Home Explore Help
Sign In
miti
/
graphene
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 84f81d8f13
Branches Tags
graphene
/
Pal
/
src
/
host
/
Linux
/
db_process.c

db_process.c 18 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648 
  1. /* -*- mode:c; c-file-style:"k&r"; c-basic-offset: 4; tab-width:4; indent-tabs-mode:nil; mode:auto-fill; fill-column:78; -*- */
    2. 

  2. /* vim: set ts=4 sw=4 et tw=78 fo=cqt wm=0: */
    3. 

  3. 

  4. /* Copyright (C) 2014 Stony Brook University
    5. 

  5.    This file is part of Graphene Library OS.
    6. 

  6. 

  7.    Graphene Library OS is free software: you can redistribute it and/or
    8. 

  8.    modify it under the terms of the GNU Lesser General Public License
    9. 

  9.    as published by the Free Software Foundation, either version 3 of the
    10. 

  10.    License, or (at your option) any later version.
    11. 

  11. 

  12.    Graphene Library OS is distributed in the hope that it will be useful,
    13. 

  13.    but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.    GNU Lesser General Public License for more details.
    16. 

  16. 

  17.    You should have received a copy of the GNU Lesser General Public License
    18. 

  18.    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
    19. 

  19. 

  20. /*
    21. 

  21.  * db_process.c
    22. 

  22.  *
    23. 

  23.  * This source file contains functions to create a child process and terminate
    24. 

  24.  * the running process. Child does not inherit any objects or memory from its
    25. 

  25.  * parent pricess. A Parent process may not modify the execution of its
    26. 

  26.  * children. It can wait for a child to exit using its handle. Also, parent and
    27. 

  27.  * child may communicate through I/O streams provided by the parent to the child
    28. 

  28.  * at creation.
    29. 

  29.  */
    30. 

  30. 

  31. #include "pal_defs.h"
    32. 

  32. #include "pal_linux_defs.h"
    33. 

  33. #include "pal.h"
    34. 

  34. #include "pal_internal.h"
    35. 

  35. #include "pal_linux.h"
    36. 

  36. #include "pal_debug.h"
    37. 

  37. #include "pal_error.h"
    38. 

  38. #include "pal_security.h"
    39. 

  39. #include "graphene.h"
    40. 

  40. #include "graphene-ipc.h"
    41. 

  41. #include "api.h"
    42. 

  42. 

  43. #include <linux/sched.h>
    44. 

  44. #include <linux/types.h>
    45. 

  45. typedef __kernel_pid_t pid_t;
    46. 

  46. #include <asm/fcntl.h>
    47. 

  47. #include <sys/socket.h>
    48. 

  48. #include <asm/errno.h>
    49. 

  49. 

  50. #ifndef SEEK_SET
    51. 

  51. # define SEEK_SET 0
    52. 

  52. #endif
    53. 

  53. 

  54. static inline int create_process_handle (PAL_HANDLE * parent,
    55. 

  55.                                          PAL_HANDLE * child)
    56. 

  56. {
    57. 

  57.     PAL_HANDLE phdl = NULL, chdl = NULL;
    58. 

  58.     int fds[6] = { -1, -1, -1, -1, -1, -1 };
    59. 

  59.     int ret;
    60. 

  60. 

  61.     if (IS_ERR((ret = INLINE_SYSCALL(pipe2, 2, &fds[0], O_CLOEXEC))) ||
    62. 

  62.         IS_ERR((ret = INLINE_SYSCALL(pipe2, 2, &fds[2], O_CLOEXEC))) ||
    63. 

  63.         IS_ERR((ret = INLINE_SYSCALL(socketpair, 4, AF_UNIX,
    64. 

  64.                                      SOCK_STREAM|SOCK_CLOEXEC,
    65. 

  65.                                      0, &fds[4])))) {
    66. 

  66.         ret = -PAL_ERROR_DENIED;
    67. 

  67.         goto out;
    68. 

  68.     }
    69. 

  69. 

  70.     int proc_fds[2][3] = {
    71. 

  71.         { fds[0], fds[3], fds[4] },
    72. 

  72.         { fds[2], fds[1], fds[5] },
    73. 

  73.     };
    74. 

  74. 

  75.     phdl = malloc(HANDLE_SIZE(process));
    76. 

  76.     if (!phdl) {
    77. 

  77.         ret = -PAL_ERROR_NOMEM;
    78. 

  78.         goto out;
    79. 

  79.     }
    80. 

  80. 

  81.     SET_HANDLE_TYPE(phdl, process);
    82. 

  82.     HANDLE_HDR(phdl)->flags |= RFD(0)|WFD(1)|RFD(2)|WFD(2)|WRITEABLE(1)|WRITEABLE(2);
    83. 

  83.     phdl->process.stream_in   = proc_fds[0][0];
    84. 

  84.     phdl->process.stream_out  = proc_fds[0][1];
    85. 

  85.     phdl->process.cargo       = proc_fds[0][2];
    86. 

  86.     phdl->process.pid         = linux_state.pid;
    87. 

  87.     phdl->process.nonblocking = PAL_FALSE;
    88. 

  88. 

  89.     chdl = malloc(HANDLE_SIZE(process));
    90. 

  90.     if (!chdl) {
    91. 

  91.         ret = -PAL_ERROR_NOMEM;
    92. 

  92.         goto out;
    93. 

  93.     }
    94. 

  94. 

  95.     SET_HANDLE_TYPE(chdl, process);
    96. 

  96.     HANDLE_HDR(chdl)->flags |= RFD(0)|WFD(1)|RFD(2)|WFD(2)|WRITEABLE(1)|WRITEABLE(2);
    97. 

  97.     chdl->process.stream_in   = proc_fds[1][0];
    98. 

  98.     chdl->process.stream_out  = proc_fds[1][1];
    99. 

  99.     chdl->process.cargo       = proc_fds[1][2];
    100. 

  100.     chdl->process.pid         = 0; /* unknown yet */
    101. 

  101.     chdl->process.nonblocking = PAL_FALSE;
    102. 

  102. 

  103.     *parent = phdl;
    104. 

  104.     *child  = chdl;
    105. 

  105.     ret = 0;
    106. 

  106. out:
    107. 

  107.     if (ret < 0) {
    108. 

  108.         if (phdl)
    109. 

  109.             _DkObjectClose(phdl);
    110. 

  110.         if (chdl)
    111. 

  111.             _DkObjectClose(chdl);
    112. 

  112.         for (int i = 0 ; i < 6 ; i++)
    113. 

  113.             if (fds[i] != -1)
    114. 

  114.                 INLINE_SYSCALL(close, 1, fds[i]);
    115. 

  115.     }
    116. 

  116.     return ret;
    117. 

  117. }
    118. 

  118. 

  119. struct proc_param {
    120. 

  120.     PAL_HANDLE parent;
    121. 

  121.     PAL_HANDLE exec;
    122. 

  122.     PAL_HANDLE manifest;
    123. 

  123.     const char ** argv;
    124. 

  124. };
    125. 

  125. 

  126. struct proc_args {
    127. 

  127.     PAL_NUM         parent_process_id;
    128. 

  128.     struct pal_sec  pal_sec;
    129. 

  129. 

  130. #if PROFILING == 1
    131. 

  131.     unsigned long   process_create_time;
    132. 

  132. #endif
    133. 

  133.     unsigned long   memory_quota;
    134. 

  134. 

  135.     unsigned int    parent_data_size;
    136. 

  136.     unsigned int    exec_data_size;
    137. 

  137.     unsigned int    manifest_data_size;
    138. 

  138. };
    139. 

  139. 

  140. static int child_process (void * param)
    141. 

  141. {
    142. 

  142.     struct proc_param * proc_param = param;
    143. 

  143.     int ret;
    144. 

  144. 

  145.     INLINE_SYSCALL(close, 1, PROC_INIT_FD);
    146. 

  146.     ret = INLINE_SYSCALL(dup2, 2, proc_param->parent->process.stream_in,
    147. 

  147.                          PROC_INIT_FD);
    148. 

  148.     if (IS_ERR(ret))
    149. 

  149.         goto failed;
    150. 

  150. 

  151.     if (proc_param->parent)
    152. 

  152.         handle_set_cloexec(proc_param->parent,   false);
    153. 

  153.     if (proc_param->exec)
    154. 

  154.         handle_set_cloexec(proc_param->exec,     false);
    155. 

  155.     if (proc_param->manifest)
    156. 

  156.         handle_set_cloexec(proc_param->manifest, false);
    157. 

  157. 

  158.     INLINE_SYSCALL(execve, 3, PAL_LOADER, proc_param->argv,
    159. 

  159.                    linux_state.environ);
    160. 

  160.     ret = -PAL_ERROR_DENIED;
    161. 

  161. 

  162. failed:
    163. 

  163.     /* fail is it gets here */
    164. 

  164.     return ret;
    165. 

  165. }
    166. 

  166. 

  167. int _DkProcessCreate (PAL_HANDLE * handle,
    168. 

  168.                       const char * uri, int flags, const char ** args)
    169. 

  169. {
    170. 

  170.     PAL_HANDLE exec = NULL;
    171. 

  171.     PAL_HANDLE parent_handle = NULL, child_handle = NULL;
    172. 

  172.     int ret;
    173. 

  173. #if PROFILING == 1
    174. 

  174.     unsigned long before_create = _DkSystemTimeQuery();
    175. 

  175. #endif
    176. 

  176. 

  177.     /* step 1: open uri and check whether it is an executable */
    178. 

  178. 

  179.     if (uri) {
    180. 

  180.         if ((ret = _DkStreamOpen(&exec, uri, PAL_ACCESS_RDONLY, 0, 0, 0)) < 0)
    181. 

  181.             return ret;
    182. 

  182. 

  183.         if (check_elf_object(exec) < 0) {
    184. 

  184.             ret = -PAL_ERROR_INVAL;
    185. 

  185.             goto out;
    186. 

  186.         }
    187. 

  187.     }
    188. 

  188. 

  189.     /* step 2: create parant and child process handle */
    190. 

  190. 

  191.     struct proc_param param;
    192. 

  192.     ret = create_process_handle(&parent_handle, &child_handle);
    193. 

  193.     if (ret < 0)
    194. 

  194.         goto out;
    195. 

  195. 

  196.     param.parent = parent_handle;
    197. 

  197.     param.exec = exec;
    198. 

  198.     param.manifest = pal_state.manifest_handle;
    199. 

  199. 

  200.     /* step 3: compose process parameter */
    201. 

  201. 

  202.     int parent_datasz = 0, exec_datasz = 0, manifest_datasz = 0;
    203. 

  203.     void * parent_data = NULL;
    204. 

  204.     void * exec_data = NULL;
    205. 

  205.     void * manifest_data = NULL;
    206. 

  206. 

  207.     ret = handle_serialize(parent_handle, &parent_data);
    208. 

  208.     if (ret < 0)
    209. 

  209.         goto out;
    210. 

  210.     parent_datasz = ret;
    211. 

  211. 

  212.     if (exec) {
    213. 

  213.         ret = handle_serialize(exec, &exec_data);
    214. 

  214.         if (ret < 0) {
    215. 

  215.             free(parent_data);
    216. 

  216.             goto out;
    217. 

  217.         }
    218. 

  218.         exec_datasz = ret;
    219. 

  219.     }
    220. 

  220. 

  221.     if (pal_state.manifest_handle) {
    222. 

  222.         ret = handle_serialize(pal_state.manifest_handle, &manifest_data);
    223. 

  223.         if (ret < 0) {
    224. 

  224.             free(parent_data);
    225. 

  225.             free(exec_data);
    226. 

  226.             goto out;
    227. 

  227.         }
    228. 

  228.         manifest_datasz = ret;
    229. 

  229.     }
    230. 

  230. 

  231.     unsigned int datasz = parent_datasz + exec_datasz + manifest_datasz;
    232. 

  232.     struct proc_args * proc_args =
    233. 

  233.             __alloca(sizeof(struct proc_args) + datasz);
    234. 

  234. 

  235.     proc_args->parent_process_id = linux_state.parent_process_id;
    236. 

  236.     memcpy(&proc_args->pal_sec, &pal_sec, sizeof(struct pal_sec));
    237. 

  237.     proc_args->pal_sec._dl_debug_state = NULL;
    238. 

  238.     proc_args->pal_sec._r_debug = NULL;
    239. 

  239.     proc_args->memory_quota = linux_state.memory_quota;
    240. 

  240. 

  241.     void * data = (void *) (proc_args + 1);
    242. 

  242. 

  243.     memcpy(data, parent_data, parent_datasz);
    244. 

  244.     data += (proc_args->parent_data_size = parent_datasz);
    245. 

  245.     free(parent_data);
    246. 

  246. 

  247.     if (exec_data) {
    248. 

  248.         memcpy(data, exec_data, exec_datasz);
    249. 

  249.         data += (proc_args->exec_data_size = exec_datasz);
    250. 

  250.         free(exec_data);
    251. 

  251.     } else {
    252. 

  252.         proc_args->exec_data_size = 0;
    253. 

  253.     }
    254. 

  254. 

  255.     if (manifest_data) {
    256. 

  256.         memcpy(data, manifest_data, manifest_datasz);
    257. 

  257.         data += (proc_args->manifest_data_size = manifest_datasz);
    258. 

  258.         free(manifest_data);
    259. 

  259.     } else {
    260. 

  260.         proc_args->manifest_data_size = 0;
    261. 

  261.     }
    262. 

  262. 

  263.     /* step 4: create a child thread which will execve in the future */
    264. 

  264. 

  265.     /* the first arguement must be the PAL */
    266. 

  266.     int argc = 0;
    267. 

  267.     if (args)
    268. 

  268.         for (; args[argc] ; argc++);
    269. 

  269.     param.argv = __alloca(sizeof(const char *) * (argc + 2));
    270. 

  270.     param.argv[0] = PAL_LOADER;
    271. 

  271.     if (args)
    272. 

  272.         memcpy(&param.argv[1], args, sizeof(const char *) * argc);
    273. 

  273.     param.argv[argc + 1] = NULL;
    274. 

  274. 

  275. #if PROFILING == 1
    276. 

  276.     proc_args->process_create_time = before_create;
    277. 

  277. #endif
    278. 

  278. 

  279.     ret = ARCH_VFORK();
    280. 

  280.     int child_ret = 0;
    281. 

  281. 

  282.     if (IS_ERR(ret)) {
    283. 

  283.         ret = -PAL_ERROR_DENIED;
    284. 

  284.         goto out;
    285. 

  285.     }
    286. 

  286. 

  287.     if (!ret) {
    288. 

  288.         child_ret = child_process(&param);
    289. 

  289.         return 0;
    290. 

  290.     }
    291. 

  291. 

  292.     if (child_ret < 0) {
    293. 

  293.         ret = child_ret;
    294. 

  294.         goto out;
    295. 

  295.     }
    296. 

  296. 

  297.     proc_args->pal_sec.process_id = ret;
    298. 

  298.     child_handle->process.pid = ret;
    299. 

  299. 

  300.     /* step 4: send parameters over the process handle */
    301. 

  301. 

  302.     ret = INLINE_SYSCALL(write, 3,
    303. 

  303.                          child_handle->process.stream_out,
    304. 

  304.                          proc_args,
    305. 

  305.                          sizeof(struct proc_args) + datasz);
    306. 

  306. 

  307.     if (IS_ERR(ret) ||
    308. 

  308.         ret < sizeof(struct proc_args) + datasz) {
    309. 

  309.         ret = -PAL_ERROR_DENIED;
    310. 

  310.         goto out;
    311. 

  311.     }
    312. 

  312. 

  313.     *handle = child_handle;
    314. 

  314.     ret = 0;
    315. 

  315. out:
    316. 

  316.     if (parent_handle)
    317. 

  317.         _DkObjectClose(parent_handle);
    318. 

  318.     if (exec)
    319. 

  319.         _DkObjectClose(exec);
    320. 

  320.     if (ret < 0) {
    321. 

  321.         if (child_handle)
    322. 

  322.             _DkObjectClose(child_handle);
    323. 

  323.     }
    324. 

  324.     return ret;
    325. 

  325. }
    326. 

  326. 

  327. void init_child_process (PAL_HANDLE * parent_handle,
    328. 

  328.                          PAL_HANDLE * exec_handle,
    329. 

  329.                          PAL_HANDLE * manifest_handle)
    330. 

  330. {
    331. 

  331.     int ret = 0;
    332. 

  332. 

  333.     /* try to do a very large reading, so it doesn't have to be read for the
    334. 

  334.        second time */
    335. 

  335.     struct proc_args * proc_args = __alloca(sizeof(struct proc_args));
    336. 

  336.     struct proc_args * new_proc_args;
    337. 

  337. 

  338.     int bytes = INLINE_SYSCALL(read, 3, PROC_INIT_FD, proc_args,
    339. 

  339.                                sizeof(*proc_args));
    340. 

  340. 

  341.     if (IS_ERR(bytes)) {
    342. 

  342.         if (ERRNO(bytes) != EBADF)
    343. 

  343.             init_fail(PAL_ERROR_DENIED, "communication fail with parent");
    344. 

  344. 

  345.         /* in the first process */
    346. 

  346.         /* occupy PROC_INIT_FD so no one will use it */
    347. 

  347.         INLINE_SYSCALL(dup2, 2, 0, PROC_INIT_FD);
    348. 

  348.         return;
    349. 

  349.     }
    350. 

  350. 

  351.     /* a child must have parent handle and an executable */
    352. 

  352.     if (!proc_args->parent_data_size)
    353. 

  353.         init_fail(PAL_ERROR_INVAL, "invalid process created");
    354. 

  354. 

  355.     int datasz = proc_args->parent_data_size + proc_args->exec_data_size +
    356. 

  356.                  proc_args->manifest_data_size;
    357. 

  357. 

  358.     if (!datasz)
    359. 

  359.         goto no_data;
    360. 

  360. 

  361.     new_proc_args = __alloca(sizeof(*proc_args) + datasz);
    362. 

  362.     memcpy(new_proc_args, proc_args, sizeof(*proc_args));
    363. 

  363.     proc_args = new_proc_args;
    364. 

  364.     void * data = (void *) (proc_args + 1);
    365. 

  365. 

  366.     bytes = INLINE_SYSCALL(read, 3, PROC_INIT_FD, data, datasz);
    367. 

  367.     if (IS_ERR(bytes))
    368. 

  368.         init_fail(PAL_ERROR_DENIED, "communication fail with parent");
    369. 

  369. 

  370.     /* now deserialize the parent_handle */
    371. 

  371.     PAL_HANDLE parent = NULL;
    372. 

  372.     ret = handle_deserialize(&parent, data, proc_args->parent_data_size);
    373. 

  373.     if (ret < 0)
    374. 

  374.         init_fail(-ret, "cannot deseilaize parent process handle");
    375. 

  375.     data += proc_args->parent_data_size;
    376. 

  376.     *parent_handle = parent;
    377. 

  377. 

  378.     /* occupy PROC_INIT_FD so no one will use it */
    379. 

  379.     INLINE_SYSCALL(dup2, 2, 0, PROC_INIT_FD);
    380. 

  380. 

  381.     /* deserialize the executable handle */
    382. 

  382.     if (proc_args->exec_data_size) {
    383. 

  383.         PAL_HANDLE exec = NULL;
    384. 

  384. 

  385.         ret = handle_deserialize(&exec, data,
    386. 

  386.                                  proc_args->exec_data_size);
    387. 

  387.         if (ret < 0)
    388. 

  388.             init_fail(-ret, "cannot deserialize executable handle");
    389. 

  389. 

  390.         data += proc_args->exec_data_size;
    391. 

  391.         *exec_handle = exec;
    392. 

  392.     }
    393. 

  393. 

  394.     /* deserialize the manifest handle, if there is one */
    395. 

  395.     if (proc_args->manifest_data_size) {
    396. 

  396.         PAL_HANDLE manifest = NULL;
    397. 

  397. 

  398.         ret = handle_deserialize(&manifest, data,
    399. 

  399.                                  proc_args->manifest_data_size);
    400. 

  400.         if (ret < 0)
    401. 

  401.             init_fail(-ret, "cannot deserialize manifest handle");
    402. 

  402. 

  403.         data += proc_args->manifest_data_size;
    404. 

  404.         *manifest_handle = manifest;
    405. 

  405.     }
    406. 

  406. 

  407. no_data:
    408. 

  408.     linux_state.parent_process_id = proc_args->parent_process_id;
    409. 

  409.     linux_state.memory_quota = proc_args->memory_quota;
    410. 

  410. #if PROFILING == 1
    411. 

  411.     pal_state.process_create_time = proc_args->process_create_time;
    412. 

  412. #endif
    413. 

  413.     memcpy(&pal_sec, &proc_args->pal_sec, sizeof(struct pal_sec));
    414. 

  414. }
    415. 

  415. 

  416. void _DkProcessExit (int exitcode)
    417. 

  417. {
    418. 

  418.     INLINE_SYSCALL(exit_group, 1, exitcode);
    419. 

  419. }
    420. 

  420. 

  421. int ioctl_set_graphene (struct config_store * config, int ndefault,
    422. 

  422.                         const struct graphene_user_policy * default_policies);
    423. 

  423. 

  424. static int set_graphene_task (const char * uri, int flags)
    425. 

  425. {
    426. 

  426.     PAL_HANDLE handle = NULL;
    427. 

  427.     int ret;
    428. 

  428. 

  429.     if ((ret = _DkStreamOpen(&handle, uri, PAL_ACCESS_RDONLY, 0, 0, 0)) < 0)
    430. 

  430.         return ret;
    431. 

  431. 

  432.     PAL_STREAM_ATTR attr;
    433. 

  433. 

  434.     if ((ret = _DkStreamAttributesQuerybyHandle(handle, &attr)) < 0)
    435. 

  435.         goto out;
    436. 

  436. 

  437.     void * addr = NULL;
    438. 

  438.     size_t size = attr.pending_size;
    439. 

  439. 

  440.     if ((ret = _DkStreamMap(handle, &addr, PAL_PROT_READ, 0,
    441. 

  441.                             ALLOC_ALIGNUP(size))) < 0)
    442. 

  442.         goto out;
    443. 

  443. 

  444.     struct config_store sandbox_config;
    445. 

  445.     sandbox_config.raw_data = addr;
    446. 

  446.     sandbox_config.raw_size = size;
    447. 

  447.     sandbox_config.malloc = malloc;
    448. 

  448.     sandbox_config.free = free;
    449. 

  449. 

  450.     if ((ret = read_config(&sandbox_config, NULL, NULL)) < 0)
    451. 

  451.         goto out_mem;
    452. 

  452. 

  453.     struct graphene_user_policy policies[5], * p = policies;
    454. 

  454. 

  455.     if (strpartcmp_static(uri, "file:")) {
    456. 

  456.         p->type  = GRAPHENE_FS_PATH | GRAPHENE_FS_READ;
    457. 

  457.         p->value = &uri[5];
    458. 

  458.         p++;
    459. 

  459.     }
    460. 

  460. 

  461.     if (flags & PAL_SANDBOX_PIPE) {
    462. 

  462.         p->type  = GRAPHENE_UNIX_PREFIX;
    463. 

  463.         p->value = &pal_sec.pipe_prefix_id;
    464. 

  464.         p++;
    465. 

  465. 

  466.         p->type  = GRAPHENE_MCAST_PORT;
    467. 

  467.         p->value = &pal_sec.mcast_port;
    468. 

  468.         p++;
    469. 

  469.     }
    470. 

  470. 

  471.     p->type  = GRAPHENE_FS_PATH | GRAPHENE_FS_READ;
    472. 

  472.     p->value = "/proc/meminfo";
    473. 

  473.     p++;
    474. 

  474. 

  475.     ret = ioctl_set_graphene(&sandbox_config, p - policies, policies);
    476. 

  476.     if (ret < 0)
    477. 

  477.         goto out_mem;
    478. 

  478. 

  479.     pal_state.manifest = uri;
    480. 

  480.     _DkObjectClose(pal_state.manifest_handle);
    481. 

  481.     pal_state.manifest_handle = handle;
    482. 

  482. 

  483.     free_config(&sandbox_config);
    484. 

  484. out_mem:
    485. 

  485.     _DkStreamUnmap(sandbox_config.raw_data,
    486. 

  486.                    ALLOC_ALIGNUP(sandbox_config.raw_size));
    487. 

  487. out:
    488. 

  488.     _DkObjectClose(handle);
    489. 

  489.     return ret;
    490. 

  490. }
    491. 

  491. 

  492. int _DkProcessSandboxCreate (const char * manifest, int flags)
    493. 

  493. {
    494. 

  494.     return set_graphene_task(manifest, flags);
    495. 

  495. }
    496. 

  496. 

  497. static int proc_read (PAL_HANDLE handle, int offset, int count,
    498. 

  498.                           void * buffer)
    499. 

  499. {
    500. 

  500.     int bytes = INLINE_SYSCALL(read, 3, handle->process.stream_in, buffer,
    501. 

  501.                                count);
    502. 

  502. 

  503.     if (IS_ERR(bytes))
    504. 

  504.         switch(ERRNO(bytes)) {
    505. 

  505.             case EWOULDBLOCK:
    506. 

  506.                 return-PAL_ERROR_TRYAGAIN;
    507. 

  507.             case EINTR:
    508. 

  508.                 return -PAL_ERROR_INTERRUPTED;
    509. 

  509.             default:
    510. 

  510.                 return -PAL_ERROR_DENIED;
    511. 

  511.         }
    512. 

  512. 

  513.     return bytes;
    514. 

  514. }
    515. 

  515. 

  516. static int proc_write (PAL_HANDLE handle, int offset, int count,
    517. 

  517.                        const void * buffer)
    518. 

  518. {
    519. 

  519.     int bytes = INLINE_SYSCALL(write, 3, handle->process.stream_out, buffer,
    520. 

  520.                                count);
    521. 

  521. 

  522.     if (IS_ERR(bytes))
    523. 

  523.         switch(ERRNO(bytes)) {
    524. 

  524.             case EWOULDBLOCK:
    525. 

  525.                 HANDLE_HDR(handle)->flags &= ~WRITEABLE(1);
    526. 

  526.                 return-PAL_ERROR_TRYAGAIN;
    527. 

  527.             case EINTR:
    528. 

  528.                 return -PAL_ERROR_INTERRUPTED;
    529. 

  529.             default:
    530. 

  530.                 return -PAL_ERROR_DENIED;
    531. 

  531.         }
    532. 

  532. 

  533.     if (bytes == count)
    534. 

  534.         HANDLE_HDR(handle)->flags |= WRITEABLE(1);
    535. 

  535.     else
    536. 

  536.         HANDLE_HDR(handle)->flags &= ~WRITEABLE(1);
    537. 

  537. 

  538.     return bytes;
    539. 

  539. }
    540. 

  540. 

  541. static int proc_close (PAL_HANDLE handle)
    542. 

  542. {
    543. 

  543.     if (handle->process.stream_in != PAL_IDX_POISON) {
    544. 

  544.         INLINE_SYSCALL(close, 1, handle->process.stream_in);
    545. 

  545.         handle->process.stream_in = PAL_IDX_POISON;
    546. 

  546.     }
    547. 

  547. 

  548.     if (handle->process.stream_out != PAL_IDX_POISON) {
    549. 

  549.         INLINE_SYSCALL(close, 1, handle->process.stream_out);
    550. 

  550.         handle->process.stream_out = PAL_IDX_POISON;
    551. 

  551.     }
    552. 

  552. 

  553.     if (handle->process.cargo != PAL_IDX_POISON) {
    554. 

  554.         INLINE_SYSCALL(close, 1, handle->process.cargo);
    555. 

  555.         handle->process.cargo = PAL_IDX_POISON;
    556. 

  556.     }
    557. 

  557. 

  558.     return 0;
    559. 

  559. }
    560. 

  560. 

  561. static int proc_delete (PAL_HANDLE handle, int access)
    562. 

  562. {
    563. 

  563.     int shutdown;
    564. 

  564.     switch (access) {
    565. 

  565.         case 0:
    566. 

  566.             shutdown = SHUT_RDWR;
    567. 

  567.             break;
    568. 

  568.         case PAL_DELETE_RD:
    569. 

  569.             shutdown = SHUT_RD;
    570. 

  570.             break;
    571. 

  571.         case PAL_DELETE_WR:
    572. 

  572.             shutdown = SHUT_WR;
    573. 

  573.             break;
    574. 

  574.         default:
    575. 

  575.             return -PAL_ERROR_INVAL;
    576. 

  576.     }
    577. 

  577. 

  578.     if (access != PAL_DELETE_WR &&
    579. 

  579.         handle->process.stream_in != PAL_IDX_POISON) {
    580. 

  580.         INLINE_SYSCALL(close, 1, handle->process.stream_in);
    581. 

  581.         handle->process.stream_in = PAL_IDX_POISON;
    582. 

  582.     }
    583. 

  583. 

  584.     if (access != PAL_DELETE_RD &&
    585. 

  585.         handle->process.stream_out != PAL_IDX_POISON) {
    586. 

  586.         INLINE_SYSCALL(close, 1, handle->process.stream_out);
    587. 

  587.         handle->process.stream_out = PAL_IDX_POISON;
    588. 

  588.     }
    589. 

  589. 

  590.     if (handle->process.cargo != PAL_IDX_POISON)
    591. 

  591.         INLINE_SYSCALL(shutdown, 2, handle->process.cargo, shutdown);
    592. 

  592. 

  593.     return 0;
    594. 

  594. }
    595. 

  595. 

  596. #ifndef FIONREAD
    597. 

  597. # define FIONREAD 0x541B
    598. 

  598. #endif
    599. 

  599. 

  600. static int proc_attrquerybyhdl (PAL_HANDLE handle, PAL_STREAM_ATTR * attr)
    601. 

  601. {
    602. 

  602.     int ret, val;
    603. 

  603. 

  604.     if (handle->process.stream_in == PAL_IDX_POISON)
    605. 

  605.         return -PAL_ERROR_BADHANDLE;
    606. 

  606. 

  607.     ret = INLINE_SYSCALL(ioctl, 3, handle->process.stream_in, FIONREAD, &val);
    608. 

  608.     if (IS_ERR(ret))
    609. 

  609.         return unix_to_pal_error(ERRNO(ret));
    610. 

  610. 

  611.     attr->handle_type  = pal_type_process;
    612. 

  612.     attr->nonblocking  = handle->process.nonblocking;
    613. 

  613.     attr->disconnected = HANDLE_HDR(handle)->flags & (ERROR(0)|ERROR(1));
    614. 

  614.     attr->readable     = !!val;
    615. 

  615.     attr->writeable    = HANDLE_HDR(handle)->flags & WRITEABLE(1);
    616. 

  616.     attr->runnable     = PAL_FALSE;
    617. 

  617.     attr->pending_size = val;
    618. 

  618. 

  619.     return 0;
    620. 

  620. }
    621. 

  621. 

  622. static int proc_attrsetbyhdl (PAL_HANDLE handle, PAL_STREAM_ATTR * attr)
    623. 

  623. {
    624. 

  624.     if (handle->process.stream_in == PAL_IDX_POISON)
    625. 

  625.         return -PAL_ERROR_BADHANDLE;
    626. 

  626. 

  627.     int ret;
    628. 

  628.     if (attr->nonblocking != handle->process.nonblocking) {
    629. 

  629.         ret = INLINE_SYSCALL(fcntl, 3, handle->process.stream_in, F_SETFL,
    630. 

  630.                              handle->process.nonblocking ? O_NONBLOCK : 0);
    631. 

  631. 

  632.         if (IS_ERR(ret))
    633. 

  633.             return unix_to_pal_error(ERRNO(ret));
    634. 

  634. 

  635.         handle->process.nonblocking = attr->nonblocking;
    636. 

  636.     }
    637. 

  637. 

  638.     return 0;
    639. 

  639. }
    640. 

  640. 

  641. struct handle_ops proc_ops = {
    642. 

  642.         .read           = &proc_read,
    643. 

  643.         .write          = &proc_write,
    644. 

  644.         .close          = &proc_close,
    645. 

  645.         .delete         = &proc_delete,
    646. 

  646.         .attrquerybyhdl = &proc_attrquerybyhdl,
    647. 

  647.         .attrsetbyhdl   = &proc_attrsetbyhdl,
    648. 

  648.     };
    649.