librumphijack

Antti Kantee Mon, 14 Mar 2011 08:13:34 -0700

Module Name:    src
Committed By:   pooka
Date:           Mon Mar 14 15:13:26 UTC 2011


Modified Files:
        src/lib/librumphijack: hijack.c

Log Message:
Make fdoffset configurable.  Also, enforce that host descriptors
are smaller than the offset.


To generate a diff of this commit:
cvs rdiff -u -r1.84 -r1.85 src/lib/librumphijack/hijack.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/lib/librumphijack/hijack.c
diff -u src/lib/librumphijack/hijack.c:1.84 src/lib/librumphijack/hijack.c:1.85
--- src/lib/librumphijack/hijack.c:1.84	Thu Mar 10 23:02:56 2011
+++ src/lib/librumphijack/hijack.c	Mon Mar 14 15:13:26 2011
@@ -1,4 +1,4 @@
-/*      $NetBSD: hijack.c,v 1.84 2011/03/10 23:02:56 pooka Exp $	*/
+/*      $NetBSD: hijack.c,v 1.85 2011/03/14 15:13:26 pooka Exp $	*/
 
 /*-
  * Copyright (c) 2011 Antti Kantee.  All Rights Reserved.
@@ -26,7 +26,7 @@
  */
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: hijack.c,v 1.84 2011/03/10 23:02:56 pooka Exp $");
+__RCSID("$NetBSD: hijack.c,v 1.85 2011/03/14 15:13:26 pooka Exp $");
 
 #define __ssp_weak_name(fun) _hijack_ ## fun
 
@@ -274,6 +274,9 @@
 static bool		fd_isrump(int);
 static enum pathtype	path_isrump(const char *);
 
+/* default FD_SETSIZE is 256 ==> default fdoff is 128 */
+static int hijack_fdoff = FD_SETSIZE/2;
+
 /*
  * Maintain a mapping table for the usual dup2 suspects.
  * Could use atomic ops to operate on dup2vec, but an application
@@ -647,6 +650,23 @@
 	errx(1, "sysctl value should be y(es)/n(o), gave: %s", buf);
 }
 
+static void
+fdoffparser(char *buf)
+{
+	unsigned long fdoff;
+	char *ep;
+
+	if (*buf == '-') {
+		errx(1, "fdoff must not be negative");
+	}
+	fdoff = strtoul(buf, &ep, 10);
+	if (*ep != '\0')
+		errx(1, "invalid fdoff specifier \"%s\"", buf);
+	if (fdoff >= INT_MAX/2 || fdoff < 3)
+		errx(1, "fdoff out of range");
+	hijack_fdoff = fdoff;
+}
+
 static struct {
 	void (*parsefn)(char *);
 	const char *name;
@@ -657,6 +677,7 @@
 	{ blanketparser, "blanket", true },
 	{ vfsparser, "vfs", true },
 	{ sysctlparser, "sysctl", false },
+	{ fdoffparser, "fdoffset", true },
 	{ NULL, NULL, false },
 };
 
@@ -783,16 +804,13 @@
 	}
 }
 
-/* Need runtime selection.  low for now due to FD_SETSIZE */
-#define HIJACK_FDOFF 128
-
 static int
 fd_rump2host(int fd)
 {
 
 	if (fd == -1)
 		return fd;
-	return fd + HIJACK_FDOFF;
+	return fd + hijack_fdoff;
 }
 
 static int
@@ -814,7 +832,7 @@
 {
 
 	if (!isdup2d(fd))
-		return fd - HIJACK_FDOFF;
+		return fd - hijack_fdoff;
 	else
 		return mapdup2(fd);
 }
@@ -823,10 +841,10 @@
 fd_isrump(int fd)
 {
 
-	return isdup2d(fd) || fd >= HIJACK_FDOFF;
+	return isdup2d(fd) || fd >= hijack_fdoff;
 }
 
-#define assertfd(_fd_) assert(ISDUP2D(_fd_) || (_fd_) >= HIJACK_FDOFF)
+#define assertfd(_fd_) assert(ISDUP2D(_fd_) || (_fd_) >= hijack_fdoff)
 
 static enum pathtype
 path_isrump(const char *path)
@@ -885,8 +903,8 @@
 	if (fd_isrump(oldd)) {
 		op_fcntl = GETSYSCALL(rump, FCNTL);
 		oldd = fd_host2rump(oldd);
-		if (minfd >= HIJACK_FDOFF)
-			minfd -= HIJACK_FDOFF;
+		if (minfd >= hijack_fdoff)
+			minfd -= hijack_fdoff;
 		isrump = 1;
 	} else {
 		op_fcntl = GETSYSCALL(host, FCNTL);
@@ -903,15 +921,22 @@
 }
 
 /*
- * dup a host file descriptor so that it doesn't collide with the dup2mask
+ * Check that host fd value does not exceed fdoffset and if necessary
+ * dup the file descriptor so that it doesn't collide with the dup2mask.
  */
 static int
-fd_dupgood(int fd)
+fd_host2host(int fd)
 {
 	int (*op_fcntl)(int, int, ...) = GETSYSCALL(host, FCNTL);
 	int (*op_close)(int) = GETSYSCALL(host, CLOSE);
 	int ofd, i;
 
+	if (fd >= hijack_fdoff) {
+		op_close(fd);
+		errno = ENFILE;
+		return -1;
+	}
+
 	for (i = 1; isdup2d(fd); i++) {
 		ofd = fd;
 		fd = op_fcntl(ofd, F_DUPFD, i);
@@ -949,7 +974,7 @@
 	if (isrump)
 		fd = fd_rump2host(fd);
 	else
-		fd = fd_dupgood(fd);
+		fd = fd_host2host(fd);
 
 	DPRINTF(("open <- %d (%s)\n", fd, whichfd(fd)));
 	return fd;
@@ -1099,7 +1124,7 @@
 	if (isrump)
 		fd = fd_rump2host(fd);
 	else
-		fd = fd_dupgood(fd);
+		fd = fd_host2host(fd);
 	DPRINTF(("socket <- %d\n", fd));
 
 	return fd;
@@ -1125,7 +1150,7 @@
 	if (fd != -1 && isrump)
 		fd = fd_rump2host(fd);
 	else
-		fd = fd_dupgood(fd);
+		fd = fd_host2host(fd);
 
 	DPRINTF((" <- %d\n", fd));
 
@@ -1177,7 +1202,7 @@
 		 * So, if fd < HIJACKOFF, we want to do a host closem.
 		 */
 
-		if (fd < HIJACK_FDOFF) {
+		if (fd < hijack_fdoff) {
 			int closemfd = fd;
 
 			if (rumpclient__closenotify(&closemfd,
@@ -1203,8 +1228,8 @@
 			}
 		}
 		
-		if (fd >= HIJACK_FDOFF)
-			fd -= HIJACK_FDOFF;
+		if (fd >= hijack_fdoff)
+			fd -= hijack_fdoff;
 		else
 			fd = 0;
 		fd = MAX(maxdup2+1, fd);

CVS commit: src/lib/librumphijack

Reply via email to