PERFORCE change 164660 for review

Robert Watson rwatson at FreeBSD.org
Thu Jun 18 11:24:50 UTC 2009 

http://perforce.freebsd.org/chv.cgi?CH=164660

Change 164660 by rwatson at rwatson_freebsd_capabilities on 2009/06/18 11:24:33

	Collapse lch_start_flags/lch_startfd_flags into lch_start/
	lch_startfd, since we seem to almost always use them that way.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/Makefile#15 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.h#21 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.3#8 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.c#18 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/fdrpc.c#4 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/fdsendrecv.c#3 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#8 edit
.. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#4 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/lib/libcapability/Makefile#15 (text+ko) ====

@@ -23,9 +23,7 @@
 MLINKS=	libcapability.3 lc_limitfd.3		\
 	libcapability_host.3 lch_autosandbox_isenabled.3	\
 	libcapability_host.3 lch_start.3	\
-	libcapability_host.3 lch_start_flags.3	\
 	libcapability_host.3 lch_startfd.3	\
-	libcapability_host.3 lch_startfd_flags.3	\
 	libcapability_host.3 lch_stop.3		\
 	libcapability_host.3 lch_getsock.3	\
 	libcapability_host.3 lch_getpid.3	\

==== //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.h#21 (text+ko) ====

@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.h#20 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability.h#21 $
  */
 
 #ifndef _LIBCAPABILITY_H_
@@ -53,14 +53,10 @@
 /*
  * Interfaces to start and stop capability mode sandboxs.
  */
-int	lch_start(const char *sandbox, char *const argv[],
-	    struct lc_sandbox **lcspp);
-int	lch_start_flags(const char *sandbox, char *const argv[], u_int flags,
+int	lch_start(const char *sandbox, char *const argv[], u_int flags,
 	    struct lc_sandbox **lcspp);
 int	lch_startfd(int fd_sandbox, const char *binname, char *const argv[],
-	    struct lc_sandbox **lcspp);
-int	lch_startfd_flags(int fd_sandbox, const char *binname,
-	    char *const argv[], u_int flags, struct lc_sandbox **lcspp);
+	    u_int flags, struct lc_sandbox **lcspp);
 void	lch_stop(struct lc_sandbox *lcsp);
 
 /*

==== //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.3#8 (text+ko) ====

@@ -45,13 +45,9 @@
 .In sys/capability.h
 .In libcapability.h
 .Ft int
-.Fn lch_start "const char *sandbox" "char *const argv[]" "struct lc_sandbox **lcsp"
+.Fn lch_start "const char *sandbox" "char *const argv[]" "u_int flags" "struct lc_sandbox **lcsp"
 .Ft int
-.Fn lch_start_flags "const char *sandbox" "char *const argv[]" "u_int flags" "struct lc_sandbox **lcsp"
-.Ft int
-.Fn lch_startfd "int fd_sandbox" "char *const argv[]" "struct lc_sandbox **lcsp"
-.Ft int
-.Fn lch_startfd_flags "int fd_sandbox" "char *const argv[]" "u_int flags" "struct lc_sandbox **lcsp"
+.Fn lch_startfd "int fd_sandbox" "char *const argv[]" "u_int flags" "struct lc_sandbox **lcsp"
 .Ft void
 .Fn lch_stop "struct lc_sandbox *lcsp"
 .Ft int
@@ -104,34 +100,28 @@
 .Dv lch_ .
 .Pp
 Each executing sandbox instance is described by an opaque
-.Dt "struct lc_sandbox" ,
+.Dt "struct lc_sandbox *" ,
 which is returned by
 .Fn lch_start
-and
-.Fn lch_start_flags
 for successfully started sandboxes, and passed into other APIs to indicate
 which sandbox should be acted on.
-Both calls create new executing sandboxes, given the name of the sandbox
-binary via
+.Fn lch_start
+creates a new executing sandboxes, given the name of the sandbox binary via
 .Va sandbox ,
 and command line arguments
-.Va argv .
-.Pp
-.Fn lch_start_flags
-accepts an optional flags field to fine-tune aspects of sandbox operation;
-the only currently defined flag is
+.Va argv ,
+and optional flags
+.Va flags
+to fine-tune aspects of sandbox operation; the only currently defined flag is
 .Dv LCH_PERMIT_STDERR ,
 which allows the sandbox to write to the current process's
 .Dv stderr .
 By default, this is not permitted.
 .Pp
-Two further variations to start sandboxes are also defined,
 .Fn lch_startfd
-and
-.Fn lch_startfd_flags ,
-which accept a file descriptor argument,
+accept a file descriptor argument,
 .Va fd_sandbox ,
-rather than a path.
+rather than a path, so is appropriate for use within a sandbox.
 .Pp
 Executing sandboxes may be stopped (and all state freed) using
 .Fn lch_stop .

==== //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.c#18 (text+ko) ====

@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.c#17 $
+ * $P4: //depot/projects/trustedbsd/capabilities/src/lib/libcapability/libcapability_host.c#18 $
  */
 
 #include <sys/param.h>
@@ -223,7 +223,7 @@
 }
 
 int
-lch_startfd_flags(int fd_sandbox, const char *binname, char *const argv[],
+lch_startfd(int fd_sandbox, const char *binname, char *const argv[],
     u_int flags, struct lc_sandbox **lcspp)
 {
 	struct lc_sandbox *lcsp;
@@ -338,17 +338,9 @@
 }
 
 int
-lch_startfd(int fd_sandbox, const char *binname, char *const argv[],
+lch_start(const char *sandbox, char *const argv[], u_int flags,
     struct lc_sandbox **lcspp)
 {
-
-	return (lch_startfd_flags(fd_sandbox, binname, argv, 0, lcspp));
-}
-
-int
-lch_start_flags(const char *sandbox, char *const argv[], u_int flags,
-    struct lc_sandbox **lcspp)
-{
 	char binname[MAXPATHLEN];
 	int error, fd_sandbox, ret;
 
@@ -359,20 +351,13 @@
 	if (fd_sandbox < 0)
 		return (-1);
 
-	ret = lch_startfd_flags(fd_sandbox, binname, argv, flags, lcspp);
+	ret = lch_startfd(fd_sandbox, binname, argv, flags, lcspp);
 	error = errno;
 	close(fd_sandbox);
 	errno = error;
 	return (ret);
 }
 
-int
-lch_start(const char *sandbox, char *const argv[], struct lc_sandbox **lcspp)
-{
-
-	return (lch_start_flags(sandbox, argv, 0, lcspp));
-}
-
 void
 lch_stop(struct lc_sandbox *lcsp)
 {

==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/fdrpc.c#4 (text+ko) ====

@@ -65,8 +65,8 @@
 	if (argc != 1)
 		errx(-1, "usage: fdrpc_host");
 
-	if (lch_start_flags(FDRPC_SANDBOX, fdrpc_argv, LCH_PERMIT_STDERR,
-	    &lcsp) < 0)
+	if (lch_start(FDRPC_SANDBOX, fdrpc_argv, LCH_PERMIT_STDERR, &lcsp)
+	    < 0)
 		err(-1, "lch_start %s", FDRPC_SANDBOX);
 
 	ch = 'X';		/* RPC data. */

==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/fdsendrecv.c#3 (text+ko) ====

@@ -59,8 +59,8 @@
 	if (argc != 1)
 		errx(-1, "usage: fdsendrecv_host");
 
-	if (lch_start_flags(FDSENDRECV_SANDBOX, fdsendrecv_argv,
-	    LCH_PERMIT_STDERR, &lcsp) < 0)
+	if (lch_start(FDSENDRECV_SANDBOX, fdsendrecv_argv, LCH_PERMIT_STDERR,
+	    &lcsp) < 0)
 		err(-1, "lch_start %s", FDSENDRECV_SANDBOX);
 
 	/*

==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#8 (text+ko) ====

@@ -60,8 +60,7 @@
 	if (argc != 1)
 		errx(-1, "usage: sandbox_echo");
 
-	if (lch_start_flags(MYNAME, sandbox_argv, LCH_PERMIT_STDERR, &lcsp)
-	    < 0)
+	if (lch_start(MYNAME, sandbox_argv, LCH_PERMIT_STDERR, &lcsp) < 0)
 		err(-1, "lch_start %s", argv[1]);
 
 	for (i = 0; i < 10; i++) {
@@ -103,13 +102,12 @@
 	 * requests to it.  Otherwise, service the requests in this sandbox.
 	 */
 	if (argc > 1 && strcmp(argv[1], "nested") == 0) {
-
 		if (ld_caplibindex_lookup(MYNAME, &fd) < 0)
 			err(-10, "ld_caplibindex_lookup(%s)", MYNAME);
 
-		if (lch_startfd_flags(fd, MYNAME, sandbox_argv,
-		    LCH_PERMIT_STDERR, &lcsp) < 0)
-                	err(-1, "lch_start %s", argv[1]);
+		if (lch_startfd(fd, MYNAME, sandbox_argv, LCH_PERMIT_STDERR,
+		    &lcsp) < 0)
+                	err(-1, "lch_startfd %s", argv[1]);
 		while (1) {
 			if (lcs_recvrpc(lchp, &opno, &seqno, &buffer, &len)
 			    < 0) {

==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#4 (text+ko) ====

@@ -89,7 +89,7 @@
 	size_t len;
 
 	if (lcsp == NULL) {
-		if (lch_start_flags(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv,
+		if (lch_start(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv,
 		    LCH_PERMIT_STDERR, &lcsp) < 0)
 			err(-1, "lch_start %s", LC_USR_BIN_GZIP_SANDBOX);
 	}
@@ -175,7 +175,7 @@
 	size_t len;
 
 	if (lcsp == NULL) {
-		if (lch_start_flags(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv,
+		if (lch_start(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv,
 		    LCH_PERMIT_STDERR, &lcsp) < 0)
 			err(-1, "lch_start %s", LC_USR_BIN_GZIP_SANDBOX);
 	}
@@ -264,7 +264,7 @@
 	size_t len;
 
 	if (lcsp == NULL) {
-		if (lch_start_flags(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv,
+		if (lch_start(LC_USR_BIN_GZIP_SANDBOX, lc_sandbox_argv,
 		    LCH_PERMIT_STDERR, &lcsp) < 0)
 			err(-1, "lch_start %s", LC_USR_BIN_GZIP_SANDBOX);
 	}

More information about the p4-projects mailing list