Vertaa committeja
3 Commitit
88995d214d
...
2dc61828f1
Tekijä | SHA1 | Päivämäärä | |
---|---|---|---|
2dc61828f1 | |||
cdc265cedf | |||
91858efa51 |
@ -127,8 +127,11 @@ int main(void)
|
||||
We execute "cat()". The first call succeeds. In the second, we get an exception, because
|
||||
the subprocess "cat()" was launched in violated the policy (missing "rpath" vow).
|
||||
|
||||
Naturally, there is a performance overhead. Certain challenges such pass-by-reference
|
||||
are yet to be solved.
|
||||
Naturally, there is a performance overhead. Certain challenges remain, such as the fact
|
||||
that being executed in a subprocess, we operate on copies, so handling references
|
||||
is not something that has been given much thought. There is also the fact
|
||||
that clone()ing from threads opens a can of worms. Hence, exile_launch()
|
||||
is best avoided in multi-threaded contexts.
|
||||
|
||||
## Status
|
||||
No release yet, experimental, API is unstable, builds will break on updates of this library.
|
||||
|
2
exile.c
2
exile.c
@ -274,10 +274,12 @@ static struct syscall_vow_map exile_vow_map[] =
|
||||
{EXILE_SYS(sched_getattr), EXILE_SYSCALL_VOW_SCHED},
|
||||
{EXILE_SYS(renameat2), EXILE_SYSCALL_VOW_CPATH},
|
||||
{EXILE_SYS(getrandom), EXILE_SYSCALL_VOW_STDIO},
|
||||
{EXILE_SYS(memfd_create), EXILE_SYSCALL_VOW_STDIO},
|
||||
{EXILE_SYS(execveat), EXILE_SYSCALL_VOW_EXEC},
|
||||
{EXILE_SYS(mlock2), EXILE_SYSCALL_VOW_STDIO},
|
||||
{EXILE_SYS(copy_file_range), EXILE_SYSCALL_VOW_STDIO},
|
||||
{EXILE_SYS(statx), EXILE_SYSCALL_VOW_RPATH},
|
||||
{EXILE_SYS(rseq), EXILE_SYSCALL_VOW_THREAD},
|
||||
{EXILE_SYS(clone3), EXILE_SYSCALL_VOW_CLONE},
|
||||
{EXILE_SYS(close_range), EXILE_SYSCALL_VOW_STDIO},
|
||||
{EXILE_SYS(openat2), EXILE_SYSCALL_VOW_RPATH|EXILE_SYSCALL_VOW_WPATH},
|
||||
|
@ -119,7 +119,7 @@ inline int do_clone(int (*clonefn)(void *), void *launcharg)
|
||||
}
|
||||
|
||||
template<typename T, typename U, typename ... Args>
|
||||
typename std::enable_if_t<std::is_trivially_copyable_v<T>, T> exile_launch(struct exile_policy *policy, U fn, Args && ... args)
|
||||
typename std::enable_if_t<std::is_trivially_copyable_v<T> && !std::is_pointer_v<T>, T> exile_launch(struct exile_policy *policy, U fn, Args && ... args)
|
||||
{
|
||||
size_t mapsize = sizeof(T);
|
||||
T * sharedbuf = (T *) mmap(NULL, mapsize , PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANON, -1, 0);
|
||||
@ -145,7 +145,7 @@ typename std::enable_if_t<std::is_trivially_copyable_v<T>, T> exile_launch(struc
|
||||
|
||||
|
||||
template<typename T, typename U, typename ... Args>
|
||||
typename std::enable_if_t<!std::is_trivially_copyable_v<T> && std::is_copy_constructible_v<T>, T>
|
||||
typename std::enable_if_t<std::is_pointer_v<T> || (!std::is_trivially_copyable_v<T> && std::is_copy_constructible_v<T>), T>
|
||||
exile_launch(struct exile_policy *policy, const std::function<size_t (const T &, char *, size_t)> &serializer, const std::function<T(const char *, size_t)> &deserializer, U fn, Args && ... args)
|
||||
{
|
||||
size_t mapsize = EXILE_MMAP_SIZE;
|
||||
|
Ladataan…
Viittaa uudesa ongelmassa
Block a user