From: "Mike Frysinger" <vapier@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/sandbox:master commit in: src/, libsbutil/, libsandbox/
Date: Mon, 5 Mar 2012 21:22:55 +0000 (UTC) [thread overview]
Message-ID: <1330982507.5498907383c7f1654188b6a0d02d8b03112a28c3.vapier@gentoo> (raw)
commit: 5498907383c7f1654188b6a0d02d8b03112a28c3
Author: Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Mon Mar 5 21:19:08 2012 +0000
Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Mon Mar 5 21:21:47 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/sandbox.git;a=commit;h=54989073
libsandbox: push down constructor init
Since every consumer of sb_open gets a copy of the sbio_open data, push
the init of this into the .data section of the respective consumers to
avoid the runtime overhead.
This just leaves sandbox_lib setup in the constructor function, but that
is only needed by the execve wrapper, so push down init of that to the
existing sb_init logic which happens before our execve wrapper gets used.
URL: http://bugs.gentoo.org/404013
Reported-by: Mike Gilbert <floppym <AT> gentoo.org>
Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>
---
libsandbox/libsandbox.c | 43 ++++++-------------------------------------
libsbutil/sb_open.c | 11 -----------
libsbutil/sbutil.h | 2 +-
src/sandbox.c | 1 +
4 files changed, 8 insertions(+), 49 deletions(-)
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
index 0fcbb65..a36e190 100644
--- a/libsandbox/libsandbox.c
+++ b/libsandbox/libsandbox.c
@@ -61,6 +61,7 @@ typedef struct {
static char *cached_env_vars[MAX_DYN_PREFIXES];
bool sandbox_on = true;
static bool sb_init = false;
+int (*sbio_open)(const char *, int, mode_t) = sb_unwrapped_open;
static char *resolve_path(const char *, int);
static int check_prefixes(char **, int, const char *);
@@ -68,50 +69,15 @@ static void clean_env_entries(char ***, int *);
static void init_context(sbcontext_t *);
static void init_env_entries(char ***, int *, const char *, const char *, int);
-
-/*
- * Initialize the shabang
- */
-#if 0
-__attribute__((destructor))
-void libsb_fini(void)
-{
- /* let the kernel reap our resources -- it's faster anyways */
- int x;
-
- sb_init = false;
-
- for (x = 0; x < MAX_DYN_PREFIXES; ++x) {
- if (NULL != cached_env_vars[x]) {
- free(cached_env_vars[x]);
- cached_env_vars[x] = NULL;
- }
- }
-
- for (x = 0; x < MAX_DYN_PREFIXES; ++x)
- clean_env_entries(&(sbcontext.prefixes[x]),
- &(sbcontext.num_prefixes[x]));
-}
-#endif
-
+#ifdef SB_MEM_DEBUG
__attribute__((constructor))
void libsb_init(void)
{
save_errno();
-
-#ifdef SB_MEM_DEBUG
mtrace();
-#endif
-
- sb_set_open(sb_unwrapped_open);
-
- /* Get the path and name to this library */
- get_sandbox_lib(sandbox_lib);
-
-// sb_init = true;
-
restore_errno();
}
+#endif
static const char *sb_get_fd_dir(void)
{
@@ -1084,6 +1050,9 @@ bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, in
sb_lock();
if (!sb_init) {
+ /* Get the path and name to this library */
+ get_sandbox_lib(sandbox_lib);
+
init_context(&sbcontext);
sb_init = true;
}
diff --git a/libsbutil/sb_open.c b/libsbutil/sb_open.c
index 2e405c6..27dda9c 100644
--- a/libsbutil/sb_open.c
+++ b/libsbutil/sb_open.c
@@ -10,17 +10,6 @@
#include "headers.h"
#include "sbutil.h"
-static int (*sbio_open)(const char *, int, mode_t) = (void *)open;
-
-
-void sb_set_open(void *new_open)
-{
- if (!check_ptr(new_open))
- return;
-
- sbio_open = new_open;
-}
-
/* General purpose function to _reliably_ open a file
*
* Returns the file descriptor or -1 on error (and errno set)
diff --git a/libsbutil/sbutil.h b/libsbutil/sbutil.h
index e232b31..bdff33f 100644
--- a/libsbutil/sbutil.h
+++ b/libsbutil/sbutil.h
@@ -91,7 +91,7 @@ bool is_env_on (const char *);
bool is_env_off (const char *);
/* libsandbox need to use a wrapper for open */
-void sb_set_open(void *new_open);
+attribute_hidden extern int (*sbio_open)(const char *, int, mode_t);
/* Convenience functions to reliably open, read and write to a file */
int sb_open(const char *path, int flags, mode_t mode);
size_t sb_read(int fd, void *buf, size_t count);
diff --git a/src/sandbox.c b/src/sandbox.c
index d36126e..a8e28fe 100644
--- a/src/sandbox.c
+++ b/src/sandbox.c
@@ -18,6 +18,7 @@
static int print_debug = 0;
#define dprintf(fmt, args...) do { if (print_debug) printf(fmt, ## args); } while (0)
#define dputs(str) do { if (print_debug) puts(str); } while (0)
+int (*sbio_open)(const char *, int, mode_t) = (void *)open;
volatile static int stop_called = 0;
volatile static pid_t child_pid = 0;
next reply other threads:[~2012-03-05 21:23 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-05 21:22 Mike Frysinger [this message]
-- strict thread matches above, loose matches on Subject: below --
2012-12-24 5:23 [gentoo-commits] proj/sandbox:master commit in: src/, libsbutil/, libsandbox/ Mike Frysinger
2013-02-25 4:08 Mike Frysinger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1330982507.5498907383c7f1654188b6a0d02d8b03112a28c3.vapier@gentoo \
--to=vapier@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox