From 7f2398e789168d0b5853a52958a22403c513bf65 Mon Sep 17 00:00:00 2001
From: Daniel Golle <daniel@makrotopia.org>
Date: Mon, 23 Aug 2021 15:22:31 +0100
Subject: [PATCH] jail: devices: create parent folder when creating devices

Some device nodes live in subdirectories like /dev/dri.
Create those folders when populating /dev.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---
 jail/jail.c | 28 +++++++++++++++++++++++++---
 1 file changed, 25 insertions(+), 3 deletions(-)

diff --git a/jail/jail.c b/jail/jail.c
index fc8d824..d61bbe0 100644
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -579,6 +579,7 @@ static struct mknod_args default_devices[] = {
 static int create_devices(void)
 {
 	struct mknod_args **cur, *curdef;
+	char *path, *tmp;
 
 	if (!opts.devices)
 		goto only_default_devices;
@@ -586,12 +587,33 @@ static int create_devices(void)
 	cur = opts.devices;
 
 	while (*cur) {
-		DEBUG("creating %s (mode=%08o)\n", (*cur)->path, (*cur)->mode);
-		if (mknod((*cur)->path, (*cur)->mode, (*cur)->dev))
+		path = (*cur)->path;
+		/* don't allow devices outside of /dev */
+		if (strncmp(path, "/dev", 4))
+			return EPERM;
+
+		/* make sure parent folder exists */
+		tmp = strrchr(path, '/');
+		if (!tmp)
+			return EINVAL;
+
+		*tmp = '\0';
+		if (strcmp(path, "/dev")) {
+			DEBUG("creating directory %s\n", path);
+
+			mkdir_p(path, 0755);
+		}
+		*tmp = '/';
+
+		DEBUG("creating %s (mode=%08o)\n", path, (*cur)->mode);
+
+		/* create device */
+		if (mknod(path, (*cur)->mode, (*cur)->dev))
 			return errno;
 
+		/* change owner, if needed */
 		if (((*cur)->uid || (*cur)->gid) &&
-		    chown((*cur)->path, (*cur)->uid, (*cur)->gid))
+		    chown(path, (*cur)->uid, (*cur)->gid))
 			return errno;
 
 		++cur;
-- 
2.30.2