Fix: Linux kernel from package could not be on a different device

hoh · web-flow · commit 83b4f9bbdbeb · 2024-02-20T17:57:15.000+01:00
If the Linux kernel provided is was another device than the execution root, creating a hardlink within the jailer directory would fail.

Solution: Copy the kernel to the execution root during setup.
diff --git a/src/aleph/vm/conf.py b/src/aleph/vm/conf.py
@@ -2,6 +2,7 @@
 import logging
 import os
 import re
+import shutil
 from collections.abc import Iterable
 from decimal import Decimal
 from enum import Enum
@@ -15,7 +16,7 @@
 from pydantic.env_settings import DotenvType, env_file_sentinel
 from pydantic.typing import StrPath
 
-from aleph.vm.utils import is_command_available
+from aleph.vm.utils import file_hashes_differ, is_command_available
 
 logger = logging.getLogger(__name__)
 
@@ -356,6 +357,18 @@ def setup(self):
 
         os.makedirs(self.EXECUTION_ROOT, exist_ok=True)
 
+        # If the Linux kernel provided is on another device than the execution root,
+        # copy it to the execution root to allow hardlink creation within jailer directories.
+        if os.stat(self.LINUX_PATH).st_dev != os.stat(self.EXECUTION_ROOT).st_dev:
+            logger.info("The Linux kernel is on another device than the execution root. Creating a copy.")
+            linux_path_on_device = self.EXECUTION_ROOT / "vmlinux.bin"
+
+            # Only copy if the hash of the file differ.
+            if file_hashes_differ(self.LINUX_PATH, linux_path_on_device):
+                shutil.copy(self.LINUX_PATH, linux_path_on_device)
+
+            self.LINUX_PATH = linux_path_on_device
+
         os.makedirs(self.EXECUTION_LOG_DIRECTORY, exist_ok=True)
         os.makedirs(self.PERSISTENT_VOLUMES_DIR, exist_ok=True)
 
diff --git a/src/aleph/vm/utils.py b/src/aleph/vm/utils.py
@@ -10,7 +10,7 @@
 from dataclasses import is_dataclass
 from pathlib import Path
 from shutil import disk_usage
-from typing import Any, Dict, Optional
+from typing import Any, Callable, Dict, Optional
 
 import aiodns
 import msgpack
@@ -195,3 +195,19 @@ def to_normalized_address(value: str) -> HexAddress:
         return HexAddress(HexStr(hex_address))
     else:
         raise ValueError("Unknown format {}, attempted to normalize to {}".format(value, hex_address))
+
+
+def md5sum(file_path: Path) -> str:
+    """Calculate the MD5 hash of a file. Externalize to the `md5sum` command for better performance."""
+    return subprocess.check_output(["md5sum", file_path], text=True).split()[0]
+
+
+def file_hashes_differ(source: Path, destination: Path, checksum: Callable[[Path], str] = md5sum) -> bool:
+    """Check if the MD5 hash of two files differ."""
+    if not source.exists():
+        raise FileNotFoundError("Source file does not exist: {}".format(source))
+
+    if not destination.exists():
+        return True
+
+    return checksum(source) != checksum(destination)
