Please check the build logs for more information.
See Builds for ideas on how to fix a failed build, or Metadata for how to configure docs.rs builds.
If you believe this is docs.rs' fault, open an issue.
greenhook
https://crates.io/crates/greenhook
Greenhook is a seccomp-unotify-based syscall hook library. It is adapted from https://github.com/pdlan/binder.
You could have it a try if you want to find alternatives other than LD_PRELOAD
and ptrace
. However, please note that seccomp unotify IS NOT a full replacement of these techniques, and take some time reading seccomp_unotify(2)
before you start.
To fully utilize this library, you need to have a kernel version >= 5.9.0. And also you need a special seccomp policy file if you want to run this in Docker or other containers (to allow process_vm_readv()
and pidfd_getfd()
to run without capabilities), with this:
# docker run --security-opt seccomp=assets/seccomp.json ...
Also, it is necessary to install libseccomp header and library:
$ sudo apt install libseccomp-dev
Example
You can find some examples inside test code. Here is a simple one that makes programs like whoami(1)
considering you are root (even if you are not), by hooking geteuid(2)
:
use Command;
use ;
use ScmpSyscall;
Run this with:
> cargo run --example geteuid -- whoami
root
> whoami
user
A more complicated one, that replaces /etc/passwd
to /etc/resolv.conf
by hooking openat(2)
:
use ;
use ;
use ScmpSyscall;
use info;
use ;
Run this with:
> RUST_LOG=info cargo run --example openat -- cat /etc/passwd
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/Projects/greenhook/target/debug/deps/glibc-hwcaps/x86-64-v3/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/Projects/greenhook/target/debug/deps/glibc-hwcaps/x86-64-v2/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/Projects/greenhook/target/debug/deps/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/Projects/greenhook/target/debug/glibc-hwcaps/x86-64-v3/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/Projects/greenhook/target/debug/glibc-hwcaps/x86-64-v2/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/Projects/greenhook/target/debug/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/rustlib/x86_64-unknown-linux-gnu/lib/glibc-hwcaps/x86-64-v3/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/rustlib/x86_64-unknown-linux-gnu/lib/glibc-hwcaps/x86-64-v2/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/rustlib/x86_64-unknown-linux-gnu/lib/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/glibc-hwcaps/x86-64-v3/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/glibc-hwcaps/x86-64-v2/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/home/taoky/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/etc/ld.so.cache"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/usr/lib/libc.so.6"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/usr/lib/locale/locale-archive"
[2023-05-27T14:39:57Z INFO openat] open (path CStr): "/etc/passwd"
# Generated by NetworkManager
...
Limitation
- Your hook functions are executed by supervisor process (thread), not supervised one! This means that you may find difficulties when you need to do something on behalf of supervised process.
- Be careful of TOCTOU attack! Seccomp unotify will NOT stop whole process when handling syscalls, so it is possible that the supervised process may change the syscall arguments after supervisor has checked them, and
continue_syscall
can be dangerous (thus it is marked asunsafe
here). - Handling signals could be troublesome. It is possible that signals can interrupt syscalls or restart them, but supervisor has no knowledge of this. Try to check request validity in your functions to alleviate this problem. For more information please read
seccomp_unotify(2)
.