Skip to content

Adding SafePOSIX Implementation of Syscalls

Jump to bottom
Çağlar Doğan edited this page Nov 29, 2020 · 22 revisions

Development Cycle:

There are two main paths that can be taken in implementing a new system call, defined in the Native Client section. In both these paths, a system call is defined in Lind_GlibC.

GlibC

First, a file in Lind_GlibC/sysdeps/nacl/ named X.c should be created for a system call X. In this file, a function to implement the system call should be defined with the name __X. This definition should be followed by weak_alias (__X, X) to denote the reference. (Aditional references can also be added here)

This file's full path (sysdeps/nacl/X.c) should then be added to the override_list in make_sysd_rules.py to make sure that this function is used.

This __X function should reference a function that can call the NACL_SYSCALL function. Such functions can be implemented in either sysdeps/nacl/lind_syscalls.c or sysdeps/nacl/irt_syscalls.c (after being defined in the respective header files).

In irt_syscalls.c, the convention is to implement this function as nacl_irt_X after defining the function as *__nacl_irt_X in both the header and the .c file. This is followed by a devotion: __nacl_irt_X = nacl_irt_X at the bottom of irt_syscalls.c. These function are normally used to call NACL_SYSCALL with a custom system call name (for path 2) but can also be used as a relay to call the functions in lind_syscalls.c.

In lind_syscalls.c, the convention is to implement this function as lind_X after defining the function in the header file. Here, two parameters of type LindArg named in_args and out_args should be defined properly, and a NACL_SYSCALL directly targeting the lind_api should be carried out (for path 1).

The functions defined in these files (__nacl_irt_X and/or lind_X) should then be added to the GLIBC_PRIVATE part in Lind_GlibC/elf/Versions alongside other system calls to ensure their interception.

Native Client

1) Using native_client as a relay:

2) Implementing parts of the system call in native_client:

This path will be explained in the upcoming version of this wiki page.

Important files (for a system call X):

GlibC

  • Lind-GlibC/sysdeps/nacl/X.c

  • Lind-GlibC/make_sysd_rules.py

  • Lind-GlibC/sysdeps/nacl/irt_syscalls.h

  • Lind-GlibC/sysdeps/nacl/irt_syscalls.c

  • Lind-GlibC/sysdeps/nacl/lind_syscalls.h

  • Lind-GlibC/sysdeps/nacl/lind_syscalls.c

  • Lind-GlibC/elf/Versions

Native Client

To pack the syscall and send it to Repy, add Remote Procedure Call (RPC) here:

  • native_client/src/shared/platform/lind_platform.h
  • native_client/src/shared/platform/lind_platform.c

To have SafePOSIX do the actual work, edit the syscall's NaCl implementation here:

  • native_client/src/trusted/service_runtime/nacl_syscall_common.c

Repy + SafePOSIX

This file is where RPC is accepted and syscalls are delivered to the dispatcher. Have the new syscall included here:

  • nacl_repy/seattlelib/lind_server.mix

To match the syscall with its Lind implementation, add a new pairing here:

  • nacl_repy/seattlelib/dispatcher.repy

Add the syscall's Lind implementation here:

  • nacl_repy/seattlelib/lind_fs_calls.py OR
  • nacl_repy/seattlelib/lind_net_calls.py

In this directory, you will also need to create a new .repy file that will act as the syscall's handler. There you do any mandatory checking and, after the syscall is implemented, pack the result back to NaCl.

Clone this wiki locally