Date: Sat, 30 Jan 2010 18:14:01 +0000 (UTC) From: Robert Watson <rwatson@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r203205 - in projects/capabilities8: lib/libc/gen libexec/rtld-elf libexec/rtld-elf-cap Message-ID: <201001301814.o0UIE1pL068533@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rwatson Date: Sat Jan 30 18:14:01 2010 New Revision: 203205 URL: http://svn.freebsd.org/changeset/base/203205 Log: Merge c169401 from the p4 TrustedBSD Capabilities branch to capabilities8: Update further reference to LD_CAPLIBINDEX -> LD_LIBCACHE. Add public interface for inserting libraries into the library cache: ld_libcache_add(3), which is implemented by rtld when in a sandbox, and returns EOPNOTSUPP if not. Comment on two known limitations of the libcache code. Sponsored by: Google, Inc. Modified: projects/capabilities8/lib/libc/gen/Symbol.map projects/capabilities8/lib/libc/gen/ld_libcache.c projects/capabilities8/libexec/rtld-elf-cap/Symbol.map projects/capabilities8/libexec/rtld-elf-cap/rtld_libcache.c projects/capabilities8/libexec/rtld-elf/rtld.c Modified: projects/capabilities8/lib/libc/gen/Symbol.map ============================================================================== --- projects/capabilities8/lib/libc/gen/Symbol.map Sat Jan 30 18:11:41 2010 (r203204) +++ projects/capabilities8/lib/libc/gen/Symbol.map Sat Jan 30 18:14:01 2010 (r203205) @@ -340,6 +340,7 @@ FBSD_1.1 { fts_read; fts_set; fts_set_clientptr; + ld_libcache_add; ld_libcache_lookup; ld_insandbox; posix_spawn; Modified: projects/capabilities8/lib/libc/gen/ld_libcache.c ============================================================================== --- projects/capabilities8/lib/libc/gen/ld_libcache.c Sat Jan 30 18:11:41 2010 (r203204) +++ projects/capabilities8/lib/libc/gen/ld_libcache.c Sat Jan 30 18:14:01 2010 (r203205) @@ -33,6 +33,15 @@ #include <errno.h> +#pragma weak ld_libcache_add +int +ld_libcache_add(const char *libname, int fd) +{ + + errno = EOPNOTSUPP; + return (-1); +} + #pragma weak ld_libcache_lookup int ld_libcache_lookup(const char *libname, int *fdp) Modified: projects/capabilities8/libexec/rtld-elf-cap/Symbol.map ============================================================================== --- projects/capabilities8/libexec/rtld-elf-cap/Symbol.map Sat Jan 30 18:11:41 2010 (r203204) +++ projects/capabilities8/libexec/rtld-elf-cap/Symbol.map Sat Jan 30 18:14:01 2010 (r203205) @@ -3,6 +3,7 @@ */ FBSD_1.1 { + ld_libcache_add; ld_libcache_lookup; ld_insandbox; }; Modified: projects/capabilities8/libexec/rtld-elf-cap/rtld_libcache.c ============================================================================== --- projects/capabilities8/libexec/rtld-elf-cap/rtld_libcache.c Sat Jan 30 18:11:41 2010 (r203204) +++ projects/capabilities8/libexec/rtld-elf-cap/rtld_libcache.c Sat Jan 30 18:14:01 2010 (r203205) @@ -35,15 +35,20 @@ __FBSDID("$FreeBSD$"); /* - * When running in a capability sandbox, rtld-elf-cap will be passed a set of - * open file descriptors to potentially useful libraries, along with an index - * to these in the LD_CAPLIBINDEX environmental variable. These routines - * parse that index, and allow lookups by library name. A typical string - * might be: + * rtld maintains a cache of library file descriptors, which is passed from + * host to sandbox at exec()-time in order to avoid the need for direct file + * system access from within sandboxes. When rtld starts, it inspects + * LD_LIBCACHE to find library descriptors passed from the host. This + * variable maps file descriptor numbers to library names: * * 6:libc.so.7,7:libm.so.5 * * In the event of ambiguity, the earliest entry will be matched. + * + * XXXRW: There should be locking around the libcache list. + * + * XXXRW: ld_libcache_lookup() should dup the fd before returning it so that + * the caller is responsible for managing the returned fd reference. */ #include <sys/types.h> @@ -66,10 +71,27 @@ struct libcache_entry { static TAILQ_HEAD(, libcache_entry) ld_libcache_list = TAILQ_HEAD_INITIALIZER(ld_libcache_list); -static void -ld_libcache_add(const char *name, const char *fdnumber) +/* + * Add a library to the library cache. + */ +void +ld_libcache_add(const char *name, int fd) { struct libcache_entry *liep; + + liep = xmalloc(sizeof(*liep)); + liep->lie_name = xstrdup(name); + liep->lie_fd = fd; + TAILQ_INSERT_TAIL(&ld_libcache_list, liep, lie_list); +} + +/* + * Add a library to the library cache, with file descriptor passed as a + * string. Used internally when parsing LD_LIBCACHE. + */ +static void +ld_libcache_add_string(const char *name, const char *fdnumber) +{ long long l; char *endp; @@ -80,12 +102,14 @@ ld_libcache_add(const char *name, const if (l < 0 || l > INT_MAX || *endp != '\0') return; - liep = xmalloc(sizeof(*liep)); - liep->lie_name = xstrdup(name); - liep->lie_fd = l; - TAILQ_INSERT_TAIL(&ld_libcache_list, liep, lie_list); + ld_libcache_add(name, l); } +/* + * Given a library name, return its file descriptor (if defined). Arguably, + * we should dup the cache-owned fd rather than returning it directly to the + * caller. + */ int ld_libcache_lookup(const char *libname, int *fdp) { @@ -100,6 +124,9 @@ ld_libcache_lookup(const char *libname, return (-1); } +/* + * Initialize the library cache given the LD_LIBCACHE environmental variable. + */ void ld_libcache_init(const char *libcache) { @@ -111,7 +138,7 @@ ld_libcache_init(const char *libcache) fdnumber = strsep(&entry, ":"); if (fdnumber == NULL) continue; - ld_libcache_add(entry, fdnumber); + ld_libcache_add_string(entry, fdnumber); } free(libcache_tofree); } Modified: projects/capabilities8/libexec/rtld-elf/rtld.c ============================================================================== --- projects/capabilities8/libexec/rtld-elf/rtld.c Sat Jan 30 18:11:41 2010 (r203204) +++ projects/capabilities8/libexec/rtld-elf/rtld.c Sat Jan 30 18:14:01 2010 (r203205) @@ -245,6 +245,7 @@ static func_ptr_type exports[] = { (func_ptr_type) &_rtld_atfork_pre, (func_ptr_type) &_rtld_atfork_post, #ifdef IN_RTLD_CAP + (func_ptr_type) &ld_libcache_add, (func_ptr_type) &ld_libcache_lookup, (func_ptr_type) &ld_insandbox, #endif
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201001301814.o0UIE1pL068533>