#include <errno.h>
#include <string.h>
#include <syslog.h>
-#include <err.h>
+#include <limits.h>
#ifndef PTRACE_EVENT_STOP
/* PTRACE_EVENT_STOP is defined in linux/ptrace.h, but this header
#define PTRACE_EVENT_STOP 128
#endif
+#include <libubox/ulog.h>
#include <libubox/uloop.h>
#include <libubox/blobmsg.h>
#include <libubox/blobmsg_json.h>
SECCOMP_TRACE,
} mode = UTRACE;
-#define PROC_NAME(mode) (mode == UTRACE ? "utrace" : "seccomp-trace")
-
-#define INFO(fmt, ...) do { \
- fprintf(stderr, "%s: "fmt, PROC_NAME(mode), ## __VA_ARGS__); \
-} while (0)
-
-#define ERROR(fmt, ...) do { \
- syslog(LOG_ERR, "%s: "fmt, PROC_NAME(mode), ## __VA_ARGS__); \
- fprintf(stderr, "%s: "fmt, PROC_NAME(mode), ## __VA_ARGS__); \
-} while (0)
-
-#define LOGERR(fmt, ...) do { \
- syslog(LOG_ERR, "%s: "fmt, PROC_NAME(mode), ## __VA_ARGS__); \
-} while (0)
-
struct tracee {
struct uloop_process proc;
int in_syscall;
sc, syscall_name(sc), sorted[i].count);
blobmsg_add_string(&b, NULL, syscall_name(sc));
} else {
- ERROR("no name found for syscall(%d)\n", sc);
+ ULOG_ERR("no name found for syscall(%d)\n", sc);
}
}
blobmsg_close_array(&b, c);
if (fp) {
fprintf(fp, "%s", blobmsg_format_json_indent(b.head, true, 0));
fclose(fp);
- INFO("saving syscall trace to %s\n", json);
+ ULOG_INFO("saving syscall trace to %s\n", json);
} else {
- ERROR("failed to open %s\n", json);
+ ULOG_ERR("failed to open %s\n", json);
}
} else {
printf("%s\n",
int i = syscall_index(syscall);
if (i >= 0) {
syscall_count[i]++;
- LOGERR("%s[%u] tried to call non-whitelisted syscall: %s (see %s)\n",
- buf, pid, syscall_name(syscall), json);
+ ULOG_ERR("%s[%u] tried to call non-whitelisted syscall: %s (see %s)\n",
+ buf, pid, syscall_name(syscall), json);
} else {
- LOGERR("%s[%u] tried to call non-whitelisted syscall: %d (see %s)\n",
- buf, pid, syscall, json);
+ ULOG_ERR("%s[%u] tried to call non-whitelisted syscall: %d (see %s)\n",
+ buf, pid, syscall, json);
}
}
case SECCOMP_TRACE:
preload = "/lib/libpreload-seccomp.so";
newenv = 2;
- asprintf(&_envp[1], "SECCOMP_FILE=%s", json ? json : "");
+ if (asprintf(&_envp[1], "SECCOMP_FILE=%s", json ? json : "") < 0)
+ ULOG_ERR("failed to allocate SECCOMP_FILE env: %m\n");
+
kill(getpid(), SIGSTOP);
break;
}
- asprintf(&_envp[0], "LD_PRELOAD=%s%s%s", preload,
- old_preload ? ":" : "",
- old_preload ? old_preload : "");
+ if (asprintf(&_envp[0], "LD_PRELOAD=%s%s%s", preload,
+ old_preload ? ":" : "",
+ old_preload ? old_preload : "") < 0)
+ ULOG_ERR("failed to allocate LD_PRELOAD env: %m\n");
+
memcpy(&_envp[newenv], envp, envc * sizeof(char *));
ret = execve(_argv[0], _argv, _envp);
- ERROR("failed to exec %s: %s\n", _argv[0], strerror(errno));
+ ULOG_ERR("failed to exec %s: %m\n", _argv[0]);
free(_argv);
free(_envp);
waitpid(child, &status, WUNTRACED);
if (!WIFSTOPPED(status)) {
- ERROR("failed to start %s\n", *argv);
+ ULOG_ERR("failed to start %s\n", *argv);
return -1;
}
+ /* Initialize uloop to catch all ptrace stops from now on. */
+ uloop_init();
+
int ptrace_options = PTRACE_O_TRACEFORK | PTRACE_O_TRACEVFORK | PTRACE_O_TRACECLONE;
switch (mode) {
case UTRACE:
ptrace_restart = PTRACE_CONT;
break;
}
- if (ptrace(PTRACE_SEIZE, child, 0, ptrace_options) == -1)
- err(1, "PTRACE_SEIZE");
- if (ptrace(ptrace_restart, child, 0, SIGCONT) == -1)
- err(1, "ptrace restart");
+ if (ptrace(PTRACE_SEIZE, child, 0, ptrace_options) == -1) {
+ ULOG_ERR("PTRACE_SEIZE: %m\n");
+ return -1;
+ }
+ if (ptrace(ptrace_restart, child, 0, SIGCONT) == -1) {
+ ULOG_ERR("ptrace_restart: %m\n");
+ return -1;
+ }
- uloop_init();
tracer.proc.pid = child;
tracer.proc.cb = tracer_cb;
uloop_process_add(&tracer.proc);
case UTRACE:
if (!json)
if (asprintf(&json, "/tmp/%s.%u.json", basename(*argv), child) < 0)
- ERROR("failed to allocate output path: %s\n", strerror(errno));
+ ULOG_ERR("failed to allocate output path: %m\n");
break;
case SECCOMP_TRACE:
if (!violation_count)
return 0;
- asprintf(&json, "/tmp/%s.%u.violations.json", basename(*argv), child);
+ if (asprintf(&json, "/tmp/%s.%u.violations.json", basename(*argv), child) < 0)
+ ULOG_ERR("failed to allocate violations output path: %m\n");
break;
}
print_syscalls(policy, json);
projects / project / procd.git / blobdiff