setcap vs. LD_PRELOAD
在Linux中,一个进程拉起另一个进程的流程大致如下:
PHN2ZyBpZD0iZHQ4bnhmMW9lbTQiIHdpZHRoPSIxMDAlIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHN0eWxlPSJtYXgtd2lkdGg6IDYxMC43OTY4NzVweDsiIHZpZXdCb3g9IjAgMCA2MTAuNzk2ODc1IDEzOC41NjI1Ij48c3R5bGU+CgoKI2R0OG54ZjFvZW00IC5sYWJlbCB7CiAgZm9udC1mYW1pbHk6ICd0cmVidWNoZXQgbXMnLCB2ZXJkYW5hLCBhcmlhbDsKICBjb2xvcjogIzMzMzsgfQoKI2R0OG54ZjFvZW00IC5ub2RlIHJlY3QsCiNkdDhueGYxb2VtNCAubm9kZSBjaXJjbGUsCiNkdDhueGYxb2VtNCAubm9kZSBlbGxpcHNlLAojZHQ4bnhmMW9lbTQgLm5vZGUgcG9seWdvbiB7CiAgZmlsbDogI0VDRUNGRjsKICBzdHJva2U6ICM5MzcwREI7CiAgc3Ryb2tlLXdpZHRoOiAxcHg7IH0KCiNkdDhueGYxb2VtNCAubm9kZS5jbGlja2FibGUgewogIGN1cnNvcjogcG9pbnRlcjsgfQoKI2R0OG54ZjFvZW00IC5hcnJvd2hlYWRQYXRoIHsKICBmaWxsOiAjMzMzMzMzOyB9CgojZHQ4bnhmMW9lbTQgLmVkZ2VQYXRoIC5wYXRoIHsKICBzdHJva2U6ICMzMzMzMzM7CiAgc3Ryb2tlLXdpZHRoOiAxLjVweDsgfQoKI2R0OG54ZjFvZW00IC5lZGdlTGFiZWwgewogIGJhY2tncm91bmQtY29sb3I6ICNlOGU4ZTg7IH0KCiNkdDhueGYxb2VtNCAuY2x1c3RlciByZWN0IHsKICBmaWxsOiAjZmZmZmRlICFpbXBvcnRhbnQ7CiAgc3Ryb2tlOiAjYWFhYTMzICFpbXBvcnRhbnQ7CiAgc3Ryb2tlLXdpZHRoOiAxcHggIWltcG9ydGFudDsgfQoKI2R0OG54ZjFvZW00IC5jbHVzdGVyIHRleHQgewogIGZpbGw6ICMzMzM7IH0KCiNkdDhueGYxb2VtNCBkaXYubWVybWFpZFRvb2x0aXAgewogIHBvc2l0aW9uOiBhYnNvbHV0ZTsKICB0ZXh0LWFsaWduOiBjZW50ZXI7CiAgbWF4LXdpZHRoOiAyMDBweDsKICBwYWRkaW5nOiAycHg7CiAgZm9udC1mYW1pbHk6ICd0cmVidWNoZXQgbXMnLCB2ZXJkYW5hLCBhcmlhbDsKICBmb250LXNpemU6IDEycHg7CiAgYmFja2dyb3VuZDogI2ZmZmZkZTsKICBib3JkZXI6IDFweCBzb2xpZCAjYWFhYTMzOwogIGJvcmRlci1yYWRpdXM6IDJweDsKICBwb2ludGVyLWV2ZW50czogbm9uZTsKICB6LWluZGV4OiAxMDA7IH0KCiNkdDhueGYxb2VtNCAuYWN0b3IgewogIHN0cm9rZTogI0NDQ0NGRjsKICBmaWxsOiAjRUNFQ0ZGOyB9CgojZHQ4bnhmMW9lbTQgdGV4dC5hY3RvciB7CiAgZmlsbDogYmxhY2s7CiAgc3Ryb2tlOiBub25lOyB9CgojZHQ4bnhmMW9lbTQgLmFjdG9yLWxpbmUgewogIHN0cm9rZTogZ3JleTsgfQoKI2R0OG54ZjFvZW00IC5tZXNzYWdlTGluZTAgewogIHN0cm9rZS13aWR0aDogMS41OwogIHN0cm9rZS1kYXNoYXJyYXk6ICcyIDInOwogIHN0cm9rZTogIzMzMzsgfQoKI2R0OG54ZjFvZW00IC5tZXNzYWdlTGluZTEgewogIHN0cm9rZS13aWR0aDogMS41OwogIHN0cm9rZS1kYXNoYXJyYXk6ICcyIDInOwogIHN0cm9rZTogIzMzMzsgfQoKI2R0OG54ZjFvZW00ICNhcnJvd2hlYWQgewogIGZpbGw6ICMzMzM7IH0KCiNkdDhueGYxb2VtNCAjY3Jvc3NoZWFkIHBhdGggewogIGZpbGw6ICMzMzMgIWltcG9ydGFudDsKICBzdHJva2U6ICMzMzMgIWltcG9ydGFudDsgfQoKI2R0OG54ZjFvZW00IC5tZXNzYWdlVGV4dCB7CiAgZmlsbDogIzMzMzsKICBzdHJva2U6IG5vbmU7IH0KCiNkdDhueGYxb2VtNCAubGFiZWxCb3ggewogIHN0cm9rZTogI0NDQ0NGRjsKICBmaWxsOiAjRUNFQ0ZGOyB9CgojZHQ4bnhmMW9lbTQgLmxhYmVsVGV4dCB7CiAgZmlsbDogYmxhY2s7CiAgc3Ryb2tlOiBub25lOyB9CgojZHQ4bnhmMW9lbTQgLmxvb3BUZXh0IHsKICBmaWxsOiBibGFjazsKICBzdHJva2U6IG5vbmU7IH0KCiNkdDhueGYxb2VtNCAubG9vcExpbmUgewogIHN0cm9rZS13aWR0aDogMjsKICBzdHJva2UtZGFzaGFycmF5OiAnMiAyJzsKICBzdHJva2U6ICNDQ0NDRkY7IH0KCiNkdDhueGYxb2VtNCAubm90ZSB7CiAgc3Ryb2tlOiAjYWFhYTMzOwogIGZpbGw6ICNmZmY1YWQ7IH0KCiNkdDhueGYxb2VtNCAubm90ZVRleHQgewogIGZpbGw6IGJsYWNrOwogIHN0cm9rZTogbm9uZTsKICBmb250LWZhbWlseTogJ3RyZWJ1Y2hldCBtcycsIHZlcmRhbmEsIGFyaWFsOwogIGZvbnQtc2l6ZTogMTRweDsgfQoKI2R0OG54ZjFvZW00IC5hY3RpdmF0aW9uMCB7CiAgZmlsbDogI2Y0ZjRmNDsKICBzdHJva2U6ICM2NjY7IH0KCiNkdDhueGYxb2VtNCAuYWN0aXZhdGlvbjEgewogIGZpbGw6ICNmNGY0ZjQ7CiAgc3Ryb2tlOiAjNjY2OyB9CgojZHQ4bnhmMW9lbTQgLmFjdGl2YXRpb24yIHsKICBmaWxsOiAjZjRmNGY0OwogIHN0cm9rZTogIzY2NjsgfQoKCiNkdDhueGYxb2VtNCAuc2VjdGlvbiB7CiAgc3Ryb2tlOiBub25lOwogIG9wYWNpdHk6IDAuMjsgfQoKI2R0OG54ZjFvZW00IC5zZWN0aW9uMCB7CiAgZmlsbDogcmdiYSgxMDIsIDEwMiwgMjU1LCAwLjQ5KTsgfQoKI2R0OG54ZjFvZW00IC5zZWN0aW9uMiB7CiAgZmlsbDogI2ZmZjQwMDsgfQoKI2R0OG54ZjFvZW00IC5zZWN0aW9uMSwKI2R0OG54ZjFvZW00IC5zZWN0aW9uMyB7CiAgZmlsbDogd2hpdGU7CiAgb3BhY2l0eTogMC4yOyB9CgojZHQ4bnhmMW9lbTQgLnNlY3Rpb25UaXRsZTAgewogIGZpbGw6ICMzMzM7IH0KCiNkdDhueGYxb2VtNCAuc2VjdGlvblRpdGxlMSB7CiAgZmlsbDogIzMzMzsgfQoKI2R0OG54ZjFvZW00IC5zZWN0aW9uVGl0bGUyIHsKICBmaWxsOiAjMzMzOyB9CgojZHQ4bnhmMW9lbTQgLnNlY3Rpb25UaXRsZTMgewogIGZpbGw6ICMzMzM7IH0KCiNkdDhueGYxb2VtNCAuc2VjdGlvblRpdGxlIHsKICB0ZXh0LWFuY2hvcjogc3RhcnQ7CiAgZm9udC1zaXplOiAxMXB4OwogIHRleHQtaGVpZ2h0OiAxNHB4OyB9CgoKI2R0OG54ZjFvZW00IC5ncmlkIC50aWNrIHsKICBzdHJva2U6IGxpZ2h0Z3JleTsKICBvcGFjaXR5OiAwLjM7CiAgc2hhcGUtcmVuZGVyaW5nOiBjcmlzcEVkZ2VzOyB9CgojZHQ4bnhmMW9lbTQgLmdyaWQgcGF0aCB7CiAgc3Ryb2tlLXdpZHRoOiAwOyB9CgoKI2R0OG54ZjFvZW00IC50b2RheSB7CiAgZmlsbDogbm9uZTsKICBzdHJva2U6IHJlZDsKICBzdHJva2Utd2lkdGg6IDJweDsgfQoKCgojZHQ4bnhmMW9lbTQgLnRhc2sgewogIHN0cm9rZS13aWR0aDogMjsgfQoKI2R0OG54ZjFvZW00IC50YXNrVGV4dCB7CiAgdGV4dC1hbmNob3I6IG1pZGRsZTsKICBmb250LXNpemU6IDExcHg7IH0KCiNkdDhueGYxb2VtNCAudGFza1RleHRPdXRzaWRlUmlnaHQgewogIGZpbGw6IGJsYWNrOwogIHRleHQtYW5jaG9yOiBzdGFydDsKICBmb250LXNpemU6IDExcHg7IH0KCiNkdDhueGYxb2VtNCAudGFza1RleHRPdXRzaWRlTGVmdCB7CiAgZmlsbDogYmxhY2s7CiAgdGV4dC1hbmNob3I6IGVuZDsKICBmb250LXNpemU6IDExcHg7IH0KCgojZHQ4bnhmMW9lbTQgLnRhc2tUZXh0MCwKI2R0OG54ZjFvZW00IC50YXNrVGV4dDEsCiNkdDhueGYxb2VtNCAudGFza1RleHQyLAojZHQ4bnhmMW9lbTQgLnRhc2tUZXh0MyB7CiAgZmlsbDogd2hpdGU7IH0KCiNkdDhueGYxb2VtNCAudGFzazAsCiNkdDhueGYxb2VtNCAudGFzazEsCiNkdDhueGYxb2VtNCAudGFzazIsCiNkdDhueGYxb2VtNCAudGFzazMgewogIGZpbGw6ICM4YTkwZGQ7CiAgc3Ryb2tlOiAjNTM0ZmJjOyB9CgojZHQ4bnhmMW9lbTQgLnRhc2tUZXh0T3V0c2lkZTAsCiNkdDhueGYxb2VtNCAudGFza1RleHRPdXRzaWRlMiB7CiAgZmlsbDogYmxhY2s7IH0KCiNkdDhueGYxb2VtNCAudGFza1RleHRPdXRzaWRlMSwKI2R0OG54ZjFvZW00IC50YXNrVGV4dE91dHNpZGUzIHsKICBmaWxsOiBibGFjazsgfQoKCiNkdDhueGYxb2VtNCAuYWN0aXZlMCwKI2R0OG54ZjFvZW00IC5hY3RpdmUxLAojZHQ4bnhmMW9lbTQgLmFjdGl2ZTIsCiNkdDhueGYxb2VtNCAuYWN0aXZlMyB7CiAgZmlsbDogI2JmYzdmZjsKICBzdHJva2U6ICM1MzRmYmM7IH0KCiNkdDhueGYxb2VtNCAuYWN0aXZlVGV4dDAsCiNkdDhueGYxb2VtNCAuYWN0aXZlVGV4dDEsCiNkdDhueGYxb2VtNCAuYWN0aXZlVGV4dDIsCiNkdDhueGYxb2VtNCAuYWN0aXZlVGV4dDMgewogIGZpbGw6IGJsYWNrICFpbXBvcnRhbnQ7IH0KCgojZHQ4bnhmMW9lbTQgLmRvbmUwLAojZHQ4bnhmMW9lbTQgLmRvbmUxLAojZHQ4bnhmMW9lbTQgLmRvbmUyLAojZHQ4bnhmMW9lbTQgLmRvbmUzIHsKICBzdHJva2U6IGdyZXk7CiAgZmlsbDogbGlnaHRncmV5OwogIHN0cm9rZS13aWR0aDogMjsgfQoKI2R0OG54ZjFvZW00IC5kb25lVGV4dDAsCiNkdDhueGYxb2VtNCAuZG9uZVRleHQxLAojZHQ4bnhmMW9lbTQgLmRvbmVUZXh0MiwKI2R0OG54ZjFvZW00IC5kb25lVGV4dDMgewogIGZpbGw6IGJsYWNrICFpbXBvcnRhbnQ7IH0KCgojZHQ4bnhmMW9lbTQgLmNyaXQwLAojZHQ4bnhmMW9lbTQgLmNyaXQxLAojZHQ4bnhmMW9lbTQgLmNyaXQyLAojZHQ4bnhmMW9lbTQgLmNyaXQzIHsKICBzdHJva2U6ICNmZjg4ODg7CiAgZmlsbDogcmVkOwogIHN0cm9rZS13aWR0aDogMjsgfQoKI2R0OG54ZjFvZW00IC5hY3RpdmVDcml0MCwKI2R0OG54ZjFvZW00IC5hY3RpdmVDcml0MSwKI2R0OG54ZjFvZW00IC5hY3RpdmVDcml0MiwKI2R0OG54ZjFvZW00IC5hY3RpdmVDcml0MyB7CiAgc3Ryb2tlOiAjZmY4ODg4OwogIGZpbGw6ICNiZmM3ZmY7CiAgc3Ryb2tlLXdpZHRoOiAyOyB9CgojZHQ4bnhmMW9lbTQgLmRvbmVDcml0MCwKI2R0OG54ZjFvZW00IC5kb25lQ3JpdDEsCiNkdDhueGYxb2VtNCAuZG9uZUNyaXQyLAojZHQ4bnhmMW9lbTQgLmRvbmVDcml0MyB7CiAgc3Ryb2tlOiAjZmY4ODg4OwogIGZpbGw6IGxpZ2h0Z3JleTsKICBzdHJva2Utd2lkdGg6IDI7CiAgY3Vyc29yOiBwb2ludGVyOwogIHNoYXBlLXJlbmRlcmluZzogY3Jpc3BFZGdlczsgfQoKI2R0OG54ZjFvZW00IC5kb25lQ3JpdFRleHQwLAojZHQ4bnhmMW9lbTQgLmRvbmVDcml0VGV4dDEsCiNkdDhueGYxb2VtNCAuZG9uZUNyaXRUZXh0MiwKI2R0OG54ZjFvZW00IC5kb25lQ3JpdFRleHQzIHsKICBmaWxsOiBibGFjayAhaW1wb3J0YW50OyB9CgojZHQ4bnhmMW9lbTQgLmFjdGl2ZUNyaXRUZXh0MCwKI2R0OG54ZjFvZW00IC5hY3RpdmVDcml0VGV4dDEsCiNkdDhueGYxb2VtNCAuYWN0aXZlQ3JpdFRleHQyLAojZHQ4bnhmMW9lbTQgLmFjdGl2ZUNyaXRUZXh0MyB7CiAgZmlsbDogYmxhY2sgIWltcG9ydGFudDsgfQoKI2R0OG54ZjFvZW00IC50aXRsZVRleHQgewogIHRleHQtYW5jaG9yOiBtaWRkbGU7CiAgZm9udC1zaXplOiAxOHB4OwogIGZpbGw6IGJsYWNrOyB9CgojZHQ4bnhmMW9lbTQgZy5jbGFzc0dyb3VwIHRleHQgewogIGZpbGw6ICM5MzcwREI7CiAgc3Ryb2tlOiBub25lOwogIGZvbnQtZmFtaWx5OiAndHJlYnVjaGV0IG1zJywgdmVyZGFuYSwgYXJpYWw7CiAgZm9udC1zaXplOiAxMHB4OyB9CgojZHQ4bnhmMW9lbTQgZy5jbGFzc0dyb3VwIHJlY3QgewogIGZpbGw6ICNFQ0VDRkY7CiAgc3Ryb2tlOiAjOTM3MERCOyB9CgojZHQ4bnhmMW9lbTQgZy5jbGFzc0dyb3VwIGxpbmUgewogIHN0cm9rZTogIzkzNzBEQjsKICBzdHJva2Utd2lkdGg6IDE7IH0KCiNkdDhueGYxb2VtNCAuY2xhc3NMYWJlbCAuYm94IHsKICBzdHJva2U6IG5vbmU7CiAgc3Ryb2tlLXdpZHRoOiAwOwogIGZpbGw6ICNFQ0VDRkY7CiAgb3BhY2l0eTogMC41OyB9CgojZHQ4bnhmMW9lbTQgLmNsYXNzTGFiZWwgLmxhYmVsIHsKICBmaWxsOiAjOTM3MERCOwogIGZvbnQtc2l6ZTogMTBweDsgfQoKI2R0OG54ZjFvZW00IC5yZWxhdGlvbiB7CiAgc3Ryb2tlOiAjOTM3MERCOwogIHN0cm9rZS13aWR0aDogMTsKICBmaWxsOiBub25lOyB9CgojZHQ4bnhmMW9lbTQgI2NvbXBvc2l0aW9uU3RhcnQgewogIGZpbGw6ICM5MzcwREI7CiAgc3Ryb2tlOiAjOTM3MERCOwogIHN0cm9rZS13aWR0aDogMTsgfQoKI2R0OG54ZjFvZW00ICNjb21wb3NpdGlvbkVuZCB7CiAgZmlsbDogIzkzNzBEQjsKICBzdHJva2U6ICM5MzcwREI7CiAgc3Ryb2tlLXdpZHRoOiAxOyB9CgojZHQ4bnhmMW9lbTQgI2FnZ3JlZ2F0aW9uU3RhcnQgewogIGZpbGw6ICNFQ0VDRkY7CiAgc3Ryb2tlOiAjOTM3MERCOwogIHN0cm9rZS13aWR0aDogMTsgfQoKI2R0OG54ZjFvZW00ICNhZ2dyZWdhdGlvbkVuZCB7CiAgZmlsbDogI0VDRUNGRjsKICBzdHJva2U6ICM5MzcwREI7CiAgc3Ryb2tlLXdpZHRoOiAxOyB9CgojZHQ4bnhmMW9lbTQgI2RlcGVuZGVuY3lTdGFydCB7CiAgZmlsbDogIzkzNzBEQjsKICBzdHJva2U6ICM5MzcwREI7CiAgc3Ryb2tlLXdpZHRoOiAxOyB9CgojZHQ4bnhmMW9lbTQgI2RlcGVuZGVuY3lFbmQgewogIGZpbGw6ICM5MzcwREI7CiAgc3Ryb2tlOiAjOTM3MERCOwogIHN0cm9rZS13aWR0aDogMTsgfQoKI2R0OG54ZjFvZW00ICNleHRlbnNpb25TdGFydCB7CiAgZmlsbDogIzkzNzBEQjsKICBzdHJva2U6ICM5MzcwREI7CiAgc3Ryb2tlLXdpZHRoOiAxOyB9CgojZHQ4bnhmMW9lbTQgI2V4dGVuc2lvbkVuZCB7CiAgZmlsbDogIzkzNzBEQjsKICBzdHJva2U6ICM5MzcwREI7CiAgc3Ryb2tlLXdpZHRoOiAxOyB9CgojZHQ4bnhmMW9lbTQgLmNvbW1pdC1pZCwKI2R0OG54ZjFvZW00IC5jb21taXQtbXNnLAojZHQ4bnhmMW9lbTQgLmJyYW5jaC1sYWJlbCB7CiAgZmlsbDogbGlnaHRncmV5OwogIGNvbG9yOiBsaWdodGdyZXk7IH0KCgoKI2R0OG54ZjFvZW00IC5sYWJlbHsKICBjb2xvcjojMThCMTRFOwp9CiNkdDhueGYxb2VtNCAudGUtbWQtY29udGFpbmVyLS1kYXJrIC5ub2RlIHJlY3QgewogIGZpbGw6IHJlZDsKfQoKI2R0OG54ZjFvZW00IC5ub2RlIHJlY3QsCiNkdDhueGYxb2VtNCAubm9kZSBjaXJjbGUsCiNkdDhueGYxb2VtNCAubm9kZSBlbGxpcHNlLAojZHQ4bnhmMW9lbTQgLm5vZGUgcG9seWdvbiB7CiAgZmlsbDogI0Y5RkZGQjs7CiAgc3Ryb2tlOiAjMkRCRDYwOwogIHN0cm9rZS13aWR0aDogMS41cHg7Cn0KI2R0OG54ZjFvZW00IC5hcnJvd2hlYWRQYXRoewogIGZpbGw6ICMyREJENjA7Cn0KI2R0OG54ZjFvZW00IC5lZGdlUGF0aCAucGF0aCB7CiAgc3Ryb2tlOiAjMkRCRDYwOwogIHN0cm9rZS13aWR0aDogMXB4Owp9CiNkdDhueGYxb2VtNCAuZWRnZUxhYmVsIHsKICBiYWNrZ3JvdW5kLWNvbG9yOiAjZmZmOwp9CiNkdDhueGYxb2VtNCAuY2x1c3RlciByZWN0IHsKICBmaWxsOiAjRjlGRkZCICFpbXBvcnRhbnQ7CiAgc3Ryb2tlOiAjMkRCRDYwICFpbXBvcnRhbnQ7CiAgc3Ryb2tlLXdpZHRoOiAxcHggIWltcG9ydGFudDsKfQoKI2R0OG54ZjFvZW00IC5jbHVzdGVyIHRleHQgewogIGZpbGw6ICNGOUZGRkI7Cn0KCiNkdDhueGYxb2VtNCBkaXYubWVybWFpZFRvb2x0aXAgewogIGJhY2tncm91bmQ6ICNGOUZGRkI7CiAgYm9yZGVyOiAxcHggc29saWQgIzJEQkQ2MDsKfQoKCiNkdDhueGYxb2VtNCAuYWN0b3IgewogIHN0cm9rZTogIzJEQkQ2MDsKICBmaWxsOiAjRjlGRkZCOwp9CgojZHQ4bnhmMW9lbTQgdGV4dC5hY3RvciB7CiAgZmlsbDogIzJEQkQ2MDsKICBzdHJva2U6IG5vbmU7Cn0KCiNkdDhueGYxb2VtNCAuYWN0b3ItbGluZSB7CiAgc3Ryb2tlOiAjMkRCRDYwOwp9CgojZHQ4bnhmMW9lbTQgLm1lc3NhZ2VMaW5lMCB7CiAgc3Ryb2tlLXdpZHRoOiAxLjU7CiAgc3Ryb2tlLWRhc2hhcnJheTogJzIgMic7CiAgbWFya2VyLWVuZDogJ3VybCgjYXJyb3doZWFkKSc7CiAgc3Ryb2tlOiAjMkRCRDYwOwp9CgojZHQ4bnhmMW9lbTQgLm1lc3NhZ2VMaW5lMSB7CiAgc3Ryb2tlLXdpZHRoOiAxLjU7CiAgc3Ryb2tlLWRhc2hhcnJheTogJzIgMic7CiAgc3Ryb2tlOiAjMkRCRDYwOwp9CgojZHQ4bnhmMW9lbTQgI2Fycm93aGVhZCB7CiAgZmlsbDogIzJEQkQ2MDsKfQoKI2R0OG54ZjFvZW00ICNjcm9zc2hlYWQgcGF0aCB7CiAgZmlsbDogIzJEQkQ2MCAhaW1wb3J0YW50OwogIHN0cm9rZTogIzJEQkQ2MCAhaW1wb3J0YW50Owp9CgojZHQ4bnhmMW9lbTQgLm1lc3NhZ2VUZXh0IHsKICBmaWxsOiAjMkRCRDYwOwogIHN0cm9rZTogbm9uZTsKfQoKI2R0OG54ZjFvZW00IC5sYWJlbEJveCB7CiAgc3Ryb2tlOiAjMkRCRDYwOwogIGZpbGw6ICNGOUZGRkI7Cn0KCiNkdDhueGYxb2VtNCAubGFiZWxUZXh0IHsKICBmaWxsOiAjMkRCRDYwOwogIHN0cm9rZTogIzJEQkQ2MDsKfQoKI2R0OG54ZjFvZW00IC5sb29wVGV4dCB7CiAgZmlsbDogIzJEQkQ2MDsKICBzdHJva2U6ICMyREJENjA7Cn0KCiNkdDhueGYxb2VtNCAubG9vcExpbmUgewogIHN0cm9rZS13aWR0aDogMjsKICBzdHJva2UtZGFzaGFycmF5OiAnMiAyJzsKICBtYXJrZXItZW5kOiAndXJsKCNhcnJvd2hlYWQpJzsKICBzdHJva2U6ICMyREJENjA7Cn0KCiNkdDhueGYxb2VtNCAubm90ZSB7CiAgc3Ryb2tlOiAjMkRCRDYwOwogIGZpbGw6ICNGOUZGRkI7Cn0KCiNkdDhueGYxb2VtNCAubm90ZVRleHQgewogIGZpbGw6ICMyREJENjA7CiAgc3Ryb2tlOiAjMkRCRDYwOwp9CgoKI2R0OG54ZjFvZW00IC5zZWN0aW9uewogIG9wYWNpdHk6MTsKfQojZHQ4bnhmMW9lbTQgLnNlY3Rpb24wLCNkdDhueGYxb2VtNCAgLnNlY3Rpb24yIHsKICBmaWxsOiAjRUNGN0YwOwp9CgojZHQ4bnhmMW9lbTQgLnNlY3Rpb24xLAojZHQ4bnhmMW9lbTQgLnNlY3Rpb24zIHsKICBmaWxsOiAjRkZGOwp9CiNkdDhueGYxb2VtNCAudGFza1RleHQwLAojZHQ4bnhmMW9lbTQgLnRhc2tUZXh0MSwKI2R0OG54ZjFvZW00IC50YXNrVGV4dDIsCiNkdDhueGYxb2VtNCAudGFza1RleHQzIHsKICBmaWxsOiAjZmZmOwp9CgojZHQ4bnhmMW9lbTQgLnRhc2swLAojZHQ4bnhmMW9lbTQgLnRhc2sxLAojZHQ4bnhmMW9lbTQgLnRhc2syLAojZHQ4bnhmMW9lbTQgLnRhc2szIHsKICBmaWxsOiAjMkRCRDYwOwogIHN0cm9rZTogIzM1OUY1QTsKfQo8L3N0eWxlPjxzdHlsZT4jZHQ4bnhmMW9lbTQgewogICAgY29sb3I6IHJnYigyNDQsIDI0NCwgMjQ0KTsKICAgIGZvbnQ6IG5vcm1hbCBub3JtYWwgbm9ybWFsIG5vcm1hbCAxNHB4LzIyLjM5OTk5OTYxODUzMDI3M3B4IG1vbm9zcGFjZTsKICB9PC9zdHlsZT48ZyB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMTIsIC0xMikiPjxnIGNsYXNzPSJvdXRwdXQiPjxnIGNsYXNzPSJjbHVzdGVycyI+PC9nPjxnIGNsYXNzPSJlZGdlUGF0aHMiPjxnIGNsYXNzPSJlZGdlUGF0aCIgc3R5bGU9Im9wYWNpdHk6IDE7Ij48cGF0aCBjbGFzcz0icGF0aCIgZD0iTTEyOC40MDYyNSw4MS4yODEyNUwxNTMuNDA2MjUsODEuMjgxMjVMMTc4LjQwNjI1LDgxLjI4MTI1IiBtYXJrZXItZW5kPSJ1cmwoI2Fycm93aGVhZDE1NTU5KSIgc3R5bGU9InN0cm9rZTogIzMzMzsgc3Ryb2tlLXdpZHRoOiAxLjVweDtmaWxsOm5vbmUiPjwvcGF0aD48ZGVmcz48bWFya2VyIGlkPSJhcnJvd2hlYWQxNTU1OSIgdmlld0JveD0iMCAwIDEwIDEwIiByZWZYPSI5IiByZWZZPSI1IiBtYXJrZXJVbml0cz0ic3Ryb2tlV2lkdGgiIG1hcmtlcldpZHRoPSI4IiBtYXJrZXJIZWlnaHQ9IjYiIG9yaWVudD0iYXV0byI+PHBhdGggZD0iTSAwIDAgTCAxMCA1IEwgMCAxMCB6IiBjbGFzcz0iYXJyb3doZWFkUGF0aCIgc3R5bGU9InN0cm9rZS13aWR0aDogMXB4OyBzdHJva2UtZGFzaGFycmF5OiAxcHgsIDBweDsiPjwvcGF0aD48L21hcmtlcj48L2RlZnM+PC9nPjxnIGNsYXNzPSJlZGdlUGF0aCIgc3R5bGU9Im9wYWNpdHk6IDE7Ij48cGF0aCBjbGFzcz0icGF0aCIgZD0iTTIyNi43ODEyNSw2NC4yNjg5NzQ0OTM2OTUwN0wyNjMuOTI5Njg3NSwzOC4xNDA2MjVMMzAxLjA3ODEyNSwzOC4xNDA2MjUiIG1hcmtlci1lbmQ9InVybCgjYXJyb3doZWFkMTU1NjApIiBzdHlsZT0ic3Ryb2tlOiAjMzMzOyBzdHJva2Utd2lkdGg6IDEuNXB4O2ZpbGw6bm9uZSI+PC9wYXRoPjxkZWZzPjxtYXJrZXIgaWQ9ImFycm93aGVhZDE1NTYwIiB2aWV3Qm94PSIwIDAgMTAgMTAiIHJlZlg9IjkiIHJlZlk9IjUiIG1hcmtlclVuaXRzPSJzdHJva2VXaWR0aCIgbWFya2VyV2lkdGg9IjgiIG1hcmtlckhlaWdodD0iNiIgb3JpZW50PSJhdXRvIj48cGF0aCBkPSJNIDAgMCBMIDEwIDUgTCAwIDEwIHoiIGNsYXNzPSJhcnJvd2hlYWRQYXRoIiBzdHlsZT0ic3Ryb2tlLXdpZHRoOiAxcHg7IHN0cm9rZS1kYXNoYXJyYXk6IDFweCwgMHB4OyI+PC9wYXRoPjwvbWFya2VyPjwvZGVmcz48L2c+PGcgY2xhc3M9ImVkZ2VQYXRoIiBzdHlsZT0ib3BhY2l0eTogMTsiPjxwYXRoIGNsYXNzPSJwYXRoIiBkPSJNMjI2Ljc4MTI1LDk4LjI5MzUyNTUwNjMwNDkzTDI2My45Mjk2ODc1LDEyNC40MjE4NzVMMzI1LjczNDM3NSwxMjQuNDIxODc1TDM4OS41NTQ2ODc1LDEyNC40MjE4NzVMNDUyLjI5Njg3NSwxMjQuNDIxODc1IiBtYXJrZXItZW5kPSJ1cmwoI2Fycm93aGVhZDE1NTYxKSIgc3R5bGU9InN0cm9rZTogIzMzMzsgc3Ryb2tlLXdpZHRoOiAxLjVweDtmaWxsOm5vbmUiPjwvcGF0aD48ZGVmcz48bWFya2VyIGlkPSJhcnJvd2hlYWQxNTU2MSIgdmlld0JveD0iMCAwIDEwIDEwIiByZWZYPSI5IiByZWZZPSI1IiBtYXJrZXJVbml0cz0ic3Ryb2tlV2lkdGgiIG1hcmtlcldpZHRoPSI4IiBtYXJrZXJIZWlnaHQ9IjYiIG9yaWVudD0iYXV0byI+PHBhdGggZD0iTSAwIDAgTCAxMCA1IEwgMCAxMCB6IiBjbGFzcz0iYXJyb3doZWFkUGF0aCIgc3R5bGU9InN0cm9rZS13aWR0aDogMXB4OyBzdHJva2UtZGFzaGFycmF5OiAxcHgsIDBweDsiPjwvcGF0aD48L21hcmtlcj48L2RlZnM+PC9nPjxnIGNsYXNzPSJlZGdlUGF0aCIgc3R5bGU9Im9wYWNpdHk6IDE7Ij48cGF0aCBjbGFzcz0icGF0aCIgZD0iTTM1MC4zOTA2MjUsMzguMTQwNjI1TDM4OS41NTQ2ODc1LDM4LjE0MDYyNUw0MjguNzE4NzUsMzguMTQwNjI1IiBtYXJrZXItZW5kPSJ1cmwoI2Fycm93aGVhZDE1NTYyKSIgc3R5bGU9InN0cm9rZTogIzMzMzsgc3Ryb2tlLXdpZHRoOiAxLjVweDtmaWxsOm5vbmUiPjwvcGF0aD48ZGVmcz48bWFya2VyIGlkPSJhcnJvd2hlYWQxNTU2MiIgdmlld0JveD0iMCAwIDEwIDEwIiByZWZYPSI5IiByZWZZPSI1IiBtYXJrZXJVbml0cz0ic3Ryb2tlV2lkdGgiIG1hcmtlcldpZHRoPSI4IiBtYXJrZXJIZWlnaHQ9IjYiIG9yaWVudD0iYXV0byI+PHBhdGggZD0iTSAwIDAgTCAxMCA1IEwgMCAxMCB6IiBjbGFzcz0iYXJyb3doZWFkUGF0aCIgc3R5bGU9InN0cm9rZS13aWR0aDogMXB4OyBzdHJva2UtZGFzaGFycmF5OiAxcHgsIDBweDsiPjwvcGF0aD48L21hcmtlcj48L2RlZnM+PC9nPjxnIGNsYXNzPSJlZGdlUGF0aCIgc3R5bGU9Im9wYWNpdHk6IDE7Ij48cGF0aCBjbGFzcz0icGF0aCIgZD0iTTUyMi4yOTY4NzUsMzguMTQwNjI1TDU0Ny4yOTY4NzUsMzguMTQwNjI1TDU3NC4wOTg3NTgzNzU1ODg1LDYzLjE0MDYyNSIgbWFya2VyLWVuZD0idXJsKCNhcnJvd2hlYWQxNTU2MykiIHN0eWxlPSJzdHJva2U6ICMzMzM7IHN0cm9rZS13aWR0aDogMS41cHg7ZmlsbDpub25lIj48L3BhdGg+PGRlZnM+PG1hcmtlciBpZD0iYXJyb3doZWFkMTU1NjMiIHZpZXdCb3g9IjAgMCAxMCAxMCIgcmVmWD0iOSIgcmVmWT0iNSIgbWFya2VyVW5pdHM9InN0cm9rZVdpZHRoIiBtYXJrZXJXaWR0aD0iOCIgbWFya2VySGVpZ2h0PSI2IiBvcmllbnQ9ImF1dG8iPjxwYXRoIGQ9Ik0gMCAwIEwgMTAgNSBMIDAgMTAgeiIgY2xhc3M9ImFycm93aGVhZFBhdGgiIHN0eWxlPSJzdHJva2Utd2lkdGg6IDFweDsgc3Ryb2tlLWRhc2hhcnJheTogMXB4LCAwcHg7Ij48L3BhdGg+PC9tYXJrZXI+PC9kZWZzPjwvZz48ZyBjbGFzcz0iZWRnZVBhdGgiIHN0eWxlPSJvcGFjaXR5OiAxOyI+PHBhdGggY2xhc3M9InBhdGgiIGQ9Ik00OTguNzE4NzUsMTI0LjQyMTg3NUw1NDcuMjk2ODc1LDEyNC40MjE4NzVMNTc0LjA5ODc1ODM3NTU4ODUsOTkuNDIxODc1IiBtYXJrZXItZW5kPSJ1cmwoI2Fycm93aGVhZDE1NTY0KSIgc3R5bGU9InN0cm9rZTogIzMzMzsgc3Ryb2tlLXdpZHRoOiAxLjVweDtmaWxsOm5vbmUiPjwvcGF0aD48ZGVmcz48bWFya2VyIGlkPSJhcnJvd2hlYWQxNTU2NCIgdmlld0JveD0iMCAwIDEwIDEwIiByZWZYPSI5IiByZWZZPSI1IiBtYXJrZXJVbml0cz0ic3Ryb2tlV2lkdGgiIG1hcmtlcldpZHRoPSI4IiBtYXJrZXJIZWlnaHQ9IjYiIG9yaWVudD0iYXV0byI+PHBhdGggZD0iTSAwIDAgTCAxMCA1IEwgMCAxMCB6IiBjbGFzcz0iYXJyb3doZWFkUGF0aCIgc3R5bGU9InN0cm9rZS13aWR0aDogMXB4OyBzdHJva2UtZGFzaGFycmF5OiAxcHgsIDBweDsiPjwvcGF0aD48L21hcmtlcj48L2RlZnM+PC9nPjwvZz48ZyBjbGFzcz0iZWRnZUxhYmVscyI+PGcgY2xhc3M9ImVkZ2VMYWJlbCIgc3R5bGU9Im9wYWNpdHk6IDE7IiB0cmFuc2Zvcm09IiI+PGcgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoMCwwKSIgY2xhc3M9ImxhYmVsIj48cmVjdCByeD0iMCIgcnk9IjAiIHdpZHRoPSIwIiBoZWlnaHQ9IjAiIHN0eWxlPSJmaWxsOiNlOGU4ZTg7Ij48L3JlY3Q+PHRleHQ+PHRzcGFuIHhtbDpzcGFjZT0icHJlc2VydmUiIGR5PSIxZW0iIHg9IjEiPjwvdHNwYW4+PC90ZXh0PjwvZz48L2c+PGcgY2xhc3M9ImVkZ2VMYWJlbCIgc3R5bGU9Im9wYWNpdHk6IDE7IiB0cmFuc2Zvcm09InRyYW5zbGF0ZSgyNjMuOTI5Njg3NSwzOC4xNDA2MjUpIj48ZyB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMTYuMzU5Mzc1LC04LjAwNzgxMjUpIiBjbGFzcz0ibGFiZWwiPjxyZWN0IHJ4PSIwIiByeT0iMCIgd2lkdGg9IjI0LjI5Njg3NSIgaGVpZ2h0PSIxNi4yODEyNSIgc3R5bGU9ImZpbGw6I2U4ZThlODsiPjwvcmVjdD48dGV4dD48dHNwYW4geG1sOnNwYWNlPSJwcmVzZXJ2ZSIgZHk9IjFlbSIgeD0iMSI+Zm9yazwvdHNwYW4+PC90ZXh0PjwvZz48L2c+PGcgY2xhc3M9ImVkZ2VMYWJlbCIgc3R5bGU9Im9wYWNpdHk6IDE7IiB0cmFuc2Zvcm09IiI+PGcgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoMCwwKSIgY2xhc3M9ImxhYmVsIj48cmVjdCByeD0iMCIgcnk9IjAiIHdpZHRoPSIwIiBoZWlnaHQ9IjAiIHN0eWxlPSJmaWxsOiNlOGU4ZTg7Ij48L3JlY3Q+PHRleHQ+PHRzcGFuIHhtbDpzcGFjZT0icHJlc2VydmUiIGR5PSIxZW0iIHg9IjEiPjwvdHNwYW4+PC90ZXh0PjwvZz48L2c+PGcgY2xhc3M9ImVkZ2VMYWJlbCIgc3R5bGU9Im9wYWNpdHk6IDE7IiB0cmFuc2Zvcm09InRyYW5zbGF0ZSgzODkuNTU0Njg3NSwzOC4xNDA2MjUpIj48ZyB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMTYuMzU5Mzc1LC04LjAwNzgxMjUpIiBjbGFzcz0ibGFiZWwiPjxyZWN0IHJ4PSIwIiByeT0iMCIgd2lkdGg9IjI4LjMyODEyNSIgaGVpZ2h0PSIxNi4yODEyNSIgc3R5bGU9ImZpbGw6I2U4ZThlODsiPjwvcmVjdD48dGV4dD48dHNwYW4geG1sOnNwYWNlPSJwcmVzZXJ2ZSIgZHk9IjFlbSIgeD0iMSI+ZXhlYzwvdHNwYW4+PC90ZXh0PjwvZz48L2c+PGcgY2xhc3M9ImVkZ2VMYWJlbCIgc3R5bGU9Im9wYWNpdHk6IDE7IiB0cmFuc2Zvcm09IiI+PGcgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoMCwwKSIgY2xhc3M9ImxhYmVsIj48cmVjdCByeD0iMCIgcnk9IjAiIHdpZHRoPSIwIiBoZWlnaHQ9IjAiIHN0eWxlPSJmaWxsOiNlOGU4ZTg7Ij48L3JlY3Q+PHRleHQ+PHRzcGFuIHhtbDpzcGFjZT0icHJlc2VydmUiIGR5PSIxZW0iIHg9IjEiPjwvdHNwYW4+PC90ZXh0PjwvZz48L2c+PGcgY2xhc3M9ImVkZ2VMYWJlbCIgc3R5bGU9Im9wYWNpdHk6IDE7IiB0cmFuc2Zvcm09IiI+PGcgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoMCwwKSIgY2xhc3M9ImxhYmVsIj48cmVjdCByeD0iMCIgcnk9IjAiIHdpZHRoPSIwIiBoZWlnaHQ9IjAiIHN0eWxlPSJmaWxsOiNlOGU4ZTg7Ij48L3JlY3Q+PHRleHQ+PHRzcGFuIHhtbDpzcGFjZT0icHJlc2VydmUiIGR5PSIxZW0iIHg9IjEiPjwvdHNwYW4+PC90ZXh0PjwvZz48L2c+PC9nPjxnIGNsYXNzPSJub2RlcyI+PGcgY2xhc3M9Im5vZGUiIHN0eWxlPSJvcGFjaXR5OiAxOyIgaWQ9IkYiIHRyYW5zZm9ybT0idHJhbnNsYXRlKDc0LjIwMzEyNSw4MS4yODEyNSkiPjxyZWN0IHJ4PSIwIiByeT0iMCIgeD0iLTU0LjIwMzEyNSIgeT0iLTE4LjE0MDYyNSIgd2lkdGg9IjEwOC40MDYyNSIgaGVpZ2h0PSIzNi4yODEyNSI+PC9yZWN0PjxnIGNsYXNzPSJsYWJlbCIgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoMCwwKSI+PGcgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoLTQ0LjIwMzEyNSwtOC4xNDA2MjUpIj48dGV4dD48dHNwYW4geG1sOnNwYWNlPSJwcmVzZXJ2ZSIgZHk9IjFlbSIgeD0iMSI+cGFyZW50IHByb2Nlc3M8L3RzcGFuPjwvdGV4dD48L2c+PC9nPjwvZz48ZyBjbGFzcz0ibm9kZSIgc3R5bGU9Im9wYWNpdHk6IDE7IiBpZD0iQSIgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoMjAyLjU5Mzc1LDgxLjI4MTI1KSI+PHJlY3Qgcng9IjAiIHJ5PSIwIiB4PSItMjQuMTg3NSIgeT0iLTE4LjE0MDYyNSIgd2lkdGg9IjQ4LjM3NSIgaGVpZ2h0PSIzNi4yODEyNSI+PC9yZWN0PjxnIGNsYXNzPSJsYWJlbCIgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoMCwwKSI+PGcgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoLTE0LjE4NzUsLTguMTQwNjI1KSI+PHRleHQ+PHRzcGFuIHhtbDpzcGFjZT0icHJlc2VydmUiIGR5PSIxZW0iIHg9IjEiPnN0YXJ0PC90c3Bhbj48L3RleHQ+PC9nPjwvZz48L2c+PGcgY2xhc3M9Im5vZGUiIHN0eWxlPSJvcGFjaXR5OiAxOyIgaWQ9IkIiIHRyYW5zZm9ybT0idHJhbnNsYXRlKDMyNS43MzQzNzUsMzguMTQwNjI1KSI+PHJlY3Qgcng9IjAiIHJ5PSIwIiB4PSItMjQuNjU2MjUiIHk9Ii0xOC4xNDA2MjUiIHdpZHRoPSI0OS4zMTI1IiBoZWlnaHQ9IjM2LjI4MTI1Ij48L3JlY3Q+PGcgY2xhc3M9ImxhYmVsIiB0cmFuc2Zvcm09InRyYW5zbGF0ZSgwLDApIj48ZyB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMTQuNjU2MjUsLTguMTQwNjI1KSI+PHRleHQ+PHRzcGFuIHhtbDpzcGFjZT0icHJlc2VydmUiIGR5PSIxZW0iIHg9IjEiPmNoaWxkPC90c3Bhbj48L3RleHQ+PC9nPjwvZz48L2c+PGcgY2xhc3M9Im5vZGUiIHN0eWxlPSJvcGFjaXR5OiAxOyIgaWQ9IkMiIHRyYW5zZm9ybT0idHJhbnNsYXRlKDQ3NS41MDc4MTI1LDEyNC40MjE4NzUpIj48cmVjdCByeD0iMCIgcnk9IjAiIHg9Ii0yMy4yMTA5Mzc1IiB5PSItMTguMTQwNjI1IiB3aWR0aD0iNDYuNDIxODc1IiBoZWlnaHQ9IjM2LjI4MTI1Ij48L3JlY3Q+PGcgY2xhc3M9ImxhYmVsIiB0cmFuc2Zvcm09InRyYW5zbGF0ZSgwLDApIj48ZyB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMTMuMjEwOTM3NSwtOC4xNDA2MjUpIj48dGV4dD48dHNwYW4geG1sOnNwYWNlPSJwcmVzZXJ2ZSIgZHk9IjFlbSIgeD0iMSI+d2FpdDwvdHNwYW4+PC90ZXh0PjwvZz48L2c+PC9nPjxnIGNsYXNzPSJub2RlIiBzdHlsZT0ib3BhY2l0eTogMTsiIGlkPSJEIiB0cmFuc2Zvcm09InRyYW5zbGF0ZSg0NzUuNTA3ODEyNSwzOC4xNDA2MjUpIj48cmVjdCByeD0iMCIgcnk9IjAiIHg9Ii00Ni43ODkwNjI1IiB5PSItMTguMTQwNjI1IiB3aWR0aD0iOTMuNTc4MTI1IiBoZWlnaHQ9IjM2LjI4MTI1Ij48L3JlY3Q+PGcgY2xhc3M9ImxhYmVsIiB0cmFuc2Zvcm09InRyYW5zbGF0ZSgwLDApIj48ZyB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMzYuNzg5MDYyNSwtOC4xNDA2MjUpIj48dGV4dD48dHNwYW4geG1sOnNwYWNlPSJwcmVzZXJ2ZSIgZHk9IjFlbSIgeD0iMSI+bmV3IHByb2Nlc3M8L3RzcGFuPjwvdGV4dD48L2c+PC9nPjwvZz48ZyBjbGFzcz0ibm9kZSIgc3R5bGU9Im9wYWNpdHk6IDE7IiBpZD0iRSIgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoNTkzLjU0Njg3NSw4MS4yODEyNSkiPjxyZWN0IHJ4PSIwIiByeT0iMCIgeD0iLTIxLjI1IiB5PSItMTguMTQwNjI1IiB3aWR0aD0iNDIuNSIgaGVpZ2h0PSIzNi4yODEyNSI+PC9yZWN0PjxnIGNsYXNzPSJsYWJlbCIgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoMCwwKSI+PGcgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoLTExLjI1LC04LjE0MDYyNSkiPjx0ZXh0Pjx0c3BhbiB4bWw6c3BhY2U9InByZXNlcnZlIiBkeT0iMWVtIiB4PSIxIj5lbmQ8L3RzcGFuPjwvdGV4dD48L2c+PC9nPjwvZz48L2c+PC9nPjwvZz48L3N2Zz4=
最常见的就是通过shell终端执行命令。此场景下,/bin/bash就是这个parent process,而要执行的那个命令就是new process。
Linux有一些特性,可以使得创建出的进程比拉起的进程权限高。例如可执行文件配置了set-user-ID位,则拉起的进程就是root权限,而其父进程有可能是普通用户权限。如果可执行文件配置了file capability,则创建出的进程就具备了某些capability,如果父进程没有这些capability,则这也是一种权限放大的场景。
当发生这种权限放大的场景时,Linux的安全特性要求,此时子进程中的某些敏感环境变量会被清空,例如:LD_PRELOAD,LD_LIBRARY_PATH。由于这些环境变量都是从父进程继承过来的,如果不清空,则表明会使用高权限级别执行这些环境变量指定的可执行代码。
LD_LIBRARY_PATH
参考文献[1],ld.so搜索动态库的顺序如下:
- DT_PATH指定的库文件(deprecated)
- LD_LIBRARY_PATH指定的库文件
- DT_RUNPATH指定的库文件
- /etc/ld.so.cache这个二进制文件指定的库文件,该文件通过ldconfig命令生成
- In the default path /lib, and then /usr/lib. (On some 64-bit architectures, the default paths for 64-bit shared objects are /lib64, and then /usr/lib64.) If the binary was linked with the -z nodeflib linker option, this step is skipped.
所以针对LD_LIBRARY_PATH,除了第二条的方法失效,其他的都可以用。
LD_PRELOAD
那针对LD_PRELOAD,是不是就没法用呢?其实也不是。
在没有setcap以及set-user-ID的情况下,如果ld.so需要预加载一个库文件,指定方法在文献[1]中同样有描述:
- The
LD_PRELOADenvironment variable. - The
--preloadcommand-line option when invoking the dynamic linker directly. - The
/etc/ld.so.preloadfile.
在secure-execution模式下,方法2和方法3均不受影响。方法1也仍然可以使用。但是需要一些特殊的设置,在[1]中也有描述。
In secure-execution mode, preload pathnames containing slashes are ignored. Furthermore, shared objects are preloaded only from the standard search directories and only if they have set-user-ID mode bit enabled (which is not typical).
综上,需要3点配置:
- LD_PRELOAD环境变量指定的库文件不能包含斜线'/'
- 库文件只会从标准路径下加载。这里标准路径可以参考LD_LIBRARY_PATH中的描述。注意,此时ld.so只会搜索标准路径,不会搜索通过其他手段配置的路径(如上一节描述的)。
- 库文件必须使能了set-user-id位
示例代码
代码目录树:
[ben@localhost test]$ tree .
.
├── lib.c
├── libtest.so
├── main
├── main.c
├── test
└── test.c
main.c生成main可执行程序,test.c生成test可执行程序,lib.c生成libtest.so。
// main.c
#include <stdio.h>
#include <unistd.h>
#include <sys/wait.h>
int main()
{
pid_t pid = fork();
if (pid == 0) {
char *envp[] = {
"LD_PRELOAD=libtest.so",
// "LD_PRELOAD=./libtest.so",
NULL
};
char *argv[] = {
"test",
NULL
};
int err = execve("./test", argv, envp);
}
else {
int status;
wait(&status);
}
return 0;
}
// test.c
#include <stdio.h>
#include <stdlib.h>
int main ()
{
const char *preload = getenv("LD_PRELOAD");
printf("LD_PRELOAD = %s\n", preload);
return 0;
}
// lib.c
#include <stdio.h>
static void func(void) __attribute__((constructor));
void func(void)
{
printf("I'm libtest.so loaded\n");
}
在test可执行程序是普通的二进制时,输出为
[ben@localhost test]$ ./main
I'm libtest.so loaded
LD_PRELOAD = ./libtest.so
当test配置了capability以后:
[ben@localhost test]$ sudo setcap cap_net_admin,cap_net_raw=eip ./test
[ben@localhost test]$ ./main
LD_PRELOAD = (null)
可见LD_PRELOAD指定libtest.so未被加载,且LD_PRELOAD环境变量被清空了。
LD_PRELOAD不含斜线
[ben@localhost test]$ ./main
ERROR: ld.so: object 'libtest.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
LD_PRELOAD = (null)
LD_PRELOAD仍然被清空了,但ld.so似乎尝试去加载libtest.so了,但是没找着。
将libtest.so放入标准路径
如果没有配置set-user-id位:
[ben@localhost test]$ ./main
ERROR: ld.so: object 'libtest.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
LD_PRELOAD = (null)
仍然提示找不到。如果设置了set-user-id位:
[ben@localhost test]$ sudo chmod a+s /usr/lib64/libtest.so
[ben@localhost test]$ ./main
I'm libtest.so loaded
LD_PRELOAD = (null)
在满足上一节提到的3个条件时,libteso.so就可以正常加载了。
看看如果放到/usr/lib下面会怎么样?
[ben@localhost test]$ ls /usr/lib/libtest.so -l
-rwsr-sr-x. 1 root root 8208 1月 24 19:48 /usr/lib/libtest.so
[ben@localhost test]$ ./main
ERROR: ld.so: object 'libtest.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
LD_PRELOAD = (null)
看看还是一样找不到。可见在x64平台上,/usr/lib并非标准路径,而/usr/lib64以及/lib64才是
参考文献
[1] ld.so(8) — Linux manual page
[2] Stackoverflow - Does using linux capabilities disables LD_PRELOAD