[OpenAFS-devel] Nothing but the PAG
Nathan Neulinger
nneul@umr.edu
15 May 2003 19:59:28 -0500
Does that in turn handle keeping the pag the same on subsequent
fork/exec/setsid/etc. cycles until another newpag() is called?
I like this, it also makes it trivial to add a module later on that can
get in there and do a setpag() if that is ever needed without having to
have that be in the patch.
-- Nathan
On Thu, 2003-05-15 at 19:53, Jan Harkes wrote:
> Nothing but the pag, no credentials or anything.
>
> All in all 33 lines of code changes, although more will be needed to add
> the newpag/getpag syscalls for all architectures. After the patch
> follows a simple userspace program that can start a shell in it's own
> pag.
>
> Again, this does not add anything to hold tokens, keys, credentials.
> Associating userids and pags with those is up to some magical and
> debatable 'token store' in the sky.
>
> Jan
>
>
> diff -urN --exclude-from=dontdiff linux-2.5.69/fs/file_table.c linux-2.5.69-pag/fs/file_table.c
> --- linux-2.5.69/fs/file_table.c 2003-04-20 12:37:54.000000000 -0400
> +++ linux-2.5.69-pag/fs/file_table.c 2003-05-15 02:37:57.000000000 -0400
> @@ -80,6 +80,7 @@
> atomic_set(&f->f_count, 1);
> f->f_uid = current->fsuid;
> f->f_gid = current->fsgid;
> + f->f_pag = current->pag;
> f->f_owner.lock = RW_LOCK_UNLOCKED;
> /* f->f_version: 0 */
> INIT_LIST_HEAD(&f->f_list);
> @@ -116,6 +117,7 @@
> filp->f_dentry = dentry;
> filp->f_uid = current->fsuid;
> filp->f_gid = current->fsgid;
> + filp->f_pag = current->pag;
> filp->f_op = dentry->d_inode->i_fop;
> INIT_LIST_HEAD(&filp->f_list);
> error = security_file_alloc(filp);
> diff -urN --exclude-from=dontdiff linux-2.5.69/fs/proc/array.c linux-2.5.69-pag/fs/proc/array.c
> --- linux-2.5.69/fs/proc/array.c 2003-05-05 00:06:12.000000000 -0400
> +++ linux-2.5.69-pag/fs/proc/array.c 2003-05-15 02:07:07.000000000 -0400
> @@ -154,13 +154,14 @@
> read_lock(&tasklist_lock);
> buffer += sprintf(buffer,
> "State:\t%s\n"
> + "Pag:\t%ld\n"
> "Tgid:\t%d\n"
> "Pid:\t%d\n"
> "PPid:\t%d\n"
> "TracerPid:\t%d\n"
> "Uid:\t%d\t%d\t%d\t%d\n"
> "Gid:\t%d\t%d\t%d\t%d\n",
> - get_task_state(p), p->tgid,
> + get_task_state(p), p->pag, p->tgid,
> p->pid, p->pid ? p->real_parent->pid : 0,
> p->pid && p->ptrace ? p->parent->pid : 0,
> p->uid, p->euid, p->suid, p->fsuid,
> diff -urN --exclude-from=dontdiff linux-2.5.69/include/asm-i386/posix_types.h linux-2.5.69-pag/include/asm-i386/posix_types.h
> --- linux-2.5.69/include/asm-i386/posix_types.h 2003-04-20 12:37:58.000000000 -0400
> +++ linux-2.5.69-pag/include/asm-i386/posix_types.h 2003-05-15 02:07:34.000000000 -0400
> @@ -13,6 +13,7 @@
> typedef unsigned short __kernel_nlink_t;
> typedef long __kernel_off_t;
> typedef int __kernel_pid_t;
> +typedef unsigned long long __kernel_pag_t;
> typedef unsigned short __kernel_ipc_pid_t;
> typedef unsigned short __kernel_uid_t;
> typedef unsigned short __kernel_gid_t;
> diff -urN --exclude-from=dontdiff linux-2.5.69/include/asm-i386/unistd.h linux-2.5.69-pag/include/asm-i386/unistd.h
> --- linux-2.5.69/include/asm-i386/unistd.h 2003-02-25 23:27:21.000000000 -0500
> +++ linux-2.5.69-pag/include/asm-i386/unistd.h 2003-05-15 02:08:31.000000000 -0400
> @@ -273,8 +273,10 @@
> #define __NR_clock_gettime (__NR_timer_create+6)
> #define __NR_clock_getres (__NR_timer_create+7)
> #define __NR_clock_nanosleep (__NR_timer_create+8)
> +#define __NR_newpag 268
> +#define __NR_getpag 269
>
> -#define NR_syscalls 268
> +#define NR_syscalls 270
>
> /* user-visible error numbers are in the range -1 - -124: see <asm-i386/errno.h> */
>
> diff -urN --exclude-from=dontdiff linux-2.5.69/include/linux/fs.h linux-2.5.69-pag/include/linux/fs.h
> --- linux-2.5.69/include/linux/fs.h 2003-05-05 00:06:21.000000000 -0400
> +++ linux-2.5.69-pag/include/linux/fs.h 2003-05-15 02:10:49.000000000 -0400
> @@ -431,6 +431,7 @@
> loff_t f_pos;
> struct fown_struct f_owner;
> unsigned int f_uid, f_gid;
> + pag_t f_pag;
> int f_error;
> struct file_ra_state f_ra;
>
> diff -urN --exclude-from=dontdiff linux-2.5.69/include/linux/sched.h linux-2.5.69-pag/include/linux/sched.h
> --- linux-2.5.69/include/linux/sched.h 2003-05-05 00:06:22.000000000 -0400
> +++ linux-2.5.69-pag/include/linux/sched.h 2003-05-15 02:16:09.000000000 -0400
> @@ -387,6 +387,7 @@
> gid_t gid,egid,sgid,fsgid;
> int ngroups;
> gid_t groups[NGROUPS];
> + pag_t pag;
> kernel_cap_t cap_effective, cap_inheritable, cap_permitted;
> int keep_capabilities:1;
> struct user_struct *user;
> diff -urN --exclude-from=dontdiff linux-2.5.69/include/linux/types.h linux-2.5.69-pag/include/linux/types.h
> --- linux-2.5.69/include/linux/types.h 2003-02-25 23:27:25.000000000 -0500
> +++ linux-2.5.69-pag/include/linux/types.h 2003-05-15 02:11:30.000000000 -0400
> @@ -24,6 +24,7 @@
> typedef __kernel_nlink_t nlink_t;
> typedef __kernel_off_t off_t;
> typedef __kernel_pid_t pid_t;
> +typedef __kernel_pag_t pag_t;
> typedef __kernel_daddr_t daddr_t;
> typedef __kernel_key_t key_t;
> typedef __kernel_suseconds_t suseconds_t;
> diff -urN --exclude-from=dontdiff linux-2.5.69/kernel/sys.c linux-2.5.69-pag/kernel/sys.c
> --- linux-2.5.69/kernel/sys.c 2003-04-20 12:38:10.000000000 -0400
> +++ linux-2.5.69-pag/kernel/sys.c 2003-05-15 03:02:31.000000000 -0400
> @@ -1402,6 +1402,28 @@
> return error;
> }
>
> +asmlinkage long sys_newpag(void)
> +{
> + static pag_t pag_next = 1;
> +
> + lock_kernel();
> +
> + current->pag = pag_next;
> +
> + do {
> + pag_next++;
> + } while(!pag_next);
> +
> + unlock_kernel();
> +
> + return 0;
> +}
> +
> +asmlinkage long sys_getpag(pag_t *pag)
> +{
> + return put_user(current->pag, pag);
> +}
> +
> EXPORT_SYMBOL(notifier_chain_register);
> EXPORT_SYMBOL(notifier_chain_unregister);
> EXPORT_SYMBOL(notifier_call_chain);
>
>
> ======================================================================
> /* pagsh.c - start a shell or process in an isolated security context */
>
> #include <sys/syscall.h>
> #include <errno.h>
> #include <stdio.h>
> #include <unistd.h>
>
> #define __NR_newpag 268
> #define __NR_getpag 269
>
> typedef unsigned long long pag_t;
>
> _syscall0(long, newpag);
> _syscall1(long, getpag, pag_t *, pag);
>
> int main(int argc, char **argv)
> {
> char *def[] = { "/bin/sh", NULL };
> char **args = def;
> long err = 0;
> pag_t pag;
>
> if (argc > 1)
> args = &argv[1];
>
> err = newpag();
> if (err) {
> perror("newpag");
> exit(-1);
> }
>
> err = getpag(&pag);
> if (err) {
> perror("getpag");
> exit(-1);
> }
> printf("Running new shell in pag: %lu\n", pag);
>
> execvp(args[0], args);
> }
>
> _______________________________________________
> OpenAFS-devel mailing list
> OpenAFS-devel@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-devel
--
------------------------------------------------------------
Nathan Neulinger EMail: nneul@umr.edu
University of Missouri - Rolla Phone: (573) 341-4841
Computing Services Fax: (573) 341-4216