avoid unnecessary security-guard invocations in ffi-lib
Relevant to racket/sandbox-lib#1
This commit is contained in:
parent
67ac06e6ed
commit
8257a592a0
|
@ -12,7 +12,7 @@
|
|||
|
||||
(define collection 'multi)
|
||||
|
||||
(define version "6.10.0.2")
|
||||
(define version "6.10.0.3")
|
||||
|
||||
(define deps `("racket-lib"
|
||||
["racket" #:version ,version]))
|
||||
|
|
|
@ -2,7 +2,9 @@
|
|||
|
||||
;; Foreign Racket interface
|
||||
(require '#%foreign setup/dirs racket/unsafe/ops racket/private/for
|
||||
(only-in '#%unsafe unsafe-thread-at-root)
|
||||
(only-in '#%unsafe
|
||||
unsafe-thread-at-root
|
||||
unsafe-make-security-guard-at-root)
|
||||
(for-syntax racket/base racket/list syntax/stx racket/syntax
|
||||
racket/struct-info))
|
||||
|
||||
|
@ -163,9 +165,9 @@
|
|||
(ormap ffi-lib* names) ; try good names first
|
||||
(ffi-lib* name0) ; try original
|
||||
(ormap (lambda (name) ; try relative paths
|
||||
(and (file-exists? name) (ffi-lib* (fullpath name))))
|
||||
(and (file-exists?/insecure name) (ffi-lib* (fullpath name))))
|
||||
names)
|
||||
(and (file-exists? name0) ; relative with original
|
||||
(and (file-exists?/insecure name0) ; relative with original
|
||||
(ffi-lib* (fullpath name0)))
|
||||
;; give up: by default, call ffi-lib so it will raise an error
|
||||
(if fail
|
||||
|
@ -267,6 +269,14 @@
|
|||
;; avoid them being GCed. See set-ffi-obj! above.
|
||||
(define ffi-objects-ref-table (make-hasheq))
|
||||
|
||||
;; Like `file-exists?`, but avoid security-guard checks on the grounds
|
||||
;; that it's being called from an already-allowed unsafe operation ---
|
||||
;; so a sandbox doesn't have to make additional allowances for the
|
||||
;; check.
|
||||
(define (file-exists?/insecure path)
|
||||
(parameterize ([current-security-guard (unsafe-make-security-guard-at-root)])
|
||||
(file-exists? path)))
|
||||
|
||||
;; ----------------------------------------------------------------------------
|
||||
;; Compile-time support for fun-expanders
|
||||
|
||||
|
|
|
@ -20,6 +20,7 @@
|
|||
unsafe-custodian-register
|
||||
unsafe-custodian-unregister
|
||||
unsafe-register-process-global
|
||||
unsafe-make-security-guard-at-root
|
||||
unsafe-set-on-atomic-timeout!
|
||||
unsafe-abort-current-continuation/no-wind
|
||||
unsafe-call-with-composable-continuation/no-wind)
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
{
|
||||
SHARED_OK static MZCOMPILED_STRING_FAR unsigned char expr[] = {35,126,8,54,46,49,48,46,48,46,50,84,0,0,0,0,0,0,0,0,0,
|
||||
SHARED_OK static MZCOMPILED_STRING_FAR unsigned char expr[] = {35,126,8,54,46,49,48,46,48,46,51,84,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,54,0,0,0,1,0,0,8,0,18,
|
||||
0,22,0,26,0,31,0,38,0,42,0,47,0,59,0,66,0,69,0,82,0,
|
||||
89,0,94,0,103,0,109,0,123,0,137,0,140,0,146,0,157,0,159,0,173,
|
||||
|
@ -102,7 +102,7 @@
|
|||
EVAL_ONE_SIZED_STR((char *)expr, 2091);
|
||||
}
|
||||
{
|
||||
SHARED_OK static MZCOMPILED_STRING_FAR unsigned char expr[] = {35,126,8,54,46,49,48,46,48,46,50,84,0,0,0,0,0,0,0,0,0,
|
||||
SHARED_OK static MZCOMPILED_STRING_FAR unsigned char expr[] = {35,126,8,54,46,49,48,46,48,46,51,84,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,183,0,0,0,1,0,0,8,0,16,
|
||||
0,29,0,34,0,51,0,63,0,85,0,114,0,158,0,164,0,178,0,193,0,
|
||||
211,0,223,0,239,0,253,0,19,1,39,1,73,1,90,1,107,1,130,1,145,
|
||||
|
@ -1011,7 +1011,7 @@
|
|||
EVAL_ONE_SIZED_STR((char *)expr, 19016);
|
||||
}
|
||||
{
|
||||
SHARED_OK static MZCOMPILED_STRING_FAR unsigned char expr[] = {35,126,8,54,46,49,48,46,48,46,50,84,0,0,0,0,0,0,0,0,0,
|
||||
SHARED_OK static MZCOMPILED_STRING_FAR unsigned char expr[] = {35,126,8,54,46,49,48,46,48,46,51,84,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,15,0,0,0,1,0,0,8,0,23,
|
||||
0,48,0,65,0,83,0,105,0,128,0,149,0,171,0,181,0,191,0,199,0,
|
||||
209,0,217,0,0,0,253,1,0,0,3,1,5,105,110,115,112,48,76,35,37,
|
||||
|
@ -1042,7 +1042,7 @@
|
|||
EVAL_ONE_SIZED_STR((char *)expr, 582);
|
||||
}
|
||||
{
|
||||
SHARED_OK static MZCOMPILED_STRING_FAR unsigned char expr[] = {35,126,8,54,46,49,48,46,48,46,50,84,0,0,0,0,0,0,0,0,0,
|
||||
SHARED_OK static MZCOMPILED_STRING_FAR unsigned char expr[] = {35,126,8,54,46,49,48,46,48,46,51,84,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,102,0,0,0,1,0,0,8,0,15,
|
||||
0,26,0,53,0,59,0,73,0,86,0,112,0,129,0,151,0,159,0,171,0,
|
||||
186,0,202,0,220,0,241,0,253,0,13,1,36,1,60,1,72,1,103,1,108,
|
||||
|
@ -1538,7 +1538,7 @@
|
|||
EVAL_ONE_SIZED_STR((char *)expr, 10344);
|
||||
}
|
||||
{
|
||||
SHARED_OK static MZCOMPILED_STRING_FAR unsigned char expr[] = {35,126,8,54,46,49,48,46,48,46,50,84,0,0,0,0,0,0,0,0,0,
|
||||
SHARED_OK static MZCOMPILED_STRING_FAR unsigned char expr[] = {35,126,8,54,46,49,48,46,48,46,51,84,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,18,0,0,0,1,0,0,8,0,18,
|
||||
0,22,0,28,0,42,0,56,0,68,0,88,0,102,0,117,0,130,0,135,0,
|
||||
139,0,151,0,235,0,242,0,20,1,0,0,224,1,0,0,3,1,5,105,110,
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
#define USE_COMPILED_STARTUP 1
|
||||
|
||||
#define EXPECTED_PRIM_COUNT 1159
|
||||
#define EXPECTED_UNSAFE_COUNT 141
|
||||
#define EXPECTED_UNSAFE_COUNT 142
|
||||
#define EXPECTED_FLFXNUM_COUNT 69
|
||||
#define EXPECTED_EXTFL_COUNT 45
|
||||
#define EXPECTED_FUTURES_COUNT 15
|
||||
|
|
|
@ -13,12 +13,12 @@
|
|||
consistently.)
|
||||
*/
|
||||
|
||||
#define MZSCHEME_VERSION "6.10.0.2"
|
||||
#define MZSCHEME_VERSION "6.10.0.3"
|
||||
|
||||
#define MZSCHEME_VERSION_X 6
|
||||
#define MZSCHEME_VERSION_Y 10
|
||||
#define MZSCHEME_VERSION_Z 0
|
||||
#define MZSCHEME_VERSION_W 2
|
||||
#define MZSCHEME_VERSION_W 3
|
||||
|
||||
#define MZSCHEME_VERSION_MAJOR ((MZSCHEME_VERSION_X * 100) + MZSCHEME_VERSION_Y)
|
||||
#define MZSCHEME_VERSION_MINOR ((MZSCHEME_VERSION_Z * 1000) + MZSCHEME_VERSION_W)
|
||||
|
|
|
@ -366,6 +366,7 @@ static Scheme_Object *is_thread_cell_values(int argc, Scheme_Object *args[]);
|
|||
static Scheme_Object *make_security_guard(int argc, Scheme_Object *argv[]);
|
||||
static Scheme_Object *security_guard_p(int argc, Scheme_Object *argv[]);
|
||||
static Scheme_Object *current_security_guard(int argc, Scheme_Object *argv[]);
|
||||
static Scheme_Object *unsafe_make_security_guard_at_root(int argc, Scheme_Object *argv[]);
|
||||
|
||||
static Scheme_Object *security_guard_check_file(int argc, Scheme_Object *argv[]);
|
||||
static Scheme_Object *security_guard_check_file_link(int argc, Scheme_Object *argv[]);
|
||||
|
@ -642,6 +643,8 @@ scheme_init_unsafe_thread (Scheme_Env *env)
|
|||
GLOBAL_PRIM_W_ARITY("unsafe-register-process-global", unsafe_register_process_global, 2, 2, env);
|
||||
|
||||
GLOBAL_PRIM_W_ARITY("unsafe-set-on-atomic-timeout!", unsafe_set_on_atomic_timeout, 1, 1, env);
|
||||
|
||||
GLOBAL_PRIM_W_ARITY("unsafe-make-security-guard-at-root", unsafe_make_security_guard_at_root, 0, 3, env);
|
||||
}
|
||||
|
||||
void scheme_init_thread_places(void) {
|
||||
|
@ -8215,6 +8218,27 @@ static Scheme_Object *make_security_guard(int argc, Scheme_Object *argv[])
|
|||
return (Scheme_Object *)sg;
|
||||
}
|
||||
|
||||
static Scheme_Object *unsafe_make_security_guard_at_root(int argc, Scheme_Object *argv[])
|
||||
{
|
||||
Scheme_Security_Guard *sg;
|
||||
|
||||
if (argc > 0)
|
||||
scheme_check_proc_arity("unsafe-make-security-guard-at-root", 3, 0, argc, argv);
|
||||
if (argc > 1)
|
||||
scheme_check_proc_arity("unsafe-make-security-guard-at-root", 4, 1, argc, argv);
|
||||
if (argc > 2)
|
||||
scheme_check_proc_arity2("unsafe-make-security-guard-at-root", 3, 2, argc, argv, 1);
|
||||
|
||||
sg = MALLOC_ONE_TAGGED(Scheme_Security_Guard);
|
||||
sg->so.type = scheme_security_guard_type;
|
||||
sg->parent = NULL;
|
||||
sg->file_proc = ((argc > 0) ? argv[0] : NULL);
|
||||
sg->network_proc = ((argc > 1) ? argv[1] : NULL);
|
||||
sg->link_proc = ((argc > 2) ? argv[2] : NULL);
|
||||
|
||||
return (Scheme_Object *)sg;
|
||||
}
|
||||
|
||||
static Scheme_Object *security_guard_p(int argc, Scheme_Object *argv[])
|
||||
{
|
||||
return ((SAME_TYPE(SCHEME_TYPE(argv[0]), scheme_security_guard_type))
|
||||
|
|
|
@ -303,6 +303,8 @@ static void get_dl_error(rktio_t *rktio)
|
|||
rktio->dll_error = strdup(s);
|
||||
else
|
||||
rktio->dll_error = strdup("unknown error");
|
||||
|
||||
set_racket_error(RKTIO_ERROR_DLL);
|
||||
}
|
||||
#endif
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user