Discussion:
[ast-developers] Patch to add support for |O_@(NOLINKS|NOFOLLOW|SEARCH|EXEC)| to |pathdev()| (and reduce code size) ...
Roland Mainz
2013-09-18 00:47:28 UTC
Permalink
Hi!

----

Attached (as "astksh20130913_pathcanon_more_flags_sizereduction001.diff.txt")
is a small patch which adds a few more flags to /dev/file/flags@ and
reduces the size somewhat...

* Notes:
- |O_@(NOLINKS|NOFOLLOW)| were added per CERN's request to have a way
to avoid link stunts (for example for permission escalation) in system
scripts. Just doing it with [[ ]] flags doesn't work because there is
still a timing gap between test and |open()| which can be exploited by
an user... and the students seem to have a lot of free time to
try&&try&&try... forever... grrr...

- I added |O_SEARCH| to have a way to open a directory fd without
having the read permission (usefull for cd(1))

- |O_EXEC| was added mostly for completeness and as counterpart for
|O_SEARCH|. No real usage yet (but it's usefull at least for kernel
debugging) ...

- |O_*SYNC| variants for syncronous read/write/etc. should be complete
now (|O_DSYNC|, |O_RSYNC|, |OSYNC|)

- Code size has been reduced from 43616 to 40584 bytes for pathcanon.o
-- snip --
1116829 41 -rw-r--r-- 1 test001 users 40584 Sep 18 02:25
./build_pathcanon_moreflags/arch/sol11.i386-64/src/lib/libast/pathcanon.o
1093235 44 -rw-r--r-- 1 test001 users 43616 Sep 14 00:33
./build_i386_64bit_debug_normal/arch/sol11.i386-64/src/lib/libast/pathcanon.o
-- snip --


Glenn: Is the patch OK for you ?

----

Bye,
Roland
--
__ . . __
(o.\ \/ /.o) roland.mainz at nrubsig.org
\__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer
/O /==\ O\ TEL +49 641 3992797
(;O/ \/ \O;)
-------------- next part --------------
diff -r -u original/src/lib/libast/path/pathcanon.c build_xattr/src/lib/libast/path/pathcanon.c
--- src/lib/libast/path/pathcanon.c 2013-09-13 21:01:05.000000000 +0200
+++ src/lib/libast/path/pathcanon.c 2013-09-18 02:34:21.257331790 +0200
@@ -65,6 +65,134 @@

#include <ast_api.h>

+struct openflagmap
+{
+ const char name[15];
+ const char namelen;
+ int flag;
+};
+
+static const
+struct openflagmap ofmap[]=
+{
+ {
+ "async", 5,
+#ifdef O_ASYNC
+ O_ASYNC
+#else
+ 0
+#endif
+ },
+ {
+ "direct", 6,
+#ifdef O_DIRECT
+ O_DIRECT
+#else
+ 0
+#endif
+ },
+ {
+ "directory", 9,
+#ifdef O_DIRECTORY
+ O_DIRECTORY
+#else
+ 0
+#endif
+ },
+ {
+ "dsync", 5,
+#ifdef O_DSYNC
+ O_DSYNC
+#else
+ 0
+#endif
+ },
+ {
+ "exec", 4,
+#ifdef O_EXEC
+ O_EXEC
+#else
+ 0
+#endif
+ },
+ {
+ "nolinks", 7,
+#ifdef O_NOLINKS
+ O_NOLINKS
+#else
+ 0
+#endif
+ },
+ {
+ "nonblock", 8,
+#ifdef O_NONBLOCK
+ O_NONBLOCK
+#else
+ 0
+#endif
+ },
+ {
+ "nofollow", 8,
+#ifdef O_NOFOLLOW
+ O_NOFOLLOW
+#else
+ 0
+#endif
+ },
+ {
+ "rsync", 5,
+#ifdef O_RSYNC
+ O_RSYNC
+#else
+ 0
+#endif
+ },
+ {
+ "search", 6,
+#ifdef O_SEARCH
+ O_SEARCH
+#else
+ 0
+#endif
+ },
+ {
+ "sync", 4,
+#ifdef O_SYNC
+ O_SYNC
+#else
+ 0
+#endif
+ },
+ {
+ "xattr", 5,
+#ifdef O_XATTR
+ O_XATTR
+#else
+ 0
+#endif
+ },
+ { "", 0, 0 }
+};
+
+static
+const struct openflagmap *pathdev_str2openflag(const char *s)
+{
+ register size_t sz;
+ const struct openflagmap *o;
+
+ for (o=ofmap ; o->namelen != 0 ; o++)
+ {
+ sz = o->namelen;
+ if (!strncmp(s, o->name, sz) &&
+ ((s[sz] == '@') || (s[sz] == ',')))
+ {
+ return (o);
+ }
+ }
+ return (NULL);
+}
+
+
char*
pathcanon_20100601(char* path, size_t size, int flags)
{
@@ -249,76 +377,26 @@
NEXT(s, 4);
if (s[0] == 'f' && s[1] == 'l' && s[2] == 'a' && s[3] == 'g' && s[4] == 's' && s[5] == '@')
{
+ const struct openflagmap *ofm;
+
s += 6;
for (;;)
{
- if (s[0] == 'a' && s[1] == 's' && s[2] == 'y' && s[3] == 'n' && s[4] == 'c' && (s[5] == ',' || s[5] == '@'))
- {
-#ifdef O_ASYNC
- s += 5;
- dev->oflags |= O_ASYNC;
-#else
- errno = ENXIO;
- return 0;
-#endif
- }
- else if (s[0] == 'd' && s[1] == 'i' && s[2] == 'r' && s[3] == 'e' && s[4] == 'c' && s[5] == 't')
+ /* Be nice and eat leading ',' */
+ while(*s==',')
+ s++;
+
+ if (ofm = pathdev_str2openflag(s))
{
- if (s[6] == ',' || s[6] == '@')
+ /* Is this flag supported on this platform ? */
+ if (ofm->flag == 0)
{
-#ifdef O_DIRECT
- s += 6;
- dev->oflags |= O_DIRECT;
-#else
- errno = ENXIO;
- return 0;
-#endif
- }
- else if (s[6] == 'o' && s[7] == 'r' && s[8] == 'y' && (s[9] == ',' || s[9] == '@'))
- {
-#ifdef O_DIRECTORY
- s += 9;
- dev->oflags |= O_DIRECTORY;
-#else
errno = ENXIO;
return 0;
-#endif
- }
- else
- {
- errno = EINVAL;
- return 0;
}
- }
- else if (s[0] == 'n' && s[1] == 'o' && s[2] == 'n' && s[3] == 'b' && s[4] == 'l' && s[5] == 'o' && s[6] == 'c' && s[7] == 'k' && (s[8] == ',' || s[8] == '@'))
- {
-#ifdef O_NONBLOCK
- s += 8;
- dev->oflags |= O_NONBLOCK;
-#else
- errno = ENXIO;
- return 0;
-#endif
- }
- else if (s[0] == 's' && s[1] == 'y' && s[2] == 'n' && s[3] == 'c' && (s[4] == ',' || s[4] == '@'))
- {
-#ifdef O_SYNC
- s += 4;
- dev->oflags |= O_SYNC;
-#else
- errno = ENXIO;
- return 0;
-#endif
- }
- else if (s[0] == 'x' && s[1] == 'a' && s[2] == 't' && s[3] == 't' && s[4] == 'r' && (s[5] == ',' || s[5] == '@'))
- {
-#ifdef O_XATTR
- s += 5;
- dev->oflags |= O_XATTR;
-#else
- errno = ENXIO;
- return 0;
-#endif
+
+ dev->oflags |= ofm->flag;
+ s += ofm->namelen;
}
else if (*s != '@')
{
@@ -766,5 +844,5 @@
dots = 4;
break;
}
- return 0;
+ /*NOTREACHED*/
}
Only in build_xattr/src/lib/libast/path: pathcanon.c.orig
Glenn Fowler
2013-09-18 04:55:32 UTC
Permalink
the table will be in the next alpha
it will be al lot easier to extend when some vendor adds another O_* flag next month
thanks
--20cf3077615321e25104e69dc870
Content-Type: text/plain; charset=ISO-8859-1
Hi!
----
Attached (as "astksh20130913_pathcanon_more_flags_sizereduction001.diff.txt")
reduces the size somewhat...
to avoid link stunts (for example for permission escalation) in system
scripts. Just doing it with [[ ]] flags doesn't work because there is
still a timing gap between test and |open()| which can be exploited by
an user... and the students seem to have a lot of free time to
try&&try&&try... forever... grrr...
- I added |O_SEARCH| to have a way to open a directory fd without
having the read permission (usefull for cd(1))
- |O_EXEC| was added mostly for completeness and as counterpart for
|O_SEARCH|. No real usage yet (but it's usefull at least for kernel
debugging) ...
- |O_*SYNC| variants for syncronous read/write/etc. should be complete
now (|O_DSYNC|, |O_RSYNC|, |OSYNC|)
- Code size has been reduced from 43616 to 40584 bytes for pathcanon.o
-- snip --
1116829 41 -rw-r--r-- 1 test001 users 40584 Sep 18 02:25
./build_pathcanon_moreflags/arch/sol11.i386-64/src/lib/libast/pathcanon.o
1093235 44 -rw-r--r-- 1 test001 users 43616 Sep 14 00:33
./build_i386_64bit_debug_normal/arch/sol11.i386-64/src/lib/libast/pathcanon.o
-- snip --
Glenn: Is the patch OK for you ?
----
Bye,
Roland
--
__ . . __
(o.\ \/ /.o) roland.mainz at nrubsig.org
\__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer
/O /==\ O\ TEL +49 641 3992797
(;O/ \/ \O;)
--20cf3077615321e25104e69dc870
Content-Type: text/plain; charset=US-ASCII;
name="astksh20130913_pathcanon_more_flags_sizereduction001.diff.txt"
Content-Disposition: attachment;
filename="astksh20130913_pathcanon_more_flags_sizereduction001.diff.txt"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_hlpto3fv0
ZGlmZiAtciAtdSBvcmlnaW5hbC9zcmMvbGliL2xpYmFzdC9wYXRoL3BhdGhjYW5vbi5jIGJ1aWxk
X3hhdHRyL3NyYy9saWIvbGliYXN0L3BhdGgvcGF0aGNhbm9uLmMKLS0tIHNyYy9saWIvbGliYXN0
L3BhdGgvcGF0aGNhbm9uLmMJMjAxMy0wOS0xMyAyMTowMTowNS4wMDAwMDAwMDAgKzAyMDAKKysr
IHNyYy9saWIvbGliYXN0L3BhdGgvcGF0aGNhbm9uLmMJMjAxMy0wOS0xOCAwMjozNDoyMS4yNTcz
MzE3OTAgKzAyMDAKQEAgLTY1LDYgKzY1LDEzNCBAQAogCiAjaW5jbHVkZSA8YXN0X2FwaS5oPgog
CitzdHJ1Y3Qgb3BlbmZsYWdtYXAKK3sKKwljb25zdCBjaGFyCW5hbWVbMTVdOworCWNvbnN0IGNo
YXIJbmFtZWxlbjsKKwlpbnQJCWZsYWc7Cit9OworCitzdGF0aWMgY29uc3QKK3N0cnVjdCBvcGVu
ZmxhZ21hcCBvZm1hcFtdPQoreworCXsKKwkJImFzeW5jIiwJNSwKKyNpZmRlZiBPX0FTWU5DCisJ
CU9fQVNZTkMKKyNlbHNlCisJCTAKKyNlbmRpZgorCX0sCisJeworCQkiZGlyZWN0IiwJNiwKKyNp
ZmRlZiBPX0RJUkVDVAorCQlPX0RJUkVDVAorI2Vsc2UKKwkJMAorI2VuZGlmCisJfSwKKwl7CisJ
CSJkaXJlY3RvcnkiLAk5LAorI2lmZGVmIE9fRElSRUNUT1JZCisJCU9fRElSRUNUT1JZCisjZWxz
ZQorCQkwCisjZW5kaWYKKwl9LAorCXsKKwkJImRzeW5jIiwJNSwKKyNpZmRlZiBPX0RTWU5DCisJ
CU9fRFNZTkMKKyNlbHNlCisJCTAKKyNlbmRpZgorCX0sCisJeworCQkiZXhlYyIsCQk0LAorI2lm
ZGVmIE9fRVhFQworCQlPX0VYRUMKKyNlbHNlCisJCTAKKyNlbmRpZgorCX0sCisJeworCQkibm9s
aW5rcyIsCTcsCisjaWZkZWYgT19OT0xJTktTCisJCU9fTk9MSU5LUworI2Vsc2UKKwkJMAorI2Vu
ZGlmCisJfSwKKwl7CisJCSJub25ibG9jayIsCTgsCisjaWZkZWYgT19OT05CTE9DSworCQlPX05P
TkJMT0NLCisjZWxzZQorCQkwCisjZW5kaWYKKwl9LAorCXsKKwkJIm5vZm9sbG93IiwJOCwKKyNp
ZmRlZiBPX05PRk9MTE9XCisJCU9fTk9GT0xMT1cKKyNlbHNlCisJCTAKKyNlbmRpZgorCX0sCisJ
eworCQkicnN5bmMiLAk1LAorI2lmZGVmIE9fUlNZTkMKKwkJT19SU1lOQworI2Vsc2UKKwkJMAor
I2VuZGlmCisJfSwKKwl7CisJCSJzZWFyY2giLAk2LAorI2lmZGVmIE9fU0VBUkNICisJCU9fU0VB
UkNICisjZWxzZQorCQkwCisjZW5kaWYKKwl9LAorCXsKKwkJInN5bmMiLAkJNCwKKyNpZmRlZiBP
X1NZTkMKKwkJT19TWU5DCisjZWxzZQorCQkwCisjZW5kaWYKKwl9LAorCXsKKwkJInhhdHRyIiwJ
NSwKKyNpZmRlZiBPX1hBVFRSCisJCU9fWEFUVFIKKyNlbHNlCisJCTAKKyNlbmRpZgorCX0sCisJ
eyAiIiwJCTAsIDAJCX0KK307CisKK3N0YXRpYworY29uc3Qgc3RydWN0IG9wZW5mbGFnbWFwICpw
YXRoZGV2X3N0cjJvcGVuZmxhZyhjb25zdCBjaGFyICpzKQoreworCXJlZ2lzdGVyIHNpemVfdAkJ
CXN6OworCWNvbnN0IHN0cnVjdCBvcGVuZmxhZ21hcAkqbzsKKwkKKwlmb3IgKG89b2ZtYXAgOyBv
LT5uYW1lbGVuICE9IDAgOyBvKyspCisJeworCQlzeiA9IG8tPm5hbWVsZW47CisJCWlmICghc3Ry
bmNtcChzLCBvLT5uYW1lLCBzeikgJiYKKwkJCSgoc1tzel0gPT0gJ0AnKSB8fCAoc1tzel0gPT0g
JywnKSkpCisJCXsKKwkJCXJldHVybiAobyk7CisJCX0gCisJfQorCXJldHVybiAoTlVMTCk7Cit9
CisKKwogY2hhcioKIHBhdGhjYW5vbl8yMDEwMDYwMShjaGFyKiBwYXRoLCBzaXplX3Qgc2l6ZSwg
aW50IGZsYWdzKQogewpAQCAtMjQ5LDc2ICszNzcsMjYgQEAKIAkJCQkJTkVYVChzLCA0KTsKIAkJ
CQkJaWYgKHNbMF0gPT0gJ2YnICYmIHNbMV0gPT0gJ2wnICYmIHNbMl0gPT0gJ2EnICYmIHNbM10g
PT0gJ2cnICYmIHNbNF0gPT0gJ3MnICYmIHNbNV0gPT0gJ0AnKQogCQkJCQl7CisJCQkJCQljb25z
dCBzdHJ1Y3Qgb3BlbmZsYWdtYXAgKm9mbTsKKwogCQkJCQkJcyArPSA2OwogCQkJCQkJZm9yICg7
OykKIAkJCQkJCXsKLQkJCQkJCQlpZiAoc1swXSA9PSAnYScgJiYgc1sxXSA9PSAncycgJiYgc1sy
XSA9PSAneScgJiYgc1szXSA9PSAnbicgJiYgc1s0XSA9PSAnYycgJiYgKHNbNV0gPT0gJywnIHx8
IHNbNV0gPT0gJ0AnKSkKLQkJCQkJCQl7Ci0jaWZkZWYgT19BU1lOQwotCQkJCQkJCQlzICs9IDU7
Ci0JCQkJCQkJCWRldi0+b2ZsYWdzIHw9IE9fQVNZTkM7Ci0jZWxzZQotCQkJCQkJCQllcnJubyA9
IEVOWElPOwotCQkJCQkJCQlyZXR1cm4gMDsKLSNlbmRpZgotCQkJCQkJCX0KLQkJCQkJCQllbHNl
IGlmIChzWzBdID09ICdkJyAmJiBzWzFdID09ICdpJyAmJiBzWzJdID09ICdyJyAmJiBzWzNdID09
ICdlJyAmJiBzWzRdID09ICdjJyAmJiBzWzVdID09ICd0JykKKwkJCQkJCQkvKiBCZSBuaWNlIGFu
ZCBlYXQgbGVhZGluZyAnLCcgKi8KKwkJCQkJCQl3aGlsZSgqcz09JywnKQorCQkJCQkJCQlzKys7
CisKKwkJCQkJCQlpZiAob2ZtID0gcGF0aGRldl9zdHIyb3BlbmZsYWcocykpCiAJCQkJCQkJewot
CQkJCQkJCQlpZiAoc1s2XSA9PSAnLCcgfHwgc1s2XSA9PSAnQCcpCisJCQkJCQkJCS8qIElzIHRo
aXMgZmxhZyBzdXBwb3J0ZWQgb24gdGhpcyBwbGF0Zm9ybSA/ICovCisJCQkJCQkJCWlmIChvZm0t
PmZsYWcgPT0gMCkKIAkJCQkJCQkJewotI2lmZGVmIE9fRElSRUNUCi0JCQkJCQkJCQlzICs9IDY7
Ci0JCQkJCQkJCQlkZXYtPm9mbGFncyB8PSBPX0RJUkVDVDsKLSNlbHNlCi0JCQkJCQkJCQllcnJu
byA9IEVOWElPOwotCQkJCQkJCQkJcmV0dXJuIDA7Ci0jZW5kaWYKLQkJCQkJCQkJfQotCQkJCQkJ
CQllbHNlIGlmIChzWzZdID09ICdvJyAmJiBzWzddID09ICdyJyAmJiBzWzhdID09ICd5JyAmJiAo
c1s5XSA9PSAnLCcgfHwgc1s5XSA9PSAnQCcpKQotCQkJCQkJCQl7Ci0jaWZkZWYgT19ESVJFQ1RP
UlkKLQkJCQkJCQkJCXMgKz0gOTsKLQkJCQkJCQkJCWRldi0+b2ZsYWdzIHw9IE9fRElSRUNUT1JZ
OwotI2Vsc2UKIAkJCQkJCQkJCWVycm5vID0gRU5YSU87CiAJCQkJCQkJCQlyZXR1cm4gMDsKLSNl
bmRpZgotCQkJCQkJCQl9Ci0JCQkJCQkJCWVsc2UKLQkJCQkJCQkJewotCQkJCQkJCQkJZXJybm8g
PSBFSU5WQUw7Ci0JCQkJCQkJCQlyZXR1cm4gMDsKIAkJCQkJCQkJfQotCQkJCQkJCX0KLQkJCQkJ
CQllbHNlIGlmIChzWzBdID09ICduJyAmJiBzWzFdID09ICdvJyAmJiBzWzJdID09ICduJyAmJiBz
WzNdID09ICdiJyAmJiBzWzRdID09ICdsJyAmJiBzWzVdID09ICdvJyAmJiBzWzZdID09ICdjJyAm
JiBzWzddID09ICdrJyAmJiAoc1s4XSA9PSAnLCcgfHwgc1s4XSA9PSAnQCcpKQotCQkJCQkJCXsK
LSNpZmRlZiBPX05PTkJMT0NLCi0JCQkJCQkJCXMgKz0gODsKLQkJCQkJCQkJZGV2LT5vZmxhZ3Mg
fD0gT19OT05CTE9DSzsKLSNlbHNlCi0JCQkJCQkJCWVycm5vID0gRU5YSU87Ci0JCQkJCQkJCXJl
dHVybiAwOwotI2VuZGlmCi0JCQkJCQkJfQotCQkJCQkJCWVsc2UgaWYgKHNbMF0gPT0gJ3MnICYm
IHNbMV0gPT0gJ3knICYmIHNbMl0gPT0gJ24nICYmIHNbM10gPT0gJ2MnICYmIChzWzRdID09ICcs
JyB8fCBzWzRdID09ICdAJykpCi0JCQkJCQkJewotI2lmZGVmIE9fU1lOQwotCQkJCQkJCQlzICs9
IDQ7Ci0JCQkJCQkJCWRldi0+b2ZsYWdzIHw9IE9fU1lOQzsKLSNlbHNlCi0JCQkJCQkJCWVycm5v
ID0gRU5YSU87Ci0JCQkJCQkJCXJldHVybiAwOwotI2VuZGlmCi0JCQkJCQkJfQotCQkJCQkJCWVs
c2UgaWYgKHNbMF0gPT0gJ3gnICYmIHNbMV0gPT0gJ2EnICYmIHNbMl0gPT0gJ3QnICYmIHNbM10g
PT0gJ3QnICYmIHNbNF0gPT0gJ3InICYmIChzWzVdID09ICcsJyB8fCBzWzVdID09ICdAJykpCi0J
CQkJCQkJewotI2lmZGVmIE9fWEFUVFIKLQkJCQkJCQkJcyArPSA1OwotCQkJCQkJCQlkZXYtPm9m
bGFncyB8PSBPX1hBVFRSOwotI2Vsc2UKLQkJCQkJCQkJZXJybm8gPSBFTlhJTzsKLQkJCQkJCQkJ
cmV0dXJuIDA7Ci0jZW5kaWYKKwkJCQkJCQkJCisJCQkJCQkJCWRldi0+b2ZsYWdzIHw9IG9mbS0+
ZmxhZzsKKwkJCQkJCQkJcyArPSBvZm0tPm5hbWVsZW47CiAJCQkJCQkJfQogCQkJCQkJCWVsc2Ug
aWYgKCpzICE9ICdAJykKIAkJCQkJCQl7CkBAIC03NjYsNSArODQ0LDUgQEAKIAkJCWRvdHMgPSA0
OwogCQkJYnJlYWs7CiAJCX0KLSAJcmV0dXJuIDA7CisJLypOT1RSRUFDSEVEKi8KIH0KT25seSBp
biBidWlsZF94YXR0ci9zcmMvbGliL2xpYmFzdC9wYXRoOiBwYXRoY2Fub24uYy5vcmlnCg==
--20cf3077615321e25104e69dc870--
Loading...