[illumos-Developer] [oi-dev] GSOC2011
Joerg Schilling
Joerg.Schilling at fokus.fraunhofer.de
Thu Mar 24 05:39:47 PDT 2011
Albert Lee <trisk at opensolaris.org> wrote:
> lxrun still works for older Linux binaries, but it used the rather
> ugly method of userspace syscall emulation by trapping SIGSEGV.
> Applications receive this signal when they cause a general protection
> fault by making an invalid system call using the traditional i386 INT
> 0x80 (the syscall vectors used by Linux happen to be unused on
> Solaris). I'm not sure what happens when applications try to use
> SYSENTER instead.
> BrandZ just implemented the Linux system calls instead, which works
> well, but obviously requires extensive kernel support. While we can
> bring it back into illumos fairly easily, it is still incomplete and
> also suffers from the fact that Linux has had some changes in the time
> it's gone unmaintained.
LKP exists before BrandZ amd Sun did buy a license from SCO for LKP.
> If we want Linux executables to load native shared libraries (which
> would be really really cool), the dynamic loader would also need to
> support redirecting Linux application libc calls to GNU libc or
> wrappers around the native libc to handle interface and structure
> differences.
Being generally able to run Linux binaries may be a security risk as there are
plenty of attacks that rely on being able to run Linux binaries.
Sun on the other side did introduce BrandZ instead of LKP in order to avoid
rnning Linux binariers to become too simple - Sun was in fear that this could
harm the stand of Solaris.
In general, something like LKP should be nice as it allows e.g. pipes between
Solaris binaries and Linux binaries. I would however make the general ability
to run Linux binaries a configurable option. This could be made global via
/etc/system and process group specific via privileges.
Jörg
--
EMail:joerg at schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
js at cs.tu-berlin.de (uni)
joerg.schilling at fokus.fraunhofer.de (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
More information about the Developer
mailing list