diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2012-03-05 16:19:08 -0500 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2012-03-05 16:21:47 -0500 |
| commit | 5498907383c7f1654188b6a0d02d8b03112a28c3 (patch) | |
| tree | 4d207926c2d4b5c63d36f6108149f170be510bce /libsandbox/libsandbox.c | |
| parent | tests: note that testsuite.list.at is generated (diff) | |
| download | sandbox-5498907383c7f1654188b6a0d02d8b03112a28c3.tar.gz sandbox-5498907383c7f1654188b6a0d02d8b03112a28c3.tar.bz2 sandbox-5498907383c7f1654188b6a0d02d8b03112a28c3.zip | |
libsandbox: push down constructor init
Since every consumer of sb_open gets a copy of the sbio_open data, push
the init of this into the .data section of the respective consumers to
avoid the runtime overhead.
This just leaves sandbox_lib setup in the constructor function, but that
is only needed by the execve wrapper, so push down init of that to the
existing sb_init logic which happens before our execve wrapper gets used.
URL: http://bugs.gentoo.org/404013
Reported-by: Mike Gilbert <floppym@gentoo.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Diffstat (limited to 'libsandbox/libsandbox.c')
| -rw-r--r-- | libsandbox/libsandbox.c | 43 |
1 files changed, 6 insertions, 37 deletions
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c index 0fcbb65..a36e190 100644 --- a/libsandbox/libsandbox.c +++ b/libsandbox/libsandbox.c @@ -61,6 +61,7 @@ typedef struct { static char *cached_env_vars[MAX_DYN_PREFIXES]; bool sandbox_on = true; static bool sb_init = false; +int (*sbio_open)(const char *, int, mode_t) = sb_unwrapped_open; static char *resolve_path(const char *, int); static int check_prefixes(char **, int, const char *); @@ -68,50 +69,15 @@ static void clean_env_entries(char ***, int *); static void init_context(sbcontext_t *); static void init_env_entries(char ***, int *, const char *, const char *, int); - -/* - * Initialize the shabang - */ -#if 0 -__attribute__((destructor)) -void libsb_fini(void) -{ - /* let the kernel reap our resources -- it's faster anyways */ - int x; - - sb_init = false; - - for (x = 0; x < MAX_DYN_PREFIXES; ++x) { - if (NULL != cached_env_vars[x]) { - free(cached_env_vars[x]); - cached_env_vars[x] = NULL; - } - } - - for (x = 0; x < MAX_DYN_PREFIXES; ++x) - clean_env_entries(&(sbcontext.prefixes[x]), - &(sbcontext.num_prefixes[x])); -} -#endif - +#ifdef SB_MEM_DEBUG __attribute__((constructor)) void libsb_init(void) { save_errno(); - -#ifdef SB_MEM_DEBUG mtrace(); -#endif - - sb_set_open(sb_unwrapped_open); - - /* Get the path and name to this library */ - get_sandbox_lib(sandbox_lib); - -// sb_init = true; - restore_errno(); } +#endif static const char *sb_get_fd_dir(void) { @@ -1084,6 +1050,9 @@ bool before_syscall(int dirfd, int sb_nr, const char *func, const char *file, in sb_lock(); if (!sb_init) { + /* Get the path and name to this library */ + get_sandbox_lib(sandbox_lib); + init_context(&sbcontext); sb_init = true; } |