Date: Thu, 11 Jun 2009 11:29:30 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 164093 for review Message-ID: <200906111129.n5BBTU3K043258@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=164093 Change 164093 by rwatson@rwatson_freebsd_capabilities on 2009/06/11 11:28:40 Implement ping-ping test host/sandbox using lcrpc. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/tools/cap/libcapability_exec/libcapability_exec.c#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#2 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/libcapability_exec/libcapability_exec.c#2 (text+ko) ==== @@ -35,6 +35,7 @@ __FBSDID("$FreeBSD$"); #include <sys/types.h> +#include <sys/uio.h> #include <err.h> #include <fcntl.h> @@ -48,8 +49,10 @@ { struct lc_sandbox *lcsp; char *sandbox_argv[2] = { argv[1], NULL }; - ssize_t len; + struct iovec iov; + size_t len; char ch; + int i; if (argc != 2) errx(-1, "usage: libcapability_exec sandbox"); @@ -58,17 +61,21 @@ < 0) err(-1, "lch_start %s", argv[1]); - ch = 'X'; - len = lch_send(lcsp, &ch, sizeof(ch), 0); - if (len != sizeof(ch)) - err(-1, "lch_send: returned len %d not expected", len); - - ch = 'Y'; - len = lch_recv(lcsp, &ch, sizeof(ch), 0); - if (len != sizeof(ch)) - errx(-1, "lch_recv: returned len %d not expected", len); - if (ch != 'X') - errx(-1, "lch_recv: expected X and got %c", ch); + for (i = 0; i < 10; i++) { + ch = i; + iov.iov_base = &ch; + iov.iov_len = sizeof(ch); + if (lch_rpc(lcsp, 0, &iov, 1, &iov, 1, &len) < 0) + err(-1, "lch_rpc"); + if (len != sizeof(ch)) + errx(-1, "lch_rpc returned size %d not %d", len, + sizeof(ch)); + if (ch != i) + errx(-1, "lch_recv: expected %d and got %d", i, ch); + printf("."); + fflush(stdout); + } + printf(" OK\n"); lch_stop(lcsp); } ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#2 (text+ko) ==== @@ -1,20 +1,67 @@ +/*- + * Copyright (c) 2009 Robert N. M. Watson + * All rights reserved. + * + * WARNING: THIS IS EXPERIMENTAL SECURITY SOFTWARE THAT MUST NOT BE RELIED + * ON IN PRODUCTION SYSTEMS. IT WILL BREAK YOUR SOFTWARE IN NEW AND + * UNEXPECTED WAYS. + * + * This software was developed at the University of Cambridge Computer + * Laboratory with support from a grant from Google, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <sys/cdefs.h> +__FBSDID("$FreeBSD$"); + #include <sys/types.h> +#include <sys/uio.h> + +#include <err.h> #include <libcapability.h> +#include <stdlib.h> int main(int argc, char *argv[]) { struct lc_host *lchp; - ssize_t len; - char ch; + u_int32_t opno, seqno; + struct iovec iov; + u_char *buffer; + size_t len; if (lcs_get(&lchp) < 0) - return (-1); - len = lcs_recv(lchp, &ch, sizeof(ch), 0); - if (len != sizeof(ch)) - return (-2); - len = lcs_send(lchp, &ch, sizeof(ch), 0); - if (len != sizeof(ch)) - return (-3); - return (0); + errx(-1, "libcapability sandbox binary"); + + while (1) { + if (lcs_recvrpc(lchp, &opno, &seqno, &buffer, &len) < 0) + return (-2); + if (len != 1) + return (-3); + iov.iov_base = buffer; + iov.iov_len = 1; + if (lcs_sendrpc(lchp, opno, seqno, &iov, 1) < 0) + return (-4); + free(buffer); + } }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906111129.n5BBTU3K043258>