ãã«ãã¹ã¬ããã®é決å®è«çãªæ§è³ªã«ãããããããããã°ããã®ã¯å°é£ã§ãããç§ã¯ããªãåçŸæ§ã®ãããã¹ãã±ãŒã¹seccomp_omp.c.gzã«å°éãããšæããŸãã -O0 -ggdb -fopenmp
ãŠããã°ã©ã ãã³ã³ãã€ã«ããŸãã
1ã€ã®ã¹ã¬ããã ãã§å®è¡ããçŠæ¢ãããŠããsyscallãå®è¡ããããšãããã°ã©ã ã¯æåŸ ã©ããã«çµäºããŸãã
$ ./seccomp_omp -t 1 -k 0
86195973
[1] 10103 invalid system call (core dumped) ./seccomp_omp -t 1 -k 0
ãã ããã¹ã¬ãããå¢ãããšãæ©èœããªããªããŸãã
$ ./seccomp_omp -t 2 -k 0
86198868
86195973
86200317
^C
ããã°ã©ã ã¯æ®ºãããããšã¯ãªããäœãããã®ããããã ãã§ãã SIGSYSã·ã°ãã«ã«äœãèµ·ãã£ãã®ãããããŠãªããããåŠçãããªãã®ããç§ã¯éæ¹ã«æ®ããŠããŸãã
ããã¯libseccompã®åé¡ã§ã¯ãªããããããŸããããç§ã¯seccompãã·ã°ãã«ãããã³ã¹ã¬ããã·ã¹ãã å šè¬ã«ã€ããŠãæ ¹æ¬çãªåå ããããã°ããã®ã«ååãªç¥èããããŸããã ããªãããããç解ã§ããããšãé¡ã£ãŠããŸãã
泚ïŒç§ã¯ãŸã ããªãã®ãã¹ãã±ãŒã¹ãèŠãŠããŸãããç§ã¯ããªãã®ããæžããã説æã«åºã¥ããŠæšæž¬ããŠããŸã
ããã®ãã«ãã¹ã¬ããã®æ§è³ªãèæ
®ããŠãã«ãŒãã«ã«ãã£ã«ã¿ãŒãããŒãããåã«ã SCMP_FLTATR_CTL_TSYNC
ãã£ã«ã¿ãŒå±æ§ãtrueã«èšå®ããŠã¿ãŸãããïŒ
ã¹ã¬ããã«åå²ããåã«seccompãã£ã«ã¿ãŒãè¿œå ããããã SCMP_FLTATR_CTL_TSYNC
èšå®ããŸããSCMP_FLTATR_CTL_TSYNC
ãè¿œå ããŠããéãã¯ãããŸããïŒããã¯ãããã³ãã£ãã¯ãšã©ãŒåŠçã§100è¡æªæºã§ãïŒã
ããŠãç§ã¯ããã«ã€ããŠèšåãããã£ãã ãã§ãã æ£ããå®è¡ããŠããããã§ãïŒæ°ããã¹ã¬ãããçæããåã«ãã£ã«ã¿ãŒãèšå®ããŸãïŒã ããèŠãå¿ èŠããããŸãããããã«ãããè¡ãæ©äŒããªããããããŸããã
ç§ãé²éªšã«ééã£ãããšãããŠããªããšãã確èªã¯ç§ã«ãšã£ãŠååã§ãã ãã£ããããŠãã ããïŒ
ã·ã³ã°ã«ã¹ã¬ããã®äŸ./seccomp_omp -t 1 -k 0
ã§ã¯ãopenmpã¯ã·ã³ã°ã«ã¹ã¬ããã®ã¿ãå®è¡ãããããšãèªèããŠãããããopenmpã¯ãã«ãã¹ã¬ããã®forã«ãŒãã§éåžžè¡ãåæã®å€ãããã€ãã¹ããŸãã ã«ãŒãã«ã®seccomp_run_filtersïŒïŒã§åŠçãããã·ã¹ãã ã³ãŒã«ã芳å¯ããããšã§ããã確èªããŸããã äºæ³éãã__ NR_writeïŒïŒã®åŒã³åºããš__NR_madviseïŒïŒã®åŒã³åºãããããseccompãã«ãŒãã«ã«ã¹ã¬ããã匷å¶çµäºããããã«æ瀺ããŸããã
ãã«ãã¹ã¬ããã®äŸ./seccomp_omp -t 2 -k 0
ã§ã¯ãopenmpã¯forã«ãŒãã䞊ååããããšããŸãã ãããã£ãŠãopenmpã©ã€ãã©ãªã®å€ããå©çšãããŸãã ããã¯ãseccomp_run_filtersïŒïŒãä»ããŠã·ã¹ãã ã³ãŒã«ãå床ç£èŠãããšãã«æããã«ãªããŸãã __NR_mmapïŒïŒã__ NR_mprotectïŒïŒã__ NR_cloneïŒïŒã__ NR_futexïŒïŒãããã³ãã®ä»ã®syscallã¯ãmadviseïŒïŒãåŒã³åºãåã«åŒã³åºãããŸãã æçµçã«ã2ã€ã®ã¹ã¬ããã®ãã¡ã®1ã€ãæçµçã«madviseïŒïŒãåŒã³åºããseccompããã®ã¹ã¬ãããé©åã«åŒ·å¶çµäºããŸãã ããããopenmpã¯ã¹ã¬ããéã§åæãåãã2çªç®ã®ã¹ã¬ãããmadviseïŒïŒãåŒã³åºãïŒãããŠåŒ·å¶çµäºããïŒåã«ã2çªç®ã®ã¹ã¬ããã¯ãããã¹ã¬ããããã®äœããåŸ
æ©ããŠãããšãã«futexïŒïŒãåŒã³åºããŸãã ãããŠããããããã°ã©ã ããã³ã°ããçç±ã§ãã 1ã€ã®ã¹ã¬ããã匷å¶çµäºããã2çªç®ã®ã¹ã¬ããã¯ïŒãããã¹ã¬ããããã®ïŒããŒã¿ãå°çããªãã®ãåŸ
ã£ãŠããŸãã
ç§ã¯ãOpenMPã§ãã£ãšåããŠããããããã€ãã®è°è«[ãããããã«æãããŠããªã1 ã 2 ã 3䞊åãããã¯å ã®ä¿¡å·ã§ã...]ã æçµçã«ã¯ãé¿ããã®ãæåã®é£ããåé¡ã®ããã«èŠããŸãã
ããã€ãã®æœåšçãªç°¡åãªè§£æ±ºçãããããã§ãïŒ
ããã©ã«ãã®ãã³ãã©ãŒãšããŠSCMP_ACT_KILL
ã䜿çšããªãã§ãã ããã 代ããã«ã代ããã«ãšã©ãŒã³ãŒãã䜿çšããããã«åãæ¿ããŸãïŒäŸïŒ SCMP_ACT_ERROR(5)
ã ãµã³ãã«ããã°ã©ã ã§ãã®å€æŽãè¡ããæ£ããçµäºããããšã確èªããŸããã
openmpã®æ©èœãå¿ èŠãªãå Žåã¯ãpthread_createïŒïŒãforkïŒïŒãªã©ã®ããäžè¬çãªãœãªã¥ãŒã·ã§ã³ã®äœ¿çšã«åãæ¿ããããšãã§ããŸãã
@drakenclimberãªã®ã§ãåé¡ã¯å®éã«ã¯openmpãè¿œå ã®ã·ã¹ãã ã³ãŒã«ãäœæããŠããã ãã®ããã«èãããŸãããéåžžã¯ãã£ã«ã¿ãŒã®äžéšã§ã¯ãªãå¯èœæ§ããããŸããïŒ ãããšãããã倧ããªãã€ã³ããæ¬ ããŠããŸããïŒ
@drakenclimberãæéã
ããå€ãã®ã³ã³ããã¹ããäžããããã«ïŒç§ã¯ç§åŠçãªã³ãŒããæžããŠããã®ã§ãOpenMPã§ç©äºãã·ã³ãã«ã«ä¿ã€ã®ã奜ãã§ãã ãã ãããŠãŒã¶ãŒãèªåèªèº«ããä¿è·ããããšãæã£ãŠããŸãã ãããã£ãŠãç§ã®ããã°ã©ã ãç°åžžãªããšãããå Žåã¯ããããç¡å¹ã«ããã ãã§ãã ç§ãæçµçã«éæãããã®ã¯ãããã»ã¹ïŒïŒ96ïŒããã劥åœãªãšã©ãŒã¡ãã»ãŒãžã§åŒ·å¶çµäºããããšã ãšæããŸãã
ç§ã¯ã§ã¯errnoã«äœ¿çšããå¿
èŠããããŸãã©ã®ãããªå€SCMP_ACT_ERROR
å¯æ¥ã«æš¡å£ããããã«SECCOMP_RET_KILL_PROCESS
ïŒ ãã¹ãŠã®ã·ã¹ãã ã³ãŒã«ã§æ£åžžã«æ©èœãããã®ã¯ãããŸããïŒ
@ pcmoore-ã¡ãã£ãšã ãããããã倧ããªåé¡ã¯ãopenmpã䞊åæ§é å ã§ã·ã°ãã«ãé©åã«åŠçããªãããšã ãšæããŸãã ããã¯ä»æ§ã«ãããã®ã ãšæããŸãã
@ kloetzl-å¿é ãããŸãã
ctx = seccomp_init(SCMP_ACT_ERRNO(ENOTBLK));
...
bool kill_process = false;
int rc;
#pragma omp parallel for num_threads(THREADS)
for (int i = 0; i < THREADS * 2; i++) {
fprintf(stderr, "%u\n", func(i));
if (i == K) {
rc = madvise(NULL, 0, 0);
if (rc < 0)
kill_process = true;
}
// sleep(10);
}
if (kill_process)
goto error;
seccomp_release(ctx);
return 0;
error:
seccomp_release(ctx);
return -1;
}
errnoãSCMP_ACT_ERRNO()
è¿ãå¿
èŠããããã©ããã«ã€ããŠã¯ãå®éã«ã¯ããªã次第ã§ãã SCMP_ACT_ERRNO()
ã¯ããã¹ãŠã®ã·ã¹ãã ã³ãŒã«ã§æ©èœããŸãã ãããŠãããªãã®ããã°ã©ã ããããåŠçãããŠãŒã¶ãŒã«ãšã©ãŒãè¿ããã®ã«ãªãã®ã§ãããªãã¯ããªãã«æé©ãªerrnoãéžã¶ããšãã§ããŸãã å®éããããŸããªãã®ïŒããšãã°ã ENOTBLK
ãéžæããããšã¯ããšã©ãŒãseccompãåŒã³åºãããããã¯ããããšã«ãããã®ã§ããããšã
tl; dr-䞊åã«ãŒãã§åé¡ãæ€åºããŸãããã«ãŒããå®äºãããŸã§åé¡ã®åŠçãåŸ ã¡ãŸãã ã·ã¹ãã ã³ãŒã«ã倱æãããããã«ãŒãå ã«é²åŸ¡ã³ãŒãã£ã³ã°ãè¿œå ããå¿ èŠãããå ŽåããããŸãã
@ kloetzl-åé¡ïŒ96ã調ã¹ãŠãOpenMPã§ã©ãã ãããŸãæ©èœãããã確èªããŸãã ããããŸãå¥ã®è§£æ±ºçãããããŸããã ããããšãïŒ
ãããŠãããªãã®ããã°ã©ã ããããåŠçãããŠãŒã¶ãŒã«ãšã©ãŒãè¿ããã®ã«ãªãã®ã§ãããªãã¯ããªãã«æé©ãªerrnoãéžã¶ããšãã§ããŸãã å®éããããŸããªãã®ïŒENOTBLKãªã©ïŒãéžæããããšã¯ããšã©ãŒãseccompãåŒã³åºãããããã¯ããããšã«ãããã®ã§ããããšãç¥ãæ¹æ³ã§ããå¯èœæ§ããããŸãã
ã€ãŸãã madvise
ã¯malloc
è
žã®å¥¥æ·±ãã§åŒã°ããŸãã ãããã£ãŠãç§ã¯ãšã©ãŒãåŠçãã人ã§ã¯ãããŸãããglibcã¯ããã§ãã ãããã£ãŠãåé¡ã¯ãglibcïŒããã³syscallãå®è¡ããä»ã®ãã¹ãŠã®ã©ã€ãã©ãªïŒã¯ãsyscallãmanããŒãžã«èšèŒãããŠãã以å€ã®ãšã©ãŒãè¿ããé©åã«åŠçã§ããããšãç¥ã£ãŠããŸããïŒ
åé¡ã¯ãmadviseã¯mallocã®è žã®å¥¥æ·±ããšåŒã°ããŠãããšããããšã§ãã ãããã£ãŠãç§ã¯ãšã©ãŒãåŠçãã人ã§ã¯ãããŸãããglibcã¯ããã§ãã ãããã£ãŠãåé¡ã¯ãglibcïŒããã³syscallãå®è¡ããä»ã®ãã¹ãŠã®ã©ã€ãã©ãªïŒã¯ãsyscallãmanããŒãžã«èšèŒãããŠãã以å€ã®ãšã©ãŒãè¿ããé©åã«åŠçã§ããããšãç¥ã£ãŠããŸããïŒ
ãã...ã奚ãã 確ãã«glibcã³ãŒãã調ã¹ãå¿ èŠããããŸããã次ã®æšæž¬ãå±éºã«ãããããšãããšããªãã§ãããã
madvise
ããšã©ãŒãè¿ãå Žåãglibcã_ééããªã_ãšã©ãŒãè¿ããŸãENOTBLK
ãããªãã«ã¹ã¿ã ããªã¿ãŒã³ã³ãŒããæåŸ
ããŠããå Žåã¯æ³šæãå¿
èŠã§ããç°¡åã«èšããšãglibcã¯_any_ãšã©ãŒã³ãŒããæå¶ãã¹ãã§ã¯ãããŸãããã代ããã«å¥ã®ãšã©ãŒã³ãŒããè¿ãå¯èœæ§ããããŸã
ç§ã¯ããªããã¡ã«è¿œãã€ãããã«ããŠããŸãããOpenMPã®ããã¯ã°ã©ãŠã³ããäžè¶³ããŠããããã«å°ãé
ããŠããã®ã§ã¯ãªãããšå¿é
ããŠããŸã...äžèšã®ã³ã¡ã³ãã«åºã¥ããšã KILL_PROCESS
ã¯ããã§å®è¡å¯èœãªè§£æ±ºçã«ãªãå¯èœæ§ããããŸããïŒ ãããããªããv2.4ãªãªãŒã¹ã®åã«å¯ŸåŠãã¹ãããšã®ç§ã®ãªã¹ãã«ãããŸããããã®åé¡ã®åªå
é äœãäžããããšãã§ããŸãã
@ pcmoore-ã¯ãã KILL_PROCESS
ã¯ãã®ãã°ã®å®è¡å¯èœãªè§£æ±ºçã ãšæããŸãã äžèšã®@kloetzlã®ãã¹ãããã°ã©ã ãKILL_PROCESS
ã¢ã¯ã·ã§ã³ã䜿çšããŠãã¹ãããŸãããããã³ã°ã¯çºçããªããªããŸããã
ç§ã¯ãããå®è£ ããŸããããçŸåšãPythonã®èªåãã¹ãã§ããã€ãã®åé¡ã«ã¶ã€ãã£ãŠããŸãã æ¥é±ããããåºãå¿ èŠããããŸãã
@drakenclimberããããããïŒ ç§ã¯ãããã倧奜ãã§ã:)
ã¿ããªããããšãã
KILL_PROCESS
ã§åé¡ã解決ããããšã確èªã§ããŸããArchã§ããŒã«ã«ããŒãžã§ã³ã®libseccompããããã³ã°ãããšããããã¹ãããã°ã©ã ãæå³ãããšããã«å€±æããŸããã ãã ãã確å®ãªãã¹ããæäŸããããããç°ãªãã«ãŒãã«ã§å®è¡ããããšã¯ããã倧ããªèª²é¡ã«ãªãå¯èœæ§ããããŸãã
確èª@kloetzlãããããšãã
ã¯ããé©åãªãã¹ããæžãã®ã¯é¢åã§ãããããã¯éèŠã§ãã IMHOããã¹ãããã³ãŒããšåããããéèŠã§ãã
@drakenclimberããã®PRã楜ãã¿ã«ããŠããŸããã³ãŒããå ¬éãããããããå°ã話ãåãããšãã§ããŸãã
ç§ã¯ããã€ãã®COVID-19æ¥ã®å€§æé€ãããŠããŸãããããŠç§ãã¡ã¯ããªãã®åé¡ã解決ãããšæããŸããããã¯æ£ãã@kloetzlã§ããïŒ ãã®åé¡ãã¯ããŒãºããŸãããééã£ãŠããŠãåé¡ã解決ããªãå Žåã¯ããç¥ãããã ãããåéããŸãã
æãåºãããŠãããŠããããšããç§ã¯èªåã®åŽã§å°ããã¹ãããŸããã
ãã®åé¡ã¯ã»ãšãã©ä¿®æ£ãããŠããŸãããå°ããªåé¡ããããŸãã ç¡å¹ãªã·ã¹ãã ã³ãŒã«ãçºçãããšãã«ãããã°ã©ã ãéæ¹ã«æ®ããããšã¯ãªããªããŸããã SCMP_ACT_TRAP
ãããšãäžæ£ãªã·ã¹ãã ã³ãŒã«ã®ååãçæããããšãã§ããŸãã ãã ããOpenMPã¯ã·ã°ãã«ãã³ãã©ãŒãäžæžããããããè€æ°ã®ã¹ã¬ãããçæããããšãããã©ã«ãã®ãšã©ãŒã¡ãã»ãŒãžã«ãã©ãŒã«ããã¯ããŸãã ãŠãŒã¶ãŒãšã¯ã¹ããªãšã³ã¹ã®èŠ³ç¹ãããç§ã¯ãã®åäœã奜ãã§ã¯ãããŸãããããããåŸãããã®ãšåããããè¯ããšæããŸãã
ãããã¯ããlibseccompã§ã·ã°ãã«ãã³ãã©ãäžæžããããããšã«ã€ããŠç§ãã¡ã«ã§ããããšããããããããã©ããã¯ããããŸãããç³ãèš³ãããŸããã
æ®ãã®éšåãæ©èœããããšããç¥ããããã ãããããšãããããŸãã