syscall_wrappers: add PROTECT_LOOKUP, PROTECT_OPEN, PROTECT_LOOKUP_WI…

…TH_SYMLINKS, PROTECT_OPEN_WITH_TRAILING_SYMLINKS Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
lxc · Feb 1, 2021 · cce677d · cce677d
1 parent 7166ab7
commit cce677d
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 10 deletions.
diff --git a/src/lxc/file_utils.c b/src/lxc/file_utils.c
@@ -621,8 +621,8 @@ bool exists_file_at(int dir_fd, const char *path)
 	return fstatat(dir_fd, path, &sb, 0) == 0;
 }
 
-int open_at(int dfd, const char *path, mode_t mode, unsigned int o_flags,
-	    unsigned int resolve_flags)
+int open_at(int dfd, const char *path, unsigned int o_flags,
+	    unsigned int resolve_flags, mode_t mode)
 {
 	__do_close int fd = -EBADF;
 	struct lxc_open_how how = {
@@ -638,7 +638,7 @@ int open_at(int dfd, const char *path, mode_t mode, unsigned int o_flags,
 	if (errno != ENOSYS)
 		return -errno;
 
-	return openat(dfd, path, O_NOFOLLOW | o_flags);
+	return openat(dfd, path, O_NOFOLLOW | o_flags, mode);
 }
 
 int fd_make_nonblocking(int fd)

diff --git a/src/lxc/file_utils.h b/src/lxc/file_utils.h
@@ -82,15 +82,11 @@ __hidden extern FILE *fopen_cached(const char *path, const char *mode, void **ca
 __hidden extern int timens_offset_write(clockid_t clk_id, int64_t s_offset, int64_t ns_offset);
 __hidden extern bool exists_dir_at(int dir_fd, const char *path);
 __hidden extern bool exists_file_at(int dir_fd, const char *path);
-__hidden extern int open_at(int dfd, const char *path, mode_t mode,
-                            unsigned int o_flags, unsigned int resolve_flags);
+__hidden extern int open_at(int dfd, const char *path, unsigned int o_flags,
+			    unsigned int resolve_flags, mode_t mode);
 static inline int open_beneath(int dfd, const char *path, unsigned int flags)
 {
-	return open_at(dfd, path, 0, flags,
-		       RESOLVE_NO_XDEV |
-		       RESOLVE_NO_SYMLINKS |
-		       RESOLVE_NO_MAGICLINKS |
-		       RESOLVE_BENEATH);
+	return open_at(dfd, path, flags, PROTECT_LOOKUP_BENEATH, 0);
 }
 __hidden int fd_make_nonblocking(int fd);
 __hidden extern char *read_file_at(int dfd, const char *fnam);

diff --git a/src/lxc/syscall_wrappers.h b/src/lxc/syscall_wrappers.h
@@ -254,6 +254,20 @@ struct lxc_open_how {
 					(similar to chroot(2)). */
 #endif
 
+#define PROTECT_LOOKUP_BENEATH  (RESOLVE_BENEATH | RESOLVE_NO_XDEV | RESOLVE_NO_MAGICLINKS | RESOLVE_NO_SYMLINKS)
+#define PROTECT_LOOKUP_BENEATH_WITH_SYMLINKS (PROTECT_LOOKUP_BENEATH & ~RESOLVE_NO_SYMLINKS)
+#define PROTECT_LOOKUP_BENEATH_WITH_MAGICLINKS (PROTECT_LOOKUP_BENEATH & ~(RESOLVE_NO_SYMLINKS | RESOLVE_NO_MAGICLINKS))
+
+#define PROTECT_LOOKUP_ABSOLUTE (PROTECT_LOOKUP_BENEATH & ~RESOLVE_BENEATH)
+#define PROTECT_LOOKUP_ABSOLUTE_WITH_SYMLINKS (PROTECT_LOOKUP_ABSOLUTE & ~RESOLVE_NO_SYMLINKS)
+#define PROTECT_LOOKUP_ABSOLUTE_WITH_MAGICLINKS (PROTECT_LOOKUP_ABSOLUTE & ~(RESOLVE_NO_SYMLINKS | RESOLVE_NO_MAGICLINKS))
+
+#define PROTECT_OPATH_FILE (O_NOFOLLOW | O_PATH | O_CLOEXEC)
+#define PROTECT_OPATH_DIRECTORY (PROTECT_OPATH_FILE | O_DIRECTORY)
+
+#define PROTECT_OPEN_WITH_TRAILING_SYMLINKS (O_CLOEXEC | O_NOCTTY | O_RDONLY)
+#define PROTECT_OPEN (PROTECT_OPEN_WITH_TRAILING_SYMLINKS | O_NOFOLLOW)
+
 #ifndef HAVE_OPENAT2
 static inline int openat2(int dfd, const char *filename, struct lxc_open_how *how, size_t size)
 {