nnk points out that all the opens in xabspath are potentially
affected. new patch attached:
[PATCH] xabspath: use O_PATH for dirfd.
SELinux on Android is unhappy if you try to read "/":
avc: denied { read } for name="/" dev="dm-3" ino=2
scontext=u:r:hal_dumpstate_impl:s0 tcontext=u:object_r:rootfs:s0
tclass=dir permissive=0
That could happen via the open of ".." too, and potentially any other
directory might have similar restrictions, so move all of the open calls
to using O_PATH.
O_PATH seems more intention-revealing given what this function is doing anyway.
---
lib/xwrap.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
On Tue, Mar 26, 2019 at 7:36 PM Rob Landley <[email protected]> wrote:
>
> On 3/26/19 4:56 PM, enh via Toybox wrote:
> > SELinux on Android is unhappy if you try to read "/":
> >
> > avc: denied { read } for name="/" dev="dm-3" ino=2
> > scontext=u:r:hal_dumpstate_impl:s0 tcontext=u:object_r:rootfs:s0
> > tclass=dir permissive=0
> >
> > O_PATH seems more intention-revealing anyway.
>
> When I first wrote that plumbing O_PATH wasn't in the 7 year rule (added by
> kernel commit 1abf0c718f15 in 2011 and took a while to diffuse into libc in
> distros), the kernel's well past and Ubuntu 14.04 is the oldest build
> environment I've been regression testing on recently, so... :)
>
> Rob
> _______________________________________________
> Toybox mailing list
> [email protected]
> http://lists.landley.net/listinfo.cgi/toybox-landley.net
From d101e87dcc7ed5ef46120691772b3db03050b633 Mon Sep 17 00:00:00 2001
From: Elliott Hughes <[email protected]>
Date: Wed, 27 Mar 2019 09:56:27 -0700
Subject: [PATCH] xabspath: use O_PATH for dirfd.
SELinux on Android is unhappy if you try to read "/":
avc: denied { read } for name="/" dev="dm-3" ino=2 scontext=u:r:hal_dumpstate_impl:s0 tcontext=u:object_r:rootfs:s0 tclass=dir permissive=0
That could happen via the open of ".." too, and potentially any other
directory might have similar restrictions, so move all of the open calls
to using O_PATH.
O_PATH seems more intention-revealing given what this function is doing anyway.
---
lib/xwrap.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/lib/xwrap.c b/lib/xwrap.c
index a8214e57..778cb38d 100644
--- a/lib/xwrap.c
+++ b/lib/xwrap.c
@@ -521,7 +521,7 @@ void xstat(char *path, struct stat *st)
char *xabspath(char *path, int exact)
{
struct string_list *todo, *done = 0;
- int try = 9999, dirfd = open("/", 0), missing = 0;
+ int try = 9999, dirfd = open("/", O_PATH), missing = 0;
char *ret;
// If this isn't an absolute path, start with cwd.
@@ -554,7 +554,7 @@ char *xabspath(char *path, int exact)
if (missing) missing--;
else {
- if (-1 == (x = openat(dirfd, "..", 0))) goto error;
+ if (-1 == (x = openat(dirfd, "..", O_PATH))) goto error;
close(dirfd);
dirfd = x;
}
@@ -578,7 +578,7 @@ char *xabspath(char *path, int exact)
}
if (errno != EINVAL && (exact || todo)) goto error;
- fd = openat(dirfd, new->str, 0);
+ fd = openat(dirfd, new->str, O_PATH);
if (fd == -1 && (exact || todo || errno != ENOENT)) goto error;
close(dirfd);
dirfd = fd;
@@ -591,7 +591,7 @@ char *xabspath(char *path, int exact)
llist_traverse(done, free);
done=0;
close(dirfd);
- dirfd = open("/", 0);
+ dirfd = open("/", O_PATH);
}
free(new);
@@ -611,7 +611,7 @@ char *xabspath(char *path, int exact)
try = 2;
while (done) {
- struct string_list *temp = llist_pop(&done);;
+ struct string_list *temp = llist_pop(&done);
if (todo) try++;
try += strlen(temp->str);
--
2.21.0.392.gf8f6787159e-goog
_______________________________________________
Toybox mailing list
[email protected]
http://lists.landley.net/listinfo.cgi/toybox-landley.net
