Date: Thu, 28 Jan 2010 19:23:20 GMT From: Jonathan Anderson <jona@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 173856 for review Message-ID: <201001281923.o0SJNKMu097006@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/chv.cgi?CH=173856 Change 173856 by jona@jona-capsicum-kent64 on 2010/01/28 19:23:18 Added lc_fdlist_global() and tests, although there is no implementation. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum.h#3 edit .. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_fdlist.c#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/fdlist.c#4 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum.h#3 (text+ko) ==== @@ -30,7 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum.h#2 $ + * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum.h#3 $ */ #ifndef _LIBCAPABILITY_H_ @@ -57,11 +57,12 @@ /* A list of file descriptors, which can be passed around in shared memory */ struct lc_fdlist; - struct lc_fdlist* lc_fdlist_new(void); +struct lc_fdlist* lc_fdlist_global(void); struct lc_fdlist* lc_fdlist_dup(struct lc_fdlist *orig); void lc_fdlist_free(struct lc_fdlist *l); + /* Size of an FD list in bytes, including all associated string data */ int lc_fdlist_size(struct lc_fdlist *l); ==== //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_fdlist.c#2 (text+ko) ==== @@ -30,7 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_fdlist.c#1 $ + * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_fdlist.c#2 $ */ #include <errno.h> @@ -81,6 +81,16 @@ +struct lc_fdlist *global_fdlist = NULL; + + +struct lc_fdlist* +lc_fdlist_global(void) { + + return global_fdlist; +} + + #define INITIAL_ENTRIES 16 #define INITIAL_NAMEBYTES (64 * INITIAL_ENTRIES) @@ -143,6 +153,12 @@ struct lc_fdlist *l = *fdlist; + if (l == NULL) { + + errno = EINVAL; + return -1; + } + LOCK(l); /* do we need more entry space? */ @@ -258,6 +274,11 @@ const char *subsystem, const char *id, char **name, int *fdp, int *pos) { + if (l == NULL) { + errno = EINVAL; + return -1; + } + LOCK(l); int successful = 0; ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/fdlist.c#4 (text+ko) ==== @@ -46,40 +46,31 @@ #include <unistd.h> + +int add_junk(struct lc_fdlist**); +int find_junk(struct lc_fdlist*); + + /* * Unsandboxed host process with full user rights. */ int main(int argc, char *argv[]) { + /* create an FD list and add some junk to it */ struct lc_fdlist *fds = lc_fdlist_new(); - if (fds == NULL) - err(-1, "Error in lc_fdlist_new()"); + if (fds == NULL) err(-1, "Error in lc_fdlist_new()"); lc_fdlist_add(&fds, "org.freebsd.Capsicum", "testfile", "/etc/passwd", open("/etc/passwd", O_RDONLY)); lc_fdlist_addcap(&fds, "org.freebsd.Capsicum", "testfile", "/etc/group", open("/etc/group", O_RDONLY), CAP_READ); - for (int i = 0; i < 20; i++) - lc_fdlist_add(&fds, "org.freebsd.Capsicum", "testjunk", - "garbage", 50 + i); + if (add_junk(&fds) < 0) err(-1, "Error in add_junk()"); + if (find_junk(fds) < 0) err(-1, "Error in find_junk()"); - int pos = 0; - for (int i = 0; i < 20; i++) { - char *name; - int value; - lc_fdlist_lookup(fds, "org.freebsd.Capsicum", "testjunk", - &name, &value, &pos); - - if (strcmp("garbage", name)) - warnx("i=%i\tGot '%s' instead of 'garbage'", i, name); - - if (value != 50 + i) - warnx("i=%i\tGot 'FD' %i instead of %i", i, value, 50 + i); - } - + /* copy it into a shared memory segment and see if it still works */ int shmfd = shm_open(SHM_ANON, O_RDWR, 0600); if (shmfd < 0) err(-1, "Error opening shared memory"); @@ -99,14 +90,67 @@ struct lc_fdlist *copy = (struct lc_fdlist*) shm; + if (find_junk(copy) < 0) err(-1, "Error in find_junk(copy)"); + + printf("OK\n"); + + + /* run sandbox */ + int me = open(argv[0], O_RDONLY); + if (me < 0) err(-1, "Error opening my own binary, '%s'", argv[0]); + + char *sargv[] = { "fdlist-sandbox", NULL }; + struct lc_sandbox *sandbox; + + if (lch_startfd(me, "fdlist-sandbox", sargv, + LCH_PERMIT_STDOUT | LCH_PERMIT_STDERR, fds, &sandbox)) + + err(-1, "Error starting sandbox"); + + sleep(1); + return 0; +} + + + +int cap_main(__unused int argc, __unused char *argv[]) +{ + printf("cap_main() alive\n"); fflush(stdout); + + struct lc_fdlist *global_fdlist = lc_fdlist_global(); + if (find_junk(global_fdlist) < 0) + err(-1, "Error in find_junk(global_fdlist)"); + + struct lc_fdlist *copy = lc_fdlist_dup(global_fdlist); + if (find_junk(copy) < 0) + err(-1, "Error in find_junk(copy)"); + + printf("OK\n"); + + return 0; +} + - pos = 0; +int add_junk(struct lc_fdlist **fds) +{ + for (int i = 0; i < 20; i++) + if (lc_fdlist_add(fds, "org.freebsd.Capsicum", "testjunk", + "garbage", 50 + i) < 0) + return -1; + + return 0; +} + +int find_junk(struct lc_fdlist *fds) +{ + int pos = 0; for (int i = 0; i < 20; i++) { char *name; int value; - lc_fdlist_lookup(copy, "org.freebsd.Capsicum", "testjunk", - &name, &value, &pos); + if (lc_fdlist_lookup(fds, "org.freebsd.Capsicum", "testjunk", + &name, &value, &pos) < 0) + return -1; if (strcmp("garbage", name)) warnx("i=%i\tGot '%s' instead of 'garbage'", i, name); @@ -115,10 +159,6 @@ warnx("i=%i\tGot 'FD' %i instead of %i", i, value, 50 + i); } - - printf("OK\n"); - - return 0; }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201001281923.o0SJNKMu097006>