faccessat2 workaround for old systemd
·
hev
The faccessat2 system call is denied by old systemd container, this is a workaround to make it works again and without re-build from source code.
faccessat function is a known way to use the faccessat2 system call in glibc, editing libc.so binary to fallback to the user-space implementation.
00000000000de3e0 <faccessat>:
.....
de448: 7100989f cmp w4, #0x26
de44c: 540005e1 b.ne de508 <faccessat+0x128>
.....
=>
.....
de448: 7100989f cmp w4, #0x26
de44c: d503201f nop
.....
Equivalent to the C source code:
int
__faccessat (int fd, const char *file, int mode, int flag)
{
int ret = INLINE_SYSCALL_CALL (faccessat2, fd, file, mode, flag);
#if __ASSUME_FACCESSAT2
return ret;
#else
if (ret == 0 /* || errno != ENOSYS */)
return ret;
if (flag & ~(AT_SYMLINK_NOFOLLOW | AT_EACCESS))
return INLINE_SYSCALL_ERROR_RETURN_VALUE (EINVAL);
if ((flag == 0 || ((flag & ~AT_EACCESS) == 0 && ! __libc_enable_secure)))
return INLINE_SYSCALL (faccessat, 3, fd, file, mode);
struct stat64 stats;
if (__fstatat64 (fd, file, &stats, flag & AT_SYMLINK_NOFOLLOW))
return -1;
mode &= (X_OK | W_OK | R_OK); /* Clear any bogus bits. */
# if R_OK != S_IROTH || W_OK != S_IWOTH || X_OK != S_IXOTH
# error Oops, portability assumptions incorrect.
# endif
if (mode == F_OK)
return 0; /* The file exists. */
uid_t uid = (flag & AT_EACCESS) ? __geteuid () : __getuid ();
/* The super-user can read and write any file, and execute any file
that anyone can execute. */
if (uid == 0 && ((mode & X_OK) == 0
|| (stats.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))))
return 0;
int granted = (uid == stats.st_uid
? (unsigned int) (stats.st_mode & (mode << 6)) >> 6
: (stats.st_gid == ((flag & AT_EACCESS)
? __getegid () : __getgid ())
|| __group_member (stats.st_gid))
? (unsigned int) (stats.st_mode & (mode << 3)) >> 3
: (stats.st_mode & mode));
if (granted == mode)
return 0;
return INLINE_SYSCALL_ERROR_RETURN_VALUE (EACCES);
#endif /* !__ASSUME_FACCESSAT2 */
}