PERFORCE change 164093 for review
Robert Watson
rwatson at FreeBSD.org
Thu Jun 11 11:29:32 UTC 2009
http://perforce.freebsd.org/chv.cgi?CH=164093
Change 164093 by rwatson at rwatson_freebsd_capabilities on 2009/06/11 11:28:40
Implement ping-ping test host/sandbox using lcrpc.
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/libcapability_exec/libcapability_exec.c#2 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#2 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/libcapability_exec/libcapability_exec.c#2 (text+ko) ====
@@ -35,6 +35,7 @@
__FBSDID("$FreeBSD$");
#include <sys/types.h>
+#include <sys/uio.h>
#include <err.h>
#include <fcntl.h>
@@ -48,8 +49,10 @@
{
struct lc_sandbox *lcsp;
char *sandbox_argv[2] = { argv[1], NULL };
- ssize_t len;
+ struct iovec iov;
+ size_t len;
char ch;
+ int i;
if (argc != 2)
errx(-1, "usage: libcapability_exec sandbox");
@@ -58,17 +61,21 @@
< 0)
err(-1, "lch_start %s", argv[1]);
- ch = 'X';
- len = lch_send(lcsp, &ch, sizeof(ch), 0);
- if (len != sizeof(ch))
- err(-1, "lch_send: returned len %d not expected", len);
-
- ch = 'Y';
- len = lch_recv(lcsp, &ch, sizeof(ch), 0);
- if (len != sizeof(ch))
- errx(-1, "lch_recv: returned len %d not expected", len);
- if (ch != 'X')
- errx(-1, "lch_recv: expected X and got %c", ch);
+ for (i = 0; i < 10; i++) {
+ ch = i;
+ iov.iov_base = &ch;
+ iov.iov_len = sizeof(ch);
+ if (lch_rpc(lcsp, 0, &iov, 1, &iov, 1, &len) < 0)
+ err(-1, "lch_rpc");
+ if (len != sizeof(ch))
+ errx(-1, "lch_rpc returned size %d not %d", len,
+ sizeof(ch));
+ if (ch != i)
+ errx(-1, "lch_recv: expected %d and got %d", i, ch);
+ printf(".");
+ fflush(stdout);
+ }
+ printf(" OK\n");
lch_stop(lcsp);
}
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#2 (text+ko) ====
@@ -1,20 +1,67 @@
+/*-
+ * Copyright (c) 2009 Robert N. M. Watson
+ * All rights reserved.
+ *
+ * WARNING: THIS IS EXPERIMENTAL SECURITY SOFTWARE THAT MUST NOT BE RELIED
+ * ON IN PRODUCTION SYSTEMS. IT WILL BREAK YOUR SOFTWARE IN NEW AND
+ * UNEXPECTED WAYS.
+ *
+ * This software was developed at the University of Cambridge Computer
+ * Laboratory with support from a grant from Google, Inc.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
#include <sys/types.h>
+#include <sys/uio.h>
+
+#include <err.h>
#include <libcapability.h>
+#include <stdlib.h>
int
main(int argc, char *argv[])
{
struct lc_host *lchp;
- ssize_t len;
- char ch;
+ u_int32_t opno, seqno;
+ struct iovec iov;
+ u_char *buffer;
+ size_t len;
if (lcs_get(&lchp) < 0)
- return (-1);
- len = lcs_recv(lchp, &ch, sizeof(ch), 0);
- if (len != sizeof(ch))
- return (-2);
- len = lcs_send(lchp, &ch, sizeof(ch), 0);
- if (len != sizeof(ch))
- return (-3);
- return (0);
+ errx(-1, "libcapability sandbox binary");
+
+ while (1) {
+ if (lcs_recvrpc(lchp, &opno, &seqno, &buffer, &len) < 0)
+ return (-2);
+ if (len != 1)
+ return (-3);
+ iov.iov_base = buffer;
+ iov.iov_len = 1;
+ if (lcs_sendrpc(lchp, opno, seqno, &iov, 1) < 0)
+ return (-4);
+ free(buffer);
+ }
}
More information about the p4-projects
mailing list