diff --git a/capio-common/capio/constants.hpp b/capio-common/capio/constants.hpp index decf5a190..33bc6e5ca 100644 --- a/capio-common/capio/constants.hpp +++ b/capio-common/capio/constants.hpp @@ -16,7 +16,7 @@ constexpr off64_t CAPIO_DEFAULT_FILE_INITIAL_SIZE = 1024L * 1024 * [[maybe_unused]] constexpr std::array CAPIO_DIR_FORBIDDEN_PATHS = { std::string_view{"/proc/"}, std::string_view{"/sys/"}, std::string_view{"/boot/"}, std::string_view{"/dev/"}, std::string_view{"/var/"}, std::string_view{"/run/"}, - std::string_view("/spack/")}; + std::string_view("/spack/"), std::string_view{"/usr/bin/"}}; // CAPIO default values for shared memory constexpr char CAPIO_DEFAULT_WORKFLOW_NAME[] = "CAPIO"; diff --git a/capio-posix/handlers/access.hpp b/capio-posix/handlers/access.hpp index 164ba6b31..fd88206d6 100644 --- a/capio-posix/handlers/access.hpp +++ b/capio-posix/handlers/access.hpp @@ -11,7 +11,7 @@ int access_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a START_LOG(tid, "call()"); if (is_forbidden_path(pathname) || !is_capio_path(pathname)) { LOG("Path %s is forbidden: skip", pathname.data()); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } std::filesystem::path path(pathname); @@ -20,7 +20,7 @@ int access_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a } consent_request_cache_fs->consent_request(path, tid, __FUNCTION__); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_access @@ -34,7 +34,7 @@ int faccessat_handler(long arg0, long arg1, long arg2, long arg3, long arg4, lon if (is_forbidden_path(pathname) || !is_capio_path(pathname)) { LOG("Path %s is forbidden or is not a capio path: skip", pathname.data()); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } std::filesystem::path path(pathname); @@ -43,23 +43,23 @@ int faccessat_handler(long arg0, long arg1, long arg2, long arg3, long arg4, lon path = capio_posix_realpath(pathname); if (path.empty()) { errno = ENONET; - return CAPIO_POSIX_SYSCALL_ERRNO; + return posix_return_value(CAPIO_POSIX_SYSCALL_ERRNO, result); } } else { if (!is_directory(dirfd)) { LOG("dirfd does not point to a directory"); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } const std::filesystem::path dir_path = get_dir_path(dirfd); if (dir_path.empty()) { - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } path = (dir_path / path).lexically_normal(); } } consent_request_cache_fs->consent_request(path, tid, __FUNCTION__); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_faccessat diff --git a/capio-posix/handlers/chdir.hpp b/capio-posix/handlers/chdir.hpp index cec94e812..d158b062e 100644 --- a/capio-posix/handlers/chdir.hpp +++ b/capio-posix/handlers/chdir.hpp @@ -16,7 +16,7 @@ int chdir_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long ar if (is_forbidden_path(pathname) || !is_capio_path(pathname)) { LOG("Path %s is forbidden: skip", pathname.data()); syscall_no_intercept_flag = false; - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } std::filesystem::path path(pathname); @@ -28,7 +28,7 @@ int chdir_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long ar syscall_no_intercept_flag = false; // if not a capio path, then control is given to kernel - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_chdir diff --git a/capio-posix/handlers/close.hpp b/capio-posix/handlers/close.hpp index d04608ecc..5ecc82fec 100644 --- a/capio-posix/handlers/close.hpp +++ b/capio-posix/handlers/close.hpp @@ -16,7 +16,7 @@ int close_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long ar delete_capio_fd(fd); } - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_close diff --git a/capio-posix/handlers/copy_file_range.hpp b/capio-posix/handlers/copy_file_range.hpp index 01e4d4fce..8b4fff5fa 100644 --- a/capio-posix/handlers/copy_file_range.hpp +++ b/capio-posix/handlers/copy_file_range.hpp @@ -19,6 +19,6 @@ int copy_file_range_handler(long arg0, long arg1, long arg2, long arg3, long arg read_request_cache_fs->read_request(path, off_in, tid, fd_in); } - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // CAPIO_COPY_FILE_RANGE_HPP \ No newline at end of file diff --git a/capio-posix/handlers/dup.hpp b/capio-posix/handlers/dup.hpp index 8ee1e1a45..18c690502 100644 --- a/capio-posix/handlers/dup.hpp +++ b/capio-posix/handlers/dup.hpp @@ -19,10 +19,9 @@ int dup_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long arg5 } dup_capio_fd(tid, fd, res, false); - *result = res; - return CAPIO_POSIX_SYSCALL_SUCCESS; + return posix_return_value(CAPIO_POSIX_SYSCALL_SUCCESS, result); } - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_dup diff --git a/capio-posix/handlers/execve.hpp b/capio-posix/handlers/execve.hpp index 47c526a70..06fa501e3 100644 --- a/capio-posix/handlers/execve.hpp +++ b/capio-posix/handlers/execve.hpp @@ -11,7 +11,7 @@ int execve_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a create_snapshot(tid); - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_execve diff --git a/capio-posix/handlers/exit.hpp b/capio-posix/handlers/exit.hpp index c966035fc..5078d10c4 100644 --- a/capio-posix/handlers/exit.hpp +++ b/capio-posix/handlers/exit.hpp @@ -38,7 +38,7 @@ int exit_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long arg syscall_no_intercept_flag = false; LOG("syscall_no_intercept_flag = false"); - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_exit || SYS_exit_group diff --git a/capio-posix/handlers/fchmod.hpp b/capio-posix/handlers/fchmod.hpp index cc9e926f5..0eba8fb5d 100644 --- a/capio-posix/handlers/fchmod.hpp +++ b/capio-posix/handlers/fchmod.hpp @@ -10,12 +10,12 @@ int fchmod_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a if (!exists_capio_fd(fd)) { LOG("Syscall refers to file not handled by capio. Skipping it!"); - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } consent_request_cache_fs->consent_request(get_capio_fd_path(fd), tid, __FUNCTION__); - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_chmod diff --git a/capio-posix/handlers/fchown.hpp b/capio-posix/handlers/fchown.hpp index b40398c0b..0d092dd4a 100644 --- a/capio-posix/handlers/fchown.hpp +++ b/capio-posix/handlers/fchown.hpp @@ -11,12 +11,12 @@ int fchown_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a if (!exists_capio_fd(fd)) { LOG("Syscall refers to file not handled by capio. Skipping it!"); - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } consent_request_cache_fs->consent_request(get_capio_fd_path(fd), tid, __FUNCTION__); - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_chown diff --git a/capio-posix/handlers/fcntl.hpp b/capio-posix/handlers/fcntl.hpp index 2780f8856..9f1e75b20 100644 --- a/capio-posix/handlers/fcntl.hpp +++ b/capio-posix/handlers/fcntl.hpp @@ -17,7 +17,7 @@ int fcntl_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long ar if (exists_capio_fd(fd)) { consent_request_cache_fs->consent_request(get_capio_fd_path(fd), tid, __FUNCTION__); } - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif diff --git a/capio-posix/handlers/fgetxattr.hpp b/capio-posix/handlers/fgetxattr.hpp index 3554d799e..8338e1d94 100644 --- a/capio-posix/handlers/fgetxattr.hpp +++ b/capio-posix/handlers/fgetxattr.hpp @@ -15,7 +15,7 @@ int fgetxattr_handler(long arg0, long arg1, long arg2, long arg3, long arg4, lon if (exists_capio_fd(fd)) { consent_request_cache_fs->consent_request(get_capio_fd_path(fd), tid, __FUNCTION__); } - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_fgetxattr diff --git a/capio-posix/handlers/fork.hpp b/capio-posix/handlers/fork.hpp index 0fbf1dbbf..f2391a118 100644 --- a/capio-posix/handlers/fork.hpp +++ b/capio-posix/handlers/fork.hpp @@ -21,7 +21,7 @@ int fork_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long arg *result = pid; } - return CAPIO_POSIX_SYSCALL_SUCCESS; + return posix_return_value(CAPIO_POSIX_SYSCALL_SUCCESS, result); } #endif // SYS_fork diff --git a/capio-posix/handlers/getcwd.hpp b/capio-posix/handlers/getcwd.hpp index 2431d73ed..169ab10a9 100644 --- a/capio-posix/handlers/getcwd.hpp +++ b/capio-posix/handlers/getcwd.hpp @@ -9,7 +9,7 @@ int getcwd_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a START_LOG(syscall_no_intercept(SYS_gettid), "call(buf=0x%08x, size=%ld)", buf, size); - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_getcwd diff --git a/capio-posix/handlers/ioctl.hpp b/capio-posix/handlers/ioctl.hpp index 86d192f7d..0033d2f66 100644 --- a/capio-posix/handlers/ioctl.hpp +++ b/capio-posix/handlers/ioctl.hpp @@ -12,7 +12,7 @@ int ioctl_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long ar if (exists_capio_fd(fd)) { consent_request_cache_fs->consent_request(get_capio_fd_path(fd), tid, __FUNCTION__); } - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_ioctl diff --git a/capio-posix/handlers/lseek.hpp b/capio-posix/handlers/lseek.hpp index 814dd6b4d..0d9716ca5 100644 --- a/capio-posix/handlers/lseek.hpp +++ b/capio-posix/handlers/lseek.hpp @@ -26,7 +26,7 @@ int lseek_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long ar set_capio_fd_offset(fd, computed_offset); } - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_lseek || SYS_llseek diff --git a/capio-posix/handlers/open.hpp b/capio-posix/handlers/open.hpp index 301231297..0f722e598 100644 --- a/capio-posix/handlers/open.hpp +++ b/capio-posix/handlers/open.hpp @@ -42,7 +42,7 @@ int creat_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long ar if (is_forbidden_path(pathname)) { LOG("Path %s is forbidden: skip", pathname.data()); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } std::string path = compute_abs_path(pathname.data(), -1); @@ -61,7 +61,6 @@ int creat_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long ar add_capio_fd(tid, path, fd, 0, (flags & O_CLOEXEC) == O_CLOEXEC); } - *result = fd; return CAPIO_POSIX_SYSCALL_SUCCESS; } #endif // SYS_creat @@ -78,7 +77,7 @@ int open_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long arg if (is_forbidden_path(pathname) || !is_capio_path(path)) { LOG("Path %s is not a capio path: skip", pathname.data()); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } std::string resolved_path = resolve_possible_symlink(path); @@ -89,7 +88,7 @@ int open_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long arg LOG("not O_CREAT"); if (open_request(-1, resolved_path.data(), tid) == 0) { LOG("File is excluded! Skipping open of file!"); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } } @@ -100,8 +99,8 @@ int open_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long arg add_capio_fd(tid, resolved_path, fd, 0, (flags & O_CLOEXEC) == O_CLOEXEC); LOG("fd=%d", fd); - *result = fd; - return CAPIO_POSIX_SYSCALL_SUCCESS; + + return posix_return_value(fd, result); } #endif // SYS_open @@ -118,7 +117,7 @@ int openat_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a std::string path = compute_abs_path(pathname.data(), dirfd); if (is_forbidden_path(pathname) || !is_capio_path(path)) { LOG("Path %s is not a capio path: skip", pathname.data()); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } std::string resolved_path = resolve_possible_symlink(path); @@ -130,7 +129,7 @@ int openat_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a LOG("not O_CREAT"); if (open_request(-1, resolved_path.data(), tid) == 0) { LOG("File is excluded! Skipping open of file!"); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } } @@ -141,8 +140,7 @@ int openat_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a LOG("Adding resolved capio path (%s)", resolved_path.c_str()); add_capio_fd(tid, resolved_path, fd, 0, (flags & O_CLOEXEC) == O_CLOEXEC); - *result = fd; - return CAPIO_POSIX_SYSCALL_SUCCESS; + return posix_return_value(fd, result); } #endif // SYS_openat diff --git a/capio-posix/handlers/read.hpp b/capio-posix/handlers/read.hpp index 65cdb2391..c397d21e2 100644 --- a/capio-posix/handlers/read.hpp +++ b/capio-posix/handlers/read.hpp @@ -45,10 +45,11 @@ int read_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long arg : capio_read_fs(fd, count, tid); LOG("read result: %ld", read_result); - return read_result; + *result = read_result; + posix_return_value(CAPIO_POSIX_SYSCALL_SUCCESS, result); } LOG("Not a CAPIO fd... skipping..."); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_read @@ -65,7 +66,7 @@ int readv_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long ar set_capio_fd_offset(fd, computed_offset); } - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_readv diff --git a/capio-posix/handlers/rename.hpp b/capio-posix/handlers/rename.hpp index 4c61e8a5d..e5d01030a 100644 --- a/capio-posix/handlers/rename.hpp +++ b/capio-posix/handlers/rename.hpp @@ -20,7 +20,7 @@ int rename_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a // TODO: The check is more complex errno = EINVAL; *result = -errno; - return CAPIO_POSIX_SYSCALL_SUCCESS; + return posix_return_value(CAPIO_POSIX_SYSCALL_SUCCESS, result); } LOG("newpath is not prefix of old"); @@ -34,7 +34,7 @@ int rename_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a rename_request(oldpath_abs, newpath_abs, tid); } - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_rename diff --git a/capio-posix/handlers/statfs.hpp b/capio-posix/handlers/statfs.hpp index 7c4488ff3..3c756dfd3 100644 --- a/capio-posix/handlers/statfs.hpp +++ b/capio-posix/handlers/statfs.hpp @@ -13,7 +13,7 @@ int fstatfs_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long if (exists_capio_fd(fd)) { consent_request_cache_fs->consent_request(get_capio_fd_path(fd), tid, __FUNCTION__); } - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_fstatfs || SYS_fstatfs64 diff --git a/capio-posix/handlers/unlink.hpp b/capio-posix/handlers/unlink.hpp index 58e5cbba1..e933f360c 100644 --- a/capio-posix/handlers/unlink.hpp +++ b/capio-posix/handlers/unlink.hpp @@ -15,7 +15,7 @@ int unlink_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a delete_capio_path(pathname.data()); } - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_unlink @@ -32,7 +32,7 @@ int unlinkat_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long delete_capio_path(path); } - return CAPIO_POSIX_SYSCALL_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } #endif // SYS_unlinkat diff --git a/capio-posix/handlers/write.hpp b/capio-posix/handlers/write.hpp index 6d2aa6702..549b65253 100644 --- a/capio-posix/handlers/write.hpp +++ b/capio-posix/handlers/write.hpp @@ -58,7 +58,7 @@ int writev_handler(long arg0, long arg1, long arg2, long arg3, long arg4, long a io_vec->iov_len, tid); if (!exists_capio_fd(fd)) { LOG("FD %d is not handled by CAPIO... skipping syscall", fd); - return CAPIO_POSIX_SYSCALL_REQUEST_SKIP; + return posix_return_value(CAPIO_POSIX_SYSCALL_REQUEST_SKIP, result); } LOG("Need to handle %ld IOVEC objects", iovcnt); diff --git a/capio-server/src/client-manager/handlers/consent.cpp b/capio-server/src/client-manager/handlers/consent.cpp index 54132c7c2..dcea79246 100644 --- a/capio-server/src/client-manager/handlers/consent.cpp +++ b/capio-server/src/client-manager/handlers/consent.cpp @@ -11,7 +11,7 @@ void consent_to_proceed_handler(const char *const str) { START_LOG(gettid(), "call(tid=%d, path=%s, source=%s)", tid, path, source_func); // Skip operations on CAPIO_DIR - if (!capio_cl_engine->contains(path)) { + if (!capio_cl_engine->contains(path) || is_forbidden_path(path)) { LOG("Ignore calls as file should not be treated by CAPIO"); client_manager->reply_to_client(tid, 1); return;