Index: src/minsfi/trusted/entry.c |
diff --git a/src/minsfi/trusted/entry.c b/src/minsfi/trusted/entry.c |
index 9a71d9ebc0c01b75db83ac759904c0fb45162fc8..fd8527b26cea379742084990cd7399f81f8ceaf3 100644 |
--- a/src/minsfi/trusted/entry.c |
+++ b/src/minsfi/trusted/entry.c |
@@ -4,8 +4,11 @@ |
* found in the LICENSE file. |
*/ |
+#include <string.h> |
+ |
#include "native_client/src/include/minsfi.h" |
#include "native_client/src/include/minsfi_priv.h" |
+#include "native_client/src/include/minsfi_ptr.h" |
/* |
* Fixed offset of the data segment. This must be kept in sync with the |
@@ -19,7 +22,7 @@ extern const char __sfi_data_segment[]; |
extern uint32_t __sfi_data_segment_size; |
/* Entry point of the sandbox */ |
-extern uint32_t _start_minsfi(uint32_t info); |
+extern uint32_t _start_minsfi(sfiptr_t info); |
static inline void GetManifest(MinsfiManifest *sb) { |
sb->ptr_size = __sfi_pointer_size; |
@@ -43,11 +46,73 @@ bool MinsfiInitializeSandbox(void) { |
return true; |
} |
-int MinsfiInvokeSandbox(void) { |
- if (MinsfiGetActiveSandbox() == NULL) |
+/* |
+ * Arguments are passed to the sandbox with a single pointer to an array of |
+ * integers called 'info' where: |
+ * info[0] = argc |
+ * info[j+1] = untrusted pointer to argv[j] (for 0 <= j < argc) |
+ * The sandbox will expect this array to be stored at the bottom of the |
+ * untrusted stack and will start growing the stack backwards from the given |
+ * address. |
+ * |
+ * This function will iterate over the arguments, store the argv[*] strings |
+ * at the bottom of the untrusted stack and prepend it with the 'info' data |
+ * structure as described above. |
+ */ |
+static sfiptr_t CopyArguments(int argc, char *argv[], const MinsfiSandbox *sb) { |
+ int arg_index; |
+ size_t arg_length, info_length; |
+ sfiptr_t *info; |
+ char *stack_base, *stack_ptr; |
+ |
+ if (argc < 0) |
+ return 0; |
+ |
+ /* Allocate memory for the info data structure. */ |
+ info_length = (argc + 1) * sizeof(sfiptr_t); |
+ info = (sfiptr_t*) malloc(info_length); |
+ info[0] = argc; |
+ |
+ /* Compute the bounds of the stack. */ |
+ stack_base = sb->mem_base + sb->mem_layout.stack.offset; |
+ stack_ptr = stack_base + sb->mem_layout.stack.length; |
+ |
+ /* Copy the argv[*] strings onto the stack. Return NULL if the stack is not |
+ * large enough. */ |
+ for (arg_index = 0; arg_index < argc; ++arg_index) { |
+ arg_length = strlen(argv[arg_index]) + 1; |
+ stack_ptr -= arg_length; |
+ if (stack_ptr < stack_base) |
+ return 0; |
jvoung (off chromium)
2014/09/10 17:04:29
free(info), on early exit?
dbrazdil
2014/09/10 18:49:47
Done. Thanks
|
+ |
+ memcpy(stack_ptr, argv[arg_index], arg_length); |
+ info[arg_index + 1] = ToMinsfiPtr(stack_ptr, sb); |
+ } |
+ |
+ /* Copy the info data structure across. */ |
+ stack_ptr -= info_length; |
+ if (stack_ptr < stack_base) |
+ return 0; |
jvoung (off chromium)
2014/09/10 17:04:29
free(info)?
dbrazdil
2014/09/10 18:49:47
Done.
|
+ memcpy(stack_ptr, (char*) info, info_length); |
+ |
+ /* Clean up. */ |
+ free(info); |
+ |
+ /* Return untrusted pointer to the beginning of the data structure. */ |
+ return ToMinsfiPtr(stack_ptr, sb); |
+} |
+ |
+int MinsfiInvokeSandbox(int argc, char *argv[]) { |
+ const MinsfiSandbox *sb; |
+ sfiptr_t info; |
+ |
+ if ((sb = MinsfiGetActiveSandbox()) == NULL) |
+ return EXIT_FAILURE; |
+ |
+ if ((info = CopyArguments(argc, argv, sb)) == 0) |
return EXIT_FAILURE; |
- return _start_minsfi(0); |
+ return _start_minsfi(info); |
} |
bool MinsfiDestroySandbox(void) { |