Conversation
| rules_.emplace_back(SeccompRule( | ||
| syscall, | ||
| action::ActionAllow(), | ||
| filter::SyscallArg(4) >= 3)); |
There was a problem hiding this comment.
Currently, when this rule fails, we kill the tracee with "intercepted forbidden syscall", right?
Can we add a second rule which, when the fd is not >= 3, we return EACCES? That means
EACCES A file descriptor refers to a non-regular file. Or a file mapping was requested, but fd is not open for reading. Or MAP_SHARED was requested and PROT_WRITE is set, but fd is not open in read/write (O_RDWR) mode. Or PROT_WRITE is set, but the file is append-only.
which should basically tell whoever tried to mmap that this file is not mmapable and they should proceed with regular reads instead.
Also, I think we also need to handle MAP_ANONYMOUS somehow, so that the process can allocate memory? On my system it appears even in strace true, probably ld.so or libc prologue uses it.
The manpage says in case of MAP_ANONYMOUS
The fd argument is ignored; however, some implementations require fd to be -1 if MAP_ANONYMOUS (or MAP_ANON) is specified, and portable applications should ensure this.
If our conditions treat args as unsigned then -1 would be >= 3 and that'd pass through, but I'm not sure if I want to rely on programs passing -1 as fd when the kernel doesn't require it...
Maybe we could have another rule for MAP_ANONYMOUS?
|
I wonder if we should add tests for this kinda stuff |
|
Ughh, Python for some reason dups file descriptors 0-2, so the tests fail (for example |
|
And when |
|
Looks like Python 3.9 in its infinite wisdom uses https://github.com/python/cpython/blob/v3.9.18/Python/pylifecycle.c#L1735-L1765 Looks like they changed it to fcntl in 3.11 and later python/cpython@f87ea03 But if python 3.9 specifically is used in some contests then we can't drop support for that by forbidding dup.... |
|
OIJ and Szkopuł use python3.9, so I guess for now we have to allow |
2 participants
Now
mmapis allowed to read only from fd > 2, anddupisn't allowed to use fd < 3