Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2026-01-07 19:21:09 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

swtpm: Enable support for seccomp profile

Browse Source 
Enable support for the seccomp blacklist profile that is
enabled by default and can be disabled using the following option:

--seccomp action=none

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
This commit is contained in:
Stefan Berger 2019-03-14 10:18:22 -04:00 committed by Stefan Berger
parent 2dd48f6887
commit 07dfd95887
3 changed files with 97 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
src/swtpm/cuse_tpm.c
View File

@ -58,6 +58,10 @@
#include <glib.h>
#ifdef WITH_SECCOMP
# include <seccomp.h>
#endif
#include <libtpms/tpm_library.h>
#include <libtpms/tpm_tis.h>
#include <libtpms/tpm_error.h>
@ -75,6 +79,7 @@
#include "main.h"
#include "utils.h"
#include "threadpool.h"
#include "seccomp_profile.h"
/* maximum size of request buffer */
#define TPM_REQ_MAX 4096
@ -129,6 +134,8 @@ struct cuse_param {
char *piddata;
char *tpmstatedata;
char *localitydata;
char *seccompdata;
unsigned int seccomp_action;
};
/* single message to send to the worker thread */
@ -217,6 +224,15 @@ static const char *usage =
"-r|--runas <user> : after creating the CUSE device, change to the given\n"
" user\n"
"--tpm2 : choose TPM2 functionality\n"
#ifdef WITH_SECCOMP
# ifndef SCMP_ACT_LOG
"--seccomp action=none|kill\n"
# else
"--seccomp action=none|kill|log\n"
# endif
" : Choose the action of the seccomp profile when a\n"
" blacklisted syscall is executed; default is kill\n"
#endif
"-h|--help : display this help screen and terminate\n"
"\n";
@ -1289,17 +1305,27 @@ static void ptm_init_done(void *userdata)
/* at this point the entry in /dev/ is available */
if (pidfile_write(getpid()) < 0) {
ptm_cleanup();
exit(-13);
ret = -13;
goto error_exit;
}
if (param->runas) {
ret = change_process_owner(param->runas);
if (ret) {
ptm_cleanup();
exit(ret);
}
if (ret)
goto error_exit;
}
if (create_seccomp_profile(true, param->seccomp_action) < 0) {
ret = -14;
goto error_exit;
}
return;
error_exit:
ptm_cleanup();
exit(ret);
}
static void ptm_cleanup(void)
@ -1327,13 +1353,14 @@ ptm_cuse_lowlevel_main(int argc, char *argv[], const struct cuse_info *ci,
{
int mt;
int ret;
struct cuse_param *param = userdata;
ptm_fuse_session = cuse_lowlevel_setup(argc, argv, ci, clop, &mt,
userdata);
if (ptm_fuse_session == NULL)
return 1;
if (mt)
if (param->seccomp_action == SWTPM_SECCOMP_ACTION_NONE && mt)
ret = fuse_session_loop_mt(ptm_fuse_session);
else
ret = fuse_session_loop(ptm_fuse_session);
@ -1369,6 +1396,9 @@ int swtpm_cuse_main(int argc, char **argv, const char *prgname, const char *ifac
{"tpm2" , no_argument, 0, '2'},
{"help" , no_argument, 0, 'h'},
{"version" , no_argument, 0, 'v'},
#ifdef WITH_SECCOMP
{"seccomp" , required_argument, 0, 'S'},
#endif
{NULL , 0 , 0, 0 },
};
struct cuse_info cinfo;
@ -1465,6 +1495,9 @@ int swtpm_cuse_main(int argc, char **argv, const char *prgname, const char *ifac
case '2':
tpmversion = TPMLIB_TPM_VERSION_2;
break;
case 'S':
param.seccompdata = optarg;
break;
case 'h': /* help */
fprintf(stdout, usage, prgname, iface);
goto exit;
@ -1509,6 +1542,7 @@ int swtpm_cuse_main(int argc, char **argv, const char *prgname, const char *ifac
handle_migration_key_options(param.migkeydata) < 0 ||
handle_pid_options(param.piddata) < 0 ||
handle_tpmstate_options(param.tpmstatedata) < 0 ||
handle_seccomp_options(param.seccompdata, &param.seccomp_action) < 0 ||
handle_locality_options(param.localitydata, &locality_flags) < 0) {
ret = -3;
goto exit;

28
src/swtpm/swtpm.c
View File

@ -50,6 +50,10 @@
#include <sys/types.h>
#include <sys/socket.h>
#ifdef WITH_SECCOMP
# include <seccomp.h>
#endif
#include <libtpms/tpm_error.h>
#include <libtpms/tpm_library.h>
#include <libtpms/tpm_memory.h>
@ -69,6 +73,7 @@
#include "tpmstate.h"
#include "sys_dependencies.h"
#include "osx.h"
#include "seccomp_profile.h"
/* local variables */
static int notify_fd[2] = {-1, -1};
@ -170,6 +175,15 @@ static void usage(FILE *file, const char *prgname, const char *iface)
" send an INIT via control channel;\n"
"-r|--runas <user>: change to the given user\n"
"--tpm2 : choose TPM2 functionality\n"
#ifdef WITH_SECCOMP
# ifndef SCMP_ACT_LOG
"--seccomp action=none|kill\n"
# else
"--seccomp action=none|kill|log\n"
# endif
" : Choose the action of the seccomp profile when a\n"
" blacklisted syscall is executed; default is kill\n"
#endif
"-h|--help : display this help screen and terminate\n"
"\n",
prgname, iface);
@ -210,6 +224,7 @@ int swtpm_main(int argc, char **argv, const char *prgname, const char *iface)
char *ctrlchdata = NULL;
char *serverdata = NULL;
char *flagsdata = NULL;
char *seccompdata = NULL;
char *runas = NULL;
int sock_type = 0;
socklen_t len = 0;
@ -217,6 +232,7 @@ int swtpm_main(int argc, char **argv, const char *prgname, const char *iface)
#ifdef DEBUG
time_t start_time;
#endif
unsigned int seccomp_action;
static struct option longopts[] = {
{"daemon" , no_argument, 0, 'd'},
{"help" , no_argument, 0, 'h'},
@ -234,6 +250,9 @@ int swtpm_main(int argc, char **argv, const char *prgname, const char *iface)
{"ctrl" , required_argument, 0, 'C'},
{"flags" , required_argument, 0, 'F'},
{"tpm2" , no_argument, 0, '2'},
#ifdef WITH_SECCOMP
{"seccomp" , required_argument, 0, 'S'},
#endif
{NULL , 0 , 0, 0 },
};
@ -359,6 +378,10 @@ int swtpm_main(int argc, char **argv, const char *prgname, const char *iface)
runas = optarg;
break;
case 'S':
seccompdata = optarg;
break;
default:
usage(stderr, prgname, iface);
exit(EXIT_FAILURE);
@ -407,6 +430,7 @@ int swtpm_main(int argc, char **argv, const char *prgname, const char *iface)
handle_pid_options(piddata) < 0 ||
handle_locality_options(localitydata, &mlp.locality_flags) < 0 ||
handle_tpmstate_options(tpmstatedata) < 0 ||
handle_seccomp_options(seccompdata, &seccomp_action) < 0 ||
handle_flags_options(flagsdata, &need_init_cmd) < 0) {
goto exit_failure;
}
@ -468,8 +492,12 @@ int swtpm_main(int argc, char **argv, const char *prgname, const char *iface)
if (install_sighandlers(notify_fd, sigterm_handler) < 0)
goto error_no_sighandlers;
if (create_seccomp_profile(false, seccomp_action) < 0)
goto error_seccomp_profile;
rc = mainLoop(&mlp, notify_fd[0]);
error_seccomp_profile:
uninstall_sighandlers();
error_no_sighandlers:

28
src/swtpm/swtpm_chardev.c
View File

@ -50,6 +50,10 @@
#include <sys/socket.h>
#include <sys/ioctl.h>
#ifdef WITH_SECCOMP
# include <seccomp.h>
#endif
#include <libtpms/tpm_error.h>
#include <libtpms/tpm_library.h>
#include <libtpms/tpm_memory.h>
@ -71,6 +75,7 @@
#endif
#include "tpmstate.h"
#include "osx.h"
#include "seccomp_profile.h"
/* local variables */
static int notify_fd[2] = {-1, -1};
@ -191,6 +196,15 @@ static void usage(FILE *file, const char *prgname, const char *iface)
" send an INIT via control channel; not needed when using\n"
" --vtpm-proxy\n"
"--tpm2 : choose TPM2 functionality\n"
#ifdef WITH_SECCOMP
# ifndef SCMP_ACT_LOG
"--seccomp action=none|kill\n"
# else
"--seccomp action=none|kill|log\n"
# endif
" : Choose the action of the seccomp profile when a\n"
" blacklisted syscall is executed; default is kill\n"
#endif
"-h|--help : display this help screen and terminate\n"
"\n",
prgname, iface);
@ -227,6 +241,7 @@ int swtpm_chardev_main(int argc, char **argv, const char *prgname, const char *i
char *tpmstatedata = NULL;
char *ctrlchdata = NULL;
char *flagsdata = NULL;
char *seccompdata = NULL;
char *runas = NULL;
#ifdef WITH_VTPM_PROXY
bool use_vtpm_proxy = false;
@ -235,6 +250,7 @@ int swtpm_chardev_main(int argc, char **argv, const char *prgname, const char *i
time_t start_time;
#endif
bool need_init_cmd = true;
unsigned int seccomp_action;
static struct option longopts[] = {
{"daemon" , no_argument, 0, 'd'},
{"help" , no_argument, 0, 'h'},
@ -253,6 +269,9 @@ int swtpm_chardev_main(int argc, char **argv, const char *prgname, const char *i
{"vtpm-proxy", no_argument, 0, 'v'},
#endif
{"tpm2" , no_argument, 0, '2'},
#ifdef WITH_SECCOMP
{"seccomp" , required_argument, 0, 'S'},
#endif
{NULL , 0 , 0, 0 },
};
@ -367,6 +386,10 @@ int swtpm_chardev_main(int argc, char **argv, const char *prgname, const char *i
break;
#endif
case 'S':
seccompdata = optarg;
break;
default:
usage(stderr, prgname, iface);
exit(EXIT_FAILURE);
@ -452,6 +475,7 @@ int swtpm_chardev_main(int argc, char **argv, const char *prgname, const char *i
handle_migration_key_options(migkeydata) < 0 ||
handle_pid_options(piddata) < 0 ||
handle_tpmstate_options(tpmstatedata) < 0 ||
handle_seccomp_options(seccompdata, &seccomp_action) < 0 ||
handle_flags_options(flagsdata, &need_init_cmd) < 0) {
goto exit_failure;
}
@ -499,11 +523,15 @@ int swtpm_chardev_main(int argc, char **argv, const char *prgname, const char *i
if (install_sighandlers(notify_fd, sigterm_handler) < 0)
goto error_no_sighandlers;
if (create_seccomp_profile(false, seccomp_action) < 0)
goto error_seccomp_profile;
mlp.flags |= MAIN_LOOP_FLAG_USE_FD | MAIN_LOOP_FLAG_KEEP_CONNECTION | \
MAIN_LOOP_FLAG_END_ON_HUP;
rc = mainLoop(&mlp, notify_fd[0]);
error_seccomp_profile:
uninstall_sighandlers();
error_no_sighandlers: