PERFORCE change 174160 for review

Tue Feb 2 17:14:19 UTC 2010

http://p4web.freebsd.org/chv.cgi?CH=174160

Change 174160 by rwatson at rwatson_vimage_client on 2010/02/02 17:14:13

	Garbage collect historic library management for sandboxes: we now
	pass in directory descriptors for library path directories and the
	sandboxed rtld can just search the path itself.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_host.c#13 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_host.c#13 (text+ko) ====

@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_host.c#12 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_host.c#13 $
  */
 
 #include <sys/param.h>
@@ -63,18 +63,11 @@
 					    CAP_MAPEXEC)
 #define	LIBCAPSICUM_CAPMASK_SANDBOX	LIBCAPSICUM_CAPMASK_BIN
 #define	LIBCAPSICUM_CAPMASK_LDSO	LIBCAPSICUM_CAPMASK_BIN
-#define	LIBCAPSICUM_CAPMASK_LIB		LIBCAPSICUM_CAPMASK_BIN
-#define LIBCAPSICUM_CAPMASK_LIBDIR	LIBCAPSICUM_CAPMASK_LIB \
+#define LIBCAPSICUM_CAPMASK_LIBDIR	LIBCAPSICUM_CAPMASK_BIN \
 					 | CAP_LOOKUP | CAP_ATBASE
 #define LIBCAPSICUM_CAPMASK_FDLIST	CAP_READ | CAP_WRITE | CAP_FTRUNCATE \
 					 | CAP_FSTAT | CAP_MMAP
 
-#define	_PATH_LIB	"/lib"
-#define	_PATH_USR_LIB	"/usr/lib"
-#define	LIBC_SO		"libc.so.7"
-#define	LIBCAPSICUM_SO	"libcapsicum.so.1"
-#define	LIBSBUF_SO	"libsbuf.so.5"
-
 extern char **environ;
 
 #define LD_ELF_CAP_SO		"ld-elf-cap.so.1"
@@ -272,17 +265,17 @@
 }
 
 int
-lch_startfd_libs(int fd_binary, const char *binname, char *const argv[],
+lch_startfd(int fd_binary, const char *binname, char *const argv[],
     u_int flags, struct lc_fdlist *fds, struct lc_sandbox **lcspp)
 {
 	struct lc_sandbox *lcsp;
-	int fd_devnull, fd_rtld, fd_libc, fd_libcapsicum, fd_libsbuf;
+	int fd_devnull, fd_rtld;
 	int fd_procdesc, fd_sockpair[2];
 	int error, val;
 	pid_t pid;
 
-	fd_devnull = fd_rtld = fd_libc = fd_libcapsicum = fd_libsbuf =
-	    fd_procdesc = fd_sockpair[0] = fd_sockpair[1] = -1;
+	fd_devnull = fd_rtld = fd_procdesc = fd_sockpair[0] =
+	    fd_sockpair[1] = -1;
 
 	lcsp = malloc(sizeof(*lcsp));
 	if (lcsp == NULL)
@@ -292,13 +285,6 @@
 	if (ld_insandbox()) {
 		if (ld_libcache_lookup(LD_ELF_CAP_SO, &fd_rtld) < 0)
 			goto out_error;
-		if (ld_libcache_lookup(LIBC_SO, &fd_libc) < 0)
-			goto out_error;
-		if (ld_libcache_lookup(LIBCAPSICUM_SO,
-		    &fd_libcapsicum) < 0)
-			goto out_error;
-		if (ld_libcache_lookup(LIBSBUF_SO, &fd_libsbuf) < 0)
-			goto out_error;
 		if (ld_libcache_lookup(_PATH_DEVNULL, &fd_devnull) < 0)
 			goto out_error;
 	} else {
@@ -306,16 +292,6 @@
 		    O_RDONLY);
 		if (fd_rtld < 0)
 			goto out_error;
-		fd_libc = open(_PATH_LIB "/" LIBC_SO, O_RDONLY);
-		if (fd_libc < 0)
-			goto out_error;
-		fd_libsbuf = open(_PATH_LIB "/" LIBSBUF_SO, O_RDONLY);
-		if (fd_libsbuf < 0)
-			goto out_error;
-		fd_libcapsicum = open(_PATH_USR_LIB "/" LIBCAPSICUM_SO,
-		    O_RDONLY);
-		if (fd_libcapsicum < 0)
-			goto out_error;
 		fd_devnull = open(_PATH_DEVNULL, O_RDWR);
 		if (fd_devnull < 0)
 			goto out_error;
@@ -343,9 +319,6 @@
 	}
 #ifndef IN_CAP_MODE
 	close(fd_devnull);
-	close(fd_libsbuf);
-	close(fd_libcapsicum);
-	close(fd_libc);
 	close(fd_rtld);
 #endif
 	close(fd_sockpair[1]);
@@ -366,12 +339,6 @@
 #ifndef IN_CAP_MODE
 	if (fd_devnull != -1)
 		close(fd_devnull);
-	if (fd_libsbuf != -1)
-		close(fd_libsbuf);
-	if (fd_libcapsicum != -1)
-		close(fd_libcapsicum);
-	if (fd_libc != -1)
-		close(fd_libc);
 	if (fd_rtld != -1)
 		close(fd_rtld);
 #endif
@@ -382,16 +349,7 @@
 }
 
 int
-lch_startfd(int fd_binary, const char *binname, char *const argv[],
-    u_int flags, struct lc_fdlist *fds, struct lc_sandbox **lcspp)
-{
-
-	return (lch_startfd_libs(fd_binary, binname, argv, flags, fds,
-	    lcspp));
-}
-
-int
-lch_start_libs(const char *sandbox, char *const argv[], u_int flags,
+lch_start(const char *sandbox, char *const argv[], u_int flags,
     struct lc_fdlist *fds, struct lc_sandbox **lcspp)
 {
 	char binname[MAXPATHLEN];
@@ -404,21 +362,13 @@
 	if (fd_binary < 0)
 		return (-1);
 
-	ret = lch_startfd_libs(fd_binary, binname, argv, flags, fds, lcspp);
+	ret = lch_startfd(fd_binary, binname, argv, flags, fds, lcspp);
 	error = errno;
 	close(fd_binary);
 	errno = error;
 	return (ret);
 }
 
-int
-lch_start(const char *sandbox, char *const argv[], u_int flags,
-    struct lc_fdlist *fds, struct lc_sandbox **lcspp)
-{
-
-	return (lch_start_libs(sandbox, argv, flags, fds, lcspp));
-}
-
 void
 lch_stop(struct lc_sandbox *lcsp)
 {
