PERFORCE change 176294 for review
Jonathan Anderson
jona at FreeBSD.org
Tue Mar 30 18:39:01 UTC 2010
http://p4web.freebsd.org/chv.cgi?CH=176294
Change 176294 by jona at jona-belle-freebsd8 on 2010/03/30 18:38:41
Farewell to cap_main()
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/lib/csu/amd64/crt1.c#7 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/csu/common/crtbrand.c#9 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/Makefile#5 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/crt1_c.c#4 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/crt1_s.S#3 edit
.. //depot/projects/trustedbsd/capabilities/src/libexec/rtld-elf/rtld.c#40 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/main.c#4 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/Makefile#3 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/fdlist.c#10 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/Makefile#5 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/fdrpc.c#9 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/Makefile#4 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/fdsendrecv.c#6 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/ld_libdirs/Makefile#2 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/ld_libdirs/ld_libdirs.c#2 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/Makefile#7 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#13 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/Makefile#3 edit
.. //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/sandbox_world.c#8 edit
.. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/Makefile#10 edit
.. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzip.c#10 edit
.. //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#15 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/lib/csu/amd64/crt1.c#7 (text+ko) ====
@@ -45,7 +45,6 @@
extern void _init(void);
extern int main(int, char **, char **);
extern void _start(char **, void (*)(void));
-extern void _capstart(char **, void (*)(void));
#ifdef GCRT
extern void _mcleanup(void);
@@ -94,41 +93,4 @@
exit( main(argc, argv, env) );
}
-/* The Capsicum entry function. */
-void
-_capstart(char **ap, void (*cleanup)(void))
-{
- int argc;
- char **argv;
- char **env;
- const char *s;
-
- argc = *(long *)(void *)ap;
- argv = ap + 1;
- env = ap + 2 + argc;
- environ = env;
- if (argc > 0 && argv[0] != NULL) {
- __progname = argv[0];
- for (s = __progname; *s != '\0'; s++)
- if (*s == '/')
- __progname = s + 1;
- }
-
- if (&_DYNAMIC != NULL)
- atexit(cleanup);
- else
- _init_tls();
-
-#ifdef GCRT
- atexit(_mcleanup);
-#endif
- atexit(_fini);
-#ifdef GCRT
-/* monstartup(&eprol, &etext);*/
-/*__asm__("eprol:");*/ /* JA hope and pray... */
-#endif
- _init();
- exit( cap_main(argc, argv, env) );
-}
-
__asm__(".ident\t\"$FreeBSD: src/lib/csu/amd64/crt1.c,v 1.15 2005/10/07 22:13:17 bde Exp $\"");
==== //depot/projects/trustedbsd/capabilities/src/lib/csu/common/crtbrand.c#9 (text+ko) ====
@@ -52,12 +52,3 @@
__FreeBSD_version
};
-extern int cap_main(int, char **, char **) __attribute__((weak));
-int cap_main(__unused int argc, __unused char **argv, __unused char **env)
-{
- const char warning[] =
- "ERROR: attempting to run a regular binary in capability mode!\n\nIf you want to run a binary in a sandbox, you must provide a cap_main() function, which takes the same arguments as main().\n";
-
- write(2, warning, sizeof(warning));
- return (-1);
-}
==== //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/Makefile#5 (text+ko) ====
@@ -20,13 +20,13 @@
crt1.o: crt1_c.o crt1_s.o
${LD} ${LDFLAGS} -o crt1.o -r crt1_s.o crt1_c.o
- objcopy --localize-symbol _start1 --localize-symbol _capstart1 crt1.o
+ objcopy --localize-symbol _start1 crt1.o
Scrt1_c.o: crt1_c.c
${CC} ${CFLAGS} -DGCRT -fPIC -DPIC -c -o Scrt1_c.o ${.CURDIR}/crt1_c.c
Scrt1.o: Scrt1_c.o crt1_s.o
${LD} ${LDFLAGS} -o Scrt1.o -r crt1_s.o Scrt1_c.o
- objcopy --localize-symbol _start1 --localize-symbol _capstart1 Scrt1.o
+ objcopy --localize-symbol _start1 Scrt1.o
.include <bsd.prog.mk>
==== //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/crt1_c.c#4 (text+ko) ====
@@ -46,7 +46,6 @@
extern void _init(void);
extern int main(int, char **, char **);
extern void _start(char *, ...);
-extern void _capstart(char *, ...);
#ifdef GCRT
extern void _mcleanup(void);
@@ -59,7 +58,6 @@
const char *__progname = "";
void _start1(fptr, int, char *[]) __dead2;
-void _capstart1(fptr, int, char *[]) __dead2;
/* The entry function, C part. */
void
@@ -96,37 +94,3 @@
__asm(".hidden _start1");
-/* The Capsicum entry function. */
-void
-_capstart1(fptr cleanup, int argc, char *argv[])
-{
- char **env;
- const char *s;
-
- env = argv + argc + 1;
- environ = env;
- if (argc > 0 && argv[0] != NULL) {
- __progname = argv[0];
- for (s = __progname; *s != '\0'; s++)
- if (*s == '/')
- __progname = s + 1;
- }
-
- if (&_DYNAMIC != NULL)
- atexit(cleanup);
- else
- _init_tls();
-
-#ifdef GCRT
- atexit(_mcleanup);
-#endif
- atexit(_fini);
-#ifdef GCRT
-/* XXXCAP: monstartup(&eprol, &etext); */
-/* XXXCAP: __asm__("eprol:"); */
-#endif
- _init();
- exit( cap_main(argc, argv, env) );
-}
-
-__asm(".hidden _capstart1");
==== //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/crt1_s.S#3 (text+ko) ====
@@ -41,17 +41,4 @@
call _start1
.size _start, . - _start
- .globl _capstart
- .type _capstart, @function
-_capstart: xorl %ebp,%ebp
- pushl %ebp
- movl %esp,%ebp
- andl $0xfffffff0,%esp # align stack
- leal 8(%ebp),%eax
- pushl %eax # argv
- pushl 4(%ebp) # argc
- pushl %edx # rtld cleanup
- call _capstart1
- .size _capstart, . - _capstart
-
.ident "$FreeBSD: src/lib/csu/i386-elf/crt1_s.S,v 1.1 2009/12/02 16:34:20 kib Exp $"
==== //depot/projects/trustedbsd/capabilities/src/libexec/rtld-elf/rtld.c#40 (text+ko) ====
@@ -106,9 +106,7 @@
static bool donelist_check(DoneList *, const Obj_Entry *);
static void errmsg_restore(char *);
static char *errmsg_save(void);
-#ifdef IN_RTLD_CAP
-static void *find_capstart(const Obj_Entry *);
-#else
+#ifndef IN_RTLD_CAP
static void *fill_search_info(const char *, size_t, void *);
static char *find_library(const char *, const Obj_Entry *);
static const char *gethints(void);
@@ -352,7 +350,6 @@
#ifdef IN_RTLD_CAP
struct stat sb;
Elf_Auxinfo aux_execfd;
- void *capstart_ptr;
#endif
Elf_Auxinfo *aux_info[AT_COUNT];
int i;
@@ -649,21 +646,7 @@
*exit_proc = rtld_exit;
*objp = obj_main;
-#ifdef IN_RTLD_CAP
- /*
- * If the object provides an alternative capability-mode specific entry
- * point, prefer that to the ELF default entry point. Otherwise, use the
- * ELF default.
- */
- capstart_ptr = find_capstart(obj_main);
- if (capstart_ptr == NULL) {
- _rtld_error("_capstart not found; has the binary been compiled with -rdynamic?");
- die();
- }
- return (func_ptr_type) capstart_ptr;
-#else
return (func_ptr_type) obj_main->entry;
-#endif
}
Elf_Addr
@@ -830,25 +813,6 @@
return (res4);
}
-#ifdef IN_RTLD_CAP
-static void *
-find_capstart(const Obj_Entry *obj)
-{
- const char *capstart_str = "_capstart";
- const Elf_Sym *def;
- const Obj_Entry *defobj;
- unsigned long hash;
-
- hash = elf_hash(capstart_str);
- def = symlook_default(capstart_str, hash, obj, &defobj, NULL,
- SYMLOOK_IN_PLT);
- if (def == NULL)
- return (NULL);
- if (ELF_ST_TYPE(def->st_info) != STT_FUNC)
- return (NULL);
- return (make_function_pointer(def, defobj));
-}
-#endif
static void
die(void)
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/cap_exec/main.c#4 (text+ko) ====
@@ -4,9 +4,20 @@
#include <stdio.h>
+int ld_insandbox(void);
+
+int
+sandbox(int argc, char *argv[])
+{
+ printf("pid %d cap_main(%d, %p)\n", getpid(), argc, argv);
+ return 0;
+}
+
int
main(int argc, char *argv[])
{
+ if (ld_insandbox()) return sandbox(argc, argv);
+
printf("pid %d main(%d, %p)\n", getpid(), argc, argv);
if(opendir("./") == NULL)
@@ -18,9 +29,3 @@
return 0;
}
-int
-cap_main(int argc, char *argv[])
-{
-
- printf("pid %d cap_main(%d, %p)\n", getpid(), argc, argv);
-}
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/Makefile#3 (text+ko) ====
@@ -1,6 +1,6 @@
PROG=fdlist
NO_MAN=
-CFLAGS=-Wall -Werror -g -rdynamic
+CFLAGS=-Wall -Werror -g
DPADD= ${LIBCAPABILITY} ${LIBSBUF}
LDADD= -lcapsicum -lsbuf
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdlist/fdlist.c#10 (text+ko) ====
@@ -46,6 +46,8 @@
#include <unistd.h>
+int ld_insandbox(void);
+int sandbox(void);
static void print_fdlist(struct lc_fdlist *lfp);
@@ -59,6 +61,8 @@
struct lc_fdlist *lfp;
int testfd;
+ if (ld_insandbox()) return sandbox();
+
printf("fdlist: PID %d\n", getpid());
/* create an FD list and add some junk to it */
@@ -110,9 +114,9 @@
int
-cap_main(__unused int argc, __unused char *argv[])
+sandbox()
{
- printf("cap_main() alive\n"); fflush(stdout);
+ printf("sandbox alive\n"); fflush(stdout);
struct lc_fdlist *global_fdlist = lc_fdlist_global();
printf("Received FD list:\n"); fflush(stdout);
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/Makefile#5 (text+ko) ====
@@ -1,6 +1,6 @@
PROG=fdrpc
NO_MAN=
-CFLAGS=-Wall -g -rdynamic
+CFLAGS=-Wall -g
DPADD= ${LIBCAPABILITY} ${LIBSBUF}
LDADD= -lcapsicum -lsbuf
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdrpc/fdrpc.c#9 (text+ko) ====
@@ -52,6 +52,9 @@
#define FDRPC_SANDBOX "./fdrpc"
+int ld_insandbox(void);
+int sandbox(void);
+
/*
* Unsandboxed host process with full user rights.
*/
@@ -65,6 +68,8 @@
size_t len;
char ch;
+ if (ld_insandbox()) return sandbox();
+
if (argc != 1)
errx(-1, "usage: fdrpc_host");
@@ -107,7 +112,7 @@
* descriptors to the host.
*/
int
-cap_main(int argc, char *argv[])
+sandbox()
{
int fd, fdcount;
struct lc_host *lchp;
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/Makefile#4 (text+ko) ====
@@ -1,6 +1,6 @@
PROG=fdsendrecv
NO_MAN=
-CFLAGS=-Wall -g -rdynamic
+CFLAGS=-Wall -g
DPADD= ${LIBCAPABILITY} ${LIBSBUF}
LDADD= -lcapsicum -lsbuf
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/fdsendrecv/fdsendrecv.c#6 (text+ko) ====
@@ -48,6 +48,10 @@
#define FDSENDRECV_SANDBOX "fdsendrecv"
+int ld_insandbox(void);
+int sandbox(void);
+
+
int
main(int argc, char *argv[])
{
@@ -56,6 +60,8 @@
int fdarray[2], fdcount;
char ch;
+ if (ld_insandbox()) return sandbox();
+
if (argc != 1)
errx(-1, "usage: fdsendrecv_host");
@@ -86,7 +92,7 @@
}
int
-cap_main(int argc, char *argv[])
+sandbox()
{
struct lc_host *lchp;
ssize_t len;
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/ld_libdirs/Makefile#2 (text+ko) ====
@@ -1,6 +1,6 @@
PROG=ld_libdirs
NO_MAN=
-CFLAGS=-Wall -g -rdynamic
+CFLAGS=-Wall -g
DPADD= ${LIBCAPABILITY} ${LIBSBUF}
LDADD= -lcapsicum -lsbuf
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/ld_libdirs/ld_libdirs.c#2 (text+ko) ====
@@ -47,7 +47,10 @@
#include <unistd.h>
-void print_fdlist(struct lc_fdlist*);
+int ld_insandbox(void);
+int sandbox(void);
+
+void print_fdlist(struct lc_fdlist*);
int
@@ -56,6 +59,8 @@
struct lc_sandbox *lcsp;
char *sandbox_argv[3] = { argv[1], "sandbox", NULL };
+ if (ld_insandbox()) return sandbox();
+
for (int i = 0; i < 200; i++) {
int size = i;
int libdirs[size];
@@ -82,7 +87,7 @@
}
int
-cap_main(int argc, char *argv[])
+sandbox()
{
struct lcs_host *host;
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/Makefile#7 (text+ko) ====
@@ -1,6 +1,6 @@
PROG=sandbox_echo
NO_MAN=
-CFLAGS=-Wall -g -rdynamic
+CFLAGS=-Wall -g
DPADD= ${LIBCAPABILITY} ${LIBSBUF}
LDADD= -lcapsicum -lsbuf
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_echo/sandbox_echo.c#13 (text+ko) ====
@@ -47,6 +47,9 @@
#define MYNAME "sandbox_echo"
+
+int sandbox(int argc, char *argv[]);
+
int
main(int argc, char *argv[])
{
@@ -57,6 +60,8 @@
char ch;
int i;
+ if(ld_insandbox()) return cap_main(argc, argv);
+
if (argc != 1)
errx(-1, "usage: sandbox_echo");
@@ -84,7 +89,7 @@
}
int
-cap_main(int argc, char *argv[])
+sandbox(int argc, char *argv[])
{
char *sandbox_argv[3] = { MYNAME, NULL };
struct lc_sandbox *lcsp;
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/Makefile#3 (text+ko) ====
@@ -1,6 +1,6 @@
PROG=sandbox_world
NO_MAN=
-CFLAGS=-Wall -g -rdynamic
+CFLAGS=-Wall -g
DPADD= ${LIBCAPABILITY} ${LIBSBUF}
LDADD= -lcapsicum -lsbuf
==== //depot/projects/trustedbsd/capabilities/src/tools/cap/sandbox_world/sandbox_world.c#8 (text+ko) ====
@@ -53,6 +53,9 @@
#define MYNAME "sandbox_world" /* Binary to run in sandbox. */
+int ld_insandbox(void);
+int sandbox(void);
+
/*
* Unsandboxed host process with full user rights.
*/
@@ -65,6 +68,8 @@
size_t len;
char ch;
+ if (ld_insandbox()) return sandbox();
+
if (argc != 1)
errx(-1, "usage: sandbox_world");
@@ -99,7 +104,7 @@
* Sandboxed process implementing a 'printf hello world' RPC.
*/
int
-cap_main(int argc, char *argv[])
+sandbox()
{
struct lc_host *lchp;
u_int32_t opno, seqno;
@@ -142,4 +147,6 @@
}
free(buffer);
}
+
+ return 0;
}
==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/Makefile#10 (text+ko) ====
@@ -9,7 +9,6 @@
DPADD= ${LIBZ} ${LIBCAPSICUM}
LDADD= -lz -lcapsicum
-CFLAGS+= -rdynamic # For sandbox cap_main
.if ${MK_BZIP2_SUPPORT} != "no"
DPADD+= ${LIBBZ2}
==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzip.c#10 (text+ko) ====
@@ -259,6 +259,11 @@
int main(int, char **p);
+#ifndef NO_SANDBOX_SUPPORT
+int ld_insandbox(void);
+int gzsandbox(void);
+#endif
+
#ifdef SMALL
#define getopt_long(a,b,c,d,e) getopt(a,b,c)
#else
@@ -297,6 +302,10 @@
#endif
int ch;
+#ifndef NO_SANDBOX_SUPPORT
+ if (ld_insandbox()) return gzsandbox();
+#endif
+
/* XXX set up signals */
#ifndef SMALL
==== //depot/projects/trustedbsd/capabilities/src/usr.bin/gzip/gzsandbox.c#15 (text+ko) ====
@@ -53,6 +53,8 @@
#ifndef NO_SANDBOX_SUPPORT
+int gzsandbox(void);
+
static char *lc_sandbox_argv[] = { __DECONST(char *, LC_USR_BIN_GZIP_SANDBOX),
NULL };
@@ -325,8 +327,7 @@
/*
* Main entry point for capability-mode
*/
-int
-cap_main(__unused int argc, __unused char *argv[])
+int gzsandbox(void)
{
int fdarray[2], fdcount;
struct lc_host *lchp;
More information about the p4-projects
mailing list