package/emulators/qemu/chroot.patch

   1 # --- T2-COPYRIGHT-NOTE-BEGIN ---
   2 # T2 SDE: package/*/qemu/chroot.patch
   3 # Copyright (C) 2022 - 2023 The T2 SDE Project
   4 #
   5 # This Copyright note is generated by scripts/Create-CopyPatch,
   6 # more information can be found in the files COPYING and README.
   7 #
   8 # This patch file is dual-licensed. It is available under the license the
   9 # patched project is licensed under, as long as it is an OpenSource license
  10 # as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
  11 # of the GNU General Public License version 2 as used by the T2 SDE.
  12 # --- T2-COPYRIGHT-NOTE-END ---
  13
  14 Quick and dirty patch for qemu user emulation how to chroot and drop
  15 priveledges, so you don't have to clutter a target filesystem with host code,
  16 figure out how to build qemu static in order to run a dynamic binary, or set
  17 Linux binfmt.
  18
  19   - Rene Rebe <rene@exactcode.de>
  20
  21 --- qemu-8.0.0/linux-user/main.c.vanilla        2023-04-20 12:20:12.493209854 +0200
  22 +++ qemu-8.0.0/linux-user/main.c        2023-04-20 12:22:14.849197124 +0200
  23 @@ -422,6 +422,32 @@
  24  }
  25  #endif
  26
  27 +static void handle_arg_chroot(const char* arg)
  28 +{
  29 +    if (chdir(arg) || chroot(".")) {
  30 +       fprintf(stderr, "Can't chroot into '%s'\n", arg);
  31 +       _exit(1);
  32 +    }
  33 +}
  34 +
  35 +static void handle_arg_su(const char* arg)
  36 +{
  37 +    int temp;
  38 +    char *gid = strchr(arg, ':');
  39 +    if (gid) {
  40 +       temp = atoi(++gid);
  41 +       if (setresgid(temp, temp, temp)) {
  42 +           fprintf(stderr, "Can't set gid to %d\n", temp);
  43 +           _exit(1);
  44 +        }
  45 +    }
  46 +    temp = atoi(arg);
  47 +    if (setresuid(temp, temp, temp)) {
  48 +        fprintf(stderr, "Can't set uid to %d\n", temp);
  49 +        _exit(1);
  50 +    }
  51 +}
  52 +
  53  struct qemu_argument {
  54      const char *argv;
  55      const char *env;
  56 @@ -548,6 +548,10 @@
  57       "",           "Generate a /tmp/perf-${pid}.map file for perf"},
  58      {"jitdump",    "QEMU_JITDUMP",     false, handle_arg_jitdump,
  59       "",           "Generate a jit-${pid}.dump file for perf"},
  60 +    {"chroot",     "",                 true,  handle_arg_chroot,
  61 +     "",           "chroot into dir"},
  62 +    {"su",         "",                 true,  handle_arg_su,
  63 +     "",           "set numeric user and group IDs"},
  64      {NULL, NULL, false, NULL, NULL, NULL}
  65  };
  66