https://bugs.kde.org/show_bug.cgi?id=345414
Miroslav Franc <mfr...@gmx.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #160505|0 |1
is obsolete| |
--- Comment #18 from Miroslav Franc <mfr...@gmx.com> ---
Created attachment 164961
--> https://bugs.kde.org/attachment.cgi?id=164961&action=edit
--disable-seccomp=yes feature v2
Second version of the patch. It's not final, as I should throw in a few test
cases. Disabling seccomp still allows SECCOMP_GET_ACTION_AVAIL and
SECCOMP_GET_NOTIF_SIZES operations as those should never stop valgrind from
working. I implemented some basic seccomp syscall checks (and left prctl as it
was), then I thought I would throw in a few warnings based on how seccomp
syscall api should be used, but I must say that the verbosity of the warnings
surprised me.
The default behviour:
> $ valgrind file /bin/ls
> ==17247== Memcheck, a memory error detector
> ==17247== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
> ==17247== Using Valgrind-3.23.0.GIT and LibVEX; rerun with -h for copyright
> info
> ==17247== Command: file /bin/ls
> ==17247==
> ==17247== WARNING: in STRICT SECCOMP mode 2nd argument (flags) should always
> be 0
> ==17247== WARNING: valgrind is unlikely to work in STRICT SECCOMP mode
> ==17247== WARNING: in FILTER SECCOMP mode 3nd argument (args) should point to
> struct sock_fprog
> ==17247== WARNING: valgrind might not work in FILTER SECCOMP mode
> ==17247== WARNING: in FILTER SECCOMP mode 3nd argument (args) should point to
> struct sock_fprog
> ==17247== WARNING: valgrind might not work in FILTER SECCOMP mode
> ==17247== WARNING: in FILTER SECCOMP mode 3nd argument (args) should point to
> struct sock_fprog
> ==17247== WARNING: valgrind might not work in FILTER SECCOMP mode
> ==17247== WARNING: in FILTER SECCOMP mode 3nd argument (args) should point to
> struct sock_fprog
> ==17247== WARNING: valgrind might not work in FILTER SECCOMP mode
> ==17247== WARNING: in FILTER SECCOMP mode 3nd argument (args) should point to
> struct sock_fprog
> ==17247== WARNING: valgrind might not work in FILTER SECCOMP mode
> ==17247== WARNING: valgrind might not work in FILTER SECCOMP mode
> Bad system call
It seems to me that those warnings are not imaginary:
> $ strace -e seccomp file /bin/ls
> seccomp(SECCOMP_SET_MODE_STRICT, 0x1, NULL) = -1 EINVAL (Invalid argument)
> seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, NULL) = -1 EFAULT
> (Bad address)
> seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_LOG, NULL) = -1 EFAULT
> (Bad address)
> seccomp(SECCOMP_GET_ACTION_AVAIL, 0, 0x7ffdbdae238c) = 0
> seccomp(SECCOMP_GET_ACTION_AVAIL, 0, 0x7ffdbdae238c) = 0
> seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_SPEC_ALLOW, NULL) = -1
> EFAULT (Bad address)
> seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_NEW_LISTENER, NULL) = -1
> EFAULT (Bad address)
> seccomp(SECCOMP_GET_NOTIF_SIZES, 0, 0x7ffdbdae2392) = 0
> seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC_ESRCH, NULL) = -1
> EFAULT (Bad address)
> seccomp(SECCOMP_SET_MODE_FILTER, 0, 0x564b7a15e490) = 0
> /bin/ls: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically
> linked, interpreter /lib64/ld-linux-x86-64.so.2,
> BuildID[sha1]=22f5cfe4926547861d47486e96c0dceb360dec09, for GNU/Linux 3.2.0,
> stripped
> +++ exited with 0 +++
Disabling it works just fine:
> $ valgrind --disable-seccomp=yes file /bin/ls
> ==17584== Memcheck, a memory error detector
> ==17584== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
> ==17584== Using Valgrind-3.23.0.GIT and LibVEX; rerun with -h for copyright
> info
> ==17584== Command: file /bin/ls
> ==17584==
> /bin/ls: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically
> linked, interpreter /lib64/ld-linux-x86-64.so.2,
> BuildID[sha1]=22f5cfe4926547861d47486e96c0dceb360dec09, for GNU/Linux 3.2.0,
> stripped
> ==17584==
> ==17584== HEAP SUMMARY:
> ==17584== in use at exit: 0 bytes in 0 blocks
> ==17584== total heap usage: 838 allocs, 838 frees, 8,364,592 bytes allocated
> ==17584==
> ==17584== All heap blocks were freed -- no leaks are possible
> ==17584==
> ==17584== For lists of detected and suppressed errors, rerun with: -s
> ==17584== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
--
You are receiving this mail because:
You are watching all bug changes.
