From: Richard Purdie <richard.purdie@linuxfoundation.org>
To: Seebs <seebs@seebs.net>
Cc: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>,
OE-core <openembedded-core@lists.openembedded.org>
Subject: Re: pseudo: host user contamination
Date: Sat, 24 Mar 2018 12:36:28 +0000 [thread overview]
Message-ID: <1521894988.11431.42.camel@linuxfoundation.org> (raw)
In-Reply-To: <20180323185655.51d96c05@seebsdell>
On Fri, 2018-03-23 at 18:56 -0500, Seebs wrote:
> On Fri, 23 Mar 2018 23:47:30 +0000
> Richard Purdie <richard.purdie@linuxfoundation.org> wrote:
> > > I... am really unsure whether it's possible to catch that,
> > > because
> > > I really, really, don't want to try to intercept raw syscall()
> > > calls. I don't think that ends well.
> > Just out of interest for my education, why is that a really bad
> > idea?
> > Loops, e.g. with memory allocation issues?
>
> Potentially. We rely pretty heavily on the assumption that an
> *actual* syscall can go through.
>
> Although... Actually, I don't even know if this is an actual syscall.
> This could be an actual glibc wrapper around the syscall interface,
> just like all the others, which is not the *actual* raw syscall or
> whatever, and... I have no idea how often that is or isn't hit.
>
> It's totally possible it would work, but basically, I have a pretty
> good intuition of when something sounds brittle and error-prone, and
> trying to trap syscall() sounds brittle and error-prone and might
> work today but not next week...
I do totally agree that this is into dangerous territory. That said, I
did want to understand what they've done here.
Checking on a f27 machine:
[rpurdie@fedora27 ~]$ objdump -T /bin/mv | grep sys
0000000000000000 DF *UND* 0000000000000000 GLIBC_2.2.5
syscall
and a quick look at the glibc source says there is a syscall()
function:
long syscall (syscall_number, arg1, arg2, arg3, arg4, arg5, arg6)
which whilst written in assembler, is a standard library function which
I believe coreutils is using.
I think, at least in principle, pseudo could wrap that and intercept
this particular syscall, check syscall_number (the numbering having its
own set of issues) and then only handle the specific problem case we
have.
The unfortunate reality is we will have to figure out some solution to
this as f27 is in the wild now. Explaining why this causes problems for
debian/yocto to the upstream is also obviously a good idea.
Cheers,
Richard
next prev parent reply other threads:[~2018-03-24 12:36 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-23 15:33 pseudo: host user contamination Enrico Scholz
2018-03-23 15:43 ` Enrico Scholz
2018-03-23 16:05 ` Burton, Ross
2018-03-23 16:10 ` Enrico Scholz
2018-03-23 16:17 ` Burton, Ross
2018-03-23 16:28 ` Seebs
2018-03-23 16:30 ` Burton, Ross
2018-03-23 16:49 ` Seebs
2018-03-23 16:56 ` Burton, Ross
2018-03-23 17:23 ` Seebs
2018-03-23 23:47 ` Richard Purdie
2018-03-23 23:56 ` Seebs
2018-03-24 0:22 ` Enrico Scholz
2018-03-24 0:33 ` Andre McCurdy
2018-03-24 0:36 ` Seebs
2018-03-24 1:10 ` Andre McCurdy
2018-03-24 1:17 ` Seebs
2018-03-24 1:43 ` Andre McCurdy
2018-03-24 2:44 ` Seebs
2018-03-24 12:36 ` Richard Purdie [this message]
2018-03-24 15:12 ` Seebs
2018-03-24 17:10 ` Burton, Ross
2018-03-24 17:23 ` Seebs
2018-03-24 18:12 ` Andre McCurdy
2018-03-24 18:22 ` Seebs
2018-03-24 18:59 ` Andre McCurdy
2018-03-24 19:24 ` Seebs
2018-03-24 19:42 ` Andre McCurdy
2018-03-24 19:50 ` Seebs
2018-03-24 20:12 ` Victor Kamensky
2018-03-24 23:04 ` Burton, Ross
2018-03-25 0:09 ` Victor Kamensky
2018-03-25 2:43 ` Andre McCurdy
2018-03-25 5:37 ` Victor Kamensky
2018-03-25 7:05 ` Andre McCurdy
2018-03-26 18:49 ` Andreas Müller
2018-03-26 19:31 ` Seebs
2018-03-26 20:12 ` Andre McCurdy
2018-03-26 21:07 ` Seebs
2018-03-27 1:10 ` Andre McCurdy
2018-03-27 1:32 ` Seebs
2018-03-27 1:34 ` Andre McCurdy
2018-03-27 2:07 ` Seebs
2018-03-27 2:59 ` Andre McCurdy
2018-03-27 4:41 ` Seebs
2018-03-27 19:11 ` Andre McCurdy
2018-03-27 19:22 ` Seebs
2018-03-27 20:12 ` Andre McCurdy
2018-03-27 20:20 ` Seebs
2018-03-27 20:52 ` Andre McCurdy
2018-03-27 21:10 ` Seebs
2018-03-29 12:04 ` Enrico Scholz
2018-03-29 14:06 ` Seebs
2018-03-27 13:06 ` Enrico Scholz
2018-03-27 15:50 ` Seebs
2018-03-27 16:26 ` Enrico Scholz
2018-03-27 16:46 ` Seebs
2018-03-24 20:22 ` Joshua Watt
2018-03-24 21:01 ` Seebs
2018-03-24 20:27 ` Andre McCurdy
2018-03-27 14:42 ` Enrico Scholz
2018-03-27 15:55 ` Seebs
2018-03-27 16:35 ` Enrico Scholz
2018-03-27 16:40 ` Seebs
2018-03-27 19:20 ` Enrico Scholz
2018-03-27 19:24 ` Seebs
2018-03-27 20:06 ` Enrico Scholz
2018-03-23 16:06 ` Burton, Ross
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1521894988.11431.42.camel@linuxfoundation.org \
--to=richard.purdie@linuxfoundation.org \
--cc=enrico.scholz@sigma-chemnitz.de \
--cc=openembedded-core@lists.openembedded.org \
--cc=seebs@seebs.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox