TOMOYO

Fork

[tomoyo-dev-en 63] Re: UUID: Simple process isolation module

Jamie Nguyen dysco****@gmail*****
Fri Dec 24 08:48:35 JST 2010

• Previous message: [tomoyo-dev-en 24] UUID: Simple process isolation module
• Next message: [tomoyo-dev-en 64] Re: UUID: Simple process isolation module
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Tetsuo Handa wrote:
> TOMOYO/AKARI do not have MCS category labels. Therefore, I've just wrote a LSM
> module which assigns security context on processes in order to restrict
> inter-process operations.
>
> This module is intended for preventing qemu-kvm process from attacking other
> processes. But this module can be applied for generic purpose.
> Comments/suggestions are welcome.
>
> This module should work on all 2.6 kernels (2.6.0 - 2.6.37-rc4)
> but I haven't tested.
>
> (This module is named UUID because I thought I need to use UUID assigned to
> each virtual machine. But currently this module is not using UUID at all.)

I have just got around to testing the module. I'm using on 32bit
2.6.36.2 kernel.

I have run these commands in xterm, where XXXX is another xterm:

# modprobe uuid
# : < /proc/uuid1
# : < /proc/uuid2
# strace -p XXXX
Killed.
# ls /proc/XXXX

At this point, my system freezes. I have given log message from
/var/log/everything.log below [1].

I tested again with these commands:

# modprobe uuid
# : < /proc/uuid1
# : < /proc/uuid2
(change to other xterm)
# : < /proc/uuid1
# : < /proc/uuid2
# strace -p XXXX

At this point the system freezes. I have given log messages from
/var/log/everything.log in pastebin [2].

I am also unsure about usage. Suppose I wish to isolate a program
before running it (e.g. firefox). What is the method to do this?

Kind regards.


[1]

Dec 23 23:20:05 localhost kernel: &security_ops=c158366c
Dec 23 23:20:05 localhost kernel: UUID: 0.0.0   2010/12/06
Dec 23 23:20:06 localhost kernel: Allocated task(1,0) ('bash',pid=1199)
Dec 23 23:20:07 localhost kernel: Allocated task(1,1) ('bash',pid=1199)
Dec 23 23:20:13 localhost kernel: BUG: unable to handle kernel NULL
pointer dereference at 00000010
Dec 23 23:20:13 localhost kernel: IP: [<f082234e>]
uuid_check_task+0xbe/0x120 [uuid]
Dec 23 23:20:13 localhost kernel: *pde = 00000000
Dec 23 23:20:13 localhost kernel: Oops: 0000 [#1] PREEMPT SMP
Dec 23 23:20:13 localhost kernel: last sysfs file:
/sys/devices/virtual/vtconsole/vtcon0/uevent
Dec 23 23:20:13 localhost kernel: Modules linked in: uuid
snd_seq_dummy parport_pc snd_seq_oss snd_seq_midi_event snd_seq
snd_ens1370 gameport snd_pcm_oss snd_rawmidi ppdev snd_seq_device
snd_mixer_oss snd_pcm processor button thermal snd_timer snd lp
i2c_piix4 sg psmouse soundcore evdev serio_raw snd_page_alloc parport
pcspkr i2c_core virtio_net usbhid hid floppy ext4 mbcache jbd2 crc16
uhci_hcd sr_mod cdrom usbcore ata_piix libata virtio_blk scsi_mod
virtio_pci
Dec 23 23:20:13 localhost kernel:
Dec 23 23:20:13 localhost kernel: Pid: 1203, comm: strace Not tainted
2.6.36-ARCH #1 /Bochs
Dec 23 23:20:13 localhost kernel: EIP: 0060:[<f082234e>] EFLAGS: 00010286 CPU: 0
Dec 23 23:20:13 localhost kernel: EIP is at uuid_check_task+0xbe/0x120 [uuid]
Dec 23 23:20:13 localhost kernel: EAX: 00000000 EBX: ee968f0c ECX:
ee96af70 EDX: 00000001
Dec 23 23:20:13 localhost kernel: ESI: eea25b60 EDI: 000004b1 EBP:
eea31f54 ESP: eea31f1c
Dec 23 23:20:13 localhost kernel: DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Dec 23 23:20:13 localhost kernel: Process strace (pid: 1203,
ti=eea30000 task=ee96af70 task.ti=eea30000)
Dec 23 23:20:13 localhost kernel: Stack:
Dec 23 23:20:13 localhost kernel: b7761aa0 00000000 ee83a580 eea31fb4
c1028d60 eea31fac c1028f37 ee968f0c
Dec 23 23:20:13 localhost kernel: <0> 000004b1 f0823836 f0823836
ee968cf0 00000002 ee968eec eea31f64 f0822953
Dec 23 23:20:13 localhost kernel: <0> ee968cf0 00000002 eea31f6c
c1167f2c eea31f7c c104ebc1 fffffdff ee968cf0
Dec 23 23:20:13 localhost kernel: Call Trace:
Dec 23 23:20:13 localhost kernel: [<c1028d60>] ? do_page_fault+0x0/0x3e0
Dec 23 23:20:13 localhost kernel: [<c1028f37>] ? do_page_fault+0x1d7/0x3e0
Dec 23 23:20:13 localhost kernel: [<f0822953>] ?
uuid_ptrace_access_check+0x13/0x40 [uuid]
Dec 23 23:20:13 localhost kernel: [<c1167f2c>] ?
security_ptrace_access_check+0xc/0x10
Dec 23 23:20:13 localhost kernel: [<c104ebc1>] ? __ptrace_may_access+0x71/0xf0
Dec 23 23:20:13 localhost kernel: [<c104ed31>] ? ptrace_attach+0xa1/0x130
Dec 23 23:20:13 localhost kernel: [<c104f2cf>] ? sys_ptrace+0xcf/0xf0
Dec 23 23:20:13 localhost kernel: [<c100379f>] ? sysenter_do_call+0x12/0x28
Dec 23 23:20:13 localhost kernel: Code: d4 8b 4e 0c 39 48 0c 74 cc 8b
7d f0 64 8b 0d ac a4 49 c1 89 7c 24 24 8b bb 20 01 00 00 81 c3 1c 02
00 00 89 5c 24 1c 89 7c 24 20 <8b> 58 10 bf 01 00 00 00 89 5c 24 18 8b
40 0c 89 44 24 14 8b 81
Dec 23 23:20:13 localhost kernel: EIP: [<f082234e>]
uuid_check_task+0xbe/0x120 [uuid] SS:ESP 0068:eea31f1c
Dec 23 23:20:13 localhost kernel: CR2: 0000000000000010
Dec 23 23:20:13 localhost kernel: ---[ end trace e361277a03dff0cd ]---
Dec 23 23:20:13 localhost kernel: note: strace[1203] exited with preempt_count 2
Dec 23 23:20:16 localhost kernel: Allocated pipe(1,1) by task(1,1)
('bash',pid=1199) (ed4e0150)

[2] http://pastebin.com/wsEJNSps

• Previous message: [tomoyo-dev-en 24] UUID: Simple process isolation module
• Next message: [tomoyo-dev-en 64] Re: UUID: Simple process isolation module
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]