[LEDE-DEV] [PATCH] procd seccomp enhancements

[Michal Sojka]

Hi all,

this patch series enhances seccomp sandboxing of procd services. It
introduces two main features:

1. Support for multi-threaded and multi-process services (previously,
   utrace which creates seccomp whitelists was usable only for
   single-threaded processes) and

2. logging of seccomp violations via a user-space tracer rather than
   via kernel patch.

In addition to that, there are many bug fixes and smaller enhancements
such as support for tracing non-contiguous syscalls on ARM.

libubox patches (2):
  uloop: Fix race condition in SIGCHLD handling
  uloop: Enable utracing of multi-threaded programs

procd patches (17):
  utrace: Fix environment initialization
  utrace: Fix off-by-one errors
  Do not disable seccomp when configuration is not found
  Update trace attribute
  utrace: Sort syscalls by number of invocations
  utrace: Trace processes across forks
  utrace: Support tracing multi-threaded processes and vfork
  utrace: Deliver signals to traced processes
  utrace: Use PTHREAD_SEIZE instead of PTHREAD_TRACEME
  seccomp: Log seccomp violations with utrace
  Start seccomp-enabled services via seccomp-trace
  preload-seccomp: Use proper log level for error messages
  seccomp: Improve error message
  utrace: Report ptrace errors
  utrace: Forward SIGTERM to the traced process
  utrace: Support non-contiguous syscall numbers
  utrace: Switch all logging to ulog

source patches (1):
  procd: Install seccomp-trace symlink

procd diffstat:
 jail/preload.c     |   5 +
 jail/seccomp-bpf.h |   1 +
 jail/seccomp.c     |  24 ++---
 jail/seccomp.h     |   4 +
 make_syscall_h.sh  |  48 ++++++++-
 service/instance.c |  21 ++--
 trace/preload.c    |   1 -
 trace/trace.c      | 279 +++++++++++++++++++++++++++++++++++++++++------------
 8 files changed, 291 insertions(+), 92 deletions(-)

-- 
2.14.1