[lxc-devel] [lxc/master] seccomp: bugfixes

brauner on Github Thu, 15 Oct 2020 01:59:28 -0700

The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxc/pull/3553


This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.

=== Description (from pull-request) ===
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>

From a76fe490dc301fe1dca160dac34967566c4e1a02 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brau...@ubuntu.com>
Date: Thu, 15 Oct 2020 09:19:23 +0200
Subject: [PATCH 1/2] seccomp: log invalid seccomp notify ids

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
 src/lxc/seccomp.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 61b9954a86..b19b46f53e 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -1377,7 +1377,7 @@ int seccomp_notify_handler(int fd, uint32_t events, void 
*data,
        int listener_proxy_fd = conf->seccomp.notifier.proxy_fd;
        struct seccomp_notify_proxy_msg msg = {0};
        char *cookie = conf->seccomp.notifier.cookie;
-       uint64_t req_id;
+       __u64 req_id;
 
        if (events & EPOLLHUP) {
                lxc_mainloop_del_handler(descr, fd);
@@ -1409,6 +1409,7 @@ int seccomp_notify_handler(int fd, uint32_t events, void 
*data,
 
        /* remember the ID in case we receive garbage from the proxy */
        resp->id = req_id = req->id;
+       TRACE("Received seccomp notification with id(%llu)", req_id);
 
        snprintf(mem_path, sizeof(mem_path), "/proc/%d", req->pid);
        fd_pid = open(mem_path, O_RDONLY | O_DIRECTORY | O_CLOEXEC);
@@ -1433,7 +1434,7 @@ int seccomp_notify_handler(int fd, uint32_t events, void 
*data,
        ret = seccomp_notify_id_valid(fd, req->id);
        if (ret < 0) {
                seccomp_notify_default_answer(fd, req, resp, hdlr);
-               SYSERROR("Invalid seccomp notify request id");
+               SYSERROR("Invalid seccomp notify request id(%llu)", req->id);
                goto out;
        }
 
@@ -1492,8 +1493,8 @@ int seccomp_notify_handler(int fd, uint32_t events, void 
*data,
        }
 
        if (resp->id != req_id) {
+               ERROR("Proxy returned response with illegal id(%llu) != 
id(%llu)", resp->id, req_id);
                resp->id = req_id;
-               ERROR("Proxy returned response with illegal id");
                seccomp_notify_default_answer(fd, req, resp, hdlr);
                goto out;
        }
@@ -1505,9 +1506,16 @@ int seccomp_notify_handler(int fd, uint32_t events, void 
*data,
                goto out;
        }
 
+       if (resp->id != req_id) {
+               ERROR("Proxy returned response with illegal id(%llu) != 
id(%llu)", resp->id, req_id);
+               resp->id = req_id;
+       }
+
        ret = seccomp_notify_respond(fd, resp);
        if (ret)
                SYSERROR("Failed to send seccomp notification");
+       else
+               TRACE("Sent response for seccomp notification with id(%llu)", 
resp->id);
 
 out:
 #endif

From dc70d7e4fbb731201c3170e3b23079a74ceed6c1 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brau...@ubuntu.com>
Date: Thu, 15 Oct 2020 10:00:44 +0200
Subject: [PATCH 2/2] seccomp: improve default notification sending

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
 src/lxc/seccomp.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index b19b46f53e..8ee68df52e 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -1347,9 +1347,14 @@ static void seccomp_notify_default_answer(int fd, struct 
seccomp_notif *req,
 {
        resp->id = req->id;
        resp->error = -ENOSYS;
+       resp->val = 0;
+       resp->flags = 0;
 
        if (seccomp_notify_respond(fd, resp))
-               SYSERROR("Failed to send default message to seccomp");
+               SYSERROR("Failed to send default message to seccomp 
notification with id(%llu)", resp->id);
+       else
+               TRACE("Sent default response for seccomp notification with 
id(%llu)", resp->id);
+       memset(resp, 0, 
handler->conf->seccomp.notifier.sizes.seccomp_notif_resp);
 }
 #endif
 
@@ -1385,7 +1390,7 @@ int seccomp_notify_handler(int fd, uint32_t events, void 
*data,
                return log_trace(0, "Removing seccomp notifier fd %d", fd);
        }
 
-       memset(req, 0, sizeof(*req));
+       memset(req, 0, conf->seccomp.notifier.sizes.seccomp_notif);
        ret = seccomp_notify_receive(fd, req);
        if (ret) {
                SYSERROR("Failed to read seccomp notification");
@@ -1516,6 +1521,7 @@ int seccomp_notify_handler(int fd, uint32_t events, void 
*data,
                SYSERROR("Failed to send seccomp notification");
        else
                TRACE("Sent response for seccomp notification with id(%llu)", 
resp->id);
+       memset(resp, 0, conf->seccomp.notifier.sizes.seccomp_notif_resp);
 
 out:
 #endif

_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel

[lxc-devel] [lxc/master] seccomp: bugfixes

Reply via email to