mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-02-24 06:49:02 +00:00
Make some last minute improvements to make.com
This commit is contained in:
parent
6a5717a48f
commit
13c1c45075
16 changed files with 158 additions and 43 deletions
6
Makefile
6
Makefile
|
@ -60,7 +60,7 @@
|
|||
# build/config.mk
|
||||
|
||||
SHELL = build/bootstrap/cocmd.com
|
||||
HOSTS ?= freebsd openbsd netbsd rhel7 rhel5 win7 win10 xnu
|
||||
HOSTS ?= freebsd openbsd netbsd rhel7 rhel5 win10 xnu
|
||||
MAKEFLAGS += --no-builtin-rules
|
||||
|
||||
.SUFFIXES:
|
||||
|
@ -365,7 +365,9 @@ o/cosmopolitan.h: \
|
|||
|
||||
o/cosmopolitan.html: \
|
||||
o/$(MODE)/third_party/chibicc/chibicc.com.dbg \
|
||||
$(filter-out %.s,$(foreach x,$(COSMOPOLITAN_OBJECTS),$($(x)_SRCS)))
|
||||
$(filter-out %.s,$(foreach x,$(COSMOPOLITAN_OBJECTS),$($(x)_SRCS))) \
|
||||
$(SRCS) \
|
||||
$(HDRS)
|
||||
$(file >$@.args,$(filter-out %.s,$(foreach x,$(COSMOPOLITAN_OBJECTS),$($(x)_SRCS))))
|
||||
o/$(MODE)/third_party/chibicc/chibicc.com.dbg -J \
|
||||
-fno-common -include libc/integral/normalize.inc -o $@ \
|
||||
|
|
|
@ -142,6 +142,7 @@ int pause(void);
|
|||
int personality(uint64_t);
|
||||
int pipe(int[hasatleast 2]);
|
||||
int pipe2(int[hasatleast 2], int);
|
||||
int pivot_root(const char *, const char *);
|
||||
int pledge(const char *, const char *);
|
||||
int posix_fadvise(int, uint64_t, uint64_t, int);
|
||||
int posix_madvise(void *, uint64_t, int);
|
||||
|
|
|
@ -28,6 +28,7 @@
|
|||
*
|
||||
* This does *not* update the `PWD` environment variable.
|
||||
*
|
||||
* @return 0 on success, or -1 w/ errno
|
||||
* @asyncsignalsafe
|
||||
* @see fchdir()
|
||||
*/
|
||||
|
|
33
libc/calls/pivot_root.c
Normal file
33
libc/calls/pivot_root.c
Normal file
|
@ -0,0 +1,33 @@
|
|||
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
|
||||
│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│
|
||||
╞══════════════════════════════════════════════════════════════════════════════╡
|
||||
│ Copyright 2022 Justine Alexandra Roberts Tunney │
|
||||
│ │
|
||||
│ Permission to use, copy, modify, and/or distribute this software for │
|
||||
│ any purpose with or without fee is hereby granted, provided that the │
|
||||
│ above copyright notice and this permission notice appear in all copies. │
|
||||
│ │
|
||||
│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL │
|
||||
│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED │
|
||||
│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE │
|
||||
│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL │
|
||||
│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR │
|
||||
│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER │
|
||||
│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │
|
||||
│ PERFORMANCE OF THIS SOFTWARE. │
|
||||
╚─────────────────────────────────────────────────────────────────────────────*/
|
||||
#include "libc/calls/calls.h"
|
||||
#include "libc/calls/strace.internal.h"
|
||||
#include "libc/calls/syscall-sysv.internal.h"
|
||||
|
||||
/**
|
||||
* Changes root mount.
|
||||
*
|
||||
* @raise ENOSYS on non-Linux
|
||||
*/
|
||||
int pivot_root(const char *new_root, const char *put_old) {
|
||||
int rc;
|
||||
rc = sys_pivot_root(new_root, put_old);
|
||||
STRACE("pivot_root(%#s, %#s) → %d% m", new_root, put_old, rc);
|
||||
return rc;
|
||||
}
|
|
@ -68,6 +68,7 @@ i32 sys_mincore(void *, u64, unsigned char *) hidden;
|
|||
i32 sys_mkdirat(i32, const char *, u32) hidden;
|
||||
i32 sys_mkfifo(const char *, u32) hidden;
|
||||
i32 sys_mknod(const char *, u32, u64) hidden;
|
||||
i32 sys_unmount(const char *, i32) hidden;
|
||||
i32 sys_mprotect(void *, u64, i32) hidden;
|
||||
i32 sys_msync(void *, u64, i32) hidden;
|
||||
i32 sys_munmap(void *, u64) hidden;
|
||||
|
@ -76,6 +77,7 @@ i32 sys_openat(i32, const char *, i32, u32) hidden;
|
|||
i32 sys_pause(void) hidden;
|
||||
i32 sys_pipe(i32[hasatleast 2]) hidden;
|
||||
i32 sys_pipe2(i32[hasatleast 2], u32) hidden;
|
||||
i32 sys_pivot_root(const char *, const char *) hidden;
|
||||
i32 sys_pledge(const char *, const char *) hidden;
|
||||
i32 sys_posix_openpt(i32) hidden;
|
||||
i32 sys_renameat(i32, const char *, i32, const char *) hidden;
|
||||
|
|
|
@ -17,8 +17,8 @@
|
|||
│ PERFORMANCE OF THIS SOFTWARE. │
|
||||
╚─────────────────────────────────────────────────────────────────────────────*/
|
||||
#include "libc/calls/mount.h"
|
||||
|
||||
int sys_unmount(const char *, int);
|
||||
#include "libc/calls/strace.internal.h"
|
||||
#include "libc/calls/syscall-sysv.internal.h"
|
||||
|
||||
/**
|
||||
* Unmounts file system.
|
||||
|
@ -30,12 +30,15 @@ int sys_unmount(const char *, int);
|
|||
* The following flags may also be used, but could be set to zero at
|
||||
* runtime if the underlying kernel doesn't support them.
|
||||
*
|
||||
* - `MNT_DETACH`
|
||||
* - `MNT_DETACH`: lazily unmount; Linux-only
|
||||
* - `MNT_EXPIRE`
|
||||
* - `UMOUNT_NOFOLLOW`
|
||||
* - `MNT_BYFSID`
|
||||
*
|
||||
*/
|
||||
int unmount(const char *target, int flags) {
|
||||
return sys_unmount(target, flags);
|
||||
int rc;
|
||||
rc = sys_unmount(target, flags);
|
||||
STRACE("unmount(%#s, %#x) → %d% m", target, flags, rc);
|
||||
return rc;
|
||||
}
|
||||
|
|
78
libc/runtime/isdynamicexecutable.c
Normal file
78
libc/runtime/isdynamicexecutable.c
Normal file
|
@ -0,0 +1,78 @@
|
|||
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
|
||||
│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│
|
||||
╞══════════════════════════════════════════════════════════════════════════════╡
|
||||
│ Copyright 2022 Justine Alexandra Roberts Tunney │
|
||||
│ │
|
||||
│ Permission to use, copy, modify, and/or distribute this software for │
|
||||
│ any purpose with or without fee is hereby granted, provided that the │
|
||||
│ above copyright notice and this permission notice appear in all copies. │
|
||||
│ │
|
||||
│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL │
|
||||
│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED │
|
||||
│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE │
|
||||
│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL │
|
||||
│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR │
|
||||
│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER │
|
||||
│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │
|
||||
│ PERFORMANCE OF THIS SOFTWARE. │
|
||||
╚─────────────────────────────────────────────────────────────────────────────*/
|
||||
#include "libc/bits/bits.h"
|
||||
#include "libc/calls/calls.h"
|
||||
#include "libc/calls/struct/stat.h"
|
||||
#include "libc/elf/def.h"
|
||||
#include "libc/elf/elf.h"
|
||||
#include "libc/elf/struct/ehdr.h"
|
||||
#include "libc/elf/struct/phdr.h"
|
||||
#include "libc/errno.h"
|
||||
#include "libc/runtime/runtime.h"
|
||||
#include "libc/sysv/consts/map.h"
|
||||
#include "libc/sysv/consts/o.h"
|
||||
#include "libc/sysv/consts/prot.h"
|
||||
|
||||
/**
|
||||
* Returns true if ELF executable uses dynamic loading magic.
|
||||
*/
|
||||
bool IsDynamicExecutable(const char *prog) {
|
||||
bool res;
|
||||
Elf64_Ehdr *e;
|
||||
Elf64_Phdr *p;
|
||||
struct stat st;
|
||||
int i, fd, err;
|
||||
fd = -1;
|
||||
err = errno;
|
||||
e = MAP_FAILED;
|
||||
if ((fd = open(prog, O_RDONLY)) == -1) {
|
||||
res = false;
|
||||
goto Finish;
|
||||
}
|
||||
if (fstat(fd, &st) == -1 || st.st_size < 64) {
|
||||
res = false;
|
||||
goto Finish;
|
||||
}
|
||||
if ((e = mmap(0, st.st_size, PROT_READ, MAP_SHARED, fd, 0)) == MAP_FAILED) {
|
||||
res = false;
|
||||
goto Finish;
|
||||
}
|
||||
if (READ32LE(e->e_ident) != READ32LE(ELFMAG)) {
|
||||
res = false;
|
||||
goto Finish;
|
||||
}
|
||||
if (e->e_type == ET_DYN) {
|
||||
res = true;
|
||||
goto Finish;
|
||||
}
|
||||
for (i = 0; i < e->e_phnum; ++i) {
|
||||
p = GetElfSegmentHeaderAddress(e, st.st_size, i);
|
||||
if (p->p_type == PT_INTERP || p->p_type == PT_DYNAMIC) {
|
||||
res = true;
|
||||
goto Finish;
|
||||
}
|
||||
}
|
||||
res = false;
|
||||
goto Finish;
|
||||
Finish:
|
||||
if (e != MAP_FAILED) munmap(e, st.st_size);
|
||||
if (fd != -1) close(fd);
|
||||
errno = err;
|
||||
return res;
|
||||
}
|
|
@ -120,6 +120,7 @@ unsigned char *GetInstructionLengths(void);
|
|||
void __print_maps(void);
|
||||
void __warn_if_powersave(void);
|
||||
const char *__describe_os(void);
|
||||
bool IsDynamicExecutable(const char *);
|
||||
|
||||
COSMOPOLITAN_C_END_
|
||||
#endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */
|
||||
|
|
|
@ -24,7 +24,13 @@
|
|||
#include "libc/sysv/errfuns.h"
|
||||
|
||||
/**
|
||||
* Creates temporary directory.
|
||||
* Creates temporary directory, e.g.
|
||||
*
|
||||
* char path[PATH_MAX];
|
||||
* snprintf(path, sizeof(path), "%s%s.XXXXXX",
|
||||
* kTmpPath, program_invocation_short_name);
|
||||
* printf("%s\n", mkdtemp(path));
|
||||
* rmdir(path);
|
||||
*
|
||||
* @param template must end with XXXXXX which is replaced with
|
||||
* nondeterministic base36 random data
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
.include "o/libc/sysv/macros.internal.inc"
|
||||
.scall pivot_root,0xfffffffffffff09b,globl
|
2
libc/sysv/calls/sys_pivot_root.s
Normal file
2
libc/sysv/calls/sys_pivot_root.s
Normal file
|
@ -0,0 +1,2 @@
|
|||
.include "o/libc/sysv/macros.internal.inc"
|
||||
.scall sys_pivot_root,0xfffffffffffff09b,globl,hidden
|
|
@ -209,7 +209,7 @@ scall cpuset_setaffinity 0xffffff1e8fffffff globl
|
|||
scall sys_sched_rr_get_interval 0xffffff14effff094 globl hidden
|
||||
scall vhangup 0xfffffffffffff099 globl
|
||||
scall modify_ldt 0xfffffffffffff09a globl
|
||||
scall pivot_root 0xfffffffffffff09b globl
|
||||
scall sys_pivot_root 0xfffffffffffff09b globl hidden
|
||||
scall _sysctl 0xfffffffffffff09c globl
|
||||
#scall prctl 0xfffffffffffff09d globl # wrapped manually
|
||||
scall sys_arch_prctl 0xfff0a50a5ffff09e globl hidden # sysarch() on bsd
|
||||
|
|
33
third_party/make/job.c
vendored
33
third_party/make/job.c
vendored
|
@ -38,6 +38,15 @@ this program. If not, see <http://www.gnu.org/licenses/>. */
|
|||
#include "libc/intrin/kprintf.h"
|
||||
#include "libc/bits/safemacros.internal.h"
|
||||
#include "libc/runtime/runtime.h"
|
||||
#include "libc/elf/def.h"
|
||||
#include "libc/intrin/kprintf.h"
|
||||
#include "libc/elf/struct/phdr.h"
|
||||
#include "libc/elf/def.h"
|
||||
#include "libc/elf/elf.h"
|
||||
#include "libc/calls/calls.h"
|
||||
#include "libc/sysv/consts/prot.h"
|
||||
#include "libc/sysv/consts/map.h"
|
||||
#include "libc/intrin/kprintf.h"
|
||||
#include "third_party/make/dep.h"
|
||||
|
||||
#define GOTO_SLOW \
|
||||
|
@ -234,6 +243,7 @@ is_bourne_compatible_shell (const char *path)
|
|||
/* List of known POSIX (or POSIX-ish) shells. */
|
||||
static const char *unix_shells[] = {
|
||||
"build/bootstrap/cocmd.com",
|
||||
"false",
|
||||
"dash",
|
||||
"sh",
|
||||
"bash",
|
||||
|
@ -1587,20 +1597,6 @@ start_waiting_jobs (void)
|
|||
}
|
||||
|
||||
|
||||
bool IsDynamicExecutable(const char *prog)
|
||||
{
|
||||
int fd;
|
||||
Elf64_Ehdr e;
|
||||
struct stat st;
|
||||
if ((fd = open(prog, O_RDONLY)) == -1)
|
||||
return false;
|
||||
if (read(fd, &e, sizeof(e)) != sizeof(e))
|
||||
return false;
|
||||
close(fd);
|
||||
return e.e_type == ET_DYN &&
|
||||
READ32LE(e.e_ident) == READ32LE(ELFMAG);
|
||||
}
|
||||
|
||||
bool GetPermPrefix (const char *path, char out_perm[5], const char **out_path)
|
||||
{
|
||||
int c, n;
|
||||
|
@ -1709,6 +1705,7 @@ child_execute_job (struct childbase *child, int good_stdin, char **argv)
|
|||
char outpathbuf[PATH_MAX];
|
||||
const struct variable *var;
|
||||
c = (struct child *)child;
|
||||
errno = 0;
|
||||
if (!lookup_variable_in_set (STRING_SIZE_TUPLE(".UNSANDBOXED"),
|
||||
c->file->variables->set))
|
||||
{
|
||||
|
@ -1717,9 +1714,11 @@ child_execute_job (struct childbase *child, int good_stdin, char **argv)
|
|||
|
||||
if (argv[0][0] == '/' && IsDynamicExecutable (argv[0]))
|
||||
{
|
||||
/* make it easier to run dynamic system executables */
|
||||
/* weaken sandbox if user is using dynamic shared lolbjects */
|
||||
Unveil ("/bin", "rx");
|
||||
Unveil ("/lib", "rx");
|
||||
Unveil ("/lib64", "rx");
|
||||
Unveil ("/usr/bin", "rx");
|
||||
Unveil ("/usr/lib", "rx");
|
||||
Unveil ("/usr/lib64", "rx");
|
||||
Unveil ("/usr/local/lib", "rx");
|
||||
|
@ -1729,6 +1728,9 @@ child_execute_job (struct childbase *child, int good_stdin, char **argv)
|
|||
Unveil ("/etc/ld.so.cache", "r");
|
||||
Unveil ("/etc/ld.so.conf.d", "r");
|
||||
Unveil ("/etc/ld.so.preload", "r");
|
||||
Unveil ("/usr/include", "r");
|
||||
Unveil ("/usr/share/locale", "r");
|
||||
Unveil ("/usr/share/locale-langpack", "r");
|
||||
}
|
||||
else
|
||||
/* permit launching actually portable executables */
|
||||
|
@ -1751,6 +1753,7 @@ child_execute_job (struct childbase *child, int good_stdin, char **argv)
|
|||
Unveil ("/dev/stderr", "rw");
|
||||
|
||||
/* unveil cosmopolitan build specific */
|
||||
Unveil ("/tmp", "rwc");
|
||||
Unveil ("o/tmp", "rwcx");
|
||||
Unveil ("libc/integral", "r");
|
||||
Unveil ("libc/disclaimer.inc", "r");
|
||||
|
|
1
third_party/make/main.c
vendored
1
third_party/make/main.c
vendored
|
@ -29,6 +29,7 @@ this program. If not, see <http://www.gnu.org/licenses/>. */
|
|||
#include "libc/sysv/consts/sig.h"
|
||||
#include "libc/log/log.h"
|
||||
#include "libc/log/log.h"
|
||||
#include "libc/log/log.h"
|
||||
#include "third_party/make/getopt.h"
|
||||
|
||||
STATIC_STACK_SIZE(0x200000); // 2mb stack
|
||||
|
|
3
third_party/make/make.mk
vendored
3
third_party/make/make.mk
vendored
|
@ -112,6 +112,7 @@ THIRD_PARTY_MAKE_OBJS = \
|
|||
|
||||
THIRD_PARTY_MAKE_DIRECTDEPS = \
|
||||
LIBC_CALLS \
|
||||
LIBC_ELF \
|
||||
LIBC_FMT \
|
||||
LIBC_INTRIN \
|
||||
LIBC_LOG \
|
||||
|
@ -123,9 +124,9 @@ THIRD_PARTY_MAKE_DIRECTDEPS = \
|
|||
LIBC_SYSV \
|
||||
LIBC_SYSV_CALLS \
|
||||
LIBC_TIME \
|
||||
LIBC_X \
|
||||
LIBC_TINYMATH \
|
||||
LIBC_UNICODE \
|
||||
LIBC_X \
|
||||
THIRD_PARTY_COMPILER_RT \
|
||||
THIRD_PARTY_MUSL \
|
||||
THIRD_PARTY_GDTOA
|
||||
|
|
|
@ -334,23 +334,6 @@ bool PathExists(const char *path) {
|
|||
}
|
||||
}
|
||||
|
||||
bool IsDynamicExecutable(const char *prog) {
|
||||
int fd;
|
||||
Elf64_Ehdr e;
|
||||
struct stat st;
|
||||
if ((fd = open(prog, O_RDONLY)) == -1) {
|
||||
kprintf("open(%#s, O_RDONLY) failed: %m\n", prog);
|
||||
exit(13);
|
||||
}
|
||||
if (read(fd, &e, sizeof(e)) != sizeof(e)) {
|
||||
kprintf("%s: read(64) failed: %m\n", prog);
|
||||
exit(16);
|
||||
}
|
||||
close(fd);
|
||||
return e.e_type == ET_DYN && //
|
||||
READ32LE(e.e_ident) == READ32LE(ELFMAG);
|
||||
}
|
||||
|
||||
void Unveil(const char *path, const char *perm) {
|
||||
if (unveil(path, perm) == -1) {
|
||||
kprintf("error: unveil(%#s, %#s) failed: %m\n", path, perm);
|
||||
|
|
Loading…
Add table
Reference in a new issue