[PR PATCH] proot: fix undumpable tracees

[PR PATCH] proot: fix undumpable tracees

[voidlinux-github]

[-- Attachment #1: Type: text/plain, Size: 441 bytes --]

There is a new pull request by emilio1625 against master on the void-packages repository

https://github.com/emilio1625/void-packages proot
https://github.com/void-linux/void-packages/pull/17764

proot: fix undumpable tracees
Hi, this patch fixes issues like https://github.com/proot-me/proot/issues/173 and https://github.com/termux/proot/issues/70

A patch file from https://github.com/void-linux/void-packages/pull/17764.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-proot-17764.patch --]
[-- Type: text/x-diff, Size: 1874 bytes --]

From 85c45852f3929906e26fbf54e6a0473a58f71d41 Mon Sep 17 00:00:00 2001
From: Emilio Cabrera <emilio1625@gmail.com>
Date: Tue, 24 Dec 2019 16:32:42 -0600
Subject: [PATCH] proot: fix undumpable tracees

---
 ...ent-tracees-from-becoming-undumpable.patch | 37 +++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 srcpkgs/proot/patches/prevent-tracees-from-becoming-undumpable.patch

diff --git a/srcpkgs/proot/patches/prevent-tracees-from-becoming-undumpable.patch b/srcpkgs/proot/patches/prevent-tracees-from-becoming-undumpable.patch
new file mode 100644
index 00000000000..2b8fcce9234
--- /dev/null
+++ b/srcpkgs/proot/patches/prevent-tracees-from-becoming-undumpable.patch
@@ -0,0 +1,37 @@
+diff --git src/syscall/enter.c src/syscall/enter.c
+--- src/syscall/enter.c
++++ src/syscall/enter.c
+@@ -26,6 +26,7 @@
+ #include <linux/net.h>   /* SYS_*, */
+ #include <fcntl.h>       /* AT_FDCWD, */
+ #include <limits.h>      /* PATH_MAX, */
++#include <sys/prctl.h>   /* PR_SET_DUMPABLE */
+
+ #include "syscall/syscall.h"
+ #include "syscall/sysnum.h"
+@@ -563,6 +564,14 @@ int translate_syscall_enter(Tracee *tracee)
+
+ 		status = translate_path2(tracee, newdirfd, newpath, SYSARG_3, SYMLINK);
+ 		break;
++	case PR_prctl:
++		/* Prevent tracees from setting dumpable flag.
++		 * (Otherwise it could break tracee memory access)  */
++		if (peek_reg(tracee, CURRENT, SYSARG_1) == PR_SET_DUMPABLE) {
++			set_sysnum(tracee, PR_void);
++			status = 0;
++		}
++		break;
+ 	}
+
+ end:
+diff --git src/syscall/seccomp.c src/syscall/seccomp.c
+--- src/syscall/seccomp.c
++++ src/syscall/seccomp.c
+@@ -377,6 +377,7 @@ static FilteredSysnum proot_sysnums[] = {
+ 	{ PR_open,		0 },
+ 	{ PR_openat,		0 },
+ 	{ PR_pivot_root,	0 },
++	{ PR_prctl, 		0 },
+ 	{ PR_ptrace,		FILTER_SYSEXIT },
+ 	{ PR_readlink,		FILTER_SYSEXIT },
+ 	{ PR_readlinkat,	FILTER_SYSEXIT },

Re: [PR PATCH] [Updated] proot: fix undumpable tracees

[voidlinux-github]

[-- Attachment #1: Type: text/plain, Size: 446 bytes --]

There is an updated pull request by emilio1625 against master on the void-packages repository

https://github.com/emilio1625/void-packages proot
https://github.com/void-linux/void-packages/pull/17764

proot: fix undumpable tracees
Hi, this patch fixes issues like https://github.com/proot-me/proot/issues/173 and https://github.com/termux/proot/issues/70

A patch file from https://github.com/void-linux/void-packages/pull/17764.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-proot-17764.patch --]
[-- Type: text/x-diff, Size: 2263 bytes --]

From c58a2b2c01d63b4cee24a15af80a367061881abc Mon Sep 17 00:00:00 2001
From: Emilio Cabrera <emilio1625@gmail.com>
Date: Tue, 24 Dec 2019 16:32:42 -0600
Subject: [PATCH] proot: fix undumpable tracees

---
 ...ent-tracees-from-becoming-undumpable.patch | 37 +++++++++++++++++++
 srcpkgs/proot/template                        |  2 +-
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 srcpkgs/proot/patches/prevent-tracees-from-becoming-undumpable.patch

diff --git a/srcpkgs/proot/patches/prevent-tracees-from-becoming-undumpable.patch b/srcpkgs/proot/patches/prevent-tracees-from-becoming-undumpable.patch
new file mode 100644
index 00000000000..2b8fcce9234
--- /dev/null
+++ b/srcpkgs/proot/patches/prevent-tracees-from-becoming-undumpable.patch
@@ -0,0 +1,37 @@
+diff --git src/syscall/enter.c src/syscall/enter.c
+--- src/syscall/enter.c
++++ src/syscall/enter.c
+@@ -26,6 +26,7 @@
+ #include <linux/net.h>   /* SYS_*, */
+ #include <fcntl.h>       /* AT_FDCWD, */
+ #include <limits.h>      /* PATH_MAX, */
++#include <sys/prctl.h>   /* PR_SET_DUMPABLE */
+
+ #include "syscall/syscall.h"
+ #include "syscall/sysnum.h"
+@@ -563,6 +564,14 @@ int translate_syscall_enter(Tracee *tracee)
+
+ 		status = translate_path2(tracee, newdirfd, newpath, SYSARG_3, SYMLINK);
+ 		break;
++	case PR_prctl:
++		/* Prevent tracees from setting dumpable flag.
++		 * (Otherwise it could break tracee memory access)  */
++		if (peek_reg(tracee, CURRENT, SYSARG_1) == PR_SET_DUMPABLE) {
++			set_sysnum(tracee, PR_void);
++			status = 0;
++		}
++		break;
+ 	}
+
+ end:
+diff --git src/syscall/seccomp.c src/syscall/seccomp.c
+--- src/syscall/seccomp.c
++++ src/syscall/seccomp.c
+@@ -377,6 +377,7 @@ static FilteredSysnum proot_sysnums[] = {
+ 	{ PR_open,		0 },
+ 	{ PR_openat,		0 },
+ 	{ PR_pivot_root,	0 },
++	{ PR_prctl, 		0 },
+ 	{ PR_ptrace,		FILTER_SYSEXIT },
+ 	{ PR_readlink,		FILTER_SYSEXIT },
+ 	{ PR_readlinkat,	FILTER_SYSEXIT },
diff --git a/srcpkgs/proot/template b/srcpkgs/proot/template
index 5ee9809c01e..f2d7baf8839 100644
--- a/srcpkgs/proot/template
+++ b/srcpkgs/proot/template
@@ -1,7 +1,7 @@
 # Template file for 'proot'
 pkgname=proot
 version=5.1.0
-revision=6
+revision=7
 build_wrksrc=src
 build_style=gnu-makefile
 make_use_env=yes

Re: proot: fix undumpable tracees

[voidlinux-github]

[-- Attachment #1: Type: text/plain, Size: 254 bytes --]

New comment by oxr463 on void-packages repository

https://github.com/void-linux/void-packages/pull/17764#issuecomment-570012563

Comment:
Testing returns the following,

```sh
./src/proot ssh-agent
proot info: vpid 1: terminated with signal 11
```

Re: proot: fix undumpable tracees

[voidlinux-github]

[-- Attachment #1: Type: text/plain, Size: 288 bytes --]

New comment by oxr463 on void-packages repository

https://github.com/void-linux/void-packages/pull/17764#issuecomment-570012563

Comment:
Testing returns the following,

```sh
./src/proot ssh-agent
proot info: vpid 1: terminated with signal 11
```

What is the expected behavior?

Re: proot: fix undumpable tracees

[voidlinux-github]

[-- Attachment #1: Type: text/plain, Size: 288 bytes --]

New comment by oxr463 on void-packages repository

https://github.com/void-linux/void-packages/pull/17764#issuecomment-570012563

Comment:
Testing returns the following,

```sh
./src/proot ssh-agent
proot info: vpid 1: terminated with signal 11
```

What is the expected behavior?

Re: [PR PATCH] [Closed]: proot: fix undumpable tracees

[voidlinux-github]

[-- Attachment #1: Type: text/plain, Size: 286 bytes --]

There's a closed pull request on the void-packages repository

proot: fix undumpable tracees
https://github.com/void-linux/void-packages/pull/17764

Description:
Hi, this patch fixes issues like https://github.com/proot-me/proot/issues/173 and https://github.com/termux/proot/issues/70