Current-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: execute statically-linked linux files
On Thu, Jan 06, 2022 at 05:02:13PM +0100, Anders Magnusson wrote:
> Kave you looked at brandelf?
>
> https://www.freebsd.org/cgi/man.cgi?query=brandelf&sektion=1
Looks like what I need, thanks.
For the record, attached is my port to NetBSD of this
Interestingly, it seems to recognise all binaries as SVR4 (for NetBSD or
linux binaries) so it seems that the ELF type is recorded at some other place.
Anyway with a binary rebranded to linux I now hit another issue:
it quickly core dumps, with an issue that seems related to procfs:
with procfs only mounted on /emul/linux/proc, I get:
6369 6369 xc8 CALL open(0x43d6da,0x280800,0x66d208)
6369 6369 xc8 NAMI "/emul/linux/proc/self/exe"
6369 6369 xc8 NAMI "/proc/self/exe"
6369 6369 xc8 RET open -1 errno -2 No such file or directory
6369 6369 xc8 PSIG SIGSEGV SIG_DFL: code=SEGV_MAPERR, addr=0x0, trap=14)
6369 6369 xc8 NAMI "xc8.core"
But /emul/linux/proc/self/exe should exists:
armandeche:/>ls -l /emul/linux/proc/self/exe
lr-xr-xr-x 1 root wheel 7 Jan 6 17:46 /emul/linux/proc/self/exe -> /bin/ls
armandeche:/>/emul/linux/bin/ls /emul/linux/proc/self/exe
/emul/linux/proc/self/exe
If I also mount procfs on /proc things go a bit further:
25735 25735 xc8 CALL open(0x43d6da,0x280800,0x66d208)
25735 25735 xc8 NAMI "/emul/linux/proc/self/exe"
25735 25735 xc8 NAMI "/proc/self/exe"
25735 25735 xc8 RET open 4
25735 25735 xc8 CALL readlink(0x7f7fffffd6f5,0x7f7fffffd830,0xfff)
25735 25735 xc8 NAMI "/emul/linux/proc/self/fd/4"
25735 25735 xc8 RET readlink -1 errno -22 Invalid argument
25735 25735 xc8 CALL close(4)
25735 25735 xc8 RET close 0
25735 25735 xc8 PSIG SIGSEGV SIG_DFL: code=SEGV_MAPERR, addr=0x0, trap=14)
25735 25735 xc8 NAMI "xc8.core"
What's strange here is that /emul/linux/proc/self/exe should work as well
as /proc/self/exe
the second issue is that it expects /emul/linux/proc/self/fd/4 to be a working
symlink, and on NetBSD it's not. Note that with /bin/ls I get something
similar:
armandeche:/local/armandeche1/tmp#ktrace -i ls -l /proc/self/fd/
total 2
crw--w---- 1 bouyer tty 5, 0 Jan 6 17:54 0
crw--w---- 1 bouyer tty 5, 0 Jan 6 17:54 1
crw--w---- 1 bouyer tty 5, 0 Jan 6 17:54 2
lr-xr-xr-x 1 root wheel 2048 Jan 6 17:54 3 -> /local/armandeche1/tmp
ls: /proc/self/fd//4: Invalid argument
lr-xr-xr-x 1 root wheel 0 Jan 6 17:54 4
22875 1 ls CALL readlink(0x7f7fffb98200,0x7f7fffb98610,0x400)
22875 1 ls NAMI "/proc/self/fd//4"
22875 1 ls RET readlink -1 errno 22 Invalid argument
If I can trust the ktrace output, fd/4 should point to /etc/spwd.db
On linux, strace shows it reading the link from /proc/self/exec, getting back
the executable path and doing a stat on it.
--
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
NetBSD: 26 ans d'experience feront toujours la difference
--
/*-
* SPDX-License-Identifier: BSD-3-Clause
*
* Copyright (c) 2000, 2001 David O'Brien
* Copyright (c) 1996 Søren Schmidt
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer
* in this position and unchanged.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
#include <sys/param.h>
#include <sys/errno.h>
#include <elf.h>
#include <err.h>
#include <fcntl.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
static int elftype(const char *);
static const char *iselftype(int);
static void printelftypes(void);
static void usage(void);
struct ELFtypes {
const char *str;
int value;
};
/* XXX - any more types? */
static struct ELFtypes elftypes[] = {
{ "FreeBSD", ELFOSABI_FREEBSD },
{ "NetBSD", ELFOSABI_NETBSD },
{ "Linux", ELFOSABI_LINUX },
{ "Solaris", ELFOSABI_SOLARIS },
{ "SVR4", ELFOSABI_SYSV }
};
int
main(int argc, char **argv)
{
const char *strtype = "FreeBSD";
int ch, flags, retval, type;
bool change, force, listed;
type = ELFOSABI_FREEBSD;
retval = 0;
change = false;
force = false;
listed = false;
while ((ch = getopt(argc, argv, "f:lt:v")) != -1)
switch (ch) {
case 'f':
if (change)
errx(1, "f option incompatible with t option");
force = true;
type = atoi(optarg);
if (errno == ERANGE || type < 0 || type > 255) {
warnx("invalid argument to option f: %s",
optarg);
usage();
}
break;
case 'l':
printelftypes();
listed = true;
break;
case 'v':
/* does nothing */
break;
case 't':
if (force)
errx(1, "t option incompatible with f option");
change = true;
strtype = optarg;
break;
default:
usage();
}
argc -= optind;
argv += optind;
if (argc == 0) {
if (listed)
exit(0);
else {
warnx("no file(s) specified");
usage();
}
}
if (!force && (type = elftype(strtype)) == -1) {
warnx("invalid ELF type '%s'", strtype);
printelftypes();
usage();
}
flags = change || force ? O_RDWR : O_RDONLY;
while (argc != 0) {
int fd;
char buffer[EI_NIDENT];
if ((fd = open(argv[0], flags)) < 0) {
warn("error opening file %s", argv[0]);
retval = 1;
goto fail;
}
if (read(fd, buffer, EI_NIDENT) < EI_NIDENT) {
warnx("file '%s' too short", argv[0]);
retval = 1;
goto fail;
}
if (buffer[0] != ELFMAG0 || buffer[1] != ELFMAG1 ||
buffer[2] != ELFMAG2 || buffer[3] != ELFMAG3) {
warnx("file '%s' is not ELF format", argv[0]);
retval = 1;
goto fail;
}
if (!change && !force) {
fprintf(stdout,
"File '%s' is of brand '%s' (%u).\n",
argv[0], iselftype(buffer[EI_OSABI]),
buffer[EI_OSABI]);
if (!iselftype(type)) {
warnx("ELF ABI Brand '%u' is unknown",
type);
printelftypes();
}
}
else {
buffer[EI_OSABI] = type;
lseek(fd, 0, SEEK_SET);
if (write(fd, buffer, EI_NIDENT) != EI_NIDENT) {
warn("error writing %s %d", argv[0], fd);
retval = 1;
goto fail;
}
}
fail:
close(fd);
argc--;
argv++;
}
return (retval);
}
static void
usage(void)
{
(void)fprintf(stderr,
"usage: brandelf [-lv] [-f ELF_ABI_number] [-t string] file ...\n");
exit(1);
}
static const char *
iselftype(int etype)
{
size_t elfwalk;
for (elfwalk = 0; elfwalk < sizeof(elftypes) / sizeof(elftypes[0]); elfwalk++)
if (etype == elftypes[elfwalk].value)
return (elftypes[elfwalk].str);
return (0);
}
static int
elftype(const char *elfstrtype)
{
size_t elfwalk;
for (elfwalk = 0; elfwalk < sizeof(elftypes) / sizeof(elftypes[0]); elfwalk++)
if (strcasecmp(elfstrtype, elftypes[elfwalk].str) == 0)
return (elftypes[elfwalk].value);
return (-1);
}
static void
printelftypes(void)
{
size_t elfwalk;
fprintf(stderr, "known ELF types are: ");
for (elfwalk = 0; elfwalk < sizeof(elftypes) / sizeof(elftypes[0]); elfwalk++)
fprintf(stderr, "%s(%u) ", elftypes[elfwalk].str,
elftypes[elfwalk].value);
fprintf(stderr, "\n");
}
Home |
Main Index |
Thread Index |
Old Index