From 796148790f7adfb1d90311cc08996b6d4eedcbe3 Mon Sep 17 00:00:00 2001 From: Justine Tunney Date: Wed, 3 Jan 2024 17:51:24 -0800 Subject: [PATCH] Remove hard coded paths from APE bootloader This increases risk of fork bomb but is needed to support the NixOS. Upstream dependencies of APE (uname, mkdir, dd, chmod, gzip, and mv) will be removed from releases, and deleted from the cosmo.zip server See #12 --- ape/ape.S | 26 +++++++++++--------------- tool/build/apelink.c | 33 +++++++++++++++------------------ 2 files changed, 26 insertions(+), 33 deletions(-) diff --git a/ape/ape.S b/ape/ape.S index 80b603c9e..ee64857ff 100644 --- a/ape/ape.S +++ b/ape/ape.S @@ -592,9 +592,7 @@ ape_disk: #ifdef APE_IS_SHELL_SCRIPT apesh: .ascii "\n@\n#'\"\n" // sixth edition shebang - .ascii "m=$(/bin/uname -m 2>/dev/null) || " - .ascii "m=$(/usr/bin/uname -m 2>/dev/null) || " - .ascii "m=x86_64\n" + .ascii "m=$(uname -m 2>/dev/null) || m=x86_64\n" .ascii "if [ \"$m\" = x86_64 ] || [ \"$m\" = amd64 ]; then\n" // Until all operating systems can be updated to support APE, @@ -617,15 +615,15 @@ apesh: .ascii "\n@\n#'\"\n" // sixth edition shebang .ascii APE_VERSION_STR .ascii "\"\n" .ascii "[ -x \"$t\" ] || {\n" - .ascii "/bin/mkdir -p \"${t%/*}\" &&\n" - .ascii "/bin/dd if=\"$o\" of=\"$t.$$\" skip=" + .ascii "mkdir -p \"${t%/*}\" &&\n" + .ascii "dd if=\"$o\" of=\"$t.$$\" skip=" .shstub ape_loader_dd_skip,2 .ascii " count=" .shstub ape_loader_dd_count,2 .ascii " bs=64 2>/dev/null\n" #if SupportsXnu() .ascii "[ -d /Applications ] && " - .ascii "/bin/dd if=\"$t.$$\"" + .ascii "dd if=\"$t.$$\"" .ascii " of=\"$t.$$\"" .ascii " skip=5" .ascii " count=8" @@ -633,8 +631,8 @@ apesh: .ascii "\n@\n#'\"\n" // sixth edition shebang .ascii " conv=notrunc" .ascii " 2>/dev/null\n" #endif /* SupportsXnu() */ - .ascii "/bin/chmod 755 \"$t.$$\"\n" - .ascii "/bin/mv -f \"$t.$$\" \"$t\"\n" + .ascii "chmod 755 \"$t.$$\"\n" + .ascii "mv -f \"$t.$$\" \"$t\"\n" .ascii "}\n" .ascii "exec \"$t\" \"$o\" \"$@\"\n" .ascii "}\n" @@ -650,9 +648,9 @@ apesh: .ascii "\n@\n#'\"\n" // sixth edition shebang .ascii "t=\"${TMPDIR:-${HOME:-.}}/$0\"\n" .ascii "[ x\"$1\" != x--assimilate ] || [ ! -e \"$t\" ] && {\n" .ascii "[ x\"$1\" != x--assimilate ] && {\n" - .ascii "/bin/mkdir -p \"${t%/*}\" 2>/dev/null\n" - .ascii "/bin/cp -f \"$o\" \"$t.$$\" &&\n" - .ascii "/bin/mv -f \"$t.$$\" \"$t\" || exit 120\n" + .ascii "mkdir -p \"${t%/*}\" 2>/dev/null\n" + .ascii "cp -f \"$o\" \"$t.$$\" &&\n" + .ascii "mv -f \"$t.$$\" \"$t\" || exit 120\n" .ascii "o=\"$t\"\n" .ascii "}\n" #endif /* APE_NO_MODIFY_SELF */ @@ -683,7 +681,7 @@ apesh: .ascii "\n@\n#'\"\n" // sixth edition shebang .ascii "exec 7<&-\n" #if SupportsXnu() .ascii "[ -d /Applications ] && " - .ascii "/bin/dd if=\"$o\"" + .ascii "dd if=\"$o\"" .ascii " of=\"$o\"" .ascii " bs=8" .ascii " skip=" @@ -712,9 +710,7 @@ apesh: .ascii "\n@\n#'\"\n" // sixth edition shebang // because they need to be in the first 4096 bytes .section .emushprologue,"a",@progbits emush: .ascii "\n@\n#'\"\n" - .ascii "s=$(/bin/uname -s 2>/dev/null) || " - .ascii "s=$(/usr/bin/uname -s 2>/dev/null) || " - .ascii "s=Darwin\n" + .ascii "s=$(uname -s 2>/dev/null) || s=Darwin\n" // our script is running on a non-x86_64 architecture // 1. `dd` out the appropriate blink vm blob // 2. gunzip the blink virtual machine executable diff --git a/tool/build/apelink.c b/tool/build/apelink.c index 392647ee8..7b1f7d57e 100644 --- a/tool/build/apelink.c +++ b/tool/build/apelink.c @@ -28,7 +28,6 @@ #include "libc/elf/struct/phdr.h" #include "libc/fmt/conv.h" #include "libc/fmt/itoa.h" -#include "libc/serialize.h" #include "libc/limits.h" #include "libc/macho.internal.h" #include "libc/macros.internal.h" @@ -40,6 +39,7 @@ #include "libc/nt/struct/imagesectionheader.internal.h" #include "libc/runtime/runtime.h" #include "libc/runtime/symbols.internal.h" +#include "libc/serialize.h" #include "libc/stdalign.internal.h" #include "libc/stdckdint.h" #include "libc/stdio/stdio.h" @@ -1947,9 +1947,7 @@ int main(int argc, char *argv[]) { } // otherwise this is a fresh install so consider the platform - p = stpcpy(p, "m=$(/bin/uname -m 2>/dev/null) || " - "m=$(/usr/bin/uname -m 2>/dev/null) || " - "m=x86_64\n"); + p = stpcpy(p, "m=$(uname -m 2>/dev/null) || m=x86_64\n"); if (support_vector & _HOSTXNU) { p = stpcpy(p, "if [ ! -d /Applications ]; then\n"); } @@ -2049,7 +2047,7 @@ int main(int argc, char *argv[]) { p = stpcpy(p, "if [ x\"$1\" = x--assimilate ]; then\n"); } p = GenerateScriptIfMachine(p, in); - p = stpcpy(p, "/bin/dd if=\"$o\" of=\"$o\" bs=1"); + p = stpcpy(p, "dd if=\"$o\" of=\"$o\" bs=1"); p = stpcpy(p, " skip="); in->ddarg_macho_skip = p; p = GenerateDecimalOffsetRelocation(p); @@ -2075,26 +2073,25 @@ int main(int argc, char *argv[]) { if ((loader = GetLoader(in->elf->e_machine, _HOSTXNU))) { loader->used = true; p = GenerateScriptIfMachine(p, in); // - p = stpcpy(p, "/bin/mkdir -p \"${t%/*}\" ||exit\n" - "/bin/dd if=\"$o\""); + p = stpcpy(p, "mkdir -p \"${t%/*}\" ||exit\n" + "dd if=\"$o\""); p = stpcpy(p, " skip="); loader->ddarg_skip1 = p; p = GenerateDecimalOffsetRelocation(p); p = stpcpy(p, " count="); loader->ddarg_size1 = p; p = GenerateDecimalOffsetRelocation(p); - p = stpcpy( - p, " bs=1 2>/dev/null | /usr/bin/gzip -dc >\"$t.$$\" ||exit\n"); + p = stpcpy(p, " bs=1 2>/dev/null | gzip -dc >\"$t.$$\" ||exit\n"); if (loader->macho_offset) { - p = stpcpy(p, "/bin/dd if=\"$t.$$\" of=\"$t.$$\""); + p = stpcpy(p, "dd if=\"$t.$$\" of=\"$t.$$\""); p = stpcpy(p, " skip="); p = FormatInt32(p, loader->macho_offset / 64); p = stpcpy(p, " count="); p = FormatInt32(p, ROUNDUP(loader->macho_length, 64) / 64); p = stpcpy(p, " bs=64 conv=notrunc 2>/dev/null ||exit\n"); } - p = stpcpy(p, "/bin/chmod 755 \"$t.$$\" ||exit\n" - "/bin/mv -f \"$t.$$\" \"$t\" ||exit\n"); + p = stpcpy(p, "chmod 755 \"$t.$$\" ||exit\n" + "mv -f \"$t.$$\" \"$t\" ||exit\n"); p = stpcpy(p, "exec \"$t\" \"$o\" \"$@\"\n" "fi\n"); // gotsome = true; @@ -2113,8 +2110,8 @@ int main(int argc, char *argv[]) { "echo \"$0: please run: xcode-select --install\" >&2\n" "exit 1\n" "fi\n" - "/bin/mkdir -p \"${t%/*}\" ||exit\n" - "/bin/dd if=\"$o\""); + "mkdir -p \"${t%/*}\" ||exit\n" + "dd if=\"$o\""); p = stpcpy(p, " skip="); macos_silicon_loader_source_ddarg_skip = p; p = GenerateDecimalOffsetRelocation(p); @@ -2148,8 +2145,8 @@ int main(int argc, char *argv[]) { if ((loader = GetLoader(in->elf->e_machine, ~_HOSTXNU))) { loader->used = true; p = GenerateScriptIfMachine(p, in); - p = stpcpy(p, "/bin/mkdir -p \"${t%/*}\" ||exit\n" - "/bin/dd if=\"$o\""); + p = stpcpy(p, "mkdir -p \"${t%/*}\" ||exit\n" + "dd if=\"$o\""); p = stpcpy(p, " skip="); loader->ddarg_skip2 = p; p = GenerateDecimalOffsetRelocation(p); @@ -2157,8 +2154,8 @@ int main(int argc, char *argv[]) { loader->ddarg_size2 = p; p = GenerateDecimalOffsetRelocation(p); p = stpcpy(p, " bs=1 2>/dev/null | gzip -dc >\"$t.$$\" ||exit\n" - "/bin/chmod 755 \"$t.$$\" ||exit\n" - "/bin/mv -f \"$t.$$\" \"$t\" ||exit\n"); + "chmod 755 \"$t.$$\" ||exit\n" + "mv -f \"$t.$$\" \"$t\" ||exit\n"); p = stpcpy(p, "exec \"$t\" \"$o\" \"$@\"\n" "fi\n"); }