PERFORCE change 164669 for review
Robert Watson
rwatson at FreeBSD.org
Thu Jun 18 15:37:11 UTC 2009
http://perforce.freebsd.org/chv.cgi?CH=164669
Change 164669 by rwatson at rwatson_freebsd_capabilities on 2009/06/18 15:36:56
Pass in specific libraries required for gzsandbox rather than
relying on libcapability passing in the right ones for us. In
the future the sandbox runtime linker will take care of this.
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/Makefile#4 edit
.. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#5 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/Makefile#4 (text+ko) ====
@@ -7,8 +7,8 @@
MAN= gzip.1 gzexe.1 zdiff.1 zforce.1 zmore.1 znew.1
SRCS= gzip.c gzsandbox.c
-DPADD= ${LIBZ} ${LIBCAPABILITY}
-LDADD= -lz -lcapability
+DPADD= ${LIBZ} ${LIBCAPABILITY} ${LIBSBUF}
+LDADD= -lz -lcapability -lsbuf
WARNS?= 6
CFLAGS+= -rdynamic # For sandbox cap_main
==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#5 (text+ko) ====
@@ -40,6 +40,7 @@
#include <err.h>
#include <errno.h>
+#include <fcntl.h>
#include <libcapability.h>
#include <limits.h>
#include <stdlib.h>
@@ -48,7 +49,21 @@
#include "gzip.h"
+#define LC_LIB_LIBZ_SO "/lib/libz.so.4"
+#define LC_LIBZ_SO "libz.so.4"
+
+#define LC_USR_LIB_LIBBZ2_SO "/usr/lib/libbz2.so.3"
+#define LC_LIBBZ2_SO "libbz2.so.3"
+
#define LC_USR_BIN_GZIP_SANDBOX "/usr/bin/gzip"
+
+struct lc_library gzsandbox_libs[] = {
+ { LC_LIB_LIBZ_SO, LC_LIBZ_SO, -1 },
+ { LC_USR_LIB_LIBBZ2_SO, LC_LIBBZ2_SO, -1 },
+};
+static const u_int gzsandbox_libs_count = sizeof(gzsandbox_libs) /
+ sizeof(gzsandbox_libs[0]);
+
static char *lc_sandbox_argv[] = { __DECONST(char *, LC_USR_BIN_GZIP_SANDBOX),
NULL };
@@ -63,9 +78,29 @@
static void
gzsandbox_initialize(void)
{
+ u_int i;
+ if (gzsandbox_initialized)
+ return;
+ gzsandbox_enabled = lch_autosandbox_isenabled("gzip");
gzsandbox_initialized = 1;
- gzsandbox_enabled = lch_autosandbox_isenabled("gzip");
+ if (!gzsandbox_enabled)
+ return;
+
+ /*
+ * If sandboxes are in use, open libraries that we'll require in the
+ * sandbox and kick it off.
+ */
+ for (i = 0; i < gzsandbox_libs_count; i++) {
+ gzsandbox_libs[i].lcl_fd =
+ open(gzsandbox_libs[i].lcl_libpath, O_RDONLY);
+ if (gzsandbox_libs[i].lcl_fd < 0)
+ err(-1, "open: %s", gzsandbox_libs[i].lcl_libname);
+ }
+ if (lch_start_libs(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv,
+ LCH_PERMIT_STDERR, gzsandbox_libs, gzsandbox_libs_count, &lcsp)
+ < 0)
+ err(-1, "lch_start %s", LC_USR_BIN_GZIP_SANDBOX);
}
struct host_gz_compress_req {
@@ -88,12 +123,6 @@
int fdarray[2];
size_t len;
- if (lcsp == NULL) {
- if (lch_start(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv,
- LCH_PERMIT_STDERR, &lcsp) < 0)
- err(-1, "lch_start %s", LC_USR_BIN_GZIP_SANDBOX);
- }
-
bzero(&req, sizeof(req));
strlcpy(req.hgc_req_origname, origname,
sizeof(req.hgc_req_origname));
@@ -144,8 +173,7 @@
uint32_t mtime)
{
- if (!gzsandbox_initialized)
- gzsandbox_initialize();
+ gzsandbox_initialize();
if (gzsandbox_enabled)
return (gz_compress_insandbox(in, out, gsizep, origname,
mtime));
@@ -174,12 +202,6 @@
int fdarray[2];
size_t len;
- if (lcsp == NULL) {
- if (lch_start(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv,
- LCH_PERMIT_STDERR, &lcsp) < 0)
- err(-1, "lch_start %s", LC_USR_BIN_GZIP_SANDBOX);
- }
-
bzero(&req, sizeof(req));
req.hgu_req_prelen = prelen;
strlcpy(req.hgu_req_filename, filename,
@@ -234,8 +256,7 @@
off_t *gsizep, const char *filename)
{
- if (!gzsandbox_initialized)
- gzsandbox_initialize();
+ gzsandbox_initialize();
if (gzsandbox_enabled)
return (gz_uncompress_insandbox(in, out, pre, prelen,
gsizep, filename));
@@ -263,12 +284,6 @@
int fdarray[2];
size_t len;
- if (lcsp == NULL) {
- if (lch_start(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv,
- LCH_PERMIT_STDERR, &lcsp) < 0)
- err(-1, "lch_start %s", LC_USR_BIN_GZIP_SANDBOX);
- }
-
bzero(&req, sizeof(req));
req.hub_req_prelen = prelen;
iov_req[0].iov_base = &req;
@@ -319,8 +334,7 @@
unbzip2_wrapper(int in, int out, char *pre, size_t prelen, off_t *bytes_in)
{
- if (!gzsandbox_initialized)
- gzsandbox_initialize();
+ gzsandbox_initialize();
if (gzsandbox_enabled)
return (unbzip2_insandbox(in, out, pre, prelen, bytes_in));
else
More information about the p4-projects
mailing list