vasilito/RedBear-OS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add relibc exec-root-bypass and tcp-nodelay patches

Browse Source 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-openagent)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
This commit is contained in:
Vasilito
2026-04-25 14:49:15 +01:00
parent 58edf0df0b
commit 3db1953731
3 changed files with 75 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
local/patches/relibc/P3-exec-root-bypass.patch
+33
View File
@@ -0,0 +1,33 @@
diff --git a/src/platform/redox/exec.rs b/src/platform/redox/exec.rs
index 3590413c..1dc131dd 100644
--- a/src/platform/redox/exec.rs
+++ b/src/platform/redox/exec.rs
@@ -129,16 +129,19 @@ pub fn execve(
let Resugid { ruid, rgid, .. } = redox_rt::sys::posix_getresugid();
- let mode = if ruid == stat.st_uid {
- (stat.st_mode >> 3 * 2) & 0o7
- } else if rgid == stat.st_gid {
- (stat.st_mode >> 3 * 1) & 0o7
- } else {
- stat.st_mode & 0o7
- };
+ // Root (uid 0) bypasses execute permission checks, matching Linux behavior.
+ if ruid != 0 {
+ let mode = if ruid == stat.st_uid {
+ (stat.st_mode >> 3 * 2) & 0o7
+ } else if rgid == stat.st_gid {
+ (stat.st_mode >> 3 * 1) & 0o7
+ } else {
+ stat.st_mode & 0o7
+ };
- if mode & 0o1 == 0o0 {
- return Err(Error::new(EPERM));
+ if mode & 0o1 == 0o0 {
+ return Err(Error::new(EACCES));
+ }
}
let cwd: Box<[u8]> = super::path::clone_cwd().unwrap_or_default().into();
local/patches/relibc/P3-tcp-nodelay.patch
+40
View File
@@ -0,0 +1,40 @@
diff --git a/src/header/sys_socket/constants.rs b/src/header/sys_socket/constants.rs
index ec42889b..c91ffb1a 100644
--- a/src/header/sys_socket/constants.rs
+++ b/src/header/sys_socket/constants.rs
@@ -75,3 +75,6 @@ pub const SHUT_WR: c_int = 1;
pub const SCM_RIGHTS: c_int = 1;
pub const SCM_CREDENTIALS: c_int = 2;
+
+pub const IPPROTO_TCP: c_int = 6;
+pub const TCP_NODELAY: c_int = 1;
diff --git a/src/platform/redox/socket.rs b/src/platform/redox/socket.rs
index d223c36f..5e17a2e5 100644
--- a/src/platform/redox/socket.rs
+++ b/src/platform/redox/socket.rs
@@ -1063,6 +1063,24 @@ impl PalSocket for Sys {
return Ok(());
}
},
+ crate::header::sys_socket::constants::IPPROTO_TCP => {
+ match option_name {
+ crate::header::sys_socket::constants::TCP_NODELAY => {
+ let metadata = [SocketCall::SetSockOpt as u64, option_name as u64];
+ let payload = unsafe {
+ slice::from_raw_parts_mut(option_value as *mut u8, option_len as usize)
+ };
+ redox_rt::sys::sys_call_rw(
+ socket as usize,
+ payload,
+ CallFlags::empty(),
+ &metadata,
+ )?;
+ return Ok(());
+ }
+ _ => (),
+ }
+ }
_ => (),
}
recipes/core/relibc/recipe.toml
+2
View File
@@ -15,6 +15,8 @@ patches = [
"../../../local/patches/relibc/P3-fd-event-tests.patch", "../../../local/patches/relibc/P3-fd-event-tests.patch",
"../../../local/patches/relibc/P3-eventfd-mod.patch", "../../../local/patches/relibc/P3-eventfd-mod.patch",
"../../../local/patches/relibc/P3-netdb-lookup-retry-fix.patch", "../../../local/patches/relibc/P3-netdb-lookup-retry-fix.patch",
"../../../local/patches/relibc/P3-exec-root-bypass.patch",
"../../../local/patches/relibc/P3-tcp-nodelay.patch",
] ]
[build] [build]