judge-server
judge-server copied to clipboard
DMOJ
cptbox multithreading support
cptbox does not debug newly created threads of a debugged process. This behaviour is inherently unsafe and must be rectified.
If we have threads, there is the possibility of a second thread maliciously modifying a buffer used by the first between when ptbox validates it and when the kernel actually executes. We would need to stop all threads for the duration of each syscall to be safe, but this could be hazardous to performance.
Instead, we may be able to define some syscalls as "critical" (e.g., operating on buffers), and only stop everything for those. Examples of critical syscalls are open or faccessat, among others. We can have a "fast path" where we allow them without stopping threads so long as no shared memory was mapped by the submission (or even as long as the pointer to the buffer isn't in the shared region). This would, of course, necessitate tracking shared regions.
This is really one of those cases where a chroot or seccomp-based approach would be more convenient, but it's certainly not insurmountable.
What do you mean by "so long as no shared memory was mapped by the submission"? All threads share the entire address space?
