Received: by 10.223.185.116 with SMTP id b49csp4411183wrg;
        Tue, 6 Mar 2018 15:33:30 -0800 (PST)
X-Google-Smtp-Source: AG47ELtatLcRSez1zfY00epv7SQDcI442hW2clAs1h9QL2cXjg6KOwWm4zX0pJEcMSC4aRO7GpSJ
X-Received: by 2002:a17:902:c5:: with SMTP id a63-v6mr18659220pla.391.1520379210004;
        Tue, 06 Mar 2018 15:33:30 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1520379209; cv=none;
        d=google.com; s=arc-20160816;
        b=An0AXWJ9okdomQ5+YUFO22cOAS3Lw1Fk4z+m2QeP+1X0L0ctnP7V09yt64NYcPRCrZ
         Ql73WAkDWlUBdvzFmGk45nYu/5i7veMUD9RGJrBtHIy2hseZXAjXccun+PPPKENnFnT6
         Xltrp0XltB2NRtjIr3mXIru5dTzihtYwdaCZp31gM00CzNH9Z818G5jBITFb0B94+XCO
         3MPjn/XMrwQgI5EvrUbqLaXrSOeUEvLMYIzr4hSo7W2kEHWCeZieaAbxgJHLheBmxoMb
         w5ekOZ/peWWkTADoW4glUEWVwiLMqo2PJP1CdquQsYIi8MGGanvZA1kl6PsUZOX78mf5
         uc8Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=SD/GaI93ngmehpa+Re2KksPk6KiSmKT+QkygAxi5MGA=;
        b=hYnNOsBzk7p+JCaM2jdcxsaN56a5triVYxq+mIixyD3UwheKLdzdPVFkIcB4NKWiw6
         1juHbnyvLk+6EQoMgfv1g7S5ZBfRYLYOf2c9CIv0mBDgGtqMDghE6f97r/NPq6wkEZ2a
         e3eAyTbXP1pHK40rb87oqEh0r42meWR7JTuSDmb1UrkjQsz42x1LjcI7UqMGhFdaA8ZO
         1Vxrq0rsYMvEByoZ9GJ1Xwzx3DpgrNwkLVtudTO8Jv7mhTivfgRsmU8L92dm5IAtfmMV
         Lpb7ysT1Jz0sTqcVnwMiqVDbrKlt/xuJ9PrISUCptzLbz2Qq7NPMSGEdGEY2ay9mNaEX
         ytng==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 203si6340153pfz.110.2018.03.06.15.33.15;
        Tue, 06 Mar 2018 15:33:29 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754141AbeCFXNL (ORCPT <rfc822;chaneybenjamini@gmail.com>
        + 99 others); Tue, 6 Mar 2018 18:13:11 -0500
Received: from smtp-sh2.infomaniak.ch ([128.65.195.6]:53347 "EHLO
        smtp-sh2.infomaniak.ch" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753805AbeCFXNJ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 6 Mar 2018 18:13:09 -0500
Received: from smtp5.infomaniak.ch (smtp5.infomaniak.ch [83.166.132.18])
        by smtp-sh.infomaniak.ch (8.14.5/8.14.5) with ESMTP id w26N737B025428
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Wed, 7 Mar 2018 00:07:03 +0100
Received: from ns3096276.ip-94-23-54.eu (ns3096276.ip-94-23-54.eu [94.23.54.103])
        (authenticated bits=0)
        by smtp5.infomaniak.ch (8.14.5/8.14.5) with ESMTP id w26N70lq058538
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
        Wed, 7 Mar 2018 00:07:00 +0100
Subject: Re: [PATCH bpf-next v8 00/11] Landlock LSM: Toward unprivileged
 sandboxing
To:     Tycho Andersen <tycho@tycho.ws>,
        Andy Lutomirski <luto@amacapital.net>
Cc:     LKML <linux-kernel@vger.kernel.org>,
        Alexei Starovoitov <ast@kernel.org>,
        Arnaldo Carvalho de Melo <acme@kernel.org>,
        Casey Schaufler <casey@schaufler-ca.com>,
        Daniel Borkmann <daniel@iogearbox.net>,
        David Drysdale <drysdale@google.com>,
        "David S . Miller" <davem@davemloft.net>,
        "Eric W . Biederman" <ebiederm@xmission.com>,
        James Morris <james.l.morris@oracle.com>,
        Jann Horn <jann@thejh.net>, Jonathan Corbet <corbet@lwn.net>,
        Michael Kerrisk <mtk.manpages@gmail.com>,
        Kees Cook <keescook@chromium.org>,
        Paul Moore <paul@paul-moore.com>,
        Sargun Dhillon <sargun@sargun.me>,
        "Serge E . Hallyn" <serge@hallyn.com>,
        Shuah Khan <shuah@kernel.org>, Tejun Heo <tj@kernel.org>,
        Thomas Graf <tgraf@suug.ch>, Will Drewry <wad@chromium.org>,
        Kernel Hardening <kernel-hardening@lists.openwall.com>,
        Linux API <linux-api@vger.kernel.org>,
        LSM List <linux-security-module@vger.kernel.org>,
        Network Development <netdev@vger.kernel.org>
References: <20180227004121.3633-1-mic@digikod.net>
 <CALCETrV3OZb70o83uOG437PubwBwaUJ6SKQucq_7g1BuBOmxzg@mail.gmail.com>
 <2e06621c-08e9-dc12-9b6e-9c09d5d8f458@digikod.net>
 <CALCETrWnJ7WkkfiymyahQd7YqO0KXP4mG1pRMq7fp8LG8Bwtcw@mail.gmail.com>
 <a70b41ee-78cb-52cc-152c-ac5e43b7e45c@digikod.net>
 <CALCETrUQYp0ta4tLgUWJ79pZVwp3WRY7cp-XaPcn1WyTc=wZyg@mail.gmail.com>
 <20180306224636.wf5z3kujtc7r5qyh@cisco>
From:   =?UTF-8?Q?Micka=c3=abl_Sala=c3=bcn?= <mic@digikod.net>
Message-ID: <7082be04-d6af-b853-4bb7-f331836662e2@digikod.net>
Date:   Wed, 7 Mar 2018 00:06:55 +0100
User-Agent: 
MIME-Version: 1.0
In-Reply-To: <20180306224636.wf5z3kujtc7r5qyh@cisco>
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="CA5yknZ0yvPQg8R5gPdoSxYt4QYQkvwQk"
X-Antivirus: Dr.Web (R) for Unix mail servers drweb plugin ver.6.0.2.8
X-Antivirus-Code: 0x100000
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--CA5yknZ0yvPQg8R5gPdoSxYt4QYQkvwQk
Content-Type: multipart/mixed; boundary="lw8U6tC1t0QnNZz2bsHmZ8eUNemphPWuw";
 protected-headers="v1"
From: =?UTF-8?Q?Micka=c3=abl_Sala=c3=bcn?= <mic@digikod.net>
To: Tycho Andersen <tycho@tycho.ws>, Andy Lutomirski <luto@amacapital.net>
Cc: LKML <linux-kernel@vger.kernel.org>, Alexei Starovoitov <ast@kernel.org>,
 Arnaldo Carvalho de Melo <acme@kernel.org>,
 Casey Schaufler <casey@schaufler-ca.com>,
 Daniel Borkmann <daniel@iogearbox.net>, David Drysdale
 <drysdale@google.com>, "David S . Miller" <davem@davemloft.net>,
 "Eric W . Biederman" <ebiederm@xmission.com>,
 James Morris <james.l.morris@oracle.com>, Jann Horn <jann@thejh.net>,
 Jonathan Corbet <corbet@lwn.net>, Michael Kerrisk <mtk.manpages@gmail.com>,
 Kees Cook <keescook@chromium.org>, Paul Moore <paul@paul-moore.com>,
 Sargun Dhillon <sargun@sargun.me>, "Serge E . Hallyn" <serge@hallyn.com>,
 Shuah Khan <shuah@kernel.org>, Tejun Heo <tj@kernel.org>,
 Thomas Graf <tgraf@suug.ch>, Will Drewry <wad@chromium.org>,
 Kernel Hardening <kernel-hardening@lists.openwall.com>,
 Linux API <linux-api@vger.kernel.org>,
 LSM List <linux-security-module@vger.kernel.org>,
 Network Development <netdev@vger.kernel.org>
Message-ID: <7082be04-d6af-b853-4bb7-f331836662e2@digikod.net>
Subject: Re: [PATCH bpf-next v8 00/11] Landlock LSM: Toward unprivileged
 sandboxing
References: <20180227004121.3633-1-mic@digikod.net>
 <CALCETrV3OZb70o83uOG437PubwBwaUJ6SKQucq_7g1BuBOmxzg@mail.gmail.com>
 <2e06621c-08e9-dc12-9b6e-9c09d5d8f458@digikod.net>
 <CALCETrWnJ7WkkfiymyahQd7YqO0KXP4mG1pRMq7fp8LG8Bwtcw@mail.gmail.com>
 <a70b41ee-78cb-52cc-152c-ac5e43b7e45c@digikod.net>
 <CALCETrUQYp0ta4tLgUWJ79pZVwp3WRY7cp-XaPcn1WyTc=wZyg@mail.gmail.com>
 <20180306224636.wf5z3kujtc7r5qyh@cisco>
In-Reply-To: <20180306224636.wf5z3kujtc7r5qyh@cisco>

--lw8U6tC1t0QnNZz2bsHmZ8eUNemphPWuw
Content-Type: text/plain; charset=iso-8859-15
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable


On 06/03/2018 23:46, Tycho Andersen wrote:
> On Tue, Mar 06, 2018 at 10:33:17PM +0000, Andy Lutomirski wrote:
>>>> Suppose I'm writing a container manager.  I want to run "mount" in t=
he
>>>> container, but I don't want to allow moun() in general and I want to=

>>>> emulate certain mount() actions.  I can write a filter that catches
>>>> mount using seccomp and calls out to the container manager for help.=

>>>> This isn't theoretical -- Tycho wants *exactly* this use case to be
>>>> supported.
>>>
>>> Well, I think this use case should be handled with something like
>>> LD_PRELOAD and a helper library. FYI, I did something like this:
>>> https://github.com/stemjail/stemshim
>>
>> I doubt that will work for containers.  Containers that use user
>> namespaces and, for example, setuid programs aren't going to honor
>> LD_PRELOAD.
>=20
> Or anything that calls syscalls directly, like go programs.

That's why the vDSO-like approach. Enforcing an access control is not
the issue here, patching a buggy userland (without patching its code) is
the issue isn't it?

As far as I remember, the main problem is to handle file descriptors
while "emulating" the kernel behavior. This can be done with a "shim"
code mapped in every processes. Chrome used something like this (in a
previous sandbox mechanism) as a kind of emulation (with the current
seccomp-bpf ). I think it should be doable to replace the (userland)
emulation code with an IPC wrapper receiving file descriptors through
UNIX socket.


--lw8U6tC1t0QnNZz2bsHmZ8eUNemphPWuw--

--CA5yknZ0yvPQg8R5gPdoSxYt4QYQkvwQk
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEUysCyY8er9Axt7hqIt7+33O9apUFAlqfHw8ACgkQIt7+33O9
apXd6QgAkdBZYFx+RgVgfvJaenKD/R5clTVlOGT63Qf0KnK9njn/xCLkbjAV4vPq
fnVKGJqpJ0QF0wY64Gyh8Kh0NJ3RuH50GzNeW9pZ/wvtNkbJ5iZby4/oN8UhKpZb
Chi/0bcM/Qb538hky6YJPbKnJ2DMb4hSU5ufmcWIMIccRkKC/+in/aarZpUGwtHD
kdQ6R2o1vT1+KdXP2OgfuJ/Gf6s8Nq023yHMj7EOyk1M4f7+RUSFFV4wZIe3MNsW
pG6me6GlXD6OF5f6mgDYf4sGZG/8UZx7zwYCVFWzDj1lDs0QRTUrmFzXTlV+63hz
BOPunr5a+PdAFogK+Fr6sfvZctbGYA==
=Oltr
-----END PGP SIGNATURE-----

--CA5yknZ0yvPQg8R5gPdoSxYt4QYQkvwQk--