Skip to content

Instantly share code, notes, and snippets.

@zhuyifei1999

zhuyifei1999/rootfs.c

Last active May 1, 2021 14:13
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save zhuyifei1999/664f6d873d8ebeeb8116557c4bc21455 to your computer and use it in GitHub Desktop.
Save zhuyifei1999/664f6d873d8ebeeb8116557c4bc21455 to your computer and use it in GitHub Desktop.
Download ZIP
Want to explore what's in your rootfs?
Raw
rootfs.c
#define _GNU_SOURCE
#include <errno.h>
#include <fcntl.h>
#include <sched.h>
#include <stdio.h>
#include <sys/mount.h>
#include <sys/stat.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>
static char *default_args[] = {"/bin/busybox", "ash", NULL};
int main(int argc, char **argv, char **envp)
{
int mntns, exefd;
char **args;
if (argc < 2) {
args = default_args;
} else {
args = argv + 1;
}
exefd = open(args[0], O_PATH);
if (exefd == -1) {
perror(args[0]);
goto out;
}
if (unshare(CLONE_NEWNS) == -1) {
perror("unshare(CLONE_NEWNS)");
goto out;
}
if (mount("none", "/", NULL, MS_REC | MS_PRIVATE, NULL) == -1) {
perror("mount(MS_REC | MS_PRIVATE)");
goto out;
}
mntns = open("/proc/self/ns/mnt", O_RDONLY);
if (mntns == -1) {
perror("/proc/self/ns/mnt");
goto out;
}
if (umount2("/", MNT_DETACH)) {
perror("umount2(MNT_DETACH)");
goto out;
}
if (setns(mntns, CLONE_NEWNS)) {
perror("setns(CLONE_NEWNS)");
goto out;
}
if (access("/proc", F_OK) == -1) {
fprintf(stderr, "/proc does not exist, creating it\n");
if (mkdir("/proc", 0755) == -1 && errno != EEXIST) {
perror("mkdir(/proc)");
goto out;
}
}
if (mount("proc", "/proc", "proc", MS_NODEV | MS_NOEXEC | MS_NOSUID, NULL) == -1) {
perror("mount(/proc)");
goto out;
}
syscall(SYS_execveat, exefd, "", args, envp, AT_EMPTY_PATH);
perror(args[0]);
out:
return 1;
}
Raw
rootfsmount.c
#define _GNU_SOURCE
#include <errno.h>
#include <fcntl.h>
#include <sched.h>
#include <stdio.h>
#include <sys/mount.h>
#include <sys/stat.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <linux/mount.h>
int main(int argc, char **argv, char **envp)
{
int oldmntns, tmpmntns, targetfd, rootfs;
char *path;
if (argc != 2) {
fprintf(stderr, "Usage: %s [path]\n", argv[0]);
exit(1);
} else {
path = argv[1];
}
targetfd = open(path, O_PATH);
if (targetfd == -1) {
perror(path);
goto out;
}
oldmntns = open("/proc/self/ns/mnt", O_RDONLY);
if (oldmntns == -1) {
perror("/proc/self/ns/mnt");
goto out;
}
if (unshare(CLONE_NEWNS) == -1) {
perror("unshare(CLONE_NEWNS)");
goto out;
}
tmpmntns = open("/proc/self/ns/mnt", O_RDONLY);
if (tmpmntns == -1) {
perror("/proc/self/ns/mnt");
goto out;
}
if (mount("none", "/", NULL, MS_REC | MS_PRIVATE, NULL) == -1) {
perror("mount(MS_REC | MS_PRIVATE)");
goto out;
}
if (umount2("/", MNT_DETACH)) {
perror("umount2(MNT_DETACH)");
goto out;
}
if (setns(tmpmntns, CLONE_NEWNS)) {
perror("setns(tmpmntns, CLONE_NEWNS)");
goto out;
}
rootfs = syscall(SYS_open_tree, AT_FDCWD, "/",
OPEN_TREE_CLONE | AT_RECURSIVE);
if (rootfs == -1) {
perror("open_tree");
goto out;
}
if (setns(oldmntns, CLONE_NEWNS)) {
perror("setns(oldmntns, CLONE_NEWNS)");
goto out;
}
if (syscall(SYS_move_mount, rootfs, "", targetfd, "",
MOVE_MOUNT_F_EMPTY_PATH | MOVE_MOUNT_T_EMPTY_PATH) == -1) {
perror("move_mount");
goto out;
}
return 0;
out:
return 1;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment