Open Menu / libsyscall / wrappers / system-version-compat.c
Loading...
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
/*
 * Copyright (c) 2020 Apple Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 *
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 *
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 *
 * @APPLE_LICENSE_HEADER_END@
 */

#include "system-version-compat-support.h"

#if SYSTEM_VERSION_COMPAT_ENABLED


#include <fcntl.h>
#include <stdbool.h>
#include <strings.h>
#include <sys/errno.h>
#include <sys/param.h>
#include <unistd.h>

#define PLAT_PREFIX_IOS "iOS"
#define PLAT_PREFIX_MACOS ""

#define COMPAT_SUFFIX_MACOS "Compat"
#define COMPAT_SUFFIX_IOS ""

#define SYSTEM_VERSION_PLIST_FILENAME "SystemVersion.plist"
#define SYSTEM_VERSION_PLIST_PATH ("/System/Library/CoreServices/" SYSTEM_VERSION_PLIST_FILENAME)

#define SYSTEM_VERSION_COMPAT_PLIST_FILENAME(platform_prefix, compat_suffix) (platform_prefix "SystemVersion" compat_suffix ".plist")

#define SYSTEM_VERSION_PLIST_FILENAMELEN strlen(SYSTEM_VERSION_PLIST_FILENAME)

#define SYSTEM_VERSION_COMPAT_PLIST_FILENAMELEN(platform_prefix, compat_suffix) strlen(SYSTEM_VERSION_COMPAT_PLIST_FILENAME(platform_prefix, compat_suffix))

#define SYSTEM_VERSION_PLIST_PATHLEN strlen(SYSTEM_VERSION_PLIST_PATH)

extern system_version_compat_mode_t system_version_compat_mode;

/*
 * This routine determines whether the path specified matches the path of the SystemVersion plist file
 * we are shimming accesses to. If the file name suffix matches, it's expected we'll call into the
 * version_compat_open_shim() routine below which will do a full comparison on the expanded path.
 *
 * Parameters:	orig_path The path suffix that was provided to the open{at} call.
 *
 * Returns:		true if the path suffix matches the SystemVersion plist path we're shimming
 *				false otherwise
 */
__attribute__((visibility("hidden")))
bool
_system_version_compat_check_path_suffix(const char *orig_path)
{
	size_t path_str_len = strnlen(orig_path, MAXPATHLEN);
	/*
	 * If the length of the filename we're opening is shorter than
	 * SYSTEM_VERSION_PLIST_FILENAME, bail.
	 */
	if (path_str_len < SYSTEM_VERSION_PLIST_FILENAMELEN) {
		return false;
	}

	/* If the path we're accessing doesn't end in SYSTEM_VERSION_PLIST_FILENAME, bail. */
	if (strncmp(&orig_path[path_str_len - SYSTEM_VERSION_PLIST_FILENAMELEN], SYSTEM_VERSION_PLIST_FILENAME,
	    SYSTEM_VERSION_PLIST_FILENAMELEN) != 0) {
		return false;
	}

	/* If modifying the path specified would exceed MAXPATHLEN, bail */
	if (path_str_len == MAXPATHLEN) {
		return false;
	}

	size_t compat_len = (system_version_compat_mode == SYSTEM_VERSION_COMPAT_MODE_IOS) ? SYSTEM_VERSION_COMPAT_PLIST_FILENAMELEN(PLAT_PREFIX_IOS, COMPAT_SUFFIX_IOS) : SYSTEM_VERSION_COMPAT_PLIST_FILENAMELEN(PLAT_PREFIX_MACOS, COMPAT_SUFFIX_MACOS);
	if ((compat_len - SYSTEM_VERSION_PLIST_FILENAMELEN) > (MAXPATHLEN - path_str_len - 1)) {
		return false;
	}

	/* Indicate that we should */
	return true;
}

/*
 * This routine determines whether we are trying to open the SystemVersion plist at SYSTEM_VERSION_PLIST_PATH.
 * It's only used on targets that have the compatibility shim enabled (mainly older binaries).
 *
 * Note that this routine should * ABSOLUTELY NOT * be used as a general shim for accesses at all paths. We replace
 * what the developer generally expected to be one system call with multiple additional system calls. We're ok
 * with doing this here because we only do it for calls to open against files that match this very specific pattern
 * (named SystemVersion.plist), but doing so for all calls to open could result in various issues. Specifically it's
 * difficult to ensure the same cancellation semantics (around EINTR etc) that developers generally expect when replacing
 * a single system call with multiple.
 *
 * This routine should return with the same semantics as the general open system calls that it is shimming - specifically
 * it should leave errno and the return value matching what developers expect.
 *
 * It's expected that _version_compat_check_path_suffix() above was called prior to this call and returned true.
 *
 * We take the close, open and fcntl syscalls as parameters to make sure the variant we call matches the original call
 * to open{at}.
 *
 * Parameters:  opened_fd        The file descriptor that was opened in the original open{at} call
 *              openat_fd        The file descriptor passed to the original openat call (only used when use_openat is true)
 *              orig_path        The original path suffix passed to open{at}
 *              oflag            The original oflag passed to open{at}
 *              mode             The original mode passed to open{at}
 *              close_syscall    The appropriate syscall to use for closing file descriptors
 *              open_syscall     The syscall that should be used for a new call to open.
 *              fctnl_syscall    The appopriate syscall to use for fcntl.
 *
 * Returns:     The original file descriptor if the open{at} access wasn't to SYSTEM_VERSION_PLIST_PATH
 *              A new file descriptor (with the original closed) if the expanded path matches SYSTEM_VERSION_PLIST_PATH
 *              The original file descriptor if the full path suffix does not match SYSTEM_VERSION_PLIST_PATH
 *              -1 (with errno set to EINTR) if the new open or fcntl calls received EINTR (with all new fds closed)
 */
__attribute__((visibility("hidden")))
int
_system_version_compat_open_shim(int opened_fd, int openat_fd, const char *orig_path, int oflag, mode_t mode,
    int (*close_syscall)(int), int (*open_syscall)(const char *, int, mode_t),
    int (*openat_syscall)(int, const char *, int, mode_t),
    int (*fcntl_syscall)(int, int, long))
{
	/* stash the errno from the original open{at} call */
	int stashed_errno = errno;
	char new_path[MAXPATHLEN];
	size_t path_str_len = strnlen(orig_path, sizeof(new_path));

	/* Resolve the full path of the file we've opened */
	if (fcntl_syscall(opened_fd, F_GETPATH, new_path)) {
		if (errno == EINTR) {
			/* If we got EINTR, we close the file that was opened and return -1 & EINTR */
			close_syscall(opened_fd);
			errno = EINTR;
			return -1;
		} else {
			/* otherwise we return the original file descriptor that was requested */
			errno = stashed_errno;
			return opened_fd;
		}
	}

	/* Check to see whether the path matches SYSTEM_VERSION_PLIST_PATH */
	size_t newpathlen = strnlen(new_path, MAXPATHLEN);
	if (newpathlen != SYSTEM_VERSION_PLIST_PATHLEN) {
		errno = stashed_errno;
		return opened_fd;
	}

	if (strncmp(new_path, SYSTEM_VERSION_PLIST_PATH, SYSTEM_VERSION_PLIST_PATHLEN) != 0) {
		errno = stashed_errno;
		return opened_fd;
	}

	new_path[0] = '\0';

	/*
	 * It looks like we're trying to access the SystemVersion plist. Let's try to open
	 * the compatibility plist and return that instead if it exists.
	 */
	size_t prefix_str_len = path_str_len - SYSTEM_VERSION_PLIST_FILENAMELEN;
	strlcpy(new_path, orig_path, (prefix_str_len + 1));
	if (system_version_compat_mode == SYSTEM_VERSION_COMPAT_MODE_IOS) {
		strlcat(new_path, SYSTEM_VERSION_COMPAT_PLIST_FILENAME(PLAT_PREFIX_IOS, COMPAT_SUFFIX_IOS), MAXPATHLEN);
	} else {
		strlcat(new_path, SYSTEM_VERSION_COMPAT_PLIST_FILENAME(PLAT_PREFIX_MACOS, COMPAT_SUFFIX_MACOS), MAXPATHLEN);
	}

	int new_fd = -1;
	if (openat_syscall != NULL) {
		new_fd = openat_syscall(openat_fd, new_path, oflag, mode);
	} else {
		new_fd = open_syscall(new_path, oflag, mode);
	}
	if ((new_fd == -1) && (errno == ENOENT)) {
		/* The file doesn't exist, so return the original fd and errno. */
		errno = stashed_errno;
		return opened_fd;
	}

	/*
	 * Otherwise we close the first file we opened and populate errno
	 * with errno from the call to open{at}. (Note this covers the EINTR
	 * case and other failures).
	 */
	stashed_errno = errno;
	close_syscall(opened_fd);
	errno = stashed_errno;
	return new_fd;
}

#endif /* SYSTEM_VERSION_COMPAT_ENABLED */