Commit Graph

17 Commits

Author SHA1 Message Date
44b9a17bec Allow specifying uid/gid to map in user namespace 2022-12-27 13:25:12 +01:00
7b859d0aed exile_launch_get(): Remove redundant seek 2022-12-26 18:36:17 +01:00
618f223491 enter_namespaces(): Fix uid/gid mapping
This was not caught before because a test was missing, fprintf() without ferror()
didn't help, and calling code did not depend on uid maps so far.

Add tests.
2022-12-26 18:23:34 +01:00
40d23af355 concat_path(): Add missing free() calls 2022-10-23 19:54:21 +02:00
b5f83499f3 exile_append_syscall_policy(): Add missing free() 2022-10-23 19:52:56 +02:00
ff60ec227d perform_mounts(): Fix potential leak and fix iteration
We would not free 'concat_path' in all potential paths.
Also, the iteration would not continue potentially.

This was case unlikely to be hit in practise.
2022-10-23 19:48:33 +02:00
e711a1d53a exile_landlock_is_available(): Fix availability check
The check only assumed the existance of ABI version 1, which
is not the case any more.

Closes: https://github.com/quitesimpleorg/exile.h/issues/1
2022-08-16 23:07:49 +02:00
3fa73b0b97 Close file fds by default, introduce policy->keep_fds_open
The better default is to close them, not keeping them open.

Does not close sockets and pipes to not interfere with IPC.

Issue: #10
2022-07-17 13:00:02 +02:00
8f38dc4480 check_policy_sanity(): Allow vows and syscall policies
Adjust checks to allow a mixed mode between syscall policies and vows.
Check for some easy to make mistakes in such scenario.
2022-06-09 10:02:12 +02:00
bd3641981c Introduce EXILE_SYSCALL_DENY_RET_NOSYS for syscalls like clone3()
clone3() is used more and more, but we cannot filter it. We can either
allow it fully or return ENONYS. Some libraries perform fallbacks to the
older clone() in that case, which we can filter again.
2022-06-06 14:07:37 +02:00
91858efa51 vows map: Add memfd_create, rseq 2022-04-22 08:37:34 +02:00
8bf87717a5 vows: ioctl: Make TIOCSTI illegal even when IOCTL vow is set 2022-03-28 19:14:02 +02:00
bcaefffbe8 Improve various error messages 2022-03-28 19:04:28 +02:00
ea66ef76eb exile_flags_to_landlock(): Cover more with ALL_WRITE, except devices
More consistent with mount(), where MS_NODEV disallows those.

We may need to introduce a flag that simply allows everything
2022-03-17 15:47:22 +01:00
66def7a28f append_syscall_to_bpf(): Check for unlikely case of too many sock_filters 2022-03-17 15:47:22 +01:00
70c3fef500 exile.h: Retire static child_read/write_pipe vars 2022-03-17 15:47:22 +01:00
69829374c7 exile.h: Move definitions to new file exile.c
Especially with exile_launch(), we will be included
from more than one translation unit. Thus, ODR becomes
a headache now.

So move definitions to exile.c.
2022-03-17 15:47:22 +01:00