/** * Handle syscalls that take a path as the first parameter */ static void _handle_file_series_syscalls(pid_t pid, char* syscall, int flag, uid_t uid, gid_t gid) { // TODO tracee_ptr_t path_ptr = (tracee_ptr_t) ptrace_get_syscall_arg(pid, 0); int len = ptrace_strlen(pid, path_ptr); char path[len + 1]; ptrace_read_data(pid, path, path_ptr, len + 1); #if 0 int nth_dir; if ((flag & SANDBOX_CHROOT_PRIVATE_FOLDER) && (nth_dir = check_prefix_dir(path,SANDBOX_PATH_INTERNAL)) > 0) { //internal file storage sandbox char* sub_dir = get_nth_dir(path, nth_dir + 2); if (!check_prefix(sub_dir, SANDBOX_PATH_INTERNAL_EXCLUDE)) { char new_path[len + 1]; //replace dir in path with LINK_PREFIX char* second_dir = get_nth_dir(path, nth_dir + 1); strcpy(new_path, SANDBOX_LINK); strcat(new_path, second_dir); ptrace_write_data(pid, new_path, path_ptr, len + 1); // create require folder create_nth_dir(new_path, 3, uid, gid, 0751); LOGD("pid %d %s: %s ==> new path: %s", pid, syscall, path, new_path); // return from open syscall, reset the path pid = waitpid(pid, NULL, __WALL); ptrace_write_data(pid, path, path_ptr, len + 1); long result = ptrace_get_syscall_arg(pid, 0); LOGD(" = %ld\n", result); return; } /* } else if ((flag & SANDBOX_FLAG) && FILE_SANDBOX_ENABLED && (nth_dir = check_prefix_dir(path,SANDBOX_PATH_EXTERNAL)) > 0) { */ /* //external file storage sandbox */ /* char new_path[len + 1]; */ /* //replace dir in path with LINK_PREFIX */ /* char* second_dir = get_nth_dir(path, nth_dir + 1); */ /* strcpy(new_path, SANDBOX_LINK); */ /* strcat(new_path, second_dir); */ /* ptrace_write_data(pid, new_path, arg0, len + 1); */ /* LOGD("pid %d %s: %s\n ==> new path: %s\n", pid, syscall, path, new_path); */ /* // return from open syscall, reset the path */ /* pid = waitpid(pid, NULL, __WALL); */ /* ptrace_write_data(pid, path, arg0, len + 1); */ /* return; */ } #endif LOGD("[%d] %s(%s, ...)\n", pid, syscall, path); }
static void _handle_syscall_open(sandbox_t *sandbox, pid_t pid) { tracee_ptr_t path_ptr = (tracee_ptr_t) ptrace_get_syscall_arg(pid, 0); int oflag = (int) ptrace_get_syscall_arg(pid, 1); int len = ptrace_strlen(pid, path_ptr); char path[len + 1]; ptrace_read_data(pid, path, path_ptr, len + 1); if (strcmp(path, DEV_BINDER) == 0) { /* retrieve the fd from the syscall */ // TODO // sandbox->binder_fd = (int) ptrace_get_syscall_arg(pid , 0); LOGD("[%d] open binder fd=%d\n", pid, sandbox->binder_fd); } else { _handle_file_series_syscalls(pid, "open", sandbox->flag, sandbox->uid, sandbox->gid); } }
// read "size" bytes of data from debuggee at address "addr" ps_err_e ps_pdread(struct ps_prochandle *ph, psaddr_t addr, void *buf, size_t size) { bool rslt = ptrace_read_data(ph->pid, (address)addr, buf, size); return (rslt ? PS_OK : PS_ERR); }