FreeBSD Mail Archives

Date:      Wed, 10 Jun 2009 15:30:40 GMT
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 164010 for review
Message-ID:  <200906101530.n5AFUeEO087735@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help

http://perforce.freebsd.org/chv.cgi?CH=164010

Change 164010 by rwatson@rwatson_freebsd_capabilities on 2009/06/10 15:29:51

	Provide an argv[] argument fo lch_start() so that arguments can be
	passed to the agent.
	
	Properly set up capability for libz.zo.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.3#4 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.h#6 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.c#5 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.3#4 (text+ko) ====

@@ -47,7 +47,7 @@
 .Ft int
 .Fn lc_limitfd "int fd" "cap_rights_t rights"
 .Ft int
-.Fn lch_start "const char *agent" "struct lc_agent **lcap"
+.Fn lch_start "const char *agent" "char *const argv[]" "struct lc_agent **lcap"
 .Ft void
 .Fn lch_stop "struct lc_agent *lcap"
 .Ft int

==== //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.h#6 (text+ko) ====

@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.h#5 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.h#6 $
  */
 
 #ifndef _LIBCAPABILITY_H_
@@ -47,7 +47,8 @@
 /*
  * Interfaces to start and stop capability mode agents.
  */
-int	lch_start(const char *agent, struct lc_agent **lcapp);
+int	lch_start(const char *agent, char *const argv[],
+	    struct lc_agent **lcapp);
 void	lch_stop(struct lc_agent *lcap);
 
 /*

==== //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.c#5 (text+ko) ====

@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.c#4 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.c#5 $
  */
 
 #include <sys/types.h>
@@ -139,7 +139,8 @@
 }
 
 static void
-lch_agent(int fd_sock, int fd_agent, int fd_ldso, int fd_libc, int fd_libz)
+lch_agent(int fd_sock, int fd_agent, int fd_ldso, int fd_libc, int fd_libz,
+    char *const argv[])
 {
 	char *env_caplibindex, *env_libcapability_agent_api;
 	int fd_array[8], fd_devnull;
@@ -158,6 +159,8 @@
 		return;
 	if (lc_limitfd(fd_libc, LIBCAPABILITY_CAPMASK_LIBC) < 0)
 		return;
+	if (lc_limitfd(fd_libz, LIBCAPABILITY_CAPMASK_LIBZ) < 0)
+		return;
 
 	fd_array[0] = fd_devnull;
 	fd_array[1] = fd_devnull;
@@ -196,11 +199,11 @@
 	if (cap_enter() < 0)
 		return;
 
-	(void)fexecve(5, ldso_argv, environ);
+	(void)fexecve(5, argv, environ);
 }
 
 int
-lch_start(const char *agent, struct lc_agent **lcapp)
+lch_start(const char *agent, char *const argv[], struct lc_agent **lcapp)
 {
 	struct lc_agent *lcap;
 	int fd_agent, fd_ldso, fd_libc, fd_libz, fd_procdesc, fd_sockpair[2];
@@ -249,7 +252,7 @@
 	}
 	if (pid == 0) {
 		lch_agent(fd_sockpair[1], fd_agent, fd_ldso, fd_libc,
-		    fd_libz);
+		    fd_libz, argv);
 		exit(-1);
 	}
 	close(fd_libz);

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906101530.n5AFUeEO087735>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation