Skip to content
This repository has been archived by the owner on Nov 10, 2022. It is now read-only.

Commit

Permalink
Add --module-on-fd CLI arg
Browse files Browse the repository at this point in the history
This patch brings back the ability to load the module to be run from an
open file descriptor, which must be 3 or higher (so as not to collide
with stdin/stdout/stderr).

It also tweaks CLI parsing slightly - the '--' separating wasmldr args
from module args is now required.

Signed-off-by: Will Woods <[email protected]>
  • Loading branch information
wgwoods committed Aug 23, 2021
1 parent 2a60abc commit 4b318f3
Show file tree
Hide file tree
Showing 5 changed files with 73 additions and 18 deletions.
1 change: 1 addition & 0 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ log = "0.4"
wasmparser = "0.80"
structopt = "0.3.22"
anyhow = "1.0"
cfg-if = "1.0"

[build-dependencies]
wat = "1.0"
Expand Down
5 changes: 2 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,9 @@ $ RUST_LOG=enarx_wasmldr=info RUST_BACKTRACE=1 cargo run return_1.wasm
]
```

On Unix platforms, the command can also read the workload from the
file descriptor (3):
On Unix platforms, the command can also read the workload from an open file descriptor:
```console
$ RUST_LOG=enarx_wasmldr=info RUST_BACKTRACE=1 cargo run 3< return_1.wasm
$ RUST_LOG=enarx_wasmldr=info RUST_BACKTRACE=1 cargo run -- --module-on-fd=3 3< return_1.wasm
```


Expand Down
39 changes: 32 additions & 7 deletions src/cli.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,22 @@

#![allow(missing_docs, unused_variables)] // This is a work-in-progress, so...

use anyhow::{bail, Result};
use structopt::{clap::AppSettings, StructOpt};

use anyhow::{bail, Result};
use std::path::PathBuf;
use std::str::FromStr;

#[cfg(unix)]
use std::os::unix::io::RawFd;

// The main StructOpt for running `wasmldr` directly
// The main StructOpt for CLI options
#[derive(StructOpt, Debug)]
#[structopt(setting=AppSettings::TrailingVarArg)]
#[structopt(
setting = AppSettings::DeriveDisplayOrder,
setting = AppSettings::UnifiedHelpMessage,
)]
/// Enarx Keep Configurator and WebAssembly Loader
pub struct RunOptions {
/// Pass an environment variable to the program
#[structopt(
Expand All @@ -25,15 +33,24 @@ pub struct RunOptions {
#[structopt(long, value_name = "FUNCTION")]
invoke: Option<String>,

#[cfg(unix)]
/// Load WebAssembly module from the given FD (must be >=3)
#[structopt(long, value_name = "FD", parse(try_from_str = parse_module_fd))]
pub module_on_fd: Option<RawFd>,

// TODO: --inherit-env
// TODO: --stdin, --stdout, --stderr
/// Path of the WebAssembly module to run
#[structopt(index = 1, required = true, value_name = "MODULE", parse(from_os_str))]
pub module: PathBuf,
#[structopt(
index = 1,
required_unless = "module-on-fd",
value_name = "MODULE",
parse(from_os_str)
)]
pub module: Option<PathBuf>,

// NOTE: this has to come last for TrailingVarArg
/// Arguments to pass to the WebAssembly module
#[structopt(value_name = "ARGS")]
#[structopt(value_name = "ARGS", last = true)]
pub args: Vec<String>,
}

Expand All @@ -44,3 +61,11 @@ fn parse_env_var(s: &str) -> Result<(String, String)> {
}
Ok((parts[0].to_owned(), parts[1].to_owned()))
}

fn parse_module_fd(s: &str) -> Result<RawFd> {
let fd = RawFd::from_str(s)?;
if fd <= 2 {
bail!("FD must be >= 3");
}
Ok(fd)
}
45 changes: 37 additions & 8 deletions src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,9 @@
//! ]
//! ```
//!
//! On Unix platforms, the command can also read the workload from the
//! file descriptor (3):
//! On Unix platforms, the command can also read the workload from an open file descriptor:
//! ```console
//! $ RUST_LOG=enarx_wasmldr=info RUST_BACKTRACE=1 cargo run 3< return_1.wasm
//! $ RUST_LOG=enarx_wasmldr=info RUST_BACKTRACE=1 cargo run -- --module-on-fd=3 3< return_1.wasm
//! ```
//!
#![deny(missing_docs)]
Expand All @@ -31,14 +30,21 @@
mod cli;
mod workload;

use anyhow::{Context, Result};
use cfg_if::cfg_if;
use log::{debug, info};
use structopt::StructOpt;

use std::fs::File;
use std::io::Read;

fn main() {
// Initialize the logger, taking settings from the default env vars
#[cfg(unix)]
use std::os::unix::io::FromRawFd;

fn main() -> Result<()> {
// Initialize the logger, taking filtering and style settings from the
// default env vars (RUST_LOG and RUST_LOG_STYLE).
// The log target is the default target (stderr), so no files get opened.
env_logger::Builder::from_default_env().init();

info!("version {} starting up", env!("CARGO_PKG_VERSION"));
Expand All @@ -47,9 +53,30 @@ fn main() {
let opts = cli::RunOptions::from_args();
info!("opts: {:#?}", opts);

info!("reading {:?}", opts.module);
// TODO: don't just panic here...
let mut reader = File::open(&opts.module).expect("Unable to open file");
cfg_if! {
if #[cfg(unix)] {
let mut reader = match opts.module_on_fd {
Some(fd) => {
info!("reading module from fd {:?}", fd);
// SAFETY: unsafe if something is using the given fd.
// parse_module_fd() enforces fd >= 3, and nothing above
// opens/duplicates new file descriptors, so we're OK.
unsafe { File::from_raw_fd(fd) }
},
None => {
let path = opts.module.expect("required_unless failure");
info!("reading module from {:?}", path);
File::open(&path)
.with_context(|| format!("failed opening {:?}", path))?
},
};
} else {
let path = opts.module.expect("missing required arg");
info!("reading module from {:?}", path);
let mut reader = File::open(&path)
.with_context(|| format!("failed opening {:?}", path))?;
}
}

let mut bytes = Vec::new();
reader
Expand All @@ -65,4 +92,6 @@ fn main() {
info!("got result: {:#?}", result);
// TODO: exit with the resulting code, if the result is a return code
// FUTURE: produce attestation report here

Ok(())
}

0 comments on commit 4b318f3

Please sign in to comment.