diff options
Diffstat (limited to 'vendor/rustix/src/backend/linux_raw/param/auxv.rs')
| -rw-r--r-- | vendor/rustix/src/backend/linux_raw/param/auxv.rs | 507 |
1 files changed, 0 insertions, 507 deletions
diff --git a/vendor/rustix/src/backend/linux_raw/param/auxv.rs b/vendor/rustix/src/backend/linux_raw/param/auxv.rs deleted file mode 100644 index b9ac27e..0000000 --- a/vendor/rustix/src/backend/linux_raw/param/auxv.rs +++ /dev/null @@ -1,507 +0,0 @@ -//! Linux auxv support. -//! -//! # Safety -//! -//! This uses raw pointers to locate and read the kernel-provided auxv array. -#![allow(unsafe_code)] - -use crate::backend::c; -use crate::fd::OwnedFd; -#[cfg(feature = "param")] -use crate::ffi::CStr; -use crate::fs::{Mode, OFlags}; -use crate::utils::{as_ptr, check_raw_pointer}; -#[cfg(feature = "alloc")] -use alloc::vec::Vec; -use core::mem::size_of; -use core::ptr::{null_mut, read_unaligned, NonNull}; -#[cfg(feature = "runtime")] -use core::sync::atomic::AtomicU8; -use core::sync::atomic::Ordering::Relaxed; -use core::sync::atomic::{AtomicPtr, AtomicUsize}; -use linux_raw_sys::elf::*; -use linux_raw_sys::general::{ - AT_BASE, AT_CLKTCK, AT_EXECFN, AT_HWCAP, AT_HWCAP2, AT_NULL, AT_PAGESZ, AT_SYSINFO_EHDR, -}; -#[cfg(feature = "runtime")] -use linux_raw_sys::general::{ - AT_EGID, AT_ENTRY, AT_EUID, AT_GID, AT_PHDR, AT_PHENT, AT_PHNUM, AT_RANDOM, AT_SECURE, AT_UID, -}; - -#[cfg(feature = "param")] -#[inline] -pub(crate) fn page_size() -> usize { - let mut page_size = PAGE_SIZE.load(Relaxed); - - if page_size == 0 { - init_auxv(); - page_size = PAGE_SIZE.load(Relaxed); - } - - page_size -} - -#[cfg(feature = "param")] -#[inline] -pub(crate) fn clock_ticks_per_second() -> u64 { - let mut ticks = CLOCK_TICKS_PER_SECOND.load(Relaxed); - - if ticks == 0 { - init_auxv(); - ticks = CLOCK_TICKS_PER_SECOND.load(Relaxed); - } - - ticks as u64 -} - -#[cfg(feature = "param")] -#[inline] -pub(crate) fn linux_hwcap() -> (usize, usize) { - let mut hwcap = HWCAP.load(Relaxed); - let mut hwcap2 = HWCAP2.load(Relaxed); - - if hwcap == 0 || hwcap2 == 0 { - init_auxv(); - hwcap = HWCAP.load(Relaxed); - hwcap2 = HWCAP2.load(Relaxed); - } - - (hwcap, hwcap2) -} - -#[cfg(feature = "param")] -#[inline] -pub(crate) fn linux_execfn() -> &'static CStr { - let mut execfn = EXECFN.load(Relaxed); - - if execfn.is_null() { - init_auxv(); - execfn = EXECFN.load(Relaxed); - } - - // SAFETY: We assume the `AT_EXECFN` value provided by the kernel is a - // valid pointer to a valid NUL-terminated array of bytes. - unsafe { CStr::from_ptr(execfn.cast()) } -} - -#[cfg(feature = "runtime")] -#[inline] -pub(crate) fn linux_secure() -> bool { - let mut secure = SECURE.load(Relaxed); - - // 0 means not initialized yet. - if secure == 0 { - init_auxv(); - secure = SECURE.load(Relaxed); - } - - // 0 means not present. Libc `getauxval(AT_SECURE)` would return 0. - // 1 means not in secure mode. - // 2 means in secure mode. - secure > 1 -} - -#[cfg(feature = "runtime")] -#[inline] -pub(crate) fn exe_phdrs() -> (*const c::c_void, usize, usize) { - let mut phdr = PHDR.load(Relaxed); - let mut phent = PHENT.load(Relaxed); - let mut phnum = PHNUM.load(Relaxed); - - if phdr.is_null() || phnum == 0 { - init_auxv(); - phdr = PHDR.load(Relaxed); - phent = PHENT.load(Relaxed); - phnum = PHNUM.load(Relaxed); - } - - (phdr.cast(), phent, phnum) -} - -/// `AT_SYSINFO_EHDR` isn't present on all platforms in all configurations, so -/// if we don't see it, this function returns a null pointer. -#[inline] -pub(in super::super) fn sysinfo_ehdr() -> *const Elf_Ehdr { - let mut ehdr = SYSINFO_EHDR.load(Relaxed); - - if ehdr.is_null() { - init_auxv(); - ehdr = SYSINFO_EHDR.load(Relaxed); - } - - ehdr -} - -#[cfg(feature = "runtime")] -#[inline] -pub(crate) fn entry() -> usize { - let mut entry = ENTRY.load(Relaxed); - - if entry == 0 { - init_auxv(); - entry = ENTRY.load(Relaxed); - } - - entry -} - -#[cfg(feature = "runtime")] -#[inline] -pub(crate) fn random() -> *const [u8; 16] { - let mut random = RANDOM.load(Relaxed); - - if random.is_null() { - init_auxv(); - random = RANDOM.load(Relaxed); - } - - random -} - -static PAGE_SIZE: AtomicUsize = AtomicUsize::new(0); -static CLOCK_TICKS_PER_SECOND: AtomicUsize = AtomicUsize::new(0); -static HWCAP: AtomicUsize = AtomicUsize::new(0); -static HWCAP2: AtomicUsize = AtomicUsize::new(0); -static EXECFN: AtomicPtr<c::c_char> = AtomicPtr::new(null_mut()); -static SYSINFO_EHDR: AtomicPtr<Elf_Ehdr> = AtomicPtr::new(null_mut()); -#[cfg(feature = "runtime")] -static SECURE: AtomicU8 = AtomicU8::new(0); -#[cfg(feature = "runtime")] -static PHDR: AtomicPtr<Elf_Phdr> = AtomicPtr::new(null_mut()); -#[cfg(feature = "runtime")] -static PHENT: AtomicUsize = AtomicUsize::new(0); -#[cfg(feature = "runtime")] -static PHNUM: AtomicUsize = AtomicUsize::new(0); -#[cfg(feature = "runtime")] -static ENTRY: AtomicUsize = AtomicUsize::new(0); -#[cfg(feature = "runtime")] -static RANDOM: AtomicPtr<[u8; 16]> = AtomicPtr::new(null_mut()); - -#[cfg(feature = "alloc")] -fn pr_get_auxv() -> crate::io::Result<Vec<u8>> { - use super::super::conv::{c_int, pass_usize, ret_usize}; - const PR_GET_AUXV: c::c_int = 0x4155_5856; - let mut buffer = alloc::vec![0u8; 512]; - let len = unsafe { - ret_usize(syscall_always_asm!( - __NR_prctl, - c_int(PR_GET_AUXV), - buffer.as_ptr(), - pass_usize(buffer.len()), - pass_usize(0), - pass_usize(0) - ))? - }; - if len <= buffer.len() { - buffer.truncate(len); - return Ok(buffer); - } - buffer.resize(len, 0); - let len = unsafe { - ret_usize(syscall_always_asm!( - __NR_prctl, - c_int(PR_GET_AUXV), - buffer.as_ptr(), - pass_usize(buffer.len()), - pass_usize(0), - pass_usize(0) - ))? - }; - assert_eq!(len, buffer.len()); - return Ok(buffer); -} - -/// If we don't have "use-explicitly-provided-auxv" or "use-libc-auxv", we -/// read the aux vector via the `prctl` `PR_GET_AUXV`, with a fallback to -/// /proc/self/auxv for kernels that don't support `PR_GET_AUXV`. -#[cold] -fn init_auxv() { - #[cfg(feature = "alloc")] - { - match pr_get_auxv() { - Ok(buffer) => { - // SAFETY: We assume the kernel returns a valid auxv. - unsafe { - init_from_aux_iter(AuxPointer(buffer.as_ptr().cast())).unwrap(); - } - return; - } - Err(_) => { - // Fall back to /proc/self/auxv on error. - } - } - } - - // Open "/proc/self/auxv", either because we trust "/proc", or because - // we're running inside QEMU and `proc_self_auxv`'s extra checking foils - // QEMU's emulation so we need to do a plain open to get the right - // auxv records. - let file = crate::fs::open("/proc/self/auxv", OFlags::RDONLY, Mode::empty()).unwrap(); - - #[cfg(feature = "alloc")] - init_from_auxv_file(file).unwrap(); - - #[cfg(not(feature = "alloc"))] - unsafe { - init_from_aux_iter(AuxFile(file)).unwrap(); - } -} - -/// Process auxv entries from the open file `auxv`. -#[cfg(feature = "alloc")] -#[cold] -#[must_use] -fn init_from_auxv_file(auxv: OwnedFd) -> Option<()> { - let mut buffer = Vec::<u8>::with_capacity(512); - loop { - let cur = buffer.len(); - - // Request one extra byte; `Vec` will often allocate more. - buffer.reserve(1); - - // Use all the space it allocated. - buffer.resize(buffer.capacity(), 0); - - // Read up to that many bytes. - let n = match crate::io::read(&auxv, &mut buffer[cur..]) { - Err(crate::io::Errno::INTR) => 0, - Err(_err) => panic!(), - Ok(0) => break, - Ok(n) => n, - }; - - // Account for the number of bytes actually read. - buffer.resize(cur + n, 0_u8); - } - - // SAFETY: We loaded from an auxv file into the buffer. - unsafe { init_from_aux_iter(AuxPointer(buffer.as_ptr().cast())) } -} - -/// Process auxv entries from the auxv array pointed to by `auxp`. -/// -/// # Safety -/// -/// This must be passed a pointer to an auxv array. -/// -/// The buffer contains `Elf_aux_t` elements, though it need not be aligned; -/// function uses `read_unaligned` to read from it. -#[cold] -#[must_use] -unsafe fn init_from_aux_iter(aux_iter: impl Iterator<Item = Elf_auxv_t>) -> Option<()> { - let mut pagesz = 0; - let mut clktck = 0; - let mut hwcap = 0; - let mut hwcap2 = 0; - let mut execfn = null_mut(); - let mut sysinfo_ehdr = null_mut(); - #[cfg(feature = "runtime")] - let mut secure = 0; - #[cfg(feature = "runtime")] - let mut phdr = null_mut(); - #[cfg(feature = "runtime")] - let mut phnum = 0; - #[cfg(feature = "runtime")] - let mut phent = 0; - #[cfg(feature = "runtime")] - let mut entry = 0; - #[cfg(feature = "runtime")] - let mut uid = None; - #[cfg(feature = "runtime")] - let mut euid = None; - #[cfg(feature = "runtime")] - let mut gid = None; - #[cfg(feature = "runtime")] - let mut egid = None; - #[cfg(feature = "runtime")] - let mut random = null_mut(); - - for Elf_auxv_t { a_type, a_val } in aux_iter { - match a_type as _ { - AT_PAGESZ => pagesz = a_val as usize, - AT_CLKTCK => clktck = a_val as usize, - AT_HWCAP => hwcap = a_val as usize, - AT_HWCAP2 => hwcap2 = a_val as usize, - AT_EXECFN => execfn = check_raw_pointer::<c::c_char>(a_val as *mut _)?.as_ptr(), - AT_SYSINFO_EHDR => sysinfo_ehdr = check_elf_base(a_val as *mut _)?.as_ptr(), - - AT_BASE => { - // The `AT_BASE` value can be NULL in a static executable that - // doesn't use a dynamic linker. If so, ignore it. - if !a_val.is_null() { - let _ = check_elf_base(a_val.cast())?; - } - } - - #[cfg(feature = "runtime")] - AT_SECURE => secure = (a_val as usize != 0) as u8 + 1, - #[cfg(feature = "runtime")] - AT_UID => uid = Some(a_val), - #[cfg(feature = "runtime")] - AT_EUID => euid = Some(a_val), - #[cfg(feature = "runtime")] - AT_GID => gid = Some(a_val), - #[cfg(feature = "runtime")] - AT_EGID => egid = Some(a_val), - #[cfg(feature = "runtime")] - AT_PHDR => phdr = check_raw_pointer::<Elf_Phdr>(a_val as *mut _)?.as_ptr(), - #[cfg(feature = "runtime")] - AT_PHNUM => phnum = a_val as usize, - #[cfg(feature = "runtime")] - AT_PHENT => phent = a_val as usize, - #[cfg(feature = "runtime")] - AT_ENTRY => entry = a_val as usize, - #[cfg(feature = "runtime")] - AT_RANDOM => random = check_raw_pointer::<[u8; 16]>(a_val as *mut _)?.as_ptr(), - - AT_NULL => break, - _ => (), - } - } - - #[cfg(feature = "runtime")] - assert_eq!(phent, size_of::<Elf_Phdr>()); - - // If we're running set-uid or set-gid, enable “secure execution” mode, - // which doesn't do much, but users may be depending on the things that - // it does do. - #[cfg(feature = "runtime")] - if uid != euid || gid != egid { - secure = 2; - } - - // The base and sysinfo_ehdr (if present) matches our platform. Accept the - // aux values. - PAGE_SIZE.store(pagesz, Relaxed); - CLOCK_TICKS_PER_SECOND.store(clktck, Relaxed); - HWCAP.store(hwcap, Relaxed); - HWCAP2.store(hwcap2, Relaxed); - EXECFN.store(execfn, Relaxed); - SYSINFO_EHDR.store(sysinfo_ehdr, Relaxed); - #[cfg(feature = "runtime")] - SECURE.store(secure, Relaxed); - #[cfg(feature = "runtime")] - PHDR.store(phdr, Relaxed); - #[cfg(feature = "runtime")] - PHNUM.store(phnum, Relaxed); - #[cfg(feature = "runtime")] - ENTRY.store(entry, Relaxed); - #[cfg(feature = "runtime")] - RANDOM.store(random, Relaxed); - - Some(()) -} - -/// Check that `base` is a valid pointer to the kernel-provided vDSO. -/// -/// `base` is some value we got from a `AT_SYSINFO_EHDR` aux record somewhere, -/// which hopefully holds the value of the kernel-provided vDSO in memory. Do a -/// series of checks to be as sure as we can that it's safe to use. -#[cold] -#[must_use] -unsafe fn check_elf_base(base: *const Elf_Ehdr) -> Option<NonNull<Elf_Ehdr>> { - // If we're reading a 64-bit auxv on a 32-bit platform, we'll see a zero - // `a_val` because `AT_*` values are never greater than `u32::MAX`. Zero is - // used by libc's `getauxval` to indicate errors, so it should never be a - // valid value. - if base.is_null() { - return None; - } - - let hdr = match check_raw_pointer::<Elf_Ehdr>(base as *mut _) { - Some(hdr) => hdr, - None => return None, - }; - - let hdr = hdr.as_ref(); - if hdr.e_ident[..SELFMAG] != ELFMAG { - return None; // Wrong ELF magic - } - if !matches!(hdr.e_ident[EI_OSABI], ELFOSABI_SYSV | ELFOSABI_LINUX) { - return None; // Unrecognized ELF OS ABI - } - if hdr.e_ident[EI_ABIVERSION] != ELFABIVERSION { - return None; // Unrecognized ELF ABI version - } - if hdr.e_type != ET_DYN { - return None; // Wrong ELF type - } - - // If ELF is extended, we'll need to adjust. - if hdr.e_ident[EI_VERSION] != EV_CURRENT - || hdr.e_ehsize as usize != size_of::<Elf_Ehdr>() - || hdr.e_phentsize as usize != size_of::<Elf_Phdr>() - { - return None; - } - // We don't currently support extra-large numbers of segments. - if hdr.e_phnum == PN_XNUM { - return None; - } - - // If `e_phoff` is zero, it's more likely that we're looking at memory that - // has been zeroed than that the kernel has somehow aliased the `Ehdr` and - // the `Phdr`. - if hdr.e_phoff < size_of::<Elf_Ehdr>() { - return None; - } - - // Verify that the `EI_CLASS`/`EI_DATA`/`e_machine` fields match the - // architecture we're running as. This helps catch cases where we're - // running under QEMU. - if hdr.e_ident[EI_CLASS] != ELFCLASS { - return None; // Wrong ELF class - } - if hdr.e_ident[EI_DATA] != ELFDATA { - return None; // Wrong ELF data - } - if hdr.e_machine != EM_CURRENT { - return None; // Wrong machine type - } - - Some(NonNull::new_unchecked(as_ptr(hdr) as *mut _)) -} - -// Aux reading utilities - -// Read auxv records from an array in memory. -struct AuxPointer(*const Elf_auxv_t); - -impl Iterator for AuxPointer { - type Item = Elf_auxv_t; - - #[cold] - fn next(&mut self) -> Option<Self::Item> { - unsafe { - let value = read_unaligned(self.0); - self.0 = self.0.add(1); - Some(value) - } - } -} - -// Read auxv records from a file. -#[cfg(not(feature = "alloc"))] -struct AuxFile(OwnedFd); - -#[cfg(not(feature = "alloc"))] -impl Iterator for AuxFile { - type Item = Elf_auxv_t; - - // This implementation does lots of `read`s and it isn't amazing, but - // hopefully we won't use it often. - #[cold] - fn next(&mut self) -> Option<Self::Item> { - let mut buf = [0_u8; size_of::<Self::Item>()]; - let mut slice = &mut buf[..]; - while !slice.is_empty() { - match crate::io::read(&self.0, slice) { - Ok(0) => panic!("unexpected end of auxv file"), - Ok(n) => slice = &mut slice[n..], - Err(crate::io::Errno::INTR) => continue, - Err(err) => panic!("{:?}", err), - } - } - Some(unsafe { read_unaligned(buf.as_ptr().cast()) }) - } -} |