1 files changed, 505 insertions, 0 deletions
diff --git a/lib/libcasper/services/cap_fileargs/cap_fileargs.c b/lib/libcasper/services/cap_fileargs/cap_fileargs.c
new file mode 100644
index 000000000000..2dce6679ee88
--- /dev/null
+++ b/lib/libcasper/services/cap_fileargs/cap_fileargs.c
@@ -0,0 +1,505 @@
+/*-
+ * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
+ *
+ * Copyright (c) 2018 Mariusz Zaborski <oshogbo@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/types.h>
+#include <sys/capsicum.h>
+#include <sys/sysctl.h>
+#include <sys/cnv.h>
+#include <sys/dnv.h>
+#include <sys/nv.h>
+
+#include <assert.h>
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <libcasper.h>
+#include <libcasper_service.h>
+
+#include "cap_fileargs.h"
+
+#define CACHE_SIZE	128
+
+#define FILEARGS_MAGIC	0xFA00FA00
+
+struct fileargs {
+	uint32_t	 fa_magic;
+	nvlist_t	*fa_cache;
+	cap_channel_t	*fa_chann;
+	int		 fa_fdflags;
+};
+
+static int
+fileargs_get_cache(fileargs_t *fa, const char *name)
+{
+	int fd;
+	const nvlist_t *nvl;
+	nvlist_t *tnvl;
+
+	assert(fa != NULL);
+	assert(fa->fa_magic == FILEARGS_MAGIC);
+	assert(name != NULL);
+
+	if (fa->fa_cache == NULL)
+		return (-1);
+
+	if ((fa->fa_fdflags & O_CREAT) != 0)
+		return (-1);
+
+	nvl = dnvlist_get_nvlist(fa->fa_cache, name, NULL);
+	if (nvl == NULL)
+		return (-1);
+
+	tnvl = nvlist_take_nvlist(fa->fa_cache, name);
+	fd = nvlist_take_descriptor(tnvl, "fd");
+	nvlist_destroy(tnvl);
+
+	if ((fa->fa_fdflags & O_CLOEXEC) != O_CLOEXEC) {
+		if (fcntl(fd, F_SETFD, fa->fa_fdflags) == -1) {
+			close(fd);
+			return (-1);
+		}
+	}
+
+	return (fd);
+}
+
+static void
+fileargs_set_cache(fileargs_t *fa, nvlist_t *nvl)
+{
+
+	nvlist_destroy(fa->fa_cache);
+	fa->fa_cache = nvl;
+}
+
+static nvlist_t*
+fileargs_fetch(fileargs_t *fa, const char *name)
+{
+	nvlist_t *nvl;
+	int serrno;
+
+	assert(fa != NULL);
+	assert(name != NULL);
+
+	nvl = nvlist_create(NV_FLAG_NO_UNIQUE);
+	nvlist_add_string(nvl, "cmd", "open");
+	nvlist_add_string(nvl, "name", name);
+
+	nvl = cap_xfer_nvlist(fa->fa_chann, nvl);
+	if (nvl == NULL)
+		return (NULL);
+
+	if (nvlist_get_number(nvl, "error") != 0) {
+		serrno = (int)nvlist_get_number(nvl, "error");
+		nvlist_destroy(nvl);
+		errno = serrno;
+		return (NULL);
+	}
+
+	return (nvl);
+}
+
+static nvlist_t *
+fileargs_create_limit(int argc, const char * const *argv, int flags,
+    mode_t mode, cap_rights_t *rightsp)
+{
+	nvlist_t *limits;
+	int i;
+
+	limits = nvlist_create(NV_FLAG_NO_UNIQUE);
+	if (limits == NULL)
+		return (NULL);
+
+	nvlist_add_number(limits, "flags", flags);
+	if (rightsp != NULL) {
+		nvlist_add_binary(limits, "cap_rights", rightsp,
+		    sizeof(*rightsp));
+	}
+	if ((flags & O_CREAT) != 0)
+		nvlist_add_number(limits, "mode", (uint64_t)mode);
+
+	for (i = 0; i < argc; i++) {
+		nvlist_add_null(limits, argv[i]);
+	}
+
+	return (limits);
+}
+
+static fileargs_t *
+fileargs_create(cap_channel_t *chan, int fdflags)
+{
+	fileargs_t *fa;
+
+	fa = malloc(sizeof(*fa));
+	if (fa != NULL) {
+		fa->fa_cache = NULL;
+		fa->fa_chann = chan;
+		fa->fa_fdflags = fdflags;
+		fa->fa_magic = FILEARGS_MAGIC;
+	}
+
+	return (fa);
+}
+
+fileargs_t *
+fileargs_init(int argc, char *argv[], int flags, mode_t mode,
+    cap_rights_t *rightsp)
+{
+	nvlist_t *limits;
+
+	if (argv <= 0 || argv == NULL) {
+		return (fileargs_create(NULL, 0));
+	}
+
+	limits = fileargs_create_limit(argc, (const char * const *)argv, flags,
+	   mode, rightsp);
+	if (limits == NULL)
+		return (NULL);
+
+	return (fileargs_initnv(limits));
+}
+
+fileargs_t *
+fileargs_cinit(cap_channel_t *cas, int argc, char *argv[], int flags,
+     mode_t mode, cap_rights_t *rightsp)
+{
+	nvlist_t *limits;
+
+	if (argv <= 0 || argv == NULL) {
+		return (fileargs_create(NULL, 0));
+	}
+
+	limits = fileargs_create_limit(argc, (const char * const *)argv, flags,
+	   mode, rightsp);
+	if (limits == NULL)
+		return (NULL);
+
+	return (fileargs_cinitnv(cas, limits));
+}
+
+fileargs_t *
+fileargs_initnv(nvlist_t *limits)
+{
+        cap_channel_t *cas;
+	fileargs_t *fa;
+
+	if (limits == NULL) {
+		return (fileargs_create(NULL, 0));
+	}
+
+        cas = cap_init();
+        if (cas == NULL) {
+		nvlist_destroy(limits);
+                return (NULL);
+	}
+
+        fa = fileargs_cinitnv(cas, limits);
+        cap_close(cas);
+
+	return (fa);
+}
+
+fileargs_t *
+fileargs_cinitnv(cap_channel_t *cas, nvlist_t *limits)
+{
+	cap_channel_t *chann;
+	fileargs_t *fa;
+	int serrno, ret;
+	int flags;
+
+	assert(cas != NULL);
+
+	if (limits == NULL) {
+		return (fileargs_create(NULL, 0));
+	}
+
+	chann = NULL;
+	fa = NULL;
+
+	chann = cap_service_open(cas, "system.fileargs");
+	if (chann == NULL) {
+		nvlist_destroy(limits);
+		return (NULL);
+	}
+
+	flags = nvlist_get_number(limits, "flags");
+
+	/* Limits are consumed no need to free them. */
+	ret = cap_limit_set(chann, limits);
+	if (ret < 0)
+		goto out;
+
+	fa = fileargs_create(chann, flags);
+	if (fa == NULL)
+		goto out;
+
+	return (fa);
+out:
+	serrno = errno;
+	if (chann != NULL)
+		cap_close(chann);
+	errno = serrno;
+	return (NULL);
+}
+
+int
+fileargs_open(fileargs_t *fa, const char *name)
+{
+	int fd;
+	nvlist_t *nvl;
+	char *cmd;
+
+	assert(fa != NULL);
+	assert(fa->fa_magic == FILEARGS_MAGIC);
+
+	if (name == NULL) {
+		errno = EINVAL;
+		return (-1);
+	}
+
+	if (fa->fa_chann == NULL) {
+		errno = ENOTCAPABLE;
+		return (-1);
+	}
+
+	fd = fileargs_get_cache(fa, name);
+	if (fd != -1)
+		return (fd);
+
+	nvl = fileargs_fetch(fa, name);
+	if (nvl == NULL)
+		return (-1);
+
+	fd = nvlist_take_descriptor(nvl, "fd");
+	cmd = nvlist_take_string(nvl, "cmd");
+	if (strcmp(cmd, "cache") == 0)
+		fileargs_set_cache(fa, nvl);
+	else
+		nvlist_destroy(nvl);
+	free(cmd);
+
+	return (fd);
+}
+
+FILE *
+fileargs_fopen(fileargs_t *fa, const char *name, const char *mode)
+{
+	int fd;
+
+	if ((fd = fileargs_open(fa, name)) < 0) {
+		return (NULL);
+	}
+
+	return (fdopen(fd, mode));
+}
+
+void
+fileargs_free(fileargs_t *fa)
+{
+
+	if (fa == NULL)
+		return;
+
+	assert(fa->fa_magic == FILEARGS_MAGIC);
+
+	nvlist_destroy(fa->fa_cache);
+	if (fa->fa_chann != NULL) {
+		cap_close(fa->fa_chann);
+	}
+	explicit_bzero(&fa->fa_magic, sizeof(fa->fa_magic));
+	free(fa);
+}
+
+/*
+ * Service functions.
+ */
+
+static const char *lastname;
+static void *cacheposition;
+static bool allcached;
+static const cap_rights_t *caprightsp;
+static int capflags;
+static mode_t capmode;
+
+static int
+open_file(const char *name)
+{
+	int fd, serrno;
+
+	if ((capflags & O_CREAT) == 0)
+		fd = open(name, capflags);
+	else
+		fd = open(name, capflags, capmode);
+	if (fd < 0)
+		return (-1);
+
+	if (caprightsp != NULL) {
+		if (cap_rights_limit(fd, caprightsp) < 0) {
+			serrno = errno;
+			close(fd);
+			errno = serrno;
+			return (-1);
+		}
+	}
+
+	return (fd);
+}
+
+static void
+fileargs_add_cache(nvlist_t *nvlout, const nvlist_t *limits,
+    const char *curent_name)
+{
+	int type, i, fd;
+	void *cookie;
+	nvlist_t *new;
+	const char *fname;
+
+	if ((capflags & O_CREAT) != 0) {
+		allcached = true;
+		return;
+	}
+
+	cookie = cacheposition;
+	for (i = 0; i < CACHE_SIZE + 1; i++) {
+		fname = nvlist_next(limits, &type, &cookie);
+		if (fname == NULL) {
+			cacheposition = NULL;
+			lastname = NULL;
+			allcached = true;
+			return;
+		}
+		/* We doing that to catch next element name. */
+		if (i == CACHE_SIZE) {
+			break;
+		}
+
+		if (type != NV_TYPE_NULL ||
+		    (curent_name != NULL && strcmp(fname, curent_name) == 0)) {
+			curent_name = NULL;
+			i--;
+			continue;
+		}
+
+		fd = open_file(fname);
+		if (fd < 0) {
+			i--;
+			continue;
+		}
+
+		new = nvlist_create(NV_FLAG_NO_UNIQUE);
+		nvlist_move_descriptor(new, "fd", fd);
+		nvlist_add_nvlist(nvlout, fname, new);
+	}
+	cacheposition = cookie;
+	lastname = fname;
+}
+
+static bool
+fileargs_allowed(const nvlist_t *limits, const nvlist_t *request)
+{
+	const char *name;
+
+	name = dnvlist_get_string(request, "name", NULL);
+	if (name == NULL)
+		return (false);
+
+	/* Fast path. */
+	if (lastname != NULL && strcmp(name, lastname) == 0)
+		return (true);
+
+	if (!nvlist_exists_null(limits, name))
+		return (false);
+
+	return (true);
+}
+
+static int
+fileargs_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits)
+{
+
+	if (oldlimits != NULL)
+		return (ENOTCAPABLE);
+
+	capflags = (int)dnvlist_get_number(newlimits, "flags", 0);
+	if ((capflags & O_CREAT) != 0)
+		capmode = (mode_t)nvlist_get_number(newlimits, "mode");
+	else
+		capmode = 0;
+
+	caprightsp = dnvlist_get_binary(newlimits, "cap_rights", NULL, NULL, 0);
+
+	return (0);
+}
+
+static int
+fileargs_command_open(const nvlist_t *limits, nvlist_t *nvlin,
+    nvlist_t *nvlout)
+{
+	int fd;
+	const char *name;
+
+	if (limits == NULL)
+		return (ENOTCAPABLE);
+
+	if (!fileargs_allowed(limits, nvlin))
+		return (ENOTCAPABLE);
+
+	name = nvlist_get_string(nvlin, "name");
+
+	fd = open_file(name);
+	if (fd < 0)
+		return (errno);
+
+	if (!allcached && (lastname == NULL ||
+	    strcmp(name, lastname) == 0)) {
+		nvlist_add_string(nvlout, "cmd", "cache");
+		fileargs_add_cache(nvlout, limits, name);
+	} else {
+		nvlist_add_string(nvlout, "cmd", "open");
+	}
+	nvlist_move_descriptor(nvlout, "fd", fd);
+	return (0);
+}
+
+static int
+fileargs_command(const char *cmd, const nvlist_t *limits,
+    nvlist_t *nvlin, nvlist_t *nvlout)
+{
+
+	if (strcmp(cmd, "open") == 0)
+		return (fileargs_command_open(limits, nvlin, nvlout));
+
+	return (EINVAL);
+}
+
+CREATE_SERVICE("system.fileargs", fileargs_limit, fileargs_command,
+    CASPER_SERVICE_FD | CASPER_SERVICE_STDIO | CASPER_SERVICE_NO_UNIQ_LIMITS);