commit 90524de0b268a76665fbe9ddce4878b10c9389c4 Author: Nick Mathewson <nickm@torproject.org> Date: Thu Feb 13 13:14:54 2020 -0500 Move winprocess_sys into a new low-level hardening module This code was in our process module, but it doesn't belong there: process is for launching and monitoring subprocesses, not for hardening the current process. This change lets us have our subsystem init order more closely match our dependency order. --- .gitignore | 2 ++ Makefile.am | 2 ++ src/app/main/subsystem_list.c | 2 +- src/include.am | 1 + src/lib/llharden/.may_include | 3 +++ src/lib/llharden/include.am | 19 +++++++++++++++++++ src/lib/llharden/lib_llharden.md | 6 ++++++ src/lib/{process => llharden}/winprocess_sys.c | 2 +- src/lib/{process => llharden}/winprocess_sys.h | 0 src/lib/process/include.am | 6 ++---- 10 files changed, 37 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index 77610b319..469bbd39a 100644 --- a/.gitignore +++ b/.gitignore @@ -186,6 +186,8 @@ uptime-*.json /src/lib/libtor-geoip-testing.a /src/lib/libtor-intmath.a /src/lib/libtor-intmath-testing.a +/src/lib/libtor-llharden.a +/src/lib/libtor-llharden-testing.a /src/lib/libtor-lock.a /src/lib/libtor-lock-testing.a /src/lib/libtor-log.a diff --git a/Makefile.am b/Makefile.am index ac61a990f..7774995ae 100644 --- a/Makefile.am +++ b/Makefile.am @@ -70,6 +70,7 @@ TOR_UTIL_LIBS = \ src/lib/libtor-wallclock.a \ src/lib/libtor-err.a \ src/lib/libtor-version.a \ + src/lib/libtor-llharden.a \ src/lib/libtor-intmath.a \ src/lib/libtor-ctime.a @@ -104,6 +105,7 @@ TOR_UTIL_TESTING_LIBS = \ src/lib/libtor-wallclock-testing.a \ src/lib/libtor-err-testing.a \ src/lib/libtor-version-testing.a \ + src/lib/libtor-llharden-testing.a \ src/lib/libtor-intmath.a \ src/lib/libtor-ctime-testing.a endif diff --git a/src/app/main/subsystem_list.c b/src/app/main/subsystem_list.c index bb15b1736..84c6e6ec0 100644 --- a/src/app/main/subsystem_list.c +++ b/src/app/main/subsystem_list.c @@ -24,7 +24,7 @@ #include "lib/log/log_sys.h" #include "lib/net/network_sys.h" #include "lib/process/process_sys.h" -#include "lib/process/winprocess_sys.h" +#include "lib/llharden/winprocess_sys.h" #include "lib/thread/thread_sys.h" #include "lib/time/time_sys.h" #include "lib/tls/tortls_sys.h" diff --git a/src/include.am b/src/include.am index f5f868d23..657f6e823 100644 --- a/src/include.am +++ b/src/include.am @@ -19,6 +19,7 @@ include src/lib/fs/include.am include src/lib/geoip/include.am include src/lib/include.libdonna.am include src/lib/intmath/include.am +include src/lib/llharden/include.am include src/lib/lock/include.am include src/lib/log/include.am include src/lib/math/include.am diff --git a/src/lib/llharden/.may_include b/src/lib/llharden/.may_include new file mode 100644 index 000000000..038237dad --- /dev/null +++ b/src/lib/llharden/.may_include @@ -0,0 +1,3 @@ +lib/llharden/*.h +lib/subsys/*.h +orconfig.h diff --git a/src/lib/llharden/include.am b/src/lib/llharden/include.am new file mode 100644 index 000000000..0a4788c7d --- /dev/null +++ b/src/lib/llharden/include.am @@ -0,0 +1,19 @@ + +noinst_LIBRARIES += src/lib/libtor-llharden.a + +if UNITTESTS_ENABLED +noinst_LIBRARIES += src/lib/libtor-llharden-testing.a +endif + +# ADD_C_FILE: INSERT SOURCES HERE. +src_lib_libtor_llharden_a_SOURCES = \ + src/lib/llharden/winprocess_sys.c + +src_lib_libtor_llharden_testing_a_SOURCES = \ + $(src_lib_libtor_llharden_a_SOURCES) +src_lib_libtor_llharden_testing_a_CPPFLAGS = $(AM_CPPFLAGS) $(TEST_CPPFLAGS) +src_lib_libtor_llharden_testing_a_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS) + +# ADD_C_FILE: INSERT HEADERS HERE. +noinst_HEADERS += \ + src/lib/llharden/winprocess_sys.h diff --git a/src/lib/llharden/lib_llharden.md b/src/lib/llharden/lib_llharden.md new file mode 100644 index 000000000..69e9af532 --- /dev/null +++ b/src/lib/llharden/lib_llharden.md @@ -0,0 +1,6 @@ +@dir /lib/llharden +@brief lib/llharden: low-level unconditional process hardening + +This module contains process hardening code that we want to run before any +other code, including configuration. It needs to be self-contained, since +nothing else will be initialized at this point. diff --git a/src/lib/process/winprocess_sys.c b/src/lib/llharden/winprocess_sys.c similarity index 97% rename from src/lib/process/winprocess_sys.c rename to src/lib/llharden/winprocess_sys.c index e43a77e46..a5f22c182 100644 --- a/src/lib/process/winprocess_sys.c +++ b/src/lib/llharden/winprocess_sys.c @@ -8,7 +8,7 @@ #include "orconfig.h" #include "lib/subsys/subsys.h" -#include "lib/process/winprocess_sys.h" +#include "lib/llharden/winprocess_sys.h" #include <stdbool.h> #include <stddef.h> diff --git a/src/lib/process/winprocess_sys.h b/src/lib/llharden/winprocess_sys.h similarity index 100% rename from src/lib/process/winprocess_sys.h rename to src/lib/llharden/winprocess_sys.h diff --git a/src/lib/process/include.am b/src/lib/process/include.am index af5f99617..18876b3f5 100644 --- a/src/lib/process/include.am +++ b/src/lib/process/include.am @@ -16,8 +16,7 @@ src_lib_libtor_process_a_SOURCES = \ src/lib/process/process_win32.c \ src/lib/process/restrict.c \ src/lib/process/setuid.c \ - src/lib/process/waitpid.c \ - src/lib/process/winprocess_sys.c + src/lib/process/waitpid.c src_lib_libtor_process_testing_a_SOURCES = \ $(src_lib_libtor_process_a_SOURCES) @@ -35,5 +34,4 @@ noinst_HEADERS += \ src/lib/process/process_win32.h \ src/lib/process/restrict.h \ src/lib/process/setuid.h \ - src/lib/process/waitpid.h \ - src/lib/process/winprocess_sys.h + src/lib/process/waitpid.h