Merge pull request #1 from AkihiroSuda/dev

implement lstat

Author: AkihiroSuda

README.md

@@ -3,7 +3,8 @@
 `subuidless` is an implementaion of OCI Seccomp Receiver for running Rootless Containers without `/etc/subuid` and `/etc/subgid`.
 
 `subuidlesss` emulates ID-related system calls using Seccomp User Notification and XAttrs.
-Unlike ptrace implementatins of similar projects such as [runROOTLESS (PRoot)](https://github.com/rootless-containers/runrootless) and [remainroot](https://github.com/cyphar/remainroot), `subuidless` can minimize the overhead of system call hooking.
+
+Unlike similar projects such as [runROOTLESS (PRoot)](https://github.com/rootless-containers/runrootless) and [remainroot](https://github.com/cyphar/remainroot), `subuidless` can minimize the overhead of system call hooking, as `subuidless` does not use ptrace.
 
 ## Status
 
@@ -64,20 +65,25 @@ $ RUN_OCI_SECCOMP_RECEIVER=~/.subuidless.sock unshare -r crun run -b ./test foo
          0       1001          1
 / # touch foo
 / # chown 42:42 foo
+/ # ls -ln foo
+-rw-r--r--    1 42       42               0 Jul 29 12:06 foo
 ```
 
 Make sure that the `chown` command succeeds without `Invalid argument` error, even though no subuid is configured in the `uid_map` file.
-The UID ang GID are recorded to [the `user.rootlesscontainers` xattr](https://github.com/rootless-containers/proto) of the target file. 
 
-> *FIXME*:
-> The chowned value are not shown in `ls -l` currently. Will be shown after the implementaion of stat syscalls.
-> Use `getfattr -d -e hex -m user.rootlesscontainers` to inspect the xattr value.
+The UID ang GID are recorded to [the `user.rootlesscontainers` xattr](https://github.com/rootless-containers/proto) of the target file. 
 
 ## Hooked system calls
-To be documented, see `SCMP_ACT_NOTIFY` entries in `./test/config.json`.
+- [X] `chown`
+- [ ] `fchown`
+- [ ] `fchownat`
+- [ ] `lchown`
 
-<!--
-TODO: Syscalls to be captured:
+- [X] `lstat`
+- ...
+
+TODO:
+```
 https://github.com/rootless-containers/PRoot/blob/081bb63955eb4378e53cf4d0eb0ed0d3222bf66e/src/extension/fake_id0/fake_id0.c#L141-L205
 https://github.com/cyphar/remainroot/blob/master/src/ptrace/generic-shims.c
--->
+```

main.c

@@ -8,6 +8,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <sys/socket.h>
+#include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/uio.h>
 #include <sys/un.h>
@@ -51,13 +52,25 @@ static int recvfd(int sock) {
   return fd;
 }
 
-static int read_proc_mem_string(char **out, pid_t pid, off_t off,
-                                size_t max_len) {
-  const size_t buf_len = max_len + 1;
-  char *buf = malloc(buf_len);
+static ssize_t write_proc_mem(void *in, pid_t pid, off_t off, size_t buf_len) {
   struct iovec local[1];
   struct iovec remote[1];
-  ssize_t nread;
+  ssize_t nwrite = -1;
+  local[0].iov_base = in;
+  local[0].iov_len = buf_len;
+  remote[0].iov_base = (void *)off;
+  remote[0].iov_len = buf_len;
+  if ((nwrite = process_vm_writev(pid, local, 1, remote, 1, 0)) < 0) {
+    perror("process_vm_readv");
+  }
+  return nwrite;
+}
+
+static ssize_t read_proc_mem(void **out, pid_t pid, off_t off, size_t buf_len) {
+  void *buf = malloc(buf_len);
+  struct iovec local[1];
+  struct iovec remote[1];
+  ssize_t nread = -1;
   local[0].iov_base = buf;
   local[0].iov_len = buf_len;
   remote[0].iov_base = (void *)off;
@@ -68,45 +81,23 @@ static int read_proc_mem_string(char **out, pid_t pid, off_t off,
     *out = NULL;
     return nread;
   }
-  buf[max_len] = '\0';
   *out = buf;
-  return 0;
+  return nread;
 }
 
-#define USER_ROOTLESSCONTAINERS_XATTR "user.rootlesscontainers"
-
-static int set_user_rootlesscontainers_xattr_chdired(const char *pathname,
-                                                     uid_t uid, gid_t gid) {
-  uint8_t *buf = NULL;
-  size_t sz = 0;
-  int rc = -1;
-  Rootlesscontainers__Resource msg;
-  if (uid == 0 && gid == 0) {
-    printf("DEBUG: removing %s xattr on \"%s\" in the PID cwd\n",
-           USER_ROOTLESSCONTAINERS_XATTR, pathname);
-    if ((rc = removexattr(pathname, USER_ROOTLESSCONTAINERS_XATTR)) < 0) {
-      perror("removexattr");
-    }
+static ssize_t read_proc_mem_string(char **out, pid_t pid, off_t off,
+                                    size_t max_len) {
+  ssize_t rc = read_proc_mem((void **)out, pid, off, max_len + 1);
+  if (rc <= 0) {
     return rc;
   }
-  rootlesscontainers__resource__init(&msg);
-  msg.uid = uid;
-  msg.gid = gid;
-  sz = rootlesscontainers__resource__get_packed_size(&msg);
-  buf = malloc(sz);
-  rootlesscontainers__resource__pack(&msg, buf);
-  printf("DEBUG: setting %s xattr (%ld bytes) on \"%s\" in the PID cwd\n",
-         USER_ROOTLESSCONTAINERS_XATTR, sz, pathname);
-  if ((rc = setxattr(pathname, USER_ROOTLESSCONTAINERS_XATTR, buf, sz, 0)) <
-      0) {
-    perror("setxattr");
-  }
-  free(buf);
-  return rc;
+  (*out)[rc - 1] = '\0';
+  return strlen(*out);
 }
 
-static int set_user_rootlesscontainers_xattr(pid_t pid, const char *pathname,
-                                             uid_t uid, gid_t gid) {
+typedef int (*wpc_callback_t)(void *opaque);
+
+static int with_pid_cwd(pid_t pid, wpc_callback_t cb, void *opaque) {
   char proc_pid_cwd[32];
   char *wd = NULL;
   int rc = -1;
@@ -120,7 +111,7 @@ static int set_user_rootlesscontainers_xattr(pid_t pid, const char *pathname,
     free(wd);
     return rc;
   }
-  rc = set_user_rootlesscontainers_xattr_chdired(pathname, uid, gid);
+  rc = cb(opaque);
   if (chdir(wd) < 0) {
     perror("chdir");
     fprintf(stderr, "can't chdir back to the previous wd \"%s\", aborting\n",
@@ -130,7 +121,53 @@ static int set_user_rootlesscontainers_xattr(pid_t pid, const char *pathname,
     return -1;
   }
   free(wd);
-  return 0;
+  return rc;
+}
+
+#define XA_USER_ROOTLESSCONTAINERS "user.rootlesscontainers"
+
+struct x_chown_arg {
+  const char *pathname;
+  uid_t uid;
+  gid_t gid;
+};
+
+static int x_chown_cb(void *opaque) {
+  uint8_t *buf = NULL;
+  size_t sz = 0;
+  int rc = -1;
+  struct x_chown_arg *arg = opaque;
+  if (arg->uid == 0 && arg->gid == 0) {
+    printf("DEBUG: removing %s xattr on \"%s\" in the PID cwd\n",
+           XA_USER_ROOTLESSCONTAINERS, arg->pathname);
+    if ((rc = lremovexattr(arg->pathname, XA_USER_ROOTLESSCONTAINERS)) < 0) {
+      perror("lremovexattr");
+    }
+    return rc;
+  }
+  Rootlesscontainers__Resource msg;
+  rootlesscontainers__resource__init(&msg);
+  msg.uid = arg->uid;
+  msg.gid = arg->gid;
+  sz = rootlesscontainers__resource__get_packed_size(&msg);
+  buf = malloc(sz);
+  rootlesscontainers__resource__pack(&msg, buf);
+  printf("DEBUG: setting %s xattr (%ld bytes) on \"%s\" in the PID cwd\n",
+         XA_USER_ROOTLESSCONTAINERS, sz, arg->pathname);
+  if ((rc = lsetxattr(arg->pathname, XA_USER_ROOTLESSCONTAINERS, buf, sz, 0)) <
+      0) {
+    perror("lsetxattr");
+  }
+  free(buf);
+  return rc;
+}
+
+static int x_chown(pid_t pid, const char *pathname, uid_t uid, gid_t gid) {
+  struct x_chown_arg arg;
+  arg.pathname = pathname;
+  arg.uid = uid;
+  arg.gid = gid;
+  return with_pid_cwd(pid, x_chown_cb, &arg);
 }
 
 static void handle_sys_chown(struct seccomp_notif *req,
@@ -139,16 +176,95 @@ static void handle_sys_chown(struct seccomp_notif *req,
   uid_t uid = req->data.args[1];
   gid_t gid = req->data.args[2];
   read_proc_mem_string(&pathname, req->pid, req->data.args[0], PATH_MAX);
-  fprintf(stderr, "debug: <<< ID=%llud sys_chown(\"%s\", %d, %d)\n", req->id,
-          pathname, uid, gid);
-  if (set_user_rootlesscontainers_xattr(req->pid, pathname, uid, gid) < 0) {
-    resp->error = -1;
-    resp->error = -EIO;
+  int rc;
+  if ((rc = x_chown(req->pid, pathname, uid, gid)) < 0) {
+    resp->val = rc;
+    resp->error = -errno;
+    if (resp->error == 0) {
+      resp->error = -EIO;
+    }
   }
-  fprintf(stderr, "debug: >>> ID=%llud error=%d\n", req->id, resp->error);
   free(pathname);
 }
 
+struct x_lstat_arg {
+  const char *pathname;
+  struct stat *st;
+};
+
+static int x_lstat_cb(void *opaque) {
+  struct x_lstat_arg *arg = opaque;
+  int rc = lstat(arg->pathname, arg->st);
+  if (rc < 0) {
+    return rc;
+  }
+  /* convert uid-outside-userns into uid-inside-userns, e.g. 1001 -> 0 */
+  /* TODO: use /proc/%d/uid_map if extists */
+  /* TODO: can we call lstat inside userns? */
+  if (arg->st->st_uid == geteuid()) {
+    arg->st->st_uid = 0;
+  }
+  if (arg->st->st_gid == getegid()) {
+    arg->st->st_gid = 0;
+  }
+
+  ssize_t xa_sz = lgetxattr(arg->pathname, XA_USER_ROOTLESSCONTAINERS, NULL, 0);
+  if (xa_sz <= 0) {
+    /* The xattr is not set */
+    return rc;
+  }
+  void *xa_buf = malloc(xa_sz);
+  if (lgetxattr(arg->pathname, XA_USER_ROOTLESSCONTAINERS, xa_buf, xa_sz) < 0) {
+    perror("lgetxattr");
+    /* ignore error */
+    return rc;
+  }
+  Rootlesscontainers__Resource *msg =
+      rootlesscontainers__resource__unpack(NULL, xa_sz, xa_buf);
+  if (msg == NULL) {
+    fprintf(stderr, "cannot decode %s xattr on \"%s\"\n",
+            XA_USER_ROOTLESSCONTAINERS, arg->pathname);
+    /* ignore error */
+    free(xa_buf);
+    return rc;
+  }
+  if (msg->uid >= 0) {
+    arg->st->st_uid = msg->uid;
+  }
+  if (msg->gid >= 0) {
+    arg->st->st_gid = msg->gid;
+  }
+  free(xa_buf);
+  rootlesscontainers__resource__free_unpacked(msg, NULL);
+  return rc;
+}
+
+static int x_lstat(pid_t pid, const char *pathname, struct stat *st) {
+  struct x_lstat_arg arg;
+  arg.pathname = pathname;
+  arg.st = st;
+  return with_pid_cwd(pid, x_lstat_cb, &arg);
+}
+
+static void handle_sys_lstat(struct seccomp_notif *req,
+                             struct seccomp_notif_resp *resp) {
+  char *pathname = NULL;
+  struct stat *st = NULL;
+  read_proc_mem_string(&pathname, req->pid, req->data.args[0], PATH_MAX);
+  read_proc_mem((void **)&st, req->pid, req->data.args[1], sizeof(struct stat));
+  int rc;
+  if ((rc = x_lstat(req->pid, pathname, st)) < 0) {
+    resp->val = rc;
+    resp->error = -errno;
+    if (resp->error == 0) {
+      resp->error = -EIO;
+    }
+  }
+  write_proc_mem(st, req->pid, req->data.args[1], sizeof(struct stat));
+  free(pathname);
+  free(st);
+}
+
 static void handle_req(struct seccomp_notif *req,
                        struct seccomp_notif_resp *resp) {
   resp->id = req->id;
@@ -157,6 +273,9 @@ static void handle_req(struct seccomp_notif *req,
   case __NR_chown:
     handle_sys_chown(req, resp);
     break;
+  case __NR_lstat:
+    handle_sys_lstat(req, resp);
+    break;
   default:
     fprintf(stderr, "Unexpected syscall %d, returning -ENOTSUP\n",
             req->data.nr);

test/config.json

@@ -170,9 +170,7 @@
         {
           "names": [
             "chown",
-            "fchown",
-            "lchown",
-            "fchownat"
+            "lstat"
           ],
           "action": "SCMP_ACT_NOTIFY"
         }