diff options
| author | Andrew G. Morgan <morgan@kernel.org> | 2020-12-10 21:58:10 -0800 |
|---|---|---|
| committer | Andrew G. Morgan <morgan@kernel.org> | 2020-12-10 22:06:35 -0800 |
| commit | e7e0e1b9e2cf3378d329174ed5b0c716b0539c72 (patch) | |
| tree | daeb0e727867b9a290501e5e69fb1a7f6b9aa403 | |
| parent | 4d13894a85386feeca22ebf7c0f84f4173376e0f (diff) | |
| download | libcap2-psx/v0.2.46-rc4.tar.gz | |
Fix some typos in the psx.c code related to 6 argument syscalls.psx/v0.2.46-rc4
https://bugzilla.kernel.org/show_bug.cgi?id=210613
Essentially, 6 argument psx_syscall()s were not correctly implemented
before. The only consumer of these in [lib]cap were to set and reset
the ambient capability values, and so far I evidently hadn't tested
them in a multithreaded program.
Six argument psx_syscall()s work now, and I've adapted the reproducer
code into a new make sudotest.
Also cleaned up the psx_syscall() macro to remove any ambiguity about
argument sizes.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
| -rw-r--r-- | go/.gitignore | 1 | ||||
| -rw-r--r-- | go/Makefile | 8 | ||||
| -rw-r--r-- | go/b210613.go | 21 | ||||
| -rw-r--r-- | psx/psx.c | 14 | ||||
| -rw-r--r-- | psx/psx_syscall.h | 4 |
5 files changed, 39 insertions, 9 deletions
diff --git a/go/.gitignore b/go/.gitignore index 461bb4d..30ae0b6 100644 --- a/go/.gitignore +++ b/go/.gitignore @@ -3,6 +3,7 @@ compare-cap try-launching try-launching-cgo psx-signals +b210613 mknames web setid diff --git a/go/Makefile b/go/Makefile index b22a9bc..3bd79c8 100644 --- a/go/Makefile +++ b/go/Makefile @@ -80,6 +80,9 @@ endif psx-signals: psx-signals.go $(PSXGOPACKAGE) GO111MODULE=off CGO_LDFLAGS_ALLOW="$(CGO_LDFLAGS_ALLOW)" CGO_CFLAGS="$(CGO_CFLAGS)" CGO_LDFLAGS="$(CGO_LDFLAGS)" GOPATH=$(GOPATH) $(GO) build $< +b210613: b210613.go $(CAPGOPACKAGE) + GO111MODULE=off CGO_LDFLAGS_ALLOW="$(CGO_LDFLAGS_ALLOW)" CGO_CFLAGS="$(CGO_CFLAGS)" CGO_LDFLAGS="$(CGO_LDFLAGS)" GOPATH=$(GOPATH) $(GO) build $< + test: all GO111MODULE=off CGO_LDFLAGS_ALLOW="$(CGO_LDFLAGS_ALLOW)" GOPATH="$(GOPATH)" $(GO) test $(IMPORTDIR)/psx GO111MODULE=off CGO_LDFLAGS_ALLOW="$(CGO_LDFLAGS_ALLOW)" GOPATH="$(GOPATH)" $(GO) test $(IMPORTDIR)/cap @@ -91,7 +94,7 @@ test: all # Note, the user namespace doesn't require sudo, but I wanted to avoid # requiring that the hosting kernel supports user namespaces for the # regular test case. -sudotest: test ../progs/tcapsh-static +sudotest: test ../progs/tcapsh-static b210613 ./gowns --ns -- -c "echo gowns runs with user namespace" ./try-launching ifeq ($(CGO_REQUIRED),0) @@ -101,6 +104,7 @@ endif ifeq ($(CGO_REQUIRED),0) sudo ./try-launching-cgo endif + sudo ../progs/tcapsh-static --cap-uid=$$(id -u) --caps="cap_setpcap=ep" --iab="^cap_setpcap" -- -c ./b210613 install: all rm -rf $(FAKEROOT)$(GOPKGDIR)/$(IMPORTDIR)/psx @@ -115,5 +119,5 @@ clean: rm -f web setid gowns rm -f compare-cap try-launching try-launching-cgo rm -f $(topdir)/cap/*~ $(topdir)/psx/*~ - rm -f psx-signals + rm -f psx-signals b210613 rm -fr pkg src diff --git a/go/b210613.go b/go/b210613.go new file mode 100644 index 0000000..2bced06 --- /dev/null +++ b/go/b210613.go @@ -0,0 +1,21 @@ +// Program b210613 reproduces the code reported in: +// +// https://bugzilla.kernel.org/show_bug.cgi?id=210613 +// +// This file is evolved directly from the reproducer attached to that +// bug report originally authored by Lorenz Bauer. +package main + +import ( + "fmt" + "log" + + "kernel.org/pub/linux/libs/security/libcap/cap" +) + +func main() { + if err := cap.ModeNoPriv.Set(); err != nil { + log.Fatalf("error dropping privilege: %v", err) + } + fmt.Println("b210613: PASSED") +} @@ -220,8 +220,10 @@ static void psx_syscall_start(void) { * All sorts of things are assumed by Linux and glibc and/or musl * about signal handlers and which can be blocked. Go has its own * idiosyncrasies too. We tried SIGRTMAX until - * https://bugzilla.kernel.org/show_bug.cgi?id=210533, so this is - * our current strategy: to intercept SIGSYS. + * + * https://bugzilla.kernel.org/show_bug.cgi?id=210533 + * + * Our current strategy is to aggressively intercept SIGSYS. */ psx_tracker.psx_sig = SIGSYS; @@ -500,9 +502,9 @@ static long int __psx_immediate_syscall(long int syscall_nr, if (count > 3) { psx_tracker.cmd.six = 1; - psx_tracker.cmd.arg1 = arg[3]; - psx_tracker.cmd.arg2 = count > 4 ? arg[4] : 0; - psx_tracker.cmd.arg3 = count > 5 ? arg[5] : 0; + psx_tracker.cmd.arg4 = arg[3]; + psx_tracker.cmd.arg5 = count > 4 ? arg[4] : 0; + psx_tracker.cmd.arg6 = count > 5 ? arg[5] : 0; return syscall(syscall_nr, psx_tracker.cmd.arg1, psx_tracker.cmd.arg2, @@ -559,7 +561,7 @@ long int __psx_syscall(long int syscall_nr, ...) { long int ret; - ret = __psx_immediate_syscall(syscall_nr, count, arg);; + ret = __psx_immediate_syscall(syscall_nr, count, arg); if (ret == -1 || !psx_tracker.initialized) { psx_new_state(_PSX_SETUP, _PSX_IDLE); goto defer; diff --git a/psx/psx_syscall.h b/psx/psx_syscall.h index 4c99375..4aacfab 100644 --- a/psx/psx_syscall.h +++ b/psx/psx_syscall.h @@ -43,7 +43,9 @@ extern "C" { * and psx_syscall6(). */ #define psx_syscall(syscall_nr, ...) \ - __psx_syscall(syscall_nr, __VA_ARGS__, 6, 5, 4, 3, 2, 1, 0) + __psx_syscall(syscall_nr, __VA_ARGS__, (long int) 6, (long int) 5, \ + (long int) 4, (long int) 3, (long int) 2, \ + (long int) 1, (long int) 0) long int __psx_syscall(long int syscall_nr, ...); long int psx_syscall3(long int syscall_nr, long int arg1, long int arg2, long int arg3); |