Merge pull request #31 from varnish/file_descriptors

Managed file descriptors, loading dynamic executables

Author: fwsGonzo

CMakeLists.txt

@@ -22,24 +22,20 @@ target_compile_definitions(tinykvm PUBLIC
 
 add_executable(bench
 	src/bench.cpp
-	src/functions.cpp
 )
 target_link_libraries(bench tinykvm)
 
 add_executable(tinytest
 	src/tests.cpp
-	src/functions.cpp
 )
 target_link_libraries(tinytest tinykvm)
 
 add_executable(simplekvm
 	src/simple.cpp
-	src/functions.cpp
 )
 target_link_libraries(simplekvm tinykvm)
 
 add_executable(storagekvm
 	src/storage.cpp
-	src/functions.cpp
 )
 target_link_libraries(storagekvm tinykvm)

lib/CMakeLists.txt

@@ -22,11 +22,14 @@ set (SOURCES
 	tinykvm/memory_bank.cpp
 	tinykvm/page_streaming.cpp
 	tinykvm/remote.cpp
-	tinykvm/signals.cpp
 	tinykvm/smp.cpp
-	tinykvm/threads.cpp
 	tinykvm/vcpu.cpp
 	tinykvm/vcpu_run.cpp
+
+	tinykvm/linux/fds.cpp
+	tinykvm/linux/signals.cpp
+	tinykvm/linux/system_calls.cpp
+	tinykvm/linux/threads.cpp
 	)
 if (TINYKVM_ARCH STREQUAL "AMD64")
 	list(APPEND SOURCES

lib/tinykvm/common.hpp

@@ -119,4 +119,14 @@ namespace tinykvm
 		int userval2;
 		int userval3;
 	};
+
+	struct DynamicElf {
+		std::string interpreter;
+		bool is_dynamic;
+
+		bool has_interpreter() const noexcept {
+			return !interpreter.empty();
+		}
+	};
+	extern DynamicElf is_dynamic_elf(std::string_view bin);
 }

lib/tinykvm/linux/fds.cpp

@@ -0,0 +1,132 @@
+#include "fds.hpp"
+
+#include "../machine.hpp"
+#include "threads.hpp"
+#include <fcntl.h>
+#include <cstring>
+#include <sys/stat.h>
+#include <unistd.h>
+
+namespace tinykvm
+{
+	FileDescriptors& Machine::fds()
+	{
+		if (!m_fds) {
+			m_fds = std::make_unique<FileDescriptors>(*this);
+		}
+		return *m_fds;
+	}
+	const FileDescriptors& Machine::fds() const
+	{
+		return const_cast<Machine&>(*this).fds();
+	}
+
+	FileDescriptors::FileDescriptors(Machine& machine)
+		: m_machine(machine)
+	{
+		m_allowed_readable_paths =
+			std::make_shared<std::unordered_set<std::string>>();
+		// Add all common standard libraries to the list of allowed readable paths
+		this->add_readonly_file("/lib64/ld-linux-x86-64.so.2");
+		this->add_readonly_file("/lib/x86_64-linux-gnu/libgcc_s.so.1");
+		this->add_readonly_file("/lib/x86_64-linux-gnu/libc.so.6");
+		this->add_readonly_file("/lib/x86_64-linux-gnu/libm.so.6");
+		this->add_readonly_file("/lib/x86_64-linux-gnu/libpthread.so.0");
+		this->add_readonly_file("/lib/x86_64-linux-gnu/libdl.so.2");
+		this->add_readonly_file("/lib/x86_64-linux-gnu/libstdc++.so.6");
+		this->add_readonly_file("/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2/libstdc++.so.6");
+		this->add_readonly_file("/lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v3/libstdc++.so.6");
+	}
+
+	FileDescriptors::~FileDescriptors()
+	{
+		for (auto& [fd, entry] : m_fds) {
+			if (entry.real_fd >= 0) {
+				close(entry.real_fd);
+			}
+		}
+	}
+
+	void FileDescriptors::reset_to(const FileDescriptors& other)
+	{
+		// Close all current file descriptors
+		// We don't have a sandbox-safe way to share
+		// file descriptors between VMs, so just close.
+		for (auto& [fd, entry] : m_fds) {
+			if (entry.real_fd >= 0) {
+				close(entry.real_fd);
+			}
+		}
+		// Clear the current file descriptors
+		m_fds.clear();
+		m_next_file_fd = other.m_next_file_fd;
+		m_next_socket_fd = other.m_next_socket_fd;
+		m_allowed_readable_paths = other.m_allowed_readable_paths;
+	}
+
+	int FileDescriptors::manage(int fd, bool is_socket, bool is_writable)
+	{
+		if (fd < 0) {
+			throw std::runtime_error("Invalid file descriptor in FileDescriptors::add()");
+		}
+		if (is_socket) {
+			m_fds[m_next_socket_fd] = {fd, is_writable};
+			return m_next_socket_fd++;
+		} else {
+			m_fds[m_next_file_fd] = {fd, is_writable};
+			return m_next_file_fd++;
+		}
+	}
+
+	std::optional<FileDescriptors::Entry*> FileDescriptors::entry_for_vfd(int vfd)
+	{
+		auto it = m_fds.find(vfd);
+		if (it != m_fds.end()) {
+			return &it->second;
+		}
+		return std::nullopt;
+	}
+
+	int FileDescriptors::translate(int vfd) const
+	{
+		auto it = m_fds.find(vfd);
+		if (it != m_fds.end()) {
+			return it->second.real_fd;
+		}
+		throw std::runtime_error("Invalid virtual file descriptor");
+	}
+
+	void FileDescriptors::free(int vfd)
+	{
+		auto it = m_fds.find(vfd);
+		if (it != m_fds.end()) {
+			close(it->second.real_fd);
+			m_fds.erase(it);
+		}
+	}
+
+	void FileDescriptors::add_readonly_file(const std::string& path)
+	{
+		this->m_allowed_readable_paths->insert(path);
+	}
+
+	bool FileDescriptors::is_readable_path(std::string& modifiable_path) const noexcept
+	{
+		if (m_open_readable)
+		{
+			if (m_open_readable(modifiable_path))
+				return true;
+		}
+		auto it = m_allowed_readable_paths->find(modifiable_path);
+		return (it != m_allowed_readable_paths->end());
+	}
+
+	bool FileDescriptors::is_writable_path(std::string& modifiable_path) const noexcept
+	{
+		if (m_open_writable) {
+			return m_open_writable(modifiable_path);
+		}
+		return false;
+	}
+
+} // tinykvm

lib/tinykvm/linux/fds.hpp

@@ -0,0 +1,103 @@
+#pragma once
+
+#include <cstdint>
+#include <functional>
+#include <map>
+#include <memory>
+#include <optional>
+#include <string>
+#include <unordered_set>
+
+namespace tinykvm
+{
+	struct Machine;
+
+	struct FileDescriptors
+	{
+		static constexpr int SOCKET_BIT = 0x40000000;
+		struct Entry
+		{
+			int real_fd = -1;
+			bool is_writable = false;
+		};
+		using open_readable_t = std::function<bool(std::string&)>;
+		using open_writable_t = std::function<bool(std::string&)>;
+
+		FileDescriptors(Machine& machine);
+		~FileDescriptors();
+		void reset_to(const FileDescriptors& other);
+
+		/// @brief Add a file descriptor to the list of managed FDs.
+		/// @param fd The real file descriptor.
+		/// @param is_socket True if the file descriptor is a socket.
+		/// @return The virtual file descriptor.
+		int manage(int fd, bool is_socket, bool is_writable = false);
+
+		/// @brief Remove a virtual file descriptor from the list of managed FDs.
+		/// @param vfd The virtual file descriptor to remove.
+		void free(int vfd);
+
+		std::optional<Entry*> entry_for_vfd(int vfd);
+
+		/// @brief Translate a virtual file descriptor to a real file descriptor,
+		/// or throw an exception, failing execution.
+		/// @param vfd The virtual file descriptor to translate.
+		/// @return The real file descriptor.
+		int translate(int vfd) const;
+
+		bool is_socket_vfd(int vfd) const noexcept {
+			return (vfd & SOCKET_BIT) != 0;
+		}
+		bool is_file_vfd(int vfd) const noexcept {
+			return (vfd & SOCKET_BIT) == 0;
+		}
+
+		/// @brief Set the callback for checking if a path is allowed to be opened
+		/// for reading. This is used to check if a path is allowed to be opened
+		/// for reading. The callback should return true if the path is allowed,
+		/// and false otherwise. The path may be modified by the callback,
+		/// indicating which real path to open.
+		/// @param callback The callback to set.
+		void set_open_readable_callback(open_readable_t callback) noexcept {
+			m_open_readable = callback;
+		}
+
+		/// @brief Set the callback for checking if a path is allowed to be opened
+		/// for writing. This is used to check if a path is allowed to be opened
+		/// for writing. The callback should return true if the path is allowed,
+		/// and false otherwise. The path may be modified by the callback,
+		/// indicating which real path to open.
+		/// @param callback The callback to set.
+		void set_open_writable_callback(open_writable_t callback) noexcept {
+			m_open_writable = callback;
+		}
+
+		/// @brief Add a read-only file
+		void add_readonly_file(const std::string& path);
+
+		/// @brief Check if a path is allowed to be opened for reading.
+		/// @param modifiable_path The path to check. This may be modified by
+		/// the callback to indicate which real path to open.
+		/// @return True if the path is allowed to be opened for reading, false
+		/// otherwise. The path may be modified by the callback, indicating
+		/// which real path to open.
+		bool is_readable_path(std::string& modifiable_path) const noexcept;
+
+		/// @brief Check if a path is writable. Paths are usually not writable,
+		/// but this can be overridden by setting the open_writable callback.
+		/// @param modifiable_path 
+		/// @return True if the path is writable, false otherwise. The path
+		/// may be modified by the callback, indicating which real path to open.
+		bool is_writable_path(std::string& modifiable_path) const noexcept;
+
+	private:
+		Machine& m_machine;
+		std::map<int, Entry> m_fds;
+		std::shared_ptr<std::unordered_set<std::string>> m_allowed_readable_paths;
+		int m_next_file_fd = 0x1000;
+		int m_next_socket_fd = 0x1000 | SOCKET_BIT;
+		bool m_verbose = true;
+		open_readable_t m_open_readable;
+		open_writable_t m_open_writable;
+	};
+}

lib/tinykvm/signals.cpp renamed to lib/tinykvm/linux/signals.cpp

@@ -1,4 +1,4 @@
-#include "machine.hpp"
+#include "../machine.hpp"
 #include "threads.hpp"
 
 namespace tinykvm {
@@ -33,4 +33,9 @@ void Signals::enter(vCPU& cpu, int sig)
 	cpu.set_registers(regs);
 }
 
+SignalAction& Machine::sigaction(int sig)
+{
+	return signals().get(sig);
+}
+
 } // tinykvm

lib/tinykvm/signals.hpp renamed to lib/tinykvm/linux/signals.hpp

@@ -1,5 +1,5 @@
 #pragma once
-#include "forward.hpp"
+#include "../forward.hpp"
 #include <array>
 #include <map>
 #include <memory>