[tor-commits] [tor/master] switched from multiple mmap to one

nickm at torproject.org nickm at torproject.org
Fri Sep 13 16:31:56 UTC 2013


commit 1118bd99108d3ab3404fadfa7eb8e01616836d71
Author: Cristian Toader <cristian.matei.toader at gmail.com>
Date:   Thu Aug 29 16:51:05 2013 +0300

    switched from multiple mmap to one
---
 src/common/sandbox.c |   89 +++++++++++++++++++++++++++++++++-----------------
 1 file changed, 59 insertions(+), 30 deletions(-)

diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 49c057c..4fd95f0 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -678,36 +678,65 @@ sandbox_intern_string(const char *param)
   return param;
 }
 
-static char*
-prot_strdup(char* str)
-{
-  int param_size = 0;
-  char *res = NULL;
+static int
+prot_strings(sandbox_cfg_t* cfg) {
+  int ret = 0;
+  int pr_mem_size = 0, pr_mem_left = 0;
+  char *pr_mem_next = NULL, *pr_mem_base;
+  sandbox_cfg_t *el = NULL;
+
+  // get total number of bytes required to mmap
+  for(el = cfg; el != NULL; el = el->next) {
+    pr_mem_size += strlen((char*) el->param) + 1;
+  }
 
-  if (str == NULL)
-    goto out;
-
-  // allocating protected memory region for parameter
-  param_size = 1 + strlen(str);
-
-  res = (char*) mmap(NULL, param_size, PROT_READ | PROT_WRITE, MAP_PRIVATE |
-      MAP_ANON, -1, 0);
-  if (!res) {
-    log_err(LD_BUG,"(Sandbox) failed allocate protected memory!");
+  // allocate protected memory
+  pr_mem_base = (char*) mmap(NULL, pr_mem_size, PROT_READ | PROT_WRITE,
+      MAP_PRIVATE | MAP_ANON, -1, 0);
+  if (pr_mem_base == MAP_FAILED) {
+    log_err(LD_BUG,"(Sandbox) failed allocate protected memory! mmap: %s",
+        strerror(errno));
+    ret = -1;
     goto out;
   }
 
-  // copying from non protected to protected + pointer reassign
-  memcpy(res, str, param_size);
+  pr_mem_next = pr_mem_base;
+  pr_mem_left = pr_mem_size;
+
+  // change el value pointer to protected
+  for (el = cfg; el != NULL; el = el->next) {
+    char *param_val = (char*) el->param;
+    int param_size = strlen(param_val) + 1;
+
+    if (pr_mem_left - param_size >= 0) {
+      // copy to protected
+      memcpy(pr_mem_next, param_val, param_size);
+
+      // re-point el parameter to protected
+      free((char*) el->param);
+      el->param = (intptr_t) pr_mem_next;
+      el->prot = 1;
+
+      // move next available protected memory
+      pr_mem_next += param_size;
+      pr_mem_left -= param_size;
+    } else {
+      log_err(LD_BUG,"(Sandbox) insufficient protected memory!");
+      ret = -2;
+      goto out;
+    }
+  }
 
   // protecting from writes
-  if (mprotect(res, param_size, PROT_READ)) {
-    log_err(LD_BUG,"(Sandbox) failed to protect memory!");
-    return NULL;
+  if (mprotect(pr_mem_base, pr_mem_size, PROT_READ)) {
+    log_err(LD_BUG,"(Sandbox) failed to protect memory! mprotect: %s",
+        strerror(errno));
+    ret = -3;
+    goto out;
   }
 
  out:
-   return res;
+   return ret;
 }
 
 #ifdef __NR_stat64
@@ -719,8 +748,8 @@ sandbox_cfg_allow_stat64_filename(sandbox_cfg_t **cfg, char *file, int fr)
   elem = (sandbox_cfg_t*) malloc(sizeof(sandbox_cfg_t));
   elem->syscall = SCMP_SYS(stat64);
   elem->pindex = 0;
-  elem->param = (intptr_t) prot_strdup((char*) file);
-  elem->prot = 1;
+  elem->param = (intptr_t) strdup(file);
+  elem->prot = 0;
 
   elem->next = *cfg;
   *cfg = elem;
@@ -763,8 +792,8 @@ sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file, int fr)
   elem = (sandbox_cfg_t*) malloc(sizeof(sandbox_cfg_t));
   elem->syscall = SCMP_SYS(open);
   elem->pindex = 0;
-  elem->param = (intptr_t) prot_strdup((char*) file);
-  elem->prot = 1;
+  elem->param = (intptr_t) strdup(file);
+  elem->prot = 0;
 
   elem->next = *cfg;
   *cfg = elem;
@@ -806,8 +835,8 @@ sandbox_cfg_allow_openat_filename(sandbox_cfg_t **cfg, char *file, int fr)
   elem = (sandbox_cfg_t*) malloc(sizeof(sandbox_cfg_t));
   elem->syscall = SCMP_SYS(openat);
   elem->pindex = 1;
-  elem->param = (intptr_t) prot_strdup((char*) file);;
-  elem->prot = 1;
+  elem->param = (intptr_t) strdup(file);
+  elem->prot = 0;
 
   elem->next = *cfg;
   *cfg = elem;
@@ -849,8 +878,8 @@ sandbox_cfg_allow_execve(sandbox_cfg_t **cfg, char *com)
   elem = (sandbox_cfg_t*) malloc(sizeof(sandbox_cfg_t));
   elem->syscall = SCMP_SYS(openat);
   elem->pindex = 1;
-  elem->param = (intptr_t) prot_strdup((char*) com);;
-  elem->prot = 1;
+  elem->param = (intptr_t) strdup(com);
+  elem->prot = 0;
 
   elem->next = *cfg;
   *cfg = elem;
@@ -1121,7 +1150,7 @@ initialise_libseccomp_sandbox(sandbox_cfg_t* cfg)
   if (install_sigsys_debugging())
     return -1;
 
-  if (init_addrinfo()) {
+  if (init_addrinfo() || prot_strings(cfg)) {
     return -4;
   }
 





More information about the tor-commits mailing list