Skip to content

Commit

Permalink
1 compartment to N mappings
Browse files Browse the repository at this point in the history
Move from a design of "one compartment has one mapping" to "one
compartment can be mapped multiple times". This involves "staging" a
compartment, with temporary internal relative relocations, after which
the staging can be lifted to a "mapping", which has correct relocations
and can be executed. This greatly reduces the overhead of creating the
same compartment multiple times.

* Remove some now unused functions
  • Loading branch information
0152la committed Dec 16, 2024
1 parent 6cca576 commit 8306ee6
Show file tree
Hide file tree
Showing 15 changed files with 551 additions and 413 deletions.
23 changes: 13 additions & 10 deletions include/compartment.h
Original file line number Diff line number Diff line change
Expand Up @@ -75,9 +75,7 @@ extern void *__capability comp_return_caps[2];
struct SegmentMap
{
void *mem_bot;
void *mem_top;
size_t offset;
ptrdiff_t correction;
size_t mem_sz;
size_t file_sz;
int prot_flags;
Expand All @@ -97,6 +95,7 @@ struct LibRelaMapping
unsigned short rela_sym_type; // type of underlying symbol
unsigned short rela_sym_bind; // bind of underlying symbol
uint16_t rela_sym_shndx; // section index of underlying symbol
bool mapping_reloc; // whether to relocate when mapped for execution
};

/**
Expand All @@ -106,7 +105,10 @@ struct LibDependency
{
char *lib_name;
char *lib_path;
void *lib_mem_base;
void *lib_mem_base; // relative address in compartment

void *data_base; // address of data mapped in loader
size_t data_size; // size of mapped data

// Segments of interest (usually, of type `PT_LOAD`) within this library
size_t lib_segs_count;
Expand All @@ -127,6 +129,7 @@ struct LibDependency
// TLS-related variables
// TODO can there be more TLS sections?
void *tls_sec_addr;
size_t tls_sec_off;
size_t tls_sec_size;
size_t tls_data_size;
// offset from TLS base pointer (i.e., value of `tpidr_el0`) where this
Expand Down Expand Up @@ -167,7 +170,6 @@ struct CompConfig
size_t stack_size;
struct CompEntryPointDef *entry_points;
size_t entry_point_count;
void *base_address;

// Variables related to `manager.h` prepared `environ` data
char **env_ptr; // pointer to `environ` array
Expand All @@ -186,12 +188,11 @@ struct Compartment
size_t id;
struct CompConfig *cc;
// Execution info
void *__capability ddc;
// ELF data
size_t size; // size of compartment in memory
void *base; // address where to load compartment
void *mem_top;
bool mapped;
size_t total_size; // size of compartment in memory
size_t data_size; // size of data segments of ELF files
void *staged_addr; // address where compartment data is stored, ready for
// mapping

// Environ
char **environ_ptr;
Expand Down Expand Up @@ -223,7 +224,7 @@ entry_point_cmp(const void *, const void *);
struct Compartment *
comp_from_elf(char *, struct CompConfig *); // char **, size_t, void *);
void
comp_map(struct Compartment *);
comp_map(struct Compartment *, void *);
void
comp_unmap(struct Compartment *);
void
Expand All @@ -232,6 +233,8 @@ int64_t
comp_exec(struct Compartment *, char *, void *, size_t);
void
comp_clean(struct Compartment *);
void *
get_seg_target(void *, struct LibDependency *, size_t);

struct Compartment *
find_comp(struct Compartment *);
Expand Down
7 changes: 5 additions & 2 deletions include/intercept.h
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,9 @@
// vDSO wrapper needed includes
#include <time.h>

#ifdef __CHERI__
#include "cheriintrin.h"
#endif

// Forward declarations
struct Compartment;
Expand Down Expand Up @@ -55,7 +57,8 @@ intercept_wrapper();
void
setup_intercepts();

size_t
my_call_comp(size_t, char *, void *);
// TODO Reimplement this for inter-compartment function calls
// size_t
// my_call_comp(size_t, char *, void *);

#endif // _INTERCEPT_H
23 changes: 18 additions & 5 deletions include/manager.h
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,8 @@ extern struct Compartment *loaded_comp;
// Compartment configuration file suffix
extern const char *comp_config_suffix;

void *
get_next_comp_addr(void);
struct Compartment *
register_new_comp(char *, bool);
int64_t
exec_comp(struct Compartment *, char *, char **);

union arg_holder
{
Expand All @@ -57,7 +53,24 @@ void
clean_compartment_config(struct CompEntryPointDef *, size_t);

/*******************************************************************************
* Memory allocation
* Compartment mappings
******************************************************************************/

struct CompMapping *
mapping_new(struct Compartment *);
struct CompMapping *
mapping_new_fixed(struct Compartment *, void *);
void
mapping_free(struct CompMapping *);
int64_t
mapping_exec(struct CompMapping *, char *, char **);

struct CompMapping
{
size_t id;
void *__capability ddc;
void *map_addr;
struct Compartment *comp;
};

#endif // _MANAGER_H
Loading

0 comments on commit 8306ee6

Please sign in to comment.