svn commit: r208664 - in projects/capabilities8: lib/csu/amd64
lib/csu/common lib/csu/i386-elf libexec/rtld-elf
tools/cap/sandbox_world usr.bin/gzip
Robert Watson
rwatson at FreeBSD.org
Sun May 30 23:05:02 UTC 2010
Author: rwatson
Date: Sun May 30 23:05:02 2010
New Revision: 208664
URL: http://svn.freebsd.org/changeset/base/208664
Log:
Merge c176294 from the p4 TrustedBSD Capabilities branch to capabilities8:
Remove cap_main() from Capsicum: programs now detect they are in
capability mode using ld_insandbox() or lcs_get().
Submitted by: jona
Modified:
projects/capabilities8/lib/csu/amd64/crt1.c
projects/capabilities8/lib/csu/common/crtbrand.c
projects/capabilities8/lib/csu/i386-elf/Makefile
projects/capabilities8/lib/csu/i386-elf/crt1_c.c
projects/capabilities8/lib/csu/i386-elf/crt1_s.S
projects/capabilities8/libexec/rtld-elf/rtld.c
projects/capabilities8/tools/cap/sandbox_world/Makefile
projects/capabilities8/tools/cap/sandbox_world/sandbox_world.c
projects/capabilities8/usr.bin/gzip/gzip.c
projects/capabilities8/usr.bin/gzip/gzsandbox.c
Modified: projects/capabilities8/lib/csu/amd64/crt1.c
==============================================================================
--- projects/capabilities8/lib/csu/amd64/crt1.c Sun May 30 23:00:36 2010 (r208663)
+++ projects/capabilities8/lib/csu/amd64/crt1.c Sun May 30 23:05:02 2010 (r208664)
@@ -45,7 +45,6 @@ extern void _fini(void);
extern void _init(void);
extern int main(int, char **, char **);
extern void _start(char **, void (*)(void));
-extern void _capstart(char **, void (*)(void));
#ifdef GCRT
extern void _mcleanup(void);
@@ -94,41 +93,4 @@ __asm__("eprol:");
exit( main(argc, argv, env) );
}
-/* The Capsicum entry function. */
-void
-_capstart(char **ap, void (*cleanup)(void))
-{
- int argc;
- char **argv;
- char **env;
- const char *s;
-
- argc = *(long *)(void *)ap;
- argv = ap + 1;
- env = ap + 2 + argc;
- environ = env;
- if (argc > 0 && argv[0] != NULL) {
- __progname = argv[0];
- for (s = __progname; *s != '\0'; s++)
- if (*s == '/')
- __progname = s + 1;
- }
-
- if (&_DYNAMIC != NULL)
- atexit(cleanup);
- else
- _init_tls();
-
-#ifdef GCRT
- atexit(_mcleanup);
-#endif
- atexit(_fini);
-#ifdef GCRT
-/* monstartup(&eprol, &etext);*/
-/*__asm__("eprol:");*/ /* JA hope and pray... */
-#endif
- _init();
- exit( cap_main(argc, argv, env) );
-}
-
__asm__(".ident\t\"$FreeBSD$\"");
Modified: projects/capabilities8/lib/csu/common/crtbrand.c
==============================================================================
--- projects/capabilities8/lib/csu/common/crtbrand.c Sun May 30 23:00:36 2010 (r208663)
+++ projects/capabilities8/lib/csu/common/crtbrand.c Sun May 30 23:05:02 2010 (r208664)
@@ -52,12 +52,3 @@ static const struct {
__FreeBSD_version
};
-extern int cap_main(int, char **, char **) __attribute__((weak));
-int cap_main(__unused int argc, __unused char **argv, __unused char **env)
-{
- const char warning[] =
- "ERROR: attempting to run a regular binary in capability mode!\n\nIf you want to run a binary in a sandbox, you must provide a cap_main() function, which takes the same arguments as main().\n";
-
- write(2, warning, sizeof(warning));
- return (-1);
-}
Modified: projects/capabilities8/lib/csu/i386-elf/Makefile
==============================================================================
--- projects/capabilities8/lib/csu/i386-elf/Makefile Sun May 30 23:00:36 2010 (r208663)
+++ projects/capabilities8/lib/csu/i386-elf/Makefile Sun May 30 23:05:02 2010 (r208664)
@@ -21,13 +21,13 @@ gcrt1.o: gcrt1_c.o crt1_s.o
crt1.o: crt1_c.o crt1_s.o
${LD} ${LDFLAGS} -o crt1.o -r crt1_s.o crt1_c.o
- objcopy --localize-symbol _start1 --localize-symbol _capstart1 crt1.o
+ objcopy --localize-symbol _start1 crt1.o
Scrt1_c.o: crt1_c.c
${CC} ${CFLAGS} -DGCRT -fPIC -DPIC -c -o Scrt1_c.o ${.CURDIR}/crt1_c.c
Scrt1.o: Scrt1_c.o crt1_s.o
${LD} ${LDFLAGS} -o Scrt1.o -r crt1_s.o Scrt1_c.o
- objcopy --localize-symbol _start1 --localize-symbol _capstart1 Scrt1.o
+ objcopy --localize-symbol _start1 Scrt1.o
.include <bsd.prog.mk>
Modified: projects/capabilities8/lib/csu/i386-elf/crt1_c.c
==============================================================================
--- projects/capabilities8/lib/csu/i386-elf/crt1_c.c Sun May 30 23:00:36 2010 (r208663)
+++ projects/capabilities8/lib/csu/i386-elf/crt1_c.c Sun May 30 23:05:02 2010 (r208664)
@@ -46,7 +46,6 @@ extern void _fini(void);
extern void _init(void);
extern int main(int, char **, char **);
extern void _start(char *, ...);
-extern void _capstart(char *, ...);
#ifdef GCRT
extern void _mcleanup(void);
@@ -59,7 +58,6 @@ char **environ;
const char *__progname = "";
void _start1(fptr, int, char *[]) __dead2;
-void _capstart1(fptr, int, char *[]) __dead2;
/* The entry function, C part. */
void
@@ -96,37 +94,3 @@ __asm__("eprol:");
__asm(".hidden _start1");
-/* The Capsicum entry function. */
-void
-_capstart1(fptr cleanup, int argc, char *argv[])
-{
- char **env;
- const char *s;
-
- env = argv + argc + 1;
- environ = env;
- if (argc > 0 && argv[0] != NULL) {
- __progname = argv[0];
- for (s = __progname; *s != '\0'; s++)
- if (*s == '/')
- __progname = s + 1;
- }
-
- if (&_DYNAMIC != NULL)
- atexit(cleanup);
- else
- _init_tls();
-
-#ifdef GCRT
- atexit(_mcleanup);
-#endif
- atexit(_fini);
-#ifdef GCRT
-/* XXXCAP: monstartup(&eprol, &etext); */
-/* XXXCAP: __asm__("eprol:"); */
-#endif
- _init();
- exit( cap_main(argc, argv, env) );
-}
-
-__asm(".hidden _capstart1");
Modified: projects/capabilities8/lib/csu/i386-elf/crt1_s.S
==============================================================================
--- projects/capabilities8/lib/csu/i386-elf/crt1_s.S Sun May 30 23:00:36 2010 (r208663)
+++ projects/capabilities8/lib/csu/i386-elf/crt1_s.S Sun May 30 23:05:02 2010 (r208664)
@@ -41,17 +41,4 @@ _start: xorl %ebp,%ebp
call _start1
.size _start, . - _start
- .globl _capstart
- .type _capstart, @function
-_capstart: xorl %ebp,%ebp
- pushl %ebp
- movl %esp,%ebp
- andl $0xfffffff0,%esp # align stack
- leal 8(%ebp),%eax
- pushl %eax # argv
- pushl 4(%ebp) # argc
- pushl %edx # rtld cleanup
- call _capstart1
- .size _capstart, . - _capstart
-
.ident "$FreeBSD$"
Modified: projects/capabilities8/libexec/rtld-elf/rtld.c
==============================================================================
--- projects/capabilities8/libexec/rtld-elf/rtld.c Sun May 30 23:00:36 2010 (r208663)
+++ projects/capabilities8/libexec/rtld-elf/rtld.c Sun May 30 23:05:02 2010 (r208664)
@@ -106,9 +106,7 @@ static int do_search_info(const Obj_Entr
static bool donelist_check(DoneList *, const Obj_Entry *);
static void errmsg_restore(char *);
static char *errmsg_save(void);
-#ifdef IN_RTLD_CAP
-static void *find_capstart(const Obj_Entry *);
-#else
+#ifndef IN_RTLD_CAP
static void *fill_search_info(const char *, size_t, void *);
static char *find_library(const char *, const Obj_Entry *);
static const char *gethints(void);
@@ -352,7 +350,6 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_
#ifdef IN_RTLD_CAP
struct stat sb;
Elf_Auxinfo aux_execfd;
- void *capstart_ptr;
#endif
Elf_Auxinfo *aux_info[AT_COUNT];
int i;
@@ -652,21 +649,7 @@ _rtld(Elf_Addr *sp, func_ptr_type *exit_
*exit_proc = rtld_exit;
*objp = obj_main;
-#ifdef IN_RTLD_CAP
- /*
- * If the object provides an alternative capability-mode specific entry
- * point, prefer that to the ELF default entry point. Otherwise, use the
- * ELF default.
- */
- capstart_ptr = find_capstart(obj_main);
- if (capstart_ptr == NULL) {
- _rtld_error("_capstart not found; has the binary been compiled with -rdynamic?");
- die();
- }
- return (func_ptr_type) capstart_ptr;
-#else
return (func_ptr_type) obj_main->entry;
-#endif
}
Elf_Addr
@@ -833,25 +816,6 @@ origin_subst(const char *real, const cha
return (res4);
}
-#ifdef IN_RTLD_CAP
-static void *
-find_capstart(const Obj_Entry *obj)
-{
- const char *capstart_str = "_capstart";
- const Elf_Sym *def;
- const Obj_Entry *defobj;
- unsigned long hash;
-
- hash = elf_hash(capstart_str);
- def = symlook_default(capstart_str, hash, obj, &defobj, NULL,
- SYMLOOK_IN_PLT);
- if (def == NULL)
- return (NULL);
- if (ELF_ST_TYPE(def->st_info) != STT_FUNC)
- return (NULL);
- return (make_function_pointer(def, defobj));
-}
-#endif
static void
die(void)
Modified: projects/capabilities8/tools/cap/sandbox_world/Makefile
==============================================================================
--- projects/capabilities8/tools/cap/sandbox_world/Makefile Sun May 30 23:00:36 2010 (r208663)
+++ projects/capabilities8/tools/cap/sandbox_world/Makefile Sun May 30 23:05:02 2010 (r208664)
@@ -1,6 +1,6 @@
PROG=sandbox_world
NO_MAN=
-CFLAGS=-Wall -g -rdynamic
+CFLAGS=-Wall -g
DPADD= ${LIBCAPABILITY} ${LIBSBUF}
LDADD= -lcapsicum -lsbuf
Modified: projects/capabilities8/tools/cap/sandbox_world/sandbox_world.c
==============================================================================
--- projects/capabilities8/tools/cap/sandbox_world/sandbox_world.c Sun May 30 23:00:36 2010 (r208663)
+++ projects/capabilities8/tools/cap/sandbox_world/sandbox_world.c Sun May 30 23:05:02 2010 (r208664)
@@ -53,6 +53,9 @@ __FBSDID("$FreeBSD$");
#define MYNAME "sandbox_world" /* Binary to run in sandbox. */
+int ld_insandbox(void);
+int sandbox(void);
+
/*
* Unsandboxed host process with full user rights.
*/
@@ -65,6 +68,8 @@ main(int argc, char *argv[])
size_t len;
char ch;
+ if (ld_insandbox()) return sandbox();
+
if (argc != 1)
errx(-1, "usage: sandbox_world");
@@ -99,7 +104,7 @@ main(int argc, char *argv[])
* Sandboxed process implementing a 'printf hello world' RPC.
*/
int
-cap_main(int argc, char *argv[])
+sandbox()
{
struct lc_host *lchp;
u_int32_t opno, seqno;
@@ -142,4 +147,6 @@ cap_main(int argc, char *argv[])
}
free(buffer);
}
+
+ return 0;
}
Modified: projects/capabilities8/usr.bin/gzip/gzip.c
==============================================================================
--- projects/capabilities8/usr.bin/gzip/gzip.c Sun May 30 23:00:36 2010 (r208663)
+++ projects/capabilities8/usr.bin/gzip/gzip.c Sun May 30 23:05:02 2010 (r208664)
@@ -259,6 +259,11 @@ static off_t unpack(int, int, char *, si
int main(int, char **p);
+#ifndef NO_SANDBOX_SUPPORT
+int ld_insandbox(void);
+int gzsandbox(void);
+#endif
+
#ifdef SMALL
#define getopt_long(a,b,c,d,e) getopt(a,b,c)
#else
@@ -297,6 +302,10 @@ main(int argc, char **argv)
#endif
int ch;
+#ifndef NO_SANDBOX_SUPPORT
+ if (ld_insandbox()) return gzsandbox();
+#endif
+
/* XXX set up signals */
#ifndef SMALL
Modified: projects/capabilities8/usr.bin/gzip/gzsandbox.c
==============================================================================
--- projects/capabilities8/usr.bin/gzip/gzsandbox.c Sun May 30 23:00:36 2010 (r208663)
+++ projects/capabilities8/usr.bin/gzip/gzsandbox.c Sun May 30 23:05:02 2010 (r208664)
@@ -53,6 +53,8 @@ __FBSDID("$FreeBSD$");
#ifndef NO_SANDBOX_SUPPORT
+int gzsandbox(void);
+
static char *lc_sandbox_argv[] = { __DECONST(char *, LC_USR_BIN_GZIP_SANDBOX),
NULL };
@@ -325,8 +327,7 @@ unbzip2_wrapper(int in, int out, char *p
/*
* Main entry point for capability-mode
*/
-int
-cap_main(__unused int argc, __unused char *argv[])
+int gzsandbox(void)
{
int fdarray[2], fdcount;
struct lc_host *lchp;
More information about the svn-src-projects
mailing list