Subject: Re: systrace broken after socket versioning
To: None <tech-kern@netbsd.org, tech-security@netbsd.org>
From: Pavel Cahyna <pavel@netbsd.org>
List: tech-security
Date: 08/05/2006 14:05:35
Hello,
Elad Efrad pointed out that the recent socket(2) versioning broke
systrace. Here is an attempt to correct it, following the example of revs
1.14 and 1.17 . To be applied under src/bin/systrace.
One question: what will happen if the kernel does not have COMPAT_30? Will
systrace fail to register the compatibility syscall and break?
--- register.c.~1.18.~ Sat Aug 5 13:39:01 2006
+++ register.c Sat Aug 5 13:52:17 2006
@@ -143,10 +143,13 @@
X(intercept_register_sccb("netbsd", "fcntl", trans_cb, NULL));
intercept_register_translation("netbsd", "fcntl", 1, &ic_fcntlcmd);
- /* 97: socket */
- X(intercept_register_sccb("netbsd", "socket", trans_cb, NULL));
- intercept_register_translation("netbsd", "socket", 0, &ic_sockdom);
- intercept_register_translation("netbsd", "socket", 1, &ic_socktype);
+ /* 97: compat_30_sys_socket */
+ X(intercept_register_sccb("netbsd", "compat_30_sys_socket",
+ trans_cb, NULL));
+ intercept_register_translation("netbsd", "compat_30_sys_socket",
+ 0, &ic_sockdom);
+ intercept_register_translation("netbsd", "compat_30_sys_socket",
+ 1, &ic_socktype);
/* 98: connect */
X(intercept_register_sccb("netbsd", "connect", trans_cb, NULL));
@@ -249,6 +252,14 @@
alias = systrace_new_alias("netbsd", "__lstat30", "netbsd", "fsread");
systrace_alias_add_trans(alias, tl);
+ /* 394: __socket30 */
+ X(intercept_register_sccb("netbsd", "__socket30",
+ trans_cb, NULL));
+ intercept_register_translation("netbsd", "__socket30",
+ 0, &ic_sockdom);
+ intercept_register_translation("netbsd", "__socket30",
+ 1, &ic_socktype);
+
#else
X(intercept_register_gencb(gen_cb, NULL));