-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add full arm64/aarch64 support #7
base: master
Are you sure you want to change the base?
Conversation
Hi! Thanks for the PR - I'll try to take a look at it in the next few days. I haven't really touched this project much since starting a new job last year so it might take me a bit to figure everything out. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for taking so long to review!
In short:
- I'd prefer the PR without any of the formatting if possible
- I don't think the current approach is the right one - it would be too easy for the different arches to get out of sync with each other
- If you want to try the approach I outlined in one of the comments let me know if you have any questions!
Thanks again for taking the time to make the PR.
.vscode/settings.json
Outdated
@@ -0,0 +1,3 @@ | |||
{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would prefer not to have this checked in - is it not possible to configure vscode in your home directory or something?
examples/time.rs
Outdated
.allow_gettime() | ||
).unwrap() | ||
.apply_to_current_thread().unwrap(); | ||
.enable(Time::nothing().allow_gettime()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it was the stuff like this that made me not want to format. This could be resolved by putting the RuleSet instance in its own variable I guess.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also putting unwrap() at the same indentation as the "real" functions being called is a bit annoying as well.
src/aarch64.rs
Outdated
@@ -0,0 +1,210 @@ | |||
use libseccomp::*; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think having two copies of the source code is the way to implement multi-arch support, and I don't think I can accept this PR as-is.
I think there's probably a way to make Rule generic over syscall types, but this is hampered by the fact that Sysno is an enum in an external crate.
Probably doing something like
pub struct X86_64Sysno {
pub sysno: syscalls::x86_64::Sysno
}
pub struct AArchSysno { ... }
trait ESSysno { /* maybe a get_sysno() here or something */}
impl ESSysno for X86_64Sysno {}
impl ESSysno for AArch64Sysno {}
pub struct Rule<S: ESSysno>
would work. I'm not sure whether sealing the trait would be the right thing to do or not, would have to think about it.
@boustrophedon Cann you have a look at this reimplementation? The actual changes are just This now implements both RISC-V and arm64 with a compile-time check that disables/enables certain syscalls for certain architectures. Features are used so we can In addition, I added the |
This reverts commit 9de68ea.
build.rs
Outdated
@@ -0,0 +1,12 @@ | |||
fn main() { | |||
// prefer method A if both method A and B are selected | |||
if cfg!(feature = "__aarch64") || cfg!(target_arch = "aarch64") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't understand why we need separate features for arm and riscv in addition to the existing target_arch config.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added these for easier compile-checking. This means I can just do cargo check --feature=__aarch64
to check if the code would compile on aarch64 without installing a target toolchain.
Makefile
Outdated
@@ -1,18 +1,26 @@ | |||
build: | |||
cargo build --all-features |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems like these got changed because of the new "enabled_arch" below.
Hi! Thanks for working on this. I think it looks better than the original PR but the underlying issue here is twofold: One, seccompiler doesn't support riscv. Two, I see that you added support for cross-compiling, but I'm not comfortable with releasing the code without it actually running in CI. See issue #35 if you want to discuss working on it there |
Right, I didn't check for that because it was not used when I made my initial implementation.
Would qemu be okay for that? |
Another thing I could do would be to remove RISC-V and set up a aarch64 VM you can use as actions runner (and then deal with RISC-V later). If you want, I can also remove the extra stuff from |
If you can get qemu running in github actions in a reasonable amount of time (I mean CI runtime) that would be awesome. If not we can try exploring something like buildkite. |
Let me know when you're ready for review but I also noticed that someone has a PR open in seccompiler for riscv. |
The code itself is ready for review, but CI implementation is not finished yet. I also saw that PR, but I think just merging arm64 is easier and then dealing with RISC-V later. |
Okay. I think if we are going to plan to support riscv though it might be easier to try out buildkite or similar. Looking at seccompiler's setup it seems a lot simpler than having to deal with running qemu via Github Actions' yaml. We could have the regular x86_64 tests and lints etc run in github actions and then an extra step to just run the tests with arm and riscv via buildkite. I'm currently working on a user namespace-based isolation api for extrasafe but I can work on the buildkite stuff probably later in the week if you want to continue on the qemu side.
agreed. |
Is this ready for review? I just released 0.5.0 with the user namespaces stuff I mentioned so you'll have to rebase |
I merged the new branch, but there are still some fixes needed for the CI. |
There's no rush or anything, I just wasn't sure if you were blocked on me. Thanks again for working on this! |
This adds full arm64 support.
I implemented this as a feature flag, so you can easily test if it compiles by just passing
--all-features
to cargo.ARM64 is missing a few syscalls that have been deprecated (I could not find details about this, but got this information from https://chromium.googlesource.com/linux-syscall-support/+/2f724fced658cd6182096c615efdf3767b7c57fe%5E%21/), I removed them from the code.
I also ran
cargo fmt
andcargo clippy
to fix issues. This changed formatting of unchanged code because the default rules changed since the last commit. Please let me know if I should revert that.