Page MenuHomeFreeBSD
Differential D25917

Capsicumize fsdb
Needs ReviewPublic
Actions

Authored by shubh on Aug 2 2020, 12:45 AM.
Tags
Referenced Files
Unknown Object (File)
Wed, Jan 29, 1:22 PM
Unknown Object (File)
Tue, Jan 28, 3:09 AM
Unknown Object (File)
Tue, Jan 21, 8:20 PM
Unknown Object (File)
Sat, Jan 4, 2:36 PM
Unknown Object (File)
Nov 29 2024, 9:20 PM
Unknown Object (File)
Nov 22 2024, 4:04 PM
Unknown Object (File)
Oct 3 2024, 6:04 AM
Unknown Object (File)
Sep 20 2024, 2:16 AM
View All 46 Files
Subscribers
jonathan
capsicum

Details

Reviewers
oshogbo
markj
Summary

Where and why did I enter the capability mode?

  • fsdb calls setup() from the fsck_ffs directory, which opens the arg device
  • doing cap_enter() inside wouldn't allow el_init() to open termcap.db and el_source() to open ~/.editrc
  • Hence, I did a cap_enter after el_source() inside cmdloop()

Why did I use cap_pwd and cap_grp casper services

  • printactive() from fsdbutil.c calls getpwuid() and getgrgid()
  • printactive() is called before entering the capabality mode, hence I checked if the casper service is opened or not in fsdbutil.c
  • printactive() is also called after entering the capability mode, for fsdb commands such as *active*. Hence, casper service was needed here
Test Plan

ktrace fsdb /dev/<device_ffs>
kdump | grep cap. //to see if cap_enter() is called

fsdb /dev/<device_ffs>
active //to see if casper functions work or not

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

shubh created this revision.Aug 2 2020, 12:45 AM
Herald added a subscriber: jonathan. · View Herald TranscriptAug 2 2020, 12:45 AM
shubh requested review of this revision.Aug 2 2020, 12:45 AM
oshogbo added inline comments.Aug 3 2020, 9:01 AM
sbin/fsdb/fsdb.c
67

New line after this.

253

Some ident are broken in this block.

sbin/fsdb/fsdb.h
36

Why we are including this in the fsdb header?

sbin/fsdb/fsdbutil.c
187–188

Why u are checking cappwd, capgrp and so on?

shubh added inline comments.Aug 3 2020, 9:19 AM
sbin/fsdb/fsdbutil.c
187–188

So, as you can see inside fsdb.c, inside the cmdloop(), printactive() and hence printstat() is called before I open the casper servcies. So, here I checked if the casper services are opened or not, if they are then use the casper functions, otherwise use the normal functions.

I have this constraint where I have to enter the capability mode after the el_source() function

oshogbo added inline comments.Aug 3 2020, 9:24 AM
sbin/fsdb/fsdbutil.c
187–188

Gatcha. Thats ok.

markj added inline comments.Aug 4 2020, 2:27 PM
sbin/fsdb/fsdb.c
253

Unfortunately, this file doesn't conform to our usual code style. Here, indentation is by four spaces, and eight consecutive spaces are converted into a tab.

sbin/fsdb/fsdbutil.c
187–188

I would suggest adding a comment explaining this.

shubh added inline comments.Aug 5 2020, 1:39 AM
sbin/fsdb/fsdb.h
36

I need to include <libcasper.h> atleast, because I am defining cappwd and capgrp as extern variables in this file. I can move the cap_pwd include to fsdbutil.c

shubh updated this revision to Diff 75929.Aug 18 2020, 12:54 AM
  • Fixed indents
  • Added 2 comments
oshogbo added inline comments.Sep 6 2020, 2:10 PM
sbin/fsdb/fsdbutil.c
187–188

We have to comment explaining that we call this function in sandbox and without sandbox.

Revision Contents
Changeset List

PathSize
sbin/
fsdb/
9 lines
4 lines
28 lines
12 lines

Diff 75929

View Options

sbin/fsdb/Makefile

Loading...
View Options

sbin/fsdb/fsdb.h

Loading...
View Options

sbin/fsdb/fsdb.c

Loading...
View Options

sbin/fsdb/fsdbutil.c

Loading...