cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

kernel_include.py (8669B)

      1#!/usr/bin/env python3
      2# -*- coding: utf-8; mode: python -*-
      3# pylint: disable=R0903, C0330, R0914, R0912, E0401
      4
      5u"""
      6    kernel-include
      7    ~~~~~~~~~~~~~~
      8
      9    Implementation of the ``kernel-include`` reST-directive.
     10
     11    :copyright:  Copyright (C) 2016  Markus Heiser
     12    :license:    GPL Version 2, June 1991 see linux/COPYING for details.
     13
     14    The ``kernel-include`` reST-directive is a replacement for the ``include``
     15    directive. The ``kernel-include`` directive expand environment variables in
     16    the path name and allows to include files from arbitrary locations.
     17
     18    .. hint::
     19
     20      Including files from arbitrary locations (e.g. from ``/etc``) is a
     21      security risk for builders. This is why the ``include`` directive from
     22      docutils *prohibit* pathnames pointing to locations *above* the filesystem
     23      tree where the reST document with the include directive is placed.
     24
     25    Substrings of the form $name or ${name} are replaced by the value of
     26    environment variable name. Malformed variable names and references to
     27    non-existing variables are left unchanged.
     28"""
     29
     30# ==============================================================================
     31# imports
     32# ==============================================================================
     33
     34import os.path
     35
     36from docutils import io, nodes, statemachine
     37from docutils.utils.error_reporting import SafeString, ErrorString
     38from docutils.parsers.rst import directives
     39from docutils.parsers.rst.directives.body import CodeBlock, NumberLines
     40from docutils.parsers.rst.directives.misc import Include
     41
     42__version__  = '1.0'
     43
     44# ==============================================================================
     45def setup(app):
     46# ==============================================================================
     47
     48    app.add_directive("kernel-include", KernelInclude)
     49    return dict(
     50        version = __version__,
     51        parallel_read_safe = True,
     52        parallel_write_safe = True
     53    )
     54
     55# ==============================================================================
     56class KernelInclude(Include):
     57# ==============================================================================
     58
     59    u"""KernelInclude (``kernel-include``) directive"""
     60
     61    def run(self):
     62        env = self.state.document.settings.env
     63        path = os.path.realpath(
     64            os.path.expandvars(self.arguments[0]))
     65
     66        # to get a bit security back, prohibit /etc:
     67        if path.startswith(os.sep + "etc"):
     68            raise self.severe(
     69                'Problems with "%s" directive, prohibited path: %s'
     70                % (self.name, path))
     71
     72        self.arguments[0] = path
     73
     74        env.note_dependency(os.path.abspath(path))
     75
     76        #return super(KernelInclude, self).run() # won't work, see HINTs in _run()
     77        return self._run()
     78
     79    def _run(self):
     80        """Include a file as part of the content of this reST file."""
     81
     82        # HINT: I had to copy&paste the whole Include.run method. I'am not happy
     83        # with this, but due to security reasons, the Include.run method does
     84        # not allow absolute or relative pathnames pointing to locations *above*
     85        # the filesystem tree where the reST document is placed.
     86
     87        if not self.state.document.settings.file_insertion_enabled:
     88            raise self.warning('"%s" directive disabled.' % self.name)
     89        source = self.state_machine.input_lines.source(
     90            self.lineno - self.state_machine.input_offset - 1)
     91        source_dir = os.path.dirname(os.path.abspath(source))
     92        path = directives.path(self.arguments[0])
     93        if path.startswith('<') and path.endswith('>'):
     94            path = os.path.join(self.standard_include_path, path[1:-1])
     95        path = os.path.normpath(os.path.join(source_dir, path))
     96
     97        # HINT: this is the only line I had to change / commented out:
     98        #path = utils.relative_path(None, path)
     99
    100        path = nodes.reprunicode(path)
    101        encoding = self.options.get(
    102            'encoding', self.state.document.settings.input_encoding)
    103        e_handler=self.state.document.settings.input_encoding_error_handler
    104        tab_width = self.options.get(
    105            'tab-width', self.state.document.settings.tab_width)
    106        try:
    107            self.state.document.settings.record_dependencies.add(path)
    108            include_file = io.FileInput(source_path=path,
    109                                        encoding=encoding,
    110                                        error_handler=e_handler)
    111        except UnicodeEncodeError as error:
    112            raise self.severe('Problems with "%s" directive path:\n'
    113                              'Cannot encode input file path "%s" '
    114                              '(wrong locale?).' %
    115                              (self.name, SafeString(path)))
    116        except IOError as error:
    117            raise self.severe('Problems with "%s" directive path:\n%s.' %
    118                      (self.name, ErrorString(error)))
    119        startline = self.options.get('start-line', None)
    120        endline = self.options.get('end-line', None)
    121        try:
    122            if startline or (endline is not None):
    123                lines = include_file.readlines()
    124                rawtext = ''.join(lines[startline:endline])
    125            else:
    126                rawtext = include_file.read()
    127        except UnicodeError as error:
    128            raise self.severe('Problem with "%s" directive:\n%s' %
    129                              (self.name, ErrorString(error)))
    130        # start-after/end-before: no restrictions on newlines in match-text,
    131        # and no restrictions on matching inside lines vs. line boundaries
    132        after_text = self.options.get('start-after', None)
    133        if after_text:
    134            # skip content in rawtext before *and incl.* a matching text
    135            after_index = rawtext.find(after_text)
    136            if after_index < 0:
    137                raise self.severe('Problem with "start-after" option of "%s" '
    138                                  'directive:\nText not found.' % self.name)
    139            rawtext = rawtext[after_index + len(after_text):]
    140        before_text = self.options.get('end-before', None)
    141        if before_text:
    142            # skip content in rawtext after *and incl.* a matching text
    143            before_index = rawtext.find(before_text)
    144            if before_index < 0:
    145                raise self.severe('Problem with "end-before" option of "%s" '
    146                                  'directive:\nText not found.' % self.name)
    147            rawtext = rawtext[:before_index]
    148
    149        include_lines = statemachine.string2lines(rawtext, tab_width,
    150                                                  convert_whitespace=True)
    151        if 'literal' in self.options:
    152            # Convert tabs to spaces, if `tab_width` is positive.
    153            if tab_width >= 0:
    154                text = rawtext.expandtabs(tab_width)
    155            else:
    156                text = rawtext
    157            literal_block = nodes.literal_block(rawtext, source=path,
    158                                    classes=self.options.get('class', []))
    159            literal_block.line = 1
    160            self.add_name(literal_block)
    161            if 'number-lines' in self.options:
    162                try:
    163                    startline = int(self.options['number-lines'] or 1)
    164                except ValueError:
    165                    raise self.error(':number-lines: with non-integer '
    166                                     'start value')
    167                endline = startline + len(include_lines)
    168                if text.endswith('\n'):
    169                    text = text[:-1]
    170                tokens = NumberLines([([], text)], startline, endline)
    171                for classes, value in tokens:
    172                    if classes:
    173                        literal_block += nodes.inline(value, value,
    174                                                      classes=classes)
    175                    else:
    176                        literal_block += nodes.Text(value, value)
    177            else:
    178                literal_block += nodes.Text(text, text)
    179            return [literal_block]
    180        if 'code' in self.options:
    181            self.options['source'] = path
    182            codeblock = CodeBlock(self.name,
    183                                  [self.options.pop('code')], # arguments
    184                                  self.options,
    185                                  include_lines, # content
    186                                  self.lineno,
    187                                  self.content_offset,
    188                                  self.block_text,
    189                                  self.state,
    190                                  self.state_machine)
    191            return codeblock.run()
    192        self.state_machine.insert_input(include_lines, path)
    193        return []