Remove capabities and libcap dependency · overby.me/darling-nix@8d6d0b9

-4

src/startup/mldr/CMakeLists.txt

··· 30 30 31 31 target_link_libraries(mldr PRIVATE -lrt -ldl mldr_dserver_rpc) 32 32 33 - include(setcap) 34 - 35 33 install(TARGETS mldr DESTINATION libexec/darling/usr/libexec/darling) 36 - setcap(libexec/darling/usr/libexec/darling/mldr cap_sys_rawio,cap_sys_resource+ep) 37 34 38 35 configure_file(darling.conf.in darling.conf @ONLY) 39 36 install(FILES "${CMAKE_CURRENT_BINARY_DIR}/darling.conf" DESTINATION lib/binfmt.d) ··· 55 52 target_link_libraries(mldr32 PRIVATE -lrt -ldl mldr32_dserver_rpc) 56 53 57 54 install(TARGETS mldr32 DESTINATION libexec/darling/usr/libexec/darling) 58 - setcap(libexec/darling/usr/libexec/darling/mldr32 cap_sys_rawio,cap_sys_resource+ep) 59 55 endif()

+67 -6

src/startup/mldr/mldr.c

··· 39 39 #include <sys/socket.h> 40 40 #include <sys/un.h> 41 41 #include <darlingserver/rpc.h> 42 + #include <sys/ptrace.h> 42 43 43 44 #ifndef PAGE_SIZE 44 45 # define PAGE_SIZE 4096 ··· 89 90 90 91 static uint32_t stack_size = 0; 91 92 93 + static const char* const skip_env_vars[] = { 94 + "__mldr_bprefs=", 95 + "__mldr_sockpath=", 96 + }; 97 + 92 98 int main(int argc, char** argv, char** envp) 93 99 { 94 100 void** sp; 95 101 int pushCount = 0; 96 102 char *filename, *p = NULL; 103 + size_t arg_strings_total_size_after = 0; 104 + size_t orig_argv0_len = 0; 105 + const char* orig_argv1 = NULL; 97 106 98 107 mldr_load_results.kernfd = -1; 99 108 mldr_load_results.argc = argc; ··· 131 140 strcpy(filename, argv[1]); 132 141 } 133 142 143 + // allow any process to ptrace us 144 + // the only process we really care about being able to do this is the server, 145 + // but we can't just use the server's PID, since it lies outside our PID namespace. 146 + ptrace(PR_SET_PTRACER, PR_SET_PTRACER_ANY, 0, 0, 0); 147 + 134 148 process_special_env(&mldr_load_results); 135 149 136 150 #ifdef __i386__ ··· 155 169 } 156 170 #endif 157 171 158 - if (prctl(PR_SET_MM, PR_SET_MM_START_STACK, mldr_load_results.stack_top, 0, 0) < 0) { 159 - fprintf(stderr, "Failed to set stack start\n"); 160 - return 1; 161 - } 172 + // adjust argv (remove mldr's argv[0]) 173 + // NOTE: this code assumes that the current argv array points to contiguous strings. 174 + // this is not necessarily true, although AFAIK this is always true on Linux. 175 + // also note: we do it this way (moving the string contents in addition to the pointers) 176 + // so that Linux sees our modified argv array without having to use PR_SET_MM_ARG_START 177 + // and PR_SET_MM_ARG_END (since those require CAP_SYS_RESOURCE) 162 178 163 - // adjust argv (remove mldr's argv[0]) 164 179 --mldr_load_results.argc; 180 + 181 + orig_argv0_len = strlen(mldr_load_results.argv[0]) + 1; 182 + orig_argv1 = mldr_load_results.argv[1]; 183 + 165 184 for (size_t i = 0; i < mldr_load_results.argc; ++i) { 166 - mldr_load_results.argv[i] = mldr_load_results.argv[i + 1]; 185 + mldr_load_results.argv[i] = mldr_load_results.argv[0] + arg_strings_total_size_after; 186 + arg_strings_total_size_after += strlen(mldr_load_results.argv[i + 1]) + 1; 167 187 } 168 188 mldr_load_results.argv[mldr_load_results.argc] = NULL; 169 189 190 + memmove(mldr_load_results.argv[0], orig_argv1, arg_strings_total_size_after); 191 + memset(mldr_load_results.argv[0] + arg_strings_total_size_after, 0, orig_argv0_len); 192 + 170 193 if (p == NULL) { 171 194 vchroot_unexpand_interpreter(&mldr_load_results); 195 + } 196 + 197 + // adjust envp (remove special mldr variables) 198 + // NOTE: same as for argv; here we assume the envp strings are contiguous 199 + for (size_t i = 0; i < mldr_load_results.envc; ++i) { 200 + if (!mldr_load_results.envp[i]) { 201 + mldr_load_results.envc = i; 202 + break; 203 + } 204 + 205 + size_t len = strlen(mldr_load_results.envp[i]) + 1; 206 + 207 + // Don't pass these special env vars down to userland 208 + #define SKIP_VAR(_name) \ 209 + (len > sizeof(_name) - 1 && strncmp(mldr_load_results.envp[i], _name, sizeof(_name) - 1) == 0) 210 + 211 + if ( 212 + SKIP_VAR("__mldr_bprefs=") || 213 + SKIP_VAR("__mldr_sockpath=") 214 + ) { 215 + size_t len_after = 0; 216 + const char* orig_envp_i_plus_one = mldr_load_results.envp[i + 1]; 217 + 218 + --mldr_load_results.envc; 219 + 220 + for (size_t j = i; j < mldr_load_results.envc; ++j) { 221 + mldr_load_results.envp[j] = mldr_load_results.envp[i] + len_after; 222 + len_after += strlen(mldr_load_results.envp[j + 1]) + 1; 223 + } 224 + mldr_load_results.envp[mldr_load_results.envc] = NULL; 225 + 226 + memmove(mldr_load_results.envp[i], orig_envp_i_plus_one, len_after); 227 + memset(mldr_load_results.envp[i] + len_after, 0, len); 228 + 229 + // we have to check this index again because it now points to a different string 230 + --i; 231 + continue; 232 + } 172 233 } 173 234 174 235 if (mldr_load_results._32on64)

-53

src/startup/mldr/stack.c

··· 28 28 #include "loader.h" 29 29 #include <darling-config.h> 30 30 #include "elfcalls/elfcalls.h" 31 - #include <sys/prctl.h> 32 31 33 32 #if defined(GEN_64BIT) 34 33 #define FUNCTION_NAME setup_stack64 ··· 154 153 } 155 154 156 155 // Fill in argv pointers 157 - // NOTE: the prctl code assumes that the current argv array points to contiguous strings. 158 - // this is not necessarily true, although AFAIK this is always true on Linux. 159 - // nonetheless, we should probably not assume this. 160 156 argv = sp; 161 - uintptr_t arg_space_ptr = lr->argv[0]; 162 - if (prctl(PR_SET_MM, PR_SET_MM_ARG_START, arg_space_ptr, 0, 0) < 0) { 163 - // maybe arg_end was behind arg_start; try moving it first 164 - if (prctl(PR_SET_MM, PR_SET_MM_ARG_END, arg_space_ptr, 0, 0) < 0) { 165 - fprintf(stderr, "Failed to set arg end\n"); 166 - exit(1); 167 - } 168 - if (prctl(PR_SET_MM, PR_SET_MM_ARG_START, arg_space_ptr, 0, 0) < 0) { 169 - fprintf(stderr, "Failed to set arg start\n"); 170 - exit(1); 171 - } 172 - } 173 157 for (int i = 0; i < lr->argc; ++i) 174 158 { 175 159 if (!lr->argv[i]) { ··· 181 165 fprintf(stderr, "Failed to copy an argument pointer to stack\n"); 182 166 exit(1); 183 167 } 184 - arg_space_ptr += strlen(lr->argv[i]) + 1; 185 168 } 186 169 if (__put_user((user_long_t) 0, argv++)) 187 170 { 188 171 fprintf(stderr, "Failed to null-terminate the argument pointer array\n"); 189 - exit(1); 190 - } 191 - if (prctl(PR_SET_MM, PR_SET_MM_ARG_END, arg_space_ptr, 0, 0) < 0) { 192 - fprintf(stderr, "Failed to set arg end\n"); 193 172 exit(1); 194 173 } 195 174 196 175 // Fill in envp pointers 197 - // NOTE: same as for argv; here we assume the envp strings are contiguous 198 176 envp = argv; 199 - uintptr_t env_space_ptr = lr->envp[0]; 200 - if (prctl(PR_SET_MM, PR_SET_MM_ENV_START, env_space_ptr, 0, 0) < 0) { 201 - // maybe env_end was behind env_start; try moving it first 202 - if (prctl(PR_SET_MM, PR_SET_MM_ENV_END, env_space_ptr, 0, 0) < 0) { 203 - fprintf(stderr, "Failed to set env end\n"); 204 - exit(1); 205 - } 206 - if (prctl(PR_SET_MM, PR_SET_MM_ENV_START, env_space_ptr, 0, 0) < 0) { 207 - fprintf(stderr, "Failed to set env start\n"); 208 - exit(1); 209 - } 210 - } 211 177 for (int i = 0; i < lr->envc; ++i) 212 178 { 213 179 if (!lr->envp[i]) { ··· 215 181 break; 216 182 } 217 183 218 - size_t len = strlen((void __user*) lr->envp[i]) + 1; 219 - 220 - // Don't pass these special env vars down to userland 221 - #define SKIP_VAR(_name) \ 222 - if (len > sizeof(_name) - 1 && strncmp(lr->envp[i], _name, sizeof(_name) - 1) == 0) { \ 223 - env_space_ptr += strlen(lr->envp[i]) + 1; \ 224 - continue; \ 225 - } 226 - 227 - SKIP_VAR("__mldr_bprefs="); 228 - SKIP_VAR("__mldr_sockpath="); 229 - 230 184 if (__put_user((user_long_t) lr->envp[i], envp++)) 231 185 { 232 186 fprintf(stderr, "Failed to copy an environment variable pointer to stack\n"); 233 187 exit(1); 234 188 } 235 - 236 - env_space_ptr += strlen(lr->envp[i]) + 1; 237 189 } 238 190 if (__put_user((user_long_t) 0, envp++)) 239 191 { 240 192 fprintf(stderr, "Failed to null-terminate the environment variable pointer array\n"); 241 - exit(1); 242 - } 243 - // FIXME: this might include variables that we've skipped 244 - if (prctl(PR_SET_MM, PR_SET_MM_ENV_END, env_space_ptr, 0, 0) < 0) { 245 - fprintf(stderr, "Failed to set env end\n"); 246 193 exit(1); 247 194 } 248 195

Configure Feed

Configure Feed