Hi; I'm trying to figure out the best way to handle the execution of a non-native ELF (ie, one compiled for a different OS/CPU pair) under OpenSolaris. We can assume for the sake of this discussion that the actual details of running the binary are taken care of - ie, running the non-native code); what I'm interested in is how to get the OpenSolaris kernel to exec the binary such that control is passed to our emulation environment rather than an error being returned.
I understand that there is a facility provided via loadable modules to add exec handlers to Solaris - intp and java binaries are mangled this way. However, the mechanism uses magic-matching to verify the binary type - as we're trying to execute ELFs here, there's already a handler and as such it won't allow me to install another one or replace the existing one. I have experimented with creating a "misc" module that, on load, rewrites the execsw[] table such that the ELF entry points to a wrapper function of our own devising that pre-checks the binary and then hands it off to the original ELF exec function or our emulation environment as appropriate, and this seems to work; however, poking around with kernel structures in this way leaves me a little squeamish and also, it seems that if we load this module during boot by way of an rc script, the table is re-patched after our module is loaded, rendering it useless anyway. We have also experimented with replacing the exec syscall, by rewriting the sysent[] and sysent32[] tables and using a wrapper in a similar way to above - this time by replacing the path and rewriting the argv array. Again, this broadly seems to work but has the twin disadvantages of being, uh, somewhat icky and also losing the ability to run suid binaries (as the permissions are then set based on the permissions of our emulation environment's binary rather than those of the non-native binary we wish to execute), so this doesn't really work for us either. We've considered using a branded zone, which would seem to be the most sensible way of doing this, but a quick scan of the hooks provided in the source code seems to suggest that the hooks are triggered after architectural checks are performed on the ELF and as such control would never reach us anyway. Also, reworking our environment into a zone is a non-trivial effort and whilst it's something that I'd personally like to do, it's not really an option right at the moment. So, I thought I'd cast this open to the wider OpenSolaris community and get some suggestions. Short of rewriting the entire exec syscall or ELF exec handler, what's the best way to do this? Cheers; Chris This message posted from opensolaris.org _______________________________________________ opensolaris-code mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
