socsvn commit: r256903 - soc2013/dpl/head/lib/libzcap
dpl at FreeBSD.org
dpl at FreeBSD.org
Wed Sep 4 18:22:04 UTC 2013
Author: dpl
Date: Wed Sep 4 18:22:03 2013
New Revision: 256903
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=256903
Log:
First draft of the new sandboxing. Take a look at caspicum.[ch].
Modified:
soc2013/dpl/head/lib/libzcap/capsicum.c
soc2013/dpl/head/lib/libzcap/capsicum.h
soc2013/dpl/head/lib/libzcap/commands.c
soc2013/dpl/head/lib/libzcap/commands.h
Modified: soc2013/dpl/head/lib/libzcap/capsicum.c
==============================================================================
--- soc2013/dpl/head/lib/libzcap/capsicum.c Wed Sep 4 17:48:41 2013 (r256902)
+++ soc2013/dpl/head/lib/libzcap/capsicum.c Wed Sep 4 18:22:03 2013 (r256903)
@@ -1,32 +1,61 @@
#include "capsicum.h"
#include "zlib.h"
-#include <nv.h>
+#include <sys/queue.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
+#include <nv.h>
#include <signal.h>
#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <err.h>
-pid_t pid = 0;
-int sv[2];
+external struct sandbox;
+external struct slisthead sandboxes;
int startChild(void);
void killChild(void);
void suicide(int signal);
nvlist_t * sendCommand(nvlist_t *nvl);
-int
-startChild(void)
+bool slist_initiated = 0;
+
+nvlist_t *
+sendCommand(nvlist_t *nvl, int socket)
+{
+ nvlist_t *new;
+ if( nvlist_send(socket, nvl) != 0 )
+ err(1, "zcaplib: nvlist_send() Went wrong");
+ if ((new = nvlist_recv(socket)) == NULL)
+ err(1, "nvlist_recv(): nvlist_t is NULL");
+ return (new);
+}
+
+void killChild(void) {
+ kill(pid, SIGKILL);
+}
+void suicide(int signal) {
+ kill(getpid(), SIGKILL);
+}
+
+void
+startChild(void *data)
{
+ int procd, sv[2];
+ struct sandbox *newsandbox;
+
+ if ((newsandbox = malloc(sizeof (struct sandbox)) == NULL)
+ err(1, "Couldn't allocate memory for sandboxes");
+
+ sv[0] = sv[1] = 0;
if (socketpair(PF_LOCAL, SOCK_STREAM, 0, sv) < 0 )
perror("zcaplib: socketpair()");
- if( (pid = fork()) == 0 ){
+ procd = pdfork();
+ if (pid == 0 ){
if (cap_rights_limit(STDIN_FILENO, CAP_READ) < 0)
err(1, "Couldn't limit rights");
if (cap_rights_limit(STDOUT_FILENO, CAP_WRITE|CAP_FSTAT) < 0)
@@ -43,28 +72,87 @@
err(1, "Couldn't find zlibworker.");
}
exit(0);
+ } else if (pid == -1) {
+ err(1, "Couldn't fork");
} else {
+ close(sv[1]);
signal(SIGCHLD, suicide);
atexit(killChild);
+ sandbox->dataptr = data;
+ sandbox->pd = procd;
+ sandbox->socket = sv[0];
}
-
- return pid;
}
-nvlist_t *
-sendCommand( nvlist_t *nvl )
+/*
+ * This function should be called only by:
+ * - gzopen()
+ * - deflateInit()
+ * - inflateInit()
+ */
+struct sandbox *
+startSandbox(void *data)
{
- nvlist_t *new;
- if( nvlist_send(sv[1], nvl) != 0 )
- err(1, "zcaplib: nvlist_send() Went wrong");
- if ((new = nvlist_recv(sv[1])) == NULL)
- err(1, "nvlist_recv(): nvlist_t is NULL");
- return (new);
+ struct sandbox *newsandbox;
+
+ if (!slist_initiated) {
+ SLIST_INIT(&sandboxes);
+ slist_initiated = 1;
+ }
+
+ /* Here we add a sandbox used for non-structure related stuff */
+ /* This will be the first sandbox always */
+ if (SLIST_EMPTY(&sandboxes)) {
+ newsandbox = startChild(newsandbox, NULL);
+ SLIST_INSERT_HEAD(&sandboxes, newsandbox, entries);
+ }
+
+ /* Create and add the real sandbox */
+ newsandbox = startChild(data);
+ SLIST_INSERT_HEAD(&sandboxes, newsandbox, entries);
+
+ return (newsandbox);
}
-void killChild(void) {
- kill(pid, SIGKILL);
+/*
+ * Kills the sandbox, and deletes
+ * the associated struct sandbox.
+ */
+int
+stopSandbox(struct sandbox *sandbox)
+{
+ int sandboxpid;
+
+ if ((sandboxpid = pdgetpid(sandbox->pd)) < 0)
+ err(1, "Couldn't get child PID");
+
+ if (kill(SIGKILL, sandboxpid) < 0)
+ err(1, "Couldn't kill child");
+
+ SLIST_REMOVE(&sandboxes, sandbox, entry, entries);
+ free(sandbox);
}
-void suicide(int signal) {
- kill(getpid(), SIGKILL);
+
+/*
+ * Finds the struct sandbox for
+ * a pointer to the data structure
+ * the sandbox is related to.
+ * Returns NULL if not found.
+ */
+struct sandbox *
+findsanbox(void *ptr)
+{
+ struct sandbox *sandbox;
+
+ sandbox = NULL;
+
+ if (ptr == NULL)
+ return (SLIST_FIRST(&sandboxes));
+
+ SLIST_FOREACH(sandbox, &sandboxes, entries)
+ if (sandbox->dataptr == ptr)
+ return (sandbox);
+
+ /* Not found */
+ return (NULL);
}
\ No newline at end of file
Modified: soc2013/dpl/head/lib/libzcap/capsicum.h
==============================================================================
--- soc2013/dpl/head/lib/libzcap/capsicum.h Wed Sep 4 17:48:41 2013 (r256902)
+++ soc2013/dpl/head/lib/libzcap/capsicum.h Wed Sep 4 18:22:03 2013 (r256903)
@@ -1,5 +1,5 @@
/*
- * With Capsicum, we get a compartmentalized, and securer lib.
+ * We're using Capsicum!
*/
#define CAPSICUM
#include <sys/capability.h>
@@ -20,7 +20,22 @@
extern int pid;
extern int sv[2];
+extern struct sandbox * sandboxes;
extern int startChild(void);
extern void killChild(void);
extern nvlist_t * sendCommand(nvlist_t *nvl);
+
+/* head of singly-linked list. */
+SLIST_HEAD(slisthead, sandbox) sandboxes = SLIST_HEAD_INITIALIZER(head);
+
+/*
+ * This structure holds a relation of structs of data structs,
+ * and its related process descriptor (pd).
+ */
+struct sandbox {
+ void * dataptr; /* Pointer to the data structure of the lib */
+ int pd; /* Process descriptor */
+ int socket; /* Socket we have to pass the data through */
+ SLIST_ENTRY(entry) entries; /* Singly-linked list. */
+}
Modified: soc2013/dpl/head/lib/libzcap/commands.c
==============================================================================
--- soc2013/dpl/head/lib/libzcap/commands.c Wed Sep 4 17:48:41 2013 (r256902)
+++ soc2013/dpl/head/lib/libzcap/commands.c Wed Sep 4 18:22:03 2013 (r256903)
@@ -82,7 +82,6 @@
uLong zcapcmd_crc32_combine(uLong crc1, uLong crc2, z_off64_t len2);
-extern pid_t pid;
extern nvlist_t *sendCommand(nvlist_t *);
extern void *data;
@@ -92,13 +91,15 @@
size_t zstreamsize = sizeof(z_stream);
-static void
-initializeCommand() {
- if (pid == 0)
- startChild();
+static sandbox_s*
+initializeCommand(void *ptr) {
+ sandbox_s *sanbox;
+ sandbox = findSandbox(ptr);
if( (args = nvlist_create(0)) == NULL || (nvl = nvlist_create(0)) == NULL )
err(1, "zcaplib: nvlist_create");
+
+ return sandbox;
}
static void
Modified: soc2013/dpl/head/lib/libzcap/commands.h
==============================================================================
--- soc2013/dpl/head/lib/libzcap/commands.h Wed Sep 4 17:48:41 2013 (r256902)
+++ soc2013/dpl/head/lib/libzcap/commands.h Wed Sep 4 18:22:03 2013 (r256903)
@@ -13,8 +13,6 @@
*/
-#define SOCKETFILENO 3
-
#define ZCAPCMD_DEFLATEINIT 0
#define ZCAPCMD_DEFLATE 1
#define ZCAPCMD_DEFLATEEND 2
More information about the svn-soc-all
mailing list