Elly Jones | e58176c | 2012-01-23 11:46:17 -0500 | [diff] [blame] | 1 | /* Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 2 | * Use of this source code is governed by a BSD-style license that can be |
Will Drewry | 32ac9f5 | 2011-08-18 21:36:27 -0500 | [diff] [blame] | 3 | * found in the LICENSE file. |
| 4 | */ |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 5 | |
Jorge Lucangeli Obes | 4b2d5ee | 2014-01-09 15:47:47 -0800 | [diff] [blame] | 6 | #include <dlfcn.h> |
Jorge Lucangeli Obes | 0b20877 | 2017-04-19 14:15:46 -0400 | [diff] [blame] | 7 | #include <getopt.h> |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 8 | #include <stdio.h> |
| 9 | #include <stdlib.h> |
| 10 | #include <string.h> |
| 11 | #include <unistd.h> |
| 12 | |
| 13 | #include "libminijail.h" |
Will Drewry | 32ac9f5 | 2011-08-18 21:36:27 -0500 | [diff] [blame] | 14 | #include "libsyscalls.h" |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 15 | |
Lee Campbell | 1e4fc6a | 2014-06-06 17:40:02 -0700 | [diff] [blame] | 16 | #include "elfparse.h" |
Jorge Lucangeli Obes | bda833c | 2012-07-31 16:25:56 -0700 | [diff] [blame] | 17 | #include "util.h" |
| 18 | |
Jorge Lucangeli Obes | ab6fa6f | 2016-08-04 15:42:48 -0400 | [diff] [blame] | 19 | #define IDMAP_LEN 32U |
| 20 | |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 21 | static void set_user(struct minijail *j, const char *arg) |
| 22 | { |
| 23 | char *end = NULL; |
| 24 | int uid = strtod(arg, &end); |
| 25 | if (!*end && *arg) { |
| 26 | minijail_change_uid(j, uid); |
| 27 | return; |
| 28 | } |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 29 | |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 30 | if (minijail_change_user(j, arg)) { |
| 31 | fprintf(stderr, "Bad user: '%s'\n", arg); |
| 32 | exit(1); |
| 33 | } |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 34 | } |
| 35 | |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 36 | static void set_group(struct minijail *j, const char *arg) |
| 37 | { |
| 38 | char *end = NULL; |
| 39 | int gid = strtod(arg, &end); |
| 40 | if (!*end && *arg) { |
| 41 | minijail_change_gid(j, gid); |
| 42 | return; |
| 43 | } |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 44 | |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 45 | if (minijail_change_group(j, arg)) { |
| 46 | fprintf(stderr, "Bad group: '%s'\n", arg); |
| 47 | exit(1); |
| 48 | } |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 49 | } |
| 50 | |
Luis Hector Chavez | ec0a2c1 | 2017-06-29 20:29:57 -0700 | [diff] [blame] | 51 | static void skip_securebits(struct minijail *j, const char *arg) |
| 52 | { |
| 53 | uint64_t securebits_skip_mask; |
| 54 | char *end = NULL; |
| 55 | securebits_skip_mask = strtoull(arg, &end, 16); |
| 56 | if (*end) { |
| 57 | fprintf(stderr, "Invalid securebit mask: '%s'\n", arg); |
| 58 | exit(1); |
| 59 | } |
| 60 | minijail_skip_setting_securebits(j, securebits_skip_mask); |
| 61 | } |
| 62 | |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 63 | static void use_caps(struct minijail *j, const char *arg) |
| 64 | { |
| 65 | uint64_t caps; |
| 66 | char *end = NULL; |
| 67 | caps = strtoull(arg, &end, 16); |
| 68 | if (*end) { |
| 69 | fprintf(stderr, "Invalid cap set: '%s'\n", arg); |
| 70 | exit(1); |
| 71 | } |
| 72 | minijail_use_caps(j, caps); |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 73 | } |
| 74 | |
Jorge Lucangeli Obes | c8b21e1 | 2014-06-13 14:26:16 -0700 | [diff] [blame] | 75 | static void add_binding(struct minijail *j, char *arg) |
| 76 | { |
Elly Jones | 51a5b6c | 2011-10-12 19:09:26 -0400 | [diff] [blame] | 77 | char *src = strtok(arg, ","); |
Elly Jones | 5ba42b5 | 2011-12-07 13:31:43 -0500 | [diff] [blame] | 78 | char *dest = strtok(NULL, ","); |
| 79 | char *flags = strtok(NULL, ","); |
Elly Jones | 51a5b6c | 2011-10-12 19:09:26 -0400 | [diff] [blame] | 80 | if (!src || !dest) { |
| 81 | fprintf(stderr, "Bad binding: %s %s\n", src, dest); |
| 82 | exit(1); |
| 83 | } |
| 84 | if (minijail_bind(j, src, dest, flags ? atoi(flags) : 0)) { |
Jorge Lucangeli Obes | 2b12ba4 | 2016-01-26 10:37:51 -0800 | [diff] [blame] | 85 | fprintf(stderr, "minijail_bind failed.\n"); |
Elly Jones | 51a5b6c | 2011-10-12 19:09:26 -0400 | [diff] [blame] | 86 | exit(1); |
| 87 | } |
| 88 | } |
| 89 | |
Dylan Reid | 0f72ef4 | 2017-06-06 15:42:49 -0700 | [diff] [blame] | 90 | static void add_rlimit(struct minijail *j, char *arg) |
| 91 | { |
| 92 | char *type = strtok(arg, ","); |
| 93 | char *cur = strtok(NULL, ","); |
| 94 | char *max = strtok(NULL, ","); |
| 95 | if (!type || !cur || !max) { |
| 96 | fprintf(stderr, "Bad rlimit '%s'.\n", arg); |
| 97 | exit(1); |
| 98 | } |
| 99 | if (minijail_rlimit(j, atoi(type), atoi(cur), atoi(max))) { |
| 100 | fprintf(stderr, "minijail_rlimit '%s,%s,%s' failed.\n", |
| 101 | type, cur, max); |
| 102 | exit(1); |
| 103 | } |
| 104 | } |
| 105 | |
Dylan Reid | 648b220 | 2015-10-23 00:50:00 -0700 | [diff] [blame] | 106 | static void add_mount(struct minijail *j, char *arg) |
| 107 | { |
| 108 | char *src = strtok(arg, ","); |
| 109 | char *dest = strtok(NULL, ","); |
| 110 | char *type = strtok(NULL, ","); |
| 111 | char *flags = strtok(NULL, ","); |
Dylan Reid | 81e2397 | 2016-05-18 14:06:35 -0700 | [diff] [blame] | 112 | char *data = strtok(NULL, ","); |
Dylan Reid | 648b220 | 2015-10-23 00:50:00 -0700 | [diff] [blame] | 113 | if (!src || !dest || !type) { |
| 114 | fprintf(stderr, "Bad mount: %s %s %s\n", src, dest, type); |
| 115 | exit(1); |
| 116 | } |
Dylan Reid | 81e2397 | 2016-05-18 14:06:35 -0700 | [diff] [blame] | 117 | if (minijail_mount_with_data(j, src, dest, type, |
Jorge Lucangeli Obes | ab6fa6f | 2016-08-04 15:42:48 -0400 | [diff] [blame] | 118 | flags ? strtoul(flags, NULL, 16) : 0, |
| 119 | data)) { |
Dylan Reid | 648b220 | 2015-10-23 00:50:00 -0700 | [diff] [blame] | 120 | fprintf(stderr, "minijail_mount failed.\n"); |
| 121 | exit(1); |
| 122 | } |
| 123 | } |
| 124 | |
Jorge Lucangeli Obes | ab6fa6f | 2016-08-04 15:42:48 -0400 | [diff] [blame] | 125 | static char *build_idmap(id_t id, id_t lowerid) |
| 126 | { |
| 127 | int ret; |
| 128 | char *idmap = malloc(IDMAP_LEN); |
| 129 | ret = snprintf(idmap, IDMAP_LEN, "%d %d 1", id, lowerid); |
| 130 | if (ret < 0 || (size_t)ret >= IDMAP_LEN) { |
| 131 | free(idmap); |
| 132 | fprintf(stderr, "Could not build id map.\n"); |
| 133 | exit(1); |
| 134 | } |
| 135 | return idmap; |
| 136 | } |
| 137 | |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 138 | static void usage(const char *progn) |
| 139 | { |
Jorge Lucangeli Obes | bda833c | 2012-07-31 16:25:56 -0700 | [diff] [blame] | 140 | size_t i; |
Luis Hector Chavez | fb449ab | 2016-10-14 09:49:22 -0700 | [diff] [blame] | 141 | /* clang-format off */ |
Dylan Reid | 0f72ef4 | 2017-06-06 15:42:49 -0700 | [diff] [blame] | 142 | printf("Usage: %s [-GhHiIKlLnNprRstUvyYz]\n" |
Jorge Lucangeli Obes | a32e839 | 2016-09-01 16:52:40 -0400 | [diff] [blame] | 143 | " [-a <table>]\n" |
| 144 | " [-b <src>,<dest>[,<writeable>]] [-k <src>,<dest>,<type>[,<flags>][,<data>]]\n" |
| 145 | " [-c <caps>] [-C <dir>] [-P <dir>] [-e[file]] [-f <file>] [-g <group>]\n" |
Jorge Lucangeli Obes | ab6fa6f | 2016-08-04 15:42:48 -0400 | [diff] [blame] | 146 | " [-m[<uid> <loweruid> <count>]*] [-M[<gid> <lowergid> <count>]*]\n" |
Dylan Reid | 0f72ef4 | 2017-06-06 15:42:49 -0700 | [diff] [blame] | 147 | " [-R <type,cur,max>] [-S <file>] [-t[size]] [-T <type>] [-u <user>] [-V <file>]\n" |
Jorge Lucangeli Obes | 9dd256e | 2016-02-16 15:31:02 -0800 | [diff] [blame] | 148 | " <program> [args...]\n" |
Mike Frysinger | b9a7b16 | 2017-05-30 15:25:49 -0400 | [diff] [blame] | 149 | " -a <table>: Use alternate syscall table <table>.\n" |
Mike Frysinger | eaab420 | 2017-08-14 14:57:21 -0400 | [diff] [blame] | 150 | " -b <...>: Bind <src> to <dest> in chroot.\n" |
Mike Frysinger | b9a7b16 | 2017-05-30 15:25:49 -0400 | [diff] [blame] | 151 | " Multiple instances allowed.\n" |
Mike Frysinger | eaab420 | 2017-08-14 14:57:21 -0400 | [diff] [blame] | 152 | " -B <mask>: Skip setting securebits in <mask> when restricting capabilities (-c).\n" |
Luis Hector Chavez | ec0a2c1 | 2017-06-29 20:29:57 -0700 | [diff] [blame] | 153 | " By default, SECURE_NOROOT, SECURE_NO_SETUID_FIXUP, and \n" |
| 154 | " SECURE_KEEP_CAPS (together with their respective locks) are set.\n" |
Mike Frysinger | eaab420 | 2017-08-14 14:57:21 -0400 | [diff] [blame] | 155 | " -k <...>: Mount <src> at <dest> in chroot.\n" |
Mike Frysinger | b9a7b16 | 2017-05-30 15:25:49 -0400 | [diff] [blame] | 156 | " <flags> and <data> can be specified as in mount(2).\n" |
| 157 | " Multiple instances allowed.\n" |
| 158 | " -c <caps>: Restrict caps to <caps>.\n" |
| 159 | " -C <dir>: chroot(2) to <dir>.\n" |
| 160 | " Not compatible with -P.\n" |
| 161 | " -P <dir>: pivot_root(2) to <dir> (implies -v).\n" |
| 162 | " Not compatible with -C.\n" |
| 163 | " -e[file]: Enter new network namespace, or existing one if |file| is provided.\n" |
| 164 | " -f <file>: Write the pid of the jailed process to <file>.\n" |
| 165 | " -g <group>: Change gid to <group>.\n" |
| 166 | " -G: Inherit supplementary groups from uid.\n" |
| 167 | " Not compatible with -y.\n" |
| 168 | " -y: Keep uid's supplementary groups.\n" |
| 169 | " Not compatible with -G.\n" |
| 170 | " -h: Help (this message).\n" |
| 171 | " -H: Seccomp filter help message.\n" |
| 172 | " -i: Exit immediately after fork (do not act as init).\n" |
| 173 | " -I: Run <program> as init (pid 1) inside a new pid namespace (implies -p).\n" |
| 174 | " -K: Don't mark all existing mounts as MS_PRIVATE.\n" |
| 175 | " -l: Enter new IPC namespace.\n" |
| 176 | " -L: Report blocked syscalls to syslog when using seccomp filter.\n" |
| 177 | " Forces the following syscalls to be allowed:\n" |
Kees Cook | 03b2af2 | 2014-12-18 17:11:13 -0800 | [diff] [blame] | 178 | " ", progn); |
Luis Hector Chavez | fb449ab | 2016-10-14 09:49:22 -0700 | [diff] [blame] | 179 | /* clang-format on */ |
Jorge Lucangeli Obes | bda833c | 2012-07-31 16:25:56 -0700 | [diff] [blame] | 180 | for (i = 0; i < log_syscalls_len; i++) |
| 181 | printf("%s ", log_syscalls[i]); |
| 182 | |
Luis Hector Chavez | fb449ab | 2016-10-14 09:49:22 -0700 | [diff] [blame] | 183 | /* clang-format off */ |
Jorge Lucangeli Obes | bda833c | 2012-07-31 16:25:56 -0700 | [diff] [blame] | 184 | printf("\n" |
Mike Frysinger | b9a7b16 | 2017-05-30 15:25:49 -0400 | [diff] [blame] | 185 | " -m[map]: Set the uid map of a user namespace (implies -pU).\n" |
| 186 | " Same arguments as newuidmap(1), multiple mappings should be separated by ',' (comma).\n" |
| 187 | " With no mapping, map the current uid to root inside the user namespace.\n" |
| 188 | " Not compatible with -b without the 'writable' option.\n" |
| 189 | " -M[map]: Set the gid map of a user namespace (implies -pU).\n" |
| 190 | " Same arguments as newgidmap(1), multiple mappings should be separated by ',' (comma).\n" |
| 191 | " With no mapping, map the current gid to root inside the user namespace.\n" |
| 192 | " Not compatible with -b without the 'writable' option.\n" |
| 193 | " -n: Set no_new_privs.\n" |
| 194 | " -N: Enter a new cgroup namespace.\n" |
| 195 | " -p: Enter new pid namespace (implies -vr).\n" |
| 196 | " -r: Remount /proc read-only (implies -v).\n" |
Dylan Reid | 0f72ef4 | 2017-06-06 15:42:49 -0700 | [diff] [blame] | 197 | " -R: Set rlimits, can be specified multiple times.\n" |
Mike Frysinger | e61fd66 | 2017-06-20 14:07:41 -0400 | [diff] [blame] | 198 | " -s: Use seccomp mode 1 (not the same as -S).\n" |
Mike Frysinger | b9a7b16 | 2017-05-30 15:25:49 -0400 | [diff] [blame] | 199 | " -S <file>: Set seccomp filter using <file>.\n" |
| 200 | " E.g., '-S /usr/share/filters/<prog>.$(uname -m)'.\n" |
| 201 | " Requires -n when not running as root.\n" |
| 202 | " -t[size]: Mount tmpfs at /tmp (implies -v).\n" |
| 203 | " Optional argument specifies size (default \"64M\").\n" |
Graziano Misuraca | 58602a8 | 2017-08-28 17:33:15 -0700 | [diff] [blame] | 204 | " -T <type>: Assume <program> is a <type> ELF binary; <type> can be 'static' or 'dynamic'.\n" |
| 205 | " This will avoid accessing <program> binary before execve(2).\n" |
| 206 | " Type 'static' will avoid preload hooking.\n" |
Mike Frysinger | b9a7b16 | 2017-05-30 15:25:49 -0400 | [diff] [blame] | 207 | " -u <user>: Change uid to <user>.\n" |
| 208 | " -U: Enter new user namespace (implies -p).\n" |
| 209 | " -v: Enter new mount namespace.\n" |
| 210 | " -V <file>: Enter specified mount namespace.\n" |
| 211 | " -w: Create and join a new anonymous session keyring.\n" |
| 212 | " -Y: Synchronize seccomp filters across thread group.\n" |
| 213 | " -z: Don't forward signals to jailed process.\n" |
| 214 | " --ambient: Raise ambient capabilities. Requires -c.\n" |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame^] | 215 | " --uts[=name]: Enter a new UTS namespace (and set hostname).\n" |
| 216 | " --logging=<s>:Use <s> as the logging system.\n" |
| 217 | " <s> must be 'syslog' (default) or 'stderr'.\n"); |
Luis Hector Chavez | fb449ab | 2016-10-14 09:49:22 -0700 | [diff] [blame] | 218 | /* clang-format on */ |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 219 | } |
| 220 | |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 221 | static void seccomp_filter_usage(const char *progn) |
| 222 | { |
| 223 | const struct syscall_entry *entry = syscall_table; |
| 224 | printf("Usage: %s -S <policy.file> <program> [args...]\n\n" |
Jorge Lucangeli Obes | 0b20877 | 2017-04-19 14:15:46 -0400 | [diff] [blame] | 225 | "System call names supported:\n", |
| 226 | progn); |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 227 | for (; entry->name && entry->nr >= 0; ++entry) |
| 228 | printf(" %s [%d]\n", entry->name, entry->nr); |
| 229 | printf("\nSee minijail0(5) for example policies.\n"); |
Will Drewry | 32ac9f5 | 2011-08-18 21:36:27 -0500 | [diff] [blame] | 230 | } |
| 231 | |
Christopher Wiley | 88f76a7 | 2013-11-01 14:12:56 -0700 | [diff] [blame] | 232 | static int parse_args(struct minijail *j, int argc, char *argv[], |
Matthew Dempsky | 2ed0912 | 2016-02-11 09:43:37 -0800 | [diff] [blame] | 233 | int *exit_immediately, ElfType *elftype) |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 234 | { |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 235 | int opt; |
Jorge Lucangeli Obes | 482cb9d | 2014-07-23 15:16:04 -0700 | [diff] [blame] | 236 | int use_seccomp_filter = 0; |
Jorge Lucangeli Obes | dba6209 | 2017-05-18 17:10:23 -0400 | [diff] [blame] | 237 | int forward = 1; |
Jorge Lucangeli Obes | 2b12ba4 | 2016-01-26 10:37:51 -0800 | [diff] [blame] | 238 | int binding = 0; |
Jorge Lucangeli Obes | 0b20877 | 2017-04-19 14:15:46 -0400 | [diff] [blame] | 239 | int chroot = 0, pivot_root = 0; |
Jorge Lucangeli Obes | a521bee | 2016-03-03 13:47:57 -0800 | [diff] [blame] | 240 | int mount_ns = 0, skip_remount = 0; |
Lutz Justen | 13807cb | 2017-01-03 17:11:55 +0100 | [diff] [blame] | 241 | int inherit_suppl_gids = 0, keep_suppl_gids = 0; |
Jorge Lucangeli Obes | a6eb21a | 2017-04-20 10:44:00 -0400 | [diff] [blame] | 242 | int caps = 0, ambient_caps = 0; |
Mike Frysinger | e61fd66 | 2017-06-20 14:07:41 -0400 | [diff] [blame] | 243 | int seccomp = -1; |
Jorge Lucangeli Obes | 482cb9d | 2014-07-23 15:16:04 -0700 | [diff] [blame] | 244 | const size_t path_max = 4096; |
Jorge Lucangeli Obes | ab6fa6f | 2016-08-04 15:42:48 -0400 | [diff] [blame] | 245 | char *map; |
Martin Pelikán | ab9eb44 | 2017-01-25 11:53:58 +1100 | [diff] [blame] | 246 | size_t size; |
Luis Hector Chavez | 95582e7 | 2017-09-05 09:13:25 -0700 | [diff] [blame] | 247 | const char *filter_path = NULL; |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame^] | 248 | int log_to_stderr = 0; |
Jorge Lucangeli Obes | ab6fa6f | 2016-08-04 15:42:48 -0400 | [diff] [blame] | 249 | |
| 250 | const char *optstring = |
Luis Hector Chavez | ec0a2c1 | 2017-06-29 20:29:57 -0700 | [diff] [blame] | 251 | "+u:g:sS:c:C:P:b:B:V:f:m::M::k:a:e::R:T:vrGhHinNplLt::IUKwyYz"; |
Jorge Lucangeli Obes | 0b20877 | 2017-04-19 14:15:46 -0400 | [diff] [blame] | 252 | int longoption_index = 0; |
Jorge Lucangeli Obes | a6eb21a | 2017-04-20 10:44:00 -0400 | [diff] [blame] | 253 | /* clang-format off */ |
| 254 | const struct option long_options[] = { |
| 255 | {"ambient", no_argument, 0, 128}, |
Mike Frysinger | b9a7b16 | 2017-05-30 15:25:49 -0400 | [diff] [blame] | 256 | {"uts", optional_argument, 0, 129}, |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame^] | 257 | {"logging", required_argument, 0, 130}, |
Jorge Lucangeli Obes | a6eb21a | 2017-04-20 10:44:00 -0400 | [diff] [blame] | 258 | {0, 0, 0, 0}, |
| 259 | }; |
| 260 | /* clang-format on */ |
Jorge Lucangeli Obes | 0b20877 | 2017-04-19 14:15:46 -0400 | [diff] [blame] | 261 | |
| 262 | while ((opt = getopt_long(argc, argv, optstring, long_options, |
| 263 | &longoption_index)) != -1) { |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 264 | switch (opt) { |
| 265 | case 'u': |
| 266 | set_user(j, optarg); |
| 267 | break; |
| 268 | case 'g': |
| 269 | set_group(j, optarg); |
| 270 | break; |
Jorge Lucangeli Obes | c2c9bcc | 2012-05-01 09:30:24 -0700 | [diff] [blame] | 271 | case 'n': |
| 272 | minijail_no_new_privs(j); |
Jorge Lucangeli Obes | 0341d6c | 2012-07-16 15:27:31 -0700 | [diff] [blame] | 273 | break; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 274 | case 's': |
Mike Frysinger | e61fd66 | 2017-06-20 14:07:41 -0400 | [diff] [blame] | 275 | if (seccomp != -1 && seccomp != 1) { |
| 276 | fprintf(stderr, "Do not use -s & -S together.\n"); |
| 277 | exit(1); |
| 278 | } |
| 279 | seccomp = 1; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 280 | minijail_use_seccomp(j); |
| 281 | break; |
| 282 | case 'S': |
Mike Frysinger | e61fd66 | 2017-06-20 14:07:41 -0400 | [diff] [blame] | 283 | if (seccomp != -1 && seccomp != 2) { |
| 284 | fprintf(stderr, "Do not use -s & -S together.\n"); |
| 285 | exit(1); |
| 286 | } |
| 287 | seccomp = 2; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 288 | minijail_use_seccomp_filter(j); |
Jorge Lucangeli Obes | 482cb9d | 2014-07-23 15:16:04 -0700 | [diff] [blame] | 289 | if (strlen(optarg) >= path_max) { |
Jorge Lucangeli Obes | 2b12ba4 | 2016-01-26 10:37:51 -0800 | [diff] [blame] | 290 | fprintf(stderr, "Filter path is too long.\n"); |
Jorge Lucangeli Obes | 482cb9d | 2014-07-23 15:16:04 -0700 | [diff] [blame] | 291 | exit(1); |
| 292 | } |
| 293 | filter_path = strndup(optarg, path_max); |
| 294 | if (!filter_path) { |
| 295 | fprintf(stderr, |
| 296 | "Could not strndup(3) filter path.\n"); |
| 297 | exit(1); |
| 298 | } |
| 299 | use_seccomp_filter = 1; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 300 | break; |
Dylan Reid | f794247 | 2015-11-18 17:55:26 -0800 | [diff] [blame] | 301 | case 'l': |
| 302 | minijail_namespace_ipc(j); |
| 303 | break; |
Jorge Lucangeli Obes | bda833c | 2012-07-31 16:25:56 -0700 | [diff] [blame] | 304 | case 'L': |
| 305 | minijail_log_seccomp_filter_failures(j); |
| 306 | break; |
Elly Jones | 51a5b6c | 2011-10-12 19:09:26 -0400 | [diff] [blame] | 307 | case 'b': |
| 308 | add_binding(j, optarg); |
Jorge Lucangeli Obes | 2b12ba4 | 2016-01-26 10:37:51 -0800 | [diff] [blame] | 309 | binding = 1; |
Elly Jones | 51a5b6c | 2011-10-12 19:09:26 -0400 | [diff] [blame] | 310 | break; |
Luis Hector Chavez | ec0a2c1 | 2017-06-29 20:29:57 -0700 | [diff] [blame] | 311 | case 'B': |
| 312 | skip_securebits(j, optarg); |
| 313 | break; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 314 | case 'c': |
Jorge Lucangeli Obes | a6eb21a | 2017-04-20 10:44:00 -0400 | [diff] [blame] | 315 | caps = 1; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 316 | use_caps(j, optarg); |
| 317 | break; |
Elly Jones | 51a5b6c | 2011-10-12 19:09:26 -0400 | [diff] [blame] | 318 | case 'C': |
Yu-Hsi Chiang | 64d65a7 | 2015-08-13 17:43:27 +0800 | [diff] [blame] | 319 | if (pivot_root) { |
| 320 | fprintf(stderr, "Could not set chroot because " |
Jorge Lucangeli Obes | 2b12ba4 | 2016-01-26 10:37:51 -0800 | [diff] [blame] | 321 | "'-P' was specified.\n"); |
Yu-Hsi Chiang | 64d65a7 | 2015-08-13 17:43:27 +0800 | [diff] [blame] | 322 | exit(1); |
| 323 | } |
Jorge Lucangeli Obes | 1563b5b | 2014-07-10 07:01:53 -0700 | [diff] [blame] | 324 | if (0 != minijail_enter_chroot(j, optarg)) { |
| 325 | fprintf(stderr, "Could not set chroot.\n"); |
Lee Campbell | 11af062 | 2014-05-22 12:36:04 -0700 | [diff] [blame] | 326 | exit(1); |
Jorge Lucangeli Obes | 1563b5b | 2014-07-10 07:01:53 -0700 | [diff] [blame] | 327 | } |
Yu-Hsi Chiang | 64d65a7 | 2015-08-13 17:43:27 +0800 | [diff] [blame] | 328 | chroot = 1; |
| 329 | break; |
Dylan Reid | 648b220 | 2015-10-23 00:50:00 -0700 | [diff] [blame] | 330 | case 'k': |
| 331 | add_mount(j, optarg); |
| 332 | break; |
Jorge Lucangeli Obes | a521bee | 2016-03-03 13:47:57 -0800 | [diff] [blame] | 333 | case 'K': |
| 334 | minijail_skip_remount_private(j); |
| 335 | skip_remount = 1; |
| 336 | break; |
Yu-Hsi Chiang | 64d65a7 | 2015-08-13 17:43:27 +0800 | [diff] [blame] | 337 | case 'P': |
| 338 | if (chroot) { |
Jorge Lucangeli Obes | 2b12ba4 | 2016-01-26 10:37:51 -0800 | [diff] [blame] | 339 | fprintf(stderr, |
| 340 | "Could not set pivot_root because " |
| 341 | "'-C' was specified.\n"); |
Yu-Hsi Chiang | 64d65a7 | 2015-08-13 17:43:27 +0800 | [diff] [blame] | 342 | exit(1); |
| 343 | } |
| 344 | if (0 != minijail_enter_pivot_root(j, optarg)) { |
| 345 | fprintf(stderr, "Could not set pivot_root.\n"); |
| 346 | exit(1); |
| 347 | } |
| 348 | minijail_namespace_vfs(j); |
| 349 | pivot_root = 1; |
Lee Campbell | 11af062 | 2014-05-22 12:36:04 -0700 | [diff] [blame] | 350 | break; |
Yu-Hsi Chiang | 3cc05ea | 2015-08-11 11:23:17 +0800 | [diff] [blame] | 351 | case 'f': |
| 352 | if (0 != minijail_write_pid_file(j, optarg)) { |
Jorge Lucangeli Obes | 2b12ba4 | 2016-01-26 10:37:51 -0800 | [diff] [blame] | 353 | fprintf(stderr, |
| 354 | "Could not prepare pid file path.\n"); |
Yu-Hsi Chiang | 3cc05ea | 2015-08-11 11:23:17 +0800 | [diff] [blame] | 355 | exit(1); |
| 356 | } |
| 357 | break; |
Lee Campbell | 11af062 | 2014-05-22 12:36:04 -0700 | [diff] [blame] | 358 | case 't': |
Mike Frysinger | ec7def2 | 2017-01-13 18:44:45 -0500 | [diff] [blame] | 359 | minijail_namespace_vfs(j); |
Martin Pelikán | ab9eb44 | 2017-01-25 11:53:58 +1100 | [diff] [blame] | 360 | size = 64 * 1024 * 1024; |
| 361 | if (optarg != NULL && 0 != parse_size(&size, optarg)) { |
| 362 | fprintf(stderr, "Invalid /tmp tmpfs size.\n"); |
| 363 | exit(1); |
| 364 | } |
| 365 | minijail_mount_tmp_size(j, size); |
Elly Jones | 51a5b6c | 2011-10-12 19:09:26 -0400 | [diff] [blame] | 366 | break; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 367 | case 'v': |
| 368 | minijail_namespace_vfs(j); |
Jorge Lucangeli Obes | a521bee | 2016-03-03 13:47:57 -0800 | [diff] [blame] | 369 | mount_ns = 1; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 370 | break; |
Jorge Lucangeli Obes | 1563b5b | 2014-07-10 07:01:53 -0700 | [diff] [blame] | 371 | case 'V': |
| 372 | minijail_namespace_enter_vfs(j, optarg); |
| 373 | break; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 374 | case 'r': |
Dylan Reid | 791f577 | 2015-09-14 20:02:42 -0700 | [diff] [blame] | 375 | minijail_remount_proc_readonly(j); |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 376 | break; |
| 377 | case 'G': |
Lutz Justen | 13807cb | 2017-01-03 17:11:55 +0100 | [diff] [blame] | 378 | if (keep_suppl_gids) { |
| 379 | fprintf(stderr, |
| 380 | "-y and -G are not compatible.\n"); |
| 381 | exit(1); |
| 382 | } |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 383 | minijail_inherit_usergroups(j); |
Lutz Justen | 13807cb | 2017-01-03 17:11:55 +0100 | [diff] [blame] | 384 | inherit_suppl_gids = 1; |
| 385 | break; |
| 386 | case 'y': |
| 387 | if (inherit_suppl_gids) { |
| 388 | fprintf(stderr, |
| 389 | "-y and -G are not compatible.\n"); |
| 390 | exit(1); |
| 391 | } |
| 392 | minijail_keep_supplementary_gids(j); |
| 393 | keep_suppl_gids = 1; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 394 | break; |
Dylan Reid | 4cbc2a5 | 2016-06-17 19:06:07 -0700 | [diff] [blame] | 395 | case 'N': |
| 396 | minijail_namespace_cgroups(j); |
| 397 | break; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 398 | case 'p': |
| 399 | minijail_namespace_pids(j); |
| 400 | break; |
Elly Fong-Jones | 6c08630 | 2013-03-20 17:15:28 -0400 | [diff] [blame] | 401 | case 'e': |
Dylan Reid | 1102f5a | 2015-09-15 11:52:20 -0700 | [diff] [blame] | 402 | if (optarg) |
| 403 | minijail_namespace_enter_net(j, optarg); |
| 404 | else |
| 405 | minijail_namespace_net(j); |
Elly Fong-Jones | 6c08630 | 2013-03-20 17:15:28 -0400 | [diff] [blame] | 406 | break; |
Christopher Wiley | 88f76a7 | 2013-11-01 14:12:56 -0700 | [diff] [blame] | 407 | case 'i': |
Christopher Wiley | 88f76a7 | 2013-11-01 14:12:56 -0700 | [diff] [blame] | 408 | *exit_immediately = 1; |
| 409 | break; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 410 | case 'H': |
| 411 | seccomp_filter_usage(argv[0]); |
| 412 | exit(1); |
Yu-Hsi Chiang | 3e954ec | 2015-07-28 16:48:14 +0800 | [diff] [blame] | 413 | case 'I': |
| 414 | minijail_namespace_pids(j); |
| 415 | minijail_run_as_init(j); |
| 416 | break; |
Yu-Hsi Chiang | 10e9123 | 2015-08-05 14:40:45 +0800 | [diff] [blame] | 417 | case 'U': |
| 418 | minijail_namespace_user(j); |
| 419 | minijail_namespace_pids(j); |
| 420 | break; |
| 421 | case 'm': |
| 422 | minijail_namespace_user(j); |
| 423 | minijail_namespace_pids(j); |
Jorge Lucangeli Obes | ab6fa6f | 2016-08-04 15:42:48 -0400 | [diff] [blame] | 424 | |
| 425 | if (optarg) { |
| 426 | map = strdup(optarg); |
| 427 | } else { |
| 428 | /* |
| 429 | * If no map is passed, map the current uid to |
| 430 | * root. |
| 431 | */ |
| 432 | map = build_idmap(0, getuid()); |
| 433 | } |
| 434 | if (0 != minijail_uidmap(j, map)) { |
| 435 | fprintf(stderr, "Could not set uid map.\n"); |
Yu-Hsi Chiang | 10e9123 | 2015-08-05 14:40:45 +0800 | [diff] [blame] | 436 | exit(1); |
| 437 | } |
Jorge Lucangeli Obes | ab6fa6f | 2016-08-04 15:42:48 -0400 | [diff] [blame] | 438 | free(map); |
Yu-Hsi Chiang | 10e9123 | 2015-08-05 14:40:45 +0800 | [diff] [blame] | 439 | break; |
| 440 | case 'M': |
| 441 | minijail_namespace_user(j); |
| 442 | minijail_namespace_pids(j); |
Jorge Lucangeli Obes | 200299c | 2016-09-23 15:21:57 -0400 | [diff] [blame] | 443 | |
| 444 | if (optarg) { |
| 445 | map = strdup(optarg); |
| 446 | } else { |
| 447 | /* |
| 448 | * If no map is passed, map the current gid to |
| 449 | * root. |
| 450 | * This means that we're likely *not* running as |
| 451 | * root, so we also have to disable |
| 452 | * setgroups(2) to be able to set the gid map. |
Jorge Lucangeli Obes | 0b20877 | 2017-04-19 14:15:46 -0400 | [diff] [blame] | 453 | * See |
| 454 | * http://man7.org/linux/man-pages/man7/user_namespaces.7.html |
Jorge Lucangeli Obes | 200299c | 2016-09-23 15:21:57 -0400 | [diff] [blame] | 455 | */ |
| 456 | minijail_namespace_user_disable_setgroups(j); |
| 457 | |
| 458 | map = build_idmap(0, getgid()); |
| 459 | } |
| 460 | if (0 != minijail_gidmap(j, map)) { |
Jorge Lucangeli Obes | ab6fa6f | 2016-08-04 15:42:48 -0400 | [diff] [blame] | 461 | fprintf(stderr, "Could not set gid map.\n"); |
Yu-Hsi Chiang | 10e9123 | 2015-08-05 14:40:45 +0800 | [diff] [blame] | 462 | exit(1); |
| 463 | } |
Jorge Lucangeli Obes | 200299c | 2016-09-23 15:21:57 -0400 | [diff] [blame] | 464 | free(map); |
Yu-Hsi Chiang | 10e9123 | 2015-08-05 14:40:45 +0800 | [diff] [blame] | 465 | break; |
Andrew Bresticker | eac2894 | 2015-11-11 16:04:46 -0800 | [diff] [blame] | 466 | case 'a': |
| 467 | if (0 != minijail_use_alt_syscall(j, optarg)) { |
Jorge Lucangeli Obes | 2b12ba4 | 2016-01-26 10:37:51 -0800 | [diff] [blame] | 468 | fprintf(stderr, |
| 469 | "Could not set alt-syscall table.\n"); |
Andrew Bresticker | eac2894 | 2015-11-11 16:04:46 -0800 | [diff] [blame] | 470 | exit(1); |
| 471 | } |
| 472 | break; |
Dylan Reid | 0f72ef4 | 2017-06-06 15:42:49 -0700 | [diff] [blame] | 473 | case 'R': |
| 474 | add_rlimit(j, optarg); |
| 475 | break; |
Matthew Dempsky | 2ed0912 | 2016-02-11 09:43:37 -0800 | [diff] [blame] | 476 | case 'T': |
| 477 | if (!strcmp(optarg, "static")) |
| 478 | *elftype = ELFSTATIC; |
| 479 | else if (!strcmp(optarg, "dynamic")) |
| 480 | *elftype = ELFDYNAMIC; |
| 481 | else { |
Jorge Lucangeli Obes | 768d42b | 2016-02-17 10:28:25 -0800 | [diff] [blame] | 482 | fprintf(stderr, "ELF type must be 'static' or " |
| 483 | "'dynamic'.\n"); |
Matthew Dempsky | 2ed0912 | 2016-02-11 09:43:37 -0800 | [diff] [blame] | 484 | exit(1); |
| 485 | } |
| 486 | break; |
Chirantan Ekbote | 866bb3a | 2017-02-07 12:26:42 -0800 | [diff] [blame] | 487 | case 'w': |
| 488 | minijail_new_session_keyring(j); |
| 489 | break; |
Jorge Lucangeli Obes | 1365061 | 2016-09-02 11:27:29 -0400 | [diff] [blame] | 490 | case 'Y': |
| 491 | minijail_set_seccomp_filter_tsync(j); |
| 492 | break; |
Jorge Lucangeli Obes | dba6209 | 2017-05-18 17:10:23 -0400 | [diff] [blame] | 493 | case 'z': |
| 494 | forward = 0; |
| 495 | break; |
Jorge Lucangeli Obes | a6eb21a | 2017-04-20 10:44:00 -0400 | [diff] [blame] | 496 | /* Long options. */ |
| 497 | case 128: /* Ambient caps. */ |
| 498 | ambient_caps = 1; |
| 499 | minijail_set_ambient_caps(j); |
| 500 | break; |
Mike Frysinger | b9a7b16 | 2017-05-30 15:25:49 -0400 | [diff] [blame] | 501 | case 129: /* UTS/hostname namespace. */ |
| 502 | minijail_namespace_uts(j); |
| 503 | if (optarg) |
| 504 | minijail_namespace_set_hostname(j, optarg); |
| 505 | break; |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame^] | 506 | case 130: /* Logging. */ |
| 507 | if (!strcmp(optarg, "syslog")) |
| 508 | log_to_stderr = 0; |
| 509 | else if (!strcmp(optarg, "stderr")) { |
| 510 | log_to_stderr = 1; |
| 511 | } else { |
| 512 | fprintf(stderr, "--logger must be 'syslog' or " |
| 513 | "'stderr'.\n"); |
| 514 | exit(1); |
| 515 | } |
| 516 | break; |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 517 | default: |
| 518 | usage(argv[0]); |
| 519 | exit(1); |
| 520 | } |
| 521 | } |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 522 | |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame^] | 523 | if (log_to_stderr) { |
| 524 | init_logging(LOG_TO_FD, STDERR_FILENO, LOG_INFO); |
| 525 | /* |
| 526 | * When logging to stderr, ensure the FD survives the jailing. |
| 527 | */ |
| 528 | if (0 != |
| 529 | minijail_preserve_fd(j, STDERR_FILENO, STDERR_FILENO)) { |
| 530 | fprintf(stderr, "Could not preserve stderr.\n"); |
| 531 | exit(1); |
| 532 | } |
| 533 | } |
| 534 | |
Jorge Lucangeli Obes | a6eb21a | 2017-04-20 10:44:00 -0400 | [diff] [blame] | 535 | /* Can only set ambient caps when using regular caps. */ |
| 536 | if (ambient_caps && !caps) { |
| 537 | fprintf(stderr, "Can't set ambient capabilities (--ambient) " |
| 538 | "without actually using capabilities (-c).\n"); |
| 539 | exit(1); |
| 540 | } |
| 541 | |
Jorge Lucangeli Obes | dba6209 | 2017-05-18 17:10:23 -0400 | [diff] [blame] | 542 | /* Set up signal handlers in minijail unless asked not to. */ |
| 543 | if (forward) |
| 544 | minijail_forward_signals(j); |
| 545 | |
Jorge Lucangeli Obes | 2b12ba4 | 2016-01-26 10:37:51 -0800 | [diff] [blame] | 546 | /* Only allow bind mounts when entering a chroot or using pivot_root. */ |
| 547 | if (binding && !(chroot || pivot_root)) { |
| 548 | fprintf(stderr, "Can't add bind mounts without chroot or" |
| 549 | " pivot_root.\n"); |
| 550 | exit(1); |
| 551 | } |
| 552 | |
Jorge Lucangeli Obes | 482cb9d | 2014-07-23 15:16:04 -0700 | [diff] [blame] | 553 | /* |
Jorge Lucangeli Obes | a521bee | 2016-03-03 13:47:57 -0800 | [diff] [blame] | 554 | * Remounting / as MS_PRIVATE only happens when entering a new mount |
| 555 | * namespace, so skipping it only applies in that case. |
| 556 | */ |
| 557 | if (skip_remount && !mount_ns) { |
| 558 | fprintf(stderr, "Can't skip marking mounts as MS_PRIVATE" |
| 559 | " without mount namespaces.\n"); |
| 560 | exit(1); |
| 561 | } |
| 562 | |
| 563 | /* |
Jorge Lucangeli Obes | 482cb9d | 2014-07-23 15:16:04 -0700 | [diff] [blame] | 564 | * We parse seccomp filters here to make sure we've collected all |
| 565 | * cmdline options. |
| 566 | */ |
| 567 | if (use_seccomp_filter) { |
| 568 | minijail_parse_seccomp_filters(j, filter_path); |
Jorge Lucangeli Obes | 0b20877 | 2017-04-19 14:15:46 -0400 | [diff] [blame] | 569 | free((void *)filter_path); |
Jorge Lucangeli Obes | 482cb9d | 2014-07-23 15:16:04 -0700 | [diff] [blame] | 570 | } |
| 571 | |
Luis Hector Chavez | fe5fb8e | 2017-06-29 10:41:27 -0700 | [diff] [blame] | 572 | /* |
| 573 | * There should be at least one additional unparsed argument: the |
| 574 | * executable name. |
| 575 | */ |
Elly Jones | e1749eb | 2011-10-07 13:54:59 -0400 | [diff] [blame] | 576 | if (argc == optind) { |
| 577 | usage(argv[0]); |
| 578 | exit(1); |
| 579 | } |
Lee Campbell | 11af062 | 2014-05-22 12:36:04 -0700 | [diff] [blame] | 580 | |
Luis Hector Chavez | fe5fb8e | 2017-06-29 10:41:27 -0700 | [diff] [blame] | 581 | if (*elftype == ELFERROR) { |
| 582 | /* |
| 583 | * -T was not specified. |
| 584 | * Get the path to the program adjusted for changing root. |
| 585 | */ |
| 586 | char *program_path = |
| 587 | minijail_get_original_path(j, argv[optind]); |
| 588 | |
| 589 | /* Check that we can access the target program. */ |
| 590 | if (access(program_path, X_OK)) { |
| 591 | fprintf(stderr, |
| 592 | "Target program '%s' is not accessible.\n", |
| 593 | argv[optind]); |
| 594 | exit(1); |
| 595 | } |
| 596 | |
| 597 | /* Check if target is statically or dynamically linked. */ |
| 598 | *elftype = get_elf_linkage(program_path); |
| 599 | free(program_path); |
| 600 | } |
| 601 | |
| 602 | /* |
| 603 | * Setting capabilities need either a dynamically-linked binary, or the |
| 604 | * use of ambient capabilities for them to be able to survive an |
| 605 | * execve(2). |
| 606 | */ |
| 607 | if (caps && *elftype == ELFSTATIC && !ambient_caps) { |
| 608 | fprintf(stderr, "Can't run statically-linked binaries with " |
| 609 | "capabilities (-c) without also setting " |
| 610 | "ambient capabilities. Try passing " |
| 611 | "--ambient.\n"); |
| 612 | exit(1); |
| 613 | } |
| 614 | |
Elly Fong-Jones | f65c9fe | 2013-01-22 13:55:02 -0500 | [diff] [blame] | 615 | return optind; |
| 616 | } |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 617 | |
Elly Fong-Jones | f65c9fe | 2013-01-22 13:55:02 -0500 | [diff] [blame] | 618 | int main(int argc, char *argv[]) |
| 619 | { |
| 620 | struct minijail *j = minijail_new(); |
Jorge Lucangeli Obes | d99a40d | 2016-01-26 13:50:44 -0800 | [diff] [blame] | 621 | const char *dl_mesg = NULL; |
Christopher Wiley | 88f76a7 | 2013-11-01 14:12:56 -0700 | [diff] [blame] | 622 | int exit_immediately = 0; |
Lee Campbell | 1e4fc6a | 2014-06-06 17:40:02 -0700 | [diff] [blame] | 623 | ElfType elftype = ELFERROR; |
Matthew Dempsky | 2ed0912 | 2016-02-11 09:43:37 -0800 | [diff] [blame] | 624 | int consumed = parse_args(j, argc, argv, &exit_immediately, &elftype); |
Elly Fong-Jones | f65c9fe | 2013-01-22 13:55:02 -0500 | [diff] [blame] | 625 | argc -= consumed; |
| 626 | argv += consumed; |
Jorge Lucangeli Obes | 482cb9d | 2014-07-23 15:16:04 -0700 | [diff] [blame] | 627 | |
Lee Campbell | 1e4fc6a | 2014-06-06 17:40:02 -0700 | [diff] [blame] | 628 | if (elftype == ELFSTATIC) { |
Jorge Lucangeli Obes | 5471450 | 2015-09-30 10:08:45 -0700 | [diff] [blame] | 629 | /* |
| 630 | * Target binary is statically linked so we cannot use |
| 631 | * libminijailpreload.so. |
| 632 | */ |
| 633 | minijail_run_no_preload(j, argv[0], argv); |
Lee Campbell | 1e4fc6a | 2014-06-06 17:40:02 -0700 | [diff] [blame] | 634 | } else if (elftype == ELFDYNAMIC) { |
| 635 | /* |
| 636 | * Target binary is dynamically linked so we can |
| 637 | * inject libminijailpreload.so into it. |
| 638 | */ |
| 639 | |
| 640 | /* Check that we can dlopen() libminijailpreload.so. */ |
| 641 | if (!dlopen(PRELOADPATH, RTLD_LAZY | RTLD_LOCAL)) { |
Matthew Dempsky | 2ed0912 | 2016-02-11 09:43:37 -0800 | [diff] [blame] | 642 | dl_mesg = dlerror(); |
| 643 | fprintf(stderr, "dlopen(): %s\n", dl_mesg); |
| 644 | return 1; |
Lee Campbell | 1e4fc6a | 2014-06-06 17:40:02 -0700 | [diff] [blame] | 645 | } |
| 646 | minijail_run(j, argv[0], argv); |
| 647 | } else { |
Jorge Lucangeli Obes | 2f61ee4 | 2014-06-16 11:08:18 -0700 | [diff] [blame] | 648 | fprintf(stderr, |
| 649 | "Target program '%s' is not a valid ELF file.\n", |
| 650 | argv[0]); |
Jorge Lucangeli Obes | 4b2d5ee | 2014-01-09 15:47:47 -0800 | [diff] [blame] | 651 | return 1; |
| 652 | } |
Lee Campbell | 1e4fc6a | 2014-06-06 17:40:02 -0700 | [diff] [blame] | 653 | |
Christopher Wiley | 88f76a7 | 2013-11-01 14:12:56 -0700 | [diff] [blame] | 654 | if (exit_immediately) { |
Luis Hector Chavez | 114a930 | 2017-09-05 20:36:58 -0700 | [diff] [blame^] | 655 | info("not running init loop, exiting immediately\n"); |
Christopher Wiley | 88f76a7 | 2013-11-01 14:12:56 -0700 | [diff] [blame] | 656 | return 0; |
| 657 | } |
lhchavez | 6c8d820 | 2017-09-01 03:55:11 +0000 | [diff] [blame] | 658 | int ret = minijail_wait(j); |
| 659 | #if defined(__SANITIZE_ADDRESS__) |
| 660 | minijail_destroy(j); |
| 661 | #endif /* __SANITIZE_ADDRESS__ */ |
| 662 | return ret; |
Elly Jones | cd7a904 | 2011-07-22 13:56:51 -0400 | [diff] [blame] | 663 | } |