Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Linux Mode 2 Seccomp Tutorial
Search
bachi/yuzuhara
December 12, 2013
Technology
1
7k
Linux Mode 2 Seccomp Tutorial
The presentation introduces Linux mode 2 secccomp.
bachi/yuzuhara
December 12, 2013
Tweet
Share
More Decks by bachi/yuzuhara
See All by bachi/yuzuhara
セキュリティ・キャンプ2019 Z2. ELFマルウェア検知エンジンの試作 成果報告
yuzuhara
1
860
wrapup_z_2018.pdf
yuzuhara
0
390
セキュリティ・キャンプ2017 集中Zトラック成果報告
yuzuhara
0
1.4k
How to Survey for Research (system/w Security Fields)
yuzuhara
0
370
capsicum(論文輪講)
yuzuhara
0
410
Other Decks in Technology
See All in Technology
急成長を支える基盤作り〜地道な改善からコツコツと〜 #cre_meetup
stefafafan
0
120
Кто отправит outbox? Валентин Удальцов, автор канала Пых
lamodatech
0
330
Node-RED × MCP 勉強会 vol.1
1ftseabass
PRO
0
140
GitHub Copilot の概要
tomokusaba
1
130
米国国防総省のDevSecOpsライフサイクルをAWSのセキュリティサービスとOSSで実現
syoshie
2
1k
Oracle Audit Vault and Database Firewall 20 概要
oracle4engineer
PRO
3
1.7k
AWS アーキテクチャ作図入門/aws-architecture-diagram-101
ma2shita
29
10k
生成AIでwebアプリケーションを作ってみた
tajimon
2
140
20250623 Findy Lunch LT Brown
3150
0
850
Welcome to the LLM Club
koic
0
160
Azure AI Foundryでマルチエージェントワークフロー
seosoft
0
180
Javaで作る RAGを活用した Q&Aアプリケーション
recruitengineers
PRO
1
100
Featured
See All Featured
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
15
1.5k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
107
19k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
30
2.1k
What's in a price? How to price your products and services
michaelherold
246
12k
Java REST API Framework Comparison - PWX 2021
mraible
31
8.6k
Done Done
chrislema
184
16k
Build your cross-platform service in a week with App Engine
jlugia
231
18k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
228
22k
We Have a Design System, Now What?
morganepeng
53
7.7k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
248
1.3M
Transcript
H25.08.11 ു ༸ี Linux Seccomp Tutorial ηΩϡϦςΟΩϟϯϓ2013 γεςϜιϑτΣΞθϛิॿࢿྉ 1 138݄12݄༵
Seccompͱ • ਖ਼ࣜʹSecure computing mode ͱ͍͏ɺϓϩηεͷα ϯυϘοΫεԽΛࢧԉ͢ΔΧʔωϧͷΈ • ϓϩηε͕ࣗൃతʹγεςϜίʔϧͷൃߦݖݶΛ์غ ͢Δ
• Ͳ͏͍͏ͱ͖ʹ͏ͷ͔ʁ • ͜ͷϓϩηε͜Ε͔Βո͍͠σʔλΛѻ͍·͢Αɺͱ͍ ͏ͱ͖ʹઃఆ͢Δ • ͦͷޙɺϓϩηε͕ൃߦͰ͖ΔγεςϜίʔϧ͕ஶ੍͘͠ ݶ͞ΕΔͨΊɺϓϩηε͕ͬऔΒΕͯ΄ͱΜͲԿͰ ͖ͳ͘ͳΔ 2 138݄12݄༵
Mode 1 Seccomp • Linux kernel 2.6.12͔ΒϚʔδ͞ΕͨɺγεςϜίʔϧͷ ϑΟϧλ • ϓϩηε͕prctl_set_seccomp()ΛݺͿͱɺ͔ͦ͜ΒҎԼͷγ
εςϜίʔϧ͔͠ൃߦͰ͖ͳ͘ͳΔ • read,() write(), exit(), sigreturn() • fork()ͱ͔execve()͕͑ͳ͍→߈ܸ͞Εͨͱ͖ɺ΄ͱΜͲԿ ग़དྷͳ͍ʂ process secure computing mode fork() read() 3 138݄12݄༵
Mode 2 Seccomp • Linux Kernel 3.5͔ΒϚʔδ͞ΕͨɺMode 2 seccompΛஔ ͖͑ΔΈ
• Mode 1ͱҧ͍ɺҙͷγεςϜίʔϧΛڐՄ͢Δ͜ͱ ͕Ͱ͖Δ • Berkley Packet FilterΛϕʔεʹɺߴʹγεςϜίʔϧ ΛϑΟϧλϦϯά͢Δ͜ͱ͕ग़དྷΔ • ͜ͷͨΊɺseccomp-bpfͱݺΕΔ͜ͱ͕ଟ͍ • ͪͳΈʹFedoraͰsyscall filterͱݺͿ • seccomp 2ͱ͔seccomp mode 2ͱ͔දه༳Ε͕ଟ͍ ( ꒪⌓꒪) 4 138݄12݄༵
Berkley Packet Filter(bpf)Λϕʔεʹɾɾɾ • bpfͷྺ࢙Έলུ • ಛ • ύέοτΛޮΑ͘ϑΟϧλϦϯά͢ΔͨΊɺϑΟϧλϦ ϯάϧʔϧʹಛԽͨ͠ॲཧܥ͕ಈ͍ͯΔʢVMͱ͍͍͍ͬͯ
Ϩϕϧʣ • ڪΔ͖ɺJITΛαϙʔτ͍ͯ͠ΔʢΧʔωϧͰʂʣ • ͜ͷͨΊɺ͔ͳΓෳࡶ mode 2 seccomp͜ͷbpfΛͬͯγεςϜί ʔϧΛϑΟϧλϦϯά͍ͯ͠ΔͨΊɺbpfͷ ͕ࣝແ͍ͱ͑ͳ͍ 5 138݄12݄༵
Mode 2 seccompͷԠ༻ྫ • Google Chromium • Ubuntu 12.04͔Βར༻ՄೳʢKernel3.2͕ͩɺbackport͞Ε ͍ͯΔʣ
• vsftpd3.0.0͔ΒMode 2 seccompΛ͍ͬͯΔΒ͍͠ ※ͲͪΒϓϩηεΛαϯυϘοΫεԽ͢ΔͨΊɺ ݩʑׂϢʔβʔʹΑͬͯϓϩηεׂ͞Ε͍ͯΔ 6 138݄12݄༵
ϓϩηεׂ ʴ mode 2 seccomp = ࠷ڧʂ 7 138݄12݄༵
Using simple seccomp filters • ͔͠͠ɺݱঢ়͔ͳΓ͍͜ͳ͢ͷ͕͍͠ • bpfΛڧҾʹୟ͍͍ͯΔͨΊ • ґଘ͕ؔෳࡶɺݩʑbpf͜Μͳ༻్ఆͯ͠ͳ͍
• ԼهURLΛࢀরɻʢશવsimple͡Όͳ͍ɾɾʣ http://outflux.net/teach-seccomp/ 8 138݄12݄༵
libseccomp Tutorial 9 138݄12݄༵
αϯυϘοΫεԽͷ४උ • ո͍͠σʔλεΫϦϓτΛ”࣮ߦ”ͨ͠Γ”ղऍ”͢Δ ෦͕Ұ൪੬ऑ • σʔλΛόΠτྻͱͯ͠ಡΈऔΔ͚ͩͳΒͦΜͳʹةݥ͡ Όͳ͍ • ͜ͷ෦Λ্ख͘αϯυϘοΫεԽ͢ΔΑ͏ʹϓϩάϥϜ Λઃܭ
10 138݄12݄༵
Main mission: Securing mruby • mrubyΛηΩϡΞʹ࣮ߦͰ͖ΔϑϨʔϜϫʔΫΛ࡞ͬͯ ΈΑ͏ • ͜ͷϑϨʔϜϫʔΫΛͬͯɺ”۠ըԽ”ͨ͠΄͏͕ྑ͞ ͦ͏ͳΦϦδφϧΞϓϦέʔγϣϯΛઃܭɺ࣮͠Α͏
Master process mruby process IPC Sandboxing by Mode 2 seccomp mruby code(string) result(char[]) 11 138݄12݄༵
ϓϩηεׂ • σʔλͷΓऔΓpipeΛ͏ • mruby࣮ߦ෦Λfork()͢Δ • ͜ΕͰͻͱ·ͣɺmruby͕ͯ͠େৎ✌('ω'✌ )ࡾ ✌('ω')✌ࡾ( ✌'ω')✌
• ࢠϓϩηε͕ͨ͠Γམͪͯɺੜ͖Δ 12 138݄12݄༵
αϯυϘοΫεԽ • fork() ͨ͠ޙʹɺࣗࣗΛαϯυϘοΫεԽ͢Δ • seccomp_init(SCMP_ACT_KILL);ͰॳظԽ • seccomp_rule_add();ͰڐՄ͢ΔγεςϜίʔϧΛࢦఆ͍ͯ͠ ͘ •
seccomp_load();Ͱ४උྃ • seccomp_release();ͰෆཁͳݖݶΛશ෦ख์͢→αϯυϘο ΫεԽʂ 13 138݄12݄༵
sample • seccamp2013_sandbox/samples/libseccomp_base.c • γεςϜίʔϧ͕ݺͳ͘ͳΔྫ • seccamp2013_sandbox/ samples/ libseccomp_sample.c •
͍͔ͭ͘ͷγεςϜίʔϧΛڐՄͨ͠ྫ • read, writefile descriptorΛࢦఆͯ͠ڐՄ͢Δ ͜ͱՄೳ 14 138݄12݄༵
͓ΘΓ • αϯυϘοΫεপʹΑ͏ͦ͜ʂ 15 138݄12݄༵