Página inicial Explorar Ajuda
Entrar
miti
/
graphene
1
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Tree: 5ec5e2f24c
Branches Tags
graphene
/
Pal
/
src
/
host
/
Linux-SGX
/
db_process.c

db_process.c 14 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472 
  1. /* Copyright (C) 2014 Stony Brook University
    2. 

  2.    This file is part of Graphene Library OS.
    3. 

  3. 

  4.    Graphene Library OS is free software: you can redistribute it and/or
    5. 

  5.    modify it under the terms of the GNU Lesser General Public License
    6. 

  6.    as published by the Free Software Foundation, either version 3 of the
    7. 

  7.    License, or (at your option) any later version.
    8. 

  8. 

  9.    Graphene Library OS is distributed in the hope that it will be useful,
    10. 

  10.    but WITHOUT ANY WARRANTY; without even the implied warranty of
    11. 

  11.    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12. 

  12.    GNU Lesser General Public License for more details.
    13. 

  13. 

  14.    You should have received a copy of the GNU Lesser General Public License
    15. 

  15.    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
    16. 

  16. 

  17. /*
    18. 

  18.  * db_process.c
    19. 

  19.  *
    20. 

  20.  * This source file contains functions to create a child process and terminate
    21. 

  21.  * the running process. Child does not inherit any objects or memory from its
    22. 

  22.  * parent pricess. A Parent process may not modify the execution of its
    23. 

  23.  * children. It can wait for a child to exit using its handle. Also, parent and
    24. 

  24.  * child may communicate through I/O streams provided by the parent to the child
    25. 

  25.  * at creation.
    26. 

  26.  */
    27. 

  27. 

  28. #include "pal_defs.h"
    29. 

  29. #include "pal_linux_defs.h"
    30. 

  30. #include "pal.h"
    31. 

  31. #include "pal_internal.h"
    32. 

  32. #include "pal_linux.h"
    33. 

  33. #include "pal_linux_error.h"
    34. 

  34. #include "pal_debug.h"
    35. 

  35. #include "pal_error.h"
    36. 

  36. #include "pal_security.h"
    37. 

  37. #include "pal_crypto.h"
    38. 

  38. #include "api.h"
    39. 

  39. 

  40. #include <linux/sched.h>
    41. 

  41. #include <linux/types.h>
    42. 

  42. #include <linux/fs.h>
    43. 

  43. typedef __kernel_pid_t pid_t;
    44. 

  44. #include <asm/fcntl.h>
    45. 

  45. 

  46. DEFINE_LIST(trusted_child);
    47. 

  47. struct trusted_child {
    48. 

  48.     LIST_TYPE(trusted_child) list;
    49. 

  49.     sgx_arch_hash_t mrenclave;
    50. 

  50.     char uri[];
    51. 

  51. };
    52. 

  52. 

  53. DEFINE_LISTP(trusted_child);
    54. 

  54. static LISTP_TYPE(trusted_child) trusted_children = LISTP_INIT;
    55. 

  55. static struct spinlock trusted_children_lock = LOCK_INIT;
    56. 

  56. 

  57. int register_trusted_child(const char * uri, const char * mrenclave_str)
    58. 

  58. {
    59. 

  59.     struct trusted_child * tc = NULL, * new;
    60. 

  60.     int uri_len = strlen(uri);
    61. 

  61. 

  62.     _DkSpinLock(&trusted_children_lock);
    63. 

  63. 

  64.     LISTP_FOR_EACH_ENTRY(tc, &trusted_children, list) {
    65. 

  65.         if (!memcmp(tc->uri, uri, uri_len + 1)) {
    66. 

  66.             _DkSpinUnlock(&trusted_children_lock);
    67. 

  67.             return 0;
    68. 

  68.         }
    69. 

  69.     }
    70. 

  70.     _DkSpinUnlock(&trusted_children_lock);
    71. 

  71. 

  72.     new = malloc(sizeof(struct trusted_child) + uri_len);
    73. 

  73.     if (!new)
    74. 

  74.         return -PAL_ERROR_NOMEM;
    75. 

  75. 

  76.     INIT_LIST_HEAD(new, list);
    77. 

  77.     memcpy(new->uri, uri, uri_len + 1);
    78. 

  78. 

  79.     char mrenclave_text[sizeof(sgx_arch_hash_t) * 2 + 1] = "\0";
    80. 

  80.     size_t nbytes = 0;
    81. 

  81.     for (; nbytes < sizeof(sgx_arch_hash_t) ; nbytes++) {
    82. 

  82.         char byte1 = mrenclave_str[nbytes * 2];
    83. 

  83.         char byte2 = mrenclave_str[nbytes * 2 + 1];
    84. 

  84.         unsigned char val = 0;
    85. 

  85. 

  86.         if (byte1 == 0 || byte2 == 0) {
    87. 

  87.             break;
    88. 

  88.         }
    89. 

  89.         if (!(byte1 >= '0' && byte1 <= '9') &&
    90. 

  90.             !(byte1 >= 'a' && byte1 <= 'f')) {
    91. 

  91.             break;
    92. 

  92.         }
    93. 

  93.         if (!(byte2 >= '0' && byte2 <= '9') &&
    94. 

  94.             !(byte2 >= 'a' && byte2 <= 'f')) {
    95. 

  95.             break;
    96. 

  96.         }
    97. 

  97. 

  98.         if (byte1 >= '0' && byte1 <= '9')
    99. 

  99.             val = byte1 - '0';
    100. 

  100.         if (byte1 >= 'a' && byte1 <= 'f')
    101. 

  101.             val = byte1 - 'a' + 10;
    102. 

  102.         val *= 16;
    103. 

  103.         if (byte2 >= '0' && byte2 <= '9')
    104. 

  104.             val += byte2 - '0';
    105. 

  105.         if (byte2 >= 'a' && byte2 <= 'f')
    106. 

  106.             val += byte2 - 'a' + 10;
    107. 

  107. 

  108.         new->mrenclave[nbytes] = val;
    109. 

  109.         snprintf(mrenclave_text + nbytes * 2, 3, "%02x", val);
    110. 

  110.     }
    111. 

  111. 

  112.     if (nbytes < sizeof(sgx_arch_hash_t)) {
    113. 

  113.         free(new);
    114. 

  114.         return -PAL_ERROR_INVAL;
    115. 

  115.     }
    116. 

  116. 

  117.     SGX_DBG(DBG_S, "trusted: %s %s\n", mrenclave_text, new->uri);
    118. 

  118. 

  119.     _DkSpinLock(&trusted_children_lock);
    120. 

  120. 

  121.     LISTP_FOR_EACH_ENTRY(tc, &trusted_children, list) {
    122. 

  122.         if (!memcmp(tc->uri, uri, uri_len + 1)) {
    123. 

  123.             _DkSpinUnlock(&trusted_children_lock);
    124. 

  124.             free(new);
    125. 

  125.             return 0;
    126. 

  126.         }
    127. 

  127.     }
    128. 

  128. 

  129.     LISTP_ADD_TAIL(new, &trusted_children, list);
    130. 

  130.     _DkSpinUnlock(&trusted_children_lock);
    131. 

  131.     return 0;
    132. 

  132. }
    133. 

  133. 

  134. struct proc_attestation_data {
    135. 

  135.     sgx_arch_mac_t  keyhash_mac;
    136. 

  136.     uint8_t         reserved[PAL_ATTESTATION_DATA_SIZE - sizeof(sgx_arch_mac_t)];
    137. 

  137. } __attribute__((packed));
    138. 

  138. 

  139. struct check_child_param {
    140. 

  140.     PAL_MAC_KEY     mac_key;
    141. 

  141.     const char *    uri;
    142. 

  142. };
    143. 

  143. 

  144. static int check_child_mrenclave (sgx_arch_hash_t * mrenclave,
    145. 

  145.                                   void * signed_data, void * check_param)
    146. 

  146. {
    147. 

  147.     struct pal_enclave_state * remote_state = signed_data;
    148. 

  148.     struct proc_attestation_data * data = (void *) &remote_state->data;
    149. 

  149. 

  150.     /* the process must be a clean process */
    151. 

  151.     if (remote_state->enclave_flags & PAL_ENCLAVE_INITIALIZED)
    152. 

  152.         return 1;
    153. 

  153. 

  154.     struct check_child_param * param = check_param;
    155. 

  155. 

  156.     /* must make sure the signer of the report is also the owner of the key,
    157. 

  157.        in order to prevent man-in-the-middle attack */
    158. 

  158.     struct proc_attestation_data check_data;
    159. 

  159.     memset(&check_data, 0, sizeof(struct proc_attestation_data));
    160. 

  160. 

  161.     lib_AESCMAC((void *) &param->mac_key, AES_CMAC_KEY_LEN,
    162. 

  162.                 remote_state->enclave_identifier,
    163. 

  163.                 sizeof(remote_state->enclave_identifier),
    164. 

  164.                 check_data.keyhash_mac, sizeof(check_data.keyhash_mac));
    165. 

  165. 

  166.     if (memcmp(data, &check_data, sizeof(struct proc_attestation_data)))
    167. 

  167.         return 1;
    168. 

  168. 

  169.     /* always accept our own as child */
    170. 

  170.     if (!memcmp(mrenclave, pal_sec.mrenclave, sizeof(sgx_arch_hash_t))) {
    171. 

  171.         SGX_DBG(DBG_S, "trusted child: <forked>\n");
    172. 

  172.         return 0;
    173. 

  173.     }
    174. 

  174. 

  175.     struct trusted_child * tc;
    176. 

  176.     _DkSpinLock(&trusted_children_lock);
    177. 

  177. 

  178.     LISTP_FOR_EACH_ENTRY(tc, &trusted_children, list) {
    179. 

  179.         if (!memcmp(mrenclave, tc->mrenclave, sizeof(sgx_arch_hash_t))) {
    180. 

  180.             _DkSpinUnlock(&trusted_children_lock);
    181. 

  181.             SGX_DBG(DBG_S, "trusted child: %s\n", tc->uri);
    182. 

  182.             return 0;
    183. 

  183.         }
    184. 

  184.     }
    185. 

  185. 

  186.     _DkSpinUnlock(&trusted_children_lock);
    187. 

  187.     return 1;
    188. 

  188. }
    189. 

  189. 

  190. int _DkProcessCreate (PAL_HANDLE * handle, const char * uri, const char ** args)
    191. 

  191. {
    192. 

  192.     /* only access creating process with regular file */
    193. 

  193.     if (!strpartcmp_static(uri, "file:"))
    194. 

  194.         return -PAL_ERROR_INVAL;
    195. 

  195. 

  196.     unsigned int child_pid;
    197. 

  197.     int proc_fds[3];
    198. 

  198.     int nargs = 0, ret;
    199. 

  199. 

  200.     if (args)
    201. 

  201.         for (const char ** a = args ; *a ; a++)
    202. 

  202.             nargs++;
    203. 

  203. 

  204.     ret = ocall_create_process(uri, nargs, args,
    205. 

  205.                                proc_fds,
    206. 

  206.                                &child_pid);
    207. 

  207.     if (IS_ERR(ret))
    208. 

  208.         return unix_to_pal_error(ERRNO(ret));
    209. 

  209. 

  210.     PAL_HANDLE proc = malloc(HANDLE_SIZE(process));
    211. 

  211.     SET_HANDLE_TYPE(proc, process);
    212. 

  212.     HANDLE_HDR(proc)->flags |= RFD(0)|WFD(1)|RFD(2)|WFD(2)|WRITABLE(1)|WRITABLE(2);
    213. 

  213.     proc->process.stream_in  = proc_fds[0];
    214. 

  214.     proc->process.stream_out = proc_fds[1];
    215. 

  215.     proc->process.cargo      = proc_fds[2];
    216. 

  216.     proc->process.pid = child_pid;
    217. 

  217.     proc->process.nonblocking = PAL_FALSE;
    218. 

  218. 

  219.     PAL_SESSION_KEY session_key;
    220. 

  220.     ret = _DkStreamKeyExchange(proc, &session_key);
    221. 

  221.     if (ret < 0)
    222. 

  222.         return ret;
    223. 

  223. 

  224.     struct check_child_param param;
    225. 

  225.     session_key_to_mac_key(&session_key, &param.mac_key);
    226. 

  226.     param.uri = uri;
    227. 

  227. 

  228.     struct proc_attestation_data data;
    229. 

  229.     memset(&data, 0, sizeof(struct proc_attestation_data));
    230. 

  230. 

  231.     lib_AESCMAC((void *) &param.mac_key, AES_CMAC_KEY_LEN,
    232. 

  232.                 pal_enclave_state.enclave_identifier,
    233. 

  233.                 sizeof(pal_enclave_state.enclave_identifier),
    234. 

  234.                 data.keyhash_mac, sizeof(data.keyhash_mac));
    235. 

  235. 

  236.     SGX_DBG(DBG_P|DBG_S, "Attestation data: %s\n",
    237. 

  237.             ALLOCA_BYTES2HEXSTR(data.keyhash_mac));
    238. 

  238. 

  239.     ret = _DkStreamAttestationRequest(proc, &data,
    240. 

  240.                                       &check_child_mrenclave, &param);
    241. 

  241.     if (ret < 0)
    242. 

  242.         return ret;
    243. 

  243. 

  244.     *handle = proc;
    245. 

  245.     return 0;
    246. 

  246. }
    247. 

  247. 

  248. struct check_parent_param {
    249. 

  249.     PAL_MAC_KEY     mac_key;
    250. 

  250. };
    251. 

  251. 

  252. static int check_parent_mrenclave (sgx_arch_hash_t * mrenclave,
    253. 

  253.                                    void * signed_data, void * check_param)
    254. 

  254. {
    255. 

  255.     __UNUSED(mrenclave);
    256. 

  256. 

  257.     struct pal_enclave_state * remote_state = signed_data;
    258. 

  258.     struct proc_attestation_param * data = (void *) &remote_state->data;
    259. 

  259. 

  260.     struct check_parent_param * param = check_param;
    261. 

  261. 

  262.     /* must make sure the signer of the report is also the owner of the key,
    263. 

  263.        in order to prevent man-in-the-middle attack */
    264. 

  264.     struct proc_attestation_data check_data;
    265. 

  265.     memset(&check_data, 0, sizeof(struct proc_attestation_data));
    266. 

  266. 

  267.     lib_AESCMAC((void *) &param->mac_key, AES_CMAC_KEY_LEN,
    268. 

  268.                 remote_state->enclave_identifier,
    269. 

  269.                 sizeof(remote_state->enclave_identifier),
    270. 

  270.                 check_data.keyhash_mac, sizeof(check_data.keyhash_mac));
    271. 

  271. 

  272.     if (memcmp(data, &check_data, sizeof(struct proc_attestation_data)))
    273. 

  273.         return 1;
    274. 

  274. 

  275.     /* for now, we will accept any enclave as a parent, but eventually
    276. 

  276.        we should check parent, maybe using crypto challenge */
    277. 

  277.     return 0;
    278. 

  278. }
    279. 

  279. 

  280. int init_child_process (PAL_HANDLE * parent_handle)
    281. 

  281. {
    282. 

  282.     PAL_HANDLE parent = malloc(HANDLE_SIZE(process));
    283. 

  283.     SET_HANDLE_TYPE(parent, process);
    284. 

  284.     HANDLE_HDR(parent)->flags |= RFD(0)|WFD(1)|RFD(2)|WFD(2)|WRITABLE(1)|WRITABLE(2);
    285. 

  285. 

  286.     parent->process.stream_in  = pal_sec.proc_fds[0];
    287. 

  287.     parent->process.stream_out = pal_sec.proc_fds[1];
    288. 

  288.     parent->process.cargo      = pal_sec.proc_fds[2];
    289. 

  289.     parent->process.pid        = pal_sec.ppid;
    290. 

  290.     parent->process.nonblocking = PAL_FALSE;
    291. 

  291. 

  292.     PAL_SESSION_KEY session_key;
    293. 

  293.     int ret = _DkStreamKeyExchange(parent, &session_key);
    294. 

  294.     if (ret < 0)
    295. 

  295.         return ret;
    296. 

  296. 

  297.     struct check_parent_param param;
    298. 

  298.     session_key_to_mac_key(&session_key, &param.mac_key);
    299. 

  299. 

  300.     struct proc_attestation_data data;
    301. 

  301.     memset(&data, 0, sizeof(struct proc_attestation_data));
    302. 

  302. 

  303.     lib_AESCMAC((void *) &param.mac_key, AES_CMAC_KEY_LEN,
    304. 

  304.                 pal_enclave_state.enclave_identifier,
    305. 

  305.                 sizeof(pal_enclave_state.enclave_identifier),
    306. 

  306.                 data.keyhash_mac, sizeof(data.keyhash_mac));
    307. 

  307. 

  308.     SGX_DBG(DBG_P|DBG_S, "Attestation data: %s\n",
    309. 

  309.             ALLOCA_BYTES2HEXSTR(data.keyhash_mac));
    310. 

  310. 

  311.     ret = _DkStreamAttestationRespond(parent, &data,
    312. 

  312.                                       &check_parent_mrenclave,
    313. 

  313.                                       &param);
    314. 

  314.     if (ret < 0)
    315. 

  315.         return ret;
    316. 

  316. 

  317.     *parent_handle = parent;
    318. 

  318.     return 0;
    319. 

  319. }
    320. 

  320. 

  321. void print_alloced_pages (void);
    322. 

  322. 

  323. noreturn void _DkProcessExit (int exitcode)
    324. 

  324. {
    325. 

  325. #if PRINT_ENCLAVE_STAT
    326. 

  326.     print_alloced_pages();
    327. 

  327. #endif
    328. 

  328.     if (exitcode)
    329. 

  329.         SGX_DBG(DBG_I, "DkProcessExit: Returning exit code %d\n", exitcode);
    330. 

  330.     ocall_exit(exitcode, /*is_exitgroup=*/true);
    331. 

  331.     while (true) {
    332. 

  332.         /* nothing */;
    333. 

  333.     }
    334. 

  334. }
    335. 

  335. 

  336. static int64_t proc_read (PAL_HANDLE handle, uint64_t offset, uint64_t count,
    337. 

  337.                           void * buffer)
    338. 

  338. {
    339. 

  339.     if (offset)
    340. 

  340.         return -PAL_ERROR_INVAL;
    341. 

  341. 

  342.     if (count >= (1ULL << (sizeof(unsigned int) * 8)))
    343. 

  343.         return -PAL_ERROR_INVAL;
    344. 

  344. 

  345.     int bytes = ocall_read(handle->process.stream_in, buffer, count);
    346. 

  346.     return IS_ERR(bytes) ? unix_to_pal_error(ERRNO(bytes)) : bytes;
    347. 

  347. }
    348. 

  348. 

  349. static int64_t proc_write (PAL_HANDLE handle, uint64_t offset, uint64_t count,
    350. 

  350.                            const void * buffer)
    351. 

  351. {
    352. 

  352.     if (offset)
    353. 

  353.         return -PAL_ERROR_INVAL;
    354. 

  354. 

  355.     if (count >= (1ULL << (sizeof(unsigned int) * 8)))
    356. 

  356.         return -PAL_ERROR_INVAL;
    357. 

  357. 

  358.     int bytes = ocall_write(handle->process.stream_out, buffer, count);
    359. 

  359. 

  360.     if (IS_ERR(bytes)) {
    361. 

  361.         bytes = unix_to_pal_error(ERRNO(bytes));
    362. 

  362.         if (bytes == -PAL_ERROR_TRYAGAIN)
    363. 

  363.             HANDLE_HDR(handle)->flags &= ~WRITABLE(1);
    364. 

  364.         return bytes;
    365. 

  365.     }
    366. 

  366. 

  367.     if ((uint64_t)bytes == count)
    368. 

  368.         HANDLE_HDR(handle)->flags |= WRITABLE(1);
    369. 

  369.     else
    370. 

  370.         HANDLE_HDR(handle)->flags &= ~WRITABLE(1);
    371. 

  371. 

  372.     return bytes;
    373. 

  373. }
    374. 

  374. 

  375. static int proc_close (PAL_HANDLE handle)
    376. 

  376. {
    377. 

  377.     if (handle->process.stream_in != PAL_IDX_POISON) {
    378. 

  378.         ocall_close(handle->process.stream_in);
    379. 

  379.         handle->process.stream_in = PAL_IDX_POISON;
    380. 

  380.     }
    381. 

  381. 

  382.     if (handle->process.stream_out != PAL_IDX_POISON) {
    383. 

  383.         ocall_close(handle->process.stream_out);
    384. 

  384.         handle->process.stream_out = PAL_IDX_POISON;
    385. 

  385.     }
    386. 

  386. 

  387.     if (handle->process.cargo != PAL_IDX_POISON) {
    388. 

  388.         ocall_close(handle->process.cargo);
    389. 

  389.         handle->process.cargo = PAL_IDX_POISON;
    390. 

  390.     }
    391. 

  391. 

  392.     return 0;
    393. 

  393. }
    394. 

  394. 

  395. static int proc_delete (PAL_HANDLE handle, int access)
    396. 

  396. {
    397. 

  397.     int shutdown;
    398. 

  398.     switch (access) {
    399. 

  399.         case 0:
    400. 

  400.             shutdown = SHUT_RDWR;
    401. 

  401.             break;
    402. 

  402.         case PAL_DELETE_RD:
    403. 

  403.             shutdown = SHUT_RD;
    404. 

  404.             break;
    405. 

  405.         case PAL_DELETE_WR:
    406. 

  406.             shutdown = SHUT_WR;
    407. 

  407.             break;
    408. 

  408.         default:
    409. 

  409.             return -PAL_ERROR_INVAL;
    410. 

  410.     }
    411. 

  411. 

  412.     if (access != PAL_DELETE_WR &&
    413. 

  413.         handle->process.stream_in != PAL_IDX_POISON) {
    414. 

  414.         ocall_close(handle->process.stream_in);
    415. 

  415.         handle->process.stream_in = PAL_IDX_POISON;
    416. 

  416.     }
    417. 

  417. 

  418.     if (access != PAL_DELETE_RD &&
    419. 

  419.         handle->process.stream_out != PAL_IDX_POISON) {
    420. 

  420.         ocall_close(handle->process.stream_out);
    421. 

  421.         handle->process.stream_out = PAL_IDX_POISON;
    422. 

  422.     }
    423. 

  423. 

  424.     if (handle->process.cargo != PAL_IDX_POISON)
    425. 

  425.         ocall_sock_shutdown(handle->process.cargo, shutdown);
    426. 

  426. 

  427.     return 0;
    428. 

  428. }
    429. 

  429. 

  430. static int proc_attrquerybyhdl (PAL_HANDLE handle, PAL_STREAM_ATTR * attr)
    431. 

  431. {
    432. 

  432.     if (handle->process.stream_in == PAL_IDX_POISON)
    433. 

  433.         return -PAL_ERROR_BADHANDLE;
    434. 

  434. 

  435.     int ret = ocall_fionread(handle->process.stream_in);
    436. 

  436.     if (IS_ERR(ret))
    437. 

  437.         return unix_to_pal_error(ERRNO(ret));
    438. 

  438. 

  439.     memset(attr, 0, sizeof(PAL_STREAM_ATTR));
    440. 

  440.     attr->pending_size = ret;
    441. 

  441.     attr->disconnected = HANDLE_HDR(handle)->flags & (ERROR(0)|ERROR(1));
    442. 

  442.     attr->readable = (attr->pending_size > 0);
    443. 

  443.     attr->writable = HANDLE_HDR(handle)->flags & WRITABLE(1);
    444. 

  444.     attr->nonblocking = handle->process.nonblocking;
    445. 

  445.     return 0;
    446. 

  446. }
    447. 

  447. 

  448. static int proc_attrsetbyhdl (PAL_HANDLE handle, PAL_STREAM_ATTR * attr)
    449. 

  449. {
    450. 

  450.     if (handle->process.stream_in == PAL_IDX_POISON)
    451. 

  451.         return -PAL_ERROR_BADHANDLE;
    452. 

  452. 

  453.     if (attr->nonblocking != handle->process.nonblocking) {
    454. 

  454.         int ret = ocall_fsetnonblock(handle->process.stream_in,
    455. 

  455.                                      handle->process.nonblocking);
    456. 

  456.         if (IS_ERR(ret))
    457. 

  457.             return unix_to_pal_error(ERRNO(ret));
    458. 

  458. 

  459.         handle->process.nonblocking = attr->nonblocking;
    460. 

  460.     }
    461. 

  461. 

  462.     return 0;
    463. 

  463. }
    464. 

  464. 

  465. struct handle_ops proc_ops = {
    466. 

  466.         .read           = &proc_read,
    467. 

  467.         .write          = &proc_write,
    468. 

  468.         .close          = &proc_close,
    469. 

  469.         .delete         = &proc_delete,
    470. 

  470.         .attrquerybyhdl = &proc_attrquerybyhdl,
    471. 

  471.         .attrsetbyhdl   = &proc_attrsetbyhdl,
    472. 

  472.     };
    473.