Skip to content

v4.0.0

Release v4.0.0
@cedric-vincent cedric-vincent tagged this 02 Jul 12:38 
==============

Highlights
----------

+ It is now possible to use GDB, Strace, or any other program based on
  "ptrace" under PRoot.  This was not the case previously because it
  is not possible to stack ptracers on Linux, so an emulation layer
  was developed in order to bypass this limitation.  This has required
  a lot of changes in PRoot, hence the major number version bumping.
  It was mostly tested on x86_64, and partially tested on x86 and ARM.
  This ptrace emulation support is still experimental, and there are a
  couple of known issues, but feel free to report unexpected behaviors
  if you need a fix.

+ A new command-line option is available: "-S".  It is similar to the
  "-R" option expect it enables the "-0" option and binds only a
  minimal set of paths that are known to not be updated by package
  installations, to avoid unexpected changes on host files.  This
  option is useful to safely create and install packages into the
  guest rootfs.  For example:

      $ proot -S ubuntu-14.04-rootfs/ apt-get install samba

  or:

      $ proot -S ubuntu-14.04-rootfs/
      # apt-get install samba

  If "-0 -R" is used instead of "-S", the same command fails since it
  tries to update "/etc/group", which is bound to the host system and
  is not writable (assuming PRoot is ran without privileges):

      $ proot -0 -R ubuntu-14.04-rootfs/
      # apt-get install samba
      [...]
      Adding group `sambashare' (GID 105) ...
      Permission denied

+ The fake_id0 extension can now fake any user and group identifiers.
  That means, when "-0" is specified, PRoot-ed processes can change
  their real, effective and saved identifiers, with respect to the
  rules described in setuid, setfsuid, setreuid, setresuid, and
  setfsuid manuals.  Also, the new command-line option "-i" was added
  to change explicitly the identifiers to the specified values.  This
  option will be used by CARE to re-execute with the same initial
  identifiers, but it could also be useful to threaten your teammates
  ;).  Note that the "-0" option is actually the same as "-i 0:0".

+ The old command-line interface is not supported anymore.  That means
  it is now impossible to specify the path to the guest rootfs without
  using -r or -R.  Also, -Q and -B options are definitively gone,
  instead the -R option must be specified, respectively with and
  without -q.  See PRoot v3.1 release notes for details.

Fixes
-----

+ getcwd(2) and chdir(2) now return the correct error code when,
  respectively, the current directory does not exist anymore and the
  target directory doesn't have the "search" permission.

+ Named file descriptors (ie. links in /proc/<pid>/fd/*) are not
  dereferenced anymore since they may point to special objects like
  pipes, sockets, inodes, ...  Such objects do not exist on the
  file-system name-space, so dereferencing them used to cause
  unexpected errors.

+ Extensions now see every component of canonicalized paths.  An
  optimization in the canonicalization loop used to skip the first
  part of a path if it was known to be already canonicalized, sadly
  this short-cut may confuse some extensions, like -0.

+ Temporary files and directories created by PRoot for its own purpose
  are now automatically deleted when PRoot exits.

Miscellaneous
-------------

+ PRoot does not rely on GCC C extensions anymore, like nested
  functions.  That means its stack does not have to be executable
  (this is required for hardened Linux systems), and it can now be
  compiled with Clang.

+ The ASLR (Address Space Layout Randomization) is not disabled
  anymore, and the heap is now emulated on all architectures.

Internal changes
----------------

This section is dedicated to developers.

+ PRoot now remembers the parent of all tracees, it is similar to a
  traced process tree.  This was required for the ptrace emulation
  support, but this could be useful to some extensions.

+ It is now possible to restart a tracee with any ptrace restart mode:
  single-step, single-block, ...

+ Functions {peek,poke}_mem were replaced with functions
  {peek,poke}_{,u}int{8,16,32,64}.  These new functions performs type
  conversion and fetch only the necessary amount of data in target
  tracee's memory to avoid invalid accesses.

+ There is a new interface to handle ELF auxiliary vectors.  See
  ptrace emulation, kompat and fake_id0 extensions for usage examples.

+ There is a new interface to create temporary files and directories
  that are automatically deleted on exit.  See CARE extension, glue
  and auxv support for usage examples.

+ When built with GCC function instrumentation support, PRoot prints
  the currently called function on standard error stream (stderr).

Thanks
------

Thanks go to Stephen McCamant, Oren Tirosh, Jérôme Audu, and Carlos
Hernan Prada Rojas for their bug reports and tests; and to Rémi
Duraffort for his contributions.

Validation
----------

====================  =================  ==============  =================  =========
testsuite                   host distro    guest distro     configurations   comments
====================  =================  ==============  =================  =========
proot-v4.0                 OBS */x86_64            none                N/A          a
proot-v4.0                    OBS */x86            none                N/A          b
proot-v4.0             Ubuntu-10.10/arm            none                N/A          a

proot-v4.0            Slack-14.1/x86_64            none                N/A          a
proot-v4.0/memcheck   Slack-14.1/x86_64            none                N/A          a
proot-v4.0/asan       Slack-14.1/x86_64            none                N/A          a
proot-v4.0/talleak    Slack-14.1/x86_64            none                N/A          a

proot-v4.0            Slack-14.1/x86_64            none         no-seccomp          a
proot-v4.0/memcheck   Slack-14.1/x86_64            none         no-seccomp          a
proot-v4.0/asan       Slack-14.1/x86_64            none         no-seccomp          a
proot-v4.0/talleak    Slack-14.1/x86_64            none         no-seccomp          a

libuv-0.10.27         Slack-14.1/x86_64    same as host               none          a
libuv-0.10.27         Slack-14.1/x86_64    same as host   kompat, fake_id0          c
libuv-0.10.27         Slack-14.1/x86_64  Slack-14.0/x86               none          a
libuv-0.10.27         Slack-14.1/x86_64  Slack-14.0/x86   kompat, fake_id0          c

ltp-syscall-20130904  Slack-14.1/x86_64    same as host               none          d
ltp-syscall-20130904  Slack-14.1/x86_64    same as host   kompat, fake_id0        d,e
ltp-syscall-20130904  Slack-14.1/x86_64  Slack-14.0/x86               none        d,f
ltp-syscall-20130904  Slack-14.1/x86_64  Slack-14.0/x86   kompat, fake_id0      d,e,f

ltp-opt-20130904      Slack-14.1/x86_64    same as host               none          g
ltp-opt-20130904      Slack-14.1/x86_64    same as host   kompat, fake_id0        g,h
ltp-opt-20130904      Slack-14.1/x86_64  Slack-14.0/x86               none        g,i
ltp-opt-20130904      Slack-14.1/x86_64  Slack-14.0/x86   kompat, fake_id0    g,h,i,j

perl-5.18.1           Slack-14.1/x86_64    same as host               none          k
perl-5.18.1           Slack-14.1/x86_64    same as host   kompat, fake_id0        k,l
perl-5.18.1           Slack-14.1/x86_64  Slack-14.0/x86               none          k
perl-5.18.1           Slack-14.1/x86_64  Slack-14.0/x86   kompat, fake_id0        k,l

gdb-7.6.1             Slack-14.1/x86_64    same as host               none          m
gdb-7.6.1             Slack-14.1/x86_64    same as host   kompat, fake_id0        m,n
gdb-7.6.1             Slack-14.1/x86_64  Slack-14.0/x86               none        m,o

proot-v3.2.2          Slack-14.1/x86_64    same as host               none          p
proot-v3.2.2          Slack-14.1/x86_64    same as host           fake_id0          p
proot-v3.2.2          Slack-14.1/x86_64  Slack-14.0/x86               none          p
proot-v3.2.2          Slack-14.1/x86_64  Slack-14.0/x86           fake_id0          p

perl-5.16.1           Slack-14.1/x86_64  Ubuntu-14.10/ARM     qemu-2.1-rc0          q
coreutils-8.19        Slack-14.1/x86_64  Ubuntu-14.10/ARM     qemu-2.1-rc0        k,r

performance           Slack-14.1/x86_64            none               none        NTR
Coverity Scan         Travis-CI                     N/A                N/A        NTR
Clang 3.3             Slack-14.1/x86_64             N/A                N/A        NTR
====================  =================  ==============  =================  =========

a: is OK or has same failures as native

b: fails on some AMD CPUs.  No explanations yet.

c: failures = signal_multiple_loops, fs_chown

d: failures = brk01, creat07, execve04, mremap03, msync03, madvise01,
   madvise03, madvise04, pwrite03, pwrite03_64, rmdir02

   skipped = msgctl10, msgctl11

e: too many failures to be listed here.  These failures are mostly
   related to the fake_id0 extensions but are not unexpected.

f: failures = bdflush01, modify_ldt01, semctl01, semctl03, semctl05,
   socketcall01

g: failures = timer_getoverrun_2-3

h: failures = fork_1-1 sem_unlink_3-1 sigaction_4-52 sigaction_4-32

i: failures = mmap_31-1

j: failures = mlock_12-1, sem_unlink_3-1

k: failures = op/magic.t

l: failures = File-Path/t/Path.t Net-Ping/t/110_icmp_inst.t
   Net-Ping/t/500_ping_icmp.t Net-Ping/t/520_icmp_ttl.t

m: failures = break-interp, checkpoint, foll-exec, info-os, jit

   skipped = foll-fork, foll-vfork, watch_thread_num, attach-twice

n: failures = fileio

o: failures = call-sc callfuncs find-unmapped finish float interrupt
   return-nodebug return return2 siginfo-obj siginfo-thread signals
   sigstep varargs ext-attach server-exec-info

p: failures = test-092c5e26

q: failures = rm/deep-2 misc/env misc/printenv split/fail dd/skip-seek
   dd/skip-seek-past-file du/long-from-unreadable install/basic-1
   mkdir/p-3

r: failures = HTTP-Tiny/t/002_croakage.t HTTP-Tiny/t/003_agent.t
Assets 2
Loading