Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Kernel filesystem change #663

Open
wants to merge 36 commits into
base: main
Choose a base branch
from
Open

Kernel filesystem change #663

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
ede4113
Update the rust toolchain to 1.70.
ShaleXIONG Jul 25, 2023
b7eba4c
Update the lolrpop version.
ShaleXIONG Jul 25, 2023
e7de1ee
Update the wasmtime and wasmi version.
ShaleXIONG Jul 25, 2023
e4709b4
Use the kernal file system in wasmtime, and wire into freestanding ex…
ShaleXIONG Aug 22, 2023
49ecc60
Remove the vfs but use the kernel filesystem.
ShaleXIONG Sep 5, 2023
688e02d
update the example to use relative path.
ShaleXIONG Sep 28, 2023
e5b23f8
Rework on the engine and related, use the kernel file system.
ShaleXIONG Oct 2, 2023
e133c37
Update the makefiles for the new engine.
ShaleXIONG Oct 2, 2023
ffdb9a6
Remove appending the root `/` in veracruz client when calling write f…
ShaleXIONG Oct 3, 2023
f1fcfe6
Update the test suite on the engine rework.
ShaleXIONG Oct 3, 2023
fa0e80d
Fix a big in wrong import in freestanding.
ShaleXIONG Oct 3, 2023
02aa1d6
Temporarily comment out the test case for native module.
ShaleXIONG Oct 3, 2023
ec25967
Update all the cargo.toml file.
ShaleXIONG Oct 4, 2023
ade56f7
Rework on the permission check for (remote) clients.
ShaleXIONG Oct 6, 2023
b304a68
Remove dead code and unifies Cargo.toml.
ShaleXIONG Oct 6, 2023
a7aea77
Rework on the native module interface using the linux named pipeline.
ShaleXIONG Nov 1, 2023
b943904
Check the execution permission in the execution engine before running.
ShaleXIONG Nov 1, 2023
04fd9c2
Rework and simplify on the Sandbox for native binary.
ShaleXIONG Nov 24, 2023
67bd9ce
Fix a bug caused by type check of policy.
ShaleXIONG Nov 24, 2023
5a57695
Rework on the generate policy, use derive from clap.
ShaleXIONG Nov 24, 2023
f817133
Add the missing program hash when generating policy.
ShaleXIONG Nov 24, 2023
0e3054e
Update the generate policy script
ShaleXIONG Nov 24, 2023
445ce36
Fix a bug due to whitespace in policy generation.
ShaleXIONG Nov 24, 2023
8e3b2eb
Remove the application code for fd_create, which is no longer used.
ShaleXIONG Nov 27, 2023
786af80
Update the machnism to load internal native module by matching name.
ShaleXIONG Nov 28, 2023
0e12d5a
Generate the spec of the native service in the policy.
ShaleXIONG Nov 28, 2023
93913c3
Add the missing `Execution` Trait definition.
ShaleXIONG Nov 28, 2023
3f14c48
Remove an unused mod in execution-engine.
ShaleXIONG Nov 30, 2023
01caffe
Fix the quickstart test in the CI.
ShaleXIONG Dec 4, 2023
31f96a5
Update the shamir example.
ShaleXIONG Dec 4, 2023
8e1ee26
Update Cargo.lock.
ShaleXIONG Dec 8, 2023
7f66daf
TEST minor
ShaleXIONG Dec 7, 2023
258dc1f
Fix the directory mapping in Sandbox.
ShaleXIONG Jan 29, 2024
854c975
fix a merge mistake
ShaleXIONG Apr 2, 2024
dbea580
update cargo.lock
ShaleXIONG Apr 3, 2024
f825222
update the CI script.
ShaleXIONG Apr 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Rework on the engine and related, use the kernel file system. 
- Update the wasmtime to the newer version, that provide infra for WASI.
  such infrastructure assumes and uses the underline POSIX.
- Remove WASMI since there is no need.
- Rework on how to specify the permission in policy file, using the
  access control "rwx" now.
  • Loading branch information
@ShaleXIONG
ShaleXIONG committed Apr 5, 2024
commit e5b23f8fa0b42eca6d77c223a1a10ae1fefa72b0
228 changes: 1 addition & 227 deletions crates/execution-engine/src/engines/common.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,234 +16,8 @@
//! See the `LICENSE.md` file in the Veracruz root directory for
//! information on licensing and copyright.

#![allow(non_camel_case_types, clippy::too_many_arguments)]

use anyhow::Result;
use err_derive::Error;
use serde::{Deserialize, Serialize};
use std::{
string::String, vec::Vec,
};
use strum_macros::{EnumString, IntoStaticStr};

////////////////////////////////////////////////////////////////////////////////
// Common constants.
////////////////////////////////////////////////////////////////////////////////

/// List of WASI API function names.
/// These can be converted between primitive numbers and enum values via
/// `primitive` derive macros, and between lowercase string and enum values via
/// `strum`.
#[derive(
IntoStaticStr,
EnumString,
Debug,
PartialEq,
Clone,
FromPrimitive,
ToPrimitive,
Serialize,
Deserialize,
Copy,
)]
#[strum(serialize_all = "lowercase")]
pub enum WasiAPIName {
ARGS_GET = 1,
ARGS_SIZES_GET,
ENVIRON_GET,
ENVIRON_SIZES_GET,
CLOCK_RES_GET,
CLOCK_TIME_GET,
FD_ADVISE,
FD_ALLOCATE,
FD_CLOSE,
FD_DATASYNC,
FD_FDSTAT_GET,
FD_FDSTAT_SET_FLAGS,
FD_FDSTAT_SET_RIGHTS,
FD_FILESTAT_GET,
FD_FILESTAT_SET_SIZE,
FD_FILESTAT_SET_TIMES,
FD_PREAD,
FD_PRESTAT_GET,
FD_PRESTAT_DIR_NAME,
FD_PWRITE,
FD_READ,
FD_READDIR,
FD_RENUMBER,
FD_SEEK,
FD_SYNC,
FD_TELL,
FD_WRITE,
PATH_CREATE_DIRECTORY,
PATH_FILESTAT_GET,
PATH_FILESTAT_SET_TIMES,
PATH_LINK,
PATH_OPEN,
PATH_READLINK,
PATH_REMOVE_DIRECTORY,
PATH_RENAME,
PATH_SYMLINK,
PATH_UNLINK_FILE,
POLL_ONEOFF,
PROC_EXIT,
PROC_RAISE,
SCHED_YIELD,
RANDOM_GET,
SOCK_RECV,
SOCK_SEND,
SOCK_SHUTDOWN,
#[strum(disabled)]
_LAST,
}

/// List of Veracruz API function names.
#[derive(
IntoStaticStr,
EnumString,
Debug,
PartialEq,
Clone,
FromPrimitive,
ToPrimitive,
Serialize,
Deserialize,
Copy,
)]
#[strum(serialize_all = "lowercase")]
pub enum VeracruzAPIName {
FD_CREATE,
}

////////////////////////////////////////////////////////////////////////////////
// Miscellanea that doesn't fit elsewhere.
////////////////////////////////////////////////////////////////////////////////

////////////////////////////////////////////////////////////////////////////////
// The host runtime state.
////////////////////////////////////////////////////////////////////////////////

/// A wrapper on VFS for WASI, which provides common API used by wasm execution
/// engine.
#[derive(Clone)]
pub struct WasiWrapper {
///// The synthetic filesystem associated with this machine.
/////
///// Note: Veracruz runtime should hold the root `FileSystem` handler.
///// The `FileSystem` handler here should be a non-root handler spawned
///// from the root one. Both the Veracruz runtime and this
///// `WasiWrapper` can update, i.e. mutate, the file system internal
///// state, if their local `FileSystem` handlers have the appropriate
///// capabilities.
///// ---------------------------
///// Runtime | WasiWrapper
///// FileSystem(handler)| FileSystem(handler)
///// v | v
///// ---------------------------
///// | ^ ^ |
///// | Internal |
///// ----------------
//filesystem: FileSystem,
///// The environment variables currently set, and their bindings.
//environment_variables: Vec<(String, String)>,
///// The program arguments of the executable being executed.
//program_arguments: Vec<String>,
///// The exit code returned by the last executing program.
//exit_code: Option<u32>,
///// Whether clock functions (`clock_getres()`, `clock_gettime()`) should be
///// enabled.
//pub(crate) enable_clock: bool,
///// Whether strace is enabled.
//pub(crate) enable_strace: bool,
}


////////////////////////////////////////////////////////////////////////////////
// Fatal execution errors/runtime panics.
////////////////////////////////////////////////////////////////////////////////

/// A fatal, runtime error that terminates the Veracruz execution immediately.
/// This is akin to a "kernel panic" for Veracruz: these errors are not passed
/// to the WASM program running on the platform, but are instead fundamental
/// issues that require immediate shutdown as they cannot be fixed.
///
/// *NOTE*: care should be taken when presenting these errors to users when in
/// release (e.g. not in debug) mode: they can give away a lot of information
/// about what is going on inside the enclave.
#[derive(Debug, Error, Serialize, Deserialize)]
pub enum FatalEngineError {
/// The WASM module supplied by the program supplier was invalid and could
/// not be parsed.
#[error(display = "FatalEngineError: Invalid WASM program (e.g. failed to parse it).")]
InvalidWASMModule,
/// The Veracruz engine was passed bad arguments by the WASM program running
/// on the platform. This should never happen if the WASM program uses
/// `libveracruz` as the platform should ensure H-Calls are always
/// well-formed. Seeing this either indicates a bug in `libveracruz` or a
/// programming error in the source that originated the WASM programming if
/// `libveracruz` was not used.
#[error(
display = "FatalEngineError: Bad arguments passed to host function '{:?}'.",
function_name
)]
BadArgumentsToHostFunction {
/// The name of the host function that was being invoked.
function_name: WasiAPIName,
},
/// The WASM program tried to invoke an unknown H-call on the Veracruz engine.
#[error(display = "FatalEngineError: Unknown Host call invoked: '{:?}'.", _0)]
UnknownHostFunction(HostFunctionIndexOrName),
/// No linear memory was registered: this is a programming error (a bug)
/// that should be fixed.
#[error(display = "FatalEngineError: No WASM memory registered.")]
NoMemoryRegistered,
/// No program module was registered: this is a programming error (a bug)
/// that should be fixed.
#[error(display = "FatalEngineError: No WASM program module registered.")]
NoProgramModuleRegistered,
/// The WASM program's entry point was missing or malformed.
#[error(display = "FatalEngineError: Failed to find the entry point in the WASM program.")]
NoProgramEntryPoint,
/// The WASM program's entry point was missing or malformed.
#[error(display = "FatalEngineError: Execution engine is not ready.")]
EngineIsNotReady,
/// Wrapper for direct error message.
#[error(display = "FatalEngineError: WASM program returns code other than wasi ErrNo.")]
ReturnedCodeError,
/// The lock to engine could not be obtained.
#[error(
display = "FatalEngineError: Failed to obtain lock on the engine or components of the engine."
)]
FailedLockEngine,
/// The lock to file system could not be obtained.
#[error(display = "FatalEngineError: Failed to obtain lock on the file system.")]
FailedLockFileSystem,
/// Engine trap.
#[error(display = "FatalEngineError: Wasm engine trap: {:?}", _0)]
Trap(String),
}

/// Either the index or the name of a host call
#[derive(Debug, Serialize, Deserialize)]
pub enum HostFunctionIndexOrName {
Index(usize),
Name(String),
}

////////////////////////////////////////////////////////////////////////////////
// Implementation of the H-calls.
////////////////////////////////////////////////////////////////////////////////

///// Details the arguments expected by the module's entry point, if any is found.
//pub(crate) enum EntrySignature {
///// The expected entry point (e.g. "main") is not found in the WASM module
///// or it was found and it did not have a recognisable type signature.
//NoEntryFound,
///// The entry point does not expect any parameters.
//NoParameters,
///// The entry point expects a dummy `argv` and an `argc` to be supplied.
//ArgvAndArgc,
//}
use std::vec::Vec;

////////////////////////////////////////////////////////////////////////////////
// The strategy trait.
Expand Down
1 change: 0 additions & 1 deletion crates/execution-engine/src/engines/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@
//! information on licensing and copyright.

pub mod common;
pub mod strace;
//pub(crate) mod wasmi;
#[cfg(feature = "std")]
pub(crate) mod wasmtime;
Loading