| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 May 2019 13:24:20 +0200
From: Roberto Sassu <roberto.sassu@...wei.com>
To: <viro@...iv.linux.org.uk>
CC: <linux-security-module@...r.kernel.org>,
<linux-integrity@...r.kernel.org>, <initramfs@...r.kernel.org>,
<linux-api@...r.kernel.org>, <linux-fsdevel@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, <zohar@...ux.vnet.ibm.com>,
<silviu.vlasceanu@...wei.com>, <dmitry.kasatkin@...wei.com>,
<takondra@...co.com>, <kamensky@...co.com>, <hpa@...or.com>,
<arnd@...db.de>, <rob@...dley.net>, <james.w.mcmechan@...il.com>,
Roberto Sassu <roberto.sassu@...wei.com>
Subject: [PATCH v2 3/3] initramfs: introduce do_readxattrs()
This patch adds support for an alternative method to add xattrs to files in
the rootfs filesystem. Instead of extracting them directly from the ram
disk image, they are extracted from a regular file called .xattr-list, that
can be added by any ram disk generator available today.
.xattr-list can be generated by executing:
$ getfattr --absolute-names -d -P -R -e hex -m - \
<file list> | xattr.awk -b > ${initdir}/.xattr-list
where the content of the xattr.awk script is:
#! /usr/bin/awk -f
{
if (!length($0)) {
printf("%.10x%s\0", len, file);
for (x in xattr) {
printf("%.8x%s\0", xattr_len[x], x);
for (i = 0; i < length(xattr[x]) / 2; i++) {
printf("%c", strtonum("0x"substr(xattr[x], i * 2 + 1, 2)));
}
}
i = 0;
delete xattr;
delete xattr_len;
next;
};
if (i == 0) {
file=$3;
len=length(file) + 8 + 1;
}
if (i > 0) {
split($0, a, "=");
xattr[a[1]]=substr(a[2], 3);
xattr_len[a[1]]=length(a[1]) + 1 + 8 + length(xattr[a[1]]) / 2;
len+=xattr_len[a[1]];
};
i++;
}
Signed-off-by: Roberto Sassu <roberto.sassu@...wei.com>
---
init/initramfs.c | 89 ++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 89 insertions(+)
diff --git a/init/initramfs.c b/init/initramfs.c
index 98c2aa4b5ab4..91f35a84c592 100644
--- a/init/initramfs.c
+++ b/init/initramfs.c
@@ -11,6 +11,9 @@
#include <linux/utime.h>
#include <linux/file.h>
+#define XATTR_LIST_FILENAME ".xattr-list"
+
+
static ssize_t __init xwrite(int fd, const char *p, size_t count)
{
ssize_t out = 0;
@@ -451,6 +454,91 @@ static int __init do_setxattrs(void)
return 0;
}
+struct path_hdr {
+ char p_size[10]; /* total size including p_size field */
+ char p_data[]; /* <path>\0<xattrs> */
+};
+
+static int __init do_readxattrs(void)
+{
+ struct path_hdr hdr;
+ char str[sizeof(hdr.p_size) + 1];
+ unsigned long file_entry_size;
+ size_t size, name_buf_size, total_size;
+ struct kstat st;
+ int ret, fd;
+
+ ret = vfs_lstat(XATTR_LIST_FILENAME, &st);
+ if (ret < 0)
+ return ret;
+
+ total_size = st.size;
+
+ fd = ksys_open(XATTR_LIST_FILENAME, O_RDONLY, 0);
+ if (fd < 0)
+ return fd;
+
+ while (total_size) {
+ size = ksys_read(fd, (char *)&hdr, sizeof(hdr));
+ if (size != sizeof(hdr)) {
+ ret = -EIO;
+ goto out;
+ }
+
+ total_size -= size;
+
+ memcpy(str, hdr.p_size, sizeof(hdr.p_size));
+ ret = kstrtoul(str, 16, &file_entry_size);
+ if (ret < 0)
+ goto out;
+
+ file_entry_size -= sizeof(sizeof(hdr.p_size));
+ if (file_entry_size > total_size) {
+ ret = -EINVAL;
+ goto out;
+ }
+
+ name_buf = vmalloc(file_entry_size);
+ if (!name_buf) {
+ ret = -ENOMEM;
+ goto out;
+ }
+
+ size = ksys_read(fd, name_buf, file_entry_size);
+ if (size != file_entry_size) {
+ ret = -EIO;
+ goto out_free;
+ }
+
+ total_size -= size;
+
+ name_buf_size = strnlen(name_buf, file_entry_size);
+ if (name_buf_size == file_entry_size) {
+ ret = -EINVAL;
+ goto out_free;
+ }
+
+ xattr_buf = name_buf + name_buf_size + 1;
+ xattr_len = file_entry_size - name_buf_size - 1;
+
+ ret = do_setxattrs();
+ vfree(name_buf);
+ name_buf = NULL;
+
+ if (ret < 0)
+ break;
+ }
+out_free:
+ vfree(name_buf);
+out:
+ ksys_close(fd);
+
+ if (ret < 0)
+ error("Unable to parse xattrs");
+
+ return ret;
+}
+
static __initdata int (*actions[])(void) = {
[Start] = do_start,
[Collect] = do_collect,
@@ -554,6 +642,7 @@ static char * __init unpack_to_rootfs(char *buf, unsigned long len)
buf += my_inptr;
len -= my_inptr;
}
+ do_readxattrs();
dir_utime();
kfree(name_buf);
kfree(symlink_buf);
--
2.17.1
Powered by blists - more mailing lists