1b28a10aeSAleksa Sarai // SPDX-License-Identifier: GPL-2.0-or-later 2b28a10aeSAleksa Sarai /* 3b28a10aeSAleksa Sarai * Author: Aleksa Sarai <cyphar@cyphar.com> 4b28a10aeSAleksa Sarai * Copyright (C) 2018-2019 SUSE LLC. 5b28a10aeSAleksa Sarai */ 6b28a10aeSAleksa Sarai 7b28a10aeSAleksa Sarai #ifndef __RESOLVEAT_H__ 8b28a10aeSAleksa Sarai #define __RESOLVEAT_H__ 9b28a10aeSAleksa Sarai 10b28a10aeSAleksa Sarai #define _GNU_SOURCE 11b28a10aeSAleksa Sarai #include <stdint.h> 12*ea339672SCristian Marussi #include <stdbool.h> 13b28a10aeSAleksa Sarai #include <errno.h> 14b28a10aeSAleksa Sarai #include <linux/types.h> 15b28a10aeSAleksa Sarai #include "../kselftest.h" 16b28a10aeSAleksa Sarai 17b28a10aeSAleksa Sarai #define ARRAY_LEN(X) (sizeof (X) / sizeof (*(X))) 18b28a10aeSAleksa Sarai #define BUILD_BUG_ON(e) ((void)(sizeof(struct { int:(-!!(e)); }))) 19b28a10aeSAleksa Sarai 20b28a10aeSAleksa Sarai #ifndef SYS_openat2 21b28a10aeSAleksa Sarai #ifndef __NR_openat2 22b28a10aeSAleksa Sarai #define __NR_openat2 437 23b28a10aeSAleksa Sarai #endif /* __NR_openat2 */ 24b28a10aeSAleksa Sarai #define SYS_openat2 __NR_openat2 25b28a10aeSAleksa Sarai #endif /* SYS_openat2 */ 26b28a10aeSAleksa Sarai 27b28a10aeSAleksa Sarai /* 28b28a10aeSAleksa Sarai * Arguments for how openat2(2) should open the target path. If @resolve is 29b28a10aeSAleksa Sarai * zero, then openat2(2) operates very similarly to openat(2). 30b28a10aeSAleksa Sarai * 31b28a10aeSAleksa Sarai * However, unlike openat(2), unknown bits in @flags result in -EINVAL rather 32b28a10aeSAleksa Sarai * than being silently ignored. @mode must be zero unless one of {O_CREAT, 33b28a10aeSAleksa Sarai * O_TMPFILE} are set. 34b28a10aeSAleksa Sarai * 35b28a10aeSAleksa Sarai * @flags: O_* flags. 36b28a10aeSAleksa Sarai * @mode: O_CREAT/O_TMPFILE file mode. 37b28a10aeSAleksa Sarai * @resolve: RESOLVE_* flags. 38b28a10aeSAleksa Sarai */ 39b28a10aeSAleksa Sarai struct open_how { 40b28a10aeSAleksa Sarai __u64 flags; 41b28a10aeSAleksa Sarai __u64 mode; 42b28a10aeSAleksa Sarai __u64 resolve; 43b28a10aeSAleksa Sarai }; 44b28a10aeSAleksa Sarai 45b28a10aeSAleksa Sarai #define OPEN_HOW_SIZE_VER0 24 /* sizeof first published struct */ 46b28a10aeSAleksa Sarai #define OPEN_HOW_SIZE_LATEST OPEN_HOW_SIZE_VER0 47b28a10aeSAleksa Sarai 48b28a10aeSAleksa Sarai bool needs_openat2(const struct open_how *how); 49b28a10aeSAleksa Sarai 50b28a10aeSAleksa Sarai #ifndef RESOLVE_IN_ROOT 51b28a10aeSAleksa Sarai /* how->resolve flags for openat2(2). */ 52b28a10aeSAleksa Sarai #define RESOLVE_NO_XDEV 0x01 /* Block mount-point crossings 53b28a10aeSAleksa Sarai (includes bind-mounts). */ 54b28a10aeSAleksa Sarai #define RESOLVE_NO_MAGICLINKS 0x02 /* Block traversal through procfs-style 55b28a10aeSAleksa Sarai "magic-links". */ 56b28a10aeSAleksa Sarai #define RESOLVE_NO_SYMLINKS 0x04 /* Block traversal through all symlinks 57b28a10aeSAleksa Sarai (implies OEXT_NO_MAGICLINKS) */ 58b28a10aeSAleksa Sarai #define RESOLVE_BENEATH 0x08 /* Block "lexical" trickery like 59b28a10aeSAleksa Sarai "..", symlinks, and absolute 60b28a10aeSAleksa Sarai paths which escape the dirfd. */ 61b28a10aeSAleksa Sarai #define RESOLVE_IN_ROOT 0x10 /* Make all jumps to "/" and ".." 62b28a10aeSAleksa Sarai be scoped inside the dirfd 63b28a10aeSAleksa Sarai (similar to chroot(2)). */ 64b28a10aeSAleksa Sarai #endif /* RESOLVE_IN_ROOT */ 65b28a10aeSAleksa Sarai 66b28a10aeSAleksa Sarai #define E_func(func, ...) \ 67b28a10aeSAleksa Sarai do { \ 68e051cdf6SCristian Marussi errno = 0; \ 69b28a10aeSAleksa Sarai if (func(__VA_ARGS__) < 0) \ 70e051cdf6SCristian Marussi ksft_exit_fail_msg("%s:%d %s failed - errno:%d\n", \ 71e051cdf6SCristian Marussi __FILE__, __LINE__, #func, errno); \ 72b28a10aeSAleksa Sarai } while (0) 73b28a10aeSAleksa Sarai 74b28a10aeSAleksa Sarai #define E_asprintf(...) E_func(asprintf, __VA_ARGS__) 75b28a10aeSAleksa Sarai #define E_chmod(...) E_func(chmod, __VA_ARGS__) 76b28a10aeSAleksa Sarai #define E_dup2(...) E_func(dup2, __VA_ARGS__) 77b28a10aeSAleksa Sarai #define E_fchdir(...) E_func(fchdir, __VA_ARGS__) 78b28a10aeSAleksa Sarai #define E_fstatat(...) E_func(fstatat, __VA_ARGS__) 79b28a10aeSAleksa Sarai #define E_kill(...) E_func(kill, __VA_ARGS__) 80b28a10aeSAleksa Sarai #define E_mkdirat(...) E_func(mkdirat, __VA_ARGS__) 81b28a10aeSAleksa Sarai #define E_mount(...) E_func(mount, __VA_ARGS__) 82b28a10aeSAleksa Sarai #define E_prctl(...) E_func(prctl, __VA_ARGS__) 83b28a10aeSAleksa Sarai #define E_readlink(...) E_func(readlink, __VA_ARGS__) 84b28a10aeSAleksa Sarai #define E_setresuid(...) E_func(setresuid, __VA_ARGS__) 85b28a10aeSAleksa Sarai #define E_symlinkat(...) E_func(symlinkat, __VA_ARGS__) 86b28a10aeSAleksa Sarai #define E_touchat(...) E_func(touchat, __VA_ARGS__) 87b28a10aeSAleksa Sarai #define E_unshare(...) E_func(unshare, __VA_ARGS__) 88b28a10aeSAleksa Sarai 89b28a10aeSAleksa Sarai #define E_assert(expr, msg, ...) \ 90b28a10aeSAleksa Sarai do { \ 91b28a10aeSAleksa Sarai if (!(expr)) \ 92b28a10aeSAleksa Sarai ksft_exit_fail_msg("ASSERT(%s:%d) failed (%s): " msg "\n", \ 93b28a10aeSAleksa Sarai __FILE__, __LINE__, #expr, ##__VA_ARGS__); \ 94b28a10aeSAleksa Sarai } while (0) 95b28a10aeSAleksa Sarai 96b28a10aeSAleksa Sarai int raw_openat2(int dfd, const char *path, void *how, size_t size); 97b28a10aeSAleksa Sarai int sys_openat2(int dfd, const char *path, struct open_how *how); 98b28a10aeSAleksa Sarai int sys_openat(int dfd, const char *path, struct open_how *how); 99b28a10aeSAleksa Sarai int sys_renameat2(int olddirfd, const char *oldpath, 100b28a10aeSAleksa Sarai int newdirfd, const char *newpath, unsigned int flags); 101b28a10aeSAleksa Sarai 102b28a10aeSAleksa Sarai int touchat(int dfd, const char *path); 103b28a10aeSAleksa Sarai char *fdreadlink(int fd); 104b28a10aeSAleksa Sarai bool fdequal(int fd, int dfd, const char *path); 105b28a10aeSAleksa Sarai 106b28a10aeSAleksa Sarai extern bool openat2_supported; 107b28a10aeSAleksa Sarai 108b28a10aeSAleksa Sarai #endif /* __RESOLVEAT_H__ */ 109