PERFORCE change 219879 for review
Brooks Davis
brooks at FreeBSD.org
Tue Dec 4 21:30:00 UTC 2012
http://p4web.freebsd.org/@@219879?ac=10
Change 219879 by brooks at brooks_zenith on 2012/12/04 21:29:41
Double the speed of the CHERI sandbox case by reuseing the sandbox
environment. This makes it faster than capsicum in the multiple
file case (as with cheribrowser).
Affected files ...
.. //depot/projects/ctsrd/cheribsd/src/ctsrd/minifile/minifile.c#6 edit
Differences ...
==== //depot/projects/ctsrd/cheribsd/src/ctsrd/minifile/minifile.c#6 (text+ko) ====
@@ -151,16 +151,15 @@
return type;
}
+static struct sandbox *sandbox;
static struct chericap file_cap, magic_cap, out_cap;
const char *
-cheri_magic_descriptor(int mfd, int fd)
+cheri_magic_descriptor(void *magicbuf, size_t magicsize, int fd)
{
register_t v;
- size_t outsize, magicsize, filesize;
+ size_t outsize, filesize;
char *filebuf = NULL;
- void *magicbuf = NULL;
- struct sandbox *sandbox;
struct stat filesb, magicsb;
static char outbuf[4096];
const char *type;
@@ -174,14 +173,6 @@
CHERI_CANDPERM(10, 10, CHERI_PERM_STORE);
CHERI_CSC(10, 0, &out_cap, 0);
- if (fstat(mfd, &magicsb) == -1)
- err(1, "fstat magic fd");
- magicsize = magicsb.st_size;
- if ((magicbuf = mmap(NULL, magicsize, PROT_READ|PROT_WRITE,
- MAP_PRIVATE, mfd, 0)) == MAP_FAILED) {
- warn("mmap magic fd");
- goto error;
- }
CHERI_CINCBASE(10, 0, magicbuf);
CHERI_CSETLEN(10, 10, magicsize);
CHERI_CANDPERM(10, 10, CHERI_PERM_LOAD);
@@ -200,30 +191,19 @@
CHERI_CANDPERM(10, 10, CHERI_PERM_LOAD);
CHERI_CSC(10, 0, &file_cap, 0);
- if (sandbox_setup("/usr/libexec/minifile-cheri.bin", 8*1024*1024,
- &sandbox) < 0)
- goto error;
-
v = sandbox_invoke(sandbox, outsize, magicsize, filesize, 0,
&out_cap, &magic_cap, &file_cap, NULL, NULL, NULL, NULL);
printf("%s: sandbox returned %ju\n", __func__, (uintmax_t)v);
- sandbox_destroy(sandbox);
-
outsize = strnlen(outbuf, outsize);
if (v == 0) {
ttype = outbuf + outsize;
strvisx(ttype, outbuf, outsize, 0);
type = ttype;
- } else {
- ttype = outbuf + outsize;
- strvisx(ttype, outbuf, outsize, 0);
- type = ttype;
- }
+ } else
+ type = "badmagic";
error:
- if (munmap(magicbuf, magicsize) == -1)
- warn("munmap magicbuf");
if (munmap(filebuf, filesize) == -1)
warn("munmap filebuf");
@@ -237,9 +217,10 @@
void *magicbuf;
const char *fname;
int mfd, fd;
+ size_t magicsize;
const char *type;
struct magic_set *magic;
- struct stat sb;
+ struct stat magicsb;
while ((ch = getopt(argc, argv, "s:")) != -1) {
switch(ch) {
@@ -262,38 +243,42 @@
if (argc <= 0)
usage();
+ /* Open the magic file */
mfd = open(MAGIC_FILE, O_RDONLY);
- if (mfd == -1) {
- warn("open(%s)", MAGIC_FILE);
- magic_close(magic);
- exit(1);
- }
+ if (mfd == -1)
+ err(1, "open(%s)", MAGIC_FILE);
- if (sbtype == SB_NONE) {
- magic = magic_open(MAGIC_MIME_TYPE);
- if (magic == NULL)
- errx(1, "magic_open()");
- if (fstat(mfd, &sb) == -1) {
+ /* For the NONE and CHERI cases, pre-map the file */
+ if (sbtype == SB_NONE || sbtype == SB_CHERI) {
+ if (fstat(mfd, &magicsb) == -1) {
warn("fstat(%s)", MAGIC_FILE);
- magic_close(magic);
exit(1);
}
- magicbuf = mmap(NULL, sb.st_size, PROT_READ|PROT_WRITE,
- MAP_PRIVATE, mfd, 0);
- if (magicbuf == MAP_FAILED) {
+ magicsize = magicsb.st_size;
+ if ((magicbuf = mmap(NULL, magicsize, PROT_READ|PROT_WRITE,
+ MAP_PRIVATE, mfd, 0)) == MAP_FAILED) {
warn("mmap(%s)", MAGIC_FILE);
magic_close(magic);
exit(1);
}
- close(mfd);
- if (magic_load_buffers(magic, &magicbuf, &sb.st_size, 1) ==
- -1) {
+ }
+
+ if (sbtype == SB_NONE) {
+ magic = magic_open(MAGIC_MIME_TYPE);
+ if (magic == NULL)
+ errx(1, "magic_open()");
+ if (magic_load_buffers(magic, &magicbuf, &magicsize, 1) == -1) {
warnx("magic_load() %s", magic_error(magic));
magic_close(magic);
exit(1);
}
}
+ if (sbtype == SB_CHERI)
+ if (sandbox_setup("/usr/libexec/minifile-cheri.bin", 8*1024*1024,
+ &sandbox) < 0)
+ err(1, "can't create cheri sandbox");
+
for (; argc >= 1; argc--, argv++) {
fname = argv[0];
fd = open(fname, O_RDONLY);
@@ -311,7 +296,7 @@
errx(1, "capsicum_magic_descriptor()");
break;
case SB_CHERI:
- type = cheri_magic_descriptor(mfd, fd);
+ type = cheri_magic_descriptor(magicbuf, magicsize, fd);
if (type == NULL)
errx(1, "cheri_magic_descriptor()");
break;
@@ -321,4 +306,7 @@
close(fd);
printf("%s: %s\n", fname, type);
}
+
+ if (sbtype == SB_CHERI)
+ sandbox_destroy(sandbox);
}
More information about the p4-projects
mailing list