"Operation not permitted": on ARM it only runs with "disable-sandbox" #14
Comments
m040601
changed the title
|
Hi,
Hi, first of all thanks for your work in this **extremely** **usefull** written in C for speed and promising tool.
I'm glad that you like it.
My issue is when I try to run in on Arm, also Arch Linux, armv7.
Thanks for the report. These problems are expected with seccomp from time to
time, so it's good that I hear about it. Try running this:
strace -f rdrview -H 'https://github.com/eafer/rdrview' 2>&1 >/dev/null | grep EPERM
And send me the output. That should tell us which syscalls are getting
blocked, so that I can add them to the whitelist.
|
pulled the latest commits, compiled a fresh one, and here it is: |
On 32-bit architectures, glibc can't implement its fstat() function with the fstat() syscall; it requires fstat64() instead. Add that syscall to the seccomp whitelist, which should hopefully solve this issue: #14
|
[pid 18413] fstat64(5, 0xbebd5b60) = -1 EPERM (Operation not permitted)
[pid 18413] fcntl64(4, F_GETFL) = -1 EPERM (Operation not permitted)
Ok, I just pushed a patch that allows fstat64(). If this doesn't solve the
problem, run the strace command I gave you before and send me the ouput
again.
|
|
Still failing. $ git show origin/master --no-patch $ strace -f rdrview -H 'https://github.com/eafer/rdrview' 2>&1 >/dev/null | grep EPERM |
The previous patch was not enough to get rdrview to run on 32-bit ARM: #14 (comment) Add mmap2() to the whitelist as well. This time I have tested rdrview myself on a Raspberry Pi, and it seems to work fine.
|
[pid 4158] mmap2(NULL, 153932, PROT_READ|PROT_WRITE, MAP_SHARED, 5, 0) = -1 EPERM (Operation not permitted)
OK, I just pushed a patch to allow mmap2(). I tested it myself this time on
a Raspberry Pi, so it should work, but let me know.
|
Yes it does. Tested on both Raspberry Pi and Chromebook (armv7). |
|
I can confirm working on AArch64 on another rplatform |
|
Although I can't seem to use it with a browser Gist of strace (See next message) |
|
Forgot to do the follow-forks https://gist.github.com/2948087883f55cccd44164fb9745ffa0 |
I have no idea why, but it seems that dup2() is sometimes implemented internally using the dup3() syscall: #14 (comment) So add that syscall to the allowed list.
|
Although I can't seem to use it with a browser
It seems that your standard library implements dup2() using the dup3()
syscall instead. I'm pushing a patch to allow dup3(), let me know if it's
not enough.
|
|
Works great! Thanks. Since I forgot to mention: That's Arch Linux ARM (aarch64) |
|
I don't know if this is an issue worthy of it's own thread, but I was having a similar issue on x64 Arch Linux, so I ran the strace previously posted here and got the following errors So I tried adding the following lines to my sandbox.c and it worked perfectly. |
|
[pid 2026874] newfstatat(5, "", 0x7ffd80399170, AT_EMPTY_PATH) = -1 EPERM (Operation not permitted)
Thank you for the report. It seems that your libc implements fstat() using
a variation of fstatat(). I can't just allow fstatat() because it's called
with a path, not with a file descriptor, so it's too dangerous. This is all
very annoying: I think I will have to write my own wrapper...
|
It's been reported that some standard libraries implement fstat() using the newfstatat() syscall: #14 (comment) This is a very annoying: if I allow newfstatat(), an attacker running code inside the sandbox would be able to get information about any filepath. Instead, restructure the code so that the only call to fstat() happens before the sandbox is set up, and ban all variants of this syscall (as well as mmap(), which is no longer needed either).
|
[pid 2026874] newfstatat(5, "", 0x7ffd80399170, AT_EMPTY_PATH) = -1 EPERM (Operation not permitted)
Ok, I'm just moving the call to fstat() outside the sandbox. That doesn't
carry any risk, and it should make all these problems go away. Please let
me know if it works for you.
|
|
I'm facing the same issue (or at least seems like the same). But I'm on x86_64-linux (NixOS). only --disable-sandbox works |
Can you run
and send me the output? |
In that case, I think this issue has already been fixed. Try the current head. |
Hi, first of all thanks for your work in this extremely usefull written in C for speed and promising tool.
I've been testing and using it on my x64 Arch Linux for some months. Very happy.
I use it with w3m. Feel free to update the README as well.
W3m is a very underrated (and badly documented) cli browser. But with incredible customizing options. It works amazingly fast with rdrview.
You can use it for a one shot operation like this:
$ rdrview -H https://www.bbc.com/news/world-asia-china-55784231 | w3m -T text/htmlor
$ rdrview -H https://www.bbc.com/news/world-asia-china-55784231 | w3m -T text/html -dumpOr for interactive browsing.
You can for example add these lines to the config file, ~/.w3m/keymap
keymap \\\r COMMAND "SHELL 'rdrview -H $W3M_URL > /tmp/rdrview.html' ; LOAD /tmp/rdrview.html"or
keymap \\\r COMMAND "SHELL 'clear; echo \"parsing page with rdrview\" ; echo ; rdrview -H $W3M_URL > /tmp/rdrview.html' ; LOAD /tmp/rdrview.html"and then use "\r" when your browsing a page inside w3m.
My issue is when I try to run in on Arm, also Arch Linux, armv7.
I tried it on both a chromebook running:
Linux alarmsung 5.10.10-1-ARCH #1 SMP PREEMPT Sat Jan 23 23:26:35 UTC 2021 armv7l GNU/Linuxand a Raspberry Pi 2 running:
Linux alarmpi 5.4.83-4-ARCH #1 SMP PREEMPT Wed Jan 20 14:06:49 UTC 2021 armv7l GNU/LinuxI install rdrview by hand. I do not use the Arch User AUR package like this other user, #13. This AUR arch linux is not well maintained and is marked only for x64 not Arm, https://aur.archlinux.org/packages/rdrview-git
What I do instead is this.
I do git clone .. and then run make.
On both these ARM systems I have the exact same needed dependencies installed
They are the same as in my working x64 system, and they are official distro packages:
Compilation with make runs without a problem. But running it, whatever the options choosen always gets me a message:
rdrview: Operation not permittedIf I use the flag "--disable-sandbox" then it works.
I'm not a developer, and have zero understanding of C programing, syscalls or security. The only thing I could find that brought me here was the similar issue by the other user.
Additional info that might be usefull:
Architecture : armv7h
$ strace rdrview -M https://www.bbc.com/news/world-asia-china-55784231 2>> error_log.txterror_log.txt
$ file ./rdrview
./rdrview: ELF 32-bit LSB pie executable, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=b7438379398f311b185c1ba3a7ba9019f245321d, for GNU/Linux 3.2.0, not strippedThe text was updated successfully, but these errors were encountered: