Houdini can't work - Githubissues

kode54 commented 6 years ago

Apparently, in the release 138 of Anbox edge snap, the Houdini binfmt_misc handler doesn't work, because binfmt_misc isn't being loaded by the kernel. And there doesn't appear to be a modprobe binary, either.

geeks-r-us commented 5 years ago

I still hang on this problem. In 145 module should be there:

lsmod | grep binfmt
binfmt_misc 20480 1

But neighter it uses the filters in /system/etc/binfmt_misc/ nor I'm unable to mount /proc/sys/fs/binfmt_misc to register them.

kastixx commented 5 years ago

It seems that the foreign binary formats should be enabled at the android init stage. The image does not even have update-binfmts utility. So, instead of adding files to /system/etc/binfmt_misc (which is really ignored) we need to change /init.rc. This can be done e.g. by adding this to the end of init.rc:

on fs
    mount binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc
    write /proc/sys/fs/binfmt_misc/register ":arm_dyn:M::\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x28::/system/bin/houdini:"
    write /proc/sys/fs/binfmt_misc/register ":arm_exe:M::\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28::/system/bin/houdini:"

But all this won't work anyway until this is fixed: https://github.com/anbox/anbox/issues/490. (In short - mounting binfmt_misc filesystem fails with "Operation not permitted" error.)

Also, SELinux/AppArmor can block mounting binfmt_misc at init stage, so the MAC system should be either disabled or adjusted to allow mounting this FS.

geeks-r-us commented 5 years ago

In deed this is the problem. This is why @kode54 also posted to anbox/anbox#490.

I removed the rule in AppArmor profile but it still no mounts binfmt_misc successfully

Arucard1983 commented 5 years ago

When this issue are fixed, it is advisable to add support of 64-bit ARM Houdini as indicated on https://github.com/anbox/anbox/issues/490 ?

ipfgao commented 5 years ago

In deed this is the problem. This is why @kode54 also posted to anbox/anbox#490.

I removed the rule in AppArmor profile but it still no mounts binfmt_misc successfully

you need rebuild anbox without uidmap

geeks-r-us commented 5 years ago

@ipfgao IMHO this is not really an option because you need to maintain a parallel branch if you like to stay up to date and its accompanied with security issues.

ipfgao commented 5 years ago

@ipfgao IMHO this is not really an option because you need to maintain a parallel branch if you like to stay up to date and its accompanied with security issues.

you really need a new branch to support Houdini. The performance is too low now

ipfgao commented 5 years ago

@ipfgao IMHO this is not really an option because you need to maintain a parallel branch if you like to stay up to date and its accompanied with security issues.

And binfmt_misc is not necessary for houdini. executable file need binfmt_misc,apk may not

ipfgao commented 5 years ago

oh,here is the patch to disable uidmap

--- a/scripts/create-package.sh
+++ b/scripts/create-package.sh
@@ -23,8 +23,8 @@ sudo mount -o loop,ro $system $workdir/system
 sudo cp -ar $workdir/system/* $rootfs/system
 sudo umount $workdir/system

-gcc -o $workdir/uidmapshift external/nsexec/uidmapshift.c
-sudo $workdir/uidmapshift -b $rootfs 0 100000 65536
+#gcc -o $workdir/uidmapshift external/nsexec/uidmapshift.c
+#sudo $workdir/uidmapshift -b $rootfs 0 100000 65536

 # FIXME
 sudo chmod +x $rootfs/anbox-init.sh
diff --git a/src/anbox/container/lxc_container.cpp b/src/anbox/container/lxc_container.cpp
index 5790fe3..3f93ba4 100644
--- a/src/anbox/container/lxc_container.cpp
+++ b/src/anbox/container/lxc_container.cpp
@@ -353,9 +353,10 @@ void LxcContainer::start(const Configuration &configuration) {
   set_config_item(lxc_config_apparmor_profile_key, "unconfined");
 #endif

+/*
   if (!privileged_)
     setup_id_map();
-
+*/
   auto bind_mounts = configuration.bind_mounts;
   for (const auto &bind_mount : bind_mounts) {
     std::string create_type = "file";

ipfgao commented 5 years ago

@ipfgao IMHO this is not really an option because you need to maintain a parallel branch if you like to stay up to date and its accompanied with security issues.

Hi today i try register binfmt_misc on host system and without mounting binfmt_misc in anbox ,it works.Arm native binary is running.

Oh it works with uidmap too.

#!/bin/bash

cd /proc/sys/fs/binfmt_misc
echo ':arm_exe:M::\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28::'"/system/lib/arm/houdini:P" > register
echo ':arm_dyn:M::\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x28::'"/system/lib/arm/houdini:P" > register
echo ':arm64_exe:M::\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7::'"/system/lib64/arm64/houdini64:P" > register
echo ':arm64_dyn:M::\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\xb7::'"/system/lib64/arm64/houdini64:P" > register

louiskounios commented 5 years ago

@ipfgao IMHO this is not really an option because you need to maintain a parallel branch if you like to stay up to date and its accompanied with security issues.

Hi today i try register binfmt_misc on host system and without mounting binfmt_misc in anbox ,it works.Arm native binary is running.

Oh it works with uidmap too.
#!/bin/bash

cd /proc/sys/fs/binfmt_misc
echo ':arm_exe:M::\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28::'"/system/lib/arm/houdini:P" > register
echo ':arm_dyn:M::\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x28::'"/system/lib/arm/houdini:P" > register
echo ':arm64_exe:M::\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7::'"/system/lib64/arm64/houdini64:P" > register
echo ':arm64_dyn:M::\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\xb7::'"/system/lib64/arm64/houdini64:P" > register

Hi.

I installed Houdini on my host OS and confirmed that I was able to run ARM binaries. But ARM applications still do not run in Anbox. Could you please explain what changes you made to the Android side on top of the binfmt_misc changes on the host?

ipfgao commented 5 years ago

@ipfgao IMHO this is not really an option because you need to maintain a parallel branch if you like to stay up to date and its accompanied with security issues.

Hi today i try register binfmt_misc on host system and without mounting binfmt_misc in anbox ,it works.Arm native binary is running. Oh it works with uidmap too.
#!/bin/bash

cd /proc/sys/fs/binfmt_misc
echo ':arm_exe:M::\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28::'"/system/lib/arm/houdini:P" > register
echo ':arm_dyn:M::\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x28::'"/system/lib/arm/houdini:P" > register
echo ':arm64_exe:M::\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7::'"/system/lib64/arm64/houdini64:P" > register
echo ':arm64_dyn:M::\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\xb7::'"/system/lib64/arm64/houdini64:P" > register
Hi.

I installed Houdini on my host OS and confirmed that I was able to run ARM binaries. But ARM applications still do not run in Anbox. Could you please explain what changes you made to the Android side on top of the binfmt_misc changes on the host?

set ro.dalvik.vm.native.bridge=libhoudini.so in /var/snap/anbox/common/rootfs-overlay/default.prop.

louiskounios commented 5 years ago

set ro.dalvik.vm.native.bridge=libhoudini.so in /var/snap/anbox/common/rootfs-overlay/default.prop.

This is not working for me unfortunately, but maybe I'm doing something wrong. Just to clarify, did you replicate the steps from this script, but registered the binary interpreters on the host instead of in Android? If I do that I get this error – dlopen failed: "/path/to/lib/file/libfile.so" has unexpected e_machine: 40 – in logcat when I try to launch an ARM application.

ipfgao commented 5 years ago

set ro.dalvik.vm.native.bridge=libhoudini.so in /var/snap/anbox/common/rootfs-overlay/default.prop.

This is not working for me unfortunately, but maybe I'm doing something wrong. Just to clarify, did you replicate the steps from this script, but registered the binary interpreters on the host instead of in Android? If I do that I get this error – dlopen failed: "/path/to/lib/file/libfile.so" has unexpected e_machine: 40 – in logcat when I try to launch an ARM application.

i am using android.img build by myself,not the script. i see there is no houdini_z,and libhoudini.so is not the right version in this script. try replace /var/snap/anbox/common/rootfs-overlay/system/lib/libhoudini.so with /var/snap/anbox/common/rootfs-overlay/system/lib/arm/libhoudini.so

geeks-r-us commented 5 years ago

I tried to adapt the installer as described:

install houdini y and z
set binfmt entries on host but I receive unexprected e_machine: 40
Also tried to copy libhoudini.so from lib/arm / lib64/arm64 to lib / lib64 without success.

Current state is in: e6e09cd

Any ideas?

ipfgao commented 5 years ago

I tried to adapt the installer as described:

* install houdini y and z

* set binfmt entries on host
  but I receive unexprected e_machine: 40
  Also tried to copy libhoudini.so from lib/arm / lib64/arm64 to lib / lib64 without success.

Current state is in: e6e09cd

Any ideas?

Set ro.dalvik.vm.native.bridge=libhoudini.so in $OVERLAYDIR/default.prop not $OVERLAYDIR/system/build.prop.
Copy libhoudini.so from lib/arm / lib64/arm64 to lib / lib64

ci70 commented 5 years ago

Has this been fixed yet? You can look at this for libhoudini stuff. https://www.videomap.it/forum/viewtopic.php?f=25&t=2106&sid=2294c12563fb02b6561bee0784a5abde

Some apps don't work. Paypal, Revolut etc. Probably ARM related.

geeks-r-us commented 5 years ago

Thx to ipfgao it's working again since 279c21b

geeks-r-us / anbox-playstore-installer

Houdini can't work #10