CRIUとSeccomp / criu-and-seccomp-and-me

Transcript

1. ۙ౻Ӊஐ࿕ / GMO Pepabo, Inc. ୈ14ճ ίϯςφٕज़ͷ৘ใަ׵ձ@ΦϯϥΠϯ 2021/04/17 CRIUͱseccompͱ ֨ಆͨ͠࿩

   ʙશͯ͸ര଎ىಈͷͨΊͩͬͨʙ *NBHF
   IUUQTQJYBCBZDPNJNBHFTJE
   CZ
   "OUSBOJBT

2. γχΞɾϓϦϯγύϧΤϯδχΞ ۙ౻ Ӊஐ࿕ / @udzura https://blog.udzura.jp/ Uchio Kondo ٕज़෦ ٕज़ج൫νʔϜ

   @ GMOϖύϘ ΤϯδχΞΧϑΣʢ෱Ԭࢢ੺ẂנจԽձؗʣ αϙʔλʔ #Ruby #mruby #Rust #Containers #eBPF #CRIU #Seccomp #RubyKaigi #CloudNativeDays #Zumba #γϨϯ #FitBoxing2 --- ޷͖ͳγεςϜίʔϧʁ ΍ͬͺΓ unshare(2) Ͱ͢Ͷɻ

3. αϙʔλʔͯ͠·͢
   
   !
   ΤϯδχΞΧϑΣ
   ෱Ԭࢢ੺ẂנจԽؗ

4. ToC •੿࡞CRIUϥούʔ “Miehistö” ʹ͍ͭͯ •೚ҙͷΞϓϦέʔγϣϯΛ೚ҙͷՕॴͰμϯϓ͢Δٕज़ͷ࣮ݱ •seccomp + SCMP_ACT_TRACE ʹΑΔख๏ •seccomp

   + SCMP_ACT_NOTIFY ʹΑΔख๏ wͦͯ͠఻આ΁
   

5. ɹɹ(Caveats) •Seccomp ͕ςʔϚͳͷʹ൒෼͙Β͍CRIUͷ࢖͍ํͷ࿩Λ͠·͢ •·ͱΊͯൃද͢Δػձ͕ͣͬͱͳ͔ͬͨͷͰ... •ॻ͍ͯ͋Δ͜ͱࣗମ͸ɺ ͍͍ͩͨ͜ͷϒϩάͷ಺༰Ͱ͢ • CRIUʹؔ͢Δ࣮૷಺༰ͷίΞ͸2019೥ʹ ॻ͍͓ͯΓɺ΋͔ͨ͠͠Β࠷৽ͷ࠷৽͸ มԽ͋Δ͔΋ɻ

6. CRIU

7. CRIUͬͯ •Linuxʹ͓͍ͯɺϓϩηεͷνΣοΫϙΠϯτɾϦετΞΛ࡞੒͢Δͨ ΊͷϢʔβϥϯυͰͷπʔϧ (Checkpoint-Restore In Userspace) •ίϯςφ͸ϓϩηεͳͷͰɺίϯςφͷνΣοΫϙΠϯτɾϦετΞ Λ࣮ݱ͢ΔͨΊओʹ࢖͏Α͏ʹͳͬͨ https://criu.org/Main_Page

8. ۩ମతʹ •͜͏͍͏༻్Λ૝ఆͯ͠ΔΒ͍͠ɻ (https://criu.org/Usage_scenarios) •ίϯςφͷϥΠϒϚΠάϨʔγϣϯ •ىಈ͕஗͍ΞϓϦέʔγϣϯͷߴ଎Խ •σεΫτοϓ؀ڥͷαεϖϯυɾϨδϡʔϜ •ແఀࢭʢʹݟ͔͚ͤΔʣΧʔωϧΞοϓάϨʔυ •ͳͲͳͲ...

9. ࠷ۙͷCRIU •3.13(Sep 11, 2019) ... libcriu.a ͕ϏϧυͰ͖ΔΑ͏ʹͳͬͨ by @udzura •3.14(π,

   Apr 29, 2020) ... clone3(2)ͱTime NS support, ଞ •3.15(Nov 04, 2020) ... MIPS support, cgroup v2 support, PID NS಺෦ ΁ͷϦετΞ, ... ଞ •Still developing... ຊൃදͷ$3*6ͷόʔδϣϯ͸Ͱ͢

10. CRIU͍͍Ͷʂ •ૣ଎࢖ͬͯΈΑ͏ʂ... ❓  ❓❓ $3*6
    
    Ͱ͸ҰԠ
    ͜ΕͰ0,ɻ͔͠͠ ଓ

11. CRIUͬͯͲ͏࢖͏ͷ...ʁ •CRIUɺͦ΋ͦ΋ʮͪΌΜͱಈ͔͢ʯͷ͕೉͍͠ •ϝϞϦͷଞʹ΋ɺFile Descriptor/tty/socket ͦͷଞͷѻ͍... •ϦετΞޙʹPID͕ॏෳͯ͠Δͱ࠶ੜͰ͖ͳ͍ •͜ͷʮΠϝʔδʯతͳ΍ͭͬͯͲ͏؅ཧ͢Ε͹͍͍Μͩʁ

12. طʹ૊Έࠐ·ΕͨCRIUΛ࢖͏ʁ •ίϯςφϥϯλΠϜʹ૊Έࠐ·Εͨcheckpoint/retoreΛ࢖͏ख΋͋Δ ͕ɺϥϯλΠϜʹΑΓૢ࡞͕ҧ͏֮͑͠ΒΕͳ͍... •ͦ΋ͦ΋طଘͷ σʔϞϯ͕ ίϯςφ͡Όͳ͍ɺͱ͔ IUUQTTQFBLFSEFDLDPNVE[VSBNJFIJTUPBSFDPNNFOEFETUBDLUPJOUFHSBUFDSJVJOUPFYJTUJOHTZTUFNT TMJEF
    

13. ͳͷͰॻ͍ͨ

14. Miehistö (Έ͑ͻͯ͢) • (ex. Grenadine) • Miehistö = “CREW” in

    Finnish NJF 㷺IJTU”

15. Miehistö ͱ͸ •CRIUΛͳΔ΂͘ී௨ͷϓϩηεʹରͯ͠ద༻͠΍͘͢͢ΔɺҰ࿈ͷ πʔϧϥούʔ •miehistod: αʔϏε΍ΠϝʔδΛ ؅ཧ͢ΔதԝσʔϞϯ •mhctl: ΫϥΠΞϯτ •runmh:

    CRIU͠΍͍͢ϓϩηεΛ ࡞ΔҰछͷϥϯλΠϜ Έ͑ͻͯ͢Ͱ͌ʔ Ήʔ͜ΜͱΖʔΔ ΒΜΉʔ

16. runmh ͕͍ͯ͠Δ͜ͱ •ͳΔ΂͘ʮී௨ʹVMʹ্ཱͪ͛ͨϓϩηεʯͱಉ͡؀ڥͰ্ཱͪ ͕͍ͬͯΔঢ়ଶͷϓϩηεΛ࡞Δ •ͦͷ্ͰɺCRIUͰͷμϯϓ/ϦετΞͷোนʹͳΔΑ͏ͳ৚݅Λ֎ ͠ɺCRIU-readyͳঢ়ଶʹ͢ΔҰ࿈ͷૢ࡞Λߦ͏

17. ۩ମతʹ͸... •·ͣɺPID Namespace Λ෼཭͠ɺPIDΛ1͔Β࢝ΊΔඞཁ͕͋Δ •→ clone(2) ʹΑΓִ཭͠ɺ /proc ϑΝΠϧγεςϜΛࣗ෼ͰϚ΢ϯτ •→

    ͦͷͨΊɺMount namespace΋ִ཭

18. Mount namespace/root ͷ෼཭ •/proc ΛϚ΢ϯτ͠௚͢ͷͰMount NS΋unshared •ಠཱͨ͠ɺ͔ͭϗετͱେମಉ͡root filesystem͕ඞཁ •࡞Γํ: •ԾͷσΟϨΫτϦʹ

    / Λbind mountɺ/devͳͲ΋ݸผʹbind mount •ͦ͜ʹpivot_root͢Δ(chroot ͸μϝɺͦͷMount NSͰೝࣝ͞ΕΔ rootΛૠ͛ସ͑Δඞཁ͕͋ΔͨΊ)

19. ͦͷଞ •tty΍ɺrootͷ֎ʹ͋ΔϑΝΠϧΛࢀর͍ͯ͠Δͱμϝ: •stderr/out͸root಺ͷϑΝΠϧΛ։͖௚͢ •ʢϩάϑΝΠϧ͸ O_WRONLY|O_APPEND Ͱ։͍͍ͯͳ͍ͱμϝʣ •setsid() ΛݺΜͩηογϣϯϦʔμʔ͕process treeͷrootͰ͋Δඞཁ ͕͋ΔͷͰݺͿ

20. ࣮૷ͷΠϝʔδ /&8/4
    /&81*%
    ͷϑϥάΛ༩͑ͯDMPOF  )PTUSPPU
    
    ΛผͷՕॴʹ
    CJOE
    NPVOU TFUTJE QJWPU@SPPU GE
    ΛEFWOVMM

    GE
    
    ΛݱࡏͷSPPU಺෦ͷϑΝΠϧʹ͠
    0@830/-:c0@"11&/%
    Ͱ։͘ ର৅ϓϩάϥϜʹFYFD

21. ͜ΕͰμϯϓ͸࣮֬ʹ੒ޭ™͢Δɻ •ߟྀͰ͖͍ͯͳ͍͜ͱ͸·ͩ࢒͍ͬͯΔ͔΋ɻ

22. μϯϓ·Ͱ͸҆ఆ͚ͨ͠Ͳ... •ϦετΞɺͲ͏͠·͠ΐ͏ͱ͍͏࿩ •ૉ௚ʹ͸ɺͰ͖ͨΠϝʔδΛ༻͍ͯCRIUίϚϯυΛୟ͚͹ݩͷϓϩη ε͕ϦετΞ͞ΕΔ͕... •miehistodαʔϏεͰϦετΞલ/ϦετΞޙͷϓϩηεΛ౷Ұతʹ؅ ཧ͍ͨ͠ɻͳͷͰɺϦετΞޙͷϓϩηεΛmiehistodͷԼʹͿΒԼ ͍͛ͨɻͲ͏͢Ε͹͑͑ͶΜɻ

23. ϦετΞʹ͍ͭͯ •Miehistöͷཁ্݅ɺϦετΞ͞Εͨϓϩηε΋miehistod(runmh)Ͱ؅ ཧ͍ͨ͠ɻͳͷͰ೚ҙͷϓϩηεͷࢠϓϩηεͱͯ͠ϦετΞ͢Δඞ ཁ͕͋Δ... ͦΜͳͷͰ͖Δʁ •ӈͷΑ͏ͳ͜ͱΛ͢Δࡍɺ runmh -> criu ->

    ruby criu͕ফ͑ͨΒ... μϝ ໨ࢦ͍ͯ͠ΔϓϩηεπϦʔ

24. miehistö ͰͷϦετΞ࣮૷ •miehistod ͷԼͰ criu restore ΛݺͿ •ͦͷࡍʹɺ --exec-cmd ͱ͍͏ΦϓγϣϯΛར༻͠ɺ

    ϦετΞޙʹcriuίϚϯυࣗ਎ΛrunmhϓϩάϥϜʹexec͢Δ • ਌ΛrunmhɺࢠΛϦετΞޙͷίϚϯυͱ͍͏ϓϩηεπϦʔΛ࡞੒͍ͨͨ͠Ί •·ͨɺbind mountͷѻ͍ʹ͍ͭͯcriu restoreʹ౉͢ඞཁ͕͋Δ •--external Φϓγϣϯʹ͍ͭͯ

25. ͜͏͍͏criuίϚϯυΛੜ੒࣮ͯ͠ߦ͢Δ •ͪͳΈʹCRIUʹ͸ΫϥΠΞϯταʔόಈ࡞(libcriuܦ༝)ͱɺίϚϯυ ௚઀ىಈʹΑΔಈ࡞ͷϞʔυ͕ଘࡏ͢Δɻࠓճͷέʔε͸ɺϓϩηε μϯϓ͸ΫϥαόͰOKɺϓϩηε࠶ੜ͸ίϚϯυͰͳ͍ͱෆՄɻ

26. --exec-cmd •criuίϚϯυͰɺϓϩηεΛϦετΞ͠spwanͨ͠ޙʹɺݩͷcriuίϚ ϯυࣗମΛผͷϓϩάϥϜʹexecͯ͠͠·͏͜ͱ͕Ͱ͖Δɻ •ͦ͏͢ΔͱʮϦετΞޙͷϓϩηεΛ௚઀wait͢ΔϓϩάϥϜʯΛࠩ ͠ସ͑ΒΕΔͷͰɺࠓճͷΑ͏ʹεʔύόΠβʔతͳϓϩάϥϜΛ࡞ ੒͢Δ্Ͱศརɻ •miehistod -> runmh ->

    (ϦετΞޙϓϩηε) ͷπϦʔ͕׬੒

27. ਌ͷ͛͢ସ͑ͷΠϝʔδਤ IUUQTTQFBLFSEFDLDPNVE[VSBNZDSJVMJGFJOQSPHSFTT TMJEFɹ

28. External bind mounts •root͔Βݟͯ֎෦σΟϨΫτϦΛBind mount͍ͯ͠Δ৘ใ͸ɺdump/ restore࣌ʹࣗಈݕ஌͞Εͳ͍ͷͰɺ໌ࣔతʹࢦఆ͢Δඞཁ͕͋Δɻ •dump࣌ʹˠ ֎෦Bind mountઌΛن໿ͰܾΊ͍ͯΔͷͰɺͦΕΒͷ ৘ใΛ

    --external ૬౰ͷΦϓγϣϯͱͯ͠criuαʔϏεʹ౉͢ •restore࣌ʹˠ ҎԼͷΑ͏ͳܗࣜͰίϚϯυʹ౉͢ --external mnt[__pids-d05739ddd0a12dd5040494c20461a197]:/sys/fs/cgroup/pids IUUQTDSJVPSH&YUFSOBM@CJOE@NPVOUT
    

29. ͜ΕͰϦετΞ΋Ͱ͖ΔΑ͏ʹɻ

30. ࠓ೔CRIUͰ࿩͍ͯ͠ͳ͍͜ͱ •MiehistöͰະ࢖༻ͷΦϓγϣϯ: --cgroup-root, --action-script ͳͲ •swrkϞʔυͷ࿩ ͍͔ͭ࿩͢ػձ͕དྷΔΜͰ͠ΐ͏͔
    Ϣʔεέʔε͕ͲΕ΋χονͳΜͰ͚͢Ͳ
    Ұ෦͸ʮ$3*6ΛϗεςΟϯάͰࢼ͍ͯ͘͠
    IPTUJOHDBTVBMʯ
    Ͱ΋࿩͍ͯ͠·͢
    IUUQTTQFBLFSEFDLDPNVE[VSBNZDSJVMJGFJOQSPHSFTT
    

31. ΞϓϦέʔγϣϯΛࢭΊΔ

32. ΍Γ͍ͨʢ͔ͬͨʣ͜ͱ •ʮΞΫηε࣌ʹॳΊͯىಈ͢ΔʯΞʔΩςΫνϟͰɺॳճىಈͷΦʔ όϔουΛۃݶ·Ͱ௿ݮ͍ͨ͠ •FastContainer (ref: https://rand.pepabo.com/article/2017/06/28/iot38-matsumotory/) •਎ۙͳ΋ͷͰ͸Herokuͱ͔Cloud Runͱ͔

33. ϓϩηεͷࣄલμϯϓͱ͍͏ख๏ •ࣄલʹίϯςφͷϝϞϦμϯϓΛ࡞ͬͯɺ͔ͦ͜Βىಈ͢Ε͹ɺ ྫ͑͹εΫϦϓτݴޠʹΑΔϑϧελοΫϑϨʔϜϫʔΫͷΑ͏ʹɺ ىಈϓϩηεʹ͕͔͔࣌ؒΔΞϓϦέʔγϣϯͰ΋ ىಈͷΦʔόϔουΛ௿ݮͰ͖ΔͷͰ͸ͳ͍͔ɺͱߟ͑ͨɻ •ʢϗεςΟϯάαʔϏε಺෦Ͱ࢖͍͔ͨͬͨͷͰɺͳΔ΂͘ΞϓϦͷ ੑ࣭ʹΑΒͳ͍൚༻తͳํ๏ʹ͔ͨͬͨ͠എܠ΋͋Δʣ

34. cf. strace -c rails s •rails newͯ͠΄΅CRUDͻͱͭ௥Ճ͚ͨͩ͠ͷΞϓϦɺͷىಈ RAILS_ENV=production •΄΅openͱstat ϑΝΠϧૢ࡞

    •͜ΕΒͷopenΛશ෦ εΩοϓͰ͖Ε͹଎ͦ͏

35. ͍ͭࢭΊΔʁ •ͳΔ΂͘ʮঢ়ଶ͕ͳ͍ʯλΠϛϯάͰࢭΊ͍ͨ •ͨ͘͞ΜޙΖͷDBͱestablishͯ͠ɺ઀ଓ΋ΊͬͪΌड͚ࢭΊͯͯ... ͳঢ়ଶͰ΋ɺCRIUͰνΣοΫϙΠϯτͰ͖ΔͩΖ͏͕ɺෆཁͳτϥ ϒϧͱͦͷγϡʔτ͕ى͜Γͦ͏ɻ •͋Δఔ౓ػցతʹࢭΊΔλΠϛϯάΛܾఆ͍ͨ͠ •ྫ͑͹ɺॳճͷ listen(2) ͳͲͷλΠϛϯάͰఀࢭ͢Δͷ͸Ͳ͏͔ɻ

36. seccomp (SCMP_ACT_TRACE)

37. listen(2) ʹϑοΫͯ͠ͳΜ͔͍ͨ͠ •͍ͭʹseccomp͕ग़ͯ͘Δ... •seccomp͸ɺ୯७ͳallowlist/denylistͷ΄͔ɺࢦఆͨ͠γεςϜίʔϧ ݺͼग़͠ͷࡍʹptrace(2)ܦ༝Ͱ௨஌ΛૹΔΦϓγϣϯ͕͋Δ (SCMP_ACT_TRACE) •ʢͪͳΈʹݺͼग़͢γεςϜίʔϧ൪߸ࣗମΛมߋͰ͖ΔΦϓγϣϯ Ͱɺ͔֬gVisorͳͲͰ࢖ΘΕ͍ͯΔɺΜͰ͢ΑͶ??ʣ

38. SCMP_ACT_TRACE ࢖͍ํ • fork͢Δ • [਌] ptrace(PTRACE_ATTACH); ptrace(PTRACE_O_TRACESECCOMP) ͢Δ •

    [਌] ptrace(PTRACE_CONT) ͢Δ • [਌] waitpid(-1, &status, WUNTRACED | WCONTINUED | __WALL) ͢Δ (-1 ͳͷ͸traceͯ͠Δ͞ΒʹࢠϓϩηεɾεϨουΛ௥͏ͨΊ) • [ࢠ] SCMP_ACT_TRACE ͳseccomp ctxΛϩʔυ͢Δ • [਌] ࢠͰ౰֘γεςϜίʔϧ͕ݺ͹ΕΔͱɺ౰֘ϓϩηεͷ৘ใ͕waitpidͷ໭Γ஋ɺ ptrace(PTRACE_GETEVENTMSG)ɺptrace(PTRACE_GETREGS)ͳͲͰऔಘͰ͖Δ

39. ΍΍͍͜͠ͷͰmrubyͰϥοϓͨ͠ •https://github.com/haconiwa/mruby-seccomp/blob/master/examples/ tracing.rb

40. seccomp + ptrace •SCMP_ACT_TRACE͸γεςϜίʔϧΛݺͼग़͢௚લʹτϨʔεݩϓ ϩηεΛఀࢭ͠ɺτϨʔεઌͷϓϩηεʹ௨஌ΛૹΓɺͦͷ಺༰ʹԠ ͡೚ҙͷॲཧΛͤ͞Δ͜ͱ͕Ͱ͖Δɻ •͕ͨͬͯ͠ɺlisten(2)ͳͲͷγεςϜίʔϧͷݺͼग़͠௚લʹϑοΫɺ criuʹΑΔϓϩηεμϯϓΛ࣮ࢪ͢Ε͹ɺͦͷϓϩηεͷ listen(2)௚લͷঢ়ଶͷμϯϓΛػցతʹऔಘͰ͖Δ... ͸ͣʁ

    •ʢ͜ͷลΓͷΞΠσΞͷݩ͸ @matsumotory ͞ΜͰ͢ʣ

41. ΍ͬͯΈ·͠ΐ͏ •؆୯ͳϥούʔΛט·ͤɺmiehistöͰىಈɺseccompͰఀࢭ •μϯϓʹ੒ޭ͠ͳ͍

42. ptrace ͷΦϓγϣϯ͕όοςΟϯά͢Δʁ •seccompͰͷτϨʔε͸ϓϩηεΛ ptrace(PTRACE_ATTACH) ͯ͠Ξ λονঢ়ଶʹ͠ɺఀࢭঢ়ଶΛݕ஌͢Δ •Ұํɺcriuͷ಺෦Ͱ͸ɺ ptrace(PTRACE_SEIZE) ͰΞλονঢ়ଶʹͯ͠ ptrace(PTRACE_INTERRUPT)

    Ͱ໌ࣔతʹࢭΊ͍ͯΔɻ •ผʑͷΦϓγϣϯͰࢭΊ͍ͯΔͷ͸໰୊ʹͳ͍ͬͯΔՄೳੑ͕͋Δ •͜ͷลΓͷύονΛແཧʹcriuʹ౰ͯͯ΋... • ݁ہseccomp ctx͕ϓϩηε͔Βൈ͚ͳ͍ͨΊɺ2ճ໨ͷ listen() ͕ptrace tracee͕ଘࡏ͠ͳ͍ѻ͍ʹͳΓENOSYS ʹͳΔ?

43. ͪΐͬͱݟ௨͕͠ѱͦ͏ͩ... •ͱ͔ݴ͍ͬͯΔ͏ͪʹผ݅Ͱ๩͘͠ͳͬͨΓ͠ɺSwap outɻ •͜͜·Ͱ͸ɺ ࣮͸2018೥ʹݕূͨ͠࿩ɻ IUUQTICNBUTVNPUPSKQFOUSZɹ

44. (΍ͬͱ) seccomp notification

45. Seccompʹ৽Φϓγϣϯ͕དྷͨ •SCMP_ACT_NOTIFY (seccomp notification) •Կऀͳͷ͔͸ɺ͜͜·ͰͷτʔΫͰօ׬શཧղͨ͠͸ͣ... ຊൃදͷMJCTFDDPNQͷόʔδϣϯ͸Ͱ͢
    Χʔωϧ͸HFOFSJD
    
    6CVOUV
    (SPPWZ

46. Seccomp notificationͷ৔߹͸ʁ •ࢦఆͨ͠γεςϜίʔϧݺͼग़͠Λͨ͠ࡍʹɺผͷϓϩηεʹͲ͏ॲ ཧ͢Δ͔ΛҠৡ͢Δ͜ͱ͕Ͱ͖Δɻ •ͦͷؒɺݩͷϓϩηε͸ϒϩοΫ͍ͯ͠Δ •ͭ·Γɺಉ͡Α͏ʹɺʮ೚ҙͷγεςϜίʔϧݺͼग़͠ʯͰఀࢭ͢Δ ͜ͱ͕Մೳʹ...ʁ

47. ࣮ݧ͢Δ •ӈͷΑ͏ͳ seccomp notif receiver Λ࣮૷͢Δ

48. ϥούܦ༝Ͱىಈ͢Δ •ϥού͸ࠨ •͜ΕΛט·ͤͯىಈ •ͪΌΜͱlistenલͰ ࢭ·Δ 3VMFOPUJGZ
    ͱ͍͏"1*Λ࣮૷ ɹ6/*9υϝΠϯιέοτΛ։͍ͯ
    ɹ4FDDPNQ
    OPUJGZ
    GE
    Λ
    ɹ4FOEP⒎
    Ͱ͖ΔΑ͏ʹ͍ͯ͠Δ

49. ͜ͷͱ͖ࢭ·͍ͬͯΔϓϩηεͷstack͸ •seccomp_do_user_notification ͱ͍͏Ṗͷؔ਺Ͱఀࢭ͍ͯ͠Δ •௨ৗͷΧʔωϧؔ਺ͷҰ෦ͰϒϩοΫ͍ͯ͠Δ •γάφϧɺptraceͳͲͰࢭ·͍ͬͯΔঢ়ଶͰ͸ͳ͍

50. ͜ΕΛμϯϓϦετΞͯ͠΋... •μϯϓ͸ແࣄ੒ޭ͢Δɻ •ϦετΞͯ͠΋ɺENOSYS ͕ग़ͯ͠·͏ɻ

51. ਖ਼ৗʹμϯϓ͸Ͱ͖Δ͕… •ϦετΞͨ͠λΠϛϯάͰɺ৽͍͠ϓϩηε͸ Seccomp Context ͕ ਖ਼ৗʹϋϯυϧ͞Ε͍ͯͳ͍ঢ়ଶʹͳͬͯ͠·͏ •͜͏ͳΔͱɺSCMP_ACT_NOTIFYͰ௨஌͢Δ௨஌ઌ͕ͳ͍ͱ͍͏ঢ়ଶ ʹͳͬͯ͠·͏Α͏Ͱɺͦ͏͍͏৔߹ͷ࢓༷Ͱ͋Δ ʮγεςϜίʔϧ͕ errno=ENOSYS

    Ͱࣦഊ͢Δʯ ͱ͍͏݁Ռʹͳͬͨɻlisten(2)Λਖ਼ৗ࠶։͢Δํ๏͕ͳ͍ɻ

52. Ͱ͸Ͳ͏͢Δ͔ʁ •<ద੾ͳ͍Β͢ͱ΍ΛҾ༻͢Δ>

53. Ͱ͸Ͳ͏͢Δ͔ʁ •ʮ੒ޭͯ͠΋ࣦഊͯ͠΋Կ΋Өڹ͕ͳ͍ʯγεςϜίʔϧΛߟ͑Δ •ྫ͑͹ɺϦΞϧλΠϜγάφϧΛҰͭબΜͰ signal(s, SIG_IGN) •ͦͷγάφϧΛࣗ෼ʹૹΔͱɺԿ΋͠ͳ͍͕ɺ γάφϧ൪߸ͰಉఆՄೳͳ γεςϜίʔϧݺͼग़͠Λ࡞ΕΔ

54. ͦͷϚʔΧʔతγεςϜίʔϧΛ •libcͷlisten(3)ͷݺͼग़͠ͷ௚લʹϑοΫͤ͞Δ •LD_PRELOADΛ༻͍ɺϥούؔ਺Λఆٛ͢Δɻ •͜ΕͰɺ࣮࣭తʹ listen(2) ͷ௚લʹ ϓϩάϥϜΛఀࢭͤ͞ɺ·ͨ࠶ੜ࣌΋ Өڹͳ͘ॲཧΛܧଓͰ͖Δ͸ͣɻ

55. ࠷ޙͷ࣮ݧ •ϥούʔΛ͞Βʹࠨʹมߋ •ىಈˠ Notification receiver ܦ༝Ͱμϯϓ LJMM BOZ
    
    ͷݺͼग़͠Λτϥοϓ
    

    
    ͸
    4*(35."9
    
     -%@13&-0"%
    ΛFYFD࣌ʹࢦఆ

56. ࠓճͷμϯϓ͸ɺϓϩηε࠶ੜʹ੒ޭ͢Δ

57. None

58. ͪͳΈʹ... •LD_PRELOADΛ࣋ͪग़ͨ࣌͠఺ͰͳΜͰ΋ΞϦ͸..... •ͱࢥͬͯɺͨͱ͑͹ӈͷΑ͏ʹίʔυΛม͑ͯΈͨɻ •݁Ռ →ίϯςφԽ(PID unshared)͍ͯ͠ΔͷͰɺ ࣗ෼ࣗ਎͕PID=1ʹͳͬͯSIGSTOPΛແࢹɻ • ݁ہίϯςφ಺ͷinit processΛ࣮֬ʹࢭΊΔʹ͸seccomp͔͠ͳ͍Α͏ʹࢥΘΕͨɻ

    ߟྀ࿙Ε͕͋Ε͹ڭ͍͑ͯͩ͘͞ɻ

59. ·ͩݕ౼͍ͯ͠ͳ͍͜ͱ •ϚϧνεϨουΞϓϦέʔγϣϯ... ͸Ͳ͏͍͏;͏ʹࢭ·Δͷ͔ •ͱݴͬͯ΋࠷ॳͷݺͼग़͠Ͱࢭ·Δʁ ͷ͔ͳʁ •LD_PRELOAD ͕Կ͔ͷཧ༝Ͱ࢖͑ͳ͍࣌ •libcΛͦ΋ͦ΋࢖ͬͯͳ͍࣌ʢಛʹGoʣ •syscall͕௚઀ݺͼग़͞ΕΔ࣌ ....

60. ͓͜ͱΘΓ •ߥ౜ແܤͳ͜ͱΛ͍ͯ͠Δ͜ͱ͸ঝ஌͍ͯ͠·͢ɻ •໘നLinuxωλͱͯ͠ফඅ͍͚ͨͩΕ͹޾͍Ͱ͢ •ࣅͨΑ͏ͳ͜ͱΛ΋ͬͱ͏·͘΍͍ͬͯΔྫ͕஌ΕͨΒخ͍͠ •ͱΓ͋͑ͣɺ2018೥ͷ಄͔Βஅଓతʹपลͷ࣮૷Λଓ͚͖ͯͨҰ࿈ͷ ݚڀΛɺ͜ͷػձʹڙཆͰ͖Ε͹ͱࢥ͍ɺ͓࣌ؒΛ͍͖ͨͩ·ͨ͠ɻ ͝ਗ਼ௌʹײँ

61. ࢀߟهࣄͳͲ •அଓతʹॻ͍ͯΔseccompͱMiehistöͷϒϩά • ʮmrubyͱseccompͱptraceͰγεςϜίʔϧΛͱʹ͔͘௥͍͔͚Δʯ(2017/04) • ʮGrenadine: ʮී௨ͷΞϓϦέʔγϣϯʯ͕νΣοΫϙΠϯτ/ϦετΞͷԸܙΛڗड͢Δʯ (2019/03) • ʮWSAݚڀձ

    ୈ7ճ ͰCRIUͱMiehistöͷൃදΛ͠·ͨ͠ #WSAݚʯ(2020/11) • ʮ೚ҙͷϥΠϒϥϦίʔϧͰϓϩάϥϜΛఀࢭ͠ɺىಈ༻ͷCRIUΠϝʔδΛ࡞੒͢ΔΞϓ ϩʔνʹ͍ͭͯʯ(2020/12) IUUQTVE[VSBIBUFOBCMPHKQ