Re: Crash when attaching uretprobes to processes running in Docker

From: Andrii Nakryiko
Date: Wed Jan 15 2025 - 13:21:00 EST

Next message: Anand Moon: "Re: [PATCH linux-next v1] PCI: rockchip: Improve error handling in clock return value"
Previous message: Bernd Schubert: "Re: [RFC PATCH] fuse: add new function to invalidate cache for all inodes"
In reply to: Alexei Starovoitov: "Re: Crash when attaching uretprobes to processes running in Docker"
Next in thread: Oleg Nesterov: "Re: Crash when attaching uretprobes to processes running in Docker"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 15, 2025 at 9:56 AM Alexei Starovoitov
<alexei.starovoitov@xxxxxxxxx> wrote:
>
> On Wed, Jan 15, 2025 at 7:06 AM Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
> >
> > Or we can change __secure_computing() to do nothing if
> > this_syscall == __NR_uretprobe.
>
> I think that's the best way forward.
> seccomp already allowlists sigreturn syscall.
> uretprobe syscall is in the same category.

+1, we will have a similar problem with sys_uprobe (when it's added).
Just like rt_sigreturn, these are special kernel-only mechanisms, and
the kernel already protects itself from any user abuse. So I think we
should have a way to ensure those special syscalls can go through
regardless of seccomp.

> See __secure_computing_strict.

Next message: Anand Moon: "Re: [PATCH linux-next v1] PCI: rockchip: Improve error handling in clock return value"
Previous message: Bernd Schubert: "Re: [RFC PATCH] fuse: add new function to invalidate cache for all inodes"
In reply to: Alexei Starovoitov: "Re: Crash when attaching uretprobes to processes running in Docker"
Next in thread: Oleg Nesterov: "Re: Crash when attaching uretprobes to processes running in Docker"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]