treewide: improve getauxval(AT_SECURE) usage

Let's enhance portability and readability slightly.

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/configure.ac b/configure.ac
index 68a8f54d923ca9e142a2a94f66dcae75bee7a928..0e11650ae372f6524c2c766131f02cfd44fc2384 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -370,6 +370,7 @@ AC_CHECK_HEADERS([ \
        stdint.h \
        stdio_ext.h \
        stdlib.h \
+       sys/auxv.h \
        sys/disk.h \
        sys/disklabel.h \
        sys/endian.h \
@@ -618,6 +619,7 @@ AC_CHECK_FUNCS([ \
        fsopen \
        fspick \
        fsync \
+       getauxval \
        getdomainname \
        getdtablesize \
        getexecname \

diff --git a/include/c.h b/include/c.h
index 50e34a120f925530a7ddd1ff1654a482677c1698..c4c73ce9df045069fc641473cdcec709ea5d03d1 100644 (file)
--- a/include/c.h
+++ b/include/c.h
@@ -10,6 +10,7 @@
 #include <limits.h>
 #include <stddef.h>
 #include <stdint.h>
+#include <stdbool.h>
 #include <stdio.h>
 #include <unistd.h>
 #include <stdarg.h>
@@ -37,6 +38,10 @@
 # define NAME_MAX PATH_MAX
 #endif
 
+#ifndef HAVE_SYS_AUXV_H
+# include <sys/auxv.h>
+#endif
+
 #define BIT(n)                 (1 << (n))
 
 /*
@@ -446,6 +451,15 @@ fail:
        return errno ? -errno : -1;
 }
 
+static inline bool is_privileged_execution(void)
+{
+#if defined(HAVE_GETAUXVAL) && defined(AT_SECURE)
+       return getauxval(AT_SECURE) != 0;
+#else
+       return (geteuid() != getuid()) || (getegid() != getgid());
+#endif
+}
+
 /*
  * The usleep function was marked obsolete in POSIX.1-2001 and was removed
  * in POSIX.1-2008.  It was replaced with nanosleep() that provides more

diff --git a/include/debug.h b/include/debug.h
index a59de3442bac9c715ad71acf9c838fa3e5770b75..b6c0e1a92ad8d6558803c79af592771593924f4e 100644 (file)
--- a/include/debug.h
+++ b/include/debug.h
@@ -36,7 +36,8 @@
 
 #include <stdarg.h>
 #include <string.h>
-#include <sys/auxv.h> // for getauxval()
+
+#include "c.h"
 
 struct ul_debug_maskname {
        const char *name;
@@ -90,7 +91,7 @@ struct ul_debug_maskname {
                } else \
                        lib ## _debug_mask = mask; \
                if (lib ## _debug_mask) { \
-                       if (getauxval(AT_SECURE)) { \
+                       if (is_privileged_execution()) { \
                                lib ## _debug_mask |= __UL_DEBUG_FL_NOADDR; \
                                fprintf(stderr, "%d: %s: don't print memory addresses (SUID executable).\n", getpid(), # lib); \
                        } \

diff --git a/lib/env.c b/lib/env.c
index 3fc4f2e21e541b7ab94c6b5567ba8526c61a2e02..dc65c5584af5a3ae01620d9ec68d2317888d7849 100644 (file)
--- a/lib/env.c
+++ b/lib/env.c
@@ -16,7 +16,6 @@
 #include <sys/syscall.h>
 #endif
 #include <unistd.h>
-#include <sys/auxv.h> // for getauxval()
 #include <sys/types.h>
 
 #include "env.h"
@@ -261,7 +260,7 @@ void sanitize_env(void)
 
 char *safe_getenv(const char *arg)
 {
-       if (getauxval(AT_SECURE))
+       if (is_privileged_execution())
                return NULL;
 #ifdef HAVE_PRCTL
        if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) == 0)

diff --git a/libmount/src/context.c b/libmount/src/context.c
index 84e98aa3f06b47f3a6705128d83b98ed509d2b88..46bbe378a3d8e72e290ce55361ebe9dc09cbb2ae 100644 (file)
--- a/libmount/src/context.c
+++ b/libmount/src/context.c
@@ -42,7 +42,6 @@
 #include "match.h"
 
 #include <stdarg.h>
-#include <sys/auxv.h> // for getauxval()
 #include <sys/wait.h>
 
 #include "mount-api-utils.h"
@@ -77,7 +76,7 @@ struct libmnt_context *mnt_new_context(void)
        INIT_LIST_HEAD(&cxt->hooksets_datas);
 
        /* if we're really root and aren't running setuid */
-       cxt->restricted = (uid_t) 0 == ruid && !getauxval(AT_SECURE) ? 0 : 1;
+       cxt->restricted = (uid_t) 0 == ruid && !is_privileged_execution() ? 0 : 1;
 
        cxt->noautofs = 0;
 

diff --git a/login-utils/chfn.c b/login-utils/chfn.c
index adfa3d63a873bc09093880904b7eb9c7e90b2520..059432b3d28e4470177677a1b17901c4ed250e6c 100644 (file)
--- a/login-utils/chfn.c
+++ b/login-utils/chfn.c
@@ -29,7 +29,6 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <sys/auxv.h> // for getauxval()
 #include <sys/types.h>
 #include <unistd.h>
 
@@ -270,7 +269,7 @@ static void get_login_defs(struct chfn_control *ctl)
        int broken = 0;
 
        /* real root does not have restrictions */
-       if (!getauxval(AT_SECURE) && getuid() == 0) {
+       if (!is_privileged_execution() && getuid() == 0) {
                ctl->allow_fullname = ctl->allow_room = ctl->allow_work = ctl->allow_home = 1;
                return;
        }
@@ -450,7 +449,7 @@ int main(int argc, char **argv)
 
 #ifdef HAVE_LIBUSER
        /* If we're setuid and not really root, disallow the password change. */
-       if (getauxval(AT_SECURE) && uid != ctl.pw->pw_uid) {
+       if (is_privileged_execution() && uid != ctl.pw->pw_uid) {
 #else
        if (uid != 0 && uid != ctl.pw->pw_uid) {
 #endif

diff --git a/login-utils/chsh.c b/login-utils/chsh.c
index 490d51864dd6b30d900f6415e51bc562090e44c3..3850bb843ad5e2c06f4666561a4cc0dfca3cbd6b 100644 (file)
--- a/login-utils/chsh.c
+++ b/login-utils/chsh.c
@@ -29,7 +29,6 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#include <sys/auxv.h> // for getauxval()
 #include <sys/types.h>
 #include <unistd.h>
 
@@ -244,7 +243,7 @@ int main(int argc, char **argv)
        /* reality check */
 #ifdef HAVE_LIBUSER
        /* If we're setuid and not really root, disallow the password change. */
-       if (getauxval(AT_SECURE) && uid != pw->pw_uid) {
+       if (is_privileged_execution() && uid != pw->pw_uid) {
 #else
        if (uid != 0 && uid != pw->pw_uid) {
 #endif

diff --git a/login-utils/su-common.c b/login-utils/su-common.c
index ad415cfb550b4a31d585b542fe43db55c437d003..4f2856e604b6473b2f3350df14be52ef910b0452 100644 (file)
--- a/login-utils/su-common.c
+++ b/login-utils/su-common.c
@@ -23,7 +23,6 @@
  */
 #include <stdio.h>
 #include <getopt.h>
-#include <sys/auxv.h> // for getauxval()
 #include <sys/types.h>
 #include <pwd.h>
 #include <grp.h>
@@ -930,7 +929,7 @@ static int is_not_root(void)
        const uid_t ruid = getuid();
 
        /* if we're really root and aren't running setuid */
-       return (uid_t) 0 == ruid && !getauxval(AT_SECURE) ? 0 : 1;
+       return (uid_t) 0 == ruid && !is_privileged_execution() ? 0 : 1;
 }
 
 /* Don't rely on PAM and reset the most important limits. */

diff --git a/meson.build b/meson.build
index e225454d708d067b9ca28f4434af22b2bea3320b..1e1df913ed26915b8a9379606f82f961f02502ff 100644 (file)
--- a/meson.build
+++ b/meson.build
@@ -238,6 +238,7 @@ headers = '''
         security/pam_appl.h
         security/pam_misc.h
         security/pam_modules.h
+        sys/auxv.h
         sys/disk.h
         sys/disklabel.h
         sys/endian.h
@@ -611,6 +612,7 @@ funcs = '''
         fsync
         getttynam
         utimensat
+        getauxval
         getdomainname
         getdtablesize
         getexecname

diff --git a/sys-utils/swapon.c b/sys-utils/swapon.c
index 0a8c40407d67d097d76ab588de9f64b2d28e28ef..74181204105cb1dc2c19ff7df3d830d1c0205beb 100644 (file)
--- a/sys-utils/swapon.c
+++ b/sys-utils/swapon.c
@@ -20,7 +20,6 @@
 #include <errno.h>
 #include <sys/stat.h>
 #include <unistd.h>
-#include <sys/auxv.h> // for getauxval()
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <fcntl.h>
@@ -349,7 +348,7 @@ static int swap_reinitialize(struct swap_device *dev)
                return -1;
 
        case 0: /* child */
-               if (getauxval(AT_SECURE) && drop_permissions() != 0)
+               if (is_privileged_execution() && drop_permissions() != 0)
                        exit(EXIT_FAILURE);
 
                cmd[idx++] = "mkswap";

diff --git a/term-utils/wall.c b/term-utils/wall.c
index fbd8e54fbe23dfd8f233de7159dd193f0062ea87..c6067a0c8f003e51fb2ffafb14d2741fb1573d34 100644 (file)
--- a/term-utils/wall.c
+++ b/term-utils/wall.c
@@ -42,7 +42,6 @@
  *
  */
 
-#include <sys/auxv.h> // for getauxval()
 #include <sys/param.h>
 #include <sys/stat.h>
 #include <sys/time.h>
@@ -414,8 +413,7 @@ static char *makemsg(char *fname, char **mvec, int mvecsz,
                         * After all, our invoker can easily do "wall < file"
                         * instead of "wall file".
                         */
-                       uid_t uid = getuid();
-                       if (uid && getauxval(AT_SECURE))
+                       if (getuid() && is_privileged_execution())
                                errx(EXIT_FAILURE, _("will not read %s - use stdin."),
                                     fname);
 

diff --git a/text-utils/more.c b/text-utils/more.c
index 22f01ba24a3c4a435a6f8e91407589d9ea5957a9..d87af4354a84167f710a8819dd4c5d33ddc3c47a 100644 (file)
--- a/text-utils/more.c
+++ b/text-utils/more.c
@@ -50,7 +50,6 @@
 #include <unistd.h>
 #include <stdlib.h>
 #include <stdarg.h>
-#include <sys/auxv.h> // for getauxval()
 #include <sys/param.h>
 #include <ctype.h>
 #include <signal.h>
@@ -1274,8 +1273,7 @@ static void __attribute__((__format__ (__printf__, 3, 4)))
                }
                va_end(argp);
 
-               if (getauxval(AT_SECURE)
-                   && drop_permissions() != 0)
+               if (is_privileged_execution() && drop_permissions() != 0)
                        err(EXIT_FAILURE, _("drop permissions failed"));
 
                execvp(cmd, args);