public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] proj/sandbox:stable-2.x commit in: tests/, libsandbox/, libsandbox/wrapper-funcs/
@ 2024-12-22  3:49 Mike Gilbert
  2025-01-14  4:38 ` [gentoo-commits] proj/sandbox:master commit in: libsandbox/, libsandbox/wrapper-funcs/, tests/ Mike Gilbert
  0 siblings, 1 reply; 4+ messages in thread
From: Mike Gilbert @ 2024-12-22  3:49 UTC (permalink / raw
  To: gentoo-commits

commit:     dacccb0b801a7a75267f674d219fb89393e862d3
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Sun Dec 22 02:54:20 2024 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Sun Dec 22 03:43:25 2024 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=dacccb0b

Fix handling of faccessat with AT_EMPTY_PATH

Bug: https://bugs.gentoo.org/946793
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>
(cherry picked from commit c8491074bb094dbceb773eb1803ddc5f499ea67b)

 libsandbox/libsandbox.c              | 37 +++++++++++++++++-------------------
 libsandbox/libsandbox.h              | 18 +++++++++---------
 libsandbox/trace.c                   |  6 +++---
 libsandbox/wrapper-funcs/faccessat.c |  2 +-
 tests/faccessat-1.sh                 |  7 +++++++
 tests/faccessat.at                   |  1 +
 tests/test-skel-0.c                  |  3 ++-
 7 files changed, 40 insertions(+), 34 deletions(-)

diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index c4bfac8..2843536 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -1061,21 +1061,14 @@ bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, in
 	int result;
 	char *at_file_buf;
 
-	/* Some funcs operate on a fd directly and so filename is NULL, but
-	 * the rest should get rejected as "file/directory does not exist".
-	 */
-	if (file == NULL || file[0] == '\0') {
-		if ((file == NULL || (flags & AT_EMPTY_PATH)) &&
-			(sb_nr == SB_NR_UTIMENSAT || sb_nr == SB_NR_FUTIMESAT))
-		{
-			/* let it slide -- the func is magic and changes behavior
-			 * from "file relative to dirfd" to "dirfd is actually file
-			 * fd" whenever file is NULL.
-			 */
-		} else {
-			errno = ENOENT;
-			return false;
-		}
+	if (file == NULL) {
+		/* futimesat treats dirfd as the target when file is NULL */
+		if (sb_nr != SB_NR_FUTIMESAT)
+			return true; /* let the kernel reject this */
+	}
+	else if (file[0] == '\0') {
+		if (!(flags & AT_EMPTY_PATH))
+			return true; /* let the kernel reject this */
 	}
 
 	switch (resolve_dirfd_path_alloc(dirfd, file, &at_file_buf)) {
@@ -1117,13 +1110,17 @@ bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, in
 	return result ? true : false;
 }
 
-bool before_syscall_access(int dirfd, int sb_nr, const char *func, const char *file, int flags)
+bool before_syscall_access(int dirfd, int sb_nr, const char *func, const char *file, int mode, int flags)
 {
 	const char *ext_func;
-	if (flags & W_OK)
-		sb_nr = SB_NR_ACCESS_WR, ext_func = "access_wr";
-	else if (flags & R_OK)
-		sb_nr = SB_NR_ACCESS_RD, ext_func = "access_rd";
+	if (mode & W_OK) {
+		sb_nr = SB_NR_ACCESS_WR;
+		ext_func = "access_wr";
+	}
+	else if (mode & R_OK) {
+		sb_nr = SB_NR_ACCESS_RD;
+		ext_func = "access_rd";
+	}
 	else
 		/* Must be F_OK or X_OK; we do not need to check either. */
 		return true;

diff --git a/libsandbox/libsandbox.h b/libsandbox/libsandbox.h
index 01a4c6c..1bc79bb 100644
--- a/libsandbox/libsandbox.h
+++ b/libsandbox/libsandbox.h
@@ -23,14 +23,14 @@
 #define  SB_SAFE(_path) \
          SB_SAFE_AT(AT_FDCWD, _path, 0)
 
-#define _SB_SAFE_ACCESS_AT(_nr, _name, _dirfd, _path, _flags) \
-       __SB_SAFE(before_syscall_access(_dirfd, _nr, _name, _path, _flags))
-#define  SB_SAFE_ACCESS_AT(_dirfd, _path, _flags) \
-        _SB_SAFE_ACCESS_AT(WRAPPER_NR, STRING_NAME, _dirfd, _path, _flags)
-#define _SB_SAFE_ACCESS(_nr, _name, _path, _flags) \
-        _SB_SAFE_ACCESS_AT(_nr, _name, AT_FDCWD, _path, _flags)
-#define  SB_SAFE_ACCESS(_path, _flags) \
-         SB_SAFE_ACCESS_AT(AT_FDCWD, _path, _flags)
+#define _SB_SAFE_ACCESS_AT(_nr, _name, _dirfd, _path, _mode, _flags) \
+       __SB_SAFE(before_syscall_access(_dirfd, _nr, _name, _path, _mode, _flags))
+#define  SB_SAFE_ACCESS_AT(_dirfd, _path, _mode, _flags) \
+        _SB_SAFE_ACCESS_AT(WRAPPER_NR, STRING_NAME, _dirfd, _path, _mode, _flags)
+#define _SB_SAFE_ACCESS(_nr, _name, _path, _mode) \
+        _SB_SAFE_ACCESS_AT(_nr, _name, AT_FDCWD, _path, _mode, 0)
+#define  SB_SAFE_ACCESS(_path, _mode) \
+         SB_SAFE_ACCESS_AT(AT_FDCWD, _path, _mode, 0)
 
 #define _SB_SAFE_OPEN_INT_AT(_nr, _name, _dirfd, _path, _flags) \
        __SB_SAFE(before_syscall_open_int(_dirfd, _nr, _name, _path, _flags))
@@ -57,7 +57,7 @@
 
 bool is_sandbox_on(void);
 bool before_syscall(int, int, const char *, const char *, int);
-bool before_syscall_access(int, int, const char *, const char *, int);
+bool before_syscall_access(int, int, const char *, const char *, int, int);
 bool before_syscall_open_int(int, int, const char *, const char *, int);
 bool before_syscall_open_char(int, int, const char *, const char *, const char *);
 bool before_syscall_fd(int, const char *, int);

diff --git a/libsandbox/trace.c b/libsandbox/trace.c
index 7ac4b5d..59449d9 100644
--- a/libsandbox/trace.c
+++ b/libsandbox/trace.c
@@ -362,9 +362,9 @@ static bool trace_check_syscall(const struct syscall_entry *se, void *regs)
 	} else if (nr == SB_NR_FACCESSAT) {
 		int dirfd = trace_arg(regs, 1);
 		char *path = do_peekstr(trace_arg(regs, 2));
-		int flags = trace_arg(regs, 3);
-		__sb_debug("(%i, \"%s\", %x)", dirfd, path, flags);
-		ret = _SB_SAFE_ACCESS_AT(nr, name, dirfd, path, flags);
+		int mode = trace_arg(regs, 3);
+		__sb_debug("(%i, \"%s\", %x)", dirfd, path, mode);
+		ret = _SB_SAFE_ACCESS_AT(nr, name, dirfd, path, mode, 0);
 		free(path);
 		return ret;
 

diff --git a/libsandbox/wrapper-funcs/faccessat.c b/libsandbox/wrapper-funcs/faccessat.c
index 722b313..056f5ee 100644
--- a/libsandbox/wrapper-funcs/faccessat.c
+++ b/libsandbox/wrapper-funcs/faccessat.c
@@ -7,5 +7,5 @@
 
 #define WRAPPER_ARGS_PROTO int dirfd, const char *pathname, int mode, int flags
 #define WRAPPER_ARGS dirfd, pathname, mode, flags
-#define WRAPPER_SAFE() SB_SAFE_ACCESS_AT(dirfd, pathname, mode)
+#define WRAPPER_SAFE() SB_SAFE_ACCESS_AT(dirfd, pathname, mode, flags)
 #include "__wrapper_simple.c"

diff --git a/tests/faccessat-1.sh b/tests/faccessat-1.sh
new file mode 100644
index 0000000..66b5268
--- /dev/null
+++ b/tests/faccessat-1.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+set -e
+addwrite "$PWD/file"
+faccessat-0 0 'file:O_RDWR|O_CREAT:0666' '' rw AT_EMPTY_PATH
+exec 9<file
+adddeny "$PWD/file"
+faccessat-0 -1,EACCES 9 '' rw AT_EMPTY_PATH

diff --git a/tests/faccessat.at b/tests/faccessat.at
new file mode 100644
index 0000000..081d7d2
--- /dev/null
+++ b/tests/faccessat.at
@@ -0,0 +1 @@
+SB_CHECK(1)

diff --git a/tests/test-skel-0.c b/tests/test-skel-0.c
index 91128d3..efc03f1 100644
--- a/tests/test-skel-0.c
+++ b/tests/test-skel-0.c
@@ -66,7 +66,7 @@ const char *f_get_file(const char *str_file)
 		return str_file;
 }
 
-#define V_ATFLAGS "0 | AT_SYMLINK_NOFOLLOW | AT_REMOVEDIR | AT_SYMLINK_FOLLOW | AT_EACCESS"
+#define V_ATFLAGS "0 | AT_SYMLINK_NOFOLLOW | AT_REMOVEDIR | AT_SYMLINK_FOLLOW | AT_EACCESS | AT_EMPTY_PATH"
 int at_get_flags(const char *str_flags)
 {
 	const value_pair flags[] = {
@@ -74,6 +74,7 @@ int at_get_flags(const char *str_flags)
 		PAIR(AT_REMOVEDIR)
 		PAIR(AT_SYMLINK_FOLLOW)
 		PAIR(AT_EACCESS)
+		PAIR(AT_EMPTY_PATH)
 		{ }
 	};
 	return _get_flags(str_flags, flags);


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [gentoo-commits] proj/sandbox:master commit in: libsandbox/, libsandbox/wrapper-funcs/, tests/
@ 2024-12-22  3:41 Mike Gilbert
  0 siblings, 0 replies; 4+ messages in thread
From: Mike Gilbert @ 2024-12-22  3:41 UTC (permalink / raw
  To: gentoo-commits

commit:     c8491074bb094dbceb773eb1803ddc5f499ea67b
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Sun Dec 22 02:54:20 2024 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Sun Dec 22 02:54:20 2024 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=c8491074

Fix handling of faccessat with AT_EMPTY_PATH

Bug: https://bugs.gentoo.org/946793
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 libsandbox/libsandbox.c              | 37 +++++++++++++++++-------------------
 libsandbox/libsandbox.h              | 18 +++++++++---------
 libsandbox/trace.c                   |  6 +++---
 libsandbox/wrapper-funcs/faccessat.c |  2 +-
 tests/faccessat-1.sh                 |  7 +++++++
 tests/faccessat.at                   |  1 +
 tests/test-skel-0.c                  |  3 ++-
 7 files changed, 40 insertions(+), 34 deletions(-)

diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index 3671f98..8501597 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -1061,21 +1061,14 @@ bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, in
 	int result;
 	char *at_file_buf;
 
-	/* Some funcs operate on a fd directly and so filename is NULL, but
-	 * the rest should get rejected as "file/directory does not exist".
-	 */
-	if (file == NULL || file[0] == '\0') {
-		if ((file == NULL || (flags & AT_EMPTY_PATH)) &&
-			(sb_nr == SB_NR_UTIMENSAT || sb_nr == SB_NR_FUTIMESAT))
-		{
-			/* let it slide -- the func is magic and changes behavior
-			 * from "file relative to dirfd" to "dirfd is actually file
-			 * fd" whenever file is NULL.
-			 */
-		} else {
-			errno = ENOENT;
-			return false;
-		}
+	if (file == NULL) {
+		/* futimesat treats dirfd as the target when file is NULL */
+		if (sb_nr != SB_NR_FUTIMESAT)
+			return true; /* let the kernel reject this */
+	}
+	else if (file[0] == '\0') {
+		if (!(flags & AT_EMPTY_PATH))
+			return true; /* let the kernel reject this */
 	}
 
 	switch (resolve_dirfd_path_alloc(dirfd, file, &at_file_buf)) {
@@ -1117,13 +1110,17 @@ bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, in
 	return result ? true : false;
 }
 
-bool before_syscall_access(int dirfd, int sb_nr, const char *func, const char *file, int flags)
+bool before_syscall_access(int dirfd, int sb_nr, const char *func, const char *file, int mode, int flags)
 {
 	const char *ext_func;
-	if (flags & W_OK)
-		sb_nr = SB_NR_ACCESS_WR, ext_func = "access_wr";
-	else if (flags & R_OK)
-		sb_nr = SB_NR_ACCESS_RD, ext_func = "access_rd";
+	if (mode & W_OK) {
+		sb_nr = SB_NR_ACCESS_WR;
+		ext_func = "access_wr";
+	}
+	else if (mode & R_OK) {
+		sb_nr = SB_NR_ACCESS_RD;
+		ext_func = "access_rd";
+	}
 	else
 		/* Must be F_OK or X_OK; we do not need to check either. */
 		return true;

diff --git a/libsandbox/libsandbox.h b/libsandbox/libsandbox.h
index 01a4c6c..1bc79bb 100644
--- a/libsandbox/libsandbox.h
+++ b/libsandbox/libsandbox.h
@@ -23,14 +23,14 @@
 #define  SB_SAFE(_path) \
          SB_SAFE_AT(AT_FDCWD, _path, 0)
 
-#define _SB_SAFE_ACCESS_AT(_nr, _name, _dirfd, _path, _flags) \
-       __SB_SAFE(before_syscall_access(_dirfd, _nr, _name, _path, _flags))
-#define  SB_SAFE_ACCESS_AT(_dirfd, _path, _flags) \
-        _SB_SAFE_ACCESS_AT(WRAPPER_NR, STRING_NAME, _dirfd, _path, _flags)
-#define _SB_SAFE_ACCESS(_nr, _name, _path, _flags) \
-        _SB_SAFE_ACCESS_AT(_nr, _name, AT_FDCWD, _path, _flags)
-#define  SB_SAFE_ACCESS(_path, _flags) \
-         SB_SAFE_ACCESS_AT(AT_FDCWD, _path, _flags)
+#define _SB_SAFE_ACCESS_AT(_nr, _name, _dirfd, _path, _mode, _flags) \
+       __SB_SAFE(before_syscall_access(_dirfd, _nr, _name, _path, _mode, _flags))
+#define  SB_SAFE_ACCESS_AT(_dirfd, _path, _mode, _flags) \
+        _SB_SAFE_ACCESS_AT(WRAPPER_NR, STRING_NAME, _dirfd, _path, _mode, _flags)
+#define _SB_SAFE_ACCESS(_nr, _name, _path, _mode) \
+        _SB_SAFE_ACCESS_AT(_nr, _name, AT_FDCWD, _path, _mode, 0)
+#define  SB_SAFE_ACCESS(_path, _mode) \
+         SB_SAFE_ACCESS_AT(AT_FDCWD, _path, _mode, 0)
 
 #define _SB_SAFE_OPEN_INT_AT(_nr, _name, _dirfd, _path, _flags) \
        __SB_SAFE(before_syscall_open_int(_dirfd, _nr, _name, _path, _flags))
@@ -57,7 +57,7 @@
 
 bool is_sandbox_on(void);
 bool before_syscall(int, int, const char *, const char *, int);
-bool before_syscall_access(int, int, const char *, const char *, int);
+bool before_syscall_access(int, int, const char *, const char *, int, int);
 bool before_syscall_open_int(int, int, const char *, const char *, int);
 bool before_syscall_open_char(int, int, const char *, const char *, const char *);
 bool before_syscall_fd(int, const char *, int);

diff --git a/libsandbox/trace.c b/libsandbox/trace.c
index 75a749e..e570207 100644
--- a/libsandbox/trace.c
+++ b/libsandbox/trace.c
@@ -394,9 +394,9 @@ static bool trace_check_syscall(const struct syscall_entry *se, void *regs)
 	} else if (nr == SB_NR_FACCESSAT) {
 		int dirfd = trace_arg(regs, 1);
 		char *path = do_peekstr(trace_arg(regs, 2));
-		int flags = trace_arg(regs, 3);
-		__sb_debug("(%i, \"%s\", %x)", dirfd, path, flags);
-		ret = _SB_SAFE_ACCESS_AT(nr, name, dirfd, path, flags);
+		int mode = trace_arg(regs, 3);
+		__sb_debug("(%i, \"%s\", %x)", dirfd, path, mode);
+		ret = _SB_SAFE_ACCESS_AT(nr, name, dirfd, path, mode, 0);
 		free(path);
 		return ret;
 

diff --git a/libsandbox/wrapper-funcs/faccessat.c b/libsandbox/wrapper-funcs/faccessat.c
index 722b313..056f5ee 100644
--- a/libsandbox/wrapper-funcs/faccessat.c
+++ b/libsandbox/wrapper-funcs/faccessat.c
@@ -7,5 +7,5 @@
 
 #define WRAPPER_ARGS_PROTO int dirfd, const char *pathname, int mode, int flags
 #define WRAPPER_ARGS dirfd, pathname, mode, flags
-#define WRAPPER_SAFE() SB_SAFE_ACCESS_AT(dirfd, pathname, mode)
+#define WRAPPER_SAFE() SB_SAFE_ACCESS_AT(dirfd, pathname, mode, flags)
 #include "__wrapper_simple.c"

diff --git a/tests/faccessat-1.sh b/tests/faccessat-1.sh
new file mode 100644
index 0000000..66b5268
--- /dev/null
+++ b/tests/faccessat-1.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+set -e
+addwrite "$PWD/file"
+faccessat-0 0 'file:O_RDWR|O_CREAT:0666' '' rw AT_EMPTY_PATH
+exec 9<file
+adddeny "$PWD/file"
+faccessat-0 -1,EACCES 9 '' rw AT_EMPTY_PATH

diff --git a/tests/faccessat.at b/tests/faccessat.at
new file mode 100644
index 0000000..081d7d2
--- /dev/null
+++ b/tests/faccessat.at
@@ -0,0 +1 @@
+SB_CHECK(1)

diff --git a/tests/test-skel-0.c b/tests/test-skel-0.c
index 9cf18b8..9029e21 100644
--- a/tests/test-skel-0.c
+++ b/tests/test-skel-0.c
@@ -66,7 +66,7 @@ const char *f_get_file(const char *str_file)
 		return str_file;
 }
 
-#define V_ATFLAGS "0 | AT_SYMLINK_NOFOLLOW | AT_REMOVEDIR | AT_SYMLINK_FOLLOW | AT_EACCESS"
+#define V_ATFLAGS "0 | AT_SYMLINK_NOFOLLOW | AT_REMOVEDIR | AT_SYMLINK_FOLLOW | AT_EACCESS | AT_EMPTY_PATH"
 int at_get_flags(const char *str_flags)
 {
 	const value_pair flags[] = {
@@ -74,6 +74,7 @@ int at_get_flags(const char *str_flags)
 		PAIR(AT_REMOVEDIR)
 		PAIR(AT_SYMLINK_FOLLOW)
 		PAIR(AT_EACCESS)
+		PAIR(AT_EMPTY_PATH)
 		{ }
 	};
 	return _get_flags(str_flags, flags);


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [gentoo-commits] proj/sandbox:master commit in: libsandbox/, libsandbox/wrapper-funcs/, tests/
@ 2021-10-23 22:19 Mike Frysinger
  0 siblings, 0 replies; 4+ messages in thread
From: Mike Frysinger @ 2021-10-23 22:19 UTC (permalink / raw
  To: gentoo-commits

commit:     afa38c053de48152beef9d8bf6726a4710bcba58
Author:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Sat Oct 23 07:25:25 2021 +0000
Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Sat Oct 23 22:18:03 2021 +0000
URL:        https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=afa38c05

libsandbox: add 64-bit time_t wrappers

This intercepts the C library 64-bit time_t interfaces.  The syscall
trace side will need more work first.

Bug: https://bugs.gentoo.org/751241
Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

 libsandbox/symbols.h.in                  |  5 +++++
 libsandbox/wrapper-funcs/__futimesat64.c | 13 +++++++++++++
 libsandbox/wrapper-funcs/__lutimes64.c   | 13 +++++++++++++
 libsandbox/wrapper-funcs/__utime64.c     | 13 +++++++++++++
 libsandbox/wrapper-funcs/__utimensat64.c | 13 +++++++++++++
 libsandbox/wrapper-funcs/__utimes64.c    | 13 +++++++++++++
 libsandbox/wrapper-funcs/futimesat.c     |  4 +++-
 libsandbox/wrapper-funcs/lutimes.c       |  4 +++-
 libsandbox/wrapper-funcs/utime.c         |  4 +++-
 libsandbox/wrapper-funcs/utimensat.c     |  4 +++-
 libsandbox/wrapper-funcs/utimes.c        |  4 +++-
 tests/local.mk                           |  2 ++
 tests/test-skel-0.c                      |  4 ++--
 tests/utimensat64-0.c                    |  3 +++
 tests/utimensat64-1.sh                   |  9 +++++++++
 tests/utimensat64.at                     |  1 +
 tests/utimensat64_static-0.c             |  1 +
 tests/utimensat64_static-1.sh            | 10 ++++++++++
 tests/utimensat64_static.at              |  1 +
 19 files changed, 114 insertions(+), 7 deletions(-)

diff --git a/libsandbox/symbols.h.in b/libsandbox/symbols.h.in
index 0fe6eca..40c04e3 100644
--- a/libsandbox/symbols.h.in
+++ b/libsandbox/symbols.h.in
@@ -74,9 +74,14 @@ lremovexattr
 setxattr
 lsetxattr
 utime
+__utime64
 utimes
+__utimes64
 utimensat
+__utimensat64
 futimesat
+__futimesat64
 lutimes
+__lutimes64
 fork
 vfork

diff --git a/libsandbox/wrapper-funcs/__futimesat64.c b/libsandbox/wrapper-funcs/__futimesat64.c
new file mode 100644
index 0000000..9ad791e
--- /dev/null
+++ b/libsandbox/wrapper-funcs/__futimesat64.c
@@ -0,0 +1,13 @@
+/*
+ * __futimesat64() wrapper.
+ *
+ * Copyright 1999-2021 Gentoo Foundation
+ * Licensed under the GPL-2
+ */
+
+/*
+ * NB: Reusing the 32-bit time interface isn't entirely correct as the 64-bit time interface uses a
+ * different structure, but we never decode the time values in sandbox, so it doesn't matter to use.
+ */
+#define WRAPPER_SAFE() _SB_SAFE_AT(SB_NR_FUTIMESAT, STRING_NAME, dirfd, filename, 0)
+#include "futimesat.c"

diff --git a/libsandbox/wrapper-funcs/__lutimes64.c b/libsandbox/wrapper-funcs/__lutimes64.c
new file mode 100644
index 0000000..edab47c
--- /dev/null
+++ b/libsandbox/wrapper-funcs/__lutimes64.c
@@ -0,0 +1,13 @@
+/*
+ * __lutimes64() wrapper.
+ *
+ * Copyright 1999-2021 Gentoo Foundation
+ * Licensed under the GPL-2
+ */
+
+/*
+ * NB: Reusing the 32-bit time interface isn't entirely correct as the 64-bit time interface uses a
+ * different structure, but we never decode the time values in sandbox, so it doesn't matter to use.
+ */
+#define WRAPPER_SAFE() _SB_SAFE(SB_NR_LUTIMES, STRING_NAME, filename)
+#include "lutimes.c"

diff --git a/libsandbox/wrapper-funcs/__utime64.c b/libsandbox/wrapper-funcs/__utime64.c
new file mode 100644
index 0000000..4e1b573
--- /dev/null
+++ b/libsandbox/wrapper-funcs/__utime64.c
@@ -0,0 +1,13 @@
+/*
+ * __utime64() wrapper.
+ *
+ * Copyright 1999-2021 Gentoo Foundation
+ * Licensed under the GPL-2
+ */
+
+/*
+ * NB: Reusing the 32-bit time interface isn't entirely correct as the 64-bit time interface uses a
+ * different structure, but we never decode the time values in sandbox, so it doesn't matter to use.
+ */
+#define WRAPPER_SAFE() _SB_SAFE(SB_NR_UTIME, STRING_NAME, filename)
+#include "utime.c"

diff --git a/libsandbox/wrapper-funcs/__utimensat64.c b/libsandbox/wrapper-funcs/__utimensat64.c
new file mode 100644
index 0000000..4ef1c69
--- /dev/null
+++ b/libsandbox/wrapper-funcs/__utimensat64.c
@@ -0,0 +1,13 @@
+/*
+ * __utimensat64() wrapper.
+ *
+ * Copyright 1999-2021 Gentoo Foundation
+ * Licensed under the GPL-2
+ */
+
+/*
+ * NB: Reusing the 32-bit time interface isn't entirely correct as the 64-bit time interface uses a
+ * different structure, but we never decode the time values in sandbox, so it doesn't matter to use.
+ */
+#define WRAPPER_SAFE() _SB_SAFE_AT(SB_NR_UTIMENSAT, STRING_NAME, dirfd, filename, flags)
+#include "utimensat.c"

diff --git a/libsandbox/wrapper-funcs/__utimes64.c b/libsandbox/wrapper-funcs/__utimes64.c
new file mode 100644
index 0000000..3fa6688
--- /dev/null
+++ b/libsandbox/wrapper-funcs/__utimes64.c
@@ -0,0 +1,13 @@
+/*
+ * __utimes64() wrapper.
+ *
+ * Copyright 1999-2021 Gentoo Foundation
+ * Licensed under the GPL-2
+ */
+
+/*
+ * NB: Reusing the 32-bit time interface isn't entirely correct as the 64-bit time interface uses a
+ * different structure, but we never decode the time values in sandbox, so it doesn't matter to use.
+ */
+#define WRAPPER_SAFE() _SB_SAFE(SB_NR_UTIMES, STRING_NAME, filename)
+#include "utimes.c"

diff --git a/libsandbox/wrapper-funcs/futimesat.c b/libsandbox/wrapper-funcs/futimesat.c
index 6f6481b..bc1a966 100644
--- a/libsandbox/wrapper-funcs/futimesat.c
+++ b/libsandbox/wrapper-funcs/futimesat.c
@@ -7,5 +7,7 @@
 
 #define WRAPPER_ARGS_PROTO int dirfd, const char *filename, const struct timeval times[2]
 #define WRAPPER_ARGS dirfd, filename, times
-#define WRAPPER_SAFE() SB_SAFE_AT(dirfd, filename, 0)
+#ifndef WRAPPER_SAFE
+# define WRAPPER_SAFE() SB_SAFE_AT(dirfd, filename, 0)
+#endif
 #include "__wrapper_simple.c"

diff --git a/libsandbox/wrapper-funcs/lutimes.c b/libsandbox/wrapper-funcs/lutimes.c
index 3192a33..fb9ae68 100644
--- a/libsandbox/wrapper-funcs/lutimes.c
+++ b/libsandbox/wrapper-funcs/lutimes.c
@@ -7,5 +7,7 @@
 
 #define WRAPPER_ARGS_PROTO const char *filename, const struct timeval times[2]
 #define WRAPPER_ARGS filename, times
-#define WRAPPER_SAFE() SB_SAFE(filename)
+#ifndef WRAPPER_SAFE
+# define WRAPPER_SAFE() SB_SAFE(filename)
+#endif
 #include "__wrapper_simple.c"

diff --git a/libsandbox/wrapper-funcs/utime.c b/libsandbox/wrapper-funcs/utime.c
index f0a6814..4bbf374 100644
--- a/libsandbox/wrapper-funcs/utime.c
+++ b/libsandbox/wrapper-funcs/utime.c
@@ -7,5 +7,7 @@
 
 #define WRAPPER_ARGS_PROTO const char *filename, const struct utimbuf *times
 #define WRAPPER_ARGS filename, times
-#define WRAPPER_SAFE() SB_SAFE(filename)
+#ifndef WRAPPER_SAFE
+# define WRAPPER_SAFE() SB_SAFE(filename)
+#endif
 #include "__wrapper_simple.c"

diff --git a/libsandbox/wrapper-funcs/utimensat.c b/libsandbox/wrapper-funcs/utimensat.c
index 840ff18..3baf89c 100644
--- a/libsandbox/wrapper-funcs/utimensat.c
+++ b/libsandbox/wrapper-funcs/utimensat.c
@@ -7,5 +7,7 @@
 
 #define WRAPPER_ARGS_PROTO int dirfd, const char *filename, const struct timespec times[2], int flags
 #define WRAPPER_ARGS dirfd, filename, times, flags
-#define WRAPPER_SAFE() SB_SAFE_AT(dirfd, filename, flags)
+#ifndef WRAPPER_SAFE
+# define WRAPPER_SAFE() SB_SAFE_AT(dirfd, filename, flags)
+#endif
 #include "__wrapper_simple.c"

diff --git a/libsandbox/wrapper-funcs/utimes.c b/libsandbox/wrapper-funcs/utimes.c
index b117895..902c6f5 100644
--- a/libsandbox/wrapper-funcs/utimes.c
+++ b/libsandbox/wrapper-funcs/utimes.c
@@ -7,5 +7,7 @@
 
 #define WRAPPER_ARGS_PROTO const char *filename, const struct timeval times[2]
 #define WRAPPER_ARGS filename, times
-#define WRAPPER_SAFE() SB_SAFE(filename)
+#ifndef WRAPPER_SAFE
+# define WRAPPER_SAFE() SB_SAFE(filename)
+#endif
 #include "__wrapper_simple.c"

diff --git a/tests/local.mk b/tests/local.mk
index aa2acac..86a8a65 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -81,7 +81,9 @@ check_PROGRAMS += \
 	%D%/unlinkat-0 \
 	%D%/utime-0 \
 	%D%/utimensat-0 \
+	%D%/utimensat64-0 \
 	%D%/utimensat_static-0 \
+	%D%/utimensat64_static-0 \
 	%D%/utimes-0 \
 	%D%/vfork-0 \
 	\

diff --git a/tests/test-skel-0.c b/tests/test-skel-0.c
index 96e42ae..de88cf4 100644
--- a/tests/test-skel-0.c
+++ b/tests/test-skel-0.c
@@ -144,8 +144,8 @@ struct timespec *parse_timespec(const char *s)
 	if (!strcmp(s, "NOW")) {
 		times->tv_sec = time(0);
 	} else {
-		long sec = 0, nsec = 0;
-		sscanf(s, "%li,%li", &sec, &nsec);
+		int64_t sec = 0, nsec = 0;
+		sscanf(s, "%" PRIi64 ",%" PRIi64, &sec, &nsec);
 		times->tv_sec = sec;
 		times->tv_nsec = nsec;
 	}

diff --git a/tests/utimensat64-0.c b/tests/utimensat64-0.c
new file mode 100644
index 0000000..bbacef5
--- /dev/null
+++ b/tests/utimensat64-0.c
@@ -0,0 +1,3 @@
+#define _TIME_BITS 64
+#define _FILE_OFFSET_BITS 64
+#include "utimensat-0.c"

diff --git a/tests/utimensat64-1.sh b/tests/utimensat64-1.sh
new file mode 100755
index 0000000..2aebc5f
--- /dev/null
+++ b/tests/utimensat64-1.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+# basic functionality check
+
+addwrite $PWD
+
+touch -r / file || exit 1
+utimensat64-0 0 AT_FDCWD . NULL 0 || exit 1
+utimensat64-0 0 AT_FDCWD file NULL 0 || exit 1
+[ file -nt / ]

diff --git a/tests/utimensat64.at b/tests/utimensat64.at
new file mode 100644
index 0000000..081d7d2
--- /dev/null
+++ b/tests/utimensat64.at
@@ -0,0 +1 @@
+SB_CHECK(1)

diff --git a/tests/utimensat64_static-0.c b/tests/utimensat64_static-0.c
new file mode 100644
index 0000000..73e7602
--- /dev/null
+++ b/tests/utimensat64_static-0.c
@@ -0,0 +1 @@
+#include "utimensat64-0.c"

diff --git a/tests/utimensat64_static-1.sh b/tests/utimensat64_static-1.sh
new file mode 100755
index 0000000..7b0355c
--- /dev/null
+++ b/tests/utimensat64_static-1.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+# basic functionality check
+[ "${at_xfail}" = "yes" ] && exit 77 # see trace-0
+
+addwrite $PWD
+
+touch -r / file || exit 1
+utimensat64_static-0 0 AT_FDCWD . NULL 0 || exit 1
+utimensat64_static-0 0 AT_FDCWD file NULL 0 || exit 1
+[ file -nt / ]

diff --git a/tests/utimensat64_static.at b/tests/utimensat64_static.at
new file mode 100644
index 0000000..081d7d2
--- /dev/null
+++ b/tests/utimensat64_static.at
@@ -0,0 +1 @@
+SB_CHECK(1)


^ permalink raw reply related	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2025-01-14  4:38 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-12-22  3:49 [gentoo-commits] proj/sandbox:stable-2.x commit in: tests/, libsandbox/, libsandbox/wrapper-funcs/ Mike Gilbert
2025-01-14  4:38 ` [gentoo-commits] proj/sandbox:master commit in: libsandbox/, libsandbox/wrapper-funcs/, tests/ Mike Gilbert
  -- strict thread matches above, loose matches on Subject: below --
2024-12-22  3:41 Mike Gilbert
2021-10-23 22:19 Mike Frysinger

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox