Branch: refs/heads/master
Home: https://github.com/NixOS/nix
Commit: e8838713df29d94529ea4d7865180e936393340b
https://github.com/NixOS/nix/commit/e8838713df29d94529ea4d7865180e936393340b
Author: aszlig <[email protected]>
Date: 2016-11-16 (Wed, 16 Nov 2016)
Changed paths:
M src/libstore/build.cc
Log Message:
-----------
Run builds as root in user namespace again
This reverts commit ff0c0b645cc1448959126185bb2fafe41cf0bddf.
We're going to use seccomp to allow "cp -p" and force chown-related
syscalls to always return 0.
Signed-off-by: aszlig <[email protected]>
Commit: 1c52e344c48e9cb8cf2b332201d5c96c06e4cf3e
https://github.com/NixOS/nix/commit/1c52e344c48e9cb8cf2b332201d5c96c06e4cf3e
Author: aszlig <[email protected]>
Date: 2016-11-16 (Wed, 16 Nov 2016)
Changed paths:
M Makefile.config.in
M configure.ac
M release.nix
M src/libstore/local.mk
Log Message:
-----------
Add build dependency for libseccomp
We're going to use libseccomp instead of creating the raw BPF program,
because we have different syscall numbers on different architectures.
Although our initial seccomp rules will be quite small it really doesn't
make sense to generate the raw BPF program because we need to duplicate
it and/or make branches on every single architecture we want to suuport.
Signed-off-by: aszlig <[email protected]>
Commit: b90a43533249a50f238a5e6cc9d77edb0fe6d748
https://github.com/NixOS/nix/commit/b90a43533249a50f238a5e6cc9d77edb0fe6d748
Author: aszlig <[email protected]>
Date: 2016-11-16 (Wed, 16 Nov 2016)
Changed paths:
M src/libstore/build.cc
Log Message:
-----------
libstore/build: Forge chown() to return success
What we basically want is a seccomp mode 2 BPF program like this but for
every architecture:
BPF_STMT(BPF_LD+BPF_W+BPF_ABS, offsetof(struct seccomp_data, nr)),
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_chown, 4, 0),
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_fchown, 3, 0),
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_fchownat, 2, 0),
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_lchown, 1, 0),
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW),
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO)
However, on 32 bit architectures we do have chown32, lchown32 and
fchown32, so we'd need to add all the architecture blurb which
libseccomp handles for us.
So we only need to make sure that we add the 32bit seccomp arch while
we're on x86_64 and otherwise we just stay at the native architecture
which was set during seccomp_init(), which more or less replicates
setting 32bit personality during runChild().
The FORCE_SUCCESS() macro here could be a bit less ugly but I think
repeating the seccomp_rule_add() all over the place is way uglier.
Another way would have been to create a vector of syscalls to iterate
over, but that would make error messages uglier because we can either
only print the (libseccomp-internal) syscall number or use
seccomp_syscall_resolve_num_arch() to get the name or even make the
vector a pair number/name, essentially duplicating everything again.
Signed-off-by: aszlig <[email protected]>
Commit: 651a18dd2466662e7027e4dc04147e4f38c7bbf8
https://github.com/NixOS/nix/commit/651a18dd2466662e7027e4dc04147e4f38c7bbf8
Author: aszlig <[email protected]>
Date: 2016-11-16 (Wed, 16 Nov 2016)
Changed paths:
M release.nix
A tests/sandbox.nix
Log Message:
-----------
release.nix: Add a test for sandboxing
Right now it only tests whether seccomp correctly forges the return
value of chown, but the long-term goal is to test the full sandboxing
functionality at some point in the future.
Signed-off-by: aszlig <[email protected]>
Commit: ed64976cec43f9f067a40fc6921b5513a19fd757
https://github.com/NixOS/nix/commit/ed64976cec43f9f067a40fc6921b5513a19fd757
Author: aszlig <[email protected]>
Date: 2016-11-16 (Wed, 16 Nov 2016)
Changed paths:
M src/libstore/build.cc
M tests/sandbox.nix
Log Message:
-----------
seccomp: Forge return codes for POSIX ACL syscalls
Commands such as "cp -p" also use fsetxattr() in addition to fchown(),
so we need to make sure these syscalls always return successful as well
in order to avoid nasty "Invalid value" errors.
Signed-off-by: aszlig <[email protected]>
Commit: 4e1a2cd537b5b910937499c544043ddac291843e
https://github.com/NixOS/nix/commit/4e1a2cd537b5b910937499c544043ddac291843e
Author: aszlig <[email protected]>
Date: 2016-11-16 (Wed, 16 Nov 2016)
Changed paths:
M src/libstore/build.cc
Log Message:
-----------
seccomp: Forge return values for *chown32
These syscalls are only available in 32bit architectures, but libseccomp
should handle them correctly even if we're on native architectures that
do not have these syscalls.
Signed-off-by: aszlig <[email protected]>
Commit: 9f3f2e21edb17dbcd674539dff96efb6cceca10c
https://github.com/NixOS/nix/commit/9f3f2e21edb17dbcd674539dff96efb6cceca10c
Author: Eelco Dolstra <[email protected]>
Date: 2016-12-15 (Thu, 15 Dec 2016)
Changed paths:
M Makefile.config.in
M configure.ac
M release.nix
M src/libstore/build.cc
M src/libstore/local.mk
A tests/sandbox.nix
Log Message:
-----------
Merge branch 'seccomp' of https://github.com/aszlig/nix
Commit: 1df82b62456b3194b3d8be0562e886cf16bf9379
https://github.com/NixOS/nix/commit/1df82b62456b3194b3d8be0562e886cf16bf9379
Author: Eelco Dolstra <[email protected]>
Date: 2016-12-15 (Thu, 15 Dec 2016)
Changed paths:
M shell.nix
Log Message:
-----------
shell.nix: Add libseccomp
Commit: 5278bb7c16c227d64551fc6578cb1b1b22f3b036
https://github.com/NixOS/nix/commit/5278bb7c16c227d64551fc6578cb1b1b22f3b036
Author: Eelco Dolstra <[email protected]>
Date: 2016-12-15 (Thu, 15 Dec 2016)
Changed paths:
M doc/manual/expressions/builtins.xml
M doc/manual/expressions/language-values.xml
M shell.nix
M src/libutil/hash.cc
Log Message:
-----------
Merge branch 'master' of github.com:NixOS/nix
Compare: https://github.com/NixOS/nix/compare/f867f090ed19...5278bb7c16c2_______________________________________________
nix-commits mailing list
[email protected]
http://lists.science.uu.nl/mailman/listinfo/nix-commits
