Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Create reversing rules from init.lua (and sb2's option -r was removed)
- reversing rules are now created by executing create_reverse_rules.lua
  from init.lua (it used to be called from the sb2 script itself)

- Option -r, which disables path reversing, was removed.
  • Loading branch information
lauri-aarnio committed Mar 18, 2012
1 parent 2caac69 commit 0c6abd4
Show file tree
Hide file tree
Showing 7 changed files with 129 additions and 99 deletions.
103 changes: 74 additions & 29 deletions lua_scripts/create_reverse_rules.lua
Expand Up @@ -10,23 +10,16 @@
-- available and SB2 works just as it did before this feature was implemented)
--

if not exec_engine_loaded then
do_file(session_dir .. "/lua_scripts/argvenvp.lua")
end
if not mapping_engine_loaded then
do_file(session_dir .. "/lua_scripts/mapping.lua")
end

allow_reversing = true -- default = create reverse rules.
reversing_disabled_message = ""
local allow_reversing = true -- default = create reverse rules.
local reversing_disabled_message = ""

-- Order of reverse rules is not necessarily the same as order of forward rules
function test_rev_rule_position(output_rules, d_path)
local n
for n=1,table.maxn(output_rules) do
local rule = output_rules[n]
local cmp_result
cmp_result = sb.test_path_match(d_path,
cmp_result = sblib.test_path_match(d_path,
rule.dir, rule.prefix, rule.path)
if (cmp_result >= 0) then
return n
Expand Down Expand Up @@ -301,23 +294,75 @@ function print_rules(ofile, rules)
ofile:write(string.format("-- Printed\t%d\trules\n",table.maxn(rules)))
end

local output_file = io.stdout
output_file:write("-- Reversed rules from "..rule_file_path.."\n")

local output_rules = {}
local rev_rules = reverse_rules(output_file, output_rules, fs_mapping_rules)
if (allow_reversing) then
output_file:write("reverse_fs_mapping_rules={\n")
print_rules(output_file, rev_rules)
-- Add a final rule for the root directory itself.
output_file:write("\t{\n")
output_file:write("\t\tname = \"Final root dir rule\",\n")
output_file:write("\t\tpath = \""..target_root.."\",\n")
output_file:write("\t\treplace_by = \"/\"\n")
output_file:write("\t},\n")
output_file:write("}\n")
else
output_file:write("-- Failed to create reverse rules (" ..
reversing_disabled_message .. ")\n")
output_file:write("reverse_fs_mapping_rules = nil\n")
for m_index,m_name in pairs(all_modes) do
local autorule_file_path = session_dir .. "/rules_auto/" .. m_name .. ".usr_bin.lua"
local rule_file_path = session_dir .. "/rules/" .. m_name .. ".lua"
local rev_rule_filename = session_dir .. "/rev_rules/" ..
m_name .. ".lua"
local output_file = io.open(rev_rule_filename, "w")

allow_reversing = true -- default = create reverse rules.
reversing_disabled_message = ""

local current_rule_interface_version = "103"

-- rulefile will set these:
rule_file_interface_version = nil
fs_mapping_rules = nil

-- rulefile expects to see this:
active_mapmode = m_name

-- Reload "constants", just to be sure:
do_file(session_dir .. "/lua_scripts/rule_constants.lua")

do_file(autorule_file_path)
do_file(rule_file_path)

-- fail and die if interface version is incorrect
if (rule_file_interface_version == nil) or
(type(rule_file_interface_version) ~= "string") then
io.stderr:write(string.format(
"Fatal: Rule file interface version check failed: "..
"No version information in %s",
rule_file_path))
os.exit(89)
end
if rule_file_interface_version ~= current_rule_interface_version then
io.stderr:write(string.format(
"Fatal: Rule file interface version check failed: "..
"got %s, expected %s", rule_file_interface_version,
current_rule_interface_version))
os.exit(88)
end

if (type(fs_mapping_rules) ~= "table") then
io.stderr:write("'fs_mapping_rule' is not an array.");
os.exit(87)
end

output_file:write("-- Reversed rules from "..rule_file_path.."\n")

local output_rules = {}
local rev_rules = reverse_rules(output_file, output_rules, fs_mapping_rules)
if (allow_reversing) then
output_file:write("reverse_fs_mapping_rules={\n")
print_rules(output_file, rev_rules)
-- Add a final rule for the root directory itself.
output_file:write("\t{\n")
output_file:write("\t\tname = \"Final root dir rule\",\n")
output_file:write("\t\tpath = \""..target_root.."\",\n")
output_file:write("\t\treplace_by = \"/\"\n")
output_file:write("\t},\n")
output_file:write("}\n")
else
output_file:write("-- Failed to create reverse rules (" ..
reversing_disabled_message .. ")\n")
output_file:write("reverse_fs_mapping_rules = nil\n")
end
end

--cleanup
rule_file_interface_version = nil
fs_mapping_rules = nil

3 changes: 3 additions & 0 deletions lua_scripts/init.lua
Expand Up @@ -90,3 +90,6 @@ do_file(session_dir .. "/lua_scripts/init_modeconfig.lua")
-- Create rules based on "argvmods", e.g. rules for toolchain components etc.
do_file(session_dir .. "/lua_scripts/init_autogen_usr_bin_rules.lua")

-- Create reverse mapping rules.
do_file(session_dir .. "/lua_scripts/create_reverse_rules.lua")

1 change: 1 addition & 0 deletions lua_scripts/init_argvmods_rules.lua
Expand Up @@ -240,3 +240,4 @@ if (debug_messages_enabled) then
string.format("%d rules", num_rules))
end

argvmods = nil -- cleanup.
13 changes: 9 additions & 4 deletions lua_scripts/init_autogen_usr_bin_rules.lua
Expand Up @@ -49,9 +49,8 @@ function argvmods_to_mapping_rules(rule_file, prefix)
end
end

function create_mapping_rule_file(modename_in_ruletree)
function create_mapping_rule_file(filename, modename_in_ruletree)

local filename = session_dir .. "/rules_auto/" .. modename_in_ruletree .. ".usr_bin.lua"
local rule_file = io.open(filename, "w")
if not rule_file then
io.stderr:write(string.format(
Expand Down Expand Up @@ -124,11 +123,17 @@ end

for m_index,m_name in pairs(all_modes) do
local usr_bin_rules_flagfile = session_dir .. "/rules_auto/" ..
m_name .. ".create_usr_bin_rules"
m_name .. ".create_usr_bin_rules"
local output_filename = session_dir .. "/rules_auto/" ..
m_name .. ".usr_bin.lua"
local ff = io.open(usr_bin_rules_flagfile, "r")
if ff ~= nil then
ff:close()
create_mapping_rule_file(m_name)
create_mapping_rule_file(output_filename, m_name)
else
-- create an empty file.
local rule_file = io.open(output_filename, "w")
rule_file:close()
end
end

31 changes: 2 additions & 29 deletions lua_scripts/mapping.lua
Expand Up @@ -2,35 +2,8 @@
-- Copyright (C) 2006, 2007 Lauri Leukkunen
-- Licensed under MIT license.

-- These must match the flag definitions in mapping.h:
local RULE_FLAGS_READONLY = 1
local RULE_FLAGS_CALL_TRANSLATE_FOR_ALL = 2
local RULE_FLAGS_FORCE_ORIG_PATH = 4
local RULE_FLAGS_READONLY_FS_IF_NOT_ROOT = 8
local RULE_FLAGS_READONLY_FS_ALWAYS = 16

-- Function class (bitmask) definitions for rule files:
-- These must match SB2_INTERFACE_CLASS_* definitions in
-- include/mapping.h
FUNC_CLASS_OPEN = 0x1
FUNC_CLASS_STAT = 0x2
FUNC_CLASS_EXEC = 0x4
FUNC_CLASS_SOCKADDR = 0x8
FUNC_CLASS_FTSOPEN = 0x10
FUNC_CLASS_GLOB = 0x20
FUNC_CLASS_GETCWD = 0x40
FUNC_CLASS_REALPATH = 0x80
FUNC_CLASS_SET_TIMES = 0x100
FUNC_CLASS_L10N = 0x200
FUNC_CLASS_MKNOD = 0x400
FUNC_CLASS_RENAME = 0x800


-- Constants that can be used from the rules:
--
-- "protection" attribute:
readonly_fs_if_not_root = 1
readonly_fs_always = 2
do_file(session_dir .. "/lua_scripts/rule_constants.lua")


function basename(path)
if (path == "/") then
Expand Down
36 changes: 36 additions & 0 deletions lua_scripts/rule_constants.lua
@@ -0,0 +1,36 @@
-- Copyright (c) 2012 Nokia Corporation.
-- Author: Lauri T. Aarnio
--
-- Licensed under LGPL version 2.1, see top level LICENSE file for details.

--
-- Constants which can be used from the rule files:
--

-- These must match the flag definitions in mapping.h:
RULE_FLAGS_READONLY = 1
RULE_FLAGS_CALL_TRANSLATE_FOR_ALL = 2
RULE_FLAGS_FORCE_ORIG_PATH = 4
RULE_FLAGS_READONLY_FS_IF_NOT_ROOT = 8
RULE_FLAGS_READONLY_FS_ALWAYS = 16

-- Function class (bitmask) definitions for rule files:
-- These must match SB2_INTERFACE_CLASS_* definitions in
-- include/mapping.h
FUNC_CLASS_OPEN = 0x1
FUNC_CLASS_STAT = 0x2
FUNC_CLASS_EXEC = 0x4
FUNC_CLASS_SOCKADDR = 0x8
FUNC_CLASS_FTSOPEN = 0x10
FUNC_CLASS_GLOB = 0x20
FUNC_CLASS_GETCWD = 0x40
FUNC_CLASS_REALPATH = 0x80
FUNC_CLASS_SET_TIMES = 0x100
FUNC_CLASS_L10N = 0x200
FUNC_CLASS_MKNOD = 0x400
FUNC_CLASS_RENAME = 0x800

-- "protection" attribute:
readonly_fs_if_not_root = 1
readonly_fs_always = 2

41 changes: 4 additions & 37 deletions utils/sb2
Expand Up @@ -46,7 +46,6 @@ Options:
-s DIRECTORY load mapping scripts from alternative location
-Q BUGLIST emulate bugs of the old scratchbox 1 (BUGLIST consists of
letters: 'x' enables exec permission checking bug emulation)
-r do not create reverse mapping rules
-O options set options for the selected mapping mode ("options" is
a mode-specific string)
-R use simulated root permissions (activates the Vperm subsystem)
Expand Down Expand Up @@ -140,28 +139,6 @@ END
done
}

# Create reverse rules. Since that will be done using sb2-show, the environment
# must to be ready => this function can be called only just before the shell
# is executed at end of this script.
#
# Used during stage 3 (generation of automatic rules)
function create_reverse_rules()
{
for ammf in $SBOX_SESSION_DIR/rules/*.lua; do
amm_base=`basename $ammf .lua`

__SB2_BINARYNAME="sb2:CreatingReverseRules" \
SBOX_SESSION_MODE=$amm_base sb2-monitor \
-L $SBOX_LIBSB2 -- $SBOX_DIR/bin/sb2-show \
execluafile \
$SBOX_SESSION_DIR/lua_scripts/create_reverse_rules.lua \
>$SBOX_SESSION_DIR/rev_rules/$amm_base.lua
if [ $? != 0 ]; then
exit_error "Failed to create reverse rules ($amm_base)"
fi
done
}

# Determine location of the nsswitch.conf file and nscd sockets that
# we should use;
# * NSSWITCH_CONF_PATH and NSCD_SOCKET_PATH environment variables are
Expand Down Expand Up @@ -1538,7 +1515,6 @@ SB2_INTERNAL_MAPMODES=""
SBOX_DIR=$(readlink -f $(dirname $(readlink -f $my_path))/..)
SBOX_WORKDIR=$(readlink -f $PWD)
SBOX_ROOT_SIMULATION=""
SBOX_CREATE_REVERSE_RULES="y"
SBOX_MODE_SPECIFIC_OPTIONS=""
OPT_CLONE_TARGET_ROOT="n"
OPT_CLONE_TARGET_ROOT_FROM=""
Expand Down Expand Up @@ -1571,7 +1547,7 @@ do
(M) echo "Option -M is disabled (temporarily)"; exit 1 ;;
(s) SBOX_LUA_SCRIPTS=$OPTARG;;
(Z) SBOX_OPT_Z_NO_LD_SO_EXEC="y";;
(r) SBOX_CREATE_REVERSE_RULES="n";;
(r) show_usage_and_exit ;; # -r is not available anymore.
(R) SBOX_ROOT_SIMULATION="root";;
(U) VPERM_UIDGID_FOR_UNKNOWN_FILES=$OPTARG;;
(p) VPERM_ROOT_PRIVILEGE_FLAG=",p";;
Expand Down Expand Up @@ -1842,20 +1818,11 @@ fi
# Now everything is ready, programs can be executed in SB2'ed environment.
# Make automatically generated rules, if needed:
if [ -z "$SBOX_JOIN_SESSION_FILE" ]; then
# if needed, add path mapping rules for toolchain components.
# if needed, add path mapping rules for toolchain components
# to the rule files which may be loaded at runtime
# (if Lua mapping method is used)
add_auto_rules_to_mapping_rules

#
# Create reverse mapping rules before starting the
# actual command (or shell).
#
if [ "$SBOX_CREATE_REVERSE_RULES" == "y" ]; then
create_reverse_rules
else
echo "-- Reverse rules disabled by command line option -r" \
>$SBOX_SESSION_DIR/rev_rules.note
fi

#
# Create the "rule tree" file for the C mapping
# engine:
Expand Down

0 comments on commit 0c6abd4

Please sign in to comment.