From owner-p4-projects@FreeBSD.ORG Wed Jun 10 12:15:15 2009 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 5D75B106566C; Wed, 10 Jun 2009 12:15:15 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 017DB1065679 for ; Wed, 10 Jun 2009 12:15:15 +0000 (UTC) (envelope-from jona@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id E33558FC22 for ; Wed, 10 Jun 2009 12:15:14 +0000 (UTC) (envelope-from jona@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n5ACFEww048463 for ; Wed, 10 Jun 2009 12:15:14 GMT (envelope-from jona@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n5ACFE4R048461 for perforce@freebsd.org; Wed, 10 Jun 2009 12:15:14 GMT (envelope-from jona@FreeBSD.org) Date: Wed, 10 Jun 2009 12:15:14 GMT Message-Id: <200906101215.n5ACFE4R048461@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to jona@FreeBSD.org using -f From: Jonathan Anderson To: Perforce Change Reviews Cc: Subject: PERFORCE change 163981 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jun 2009 12:15:16 -0000 http://perforce.freebsd.org/chv.cgi?CH=163981 Change 163981 by jona@jona-trustedbsd-belle-vm on 2009/06/10 12:14:24 user_angel can now handle multiple requests from multiple clients Affected files ... .. //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/Makefile#4 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/cap_exec.c#8 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/main.c#3 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/make-main.sh#3 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/Makefile#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.c#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.h#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/fdcomm.c#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/fdcomm.h#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/protocol.c#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/protocol.h#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/server.c#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/server.h#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/test_client.c#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/user_angel.c#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/user_angel.h#2 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/Makefile#4 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/cap_exec.c#8 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/main.c#3 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/make-main.sh#3 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/Makefile#2 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.c#2 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/cap.h#2 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/fdcomm.c#2 (text+ko) ==== @@ -119,7 +119,7 @@ } else if(bytes == 0) { - perror("Received 0 bytes"); + fprintf(stderr, "Socket closed\n"); return -1; } ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/fdcomm.h#2 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/protocol.c#2 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/protocol.h#2 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/server.c#2 (text+ko) ==== @@ -38,6 +38,7 @@ #include #include +#include #include #include #include @@ -54,33 +55,69 @@ int shutting_down = 0; char control_socket_name[256] = ""; +int *clients; +int clientslen; +int clientsmaxlen; + + void user_angel_server_shutdown(void) { shutting_down = 1; close(fd_control); unlink(control_socket_name); + + fd_control = 0; } int handle_request(int client, enum user_angel_request req); +int bind_to_path(const char *path); +void accept_client(int fd_server); +void service_clients(void); int run_server(const char* address) { + clientslen = 0; + clients = (int*) malloc (128 * sizeof(int)); + clientsmaxlen = 128; + strcpy(control_socket_name, address); printf("Creating control socket at %s...\n", control_socket_name); + fd_control = bind_to_path(control_socket_name); + if(fd_control < 0) + { + perror("Error binding control socket"); + return -1; + } + + + while(fd_control) + { + accept_client(fd_control); + service_clients(); + } + + user_angel_server_shutdown(); + + return 0; +} + + +int bind_to_path(const char *path) +{ struct sockaddr_un addr; addr.sun_family = AF_UNIX; strcpy(addr.sun_path, control_socket_name); - fd_control = socket(AF_UNIX, SOCK_STREAM, 0); - if(fd_control == 0) + int fd = socket(AF_UNIX, SOCK_STREAM, 0); + if(fd == 0) { if(shutting_down) return 0; @@ -89,7 +126,8 @@ return -1; } - if(bind(fd_control, (struct sockaddr*) &addr, sizeof(struct sockaddr_un))) + + if(bind(fd, (struct sockaddr*) &addr, sizeof(struct sockaddr_un))) { if(shutting_down) return 0; @@ -99,7 +137,7 @@ } - if(listen(fd_control, 10)) + if(listen(fd, 0)) { if(shutting_down) return 0; @@ -109,45 +147,84 @@ } - for(int i = 0; i < 3; i++) + // non-blocking socket I/O + int flags = fcntl(fd, F_GETFL, 0); + if(flags < 0) + { + perror("Error getting flags for control socket"); + return -1; + } + + if(fcntl(fd, F_SETFL, flags | O_NONBLOCK)) + { + perror("Error setting flags on control socket"); + return -1; + } + + + return fd; +} + + + +void accept_client(int fd_server) +{ + int client; + struct sockaddr_un clientaddr; + unsigned int clientaddrlen; + + client = accept(fd_server, (struct sockaddr*) &clientaddr, + &clientaddrlen); + + if(client < 0) + { + if(errno == EAGAIN) { usleep(1); return; } + if(shutting_down) return; + + perror("Error accepting client"); + return; + } + + printf("Accepted client: FD %i\n", client); + + clients[clientslen++] = client; + + if(clientslen == clientsmaxlen) { - int client; - struct sockaddr_un clientaddr; - unsigned int clientaddrlen; + int newsize = 2 * clientsmaxlen; + int *newclients = (int*) malloc(newsize * sizeof(int)); - client = accept(fd_control, (struct sockaddr*) &clientaddr, &clientaddrlen); - if(client <= 0) - { - if(shutting_down) return 0; + memcpy(newclients, clients, clientslen * sizeof(int)); + free(clients); + clients = newclients; + clientslen = newsize; + } +} - perror("Error accepting client"); - user_angel_server_shutdown(); - return -1; - } - printf("Accepted client: FD %i\n", client); +void service_clients(void) +{ + enum user_angel_request req; - enum user_angel_request req; + for(int i = 0; i < clientslen; i++) + { + int client = clients[i]; int bytes = get_int_from(client, (int*) &req); - if(bytes == 0) usleep(100); - else if(bytes > 0) + if(bytes > 0) { if(handle_request(client, req)) perror("Error handling client request"); } + else if((bytes == 0) && (errno == EAGAIN)) continue; else { - if(shutting_down) return 0; + if(shutting_down) return; - perror("Error recv()'ing from control pipe"); + perror("Error recv()'ing from client"); break; } } - - user_angel_server_shutdown(); - - return 0; } ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/server.h#2 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/test_client.c#2 (text+ko) ==== @@ -31,8 +31,8 @@ else if(pid == 0) return 0; // enter capability mode - if(cap_enter()) err(EX_SOFTWARE, "Failed to enter capability mode"); - else printf("Now operating in capability mode\n"); +// if(cap_enter()) err(EX_SOFTWARE, "Failed to enter capability mode"); +// else printf("Now operating in capability mode\n"); @@ -43,7 +43,7 @@ // make sure that we are, in fact, sandboxed if(open(path, O_RDONLY) < 0) printf("Sandbox is working\n"); - else err(EX_SOFTWARE, "Was able to open %s directly", path); + else fprintf(stderr, "Was able to open %s directly\n", path); // get the user angel to open the file for us @@ -60,7 +60,29 @@ // retrieve the file descriptor int fd = fd_recv(fd_control); - printf("Got file descriptor %i\n", fd); + if(fd >= 0) printf("Got file descriptor %i\n", fd); + else { fprintf(stderr, "Error receiving descriptor\n"); return 1; } + + + + path = "/etc/group"; + + // get the user angel to open the file for us + if(send(fd_control, &req, sizeof(int), 0) < 0) + err(EX_IOERR, "Error sending request type %i", req); + + if(send(fd_control, &len, sizeof(int), 0) < 0) + err(EX_IOERR, "Error sending path length %i", len); + + if(send(fd_control, path, len, 0) < 0) + err(EX_IOERR, "Error sending path '%s'", path); + + + + // retrieve the file descriptor + fd = fd_recv(fd_control); + if(fd >= 0) printf("Got file descriptor %i\n", fd); + else { fprintf(stderr, "Error receiving descriptor\n"); return 1; } char buf[40]; ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/user_angel.c#2 (text+ko) ==== ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/user_angel/user_angel.h#2 (text+ko) ====