#sandbox #security #linux

libsydtime

Rust-based C LD_PRELOAD library to replace vDSO time calls with syscalls

4 releases

new 0.0.4 Nov 13, 2024
0.0.3 Feb 12, 2024
0.0.2 Jan 25, 2024
0.0.1 Jan 25, 2024

#542 in Unix APIs

Download history 3391/week @ 2024-07-29 3269/week @ 2024-08-05 3315/week @ 2024-08-12 3249/week @ 2024-08-19 275/week @ 2024-08-26 951/week @ 2024-09-02 3339/week @ 2024-09-09 3136/week @ 2024-09-16 2893/week @ 2024-09-23 3483/week @ 2024-09-30 3519/week @ 2024-10-07 3463/week @ 2024-10-14 3496/week @ 2024-10-21 2132/week @ 2024-10-28 3428/week @ 2024-11-04 3587/week @ 2024-11-11

13,145 downloads per month

LGPL-3.0

5KB

libsydtime is a LD_PRELOAD library to replace vDSO time calls with system calls. This library is meant as a complement to syd's trace/deny_tsc sandbox command.

To install from source, clone the repository at https://git.sr.ht/~alip/syd, change into the directory time and run make, make test and doas make install. The only prerequisite is Rust 1.56.1 or later.

Below is a simple example of how to use libsydtime with syd:

$ strace -qf -e%clock syd -ppaludis -mtrace/deny_tsc:1 -eLD_PRELOAD=/usr/local/lib/libsydtime.so date
[pid 27095] clock_gettime(CLOCK_REALTIME, {tv_sec=1706186439, tv_nsec=28829866}) = 0
Thu Jan 25 12:40:39 UTC 2024
[pid 27095] +++ exited with 0 +++
$ strace -qf -e%clock syd -ppaludis date # vDSO
Thu Jan 25 12:41:25 UTC 2024
[pid 27103] +++ exited with 0 +++
$ strace -qf -e%clock syd -ppaludis -mtrace/deny_tsc:1 date # vDSO not permitted
[pid 27113] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid 27113] +++ killed by SIGSEGV +++
$

Maintained by Ali Polatel. Up-to-date sources can be found at https://git.sr.ht/~alip/syd and bugs/patches can be submitted by email to ~alip/sydbox-devel@lists.sr.ht.

Dependencies

~44KB