import strace-5.18-2.el9
This commit is contained in:
parent
f4c4a32909
commit
b11ca3663b
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
|||||||
SOURCES/strace-5.13.tar.xz
|
SOURCES/strace-5.18.tar.xz
|
||||||
|
@ -1 +1 @@
|
|||||||
0f48c474de7d34009d3455f589efe790d24050b5 SOURCES/strace-5.13.tar.xz
|
e038ea9fc29366ce6119cde27d8cf16ac554a353 SOURCES/strace-5.18.tar.xz
|
||||||
|
@ -1,378 +0,0 @@
|
|||||||
From 9aada05f4c7f95220a5b16416f530419db6b4dff Mon Sep 17 00:00:00 2001
|
|
||||||
From: "Dmitry V. Levin" <ldv@strace.io>
|
|
||||||
Date: Fri, 23 Jul 2021 08:00:00 +0000
|
|
||||||
Subject: [PATCH] tests: change sockopt-timestamp test to use
|
|
||||||
syscall(__NR_recvmsg)
|
|
||||||
|
|
||||||
Since the glibc recvmsg wrapper became unsuitable for our needs,
|
|
||||||
invoke __NR_recvmsg syscall directly.
|
|
||||||
|
|
||||||
* tests/sockopt-timestamp.c: Include "scno.h" and <errno.h>,
|
|
||||||
conditionalize on __NR_recvmsg.
|
|
||||||
(TEST_OLD_SCM_TIMESTAMPS): Remove.
|
|
||||||
(k_recvmsg): New function.
|
|
||||||
(test_sockopt): Use it instead of recvmsg.
|
|
||||||
---
|
|
||||||
tests/sockopt-timestamp.c | 72 ++++++++++++++++++++++-------------------------
|
|
||||||
1 file changed, 34 insertions(+), 38 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/tests/sockopt-timestamp.c b/tests/sockopt-timestamp.c
|
|
||||||
index 56627bb..ed73ca1 100644
|
|
||||||
--- a/tests/sockopt-timestamp.c
|
|
||||||
+++ b/tests/sockopt-timestamp.c
|
|
||||||
@@ -9,44 +9,45 @@
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include "tests.h"
|
|
||||||
-#include <stdio.h>
|
|
||||||
-#include <string.h>
|
|
||||||
-#include <unistd.h>
|
|
||||||
-#include <sys/socket.h>
|
|
||||||
-
|
|
||||||
-#if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
|
|
||||||
- || defined HAVE_STRUCT___KERNEL_TIMESPEC
|
|
||||||
-# include <linux/time_types.h>
|
|
||||||
-#endif
|
|
||||||
+#include "scno.h"
|
|
||||||
|
|
||||||
-#include "kernel_timeval.h"
|
|
||||||
-#include "kernel_old_timespec.h"
|
|
||||||
+#ifdef __NR_recvmsg
|
|
||||||
|
|
||||||
-#define XLAT_MACROS_ONLY
|
|
||||||
-# include "xlat/sock_options.h"
|
|
||||||
-#undef XLAT_MACROS_ONLY
|
|
||||||
+# include <errno.h>
|
|
||||||
+# include <stdio.h>
|
|
||||||
+# include <string.h>
|
|
||||||
+# include <unistd.h>
|
|
||||||
+# include <sys/socket.h>
|
|
||||||
|
|
||||||
-#undef TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
+# if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
|
|
||||||
+ || defined HAVE_STRUCT___KERNEL_TIMESPEC
|
|
||||||
+# include <linux/time_types.h>
|
|
||||||
+# endif
|
|
||||||
|
|
||||||
-/*
|
|
||||||
- * Sadly, starting with commit
|
|
||||||
- * glibc-2.33.9000-707-g13c51549e2077f2f3bf84e8fd0b46d8b0c615912, on every
|
|
||||||
- * 32-bit architecture where 32-bit time_t support is enabled,
|
|
||||||
- * glibc mangles old scm timestamps.
|
|
||||||
- */
|
|
||||||
-#if GLIBC_PREREQ_GE(2, 33) && defined __TIMESIZE && __TIMESIZE != 64
|
|
||||||
-# define TEST_OLD_SCM_TIMESTAMPS 0
|
|
||||||
-#endif
|
|
||||||
+# include "kernel_timeval.h"
|
|
||||||
+# include "kernel_old_timespec.h"
|
|
||||||
|
|
||||||
-#ifndef TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
-# define TEST_OLD_SCM_TIMESTAMPS 1
|
|
||||||
-#endif
|
|
||||||
+# define XLAT_MACROS_ONLY
|
|
||||||
+# include "xlat/sock_options.h"
|
|
||||||
+# undef XLAT_MACROS_ONLY
|
|
||||||
|
|
||||||
-#if TEST_OLD_SCM_TIMESTAMPS \
|
|
||||||
- || defined HAVE_STRUCT___KERNEL_TIMESPEC \
|
|
||||||
- || defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
|
|
||||||
+static const char *errstr;
|
|
||||||
+
|
|
||||||
+static long
|
|
||||||
+k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags)
|
|
||||||
+{
|
|
||||||
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
|
|
||||||
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
|
|
||||||
+ const kernel_ulong_t arg1 = fill | fd;
|
|
||||||
+ const kernel_ulong_t arg2 = (uintptr_t) ptr;
|
|
||||||
+ const kernel_ulong_t arg3 = fill | flags;
|
|
||||||
+ const long rc = syscall(__NR_recvmsg, arg1, arg2, arg3, bad, bad, bad);
|
|
||||||
+ if (rc && errno == ENOSYS)
|
|
||||||
+ perror_msg_and_skip("recvmsg");
|
|
||||||
+ errstr = sprintrc(rc);
|
|
||||||
+ return rc;
|
|
||||||
+}
|
|
||||||
|
|
||||||
-# if TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
static void
|
|
||||||
print_timestamp_old(const struct cmsghdr *c)
|
|
||||||
{
|
|
||||||
@@ -84,7 +85,6 @@ print_timestampns_old(const struct cmsghdr *c)
|
|
||||||
printf("{tv_sec=%lld, tv_nsec=%lld}",
|
|
||||||
(long long) ts.tv_sec, (long long) ts.tv_nsec);
|
|
||||||
}
|
|
||||||
-# endif /* TEST_OLD_SCM_TIMESTAMPS */
|
|
||||||
|
|
||||||
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
|
|
||||||
static void
|
|
||||||
@@ -162,7 +162,7 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
|
|
||||||
.msg_controllen = sizeof(control)
|
|
||||||
};
|
|
||||||
|
|
||||||
- if (recvmsg(sv[0], &mh, 0) != (int) size)
|
|
||||||
+ if (k_recvmsg(sv[0], &mh, 0) != (int) size)
|
|
||||||
perror_msg_and_fail("recvmsg");
|
|
||||||
if (close(sv[0]))
|
|
||||||
perror_msg_and_fail("close recv");
|
|
||||||
@@ -210,10 +210,8 @@ main(void)
|
|
||||||
const char *str;
|
|
||||||
void (*fun)(const struct cmsghdr *);
|
|
||||||
} tests[] = {
|
|
||||||
-# if TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
{ SO_TIMESTAMP_OLD, "SO_TIMESTAMP_OLD", print_timestamp_old },
|
|
||||||
{ SO_TIMESTAMPNS_OLD, "SO_TIMESTAMPNS_OLD", print_timestampns_old },
|
|
||||||
-# endif
|
|
||||||
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
|
|
||||||
{ SO_TIMESTAMP_NEW, "SO_TIMESTAMP_NEW", print_timestamp_new },
|
|
||||||
# endif
|
|
||||||
@@ -235,8 +233,6 @@ main(void)
|
|
||||||
|
|
||||||
#else
|
|
||||||
|
|
||||||
-SKIP_MAIN_UNDEFINED("TEST_OLD_SCM_TIMESTAMPS"
|
|
||||||
- " || HAVE_STRUCT___KERNEL_TIMESPEC"
|
|
||||||
- " || HAVE_STRUCT___KERNEL_SOCK_TIMEVAL")
|
|
||||||
+SKIP_MAIN_UNDEFINED("__NR_recvmsg")
|
|
||||||
|
|
||||||
#endif
|
|
||||||
diff --git a/tests-m32/sockopt-timestamp.c b/tests-m32/sockopt-timestamp.c
|
|
||||||
index 56627bb..ed73ca1 100644
|
|
||||||
--- a/tests-m32/sockopt-timestamp.c
|
|
||||||
+++ b/tests-m32/sockopt-timestamp.c
|
|
||||||
@@ -9,44 +9,45 @@
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include "tests.h"
|
|
||||||
-#include <stdio.h>
|
|
||||||
-#include <string.h>
|
|
||||||
-#include <unistd.h>
|
|
||||||
-#include <sys/socket.h>
|
|
||||||
-
|
|
||||||
-#if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
|
|
||||||
- || defined HAVE_STRUCT___KERNEL_TIMESPEC
|
|
||||||
-# include <linux/time_types.h>
|
|
||||||
-#endif
|
|
||||||
+#include "scno.h"
|
|
||||||
|
|
||||||
-#include "kernel_timeval.h"
|
|
||||||
-#include "kernel_old_timespec.h"
|
|
||||||
+#ifdef __NR_recvmsg
|
|
||||||
|
|
||||||
-#define XLAT_MACROS_ONLY
|
|
||||||
-# include "xlat/sock_options.h"
|
|
||||||
-#undef XLAT_MACROS_ONLY
|
|
||||||
+# include <errno.h>
|
|
||||||
+# include <stdio.h>
|
|
||||||
+# include <string.h>
|
|
||||||
+# include <unistd.h>
|
|
||||||
+# include <sys/socket.h>
|
|
||||||
|
|
||||||
-#undef TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
+# if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
|
|
||||||
+ || defined HAVE_STRUCT___KERNEL_TIMESPEC
|
|
||||||
+# include <linux/time_types.h>
|
|
||||||
+# endif
|
|
||||||
|
|
||||||
-/*
|
|
||||||
- * Sadly, starting with commit
|
|
||||||
- * glibc-2.33.9000-707-g13c51549e2077f2f3bf84e8fd0b46d8b0c615912, on every
|
|
||||||
- * 32-bit architecture where 32-bit time_t support is enabled,
|
|
||||||
- * glibc mangles old scm timestamps.
|
|
||||||
- */
|
|
||||||
-#if GLIBC_PREREQ_GE(2, 33) && defined __TIMESIZE && __TIMESIZE != 64
|
|
||||||
-# define TEST_OLD_SCM_TIMESTAMPS 0
|
|
||||||
-#endif
|
|
||||||
+# include "kernel_timeval.h"
|
|
||||||
+# include "kernel_old_timespec.h"
|
|
||||||
|
|
||||||
-#ifndef TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
-# define TEST_OLD_SCM_TIMESTAMPS 1
|
|
||||||
-#endif
|
|
||||||
+# define XLAT_MACROS_ONLY
|
|
||||||
+# include "xlat/sock_options.h"
|
|
||||||
+# undef XLAT_MACROS_ONLY
|
|
||||||
|
|
||||||
-#if TEST_OLD_SCM_TIMESTAMPS \
|
|
||||||
- || defined HAVE_STRUCT___KERNEL_TIMESPEC \
|
|
||||||
- || defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
|
|
||||||
+static const char *errstr;
|
|
||||||
+
|
|
||||||
+static long
|
|
||||||
+k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags)
|
|
||||||
+{
|
|
||||||
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
|
|
||||||
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
|
|
||||||
+ const kernel_ulong_t arg1 = fill | fd;
|
|
||||||
+ const kernel_ulong_t arg2 = (uintptr_t) ptr;
|
|
||||||
+ const kernel_ulong_t arg3 = fill | flags;
|
|
||||||
+ const long rc = syscall(__NR_recvmsg, arg1, arg2, arg3, bad, bad, bad);
|
|
||||||
+ if (rc && errno == ENOSYS)
|
|
||||||
+ perror_msg_and_skip("recvmsg");
|
|
||||||
+ errstr = sprintrc(rc);
|
|
||||||
+ return rc;
|
|
||||||
+}
|
|
||||||
|
|
||||||
-# if TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
static void
|
|
||||||
print_timestamp_old(const struct cmsghdr *c)
|
|
||||||
{
|
|
||||||
@@ -84,7 +85,6 @@ print_timestampns_old(const struct cmsghdr *c)
|
|
||||||
printf("{tv_sec=%lld, tv_nsec=%lld}",
|
|
||||||
(long long) ts.tv_sec, (long long) ts.tv_nsec);
|
|
||||||
}
|
|
||||||
-# endif /* TEST_OLD_SCM_TIMESTAMPS */
|
|
||||||
|
|
||||||
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
|
|
||||||
static void
|
|
||||||
@@ -162,7 +162,7 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
|
|
||||||
.msg_controllen = sizeof(control)
|
|
||||||
};
|
|
||||||
|
|
||||||
- if (recvmsg(sv[0], &mh, 0) != (int) size)
|
|
||||||
+ if (k_recvmsg(sv[0], &mh, 0) != (int) size)
|
|
||||||
perror_msg_and_fail("recvmsg");
|
|
||||||
if (close(sv[0]))
|
|
||||||
perror_msg_and_fail("close recv");
|
|
||||||
@@ -210,10 +210,8 @@ main(void)
|
|
||||||
const char *str;
|
|
||||||
void (*fun)(const struct cmsghdr *);
|
|
||||||
} tests[] = {
|
|
||||||
-# if TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
{ SO_TIMESTAMP_OLD, "SO_TIMESTAMP_OLD", print_timestamp_old },
|
|
||||||
{ SO_TIMESTAMPNS_OLD, "SO_TIMESTAMPNS_OLD", print_timestampns_old },
|
|
||||||
-# endif
|
|
||||||
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
|
|
||||||
{ SO_TIMESTAMP_NEW, "SO_TIMESTAMP_NEW", print_timestamp_new },
|
|
||||||
# endif
|
|
||||||
@@ -235,8 +233,6 @@ main(void)
|
|
||||||
|
|
||||||
#else
|
|
||||||
|
|
||||||
-SKIP_MAIN_UNDEFINED("TEST_OLD_SCM_TIMESTAMPS"
|
|
||||||
- " || HAVE_STRUCT___KERNEL_TIMESPEC"
|
|
||||||
- " || HAVE_STRUCT___KERNEL_SOCK_TIMEVAL")
|
|
||||||
+SKIP_MAIN_UNDEFINED("__NR_recvmsg")
|
|
||||||
|
|
||||||
#endif
|
|
||||||
diff --git a/tests-mx32/sockopt-timestamp.c b/tests-mx32/sockopt-timestamp.c
|
|
||||||
index 56627bb..ed73ca1 100644
|
|
||||||
--- a/tests-mx32/sockopt-timestamp.c
|
|
||||||
+++ b/tests-mx32/sockopt-timestamp.c
|
|
||||||
@@ -9,44 +9,45 @@
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include "tests.h"
|
|
||||||
-#include <stdio.h>
|
|
||||||
-#include <string.h>
|
|
||||||
-#include <unistd.h>
|
|
||||||
-#include <sys/socket.h>
|
|
||||||
-
|
|
||||||
-#if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
|
|
||||||
- || defined HAVE_STRUCT___KERNEL_TIMESPEC
|
|
||||||
-# include <linux/time_types.h>
|
|
||||||
-#endif
|
|
||||||
+#include "scno.h"
|
|
||||||
|
|
||||||
-#include "kernel_timeval.h"
|
|
||||||
-#include "kernel_old_timespec.h"
|
|
||||||
+#ifdef __NR_recvmsg
|
|
||||||
|
|
||||||
-#define XLAT_MACROS_ONLY
|
|
||||||
-# include "xlat/sock_options.h"
|
|
||||||
-#undef XLAT_MACROS_ONLY
|
|
||||||
+# include <errno.h>
|
|
||||||
+# include <stdio.h>
|
|
||||||
+# include <string.h>
|
|
||||||
+# include <unistd.h>
|
|
||||||
+# include <sys/socket.h>
|
|
||||||
|
|
||||||
-#undef TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
+# if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
|
|
||||||
+ || defined HAVE_STRUCT___KERNEL_TIMESPEC
|
|
||||||
+# include <linux/time_types.h>
|
|
||||||
+# endif
|
|
||||||
|
|
||||||
-/*
|
|
||||||
- * Sadly, starting with commit
|
|
||||||
- * glibc-2.33.9000-707-g13c51549e2077f2f3bf84e8fd0b46d8b0c615912, on every
|
|
||||||
- * 32-bit architecture where 32-bit time_t support is enabled,
|
|
||||||
- * glibc mangles old scm timestamps.
|
|
||||||
- */
|
|
||||||
-#if GLIBC_PREREQ_GE(2, 33) && defined __TIMESIZE && __TIMESIZE != 64
|
|
||||||
-# define TEST_OLD_SCM_TIMESTAMPS 0
|
|
||||||
-#endif
|
|
||||||
+# include "kernel_timeval.h"
|
|
||||||
+# include "kernel_old_timespec.h"
|
|
||||||
|
|
||||||
-#ifndef TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
-# define TEST_OLD_SCM_TIMESTAMPS 1
|
|
||||||
-#endif
|
|
||||||
+# define XLAT_MACROS_ONLY
|
|
||||||
+# include "xlat/sock_options.h"
|
|
||||||
+# undef XLAT_MACROS_ONLY
|
|
||||||
|
|
||||||
-#if TEST_OLD_SCM_TIMESTAMPS \
|
|
||||||
- || defined HAVE_STRUCT___KERNEL_TIMESPEC \
|
|
||||||
- || defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
|
|
||||||
+static const char *errstr;
|
|
||||||
+
|
|
||||||
+static long
|
|
||||||
+k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags)
|
|
||||||
+{
|
|
||||||
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
|
|
||||||
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
|
|
||||||
+ const kernel_ulong_t arg1 = fill | fd;
|
|
||||||
+ const kernel_ulong_t arg2 = (uintptr_t) ptr;
|
|
||||||
+ const kernel_ulong_t arg3 = fill | flags;
|
|
||||||
+ const long rc = syscall(__NR_recvmsg, arg1, arg2, arg3, bad, bad, bad);
|
|
||||||
+ if (rc && errno == ENOSYS)
|
|
||||||
+ perror_msg_and_skip("recvmsg");
|
|
||||||
+ errstr = sprintrc(rc);
|
|
||||||
+ return rc;
|
|
||||||
+}
|
|
||||||
|
|
||||||
-# if TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
static void
|
|
||||||
print_timestamp_old(const struct cmsghdr *c)
|
|
||||||
{
|
|
||||||
@@ -84,7 +85,6 @@ print_timestampns_old(const struct cmsghdr *c)
|
|
||||||
printf("{tv_sec=%lld, tv_nsec=%lld}",
|
|
||||||
(long long) ts.tv_sec, (long long) ts.tv_nsec);
|
|
||||||
}
|
|
||||||
-# endif /* TEST_OLD_SCM_TIMESTAMPS */
|
|
||||||
|
|
||||||
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
|
|
||||||
static void
|
|
||||||
@@ -162,7 +162,7 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
|
|
||||||
.msg_controllen = sizeof(control)
|
|
||||||
};
|
|
||||||
|
|
||||||
- if (recvmsg(sv[0], &mh, 0) != (int) size)
|
|
||||||
+ if (k_recvmsg(sv[0], &mh, 0) != (int) size)
|
|
||||||
perror_msg_and_fail("recvmsg");
|
|
||||||
if (close(sv[0]))
|
|
||||||
perror_msg_and_fail("close recv");
|
|
||||||
@@ -210,10 +210,8 @@ main(void)
|
|
||||||
const char *str;
|
|
||||||
void (*fun)(const struct cmsghdr *);
|
|
||||||
} tests[] = {
|
|
||||||
-# if TEST_OLD_SCM_TIMESTAMPS
|
|
||||||
{ SO_TIMESTAMP_OLD, "SO_TIMESTAMP_OLD", print_timestamp_old },
|
|
||||||
{ SO_TIMESTAMPNS_OLD, "SO_TIMESTAMPNS_OLD", print_timestampns_old },
|
|
||||||
-# endif
|
|
||||||
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
|
|
||||||
{ SO_TIMESTAMP_NEW, "SO_TIMESTAMP_NEW", print_timestamp_new },
|
|
||||||
# endif
|
|
||||||
@@ -235,8 +233,6 @@ main(void)
|
|
||||||
|
|
||||||
#else
|
|
||||||
|
|
||||||
-SKIP_MAIN_UNDEFINED("TEST_OLD_SCM_TIMESTAMPS"
|
|
||||||
- " || HAVE_STRUCT___KERNEL_TIMESPEC"
|
|
||||||
- " || HAVE_STRUCT___KERNEL_SOCK_TIMEVAL")
|
|
||||||
+SKIP_MAIN_UNDEFINED("__NR_recvmsg")
|
|
||||||
|
|
||||||
#endif
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -1,77 +0,0 @@
|
|||||||
From a034f8a50cbe15d250457ed2eefbf9db059f724f Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
||||||
Date: Wed, 18 Aug 2021 21:48:38 +0200
|
|
||||||
Subject: [PATCH 147/150] filter_qualify: free allocated data on the error path
|
|
||||||
exit of parse_poke_token
|
|
||||||
|
|
||||||
While not terribly required due to the fact that issues with option
|
|
||||||
parsing lead to program termination, these changes avoid leaking data
|
|
||||||
allocated in the function's scope and not stored elsewhere, which might
|
|
||||||
come handy if it ever be used dynamically during the runtime.
|
|
||||||
|
|
||||||
This also has been reported as resource leaks by covscan, and these
|
|
||||||
changes should calm it.
|
|
||||||
|
|
||||||
* src/filter_qualify.c (parse_poke_token): Go to err label instead of
|
|
||||||
returning right away; free poke->data, poke, and str_tokenized before
|
|
||||||
returning false.
|
|
||||||
|
|
||||||
References: https://bugzilla.redhat.com/show_bug.cgi?id=1995509
|
|
||||||
---
|
|
||||||
src/filter_qualify.c | 18 ++++++++++++------
|
|
||||||
1 file changed, 12 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/filter_qualify.c b/src/filter_qualify.c
|
|
||||||
index df05496..a1a6471 100644
|
|
||||||
--- a/src/filter_qualify.c
|
|
||||||
+++ b/src/filter_qualify.c
|
|
||||||
@@ -169,34 +169,40 @@ parse_poke_token(const char *input, struct inject_opts *fopts, bool isenter)
|
|
||||||
poke->is_enter = isenter;
|
|
||||||
|
|
||||||
if ((val = STR_STRIP_PREFIX(token, "@arg")) == token)
|
|
||||||
- return false;
|
|
||||||
+ goto err;
|
|
||||||
if ((val[0] >= '1') && (val[0] <= '7')) {
|
|
||||||
poke->arg_no = val[0] - '0';
|
|
||||||
} else {
|
|
||||||
- return false;
|
|
||||||
+ goto err;
|
|
||||||
}
|
|
||||||
if (val[1] != '=')
|
|
||||||
- return false;
|
|
||||||
+ goto err;
|
|
||||||
val += 2;
|
|
||||||
|
|
||||||
data_len = strlen(val);
|
|
||||||
if ((data_len == 0) || (data_len % 2) || (data_len > 2048))
|
|
||||||
- return false;
|
|
||||||
+ goto err;
|
|
||||||
data_len /= 2;
|
|
||||||
poke->data_len = data_len;
|
|
||||||
poke->data = xmalloc(data_len);
|
|
||||||
|
|
||||||
for (size_t i = 0; i < data_len; i++)
|
|
||||||
if (sscanf(&val[2 * i], "%2hhx", &poke->data[i]) != 1)
|
|
||||||
- return false;
|
|
||||||
+ goto err;
|
|
||||||
|
|
||||||
if (poke_add(fopts->data.poke_idx, poke))
|
|
||||||
- return false;
|
|
||||||
+ goto err;
|
|
||||||
}
|
|
||||||
free(str_tokenized);
|
|
||||||
|
|
||||||
fopts->data.flags |= flag;
|
|
||||||
return true;
|
|
||||||
+
|
|
||||||
+err:
|
|
||||||
+ free(poke->data);
|
|
||||||
+ free(poke);
|
|
||||||
+ free(str_tokenized);
|
|
||||||
+ return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
static bool
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -1,70 +0,0 @@
|
|||||||
From 3f3dd44f1964c54b55e8c84343579bd7c1924df5 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
||||||
Date: Wed, 18 Aug 2021 21:49:12 +0200
|
|
||||||
Subject: [PATCH 148/150] macros: expand BIT macros, add MASK macros; add
|
|
||||||
*_SAFE macros
|
|
||||||
|
|
||||||
These macros might make reading a code that often converts between powers
|
|
||||||
of 2 and values/masks a bit easier; moreover, the *_SAFE versions should
|
|
||||||
help in cases where the shift values are expected to be equal to the type
|
|
||||||
bit width (which lead to UB otherwise).
|
|
||||||
|
|
||||||
Switching from BIT to BIT32 should also clarify bitness, which may be somewhat
|
|
||||||
murky at times (cf. printxval, printflags, and printxvals).
|
|
||||||
|
|
||||||
* src/macros.h [!BIT] (BIT): Rename to...
|
|
||||||
[!BIT32] (BIT32): ...this.
|
|
||||||
[!BIT64] (BIT64): New macro.
|
|
||||||
[!MASK32] (MASK32): Likewise.
|
|
||||||
[!MASK64] (MASK64): Likewise.
|
|
||||||
(BIT32_SAFE, BIT64_SAFE, MASK32_SAFE, MASK64_SAFE): New macros.
|
|
||||||
(FLAG): Use BIT32.
|
|
||||||
---
|
|
||||||
src/macros.h | 30 +++++++++++++++++++++++++++---
|
|
||||||
1 file changed, 27 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/macros.h b/src/macros.h
|
|
||||||
index 467f5d0..2d7a83d 100644
|
|
||||||
--- a/src/macros.h
|
|
||||||
+++ b/src/macros.h
|
|
||||||
@@ -78,10 +78,34 @@ is_filled(const char *ptr, char fill, size_t size)
|
|
||||||
# define IS_ARRAY_ZERO(arr_) \
|
|
||||||
is_filled((const char *) (arr_), 0, sizeof(arr_) + MUST_BE_ARRAY(arr_))
|
|
||||||
|
|
||||||
-# ifndef BIT
|
|
||||||
-# define BIT(x_) (1U << (x_))
|
|
||||||
+# ifndef BIT32
|
|
||||||
+# define BIT32(x_) (1U << (x_))
|
|
||||||
# endif
|
|
||||||
|
|
||||||
-# define FLAG(name_) name_ = BIT(name_##_BIT)
|
|
||||||
+# ifndef BIT64
|
|
||||||
+# define BIT64(x_) (1ULL << (x_))
|
|
||||||
+# endif
|
|
||||||
+
|
|
||||||
+# ifndef MASK32
|
|
||||||
+# define MASK32(x_) (BIT32(x_) - 1U)
|
|
||||||
+# endif
|
|
||||||
+
|
|
||||||
+# ifndef MASK64
|
|
||||||
+# define MASK64(x_) (BIT64(x_) - 1ULL)
|
|
||||||
+# endif
|
|
||||||
+
|
|
||||||
+/*
|
|
||||||
+ * "Safe" versions that avoid UB for values that are >= type bit size
|
|
||||||
+ * (the usually expected behaviour of the bit shift in that case is zero,
|
|
||||||
+ * but at least powerpc is notorious for returning the input value when shift
|
|
||||||
+ * by 64 bits is performed).
|
|
||||||
+ */
|
|
||||||
+
|
|
||||||
+# define BIT32_SAFE(x_) ((x_) < 32 ? BIT32(x_) : 0)
|
|
||||||
+# define BIT64_SAFE(x_) ((x_) < 64 ? BIT64(x_) : 0)
|
|
||||||
+# define MASK32_SAFE(x_) (BIT32_SAFE(x_) - 1U)
|
|
||||||
+# define MASK64_SAFE(x_) (BIT64_SAFE(x_) - 1ULL)
|
|
||||||
+
|
|
||||||
+# define FLAG(name_) name_ = BIT32(name_##_BIT)
|
|
||||||
|
|
||||||
#endif /* !STRACE_MACROS_H */
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -1,151 +0,0 @@
|
|||||||
From 8ef5456338a947944cc03b95c22c837af5884ddc Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
||||||
Date: Wed, 18 Aug 2021 21:51:22 +0200
|
|
||||||
Subject: [PATCH 149/150] trie: use BIT* and MASK* macros
|
|
||||||
|
|
||||||
This makes reading the code a bit easier. It also solves some issues
|
|
||||||
where there is a hypothertical possibility of having bit shifts of size
|
|
||||||
64, by virtue of using the *_SAFE macros (that should silence some
|
|
||||||
reported "left shifting by more than 63 bits has undefined behavior"
|
|
||||||
covscan issues).
|
|
||||||
|
|
||||||
* src/trie.c (trie_create): Use BIT32, MASK64.
|
|
||||||
(trie_create_data_block): Use BIT32, change iterator variable type
|
|
||||||
to size_t.
|
|
||||||
(trie_get_node): Use BIT64, MASK64.
|
|
||||||
(trie_data_block_calc_pos): Use BIT32, MASK64, MASK64_SAFE.
|
|
||||||
(trie_iterate_keys_node): Use BIT64, MASK64, MASK64_SAFE.
|
|
||||||
(trie_free_node): Use BIT64.
|
|
||||||
---
|
|
||||||
src/trie.c | 34 +++++++++++++++++-----------------
|
|
||||||
1 file changed, 17 insertions(+), 17 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/trie.c b/src/trie.c
|
|
||||||
index 586ff25..0a231e4 100644
|
|
||||||
--- a/src/trie.c
|
|
||||||
+++ b/src/trie.c
|
|
||||||
@@ -15,6 +15,7 @@
|
|
||||||
#include <stdio.h>
|
|
||||||
|
|
||||||
#include "trie.h"
|
|
||||||
+#include "macros.h"
|
|
||||||
#include "xmalloc.h"
|
|
||||||
|
|
||||||
static const uint8_t ptr_sz_lg = (sizeof(void *) == 8 ? 6 : 5);
|
|
||||||
@@ -87,7 +88,7 @@ trie_create(uint8_t key_size, uint8_t item_size_lg, uint8_t node_key_bits,
|
|
||||||
/ t->node_key_bits;
|
|
||||||
|
|
||||||
if (item_size_lg != 6)
|
|
||||||
- t->empty_value &= (((uint64_t) 1 << (1 << t->item_size_lg)) - 1);
|
|
||||||
+ t->empty_value &= MASK64(BIT32(t->item_size_lg));
|
|
||||||
|
|
||||||
return t;
|
|
||||||
}
|
|
||||||
@@ -96,8 +97,8 @@ static void *
|
|
||||||
trie_create_data_block(struct trie *t)
|
|
||||||
{
|
|
||||||
uint64_t fill_value = t->empty_value;
|
|
||||||
- for (int i = 1; i < 1 << (6 - t->item_size_lg); i++) {
|
|
||||||
- fill_value <<= (1 << t->item_size_lg);
|
|
||||||
+ for (size_t i = 1; i < BIT32(6 - t->item_size_lg); i++) {
|
|
||||||
+ fill_value <<= BIT32(t->item_size_lg);
|
|
||||||
fill_value |= t->empty_value;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -105,7 +106,7 @@ trie_create_data_block(struct trie *t)
|
|
||||||
if (sz < 6)
|
|
||||||
sz = 6;
|
|
||||||
|
|
||||||
- size_t count = 1 << (sz - 6);
|
|
||||||
+ size_t count = BIT32(sz - 6);
|
|
||||||
uint64_t *data_block = xcalloc(count, 8);
|
|
||||||
|
|
||||||
for (size_t i = 0; i < count; i++)
|
|
||||||
@@ -119,7 +120,7 @@ trie_get_node(struct trie *t, uint64_t key, bool auto_create)
|
|
||||||
{
|
|
||||||
void **cur_node = &(t->data);
|
|
||||||
|
|
||||||
- if (t->key_size < 64 && key > (uint64_t) 1 << t->key_size)
|
|
||||||
+ if (t->key_size < 64 && key > MASK64(t->key_size))
|
|
||||||
return NULL;
|
|
||||||
|
|
||||||
for (uint8_t cur_depth = 0; cur_depth <= t->max_depth; cur_depth++) {
|
|
||||||
@@ -133,13 +134,13 @@ trie_get_node(struct trie *t, uint64_t key, bool auto_create)
|
|
||||||
if (cur_depth == t->max_depth)
|
|
||||||
*cur_node = trie_create_data_block(t);
|
|
||||||
else
|
|
||||||
- *cur_node = xcalloc(1 << sz, 1);
|
|
||||||
+ *cur_node = xcalloc(BIT64(sz), 1);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (cur_depth == t->max_depth)
|
|
||||||
break;
|
|
||||||
|
|
||||||
- size_t pos = (key >> offs) & ((1 << (sz - ptr_sz_lg)) - 1);
|
|
||||||
+ size_t pos = (key >> offs) & MASK64(sz - ptr_sz_lg);
|
|
||||||
cur_node = (((void **) (*cur_node)) + pos);
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -152,7 +153,7 @@ trie_data_block_calc_pos(struct trie *t, uint64_t key,
|
|
||||||
{
|
|
||||||
uint64_t key_mask;
|
|
||||||
|
|
||||||
- key_mask = (1 << t->data_block_key_bits) - 1;
|
|
||||||
+ key_mask = MASK64(t->data_block_key_bits);
|
|
||||||
*pos = (key & key_mask) >> (6 - t->item_size_lg);
|
|
||||||
|
|
||||||
if (t->item_size_lg == 6) {
|
|
||||||
@@ -161,10 +162,10 @@ trie_data_block_calc_pos(struct trie *t, uint64_t key,
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
- key_mask = (1 << (6 - t->item_size_lg)) - 1;
|
|
||||||
- *offs = (key & key_mask) * (1 << t->item_size_lg);
|
|
||||||
+ key_mask = MASK64(6 - t->item_size_lg);
|
|
||||||
+ *offs = (key & key_mask) << t->item_size_lg;
|
|
||||||
|
|
||||||
- *mask = (((uint64_t) 1 << (1 << t->item_size_lg)) - 1) << *offs;
|
|
||||||
+ *mask = MASK64_SAFE(BIT32(t->item_size_lg)) << *offs;
|
|
||||||
}
|
|
||||||
|
|
||||||
bool
|
|
||||||
@@ -211,7 +212,7 @@ trie_iterate_keys_node(struct trie *t,
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
if (t->key_size < 64) {
|
|
||||||
- uint64_t key_max = ((uint64_t) 1 << t->key_size) - 1;
|
|
||||||
+ uint64_t key_max = MASK64(t->key_size);
|
|
||||||
if (end > key_max)
|
|
||||||
end = key_max;
|
|
||||||
}
|
|
||||||
@@ -228,15 +229,14 @@ trie_iterate_keys_node(struct trie *t,
|
|
||||||
t->key_size :
|
|
||||||
trie_get_node_bit_offs(t, depth - 1);
|
|
||||||
|
|
||||||
- uint64_t first_key_in_node = start &
|
|
||||||
- (uint64_t) -1 << parent_node_bit_off;
|
|
||||||
+ uint64_t first_key_in_node = start & ~MASK64_SAFE(parent_node_bit_off);
|
|
||||||
|
|
||||||
uint8_t node_bit_off = trie_get_node_bit_offs(t, depth);
|
|
||||||
uint8_t node_key_bits = parent_node_bit_off - node_bit_off;
|
|
||||||
- uint64_t mask = ((uint64_t) 1 << (node_key_bits)) - 1;
|
|
||||||
+ uint64_t mask = MASK64_SAFE(node_key_bits);
|
|
||||||
uint64_t start_index = (start >> node_bit_off) & mask;
|
|
||||||
uint64_t end_index = (end >> node_bit_off) & mask;
|
|
||||||
- uint64_t child_key_count = (uint64_t) 1 << node_bit_off;
|
|
||||||
+ uint64_t child_key_count = BIT64(node_bit_off);
|
|
||||||
|
|
||||||
uint64_t count = 0;
|
|
||||||
|
|
||||||
@@ -274,7 +274,7 @@ trie_free_node(struct trie *t, void *node, uint8_t depth)
|
|
||||||
if (depth >= t->max_depth)
|
|
||||||
goto free_node;
|
|
||||||
|
|
||||||
- size_t sz = 1 << (trie_get_node_size(t, depth) - ptr_sz_lg);
|
|
||||||
+ size_t sz = BIT64(trie_get_node_size(t, depth) - ptr_sz_lg);
|
|
||||||
for (size_t i = 0; i < sz; i++)
|
|
||||||
trie_free_node(t, ((void **) node)[i], depth + 1);
|
|
||||||
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -1,52 +0,0 @@
|
|||||||
From 3a68f90c2a5a208b475cc2014f85ae04541ec5b6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
||||||
Date: Fri, 20 Aug 2021 21:31:01 +0200
|
|
||||||
Subject: [PATCH 150/150] tee: rewrite num_params access in tee_fetch_buf_data
|
|
||||||
|
|
||||||
Pointer to num_params field of the fetched structure is passed in a
|
|
||||||
separate function argument which provokes covscan complaints about
|
|
||||||
uninitialised accesses and also tingles my aliasing rules senses.
|
|
||||||
Rewrite to access it via the arg_struct argument which is fetched
|
|
||||||
earlier in the function flow.
|
|
||||||
|
|
||||||
* src/tee.c (TEE_FETCH_BUF_DATA): Change &arg_.num_params
|
|
||||||
to offsetof(typeof(arg_), num_params).
|
|
||||||
(tee_fetch_buf_data): Accept offset of the num_params field instead
|
|
||||||
of pointer to it; reconstruct the num_params pointer using it.
|
|
||||||
---
|
|
||||||
src/tee.c | 5 +++--
|
|
||||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/tee.c b/src/tee.c
|
|
||||||
index f9eda52..d7e9b15 100644
|
|
||||||
--- a/src/tee.c
|
|
||||||
+++ b/src/tee.c
|
|
||||||
@@ -33,7 +33,7 @@ struct tee_ioctl_shm_register_fd_data {
|
|
||||||
|
|
||||||
#define TEE_FETCH_BUF_DATA(buf_, arg_, params_) \
|
|
||||||
tee_fetch_buf_data(tcp, arg, &buf_, sizeof(arg_), \
|
|
||||||
- &arg_, &arg_.num_params, \
|
|
||||||
+ &arg_, offsetof(typeof(arg_), num_params), \
|
|
||||||
params_)
|
|
||||||
|
|
||||||
/* session id is printed as 0x%x in libteec */
|
|
||||||
@@ -56,7 +56,7 @@ tee_fetch_buf_data(struct tcb *const tcp,
|
|
||||||
struct tee_ioctl_buf_data *buf,
|
|
||||||
size_t arg_size,
|
|
||||||
void *arg_struct,
|
|
||||||
- unsigned *num_params,
|
|
||||||
+ size_t num_params_offs,
|
|
||||||
uint64_t *params)
|
|
||||||
{
|
|
||||||
if (umove_or_printaddr(tcp, arg, buf))
|
|
||||||
@@ -69,6 +69,7 @@ tee_fetch_buf_data(struct tcb *const tcp,
|
|
||||||
tee_print_buf(buf);
|
|
||||||
return RVAL_IOCTL_DECODED;
|
|
||||||
}
|
|
||||||
+ uint32_t *num_params = (uint32_t *) (arg_struct + num_params_offs);
|
|
||||||
if (entering(tcp) &&
|
|
||||||
(arg_size + TEE_IOCTL_PARAM_SIZE(*num_params) != buf->buf_len)) {
|
|
||||||
/*
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -1,171 +0,0 @@
|
|||||||
From 719ccf8f4bf4263b02c686f16f579fd6119bb52c Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
||||||
Date: Mon, 23 Aug 2021 18:24:39 +0200
|
|
||||||
Subject: [PATCH] tests: call setsockopt directly in sockopt-timestamp
|
|
||||||
|
|
||||||
While commit v5.13-10-g0211fdc "tests: change sockopt-timestamp test to
|
|
||||||
use syscall(__NR_recvmsg)" has fixed issues with glibc-induced mangling
|
|
||||||
on newer kernels, the combination of an older kernel and new glibc still
|
|
||||||
causes issues, as glibc silently falls back to SO_TIMESTAMP{,NS}_OLD, as
|
|
||||||
implemented in glibc-2.34~294 "linux: Add fallback for 64-bit time_t
|
|
||||||
SO_TIMESTAMP{NS}". Avoid that by calling setsockopt directly as well.
|
|
||||||
|
|
||||||
* tests/sockopt-timestamp.c (SC_setsockopt): New macro constant.
|
|
||||||
(k_setsockopt): New function.
|
|
||||||
(test_sockopt): Call k_setsockopt instead of setsockopt.
|
|
||||||
|
|
||||||
Complements: v5.13-10-g0211fdc "tests: change sockopt-timestamp test to use syscall(__NR_recvmsg)"
|
|
||||||
---
|
|
||||||
tests/sockopt-timestamp.c | 31 ++++++++++++++++++++++++++++++-
|
|
||||||
1 file changed, 30 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/tests/sockopt-timestamp.c b/tests/sockopt-timestamp.c
|
|
||||||
index 34c4d89..4bd96fd 100644
|
|
||||||
--- a/tests/sockopt-timestamp.c
|
|
||||||
+++ b/tests/sockopt-timestamp.c
|
|
||||||
@@ -48,6 +48,30 @@ k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags
|
|
||||||
return rc;
|
|
||||||
}
|
|
||||||
|
|
||||||
+#define SC_setsockopt 14
|
|
||||||
+static long
|
|
||||||
+k_setsockopt(const unsigned int fd, const unsigned int level,
|
|
||||||
+ const unsigned int optname, const void *const optval,
|
|
||||||
+ const unsigned int len)
|
|
||||||
+{
|
|
||||||
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
|
|
||||||
+#ifdef __NR_setsockopt
|
|
||||||
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
+ return syscall(
|
|
||||||
+#ifdef __NR_setsockopt
|
|
||||||
+ __NR_setsockopt,
|
|
||||||
+#else /* socketcall */
|
|
||||||
+ __NR_socketcall, SC_setsockopt,
|
|
||||||
+#endif
|
|
||||||
+ fill | fd , fill | level, fill | optname, optval, fill | len
|
|
||||||
+#ifdef __NR_setsockopt
|
|
||||||
+ , bad
|
|
||||||
+#endif
|
|
||||||
+ );
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static void
|
|
||||||
print_timestamp_old(const struct cmsghdr *c)
|
|
||||||
{
|
|
||||||
@@ -139,7 +163,12 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
|
|
||||||
perror_msg_and_skip(data);
|
|
||||||
|
|
||||||
const int opt_1 = 1;
|
|
||||||
- if (setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
|
|
||||||
+ /*
|
|
||||||
+ * glibc-2.34~294 adds fallsback for SO_TIMESTAMP{,NS}_NEW that calls
|
|
||||||
+ * SO_TIMESTAMP{,NS}_OLD, so we have to call the setsockopt directly
|
|
||||||
+ * in order to avoid unexpected recvmsg msg types.
|
|
||||||
+ */
|
|
||||||
+ if (k_setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
|
|
||||||
perror(str);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
diff --git a/tests-m32/sockopt-timestamp.c b/tests-m32/sockopt-timestamp.c
|
|
||||||
index 34c4d89..4bd96fd 100644
|
|
||||||
--- a/tests-m32/sockopt-timestamp.c
|
|
||||||
+++ b/tests-m32/sockopt-timestamp.c
|
|
||||||
@@ -48,6 +48,30 @@ k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags
|
|
||||||
return rc;
|
|
||||||
}
|
|
||||||
|
|
||||||
+#define SC_setsockopt 14
|
|
||||||
+static long
|
|
||||||
+k_setsockopt(const unsigned int fd, const unsigned int level,
|
|
||||||
+ const unsigned int optname, const void *const optval,
|
|
||||||
+ const unsigned int len)
|
|
||||||
+{
|
|
||||||
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
|
|
||||||
+#ifdef __NR_setsockopt
|
|
||||||
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
+ return syscall(
|
|
||||||
+#ifdef __NR_setsockopt
|
|
||||||
+ __NR_setsockopt,
|
|
||||||
+#else /* socketcall */
|
|
||||||
+ __NR_socketcall, SC_setsockopt,
|
|
||||||
+#endif
|
|
||||||
+ fill | fd , fill | level, fill | optname, optval, fill | len
|
|
||||||
+#ifdef __NR_setsockopt
|
|
||||||
+ , bad
|
|
||||||
+#endif
|
|
||||||
+ );
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static void
|
|
||||||
print_timestamp_old(const struct cmsghdr *c)
|
|
||||||
{
|
|
||||||
@@ -139,7 +163,12 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
|
|
||||||
perror_msg_and_skip(data);
|
|
||||||
|
|
||||||
const int opt_1 = 1;
|
|
||||||
- if (setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
|
|
||||||
+ /*
|
|
||||||
+ * glibc-2.34~294 adds fallsback for SO_TIMESTAMP{,NS}_NEW that calls
|
|
||||||
+ * SO_TIMESTAMP{,NS}_OLD, so we have to call the setsockopt directly
|
|
||||||
+ * in order to avoid unexpected recvmsg msg types.
|
|
||||||
+ */
|
|
||||||
+ if (k_setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
|
|
||||||
perror(str);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
diff --git a/tests-mx32/sockopt-timestamp.c b/tests-mx32/sockopt-timestamp.c
|
|
||||||
index 34c4d89..4bd96fd 100644
|
|
||||||
--- a/tests-mx32/sockopt-timestamp.c
|
|
||||||
+++ b/tests-mx32/sockopt-timestamp.c
|
|
||||||
@@ -48,6 +48,30 @@ k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags
|
|
||||||
return rc;
|
|
||||||
}
|
|
||||||
|
|
||||||
+#define SC_setsockopt 14
|
|
||||||
+static long
|
|
||||||
+k_setsockopt(const unsigned int fd, const unsigned int level,
|
|
||||||
+ const unsigned int optname, const void *const optval,
|
|
||||||
+ const unsigned int len)
|
|
||||||
+{
|
|
||||||
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
|
|
||||||
+#ifdef __NR_setsockopt
|
|
||||||
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
+ return syscall(
|
|
||||||
+#ifdef __NR_setsockopt
|
|
||||||
+ __NR_setsockopt,
|
|
||||||
+#else /* socketcall */
|
|
||||||
+ __NR_socketcall, SC_setsockopt,
|
|
||||||
+#endif
|
|
||||||
+ fill | fd , fill | level, fill | optname, optval, fill | len
|
|
||||||
+#ifdef __NR_setsockopt
|
|
||||||
+ , bad
|
|
||||||
+#endif
|
|
||||||
+ );
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static void
|
|
||||||
print_timestamp_old(const struct cmsghdr *c)
|
|
||||||
{
|
|
||||||
@@ -139,7 +163,12 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
|
|
||||||
perror_msg_and_skip(data);
|
|
||||||
|
|
||||||
const int opt_1 = 1;
|
|
||||||
- if (setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
|
|
||||||
+ /*
|
|
||||||
+ * glibc-2.34~294 adds fallsback for SO_TIMESTAMP{,NS}_NEW that calls
|
|
||||||
+ * SO_TIMESTAMP{,NS}_OLD, so we have to call the setsockopt directly
|
|
||||||
+ * in order to avoid unexpected recvmsg msg types.
|
|
||||||
+ */
|
|
||||||
+ if (k_setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
|
|
||||||
perror(str);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -1,55 +0,0 @@
|
|||||||
From e27b06773eaf5c0307bcc5637d7457be9be1e6ea Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
||||||
Date: Wed, 1 Dec 2021 17:11:02 +0100
|
|
||||||
Subject: [PATCH] print_ifindex: fix IFNAME_QUOTED_SZ definition
|
|
||||||
|
|
||||||
sizeof(IFNAMSIZ) instead of IFNAMSIZ was mistakenly used
|
|
||||||
for IFNAME_QUOTED_SZ initial definition in commit v4.23~87
|
|
||||||
"print_ifindex: respect xlat style settings".
|
|
||||||
|
|
||||||
* src/print_ifindex.c (IFNAME_QUOTED_SZ): Use IFNAMSIZ
|
|
||||||
instead of sizeof(IFNAMSIZ).
|
|
||||||
* NEWS: Mention it.
|
|
||||||
|
|
||||||
Reported-by: Paulo Andrade <pandrade@redhat.com>
|
|
||||||
Suggested-by: Paulo Andrade <pandrade@redhat.com>
|
|
||||||
Fixes: v4.23~87 "print_ifindex: respect xlat style settings"
|
|
||||||
References: https://bugzilla.redhat.com/show_bug.cgi?id=2028146
|
|
||||||
---
|
|
||||||
NEWS | 4 ++++
|
|
||||||
src/print_ifindex.c | 2 +-
|
|
||||||
2 files changed, 5 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/NEWS b/NEWS
|
|
||||||
index 9bab673..a3036b8 100644
|
|
||||||
--- a/NEWS
|
|
||||||
+++ b/NEWS
|
|
||||||
@@ -16,6 +16,12 @@ Noteworthy changes in release ?.?? (????-??-??)
|
|
||||||
PTRACE_*, RTM_*, RTPROT_*, TRAP_*, UFFD_*, UFFDIO_*, and V4L2_* constants.
|
|
||||||
* Updated lists of ioctl commands from Linux 5.13.
|
|
||||||
|
|
||||||
+ * Bug fixes
|
|
||||||
+ * Fixed insufficient buffer size used for network interface name printing,
|
|
||||||
+ that previously led to assertions on attempts of printing interface names
|
|
||||||
+ that require quoting, for example, names longer than 4 characters in -xx
|
|
||||||
+ mode (addresses RHBZ bug #2028146).
|
|
||||||
+
|
|
||||||
* Portability
|
|
||||||
* On powerpc and powerpc64, linux kernel >= 2.6.23 is required.
|
|
||||||
Older versions without a decent PTRACE_GETREGS support will not work.
|
|
||||||
diff --git a/src/print_ifindex.c b/src/print_ifindex.c
|
|
||||||
index ec48093..dc9d592 100644
|
|
||||||
--- a/src/print_ifindex.c
|
|
||||||
+++ b/src/print_ifindex.c
|
|
||||||
@@ -13,7 +13,7 @@
|
|
||||||
|
|
||||||
# define INI_PFX "if_nametoindex(\""
|
|
||||||
# define INI_SFX "\")"
|
|
||||||
-# define IFNAME_QUOTED_SZ (sizeof(IFNAMSIZ) * 4 + 3)
|
|
||||||
+# define IFNAME_QUOTED_SZ (IFNAMSIZ * 4 + 3)
|
|
||||||
|
|
||||||
const char *
|
|
||||||
get_ifname(const unsigned int ifindex)
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -1,208 +0,0 @@
|
|||||||
From b8f375c2c8140e759122bca3e3469386d3ba5184 Mon Sep 17 00:00:00 2001
|
|
||||||
From: "Dmitry V. Levin" <ldv@strace.io>
|
|
||||||
Date: Mon, 29 Nov 2021 08:00:00 +0000
|
|
||||||
Subject: [PATCH 168/174] m4: fix st_SELINUX check
|
|
||||||
|
|
||||||
* m4/st_selinux.m4: Make sure selinux support is enabled only if
|
|
||||||
all expected functions are provided by libselinux.
|
|
||||||
|
|
||||||
Fixes: v5.12~49 "Implement --secontext[=full] option to display SELinux contexts"
|
|
||||||
---
|
|
||||||
m4/st_selinux.m4 | 36 ++++++++++++++++--------------------
|
|
||||||
1 file changed, 16 insertions(+), 20 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/m4/st_selinux.m4 b/m4/st_selinux.m4
|
|
||||||
index da72a48..7b24eba 100644
|
|
||||||
--- a/m4/st_selinux.m4
|
|
||||||
+++ b/m4/st_selinux.m4
|
|
||||||
@@ -34,29 +34,25 @@ AS_IF([test "x$with_libselinux" != xno],
|
|
||||||
AS_IF([test "x$found_selinux_h" = xyes],
|
|
||||||
[saved_LDFLAGS="$LDFLAGS"
|
|
||||||
LDFLAGS="$LDFLAGS $libselinux_LDFLAGS"
|
|
||||||
- AC_CHECK_LIB([selinux],[getpidcon],
|
|
||||||
- [libselinux_LIBS="-lselinux"
|
|
||||||
- enable_secontext=yes
|
|
||||||
- ],
|
|
||||||
- [if test "x$with_libselinux" != xcheck; then
|
|
||||||
- AC_MSG_FAILURE([failed to find getpidcon in libselinux])
|
|
||||||
- fi
|
|
||||||
- ]
|
|
||||||
- )
|
|
||||||
- AC_CHECK_LIB([selinux],[getfilecon],
|
|
||||||
- [libselinux_LIBS="-lselinux"
|
|
||||||
- enable_secontext=yes
|
|
||||||
- ],
|
|
||||||
- [if test "x$with_libselinux" != xcheck; then
|
|
||||||
- AC_MSG_FAILURE([failed to find getfilecon in libselinux])
|
|
||||||
- fi
|
|
||||||
- ]
|
|
||||||
+ missing=
|
|
||||||
+ for func in getpidcon getfilecon; do
|
|
||||||
+ AC_CHECK_LIB([selinux], [$func], [:],
|
|
||||||
+ [missing="$missing $func"])
|
|
||||||
+ done
|
|
||||||
+ AS_IF([test "x$missing" = x],
|
|
||||||
+ [libselinux_LIBS="-lselinux"
|
|
||||||
+ enable_secontext=yes
|
|
||||||
+ ],
|
|
||||||
+ [AS_IF([test "x$with_libselinux" != xcheck],
|
|
||||||
+ [AC_MSG_FAILURE([failed to find in libselinux:$missing])]
|
|
||||||
+ )
|
|
||||||
+ ]
|
|
||||||
)
|
|
||||||
LDFLAGS="$saved_LDFLAGS"
|
|
||||||
],
|
|
||||||
- [if test "x$with_libselinux" != xcheck; then
|
|
||||||
- AC_MSG_FAILURE([failed to find selinux.h])
|
|
||||||
- fi
|
|
||||||
+ [AS_IF([test "x$with_libselinux" != xcheck],
|
|
||||||
+ [AC_MSG_FAILURE([failed to find selinux.h])]
|
|
||||||
+ )
|
|
||||||
]
|
|
||||||
)
|
|
||||||
]
|
|
||||||
--- old/configure 2022-02-07 20:17:58.364068436 +0100
|
|
||||||
+++ new/configure 2022-02-07 20:19:17.092067347 +0100
|
|
||||||
@@ -18437,9 +18437,12 @@
|
|
||||||
if test "x$found_selinux_h" = xyes; then :
|
|
||||||
saved_LDFLAGS="$LDFLAGS"
|
|
||||||
LDFLAGS="$LDFLAGS $libselinux_LDFLAGS"
|
|
||||||
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getpidcon in -lselinux" >&5
|
|
||||||
-$as_echo_n "checking for getpidcon in -lselinux... " >&6; }
|
|
||||||
-if ${ac_cv_lib_selinux_getpidcon+:} false; then :
|
|
||||||
+ missing=
|
|
||||||
+ for func in getpidcon getfilecon; do
|
|
||||||
+ as_ac_Lib=`$as_echo "ac_cv_lib_selinux_$func" | $as_tr_sh`
|
|
||||||
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $func in -lselinux" >&5
|
|
||||||
+$as_echo_n "checking for $func in -lselinux... " >&6; }
|
|
||||||
+if eval \${$as_ac_Lib+:} false; then :
|
|
||||||
$as_echo_n "(cached) " >&6
|
|
||||||
else
|
|
||||||
ac_check_lib_save_LIBS=$LIBS
|
|
||||||
@@ -18453,101 +18456,59 @@
|
|
||||||
#ifdef __cplusplus
|
|
||||||
extern "C"
|
|
||||||
#endif
|
|
||||||
-char getpidcon ();
|
|
||||||
+char $func ();
|
|
||||||
int
|
|
||||||
main ()
|
|
||||||
{
|
|
||||||
-return getpidcon ();
|
|
||||||
+return $func ();
|
|
||||||
;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
_ACEOF
|
|
||||||
if ac_fn_c_try_link "$LINENO"; then :
|
|
||||||
- ac_cv_lib_selinux_getpidcon=yes
|
|
||||||
+ eval "$as_ac_Lib=yes"
|
|
||||||
else
|
|
||||||
- ac_cv_lib_selinux_getpidcon=no
|
|
||||||
+ eval "$as_ac_Lib=no"
|
|
||||||
fi
|
|
||||||
rm -f core conftest.err conftest.$ac_objext \
|
|
||||||
conftest$ac_exeext conftest.$ac_ext
|
|
||||||
LIBS=$ac_check_lib_save_LIBS
|
|
||||||
fi
|
|
||||||
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_getpidcon" >&5
|
|
||||||
-$as_echo "$ac_cv_lib_selinux_getpidcon" >&6; }
|
|
||||||
-if test "x$ac_cv_lib_selinux_getpidcon" = xyes; then :
|
|
||||||
- libselinux_LIBS="-lselinux"
|
|
||||||
- enable_secontext=yes
|
|
||||||
-
|
|
||||||
+eval ac_res=\$$as_ac_Lib
|
|
||||||
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
|
|
||||||
+$as_echo "$ac_res" >&6; }
|
|
||||||
+if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
|
|
||||||
+ :
|
|
||||||
else
|
|
||||||
- if test "x$with_libselinux" != xcheck; then
|
|
||||||
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
|
|
||||||
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
|
|
||||||
-as_fn_error $? "failed to find getpidcon in libselinux
|
|
||||||
-See \`config.log' for more details" "$LINENO" 5; }
|
|
||||||
- fi
|
|
||||||
-
|
|
||||||
-
|
|
||||||
+ missing="$missing $func"
|
|
||||||
fi
|
|
||||||
|
|
||||||
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getfilecon in -lselinux" >&5
|
|
||||||
-$as_echo_n "checking for getfilecon in -lselinux... " >&6; }
|
|
||||||
-if ${ac_cv_lib_selinux_getfilecon+:} false; then :
|
|
||||||
- $as_echo_n "(cached) " >&6
|
|
||||||
-else
|
|
||||||
- ac_check_lib_save_LIBS=$LIBS
|
|
||||||
-LIBS="-lselinux $LIBS"
|
|
||||||
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
|
|
||||||
-/* end confdefs.h. */
|
|
||||||
-
|
|
||||||
-/* Override any GCC internal prototype to avoid an error.
|
|
||||||
- Use char because int might match the return type of a GCC
|
|
||||||
- builtin and then its argument prototype would still apply. */
|
|
||||||
-#ifdef __cplusplus
|
|
||||||
-extern "C"
|
|
||||||
-#endif
|
|
||||||
-char getfilecon ();
|
|
||||||
-int
|
|
||||||
-main ()
|
|
||||||
-{
|
|
||||||
-return getfilecon ();
|
|
||||||
- ;
|
|
||||||
- return 0;
|
|
||||||
-}
|
|
||||||
-_ACEOF
|
|
||||||
-if ac_fn_c_try_link "$LINENO"; then :
|
|
||||||
- ac_cv_lib_selinux_getfilecon=yes
|
|
||||||
-else
|
|
||||||
- ac_cv_lib_selinux_getfilecon=no
|
|
||||||
-fi
|
|
||||||
-rm -f core conftest.err conftest.$ac_objext \
|
|
||||||
- conftest$ac_exeext conftest.$ac_ext
|
|
||||||
-LIBS=$ac_check_lib_save_LIBS
|
|
||||||
-fi
|
|
||||||
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_getfilecon" >&5
|
|
||||||
-$as_echo "$ac_cv_lib_selinux_getfilecon" >&6; }
|
|
||||||
-if test "x$ac_cv_lib_selinux_getfilecon" = xyes; then :
|
|
||||||
+ done
|
|
||||||
+ if test "x$missing" = x; then :
|
|
||||||
libselinux_LIBS="-lselinux"
|
|
||||||
- enable_secontext=yes
|
|
||||||
+ enable_secontext=yes
|
|
||||||
|
|
||||||
else
|
|
||||||
- if test "x$with_libselinux" != xcheck; then
|
|
||||||
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
|
|
||||||
+ if test "x$with_libselinux" != xcheck; then :
|
|
||||||
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
|
|
||||||
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
|
|
||||||
-as_fn_error $? "failed to find getfilecon in libselinux
|
|
||||||
+as_fn_error $? "failed to find in libselinux:$missing
|
|
||||||
See \`config.log' for more details" "$LINENO" 5; }
|
|
||||||
- fi
|
|
||||||
-
|
|
||||||
|
|
||||||
fi
|
|
||||||
|
|
||||||
+
|
|
||||||
+fi
|
|
||||||
LDFLAGS="$saved_LDFLAGS"
|
|
||||||
|
|
||||||
else
|
|
||||||
- if test "x$with_libselinux" != xcheck; then
|
|
||||||
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
|
|
||||||
+ if test "x$with_libselinux" != xcheck; then :
|
|
||||||
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
|
|
||||||
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
|
|
||||||
as_fn_error $? "failed to find selinux.h
|
|
||||||
See \`config.log' for more details" "$LINENO" 5; }
|
|
||||||
- fi
|
|
||||||
+
|
|
||||||
+fi
|
|
||||||
|
|
||||||
|
|
||||||
fi
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
@ -1,122 +0,0 @@
|
|||||||
From f5fd689e40322a7b08a97eb2d26f192610728230 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
||||||
Date: Tue, 18 Jan 2022 16:10:28 +0100
|
|
||||||
Subject: [PATCH 170/174] tests/linkat: reset errno before SELinux context
|
|
||||||
manipulation
|
|
||||||
|
|
||||||
To avoid printing a stale error information in case of mismatch check
|
|
||||||
failure.
|
|
||||||
|
|
||||||
* tests/linkat.c: Include <errno.h>.
|
|
||||||
(main): Add "errno = 0" before update_secontext_field calls.
|
|
||||||
---
|
|
||||||
tests/linkat.c | 4 ++++
|
|
||||||
1 file changed, 4 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/tests/linkat.c b/tests/linkat.c
|
|
||||||
index 1a869e3..c3e2ee4 100644
|
|
||||||
--- a/tests/linkat.c
|
|
||||||
+++ b/tests/linkat.c
|
|
||||||
@@ -10,6 +10,7 @@
|
|
||||||
#include "tests.h"
|
|
||||||
#include "scno.h"
|
|
||||||
|
|
||||||
+#include <errno.h>
|
|
||||||
#include <fcntl.h>
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <stdlib.h>
|
|
||||||
@@ -91,6 +92,7 @@ main(void)
|
|
||||||
free(sample_1_secontext);
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
+ errno = 0;
|
|
||||||
update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
|
|
||||||
@@ -112,6 +114,7 @@ main(void)
|
|
||||||
free(sample_1_secontext);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+ errno = 0;
|
|
||||||
update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
sample_2_secontext = sample_1_secontext;
|
|
||||||
@@ -142,6 +145,7 @@ main(void)
|
|
||||||
int dfd_old = get_dir_fd(".");
|
|
||||||
char *cwd = get_fd_path(dfd_old);
|
|
||||||
|
|
||||||
+ errno = 0;
|
|
||||||
update_secontext_field(".", SECONTEXT_TYPE, "default_t");
|
|
||||||
char *dfd_old_secontext = SECONTEXT_FILE(".");
|
|
||||||
|
|
||||||
--- a/tests-m32/linkat.c
|
|
||||||
+++ b/tests-m32/linkat.c
|
|
||||||
@@ -10,6 +10,7 @@
|
|
||||||
#include "tests.h"
|
|
||||||
#include "scno.h"
|
|
||||||
|
|
||||||
+#include <errno.h>
|
|
||||||
#include <fcntl.h>
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <stdlib.h>
|
|
||||||
@@ -91,6 +92,7 @@ main(void)
|
|
||||||
free(sample_1_secontext);
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
+ errno = 0;
|
|
||||||
update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
|
|
||||||
@@ -112,6 +114,7 @@ main(void)
|
|
||||||
free(sample_1_secontext);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+ errno = 0;
|
|
||||||
update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
sample_2_secontext = sample_1_secontext;
|
|
||||||
@@ -142,6 +145,7 @@ main(void)
|
|
||||||
int dfd_old = get_dir_fd(".");
|
|
||||||
char *cwd = get_fd_path(dfd_old);
|
|
||||||
|
|
||||||
+ errno = 0;
|
|
||||||
update_secontext_field(".", SECONTEXT_TYPE, "default_t");
|
|
||||||
char *dfd_old_secontext = SECONTEXT_FILE(".");
|
|
||||||
|
|
||||||
--- a/tests-mx32/linkat.c
|
|
||||||
+++ b/tests-mx32/linkat.c
|
|
||||||
@@ -10,6 +10,7 @@
|
|
||||||
#include "tests.h"
|
|
||||||
#include "scno.h"
|
|
||||||
|
|
||||||
+#include <errno.h>
|
|
||||||
#include <fcntl.h>
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <stdlib.h>
|
|
||||||
@@ -91,6 +92,7 @@ main(void)
|
|
||||||
free(sample_1_secontext);
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
+ errno = 0;
|
|
||||||
update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
|
|
||||||
@@ -112,6 +114,7 @@ main(void)
|
|
||||||
free(sample_1_secontext);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
+ errno = 0;
|
|
||||||
update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
sample_2_secontext = sample_1_secontext;
|
|
||||||
@@ -142,6 +145,7 @@ main(void)
|
|
||||||
int dfd_old = get_dir_fd(".");
|
|
||||||
char *cwd = get_fd_path(dfd_old);
|
|
||||||
|
|
||||||
+ errno = 0;
|
|
||||||
update_secontext_field(".", SECONTEXT_TYPE, "default_t");
|
|
||||||
char *dfd_old_secontext = SECONTEXT_FILE(".");
|
|
||||||
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -1,356 +0,0 @@
|
|||||||
From 4951286eb634c00c11883b851c91f3a21975eabd Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
||||||
Date: Tue, 18 Jan 2022 18:03:57 +0100
|
|
||||||
Subject: [PATCH 171/174] tests/secontext: add secontext field getters
|
|
||||||
|
|
||||||
* tests/secontext.h (get_secontext_field, get_secontext_field_file): New
|
|
||||||
declarations.
|
|
||||||
* tests/secontext.c (get_type_from_context): Rename to...
|
|
||||||
(get_secontext_field): ...this; remove "static" qualifier; add "field"
|
|
||||||
argument, use it.
|
|
||||||
(raw_expected_secontext_short_file, raw_secontext_short_pid): Replace
|
|
||||||
get_type_from_context call with get_secontext_field.
|
|
||||||
(get_secontext_field_file): New function.
|
|
||||||
(raw_secontext_short_file): Replace body with get_secontext_field_file
|
|
||||||
call.
|
|
||||||
---
|
|
||||||
tests/secontext.c | 27 +++++++++++++++------------
|
|
||||||
tests/secontext.h | 20 ++++++++++++++++++++
|
|
||||||
2 files changed, 35 insertions(+), 12 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/tests/secontext.c b/tests/secontext.c
|
|
||||||
index 848eea9..52211ed 100644
|
|
||||||
--- a/tests/secontext.c
|
|
||||||
+++ b/tests/secontext.c
|
|
||||||
@@ -56,8 +56,8 @@ strip_trailing_newlines(char *context)
|
|
||||||
return context;
|
|
||||||
}
|
|
||||||
|
|
||||||
-static char *
|
|
||||||
-get_type_from_context(const char *full_context)
|
|
||||||
+char *
|
|
||||||
+get_secontext_field(const char *full_context, enum secontext_field field)
|
|
||||||
{
|
|
||||||
int saved_errno = errno;
|
|
||||||
|
|
||||||
@@ -72,7 +72,7 @@ get_type_from_context(const char *full_context)
|
|
||||||
char *context = NULL;
|
|
||||||
for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0;
|
|
||||||
token; token = strtok_r(NULL, ":", &saveptr), i++) {
|
|
||||||
- if (i == 2) {
|
|
||||||
+ if (i == field) {
|
|
||||||
context = xstrdup(token);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
@@ -122,7 +122,7 @@ raw_expected_secontext_short_file(const char *filename)
|
|
||||||
int saved_errno = errno;
|
|
||||||
|
|
||||||
char *ctx = raw_expected_secontext_full_file(filename);
|
|
||||||
- char *type = get_type_from_context(ctx);
|
|
||||||
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
|
|
||||||
free(ctx);
|
|
||||||
|
|
||||||
errno = saved_errno;
|
|
||||||
@@ -144,20 +144,23 @@ raw_secontext_full_file(const char *filename)
|
|
||||||
return full_secontext;
|
|
||||||
}
|
|
||||||
|
|
||||||
-static char *
|
|
||||||
-raw_secontext_short_file(const char *filename)
|
|
||||||
+char *
|
|
||||||
+get_secontext_field_file(const char *file, enum secontext_field field)
|
|
||||||
{
|
|
||||||
- int saved_errno = errno;
|
|
||||||
-
|
|
||||||
- char *ctx = raw_secontext_full_file(filename);
|
|
||||||
- char *type = get_type_from_context(ctx);
|
|
||||||
+ char *ctx = raw_secontext_full_file(file);
|
|
||||||
+ char *type = get_secontext_field(ctx, field);
|
|
||||||
free(ctx);
|
|
||||||
|
|
||||||
- errno = saved_errno;
|
|
||||||
return type;
|
|
||||||
}
|
|
||||||
|
|
||||||
static char *
|
|
||||||
+raw_secontext_short_file(const char *filename)
|
|
||||||
+{
|
|
||||||
+ return get_secontext_field_file(filename, SECONTEXT_TYPE);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static char *
|
|
||||||
raw_secontext_full_pid(pid_t pid)
|
|
||||||
{
|
|
||||||
int saved_errno = errno;
|
|
||||||
@@ -178,7 +181,7 @@ raw_secontext_short_pid(pid_t pid)
|
|
||||||
int saved_errno = errno;
|
|
||||||
|
|
||||||
char *ctx = raw_secontext_full_pid(pid);
|
|
||||||
- char *type = get_type_from_context(ctx);
|
|
||||||
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
|
|
||||||
free(ctx);
|
|
||||||
|
|
||||||
errno = saved_errno;
|
|
||||||
diff --git a/tests/secontext.h b/tests/secontext.h
|
|
||||||
index 1d0251a..e5571d5 100644
|
|
||||||
--- a/tests/secontext.h
|
|
||||||
+++ b/tests/secontext.h
|
|
||||||
@@ -23,6 +23,15 @@ enum secontext_field {
|
|
||||||
|
|
||||||
#if defined TEST_SECONTEXT && defined HAVE_SELINUX_RUNTIME
|
|
||||||
|
|
||||||
+/**
|
|
||||||
+ * Parse a SELinux context string and return a specified field, duplicated
|
|
||||||
+ * in a separate string. The caller is responsible for freeing the memory
|
|
||||||
+ * pointed by the returned value.
|
|
||||||
+ */
|
|
||||||
+char *get_secontext_field(const char *full_context, enum secontext_field field);
|
|
||||||
+
|
|
||||||
+char *get_secontext_field_file(const char *file, enum secontext_field field);
|
|
||||||
+
|
|
||||||
void update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue);
|
|
||||||
|
|
||||||
@@ -48,6 +57,17 @@ void update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
|
|
||||||
#else
|
|
||||||
|
|
||||||
+static inline char *
|
|
||||||
+get_secontext_field(const char *ctx, enum secontext_field field)
|
|
||||||
+{
|
|
||||||
+ return NULL;
|
|
||||||
+}
|
|
||||||
+static inline char *
|
|
||||||
+get_secontext_field_file(const char *file, enum secontext_field field)
|
|
||||||
+{
|
|
||||||
+ return NULL;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static inline void
|
|
||||||
update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue)
|
|
||||||
diff --git a/tests-m32/secontext.c b/tests-m32/secontext.c
|
|
||||||
index 848eea9..52211ed 100644
|
|
||||||
--- a/tests-m32/secontext.c
|
|
||||||
+++ b/tests-m32/secontext.c
|
|
||||||
@@ -56,8 +56,8 @@ strip_trailing_newlines(char *context)
|
|
||||||
return context;
|
|
||||||
}
|
|
||||||
|
|
||||||
-static char *
|
|
||||||
-get_type_from_context(const char *full_context)
|
|
||||||
+char *
|
|
||||||
+get_secontext_field(const char *full_context, enum secontext_field field)
|
|
||||||
{
|
|
||||||
int saved_errno = errno;
|
|
||||||
|
|
||||||
@@ -72,7 +72,7 @@ get_type_from_context(const char *full_context)
|
|
||||||
char *context = NULL;
|
|
||||||
for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0;
|
|
||||||
token; token = strtok_r(NULL, ":", &saveptr), i++) {
|
|
||||||
- if (i == 2) {
|
|
||||||
+ if (i == field) {
|
|
||||||
context = xstrdup(token);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
@@ -122,7 +122,7 @@ raw_expected_secontext_short_file(const char *filename)
|
|
||||||
int saved_errno = errno;
|
|
||||||
|
|
||||||
char *ctx = raw_expected_secontext_full_file(filename);
|
|
||||||
- char *type = get_type_from_context(ctx);
|
|
||||||
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
|
|
||||||
free(ctx);
|
|
||||||
|
|
||||||
errno = saved_errno;
|
|
||||||
@@ -144,20 +144,23 @@ raw_secontext_full_file(const char *filename)
|
|
||||||
return full_secontext;
|
|
||||||
}
|
|
||||||
|
|
||||||
-static char *
|
|
||||||
-raw_secontext_short_file(const char *filename)
|
|
||||||
+char *
|
|
||||||
+get_secontext_field_file(const char *file, enum secontext_field field)
|
|
||||||
{
|
|
||||||
- int saved_errno = errno;
|
|
||||||
-
|
|
||||||
- char *ctx = raw_secontext_full_file(filename);
|
|
||||||
- char *type = get_type_from_context(ctx);
|
|
||||||
+ char *ctx = raw_secontext_full_file(file);
|
|
||||||
+ char *type = get_secontext_field(ctx, field);
|
|
||||||
free(ctx);
|
|
||||||
|
|
||||||
- errno = saved_errno;
|
|
||||||
return type;
|
|
||||||
}
|
|
||||||
|
|
||||||
static char *
|
|
||||||
+raw_secontext_short_file(const char *filename)
|
|
||||||
+{
|
|
||||||
+ return get_secontext_field_file(filename, SECONTEXT_TYPE);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static char *
|
|
||||||
raw_secontext_full_pid(pid_t pid)
|
|
||||||
{
|
|
||||||
int saved_errno = errno;
|
|
||||||
@@ -178,7 +181,7 @@ raw_secontext_short_pid(pid_t pid)
|
|
||||||
int saved_errno = errno;
|
|
||||||
|
|
||||||
char *ctx = raw_secontext_full_pid(pid);
|
|
||||||
- char *type = get_type_from_context(ctx);
|
|
||||||
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
|
|
||||||
free(ctx);
|
|
||||||
|
|
||||||
errno = saved_errno;
|
|
||||||
diff --git a/tests-m32/secontext.h b/tests-m32/secontext.h
|
|
||||||
index 1d0251a..e5571d5 100644
|
|
||||||
--- a/tests-m32/secontext.h
|
|
||||||
+++ b/tests-m32/secontext.h
|
|
||||||
@@ -23,6 +23,15 @@ enum secontext_field {
|
|
||||||
|
|
||||||
#if defined TEST_SECONTEXT && defined HAVE_SELINUX_RUNTIME
|
|
||||||
|
|
||||||
+/**
|
|
||||||
+ * Parse a SELinux context string and return a specified field, duplicated
|
|
||||||
+ * in a separate string. The caller is responsible for freeing the memory
|
|
||||||
+ * pointed by the returned value.
|
|
||||||
+ */
|
|
||||||
+char *get_secontext_field(const char *full_context, enum secontext_field field);
|
|
||||||
+
|
|
||||||
+char *get_secontext_field_file(const char *file, enum secontext_field field);
|
|
||||||
+
|
|
||||||
void update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue);
|
|
||||||
|
|
||||||
@@ -48,6 +57,17 @@ void update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
|
|
||||||
#else
|
|
||||||
|
|
||||||
+static inline char *
|
|
||||||
+get_secontext_field(const char *ctx, enum secontext_field field)
|
|
||||||
+{
|
|
||||||
+ return NULL;
|
|
||||||
+}
|
|
||||||
+static inline char *
|
|
||||||
+get_secontext_field_file(const char *file, enum secontext_field field)
|
|
||||||
+{
|
|
||||||
+ return NULL;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static inline void
|
|
||||||
update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue)
|
|
||||||
diff --git a/tests-mx32/secontext.c b/tests-mx32/secontext.c
|
|
||||||
index 848eea9..52211ed 100644
|
|
||||||
--- a/tests-mx32/secontext.c
|
|
||||||
+++ b/tests-mx32/secontext.c
|
|
||||||
@@ -56,8 +56,8 @@ strip_trailing_newlines(char *context)
|
|
||||||
return context;
|
|
||||||
}
|
|
||||||
|
|
||||||
-static char *
|
|
||||||
-get_type_from_context(const char *full_context)
|
|
||||||
+char *
|
|
||||||
+get_secontext_field(const char *full_context, enum secontext_field field)
|
|
||||||
{
|
|
||||||
int saved_errno = errno;
|
|
||||||
|
|
||||||
@@ -72,7 +72,7 @@ get_type_from_context(const char *full_context)
|
|
||||||
char *context = NULL;
|
|
||||||
for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0;
|
|
||||||
token; token = strtok_r(NULL, ":", &saveptr), i++) {
|
|
||||||
- if (i == 2) {
|
|
||||||
+ if (i == field) {
|
|
||||||
context = xstrdup(token);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
@@ -122,7 +122,7 @@ raw_expected_secontext_short_file(const char *filename)
|
|
||||||
int saved_errno = errno;
|
|
||||||
|
|
||||||
char *ctx = raw_expected_secontext_full_file(filename);
|
|
||||||
- char *type = get_type_from_context(ctx);
|
|
||||||
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
|
|
||||||
free(ctx);
|
|
||||||
|
|
||||||
errno = saved_errno;
|
|
||||||
@@ -144,20 +144,23 @@ raw_secontext_full_file(const char *filename)
|
|
||||||
return full_secontext;
|
|
||||||
}
|
|
||||||
|
|
||||||
-static char *
|
|
||||||
-raw_secontext_short_file(const char *filename)
|
|
||||||
+char *
|
|
||||||
+get_secontext_field_file(const char *file, enum secontext_field field)
|
|
||||||
{
|
|
||||||
- int saved_errno = errno;
|
|
||||||
-
|
|
||||||
- char *ctx = raw_secontext_full_file(filename);
|
|
||||||
- char *type = get_type_from_context(ctx);
|
|
||||||
+ char *ctx = raw_secontext_full_file(file);
|
|
||||||
+ char *type = get_secontext_field(ctx, field);
|
|
||||||
free(ctx);
|
|
||||||
|
|
||||||
- errno = saved_errno;
|
|
||||||
return type;
|
|
||||||
}
|
|
||||||
|
|
||||||
static char *
|
|
||||||
+raw_secontext_short_file(const char *filename)
|
|
||||||
+{
|
|
||||||
+ return get_secontext_field_file(filename, SECONTEXT_TYPE);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static char *
|
|
||||||
raw_secontext_full_pid(pid_t pid)
|
|
||||||
{
|
|
||||||
int saved_errno = errno;
|
|
||||||
@@ -178,7 +181,7 @@ raw_secontext_short_pid(pid_t pid)
|
|
||||||
int saved_errno = errno;
|
|
||||||
|
|
||||||
char *ctx = raw_secontext_full_pid(pid);
|
|
||||||
- char *type = get_type_from_context(ctx);
|
|
||||||
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
|
|
||||||
free(ctx);
|
|
||||||
|
|
||||||
errno = saved_errno;
|
|
||||||
diff --git a/tests-mx32/secontext.h b/tests-mx32/secontext.h
|
|
||||||
index 1d0251a..e5571d5 100644
|
|
||||||
--- a/tests-mx32/secontext.h
|
|
||||||
+++ b/tests-mx32/secontext.h
|
|
||||||
@@ -23,6 +23,15 @@ enum secontext_field {
|
|
||||||
|
|
||||||
#if defined TEST_SECONTEXT && defined HAVE_SELINUX_RUNTIME
|
|
||||||
|
|
||||||
+/**
|
|
||||||
+ * Parse a SELinux context string and return a specified field, duplicated
|
|
||||||
+ * in a separate string. The caller is responsible for freeing the memory
|
|
||||||
+ * pointed by the returned value.
|
|
||||||
+ */
|
|
||||||
+char *get_secontext_field(const char *full_context, enum secontext_field field);
|
|
||||||
+
|
|
||||||
+char *get_secontext_field_file(const char *file, enum secontext_field field);
|
|
||||||
+
|
|
||||||
void update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue);
|
|
||||||
|
|
||||||
@@ -48,6 +57,17 @@ void update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
|
|
||||||
#else
|
|
||||||
|
|
||||||
+static inline char *
|
|
||||||
+get_secontext_field(const char *ctx, enum secontext_field field)
|
|
||||||
+{
|
|
||||||
+ return NULL;
|
|
||||||
+}
|
|
||||||
+static inline char *
|
|
||||||
+get_secontext_field_file(const char *file, enum secontext_field field)
|
|
||||||
+{
|
|
||||||
+ return NULL;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static inline void
|
|
||||||
update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue)
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -1,181 +0,0 @@
|
|||||||
From 97e2742a7f1e6e113354911d04505ada3bfb5d70 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
||||||
Date: Tue, 18 Jan 2022 18:04:42 +0100
|
|
||||||
Subject: [PATCH 172/174] tests/linkat: provide fallback values for secontext
|
|
||||||
fields changes
|
|
||||||
|
|
||||||
* tests/linkat.c (mangle_secontext_field): New function.
|
|
||||||
(main): Replace calls to update_secontext_field
|
|
||||||
with mangle_secontext_field calls.
|
|
||||||
---
|
|
||||||
tests/linkat.c | 23 ++++++++++++++++++++---
|
|
||||||
1 file changed, 20 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/tests/linkat.c b/tests/linkat.c
|
|
||||||
index c3e2ee4..decb736 100644
|
|
||||||
--- a/tests/linkat.c
|
|
||||||
+++ b/tests/linkat.c
|
|
||||||
@@ -21,6 +21,20 @@
|
|
||||||
#include "secontext.h"
|
|
||||||
#include "xmalloc.h"
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+mangle_secontext_field(const char *path, enum secontext_field field,
|
|
||||||
+ const char *new_val, const char *fallback_val)
|
|
||||||
+{
|
|
||||||
+ char *orig = get_secontext_field_file(path, field);
|
|
||||||
+ if (!orig)
|
|
||||||
+ return;
|
|
||||||
+
|
|
||||||
+ update_secontext_field(path, field,
|
|
||||||
+ strcmp(new_val, orig) ? new_val : fallback_val);
|
|
||||||
+
|
|
||||||
+ free(orig);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
int
|
|
||||||
main(void)
|
|
||||||
{
|
|
||||||
@@ -93,7 +107,8 @@ main(void)
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
errno = 0;
|
|
||||||
- update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
|
|
||||||
+ mangle_secontext_field(sample_1, SECONTEXT_USER, "system_u",
|
|
||||||
+ "unconfined_u");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
|
|
||||||
# ifdef PRINT_SECONTEXT_FULL
|
|
||||||
@@ -115,7 +130,8 @@ main(void)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
errno = 0;
|
|
||||||
- update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
|
|
||||||
+ mangle_secontext_field(sample_1, SECONTEXT_TYPE, "default_t",
|
|
||||||
+ "unconfined_t");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
sample_2_secontext = sample_1_secontext;
|
|
||||||
|
|
||||||
@@ -146,7 +162,8 @@ main(void)
|
|
||||||
char *cwd = get_fd_path(dfd_old);
|
|
||||||
|
|
||||||
errno = 0;
|
|
||||||
- update_secontext_field(".", SECONTEXT_TYPE, "default_t");
|
|
||||||
+ mangle_secontext_field(".", SECONTEXT_TYPE, "default_t",
|
|
||||||
+ "unconfined_t");
|
|
||||||
char *dfd_old_secontext = SECONTEXT_FILE(".");
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
diff --git a/tests-m32/linkat.c b/tests-m32/linkat.c
|
|
||||||
index c3e2ee4..decb736 100644
|
|
||||||
--- a/tests-m32/linkat.c
|
|
||||||
+++ b/tests-m32/linkat.c
|
|
||||||
@@ -21,6 +21,20 @@
|
|
||||||
#include "secontext.h"
|
|
||||||
#include "xmalloc.h"
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+mangle_secontext_field(const char *path, enum secontext_field field,
|
|
||||||
+ const char *new_val, const char *fallback_val)
|
|
||||||
+{
|
|
||||||
+ char *orig = get_secontext_field_file(path, field);
|
|
||||||
+ if (!orig)
|
|
||||||
+ return;
|
|
||||||
+
|
|
||||||
+ update_secontext_field(path, field,
|
|
||||||
+ strcmp(new_val, orig) ? new_val : fallback_val);
|
|
||||||
+
|
|
||||||
+ free(orig);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
int
|
|
||||||
main(void)
|
|
||||||
{
|
|
||||||
@@ -93,7 +107,8 @@ main(void)
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
errno = 0;
|
|
||||||
- update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
|
|
||||||
+ mangle_secontext_field(sample_1, SECONTEXT_USER, "system_u",
|
|
||||||
+ "unconfined_u");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
|
|
||||||
# ifdef PRINT_SECONTEXT_FULL
|
|
||||||
@@ -115,7 +130,8 @@ main(void)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
errno = 0;
|
|
||||||
- update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
|
|
||||||
+ mangle_secontext_field(sample_1, SECONTEXT_TYPE, "default_t",
|
|
||||||
+ "unconfined_t");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
sample_2_secontext = sample_1_secontext;
|
|
||||||
|
|
||||||
@@ -146,7 +162,8 @@ main(void)
|
|
||||||
char *cwd = get_fd_path(dfd_old);
|
|
||||||
|
|
||||||
errno = 0;
|
|
||||||
- update_secontext_field(".", SECONTEXT_TYPE, "default_t");
|
|
||||||
+ mangle_secontext_field(".", SECONTEXT_TYPE, "default_t",
|
|
||||||
+ "unconfined_t");
|
|
||||||
char *dfd_old_secontext = SECONTEXT_FILE(".");
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
diff --git a/tests-mx32/linkat.c b/tests-mx32/linkat.c
|
|
||||||
index c3e2ee4..decb736 100644
|
|
||||||
--- a/tests-mx32/linkat.c
|
|
||||||
+++ b/tests-mx32/linkat.c
|
|
||||||
@@ -21,6 +21,20 @@
|
|
||||||
#include "secontext.h"
|
|
||||||
#include "xmalloc.h"
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+mangle_secontext_field(const char *path, enum secontext_field field,
|
|
||||||
+ const char *new_val, const char *fallback_val)
|
|
||||||
+{
|
|
||||||
+ char *orig = get_secontext_field_file(path, field);
|
|
||||||
+ if (!orig)
|
|
||||||
+ return;
|
|
||||||
+
|
|
||||||
+ update_secontext_field(path, field,
|
|
||||||
+ strcmp(new_val, orig) ? new_val : fallback_val);
|
|
||||||
+
|
|
||||||
+ free(orig);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
int
|
|
||||||
main(void)
|
|
||||||
{
|
|
||||||
@@ -93,7 +107,8 @@ main(void)
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
errno = 0;
|
|
||||||
- update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
|
|
||||||
+ mangle_secontext_field(sample_1, SECONTEXT_USER, "system_u",
|
|
||||||
+ "unconfined_u");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
|
|
||||||
# ifdef PRINT_SECONTEXT_FULL
|
|
||||||
@@ -115,7 +130,8 @@ main(void)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
errno = 0;
|
|
||||||
- update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
|
|
||||||
+ mangle_secontext_field(sample_1, SECONTEXT_TYPE, "default_t",
|
|
||||||
+ "unconfined_t");
|
|
||||||
sample_1_secontext = SECONTEXT_FILE(sample_1);
|
|
||||||
sample_2_secontext = sample_1_secontext;
|
|
||||||
|
|
||||||
@@ -146,7 +162,8 @@ main(void)
|
|
||||||
char *cwd = get_fd_path(dfd_old);
|
|
||||||
|
|
||||||
errno = 0;
|
|
||||||
- update_secontext_field(".", SECONTEXT_TYPE, "default_t");
|
|
||||||
+ mangle_secontext_field(".", SECONTEXT_TYPE, "default_t",
|
|
||||||
+ "unconfined_t");
|
|
||||||
char *dfd_old_secontext = SECONTEXT_FILE(".");
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -1,63 +0,0 @@
|
|||||||
From 6e8aa3749cb7e11e9a59db996f79f036bf7ef263 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
||||||
Date: Tue, 18 Jan 2022 18:05:19 +0100
|
|
||||||
Subject: [PATCH 173/174] tests/secontext: eliminate separate secontext_format
|
|
||||||
declaration
|
|
||||||
|
|
||||||
* tests/secontext.c (secontext_format): Remove declaration, supply
|
|
||||||
the attributes to the definition.
|
|
||||||
---
|
|
||||||
tests/secontext.c | 5 +----
|
|
||||||
1 file changed, 1 insertion(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/tests/secontext.c b/tests/secontext.c
|
|
||||||
index 52211ed..ba271c8 100644
|
|
||||||
--- a/tests/secontext.c
|
|
||||||
+++ b/tests/secontext.c
|
|
||||||
@@ -23,10 +23,7 @@
|
|
||||||
# define TEST_SECONTEXT
|
|
||||||
# include "secontext.h"
|
|
||||||
|
|
||||||
-static char *
|
|
||||||
-secontext_format(char *context, const char *fmt)
|
|
||||||
- ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC;
|
|
||||||
-
|
|
||||||
+ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC
|
|
||||||
static char *
|
|
||||||
secontext_format(char *context, const char *fmt)
|
|
||||||
{
|
|
||||||
diff --git a/tests-m32/secontext.c b/tests-m32/secontext.c
|
|
||||||
index 52211ed..ba271c8 100644
|
|
||||||
--- a/tests-m32/secontext.c
|
|
||||||
+++ b/tests-m32/secontext.c
|
|
||||||
@@ -23,10 +23,7 @@
|
|
||||||
# define TEST_SECONTEXT
|
|
||||||
# include "secontext.h"
|
|
||||||
|
|
||||||
-static char *
|
|
||||||
-secontext_format(char *context, const char *fmt)
|
|
||||||
- ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC;
|
|
||||||
-
|
|
||||||
+ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC
|
|
||||||
static char *
|
|
||||||
secontext_format(char *context, const char *fmt)
|
|
||||||
{
|
|
||||||
diff --git a/tests-mx32/secontext.c b/tests-mx32/secontext.c
|
|
||||||
index 52211ed..ba271c8 100644
|
|
||||||
--- a/tests-mx32/secontext.c
|
|
||||||
+++ b/tests-mx32/secontext.c
|
|
||||||
@@ -23,10 +23,7 @@
|
|
||||||
# define TEST_SECONTEXT
|
|
||||||
# include "secontext.h"
|
|
||||||
|
|
||||||
-static char *
|
|
||||||
-secontext_format(char *context, const char *fmt)
|
|
||||||
- ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC;
|
|
||||||
-
|
|
||||||
+ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC
|
|
||||||
static char *
|
|
||||||
secontext_format(char *context, const char *fmt)
|
|
||||||
{
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -1,190 +0,0 @@
|
|||||||
From 78a81bcfb71ef3d9f6e8b1a32e123fbbc6112a60 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
|
||||||
Date: Tue, 18 Jan 2022 18:24:34 +0100
|
|
||||||
Subject: [PATCH 174/174] tests/linkat: reset context to the expected one if a
|
|
||||||
mismatch has been detected
|
|
||||||
|
|
||||||
* tests/secontext.h (reset_secontext_file): New declaration.
|
|
||||||
* tests/secontext.c (reset_secontext_file): New function.
|
|
||||||
* tests/linkat.c (main): Check that there is no initial mismatch
|
|
||||||
in the sample_1 context, reset it otherwise.
|
|
||||||
---
|
|
||||||
tests/linkat.c | 3 +++
|
|
||||||
tests/secontext.c | 7 +++++++
|
|
||||||
tests/secontext.h | 7 +++++++
|
|
||||||
3 files changed, 17 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/tests/linkat.c b/tests/linkat.c
|
|
||||||
index decb736..781b85a 100644
|
|
||||||
--- a/tests/linkat.c
|
|
||||||
+++ b/tests/linkat.c
|
|
||||||
@@ -103,6 +103,9 @@ main(void)
|
|
||||||
if (close(fd_sample_2))
|
|
||||||
perror_msg_and_fail("close");
|
|
||||||
|
|
||||||
+ if (*sample_1_secontext && strstr(sample_1_secontext, "!!"))
|
|
||||||
+ reset_secontext_file(sample_1);
|
|
||||||
+
|
|
||||||
free(sample_1_secontext);
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
diff --git a/tests/secontext.c b/tests/secontext.c
|
|
||||||
index ba271c8..94fadd4 100644
|
|
||||||
--- a/tests/secontext.c
|
|
||||||
+++ b/tests/secontext.c
|
|
||||||
@@ -235,6 +235,13 @@ secontext_short_pid(pid_t pid)
|
|
||||||
return FORMAT_SPACE_AFTER(raw_secontext_short_pid(pid));
|
|
||||||
}
|
|
||||||
|
|
||||||
+void reset_secontext_file(const char *file)
|
|
||||||
+{
|
|
||||||
+ char *proper_ctx = raw_expected_secontext_full_file(file);
|
|
||||||
+ (void) setfilecon(file, proper_ctx);
|
|
||||||
+ free(proper_ctx);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
void
|
|
||||||
update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue)
|
|
||||||
diff --git a/tests/secontext.h b/tests/secontext.h
|
|
||||||
index e5571d5..387263e 100644
|
|
||||||
--- a/tests/secontext.h
|
|
||||||
+++ b/tests/secontext.h
|
|
||||||
@@ -32,6 +32,8 @@ char *get_secontext_field(const char *full_context, enum secontext_field field);
|
|
||||||
|
|
||||||
char *get_secontext_field_file(const char *file, enum secontext_field field);
|
|
||||||
|
|
||||||
+void reset_secontext_file(const char *file);
|
|
||||||
+
|
|
||||||
void update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue);
|
|
||||||
|
|
||||||
@@ -69,6 +71,11 @@ get_secontext_field_file(const char *file, enum secontext_field field)
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline void
|
|
||||||
+reset_secontext_file(const char *file)
|
|
||||||
+{
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static inline void
|
|
||||||
update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue)
|
|
||||||
{
|
|
||||||
diff --git a/tests-m32/linkat.c b/tests-m32/linkat.c
|
|
||||||
index decb736..781b85a 100644
|
|
||||||
--- a/tests-m32/linkat.c
|
|
||||||
+++ b/tests-m32/linkat.c
|
|
||||||
@@ -103,6 +103,9 @@ main(void)
|
|
||||||
if (close(fd_sample_2))
|
|
||||||
perror_msg_and_fail("close");
|
|
||||||
|
|
||||||
+ if (*sample_1_secontext && strstr(sample_1_secontext, "!!"))
|
|
||||||
+ reset_secontext_file(sample_1);
|
|
||||||
+
|
|
||||||
free(sample_1_secontext);
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
diff --git a/tests-m32/secontext.c b/tests-m32/secontext.c
|
|
||||||
index ba271c8..94fadd4 100644
|
|
||||||
--- a/tests-m32/secontext.c
|
|
||||||
+++ b/tests-m32/secontext.c
|
|
||||||
@@ -235,6 +235,13 @@ secontext_short_pid(pid_t pid)
|
|
||||||
return FORMAT_SPACE_AFTER(raw_secontext_short_pid(pid));
|
|
||||||
}
|
|
||||||
|
|
||||||
+void reset_secontext_file(const char *file)
|
|
||||||
+{
|
|
||||||
+ char *proper_ctx = raw_expected_secontext_full_file(file);
|
|
||||||
+ (void) setfilecon(file, proper_ctx);
|
|
||||||
+ free(proper_ctx);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
void
|
|
||||||
update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue)
|
|
||||||
diff --git a/tests-m32/secontext.h b/tests-m32/secontext.h
|
|
||||||
index e5571d5..387263e 100644
|
|
||||||
--- a/tests-m32/secontext.h
|
|
||||||
+++ b/tests-m32/secontext.h
|
|
||||||
@@ -32,6 +32,8 @@ char *get_secontext_field(const char *full_context, enum secontext_field field);
|
|
||||||
|
|
||||||
char *get_secontext_field_file(const char *file, enum secontext_field field);
|
|
||||||
|
|
||||||
+void reset_secontext_file(const char *file);
|
|
||||||
+
|
|
||||||
void update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue);
|
|
||||||
|
|
||||||
@@ -69,6 +71,11 @@ get_secontext_field_file(const char *file, enum secontext_field field)
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline void
|
|
||||||
+reset_secontext_file(const char *file)
|
|
||||||
+{
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static inline void
|
|
||||||
update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue)
|
|
||||||
{
|
|
||||||
diff --git a/tests-mx32/linkat.c b/tests-mx32/linkat.c
|
|
||||||
index decb736..781b85a 100644
|
|
||||||
--- a/tests-mx32/linkat.c
|
|
||||||
+++ b/tests-mx32/linkat.c
|
|
||||||
@@ -103,6 +103,9 @@ main(void)
|
|
||||||
if (close(fd_sample_2))
|
|
||||||
perror_msg_and_fail("close");
|
|
||||||
|
|
||||||
+ if (*sample_1_secontext && strstr(sample_1_secontext, "!!"))
|
|
||||||
+ reset_secontext_file(sample_1);
|
|
||||||
+
|
|
||||||
free(sample_1_secontext);
|
|
||||||
|
|
||||||
#ifdef PRINT_SECONTEXT_MISMATCH
|
|
||||||
diff --git a/tests-mx32/secontext.c b/tests-mx32/secontext.c
|
|
||||||
index ba271c8..94fadd4 100644
|
|
||||||
--- a/tests-mx32/secontext.c
|
|
||||||
+++ b/tests-mx32/secontext.c
|
|
||||||
@@ -235,6 +235,13 @@ secontext_short_pid(pid_t pid)
|
|
||||||
return FORMAT_SPACE_AFTER(raw_secontext_short_pid(pid));
|
|
||||||
}
|
|
||||||
|
|
||||||
+void reset_secontext_file(const char *file)
|
|
||||||
+{
|
|
||||||
+ char *proper_ctx = raw_expected_secontext_full_file(file);
|
|
||||||
+ (void) setfilecon(file, proper_ctx);
|
|
||||||
+ free(proper_ctx);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
void
|
|
||||||
update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue)
|
|
||||||
diff --git a/tests-mx32/secontext.h b/tests-mx32/secontext.h
|
|
||||||
index e5571d5..387263e 100644
|
|
||||||
--- a/tests-mx32/secontext.h
|
|
||||||
+++ b/tests-mx32/secontext.h
|
|
||||||
@@ -32,6 +32,8 @@ char *get_secontext_field(const char *full_context, enum secontext_field field);
|
|
||||||
|
|
||||||
char *get_secontext_field_file(const char *file, enum secontext_field field);
|
|
||||||
|
|
||||||
+void reset_secontext_file(const char *file);
|
|
||||||
+
|
|
||||||
void update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue);
|
|
||||||
|
|
||||||
@@ -69,6 +71,11 @@ get_secontext_field_file(const char *file, enum secontext_field field)
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline void
|
|
||||||
+reset_secontext_file(const char *file)
|
|
||||||
+{
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static inline void
|
|
||||||
update_secontext_field(const char *file, enum secontext_field field,
|
|
||||||
const char *newvalue)
|
|
||||||
{
|
|
||||||
--
|
|
||||||
2.1.4
|
|
||||||
|
|
@ -0,0 +1,58 @@
|
|||||||
|
From 2bf069698a384ff2bc62d2a10544d49d766b4d7f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
||||||
|
Date: Mon, 27 Jun 2022 18:00:17 +0200
|
||||||
|
Subject: [PATCH] src/xlat: remove remnants of unnecessary idx usage in xlookup
|
||||||
|
|
||||||
|
As there is no idx saving between calls anymore, there's no need to use
|
||||||
|
(and update) idx in the XT_SORTED case. Reported by clang as a dead store:
|
||||||
|
|
||||||
|
Error: CLANG_WARNING:
|
||||||
|
strace-5.18/src/xlat.c:84:4: warning[deadcode.DeadStores]: Value stored to 'idx' is never read
|
||||||
|
|
||||||
|
* src/xlat.c (xlookup): Remove idx declaration; declare idx inside
|
||||||
|
of the for loop in the XT_NORMAL case; do not offset x->data and x->size
|
||||||
|
by offs in the XT_SORTED case and do not update idx upon successful
|
||||||
|
lookup.
|
||||||
|
|
||||||
|
Complements: v5.15~164 "xlat: no longer interpret NULL xlat as continuation"
|
||||||
|
---
|
||||||
|
src/xlat.c | 10 +++-------
|
||||||
|
1 file changed, 3 insertions(+), 7 deletions(-)
|
||||||
|
|
||||||
|
Index: strace-5.18/src/xlat.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/src/xlat.c 2022-07-12 17:11:52.660927011 +0200
|
||||||
|
+++ strace-5.18/src/xlat.c 2022-07-12 17:16:18.116794139 +0200
|
||||||
|
@@ -61,7 +61,6 @@
|
||||||
|
const char *
|
||||||
|
xlookup(const struct xlat *x, const uint64_t val)
|
||||||
|
{
|
||||||
|
- size_t idx = 0;
|
||||||
|
const struct xlat_data *e;
|
||||||
|
|
||||||
|
if (!x || !x->data)
|
||||||
|
@@ -69,21 +68,18 @@
|
||||||
|
|
||||||
|
switch (x->type) {
|
||||||
|
case XT_NORMAL:
|
||||||
|
- for (; idx < x->size; idx++)
|
||||||
|
+ for (size_t idx = 0; idx < x->size; idx++)
|
||||||
|
if (x->data[idx].val == val)
|
||||||
|
return x->data[idx].str;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case XT_SORTED:
|
||||||
|
e = bsearch((const void *) &val,
|
||||||
|
- x->data + idx,
|
||||||
|
- x->size - idx,
|
||||||
|
+ x->data, x->size,
|
||||||
|
sizeof(x->data[0]),
|
||||||
|
xlat_bsearch_compare);
|
||||||
|
- if (e) {
|
||||||
|
- idx = e - x->data;
|
||||||
|
+ if (e)
|
||||||
|
return e->str;
|
||||||
|
- }
|
||||||
|
break;
|
||||||
|
|
||||||
|
case XT_INDEXED:
|
@ -0,0 +1,56 @@
|
|||||||
|
From e604d7bfd18cf5f29e6723091cc1db2945c918c9 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
||||||
|
Date: Tue, 28 Jun 2022 16:46:53 +0200
|
||||||
|
Subject: [PATCH] strauss: tips whitespace and phrasing cleanups
|
||||||
|
|
||||||
|
* src/strauss.c (tips_tricks_tweaks): Fix some whitespace and phrasing
|
||||||
|
issues.
|
||||||
|
---
|
||||||
|
src/strauss.c | 13 +++++++------
|
||||||
|
1 file changed, 7 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
Index: strace-5.18/src/strauss.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/src/strauss.c 2022-07-12 17:17:08.712197019 +0200
|
||||||
|
+++ strace-5.18/src/strauss.c 2022-07-12 17:17:20.685055717 +0200
|
||||||
|
@@ -128,8 +128,8 @@
|
||||||
|
{ "strace is about as old as the Linux kernel.",
|
||||||
|
"It has been originally written for SunOS",
|
||||||
|
"by Paul Kranenburg in 1991. The support",
|
||||||
|
- "for all OSes except Linux has been dropped",
|
||||||
|
- "since 2012, though, in strace 4.7." },
|
||||||
|
+ "for all OSes except Linux was dropped"
|
||||||
|
+ "in 2012, though, in strace 4.7." },
|
||||||
|
{ "strace is able to decode netlink messages.",
|
||||||
|
"It does so automatically for I/O performed",
|
||||||
|
"on netlink sockets. Try it yourself:", "",
|
||||||
|
@@ -187,7 +187,7 @@
|
||||||
|
"want to try --seccomp-bpf option, maybe you",
|
||||||
|
"will feel better." },
|
||||||
|
{ "-v is a shorthand for -e abbrev=none and not",
|
||||||
|
- " for -e verbose=all. It is idiosyncratic,",
|
||||||
|
+ "for -e verbose=all. It is idiosyncratic,",
|
||||||
|
"but it is the historic behaviour." },
|
||||||
|
{ "strace uses netlink for printing",
|
||||||
|
"protocol-specific information about socket",
|
||||||
|
@@ -254,7 +254,7 @@
|
||||||
|
"by invoking it with the following options:", "",
|
||||||
|
" strace -DDDqqq -enone --signal=none" },
|
||||||
|
{ "Historically, supplying -o option to strace",
|
||||||
|
- "led to silencing of messages about tracee",
|
||||||
|
+ "leads to silencing of messages about tracee",
|
||||||
|
"attach/detach and personality changes.",
|
||||||
|
"It can be now overridden with --quiet=none",
|
||||||
|
"option." },
|
||||||
|
@@ -285,8 +285,9 @@
|
||||||
|
"will trace all syscalls related to accessing",
|
||||||
|
"and modifying process's user/group IDs",
|
||||||
|
"and capability sets. Other pre-defined",
|
||||||
|
- "syscall classes include %clock, %desc,%file,",
|
||||||
|
- "%ipc,%memory, %net,%process, and %signal." },
|
||||||
|
+ "syscall classes include %clock, %desc,"
|
||||||
|
+ "%file, %ipc, %memory, %net, %process,"
|
||||||
|
+ "and %signal." },
|
||||||
|
{ "Trying to figure out communication between",
|
||||||
|
"tracees inside a different PID namespace",
|
||||||
|
"(in so-called \"containers\", for example)?",
|
@ -0,0 +1,48 @@
|
|||||||
|
From 968789d5426442ac43b96eabd65f3e5c0c141e62 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
||||||
|
Date: Tue, 28 Jun 2022 16:47:56 +0200
|
||||||
|
Subject: [PATCH] strauss: fix off-by-one error in strauss array access
|
||||||
|
|
||||||
|
It has to be limited with strauss_lines - 1, not strauss_lines.
|
||||||
|
Reported by covscan:
|
||||||
|
|
||||||
|
Error: OVERRUN (CWE-119):
|
||||||
|
strace-5.18/src/strauss.c:380: cond_at_least: Checking "4UL + i < 37UL"
|
||||||
|
implies that "i" is at least 33 on the false branch.
|
||||||
|
strace-5.18/src/strauss.c:380: overrun-local: Overrunning array "strauss"
|
||||||
|
of 37 8-byte elements at element index 37 (byte offset 303) using index
|
||||||
|
"(4UL + i < 37UL) ? 4UL + i : 37UL" (which evaluates to 37).
|
||||||
|
|
||||||
|
* src/strauss.c (print_totd): Limit strauss array accesses to
|
||||||
|
strauss_lines - 1 instead of strauss_lines.
|
||||||
|
---
|
||||||
|
src/strauss.c | 6 +++---
|
||||||
|
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/strauss.c b/src/strauss.c
|
||||||
|
index 98af183..b22ab6a 100644
|
||||||
|
--- a/src/strauss.c
|
||||||
|
+++ b/src/strauss.c
|
||||||
|
@@ -373,16 +373,16 @@ print_totd(void)
|
||||||
|
tip_left[MIN(i + 1, ARRAY_SIZE(tip_left) - 1)],
|
||||||
|
w, w, tips_tricks_tweaks[id][i] ?: "",
|
||||||
|
tip_right[MIN(i + 1, ARRAY_SIZE(tip_right) - 1)],
|
||||||
|
- strauss[MIN(3 + i, strauss_lines)]);
|
||||||
|
+ strauss[MIN(3 + i, strauss_lines - 1)]);
|
||||||
|
}
|
||||||
|
fprintf(stderr, "%s%s\n",
|
||||||
|
- tip_bottom, strauss[MIN(3 + i, strauss_lines)]);
|
||||||
|
+ tip_bottom, strauss[MIN(3 + i, strauss_lines - 1)]);
|
||||||
|
do {
|
||||||
|
fprintf(stderr, "%*s%*s%*s%s\n",
|
||||||
|
(int) strlen(tip_left[0]), "",
|
||||||
|
w, "",
|
||||||
|
(int) strlen(tip_right[0]), "",
|
||||||
|
- strauss[MIN(4 + i, strauss_lines)]);
|
||||||
|
+ strauss[MIN(4 + i, strauss_lines - 1)]);
|
||||||
|
} while ((show_tips == TIPS_FULL) && (4 + ++i < strauss_lines));
|
||||||
|
|
||||||
|
printed = true;
|
||||||
|
--
|
||||||
|
2.1.4
|
||||||
|
|
@ -0,0 +1,62 @@
|
|||||||
|
From 6d3e97e83a7d61cbb2f5109efb4b519383a55712 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
||||||
|
Date: Tue, 28 Jun 2022 16:55:49 +0200
|
||||||
|
Subject: [PATCH] util: add offs sanity check to print_clock_t
|
||||||
|
|
||||||
|
While it is not strictly needed right now, the code that uses
|
||||||
|
the calculated offs value lacks any checks for possible buf overruns,
|
||||||
|
which is not defensive enough, so let's add them. Reported by covscan:
|
||||||
|
|
||||||
|
Error: OVERRUN (CWE-119):
|
||||||
|
strace-5.18/src/util.c:248: assignment: Assigning:
|
||||||
|
"offs" = "ilog10(val / clk_tck)". The value of "offs" is now between
|
||||||
|
16 and 31 (inclusive).
|
||||||
|
strace-5.18/src/util.c:249: overrun-local: Overrunning array of 30 bytes
|
||||||
|
at byte offset 31 by dereferencing pointer "buf + offs". [Note: The source
|
||||||
|
code implementation of the function has been overridden by a builtin model.]
|
||||||
|
|
||||||
|
Error: OVERRUN (CWE-119):
|
||||||
|
strace-5.18/src/util.c:248: assignment: Assigning:
|
||||||
|
"offs" = "ilog10(val / clk_tck)". The value of "offs" is now between
|
||||||
|
16 and 31 (inclusive).
|
||||||
|
strace-5.18/src/util.c:253: overrun-buffer-arg: Overrunning array "buf"
|
||||||
|
of 30 bytes by passing it to a function which accesses it at byte offset
|
||||||
|
32 using argument "offs + 2UL" (which evaluates to 33). [Note: The source
|
||||||
|
code implementation of the function has been overridden by a builtin model.]
|
||||||
|
|
||||||
|
Error: OVERRUN (CWE-119):
|
||||||
|
strace-5.18/src/util.c:248: assignment: Assigning:
|
||||||
|
"offs" = "ilog10(val / clk_tck)". The value of "offs" is now between
|
||||||
|
16 and 31 (inclusive).
|
||||||
|
strace-5.18/src/util.c:254: overrun-local: Overrunning array "buf"
|
||||||
|
of 30 bytes at byte offset 32 using index "offs + 1UL" (which evaluates
|
||||||
|
to 32).
|
||||||
|
|
||||||
|
* src/util.c (print_clock_t): Add check that offs is small enough
|
||||||
|
for it and "offs + 2" not to overrun buf.
|
||||||
|
---
|
||||||
|
src/util.c | 8 ++++++++
|
||||||
|
1 file changed, 8 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/util.c b/src/util.c
|
||||||
|
index 5f87acb..93aa7b3 100644
|
||||||
|
--- a/src/util.c
|
||||||
|
+++ b/src/util.c
|
||||||
|
@@ -246,6 +246,14 @@ print_clock_t(uint64_t val)
|
||||||
|
*/
|
||||||
|
char buf[sizeof(uint64_t) * 3 + sizeof("0.0 s")];
|
||||||
|
size_t offs = ilog10(val / clk_tck);
|
||||||
|
+ /*
|
||||||
|
+ * This check is mostly to appease covscan, which thinks
|
||||||
|
+ * that offs can go as high as 31 (it cannot), but since
|
||||||
|
+ * there is no proper sanity checks against offs overrunning
|
||||||
|
+ * buf down the code, it may as well be here.
|
||||||
|
+ */
|
||||||
|
+ if (offs > (sizeof(buf) - sizeof("0.0 s")))
|
||||||
|
+ return;
|
||||||
|
int ret = snprintf(buf + offs, sizeof(buf) - offs, "%.*f s",
|
||||||
|
frac_width,
|
||||||
|
(double) (val % clk_tck) / clk_tck);
|
||||||
|
--
|
||||||
|
2.1.4
|
||||||
|
|
@ -0,0 +1,882 @@
|
|||||||
|
From 960e78f208b4f6d48962bbc9cad45588cc8c90ad Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Renaud=20M=C3=A9trich?= <rmetrich@redhat.com>
|
||||||
|
Date: Tue, 21 Jun 2022 08:43:00 +0200
|
||||||
|
Subject: [PATCH] secontext: print context of Unix socket's sun_path field
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
|
||||||
|
|
||||||
|
* src/sockaddr.c: Include "secontext.h".
|
||||||
|
(print_sockaddr_data_un): Print the SELinux context of sun_path field
|
||||||
|
using selinux_printfilecon.
|
||||||
|
* NEWS: Mention this change.
|
||||||
|
* tests/secontext.c (raw_secontext_full_fd, get_secontext_field_fd,
|
||||||
|
raw_secontext_short_fd, secontext_full_fd, secontext_short_fd): New
|
||||||
|
functions.
|
||||||
|
* tests/secontext.h (secontext_full_fd, secontext_short_fd,
|
||||||
|
get_secontext_field_fd): New prototypes.
|
||||||
|
(SECONTEXT_FD): New macro.
|
||||||
|
* tests/sockname.c: Include "secontext.h".
|
||||||
|
(test_sockname_syscall): Update expected output.
|
||||||
|
* tests/gen_tests.in (getsockname--secontext,
|
||||||
|
getsockname--secontext_full, getsockname--secontext_full_mismatch,
|
||||||
|
getsockname--secontext_mismatch): New tests.
|
||||||
|
|
||||||
|
Resolves: https://github.com/strace/strace/pull/214
|
||||||
|
---
|
||||||
|
NEWS | 1 +
|
||||||
|
src/sockaddr.c | 3 +++
|
||||||
|
tests/gen_tests.in | 4 ++++
|
||||||
|
tests/secontext.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
|
||||||
|
tests/secontext.h | 12 ++++++++++++
|
||||||
|
tests/sockname.c | 54 +++++++++++++++++++++++++++++++++++-------------------
|
||||||
|
6 files changed, 104 insertions(+), 19 deletions(-)
|
||||||
|
|
||||||
|
Index: strace-5.18/NEWS
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/NEWS 2022-07-12 18:20:18.495470531 +0200
|
||||||
|
+++ strace-5.18/NEWS 2022-07-12 18:20:44.531163262 +0200
|
||||||
|
@@ -5,6 +5,7 @@
|
||||||
|
* Added an interface of raising des Strausses awareness.
|
||||||
|
* Added --tips option to print strace tips, tricks, and tweaks
|
||||||
|
at the end of the tracing session.
|
||||||
|
+ * Implemented printing of Unix socket sun_path field's SELinux context.
|
||||||
|
* Enhanced decoding of bpf and io_uring_register syscalls.
|
||||||
|
* Implemented decoding of COUNTER_*, RTC_PARAM_GET, and RTC_PARAM_SET ioctl
|
||||||
|
commands.
|
||||||
|
Index: strace-5.18/src/sockaddr.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/src/sockaddr.c 2022-07-12 18:17:36.745379483 +0200
|
||||||
|
+++ strace-5.18/src/sockaddr.c 2022-07-12 18:20:18.495470531 +0200
|
||||||
|
@@ -63,6 +63,8 @@
|
||||||
|
#include "xlat/mctp_addrs.h"
|
||||||
|
#include "xlat/mctp_nets.h"
|
||||||
|
|
||||||
|
+#include "secontext.h"
|
||||||
|
+
|
||||||
|
#define SIZEOF_SA_FAMILY sizeof_field(struct sockaddr, sa_family)
|
||||||
|
|
||||||
|
struct sockaddr_rxrpc {
|
||||||
|
@@ -115,6 +117,7 @@
|
||||||
|
if (sa_un->sun_path[0]) {
|
||||||
|
print_quoted_string(sa_un->sun_path, path_len + 1,
|
||||||
|
QUOTE_0_TERMINATED);
|
||||||
|
+ selinux_printfilecon(tcp, sa_un->sun_path);
|
||||||
|
} else {
|
||||||
|
tprints("@");
|
||||||
|
print_quoted_string(sa_un->sun_path + 1, path_len - 1, 0);
|
||||||
|
Index: strace-5.18/tests/gen_tests.in
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests/gen_tests.in 2022-07-12 18:17:36.746379471 +0200
|
||||||
|
+++ strace-5.18/tests/gen_tests.in 2022-07-12 18:20:18.496470519 +0200
|
||||||
|
@@ -225,6 +225,10 @@
|
||||||
|
getsid -a10
|
||||||
|
getsid--pidns-translation test_pidns -e trace=getsid -a10
|
||||||
|
getsockname -a27
|
||||||
|
+getsockname--secontext -a27 --secontext -e trace=getsockname
|
||||||
|
+getsockname--secontext_full -a27 --secontext=full -e trace=getsockname
|
||||||
|
+getsockname--secontext_full_mismatch -a27 --secontext=full,mismatch -e trace=getsockname
|
||||||
|
+getsockname--secontext_mismatch -a27 --secontext=mismatch -e trace=getsockname
|
||||||
|
gettid -a9
|
||||||
|
getuid-creds +getuid.test
|
||||||
|
getuid32 +getuid.test
|
||||||
|
Index: strace-5.18/tests/secontext.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests/secontext.c 2022-07-12 18:17:36.747379459 +0200
|
||||||
|
+++ strace-5.18/tests/secontext.c 2022-07-12 18:20:18.496470519 +0200
|
||||||
|
@@ -141,6 +141,21 @@
|
||||||
|
return full_secontext;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static char *
|
||||||
|
+raw_secontext_full_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ int saved_errno = errno;
|
||||||
|
+ char *full_secontext = NULL;
|
||||||
|
+ char *secontext;
|
||||||
|
+
|
||||||
|
+ if (fgetfilecon(fd, &secontext) >= 0) {
|
||||||
|
+ full_secontext = strip_trailing_newlines(xstrdup(secontext));
|
||||||
|
+ freecon(secontext);
|
||||||
|
+ }
|
||||||
|
+ errno = saved_errno;
|
||||||
|
+ return full_secontext;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
char *
|
||||||
|
get_secontext_field_file(const char *file, enum secontext_field field)
|
||||||
|
{
|
||||||
|
@@ -151,6 +166,16 @@
|
||||||
|
return type;
|
||||||
|
}
|
||||||
|
|
||||||
|
+char *
|
||||||
|
+get_secontext_field_fd(int fd, enum secontext_field field)
|
||||||
|
+{
|
||||||
|
+ char *ctx = raw_secontext_full_fd(fd);
|
||||||
|
+ char *type = get_secontext_field(ctx, field);
|
||||||
|
+ free(ctx);
|
||||||
|
+
|
||||||
|
+ return type;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static char *
|
||||||
|
raw_secontext_short_file(const char *filename)
|
||||||
|
{
|
||||||
|
@@ -158,6 +183,12 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
static char *
|
||||||
|
+raw_secontext_short_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ return get_secontext_field_fd(fd, SECONTEXT_TYPE);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static char *
|
||||||
|
raw_secontext_full_pid(pid_t pid)
|
||||||
|
{
|
||||||
|
int saved_errno = errno;
|
||||||
|
@@ -205,6 +236,15 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
char *
|
||||||
|
+secontext_full_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ int saved_errno = errno;
|
||||||
|
+ char *context = raw_secontext_full_fd(fd);
|
||||||
|
+ errno = saved_errno;
|
||||||
|
+ return FORMAT_SPACE_BEFORE(context);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+char *
|
||||||
|
secontext_full_pid(pid_t pid)
|
||||||
|
{
|
||||||
|
return FORMAT_SPACE_AFTER(raw_secontext_full_pid(pid));
|
||||||
|
@@ -228,6 +268,15 @@
|
||||||
|
errno = saved_errno;
|
||||||
|
return FORMAT_SPACE_BEFORE(context);
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+char *
|
||||||
|
+secontext_short_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ int saved_errno = errno;
|
||||||
|
+ char *context = raw_secontext_short_fd(fd);
|
||||||
|
+ errno = saved_errno;
|
||||||
|
+ return FORMAT_SPACE_BEFORE(context);
|
||||||
|
+}
|
||||||
|
|
||||||
|
char *
|
||||||
|
secontext_short_pid(pid_t pid)
|
||||||
|
Index: strace-5.18/tests/secontext.h
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests/secontext.h 2022-07-12 18:17:36.747379459 +0200
|
||||||
|
+++ strace-5.18/tests/secontext.h 2022-07-12 18:20:18.496470519 +0200
|
||||||
|
@@ -9,9 +9,11 @@
|
||||||
|
#include "xmalloc.h"
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
|
+char *secontext_full_fd(int) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_full_file(const char *, bool) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_full_pid(pid_t) ATTRIBUTE_MALLOC;
|
||||||
|
|
||||||
|
+char *secontext_short_fd(int) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_short_file(const char *, bool) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_short_pid(pid_t) ATTRIBUTE_MALLOC;
|
||||||
|
|
||||||
|
@@ -30,6 +32,7 @@
|
||||||
|
*/
|
||||||
|
char *get_secontext_field(const char *full_context, enum secontext_field field);
|
||||||
|
|
||||||
|
+char *get_secontext_field_fd(int fd, enum secontext_field field);
|
||||||
|
char *get_secontext_field_file(const char *file, enum secontext_field field);
|
||||||
|
|
||||||
|
void reset_secontext_file(const char *file);
|
||||||
|
@@ -44,6 +47,7 @@
|
||||||
|
# else
|
||||||
|
# define SECONTEXT_FILE(filename) secontext_full_file(filename, false)
|
||||||
|
# endif
|
||||||
|
+# define SECONTEXT_FD(fd) secontext_full_fd(fd)
|
||||||
|
# define SECONTEXT_PID(pid) secontext_full_pid(pid)
|
||||||
|
|
||||||
|
# else
|
||||||
|
@@ -53,6 +57,7 @@
|
||||||
|
# else
|
||||||
|
# define SECONTEXT_FILE(filename) secontext_short_file(filename, false)
|
||||||
|
# endif
|
||||||
|
+# define SECONTEXT_FD(fd) secontext_short_fd(fd)
|
||||||
|
# define SECONTEXT_PID(pid) secontext_short_pid(pid)
|
||||||
|
|
||||||
|
# endif
|
||||||
|
@@ -65,6 +70,12 @@
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
static inline char *
|
||||||
|
+get_secontext_field_fd(int fd, enum secontext_field field)
|
||||||
|
+{
|
||||||
|
+ return NULL;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static inline char *
|
||||||
|
get_secontext_field_file(const char *file, enum secontext_field field)
|
||||||
|
{
|
||||||
|
return NULL;
|
||||||
|
@@ -81,6 +92,7 @@
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
+# define SECONTEXT_FD(fd) xstrdup("")
|
||||||
|
# define SECONTEXT_FILE(filename) xstrdup("")
|
||||||
|
# define SECONTEXT_PID(pid) xstrdup("")
|
||||||
|
|
||||||
|
Index: strace-5.18/tests/sockname.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests/sockname.c 2022-07-12 18:17:36.748379448 +0200
|
||||||
|
+++ strace-5.18/tests/sockname.c 2022-07-12 18:20:18.496470519 +0200
|
||||||
|
@@ -18,6 +18,8 @@
|
||||||
|
#include <sys/socket.h>
|
||||||
|
#include <sys/un.h>
|
||||||
|
|
||||||
|
+#include "secontext.h"
|
||||||
|
+
|
||||||
|
#ifndef TEST_SYSCALL_NAME
|
||||||
|
# error TEST_SYSCALL_NAME must be defined
|
||||||
|
#endif
|
||||||
|
@@ -59,14 +61,19 @@
|
||||||
|
*plen = sizeof(struct sockaddr_un);
|
||||||
|
struct sockaddr_un *addr = tail_alloc(*plen);
|
||||||
|
|
||||||
|
+ char *my_secontext = SECONTEXT_PID_MY();
|
||||||
|
+ char *fd_secontext = SECONTEXT_FD(fd);
|
||||||
|
+
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
int rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, (void *) addr,
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
|
||||||
|
", [%d => %d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
+ addr->sun_path, SECONTEXT_FILE(addr->sun_path),
|
||||||
|
(int) sizeof(struct sockaddr_un), (int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
memset(addr, 0, sizeof(*addr));
|
||||||
|
@@ -75,28 +82,34 @@
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
|
||||||
|
", [%d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
+ addr->sun_path, SECONTEXT_FILE(addr->sun_path),
|
||||||
|
(int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr, 0 SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, %p, NULL%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr, SUFFIX_STR,
|
||||||
|
- sprintrc(rc));
|
||||||
|
+ printf("%s%s(%d%s%s, %p, NULL%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR,
|
||||||
|
+ addr, SUFFIX_STR, sprintrc(rc));
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, 0, 0 SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, NULL, NULL%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
|
||||||
|
+ printf("%s%s(%d%s%s, NULL, NULL%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext,
|
||||||
|
+ rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
|
||||||
|
SUFFIX_STR, sprintrc(rc));
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
|
||||||
|
plen + 1 SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, %p, %p%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
|
||||||
|
+ printf("%s%s(%d%s%s, %p, %p%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
|
||||||
|
plen + 1, SUFFIX_STR, sprintrc(rc));
|
||||||
|
|
||||||
|
const size_t offsetof_sun_path = offsetof(struct sockaddr_un, sun_path);
|
||||||
|
@@ -108,8 +121,9 @@
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR,
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
(int) offsetof_sun_path, (int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
++addr;
|
||||||
|
@@ -121,17 +135,19 @@
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"}"
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"%s}"
|
||||||
|
", [%d => %d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR,
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
(int) (sizeof(struct sockaddr) - offsetof_sun_path),
|
||||||
|
- addr->sun_path, (int) sizeof(struct sockaddr),
|
||||||
|
- (int) *plen, SUFFIX_STR, rc);
|
||||||
|
+ addr->sun_path, SECONTEXT_FILE(addr->sun_path),
|
||||||
|
+ (int) sizeof(struct sockaddr), (int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, %p, [%d]%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
|
||||||
|
+ printf("%s%s(%d%s%s, %p, [%d]%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
|
||||||
|
*plen, SUFFIX_STR, sprintrc(rc));
|
||||||
|
}
|
||||||
|
Index: strace-5.18/tests-m32/secontext.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests-m32/secontext.c 2022-07-12 18:17:36.747379459 +0200
|
||||||
|
+++ strace-5.18/tests-m32/secontext.c 2022-07-12 18:20:18.496470519 +0200
|
||||||
|
@@ -141,6 +141,21 @@
|
||||||
|
return full_secontext;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static char *
|
||||||
|
+raw_secontext_full_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ int saved_errno = errno;
|
||||||
|
+ char *full_secontext = NULL;
|
||||||
|
+ char *secontext;
|
||||||
|
+
|
||||||
|
+ if (fgetfilecon(fd, &secontext) >= 0) {
|
||||||
|
+ full_secontext = strip_trailing_newlines(xstrdup(secontext));
|
||||||
|
+ freecon(secontext);
|
||||||
|
+ }
|
||||||
|
+ errno = saved_errno;
|
||||||
|
+ return full_secontext;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
char *
|
||||||
|
get_secontext_field_file(const char *file, enum secontext_field field)
|
||||||
|
{
|
||||||
|
@@ -151,6 +166,16 @@
|
||||||
|
return type;
|
||||||
|
}
|
||||||
|
|
||||||
|
+char *
|
||||||
|
+get_secontext_field_fd(int fd, enum secontext_field field)
|
||||||
|
+{
|
||||||
|
+ char *ctx = raw_secontext_full_fd(fd);
|
||||||
|
+ char *type = get_secontext_field(ctx, field);
|
||||||
|
+ free(ctx);
|
||||||
|
+
|
||||||
|
+ return type;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static char *
|
||||||
|
raw_secontext_short_file(const char *filename)
|
||||||
|
{
|
||||||
|
@@ -158,6 +183,12 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
static char *
|
||||||
|
+raw_secontext_short_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ return get_secontext_field_fd(fd, SECONTEXT_TYPE);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static char *
|
||||||
|
raw_secontext_full_pid(pid_t pid)
|
||||||
|
{
|
||||||
|
int saved_errno = errno;
|
||||||
|
@@ -205,6 +236,15 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
char *
|
||||||
|
+secontext_full_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ int saved_errno = errno;
|
||||||
|
+ char *context = raw_secontext_full_fd(fd);
|
||||||
|
+ errno = saved_errno;
|
||||||
|
+ return FORMAT_SPACE_BEFORE(context);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+char *
|
||||||
|
secontext_full_pid(pid_t pid)
|
||||||
|
{
|
||||||
|
return FORMAT_SPACE_AFTER(raw_secontext_full_pid(pid));
|
||||||
|
@@ -228,6 +268,15 @@
|
||||||
|
errno = saved_errno;
|
||||||
|
return FORMAT_SPACE_BEFORE(context);
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+char *
|
||||||
|
+secontext_short_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ int saved_errno = errno;
|
||||||
|
+ char *context = raw_secontext_short_fd(fd);
|
||||||
|
+ errno = saved_errno;
|
||||||
|
+ return FORMAT_SPACE_BEFORE(context);
|
||||||
|
+}
|
||||||
|
|
||||||
|
char *
|
||||||
|
secontext_short_pid(pid_t pid)
|
||||||
|
Index: strace-5.18/tests-m32/secontext.h
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests-m32/secontext.h 2022-07-12 18:17:36.747379459 +0200
|
||||||
|
+++ strace-5.18/tests-m32/secontext.h 2022-07-12 18:20:18.496470519 +0200
|
||||||
|
@@ -9,9 +9,11 @@
|
||||||
|
#include "xmalloc.h"
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
|
+char *secontext_full_fd(int) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_full_file(const char *, bool) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_full_pid(pid_t) ATTRIBUTE_MALLOC;
|
||||||
|
|
||||||
|
+char *secontext_short_fd(int) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_short_file(const char *, bool) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_short_pid(pid_t) ATTRIBUTE_MALLOC;
|
||||||
|
|
||||||
|
@@ -30,6 +32,7 @@
|
||||||
|
*/
|
||||||
|
char *get_secontext_field(const char *full_context, enum secontext_field field);
|
||||||
|
|
||||||
|
+char *get_secontext_field_fd(int fd, enum secontext_field field);
|
||||||
|
char *get_secontext_field_file(const char *file, enum secontext_field field);
|
||||||
|
|
||||||
|
void reset_secontext_file(const char *file);
|
||||||
|
@@ -44,6 +47,7 @@
|
||||||
|
# else
|
||||||
|
# define SECONTEXT_FILE(filename) secontext_full_file(filename, false)
|
||||||
|
# endif
|
||||||
|
+# define SECONTEXT_FD(fd) secontext_full_fd(fd)
|
||||||
|
# define SECONTEXT_PID(pid) secontext_full_pid(pid)
|
||||||
|
|
||||||
|
# else
|
||||||
|
@@ -53,6 +57,7 @@
|
||||||
|
# else
|
||||||
|
# define SECONTEXT_FILE(filename) secontext_short_file(filename, false)
|
||||||
|
# endif
|
||||||
|
+# define SECONTEXT_FD(fd) secontext_short_fd(fd)
|
||||||
|
# define SECONTEXT_PID(pid) secontext_short_pid(pid)
|
||||||
|
|
||||||
|
# endif
|
||||||
|
@@ -65,6 +70,12 @@
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
static inline char *
|
||||||
|
+get_secontext_field_fd(int fd, enum secontext_field field)
|
||||||
|
+{
|
||||||
|
+ return NULL;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static inline char *
|
||||||
|
get_secontext_field_file(const char *file, enum secontext_field field)
|
||||||
|
{
|
||||||
|
return NULL;
|
||||||
|
@@ -81,6 +92,7 @@
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
+# define SECONTEXT_FD(fd) xstrdup("")
|
||||||
|
# define SECONTEXT_FILE(filename) xstrdup("")
|
||||||
|
# define SECONTEXT_PID(pid) xstrdup("")
|
||||||
|
|
||||||
|
Index: strace-5.18/tests-m32/sockname.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests-m32/sockname.c 2022-07-12 18:17:36.748379448 +0200
|
||||||
|
+++ strace-5.18/tests-m32/sockname.c 2022-07-12 18:20:18.496470519 +0200
|
||||||
|
@@ -18,6 +18,8 @@
|
||||||
|
#include <sys/socket.h>
|
||||||
|
#include <sys/un.h>
|
||||||
|
|
||||||
|
+#include "secontext.h"
|
||||||
|
+
|
||||||
|
#ifndef TEST_SYSCALL_NAME
|
||||||
|
# error TEST_SYSCALL_NAME must be defined
|
||||||
|
#endif
|
||||||
|
@@ -59,14 +61,19 @@
|
||||||
|
*plen = sizeof(struct sockaddr_un);
|
||||||
|
struct sockaddr_un *addr = tail_alloc(*plen);
|
||||||
|
|
||||||
|
+ char *my_secontext = SECONTEXT_PID_MY();
|
||||||
|
+ char *fd_secontext = SECONTEXT_FD(fd);
|
||||||
|
+
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
int rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, (void *) addr,
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
|
||||||
|
", [%d => %d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
+ addr->sun_path, SECONTEXT_FILE(addr->sun_path),
|
||||||
|
(int) sizeof(struct sockaddr_un), (int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
memset(addr, 0, sizeof(*addr));
|
||||||
|
@@ -75,28 +82,34 @@
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
|
||||||
|
", [%d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
+ addr->sun_path, SECONTEXT_FILE(addr->sun_path),
|
||||||
|
(int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr, 0 SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, %p, NULL%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr, SUFFIX_STR,
|
||||||
|
- sprintrc(rc));
|
||||||
|
+ printf("%s%s(%d%s%s, %p, NULL%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR,
|
||||||
|
+ addr, SUFFIX_STR, sprintrc(rc));
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, 0, 0 SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, NULL, NULL%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
|
||||||
|
+ printf("%s%s(%d%s%s, NULL, NULL%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext,
|
||||||
|
+ rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
|
||||||
|
SUFFIX_STR, sprintrc(rc));
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
|
||||||
|
plen + 1 SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, %p, %p%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
|
||||||
|
+ printf("%s%s(%d%s%s, %p, %p%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
|
||||||
|
plen + 1, SUFFIX_STR, sprintrc(rc));
|
||||||
|
|
||||||
|
const size_t offsetof_sun_path = offsetof(struct sockaddr_un, sun_path);
|
||||||
|
@@ -108,8 +121,9 @@
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR,
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
(int) offsetof_sun_path, (int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
++addr;
|
||||||
|
@@ -121,17 +135,19 @@
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"}"
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"%s}"
|
||||||
|
", [%d => %d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR,
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
(int) (sizeof(struct sockaddr) - offsetof_sun_path),
|
||||||
|
- addr->sun_path, (int) sizeof(struct sockaddr),
|
||||||
|
- (int) *plen, SUFFIX_STR, rc);
|
||||||
|
+ addr->sun_path, SECONTEXT_FILE(addr->sun_path),
|
||||||
|
+ (int) sizeof(struct sockaddr), (int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, %p, [%d]%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
|
||||||
|
+ printf("%s%s(%d%s%s, %p, [%d]%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
|
||||||
|
*plen, SUFFIX_STR, sprintrc(rc));
|
||||||
|
}
|
||||||
|
Index: strace-5.18/tests-mx32/secontext.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests-mx32/secontext.c 2022-07-12 18:17:36.747379459 +0200
|
||||||
|
+++ strace-5.18/tests-mx32/secontext.c 2022-07-12 18:20:18.496470519 +0200
|
||||||
|
@@ -141,6 +141,21 @@
|
||||||
|
return full_secontext;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static char *
|
||||||
|
+raw_secontext_full_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ int saved_errno = errno;
|
||||||
|
+ char *full_secontext = NULL;
|
||||||
|
+ char *secontext;
|
||||||
|
+
|
||||||
|
+ if (fgetfilecon(fd, &secontext) >= 0) {
|
||||||
|
+ full_secontext = strip_trailing_newlines(xstrdup(secontext));
|
||||||
|
+ freecon(secontext);
|
||||||
|
+ }
|
||||||
|
+ errno = saved_errno;
|
||||||
|
+ return full_secontext;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
char *
|
||||||
|
get_secontext_field_file(const char *file, enum secontext_field field)
|
||||||
|
{
|
||||||
|
@@ -151,6 +166,16 @@
|
||||||
|
return type;
|
||||||
|
}
|
||||||
|
|
||||||
|
+char *
|
||||||
|
+get_secontext_field_fd(int fd, enum secontext_field field)
|
||||||
|
+{
|
||||||
|
+ char *ctx = raw_secontext_full_fd(fd);
|
||||||
|
+ char *type = get_secontext_field(ctx, field);
|
||||||
|
+ free(ctx);
|
||||||
|
+
|
||||||
|
+ return type;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static char *
|
||||||
|
raw_secontext_short_file(const char *filename)
|
||||||
|
{
|
||||||
|
@@ -158,6 +183,12 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
static char *
|
||||||
|
+raw_secontext_short_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ return get_secontext_field_fd(fd, SECONTEXT_TYPE);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static char *
|
||||||
|
raw_secontext_full_pid(pid_t pid)
|
||||||
|
{
|
||||||
|
int saved_errno = errno;
|
||||||
|
@@ -205,6 +236,15 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
char *
|
||||||
|
+secontext_full_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ int saved_errno = errno;
|
||||||
|
+ char *context = raw_secontext_full_fd(fd);
|
||||||
|
+ errno = saved_errno;
|
||||||
|
+ return FORMAT_SPACE_BEFORE(context);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+char *
|
||||||
|
secontext_full_pid(pid_t pid)
|
||||||
|
{
|
||||||
|
return FORMAT_SPACE_AFTER(raw_secontext_full_pid(pid));
|
||||||
|
@@ -228,6 +268,15 @@
|
||||||
|
errno = saved_errno;
|
||||||
|
return FORMAT_SPACE_BEFORE(context);
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+char *
|
||||||
|
+secontext_short_fd(int fd)
|
||||||
|
+{
|
||||||
|
+ int saved_errno = errno;
|
||||||
|
+ char *context = raw_secontext_short_fd(fd);
|
||||||
|
+ errno = saved_errno;
|
||||||
|
+ return FORMAT_SPACE_BEFORE(context);
|
||||||
|
+}
|
||||||
|
|
||||||
|
char *
|
||||||
|
secontext_short_pid(pid_t pid)
|
||||||
|
Index: strace-5.18/tests-mx32/secontext.h
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests-mx32/secontext.h 2022-07-12 18:17:36.747379459 +0200
|
||||||
|
+++ strace-5.18/tests-mx32/secontext.h 2022-07-12 18:20:18.496470519 +0200
|
||||||
|
@@ -9,9 +9,11 @@
|
||||||
|
#include "xmalloc.h"
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
|
+char *secontext_full_fd(int) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_full_file(const char *, bool) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_full_pid(pid_t) ATTRIBUTE_MALLOC;
|
||||||
|
|
||||||
|
+char *secontext_short_fd(int) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_short_file(const char *, bool) ATTRIBUTE_MALLOC;
|
||||||
|
char *secontext_short_pid(pid_t) ATTRIBUTE_MALLOC;
|
||||||
|
|
||||||
|
@@ -30,6 +32,7 @@
|
||||||
|
*/
|
||||||
|
char *get_secontext_field(const char *full_context, enum secontext_field field);
|
||||||
|
|
||||||
|
+char *get_secontext_field_fd(int fd, enum secontext_field field);
|
||||||
|
char *get_secontext_field_file(const char *file, enum secontext_field field);
|
||||||
|
|
||||||
|
void reset_secontext_file(const char *file);
|
||||||
|
@@ -44,6 +47,7 @@
|
||||||
|
# else
|
||||||
|
# define SECONTEXT_FILE(filename) secontext_full_file(filename, false)
|
||||||
|
# endif
|
||||||
|
+# define SECONTEXT_FD(fd) secontext_full_fd(fd)
|
||||||
|
# define SECONTEXT_PID(pid) secontext_full_pid(pid)
|
||||||
|
|
||||||
|
# else
|
||||||
|
@@ -53,6 +57,7 @@
|
||||||
|
# else
|
||||||
|
# define SECONTEXT_FILE(filename) secontext_short_file(filename, false)
|
||||||
|
# endif
|
||||||
|
+# define SECONTEXT_FD(fd) secontext_short_fd(fd)
|
||||||
|
# define SECONTEXT_PID(pid) secontext_short_pid(pid)
|
||||||
|
|
||||||
|
# endif
|
||||||
|
@@ -65,6 +70,12 @@
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
static inline char *
|
||||||
|
+get_secontext_field_fd(int fd, enum secontext_field field)
|
||||||
|
+{
|
||||||
|
+ return NULL;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static inline char *
|
||||||
|
get_secontext_field_file(const char *file, enum secontext_field field)
|
||||||
|
{
|
||||||
|
return NULL;
|
||||||
|
@@ -81,6 +92,7 @@
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
+# define SECONTEXT_FD(fd) xstrdup("")
|
||||||
|
# define SECONTEXT_FILE(filename) xstrdup("")
|
||||||
|
# define SECONTEXT_PID(pid) xstrdup("")
|
||||||
|
|
||||||
|
Index: strace-5.18/tests-mx32/sockname.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests-mx32/sockname.c 2022-07-12 18:17:36.748379448 +0200
|
||||||
|
+++ strace-5.18/tests-mx32/sockname.c 2022-07-12 18:20:18.496470519 +0200
|
||||||
|
@@ -18,6 +18,8 @@
|
||||||
|
#include <sys/socket.h>
|
||||||
|
#include <sys/un.h>
|
||||||
|
|
||||||
|
+#include "secontext.h"
|
||||||
|
+
|
||||||
|
#ifndef TEST_SYSCALL_NAME
|
||||||
|
# error TEST_SYSCALL_NAME must be defined
|
||||||
|
#endif
|
||||||
|
@@ -59,14 +61,19 @@
|
||||||
|
*plen = sizeof(struct sockaddr_un);
|
||||||
|
struct sockaddr_un *addr = tail_alloc(*plen);
|
||||||
|
|
||||||
|
+ char *my_secontext = SECONTEXT_PID_MY();
|
||||||
|
+ char *fd_secontext = SECONTEXT_FD(fd);
|
||||||
|
+
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
int rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, (void *) addr,
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
|
||||||
|
", [%d => %d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
+ addr->sun_path, SECONTEXT_FILE(addr->sun_path),
|
||||||
|
(int) sizeof(struct sockaddr_un), (int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
memset(addr, 0, sizeof(*addr));
|
||||||
|
@@ -75,28 +82,34 @@
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
|
||||||
|
", [%d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
+ addr->sun_path, SECONTEXT_FILE(addr->sun_path),
|
||||||
|
(int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr, 0 SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, %p, NULL%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr, SUFFIX_STR,
|
||||||
|
- sprintrc(rc));
|
||||||
|
+ printf("%s%s(%d%s%s, %p, NULL%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR,
|
||||||
|
+ addr, SUFFIX_STR, sprintrc(rc));
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, 0, 0 SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, NULL, NULL%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
|
||||||
|
+ printf("%s%s(%d%s%s, NULL, NULL%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext,
|
||||||
|
+ rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
|
||||||
|
SUFFIX_STR, sprintrc(rc));
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
|
||||||
|
plen + 1 SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, %p, %p%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
|
||||||
|
+ printf("%s%s(%d%s%s, %p, %p%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
|
||||||
|
plen + 1, SUFFIX_STR, sprintrc(rc));
|
||||||
|
|
||||||
|
const size_t offsetof_sun_path = offsetof(struct sockaddr_un, sun_path);
|
||||||
|
@@ -108,8 +121,9 @@
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR,
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
(int) offsetof_sun_path, (int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
++addr;
|
||||||
|
@@ -121,17 +135,19 @@
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
if (rc < 0)
|
||||||
|
perror_msg_and_skip(TEST_SYSCALL_STR);
|
||||||
|
- printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"}"
|
||||||
|
+ printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"%s}"
|
||||||
|
", [%d => %d]%s) = %d\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_S_STR,
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
|
||||||
|
(int) (sizeof(struct sockaddr) - offsetof_sun_path),
|
||||||
|
- addr->sun_path, (int) sizeof(struct sockaddr),
|
||||||
|
- (int) *plen, SUFFIX_STR, rc);
|
||||||
|
+ addr->sun_path, SECONTEXT_FILE(addr->sun_path),
|
||||||
|
+ (int) sizeof(struct sockaddr), (int) *plen, SUFFIX_STR, rc);
|
||||||
|
|
||||||
|
PREPARE_TEST_SYSCALL_INVOCATION;
|
||||||
|
rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
|
||||||
|
plen SUFFIX_ARGS);
|
||||||
|
- printf("%s(%d%s, %p, [%d]%s) = %s\n",
|
||||||
|
- TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
|
||||||
|
+ printf("%s%s(%d%s%s, %p, [%d]%s) = %s\n",
|
||||||
|
+ my_secontext,
|
||||||
|
+ TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
|
||||||
|
*plen, SUFFIX_STR, sprintrc(rc));
|
||||||
|
}
|
@ -0,0 +1,374 @@
|
|||||||
|
From 676979fa9cc7920e5e4d547814f9c0edb597fa0d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
||||||
|
Date: Thu, 30 Jun 2022 16:01:05 +0200
|
||||||
|
Subject: [PATCH] pathtrace, util: do not print " (deleted)" as part of the
|
||||||
|
path
|
||||||
|
|
||||||
|
In order to allow to discern the unlinked paths from the paths that
|
||||||
|
do indeed end with " (deleted)".
|
||||||
|
|
||||||
|
* src/defs.h (getfdpath_pid): Add deleted parameter.
|
||||||
|
(getfdpath): Pass NULL as deleted parameter to getfdpath_pid.
|
||||||
|
* src/largefile_wrappers.h (lstat_file): New macro.
|
||||||
|
* src/pathtrace.c: Include <sys/stat.h>, <sys/types.h>, <unistd.h>,
|
||||||
|
and "largefile_wrappers.h".
|
||||||
|
(getfdpath_pid): Add deleted parameter, check if path ends with
|
||||||
|
" (deleted)", and if it is, try to figure out if it is a part
|
||||||
|
of the path by comparing device/inode numbers of the file procfs
|
||||||
|
link resolves into and the file pointed by the path read; strip
|
||||||
|
" (deleted)"; set deleted (if it is non-NULL) to true if the fd
|
||||||
|
is turned out to be deleted and to false otherwise.
|
||||||
|
* src/util.c (print_quoted_string_in_angle_brackets): Add deleted
|
||||||
|
parameter, print "(deleted)" after the closing angle bracket if it is
|
||||||
|
non-NULL.
|
||||||
|
(printfd_pid): Add deleted local variable, pass it to getfdpath_pid
|
||||||
|
and print_quoted_string_in_angle_brackets calls.
|
||||||
|
* tests/fchmod.c: Add checks for a file with " (deleted)" in the path,
|
||||||
|
update expected output.
|
||||||
|
* NEWS: Mention the change.
|
||||||
|
---
|
||||||
|
NEWS | 5 +++++
|
||||||
|
src/defs.h | 5 +++--
|
||||||
|
src/largefile_wrappers.h | 2 ++
|
||||||
|
src/pathtrace.c | 48 +++++++++++++++++++++++++++++++++++++++++++++---
|
||||||
|
src/util.c | 10 +++++++---
|
||||||
|
tests/fchmod.c | 47 +++++++++++++++++++++++++++++++++++++++++++----
|
||||||
|
6 files changed, 105 insertions(+), 12 deletions(-)
|
||||||
|
|
||||||
|
Index: strace-5.18/NEWS
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/NEWS 2022-07-13 12:52:48.219784860 +0200
|
||||||
|
+++ strace-5.18/NEWS 2022-07-13 12:52:48.451782122 +0200
|
||||||
|
@@ -1,6 +1,11 @@
|
||||||
|
Noteworthy changes in release 5.18 (2022-06-18)
|
||||||
|
===============================================
|
||||||
|
|
||||||
|
+* Changes in behaviour
|
||||||
|
+ * The "(deleted)" marker for unlinked paths of file descriptors is now printed
|
||||||
|
+ outside angle brackets; the matching of unlinked paths of file descriptors
|
||||||
|
+ no longer includes the " (deleted)" part into consideration.
|
||||||
|
+
|
||||||
|
* Improvements
|
||||||
|
* Added an interface of raising des Strausses awareness.
|
||||||
|
* Added --tips option to print strace tips, tricks, and tweaks
|
||||||
|
Index: strace-5.18/src/defs.h
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/src/defs.h 2022-07-13 12:52:29.405006910 +0200
|
||||||
|
+++ strace-5.18/src/defs.h 2022-07-13 12:52:54.532710356 +0200
|
||||||
|
@@ -785,12 +785,13 @@
|
||||||
|
return pathtrace_match_set(tcp, &global_path_set);
|
||||||
|
}
|
||||||
|
|
||||||
|
-extern int getfdpath_pid(pid_t pid, int fd, char *buf, unsigned bufsize);
|
||||||
|
+extern int getfdpath_pid(pid_t pid, int fd, char *buf, unsigned bufsize,
|
||||||
|
+ bool *deleted);
|
||||||
|
|
||||||
|
static inline int
|
||||||
|
getfdpath(struct tcb *tcp, int fd, char *buf, unsigned bufsize)
|
||||||
|
{
|
||||||
|
- return getfdpath_pid(tcp->pid, fd, buf, bufsize);
|
||||||
|
+ return getfdpath_pid(tcp->pid, fd, buf, bufsize, NULL);
|
||||||
|
}
|
||||||
|
|
||||||
|
extern unsigned long getfdinode(struct tcb *, int);
|
||||||
|
Index: strace-5.18/src/largefile_wrappers.h
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/src/largefile_wrappers.h 2022-07-13 12:52:29.405006910 +0200
|
||||||
|
+++ strace-5.18/src/largefile_wrappers.h 2022-07-13 12:52:48.451782122 +0200
|
||||||
|
@@ -31,6 +31,7 @@
|
||||||
|
# endif
|
||||||
|
# define fstat_fd fstat64
|
||||||
|
# define strace_stat_t struct stat64
|
||||||
|
+# define lstat_file lstat64
|
||||||
|
# define stat_file stat64
|
||||||
|
# define struct_dirent struct dirent64
|
||||||
|
# define read_dir readdir64
|
||||||
|
@@ -42,6 +43,7 @@
|
||||||
|
# define fcntl_fd fcntl
|
||||||
|
# define fstat_fd fstat
|
||||||
|
# define strace_stat_t struct stat
|
||||||
|
+# define lstat_file lstat
|
||||||
|
# define stat_file stat
|
||||||
|
# define struct_dirent struct dirent
|
||||||
|
# define read_dir readdir
|
||||||
|
Index: strace-5.18/src/pathtrace.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/src/pathtrace.c 2022-07-13 12:52:29.405006910 +0200
|
||||||
|
+++ strace-5.18/src/pathtrace.c 2022-07-13 12:52:54.532710356 +0200
|
||||||
|
@@ -10,7 +10,11 @@
|
||||||
|
#include "defs.h"
|
||||||
|
#include <limits.h>
|
||||||
|
#include <poll.h>
|
||||||
|
+#include <sys/stat.h>
|
||||||
|
+#include <sys/types.h>
|
||||||
|
+#include <unistd.h>
|
||||||
|
|
||||||
|
+#include "largefile_wrappers.h"
|
||||||
|
#include "number_set.h"
|
||||||
|
#include "sen.h"
|
||||||
|
#include "xstring.h"
|
||||||
|
@@ -77,7 +81,7 @@
|
||||||
|
* Get path associated with fd of a process with pid.
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
-getfdpath_pid(pid_t pid, int fd, char *buf, unsigned bufsize)
|
||||||
|
+getfdpath_pid(pid_t pid, int fd, char *buf, unsigned bufsize, bool *deleted)
|
||||||
|
{
|
||||||
|
char linkpath[sizeof("/proc/%u/fd/%u") + 2 * sizeof(int)*3];
|
||||||
|
ssize_t n;
|
||||||
|
@@ -91,12 +95,50 @@
|
||||||
|
|
||||||
|
xsprintf(linkpath, "/proc/%u/fd/%u", proc_pid, fd);
|
||||||
|
n = readlink(linkpath, buf, bufsize - 1);
|
||||||
|
+ if (n < 0)
|
||||||
|
+ goto end;
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* NB: if buf is too small, readlink doesn't fail,
|
||||||
|
* it returns truncated result (IOW: n == bufsize - 1).
|
||||||
|
*/
|
||||||
|
- if (n >= 0)
|
||||||
|
- buf[n] = '\0';
|
||||||
|
+ buf[n] = '\0';
|
||||||
|
+ if (deleted)
|
||||||
|
+ *deleted = false;
|
||||||
|
+
|
||||||
|
+ /*
|
||||||
|
+ * Try to figure out if the kernel has appended " (deleted)"
|
||||||
|
+ * to the end of a potentially unlinked path and set deleted
|
||||||
|
+ * if it is the case.
|
||||||
|
+ */
|
||||||
|
+ static const char del_sfx[] = " (deleted)";
|
||||||
|
+ if ((size_t) n <= sizeof(del_sfx))
|
||||||
|
+ goto end;
|
||||||
|
+
|
||||||
|
+ char *del = buf + n + 1 - sizeof(del_sfx);
|
||||||
|
+
|
||||||
|
+ if (memcmp(del, del_sfx, sizeof(del_sfx)))
|
||||||
|
+ goto end;
|
||||||
|
+
|
||||||
|
+ strace_stat_t st_link;
|
||||||
|
+ strace_stat_t st_path;
|
||||||
|
+ int rc = stat_file(linkpath, &st_link);
|
||||||
|
+
|
||||||
|
+ if (rc)
|
||||||
|
+ goto end;
|
||||||
|
+
|
||||||
|
+ rc = lstat_file(buf, &st_path);
|
||||||
|
+
|
||||||
|
+ if (rc ||
|
||||||
|
+ (st_link.st_ino != st_path.st_ino) ||
|
||||||
|
+ (st_link.st_dev != st_path.st_dev)) {
|
||||||
|
+ *del = '\0';
|
||||||
|
+ n = del - buf + 1;
|
||||||
|
+ if (deleted)
|
||||||
|
+ *deleted = true;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+end:
|
||||||
|
return n;
|
||||||
|
}
|
||||||
|
|
||||||
|
Index: strace-5.18/src/util.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/src/util.c 2022-07-13 12:52:47.989787575 +0200
|
||||||
|
+++ strace-5.18/src/util.c 2022-07-13 12:52:48.452782111 +0200
|
||||||
|
@@ -735,12 +735,15 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
-print_quoted_string_in_angle_brackets(const char *str)
|
||||||
|
+print_quoted_string_in_angle_brackets(const char *str, const bool deleted)
|
||||||
|
{
|
||||||
|
tprints("<");
|
||||||
|
print_quoted_string_ex(str, strlen(str),
|
||||||
|
QUOTE_OMIT_LEADING_TRAILING_QUOTES, "<>");
|
||||||
|
tprints(">");
|
||||||
|
+
|
||||||
|
+ if (deleted)
|
||||||
|
+ tprints("(deleted)");
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
@@ -749,8 +752,9 @@
|
||||||
|
PRINT_VAL_D(fd);
|
||||||
|
|
||||||
|
char path[PATH_MAX + 1];
|
||||||
|
+ bool deleted;
|
||||||
|
if (pid > 0 && !number_set_array_is_empty(decode_fd_set, 0)
|
||||||
|
- && getfdpath_pid(pid, fd, path, sizeof(path)) >= 0) {
|
||||||
|
+ && getfdpath_pid(pid, fd, path, sizeof(path), &deleted) >= 0) {
|
||||||
|
if (is_number_in_set(DECODE_FD_SOCKET, decode_fd_set) &&
|
||||||
|
printsocket(tcp, fd, path))
|
||||||
|
goto printed;
|
||||||
|
@@ -761,7 +765,7 @@
|
||||||
|
printpidfd(pid, fd, path))
|
||||||
|
goto printed;
|
||||||
|
if (is_number_in_set(DECODE_FD_PATH, decode_fd_set))
|
||||||
|
- print_quoted_string_in_angle_brackets(path);
|
||||||
|
+ print_quoted_string_in_angle_brackets(path, deleted);
|
||||||
|
printed: ;
|
||||||
|
}
|
||||||
|
|
||||||
|
Index: strace-5.18/tests/fchmod.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests/fchmod.c 2022-07-13 12:52:29.405006910 +0200
|
||||||
|
+++ strace-5.18/tests/fchmod.c 2022-07-13 12:52:48.452782111 +0200
|
||||||
|
@@ -35,10 +35,17 @@
|
||||||
|
(void) unlink(sample);
|
||||||
|
int fd = open(sample, O_CREAT|O_RDONLY, 0400);
|
||||||
|
if (fd == -1)
|
||||||
|
- perror_msg_and_fail("open");
|
||||||
|
+ perror_msg_and_fail("open(\"%s\")", sample);
|
||||||
|
+
|
||||||
|
+ static const char sample_del[] = "fchmod_sample_file (deleted)";
|
||||||
|
+ (void) unlink(sample_del);
|
||||||
|
+ int fd_del = open(sample_del, O_CREAT|O_RDONLY, 0400);
|
||||||
|
+ if (fd_del == -1)
|
||||||
|
+ perror_msg_and_fail("open(\"%s\")", sample);
|
||||||
|
|
||||||
|
# ifdef YFLAG
|
||||||
|
char *sample_realpath = get_fd_path(fd);
|
||||||
|
+ char *sample_del_realpath = get_fd_path(fd_del);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
const char *sample_secontext = SECONTEXT_FILE(sample);
|
||||||
|
@@ -56,12 +63,27 @@
|
||||||
|
sample_secontext,
|
||||||
|
sprintrc(rc));
|
||||||
|
|
||||||
|
+ const char *sample_del_secontext = SECONTEXT_FILE(sample_del);
|
||||||
|
+ rc = syscall(__NR_fchmod, fd_del, 0600);
|
||||||
|
+# ifdef YFLAG
|
||||||
|
+ printf("%s%s(%d<%s>%s, 0600) = %s\n",
|
||||||
|
+# else
|
||||||
|
+ printf("%s%s(%d%s, 0600) = %s\n",
|
||||||
|
+# endif
|
||||||
|
+ my_secontext, "fchmod",
|
||||||
|
+ fd_del,
|
||||||
|
+# ifdef YFLAG
|
||||||
|
+ sample_del_realpath,
|
||||||
|
+# endif
|
||||||
|
+ sample_del_secontext,
|
||||||
|
+ sprintrc(rc));
|
||||||
|
+
|
||||||
|
if (unlink(sample))
|
||||||
|
- perror_msg_and_fail("unlink");
|
||||||
|
+ perror_msg_and_fail("unlink(\"%s\")", sample);
|
||||||
|
|
||||||
|
rc = syscall(__NR_fchmod, fd, 051);
|
||||||
|
# ifdef YFLAG
|
||||||
|
- printf("%s%s(%d<%s (deleted)>%s, 051) = %s\n",
|
||||||
|
+ printf("%s%s(%d<%s>(deleted)%s, 051) = %s\n",
|
||||||
|
# else
|
||||||
|
printf("%s%s(%d%s, 051) = %s\n",
|
||||||
|
# endif
|
||||||
|
@@ -73,9 +95,26 @@
|
||||||
|
sample_secontext,
|
||||||
|
sprintrc(rc));
|
||||||
|
|
||||||
|
+ if (unlink(sample_del))
|
||||||
|
+ perror_msg_and_fail("unlink(\"%s\")", sample_del);
|
||||||
|
+
|
||||||
|
+ rc = syscall(__NR_fchmod, fd_del, 051);
|
||||||
|
+# ifdef YFLAG
|
||||||
|
+ printf("%s%s(%d<%s>(deleted)%s, 051) = %s\n",
|
||||||
|
+# else
|
||||||
|
+ printf("%s%s(%d%s, 051) = %s\n",
|
||||||
|
+# endif
|
||||||
|
+ my_secontext, "fchmod",
|
||||||
|
+ fd_del,
|
||||||
|
+# ifdef YFLAG
|
||||||
|
+ sample_del_realpath,
|
||||||
|
+# endif
|
||||||
|
+ sample_del_secontext,
|
||||||
|
+ sprintrc(rc));
|
||||||
|
+
|
||||||
|
rc = syscall(__NR_fchmod, fd, 004);
|
||||||
|
# ifdef YFLAG
|
||||||
|
- printf("%s%s(%d<%s (deleted)>%s, 004) = %s\n",
|
||||||
|
+ printf("%s%s(%d<%s>(deleted)%s, 004) = %s\n",
|
||||||
|
# else
|
||||||
|
printf("%s%s(%d%s, 004) = %s\n",
|
||||||
|
# endif
|
||||||
|
Index: strace-5.18/tests-m32/fchmod.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/tests-m32/fchmod.c 2022-07-13 12:52:29.405006910 +0200
|
||||||
|
+++ strace-5.18/tests-m32/fchmod.c 2022-07-13 12:52:48.452782111 +0200
|
||||||
|
@@ -35,10 +35,17 @@
|
||||||
|
(void) unlink(sample);
|
||||||
|
int fd = open(sample, O_CREAT|O_RDONLY, 0400);
|
||||||
|
if (fd == -1)
|
||||||
|
- perror_msg_and_fail("open");
|
||||||
|
+ perror_msg_and_fail("open(\"%s\")", sample);
|
||||||
|
+
|
||||||
|
+ static const char sample_del[] = "fchmod_sample_file (deleted)";
|
||||||
|
+ (void) unlink(sample_del);
|
||||||
|
+ int fd_del = open(sample_del, O_CREAT|O_RDONLY, 0400);
|
||||||
|
+ if (fd_del == -1)
|
||||||
|
+ perror_msg_and_fail("open(\"%s\")", sample);
|
||||||
|
|
||||||
|
# ifdef YFLAG
|
||||||
|
char *sample_realpath = get_fd_path(fd);
|
||||||
|
+ char *sample_del_realpath = get_fd_path(fd_del);
|
||||||
|
# endif
|
||||||
|
|
||||||
|
const char *sample_secontext = SECONTEXT_FILE(sample);
|
||||||
|
@@ -56,12 +63,27 @@
|
||||||
|
sample_secontext,
|
||||||
|
sprintrc(rc));
|
||||||
|
|
||||||
|
+ const char *sample_del_secontext = SECONTEXT_FILE(sample_del);
|
||||||
|
+ rc = syscall(__NR_fchmod, fd_del, 0600);
|
||||||
|
+# ifdef YFLAG
|
||||||
|
+ printf("%s%s(%d<%s>%s, 0600) = %s\n",
|
||||||
|
+# else
|
||||||
|
+ printf("%s%s(%d%s, 0600) = %s\n",
|
||||||
|
+# endif
|
||||||
|
+ my_secontext, "fchmod",
|
||||||
|
+ fd_del,
|
||||||
|
+# ifdef YFLAG
|
||||||
|
+ sample_del_realpath,
|
||||||
|
+# endif
|
||||||
|
+ sample_del_secontext,
|
||||||
|
+ sprintrc(rc));
|
||||||
|
+
|
||||||
|
if (unlink(sample))
|
||||||
|
- perror_msg_and_fail("unlink");
|
||||||
|
+ perror_msg_and_fail("unlink(\"%s\")", sample);
|
||||||
|
|
||||||
|
rc = syscall(__NR_fchmod, fd, 051);
|
||||||
|
# ifdef YFLAG
|
||||||
|
- printf("%s%s(%d<%s (deleted)>%s, 051) = %s\n",
|
||||||
|
+ printf("%s%s(%d<%s>(deleted)%s, 051) = %s\n",
|
||||||
|
# else
|
||||||
|
printf("%s%s(%d%s, 051) = %s\n",
|
||||||
|
# endif
|
||||||
|
@@ -73,9 +95,26 @@
|
||||||
|
sample_secontext,
|
||||||
|
sprintrc(rc));
|
||||||
|
|
||||||
|
+ if (unlink(sample_del))
|
||||||
|
+ perror_msg_and_fail("unlink(\"%s\")", sample_del);
|
||||||
|
+
|
||||||
|
+ rc = syscall(__NR_fchmod, fd_del, 051);
|
||||||
|
+# ifdef YFLAG
|
||||||
|
+ printf("%s%s(%d<%s>(deleted)%s, 051) = %s\n",
|
||||||
|
+# else
|
||||||
|
+ printf("%s%s(%d%s, 051) = %s\n",
|
||||||
|
+# endif
|
||||||
|
+ my_secontext, "fchmod",
|
||||||
|
+ fd_del,
|
||||||
|
+# ifdef YFLAG
|
||||||
|
+ sample_del_realpath,
|
||||||
|
+# endif
|
||||||
|
+ sample_del_secontext,
|
||||||
|
+ sprintrc(rc));
|
||||||
|
+
|
||||||
|
rc = syscall(__NR_fchmod, fd, 004);
|
||||||
|
# ifdef YFLAG
|
||||||
|
- printf("%s%s(%d<%s (deleted)>%s, 004) = %s\n",
|
||||||
|
+ printf("%s%s(%d<%s>(deleted)%s, 004) = %s\n",
|
||||||
|
# else
|
||||||
|
printf("%s%s(%d%s, 004) = %s\n",
|
||||||
|
# endif
|
@ -0,0 +1,209 @@
|
|||||||
|
From 3f0e5340b651da98251a58cc7923525d69f96032 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
||||||
|
Date: Fri, 1 Jul 2022 10:45:48 +0200
|
||||||
|
Subject: [PATCH] secontext: fix expected SELinux context check for unlinked
|
||||||
|
FDs
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
selinux_getfdcon open-coded a part of getfdpath_pid since it tries
|
||||||
|
to do the same job, figure out a path associated with an FD, for slightly
|
||||||
|
different purpose: to get the expected SELinux context for it. As the previous
|
||||||
|
commit shows, it's a bit more complicated in cases when the path ends
|
||||||
|
with the " (deleted)" string, which is also used for designated unlinked paths
|
||||||
|
in procfs. Otherwise, it may manifest in test failures such as this:
|
||||||
|
|
||||||
|
[unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023] fchmod(4</root/rpmbuild/BUILD/strace-5.13/tests/fchmod-y--secontext_full_mismatch.dir/fchmod_subdir/fchmod_sample_file> [unconfined_u:object_r:admin_home_t:s0!!system_u:object_r:admin_home_t:s0], 0600) = 0
|
||||||
|
-[unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023] fchmod(4</root/rpmbuild/BUILD/strace-5.13/tests/fchmod-y--secontext_full_mismatch.dir/fchmod_subdir/fchmod_sample_file (deleted)> [unconfined_u:object_r:admin_home_t:s0!!system_u:object_r:admin_home_t:s0], 051) = 0
|
||||||
|
-[unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023] fchmod(4</root/rpmbuild/BUILD/strace-5.13/tests/fchmod-y--secontext_full_mismatch.dir/fchmod_subdir/fchmod_sample_file (deleted)> [unconfined_u:object_r:admin_home_t:s0!!system_u:object_r:admin_home_t:s0], 004) = 0
|
||||||
|
+[unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023] fchmod(4</root/rpmbuild/BUILD/strace-5.13/tests/fchmod-y--secontext_full_mismatch.dir/fchmod_subdir/fchmod_sample_file (deleted)> [unconfined_u:object_r:admin_home_t:s0], 051) = 0
|
||||||
|
+[unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023] fchmod(4</root/rpmbuild/BUILD/strace-5.13/tests/fchmod-y--secontext_full_mismatch.dir/fchmod_subdir/fchmod_sample_file (deleted)> [unconfined_u:object_r:admin_home_t:s0], 004) = 0
|
||||||
|
+++ exited with 0 +++
|
||||||
|
+ fail_ '../../src/strace -a15 -y --secontext=full,mismatch -e trace=fchmod ../fchmod-y--secontext_full_mismatch output mismatch'
|
||||||
|
+ warn_ 'fchmod-y--secontext_full_mismatch.gen.test: failed test: ../../src/strace -a15 -y --secontext=full,mismatch -e trace=fchmod ../fchmod-y--secontext_full_mismatch output mismatch'
|
||||||
|
+ printf '%s\n' 'fchmod-y--secontext_full_mismatch.gen.test: failed test: ../../src/strace -a15 -y --secontext=full,mismatch -e trace=fchmod ../fchmod-y--secontext_full_mismatch output mismatch'
|
||||||
|
fchmod-y--secontext_full_mismatch.gen.test: failed test: ../../src/strace -a15 -y --secontext=full,mismatch -e trace=fchmod ../fchmod-y--secontext_full_mismatch output mismatch
|
||||||
|
+ exit 1
|
||||||
|
FAIL fchmod-y--secontext_full_mismatch.gen.test (exit status: 1)
|
||||||
|
|
||||||
|
that happens due to the fact that the get_expected_filecontext() call
|
||||||
|
is made against the path with the " (deleted)" part, which is wrong (it
|
||||||
|
is more wrong than shown above when a file with the path that ends with
|
||||||
|
" (deleted)" exists). Moreover, it would be incorrect to call stat()
|
||||||
|
on that path.
|
||||||
|
|
||||||
|
Let's factor out the common part of the code and simply call it
|
||||||
|
from selinux_getfdcon, then use the st_mode from the procfs link.
|
||||||
|
|
||||||
|
* src/defs.h (get_proc_pid_fd_path): New declaration.
|
||||||
|
* src/pathtrace.c (get)proc_pid_fd_path): New function, part
|
||||||
|
of getfdpath_pid that performs link resolution and processing
|
||||||
|
of the result.
|
||||||
|
(getfdpath_pid): Call get_proc_pid_fd_path after PID resolution.
|
||||||
|
* src/secontext.c (get_expected_filecontext): Add mode parameter, use
|
||||||
|
it in selabel_lookup call instead of retrieveing file mode using stat()
|
||||||
|
if it is not -1.
|
||||||
|
(selinux_getfdcon): Call get_proc_pid_fd_path instead
|
||||||
|
of open-coding path resolution code, call stat() on the procfs link
|
||||||
|
and pass the retrieved st_mode to the get_expected_filecontext call.
|
||||||
|
(selinux_getfilecon): Pass -1 as mode in the get_expected_filecontext
|
||||||
|
call.
|
||||||
|
|
||||||
|
Reported-by: Václav Kadlčík <vkadlcik@redhat.com>
|
||||||
|
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2087693
|
||||||
|
---
|
||||||
|
src/defs.h | 15 +++++++++++++++
|
||||||
|
src/pathtrace.c | 26 ++++++++++++++++++--------
|
||||||
|
src/secontext.c | 35 +++++++++++++++++++++--------------
|
||||||
|
3 files changed, 54 insertions(+), 22 deletions(-)
|
||||||
|
|
||||||
|
Index: strace-5.18/src/defs.h
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/src/defs.h 2022-07-12 18:22:01.563254140 +0200
|
||||||
|
+++ strace-5.18/src/defs.h 2022-07-12 18:22:06.202199392 +0200
|
||||||
|
@@ -785,6 +785,21 @@
|
||||||
|
return pathtrace_match_set(tcp, &global_path_set);
|
||||||
|
}
|
||||||
|
|
||||||
|
+/**
|
||||||
|
+ * Resolves a path for a fd procfs PID proc_pid (the one got from
|
||||||
|
+ * get_proc_pid()).
|
||||||
|
+ *
|
||||||
|
+ * @param proc_pid PID number in /proc, obtained with get_proc_pid().
|
||||||
|
+ * @param fd FD to resolve path for.
|
||||||
|
+ * @param buf Buffer to store the resolved path in.
|
||||||
|
+ * @param bufsize The size of buf.
|
||||||
|
+ * @param deleted If non-NULL, set to true if the path associated with the FD
|
||||||
|
+ * seems to have been unlinked and to false otherwise.
|
||||||
|
+ * @return Number of bytes written including terminating '\0'.
|
||||||
|
+ */
|
||||||
|
+extern int get_proc_pid_fd_path(int proc_pid, int fd, char *buf,
|
||||||
|
+ unsigned bufsize, bool *deleted);
|
||||||
|
+
|
||||||
|
extern int getfdpath_pid(pid_t pid, int fd, char *buf, unsigned bufsize,
|
||||||
|
bool *deleted);
|
||||||
|
|
||||||
|
Index: strace-5.18/src/pathtrace.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/src/pathtrace.c 2022-07-12 18:22:01.532254506 +0200
|
||||||
|
+++ strace-5.18/src/pathtrace.c 2022-07-12 18:22:06.202199392 +0200
|
||||||
|
@@ -77,11 +77,9 @@
|
||||||
|
set->paths_selected[set->num_selected++] = path;
|
||||||
|
}
|
||||||
|
|
||||||
|
-/*
|
||||||
|
- * Get path associated with fd of a process with pid.
|
||||||
|
- */
|
||||||
|
int
|
||||||
|
-getfdpath_pid(pid_t pid, int fd, char *buf, unsigned bufsize, bool *deleted)
|
||||||
|
+get_proc_pid_fd_path(int proc_pid, int fd, char *buf, unsigned bufsize,
|
||||||
|
+ bool *deleted)
|
||||||
|
{
|
||||||
|
char linkpath[sizeof("/proc/%u/fd/%u") + 2 * sizeof(int)*3];
|
||||||
|
ssize_t n;
|
||||||
|
@@ -89,10 +87,6 @@
|
||||||
|
if (fd < 0)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
- int proc_pid = get_proc_pid(pid);
|
||||||
|
- if (!proc_pid)
|
||||||
|
- return -1;
|
||||||
|
-
|
||||||
|
xsprintf(linkpath, "/proc/%u/fd/%u", proc_pid, fd);
|
||||||
|
n = readlink(linkpath, buf, bufsize - 1);
|
||||||
|
if (n < 0)
|
||||||
|
@@ -143,6 +137,22 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
+ * Get path associated with fd of a process with pid.
|
||||||
|
+ */
|
||||||
|
+int
|
||||||
|
+getfdpath_pid(pid_t pid, int fd, char *buf, unsigned bufsize, bool *deleted)
|
||||||
|
+{
|
||||||
|
+ if (fd < 0)
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
+ int proc_pid = get_proc_pid(pid);
|
||||||
|
+ if (!proc_pid)
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
+ return get_proc_pid_fd_path(proc_pid, fd, buf, bufsize, deleted);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
* Add a path to the set we're tracing. Also add the canonicalized
|
||||||
|
* version of the path. Specifying NULL will delete all paths.
|
||||||
|
*/
|
||||||
|
Index: strace-5.18/src/secontext.c
|
||||||
|
===================================================================
|
||||||
|
--- strace-5.18.orig/src/secontext.c 2022-07-12 18:22:01.564254128 +0200
|
||||||
|
+++ strace-5.18/src/secontext.c 2022-07-12 18:22:06.203199380 +0200
|
||||||
|
@@ -62,7 +62,7 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
|
-get_expected_filecontext(const char *path, char **secontext)
|
||||||
|
+get_expected_filecontext(const char *path, char **secontext, int mode)
|
||||||
|
{
|
||||||
|
static struct selabel_handle *hdl;
|
||||||
|
|
||||||
|
@@ -80,12 +80,7 @@
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- strace_stat_t stb;
|
||||||
|
- if (stat_file(path, &stb) < 0) {
|
||||||
|
- return -1;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- return selabel_lookup(hdl, secontext, path, stb.st_mode);
|
||||||
|
+ return selabel_lookup(hdl, secontext, path, mode);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -130,16 +125,22 @@
|
||||||
|
|
||||||
|
/*
|
||||||
|
* We need to resolve the path, because selabel_lookup() doesn't
|
||||||
|
- * resolve anything. Using readlink() is sufficient here.
|
||||||
|
+ * resolve anything.
|
||||||
|
*/
|
||||||
|
+ char buf[PATH_MAX + 1];
|
||||||
|
+ ssize_t n = get_proc_pid_fd_path(proc_pid, fd, buf, sizeof(buf), NULL);
|
||||||
|
+ if ((size_t) n >= (sizeof(buf) - 1))
|
||||||
|
+ return 0;
|
||||||
|
|
||||||
|
- char buf[PATH_MAX];
|
||||||
|
- ssize_t n = readlink(linkpath, buf, sizeof(buf));
|
||||||
|
- if ((size_t) n >= sizeof(buf))
|
||||||
|
+ /*
|
||||||
|
+ * We retrieve stat() here since the path the procfs link resolves into
|
||||||
|
+ * may be reused by a different file with different context.
|
||||||
|
+ */
|
||||||
|
+ strace_stat_t st;
|
||||||
|
+ if (stat_file(linkpath, &st))
|
||||||
|
return 0;
|
||||||
|
- buf[n] = '\0';
|
||||||
|
|
||||||
|
- get_expected_filecontext(buf, expected);
|
||||||
|
+ get_expected_filecontext(buf, expected, st.st_mode);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
@@ -190,7 +191,13 @@
|
||||||
|
if (!resolved)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
- get_expected_filecontext(resolved, expected);
|
||||||
|
+ strace_stat_t st;
|
||||||
|
+ if (stat_file(resolved, &st) < 0)
|
||||||
|
+ goto out;
|
||||||
|
+
|
||||||
|
+ get_expected_filecontext(resolved, expected, st.st_mode);
|
||||||
|
+
|
||||||
|
+out:
|
||||||
|
free(resolved);
|
||||||
|
|
||||||
|
return 0;
|
70
SOURCES/0182-tests-bpf-fix-sloppy-low-FD-number-usage.patch
Normal file
70
SOURCES/0182-tests-bpf-fix-sloppy-low-FD-number-usage.patch
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
From 5338636cd9ae7f53ed73f1a7909db03189ea2ff3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Eugene Syromyatnikov <evgsyr@gmail.com>
|
||||||
|
Date: Mon, 4 Jul 2022 12:29:22 +0200
|
||||||
|
Subject: [PATCH] tests/bpf: fix sloppy low FD number usage
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
FD 42 can already be opened, so close it. Otherwise, it may lead
|
||||||
|
to the following test failure:
|
||||||
|
|
||||||
|
-bpf(BPF_LINK_CREATE, {link_create={prog_fd=0</dev/full>, target_fd=0</dev/full>, attach_type=BPF_TRACE_ITER, flags=0, iter_info=[{map={map_fd=0</dev/full>}}, {map={map_fd=42}}, {map={map_fd=314159265}}, {map={map_fd=-1159983635}}, {map={map_fd=-1}}], iter_info_len=5}}, 28) = 841540765612359407 (INJECTED)
|
||||||
|
+bpf(BPF_LINK_CREATE, {link_create={prog_fd=0</dev/full>, target_fd=0</dev/full>, attach_type=BPF_TRACE_ITER, flags=0, iter_info=[{map={map_fd=0</dev/full>}}, {map={map_fd=42</var/tmp/restraintd/logs/146893626/task.log>}}, {map={map_fd=314159265}}, {map={map_fd=-1159983635}}, {map={map_fd=-1}}], iter_info_len=5}}, 28) = 841540765612359407 (INJECTED)
|
||||||
|
bpf(BPF_LINK_CREATE, 0x3ff95574fe5, 28) = 841540765612359407 (INJECTED)
|
||||||
|
-bpf(BPF_LINK_CREATE, {link_create={prog_fd=0</dev/full>, target_fd=0</dev/full>, attach_type=BPF_TRACE_ITER, flags=0, iter_info=[{map={map_fd=0</dev/full>}}, {map={map_fd=42}}, {map={map_fd=314159265}}, {map={map_fd=-1159983635}}, {map={map_fd=-1}}, ... /* 0x3ff9555d000 */], iter_info_len=6}}, 28) = 841540765612359407 (INJECTED)
|
||||||
|
+bpf(BPF_LINK_CREATE, {link_create={prog_fd=0</dev/full>, target_fd=0</dev/full>, attach_type=BPF_TRACE_ITER, flags=0, iter_info=[{map={map_fd=0</dev/full>}}, {map={map_fd=42</var/tmp/restraintd/logs/146893626/task.log>}}, {map={map_fd=314159265}}, {map={map_fd=-1159983635}}, {map={map_fd=-1}}, ... /* 0x3ff9555d000 */], iter_info_len=6}}, 28) = 841540765612359407 (INJECTED)
|
||||||
|
[...]
|
||||||
|
FAIL bpf-success-long-y.test (exit status: 1)
|
||||||
|
|
||||||
|
* tests/bpf.c (init_BPF_LINK_CREATE_attr7): Close iter_info_data[1] fd.
|
||||||
|
|
||||||
|
Fixes: v5.18~18 "bpf: improve bpf(BPF_LINK_CREATE) decoding"
|
||||||
|
Reported-by: Lenka Špačková <lkuprova@redhat.com>
|
||||||
|
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2103137
|
||||||
|
---
|
||||||
|
tests/bpf.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/tests/bpf.c b/tests/bpf.c
|
||||||
|
index 82d870e..6c1ffd4 100644
|
||||||
|
--- a/tests/bpf.c
|
||||||
|
+++ b/tests/bpf.c
|
||||||
|
@@ -1557,6 +1557,8 @@ init_BPF_LINK_CREATE_attr7(struct bpf_attr_check *check, size_t idx)
|
||||||
|
{
|
||||||
|
struct BPF_LINK_CREATE_struct *attr = &check->data.BPF_LINK_CREATE_data;
|
||||||
|
|
||||||
|
+ close(iter_info_data[1]);
|
||||||
|
+
|
||||||
|
if (!iter_info_data_p) {
|
||||||
|
iter_info_data_p = tail_memdup(iter_info_data,
|
||||||
|
sizeof(iter_info_data));
|
||||||
|
diff --git a/tests-m32/bpf.c b/tests-m32/bpf.c
|
||||||
|
index 82d870e..6c1ffd4 100644
|
||||||
|
--- a/tests-m32/bpf.c
|
||||||
|
+++ b/tests-m32/bpf.c
|
||||||
|
@@ -1557,6 +1557,8 @@ init_BPF_LINK_CREATE_attr7(struct bpf_attr_check *check, size_t idx)
|
||||||
|
{
|
||||||
|
struct BPF_LINK_CREATE_struct *attr = &check->data.BPF_LINK_CREATE_data;
|
||||||
|
|
||||||
|
+ close(iter_info_data[1]);
|
||||||
|
+
|
||||||
|
if (!iter_info_data_p) {
|
||||||
|
iter_info_data_p = tail_memdup(iter_info_data,
|
||||||
|
sizeof(iter_info_data));
|
||||||
|
diff --git a/tests-mx32/bpf.c b/tests-mx32/bpf.c
|
||||||
|
index 82d870e..6c1ffd4 100644
|
||||||
|
--- a/tests-mx32/bpf.c
|
||||||
|
+++ b/tests-mx32/bpf.c
|
||||||
|
@@ -1557,6 +1557,8 @@ init_BPF_LINK_CREATE_attr7(struct bpf_attr_check *check, size_t idx)
|
||||||
|
{
|
||||||
|
struct BPF_LINK_CREATE_struct *attr = &check->data.BPF_LINK_CREATE_data;
|
||||||
|
|
||||||
|
+ close(iter_info_data[1]);
|
||||||
|
+
|
||||||
|
if (!iter_info_data_p) {
|
||||||
|
iter_info_data_p = tail_memdup(iter_info_data,
|
||||||
|
sizeof(iter_info_data));
|
||||||
|
--
|
||||||
|
2.1.4
|
||||||
|
|
@ -1,9 +1,9 @@
|
|||||||
Summary: Tracks and displays system calls associated with a running process
|
Summary: Tracks and displays system calls associated with a running process
|
||||||
Name: strace
|
Name: strace
|
||||||
Version: 5.13
|
Version: 5.18
|
||||||
Release: 7%{?dist}
|
Release: 2%{?dist}
|
||||||
# The test suite is GPLv2+, all the rest is LGPLv2.1+.
|
# The test suite is GPLv2+, all the rest is LGPLv2.1+.
|
||||||
License: LGPL-2.1+ and GPL-2.0+
|
License: LGPL-2.1-or-later and GPL-2.0-or-later
|
||||||
# Some distros require Group tag to be present,
|
# Some distros require Group tag to be present,
|
||||||
# some require Group tag to be absent,
|
# some require Group tag to be absent,
|
||||||
# some do not care about Group tag at all,
|
# some do not care about Group tag at all,
|
||||||
@ -42,30 +42,53 @@ BuildRequires: pkgconfig(bluez)
|
|||||||
%{?!buildroot:BuildRoot: %_tmppath/buildroot-%name-%version-%release}
|
%{?!buildroot:BuildRoot: %_tmppath/buildroot-%name-%version-%release}
|
||||||
%define maybe_use_defattr %{?suse_version:%%defattr(-,root,root)}
|
%define maybe_use_defattr %{?suse_version:%%defattr(-,root,root)}
|
||||||
|
|
||||||
# v5.13-10-g0211fdc "tests: change sockopt-timestamp test to use syscall(__NR_recvmsg)"
|
## v5.13-10-g0211fdc "tests: change sockopt-timestamp test to use syscall(__NR_recvmsg)"
|
||||||
Patch141: 0141-tests-change-sockopt-timestamp-test-to-use-syscall-_.patch
|
#Patch141: 0141-tests-change-sockopt-timestamp-test-to-use-syscall-_.patch
|
||||||
# v5.13-55-g6b2191f "filter_qualify: free allocated data on the error path exit of parse_poke_token"
|
## v5.13-55-g6b2191f "filter_qualify: free allocated data on the error path exit of parse_poke_token"
|
||||||
Patch150: 0150-filter_qualify-free-allocated-data-on-the-error-path.patch
|
#Patch150: 0150-filter_qualify-free-allocated-data-on-the-error-path.patch
|
||||||
# v5.13-56-g80dc60c "macros: expand BIT macros, add MASK macros; add *_SAFE macros"
|
## v5.13-56-g80dc60c "macros: expand BIT macros, add MASK macros; add *_SAFE macros"
|
||||||
Patch151: 0151-macros-expand-BIT-macros-add-MASK-macros-add-_SAFE-m.patch
|
#Patch151: 0151-macros-expand-BIT-macros-add-MASK-macros-add-_SAFE-m.patch
|
||||||
# v5.13-58-g94ae5c2 "trie: use BIT* and MASK* macros"
|
## v5.13-58-g94ae5c2 "trie: use BIT* and MASK* macros"
|
||||||
Patch152: 0152-trie-use-BIT-and-MASK-macros.patch
|
#Patch152: 0152-trie-use-BIT-and-MASK-macros.patch
|
||||||
# v5.13-65-g41b753e "tee: rewrite num_params access in tee_fetch_buf_data"
|
## v5.13-65-g41b753e "tee: rewrite num_params access in tee_fetch_buf_data"
|
||||||
Patch153: 0153-tee-rewrite-num_params-access-in-tee_fetch_buf_data.patch
|
#Patch153: 0153-tee-rewrite-num_params-access-in-tee_fetch_buf_data.patch
|
||||||
Patch154: 0154-tests-call-setsockopt-directly-in-sockopt-timestamp.patch
|
## v5.14~12 "tests: call setsockopt directly in sockopt-timestamp"
|
||||||
|
#Patch154: 0154-tests-call-setsockopt-directly-in-sockopt-timestamp.patch
|
||||||
|
|
||||||
# v5.15~1 "print_ifindex: fix IFNAME_QUOTED_SZ definition"
|
## v5.15~1 "print_ifindex: fix IFNAME_QUOTED_SZ definition"
|
||||||
Patch167: 0167-print_ifindex-fix-IFNAME_QUOTED_SZ-definition.patch
|
#Patch167: 0167-print_ifindex-fix-IFNAME_QUOTED_SZ-definition.patch
|
||||||
|
|
||||||
# v5.15~18 "m4: fix st_SELINUX check"
|
## v5.15~18 "m4: fix st_SELINUX check"
|
||||||
Patch168: 0168-m4-fix-st_SELINUX-check.patch
|
#Patch168: 0168-m4-fix-st_SELINUX-check.patch
|
||||||
# v5.16~31 "Implement displaying of expected context upon mismatch"
|
## v5.16~31 "Implement displaying of expected context upon mismatch"
|
||||||
Patch169: 0169-Implement-displaying-of-expected-context-upon-mismat.patch
|
#Patch169: 0169-Implement-displaying-of-expected-context-upon-mismat.patch
|
||||||
Patch170: 0170-tests-linkat-reset-errno-before-SELinux-context-mani.patch
|
#Patch170: 0170-tests-linkat-reset-errno-before-SELinux-context-mani.patch
|
||||||
Patch171: 0171-tests-secontext-add-secontext-field-getters.patch
|
#Patch171: 0171-tests-secontext-add-secontext-field-getters.patch
|
||||||
Patch172: 0172-tests-linkat-provide-fallback-values-for-secontext-f.patch
|
#Patch172: 0172-tests-linkat-provide-fallback-values-for-secontext-f.patch
|
||||||
Patch173: 0173-tests-secontext-eliminate-separate-secontext_format-.patch
|
#Patch173: 0173-tests-secontext-eliminate-separate-secontext_format-.patch
|
||||||
Patch174: 0174-tests-linkat-reset-context-to-the-expected-one-if-a-.patch
|
#Patch174: 0174-tests-linkat-reset-context-to-the-expected-one-if-a-.patch
|
||||||
|
|
||||||
|
## https://bugzilla.redhat.com/2103068 covscan fixes
|
||||||
|
# v5.18-5-g2bf0696 "src/xlat: remove remnants of unnecessary idx usage in xlookup"
|
||||||
|
Patch175: 0175-src-xlat-remove-remnants-of-unnecessary-idx-usage-in.patch
|
||||||
|
# v5.18-7-ge604d7b "strauss: tips whitespace and phrasing cleanups"
|
||||||
|
Patch176: 0176-strauss-tips-whitespace-and-phrasing-cleanups.patch
|
||||||
|
# v5.18-8-g968789d "strauss: fix off-by-one error in strauss array access"
|
||||||
|
Patch177: 0177-strauss-fix-off-by-one-error-in-strauss-array-access.patch
|
||||||
|
# v5.18-9-g6d3e97e "util: add offs sanity check to print_clock_t"
|
||||||
|
Patch178: 0178-util-add-offs-sanity-check-to-print_clock_t.patch
|
||||||
|
|
||||||
|
## https://bugzilla.redhat.com/2087693
|
||||||
|
# v5.18-13-g960e78f "secontext: print context of Unix socket's sun_path field"
|
||||||
|
Patch179: 0179-secontext-print-context-of-Unix-socket-s-sun_path-fi.patch
|
||||||
|
# v5.18-18-g676979f "pathtrace, util: do not print " (deleted)" as part of the path"
|
||||||
|
Patch180: 0180-pathtrace-util-do-not-print-deleted-as-part-of-the-p.patch
|
||||||
|
# v5.18-19-g3f0e534 "secontext: fix expected SELinux context check for unlinked FDs"
|
||||||
|
Patch181: 0181-secontext-fix-expected-SELinux-context-check-for-unl.patch
|
||||||
|
|
||||||
|
## https://bugzilla.redhat.com/2103137
|
||||||
|
# v5.18-21-g5338636 "tests/bpf: fix sloppy low FD number usage"
|
||||||
|
Patch182: 0182-tests-bpf-fix-sloppy-low-FD-number-usage.patch
|
||||||
|
|
||||||
# Fallback definitions for make_build/make_install macros
|
# Fallback definitions for make_build/make_install macros
|
||||||
%{?!__make: %global __make %_bindir/make}
|
%{?!__make: %global __make %_bindir/make}
|
||||||
@ -86,26 +109,38 @@ received by a process.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
|
||||||
%patch141 -p1
|
#%patch141 -p1
|
||||||
%patch150 -p1
|
#%patch150 -p1
|
||||||
%patch151 -p1
|
#%patch151 -p1
|
||||||
%patch152 -p1
|
#%patch152 -p1
|
||||||
%patch153 -p1
|
#%patch153 -p1
|
||||||
%patch154 -p1
|
#%patch154 -p1
|
||||||
|
|
||||||
%patch167 -p1
|
#%patch167 -p1
|
||||||
|
|
||||||
%patch168 -p1
|
#%patch168 -p1
|
||||||
%patch169 -p1
|
#%patch169 -p1
|
||||||
%patch170 -p1
|
#%patch170 -p1
|
||||||
%patch171 -p1
|
#%patch171 -p1
|
||||||
%patch172 -p1
|
#%patch172 -p1
|
||||||
%patch173 -p1
|
#%patch173 -p1
|
||||||
%patch174 -p1
|
#%patch174 -p1
|
||||||
|
|
||||||
|
%patch175 -p1
|
||||||
|
%patch176 -p1
|
||||||
|
%patch177 -p1
|
||||||
|
%patch178 -p1
|
||||||
|
%patch179 -p1
|
||||||
|
%patch180 -p1
|
||||||
|
%patch181 -p1
|
||||||
|
%patch182 -p1
|
||||||
|
|
||||||
|
chmod a+x tests/*.test
|
||||||
|
|
||||||
echo -n %version-%release > .tarball-version
|
echo -n %version-%release > .tarball-version
|
||||||
echo -n 2021 > .year
|
echo -n 2022 > .year
|
||||||
echo -n 2021-07-20 > doc/.strace.1.in.date
|
echo -n 2022-06-22 > doc/.strace.1.in.date
|
||||||
|
echo -n 2022-06-22 > doc/.strace-log-merge.1.in.date
|
||||||
|
|
||||||
%build
|
%build
|
||||||
echo 'BEGIN OF BUILD ENVIRONMENT INFORMATION'
|
echo 'BEGIN OF BUILD ENVIRONMENT INFORMATION'
|
||||||
@ -159,6 +194,15 @@ echo 'END OF TEST SUITE INFORMATION'
|
|||||||
%{_mandir}/man1/*
|
%{_mandir}/man1/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jul 11 2022 Eugene Syromiatnikov <esyr@redhat.com> - 5.18-2
|
||||||
|
- Fix the issues reported by covscan (#2103068).
|
||||||
|
- Fix SELinux context matching for the deleted paths (#2087693).
|
||||||
|
- Fix sloppy FD usage in the bpf test (#2103137).
|
||||||
|
- Cater for RHEL 9 license requirement idiosyncrasies (#2103032).
|
||||||
|
|
||||||
|
* Wed Jun 22 2022 Eugene Syromiatnikov <esyr@redhat.com> - 5.18-1
|
||||||
|
- Rebase to v5.18; drop upstream patches on top of 5.13 (#2084002).
|
||||||
|
|
||||||
* Mon Feb 07 2022 Eugene Syromiatnikov <esyr@redhat.com> - 5.13-7
|
* Mon Feb 07 2022 Eugene Syromiatnikov <esyr@redhat.com> - 5.13-7
|
||||||
- Update tests-m32 and tests-mx32 with --secontext=mismatch option support
|
- Update tests-m32 and tests-mx32 with --secontext=mismatch option support
|
||||||
changes (#2046264).
|
changes (#2046264).
|
||||||
|
Loading…
Reference in New Issue
Block a user