Beispiel #1
0
void *
memcpy(void *dst, const void *src, size_t len)
{

	if (len == 0)
		return (dst);
	memcpy_c(cheri_ptr(dst, len), cheri_ptr((void *)src, len), len);
	return (dst);
}
Beispiel #2
0
u_int
juniper_mlppp_print(const struct pcap_pkthdr *h, packetbody_t p)
{
        struct juniper_l2info_t l2info;

        l2info.pictype = DLT_JUNIPER_MLPPP;
        if(juniper_parse_header(p, h, &l2info) == 0)
            return l2info.header_len;

        /* suppress Bundle-ID if frame was captured on a child-link
         * best indicator if the cookie looks like a proto */
        if (eflag &&
            EXTRACT_16BITS(cheri_ptr(&l2info.cookie, 2)) != PPP_OSI &&
            EXTRACT_16BITS(cheri_ptr(&l2info.cookie, 2)) !=  (PPP_ADDRESS << 8 | PPP_CONTROL))
            printf("Bundle-ID %u: ",l2info.bundle);

        p+=l2info.header_len;

        /* first try the LSQ protos */
        switch(l2info.proto) {
        case JUNIPER_LSQ_L3_PROTO_IPV4:
            /* IP traffic going to the RE would not have a cookie
             * -> this must be incoming IS-IS over PPP
             */
            if (l2info.cookie[4] == (JUNIPER_LSQ_COOKIE_RE|JUNIPER_LSQ_COOKIE_DIR))
                ppp_print(p, l2info.length);
            else
                ip_print(gndo, p, l2info.length);
            return l2info.header_len;
#ifdef INET6
        case JUNIPER_LSQ_L3_PROTO_IPV6:
            ip6_print(gndo, p,l2info.length);
            return l2info.header_len;
#endif
        case JUNIPER_LSQ_L3_PROTO_MPLS:
            mpls_print(p,l2info.length);
            return l2info.header_len;
        case JUNIPER_LSQ_L3_PROTO_ISO:
            isoclns_print(p,l2info.length,l2info.caplen);
            return l2info.header_len;
        default:
            break;
        }

        /* zero length cookie ? */
        switch (EXTRACT_16BITS(cheri_ptr(&l2info.cookie, 2))) {
        case PPP_OSI:
            ppp_print(PACKET_SUBTRACT(p,2),l2info.length+2);
            break;
        case (PPP_ADDRESS << 8 | PPP_CONTROL): /* fall through */
        default:
            ppp_print(p,l2info.length);
            break;
        }

        return l2info.header_len;
}
Beispiel #3
0
u_int
juniper_mlfr_print(const struct pcap_pkthdr *h, packetbody_t p)
{
        struct juniper_l2info_t l2info;

        l2info.pictype = DLT_JUNIPER_MLFR;
        if(juniper_parse_header(p, h, &l2info) == 0)
            return l2info.header_len;

        p+=l2info.header_len;

        /* suppress Bundle-ID if frame was captured on a child-link */
        if (eflag && EXTRACT_32BITS(cheri_ptr(l2info.cookie, 4)) != 1) printf("Bundle-ID %u, ",l2info.bundle);
        switch (l2info.proto) {
        case (LLC_UI):
        case (LLC_UI<<8):
            isoclns_print(p, l2info.length, l2info.caplen);
            break;
        case (LLC_UI<<8 | NLPID_Q933):
        case (LLC_UI<<8 | NLPID_IP):
        case (LLC_UI<<8 | NLPID_IP6):
            /* pass IP{4,6} to the OSI layer for proper link-layer printing */
            isoclns_print(PACKET_SUBTRACT(p, 1), l2info.length+1, l2info.caplen+1);
            break;
        default:
            printf("unknown protocol 0x%04x, length %u",l2info.proto, l2info.length);
        }

        return l2info.header_len;
}
Beispiel #4
0
u_int
juniper_mfr_print(const struct pcap_pkthdr *h, packetbody_t p)
{
        struct juniper_l2info_t l2info;

        l2info.pictype = DLT_JUNIPER_MFR;
        if(juniper_parse_header(p, h, &l2info) == 0)
            return l2info.header_len;
        
        p+=l2info.header_len;

        /* child-link ? */
        if (l2info.cookie_len == 0) {
            mfr_print(p,l2info.length);
            return l2info.header_len;
        }

        /* first try the LSQ protos */
        if (l2info.cookie_len == AS_PIC_COOKIE_LEN) {
            switch(l2info.proto) {
            case JUNIPER_LSQ_L3_PROTO_IPV4:
                ip_print(gndo, p, l2info.length);
                return l2info.header_len;
#ifdef INET6
            case JUNIPER_LSQ_L3_PROTO_IPV6:
                ip6_print(gndo, p,l2info.length);
                return l2info.header_len;
#endif
            case JUNIPER_LSQ_L3_PROTO_MPLS:
                mpls_print(p,l2info.length);
                return l2info.header_len;
            case JUNIPER_LSQ_L3_PROTO_ISO:
                isoclns_print(p,l2info.length,l2info.caplen);
                return l2info.header_len;
            default:
                break;
            }
            return l2info.header_len;
        }

        /* suppress Bundle-ID if frame was captured on a child-link */
        if (eflag && EXTRACT_32BITS(cheri_ptr(l2info.cookie, 4)) != 1) printf("Bundle-ID %u, ",l2info.bundle);
        switch (l2info.proto) {
        case (LLCSAP_ISONS<<8 | LLCSAP_ISONS):
            isoclns_print(p+1, l2info.length-1, l2info.caplen-1);
            break;
        case (LLC_UI<<8 | NLPID_Q933):
        case (LLC_UI<<8 | NLPID_IP):
        case (LLC_UI<<8 | NLPID_IP6):
            /* pass IP{4,6} to the OSI layer for proper link-layer printing */
            isoclns_print(PACKET_SUBTRACT(p, 1), l2info.length+1,
		l2info.caplen+1); 
            break;
        default:
            printf("unknown protocol 0x%04x, length %u",l2info.proto, l2info.length);
        }

        return l2info.header_len;
}
Beispiel #5
0
/*
 * Print the TR MAC header
 */
static inline void
token_hdr_print(__capability const struct token_header *trp, register u_int length,
	   u_char *fsrc, u_char *fdst)
{
	const char *srcname, *dstname;

	srcname = etheraddr_string(cheri_ptr(fsrc, 6));
	dstname = etheraddr_string(cheri_ptr(fdst, 6));

	if (vflag)
		(void) printf("%02x %02x %s %s %d: ",
		       trp->token_ac,
		       trp->token_fc,
		       srcname, dstname,
		       length);
	else
		printf("%s %s %d: ", srcname, dstname, length);
}
Beispiel #6
0
__capability void *
memcpy_c_tocap(__capability void *dst, const void *src, size_t len)
{

#ifdef __CHERI_SANDBOX__
	return (memcpy_c(dst, src, len));
#else
	return (memcpy_c(dst, cheri_ptr((void *)src, len), len));
#endif
}
Beispiel #7
0
void *
memcpy_c_fromcap(void *dst, __capability const void *src, size_t len)
{

#ifdef __CHERI_SANDBOX__
	return (memcpy_c(dst, src, len));
#else
	memcpy_c(cheri_ptr(dst, len), src, len);
	return (dst);
#endif
}
Beispiel #8
0
_gc_cap void *
gc_vm_get_stack(_gc_cap struct gc_vm_tbl *vt)
{
	_gc_cap void *p;
	_gc_cap struct gc_vm_ent *ve;

	/* Heuristic; just return last entry. */
	ve = &vt->vt_ent[vt->vt_nent - 1];
	p = cheri_ptr((void *)ve->ve_start, ve->ve_end - ve->ve_start);

	return (p);
}
Beispiel #9
0
static int
invoke_fd_write_c(struct cheri_object fd_object)
{
	struct cheri_fd_ret ret;
	const char *buf = "fd write test\n";
	__capability const void *buf_c;

	buf_c = cheri_ptr(buf, strlen(buf));
	ret = cheri_fd_write_c(fd_object, buf_c);
	printf("cheri_fd_write_c returned (%ld, %ld)\n", ret.cfr_retval0,
	    ret.cfr_retval1);
	return (0);
}
Beispiel #10
0
static int
invoke_fd_read_c(struct cheri_object fd_object)
{
	struct cheri_fd_ret ret;
	char buf[10];
	__capability void *buf_c;

	buf_c = cheri_ptr(buf, sizeof(buf));
	ret = cheri_fd_read_c(fd_object, buf_c);
	printf("cheri_fd_read_c returned (%ld, %ld)\n", ret.cfr_retval0,
	    ret.cfr_retval1);
	return (0);
}
Beispiel #11
0
static int
invoke_fd_fstat_c(struct cheri_object fd_object)
{
	struct cheri_fd_ret ret;
	struct stat sb;
	__capability void *sb_c;

	sb_c = cheri_ptr(&sb, sizeof(sb));
	ret = cheri_fd_fstat_c(fd_object, sb_c);
	printf("cheri_fd_fstat_c returned (%ld, %ld)\n", ret.cfr_retval0,
	    ret.cfr_retval1);
	return (0);
}
Beispiel #12
0
u_int
juniper_atm2_print(const struct pcap_pkthdr *h, packetbody_t p)
{
        u_int16_t extracted_ethertype;

        struct juniper_l2info_t l2info;

        l2info.pictype = DLT_JUNIPER_ATM2;
        if(juniper_parse_header(p, h, &l2info) == 0)
            return l2info.header_len;

        p+=l2info.header_len;

        if (l2info.cookie[7] & ATM2_PKT_TYPE_MASK) { /* OAM cell ? */
            oam_print(p,l2info.length,ATM_OAM_NOHEC);
            return l2info.header_len;
        }

        if (EXTRACT_24BITS(p) == 0xfefe03 || /* NLPID encaps ? */
            EXTRACT_24BITS(p) == 0xaaaa03) { /* SNAP encaps ? */

            if (llc_print(p, l2info.length, l2info.caplen, NULL, NULL,
                          &extracted_ethertype) != 0)
                return l2info.header_len;
        }

        if (l2info.direction != JUNIPER_BPF_PKT_IN && /* ether-over-1483 encaps ? */
            (EXTRACT_32BITS(cheri_ptr(l2info.cookie, 4)) & ATM2_GAP_COUNT_MASK)) {
            ether_print(gndo, p, l2info.length, l2info.caplen, NULL, NULL);
            return l2info.header_len;
        }

        if (p[0] == 0x03) { /* Cisco style NLPID encaps ? */
            isoclns_print(p + 1, l2info.length - 1, l2info.caplen - 1);
            /* FIXME check if frame was recognized */
            return l2info.header_len;
        }

        if(juniper_ppp_heuristic_guess(p, l2info.length) != 0) /* PPPoA vcmux encaps ? */
            return l2info.header_len;

        if(ip_heuristic_guess(p, l2info.length) != 0) /* last try - vcmux encaps ? */
            return l2info.header_len;

	return l2info.header_len;
}
Beispiel #13
0
static int
juniper_parse_header (packetbody_t p, const struct pcap_pkthdr *h, struct juniper_l2info_t *l2info) {

    struct juniper_cookie_table_t *lp = juniper_cookie_table;
    u_int idx, jnx_ext_len, jnx_header_len = 0;
    u_int8_t tlv_type,tlv_len;
    u_int32_t control_word;
    int tlv_value;
    packetbody_t tptr;


    l2info->header_len = 0;
    l2info->cookie_len = 0;
    l2info->proto = 0;


    l2info->length = h->len;
    l2info->caplen = h->caplen;
    PACKET_HAS_SPACE_OR_TRUNC(p,4);
    l2info->flags = p[3];
    l2info->direction = p[3]&JUNIPER_BPF_PKT_IN;
    
    if (EXTRACT_24BITS(p) != JUNIPER_MGC_NUMBER) { /* magic number found ? */
        printf("no magic-number found!");
        return 0;
    } 

    if (eflag) /* print direction */
        printf("%3s ",tok2str(juniper_direction_values,"---",l2info->direction));

    /* magic number + flags */
    jnx_header_len = 4;

    if (vflag>1)
        printf("\n\tJuniper PCAP Flags [%s]",
               bittok2str(jnx_flag_values, "none", l2info->flags));

    /* extensions present ?  - calculate how much bytes to skip */
    if ((l2info->flags & JUNIPER_BPF_EXT ) == JUNIPER_BPF_EXT ) {

        tptr = p+jnx_header_len;

        /* ok to read extension length ? */
        PACKET_HAS_SPACE_OR_TRUNC(tptr, 2);
        jnx_ext_len = EXTRACT_16BITS(tptr);
        jnx_header_len += 2;
        tptr +=2;
        
        /* nail up the total length -
         * just in case something goes wrong
         * with TLV parsing */
        jnx_header_len += jnx_ext_len;
        
        if (vflag>1)
            printf(", PCAP Extension(s) total length %u",
                   jnx_ext_len);
        
        PACKET_HAS_SPACE_OR_TRUNC(tptr, jnx_ext_len);
        while (jnx_ext_len > JUNIPER_EXT_TLV_OVERHEAD) {
            tlv_type = *(tptr++);
            tlv_len = *(tptr++);
            tlv_value = 0;
            
            /* sanity check */
            if (tlv_type == 0 || tlv_len == 0)
                break;
            
            if (vflag>1)
                printf("\n\t  %s Extension TLV #%u, length %u, value ",
                       tok2str(jnx_ext_tlv_values,"Unknown",tlv_type),
                       tlv_type,
                       tlv_len);
            
            tlv_value = juniper_read_tlv_value(tptr, tlv_type, tlv_len);
            switch (tlv_type) {
            case JUNIPER_EXT_TLV_IFD_NAME:
                /* FIXME */
                break;
            case JUNIPER_EXT_TLV_IFD_MEDIATYPE:
            case JUNIPER_EXT_TLV_TTP_IFD_MEDIATYPE:
                if (tlv_value != -1) {
                    if (vflag>1)
                        printf("%s (%u)",
                               tok2str(juniper_ifmt_values, "Unknown", tlv_value),
                               tlv_value);
                }
                break;
            case JUNIPER_EXT_TLV_IFL_ENCAPS:
            case JUNIPER_EXT_TLV_TTP_IFL_ENCAPS:
                if (tlv_value != -1) {
                    if (vflag>1)
                        printf("%s (%u)",
                               tok2str(juniper_ifle_values, "Unknown", tlv_value),
                               tlv_value);
                }
                break;
            case JUNIPER_EXT_TLV_IFL_IDX: /* fall through */
            case JUNIPER_EXT_TLV_IFL_UNIT:
            case JUNIPER_EXT_TLV_IFD_IDX:
            default:
                if (tlv_value != -1) {
                    if (vflag>1)
                        printf("%u",tlv_value);
                }
                break;
            }
            
            tptr+=tlv_len;
            jnx_ext_len -= tlv_len+JUNIPER_EXT_TLV_OVERHEAD;
        }
        
        if (vflag>1)
            printf("\n\t-----original packet-----\n\t");
    } 
    
    if ((l2info->flags & JUNIPER_BPF_NO_L2 ) == JUNIPER_BPF_NO_L2 ) {            
        if (eflag)
            printf("no-L2-hdr, ");

        /* there is no link-layer present -
         * perform the v4/v6 heuristics
         * to figure out what it is
         */
        PACKET_HAS_SPACE_OR_TRUNC(p, (jnx_header_len+4) + 1);
        if(ip_heuristic_guess(p+jnx_header_len+4,l2info->length-(jnx_header_len+4)) == 0)
            printf("no IP-hdr found!");

        l2info->header_len=jnx_header_len+4;
        return 0; /* stop parsing the output further */
        
    }
    l2info->header_len = jnx_header_len;
    p+=l2info->header_len;
    l2info->length -= l2info->header_len;
    l2info->caplen -= l2info->header_len;

    /* search through the cookie table and copy values matching for our PIC type */
    while (lp->s != NULL) {
        if (lp->pictype == l2info->pictype) {

            l2info->cookie_len += lp->cookie_len;

            switch (p[0]) {
            case LS_COOKIE_ID:
                l2info->cookie_type = LS_COOKIE_ID;
                l2info->cookie_len += 2;
                break;
            case AS_COOKIE_ID:
                l2info->cookie_type = AS_COOKIE_ID;
                l2info->cookie_len = 8;
                break;
            
            default:
                l2info->bundle = l2info->cookie[0];
                break;
            }


#ifdef DLT_JUNIPER_MFR
            /* MFR child links don't carry cookies */
            if (l2info->pictype == DLT_JUNIPER_MFR &&
                (p[0] & MFR_BE_MASK) == MFR_BE_MASK) {
                l2info->cookie_len = 0;
            }
#endif

            l2info->header_len += l2info->cookie_len;
            l2info->length -= l2info->cookie_len;
            l2info->caplen -= l2info->cookie_len;

            if (eflag)
                printf("%s-PIC, cookie-len %u",
                       lp->s,
                       l2info->cookie_len);

            if (l2info->cookie_len > 0) {
                PACKET_HAS_SPACE_OR_TRUNC(p,l2info->cookie_len);
                if (eflag)
                    printf(", cookie 0x");
                for (idx = 0; idx < l2info->cookie_len; idx++) {
                    l2info->cookie[idx] = p[idx]; /* copy cookie data */
                    if (eflag) printf("%02x",p[idx]);
                }
            }

            if (eflag) printf(": "); /* print demarc b/w L2/L3*/
            

            l2info->proto = EXTRACT_16BITS(p+l2info->cookie_len); 
            break;
        }
        ++lp;
    }
    p+=l2info->cookie_len;

    /* DLT_ specific parsing */
    switch(l2info->pictype) {
#ifdef DLT_JUNIPER_MLPPP
    case DLT_JUNIPER_MLPPP:
        switch (l2info->cookie_type) {
        case LS_COOKIE_ID:
            l2info->bundle = l2info->cookie[1];
            break;
        case AS_COOKIE_ID:
            l2info->bundle = (EXTRACT_16BITS(cheri_ptr(&l2info->cookie[6], 2))>>3)&0xfff;
            l2info->proto = (l2info->cookie[5])&JUNIPER_LSQ_L3_PROTO_MASK;            
            break;
        default:
            l2info->bundle = l2info->cookie[0];
            break;
        }
        break;
#endif
#ifdef DLT_JUNIPER_MLFR
    case DLT_JUNIPER_MLFR:
        switch (l2info->cookie_type) {
        case LS_COOKIE_ID:
            l2info->bundle = l2info->cookie[1];
            l2info->proto = EXTRACT_16BITS(p);        
            l2info->header_len += 2;
            l2info->length -= 2;
            l2info->caplen -= 2;
            break;
        case AS_COOKIE_ID:
            l2info->bundle = (EXTRACT_16BITS(cheri_ptr(&l2info->cookie[6], 2))>>3)&0xfff;
            l2info->proto = (l2info->cookie[5])&JUNIPER_LSQ_L3_PROTO_MASK;
            break;
        default:
            l2info->bundle = l2info->cookie[0];
            l2info->header_len += 2;
            l2info->length -= 2;
            l2info->caplen -= 2;
            break;
        }
        break;
#endif
#ifdef DLT_JUNIPER_MFR
    case DLT_JUNIPER_MFR:
        switch (l2info->cookie_type) {
        case LS_COOKIE_ID:
            l2info->bundle = l2info->cookie[1];
            l2info->proto = EXTRACT_16BITS(p);        
            l2info->header_len += 2;
            l2info->length -= 2;
            l2info->caplen -= 2;
            break;
        case AS_COOKIE_ID:
            l2info->bundle = (EXTRACT_16BITS(cheri_ptr(&l2info->cookie[6], 2))>>3)&0xfff;
            l2info->proto = (l2info->cookie[5])&JUNIPER_LSQ_L3_PROTO_MASK;
            break;
        default:
            l2info->bundle = l2info->cookie[0];
            break;
        }
        break;
#endif
#ifdef DLT_JUNIPER_ATM2
    case DLT_JUNIPER_ATM2:
        PACKET_HAS_SPACE_OR_TRUNC(p,4);
        /* ATM cell relay control word present ? */
        if (l2info->cookie[7] & ATM2_PKT_TYPE_MASK) {
            control_word = EXTRACT_32BITS(p);
            /* some control word heuristics */
            switch(control_word) {
            case 0: /* zero control word */
            case 0x08000000: /* < JUNOS 7.4 control-word */
            case 0x08380000: /* cntl word plus cell length (56) >= JUNOS 7.4*/
                l2info->header_len += 4;
                break;
            default:
                break;
            }
            
            if (eflag)
                printf("control-word 0x%08x ", control_word);
        }
        break;
#endif
#ifdef DLT_JUNIPER_GGSN
    case DLT_JUNIPER_GGSN:
        break;
#endif
#ifdef DLT_JUNIPER_ATM1
    case DLT_JUNIPER_ATM1:
        break;
#endif
#ifdef DLT_JUNIPER_PPP
    case DLT_JUNIPER_PPP:
        break;
#endif
#ifdef DLT_JUNIPER_CHDLC
    case DLT_JUNIPER_CHDLC:
        break;
#endif
#ifdef DLT_JUNIPER_ETHER
    case DLT_JUNIPER_ETHER:
        break;
#endif
#ifdef DLT_JUNIPER_FRELAY
    case DLT_JUNIPER_FRELAY:
        break;
#endif

    default:
        printf("Unknown Juniper DLT_ type %u: ", l2info->pictype);
        break;
    }
    
    if (eflag > 1)
        printf("hlen %u, proto 0x%04x, ",l2info->header_len,l2info->proto);

    return 1; /* everything went ok so far. continue parsing */
 trunc:
    printf("[|juniper_hdr], length %u",h->len);
    return 0;
}
Beispiel #14
0
int
test_sb(struct tf_test *thiz)
{
	struct sb sb;
	struct sb_param sp;
	__capability struct sb_param *spc;
	int rc;
	__capability void *cap;

	thiz->t_pf("create sandbox\n");
	rc = sb_init(thiz, &sb, SB_BIN, SB_HPSZ);
	if (rc != 0)
		return (rc);

	spc = cheri_ptr(&sp, sizeof(sp));
	memset(&sp, 0, sizeof(sp));

	rc = cheri_gc_new(CHERI_GC_METHOD_ALLOC_C |
	    CHERI_GC_METHOD_STATUS_C, &sp.sp_gc);
	if (rc != 0) {
		thiz->t_pf("error: cheri_gc_new\n");
		return (rc);
	}
	
	thiz->t_pf("sandbox codecap: %s\n", gc_cap_str(sb.sb_op->sbo_cheri_object_invoke.co_codecap));
	thiz->t_pf("sandbox datacap: %s\n", gc_cap_str(sb.sb_op->sbo_cheri_object_invoke.co_datacap));

	spc->sp_cap1 = cheri_ptrperm(&cap, sizeof(cap), CHERI_PERM_STORE_CAP);

	/* XXX: assume GC initialized. */
	
	thiz->t_pf("invoke sandbox\n");
	spc->sp_op = OP_INIT;
	rc = sb_invoke(thiz, &sb, spc);
	thiz->t_pf("return value from sandbox: %d\n", rc);
	
	/* In the sandbox, force p to the stack. */	
	thiz->t_pf("invoke sandbox\n");
	spc->sp_op = OP_TRY_USE;
	printf("note: spc is %s\n", gc_cap_str(spc));
	rc = sb_invoke(thiz, &sb, spc);
	thiz->t_pf("return value from sandbox: %d\n", rc);
	thiz->t_pf("cap: %s\n", gc_cap_str(cap));
	/* Check stack. */
	//struct gc_tags tg1 = gc_get_page_tags(gc_cheri_ptr(0x160c0c000ULL, 0x1000));
	//printf("lo: 0x%llx hi: 0x%llx\n", tg1.tg_lo, tg1.tg_hi);

	/* Do a collection. */
	//gc_extern_collect();
	
	// Revoke a cap.
	rc = gc_revoke(cap);
	thiz->t_pf("revoke rc: %d\n", rc);
	gc_extern_collect();
	
	thiz->t_pf("invoke sandbox\n");
	spc->sp_op = OP_TRY_USE;
	printf("note: spc is %s\n", gc_cap_str(spc));
	rc = sb_invoke(thiz, &sb, spc);
	thiz->t_pf("return value from sandbox: %d\n", rc);
	thiz->t_pf("cap: %s\n", gc_cap_str(cap));

	return (0);
}
Beispiel #15
0
u_int
token_print(packetbody_t p, u_int length, u_int caplen)
{
	__capability const struct token_header *trp;
	u_short extracted_ethertype;
	struct ether_header ehdr;
	u_int route_len = 0, hdr_len = TOKEN_HDRLEN;
	int seg;

	trp = (__capability const struct token_header *)p;

	if (caplen < TOKEN_HDRLEN) {
		printf("[|token-ring]");
		return hdr_len;
	}

	/*
	 * Get the TR addresses into a canonical form
	 */
	extract_token_addrs(trp, (char*)ESRC(&ehdr), (char*)EDST(&ehdr));

	/* Adjust for source routing information in the MAC header */
	if (IS_SOURCE_ROUTED(trp)) {
		/* Clear source-routed bit */
		*ESRC(&ehdr) &= 0x7f;

		if (eflag)
			token_hdr_print(trp, length, ESRC(&ehdr), EDST(&ehdr));

		if (caplen < TOKEN_HDRLEN + 2) {
			printf("[|token-ring]");
			return hdr_len;
		}
		route_len = RIF_LENGTH(trp);
		hdr_len += route_len;
		if (caplen < hdr_len) {
			printf("[|token-ring]");
			return hdr_len;
		}
		if (vflag) {
			printf("%s ", broadcast_indicator[BROADCAST(trp)]);
			printf("%s", direction[DIRECTION(trp)]);

			for (seg = 0; seg < SEGMENT_COUNT(trp); seg++)
				printf(" [%d:%d]", RING_NUMBER(trp, seg),
				    BRIDGE_NUMBER(trp, seg));
		} else {
			printf("rt = %x", EXTRACT_16BITS(&trp->token_rcf));

			for (seg = 0; seg < SEGMENT_COUNT(trp); seg++)
				printf(":%x", EXTRACT_16BITS(&trp->token_rseg[seg]));
		}
		printf(" (%s) ", largest_frame[LARGEST_FRAME(trp)]);
	} else {
		if (eflag)
			token_hdr_print(trp, length, ESRC(&ehdr), EDST(&ehdr));
	}

	/* Skip over token ring MAC header and routing information */
	length -= hdr_len;
	p += hdr_len;
	caplen -= hdr_len;

	/* Frame Control field determines interpretation of packet */
	if (FRAME_TYPE(trp) == TOKEN_FC_LLC) {
		/* Try to print the LLC-layer header & higher layers */
		if (llc_print(p, length, caplen, cheri_ptr(ESRC(&ehdr), 6),
		    cheri_ptr(EDST(&ehdr), 6),
		    &extracted_ethertype) == 0) {
			/* ether_type not known, print raw packet */
			if (!eflag)
				token_hdr_print(trp,
				    length + TOKEN_HDRLEN + route_len,
				    ESRC(&ehdr), EDST(&ehdr));
			if (extracted_ethertype) {
				printf("(LLC %s) ",
			etherproto_string(htons(extracted_ethertype)));
			}
			if (!suppress_default_print)
				default_print(p, caplen);
		}
	} else {
		/* Some kinds of TR packet we cannot handle intelligently */
		/* XXX - dissect MAC packets if frame type is 0 */
		if (!eflag)
			token_hdr_print(trp, length + TOKEN_HDRLEN + route_len,
			    ESRC(&ehdr), EDST(&ehdr));
		if (!suppress_default_print)
			default_print(p, caplen);
	}
	return (hdr_len);
}
Beispiel #16
0
int
sandbox_object_load(struct sandbox_class *sbcp, struct sandbox_object *sbop)
{
	__capability void *basecap, *sbcap;
	struct sandbox_metadata *sbm;
	size_t length;
	int saved_errno;
	uint8_t *base;

	/*
	 * Perform an initial reservation of space for the sandbox, but using
	 * anonymous memory that is neither readable nor writable.  This
	 * ensures there is space for all the various segments we will be
	 * installing later.
	 *
	 * The rough sandbox memory map is as follows:
	 *
	 * K + 0x1000 [stack]
	 * K          [guard page]
	 * J + 0x1000 [heap]
	 * J          [guard page]
	 * 0x8000     [memory mapped binary] (SANDBOX_ENTRY)
	 * 0x2000     [guard page]
	 * 0x1000     [read-only sandbox metadata page]
	 * 0x0000     [guard page]
	 *
	 * Address constants in sandbox.h must be synchronised with the layout
	 * implemented here.  Location and contents of sandbox metadata is
	 * part of the ABI.
	 */
	length = sbcp->sbc_sandboxlen;
	base = sbop->sbo_mem = mmap(NULL, length, 0, MAP_ANON, -1, 0);
	if (sbop->sbo_mem == MAP_FAILED) {
		saved_errno = errno;
		warn("%s: mmap region", __func__);
		goto error;
	}

	/*
	 * Skip guard page(s) to the base of the metadata structure.
	 */
	base += SANDBOX_METADATA_BASE;
	length -= SANDBOX_METADATA_BASE;

	/*
	 * Map metadata structure -- but can't fill it out until we have
	 * calculated all the other addresses involved.
	 */
	if ((sbm = mmap(base, METADATA_SIZE, PROT_READ | PROT_WRITE,
	    MAP_ANON | MAP_FIXED, -1, 0)) == MAP_FAILED) {
		saved_errno = errno;
		warn("%s: mmap metadata", __func__);
		goto error;
	}

	/*
	 * Skip forward to the mapping location for the binary -- in case we
	 * add more metadata in the future.  Assert that we didn't bump into
	 * the sandbox entry address.  This address is hard to change as it is
	 * the address used in static linking for sandboxed code.
	 */
	assert((register_t)base - (register_t)sbop->sbo_mem < SANDBOX_ENTRY);
	base = (void *)((register_t)sbop->sbo_mem + SANDBOX_ENTRY);
	length = sbcp->sbc_sandboxlen - SANDBOX_ENTRY;

	/*
	 * Map program binary.
	 */
	if (mmap(base, sbcp->sbc_stat.st_size, PROT_READ | PROT_WRITE,
	    MAP_PRIVATE | MAP_FIXED, sbcp->sbc_fd, 0) == MAP_FAILED) {
		saved_errno = errno;
		warn("%s: mmap %s", __func__, sbcp->sbc_path);
		goto error;
	}
	base += roundup2(sbcp->sbc_stat.st_size, PAGE_SIZE);
	length += roundup2(sbcp->sbc_stat.st_size, PAGE_SIZE);

	/*
	 * Skip guard page.
	 */
	base += GUARD_PAGE_SIZE;
	length -= GUARD_PAGE_SIZE;

	/*
	 * Heap.
	 */
	sbop->sbo_heapbase = (register_t)base - (register_t)sbop->sbo_mem;
	sbop->sbo_heaplen = length - (GUARD_PAGE_SIZE + STACK_SIZE);
	if (mmap(base, sbop->sbo_heaplen, PROT_READ | PROT_WRITE,
	    MAP_ANON | MAP_FIXED, -1, 0) == MAP_FAILED) {
		saved_errno = errno;
		warn("%s: mmap heap", __func__);
		goto error;
	}
	memset(base, 0, sbop->sbo_heaplen);
	base += sbop->sbo_heaplen;
	length -= sbop->sbo_heaplen;

	/*
	 * Skip guard page.
	 */
	base += GUARD_PAGE_SIZE;
	length -= GUARD_PAGE_SIZE;

	/*
	 * Stack.
	 */
	if (mmap(base, length, PROT_READ | PROT_WRITE, MAP_ANON | MAP_FIXED,
	    -1, 0) == MAP_FAILED) {
		saved_errno = errno;
		warn("%s: mmap stack", __func__);
		goto error;
	}
	memset(base, 0, length);
	base += STACK_SIZE;
	length -= STACK_SIZE;

	/*
	 * There should not be too much, nor too little space remaining.  0
	 * is our Goldilocks number.
	 */
	assert(length == 0);

	/*
	 * Now that addresses are known, write out metadata for in-sandbox
	 * use; then mprotect() so that it can't be modified by the sandbox.
	 */
	sbm->sbm_heapbase = sbop->sbo_heapbase;
	sbm->sbm_heaplen = sbop->sbo_heaplen;
	if (mprotect(base, METADATA_SIZE, PROT_READ) < 0) {
		saved_errno = errno;
		warn("%s: mprotect metadata", __func__);
		goto error;
	}

	if (sbcp->sbc_sandbox_class_statp != NULL) {
		(void)sandbox_stat_object_register(
		    &sbop->sbo_sandbox_object_statp,
		    sbcp->sbc_sandbox_class_statp,
		    SANDBOX_OBJECT_TYPE_POINTER, (uintptr_t)sbop->sbo_mem);
		SANDBOX_CLASS_ALLOC(sbcp->sbc_sandbox_class_statp);
	}

	/*
	 * Construct a generic capability that describes the combined
	 * data/code segment that we will seal.
	 */
	basecap = cheri_ptrtype(sbop->sbo_mem, sbcp->sbc_sandboxlen,
	    SANDBOX_ENTRY);

	/* Construct sealed code capability. */
	sbcap = cheri_andperm(basecap, CHERI_PERM_EXECUTE | CHERI_PERM_LOAD |
	    CHERI_PERM_SEAL);
	sbop->sbo_cheri_object.co_codecap =
	    cheri_sealcode(sbcap);

	/* Construct sealed data capability. */
	sbcap = cheri_andperm(basecap, CHERI_PERM_LOAD | CHERI_PERM_STORE |
	    CHERI_PERM_LOAD_CAP | CHERI_PERM_STORE_CAP |
	    CHERI_PERM_STORE_EPHEM_CAP);
	sbop->sbo_cheri_object.co_datacap = cheri_sealdata(sbcap, basecap);

	/*
	 * Construct an object capability for the system class instance that
	 * will be passed into the sandbox.  Its code capability is just our
	 * $c0; the data capability is to the sandbox structure itself, which
	 * allows the system class to identify which sandbox a request is
	 * being issued from.
	 *
	 * Note that $c0 in the 'sandbox' will be set from $pcc, so leave a
	 * full set of write/etc permissions on the code capability.
	 */
	basecap = cheri_settype(cheri_getdefault(),
	    (register_t)CHERI_CLASS_ENTRY(libcheri_system));
	sbop->sbo_cheri_system_object.co_codecap = cheri_sealcode(basecap);

	sbcap = cheri_ptr(sbop, sizeof(*sbop));
	sbcap = cheri_andperm(sbcap,
	    CHERI_PERM_LOAD | CHERI_PERM_STORE | CHERI_PERM_LOAD_CAP |
	    CHERI_PERM_STORE_CAP | CHERI_PERM_STORE_EPHEM_CAP);
	sbop->sbo_cheri_system_object.co_datacap = cheri_sealdata(sbcap,
	    basecap);
	return (0);

error:
	if (sbop->sbo_mem != NULL)
		munmap(sbop->sbo_mem, sbcp->sbc_sandboxlen);
	errno = saved_errno;
	return (-1);
}
#include <sysexits.h>
#include <unistd.h>

#include "cheritest.h"

/*
 * First batch of tests exercises CHERI faults outside of sandboxes.
 */
#define	ARRAY_LEN	2
static char array[ARRAY_LEN];
static char sink;

void
test_fault_bounds(const struct cheri_test *ctp __unused)
{
	__capability char *arrayp = cheri_ptr(array, sizeof(array));
	int i;

	for (i = 0; i < ARRAY_LEN; i++)
		arrayp[i] = 0;
	arrayp[i] = 0;
}

void
test_fault_perm_load(const struct cheri_test *ctp __unused)
{
	__capability char *arrayp = cheri_ptrperm(array, sizeof(array), 0);

	sink = arrayp[0];
}