mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-23 20:03:31 +01:00
Move winprocess_sys into a new low-level hardening module
This code was in our process module, but it doesn't belong there: process is for launching and monitoring subprocesses, not for hardening the current process. This change lets us have our subsystem init order more closely match our dependency order.
This commit is contained in:
parent
691d271b2e
commit
90524de0b2
2
.gitignore
vendored
2
.gitignore
vendored
@ -186,6 +186,8 @@ uptime-*.json
|
|||||||
/src/lib/libtor-geoip-testing.a
|
/src/lib/libtor-geoip-testing.a
|
||||||
/src/lib/libtor-intmath.a
|
/src/lib/libtor-intmath.a
|
||||||
/src/lib/libtor-intmath-testing.a
|
/src/lib/libtor-intmath-testing.a
|
||||||
|
/src/lib/libtor-llharden.a
|
||||||
|
/src/lib/libtor-llharden-testing.a
|
||||||
/src/lib/libtor-lock.a
|
/src/lib/libtor-lock.a
|
||||||
/src/lib/libtor-lock-testing.a
|
/src/lib/libtor-lock-testing.a
|
||||||
/src/lib/libtor-log.a
|
/src/lib/libtor-log.a
|
||||||
|
@ -70,6 +70,7 @@ TOR_UTIL_LIBS = \
|
|||||||
src/lib/libtor-wallclock.a \
|
src/lib/libtor-wallclock.a \
|
||||||
src/lib/libtor-err.a \
|
src/lib/libtor-err.a \
|
||||||
src/lib/libtor-version.a \
|
src/lib/libtor-version.a \
|
||||||
|
src/lib/libtor-llharden.a \
|
||||||
src/lib/libtor-intmath.a \
|
src/lib/libtor-intmath.a \
|
||||||
src/lib/libtor-ctime.a
|
src/lib/libtor-ctime.a
|
||||||
|
|
||||||
@ -104,6 +105,7 @@ TOR_UTIL_TESTING_LIBS = \
|
|||||||
src/lib/libtor-wallclock-testing.a \
|
src/lib/libtor-wallclock-testing.a \
|
||||||
src/lib/libtor-err-testing.a \
|
src/lib/libtor-err-testing.a \
|
||||||
src/lib/libtor-version-testing.a \
|
src/lib/libtor-version-testing.a \
|
||||||
|
src/lib/libtor-llharden-testing.a \
|
||||||
src/lib/libtor-intmath.a \
|
src/lib/libtor-intmath.a \
|
||||||
src/lib/libtor-ctime-testing.a
|
src/lib/libtor-ctime-testing.a
|
||||||
endif
|
endif
|
||||||
|
@ -24,7 +24,7 @@
|
|||||||
#include "lib/log/log_sys.h"
|
#include "lib/log/log_sys.h"
|
||||||
#include "lib/net/network_sys.h"
|
#include "lib/net/network_sys.h"
|
||||||
#include "lib/process/process_sys.h"
|
#include "lib/process/process_sys.h"
|
||||||
#include "lib/process/winprocess_sys.h"
|
#include "lib/llharden/winprocess_sys.h"
|
||||||
#include "lib/thread/thread_sys.h"
|
#include "lib/thread/thread_sys.h"
|
||||||
#include "lib/time/time_sys.h"
|
#include "lib/time/time_sys.h"
|
||||||
#include "lib/tls/tortls_sys.h"
|
#include "lib/tls/tortls_sys.h"
|
||||||
|
@ -19,6 +19,7 @@ include src/lib/fs/include.am
|
|||||||
include src/lib/geoip/include.am
|
include src/lib/geoip/include.am
|
||||||
include src/lib/include.libdonna.am
|
include src/lib/include.libdonna.am
|
||||||
include src/lib/intmath/include.am
|
include src/lib/intmath/include.am
|
||||||
|
include src/lib/llharden/include.am
|
||||||
include src/lib/lock/include.am
|
include src/lib/lock/include.am
|
||||||
include src/lib/log/include.am
|
include src/lib/log/include.am
|
||||||
include src/lib/math/include.am
|
include src/lib/math/include.am
|
||||||
|
3
src/lib/llharden/.may_include
Normal file
3
src/lib/llharden/.may_include
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
lib/llharden/*.h
|
||||||
|
lib/subsys/*.h
|
||||||
|
orconfig.h
|
19
src/lib/llharden/include.am
Normal file
19
src/lib/llharden/include.am
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
|
||||||
|
noinst_LIBRARIES += src/lib/libtor-llharden.a
|
||||||
|
|
||||||
|
if UNITTESTS_ENABLED
|
||||||
|
noinst_LIBRARIES += src/lib/libtor-llharden-testing.a
|
||||||
|
endif
|
||||||
|
|
||||||
|
# ADD_C_FILE: INSERT SOURCES HERE.
|
||||||
|
src_lib_libtor_llharden_a_SOURCES = \
|
||||||
|
src/lib/llharden/winprocess_sys.c
|
||||||
|
|
||||||
|
src_lib_libtor_llharden_testing_a_SOURCES = \
|
||||||
|
$(src_lib_libtor_llharden_a_SOURCES)
|
||||||
|
src_lib_libtor_llharden_testing_a_CPPFLAGS = $(AM_CPPFLAGS) $(TEST_CPPFLAGS)
|
||||||
|
src_lib_libtor_llharden_testing_a_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS)
|
||||||
|
|
||||||
|
# ADD_C_FILE: INSERT HEADERS HERE.
|
||||||
|
noinst_HEADERS += \
|
||||||
|
src/lib/llharden/winprocess_sys.h
|
6
src/lib/llharden/lib_llharden.md
Normal file
6
src/lib/llharden/lib_llharden.md
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
@dir /lib/llharden
|
||||||
|
@brief lib/llharden: low-level unconditional process hardening
|
||||||
|
|
||||||
|
This module contains process hardening code that we want to run before any
|
||||||
|
other code, including configuration. It needs to be self-contained, since
|
||||||
|
nothing else will be initialized at this point.
|
@ -8,7 +8,7 @@
|
|||||||
|
|
||||||
#include "orconfig.h"
|
#include "orconfig.h"
|
||||||
#include "lib/subsys/subsys.h"
|
#include "lib/subsys/subsys.h"
|
||||||
#include "lib/process/winprocess_sys.h"
|
#include "lib/llharden/winprocess_sys.h"
|
||||||
|
|
||||||
#include <stdbool.h>
|
#include <stdbool.h>
|
||||||
#include <stddef.h>
|
#include <stddef.h>
|
@ -16,8 +16,7 @@ src_lib_libtor_process_a_SOURCES = \
|
|||||||
src/lib/process/process_win32.c \
|
src/lib/process/process_win32.c \
|
||||||
src/lib/process/restrict.c \
|
src/lib/process/restrict.c \
|
||||||
src/lib/process/setuid.c \
|
src/lib/process/setuid.c \
|
||||||
src/lib/process/waitpid.c \
|
src/lib/process/waitpid.c
|
||||||
src/lib/process/winprocess_sys.c
|
|
||||||
|
|
||||||
src_lib_libtor_process_testing_a_SOURCES = \
|
src_lib_libtor_process_testing_a_SOURCES = \
|
||||||
$(src_lib_libtor_process_a_SOURCES)
|
$(src_lib_libtor_process_a_SOURCES)
|
||||||
@ -35,5 +34,4 @@ noinst_HEADERS += \
|
|||||||
src/lib/process/process_win32.h \
|
src/lib/process/process_win32.h \
|
||||||
src/lib/process/restrict.h \
|
src/lib/process/restrict.h \
|
||||||
src/lib/process/setuid.h \
|
src/lib/process/setuid.h \
|
||||||
src/lib/process/waitpid.h \
|
src/lib/process/waitpid.h
|
||||||
src/lib/process/winprocess_sys.h
|
|
||||||
|
Loading…
Reference in New Issue
Block a user