Support for socket-descriptor marshalling

This patch adds prinicipal support for transmitting socket descriptors as RPC payload. Socket descriptors are handled by the linux-specific implementation of the capability marshalling and unmarshalling functions in 'ipc.h'. The 'Message' type in 'src/platform/linux_socket.h' has been extended to carry multiple descriptors in a single message. Unfortuately, we hit a problem (and potential show stopper) here: lx_sendmsg failed with -109 in lx_call() The error code corresponds to ETOOMANYREFS. There is only one place in the Linux kernel where this error code is used (net/unix/af_unix.c). The code for 'unix_attach_fds()' suggests that there is a limit with regard to the maximum number of references for a given Unix domain socket. When the error occurs, core and init are running. The socket of core's server entrypoint is present in the '/proc/pid/fd' of those processes 8 times. The error occurs when core tries to perform an RPC to the entrypoint to perform 'Ram_session::transfer_quota()' (base/include/base/child.h at line 248).
2012-07-26 20:29:45 +02:00
parent 8b343d7e1a
commit ca4f574f4c
5 changed files with 270 additions and 60 deletions
--- a/base-linux/include/base/ipc.h
+++ b/base-linux/include/base/ipc.h
@@ -0,0 +1,65 @@
+/*
+ * \brief  Linux-specific supplements to the IPC framework
+ * \author Norman Feske
+ * \date   2012-07-26
+ */
+
+/*
+ * Copyright (C) 2012 Genode Labs GmbH
+ *
+ * This file is part of the Genode OS framework, which is distributed
+ * under the terms of the GNU General Public License version 2.
+ */
+
+#ifndef _INCLUDE__BASE__IPC_H_
+#define _INCLUDE__BASE__IPC_H_
+
+#include <base/ipc_generic.h>
+
+#include <base/snprintf.h>
+
+extern "C" int raw_write_str(const char *str);
+extern "C" void wait_for_continue(void);
+
+#define PRAWW(fmt, ...)                                             \
+	do {                                                           \
+		char str[128];                                             \
+		Genode::snprintf(str, sizeof(str),                         \
+		                 ESC_ERR fmt ESC_END "\n", ##__VA_ARGS__); \
+		raw_write_str(str);                                        \
+	} while (0)
+
+
+inline void Genode::Ipc_ostream::_marshal_capability(Genode::Native_capability const &cap)
+{
+
+	PRAWW("_marshal_capability called: local_name=%ld, tid=%ld, socket=%d",
+	 cap.local_name(), cap.dst().tid, cap.dst().socket);
+
+	_write_to_buf(cap.local_name());
+	_write_to_buf(cap.dst().tid);
+
+	if (cap.valid()) {
+		PRAWW("append_cap");
+		_snd_msg->append_cap(cap.dst().socket);
+	}
+}
+
+
+inline void Genode::Ipc_istream::_unmarshal_capability(Genode::Native_capability &cap)
+{
+	long local_name =  0;
+	long tid        =  0;
+	int  socket     = -1;
+
+	_read_from_buf(local_name);
+	_read_from_buf(tid);
+
+	bool const cap_valid = (tid != 0);
+	if (cap_valid)
+		socket = _rcv_msg->read_cap();
+
+	cap = Native_capability(Cap_dst_policy::Dst(tid, socket), local_name);
+}
+
+#endif /* _INCLUDE__BASE__IPC_H_ */
--- a/base-linux/include/base/ipc_msgbuf.h
+++ b/base-linux/include/base/ipc_msgbuf.h
@@ -21,10 +21,30 @@ namespace Genode {
 	 */
 	class Msgbuf_base
 	{
+		public:
+
+			enum { MAX_CAPS_PER_MSG = 8 };
+
 		protected:

+			/*
+			 * Capabilities (file descriptors) to be transferred
+			 */
+			int            _caps[MAX_CAPS_PER_MSG];
+			Genode::size_t _used_caps;
+			Genode::size_t _read_cap_index;
+
+			/**
+			 * Maximum size of plain-data message payload
+			 */
 			Genode::size_t _size;
-			char           _msg_start[];  /* symbol marks start of message buffer data */
+
+			/**
+			 * Actual size of plain-data message payload
+			 */
+			Genode::size_t _used_size;
+
+			char _msg_start[];  /* symbol marks start of message buffer data */

 			/*
 			 * No member variables are allowed beyond this point!
@@ -34,6 +54,8 @@ namespace Genode {

 			char buf[];

+			Msgbuf_base() { reset_caps(); }
+
 			/**
 			 * Return size of message buffer
 			 */
@@ -43,6 +65,36 @@ namespace Genode {
 			 * Return address of message buffer
 			 */
 			inline void *addr() { return &_msg_start[0]; };
+
+			void reset_caps() { _used_caps = 0; _read_cap_index = 0; }
+
+			bool append_cap(int cap)
+			{
+				if (_used_caps == MAX_CAPS_PER_MSG)
+					return false;
+
+				_caps[_used_caps++] = cap;
+				return true;
+			}
+
+			int read_cap()
+			{
+				if (_read_cap_index == _used_caps)
+					return -1;
+
+				return _caps[_read_cap_index++];
+			}
+
+			size_t used_caps() const { return _used_caps; }
+
+			int cap(unsigned index) const
+			{
+				return index < _used_caps ? _caps[index] : -1;
+			}
+
+			size_t used_size() const { return _used_size; }
+
+			void used_size(size_t used_size) { _used_size = used_size; }
 	};