PERFORCE change 219767 for review
Robert Watson
rwatson at FreeBSD.org
Tue Nov 13 08:11:43 UTC 2012
http://p4web.freebsd.org/@@219767?ac=10
Change 219767 by rwatson at rwatson_zenith_cl_cam_ac_uk on 2012/11/13 08:10:57
Teach cheritest to run md5 in a sandbox: checksummed data is
passed in via a capability, and the checksum itself is passed out
via a second capability. Bounds checking and permissions (e.g.,
read and write protection) are enforced on the by-reference
arguments. The resulting checksum of "hello world" appears to be
correct!
Affected files ...
.. //depot/projects/ctsrd/cheribsd/src/bin/cheritest/cheritest.c#9 edit
.. //depot/projects/ctsrd/cheribsd/src/libexec/cheritest-helper/cheritest-helper.c#4 edit
Differences ...
==== //depot/projects/ctsrd/cheribsd/src/bin/cheritest/cheritest.c#9 (text+ko) ====
@@ -152,19 +152,40 @@
CHERI_CSETLEN(0, 1, CHERI_CAP_USER_LENGTH - 1);
}
+/*
+ * XXXRW: c1 and c2 were not getting properly aligned when placed in the
+ * stack. Odd.
+ */
+static char md5string[] = "hello world";
+static struct chericap c1, c2;
+
static void
cheritest_sandbox_invoke(void)
{
struct sandbox *sb;
+ char buf[33];
register_t v;
if (sandbox_setup("/usr/libexec/cheritest-helper.bin", 1024*1024,
&sb) < 0)
err(1, "sandbox_setup");
- v = sandbox_invoke(sb, 0, 0, 0, 0, NULL, NULL);
+ CHERI_CINCBASE(10, 0, &md5string);
+ CHERI_CSETLEN(10, 10, strlen(md5string));
+ CHERI_CANDPERM(10, 10, CHERI_PERM_LOAD);
+ CHERI_CSC(10, 0, &c1, 0);
+
+ CHERI_CINCBASE(10, 0, &buf);
+ CHERI_CSETLEN(10, 10, sizeof(buf));
+ CHERI_CANDPERM(10, 10, CHERI_PERM_STORE);
+ CHERI_CSC(10, 0, &c2, 0);
+
+ v = sandbox_invoke(sb, strlen(md5string), 0, 0, 0, &c1, &c2, NULL,
+ NULL, NULL, NULL, NULL);
printf("%s: sandbox returned %ju\n", __func__, (uintmax_t)v);
sandbox_destroy(sb);
+ buf[32] = '\0';
+ printf("MD5 checksum of '%s' is %s\n", md5string, buf);
}
static void
==== //depot/projects/ctsrd/cheribsd/src/libexec/cheritest-helper/cheritest-helper.c#4 (text+ko) ====
@@ -34,23 +34,29 @@
#include <md5.h>
+#include "cmemcpy.h"
+
int invoke(register_t a0, register_t a1, register_t a2, register_t a3);
/*
* Sample sandboxed code. Calculate an MD5 checksum of the data arriving via
- * c1, and place the checksum in c2.
- *
- * XXXRW: More to follow here.
+ * c1, and place the checksum in c2. a0 will hold input data length. c2
+ * must be (at least) 33 bytes.
*/
int
-invoke(register_t a0 __unused, register_t a1 __unused, register_t a2 __unused,
+invoke(register_t a0, register_t a1 __unused, register_t a2 __unused,
register_t a3 __unused)
{
MD5_CTX md5context;
- char buf[33];
+ char buf[33], ch;
+ u_int count;
MD5Init(&md5context);
+ for (count = 0; count < a0; count++) {
+ memcpy_fromcap(&ch, 1, count, sizeof(ch));
+ MD5Update(&md5context, &ch, sizeof(ch));
+ }
MD5End(&md5context, buf);
-
+ memcpy_tocap(2, buf, 0, sizeof(buf));
return (123456);
}
More information about the p4-projects
mailing list