chroot jail loader for linux/amd64

loader.asm

[BITS 64]
[ORG 0x100000]

ElfHeader:
	db 0x7F, "ELF"			; e_ident / EI_MAG*
	db 2				; e_ident / EI_CLASS
	db 1				; e_ident / EI_DATA
	db 1				; e_ident / EI_VERSION
	db 3				; e_ident / EI_OSABI
	db 0				; e_ident / EI_ABIVERSION
	db 0, 0, 0, 0, 0, 0, 0		; e_ident / EI_PAD
	dw 2				; e_type (2=ET_EXEC 3=ET_DYN)
	dw 0x3E				; e_machine
	dd 1				; e_version
	dq Entry			; e_entry
	dq ProgHeader - $$		; e_phoff
	dq 0				; e_shoff
	dd 0				; e_flags
	dw ElfHeaderSize		; e_ehsize
	dw ProgHeaderSize		; e_phentsize
	dw 1				; e_phnum
	dw 0				; e_shentsize
	dw 0				; e_shnum
	dw 0				; e_shstrndx
ElfHeaderSize	equ $ - ElfHeader
	
ProgHeader:
	dd 1				; p_type
	dd 5				; p_flags
	dq 0				; p_offset
	dq $$				; p_vaddr
	dq $$				; p_paddr
	dq FileSize			; p_filesz
	dq FileSize			; p_memsz
	dq 0x1000			; p_align
ProgHeaderSize	equ $ - ProgHeader

ALIGN 4

UserID		equ 1000
GroupID		equ 1000
GroupList:	dd 1000, 29
GroupCount	equ ($ - GroupList) / 4

SYS_WRITE	equ 1
SYS_EXECVE	equ 59
SYS_EXIT	equ 60
SYS_CHDIR	equ 80
SYS_SETGROUPS	equ 116
SYS_SETRESUID	equ 117
SYS_SETRESGID	equ 119
SYS_CHROOT	equ 161

%define StringDataValue ""
%macro ASSERT 2
	%strlen %%offset StringDataValue
	%strcat StringDataValue StringDataValue, %2
	%strlen %%length %2

	%1 %%success
	push %%length
	push %%offset
	jmp rbp
	%%success:
%endmacro

ALIGN 16

Entry:	mov ebp, AssertFailed

; Check number of arguments.
	pop rcx
	cmp rcx, 2
	jle Usage
	
; envp = &argv[argc+1]
; chdir(argv[1])
	push SYS_CHDIR
	pop rax
	pop rdi
	lea rbx, [rsp + rcx * 8]
	pop rdi
	syscall
	test eax, eax
	ASSERT jz, "chdir"

; chroot(argv[1])
	mov al, SYS_CHROOT
	syscall
	test eax, eax
	ASSERT jz, "chroot"

; setgroups(GroupCount, GroupList)
	mov al, SYS_SETGROUPS
	mov edi, GroupCount
	mov esi, GroupList
	syscall
	test eax, eax
	ASSERT jz, "setgroups"

; setresgid(GroupID, GroupID, GroupID)
	mov al, SYS_SETRESGID
	mov edx, GroupID
	mov esi, edx
	mov edi, edx
	syscall
	test eax, eax
	ASSERT jz, "setresgid"

; setresuid(UserID, UserID, UserID)
	mov al, SYS_SETRESUID
	mov edx, UserID
	mov esi, edx
	mov edi, edx
	syscall
	test eax, eax
	ASSERT jz, "setresuid"

; execve(argv[2], &argv[2], envp)
	mov al, SYS_EXECVE
	mov rdx, rbx
	mov rsi, rsp
	pop rdi
	syscall
	test eax, eax
	ASSERT jz, "execve"

	xor edi, edi
Exit:	push SYS_EXIT
	pop rax
	syscall
	jmp Exit

AssertFailed:
	push 1
	pop rax
	mov edi, eax
	mov esi, AssertPrefixStr
	push AssertPrefixLen
	pop rdx
	syscall

	pop rsi
	add esi, ebp
	add esi, StringData - AssertFailed
	mov eax, edi
	pop rdx
	syscall

	mov eax, edi
	mov esi, AssertSuffixStr
	push AssertSuffixLen
	pop rdx
	syscall
	jmp Exit

Usage:
	push 1
	pop rax
	mov edi, eax
	mov esi, UsageStr
	push UsageLen
	pop rdx
	syscall
	jmp Exit

StringData: db StringDataValue
UsageStr: db "usage: /sbin/loader <root> <program> [arguments...]", 10
UsageLen equ ($ - UsageStr)
AssertPrefixStr: db "/sbin/loader: "
AssertPrefixLen equ ($ - AssertPrefixStr)
AssertSuffixStr: db " failed.", 10
AssertSuffixLen equ ($ - AssertSuffixStr)

FileSize	equ $ - $$