From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1336100-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 80114158086
	for <garchives@archives.gentoo.org>; Wed,  3 Nov 2021 16:40:34 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 6840DE0895;
	Wed,  3 Nov 2021 16:40:33 +0000 (UTC)
Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id DD4D9E0895
	for <gentoo-commits@lists.gentoo.org>; Wed,  3 Nov 2021 16:40:32 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 7FC06342EF2
	for <gentoo-commits@lists.gentoo.org>; Wed,  3 Nov 2021 16:40:31 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id B9C2C186
	for <gentoo-commits@lists.gentoo.org>; Wed,  3 Nov 2021 16:40:29 +0000 (UTC)
From: "Mike Frysinger" <vapier@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Mike Frysinger" <vapier@gentoo.org>
Message-ID: <1635957294.01318f0d48654425b4ea3a90520a52f774b60ead.vapier@gentoo>
Subject: [gentoo-commits] proj/sandbox:master commit in: libsandbox/
X-VCS-Repository: proj/sandbox
X-VCS-Files: libsandbox/trace.c
X-VCS-Directories: libsandbox/
X-VCS-Committer: vapier
X-VCS-Committer-Name: Mike Frysinger
X-VCS-Revision: 01318f0d48654425b4ea3a90520a52f774b60ead
X-VCS-Branch: master
Date: Wed,  3 Nov 2021 16:40:29 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 395ef27f-3717-4a89-b559-5aac2135f7cf
X-Archives-Hash: 72cb5b1f62493a98a04b7432ae4af4c6

commit:     01318f0d48654425b4ea3a90520a52f774b60ead
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Wed Nov  3 16:34:54 2021 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Wed Nov  3 16:34:54 2021 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=01318f0d

libsandbox: refine yama check to abort on level 3+

There's no way we can support level 3+ since the kernel blocks it,
so give up and inform the user their setup is incompatible.

Bug: https://bugs.gentoo.org/771360
Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 libsandbox/trace.c | 30 +++++++++++++++++++++---------
 1 file changed, 21 insertions(+), 9 deletions(-)

diff --git a/libsandbox/trace.c b/libsandbox/trace.c
index d2899b7..036d57f 100644
--- a/libsandbox/trace.c
+++ b/libsandbox/trace.c
@@ -49,13 +49,7 @@ pid_t trace_pid;
 static int trace_yama_level(void)
 {
 	char ch;
-	int fd;
-
-	/* ptrace scope binds access to specific capabilities.  Lets use uid==0 as a
-	 * lazy proxy for "we have all capabilities" until we can refine this.
-	 */
-	if (getuid() == 0)
-		return 0;
+	int fd, level;
 
 	fd = open("/proc/sys/kernel/yama/ptrace_scope", O_RDONLY | O_CLOEXEC);
 	if (fd == -1)
@@ -63,7 +57,25 @@ static int trace_yama_level(void)
 
 	RETRY_EINTR(read(fd, &ch, 1));
 	close(fd);
-	return ch - '0';
+	level = ch - '0';
+
+	switch (level) {
+	case 0:
+		/* Normal levels work fine. */
+		return 0;
+
+	case 1:
+	case 2:
+		/* ptrace scope binds access to specific capabilities.  Lets use uid==0 as a
+		 * lazy proxy for "we have all capabilities" until we can refine this.
+		 */
+		return getuid() == 0 ? 0 : level;
+
+	case 3:
+	default:
+		/* Level 3+ is not supported. */
+		sb_ebort("YAMA ptrace_scope=%i+ is not supported as it makes tracing impossible.\n", level);
+	}
 }
 
 static void trace_exit(int status)
@@ -709,7 +721,7 @@ bool trace_possible(const char *filename, char *const argv[], const void *data)
 	/* If YAMA ptrace_scope is very high, then we can't trace at all.  #771360 */
 	int yama = trace_yama_level();
 	if (yama >= 2) {
-		sb_eqawarn("YAMA ptrace_scope=%i\n", yama);
+		sb_eqawarn("YAMA ptrace_scope=%i is not currently supported\n", yama);
 		goto fail;
 	}