Kernel+LibC: Allow passing mount flags to chroot()

Since a chroot is in many ways similar to a separate root mount, we can also apply mount flags to it as if it was an actual mount. These flags will apply whenever the chrooted process accesses its root directory, but not when other processes access this same directory for the outside. Since it's common to chdir("/") immediately after chrooting (so that files accessed through the current directory inherit the same mount flags), this effectively allows one to apply additional limitations to a process confined inside a chroot. To this effect, sys$chroot() gains a mount_flags argument (exposed as chroot_with_mount_flags() in userspace) which can be set to all the same values as the flags argument for sys$mount(), and additionally to -1 to keep the flags set for that file system. Note that passing 0 as mount_flags will unset any flags that may have been set for the file system, not keep them.
Author: https://github.com/bugaevc Commit: https://github.com/SerenityOS/serenity/commit/dd54d13d8d3 Pull-request: https://github.com/SerenityOS/serenity/pull/1063
2025-04-22 04:25:13 +00:00 · 2020-01-12 21:03:42 +03:00 · 2020-01-12 21:03:42 +03:00 · dd54d13d8d · 2024-07-19 10:07:05 +09:00
commit dd54d13d8d
parent fee6d0a3a6
4 changed files with 11 additions and 4 deletions
--- a/Kernel/Process.cpp
+++ b/Kernel/Process.cpp
@ -4337,8 +4337,9 @@ int Process::sys$chroot(const char* user_path, size_t path_length)
    if (directory_or_error.is_error())
        return directory_or_error.error();
    auto directory = directory_or_error.value();
-    m_root_directory_for_procfs = directory;
-    set_root_directory(Custody::create(nullptr, "", directory->inode(), directory->mount_flags()));
+    m_root_directory_relative_to_global_root = directory;
+    int chroot_mount_flags = mount_flags == -1 ? directory->mount_flags() : mount_flags;
+    set_root_directory(Custody::create(nullptr, "", directory->inode(), chroot_mount_flags));
    return 0;
 }

--- a/Kernel/Process.h
+++ b/Kernel/Process.h
@ -254,7 +254,7 @@ public:
    int sys$futex(const Syscall::SC_futex_params*);
    int sys$set_thread_boost(int tid, int amount);
    int sys$set_process_boost(pid_t, int amount);
-    int sys$chroot(const char* path, size_t path_length);
+    int sys$chroot(const char* path, size_t path_length, int mount_flags);
    int sys$pledge(const Syscall::SC_pledge_params*);

    static void initialize();
--- a/Libraries/LibC/unistd.cpp
+++ b/Libraries/LibC/unistd.cpp
@ -644,12 +644,17 @@ int get_process_name(char* buffer, int buffer_size)
 }

 int chroot(const char* path)
+{
+    return chroot_with_mount_flags(path, -1);
+}
+
+int chroot_with_mount_flags(const char* path, int mount_flags)
 {
    if (!path) {
        errno = EFAULT;
        return -1;
    }
-    int rc = syscall(SC_chroot, path, strlen(path));
+    int rc = syscall(SC_chroot, path, strlen(path), mount_flags);
    __RETURN_WITH_ERRNO(rc, rc, -1);
 }

--- a/Libraries/LibC/unistd.h
+++ b/Libraries/LibC/unistd.h
@ -52,6 +52,7 @@ int execvp(const char* filename, char* const argv[]);
 int execl(const char* filename, const char* arg, ...);
 int execlp(const char* filename, const char* arg, ...);
 int chroot(const char* path);
+int chroot_with_mount_flags(const char* path, int mount_flags);
 void sync();
 void _exit(int status);
 pid_t getsid(pid_t);