From owner-p4-projects@FreeBSD.ORG  Thu Jul 30 17:42:42 2009
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 219E01065694; Thu, 30 Jul 2009 17:42:42 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CFAED106568B
	for <perforce@freebsd.org>; Thu, 30 Jul 2009 17:42:41 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id A1D608FC1B
	for <perforce@freebsd.org>; Thu, 30 Jul 2009 17:42:41 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n6UHgfkw098921
	for <perforce@freebsd.org>; Thu, 30 Jul 2009 17:42:41 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n6UHgfrc098919
	for perforce@freebsd.org; Thu, 30 Jul 2009 17:42:41 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Thu, 30 Jul 2009 17:42:41 GMT
Message-Id: <200907301742.n6UHgfrc098919@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 166810 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jul 2009 17:42:43 -0000

http://perforce.freebsd.org/chv.cgi?CH=166810

Change 166810 by rwatson@rwatson_freebsd_capabilities on 2009/07/30 17:42:09

	Improve commenting.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/fdrpc.c#5 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/fdrpc.c#5 (text+ko) ====

@@ -52,6 +52,9 @@
 
 #define	FDRPC_SANDBOX	"./fdrpc"
 
+/*
+ * Unsandboxed host process with full user rights.
+ */
 int
 main(int argc, char *argv[])
 {
@@ -65,10 +68,16 @@
 	if (argc != 1)
 		errx(-1, "usage: fdrpc_host");
 
-	if (lch_start(FDRPC_SANDBOX, fdrpc_argv, LCH_PERMIT_STDERR, &lcsp)
-	    < 0)
+	/*
+	 * Create a sandbox, do permit access to stderr.
+	 */
+	if (lch_start(FDRPC_SANDBOX, fdrpc_argv, LCH_PERMIT_STDERR, &lcsp) < 0)
 		err(-1, "lch_start %s", FDRPC_SANDBOX);
 
+	/*
+	 * Send a one-byte message to the sandbox and attach stdin as a
+	 * right.
+	 */
 	ch = 'X';		/* RPC data. */
 	fdcount = 1;
 	fd_send = STDIN_FILENO;
@@ -85,9 +94,17 @@
 		printf("lch_rpc_rights: OK\n");
 	else
 		printf("lch_rpc_rights: fdcount %d\n", fdcount);
+
+	/*
+	 * Terminate the sandbox when done.
+	 */
 	lch_stop(lcsp);
 }
 
+/*
+ * Sandboxed process implementing an 'echo' RPC that accepts and returns file
+ * descriptors to the host.
+ */
 int
 cap_main(int argc, char *argv[])
 {
@@ -101,7 +118,14 @@
 	if (lcs_get(&lchp) < 0)
 		err(-1, "lcs_get");
 
+	/*
+	 * Serve RPCs from the host until the sandbox is killed.
+	 */
 	while (1) {
+		/*
+		 * Receive an RPC from the host, along with up to one file
+		 * descriptor.
+		 */
 		fdcount = 1;
 		if (lcs_recvrpc_rights(lchp, &opno, &seqno, &buffer, &len,
 		    &fd, &fdcount) < 0) {
@@ -114,6 +138,12 @@
 			errx(-1, "lcs_recvrpc_rights: opno %d", opno);
 		if (fdcount != 1)
 			errx(-1, "lcs_recvrpc_rights: fdcount %d", fdcount);
+
+		/*
+		 * Reply with the same message and same file descriptor.
+		 * Remember to free the message and received descriptor when
+		 * done.
+		 */
 		iov.iov_len = len;
 		iov.iov_base = buffer;
 		if (lcs_sendrpc_rights(lchp, opno, seqno, &iov, 1, &fd,