diff options
Diffstat (limited to 'lib/libsys')
| -rw-r--r-- | lib/libsys/Makefile.sys | 22 | ||||
| -rw-r--r-- | lib/libsys/_libsys.h | 4 | ||||
| -rw-r--r-- | lib/libsys/amd64/amd64_get_fsbase.c | 7 | ||||
| -rw-r--r-- | lib/libsys/amd64/amd64_get_gsbase.c | 7 | ||||
| -rw-r--r-- | lib/libsys/amd64/amd64_set_fsbase.c | 7 | ||||
| -rw-r--r-- | lib/libsys/amd64/amd64_set_gsbase.c | 7 | ||||
| -rw-r--r-- | lib/libsys/chroot.2 | 49 | ||||
| -rw-r--r-- | lib/libsys/syscalls.map | 2 |
8 files changed, 57 insertions, 48 deletions
diff --git a/lib/libsys/Makefile.sys b/lib/libsys/Makefile.sys index 3eb4bf85153d..bd65b58083c2 100644 --- a/lib/libsys/Makefile.sys +++ b/lib/libsys/Makefile.sys @@ -52,7 +52,6 @@ STATICOBJS+= interposing_table.o PSEUDO= \ __realpathat \ clock_gettime \ - exit \ getlogin \ gettimeofday \ sched_getcpu @@ -135,15 +134,28 @@ FEATURE_NOTE='\#include <sys/elf_common.h>\nGNU_PROPERTY_AARCH64_FEATURE_1_NOTE( FEATURE_NOTE='' .endif -${SASM}: - printf '/* %sgenerated by libc/sys/Makefile.inc */\n' @ > ${.TARGET} +# Add this file as a dependency of the generated assembly along with +# the two included files compat.h and SYS.h. Depending on this Makefile +# will cause some needless regenerations, but handles both changes in +# generated assembly and movement between MIASM and PSEUDO/INTERPOSED. +# The dependency on compat.h and SYS.h should properly be on the +# <foo>.S-><foo>.o rules, but there are too many .o variants for it to +# be easy and touching the geneated source files has the same effect in +# practice. +__makefile_sys:= ${.PARSEDIR}/${.PARSEFILE} +__asm_deps= ${__makefile_sys} \ + ${LIBC_SRCTOP}/include/compat.h \ + ${LIBSYS_SRCTOP}/${LIBC_ARCH}/SYS.h + +${SASM}: ${__asm_deps} + printf '/* %sgenerated by libsys/Makefile.sys */\n' @ > ${.TARGET} printf '#include "compat.h"\n' >> ${.TARGET} printf '#include "SYS.h"\nRSYSCALL(${.PREFIX})\n' >> ${.TARGET} printf ${NOTE_GNU_STACK} >>${.TARGET} printf ${FEATURE_NOTE} >> ${.TARGET} -${SPSEUDO}: - printf '/* %sgenerated by libc/sys/Makefile.inc */\n' @ > ${.TARGET} +${SPSEUDO}: ${__asm_deps} + printf '/* %sgenerated by libsys/Makefile.sys */\n' @ > ${.TARGET} printf '#include "compat.h"\n' >> ${.TARGET} printf '#include "SYS.h"\nPSEUDO(${.PREFIX:S/_//})\n' \ >> ${.TARGET} diff --git a/lib/libsys/_libsys.h b/lib/libsys/_libsys.h index 7a1685cca2d1..2f89e8fea92b 100644 --- a/lib/libsys/_libsys.h +++ b/lib/libsys/_libsys.h @@ -65,7 +65,7 @@ struct uuid; union semun; __BEGIN_DECLS -typedef void (__sys_exit_t)(int); +typedef void (__sys__exit_t)(int); typedef int (__sys_fork_t)(void); typedef ssize_t (__sys_read_t)(int, void *, size_t); typedef ssize_t (__sys_write_t)(int, const void *, size_t); @@ -469,7 +469,7 @@ typedef int (__sys_exterrctl_t)(u_int, u_int, void *); typedef int (__sys_inotify_add_watch_at_t)(int, int, const char *, uint32_t); typedef int (__sys_inotify_rm_watch_t)(int, int); -void __sys_exit(int rval); +_Noreturn void __sys__exit(int rval); int __sys_fork(void); ssize_t __sys_read(int fd, void * buf, size_t nbyte); ssize_t __sys_write(int fd, const void * buf, size_t nbyte); diff --git a/lib/libsys/amd64/amd64_get_fsbase.c b/lib/libsys/amd64/amd64_get_fsbase.c index 00f16a5e404f..b5e87f8a3ce5 100644 --- a/lib/libsys/amd64/amd64_get_fsbase.c +++ b/lib/libsys/amd64/amd64_get_fsbase.c @@ -30,7 +30,6 @@ * SUCH DAMAGE. */ -#define _WANT_P_OSREL #include <sys/param.h> #include <machine/cpufunc.h> #include <machine/specialreg.h> @@ -41,7 +40,6 @@ static int amd64_get_fsbase_cpu(void **addr) { - *addr = (void *)rdfsbase(); return (0); } @@ -49,15 +47,12 @@ amd64_get_fsbase_cpu(void **addr) static int amd64_get_fsbase_syscall(void **addr) { - return (sysarch(AMD64_GET_FSBASE, addr)); } DEFINE_UIFUNC(, int, amd64_get_fsbase, (void **)) { - - if (__getosreldate() >= P_OSREL_WRFSBASE && - (cpu_stdext_feature & CPUID_STDEXT_FSGSBASE) != 0) + if ((cpu_stdext_feature & CPUID_STDEXT_FSGSBASE) != 0) return (amd64_get_fsbase_cpu); return (amd64_get_fsbase_syscall); } diff --git a/lib/libsys/amd64/amd64_get_gsbase.c b/lib/libsys/amd64/amd64_get_gsbase.c index ef135b1eed7f..51be412ddd7a 100644 --- a/lib/libsys/amd64/amd64_get_gsbase.c +++ b/lib/libsys/amd64/amd64_get_gsbase.c @@ -30,7 +30,6 @@ * SUCH DAMAGE. */ -#define _WANT_P_OSREL #include <sys/param.h> #include <machine/cpufunc.h> #include <machine/specialreg.h> @@ -41,7 +40,6 @@ static int amd64_get_gsbase_cpu(void **addr) { - *addr = (void *)rdgsbase(); return (0); } @@ -49,15 +47,12 @@ amd64_get_gsbase_cpu(void **addr) static int amd64_get_gsbase_syscall(void **addr) { - return (sysarch(AMD64_GET_GSBASE, addr)); } DEFINE_UIFUNC(, int, amd64_get_gsbase, (void **)) { - - if (__getosreldate() >= P_OSREL_WRFSBASE && - (cpu_stdext_feature & CPUID_STDEXT_FSGSBASE) != 0) + if ((cpu_stdext_feature & CPUID_STDEXT_FSGSBASE) != 0) return (amd64_get_gsbase_cpu); return (amd64_get_gsbase_syscall); } diff --git a/lib/libsys/amd64/amd64_set_fsbase.c b/lib/libsys/amd64/amd64_set_fsbase.c index f1690fde6e17..5265bd712f17 100644 --- a/lib/libsys/amd64/amd64_set_fsbase.c +++ b/lib/libsys/amd64/amd64_set_fsbase.c @@ -30,7 +30,6 @@ * SUCH DAMAGE. */ -#define _WANT_P_OSREL #include <sys/param.h> #include <machine/cpufunc.h> #include <machine/specialreg.h> @@ -41,7 +40,6 @@ static int amd64_set_fsbase_cpu(void *addr) { - wrfsbase((uintptr_t)addr); return (0); } @@ -49,15 +47,12 @@ amd64_set_fsbase_cpu(void *addr) static int amd64_set_fsbase_syscall(void *addr) { - return (sysarch(AMD64_SET_FSBASE, &addr)); } DEFINE_UIFUNC(, int, amd64_set_fsbase, (void *)) { - - if (__getosreldate() >= P_OSREL_WRFSBASE && - (cpu_stdext_feature & CPUID_STDEXT_FSGSBASE) != 0) + if ((cpu_stdext_feature & CPUID_STDEXT_FSGSBASE) != 0) return (amd64_set_fsbase_cpu); return (amd64_set_fsbase_syscall); } diff --git a/lib/libsys/amd64/amd64_set_gsbase.c b/lib/libsys/amd64/amd64_set_gsbase.c index 756bbae18844..94f5736ed1ab 100644 --- a/lib/libsys/amd64/amd64_set_gsbase.c +++ b/lib/libsys/amd64/amd64_set_gsbase.c @@ -30,7 +30,6 @@ * SUCH DAMAGE. */ -#define _WANT_P_OSREL #include <sys/param.h> #include <machine/cpufunc.h> #include <machine/specialreg.h> @@ -41,7 +40,6 @@ static int amd64_set_gsbase_cpu(void *addr) { - wrgsbase((uintptr_t)addr); return (0); } @@ -49,15 +47,12 @@ amd64_set_gsbase_cpu(void *addr) static int amd64_set_gsbase_syscall(void *addr) { - return (sysarch(AMD64_SET_GSBASE, &addr)); } DEFINE_UIFUNC(, int, amd64_set_gsbase, (void *)) { - - if (__getosreldate() >= P_OSREL_WRFSBASE && - (cpu_stdext_feature & CPUID_STDEXT_FSGSBASE) != 0) + if ((cpu_stdext_feature & CPUID_STDEXT_FSGSBASE) != 0) return (amd64_set_gsbase_cpu); return (amd64_set_gsbase_syscall); } diff --git a/lib/libsys/chroot.2 b/lib/libsys/chroot.2 index 4c06e3673e03..3347df5cceee 100644 --- a/lib/libsys/chroot.2 +++ b/lib/libsys/chroot.2 @@ -25,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd July 15, 2024 +.Dd August 2, 2025 .Dt CHROOT 2 .Os .Sh NAME @@ -61,7 +61,12 @@ It should be noted that .Fn chroot has no effect on the process's current directory. .Pp -This call is restricted to the super-user. +This call is restricted to the super-user, unless the +.Ql security.bsd.unprivileged_chroot +sysctl variable is set to 1 +and the process has enabled the +.Dv PROC_NO_NEW_PRIVS_CTL +.Xr procctl 2 . .Pp Depending on the setting of the .Ql kern.chroot_allow_open_directories @@ -106,14 +111,37 @@ except it takes a file descriptor instead of path. .Sh ERRORS The .Fn chroot +and +.Fn fchroot +system calls +will fail and the root directory will be unchanged if: +.Bl -tag -width Er +.It Bq Er EPERM +The effective user ID is not the super-user and the +.Ql security.bsd.unprivileged_chroot +sysctl is 0. +.It Bq Er EPERM +The effective user ID is not the super-user and the +process has not enabled the +.Dv PROC_NO_NEW_PRIVS_CTL +.Xr procctl 2 . +.It Bq Er EPERM +One or more filedescriptors are open directories and the +.Ql kern.chroot_allow_open_directories +sysctl is not set to permit this. +.It Bq Er EIO +An I/O error occurred while reading from or writing to the file system. +.It Bq Er EINTEGRITY +Corrupted data was detected while reading from the file system. +.El +.Pp +The +.Fn chroot system call will fail and the root directory will be unchanged if: .Bl -tag -width Er .It Bq Er ENOTDIR A component of the path name is not a directory. -.It Bq Er EPERM -The effective user ID is not the super-user, or one or more -filedescriptors are open directories. .It Bq Er ENAMETOOLONG A component of a pathname exceeded 255 characters, or an entire path name exceeded 1023 characters. @@ -128,10 +156,6 @@ The .Fa dirname argument points outside the process's allocated address space. -.It Bq Er EIO -An I/O error occurred while reading from or writing to the file system. -.It Bq Er EINTEGRITY -Corrupted data was detected while reading from the file system. .El .Pp The @@ -146,15 +170,8 @@ file descriptor. The argument .Fa fd is not a valid file descriptor. -.It Bq Er EIO -An I/O error occurred while reading from or writing to the file system. -.It Bq Er EINTEGRITY -Corrupted data was detected while reading from the file system. .It Bq Er ENOTDIR The file descriptor does not reference a directory. -.It Bq Er EPERM -The effective user ID is not the super-user, or one or more -filedescriptors are open directories. .El .Sh SEE ALSO .Xr chdir 2 , diff --git a/lib/libsys/syscalls.map b/lib/libsys/syscalls.map index 69fce2ea7c63..dbb011343c8f 100644 --- a/lib/libsys/syscalls.map +++ b/lib/libsys/syscalls.map @@ -7,7 +7,7 @@ FBSDprivate_1.0 { _syscall; __sys_syscall; - __sys_exit; + __sys__exit; _fork; __sys_fork; _read; |