How does proot support sysexit processing when seccomp starts?

termux / proot

An chroot-like implementation using ptrace.

https://wiki.termux.com/wiki/PRoot

Other

745 stars 161 forks source link

How does proot support sysexit processing when seccomp starts? #228

Closed w296488320 closed 2 years ago

w296488320 commented 2 years ago

                /* Restore tracee's stack pointer now if it won't hit
         * the sysexit stage (i.e. when seccomp is enabled and
         * there's nothing else to do). 
         *  */
        if (tracee->restart_how == PTRACE_CONT) {
            suppressed_syscall_status = tracee->status;
            tracee->status = 0;
            poke_reg(tracee, STACK_POINTER, peek_reg(tracee, ORIGINAL, STACK_POINTER));

        }

I don't know why in seccomp mode to put the ( tracee->status = 0;) This may not execute sysexit. Does it not support sysexit when seccomp is enabled?

w296488320 commented 2 years ago

I have tried using Termux The problem I need to solve now is how to deal with sysexit in the mode of starting seccomp. I tried to start analyzing the proot and found a problem, Does the sysexit not be processed when the seccomp mode is turned on.

michalbednarski commented 2 years ago

If sysexit is handled in seccomp mode is specified on per-syscall basis in seccomp.c or similar lists defined inside extensions

https://github.com/termux/proot/blob/d4e4a07fbdc16e24868c295d3f7de97eca2a7f80/src/syscall/seccomp.c#L330-L335

Here it is specified that for accept and accept4 sysexit will be handled and for access and acct it may be skipped