Chromium Code Reviews Chromium Code Reviews
Issue 546883003:
MinSFI: Passing arguments to the entry function (Closed)
Base URL: https://chromium.googlesource.com/native_client/src/native_client.git@master| Index: src/minsfi/trusted/entry.c |
| diff --git a/src/minsfi/trusted/entry.c b/src/minsfi/trusted/entry.c |
| index 9a71d9ebc0c01b75db83ac759904c0fb45162fc8..fd8527b26cea379742084990cd7399f81f8ceaf3 100644 |
| --- a/src/minsfi/trusted/entry.c |
| +++ b/src/minsfi/trusted/entry.c |
| @@ -4,8 +4,11 @@ |
| * found in the LICENSE file. |
| */ |
| +#include <string.h> |
| + |
| #include "native_client/src/include/minsfi.h" |
| #include "native_client/src/include/minsfi_priv.h" |
| +#include "native_client/src/include/minsfi_ptr.h" |
| /* |
| * Fixed offset of the data segment. This must be kept in sync with the |
| @@ -19,7 +22,7 @@ extern const char __sfi_data_segment[]; |
| extern uint32_t __sfi_data_segment_size; |
| /* Entry point of the sandbox */ |
| -extern uint32_t _start_minsfi(uint32_t info); |
| +extern uint32_t _start_minsfi(sfiptr_t info); |
| static inline void GetManifest(MinsfiManifest *sb) { |
| sb->ptr_size = __sfi_pointer_size; |
| @@ -43,11 +46,73 @@ bool MinsfiInitializeSandbox(void) { |
| return true; |
| } |
| -int MinsfiInvokeSandbox(void) { |
| - if (MinsfiGetActiveSandbox() == NULL) |
| +/* |
| + * Arguments are passed to the sandbox with a single pointer to an array of |
| + * integers called 'info' where: |
| + * info[0] = argc |
| + * info[j+1] = untrusted pointer to argv[j] (for 0 <= j < argc) |
| + * The sandbox will expect this array to be stored at the bottom of the |
| + * untrusted stack and will start growing the stack backwards from the given |
| + * address. |
| + * |
| + * This function will iterate over the arguments, store the argv[*] strings |
| + * at the bottom of the untrusted stack and prepend it with the 'info' data |
| + * structure as described above. |
| + */ |
| +static sfiptr_t CopyArguments(int argc, char *argv[], const MinsfiSandbox *sb) { |
| + int arg_index; |
| + size_t arg_length, info_length; |
| + sfiptr_t *info; |
| + char *stack_base, *stack_ptr; |
| + |
| + if (argc < 0) |
| + return 0; |
| + |
| + /* Allocate memory for the info data structure. */ |
| + info_length = (argc + 1) * sizeof(sfiptr_t); |
| + info = (sfiptr_t*) malloc(info_length); |
| + info[0] = argc; |
| + |
| + /* Compute the bounds of the stack. */ |
| + stack_base = sb->mem_base + sb->mem_layout.stack.offset; |
| + stack_ptr = stack_base + sb->mem_layout.stack.length; |
| + |
| + /* Copy the argv[*] strings onto the stack. Return NULL if the stack is not |
| + * large enough. */ |
| + for (arg_index = 0; arg_index < argc; ++arg_index) { |
| + arg_length = strlen(argv[arg_index]) + 1; |
| + stack_ptr -= arg_length; |
| + if (stack_ptr < stack_base) |
| + return 0; |
|
jvoung (off chromium)
2014/09/10 17:04:29
free(info), on early exit?
dbrazdil
2014/09/10 18:49:47
Done. Thanks
|
| + |
| + memcpy(stack_ptr, argv[arg_index], arg_length); |
| + info[arg_index + 1] = ToMinsfiPtr(stack_ptr, sb); |
| + } |
| + |
| + /* Copy the info data structure across. */ |
| + stack_ptr -= info_length; |
| + if (stack_ptr < stack_base) |
| + return 0; |
|
jvoung (off chromium)
2014/09/10 17:04:29
free(info)?
dbrazdil
2014/09/10 18:49:47
Done.
|
| + memcpy(stack_ptr, (char*) info, info_length); |
| + |
| + /* Clean up. */ |
| + free(info); |
| + |
| + /* Return untrusted pointer to the beginning of the data structure. */ |
| + return ToMinsfiPtr(stack_ptr, sb); |
| +} |
| + |
| +int MinsfiInvokeSandbox(int argc, char *argv[]) { |
| + const MinsfiSandbox *sb; |
| + sfiptr_t info; |
| + |
| + if ((sb = MinsfiGetActiveSandbox()) == NULL) |
| + return EXIT_FAILURE; |
| + |
| + if ((info = CopyArguments(argc, argv, sb)) == 0) |
| return EXIT_FAILURE; |
| - return _start_minsfi(0); |
| + return _start_minsfi(info); |
| } |
| bool MinsfiDestroySandbox(void) { |
