d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d7fa1ab02d
freebsd-nq/sys/compat/cloudabi/cloudabi_sock.c

184 lines
4.9 KiB
C
Raw Normal View History

Import the CloudABI datatypes and create a system call table. CloudABI is a pure capability-based runtime environment for UNIX. It works similar to Capsicum, except that processes already run in capabilities mode on startup. All functionality that conflicts with this model has been omitted, making it a compact binary interface that can be supported by other operating systems without too much effort. CloudABI is 'secure by default'; the idea is that it should be safe to run arbitrary third-party binaries without requiring any explicit hardware virtualization (Bhyve) or namespace virtualization (Jails). The rights of an application are purely determined by the set of file descriptors that you grant it on startup. The datatypes and constants used by CloudABI's C library (cloudlibc) are defined in separate files called syscalldefs_mi.h (pointer size independent) and syscalldefs_md.h (pointer size dependent). We import these files in sys/contrib/cloudabi and wrap around them in cloudabi*_syscalldefs.h. We then add stubs for all of the system calls in sys/compat/cloudabi or sys/compat/cloudabi64, depending on whether the system call depends on the pointer size. We only have nine system calls that depend on the pointer size. If we ever want to support 32-bit binaries, we can simply add sys/compat/cloudabi32 and implement these nine system calls again. The next step is to send in code reviews for the individual system call implementations, but also add a sysentvec, to allow CloudABI executabled to be started through execve(). More information about CloudABI: - GitHub: https://github.com/NuxiNL/cloudlibc - Talk at BSDCan: https://www.youtube.com/watch?v=SVdF84x1EdA Differential Revision: https://reviews.freebsd.org/D2848 Reviewed by: emaste, brooks Obtained from: https://github.com/NuxiNL/freebsd
2015-07-09 07:20:15 +00:00
/*-
Make file descriptor passing for CloudABI's recvmsg() work. Similar to the change for sendmsg(), create a pointer size independent implementation of recvmsg() and let cloudabi32 and cloudabi64 call into it. In case userspace requests one or more file descriptors, call kern_recvit() in such a way that we get the control message headers in an mbuf. Iterate over all of the headers and copy the file descriptors to userspace.
2017-03-22 19:20:39 +00:00
* Copyright (c) 2015-2017 Nuxi, https://nuxi.nl/
Import the CloudABI datatypes and create a system call table. CloudABI is a pure capability-based runtime environment for UNIX. It works similar to Capsicum, except that processes already run in capabilities mode on startup. All functionality that conflicts with this model has been omitted, making it a compact binary interface that can be supported by other operating systems without too much effort. CloudABI is 'secure by default'; the idea is that it should be safe to run arbitrary third-party binaries without requiring any explicit hardware virtualization (Bhyve) or namespace virtualization (Jails). The rights of an application are purely determined by the set of file descriptors that you grant it on startup. The datatypes and constants used by CloudABI's C library (cloudlibc) are defined in separate files called syscalldefs_mi.h (pointer size independent) and syscalldefs_md.h (pointer size dependent). We import these files in sys/contrib/cloudabi and wrap around them in cloudabi*_syscalldefs.h. We then add stubs for all of the system calls in sys/compat/cloudabi or sys/compat/cloudabi64, depending on whether the system call depends on the pointer size. We only have nine system calls that depend on the pointer size. If we ever want to support 32-bit binaries, we can simply add sys/compat/cloudabi32 and implement these nine system calls again. The next step is to send in code reviews for the individual system call implementations, but also add a sysentvec, to allow CloudABI executabled to be started through execve(). More information about CloudABI: - GitHub: https://github.com/NuxiNL/cloudlibc - Talk at BSDCan: https://www.youtube.com/watch?v=SVdF84x1EdA Differential Revision: https://reviews.freebsd.org/D2848 Reviewed by: emaste, brooks Obtained from: https://github.com/NuxiNL/freebsd
2015-07-09 07:20:15 +00:00
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
Implement the basic system calls that operate on pathnames. Summary: Unlike FreeBSD, CloudABI does not use null terminated strings for its pathnames. Introduce a function called copyin_path() that can be used by all of the filesystem system calls that use pathnames. This change already implements the system calls that don't depend on any additional functionality (e.g., conversion of struct stat). Also implement the socket system calls that operate on pathnames, namely the ones used by the C library functions bindat() and connectat(). These don't receive a 'struct sockaddr_un', but just the pathname, meaning they could be implemented in such a way that they don't depend on the size of sun_path. For now, just use the existing interfaces. Add a missing #include to cloudabi_syscalldefs.h to get this code to build, as one of its macros depends on UINT64_C(). Test Plan: These implementations have already been tested in the CloudABI branch on GitHub. They pass all of the tests. Reviewers: kib, pjd Subscribers: imp Differential Revision: https://reviews.freebsd.org/D3097
2015-07-24 07:46:02 +00:00
#include <sys/param.h>
Add the remaining pointer size independent CloudABI socket system calls. CloudABI uses a structure called cloudabi_sockstat_t. Think of it as 'struct stat' for sockets. It is used by functions such as getsockname(), getpeername(), some of the getsockopt() values, etc. This change implements the sock_stat_get() system call that returns a copy of this structure. The accept() system call should also return a full copy of this structure eventually, but for now we're only interested in the peer address. Add a TODO() to make sure this is patched up later on. Differential Revision: https://reviews.freebsd.org/D3218
2015-08-05 08:18:05 +00:00
#include <sys/capsicum.h>
#include <sys/lock.h>
#include <sys/malloc.h>
Make file descriptor passing work for CloudABI's sendmsg(). Reduce the potential amount of code duplication between cloudabi32 and cloudabi64 by creating a cloudabi_sock_recv() utility function. The cloudabi32 and cloudabi64 modules will then only contain code to convert the iovecs to the native pointer size. In cloudabi_sock_recv(), we can now construct an SCM_RIGHTS cmsghdr in an mbuf and pass that on to kern_sendit().
2017-03-22 06:43:10 +00:00
#include <sys/mbuf.h>
Add the remaining pointer size independent CloudABI socket system calls. CloudABI uses a structure called cloudabi_sockstat_t. Think of it as 'struct stat' for sockets. It is used by functions such as getsockname(), getpeername(), some of the getsockopt() values, etc. This change implements the sock_stat_get() system call that returns a copy of this structure. The accept() system call should also return a full copy of this structure eventually, but for now we're only interested in the peer address. Add a TODO() to make sure this is patched up later on. Differential Revision: https://reviews.freebsd.org/D3218
2015-08-05 08:18:05 +00:00
#include <sys/mutex.h>
Make file descriptor passing work for CloudABI's sendmsg(). Reduce the potential amount of code duplication between cloudabi32 and cloudabi64 by creating a cloudabi_sock_recv() utility function. The cloudabi32 and cloudabi64 modules will then only contain code to convert the iovecs to the native pointer size. In cloudabi_sock_recv(), we can now construct an SCM_RIGHTS cmsghdr in an mbuf and pass that on to kern_sendit().
2017-03-22 06:43:10 +00:00
#include <sys/proc.h>
Add the remaining pointer size independent CloudABI socket system calls. CloudABI uses a structure called cloudabi_sockstat_t. Think of it as 'struct stat' for sockets. It is used by functions such as getsockname(), getpeername(), some of the getsockopt() values, etc. This change implements the sock_stat_get() system call that returns a copy of this structure. The accept() system call should also return a full copy of this structure eventually, but for now we're only interested in the peer address. Add a TODO() to make sure this is patched up later on. Differential Revision: https://reviews.freebsd.org/D3218
2015-08-05 08:18:05 +00:00
#include <sys/protosw.h>
Implement the trivial socket system calls: shutdown() and listen().
2015-07-15 11:27:34 +00:00
#include <sys/socket.h>
Add the remaining pointer size independent CloudABI socket system calls. CloudABI uses a structure called cloudabi_sockstat_t. Think of it as 'struct stat' for sockets. It is used by functions such as getsockname(), getpeername(), some of the getsockopt() values, etc. This change implements the sock_stat_get() system call that returns a copy of this structure. The accept() system call should also return a full copy of this structure eventually, but for now we're only interested in the peer address. Add a TODO() to make sure this is patched up later on. Differential Revision: https://reviews.freebsd.org/D3218
2015-08-05 08:18:05 +00:00
#include <sys/socketvar.h>
Implement the basic system calls that operate on pathnames. Summary: Unlike FreeBSD, CloudABI does not use null terminated strings for its pathnames. Introduce a function called copyin_path() that can be used by all of the filesystem system calls that use pathnames. This change already implements the system calls that don't depend on any additional functionality (e.g., conversion of struct stat). Also implement the socket system calls that operate on pathnames, namely the ones used by the C library functions bindat() and connectat(). These don't receive a 'struct sockaddr_un', but just the pathname, meaning they could be implemented in such a way that they don't depend on the size of sun_path. For now, just use the existing interfaces. Add a missing #include to cloudabi_syscalldefs.h to get this code to build, as one of its macros depends on UINT64_C(). Test Plan: These implementations have already been tested in the CloudABI branch on GitHub. They pass all of the tests. Reviewers: kib, pjd Subscribers: imp Differential Revision: https://reviews.freebsd.org/D3097
2015-07-24 07:46:02 +00:00
#include <sys/syscallsubr.h>
#include <sys/systm.h>
Implement the trivial socket system calls: shutdown() and listen().
2015-07-15 11:27:34 +00:00
Add the remaining pointer size independent CloudABI socket system calls. CloudABI uses a structure called cloudabi_sockstat_t. Think of it as 'struct stat' for sockets. It is used by functions such as getsockname(), getpeername(), some of the getsockopt() values, etc. This change implements the sock_stat_get() system call that returns a copy of this structure. The accept() system call should also return a full copy of this structure eventually, but for now we're only interested in the peer address. Add a TODO() to make sure this is patched up later on. Differential Revision: https://reviews.freebsd.org/D3218
2015-08-05 08:18:05 +00:00
#include <net/vnet.h>
#include <netinet/in.h>
Replace the CloudABI system call table by a machine generated version. The type definitions and constants that were used by COMPAT_CLOUDABI64 are a literal copy of some headers stored inside of CloudABI's C library, cloudlibc. What is annoying is that we can't make use of cloudlibc's system call list, as the format is completely different and doesn't provide enough information. It had to be synced in manually. We recently decided to solve this (and some other problems) by moving the ABI definitions into a separate file: https://github.com/NuxiNL/cloudabi/blob/master/cloudabi.txt This file is processed by a pile of Python scripts to generate the header files like before, documentation (markdown), but in our case more importantly: a FreeBSD system call table. This change discards the old files in sys/contrib/cloudabi and replaces them by the latest copies, which requires some minor changes here and there. Because cloudabi.txt also enforces consistent names of the system call arguments, we have to patch up a small number of system call implementations to use the new argument names. The new header files can also be included directly in FreeBSD kernel space without needing any includes/defines, so we can now remove cloudabi_syscalldefs.h and cloudabi64_syscalldefs.h. Patch up the sources to include the definitions directly from sys/contrib/cloudabi instead.
2016-03-24 21:47:15 +00:00
#include <contrib/cloudabi/cloudabi_types_common.h>
Import the CloudABI datatypes and create a system call table. CloudABI is a pure capability-based runtime environment for UNIX. It works similar to Capsicum, except that processes already run in capabilities mode on startup. All functionality that conflicts with this model has been omitted, making it a compact binary interface that can be supported by other operating systems without too much effort. CloudABI is 'secure by default'; the idea is that it should be safe to run arbitrary third-party binaries without requiring any explicit hardware virtualization (Bhyve) or namespace virtualization (Jails). The rights of an application are purely determined by the set of file descriptors that you grant it on startup. The datatypes and constants used by CloudABI's C library (cloudlibc) are defined in separate files called syscalldefs_mi.h (pointer size independent) and syscalldefs_md.h (pointer size dependent). We import these files in sys/contrib/cloudabi and wrap around them in cloudabi*_syscalldefs.h. We then add stubs for all of the system calls in sys/compat/cloudabi or sys/compat/cloudabi64, depending on whether the system call depends on the pointer size. We only have nine system calls that depend on the pointer size. If we ever want to support 32-bit binaries, we can simply add sys/compat/cloudabi32 and implement these nine system calls again. The next step is to send in code reviews for the individual system call implementations, but also add a sysentvec, to allow CloudABI executabled to be started through execve(). More information about CloudABI: - GitHub: https://github.com/NuxiNL/cloudlibc - Talk at BSDCan: https://www.youtube.com/watch?v=SVdF84x1EdA Differential Revision: https://reviews.freebsd.org/D2848 Reviewed by: emaste, brooks Obtained from: https://github.com/NuxiNL/freebsd
2015-07-09 07:20:15 +00:00
#include <compat/cloudabi/cloudabi_proto.h>
Add the remaining pointer size independent CloudABI socket system calls. CloudABI uses a structure called cloudabi_sockstat_t. Think of it as 'struct stat' for sockets. It is used by functions such as getsockname(), getpeername(), some of the getsockopt() values, etc. This change implements the sock_stat_get() system call that returns a copy of this structure. The accept() system call should also return a full copy of this structure eventually, but for now we're only interested in the peer address. Add a TODO() to make sure this is patched up later on. Differential Revision: https://reviews.freebsd.org/D3218
2015-08-05 08:18:05 +00:00
#include <compat/cloudabi/cloudabi_util.h>
Import the CloudABI datatypes and create a system call table. CloudABI is a pure capability-based runtime environment for UNIX. It works similar to Capsicum, except that processes already run in capabilities mode on startup. All functionality that conflicts with this model has been omitted, making it a compact binary interface that can be supported by other operating systems without too much effort. CloudABI is 'secure by default'; the idea is that it should be safe to run arbitrary third-party binaries without requiring any explicit hardware virtualization (Bhyve) or namespace virtualization (Jails). The rights of an application are purely determined by the set of file descriptors that you grant it on startup. The datatypes and constants used by CloudABI's C library (cloudlibc) are defined in separate files called syscalldefs_mi.h (pointer size independent) and syscalldefs_md.h (pointer size dependent). We import these files in sys/contrib/cloudabi and wrap around them in cloudabi*_syscalldefs.h. We then add stubs for all of the system calls in sys/compat/cloudabi or sys/compat/cloudabi64, depending on whether the system call depends on the pointer size. We only have nine system calls that depend on the pointer size. If we ever want to support 32-bit binaries, we can simply add sys/compat/cloudabi32 and implement these nine system calls again. The next step is to send in code reviews for the individual system call implementations, but also add a sysentvec, to allow CloudABI executabled to be started through execve(). More information about CloudABI: - GitHub: https://github.com/NuxiNL/cloudlibc - Talk at BSDCan: https://www.youtube.com/watch?v=SVdF84x1EdA Differential Revision: https://reviews.freebsd.org/D2848 Reviewed by: emaste, brooks Obtained from: https://github.com/NuxiNL/freebsd
2015-07-09 07:20:15 +00:00
int
cloudabi_sys_sock_shutdown(struct thread *td,
struct cloudabi_sys_sock_shutdown_args *uap)
{
Add kern_listen(), kern_shutdown(), and kern_socket(), and use them instead of their sys_*() counterparts in various compats. The svr4 is left untouched, because there's no point. Reviewed by: ed@, kib@ MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D9367
2017-01-30 12:57:22 +00:00
int how;
Import the CloudABI datatypes and create a system call table. CloudABI is a pure capability-based runtime environment for UNIX. It works similar to Capsicum, except that processes already run in capabilities mode on startup. All functionality that conflicts with this model has been omitted, making it a compact binary interface that can be supported by other operating systems without too much effort. CloudABI is 'secure by default'; the idea is that it should be safe to run arbitrary third-party binaries without requiring any explicit hardware virtualization (Bhyve) or namespace virtualization (Jails). The rights of an application are purely determined by the set of file descriptors that you grant it on startup. The datatypes and constants used by CloudABI's C library (cloudlibc) are defined in separate files called syscalldefs_mi.h (pointer size independent) and syscalldefs_md.h (pointer size dependent). We import these files in sys/contrib/cloudabi and wrap around them in cloudabi*_syscalldefs.h. We then add stubs for all of the system calls in sys/compat/cloudabi or sys/compat/cloudabi64, depending on whether the system call depends on the pointer size. We only have nine system calls that depend on the pointer size. If we ever want to support 32-bit binaries, we can simply add sys/compat/cloudabi32 and implement these nine system calls again. The next step is to send in code reviews for the individual system call implementations, but also add a sysentvec, to allow CloudABI executabled to be started through execve(). More information about CloudABI: - GitHub: https://github.com/NuxiNL/cloudlibc - Talk at BSDCan: https://www.youtube.com/watch?v=SVdF84x1EdA Differential Revision: https://reviews.freebsd.org/D2848 Reviewed by: emaste, brooks Obtained from: https://github.com/NuxiNL/freebsd
2015-07-09 07:20:15 +00:00
Implement the trivial socket system calls: shutdown() and listen().
2015-07-15 11:27:34 +00:00
switch (uap->how) {
case CLOUDABI_SHUT_RD:
Add kern_listen(), kern_shutdown(), and kern_socket(), and use them instead of their sys_*() counterparts in various compats. The svr4 is left untouched, because there's no point. Reviewed by: ed@, kib@ MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D9367
2017-01-30 12:57:22 +00:00
how = SHUT_RD;
Implement the trivial socket system calls: shutdown() and listen().
2015-07-15 11:27:34 +00:00
break;
case CLOUDABI_SHUT_WR:
Add kern_listen(), kern_shutdown(), and kern_socket(), and use them instead of their sys_*() counterparts in various compats. The svr4 is left untouched, because there's no point. Reviewed by: ed@, kib@ MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D9367
2017-01-30 12:57:22 +00:00
how = SHUT_WR;
Implement the trivial socket system calls: shutdown() and listen().
2015-07-15 11:27:34 +00:00
break;
case CLOUDABI_SHUT_RD | CLOUDABI_SHUT_WR:
Add kern_listen(), kern_shutdown(), and kern_socket(), and use them instead of their sys_*() counterparts in various compats. The svr4 is left untouched, because there's no point. Reviewed by: ed@, kib@ MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D9367
2017-01-30 12:57:22 +00:00
how = SHUT_RDWR;
Implement the trivial socket system calls: shutdown() and listen().
2015-07-15 11:27:34 +00:00
break;
default:
return (EINVAL);
}
Add kern_listen(), kern_shutdown(), and kern_socket(), and use them instead of their sys_*() counterparts in various compats. The svr4 is left untouched, because there's no point. Reviewed by: ed@, kib@ MFC after: 2 weeks Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D9367
2017-01-30 12:57:22 +00:00
return (kern_shutdown(td, uap->sock, how));
Import the CloudABI datatypes and create a system call table. CloudABI is a pure capability-based runtime environment for UNIX. It works similar to Capsicum, except that processes already run in capabilities mode on startup. All functionality that conflicts with this model has been omitted, making it a compact binary interface that can be supported by other operating systems without too much effort. CloudABI is 'secure by default'; the idea is that it should be safe to run arbitrary third-party binaries without requiring any explicit hardware virtualization (Bhyve) or namespace virtualization (Jails). The rights of an application are purely determined by the set of file descriptors that you grant it on startup. The datatypes and constants used by CloudABI's C library (cloudlibc) are defined in separate files called syscalldefs_mi.h (pointer size independent) and syscalldefs_md.h (pointer size dependent). We import these files in sys/contrib/cloudabi and wrap around them in cloudabi*_syscalldefs.h. We then add stubs for all of the system calls in sys/compat/cloudabi or sys/compat/cloudabi64, depending on whether the system call depends on the pointer size. We only have nine system calls that depend on the pointer size. If we ever want to support 32-bit binaries, we can simply add sys/compat/cloudabi32 and implement these nine system calls again. The next step is to send in code reviews for the individual system call implementations, but also add a sysentvec, to allow CloudABI executabled to be started through execve(). More information about CloudABI: - GitHub: https://github.com/NuxiNL/cloudlibc - Talk at BSDCan: https://www.youtube.com/watch?v=SVdF84x1EdA Differential Revision: https://reviews.freebsd.org/D2848 Reviewed by: emaste, brooks Obtained from: https://github.com/NuxiNL/freebsd
2015-07-09 07:20:15 +00:00
}
Make file descriptor passing for CloudABI's recvmsg() work. Similar to the change for sendmsg(), create a pointer size independent implementation of recvmsg() and let cloudabi32 and cloudabi64 call into it. In case userspace requests one or more file descriptors, call kern_recvit() in such a way that we get the control message headers in an mbuf. Iterate over all of the headers and copy the file descriptors to userspace.
2017-03-22 19:20:39 +00:00
int
cloudabi_sock_recv(struct thread *td, cloudabi_fd_t fd, struct iovec *data,
size_t datalen, cloudabi_fd_t *fds, size_t fdslen,
Upgrade to the latest sources generated from the CloudABI specification. The CloudABI specification has had some minor changes over the last half year. No substantial features have been added, but some features that are deemed unnecessary in retrospect have been removed: - mlock()/munlock(): These calls tend to be used for two different purposes: real-time support and handling of sensitive (cryptographic) material that shouldn't end up in swap. The former use case is out of scope for CloudABI. The latter may also be handled by encrypting swap. Removing this has the advantage that we no longer need to worry about having resource limits put in place. - SOCK_SEQPACKET: Support for SOCK_SEQPACKET is rather inconsistent across various operating systems. Some operating systems supported by CloudABI (e.g., macOS) don't support it at all. Considering that they are rarely used, remove support for the time being. - getsockname(), getpeername(), etc.: A shortcoming of the sockets API is that it doesn't allow you to create socket(pair)s, having fake socket addresses associated with them. This makes it harder to test applications or transparently forward (proxy) connections to them. With CloudABI, we're slowly moving networking connectivity into a separate daemon called Flower. In addition to passing around socket file descriptors, this daemon provides address information in the form of arbitrary string labels. There is thus no longer any need for requesting socket address information from the kernel itself. This change also updates consumers of the generated code accordingly. Even though system calls end up getting renumbered, this won't cause any problems in practice. CloudABI programs always call into the kernel through a kernel-supplied vDSO that has the numbers updated as well. Obtained from: https://github.com/NuxiNL/cloudabi
2017-07-26 06:57:15 +00:00
cloudabi_riflags_t flags, size_t *rdatalen, size_t *rfdslen,
cloudabi_roflags_t *rflags)
Make file descriptor passing for CloudABI's recvmsg() work. Similar to the change for sendmsg(), create a pointer size independent implementation of recvmsg() and let cloudabi32 and cloudabi64 call into it. In case userspace requests one or more file descriptors, call kern_recvit() in such a way that we get the control message headers in an mbuf. Iterate over all of the headers and copy the file descriptors to userspace.
2017-03-22 19:20:39 +00:00
{
struct msghdr hdr = {
.msg_iov = data,
.msg_iovlen = datalen,
};
struct mbuf *control;
int error;
/* Convert flags. */
Upgrade to the latest sources generated from the CloudABI specification. The CloudABI specification has had some minor changes over the last half year. No substantial features have been added, but some features that are deemed unnecessary in retrospect have been removed: - mlock()/munlock(): These calls tend to be used for two different purposes: real-time support and handling of sensitive (cryptographic) material that shouldn't end up in swap. The former use case is out of scope for CloudABI. The latter may also be handled by encrypting swap. Removing this has the advantage that we no longer need to worry about having resource limits put in place. - SOCK_SEQPACKET: Support for SOCK_SEQPACKET is rather inconsistent across various operating systems. Some operating systems supported by CloudABI (e.g., macOS) don't support it at all. Considering that they are rarely used, remove support for the time being. - getsockname(), getpeername(), etc.: A shortcoming of the sockets API is that it doesn't allow you to create socket(pair)s, having fake socket addresses associated with them. This makes it harder to test applications or transparently forward (proxy) connections to them. With CloudABI, we're slowly moving networking connectivity into a separate daemon called Flower. In addition to passing around socket file descriptors, this daemon provides address information in the form of arbitrary string labels. There is thus no longer any need for requesting socket address information from the kernel itself. This change also updates consumers of the generated code accordingly. Even though system calls end up getting renumbered, this won't cause any problems in practice. CloudABI programs always call into the kernel through a kernel-supplied vDSO that has the numbers updated as well. Obtained from: https://github.com/NuxiNL/cloudabi
2017-07-26 06:57:15 +00:00
if (flags & CLOUDABI_SOCK_RECV_PEEK)
Make file descriptor passing for CloudABI's recvmsg() work. Similar to the change for sendmsg(), create a pointer size independent implementation of recvmsg() and let cloudabi32 and cloudabi64 call into it. In case userspace requests one or more file descriptors, call kern_recvit() in such a way that we get the control message headers in an mbuf. Iterate over all of the headers and copy the file descriptors to userspace.
2017-03-22 19:20:39 +00:00
hdr.msg_flags |= MSG_PEEK;
Upgrade to the latest sources generated from the CloudABI specification. The CloudABI specification has had some minor changes over the last half year. No substantial features have been added, but some features that are deemed unnecessary in retrospect have been removed: - mlock()/munlock(): These calls tend to be used for two different purposes: real-time support and handling of sensitive (cryptographic) material that shouldn't end up in swap. The former use case is out of scope for CloudABI. The latter may also be handled by encrypting swap. Removing this has the advantage that we no longer need to worry about having resource limits put in place. - SOCK_SEQPACKET: Support for SOCK_SEQPACKET is rather inconsistent across various operating systems. Some operating systems supported by CloudABI (e.g., macOS) don't support it at all. Considering that they are rarely used, remove support for the time being. - getsockname(), getpeername(), etc.: A shortcoming of the sockets API is that it doesn't allow you to create socket(pair)s, having fake socket addresses associated with them. This makes it harder to test applications or transparently forward (proxy) connections to them. With CloudABI, we're slowly moving networking connectivity into a separate daemon called Flower. In addition to passing around socket file descriptors, this daemon provides address information in the form of arbitrary string labels. There is thus no longer any need for requesting socket address information from the kernel itself. This change also updates consumers of the generated code accordingly. Even though system calls end up getting renumbered, this won't cause any problems in practice. CloudABI programs always call into the kernel through a kernel-supplied vDSO that has the numbers updated as well. Obtained from: https://github.com/NuxiNL/cloudabi
2017-07-26 06:57:15 +00:00
if (flags & CLOUDABI_SOCK_RECV_WAITALL)
Make file descriptor passing for CloudABI's recvmsg() work. Similar to the change for sendmsg(), create a pointer size independent implementation of recvmsg() and let cloudabi32 and cloudabi64 call into it. In case userspace requests one or more file descriptors, call kern_recvit() in such a way that we get the control message headers in an mbuf. Iterate over all of the headers and copy the file descriptors to userspace.
2017-03-22 19:20:39 +00:00
hdr.msg_flags |= MSG_WAITALL;
control = NULL;
error = kern_recvit(td, fd, &hdr, UIO_SYSSPACE,
fdslen > 0 ? &control : NULL);
if (error != 0)
return (error);
/* Convert return values. */
*rdatalen = td->td_retval[0];
td->td_retval[0] = 0;
*rfdslen = 0;
*rflags = 0;
if (hdr.msg_flags & MSG_TRUNC)
Upgrade to the latest sources generated from the CloudABI specification. The CloudABI specification has had some minor changes over the last half year. No substantial features have been added, but some features that are deemed unnecessary in retrospect have been removed: - mlock()/munlock(): These calls tend to be used for two different purposes: real-time support and handling of sensitive (cryptographic) material that shouldn't end up in swap. The former use case is out of scope for CloudABI. The latter may also be handled by encrypting swap. Removing this has the advantage that we no longer need to worry about having resource limits put in place. - SOCK_SEQPACKET: Support for SOCK_SEQPACKET is rather inconsistent across various operating systems. Some operating systems supported by CloudABI (e.g., macOS) don't support it at all. Considering that they are rarely used, remove support for the time being. - getsockname(), getpeername(), etc.: A shortcoming of the sockets API is that it doesn't allow you to create socket(pair)s, having fake socket addresses associated with them. This makes it harder to test applications or transparently forward (proxy) connections to them. With CloudABI, we're slowly moving networking connectivity into a separate daemon called Flower. In addition to passing around socket file descriptors, this daemon provides address information in the form of arbitrary string labels. There is thus no longer any need for requesting socket address information from the kernel itself. This change also updates consumers of the generated code accordingly. Even though system calls end up getting renumbered, this won't cause any problems in practice. CloudABI programs always call into the kernel through a kernel-supplied vDSO that has the numbers updated as well. Obtained from: https://github.com/NuxiNL/cloudabi
2017-07-26 06:57:15 +00:00
*rflags |= CLOUDABI_SOCK_RECV_DATA_TRUNCATED;
Make file descriptor passing for CloudABI's recvmsg() work. Similar to the change for sendmsg(), create a pointer size independent implementation of recvmsg() and let cloudabi32 and cloudabi64 call into it. In case userspace requests one or more file descriptors, call kern_recvit() in such a way that we get the control message headers in an mbuf. Iterate over all of the headers and copy the file descriptors to userspace.
2017-03-22 19:20:39 +00:00
/* Extract file descriptors from SCM_RIGHTS messages. */
if (control != NULL) {
struct cmsghdr *chdr;
hdr.msg_control = mtod(control, void *);
hdr.msg_controllen = control->m_len;
for (chdr = CMSG_FIRSTHDR(&hdr); chdr != NULL;
chdr = CMSG_NXTHDR(&hdr, chdr)) {
if (chdr->cmsg_level == SOL_SOCKET &&
chdr->cmsg_type == SCM_RIGHTS) {
size_t nfds;
nfds = (chdr->cmsg_len - CMSG_LEN(0)) /
sizeof(int);
if (nfds > fdslen) {
/* Unable to store file descriptors. */
nfds = fdslen;
Upgrade to the latest sources generated from the CloudABI specification. The CloudABI specification has had some minor changes over the last half year. No substantial features have been added, but some features that are deemed unnecessary in retrospect have been removed: - mlock()/munlock(): These calls tend to be used for two different purposes: real-time support and handling of sensitive (cryptographic) material that shouldn't end up in swap. The former use case is out of scope for CloudABI. The latter may also be handled by encrypting swap. Removing this has the advantage that we no longer need to worry about having resource limits put in place. - SOCK_SEQPACKET: Support for SOCK_SEQPACKET is rather inconsistent across various operating systems. Some operating systems supported by CloudABI (e.g., macOS) don't support it at all. Considering that they are rarely used, remove support for the time being. - getsockname(), getpeername(), etc.: A shortcoming of the sockets API is that it doesn't allow you to create socket(pair)s, having fake socket addresses associated with them. This makes it harder to test applications or transparently forward (proxy) connections to them. With CloudABI, we're slowly moving networking connectivity into a separate daemon called Flower. In addition to passing around socket file descriptors, this daemon provides address information in the form of arbitrary string labels. There is thus no longer any need for requesting socket address information from the kernel itself. This change also updates consumers of the generated code accordingly. Even though system calls end up getting renumbered, this won't cause any problems in practice. CloudABI programs always call into the kernel through a kernel-supplied vDSO that has the numbers updated as well. Obtained from: https://github.com/NuxiNL/cloudabi
2017-07-26 06:57:15 +00:00
*rflags |=
CLOUDABI_SOCK_RECV_FDS_TRUNCATED;
Make file descriptor passing for CloudABI's recvmsg() work. Similar to the change for sendmsg(), create a pointer size independent implementation of recvmsg() and let cloudabi32 and cloudabi64 call into it. In case userspace requests one or more file descriptors, call kern_recvit() in such a way that we get the control message headers in an mbuf. Iterate over all of the headers and copy the file descriptors to userspace.
2017-03-22 19:20:39 +00:00
}
error = copyout(CMSG_DATA(chdr), fds,
nfds * sizeof(int));
if (error != 0) {
m_free(control);
return (error);
}
fds += nfds;
fdslen -= nfds;
*rfdslen += nfds;
}
}
m_free(control);
}
return (0);
}
Make file descriptor passing work for CloudABI's sendmsg(). Reduce the potential amount of code duplication between cloudabi32 and cloudabi64 by creating a cloudabi_sock_recv() utility function. The cloudabi32 and cloudabi64 modules will then only contain code to convert the iovecs to the native pointer size. In cloudabi_sock_recv(), we can now construct an SCM_RIGHTS cmsghdr in an mbuf and pass that on to kern_sendit().
2017-03-22 06:43:10 +00:00
int
cloudabi_sock_send(struct thread *td, cloudabi_fd_t fd, struct iovec *data,
Upgrade to the latest sources generated from the CloudABI specification. The CloudABI specification has had some minor changes over the last half year. No substantial features have been added, but some features that are deemed unnecessary in retrospect have been removed: - mlock()/munlock(): These calls tend to be used for two different purposes: real-time support and handling of sensitive (cryptographic) material that shouldn't end up in swap. The former use case is out of scope for CloudABI. The latter may also be handled by encrypting swap. Removing this has the advantage that we no longer need to worry about having resource limits put in place. - SOCK_SEQPACKET: Support for SOCK_SEQPACKET is rather inconsistent across various operating systems. Some operating systems supported by CloudABI (e.g., macOS) don't support it at all. Considering that they are rarely used, remove support for the time being. - getsockname(), getpeername(), etc.: A shortcoming of the sockets API is that it doesn't allow you to create socket(pair)s, having fake socket addresses associated with them. This makes it harder to test applications or transparently forward (proxy) connections to them. With CloudABI, we're slowly moving networking connectivity into a separate daemon called Flower. In addition to passing around socket file descriptors, this daemon provides address information in the form of arbitrary string labels. There is thus no longer any need for requesting socket address information from the kernel itself. This change also updates consumers of the generated code accordingly. Even though system calls end up getting renumbered, this won't cause any problems in practice. CloudABI programs always call into the kernel through a kernel-supplied vDSO that has the numbers updated as well. Obtained from: https://github.com/NuxiNL/cloudabi
2017-07-26 06:57:15 +00:00
size_t datalen, const cloudabi_fd_t *fds, size_t fdslen, size_t *rdatalen)
Make file descriptor passing work for CloudABI's sendmsg(). Reduce the potential amount of code duplication between cloudabi32 and cloudabi64 by creating a cloudabi_sock_recv() utility function. The cloudabi32 and cloudabi64 modules will then only contain code to convert the iovecs to the native pointer size. In cloudabi_sock_recv(), we can now construct an SCM_RIGHTS cmsghdr in an mbuf and pass that on to kern_sendit().
2017-03-22 06:43:10 +00:00
{
struct msghdr hdr = {
.msg_iov = data,
.msg_iovlen = datalen,
};
struct mbuf *control;
Upgrade to the latest sources generated from the CloudABI specification. The CloudABI specification has had some minor changes over the last half year. No substantial features have been added, but some features that are deemed unnecessary in retrospect have been removed: - mlock()/munlock(): These calls tend to be used for two different purposes: real-time support and handling of sensitive (cryptographic) material that shouldn't end up in swap. The former use case is out of scope for CloudABI. The latter may also be handled by encrypting swap. Removing this has the advantage that we no longer need to worry about having resource limits put in place. - SOCK_SEQPACKET: Support for SOCK_SEQPACKET is rather inconsistent across various operating systems. Some operating systems supported by CloudABI (e.g., macOS) don't support it at all. Considering that they are rarely used, remove support for the time being. - getsockname(), getpeername(), etc.: A shortcoming of the sockets API is that it doesn't allow you to create socket(pair)s, having fake socket addresses associated with them. This makes it harder to test applications or transparently forward (proxy) connections to them. With CloudABI, we're slowly moving networking connectivity into a separate daemon called Flower. In addition to passing around socket file descriptors, this daemon provides address information in the form of arbitrary string labels. There is thus no longer any need for requesting socket address information from the kernel itself. This change also updates consumers of the generated code accordingly. Even though system calls end up getting renumbered, this won't cause any problems in practice. CloudABI programs always call into the kernel through a kernel-supplied vDSO that has the numbers updated as well. Obtained from: https://github.com/NuxiNL/cloudabi
2017-07-26 06:57:15 +00:00
int error;
Make file descriptor passing work for CloudABI's sendmsg(). Reduce the potential amount of code duplication between cloudabi32 and cloudabi64 by creating a cloudabi_sock_recv() utility function. The cloudabi32 and cloudabi64 modules will then only contain code to convert the iovecs to the native pointer size. In cloudabi_sock_recv(), we can now construct an SCM_RIGHTS cmsghdr in an mbuf and pass that on to kern_sendit().
2017-03-22 06:43:10 +00:00
/* Convert file descriptor array to an SCM_RIGHTS message. */
if (fdslen > MCLBYTES || CMSG_SPACE(fdslen * sizeof(int)) > MCLBYTES) {
return (EINVAL);
} else if (fdslen > 0) {
struct cmsghdr *chdr;
control = m_get2(CMSG_SPACE(fdslen * sizeof(int)),
M_WAITOK, MT_CONTROL, 0);
control->m_len = CMSG_SPACE(fdslen * sizeof(int));
chdr = mtod(control, struct cmsghdr *);
chdr->cmsg_len = CMSG_LEN(fdslen * sizeof(int));
chdr->cmsg_level = SOL_SOCKET;
chdr->cmsg_type = SCM_RIGHTS;
error = copyin(fds, CMSG_DATA(chdr), fdslen * sizeof(int));
if (error != 0) {
m_free(control);
return (error);
}
} else {
control = NULL;
}
Upgrade to the latest sources generated from the CloudABI specification. The CloudABI specification has had some minor changes over the last half year. No substantial features have been added, but some features that are deemed unnecessary in retrospect have been removed: - mlock()/munlock(): These calls tend to be used for two different purposes: real-time support and handling of sensitive (cryptographic) material that shouldn't end up in swap. The former use case is out of scope for CloudABI. The latter may also be handled by encrypting swap. Removing this has the advantage that we no longer need to worry about having resource limits put in place. - SOCK_SEQPACKET: Support for SOCK_SEQPACKET is rather inconsistent across various operating systems. Some operating systems supported by CloudABI (e.g., macOS) don't support it at all. Considering that they are rarely used, remove support for the time being. - getsockname(), getpeername(), etc.: A shortcoming of the sockets API is that it doesn't allow you to create socket(pair)s, having fake socket addresses associated with them. This makes it harder to test applications or transparently forward (proxy) connections to them. With CloudABI, we're slowly moving networking connectivity into a separate daemon called Flower. In addition to passing around socket file descriptors, this daemon provides address information in the form of arbitrary string labels. There is thus no longer any need for requesting socket address information from the kernel itself. This change also updates consumers of the generated code accordingly. Even though system calls end up getting renumbered, this won't cause any problems in practice. CloudABI programs always call into the kernel through a kernel-supplied vDSO that has the numbers updated as well. Obtained from: https://github.com/NuxiNL/cloudabi
2017-07-26 06:57:15 +00:00
error = kern_sendit(td, fd, &hdr, MSG_NOSIGNAL, control, UIO_USERSPACE);
Make file descriptor passing work for CloudABI's sendmsg(). Reduce the potential amount of code duplication between cloudabi32 and cloudabi64 by creating a cloudabi_sock_recv() utility function. The cloudabi32 and cloudabi64 modules will then only contain code to convert the iovecs to the native pointer size. In cloudabi_sock_recv(), we can now construct an SCM_RIGHTS cmsghdr in an mbuf and pass that on to kern_sendit().
2017-03-22 06:43:10 +00:00
if (error != 0)
return (error);
*rdatalen = td->td_retval[0];
td->td_retval[0] = 0;
return (0);
}
Reference in New Issue Copy Permalink