From 7f0b18115117459e5e040c7d0cdc6a6b33b16408 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Tue, 3 Nov 2020 16:36:23 +0000 Subject: [PATCH 01/22] implement a capability restriction mechanism Signed-off-by: Ryan Apilado --- include/proxy-wasm/wasm.h | 25 +++++++++++++++++++++++++ src/wasm.cc | 36 +++++++++++++++++++++++++++++------- 2 files changed, 54 insertions(+), 7 deletions(-) diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index b2c694db..7e476fd4 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -91,6 +91,27 @@ class WasmBase : public std::enable_shared_from_this { return nullptr; } + // Capability restriction (restricting/exposing the ABI). + bool capabilityAllowed(std::string capability_name) { + return !enforce_capability_restriction_ || + (allowed_capabilities_.find(capability_name) != allowed_capabilities_.end()); + } + void allowCapability(std::string capability_name) { + allowed_capabilities_.insert(capability_name); + } + void enforceCapabilityRestriction() { enforce_capability_restriction_ = true; } + + // Helper for generating a stub to pass to VM in place of a restricted export + template struct ExportStub; + template struct ExportStub { + static Word exportStub(void *raw_context, Args...) { + auto context = exports::ContextOrEffectiveContext( + static_cast((void)raw_context, current_context_)); + context->wasmVm()->error("Attempted call to restricted capability"); + return WasmResult::InternalFailure; + } + }; + virtual ContextBase *createVmContext() { return new ContextBase(this); } virtual ContextBase *createRootContext(const std::shared_ptr &plugin) { return new ContextBase(this, plugin); @@ -217,6 +238,10 @@ class WasmBase : public std::enable_shared_from_this { WasmCallVoid<1> on_log_; WasmCallVoid<1> on_delete_; + // Capability restriction (restricting/exposing the ABI). + bool enforce_capability_restriction_ = false; + std::unordered_set allowed_capabilities_; + std::shared_ptr base_wasm_handle_; // Used by the base_wasm to enable non-clonable thread local Wasm(s) to be constructed. diff --git a/src/wasm.cc b/src/wasm.cc index 9472873d..0e0c2d51 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -120,12 +120,21 @@ void WasmBase::registerCallbacks() { _REGISTER_WASI(proc_exit); #undef _REGISTER_WASI - // Calls with the "proxy_" prefix. + // Register the capability with the VM if it has been allowed, otherwise register a stub. #define _REGISTER_PROXY(_fn) \ - wasm_vm_->registerCallback( \ - "env", "proxy_" #_fn, &exports::_fn, \ - &ConvertFunctionWordToUint32::convertFunctionWordToUint32); + if (capabilityAllowed("proxy_" #_fn)) { \ + wasm_vm_->registerCallback( \ + "env", "proxy_" #_fn, &exports::_fn, \ + &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ + } else { \ + typedef decltype(exports::_fn) export_type; \ + constexpr export_type *stub = &ExportStub::exportStub; \ + wasm_vm_->registerCallback( \ + "env", "proxy_" #_fn, stub, \ + &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ + } + _REGISTER_PROXY(log); _REGISTER_PROXY(get_status); @@ -208,8 +217,19 @@ void WasmBase::getFunctions() { #undef _GET_ALIAS #undef _GET -#define _GET_PROXY(_fn) wasm_vm_->getFunction("proxy_" #_fn, &_fn##_); -#define _GET_PROXY_ABI(_fn, _abi) wasm_vm_->getFunction("proxy_" #_fn, &_fn##_abi##_); + // Try to point the capability to one of the module exports, if the capability has been allowed. +#define _GET_PROXY(_fn) \ + if (capabilityAllowed("proxy_" #_fn)) { \ + wasm_vm_->getFunction("proxy_" #_fn, &_fn##_); \ + } else { \ + _fn##_ = nullptr; \ + } +#define _GET_PROXY_ABI(_fn, _abi) \ + if (capabilityAllowed("proxy_" #_fn)) { \ + wasm_vm_->getFunction("proxy_" #_fn, &_fn##_abi##_); \ + } else { \ + _fn##_abi##_ = nullptr; \ + } _GET_PROXY(validate_configuration); _GET_PROXY(on_vm_start); _GET_PROXY(on_configure); @@ -256,6 +276,8 @@ WasmBase::WasmBase(const std::shared_ptr &base_wasm_handle, Wasm : std::enable_shared_from_this(*base_wasm_handle->wasm()), vm_id_(base_wasm_handle->wasm()->vm_id_), vm_key_(base_wasm_handle->wasm()->vm_key_), started_from_(base_wasm_handle->wasm()->wasm_vm()->cloneable()), + enforce_capability_restriction_(base_wasm_handle->wasm()->enforce_capability_restriction_), + allowed_capabilities_(base_wasm_handle->wasm()->allowed_capabilities_), base_wasm_handle_(base_wasm_handle) { if (started_from_ != Cloneable::NotCloneable) { wasm_vm_ = base_wasm_handle->wasm()->wasm_vm()->clone(); From 0b287999b3e3fdc1d4b6458aa765ffdfd2a4a635 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Thu, 5 Nov 2020 15:35:02 +0000 Subject: [PATCH 02/22] stubs log the capability they replaced Signed-off-by: Ryan Apilado --- include/proxy-wasm/exports.h | 34 ++++++++++++++++++++++++ include/proxy-wasm/wasm.h | 11 -------- src/wasm.cc | 51 ++---------------------------------- 3 files changed, 36 insertions(+), 60 deletions(-) diff --git a/include/proxy-wasm/exports.h b/include/proxy-wasm/exports.h index f0fa5dbf..82e8f1ec 100644 --- a/include/proxy-wasm/exports.h +++ b/include/proxy-wasm/exports.h @@ -18,6 +18,7 @@ #include #include "include/proxy-wasm/word.h" +#include "include/proxy-wasm/wasm_vm.h" namespace proxy_wasm { @@ -153,5 +154,38 @@ Word pthread_equal(void *, Word left, Word right); // Any currently executing Wasm call context. ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase *context); +#define FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_f) \ + _f(log) _f(get_status) _f(set_property) _f(get_property) _f(send_local_response) \ + _f(get_shared_data) _f(set_shared_data) _f(register_shared_queue) _f(resolve_shared_queue) \ + _f(dequeue_shared_queue) _f(enqueue_shared_queue) _f(get_header_map_value) \ + _f(add_header_map_value) _f(replace_header_map_value) _f(remove_header_map_value) \ + _f(get_header_map_pairs) _f(set_header_map_pairs) _f(get_header_map_size) \ + _f(get_buffer_status) _f(get_buffer_bytes) _f(set_buffer_bytes) \ + _f(http_call) _f(grpc_call) _f(grpc_stream) _f(grpc_close) \ + _f(grpc_cancel) _f(grpc_send) _f(set_tick_period_milliseconds) \ + _f(get_current_time_nanoseconds) _f(define_metric) \ + _f(increment_metric) _f(record_metric) _f(get_metric) \ + _f(set_effective_context) _f(done) \ + _f(call_foreign_function) + +#define FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES_ABI_SPECIFIC(_f) \ + _f(get_configuration) _f(continue_request) _f(continue_response) _f(clear_route_cache) \ + _f(continue_stream) _f(close_stream) _f(get_log_level) + +// Helpers to generate a stub to pass to VM, in place of a restricted export. +#define _CREATE_EXPORT_STUB(_fn) \ + template struct _fn##Stub; \ + template struct _fn##Stub { \ + static Word stub(void *raw_context, Args...) { \ + auto context = exports::ContextOrEffectiveContext( \ + static_cast((void)raw_context, current_context_)); \ + context->wasmVm()->error("Attempted call to restricted capability: proxy_" #_fn); \ + return WasmResult::InternalFailure; \ + } \ + }; +FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_CREATE_EXPORT_STUB) +FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES_ABI_SPECIFIC(_CREATE_EXPORT_STUB) +#undef _CREATE_EXPORT_STUB + } // namespace exports } // namespace proxy_wasm diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index 7e476fd4..39235365 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -101,17 +101,6 @@ class WasmBase : public std::enable_shared_from_this { } void enforceCapabilityRestriction() { enforce_capability_restriction_ = true; } - // Helper for generating a stub to pass to VM in place of a restricted export - template struct ExportStub; - template struct ExportStub { - static Word exportStub(void *raw_context, Args...) { - auto context = exports::ContextOrEffectiveContext( - static_cast((void)raw_context, current_context_)); - context->wasmVm()->error("Attempted call to restricted capability"); - return WasmResult::InternalFailure; - } - }; - virtual ContextBase *createVmContext() { return new ContextBase(this); } virtual ContextBase *createRootContext(const std::shared_ptr &plugin) { return new ContextBase(this, plugin); diff --git a/src/wasm.cc b/src/wasm.cc index 0e0c2d51..3d560bbf 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -129,60 +129,13 @@ void WasmBase::registerCallbacks() { exports::_fn>::convertFunctionWordToUint32); \ } else { \ typedef decltype(exports::_fn) export_type; \ - constexpr export_type *stub = &ExportStub::exportStub; \ + constexpr export_type *stub = &exports::_fn##Stub::stub; \ wasm_vm_->registerCallback( \ "env", "proxy_" #_fn, stub, \ &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ } - _REGISTER_PROXY(log); - - _REGISTER_PROXY(get_status); - - _REGISTER_PROXY(set_property); - _REGISTER_PROXY(get_property); - - _REGISTER_PROXY(send_local_response); - - _REGISTER_PROXY(get_shared_data); - _REGISTER_PROXY(set_shared_data); - - _REGISTER_PROXY(register_shared_queue); - _REGISTER_PROXY(resolve_shared_queue); - _REGISTER_PROXY(dequeue_shared_queue); - _REGISTER_PROXY(enqueue_shared_queue); - - _REGISTER_PROXY(get_header_map_value); - _REGISTER_PROXY(add_header_map_value); - _REGISTER_PROXY(replace_header_map_value); - _REGISTER_PROXY(remove_header_map_value); - _REGISTER_PROXY(get_header_map_pairs); - _REGISTER_PROXY(set_header_map_pairs); - _REGISTER_PROXY(get_header_map_size); - - _REGISTER_PROXY(get_buffer_status); - _REGISTER_PROXY(get_buffer_bytes); - _REGISTER_PROXY(set_buffer_bytes); - - _REGISTER_PROXY(http_call); - - _REGISTER_PROXY(grpc_call); - _REGISTER_PROXY(grpc_stream); - _REGISTER_PROXY(grpc_close); - _REGISTER_PROXY(grpc_cancel); - _REGISTER_PROXY(grpc_send); - - _REGISTER_PROXY(set_tick_period_milliseconds); - _REGISTER_PROXY(get_current_time_nanoseconds); - - _REGISTER_PROXY(define_metric); - _REGISTER_PROXY(increment_metric); - _REGISTER_PROXY(record_metric); - _REGISTER_PROXY(get_metric); - - _REGISTER_PROXY(set_effective_context); - _REGISTER_PROXY(done); - _REGISTER_PROXY(call_foreign_function); + FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_REGISTER_PROXY); if (abiVersion() == AbiVersion::ProxyWasm_0_1_0) { _REGISTER_PROXY(get_configuration); From a3e393a49ec35326cfafb75d77e13ec13ab9b1fb Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Mon, 9 Nov 2020 21:29:20 +0000 Subject: [PATCH 03/22] initialize capability restriction parameters on construction Signed-off-by: Ryan Apilado --- include/proxy-wasm/wasm.h | 10 ++++------ src/wasm.cc | 6 +++++- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index 39235365..99b406ef 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -45,7 +45,9 @@ using CallOnThreadFunction = std::function)>; class WasmBase : public std::enable_shared_from_this { public: WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, - std::string_view vm_configuration, std::string_view vm_key); + std::string_view vm_configuration, std::string_view vm_key, + bool enforce_capability_restriction, + std::unordered_set allowed_capabilities); WasmBase(const std::shared_ptr &other, WasmVmFactory factory); virtual ~WasmBase(); @@ -96,10 +98,6 @@ class WasmBase : public std::enable_shared_from_this { return !enforce_capability_restriction_ || (allowed_capabilities_.find(capability_name) != allowed_capabilities_.end()); } - void allowCapability(std::string capability_name) { - allowed_capabilities_.insert(capability_name); - } - void enforceCapabilityRestriction() { enforce_capability_restriction_ = true; } virtual ContextBase *createVmContext() { return new ContextBase(this); } virtual ContextBase *createRootContext(const std::shared_ptr &plugin) { @@ -228,7 +226,7 @@ class WasmBase : public std::enable_shared_from_this { WasmCallVoid<1> on_delete_; // Capability restriction (restricting/exposing the ABI). - bool enforce_capability_restriction_ = false; + bool enforce_capability_restriction_; std::unordered_set allowed_capabilities_; std::shared_ptr base_wasm_handle_; diff --git a/src/wasm.cc b/src/wasm.cc index 3d560bbf..490fcb06 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -245,8 +245,12 @@ WasmBase::WasmBase(const std::shared_ptr &base_wasm_handle, Wasm } WasmBase::WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, - std::string_view vm_configuration, std::string_view vm_key) + std::string_view vm_configuration, std::string_view vm_key, + bool enforce_capability_restriction, + std::unordered_set allowed_capabilities) : vm_id_(std::string(vm_id)), vm_key_(std::string(vm_key)), wasm_vm_(std::move(wasm_vm)), + enforce_capability_restriction_(enforce_capability_restriction), + allowed_capabilities_(std::move(allowed_capabilities)), vm_configuration_(std::string(vm_configuration)) { if (!wasm_vm_) { failed_ = FailState::UnableToCreateVM; From 056b80a729e0bd5cd3e636a08ddc197c6720c156 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Fri, 13 Nov 2020 22:03:07 +0000 Subject: [PATCH 04/22] rename capability to abi_function Signed-off-by: Ryan Apilado --- include/proxy-wasm/exports.h | 10 +++++----- include/proxy-wasm/wasm.h | 18 +++++++++--------- src/wasm.cc | 24 ++++++++++++------------ 3 files changed, 26 insertions(+), 26 deletions(-) diff --git a/include/proxy-wasm/exports.h b/include/proxy-wasm/exports.h index 82e8f1ec..642a3f7c 100644 --- a/include/proxy-wasm/exports.h +++ b/include/proxy-wasm/exports.h @@ -154,7 +154,7 @@ Word pthread_equal(void *, Word left, Word right); // Any currently executing Wasm call context. ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase *context); -#define FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_f) \ +#define FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS(_f) \ _f(log) _f(get_status) _f(set_property) _f(get_property) _f(send_local_response) \ _f(get_shared_data) _f(set_shared_data) _f(register_shared_queue) _f(resolve_shared_queue) \ _f(dequeue_shared_queue) _f(enqueue_shared_queue) _f(get_header_map_value) \ @@ -168,7 +168,7 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * _f(set_effective_context) _f(done) \ _f(call_foreign_function) -#define FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES_ABI_SPECIFIC(_f) \ +#define FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS_ABI_SPECIFIC(_f) \ _f(get_configuration) _f(continue_request) _f(continue_response) _f(clear_route_cache) \ _f(continue_stream) _f(close_stream) _f(get_log_level) @@ -179,12 +179,12 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * static Word stub(void *raw_context, Args...) { \ auto context = exports::ContextOrEffectiveContext( \ static_cast((void)raw_context, current_context_)); \ - context->wasmVm()->error("Attempted call to restricted capability: proxy_" #_fn); \ + context->wasmVm()->error("Attempted call to restricted ABI function: proxy_" #_fn); \ return WasmResult::InternalFailure; \ } \ }; -FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_CREATE_EXPORT_STUB) -FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES_ABI_SPECIFIC(_CREATE_EXPORT_STUB) +FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS(_CREATE_EXPORT_STUB) +FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS_ABI_SPECIFIC(_CREATE_EXPORT_STUB) #undef _CREATE_EXPORT_STUB } // namespace exports diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index 99b406ef..f7cf5ad6 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -46,8 +46,8 @@ class WasmBase : public std::enable_shared_from_this { public: WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, std::string_view vm_configuration, std::string_view vm_key, - bool enforce_capability_restriction, - std::unordered_set allowed_capabilities); + bool enforce_abi_restriction, + std::unordered_set allowed_abi_functions); WasmBase(const std::shared_ptr &other, WasmVmFactory factory); virtual ~WasmBase(); @@ -93,10 +93,10 @@ class WasmBase : public std::enable_shared_from_this { return nullptr; } - // Capability restriction (restricting/exposing the ABI). - bool capabilityAllowed(std::string capability_name) { - return !enforce_capability_restriction_ || - (allowed_capabilities_.find(capability_name) != allowed_capabilities_.end()); + // ABI restriction (restricting/exposing the ABI). + bool abiFunctionAllowed(std::string abi_function_name) { + return !enforce_abi_restriction_ || + (allowed_abi_functions_.find(abi_function_name) != allowed_abi_functions_.end()); } virtual ContextBase *createVmContext() { return new ContextBase(this); } @@ -225,9 +225,9 @@ class WasmBase : public std::enable_shared_from_this { WasmCallVoid<1> on_log_; WasmCallVoid<1> on_delete_; - // Capability restriction (restricting/exposing the ABI). - bool enforce_capability_restriction_; - std::unordered_set allowed_capabilities_; + // ABI restriction (restricting/exposing the ABI). + bool enforce_abi_restriction_; + std::unordered_set allowed_abi_functions_; std::shared_ptr base_wasm_handle_; diff --git a/src/wasm.cc b/src/wasm.cc index 490fcb06..b625ea32 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -120,9 +120,9 @@ void WasmBase::registerCallbacks() { _REGISTER_WASI(proc_exit); #undef _REGISTER_WASI - // Register the capability with the VM if it has been allowed, otherwise register a stub. + // Register the ABI function with the VM if it has been allowed, otherwise register a stub. #define _REGISTER_PROXY(_fn) \ - if (capabilityAllowed("proxy_" #_fn)) { \ + if (abiFunctionAllowed("proxy_" #_fn)) { \ wasm_vm_->registerCallback( \ "env", "proxy_" #_fn, &exports::_fn, \ &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ } - FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_REGISTER_PROXY); + FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS(_REGISTER_PROXY); if (abiVersion() == AbiVersion::ProxyWasm_0_1_0) { _REGISTER_PROXY(get_configuration); @@ -170,15 +170,15 @@ void WasmBase::getFunctions() { #undef _GET_ALIAS #undef _GET - // Try to point the capability to one of the module exports, if the capability has been allowed. + // Try to point the ABI function to one of the module exports, if it has been allowed. #define _GET_PROXY(_fn) \ - if (capabilityAllowed("proxy_" #_fn)) { \ + if (abiFunctionAllowed("proxy_" #_fn)) { \ wasm_vm_->getFunction("proxy_" #_fn, &_fn##_); \ } else { \ _fn##_ = nullptr; \ } #define _GET_PROXY_ABI(_fn, _abi) \ - if (capabilityAllowed("proxy_" #_fn)) { \ + if (abiFunctionAllowed("proxy_" #_fn)) { \ wasm_vm_->getFunction("proxy_" #_fn, &_fn##_abi##_); \ } else { \ _fn##_abi##_ = nullptr; \ @@ -229,8 +229,8 @@ WasmBase::WasmBase(const std::shared_ptr &base_wasm_handle, Wasm : std::enable_shared_from_this(*base_wasm_handle->wasm()), vm_id_(base_wasm_handle->wasm()->vm_id_), vm_key_(base_wasm_handle->wasm()->vm_key_), started_from_(base_wasm_handle->wasm()->wasm_vm()->cloneable()), - enforce_capability_restriction_(base_wasm_handle->wasm()->enforce_capability_restriction_), - allowed_capabilities_(base_wasm_handle->wasm()->allowed_capabilities_), + enforce_abi_restriction_(base_wasm_handle->wasm()->enforce_abi_restriction_), + allowed_abi_functions_(base_wasm_handle->wasm()->allowed_abi_functions_), base_wasm_handle_(base_wasm_handle) { if (started_from_ != Cloneable::NotCloneable) { wasm_vm_ = base_wasm_handle->wasm()->wasm_vm()->clone(); @@ -246,11 +246,11 @@ WasmBase::WasmBase(const std::shared_ptr &base_wasm_handle, Wasm WasmBase::WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, std::string_view vm_configuration, std::string_view vm_key, - bool enforce_capability_restriction, - std::unordered_set allowed_capabilities) + bool enforce_abi_restriction, + std::unordered_set allowed_abi_functions) : vm_id_(std::string(vm_id)), vm_key_(std::string(vm_key)), wasm_vm_(std::move(wasm_vm)), - enforce_capability_restriction_(enforce_capability_restriction), - allowed_capabilities_(std::move(allowed_capabilities)), + enforce_abi_restriction_(enforce_abi_restriction), + allowed_abi_functions_(std::move(allowed_abi_functions)), vm_configuration_(std::string(vm_configuration)) { if (!wasm_vm_) { failed_ = FailState::UnableToCreateVM; From bdc82eb7ed0796af991f39b0eabceb34754db80e Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Fri, 13 Nov 2020 23:12:55 +0000 Subject: [PATCH 05/22] remove enforcement flag Signed-off-by: Ryan Apilado --- include/proxy-wasm/wasm.h | 11 +++++------ src/wasm.cc | 3 --- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index f7cf5ad6..9309a15a 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -46,7 +46,6 @@ class WasmBase : public std::enable_shared_from_this { public: WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, std::string_view vm_configuration, std::string_view vm_key, - bool enforce_abi_restriction, std::unordered_set allowed_abi_functions); WasmBase(const std::shared_ptr &other, WasmVmFactory factory); virtual ~WasmBase(); @@ -93,10 +92,10 @@ class WasmBase : public std::enable_shared_from_this { return nullptr; } - // ABI restriction (restricting/exposing the ABI). + // Return true if the named ABI function is allowed to be exposed to the module. bool abiFunctionAllowed(std::string abi_function_name) { - return !enforce_abi_restriction_ || - (allowed_abi_functions_.find(abi_function_name) != allowed_abi_functions_.end()); + return allowed_abi_functions_.empty() || + allowed_abi_functions_.find(abi_function_name) != allowed_abi_functions_.end(); } virtual ContextBase *createVmContext() { return new ContextBase(this); } @@ -225,8 +224,8 @@ class WasmBase : public std::enable_shared_from_this { WasmCallVoid<1> on_log_; WasmCallVoid<1> on_delete_; - // ABI restriction (restricting/exposing the ABI). - bool enforce_abi_restriction_; + // ABI functions which are allowed to be linked to the module. If this is empty, restriction + // is not enforced. std::unordered_set allowed_abi_functions_; std::shared_ptr base_wasm_handle_; diff --git a/src/wasm.cc b/src/wasm.cc index b625ea32..7e371525 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -229,7 +229,6 @@ WasmBase::WasmBase(const std::shared_ptr &base_wasm_handle, Wasm : std::enable_shared_from_this(*base_wasm_handle->wasm()), vm_id_(base_wasm_handle->wasm()->vm_id_), vm_key_(base_wasm_handle->wasm()->vm_key_), started_from_(base_wasm_handle->wasm()->wasm_vm()->cloneable()), - enforce_abi_restriction_(base_wasm_handle->wasm()->enforce_abi_restriction_), allowed_abi_functions_(base_wasm_handle->wasm()->allowed_abi_functions_), base_wasm_handle_(base_wasm_handle) { if (started_from_ != Cloneable::NotCloneable) { @@ -246,10 +245,8 @@ WasmBase::WasmBase(const std::shared_ptr &base_wasm_handle, Wasm WasmBase::WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, std::string_view vm_configuration, std::string_view vm_key, - bool enforce_abi_restriction, std::unordered_set allowed_abi_functions) : vm_id_(std::string(vm_id)), vm_key_(std::string(vm_key)), wasm_vm_(std::move(wasm_vm)), - enforce_abi_restriction_(enforce_abi_restriction), allowed_abi_functions_(std::move(allowed_abi_functions)), vm_configuration_(std::string(vm_configuration)) { if (!wasm_vm_) { From 86eed018e22f7d1d7a345f50bad758d5ceb03d72 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Sat, 14 Nov 2020 01:50:14 +0000 Subject: [PATCH 06/22] clang format Signed-off-by: Ryan Apilado --- include/proxy-wasm/exports.h | 4 ++-- include/proxy-wasm/wasm.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/proxy-wasm/exports.h b/include/proxy-wasm/exports.h index 642a3f7c..fba71967 100644 --- a/include/proxy-wasm/exports.h +++ b/include/proxy-wasm/exports.h @@ -154,7 +154,7 @@ Word pthread_equal(void *, Word left, Word right); // Any currently executing Wasm call context. ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase *context); -#define FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS(_f) \ +#define FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS(_f) \ _f(log) _f(get_status) _f(set_property) _f(get_property) _f(send_local_response) \ _f(get_shared_data) _f(set_shared_data) _f(register_shared_queue) _f(resolve_shared_queue) \ _f(dequeue_shared_queue) _f(enqueue_shared_queue) _f(get_header_map_value) \ @@ -168,7 +168,7 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * _f(set_effective_context) _f(done) \ _f(call_foreign_function) -#define FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS_ABI_SPECIFIC(_f) \ +#define FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS_ABI_SPECIFIC(_f) \ _f(get_configuration) _f(continue_request) _f(continue_response) _f(clear_route_cache) \ _f(continue_stream) _f(close_stream) _f(get_log_level) diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index 9309a15a..393d9d61 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -94,7 +94,7 @@ class WasmBase : public std::enable_shared_from_this { // Return true if the named ABI function is allowed to be exposed to the module. bool abiFunctionAllowed(std::string abi_function_name) { - return allowed_abi_functions_.empty() || + return allowed_abi_functions_.empty() || allowed_abi_functions_.find(abi_function_name) != allowed_abi_functions_.end(); } From 5971335c9e0c9d7788665214b427e7a280d20928 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Thu, 19 Nov 2020 03:18:03 +0000 Subject: [PATCH 07/22] switch to absl::flat_hash_set Signed-off-by: Ryan Apilado --- BUILD | 1 + WORKSPACE | 7 +++++++ include/proxy-wasm/wasm.h | 6 ++++-- src/wasm.cc | 2 +- 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/BUILD b/BUILD index e9d434b2..9aa6e116 100644 --- a/BUILD +++ b/BUILD @@ -9,6 +9,7 @@ cc_library( hdrs = glob(["include/proxy-wasm/**/*.h"]), deps = [ "@proxy_wasm_cpp_sdk//:common_lib", + "@com_google_absl//absl/container:flat_hash_set", ], ) diff --git a/WORKSPACE b/WORKSPACE index 874d39b1..bac4bc28 100644 --- a/WORKSPACE +++ b/WORKSPACE @@ -17,6 +17,13 @@ http_archive( urls = ["https://github.com/abseil/abseil-cpp/archive/37dd2562ec830d547a1524bb306be313ac3f2556.tar.gz"], ) +# required by com_google_absl +http_archive( + name = "rules_cc", + urls = ["https://github.com/bazelbuild/rules_cc/archive/262ebec3c2296296526740db4aefce68c80de7fa.zip"], + strip_prefix = "rules_cc-262ebec3c2296296526740db4aefce68c80de7fa", +) + # required by com_google_protobuf http_archive( name = "bazel_skylib", diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index c3f671d3..2ac74fd7 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -28,6 +28,8 @@ #include "include/proxy-wasm/exports.h" #include "include/proxy-wasm/wasm_vm.h" +#include "absl/container/flat_hash_set.h" + namespace proxy_wasm { #include "proxy_wasm_common.h" @@ -46,7 +48,7 @@ class WasmBase : public std::enable_shared_from_this { public: WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, std::string_view vm_configuration, std::string_view vm_key, - std::unordered_set allowed_abi_functions); + absl::flat_hash_set allowed_abi_functions); WasmBase(const std::shared_ptr &other, WasmVmFactory factory); virtual ~WasmBase(); @@ -233,7 +235,7 @@ class WasmBase : public std::enable_shared_from_this { // ABI functions which are allowed to be linked to the module. If this is empty, restriction // is not enforced. - std::unordered_set allowed_abi_functions_; + absl::flat_hash_set allowed_abi_functions_; std::shared_ptr base_wasm_handle_; diff --git a/src/wasm.cc b/src/wasm.cc index 4a797dcd..0b403019 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -246,7 +246,7 @@ WasmBase::WasmBase(const std::shared_ptr &base_wasm_handle, Wasm WasmBase::WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, std::string_view vm_configuration, std::string_view vm_key, - std::unordered_set allowed_abi_functions) + absl::flat_hash_set allowed_abi_functions) : vm_id_(std::string(vm_id)), vm_key_(std::string(vm_key)), wasm_vm_(std::move(wasm_vm)), allowed_abi_functions_(std::move(allowed_abi_functions)), vm_configuration_(std::string(vm_configuration)) { From 8d24cf5c0136a6666759cfe4408f7e1480f8788b Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Thu, 19 Nov 2020 18:01:11 +0000 Subject: [PATCH 08/22] rename abi function -> capability Signed-off-by: Ryan Apilado --- include/proxy-wasm/exports.h | 8 ++++---- include/proxy-wasm/wasm.h | 14 +++++++------- src/wasm.cc | 18 +++++++++--------- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/include/proxy-wasm/exports.h b/include/proxy-wasm/exports.h index fba71967..348cfc75 100644 --- a/include/proxy-wasm/exports.h +++ b/include/proxy-wasm/exports.h @@ -58,7 +58,7 @@ template void marshalPairs(const Pairs &result, char *buffer) { } } -// ABI functions exported from envoy to wasm. +// Capabilities exported from envoy to wasm. Word get_configuration(void *raw_context, Word address, Word size); Word get_status(void *raw_context, Word status_code, Word address, Word size); @@ -154,7 +154,7 @@ Word pthread_equal(void *, Word left, Word right); // Any currently executing Wasm call context. ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase *context); -#define FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS(_f) \ +#define FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_f) \ _f(log) _f(get_status) _f(set_property) _f(get_property) _f(send_local_response) \ _f(get_shared_data) _f(set_shared_data) _f(register_shared_queue) _f(resolve_shared_queue) \ _f(dequeue_shared_queue) _f(enqueue_shared_queue) _f(get_header_map_value) \ @@ -168,7 +168,7 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * _f(set_effective_context) _f(done) \ _f(call_foreign_function) -#define FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS_ABI_SPECIFIC(_f) \ +#define FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES_ABI_SPECIFIC(_f) \ _f(get_configuration) _f(continue_request) _f(continue_response) _f(clear_route_cache) \ _f(continue_stream) _f(close_stream) _f(get_log_level) @@ -179,7 +179,7 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * static Word stub(void *raw_context, Args...) { \ auto context = exports::ContextOrEffectiveContext( \ static_cast((void)raw_context, current_context_)); \ - context->wasmVm()->error("Attempted call to restricted ABI function: proxy_" #_fn); \ + context->wasmVm()->error("Attempted call to restricted capability: " #_fn); \ return WasmResult::InternalFailure; \ } \ }; diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index 2ac74fd7..ac02164d 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -48,7 +48,7 @@ class WasmBase : public std::enable_shared_from_this { public: WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, std::string_view vm_configuration, std::string_view vm_key, - absl::flat_hash_set allowed_abi_functions); + absl::flat_hash_set allowed_capabilities); WasmBase(const std::shared_ptr &other, WasmVmFactory factory); virtual ~WasmBase(); @@ -94,10 +94,10 @@ class WasmBase : public std::enable_shared_from_this { return nullptr; } - // Return true if the named ABI function is allowed to be exposed to the module. - bool abiFunctionAllowed(std::string abi_function_name) { - return allowed_abi_functions_.empty() || - allowed_abi_functions_.find(abi_function_name) != allowed_abi_functions_.end(); + // Capability restriction (restricting/exposing the ABI). + bool capabilityAllowed(std::string capability_name) { + return allowed_capabilities_.empty() || + allowed_capabilities_.find(capability_name) != allowed_capabilities_.end(); } virtual ContextBase *createVmContext() { return new ContextBase(this); } @@ -233,9 +233,9 @@ class WasmBase : public std::enable_shared_from_this { WasmCallVoid<1> on_log_; WasmCallVoid<1> on_delete_; - // ABI functions which are allowed to be linked to the module. If this is empty, restriction + // Capabilities which are allowed to be linked to the module. If this is empty, restriction // is not enforced. - absl::flat_hash_set allowed_abi_functions_; + absl::flat_hash_set allowed_capabilities_; std::shared_ptr base_wasm_handle_; diff --git a/src/wasm.cc b/src/wasm.cc index 0b403019..7aeff46d 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -121,9 +121,9 @@ void WasmBase::registerCallbacks() { _REGISTER_WASI(proc_exit); #undef _REGISTER_WASI - // Register the ABI function with the VM if it has been allowed, otherwise register a stub. + // Register the capability with the VM if it has been allowed, otherwise register a stub. #define _REGISTER_PROXY(_fn) \ - if (abiFunctionAllowed("proxy_" #_fn)) { \ + if (capabilityAllowed("proxy_" #_fn)) { \ wasm_vm_->registerCallback( \ "env", "proxy_" #_fn, &exports::_fn, \ &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ } - FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS(_REGISTER_PROXY); + FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_REGISTER_PROXY); if (abiVersion() == AbiVersion::ProxyWasm_0_1_0) { _REGISTER_PROXY(get_configuration); @@ -171,15 +171,15 @@ void WasmBase::getFunctions() { #undef _GET_ALIAS #undef _GET - // Try to point the ABI function to one of the module exports, if it has been allowed. + // Try to point the capability to one of the module exports, if the capability has been allowed. #define _GET_PROXY(_fn) \ - if (abiFunctionAllowed("proxy_" #_fn)) { \ + if (capabilityAllowed("proxy_" #_fn)) { \ wasm_vm_->getFunction("proxy_" #_fn, &_fn##_); \ } else { \ _fn##_ = nullptr; \ } #define _GET_PROXY_ABI(_fn, _abi) \ - if (abiFunctionAllowed("proxy_" #_fn)) { \ + if (capabilityAllowed("proxy_" #_fn)) { \ wasm_vm_->getFunction("proxy_" #_fn, &_fn##_abi##_); \ } else { \ _fn##_abi##_ = nullptr; \ @@ -230,7 +230,7 @@ WasmBase::WasmBase(const std::shared_ptr &base_wasm_handle, Wasm : std::enable_shared_from_this(*base_wasm_handle->wasm()), vm_id_(base_wasm_handle->wasm()->vm_id_), vm_key_(base_wasm_handle->wasm()->vm_key_), started_from_(base_wasm_handle->wasm()->wasm_vm()->cloneable()), - allowed_abi_functions_(base_wasm_handle->wasm()->allowed_abi_functions_), + allowed_capabilities_(base_wasm_handle->wasm()->allowed_capabilities_), base_wasm_handle_(base_wasm_handle) { if (started_from_ != Cloneable::NotCloneable) { wasm_vm_ = base_wasm_handle->wasm()->wasm_vm()->clone(); @@ -246,9 +246,9 @@ WasmBase::WasmBase(const std::shared_ptr &base_wasm_handle, Wasm WasmBase::WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, std::string_view vm_configuration, std::string_view vm_key, - absl::flat_hash_set allowed_abi_functions) + absl::flat_hash_set allowed_capabilities) : vm_id_(std::string(vm_id)), vm_key_(std::string(vm_key)), wasm_vm_(std::move(wasm_vm)), - allowed_abi_functions_(std::move(allowed_abi_functions)), + allowed_capabilities_(std::move(allowed_capabilities)), vm_configuration_(std::string(vm_configuration)) { if (!wasm_vm_) { failed_ = FailState::UnableToCreateVM; From 18a63676a77e6387d17bb7bc1e94070ef4697b1b Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Thu, 19 Nov 2020 18:03:44 +0000 Subject: [PATCH 09/22] restrict WASI Signed-off-by: Ryan Apilado --- include/proxy-wasm/exports.h | 17 +++++++++++++-- src/wasm.cc | 42 +++++++++++++++++++----------------- 2 files changed, 37 insertions(+), 22 deletions(-) diff --git a/include/proxy-wasm/exports.h b/include/proxy-wasm/exports.h index 348cfc75..f7a7a55d 100644 --- a/include/proxy-wasm/exports.h +++ b/include/proxy-wasm/exports.h @@ -172,6 +172,11 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * _f(get_configuration) _f(continue_request) _f(continue_response) _f(clear_route_cache) \ _f(continue_stream) _f(close_stream) _f(get_log_level) +#define FOR_ALL_WASI_CAPABILITIES(_f) \ + _f(fd_write) _f(fd_read) _f(fd_seek) _f(fd_close) _f(fd_fdstat_get) _f(environ_get) \ + _f(environ_sizes_get) _f(args_get) _f(args_sizes_get) _f(clock_time_get) _f(random_get) \ + _f(proc_exit) + // Helpers to generate a stub to pass to VM, in place of a restricted export. #define _CREATE_EXPORT_STUB(_fn) \ template struct _fn##Stub; \ @@ -182,9 +187,17 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * context->wasmVm()->error("Attempted call to restricted capability: " #_fn); \ return WasmResult::InternalFailure; \ } \ + }; \ + template struct _fn##Stub { \ + static void stub(void *raw_context, Args...) { \ + auto context = exports::ContextOrEffectiveContext( \ + static_cast((void)raw_context, current_context_)); \ + context->wasmVm()->error("Attempted call to restricted capability: " #_fn); \ + } \ }; -FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS(_CREATE_EXPORT_STUB) -FOR_ALL_HOST_IMPLEMENTED_ABI_FUNCTIONS_ABI_SPECIFIC(_CREATE_EXPORT_STUB) +FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_CREATE_EXPORT_STUB) +FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES_ABI_SPECIFIC(_CREATE_EXPORT_STUB) +FOR_ALL_WASI_CAPABILITIES(_CREATE_EXPORT_STUB) #undef _CREATE_EXPORT_STUB } // namespace exports diff --git a/src/wasm.cc b/src/wasm.cc index 7aeff46d..30913494 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -99,26 +99,28 @@ void WasmBase::registerCallbacks() { #undef _REGISTER #define _REGISTER_WASI(_fn) \ - wasm_vm_->registerCallback( \ - "wasi_unstable", #_fn, &exports::wasi_unstable_##_fn, \ - &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ - wasm_vm_->registerCallback( \ - "wasi_snapshot_preview1", #_fn, &exports::wasi_unstable_##_fn, \ - &ConvertFunctionWordToUint32::convertFunctionWordToUint32) - _REGISTER_WASI(fd_write); - _REGISTER_WASI(fd_read); - _REGISTER_WASI(fd_seek); - _REGISTER_WASI(fd_close); - _REGISTER_WASI(fd_fdstat_get); - _REGISTER_WASI(environ_get); - _REGISTER_WASI(environ_sizes_get); - _REGISTER_WASI(args_get); - _REGISTER_WASI(args_sizes_get); - _REGISTER_WASI(clock_time_get); - _REGISTER_WASI(random_get); - _REGISTER_WASI(proc_exit); + if (capabilityAllowed(#_fn)) { \ + wasm_vm_->registerCallback( \ + "wasi_unstable", #_fn, &exports::wasi_unstable_##_fn, \ + &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ + wasm_vm_->registerCallback( \ + "wasi_snapshot_preview1", #_fn, &exports::wasi_unstable_##_fn, \ + &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ + } else { \ + typedef decltype(exports::wasi_unstable_##_fn) export_type; \ + constexpr export_type *stub = &exports::_fn##Stub::stub; \ + wasm_vm_->registerCallback( \ + "wasi_unstable", #_fn, stub, \ + &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ + wasm_vm_->registerCallback( \ + "wasi_snapshot_preview1", #_fn, stub, \ + &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ + } + + FOR_ALL_WASI_CAPABILITIES(_REGISTER_WASI); + #undef _REGISTER_WASI // Register the capability with the VM if it has been allowed, otherwise register a stub. From a180877e65aad2f308898c717a39179386e5b611 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Thu, 19 Nov 2020 18:04:02 +0000 Subject: [PATCH 10/22] build format Signed-off-by: Ryan Apilado --- BUILD | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/BUILD b/BUILD index 9aa6e116..d5cda212 100644 --- a/BUILD +++ b/BUILD @@ -1,4 +1,5 @@ load("//:bazel/variables.bzl", "COPTS", "LINKOPTS") +load("@rules_cc//cc:defs.bzl", "cc_library") licenses(["notice"]) # Apache 2 @@ -8,8 +9,8 @@ cc_library( name = "include", hdrs = glob(["include/proxy-wasm/**/*.h"]), deps = [ - "@proxy_wasm_cpp_sdk//:common_lib", "@com_google_absl//absl/container:flat_hash_set", + "@proxy_wasm_cpp_sdk//:common_lib", ], ) From 26de5b9e05fc9dde8edf8040f1cbe93676b6e9c6 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Fri, 20 Nov 2020 02:22:21 +0000 Subject: [PATCH 11/22] fix names Signed-off-by: Ryan Apilado --- include/proxy-wasm/exports.h | 14 +++++++------- src/wasm.cc | 4 ++-- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/include/proxy-wasm/exports.h b/include/proxy-wasm/exports.h index f7a7a55d..283e65cc 100644 --- a/include/proxy-wasm/exports.h +++ b/include/proxy-wasm/exports.h @@ -58,7 +58,7 @@ template void marshalPairs(const Pairs &result, char *buffer) { } } -// Capabilities exported from envoy to wasm. +// ABI functions exported from host to wasm. Word get_configuration(void *raw_context, Word address, Word size); Word get_status(void *raw_context, Word status_code, Word address, Word size); @@ -154,7 +154,7 @@ Word pthread_equal(void *, Word left, Word right); // Any currently executing Wasm call context. ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase *context); -#define FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_f) \ +#define FOR_ALL_HOST_FUNCTIONS(_f) \ _f(log) _f(get_status) _f(set_property) _f(get_property) _f(send_local_response) \ _f(get_shared_data) _f(set_shared_data) _f(register_shared_queue) _f(resolve_shared_queue) \ _f(dequeue_shared_queue) _f(enqueue_shared_queue) _f(get_header_map_value) \ @@ -168,11 +168,11 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * _f(set_effective_context) _f(done) \ _f(call_foreign_function) -#define FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES_ABI_SPECIFIC(_f) \ +#define FOR_ALL_HOST_FUNCTIONS_ABI_SPECIFIC(_f) \ _f(get_configuration) _f(continue_request) _f(continue_response) _f(clear_route_cache) \ _f(continue_stream) _f(close_stream) _f(get_log_level) -#define FOR_ALL_WASI_CAPABILITIES(_f) \ +#define FOR_ALL_WASI_FUNCTIONS(_f) \ _f(fd_write) _f(fd_read) _f(fd_seek) _f(fd_close) _f(fd_fdstat_get) _f(environ_get) \ _f(environ_sizes_get) _f(args_get) _f(args_sizes_get) _f(clock_time_get) _f(random_get) \ _f(proc_exit) @@ -195,9 +195,9 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * context->wasmVm()->error("Attempted call to restricted capability: " #_fn); \ } \ }; -FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_CREATE_EXPORT_STUB) -FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES_ABI_SPECIFIC(_CREATE_EXPORT_STUB) -FOR_ALL_WASI_CAPABILITIES(_CREATE_EXPORT_STUB) +FOR_ALL_HOST_FUNCTIONS(_CREATE_EXPORT_STUB) +FOR_ALL_HOST_FUNCTIONS_ABI_SPECIFIC(_CREATE_EXPORT_STUB) +FOR_ALL_WASI_FUNCTIONS(_CREATE_EXPORT_STUB) #undef _CREATE_EXPORT_STUB } // namespace exports diff --git a/src/wasm.cc b/src/wasm.cc index 30913494..995dbf11 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -119,7 +119,7 @@ void WasmBase::registerCallbacks() { &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ } - FOR_ALL_WASI_CAPABILITIES(_REGISTER_WASI); + FOR_ALL_WASI_FUNCTIONS(_REGISTER_WASI); #undef _REGISTER_WASI @@ -138,7 +138,7 @@ void WasmBase::registerCallbacks() { &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ } - FOR_ALL_HOST_IMPLEMENTED_CAPABILITIES(_REGISTER_PROXY); + FOR_ALL_HOST_FUNCTIONS(_REGISTER_PROXY); if (abiVersion() == AbiVersion::ProxyWasm_0_1_0) { _REGISTER_PROXY(get_configuration); From ceaef935384228c475df16d843ee3220762848f7 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Fri, 20 Nov 2020 02:31:12 +0000 Subject: [PATCH 12/22] for all module functions Signed-off-by: Ryan Apilado --- include/proxy-wasm/wasm.h | 10 ++++++++++ src/wasm.cc | 30 ++---------------------------- 2 files changed, 12 insertions(+), 28 deletions(-) diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index ac02164d..2a608ba2 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -233,6 +233,16 @@ class WasmBase : public std::enable_shared_from_this { WasmCallVoid<1> on_log_; WasmCallVoid<1> on_delete_; +#define FOR_ALL_MODULE_FUNCTIONS(_f) \ + _f(validate_configuration) _f(on_vm_start) _f(on_configure) _f(on_tick) _f(on_context_create) \ + _f(on_new_connection) _f(on_downstream_data) _f(on_upstream_data) \ + _f(on_downstream_connection_close) _f(on_upstream_connection_close) _f(on_request_body) \ + _f(on_request_trailers) _f(on_request_metadata) _f(on_response_body) \ + _f(on_response_trailers) _f(on_response_metadata) _f(on_http_call_response) \ + _f(on_grpc_receive) _f(on_grpc_close) _f(on_grpc_receive_initial_metadata) \ + _f(on_grpc_receive_trailing_metadata) _f(on_queue_ready) _f(on_done) \ + _f(on_log) _f(on_delete) + // Capabilities which are allowed to be linked to the module. If this is empty, restriction // is not enforced. absl::flat_hash_set allowed_capabilities_; diff --git a/src/wasm.cc b/src/wasm.cc index 995dbf11..5496b0a3 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -186,34 +186,8 @@ void WasmBase::getFunctions() { } else { \ _fn##_abi##_ = nullptr; \ } - _GET_PROXY(validate_configuration); - _GET_PROXY(on_vm_start); - _GET_PROXY(on_configure); - _GET_PROXY(on_tick); - - _GET_PROXY(on_context_create); - - _GET_PROXY(on_new_connection); - _GET_PROXY(on_downstream_data); - _GET_PROXY(on_upstream_data); - _GET_PROXY(on_downstream_connection_close); - _GET_PROXY(on_upstream_connection_close); - - _GET_PROXY(on_request_body); - _GET_PROXY(on_request_trailers); - _GET_PROXY(on_request_metadata); - _GET_PROXY(on_response_body); - _GET_PROXY(on_response_trailers); - _GET_PROXY(on_response_metadata); - _GET_PROXY(on_http_call_response); - _GET_PROXY(on_grpc_receive); - _GET_PROXY(on_grpc_close); - _GET_PROXY(on_grpc_receive_initial_metadata); - _GET_PROXY(on_grpc_receive_trailing_metadata); - _GET_PROXY(on_queue_ready); - _GET_PROXY(on_done); - _GET_PROXY(on_log); - _GET_PROXY(on_delete); + + FOR_ALL_MODULE_FUNCTIONS(_GET_PROXY); if (abiVersion() == AbiVersion::ProxyWasm_0_1_0) { _GET_PROXY_ABI(on_request_headers, _abi_01); From a94857a84f1636df75abde40c505cf9eacd45bc7 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Fri, 20 Nov 2020 20:58:32 +0000 Subject: [PATCH 13/22] remove pthread equal Signed-off-by: Ryan Apilado --- include/proxy-wasm/exports.h | 1 - src/exports.cc | 2 -- src/wasm.cc | 8 -------- 3 files changed, 11 deletions(-) diff --git a/include/proxy-wasm/exports.h b/include/proxy-wasm/exports.h index 283e65cc..5eecb97c 100644 --- a/include/proxy-wasm/exports.h +++ b/include/proxy-wasm/exports.h @@ -147,7 +147,6 @@ Word wasi_unstable_args_sizes_get(void *raw_context, Word argc_ptr, Word argv_bu void wasi_unstable_proc_exit(void *, Word); Word wasi_unstable_clock_time_get(void *, Word, uint64_t, Word); Word wasi_unstable_random_get(void *, Word, Word); -Word pthread_equal(void *, Word left, Word right); // Support for embedders, not exported to Wasm. diff --git a/src/exports.cc b/src/exports.cc index 1ffee322..9a7f85f7 100644 --- a/src/exports.cc +++ b/src/exports.cc @@ -834,8 +834,6 @@ void wasi_unstable_proc_exit(void *raw_context, Word) { context->error("wasi_unstable proc_exit"); } -Word pthread_equal(void *, Word left, Word right) { return left == right; } - Word set_tick_period_milliseconds(void *raw_context, Word period_milliseconds) { TimerToken token = 0; return WASM_CONTEXT(raw_context) diff --git a/src/wasm.cc b/src/wasm.cc index 5496b0a3..21381ef9 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -90,14 +90,6 @@ RegisterForeignFunction::RegisterForeignFunction(std::string name, WasmForeignFu } void WasmBase::registerCallbacks() { -#define _REGISTER(_fn) \ - wasm_vm_->registerCallback( \ - "env", #_fn, &exports::_fn, \ - &ConvertFunctionWordToUint32::convertFunctionWordToUint32) - _REGISTER(pthread_equal); -#undef _REGISTER - #define _REGISTER_WASI(_fn) \ if (capabilityAllowed(#_fn)) { \ wasm_vm_->registerCallback( \ From 0ad3d42b94224f34625d57f8981a42d0d7dd598c Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Fri, 20 Nov 2020 21:02:21 +0000 Subject: [PATCH 14/22] refactor registerCallbacks() Signed-off-by: Ryan Apilado --- src/wasm.cc | 48 +++++++++++++++++------------------------------- 1 file changed, 17 insertions(+), 31 deletions(-) diff --git a/src/wasm.cc b/src/wasm.cc index 21381ef9..46cfa100 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -90,46 +90,30 @@ RegisterForeignFunction::RegisterForeignFunction(std::string name, WasmForeignFu } void WasmBase::registerCallbacks() { -#define _REGISTER_WASI(_fn) \ - if (capabilityAllowed(#_fn)) { \ - wasm_vm_->registerCallback( \ - "wasi_unstable", #_fn, &exports::wasi_unstable_##_fn, \ - &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ - wasm_vm_->registerCallback( \ - "wasi_snapshot_preview1", #_fn, &exports::wasi_unstable_##_fn, \ - &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ - } else { \ - typedef decltype(exports::wasi_unstable_##_fn) export_type; \ - constexpr export_type *stub = &exports::_fn##Stub::stub; \ - wasm_vm_->registerCallback( \ - "wasi_unstable", #_fn, stub, \ - &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ - wasm_vm_->registerCallback( \ - "wasi_snapshot_preview1", #_fn, stub, \ - &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ - } - - FOR_ALL_WASI_FUNCTIONS(_REGISTER_WASI); - -#undef _REGISTER_WASI // Register the capability with the VM if it has been allowed, otherwise register a stub. -#define _REGISTER_PROXY(_fn) \ - if (capabilityAllowed("proxy_" #_fn)) { \ +#define _REGISTER(module_name, name_prefix, export_prefix, _fn) \ + if (capabilityAllowed(name_prefix #_fn)) { \ wasm_vm_->registerCallback( \ - "env", "proxy_" #_fn, &exports::_fn, \ - &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ + module_name, name_prefix #_fn, &exports::export_prefix##_fn, \ + &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ } else { \ - typedef decltype(exports::_fn) export_type; \ + typedef decltype(exports::export_prefix##_fn) export_type; \ constexpr export_type *stub = &exports::_fn##Stub::stub; \ wasm_vm_->registerCallback( \ - "env", "proxy_" #_fn, stub, \ + module_name, name_prefix #_fn, stub, \ &ConvertFunctionWordToUint32::convertFunctionWordToUint32); \ } +#define _REGISTER_WASI_UNSTABLE(_fn) _REGISTER("wasi_unstable", , wasi_unstable_, _fn) +#define _REGISTER_WASI_SNAPSHOT(_fn) _REGISTER("wasi_snapshot_preview1", , wasi_unstable_, _fn) + FOR_ALL_WASI_FUNCTIONS(_REGISTER_WASI_UNSTABLE); + FOR_ALL_WASI_FUNCTIONS(_REGISTER_WASI_SNAPSHOT); +#undef _REGISTER_WASI_UNSTABLE +#undef _REGISTER_WASI_SNAPSHOT + +#define _REGISTER_PROXY(_fn) _REGISTER("env", "proxy_", , _fn) FOR_ALL_HOST_FUNCTIONS(_REGISTER_PROXY); if (abiVersion() == AbiVersion::ProxyWasm_0_1_0) { @@ -146,6 +130,8 @@ void WasmBase::registerCallbacks() { _REGISTER_PROXY(get_log_level); } #undef _REGISTER_PROXY + +#undef _REGISTER } void WasmBase::getFunctions() { From 254328bf437ee48fd39e51f3d86aa0dd55f80b4e Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Sat, 21 Nov 2020 07:16:23 +0000 Subject: [PATCH 15/22] restore pthread_equal Signed-off-by: Ryan Apilado --- include/proxy-wasm/exports.h | 1 + src/exports.cc | 2 ++ src/wasm.cc | 7 +++++++ 3 files changed, 10 insertions(+) diff --git a/include/proxy-wasm/exports.h b/include/proxy-wasm/exports.h index 5eecb97c..283e65cc 100644 --- a/include/proxy-wasm/exports.h +++ b/include/proxy-wasm/exports.h @@ -147,6 +147,7 @@ Word wasi_unstable_args_sizes_get(void *raw_context, Word argc_ptr, Word argv_bu void wasi_unstable_proc_exit(void *, Word); Word wasi_unstable_clock_time_get(void *, Word, uint64_t, Word); Word wasi_unstable_random_get(void *, Word, Word); +Word pthread_equal(void *, Word left, Word right); // Support for embedders, not exported to Wasm. diff --git a/src/exports.cc b/src/exports.cc index 9a7f85f7..1ffee322 100644 --- a/src/exports.cc +++ b/src/exports.cc @@ -834,6 +834,8 @@ void wasi_unstable_proc_exit(void *raw_context, Word) { context->error("wasi_unstable proc_exit"); } +Word pthread_equal(void *, Word left, Word right) { return left == right; } + Word set_tick_period_milliseconds(void *raw_context, Word period_milliseconds) { TimerToken token = 0; return WASM_CONTEXT(raw_context) diff --git a/src/wasm.cc b/src/wasm.cc index 46cfa100..330af4d5 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -90,6 +90,13 @@ RegisterForeignFunction::RegisterForeignFunction(std::string name, WasmForeignFu } void WasmBase::registerCallbacks() { +#define _REGISTER(_fn) \ + wasm_vm_->registerCallback( \ + "env", #_fn, &exports::_fn, \ + &ConvertFunctionWordToUint32::convertFunctionWordToUint32) + _REGISTER(pthread_equal); +#undef _REGISTER // Register the capability with the VM if it has been allowed, otherwise register a stub. #define _REGISTER(module_name, name_prefix, export_prefix, _fn) \ From 57b6abb6ad175197fa9d8fed8b29df108dec9acd Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Tue, 1 Dec 2020 01:41:41 +0000 Subject: [PATCH 16/22] use map instead of set Signed-off-by: Ryan Apilado --- BUILD | 2 +- include/proxy-wasm/wasm.h | 7 ++++--- src/wasm.cc | 2 +- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/BUILD b/BUILD index d5cda212..b66f458c 100644 --- a/BUILD +++ b/BUILD @@ -9,7 +9,7 @@ cc_library( name = "include", hdrs = glob(["include/proxy-wasm/**/*.h"]), deps = [ - "@com_google_absl//absl/container:flat_hash_set", + "@com_google_absl//absl/container:flat_hash_map", "@proxy_wasm_cpp_sdk//:common_lib", ], ) diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index 2a608ba2..8a76ae46 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -28,7 +28,7 @@ #include "include/proxy-wasm/exports.h" #include "include/proxy-wasm/wasm_vm.h" -#include "absl/container/flat_hash_set.h" +#include "absl/container/flat_hash_map.h" namespace proxy_wasm { @@ -42,13 +42,14 @@ using WasmForeignFunction = std::function)>; using WasmVmFactory = std::function()>; using CallOnThreadFunction = std::function)>; +using AllowedCapabilitiesMap = absl::flat_hash_map>; // Wasm execution instance. Manages the host side of the Wasm interface. class WasmBase : public std::enable_shared_from_this { public: WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, std::string_view vm_configuration, std::string_view vm_key, - absl::flat_hash_set allowed_capabilities); + AllowedCapabilitiesMap allowed_capabilities); WasmBase(const std::shared_ptr &other, WasmVmFactory factory); virtual ~WasmBase(); @@ -245,7 +246,7 @@ class WasmBase : public std::enable_shared_from_this { // Capabilities which are allowed to be linked to the module. If this is empty, restriction // is not enforced. - absl::flat_hash_set allowed_capabilities_; + AllowedCapabilitiesMap allowed_capabilities_; std::shared_ptr base_wasm_handle_; diff --git a/src/wasm.cc b/src/wasm.cc index 330af4d5..0378802c 100644 --- a/src/wasm.cc +++ b/src/wasm.cc @@ -207,7 +207,7 @@ WasmBase::WasmBase(const std::shared_ptr &base_wasm_handle, Wasm WasmBase::WasmBase(std::unique_ptr wasm_vm, std::string_view vm_id, std::string_view vm_configuration, std::string_view vm_key, - absl::flat_hash_set allowed_capabilities) + AllowedCapabilitiesMap allowed_capabilities) : vm_id_(std::string(vm_id)), vm_key_(std::string(vm_key)), wasm_vm_(std::move(wasm_vm)), allowed_capabilities_(std::move(allowed_capabilities)), vm_configuration_(std::string(vm_configuration)) { From 18cf449a84c78108ffb66b13af54578b43d9ba80 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Thu, 17 Dec 2020 02:41:50 +0000 Subject: [PATCH 17/22] change absl::flat_hash_map to std::unordered_map Signed-off-by: Ryan Apilado --- BUILD | 1 - bazel/repositories.bzl | 6 ------ include/proxy-wasm/wasm.h | 4 +--- 3 files changed, 1 insertion(+), 10 deletions(-) diff --git a/BUILD b/BUILD index f4f62cdc..840ccd3a 100644 --- a/BUILD +++ b/BUILD @@ -9,7 +9,6 @@ cc_library( name = "include", hdrs = glob(["include/proxy-wasm/**/*.h"]), deps = [ - "@com_google_absl//absl/container:flat_hash_map", "@proxy_wasm_cpp_sdk//:common_lib", ], ) diff --git a/bazel/repositories.bzl b/bazel/repositories.bzl index ae1b6366..93eabfe1 100644 --- a/bazel/repositories.bzl +++ b/bazel/repositories.bzl @@ -73,9 +73,3 @@ def proxy_wasm_cpp_host_repositories(): strip_prefix = "protobuf-655310ca192a6e3a050e0ca0b7084a2968072260", url = "https://github.com/protocolbuffers/protobuf/archive/655310ca192a6e3a050e0ca0b7084a2968072260.tar.gz", ) - - http_archive( - name = "rules_cc", - urls = ["https://github.com/bazelbuild/rules_cc/archive/262ebec3c2296296526740db4aefce68c80de7fa.zip"], - strip_prefix = "rules_cc-262ebec3c2296296526740db4aefce68c80de7fa", - ) diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index ce7216aa..18f23450 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -29,8 +29,6 @@ #include "include/proxy-wasm/wasm_vm.h" #include "include/proxy-wasm/vm_id_handle.h" -#include "absl/container/flat_hash_map.h" - namespace proxy_wasm { #include "proxy_wasm_common.h" @@ -43,7 +41,7 @@ using WasmForeignFunction = std::function)>; using WasmVmFactory = std::function()>; using CallOnThreadFunction = std::function)>; -using AllowedCapabilitiesMap = absl::flat_hash_map>; +using AllowedCapabilitiesMap = std::unordered_map>; // Wasm execution instance. Manages the host side of the Wasm interface. class WasmBase : public std::enable_shared_from_this { From f37f37520e2692e695b9ebef572a5639355d39b5 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Thu, 17 Dec 2020 06:58:24 +0000 Subject: [PATCH 18/22] update error call Signed-off-by: Ryan Apilado --- include/proxy-wasm/exports.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/proxy-wasm/exports.h b/include/proxy-wasm/exports.h index 283e65cc..6b81d79d 100644 --- a/include/proxy-wasm/exports.h +++ b/include/proxy-wasm/exports.h @@ -184,7 +184,7 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * static Word stub(void *raw_context, Args...) { \ auto context = exports::ContextOrEffectiveContext( \ static_cast((void)raw_context, current_context_)); \ - context->wasmVm()->error("Attempted call to restricted capability: " #_fn); \ + context->wasmVm()->integration()->error("Attempted call to restricted capability: " #_fn); \ return WasmResult::InternalFailure; \ } \ }; \ @@ -192,7 +192,7 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * static void stub(void *raw_context, Args...) { \ auto context = exports::ContextOrEffectiveContext( \ static_cast((void)raw_context, current_context_)); \ - context->wasmVm()->error("Attempted call to restricted capability: " #_fn); \ + context->wasmVm()->integration()->error("Attempted call to restricted capability: " #_fn); \ } \ }; FOR_ALL_HOST_FUNCTIONS(_CREATE_EXPORT_STUB) From 228350fdae7392e43672e80c039ec42451e371a7 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Fri, 18 Dec 2020 05:27:48 +0000 Subject: [PATCH 19/22] create SanitizerConfig Signed-off-by: Ryan Apilado --- include/proxy-wasm/wasm.h | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index 18f23450..b106a677 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -41,7 +41,13 @@ using WasmForeignFunction = std::function)>; using WasmVmFactory = std::function()>; using CallOnThreadFunction = std::function)>; -using AllowedCapabilitiesMap = std::unordered_map>; + +struct SanitizationConfig { + std::vector argument_list; + enum class ListType : int { Allowlist = 0, Denylist = 1 }; + ListType list_type; +}; +using AllowedCapabilitiesMap = std::unordered_map; // Wasm execution instance. Manages the host side of the Wasm interface. class WasmBase : public std::enable_shared_from_this { From ed8cbca86137984ddf8b7d13851598930114ebe6 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Mon, 21 Dec 2020 23:39:25 +0000 Subject: [PATCH 20/22] change enum to bool Signed-off-by: Ryan Apilado --- include/proxy-wasm/wasm.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/include/proxy-wasm/wasm.h b/include/proxy-wasm/wasm.h index b106a677..7d0d802f 100644 --- a/include/proxy-wasm/wasm.h +++ b/include/proxy-wasm/wasm.h @@ -44,8 +44,7 @@ using CallOnThreadFunction = std::function)>; struct SanitizationConfig { std::vector argument_list; - enum class ListType : int { Allowlist = 0, Denylist = 1 }; - ListType list_type; + bool is_allowlist; }; using AllowedCapabilitiesMap = std::unordered_map; From 980be06a0c0b765ce8f59eacaff36e993f180f81 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Tue, 22 Dec 2020 21:10:27 +0000 Subject: [PATCH 21/22] create separate WASI stub Signed-off-by: Ryan Apilado --- include/proxy-wasm/exports.h | 40 ++++++++++++++++++++++++++++-------- 1 file changed, 32 insertions(+), 8 deletions(-) diff --git a/include/proxy-wasm/exports.h b/include/proxy-wasm/exports.h index 6b81d79d..3159d248 100644 --- a/include/proxy-wasm/exports.h +++ b/include/proxy-wasm/exports.h @@ -177,14 +177,15 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * _f(environ_sizes_get) _f(args_get) _f(args_sizes_get) _f(clock_time_get) _f(random_get) \ _f(proc_exit) -// Helpers to generate a stub to pass to VM, in place of a restricted export. -#define _CREATE_EXPORT_STUB(_fn) \ +// Helpers to generate a stub to pass to VM, in place of a restricted proxy-wasm capability. +#define _CREATE_PROXY_WASM_STUB(_fn) \ template struct _fn##Stub; \ template struct _fn##Stub { \ static Word stub(void *raw_context, Args...) { \ auto context = exports::ContextOrEffectiveContext( \ static_cast((void)raw_context, current_context_)); \ - context->wasmVm()->integration()->error("Attempted call to restricted capability: " #_fn); \ + context->wasmVm()->integration()->error( \ + "Attempted call to restricted proxy-wasm capability: proxy_" #_fn); \ return WasmResult::InternalFailure; \ } \ }; \ @@ -192,13 +193,36 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * static void stub(void *raw_context, Args...) { \ auto context = exports::ContextOrEffectiveContext( \ static_cast((void)raw_context, current_context_)); \ - context->wasmVm()->integration()->error("Attempted call to restricted capability: " #_fn); \ + context->wasmVm()->integration()->error( \ + "Attempted call to restricted proxy-wasm capability: proxy_" #_fn); \ } \ }; -FOR_ALL_HOST_FUNCTIONS(_CREATE_EXPORT_STUB) -FOR_ALL_HOST_FUNCTIONS_ABI_SPECIFIC(_CREATE_EXPORT_STUB) -FOR_ALL_WASI_FUNCTIONS(_CREATE_EXPORT_STUB) -#undef _CREATE_EXPORT_STUB +FOR_ALL_HOST_FUNCTIONS(_CREATE_PROXY_WASM_STUB) +FOR_ALL_HOST_FUNCTIONS_ABI_SPECIFIC(_CREATE_PROXY_WASM_STUB) +#undef _CREATE_PROXY_WASM_STUB + +// Helpers to generate a stub to pass to VM, in place of a restricted WASI capability. +#define _CREATE_WASI_STUB(_fn) \ + template struct _fn##Stub; \ + template struct _fn##Stub { \ + static Word stub(void *raw_context, Args...) { \ + auto context = exports::ContextOrEffectiveContext( \ + static_cast((void)raw_context, current_context_)); \ + context->wasmVm()->integration()->error( \ + "Attempted call to restricted WASI capability: " #_fn); \ + return 76; /* __WASI_ENOTCAPABLE */ \ + } \ + }; \ + template struct _fn##Stub { \ + static void stub(void *raw_context, Args...) { \ + auto context = exports::ContextOrEffectiveContext( \ + static_cast((void)raw_context, current_context_)); \ + context->wasmVm()->integration()->error( \ + "Attempted call to restricted WASI capability: " #_fn); \ + } \ + }; +FOR_ALL_WASI_FUNCTIONS(_CREATE_WASI_STUB) +#undef _CREATE_WASI_STUB } // namespace exports } // namespace proxy_wasm From 7ef7473680073ad7955c25daf946f66799ab4982 Mon Sep 17 00:00:00 2001 From: Ryan Apilado Date: Tue, 22 Dec 2020 22:00:09 +0000 Subject: [PATCH 22/22] remove void variant from proxy-wasm stub Signed-off-by: Ryan Apilado --- include/proxy-wasm/exports.h | 8 -------- 1 file changed, 8 deletions(-) diff --git a/include/proxy-wasm/exports.h b/include/proxy-wasm/exports.h index 3159d248..5c517176 100644 --- a/include/proxy-wasm/exports.h +++ b/include/proxy-wasm/exports.h @@ -188,14 +188,6 @@ ::proxy_wasm::ContextBase *ContextOrEffectiveContext(::proxy_wasm::ContextBase * "Attempted call to restricted proxy-wasm capability: proxy_" #_fn); \ return WasmResult::InternalFailure; \ } \ - }; \ - template struct _fn##Stub { \ - static void stub(void *raw_context, Args...) { \ - auto context = exports::ContextOrEffectiveContext( \ - static_cast((void)raw_context, current_context_)); \ - context->wasmVm()->integration()->error( \ - "Attempted call to restricted proxy-wasm capability: proxy_" #_fn); \ - } \ }; FOR_ALL_HOST_FUNCTIONS(_CREATE_PROXY_WASM_STUB) FOR_ALL_HOST_FUNCTIONS_ABI_SPECIFIC(_CREATE_PROXY_WASM_STUB)