| 20 Aug 2021 |
 baloo | prctl(PR_SET_MM, PR_SET_MM_AUXV, ...) | 03:54:28 |
| baloo | this is cursed | 04:01:50 |
| baloo | we could throw a linux module that would hook on finalize_exec, and provide a custom vdso for our hierarchy | 15:57:20 |
| baloo | or something | 15:57:22 |
| baloo | hooking a syscall is ~easy hook a https://gist.github.com/baloo/d1394dacb4049fc76ee935f686eaca5c#file-nosync-c-L67-L75 | 16:00:32 |
| baloo | * hooking a syscall is ~easy https://gist.github.com/baloo/d1394dacb4049fc76ee935f686eaca5c#file-nosync-c-L67-L75 | 16:00:44 |
| baloo | not sure about hooking a symbol | 16:00:50 |
| baloo | should not be all that hard | 16:00:56 |
| baloo | huuum | 16:07:41 |
| baloo | it's already a thread a that point. | 16:07:50 |
| baloo | so ... we could ... seccomp-ebpf and return seccomp_ret_trace, and inject the vdso with ptrace | 16:08:18 |
| baloo | the target wouldn't even know, as he has not started yet, and he didn't call ptrace(PTRACE_SETOPTIONS) yet | 16:09:05 |
| baloo | and that's without a kernel module, or all too much privileges. | 16:11:15 |
| baloo | Redacted or Malformed Event | 16:16:41 |
| baloo | seccomp-bpf only hooks to syscall | 16:18:31 |
| 22 Aug 2021 |
|  dusk changed their profile picture. | 15:49:06 |
|  siraben changed their display name from siraben (he/him) to siraben. | 16:16:42 |
 Gytis Ivaskevicius | Hey guys, whats up with all these unchecked paths? https://r13y.com/ | 22:53:20 |
| Gytis Ivaskevicius | Not long ago it was at perfect 100% <3 | 22:53:50 |
| 23 Aug 2021 |
 davidak |
it fails to build because of lack of disk space
Gytis Ivaskevicius i guess still this issue with the build system
| 02:16:53 |
 tomberek | i can start fresh build. | 02:20:22 |
| Gytis Ivaskevicius | In reply to @davidak:matrix.org
it fails to build because of lack of disk space
Gytis Ivaskevicius i guess still this issue with the build system
Where do you see that? 🤔 | 03:18:39 |
| davidak | i actually just cited a previous statement from baloo ... scroll up to see the conversation | 03:23:42 |
| baloo | I think the unchecked we’re seeing are connectivity issues | 03:24:33 |
| baloo | All of them are failed while trying to fetch a patch or a source tarball | 03:24:56 |
| baloo | My guess somewhere in between equinix metal and gnu.org | 03:25:32 |
| baloo | I used to have machines there but I don’t anymore. I should have them back in a week or so | 03:26:20 |
| baloo | The disk full issue you can see on the buildkite logs | 03:26:51 |
| baloo | nrdxp: I played with the vdso idea. I can inject one in any process now. From a ptrace/seccomp-bpf filter.
Does not work yet for a reason I still have to debug. But my vdso is loaded. | 03:31:03 |
| baloo | [vdso: 0x7f41cedf4000]
[tv.sec: 42 (rv=0)] | 04:20:17 |
