systrap

Documentation

Overview

Package systrap provides a seccomp-based implementation of the platform interface.

In a nutshell, it works as follows:

The creation of a new address space creates a new child processes.

The creation of a new stub thread creates a new system thread with a specified address space. To initialize this thread, the following action will be done:

• install a signal stack which is shared with the Sentry.
• install a signal handler for SYS, BUS, FPE, CHLD, TRAP, SEGV signals. This signal handler is a key part of the systrap platform. Any stub event which has to be handled in a privilege mode (by the Sentry) triggers one of previous signals. The signal handler is running on the separate stack which is shared with the Sentry. There is the sysmsg structure to synchronize the Sentry and a stub thread.
• install seccomp filters to trap user system calls.
• send a fake SIGSEGV to stop the thread in the signal handler.

A context is just a collection of temporary variables. Calling Switch on a context does the following:

Set up proper registers and an FPU state on a stub signal frame.
Wake up a stub thread by changing sysmsg->stage and calling FUTEX_WAKE.
Wait for new stub event by polling sysmsg->stage.

Lock order:

subprocessPool.mu
	subprocess.mu
		context.mu

+checkalignedignore

Index

• Constants
• type Systrap
  • func New() (*Systrap, error)
  • func (*Systrap) CooperativelySchedulesAddressSpace() bool
  • func (*Systrap) MapUnit() uint64
  • func (*Systrap) MaxUserAddress() hostarch.Addr
  • func (*Systrap) MinUserAddress() hostarch.Addr
  • func (p *Systrap) NewAddressSpace(any) (platform.AddressSpace, <-chan struct{}, error)
  • func (*Systrap) NewContext(ctx pkgcontext.Context) platform.Context
  • func (*Systrap) SupportsAddressSpaceIO() bool
  • func (p *Systrap) SyscallFilters() seccomp.SyscallRules

Constants

const (
	ERESTARTSYS    = unix.Errno(512)
	ERESTARTNOINTR = unix.Errno(513)
	ERESTARTNOHAND = unix.Errno(514)
)

Linux kernel errnos which "should never be seen by user programs", but will be revealed to ptrace syscall exit tracing.

These constants are only used in subprocess.go.

Types

type Systrap

type Systrap struct {
	platform.NoCPUPreemptionDetection
	platform.UseHostGlobalMemoryBarrier
	platform.DoesNotOwnPageTables
	// contains filtered or unexported fields
}

Systrap represents a collection of seccomp subprocesses.

func New

func New() (*Systrap, error)

New returns a new seccomp-based implementation of the platform interface.

func (*Systrap) CooperativelySchedulesAddressSpace

func (*Systrap) CooperativelySchedulesAddressSpace() bool

CooperativelySchedulesAddressSpace implements platform.Platform.CooperativelySchedulesAddressSpace.

func (*Systrap) MapUnit

func (*Systrap) MapUnit() uint64

MapUnit implements platform.Platform.MapUnit.

func (*Systrap) MaxUserAddress

func (*Systrap) MaxUserAddress() hostarch.Addr

MaxUserAddress returns the first address that may not be used by user applications.

func (*Systrap) MinUserAddress

func (*Systrap) MinUserAddress() hostarch.Addr

MinUserAddress implements platform.MinUserAddress.

func (*Systrap) NewAddressSpace

func (p *Systrap) NewAddressSpace(any) (platform.AddressSpace, <-chan struct{}, error)

NewAddressSpace returns a new subprocess.

func (*Systrap) NewContext

func (*Systrap) NewContext(ctx pkgcontext.Context) platform.Context

NewContext returns an interruptible context.

func (*Systrap) SupportsAddressSpaceIO

func (*Systrap) SupportsAddressSpaceIO() bool

SupportsAddressSpaceIO implements platform.Platform.SupportsAddressSpaceIO.

func (*Systrap) SyscallFilters

func (p *Systrap) SyscallFilters() seccomp.SyscallRules

SyscallFilters returns syscalls made exclusively by the systrap platform.