host

package

v0.0.0-...-522126a Latest Latest Go to latest Published: Dec 23, 2019 License: Apache-2.0 Imports: 36 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/inversepath/gvisor

Documentation ¶

Rendered for

Overview ¶

Package host implements an fs.Filesystem for files backed by host file descriptors.

Index ¶

Constants
Variables
func ImportFile(ctx context.Context, fd int, mounter fs.FileOwner, isTTY bool) (*fs.File, error)
func NewFile(ctx context.Context, fd int, mounter fs.FileOwner) (*fs.File, error)
func NewSocketWithDirent(ctx context.Context, d *fs.Dirent, f *fd.FD, flags fs.FileFlags) (*fs.File, error)
type ConnectedEndpoint
- func NewConnectedEndpoint(ctx context.Context, file *fd.FD, queue *waiter.Queue, path string) (*ConnectedEndpoint, *syserr.Error)
type Filesystem
type TTYFileOperations

Constants ¶

View Source

const FilesystemName = "whitelistfs"

FilesystemName is the name under which Filesystem is registered.

Variables ¶

View Source

var NulByte byte = '\x00'

NulByte is a single NUL byte. It is passed to readlinkat as an empty string.

Functions ¶

func ImportFile ¶

func ImportFile(ctx context.Context, fd int, mounter fs.FileOwner, isTTY bool) (*fs.File, error)

ImportFile creates a new File backed by the provided host file descriptor. Unlike NewFile, the file descriptor used by the File is duped from FD to ensure that later changes to FD are not reflected by the fs.File.

If the returned file is saved, it will be restored by re-importing the FD originally passed to ImportFile. It is the restorer's responsibility to ensure that the FD represents the same file.

func NewFile ¶

func NewFile(ctx context.Context, fd int, mounter fs.FileOwner) (*fs.File, error)

NewFile creates a new File backed by the provided host file descriptor. If NewFile succeeds, ownership of the FD is transferred to the returned File.

The returned File cannot be saved, since there is no guarantee that the same FD will exist or represent the same file at time of restore. If such a guarantee does exist, use ImportFile instead.

func NewSocketWithDirent ¶

func NewSocketWithDirent(ctx context.Context, d *fs.Dirent, f *fd.FD, flags fs.FileFlags) (*fs.File, error)

NewSocketWithDirent allocates a new unix socket with host endpoint.

This is currently only used by unsaveable Gofer nodes.

NewSocketWithDirent takes ownership of f on success.

Types ¶

type ConnectedEndpoint ¶

type ConnectedEndpoint struct {
	// contains filtered or unexported fields
}

ConnectedEndpoint is a host FD backed implementation of transport.ConnectedEndpoint and transport.Receiver.

+stateify savable

func NewConnectedEndpoint ¶

func NewConnectedEndpoint(ctx context.Context, file *fd.FD, queue *waiter.Queue, path string) (*ConnectedEndpoint, *syserr.Error)

NewConnectedEndpoint creates a new ConnectedEndpoint backed by a host FD that will pretend to be bound at a given sentry path.

The caller is responsible for calling Init(). Additionaly, Release needs to be called twice because ConnectedEndpoint is both a transport.Receiver and transport.ConnectedEndpoint.

func (*ConnectedEndpoint) CloseNotify ¶

func (c *ConnectedEndpoint) CloseNotify()

CloseNotify implements transport.ConnectedEndpoint.CloseNotify.

func (*ConnectedEndpoint) CloseRecv ¶

func (c *ConnectedEndpoint) CloseRecv()

CloseRecv implements transport.Receiver.CloseRecv.

func (*ConnectedEndpoint) CloseSend ¶

func (c *ConnectedEndpoint) CloseSend()

CloseSend implements transport.ConnectedEndpoint.CloseSend.

func (*ConnectedEndpoint) CloseUnread ¶

func (c *ConnectedEndpoint) CloseUnread()

CloseUnread implements transport.ConnectedEndpoint.CloseUnread.

func (*ConnectedEndpoint) EventUpdate ¶

func (c *ConnectedEndpoint) EventUpdate()

EventUpdate implements transport.ConnectedEndpoint.EventUpdate.

func (*ConnectedEndpoint) GetLocalAddress ¶

func (c *ConnectedEndpoint) GetLocalAddress() (tcpip.FullAddress, *tcpip.Error)

GetLocalAddress implements transport.ConnectedEndpoint.GetLocalAddress.

func (*ConnectedEndpoint) Init ¶

func (c *ConnectedEndpoint) Init()

Init will do initialization required without holding other locks.

func (*ConnectedEndpoint) Passcred ¶

func (c *ConnectedEndpoint) Passcred() bool

Passcred implements transport.ConnectedEndpoint.Passcred.

func (*ConnectedEndpoint) Readable ¶

func (c *ConnectedEndpoint) Readable() bool

Readable implements transport.Receiver.Readable.

func (*ConnectedEndpoint) Recv ¶

func (c *ConnectedEndpoint) Recv(data [][]byte, creds bool, numRights int, peek bool) (int64, int64, transport.ControlMessages, bool, tcpip.FullAddress, bool, *syserr.Error)

Recv implements transport.Receiver.Recv.

func (*ConnectedEndpoint) RecvMaxQueueSize ¶

func (c *ConnectedEndpoint) RecvMaxQueueSize() int64

RecvMaxQueueSize implements transport.Receiver.RecvMaxQueueSize.

func (*ConnectedEndpoint) RecvNotify ¶

func (c *ConnectedEndpoint) RecvNotify()

RecvNotify implements transport.Receiver.RecvNotify.

func (*ConnectedEndpoint) RecvQueuedSize ¶

func (c *ConnectedEndpoint) RecvQueuedSize() int64

RecvQueuedSize implements transport.Receiver.RecvQueuedSize.

func (*ConnectedEndpoint) Release ¶

func (c *ConnectedEndpoint) Release()

Release implements transport.ConnectedEndpoint.Release and transport.Receiver.Release.

func (*ConnectedEndpoint) Send ¶

func (c *ConnectedEndpoint) Send(data [][]byte, controlMessages transport.ControlMessages, from tcpip.FullAddress) (int64, bool, *syserr.Error)

Send implements transport.ConnectedEndpoint.Send.

func (*ConnectedEndpoint) SendMaxQueueSize ¶

func (c *ConnectedEndpoint) SendMaxQueueSize() int64

SendMaxQueueSize implements transport.Receiver.SendMaxQueueSize.

func (*ConnectedEndpoint) SendNotify ¶

func (c *ConnectedEndpoint) SendNotify()

SendNotify implements transport.ConnectedEndpoint.SendNotify.

func (*ConnectedEndpoint) SendQueuedSize ¶

func (c *ConnectedEndpoint) SendQueuedSize() int64

SendQueuedSize implements transport.Receiver.SendQueuedSize.

func (*ConnectedEndpoint) Writable ¶

func (c *ConnectedEndpoint) Writable() bool

Writable implements transport.ConnectedEndpoint.Writable.

type Filesystem ¶

type Filesystem struct {
	// contains filtered or unexported fields
}

Filesystem is a pseudo file system that is only available during the setup to lock down the configurations. This filesystem should only be mounted at root.

Think twice before exposing this to applications.

+stateify savable

func (*Filesystem) AllowUserList ¶

func (*Filesystem) AllowUserList() bool

AllowUserList allows this filesystem to be listed in /proc/filesystems.

func (*Filesystem) AllowUserMount ¶

func (*Filesystem) AllowUserMount() bool

AllowUserMount prohibits users from using mount(2) with this file system.

func (*Filesystem) Flags ¶

func (*Filesystem) Flags() fs.FilesystemFlags

Flags returns that there is nothing special about this file system.

func (*Filesystem) InstallWhitelist ¶

func (f *Filesystem) InstallWhitelist(ctx context.Context, m *fs.MountNamespace) error

InstallWhitelist locks down the MountNamespace to only the currently installed Dirents and the given paths.

func (*Filesystem) Mount ¶

func (f *Filesystem) Mount(ctx context.Context, _ string, flags fs.MountSourceFlags, data string, _ interface{}) (*fs.Inode, error)

Mount returns an fs.Inode exposing the host file system. It is intended to be locked down in PreExec below.

func (*Filesystem) Name ¶

func (*Filesystem) Name() string

Name is the identifier of this file system.

type TTYFileOperations ¶

type TTYFileOperations struct {
	// contains filtered or unexported fields
}

TTYFileOperations implements fs.FileOperations for a host file descriptor that wraps a TTY FD.

+stateify savable

func (*TTYFileOperations) ConfigureMMap ¶

func (f *TTYFileOperations) ConfigureMMap(ctx context.Context, file *fs.File, opts *memmap.MMapOpts) error

ConfigureMMap implements fs.FileOperations.ConfigureMMap.

func (*TTYFileOperations) EventRegister ¶

func (f *TTYFileOperations) EventRegister(e *waiter.Entry, mask waiter.EventMask)

EventRegister implements waiter.Waitable.EventRegister.

func (*TTYFileOperations) EventUnregister ¶

func (f *TTYFileOperations) EventUnregister(e *waiter.Entry)

EventUnregister implements waiter.Waitable.EventUnregister.

func (*TTYFileOperations) Flush ¶

func (f *TTYFileOperations) Flush(context.Context, *fs.File) error

Flush implements fs.FileOperations.Flush.

func (*TTYFileOperations) ForegroundProcessGroup ¶

func (t *TTYFileOperations) ForegroundProcessGroup() *kernel.ProcessGroup

ForegroundProcessGroup returns the foreground process for the TTY.

func (*TTYFileOperations) Fsync ¶

func (f *TTYFileOperations) Fsync(ctx context.Context, file *fs.File, start int64, end int64, syncType fs.SyncType) error

Fsync implements fs.FileOperations.Fsync.

func (*TTYFileOperations) InitForegroundProcessGroup ¶

func (t *TTYFileOperations) InitForegroundProcessGroup(pg *kernel.ProcessGroup)

InitForegroundProcessGroup sets the foreground process group and session for the TTY. This should only be called once, after the foreground process group has been created, but before it has started running.

func (*TTYFileOperations) Ioctl ¶

func (t *TTYFileOperations) Ioctl(ctx context.Context, _ *fs.File, io usermem.IO, args arch.SyscallArguments) (uintptr, error)

Ioctl implements fs.FileOperations.Ioctl.

func (*TTYFileOperations) IterateDir ¶

func (f *TTYFileOperations) IterateDir(ctx context.Context, d *fs.Dirent, dirCtx *fs.DirCtx, offset int) (int, error)

IterateDir implements fs.DirIterator.IterateDir.

func (*TTYFileOperations) Read ¶

func (t *TTYFileOperations) Read(ctx context.Context, file *fs.File, dst usermem.IOSequence, offset int64) (int64, error)

Read implements fs.FileOperations.Read.

Reading from a TTY is only allowed for foreground process groups. Background process groups will either get EIO or a SIGTTIN.

See drivers/tty/n_tty.c:n_tty_read()=>job_control().

func (*TTYFileOperations) Readdir ¶

func (f *TTYFileOperations) Readdir(ctx context.Context, file *fs.File, serializer fs.DentrySerializer) (int64, error)

Readdir implements fs.FileOperations.Readdir.

func (*TTYFileOperations) Readiness ¶

func (f *TTYFileOperations) Readiness(mask waiter.EventMask) waiter.EventMask

Readiness uses the poll() syscall to check the status of the underlying FD.

func (*TTYFileOperations) Release ¶

func (t *TTYFileOperations) Release()

Release implements fs.FileOperations.Release.

func (*TTYFileOperations) Seek ¶

func (f *TTYFileOperations) Seek(ctx context.Context, file *fs.File, whence fs.SeekWhence, offset int64) (int64, error)

Seek implements fs.FileOperations.Seek.

func (*TTYFileOperations) Write ¶

func (t *TTYFileOperations) Write(ctx context.Context, file *fs.File, src usermem.IOSequence, offset int64) (int64, error)

Write implements fs.FileOperations.Write.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL