Allow openat to be allowed if specified in extra_allowed_syscalls

Signed-off-by: Ludvig Liljenberg <[email protected]>

Author: ludfjig

src/hyperlight_host/src/sandbox/initialized_multi_use.rs

@@ -462,7 +462,7 @@ mod tests {
     #[test]
     #[cfg(target_os = "linux")]
     fn violate_seccomp_filters_openat() -> Result<()> {
-        // Hostcall to call `openat`
+        // Hostcall to call `openat`.
         fn make_openat_syscall() -> Result<i64> {
             use std::ffi::CString;
 
@@ -478,43 +478,66 @@ mod tests {
             };
 
             if fd_or_err == -1 {
-                Ok(std::io::Error::last_os_error()
-                    .raw_os_error()
-                    .unwrap()
-                    .into())
+                Ok((-std::io::Error::last_os_error().raw_os_error().unwrap()).into())
             } else {
                 Ok(fd_or_err)
             }
         }
+        {
+            // First make sure a regular call to `openat` on /proc/sys/vm/overcommit_memory succeeds
+            let ret = make_openat_syscall()?;
+            assert!(
+                ret >= 0,
+                "Expected openat syscall to succeed, got: {:?}",
+                ret
+            );
 
-        // First make sure a regular call to `openat` on /proc/sys/vm/overcommit_memory succeeds
-        let ret = make_openat_syscall()?;
-        assert!(
-            ret >= 0,
-            "Expected openat syscall to succeed, got: {:?}",
-            ret
-        );
+            let mut ubox = UninitializedSandbox::new(
+                GuestBinary::FilePath(simple_guest_as_string().expect("Guest Binary Missing")),
+                None,
+            )
+            .unwrap();
+            ubox.register("Openat_Hostfunc", make_openat_syscall)?;
 
-        let mut ubox = UninitializedSandbox::new(
-            GuestBinary::FilePath(simple_guest_as_string().expect("Guest Binary Missing")),
-            None,
-        )
-        .unwrap();
-        ubox.register("Openat_Hostfunc", make_openat_syscall)?;
+            let mut sbox = ubox.evolve(Noop::default()).unwrap();
+            let host_func_result = sbox
+                .call_guest_function_by_name::<i64>(
+                    "CallGivenParamlessHostFuncThatReturnsI64",
+                    "Openat_Hostfunc".to_string(),
+                )
+                .expect("Expected to call host function that returns i64");
+
+            if cfg!(feature = "seccomp") {
+                // If seccomp is enabled, we expect the syscall to return EACCES, as setup by our seccomp filter
+                assert_eq!(host_func_result, -libc::EACCES as i64);
+            } else {
+                // If seccomp is not enabled, we expect the syscall to succeed
+                assert!(host_func_result >= 0);
+            }
+        }
 
-        let mut sbox = ubox.evolve(Noop::default()).unwrap();
-        let host_func_result = sbox
-            .call_guest_function_by_name::<i64>(
-                "CallGivenParamlessHostFuncThatReturnsI64",
-                "Openat_Hostfunc".to_string(),
+        #[cfg(feature = "seccomp")]
+        {
+            // Now let's make sure if we register the `openat` syscall as an extra allowed syscall, it will succeed
+            let mut ubox = UninitializedSandbox::new(
+                GuestBinary::FilePath(simple_guest_as_string().expect("Guest Binary Missing")),
+                None,
             )
-            .expect("Expected to call host function that returns i64");
+            .unwrap();
+            ubox.register_with_extra_allowed_syscalls(
+                "Openat_Hostfunc",
+                make_openat_syscall,
+                [libc::SYS_openat],
+            )?;
+            let mut sbox = ubox.evolve(Noop::default()).unwrap();
+            let host_func_result = sbox
+                .call_guest_function_by_name::<i64>(
+                    "CallGivenParamlessHostFuncThatReturnsI64",
+                    "Openat_Hostfunc".to_string(),
+                )
+                .expect("Expected to call host function that returns i64");
 
-        if cfg!(feature = "seccomp") {
-            // If seccomp is enabled, we expect the syscall to return EACCES, as setup by our seccomp filter
-            assert_eq!(host_func_result, libc::EACCES as i64);
-        } else {
-            // If seccomp is not enabled, we expect the syscall to succeed
+            // should pass regardless of seccomp feature
             assert!(host_func_result >= 0);
         }
 

src/hyperlight_host/src/seccomp/guest.rs

@@ -93,20 +93,28 @@ pub(crate) fn get_seccomp_filter_for_host_function_worker_thread(
 
     let arch: TargetArch = std::env::consts::ARCH.try_into()?;
 
-    // First: Filter that forces `openat` to return EACCES
-    let errno_on_openat = SeccompFilter::new(
-        [(libc::SYS_openat, vec![])].into_iter().collect(),
+    // Allowlist filter that traps on unknown syscalls
+    let allowlist = SeccompFilter::new(
+        allowed_syscalls.into_iter().collect(),
+        SeccompAction::Trap,
         SeccompAction::Allow,
-        SeccompAction::Errno(libc::EACCES.try_into()?),
         arch,
     )?
     .try_into()?;
 
-    // Second: Allowlist filter that traps on unknown syscalls
-    let allowlist = SeccompFilter::new(
-        allowed_syscalls.into_iter().collect(),
-        SeccompAction::Trap,
+    // If `openat` is an exclicitly allowed syscall, we shouldn't return the filter that forces it to return EACCES.
+    if let Some(extra_syscalls) = extra_allowed_syscalls {
+        if extra_syscalls.contains(&libc::SYS_openat) {
+            return Ok(vec![allowlist]);
+        }
+    }
+    // Otherwise, we return both filters.
+
+    // Filter that forces `openat` to return EACCES
+    let errno_on_openat = SeccompFilter::new(
+        [(libc::SYS_openat, vec![])].into_iter().collect(),
         SeccompAction::Allow,
+        SeccompAction::Errno(libc::EACCES.try_into()?),
         arch,
     )?
     .try_into()?;