From owner-svn-src-projects@FreeBSD.ORG  Sat Jan 30 20:42:27 2010
Return-Path: <owner-svn-src-projects@FreeBSD.ORG>
Delivered-To: svn-src-projects@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E11C61065695;
	Sat, 30 Jan 2010 20:42:26 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c])
	by mx1.freebsd.org (Postfix) with ESMTP id D03F28FC13;
	Sat, 30 Jan 2010 20:42:26 +0000 (UTC)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o0UKgQYP003055;
	Sat, 30 Jan 2010 20:42:26 GMT (envelope-from rwatson@svn.freebsd.org)
Received: (from rwatson@localhost)
	by svn.freebsd.org (8.14.3/8.14.3/Submit) id o0UKgQ2Y003052;
	Sat, 30 Jan 2010 20:42:26 GMT (envelope-from rwatson@svn.freebsd.org)
Message-Id: <201001302042.o0UKgQ2Y003052@svn.freebsd.org>
From: Robert Watson <rwatson@FreeBSD.org>
Date: Sat, 30 Jan 2010 20:42:26 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-projects@freebsd.org
X-SVN-Group: projects
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r203250 - projects/capabilities8/lib/libcapsicum
X-BeenThere: svn-src-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SVN commit messages for the src &quot; projects&quot;
	tree" <svn-src-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-projects>, 
	<mailto:svn-src-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-projects>
List-Post: <mailto:svn-src-projects@freebsd.org>
List-Help: <mailto:svn-src-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-projects>, 
	<mailto:svn-src-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Jan 2010 20:42:27 -0000

Author: rwatson
Date: Sat Jan 30 20:42:26 2010
New Revision: 203250
URL: http://svn.freebsd.org/changeset/base/203250

Log:
  Merge c173919 from the p4 TrustedBSD Capabilities branch to capabilities8:
  
    Enable libcapsicum_fdlist stuff, since the mmap panic is gone.
  
  Submitted by:	Jonathan Anderson <jonathan.anderson at cl.cam.ac.uk>

Modified:
  projects/capabilities8/lib/libcapsicum/libcapsicum_fdlist.c
  projects/capabilities8/lib/libcapsicum/libcapsicum_host.c

Modified: projects/capabilities8/lib/libcapsicum/libcapsicum_fdlist.c
==============================================================================
--- projects/capabilities8/lib/libcapsicum/libcapsicum_fdlist.c	Sat Jan 30 20:41:45 2010	(r203249)
+++ projects/capabilities8/lib/libcapsicum/libcapsicum_fdlist.c	Sat Jan 30 20:42:26 2010	(r203250)
@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_fdlist.c#3 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_fdlist.c#4 $
  */
 
 #include <sys/mman.h>
@@ -42,6 +42,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
 
 #include "libcapsicum_sandbox_api.h"
 
@@ -96,7 +97,6 @@ lc_fdlist_global(void) {
 	if (global_fdlist == NULL) {
 
 		char *env = getenv(LIBCAPABILITY_SANDBOX_FDLIST);
-		printf("%s: %s\n", LIBCAPABILITY_SANDBOX_FDLIST, env);
 
 		if ((env != NULL) && (strnlen(env, 8) < 7)) {
 
@@ -111,20 +111,13 @@ lc_fdlist_global(void) {
 			if (fd < 0)
 				return NULL;
 
-			printf("testing FD %i...", fd); fflush(stdout);
 			struct stat stats;
 			if (fstat(fd, &stats) < 0)
 				return NULL;
 
-			printf(" done. Size: %lu\n", stats.st_size);
-
-			printf("mapping FD %i... ", fd); fflush(stdout);
-			/*
 			global_fdlist = mmap(NULL, stats.st_size,
 			                     PROT_READ | PROT_WRITE,
-			                     MAP_NOSYNC | MAP_PRIVATE, fd, 0);
-			*/
-			printf(" done.\n");
+			                     MAP_NOSYNC | MAP_SHARED, fd, 0);
 		}
 	}
 
@@ -166,9 +159,12 @@ lc_fdlist_dup(struct lc_fdlist *orig) {
 	LOCK(orig);
 
 	int size = lc_fdlist_size(orig);
+	struct lc_fdlist *copy = NULL;
 
-	struct lc_fdlist *copy = malloc(size);
-	if (copy == NULL) return (NULL);
+	if (size > 0) {
+		copy = malloc(size);
+		if (copy != NULL) memcpy(copy, orig, size);
+	}
 
 	UNLOCK(orig);
 

Modified: projects/capabilities8/lib/libcapsicum/libcapsicum_host.c
==============================================================================
--- projects/capabilities8/lib/libcapsicum/libcapsicum_host.c	Sat Jan 30 20:41:45 2010	(r203249)
+++ projects/capabilities8/lib/libcapsicum/libcapsicum_host.c	Sat Jan 30 20:42:26 2010	(r203250)
@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_host.c#3 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_host.c#4 $
  */
 
 #include <sys/param.h>
@@ -153,7 +153,7 @@ lch_sandbox(int fd_sock, int fd_sandbox,
 	int *fd_array, fdcount;
 	struct sbuf *sbufp;
 	int shmfd, fdlistsize;
-	/*void *shm;*/
+	void *shm;
 	char fdliststr[8];
 	u_int i;
 
@@ -166,11 +166,7 @@ lch_sandbox(int fd_sock, int fd_sandbox,
 	if (ftruncate(shmfd, fdlistsize) < 0) return;
 
 
-	printf("%dB of memory to mmap\n", fdlistsize);
-
-
 	/* map it and copy the list */
-	/*
 	shm = mmap(NULL, fdlistsize, PROT_READ | PROT_WRITE,
 	           MAP_NOSYNC | MAP_SHARED, shmfd, 0);
 
@@ -178,8 +174,6 @@ lch_sandbox(int fd_sock, int fd_sandbox,
 	memcpy(shm, fds, fdlistsize);
 
 	if (munmap(shm, fdlistsize)) return;
-	*/
-