foundation.org, brauner@kernel.org,
	viro@zeniv.linux.org.uk, willy@infradead.org, dave@stgolabs.net,
	joshua@froggi.es
Subject: Re: [RFC PATCH 0/2] Introduce a way to expose the interpreted file with binfmt_misc
Date: Mon, 13 Nov 2023 16:17:11 -0300	[thread overview]
Message-ID: <eb176852-2912-1813-bcca-a7d1fe34f270@igalia.com> (raw)
In-Reply-To: <871qctwlpx.fsf@email.froward.int.ebiederm.org>

On 13/11/2023 15:29, Eric W. Biederman wrote:
> [...]
> Currently there is a mechanism in the kernel for changing
> /proc/self/exe.  Would that be reasonable to use in this case?
> 
> It came from the checkpoint/restart work, but given that it is already
> implemented it seems like the path of least resistance to get your
> binfmt_misc that wants to look like binfmt_elf to use that mechanism.
> 
> Eric
> 

Thanks Eric! I'm curious on how that would work: we'd change the symlink
of the emulator? So, the *emulated* software, when reading that, would
see the correct symlink?

Also, just to fully clarify: are you suggesting we hook the new
binfmt_misc flag proposed here to the internal kernel way of changing
the proc/self/exe symlink, or are you suggesting we use the prctl() tune
from the emulator, like the userspace changing its own symlink?

One of the biggest concerns I have with this kind of approach is that
changing the symlink actually...changes it - the binary mapping itself,
I mean.
Whereas my way was a "fake" change, just expose one thing for the
emulated app, but changes nothing else...

Cheers,

Guilherme