security/hakurei
security/hakurei
5
2
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 4 Wiki Activity

Compare commits

base: security:55d8c3bacbf09e52ba8fa9c4ba7795dcea04b357
Branches Tags
security:master
security:staging
security:develop
security:v0.1.3
security:v0.1.2
security:v0.1.1
security:v0.1.0
...
compare: security:c9eeafbbf0cf51c46794912f7f5351e37c752a5e
Branches Tags
security:staging
security:develop
security:master
security:v0.1.3
security:v0.1.2
security:v0.1.1
security:v0.1.0

2 Commits
55d8c3bacb ... c9eeafbbf0

Author SHA1 Message Date
Clayton Gilmer
c9eeafbbf0
container: optionally isolate host abstract UNIX domain sockets via landlock
Some checks failed
Test / Create distribution (pull_request) Failing after 32s
Details
Test / Sandbox (pull_request) Failing after 51s
Details
Test / Sandbox (race detector) (pull_request) Failing after 54s
Details
Test / Hpkg (pull_request) Failing after 56s
Details
Test / Hakurei (pull_request) Failing after 1m9s
Details
Test / Hakurei (race detector) (push) Failing after 1m0s
Details
Test / Hakurei (push) Failing after 1m11s
Details
Test / Hakurei (race detector) (pull_request) Failing after 1m18s
Details
Test / Flake checks (pull_request) Has been skipped
Details
Test / Create distribution (push) Failing after 30s
Details
Test / Sandbox (push) Failing after 49s
Details
Test / Hpkg (push) Failing after 48s
Details
Test / Sandbox (race detector) (push) Failing after 51s
Details
Test / Flake checks (push) Has been skipped
Details
2025-08-18 11:50:05 +09:00
Ophestra
2f1d42c8dd
app: set up acl on X11 socket 
The socket is typically owned by the priv-user, and inaccessible by the target user, so just allowing access to the directory is not enough. This change fixes this oversight and add checks that will also be useful for merging #1.

Signed-off-by: Ophestra <cat@gensokyo.uk>

# Conflicts:
#	test/sandbox/case/device.nix
#	test/sandbox/case/tty.nix
 2025-08-18 11:49:49 +09:00
16 changed files with 136 additions and 10 deletions
Show Stats Expand all files Collapse all files

2
cmd/hpkg/app.go
View File

@ -28,6 +28,8 @@ type appInfo struct {
// passed through to [hst.Config] // passed through to [hst.Config]
Net bool `json:"net,omitempty"` Net bool `json:"net,omitempty"`
// passed through to [hst.Config] // passed through to [hst.Config]
ScopeAbstract bool `json:"scope_abstract,omitempty"`
// passed through to [hst.Config]
Device bool `json:"dev,omitempty"` Device bool `json:"dev,omitempty"`
// passed through to [hst.Config] // passed through to [hst.Config]
Tty bool `json:"tty,omitempty"` Tty bool `json:"tty,omitempty"`

55
container/landlock/landlock.go Normal file
View File

@ -0,0 +1,55 @@
package landlock
/*
#include <linux/landlock.h>
#include <sys/syscall.h>
*/
import "C"
import (
"fmt"
"syscall"
"unsafe"
)
const (
LANDLOCK_CREATE_RULESET_VERSION = C.LANDLOCK_CREATE_RULESET_VERSION
LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET = C.LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET
SYS_LANDLOCK_CREATE_RULESET = C.SYS_landlock_create_ruleset
SYS_LANDLOCK_RESTRICT_SELF = C.SYS_landlock_restrict_self
)
type LandlockRulesetAttr = C.struct_landlock_ruleset_attr
// ScopeAbstract calls landlock_restrict_self and must be called from a goroutine wired to an m
// with the process starting from the same goroutine.
func ScopeAbstract() error {
abi, _, err := syscall.Syscall(SYS_LANDLOCK_CREATE_RULESET, 0, 0, LANDLOCK_CREATE_RULESET_VERSION)
if err != 0 {
return fmt.Errorf("could not fetch landlock ABI: errno %v", err)
}
if abi < 6 {
return fmt.Errorf("landlock ABI must be >= 6, got %d", abi)
}
attrs := LandlockRulesetAttr{
scoped: LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET,
}
fd, _, err := syscall.Syscall(SYS_LANDLOCK_CREATE_RULESET, uintptr(unsafe.Pointer(&attrs)), unsafe.Sizeof(attrs), 0)
if err != 0 {
return fmt.Errorf("could not create landlock ruleset: errno %v", err)
}
defer syscall.Close(int(fd))
r, _, err := syscall.Syscall(SYS_LANDLOCK_RESTRICT_SELF, fd, 0, 0)
if r != 0 {
return fmt.Errorf("could not restrict self via landlock: errno %v", err)
}
return nil
}

2
hst/config.go
View File

@ -79,6 +79,8 @@ type (
Userns bool `json:"userns,omitempty"` Userns bool `json:"userns,omitempty"`
// share host net namespace // share host net namespace
Net bool `json:"net,omitempty"` Net bool `json:"net,omitempty"`
// disallow accessing abstract UNIX domain sockets created outside the container
ScopeAbstract bool `json:"scope_abstract,omitempty"`
// allow dangerous terminal I/O // allow dangerous terminal I/O
Tty bool `json:"tty,omitempty"` Tty bool `json:"tty,omitempty"`
// allow multiarch // allow multiarch

1
internal/app/container_linux.go
View File

@ -33,6 +33,7 @@ func newContainer(s *hst.ContainerConfig, os sys.State, prefix string, uid, gid
SeccompPresets: s.SeccompPresets, SeccompPresets: s.SeccompPresets,
RetainSession: s.Tty, RetainSession: s.Tty,
HostNet: s.Net, HostNet: s.Net,
ScopeAbstract: s.ScopeAbstract,
// the container is canceled when shim is requested to exit or receives an interrupt or termination signal; // the container is canceled when shim is requested to exit or receives an interrupt or termination signal;
// this behaviour is implemented in the shim // this behaviour is implemented in the shim

16
internal/app/seal_linux.go
View File

@ -416,6 +416,22 @@ func (seal *outcome) finalise(ctx context.Context, sys sys.State, config *hst.Co
seal.sys.ChangeHosts("#" + seal.user.uid.String()) seal.sys.ChangeHosts("#" + seal.user.uid.String())
seal.env[display] = d seal.env[display] = d
seal.container.Bind(socketDir, socketDir, 0) seal.container.Bind(socketDir, socketDir, 0)
// the socket file at `/tmp/.X11-unix/X%d` is typically owned by the priv user
// and not accessible by the target user
var socketPath *container.Absolute
if len(d) > 1 && d[0] == ':' { // `:%d`
if n, err := strconv.Atoi(d[1:]); err == nil && n >= 0 {
socketPath = socketDir.Append("X" + strconv.Itoa(n))
}
} else if len(d) > 5 && strings.HasPrefix(d, "unix:") { // `unix:%s`
if a, err := container.NewAbs(d[5:]); err == nil {
socketPath = a
}
}
if socketPath != nil {
seal.sys.UpdatePermTypeOptional(system.EX11, socketPath.String(), acl.Read, acl.Write, acl.Execute)
}
} }
} }

1
nixos.nix
View File

@ -137,6 +137,7 @@ in
multiarch multiarch
env env
; ;
scope_abstract = app.scopeAbstract;
map_real_uid = app.mapRealUid; map_real_uid = app.mapRealUid;
filesystem = filesystem =

22
options.md
View File

@ -572,6 +572,28 @@ boolean
*Example:*
` true `
## environment\.hakurei\.apps\.\<name>\.scopeAbstract
Whether to restrict abstract UNIX domain socket access\.
*Type:*
boolean
*Default:*
` true `
*Example:* *Example:*
` true ` ` true `

3
options.nix
View File

@ -182,6 +182,9 @@ in
net = mkEnableOption "network access" // { net = mkEnableOption "network access" // {
default = true; default = true;
}; };
scopeAbstract = mkEnableOption "abstract unix domain socket access" // {
default = true;
};
nix = mkEnableOption "nix daemon access"; nix = mkEnableOption "nix daemon access";
mapRealUid = mkEnableOption "mapping to priv-user uid"; mapRealUid = mkEnableOption "mapping to priv-user uid";

24
system/acl.go
View File

@ -21,7 +21,17 @@ func (sys *I) UpdatePermType(et Enablement, path string, perms ...acl.Perm) *I {
sys.lock.Lock() sys.lock.Lock()
defer sys.lock.Unlock() defer sys.lock.Unlock()
sys.ops = append(sys.ops, &ACL{et, path, perms}) sys.ops = append(sys.ops, &ACL{et, path, perms, false})
return sys
}
// UpdatePermTypeOptional appends an acl update Op that silently continues if the target does not exist.
func (sys *I) UpdatePermTypeOptional(et Enablement, path string, perms ...acl.Perm) *I {
sys.lock.Lock()
defer sys.lock.Unlock()
sys.ops = append(sys.ops, &ACL{et, path, perms, true})
return sys return sys
} }
@ -30,15 +40,25 @@ type ACL struct {
et Enablement et Enablement
path string path string
perms acl.Perms perms acl.Perms
// since revert operations are cross-process, the success of apply must not affect the outcome of revert
skipNotExist bool
} }
func (a *ACL) Type() Enablement { return a.et } func (a *ACL) Type() Enablement { return a.et }
func (a *ACL) apply(sys *I) error { func (a *ACL) apply(sys *I) error {
msg.Verbose("applying ACL", a) msg.Verbose("applying ACL", a)
return wrapErrSuffix(acl.Update(a.path, sys.uid, a.perms...), if err := acl.Update(a.path, sys.uid, a.perms...); err != nil {
if !a.skipNotExist || !os.IsNotExist(err) {
return wrapErrSuffix(err,
fmt.Sprintf("cannot apply ACL entry to %q:", a.path)) fmt.Sprintf("cannot apply ACL entry to %q:", a.path))
} }
msg.Verbosef("path %q does not exist", a.path)
return nil
}
return nil
}
func (a *ACL) revert(sys *I, ec *Criteria) error { func (a *ACL) revert(sys *I, ec *Criteria) error {
if ec.hasType(a) { if ec.hasType(a) {

4
system/acl_test.go
View File

@ -20,7 +20,7 @@ func TestUpdatePerm(t *testing.T) {
t.Run(tc.path+permSubTestSuffix(tc.perms), func(t *testing.T) { t.Run(tc.path+permSubTestSuffix(tc.perms), func(t *testing.T) {
sys := New(150) sys := New(150)
sys.UpdatePerm(tc.path, tc.perms...) sys.UpdatePerm(tc.path, tc.perms...)
(&tcOp{Process, tc.path}).test(t, sys.ops, []Op{&ACL{Process, tc.path, tc.perms}}, "UpdatePerm") (&tcOp{Process, tc.path}).test(t, sys.ops, []Op{&ACL{Process, tc.path, tc.perms, false}}, "UpdatePerm")
}) })
} }
} }
@ -42,7 +42,7 @@ func TestUpdatePermType(t *testing.T) {
t.Run(tc.path+"_"+TypeString(tc.et)+permSubTestSuffix(tc.perms), func(t *testing.T) { t.Run(tc.path+"_"+TypeString(tc.et)+permSubTestSuffix(tc.perms), func(t *testing.T) {
sys := New(150) sys := New(150)
sys.UpdatePermType(tc.et, tc.path, tc.perms...) sys.UpdatePermType(tc.et, tc.path, tc.perms...)
tc.test(t, sys.ops, []Op{&ACL{tc.et, tc.path, tc.perms}}, "UpdatePermType") tc.test(t, sys.ops, []Op{&ACL{tc.et, tc.path, tc.perms, false}}, "UpdatePermType")
}) })
} }
} }

4
system/dbus/proc.go
View File

@ -64,6 +64,10 @@ func (p *Proxy) Start() error {
argF, func(z *container.Container) { argF, func(z *container.Container) {
z.SeccompFlags |= seccomp.AllowMultiarch z.SeccompFlags |= seccomp.AllowMultiarch
z.SeccompPresets |= seccomp.PresetStrict z.SeccompPresets |= seccomp.PresetStrict
// xdg-dbus-proxy requires host abstract UNIX domain socket access
z.ScopeAbstract = false
z.Hostname = "hakurei-dbus" z.Hostname = "hakurei-dbus"
if p.output != nil { if p.output != nil {
z.Stdout, z.Stderr = p.output, p.output z.Stdout, z.Stderr = p.output, p.output

2
test/sandbox/case/device.nix
View File

@ -243,7 +243,7 @@ in
seccomp = true; seccomp = true;
try_socket = "/tmp/.X11-unix/X0"; try_socket = "/tmp/.X11-unix/X0";
socket_abstract = true; socket_abstract = false;
socket_pathname = true; socket_pathname = true;
}; };
} }

2
test/sandbox/case/mapuid.nix
View File

@ -269,7 +269,7 @@ in
seccomp = true; seccomp = true;
try_socket = "/tmp/.X11-unix/X0"; try_socket = "/tmp/.X11-unix/X0";
socket_abstract = true; socket_abstract = false;
socket_pathname = false; socket_pathname = false;
}; };
} }

2
test/sandbox/case/pdlike.nix
View File

@ -264,7 +264,7 @@ in
seccomp = true; seccomp = true;
try_socket = "/tmp/.X11-unix/X0"; try_socket = "/tmp/.X11-unix/X0";
socket_abstract = true; socket_abstract = false;
socket_pathname = false; socket_pathname = false;
}; };
} }

2
test/sandbox/case/preset.nix
View File

@ -262,7 +262,7 @@ in
seccomp = true; seccomp = true;
try_socket = "/tmp/.X11-unix/X0"; try_socket = "/tmp/.X11-unix/X0";
socket_abstract = true; socket_abstract = false;
socket_pathname = false; socket_pathname = false;
}; };
} }

2
test/sandbox/case/tty.nix
View File

@ -275,7 +275,7 @@ in
seccomp = true; seccomp = true;
try_socket = "/tmp/.X11-unix/X0"; try_socket = "/tmp/.X11-unix/X0";
socket_abstract = true; socket_abstract = false;
socket_pathname = true; socket_pathname = true;
}; };
} }