On Thursday, November 07, 2013 10:33:38 AM Andy Lutomirski wrote: > In the interest of "release early, release often": > > https://github.com/amluto/libseccomp/commits/raw-syscall > > There are five commits in there.
Excellent, I like RFC patches, especially for big changes. However, could you post the patches directly to the list? Including a pointer to your git tree in the 0/x posting is nice, but being able to review and comment on the patches inline is a good thing and really only works if you post the patches to the list. > The first two are fixes I've already sent out. The other three make this > code: > > import os > import pdb > import seccomp > seccomp.set_trap_handler(seccomp.trace_trapped_syscall) > f = seccomp.SyscallFilter(seccomp.ALLOW) > f.add_rule(seccomp.TRAP, 'getgid') > f.load() > def bad(): > os.getgid() > bad() > print 'Unreachable' > > Print this: > > Dying due to seccomp-blocked syscall getgid(0x0, 0x0, 0x4, 0x0, 0x0, > 0x3AD8F13240) > Traceback (most recent call last): > File "test.py", line 10, in <module> > bad() > File "test.py", line 9, in bad > os.getgid() That's encouraging. > This works on x86_64, x86_32, x86_32-on-x86_64, and ARM. It may or > may not work on x32 -- I haven't tried it. I suspect that x32 is a > bit broken due to the fact that SCMP_ARCH_X32 != AUDIT_ARCH_X86_64, so > arch_syscall_resolve_name won't work. I'll have to look at your patches, but it would be great if we could make this work. > I'd argue that x86_64 should recognize names prefixed with x32_ and set the > x32 bit, but this is debatable. In any case, the decoder itself should be > fine. Once again, we'll have to take a peek. > It may be mergeable as is. No comment just yet ... > Before it gets released, though, I want to add one more feature: setting the > trapped syscall's return value. That way you could have a trap handler > emulate syscalls instead of just logging and dying. Seems reasonable. > Longer term, I think that we'll want a (preferably auto-generated) > list of syscalls along with signatures so that add_rule can map args > correctly (I assume it currently assumes that the logical arg 0 lives > in the args[0] slot, etc) and so that the SIGSYS decoder can map back > to logical arguments. In the mean time, this is still useful. -- paul moore security and virtualization @ redhat ------------------------------------------------------------------------------ November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk _______________________________________________ libseccomp-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libseccomp-discuss
