diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | doc/paxctl-ng-design.txt | 6 | ||||
| -rw-r--r-- | doc/paxctl-ng.1 | 32 | ||||
| -rw-r--r-- | doc/paxctl-ng.pod | 24 | ||||
| -rw-r--r-- | misc/paxctl-xattr.c | 12 | ||||
| -rw-r--r-- | scripts/paxmodule.c | 16 | ||||
| -rw-r--r-- | src/paxctl-ng.c | 14 | ||||
| -rwxr-xr-x | tests/pxtpax/daemontest.sh | 6 |
8 files changed, 60 insertions, 55 deletions
@@ -1,3 +1,8 @@ +2012-12-21 + + * Change the name XT_PAX to XATTR_PAX to follow upstream everywhere + except in this document. + 2012-12-16 * Add logic for NEED_PAX_DECLS when gelf.h is present but lacks them diff --git a/doc/paxctl-ng-design.txt b/doc/paxctl-ng-design.txt index 549b38a..4405f27 100644 --- a/doc/paxctl-ng-design.txt +++ b/doc/paxctl-ng-design.txt @@ -24,7 +24,7 @@ be put in the Extended File Attributes, much like selinux labels. This is not without its difficulties because not all filesystems are capable of supporting xattrs. However, work on making filesystems, like tmpfs, and archiving tools, like tar, aware of xattrs is maturing and migrating pax markings to xattrs is -now a design possibility [4]. We will call these markings XT_PAX. +now a design possibility [4]. We will call these markings XATTR_PAX. PURPOSAL @@ -34,7 +34,7 @@ future, we propose the following standards to how pax markings are treated: 1) The kernel. All legacy EI_PAX refrences will be removed from the kernel, and ehdr.e_ident[] bytes 14 and 15 will not be considered for any PaX decisions. -The kernel will be patched to force respect of XT_PAX markings first, and only +The kernel will be patched to force respect of XATTR_PAX markings first, and only if these are missing, revert to PT_PAX. If both markings are missing, then the kernel will revert to enforcing maximum protection, meaning @@ -49,7 +49,7 @@ on whatever filesystems are configured and support them. 2) Userland utility. A new userland utility will be required to ensure consistency between the two types of pax markings. It will return the -XT_PAX markings if found, and only if these are missing, revert to PT_PAX. +XATTR_PAX markings if found, and only if these are missing, revert to PT_PAX. This utility will not attempt to convert or add any program header to the ELF binary. diff --git a/doc/paxctl-ng.1 b/doc/paxctl-ng.1 index 6140a4f..3bd2f36 100644 --- a/doc/paxctl-ng.1 +++ b/doc/paxctl-ng.1 @@ -130,7 +130,7 @@ .if n .ad l .nh .SH "NAME" -paxctl\-ng \- get or set the PaX flags for both PT_PAX and XT_PAX markings +paxctl\-ng \- get or set the PaX flags for both PT_PAX and XATTR_PAX markings .SH "SYNOPSIS" .IX Header "SYNOPSIS" \&\fBpaxctl-ng\fR [\-PpEeMmRrXxSs] [\-v] \s-1ELF\s0 @@ -159,11 +159,11 @@ paxctl\-ng \- get or set the PaX flags for both PT_PAX and XT_PAX markings \&\fBpaxctl-ng\fR is used to get or set the PaX flags on \s-1ELF\s0 executables which determine the memory restrictions on process(es) spawned from them. \fBpaxctl-ng\fR manages two types of markings, either the older style \s-1PT_PAX\s0 markings which put the flags -in an \s-1ELF\s0 program header named \s-1PT_PAX\s0, or the newer style \s-1XT_PAX\s0 markings which +in an \s-1ELF\s0 program header named \s-1PT_PAX\s0, or the newer style \s-1XATTR_PAX\s0 markings which put the flags in an extended attribute field called \*(L"user.pax\*(R" on the filesystem. -Whenever possible, \fBpaxctl-ng\fR will set both \s-1PT_PAX\s0 and \s-1XT_PAX\s0 to the same flags. +Whenever possible, \fBpaxctl-ng\fR will set both \s-1PT_PAX\s0 and \s-1XATTR_PAX\s0 to the same flags. .PP -There are drawbacks to both \s-1PT_PAX\s0 and \s-1XT_PAX\s0 markings. \s-1PT_PAX\s0 will not work on +There are drawbacks to both \s-1PT_PAX\s0 and \s-1XATTR_PAX\s0 markings. \s-1PT_PAX\s0 will not work on \&\s-1ELF\s0 binaries which do not already have a \s-1PT_PAX\s0 program header. Unlike the original tool, \fBpaxctl\fR, which would try to add this header or convert a \s-1GNU_STACK\s0 header, \&\fBpaxctl-ng\fR does not edit the \s-1ELF\s0 in any way, beyond setting the PaX flags if and @@ -171,7 +171,7 @@ only if the \s-1PT_PAX\s0 program header already exists. Some \s-1ELF\s0 binari they are edited. Since, \fBpaxctl-ng\fR will never to so, it is always safe to run it on such binaries. .PP -Alternatively, \s-1XT_PAX\s0 requires a filesystem support Extended Attributes. Most +Alternatively, \s-1XATTR_PAX\s0 requires a filesystem support Extended Attributes. Most modern filesystems do so, but not all. Furthermore, one must be careful when moving \s-1ELF\s0 objects to ensure that the target filesystem or archive supports Extended Attributes, otherwise they are lost, unlike \s-1PT_PAX\s0 markings which @@ -181,11 +181,11 @@ are carried within the binary itself. a \s-1PT_PAX\s0 program header and an Extended Attribute field \*(L"user.pax\*(R" exist, then both fields will be equally updated when the user modifies flags; unless the \&\fB\-L\fR or \fB\-l\fR flags are given, in which case the markings are limiting to just -\&\s-1PT_PAX\s0 or \s-1XT_PAX\s0, respectively. If only one marking is possible, then only that +\&\s-1PT_PAX\s0 or \s-1XATTR_PAX\s0, respectively. If only one marking is possible, then only that marking will be updated. Under no circumstances will \fBpaxctl-ng\fR create a \s-1PT_PAX\s0 -program header as \fBpaxctl\fR does. It will only attempt to create an \s-1XT_PAX\s0 Extended +program header as \fBpaxctl\fR does. It will only attempt to create an \s-1XATTR_PAX\s0 Extended Attribute field if it is instructed to do so with the \fB\-C\fR or \fB\-c\fR flags, and it -will attempt to synchronize the \s-1PT_PAX\s0 and \s-1XT_PAX\s0 markings if given the \fB\-F\fR or +will attempt to synchronize the \s-1PT_PAX\s0 and \s-1XATTR_PAX\s0 markings if given the \fB\-F\fR or \&\fB\-f\fR flags. Finally, if the user wished, he can remvoe the Extended Attribute field \*(L"user.pax\*(R" by running \fBpaxctl-ng\fR with the \fB\-d\fR flag. .SH "OPTIONS" @@ -212,20 +212,20 @@ eg. \-Pp for \s-1PAGEEXEC\s0, then the default setting \- is used. .PD 0 .IP "\fB\-z\fR Set default setting (\-\-\-\-\-\-)" 4 .IX Item "-z Set default setting (------)" -.IP "\fB\-C\fR Create \s-1XT_PAX\s0 xattr with the most secure PaX settings" 4 -.IX Item "-C Create XT_PAX xattr with the most secure PaX settings" +.IP "\fB\-C\fR Create \s-1XATTR_PAX\s0 xattr with the most secure PaX settings" 4 +.IX Item "-C Create XATTR_PAX xattr with the most secure PaX settings" .IP "\fB\-c\fR Create \s-1XP_PAX\s0 xattr with the default PaX settings" 4 .IX Item "-c Create XP_PAX xattr with the default PaX settings" .IP "\fB\-d\fR Delete \s-1XP_PAX\s0 xattr" 4 .IX Item "-d Delete XP_PAX xattr" -.IP "\fB\-F\fR Copy \s-1PT_PAX\s0 flags to \s-1XT_PAX\s0, if possible" 4 -.IX Item "-F Copy PT_PAX flags to XT_PAX, if possible" -.IP "\fB\-f\fR Copy \s-1XT_PAX\s0 flags to \s-1PT_PAX\s0, if possible" 4 -.IX Item "-f Copy XT_PAX flags to PT_PAX, if possible" +.IP "\fB\-F\fR Copy \s-1PT_PAX\s0 flags to \s-1XATTR_PAX\s0, if possible" 4 +.IX Item "-F Copy PT_PAX flags to XATTR_PAX, if possible" +.IP "\fB\-f\fR Copy \s-1XATTR_PAX\s0 flags to \s-1PT_PAX\s0, if possible" 4 +.IX Item "-f Copy XATTR_PAX flags to PT_PAX, if possible" .IP "\fB\-L\fR Only set \s-1PT_APX\s0 flags, if both are possible" 4 .IX Item "-L Only set PT_APX flags, if both are possible" -.IP "\fB\-l\fR Only set \s-1XT_PAX\s0 flags, if both are possible" 4 -.IX Item "-l Only set XT_PAX flags, if both are possible" +.IP "\fB\-l\fR Only set \s-1XATTR_PAX\s0 flags, if both are possible" 4 +.IX Item "-l Only set XATTR_PAX flags, if both are possible" .IP "\fB\-v\fR View the flags" 4 .IX Item "-v View the flags" .IP "\fB\-h\fR Print out a short help message and exit." 4 diff --git a/doc/paxctl-ng.pod b/doc/paxctl-ng.pod index fc9b759..377ee2c 100644 --- a/doc/paxctl-ng.pod +++ b/doc/paxctl-ng.pod @@ -1,6 +1,6 @@ =head1 NAME -B<paxctl-ng> - get or set the PaX flags for both PT_PAX and XT_PAX markings +B<paxctl-ng> - get or set the PaX flags for both PT_PAX and XATTR_PAX markings =head1 SYNOPSIS @@ -31,11 +31,11 @@ B<paxctl-ng> [-h] B<paxctl-ng> is used to get or set the PaX flags on ELF executables which determine the memory restrictions on process(es) spawned from them. B<paxctl-ng> manages two types of markings, either the older style PT_PAX markings which put the flags -in an ELF program header named PT_PAX, or the newer style XT_PAX markings which +in an ELF program header named PT_PAX, or the newer style XATTR_PAX markings which put the flags in an extended attribute field called "user.pax" on the filesystem. -Whenever possible, B<paxctl-ng> will set both PT_PAX and XT_PAX to the same flags. +Whenever possible, B<paxctl-ng> will set both PT_PAX and XATTR_PAX to the same flags. -There are drawbacks to both PT_PAX and XT_PAX markings. PT_PAX will not work on +There are drawbacks to both PT_PAX and XATTR_PAX markings. PT_PAX will not work on ELF binaries which do not already have a PT_PAX program header. Unlike the original tool, B<paxctl>, which would try to add this header or convert a GNU_STACK header, B<paxctl-ng> does not edit the ELF in any way, beyond setting the PaX flags if and @@ -43,7 +43,7 @@ only if the PT_PAX program header already exists. Some ELF binaries break when they are edited. Since, B<paxctl-ng> will never to so, it is always safe to run it on such binaries. -Alternatively, XT_PAX requires a filesystem support Extended Attributes. Most +Alternatively, XATTR_PAX requires a filesystem support Extended Attributes. Most modern filesystems do so, but not all. Furthermore, one must be careful when moving ELF objects to ensure that the target filesystem or archive supports Extended Attributes, otherwise they are lost, unlike PT_PAX markings which @@ -53,11 +53,11 @@ B<paxctl-ng> is opportunistic without taking control away from the user. If bot a PT_PAX program header and an Extended Attribute field "user.pax" exist, then both fields will be equally updated when the user modifies flags; unless the B<-L> or B<-l> flags are given, in which case the markings are limiting to just -PT_PAX or XT_PAX, respectively. If only one marking is possible, then only that +PT_PAX or XATTR_PAX, respectively. If only one marking is possible, then only that marking will be updated. Under no circumstances will B<paxctl-ng> create a PT_PAX -program header as B<paxctl> does. It will only attempt to create an XT_PAX Extended +program header as B<paxctl> does. It will only attempt to create an XATTR_PAX Extended Attribute field if it is instructed to do so with the B<-C> or B<-c> flags, and it -will attempt to synchronize the PT_PAX and XT_PAX markings if given the B<-F> or +will attempt to synchronize the PT_PAX and XATTR_PAX markings if given the B<-F> or B<-f> flags. Finally, if the user wished, he can remvoe the Extended Attribute field "user.pax" by running B<paxctl-ng> with the B<-d> flag. @@ -86,19 +86,19 @@ eg. -Pp for PAGEEXEC, then the default setting - is used. =item B<-z> Set default setting (------) -=item B<-C> Create XT_PAX xattr with the most secure PaX settings +=item B<-C> Create XATTR_PAX xattr with the most secure PaX settings =item B<-c> Create XP_PAX xattr with the default PaX settings =item B<-d> Delete XP_PAX xattr -=item B<-F> Copy PT_PAX flags to XT_PAX, if possible +=item B<-F> Copy PT_PAX flags to XATTR_PAX, if possible -=item B<-f> Copy XT_PAX flags to PT_PAX, if possible +=item B<-f> Copy XATTR_PAX flags to PT_PAX, if possible =item B<-L> Only set PT_APX flags, if both are possible -=item B<-l> Only set XT_PAX flags, if both are possible +=item B<-l> Only set XATTR_PAX flags, if both are possible =item B<-v> View the flags diff --git a/misc/paxctl-xattr.c b/misc/paxctl-xattr.c index d15de31..3ce5297 100644 --- a/misc/paxctl-xattr.c +++ b/misc/paxctl-xattr.c @@ -162,7 +162,7 @@ read_flags(int fd) //xattrs is supported, PAX_NAMESPACE is present, but it is the wrong size if(errno == ERANGE) { - printf("XT_PAX: malformed flags found\n"); + printf("XATTR_PAX: malformed flags found\n"); //FIXME remove the user.pax field xt_flags = 0; } @@ -170,13 +170,13 @@ read_flags(int fd) //xattrs is supported, PAX_NAMESPACE is not present if(errno == ENOATTR) { - printf("XT_PAX: not found\n"); + printf("XATTR_PAX: not found\n"); xt_flags = 0; } //xattrs is not supported if(errno == ENOTSUP) - printf("XT_PAX: extended attribute not supported\n"); + printf("XATTR_PAX: extended attribute not supported\n"); } return xt_flags; @@ -214,7 +214,7 @@ print_flags(int fd) xt_buf[5] = xt_flags & PF_RANDEXEC ? 'X' : xt_flags & PF_NORANDEXEC ? 'x' : '-'; - printf("XT_PAX: %s\n", xt_buf); + printf("XATTR_PAX: %s\n", xt_buf); } @@ -332,9 +332,9 @@ set_flags(int fd, int *pax_flags) if(fsetxattr(fd, PAX_NAMESPACE, &xt_flags, sizeof(uint16_t), 0) == -1) { if(errno == ENOSPC || errno == EDQUOT) - printf("XT_PAX: cannot store xt_flags\n"); + printf("XATTR_PAX: cannot store xt_flags\n"); if(errno == ENOTSUP) - printf("XT_PAX: extended attribute not supported\n"); + printf("XATTR_PAX: extended attribute not supported\n"); } } diff --git a/scripts/paxmodule.c b/scripts/paxmodule.c index 5e7b1fe..1001279 100644 --- a/scripts/paxmodule.c +++ b/scripts/paxmodule.c @@ -66,14 +66,14 @@ static PyMethodDef PaxMethods[] = { #if PY_MAJOR_VERSION >= 3 static struct PyModuleDef moduledef = { PyModuleDef_HEAD_INIT, - "pax", /* m_name */ - "Module for setting PT_PAX and XT_PAX flags", /* m_doc */ - -1, /* m_size */ - PaxMethods, /* m_methods */ - NULL, /* m_reload */ - NULL, /* m_traverse */ - NULL, /* m_clear */ - NULL, /* m_free */ + "pax", /* m_name */ + "Module for get/setting PT_PAX and XATTR_PAX flags", /* m_doc */ + -1, /* m_size */ + PaxMethods, /* m_methods */ + NULL, /* m_reload */ + NULL, /* m_traverse */ + NULL, /* m_clear */ + NULL, /* m_free */ }; #endif diff --git a/src/paxctl-ng.c b/src/paxctl-ng.c index e232643..1e5b663 100644 --- a/src/paxctl-ng.c +++ b/src/paxctl-ng.c @@ -92,14 +92,14 @@ print_help_exit(char *v) " : -Z all secure settings\t-z all default settings\n" " :\n" #ifdef XTPAX - " : -C create XT_PAX with most secure setting\n" - " : -c create XT_PAX all default settings\n" + " : -C create XATTR_PAX with most secure setting\n" + " : -c create XATTR_PAX all default settings\n" #endif #if defined(PTPAX) && defined(XTPAX) - " : -F copy PT_PAX to XT_PAX\n" - " : -f copy XT_PAX to PT_PAX\n" + " : -F copy PT_PAX to XATTR_PAX\n" + " : -f copy XATTR_PAX to PT_PAX\n" " : -L set only PT_PAX flags\n" - " : -l set only XT_PAX flags\n" + " : -l set only XATTR_PAX flags\n" #endif " :\n" " : -v view the flags, along with any accompanying operation\n" @@ -459,12 +459,12 @@ print_flags(int fd, int verbose) #ifdef XTPAX flags = get_xt_flags(fd); if( flags == UINT16_MAX ) - printf("\tXT_PAX: not found\n"); + printf("\tXATTR_PAX: not found\n"); else { memset(buf, 0, FLAGS_SIZE); bin2string4print(flags, buf); - printf("\tXT_PAX: %s\n", buf); + printf("\tXATTR_PAX: %s\n", buf); } #endif } diff --git a/tests/pxtpax/daemontest.sh b/tests/pxtpax/daemontest.sh index afc52cf..7e19038 100755 --- a/tests/pxtpax/daemontest.sh +++ b/tests/pxtpax/daemontest.sh @@ -17,7 +17,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. # -# dotest = 0 -> do only XT_PAX or PT_PAX test +# dotest = 0 -> do only XATTR_PAX or PT_PAX test # dotest = 1 -> do both dotest=${1-0} verbose=${2-0} @@ -80,8 +80,8 @@ for pf in "p" "P" "-"; do else ptsflags=$(echo ${sflags} | awk '{print $3}') xtsflags=$(echo ${sflags} | awk '{print $5}') - echo "PT_PAX :" ${ptsflags} - echo "XT_PAX :" ${xtsflags} + echo "PT_PAX :" ${ptsflags} + echo "XATTR_PAX :" ${xtsflags} fi fi |