src/paxctl-ng.c: if open(O_RDWR) fails, PT_PAX is readonly

author: Anthony G. Basile <blueness@gentoo.org> 2011-11-03 07:13:44 -0400
committer: Anthony G. Basile <blueness@gentoo.org> 2011-11-03 07:13:44 -0400
commit: 4c796b141f0c1f246371d54a3de83931b603f82b (patch)
tree: aaa81c8799ab09012c77b14e7a6c7c06f0196752
parent: TODO: updated (diff)
download: elfix-4c796b141f0c1f246371d54a3de83931b603f82b.tar.gz
elfix-4c796b141f0c1f246371d54a3de83931b603f82b.tar.bz2
elfix-4c796b141f0c1f246371d54a3de83931b603f82b.zip
3 files changed, 26 insertions, 15 deletions
diff --git a/ChangeLog b/ChangeLog
index c352f82..e30cb77 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+
+	* paxctl-ng: if a file fails to open O_RDWR then
+	don't do PT_PAX markings but continue with XT_PAX
+
 2011-10-23
 
 	* add XT_PAX read/write in paxct-ng.c and paxmodule.c
diff --git a/TODO b/TODO
index 065b0f3..537326a 100644
--- a/TODO
+++ b/TODO
@@ -1,5 +1,3 @@
 2011-11-02  Anthony G. Basile <blueness@gentoo.org>
 
 	* paxctl-ng: add file globbing
-	* paxctl-ng: if a file fails to open O_RDWR then
-	don't do PT_PAX markings but continue with XT_PAX
diff --git a/src/paxctl-ng.c b/src/paxctl-ng.c
index 2b0946a..d3ddb2f 100644
--- a/src/paxctl-ng.c
+++ b/src/paxctl-ng.c
@@ -451,15 +451,18 @@ set_xt_flags(int fd, uint16_t xt_flags)
 
 
 void
-set_flags(int fd, uint16_t *pax_flags)
+set_flags(int fd, uint16_t *pax_flags, int rdwr_pt_pax)
 {
 	uint16_t flags;
 
-	flags = get_pt_flags(fd);
-	if( flags == UINT16_MAX )
-		flags = PF_NOEMUTRAMP | PF_NORANDEXEC;
-	flags = update_flags( flags, *pax_flags);
-	set_pt_flags(fd, flags);
+	if(rdwr_pt_pax)
+	{
+		flags = get_pt_flags(fd);
+		if( flags == UINT16_MAX )
+			flags = PF_NOEMUTRAMP | PF_NORANDEXEC;
+		flags = update_flags( flags, *pax_flags);
+		set_pt_flags(fd, flags);
+	}
 
 	flags = get_xt_flags(fd);
 	if( flags == UINT16_MAX )
@@ -470,7 +473,7 @@ set_flags(int fd, uint16_t *pax_flags)
 
 
 void
-create_xt_flag(fd, cp_flags)
+create_xt_flags(fd, cp_flags)
 {
 	uint16_t xt_flags;
 
@@ -485,7 +488,7 @@ create_xt_flag(fd, cp_flags)
 
 
 void
-copy_xt_flag(fd, cp_flags)
+copy_xt_flags(fd, cp_flags)
 {
 	uint16_t flags;
 	if(cp_flags == 3)
@@ -508,20 +511,26 @@ main( int argc, char *argv[])
 	int fd;
 	uint16_t flags;
 	int view_flags, cp_flags;
+	int rdwr_pt_pax = 1;
 
 	f_name = parse_cmd_args(argc, argv, &flags, &view_flags, &cp_flags);
 
 	if((fd = open(f_name, O_RDWR)) < 0)
-		error(EXIT_FAILURE, 0, "open() fail.");
+	{
+		rdwr_pt_pax = 0;
+		printf("open(O_RDWR) failed: cannot change PT_PAX flags\n");
+		if((fd = open(f_name, O_RDONLY)) < 0)
+			error(EXIT_FAILURE, 0, "open() failed");
+	}
 
 	if(cp_flags == 1 || cp_flags == 2)
-		create_xt_flag(fd, cp_flags);
+		create_xt_flags(fd, cp_flags);
 
-	if(cp_flags == 3 || cp_flags == 4)
-		copy_xt_flag(fd, cp_flags);
+	if(cp_flags == 3 || (cp_flags == 4 && rdwr_pt_pax))
+		copy_xt_flags(fd, cp_flags);
 
 	if(flags != 1)
-		set_flags(fd, &flags);
+		set_flags(fd, &flags, rdwr_pt_pax);
 
 	if(view_flags == 1)
 		print_flags(fd);
author	Anthony G. Basile <blueness@gentoo.org>	2011-11-03 07:13:44 -0400
committer	Anthony G. Basile <blueness@gentoo.org>	2011-11-03 07:13:44 -0400
commit	4c796b141f0c1f246371d54a3de83931b603f82b (patch)
tree	aaa81c8799ab09012c77b14e7a6c7c06f0196752
parent	TODO: updated (diff)
download	elfix-4c796b141f0c1f246371d54a3de83931b603f82b.tar.gz elfix-4c796b141f0c1f246371d54a3de83931b603f82b.tar.bz2 elfix-4c796b141f0c1f246371d54a3de83931b603f82b.zip