Seccomp on Ethan-ZYFhttps://ethanzyf.com/tags/seccomp/Recent content in Seccomp on Ethan-ZYFHugoen-usThu, 21 May 2026 00:00:00 -0700Week2 Day 4: K8s security — AppArmorhttps://ethanzyf.com/blog/week2-day4-apparmor/Thu, 21 May 2026 00:00:00 -0700https://ethanzyf.com/blog/week2-day4-apparmor/<p>AppArmor as the path-based complement to seccomp&rsquo;s syscall-based filtering — and a hands-on lesson in why that complement is harder to deploy. This post covers how K8s wraps AppArmor (<code>securityContext.appArmorProfile</code>, symmetric with seccomp&rsquo;s three types), why an AppArmor profile is heavier than a seccomp one (it must be pre-loaded into the node&rsquo;s kernel via <code>apparmor_parser</code>, not just dropped as a file), why <code>deny /data/** w</code> blocks every syscall that writes there (closing the hole where <code>touch</code> bypassed yesterday&rsquo;s mkdir block), and the day&rsquo;s most valuable lesson: <strong>the experiment couldn&rsquo;t run at all</strong> because a Mac/Docker-Desktop kind node has no AppArmor LSM in its kernel — a firsthand encounter with the fail-open trap and the portability problem of AppArmor-based mitigations.</p>Week2 Day 3: K8s security — seccomphttps://ethanzyf.com/blog/week2-day3-seccomp/Wed, 20 May 2026 00:00:00 -0700https://ethanzyf.com/blog/week2-day3-seccomp/<p>Where Week 1 and Week 2 meet: K8s seccomp is the <em>same</em> kernel seccomp from Week 1, except runc installs the BPF filter for you instead of your application. This post traces the full kubelet → containerd → runc chain (and what runc actually does — namespaces, cgroups, NNP, caps, seccomp, AppArmor, then exec), the three profile types (Unconfined / RuntimeDefault / Localhost), why the profile JSON is just the declarative form of the cBPF you&rsquo;d hand-write, why <code>SCMP_ACT_ERRNO</code> lets the process survive while <code>mkdir</code> returns EPERM, and the crucial limitation: seccomp blocks <em>syscalls</em>, not <em>intent</em> — block <code>mkdir</code> and <code>touch</code> (which uses <code>openat</code>) still creates files. Plus <code>/proc/&lt;pid&gt;/status</code> as the ground-truth proof a filter is loaded.</p>Day 4: seccomp BPF Filter (filter mode deep dive)https://ethanzyf.com/blog/day4-seccomp-filter/Thu, 14 May 2026 00:00:00 -0700https://ethanzyf.com/blog/day4-seccomp-filter/<p>A deep dive into seccomp filter mode: the BPF data layout, why pointer args can&rsquo;t be dereferenced (TOCTOU <em>and</em> atomic context), the cBPF instruction skeleton, the multi-ABI bypasses every filter must defend against, and the eight <code>SECCOMP_RET_*</code> actions that power modern container security — including the <code>USER_NOTIF</code> + fd-injection pattern that runc/crun use.</p>Day 3: seccomp Basics + Strict Modehttps://ethanzyf.com/blog/day3-seccomp-strict/Wed, 13 May 2026 00:00:00 -0700https://ethanzyf.com/blog/day3-seccomp-strict/<p>How <code>seccomp</code> intercepts syscalls at the kernel entry, what <code>SECCOMP_MODE_STRICT</code> actually allows (and the <code>_exit()</code> trap that fools nearly everyone), plus the design philosophy that filter mode inherits: monotonic, irrevocable security state.</p>