Page MenuHomeFreeBSD
Differential D8543

Capsicumise dd
ClosedPublic
Actions

Authored by kaktus on Nov 16 2016, 9:37 PM.
Tags
Referenced Files
Unknown Object (File)
Fri, Apr 12, 5:42 PM
Unknown Object (File)
Fri, Apr 12, 5:42 PM
Unknown Object (File)
Fri, Apr 12, 5:42 PM
Unknown Object (File)
Fri, Apr 12, 5:42 PM
Unknown Object (File)
Fri, Apr 12, 5:42 PM
Unknown Object (File)
Fri, Apr 12, 5:42 PM
Unknown Object (File)
Fri, Apr 12, 5:42 PM
Unknown Object (File)
Fri, Apr 12, 5:42 PM
View All Files
Subscribers
imp
oshogbo

Details

Reviewers
emaste
robak
allanjude
ngie
imp
adrian
oshogbo
Group Reviewers
capsicum
Commits
rS309921: Fix regression when stdin/out/err fds are are overridden by shell.
rS309735: Capsicum support for dd(1)
rS308810: Capsicum support for dd(1)
Summary

This patch puts dd in capsicum based sandbox.

Sponsored by: Mysterious Code Ltd.

Test Plan

Tested with make test and by hand with various options like seek and skip.

Tape _untested_ but it should work as all ioctls related to tape are permitted.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

There are a very large number of changes, so older changes are hidden. Show Older Changes
kaktus updated this revision to Diff 22267.Nov 16 2016, 9:37 PM
kaktus edited the test plan for this revision. (Show Details)
kaktus added reviewers: robak, capsicum.
kaktus set the repository for this revision to rS FreeBSD src repository - subversion.
kaktus added a project: capsicum.
Herald added a subscriber: imp. · View Herald TranscriptNov 16 2016, 9:37 PM
robak added reviewers: emaste, allanjude.Nov 16 2016, 9:39 PM
allanjude added inline comments.Nov 16 2016, 9:46 PM
freebsd/bin/dd/dd.c
179 ↗(On Diff #22267)

it might make more sense to do this on like 160, where we set CAP_WRITE etc

kaktus added inline comments.Nov 16 2016, 9:48 PM
freebsd/bin/dd/dd.c
179 ↗(On Diff #22267)

But I want to _clear_ the flag if the file is open write only.

allanjude accepted this revision.Nov 16 2016, 11:08 PM
allanjude edited edge metadata.
allanjude added inline comments.
freebsd/bin/dd/dd.c
179 ↗(On Diff #22267)

I misunderstood what was happening, sorry.

This appears correct.

This revision is now accepted and ready to land.Nov 16 2016, 11:08 PM
kaktus updated this revision to Diff 22278.Nov 17 2016, 11:10 AM
kaktus edited edge metadata.

Regenerate patch.

This revision now requires review to proceed.Nov 17 2016, 11:10 AM
kaktus updated this revision to Diff 22279.Nov 17 2016, 11:12 AM
kaktus edited edge metadata.

Regenerate, this time with -U999999.

oshogbo requested changes to this revision.Nov 17 2016, 8:59 PM
oshogbo added a reviewer: oshogbo.
oshogbo added a subscriber: oshogbo.
oshogbo added inline comments.
bin/dd/dd.c
100 ↗(On Diff #22279)

We should check errno and cap_enter in one line.
Basically you should not warn if Capsicum is unavailable, user decided to compile kernel without CAPSICUM so we should not inform go about that on every step.
Some architectures even don't have Capsicum enable by default.

140 ↗(On Diff #22279)

Style.
{ MTIOCTOP, FIODTYPE }

192 ↗(On Diff #22279)

Style. To big indent, should be tab and 4 spaces.

196 ↗(On Diff #22279)

Here you don't need to check errno.

This revision now requires changes to proceed.Nov 17 2016, 8:59 PM
oshogbo added inline comments.Nov 17 2016, 9:06 PM
bin/dd/dd.c
183 ↗(On Diff #22279)

Here you also don't need to check errno.

emaste added inline comments.Nov 17 2016, 9:07 PM
bin/dd/dd.c
196 ↗(On Diff #22279)

To clarify, the caph_ helpers handle the errno checking internally.

oshogbo added inline comments.Nov 17 2016, 9:17 PM
bin/dd/dd.c
98 ↗(On Diff #22279)

Sorry for being PITA, but do we need that?
Which function requires time zones?

kaktus updated this revision to Diff 22323.Nov 18 2016, 10:48 AM
kaktus edited edge metadata.

Updated diff after requested changes.

kaktus marked 6 inline comments as done.Nov 18 2016, 10:50 AM
kaktus added inline comments.
bin/dd/dd.c
140 ↗(On Diff #22279)

Maybe, as I don't see this rule defined _clearly_ in style(9).

robak accepted this revision.Nov 18 2016, 3:35 PM
robak edited edge metadata.

@oshogbo @allanjude It works for me, when I test it, so if I can get approval from someone with src commit bit, I am happy to commit it.

emaste added inline comments.Nov 18 2016, 4:48 PM
bin/dd/dd.c
140 ↗(On Diff #22279)

Some of style(9) is by example, not explicit - this is probably the closest even though it's for something else:

Enumeration values are all uppercase.

enum enumtype { ONE, TWO } et;
192 ↗(On Diff #22279)

Line 188 should be:
<tab><space><space><space><space>errno != ENOSYS
looking at the raw diff it has two tabs and four spaces in the most recent upload

kaktus updated this revision to Diff 22334.Nov 18 2016, 4:51 PM
kaktus edited edge metadata.

Fix indentation.

emaste edited edge metadata.Nov 18 2016, 5:04 PM

I think this looks good, and have asked @oshogbo if he can check again.

Also, let me say thank you for your interest and effort in applying Capsicum and submitting these patches.

oshogbo accepted this revision.Nov 18 2016, 6:46 PM
oshogbo edited edge metadata.

Good work :)
Please just fix the error messages.

bin/dd/dd.c
146 ↗(On Diff #22334)

One more thing.
You are inconsistent in error messages.
Everywhere in file we have sentence start from small later ;(

This revision is now accepted and ready to land.Nov 18 2016, 6:46 PM
kaktus updated this revision to Diff 22335.Nov 18 2016, 7:38 PM
kaktus edited edge metadata.
kaktus marked an inline comment as done.
  • be more consistent with lowercase in err().
This revision now requires review to proceed.Nov 18 2016, 7:38 PM
Closed by commit rS308810: Capsicum support for dd(1) (authored by robak). · Explain WhyNov 18 2016, 9:10 PM
This revision was automatically updated to reflect the committed changes.
kaktus updated this revision to Diff 22405.Nov 21 2016, 12:06 PM
kaktus edited edge metadata.

Make it compile on older releases as dd is part of bootstrap and pre 12-C don't have capsicum_helpers.h installed.

Tested on 10.3-RELEASE i386 building head r308913.

robak reopened this revision.Nov 21 2016, 12:18 PM

Reopening due to dd/build toolchain issues.

robak added a reviewer: adrian.Nov 21 2016, 12:23 PM
oshogbo added a comment.Nov 21 2016, 12:49 PM

Hi,

Thanks for you work, but I like more your previus patch :)
So I would like to fix the problem with that patch in a little different meaner basically install libcapsicum.
I will do that today, and replay your patch.

Thank you one more time!

imp requested changes to this revision.Nov 21 2016, 7:36 PM
imp added a reviewer: imp.

I think we should have a fake libcapiscim that's all defeined as no-op success functions and add that to libegacy. We don't need to install the full libcapsicim and there's ordering issues trying to do so.

However, we don't need it for dd. I have patches in the works that remove the need to make it a bootstrap tool. I'll post a review shortly.

So the X is for 'install libcapsicim' not for this patch as it is once I get the Makefile stuff sorted.

This revision now requires changes to proceed.Nov 21 2016, 7:36 PM
imp added a comment.Nov 21 2016, 7:43 PM

See https://reviews.freebsd.org/D8605 for one possible resolution

kaktus added a comment.Nov 21 2016, 8:34 PM

As I see libcapsicum is header only https://svnweb.freebsd.org/base/head/lib/libcapsicum/Makefile?revision=306726&view=markup.
The breakage was obviously caused by lack of that header in installed system older than 12-C.

So either we 1) install that lib / header 2) remove dd from bootstrap 3) use the current patch (I agree that this is the less favourable option).

I'll leave it up to you guys to decide :-)

kaktus added a comment.Dec 6 2016, 6:41 PM

Since dd was removed from bootstrap in 309412, can this be recommitted?

imp added a comment.Dec 6 2016, 10:24 PM
In D8543#180755, @pawel.biernacki-gmail.com wrote:

Since dd was removed from bootstrap in 309412, can this be recommitted?

If you can bootstrap with an old dd binary, sure. Since we no longer build dd as a bootstrap tool, I anticipate that there will be smooth sailing. But test from 10.3R and 11.0R on amd64 just to make sure, along with at least one universe.

That's rather the whole reason I did this. :)

imp accepted this revision.Dec 6 2016, 10:24 PM
imp edited edge metadata.

Should have ticked 'accept'

This revision is now accepted and ready to land.Dec 6 2016, 10:24 PM
kaktus updated this revision to Diff 22747.Dec 7 2016, 10:52 PM
kaktus edited edge metadata.

Update diff with one that survived building head@r309672:

  1. buildword && buildkernel on FreeBSD 10.3-R i386
  2. universe on FreeBSD 11.0-R amd64
This revision now requires review to proceed.Dec 7 2016, 10:52 PM
robak added a comment.Dec 9 2016, 1:37 PM

Guys, are we happy with the state of things? I am keen to commit it, given relevant approval is provided.

oshogbo accepted this revision.Dec 9 2016, 2:24 PM
oshogbo edited edge metadata.
This revision is now accepted and ready to land.Dec 9 2016, 2:24 PM
Closed by commit rS309735: Capsicum support for dd(1) (authored by robak). · Explain WhyDec 9 2016, 2:51 PM
This revision was automatically updated to reflect the committed changes.
kaktus updated this revision to Diff 22801.Dec 10 2016, 2:57 PM
kaktus added a reviewer: ngie.

Fix regression when stdin/out/err fds are are overridden by shell.
Found by Kyua tests.

bin/dd/dd_test:io -> passed [0.038s]
bin/dd/dd_test:length -> passed [0.022s]
bin/dd/dd_test:seek -> passed [0.060s]

robak added a comment.Dec 12 2016, 9:06 AM

@ngie Thoughts? I'd like to commit this and move on to other things, so review/approval is highly appreciated.

ngie reopened this revision.Dec 12 2016, 9:17 AM
ngie accepted this revision.
ngie edited edge metadata.

The changes proposed seem ok, in so long as it addresses the regression I reported on svn-src-all@.

This revision is now accepted and ready to land.Dec 12 2016, 9:18 AM
Closed by commit rS309921: Fix regression when stdin/out/err fds are are overridden by shell. (authored by robak). · Explain WhyDec 12 2016, 6:56 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
bin/
dd/
14 lines

Diff 22852

View Options

head/bin/dd/dd.c

Loading...