The branch, master has been updated via ddafdd6 tests: Add new test_thread_create_thread_setgid. via 53ed862 uwrap: Support scenario where threads fork or creates threads. via ed13fb7 uwrap: Prepare for overload of libpthread functions. via f842837 uwrap: Introduce UWRAP_LOCK_ALL and UWRAP_UNLOCK_ALL macros via 103a7f0 uwrap: Rewrite uwrap_libc_fns struct to pass strict aliasing rules. via ba33cdd uwrap: Fix wrong data types in syscalls switch. via dd5b185 tests: Add new test_uwrap_getresuid(). via 04f13b9 uwrap: Add support for getresuid() and getresgid() glibc/syscall. via d63240b tests: Add new test test_sync_setgroups(). via 329fa14 uwrap: Extend support for (set|get)groups libc functions and syscalls. via 882246d tests: Fix test_uwrap_getgroups. via c8d2593 tests: Add test_real_sync_setuid(). via fc959bd uwrap: Extend support for syscalls called from threads or main process. via 5bdc9cf uwrap: Small uwrap_init optimalization. via f1ec2b8 uwrap: Add more authors to AUTHORS file. via 9dee5c0 tests: Enable test_glibc_thread_support.c on MacOSX. via f1f0b52 src: Add support for running with address sanitizer. from fdbdb8a uwrap: Reflect changes of uid/gid in threads to main process.
https://git.samba.org/?p=uid_wrapper.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit ddafdd67734584205bd525c25d7fbc7f4f209499 Author: Robin Hack <hack.ro...@gmail.com> Date: Fri Dec 5 10:51:15 2014 +0100 tests: Add new test_thread_create_thread_setgid. Test aims case where thread change uid/gid and then create new thread. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 53ed862d740dc76cadf79633ca325467ba031ca0 Author: Robin Hack <hack.ro...@gmail.com> Date: Tue Oct 21 08:55:56 2014 +0200 uwrap: Support scenario where threads fork or creates threads. When fork() is called here there is no need to disable uwrap as a whole. This change disables only uwrap for the thread which called fork(). uwrap catches calls of pthread_create() and pthread_exit() functions from libpthread library now. Pair-Programmed-With: Andreas Schneider <a...@samba.org> Pair-Programmed-With: Stefan Metzmacher <me...@samba.org> Signed-off-by: Robin Hack <hack.ro...@gmail.com> Signed-off-by: Andreas Schneider <a...@samba.org> Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit ed13fb77de8e505d4521616e377a27dea1442092 Author: Robin Hack <hack.ro...@gmail.com> Date: Tue Dec 16 12:09:55 2014 +0100 uwrap: Prepare for overload of libpthread functions. uwrap_bind_symbol are now renamed to uwrap_bind_symbol_libc and simlilar uwrap_bind_symbol_libpthread are introduced. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit f842837bcb33296a55c4ff8ae6c9873570b11586 Author: Robin Hack <hack.ro...@gmail.com> Date: Tue Dec 16 12:00:31 2014 +0100 uwrap: Introduce UWRAP_LOCK_ALL and UWRAP_UNLOCK_ALL macros Introduce UWRAP_LOCK_ALL and UWRAP_UNLOCK_ALL which make locking easier. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 103a7f028f91ac6e5aa3f7c0c1f0286bd9d85f9e Author: Robin Hack <hack.ro...@gmail.com> Date: Wed Oct 29 10:29:27 2014 +0100 uwrap: Rewrite uwrap_libc_fns struct to pass strict aliasing rules. Now uwrap is compiled with -O2 -fstrict-aliasing -Wstrict-aliasing=2 C compiler flags. Also rename struct uwrap_libc_fns fns to uwrap_libc_symbols and uwrap_load_lib_function to uwrap_bind_symbol (same for _uwrap_load_... variant. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit ba33cdd2e78f7f435028eeee8ceeb24f23106212 Author: Robin Hack <hack.ro...@gmail.com> Date: Thu Oct 16 12:23:53 2014 +0200 uwrap: Fix wrong data types in syscalls switch. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit dd5b185701210cf42eb586b176750d6579e4ace8 Author: Robin Hack <hack.ro...@gmail.com> Date: Tue Oct 21 08:54:04 2014 +0200 tests: Add new test_uwrap_getresuid(). Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 04f13b938b8ba85986f23a12a29eb49de8dca1b9 Author: Robin Hack <hack.ro...@gmail.com> Date: Tue Oct 21 08:53:32 2014 +0200 uwrap: Add support for getresuid() and getresgid() glibc/syscall. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit d63240b8c09181098ee8c09f4cb2fcb63a60ff2b Author: Robin Hack <hack.ro...@gmail.com> Date: Tue Oct 21 08:36:52 2014 +0200 tests: Add new test test_sync_setgroups(). This test is almost same as test_sync_setgid but covers the setgroups function. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 329fa147fd7a42ad26ece17f7fc866aae6c79f22 Author: Robin Hack <hack.ro...@gmail.com> Date: Tue Oct 21 08:35:45 2014 +0200 uwrap: Extend support for (set|get)groups libc functions and syscalls. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 882246d04f2849b2f31762eb8f158d12332a9b6d Author: Robin Hack <hack.ro...@gmail.com> Date: Wed Oct 15 10:20:31 2014 +0200 tests: Fix test_uwrap_getgroups. This test doesn't run on machines if there are more than one supplementary group. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit c8d259379e1c2bca91007e2f24dbd063d7298a38 Author: Robin Hack <hack.ro...@gmail.com> Date: Tue Oct 21 08:34:16 2014 +0200 tests: Add test_real_sync_setuid(). This also extends test_syscall_setreuid(). Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit fc959bde038a47c409508c840097f3ee6a4cfddf Author: Robin Hack <hack.ro...@gmail.com> Date: Tue Oct 21 08:33:24 2014 +0200 uwrap: Extend support for syscalls called from threads or main process. We need to distinguish if the syscall is called from main process or from a thread. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 5bdc9cff161ea411dc89ca93e928a2ed46d63de6 Author: Robin Hack <hack.ro...@gmail.com> Date: Thu Oct 2 15:45:09 2014 +0200 uwrap: Small uwrap_init optimalization. Don't call libc_getuid/getgid function twice. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit f1ec2b89bb4726cf5eb259a6028c1dd7a5de6b0c Author: Robin Hack <hack.ro...@gmail.com> Date: Wed Oct 1 09:08:02 2014 +0200 uwrap: Add more authors to AUTHORS file. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 9dee5c09439fc3addbb89d1c1fe1655962a0544d Author: Robin Hack <hack.ro...@gmail.com> Date: Tue Sep 30 13:58:40 2014 +0200 tests: Enable test_glibc_thread_support.c on MacOSX. Signed-off-by: Robin Hack <hack.ro...@gmail.com> Reviewed-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit f1f0b5209a238b1df782bc8fdd2c87583fb411ce Author: Andreas Schneider <a...@samba.org> Date: Mon Oct 20 09:22:42 2014 +0200 src: Add support for running with address sanitizer. It address sanitzer will complain about our hack with variable function attributes. This disables the checking of it. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> ----------------------------------------------------------------------- Summary of changes: AUTHORS | 2 + ConfigureChecks.cmake | 17 + cmake/Modules/DefineCompilerFlags.cmake | 1 + config.h.cmake | 7 + src/uid_wrapper.c | 771 +++++++++++++++++++++++--------- tests/CMakeLists.txt | 4 +- tests/test_glibc_thread_support.c | 206 +++++++++ tests/testsuite.c | 33 +- 8 files changed, 833 insertions(+), 208 deletions(-) Changeset truncated at 500 lines: diff --git a/AUTHORS b/AUTHORS index 6bb16f3..1f7ce48 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,2 +1,4 @@ Andrew Tridgell <tri...@samba.org> Andreas Schneider <a...@samba.org> +Jakub Hrozek <jakub.hro...@gmail.com> +Robin Hack <hack.ro...@gmail.com> diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake index 26c2238..150d89b 100644 --- a/ConfigureChecks.cmake +++ b/ConfigureChecks.cmake @@ -61,6 +61,8 @@ check_function_exists(snprintf HAVE_SNPRINTF) check_function_exists(seteuid HAVE_SETEUID) check_function_exists(setreuid HAVE_SETREUID) check_function_exists(setresuid HAVE_SETRESUID) +check_function_exists(getresuid HAVE_GETRESUID) +check_function_exists(getresgid HAVE_GETRESGID) check_function_exists(setegid HAVE_SETEGID) check_function_exists(setregid HAVE_SETREGID) @@ -164,6 +166,21 @@ int main(void) { return 0; }" HAVE_DESTRUCTOR_ATTRIBUTE) +# If this produces a warning treat it as error! +set(CMAKE_REQUIRED_FLAGS "-Werror") +check_c_source_compiles(" +void test_address_sanitizer_attribute(void) __attribute__((no_sanitize_address)); + +void test_address_sanitizer_attribute(void) +{ + return; +} + +int main(void) { + return 0; +}" HAVE_ADDRESS_SANITIZER_ATTRIBUTE) +set(CMAKE_REQUIRED_FLAGS) + check_c_source_compiles(" void log_fn(const char *format, ...) __attribute__ ((format (printf, 1, 2))); diff --git a/cmake/Modules/DefineCompilerFlags.cmake b/cmake/Modules/DefineCompilerFlags.cmake index 0ab8802..067ca32 100644 --- a/cmake/Modules/DefineCompilerFlags.cmake +++ b/cmake/Modules/DefineCompilerFlags.cmake @@ -14,6 +14,7 @@ if (UNIX AND NOT WIN32) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Wshadow -Wmissing-prototypes -Wdeclaration-after-statement") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wunused -Wfloat-equal -Wpointer-arith -Wwrite-strings -Wformat-security") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-format-attribute") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fstrict-aliasing -Wstrict-aliasing=2 -O2") # with -fPIC check_c_compiler_flag("-fPIC" WITH_FPIC) diff --git a/config.h.cmake b/config.h.cmake index b2a03b2..b862048 100644 --- a/config.h.cmake +++ b/config.h.cmake @@ -31,6 +31,9 @@ /* Define to 1 if you have the `setresuid' function. */ #cmakedefine HAVE_SETRESUID 1 +/* Define to 1 if you have the `getresuid' function. */ +#cmakedefine HAVE_GETRESUID 1 + /* Define to 1 if you have the `setegid' function. */ #cmakedefine HAVE_SETEGID 1 @@ -40,6 +43,9 @@ /* Define to 1 if you have the `setresgid' function. */ #cmakedefine HAVE_SETRESGID 1 +/* Define to 1 if you have the `getresgid' function. */ +#cmakedefine HAVE_GETRESGID 1 + /* Define to 1 if you have the `setgroups' function. */ #cmakedefine HAVE_SETGROUPS 1 #cmakedefine HAVE_SETGROUPS_INT 1 @@ -60,6 +66,7 @@ #cmakedefine HAVE_GCC_ATOMIC_BUILTINS 1 #cmakedefine HAVE_CONSTRUCTOR_ATTRIBUTE 1 #cmakedefine HAVE_DESTRUCTOR_ATTRIBUTE 1 +#cmakedefine HAVE_ADDRESS_SANITIZER_ATTRIBUTE 1 #cmakedefine HAVE_FUNCTION_ATTRIBUTE_FORMAT 1 /*************************** ENDIAN *****************************/ diff --git a/src/uid_wrapper.c b/src/uid_wrapper.c index 8e3a7d3..44ef8c1 100644 --- a/src/uid_wrapper.c +++ b/src/uid_wrapper.c @@ -51,6 +51,17 @@ pthread_mutex_unlock(&( m ## _mutex)); \ } while(0) +/* Add new global locks here please */ +# define UWRAP_LOCK_ALL \ + UWRAP_LOCK(uwrap_id); \ + UWRAP_LOCK(libc_symbol_binding); \ + UWRAP_LOCK(libpthread_symbol_binding) + +# define UWRAP_UNLOCK_ALL \ + UWRAP_UNLOCK(libpthread_symbol_binding); \ + UWRAP_UNLOCK(libc_symbol_binding); \ + UWRAP_UNLOCK(uwrap_id) + #ifdef HAVE_CONSTRUCTOR_ATTRIBUTE #define CONSTRUCTOR_ATTRIBUTE __attribute__ ((constructor)) #else @@ -63,6 +74,12 @@ #define DESTRUCTOR_ATTRIBUTE #endif /* HAVE_DESTRUCTOR_ATTRIBUTE */ +#ifdef HAVE_ADDRESS_SANITIZER_ATTRIBUTE +#define DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE __attribute__((no_sanitize_address)) +#else /* DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE */ +#define DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE +#endif /* DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE */ + /* GCC have printf type attribute check. */ #ifdef HAVE_FUNCTION_ATTRIBUTE_FORMAT #define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b))) @@ -171,46 +188,130 @@ static void uwrap_log(enum uwrap_dbglvl_e dbglvl, const char *format, ...) #define LIBC_NAME "libc.so" -struct uwrap_libc_fns { - int (*_libc_setuid)(uid_t uid); - uid_t (*_libc_getuid)(void); +typedef int (*__libc_setuid)(uid_t uid); + +typedef uid_t (*__libc_getuid)(void); #ifdef HAVE_SETEUID - int (*_libc_seteuid)(uid_t euid); +typedef int (*__libc_seteuid)(uid_t euid); #endif + #ifdef HAVE_SETREUID - int (*_libc_setreuid)(uid_t ruid, uid_t euid); +typedef int (*__libc_setreuid)(uid_t ruid, uid_t euid); #endif + #ifdef HAVE_SETRESUID - int (*_libc_setresuid)(uid_t ruid, uid_t euid, uid_t suid); +typedef int (*__libc_setresuid)(uid_t ruid, uid_t euid, uid_t suid); +#endif + +#ifdef HAVE_GETRESUID +typedef int (*__libc_getresuid)(uid_t *ruid, uid_t *euid, uid_t *suid); +#endif + +typedef uid_t (*__libc_geteuid)(void); + +typedef int (*__libc_setgid)(gid_t gid); + +typedef gid_t (*__libc_getgid)(void); + +#ifdef HAVE_SETEGID +typedef int (*__libc_setegid)(uid_t egid); +#endif + +#ifdef HAVE_SETREGID +typedef int (*__libc_setregid)(uid_t rgid, uid_t egid); #endif - uid_t (*_libc_geteuid)(void); - int (*_libc_setgid)(gid_t gid); - gid_t (*_libc_getgid)(void); +#ifdef HAVE_SETRESGID +typedef int (*__libc_setresgid)(uid_t rgid, uid_t egid, uid_t sgid); +#endif + +#ifdef HAVE_GETRESGID +typedef int (*__libc_getresgid)(gid_t *rgid, gid_t *egid, gid_t *sgid); +#endif + +typedef gid_t (*__libc_getegid)(void); + +typedef int (*__libc_getgroups)(int size, gid_t list[]); + +typedef int (*__libc_setgroups)(size_t size, const gid_t *list); + +#ifdef HAVE_SYSCALL +typedef long int (*__libc_syscall)(long int sysno, ...); +#endif + +#define UWRAP_SYMBOL_ENTRY(i) \ + union { \ + __libc_##i f; \ + void *obj; \ + } _libc_##i + +struct uwrap_libc_symbols { + UWRAP_SYMBOL_ENTRY(setuid); + UWRAP_SYMBOL_ENTRY(getuid); +#ifdef HAVE_SETEUID + UWRAP_SYMBOL_ENTRY(seteuid); +#endif +#ifdef HAVE_SETREUID + UWRAP_SYMBOL_ENTRY(setreuid); +#endif +#ifdef HAVE_SETRESUID + UWRAP_SYMBOL_ENTRY(setresuid); +#endif +#ifdef HAVE_GETRESUID + UWRAP_SYMBOL_ENTRY(getresuid); +#endif + UWRAP_SYMBOL_ENTRY(geteuid); + UWRAP_SYMBOL_ENTRY(setgid); + UWRAP_SYMBOL_ENTRY(getgid); #ifdef HAVE_SETEGID - int (*_libc_setegid)(uid_t egid); + UWRAP_SYMBOL_ENTRY(setegid); #endif #ifdef HAVE_SETREGID - int (*_libc_setregid)(uid_t rgid, uid_t egid); + UWRAP_SYMBOL_ENTRY(setregid); #endif #ifdef HAVE_SETRESGID - int (*_libc_setresgid)(uid_t rgid, uid_t egid, uid_t sgid); + UWRAP_SYMBOL_ENTRY(setresgid); +#endif +#ifdef HAVE_GETRESGID + UWRAP_SYMBOL_ENTRY(getresgid); #endif - gid_t (*_libc_getegid)(void); - int (*_libc_getgroups)(int size, gid_t list[]); - int (*_libc_setgroups)(size_t size, const gid_t *list); + UWRAP_SYMBOL_ENTRY(getegid); + UWRAP_SYMBOL_ENTRY(getgroups); + UWRAP_SYMBOL_ENTRY(setgroups); #ifdef HAVE_SYSCALL - long int (*_libc_syscall)(long int sysno, ...); + UWRAP_SYMBOL_ENTRY(syscall); #endif }; +#undef UWRAP_SYMBOL_ENTRY + +/***************** + * LIBPTHREAD + *****************/ +/* Yeah... I'm pig. I overloading macro here... So what? */ +#define UWRAP_SYMBOL_ENTRY(i) \ + union { \ + __libpthread_##i f; \ + void *obj; \ + } _libpthread_##i + +typedef int (*__libpthread_pthread_create)(pthread_t *thread, + const pthread_attr_t *attr, + void *(*start_routine) (void *), + void *arg); +typedef void (*__libpthread_pthread_exit)(void *retval); + +struct uwrap_libpthread_symbols { + UWRAP_SYMBOL_ENTRY(pthread_create); + UWRAP_SYMBOL_ENTRY(pthread_exit); +}; +#undef UWRAP_SYMBOL_ENTRY /* * We keep the virtualised euid/egid/groups information here */ struct uwrap_thread { - pthread_t tid; - bool dead; + bool enabled; uid_t ruid; uid_t euid; @@ -220,8 +321,8 @@ struct uwrap_thread { gid_t egid; gid_t sgid; - gid_t *groups; int ngroups; + gid_t *groups; struct uwrap_thread *next; struct uwrap_thread *prev; @@ -230,19 +331,15 @@ struct uwrap_thread { struct uwrap { struct { void *handle; - struct uwrap_libc_fns fns; + struct uwrap_libc_symbols symbols; } libc; - bool initialised; - bool enabled; - - uid_t ruid; - uid_t euid; - uid_t suid; + struct { + void *handle; + struct uwrap_libpthread_symbols symbols; + } libpthread; - gid_t rgid; - gid_t egid; - gid_t sgid; + bool initialised; /* Real uid and gid of user who run uid wrapper */ uid_t myuid; @@ -259,9 +356,12 @@ static UWRAP_THREAD struct uwrap_thread *uwrap_tls_id; /* The mutex or accessing the id */ static pthread_mutex_t uwrap_id_mutex = PTHREAD_MUTEX_INITIALIZER; -/* The mutex for accessing the global libc.fns */ +/* The mutex for accessing the global libc.symbols */ static pthread_mutex_t libc_symbol_binding_mutex = PTHREAD_MUTEX_INITIALIZER; +/* The mutex for accessing the global libpthread.symbols */ +static pthread_mutex_t libpthread_symbol_binding_mutex = PTHREAD_MUTEX_INITIALIZER; + /********************************************************* * UWRAP PROTOTYPES *********************************************************/ @@ -278,6 +378,7 @@ enum uwrap_lib { UWRAP_LIBC, UWRAP_LIBNSL, UWRAP_LIBSOCKET, + UWRAP_LIBPTHREAD, }; static void *uwrap_load_lib_handle(enum uwrap_lib lib) @@ -311,6 +412,15 @@ static void *uwrap_load_lib_handle(enum uwrap_lib lib) uwrap.libc.handle = handle; } break; + case UWRAP_LIBPTHREAD: + handle = uwrap.libpthread.handle; + if (handle == NULL) { + handle = dlopen("libpthread.so.0", flags); + if (handle != NULL) { + break; + } + } + break; } if (handle == NULL) { @@ -327,7 +437,7 @@ static void *uwrap_load_lib_handle(enum uwrap_lib lib) return handle; } -static void *_uwrap_load_lib_function(enum uwrap_lib lib, const char *fn_name) +static void *_uwrap_bind_symbol(enum uwrap_lib lib, const char *fn_name) { void *handle; void *func; @@ -345,14 +455,22 @@ static void *_uwrap_load_lib_function(enum uwrap_lib lib, const char *fn_name) return func; } -#define uwrap_load_lib_function(lib, fn_name) \ +#define uwrap_bind_symbol_libc(sym_name) \ UWRAP_LOCK(libc_symbol_binding); \ - if (uwrap.libc.fns._libc_##fn_name == NULL) { \ - *(void **) (&uwrap.libc.fns._libc_##fn_name) = \ - _uwrap_load_lib_function(lib, #fn_name); \ + if (uwrap.libc.symbols._libc_##sym_name.obj == NULL) { \ + uwrap.libc.symbols._libc_##sym_name.obj = \ + _uwrap_bind_symbol(UWRAP_LIBC, #sym_name); \ } \ UWRAP_UNLOCK(libc_symbol_binding) +#define uwrap_bind_symbol_libpthread(sym_name) \ + UWRAP_LOCK(libpthread_symbol_binding); \ + if (uwrap.libpthread.symbols._libpthread_##sym_name.obj == NULL) { \ + uwrap.libpthread.symbols._libpthread_##sym_name.obj = \ + _uwrap_bind_symbol(UWRAP_LIBPTHREAD, #sym_name); \ + } \ + UWRAP_UNLOCK(libpthread_symbol_binding) + /* * IMPORTANT * @@ -363,128 +481,147 @@ static void *_uwrap_load_lib_function(enum uwrap_lib lib, const char *fn_name) */ static int libc_setuid(uid_t uid) { - uwrap_load_lib_function(UWRAP_LIBC, setuid); + uwrap_bind_symbol_libc(setuid); - return uwrap.libc.fns._libc_setuid(uid); + return uwrap.libc.symbols._libc_setuid.f(uid); } static uid_t libc_getuid(void) { - uwrap_load_lib_function(UWRAP_LIBC, getuid); + uwrap_bind_symbol_libc(getuid); - return uwrap.libc.fns._libc_getuid(); + return uwrap.libc.symbols._libc_getuid.f(); } #ifdef HAVE_SETEUID static int libc_seteuid(uid_t euid) { - uwrap_load_lib_function(UWRAP_LIBC, seteuid); + uwrap_bind_symbol_libc(seteuid); - return uwrap.libc.fns._libc_seteuid(euid); + return uwrap.libc.symbols._libc_seteuid.f(euid); } #endif #ifdef HAVE_SETREUID static int libc_setreuid(uid_t ruid, uid_t euid) { - uwrap_load_lib_function(UWRAP_LIBC, setreuid); + uwrap_bind_symbol_libc(setreuid); - return uwrap.libc.fns._libc_setreuid(ruid, euid); + return uwrap.libc.symbols._libc_setreuid.f(ruid, euid); } #endif #ifdef HAVE_SETRESUID static int libc_setresuid(uid_t ruid, uid_t euid, uid_t suid) { - uwrap_load_lib_function(UWRAP_LIBC, setresuid); + uwrap_bind_symbol_libc(setresuid); - return uwrap.libc.fns._libc_setresuid(ruid, euid, suid); + return uwrap.libc.symbols._libc_setresuid.f(ruid, euid, suid); +} +#endif + +#ifdef HAVE_GETRESUID +static int libc_getresuid(uid_t *ruid, uid_t *euid, uid_t *suid) +{ + uwrap_bind_symbol_libc(getresuid); + + return uwrap.libc.symbols._libc_getresuid.f(ruid, euid, suid); } #endif static uid_t libc_geteuid(void) { - uwrap_load_lib_function(UWRAP_LIBC, geteuid); + uwrap_bind_symbol_libc(geteuid); - return uwrap.libc.fns._libc_geteuid(); + return uwrap.libc.symbols._libc_geteuid.f(); } static int libc_setgid(gid_t gid) { - uwrap_load_lib_function(UWRAP_LIBC, setgid); + uwrap_bind_symbol_libc(setgid); - return uwrap.libc.fns._libc_setgid(gid); + return uwrap.libc.symbols._libc_setgid.f(gid); } static gid_t libc_getgid(void) { - uwrap_load_lib_function(UWRAP_LIBC, getgid); + uwrap_bind_symbol_libc(getgid); - return uwrap.libc.fns._libc_getgid(); + return uwrap.libc.symbols._libc_getgid.f(); } #ifdef HAVE_SETEGID static int libc_setegid(gid_t egid) { - uwrap_load_lib_function(UWRAP_LIBC, setegid); + uwrap_bind_symbol_libc(setegid); - return uwrap.libc.fns._libc_setegid(egid); + return uwrap.libc.symbols._libc_setegid.f(egid); } #endif #ifdef HAVE_SETREGID static int libc_setregid(gid_t rgid, gid_t egid) { - uwrap_load_lib_function(UWRAP_LIBC, setregid); + uwrap_bind_symbol_libc(setregid); - return uwrap.libc.fns._libc_setregid(rgid, egid); + return uwrap.libc.symbols._libc_setregid.f(rgid, egid); } #endif #ifdef HAVE_SETRESGID static int libc_setresgid(gid_t rgid, gid_t egid, gid_t sgid) { - uwrap_load_lib_function(UWRAP_LIBC, setresgid); + uwrap_bind_symbol_libc(setresgid); + + return uwrap.libc.symbols._libc_setresgid.f(rgid, egid, sgid); -- UID Wrapper Repository