Page MenuHomeFreeBSD

Add support to strings(1) to run under capsicum
AbandonedPublic

Authored by andrew on Sep 18 2016, 12:56 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Jan 5, 7:46 PM
Unknown Object (File)
Sun, Dec 22, 7:12 PM
Unknown Object (File)
Nov 28 2024, 10:11 PM
Unknown Object (File)
Nov 28 2024, 10:11 PM
Unknown Object (File)
Oct 7 2024, 8:43 AM
Unknown Object (File)
Oct 7 2024, 2:04 AM
Unknown Object (File)
Oct 4 2024, 7:59 AM
Unknown Object (File)
Oct 3 2024, 11:57 PM

Details

Reviewers
emaste
Summary

Move strings under capsicum when available as it may need to parse
the elf file passed to it.

Diff Detail

Event Timeline

andrew retitled this revision from to Add support to strings(1) to run under capsicum.
andrew updated this object.
andrew edited the test plan for this revision. (Show Details)
andrew added a reviewer: emaste.

Support multiple files by opening them before processing

contrib/elftoolchain/common/_elftc.h
436–440

This part seems reasonable to me; in my earlier poking at capsicumizing ELF Tool Chain components I had __FreeBSD_version blocks for both sys/capsicum.h and sys/capability.h but since stable/10 and 10.3 have capsicum.h there's not much point in the extra cruft.

I would probably put a comment though to give a hint as to why this is like this, along the lines of

if __FreeBSD_version > 1001510 /* Header renamed to sys/capsicum.h */
contrib/elftoolchain/common/_elftc.h
436–440

You still need the define. We support bootstrapping from 9.x and although sys/capsicum.h exists there, most of the interface that this change uses is not present there.

So there *IS* a point to the extra cruft.

emaste added inline comments.
contrib/elftoolchain/common/_elftc.h
436–440

Not talking about getting rid of this define, just not adding extra cruft to use capsicum on systems < 1001511.

The extra cruft that does not have a point would be something like:

#if __FreeBSD_version > 900000
#define ELFTC_HAVE_CAPSICUM 1
#if __FreeBSD_version > 1001510
#define HEADER_IS_CAPSICUM_H 1
#else
#define HEADER_IS_CAPABILITY_H 1
#endif
#endif

Also, fully into bikeshed territory: >= 1001511 is probably more obvious.

contrib/elftoolchain/common/_elftc.h
436–440

I think a better path forward is the libegacy one we talked about on IRC...

But it all depends on what upstream wants to do since they have support for FreeBSD < 9 later in the file...

contrib/elftoolchain/common/_elftc.h
436–440

That is, the extra cruft that I think is not worthwhile is that cruft to handle the header being named sys/capability.h in 9.x and 10.x prior to 10.3, not sys/capsicum.h.

contrib/elftoolchain/common/_elftc.h
436–440

I want to keep this identical to upstream, and upstream must of course build without Capsicum for other operating systems; I'm happy with that applying to FreeBSD < 10.3 as well.