lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20230109153348.5625-1-gregory.price@memverge.com>
Date:   Mon,  9 Jan 2023 10:33:45 -0500
From:   Gregory Price <gourry.memverge@...il.com>
To:     linux-kernel@...r.kernel.org
Cc:     linux-fsdevel@...r.kernel.org, linux-doc@...r.kernel.org,
        linux-kselftest@...r.kernel.org, krisman@...labora.com,
        tglx@...utronix.de, luto@...nel.org, oleg@...hat.com,
        peterz@...radead.org, ebiederm@...ssion.com,
        akpm@...ux-foundation.org, adobriyan@...il.com, corbet@....net,
        shuah@...nel.org, Gregory Price <gregory.price@...verge.com>
Subject: [RFC PATCH 0/3] Checkpoint Support for Syscall User Dispatch

Syscall user dispatch makes it possible to cleanly intercept system
calls from user-land.  However, most transparent checkpoint software
presently leverages some combination of ptrace and system call
injection to place software in a ready-to-checkpoint state.

If Syscall User Dispatch is enabled at the time of being quiesced,
injected system calls will subsequently be interposed upon and
dispatched to the task's signal handler.

This patch set implements 3 features to enable software such as CRIU
to cleanly interpose upon software leveraging syscall user dispatch.

- Implement PTRACE_O_SUSPEND_SYSCALL_USER_DISPATCH, akin to a similar
  feature for SECCOMP.  This allows a ptracer to temporarily disable
  syscall user dispatch, making syscall injection possible.

- Implement an fs/proc extension that reports whether Syscall User
  Dispatch is being used in proc/status.  A similar value is present
  for SECCOMP, and is used to determine whether special logic is
  needed during checkpoint/resume.

- Implement a getter interface for Syscall User Dispatch config info.
  To resume successfully, the checkpoint/resume software has to
  save and restore this information.  Presently this configuration
  is write-only, with no way for C/R software to save it.


Signed-off-by: Gregory Price <gregory.price@...verge.com>  


Gregory Price (3):
  ptrace,syscall_user_dispatch: Implement Syscall User Dispatch
    Suspension
  fs/proc/array: Add Syscall User Dispatch to proc status
  prctl,syscall_user_dispatch: add a getter for configuration info

 .../admin-guide/syscall-user-dispatch.rst     | 18 +++++++
 fs/proc/array.c                               |  8 +++
 include/linux/ptrace.h                        |  2 +
 include/linux/syscall_user_dispatch.h         |  7 +++
 include/uapi/linux/prctl.h                    |  3 ++
 include/uapi/linux/ptrace.h                   |  6 ++-
 kernel/entry/syscall_user_dispatch.c          | 19 +++++++
 kernel/ptrace.c                               |  5 ++
 kernel/sys.c                                  |  4 ++
 .../syscall_user_dispatch/sud_test.c          | 54 +++++++++++++++++++
 10 files changed, 125 insertions(+), 1 deletion(-)


-- 
2.37.3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ