44b9a17bec
Allow specifying uid/gid to map in user namespace
2022-12-27 13:25:12 +01:00
7b859d0aed
exile_launch_get(): Remove redundant seek
2022-12-26 18:36:17 +01:00
618f223491
enter_namespaces(): Fix uid/gid mapping
...
This was not caught before because a test was missing, fprintf() without ferror()
didn't help, and calling code did not depend on uid maps so far.
Add tests.
2022-12-26 18:23:34 +01:00
40d23af355
concat_path(): Add missing free() calls
2022-10-23 19:54:21 +02:00
b5f83499f3
exile_append_syscall_policy(): Add missing free()
2022-10-23 19:52:56 +02:00
ff60ec227d
perform_mounts(): Fix potential leak and fix iteration
...
We would not free 'concat_path' in all potential paths.
Also, the iteration would not continue potentially.
This was case unlikely to be hit in practise.
2022-10-23 19:48:33 +02:00
e711a1d53a
exile_landlock_is_available(): Fix availability check
...
The check only assumed the existance of ABI version 1, which
is not the case any more.
Closes: https://github.com/quitesimpleorg/exile.h/issues/1
2022-08-16 23:07:49 +02:00
3fa73b0b97
Close file fds by default, introduce policy->keep_fds_open
...
The better default is to close them, not keeping them open.
Does not close sockets and pipes to not interfere with IPC.
Issue: #10
2022-07-17 13:00:02 +02:00
8f38dc4480
check_policy_sanity(): Allow vows and syscall policies
...
Adjust checks to allow a mixed mode between syscall policies and vows.
Check for some easy to make mistakes in such scenario.
2022-06-09 10:02:12 +02:00
bd3641981c
Introduce EXILE_SYSCALL_DENY_RET_NOSYS for syscalls like clone3()
...
clone3() is used more and more, but we cannot filter it. We can either
allow it fully or return ENONYS. Some libraries perform fallbacks to the
older clone() in that case, which we can filter again.
2022-06-06 14:07:37 +02:00
91858efa51
vows map: Add memfd_create, rseq
2022-04-22 08:37:34 +02:00
8bf87717a5
vows: ioctl: Make TIOCSTI illegal even when IOCTL vow is set
2022-03-28 19:14:02 +02:00
bcaefffbe8
Improve various error messages
2022-03-28 19:04:28 +02:00
ea66ef76eb
exile_flags_to_landlock(): Cover more with ALL_WRITE, except devices
...
More consistent with mount(), where MS_NODEV disallows those.
We may need to introduce a flag that simply allows everything
2022-03-17 15:47:22 +01:00
66def7a28f
append_syscall_to_bpf(): Check for unlikely case of too many sock_filters
2022-03-17 15:47:22 +01:00
70c3fef500
exile.h: Retire static child_read/write_pipe vars
2022-03-17 15:47:22 +01:00
69829374c7
exile.h: Move definitions to new file exile.c
...
Especially with exile_launch(), we will be included
from more than one translation unit. Thus, ODR becomes
a headache now.
So move definitions to exile.c.
2022-03-17 15:47:22 +01:00