crtxcr
/
exile.h
1
0
Fork 0
Code Issues 14 Pull Requests 1 Releases Wiki Activity
98 Commits 4 Branches 0 Tags 355 KiB
Commit Graph

19 Commits

Author SHA1 Message Date
Albert S. 98c76089de Handle new 5.16 syscall: futex_waitv 2021-12-27 14:26:37 +01:00
Albert S. 631980b775 Include linux/capability.h instead of sys/capability.h 
Some distros put sys/capability.h into libcap-dev or
similiar, which is a bit unforunate, we don't need
libcap-dev or anything like that.

Since we anyway only used the capget()/capset(), we can
just define a simple wrapper and call the syscall directly
and therefore avoid above mentioned issue.
 2021-12-27 14:15:50 +01:00
Albert S. 0be081c55d Merge get_pledge_argfilter() with get_pledge_argfilter() 2021-12-27 14:11:58 +01:00
Albert S. ca0f82790c Use some macros to increase readabiltiy of BPF rules 2021-12-27 12:35:54 +01:00
Albert S. bcab0377f1 Add exile_pledge(): A convenience wrapper 
exile_pledge() adds seccomp filters derived from the
promises.
 2021-12-27 12:35:54 +01:00
Albert S. b469a82eec pledge: Allow NO_NEW_PRIVS prctls 
Retreiving it does no harm. It cannot be unset once set, thus
no harm in allowing to set it either.
 2021-12-27 12:35:54 +01:00
Albert S. 6711b394d9 pledge: Add EXILE_SYSCALL_PLEDGE_SECCOMP_INSTALL to allow adding further seccomp filters 2021-12-27 12:35:54 +01:00
Albert S. 9abbc7510c Introduce exile_create_policy(): Creates an clean/empty policy. 
exile_create_policy() Creates an empty policy that can be
used by the exile.h API.

exile_init_policy() sets opinionated default values.
 2021-12-27 12:35:54 +01:00
Albert S. 029762e894 pledge: Add EXILE_SYSCALL_PLEDGE_IOCTL to allow ioctl() without argfilters 2021-12-27 12:35:54 +01:00
Albert S. 6b513f8339 pledge: Add prctl() default filter 2021-12-27 12:35:54 +01:00
Albert S. d2357ac676 pledge: Introduce clone() filter and EXILE_SYSCALL_PLEDGE_THREAD 2021-12-27 12:35:54 +01:00
Albert S. 0b0dda0de1 pledge: Begin filter for setsockopt() args 2021-12-27 12:35:54 +01:00
Albert S. 7115ef8b4d Begin an pledge()-like implementation 
This begins a pledge() implementation. This also
retires the previous syscall grouping approach,
as pledge() is the superior mechanism.

Squashed:
test: Begin basic pledge test
pledge: Begin EXILE_SYSCALL_PLEDGE_UNIX/EXILE_SYSCALL_PLEDGE_INET
test: Add pledge socket test
Introduce EXILE_SYSCALL_PLEDGE_DENY_ERROR, remove exile_policy->pledge_policy
pledge: Add PROT_EXEC
 2021-12-27 12:35:54 +01:00
Albert S. 15a6850023 Begin low-level seccomp arg filter interface 
Squashed:
test: Adjust existing to new API with arg filters
test: Add tests for low-level seccomp args filter API
test: Add seccomp_filter_mixed()
test: Switch to syscall() everywhere
append_syscall_to_bpf(): Apply EXILE_SYSCALL_EXIT_BPF_NO_MATCH also for sock_filter.jt
 2021-12-27 12:35:54 +01:00
Albert S. 48deab0dde exile_enable_policy(): Only chdir() post chroot() 2021-12-27 12:35:35 +01:00
Albert S. ce7eb57998 enter_namespaces(): Fix error message 2021-12-27 12:35:35 +01:00
Albert S. 3407fded04 Add EXILE_FS_ALLOW_ALL_{READ,WRITE} 
Issue: #19
 2021-12-27 00:30:52 +01:00
Albert S. 1b4c5477a5 rename to exile.h 
qssb.h was a preliminary name and can't be pronounced smoothly.

exile.h is more fitting and it's also short. Something exiled is essentially
something isolated, which is pretty much what this library does (isolation from
resources such as file system, network and others accessible by system calls).
 2021-11-30 18:19:15 +01:00
Albert S. 756b0fb421 rename qssb.h to exile.h 2021-11-30 17:40:36 +01:00