ltratt
commented
2 years ago Can we squash this down to a smaller number of commits before review? Please force push an update if so.
Closed 0152la closed 2 years ago
ltratt
commented
2 years ago Can we squash this down to a smaller number of commits before review? Please force push an update if so.
0152la
commented
2 years ago Ok, it seems I fixed it.
ltratt
commented
2 years ago I will admit that I'm not quite sure what "patch" means here. I think it means something like "switch the VDSO stuff"? But I might be very wrong!
0152la
commented
2 years ago I will admit that I'm not quite sure what "patch" means here. I think it means something like "switch the VDSO stuff"? But I might be very wrong!
Was this comment meant to come alongside some particular code, or what is it referring to particularly?
ltratt
commented
2 years ago Was this comment meant to come alongside some particular code, or what is it referring to particularly?
It's a general comment: I saw "patch" mentioned a few times and wasn't quite sure what it meant. I need to read the new README to see if that clears things up.
0152la
commented
2 years ago What do we mean by "map"? Do we mean "create a compartment" or "narrow the DDC" or ... ?
Between the two, map would be the former. More specifically, it means that we take the ELF data needed to execute the binary (i.e., LOAD segments) and map them into memory, such that we can then execute them.
I think this PR does do "transition into a compartment" but I don't think it does "transition to the manager or another compartment"?
It does transition to the manager in the sense of transitioning when needed for the intercepted functions and when the compartment execution is complete. It doesn't in the sense that the compartment can't ask the manager to do something. It also doesn't transition to another compartment, as there is a single compartment modelled at the moment.
0152la
commented
2 years ago Ready for review.
ltratt
commented
2 years ago That's everything from my POV. @jacobbramley anything?
jacobbramley
commented
2 years ago No, LGTM!
ltratt
commented
2 years ago Please squash.
0152la
commented
2 years ago Squashed.
ltratt
commented
2 years ago bors r+
bors[bot]
commented
2 years ago Build succeeded:
Improve the compartment transition process. This includes storing required information upon entering a compartment, intercepting functions within the compartment which need special privileges (e.g., vDSO functions, memory allocation), and restoring the manager state when returning from the compartment. Of particular interest should be
comp_add_interceptchanges withincompartment.cand the code intransition.S(where all assembly has been moved for readability).Some particular comments of interest are regarding the procedure call standard, and ensuring registers are correctly used.
This is currently a draft, as
buildbotstuff needs updating.