aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2012-06-22 14:19:14 -0700
committerMike Frysinger <vapier@gentoo.org>2012-06-23 18:02:43 -0400
commit40abb498ca4a24495fe34e133379382ce8c3eaca (patch)
treea8779b17558a4c96eb2d5c56e82cee4743d408aa /libsandbox/wrapper-funcs
parentuse m4_flatten to make multiline lists easier to handle (diff)
downloadsandbox-40abb498ca4a24495fe34e133379382ce8c3eaca.tar.gz
sandbox-40abb498ca4a24495fe34e133379382ce8c3eaca.tar.bz2
sandbox-40abb498ca4a24495fe34e133379382ce8c3eaca.zip
significantly overhaul output helpers
There are a few major points we want to hit here: - have all output from libsandbox go through portage helpers when we are in the portage environment so that output is properly logged - convert SB_E{info,warn,error} to sb_e{info,warn,error} to match style of other functions and cut down on confusion - move all abort/output helpers to libsbutil so it can be used in all source trees and not just by libsandbox - migrate all abort points to the centralized sb_ebort helper Unfortunately, it's not terribly easy to untangle these into separate patches, but hopefully this shouldn't be too messy as much of it is mechanical: move funcs between files, and change the name of funcs that get called. URL: http://bugs.gentoo.org/278761 Reported-by: Mounir Lamouri <volkmar@gentoo.org> Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Diffstat (limited to 'libsandbox/wrapper-funcs')
-rw-r--r--libsandbox/wrapper-funcs/fopen_pre_check.c5
-rw-r--r--libsandbox/wrapper-funcs/mkdirat_pre_check.c15
-rw-r--r--libsandbox/wrapper-funcs/openat_pre_check.c10
-rw-r--r--libsandbox/wrapper-funcs/unlinkat_pre_check.c15
4 files changed, 18 insertions, 27 deletions
diff --git a/libsandbox/wrapper-funcs/fopen_pre_check.c b/libsandbox/wrapper-funcs/fopen_pre_check.c
index 9ee3b60..765526e 100644
--- a/libsandbox/wrapper-funcs/fopen_pre_check.c
+++ b/libsandbox/wrapper-funcs/fopen_pre_check.c
@@ -13,9 +13,8 @@ bool sb_fopen_pre_check(const char *func, const char *pathname, const char *mode
/* If we're trying to read, fail normally if file does not stat */
struct stat st;
if (-1 == stat(pathname, &st)) {
- if (is_env_on(ENV_SANDBOX_DEBUG))
- SB_EINFO("EARLY FAIL", " %s(%s): %s\n",
- func, pathname, strerror(errno));
+ sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
+ func, pathname, strerror(errno));
return false;
}
diff --git a/libsandbox/wrapper-funcs/mkdirat_pre_check.c b/libsandbox/wrapper-funcs/mkdirat_pre_check.c
index 4fef14c..77a65df 100644
--- a/libsandbox/wrapper-funcs/mkdirat_pre_check.c
+++ b/libsandbox/wrapper-funcs/mkdirat_pre_check.c
@@ -15,9 +15,8 @@ bool sb_mkdirat_pre_check(const char *func, const char *pathname, int dirfd)
/* Expand the dirfd path first */
switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) {
case -1:
- if (is_env_on(ENV_SANDBOX_DEBUG))
- SB_EINFO("EARLY FAIL", " %s(%s) @ resolve_dirfd_path: %s\n",
- func, pathname, strerror(errno));
+ sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n",
+ func, pathname, strerror(errno));
return false;
case 0:
pathname = dirfd_path;
@@ -28,9 +27,8 @@ bool sb_mkdirat_pre_check(const char *func, const char *pathname, int dirfd)
if (-1 == canonicalize(pathname, canonic))
/* see comments in check_syscall() */
if (ENAMETOOLONG != errno) {
- if (is_env_on(ENV_SANDBOX_DEBUG))
- SB_EINFO("EARLY FAIL", " %s(%s) @ canonicalize: %s\n",
- func, pathname, strerror(errno));
+ sb_debug_dyn("EARLY FAIL: %s(%s) @ canonicalize: %s\n",
+ func, pathname, strerror(errno));
return false;
}
@@ -43,9 +41,8 @@ bool sb_mkdirat_pre_check(const char *func, const char *pathname, int dirfd)
struct stat st;
if (0 == lstat(canonic, &st)) {
int new_errno;
- if (is_env_on(ENV_SANDBOX_DEBUG))
- SB_EINFO("EARLY FAIL", " %s(%s[%s]) @ lstat: %s\n",
- func, pathname, canonic, strerror(errno));
+ sb_debug_dyn("EARLY FAIL: %s(%s[%s]) @ lstat: %s\n",
+ func, pathname, canonic, strerror(errno));
new_errno = EEXIST;
diff --git a/libsandbox/wrapper-funcs/openat_pre_check.c b/libsandbox/wrapper-funcs/openat_pre_check.c
index 23149dc..c827ee6 100644
--- a/libsandbox/wrapper-funcs/openat_pre_check.c
+++ b/libsandbox/wrapper-funcs/openat_pre_check.c
@@ -19,9 +19,8 @@ bool sb_openat_pre_check(const char *func, const char *pathname, int dirfd, int
char dirfd_path[SB_PATH_MAX];
switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) {
case -1:
- if (is_env_on(ENV_SANDBOX_DEBUG))
- SB_EINFO("EARLY FAIL", " %s(%s) @ resolve_dirfd_path: %s\n",
- func, pathname, strerror(errno));
+ sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n",
+ func, pathname, strerror(errno));
return false;
case 0:
pathname = dirfd_path;
@@ -31,9 +30,8 @@ bool sb_openat_pre_check(const char *func, const char *pathname, int dirfd, int
/* Doesn't exist -> skip permission checks */
struct stat st;
if (-1 == stat(pathname, &st)) {
- if (is_env_on(ENV_SANDBOX_DEBUG))
- SB_EINFO("EARLY FAIL", " %s(%s): %s\n",
- func, pathname, strerror(errno));
+ sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
+ func, pathname, strerror(errno));
return false;
}
diff --git a/libsandbox/wrapper-funcs/unlinkat_pre_check.c b/libsandbox/wrapper-funcs/unlinkat_pre_check.c
index 1c4f7e3..9f5e7d7 100644
--- a/libsandbox/wrapper-funcs/unlinkat_pre_check.c
+++ b/libsandbox/wrapper-funcs/unlinkat_pre_check.c
@@ -15,9 +15,8 @@ bool sb_unlinkat_pre_check(const char *func, const char *pathname, int dirfd)
/* Expand the dirfd path first */
switch (resolve_dirfd_path(dirfd, pathname, dirfd_path, sizeof(dirfd_path))) {
case -1:
- if (is_env_on(ENV_SANDBOX_DEBUG))
- SB_EINFO("EARLY FAIL", " %s(%s) @ resolve_dirfd_path: %s\n",
- func, pathname, strerror(errno));
+ sb_debug_dyn("EARLY FAIL: %s(%s) @ resolve_dirfd_path: %s\n",
+ func, pathname, strerror(errno));
return false;
case 0:
pathname = dirfd_path;
@@ -28,9 +27,8 @@ bool sb_unlinkat_pre_check(const char *func, const char *pathname, int dirfd)
if (-1 == canonicalize(pathname, canonic))
/* see comments in check_syscall() */
if (ENAMETOOLONG != errno) {
- if (is_env_on(ENV_SANDBOX_DEBUG))
- SB_EINFO("EARLY FAIL", " %s(%s) @ canonicalize: %s\n",
- func, pathname, strerror(errno));
+ sb_debug_dyn("EARLY FAIL: %s(%s) @ canonicalize: %s\n",
+ func, pathname, strerror(errno));
return false;
}
@@ -40,9 +38,8 @@ bool sb_unlinkat_pre_check(const char *func, const char *pathname, int dirfd)
0 == strcmp(canonic, "/dev/zero"))
{
errno = EACCES;
- if (is_env_on(ENV_SANDBOX_DEBUG))
- SB_EINFO("EARLY FAIL", " %s(%s): %s\n",
- func, pathname, strerror(errno));
+ sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
+ func, pathname, strerror(errno));
return false;
}