Date: Thu, 15 Nov 2012 22:03:57 GMT From: Brooks Davis <brooks@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 219800 for review Message-ID: <201211152203.qAFM3vK5077632@skunkworks.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@219800?ac=10 Change 219800 by brooks@brooks_zenith on 2012/11/15 22:03:17 Add a shared memory segment to keep the monitoring parent process apprised of the last slide that rendered successfully so we can resume. Detect cases when capsicum protects us from an exploit. Move this and the cheri detection to after rendering the reat of the slide. Right extend the title slides so the onboard display is completely filled with banners, etc. Affected files ... .. //depot/projects/ctsrd/cheribsd/src/ctsrd/cheripoint/cheripoint.c#7 edit Differences ... ==== //depot/projects/ctsrd/cheribsd/src/ctsrd/cheripoint/cheripoint.c#7 (text+ko) ==== @@ -30,6 +30,7 @@ #include <sys/cdefs.h> #include <sys/types.h> +#include <sys/mman.h> #include <sys/sysctl.h> #include <sys/wait.h> @@ -69,6 +70,8 @@ enum mtl_display_mode res = MTL_DM_720x480; static int zombies_waiting = 0; +int *slidep; + static uint32_t slide_fcol; static uint32_t slide_width; static uint32_t slide_height; @@ -372,6 +375,7 @@ render_cover(int dfd, const char *cover) { int pfd; + uint32_t r; struct iboxstate *is; printf("rendering cover\n"); @@ -393,6 +397,12 @@ } fb_post_region(__DEVOLATILE(uint32_t *, is->buffer), 0, 0, is->width, is->height); + if (is->width < (uint)fb_width) { + /* Right extend the image if needed */ + for (r = 0; r < is->height; r++) + fb_fill_region(is->buffer[((r + 1) * is->width) - 1], + is->width, r, fb_width - is->width, 1); + } if (sb_vis && sb != SB_NONE) fb_rectangle(red, 2, 0, 0, is->width, is->height); iboxstate_free(is); @@ -404,8 +414,11 @@ render_slide(int dfd, int slidenum, const char *slide) { int pfd; + int f_width, f_height; uint sv1, sv2; size_t olen; + char sntext[8]; + uint32_t *snimage, *save; uint32_t r, header_height; struct iboxstate *is; @@ -501,15 +514,6 @@ warnx("png_read_finish() failed for %s", slide); return (-1); } - if (sb == SB_CHERI) { - olen = sizeof(sv2); - sysctlbyname("security.cheri.syscall_violations", - &sv2, &olen, NULL, 0); - if (sv1 != sv2) - fb_dialog(FBDT_PINCH2CLOSE, black, white, black, - "Exploit Mitigated", - "CHERI prevented an exploit from running!"); - } fb_post_region(__DEVOLATILE(uint32_t *, is->buffer), slide_fcol + ((slide_width - is->width) / 2), header_height, is->width, is->height < slide_height ? is->height : slide_height); @@ -518,8 +522,62 @@ slide_fcol + ((slide_width - is->width) / 2), header_height, is->width, is->height < slide_height ? is->height : slide_height); + switch (sb) { + case SB_CAPSICUM: + if (is->error == 99) { + save = malloc(sizeof(uint32_t) * fb_width * fb_height); + if (save != NULL) + fb_save(save); + fb_dialog(FBDT_PINCH2CLOSE, black, white, black, + "Exploit Mitigated", + "Capsicum prevented an exploit\n" + "from gaining control!"); + if (save != NULL) { + fb_post(save); + free(save); + } + } + break; + case SB_CHERI: + olen = sizeof(sv2); + sysctlbyname("security.cheri.syscall_violations", + &sv2, &olen, NULL, 0); + if (sv1 != sv2) { + save = malloc(sizeof(uint32_t) * fb_width * fb_height); + if (save != NULL) + fb_save(save); + fb_dialog(FBDT_PINCH2CLOSE, black, white, black, + "Exploit Mitigated", + "CHERI prevented an exploit\n" + "from gaining control!"); + if (save != NULL) { + fb_post(save); + free(save); + } + } + break; + default: + break; + } iboxstate_free(is); + f_width = fb_get_font_width(); + f_height = fb_get_font_height(); + if ((uint)slidenum < (sizeof(sntext) - 1) * 10) { + snprintf(sntext, sizeof(sntext), "%d", slidenum); + if ((snimage = malloc(sizeof(uint32_t) * strlen(sntext) * + f_width * f_height)) == NULL) + warn("failed to malloc space for slide number"); + else + fb_render_text(sntext, 1, black, white, snimage, + f_width * strlen(sntext), f_height); + fb_post_region(snimage, + (slide_width / 2) - (f_width * strlen(sntext) / 2), + fb_height - f_height, + f_width * strlen(sntext), f_height); + free(snimage); + } + return (0); } @@ -697,8 +755,17 @@ fb_fade2on(); fb_load_syscons_font(NULL, "/usr/share/syscons/fonts/iso-8x16.fnt"); - if (forkflag) + if (forkflag) { + if ((slidep = mmap(NULL, sizeof(int), PROT_READ|PROT_WRITE, + MAP_ANON | MAP_SHARED, -1, 0)) == NULL) + err(1, "failed to allocate slide pointer"); + *slidep = 0; fork_child(); + } else { + if ((slidep = malloc(sizeof(int))) == NULL) + err(1, "failed to allocate slide pointer"); + *slidep = 0; + } busy_indicator(); set_display_mode(res); @@ -723,7 +790,7 @@ qsort(slides, nslides, sizeof(*slides), &strpcmp); qsort(covers, ncovers, sizeof(*covers), &strpcmp); - slide = 0; + slide = *slidep; for (;;) { if (slide == 0) { asprintf(&coverpat, "*-cover-%d.png", slide_width); @@ -736,6 +803,7 @@ render_cover(dirfd(dirp), covers[cover]); } else render_slide(dirfd(dirp), slide, slides[slide - 1]); + *slidep = slide; /* Update post success */ ts_drain(); nop: ts = ts_poll();
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201211152203.qAFM3vK5077632>