From: Paul Moore <pmoore@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: qemu-devel@nongnu.org, otubo@linux.vnet.ibm.com
Subject: Re: [Qemu-devel] [PATCH] seccomp: add mkdir() and fchmod() to the whitelist
Date: Fri, 03 Jan 2014 15:46:47 -0500 [thread overview]
Message-ID: <1618531.HHqraXkdnV@sifl> (raw)
In-Reply-To: <52C71C99.8010401@redhat.com>
On Friday, January 03, 2014 09:24:57 PM Paolo Bonzini wrote:
> Il 03/01/2014 20:58, Paul Moore ha scritto:
> > The PulseAudio library attempts to do a mkdir(2) and fchmod(2) on
> > "/run/user/<UID>/pulse" which is currently blocked by the syscall
> > filter; this patch adds the two missing syscalls to the whitelist.
> >
> > You can reproduce this problem with the following command:
> > # qemu -monitor stdio -device intel-hda -device hda-duplex
> >
> > If watched under strace the following syscalls are shown:
> > mkdir("/run/user/0/pulse", 0700)
> > fchmod(11, 0700) [NOTE: 11 is the fd for /run/user/0/pulse]
>
> Can fchmod be exploited to violate the sandbox (e.g. to let data escape
> from a VM that ought not to have any way to communicate with the outside
> world)?
Technically, there is the potential for any syscall to be exploited in such a
way that a malicious guest could gain greater access than desired and do
something evil with that access. After all, that was the motivation behind
seccomp: disable unused syscalls to reduce the chance of an attacker
exploiting a syscall bug.
The important thing to remember here is that the seccomp code in QEMU is not
enabling syscalls, it is disabling them. In other words, a QEMU instance with
the seccomp functionality enabled, e.g. '-sandbox on', only reduces the number
of syscalls available to the QEMU process, it never increases or adds
vulnerable syscalls to the QEMU process.
Granted, yes, there are syscalls in the current whitelist that I wish we could
disable, but we are still trying to arrive a whitelist that is all
encompassing (or close to it) with respect to QEMU functionality. Once we
have that list in hand (each fix like the one I posted gets us closer) we can
start looking at selectively shrinking the whitelist*.
* We've talked about this on-list previously and there are several approaches
here, some include conditionally adding/removing syscalls based on the QEMU
functionality requested, e.g. command line, different sandbox "profiles", e.g.
standalone vs libvirt, and staged seccomp filters, e.g. a whitelist followed
by progressively tighter blacklists.
--
paul moore
security and virtualization @ redhat
prev parent reply other threads:[~2014-01-03 20:47 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-03 19:58 [Qemu-devel] [PATCH] seccomp: add mkdir() and fchmod() to the whitelist Paul Moore
2014-01-03 20:24 ` Paolo Bonzini
2014-01-03 20:46 ` Paul Moore [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1618531.HHqraXkdnV@sifl \
--to=pmoore@redhat.com \
--cc=otubo@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).