Agptek Rocker: Restrict root directory to SD only

Actual / of underlying linux OS should not be available to user. I am still not sure if implementation is correct. It doesn't perform any relative path sandboxing for example. Change-Id: Ic577a10f3947f6e950e2c4d03173f9f207395eb7
author: Marcin Bukat <marcin.bukat@gmail.com> 2018-03-02 21:45:52 +0100
committer: Marcin Bukat <marcin.bukat@gmail.com> 2018-06-12 10:31:15 +0200
commit: 0538ba3d59a1a29adcee0b4656b204fda102ad89 (patch)
tree: 50f070b0dc506f160f4007c8e7943072e0ee00e6
parent: 09fde79ec840ef9021ddbc28a58e6b1234d9de8f (diff)
download: rockbox-0538ba3d59a1a29adcee0b4656b204fda102ad89.tar.gz
rockbox-0538ba3d59a1a29adcee0b4656b204fda102ad89.zip
4 files changed, 14 insertions, 4 deletions
diff --git a/firmware/export/rbpaths.h b/firmware/export/rbpaths.h
index 6623461639..165dd37494 100644
--- a/firmware/export/rbpaths.h
+++ b/firmware/export/rbpaths.h
@@ -51,8 +51,6 @@
 #elif defined(DX50) || defined(DX90)
 /* Where to put save files like recordings, playlists, screen dumps ...*/
 #define HOME_DIR "/mnt/sdcard"
-#elif defined(AGPTEK_ROCKER)
-#define HOME_DIR "/mnt/sd_0"
 #else
 #define HOME_DIR "/"
 #endif
diff --git a/firmware/target/hosted/filesystem-app.c b/firmware/target/hosted/filesystem-app.c
index 4f1019c7a1..d9fcd64e2d 100644
--- a/firmware/target/hosted/filesystem-app.c
+++ b/firmware/target/hosted/filesystem-app.c
@@ -37,6 +37,10 @@
 #include "logf.h"
+#if defined(AGPTEK_ROCKER) && !defined(BOOTLOADER)
+#define PIVOT_ROOT "/mnt/sd_0"
+#endif
 #if (CONFIG_PLATFORM & PLATFORM_ANDROID)
 static const char rbhome[] = "/sdcard";
 #elif (CONFIG_PLATFORM & (PLATFORM_SDL|PLATFORM_MAEMO|PLATFORM_PANDORA)) \
@@ -206,6 +210,10 @@ const char * handle_special_dirs(const char *dir, unsigned flags,
 #ifdef HAVE_MULTIDRIVE
    dir = handle_special_links(dir, flags, buf, bufsize);
 #endif
+#ifdef PIVOT_ROOT
+    snprintf(buf, bufsize, "%s/%s", PIVOT_ROOT, dir);
+    dir = buf;
+#endif
    return dir;
 }
diff --git a/firmware/target/hosted/lc-unix.c b/firmware/target/hosted/lc-unix.c
index 810dc9f92c..1061883832 100644
--- a/firmware/target/hosted/lc-unix.c
+++ b/firmware/target/hosted/lc-unix.c
@@ -21,6 +21,7 @@
 #include <string.h> /* size_t */
 #include <dlfcn.h>
+#include "file.h"
 #include "debug.h"
 #include "load_code.h"
@@ -28,7 +29,11 @@ void *lc_open(const char *filename, unsigned char *buf, size_t buf_size)
 {
    (void)buf;
    (void)buf_size;
-    void *handle = dlopen(filename, RTLD_NOW);
+    char path[MAX_PATH];
+    const char *fpath = handle_special_dirs(filename, 0, path, sizeof(path));
+    void *handle = dlopen(fpath, RTLD_NOW);
    if (handle == NULL)
    {
        DEBUGF("failed to load %s\n", filename);
diff --git a/tools/configure b/tools/configure
index 27c1e71f23..963bb62804 100755
--- a/tools/configure
+++ b/tools/configure
@@ -4212,7 +4212,6 @@ fi
    t_cpu="hosted"
    t_manufacturer="agptek"
    t_model="rocker"
-    rbdir='/mnt/sd_0/.rockbox'
    mipsellinuxcc
    ;;
author	Marcin Bukat <marcin.bukat@gmail.com>	2018-03-02 21:45:52 +0100
committer	Marcin Bukat <marcin.bukat@gmail.com>	2018-06-12 10:31:15 +0200
commit	0538ba3d59a1a29adcee0b4656b204fda102ad89 (patch)
tree	50f070b0dc506f160f4007c8e7943072e0ee00e6
parent	09fde79ec840ef9021ddbc28a58e6b1234d9de8f (diff)
download	rockbox-0538ba3d59a1a29adcee0b4656b204fda102ad89.tar.gz rockbox-0538ba3d59a1a29adcee0b4656b204fda102ad89.zip