From: "Anthony G. Basile" <blueness@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/elfix:elfix-0.2.x commit in: poc/
Date: Sat, 8 Oct 2011 18:54:06 +0000 (UTC) [thread overview]
Message-ID: <bf4b2cc848059249198e54091c8e6ebafdd9ec55.blueness@gentoo> (raw)
commit: bf4b2cc848059249198e54091c8e6ebafdd9ec55
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Tue Sep 27 23:35:05 2011 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sat Oct 8 18:53:27 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/elfix.git;a=commit;h=bf4b2cc8
poc/paxctl-xattr.c: first working version
---
poc/paxctl-xattr.c | 270 +++++++++++++++++++++++++++-------------------------
1 files changed, 140 insertions(+), 130 deletions(-)
diff --git a/poc/paxctl-xattr.c b/poc/paxctl-xattr.c
index 5040f80..2232631 100644
--- a/poc/paxctl-xattr.c
+++ b/poc/paxctl-xattr.c
@@ -155,41 +155,50 @@ parse_cmd_args(int c, char *v[], int *pax_flags, int *view_flags)
}
-#define BUF_SIZE 7
-void
-print_flags(int fd)
+uint16_t
+read_flags(int fd)
{
- char xt_buf[BUF_SIZE];
- uint16_t xt_flags;
+ //UINT16_MAX is an invalid value
+ uint16_t xt_flags = UINT16_MAX;
- static ssize_t vsize = 1024;
- static char *value = NULL;
- ssize_t i, vret = -1;
+ if(fgetxattr(fd, PAX_NAMESPACE, &xt_flags, sizeof(uint16_t)) == -1)
+ {
+ //xattrs is supported, PAX_NAMESPACE is present, but it is the wrong size
+ if(errno == ERANGE)
+ {
+ printf("XT_PAX: malformed flags found\n");
+ //FIXME remove the user.pax field
+ xt_flags = 0;
+ }
- memset(xt_buf, 0, BUF_SIZE);
- value = malloc(vsize);
+ //xattrs is supported, PAX_NAMESPACE is not present
+ if(errno == ENOATTR)
+ {
+ printf("XT_PAX: not found\n");
+ xt_flags = 0;
+ }
- //If at first we don't succeed, grow buffer size
- while(((vret = fgetxattr(fd, PAX_NAMESPACE, value, vsize)) == -1) && (errno == ERANGE))
- {
- vsize <<= 1;
- value = realloc(value, vsize);
+ //xattrs is not supported
+ if(errno == ENOTSUP)
+ printf("XT_PAX: extended attribute not supported\n");
}
- if(errno == ENOATTR)
- {
- printf("XT_PAX: not found or permission denied\n");
- return;
- }
+ return xt_flags;
+}
- if(errno == ENOTSUP)
- {
- printf("XT_PAX: extended attribute not supported\n");
- return;
- }
- xt_flags = (uint16_t)value[0];
- xt_flags = xt_flags << 8 + value[1];
+#define BUF_SIZE 7
+void
+print_flags(int fd)
+{
+ uint16_t xt_flags;
+ char xt_buf[BUF_SIZE];
+
+ memset(xt_buf, 0, BUF_SIZE);
+
+ //If an invalid value is returned, then skip this
+ if((xt_flags = read_flags(fd)) == UINT16_MAX)
+ return ;
xt_buf[0] = xt_flags & PF_PAGEEXEC ? 'P' :
xt_flags & PF_NOPAGEEXEC ? 'p' : '-' ;
@@ -218,118 +227,119 @@ set_flags(int fd, int *pax_flags)
{
uint16_t xt_flags;
- //int fsetxattr(int fd, const char *name, const void *value, size_t size, int flags);
+ //If an invalid value is returned, then skip this
+ if((xt_flags = read_flags(fd)) == UINT16_MAX)
+ return ;
- /*
- if( / DOME xattrs is supported / )
+ //PAGEEXEC
+ if(*pax_flags & PF_PAGEEXEC)
{
- //PAGEEXEC
- if(*pax_flags & PF_PAGEEXEC)
- {
- phdr.p_flags |= PF_PAGEEXEC;
- phdr.p_flags &= ~PF_NOPAGEEXEC;
- }
- if(*pax_flags & PF_NOPAGEEXEC)
- {
- phdr.p_flags &= ~PF_PAGEEXEC;
- phdr.p_flags |= PF_NOPAGEEXEC;
- }
- if((*pax_flags & PF_PAGEEXEC) && (*pax_flags & PF_NOPAGEEXEC))
- {
- phdr.p_flags &= ~PF_PAGEEXEC;
- phdr.p_flags &= ~PF_NOPAGEEXEC;
- }
+ xt_flags |= PF_PAGEEXEC;
+ xt_flags &= ~PF_NOPAGEEXEC;
+ }
+ if(*pax_flags & PF_NOPAGEEXEC)
+ {
+ xt_flags &= ~PF_PAGEEXEC;
+ xt_flags |= PF_NOPAGEEXEC;
+ }
+ if((*pax_flags & PF_PAGEEXEC) && (*pax_flags & PF_NOPAGEEXEC))
+ {
+ xt_flags &= ~PF_PAGEEXEC;
+ xt_flags &= ~PF_NOPAGEEXEC;
+ }
- //SEGMEXEC
- if(*pax_flags & PF_SEGMEXEC)
- {
- phdr.p_flags |= PF_SEGMEXEC;
- phdr.p_flags &= ~PF_NOSEGMEXEC;
- }
- if(*pax_flags & PF_NOSEGMEXEC)
- {
- phdr.p_flags &= ~PF_SEGMEXEC;
- phdr.p_flags |= PF_NOSEGMEXEC;
- }
- if((*pax_flags & PF_SEGMEXEC) && (*pax_flags & PF_NOSEGMEXEC))
- {
- phdr.p_flags &= ~PF_SEGMEXEC;
- phdr.p_flags &= ~PF_NOSEGMEXEC;
- }
+ //SEGMEXEC
+ if(*pax_flags & PF_SEGMEXEC)
+ {
+ xt_flags |= PF_SEGMEXEC;
+ xt_flags &= ~PF_NOSEGMEXEC;
+ }
+ if(*pax_flags & PF_NOSEGMEXEC)
+ {
+ xt_flags &= ~PF_SEGMEXEC;
+ xt_flags |= PF_NOSEGMEXEC;
+ }
+ if((*pax_flags & PF_SEGMEXEC) && (*pax_flags & PF_NOSEGMEXEC))
+ {
+ xt_flags &= ~PF_SEGMEXEC;
+ xt_flags &= ~PF_NOSEGMEXEC;
+ }
- //MPROTECT
- if(*pax_flags & PF_MPROTECT)
- {
- phdr.p_flags |= PF_MPROTECT;
- phdr.p_flags &= ~PF_NOMPROTECT;
- }
- if(*pax_flags & PF_NOMPROTECT)
- {
- phdr.p_flags &= ~PF_MPROTECT;
- phdr.p_flags |= PF_NOMPROTECT;
- }
- if((*pax_flags & PF_MPROTECT) && (*pax_flags & PF_NOMPROTECT))
- {
- phdr.p_flags &= ~PF_MPROTECT;
- phdr.p_flags &= ~PF_NOMPROTECT;
- }
+ //MPROTECT
+ if(*pax_flags & PF_MPROTECT)
+ {
+ xt_flags |= PF_MPROTECT;
+ xt_flags &= ~PF_NOMPROTECT;
+ }
+ if(*pax_flags & PF_NOMPROTECT)
+ {
+ xt_flags &= ~PF_MPROTECT;
+ xt_flags |= PF_NOMPROTECT;
+ }
+ if((*pax_flags & PF_MPROTECT) && (*pax_flags & PF_NOMPROTECT))
+ {
+ xt_flags &= ~PF_MPROTECT;
+ xt_flags &= ~PF_NOMPROTECT;
+ }
- //EMUTRAMP
- if(*pax_flags & PF_EMUTRAMP)
- {
- phdr.p_flags |= PF_EMUTRAMP;
- phdr.p_flags &= ~PF_NOEMUTRAMP;
- }
- if(*pax_flags & PF_NOEMUTRAMP)
- {
- phdr.p_flags &= ~PF_EMUTRAMP;
- phdr.p_flags |= PF_NOEMUTRAMP;
- }
- if((*pax_flags & PF_EMUTRAMP) && (*pax_flags & PF_NOEMUTRAMP))
- {
- phdr.p_flags &= ~PF_EMUTRAMP;
- phdr.p_flags &= ~PF_NOEMUTRAMP;
- }
+ //EMUTRAMP
+ if(*pax_flags & PF_EMUTRAMP)
+ {
+ xt_flags |= PF_EMUTRAMP;
+ xt_flags &= ~PF_NOEMUTRAMP;
+ }
+ if(*pax_flags & PF_NOEMUTRAMP)
+ {
+ xt_flags &= ~PF_EMUTRAMP;
+ xt_flags |= PF_NOEMUTRAMP;
+ }
+ if((*pax_flags & PF_EMUTRAMP) && (*pax_flags & PF_NOEMUTRAMP))
+ {
+ xt_flags &= ~PF_EMUTRAMP;
+ xt_flags &= ~PF_NOEMUTRAMP;
+ }
- //RANDMMAP
- if(*pax_flags & PF_RANDMMAP)
- {
- phdr.p_flags |= PF_RANDMMAP;
- phdr.p_flags &= ~PF_NORANDMMAP;
- }
- if(*pax_flags & PF_NORANDMMAP)
- {
- phdr.p_flags &= ~PF_RANDMMAP;
- phdr.p_flags |= PF_NORANDMMAP;
- }
- if((*pax_flags & PF_RANDMMAP) && (*pax_flags & PF_NORANDMMAP))
- {
- phdr.p_flags &= ~PF_RANDMMAP;
- phdr.p_flags &= ~PF_NORANDMMAP;
- }
+ //RANDMMAP
+ if(*pax_flags & PF_RANDMMAP)
+ {
+ xt_flags |= PF_RANDMMAP;
+ xt_flags &= ~PF_NORANDMMAP;
+ }
+ if(*pax_flags & PF_NORANDMMAP)
+ {
+ xt_flags &= ~PF_RANDMMAP;
+ xt_flags |= PF_NORANDMMAP;
+ }
+ if((*pax_flags & PF_RANDMMAP) && (*pax_flags & PF_NORANDMMAP))
+ {
+ xt_flags &= ~PF_RANDMMAP;
+ xt_flags &= ~PF_NORANDMMAP;
+ }
- //RANDEXEC
- if(*pax_flags & PF_RANDEXEC)
- {
- phdr.p_flags |= PF_RANDEXEC;
- phdr.p_flags &= ~PF_NORANDEXEC;
- }
- if(*pax_flags & PF_NORANDEXEC)
- {
- phdr.p_flags &= ~PF_RANDEXEC;
- phdr.p_flags |= PF_NORANDEXEC;
- }
- if((*pax_flags & PF_RANDEXEC) && (*pax_flags & PF_NORANDEXEC))
- {
- phdr.p_flags &= ~PF_RANDEXEC;
- phdr.p_flags &= ~PF_NORANDEXEC;
- }
+ //RANDEXEC
+ if(*pax_flags & PF_RANDEXEC)
+ {
+ xt_flags |= PF_RANDEXEC;
+ xt_flags &= ~PF_NORANDEXEC;
+ }
+ if(*pax_flags & PF_NORANDEXEC)
+ {
+ xt_flags &= ~PF_RANDEXEC;
+ xt_flags |= PF_NORANDEXEC;
+ }
+ if((*pax_flags & PF_RANDEXEC) && (*pax_flags & PF_NORANDEXEC))
+ {
+ xt_flags &= ~PF_RANDEXEC;
+ xt_flags &= ~PF_NORANDEXEC;
+ }
- / update xattr /
+ if(fsetxattr(fd, PAX_NAMESPACE, &xt_flags, sizeof(uint16_t), 0) == -1)
+ {
+ if(errno == ENOSPC || errno == EDQUOT)
+ printf("XT_PAX: cannot store xt_flags\n");
+ if(errno == ENOTSUP)
+ printf("XT_PAX: extended attribute not supported\n");
}
- else
- printf("XT_PAX: not found\n");
- */
}
next reply other threads:[~2011-10-08 18:55 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-08 18:54 Anthony G. Basile [this message]
-- strict thread matches above, loose matches on Subject: below --
2011-10-08 18:54 [gentoo-commits] proj/elfix:elfix-0.2.x commit in: poc/ Anthony G. Basile
2011-10-08 18:54 Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bf4b2cc848059249198e54091c8e6ebafdd9ec55.blueness@gentoo \
--to=blueness@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox