cafe-grader-judge-scripts

Commit r226:befb327cfa39 public

parent | child
Description:
merge
Commit status:
[Not Reviewed]
References:
merge java
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r226:befb327cfa39 - - 3 files changed: 194 inserted, 2 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -0,0 +1,179
1 + #!/bin/sh
2 +
3 + echo "This script will install and configure Cafe grader."
4 +
5 + RUBY_VERSION=2.1.2
6 + echo "This will install Ruby $RUBY_VERSION under RVM"
7 +
8 + echo "Installing required apts"
9 +
10 + sudo zypper install \
11 + g++ gcc libmysqlclient18 build-essential \
12 + git-core openssl libreadline6 libreadline6-devel \
13 + zlib1g zlib1g-devel libssl37 libyaml-devel sqlite3-devel \
14 + sqlite3 libxml2-devel libxslt-devel autoconf libc6-devel \
15 + ncurses-devel automake libtool bison subversion \
16 + pkg-config curl nodejs unzip pyflakes java-1_8_0-openjdk \
17 + libmysqld-devel mercurial python-setuptools python-devel
18 +
19 +
20 + echo "Installing Ruby $RUBY_VERSION in RVM"
21 +
22 + rvm install $RUBY_VERSION
23 + rvm use $RUBY_VERSION
24 +
25 + echo "Fetching Cafe Grader from Git repositories"
26 +
27 + echo "Fetching web interface"
28 +
29 + mkdir cafe_grader
30 + cd cafe_grader
31 + #git clone -q git://github.com/jittat/cafe-grader-web.git web
32 + hg clone git+ssh://git@github.com/nattee/cafe-grader-web.git web
33 +
34 + echo "Configuring rails app"
35 +
36 + cp web/config/application.rb.SAMPLE web/config/application.rb
37 + cp web/config/initializers/cafe_grader_config.rb.SAMPLE web/config/initializers/cafe_grader_config.rb
38 +
39 + #replace UTC in application.rb with the system timezone
40 + timezone='UTC'
41 + if [ -f '/etc/timezone' ]; then
42 + timezone=\"`cat /etc/timezone`\"
43 + else
44 + if [ -f '/etc/sysconfig/clock' ]; then
45 + timezone=`grep -e '^TIMEZONE' /etc/sysconfig/clock | grep -o -e '\".*\"'`
46 + fi
47 + fi
48 + replace="s!'UTC'!$timezone!g"
49 + sed -i $replace web/config/application.rb
50 +
51 + echo "At this point we will need MySQL user and database."
52 + echo "Have you created MySQL user and database for Cafe grader? (Y/N) "
53 + read ch
54 +
55 + if [ "$ch" = "n" -o "$ch" = "N" ]
56 + then
57 + echo "Please open another terminal and create the user and database for Cafe grader."
58 + echo "Don't forget to grant access to that database for the user."
59 + echo "Please have username, password, and database name ready before continue."
60 + echo
61 + echo "The following are instructions:"
62 + echo "1. Run mysql:"
63 + echo
64 + echo " mysql -u root -p"
65 + echo
66 + echo " if you have just installed mysql, the root password is the one that you have just entered"
67 + echo "2. Create a new database, a new user, and grant access to grader database:"
68 + echo
69 + echo " create user 'USERNAME'@'localhost' identified by 'PASSWORD';"
70 + echo " create database \`DATABASENEME\`;"
71 + echo " grant all on \`DATABASENAME\`.* to 'USERNAME'@'localhost';"
72 + echo
73 + echo " Replace USERNAME, PASSWORD, and DATABASENAME accordingly."
74 + echo
75 + echo "Hit enter when ready..."
76 + read dummy
77 + fi
78 +
79 + CAFE_PATH=`pwd`
80 +
81 + cd web
82 +
83 + echo "Please provide grader database:"
84 + read database
85 +
86 + echo "Please provide grader username:"
87 + read username
88 +
89 + echo "Please provide $username password:"
90 + read password
91 +
92 + echo "development:" > config/database.yml
93 + echo " adapter: mysql2" >> config/database.yml
94 + echo " encoding: utf8" >> config/database.yml
95 + echo " reconnect: false" >> config/database.yml
96 + echo " database: $database" >> config/database.yml
97 + echo " pool: 5" >> config/database.yml
98 + echo " username: $username" >> config/database.yml
99 + echo " password: $password" >> config/database.yml
100 + echo " host: localhost" >> config/database.yml
101 + echo " socket: /run/mysql/mysql.sock" >> config/database.yml
102 + echo "" >> config/database.yml
103 + echo "production:" >> config/database.yml
104 + echo " adapter: mysql2" >> config/database.yml
105 + echo " encoding: utf8" >> config/database.yml
106 + echo " reconnect: false" >> config/database.yml
107 + echo " database: $database" >> config/database.yml
108 + echo " pool: 5" >> config/database.yml
109 + echo " username: $username" >> config/database.yml
110 + echo " password: $password" >> config/database.yml
111 + echo " host: localhost" >> config/database.yml
112 + echo " socket: /run/mysql/mysql.sock" >> config/database.yml
113 +
114 + echo "Object.instance_eval{remove_const :GRADER_ROOT_DIR}" >> config/initializers/cafe_grader_config.rb
115 + echo "Object.instance_eval{remove_const :GRADING_RESULT_DIR}" >> config/initializers/cafe_grader_config.rb
116 + echo "GRADER_ROOT_DIR = '$CAFE_PATH/judge'" >> config/initializers/cafe_grader_config.rb
117 + echo "GRADING_RESULT_DIR = '$CAFE_PATH/judge/result'" >> config/initializers/cafe_grader_config.rb
118 +
119 + echo "Installing required gems"
120 + gem install bundler
121 + bundle install
122 +
123 + echo "Running rake tasks to initialize database"
124 +
125 + rake db:migrate
126 + rake db:seed
127 +
128 + echo "Running rake tasks to precompile the assets"
129 +
130 + rake assets:precompile
131 +
132 + echo "Intalling web interface complete..."
133 + echo
134 + echo "Fetching grader"
135 +
136 + cd ..
137 +
138 + mkdir judge
139 + cd judge
140 + #git clone -q git://github.com/jittat/cafe-grader-judge-scripts.git scripts
141 + hg clone git+ssh://git@github.com/nattee/cafe-grader-judge-scripts.git scripts
142 + mkdir raw
143 + mkdir ev-exam
144 + mkdir ev
145 + mkdir result
146 + mkdir log
147 +
148 + echo "Configuring grader"
149 +
150 + cp scripts/config/env_exam.rb.SAMPLE scripts/config/env_exam.rb
151 + cp scripts/config/env_grading.rb.SAMPLE scripts/config/env_grading.rb
152 +
153 + # create new environment.rb file
154 + echo "RAILS_ROOT = '$CAFE_PATH/web'" > scripts/config/environment.rb
155 + echo "GRADER_ROOT = '$CAFE_PATH/judge/scripts'" >> scripts/config/environment.rb
156 + echo "require File.join(File.dirname(__FILE__),'../lib/boot')" >> scripts/config/environment.rb
157 + echo "require File.dirname(__FILE__) + \"/env_#{GRADER_ENV}.rb\"" >> scripts/config/environment.rb
158 +
159 + # compiling box
160 + MACHINE_TYPE=`uname -m`
161 + if [ ${MACHINE_TYPE} == 'x86_64' ]; then
162 + gcc -std=c99 -o scripts/std-script/box scripts/std-script/box64-new.c
163 + else
164 + g++ -o scripts/std-script/box scripts/std-script/box.cc
165 + fi
166 +
167 +
168 + cd ..
169 +
170 + echo "Now you are ready to run cafe grader...."
171 + echo
172 + echo "Try:"
173 + echo
174 + echo " cd web"
175 + echo " rails s"
176 + echo
177 + echo "and access web at http://localhost:3000/"
178 + echo "The root username is 'root', its password is 'ioionrails'."
179 +
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -1,113 +1,114
1 #!/bin/sh
1 #!/bin/sh
2
2
3 echo "This script will install and configure Cafe grader."
3 echo "This script will install and configure Cafe grader."
4
4
5 RUBY_VERSION=2.1.2
5 RUBY_VERSION=2.1.2
6 echo "This will install Ruby $RUBY_VERSION under RVM"
6 echo "This will install Ruby $RUBY_VERSION under RVM"
7
7
8 echo "Installing required apts"
8 echo "Installing required apts"
9
9
10 sudo apt-get update
10 sudo apt-get update
11 sudo apt-get install mysql-server mysql-client \
11 sudo apt-get install mysql-server mysql-client \
12 - g++ gcc apache2 libmysqlclient15-dev build-essential \
12 + g++ gcc apache2 libmysqlclient20 build-essential \
13 git-core openssl libreadline6 libreadline6-dev \
13 git-core openssl libreadline6 libreadline6-dev \
14 zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev \
14 zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev \
15 sqlite3 libxml2-dev libxslt-dev autoconf libc6-dev \
15 sqlite3 libxml2-dev libxslt-dev autoconf libc6-dev \
16 ncurses-dev automake libtool bison subversion \
16 ncurses-dev automake libtool bison subversion \
17 - pkg-config curl nodejs unzip pyflakes ruby default-jdk
17 + pkg-config curl nodejs unzip pyflakes ruby default-jdk \
18 + libmysqld-dev mercurial python-setuptools python-dev python3-numpy
18
19
19 echo "Installing RVM"
20 echo "Installing RVM"
20 curl -k -L https://get.rvm.io | bash -s stable
21 curl -k -L https://get.rvm.io | bash -s stable
21 source ~/.rvm/scripts/rvm
22 source ~/.rvm/scripts/rvm
22
23
23 echo "Installing Ruby $RUBY_VERSION in RVM"
24 echo "Installing Ruby $RUBY_VERSION in RVM"
24
25
25 rvm install $RUBY_VERSION
26 rvm install $RUBY_VERSION
26 rvm use $RUBY_VERSION
27 rvm use $RUBY_VERSION
27
28
28 echo "Fetching Cafe Grader from Git repositories"
29 echo "Fetching Cafe Grader from Git repositories"
29
30
30 echo "Fetching web interface"
31 echo "Fetching web interface"
31
32
32 mkdir cafe_grader
33 mkdir cafe_grader
33 cd cafe_grader
34 cd cafe_grader
34 git clone -q git://github.com/jittat/cafe-grader-web.git web
35 git clone -q git://github.com/jittat/cafe-grader-web.git web
35
36
36 echo "Configuring rails app"
37 echo "Configuring rails app"
37
38
38 cp web/config/application.rb.SAMPLE web/config/application.rb
39 cp web/config/application.rb.SAMPLE web/config/application.rb
39 cp web/config/initializers/cafe_grader_config.rb.SAMPLE web/config/initializers/cafe_grader_config.rb
40 cp web/config/initializers/cafe_grader_config.rb.SAMPLE web/config/initializers/cafe_grader_config.rb
40
41
41 #replace UTC in application.rb with the system timezone
42 #replace UTC in application.rb with the system timezone
42 timezone='UTC'
43 timezone='UTC'
43 if [ -f '/etc/timezone' ]; then
44 if [ -f '/etc/timezone' ]; then
44 timezone=\"`cat /etc/timezone`\"
45 timezone=\"`cat /etc/timezone`\"
45 else
46 else
46 if [ -f '/etc/sysconfig/clock' ]; then
47 if [ -f '/etc/sysconfig/clock' ]; then
47 timezone=`grep -e '^TIMEZONE' /etc/sysconfig/clock | grep -o -e '\".*\"'`
48 timezone=`grep -e '^TIMEZONE' /etc/sysconfig/clock | grep -o -e '\".*\"'`
48 fi
49 fi
49 fi
50 fi
50 replace="s!'UTC'!$timezone!g"
51 replace="s!'UTC'!$timezone!g"
51 sed -i $replace web/config/application.rb
52 sed -i $replace web/config/application.rb
52
53
53 echo "At this point we will need MySQL user and database."
54 echo "At this point we will need MySQL user and database."
54 echo "Have you created MySQL user and database for Cafe grader? (Y/N) "
55 echo "Have you created MySQL user and database for Cafe grader? (Y/N) "
55 read ch
56 read ch
56
57
57 if [ "$ch" = "n" -o "$ch" = "N" ]
58 if [ "$ch" = "n" -o "$ch" = "N" ]
58 then
59 then
59 echo "Please open another terminal and create the user and database for Cafe grader."
60 echo "Please open another terminal and create the user and database for Cafe grader."
60 echo "Don't forget to grant access to that database for the user."
61 echo "Don't forget to grant access to that database for the user."
61 echo "Please have username, password, and database name ready before continue."
62 echo "Please have username, password, and database name ready before continue."
62 echo
63 echo
63 echo "The following are instructions:"
64 echo "The following are instructions:"
64 echo "1. Run mysql:"
65 echo "1. Run mysql:"
65 echo
66 echo
66 echo " mysql -u root -p"
67 echo " mysql -u root -p"
67 echo
68 echo
68 echo " if you have just installed mysql, the root password is the one that you have just entered"
69 echo " if you have just installed mysql, the root password is the one that you have just entered"
69 echo "2. Create a new database, a new user, and grant access to grader database:"
70 echo "2. Create a new database, a new user, and grant access to grader database:"
70 echo
71 echo
71 echo " create user 'USERNAME'@'localhost' identified by 'PASSWORD';"
72 echo " create user 'USERNAME'@'localhost' identified by 'PASSWORD';"
72 echo " create database \`DATABASENEME\`;"
73 echo " create database \`DATABASENEME\`;"
73 echo " grant all on \`DATABASENAME\`.* to 'USERNAME'@'localhost';"
74 echo " grant all on \`DATABASENAME\`.* to 'USERNAME'@'localhost';"
74 echo
75 echo
75 echo " Replace USERNAME, PASSWORD, and DATABASENAME accordingly."
76 echo " Replace USERNAME, PASSWORD, and DATABASENAME accordingly."
76 echo
77 echo
77 echo "Hit enter when ready..."
78 echo "Hit enter when ready..."
78 read dummy
79 read dummy
79 fi
80 fi
80
81
81 CAFE_PATH=`pwd`
82 CAFE_PATH=`pwd`
82
83
83 cd web
84 cd web
84
85
85 echo "Please provide grader database:"
86 echo "Please provide grader database:"
86 read database
87 read database
87
88
88 echo "Please provide grader username:"
89 echo "Please provide grader username:"
89 read username
90 read username
90
91
91 echo "Please provide $username password:"
92 echo "Please provide $username password:"
92 read password
93 read password
93
94
94 echo "development:" > config/database.yml
95 echo "development:" > config/database.yml
95 echo " adapter: mysql2" >> config/database.yml
96 echo " adapter: mysql2" >> config/database.yml
96 echo " encoding: utf8" >> config/database.yml
97 echo " encoding: utf8" >> config/database.yml
97 echo " reconnect: false" >> config/database.yml
98 echo " reconnect: false" >> config/database.yml
98 echo " database: $database" >> config/database.yml
99 echo " database: $database" >> config/database.yml
99 echo " pool: 5" >> config/database.yml
100 echo " pool: 5" >> config/database.yml
100 echo " username: $username" >> config/database.yml
101 echo " username: $username" >> config/database.yml
101 echo " password: $password" >> config/database.yml
102 echo " password: $password" >> config/database.yml
102 echo " host: localhost" >> config/database.yml
103 echo " host: localhost" >> config/database.yml
103 echo " socket: /var/run/mysqld/mysqld.sock" >> config/database.yml
104 echo " socket: /var/run/mysqld/mysqld.sock" >> config/database.yml
104 echo "" >> config/database.yml
105 echo "" >> config/database.yml
105 echo "production:" >> config/database.yml
106 echo "production:" >> config/database.yml
106 echo " adapter: mysql2" >> config/database.yml
107 echo " adapter: mysql2" >> config/database.yml
107 echo " encoding: utf8" >> config/database.yml
108 echo " encoding: utf8" >> config/database.yml
108 echo " reconnect: false" >> config/database.yml
109 echo " reconnect: false" >> config/database.yml
109 echo " database: $database" >> config/database.yml
110 echo " database: $database" >> config/database.yml
110 echo " pool: 5" >> config/database.yml
111 echo " pool: 5" >> config/database.yml
111 echo " username: $username" >> config/database.yml
112 echo " username: $username" >> config/database.yml
112 echo " password: $password" >> config/database.yml
113 echo " password: $password" >> config/database.yml
113 echo " host: localhost" >> config/database.yml
114 echo " host: localhost" >> config/database.yml
Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -510,192 +510,204
510 /* 218 */ [ __NR_set_tid_address ] = "set_tid_address",
510 /* 218 */ [ __NR_set_tid_address ] = "set_tid_address",
511 /* 219 */ [ __NR_restart_syscall ] = "restart_syscall",
511 /* 219 */ [ __NR_restart_syscall ] = "restart_syscall",
512 /* 220 */ [ __NR_semtimedop ] = "semtimedop",
512 /* 220 */ [ __NR_semtimedop ] = "semtimedop",
513 /* 221 */ [ __NR_fadvise64 ] = "fadvise64",
513 /* 221 */ [ __NR_fadvise64 ] = "fadvise64",
514 /* 222 */ [ __NR_timer_create ] = "timer_create",
514 /* 222 */ [ __NR_timer_create ] = "timer_create",
515 /* 223 */ [ __NR_timer_settime ] = "timer_settime",
515 /* 223 */ [ __NR_timer_settime ] = "timer_settime",
516 /* 224 */ [ __NR_timer_gettime ] = "timer_gettime",
516 /* 224 */ [ __NR_timer_gettime ] = "timer_gettime",
517 /* 225 */ [ __NR_timer_getoverrun ] = "timer_getoverrun",
517 /* 225 */ [ __NR_timer_getoverrun ] = "timer_getoverrun",
518 /* 226 */ [ __NR_timer_delete ] = "timer_delete",
518 /* 226 */ [ __NR_timer_delete ] = "timer_delete",
519 /* 227 */ [ __NR_clock_settime ] = "clock_settime",
519 /* 227 */ [ __NR_clock_settime ] = "clock_settime",
520 /* 228 */ [ __NR_clock_gettime ] = "clock_gettime",
520 /* 228 */ [ __NR_clock_gettime ] = "clock_gettime",
521 /* 229 */ [ __NR_clock_getres ] = "clock_getres",
521 /* 229 */ [ __NR_clock_getres ] = "clock_getres",
522 /* 230 */ [ __NR_clock_nanosleep ] = "clock_nanosleep",
522 /* 230 */ [ __NR_clock_nanosleep ] = "clock_nanosleep",
523 /* 231 */ [ __NR_exit_group ] = "exit_group",
523 /* 231 */ [ __NR_exit_group ] = "exit_group",
524 /* 232 */ [ __NR_epoll_wait ] = "epoll_wait",
524 /* 232 */ [ __NR_epoll_wait ] = "epoll_wait",
525 /* 233 */ [ __NR_epoll_ctl ] = "epoll_ctl",
525 /* 233 */ [ __NR_epoll_ctl ] = "epoll_ctl",
526 /* 234 */ [ __NR_tgkill ] = "tgkill",
526 /* 234 */ [ __NR_tgkill ] = "tgkill",
527 /* 235 */ [ __NR_utimes ] = "utimes",
527 /* 235 */ [ __NR_utimes ] = "utimes",
528 /* 236 */ [ __NR_vserver ] = "vserver",
528 /* 236 */ [ __NR_vserver ] = "vserver",
529 /* 237 */ [ __NR_mbind ] = "mbind",
529 /* 237 */ [ __NR_mbind ] = "mbind",
530 /* 238 */ [ __NR_set_mempolicy ] = "set_mempolicy",
530 /* 238 */ [ __NR_set_mempolicy ] = "set_mempolicy",
531 /* 239 */ [ __NR_get_mempolicy ] = "get_mempolicy",
531 /* 239 */ [ __NR_get_mempolicy ] = "get_mempolicy",
532 /* 240 */ [ __NR_mq_open ] = "mq_open",
532 /* 240 */ [ __NR_mq_open ] = "mq_open",
533 /* 241 */ [ __NR_mq_unlink ] = "mq_unlink",
533 /* 241 */ [ __NR_mq_unlink ] = "mq_unlink",
534 /* 242 */ [ __NR_mq_timedsend ] = "mq_timedsend",
534 /* 242 */ [ __NR_mq_timedsend ] = "mq_timedsend",
535 /* 243 */ [ __NR_mq_timedreceive ] = "mq_timedreceive",
535 /* 243 */ [ __NR_mq_timedreceive ] = "mq_timedreceive",
536 /* 244 */ [ __NR_mq_notify ] = "mq_notify",
536 /* 244 */ [ __NR_mq_notify ] = "mq_notify",
537 /* 245 */ [ __NR_mq_getsetattr ] = "mq_getsetattr",
537 /* 245 */ [ __NR_mq_getsetattr ] = "mq_getsetattr",
538 /* 246 */ [ __NR_kexec_load ] = "kexec_load",
538 /* 246 */ [ __NR_kexec_load ] = "kexec_load",
539 /* 247 */ [ __NR_waitid ] = "waitid",
539 /* 247 */ [ __NR_waitid ] = "waitid",
540 /* 248 */ [ __NR_add_key ] = "add_key",
540 /* 248 */ [ __NR_add_key ] = "add_key",
541 /* 249 */ [ __NR_request_key ] = "request_key",
541 /* 249 */ [ __NR_request_key ] = "request_key",
542 /* 250 */ [ __NR_keyctl ] = "keyctl",
542 /* 250 */ [ __NR_keyctl ] = "keyctl",
543 /* 251 */ [ __NR_ioprio_set ] = "ioprio_set",
543 /* 251 */ [ __NR_ioprio_set ] = "ioprio_set",
544 /* 252 */ [ __NR_ioprio_get ] = "ioprio_get",
544 /* 252 */ [ __NR_ioprio_get ] = "ioprio_get",
545 /* 253 */ [ __NR_inotify_init ] = "inotify_init",
545 /* 253 */ [ __NR_inotify_init ] = "inotify_init",
546 /* 254 */ [ __NR_inotify_add_watch ] = "inotify_add_watch",
546 /* 254 */ [ __NR_inotify_add_watch ] = "inotify_add_watch",
547 /* 255 */ [ __NR_inotify_rm_watch ] = "inotify_rm_watch",
547 /* 255 */ [ __NR_inotify_rm_watch ] = "inotify_rm_watch",
548 /* 256 */ [ __NR_migrate_pages ] = "migrate_pages",
548 /* 256 */ [ __NR_migrate_pages ] = "migrate_pages",
549 /* 257 */ [ __NR_openat ] = "openat",
549 /* 257 */ [ __NR_openat ] = "openat",
550 /* 258 */ [ __NR_mkdirat ] = "mkdirat",
550 /* 258 */ [ __NR_mkdirat ] = "mkdirat",
551 /* 259 */ [ __NR_mknodat ] = "mknodat",
551 /* 259 */ [ __NR_mknodat ] = "mknodat",
552 /* 260 */ [ __NR_fchownat ] = "fchownat",
552 /* 260 */ [ __NR_fchownat ] = "fchownat",
553 /* 261 */ [ __NR_futimesat ] = "futimesat",
553 /* 261 */ [ __NR_futimesat ] = "futimesat",
554 /* 262 */ [ __NR_newfstatat ] = "newfstatat",
554 /* 262 */ [ __NR_newfstatat ] = "newfstatat",
555 /* 263 */ [ __NR_unlinkat ] = "unlinkat",
555 /* 263 */ [ __NR_unlinkat ] = "unlinkat",
556 /* 264 */ [ __NR_renameat ] = "renameat",
556 /* 264 */ [ __NR_renameat ] = "renameat",
557 /* 265 */ [ __NR_linkat ] = "linkat",
557 /* 265 */ [ __NR_linkat ] = "linkat",
558 /* 266 */ [ __NR_symlinkat ] = "symlinkat",
558 /* 266 */ [ __NR_symlinkat ] = "symlinkat",
559 /* 267 */ [ __NR_readlinkat ] = "readlinkat",
559 /* 267 */ [ __NR_readlinkat ] = "readlinkat",
560 /* 268 */ [ __NR_fchmodat ] = "fchmodat",
560 /* 268 */ [ __NR_fchmodat ] = "fchmodat",
561 /* 269 */ [ __NR_faccessat ] = "faccessat",
561 /* 269 */ [ __NR_faccessat ] = "faccessat",
562 /* 270 */ [ __NR_pselect6 ] = "pselect6",
562 /* 270 */ [ __NR_pselect6 ] = "pselect6",
563 /* 271 */ [ __NR_ppoll ] = "ppoll",
563 /* 271 */ [ __NR_ppoll ] = "ppoll",
564 /* 272 */ [ __NR_unshare ] = "unshare",
564 /* 272 */ [ __NR_unshare ] = "unshare",
565 /* 273 */ [ __NR_set_robust_list ] = "set_robust_list",
565 /* 273 */ [ __NR_set_robust_list ] = "set_robust_list",
566 /* 274 */ [ __NR_get_robust_list ] = "get_robust_list",
566 /* 274 */ [ __NR_get_robust_list ] = "get_robust_list",
567 /* 275 */ [ __NR_splice ] = "splice",
567 /* 275 */ [ __NR_splice ] = "splice",
568 /* 276 */ [ __NR_tee ] = "tee",
568 /* 276 */ [ __NR_tee ] = "tee",
569 /* 277 */ [ __NR_sync_file_range ] = "sync_file_range",
569 /* 277 */ [ __NR_sync_file_range ] = "sync_file_range",
570 /* 278 */ [ __NR_vmsplice ] = "vmsplice",
570 /* 278 */ [ __NR_vmsplice ] = "vmsplice",
571 /* 279 */ [ __NR_move_pages ] = "move_pages",
571 /* 279 */ [ __NR_move_pages ] = "move_pages",
572 /* 280 */ [ __NR_utimensat ] = "utimensat",
572 /* 280 */ [ __NR_utimensat ] = "utimensat",
573 /* 281 */ [ __NR_epoll_pwait ] = "epoll_pwait",
573 /* 281 */ [ __NR_epoll_pwait ] = "epoll_pwait",
574 /* 282 */ [ __NR_signalfd ] = "signalfd",
574 /* 282 */ [ __NR_signalfd ] = "signalfd",
575 /* 283 */ [ __NR_timerfd_create ] = "timerfd_create",
575 /* 283 */ [ __NR_timerfd_create ] = "timerfd_create",
576 /* 284 */ [ __NR_eventfd ] = "eventfd",
576 /* 284 */ [ __NR_eventfd ] = "eventfd",
577 /* 285 */ [ __NR_fallocate ] = "fallocate",
577 /* 285 */ [ __NR_fallocate ] = "fallocate",
578 /* 286 */ [ __NR_timerfd_settime ] = "timerfd_settime",
578 /* 286 */ [ __NR_timerfd_settime ] = "timerfd_settime",
579 /* 287 */ [ __NR_timerfd_gettime ] = "timerfd_gettime",
579 /* 287 */ [ __NR_timerfd_gettime ] = "timerfd_gettime",
580 /* 288 */ [ __NR_accept4 ] = "accept4",
580 /* 288 */ [ __NR_accept4 ] = "accept4",
581 /* 289 */ [ __NR_signalfd4 ] = "signalfd4",
581 /* 289 */ [ __NR_signalfd4 ] = "signalfd4",
582 /* 290 */ [ __NR_eventfd2 ] = "eventfd2",
582 /* 290 */ [ __NR_eventfd2 ] = "eventfd2",
583 /* 291 */ [ __NR_epoll_create1 ] = "epoll_create1",
583 /* 291 */ [ __NR_epoll_create1 ] = "epoll_create1",
584 /* 292 */ [ __NR_dup3 ] = "dup3",
584 /* 292 */ [ __NR_dup3 ] = "dup3",
585 /* 293 */ [ __NR_pipe2 ] = "pipe2",
585 /* 293 */ [ __NR_pipe2 ] = "pipe2",
586 /* 294 */ [ __NR_inotify_init1 ] = "inotify_init1",
586 /* 294 */ [ __NR_inotify_init1 ] = "inotify_init1",
587 /* 295 */ [ __NR_preadv ] = "preadv",
587 /* 295 */ [ __NR_preadv ] = "preadv",
588 /* 296 */ [ __NR_pwritev ] = "pwritev",
588 /* 296 */ [ __NR_pwritev ] = "pwritev",
589 /* 297 */ [ __NR_rt_tgsigqueueinfo ] = "rt_tgsigqueueinfo",
589 /* 297 */ [ __NR_rt_tgsigqueueinfo ] = "rt_tgsigqueueinfo",
590 /* 298 */ [ __NR_perf_event_open ] = "perf_event_open",
590 /* 298 */ [ __NR_perf_event_open ] = "perf_event_open",
591 /* 299 */ [ __NR_recvmmsg ] = "recvmmsg",
591 /* 299 */ [ __NR_recvmmsg ] = "recvmmsg",
592 /* 300 */ [ __NR_fanotify_init ] = "fanotify_init",
592 /* 300 */ [ __NR_fanotify_init ] = "fanotify_init",
593 /* 301 */ [ __NR_fanotify_mark ] = "fanotify_mark",
593 /* 301 */ [ __NR_fanotify_mark ] = "fanotify_mark",
594 /* 302 */ [ __NR_prlimit64 ] = "prlimit64",
594 /* 302 */ [ __NR_prlimit64 ] = "prlimit64",
595 /* 303 */ [ __NR_name_to_handle_at ] = "name_to_handle_at",
595 /* 303 */ [ __NR_name_to_handle_at ] = "name_to_handle_at",
596 /* 304 */ [ __NR_open_by_handle_at ] = "open_by_handle_at",
596 /* 304 */ [ __NR_open_by_handle_at ] = "open_by_handle_at",
597 /* 305 */ [ __NR_clock_adjtime ] = "clock_adjtime",
597 /* 305 */ [ __NR_clock_adjtime ] = "clock_adjtime",
598 /* 306 */ [ __NR_syncfs ] = "syncfs",
598 /* 306 */ [ __NR_syncfs ] = "syncfs",
599 /* 307 */ [ __NR_sendmmsg ] = "sendmmsg",
599 /* 307 */ [ __NR_sendmmsg ] = "sendmmsg",
600 /* 308 */ [ __NR_setns ] = "setns",
600 /* 308 */ [ __NR_setns ] = "setns",
601 /* 309 */ [ __NR_getcpu ] = "getcpu",
601 /* 309 */ [ __NR_getcpu ] = "getcpu",
602 /* 310 */ [ __NR_process_vm_readv ] = "process_vm_readv",
602 /* 310 */ [ __NR_process_vm_readv ] = "process_vm_readv",
603 /* 311 */ [ __NR_process_vm_writev ] = "process_vm_writev",
603 /* 311 */ [ __NR_process_vm_writev ] = "process_vm_writev",
604 /* 312 */ [ __NR_kcmp ] = "kcmp",
604 /* 312 */ [ __NR_kcmp ] = "kcmp",
605 /* 313 */ [ __NR_finit_module ] = "finit_module",
605 /* 313 */ [ __NR_finit_module ] = "finit_module",
606 + /* 314 */ [ __NR_sched_setattr ] = "sched_setattr",
607 + /* 315 */ [ __NR_sched_getattr ] = "sched_getattr",
608 + /* 316 */ [ __NR_renameat2 ] = "renameat2",
609 + /* 317 */ [ __NR_seccomp ] = "seccomp",
610 + /* 318 */ [ __NR_getrandom ] = "getrandom",
611 + /* 319 */ [ __NR_memfd_create ] = "memfd_create",
612 + /* 320 */ [ __NR_kexec_file_load ] = "kexec_file_load",
613 + /* 321 */ [ __NR_bpf ] = "bpf",
614 + /* 322 */ [ __NR_execveat ] = "execveat",
615 + /* 323 */ [ __NR_userfaultfd ] = "userfaultfd",
616 + /* 324 */ [ __NR_membarrier ] = "membarrier",
617 + /* 325 */ [ __NR_mlock2 ] = "mlock2",
606 };
618 };
607 #define NUM_SYSCALLS ARRAY_SIZE(syscall_names)
619 #define NUM_SYSCALLS ARRAY_SIZE(syscall_names)
608 #define NUM_ACTIONS (NUM_SYSCALLS+64)
620 #define NUM_ACTIONS (NUM_SYSCALLS+64)
609
621
610 enum action {
622 enum action {
611 A_DEFAULT, // Use the default action
623 A_DEFAULT, // Use the default action
612 A_NO, // Always forbid
624 A_NO, // Always forbid
613 A_YES, // Always permit
625 A_YES, // Always permit
614 A_FILENAME, // Permit if arg1 is a known filename
626 A_FILENAME, // Permit if arg1 is a known filename
615 A_ACTION_MASK = 15,
627 A_ACTION_MASK = 15,
616 A_NO_RETVAL = 32, // Does not return a value
628 A_NO_RETVAL = 32, // Does not return a value
617 A_SAMPLE_MEM = 64, // Sample memory usage before the syscall
629 A_SAMPLE_MEM = 64, // Sample memory usage before the syscall
618 A_LIBERAL = 128, // Valid only in liberal mode
630 A_LIBERAL = 128, // Valid only in liberal mode
619 // Must fit in a unsigned char
631 // Must fit in a unsigned char
620 };
632 };
621
633
622 static unsigned char syscall_action[NUM_ACTIONS] = {
634 static unsigned char syscall_action[NUM_ACTIONS] = {
623 #define S(x) [__NR_##x]
635 #define S(x) [__NR_##x]
624
636
625 // Syscalls permitted for specific file names
637 // Syscalls permitted for specific file names
626 S(open) = A_FILENAME,
638 S(open) = A_FILENAME,
627 S(creat) = A_FILENAME,
639 S(creat) = A_FILENAME,
628 S(unlink) = A_FILENAME,
640 S(unlink) = A_FILENAME,
629 S(access) = A_FILENAME,
641 S(access) = A_FILENAME,
630 S(truncate) = A_FILENAME,
642 S(truncate) = A_FILENAME,
631 S(stat) = A_FILENAME,
643 S(stat) = A_FILENAME,
632 S(lstat) = A_FILENAME,
644 S(lstat) = A_FILENAME,
633 S(readlink) = A_FILENAME,
645 S(readlink) = A_FILENAME,
634 #ifndef CONFIG_BOX_USER_AMD64
646 #ifndef CONFIG_BOX_USER_AMD64
635 S(oldstat) = A_FILENAME,
647 S(oldstat) = A_FILENAME,
636 S(oldlstat) = A_FILENAME,
648 S(oldlstat) = A_FILENAME,
637 S(truncate64) = A_FILENAME,
649 S(truncate64) = A_FILENAME,
638 S(stat64) = A_FILENAME,
650 S(stat64) = A_FILENAME,
639 S(lstat64) = A_FILENAME,
651 S(lstat64) = A_FILENAME,
640 #endif
652 #endif
641
653
642 // Syscalls permitted always
654 // Syscalls permitted always
643 S(exit) = A_YES | A_SAMPLE_MEM,
655 S(exit) = A_YES | A_SAMPLE_MEM,
644 S(read) = A_YES,
656 S(read) = A_YES,
645 S(write) = A_YES,
657 S(write) = A_YES,
646 S(close) = A_YES,
658 S(close) = A_YES,
647 S(lseek) = A_YES,
659 S(lseek) = A_YES,
648 S(getpid) = A_YES,
660 S(getpid) = A_YES,
649 S(getuid) = A_YES,
661 S(getuid) = A_YES,
650 S(dup) = A_YES,
662 S(dup) = A_YES,
651 S(brk) = A_YES,
663 S(brk) = A_YES,
652 S(getgid) = A_YES,
664 S(getgid) = A_YES,
653 S(geteuid) = A_YES,
665 S(geteuid) = A_YES,
654 S(getegid) = A_YES,
666 S(getegid) = A_YES,
655 S(dup2) = A_YES,
667 S(dup2) = A_YES,
656 S(ftruncate) = A_YES,
668 S(ftruncate) = A_YES,
657 S(fstat) = A_YES,
669 S(fstat) = A_YES,
658 S(personality) = A_YES,
670 S(personality) = A_YES,
659 S(readv) = A_YES,
671 S(readv) = A_YES,
660 S(writev) = A_YES,
672 S(writev) = A_YES,
661 S(getresuid) = A_YES,
673 S(getresuid) = A_YES,
662 #ifdef __NR_pread64
674 #ifdef __NR_pread64
663 S(pread64) = A_YES,
675 S(pread64) = A_YES,
664 S(pwrite64) = A_YES,
676 S(pwrite64) = A_YES,
665 #else
677 #else
666 S(pread) = A_YES,
678 S(pread) = A_YES,
667 S(pwrite) = A_YES,
679 S(pwrite) = A_YES,
668 #endif
680 #endif
669 S(fcntl) = A_YES,
681 S(fcntl) = A_YES,
670 S(mmap) = A_YES,
682 S(mmap) = A_YES,
671 S(munmap) = A_YES,
683 S(munmap) = A_YES,
672 S(ioctl) = A_YES,
684 S(ioctl) = A_YES,
673 S(uname) = A_YES,
685 S(uname) = A_YES,
674 S(gettid) = A_YES,
686 S(gettid) = A_YES,
675 S(set_thread_area) = A_YES,
687 S(set_thread_area) = A_YES,
676 S(get_thread_area) = A_YES,
688 S(get_thread_area) = A_YES,
677 S(set_tid_address) = A_YES,
689 S(set_tid_address) = A_YES,
678 S(exit_group) = A_YES | A_SAMPLE_MEM,
690 S(exit_group) = A_YES | A_SAMPLE_MEM,
679 #ifdef CONFIG_BOX_USER_AMD64
691 #ifdef CONFIG_BOX_USER_AMD64
680 S(arch_prctl) = A_YES,
692 S(arch_prctl) = A_YES,
681 #else
693 #else
682 S(oldfstat) = A_YES,
694 S(oldfstat) = A_YES,
683 S(ftruncate64) = A_YES,
695 S(ftruncate64) = A_YES,
684 S(_llseek) = A_YES,
696 S(_llseek) = A_YES,
685 S(fstat64) = A_YES,
697 S(fstat64) = A_YES,
686 S(fcntl64) = A_YES,
698 S(fcntl64) = A_YES,
687 S(mmap2) = A_YES,
699 S(mmap2) = A_YES,
688 #endif
700 #endif
689
701
690 // Syscalls permitted only in liberal mode
702 // Syscalls permitted only in liberal mode
691 S(time) = A_YES | A_LIBERAL,
703 S(time) = A_YES | A_LIBERAL,
692 S(alarm) = A_YES | A_LIBERAL,
704 S(alarm) = A_YES | A_LIBERAL,
693 S(pause) = A_YES | A_LIBERAL,
705 S(pause) = A_YES | A_LIBERAL,
694 S(fchmod) = A_YES | A_LIBERAL,
706 S(fchmod) = A_YES | A_LIBERAL,
695 S(getrlimit) = A_YES | A_LIBERAL,
707 S(getrlimit) = A_YES | A_LIBERAL,
696 S(getrusage) = A_YES | A_LIBERAL,
708 S(getrusage) = A_YES | A_LIBERAL,
697 S(gettimeofday) = A_YES | A_LIBERAL,
709 S(gettimeofday) = A_YES | A_LIBERAL,
698 S(select) = A_YES | A_LIBERAL,
710 S(select) = A_YES | A_LIBERAL,
699 S(setitimer) = A_YES | A_LIBERAL,
711 S(setitimer) = A_YES | A_LIBERAL,
700 S(getitimer) = A_YES | A_LIBERAL,
712 S(getitimer) = A_YES | A_LIBERAL,
701 S(mprotect) = A_YES | A_LIBERAL,
713 S(mprotect) = A_YES | A_LIBERAL,
You need to be logged in to leave comments. Login now