diff options
author | ed <ed@FreeBSD.org> | 2015-07-29 17:18:27 +0000 |
---|---|---|
committer | ed <ed@FreeBSD.org> | 2015-07-29 17:18:27 +0000 |
commit | 2aaddce9ba5b701871b391a1ee7bdd31917766a0 (patch) | |
tree | b3859e39cb480af3103e9c6bf3bf05ce156893d7 /sys/compat | |
parent | 4072f1cf769d51d0ca066d83b0e921cf3ec74bb6 (diff) | |
download | FreeBSD-src-2aaddce9ba5b701871b391a1ee7bdd31917766a0.zip FreeBSD-src-2aaddce9ba5b701871b391a1ee7bdd31917766a0.tar.gz |
Make pipes in CloudABI work.
Summary:
Pipes in CloudABI are unidirectional. The reason for this is that
CloudABI attempts to provide a uniform runtime environment across
different flavours of UNIX.
Instead of implementing a custom pipe that is unidirectional, we can
simply reuse Capsicum permission bits to support this. This is nice,
because CloudABI already attempts to restrict permission bits to
correspond with the operations that apply to a certain file descriptor.
Replace kern_pipe() and kern_pipe2() by a single kern_pipe() that takes
a pair of filecaps. These filecaps are passed to the newly introduced
falloc_caps() function that creates the descriptors with rights in
place.
Test Plan:
CloudABI pipes seem to be created with proper rights in place:
https://github.com/NuxiNL/cloudlibc/blob/master/src/libc/unistd/pipe_test.c#L44
Reviewers: jilles, mjg
Reviewed By: mjg
Subscribers: imp
Differential Revision: https://reviews.freebsd.org/D3236
Diffstat (limited to 'sys/compat')
-rw-r--r-- | sys/compat/cloudabi/cloudabi_fd.c | 14 | ||||
-rw-r--r-- | sys/compat/linux/linux_file.c | 4 |
2 files changed, 16 insertions, 2 deletions
diff --git a/sys/compat/cloudabi/cloudabi_fd.c b/sys/compat/cloudabi/cloudabi_fd.c index 1b3aa0f..5a58cb3 100644 --- a/sys/compat/cloudabi/cloudabi_fd.c +++ b/sys/compat/cloudabi/cloudabi_fd.c @@ -120,10 +120,24 @@ int cloudabi_sys_fd_create2(struct thread *td, struct cloudabi_sys_fd_create2_args *uap) { + struct filecaps fcaps1 = {}, fcaps2 = {}; int fds[2]; int error; switch (uap->type) { + case CLOUDABI_FILETYPE_FIFO: + /* + * CloudABI pipes are unidirectional. Restrict rights on + * the pipe to simulate this. + */ + cap_rights_init(&fcaps1.fc_rights, CAP_EVENT, CAP_FCNTL, + CAP_FSTAT, CAP_READ); + fcaps1.fc_fcntls = CAP_FCNTL_SETFL; + cap_rights_init(&fcaps2.fc_rights, CAP_EVENT, CAP_FCNTL, + CAP_FSTAT, CAP_WRITE); + fcaps2.fc_fcntls = CAP_FCNTL_SETFL; + error = kern_pipe(td, fds, 0, &fcaps1, &fcaps2); + break; case CLOUDABI_FILETYPE_SOCKET_DGRAM: error = kern_socketpair(td, AF_UNIX, SOCK_DGRAM, 0, fds); break; diff --git a/sys/compat/linux/linux_file.c b/sys/compat/linux/linux_file.c index 1e5e37a..489dc1e 100644 --- a/sys/compat/linux/linux_file.c +++ b/sys/compat/linux/linux_file.c @@ -1582,7 +1582,7 @@ linux_pipe(struct thread *td, struct linux_pipe_args *args) printf(ARGS(pipe, "*")); #endif - error = kern_pipe2(td, fildes, 0); + error = kern_pipe(td, fildes, 0, NULL, NULL); if (error) return (error); @@ -1609,7 +1609,7 @@ linux_pipe2(struct thread *td, struct linux_pipe2_args *args) flags |= O_NONBLOCK; if ((args->flags & LINUX_O_CLOEXEC) != 0) flags |= O_CLOEXEC; - error = kern_pipe2(td, fildes, flags); + error = kern_pipe(td, fildes, flags, NULL, NULL); if (error) return (error); |