github.com/ttpreport/gvisor-ligolo@v0.0.0-20240123134145-a858404967ba/pkg/sentry/devices/memdev/zero.go (about) 1 // Copyright 2020 The gVisor Authors. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package memdev 16 17 import ( 18 "github.com/ttpreport/gvisor-ligolo/pkg/context" 19 "github.com/ttpreport/gvisor-ligolo/pkg/sentry/fsimpl/tmpfs" 20 "github.com/ttpreport/gvisor-ligolo/pkg/sentry/kernel" 21 "github.com/ttpreport/gvisor-ligolo/pkg/sentry/kernel/auth" 22 "github.com/ttpreport/gvisor-ligolo/pkg/sentry/memmap" 23 "github.com/ttpreport/gvisor-ligolo/pkg/sentry/vfs" 24 "github.com/ttpreport/gvisor-ligolo/pkg/usermem" 25 ) 26 27 const zeroDevMinor = 5 28 29 // zeroDevice implements vfs.Device for /dev/zero. 30 // 31 // +stateify savable 32 type zeroDevice struct{} 33 34 // Open implements vfs.Device.Open. 35 func (zeroDevice) Open(ctx context.Context, mnt *vfs.Mount, vfsd *vfs.Dentry, opts vfs.OpenOptions) (*vfs.FileDescription, error) { 36 fd := &zeroFD{} 37 if err := fd.vfsfd.Init(fd, opts.Flags, mnt, vfsd, &vfs.FileDescriptionOptions{ 38 UseDentryMetadata: true, 39 }); err != nil { 40 return nil, err 41 } 42 return &fd.vfsfd, nil 43 } 44 45 // zeroFD implements vfs.FileDescriptionImpl for /dev/zero. 46 // 47 // +stateify savable 48 type zeroFD struct { 49 vfsfd vfs.FileDescription 50 vfs.FileDescriptionDefaultImpl 51 vfs.DentryMetadataFileDescriptionImpl 52 vfs.NoLockFD 53 } 54 55 // Release implements vfs.FileDescriptionImpl.Release. 56 func (fd *zeroFD) Release(context.Context) { 57 // noop 58 } 59 60 // PRead implements vfs.FileDescriptionImpl.PRead. 61 func (fd *zeroFD) PRead(ctx context.Context, dst usermem.IOSequence, offset int64, opts vfs.ReadOptions) (int64, error) { 62 return dst.ZeroOut(ctx, dst.NumBytes()) 63 } 64 65 // Read implements vfs.FileDescriptionImpl.Read. 66 func (fd *zeroFD) Read(ctx context.Context, dst usermem.IOSequence, opts vfs.ReadOptions) (int64, error) { 67 return dst.ZeroOut(ctx, dst.NumBytes()) 68 } 69 70 // PWrite implements vfs.FileDescriptionImpl.PWrite. 71 func (fd *zeroFD) PWrite(ctx context.Context, src usermem.IOSequence, offset int64, opts vfs.WriteOptions) (int64, error) { 72 return src.NumBytes(), nil 73 } 74 75 // Write implements vfs.FileDescriptionImpl.Write. 76 func (fd *zeroFD) Write(ctx context.Context, src usermem.IOSequence, opts vfs.WriteOptions) (int64, error) { 77 return src.NumBytes(), nil 78 } 79 80 // Seek implements vfs.FileDescriptionImpl.Seek. 81 func (fd *zeroFD) Seek(ctx context.Context, offset int64, whence int32) (int64, error) { 82 return 0, nil 83 } 84 85 // ConfigureMMap implements vfs.FileDescriptionImpl.ConfigureMMap. 86 func (fd *zeroFD) ConfigureMMap(ctx context.Context, opts *memmap.MMapOpts) error { 87 if opts.Private || !opts.MaxPerms.Write { 88 // This mapping will never permit writing to the "underlying file" (in 89 // Linux terms, it isn't VM_SHARED), so implement it as an anonymous 90 // mapping, but back it with fd; this is what Linux does, and is 91 // actually application-visible because the resulting VMA will show up 92 // in /proc/[pid]/maps with fd.vfsfd.VirtualDentry()'s path rather than 93 // "/dev/zero (deleted)". 94 opts.Offset = 0 95 opts.MappingIdentity = &fd.vfsfd 96 opts.SentryOwnedContent = true 97 opts.MappingIdentity.IncRef() 98 return nil 99 } 100 tmpfsFD, err := tmpfs.NewZeroFile(ctx, auth.CredentialsFromContext(ctx), kernel.KernelFromContext(ctx).ShmMount(), opts.Length) 101 if err != nil { 102 return err 103 } 104 defer tmpfsFD.DecRef(ctx) 105 return tmpfsFD.ConfigureMMap(ctx, opts) 106 }