This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
llvm/tools/llvm-objcopy/
-
tools/
-
llvm-objcopy/
-
llvm-objcopy.h
2
llvm-objcopy.cpp

Differential D98511

[llvm-objcopy][NFC] Move ownership keeping code into restoreStatOnFile()
ClosedPublic

Authored by avl on Mar 12 2021, 7:43 AM.

Download Raw Diff

Details

Reviewers

rupprecht
jhenderson
MaskRay
dblaikie
jcai19
alexander-shaposhnikov

Commits

rG021de7cf8026: [llvm-objcopy][NFC] Move ownership keeping code into restoreStatOnFile().

Summary

The D93881 added functionality which preserve ownership for output file
if llvm-objcopy is called under /root. That code was added into the place
where output file is created. The llvm-objcopy already has a function which
sets/restores rights/permissions for the output file.
That is the restoreStatOnFile() function. This patch moves code
(preserving ownershipping) into the restoreStatOnFile() function.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

avl created this revision.Mar 12 2021, 7:43 AM

Herald added a reviewer: alexander-shaposhnikov. · View Herald TranscriptMar 12 2021, 7:43 AM

Herald added subscribers: abrachet, yaxunl. · View Herald Transcript

avl requested review of this revision.Mar 12 2021, 7:43 AM

Herald added a project: Restricted Project. · View Herald TranscriptMar 12 2021, 7:43 AM

Herald added a subscriber: llvm-commits. · View Herald Transcript

Harbormaster completed remote builds in B93501: Diff 330246.Mar 12 2021, 8:38 AM

I'm not sure if this would be a big issue but restoreStatOnFile also runs on the split dwo file, and will keep its ownership with this change. I don't think GNU assembler does that currently. Also you could delete the code added in https://reviews.llvm.org/D98511 for passing user and group ID since they are no longer needed, assuming the new behavior is what we want.

I'm not sure if this would be a big issue but restoreStatOnFile also runs on the split dwo file, and will keep its ownership with this change. I don't think GNU assembler does that currently.

I though it would be good to keep ownership for all modes. If it is important to not doing it for split dwo file case then I will add corresponding check.

Also you could delete the code added in https://reviews.llvm.org/D98511 for passing user and group ID since they are no longer needed, assuming the new behavior is what we want.

I suppose this code:

explicit FileBuffer(StringRef FileName, bool Keep, unsigned UID, unsigned GID)
     : Buffer(FileName), KeepOwnership(Keep), UserID(UID), GroupID(GID) {}

Ok, will delete it. thanks.

addressed comments(removed ownership keeping code from FileOutputBuffer).

Herald added subscribers: dexonsmith, hiraditya. · View Herald TranscriptMar 12 2021, 1:38 PM

In D98511#2623027, @avl wrote:

I'm not sure if this would be a big issue but restoreStatOnFile also runs on the split dwo file, and will keep its ownership with this change. I don't think GNU assembler does that currently.

I though it would be good to keep ownership for all modes. If it is important to not doing it for split dwo file case then I will add corresponding check.

I'm fine with the new behavior, if I'm understanding correctly and it means that dwo files will be treated more like/the same as how .o files have been treated by both GCC and Clang for some time now. (GCC's behavior is probably an artifact of running llvm-objcopy to make the dwo file)

Harbormaster completed remote builds in B93596: Diff 330361.Mar 12 2021, 3:51 PM

The fchown behavior requires root (CAP_CHOWN) so it is not tested. I have tried several commands and the behavior is kept.

'cp' -f aa.o a.o; chmod 3777 a.o; ls -l a.o; sudo /tmp/RelA/bin/llvm-strip -p a.o; ls -l a.o
'cp' -f aa.o a.o; chmod 3707 a.o; ls -l a.o; sudo /tmp/RelA/bin/llvm-objcopy -p a.o b.o; ls -l b.o
umask 0
'cp' -f aa.o a.o; chmod 3707 a.o; ls -l a.o; sudo /tmp/RelA/bin/llvm-objcopy -p a.o b.o; ls -l b.o

Treating .dwo similar to .o is good.

llvm/tools/llvm-objcopy/llvm-objcopy.cpp
301	`/root` => root.
302	The two conditions can be folded.

This revision is now accepted and ready to land.Mar 16 2021, 12:05 PM

MaskRay retitled this revision from [llvm-objcopy][NFC] Move ownership keeping code into the restoreStatOnFile(). to [llvm-objcopy][NFC] Move ownership keeping code into restoreStatOnFile().Mar 16 2021, 12:05 PM

Thank you for the review.

avl mentioned this in D98582: [llvm-objcopy][NFC] remove split dwo file creation from executeObjcopyOnBinary..Mar 17 2021, 5:51 AM

Closed by commit rG021de7cf8026: [llvm-objcopy][NFC] Move ownership keeping code into restoreStatOnFile(). (authored by avl). · Explain WhyMar 17 2021, 7:29 AM

This revision was automatically updated to reflect the committed changes.

avl added a commit: rG021de7cf8026: [llvm-objcopy][NFC] Move ownership keeping code into restoreStatOnFile()..

@avl Did you test this change? It has broken setuid permission preservation with sudo.

Repro case:

$ chmod +s main main
$ -rwsr-sr-x 1 manojgupta primarygroup 5936 Apr 11 17:46 main
$ sudo bin/llvm-strip main
$ ls -l main
-rwxr-xr-x 1 manojgupta primarygroup 5936 Apr 11 17:46 main

Note that setuid bit was removed.

This is causing breakage in chrome os builds :
https://bugs.chromium.org/p/chromium/issues/detail?id=1197970

Please fix or revert.

yep, will fix or revert.

avl mentioned this in rGee8a5e4bc2c9: Fix chrome os failure after 021de7cf80268091cf13485a538b611b37d0b33e..Apr 12 2021, 5:32 AM

@cjdb please pick the fix once available to chrome os.

@manojgupta @cjdb Sorry for the inconvenience. Please check, whether the problem is really fixed on your side(The commit with the fix is https://reviews.llvm.org/rGee8a5e4bc2c986b8e6c07e81fb58dc1e5a5c2d17)

Thanks for the quick turn around, I can verify that https://reviews.llvm.org/rGee8a5e4bc2c986b8e6c07e81fb58dc1e5a5c2d17 fixes the issue.

@cjdb please cherry pick to chrome os.

avl mentioned this in D88827: [llvm-objcopy][NFC] Move core implementation of llvm-objcopy into separate library..Jan 17 2022, 9:03 AM

Revision Contents

Path

Size

llvm/

tools/

llvm-objcopy/

llvm-objcopy.h

8 lines

llvm-objcopy.cpp

27 lines

Diff 330246

llvm/tools/llvm-objcopy/llvm-objcopy.h

	Show All 25 Lines
	struct CopyConfig;			struct CopyConfig;
	Expected<std::vector<NewArchiveMember>>			Expected<std::vector<NewArchiveMember>>
	createNewArchiveMembers(CopyConfig &Config, const object::Archive &Ar);			createNewArchiveMembers(CopyConfig &Config, const object::Archive &Ar);

	/// A writeToFile helper creates an output stream, based on the specified			/// A writeToFile helper creates an output stream, based on the specified
	/// \p OutputFileName: std::outs for the "-", raw_null_ostream for			/// \p OutputFileName: std::outs for the "-", raw_null_ostream for
	/// the "/dev/null", temporary file in the same directory as the final output			/// the "/dev/null", temporary file in the same directory as the final output
	/// file for other names. The final output file is atomically replaced with			/// file for other names. The final output file is atomically replaced with
	/// the temporary file after \p Write handler is finished. \p KeepOwnership			/// the temporary file after \p Write handler is finished.
	/// used to setting specified \p UserID and \p GroupID for the resulting file
	/// if writeToFile is called under /root.
	Error writeToFile(StringRef OutputFileName,			Error writeToFile(StringRef OutputFileName,
	std::function<Error(raw_ostream &)> Write,			std::function<Error(raw_ostream &)> Write);
	bool KeepOwnership = false, unsigned UserID = 0,
	unsigned GroupID = 0);

	} // end namespace objcopy			} // end namespace objcopy
	} // end namespace llvm			} // end namespace llvm

	#endif // LLVM_TOOLS_OBJCOPY_OBJCOPY_H			#endif // LLVM_TOOLS_OBJCOPY_OBJCOPY_H

llvm/tools/llvm-objcopy/llvm-objcopy.cpp

Show First 20 Lines • Show All 52 Lines • ▼ Show 20 Lines
#include <string>		#include <string>
#include <system_error>		#include <system_error>
#include <utility>		#include <utility>

namespace llvm {		namespace llvm {
namespace objcopy {		namespace objcopy {

Error writeToFile(StringRef OutputFileName,		Error writeToFile(StringRef OutputFileName,
std::function<Error(raw_ostream &)> Write, bool KeepOwnership,		std::function<Error(raw_ostream &)> Write) {
unsigned UserID, unsigned GroupID) {
if (OutputFileName == "-")		if (OutputFileName == "-")
return Write(outs());		return Write(outs());

if (OutputFileName == "/dev/null") {		if (OutputFileName == "/dev/null") {
raw_null_ostream Out;		raw_null_ostream Out;
return Write(Out);		return Write(Out);
}		}

unsigned Mode = sys::fs::all_read \| sys::fs::all_write \| sys::fs::all_exe;		unsigned Mode = sys::fs::all_read \| sys::fs::all_write \| sys::fs::all_exe;
Expected<sys::fs::TempFile> Temp =		Expected<sys::fs::TempFile> Temp =
sys::fs::TempFile::create(OutputFileName + ".temp-objcopy-%%%%%%", Mode);		sys::fs::TempFile::create(OutputFileName + ".temp-objcopy-%%%%%%", Mode);
if (!Temp)		if (!Temp)
return createFileError(OutputFileName, Temp.takeError());		return createFileError(OutputFileName, Temp.takeError());

#ifndef _WIN32
// Try to preserve file ownership if requested.
if (KeepOwnership) {
sys::fs::file_status Stat;
if (!sys::fs::status(Temp->FD, Stat) && Stat.getUser() == 0)
sys::fs::changeFileOwnership(Temp->FD, UserID, GroupID);
}
#endif

raw_fd_ostream Out(Temp->FD, false);		raw_fd_ostream Out(Temp->FD, false);

if (Error E = Write(Out)) {		if (Error E = Write(Out)) {
if (Error DiscardError = Temp->discard())		if (Error DiscardError = Temp->discard())
return joinErrors(std::move(E), std::move(DiscardError));		return joinErrors(std::move(E), std::move(DiscardError));
return E;		return E;
}		}
Out.flush();		Out.flush();
▲ Show 20 Lines • Show All 207 Lines • ▼ Show 20 Lines	if (OStat.type() == sys::fs::file_type::regular_file) {
if (Config.InputFilename != Config.OutputFilename)		if (Config.InputFilename != Config.OutputFilename)
Perm = static_cast<sys::fs::perms>(Perm & ~sys::fs::getUmask() & ~06000);		Perm = static_cast<sys::fs::perms>(Perm & ~sys::fs::getUmask() & ~06000);
#ifdef _WIN32		#ifdef _WIN32
if (auto EC = sys::fs::setPermissions(Filename, Perm))		if (auto EC = sys::fs::setPermissions(Filename, Perm))
#else		#else
if (auto EC = sys::fs::setPermissions(FD, Perm))		if (auto EC = sys::fs::setPermissions(FD, Perm))
#endif		#endif
return createFileError(Filename, EC);		return createFileError(Filename, EC);

		#ifndef _WIN32
		// Keep ownership if llvm-objcopy is called under /root.
		MaskRayUnsubmitted Not Done Reply Inline Actions `/root` => root. MaskRay: `/root` => root.
		if (Config.InputFilename == Config.OutputFilename)
		MaskRayUnsubmitted Not Done Reply Inline Actions The two conditions can be folded. MaskRay: The two conditions can be folded.
		if (OStat.getUser() == 0)
		sys::fs::changeFileOwnership(FD, Stat.getUser(), Stat.getGroup());
		#endif
}		}

if (auto EC = sys::Process::SafelyCloseFileDescriptor(FD))		if (auto EC = sys::Process::SafelyCloseFileDescriptor(FD))
return createFileError(Filename, EC);		return createFileError(Filename, EC);

return Error::success();		return Error::success();
}		}

Show All 38 Lines	if (ProcessRaw) {
if (!BinaryOrErr)		if (!BinaryOrErr)
return createFileError(Config.InputFilename, BinaryOrErr.takeError());		return createFileError(Config.InputFilename, BinaryOrErr.takeError());

if (Archive *Ar = dyn_cast<Archive>(BinaryOrErr.get().getBinary())) {		if (Archive *Ar = dyn_cast<Archive>(BinaryOrErr.get().getBinary())) {
if (Error E = executeObjcopyOnArchive(Config, *Ar))		if (Error E = executeObjcopyOnArchive(Config, *Ar))
return E;		return E;
} else {		} else {
if (Error E = writeToFile(		if (Error E = writeToFile(
Config.OutputFilename,		Config.OutputFilename, [&](raw_ostream &OutFile) -> Error {
[&](raw_ostream &OutFile) -> Error {
return executeObjcopyOnBinary(		return executeObjcopyOnBinary(
Config, *BinaryOrErr.get().getBinary(), OutFile);		Config, *BinaryOrErr.get().getBinary(), OutFile);
},		}))
Config.InputFilename != "-" &&
Config.InputFilename == Config.OutputFilename,
Stat.getUser(), Stat.getGroup()))
return E;		return E;
}		}
}		}

if (Error E = restoreStatOnFile(Config.OutputFilename, Stat, Config))		if (Error E = restoreStatOnFile(Config.OutputFilename, Stat, Config))
return E;		return E;

if (!Config.SplitDWO.empty()) {		if (!Config.SplitDWO.empty()) {
▲ Show 20 Lines • Show All 46 Lines • Show Last 20 Lines