mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-07-26 20:40:28 +00:00
Fix bugs and add security features to redbean
- Fix a regression with the previous change that broke redbean - Add chroot(), resource limit, seccomp, and other stuff to redbean - Write lots and lots of documentation - Iron out more system call issues
This commit is contained in:
parent
f1dfa4bdfa
commit
7166679620
182 changed files with 1855 additions and 918 deletions
|
@ -14,8 +14,9 @@ const char *DescribeFlags(char *, size_t, struct DescribeFlags *, size_t,
|
|||
|
||||
const char *DescribeMapFlags(int);
|
||||
const char *DescribeProtFlags(int);
|
||||
const char *DescribePollFlags(int);
|
||||
const char *DescribeRemapFlags(int);
|
||||
const char *DescribeSeccompOperationFlags(int);
|
||||
const char *DescribePollFlags(char *, size_t, int);
|
||||
|
||||
const char *DescribeNtPageFlags(uint32_t);
|
||||
const char *DescribeNtStartFlags(uint32_t);
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
#include "libc/nt/enum/filemapflags.h"
|
||||
#include "libc/sysv/consts/poll.h"
|
||||
|
||||
const char *DescribePollFlags(int x) {
|
||||
const char *DescribePollFlags(char *buf, size_t size, int x) {
|
||||
const struct DescribeFlags kPollFlags[] = {
|
||||
{POLLIN, "IN"}, // order matters
|
||||
{POLLOUT, "OUT"}, // order matters
|
||||
|
@ -35,7 +35,5 @@ const char *DescribePollFlags(int x) {
|
|||
{POLLWRBAND, "WRBAND"}, //
|
||||
{POLLWRNORM, "WRNORM"}, //
|
||||
};
|
||||
static char pollflags[64];
|
||||
return DescribeFlags(pollflags, sizeof(pollflags), kPollFlags,
|
||||
ARRAYLEN(kPollFlags), "POLL", x);
|
||||
return DescribeFlags(buf, size, kPollFlags, ARRAYLEN(kPollFlags), "POLL", x);
|
||||
}
|
||||
|
|
35
libc/intrin/describeseccompoperationflags.greg.c
Normal file
35
libc/intrin/describeseccompoperationflags.greg.c
Normal file
|
@ -0,0 +1,35 @@
|
|||
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
|
||||
│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│
|
||||
╞══════════════════════════════════════════════════════════════════════════════╡
|
||||
│ Copyright 2022 Justine Alexandra Roberts Tunney │
|
||||
│ │
|
||||
│ Permission to use, copy, modify, and/or distribute this software for │
|
||||
│ any purpose with or without fee is hereby granted, provided that the │
|
||||
│ above copyright notice and this permission notice appear in all copies. │
|
||||
│ │
|
||||
│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL │
|
||||
│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED │
|
||||
│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE │
|
||||
│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL │
|
||||
│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR │
|
||||
│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER │
|
||||
│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │
|
||||
│ PERFORMANCE OF THIS SOFTWARE. │
|
||||
╚─────────────────────────────────────────────────────────────────────────────*/
|
||||
#include "libc/intrin/describeflags.internal.h"
|
||||
#include "libc/macros.internal.h"
|
||||
#include "libc/sysv/consts/seccomp.h"
|
||||
|
||||
const struct DescribeFlags kSeccompOperationFlags[] = {
|
||||
{SECCOMP_GET_NOTIF_SIZES, "GET_NOTIF_SIZES"}, // order matters
|
||||
{SECCOMP_GET_ACTION_AVAIL, "GET_ACTION_AVAIL"}, //
|
||||
{SECCOMP_SET_MODE_FILTER, "SET_MODE_FILTER"}, //
|
||||
{SECCOMP_SET_MODE_STRICT, "SET_MODE_STRICT"}, //
|
||||
};
|
||||
|
||||
const char *DescribeSeccompOperationFlags(int x) {
|
||||
static char seccompflags[128];
|
||||
return DescribeFlags(seccompflags, sizeof(seccompflags),
|
||||
kSeccompOperationFlags, ARRAYLEN(kSeccompOperationFlags),
|
||||
"SECCOMP_", x);
|
||||
}
|
|
@ -21,6 +21,7 @@
|
|||
#include "libc/dce.h"
|
||||
#include "libc/nexgen32e/vendor.internal.h"
|
||||
#include "libc/nt/runtime.h"
|
||||
#include "libc/runtime/runtime.h"
|
||||
#include "libc/sysv/consts/nr.h"
|
||||
|
||||
/**
|
||||
|
@ -31,17 +32,18 @@
|
|||
*
|
||||
* @param exitcode is masked with 255
|
||||
* @asyncsignalsafe
|
||||
* @threadsafe
|
||||
* @vforksafe
|
||||
* @noreturn
|
||||
*/
|
||||
privileged noinstrument noasan noubsan wontreturn void _Exit(int exitcode) {
|
||||
privileged wontreturn void _Exit(int exitcode) {
|
||||
int i;
|
||||
STRACE("_Exit(%d)", exitcode);
|
||||
if (!IsWindows() && !IsMetal()) {
|
||||
asm volatile("syscall"
|
||||
: /* no outputs */
|
||||
: "a"(__NR_exit_group), "D"(exitcode)
|
||||
: "memory");
|
||||
: "rcx", "r11", "memory");
|
||||
} else if (IsWindows()) {
|
||||
__imp_ExitProcess(exitcode & 0xff);
|
||||
}
|
||||
|
|
47
libc/intrin/exit1.greg.c
Normal file
47
libc/intrin/exit1.greg.c
Normal file
|
@ -0,0 +1,47 @@
|
|||
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
|
||||
│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│
|
||||
╞══════════════════════════════════════════════════════════════════════════════╡
|
||||
│ Copyright 2021 Justine Alexandra Roberts Tunney │
|
||||
│ │
|
||||
│ Permission to use, copy, modify, and/or distribute this software for │
|
||||
│ any purpose with or without fee is hereby granted, provided that the │
|
||||
│ above copyright notice and this permission notice appear in all copies. │
|
||||
│ │
|
||||
│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL │
|
||||
│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED │
|
||||
│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE │
|
||||
│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL │
|
||||
│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR │
|
||||
│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER │
|
||||
│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │
|
||||
│ PERFORMANCE OF THIS SOFTWARE. │
|
||||
╚─────────────────────────────────────────────────────────────────────────────*/
|
||||
#include "libc/calls/strace.internal.h"
|
||||
#include "libc/dce.h"
|
||||
#include "libc/nt/runtime.h"
|
||||
#include "libc/nt/thread.h"
|
||||
#include "libc/sysv/consts/nr.h"
|
||||
|
||||
/**
|
||||
* Terminates thread with raw system call.
|
||||
*
|
||||
* @param rc only works on Linux and Windows
|
||||
* @see cthread_exit()
|
||||
* @threadsafe
|
||||
* @noreturn
|
||||
*/
|
||||
privileged wontreturn void _Exit1(int rc) {
|
||||
STRACE("_Exit1(%d)", rc);
|
||||
if (!IsWindows() && !IsMetal()) {
|
||||
asm volatile("syscall"
|
||||
: /* no outputs */
|
||||
: "a"(__NR_exit), "D"(IsLinux() ? rc : 0)
|
||||
: "rcx", "r11", "memory");
|
||||
__builtin_unreachable();
|
||||
} else if (IsWindows()) {
|
||||
ExitThread(rc);
|
||||
}
|
||||
for (;;) {
|
||||
asm("ud2");
|
||||
}
|
||||
}
|
|
@ -64,6 +64,8 @@ o/$(MODE)/libc/intrin/kprintf.greg.o: \
|
|||
-ffreestanding \
|
||||
$(NO_MAGIC)
|
||||
|
||||
o/$(MODE)/libc/intrin/exit.greg.o \
|
||||
o/$(MODE)/libc/intrin/exit1.greg.o \
|
||||
o/$(MODE)/libc/intrin/createfile.greg.o \
|
||||
o/$(MODE)/libc/intrin/reopenfile.greg.o \
|
||||
o/$(MODE)/libc/intrin/deletefile.greg.o \
|
||||
|
|
|
@ -16,6 +16,7 @@
|
|||
│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │
|
||||
│ PERFORMANCE OF THIS SOFTWARE. │
|
||||
╚─────────────────────────────────────────────────────────────────────────────*/
|
||||
#include "libc/calls/issandboxed.h"
|
||||
#include "libc/dce.h"
|
||||
#include "libc/log/libfatal.internal.h"
|
||||
#include "libc/log/log.h"
|
||||
|
@ -35,24 +36,20 @@ noasan noubsan int IsDebuggerPresent(bool force) {
|
|||
int fd, res;
|
||||
ssize_t got;
|
||||
char *p, buf[1024];
|
||||
if (!force) {
|
||||
if (IsGenuineCosmo()) return 0;
|
||||
if (getenv("HEISENDEBUG")) return 0;
|
||||
}
|
||||
if (IsWindows()) {
|
||||
return NtGetPeb()->BeingDebugged; /* needs noasan */
|
||||
} else {
|
||||
res = 0;
|
||||
if ((fd = __sysv_open("/proc/self/status", O_RDONLY, 0)) >= 0) {
|
||||
if ((got = __sysv_read(fd, buf, sizeof(buf) - 1)) > 0) {
|
||||
buf[got] = '\0';
|
||||
if ((p = __strstr(buf, kPid))) {
|
||||
p += sizeof(kPid) - 1;
|
||||
res = __atoul(p);
|
||||
}
|
||||
if (!force && IsGenuineCosmo()) return 0;
|
||||
if (!force && getenv("HEISENDEBUG")) return 0;
|
||||
if (IsWindows()) return NtGetPeb()->BeingDebugged; /* needs noasan */
|
||||
if (__issandboxed) return false;
|
||||
res = 0;
|
||||
if ((fd = __sysv_open("/proc/self/status", O_RDONLY, 0)) >= 0) {
|
||||
if ((got = __sysv_read(fd, buf, sizeof(buf) - 1)) > 0) {
|
||||
buf[got] = '\0';
|
||||
if ((p = __strstr(buf, kPid))) {
|
||||
p += sizeof(kPid) - 1;
|
||||
res = __atoul(p);
|
||||
}
|
||||
__sysv_close(fd);
|
||||
}
|
||||
return res;
|
||||
__sysv_close(fd);
|
||||
}
|
||||
return res;
|
||||
}
|
||||
|
|
22
libc/intrin/issandboxed.c
Normal file
22
libc/intrin/issandboxed.c
Normal file
|
@ -0,0 +1,22 @@
|
|||
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
|
||||
│vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi│
|
||||
╞══════════════════════════════════════════════════════════════════════════════╡
|
||||
│ Copyright 2022 Justine Alexandra Roberts Tunney │
|
||||
│ │
|
||||
│ Permission to use, copy, modify, and/or distribute this software for │
|
||||
│ any purpose with or without fee is hereby granted, provided that the │
|
||||
│ above copyright notice and this permission notice appear in all copies. │
|
||||
│ │
|
||||
│ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL │
|
||||
│ WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED │
|
||||
│ WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE │
|
||||
│ AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL │
|
||||
│ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR │
|
||||
│ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER │
|
||||
│ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR │
|
||||
│ PERFORMANCE OF THIS SOFTWARE. │
|
||||
╚─────────────────────────────────────────────────────────────────────────────*/
|
||||
#include "libc/calls/calls.h"
|
||||
|
||||
// SECCOMP_SET_MODE_STRICT
|
||||
bool __issandboxed;
|
|
@ -33,9 +33,12 @@ kDos2Errno:
|
|||
// .e kNtErrorFileNotFound,ENOENT # in consts.sh
|
||||
// .e kNtErrorPathNotFound,ENOTDIR # in consts.sh
|
||||
// .e kNtErrorTooManyOpenFiles,EMFILE # in consts.sh
|
||||
// .e kNtErrorTooManyDescriptors,ENFILE # in consts.sh
|
||||
// .e kNtErrorTooManyLinks,EMLINK # in consts.sh
|
||||
// .e kNtErrorAccessDenied,EACCES # in consts.sh
|
||||
// .e kNtErrorInvalidHandle,EBADF # in consts.sh
|
||||
// .e kNtErrorInvalidAccess,EPERM # in consts.sh
|
||||
// .e kNtErrorNotEnoughQuota,EDQUOT # in consts.sh
|
||||
// .e kNtErrorSeek,ESPIPE # in consts.sh
|
||||
// .e kNtErrorNotDosDisk,ENOTBLK # in consts.sh
|
||||
// .e kNtErrorFileExists,EEXIST # in consts.sh
|
||||
|
@ -48,7 +51,6 @@ kDos2Errno:
|
|||
// .e kNtErrorAlreadyExists,EEXIST # in consts.sh
|
||||
// .e kNtErrorBadExeFormat,ENOEXEC # in consts.sh
|
||||
// .e kNtErrorFileTooLarge,EFBIG # in consts.sh
|
||||
// .e kNtErrorTooManyDescriptors,ENFILE # in consts.sh
|
||||
// .e kNtErrorDirectoryNotSupported,EISDIR # in consts.sh
|
||||
// .e kNtErrorInvalidAddress,EFAULT # in consts.sh
|
||||
// .e kNtErrorThreadNotInProcess,ESRCH # in consts.sh
|
||||
|
@ -160,6 +162,7 @@ kDos2Errno:
|
|||
.e WSAEDISCON,EPIPE
|
||||
.e WSAEFAULT,EFAULT
|
||||
.e WSAEINVAL,EINVAL
|
||||
.e WSAEDQUOT,EDQUOT
|
||||
.e WSAEPROCLIM,ENOMEM
|
||||
.e WSANOTINITIALISED,ENETDOWN
|
||||
.e WSASYSNOTREADY,ENETDOWN
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue