Date: Tue, 30 Mar 2010 18:38:59 GMT From: Jonathan Anderson <jona@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 176294 for review Message-ID: <201003301838.o2UIcxm0000976@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/chv.cgi?CH=176294 Change 176294 by jona@jona-belle-freebsd8 on 2010/03/30 18:38:41 Farewell to cap_main() Affected files ... .. //depot/projects/trustedbsd/capabilities/src/lib/csu/amd64/crt1.c#7 edit .. //depot/projects/trustedbsd/capabilities/src/lib/csu/common/crtbrand.c#9 edit .. //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/Makefile#5 edit .. //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/crt1_c.c#4 edit .. //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/crt1_s.S#3 edit .. //depot/projects/trustedbsd/capabilities/src/libexec/rtld-elf/rtld.c#40 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/main.c#4 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/Makefile#3 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/fdlist.c#10 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/Makefile#5 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/fdrpc.c#9 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/Makefile#4 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/fdsendrecv.c#6 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/ld_libdirs/Makefile#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/ld_libdirs/ld_libdirs.c#2 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/Makefile#7 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#13 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/Makefile#3 edit .. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/sandbox_world.c#8 edit .. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/Makefile#10 edit .. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzip.c#10 edit .. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#15 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/lib/csu/amd64/crt1.c#7 (text+ko) ==== @@ -45,7 +45,6 @@ extern void _init(void); extern int main(int, char **, char **); extern void _start(char **, void (*)(void)); -extern void _capstart(char **, void (*)(void)); #ifdef GCRT extern void _mcleanup(void); @@ -94,41 +93,4 @@ exit( main(argc, argv, env) ); } -/* The Capsicum entry function. */ -void -_capstart(char **ap, void (*cleanup)(void)) -{ - int argc; - char **argv; - char **env; - const char *s; - - argc = *(long *)(void *)ap; - argv = ap + 1; - env = ap + 2 + argc; - environ = env; - if (argc > 0 && argv[0] != NULL) { - __progname = argv[0]; - for (s = __progname; *s != '\0'; s++) - if (*s == '/') - __progname = s + 1; - } - - if (&_DYNAMIC != NULL) - atexit(cleanup); - else - _init_tls(); - -#ifdef GCRT - atexit(_mcleanup); -#endif - atexit(_fini); -#ifdef GCRT -/* monstartup(&eprol, &etext);*/ -/*__asm__("eprol:");*/ /* JA hope and pray... */ -#endif - _init(); - exit( cap_main(argc, argv, env) ); -} - __asm__(".ident\t\"$FreeBSD: src/lib/csu/amd64/crt1.c,v 1.15 2005/10/07 22:13:17 bde Exp $\""); ==== //depot/projects/trustedbsd/capabilities/src/lib/csu/common/crtbrand.c#9 (text+ko) ==== @@ -52,12 +52,3 @@ __FreeBSD_version }; -extern int cap_main(int, char **, char **) __attribute__((weak)); -int cap_main(__unused int argc, __unused char **argv, __unused char **env) -{ - const char warning[] = - "ERROR: attempting to run a regular binary in capability mode!\n\nIf you want to run a binary in a sandbox, you must provide a cap_main() function, which takes the same arguments as main().\n"; - - write(2, warning, sizeof(warning)); - return (-1); -} ==== //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/Makefile#5 (text+ko) ==== @@ -20,13 +20,13 @@ crt1.o: crt1_c.o crt1_s.o ${LD} ${LDFLAGS} -o crt1.o -r crt1_s.o crt1_c.o - objcopy --localize-symbol _start1 --localize-symbol _capstart1 crt1.o + objcopy --localize-symbol _start1 crt1.o Scrt1_c.o: crt1_c.c ${CC} ${CFLAGS} -DGCRT -fPIC -DPIC -c -o Scrt1_c.o ${.CURDIR}/crt1_c.c Scrt1.o: Scrt1_c.o crt1_s.o ${LD} ${LDFLAGS} -o Scrt1.o -r crt1_s.o Scrt1_c.o - objcopy --localize-symbol _start1 --localize-symbol _capstart1 Scrt1.o + objcopy --localize-symbol _start1 Scrt1.o .include <bsd.prog.mk> ==== //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/crt1_c.c#4 (text+ko) ==== @@ -46,7 +46,6 @@ extern void _init(void); extern int main(int, char **, char **); extern void _start(char *, ...); -extern void _capstart(char *, ...); #ifdef GCRT extern void _mcleanup(void); @@ -59,7 +58,6 @@ const char *__progname = ""; void _start1(fptr, int, char *[]) __dead2; -void _capstart1(fptr, int, char *[]) __dead2; /* The entry function, C part. */ void @@ -96,37 +94,3 @@ __asm(".hidden _start1"); -/* The Capsicum entry function. */ -void -_capstart1(fptr cleanup, int argc, char *argv[]) -{ - char **env; - const char *s; - - env = argv + argc + 1; - environ = env; - if (argc > 0 && argv[0] != NULL) { - __progname = argv[0]; - for (s = __progname; *s != '\0'; s++) - if (*s == '/') - __progname = s + 1; - } - - if (&_DYNAMIC != NULL) - atexit(cleanup); - else - _init_tls(); - -#ifdef GCRT - atexit(_mcleanup); -#endif - atexit(_fini); -#ifdef GCRT -/* XXXCAP: monstartup(&eprol, &etext); */ -/* XXXCAP: __asm__("eprol:"); */ -#endif - _init(); - exit( cap_main(argc, argv, env) ); -} - -__asm(".hidden _capstart1"); ==== //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/crt1_s.S#3 (text+ko) ==== @@ -41,17 +41,4 @@ call _start1 .size _start, . - _start - .globl _capstart - .type _capstart, @function -_capstart: xorl %ebp,%ebp - pushl %ebp - movl %esp,%ebp - andl $0xfffffff0,%esp # align stack - leal 8(%ebp),%eax - pushl %eax # argv - pushl 4(%ebp) # argc - pushl %edx # rtld cleanup - call _capstart1 - .size _capstart, . - _capstart - .ident "$FreeBSD: src/lib/csu/i386-elf/crt1_s.S,v 1.1 2009/12/02 16:34:20 kib Exp $" ==== //depot/projects/trustedbsd/capabilities/src/libexec/rtld-elf/rtld.c#40 (text+ko) ==== @@ -106,9 +106,7 @@ static bool donelist_check(DoneList *, const Obj_Entry *); static void errmsg_restore(char *); static char *errmsg_save(void); -#ifdef IN_RTLD_CAP -static void *find_capstart(const Obj_Entry *); -#else +#ifndef IN_RTLD_CAP static void *fill_search_info(const char *, size_t, void *); static char *find_library(const char *, const Obj_Entry *); static const char *gethints(void); @@ -352,7 +350,6 @@ #ifdef IN_RTLD_CAP struct stat sb; Elf_Auxinfo aux_execfd; - void *capstart_ptr; #endif Elf_Auxinfo *aux_info[AT_COUNT]; int i; @@ -649,21 +646,7 @@ *exit_proc = rtld_exit; *objp = obj_main; -#ifdef IN_RTLD_CAP - /* - * If the object provides an alternative capability-mode specific entry - * point, prefer that to the ELF default entry point. Otherwise, use the - * ELF default. - */ - capstart_ptr = find_capstart(obj_main); - if (capstart_ptr == NULL) { - _rtld_error("_capstart not found; has the binary been compiled with -rdynamic?"); - die(); - } - return (func_ptr_type) capstart_ptr; -#else return (func_ptr_type) obj_main->entry; -#endif } Elf_Addr @@ -830,25 +813,6 @@ return (res4); } -#ifdef IN_RTLD_CAP -static void * -find_capstart(const Obj_Entry *obj) -{ - const char *capstart_str = "_capstart"; - const Elf_Sym *def; - const Obj_Entry *defobj; - unsigned long hash; - - hash = elf_hash(capstart_str); - def = symlook_default(capstart_str, hash, obj, &defobj, NULL, - SYMLOOK_IN_PLT); - if (def == NULL) - return (NULL); - if (ELF_ST_TYPE(def->st_info) != STT_FUNC) - return (NULL); - return (make_function_pointer(def, defobj)); -} -#endif static void die(void) ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/main.c#4 (text+ko) ==== @@ -4,9 +4,20 @@ #include <stdio.h> +int ld_insandbox(void); + +int +sandbox(int argc, char *argv[]) +{ + printf("pid %d cap_main(%d, %p)\n", getpid(), argc, argv); + return 0; +} + int main(int argc, char *argv[]) { + if (ld_insandbox()) return sandbox(argc, argv); + printf("pid %d main(%d, %p)\n", getpid(), argc, argv); if(opendir("./") == NULL) @@ -18,9 +29,3 @@ return 0; } -int -cap_main(int argc, char *argv[]) -{ - - printf("pid %d cap_main(%d, %p)\n", getpid(), argc, argv); -} ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/Makefile#3 (text+ko) ==== @@ -1,6 +1,6 @@ PROG=fdlist NO_MAN= -CFLAGS=-Wall -Werror -g -rdynamic +CFLAGS=-Wall -Werror -g DPADD= ${LIBCAPABILITY} ${LIBSBUF} LDADD= -lcapsicum -lsbuf ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/fdlist.c#10 (text+ko) ==== @@ -46,6 +46,8 @@ #include <unistd.h> +int ld_insandbox(void); +int sandbox(void); static void print_fdlist(struct lc_fdlist *lfp); @@ -59,6 +61,8 @@ struct lc_fdlist *lfp; int testfd; + if (ld_insandbox()) return sandbox(); + printf("fdlist: PID %d\n", getpid()); /* create an FD list and add some junk to it */ @@ -110,9 +114,9 @@ int -cap_main(__unused int argc, __unused char *argv[]) +sandbox() { - printf("cap_main() alive\n"); fflush(stdout); + printf("sandbox alive\n"); fflush(stdout); struct lc_fdlist *global_fdlist = lc_fdlist_global(); printf("Received FD list:\n"); fflush(stdout); ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/Makefile#5 (text+ko) ==== @@ -1,6 +1,6 @@ PROG=fdrpc NO_MAN= -CFLAGS=-Wall -g -rdynamic +CFLAGS=-Wall -g DPADD= ${LIBCAPABILITY} ${LIBSBUF} LDADD= -lcapsicum -lsbuf ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/fdrpc.c#9 (text+ko) ==== @@ -52,6 +52,9 @@ #define FDRPC_SANDBOX "./fdrpc" +int ld_insandbox(void); +int sandbox(void); + /* * Unsandboxed host process with full user rights. */ @@ -65,6 +68,8 @@ size_t len; char ch; + if (ld_insandbox()) return sandbox(); + if (argc != 1) errx(-1, "usage: fdrpc_host"); @@ -107,7 +112,7 @@ * descriptors to the host. */ int -cap_main(int argc, char *argv[]) +sandbox() { int fd, fdcount; struct lc_host *lchp; ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/Makefile#4 (text+ko) ==== @@ -1,6 +1,6 @@ PROG=fdsendrecv NO_MAN= -CFLAGS=-Wall -g -rdynamic +CFLAGS=-Wall -g DPADD= ${LIBCAPABILITY} ${LIBSBUF} LDADD= -lcapsicum -lsbuf ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/fdsendrecv.c#6 (text+ko) ==== @@ -48,6 +48,10 @@ #define FDSENDRECV_SANDBOX "fdsendrecv" +int ld_insandbox(void); +int sandbox(void); + + int main(int argc, char *argv[]) { @@ -56,6 +60,8 @@ int fdarray[2], fdcount; char ch; + if (ld_insandbox()) return sandbox(); + if (argc != 1) errx(-1, "usage: fdsendrecv_host"); @@ -86,7 +92,7 @@ } int -cap_main(int argc, char *argv[]) +sandbox() { struct lc_host *lchp; ssize_t len; ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/ld_libdirs/Makefile#2 (text+ko) ==== @@ -1,6 +1,6 @@ PROG=ld_libdirs NO_MAN= -CFLAGS=-Wall -g -rdynamic +CFLAGS=-Wall -g DPADD= ${LIBCAPABILITY} ${LIBSBUF} LDADD= -lcapsicum -lsbuf ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/ld_libdirs/ld_libdirs.c#2 (text+ko) ==== @@ -47,7 +47,10 @@ #include <unistd.h> -void print_fdlist(struct lc_fdlist*); +int ld_insandbox(void); +int sandbox(void); + +void print_fdlist(struct lc_fdlist*); int @@ -56,6 +59,8 @@ struct lc_sandbox *lcsp; char *sandbox_argv[3] = { argv[1], "sandbox", NULL }; + if (ld_insandbox()) return sandbox(); + for (int i = 0; i < 200; i++) { int size = i; int libdirs[size]; @@ -82,7 +87,7 @@ } int -cap_main(int argc, char *argv[]) +sandbox() { struct lcs_host *host; ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/Makefile#7 (text+ko) ==== @@ -1,6 +1,6 @@ PROG=sandbox_echo NO_MAN= -CFLAGS=-Wall -g -rdynamic +CFLAGS=-Wall -g DPADD= ${LIBCAPABILITY} ${LIBSBUF} LDADD= -lcapsicum -lsbuf ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#13 (text+ko) ==== @@ -47,6 +47,9 @@ #define MYNAME "sandbox_echo" + +int sandbox(int argc, char *argv[]); + int main(int argc, char *argv[]) { @@ -57,6 +60,8 @@ char ch; int i; + if(ld_insandbox()) return cap_main(argc, argv); + if (argc != 1) errx(-1, "usage: sandbox_echo"); @@ -84,7 +89,7 @@ } int -cap_main(int argc, char *argv[]) +sandbox(int argc, char *argv[]) { char *sandbox_argv[3] = { MYNAME, NULL }; struct lc_sandbox *lcsp; ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/Makefile#3 (text+ko) ==== @@ -1,6 +1,6 @@ PROG=sandbox_world NO_MAN= -CFLAGS=-Wall -g -rdynamic +CFLAGS=-Wall -g DPADD= ${LIBCAPABILITY} ${LIBSBUF} LDADD= -lcapsicum -lsbuf ==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/sandbox_world.c#8 (text+ko) ==== @@ -53,6 +53,9 @@ #define MYNAME "sandbox_world" /* Binary to run in sandbox. */ +int ld_insandbox(void); +int sandbox(void); + /* * Unsandboxed host process with full user rights. */ @@ -65,6 +68,8 @@ size_t len; char ch; + if (ld_insandbox()) return sandbox(); + if (argc != 1) errx(-1, "usage: sandbox_world"); @@ -99,7 +104,7 @@ * Sandboxed process implementing a 'printf hello world' RPC. */ int -cap_main(int argc, char *argv[]) +sandbox() { struct lc_host *lchp; u_int32_t opno, seqno; @@ -142,4 +147,6 @@ } free(buffer); } + + return 0; } ==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/Makefile#10 (text+ko) ==== @@ -9,7 +9,6 @@ DPADD= ${LIBZ} ${LIBCAPSICUM} LDADD= -lz -lcapsicum -CFLAGS+= -rdynamic # For sandbox cap_main .if ${MK_BZIP2_SUPPORT} != "no" DPADD+= ${LIBBZ2} ==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzip.c#10 (text+ko) ==== @@ -259,6 +259,11 @@ int main(int, char **p); +#ifndef NO_SANDBOX_SUPPORT +int ld_insandbox(void); +int gzsandbox(void); +#endif + #ifdef SMALL #define getopt_long(a,b,c,d,e) getopt(a,b,c) #else @@ -297,6 +302,10 @@ #endif int ch; +#ifndef NO_SANDBOX_SUPPORT + if (ld_insandbox()) return gzsandbox(); +#endif + /* XXX set up signals */ #ifndef SMALL ==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#15 (text+ko) ==== @@ -53,6 +53,8 @@ #ifndef NO_SANDBOX_SUPPORT +int gzsandbox(void); + static char *lc_sandbox_argv[] = { __DECONST(char *, LC_USR_BIN_GZIP_SANDBOX), NULL }; @@ -325,8 +327,7 @@ /* * Main entry point for capability-mode */ -int -cap_main(__unused int argc, __unused char *argv[]) +int gzsandbox(void) { int fdarray[2], fdcount; struct lc_host *lchp;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201003301838.o2UIcxm0000976>