diff options
Diffstat (limited to 'src/env')
| -rw-r--r-- | src/env/__environ.c | 7 | ||||
| -rw-r--r-- | src/env/__init_security.c | 26 | ||||
| -rw-r--r-- | src/env/__libc_start_main.c | 18 |
3 files changed, 38 insertions, 13 deletions
diff --git a/src/env/__environ.c b/src/env/__environ.c index d7bd5e50..0a2786fd 100644 --- a/src/env/__environ.c +++ b/src/env/__environ.c @@ -1,7 +1,6 @@ #include "libc.h" #undef environ -char **___environ = 0; -weak_alias(___environ, __environ); -weak_alias(___environ, _environ); -weak_alias(___environ, environ); +char **__environ = 0; +weak_alias(__environ, _environ); +weak_alias(__environ, environ); diff --git a/src/env/__init_security.c b/src/env/__init_security.c new file mode 100644 index 00000000..5fd12ecb --- /dev/null +++ b/src/env/__init_security.c @@ -0,0 +1,26 @@ +#include <stddef.h> +#include <elf.h> +#include <poll.h> +#include <fcntl.h> +#include "syscall.h" +#include "libc.h" +#include "atomic.h" + +#define AUX_CNT 24 + +void __init_security(size_t *auxv) +{ + size_t i, aux[AUX_CNT] = { 0 }; + struct pollfd pfd[3] = { {.fd=0}, {.fd=1}, {.fd=2} }; + + for (; auxv[0]; auxv+=2) if (auxv[0]<AUX_CNT) aux[auxv[0]] = auxv[1]; + if (aux[AT_UID]==aux[AT_EUID] && aux[AT_GID]==aux[AT_EGID] + && !aux[AT_SECURE]) return; + + __syscall(SYS_poll, pfd, 3, 0); + for (i=0; i<3; i++) + if (pfd[i].revents&POLLNVAL) + if (__syscall(SYS_open, "/dev/null", O_RDWR)<0) + a_crash(); + libc.secure = 1; +} diff --git a/src/env/__libc_start_main.c b/src/env/__libc_start_main.c index 70af77b5..f31222b2 100644 --- a/src/env/__libc_start_main.c +++ b/src/env/__libc_start_main.c @@ -1,21 +1,21 @@ #include "libc.h" -/* Any use of __environ/environ will override this symbol. */ -char **__dummy_environ = (void *)-1; -weak_alias(__dummy_environ, ___environ); +void __init_security(size_t *); int __libc_start_main( int (*main)(int, char **, char **), int argc, char **argv, int (*init)(int, char **, char **), void (*fini)(void), void (*ldso_fini)(void)) { - /* Save the environment if it may be used by libc/application */ - char **envp = argv+argc+1; - if (___environ != (void *)-1) ___environ = envp; + char **envp = argv+argc+1, **auxv = envp; - /* Avoid writing 0 and triggering unnecessary COW */ - if (ldso_fini) libc.ldso_fini = ldso_fini; - if (fini) libc.fini = fini; + __environ = envp; + do auxv++; while (*auxv); + libc.auxv = (void *)++auxv; + libc.ldso_fini = ldso_fini; + libc.fini = fini; + + __init_security((void *)auxv); /* Execute constructors (static) linked into the application */ if (init) init(argc, argv, envp); |