From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1S4fN4-0002X0-5X for garchives@archives.gentoo.org; Mon, 05 Mar 2012 21:23:06 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 89E46E06C1; Mon, 5 Mar 2012 21:22:58 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 4512CE06C1 for ; Mon, 5 Mar 2012 21:22:58 +0000 (UTC) Received: from hornbill.gentoo.org (hornbill.gentoo.org [94.100.119.163]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id C12966443E for ; Mon, 5 Mar 2012 21:22:56 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by hornbill.gentoo.org (Postfix) with ESMTP id 77453E5428 for ; Mon, 5 Mar 2012 21:22:55 +0000 (UTC) From: "Mike Frysinger" To: gentoo-commits@lists.gentoo.org Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Frysinger" Message-ID: <1330982507.5498907383c7f1654188b6a0d02d8b03112a28c3.vapier@gentoo> Subject: [gentoo-commits] proj/sandbox:master commit in: src/, libsbutil/, libsandbox/ X-VCS-Repository: proj/sandbox X-VCS-Files: libsandbox/libsandbox.c libsbutil/sb_open.c libsbutil/sbutil.h src/sandbox.c X-VCS-Directories: src/ libsbutil/ libsandbox/ X-VCS-Committer: vapier X-VCS-Committer-Name: Mike Frysinger X-VCS-Revision: 5498907383c7f1654188b6a0d02d8b03112a28c3 X-VCS-Branch: master Date: Mon, 5 Mar 2012 21:22:55 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 60b5c942-b787-47a6-958a-b49aa1b9aaa4 X-Archives-Hash: 0e430348aa12610516ed22ecaf784d8d commit: 5498907383c7f1654188b6a0d02d8b03112a28c3 Author: Mike Frysinger gentoo org> AuthorDate: Mon Mar 5 21:19:08 2012 +0000 Commit: Mike Frysinger gentoo org> CommitDate: Mon Mar 5 21:21:47 2012 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=3Dproj/sandbox.git;a= =3Dcommit;h=3D54989073 libsandbox: push down constructor init Since every consumer of sb_open gets a copy of the sbio_open data, push the init of this into the .data section of the respective consumers to avoid the runtime overhead. This just leaves sandbox_lib setup in the constructor function, but that is only needed by the execve wrapper, so push down init of that to the existing sb_init logic which happens before our execve wrapper gets used. URL: http://bugs.gentoo.org/404013 Reported-by: Mike Gilbert gentoo.org> Signed-off-by: Mike Frysinger gentoo.org> --- libsandbox/libsandbox.c | 43 ++++++-----------------------------------= -- libsbutil/sb_open.c | 11 ----------- libsbutil/sbutil.h | 2 +- src/sandbox.c | 1 + 4 files changed, 8 insertions(+), 49 deletions(-) diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c index 0fcbb65..a36e190 100644 --- a/libsandbox/libsandbox.c +++ b/libsandbox/libsandbox.c @@ -61,6 +61,7 @@ typedef struct { static char *cached_env_vars[MAX_DYN_PREFIXES]; bool sandbox_on =3D true; static bool sb_init =3D false; +int (*sbio_open)(const char *, int, mode_t) =3D sb_unwrapped_open; =20 static char *resolve_path(const char *, int); static int check_prefixes(char **, int, const char *); @@ -68,50 +69,15 @@ static void clean_env_entries(char ***, int *); static void init_context(sbcontext_t *); static void init_env_entries(char ***, int *, const char *, const char *= , int); =20 - -/* - * Initialize the shabang - */ -#if 0 -__attribute__((destructor)) -void libsb_fini(void) -{ - /* let the kernel reap our resources -- it's faster anyways */ - int x; - - sb_init =3D false; - - for (x =3D 0; x < MAX_DYN_PREFIXES; ++x) { - if (NULL !=3D cached_env_vars[x]) { - free(cached_env_vars[x]); - cached_env_vars[x] =3D NULL; - } - } - - for (x =3D 0; x < MAX_DYN_PREFIXES; ++x) - clean_env_entries(&(sbcontext.prefixes[x]), - &(sbcontext.num_prefixes[x])); -} -#endif - +#ifdef SB_MEM_DEBUG __attribute__((constructor)) void libsb_init(void) { save_errno(); - -#ifdef SB_MEM_DEBUG mtrace(); -#endif - - sb_set_open(sb_unwrapped_open); - - /* Get the path and name to this library */ - get_sandbox_lib(sandbox_lib); - -// sb_init =3D true; - restore_errno(); } +#endif =20 static const char *sb_get_fd_dir(void) { @@ -1084,6 +1050,9 @@ bool before_syscall(int dirfd, int sb_nr, const cha= r *func, const char *file, in sb_lock(); =20 if (!sb_init) { + /* Get the path and name to this library */ + get_sandbox_lib(sandbox_lib); + init_context(&sbcontext); sb_init =3D true; } diff --git a/libsbutil/sb_open.c b/libsbutil/sb_open.c index 2e405c6..27dda9c 100644 --- a/libsbutil/sb_open.c +++ b/libsbutil/sb_open.c @@ -10,17 +10,6 @@ #include "headers.h" #include "sbutil.h" =20 -static int (*sbio_open)(const char *, int, mode_t) =3D (void *)open; - - -void sb_set_open(void *new_open) -{ - if (!check_ptr(new_open)) - return; - - sbio_open =3D new_open; -} - /* General purpose function to _reliably_ open a file * * Returns the file descriptor or -1 on error (and errno set) diff --git a/libsbutil/sbutil.h b/libsbutil/sbutil.h index e232b31..bdff33f 100644 --- a/libsbutil/sbutil.h +++ b/libsbutil/sbutil.h @@ -91,7 +91,7 @@ bool is_env_on (const char *); bool is_env_off (const char *); =20 /* libsandbox need to use a wrapper for open */ -void sb_set_open(void *new_open); +attribute_hidden extern int (*sbio_open)(const char *, int, mode_t); /* Convenience functions to reliably open, read and write to a file */ int sb_open(const char *path, int flags, mode_t mode); size_t sb_read(int fd, void *buf, size_t count); diff --git a/src/sandbox.c b/src/sandbox.c index d36126e..a8e28fe 100644 --- a/src/sandbox.c +++ b/src/sandbox.c @@ -18,6 +18,7 @@ static int print_debug =3D 0; #define dprintf(fmt, args...) do { if (print_debug) printf(fmt, ## args)= ; } while (0) #define dputs(str) do { if (print_debug) puts(str); } while (0) +int (*sbio_open)(const char *, int, mode_t) =3D (void *)open; =20 volatile static int stop_called =3D 0; volatile static pid_t child_pid =3D 0;