From 54b80263a2363436c7d5cd3f173f6750ad8a3b03 Mon Sep 17 00:00:00 2001
From: Jonas 'Sortie' Termansen <sortie@maxsi.org>
Date: Wed, 1 Apr 2015 00:23:28 +0200
Subject: [PATCH] Add -d option to chroot(1).

---
 utils/chroot.cpp | 129 ++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 106 insertions(+), 23 deletions(-)

diff --git a/utils/chroot.cpp b/utils/chroot.cpp
index 5438cf72..9218cb88 100644
--- a/utils/chroot.cpp
+++ b/utils/chroot.cpp
@@ -1,6 +1,6 @@
 /*******************************************************************************
 
-    Copyright(C) Jonas 'Sortie' Termansen 2013.
+    Copyright(C) Jonas 'Sortie' Termansen 2013, 2015.
 
     This program is free software: you can redistribute it and/or modify it
     under the terms of the GNU General Public License as published by the Free
@@ -20,34 +20,39 @@
 
 *******************************************************************************/
 
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+
 #include <errno.h>
 #include <error.h>
+#include <fcntl.h>
+#include <fsmarshall.h>
+#include <signal.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 
-#if !defined(VERSIONSTR)
-#define VERSIONSTR "unknown version"
-#endif
-
-void CompactArguments(int* argc, char*** argv)
+static void compact_arguments(int* argc, char*** argv)
 {
 	for ( int i = 0; i < *argc; i++ )
-	while ( i < *argc && !(*argv)[i] )
 	{
-		for ( int n = i; n < *argc; n++ )
-			(*argv)[n] = (*argv)[n+1];
-		(*argc)--;
+		while ( i < *argc && !(*argv)[i] )
+		{
+			for ( int n = i; n < *argc; n++ )
+				(*argv)[n] = (*argv)[n+1];
+			(*argc)--;
+		}
 	}
 }
 
-void Help(FILE* fp, const char* argv0)
+static void help(FILE* fp, const char* argv0)
 {
 	fprintf(fp, "Usage: %s [OPTION]... ROOT [CMD] [ARGUMENT...]\n", argv0);
 }
 
-void Version(FILE* fp, const char* argv0)
+static void version(FILE* fp, const char* argv0)
 {
 	fprintf(fp, "%s (Sortix) %s\n", argv0, VERSIONSTR);
 	fprintf(fp, "License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.\n");
@@ -55,14 +60,28 @@ void Version(FILE* fp, const char* argv0)
 	fprintf(fp, "There is NO WARRANTY, to the extent permitted by law.\n");
 }
 
+static char* mount_point_dev;
+
+static void unmount_handler(int signum)
+{
+	(void) signum;
+	if ( mount_point_dev )
+	{
+		unmount(mount_point_dev, 0);
+		mount_point_dev = NULL;
+	}
+	raise(signum);
+}
+
 int main(int argc, char* argv[])
 {
+	bool devices = false;
 	const char* argv0 = argv[0];
 	for ( int i = 1; i < argc; i++ )
 	{
 		const char* arg = argv[i];
-		if ( arg[0] != '-' )
-			continue;
+		if ( arg[0] != '-' || !arg[1] )
+			break; // Intentionally not continue.
 		argv[i] = NULL;
 		if ( !strcmp(arg, "--") )
 			break;
@@ -70,31 +89,94 @@ int main(int argc, char* argv[])
 		{
 			while ( char c = *++arg ) switch ( c )
 			{
+			case 'd': devices = true; break;
 			default:
 				fprintf(stderr, "%s: unknown option -- '%c'\n", argv0, c);
-				Help(stderr, argv0);
+				help(stderr, argv0);
 				exit(1);
 			}
 		}
-		else if ( !strcmp(arg, "--help") ) { Help(stdout, argv0); exit(0); }
-		else if ( !strcmp(arg, "--version") ) { Version(stdout, argv0); exit(0); }
+		else if ( !strcmp(arg, "--help") )
+			help(stdout, argv0), exit(0);
+		else if ( !strcmp(arg, "--version") )
+			version(stdout, argv0), exit(0);
 		else
 		{
 			fprintf(stderr, "%s: unknown option: %s\n", argv0, arg);
-			Help(stderr, argv0);
+			help(stderr, argv0);
 			exit(1);
 		}
 	}
 
-	CompactArguments(&argc, &argv);
+	compact_arguments(&argc, &argv);
 
 	if ( argc < 2 )
+		error(1, 0, "missing operand, expected new root directory");
+
+	if ( devices )
 	{
-		error(0, 0, "missing operand, expected new root directory");
-		Help(stdout, argv0);
-		exit(0);
+		if ( asprintf(&mount_point_dev, "%s/dev", argv[1]) < 0 )
+			error(1, errno, "asprintf: `%s/dev'", argv[1]);
+
+		// Create a device directory in the root filesystem.
+		mkdir(mount_point_dev, 0755);
+
+		struct sigaction sa;
+		memset(&sa, 0, sizeof(sa));
+		sa.sa_handler = unmount_handler;
+		sa.sa_flags = SA_RESETHAND;
+		sigaction(SIGHUP, &sa, NULL);
+		sigaction(SIGINT, &sa, NULL);
+		sigaction(SIGQUIT, &sa, NULL);
+
+		// Mount the current device directory inside the new root filesystem.
+		int old_dev_fd = open("/dev", O_DIRECTORY | O_RDONLY);
+		int new_dev_fd = open(mount_point_dev, O_DIRECTORY | O_RDONLY);
+		fsm_fsbind(old_dev_fd, new_dev_fd, 0);
+		close(new_dev_fd);
+		close(old_dev_fd);
+
+		sigset_t oldset, sigs;
+		sigemptyset(&sigs);
+		sigaddset(&sigs, SIGHUP);
+		sigaddset(&sigs, SIGINT);
+		sigaddset(&sigs, SIGQUIT);
+		sigprocmask(SIG_BLOCK, &sigs, &oldset);
+		pid_t child_pid = fork();
+		if ( child_pid < 0 )
+		{
+			int errnum = errno;
+			unmount(mount_point_dev, 0);
+			mount_point_dev = NULL;
+			sigprocmask(SIG_SETMASK, &oldset, NULL);
+			error(1, errnum, "fork");
+		}
+		if ( child_pid != 0 )
+		{
+			sigprocmask(SIG_SETMASK, &oldset, NULL);
+			int code;
+			waitpid(child_pid, &code, 0);
+			sigprocmask(SIG_BLOCK, &sigs, &oldset);
+			unmount(mount_point_dev, 0);
+			sigprocmask(SIG_SETMASK, &oldset, NULL);
+			mount_point_dev = NULL;
+			if ( WIFEXITED(code) )
+				return WEXITSTATUS(code);
+			raise(WTERMSIG(code));
+			return 128 + WTERMSIG(code);
+		}
+		signal(SIGHUP, SIG_DFL);
+		signal(SIGINT, SIG_DFL);
+		signal(SIGQUIT, SIG_DFL);
+		sigprocmask(SIG_SETMASK, &oldset, NULL);
 	}
 
+	pid_t child_pid = 0;
+	if ( devices )
+		child_pid = fork();
+	if ( child_pid < 0 )
+		error(1, errno, "fork");
+
 	if ( chroot(argv[1]) != 0 )
 		error(1, errno, "`%s'", argv[1]);
 
@@ -106,5 +188,6 @@ int main(int argc, char* argv[])
 	char** exec_argv = 3 <= argc ? argv + 2 : default_argv;
 	execvp(exec_argv[0], exec_argv);
 
-	error(127, errno, "`%s'", exec_argv[0]);
+	error(0, errno, "`%s'", exec_argv[0]);
+	_exit(127);
 }