Author: Armin Rigo <[email protected]>
Branch: sandbox-lib
Changeset: r83173:8f8afefdd713
Date: 2016-03-19 18:38 +0100
http://bitbucket.org/pypy/pypy/changeset/8f8afefdd713/
Log: in-progress
diff --git a/rpython/annotator/policy.py b/rpython/annotator/policy.py
--- a/rpython/annotator/policy.py
+++ b/rpython/annotator/policy.py
@@ -88,7 +88,7 @@
if key not in bk.emulated_pbc_calls:
params_s = s_func.args_s
s_result = s_func.s_result
- from rpython.translator.sandbox.rsandbox import
make_sandbox_trampoline
+ from rpython.translator.sandboxlib.rsandbox import
make_sandbox_trampoline
sandbox_trampoline = make_sandbox_trampoline(
s_func.name, params_s, s_result)
sandbox_trampoline._signature_ =
[SomeTuple(items=params_s)], s_result
diff --git a/rpython/config/translationoption.py
b/rpython/config/translationoption.py
--- a/rpython/config/translationoption.py
+++ b/rpython/config/translationoption.py
@@ -106,10 +106,11 @@
# other noticeable options
BoolOption("thread", "enable use of threading primitives",
default=False, cmdline="--thread"),
- BoolOption("sandbox", "Produce a fully-sandboxed executable",
- default=False, cmdline="--sandbox",
- requires=[("translation.thread", False)],
- suggests=[("translation.gc", "generation"),
+ BoolOption("sandboxlib", "Produce a fully-sandboxed library",
+ default=False, cmdline="--sandboxlib",
+ requires=[("translation.thread", False),
+ ("translation.shared", True)],
+ suggests=[("translation.gc", "minimark"),
("translation.gcrootfinder", "shadowstack")]),
BoolOption("rweakref", "The backend supports RPython-level weakrefs",
default=True),
diff --git a/rpython/rlib/objectmodel.py b/rpython/rlib/objectmodel.py
--- a/rpython/rlib/objectmodel.py
+++ b/rpython/rlib/objectmodel.py
@@ -300,7 +300,7 @@
def compute_annotation(self):
if sandboxed_name:
config = self.bookkeeper.annotator.translator.config
- if config.translation.sandbox:
+ if config.translation.sandboxlib:
func._sandbox_external_name = sandboxed_name
func._dont_inline_ = True
return self.bookkeeper.immutablevalue(func)
diff --git a/rpython/rtyper/extfunc.py b/rpython/rtyper/extfunc.py
--- a/rpython/rtyper/extfunc.py
+++ b/rpython/rtyper/extfunc.py
@@ -95,7 +95,7 @@
def compute_annotation(self):
s_result = SomeExternalFunction(
self.name, self.signature_args, self.signature_result)
- if (self.bookkeeper.annotator.translator.config.translation.sandbox
+ if (self.bookkeeper.annotator.translator.config.translation.sandboxlib
and not self.safe_not_sandboxed):
s_result.needs_sandboxing = True
return s_result
@@ -110,7 +110,7 @@
export_name: the name of the function as it will be seen by the backends
llimpl: optional; if provided, this RPython function is called instead of
the target function
llfakeimpl: optional; if provided, called by the llinterpreter
- sandboxsafe: use True if the function performs no I/O (safe for --sandbox)
+ sandboxsafe: use True if the function performs no I/O (safe for
--sandboxlib)
"""
if export_name is None:
diff --git a/rpython/rtyper/rtyper.py b/rpython/rtyper/rtyper.py
--- a/rpython/rtyper/rtyper.py
+++ b/rpython/rtyper/rtyper.py
@@ -29,7 +29,6 @@
from rpython.rtyper.rclass import RootClassRepr
from rpython.tool.pairtype import pair
from rpython.translator.unsimplify import insert_empty_block
-from rpython.translator.sandbox.rsandbox import make_sandbox_trampoline
class RTyperBackend(object):
@@ -575,7 +574,9 @@
def getcallable(self, graph):
def getconcretetype(v):
return self.bindingrepr(v).lowleveltype
- if self.annotator.translator.config.translation.sandbox:
+ if self.annotator.translator.config.translation.sandboxlib:
+ from rpython.translator.sandboxlib.rsandbox import (
+ make_sandbox_trampoline) # don't import this globally
try:
name = graph.func._sandbox_external_name
except AttributeError:
diff --git a/rpython/translator/c/genc.py b/rpython/translator/c/genc.py
--- a/rpython/translator/c/genc.py
+++ b/rpython/translator/c/genc.py
@@ -131,7 +131,7 @@
gcpolicyclass=gcpolicyclass,
exctransformer=exctransformer,
thread_enabled=self.config.translation.thread,
- sandbox=self.config.translation.sandbox)
+ sandbox=self.config.translation.sandboxlib)
self.db = db
# give the gc a chance to register interest in the start-up functions
it
@@ -211,7 +211,7 @@
defines = defines.copy()
if self.config.translation.countmallocs:
defines['COUNT_OP_MALLOCS'] = 1
- if self.config.translation.sandbox:
+ if self.config.translation.sandboxlib:
defines['RPY_SANDBOXED'] = 1
if CBuilder.have___thread is None:
CBuilder.have___thread = self.translator.platform.check___thread()
@@ -380,7 +380,8 @@
headers_to_precompile=headers_to_precompile,
no_precompile_cfiles = module_files,
shared=self.config.translation.shared,
- icon=self.config.translation.icon)
+ icon=self.config.translation.icon,
+ sandboxlib=self.config.translation.sandboxlib)
if self.has_profopt():
profopt = self.config.translation.profopt
diff --git a/rpython/translator/c/node.py b/rpython/translator/c/node.py
--- a/rpython/translator/c/node.py
+++ b/rpython/translator/c/node.py
@@ -917,7 +917,7 @@
if db.sandbox:
if (getattr(obj, 'external', None) is not None and
not obj._safe_not_sandboxed):
- from rpython.translator.sandbox import rsandbox
+ from rpython.translator.sandboxlib import rsandbox
obj.__dict__['graph'] = rsandbox.get_sandbox_stub(
obj, db.translator.rtyper)
obj.__dict__.pop('_safe_not_sandboxed', None)
diff --git a/rpython/translator/c/src/precommondefs.h
b/rpython/translator/c/src/precommondefs.h
--- a/rpython/translator/c/src/precommondefs.h
+++ b/rpython/translator/c/src/precommondefs.h
@@ -61,16 +61,26 @@
a bug; please report or fix it.
*/
#ifdef __GNUC__
-# define RPY_EXPORTED extern __attribute__((visibility("default")))
-# define _RPY_HIDDEN __attribute__((visibility("hidden")))
+# define _RPY_EXPORTED1 extern __attribute__((visibility("default")))
+# define _RPY_HIDDEN __attribute__((visibility("hidden")))
#else
-# define RPY_EXPORTED extern __declspec(dllexport)
-# define _RPY_HIDDEN /* nothing */
+# define _RPY_EXPORTED1 extern __declspec(dllexport)
+# define _RPY_HIDDEN /* nothing */
#endif
#ifndef RPY_EXTERN
# define RPY_EXTERN extern _RPY_HIDDEN
#endif
+/* With --sandboxlib, don't export any of the standard functions.
+ We will instead export a different set of functions, using
+ the RPY_SANDBOX_EXPORTED macro. */
+#ifdef RPY_SANDBOXED
+# define RPY_EXPORTED extern _RPY_HIDDEN
+# define RPY_SANDBOX_EXPORTED _RPY_EXPORTED1
+#else
+# define RPY_EXPORTED _RPY_EXPORTED1
+#endif
+
#endif /* __PYPY_PRECOMMONDEFS_H */
diff --git a/rpython/translator/platform/posix.py
b/rpython/translator/platform/posix.py
--- a/rpython/translator/platform/posix.py
+++ b/rpython/translator/platform/posix.py
@@ -99,7 +99,8 @@
def gen_makefile(self, cfiles, eci, exe_name=None, path=None,
shared=False, headers_to_precompile=[],
- no_precompile_cfiles = [], icon=None):
+ no_precompile_cfiles = [], icon=None,
+ sandboxlib=False):
cfiles = self._all_cfiles(cfiles, eci)
if path is None:
@@ -133,6 +134,11 @@
m.exe_name = path.join(exe_name.basename)
m.eci = eci
+ default_target = exe_name.basename
+ if sandboxlib:
+ assert shared
+ default_target = target_name
+
def rpyrel(fpath):
lpath = py.path.local(fpath)
rel = lpath.relto(rpypath)
@@ -165,7 +171,7 @@
definitions = [
('RPYDIR', '"%s"' % rpydir),
('TARGET', target_name),
- ('DEFAULT_TARGET', exe_name.basename),
+ ('DEFAULT_TARGET', default_target),
('SOURCES', rel_cfiles),
('OBJECTS', rel_ofiles),
('LIBS', self._libs(eci.libraries) + list(self.extra_libs)),
@@ -195,7 +201,7 @@
for rule in rules:
m.rule(*rule)
- if shared:
+ if shared and not sandboxlib:
m.definition('SHARED_IMPORT_LIB', libname),
m.definition('PYPY_MAIN_FUNCTION', "pypy_main_startup")
m.rule('main.c', '',
diff --git a/rpython/translator/sandboxlib/__init__.py
b/rpython/translator/sandboxlib/__init__.py
new file mode 100644
diff --git a/rpython/translator/sandboxlib/rsandbox.py
b/rpython/translator/sandboxlib/rsandbox.py
new file mode 100644
--- /dev/null
+++ b/rpython/translator/sandboxlib/rsandbox.py
@@ -0,0 +1,13 @@
+
+
+def make_sandbox_trampoline(fnname, args_s, s_result):
+ """Create a trampoline function with the specified signature.
+
+ The trampoline is meant to be used in place of real calls to the external
+ function named 'fnname'. Instead, it calls a function pointer that is
+ under control of the main C program using the sandboxed library.
+ """
+ def execute(*args):
+ raise NotImplementedError
+ execute.__name__ = 'sandboxed_%s' % (fnname,)
+ return execute
diff --git a/rpython/translator/sandboxlib/test/__init__.py
b/rpython/translator/sandboxlib/test/__init__.py
new file mode 100644
diff --git a/rpython/translator/sandboxlib/test/test_sandbox.py
b/rpython/translator/sandboxlib/test/test_sandbox.py
new file mode 100644
--- /dev/null
+++ b/rpython/translator/sandboxlib/test/test_sandbox.py
@@ -0,0 +1,14 @@
+from rpython.translator.interactive import Translation
+
+
+
+def compile(entry_point):
+ t = Translation(entry_point, backend='c', sandboxlib=True)
+ return str(t.compile())
+
+
+def test_empty():
+ def entry_point(argv):
+ return 0
+
+ print compile(entry_point)
_______________________________________________
pypy-commit mailing list
[email protected]
https://mail.python.org/mailman/listinfo/pypy-commit
