Loading...
dyld3/ClosureFileSystemPhysical.cpp dyld-625.13 dyld-750.5
--- dyld/dyld-625.13/dyld3/ClosureFileSystemPhysical.cpp
+++ dyld/dyld-750.5/dyld3/ClosureFileSystemPhysical.cpp
@@ -23,35 +23,57 @@
 
 #include "ClosureFileSystemPhysical.h"
 
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
 #include <fcntl.h>
-#include <stdlib.h>
-#include <sandbox.h>
-#include <sandbox/private.h>
-#include <unistd.h>
+#if BUILDING_UPDATE_DYLD_CACHE_BUILDER
+  #include <rootless.h>
+#endif
 #include <sys/errno.h>
 #include <sys/mman.h>
 #include <sys/stat.h>
+#include <mach/mach.h>
+#if !TARGET_OS_SIMULATOR && !TARGET_OS_DRIVERKIT
+  #include <sandbox.h>
+  #include <sandbox/private.h>
+#endif
 
 using dyld3::closure::FileSystemPhysical;
 
 bool FileSystemPhysical::getRealPath(const char possiblePath[MAXPATHLEN], char realPath[MAXPATHLEN]) const {
-    bool success = false;
-    int fd = ::open(possiblePath, O_RDONLY);
-    if ( fd != -1 ) {
-        success = fcntl(fd, F_GETPATH, realPath) == 0;
-        ::close(fd);
-    }
+    __block bool success = false;
+    // first pass: open file and ask kernel for canonical path
+    forEachPath(possiblePath, ^(const char* aPath, unsigned prefixLen, bool& stop) {
+        int fd = ::open(aPath, O_RDONLY, 0);
+        if ( fd != -1 ) {
+            char tempPath[MAXPATHLEN];
+            success = (fcntl(fd, F_GETPATH, tempPath) == 0);
+            ::close(fd);
+            if ( success ) {
+                // if prefix was used, remove it
+                strcpy(realPath, &tempPath[prefixLen]);
+            }
+            stop = true;
+        }
+    });
     if (success)
         return success;
-    realpath(possiblePath, realPath);
-    int realpathErrno = errno;
-    // If realpath() resolves to a path which does not exist on disk, errno is set to ENOENT
-    return (realpathErrno == ENOENT) || (realpathErrno == 0);
+
+    // second pass: file does not exist but may be a symlink to a non-existent file
+    // This is only for use on-device on platforms where dylibs are removed
+    if ( _overlayPath == nullptr && _rootPath == nullptr ) {
+        realpath(possiblePath, realPath);
+        int realpathErrno = errno;
+        // If realpath() resolves to a path which does not exist on disk, errno is set to ENOENT
+        success = (realpathErrno == ENOENT) || (realpathErrno == 0);
+    }
+    return success;
 }
 
 static bool sandboxBlocked(const char* path, const char* kind)
 {
-#if TARGET_IPHONE_SIMULATOR
+#if TARGET_OS_SIMULATOR || TARGET_OS_DRIVERKIT
     // sandbox calls not yet supported in dyld_sim
     return false;
 #else
@@ -75,59 +97,107 @@
     return sandboxBlocked(path, "file-read-metadata");
 }
 
+void FileSystemPhysical::forEachPath(const char* path, void (^handler)(const char* fullPath, unsigned prefixLen, bool& stop)) const
+{
+    bool stop = false;
+    char altPath[PATH_MAX];
+    if ( _overlayPath != nullptr ) {
+        strlcpy(altPath, _overlayPath, PATH_MAX);
+        strlcat(altPath, path, PATH_MAX);
+        handler(altPath, (unsigned)strlen(_overlayPath), stop);
+        if ( stop )
+            return;
+    }
+    if ( _rootPath != nullptr ) {
+        strlcpy(altPath, _rootPath, PATH_MAX);
+        strlcat(altPath, path, PATH_MAX);
+        handler(altPath, (unsigned)strlen(_rootPath), stop);
+        if ( stop )
+            return;
+    }
+    else {
+        handler(path, 0, stop);
+    }
+}
+
+static bool isFileRelativePath(const char* path)
+{
+    if ( path[0] == '/' )
+        return false;
+    if ( path[0] != '.' )
+        return true;
+    if ( path[1] == '/' )
+        return true;
+    if ( (path[1] == '.') && (path[2] == '/') )
+        return true;
+    return false;
+}
+
 // Returns true on success.  If an error occurs the given callback will be called with the reason.
 // On success, info is filled with info about the loaded file.  If the path supplied includes a symlink,
 // the supplier realerPath is filled in with the real path of the file, otherwise it is set to the empty string.
 bool FileSystemPhysical::loadFile(const char* path, LoadedFileInfo& info, char realerPath[MAXPATHLEN], void (^error)(const char* format, ...)) const {
+    if ( !_allowRelativePaths && isFileRelativePath(path) ) {
+        error("relative file paths not allowed '%s'", path);
+        return false;
+    }
     // open file
-    const char* originalPath    = path;
-    char altPath[PATH_MAX];
-    int fd = -1;
-    if  ( _fileSystemPrefix != nullptr ) {
-        strlcpy(altPath, _fileSystemPrefix, PATH_MAX);
-        strlcat(altPath, path, PATH_MAX);
-        fd = ::open(altPath, O_RDONLY, 0);
-        if ( fd != -1 )
-            path = altPath;
-    }
-    if ( fd == -1 ) {
-        fd = ::open(path, O_RDONLY, 0);
+    __block int fd;
+    __block struct stat statBuf;
+    __block bool sipProtected = false;
+    forEachPath(path, ^(const char* aPath, unsigned prefixLen, bool& stop) {
+        fd = ::open(aPath, O_RDONLY, 0);
         if ( fd == -1 ) {
             int openErrno = errno;
             if ( (openErrno == EPERM) && sandboxBlockedOpen(path) )
                 error("file system sandbox blocked open(\"%s\", O_RDONLY)", path);
             else if ( (openErrno != ENOENT) && (openErrno != ENOTDIR) )
                 error("open(\"%s\", O_RDONLY) failed with errno=%d", path, openErrno);
-            return false;
-        }
-    }
-
-    // Get the realpath of the file if it is a symlink
-    if ( fcntl(fd, F_GETPATH, realerPath) == 0 ) {
-        // Don't set the realpath if it is just the same as the regular path
-        if ( strcmp(originalPath, realerPath) == 0 )
-            realerPath[0] = '\0';
-    } else {
-        error("Could not get real path for \"%s\"\n", path);
-        ::close(fd);
-        return false;
-    }
-
-    // get file info
-    struct stat statBuf;
-#if TARGET_IPHONE_SIMULATOR
-    if ( ::stat(path, &statBuf) != 0 ) {
-#else
-    if ( ::fstat(fd, &statBuf) != 0 ) {
-#endif
-        int statErr = errno;
-        if ( (statErr == EPERM) && sandboxBlockedStat(path) )
-            error("file system sandbox blocked stat(\"%s\")", path);
-        else
-            error("stat(\"%s\") failed with errno=%d", path, errno);
-        ::close(fd);
-        return false;
-    }
+        }
+        else {
+             // get file info
+        #if TARGET_OS_SIMULATOR
+            if ( ::stat(aPath, &statBuf) != 0 ) {
+        #else
+            if ( ::fstat(fd, &statBuf) != 0 ) {
+        #endif
+                int statErr = errno;
+                if ( (statErr == EPERM) && sandboxBlockedStat(path) )
+                    error("file system sandbox blocked stat(\"%s\")", path);
+                else
+                    error("stat(\"%s\") failed with errno=%d", path, errno);
+                ::close(fd);
+                fd = -1;
+            }
+            else {
+                // Get the realpath of the file if it is a symlink
+                char tempPath[MAXPATHLEN];
+                if ( fcntl(fd, F_GETPATH, tempPath) == 0 ) {
+                    const char* realPathWithin = &tempPath[prefixLen];
+                    // Don't set the realpath if it is just the same as the regular path
+                    if ( strcmp(path, realPathWithin) == 0 ) {
+                        // zero out realerPath if path is fine as-is
+                        // <rdar://45018392> don't trash input 'path' if realerPath is same buffer as path
+                        if ( realerPath != path )
+                            realerPath[0] = '\0';
+                    }
+                    else
+                        strcpy(realerPath, realPathWithin);
+    #if BUILDING_UPDATE_DYLD_CACHE_BUILDER
+                    sipProtected = (rootless_check_trusted_fd(fd) == 0);
+    #endif
+                    stop = true;
+                }
+                else {
+                    error("Could not get real path for \"%s\"\n", path);
+                    ::close(fd);
+                    fd = -1;
+                }
+            }
+        }
+    });
+    if ( fd == -1 )
+        return false;
 
     // only regular files can be loaded
     if ( !S_ISREG(statBuf.st_mode) ) {
@@ -147,9 +217,10 @@
     info.fileContentLen = statBuf.st_size;
     info.sliceOffset = 0;
     info.sliceLen = statBuf.st_size;
+    info.isSipProtected = sipProtected;
     info.inode = statBuf.st_ino;
     info.mtime = statBuf.st_mtime;
-    info.path  = originalPath;
+    info.path  = path;
 
     // mmap() whole file
     void* wholeFile = ::mmap(nullptr, (size_t)statBuf.st_size, PROT_READ, MAP_PRIVATE|MAP_RESILIENT_CODESIGN, fd, 0);
@@ -196,29 +267,23 @@
     info.fileContentLen = keepLength;
 }
 
-bool FileSystemPhysical::fileExists(const char* path, uint64_t* inode, uint64_t* mtime, bool* issetuid) const {
-    struct stat statBuf;
-    if ( _fileSystemPrefix != nullptr ) {
-        char altPath[PATH_MAX];
-        strlcpy(altPath, _fileSystemPrefix, PATH_MAX);
-        strlcat(altPath, path, PATH_MAX);
-        if ( ::stat(altPath, &statBuf) == 0 ) {
+bool FileSystemPhysical::fileExists(const char* path, uint64_t* inode, uint64_t* mtime,
+                                    bool* issetuid, bool* inodesMatchRuntime) const {
+    __block bool result = false;
+    forEachPath(path, ^(const char* aPath, unsigned prefixLen, bool& stop) {
+        struct stat statBuf;
+        if ( ::stat(aPath, &statBuf) == 0 ) {
             if (inode)
                 *inode = statBuf.st_ino;
             if (mtime)
                 *mtime = statBuf.st_mtime;
             if (issetuid)
                 *issetuid = (statBuf.st_mode & (S_ISUID|S_ISGID));
-            return true;
-        }
-    }
-    if ( ::stat(path, &statBuf) != 0 )
-        return false;
-    if (inode)
-        *inode = statBuf.st_ino;
-    if (mtime)
-        *mtime = statBuf.st_mtime;
-    if (issetuid)
-        *issetuid = (statBuf.st_mode & (S_ISUID|S_ISGID));
-    return true;
-}
+            if (inodesMatchRuntime)
+                *inodesMatchRuntime = true;
+            stop   = true;
+            result = true;
+        }
+    });
+    return result;
+}