mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-05-24 06:12:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Rewrite Linux pledge() code so it can be a payload

Browse source 
It's now possible to build our pledge() polyfill as a dynamic shared
object that can be injected into a glibc executable using LD_PRELOAD
This commit is contained in:
Justine Tunney 2022-08-08 11:41:08 -07:00
parent 7bd4179b9b
commit 0277d7d6e9
37 changed files with 1980 additions and 1600 deletions
Download patch file Download diff file Expand all files Collapse all files

30
test/libc/calls/pledge2_test.c
View file

@ -17,10 +17,12 @@
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/calls/calls.h"
#include "libc/calls/pledge.internal.h"
#include "libc/calls/struct/seccomp.h"
#include "libc/calls/syscall_support-sysv.internal.h"
#include "libc/dce.h"
#include "libc/intrin/kprintf.h"
#include "libc/intrin/promises.internal.h"
#include "libc/runtime/runtime.h"
#include "libc/sock/sock.h"
#include "libc/sysv/consts/af.h"
@ -58,7 +60,7 @@ void SetUp(void) {
TEST(pledge, testSoftError) {
if (IsOpenbsd()) return;
SPAWN(fork);
__pledge_mode = SECCOMP_RET_ERRNO | EPERM;
__pledge_mode = kPledgeModeErrno;
ASSERT_SYS(0, 0, pledge("stdio", 0));
ASSERT_SYS(EPERM, -1, socket(AF_INET, SOCK_STREAM, IPPROTO_TCP));
_Exit(7);
@ -67,27 +69,27 @@ TEST(pledge, testSoftError) {
TEST(pledge, testKillThreadMode) {
SPAWN(fork);
__pledge_mode = SECCOMP_RET_KILL_THREAD;
__pledge_mode = kPledgeModeKillThread;
ASSERT_SYS(0, 0, pledge("stdio", 0));
socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
TERMS(IsOpenbsd() ? SIGABRT : SIGSYS);
TERMS(SIGABRT);
}
TEST(pledge, testKillProcessMode) {
SPAWN(fork);
__pledge_mode = SECCOMP_RET_KILL_PROCESS;
__pledge_mode = kPledgeModeKillProcess;
ASSERT_SYS(0, 0, pledge("stdio", 0));
socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
TERMS(IsOpenbsd() ? SIGABRT : SIGSYS);
TERMS(SIGABRT);
}
TEST(pledge, testLogMessage_onSoftyMode) {
TEST(pledge, testLogMessage_inSoftyMode) {
if (IsOpenbsd()) return;
int fds[2];
char msg[64] = {0};
ASSERT_SYS(0, 0, pipe(fds));
SPAWN(fork);
__pledge_mode = SECCOMP_RET_ERRNO | EPERM;
__pledge_mode = kPledgeModeErrno;
ASSERT_SYS(0, 2, dup2(fds[1], 2));
ASSERT_SYS(0, 0, pledge("stdio", 0));
ASSERT_SYS(EPERM, -1, socket(AF_INET, SOCK_STREAM, IPPROTO_TCP));
@ -105,11 +107,11 @@ TEST(pledge, testLogMessage_onKillProcess) {
char msg[64] = {0};
ASSERT_SYS(0, 0, pipe(fds));
SPAWN(fork);
__pledge_mode = SECCOMP_RET_KILL;
__pledge_mode = kPledgeModeKillThread;
ASSERT_SYS(0, 2, dup2(fds[1], 2));
ASSERT_SYS(0, 0, pledge("stdio", 0));
socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
TERMS(IsOpenbsd() ? SIGABRT : SIGSYS);
TERMS(SIGABRT);
close(fds[1]);
read(fds[0], msg, sizeof(msg));
close(fds[0]);
@ -118,7 +120,7 @@ TEST(pledge, testLogMessage_onKillProcess) {
}
}
TEST(pledge, testNoLogPossibleSadly_becausePledgedExec) {
TEST(pledge, testNoLogOrAbrtsignoPossibleSadly_becausePledgedExec) {
int fds[2];
char msg[64] = {0};
ASSERT_SYS(0, 0, pipe(fds));
@ -132,3 +134,11 @@ TEST(pledge, testNoLogPossibleSadly_becausePledgedExec) {
close(fds[0]);
ASSERT_STREQ("", msg);
}
TEST(pledge, testDoublePledge_isFine) {
SPAWN(fork);
__pledge_mode = kPledgeModeKillThread;
ASSERT_SYS(0, 0, pledge("stdio", 0));
ASSERT_SYS(0, 0, pledge("stdio", 0));
EXITS(0);
}