From 09ffadbf967e4baa6f2436567795f7bf47791ea0 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Tue, 30 Mar 2021 15:31:47 +0200 Subject: [PATCH 1/2] meson: Add missing dependency on threads Signed-off-by: Daiki Ueno --- common/meson.build | 2 +- trust/meson.build | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/common/meson.build b/common/meson.build index b74b163d6..e0b389bda 100644 --- a/common/meson.build +++ b/common/meson.build @@ -82,7 +82,7 @@ if get_option('test') t = executable(name, '@0@.c'.format(name), c_args: tests_c_args, include_directories: configinc, - dependencies: dlopen_deps, + dependencies: dlopen_deps + thread_deps, link_with: [libp11_test, libp11_common]) test(name, t) endforeach diff --git a/trust/meson.build b/trust/meson.build index d4a8e1574..1ff5dd7a4 100644 --- a/trust/meson.build +++ b/trust/meson.build @@ -102,7 +102,7 @@ executable('trust', link_with: libtrust_data, dependencies: [asn_h_dep, libp11_kit_dep, - libp11_tool_dep] + libffi_deps + dlopen_deps + libtasn1_deps, + libp11_tool_dep] + libffi_deps + dlopen_deps + libtasn1_deps + thread_deps, install: true) install_data('trust-extract-compat', From 84b512972c0f4edd9d080804f810cb2037f85799 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Tue, 30 Mar 2021 15:30:35 +0200 Subject: [PATCH 2/2] meson: Plumb hardening with Rust Signed-off-by: Daiki Ueno --- common/meson.build | 13 ++++++++++++ common/path.c | 2 ++ common/path.rs | 49 ++++++++++++++++++++++++++++++++++++++++++++++ meson.build | 5 +++++ meson_options.txt | 4 ++++ 5 files changed, 73 insertions(+) create mode 100644 common/path.rs diff --git a/common/meson.build b/common/meson.build index e0b389bda..7f5d91b04 100644 --- a/common/meson.build +++ b/common/meson.build @@ -18,7 +18,20 @@ libp11_common_sources = [ 'vsock.c' ] +libp11_common_libs = [] + +if get_option('rustc') + libp11_common_rust_sources = [ + 'path.rs' + ] + libp11_common_rust = static_library('p11_common_rust', + libp11_common_rust_sources, + rust_crate_type: 'staticlib') + libp11_common_libs += libp11_common_rust +endif + libp11_common = static_library('p11-common', libp11_common_sources, + link_with: libp11_common_libs, gnu_symbol_visibility: 'hidden', include_directories: configinc) diff --git a/common/path.c b/common/path.c index d0d1893c7..a1af2f04d 100644 --- a/common/path.c +++ b/common/path.c @@ -60,6 +60,7 @@ #endif +#if !defined(ENABLE_RUSTC) || !ENABLE_RUSTC char * p11_path_base (const char *path) { @@ -92,6 +93,7 @@ p11_path_base (const char *path) return strndup (beg, end - beg); } +#endif static inline bool is_path_separator (char ch) diff --git a/common/path.rs b/common/path.rs new file mode 100644 index 000000000..4dafa47aa --- /dev/null +++ b/common/path.rs @@ -0,0 +1,49 @@ +// +// Copyright (c) 2021 Red Hat Inc. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions +// are met: +// +// * Redistributions of source code must retain the above +// copyright notice, this list of conditions and the +// following disclaimer. +// * Redistributions in binary form must reproduce the +// above copyright notice, this list of conditions and +// the following disclaimer in the documentation and/or +// other materials provided with the distribution. +// * The names of contributors to this software may not be +// used to endorse or promote products derived from this +// software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +// BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS +// OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED +// AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +// OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH +// DAMAGE. +// + +use std::ffi::{CStr, CString, OsStr}; +use std::os::raw::c_char; +use std::path::PathBuf; +use std::os::unix::ffi::OsStrExt; + +#[no_mangle] +pub extern fn p11_path_base(name: *const c_char) -> *mut c_char { + let slice = unsafe { CStr::from_ptr(name) }; + let path = PathBuf::from(OsStr::from_bytes(slice.to_bytes())); + let bytes = path + .file_name() + .and_then(|base| Some(base.as_bytes())) + .unwrap_or("".as_bytes()); + CString::new(bytes) + .and_then(|c_string| Ok(c_string.into_raw())) + .unwrap_or(std::ptr::null_mut()) +} diff --git a/meson.build b/meson.build index 52643f02f..99a3b2bc3 100644 --- a/meson.build +++ b/meson.build @@ -63,6 +63,11 @@ if get_option('nls') and cc.has_header('libintl.h') conf.set('ENABLE_NLS', 1) endif +conf.set10('ENABLE_RUSTC', get_option('rustc')) +if get_option('rustc') + add_languages('rust') +endif + prefix = get_option('prefix') datadir = get_option('datadir') bindir = get_option('bindir') diff --git a/meson_options.txt b/meson_options.txt index c5fd1904d..31773cec3 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -65,3 +65,7 @@ option('nls', type : 'boolean', option('test', type : 'boolean', value : true, description : 'Enable building test programs') + +option('rustc', type : 'boolean', + value : false, + description : 'Enable hardening using Rust')