[gentoo-commits] proj/sandbox:master commit in: /, libsandbox/

[gentoo-commits] proj/sandbox:master commit in: /, libsandbox/

[Mike Frysinger]

commit:     039b24cb0b97e69e8008de0037170c9a4a18de9a
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Fri Jul  8 19:56:13 2011 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Fri Jul  8 19:56:13 2011 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commit;h=039b24cb

libsandbox: delay trace_regs #error until use

Don't error out if we're missing trace_regs, but we don't ever
actually use it.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

---
 libsandbox/trace.c |    4 ++++
 localdecls.h       |    3 ++-
 2 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/libsandbox/trace.c b/libsandbox/trace.c
index 2c404fb..45bb5d4 100644
--- a/libsandbox/trace.c
+++ b/libsandbox/trace.c
@@ -27,6 +27,10 @@ pid_t trace_pid;
 
 #ifndef SB_NO_TRACE
 
+#ifndef HAVE_TRACE_REGS
+# error "unable to find struct for tracing regs"
+#endif
+
 #ifdef HAVE_OPEN64
 # define sb_openat_pre_check sb_openat64_pre_check
 #endif

diff --git a/localdecls.h b/localdecls.h
index 83c01d6..3992834 100644
--- a/localdecls.h
+++ b/localdecls.h
@@ -63,12 +63,13 @@ typedef __sighandler_t sighandler_t;
 # endif
 #endif
 
+#define HAVE_TRACE_REGS
 #if defined(HAVE_STRUCT_PT_REGS)
 typedef struct pt_regs trace_regs;
 #elif defined(HAVE_STRUCT_USER_REGS_STRUCT)
 typedef struct user_regs_struct trace_regs;
 #else
-# error "unable to find struct for tracing regs"
+# undef HAVE_TRACE_REGS
 #endif
 
 #ifndef ARRAY_SIZE

[gentoo-commits] proj/sandbox:master commit in: /, libsandbox/

[Mike Frysinger]

commit:     00e64315a17b5f681c5a9f0114ac18eb002faa27
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Wed Mar  7 05:22:55 2012 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Wed Mar  7 05:28:01 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commit;h=00e64315

libsandbox: mark internal fds with O_CLOEXEC

We don't want to bleed these across forks/execs.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

---
 libsandbox/libsandbox.c |    4 ++--
 localdecls.h            |    4 ++++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index a36e190..77a2415 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -386,7 +386,7 @@ static int sb_copy_file_to_fd(const char *file, int ofd)
 {
 	int ret = -1;
 
-	int ifd = sb_open(file, O_RDONLY, 0);
+	int ifd = sb_open(file, O_RDONLY|O_CLOEXEC, 0);
 	if (ifd == -1)
 		return ret;
 
@@ -480,7 +480,7 @@ static bool write_logfile(const char *logfile, const char *func, const char *pat
 	}
 
 	logfd = sb_open(logfile,
-		O_APPEND | O_WRONLY | O_CREAT,
+		O_APPEND | O_WRONLY | O_CREAT | O_CLOEXEC,
 		S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
 	if (logfd == -1) {
 		SB_EERROR("ISE:write_logfile ", "unable to append logfile\n");

diff --git a/localdecls.h b/localdecls.h
index 590654d..674e848 100644
--- a/localdecls.h
+++ b/localdecls.h
@@ -49,6 +49,10 @@
 # define MAP_ANONYMOUS MAP_ANON
 #endif
 
+#ifndef O_CLOEXEC
+# define O_CLOEXEC 0
+#endif
+
 #if !HAVE_DECL_ENVIRON
 extern char **environ;
 #endif

[gentoo-commits] proj/sandbox:master commit in: /, libsandbox/

[Mike Frysinger]

commit:     53179a50a1a3e7a21e71cea6de46468deee87c69
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Mon Aug 13 01:56:05 2012 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Mon Aug 13 01:56:43 2012 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commit;h=53179a50

libsandbox: use process_vm_readv if available

Should speed up loading of strings from remote processes as we only have
to do (usually) one syscall to extract the whole string in one shot.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

---
 configure.ac       |    2 ++
 headers.h          |    3 +++
 libsandbox/trace.c |   26 ++++++++++++++++++++++++++
 3 files changed, 31 insertions(+), 0 deletions(-)

diff --git a/configure.ac b/configure.ac
index 65811dc..3529dcf 100644
--- a/configure.ac
+++ b/configure.ac
@@ -105,6 +105,7 @@ AC_CHECK_HEADERS_ONCE(m4_flatten([
 	sys/syscall.h
 	sys/time.h
 	sys/types.h
+	sys/uio.h
 	sys/user.h
 	sys/wait.h
 	asm/ptrace.h
@@ -168,6 +169,7 @@ AC_CHECK_FUNCS_ONCE(m4_flatten([
 	openat
 	openat64
 	pathconf
+	process_vm_readv
 	ptrace
 	realpath
 	remove

diff --git a/headers.h b/headers.h
index 512c85b..42b7c25 100644
--- a/headers.h
+++ b/headers.h
@@ -122,6 +122,9 @@
 #ifdef HAVE_SYS_USER_H
 # include <sys/user.h>
 #endif
+#ifdef HAVE_SYS_UIO_H
+# include <sys/uio.h>
+#endif
 #ifdef HAVE_SYS_WAIT_H
 # include <sys/wait.h>
 #endif

diff --git a/libsandbox/trace.c b/libsandbox/trace.c
index ea769fd..c38ea12 100644
--- a/libsandbox/trace.c
+++ b/libsandbox/trace.c
@@ -90,6 +90,32 @@ static char *do_peekstr(unsigned long lptr)
 	if (lptr < sizeof(long))
 		return NULL;
 
+#ifdef HAVE_PROCESS_VM_READV
+	struct iovec liov, riov;
+
+	/* We can't cross remote page boundaries when using this :( */
+	l = 0x1000;
+	riov.iov_base = (void *)lptr;
+	len = lptr % l;
+	if (!len)
+		len = l;
+	liov.iov_base = ret = xmalloc(len);
+	riov.iov_len = liov.iov_len = len;
+
+	while (1) {
+		process_vm_readv(trace_pid, &liov, 1, &riov, 1, 0);
+
+		for (i = 0; i < liov.iov_len; ++i)
+			if (!((char *)liov.iov_base)[i])
+				return ret;
+		riov.iov_base += l;
+		riov.iov_len = liov.iov_len = l;
+		len += l;
+		ret = xrealloc(ret, len);
+		liov.iov_base = ret + len - l;
+	}
+#endif
+
 	l = 0;
 	len = 1024;
 	ret = xmalloc(len);

[gentoo-commits] proj/sandbox:master commit in: /, libsandbox/

[Mike Frysinger]

commit:     d8b21b35fd536af8411975ad05eab85f89e84a2e
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Sat Feb 23 03:03:08 2013 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Mon Feb 25 04:17:28 2013 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commit;h=d8b21b35

libsandbox: fix early var init

In commit 5498907383c7f1654188b6a0d02d8b03112a28c3, we tried to fix
handling of ELFs that had their own constructors.  Unfortunately,
this broke use cases like `env -i` that screw with the environment
before we get a chance to extract our settings.

URL: http://bugs.gentoo.org/404013
Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

---
 TODO                    |    2 ++
 libsandbox/libsandbox.c |   33 +++++++++++++++++++++++++--------
 2 files changed, 27 insertions(+), 8 deletions(-)

diff --git a/TODO b/TODO
index e8d1d14..6470621 100644
--- a/TODO
+++ b/TODO
@@ -25,3 +25,5 @@ handle multiple processing writing to log simultaneously
 
 doesnt seem to work quite right:
 	echo $(./vfork-0 ./mkdir_static-0 2>&1)
+
+handle env var modification inside of traced apps

diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index 0ec5fe1..5d9a796 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -50,6 +50,7 @@ static char debug_log_path[SB_PATH_MAX];
 static char message_path[SB_PATH_MAX];
 bool sandbox_on = true;
 static bool sb_init = false;
+static bool sb_env_init = false;
 int (*sbio_open)(const char *, int, mode_t) = sb_unwrapped_open;
 FILE *(*sbio_popen)(const char *, const char *) = sb_unwrapped_popen;
 
@@ -62,6 +63,29 @@ static void init_env_entries(char ***, int *, const char *, const char *, int);
 const char *sbio_message_path;
 const char sbio_fallback_path[] = "/dev/tty";
 
+/* We need to initialize these vars before main().  This is to handle programs
+ * (like `env`) that will clear the environment before making any syscalls
+ * other than execve().  At that point, trying to get the settings is too late.
+ * However, we might still need to init the env vars in the syscall wrapper for
+ * programs that have their own constructors.  #404013
+ */
+__attribute__((constructor))
+void libsb_init(void)
+{
+	if (sb_env_init)
+		/* Ah, we already saw a syscall */
+		return;
+	sb_env_init = true;
+
+	/* Get the path and name to this library */
+	get_sandbox_lib(sandbox_lib);
+
+	get_sandbox_log(log_path, NULL);
+	get_sandbox_debug_log(debug_log_path, NULL);
+	get_sandbox_message_path(message_path);
+	sbio_message_path = message_path;
+}
+
 /* resolve_dirfd_path - get the path relative to a dirfd
  *
  * return value:
@@ -937,14 +961,7 @@ bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, in
 	sb_lock();
 
 	if (!sb_init) {
-		/* Get the path and name to this library */
-		get_sandbox_lib(sandbox_lib);
-
-		get_sandbox_log(log_path, NULL);
-		get_sandbox_debug_log(debug_log_path, NULL);
-		get_sandbox_message_path(message_path);
-		sbio_message_path = message_path;
-
+		libsb_init();
 		init_context(&sbcontext);
 		sb_init = true;
 	}

[gentoo-commits] proj/sandbox:master commit in: /, libsandbox/

[Mike Frysinger]

commit:     44ca5fb71633b9199971299268e34baa36de3d93
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Thu Oct 21 16:16:55 2021 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Thu Oct 21 16:16:55 2021 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=44ca5fb7

libsandbox: enable exitkill containment

If the ptrace code crashes/aborts for any reason, don't let the tracee
leak out.  No one will be expecting this, and it could lead to zombie
processes hanging around.

This option is new to Linux 3.8.  We could code this so that it would
fallback automatically to older versions of Linux, but with 3.8 being
released in 2013, doesn't seem like we need to support anyone that old.

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 README.md          | 2 +-
 libsandbox/trace.c | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index bf15128..087ff31 100644
--- a/README.md
+++ b/README.md
@@ -72,6 +72,6 @@ It requires:
   * s390 (32-bit & 64-bit)
   * x86 (32-bit & 64-bit & x32)
 * Operating system
-  * [Linux](https://kernel.org/) 2.6.20+
+  * [Linux](https://kernel.org/) 3.8+
 * C library
   * They all should work!

diff --git a/libsandbox/trace.c b/libsandbox/trace.c
index 8394b71..4d145a3 100644
--- a/libsandbox/trace.c
+++ b/libsandbox/trace.c
@@ -507,7 +507,12 @@ void trace_main(const char *filename, char *const argv[])
 		sb_debug("parent waiting for child (pid=%i) to signal", trace_pid);
 		waitpid(trace_pid, NULL, 0);
 		do_ptrace(PTRACE_SETOPTIONS, NULL,
-			(void *)(PTRACE_O_TRACESYSGOOD | PTRACE_O_TRACEEXEC | PTRACE_O_TRACEEXIT));
+			(void *)(uintptr_t)(
+				PTRACE_O_EXITKILL |
+				PTRACE_O_TRACEEXEC |
+				PTRACE_O_TRACEEXIT |
+				PTRACE_O_TRACESYSGOOD
+			));
 		sb_close_all_fds();
 		trace_loop();
 		sb_ebort("ISE: child should have quit, as should we\n");