Date: Tue, 4 Dec 2012 21:29:59 GMT From: Brooks Davis <brooks@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 219879 for review Message-ID: <201212042129.qB4LTx3x029482@skunkworks.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@219879?ac=10 Change 219879 by brooks@brooks_zenith on 2012/12/04 21:29:41 Double the speed of the CHERI sandbox case by reuseing the sandbox environment. This makes it faster than capsicum in the multiple file case (as with cheribrowser). Affected files ... .. //depot/projects/ctsrd/cheribsd/src/ctsrd/minifile/minifile.c#6 edit Differences ... ==== //depot/projects/ctsrd/cheribsd/src/ctsrd/minifile/minifile.c#6 (text+ko) ==== @@ -151,16 +151,15 @@ return type; } +static struct sandbox *sandbox; static struct chericap file_cap, magic_cap, out_cap; const char * -cheri_magic_descriptor(int mfd, int fd) +cheri_magic_descriptor(void *magicbuf, size_t magicsize, int fd) { register_t v; - size_t outsize, magicsize, filesize; + size_t outsize, filesize; char *filebuf = NULL; - void *magicbuf = NULL; - struct sandbox *sandbox; struct stat filesb, magicsb; static char outbuf[4096]; const char *type; @@ -174,14 +173,6 @@ CHERI_CANDPERM(10, 10, CHERI_PERM_STORE); CHERI_CSC(10, 0, &out_cap, 0); - if (fstat(mfd, &magicsb) == -1) - err(1, "fstat magic fd"); - magicsize = magicsb.st_size; - if ((magicbuf = mmap(NULL, magicsize, PROT_READ|PROT_WRITE, - MAP_PRIVATE, mfd, 0)) == MAP_FAILED) { - warn("mmap magic fd"); - goto error; - } CHERI_CINCBASE(10, 0, magicbuf); CHERI_CSETLEN(10, 10, magicsize); CHERI_CANDPERM(10, 10, CHERI_PERM_LOAD); @@ -200,30 +191,19 @@ CHERI_CANDPERM(10, 10, CHERI_PERM_LOAD); CHERI_CSC(10, 0, &file_cap, 0); - if (sandbox_setup("/usr/libexec/minifile-cheri.bin", 8*1024*1024, - &sandbox) < 0) - goto error; - v = sandbox_invoke(sandbox, outsize, magicsize, filesize, 0, &out_cap, &magic_cap, &file_cap, NULL, NULL, NULL, NULL); printf("%s: sandbox returned %ju\n", __func__, (uintmax_t)v); - sandbox_destroy(sandbox); - outsize = strnlen(outbuf, outsize); if (v == 0) { ttype = outbuf + outsize; strvisx(ttype, outbuf, outsize, 0); type = ttype; - } else { - ttype = outbuf + outsize; - strvisx(ttype, outbuf, outsize, 0); - type = ttype; - } + } else + type = "badmagic"; error: - if (munmap(magicbuf, magicsize) == -1) - warn("munmap magicbuf"); if (munmap(filebuf, filesize) == -1) warn("munmap filebuf"); @@ -237,9 +217,10 @@ void *magicbuf; const char *fname; int mfd, fd; + size_t magicsize; const char *type; struct magic_set *magic; - struct stat sb; + struct stat magicsb; while ((ch = getopt(argc, argv, "s:")) != -1) { switch(ch) { @@ -262,38 +243,42 @@ if (argc <= 0) usage(); + /* Open the magic file */ mfd = open(MAGIC_FILE, O_RDONLY); - if (mfd == -1) { - warn("open(%s)", MAGIC_FILE); - magic_close(magic); - exit(1); - } + if (mfd == -1) + err(1, "open(%s)", MAGIC_FILE); - if (sbtype == SB_NONE) { - magic = magic_open(MAGIC_MIME_TYPE); - if (magic == NULL) - errx(1, "magic_open()"); - if (fstat(mfd, &sb) == -1) { + /* For the NONE and CHERI cases, pre-map the file */ + if (sbtype == SB_NONE || sbtype == SB_CHERI) { + if (fstat(mfd, &magicsb) == -1) { warn("fstat(%s)", MAGIC_FILE); - magic_close(magic); exit(1); } - magicbuf = mmap(NULL, sb.st_size, PROT_READ|PROT_WRITE, - MAP_PRIVATE, mfd, 0); - if (magicbuf == MAP_FAILED) { + magicsize = magicsb.st_size; + if ((magicbuf = mmap(NULL, magicsize, PROT_READ|PROT_WRITE, + MAP_PRIVATE, mfd, 0)) == MAP_FAILED) { warn("mmap(%s)", MAGIC_FILE); magic_close(magic); exit(1); } - close(mfd); - if (magic_load_buffers(magic, &magicbuf, &sb.st_size, 1) == - -1) { + } + + if (sbtype == SB_NONE) { + magic = magic_open(MAGIC_MIME_TYPE); + if (magic == NULL) + errx(1, "magic_open()"); + if (magic_load_buffers(magic, &magicbuf, &magicsize, 1) == -1) { warnx("magic_load() %s", magic_error(magic)); magic_close(magic); exit(1); } } + if (sbtype == SB_CHERI) + if (sandbox_setup("/usr/libexec/minifile-cheri.bin", 8*1024*1024, + &sandbox) < 0) + err(1, "can't create cheri sandbox"); + for (; argc >= 1; argc--, argv++) { fname = argv[0]; fd = open(fname, O_RDONLY); @@ -311,7 +296,7 @@ errx(1, "capsicum_magic_descriptor()"); break; case SB_CHERI: - type = cheri_magic_descriptor(mfd, fd); + type = cheri_magic_descriptor(magicbuf, magicsize, fd); if (type == NULL) errx(1, "cheri_magic_descriptor()"); break; @@ -321,4 +306,7 @@ close(fd); printf("%s: %s\n", fname, type); } + + if (sbtype == SB_CHERI) + sandbox_destroy(sandbox); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201212042129.qB4LTx3x029482>