PERFORCE change 219800 for review
Brooks Davis
brooks at FreeBSD.org
Thu Nov 15 22:03:59 UTC 2012
http://p4web.freebsd.org/@@219800?ac=10
Change 219800 by brooks at brooks_zenith on 2012/11/15 22:03:17
Add a shared memory segment to keep the monitoring parent
process apprised of the last slide that rendered successfully so
we can resume.
Detect cases when capsicum protects us from an exploit. Move
this and the cheri detection to after rendering the reat of the
slide.
Right extend the title slides so the onboard display is
completely filled with banners, etc.
Affected files ...
.. //depot/projects/ctsrd/cheribsd/src/ctsrd/cheripoint/cheripoint.c#7 edit
Differences ...
==== //depot/projects/ctsrd/cheribsd/src/ctsrd/cheripoint/cheripoint.c#7 (text+ko) ====
@@ -30,6 +30,7 @@
#include <sys/cdefs.h>
#include <sys/types.h>
+#include <sys/mman.h>
#include <sys/sysctl.h>
#include <sys/wait.h>
@@ -69,6 +70,8 @@
enum mtl_display_mode res = MTL_DM_720x480;
static int zombies_waiting = 0;
+int *slidep;
+
static uint32_t slide_fcol;
static uint32_t slide_width;
static uint32_t slide_height;
@@ -372,6 +375,7 @@
render_cover(int dfd, const char *cover)
{
int pfd;
+ uint32_t r;
struct iboxstate *is;
printf("rendering cover\n");
@@ -393,6 +397,12 @@
}
fb_post_region(__DEVOLATILE(uint32_t *, is->buffer), 0, 0,
is->width, is->height);
+ if (is->width < (uint)fb_width) {
+ /* Right extend the image if needed */
+ for (r = 0; r < is->height; r++)
+ fb_fill_region(is->buffer[((r + 1) * is->width) - 1],
+ is->width, r, fb_width - is->width, 1);
+ }
if (sb_vis && sb != SB_NONE)
fb_rectangle(red, 2, 0, 0, is->width, is->height);
iboxstate_free(is);
@@ -404,8 +414,11 @@
render_slide(int dfd, int slidenum, const char *slide)
{
int pfd;
+ int f_width, f_height;
uint sv1, sv2;
size_t olen;
+ char sntext[8];
+ uint32_t *snimage, *save;
uint32_t r, header_height;
struct iboxstate *is;
@@ -501,15 +514,6 @@
warnx("png_read_finish() failed for %s", slide);
return (-1);
}
- if (sb == SB_CHERI) {
- olen = sizeof(sv2);
- sysctlbyname("security.cheri.syscall_violations",
- &sv2, &olen, NULL, 0);
- if (sv1 != sv2)
- fb_dialog(FBDT_PINCH2CLOSE, black, white, black,
- "Exploit Mitigated",
- "CHERI prevented an exploit from running!");
- }
fb_post_region(__DEVOLATILE(uint32_t *, is->buffer),
slide_fcol + ((slide_width - is->width) / 2), header_height,
is->width, is->height < slide_height ? is->height : slide_height);
@@ -518,8 +522,62 @@
slide_fcol + ((slide_width - is->width) / 2),
header_height, is->width,
is->height < slide_height ? is->height : slide_height);
+ switch (sb) {
+ case SB_CAPSICUM:
+ if (is->error == 99) {
+ save = malloc(sizeof(uint32_t) * fb_width * fb_height);
+ if (save != NULL)
+ fb_save(save);
+ fb_dialog(FBDT_PINCH2CLOSE, black, white, black,
+ "Exploit Mitigated",
+ "Capsicum prevented an exploit\n"
+ "from gaining control!");
+ if (save != NULL) {
+ fb_post(save);
+ free(save);
+ }
+ }
+ break;
+ case SB_CHERI:
+ olen = sizeof(sv2);
+ sysctlbyname("security.cheri.syscall_violations",
+ &sv2, &olen, NULL, 0);
+ if (sv1 != sv2) {
+ save = malloc(sizeof(uint32_t) * fb_width * fb_height);
+ if (save != NULL)
+ fb_save(save);
+ fb_dialog(FBDT_PINCH2CLOSE, black, white, black,
+ "Exploit Mitigated",
+ "CHERI prevented an exploit\n"
+ "from gaining control!");
+ if (save != NULL) {
+ fb_post(save);
+ free(save);
+ }
+ }
+ break;
+ default:
+ break;
+ }
iboxstate_free(is);
+ f_width = fb_get_font_width();
+ f_height = fb_get_font_height();
+ if ((uint)slidenum < (sizeof(sntext) - 1) * 10) {
+ snprintf(sntext, sizeof(sntext), "%d", slidenum);
+ if ((snimage = malloc(sizeof(uint32_t) * strlen(sntext) *
+ f_width * f_height)) == NULL)
+ warn("failed to malloc space for slide number");
+ else
+ fb_render_text(sntext, 1, black, white, snimage,
+ f_width * strlen(sntext), f_height);
+ fb_post_region(snimage,
+ (slide_width / 2) - (f_width * strlen(sntext) / 2),
+ fb_height - f_height,
+ f_width * strlen(sntext), f_height);
+ free(snimage);
+ }
+
return (0);
}
@@ -697,8 +755,17 @@
fb_fade2on();
fb_load_syscons_font(NULL, "/usr/share/syscons/fonts/iso-8x16.fnt");
- if (forkflag)
+ if (forkflag) {
+ if ((slidep = mmap(NULL, sizeof(int), PROT_READ|PROT_WRITE,
+ MAP_ANON | MAP_SHARED, -1, 0)) == NULL)
+ err(1, "failed to allocate slide pointer");
+ *slidep = 0;
fork_child();
+ } else {
+ if ((slidep = malloc(sizeof(int))) == NULL)
+ err(1, "failed to allocate slide pointer");
+ *slidep = 0;
+ }
busy_indicator();
set_display_mode(res);
@@ -723,7 +790,7 @@
qsort(slides, nslides, sizeof(*slides), &strpcmp);
qsort(covers, ncovers, sizeof(*covers), &strpcmp);
- slide = 0;
+ slide = *slidep;
for (;;) {
if (slide == 0) {
asprintf(&coverpat, "*-cover-%d.png", slide_width);
@@ -736,6 +803,7 @@
render_cover(dirfd(dirp), covers[cover]);
} else
render_slide(dirfd(dirp), slide, slides[slide - 1]);
+ *slidep = slide; /* Update post success */
ts_drain();
nop:
ts = ts_poll();
More information about the p4-projects
mailing list