Skip to content

Commit

Permalink
update qemu to 8.2.2
Browse files Browse the repository at this point in the history
Signed-off-by: You-Sheng Yang <vicamo@gmail.com>
  • Loading branch information
vicamo committed Jun 21, 2024
1 parent 0bc43d0 commit ff6dbc8
Show file tree
Hide file tree
Showing 9 changed files with 610 additions and 2 deletions.
4 changes: 2 additions & 2 deletions docker-bake.hcl
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ variable "QEMU_REPO" {
default = "https://github.com/qemu/qemu"
}
variable "QEMU_VERSION" {
default = "v8.1.5"
default = "v8.2.2"
}
variable "QEMU_PATCHES" {
default = "cpu-max-arm"
Expand Down Expand Up @@ -59,7 +59,7 @@ target "buildkit" {
inherits = ["mainline"]
args = {
BINARY_PREFIX = "buildkit-"
QEMU_PATCHES = "${QEMU_PATCHES},buildkit-direct-execve-v8.1"
QEMU_PATCHES = "${QEMU_PATCHES},buildkit-direct-execve-v8.2"
QEMU_PRESERVE_ARGV0 = ""
}
cache-from = ["${REPO}:buildkit-master"]
Expand Down
1 change: 1 addition & 0 deletions patches/aports.config
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
8.2.20,214985d4bad8ce1064ce9f5bd3afc207c7166fad
8.1.50,e9d411e67e815ab0fcf1d00885cb55dd0f99e810
8.0.50,6225632b267a3d2bf6700a8fce41df60a68c187b
7.2.50,ed7a3122a32f53094f51e55abe68d416910e01ad
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
From 43aea3054fcbae1bfbfbb90edf1e3b56f439066f Mon Sep 17 00:00:00 2001
From: CrazyMax <crazy-max@users.noreply.github.com>
Date: Fri, 8 Sep 2023 10:47:29 +0200
Subject: [PATCH] linux-user: have execve call qemu via /proc/self/exe to not
rely on binfmt_misc

It is assumed that when a guest program calls execve syscall it wants to
execute a program on the same guest architecture and not the host architecture.

Previously, such a guest program would have execve syscall error out with:
"exec format error".

A common solution is to register the qemu binary in binfmt_misc but that is not a
userland-friendly solution, requiring to modify kernel state.

This patch injects /proc/self/exe as the first parameter and the qemu program name
as argv[0] to execve.

Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
---
linux-user/syscall.c | 44 +++++++++++++++++++++++++++++++-------------
1 file changed, 31 insertions(+), 13 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 9ee124c583..6ed502eb6c 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8442,10 +8442,37 @@ static int do_execv(CPUArchState *cpu_env, int dirfd,
envc++;
}

- argp = g_new0(char *, argc + 1);
+ argp = g_new0(char *, argc + 4);
envp = g_new0(char *, envc + 1);

- for (gp = guest_argp, q = argp; gp; gp += sizeof(abi_ulong), q++) {
+ if (!(p = lock_user_string(pathname)))
+ goto execve_efault;
+
+ /* if pathname is /proc/self/exe then retrieve the path passed to qemu via command line */
+ if (is_proc_myself(p, "exe")) {
+ CPUState *cpu = env_cpu((CPUArchState *)cpu_env);
+ TaskState *ts = cpu->opaque;
+ p = ts->bprm->filename;
+ }
+
+ /* retrieve guest argv0 */
+ if (get_user_ual(addr, guest_argp))
+ goto execve_efault;
+
+ /*
+ * From the guest, the call
+ * execve(pathname, [argv0, argv1], envp)
+ * on the host, becomes:
+ * execve("/proc/self/exe", [qemu_progname, "-0", argv0, pathname, argv1], envp)
+ * where qemu_progname is the error message prefix for qemu
+ */
+ argp[0] = (char*)error_get_progname();
+ argp[1] = (char*)"-0";
+ argp[2] = (char*)lock_user_string(addr);
+ argp[3] = p;
+
+ /* copy guest argv1 onwards to host argv4 onwards */
+ for (gp = guest_argp + 1*sizeof(abi_ulong), q = argp + 4; gp; gp += sizeof(abi_ulong), q++) {
if (get_user_ual(addr, gp)) {
goto execve_efault;
}
@@ -8484,18 +8511,9 @@ static int do_execv(CPUArchState *cpu_env, int dirfd,
* before the execve completes and makes it the other
* program's problem.
*/
- p = lock_user_string(pathname);
- if (!p) {
- goto execve_efault;
- }
-
- const char *exe = p;
- if (is_proc_myself(p, "exe")) {
- exe = exec_path;
- }
ret = is_execveat
- ? safe_execveat(dirfd, exe, argp, envp, flags)
- : safe_execve(exe, argp, envp);
+ ? safe_execveat(dirfd, "/proc/self/exe", argp, envp, flags)
+ : safe_execve("/proc/self/exe", argp, envp);
ret = get_errno(ret);

unlock_user(p, pathname, 0);
--
2.34.0

Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
From d83023eb7a0574cad224c7d88ac8dcf9d745afa3 Mon Sep 17 00:00:00 2001
From: Tibor Vass <tibor@docker.com>
Date: Tue, 2 Jun 2020 10:39:48 +0000
Subject: [PATCH] linux-user: lookup user program in PATH

Signed-off-by: Tibor Vass <tibor@docker.com>
---
linux-user/main.c | 45 ++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 44 insertions(+), 1 deletion(-)

diff --git a/linux-user/main.c b/linux-user/main.c
index fbc9bcfd5f..30f163de81 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -558,6 +558,45 @@ static void usage(int exitcode)
exit(exitcode);
}

+/*
+ * path_lookup searches for an executable filename in the directories named by the PATH environment variable.
+ * Returns a copy of filename if it is an absolute path or could not find a match.
+ * Caller is responsible to free returned string.
+ * Adapted from musl's execvp implementation.
+ */
+static char *path_lookup(char *filename) {
+ const char *p, *z, *path = getenv("PATH");
+ size_t l, k;
+ struct stat buf;
+
+ /* if PATH is not set or filename is absolute path return filename */
+ if (!path || !filename || filename[0] == '/')
+ return strndup(filename, NAME_MAX+1);
+
+ k = strnlen(filename, NAME_MAX+1);
+ if (k > NAME_MAX) {
+ errno = ENAMETOOLONG;
+ return NULL;
+ }
+ l = strnlen(path, PATH_MAX-1)+1;
+
+ for (p = path; ; p = z) {
+ char *b = calloc(l+k+1, sizeof(char));
+ z = strchrnul(p, ':');
+ if (z-p >= l) {
+ if (!*z++) break;
+ continue;
+ }
+ memcpy(b, p, z-p);
+ b[z-p] = '/';
+ memcpy(b+(z-p)+(z>p), filename, k+1);
+ if (!stat(b, &buf) && !(buf.st_mode & S_IFDIR) && (buf.st_mode & (S_IXUSR|S_IXGRP|S_IXOTH)))
+ return b;
+ if (!*z++) break;
+ }
+ return strndup(filename, NAME_MAX+1);
+}
+
static int parse_args(int argc, char **argv)
{
const char *r;
@@ -623,7 +662,11 @@ static int parse_args(int argc, char **argv)
exit(EXIT_FAILURE);
}

- exec_path = argv[optind];
+ /* not freeing exec_path as it is needed for the lifetime of the process */
+ if (!(exec_path = path_lookup(argv[optind]))) {
+ (void) fprintf(stderr, "qemu: could not find user program %s: %s\n", exec_path, strerror(errno));
+ exit(EXIT_FAILURE);
+ }

return optind;
}
--
2.34.0

Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
From 8fd15aa673a7241f8aeeb64fff5633b973913ae3 Mon Sep 17 00:00:00 2001
From: CrazyMax <crazy-max@users.noreply.github.com>
Date: Wed, 3 May 2023 20:54:37 +0200
Subject: [PATCH] linux-user: path in execve should be relative to working dir

Fixes regression introduced in parent commit where PATH handling was introduced.

When guest calls execve(filename, argp, envp) filename can be relative in which
case Linux makes it relative to the working directory.

However, since execve is now handled by exec-ing qemu process again, filename
would first get looked up in PATH in main() before calling host's execve.

With this change, if filename is relative and exists in working directory as
well as in PATH, working directory will get precedence over PATH if guest is
doing an execve syscall, but not if relative filename comes from qemu's argv.

Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
---
include/qemu/path.h | 1 +
linux-user/syscall.c | 9 +++++++--
util/path.c | 32 ++++++++++++++++++++++++++++++++
3 files changed, 40 insertions(+), 2 deletions(-)

diff --git a/include/qemu/path.h b/include/qemu/path.h
index c6292a9709..a81fb51e1f 100644
--- a/include/qemu/path.h
+++ b/include/qemu/path.h
@@ -3,5 +3,6 @@

void init_paths(const char *prefix);
const char *path(const char *pathname);
+const char *prepend_workdir_if_relative(const char *path);

#endif
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 947af70611..0ce9f207be 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8444,12 +8444,17 @@ static int do_execveat(CPUArchState *cpu_env, int dirfd,
* execve(pathname, [argv0, argv1], envp)
* on the host, becomes:
* execve("/proc/self/exe", [qemu_progname, "-0", argv0, pathname, argv1], envp)
- * where qemu_progname is the error message prefix for qemu
+ * where qemu_progname is the error message prefix for qemu.
+ * Note: if pathname is relative, it will be prepended with the current working directory.
*/
argp[0] = (char*)error_get_progname();
argp[1] = (char*)"-0";
argp[2] = (char*)lock_user_string(addr);
- argp[3] = p;
+ argp[3] = (char*)prepend_workdir_if_relative(p);
+ if (!argp[3]) {
+ ret = -host_to_target_errno(errno);
+ goto execve_end;
+ }

/* copy guest argv1 onwards to host argv4 onwards */
for (gp = guest_argp + 1*sizeof(abi_ulong), q = argp + 4; gp; gp += sizeof(abi_ulong), q++) {
diff --git a/util/path.c b/util/path.c
index 8e174eb436..06fe2663b8 100644
--- a/util/path.c
+++ b/util/path.c
@@ -68,3 +68,35 @@ const char *path(const char *name)
qemu_mutex_unlock(&lock);
return ret;
}
+
+/* Prepends working directory if path is relative.
+ * If path is absolute, it is returned as-is without any allocation.
+ * Otherwise, caller is responsible to free returned path.
+ * Returns NULL and sets errno upon error.
+ * Note: realpath is not called to let the kernel do the rest of the resolution.
+ */
+const char *prepend_workdir_if_relative(const char *path)
+{
+ char buf[PATH_MAX];
+ char *p;
+ int i, j, k;
+
+ if (!path || path[0] == '/') return path;
+
+ if (!getcwd(buf, PATH_MAX)) return NULL;
+ i = strlen(buf);
+ j = strlen(path);
+ k = i + 1 + j + 1; /* workdir + '/' + path + '\0' */
+ if (i + j > PATH_MAX) {
+ errno = ERANGE;
+ return NULL;
+ }
+ if (!(p = malloc(k * sizeof(char*)))) return NULL;
+
+ p[0] = '\0';
+
+ if (!strncat(p, buf, i)) return NULL;
+ if (!strncat(p, "/", 1)) return NULL;
+ if (!strncat(p, path, j)) return NULL;
+ return p;
+}
--
2.34.0

Loading

0 comments on commit ff6dbc8

Please sign in to comment.