Created
January 16, 2022 20:34
-
-
Save vadorovsky/9ec6fd483597915e2f48c8d642022a11 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:482] [DATASEC] .maps: fixup size to 288 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:518] [DATASEC] .maps: [VAR] runtimes: fixup offset 0 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:518] [DATASEC] .maps: [VAR] containers: fixup offset 32 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:518] [DATASEC] .maps: [VAR] processes: fixup offset 64 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:518] [DATASEC] .maps: [VAR] allowed_paths_mount_restricted: fixup offset 96 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:518] [DATASEC] .maps: [VAR] allowed_paths_mount_baseline: fixup offset 128 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:518] [DATASEC] .maps: [VAR] allowed_paths_access_restricted: fixup offset 160 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:518] [DATASEC] .maps: [VAR] allowed_paths_access_baseline: fixup offset 192 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:518] [DATASEC] .maps: [VAR] denied_paths_access_restricted: fixup offset 224 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:518] [DATASEC] .maps: [VAR] denied_paths_access_baseline: fixup offset 256 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:482] [DATASEC] .rodata: fixup size to 745 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____sched_process_fork.____fmt: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] handle_new_process.____fmt: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] handle_new_process.____fmt.1: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] handle_new_process.____fmt.2: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] handle_new_process.____fmt.3: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____clone_audit.____fmt: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____syslog_audit.____fmt: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____syslog_audit.____fmt.4: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____syslog_audit.____fmt.5: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____syslog_audit.____fmt.6: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] get_policy_level.____fmt: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____mount_audit.____fmt: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____mount_audit.____fmt.7: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____mount_audit.____fmt.8: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____mount_audit.____fmt.9: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____mount_audit.____fmt.10: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____mount_audit.____fmt.11: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____open_audit.____fmt: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____open_audit.____fmt.12: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____open_audit.____fmt.13: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:500] [DATASEC] .rodata: [VAR] ____open_audit.____fmt.14: fixup not required | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:482] [DATASEC] license: fixup size to 4 | |
20:33:12 [DEBUG] (1) aya::obj::btf::btf: [/home/vadorovsky/.cargo/git/checkouts/aya-6c205a15ba5644a0/d5451c8/aya/src/obj/btf/btf.rs:518] [DATASEC] license: [VAR] __license: fixup offset 0 | |
20:33:12 [DEBUG] (1) lockc: [lockc/src/main.rs:70] allowed paths initialized | |
Error: the BPF_PROG_LOAD syscall failed. Verifier output: func#0 @0 | |
R1 type=ctx expected=fp | |
0: R1=ctx(id=0,off=0,imm=0) R10=fp0 | |
; int BPF_PROG(clone_audit, struct task_struct *task, unsigned long clone_flags, | |
0: (b7) r2 = 2512 | |
1: R1=ctx(id=0,off=0,imm=0) R2_w=inv2512 R10=fp0 | |
; int BPF_PROG(clone_audit, struct task_struct *task, unsigned long clone_flags, | |
1: (79) r6 = *(u64 *)(r1 +0) | |
func 'bpf_lsm_task_alloc' arg0 has btf_id 153 type STRUCT 'task_struct' | |
2: R1=ctx(id=0,off=0,imm=0) R2_w=inv2512 R6_w=ptr_task_struct(id=0,off=0,imm=0) R10=fp0 | |
2: (bf) r3 = r6 | |
3: R1=ctx(id=0,off=0,imm=0) R2_w=inv2512 R3_w=ptr_task_struct(id=0,off=0,imm=0) R6_w=ptr_task_struct(id=0,off=0,imm=0) R10=fp0 | |
3: (0f) r3 += r2 | |
last_idx 3 first_idx 0 | |
regs=4 stack=0 before 2: (bf) r3 = r6 | |
regs=4 stack=0 before 1: (79) r6 = *(u64 *)(r1 +0) | |
regs=4 stack=0 before 0: (b7) r2 = 2512 | |
4: R1=ctx(id=0,off=0,imm=0) R2_w=invP2512 R3_w=ptr_task_struct(id=0,off=2512,imm=0) R6_w=ptr_task_struct(id=0,off=0,imm=0) R10=fp0 | |
4: (79) r9 = *(u64 *)(r1 +16) | |
5: R1=ctx(id=0,off=0,imm=0) R2_w=invP2512 R3_w=ptr_task_struct(id=0,off=2512,imm=0) R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 | |
5: (bf) r1 = r10 | |
6: R1_w=fp0 R2_w=invP2512 R3_w=ptr_task_struct(id=0,off=2512,imm=0) R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 | |
; | |
6: (07) r1 += -24 | |
7: R1_w=fp-24 R2_w=invP2512 R3_w=ptr_task_struct(id=0,off=2512,imm=0) R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 | |
; struct task_struct *parent = BPF_CORE_READ(task, real_parent); | |
7: (b7) r2 = 8 | |
8: R1_w=fp-24 R2_w=inv8 R3_w=ptr_task_struct(id=0,off=2512,imm=0) R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 | |
8: (85) call bpf_probe_read_kernel#113 | |
last_idx 8 first_idx 0 | |
regs=4 stack=0 before 7: (b7) r2 = 8 | |
9: R0_w=inv(id=0) R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
; struct task_struct *parent = BPF_CORE_READ(task, real_parent); | |
9: (79) r1 = *(u64 *)(r10 -24) | |
10: R0_w=inv(id=0) R1_w=inv(id=0) R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
; if (parent == NULL) { | |
10: (55) if r1 != 0x0 goto pc+7 | |
R0_w=inv(id=0) R1_w=inv0 R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
11: R0_w=inv(id=0) R1_w=inv0 R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
; bpf_printk("error: clone_audit: parent is NULL\n"); | |
11: (18) r1 = 0xffff89eaea4069fd | |
13: R0_w=inv(id=0) R1_w=map_value(id=0,off=237,ks=4,vs=745,imm=0) R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
13: (b7) r2 = 36 | |
14: R0_w=inv(id=0) R1_w=map_value(id=0,off=237,ks=4,vs=745,imm=0) R2_w=inv36 R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
14: (85) call bpf_trace_printk#6 | |
R0_w=inv(id=0) R1_w=map_value(id=0,off=237,ks=4,vs=745,imm=0) R2_w=inv36 R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
last_idx 14 first_idx 0 | |
regs=4 stack=0 before 13: (b7) r2 = 36 | |
15: R0=inv(id=0) R6=ptr_task_struct(id=0,off=0,imm=0) R9=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
15: (18) r8 = 0xffffffff | |
17: R0=inv(id=0) R6=ptr_task_struct(id=0,off=0,imm=0) R8_w=inv4294967295 R9=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
17: (05) goto pc+77 | |
95: R0=inv(id=0) R6=ptr_task_struct(id=0,off=0,imm=0) R8_w=inv4294967295 R9=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
; int BPF_PROG(clone_audit, struct task_struct *task, unsigned long clone_flags, | |
95: (bf) r0 = r8 | |
96: R0_w=inv4294967295 R6=ptr_task_struct(id=0,off=0,imm=0) R8_w=inv4294967295 R9=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
96: (95) exit | |
18: R0_w=inv(id=0) R1_w=inv(id=0) R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
; pid_t pid = child->pid; | |
18: (61) r2 = *(u32 *)(r6 +2496) | |
19: R0_w=inv(id=0) R1_w=inv(id=0) R2_w=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 fp-24=mmmmmmmm | |
; pid_t pid = child->pid; | |
19: (63) *(u32 *)(r10 -4) = r2 | |
20: R0_w=inv(id=0) R1_w=inv(id=0) R2_w=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) R6_w=ptr_task_struct(id=0,off=0,imm=0) R9_w=inv(id=0) R10=fp0 fp-8=mmmm???? fp-24=mmmmmmmm | |
; pid_t ppid = parent->pid; | |
20: (61) r1 = *(u32 *)(r1 +2496) | |
R1 invalid mem access 'inv' | |
verification time 805 usec | |
stack depth 24 | |
processed 21 insns (limit 1000000) max_states_per_insn 0 total_states 1 peak_states 1 mark_read 0 | |
Caused by: | |
Permission denied (os error 13) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment