Menu
▾
▴
[Cerb-commits] cerb-ng/kcerb cerb_action.c,1.98,1.99 cerb_globals.h,1.42,1.43 cerb_macros.h,1.30,1.31 cerb_operations.master,1.29,1.30
|
From: <da...@us...> - 2003-03-26 20:16:50
|
Update of /cvsroot/cerber/cerb-ng/kcerb
In directory sc8-pr-cvs1:/tmp/cvs-serv28172/kcerb
Modified Files:
cerb_action.c cerb_globals.h cerb_macros.h
cerb_operations.master
Log Message:
- Added operations:
+ null()
+ setprison()
+ getprison()
- Added policy: jailed-icmp.
Requested by: Pawel Malachowski <pa...@zi...>
- Documented isnull() operation.
Index: cerb_action.c
===================================================================
RCS file: /cvsroot/cerber/cerb-ng/kcerb/cerb_action.c,v
retrieving revision 1.98
retrieving revision 1.99
diff -C2 -d -r1.98 -r1.99
*** cerb_action.c 25 Mar 2003 12:58:56 -0000 1.98
--- cerb_action.c 26 Mar 2003 20:16:37 -0000 1.99
***************
*** 428,432 ****
#endif
! if (nargs > 0) {
args = fcb_malloc("syscall arguments",
sizeof(register_t) * nargs);
--- 428,434 ----
#endif
! if (nargs <= 0)
! args = NULL;
! else {
args = fcb_malloc("syscall arguments",
sizeof(register_t) * nargs);
***************
*** 434,444 ****
fcb_argreg_set(th, &tmpv, v[i + 1], CB_USR_ZONE);
args[i] = tmpv.v_val;
}
- printf("validaddr: %u.\n", MCB_VALIDADDR((void *)args[0]));
- } else {
- args = NULL;
}
printf("Calling syscall %s\n", syscallnames[scallno]);
retv->v_ret = tcb_oldscall[scallno](th->thd_proc, args);
}
--- 436,446 ----
fcb_argreg_set(th, &tmpv, v[i + 1], CB_USR_ZONE);
args[i] = tmpv.v_val;
+ printf("validaddr: %p %u.\n", tmpv.v_ptr, MCB_VALIDADDR(tmpv.v_ptr));
}
}
printf("Calling syscall %s\n", syscallnames[scallno]);
+ printf("validuap: %p %u.\n", (void *)th->thd_uap[0], MCB_VALIDADDR((void *)th->thd_uap[0]));
retv->v_ret = tcb_oldscall[scallno](th->thd_proc, args);
+ printf("validuap: %p %u.\n", (void *)th->thd_uap[0], MCB_VALIDADDR((void *)th->thd_uap[0]));
}
***************
*** 735,738 ****
--- 737,749 ----
retv->v_type = CB_UDEFPTR_T;
break;
+ case CB_SETPRISON_O:
+ if (val->v_type != CB_ST_PRISON_T) {
+ MCB_XCONFERR(th, EINVAL, "Invalid type of argument %u: "
+ "%s (should be %s).", nvals - 1,
+ tcb_typename[val->v_type],
+ tcb_typename[CB_ST_PRISON_T]);
+ }
+ retv->v_type = CB_ST_PRISON_T;
+ break;
default:
if (!MCB_ISVAL(val->v_type)) {
***************
*** 929,932 ****
--- 940,960 ----
proc->p_retval[1] = val->v_uval;
return;
+ case CB_SETPRISON_O:
+ retv->v_type = CB_ST_PRISON_T;
+ retv->v_prison = proc->p_prison;
+ if (val->v_prison == NULL)
+ proc->p_flag &= ~P_JAILED;
+ else {
+ val->v_prison->pr_ref++;
+ proc->p_flag |= P_JAILED;
+ }
+ proc->p_prison = val->v_prison;
+ if (retv->v_prison == NULL)
+ retv->v_size = 0;
+ else {
+ retv->v_prison->pr_ref--;
+ retv->v_size = sizeof(struct prison);
+ }
+ return;
}
MCB_ASSERT(0, "Invalid operation here: %s.", tcb_opname[fun]);
***************
*** 945,948 ****
--- 973,980 ----
retv->v_uvalp = NULL;
return;
+ case CB_SETPRISON_O:
+ retv->v_type = CB_ST_PRISON_T;
+ retv->v_prison = NULL;
+ return;
}
retv->v_type = CB_DEF_T;
***************
*** 1044,1047 ****
--- 1076,1087 ----
retv->v_ret = proc->p_retval[1];
return;
+ case CB_GETPRISON_O:
+ retv->v_type = CB_ST_PRISON_T;
+ retv->v_prison = proc->p_prison;
+ if (proc->p_prison == NULL)
+ retv->v_size = 0;
+ else
+ retv->v_size = sizeof(struct prison);
+ return;
}
MCB_ASSERT(0, "Invalid operation here: %s.", tcb_opname[fun]);
***************
*** 1552,1555 ****
--- 1592,1621 ----
retv->v_type = CB_UDEF_T;
retv->v_uval = (v[0]->v_ptr == NULL ? 1 : 0);
+ retv->v_size = 0;
+ }
+
+ /*
+ * This function returns NULL of specified type.
+ */
+ void
+ fcb_op_null(CB_OPARGS)
+ {
+
+ if (nvals != 1) {
+ MCB_XCONFERR(th, EINVAL, "Invalid number of arguments: %u "
+ "(should be %u).", nvals, 1);
+ }
+ if (!MCB_ISVAL(v[0]->v_type)) {
+ MCB_XCONFERR(th, EINVAL, "Invalid type of argument %u: %s "
+ "(should be pointer).", 0, tcb_typename[v[0]->v_type]);
+ }
+ if (!MCB_ISPTR(v[0]->v_uval)) {
+ MCB_XCONFERR(th, EINVAL, "Invalid value, pointer type "
+ "expected.");
+ }
+
+ retv->v_id = ECB_CONST_I;
+ retv->v_type = v[0]->v_uval;
+ retv->v_ptr = NULL;
retv->v_size = 0;
}
Index: cerb_globals.h
===================================================================
RCS file: /cvsroot/cerber/cerb-ng/kcerb/cerb_globals.h,v
retrieving revision 1.42
retrieving revision 1.43
diff -C2 -d -r1.42 -r1.43
*** cerb_globals.h 25 Mar 2003 12:58:57 -0000 1.42
--- cerb_globals.h 26 Mar 2003 20:16:39 -0000 1.43
***************
*** 92,95 ****
--- 92,98 ----
#undef CB_DEBUG_GETVAL /* debug for fcb_getval() function */
#undef CB_DEBUG_OPERR /* debug for operations errors */
+
+ /* Invariants. */
+ #define CB_INVARIANTS
#endif /* _CERB_GLOBALS_H_ */
Index: cerb_macros.h
===================================================================
RCS file: /cvsroot/cerber/cerb-ng/kcerb/cerb_macros.h,v
retrieving revision 1.30
retrieving revision 1.31
diff -C2 -d -r1.30 -r1.31
*** cerb_macros.h 16 Mar 2003 15:52:21 -0000 1.30
--- cerb_macros.h 26 Mar 2003 20:16:39 -0000 1.31
***************
*** 11,14 ****
--- 11,15 ----
#define _CERB_MACROS_H_
+ #include "cerb_globals.h"
#include "cerb_sysctl.h"
***************
*** 141,144 ****
--- 142,146 ----
* Macro for assertions.
*/
+ #ifdef CB_INVARIANTS
#define MCB_ASSERT(expr, fmt, args...) do { \
if (!(expr)) { \
***************
*** 147,150 ****
--- 149,155 ----
} \
} while(0)
+ #else
+ #define MCB_ASSERT()
+ #endif
/*
Index: cerb_operations.master
===================================================================
RCS file: /cvsroot/cerber/cerb-ng/kcerb/cerb_operations.master,v
retrieving revision 1.29
retrieving revision 1.30
diff -C2 -d -r1.29 -r1.30
*** cerb_operations.master 25 Mar 2003 12:58:57 -0000 1.29
--- cerb_operations.master 26 Mar 2003 20:16:39 -0000 1.30
***************
*** 90,93 ****
--- 90,95 ----
"getpretval1" getpinfo GETPRETVAL1
"setpretval1" setpinfo SETPRETVAL1
+ "getprison" getpinfo GETPRISON
+ "setprison" setpinfo SETPRISON
"isjailed" jailinfo ISJAILED
"getjailhost" jailinfo GETJAILHOST
***************
*** 117,120 ****
--- 119,123 ----
"sysctl" sysctl SYSCTL
"sysctlname" sysctlname SYSCTLNAME
+ "null" null NULL
"isnull" isnull ISNULL
"rmenv" rmenv RMENV
|