[Sanitizer] capsicum further support of the API

Reviewers: vitalybuka, krytarowski, emaste Reviewed By: emaste Differential Revision: https://reviews.llvm.org/D55622 llvm-svn: 349042
2025-02-11 12:16:07 +00:00 · 2018-12-13 15:05:24 +00:00 · 2018-12-13 15:05:24 +00:00 · a4ee854259
commit a4ee854259
parent f81ecd2ce2
2 changed files with 98 additions and 31 deletions
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
@ -7864,6 +7864,55 @@ INTERCEPTOR(int, cap_rights_get, int fd, __sanitizer_cap_rights_t *rights) {
  return ret;
 }

+INTERCEPTOR(bool, cap_rights_is_valid, const __sanitizer_cap_rights_t *rights) {
+  void *ctx;
+  COMMON_INTERCEPTOR_ENTER(ctx, cap_rights_is_valid, rights);
+  if (rights)
+    COMMON_INTERCEPTOR_READ_RANGE(ctx, rights, sizeof(*rights));
+
+  return REAL(cap_rights_is_valid(rights));
+}
+
+INTERCEPTOR(__sanitizer_cap_rights *, cap_rights_merge,
+  __sanitizer_cap_rights *dst, const __sanitizer_cap_rights *src) {
+  void *ctx;
+  COMMON_INTERCEPTOR_ENTER(ctx, cap_rights_merge, dst, src);
+  if (src)
+    COMMON_INTERCEPTOR_READ_RANGE(ctx, src, sizeof(*src));
+
+  __sanitizer_cap_rights *ret = REAL(cap_rights_merge)(dst, src);
+  if (dst)
+    COMMON_INTERCEPTOR_WRITE_RANGE(ctx, dst, sizeof(*dst));
+
+  return ret;
+}
+
+INTERCEPTOR(__sanitizer_cap_rights *, cap_rights_remove,
+  __sanitizer_cap_rights *dst, const __sanitizer_cap_rights *src) {
+  void *ctx;
+  COMMON_INTERCEPTOR_ENTER(ctx, cap_rights_remove, dst, src);
+  if (src)
+    COMMON_INTERCEPTOR_READ_RANGE(ctx, src, sizeof(*src));
+
+  __sanitizer_cap_rights *ret = REAL(cap_rights_remove)(dst, src);
+  if (dst)
+    COMMON_INTERCEPTOR_WRITE_RANGE(ctx, dst, sizeof(*dst));
+
+  return ret;
+}
+
+INTERCEPTOR(bool, cap_rights_contains, const __sanitizer_cap_rights *big,
+  const __sanitizer_cap_rights *little) {
+  void *ctx;
+  COMMON_INTERCEPTOR_ENTER(ctx, cap_rights_contains, big, little);
+  if (little)
+    COMMON_INTERCEPTOR_READ_RANGE(ctx, little, sizeof(*little));
+  if (big)
+    COMMON_INTERCEPTOR_READ_RANGE(ctx, big, sizeof(*big));
+
+  return REAL(cap_rights_contains)(big, little);
+}
+
 INTERCEPTOR(int, cap_ioctls_limit, int fd, const uptr *cmds, SIZE_T ncmds) {
  void *ctx;
  COMMON_INTERCEPTOR_ENTER(ctx, cap_ioctls_limit, fd, cmds, ncmds);
@ -7885,6 +7934,10 @@ INTERCEPTOR(int, cap_ioctls_get, int fd, uptr *cmds, SIZE_T maxcmds) {
 #define INIT_CAPSICUM                          \
  COMMON_INTERCEPT_FUNCTION(cap_rights_get);   \
  COMMON_INTERCEPT_FUNCTION(cap_rights_limit); \
+  COMMON_INTERCEPT_FUNCTION(cap_rights_contains); \
+  COMMON_INTERCEPT_FUNCTION(cap_rights_remove); \
+  COMMON_INTERCEPT_FUNCTION(cap_rights_merge); \
+  COMMON_INTERCEPT_FUNCTION(cap_rights_is_valid); \
  COMMON_INTERCEPT_FUNCTION(cap_ioctls_get);   \
  COMMON_INTERCEPT_FUNCTION(cap_ioctls_limit)
 #else
--- a/compiler-rt/test/sanitizer_common/TestCases/FreeBSD/capsicum.cc
+++ b/compiler-rt/test/sanitizer_common/TestCases/FreeBSD/capsicum.cc
@ -2,47 +2,61 @@

 #include <sys/capsicum.h>
 #include <sys/ioctl.h>
-#include <stdio.h>
-#include <errno.h>
-#include <unistd.h>
-#include <termios.h>
-#include <string.h>
+
 #include <assert.h>
+#include <errno.h>
+#include <stdio.h>
+#include <string.h>
+#include <termios.h>
+#include <unistd.h>

 void test_cap_ioctls() {
-	cap_rights_t rights;
-	unsigned long ncmds[] = {TIOCGETA, TIOCGWINSZ, FIODTYPE};
-	unsigned long rcmds = 0;
-	cap_rights_t *rptr = cap_rights_init(&rights, CAP_IOCTL, CAP_READ);
-	assert(rptr);
+  cap_rights_t rights;
+  unsigned long ncmds[] = {TIOCGETA, TIOCGWINSZ, FIODTYPE};
+  unsigned long rcmds = 0;
+  cap_rights_t *rptr = cap_rights_init(&rights, CAP_IOCTL, CAP_READ);
+  assert(rptr);

-	int rv = cap_rights_limit(STDIN_FILENO, &rights);
-	assert(rv == 0);
-	rv = cap_ioctls_limit(STDIN_FILENO, ncmds, 3);
-	assert(rv == 0);
-	ssize_t rz = cap_ioctls_get(STDIN_FILENO, &rcmds, 3);
-	assert(rz == 3);
-	printf("ioctls test: %ld commands authorized\n", rz);
+  int rv = cap_rights_limit(STDIN_FILENO, &rights);
+  assert(rv == 0);
+  rv = cap_ioctls_limit(STDIN_FILENO, ncmds, 3);
+  assert(rv == 0);
+  ssize_t rz = cap_ioctls_get(STDIN_FILENO, &rcmds, 3);
+  assert(rz == 3);
+  printf("ioctls test: %ld commands authorized\n", rz);
 }

 void test_cap_rights() {
-	cap_rights_t rights, grights;
-	cap_rights_t *rptr = cap_rights_init(&rights, CAP_IOCTL, CAP_READ);
-	assert(rptr);
+  cap_rights_t rights, little, remove, grights;
+  cap_rights_t *rptr = cap_rights_init(&rights, CAP_IOCTL, CAP_READ);
+  assert(rptr);
+  cap_rights_t *gptr = cap_rights_init(&remove, CAP_IOCTL);
+  assert(gptr);
+  cap_rights_t *sptr = cap_rights_init(&little, CAP_READ);
+  assert(sptr);
+  bool hasit = cap_rights_contains(rptr, sptr);
+  assert(hasit == true);
+  cap_rights_t *pptr = cap_rights_remove(&rights, gptr);
+  hasit = cap_rights_contains(pptr, sptr);
+  assert(hasit == true);
+  cap_rights_t *aptr = cap_rights_merge(&rights, gptr);
+  assert(aptr);
+  bool correct = cap_rights_is_valid(&rights);
+  assert(correct == true);

-	int rv = cap_rights_limit(STDIN_FILENO, &rights);
-	assert(rv == 0);
-	rv = cap_rights_get(STDIN_FILENO, &grights);
-	assert(rv == 0);
-	assert(memcmp(&grights, &rights, sizeof(grights)) == 0);
-	printf("rights test: %d\n", rv);
+  int rv = cap_rights_limit(STDIN_FILENO, &rights);
+  assert(rv == 0);
+  rv = cap_rights_get(STDIN_FILENO, &grights);
+  assert(rv == 0);
+  assert(memcmp(&grights, &rights, sizeof(grights)) == 0);
+  printf("rights test: %d\n", rv);
 }

 int main(void) {
-	test_cap_ioctls();
-	
-	test_cap_rights();
+  test_cap_ioctls();

-	// CHECK: ioctls test: {{.*}} commands authorized
-	// CHECK: rights test: {{.*}}
+  test_cap_rights();
+
+  // CHECK: ioctls test: {{.*}} commands authorized
+  // CHECK: rights test: {{.*}}
 }