diff --git a/lib/libcapsicum/libcapsicum.3 b/lib/libcapsicum/libcapsicum.3 index 9df565a4077d..cbfd214a3bc5 100644 --- a/lib/libcapsicum/libcapsicum.3 +++ b/lib/libcapsicum/libcapsicum.3 @@ -1,288 +1,300 @@ .\" Copyright (c) 2013 The FreeBSD Foundation .\" All rights reserved. .\" .\" This documentation was written by Pawel Jakub Dawidek under sponsorship .\" from the FreeBSD Foundation. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" $FreeBSD$ .\" -.Dd April 14, 2014 +.Dd May 2, 2015 .Dt LIBCAPSICUM 3 .Os .Sh NAME .Nm cap_init , .Nm cap_wrap , .Nm cap_unwrap , .Nm cap_sock , .Nm cap_clone , .Nm cap_close , .Nm cap_limit_get , .Nm cap_limit_set , .Nm cap_send_nvlist , .Nm cap_recv_nvlist , .Nm cap_xfer_nvlist , .Nm cap_service_open .Nd "library for handling application capabilities" .Sh LIBRARY .Lb libcapsicum .Sh SYNOPSIS .In libcapsicum.h .In nv.h .Ft "cap_channel_t *" .Fn cap_init "void" .Ft "cap_channel_t *" .Fn cap_wrap "int sock" .Ft "int" .Fn cap_unwrap "cap_channel_t *chan" .Ft "int" .Fn cap_sock "const cap_channel_t *chan" .Ft "cap_channel_t *" .Fn cap_clone "const cap_channel_t *chan" .Ft "void" .Fn cap_close "cap_channel_t *chan" .Ft "int" .Fn cap_limit_get "const cap_channel_t *chan" "nvlist_t **limitsp" .Ft "int" .Fn cap_limit_set "const cap_channel_t *chan" "nvlist_t *limits" .Ft "int" .Fn cap_send_nvlist "const cap_channel_t *chan" "const nvlist_t *nvl" .Ft "nvlist_t *" -.Fn cap_recv_nvlist "const cap_channel_t *chan" +.Fn cap_recv_nvlist "const cap_channel_t *chan" "int flags" .Ft "nvlist_t *" -.Fn cap_xfer_nvlist "const cap_channel_t *chan" "nvlist_t *nvl" +.Fn cap_xfer_nvlist "const cap_channel_t *chan" "nvlist_t *nvl" "int flags" .In libcapsicum_service.h .Ft "cap_channel_t *" .Fn cap_service_open "const cap_channel_t *chan" "const char *name" .Sh DESCRIPTION The .Nm libcapsicum library allows to manage application capabilities through the .Xr casperd 8 daemon. .Pp The application capability (represented by the .Vt cap_channel_t type) is a communication channel between the caller and the .Xr casperd 8 daemon or an instance of one of its services. A capability to the .Xr casperd 8 daemon obtained with the .Fn cap_init function allows to create capabilities to casper's services via the .Fn cap_service_open function. .Pp The .Fn cap_init function opens capability to the .Xr casperd 8 daemon. .Pp The .Fn cap_wrap function creates .Vt cap_channel_t based on the given socket. The function is used when capability is inherited through .Xr execve 2 or send over .Xr unix 4 domain socket as a regular file descriptor and has to be represented as .Vt cap_channel_t again. .Pp The .Fn cap_unwrap function is the opposite of the .Fn cap_wrap function. It frees the .Vt cap_channel_t structure and returns .Xr unix 4 domain socket associated with it. .Pp The .Fn cap_clone function clones the given capability. .Pp The .Fn cap_close function closes the given capability. .Pp The .Fn cap_sock function returns .Xr unix 4 domain socket descriptor associated with the given capability for use with system calls like .Xr kevent 2 , .Xr poll 2 and .Xr select 2 . .Pp The .Fn cap_limit_get function stores current limits of the given capability in the .Fa limitsp argument. If the function return .Va 0 and .Dv NULL is stored in .Fa limitsp it means there are no limits set. .Pp The .Fn cap_limit_set function sets limits for the given capability. The limits are provided as nvlist. The exact format depends on the service the capability represents. .Pp The .Fn cap_send_nvlist function sends the given nvlist over the given capability. This is low level interface to communicate with casper services. Most services should provide higher level API. .Pp The .Fn cap_recv_nvlist function receives the given nvlist over the given capability. +The +.Fa flags +argument defines what type the top nvlist is expected to be. +If the nvlist flags do not match the flags passed to +.Fn cap_recv_nvlist , +the nvlist will not be returned. .Pp The .Fn cap_xfer_nvlist function sends the given nvlist, destroys it and receives new nvlist in response over the given capability. +The +.Fa flags +argument defines what type the top nvlist is expected to be. +If the nvlist flags do not match the flags passed to +.Fn cap_xfer_nvlist , +the nvlist will not be returned. It does not matter if the function succeeds or fails, the nvlist given for sending will always be destroyed once the function returns. .Pp The .Fn cap_service_open function opens casper service of the given name through casper capability obtained via the .Fn cap_init function. The function returns capability that provides access to opened service. .Sh RETURN VALUES The .Fn cap_clone , .Fn cap_init , .Fn cap_recv_nvlist , .Fn cap_service_open , .Fn cap_wrap and .Fn cap_xfer_nvlist functions return .Dv NULL and set the .Va errno variable on failure. .Pp The .Fn cap_limit_get , .Fn cap_limit_set and .Fn cap_send_nvlist functions return .Dv -1 and set the .Va errno variable on failure. .Pp The .Fn cap_close , .Fn cap_sock and .Fn cap_unwrap functions always succeed. .Sh EXAMPLES The following example first opens capability to the .Xr casperd 8 daemon, then using this capability creates new capability to the .Nm system.dns casper service and uses the latter capability to resolve IP address. .Bd -literal cap_channel_t *capcas, *capdns; nvlist_t *limits; const char *ipstr = "127.0.0.1"; struct in_addr ip; struct hostent *hp; /* Open capability to the Casper daemon. */ capcas = cap_init(); if (capcas == NULL) err(1, "Unable to contact Casper daemon"); /* Enter capability mode sandbox. */ if (cap_enter() < 0 && errno != ENOSYS) err(1, "Unable to enter capability mode"); /* Use Casper capability to create capability to the system.dns service. */ capdns = cap_service_open(capcas, "system.dns"); if (capdns == NULL) err(1, "Unable to open system.dns service"); /* Close Casper capability, we don't need it anymore. */ cap_close(capcas); /* Limit system.dns to reverse DNS lookups and IPv4 addresses. */ limits = nvlist_create(0); nvlist_add_string(limits, "type", "ADDR"); nvlist_add_number(limits, "family", (uint64_t)AF_INET); if (cap_limit_set(capdns, limits) < 0) err(1, "Unable to limit access to the system.dns service"); /* Convert IP address in C-string to in_addr. */ if (!inet_aton(ipstr, &ip)) errx(1, "Unable to parse IP address %s.", ipstr); /* Find hostname for the given IP address. */ hp = cap_gethostbyaddr(capdns, (const void *)&ip, sizeof(ip), AF_INET); if (hp == NULL) errx(1, "No name associated with %s.", ipstr); printf("Name associated with %s is %s.\\n", ipstr, hp->h_name); .Ed .Sh SEE ALSO .Xr cap_enter 2 , .Xr execve 2 , .Xr kevent 2 , .Xr poll 2 , .Xr select 2 , .Xr cap_gethostbyaddr 3 , .Xr err 3 , .Xr gethostbyaddr 3 , .Xr inet_aton 3 , .Xr nv 3 , .Xr capsicum 4 , .Xr unix 4 , .Xr casperd 8 .Sh AUTHORS The .Nm libcapsicum library was implemented by .An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net under sponsorship from the FreeBSD Foundation. diff --git a/lib/libcapsicum/libcapsicum.c b/lib/libcapsicum/libcapsicum.c index 79ca8716261a..79c570f60e44 100644 --- a/lib/libcapsicum/libcapsicum.c +++ b/lib/libcapsicum/libcapsicum.c @@ -1,266 +1,266 @@ /*- * Copyright (c) 2012-2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include #include #include #include #include "libcapsicum.h" #include "libcapsicum_impl.h" #include "nv.h" /* * Structure describing communication channel between two separated processes. */ #define CAP_CHANNEL_MAGIC 0xcac8a31 struct cap_channel { /* * Magic value helps to ensure that a pointer to the right structure is * passed to our functions. */ int cch_magic; /* Socket descriptor for IPC. */ int cch_sock; }; bool fd_is_valid(int fd) { return (fcntl(fd, F_GETFL) != -1 || errno != EBADF); } cap_channel_t * cap_init(void) { cap_channel_t *chan; struct sockaddr_un sun; int serrno, sock; bzero(&sun, sizeof(sun)); sun.sun_family = AF_UNIX; strlcpy(sun.sun_path, CASPER_SOCKPATH, sizeof(sun.sun_path)); sun.sun_len = SUN_LEN(&sun); sock = socket(AF_UNIX, SOCK_STREAM, 0); if (sock == -1) return (NULL); if (connect(sock, (struct sockaddr *)&sun, sizeof(sun)) < 0) { serrno = errno; close(sock); errno = serrno; return (NULL); } chan = cap_wrap(sock); if (chan == NULL) { serrno = errno; close(sock); errno = serrno; return (NULL); } return (chan); } cap_channel_t * cap_wrap(int sock) { cap_channel_t *chan; if (!fd_is_valid(sock)) return (NULL); chan = malloc(sizeof(*chan)); if (chan != NULL) { chan->cch_sock = sock; chan->cch_magic = CAP_CHANNEL_MAGIC; } return (chan); } int cap_unwrap(cap_channel_t *chan) { int sock; assert(chan != NULL); assert(chan->cch_magic == CAP_CHANNEL_MAGIC); sock = chan->cch_sock; chan->cch_magic = 0; free(chan); return (sock); } cap_channel_t * cap_clone(const cap_channel_t *chan) { cap_channel_t *newchan; nvlist_t *nvl; int newsock; assert(chan != NULL); assert(chan->cch_magic == CAP_CHANNEL_MAGIC); nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "clone"); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (NULL); if (nvlist_get_number(nvl, "error") != 0) { errno = (int)nvlist_get_number(nvl, "error"); nvlist_destroy(nvl); return (NULL); } newsock = nvlist_take_descriptor(nvl, "sock"); nvlist_destroy(nvl); newchan = cap_wrap(newsock); if (newchan == NULL) { int serrno; serrno = errno; close(newsock); errno = serrno; } return (newchan); } void cap_close(cap_channel_t *chan) { assert(chan != NULL); assert(chan->cch_magic == CAP_CHANNEL_MAGIC); chan->cch_magic = 0; close(chan->cch_sock); free(chan); } int cap_sock(const cap_channel_t *chan) { assert(chan != NULL); assert(chan->cch_magic == CAP_CHANNEL_MAGIC); return (chan->cch_sock); } int cap_limit_set(const cap_channel_t *chan, nvlist_t *limits) { nvlist_t *nvlmsg; int error; nvlmsg = nvlist_create(0); nvlist_add_string(nvlmsg, "cmd", "limit_set"); nvlist_add_nvlist(nvlmsg, "limits", limits); - nvlmsg = cap_xfer_nvlist(chan, nvlmsg); + nvlmsg = cap_xfer_nvlist(chan, nvlmsg, 0); if (nvlmsg == NULL) { nvlist_destroy(limits); return (-1); } error = (int)nvlist_get_number(nvlmsg, "error"); nvlist_destroy(nvlmsg); nvlist_destroy(limits); if (error != 0) { errno = error; return (-1); } return (0); } int cap_limit_get(const cap_channel_t *chan, nvlist_t **limitsp) { nvlist_t *nvlmsg; int error; nvlmsg = nvlist_create(0); nvlist_add_string(nvlmsg, "cmd", "limit_get"); - nvlmsg = cap_xfer_nvlist(chan, nvlmsg); + nvlmsg = cap_xfer_nvlist(chan, nvlmsg, 0); if (nvlmsg == NULL) return (-1); error = (int)nvlist_get_number(nvlmsg, "error"); if (error != 0) { nvlist_destroy(nvlmsg); errno = error; return (-1); } if (nvlist_exists_null(nvlmsg, "limits")) *limitsp = NULL; else *limitsp = nvlist_take_nvlist(nvlmsg, "limits"); nvlist_destroy(nvlmsg); return (0); } int cap_send_nvlist(const cap_channel_t *chan, const nvlist_t *nvl) { assert(chan != NULL); assert(chan->cch_magic == CAP_CHANNEL_MAGIC); return (nvlist_send(chan->cch_sock, nvl)); } nvlist_t * -cap_recv_nvlist(const cap_channel_t *chan) +cap_recv_nvlist(const cap_channel_t *chan, int flags) { assert(chan != NULL); assert(chan->cch_magic == CAP_CHANNEL_MAGIC); - return (nvlist_recv(chan->cch_sock)); + return (nvlist_recv(chan->cch_sock, flags)); } nvlist_t * -cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl) +cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl, int flags) { assert(chan != NULL); assert(chan->cch_magic == CAP_CHANNEL_MAGIC); - return (nvlist_xfer(chan->cch_sock, nvl)); + return (nvlist_xfer(chan->cch_sock, nvl, flags)); } diff --git a/lib/libcapsicum/libcapsicum.h b/lib/libcapsicum/libcapsicum.h index 4f8c59752ad8..c7110d86c9ed 100644 --- a/lib/libcapsicum/libcapsicum.h +++ b/lib/libcapsicum/libcapsicum.h @@ -1,115 +1,115 @@ /*- * Copyright (c) 2012-2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD$ */ #ifndef _LIBCAPSICUM_H_ #define _LIBCAPSICUM_H_ #ifndef _NVLIST_T_DECLARED #define _NVLIST_T_DECLARED struct nvlist; typedef struct nvlist nvlist_t; #endif #ifndef _CAP_CHANNEL_T_DECLARED #define _CAP_CHANNEL_T_DECLARED struct cap_channel; typedef struct cap_channel cap_channel_t; #endif /* * The function opens unrestricted communication channel to Casper. */ cap_channel_t *cap_init(void); /* * The function creates cap_channel_t based on the given socket. */ cap_channel_t *cap_wrap(int sock); /* * The function returns communication socket and frees cap_channel_t. */ int cap_unwrap(cap_channel_t *chan); /* * The function clones the given capability. */ cap_channel_t *cap_clone(const cap_channel_t *chan); /* * The function closes the given capability. */ void cap_close(cap_channel_t *chan); /* * The function returns socket descriptor associated with the given * cap_channel_t for use with select(2)/kqueue(2)/etc. */ int cap_sock(const cap_channel_t *chan); /* * The function limits the given capability. * It always destroys 'limits' on return. */ int cap_limit_set(const cap_channel_t *chan, nvlist_t *limits); /* * The function returns current limits of the given capability. */ int cap_limit_get(const cap_channel_t *chan, nvlist_t **limitsp); #ifdef TODO /* * The function registers a service within provided Casper's capability. * It will run with the same privileges the process has at the time of * calling this function. */ int cap_service_register(cap_channel_t *chan, const char *name, cap_func_t *func); #endif /* * Function sends nvlist over the given capability. */ int cap_send_nvlist(const cap_channel_t *chan, const nvlist_t *nvl); /* * Function receives nvlist over the given capability. */ -nvlist_t *cap_recv_nvlist(const cap_channel_t *chan); +nvlist_t *cap_recv_nvlist(const cap_channel_t *chan, int flags); /* * Function sends the given nvlist, destroys it and receives new nvlist in * response over the given capability. */ -nvlist_t *cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl); +nvlist_t *cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl, int flags); #endif /* !_LIBCAPSICUM_H_ */ diff --git a/lib/libcapsicum/libcapsicum_dns.c b/lib/libcapsicum/libcapsicum_dns.c index 6f240bd65009..a180b6b3b0ae 100644 --- a/lib/libcapsicum/libcapsicum_dns.c +++ b/lib/libcapsicum/libcapsicum_dns.c @@ -1,365 +1,365 @@ /*- * Copyright (c) 2012-2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include "libcapsicum.h" #include "libcapsicum_dns.h" static struct hostent hent; static void hostent_free(struct hostent *hp) { unsigned int ii; free(hp->h_name); hp->h_name = NULL; if (hp->h_aliases != NULL) { for (ii = 0; hp->h_aliases[ii] != NULL; ii++) free(hp->h_aliases[ii]); free(hp->h_aliases); hp->h_aliases = NULL; } if (hp->h_addr_list != NULL) { for (ii = 0; hp->h_addr_list[ii] != NULL; ii++) free(hp->h_addr_list[ii]); free(hp->h_addr_list); hp->h_addr_list = NULL; } } static struct hostent * hostent_unpack(const nvlist_t *nvl, struct hostent *hp) { unsigned int ii, nitems; char nvlname[64]; int n; hostent_free(hp); hp->h_name = strdup(nvlist_get_string(nvl, "name")); if (hp->h_name == NULL) goto fail; hp->h_addrtype = (int)nvlist_get_number(nvl, "addrtype"); hp->h_length = (int)nvlist_get_number(nvl, "length"); nitems = (unsigned int)nvlist_get_number(nvl, "naliases"); hp->h_aliases = calloc(sizeof(hp->h_aliases[0]), nitems + 1); if (hp->h_aliases == NULL) goto fail; for (ii = 0; ii < nitems; ii++) { n = snprintf(nvlname, sizeof(nvlname), "alias%u", ii); assert(n > 0 && n < (int)sizeof(nvlname)); hp->h_aliases[ii] = strdup(nvlist_get_string(nvl, nvlname)); if (hp->h_aliases[ii] == NULL) goto fail; } hp->h_aliases[ii] = NULL; nitems = (unsigned int)nvlist_get_number(nvl, "naddrs"); hp->h_addr_list = calloc(sizeof(hp->h_addr_list[0]), nitems + 1); if (hp->h_addr_list == NULL) goto fail; for (ii = 0; ii < nitems; ii++) { hp->h_addr_list[ii] = malloc(hp->h_length); if (hp->h_addr_list[ii] == NULL) goto fail; n = snprintf(nvlname, sizeof(nvlname), "addr%u", ii); assert(n > 0 && n < (int)sizeof(nvlname)); bcopy(nvlist_get_binary(nvl, nvlname, NULL), hp->h_addr_list[ii], hp->h_length); } hp->h_addr_list[ii] = NULL; return (hp); fail: hostent_free(hp); h_errno = NO_RECOVERY; return (NULL); } struct hostent * cap_gethostbyname(cap_channel_t *chan, const char *name) { return (cap_gethostbyname2(chan, name, AF_INET)); } struct hostent * cap_gethostbyname2(cap_channel_t *chan, const char *name, int type) { struct hostent *hp; nvlist_t *nvl; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "gethostbyname"); nvlist_add_number(nvl, "family", (uint64_t)type); nvlist_add_string(nvl, "name", name); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) { h_errno = NO_RECOVERY; return (NULL); } if (nvlist_get_number(nvl, "error") != 0) { h_errno = (int)nvlist_get_number(nvl, "error"); nvlist_destroy(nvl); return (NULL); } hp = hostent_unpack(nvl, &hent); nvlist_destroy(nvl); return (hp); } struct hostent * cap_gethostbyaddr(cap_channel_t *chan, const void *addr, socklen_t len, int type) { struct hostent *hp; nvlist_t *nvl; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "gethostbyaddr"); nvlist_add_binary(nvl, "addr", addr, (size_t)len); nvlist_add_number(nvl, "family", (uint64_t)type); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) { h_errno = NO_RECOVERY; return (NULL); } if (nvlist_get_number(nvl, "error") != 0) { h_errno = (int)nvlist_get_number(nvl, "error"); nvlist_destroy(nvl); return (NULL); } hp = hostent_unpack(nvl, &hent); nvlist_destroy(nvl); return (hp); } static struct addrinfo * addrinfo_unpack(const nvlist_t *nvl) { struct addrinfo *ai; const void *addr; size_t addrlen; const char *canonname; addr = nvlist_get_binary(nvl, "ai_addr", &addrlen); ai = malloc(sizeof(*ai) + addrlen); if (ai == NULL) return (NULL); ai->ai_flags = (int)nvlist_get_number(nvl, "ai_flags"); ai->ai_family = (int)nvlist_get_number(nvl, "ai_family"); ai->ai_socktype = (int)nvlist_get_number(nvl, "ai_socktype"); ai->ai_protocol = (int)nvlist_get_number(nvl, "ai_protocol"); ai->ai_addrlen = (socklen_t)addrlen; canonname = nvlist_get_string(nvl, "ai_canonname"); if (canonname != NULL) { ai->ai_canonname = strdup(canonname); if (ai->ai_canonname == NULL) { free(ai); return (NULL); } } else { ai->ai_canonname = NULL; } ai->ai_addr = (void *)(ai + 1); bcopy(addr, ai->ai_addr, addrlen); ai->ai_next = NULL; return (ai); } int cap_getaddrinfo(cap_channel_t *chan, const char *hostname, const char *servname, const struct addrinfo *hints, struct addrinfo **res) { struct addrinfo *firstai, *prevai, *curai; unsigned int ii; const nvlist_t *nvlai; char nvlname[64]; nvlist_t *nvl; int error, n; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "getaddrinfo"); nvlist_add_string(nvl, "hostname", hostname); nvlist_add_string(nvl, "servname", servname); if (hints != NULL) { nvlist_add_number(nvl, "hints.ai_flags", (uint64_t)hints->ai_flags); nvlist_add_number(nvl, "hints.ai_family", (uint64_t)hints->ai_family); nvlist_add_number(nvl, "hints.ai_socktype", (uint64_t)hints->ai_socktype); nvlist_add_number(nvl, "hints.ai_protocol", (uint64_t)hints->ai_protocol); } - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (EAI_MEMORY); if (nvlist_get_number(nvl, "error") != 0) { error = (int)nvlist_get_number(nvl, "error"); nvlist_destroy(nvl); return (error); } nvlai = NULL; firstai = prevai = curai = NULL; for (ii = 0; ; ii++) { n = snprintf(nvlname, sizeof(nvlname), "res%u", ii); assert(n > 0 && n < (int)sizeof(nvlname)); if (!nvlist_exists_nvlist(nvl, nvlname)) break; nvlai = nvlist_get_nvlist(nvl, nvlname); curai = addrinfo_unpack(nvlai); if (curai == NULL) break; if (prevai != NULL) prevai->ai_next = curai; else if (firstai == NULL) firstai = curai; prevai = curai; } nvlist_destroy(nvl); if (curai == NULL && nvlai != NULL) { if (firstai == NULL) freeaddrinfo(firstai); return (EAI_MEMORY); } *res = firstai; return (0); } int cap_getnameinfo(cap_channel_t *chan, const struct sockaddr *sa, socklen_t salen, char *host, size_t hostlen, char *serv, size_t servlen, int flags) { nvlist_t *nvl; int error; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "getnameinfo"); nvlist_add_number(nvl, "hostlen", (uint64_t)hostlen); nvlist_add_number(nvl, "servlen", (uint64_t)servlen); nvlist_add_binary(nvl, "sa", sa, (size_t)salen); nvlist_add_number(nvl, "flags", (uint64_t)flags); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (EAI_MEMORY); if (nvlist_get_number(nvl, "error") != 0) { error = (int)nvlist_get_number(nvl, "error"); nvlist_destroy(nvl); return (error); } if (host != NULL) strlcpy(host, nvlist_get_string(nvl, "host"), hostlen + 1); if (serv != NULL) strlcpy(serv, nvlist_get_string(nvl, "serv"), servlen + 1); nvlist_destroy(nvl); return (0); } static void limit_remove(nvlist_t *limits, const char *prefix) { const char *name; size_t prefixlen; void *cookie; prefixlen = strlen(prefix); again: cookie = NULL; while ((name = nvlist_next(limits, NULL, &cookie)) != NULL) { if (strncmp(name, prefix, prefixlen) == 0) { nvlist_free(limits, name); goto again; } } } int cap_dns_type_limit(cap_channel_t *chan, const char * const *types, size_t ntypes) { nvlist_t *limits; unsigned int i; char nvlname[64]; int n; if (cap_limit_get(chan, &limits) < 0) return (-1); if (limits == NULL) limits = nvlist_create(0); else limit_remove(limits, "type"); for (i = 0; i < ntypes; i++) { n = snprintf(nvlname, sizeof(nvlname), "type%u", i); assert(n > 0 && n < (int)sizeof(nvlname)); nvlist_add_string(limits, nvlname, types[i]); } return (cap_limit_set(chan, limits)); } int cap_dns_family_limit(cap_channel_t *chan, const int *families, size_t nfamilies) { nvlist_t *limits; unsigned int i; char nvlname[64]; int n; if (cap_limit_get(chan, &limits) < 0) return (-1); if (limits == NULL) limits = nvlist_create(0); else limit_remove(limits, "family"); for (i = 0; i < nfamilies; i++) { n = snprintf(nvlname, sizeof(nvlname), "family%u", i); assert(n > 0 && n < (int)sizeof(nvlname)); nvlist_add_number(limits, nvlname, (uint64_t)families[i]); } return (cap_limit_set(chan, limits)); } diff --git a/lib/libcapsicum/libcapsicum_grp.c b/lib/libcapsicum/libcapsicum_grp.c index adfbc95a4bd6..267ac68c28f2 100644 --- a/lib/libcapsicum/libcapsicum_grp.c +++ b/lib/libcapsicum/libcapsicum_grp.c @@ -1,439 +1,439 @@ /*- * Copyright (c) 2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include #include #include #include "libcapsicum.h" #include "libcapsicum_grp.h" static struct group ggrp; static char *gbuffer; static size_t gbufsize; static int group_resize(void) { char *buf; if (gbufsize == 0) gbufsize = 1024; else gbufsize *= 2; buf = gbuffer; gbuffer = realloc(buf, gbufsize); if (gbuffer == NULL) { free(buf); gbufsize = 0; return (ENOMEM); } memset(gbuffer, 0, gbufsize); return (0); } static int group_unpack_string(const nvlist_t *nvl, const char *fieldname, char **fieldp, char **bufferp, size_t *bufsizep) { const char *str; size_t len; str = nvlist_get_string(nvl, fieldname); len = strlcpy(*bufferp, str, *bufsizep); if (len >= *bufsizep) return (ERANGE); *fieldp = *bufferp; *bufferp += len + 1; *bufsizep -= len + 1; return (0); } static int group_unpack_members(const nvlist_t *nvl, char ***fieldp, char **bufferp, size_t *bufsizep) { const char *mem; char **outstrs, *str, nvlname[64]; size_t nmem, datasize, strsize; unsigned int ii; int n; if (!nvlist_exists_number(nvl, "gr_nmem")) { datasize = _ALIGNBYTES + sizeof(char *); if (datasize >= *bufsizep) return (ERANGE); outstrs = (char **)_ALIGN(*bufferp); outstrs[0] = NULL; *fieldp = outstrs; *bufferp += datasize; *bufsizep -= datasize; return (0); } nmem = (size_t)nvlist_get_number(nvl, "gr_nmem"); datasize = _ALIGNBYTES + sizeof(char *) * (nmem + 1); for (ii = 0; ii < nmem; ii++) { n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii); assert(n > 0 && n < (int)sizeof(nvlname)); mem = dnvlist_get_string(nvl, nvlname, NULL); if (mem == NULL) return (EINVAL); datasize += strlen(mem) + 1; } if (datasize >= *bufsizep) return (ERANGE); outstrs = (char **)_ALIGN(*bufferp); str = (char *)outstrs + sizeof(char *) * (nmem + 1); for (ii = 0; ii < nmem; ii++) { n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii); assert(n > 0 && n < (int)sizeof(nvlname)); mem = nvlist_get_string(nvl, nvlname); strsize = strlen(mem) + 1; memcpy(str, mem, strsize); outstrs[ii] = str; str += strsize; } assert(ii == nmem); outstrs[ii] = NULL; *fieldp = outstrs; *bufferp += datasize; *bufsizep -= datasize; return (0); } static int group_unpack(const nvlist_t *nvl, struct group *grp, char *buffer, size_t bufsize) { int error; if (!nvlist_exists_string(nvl, "gr_name")) return (EINVAL); memset(grp, 0, sizeof(*grp)); error = group_unpack_string(nvl, "gr_name", &grp->gr_name, &buffer, &bufsize); if (error != 0) return (error); error = group_unpack_string(nvl, "gr_passwd", &grp->gr_passwd, &buffer, &bufsize); if (error != 0) return (error); grp->gr_gid = (gid_t)nvlist_get_number(nvl, "gr_gid"); error = group_unpack_members(nvl, &grp->gr_mem, &buffer, &bufsize); if (error != 0) return (error); return (0); } static int cap_getgrcommon_r(cap_channel_t *chan, const char *cmd, const char *name, gid_t gid, struct group *grp, char *buffer, size_t bufsize, struct group **result) { nvlist_t *nvl; bool getgr_r; int error; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", cmd); if (strcmp(cmd, "getgrent") == 0 || strcmp(cmd, "getgrent_r") == 0) { /* Add nothing. */ } else if (strcmp(cmd, "getgrnam") == 0 || strcmp(cmd, "getgrnam_r") == 0) { nvlist_add_string(nvl, "name", name); } else if (strcmp(cmd, "getgrgid") == 0 || strcmp(cmd, "getgrgid_r") == 0) { nvlist_add_number(nvl, "gid", (uint64_t)gid); } else { abort(); } - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) { assert(errno != 0); *result = NULL; return (errno); } error = (int)nvlist_get_number(nvl, "error"); if (error != 0) { nvlist_destroy(nvl); *result = NULL; return (error); } if (!nvlist_exists_string(nvl, "gr_name")) { /* Not found. */ nvlist_destroy(nvl); *result = NULL; return (0); } getgr_r = (strcmp(cmd, "getgrent_r") == 0 || strcmp(cmd, "getgrnam_r") == 0 || strcmp(cmd, "getgrgid_r") == 0); for (;;) { error = group_unpack(nvl, grp, buffer, bufsize); if (getgr_r || error != ERANGE) break; assert(buffer == gbuffer); assert(bufsize == gbufsize); error = group_resize(); if (error != 0) break; /* Update pointers after resize. */ buffer = gbuffer; bufsize = gbufsize; } nvlist_destroy(nvl); if (error == 0) *result = grp; else *result = NULL; return (error); } static struct group * cap_getgrcommon(cap_channel_t *chan, const char *cmd, const char *name, gid_t gid) { struct group *result; int error, serrno; serrno = errno; error = cap_getgrcommon_r(chan, cmd, name, gid, &ggrp, gbuffer, gbufsize, &result); if (error != 0) { errno = error; return (NULL); } errno = serrno; return (result); } struct group * cap_getgrent(cap_channel_t *chan) { return (cap_getgrcommon(chan, "getgrent", NULL, 0)); } struct group * cap_getgrnam(cap_channel_t *chan, const char *name) { return (cap_getgrcommon(chan, "getgrnam", name, 0)); } struct group * cap_getgrgid(cap_channel_t *chan, gid_t gid) { return (cap_getgrcommon(chan, "getgrgid", NULL, gid)); } int cap_getgrent_r(cap_channel_t *chan, struct group *grp, char *buffer, size_t bufsize, struct group **result) { return (cap_getgrcommon_r(chan, "getgrent_r", NULL, 0, grp, buffer, bufsize, result)); } int cap_getgrnam_r(cap_channel_t *chan, const char *name, struct group *grp, char *buffer, size_t bufsize, struct group **result) { return (cap_getgrcommon_r(chan, "getgrnam_r", name, 0, grp, buffer, bufsize, result)); } int cap_getgrgid_r(cap_channel_t *chan, gid_t gid, struct group *grp, char *buffer, size_t bufsize, struct group **result) { return (cap_getgrcommon_r(chan, "getgrgid_r", NULL, gid, grp, buffer, bufsize, result)); } int cap_setgroupent(cap_channel_t *chan, int stayopen) { nvlist_t *nvl; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "setgroupent"); nvlist_add_bool(nvl, "stayopen", stayopen != 0); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (0); if (nvlist_get_number(nvl, "error") != 0) { errno = nvlist_get_number(nvl, "error"); nvlist_destroy(nvl); return (0); } nvlist_destroy(nvl); return (1); } int cap_setgrent(cap_channel_t *chan) { nvlist_t *nvl; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "setgrent"); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (0); if (nvlist_get_number(nvl, "error") != 0) { errno = nvlist_get_number(nvl, "error"); nvlist_destroy(nvl); return (0); } nvlist_destroy(nvl); return (1); } void cap_endgrent(cap_channel_t *chan) { nvlist_t *nvl; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "endgrent"); /* Ignore any errors, we have no way to report them. */ - nvlist_destroy(cap_xfer_nvlist(chan, nvl)); + nvlist_destroy(cap_xfer_nvlist(chan, nvl, 0)); } int cap_grp_limit_cmds(cap_channel_t *chan, const char * const *cmds, size_t ncmds) { nvlist_t *limits, *nvl; unsigned int i; if (cap_limit_get(chan, &limits) < 0) return (-1); if (limits == NULL) { limits = nvlist_create(0); } else { if (nvlist_exists_nvlist(limits, "cmds")) nvlist_free_nvlist(limits, "cmds"); } nvl = nvlist_create(0); for (i = 0; i < ncmds; i++) nvlist_add_null(nvl, cmds[i]); nvlist_move_nvlist(limits, "cmds", nvl); return (cap_limit_set(chan, limits)); } int cap_grp_limit_fields(cap_channel_t *chan, const char * const *fields, size_t nfields) { nvlist_t *limits, *nvl; unsigned int i; if (cap_limit_get(chan, &limits) < 0) return (-1); if (limits == NULL) { limits = nvlist_create(0); } else { if (nvlist_exists_nvlist(limits, "fields")) nvlist_free_nvlist(limits, "fields"); } nvl = nvlist_create(0); for (i = 0; i < nfields; i++) nvlist_add_null(nvl, fields[i]); nvlist_move_nvlist(limits, "fields", nvl); return (cap_limit_set(chan, limits)); } int cap_grp_limit_groups(cap_channel_t *chan, const char * const *names, size_t nnames, gid_t *gids, size_t ngids) { nvlist_t *limits, *groups; unsigned int i; char nvlname[64]; int n; if (cap_limit_get(chan, &limits) < 0) return (-1); if (limits == NULL) { limits = nvlist_create(0); } else { if (nvlist_exists_nvlist(limits, "groups")) nvlist_free_nvlist(limits, "groups"); } groups = nvlist_create(0); for (i = 0; i < ngids; i++) { n = snprintf(nvlname, sizeof(nvlname), "gid%u", i); assert(n > 0 && n < (int)sizeof(nvlname)); nvlist_add_number(groups, nvlname, (uint64_t)gids[i]); } for (i = 0; i < nnames; i++) { n = snprintf(nvlname, sizeof(nvlname), "gid%u", i); assert(n > 0 && n < (int)sizeof(nvlname)); nvlist_add_string(groups, nvlname, names[i]); } nvlist_move_nvlist(limits, "groups", groups); return (cap_limit_set(chan, limits)); } diff --git a/lib/libcapsicum/libcapsicum_pwd.c b/lib/libcapsicum/libcapsicum_pwd.c index 4c1570337519..32eeeb022462 100644 --- a/lib/libcapsicum/libcapsicum_pwd.c +++ b/lib/libcapsicum/libcapsicum_pwd.c @@ -1,392 +1,392 @@ /*- * Copyright (c) 2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include #include #include "libcapsicum.h" #include "libcapsicum_pwd.h" static struct passwd gpwd; static char *gbuffer; static size_t gbufsize; static int passwd_resize(void) { char *buf; if (gbufsize == 0) gbufsize = 1024; else gbufsize *= 2; buf = gbuffer; gbuffer = realloc(buf, gbufsize); if (gbuffer == NULL) { free(buf); gbufsize = 0; return (ENOMEM); } memset(gbuffer, 0, gbufsize); return (0); } static int passwd_unpack_string(const nvlist_t *nvl, const char *fieldname, char **fieldp, char **bufferp, size_t *bufsizep) { const char *str; size_t len; str = nvlist_get_string(nvl, fieldname); len = strlcpy(*bufferp, str, *bufsizep); if (len >= *bufsizep) return (ERANGE); *fieldp = *bufferp; *bufferp += len + 1; *bufsizep -= len + 1; return (0); } static int passwd_unpack(const nvlist_t *nvl, struct passwd *pwd, char *buffer, size_t bufsize) { int error; if (!nvlist_exists_string(nvl, "pw_name")) return (EINVAL); memset(pwd, 0, sizeof(*pwd)); error = passwd_unpack_string(nvl, "pw_name", &pwd->pw_name, &buffer, &bufsize); if (error != 0) return (error); pwd->pw_uid = (uid_t)nvlist_get_number(nvl, "pw_uid"); pwd->pw_gid = (gid_t)nvlist_get_number(nvl, "pw_gid"); pwd->pw_change = (time_t)nvlist_get_number(nvl, "pw_change"); error = passwd_unpack_string(nvl, "pw_passwd", &pwd->pw_passwd, &buffer, &bufsize); if (error != 0) return (error); error = passwd_unpack_string(nvl, "pw_class", &pwd->pw_class, &buffer, &bufsize); if (error != 0) return (error); error = passwd_unpack_string(nvl, "pw_gecos", &pwd->pw_gecos, &buffer, &bufsize); if (error != 0) return (error); error = passwd_unpack_string(nvl, "pw_dir", &pwd->pw_dir, &buffer, &bufsize); if (error != 0) return (error); error = passwd_unpack_string(nvl, "pw_shell", &pwd->pw_shell, &buffer, &bufsize); if (error != 0) return (error); pwd->pw_expire = (time_t)nvlist_get_number(nvl, "pw_expire"); pwd->pw_fields = (int)nvlist_get_number(nvl, "pw_fields"); return (0); } static int cap_getpwcommon_r(cap_channel_t *chan, const char *cmd, const char *login, uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize, struct passwd **result) { nvlist_t *nvl; bool getpw_r; int error; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", cmd); if (strcmp(cmd, "getpwent") == 0 || strcmp(cmd, "getpwent_r") == 0) { /* Add nothing. */ } else if (strcmp(cmd, "getpwnam") == 0 || strcmp(cmd, "getpwnam_r") == 0) { nvlist_add_string(nvl, "name", login); } else if (strcmp(cmd, "getpwuid") == 0 || strcmp(cmd, "getpwuid_r") == 0) { nvlist_add_number(nvl, "uid", (uint64_t)uid); } else { abort(); } - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) { assert(errno != 0); *result = NULL; return (errno); } error = (int)nvlist_get_number(nvl, "error"); if (error != 0) { nvlist_destroy(nvl); *result = NULL; return (error); } if (!nvlist_exists_string(nvl, "pw_name")) { /* Not found. */ nvlist_destroy(nvl); *result = NULL; return (0); } getpw_r = (strcmp(cmd, "getpwent_r") == 0 || strcmp(cmd, "getpwnam_r") == 0 || strcmp(cmd, "getpwuid_r") == 0); for (;;) { error = passwd_unpack(nvl, pwd, buffer, bufsize); if (getpw_r || error != ERANGE) break; assert(buffer == gbuffer); assert(bufsize == gbufsize); error = passwd_resize(); if (error != 0) break; /* Update pointers after resize. */ buffer = gbuffer; bufsize = gbufsize; } nvlist_destroy(nvl); if (error == 0) *result = pwd; else *result = NULL; return (error); } static struct passwd * cap_getpwcommon(cap_channel_t *chan, const char *cmd, const char *login, uid_t uid) { struct passwd *result; int error, serrno; serrno = errno; error = cap_getpwcommon_r(chan, cmd, login, uid, &gpwd, gbuffer, gbufsize, &result); if (error != 0) { errno = error; return (NULL); } errno = serrno; return (result); } struct passwd * cap_getpwent(cap_channel_t *chan) { return (cap_getpwcommon(chan, "getpwent", NULL, 0)); } struct passwd * cap_getpwnam(cap_channel_t *chan, const char *login) { return (cap_getpwcommon(chan, "getpwnam", login, 0)); } struct passwd * cap_getpwuid(cap_channel_t *chan, uid_t uid) { return (cap_getpwcommon(chan, "getpwuid", NULL, uid)); } int cap_getpwent_r(cap_channel_t *chan, struct passwd *pwd, char *buffer, size_t bufsize, struct passwd **result) { return (cap_getpwcommon_r(chan, "getpwent_r", NULL, 0, pwd, buffer, bufsize, result)); } int cap_getpwnam_r(cap_channel_t *chan, const char *name, struct passwd *pwd, char *buffer, size_t bufsize, struct passwd **result) { return (cap_getpwcommon_r(chan, "getpwnam_r", name, 0, pwd, buffer, bufsize, result)); } int cap_getpwuid_r(cap_channel_t *chan, uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize, struct passwd **result) { return (cap_getpwcommon_r(chan, "getpwuid_r", NULL, uid, pwd, buffer, bufsize, result)); } int cap_setpassent(cap_channel_t *chan, int stayopen) { nvlist_t *nvl; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "setpassent"); nvlist_add_bool(nvl, "stayopen", stayopen != 0); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (0); if (nvlist_get_number(nvl, "error") != 0) { errno = nvlist_get_number(nvl, "error"); nvlist_destroy(nvl); return (0); } nvlist_destroy(nvl); return (1); } static void cap_set_end_pwent(cap_channel_t *chan, const char *cmd) { nvlist_t *nvl; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", cmd); /* Ignore any errors, we have no way to report them. */ - nvlist_destroy(cap_xfer_nvlist(chan, nvl)); + nvlist_destroy(cap_xfer_nvlist(chan, nvl, 0)); } void cap_setpwent(cap_channel_t *chan) { cap_set_end_pwent(chan, "setpwent"); } void cap_endpwent(cap_channel_t *chan) { cap_set_end_pwent(chan, "endpwent"); } int cap_pwd_limit_cmds(cap_channel_t *chan, const char * const *cmds, size_t ncmds) { nvlist_t *limits, *nvl; unsigned int i; if (cap_limit_get(chan, &limits) < 0) return (-1); if (limits == NULL) { limits = nvlist_create(0); } else { if (nvlist_exists_nvlist(limits, "cmds")) nvlist_free_nvlist(limits, "cmds"); } nvl = nvlist_create(0); for (i = 0; i < ncmds; i++) nvlist_add_null(nvl, cmds[i]); nvlist_move_nvlist(limits, "cmds", nvl); return (cap_limit_set(chan, limits)); } int cap_pwd_limit_fields(cap_channel_t *chan, const char * const *fields, size_t nfields) { nvlist_t *limits, *nvl; unsigned int i; if (cap_limit_get(chan, &limits) < 0) return (-1); if (limits == NULL) { limits = nvlist_create(0); } else { if (nvlist_exists_nvlist(limits, "fields")) nvlist_free_nvlist(limits, "fields"); } nvl = nvlist_create(0); for (i = 0; i < nfields; i++) nvlist_add_null(nvl, fields[i]); nvlist_move_nvlist(limits, "fields", nvl); return (cap_limit_set(chan, limits)); } int cap_pwd_limit_users(cap_channel_t *chan, const char * const *names, size_t nnames, uid_t *uids, size_t nuids) { nvlist_t *limits, *users; char nvlname[64]; unsigned int i; int n; if (cap_limit_get(chan, &limits) < 0) return (-1); if (limits == NULL) { limits = nvlist_create(0); } else { if (nvlist_exists_nvlist(limits, "users")) nvlist_free_nvlist(limits, "users"); } users = nvlist_create(0); for (i = 0; i < nuids; i++) { n = snprintf(nvlname, sizeof(nvlname), "uid%u", i); assert(n > 0 && n < (int)sizeof(nvlname)); nvlist_add_number(users, nvlname, (uint64_t)uids[i]); } for (i = 0; i < nnames; i++) { n = snprintf(nvlname, sizeof(nvlname), "name%u", i); assert(n > 0 && n < (int)sizeof(nvlname)); nvlist_add_string(users, nvlname, names[i]); } nvlist_move_nvlist(limits, "users", users); return (cap_limit_set(chan, limits)); } diff --git a/lib/libcapsicum/libcapsicum_random.c b/lib/libcapsicum/libcapsicum_random.c index eed97e287ac6..2c3eb3635767 100644 --- a/lib/libcapsicum/libcapsicum_random.c +++ b/lib/libcapsicum/libcapsicum_random.c @@ -1,80 +1,80 @@ /*- * Copyright (c) 2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include "libcapsicum.h" #include "libcapsicum_random.h" #define MAXSIZE (1024 * 1024) int cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes) { nvlist_t *nvl; const void *randbuf; uint8_t *ptr; size_t left, randbufsize; left = nbytes; ptr = buf; while (left > 0) { nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "generate"); nvlist_add_number(nvl, "size", (uint64_t)(left > MAXSIZE ? MAXSIZE : left)); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (-1); if (nvlist_get_number(nvl, "error") != 0) { errno = (int)nvlist_get_number(nvl, "error"); nvlist_destroy(nvl); return (-1); } randbuf = nvlist_get_binary(nvl, "data", &randbufsize); memcpy(ptr, randbuf, randbufsize); nvlist_destroy(nvl); ptr += randbufsize; assert(left >= randbufsize); left -= randbufsize; } return (0); } diff --git a/lib/libcapsicum/libcapsicum_service.c b/lib/libcapsicum/libcapsicum_service.c index 412766864d25..edfde8cc0a43 100644 --- a/lib/libcapsicum/libcapsicum_service.c +++ b/lib/libcapsicum/libcapsicum_service.c @@ -1,96 +1,96 @@ /*- * Copyright (c) 2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include "msgio.h" #include "libcapsicum.h" #include "libcapsicum_impl.h" #include "libcapsicum_service.h" cap_channel_t * cap_service_open(const cap_channel_t *chan, const char *name) { cap_channel_t *newchan; nvlist_t *nvl; int sock, error; sock = -1; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "open"); nvlist_add_string(nvl, "service", name); if (fd_is_valid(STDERR_FILENO)) nvlist_add_descriptor(nvl, "stderrfd", STDERR_FILENO); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (NULL); error = (int)nvlist_get_number(nvl, "error"); if (error != 0) { nvlist_destroy(nvl); errno = error; return (NULL); } sock = nvlist_take_descriptor(nvl, "chanfd"); assert(sock >= 0); nvlist_destroy(nvl); nvl = NULL; if (cred_send(sock) == -1) goto fail; newchan = cap_wrap(sock); if (newchan == NULL) goto fail; return (newchan); fail: error = errno; close(sock); errno = error; return (NULL); } int cap_service_limit(const cap_channel_t *chan, const char * const *names, size_t nnames) { nvlist_t *limits; unsigned int i; limits = nvlist_create(0); for (i = 0; i < nnames; i++) nvlist_add_null(limits, names[i]); return (cap_limit_set(chan, limits)); } diff --git a/lib/libcapsicum/libcapsicum_sysctl.c b/lib/libcapsicum/libcapsicum_sysctl.c index 6ea951bc27ea..fc691136cd0b 100644 --- a/lib/libcapsicum/libcapsicum_sysctl.c +++ b/lib/libcapsicum/libcapsicum_sysctl.c @@ -1,86 +1,86 @@ /*- * Copyright (c) 2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include "libcapsicum.h" #include "libcapsicum_sysctl.h" int cap_sysctlbyname(cap_channel_t *chan, const char *name, void *oldp, size_t *oldlenp, const void *newp, size_t newlen) { nvlist_t *nvl; const uint8_t *retoldp; uint8_t operation; size_t oldlen; operation = 0; if (oldp != NULL) operation |= CAP_SYSCTL_READ; if (newp != NULL) operation |= CAP_SYSCTL_WRITE; nvl = nvlist_create(0); nvlist_add_string(nvl, "cmd", "sysctl"); nvlist_add_string(nvl, "name", name); nvlist_add_number(nvl, "operation", (uint64_t)operation); if (oldp == NULL && oldlenp != NULL) nvlist_add_null(nvl, "justsize"); else if (oldlenp != NULL) nvlist_add_number(nvl, "oldlen", (uint64_t)*oldlenp); if (newp != NULL) nvlist_add_binary(nvl, "newp", newp, newlen); - nvl = cap_xfer_nvlist(chan, nvl); + nvl = cap_xfer_nvlist(chan, nvl, 0); if (nvl == NULL) return (-1); if (nvlist_get_number(nvl, "error") != 0) { errno = (int)nvlist_get_number(nvl, "error"); nvlist_destroy(nvl); return (-1); } if (oldp == NULL && oldlenp != NULL) { *oldlenp = (size_t)nvlist_get_number(nvl, "oldlen"); } else if (oldp != NULL) { retoldp = nvlist_get_binary(nvl, "oldp", &oldlen); memcpy(oldp, retoldp, oldlen); if (oldlenp != NULL) *oldlenp = oldlen; } nvlist_destroy(nvl); return (0); } diff --git a/lib/libcasper/libcasper.c b/lib/libcasper/libcasper.c index 7545baa47f6d..cb95346ec161 100644 --- a/lib/libcasper/libcasper.c +++ b/lib/libcasper/libcasper.c @@ -1,441 +1,441 @@ /*- * Copyright (c) 2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include /* * Currently there is only one service_connection per service. * In the future we may want multiple connections from multiple clients * per one service instance, but it has to be carefully designed. * The problem is that we may restrict/sandbox service instance according * to the limits provided. When new connection comes in with different * limits we won't be able to access requested resources. * Not to mention one process will serve to mutiple mutually untrusted * clients and compromise of this service instance by one of its clients * can lead to compromise of the other clients. */ /* * Client connections to the given service. */ #define SERVICE_CONNECTION_MAGIC 0x5e91c0ec struct service_connection { int sc_magic; cap_channel_t *sc_chan; nvlist_t *sc_limits; TAILQ_ENTRY(service_connection) sc_next; }; #define SERVICE_MAGIC 0x5e91ce struct service { int s_magic; char *s_name; service_limit_func_t *s_limit; service_command_func_t *s_command; TAILQ_HEAD(, service_connection) s_connections; }; struct service * service_alloc(const char *name, service_limit_func_t *limitfunc, service_command_func_t *commandfunc) { struct service *service; service = malloc(sizeof(*service)); if (service == NULL) return (NULL); service->s_name = strdup(name); if (service->s_name == NULL) { free(service); return (NULL); } service->s_limit = limitfunc; service->s_command = commandfunc; TAILQ_INIT(&service->s_connections); service->s_magic = SERVICE_MAGIC; return (service); } void service_free(struct service *service) { struct service_connection *sconn; PJDLOG_ASSERT(service->s_magic == SERVICE_MAGIC); service->s_magic = 0; while ((sconn = service_connection_first(service)) != NULL) service_connection_remove(service, sconn); free(service->s_name); free(service); } struct service_connection * service_connection_add(struct service *service, int sock, const nvlist_t *limits) { struct service_connection *sconn; int serrno; PJDLOG_ASSERT(service->s_magic == SERVICE_MAGIC); sconn = malloc(sizeof(*sconn)); if (sconn == NULL) { pjdlog_error("Unable to allocate memory for service connection."); return (NULL); } sconn->sc_chan = cap_wrap(sock); if (sconn->sc_chan == NULL) { serrno = errno; pjdlog_error("Unable to wrap communication channel."); free(sconn); errno = serrno; return (NULL); } if (limits == NULL) { sconn->sc_limits = NULL; } else { sconn->sc_limits = nvlist_clone(limits); if (sconn->sc_limits == NULL) { serrno = errno; pjdlog_error("Unable to clone limits."); (void)cap_unwrap(sconn->sc_chan); free(sconn); errno = serrno; return (NULL); } } sconn->sc_magic = SERVICE_CONNECTION_MAGIC; TAILQ_INSERT_TAIL(&service->s_connections, sconn, sc_next); return (sconn); } void service_connection_remove(struct service *service, struct service_connection *sconn) { PJDLOG_ASSERT(service->s_magic == SERVICE_MAGIC); PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); TAILQ_REMOVE(&service->s_connections, sconn, sc_next); sconn->sc_magic = 0; nvlist_destroy(sconn->sc_limits); cap_close(sconn->sc_chan); free(sconn); } int service_connection_clone(struct service *service, struct service_connection *sconn) { struct service_connection *newsconn; int serrno, sock[2]; if (socketpair(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0, sock) < 0) return (-1); newsconn = service_connection_add(service, sock[0], service_connection_get_limits(sconn)); if (newsconn == NULL) { serrno = errno; close(sock[0]); close(sock[1]); errno = serrno; return (-1); } return (sock[1]); } struct service_connection * service_connection_first(struct service *service) { struct service_connection *sconn; PJDLOG_ASSERT(service->s_magic == SERVICE_MAGIC); sconn = TAILQ_FIRST(&service->s_connections); PJDLOG_ASSERT(sconn == NULL || sconn->sc_magic == SERVICE_CONNECTION_MAGIC); return (sconn); } struct service_connection * service_connection_next(struct service_connection *sconn) { PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); sconn = TAILQ_NEXT(sconn, sc_next); PJDLOG_ASSERT(sconn == NULL || sconn->sc_magic == SERVICE_CONNECTION_MAGIC); return (sconn); } cap_channel_t * service_connection_get_chan(const struct service_connection *sconn) { PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); return (sconn->sc_chan); } int service_connection_get_sock(const struct service_connection *sconn) { PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); return (cap_sock(sconn->sc_chan)); } const nvlist_t * service_connection_get_limits(const struct service_connection *sconn) { PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); return (sconn->sc_limits); } void service_connection_set_limits(struct service_connection *sconn, nvlist_t *limits) { PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); nvlist_destroy(sconn->sc_limits); sconn->sc_limits = limits; } #if 0 static void casper_message_connection(struct service *service, const nvlist_t *nvl) { service_connection_add(&service->s_connections, nvlist_get_descriptor(nvl, "sock")); } static void casper_message(const cap_channel_t *capcas, struct service *service) { const char *cmd; nvlist_t *nvl; - nvl = cap_recv_nvlist(capcas); + nvl = cap_recv_nvlist(capcas, 0); if (nvl == NULL) pjdlog_exit(1, "Unable to receive message from Casper"); cmd = nvlist_get_string(nvl, "cmd"); if (strcmp(cmd, "connection") == 0) casper_message_connection(service, nvl); else PJDLOG_ABORT("Unknown command from Casper: %s.", cmd); } #endif void service_message(struct service *service, struct service_connection *sconn) { nvlist_t *nvlin, *nvlout; const char *cmd; int error; - nvlin = cap_recv_nvlist(service_connection_get_chan(sconn)); + nvlin = cap_recv_nvlist(service_connection_get_chan(sconn), 0); if (nvlin == NULL) { if (errno == ENOTCONN) { pjdlog_debug(1, "Connection closed by the client."); } else { pjdlog_errno(LOG_ERR, "Unable to receive message from client"); } service_connection_remove(service, sconn); return; } error = EDOOFUS; nvlout = nvlist_create(0); cmd = nvlist_get_string(nvlin, "cmd"); pjdlog_debug(1, "Command received from client: %s.", cmd); if (pjdlog_debug_get() >= 2) nvlist_fdump(nvlin, stderr); if (strcmp(cmd, "limit_set") == 0) { nvlist_t *nvllim; nvllim = nvlist_take_nvlist(nvlin, "limits"); error = service->s_limit(service_connection_get_limits(sconn), nvllim); if (error == 0) { service_connection_set_limits(sconn, nvllim); /* Function consumes nvllim. */ } else { nvlist_destroy(nvllim); } } else if (strcmp(cmd, "limit_get") == 0) { const nvlist_t *nvllim; nvllim = service_connection_get_limits(sconn); if (nvllim != NULL) nvlist_add_nvlist(nvlout, "limits", nvllim); else nvlist_add_null(nvlout, "limits"); error = 0; } else if (strcmp(cmd, "clone") == 0) { int sock; sock = service_connection_clone(service, sconn); if (sock == -1) { error = errno; } else { nvlist_move_descriptor(nvlout, "sock", sock); error = 0; } } else { error = service->s_command(cmd, service_connection_get_limits(sconn), nvlin, nvlout); } nvlist_destroy(nvlin); nvlist_add_number(nvlout, "error", (uint64_t)error); pjdlog_debug(1, "Sending reply to client (error=%d).", error); if (pjdlog_debug_get() >= 2) nvlist_fdump(nvlout, stderr); if (cap_send_nvlist(service_connection_get_chan(sconn), nvlout) == -1) { pjdlog_errno(LOG_ERR, "Unable to send message to client"); service_connection_remove(service, sconn); } nvlist_destroy(nvlout); } static int fd_add(fd_set *fdsp, int maxfd, int fd) { FD_SET(fd, fdsp); return (fd > maxfd ? fd : maxfd); } int service_start(const char *name, int sock, service_limit_func_t *limitfunc, service_command_func_t *commandfunc, int argc, char *argv[]) { struct service *service; struct service_connection *sconn, *sconntmp; fd_set fds; int maxfd, nfds, serrno; assert(argc == 2); pjdlog_init(PJDLOG_MODE_STD); pjdlog_debug_set(atoi(argv[1])); service = service_alloc(name, limitfunc, commandfunc); if (service == NULL) return (errno); if (service_connection_add(service, sock, NULL) == NULL) { serrno = errno; service_free(service); return (serrno); } for (;;) { FD_ZERO(&fds); maxfd = -1; for (sconn = service_connection_first(service); sconn != NULL; sconn = service_connection_next(sconn)) { maxfd = fd_add(&fds, maxfd, service_connection_get_sock(sconn)); } PJDLOG_ASSERT(maxfd >= 0); PJDLOG_ASSERT(maxfd + 1 <= (int)FD_SETSIZE); nfds = select(maxfd + 1, &fds, NULL, NULL, NULL); if (nfds < 0) { if (errno != EINTR) pjdlog_errno(LOG_ERR, "select() failed"); continue; } else if (nfds == 0) { /* Timeout. */ PJDLOG_ABORT("select() timeout"); continue; } for (sconn = service_connection_first(service); sconn != NULL; sconn = sconntmp) { /* * Prepare for connection to be removed from the list * on failure. */ sconntmp = service_connection_next(sconn); if (FD_ISSET(service_connection_get_sock(sconn), &fds)) service_message(service, sconn); } if (service_connection_first(service) == NULL) { /* * No connections left, exiting. */ break; } } return (0); } diff --git a/lib/libnv/nv.3 b/lib/libnv/nv.3 index bbb7b031107c..4c0e236b090a 100644 --- a/lib/libnv/nv.3 +++ b/lib/libnv/nv.3 @@ -1,653 +1,689 @@ .\" .\" Copyright (c) 2013 The FreeBSD Foundation .\" All rights reserved. .\" .\" This documentation was written by Pawel Jakub Dawidek under sponsorship .\" the FreeBSD Foundation. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" $FreeBSD$ .\" -.Dd May 1, 2015 +.Dd May 2, 2015 .Dt NV 3 .Os .Sh NAME .Nm nvlist_create , .Nm nvlist_destroy , .Nm nvlist_error , .Nm nvlist_set_error , .Nm nvlist_empty , .Nm nvlist_flags , .Nm nvlist_exists , .Nm nvlist_free , .Nm nvlist_clone , .Nm nvlist_dump , .Nm nvlist_fdump , .Nm nvlist_size , .Nm nvlist_pack , .Nm nvlist_unpack , .Nm nvlist_send , .Nm nvlist_recv , .Nm nvlist_xfer , .Nm nvlist_next , .Nm nvlist_add , .Nm nvlist_move , .Nm nvlist_get , .Nm nvlist_take .Nd "library for name/value pairs" .Sh LIBRARY .Lb libnv .Sh SYNOPSIS .In nv.h .Ft "nvlist_t *" .Fn nvlist_create "int flags" .Ft void .Fn nvlist_destroy "nvlist_t *nvl" .Ft int .Fn nvlist_error "const nvlist_t *nvl" .Ft void .Fn nvlist_set_error "nvlist_t *nvl, int error" .Ft bool .Fn nvlist_empty "const nvlist_t *nvl" .Ft int .Fn nvlist_flags "const nvlist_t *nvl" .\" .Ft "nvlist_t *" .Fn nvlist_clone "const nvlist_t *nvl" .\" .Ft void .Fn nvlist_dump "const nvlist_t *nvl, int fd" .Ft void .Fn nvlist_fdump "const nvlist_t *nvl, FILE *fp" .\" .Ft size_t .Fn nvlist_size "const nvlist_t *nvl" .Ft "void *" .Fn nvlist_pack "const nvlist_t *nvl" "size_t *sizep" .Ft "nvlist_t *" -.Fn nvlist_unpack "const void *buf" "size_t size" +.Fn nvlist_unpack "const void *buf" "size_t size" "int flags" .\" .Ft int .Fn nvlist_send "int sock" "const nvlist_t *nvl" .Ft "nvlist_t *" -.Fn nvlist_recv "int sock" +.Fn nvlist_recv "int sock" "int flags" .Ft "nvlist_t *" -.Fn nvlist_xfer "int sock" "nvlist_t *nvl" +.Fn nvlist_xfer "int sock" "nvlist_t *nvl" "int flags" .\" .Ft "const char *" .Fn nvlist_next "const nvlist_t *nvl" "int *typep" "void **cookiep" .\" .Ft bool .Fn nvlist_exists "const nvlist_t *nvl" "const char *name" .Ft bool .Fn nvlist_exists_type "const nvlist_t *nvl" "const char *name" "int type" .Ft bool .Fn nvlist_exists_null "const nvlist_t *nvl" "const char *name" .Ft bool .Fn nvlist_exists_bool "const nvlist_t *nvl" "const char *name" .Ft bool .Fn nvlist_exists_number "const nvlist_t *nvl" "const char *name" .Ft bool .Fn nvlist_exists_string "const nvlist_t *nvl" "const char *name" .Ft bool .Fn nvlist_exists_nvlist "const nvlist_t *nvl" "const char *name" .Ft bool .Fn nvlist_exists_descriptor "const nvlist_t *nvl" "const char *name" .Ft bool .Fn nvlist_exists_binary "const nvlist_t *nvl" "const char *name" .\" .Ft void .Fn nvlist_add_null "nvlist_t *nvl" "const char *name" .Ft void .Fn nvlist_add_bool "nvlist_t *nvl" "const char *name" "bool value" .Ft void .Fn nvlist_add_number "nvlist_t *nvl" "const char *name" "uint64_t value" .Ft void .Fn nvlist_add_string "nvlist_t *nvl" "const char *name" "const char *value" .Ft void .Fn nvlist_add_stringf "nvlist_t *nvl" "const char *name" "const char *valuefmt" "..." .Ft void .Fn nvlist_add_stringv "nvlist_t *nvl" "const char *name" "const char *valuefmt" "va_list valueap" .Ft void .Fn nvlist_add_nvlist "nvlist_t *nvl" "const char *name" "const nvlist_t *value" .Ft void .Fn nvlist_add_descriptor "nvlist_t *nvl" "const char *name" "int value" .Ft void .Fn nvlist_add_binary "nvlist_t *nvl" "const char *name" "const void *value" "size_t size" .\" .Ft void .Fn nvlist_move_string "nvlist_t *nvl" "const char *name" "char *value" .Ft void .Fn nvlist_move_nvlist "nvlist_t *nvl" "const char *name" "nvlist_t *value" .Ft void .Fn nvlist_move_descriptor "nvlist_t *nvl" "const char *name" "int value" .Ft void .Fn nvlist_move_binary "nvlist_t *nvl" "const char *name" "void *value" "size_t size" .\" .Ft bool .Fn nvlist_get_bool "const nvlist_t *nvl" "const char *name" .Ft uint64_t .Fn nvlist_get_number "const nvlist_t *nvl" "const char *name" .Ft "const char *" .Fn nvlist_get_string "const nvlist_t *nvl" "const char *name" .Ft "const nvlist_t *" .Fn nvlist_get_nvlist "const nvlist_t *nvl" "const char *name" .Ft int .Fn nvlist_get_descriptor "const nvlist_t *nvl" "const char *name" .Ft "const void *" .Fn nvlist_get_binary "const nvlist_t *nvl" "const char *name" "size_t *sizep" .Ft "const nvlist_t *" .Fn nvlist_get_parent "const nvlist_t *nvl" "void **cookiep" .\" .Ft bool .Fn nvlist_take_bool "nvlist_t *nvl" "const char *name" .Ft uint64_t .Fn nvlist_take_number "nvlist_t *nvl" "const char *name" .Ft "char *" .Fn nvlist_take_string "nvlist_t *nvl" "const char *name" .Ft "nvlist_t *" .Fn nvlist_take_nvlist "nvlist_t *nvl" "const char *name" .Ft int .Fn nvlist_take_descriptor "nvlist_t *nvl" "const char *name" .Ft "void *" .Fn nvlist_take_binary "nvlist_t *nvl" "const char *name" "size_t *sizep" .\" .Ft void .Fn nvlist_free "nvlist_t *nvl" "const char *name" .Ft void .Fn nvlist_free_type "nvlist_t *nvl" "const char *name" "int type" .\" .Ft void .Fn nvlist_free_null "nvlist_t *nvl" "const char *name" .Ft void .Fn nvlist_free_bool "nvlist_t *nvl" "const char *name" .Ft void .Fn nvlist_free_number "nvlist_t *nvl" "const char *name" .Ft void .Fn nvlist_free_string "nvlist_t *nvl" "const char *name" .Ft void .Fn nvlist_free_nvlist "nvlist_t *nvl" "const char *name" .Ft void .Fn nvlist_free_descriptor "nvlist_t *nvl" "const char *name" .Ft void .Fn nvlist_free_binary "nvlist_t *nvl" "const char *name" .Sh DESCRIPTION The .Nm libnv library allows to easily manage name value pairs as well as send and receive them over sockets. A group (list) of name value pairs is called an .Nm nvlist . The API supports the following data types: .Bl -ohang -offset indent .It Sy null ( NV_TYPE_NULL ) There is no data associated with the name. .It Sy bool ( NV_TYPE_BOOL ) The value can be either .Dv true or .Dv false . .It Sy number ( NV_TYPE_NUMBER ) The value is a number stored as .Vt uint64_t . .It Sy string ( NV_TYPE_STRING ) The value is a C string. .It Sy nvlist ( NV_TYPE_NVLIST ) The value is a nested nvlist. .It Sy descriptor ( NV_TYPE_DESCRIPTOR ) The value is a file descriptor. Note that file descriptors can be sent only over .Xr unix 4 domain sockets. .It Sy binary ( NV_TYPE_BINARY ) The value is a binary buffer. .El .Pp The .Fn nvlist_create function allocates memory and initializes an nvlist. .Pp The following flag can be provided: .Pp .Bl -tag -width "NV_FLAG_IGNORE_CASE" -compact -offset indent .It Dv NV_FLAG_IGNORE_CASE Perform case-insensitive lookups of provided names. .El .Pp The .Fn nvlist_destroy function destroys the given nvlist. Function does nothing if .Dv NULL nvlist is provided. Function never modifies the .Va errno global variable. .Pp The .Fn nvlist_error function returns any error value that the nvlist accumulated. If the given nvlist is .Dv NULL the .Er ENOMEM error will be returned. .Pp The .Fn nvlist_set_error function sets an nvlist to be in the error state. Subsequent calls to .Fn nvlist_error will return the given error value. This function cannot be used to clear the error state from an nvlist. This function does nothing if the nvlist is already in the error state. .Pp The .Fn nvlist_empty function returns .Dv true if the given nvlist is empty and .Dv false otherwise. The nvlist must not be in error state. .Pp The .Fn nvlist_flags function returns flags used to create the nvlist with the .Fn nvlist_create function. .Pp The .Fn nvlist_clone functions clones the given nvlist. The clone shares no resources with its origin. This also means that all file descriptors that are part of the nvlist will be duplicated with the .Xr dup 2 system call before placing them in the clone. .Pp The .Fn nvlist_dump dumps nvlist content for debugging purposes to the given file descriptor .Fa fd . .Pp The .Fn nvlist_fdump dumps nvlist content for debugging purposes to the given file stream .Fa fp . .Pp The .Fn nvlist_size function returns the size of the given nvlist after converting it to binary buffer with the .Fn nvlist_pack function. .Pp The .Fn nvlist_pack function converts the given nvlist to a binary buffer. The function allocates memory for the buffer, which should be freed with the .Xr free 3 function. If the .Fa sizep argument is not .Dv NULL , the size of the buffer will be stored there. The function returns .Dv NULL in case of an error (allocation failure). If the nvlist contains any file descriptors .Dv NULL will be returned. The nvlist must not be in error state. .Pp The .Fn nvlist_unpack function converts the given buffer to the nvlist. +The +.Fa flags +argument defines what type of the top level nvlist is expected to be. +Flags are set up using the +.Fn nvlist_create +function. +If the nvlist flags do not match the flags passed to +.Fn nvlist_unpack , +the nvlist will not be returned. +Every nested nvlist list should be checked using +.Fn nvlist_flags +function. The function returns .Dv NULL in case of an error. .Pp The .Fn nvlist_send function sends the given nvlist over the socket given by the .Fa sock argument. Note that nvlist that contains file descriptors can only be send over .Xr unix 4 domain sockets. .Pp The .Fn nvlist_recv function receives nvlist over the socket given by the .Fa sock argument. +The +.Fa flags +argument defines what type of the top level nvlist is expected to be. +Flags are set up using the +.Fn nvlist_create +function. +If the nvlist flags do not match the flags passed to +.Fn nvlist_recv , +the nvlist will not be returned. +Every nested nvlist list should be checked using +.Fn nvlist_flags +function. .Pp The .Fn nvlist_xfer function sends the given nvlist over the socket given by the .Fa sock argument and receives nvlist over the same socket. +The +.Fa flags +argument defines what type of the top level nvlist is expected to be. +Flags are set up using the +.Fn nvlist_create +function. +If the nvlist flags do not match the flags passed to +.Fn nvlist_xfer , +the nvlist will not be returned. +Every nested nvlist list should be checked using +.Fn nvlist_flags +function. The given nvlist is always destroyed. .Pp The .Fn nvlist_next function iterates over the given nvlist returning names and types of subsequent elements. The .Fa cookiep argument allows the function to figure out which element should be returned next. The .Va *cookiep should be set to .Dv NULL for the first call and should not be changed later. Returning .Dv NULL means there are no more elements on the nvlist. The .Fa typep argument can be NULL. Elements may not be removed from the nvlist while traversing it. The nvlist must not be in error state. .Pp The .Fn nvlist_exists function returns .Dv true if element of the given name exists (besides of its type) or .Dv false otherwise. The nvlist must not be in error state. .Pp The .Fn nvlist_exists_type function returns .Dv true if element of the given name and the given type exists or .Dv false otherwise. The nvlist must not be in error state. .Pp The .Fn nvlist_exists_null , .Fn nvlist_exists_bool , .Fn nvlist_exists_number , .Fn nvlist_exists_string , .Fn nvlist_exists_nvlist , .Fn nvlist_exists_descriptor , .Fn nvlist_exists_binary functions return .Dv true if element of the given name and the given type determined by the function name exists or .Dv false otherwise. The nvlist must not be in error state. .Pp The .Fn nvlist_add_null , .Fn nvlist_add_bool , .Fn nvlist_add_number , .Fn nvlist_add_string , .Fn nvlist_add_stringf , .Fn nvlist_add_stringv , .Fn nvlist_add_nvlist , .Fn nvlist_add_descriptor , .Fn nvlist_add_binary functions add element to the given nvlist. When adding string or binary buffor the functions will allocate memory and copy the data over. When adding nvlist, the nvlist will be cloned and clone will be added. When adding descriptor, the descriptor will be duplicated using the .Xr dup 2 system call and the new descriptor will be added. If an error occurs while adding new element, internal error is set which can be examined using the .Fn nvlist_error function. .Pp The .Fn nvlist_move_string , .Fn nvlist_move_nvlist , .Fn nvlist_move_descriptor , .Fn nvlist_move_binary functions add new element to the given nvlist, but unlike .Fn nvlist_add_ functions they will consume the given resource. If an error occurs while adding new element, the resource is destroyed and internal error is set which can be examined using the .Fn nvlist_error function. .Pp The .Fn nvlist_get_bool , .Fn nvlist_get_number , .Fn nvlist_get_string , .Fn nvlist_get_nvlist , .Fn nvlist_get_descriptor , .Fn nvlist_get_binary functions allow to obtain value of the given name. In case of string, nvlist, descriptor or binary, returned resource should not be modified - it still belongs to the nvlist. If element of the given name does not exist, the program will be aborted. To avoid that the caller should check for existence before trying to obtain the value or use .Xr dnvlist 3 extension, which allows to provide default value for a missing element. The nvlist must not be in error state. .Pp The .Fn nvlist_get_parent function allows to obtain the parent nvlist from the nested nvlist. .Pp The .Fn nvlist_take_bool , .Fn nvlist_take_number , .Fn nvlist_take_string , .Fn nvlist_take_nvlist , .Fn nvlist_take_descriptor , .Fn nvlist_take_binary functions return value associated with the given name and remove the element from the nvlist. In case of string and binary values, the caller is responsible for free returned memory using the .Xr free 3 function. In case of nvlist, the caller is responsible for destroying returned nvlist using the .Fn nvlist_destroy function. In case of descriptor, the caller is responsible for closing returned descriptor using the .Fn close 2 system call. If element of the given name does not exist, the program will be aborted. To avoid that the caller should check for existence before trying to obtain the value or use .Xr dnvlist 3 extension, which allows to provide default value for a missing element. The nvlist must not be in error state. .Pp The .Fn nvlist_free function removes element of the given name from the nvlist (besides of its type) and frees all resources associated with it. If element of the given name does not exist, the program will be aborted. The nvlist must not be in error state. .Pp The .Fn nvlist_free_type function removes element of the given name and the given type from the nvlist and frees all resources associated with it. If element of the given name and the given type does not exist, the program will be aborted. The nvlist must not be in error state. .Pp The .Fn nvlist_free_null , .Fn nvlist_free_bool , .Fn nvlist_free_number , .Fn nvlist_free_string , .Fn nvlist_free_nvlist , .Fn nvlist_free_descriptor , .Fn nvlist_free_binary functions remove element of the given name and the given type determined by the function name from the nvlist and free all resources associated with it. If element of the given name and the given type does not exist, the program will be aborted. The nvlist must not be in error state. .Sh EXAMPLES The following example demonstrates how to prepare an nvlist and send it over .Xr unix 4 domain socket. .Bd -literal nvlist_t *nvl; int fd; fd = open("/tmp/foo", O_RDONLY); if (fd < 0) err(1, "open(\\"/tmp/foo\\") failed"); nvl = nvlist_create(0); /* * There is no need to check if nvlist_create() succeeded, * as the nvlist_add_() functions can cope. * If it failed, nvlist_send() will fail. */ nvlist_add_string(nvl, "filename", "/tmp/foo"); nvlist_add_number(nvl, "flags", O_RDONLY); /* * We just want to send the descriptor, so we can give it * for the nvlist to consume (that's why we use nvlist_move * not nvlist_add). */ nvlist_move_descriptor(nvl, "fd", fd); if (nvlist_send(sock, nvl) < 0) { nvlist_destroy(nvl); err(1, "nvlist_send() failed"); } nvlist_destroy(nvl); .Ed .Pp Receiving nvlist and getting data: .Bd -literal nvlist_t *nvl; const char *command; char *filename; int fd; -nvl = nvlist_recv(sock); +nvl = nvlist_recv(sock, 0); if (nvl == NULL) err(1, "nvlist_recv() failed"); /* For command we take pointer to nvlist's buffer. */ command = nvlist_get_string(nvl, "command"); /* * For filename we remove it from the nvlist and take * ownership of the buffer. */ filename = nvlist_take_string(nvl, "filename"); /* The same for the descriptor. */ fd = nvlist_take_descriptor(nvl, "fd"); printf("command=%s filename=%s fd=%d\n", command, filename, fd); nvlist_destroy(nvl); free(filename); close(fd); /* command was freed by nvlist_destroy() */ .Ed .Pp Iterating over nvlist: .Bd -literal nvlist_t *nvl; const char *name; void *cookie; int type; -nvl = nvlist_recv(sock); +nvl = nvlist_recv(sock, 0); if (nvl == NULL) err(1, "nvlist_recv() failed"); cookie = NULL; while ((name = nvlist_next(nvl, &type, &cookie)) != NULL) { printf("%s=", name); switch (type) { case NV_TYPE_NUMBER: printf("%ju", (uintmax_t)nvlist_get_number(nvl, name)); break; case NV_TYPE_STRING: printf("%s", nvlist_get_string(nvl, name)); break; default: printf("N/A"); break; } printf("\\n"); } .Ed .Pp Iterating over every nested nvlist: .Bd -literal nvlist_t *nvl; const char *name; void *cookie; int type; -nvl = nvlist_recv(sock); +nvl = nvlist_recv(sock, 0); if (nvl == NULL) err(1, "nvlist_recv() failed"); cookie = NULL; do { while ((name = nvlist_next(nvl, &type, &cookie)) != NULL) { if (type == NV_TYPE_NVLIST) { nvl = nvlist_get_nvlist(nvl, name); cookie = NULL; } } } while ((nvl = nvlist_get_parent(nvl, &cookie)) != NULL); .Ed .Sh SEE ALSO .Xr close 2 , .Xr dup 2 , .Xr open 2 , .Xr err 3 , .Xr free 3 , .Xr printf 3 , .Xr unix 4 .Sh HISTORY The .Nm libnv library appeared in .Fx 11.0 . .Sh AUTHORS .An -nosplit The .Nm libnv library was implemented by .An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net under sponsorship from the FreeBSD Foundation. diff --git a/lib/libnv/tests/nv_tests.cc b/lib/libnv/tests/nv_tests.cc index 2d9fd97914d1..1fee182acea0 100644 --- a/lib/libnv/tests/nv_tests.cc +++ b/lib/libnv/tests/nv_tests.cc @@ -1,1240 +1,1240 @@ /*- * Copyright (c) 2014-2015 Sandvine Inc. All rights reserved. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include /* * Test that a newly created nvlist has no errors, and is empty. */ ATF_TEST_CASE_WITHOUT_HEAD(nvlist_create__is_empty); ATF_TEST_CASE_BODY(nvlist_create__is_empty) { nvlist_t *nvl; int type; void *it; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); ATF_REQUIRE_EQ(nvlist_error(nvl), 0); ATF_REQUIRE(nvlist_empty(nvl)); it = NULL; ATF_REQUIRE_EQ(nvlist_next(nvl, &type, &it), static_cast(NULL)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_add_null__single_insert); ATF_TEST_CASE_BODY(nvlist_add_null__single_insert) { nvlist_t *nvl; void *it; const char *key; int type; key = "key"; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); ATF_REQUIRE(!nvlist_exists(nvl, key)); nvlist_add_null(nvl, key); ATF_REQUIRE(!nvlist_empty(nvl)); ATF_REQUIRE(nvlist_exists(nvl, key)); ATF_REQUIRE(nvlist_exists_null(nvl, key)); ATF_REQUIRE(nvlist_exists_null(nvl, "key")); /* Iterate over the nvlist; ensure that it has only our one key. */ it = NULL; ATF_REQUIRE_EQ(strcmp(nvlist_next(nvl, &type, &it), key), 0); ATF_REQUIRE_EQ(type, NV_TYPE_NULL); ATF_REQUIRE_EQ(nvlist_next(nvl, &type,&it), static_cast(NULL)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_add_bool__single_insert); ATF_TEST_CASE_BODY(nvlist_add_bool__single_insert) { nvlist_t *nvl; void *it; const char *key; int type; key = "name"; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); ATF_REQUIRE(!nvlist_exists(nvl, key)); nvlist_add_bool(nvl, key, true); ATF_REQUIRE(!nvlist_empty(nvl)); ATF_REQUIRE(nvlist_exists(nvl, key)); ATF_REQUIRE(nvlist_exists(nvl, "name")); ATF_REQUIRE(nvlist_exists_bool(nvl, key)); ATF_REQUIRE(nvlist_exists_bool(nvl, "name")); ATF_REQUIRE_EQ(nvlist_get_bool(nvl, key), true); /* Iterate over the nvlist; ensure that it has only our one key. */ it = NULL; ATF_REQUIRE_EQ(strcmp(nvlist_next(nvl, &type, &it), key), 0); ATF_REQUIRE_EQ(type, NV_TYPE_BOOL); ATF_REQUIRE_EQ(nvlist_next(nvl, &type,&it), static_cast(NULL)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_add_number__single_insert); ATF_TEST_CASE_BODY(nvlist_add_number__single_insert) { nvlist_t *nvl; void *it; const char *key; uint64_t value; int type; key = "foo123"; value = 71965; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); ATF_REQUIRE(!nvlist_exists(nvl, key)); nvlist_add_number(nvl, key, value); ATF_REQUIRE(!nvlist_empty(nvl)); ATF_REQUIRE(nvlist_exists(nvl, key)); ATF_REQUIRE(nvlist_exists(nvl, "foo123")); ATF_REQUIRE(nvlist_exists_number(nvl, key)); ATF_REQUIRE_EQ(nvlist_get_number(nvl, key), value); /* Iterate over the nvlist; ensure that it has only our one key. */ it = NULL; ATF_REQUIRE_EQ(strcmp(nvlist_next(nvl, &type, &it), key), 0); ATF_REQUIRE_EQ(type, NV_TYPE_NUMBER); ATF_REQUIRE_EQ(nvlist_next(nvl, &type,&it), static_cast(NULL)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_add_string__single_insert); ATF_TEST_CASE_BODY(nvlist_add_string__single_insert) { nvlist_t *nvl; void *it; const char *key; const char *value; int type; key = "test"; value = "fgjdkgjdk"; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); ATF_REQUIRE(!nvlist_exists(nvl, key)); nvlist_add_string(nvl, key, value); ATF_REQUIRE(!nvlist_empty(nvl)); ATF_REQUIRE(nvlist_exists(nvl, key)); ATF_REQUIRE(nvlist_exists(nvl, "test")); ATF_REQUIRE(nvlist_exists_string(nvl, key)); ATF_REQUIRE(nvlist_exists_string(nvl, "test")); ATF_REQUIRE_EQ(strcmp(nvlist_get_string(nvl, key), value), 0); /* nvlist_add_* is required to clone the value, so check for that. */ ATF_REQUIRE(nvlist_get_string(nvl, key) != value); /* Iterate over the nvlist; ensure that it has only our one key. */ it = NULL; ATF_REQUIRE_EQ(strcmp(nvlist_next(nvl, &type, &it), key), 0); ATF_REQUIRE_EQ(type, NV_TYPE_STRING); ATF_REQUIRE_EQ(nvlist_next(nvl, &type,&it), static_cast(NULL)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_add_nvlist__single_insert); ATF_TEST_CASE_BODY(nvlist_add_nvlist__single_insert) { nvlist_t *nvl; void *it; const char *key, *subkey; nvlist_t *sublist; const nvlist_t *value; int type; key = "test"; subkey = "subkey"; sublist = nvlist_create(0); nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); ATF_REQUIRE(!nvlist_exists(nvl, key)); nvlist_add_null(sublist, subkey); nvlist_add_nvlist(nvl, key, sublist); ATF_REQUIRE(!nvlist_empty(nvl)); ATF_REQUIRE(nvlist_exists(nvl, key)); ATF_REQUIRE(nvlist_exists(nvl, "test")); ATF_REQUIRE(nvlist_exists_nvlist(nvl, key)); ATF_REQUIRE(nvlist_exists_nvlist(nvl, "test")); value = nvlist_get_nvlist(nvl, key); ATF_REQUIRE(nvlist_exists_null(value, subkey)); /* nvlist_add_* is required to clone the value, so check for that. */ ATF_REQUIRE(sublist != value); /* Iterate over the nvlist; ensure that it has only our one key. */ it = NULL; ATF_REQUIRE_EQ(strcmp(nvlist_next(nvl, &type, &it), key), 0); ATF_REQUIRE_EQ(type, NV_TYPE_NVLIST); ATF_REQUIRE_EQ(nvlist_next(nvl, &type,&it), static_cast(NULL)); nvlist_destroy(sublist); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_add_nvlist__child_with_error); ATF_TEST_CASE_BODY(nvlist_add_nvlist__child_with_error) { nvlist_t *nvl, *parent; nvl = nvlist_create(0); parent = nvlist_create(0); nvlist_set_error(nvl, EBADF); nvlist_add_nvlist(parent, "test", nvl); ATF_REQUIRE_EQ(nvlist_error(parent), EBADF); nvlist_destroy(nvl); nvlist_destroy(parent); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_add_binary__single_insert); ATF_TEST_CASE_BODY(nvlist_add_binary__single_insert) { nvlist_t *nvl; void *it; const char *key; void *value; const void *ret_value; size_t value_size, ret_size; int type; key = "binary"; value_size = 13; value = malloc(value_size); memset(value, 0xa5, value_size); nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); ATF_REQUIRE(!nvlist_exists(nvl, key)); nvlist_add_binary(nvl, key, value, value_size); ATF_REQUIRE(!nvlist_empty(nvl)); ATF_REQUIRE(nvlist_exists(nvl, key)); ATF_REQUIRE(nvlist_exists(nvl, "binary")); ATF_REQUIRE(nvlist_exists_binary(nvl, key)); ATF_REQUIRE(nvlist_exists_binary(nvl, "binary")); ret_value = nvlist_get_binary(nvl, key, &ret_size); ATF_REQUIRE_EQ(value_size, ret_size); ATF_REQUIRE_EQ(memcmp(value, ret_value, ret_size), 0); /* nvlist_add_* is required to clone the value, so check for that. */ ATF_REQUIRE(value != ret_value); /* Iterate over the nvlist; ensure that it has only our one key. */ it = NULL; ATF_REQUIRE_EQ(strcmp(nvlist_next(nvl, &type, &it), key), 0); ATF_REQUIRE_EQ(type, NV_TYPE_BINARY); ATF_REQUIRE_EQ(nvlist_next(nvl, &type,&it), static_cast(NULL)); nvlist_destroy(nvl); free(value); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_clone__empty_nvlist); ATF_TEST_CASE_BODY(nvlist_clone__empty_nvlist) { nvlist_t *nvl, *clone; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); clone = nvlist_clone(nvl); ATF_REQUIRE(clone != NULL); ATF_REQUIRE(clone != nvl); ATF_REQUIRE(nvlist_empty(clone)); nvlist_destroy(clone); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_clone__nonempty_nvlist); ATF_TEST_CASE_BODY(nvlist_clone__nonempty_nvlist) { nvlist_t *nvl, *clone; const char *key; void *it; uint64_t value; int type; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); key = "testkey"; value = 684874; nvlist_add_number(nvl, key, value); clone = nvlist_clone(nvl); ATF_REQUIRE(clone != NULL); ATF_REQUIRE(clone != nvl); ATF_REQUIRE(nvlist_exists_number(clone, key)); ATF_REQUIRE_EQ(nvlist_get_number(clone, key), value); /* Iterate over the nvlist; ensure that it has only our one key. */ it = NULL; ATF_REQUIRE_EQ(strcmp(nvlist_next(clone, &type, &it), key), 0); ATF_REQUIRE_EQ(type, NV_TYPE_NUMBER); ATF_REQUIRE_EQ(nvlist_next(clone, &type, &it), static_cast(NULL)); nvlist_destroy(clone); nvlist_destroy(nvl); } static const char * const test_subnvlist_key = "nvlist"; static const char * const test_string_key = "string"; static const char * const test_string_val = "59525"; static nvlist_t* create_test_nvlist(void) { nvlist_t *nvl, *sublist; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); sublist = nvlist_create(0); ATF_REQUIRE(sublist != NULL); nvlist_add_string(sublist, test_string_key, test_string_val); nvlist_move_nvlist(nvl, test_subnvlist_key, sublist); return (nvl); } static void verify_test_nvlist(const nvlist_t *nvl) { void *it; const nvlist_t *value; int type; ATF_REQUIRE(nvlist_exists_nvlist(nvl, test_subnvlist_key)); value = nvlist_get_nvlist(nvl, test_subnvlist_key); ATF_REQUIRE(nvlist_exists_string(value, test_string_key)); ATF_REQUIRE_EQ(strcmp(nvlist_get_string(value, test_string_key), test_string_val), 0); ATF_REQUIRE(nvlist_get_string(value, test_string_key) != test_string_val); /* Iterate over both nvlists; ensure that each has only the one key. */ it = NULL; ATF_REQUIRE_EQ(strcmp(nvlist_next(value, &type, &it), test_string_key), 0); ATF_REQUIRE_EQ(type, NV_TYPE_STRING); ATF_REQUIRE_EQ(nvlist_next(value, &type, &it), static_cast(NULL)); it = NULL; ATF_REQUIRE_EQ(strcmp(nvlist_next(nvl, &type, &it), test_subnvlist_key), 0); ATF_REQUIRE_EQ(type, NV_TYPE_NVLIST); ATF_REQUIRE_EQ(nvlist_next(nvl, &type, &it), static_cast(NULL)); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_clone__nested_nvlist); ATF_TEST_CASE_BODY(nvlist_clone__nested_nvlist) { nvlist_t *nvl, *clone; nvl = create_test_nvlist(); clone = nvlist_clone(nvl); ATF_REQUIRE(clone != NULL); ATF_REQUIRE(clone != nvl); verify_test_nvlist(clone); nvlist_destroy(clone); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_clone__error_nvlist); ATF_TEST_CASE_BODY(nvlist_clone__error_nvlist) { nvlist_t *nvl, *clone; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); nvlist_set_error(nvl, ENOMEM); clone = nvlist_clone(nvl); ATF_REQUIRE(clone == NULL); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_pack__empty_nvlist); ATF_TEST_CASE_BODY(nvlist_pack__empty_nvlist) { nvlist_t *nvl, *unpacked; void *packed; size_t packed_size; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); packed = nvlist_pack(nvl, &packed_size); ATF_REQUIRE(packed != NULL); - unpacked = nvlist_unpack(packed, packed_size); + unpacked = nvlist_unpack(packed, packed_size, 0); ATF_REQUIRE(unpacked != NULL); ATF_REQUIRE(unpacked != nvl); ATF_REQUIRE(nvlist_empty(unpacked)); nvlist_destroy(unpacked); nvlist_destroy(nvl); free(packed); } static void verify_null(const nvlist_t *nvl, int type) { ATF_REQUIRE_EQ(type, NV_TYPE_NULL); } static void verify_number(const nvlist_t *nvl, const char *name, int type, uint64_t value) { ATF_REQUIRE_EQ(type, NV_TYPE_NUMBER); ATF_REQUIRE_EQ(nvlist_get_number(nvl, name), value); } static void verify_string(const nvlist_t *nvl, const char *name, int type, const char * value) { ATF_REQUIRE_EQ(type, NV_TYPE_STRING); ATF_REQUIRE_EQ(strcmp(nvlist_get_string(nvl, name), value), 0); } static void verify_nvlist(const nvlist_t *nvl, const char *name, int type) { ATF_REQUIRE_EQ(type, NV_TYPE_NVLIST); verify_test_nvlist(nvlist_get_nvlist(nvl, name)); } static void verify_binary(const nvlist_t *nvl, const char *name, int type, const void * value, size_t size) { const void *actual_value; size_t actual_size; ATF_REQUIRE_EQ(type, NV_TYPE_BINARY); actual_value = nvlist_get_binary(nvl, name, &actual_size); ATF_REQUIRE_EQ(size, actual_size); ATF_REQUIRE_EQ(memcmp(value, actual_value, size), 0); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_pack__multiple_values); ATF_TEST_CASE_BODY(nvlist_pack__multiple_values) { std::ostringstream msg; std::set keys_seen; nvlist_t *nvl, *unpacked, *nvvalue; const char *nullkey, *numkey, *strkey, *nvkey, *binkey, *name; int numvalue; const char * strvalue; void *binvalue, *packed, *it; size_t binsize, packed_size; int type; nvl = nvlist_create(0); nullkey = "null"; nvlist_add_null(nvl, nullkey); numkey = "number"; numvalue = 939853984; nvlist_add_number(nvl, numkey, numvalue); strkey = "string"; strvalue = "jfieutijf"; nvlist_add_string(nvl, strkey, strvalue); nvkey = "nvlist"; nvvalue = create_test_nvlist(); nvlist_move_nvlist(nvl, nvkey, nvvalue); binkey = "binary"; binsize = 4; binvalue = malloc(binsize); memset(binvalue, 'b', binsize); nvlist_move_binary(nvl, binkey, binvalue, binsize); packed = nvlist_pack(nvl, &packed_size); ATF_REQUIRE(packed != NULL); - unpacked = nvlist_unpack(packed, packed_size); + unpacked = nvlist_unpack(packed, packed_size, 0); ATF_REQUIRE(unpacked != 0); it = NULL; while ((name = nvlist_next(unpacked, &type, &it)) != NULL) { /* Ensure that we see every key only once. */ ATF_REQUIRE_EQ(keys_seen.count(name), 0); if (strcmp(name, nullkey) == 0) verify_null(unpacked, type); else if (strcmp(name, numkey) == 0) verify_number(unpacked, name, type, numvalue); else if (strcmp(name, strkey) == 0) verify_string(unpacked, name, type, strvalue); else if (strcmp(name, nvkey) == 0) verify_nvlist(unpacked, name, type); else if (strcmp(name, binkey) == 0) verify_binary(unpacked, name, type, binvalue, binsize); else { msg << "Unexpected key :'" << name << "'"; ATF_FAIL(msg.str().c_str()); } keys_seen.insert(name); } /* Ensure that we saw every key. */ ATF_REQUIRE_EQ(keys_seen.size(), 5); nvlist_destroy(nvl); nvlist_destroy(unpacked); free(packed); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_pack__error_nvlist); ATF_TEST_CASE_BODY(nvlist_pack__error_nvlist) { nvlist_t *nvl; void *packed; size_t size; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); nvlist_set_error(nvl, ENOMEM); packed = nvlist_pack(nvl, &size); ATF_REQUIRE(packed == NULL); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_unpack__duplicate_key); ATF_TEST_CASE_BODY(nvlist_unpack__duplicate_key) { nvlist_t *nvl, *unpacked; const char *key1, *key2; void *packed, *keypos; size_t size, keylen; nvl = nvlist_create(0); key1 = "key1"; keylen = strlen(key1); nvlist_add_number(nvl, key1, 5); key2 = "key2"; ATF_REQUIRE_EQ(keylen, strlen(key2)); nvlist_add_number(nvl, key2, 10); packed = nvlist_pack(nvl, &size); /* * Mangle the packed nvlist by replacing key1 with key2, creating a * packed nvlist with a duplicate key. */ keypos = memmem(packed, size, key1, keylen); ATF_REQUIRE(keypos != NULL); memcpy(keypos, key2, keylen); - unpacked = nvlist_unpack(packed, size); + unpacked = nvlist_unpack(packed, size, 0); ATF_REQUIRE(nvlist_error(unpacked) != 0); free(packed); nvlist_destroy(nvl); nvlist_destroy(unpacked); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_move_string__single_insert); ATF_TEST_CASE_BODY(nvlist_move_string__single_insert) { nvlist_t *nvl; const char *key; char *value; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); key = "testkey"; value = strdup("testval"); ATF_REQUIRE(value != NULL); nvlist_move_string(nvl, key, value); ATF_REQUIRE_EQ(nvlist_get_string(nvl, key), value); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_move_nvlist__null_child); ATF_TEST_CASE_BODY(nvlist_move_nvlist__null_child) { nvlist_t *parent; parent = nvlist_create(0); nvlist_move_nvlist(parent, "test", NULL); ATF_REQUIRE(nvlist_error(parent) != 0); nvlist_destroy(parent); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_move_nvlist__child_with_error); ATF_TEST_CASE_BODY(nvlist_move_nvlist__child_with_error) { nvlist_t *nvl, *parent; nvl = nvlist_create(0); parent = nvlist_create(0); nvlist_set_error(nvl, EBADF); nvlist_move_nvlist(parent, "test", nvl); ATF_REQUIRE_EQ(nvlist_error(parent), EBADF); nvlist_destroy(parent); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_move_nvlist__single_insert); ATF_TEST_CASE_BODY(nvlist_move_nvlist__single_insert) { nvlist_t *nvl; const char *key; nvlist_t *value; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); key = "testkey"; value = nvlist_create(0); ATF_REQUIRE(value != NULL); nvlist_move_nvlist(nvl, key, value); ATF_REQUIRE_EQ(nvlist_get_nvlist(nvl, key), value); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_move_binary__single_insert); ATF_TEST_CASE_BODY(nvlist_move_binary__single_insert) { nvlist_t *nvl; const char *key; void *value; size_t size, actual_size; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); key = "testkey"; size = 73; value = malloc(size); ATF_REQUIRE(value != NULL); nvlist_move_binary(nvl, key, value, size); ATF_REQUIRE_EQ(nvlist_get_binary(nvl, key, &actual_size), value); ATF_REQUIRE_EQ(size, actual_size); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_take_bool__single_remove); ATF_TEST_CASE_BODY(nvlist_take_bool__single_remove) { nvlist_t *nvl; const char *testkey; bool testval; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); testkey = "boolkey"; testval = false; nvlist_add_bool(nvl, testkey, testval); ATF_REQUIRE_EQ(nvlist_take_bool(nvl, testkey), testval); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_take_bool__other_keys_unchanged); ATF_TEST_CASE_BODY(nvlist_take_bool__other_keys_unchanged) { nvlist_t *nvl; const char *testkey, *otherkey1, *otherkey2; bool testval, otherval1; nvlist_t *otherval2; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); testkey = "boolkey"; testval = true; nvlist_add_bool(nvl, testkey, testval); otherkey1 = "key1"; otherval1 = false; nvlist_add_bool(nvl, otherkey1, otherval1); otherkey2 = "key2"; otherval2 = create_test_nvlist(); nvlist_move_nvlist(nvl, otherkey2, otherval2); ATF_REQUIRE_EQ(nvlist_take_bool(nvl, testkey), testval); ATF_REQUIRE(nvlist_exists_bool(nvl, otherkey1)); ATF_REQUIRE_EQ(nvlist_get_bool(nvl, otherkey1), otherval1); ATF_REQUIRE(nvlist_exists_nvlist(nvl, otherkey2)); verify_test_nvlist(nvlist_get_nvlist(nvl, otherkey2)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_take_number__single_remove); ATF_TEST_CASE_BODY(nvlist_take_number__single_remove) { nvlist_t *nvl; const char *testkey; uint64_t testval; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); testkey = "numkey"; testval = std::numeric_limits::max(); nvlist_add_number(nvl, testkey, testval); ATF_REQUIRE_EQ(nvlist_take_number(nvl, testkey), testval); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_take_number__other_keys_unchanged); ATF_TEST_CASE_BODY(nvlist_take_number__other_keys_unchanged) { nvlist_t *nvl; const char *testkey, *otherkey1, *otherkey2; uint64_t testval, otherval1; const char *otherval2; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); otherkey1 = "key1"; otherval1 = 5; nvlist_add_number(nvl, otherkey1, otherval1); testkey = "numkey"; testval = 1654; nvlist_add_number(nvl, testkey, testval); otherkey2 = "key2"; otherval2 = "string"; nvlist_add_string(nvl, otherkey2, otherval2); ATF_REQUIRE_EQ(nvlist_take_number(nvl, testkey), testval); ATF_REQUIRE(nvlist_exists_number(nvl, otherkey1)); ATF_REQUIRE_EQ(nvlist_get_number(nvl, otherkey1), otherval1); ATF_REQUIRE(nvlist_exists_string(nvl, otherkey2)); ATF_REQUIRE_EQ(strcmp(nvlist_get_string(nvl, otherkey2), otherval2), 0); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_take_string__single_remove); ATF_TEST_CASE_BODY(nvlist_take_string__single_remove) { nvlist_t *nvl; const char *testkey; const char *testval; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); testkey = "numkey"; testval = "nvlist"; nvlist_add_string(nvl, testkey, testval); ATF_REQUIRE_EQ(strcmp(nvlist_take_string(nvl, testkey), testval), 0); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_take_string__other_keys_unchanged); ATF_TEST_CASE_BODY(nvlist_take_string__other_keys_unchanged) { nvlist_t *nvl; const char *testkey, *otherkey1, *otherkey2; const char *testval, *otherval1; bool otherval2; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); otherkey1 = "key1"; otherval1 = "fjdifjdk"; nvlist_add_string(nvl, otherkey1, otherval1); otherkey2 = "key2"; otherval2 = true; nvlist_add_bool(nvl, otherkey2, otherval2); testkey = "strkey"; testval = "1654"; nvlist_add_string(nvl, testkey, testval); ATF_REQUIRE_EQ(strcmp(nvlist_take_string(nvl, testkey), testval), 0); ATF_REQUIRE(nvlist_exists_string(nvl, otherkey1)); ATF_REQUIRE_EQ(strcmp(nvlist_get_string(nvl, otherkey1), otherval1), 0); ATF_REQUIRE(nvlist_exists_bool(nvl, otherkey2)); ATF_REQUIRE_EQ(nvlist_get_bool(nvl, otherkey2), otherval2); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_take_nvlist__single_remove); ATF_TEST_CASE_BODY(nvlist_take_nvlist__single_remove) { nvlist_t *nvl; const char *testkey; nvlist_t *testval; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); testkey = "numkey"; testval = create_test_nvlist(); nvlist_move_nvlist(nvl, testkey, testval); verify_test_nvlist(nvlist_take_nvlist(nvl, testkey)); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_take_nvlist__other_keys_unchanged); ATF_TEST_CASE_BODY(nvlist_take_nvlist__other_keys_unchanged) { nvlist_t *nvl; const char *testkey, *otherkey1, *otherkey2; nvlist_t *testval, *otherval1; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); testkey = "strkey"; testval = create_test_nvlist(); nvlist_move_nvlist(nvl, testkey, testval); otherkey1 = "key1"; otherval1 = nvlist_create(0); nvlist_move_nvlist(nvl, otherkey1, otherval1); otherkey2 = "key2"; nvlist_add_null(nvl, otherkey2); verify_test_nvlist(nvlist_take_nvlist(nvl, testkey)); ATF_REQUIRE(nvlist_exists_nvlist(nvl, otherkey1)); ATF_REQUIRE(nvlist_empty(nvlist_get_nvlist(nvl, otherkey1))); ATF_REQUIRE(nvlist_exists_null(nvl, otherkey2)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_take_binary__single_remove); ATF_TEST_CASE_BODY(nvlist_take_binary__single_remove) { nvlist_t *nvl; const char *testkey; void *testval; const void *actual_val; size_t testsize, actual_size; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); testkey = "numkey"; testsize = 457; testval = malloc(testsize); memset(testval, '5', testsize); nvlist_move_binary(nvl, testkey, testval, testsize); actual_val = nvlist_take_binary(nvl, testkey, &actual_size); ATF_REQUIRE_EQ(testsize, actual_size); ATF_REQUIRE_EQ(memcmp(actual_val, testval, testsize), 0); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_take_binary__other_keys_unchanged); ATF_TEST_CASE_BODY(nvlist_take_binary__other_keys_unchanged) { nvlist_t *nvl; const char *testkey, *otherkey1, *otherkey2; const void *actual_value; char testval[] = "gjiertj"; char otherval1[] = "fdreg"; size_t testsize, othersize, actual_size; bool otherval2; nvl = nvlist_create(0); ATF_REQUIRE(nvl != NULL); otherkey1 = "key1"; othersize = sizeof(otherval1); nvlist_add_binary(nvl, otherkey1, otherval1, othersize); otherkey2 = "key2"; otherval2 = true; nvlist_add_bool(nvl, otherkey2, otherval2); testkey = "strkey"; testsize = sizeof(testval); nvlist_add_binary(nvl, testkey, testval, testsize); actual_value = nvlist_take_binary(nvl, testkey, &actual_size); ATF_REQUIRE_EQ(testsize, actual_size); ATF_REQUIRE_EQ(memcmp(actual_value, testval, testsize), 0); ATF_REQUIRE(nvlist_exists_binary(nvl, otherkey1)); actual_value = nvlist_get_binary(nvl, otherkey1, &actual_size); ATF_REQUIRE_EQ(othersize, actual_size); ATF_REQUIRE_EQ(memcmp(actual_value, otherval1, othersize), 0); ATF_REQUIRE(nvlist_exists_bool(nvl, otherkey2)); ATF_REQUIRE_EQ(nvlist_get_bool(nvl, otherkey2), otherval2); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free__single_null); ATF_TEST_CASE_BODY(nvlist_free__single_null) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_null(nvl, key); nvlist_free(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free__single_bool); ATF_TEST_CASE_BODY(nvlist_free__single_bool) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_bool(nvl, key, true); nvlist_free(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free__single_number); ATF_TEST_CASE_BODY(nvlist_free__single_number) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_number(nvl, key, 584); nvlist_free(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free__single_string); ATF_TEST_CASE_BODY(nvlist_free__single_string) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_string(nvl, key, "gjkfkjd"); nvlist_free(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free__single_nvlist); ATF_TEST_CASE_BODY(nvlist_free__single_nvlist) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_nvlist(nvl, key, nvlist_create(0)); nvlist_free(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free__single_binary); ATF_TEST_CASE_BODY(nvlist_free__single_binary) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_binary(nvl, key, "jgjgfd", 6); nvlist_free(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free_null__single_null); ATF_TEST_CASE_BODY(nvlist_free_null__single_null) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_null(nvl, key); nvlist_free_null(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free_bool__single_bool); ATF_TEST_CASE_BODY(nvlist_free_bool__single_bool) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_bool(nvl, key, true); nvlist_free_bool(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free_number__single_number); ATF_TEST_CASE_BODY(nvlist_free_number__single_number) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_number(nvl, key, 584); nvlist_free_number(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free_string__single_string); ATF_TEST_CASE_BODY(nvlist_free_string__single_string) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_string(nvl, key, "gjkfkjd"); nvlist_free_string(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free_nvlist__single_nvlist); ATF_TEST_CASE_BODY(nvlist_free_nvlist__single_nvlist) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_nvlist(nvl, key, nvlist_create(0)); nvlist_free_nvlist(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_TEST_CASE_WITHOUT_HEAD(nvlist_free_binary__single_binary); ATF_TEST_CASE_BODY(nvlist_free_binary__single_binary) { nvlist_t *nvl; const char *key; nvl = nvlist_create(0); key = "test"; nvlist_add_binary(nvl, key, "jgjgfd", 6); nvlist_free_binary(nvl, key); ATF_REQUIRE(nvlist_empty(nvl)); nvlist_destroy(nvl); } ATF_INIT_TEST_CASES(tp) { ATF_ADD_TEST_CASE(tp, nvlist_create__is_empty); ATF_ADD_TEST_CASE(tp, nvlist_add_null__single_insert); ATF_ADD_TEST_CASE(tp, nvlist_add_bool__single_insert); ATF_ADD_TEST_CASE(tp, nvlist_add_number__single_insert); ATF_ADD_TEST_CASE(tp, nvlist_add_string__single_insert); ATF_ADD_TEST_CASE(tp, nvlist_add_nvlist__single_insert); ATF_ADD_TEST_CASE(tp, nvlist_add_nvlist__child_with_error); ATF_ADD_TEST_CASE(tp, nvlist_add_binary__single_insert); ATF_ADD_TEST_CASE(tp, nvlist_clone__empty_nvlist); ATF_ADD_TEST_CASE(tp, nvlist_clone__nonempty_nvlist); ATF_ADD_TEST_CASE(tp, nvlist_clone__nested_nvlist); ATF_ADD_TEST_CASE(tp, nvlist_clone__error_nvlist); ATF_ADD_TEST_CASE(tp, nvlist_pack__empty_nvlist); ATF_ADD_TEST_CASE(tp, nvlist_pack__multiple_values); ATF_ADD_TEST_CASE(tp, nvlist_pack__error_nvlist); ATF_ADD_TEST_CASE(tp, nvlist_unpack__duplicate_key); ATF_ADD_TEST_CASE(tp, nvlist_move_string__single_insert); ATF_ADD_TEST_CASE(tp, nvlist_move_nvlist__single_insert); ATF_ADD_TEST_CASE(tp, nvlist_move_nvlist__null_child); ATF_ADD_TEST_CASE(tp, nvlist_move_nvlist__child_with_error); ATF_ADD_TEST_CASE(tp, nvlist_move_binary__single_insert); ATF_ADD_TEST_CASE(tp, nvlist_take_bool__single_remove); ATF_ADD_TEST_CASE(tp, nvlist_take_bool__other_keys_unchanged); ATF_ADD_TEST_CASE(tp, nvlist_take_number__single_remove); ATF_ADD_TEST_CASE(tp, nvlist_take_number__other_keys_unchanged); ATF_ADD_TEST_CASE(tp, nvlist_take_string__single_remove); ATF_ADD_TEST_CASE(tp, nvlist_take_string__other_keys_unchanged); ATF_ADD_TEST_CASE(tp, nvlist_take_nvlist__single_remove); ATF_ADD_TEST_CASE(tp, nvlist_take_nvlist__other_keys_unchanged); ATF_ADD_TEST_CASE(tp, nvlist_take_binary__single_remove); ATF_ADD_TEST_CASE(tp, nvlist_take_binary__other_keys_unchanged); ATF_ADD_TEST_CASE(tp, nvlist_free__single_null); ATF_ADD_TEST_CASE(tp, nvlist_free__single_bool); ATF_ADD_TEST_CASE(tp, nvlist_free__single_number); ATF_ADD_TEST_CASE(tp, nvlist_free__single_string); ATF_ADD_TEST_CASE(tp, nvlist_free__single_nvlist); ATF_ADD_TEST_CASE(tp, nvlist_free__single_binary); ATF_ADD_TEST_CASE(tp, nvlist_free_null__single_null); ATF_ADD_TEST_CASE(tp, nvlist_free_bool__single_bool); ATF_ADD_TEST_CASE(tp, nvlist_free_number__single_number); ATF_ADD_TEST_CASE(tp, nvlist_free_string__single_string); ATF_ADD_TEST_CASE(tp, nvlist_free_nvlist__single_nvlist); ATF_ADD_TEST_CASE(tp, nvlist_free_binary__single_binary); } diff --git a/lib/libnv/tests/nvlist_send_recv_test.c b/lib/libnv/tests/nvlist_send_recv_test.c index 1b083c35d339..50222fbb8e39 100644 --- a/lib/libnv/tests/nvlist_send_recv_test.c +++ b/lib/libnv/tests/nvlist_send_recv_test.c @@ -1,342 +1,342 @@ /*- * Copyright (c) 2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD$ */ #include #include #include #include #include #include #include #include #include #include static int ntest = 1; #define CHECK(expr) do { \ if ((expr)) \ printf("ok # %d %s:%u\n", ntest, __FILE__, __LINE__); \ else \ printf("not ok # %d %s:%u\n", ntest, __FILE__, __LINE__);\ ntest++; \ } while (0) #define fd_is_valid(fd) (fcntl((fd), F_GETFL) != -1 || errno != EBADF) static void child(int sock) { nvlist_t *nvl; nvlist_t *empty; nvl = nvlist_create(0); empty = nvlist_create(0); nvlist_add_bool(nvl, "nvlist/bool/true", true); nvlist_add_bool(nvl, "nvlist/bool/false", false); nvlist_add_number(nvl, "nvlist/number/0", 0); nvlist_add_number(nvl, "nvlist/number/1", 1); nvlist_add_number(nvl, "nvlist/number/-1", -1); nvlist_add_number(nvl, "nvlist/number/UINT64_MAX", UINT64_MAX); nvlist_add_number(nvl, "nvlist/number/INT64_MIN", INT64_MIN); nvlist_add_number(nvl, "nvlist/number/INT64_MAX", INT64_MAX); nvlist_add_string(nvl, "nvlist/string/", ""); nvlist_add_string(nvl, "nvlist/string/x", "x"); nvlist_add_string(nvl, "nvlist/string/abcdefghijklmnopqrstuvwxyz", "abcdefghijklmnopqrstuvwxyz"); nvlist_add_descriptor(nvl, "nvlist/descriptor/STDERR_FILENO", STDERR_FILENO); nvlist_add_binary(nvl, "nvlist/binary/x", "x", 1); nvlist_add_binary(nvl, "nvlist/binary/abcdefghijklmnopqrstuvwxyz", "abcdefghijklmnopqrstuvwxyz", sizeof("abcdefghijklmnopqrstuvwxyz")); nvlist_move_nvlist(nvl, "nvlist/nvlist/empty", empty); nvlist_add_nvlist(nvl, "nvlist/nvlist", nvl); nvlist_send(sock, nvl); nvlist_destroy(nvl); } static void parent(int sock) { nvlist_t *nvl; const nvlist_t *cnvl, *empty; const char *name, *cname; void *cookie, *ccookie; int type, ctype; size_t size; - nvl = nvlist_recv(sock); + nvl = nvlist_recv(sock, 0); CHECK(nvlist_error(nvl) == 0); if (nvlist_error(nvl) != 0) err(1, "nvlist_recv() failed"); cookie = NULL; name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_BOOL); CHECK(strcmp(name, "nvlist/bool/true") == 0); CHECK(nvlist_get_bool(nvl, name) == true); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_BOOL); CHECK(strcmp(name, "nvlist/bool/false") == 0); CHECK(nvlist_get_bool(nvl, name) == false); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_NUMBER); CHECK(strcmp(name, "nvlist/number/0") == 0); CHECK(nvlist_get_number(nvl, name) == 0); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_NUMBER); CHECK(strcmp(name, "nvlist/number/1") == 0); CHECK(nvlist_get_number(nvl, name) == 1); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_NUMBER); CHECK(strcmp(name, "nvlist/number/-1") == 0); CHECK((int)nvlist_get_number(nvl, name) == -1); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_NUMBER); CHECK(strcmp(name, "nvlist/number/UINT64_MAX") == 0); CHECK(nvlist_get_number(nvl, name) == UINT64_MAX); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_NUMBER); CHECK(strcmp(name, "nvlist/number/INT64_MIN") == 0); CHECK((int64_t)nvlist_get_number(nvl, name) == INT64_MIN); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_NUMBER); CHECK(strcmp(name, "nvlist/number/INT64_MAX") == 0); CHECK((int64_t)nvlist_get_number(nvl, name) == INT64_MAX); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_STRING); CHECK(strcmp(name, "nvlist/string/") == 0); CHECK(strcmp(nvlist_get_string(nvl, name), "") == 0); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_STRING); CHECK(strcmp(name, "nvlist/string/x") == 0); CHECK(strcmp(nvlist_get_string(nvl, name), "x") == 0); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_STRING); CHECK(strcmp(name, "nvlist/string/abcdefghijklmnopqrstuvwxyz") == 0); CHECK(strcmp(nvlist_get_string(nvl, name), "abcdefghijklmnopqrstuvwxyz") == 0); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_DESCRIPTOR); CHECK(strcmp(name, "nvlist/descriptor/STDERR_FILENO") == 0); CHECK(fd_is_valid(nvlist_get_descriptor(nvl, name))); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_BINARY); CHECK(strcmp(name, "nvlist/binary/x") == 0); CHECK(memcmp(nvlist_get_binary(nvl, name, NULL), "x", 1) == 0); CHECK(memcmp(nvlist_get_binary(nvl, name, &size), "x", 1) == 0); CHECK(size == 1); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_BINARY); CHECK(strcmp(name, "nvlist/binary/abcdefghijklmnopqrstuvwxyz") == 0); CHECK(memcmp(nvlist_get_binary(nvl, name, NULL), "abcdefghijklmnopqrstuvwxyz", sizeof("abcdefghijklmnopqrstuvwxyz")) == 0); CHECK(memcmp(nvlist_get_binary(nvl, name, &size), "abcdefghijklmnopqrstuvwxyz", sizeof("abcdefghijklmnopqrstuvwxyz")) == 0); CHECK(size == sizeof("abcdefghijklmnopqrstuvwxyz")); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_NVLIST); CHECK(strcmp(name, "nvlist/nvlist/empty") == 0); cnvl = nvlist_get_nvlist(nvl, name); CHECK(nvlist_empty(cnvl)); name = nvlist_next(nvl, &type, &cookie); CHECK(name != NULL); CHECK(type == NV_TYPE_NVLIST); CHECK(strcmp(name, "nvlist/nvlist") == 0); cnvl = nvlist_get_nvlist(nvl, name); ccookie = NULL; cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_BOOL); CHECK(strcmp(cname, "nvlist/bool/true") == 0); CHECK(nvlist_get_bool(cnvl, cname) == true); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_BOOL); CHECK(strcmp(cname, "nvlist/bool/false") == 0); CHECK(nvlist_get_bool(cnvl, cname) == false); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_NUMBER); CHECK(strcmp(cname, "nvlist/number/0") == 0); CHECK(nvlist_get_number(cnvl, cname) == 0); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_NUMBER); CHECK(strcmp(cname, "nvlist/number/1") == 0); CHECK(nvlist_get_number(cnvl, cname) == 1); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_NUMBER); CHECK(strcmp(cname, "nvlist/number/-1") == 0); CHECK((int)nvlist_get_number(cnvl, cname) == -1); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_NUMBER); CHECK(strcmp(cname, "nvlist/number/UINT64_MAX") == 0); CHECK(nvlist_get_number(cnvl, cname) == UINT64_MAX); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_NUMBER); CHECK(strcmp(cname, "nvlist/number/INT64_MIN") == 0); CHECK((int64_t)nvlist_get_number(cnvl, cname) == INT64_MIN); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_NUMBER); CHECK(strcmp(cname, "nvlist/number/INT64_MAX") == 0); CHECK((int64_t)nvlist_get_number(cnvl, cname) == INT64_MAX); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_STRING); CHECK(strcmp(cname, "nvlist/string/") == 0); CHECK(strcmp(nvlist_get_string(cnvl, cname), "") == 0); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_STRING); CHECK(strcmp(cname, "nvlist/string/x") == 0); CHECK(strcmp(nvlist_get_string(cnvl, cname), "x") == 0); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_STRING); CHECK(strcmp(cname, "nvlist/string/abcdefghijklmnopqrstuvwxyz") == 0); CHECK(strcmp(nvlist_get_string(cnvl, cname), "abcdefghijklmnopqrstuvwxyz") == 0); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_DESCRIPTOR); CHECK(strcmp(cname, "nvlist/descriptor/STDERR_FILENO") == 0); CHECK(fd_is_valid(nvlist_get_descriptor(cnvl, cname))); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_BINARY); CHECK(strcmp(cname, "nvlist/binary/x") == 0); CHECK(memcmp(nvlist_get_binary(cnvl, cname, NULL), "x", 1) == 0); CHECK(memcmp(nvlist_get_binary(cnvl, cname, &size), "x", 1) == 0); CHECK(size == 1); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_BINARY); CHECK(strcmp(cname, "nvlist/binary/abcdefghijklmnopqrstuvwxyz") == 0); CHECK(memcmp(nvlist_get_binary(cnvl, cname, NULL), "abcdefghijklmnopqrstuvwxyz", sizeof("abcdefghijklmnopqrstuvwxyz")) == 0); CHECK(memcmp(nvlist_get_binary(cnvl, cname, &size), "abcdefghijklmnopqrstuvwxyz", sizeof("abcdefghijklmnopqrstuvwxyz")) == 0); CHECK(size == sizeof("abcdefghijklmnopqrstuvwxyz")); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname != NULL); CHECK(ctype == NV_TYPE_NVLIST); CHECK(strcmp(cname, "nvlist/nvlist/empty") == 0); empty = nvlist_get_nvlist(cnvl, cname); CHECK(nvlist_empty(empty)); cname = nvlist_next(cnvl, &ctype, &ccookie); CHECK(cname == NULL); name = nvlist_next(nvl, &type, &cookie); CHECK(name == NULL); } int main(void) { int status, socks[2]; pid_t pid; printf("1..134\n"); fflush(stdout); if (socketpair(PF_UNIX, SOCK_STREAM, 0, socks) < 0) err(1, "socketpair() failed"); pid = fork(); switch (pid) { case -1: /* Failure. */ err(1, "unable to fork"); case 0: /* Child. */ close(socks[0]); child(socks[1]); return (0); default: /* Parent. */ close(socks[1]); parent(socks[0]); break; } if (waitpid(pid, &status, 0) < 0) err(1, "waitpid() failed"); return (0); } diff --git a/sbin/casperd/casperd.c b/sbin/casperd/casperd.c index 4b9037b40e38..f83881107de7 100644 --- a/sbin/casperd/casperd.c +++ b/sbin/casperd/casperd.c @@ -1,715 +1,715 @@ /*- * Copyright (c) 2012 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "msgio.h" #include "zygote.h" #define CASPERD_PIDFILE "/var/run/casperd.pid" #define CASPERD_SERVCONFDIR "/etc/casper" #define CASPERD_SOCKPATH "/var/run/casper" typedef void service_function_t(struct service_connection *, const nvlist_t *, nvlist_t *); struct casper_service { const char *cs_name; const char *cs_execpath; struct service *cs_service; nvlist_t *cs_attrs; TAILQ_ENTRY(casper_service) cs_next; }; static TAILQ_HEAD(, casper_service) casper_services = TAILQ_HEAD_INITIALIZER(casper_services); #define SERVICE_IS_CORE(service) ((service)->cs_execpath == NULL) static void service_external_execute(int chanfd); #define KEEP_ERRNO(work) do { \ int _serrno; \ \ _serrno = errno; \ work; \ errno = _serrno; \ } while (0) static struct casper_service * service_find(const char *name) { struct casper_service *casserv; TAILQ_FOREACH(casserv, &casper_services, cs_next) { if (strcmp(casserv->cs_name, name) == 0) break; } return (casserv); } /* * Function always consumes the given attrs. */ static void service_register(nvlist_t *attrs) { struct casper_service *casserv; const char *name; PJDLOG_ASSERT(nvlist_exists_string(attrs, "name")); PJDLOG_ASSERT(nvlist_exists_string(attrs, "execpath") || (nvlist_exists_number(attrs, "commandfunc") && nvlist_exists_number(attrs, "limitfunc"))); name = nvlist_get_string(attrs, "name"); PJDLOG_ASSERT(name != NULL); if (name[0] == '\0') { pjdlog_error("Unable to register service with an empty name."); nvlist_destroy(attrs); return; } if (service_find(name) != NULL) { pjdlog_error("Service \"%s\" is already registered.", name); nvlist_destroy(attrs); return; } casserv = malloc(sizeof(*casserv)); if (casserv == NULL) { pjdlog_errno(LOG_ERR, "Unable to register service \"%s\"", name); nvlist_destroy(attrs); return; } casserv->cs_name = name; if (nvlist_exists_string(attrs, "execpath")) { struct stat sb; PJDLOG_ASSERT(!nvlist_exists_number(attrs, "commandfunc")); PJDLOG_ASSERT(!nvlist_exists_number(attrs, "limitfunc")); casserv->cs_service = NULL; casserv->cs_execpath = nvlist_get_string(attrs, "execpath"); if (casserv->cs_execpath == NULL || casserv->cs_execpath[0] == '\0') { pjdlog_error("Unable to register service with an empty execpath."); free(casserv); nvlist_destroy(attrs); return; } if (stat(casserv->cs_execpath, &sb) == -1) { pjdlog_errno(LOG_ERR, "Unable to register service \"%s\", problem with executable \"%s\"", name, casserv->cs_execpath); free(casserv); nvlist_destroy(attrs); return; } } else /* if (nvlist_exists_number(attrs, "commandfunc")) */ { PJDLOG_ASSERT(!nvlist_exists_string(attrs, "execpath")); casserv->cs_execpath = NULL; casserv->cs_service = service_alloc(name, (void *)(uintptr_t)nvlist_get_number(attrs, "limitfunc"), (void *)(uintptr_t)nvlist_get_number(attrs, "commandfunc")); if (casserv->cs_service == NULL) { pjdlog_errno(LOG_ERR, "Unable to register service \"%s\"", name); free(casserv); nvlist_destroy(attrs); return; } } casserv->cs_attrs = attrs; TAILQ_INSERT_TAIL(&casper_services, casserv, cs_next); pjdlog_debug(1, "Service %s successfully registered.", casserv->cs_name); } static bool casper_allowed_service(const nvlist_t *limits, const char *service) { if (limits == NULL) return (true); if (nvlist_exists_null(limits, service)) return (true); return (false); } static int casper_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits) { const char *name; int type; void *cookie; cookie = NULL; while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { if (type != NV_TYPE_NULL) return (EINVAL); if (!casper_allowed_service(oldlimits, name)) return (ENOTCAPABLE); } return (0); } static int casper_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, nvlist_t *nvlout) { struct casper_service *casserv; const char *servname; nvlist_t *nvl; int chanfd, execfd, procfd, error; if (strcmp(cmd, "open") != 0) return (EINVAL); if (!nvlist_exists_string(nvlin, "service")) return (EINVAL); servname = nvlist_get_string(nvlin, "service"); casserv = service_find(servname); if (casserv == NULL) return (ENOENT); if (!casper_allowed_service(limits, servname)) return (ENOTCAPABLE); #ifdef O_EXEC_WORKING execfd = open(casserv->cs_execpath, O_EXEC); #else execfd = open(casserv->cs_execpath, O_RDONLY); #endif if (execfd < -1) { error = errno; pjdlog_errno(LOG_ERR, "Unable to open executable '%s' of service '%s'", casserv->cs_execpath, casserv->cs_name); return (error); } if (zygote_clone(service_external_execute, 0, &chanfd, &procfd) == -1) { error = errno; close(execfd); return (error); } nvl = nvlist_create(0); nvlist_add_string(nvl, "service", casserv->cs_name); if (nvlist_exists_descriptor(nvlin, "stderrfd")) { nvlist_move_descriptor(nvl, "stderrfd", nvlist_take_descriptor(nvlin, "stderrfd")); } nvlist_move_descriptor(nvl, "execfd", execfd); nvlist_move_descriptor(nvl, "procfd", procfd); if (nvlist_send(chanfd, nvl) == -1) { error = errno; pjdlog_errno(LOG_ERR, "Unable to send nvlist"); nvlist_destroy(nvl); close(chanfd); return (error); } nvlist_destroy(nvl); nvlist_move_descriptor(nvlout, "chanfd", chanfd); return (0); } static void fdswap(int *fd0, int *fd1) { int tmpfd; PJDLOG_VERIFY((tmpfd = dup(*fd0)) != -1); PJDLOG_VERIFY(dup2(*fd1, *fd0) != -1); PJDLOG_VERIFY(dup2(tmpfd, *fd1) != -1); close(tmpfd); tmpfd = *fd0; *fd0 = *fd1; *fd1 = tmpfd; } static void fdmove(int *oldfdp, int newfd) { if (*oldfdp != newfd) { PJDLOG_VERIFY(dup2(*oldfdp, newfd) != -1); close(*oldfdp); *oldfdp = newfd; } } static void fdcloexec(int fd) { int flags; flags = fcntl(fd, F_GETFD); PJDLOG_ASSERT(flags != -1); if ((flags & FD_CLOEXEC) != 0) PJDLOG_VERIFY(fcntl(fd, F_SETFD, flags & ~FD_CLOEXEC) != -1); } static void service_register_core(void) { nvlist_t *nvl; nvl = nvlist_create(0); nvlist_add_string(nvl, "name", "core.casper"); nvlist_add_number(nvl, "limitfunc", (uint64_t)(uintptr_t)casper_limit); nvlist_add_number(nvl, "commandfunc", (uint64_t)(uintptr_t)casper_command); service_register(nvl); } static int setup_creds(int sock) { struct cmsgcred cred; if (cred_recv(sock, &cred) == -1) return (-1); if (setgroups((int)cred.cmcred_ngroups, cred.cmcred_groups) == -1) return (-1); if (setgid(cred.cmcred_groups[0]) == -1) return (-1); if (setuid(cred.cmcred_euid) == -1) return (-1); return (0); } static void service_external_execute(int chanfd) { char *service, *argv[3]; int stderrfd, execfd, procfd; nvlist_t *nvl; - nvl = nvlist_recv(chanfd); + nvl = nvlist_recv(chanfd, 0); if (nvl == NULL) pjdlog_exit(1, "Unable to receive nvlist"); service = nvlist_take_string(nvl, "service"); PJDLOG_ASSERT(service != NULL); if (nvlist_exists_descriptor(nvl, "stderrfd")) { stderrfd = nvlist_take_descriptor(nvl, "stderrfd"); } else { stderrfd = open(_PATH_DEVNULL, O_RDWR); if (stderrfd < 0) pjdlog_exit(1, "Unable to open %s", _PATH_DEVNULL); } execfd = nvlist_take_descriptor(nvl, "execfd"); procfd = nvlist_take_descriptor(nvl, "procfd"); nvlist_destroy(nvl); /* * Move all descriptors into right slots. */ if (stderrfd != STDERR_FILENO) { if (chanfd == STDERR_FILENO) fdswap(&stderrfd, &chanfd); else if (execfd == STDERR_FILENO) fdswap(&stderrfd, &execfd); else if (procfd == STDERR_FILENO) fdswap(&stderrfd, &procfd); fdmove(&stderrfd, STDERR_FILENO); } fdcloexec(stderrfd); if (chanfd != PARENT_FILENO) { if (execfd == PARENT_FILENO) fdswap(&chanfd, &execfd); else if (procfd == PARENT_FILENO) fdswap(&chanfd, &procfd); fdmove(&chanfd, PARENT_FILENO); } fdcloexec(chanfd); if (execfd != EXECUTABLE_FILENO) { if (procfd == EXECUTABLE_FILENO) fdswap(&execfd, &procfd); fdmove(&execfd, EXECUTABLE_FILENO); } fdcloexec(execfd); if (procfd != PROC_FILENO) fdmove(&procfd, PROC_FILENO); fdcloexec(procfd); /* * Use credentials of the caller process. */ setup_creds(chanfd); argv[0] = service; asprintf(&argv[1], "%d", pjdlog_debug_get()); argv[2] = NULL; fexecve(execfd, argv, NULL); pjdlog_exit(1, "Unable to execute service %s", service); } static void service_register_external_one(const char *dirpath, int dfd, const char *filename) { char execpath[FILENAME_MAX]; nvlist_t *nvl; ssize_t done; int fd; fd = openat(dfd, filename, O_RDONLY); if (fd == -1) { pjdlog_errno(LOG_ERR, "Unable to open \"%s/%s\"", dirpath, filename); return; } done = read(fd, execpath, sizeof(execpath)); if (done == -1) { pjdlog_errno(LOG_ERR, "Unable to read content of \"%s/%s\"", dirpath, filename); close(fd); return; } close(fd); if (done == sizeof(execpath)) { pjdlog_error("Executable path too long in \"%s/%s\".", dirpath, filename); return; } execpath[done] = '\0'; while (done > 0) { if (execpath[--done] == '\n') execpath[done] = '\0'; } nvl = nvlist_create(0); nvlist_add_string(nvl, "name", filename); nvlist_add_string(nvl, "execpath", execpath); if (nvlist_error(nvl) != 0) { pjdlog_common(LOG_ERR, 0, nvlist_error(nvl), "Unable to allocate attributes for service \"%s/%s\"", dirpath, filename); nvlist_destroy(nvl); return; } service_register(nvl); /* service_register() consumed nvl. */ } static uint8_t file_type(int dfd, const char *filename) { struct stat sb; if (fstatat(dfd, filename, &sb, AT_SYMLINK_NOFOLLOW) == -1) { pjdlog_errno(LOG_ERR, "Unable to stat \"%s\"", filename); return (DT_UNKNOWN); } return (IFTODT(sb.st_mode)); } static void service_register_external(const char *dirpath) { DIR *dirp; struct dirent *dp; int dfd; dirp = opendir(dirpath); if (dirp == NULL) { pjdlog_errno(LOG_WARNING, "Unable to open \"%s\"", dirpath); return; } dfd = dirfd(dirp); PJDLOG_ASSERT(dfd >= 0); while ((dp = readdir(dirp)) != NULL) { dp->d_type = file_type(dfd, dp->d_name); /* We are only interested in regular files, skip the rest. */ if (dp->d_type != DT_REG) { pjdlog_debug(1, "File \"%s/%s\" is not a regular file, skipping.", dirpath, dp->d_name); continue; } service_register_external_one(dirpath, dfd, dp->d_name); } closedir(dirp); } static void casper_accept(int lsock) { struct casper_service *casserv; struct service_connection *sconn; int sock; sock = accept(lsock, NULL, NULL); if (sock == -1) { pjdlog_errno(LOG_ERR, "Unable to accept casper connection"); return; } casserv = service_find("core.casper"); PJDLOG_ASSERT(casserv != NULL); sconn = service_connection_add(casserv->cs_service, sock, NULL); if (sconn == NULL) { close(sock); return; } } static void main_loop(const char *sockpath, struct pidfh *pfh) { fd_set fds; struct sockaddr_un sun; struct casper_service *casserv; struct service_connection *sconn, *sconntmp; int lsock, sock, maxfd, ret; mode_t oldumask; lsock = socket(AF_UNIX, SOCK_STREAM, 0); if (lsock == -1) pjdlog_exit(1, "Unable to create socket"); (void)unlink(sockpath); bzero(&sun, sizeof(sun)); sun.sun_family = AF_UNIX; PJDLOG_VERIFY(strlcpy(sun.sun_path, sockpath, sizeof(sun.sun_path)) < sizeof(sun.sun_path)); sun.sun_len = SUN_LEN(&sun); oldumask = umask(S_IXUSR | S_IXGRP | S_IXOTH); if (bind(lsock, (struct sockaddr *)&sun, sizeof(sun)) == -1) pjdlog_exit(1, "Unable to bind to %s", sockpath); (void)umask(oldumask); if (listen(lsock, 8) == -1) pjdlog_exit(1, "Unable to listen on %s", sockpath); for (;;) { FD_ZERO(&fds); FD_SET(lsock, &fds); maxfd = lsock; TAILQ_FOREACH(casserv, &casper_services, cs_next) { /* We handle only core services. */ if (!SERVICE_IS_CORE(casserv)) continue; for (sconn = service_connection_first(casserv->cs_service); sconn != NULL; sconn = service_connection_next(sconn)) { sock = service_connection_get_sock(sconn); FD_SET(sock, &fds); maxfd = sock > maxfd ? sock : maxfd; } } maxfd++; PJDLOG_ASSERT(maxfd <= (int)FD_SETSIZE); ret = select(maxfd, &fds, NULL, NULL, NULL); PJDLOG_ASSERT(ret == -1 || ret > 0); /* select() cannot timeout */ if (ret == -1) { if (errno == EINTR) continue; KEEP_ERRNO((void)pidfile_remove(pfh)); pjdlog_exit(1, "select() failed"); } if (FD_ISSET(lsock, &fds)) casper_accept(lsock); TAILQ_FOREACH(casserv, &casper_services, cs_next) { /* We handle only core services. */ if (!SERVICE_IS_CORE(casserv)) continue; for (sconn = service_connection_first(casserv->cs_service); sconn != NULL; sconn = sconntmp) { /* * Prepare for connection to be removed from * the list on failure. */ sconntmp = service_connection_next(sconn); sock = service_connection_get_sock(sconn); if (FD_ISSET(sock, &fds)) { service_message(casserv->cs_service, sconn); } } } } } static void usage(void) { pjdlog_exitx(1, "usage: casperd [-Fhv] [-D servconfdir] [-P pidfile] [-S sockpath]"); } int main(int argc, char *argv[]) { struct pidfh *pfh; const char *pidfile, *servconfdir, *sockpath; pid_t otherpid; int ch, debug; bool foreground; pjdlog_init(PJDLOG_MODE_STD); debug = 0; foreground = false; pidfile = CASPERD_PIDFILE; servconfdir = CASPERD_SERVCONFDIR; sockpath = CASPERD_SOCKPATH; while ((ch = getopt(argc, argv, "D:FhP:S:v")) != -1) { switch (ch) { case 'D': servconfdir = optarg; break; case 'F': foreground = true; break; case 'P': pidfile = optarg; break; case 'S': sockpath = optarg; break; case 'v': debug++; break; case 'h': default: usage(); } } argc -= optind; argv += optind; if (argc != 0) usage(); if (!foreground) pjdlog_mode_set(PJDLOG_MODE_SYSLOG); pjdlog_prefix_set("(casperd) "); pjdlog_debug_set(debug); if (zygote_init() < 0) pjdlog_exit(1, "Unable to create zygote process"); pfh = pidfile_open(pidfile, 0600, &otherpid); if (pfh == NULL) { if (errno == EEXIST) { pjdlog_exitx(1, "casperd already running, pid: %jd.", (intmax_t)otherpid); } pjdlog_errno(LOG_WARNING, "Cannot open or create pidfile %s", pidfile); } if (!foreground) { if (daemon(0, 0) == -1) { KEEP_ERRNO((void)pidfile_remove(pfh)); pjdlog_exit(1, "Unable to go into background"); } } /* Write PID to a file. */ if (pidfile_write(pfh) == -1) { pjdlog_errno(LOG_WARNING, "Unable to write to pidfile %s", pidfile); } else { pjdlog_debug(1, "PID stored in %s.", pidfile); } /* * Register core services. */ service_register_core(); /* * Register external services. */ service_register_external(servconfdir); /* * Wait for connections. */ main_loop(sockpath, pfh); } diff --git a/sbin/casperd/zygote.c b/sbin/casperd/zygote.c index be3d9e5eee4c..c460bd322b92 100644 --- a/sbin/casperd/zygote.c +++ b/sbin/casperd/zygote.c @@ -1,229 +1,229 @@ /*- * Copyright (c) 2012 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "zygote.h" /* Zygote info. */ static int zygote_sock = -1; static void stdnull(void) { int fd; fd = open(_PATH_DEVNULL, O_RDWR); if (fd == -1) errx(1, "Unable to open %s", _PATH_DEVNULL); if (setsid() == -1) errx(1, "Unable to detach from session"); if (dup2(fd, STDIN_FILENO) == -1) errx(1, "Unable to cover stdin"); if (dup2(fd, STDOUT_FILENO) == -1) errx(1, "Unable to cover stdout"); if (dup2(fd, STDERR_FILENO) == -1) errx(1, "Unable to cover stderr"); close(fd); } int zygote_clone(zygote_func_t *func, int flags, int *chanfdp, int *procfdp) { nvlist_t *nvl; int error; if (zygote_sock == -1) { /* Zygote didn't start. */ errno = ENXIO; return (-1); } nvl = nvlist_create(0); nvlist_add_number(nvl, "func", (uint64_t)(uintptr_t)func); nvlist_add_number(nvl, "flags", (uint64_t)flags); - nvl = nvlist_xfer(zygote_sock, nvl); + nvl = nvlist_xfer(zygote_sock, nvl, 0); if (nvl == NULL) return (-1); if (nvlist_exists_number(nvl, "error")) { error = (int)nvlist_get_number(nvl, "error"); nvlist_destroy(nvl); errno = error; return (-1); } *chanfdp = nvlist_take_descriptor(nvl, "chanfd"); *procfdp = nvlist_take_descriptor(nvl, "procfd"); nvlist_destroy(nvl); return (0); } /* * This function creates sandboxes on-demand whoever has access to it via * 'sock' socket. Function sends two descriptors to the caller: process * descriptor of the sandbox and socket pair descriptor for communication * between sandbox and its owner. */ static void zygote_main(int sock) { int error, fd, flags, procfd; int chanfd[2]; nvlist_t *nvlin, *nvlout; zygote_func_t *func; pid_t pid; assert(sock > STDERR_FILENO); setproctitle("zygote"); if (pjdlog_mode_get() != PJDLOG_MODE_STD) stdnull(); for (fd = STDERR_FILENO + 1; fd < sock; fd++) close(fd); closefrom(sock + 1); for (;;) { - nvlin = nvlist_recv(sock); + nvlin = nvlist_recv(sock, 0); if (nvlin == NULL) { if (errno == ENOTCONN) { /* Casperd exited. */ exit(0); } continue; } func = (zygote_func_t *)(uintptr_t)nvlist_get_number(nvlin, "func"); flags = (int)nvlist_get_number(nvlin, "flags"); nvlist_destroy(nvlin); /* * Someone is requesting a new process, create one. */ procfd = -1; chanfd[0] = -1; chanfd[1] = -1; error = 0; if (socketpair(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0, chanfd) == -1) { error = errno; goto send; } pid = pdfork(&procfd, 0); switch (pid) { case -1: /* Failure. */ error = errno; break; case 0: /* Child. */ close(sock); close(chanfd[0]); func(chanfd[1]); /* NOTREACHED */ exit(1); default: /* Parent. */ close(chanfd[1]); break; } send: nvlout = nvlist_create(0); if (error != 0) { nvlist_add_number(nvlout, "error", (uint64_t)error); if (chanfd[0] >= 0) close(chanfd[0]); if (procfd >= 0) close(procfd); } else { nvlist_move_descriptor(nvlout, "chanfd", chanfd[0]); nvlist_move_descriptor(nvlout, "procfd", procfd); } (void)nvlist_send(sock, nvlout); nvlist_destroy(nvlout); } /* NOTREACHED */ } int zygote_init(void) { int serrno, sp[2]; pid_t pid; if (socketpair(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0, sp) == -1) return (-1); pid = fork(); switch (pid) { case -1: /* Failure. */ serrno = errno; close(sp[0]); close(sp[1]); errno = serrno; return (-1); case 0: /* Child. */ close(sp[0]); zygote_main(sp[1]); /* NOTREACHED */ abort(); default: /* Parent. */ zygote_sock = sp[0]; close(sp[1]); return (0); } /* NOTREACHED */ } diff --git a/sys/dev/pci/pci_iov.c b/sys/dev/pci/pci_iov.c index e256a5d126f1..4672e55e5996 100644 --- a/sys/dev/pci/pci_iov.c +++ b/sys/dev/pci/pci_iov.c @@ -1,980 +1,980 @@ /*- * Copyright (c) 2013-2015 Sandvine Inc. All rights reserved. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include "opt_bus.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "pci_if.h" #include "pcib_if.h" static MALLOC_DEFINE(M_SRIOV, "sr_iov", "PCI SR-IOV allocations"); static d_ioctl_t pci_iov_ioctl; static struct cdevsw iov_cdevsw = { .d_version = D_VERSION, .d_name = "iov", .d_ioctl = pci_iov_ioctl }; SYSCTL_DECL(_hw_pci); /* * The maximum amount of memory we will allocate for user configuration of an * SR-IOV device. 1MB ought to be enough for anyone, but leave this * configurable just in case. */ static u_long pci_iov_max_config = 1024 * 1024; SYSCTL_ULONG(_hw_pci, OID_AUTO, iov_max_config, CTLFLAG_RWTUN, &pci_iov_max_config, 0, "Maximum allowed size of SR-IOV configuration."); #define IOV_READ(d, r, w) \ pci_read_config((d)->cfg.dev, (d)->cfg.iov->iov_pos + r, w) #define IOV_WRITE(d, r, v, w) \ pci_write_config((d)->cfg.dev, (d)->cfg.iov->iov_pos + r, v, w) static nvlist_t *pci_iov_build_schema(nvlist_t **pf_schema, nvlist_t **vf_schema); static void pci_iov_build_pf_schema(nvlist_t *schema, nvlist_t **driver_schema); static void pci_iov_build_vf_schema(nvlist_t *schema, nvlist_t **driver_schema); static nvlist_t *pci_iov_get_pf_subsystem_schema(void); static nvlist_t *pci_iov_get_vf_subsystem_schema(void); int pci_iov_attach_method(device_t bus, device_t dev, nvlist_t *pf_schema, nvlist_t *vf_schema) { device_t pcib; struct pci_devinfo *dinfo; struct pcicfg_iov *iov; nvlist_t *schema; uint32_t version; int error; int iov_pos; dinfo = device_get_ivars(dev); pcib = device_get_parent(bus); schema = NULL; error = pci_find_extcap(dev, PCIZ_SRIOV, &iov_pos); if (error != 0) return (error); version = pci_read_config(dev, iov_pos, 4); if (PCI_EXTCAP_VER(version) != 1) { if (bootverbose) device_printf(dev, "Unsupported version of SR-IOV (%d) detected\n", PCI_EXTCAP_VER(version)); return (ENXIO); } iov = malloc(sizeof(*dinfo->cfg.iov), M_SRIOV, M_WAITOK | M_ZERO); mtx_lock(&Giant); if (dinfo->cfg.iov != NULL) { error = EBUSY; goto cleanup; } iov->iov_pos = iov_pos; schema = pci_iov_build_schema(&pf_schema, &vf_schema); if (schema == NULL) { error = ENOMEM; goto cleanup; } error = pci_iov_validate_schema(schema); if (error != 0) goto cleanup; iov->iov_schema = schema; iov->iov_cdev = make_dev(&iov_cdevsw, device_get_unit(dev), UID_ROOT, GID_WHEEL, 0600, "iov/%s", device_get_nameunit(dev)); if (iov->iov_cdev == NULL) { error = ENOMEM; goto cleanup; } dinfo->cfg.iov = iov; iov->iov_cdev->si_drv1 = dinfo; mtx_unlock(&Giant); return (0); cleanup: nvlist_destroy(schema); nvlist_destroy(pf_schema); nvlist_destroy(vf_schema); free(iov, M_SRIOV); mtx_unlock(&Giant); return (error); } int pci_iov_detach_method(device_t bus, device_t dev) { struct pci_devinfo *dinfo; struct pcicfg_iov *iov; mtx_lock(&Giant); dinfo = device_get_ivars(dev); iov = dinfo->cfg.iov; if (iov == NULL) { mtx_unlock(&Giant); return (0); } if (iov->iov_num_vfs != 0 || iov->iov_flags & IOV_BUSY) { mtx_unlock(&Giant); return (EBUSY); } dinfo->cfg.iov = NULL; if (iov->iov_cdev) { destroy_dev(iov->iov_cdev); iov->iov_cdev = NULL; } nvlist_destroy(iov->iov_schema); free(iov, M_SRIOV); mtx_unlock(&Giant); return (0); } static nvlist_t * pci_iov_build_schema(nvlist_t **pf, nvlist_t **vf) { nvlist_t *schema, *pf_driver, *vf_driver; /* We always take ownership of the schemas. */ pf_driver = *pf; *pf = NULL; vf_driver = *vf; *vf = NULL; schema = pci_iov_schema_alloc_node(); if (schema == NULL) goto cleanup; pci_iov_build_pf_schema(schema, &pf_driver); pci_iov_build_vf_schema(schema, &vf_driver); if (nvlist_error(schema) != 0) goto cleanup; return (schema); cleanup: nvlist_destroy(schema); nvlist_destroy(pf_driver); nvlist_destroy(vf_driver); return (NULL); } static void pci_iov_build_pf_schema(nvlist_t *schema, nvlist_t **driver_schema) { nvlist_t *pf_schema, *iov_schema; pf_schema = pci_iov_schema_alloc_node(); if (pf_schema == NULL) { nvlist_set_error(schema, ENOMEM); return; } iov_schema = pci_iov_get_pf_subsystem_schema(); /* * Note that if either *driver_schema or iov_schema is NULL, then * nvlist_move_nvlist will put the schema in the error state and * SR-IOV will fail to initialize later, so we don't have to explicitly * handle that case. */ nvlist_move_nvlist(pf_schema, DRIVER_CONFIG_NAME, *driver_schema); nvlist_move_nvlist(pf_schema, IOV_CONFIG_NAME, iov_schema); nvlist_move_nvlist(schema, PF_CONFIG_NAME, pf_schema); *driver_schema = NULL; } static void pci_iov_build_vf_schema(nvlist_t *schema, nvlist_t **driver_schema) { nvlist_t *vf_schema, *iov_schema; vf_schema = pci_iov_schema_alloc_node(); if (vf_schema == NULL) { nvlist_set_error(schema, ENOMEM); return; } iov_schema = pci_iov_get_vf_subsystem_schema(); /* * Note that if either *driver_schema or iov_schema is NULL, then * nvlist_move_nvlist will put the schema in the error state and * SR-IOV will fail to initialize later, so we don't have to explicitly * handle that case. */ nvlist_move_nvlist(vf_schema, DRIVER_CONFIG_NAME, *driver_schema); nvlist_move_nvlist(vf_schema, IOV_CONFIG_NAME, iov_schema); nvlist_move_nvlist(schema, VF_SCHEMA_NAME, vf_schema); *driver_schema = NULL; } static nvlist_t * pci_iov_get_pf_subsystem_schema(void) { nvlist_t *pf; pf = pci_iov_schema_alloc_node(); if (pf == NULL) return (NULL); pci_iov_schema_add_uint16(pf, "num_vfs", IOV_SCHEMA_REQUIRED, -1); pci_iov_schema_add_string(pf, "device", IOV_SCHEMA_REQUIRED, NULL); return (pf); } static nvlist_t * pci_iov_get_vf_subsystem_schema(void) { nvlist_t *vf; vf = pci_iov_schema_alloc_node(); if (vf == NULL) return (NULL); pci_iov_schema_add_bool(vf, "passthrough", IOV_SCHEMA_HASDEFAULT, 0); return (vf); } static int pci_iov_alloc_bar(struct pci_devinfo *dinfo, int bar, pci_addr_t bar_shift) { struct resource *res; struct pcicfg_iov *iov; device_t dev, bus; u_long start, end; pci_addr_t bar_size; int rid; iov = dinfo->cfg.iov; dev = dinfo->cfg.dev; bus = device_get_parent(dev); rid = iov->iov_pos + PCIR_SRIOV_BAR(bar); bar_size = 1 << bar_shift; res = pci_alloc_multi_resource(bus, dev, SYS_RES_MEMORY, &rid, 0ul, ~0ul, 1, iov->iov_num_vfs, RF_ACTIVE); if (res == NULL) return (ENXIO); iov->iov_bar[bar].res = res; iov->iov_bar[bar].bar_size = bar_size; iov->iov_bar[bar].bar_shift = bar_shift; start = rman_get_start(res); end = rman_get_end(res); return (rman_manage_region(&iov->rman, start, end)); } static void pci_iov_add_bars(struct pcicfg_iov *iov, struct pci_devinfo *dinfo) { struct pci_iov_bar *bar; uint64_t bar_start; int i; for (i = 0; i <= PCIR_MAX_BAR_0; i++) { bar = &iov->iov_bar[i]; if (bar->res != NULL) { bar_start = rman_get_start(bar->res) + dinfo->cfg.vf.index * bar->bar_size; pci_add_bar(dinfo->cfg.dev, PCIR_BAR(i), bar_start, bar->bar_shift); } } } static int pci_iov_parse_config(struct pcicfg_iov *iov, struct pci_iov_arg *arg, nvlist_t **ret) { void *packed_config; nvlist_t *config; int error; config = NULL; packed_config = NULL; if (arg->len > pci_iov_max_config) { error = EMSGSIZE; goto out; } packed_config = malloc(arg->len, M_SRIOV, M_WAITOK); error = copyin(arg->config, packed_config, arg->len); if (error != 0) goto out; - config = nvlist_unpack(packed_config, arg->len); + config = nvlist_unpack(packed_config, arg->len, NV_FLAG_IGNORE_CASE); if (config == NULL) { error = EINVAL; goto out; } error = pci_iov_schema_validate_config(iov->iov_schema, config); if (error != 0) goto out; error = nvlist_error(config); if (error != 0) goto out; *ret = config; config = NULL; out: nvlist_destroy(config); free(packed_config, M_SRIOV); return (error); } /* * Set the ARI_EN bit in the lowest-numbered PCI function with the SR-IOV * capability. This bit is only writeable on the lowest-numbered PF but * affects all PFs on the device. */ static int pci_iov_set_ari(device_t bus) { device_t lowest; device_t *devlist; int i, error, devcount, lowest_func, lowest_pos, iov_pos, dev_func; uint16_t iov_ctl; /* If ARI is disabled on the downstream port there is nothing to do. */ if (!PCIB_ARI_ENABLED(device_get_parent(bus))) return (0); error = device_get_children(bus, &devlist, &devcount); if (error != 0) return (error); lowest = NULL; for (i = 0; i < devcount; i++) { if (pci_find_extcap(devlist[i], PCIZ_SRIOV, &iov_pos) == 0) { dev_func = pci_get_function(devlist[i]); if (lowest == NULL || dev_func < lowest_func) { lowest = devlist[i]; lowest_func = dev_func; lowest_pos = iov_pos; } } } /* * If we called this function some device must have the SR-IOV * capability. */ KASSERT(lowest != NULL, ("Could not find child of %s with SR-IOV capability", device_get_nameunit(bus))); iov_ctl = pci_read_config(lowest, iov_pos + PCIR_SRIOV_CTL, 2); iov_ctl |= PCIM_SRIOV_ARI_EN; pci_write_config(lowest, iov_pos + PCIR_SRIOV_CTL, iov_ctl, 2); free(devlist, M_TEMP); return (0); } static int pci_iov_config_page_size(struct pci_devinfo *dinfo) { uint32_t page_cap, page_size; page_cap = IOV_READ(dinfo, PCIR_SRIOV_PAGE_CAP, 4); /* * If the system page size is less than the smallest SR-IOV page size * then round up to the smallest SR-IOV page size. */ if (PAGE_SHIFT < PCI_SRIOV_BASE_PAGE_SHIFT) page_size = (1 << 0); else page_size = (1 << (PAGE_SHIFT - PCI_SRIOV_BASE_PAGE_SHIFT)); /* Check that the device supports the system page size. */ if (!(page_size & page_cap)) return (ENXIO); IOV_WRITE(dinfo, PCIR_SRIOV_PAGE_SIZE, page_size, 4); return (0); } static int pci_init_iov(device_t dev, uint16_t num_vfs, const nvlist_t *config) { const nvlist_t *device, *driver_config; device = nvlist_get_nvlist(config, PF_CONFIG_NAME); driver_config = nvlist_get_nvlist(device, DRIVER_CONFIG_NAME); return (PCI_INIT_IOV(dev, num_vfs, driver_config)); } static int pci_iov_init_rman(device_t pf, struct pcicfg_iov *iov) { int error; iov->rman.rm_start = 0; iov->rman.rm_end = ~0ul; iov->rman.rm_type = RMAN_ARRAY; snprintf(iov->rman_name, sizeof(iov->rman_name), "%s VF I/O memory", device_get_nameunit(pf)); iov->rman.rm_descr = iov->rman_name; error = rman_init(&iov->rman); if (error != 0) return (error); iov->iov_flags |= IOV_RMAN_INITED; return (0); } static int pci_iov_setup_bars(struct pci_devinfo *dinfo) { device_t dev; struct pcicfg_iov *iov; pci_addr_t bar_value, testval; int i, last_64, error; iov = dinfo->cfg.iov; dev = dinfo->cfg.dev; last_64 = 0; for (i = 0; i <= PCIR_MAX_BAR_0; i++) { /* * If a PCI BAR is a 64-bit wide BAR, then it spans two * consecutive registers. Therefore if the last BAR that * we looked at was a 64-bit BAR, we need to skip this * register as it's the second half of the last BAR. */ if (!last_64) { pci_read_bar(dev, iov->iov_pos + PCIR_SRIOV_BAR(i), &bar_value, &testval, &last_64); if (testval != 0) { error = pci_iov_alloc_bar(dinfo, i, pci_mapsize(testval)); if (error != 0) return (error); } } else last_64 = 0; } return (0); } static void pci_iov_enumerate_vfs(struct pci_devinfo *dinfo, const nvlist_t *config, uint16_t first_rid, uint16_t rid_stride) { char device_name[VF_MAX_NAME]; const nvlist_t *device, *driver_config, *iov_config; device_t bus, dev, vf; struct pcicfg_iov *iov; struct pci_devinfo *vfinfo; size_t size; int i, error; uint16_t vid, did, next_rid; iov = dinfo->cfg.iov; dev = dinfo->cfg.dev; bus = device_get_parent(dev); size = dinfo->cfg.devinfo_size; next_rid = first_rid; vid = pci_get_vendor(dev); did = IOV_READ(dinfo, PCIR_SRIOV_VF_DID, 2); for (i = 0; i < iov->iov_num_vfs; i++, next_rid += rid_stride) { snprintf(device_name, sizeof(device_name), VF_PREFIX"%d", i); device = nvlist_get_nvlist(config, device_name); iov_config = nvlist_get_nvlist(device, IOV_CONFIG_NAME); driver_config = nvlist_get_nvlist(device, DRIVER_CONFIG_NAME); vf = PCI_CREATE_IOV_CHILD(bus, dev, next_rid, vid, did); if (vf == NULL) break; /* * If we are creating passthrough devices then force the ppt * driver to attach to prevent a VF driver from claiming the * VFs. */ if (nvlist_get_bool(iov_config, "passthrough")) device_set_devclass_fixed(vf, "ppt"); vfinfo = device_get_ivars(vf); vfinfo->cfg.iov = iov; vfinfo->cfg.vf.index = i; pci_iov_add_bars(iov, vfinfo); error = PCI_ADD_VF(dev, i, driver_config); if (error != 0) { device_printf(dev, "Failed to add VF %d\n", i); pci_delete_child(bus, vf); } } bus_generic_attach(bus); } static int pci_iov_config(struct cdev *cdev, struct pci_iov_arg *arg) { device_t bus, dev; struct pci_devinfo *dinfo; struct pcicfg_iov *iov; nvlist_t *config; int i, error; uint16_t rid_off, rid_stride; uint16_t first_rid, last_rid; uint16_t iov_ctl; uint16_t num_vfs, total_vfs; int iov_inited; mtx_lock(&Giant); dinfo = cdev->si_drv1; iov = dinfo->cfg.iov; dev = dinfo->cfg.dev; bus = device_get_parent(dev); iov_inited = 0; config = NULL; if ((iov->iov_flags & IOV_BUSY) || iov->iov_num_vfs != 0) { mtx_unlock(&Giant); return (EBUSY); } iov->iov_flags |= IOV_BUSY; error = pci_iov_parse_config(iov, arg, &config); if (error != 0) goto out; num_vfs = pci_iov_config_get_num_vfs(config); total_vfs = IOV_READ(dinfo, PCIR_SRIOV_TOTAL_VFS, 2); if (num_vfs > total_vfs) { error = EINVAL; goto out; } error = pci_iov_config_page_size(dinfo); if (error != 0) goto out; error = pci_iov_set_ari(bus); if (error != 0) goto out; error = pci_init_iov(dev, num_vfs, config); if (error != 0) goto out; iov_inited = 1; IOV_WRITE(dinfo, PCIR_SRIOV_NUM_VFS, num_vfs, 2); rid_off = IOV_READ(dinfo, PCIR_SRIOV_VF_OFF, 2); rid_stride = IOV_READ(dinfo, PCIR_SRIOV_VF_STRIDE, 2); first_rid = pci_get_rid(dev) + rid_off; last_rid = first_rid + (num_vfs - 1) * rid_stride; /* We don't yet support allocating extra bus numbers for VFs. */ if (pci_get_bus(dev) != PCI_RID2BUS(last_rid)) { error = ENOSPC; goto out; } iov_ctl = IOV_READ(dinfo, PCIR_SRIOV_CTL, 2); iov_ctl &= ~(PCIM_SRIOV_VF_EN | PCIM_SRIOV_VF_MSE); IOV_WRITE(dinfo, PCIR_SRIOV_CTL, iov_ctl, 2); error = pci_iov_init_rman(dev, iov); if (error != 0) goto out; iov->iov_num_vfs = num_vfs; error = pci_iov_setup_bars(dinfo); if (error != 0) goto out; iov_ctl = IOV_READ(dinfo, PCIR_SRIOV_CTL, 2); iov_ctl |= PCIM_SRIOV_VF_EN | PCIM_SRIOV_VF_MSE; IOV_WRITE(dinfo, PCIR_SRIOV_CTL, iov_ctl, 2); /* Per specification, we must wait 100ms before accessing VFs. */ pause("iov", roundup(hz, 10)); pci_iov_enumerate_vfs(dinfo, config, first_rid, rid_stride); nvlist_destroy(config); iov->iov_flags &= ~IOV_BUSY; mtx_unlock(&Giant); return (0); out: if (iov_inited) PCI_UNINIT_IOV(dev); for (i = 0; i <= PCIR_MAX_BAR_0; i++) { if (iov->iov_bar[i].res != NULL) { pci_release_resource(bus, dev, SYS_RES_MEMORY, iov->iov_pos + PCIR_SRIOV_BAR(i), iov->iov_bar[i].res); pci_delete_resource(bus, dev, SYS_RES_MEMORY, iov->iov_pos + PCIR_SRIOV_BAR(i)); iov->iov_bar[i].res = NULL; } } if (iov->iov_flags & IOV_RMAN_INITED) { rman_fini(&iov->rman); iov->iov_flags &= ~IOV_RMAN_INITED; } nvlist_destroy(config); iov->iov_num_vfs = 0; iov->iov_flags &= ~IOV_BUSY; mtx_unlock(&Giant); return (error); } /* Return true if child is a VF of the given PF. */ static int pci_iov_is_child_vf(struct pcicfg_iov *pf, device_t child) { struct pci_devinfo *vfinfo; vfinfo = device_get_ivars(child); if (!(vfinfo->cfg.flags & PCICFG_VF)) return (0); return (pf == vfinfo->cfg.iov); } static int pci_iov_delete(struct cdev *cdev) { device_t bus, dev, vf, *devlist; struct pci_devinfo *dinfo; struct pcicfg_iov *iov; int i, error, devcount; uint32_t iov_ctl; mtx_lock(&Giant); dinfo = cdev->si_drv1; iov = dinfo->cfg.iov; dev = dinfo->cfg.dev; bus = device_get_parent(dev); devlist = NULL; if (iov->iov_flags & IOV_BUSY) { mtx_unlock(&Giant); return (EBUSY); } if (iov->iov_num_vfs == 0) { mtx_unlock(&Giant); return (ECHILD); } iov->iov_flags |= IOV_BUSY; error = device_get_children(bus, &devlist, &devcount); if (error != 0) goto out; for (i = 0; i < devcount; i++) { vf = devlist[i]; if (!pci_iov_is_child_vf(iov, vf)) continue; error = device_detach(vf); if (error != 0) { device_printf(dev, "Could not disable SR-IOV: failed to detach VF %s\n", device_get_nameunit(vf)); goto out; } } for (i = 0; i < devcount; i++) { vf = devlist[i]; if (pci_iov_is_child_vf(iov, vf)) pci_delete_child(bus, vf); } PCI_UNINIT_IOV(dev); iov_ctl = IOV_READ(dinfo, PCIR_SRIOV_CTL, 2); iov_ctl &= ~(PCIM_SRIOV_VF_EN | PCIM_SRIOV_VF_MSE); IOV_WRITE(dinfo, PCIR_SRIOV_CTL, iov_ctl, 2); IOV_WRITE(dinfo, PCIR_SRIOV_NUM_VFS, 0, 2); iov->iov_num_vfs = 0; for (i = 0; i <= PCIR_MAX_BAR_0; i++) { if (iov->iov_bar[i].res != NULL) { pci_release_resource(bus, dev, SYS_RES_MEMORY, iov->iov_pos + PCIR_SRIOV_BAR(i), iov->iov_bar[i].res); pci_delete_resource(bus, dev, SYS_RES_MEMORY, iov->iov_pos + PCIR_SRIOV_BAR(i)); iov->iov_bar[i].res = NULL; } } if (iov->iov_flags & IOV_RMAN_INITED) { rman_fini(&iov->rman); iov->iov_flags &= ~IOV_RMAN_INITED; } error = 0; out: free(devlist, M_TEMP); iov->iov_flags &= ~IOV_BUSY; mtx_unlock(&Giant); return (error); } static int pci_iov_get_schema_ioctl(struct cdev *cdev, struct pci_iov_schema *output) { struct pci_devinfo *dinfo; void *packed; size_t output_len, size; int error; packed = NULL; mtx_lock(&Giant); dinfo = cdev->si_drv1; packed = nvlist_pack(dinfo->cfg.iov->iov_schema, &size); mtx_unlock(&Giant); if (packed == NULL) { error = ENOMEM; goto fail; } output_len = output->len; output->len = size; if (size <= output_len) { error = copyout(packed, output->schema, size); if (error != 0) goto fail; output->error = 0; } else /* * If we return an error then the ioctl code won't copyout * output back to userland, so we flag the error in the struct * instead. */ output->error = EMSGSIZE; error = 0; fail: free(packed, M_NVLIST); return (error); } static int pci_iov_ioctl(struct cdev *dev, u_long cmd, caddr_t data, int fflag, struct thread *td) { switch (cmd) { case IOV_CONFIG: return (pci_iov_config(dev, (struct pci_iov_arg *)data)); case IOV_DELETE: return (pci_iov_delete(dev)); case IOV_GET_SCHEMA: return (pci_iov_get_schema_ioctl(dev, (struct pci_iov_schema *)data)); default: return (EINVAL); } } struct resource * pci_vf_alloc_mem_resource(device_t dev, device_t child, int *rid, u_long start, u_long end, u_long count, u_int flags) { struct pci_devinfo *dinfo; struct pcicfg_iov *iov; struct pci_map *map; struct resource *res; struct resource_list_entry *rle; u_long bar_start, bar_end; pci_addr_t bar_length; int error; dinfo = device_get_ivars(child); iov = dinfo->cfg.iov; map = pci_find_bar(child, *rid); if (map == NULL) return (NULL); bar_length = 1 << map->pm_size; bar_start = map->pm_value; bar_end = bar_start + bar_length - 1; /* Make sure that the resource fits the constraints. */ if (bar_start >= end || bar_end <= bar_start || count != 1) return (NULL); /* Clamp the resource to the constraints if necessary. */ if (bar_start < start) bar_start = start; if (bar_end > end) bar_end = end; bar_length = bar_end - bar_start + 1; res = rman_reserve_resource(&iov->rman, bar_start, bar_end, bar_length, flags, child); if (res == NULL) return (NULL); rle = resource_list_add(&dinfo->resources, SYS_RES_MEMORY, *rid, bar_start, bar_end, 1); if (rle == NULL) { rman_release_resource(res); return (NULL); } rman_set_rid(res, *rid); if (flags & RF_ACTIVE) { error = bus_activate_resource(child, SYS_RES_MEMORY, *rid, res); if (error != 0) { resource_list_delete(&dinfo->resources, SYS_RES_MEMORY, *rid); rman_release_resource(res); return (NULL); } } rle->res = res; return (res); } int pci_vf_release_mem_resource(device_t dev, device_t child, int rid, struct resource *r) { struct pci_devinfo *dinfo; struct resource_list_entry *rle; int error; dinfo = device_get_ivars(child); if (rman_get_flags(r) & RF_ACTIVE) { error = bus_deactivate_resource(child, SYS_RES_MEMORY, rid, r); if (error != 0) return (error); } rle = resource_list_find(&dinfo->resources, SYS_RES_MEMORY, rid); if (rle != NULL) { rle->res = NULL; resource_list_delete(&dinfo->resources, SYS_RES_MEMORY, rid); } return (rman_release_resource(r)); } diff --git a/sys/kern/subr_nvlist.c b/sys/kern/subr_nvlist.c index f96b8905d869..ec4471866226 100644 --- a/sys/kern/subr_nvlist.c +++ b/sys/kern/subr_nvlist.c @@ -1,1487 +1,1494 @@ /*- * Copyright (c) 2009-2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #ifdef _KERNEL #include #include #include #include #include #include #else #include #include #include #include #include #define _WITH_DPRINTF #include #include #include #include #include "msgio.h" #endif #ifdef HAVE_PJDLOG #include #endif #include #include #include #include #ifndef HAVE_PJDLOG #ifdef _KERNEL #define PJDLOG_ASSERT(...) MPASS(__VA_ARGS__) #define PJDLOG_RASSERT(expr, ...) KASSERT(expr, (__VA_ARGS__)) #define PJDLOG_ABORT(...) panic(__VA_ARGS__) #else #include #define PJDLOG_ASSERT(...) assert(__VA_ARGS__) #define PJDLOG_RASSERT(expr, ...) assert(expr) #define PJDLOG_ABORT(...) do { \ fprintf(stderr, "%s:%u: ", __FILE__, __LINE__); \ fprintf(stderr, __VA_ARGS__); \ fprintf(stderr, "\n"); \ abort(); \ } while (0) #endif #endif #define NV_FLAG_PRIVATE_MASK (NV_FLAG_BIG_ENDIAN) #define NV_FLAG_PUBLIC_MASK (NV_FLAG_IGNORE_CASE) #define NV_FLAG_ALL_MASK (NV_FLAG_PRIVATE_MASK | NV_FLAG_PUBLIC_MASK) #define NVLIST_MAGIC 0x6e766c /* "nvl" */ struct nvlist { int nvl_magic; int nvl_error; int nvl_flags; nvpair_t *nvl_parent; struct nvl_head nvl_head; }; #define NVLIST_ASSERT(nvl) do { \ PJDLOG_ASSERT((nvl) != NULL); \ PJDLOG_ASSERT((nvl)->nvl_magic == NVLIST_MAGIC); \ } while (0) #ifdef _KERNEL MALLOC_DEFINE(M_NVLIST, "nvlist", "kernel nvlist"); #endif #define NVPAIR_ASSERT(nvp) nvpair_assert(nvp) #define NVLIST_HEADER_MAGIC 0x6c #define NVLIST_HEADER_VERSION 0x00 struct nvlist_header { uint8_t nvlh_magic; uint8_t nvlh_version; uint8_t nvlh_flags; uint64_t nvlh_descriptors; uint64_t nvlh_size; } __packed; nvlist_t * nvlist_create(int flags) { nvlist_t *nvl; PJDLOG_ASSERT((flags & ~(NV_FLAG_PUBLIC_MASK)) == 0); nvl = nv_malloc(sizeof(*nvl)); nvl->nvl_error = 0; nvl->nvl_flags = flags; nvl->nvl_parent = NULL; TAILQ_INIT(&nvl->nvl_head); nvl->nvl_magic = NVLIST_MAGIC; return (nvl); } void nvlist_destroy(nvlist_t *nvl) { nvpair_t *nvp; if (nvl == NULL) return; ERRNO_SAVE(); NVLIST_ASSERT(nvl); while ((nvp = nvlist_first_nvpair(nvl)) != NULL) { nvlist_remove_nvpair(nvl, nvp); nvpair_free(nvp); } nvl->nvl_magic = 0; nv_free(nvl); ERRNO_RESTORE(); } void nvlist_set_error(nvlist_t *nvl, int error) { PJDLOG_ASSERT(error != 0); /* * Check for error != 0 so that we don't do the wrong thing if somebody * tries to abuse this API when asserts are disabled. */ if (nvl != NULL && error != 0 && nvl->nvl_error == 0) nvl->nvl_error = error; } int nvlist_error(const nvlist_t *nvl) { if (nvl == NULL) return (ENOMEM); NVLIST_ASSERT(nvl); return (nvl->nvl_error); } nvpair_t * nvlist_get_nvpair_parent(const nvlist_t *nvl) { NVLIST_ASSERT(nvl); return (nvl->nvl_parent); } const nvlist_t * nvlist_get_parent(const nvlist_t *nvl, void **cookiep) { nvpair_t *nvp; NVLIST_ASSERT(nvl); nvp = nvl->nvl_parent; if (cookiep != NULL) *cookiep = nvp; if (nvp == NULL) return (NULL); return (nvpair_nvlist(nvp)); } void nvlist_set_parent(nvlist_t *nvl, nvpair_t *parent) { NVLIST_ASSERT(nvl); nvl->nvl_parent = parent; } bool nvlist_empty(const nvlist_t *nvl) { NVLIST_ASSERT(nvl); PJDLOG_ASSERT(nvl->nvl_error == 0); return (nvlist_first_nvpair(nvl) == NULL); } int nvlist_flags(const nvlist_t *nvl) { NVLIST_ASSERT(nvl); PJDLOG_ASSERT(nvl->nvl_error == 0); PJDLOG_ASSERT((nvl->nvl_flags & ~(NV_FLAG_PUBLIC_MASK)) == 0); return (nvl->nvl_flags); } static void nvlist_report_missing(int type, const char *name) { PJDLOG_ABORT("Element '%s' of type %s doesn't exist.", name, nvpair_type_string(type)); } static nvpair_t * nvlist_find(const nvlist_t *nvl, int type, const char *name) { nvpair_t *nvp; NVLIST_ASSERT(nvl); PJDLOG_ASSERT(nvl->nvl_error == 0); PJDLOG_ASSERT(type == NV_TYPE_NONE || (type >= NV_TYPE_FIRST && type <= NV_TYPE_LAST)); for (nvp = nvlist_first_nvpair(nvl); nvp != NULL; nvp = nvlist_next_nvpair(nvl, nvp)) { if (type != NV_TYPE_NONE && nvpair_type(nvp) != type) continue; if ((nvl->nvl_flags & NV_FLAG_IGNORE_CASE) != 0) { if (strcasecmp(nvpair_name(nvp), name) != 0) continue; } else { if (strcmp(nvpair_name(nvp), name) != 0) continue; } break; } if (nvp == NULL) ERRNO_SET(ENOENT); return (nvp); } bool nvlist_exists_type(const nvlist_t *nvl, const char *name, int type) { NVLIST_ASSERT(nvl); PJDLOG_ASSERT(nvl->nvl_error == 0); PJDLOG_ASSERT(type == NV_TYPE_NONE || (type >= NV_TYPE_FIRST && type <= NV_TYPE_LAST)); return (nvlist_find(nvl, type, name) != NULL); } void nvlist_free_type(nvlist_t *nvl, const char *name, int type) { nvpair_t *nvp; NVLIST_ASSERT(nvl); PJDLOG_ASSERT(nvl->nvl_error == 0); PJDLOG_ASSERT(type == NV_TYPE_NONE || (type >= NV_TYPE_FIRST && type <= NV_TYPE_LAST)); nvp = nvlist_find(nvl, type, name); if (nvp != NULL) nvlist_free_nvpair(nvl, nvp); else nvlist_report_missing(type, name); } nvlist_t * nvlist_clone(const nvlist_t *nvl) { nvlist_t *newnvl; nvpair_t *nvp, *newnvp; NVLIST_ASSERT(nvl); if (nvl->nvl_error != 0) { ERRNO_SET(nvl->nvl_error); return (NULL); } newnvl = nvlist_create(nvl->nvl_flags & NV_FLAG_PUBLIC_MASK); for (nvp = nvlist_first_nvpair(nvl); nvp != NULL; nvp = nvlist_next_nvpair(nvl, nvp)) { newnvp = nvpair_clone(nvp); if (newnvp == NULL) break; nvlist_move_nvpair(newnvl, newnvp); } if (nvp != NULL) { nvlist_destroy(newnvl); return (NULL); } return (newnvl); } #ifndef _KERNEL static bool nvlist_dump_error_check(const nvlist_t *nvl, int fd, int level) { if (nvlist_error(nvl) != 0) { dprintf(fd, "%*serror: %d\n", level * 4, "", nvlist_error(nvl)); return (true); } return (false); } /* * Dump content of nvlist. */ void nvlist_dump(const nvlist_t *nvl, int fd) { const nvlist_t *tmpnvl; nvpair_t *nvp, *tmpnvp; void *cookie; int level; level = 0; if (nvlist_dump_error_check(nvl, fd, level)) return; nvp = nvlist_first_nvpair(nvl); while (nvp != NULL) { dprintf(fd, "%*s%s (%s):", level * 4, "", nvpair_name(nvp), nvpair_type_string(nvpair_type(nvp))); switch (nvpair_type(nvp)) { case NV_TYPE_NULL: dprintf(fd, " null\n"); break; case NV_TYPE_BOOL: dprintf(fd, " %s\n", nvpair_get_bool(nvp) ? "TRUE" : "FALSE"); break; case NV_TYPE_NUMBER: dprintf(fd, " %ju (%jd) (0x%jx)\n", (uintmax_t)nvpair_get_number(nvp), (intmax_t)nvpair_get_number(nvp), (uintmax_t)nvpair_get_number(nvp)); break; case NV_TYPE_STRING: dprintf(fd, " [%s]\n", nvpair_get_string(nvp)); break; case NV_TYPE_NVLIST: dprintf(fd, "\n"); tmpnvl = nvpair_get_nvlist(nvp); if (nvlist_dump_error_check(tmpnvl, fd, level + 1)) break; tmpnvp = nvlist_first_nvpair(tmpnvl); if (tmpnvp != NULL) { nvl = tmpnvl; nvp = tmpnvp; level++; continue; } break; case NV_TYPE_DESCRIPTOR: dprintf(fd, " %d\n", nvpair_get_descriptor(nvp)); break; case NV_TYPE_BINARY: { const unsigned char *binary; unsigned int ii; size_t size; binary = nvpair_get_binary(nvp, &size); dprintf(fd, " %zu ", size); for (ii = 0; ii < size; ii++) dprintf(fd, "%02hhx", binary[ii]); dprintf(fd, "\n"); break; } default: PJDLOG_ABORT("Unknown type: %d.", nvpair_type(nvp)); } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { cookie = NULL; nvl = nvlist_get_parent(nvl, &cookie); if (nvl == NULL) return; nvp = cookie; level--; } } } void nvlist_fdump(const nvlist_t *nvl, FILE *fp) { fflush(fp); nvlist_dump(nvl, fileno(fp)); } #endif /* * The function obtains size of the nvlist after nvlist_pack(). */ size_t nvlist_size(const nvlist_t *nvl) { const nvlist_t *tmpnvl; const nvpair_t *nvp, *tmpnvp; void *cookie; size_t size; NVLIST_ASSERT(nvl); PJDLOG_ASSERT(nvl->nvl_error == 0); size = sizeof(struct nvlist_header); nvp = nvlist_first_nvpair(nvl); while (nvp != NULL) { size += nvpair_header_size(); size += strlen(nvpair_name(nvp)) + 1; if (nvpair_type(nvp) == NV_TYPE_NVLIST) { size += sizeof(struct nvlist_header); size += nvpair_header_size() + 1; tmpnvl = nvpair_get_nvlist(nvp); PJDLOG_ASSERT(tmpnvl->nvl_error == 0); tmpnvp = nvlist_first_nvpair(tmpnvl); if (tmpnvp != NULL) { nvl = tmpnvl; nvp = tmpnvp; continue; } } else { size += nvpair_size(nvp); } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { cookie = NULL; nvl = nvlist_get_parent(nvl, &cookie); if (nvl == NULL) goto out; nvp = cookie; } } out: return (size); } #ifndef _KERNEL static int * nvlist_xdescriptors(const nvlist_t *nvl, int *descs) { nvpair_t *nvp; const char *name; int type; NVLIST_ASSERT(nvl); PJDLOG_ASSERT(nvl->nvl_error == 0); nvp = NULL; do { while ((name = nvlist_next(nvl, &type, (void**)&nvp)) != NULL) { switch (type) { case NV_TYPE_DESCRIPTOR: *descs = nvpair_get_descriptor(nvp); descs++; break; case NV_TYPE_NVLIST: nvl = nvpair_get_nvlist(nvp); nvp = NULL; break; } } } while ((nvl = nvlist_get_parent(nvl, (void**)&nvp)) != NULL); return (descs); } #endif #ifndef _KERNEL int * nvlist_descriptors(const nvlist_t *nvl, size_t *nitemsp) { size_t nitems; int *fds; nitems = nvlist_ndescriptors(nvl); fds = nv_malloc(sizeof(fds[0]) * (nitems + 1)); if (fds == NULL) return (NULL); if (nitems > 0) nvlist_xdescriptors(nvl, fds); fds[nitems] = -1; if (nitemsp != NULL) *nitemsp = nitems; return (fds); } #endif size_t nvlist_ndescriptors(const nvlist_t *nvl) { #ifndef _KERNEL nvpair_t *nvp; const char *name; size_t ndescs; int type; NVLIST_ASSERT(nvl); PJDLOG_ASSERT(nvl->nvl_error == 0); ndescs = 0; nvp = NULL; do { while ((name = nvlist_next(nvl, &type, (void**)&nvp)) != NULL) { switch (type) { case NV_TYPE_DESCRIPTOR: ndescs++; break; case NV_TYPE_NVLIST: nvl = nvpair_get_nvlist(nvp); nvp = NULL; break; } } } while ((nvl = nvlist_get_parent(nvl, (void**)&nvp)) != NULL); return (ndescs); #else return (0); #endif } static unsigned char * nvlist_pack_header(const nvlist_t *nvl, unsigned char *ptr, size_t *leftp) { struct nvlist_header nvlhdr; NVLIST_ASSERT(nvl); nvlhdr.nvlh_magic = NVLIST_HEADER_MAGIC; nvlhdr.nvlh_version = NVLIST_HEADER_VERSION; nvlhdr.nvlh_flags = nvl->nvl_flags; #if BYTE_ORDER == BIG_ENDIAN nvlhdr.nvlh_flags |= NV_FLAG_BIG_ENDIAN; #endif nvlhdr.nvlh_descriptors = nvlist_ndescriptors(nvl); nvlhdr.nvlh_size = *leftp - sizeof(nvlhdr); PJDLOG_ASSERT(*leftp >= sizeof(nvlhdr)); memcpy(ptr, &nvlhdr, sizeof(nvlhdr)); ptr += sizeof(nvlhdr); *leftp -= sizeof(nvlhdr); return (ptr); } static void * nvlist_xpack(const nvlist_t *nvl, int64_t *fdidxp, size_t *sizep) { unsigned char *buf, *ptr; size_t left, size; const nvlist_t *tmpnvl; nvpair_t *nvp, *tmpnvp; void *cookie; NVLIST_ASSERT(nvl); if (nvl->nvl_error != 0) { ERRNO_SET(nvl->nvl_error); return (NULL); } size = nvlist_size(nvl); buf = nv_malloc(size); if (buf == NULL) return (NULL); ptr = buf; left = size; ptr = nvlist_pack_header(nvl, ptr, &left); nvp = nvlist_first_nvpair(nvl); while (nvp != NULL) { NVPAIR_ASSERT(nvp); nvpair_init_datasize(nvp); ptr = nvpair_pack_header(nvp, ptr, &left); if (ptr == NULL) { nv_free(buf); return (NULL); } switch (nvpair_type(nvp)) { case NV_TYPE_NULL: ptr = nvpair_pack_null(nvp, ptr, &left); break; case NV_TYPE_BOOL: ptr = nvpair_pack_bool(nvp, ptr, &left); break; case NV_TYPE_NUMBER: ptr = nvpair_pack_number(nvp, ptr, &left); break; case NV_TYPE_STRING: ptr = nvpair_pack_string(nvp, ptr, &left); break; case NV_TYPE_NVLIST: tmpnvl = nvpair_get_nvlist(nvp); ptr = nvlist_pack_header(tmpnvl, ptr, &left); if (ptr == NULL) goto out; tmpnvp = nvlist_first_nvpair(tmpnvl); if (tmpnvp != NULL) { nvl = tmpnvl; nvp = tmpnvp; continue; } ptr = nvpair_pack_nvlist_up(ptr, &left); break; #ifndef _KERNEL case NV_TYPE_DESCRIPTOR: ptr = nvpair_pack_descriptor(nvp, ptr, fdidxp, &left); break; #endif case NV_TYPE_BINARY: ptr = nvpair_pack_binary(nvp, ptr, &left); break; default: PJDLOG_ABORT("Invalid type (%d).", nvpair_type(nvp)); } if (ptr == NULL) { nv_free(buf); return (NULL); } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { cookie = NULL; nvl = nvlist_get_parent(nvl, &cookie); if (nvl == NULL) goto out; nvp = cookie; ptr = nvpair_pack_nvlist_up(ptr, &left); if (ptr == NULL) goto out; } } out: if (sizep != NULL) *sizep = size; return (buf); } void * nvlist_pack(const nvlist_t *nvl, size_t *sizep) { NVLIST_ASSERT(nvl); if (nvl->nvl_error != 0) { ERRNO_SET(nvl->nvl_error); return (NULL); } if (nvlist_ndescriptors(nvl) > 0) { ERRNO_SET(EOPNOTSUPP); return (NULL); } return (nvlist_xpack(nvl, NULL, sizep)); } static bool nvlist_check_header(struct nvlist_header *nvlhdrp) { if (nvlhdrp->nvlh_magic != NVLIST_HEADER_MAGIC) { ERRNO_SET(EINVAL); return (false); } if ((nvlhdrp->nvlh_flags & ~NV_FLAG_ALL_MASK) != 0) { ERRNO_SET(EINVAL); return (false); } #if BYTE_ORDER == BIG_ENDIAN if ((nvlhdrp->nvlh_flags & NV_FLAG_BIG_ENDIAN) == 0) { nvlhdrp->nvlh_size = le64toh(nvlhdrp->nvlh_size); nvlhdrp->nvlh_descriptors = le64toh(nvlhdrp->nvlh_descriptors); } #else if ((nvlhdrp->nvlh_flags & NV_FLAG_BIG_ENDIAN) != 0) { nvlhdrp->nvlh_size = be64toh(nvlhdrp->nvlh_size); nvlhdrp->nvlh_descriptors = be64toh(nvlhdrp->nvlh_descriptors); } #endif return (true); } const unsigned char * nvlist_unpack_header(nvlist_t *nvl, const unsigned char *ptr, size_t nfds, bool *isbep, size_t *leftp) { struct nvlist_header nvlhdr; if (*leftp < sizeof(nvlhdr)) goto failed; memcpy(&nvlhdr, ptr, sizeof(nvlhdr)); if (!nvlist_check_header(&nvlhdr)) goto failed; if (nvlhdr.nvlh_size != *leftp - sizeof(nvlhdr)) goto failed; /* * nvlh_descriptors might be smaller than nfds in embedded nvlists. */ if (nvlhdr.nvlh_descriptors > nfds) goto failed; if ((nvlhdr.nvlh_flags & ~NV_FLAG_ALL_MASK) != 0) goto failed; nvl->nvl_flags = (nvlhdr.nvlh_flags & NV_FLAG_PUBLIC_MASK); ptr += sizeof(nvlhdr); if (isbep != NULL) *isbep = (((int)nvlhdr.nvlh_flags & NV_FLAG_BIG_ENDIAN) != 0); *leftp -= sizeof(nvlhdr); return (ptr); failed: ERRNO_SET(EINVAL); return (NULL); } static nvlist_t * -nvlist_xunpack(const void *buf, size_t size, const int *fds, size_t nfds) +nvlist_xunpack(const void *buf, size_t size, const int *fds, size_t nfds, + int flags) { const unsigned char *ptr; nvlist_t *nvl, *retnvl, *tmpnvl; nvpair_t *nvp; size_t left; bool isbe; + PJDLOG_ASSERT((flags & ~(NV_FLAG_PUBLIC_MASK)) == 0); + left = size; ptr = buf; tmpnvl = NULL; nvl = retnvl = nvlist_create(0); if (nvl == NULL) goto failed; ptr = nvlist_unpack_header(nvl, ptr, nfds, &isbe, &left); if (ptr == NULL) goto failed; + if (nvl->nvl_flags != flags) { + ERRNO_SET(EILSEQ); + goto failed; + } while (left > 0) { ptr = nvpair_unpack(isbe, ptr, &left, &nvp); if (ptr == NULL) goto failed; switch (nvpair_type(nvp)) { case NV_TYPE_NULL: ptr = nvpair_unpack_null(isbe, nvp, ptr, &left); break; case NV_TYPE_BOOL: ptr = nvpair_unpack_bool(isbe, nvp, ptr, &left); break; case NV_TYPE_NUMBER: ptr = nvpair_unpack_number(isbe, nvp, ptr, &left); break; case NV_TYPE_STRING: ptr = nvpair_unpack_string(isbe, nvp, ptr, &left); break; case NV_TYPE_NVLIST: ptr = nvpair_unpack_nvlist(isbe, nvp, ptr, &left, nfds, &tmpnvl); nvlist_set_parent(tmpnvl, nvp); break; #ifndef _KERNEL case NV_TYPE_DESCRIPTOR: ptr = nvpair_unpack_descriptor(isbe, nvp, ptr, &left, fds, nfds); break; #endif case NV_TYPE_BINARY: ptr = nvpair_unpack_binary(isbe, nvp, ptr, &left); break; case NV_TYPE_NVLIST_UP: if (nvl->nvl_parent == NULL) goto failed; nvl = nvpair_nvlist(nvl->nvl_parent); continue; default: PJDLOG_ABORT("Invalid type (%d).", nvpair_type(nvp)); } if (ptr == NULL) goto failed; nvlist_move_nvpair(nvl, nvp); if (tmpnvl != NULL) { nvl = tmpnvl; tmpnvl = NULL; } } return (retnvl); failed: nvlist_destroy(retnvl); return (NULL); } nvlist_t * -nvlist_unpack(const void *buf, size_t size) +nvlist_unpack(const void *buf, size_t size, int flags) { - return (nvlist_xunpack(buf, size, NULL, 0)); + return (nvlist_xunpack(buf, size, NULL, 0, flags)); } #ifndef _KERNEL int nvlist_send(int sock, const nvlist_t *nvl) { size_t datasize, nfds; int *fds; void *data; int64_t fdidx; int ret; if (nvlist_error(nvl) != 0) { ERRNO_SET(nvlist_error(nvl)); return (-1); } fds = nvlist_descriptors(nvl, &nfds); if (fds == NULL) return (-1); ret = -1; data = NULL; fdidx = 0; data = nvlist_xpack(nvl, &fdidx, &datasize); if (data == NULL) goto out; if (buf_send(sock, data, datasize) == -1) goto out; if (nfds > 0) { if (fd_send(sock, fds, nfds) == -1) goto out; } ret = 0; out: ERRNO_SAVE(); free(fds); free(data); ERRNO_RESTORE(); return (ret); } nvlist_t * -nvlist_recv(int sock) +nvlist_recv(int sock, int flags) { struct nvlist_header nvlhdr; nvlist_t *nvl, *ret; unsigned char *buf; size_t nfds, size, i; int *fds; if (buf_recv(sock, &nvlhdr, sizeof(nvlhdr)) == -1) return (NULL); if (!nvlist_check_header(&nvlhdr)) return (NULL); nfds = (size_t)nvlhdr.nvlh_descriptors; size = sizeof(nvlhdr) + (size_t)nvlhdr.nvlh_size; buf = nv_malloc(size); if (buf == NULL) return (NULL); memcpy(buf, &nvlhdr, sizeof(nvlhdr)); ret = NULL; fds = NULL; if (buf_recv(sock, buf + sizeof(nvlhdr), size - sizeof(nvlhdr)) == -1) goto out; if (nfds > 0) { fds = nv_malloc(nfds * sizeof(fds[0])); if (fds == NULL) goto out; if (fd_recv(sock, fds, nfds) == -1) goto out; } - nvl = nvlist_xunpack(buf, size, fds, nfds); + nvl = nvlist_xunpack(buf, size, fds, nfds, flags); if (nvl == NULL) { ERRNO_SAVE(); for (i = 0; i < nfds; i++) close(fds[i]); ERRNO_RESTORE(); goto out; } ret = nvl; out: ERRNO_SAVE(); free(buf); free(fds); ERRNO_RESTORE(); return (ret); } nvlist_t * -nvlist_xfer(int sock, nvlist_t *nvl) +nvlist_xfer(int sock, nvlist_t *nvl, int flags) { if (nvlist_send(sock, nvl) < 0) { nvlist_destroy(nvl); return (NULL); } nvlist_destroy(nvl); - return (nvlist_recv(sock)); + return (nvlist_recv(sock, flags)); } #endif nvpair_t * nvlist_first_nvpair(const nvlist_t *nvl) { NVLIST_ASSERT(nvl); return (TAILQ_FIRST(&nvl->nvl_head)); } nvpair_t * nvlist_next_nvpair(const nvlist_t *nvl, const nvpair_t *nvp) { nvpair_t *retnvp; NVLIST_ASSERT(nvl); NVPAIR_ASSERT(nvp); PJDLOG_ASSERT(nvpair_nvlist(nvp) == nvl); retnvp = nvpair_next(nvp); PJDLOG_ASSERT(retnvp == NULL || nvpair_nvlist(retnvp) == nvl); return (retnvp); } nvpair_t * nvlist_prev_nvpair(const nvlist_t *nvl, const nvpair_t *nvp) { nvpair_t *retnvp; NVLIST_ASSERT(nvl); NVPAIR_ASSERT(nvp); PJDLOG_ASSERT(nvpair_nvlist(nvp) == nvl); retnvp = nvpair_prev(nvp); PJDLOG_ASSERT(nvpair_nvlist(retnvp) == nvl); return (retnvp); } const char * nvlist_next(const nvlist_t *nvl, int *typep, void **cookiep) { nvpair_t *nvp; NVLIST_ASSERT(nvl); PJDLOG_ASSERT(cookiep != NULL); if (*cookiep == NULL) nvp = nvlist_first_nvpair(nvl); else nvp = nvlist_next_nvpair(nvl, *cookiep); if (nvp == NULL) return (NULL); if (typep != NULL) *typep = nvpair_type(nvp); *cookiep = nvp; return (nvpair_name(nvp)); } bool nvlist_exists(const nvlist_t *nvl, const char *name) { return (nvlist_find(nvl, NV_TYPE_NONE, name) != NULL); } #define NVLIST_EXISTS(type, TYPE) \ bool \ nvlist_exists_##type(const nvlist_t *nvl, const char *name) \ { \ \ return (nvlist_find(nvl, NV_TYPE_##TYPE, name) != NULL); \ } NVLIST_EXISTS(null, NULL) NVLIST_EXISTS(bool, BOOL) NVLIST_EXISTS(number, NUMBER) NVLIST_EXISTS(string, STRING) NVLIST_EXISTS(nvlist, NVLIST) #ifndef _KERNEL NVLIST_EXISTS(descriptor, DESCRIPTOR) #endif NVLIST_EXISTS(binary, BINARY) #undef NVLIST_EXISTS void nvlist_add_nvpair(nvlist_t *nvl, const nvpair_t *nvp) { nvpair_t *newnvp; NVPAIR_ASSERT(nvp); if (nvlist_error(nvl) != 0) { ERRNO_SET(nvlist_error(nvl)); return; } if (nvlist_exists(nvl, nvpair_name(nvp))) { nvl->nvl_error = EEXIST; ERRNO_SET(nvlist_error(nvl)); return; } newnvp = nvpair_clone(nvp); if (newnvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvlist_error(nvl)); return; } nvpair_insert(&nvl->nvl_head, newnvp, nvl); } void nvlist_add_stringf(nvlist_t *nvl, const char *name, const char *valuefmt, ...) { va_list valueap; va_start(valueap, valuefmt); nvlist_add_stringv(nvl, name, valuefmt, valueap); va_end(valueap); } void nvlist_add_stringv(nvlist_t *nvl, const char *name, const char *valuefmt, va_list valueap) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { ERRNO_SET(nvlist_error(nvl)); return; } nvp = nvpair_create_stringv(name, valuefmt, valueap); if (nvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvl->nvl_error); } else { nvlist_move_nvpair(nvl, nvp); } } void nvlist_add_null(nvlist_t *nvl, const char *name) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { ERRNO_SET(nvlist_error(nvl)); return; } nvp = nvpair_create_null(name); if (nvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvl->nvl_error); } else { nvlist_move_nvpair(nvl, nvp); } } void nvlist_add_bool(nvlist_t *nvl, const char *name, bool value) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { ERRNO_SET(nvlist_error(nvl)); return; } nvp = nvpair_create_bool(name, value); if (nvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvl->nvl_error); } else { nvlist_move_nvpair(nvl, nvp); } } void nvlist_add_number(nvlist_t *nvl, const char *name, uint64_t value) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { ERRNO_SET(nvlist_error(nvl)); return; } nvp = nvpair_create_number(name, value); if (nvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvl->nvl_error); } else { nvlist_move_nvpair(nvl, nvp); } } void nvlist_add_string(nvlist_t *nvl, const char *name, const char *value) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { ERRNO_SET(nvlist_error(nvl)); return; } nvp = nvpair_create_string(name, value); if (nvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvl->nvl_error); } else { nvlist_move_nvpair(nvl, nvp); } } void nvlist_add_nvlist(nvlist_t *nvl, const char *name, const nvlist_t *value) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { ERRNO_SET(nvlist_error(nvl)); return; } nvp = nvpair_create_nvlist(name, value); if (nvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvl->nvl_error); } else { nvlist_move_nvpair(nvl, nvp); } } #ifndef _KERNEL void nvlist_add_descriptor(nvlist_t *nvl, const char *name, int value) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { errno = nvlist_error(nvl); return; } nvp = nvpair_create_descriptor(name, value); if (nvp == NULL) nvl->nvl_error = errno = (errno != 0 ? errno : ENOMEM); else nvlist_move_nvpair(nvl, nvp); } #endif void nvlist_add_binary(nvlist_t *nvl, const char *name, const void *value, size_t size) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { ERRNO_SET(nvlist_error(nvl)); return; } nvp = nvpair_create_binary(name, value, size); if (nvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvl->nvl_error); } else { nvlist_move_nvpair(nvl, nvp); } } void nvlist_move_nvpair(nvlist_t *nvl, nvpair_t *nvp) { NVPAIR_ASSERT(nvp); PJDLOG_ASSERT(nvpair_nvlist(nvp) == NULL); if (nvlist_error(nvl) != 0) { nvpair_free(nvp); ERRNO_SET(nvlist_error(nvl)); return; } if (nvlist_exists(nvl, nvpair_name(nvp))) { nvpair_free(nvp); nvl->nvl_error = EEXIST; ERRNO_SET(nvl->nvl_error); return; } nvpair_insert(&nvl->nvl_head, nvp, nvl); } void nvlist_move_string(nvlist_t *nvl, const char *name, char *value) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { nv_free(value); ERRNO_SET(nvlist_error(nvl)); return; } nvp = nvpair_move_string(name, value); if (nvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvl->nvl_error); } else { nvlist_move_nvpair(nvl, nvp); } } void nvlist_move_nvlist(nvlist_t *nvl, const char *name, nvlist_t *value) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { if (value != NULL && nvlist_get_nvpair_parent(value) != NULL) nvlist_destroy(value); ERRNO_SET(nvlist_error(nvl)); return; } nvp = nvpair_move_nvlist(name, value); if (nvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvl->nvl_error); } else { nvlist_move_nvpair(nvl, nvp); } } #ifndef _KERNEL void nvlist_move_descriptor(nvlist_t *nvl, const char *name, int value) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { close(value); ERRNO_SET(nvlist_error(nvl)); return; } nvp = nvpair_move_descriptor(name, value); if (nvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvl->nvl_error); } else { nvlist_move_nvpair(nvl, nvp); } } #endif void nvlist_move_binary(nvlist_t *nvl, const char *name, void *value, size_t size) { nvpair_t *nvp; if (nvlist_error(nvl) != 0) { nv_free(value); ERRNO_SET(nvlist_error(nvl)); return; } nvp = nvpair_move_binary(name, value, size); if (nvp == NULL) { nvl->nvl_error = ERRNO_OR_DEFAULT(ENOMEM); ERRNO_SET(nvl->nvl_error); } else { nvlist_move_nvpair(nvl, nvp); } } const nvpair_t * nvlist_get_nvpair(const nvlist_t *nvl, const char *name) { return (nvlist_find(nvl, NV_TYPE_NONE, name)); } #define NVLIST_GET(ftype, type, TYPE) \ ftype \ nvlist_get_##type(const nvlist_t *nvl, const char *name) \ { \ const nvpair_t *nvp; \ \ nvp = nvlist_find(nvl, NV_TYPE_##TYPE, name); \ if (nvp == NULL) \ nvlist_report_missing(NV_TYPE_##TYPE, name); \ return (nvpair_get_##type(nvp)); \ } NVLIST_GET(bool, bool, BOOL) NVLIST_GET(uint64_t, number, NUMBER) NVLIST_GET(const char *, string, STRING) NVLIST_GET(const nvlist_t *, nvlist, NVLIST) #ifndef _KERNEL NVLIST_GET(int, descriptor, DESCRIPTOR) #endif #undef NVLIST_GET const void * nvlist_get_binary(const nvlist_t *nvl, const char *name, size_t *sizep) { nvpair_t *nvp; nvp = nvlist_find(nvl, NV_TYPE_BINARY, name); if (nvp == NULL) nvlist_report_missing(NV_TYPE_BINARY, name); return (nvpair_get_binary(nvp, sizep)); } #define NVLIST_TAKE(ftype, type, TYPE) \ ftype \ nvlist_take_##type(nvlist_t *nvl, const char *name) \ { \ nvpair_t *nvp; \ ftype value; \ \ nvp = nvlist_find(nvl, NV_TYPE_##TYPE, name); \ if (nvp == NULL) \ nvlist_report_missing(NV_TYPE_##TYPE, name); \ value = (ftype)(intptr_t)nvpair_get_##type(nvp); \ nvlist_remove_nvpair(nvl, nvp); \ nvpair_free_structure(nvp); \ return (value); \ } NVLIST_TAKE(bool, bool, BOOL) NVLIST_TAKE(uint64_t, number, NUMBER) NVLIST_TAKE(char *, string, STRING) NVLIST_TAKE(nvlist_t *, nvlist, NVLIST) #ifndef _KERNEL NVLIST_TAKE(int, descriptor, DESCRIPTOR) #endif #undef NVLIST_TAKE void * nvlist_take_binary(nvlist_t *nvl, const char *name, size_t *sizep) { nvpair_t *nvp; void *value; nvp = nvlist_find(nvl, NV_TYPE_BINARY, name); if (nvp == NULL) nvlist_report_missing(NV_TYPE_BINARY, name); value = (void *)(intptr_t)nvpair_get_binary(nvp, sizep); nvlist_remove_nvpair(nvl, nvp); nvpair_free_structure(nvp); return (value); } void nvlist_remove_nvpair(nvlist_t *nvl, nvpair_t *nvp) { NVLIST_ASSERT(nvl); NVPAIR_ASSERT(nvp); PJDLOG_ASSERT(nvpair_nvlist(nvp) == nvl); nvpair_remove(&nvl->nvl_head, nvp, nvl); } void nvlist_free(nvlist_t *nvl, const char *name) { nvlist_free_type(nvl, name, NV_TYPE_NONE); } #define NVLIST_FREE(type, TYPE) \ void \ nvlist_free_##type(nvlist_t *nvl, const char *name) \ { \ \ nvlist_free_type(nvl, name, NV_TYPE_##TYPE); \ } NVLIST_FREE(null, NULL) NVLIST_FREE(bool, BOOL) NVLIST_FREE(number, NUMBER) NVLIST_FREE(string, STRING) NVLIST_FREE(nvlist, NVLIST) #ifndef _KERNEL NVLIST_FREE(descriptor, DESCRIPTOR) #endif NVLIST_FREE(binary, BINARY) #undef NVLIST_FREE void nvlist_free_nvpair(nvlist_t *nvl, nvpair_t *nvp) { NVLIST_ASSERT(nvl); NVPAIR_ASSERT(nvp); PJDLOG_ASSERT(nvpair_nvlist(nvp) == nvl); nvlist_remove_nvpair(nvl, nvp); nvpair_free(nvp); } diff --git a/sys/sys/nv.h b/sys/sys/nv.h index 5c342dced820..4a339ecbfa49 100644 --- a/sys/sys/nv.h +++ b/sys/sys/nv.h @@ -1,200 +1,200 @@ /*- * Copyright (c) 2009-2013 The FreeBSD Foundation * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD$ */ #ifndef _NV_H_ #define _NV_H_ #include #ifndef _KERNEL #include #include #include #include #endif #ifndef _NVLIST_T_DECLARED #define _NVLIST_T_DECLARED struct nvlist; typedef struct nvlist nvlist_t; #endif #define NV_NAME_MAX 2048 #define NV_TYPE_NONE 0 #define NV_TYPE_NULL 1 #define NV_TYPE_BOOL 2 #define NV_TYPE_NUMBER 3 #define NV_TYPE_STRING 4 #define NV_TYPE_NVLIST 5 #define NV_TYPE_DESCRIPTOR 6 #define NV_TYPE_BINARY 7 /* * Perform case-insensitive lookups of provided names. */ #define NV_FLAG_IGNORE_CASE 0x01 #if defined(_KERNEL) && defined(MALLOC_DECLARE) MALLOC_DECLARE(M_NVLIST); #endif __BEGIN_DECLS nvlist_t *nvlist_create(int flags); void nvlist_destroy(nvlist_t *nvl); int nvlist_error(const nvlist_t *nvl); bool nvlist_empty(const nvlist_t *nvl); int nvlist_flags(const nvlist_t *nvl); void nvlist_set_error(nvlist_t *nvl, int error); nvlist_t *nvlist_clone(const nvlist_t *nvl); #ifndef _KERNEL void nvlist_dump(const nvlist_t *nvl, int fd); void nvlist_fdump(const nvlist_t *nvl, FILE *fp); #endif size_t nvlist_size(const nvlist_t *nvl); void *nvlist_pack(const nvlist_t *nvl, size_t *sizep); -nvlist_t *nvlist_unpack(const void *buf, size_t size); +nvlist_t *nvlist_unpack(const void *buf, size_t size, int flags); int nvlist_send(int sock, const nvlist_t *nvl); -nvlist_t *nvlist_recv(int sock); -nvlist_t *nvlist_xfer(int sock, nvlist_t *nvl); +nvlist_t *nvlist_recv(int sock, int flags); +nvlist_t *nvlist_xfer(int sock, nvlist_t *nvl, int flags); const char *nvlist_next(const nvlist_t *nvl, int *typep, void **cookiep); const nvlist_t *nvlist_get_parent(const nvlist_t *nvl, void **cookiep); /* * The nvlist_exists functions check if the given name (optionally of the given * type) exists on nvlist. */ bool nvlist_exists(const nvlist_t *nvl, const char *name); bool nvlist_exists_type(const nvlist_t *nvl, const char *name, int type); bool nvlist_exists_null(const nvlist_t *nvl, const char *name); bool nvlist_exists_bool(const nvlist_t *nvl, const char *name); bool nvlist_exists_number(const nvlist_t *nvl, const char *name); bool nvlist_exists_string(const nvlist_t *nvl, const char *name); bool nvlist_exists_nvlist(const nvlist_t *nvl, const char *name); #ifndef _KERNEL bool nvlist_exists_descriptor(const nvlist_t *nvl, const char *name); #endif bool nvlist_exists_binary(const nvlist_t *nvl, const char *name); /* * The nvlist_add functions add the given name/value pair. * If a pointer is provided, nvlist_add will internally allocate memory for the * given data (in other words it won't consume provided buffer). */ void nvlist_add_null(nvlist_t *nvl, const char *name); void nvlist_add_bool(nvlist_t *nvl, const char *name, bool value); void nvlist_add_number(nvlist_t *nvl, const char *name, uint64_t value); void nvlist_add_string(nvlist_t *nvl, const char *name, const char *value); void nvlist_add_stringf(nvlist_t *nvl, const char *name, const char *valuefmt, ...) __printflike(3, 4); #ifdef _VA_LIST_DECLARED void nvlist_add_stringv(nvlist_t *nvl, const char *name, const char *valuefmt, va_list valueap) __printflike(3, 0); #endif void nvlist_add_nvlist(nvlist_t *nvl, const char *name, const nvlist_t *value); #ifndef _KERNEL void nvlist_add_descriptor(nvlist_t *nvl, const char *name, int value); #endif void nvlist_add_binary(nvlist_t *nvl, const char *name, const void *value, size_t size); /* * The nvlist_move functions add the given name/value pair. * The functions consumes provided buffer. */ void nvlist_move_string(nvlist_t *nvl, const char *name, char *value); void nvlist_move_nvlist(nvlist_t *nvl, const char *name, nvlist_t *value); #ifndef _KERNEL void nvlist_move_descriptor(nvlist_t *nvl, const char *name, int value); #endif void nvlist_move_binary(nvlist_t *nvl, const char *name, void *value, size_t size); /* * The nvlist_get functions returns value associated with the given name. * If it returns a pointer, the pointer represents internal buffer and should * not be freed by the caller. */ bool nvlist_get_bool(const nvlist_t *nvl, const char *name); uint64_t nvlist_get_number(const nvlist_t *nvl, const char *name); const char *nvlist_get_string(const nvlist_t *nvl, const char *name); const nvlist_t *nvlist_get_nvlist(const nvlist_t *nvl, const char *name); #ifndef _KERNEL int nvlist_get_descriptor(const nvlist_t *nvl, const char *name); #endif const void *nvlist_get_binary(const nvlist_t *nvl, const char *name, size_t *sizep); /* * The nvlist_take functions returns value associated with the given name and * remove the given entry from the nvlist. * The caller is responsible for freeing received data. */ bool nvlist_take_bool(nvlist_t *nvl, const char *name); uint64_t nvlist_take_number(nvlist_t *nvl, const char *name); char *nvlist_take_string(nvlist_t *nvl, const char *name); nvlist_t *nvlist_take_nvlist(nvlist_t *nvl, const char *name); #ifndef _KERNEL int nvlist_take_descriptor(nvlist_t *nvl, const char *name); #endif void *nvlist_take_binary(nvlist_t *nvl, const char *name, size_t *sizep); /* * The nvlist_free functions removes the given name/value pair from the nvlist * and frees memory associated with it. */ void nvlist_free(nvlist_t *nvl, const char *name); void nvlist_free_type(nvlist_t *nvl, const char *name, int type); void nvlist_free_null(nvlist_t *nvl, const char *name); void nvlist_free_bool(nvlist_t *nvl, const char *name); void nvlist_free_number(nvlist_t *nvl, const char *name); void nvlist_free_string(nvlist_t *nvl, const char *name); void nvlist_free_nvlist(nvlist_t *nvl, const char *name); #ifndef _KERNEL void nvlist_free_descriptor(nvlist_t *nvl, const char *name); #endif void nvlist_free_binary(nvlist_t *nvl, const char *name); __END_DECLS #endif /* !_NV_H_ */ diff --git a/usr.sbin/iovctl/iovctl.c b/usr.sbin/iovctl/iovctl.c index faa9586511a0..dbf29d81c732 100644 --- a/usr.sbin/iovctl/iovctl.c +++ b/usr.sbin/iovctl/iovctl.c @@ -1,403 +1,403 @@ /*- * Copyright (c) 2013-2015 Sandvine Inc. All rights reserved. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include #include #include #include #include #include #include "iovctl.h" static void config_action(const char *filename, int dryrun); static void delete_action(const char *device, int dryrun); static void print_schema(const char *device); /* * Fetch the config schema from the kernel via ioctl. This function has to * call the ioctl twice: the first returns the amount of memory that we need * to allocate for the schema, and the second actually fetches the schema. */ static nvlist_t * get_schema(int fd) { struct pci_iov_schema arg; nvlist_t *schema; int error; /* Do the ioctl() once to fetch the size of the schema. */ arg.schema = NULL; arg.len = 0; arg.error = 0; error = ioctl(fd, IOV_GET_SCHEMA, &arg); if (error != 0) err(1, "Could not fetch size of config schema"); arg.schema = malloc(arg.len); if (arg.schema == NULL) err(1, "Could not allocate %zu bytes for schema", arg.len); /* Now do the ioctl() for real to get the schema. */ error = ioctl(fd, IOV_GET_SCHEMA, &arg); if (error != 0 || arg.error != 0) { if (arg.error != 0) errno = arg.error; err(1, "Could not fetch config schema"); } - schema = nvlist_unpack(arg.schema, arg.len); + schema = nvlist_unpack(arg.schema, arg.len, NV_FLAG_IGNORE_CASE); if (schema == NULL) err(1, "Could not unpack schema"); free(arg.schema); return (schema); } /* * Call the ioctl that activates SR-IOV and creates the VFs. */ static void config_iov(int fd, const char *dev_name, const nvlist_t *config, int dryrun) { struct pci_iov_arg arg; int error; arg.config = nvlist_pack(config, &arg.len); if (arg.config == NULL) err(1, "Could not pack configuration"); if (dryrun) { printf("Would enable SR-IOV on device '%s'.\n", dev_name); printf( "The following configuration parameters would be used:\n"); nvlist_fdump(config, stdout); printf( "The configuration parameters consume %zu bytes when packed.\n", arg.len); } else { error = ioctl(fd, IOV_CONFIG, &arg); if (error != 0) err(1, "Failed to configure SR-IOV"); } free(arg.config); } static int open_device(const char *dev_name) { char *dev; int fd; size_t copied, size; long path_max; path_max = pathconf("/dev", _PC_PATH_MAX); if (path_max < 0) err(1, "Could not get maximum path length"); size = path_max; dev = malloc(size); if (dev == NULL) err(1, "Could not allocate memory for device path"); if (dev_name[0] == '/') copied = strlcpy(dev, dev_name, size); else copied = snprintf(dev, size, "/dev/iov/%s", dev_name); /* >= to account for null terminator. */ if (copied >= size) errx(1, "Provided file name too long"); fd = open(dev, O_RDWR); if (fd < 0) err(1, "Could not open device '%s'", dev); free(dev); return (fd); } static void usage(void) { warnx("Usage: iovctl -C -f [-n]"); warnx(" iovctl -D [-d | -f ] [-n]"); warnx(" iovctl -S [-d | -f ]"); exit(1); } enum main_action { NONE, CONFIG, DELETE, PRINT_SCHEMA, }; int main(int argc, char **argv) { char *device; const char *filename; int ch, dryrun; enum main_action action; device = NULL; filename = NULL; dryrun = 0; action = NONE; while ((ch = getopt(argc, argv, "Cd:Df:nS")) != -1) { switch (ch) { case 'C': if (action != NONE) { warnx( "Only one of -C, -D or -S may be specified"); usage(); } action = CONFIG; break; case 'd': device = strdup(optarg); break; case 'D': if (action != NONE) { warnx( "Only one of -C, -D or -S may be specified"); usage(); } action = DELETE; break; case 'f': filename = optarg; break; case 'n': dryrun = 1; break; case 'S': if (action != NONE) { warnx( "Only one of -C, -D or -S may be specified"); usage(); } action = PRINT_SCHEMA; break; case '?': warnx("Unrecognized argument '-%c'\n", optopt); usage(); break; } } if (device != NULL && filename != NULL) { warnx("Only one of the -d and -f flags may be specified"); usage(); } if (device == NULL && filename == NULL) { warnx("Either the -d or -f flag must be specified"); usage(); } switch (action) { case CONFIG: if (filename == NULL) { warnx("-d flag cannot be used with the -C flag"); usage(); } config_action(filename, dryrun); break; case DELETE: if (device == NULL) device = find_device(filename); delete_action(device, dryrun); free(device); break; case PRINT_SCHEMA: if (dryrun) { warnx("-n flag cannot be used with the -S flag"); usage(); } if (device == NULL) device = find_device(filename); print_schema(device); free(device); break; default: usage(); break; } exit(0); } static void config_action(const char *filename, int dryrun) { char *dev; nvlist_t *schema, *config; int fd; dev = find_device(filename); fd = open(dev, O_RDWR); if (fd < 0) err(1, "Could not open device '%s'", dev); schema = get_schema(fd); config = parse_config_file(filename, schema); if (config == NULL) errx(1, "Could not parse config"); config_iov(fd, dev, config, dryrun); nvlist_destroy(config); nvlist_destroy(schema); free(dev); close(fd); } static void delete_action(const char *dev_name, int dryrun) { int fd, error; fd = open_device(dev_name); if (dryrun) printf("Would attempt to delete all VF children of '%s'\n", dev_name); else { error = ioctl(fd, IOV_DELETE); if (error != 0) err(1, "Failed to delete VFs"); } close(fd); } static void print_default_value(const nvlist_t *parameter, const char *type) { const uint8_t *mac; size_t size; if (strcasecmp(type, "bool") == 0) printf(" (default = %s)", nvlist_get_bool(parameter, DEFAULT_SCHEMA_NAME) ? "true" : "false"); else if (strcasecmp(type, "string") == 0) printf(" (default = %s)", nvlist_get_string(parameter, DEFAULT_SCHEMA_NAME)); else if (strcasecmp(type, "uint8_t") == 0) printf(" (default = %ju)", (uintmax_t)nvlist_get_number(parameter, DEFAULT_SCHEMA_NAME)); else if (strcasecmp(type, "uint16_t") == 0) printf(" (default = %ju)", (uintmax_t)nvlist_get_number(parameter, DEFAULT_SCHEMA_NAME)); else if (strcasecmp(type, "uint32_t") == 0) printf(" (default = %ju)", (uintmax_t)nvlist_get_number(parameter, DEFAULT_SCHEMA_NAME)); else if (strcasecmp(type, "uint64_t") == 0) printf(" (default = %ju)", (uintmax_t)nvlist_get_number(parameter, DEFAULT_SCHEMA_NAME)); else if (strcasecmp(type, "unicast-mac") == 0) { mac = nvlist_get_binary(parameter, DEFAULT_SCHEMA_NAME, &size); printf(" (default = %02x:%02x:%02x:%02x:%02x:%02x)", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]); } else errx(1, "Unexpected type in schema: '%s'", type); } static void print_subsystem_schema(const nvlist_t * subsystem_schema) { const char *name, *type; const nvlist_t *parameter; void *it; int nvtype; it = NULL; while ((name = nvlist_next(subsystem_schema, &nvtype, &it)) != NULL) { parameter = nvlist_get_nvlist(subsystem_schema, name); type = nvlist_get_string(parameter, TYPE_SCHEMA_NAME); printf("\t%s : %s", name, type); if (dnvlist_get_bool(parameter, REQUIRED_SCHEMA_NAME, false)) printf(" (required)"); else if (nvlist_exists(parameter, DEFAULT_SCHEMA_NAME)) print_default_value(parameter, type); else printf(" (optional)"); printf("\n"); } } static void print_schema(const char *dev_name) { nvlist_t *schema; const nvlist_t *iov_schema, *driver_schema, *pf_schema, *vf_schema; int fd; fd = open_device(dev_name); schema = get_schema(fd); pf_schema = nvlist_get_nvlist(schema, PF_CONFIG_NAME); iov_schema = nvlist_get_nvlist(pf_schema, IOV_CONFIG_NAME); driver_schema = nvlist_get_nvlist(pf_schema, DRIVER_CONFIG_NAME); printf( "The following configuration parameters may be configured on the PF:\n"); print_subsystem_schema(iov_schema); print_subsystem_schema(driver_schema); vf_schema = nvlist_get_nvlist(schema, VF_SCHEMA_NAME); iov_schema = nvlist_get_nvlist(vf_schema, IOV_CONFIG_NAME); driver_schema = nvlist_get_nvlist(vf_schema, DRIVER_CONFIG_NAME); printf( "\nThe following configuration parameters may be configured on a VF:\n"); print_subsystem_schema(iov_schema); print_subsystem_schema(driver_schema); nvlist_destroy(schema); close(fd); }