Date: Mon, 12 Nov 2012 01:44:01 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 219755 for review Message-ID: <201211120144.qAC1i1AD039310@skunkworks.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@219755?ac=10 Change 219755 by rwatson@rwatson_zenith_cl_cam_ac_uk on 2012/11/12 01:43:30 Test implementation of multi-segment process sandboxing using CHERI on top of CheriBSD. Currently, just CJALR and CJR are used, rather than CCALL and CRETURN, so this is really just about memory protection rather than mutual distrust, but it appears to mostly work. A very simple sandbox API is implemented, which allows appropriately linked code to be loaded from disk and multiple sandboxes using that code to be instantiated, each to be invoked using a sandbox_invoke() function. Much future maturity will be found here at some point. Affected files ... .. //depot/projects/ctsrd/cheribsd/src/bin/cheritest/Makefile#2 edit .. //depot/projects/ctsrd/cheribsd/src/bin/cheritest/cheritest.c#7 edit .. //depot/projects/ctsrd/cheribsd/src/bin/cheritest/mips64/sandboxasm.S#1 add .. //depot/projects/ctsrd/cheribsd/src/bin/cheritest/sandbox.c#1 add .. //depot/projects/ctsrd/cheribsd/src/bin/cheritest/sandbox.h#1 add Differences ... ==== //depot/projects/ctsrd/cheribsd/src/bin/cheritest/Makefile#2 (text+ko) ==== @@ -1,7 +1,12 @@ # $FreeBSD$ PROG= cheritest -SRCS= cheritest.c +SRCS= cheritest.c sandbox.c sandboxasm.S NO_MAN=yes +FILES= sandboxasm.o +CLEANFILES= sandboxasm.o + +.PATH: ${.CURDIR}/${MACHINE_ARCH} + .include <bsd.prog.mk> ==== //depot/projects/ctsrd/cheribsd/src/bin/cheritest/cheritest.c#7 (text+ko) ==== @@ -42,6 +42,8 @@ #include <sysexits.h> #include <unistd.h> +#include "sandbox.h" + #define CHERI_CAPREG_PRINT(crn) do { \ register_t c_tag; \ register_t c_unsealed, c_perms, c_otype, c_base, c_length; \ @@ -68,6 +70,7 @@ fprintf(stderr, "cheritest listregs\n"); fprintf(stderr, "cheritest overrun\n"); fprintf(stderr, "cheritest sandbox\n"); + fprintf(stderr, "cheritest sandbox_invoke\n"); fprintf(stderr, "cheritest sleep\n"); fprintf(stderr, "cheritest unsandbox\n"); fprintf(stderr, "cheritest syscalltest\n"); @@ -150,6 +153,20 @@ } static void +cheritest_sandbox_invoke(void) +{ + struct sandbox *sb; + register_t v; + + if (sandbox_setup("/usr/libexec/cheritest-helper.bin", 1024*1024, + &sb) < 0) + err(1, "sandbox_setup"); + + v = sandbox_invoke(sb, 0, 0, 0, 0, NULL, NULL); + printf("%s: sandbox returned %ju\n", __func__, (uintmax_t)v); +} + +static void cheritest_unsandbox(void) { @@ -202,6 +219,8 @@ cheritest_overrun(); else if (strcmp(argv[i], "sandbox") == 0) cheritest_sandbox(); + else if (strcmp(argv[i], "sandbox_invoke") == 0) + cheritest_sandbox_invoke(); else if (strcmp(argv[i], "sleep") == 0) sleep(10); else if (strcmp(argv[i], "unsandbox") == 0)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201211120144.qAC1i1AD039310>