commit: 6da4f276513fceffdf97fa3e9414261b63d33f34
Author: Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Mon Feb 10 20:52:08 2025 +0000
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Sat Feb 15 01:42:58 2025 +0000
URL: https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=6da4f276
Drop open prechecks
These are no longer needed since we abort check_syscall when
sb_realpathat fails to resolve a path.
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>
libsandbox/local.mk | 2 --
libsandbox/pre_check_openat.c | 30 ----------------------------
libsandbox/pre_check_openat64.c | 15 --------------
libsandbox/trace.c | 14 ++-----------
libsandbox/wrapper-funcs/__open64_2.c | 2 --
libsandbox/wrapper-funcs/__openat64_2.c | 2 --
libsandbox/wrapper-funcs/__openat_2.c | 2 --
libsandbox/wrapper-funcs/fopen.c | 1 -
libsandbox/wrapper-funcs/fopen64.c | 2 --
libsandbox/wrapper-funcs/fopen64_pre_check.c | 10 ----------
libsandbox/wrapper-funcs/fopen_pre_check.c | 24 ----------------------
libsandbox/wrapper-funcs/open64.c | 2 --
libsandbox/wrapper-funcs/openat.c | 2 --
libsandbox/wrapper-funcs/openat64.c | 2 --
libsandbox/wrapper-funcs/opendir.c | 1 -
libsandbox/wrapper-funcs/opendir_pre_check.c | 26 ------------------------
libsandbox/wrappers.h | 2 --
17 files changed, 2 insertions(+), 137 deletions(-)
diff --git a/libsandbox/local.mk b/libsandbox/local.mk
index bdcabb6..2168ac1 100644
--- a/libsandbox/local.mk
+++ b/libsandbox/local.mk
@@ -22,8 +22,6 @@ lib_LTLIBRARIES += %D%/libsandbox.la
%D%/lock.c \
%D%/memory.c \
%D%/pre_check_mkdirat.c \
- %D%/pre_check_openat64.c \
- %D%/pre_check_openat.c \
%D%/pre_check_unlinkat.c \
%D%/realpath.c \
%D%/trace.c \
diff --git a/libsandbox/pre_check_openat.c b/libsandbox/pre_check_openat.c
deleted file mode 100644
index 99c03eb..0000000
--- a/libsandbox/pre_check_openat.c
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * open*() pre-check.
- *
- * Copyright 1999-2012 Gentoo Foundation
- * Licensed under the GPL-2
- */
-
-#include "headers.h"
-#include "sbutil.h"
-#include "libsandbox.h"
-#include "wrappers.h"
-
-bool sb_openat_pre_check(const char *func, const char *pathname, int dirfd,
int flags)
-{
- /* If we're not trying to create, fail normally if file does not stat */
- if (flags & O_CREAT)
- return true;
-
- save_errno();
-
- /* Doesn't exist -> skip permission checks */
- if (sb_exists(dirfd, pathname, (flags & O_NOFOLLOW) ?
AT_SYMLINK_NOFOLLOW : 0) == -1) {
- sb_debug_dyn("EARLY FAIL: %s(%s): %s\n", func, pathname,
strerror(errno));
- return false;
- }
-
- restore_errno();
-
- return true;
-}
diff --git a/libsandbox/pre_check_openat64.c b/libsandbox/pre_check_openat64.c
deleted file mode 100644
index d4dbe97..0000000
--- a/libsandbox/pre_check_openat64.c
+++ /dev/null
@@ -1,15 +0,0 @@
-/*
- * open*64*() pre-check.
- *
- * Copyright 1999-2009 Gentoo Foundation
- * Licensed under the GPL-2
- */
-
-#include "headers.h"
-#include "sbutil.h"
-#include "libsandbox.h"
-#include "wrappers.h"
-
-#define sb_openat_pre_check sb_openat64_pre_check
-#include "pre_check_openat.c"
-#undef sb_openat_pre_check
diff --git a/libsandbox/trace.c b/libsandbox/trace.c
index f839ffe..40d83cd 100644
--- a/libsandbox/trace.c
+++ b/libsandbox/trace.c
@@ -42,10 +42,6 @@ pid_t trace_pid;
# error "unable to find struct for tracing regs"
#endif
-#ifdef HAVE_OPEN64
-# define sb_openat_pre_check sb_openat64_pre_check
-#endif
-
static void trace_exit(int status)
{
/* if we were vfork-ed, clear trace_pid and exit */
@@ -382,10 +378,7 @@ static bool trace_check_syscall(const struct syscall_entry
*se, void *regs)
char *path = do_peekstr(trace_arg(regs, 1));
int flags = trace_arg(regs, 2);
__sb_debug("(\"%s\", %x)", path, flags);
- if (sb_openat_pre_check(name, path, AT_FDCWD, flags))
- ret = _SB_SAFE_OPEN_INT(nr, name, path, flags);
- else
- ret = 1;
+ ret = _SB_SAFE_OPEN_INT(nr, name, path, flags);
free(path);
return ret;
@@ -394,10 +387,7 @@ static bool trace_check_syscall(const struct syscall_entry
*se, void *regs)
char *path = do_peekstr(trace_arg(regs, 2));
int flags = trace_arg(regs, 3);
__sb_debug("(%i, \"%s\", %x)", dirfd, path, flags);
- if (sb_openat_pre_check(name, path, dirfd, flags))
- ret = _SB_SAFE_OPEN_INT_AT(nr, name, dirfd, path,
flags);
- else
- ret = 1;
+ ret = _SB_SAFE_OPEN_INT_AT(nr, name, dirfd, path, flags);
free(path);
return ret;
diff --git a/libsandbox/wrapper-funcs/__open64_2.c
b/libsandbox/wrapper-funcs/__open64_2.c
index 52daff1..473a77f 100644
--- a/libsandbox/wrapper-funcs/__open64_2.c
+++ b/libsandbox/wrapper-funcs/__open64_2.c
@@ -5,6 +5,4 @@
* Licensed under the GPL-2
*/
-#define sb_openat_pre_check sb_openat64_pre_check
#include "__open_2.c"
-#undef sb_openat_pre_check
diff --git a/libsandbox/wrapper-funcs/__openat64_2.c
b/libsandbox/wrapper-funcs/__openat64_2.c
index ccc4fdd..dc12916 100644
--- a/libsandbox/wrapper-funcs/__openat64_2.c
+++ b/libsandbox/wrapper-funcs/__openat64_2.c
@@ -5,6 +5,4 @@
* Licensed under the GPL-2
*/
-#define sb_openat_pre_check sb_openat64_pre_check
#include "__openat_2.c"
-#undef sb_openat_pre_check
diff --git a/libsandbox/wrapper-funcs/__openat_2.c
b/libsandbox/wrapper-funcs/__openat_2.c
index f2e85ea..30ce2d4 100644
--- a/libsandbox/wrapper-funcs/__openat_2.c
+++ b/libsandbox/wrapper-funcs/__openat_2.c
@@ -13,8 +13,6 @@
# define dirfd AT_FDCWD
#endif
-#define WRAPPER_PRE_CHECKS() sb_openat_pre_check(STRING_NAME, pathname, dirfd,
flags)
-
#include "__wrapper_simple.c"
#undef dirfd
diff --git a/libsandbox/wrapper-funcs/fopen.c b/libsandbox/wrapper-funcs/fopen.c
index 5d36ffa..421d6a9 100644
--- a/libsandbox/wrapper-funcs/fopen.c
+++ b/libsandbox/wrapper-funcs/fopen.c
@@ -10,6 +10,5 @@
#define WRAPPER_SAFE() SB_SAFE_OPEN_CHAR(pathname, mode)
#define WRAPPER_RET_TYPE FILE *
#define WRAPPER_RET_DEFAULT NULL
-#define WRAPPER_PRE_CHECKS() sb_fopen_pre_check(STRING_NAME, pathname, mode)
#include "__wrapper_simple.c"
diff --git a/libsandbox/wrapper-funcs/fopen64.c
b/libsandbox/wrapper-funcs/fopen64.c
index c9b42ef..e6e26b3 100644
--- a/libsandbox/wrapper-funcs/fopen64.c
+++ b/libsandbox/wrapper-funcs/fopen64.c
@@ -5,6 +5,4 @@
* Licensed under the GPL-2
*/
-#define sb_fopen_pre_check sb_fopen64_pre_check
#include "fopen.c"
-#undef sb_fopen_pre_check
diff --git a/libsandbox/wrapper-funcs/fopen64_pre_check.c
b/libsandbox/wrapper-funcs/fopen64_pre_check.c
deleted file mode 100644
index 4dbd171..0000000
--- a/libsandbox/wrapper-funcs/fopen64_pre_check.c
+++ /dev/null
@@ -1,10 +0,0 @@
-/*
- * fopen64() pre-check.
- *
- * Copyright 1999-2009 Gentoo Foundation
- * Licensed under the GPL-2
- */
-
-#define sb_fopen_pre_check sb_fopen64_pre_check
-#include "fopen_pre_check.c"
-#undef sb_fopen_pre_check
diff --git a/libsandbox/wrapper-funcs/fopen_pre_check.c
b/libsandbox/wrapper-funcs/fopen_pre_check.c
deleted file mode 100644
index e3ed2c6..0000000
--- a/libsandbox/wrapper-funcs/fopen_pre_check.c
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * fopen() pre-check.
- *
- * Copyright 1999-2009 Gentoo Foundation
- * Licensed under the GPL-2
- */
-
-bool sb_fopen_pre_check(const char *func, const char *pathname, const char
*mode)
-{
- if ((NULL != mode) && (mode[0] == 'r')) {
- save_errno();
-
- /* If we're trying to read, fail normally if file does not stat
*/
- if (sb_exists(AT_FDCWD, pathname, 0) == -1) {
- sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
- func, pathname, strerror(errno));
- return false;
- }
-
- restore_errno();
- }
-
- return true;
-}
diff --git a/libsandbox/wrapper-funcs/open64.c
b/libsandbox/wrapper-funcs/open64.c
index 8b03ea8..d08d90a 100644
--- a/libsandbox/wrapper-funcs/open64.c
+++ b/libsandbox/wrapper-funcs/open64.c
@@ -5,6 +5,4 @@
* Licensed under the GPL-2
*/
-#define sb_openat_pre_check sb_openat64_pre_check
#include "open.c"
-#undef sb_openat_pre_check
diff --git a/libsandbox/wrapper-funcs/openat.c
b/libsandbox/wrapper-funcs/openat.c
index d09e63d..80d0f61 100644
--- a/libsandbox/wrapper-funcs/openat.c
+++ b/libsandbox/wrapper-funcs/openat.c
@@ -16,8 +16,6 @@
# define dirfd AT_FDCWD
#endif
-#define WRAPPER_PRE_CHECKS() sb_openat_pre_check(STRING_NAME, pathname, dirfd,
flags)
-
#define WRAPPER_SAFE_POST_EXPAND \
int mode = 0; \
if (flags & (O_CREAT | O_TMPFILE)) { \
diff --git a/libsandbox/wrapper-funcs/openat64.c
b/libsandbox/wrapper-funcs/openat64.c
index 66c2089..753e110 100644
--- a/libsandbox/wrapper-funcs/openat64.c
+++ b/libsandbox/wrapper-funcs/openat64.c
@@ -5,6 +5,4 @@
* Licensed under the GPL-2
*/
-#define sb_openat_pre_check sb_openat64_pre_check
#include "openat.c"
-#undef sb_openat_pre_check
diff --git a/libsandbox/wrapper-funcs/opendir.c
b/libsandbox/wrapper-funcs/opendir.c
index 70c2692..5b09bc3 100644
--- a/libsandbox/wrapper-funcs/opendir.c
+++ b/libsandbox/wrapper-funcs/opendir.c
@@ -10,6 +10,5 @@
#define WRAPPER_SAFE() SB_SAFE(name)
#define WRAPPER_RET_TYPE DIR *
#define WRAPPER_RET_DEFAULT NULL
-#define WRAPPER_PRE_CHECKS() sb_opendir_pre_check(STRING_NAME, name)
#include "__wrapper_simple.c"
diff --git a/libsandbox/wrapper-funcs/opendir_pre_check.c
b/libsandbox/wrapper-funcs/opendir_pre_check.c
deleted file mode 100644
index 60c869f..0000000
--- a/libsandbox/wrapper-funcs/opendir_pre_check.c
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
- * opendir() pre-check.
- *
- * Copyright 1999-2016 Gentoo Foundation
- * Licensed under the GPL-2
- */
-
-bool sb_opendir_pre_check(const char *func, const char *name)
-{
- /* If length of name is larger than PATH_MAX, we would mess it up
- * before it reaches the open syscall, which would cleanly error out
- * via sandbox as well (actually with much smaller lengths than even
- * PATH_MAX).
- * So error out early in this case, in order to avoid an abort in
- * check_syscall later on, which gets ran for opendir, despite it not
- * being a syscall.
- */
- if (strnlen(name, PATH_MAX) == PATH_MAX) {
- errno = ENAMETOOLONG;
- sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
- func, name, strerror(errno));
- return false;
- }
-
- return true;
-}
diff --git a/libsandbox/wrappers.h b/libsandbox/wrappers.h
index ed7865e..ebda826 100644
--- a/libsandbox/wrappers.h
+++ b/libsandbox/wrappers.h
@@ -37,8 +37,6 @@ attribute_hidden FILE *sb_unwrapped_popen (const char *,
const char *);
attribute_hidden bool sb_fopen_pre_check (const char *func, const char
*pathname, const char *mode);
attribute_hidden bool sb_fopen64_pre_check (const char *func, const char
*pathname, const char *mode);
attribute_hidden bool sb_mkdirat_pre_check (const char *func, const char
*pathname, int dirfd);
-attribute_hidden bool sb_openat_pre_check (const char *func, const char
*pathname, int dirfd, int flags);
-attribute_hidden bool sb_openat64_pre_check (const char *func, const char
*pathname, int dirfd, int flags);
attribute_hidden bool sb_opendir_pre_check (const char *func, const char
*name);
attribute_hidden bool sb_unlinkat_pre_check (const char *func, const char
*pathname, int dirfd);
attribute_hidden bool sb_common_at_pre_check(const char *func, const char
**pathname, int dirfd,
