1/* Copyright (C) 2000-2022 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
3
4 The GNU C Library is free software; you can redistribute it and/or
5 modify it under the terms of the GNU Lesser General Public
6 License as published by the Free Software Foundation; either
7 version 2.1 of the License, or (at your option) any later version.
8
9 The GNU C Library is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 Lesser General Public License for more details.
13
14 You should have received a copy of the GNU Lesser General Public
15 License along with the GNU C Library; if not, see
16 <https://www.gnu.org/licenses/>. */
17
18#include <fcntl.h>
19#include <paths.h>
20#include <unistd.h>
21
22#include <hurd.h>
23#include <hurd/fd.h>
24
25#include <set-hooks.h>
26
27/* Try to get a machine dependent instruction which will make the
28 program crash. This is used in case everything else fails. */
29#include <abort-instr.h>
30#ifndef ABORT_INSTRUCTION
31/* No such instruction is available. */
32# define ABORT_INSTRUCTION
33#endif
34
35static void
36check_one_fd (int fd, int mode)
37{
38 struct hurd_fd *d;
39
40 d = _hurd_fd_get (fd);
41 if (d == NULL)
42 {
43 /* This descriptor hasn't been opened. We try to allocate the
44 descriptor and open /dev/null on it so that the SUID program
45 we are about to start does not accidentally use this
46 descriptor. */
47 d = _hurd_alloc_fd (NULL, fd);
48 if (d != NULL)
49 {
50 mach_port_t port;
51
52 port = __file_name_lookup (_PATH_DEVNULL, mode, 0);
53 if (port)
54 {
55 /* Since /dev/null isn't supposed to be a terminal, we
56 avoid any ctty magic. */
57 d->port.port = port;
58 d->flags = 0;
59
60 __spin_unlock (&d->port.lock);
61 return;
62 }
63 }
64
65 /* We cannot even give an error message here since it would run
66 into the same problems. */
67 while (1)
68 /* Try for ever and ever. */
69 ABORT_INSTRUCTION;
70 }
71}
72
73static void
74check_standard_fds (void)
75{
76 /* Check all three standard file descriptors. */
77 check_one_fd (STDIN_FILENO, O_RDONLY);
78 check_one_fd (STDOUT_FILENO, O_RDWR);
79 check_one_fd (STDERR_FILENO, O_RDWR);
80}
81
82static void attribute_used_retain
83init_standard_fds (void)
84{
85 /* Now that we have FDs, make sure that, if this is a SUID program,
86 FDs 0, 1 and 2 are allocated. If necessary we'll set them up
87 ourselves. If that's not possible we stop the program. */
88 if (__builtin_expect (__libc_enable_secure, 0))
89 check_standard_fds ();
90}
91SET_RELHOOK (_hurd_fd_subinit, init_standard_fds);
92
93
94#ifndef SHARED
95void
96__libc_check_standard_fds (void)
97{
98 /* We don't check the standard file descriptors here. They will be
99 checked when we initialize the file descriptor table, as part of
100 the _hurd_fd_subinit hook.
101
102 This function is only present to make sure that this module gets
103 linked in when part of the static libc. */
104}
105#endif
106

source code of glibc/sysdeps/mach/hurd/check_fds.c