static void
cmd_id (const portCHAR * cmd)
{
int mcu_id = 0, lamp_id = 0;
while (*cmd && *cmd != ' ')
cmd++;
cmd++;
while (*cmd >= '0' && *cmd <= '9')
{
mcu_id *= 10;
mcu_id += *cmd - '0';
cmd++;
}
if (*cmd != ' ')
{
shell_print ("parameter missing\n");
return;
}
cmd++;
while (*cmd >= '0' && *cmd <= '9')
{
lamp_id *= 10;
lamp_id += *cmd - '0';
cmd++;
}
shell_print ("setting wmcu id ");
DumpUIntToUSB (mcu_id);
shell_print (", lamp id ");
DumpUIntToUSB (lamp_id);
shell_print ("\n");
if (mcu_id != env.e.wmcu_id ||
lamp_id != env.e.lamp_id)
{
env.e.wmcu_id = mcu_id;
env.e.lamp_id = lamp_id;
PtUpdateWmcuId ( env.e.wmcu_id );
vTaskDelay (100 / portTICK_RATE_MS);
shell_print ("storing.\n");
env_store();
}
else
{
shell_print ("not storing, values are the same.\n");
}
}
void x11_block(void) {
#ifdef HAVE_X11
mask_x11_abstract_socket = 1;
#if 0
// check abstract socket presence and network namespace options
if ((!arg_nonetwork && !cfg.bridge0.configured && !cfg.interface0.configured)
&& x11_abstract_sockets_present()) {
fprintf(stderr, "ERROR: --x11=block specified, but abstract X11 socket still accessible.\n"
"Additional setup required. To block abstract X11 socket you can either:\n"
" * use network namespace in firejail (--net=none, --net=...)\n"
" * add \"-nolisten local\" to xserver options\n"
" (eg. to your display manager config, or /etc/X11/xinit/xserverrc)\n");
exit(1);
}
#endif
// blacklist sockets
profile_check_line("blacklist /tmp/.X11-unix", 0, NULL);
profile_add(strdup("blacklist /tmp/.X11-unix"));
// blacklist .Xauthority
profile_check_line("blacklist ${HOME}/.Xauthority", 0, NULL);
profile_add(strdup("blacklist ${HOME}/.Xauthority"));
char *xauthority = getenv("XAUTHORITY");
if (xauthority) {
char *line;
if (asprintf(&line, "blacklist %s", xauthority) == -1)
errExit("asprintf");
profile_check_line(line, 0, NULL);
profile_add(line);
}
// clear environment
env_store("DISPLAY", RMENV);
env_store("XAUTHORITY", RMENV);
#endif
}
void ob_init( unsigned char power, unsigned char rate, unsigned char channel, unsigned char* nid ) {
char i;
ob_int_mgmt.Mode = 0;
ob_int_mgmt.Pipes = 0;
/* Inititalize nRF24L01 */
if(!nRFAPI_Init(DEFAULT_CHANNEL, nid, NETID_SIZE ))
HaltBlinking();
ob_setNetID( nid );
ob_setRate( rate );
ob_setPower( power );
ob_setChannel( channel );
nRFAPI_SetPipeSizeRX(0, sizeof(ob_data) );
ob_switchRXMode();
nRFLL_CE(1);
/* initialize environment variables */
env_init();
if(!env_load())
{
env.e.speed=2;
env.e.mode=4;
env.e.tag_id=666;
env_store();
}
/* Statistik */
for(i=0; i<4; i++) {
ob_int_mgmt.rx_beacons[i] = 0;
ob_int_mgmt.fail_rx_beacons[i] = 0;
ob_int_mgmt.tx_beacons[i] = 0;
ob_int_mgmt.fail_tx_beacons[i] = 0;
}
#ifdef OPENBEACON_STATS_AUTO_SEND_TIME
ob_int_mgmt.stat_time = xTaskGetTickCount()+OPENBEACON_STATS_AUTO_SEND_TIME/2;
#else
ob_int_mgmt.stat_time = xTaskGetTickCount()+1000/2;
#endif
#ifdef OPENBEACON_TEST_AUTO_SEND
#ifdef OPENBEACON_TEST_AUTO_SEND_TIME
ob_int_mgmt.test_hw_diff=OPENBEACON_TEST_AUTO_SEND_TIME;
#else
ob_int_mgmt.test_hw_diff=1000;
#endif
#endif
}
static inline void prvSetupHardware (void)
{
/* When using the JTAG debugger the hardware is not always initialised to
the correct default state. This line just ensures that this does not
cause all interrupts to be masked at the start. */
AT91C_BASE_AIC->AIC_EOICR = 0;
/* Enable the peripheral clock. */
AT91C_BASE_PMC->PMC_PCER = 1 << AT91C_ID_PIOA;
AT91C_BASE_PMC->PMC_PCER = 1 << AT91C_ID_PIOB;
/* initialize environment variables */
AT91F_DBGU_Init();
env_init();
if(!env_load())
{
env.e.mode=0;
env.e.reader_id=1;
env_store();
}
}
// check profile line; if line == 0, this was generated from a command line option
// return 1 if the command is to be added to the linked list of profile commands
// return 0 if the command was already executed inside the function
int profile_check_line(char *ptr, int lineno, const char *fname) {
EUID_ASSERT();
// check ignore list
int i;
for (i = 0; i < MAX_PROFILE_IGNORE; i++) {
if (cfg.profile_ignore[i] == NULL)
break;
if (strncmp(ptr, cfg.profile_ignore[i], strlen(cfg.profile_ignore[i])) == 0)
return 0; // ignore line
}
if (strncmp(ptr, "ignore ", 7) == 0) {
char *str = strdup(ptr + 7);
if (*str == '\0') {
fprintf(stderr, "Error: invalid ignore option\n");
exit(1);
}
// find an empty entry in profile_ignore array
int j;
for (j = 0; j < MAX_PROFILE_IGNORE; j++) {
if (cfg.profile_ignore[j] == NULL)
break;
}
if (j >= MAX_PROFILE_IGNORE) {
fprintf(stderr, "Error: maximum %d --ignore options are permitted\n", MAX_PROFILE_IGNORE);
exit(1);
}
// ... and configure it
else
cfg.profile_ignore[j] = str;
return 0;
}
// mkdir
if (strncmp(ptr, "mkdir ", 6) == 0) {
fs_mkdir(ptr + 6);
return 1; // process mkdir again while applying blacklists
}
// mkfile
if (strncmp(ptr, "mkfile ", 7) == 0) {
fs_mkfile(ptr + 7);
return 1; // process mkfile again while applying blacklists
}
// sandbox name
else if (strncmp(ptr, "name ", 5) == 0) {
cfg.name = ptr + 5;
if (strlen(cfg.name) == 0) {
fprintf(stderr, "Error: invalid sandbox name\n");
exit(1);
}
return 0;
}
else if (strcmp(ptr, "ipc-namespace") == 0) {
arg_ipc = 1;
return 0;
}
// seccomp, caps, private, user namespace
else if (strcmp(ptr, "noroot") == 0) {
#if HAVE_USERNS
if (checkcfg(CFG_USERNS))
check_user_namespace();
else
warning_feature_disabled("noroot");
#endif
return 0;
}
else if (strcmp(ptr, "nonewprivs") == 0) {
arg_nonewprivs = 1;
return 0;
}
else if (strcmp(ptr, "seccomp") == 0) {
#ifdef HAVE_SECCOMP
if (checkcfg(CFG_SECCOMP))
arg_seccomp = 1;
else
warning_feature_disabled("seccomp");
#endif
return 0;
}
else if (strcmp(ptr, "caps") == 0) {
arg_caps_default_filter = 1;
return 0;
}
else if (strcmp(ptr, "caps.drop all") == 0) {
arg_caps_drop_all = 1;
return 0;
}
else if (strcmp(ptr, "shell none") == 0) {
arg_shell_none = 1;
return 0;
}
else if (strcmp(ptr, "tracelog") == 0) {
arg_tracelog = 1;
return 0;
}
else if (strcmp(ptr, "private") == 0) {
arg_private = 1;
return 0;
}
if (strncmp(ptr, "private-home ", 13) == 0) {
#ifdef HAVE_PRIVATE_HOME
if (checkcfg(CFG_PRIVATE_HOME)) {
if (cfg.home_private_keep) {
if ( asprintf(&cfg.home_private_keep, "%s,%s", cfg.home_private_keep, ptr + 13) < 0 )
errExit("asprintf");
} else
cfg.home_private_keep = ptr + 13;
arg_private = 1;
}
else
warning_feature_disabled("private-home");
#endif
return 0;
}
else if (strcmp(ptr, "allusers") == 0) {
arg_allusers = 1;
return 0;
}
else if (strcmp(ptr, "private-dev") == 0) {
arg_private_dev = 1;
return 0;
}
else if (strcmp(ptr, "private-tmp") == 0) {
arg_private_tmp = 1;
return 0;
}
else if (strcmp(ptr, "nogroups") == 0) {
arg_nogroups = 1;
return 0;
}
else if (strcmp(ptr, "nosound") == 0) {
arg_nosound = 1;
return 0;
}
else if (strcmp(ptr, "novideo") == 0) {
arg_novideo = 1;
return 0;
}
else if (strcmp(ptr, "no3d") == 0) {
arg_no3d = 1;
return 0;
}
else if (strcmp(ptr, "allow-private-blacklist") == 0) {
arg_allow_private_blacklist = 1;
return 0;
}
else if (strcmp(ptr, "netfilter") == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK))
arg_netfilter = 1;
else
warning_feature_disabled("networking");
#endif
return 0;
}
else if (strncmp(ptr, "netfilter ", 10) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
arg_netfilter = 1;
arg_netfilter_file = strdup(ptr + 10);
if (!arg_netfilter_file)
errExit("strdup");
check_netfilter_file(arg_netfilter_file);
}
else
warning_feature_disabled("networking");
#endif
return 0;
}
else if (strncmp(ptr, "netfilter6 ", 11) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
arg_netfilter6 = 1;
arg_netfilter6_file = strdup(ptr + 11);
if (!arg_netfilter6_file)
errExit("strdup");
check_netfilter_file(arg_netfilter6_file);
}
else
warning_feature_disabled("networking");
#endif
return 0;
}
else if (strcmp(ptr, "net none") == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
arg_nonetwork = 1;
cfg.bridge0.configured = 0;
cfg.bridge1.configured = 0;
cfg.bridge2.configured = 0;
cfg.bridge3.configured = 0;
cfg.interface0.configured = 0;
cfg.interface1.configured = 0;
cfg.interface2.configured = 0;
cfg.interface3.configured = 0;
}
else
warning_feature_disabled("networking");
#endif
return 0;
}
else if (strncmp(ptr, "net ", 4) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
#ifdef HAVE_NETWORK_RESTRICTED
// compile time restricted networking
if (getuid() != 0) {
fprintf(stderr, "Error: only \"net none\" is allowed to non-root users\n");
exit(1);
}
#endif
// run time restricted networking
if (checkcfg(CFG_RESTRICTED_NETWORK) && getuid() != 0) {
fprintf(stderr, "Error: only \"net none\" is allowed to non-root users\n");
exit(1);
}
if (strcmp(ptr + 4, "lo") == 0) {
fprintf(stderr, "Error: cannot attach to lo device\n");
exit(1);
}
Bridge *br;
if (cfg.bridge0.configured == 0)
br = &cfg.bridge0;
else if (cfg.bridge1.configured == 0)
br = &cfg.bridge1;
else if (cfg.bridge2.configured == 0)
br = &cfg.bridge2;
else if (cfg.bridge3.configured == 0)
br = &cfg.bridge3;
else {
fprintf(stderr, "Error: maximum 4 network devices are allowed\n");
exit(1);
}
net_configure_bridge(br, ptr + 4);
}
else
warning_feature_disabled("networking");
#endif
return 0;
}
else if (strncmp(ptr, "veth-name ", 10) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
Bridge *br = last_bridge_configured();
if (br == NULL) {
fprintf(stderr, "Error: no network device configured\n");
exit(1);
}
br->veth_name = strdup(ptr + 10);
if (br->veth_name == NULL)
errExit("strdup");
if (*br->veth_name == '\0') {
fprintf(stderr, "Error: no veth-name configured\n");
exit(1);
}
}
else
warning_feature_disabled("networking");
#endif
return 0;
}
else if (strncmp(ptr, "iprange ", 8) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
Bridge *br = last_bridge_configured();
if (br == NULL) {
fprintf(stderr, "Error: no network device configured\n");
exit(1);
}
if (br->iprange_start || br->iprange_end) {
fprintf(stderr, "Error: cannot configure the IP range twice for the same interface\n");
exit(1);
}
// parse option arguments
char *firstip = ptr + 8;
char *secondip = firstip;
while (*secondip != '\0') {
if (*secondip == ',')
break;
secondip++;
}
if (*secondip == '\0') {
fprintf(stderr, "Error: invalid IP range\n");
exit(1);
}
*secondip = '\0';
secondip++;
// check addresses
if (atoip(firstip, &br->iprange_start) || atoip(secondip, &br->iprange_end) ||
br->iprange_start >= br->iprange_end) {
fprintf(stderr, "Error: invalid IP range\n");
exit(1);
}
if (in_netrange(br->iprange_start, br->ip, br->mask) || in_netrange(br->iprange_end, br->ip, br->mask)) {
fprintf(stderr, "Error: IP range addresses not in network range\n");
exit(1);
}
}
else
warning_feature_disabled("networking");
#endif
return 0;
}
else if (strncmp(ptr, "mac ", 4) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
Bridge *br = last_bridge_configured();
if (br == NULL) {
fprintf(stderr, "Error: no network device configured\n");
exit(1);
}
if (mac_not_zero(br->macsandbox)) {
fprintf(stderr, "Error: cannot configure the MAC address twice for the same interface\n");
exit(1);
}
// read the address
if (atomac(ptr + 4, br->macsandbox)) {
fprintf(stderr, "Error: invalid MAC address\n");
exit(1);
}
}
else
warning_feature_disabled("networking");
#endif
return 0;
}
else if (strncmp(ptr, "mtu ", 4) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
Bridge *br = last_bridge_configured();
if (br == NULL) {
fprintf(stderr, "Error: no network device configured\n");
exit(1);
}
if (sscanf(ptr + 4, "%d", &br->mtu) != 1 || br->mtu < 576 || br->mtu > 9198) {
fprintf(stderr, "Error: invalid mtu value\n");
exit(1);
}
}
else
warning_feature_disabled("networking");
#endif
return 0;
}
else if (strncmp(ptr, "ip ", 3) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
Bridge *br = last_bridge_configured();
if (br == NULL) {
fprintf(stderr, "Error: no network device configured\n");
exit(1);
}
if (br->arg_ip_none || br->ipsandbox) {
fprintf(stderr, "Error: cannot configure the IP address twice for the same interface\n");
exit(1);
}
// configure this IP address for the last bridge defined
if (strcmp(ptr + 3, "none") == 0)
br->arg_ip_none = 1;
else {
if (atoip(ptr + 3, &br->ipsandbox)) {
fprintf(stderr, "Error: invalid IP address\n");
exit(1);
}
}
}
else
warning_feature_disabled("networking");
#endif
return 0;
}
else if (strncmp(ptr, "ip6 ", 4) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
Bridge *br = last_bridge_configured();
if (br == NULL) {
fprintf(stderr, "Error: no network device configured\n");
exit(1);
}
if (br->arg_ip_none || br->ip6sandbox) {
fprintf(stderr, "Error: cannot configure the IP address twice for the same interface\n");
exit(1);
}
// configure this IP address for the last bridge defined
// todo: verify ipv6 syntax
br->ip6sandbox = ptr + 4;
// if (atoip(argv[i] + 5, &br->ipsandbox)) {
// fprintf(stderr, "Error: invalid IP address\n");
// exit(1);
// }
}
else
warning_feature_disabled("networking");
#endif
return 0;
}
else if (strncmp(ptr, "defaultgw ", 10) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
if (atoip(ptr + 10, &cfg.defaultgw)) {
fprintf(stderr, "Error: invalid IP address\n");
exit(1);
}
}
else
warning_feature_disabled("networking");
#endif
return 0;
}
if (strcmp(ptr, "apparmor") == 0) {
#ifdef HAVE_APPARMOR
arg_apparmor = 1;
#endif
return 0;
}
if (strncmp(ptr, "protocol ", 9) == 0) {
#ifdef HAVE_SECCOMP
if (checkcfg(CFG_SECCOMP)) {
if (cfg.protocol) {
fwarning("a protocol list is present, the new list \"%s\" will not be installed\n", ptr + 9);
return 0;
}
// store list
cfg.protocol = strdup(ptr + 9);
if (!cfg.protocol)
errExit("strdup");
}
else
warning_feature_disabled("seccomp");
#endif
return 0;
}
if (strncmp(ptr, "env ", 4) == 0) {
env_store(ptr + 4, SETENV);
return 0;
}
if (strncmp(ptr, "rmenv ", 6) == 0) {
env_store(ptr + 6, RMENV);
return 0;
}
// seccomp drop list on top of default list
if (strncmp(ptr, "seccomp ", 8) == 0) {
#ifdef HAVE_SECCOMP
if (checkcfg(CFG_SECCOMP)) {
arg_seccomp = 1;
cfg.seccomp_list = seccomp_check_list(ptr + 8);
}
else if (!arg_quiet)
warning_feature_disabled("seccomp");
#endif
return 0;
}
// seccomp drop list without default list
if (strncmp(ptr, "seccomp.drop ", 13) == 0) {
#ifdef HAVE_SECCOMP
if (checkcfg(CFG_SECCOMP)) {
arg_seccomp = 1;
cfg.seccomp_list_drop = seccomp_check_list(ptr + 13);
}
else
warning_feature_disabled("seccomp");
#endif
return 0;
}
// seccomp keep list
if (strncmp(ptr, "seccomp.keep ", 13) == 0) {
#ifdef HAVE_SECCOMP
if (checkcfg(CFG_SECCOMP)) {
arg_seccomp = 1;
cfg.seccomp_list_keep= seccomp_check_list(ptr + 13);
}
else
warning_feature_disabled("seccomp");
#endif
return 0;
}
// caps drop list
if (strncmp(ptr, "caps.drop ", 10) == 0) {
arg_caps_drop = 1;
arg_caps_list = strdup(ptr + 10);
if (!arg_caps_list)
errExit("strdup");
// verify caps list and exit if problems
caps_check_list(arg_caps_list, NULL);
return 0;
}
// caps keep list
if (strncmp(ptr, "caps.keep ", 10) == 0) {
arg_caps_keep = 1;
arg_caps_list = strdup(ptr + 10);
if (!arg_caps_list)
errExit("strdup");
// verify caps list and exit if problems
caps_check_list(arg_caps_list, NULL);
return 0;
}
// hostname
if (strncmp(ptr, "hostname ", 9) == 0) {
cfg.hostname = ptr + 9;
return 0;
}
// hosts-file
if (strncmp(ptr, "hosts-file ", 11) == 0) {
cfg.hosts_file = fs_check_hosts_file(ptr + 11);
return 0;
}
// dns
if (strncmp(ptr, "dns ", 4) == 0) {
uint32_t dns;
if (atoip(ptr + 4, &dns)) {
fprintf(stderr, "Error: invalid DNS server IP address\n");
return 1;
}
if (cfg.dns1 == 0)
cfg.dns1 = dns;
else if (cfg.dns2 == 0)
cfg.dns2 = dns;
else if (cfg.dns3 == 0)
cfg.dns3 = dns;
else {
fprintf(stderr, "Error: up to 3 DNS servers can be specified\n");
return 1;
}
return 0;
}
// cpu affinity
if (strncmp(ptr, "cpu ", 4) == 0) {
read_cpu_list(ptr + 4);
return 0;
}
// nice value
if (strncmp(ptr, "nice ", 4) == 0) {
cfg.nice = atoi(ptr + 5);
if (getuid() != 0 &&cfg.nice < 0)
cfg.nice = 0;
arg_nice = 1;
return 0;
}
// cgroup
if (strncmp(ptr, "cgroup ", 7) == 0) {
set_cgroup(ptr + 7);
return 0;
}
// writable-etc
if (strcmp(ptr, "writable-etc") == 0) {
if (cfg.etc_private_keep) {
fprintf(stderr, "Error: private-etc and writable-etc are mutually exclusive\n");
exit(1);
}
arg_writable_etc = 1;
return 0;
}
if (strcmp(ptr, "machine-id") == 0) {
arg_machineid = 1;
return 0;
}
// writable-var
if (strcmp(ptr, "writable-var") == 0) {
arg_writable_var = 1;
return 0;
}
if (strcmp(ptr, "writable-var-log") == 0) {
arg_writable_var_log = 1;
return 0;
}
// private directory
if (strncmp(ptr, "private ", 8) == 0) {
cfg.home_private = ptr + 8;
fs_check_private_dir();
arg_private = 1;
return 0;
}
if (strcmp(ptr, "x11 none") == 0) {
arg_x11_block = 1;
return 0;
}
if (strcmp(ptr, "x11 xephyr") == 0) {
#ifdef HAVE_X11
if (checkcfg(CFG_X11)) {
char *x11env = getenv("FIREJAIL_X11");
if (x11env && strcmp(x11env, "yes") == 0) {
return 0;
}
else {
// start x11
x11_start_xephyr(cfg.original_argc, cfg.original_argv);
exit(0);
}
}
else
warning_feature_disabled("x11");
#endif
return 0;
}
if (strcmp(ptr, "x11 xorg") == 0) {
#ifdef HAVE_X11
if (checkcfg(CFG_X11))
arg_x11_xorg = 1;
else
warning_feature_disabled("x11");
#endif
return 0;
}
if (strcmp(ptr, "x11 xpra") == 0) {
#ifdef HAVE_X11
if (checkcfg(CFG_X11)) {
char *x11env = getenv("FIREJAIL_X11");
if (x11env && strcmp(x11env, "yes") == 0) {
return 0;
}
else {
// start x11
x11_start_xpra(cfg.original_argc, cfg.original_argv);
exit(0);
}
}
else
warning_feature_disabled("x11");
#endif
return 0;
}
if (strcmp(ptr, "x11 xvfb") == 0) {
#ifdef HAVE_X11
if (checkcfg(CFG_X11)) {
char *x11env = getenv("FIREJAIL_X11");
if (x11env && strcmp(x11env, "yes") == 0) {
return 0;
}
else {
// start x11
x11_start_xvfb(cfg.original_argc, cfg.original_argv);
exit(0);
}
}
else
warning_feature_disabled("x11");
#endif
return 0;
}
if (strcmp(ptr, "x11") == 0) {
#ifdef HAVE_X11
if (checkcfg(CFG_X11)) {
char *x11env = getenv("FIREJAIL_X11");
if (x11env && strcmp(x11env, "yes") == 0) {
return 0;
}
else {
// start x11
x11_start(cfg.original_argc, cfg.original_argv);
exit(0);
}
}
else
warning_feature_disabled("x11");
#endif
return 0;
}
// private /etc list of files and directories
if (strncmp(ptr, "private-etc ", 12) == 0) {
if (arg_writable_etc) {
fprintf(stderr, "Error: --private-etc and --writable-etc are mutually exclusive\n");
exit(1);
}
if (cfg.etc_private_keep) {
if ( asprintf(&cfg.etc_private_keep, "%s,%s", cfg.etc_private_keep, ptr + 12) < 0 )
errExit("asprintf");
} else {
cfg.etc_private_keep = ptr + 12;
}
arg_private_etc = 1;
return 0;
}
// private /opt list of files and directories
if (strncmp(ptr, "private-opt ", 12) == 0) {
if (cfg.opt_private_keep) {
if ( asprintf(&cfg.opt_private_keep, "%s,%s", cfg.opt_private_keep, ptr + 12) < 0 )
errExit("asprintf");
} else {
cfg.opt_private_keep = ptr + 12;
}
arg_private_opt = 1;
return 0;
}
// private /srv list of files and directories
if (strncmp(ptr, "private-srv ", 12) == 0) {
if (cfg.srv_private_keep) {
if ( asprintf(&cfg.srv_private_keep, "%s,%s", cfg.srv_private_keep, ptr + 12) < 0 )
errExit("asprintf");
} else {
cfg.srv_private_keep = ptr + 12;
}
arg_private_srv = 1;
return 0;
}
// private /bin list of files
if (strncmp(ptr, "private-bin ", 12) == 0) {
if (cfg.bin_private_keep) {
if ( asprintf(&cfg.bin_private_keep, "%s,%s", cfg.bin_private_keep, ptr + 12) < 0 )
errExit("asprintf");
} else {
cfg.bin_private_keep = ptr + 12;
}
arg_private_bin = 1;
return 0;
}
#ifdef HAVE_OVERLAYFS
if (strncmp(ptr, "overlay-named ", 14) == 0) {
if (checkcfg(CFG_OVERLAYFS)) {
if (cfg.chrootdir) {
fprintf(stderr, "Error: --overlay and --chroot options are mutually exclusive\n");
exit(1);
}
struct stat s;
if (stat("/proc/sys/kernel/grsecurity", &s) == 0) {
fprintf(stderr, "Error: --overlay option is not available on Grsecurity systems\n");
exit(1);
}
arg_overlay = 1;
arg_overlay_keep = 1;
arg_overlay_reuse = 1;
char *subdirname = ptr + 14;
if (subdirname == '\0') {
fprintf(stderr, "Error: invalid overlay option\n");
exit(1);
}
// check name
invalid_filename(subdirname);
if (strstr(subdirname, "..") || strstr(subdirname, "/")) {
fprintf(stderr, "Error: invalid overlay name\n");
exit(1);
}
cfg.overlay_dir = fs_check_overlay_dir(subdirname, arg_overlay_reuse);
}
return 0;
} else if (strcmp(ptr, "overlay-tmpfs") == 0) {
if (checkcfg(CFG_OVERLAYFS)) {
if (cfg.chrootdir) {
fprintf(stderr, "Error: --overlay and --chroot options are mutually exclusive\n");
exit(1);
}
struct stat s;
if (stat("/proc/sys/kernel/grsecurity", &s) == 0) {
fprintf(stderr, "Error: --overlay option is not available on Grsecurity systems\n");
exit(1);
}
arg_overlay = 1;
return 0;
}
} else if (strcmp(ptr, "overlay") == 0) {
if (checkcfg(CFG_OVERLAYFS)) {
if (cfg.chrootdir) {
fprintf(stderr, "Error: --overlay and --chroot options are mutually exclusive\n");
exit(1);
}
struct stat s;
if (stat("/proc/sys/kernel/grsecurity", &s) == 0) {
fprintf(stderr, "Error: --overlay option is not available on Grsecurity systems\n");
exit(1);
}
arg_overlay = 1;
arg_overlay_keep = 1;
char *subdirname;
if (asprintf(&subdirname, "%d", getpid()) == -1)
errExit("asprintf");
cfg.overlay_dir = fs_check_overlay_dir(subdirname, arg_overlay_reuse);
free(subdirname);
return 0;
}
}
#endif
// filesystem bind
if (strncmp(ptr, "bind ", 5) == 0) {
#ifdef HAVE_BIND
if (checkcfg(CFG_BIND)) {
if (getuid() != 0) {
fprintf(stderr, "Error: --bind option is available only if running as root\n");
exit(1);
}
// extract two directories
char *dname1 = ptr + 5;
char *dname2 = split_comma(dname1); // this inserts a '0 to separate the two dierctories
if (dname2 == NULL) {
fprintf(stderr, "Error: missing second directory for bind\n");
exit(1);
}
// check directories
invalid_filename(dname1);
invalid_filename(dname2);
if (strstr(dname1, "..") || strstr(dname2, "..")) {
fprintf(stderr, "Error: invalid file name.\n");
exit(1);
}
if (is_link(dname1) || is_link(dname2)) {
fprintf(stderr, "Symbolic links are not allowed for bind command\n");
exit(1);
}
// insert comma back
*(dname2 - 1) = ',';
return 1;
}
else
warning_feature_disabled("bind");
#endif
return 0;
}
// rlimit
if (strncmp(ptr, "rlimit", 6) == 0) {
if (strncmp(ptr, "rlimit-nofile ", 14) == 0) {
check_unsigned(ptr + 14, "Error: invalid rlimit in profile file: ");
sscanf(ptr + 14, "%llu", &cfg.rlimit_nofile);
arg_rlimit_nofile = 1;
}
else if (strncmp(ptr, "rlimit-nproc ", 13) == 0) {
check_unsigned(ptr + 13, "Error: invalid rlimit in profile file: ");
sscanf(ptr + 13, "%llu", &cfg.rlimit_nproc);
arg_rlimit_nproc = 1;
}
else if (strncmp(ptr, "rlimit-fsize ", 13) == 0) {
check_unsigned(ptr + 13, "Error: invalid rlimit in profile file: ");
sscanf(ptr + 13, "%llu", &cfg.rlimit_fsize);
arg_rlimit_fsize = 1;
}
else if (strncmp(ptr, "rlimit-sigpending ", 18) == 0) {
check_unsigned(ptr + 18, "Error: invalid rlimit in profile file: ");
sscanf(ptr + 18, "%llu", &cfg.rlimit_sigpending);
arg_rlimit_sigpending = 1;
}
else {
fprintf(stderr, "Invalid rlimit option on line %d\n", lineno);
exit(1);
}
return 0;
}
if (strncmp(ptr, "join-or-start ", 14) == 0) {
// try to join by name only
pid_t pid;
if (!name2pid(ptr + 14, &pid)) {
if (!cfg.shell && !arg_shell_none)
cfg.shell = guess_shell();
// find first non-option arg
int i;
for (i = 1; i < cfg.original_argc && strncmp(cfg.original_argv[i], "--", 2) != 0; i++);
join(pid, cfg.original_argc,cfg.original_argv, i + 1);
exit(0);
}
// set sandbox name and start normally
cfg.name = ptr + 14;
if (strlen(cfg.name) == 0) {
fprintf(stderr, "Error: invalid sandbox name\n");
exit(1);
}
return 0;
}
// rest of filesystem
if (strncmp(ptr, "blacklist ", 10) == 0)
ptr += 10;
else if (strncmp(ptr, "blacklist-nolog ", 16) == 0)
ptr += 16;
else if (strncmp(ptr, "noblacklist ", 12) == 0)
ptr += 12;
else if (strncmp(ptr, "whitelist ", 10) == 0) {
#ifdef HAVE_WHITELIST
if (checkcfg(CFG_WHITELIST)) {
arg_whitelist = 1;
ptr += 10;
}
else
return 0;
#else
return 0;
#endif
}
else if (strncmp(ptr, "nowhitelist ", 12) == 0)
ptr += 12;
else if (strncmp(ptr, "read-only ", 10) == 0)
ptr += 10;
else if (strncmp(ptr, "read-write ", 11) == 0)
ptr += 11;
else if (strncmp(ptr, "noexec ", 7) == 0)
ptr += 7;
else if (strncmp(ptr, "tmpfs ", 6) == 0) {
if (getuid() != 0) {
fprintf(stderr, "Error: tmpfs available only when running the sandbox as root\n");
exit(1);
}
ptr += 6;
}
else {
if (lineno == 0)
fprintf(stderr, "Error: \"%s\" as a command line option is invalid\n", ptr);
else if (fname != NULL)
fprintf(stderr, "Error: line %d in %s is invalid\n", lineno, fname);
else
fprintf(stderr, "Error: line %d in the custom profile is invalid\n", lineno);
exit(1);
}
// some characters just don't belong in filenames
invalid_filename(ptr);
if (strstr(ptr, "..")) {
if (lineno == 0)
fprintf(stderr, "Error: \"%s\" is an invalid filename\n", ptr);
else if (fname != NULL)
fprintf(stderr, "Error: line %d in %s is invalid\n", lineno, fname);
else
fprintf(stderr, "Error: line %d in the custom profile is invalid\n", lineno);
exit(1);
}
return 1;
}
// check profile line; if line == 0, this was generated from a command line option
// return 1 if the command is to be added to the linked list of profile commands
// return 0 if the command was already executed inside the function
int profile_check_line(char *ptr, int lineno, const char *fname) {
EUID_ASSERT();
// check ignore list
int i;
for (i = 0; i < MAX_PROFILE_IGNORE; i++) {
if (cfg.profile_ignore[i] == NULL)
break;
if (strncmp(ptr, cfg.profile_ignore[i], strlen(cfg.profile_ignore[i])) == 0)
return 0; // ignore line
}
if (strncmp(ptr, "ignore ", 7) == 0) {
char *str = strdup(ptr + 7);
if (*str == '\0') {
fprintf(stderr, "Error: invalid ignore option\n");
exit(1);
}
// find an empty entry in profile_ignore array
int j;
for (j = 0; j < MAX_PROFILE_IGNORE; j++) {
if (cfg.profile_ignore[j] == NULL)
break;
}
if (j >= MAX_PROFILE_IGNORE) {
fprintf(stderr, "Error: maximum %d --ignore options are permitted\n", MAX_PROFILE_IGNORE);
exit(1);
}
// ... and configure it
else
cfg.profile_ignore[j] = str;
return 0;
}
// mkdir
if (strncmp(ptr, "mkdir ", 6) == 0) {
fs_mkdir(ptr + 6);
return 0;
}
// sandbox name
else if (strncmp(ptr, "name ", 5) == 0) {
cfg.name = ptr + 5;
if (strlen(cfg.name) == 0) {
fprintf(stderr, "Error: invalid sandbox name\n");
exit(1);
}
return 0;
}
else if (strcmp(ptr, "ipc-namespace") == 0) {
arg_ipc = 1;
return 0;
}
// seccomp, caps, private, user namespace
else if (strcmp(ptr, "noroot") == 0) {
#if HAVE_USERNS
if (checkcfg(CFG_USERNS))
check_user_namespace();
else
fprintf(stderr, "Warning: user namespace feature is disabled in Firejail configuration file\n");
#endif
return 0;
}
else if (strcmp(ptr, "nonewprivs") == 0) {
arg_nonewprivs = 1;
return 0;
}
else if (strcmp(ptr, "seccomp") == 0) {
#ifdef HAVE_SECCOMP
if (checkcfg(CFG_SECCOMP))
arg_seccomp = 1;
else
fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n");
#endif
return 0;
}
else if (strcmp(ptr, "caps") == 0) {
arg_caps_default_filter = 1;
return 0;
}
else if (strcmp(ptr, "caps.drop all") == 0) {
arg_caps_drop_all = 1;
return 0;
}
else if (strcmp(ptr, "shell none") == 0) {
arg_shell_none = 1;
return 0;
}
else if (strcmp(ptr, "tracelog") == 0) {
arg_tracelog = 1;
return 0;
}
else if (strcmp(ptr, "private") == 0) {
arg_private = 1;
return 0;
}
else if (strcmp(ptr, "private-dev") == 0) {
arg_private_dev = 1;
return 0;
}
else if (strcmp(ptr, "private-tmp") == 0) {
arg_private_tmp = 1;
return 0;
}
else if (strcmp(ptr, "nogroups") == 0) {
arg_nogroups = 1;
return 0;
}
else if (strcmp(ptr, "nosound") == 0) {
arg_nosound = 1;
arg_private_dev = 1;
return 0;
}
else if (strcmp(ptr, "netfilter") == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK))
arg_netfilter = 1;
else
fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
#endif
return 0;
}
else if (strncmp(ptr, "netfilter ", 10) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
arg_netfilter = 1;
arg_netfilter_file = strdup(ptr + 10);
if (!arg_netfilter_file)
errExit("strdup");
check_netfilter_file(arg_netfilter_file);
}
else
fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
#endif
return 0;
}
else if (strncmp(ptr, "netfilter6 ", 11) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
arg_netfilter6 = 1;
arg_netfilter6_file = strdup(ptr + 11);
if (!arg_netfilter6_file)
errExit("strdup");
check_netfilter_file(arg_netfilter6_file);
}
else
fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
#endif
return 0;
}
else if (strcmp(ptr, "net none") == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
arg_nonetwork = 1;
cfg.bridge0.configured = 0;
cfg.bridge1.configured = 0;
cfg.bridge2.configured = 0;
cfg.bridge3.configured = 0;
cfg.interface0.configured = 0;
cfg.interface1.configured = 0;
cfg.interface2.configured = 0;
cfg.interface3.configured = 0;
}
else
fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
#endif
return 0;
}
else if (strncmp(ptr, "net ", 4) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
#ifdef HAVE_NETWORK_RESTRICTED
// compile time restricted networking
if (getuid() != 0) {
fprintf(stderr, "Error: only \"net none\" is allowed to non-root users\n");
exit(1);
}
#endif
// run time restricted networking
if (checkcfg(CFG_RESTRICTED_NETWORK) && getuid() != 0) {
fprintf(stderr, "Error: only \"net none\" is allowed to non-root users\n");
exit(1);
}
if (strcmp(ptr + 4, "lo") == 0) {
fprintf(stderr, "Error: cannot attach to lo device\n");
exit(1);
}
Bridge *br;
if (cfg.bridge0.configured == 0)
br = &cfg.bridge0;
else if (cfg.bridge1.configured == 0)
br = &cfg.bridge1;
else if (cfg.bridge2.configured == 0)
br = &cfg.bridge2;
else if (cfg.bridge3.configured == 0)
br = &cfg.bridge3;
else {
fprintf(stderr, "Error: maximum 4 network devices are allowed\n");
exit(1);
}
net_configure_bridge(br, ptr + 4);
}
else
fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
#endif
return 0;
}
else if (strncmp(ptr, "iprange ", 8) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
Bridge *br = last_bridge_configured();
if (br == NULL) {
fprintf(stderr, "Error: no network device configured\n");
exit(1);
}
if (br->iprange_start || br->iprange_end) {
fprintf(stderr, "Error: cannot configure the IP range twice for the same interface\n");
exit(1);
}
// parse option arguments
char *firstip = ptr + 8;
char *secondip = firstip;
while (*secondip != '\0') {
if (*secondip == ',')
break;
secondip++;
}
if (*secondip == '\0') {
fprintf(stderr, "Error: invalid IP range\n");
exit(1);
}
*secondip = '\0';
secondip++;
// check addresses
if (atoip(firstip, &br->iprange_start) || atoip(secondip, &br->iprange_end) ||
br->iprange_start >= br->iprange_end) {
fprintf(stderr, "Error: invalid IP range\n");
exit(1);
}
if (in_netrange(br->iprange_start, br->ip, br->mask) || in_netrange(br->iprange_end, br->ip, br->mask)) {
fprintf(stderr, "Error: IP range addresses not in network range\n");
exit(1);
}
}
else
fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
#endif
return 0;
}
// from here
else if (strncmp(ptr, "mac ", 4) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
Bridge *br = last_bridge_configured();
if (br == NULL) {
fprintf(stderr, "Error: no network device configured\n");
exit(1);
}
if (mac_not_zero(br->macsandbox)) {
fprintf(stderr, "Error: cannot configure the MAC address twice for the same interface\n");
exit(1);
}
// read the address
if (atomac(ptr + 4, br->macsandbox)) {
fprintf(stderr, "Error: invalid MAC address\n");
exit(1);
}
}
else
fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
#endif
return 0;
}
else if (strncmp(ptr, "mtu ", 4) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
Bridge *br = last_bridge_configured();
if (br == NULL) {
fprintf(stderr, "Error: no network device configured\n");
exit(1);
}
if (sscanf(ptr + 4, "%d", &br->mtu) != 1 || br->mtu < 576 || br->mtu > 9198) {
fprintf(stderr, "Error: invalid mtu value\n");
exit(1);
}
}
else
fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
#endif
return 0;
}
else if (strncmp(ptr, "ip ", 3) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
Bridge *br = last_bridge_configured();
if (br == NULL) {
fprintf(stderr, "Error: no network device configured\n");
exit(1);
}
if (br->arg_ip_none || br->ipsandbox) {
fprintf(stderr, "Error: cannot configure the IP address twice for the same interface\n");
exit(1);
}
// configure this IP address for the last bridge defined
if (strcmp(ptr + 3, "none") == 0)
br->arg_ip_none = 1;
else {
if (atoip(ptr + 3, &br->ipsandbox)) {
fprintf(stderr, "Error: invalid IP address\n");
exit(1);
}
}
}
else
fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
#endif
return 0;
}
else if (strncmp(ptr, "ip6 ", 4) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
Bridge *br = last_bridge_configured();
if (br == NULL) {
fprintf(stderr, "Error: no network device configured\n");
exit(1);
}
if (br->arg_ip_none || br->ip6sandbox) {
fprintf(stderr, "Error: cannot configure the IP address twice for the same interface\n");
exit(1);
}
// configure this IP address for the last bridge defined
// todo: verify ipv6 syntax
br->ip6sandbox = ptr + 4;
// if (atoip(argv[i] + 5, &br->ipsandbox)) {
// fprintf(stderr, "Error: invalid IP address\n");
// exit(1);
// }
}
else
fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
#endif
return 0;
}
else if (strncmp(ptr, "defaultgw ", 10) == 0) {
#ifdef HAVE_NETWORK
if (checkcfg(CFG_NETWORK)) {
if (atoip(ptr + 10, &cfg.defaultgw)) {
fprintf(stderr, "Error: invalid IP address\n");
exit(1);
}
}
else
fprintf(stderr, "Warning: networking features are disabled in Firejail configuration file\n");
#endif
return 0;
}
if (strncmp(ptr, "protocol ", 9) == 0) {
#ifdef HAVE_SECCOMP
if (checkcfg(CFG_SECCOMP))
protocol_store(ptr + 9);
else
fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n");
#endif
return 0;
}
if (strncmp(ptr, "env ", 4) == 0) {
env_store(ptr + 4);
return 0;
}
// seccomp drop list on top of default list
if (strncmp(ptr, "seccomp ", 8) == 0) {
#ifdef HAVE_SECCOMP
if (checkcfg(CFG_SECCOMP)) {
arg_seccomp = 1;
cfg.seccomp_list = strdup(ptr + 8);
if (!cfg.seccomp_list)
errExit("strdup");
}
else
fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n");
#endif
return 0;
}
// seccomp drop list without default list
if (strncmp(ptr, "seccomp.drop ", 13) == 0) {
#ifdef HAVE_SECCOMP
if (checkcfg(CFG_SECCOMP)) {
arg_seccomp = 1;
cfg.seccomp_list_drop = strdup(ptr + 13);
if (!cfg.seccomp_list_drop)
errExit("strdup");
}
else
fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n");
#endif
return 0;
}
// seccomp keep list
if (strncmp(ptr, "seccomp.keep ", 13) == 0) {
#ifdef HAVE_SECCOMP
if (checkcfg(CFG_SECCOMP)) {
arg_seccomp = 1;
cfg.seccomp_list_keep= strdup(ptr + 13);
if (!cfg.seccomp_list_keep)
errExit("strdup");
}
else
fprintf(stderr, "Warning: user seccomp feature is disabled in Firejail configuration file\n");
#endif
return 0;
}
// caps drop list
if (strncmp(ptr, "caps.drop ", 10) == 0) {
arg_caps_drop = 1;
arg_caps_list = strdup(ptr + 10);
if (!arg_caps_list)
errExit("strdup");
// verify seccomp list and exit if problems
if (caps_check_list(arg_caps_list, NULL))
exit(1);
return 0;
}
// caps keep list
if (strncmp(ptr, "caps.keep ", 10) == 0) {
arg_caps_keep = 1;
arg_caps_list = strdup(ptr + 10);
if (!arg_caps_list)
errExit("strdup");
// verify seccomp list and exit if problems
if (caps_check_list(arg_caps_list, NULL))
exit(1);
return 0;
}
// hostname
if (strncmp(ptr, "hostname ", 9) == 0) {
cfg.hostname = ptr + 9;
return 0;
}
// dns
if (strncmp(ptr, "dns ", 4) == 0) {
uint32_t dns;
if (atoip(ptr + 4, &dns)) {
fprintf(stderr, "Error: invalid DNS server IP address\n");
return 1;
}
if (cfg.dns1 == 0)
cfg.dns1 = dns;
else if (cfg.dns2 == 0)
cfg.dns2 = dns;
else if (cfg.dns3 == 0)
cfg.dns3 = dns;
else {
fprintf(stderr, "Error: up to 3 DNS servers can be specified\n");
return 1;
}
return 0;
}
// cpu affinity
if (strncmp(ptr, "cpu ", 4) == 0) {
read_cpu_list(ptr + 4);
return 0;
}
// nice value
if (strncmp(ptr, "nice ", 4) == 0) {
cfg.nice = atoi(ptr + 5);
if (getuid() != 0 &&cfg.nice < 0)
cfg.nice = 0;
arg_nice = 1;
return 0;
}
// cgroup
if (strncmp(ptr, "cgroup ", 7) == 0) {
set_cgroup(ptr + 7);
return 0;
}
// writable-etc
if (strcmp(ptr, "writable-etc") == 0) {
if (cfg.etc_private_keep) {
fprintf(stderr, "Error: private-etc and writable-etc are mutually exclusive\n");
exit(1);
}
arg_writable_etc = 1;
return 0;
}
// writable-var
if (strcmp(ptr, "writable-var") == 0) {
arg_writable_var = 1;
return 0;
}
// private directory
if (strncmp(ptr, "private ", 8) == 0) {
cfg.home_private = ptr + 8;
fs_check_private_dir();
arg_private = 1;
return 0;
}
// private /etc list of files and directories
if (strncmp(ptr, "private-etc ", 12) == 0) {
if (arg_writable_etc) {
fprintf(stderr, "Error: --private-etc and --writable-etc are mutually exclusive\n");
exit(1);
}
cfg.etc_private_keep = ptr + 12;
fs_check_etc_list();
arg_private_etc = 1;
return 0;
}
// private /bin list of files
if (strncmp(ptr, "private-bin ", 12) == 0) {
cfg.bin_private_keep = ptr + 12;
arg_private_bin = 1;
fs_check_bin_list();
return 0;
}
// filesystem bind
if (strncmp(ptr, "bind ", 5) == 0) {
#ifdef HAVE_BIND
if (checkcfg(CFG_BIND)) {
if (getuid() != 0) {
fprintf(stderr, "Error: --bind option is available only if running as root\n");
exit(1);
}
// extract two directories
char *dname1 = ptr + 5;
char *dname2 = split_comma(dname1); // this inserts a '0 to separate the two dierctories
if (dname2 == NULL) {
fprintf(stderr, "Error: missing second directory for bind\n");
exit(1);
}
// check directories
invalid_filename(dname1);
invalid_filename(dname2);
if (strstr(dname1, "..") || strstr(dname2, "..")) {
fprintf(stderr, "Error: invalid file name.\n");
exit(1);
}
if (is_link(dname1) || is_link(dname2)) {
fprintf(stderr, "Symbolic links are not allowed for bind command\n");
exit(1);
}
// insert comma back
*(dname2 - 1) = ',';
return 1;
}
else {
fprintf(stderr, "Warning: bind feature is disabled in Firejail configuration file\n");
return 0;
}
#else
return 0;
#endif
}
// rlimit
if (strncmp(ptr, "rlimit", 6) == 0) {
if (strncmp(ptr, "rlimit-nofile ", 14) == 0) {
ptr += 14;
if (not_unsigned(ptr)) {
fprintf(stderr, "Invalid rlimit option on line %d\n", lineno);
exit(1);
}
sscanf(ptr, "%u", &cfg.rlimit_nofile);
arg_rlimit_nofile = 1;
}
else if (strncmp(ptr, "rlimit-nproc ", 13) == 0) {
ptr += 13;
if (not_unsigned(ptr)) {
fprintf(stderr, "Invalid rlimit option on line %d\n", lineno);
exit(1);
}
sscanf(ptr, "%u", &cfg.rlimit_nproc);
arg_rlimit_nproc = 1;
}
else if (strncmp(ptr, "rlimit-fsize ", 13) == 0) {
ptr += 13;
if (not_unsigned(ptr)) {
fprintf(stderr, "Invalid rlimit option on line %d\n", lineno);
exit(1);
}
sscanf(ptr, "%u", &cfg.rlimit_fsize);
arg_rlimit_fsize = 1;
}
else if (strncmp(ptr, "rlimit-sigpending ", 18) == 0) {
ptr += 18;
if (not_unsigned(ptr)) {
fprintf(stderr, "Invalid rlimit option on line %d\n", lineno);
exit(1);
}
sscanf(ptr, "%u", &cfg.rlimit_sigpending);
arg_rlimit_sigpending = 1;
}
else {
fprintf(stderr, "Invalid rlimit option on line %d\n", lineno);
exit(1);
}
return 0;
}
// read-write
if (strncmp(ptr, "read-write ", 11) == 0) {
if (getuid() != 0) {
fprintf(stderr, "Error: read-write command is available only for root user\n");
exit(1);
}
fs_rdwr_add(ptr + 11);
return 0;
}
// rest of filesystem
if (strncmp(ptr, "blacklist ", 10) == 0)
ptr += 10;
else if (strncmp(ptr, "blacklist-nolog ", 16) == 0)
ptr += 16;
else if (strncmp(ptr, "noblacklist ", 12) == 0)
ptr += 12;
else if (strncmp(ptr, "whitelist ", 10) == 0) {
#ifdef HAVE_WHITELIST
if (checkcfg(CFG_WHITELIST)) {
arg_whitelist = 1;
ptr += 10;
}
else
return 0;
#else
return 0;
#endif
}
else if (strncmp(ptr, "read-only ", 10) == 0)
ptr += 10;
else if (strncmp(ptr, "tmpfs ", 6) == 0) {
if (getuid() != 0) {
fprintf(stderr, "Error: tmpfs available only when running the sandbox as root\n");
exit(1);
}
ptr += 6;
}
else {
if (lineno == 0)
fprintf(stderr, "Error: \"%s\" as a command line option is invalid\n", ptr);
else if (fname != NULL)
fprintf(stderr, "Error: line %d in %s is invalid\n", lineno, fname);
else
fprintf(stderr, "Error: line %d in the custom profile is invalid\n", lineno);
exit(1);
}
// some characters just don't belong in filenames
invalid_filename(ptr);
if (strstr(ptr, "..")) {
if (lineno == 0)
fprintf(stderr, "Error: \"%s\" is an invalid filename\n", ptr);
else if (fname != NULL)
fprintf(stderr, "Error: line %d in %s is invalid\n", lineno, fname);
else
fprintf(stderr, "Error: line %d in the custom profile is invalid\n", lineno);
exit(1);
}
return 1;
}
static void
vCmdTask (void *pvParameters)
{
(void) pvParameters;
unsigned int t = 0;
portCHAR cByte;
portBASE_TYPE len = 0;
static char next_command[MAX_CMD_LINE_LENGTH];
for (;;)
{
if (vUSBRecvByte (&cByte, 1, 100))
{
vDebugSendHook (cByte);
switch (cByte)
{
case '\n':
case '\r':
if (len)
{
next_command[len] = 0;
vCmdProcess (next_command);
len = 0;
}
break;
default:
next_command[len++] = cByte;
}
}
else if (AT91F_PIO_GetInput (EXT_BUTTON_PIO) & EXT_BUTTON_PIN)
{
if (t < 30)
t++;
else
{
for (t = 0; t < 10; t++)
{
vTaskDelay (500 / portTICK_RATE_MS);
led_set_red (0);
vTaskDelay (500 / portTICK_RATE_MS);
led_set_red (1);
}
/* backup reader id */
t = env.e.reader_id;
vNetworkResetDefaultSettings ();
/* restore reader id */
env.e.reader_id = t;
/* store the configuration */
env_store ();
/* wait a bit before the reset */
debug_printf ("restoring original settings"
" after reset pin triggerd & reboot...\n");
vTaskDelay (1000 / portTICK_RATE_MS);
/*force watchdog reset */
while (1);
}
}
else
t = 0;
}
}
static inline void
vCmdProcess (const char *cmdline)
{
unsigned char cmd, assign;
unsigned int t;
cmd = (unsigned char) (*cmdline++);
if ((cmd >= 'a') && (cmd <= 'z'))
cmd -= ('a' - 'A');
switch (*cmdline)
{
case '=':
case ' ':
assign = 1;
cmdline++;
break;
case 0:
assign = 0;
break;
default:
assign = 1;
}
switch (cmd)
{
case 'A':
vNetworkSetIP (&env.e.ip_host, assign ? cmdline : NULL, "reader");
break;
case 'B':
debug_printf ("rebooting...\n");
vTaskDelay (1000 / portTICK_RATE_MS);
/*force watchdog reset */
while (1);
break;
case 'C':
vNetworkDumpConfig ();
debug_printf ("System configuration:\n"
"\tFirmware Version: v" PROGRAM_VERSION "\n"
"\tReader ID: %i\n"
"\tRF packet duplicate filter: %s\n\n",
env.e.reader_id,
env.e.filter_duplicates ? "ON" : "OFF");
break;
case 'D':
if (assign)
{
t = atoiEx (cmdline);
debug_printf ("setting debug level to %u\n", t);
PtSetDebugLevel (t);
}
else
debug_printf
("usage: 'd' - set debug level ('d[disable=0, lowest=1]')\n");
break;
case 'F':
if (assign)
{
t = atoiEx (cmdline) ? 1 : 0;
debug_printf ("%s duplicate filtering\n",
t ? "enabled" : "disabled");
env.e.filter_duplicates = t;
}
else
debug_printf
("usage: 'f' - set RF packet duplicate filtering\n"
" ('f[disable=0, enable=1]')\n");
break;
case 'G':
vNetworkSetIP (&env.e.ip_gateway, assign ? cmdline : NULL,
"gateway");
break;
case 'I':
if (assign)
{
#ifndef ALLOW_READER_ID_CHANGE
if (env.e.reader_id)
debug_printf ("ERROR: reader id already set!\n");
else
{
#endif /*ALLOW_READER_ID_CHANGE */
t = atoiEx (cmdline);
if (t > 0 && t < MAC_IAB_MASK)
env.e.reader_id = t;
else
debug_printf
("error: reader_id needs to be between 1 and %u (used '%s')\n",
MAC_IAB_MASK, cmdline);
#ifndef ALLOW_READER_ID_CHANGE
}
#endif /*ALLOW_READER_ID_CHANGE */
}
debug_printf ("reader_id=%i\n", env.e.reader_id);
break;
case 'L':
if (assign)
{
t = atoiEx (cmdline) > 0;
debug_printf ("red_led=%i\n", t);
led_set_red (t);
}
else
debug_printf
("usage: 'l' - red LED ('l[enable=0, disable=1]')\n");
break;
case 'M':
vNetworkSetIP (&env.e.ip_netmask, assign ? cmdline : NULL,
"netmask");
break;
case 'N':
if (assign)
env.e.ip_autoconfig = atoiEx (cmdline);
debug_printf ("ip_autoconfig=%i\n", env.e.ip_autoconfig);
break;
case 'P':
if (assign)
env.e.ip_server_port = atoiEx (cmdline);
debug_printf ("server UDP port=%i\n", env.e.ip_server_port);
break;
case 'R':
/* backup reader id */
t = env.e.reader_id;
vNetworkResetDefaultSettings ();
/* restore reader id */
env.e.reader_id = t;
debug_printf ("restoring original settings & reboot...\n");
vNetworkDumpConfig ();
vTaskDelay (1000 / portTICK_RATE_MS);
env_store ();
/*force watchdog reset */
while (1);
break;
case 'S':
debug_printf ("storing configuration & reboot...\n");
vTaskDelay (1000 / portTICK_RATE_MS);
env_store ();
/*force watchdog reset */
while (1);
break;
case 'T':
vNetworkSetIP (&env.e.ip_server, assign ? cmdline : NULL,
"server");
break;
case 'U':
debug_printf ("resetting reader to firmware update mode...\n");
vTaskDelay (1000 / portTICK_RATE_MS);
env_reboot_to_update ();
break;
case 'H':
case '?':
vCmdHelp ();
break;
case 'X':
vCmdDumpStatistics ();
PtStatusRxTx ();
break;
default:
debug_printf ("Unkown CMD:'%c'\n", cmd);
}
}
// load IBUS env variables
void env_ibus_load(void) {
EUID_ASSERT();
// check ~/.config/ibus/bus directory
char *dirname;
if (asprintf(&dirname, "%s/.config/ibus/bus", cfg.homedir) == -1)
errExit("asprintf");
struct stat s;
if (stat(dirname, &s) == -1)
return;
// find the file
/* coverity[toctou] */
DIR *dir = opendir(dirname);
if (!dir) {
free(dirname);
return;
}
struct dirent *entry;
while ((entry = readdir(dir)) != NULL) {
// check the file name ends in "unix-0"
char *ptr = strstr(entry->d_name, "unix-0");
if (!ptr)
continue;
if (strlen(ptr) != 6)
continue;
// open the file
char *fname;
if (asprintf(&fname, "%s/%s", dirname, entry->d_name) == -1)
errExit("asprintf");
FILE *fp = fopen(fname, "r");
free(fname);
if (!fp)
continue;
// read the file
const int maxline = 4096;
char buf[maxline];
while (fgets(buf, maxline, fp)) {
if (strncmp(buf, "IBUS_", 5) != 0)
continue;
char *ptr = strchr(buf, '=');
if (!ptr)
continue;
ptr = strchr(buf, '\n');
if (ptr)
*ptr = '\0';
if (arg_debug)
printf("%s\n", buf);
env_store(buf, SETENV);
}
fclose(fp);
}
free(dirname);
closedir(dir);
}
// check profile line; if line == 0, this was generated from a command line option
// return 1 if the command is to be added to the linked list of profile commands
// return 0 if the command was already executed inside the function
int profile_check_line(char *ptr, int lineno) {
// check ignore list
int i;
for (i = 0; i < MAX_PROFILE_IGNORE; i++) {
if (cfg.profile_ignore[i] == NULL)
break;
if (strncmp(ptr, cfg.profile_ignore[i], strlen(cfg.profile_ignore[i])) == 0)
return 0; // ignore line
}
if (strncmp(ptr, "ignore ", 7) == 0) {
char *str = strdup(ptr + 7);
if (*str == '\0') {
fprintf(stderr, "Error: invalid ignore option\n");
exit(1);
}
// find an empty entry in profile_ignore array
int j;
for (j = 0; j < MAX_PROFILE_IGNORE; j++) {
if (cfg.profile_ignore[j] == NULL)
break;
}
if (j >= MAX_PROFILE_IGNORE) {
fprintf(stderr, "Error: maximum %d --ignore options are permitted\n", MAX_PROFILE_IGNORE);
exit(1);
}
// ... and configure it
cfg.profile_ignore[j] = str;
return 0;
}
// seccomp, caps, private, user namespace
if (strcmp(ptr, "noroot") == 0) {
check_user_namespace();
return 0;
}
else if (strcmp(ptr, "seccomp") == 0) {
arg_seccomp = 1;
return 0;
}
else if (strcmp(ptr, "caps") == 0) {
arg_caps_default_filter = 1;
return 0;
}
else if (strcmp(ptr, "caps.drop all") == 0) {
arg_caps_drop_all = 1;
return 0;
}
else if (strcmp(ptr, "shell none") == 0) {
arg_shell_none = 1;
return 0;
}
else if (strcmp(ptr, "private") == 0) {
arg_private = 1;
return 0;
}
else if (strcmp(ptr, "private-dev") == 0) {
arg_private_dev = 1;
return 0;
}
else if (strcmp(ptr, "nogroups") == 0) {
arg_nogroups = 1;
return 0;
}
else if (strcmp(ptr, "netfilter") == 0) {
arg_netfilter = 1;
return 0;
}
else if (strncmp(ptr, "netfilter ", 10) == 0) {
arg_netfilter = 1;
arg_netfilter_file = strdup(ptr + 10);
if (!arg_netfilter_file)
errExit("strdup");
check_netfilter_file(arg_netfilter_file);
return 0;
}
else if (strcmp(ptr, "net none") == 0) {
arg_nonetwork = 1;
cfg.bridge0.configured = 0;
cfg.bridge1.configured = 0;
cfg.bridge2.configured = 0;
cfg.bridge3.configured = 0;
return 0;
}
if (strncmp(ptr, "protocol ", 9) == 0) {
protocol_store(ptr + 9);
return 0;
}
if (strncmp(ptr, "env ", 4) == 0) {
env_store(ptr + 4);
return 0;
}
// seccomp drop list on top of default list
if (strncmp(ptr, "seccomp ", 8) == 0) {
arg_seccomp = 1;
#ifdef HAVE_SECCOMP
cfg.seccomp_list = strdup(ptr + 8);
if (!cfg.seccomp_list)
errExit("strdup");
#endif
return 0;
}
// seccomp drop list without default list
if (strncmp(ptr, "seccomp.drop ", 13) == 0) {
arg_seccomp = 1;
#ifdef HAVE_SECCOMP
cfg.seccomp_list_drop = strdup(ptr + 13);
if (!cfg.seccomp_list_drop)
errExit("strdup");
#endif
return 0;
}
// seccomp keep list
if (strncmp(ptr, "seccomp.keep ", 13) == 0) {
arg_seccomp = 1;
#ifdef HAVE_SECCOMP
cfg.seccomp_list_keep= strdup(ptr + 13);
if (!cfg.seccomp_list_keep)
errExit("strdup");
#endif
return 0;
}
// caps drop list
if (strncmp(ptr, "caps.drop ", 10) == 0) {
arg_caps_drop = 1;
arg_caps_list = strdup(ptr + 10);
if (!arg_caps_list)
errExit("strdup");
// verify seccomp list and exit if problems
if (caps_check_list(arg_caps_list, NULL))
exit(1);
return 0;
}
// caps keep list
if (strncmp(ptr, "caps.keep ", 10) == 0) {
arg_caps_keep = 1;
arg_caps_list = strdup(ptr + 10);
if (!arg_caps_list)
errExit("strdup");
// verify seccomp list and exit if problems
if (caps_check_list(arg_caps_list, NULL))
exit(1);
return 0;
}
// dns
if (strncmp(ptr, "dns ", 4) == 0) {
uint32_t dns;
if (atoip(ptr + 4, &dns)) {
fprintf(stderr, "Error: invalid DNS server IP address\n");
return 1;
}
if (cfg.dns1 == 0)
cfg.dns1 = dns;
else if (cfg.dns2 == 0)
cfg.dns2 = dns;
else if (cfg.dns3 == 0)
cfg.dns3 = dns;
else {
fprintf(stderr, "Error: up to 3 DNS servers can be specified\n");
return 1;
}
return 0;
}
// cpu affinity
if (strncmp(ptr, "cpu ", 4) == 0) {
read_cpu_list(ptr + 4);
return 0;
}
// cgroup
if (strncmp(ptr, "cgroup ", 7) == 0) {
set_cgroup(ptr + 7);
return 0;
}
// private directory
if (strncmp(ptr, "private ", 8) == 0) {
cfg.home_private = ptr + 8;
fs_check_private_dir();
arg_private = 1;
return 0;
}
// private home list of files and directories
if ((strncmp(ptr, "private.keep ", 13) == 0)
|| (strncmp(ptr, "private-home ", 13) == 0)) {
cfg.home_private_keep = ptr + 13;
fs_check_home_list();
arg_private = 1;
return 0;
}
// private /etc list of files and directories
if (strncmp(ptr, "private-etc ", 12) == 0) {
cfg.etc_private_keep = ptr + 12;
fs_check_etc_list();
arg_private_etc = 1;
return 0;
}
// private /bin list of files
if (strncmp(ptr, "private-bin ", 12) == 0) {
cfg.bin_private_keep = ptr + 12;
fs_check_bin_list();
arg_private_bin = 1;
return 0;
}
// filesystem bind
if (strncmp(ptr, "bind ", 5) == 0) {
if (getuid() != 0) {
fprintf(stderr, "Error: --bind option is available only if running as root\n");
exit(1);
}
// extract two directories
char *dname1 = ptr + 5;
char *dname2 = split_comma(dname1); // this inserts a '0 to separate the two dierctories
if (dname2 == NULL) {
fprintf(stderr, "Error: mising second directory for bind\n");
exit(1);
}
// check directories
invalid_filename(dname1);
invalid_filename(dname2);
if (strstr(dname1, "..") || strstr(dname2, "..")) {
fprintf(stderr, "Error: invalid file name.\n");
exit(1);
}
// insert comma back
*(dname2 - 1) = ',';
return 1;
}
// rlimit
if (strncmp(ptr, "rlimit", 6) == 0) {
if (strncmp(ptr, "rlimit-nofile ", 14) == 0) {
ptr += 14;
if (not_unsigned(ptr)) {
fprintf(stderr, "Invalid rlimit option on line %d\n", lineno);
exit(1);
}
sscanf(ptr, "%u", &cfg.rlimit_nofile);
arg_rlimit_nofile = 1;
}
else if (strncmp(ptr, "rlimit-nproc ", 13) == 0) {
ptr += 13;
if (not_unsigned(ptr)) {
fprintf(stderr, "Invalid rlimit option on line %d\n", lineno);
exit(1);
}
sscanf(ptr, "%u", &cfg.rlimit_nproc);
arg_rlimit_nproc = 1;
}
else if (strncmp(ptr, "rlimit-fsize ", 13) == 0) {
ptr += 13;
if (not_unsigned(ptr)) {
fprintf(stderr, "Invalid rlimit option on line %d\n", lineno);
exit(1);
}
sscanf(ptr, "%u", &cfg.rlimit_fsize);
arg_rlimit_fsize = 1;
}
else if (strncmp(ptr, "rlimit-sigpending ", 18) == 0) {
ptr += 18;
if (not_unsigned(ptr)) {
fprintf(stderr, "Invalid rlimit option on line %d\n", lineno);
exit(1);
}
sscanf(ptr, "%u", &cfg.rlimit_sigpending);
arg_rlimit_sigpending = 1;
}
else {
fprintf(stderr, "Invalid rlimit option on line %d\n", lineno);
exit(1);
}
return 0;
}
// rest of filesystem
if (strncmp(ptr, "blacklist ", 10) == 0)
ptr += 10;
else if (strncmp(ptr, "noblacklist ", 12) == 0)
ptr += 12;
else if (strncmp(ptr, "whitelist ", 10) == 0) {
arg_whitelist = 1;
ptr += 10;
}
else if (strncmp(ptr, "read-only ", 10) == 0)
ptr += 10;
else if (strncmp(ptr, "tmpfs ", 6) == 0)
ptr += 6;
else {
if (lineno == 0)
fprintf(stderr, "Error: \"%s\" as a command line option is invalid\n", ptr);
else
fprintf(stderr, "Error: line %d in the custom profile is invalid\n", lineno);
exit(1);
}
// some characters just don't belong in filenames
invalid_filename(ptr);
if (strstr(ptr, "..")) {
if (lineno == 0)
fprintf(stderr, "Error: \"%s\" is an invalid filename\n", ptr);
else
fprintf(stderr, "Error: line %d in the custom profile is invalid\n", lineno);
exit(1);
}
return 1;
}
static void
cmd_mac (const portCHAR * cmd)
{
portCHAR buf[4], mac_l, mac_h;
unsigned int i;
while (*cmd && *cmd != ' ')
cmd++;
cmd++;
for (i = 0; i < sizeof (buf); i++)
{
if (!*cmd)
{
shell_print ("bogus command.\n");
return;
}
buf[i] = *cmd++;
}
if (hex_to_int (buf + 0) < 0 ||
hex_to_int (buf + 1) < 0 ||
hex_to_int (buf + 2) < 0 || hex_to_int (buf + 3) < 0)
{
shell_print ("invalid mac!\n");
return;
}
mac_h = buf[0] << 4 | buf[1];
mac_l = buf[2] << 4 | buf[3];
/* checksum given? */
if (*cmd++ == ' ')
{
portCHAR crc;
buf[0] = *cmd++;
if (!*cmd)
{
shell_print ("bogus checksum!\n");
return;
}
buf[1] = *cmd++;
hex_to_int (buf + 0);
hex_to_int (buf + 1);
crc = buf[0] << 4 | buf[1];
if (crc != (mac_l ^ mac_h))
{
shell_print ("invalid checksum - command ignored\n");
return;
}
}
shell_print ("setting new MAC.\n");
shell_print ("Please power-cycle the device to make"
" this change take place.\n");
/* set it ... */
env.e.mac = (mac_h << 8) | mac_l;
env_store ();
}
static void
cmd_reset (const portCHAR * cmd)
{
vResetEnv();
env_store();
}
