From f2ccefb946c5de69ce6a51c9a8e95024d44c273b Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Mon, 19 Oct 2015 23:26:50 +0200 Subject: [PATCH] setarch: add support for '-R' (disable randomization) This commit adds support for the -R flag of setarch, which disables randomization of the virtual address space. function old new delta setarch_main 115 150 +35 packed_usage 30664 30651 -13 Signed-off-by: Jan Heylen Signed-off-by: Thomas De Schampheleire Signed-off-by: Denys Vlasenko --- include/applets.src.h | 3 --- util-linux/Config.src | 10 -------- util-linux/Kbuild.src | 1 - util-linux/setarch.c | 54 +++++++++++++++++++++++++++++++------------ 4 files changed, 39 insertions(+), 29 deletions(-) diff --git a/include/applets.src.h b/include/applets.src.h index 5b597202e..6e1b02fc3 100644 --- a/include/applets.src.h +++ b/include/applets.src.h @@ -192,8 +192,6 @@ IF_KILLALL5(APPLET_ODDNAME(killall5, kill, BB_DIR_USR_SBIN, BB_SUID_DROP, killal IF_LAST(APPLET(last, BB_DIR_USR_BIN, BB_SUID_DROP)) //IF_LENGTH(APPLET_NOFORK(length, length, BB_DIR_USR_BIN, BB_SUID_DROP, length)) IF_LESS(APPLET(less, BB_DIR_USR_BIN, BB_SUID_DROP)) -IF_SETARCH(APPLET_ODDNAME(linux32, setarch, BB_DIR_BIN, BB_SUID_DROP, linux32)) -IF_SETARCH(APPLET_ODDNAME(linux64, setarch, BB_DIR_BIN, BB_SUID_DROP, linux64)) IF_LN(APPLET_NOEXEC(ln, ln, BB_DIR_BIN, BB_SUID_DROP, ln)) IF_LOAD_POLICY(APPLET(load_policy, BB_DIR_USR_SBIN, BB_SUID_DROP)) IF_LOADFONT(APPLET(loadfont, BB_DIR_USR_SBIN, BB_SUID_DROP)) @@ -274,7 +272,6 @@ IF_SELINUXENABLED(APPLET(selinuxenabled, BB_DIR_USR_SBIN, BB_SUID_DROP)) IF_SENDMAIL(APPLET(sendmail, BB_DIR_USR_SBIN, BB_SUID_DROP)) IF_SEQ(APPLET_NOFORK(seq, seq, BB_DIR_USR_BIN, BB_SUID_DROP, seq)) IF_SESTATUS(APPLET(sestatus, BB_DIR_USR_SBIN, BB_SUID_DROP)) -IF_SETARCH(APPLET(setarch, BB_DIR_BIN, BB_SUID_DROP)) IF_SETCONSOLE(APPLET(setconsole, BB_DIR_SBIN, BB_SUID_DROP)) IF_SETENFORCE(APPLET(setenforce, BB_DIR_USR_SBIN, BB_SUID_DROP)) IF_SETFILES(APPLET(setfiles, BB_DIR_SBIN, BB_SUID_DROP)) diff --git a/util-linux/Config.src b/util-linux/Config.src index 854b3682e..922cabdb8 100644 --- a/util-linux/Config.src +++ b/util-linux/Config.src @@ -489,16 +489,6 @@ config SCRIPTREPLAY This program replays a typescript, using timing information given by script -t. -config SETARCH - bool "setarch" - default y - select PLATFORM_LINUX - help - The linux32 utility is used to create a 32bit environment for the - specified program (usually a shell). It only makes sense to have - this util on a system that supports both 64bit and 32bit userland - (like amd64/x86, ppc64/ppc, sparc64/sparc, etc...). - config SWAPONOFF bool "swaponoff" default y diff --git a/util-linux/Kbuild.src b/util-linux/Kbuild.src index 468fc6bc1..0b87c52ac 100644 --- a/util-linux/Kbuild.src +++ b/util-linux/Kbuild.src @@ -40,7 +40,6 @@ lib-$(CONFIG_READPROFILE) += readprofile.o lib-$(CONFIG_RTCWAKE) += rtcwake.o lib-$(CONFIG_SCRIPT) += script.o lib-$(CONFIG_SCRIPTREPLAY) += scriptreplay.o -lib-$(CONFIG_SETARCH) += setarch.o lib-$(CONFIG_SWAPONOFF) += swaponoff.o lib-$(CONFIG_SWITCH_ROOT) += switch_root.o lib-$(CONFIG_UMOUNT) += umount.o diff --git a/util-linux/setarch.c b/util-linux/setarch.c index 7b9421af1..2e989ec2a 100644 --- a/util-linux/setarch.c +++ b/util-linux/setarch.c @@ -6,13 +6,30 @@ * * Licensed under GPLv2 or later, see file LICENSE in this source tree. */ +//config:config SETARCH +//config: bool "setarch" +//config: default y +//config: select PLATFORM_LINUX +//config: help +//config: The linux32 utility is used to create a 32bit environment for the +//config: specified program (usually a shell). It only makes sense to have +//config: this util on a system that supports both 64bit and 32bit userland +//config: (like amd64/x86, ppc64/ppc, sparc64/sparc, etc...). + +//applet:IF_SETARCH(APPLET(setarch, BB_DIR_BIN, BB_SUID_DROP)) +//applet:IF_SETARCH(APPLET_ODDNAME(linux32, setarch, BB_DIR_BIN, BB_SUID_DROP, linux32)) +//applet:IF_SETARCH(APPLET_ODDNAME(linux64, setarch, BB_DIR_BIN, BB_SUID_DROP, linux64)) + +//kbuild:lib-$(CONFIG_SETARCH) += setarch.o //usage:#define setarch_trivial_usage -//usage: "personality PROG ARGS" +//usage: "PERSONALITY [-R] PROG ARGS" //usage:#define setarch_full_usage "\n\n" -//usage: "Personality may be:\n" -//usage: " linux32 Set 32bit uname emulation\n" -//usage: " linux64 Set 64bit uname emulation" +//usage: "PERSONALITY may be:" +//usage: "\n"" linux32 Set 32bit uname emulation" +//usage: "\n"" linux64 Set 64bit uname emulation" +//usage: "\n" +//usage: "\n"" -R Disable address space randomization" //usage: //usage:#define linux32_trivial_usage NOUSAGE_STR //usage:#define linux32_full_usage "" @@ -20,14 +37,18 @@ //usage:#define linux64_trivial_usage NOUSAGE_STR //usage:#define linux64_full_usage "" +#include "libbb.h" #include -#include "libbb.h" +#ifndef ADDR_NO_RANDOMIZE +# define ADDR_NO_RANDOMIZE 0x0040000 +#endif int setarch_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; int setarch_main(int argc UNUSED_PARAM, char **argv) { - int pers; + unsigned opts; + unsigned long pers; /* Figure out what personality we are supposed to switch to ... * we can be invoked as either: @@ -35,7 +56,7 @@ int setarch_main(int argc UNUSED_PARAM, char **argv) * argv[0] == "personality" */ if (ENABLE_SETARCH && applet_name[0] == 's' - && argv[1] && strncpy(argv[1], "linux", 5) + && argv[1] && is_prefixed_with(argv[1], "linux") ) { applet_name = argv[1]; argv++; @@ -47,15 +68,18 @@ int setarch_main(int argc UNUSED_PARAM, char **argv) else bb_show_usage(); - argv++; - if (argv[0] == NULL) - bb_show_usage(); + opts = getopt32(argv, "+R"); /* '+': stop at first non-option */ + if (opts) + pers |= ADDR_NO_RANDOMIZE; /* Try to set personality */ - if (personality(pers) >= 0) { - /* Try to execute the program */ - BB_EXECVP(argv[0], argv); - } + if (personality(pers) < 0) + bb_perror_msg_and_die("personality(0x%lx)", pers); - bb_simple_perror_msg_and_die(argv[0]); + argv += optind; + if (!argv[0]) + (--argv)[0] = (char*)"/bin/sh"; + + /* Try to execute the program */ + BB_EXECVP_or_die(argv); }