Wrote a quite nice to use wrapper for the clone3 syscall in (relatively) safe Rust (clone.rs).
Wrote the basis of specification, that should be extensible enough for future features (specification.rs).
Currently this reads only JSON specifications, but Rust’s serde library has support for a variety of binary formats to try later on. Started tying things together. Currently on the running at startup launches work, but they do launch and it’s a strong basis to add more features from."><metaname=authorcontent="Jake Hillion"><linkrel=canonicalhref=https://blog.hillion.co.uk/posts/weekly-2022-02-13/><linkcrossorigin=anonymoushref=/assets/css/stylesheet.min.48a18943c2fc15c38a372b8dde1f5e5dc0bc64fa6cb90f5a817d2f8c76b7f3ae.cssintegrity="sha256-SKGJQ8L8FcOKNyuN3h9eXcC8ZPpsuQ9agX0vjHa3864="rel="preload stylesheet"as=style><scriptdefercrossorigin=anonymoussrc=/assets/js/highlight.min.b95bacdc39e37a332a9f883b1e78be4abc1fdca2bc1f2641f55e3cd3dabd4d61.jsintegrity="sha256-uVus3DnjejMqn4g7Hni+Srwf3KK8HyZB9V4809q9TWE="onload=hljs.initHighlightingOnLoad()></script>
<script>vardoNotTrack=!1;if(!doNotTrack){window.dataLayer=window.dataLayer||[];functiongtag(){dataLayer.push(arguments)}gtag("js",newDate),gtag("config","G-4CXXF49E7M",{anonymize_ip:!1})}</script><metaproperty="og:title"content="Jake's Weekly - 13th Feb 2022"><metaproperty="og:description"content="ResearchProjectProcessIsolationBuilttheshiminRust(clone_shim).
Wrote a quite nice to use wrapper for the clone3 syscall in (relatively) safe Rust (clone.rs).
Wrote the basis of specification, that should be extensible enough for future features (specification.rs).
Currently this reads only JSON specifications, but Rust’s serde library has support for a variety of binary formats to try later on. Started tying things together. Currently on the running at startup launches work, but they do launch and it’s a strong basis to add more features from."><metaproperty="og:type"content="article"><metaproperty="og:url"content="https://blog.hillion.co.uk/posts/weekly-2022-02-13/"><metaproperty="article:section"content="posts"><metaproperty="article:published_time"content="2022-02-14T11:00:00+00:00"><metaproperty="article:modified_time"content="2022-02-14T11:00:00+00:00"><metaproperty="og:site_name"content="Jake Hillion"><metaname=twitter:cardcontent="summary"><metaname=twitter:titlecontent="Jake's Weekly - 13th Feb 2022"><metaname=twitter:descriptioncontent="ResearchProjectProcessIsolationBuilttheshiminRust(clone_shim).
Wrote a quite nice to use wrapper for the clone3 syscall in (relatively) safe Rust (clone.rs).
Wrote the basis of specification, that should be extensible enough for future features (specification.rs).
Currently this reads only JSON specifications, but Rust’s serde library has support for a variety of binary formats to try later on. Started tying things together. Currently on the running at startup launches work, but they do launch and it’s a strong basis to add more features from."><scripttype=application/ld+json>{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Posts","item":"https://blog.hillion.co.uk/posts/"},{"@type":"ListItem","position":2,"name":"Jake's Weekly - 13th Feb 2022","item":"https://blog.hillion.co.uk/posts/weekly-2022-02-13/"}]}</script><scripttype=application/ld+json>{"@context":"https://schema.org","@type":"BlogPosting","headline":"Jake'sWeekly-13thFeb2022","name":"Jake\u0027sWeekly-13thFeb2022","description":"ResearchProjectProcessIsolationBuilttheshiminRust(clone_shim).\nWroteaquitenicetousewrapperfortheclone3syscallin(relatively)safeRust(clone.rs).\nWrotethebasisofspecification,thatshouldbeextensibleenoughforfuturefeatures(specification.rs).\nCurrentlythisreadsonlyJSONspecifications,butRust\u0026rsquo;sserdelibraryhassupportforavarietyofbinaryformatstotrylateron.Startedtyingthingstogether.Currentlyontherunningatstartuplauncheswork,buttheydolaunchandit\u0026rsquo;sastrongbasistoaddmorefeaturesfrom.","keywords":[],"articleBody":"ResearchProjectProcessIsolationBuilttheshiminRust(clone_shim).\nWroteaquitenicetousewrapperfortheclone3syscallin(relatively)safeRust(clone.rs).\nWrotethebasisofspecification,thatshouldbeextensibleenoughforfuturefeatures(specification.rs).\nCurrentlythisreadsonlyJSONspecifications,butRust’sserdelibraryhassupportforavarietyofbinaryformatstotrylateron.Startedtyingthingstogether.Currentlyontherunningatstartuplauncheswork,buttheydolaunchandit’sastrongbasistoaddmorefeaturesfrom.\nBuiltaRustapplicationtotracksubprocesscreation(forktop).\nCurrentlyabitofaproofofconcept.ptracegivesmealloftheeventsneededtotrackprocesses,butIneedtofliptheappdesignonitsheadtobuildaniceinterface.ThiswasmyfirstexperienceofwritingRustforthissystemcallheavycodeI’dbeenwritinginC.It’samazinghowsuchsimilarcodewithnearlyidenticaleffectsissovastlymoreergonomic,primarilyduetotheerrorhandling.UpNextGettheshimtothelevelthatitcanruntheexistingCapplications.\nThisrequiressupportfornetworking.Ithinkthisisgoingtoneedadistinctionbetweencompiletimespecificationsandruntimespecifications.Considerpokingaportthrough,choosingthisatruntimewouldbeaconfigurationnightmare.Havingasecondspecificationorsomeenvoverrideswouldallowchangingtheportbutmaintainingsecurity.Thisrequiressupportforfilesystems.Thisshouldn’tbetoobad,butisgoingtoinvolvemegettingmoretightlytogripswithmountnamespaces,somethingIstillfindquiteconfusing.FornowI’mfocusingonstaticfilesupport,e.g.bindmountingin/etc/dnsmasq.confto/config,or$PWDto/,or/to/.I’mconsideringdynamicbindsupport,butI’mstrugglingtoconvincemyselfthatitcanbecompletelysecure,sowillleaveitforthemoment.Fullysupportnamespacessothatthebasicnoprivilegesentrypointisasdeprivilegedaspossible.Worthreadinguponhowothersolutionsdothisforeachcase.Readuponeffectivecapabilities.Althoughtheshimbinarywillbesuperprivileged,evenafullsetofprivilegesforanentrypointshouldneverexceedthelauncher’sprivileges.GetaniceTUIfortheforktopProofofConcept.\nAddashellhotkeyoncetheprocesstreeisworking.Iwantahotkeythatjumpsintoaprocess,forksandexecsashell,thenreturnsthatprocesstonormalrunning.Thisisthebestwayatruntimetoreallytestthepermissionsofaprocessdynamically.ModulesIntroductiontoSystemsResearchReadXen(Barhametal.,200
<spanclass=logo-switches><buttonid=theme-toggleaccesskey=ttitle="(Alt + T)"><svgid="moon"xmlns="http://www.w3.org/2000/svg"width="24"height="24"viewBox="0 0 24 24"fill="none"stroke="currentcolor"stroke-width="2"stroke-linecap="round"stroke-linejoin="round"><pathd="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svgid="sun"xmlns="http://www.w3.org/2000/svg"width="24"height="24"viewBox="0 0 24 24"fill="none"stroke="currentcolor"stroke-width="2"stroke-linecap="round"stroke-linejoin="round"><circlecx="12"cy="12"r="5"/><linex1="12"y1="1"x2="12"y2="3"/><linex1="12"y1="21"x2="12"y2="23"/><linex1="4.22"y1="4.22"x2="5.64"y2="5.64"/><linex1="18.36"y1="18.36"x2="19.78"y2="19.78"/><linex1="1"y1="12"x2="3"y2="12"/><linex1="21"y1="12"x2="23"y2="12"/><linex1="4.22"y1="19.78"x2="5.64"y2="18.36"/><linex1="18.36"y1="5.64"x2="19.78"y2="4.22"/></svg></button></span></div><ulid=menu><li><ahref=https://blog.hillion.co.uk/categories/title=categories><span>categories</span></a></li><li><ahref=https://blog.hillion.co.uk/tags/title=tags><span>tags</span></a></li></ul></nav></header><mainclass=main><articleclass=post-single><headerclass=post-header><divclass=breadcrumbs><ahref=https://blog.hillion.co.uk/>Home</a> » <ahref=https://blog.hillion.co.uk/posts/>Posts</a></div><h1class=post-title>Jake's Weekly - 13th Feb 2022</h1><divclass=post-meta><spantitle='2022-02-14 11:00:00 +0000 UTC'>February 14, 2022</span> · 3 min · Jake Hillion</div></header><divclass=post-content><h2id=research-project>Research Project<ahiddenclass=anchoraria-hidden=truehref=#research-project>#</a></h2><h3id=process-isolation>Process Isolation<ahiddenclass=anchoraria-hidden=truehref=#process-isolation>#</a></h3><ul><li><p>Built the shim in Rust (<ahref=https://gitea.hillion.co.uk/JakeHillion/clone-shim/>clone_shim</a>).</p><ul><li><p>Wrote a quite nice to use wrapper for the <code>clone3</code> syscall in (relatively) safe Rust (<ahref=https://gitea.hillion.co.uk/JakeHillion/clone-shim/src/branch/main/src/clone.rs>clone.rs</a>).</p></li><li><p>Wrote the basis of specification, that should be extensible enough for future features (<ahref=https://gitea.hillion.co.uk/JakeHillion/clone-shim/src/branch/main/src/specification.rs>specification.rs</a>).</p><ul><li>Currently this reads only JSON specifications, but Rust’s <code>serde</code> library has support for a variety of binary formats to try later on.</li></ul></li><li><p>Started tying things together. Currently on the running at startup launches work, but they do launch and it’s a strong basis to add more features from.</p></li></ul></li><li><p>Built a Rust application to track subprocess creation (<ahref=https://gitea.hillion.co.uk/JakeHillion/forktop/src/branch/initial-process-tracing>forktop</a>).</p><ul><li>Currently a bit of a proof of concept. <code>ptrace</code> gives me all of the events needed to track processes, but I need to flip the app design on its head to build a nice interface.</li><li>This was my first experience of writing Rust for this system call heavy code I’d been writing in C. It’s amazing how such similar code with nearly identical effects is so vastly more ergonomic, primarily due to the error handling.</li></ul></li></ul><h3id=up-next>Up Next<ahiddenclass=anchoraria-hidden=truehref=#up-next>#</a></h3><ul><li><p>Get the shim to the level that it can run the existing C applications.</p><ul><li>This requires support for networking.<ul><li>I think this is going to need a distinction between compile time specifications and runtime specifications. Consider poking a port through, choosing this at runtime would be a configuration nightmare. Having a second specification or some env overrides would allow changing the port but maintaining security.</li></ul></li><li>This requires support for filesystems.<ul><li>This shouldn’t be too bad, but is going to involve me getting more tightly to grips with mount namespaces, something I still find quite confus
<ahref=https://git.io/hugopapermodrel=noopenertarget=_blank>PaperMod</a></span></footer><ahref=#toparia-label="go to top"title="Go to Top (Alt + G)"class=top-linkid=top-linkaccesskey=g><svgxmlns="http://www.w3.org/2000/svg"viewBox="0 0 12 6"fill="currentcolor"><pathd="M12 6H0l6-6z"/></svg></a><script>letmenu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();vart=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>varmybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>