search

includeos / IncludeOS

A minimal, resource efficient unikernel for cloud services
https://www.includeos.org
Apache License 2.0
4.89k stars 359 forks source link

LibVMI Support #901

Open rianquinn opened 7 years ago

rianquinn commented 7 years ago

Here's an interesting use case for IncludeOS.

I have been getting a lot of questions with respect to LibVMI support in Bareflank. Bareflank itself should be able to support some basic applications, IncludeOS and a stripped down Linux VM sometime early next year. Application support for something like LibVMI would be ideal, but it might take a little bit depending on how many POSIX functions it relies on as it uses a library IIRC from GNOME to provide data structure support (it's written in C so data structures are a pain).

The question I have is... how hard do you think it would be to provide LibVMI support in IncludeOS? The use of LibVMI would still be a C++ application, written as any inside of IncludeOS. The difference is you would have to statically link in LibVMI and it's supporting libraries which are not many. LibVMI is used by a lot of reverse engineering hackers, and a version of it that runs inside of a unikernel that supports things like Xen / KVM would be of interest to a lot of people I would imagine. On our end, getting LibVMI to work inside IncludeOS would mean that we would be able to kill two birds with one stone (getting IncludeOS support and LibVMI support at the same time), and I think it would broaden the user base for IncludeOS to not just WebServers but also reverse engineers and security researchers.

Thoughts?

@tklengyel

tklengyel commented 7 years ago

AFAICT the trick is just going to be compiling all libraries statically into the final IncludeOS binary. For the most part this should be straight forward, although I haven't yet found examples of how to hook such static linking into the build-process here. The one library that will be interesting to get statically linked will be libglib-2.0. While it can also be linked statically with the final binary, it has a dependency on pthread (see https://developer.gnome.org/glib/2.50/glib-building.html). While we are not using any threading in LibVMI, or any glib function that would do in the background, the dependency still needs to be resolved somehow.

It seems IncludeOS doesn't support threading/POSIX at this time so I'm not sure how the build process would cope with that. Since we just need it to build, having a dummy layer for pthread would suffice, and from the Wiki it sounds like this might already be the case (https://github.com/hioa-cs/IncludeOS/wiki/FAQ#will-includeos-become-posix-compliant).

alfreb commented 7 years ago

@rianquinn @tklengyel thanks for posting. This sounds interesting - we're doing a POSIX sprint right now and we'll most likely be adding a minimal pthreads implementation as well, hopefully before the holidays. The goal being exactly this, to make it easier to integrate existing stuff.