PERFORCE change 170404 for review
Jonathan Anderson
jona at FreeBSD.org
Mon Nov 9 16:43:33 UTC 2009
http://p4web.freebsd.org/chv.cgi?CH=170404
Change 170404 by jona at jona-capsicum-kent on 2009/11/09 16:42:44
cap_main and _capstart for both i386 and amd64
Affected files ...
.. //depot/projects/trustedbsd/capabilities/src/lib/csu/amd64/crt1.c#3 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/csu/common/crtbrand.c#4 edit
.. //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/crt1.c#3 edit
Differences ...
==== //depot/projects/trustedbsd/capabilities/src/lib/csu/amd64/crt1.c#3 (text+ko) ====
@@ -31,6 +31,7 @@
#endif /* lint */
#include <stdlib.h>
+#include <unistd.h>
#include "libc_private.h"
#include "crtbrand.c"
@@ -95,6 +96,45 @@
}
+
+/* The Capsicum entry function. */
+void
+_capstart(char **ap, void (*cleanup)(void))
+{
+ int argc;
+ char **argv;
+ char **env;
+ const char *s;
+
+ argc = *(long *)(void *)ap;
+ argv = ap + 1;
+ env = ap + 2 + argc;
+ environ = env;
+ if (argc > 0 && argv[0] != NULL) {
+ __progname = argv[0];
+ for (s = __progname; *s != '\0'; s++)
+ if (*s == '/')
+ __progname = s + 1;
+ }
+
+ if (&_DYNAMIC != NULL)
+ atexit(cleanup);
+ else
+ _init_tls();
+
+#ifdef GCRT
+ atexit(_mcleanup);
+#endif
+ atexit(_fini);
+#ifdef GCRT
+/* monstartup(&eprol, &etext);*/
+/*__asm__("eprol:");*/ /* JA hope and pray... */
+#endif
+ _init();
+ exit( cap_main(argc, argv, env) );
+}
+
+
/* The Capsicum entry function. */
void
_capstart(char **ap, void (*cleanup)(void))
==== //depot/projects/trustedbsd/capabilities/src/lib/csu/common/crtbrand.c#4 (text+ko) ====
@@ -52,10 +52,25 @@
__FreeBSD_version
};
+
+
int cap_main(int argc, char **argv, char **env)
{
const char warning[] =
- "ERROR: attempting to run a regular binary in capability mode.\n\nIf you wish to run a binary in a sandbox, you must provide a cap_main() function which takes the same arguments as main().\n";
+ "ERROR: attempting to run a regular binary in capability mode!\n\nIf you want to run a binary in a sandbox, you must provide a cap_main() function, which takes the same arguments as main().\n";
+
+ write(2, warning, sizeof(warning));
+}
+
+
+int cap_main(int argc, char **argv, char **env)
+{
+ const char warning[] =
+ "ERROR: attempting to run a regular binary in capability mode."
+ "\n\n"
+ "If you wish to run a binary in a sandbox, you must provide a "
+ "cap_main() function which takes the same arguments as main()."
+ "\n";
write(2, warning, sizeof(warning));
return 1;
==== //depot/projects/trustedbsd/capabilities/src/lib/csu/i386-elf/crt1.c#3 (text+ko) ====
@@ -148,6 +148,51 @@
#endif
atexit(_fini);
#ifdef GCRT
+ monstartup(&eprol, &etext);
+__asm__("eprol:");
+#endif
+ _init();
+ exit( cap_main(argc, argv, env) );
+}
+
+
+
+
+/* The Capsicum entry function. */
+void
+_capstart(char *ap, ...)
+{
+ fptr cleanup;
+ int argc;
+ char **argv;
+ char **env;
+ const char *s;
+
+#ifdef __GNUC__
+ __asm__("and $0xfffffff0,%esp");
+#endif
+ cleanup = get_rtld_cleanup();
+ argv = ≈
+ argc = *(long *)(void *)(argv - 1);
+ env = argv + argc + 1;
+ environ = env;
+ if (argc > 0 && argv[0] != NULL) {
+ __progname = argv[0];
+ for (s = __progname; *s != '\0'; s++)
+ if (*s == '/')
+ __progname = s + 1;
+ }
+
+ if (&_DYNAMIC != NULL)
+ atexit(cleanup);
+ else
+ _init_tls();
+
+#ifdef GCRT
+ atexit(_mcleanup);
+#endif
+ atexit(_fini);
+#ifdef GCRT
/* monstartup(&eprol, &etext);
__asm__("eprol:");*/ /* XXX: does this interfere with profiling? */
#endif
More information about the p4-projects
mailing list