| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 21 Jan 2023 05:23:13 -0500
From: Gregory Price <gourry.memverge@...il.com>
To: linux-kernel@...r.kernel.org
Cc: linux-fsdevel@...r.kernel.org, linux-doc@...r.kernel.org,
linux-kselftest@...r.kernel.org, krisman@...labora.com,
tglx@...utronix.de, luto@...nel.org, oleg@...hat.com,
peterz@...radead.org, ebiederm@...ssion.com,
akpm@...ux-foundation.org, adobriyan@...il.com, corbet@....net,
shuah@...nel.org, Gregory Price <gregory.price@...verge.com>
Subject: [PATCH v4 0/3] Checkpoint Support for Syscall User Dispatch
v4: Whitespace
s/CHECKPOINT_RESTART/CHECKPOINT_RESUME
check test_syscall_work(SYSCALL_USER_DISPATCH) to determine if it's
turned on or not in fs/proc/array and getter interface
v3: Kernel test robot static function fix
Whitespace nitpicks
v2: Implements the getter/setter interface in ptrace rather than prctl
Syscall user dispatch makes it possible to cleanly intercept system
calls from user-land. However, most transparent checkpoint software
presently leverages some combination of ptrace and system call
injection to place software in a ready-to-checkpoint state.
If Syscall User Dispatch is enabled at the time of being quiesced,
injected system calls will subsequently be interposed upon and
dispatched to the task's signal handler.
This patch set implements 3 features to enable software such as CRIU
to cleanly interpose upon software leveraging syscall user dispatch.
- Implement PTRACE_O_SUSPEND_SYSCALL_USER_DISPATCH, akin to a similar
feature for SECCOMP. This allows a ptracer to temporarily disable
syscall user dispatch, making syscall injection possible.
- Implement an fs/proc extension that reports whether Syscall User
Dispatch is being used in proc/status. A similar value is present
for SECCOMP, and is used to determine whether special logic is
needed during checkpoint/resume.
- Implement a getter interface for Syscall User Dispatch config info.
To resume successfully, the checkpoint/resume software has to
save and restore this information. Presently this configuration
is write-only, with no way for C/R software to save it.
This was done in ptrace because syscall user dispatch is not part of
uapi. The syscall_user_dispatch_config structure was added to the
ptrace exports.
Gregory Price (3):
ptrace,syscall_user_dispatch: Implement Syscall User Dispatch
Suspension
fs/proc/array: Add Syscall User Dispatch to proc status
ptrace,syscall_user_dispatch: add a getter/setter for sud
configuration
.../admin-guide/syscall-user-dispatch.rst | 5 +-
fs/proc/array.c | 8 +++
include/linux/ptrace.h | 2 +
include/linux/syscall_user_dispatch.h | 19 +++++++
include/uapi/linux/ptrace.h | 16 +++++-
kernel/entry/syscall_user_dispatch.c | 51 +++++++++++++++++++
kernel/ptrace.c | 13 +++++
7 files changed, 112 insertions(+), 2 deletions(-)
--
2.39.0
Powered by blists - more mailing lists