PERFORCE change 173856 for review

Thu Jan 28 19:23:21 UTC 2010

http://p4web.freebsd.org/chv.cgi?CH=173856

Change 173856 by jona at jona-capsicum-kent64 on 2010/01/28 19:23:18

	Added lc_fdlist_global() and tests, although there is no implementation.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum.h#3 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_fdlist.c#2 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/fdlist.c#4 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum.h#3 (text+ko) ====

@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum.h#2 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum.h#3 $
  */
 
 #ifndef _LIBCAPABILITY_H_
@@ -57,11 +57,12 @@
 /* A list of file descriptors, which can be passed around in shared memory */
 struct lc_fdlist;
 
-
 struct lc_fdlist*	lc_fdlist_new(void);
+struct lc_fdlist*	lc_fdlist_global(void);
 struct lc_fdlist*	lc_fdlist_dup(struct lc_fdlist *orig);
 void			lc_fdlist_free(struct lc_fdlist *l);
 
+
 /* Size of an FD list in bytes, including all associated string data */
 int	lc_fdlist_size(struct lc_fdlist *l);
 

==== //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_fdlist.c#2 (text+ko) ====

@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_fdlist.c#1 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapsicum/libcapsicum_fdlist.c#2 $
  */
 
 #include <errno.h>
@@ -81,6 +81,16 @@
 
 
 
+struct lc_fdlist *global_fdlist = NULL;
+
+
+struct lc_fdlist*
+lc_fdlist_global(void) {
+
+	return global_fdlist;
+}
+
+
 #define INITIAL_ENTRIES		16
 #define INITIAL_NAMEBYTES	(64 * INITIAL_ENTRIES)
 
@@ -143,6 +153,12 @@
 
 	struct lc_fdlist *l = *fdlist;
 
+	if (l == NULL) {
+
+		errno = EINVAL;
+		return -1;
+	}
+
 	LOCK(l);
 
 	/* do we need more entry space? */
@@ -258,6 +274,11 @@
                  const char *subsystem, const char *id, char **name, int *fdp,
                  int *pos) {
 
+	if (l == NULL) {
+		errno = EINVAL;
+		return -1;
+	}
+
 	LOCK(l);
 
 	int successful = 0;

==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/fdlist.c#4 (text+ko) ====

@@ -46,40 +46,31 @@
 #include <unistd.h>
 
 
+
+int add_junk(struct lc_fdlist**);
+int find_junk(struct lc_fdlist*);
+
+
 /*
  * Unsandboxed host process with full user rights.
  */
 int
 main(int argc, char *argv[])
 {
+	/* create an FD list and add some junk to it */
 	struct lc_fdlist *fds = lc_fdlist_new();
-	if (fds == NULL)
-		err(-1, "Error in lc_fdlist_new()");
+	if (fds == NULL) err(-1, "Error in lc_fdlist_new()");
 
 	lc_fdlist_add(&fds, "org.freebsd.Capsicum", "testfile",
 	              "/etc/passwd", open("/etc/passwd", O_RDONLY));
 	lc_fdlist_addcap(&fds, "org.freebsd.Capsicum", "testfile",
 	                 "/etc/group", open("/etc/group", O_RDONLY), CAP_READ);
 
-	for (int i = 0; i < 20; i++)
-		lc_fdlist_add(&fds, "org.freebsd.Capsicum", "testjunk",
-		              "garbage", 50 + i);
+	if (add_junk(&fds) < 0) err(-1, "Error in add_junk()");
+	if (find_junk(fds) < 0) err(-1, "Error in find_junk()");
 
-	int pos = 0;
-	for (int i = 0; i < 20; i++) {
-		char *name;
-		int value;
 
-		lc_fdlist_lookup(fds, "org.freebsd.Capsicum", "testjunk",
-		                 &name, &value, &pos);
-
-		if (strcmp("garbage", name))
-			warnx("i=%i\tGot '%s' instead of 'garbage'", i, name);
-
-		if (value != 50 + i)
-			warnx("i=%i\tGot 'FD' %i instead of %i", i, value, 50 + i);
-	}
-
+	/* copy it into a shared memory segment and see if it still works */
 	int shmfd = shm_open(SHM_ANON, O_RDWR, 0600);
 	if (shmfd < 0)
 		err(-1, "Error opening shared memory");
@@ -99,14 +90,67 @@
 
 
 	struct lc_fdlist *copy = (struct lc_fdlist*) shm;
+	if (find_junk(copy) < 0) err(-1, "Error in find_junk(copy)");
+
+	printf("OK\n");
+
+
+	/* run sandbox */
+	int me = open(argv[0], O_RDONLY);
+	if (me < 0) err(-1, "Error opening my own binary, '%s'", argv[0]);
+
+	char *sargv[] = { "fdlist-sandbox", NULL };
+	struct lc_sandbox *sandbox;
+
+	if (lch_startfd(me, "fdlist-sandbox", sargv,
+	                LCH_PERMIT_STDOUT | LCH_PERMIT_STDERR, fds, &sandbox))
+
+		err(-1, "Error starting sandbox");
+
+	sleep(1);
+	return 0;
+}
+
+
+
+int cap_main(__unused int argc, __unused char *argv[])
+{
+	printf("cap_main() alive\n"); fflush(stdout);
+
+	struct lc_fdlist *global_fdlist = lc_fdlist_global();
+	if (find_junk(global_fdlist) < 0)
+		err(-1, "Error in find_junk(global_fdlist)");
+
+	struct lc_fdlist *copy = lc_fdlist_dup(global_fdlist);
+	if (find_junk(copy) < 0)
+		err(-1, "Error in find_junk(copy)");
+
+	printf("OK\n");
+
+	return 0;
+}
+
 
-	pos = 0;
+int add_junk(struct lc_fdlist **fds)
+{
+	for (int i = 0; i < 20; i++)
+		if (lc_fdlist_add(fds, "org.freebsd.Capsicum", "testjunk",
+		                  "garbage", 50 + i) < 0)
+			return -1;
+
+	return 0;
+}
+
+int find_junk(struct lc_fdlist *fds)
+{
+	int pos = 0;
 	for (int i = 0; i < 20; i++) {
 		char *name;
 		int value;
 
-		lc_fdlist_lookup(copy, "org.freebsd.Capsicum", "testjunk",
-		                 &name, &value, &pos);
+		if (lc_fdlist_lookup(fds, "org.freebsd.Capsicum", "testjunk",
+		                     &name, &value, &pos) < 0)
+			return -1;
 
 		if (strcmp("garbage", name))
 			warnx("i=%i\tGot '%s' instead of 'garbage'", i, name);
@@ -115,10 +159,6 @@
 			warnx("i=%i\tGot 'FD' %i instead of %i", i, value, 50 + i);
 	}
 
-
-	printf("OK\n");
-
-
 	return 0;
 }
 
