Accel in Localbuilder (for Advanced Users)

Prerequisites

Root privileges are required on the host machine in order to configure binfmt_misc.

binfmt_misc

Refer to the kernel documentation for more information: https://docs.kernel.org/admin-guide/binfmt-misc.html

Ensure that binfmt_misc is mounted at:

/proc/sys/fs/binfmt_misc

binfmt_misc is shared across namespaces. Once it is configured, it is available in all namespaces.

Patched QEMU static binary

RedPesk provides a patched version of QEMU user static. This patched binary must be loaded into the kernel using binfmt_misc if acceleration mode is required.

Retrieving the patched binary

To obtain the patched qemu-aarch64-static, you can copy it from the localbuilder container.

Using Docker:

docker cp localbuilder:/usr/bin/qemu-aarch64-static qemu-aarch64-static-from-localbuilder

Using Podman:

podman cp localbuilder:/usr/bin/qemu-aarch64-static qemu-aarch64-static-from-localbuilder

Registering the binary in binfmt_misc

The following commands load the binary into binfmt_misc.

The F flag ensures that the registration does not depend on namespaces.

# Disable qemu-aarch64 if it is already registered
echo -1 | sudo tee /proc/sys/fs/binfmt_misc/qemu-aarch64

# Register qemu-aarch64-static-from-localbuilder
echo ':qemu-aarch64:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:qemu-aarch64-static-from-localbuilder:F' | sudo tee /proc/sys/fs/binfmt_misc/register

Note: This configuration is not persistent across reboots.

Troubleshooting

AppArmor / SELinux

You may encounter issues when mounting or accessing binfmt_misc due to AppArmor or SELinux restrictions. If this happens, try disabling them on the host system and then restart your container.

# AppArmor
sudo systemctl stop apparmor

# SELinux
sudo setenforce 0