From: "Anthony G. Basile" <blueness@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/elfix:master commit in: src/
Date: Sat, 10 Nov 2012 21:26:00 +0000 (UTC) [thread overview]
Message-ID: <1352582742.77673e44fc1798c919aa442c62f90e56f1fde632.blueness@gentoo> (raw)
commit: 77673e44fc1798c919aa442c62f90e56f1fde632
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sat Nov 10 21:25:42 2012 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sat Nov 10 21:25:42 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/elfix.git;a=commit;h=77673e44
src/paxctl-ng.c: limit only ptpax or xtpax when both are possible
---
src/paxctl-ng.c | 44 +++++++++++++++++++++++++++++++-------------
1 files changed, 31 insertions(+), 13 deletions(-)
diff --git a/src/paxctl-ng.c b/src/paxctl-ng.c
index 817192d..2de2614 100644
--- a/src/paxctl-ng.c
+++ b/src/paxctl-ng.c
@@ -44,13 +44,16 @@
#ifdef XTPAX
#include <attr/xattr.h>
-
#define PAX_NAMESPACE "user.pax.flags"
-
#define CREATE_XT_FLAGS_SECURE 1
#define CREATE_XT_FLAGS_DEFAULT 2
+#endif
+
+#if defined(PTPAX) && defined(XTPAX)
#define COPY_PT_TO_XT_FLAGS 3
#define COPY_XT_TO_PT_FLAGS 4
+ #define LIMIT_TO_PT_FLAGS 5
+ #define LIMIT_TO_XT_FLAGS 6
#endif
#define FLAGS_SIZE 6
@@ -72,6 +75,7 @@ print_help_exit(char *v)
#endif
#if defined(PTPAX) && defined(XTPAX)
" : %s -Fv ELF | -fv ELF\n"
+ " : %s -Lv ELF | -lv ELF\n"
#endif
" : %s -v ELF | -h\n\n"
"Options : -P enable PAGEEXEC\t-p disable PAGEEXEC\n"
@@ -80,6 +84,7 @@ print_help_exit(char *v)
" : -E enable EMUTRAMP\t-e disable EMUTRAMP\n"
" : -R enable RANDMMAP\t-r disable RANDMMAP\n"
" : -Z all secure settings\t-z all default settings\n"
+ " :\n"
#ifdef XTPAX
" : -C create XT_PAX with most secure setting\n"
" : -c create XT_PAX all default settings\n"
@@ -87,7 +92,10 @@ print_help_exit(char *v)
#if defined(PTPAX) && defined(XTPAX)
" : -F copy PT_PAX to XT_PAX\n"
" : -f copy XT_PAX to PT_PAX\n"
+ " : -L set only PT_PAX flags\n"
+ " : -l set only XT_PAX flags\n"
#endif
+ " :\n"
" : -v view the flags, along with any accompanying operation\n"
" : -h print out this help\n\n"
"Note : If both enabling and disabling flags are set, the default - is used\n\n",
@@ -98,6 +106,7 @@ print_help_exit(char *v)
#endif
#if defined(PTPAX) && defined(XTPAX)
basename(v),
+ basename(v),
#endif
basename(v)
);
@@ -108,7 +117,7 @@ print_help_exit(char *v)
void
parse_cmd_args(int argc, char *argv[], uint16_t *pax_flags, int *verbose, int *cp_flags,
- int *begin, int *end)
+ int *limit, int *begin, int *end)
{
int i, oc;
int compat, solitaire;
@@ -211,6 +220,12 @@ parse_cmd_args(int argc, char *argv[], uint16_t *pax_flags, int *verbose, int *c
solitaire += 1;
*cp_flags = COPY_XT_TO_PT_FLAGS;
break;
+ case 'L':
+ *limit = LIMIT_TO_PT_FLAGS;
+ break;
+ case 'l':
+ *limit = LIMIT_TO_XT_FLAGS;
+ break;
#else
case 'F':
case 'f':
@@ -570,12 +585,12 @@ set_xt_flags(int fd, uint16_t xt_flags)
void
-set_flags(int fd, uint16_t *pax_flags, int rdwr_pt_pax, int verbose)
+set_flags(int fd, uint16_t *pax_flags, int rdwr_pt_pax, int limit, int verbose)
{
uint16_t flags;
#ifdef PTPAX
- if(rdwr_pt_pax)
+ if(rdwr_pt_pax && !( limit == LIMIT_TO_XT_FLAGS) )
{
flags = get_pt_flags(fd, verbose);
if( flags == UINT16_MAX )
@@ -586,11 +601,14 @@ set_flags(int fd, uint16_t *pax_flags, int rdwr_pt_pax, int verbose)
#endif
#ifdef XTPAX
- flags = get_xt_flags(fd);
- if( flags == UINT16_MAX )
- flags = PF_NOEMUTRAMP ;
- flags = update_flags( flags, *pax_flags);
- set_xt_flags(fd, flags);
+ if( !( limit == LIMIT_TO_PT_FLAGS) )
+ {
+ flags = get_xt_flags(fd);
+ if( flags == UINT16_MAX )
+ flags = PF_NOEMUTRAMP ;
+ flags = update_flags( flags, *pax_flags);
+ set_xt_flags(fd, flags);
+ }
#endif
}
@@ -641,10 +659,10 @@ main( int argc, char *argv[])
{
int fd, fi;
uint16_t pax_flags;
- int verbose, cp_flags, begin, end;
+ int verbose, cp_flags, limit, begin, end;
int rdwr_pt_pax = 1;
- parse_cmd_args(argc, argv, &pax_flags, &verbose, &cp_flags, &begin, &end);
+ parse_cmd_args(argc, argv, &pax_flags, &verbose, &cp_flags, &limit, &begin, &end);
for(fi = begin; fi < end; fi++)
{
@@ -677,7 +695,7 @@ main( int argc, char *argv[])
#endif
if(pax_flags != 0)
- set_flags(fd, &pax_flags, rdwr_pt_pax, verbose);
+ set_flags(fd, &pax_flags, rdwr_pt_pax, limit, verbose);
if(verbose == 1)
print_flags(fd, verbose);
next reply other threads:[~2012-11-10 21:26 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-10 21:26 Anthony G. Basile [this message]
-- strict thread matches above, loose matches on Subject: below --
2018-12-13 14:48 [gentoo-commits] proj/elfix:master commit in: src/ Anthony G. Basile
2013-09-26 12:24 Anthony G. Basile
2012-12-28 23:07 Anthony G. Basile
2012-12-22 17:48 Anthony G. Basile
2012-12-21 20:36 Anthony G. Basile
2012-11-10 23:27 Anthony G. Basile
2012-11-10 22:29 Anthony G. Basile
2012-11-10 21:55 Anthony G. Basile
2012-11-10 21:35 Anthony G. Basile
2012-07-27 22:00 Anthony G. Basile
2012-07-23 10:47 Anthony G. Basile
2012-07-21 12:37 Anthony G. Basile
2012-07-20 13:24 Anthony G. Basile
2012-07-20 11:56 Anthony G. Basile
2012-07-20 9:30 Anthony G. Basile
2011-11-27 0:59 Anthony G. Basile
2011-11-27 0:26 Anthony G. Basile
2011-11-15 16:07 Anthony G. Basile
2011-11-03 18:45 Anthony G. Basile
2011-11-03 18:16 Anthony G. Basile
2011-11-03 12:33 Anthony G. Basile
2011-10-22 19:51 Anthony G. Basile
2011-10-18 22:48 Anthony G. Basile
2011-09-27 18:49 Anthony G. Basile
2011-09-27 17:58 Anthony G. Basile
2011-09-27 17:30 Anthony G. Basile
2011-09-18 22:48 Anthony G. Basile
2011-09-18 14:20 Anthony G. Basile
2011-09-11 21:12 Anthony G. Basile
2011-09-11 3:40 Anthony G. Basile
2011-09-11 2:32 Anthony G. Basile
2011-09-11 1:54 Anthony G. Basile
2011-09-11 0:23 Anthony G. Basile
2011-09-10 21:36 Anthony G. Basile
2011-09-10 21:35 Anthony G. Basile
2011-09-10 21:11 Anthony G. Basile
2011-05-13 12:01 Anthony G. Basile
2011-05-05 22:40 Anthony G. Basile
2011-05-04 2:15 Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1352582742.77673e44fc1798c919aa442c62f90e56f1fde632.blueness@gentoo \
--to=blueness@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox