Date: Thu, 18 Jun 2009 15:37:09 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 164669 for review Message-ID: <200906181537.n5IFb9j3036452@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=164669 Change 164669 by rwatson@rwatson_freebsd_capabilities on 2009/06/18 15:36:56 Pass in specific libraries required for gzsandbox rather than relying on libcapability passing in the right ones for us. In the future the sandbox runtime linker will take care of this. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/Makefile#4 edit .. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#5 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/Makefile#4 (text+ko) ==== @@ -7,8 +7,8 @@ MAN= gzip.1 gzexe.1 zdiff.1 zforce.1 zmore.1 znew.1 SRCS= gzip.c gzsandbox.c -DPADD= ${LIBZ} ${LIBCAPABILITY} -LDADD= -lz -lcapability +DPADD= ${LIBZ} ${LIBCAPABILITY} ${LIBSBUF} +LDADD= -lz -lcapability -lsbuf WARNS?= 6 CFLAGS+= -rdynamic # For sandbox cap_main ==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#5 (text+ko) ==== @@ -40,6 +40,7 @@ #include <err.h> #include <errno.h> +#include <fcntl.h> #include <libcapability.h> #include <limits.h> #include <stdlib.h> @@ -48,7 +49,21 @@ #include "gzip.h" +#define LC_LIB_LIBZ_SO "/lib/libz.so.4" +#define LC_LIBZ_SO "libz.so.4" + +#define LC_USR_LIB_LIBBZ2_SO "/usr/lib/libbz2.so.3" +#define LC_LIBBZ2_SO "libbz2.so.3" + #define LC_USR_BIN_GZIP_SANDBOX "/usr/bin/gzip" + +struct lc_library gzsandbox_libs[] = { + { LC_LIB_LIBZ_SO, LC_LIBZ_SO, -1 }, + { LC_USR_LIB_LIBBZ2_SO, LC_LIBBZ2_SO, -1 }, +}; +static const u_int gzsandbox_libs_count = sizeof(gzsandbox_libs) / + sizeof(gzsandbox_libs[0]); + static char *lc_sandbox_argv[] = { __DECONST(char *, LC_USR_BIN_GZIP_SANDBOX), NULL }; @@ -63,9 +78,29 @@ static void gzsandbox_initialize(void) { + u_int i; + if (gzsandbox_initialized) + return; + gzsandbox_enabled = lch_autosandbox_isenabled("gzip"); gzsandbox_initialized = 1; - gzsandbox_enabled = lch_autosandbox_isenabled("gzip"); + if (!gzsandbox_enabled) + return; + + /* + * If sandboxes are in use, open libraries that we'll require in the + * sandbox and kick it off. + */ + for (i = 0; i < gzsandbox_libs_count; i++) { + gzsandbox_libs[i].lcl_fd = + open(gzsandbox_libs[i].lcl_libpath, O_RDONLY); + if (gzsandbox_libs[i].lcl_fd < 0) + err(-1, "open: %s", gzsandbox_libs[i].lcl_libname); + } + if (lch_start_libs(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv, + LCH_PERMIT_STDERR, gzsandbox_libs, gzsandbox_libs_count, &lcsp) + < 0) + err(-1, "lch_start %s", LC_USR_BIN_GZIP_SANDBOX); } struct host_gz_compress_req { @@ -88,12 +123,6 @@ int fdarray[2]; size_t len; - if (lcsp == NULL) { - if (lch_start(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv, - LCH_PERMIT_STDERR, &lcsp) < 0) - err(-1, "lch_start %s", LC_USR_BIN_GZIP_SANDBOX); - } - bzero(&req, sizeof(req)); strlcpy(req.hgc_req_origname, origname, sizeof(req.hgc_req_origname)); @@ -144,8 +173,7 @@ uint32_t mtime) { - if (!gzsandbox_initialized) - gzsandbox_initialize(); + gzsandbox_initialize(); if (gzsandbox_enabled) return (gz_compress_insandbox(in, out, gsizep, origname, mtime)); @@ -174,12 +202,6 @@ int fdarray[2]; size_t len; - if (lcsp == NULL) { - if (lch_start(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv, - LCH_PERMIT_STDERR, &lcsp) < 0) - err(-1, "lch_start %s", LC_USR_BIN_GZIP_SANDBOX); - } - bzero(&req, sizeof(req)); req.hgu_req_prelen = prelen; strlcpy(req.hgu_req_filename, filename, @@ -234,8 +256,7 @@ off_t *gsizep, const char *filename) { - if (!gzsandbox_initialized) - gzsandbox_initialize(); + gzsandbox_initialize(); if (gzsandbox_enabled) return (gz_uncompress_insandbox(in, out, pre, prelen, gsizep, filename)); @@ -263,12 +284,6 @@ int fdarray[2]; size_t len; - if (lcsp == NULL) { - if (lch_start(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv, - LCH_PERMIT_STDERR, &lcsp) < 0) - err(-1, "lch_start %s", LC_USR_BIN_GZIP_SANDBOX); - } - bzero(&req, sizeof(req)); req.hub_req_prelen = prelen; iov_req[0].iov_base = &req; @@ -319,8 +334,7 @@ unbzip2_wrapper(int in, int out, char *pre, size_t prelen, off_t *bytes_in) { - if (!gzsandbox_initialized) - gzsandbox_initialize(); + gzsandbox_initialize(); if (gzsandbox_enabled) return (unbzip2_insandbox(in, out, pre, prelen, bytes_in)); else
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906181537.n5IFb9j3036452>