runtime/pprof: add ReadMaps preloading API #30609
Labels
compiler/runtime
Issues related to the Go compiler and/or runtime.
help wanted
NeedsFix
The path to resolution is known, but the work has not been done.
Proposal
Proposal-Accepted
Milestone
What version of Go are you using (
go version
)?1.12
Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?Linux Debian 4.19.16-1 x86_64 GNU/Linux
What did you do?
Certain processes run with tight seccomp filters to restrict the access to the host OS. Namely the gVisor sandbox process is prohibited from calling open(2) and openat(2) to reduce the blast radius in case the gVisor kernel gets compromised. However, when using runtime.pprof, it tries to open
/proc/self/maps
(here) and executable/libs here. Those calls trip over the seccomp filters and kill the process.If it would be possible to make a call to pprof to preload this information, applications could call it before seccomp filters are installed, and thus allow the process to be profiled while remaining secure. Another option is to pre-open
/proc/self/maps
and then read when needed by the profiler.The text was updated successfully, but these errors were encountered: