Giter Site home page Giter Site logo

libsandfs's Introduction

LibSandFS

LibSandFS is a helper library that provides high-level APIs and abstractions for developers to write eBPF code for enforcing custom security checks in the kernel as a part of SandFS.

This library is based on bpf samples found in Linux kernel tree.

Build kernel

You will need to install and run a kernel with SandFS support to test this library. To clone the kernel sources do:

$ git clone https://github.com/sandfs/SandFS-Kernel
$ cd SandFS-Kernel
$ make menuconfig
    Select 'File systems -> Sandfs sandboxing file system' and save/exit.
$ make -j4
$ sudo make install -j4

Build library

Boot into the new kernel to test LibSandFS. You will also need LLVM/Clang toolchain with bpf backend to build the library.

$ LLC=llc CLANG=clang make

@inproceedings{Bijlani:2018:LFF:3265723.3265734,
 author = {Bijlani, Ashish and Ramachandran, Umakishore},
 title = {A Lightweight and Fine-grained File System Sandboxing Framework},
 booktitle = {Proceedings of the 9th Asia-Pacific Workshop on Systems},
 year = {2018},
 location = {Jeju Island, Republic of Korea},
 pages = {17:1--17:7},
 numpages = {7},
 publisher = {ACM},
}

libsandfs's People

Contributors

ashishbijlani avatar sandfs avatar

Stargazers

Wufisher avatar zer0-1s avatar Mahmoud Rusty Abdelkader avatar Yuki Nakata avatar Nadeshiko Manju avatar Dian avatar avatar Mr.lu avatar avatar Junyeong Jeong avatar Yigal Korman avatar Michael Santos avatar Read Sprabery avatar Erik Hollensbe avatar avatar ivz hh avatar Ali Rathore avatar Matt Schreiber avatar avatar Devin Austin avatar avatar

Watchers

avatar avatar

Forkers

lokeshjaliminche rocker9527 wubo009 go1223 safai-labs

libsandfs's Issues

run error

I made some changes in Makefile to get binary file sandfs

EXTRA_CFLAGS += -I$(PWD)/include -I$(objtree)/samples/bpf

HOSTCFLAGS += -fPIC -I$(objtree)/usr/include -I$(PWD)/include
HOSTCFLAGS += -I$(objtree)/samples/bpf -I$(objtree)/tools/lib -I$(objtree)/tools/lib/bpf
HOSTCFLAGS_bpf_load.o += -I$(objtree)/usr/include -I/usr/src/SandFS-Kernel/tools/perf -I/usr/src/SandFS-Kernel/tools/include -Wno-unused-variable
HOSTCFLAGS_libbpf.o += -I$(objtree)/usr/include -Wno-unused-variable
HOSTLOADLIBES_sandfs += -lelf -lcap -lpthread

however it cannot run

go@ubuntu:~/Desktop/LibSandFS$ sudo ./sandfs  -d /home/go -s bpf/sandfs.o   /bin/sh
bpf_load_program() err=22
invalid prog_fd[0]=0 and map_fd[0]=6
Failed to load bpf prog!

boot in new kernel buf make LibSandFS failed

boot in new kernel

go@ubuntu:~/Desktop/LibSandFS$ uname -r
4.10.0-rc8+

make LibSandFS failed

go@ubuntu:~/Desktop/LibSandFS$ sudo make
make -C /lib/modules/`uname -r`/build $PWD/
make[1]: Entering directory '/usr/src/SandFS-Kernel'
  CHK     include/config/kernel.release
  CHK     include/generated/uapi/linux/version.h
  CHK     include/generated/utsrelease.h
  CHK     include/generated/timeconst.h
  CHK     include/generated/bounds.h
  CHK     include/generated/asm-offsets.h
  CALL    scripts/checksyscalls.sh
  HOSTCC  /home/go/Desktop/LibSandFS/src/libbpf.o
In file included from /home/go/Desktop/LibSandFS/src/libbpf.c:27:0:
./tools/lib/bpf/bpf.h:45:7: warning: ‘enum bpf_attach_type’ declared inside parameter list
       unsigned int flags);
       ^
./tools/lib/bpf/bpf.h:45:7: warning: its scope is only this definition or declaration, which is probably not what you want
./tools/lib/bpf/bpf.h:46:45: warning: ‘enum bpf_attach_type’ declared inside parameter list
 int bpf_prog_detach(int attachable_fd, enum bpf_attach_type type);
                                             ^
/home/go/Desktop/LibSandFS/src/libbpf.c: In function ‘bpf_create_map’:
/home/go/Desktop/LibSandFS/src/libbpf.c:67:6: error: ‘union bpf_attr’ has no member named ‘map_flags’
  attr.map_flags = map_flags;
      ^
/home/go/Desktop/LibSandFS/src/libbpf.c: At top level:
/home/go/Desktop/LibSandFS/src/libbpf.c:172:7: warning: ‘enum bpf_attach_type’ declared inside parameter list
       unsigned int flags)
       ^
/home/go/Desktop/LibSandFS/src/libbpf.c:171:70: error: parameter 3 (‘type’) has incomplete type
 int bpf_prog_attach(int prog_fd, int target_fd, enum bpf_attach_type type,
                                                                      ^
/home/go/Desktop/LibSandFS/src/libbpf.c: In function ‘bpf_prog_attach’:
/home/go/Desktop/LibSandFS/src/libbpf.c:177:6: error: ‘union bpf_attr’ has no member named ‘target_fd’
  attr.target_fd    = target_fd;
      ^
/home/go/Desktop/LibSandFS/src/libbpf.c:178:6: error: ‘union bpf_attr’ has no member named ‘attach_bpf_fd’
  attr.attach_bpf_fd = prog_fd;
      ^
/home/go/Desktop/LibSandFS/src/libbpf.c:179:6: error: ‘union bpf_attr’ has no member named ‘attach_type’
  attr.attach_type   = type;
      ^
/home/go/Desktop/LibSandFS/src/libbpf.c:180:6: error: ‘union bpf_attr’ has no member named ‘attach_flags’
  attr.attach_flags  = flags;
      ^
/home/go/Desktop/LibSandFS/src/libbpf.c:182:17: error: ‘BPF_PROG_ATTACH’ undeclared (first use in this function)
  return sys_bpf(BPF_PROG_ATTACH, &attr, sizeof(attr));
                 ^
/home/go/Desktop/LibSandFS/src/libbpf.c:182:17: note: each undeclared identifier is reported only once for each function it appears in
/home/go/Desktop/LibSandFS/src/libbpf.c: At top level:
/home/go/Desktop/LibSandFS/src/libbpf.c:185:41: warning: ‘enum bpf_attach_type’ declared inside parameter list
 int bpf_prog_detach(int target_fd, enum bpf_attach_type type)
                                         ^
/home/go/Desktop/LibSandFS/src/libbpf.c:185:57: error: parameter 2 (‘type’) has incomplete type
 int bpf_prog_detach(int target_fd, enum bpf_attach_type type)
                                                         ^
/home/go/Desktop/LibSandFS/src/libbpf.c: In function ‘bpf_prog_detach’:
/home/go/Desktop/LibSandFS/src/libbpf.c:190:6: error: ‘union bpf_attr’ has no member named ‘target_fd’
  attr.target_fd  = target_fd;
      ^
/home/go/Desktop/LibSandFS/src/libbpf.c:191:6: error: ‘union bpf_attr’ has no member named ‘attach_type’
  attr.attach_type = type;
      ^
/home/go/Desktop/LibSandFS/src/libbpf.c:193:17: error: ‘BPF_PROG_DETACH’ undeclared (first use in this function)
  return sys_bpf(BPF_PROG_DETACH, &attr, sizeof(attr));
                 ^
/home/go/Desktop/LibSandFS/src/libbpf.c: In function ‘bpf_prog_attach’:
/home/go/Desktop/LibSandFS/src/libbpf.c:183:1: warning: control reaches end of non-void function [-Wreturn-type]
 }
 ^
/home/go/Desktop/LibSandFS/src/libbpf.c: In function ‘bpf_prog_detach’:
/home/go/Desktop/LibSandFS/src/libbpf.c:194:1: warning: control reaches end of non-void function [-Wreturn-type]
 }
 ^
scripts/Makefile.host:124: recipe for target '/home/go/Desktop/LibSandFS/src/libbpf.o' failed
make[2]: *** [/home/go/Desktop/LibSandFS/src/libbpf.o] Error 1
Makefile:1658: recipe for target '/home/go/Desktop/LibSandFS/' failed
make[1]: *** [/home/go/Desktop/LibSandFS/] Error 2
make[1]: Leaving directory '/usr/src/SandFS-Kernel'
Makefile:39: recipe for target 'all' failed
make: *** [all] Error 2

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.