cmd/snap-seccomp: add full complement of ptrace constants #6120
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The snap-seccomp executable needs to understand each constant it is given. When encountering unexpected constants it just returns an error. Since patch 093b366 "interfaces/browser-support, cmd/snap-seccomp: Allow read-only ptrace, for the Breakpad crash reporter." snap-seccomp will choke on the profiles generated for the browser-support interface. Since patch 353aa70 "cmd/snap-seccomp: only look for PTRACE_GETFPX?REGS where available" snap-seccomp contains additional logic that handles various ptrace constants with architecture-specific build tags. I'm not sure why this was done because all of the constants are available in the C header file sys/ptrace.h Initially I was thinking about making the parser silently ignore certain PTRACE values but I have since reconsidered to just add the full since they are just defined and are available at build time. After all, it doesn't hurt if they don't work on a given architecture (at a kernel level). We just want to white-list them in case they do work. Fixes: https://bugs.launchpad.net/snapd/+bug/1802124 Signed-off-by: Zygmunt Krynicki <me@zygoon.pl>
jdstrand
approved these changes
Nov 8, 2018
|
@jdstrand tests failed here but I fixed that, will push a fix as soon as one more run is finished. |
Some ptrace requests are not available on all architectures. Since the values for those requests just follow a simple sequential enumeration it should be safe to define the missing values. The kernel doesn't support them but we don't care about that because we just want to allow them if they are specified by the seccomp profile. Signed-off-by: Zygmunt Krynicki <me@zygoon.pl>
jdstrand
approved these changes
Nov 8, 2018
bboozzoo
approved these changes
Nov 9, 2018
|
thank you for this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The snap-seccomp executable needs to understand each constant
it is given. When encountering unexpected constants it just returns
an error.
Since patch 093b366
"interfaces/browser-support, cmd/snap-seccomp: Allow read-only ptrace,
for the Breakpad crash reporter." snap-seccomp will choke on the
profiles generated for the browser-support interface.
Since patch 353aa70 "cmd/snap-seccomp:
only look for PTRACE_GETFPX?REGS where available" snap-seccomp contains
additional logic that handles various ptrace constants with
architecture-specific build tags. I'm not sure why this was done because
all of the constants are available in the C header file sys/ptrace.h
Initially I was thinking about making the parser silently ignore certain
PTRACE values but I have since reconsidered to just add the full since
they are just defined and are available at build time. After all, it
doesn't hurt if they don't work on a given architecture (at a kernel
level). We just want to white-list them in case they do work.
Fixes: https://bugs.launchpad.net/snapd/+bug/1802124
Signed-off-by: Zygmunt Krynicki me@zygoon.pl