Skip to content
  • Carlos Garnacho's avatar
    tracker-extract: Turn off security features under Valgrind · 78836930
    Carlos Garnacho authored
    Detect running under Valgrind, and turn off Landlock/Seccomp in
    order to make the tracker-extract-3 process traceable.
    
    This obviously errs on the side of user friendliness, making it
    possible to just run:
    
    $ valgrind --trace-children=yes /usr/libexec/tracker-miner-fs-3
    
    To get reports for both tracker-miner-fs-3 and tracker-extract-3
    in a single run, or:
    
    $ valgrind /usr/libexec/tracker-extract-3 -f /path/to/file
    
    To get Valgrind reports of tracker-extract-3 extracting metadata
    from an individual file. The current alternative to trace memory usage
    in the tracker-extract-3 process is to disable Landlock/Seccomp
    functionalities at build time (i.e. requiring a development environment),
    this is not great if we have to ask users to run Valgrind for us.
    
    These checks are done prior to dealing with any untrusted data, so
    it is implausible that exploits in the filesystem could pre-emptively
    alter the environment to turn off these features. And optimistically
    the virtualized environment while running under Valgrind should throw
    off attempts from exploits to take advantage of memory handling
    mishaps. These caveats should not be completely ignored though, if
    you have untrusted files and want to profile memory usage of
    tracker-miners processes.
    
    An additional measure adopted by tracker-extract-3 when running
    under Valgrind is disabling the per-file deadline, since Valgrind
    may make things slow enough to challenge it.
    78836930