beenull/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-11-22 07:30:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Kernel: Allow 'elevating' unveil permissions if implicitly inherited from '/'

Browse source 
This can happen when an unveil follows another with a path that is a
sub-path of the other one:
```c++
unveil("/home/anon/.config/whoa.ini", "rw");
unveil("/home/anon", "r"); // this would fail, as "/home/anon" inherits
                           // the permissions of "/", which is None.
```
This commit is contained in:
AnotherTest 2020-12-26 17:54:01 +03:30 committed by Andreas Kling
parent 3be9a9ac76
commit 7b5aa06702
Notes: sideshowbarker 2024-07-19 00:34:47 +09:00 
Author: https://github.com/alimpfard
Commit: https://github.com/SerenityOS/serenity/commit/7b5aa06702a
Pull-request: https://github.com/SerenityOS/serenity/pull/4550
3 changed files with 14 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Kernel/Process.h
View file

@ -640,7 +640,7 @@ private:
u32 m_execpromises { 0 };
VeilState m_veil_state { VeilState::None };
UnveilNode m_unveiled_paths { "/", { "/" } };
UnveilNode m_unveiled_paths { "/", { .full_path = "/", .unveil_inherited_from_root = true } };
WaitQueue& futex_queue(Userspace<const i32*>);
HashMap<u32, OwnPtr<WaitQueue>> m_futex_queues;

13
Kernel/Syscalls/unveil.cpp
View file

@ -109,9 +109,14 @@ int Process::sys$unveil(Userspace<const Syscall::SC_unveil_params*> user_params)
auto it = lexical_path.parts().begin();
auto& matching_node = m_unveiled_paths.traverse_until_last_accessible_node(it, lexical_path.parts().end());
if (it.is_end()) {
if (new_permissions & ~matching_node.permissions())
return -EPERM;
matching_node.set_metadata({ matching_node.path(), (UnveilAccess)new_permissions, true });
auto old_permissions = matching_node.permissions();
// Allow "elevating" the permissions when the permissions are inherited from root (/),
// as that would be the first time this path is unveiled.
if (old_permissions != UnveilAccess::None || !matching_node.permissions_inherited_from_root()) {
if (new_permissions & ~old_permissions)
return -EPERM;
}
matching_node.set_metadata({ matching_node.path(), (UnveilAccess)new_permissions, true, false });
return 0;
}
@ -119,7 +124,7 @@ int Process::sys$unveil(Userspace<const Syscall::SC_unveil_params*> user_params)
it,
lexical_path.parts().end(),
{ new_unveiled_path, (UnveilAccess)new_permissions, true },
[](auto& parent, auto& it) -> Optional<UnveilMetadata> { return UnveilMetadata { String::formatted("{}/{}", parent.path(), *it), parent.permissions(), false }; });
[](auto& parent, auto& it) -> Optional<UnveilMetadata> { return UnveilMetadata { String::formatted("{}/{}", parent.path(), *it), parent.permissions(), false, parent.permissions_inherited_from_root() }; });
ASSERT(m_veil_state != VeilState::Locked);
m_veil_state = VeilState::Dropped;
return 0;

4
Kernel/UnveilNode.h
View file

@ -41,15 +41,19 @@ enum UnveilAccess {
None = 0,
};
struct UnveilNode;
struct UnveilMetadata {
String full_path;
UnveilAccess permissions { None };
bool explicitly_unveiled { false };
bool unveil_inherited_from_root { false }; // true if permissions are inherited from the tree root (/).
};
struct UnveilNode final : public AK::Trie<String, UnveilMetadata, Traits<String>, UnveilNode> {
using AK::Trie<String, UnveilMetadata, Traits<String>, UnveilNode>::Trie;
bool permissions_inherited_from_root() const { return this->metadata_value().unveil_inherited_from_root; }
bool was_explicitly_unveiled() const { return this->metadata_value().explicitly_unveiled; }
UnveilAccess permissions() const { return this->metadata_value().permissions; }
const String& path() const { return this->metadata_value().full_path; }