search

eafer / rdrview

Firefox Reader View as a command line tool
Apache License 2.0
844 stars 36 forks source link

"Operation not permitted": on ARM it only runs with "disable-sandbox" #14

Open m040601 opened 3 years ago

m040601 commented 3 years ago

Hi, first of all thanks for your work in this extremely usefull written in C for speed and promising tool.

I've been testing and using it on my x64 Arch Linux for some months. Very happy.

It's intended to be used with terminal RSS readers, to make the articles more readable on web browsers such as lynx.

I use it with w3m. Feel free to update the README as well.

W3m is a very underrated (and badly documented) cli browser. But with incredible customizing options. It works amazingly fast with rdrview.

You can use it for a one shot operation like this:

$ rdrview -H https://www.bbc.com/news/world-asia-china-55784231 | w3m -T text/html

or

$ rdrview -H https://www.bbc.com/news/world-asia-china-55784231 | w3m -T text/html -dump

Or for interactive browsing. You can for example add these lines to the config file, ~/.w3m/keymap

keymap \\\r COMMAND "SHELL 'rdrview -H $W3M_URL > /tmp/rdrview.html' ; LOAD /tmp/rdrview.html"

or

keymap \\\r COMMAND "SHELL 'clear; echo \"parsing page with rdrview\" ; echo ; rdrview -H $W3M_URL > /tmp/rdrview.html' ; LOAD /tmp/rdrview.html"

and then use "\r" when your browsing a page inside w3m.

My issue is when I try to run in on Arm, also Arch Linux, armv7.

I tried it on both a chromebook running:

Linux alarmsung 5.10.10-1-ARCH #1 SMP PREEMPT Sat Jan 23 23:26:35 UTC 2021 armv7l GNU/Linux

and a Raspberry Pi 2 running:

Linux alarmpi 5.4.83-4-ARCH #1 SMP PREEMPT Wed Jan 20 14:06:49 UTC 2021 armv7l GNU/Linux

I install rdrview by hand. I do not use the Arch User AUR package like this other user, https://github.com/eafer/rdrview/issues/13. This AUR arch linux is not well maintained and is marked only for x64 not Arm, https://aur.archlinux.org/packages/rdrview-git

What I do instead is this. I do git clone .. and then run make.

On both these ARM systems I have the exact same needed dependencies installed

They are the same as in my working x64 system, and they are official distro packages:


local/libseccomp 2.5.1-2
    Enhanced seccomp library
local/libxml2 2.9.10-8
    XML parsing library, version 2
local/libcurl-gnutls 7.74.0-1
    An URL retrieval library (linked against gnutls)

Compilation with make runs without a problem. But running it, whatever the options choosen always gets me a message:

rdrview: Operation not permitted

If I use the flag "--disable-sandbox" then it works.

I'm not a developer, and have zero understanding of C programing, syscalls or security. The only thing I could find that brought me here was the similar issue by the other user.

https://github.com/eafer/rdrview/issues/10#start-of-content ...I am on a musl based system.... ... have to use 'disable-sandbox' to get a webpage rendered....

Additional info that might be usefull:

  1. Some libs

Architecture : armv7h

glibc, Version         : 2.32-2
gcc, Version         : 10.2.0-1
  1. strace

$ strace rdrview -M https://www.bbc.com/news/world-asia-china-55784231 2>> error_log.txt

error_log.txt

  1. The compiled binary on arm:

    $ file ./rdrview

./rdrview: ELF 32-bit LSB pie executable, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, BuildID[sha1]=b7438379398f311b185c1ba3a7ba9019f245321d, for GNU/Linux 3.2.0, not stripped

eafer commented 3 years ago

Hi,

Hi, first of all thanks for your work in this extremely usefull written in C for speed and promising tool.

I'm glad that you like it.

My issue is when I try to run in on Arm, also Arch Linux, armv7.

Thanks for the report. These problems are expected with seccomp from time to time, so it's good that I hear about it. Try running this:

strace -f rdrview -H 'https://github.com/eafer/rdrview' 2>&1 >/dev/null | grep EPERM

And send me the output. That should tell us which syscalls are getting blocked, so that I can add them to the whitelist.

m040601 commented 3 years ago

...And send me the output

pulled the latest commits, compiled a fresh one, and here it is:

[pid 18413] fstat64(5, 0xbebd5b60)      = -1 EPERM (Operation not permitted)
[pid 18413] fcntl64(4, F_GETFL)         = -1 EPERM (Operation not permitted)
eafer commented 3 years ago

[pid 18413] fstat64(5, 0xbebd5b60) = -1 EPERM (Operation not permitted) [pid 18413] fcntl64(4, F_GETFL) = -1 EPERM (Operation not permitted)

Ok, I just pushed a patch that allows fstat64(). If this doesn't solve the problem, run the strace command I gave you before and send me the ouput again.

m040601 commented 3 years ago

Still failing.

$ git show origin/master --no-patch

commit ecda324fd9aa1cba07b9a00ac10af0ab7e55c663
Author: Ernesto A. Fernández <ernesto.mnd.fernandez@gmail.com>
Date:   Tue Jan 26 15:23:38 2021 -0300

    Allow 64-bit version of fstat() syscall on Linux
    ...

$ strace -f rdrview -H 'https://github.com/eafer/rdrview' 2>&1 >/dev/null | grep EPERM

[pid  4158] mmap2(NULL, 153932, PROT_READ|PROT_WRITE, MAP_SHARED, 5, 0) = -1 EPERM (Operation not permitted)
[pid  4158] fcntl64(4, F_GETFL)         = -1 EPERM (Operation not permitted)
eafer commented 3 years ago

[pid 4158] mmap2(NULL, 153932, PROT_READ|PROT_WRITE, MAP_SHARED, 5, 0) = -1 EPERM (Operation not permitted)

OK, I just pushed a patch to allow mmap2(). I tested it myself this time on a Raspberry Pi, so it should work, but let me know.

m040601 commented 3 years ago

... so it should work

Yes it does. Tested on both Raspberry Pi and Chromebook (armv7). I dont have a Raspberry Pi 4 for testing armv8/aarch64.

parkerlreed commented 3 years ago

I can confirm working on AArch64 on another rplatform image

parkerlreed commented 3 years ago

Although I can't seem to use it with a browser 

[parker@nintendoswitch rdrview-git]$ rdrview -B links 'https://github.com/eafer/rdrview' 
rdrview: Operation not permitted
[parker@nintendoswitch rdrview-git]$ rdrview -B lynx 'https://github.com/eafer/rdrview' 
rdrview: Operation not permitted

Gist of strace (See next message) https://gist.github.com/1bf87765d716ce60b011dd1a633132cf

parkerlreed commented 3 years ago

Forgot to do the follow-forks https://gist.github.com/2948087883f55cccd44164fb9745ffa0

9214  dup(1)                            = 4
9214  dup3(3, 1, 0)                     = -1 EPERM (Operation not permitted)
9214  dup(2)                            = 6
9214  fcntl(6, F_GETFL)                 = -1 EPERM (Operation not permitted)
9214  close(6)                          = 0
9214  write(2, "rdrview: Operation not permitted"..., 33) = 33
eafer commented 3 years ago

Although I can't seem to use it with a browser

It seems that your standard library implements dup2() using the dup3() syscall instead. I'm pushing a patch to allow dup3(), let me know if it's not enough.

parkerlreed commented 3 years ago

Works great! Thanks.

Since I forgot to mention: That's Arch Linux ARM (aarch64)

ghost commented 3 years ago

I don't know if this is an issue worthy of it's own thread, but I was having a similar issue on x64 Arch Linux, so I ran the strace previously posted here and got the following errors

[pid 2026874] newfstatat(5, "", 0x7ffd80399170, AT_EMPTY_PATH) = -1 EPERM (Operation not permitted)
[pid 2026874] fcntl(4, F_GETFL)         = -1 EPERM (Operation not permitted)

So I tried adding the following lines to my sandbox.c and it worked perfectly.

    fail |= seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(newfstatat), 0);
    fail |= seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fcntl), 0);
eafer commented 3 years ago

[pid 2026874] newfstatat(5, "", 0x7ffd80399170, AT_EMPTY_PATH) = -1 EPERM (Operation not permitted)

Thank you for the report. It seems that your libc implements fstat() using a variation of fstatat(). I can't just allow fstatat() because it's called with a path, not with a file descriptor, so it's too dangerous. This is all very annoying: I think I will have to write my own wrapper...

eafer commented 3 years ago

[pid 2026874] newfstatat(5, "", 0x7ffd80399170, AT_EMPTY_PATH) = -1 EPERM (Operation not permitted)

Ok, I'm just moving the call to fstat() outside the sandbox. That doesn't carry any risk, and it should make all these problems go away. Please let me know if it works for you.

yuuyins commented 3 years ago

I'm facing the same issue (or at least seems like the same). But I'm on x86_64-linux (NixOS). only --disable-sandbox works

eafer commented 3 years ago

I'm facing the same issue (or at least seems like the same). But I'm on x86_64-linux (NixOS). only --disable-sandbox works

Can you run

strace -f rdrview -H 'https://github.com/eafer/rdrview' 2>&1 >/dev/null | grep EPERM

and send me the output?

yuuyins commented 3 years ago

@eafer 

[pid 435094] newfstatat(5, "", 0x7ffc3cf6a770, AT_EMPTY_PATH) = -1 EPERM (Operation not permitted)
[pid 435094] fcntl(4, F_GETFL)          = -1 EPERM (Operation not permitted)

PS: I'm using https://github.com/eafer/rdrview/commit/7be01fb36a6ab3311a9ad1c8c2c75bf5c1345d93

eafer commented 3 years ago

PS: I'm using 7be01fb

In that case, I think this issue has already been fixed. Try the current head.

yuuyins commented 3 years ago

@eafer tested with rev 444ce3d6efd8989cd6ecfdc0560071b20e622636 and the issue is no longer. I previously hadn't checked if Nix package was up to date, sorry about this.

eafer commented 3 years ago

@eafer tested with rev 444ce3d6efd8989cd6ecfdc0560071b20e622636 and the issue is no longer. I previously hadn't checked if Nix package was up to date, sorry about this.

No problem, I'm glad it works.