Implement capget,capset

haxxpop · haxxpop · commit ec4d84338ab1 · 2023-10-06T02:29:40.000+07:00
In capget, we will always return the empty capability bitfield because
we don't allow any capability in the plugin.

In capset, we will allow to set with the empty capability bitfield.
diff --git a/src/Cargo.lock b/src/Cargo.lock
diff --git a/src/lib/pod/Cargo.toml b/src/lib/pod/Cargo.toml
@@ -7,3 +7,4 @@ edition = "2021"
 
 [dependencies]
 libc = { version = "0.2.148", default-features = false }
+linux-raw-sys = "0.5.2"
diff --git a/src/lib/pod/src/lib.rs b/src/lib/pod/src/lib.rs
@@ -325,3 +325,7 @@ unsafe impl Pod for libc::utmpx {}
 unsafe impl Pod for libc::utsname {}
 unsafe impl Pod for libc::winsize {}
 unsafe impl Pod for libc::clone_args {}
+
+// linux-raw-sys types
+unsafe impl Pod for linux_raw_sys::general::__user_cap_header_struct {}
+unsafe impl Pod for linux_raw_sys::general::__user_cap_data_struct {}
diff --git a/src/main/Cargo.toml b/src/main/Cargo.toml
@@ -23,6 +23,7 @@ crossbeam = "0.8.2"
 gml-parser = { path = "../lib/gml-parser" }
 libc = "0.2"
 linux-api = { path = "../lib/linux-api", features = ["std"] }
+linux-raw-sys = "0.5.2"
 # don't log debug or trace levels in release mode
 log = { version = "0.4", features = ["release_max_level_debug"] }
 log-c2rust = { path = "../lib/log-c2rust" }
diff --git a/src/main/host/syscall/handler/clone.rs b/src/main/host/syscall/handler/clone.rs
@@ -11,7 +11,7 @@ use syscall_logger::log_syscall;
 
 use crate::host::descriptor::descriptor_table::DescriptorTable;
 use crate::host::process::ProcessId;
-use crate::host::syscall_types::SyscallError;
+use crate::host::syscall_types::{SyscallError, SyscallResult};
 use crate::host::thread::Thread;
 
 use super::{SyscallContext, SyscallHandler};
@@ -271,12 +271,12 @@ impl SyscallHandler {
     // Note that the syscall args are different than the libc wrapper.
     // See "C library/kernel differences" in clone(2).
     #[log_syscall(
-        /* rv */kernel_pid_t,
-        /* flags */i32,
-        /* child_stack */*const std::ffi::c_void,
-        /* ptid */*const kernel_pid_t,
-        /* ctid */*const kernel_pid_t,
-        /* newtls */*const std::ffi::c_void)]
+        /* rv */ kernel_pid_t,
+        /* flags */ i32,
+        /* child_stack */ *const std::ffi::c_void,
+        /* ptid */ *const kernel_pid_t,
+        /* ctid */ *const kernel_pid_t,
+        /* newtls */ *const std::ffi::c_void)]
     pub fn clone(
         ctx: &mut SyscallContext,
         flags_and_exit_signal: i32,
@@ -307,9 +307,9 @@ impl SyscallHandler {
     }
 
     #[log_syscall(
-        /* rv */kernel_pid_t,
-        /* args*/*const std::ffi::c_void,
-        /* args_size*/usize)]
+        /* rv */ kernel_pid_t,
+        /* args*/ *const std::ffi::c_void,
+        /* args_size*/ usize)]
     pub fn clone3(
         ctx: &mut SyscallContext,
         args: ForeignPtr<linux_api::sched::clone_args>,
@@ -346,7 +346,7 @@ impl SyscallHandler {
         )
     }
 
-    #[log_syscall(/* rv */kernel_pid_t)]
+    #[log_syscall(/* rv */ kernel_pid_t)]
     pub fn fork(ctx: &mut SyscallContext) -> Result<kernel_pid_t, SyscallError> {
         // This should be the correct call to `clone_internal`, but `clone_internal`
         // will currently return an error.
@@ -361,7 +361,7 @@ impl SyscallHandler {
         )
     }
 
-    #[log_syscall(/* rv */kernel_pid_t)]
+    #[log_syscall(/* rv */ kernel_pid_t)]
     pub fn vfork(ctx: &mut SyscallContext) -> Result<kernel_pid_t, SyscallError> {
         // This should be the correct call to `clone_internal`, but `clone_internal`
         // will currently return an error.
@@ -376,8 +376,74 @@ impl SyscallHandler {
         )
     }
 
-    #[log_syscall(/* rv */kernel_pid_t)]
+    #[log_syscall(/* rv */ kernel_pid_t)]
     pub fn gettid(ctx: &mut SyscallContext) -> Result<kernel_pid_t, SyscallError> {
         Ok(kernel_pid_t::from(ctx.objs.thread.id()))
     }
+
+    #[log_syscall(/* rv */ std::ffi::c_int,
+        /* hdrp */ *const std::ffi::c_void,
+        /* datap */ *const std::ffi::c_void)]
+    pub fn capget(
+        ctx: &mut SyscallContext,
+        hdrp: ForeignPtr<linux_raw_sys::general::__user_cap_header_struct>,
+        datap: ForeignPtr<[linux_raw_sys::general::__user_cap_data_struct; 2]>,
+    ) -> SyscallResult {
+        // If the version is not 3, we return the error
+        let hdrp = ctx.objs.process.memory_borrow().read(hdrp)?;
+        if hdrp.version != linux_raw_sys::general::_LINUX_CAPABILITY_VERSION_3 {
+            warn!(
+                "The version of Linux capabilities is not supported ({})",
+                hdrp.version
+            );
+            return Err(Errno::EINVAL.into());
+        }
+
+        if !datap.is_null() {
+            // Since we don't provide any capability to the managed plugin, we return zeroes to both
+            // datap[0] and datap[1]
+            let empty = linux_raw_sys::general::__user_cap_data_struct {
+                effective: 0,
+                permitted: 0,
+                inheritable: 0,
+            };
+            ctx.objs
+                .process
+                .memory_borrow_mut()
+                .write(datap, &[empty, empty])?;
+        }
+        Ok(0.into())
+    }
+
+    #[log_syscall(/* rv */ std::ffi::c_int,
+        /* hdrp */ *const std::ffi::c_void,
+        /* datap */ *const std::ffi::c_void)]
+    pub fn capset(
+        ctx: &mut SyscallContext,
+        hdrp: ForeignPtr<linux_raw_sys::general::__user_cap_header_struct>,
+        datap: ForeignPtr<[linux_raw_sys::general::__user_cap_data_struct; 2]>,
+    ) -> SyscallResult {
+        // If the version is not 3, we return the error
+        let hdrp = ctx.objs.process.memory_borrow().read(hdrp)?;
+        if hdrp.version != linux_raw_sys::general::_LINUX_CAPABILITY_VERSION_3 {
+            warn!(
+                "The version of Linux capabilities is not supported ({})",
+                hdrp.version
+            );
+            return Err(Errno::EINVAL.into());
+        }
+
+        let datap: [_; 2] = ctx.objs.process.memory_borrow().read(datap)?;
+        for data in &datap {
+            // We don't allow the plugin to set any capability
+            if data.effective != 0 || data.permitted != 0 || data.inheritable != 0 {
+                warn!(
+                    "The version of Linux capabilities is not supported ({})",
+                    hdrp.version
+                );
+                return Err(Errno::EINVAL.into());
+            }
+        }
+        Ok(0.into())
+    }
 }
diff --git a/src/main/host/syscall/handler/mod.rs b/src/main/host/syscall/handler/mod.rs
@@ -45,6 +45,8 @@ impl SyscallHandler {
             libc::SYS_accept4 => SyscallHandlerFn::call(Self::accept4, &mut ctx),
             libc::SYS_bind => SyscallHandlerFn::call(Self::bind, &mut ctx),
             libc::SYS_brk => SyscallHandlerFn::call(Self::brk, &mut ctx),
+            libc::SYS_capget => SyscallHandlerFn::call(Self::capget, &mut ctx),
+            libc::SYS_capset => SyscallHandlerFn::call(Self::capset, &mut ctx),
             libc::SYS_clock_getres => SyscallHandlerFn::call(Self::clock_getres, &mut ctx),
             libc::SYS_clock_nanosleep => SyscallHandlerFn::call(Self::clock_nanosleep, &mut ctx),
             libc::SYS_clone => SyscallHandlerFn::call(Self::clone, &mut ctx),
diff --git a/src/main/host/syscall_handler.c b/src/main/host/syscall_handler.c
@@ -299,6 +299,8 @@ SyscallReturn syscallhandler_make_syscall(SysCallHandler* sys, const SysCallArgs
             HANDLE_RUST(accept4);
             HANDLE_RUST(bind);
             HANDLE_RUST(brk);
+            HANDLE_RUST(capget);
+            HANDLE_RUST(capset);
             HANDLE_RUST(clock_getres);
             SHIM_ONLY(clock_gettime);
             HANDLE_RUST(clock_nanosleep);

Original file line number	Diff line number	Diff line change
`@@ -7,3 +7,4 @@ edition = "2021"`
`7`	`7`
`8`	`8`	`[dependencies]`
`9`	`9`	`libc = { version = "0.2.148", default-features = false }`
	`10`	`+linux-raw-sys = "0.5.2"`