From 9cef2280bc960933b736012a1893dcf0f0c5319e Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Wed, 16 Feb 2022 23:20:32 -0500 Subject: [PATCH 01/10] refactor: Remove unused value --- runtime/src/sandbox.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/runtime/src/sandbox.c b/runtime/src/sandbox.c index 3b41e74..cf87420 100644 --- a/runtime/src/sandbox.c +++ b/runtime/src/sandbox.c @@ -112,8 +112,7 @@ sandbox_prepare_execution_environment(struct sandbox *sandbox) { assert(sandbox != NULL); - char *error_message = ""; - uint64_t now = __getcycles(); + char *error_message = ""; int rc; From ba21a7f09c8ca6e333b026ddb6bbab7db9cfad1c Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Wed, 16 Feb 2022 23:21:03 -0500 Subject: [PATCH 02/10] fix: Use default content type if needed --- runtime/include/current_sandbox_send_response.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/runtime/include/current_sandbox_send_response.h b/runtime/include/current_sandbox_send_response.h index 2fe8c69..f8363bc 100644 --- a/runtime/include/current_sandbox_send_response.h +++ b/runtime/include/current_sandbox_send_response.h @@ -40,7 +40,7 @@ current_sandbox_send_response() sandbox->total_time = end_time - sandbox->timestamp_of.request_arrival; /* Send HTTP Response Header and Body */ - rc = http_header_200_write(sandbox->client_socket_descriptor, module_content_type, response_body_size); + rc = http_header_200_write(sandbox->client_socket_descriptor, content_type, response_body_size); if (rc < 0) goto err; rc = client_socket_send(sandbox->client_socket_descriptor, (const char *)response->buffer, response_body_size, From 5f5d99952ad5711ef9846e0b4f8f0597840d5587 Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Wed, 16 Feb 2022 23:21:40 -0500 Subject: [PATCH 03/10] fix: invalid dereference of array in memset --- runtime/include/perf_window.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/runtime/include/perf_window.h b/runtime/include/perf_window.h index 1a09015..b796fbe 100644 --- a/runtime/include/perf_window.h +++ b/runtime/include/perf_window.h @@ -21,8 +21,8 @@ perf_window_initialize(struct perf_window *perf_window) LOCK_INIT(&perf_window->lock); perf_window->count = 0; - memset(&perf_window->by_duration, 0, sizeof(struct execution_node) * PERF_WINDOW_BUFFER_SIZE); - memset(&perf_window->by_termination, 0, sizeof(uint16_t) * PERF_WINDOW_BUFFER_SIZE); + memset(perf_window->by_duration, 0, sizeof(struct execution_node) * PERF_WINDOW_BUFFER_SIZE); + memset(perf_window->by_termination, 0, sizeof(uint16_t) * PERF_WINDOW_BUFFER_SIZE); } From 32469bf1ab7fa190456a30475e5218712312c2c7 Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Wed, 16 Feb 2022 23:22:19 -0500 Subject: [PATCH 04/10] fix: state history not flexible array member --- runtime/include/sandbox_state_history.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/runtime/include/sandbox_state_history.h b/runtime/include/sandbox_state_history.h index d1d61b9..f52f5b5 100644 --- a/runtime/include/sandbox_state_history.h +++ b/runtime/include/sandbox_state_history.h @@ -18,8 +18,7 @@ static inline void sandbox_state_history_init(struct sandbox_state_history *sandbox_state_history) { #ifdef LOG_STATE_CHANGES - memset(sandbox_state_history, 0, - sizeof(struct sandbox_state_history) + SANDBOX_STATE_HISTORY_CAPACITY * sizeof(sandbox_state_t)); + memset(sandbox_state_history, 0, sizeof(struct sandbox_state_history)); #endif } From bd94d0e645496f1bd12086310fe7a55f5bbe05cb Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Wed, 16 Feb 2022 23:26:54 -0500 Subject: [PATCH 05/10] fix: Check heap allocations --- runtime/src/runtime.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/runtime/src/runtime.c b/runtime/src/runtime.c index 0637b13..b149105 100644 --- a/runtime/src/runtime.c +++ b/runtime/src/runtime.c @@ -95,9 +95,12 @@ runtime_set_resource_limits_to_max() void runtime_initialize(void) { - runtime_worker_threads = calloc(runtime_worker_threads_count, sizeof(pthread_t)); + runtime_worker_threads = calloc(runtime_worker_threads_count, sizeof(pthread_t)); + assert(runtime_worker_threads != NULL); runtime_worker_threads_argument = calloc(runtime_worker_threads_count, sizeof(int)); + assert(runtime_worker_threads_argument != NULL); runtime_worker_threads_deadline = malloc(runtime_worker_threads_count * sizeof(uint64_t)); + assert(runtime_worker_threads_deadline != NULL); memset(runtime_worker_threads_deadline, UINT8_MAX, runtime_worker_threads_count * sizeof(uint64_t)); http_total_init(); From 2c64f7ed41abdf6f2185227069fc5d1d3bc78131 Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Wed, 16 Feb 2022 23:27:07 -0500 Subject: [PATCH 06/10] refactor: Add missing header --- runtime/include/wasm_stack.h | 1 + 1 file changed, 1 insertion(+) diff --git a/runtime/include/wasm_stack.h b/runtime/include/wasm_stack.h index ce07100..2ad0e08 100644 --- a/runtime/include/wasm_stack.h +++ b/runtime/include/wasm_stack.h @@ -3,6 +3,7 @@ #include #include #include +#include #include "sandbox_types.h" #include "types.h" From d1009f498790e1c36200e4fff4135141b9928c00 Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Wed, 16 Feb 2022 23:29:36 -0500 Subject: [PATCH 07/10] fix: flipped calloc args --- runtime/include/priority_queue.h | 5 ++--- runtime/src/sledge_abi.c | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/runtime/include/priority_queue.h b/runtime/include/priority_queue.h index bdf121d..0ca9e3d 100644 --- a/runtime/include/priority_queue.h +++ b/runtime/include/priority_queue.h @@ -273,9 +273,8 @@ priority_queue_initialize(size_t capacity, bool use_lock, priority_queue_get_pri /* Add one to capacity because this data structure ignores the element at 0 */ size_t one_based_capacity = capacity + 1; - struct priority_queue *priority_queue = (struct priority_queue *)calloc(sizeof(struct priority_queue) - + sizeof(void *) * one_based_capacity, - 1); + struct priority_queue *priority_queue = (struct priority_queue *) + calloc(1, sizeof(struct priority_queue) + sizeof(void *) * one_based_capacity); /* We're assuming a min-heap implementation, so set to larget possible value */ diff --git a/runtime/src/sledge_abi.c b/runtime/src/sledge_abi.c index da82e0c..59a2785 100644 --- a/runtime/src/sledge_abi.c +++ b/runtime/src/sledge_abi.c @@ -168,7 +168,7 @@ sledge_abi__wasi_snapshot_preview1_args_get(__wasi_size_t argv_retoffset, __wasi /* args_get backings return a vector of host pointers. We need a host buffer to store this * temporarily before unswizzling and writing to linear memory */ - char **argv_temp = calloc(sizeof(char *), argc); + char **argv_temp = calloc(argc, sizeof(char *)); if (unlikely(argv_temp == NULL)) { goto done; } /* Writes argv_buf to linear memory and argv vector to our temporary buffer */ @@ -284,7 +284,7 @@ sledge_abi__wasi_snapshot_preview1_environ_get(__wasi_size_t env_retoffset, __wa * these results to environ_temp temporarily before converting to offsets and writing to * linear memory. We could technically write this to linear memory and then do a "fix up," * but this would leak host information and constitue a security issue */ - char **env_temp = calloc(sizeof(char *), envc); + char **env_temp = calloc(envc, sizeof(char *)); if (unlikely(env_temp == NULL)) { goto done; } __wasi_size_t *env_retptr = (__wasi_size_t *)get_memory_ptr_for_runtime(env_retoffset, From 2be838b11ec52d528cb02a23d7e23d18d3797332 Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Wed, 16 Feb 2022 23:38:15 -0500 Subject: [PATCH 08/10] fix: PAGE_SIZE used before defined --- runtime/include/types.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/runtime/include/types.h b/runtime/include/types.h index 4c1d80c..f2b30a9 100644 --- a/runtime/include/types.h +++ b/runtime/include/types.h @@ -4,6 +4,12 @@ #include #include +#define PAGE_SIZE (unsigned long)(1 << 12) +#define CACHE_LINE 64 +/* This might be Intel specific. ARM and x64 both have the same CACHE_LINE size, but x64 uses Intel uses a double + * cache-line as a coherency unit */ +#define CACHE_PAD (CACHE_LINE * 2) + /* For this family of macros, do NOT pass zero as the pow2 */ #define round_to_pow2(x, pow2) (((unsigned long)(x)) & (~((pow2)-1))) #define round_up_to_pow2(x, pow2) (round_to_pow2(((unsigned long)(x)) + (pow2)-1, (pow2))) @@ -15,13 +21,8 @@ #define IMPORT __attribute__((visibility("default"))) #define INLINE __attribute__((always_inline)) #define PAGE_ALIGNED __attribute__((aligned(PAGE_SIZE))) -#define PAGE_SIZE (unsigned long)(1 << 12) #define WEAK __attribute__((weak)) -#define CACHE_LINE 64 -/* This might be Intel specific. ARM and x64 both have the same CACHE_LINE size, but x64 uses Intel uses a double - * cache-line as a coherency unit */ -#define CACHE_PAD (CACHE_LINE * 2) #ifndef unlikely #define unlikely(x) __builtin_expect(!!(x), 0) From 15c6606353c75f159b4e3e0b7a2fcf14cf14fc2c Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Wed, 16 Feb 2022 23:38:52 -0500 Subject: [PATCH 09/10] refator: replace malloc with calloc --- runtime/include/vec.h | 2 +- runtime/include/wasm_table.h | 4 ++-- runtime/src/global_request_scheduler_deque.c | 2 +- runtime/src/libc/wasi_impl_serverless.c | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/runtime/include/vec.h b/runtime/include/vec.h index 2ec3bc2..b1ac877 100644 --- a/runtime/include/vec.h +++ b/runtime/include/vec.h @@ -44,7 +44,7 @@ */ \ static inline struct vec_##TYPE *vec_##TYPE##_alloc(size_t capacity) \ { \ - struct vec_##TYPE *vec = (struct vec_##TYPE *)malloc(sizeof(struct vec_##TYPE)); \ + struct vec_##TYPE *vec = (struct vec_##TYPE *)calloc(1, sizeof(struct vec_##TYPE)); \ if (vec == NULL) return vec; \ \ int rc = vec_##TYPE##_init(vec, capacity); \ diff --git a/runtime/include/wasm_table.h b/runtime/include/wasm_table.h index d9be90b..a149966 100644 --- a/runtime/include/wasm_table.h +++ b/runtime/include/wasm_table.h @@ -38,8 +38,8 @@ wasm_table_init(struct sledge_abi__wasm_table *wasm_table, size_t capacity) static INLINE struct sledge_abi__wasm_table * wasm_table_alloc(size_t capacity) { - struct sledge_abi__wasm_table *wasm_table = (struct sledge_abi__wasm_table *)malloc( - sizeof(struct sledge_abi__wasm_table)); + struct sledge_abi__wasm_table *wasm_table = (struct sledge_abi__wasm_table *) + calloc(1, sizeof(struct sledge_abi__wasm_table)); if (wasm_table == NULL) return NULL; int rc = wasm_table_init(wasm_table, capacity); diff --git a/runtime/src/global_request_scheduler_deque.c b/runtime/src/global_request_scheduler_deque.c index d850ffd..4b0d133 100644 --- a/runtime/src/global_request_scheduler_deque.c +++ b/runtime/src/global_request_scheduler_deque.c @@ -52,7 +52,7 @@ void global_request_scheduler_deque_initialize() { /* Allocate and Initialize the global deque */ - global_request_scheduler_deque = (struct deque_sandbox *)malloc(sizeof(struct deque_sandbox)); + global_request_scheduler_deque = (struct deque_sandbox *)calloc(1, sizeof(struct deque_sandbox)); assert(global_request_scheduler_deque); /* Note: Below is a Macro */ deque_init_sandbox(global_request_scheduler_deque, GLOBAL_REQUEST_SCHEDULER_DEQUE_CAPACITY); diff --git a/runtime/src/libc/wasi_impl_serverless.c b/runtime/src/libc/wasi_impl_serverless.c index 2ab6c51..373c51e 100644 --- a/runtime/src/libc/wasi_impl_serverless.c +++ b/runtime/src/libc/wasi_impl_serverless.c @@ -31,7 +31,7 @@ wasi_context_init(wasi_options_t *options) /* TODO: Add default types */ assert(options != NULL); - wasi_context_t *wasi_context = (wasi_context_t *)malloc(sizeof(wasi_context_t)); + wasi_context_t *wasi_context = (wasi_context_t *)calloc(1, sizeof(wasi_context_t)); if (options->argc > 0) { assert(options->argv != NULL); From cf2d136c818b252688f325cd6ac99766e12a4c79 Mon Sep 17 00:00:00 2001 From: Sean McBride Date: Thu, 17 Feb 2022 00:00:36 -0500 Subject: [PATCH 10/10] refactor: stack use mprotect --- runtime/include/wasm_stack.h | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/runtime/include/wasm_stack.h b/runtime/include/wasm_stack.h index 2ad0e08..dd18548 100644 --- a/runtime/include/wasm_stack.h +++ b/runtime/include/wasm_stack.h @@ -56,16 +56,18 @@ wasm_stack_init(struct wasm_stack *wasm_stack, uint64_t capacity) goto err_stack_allocation_failed; } - wasm_stack->low = (uint8_t *)mmap(wasm_stack->buffer + /* guard page */ PAGE_SIZE, capacity, - PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED, -1, 0); - if (unlikely(wasm_stack->low == MAP_FAILED)) { + wasm_stack->low = wasm_stack->buffer + /* guard page */ PAGE_SIZE; + wasm_stack->capacity = capacity; + wasm_stack->high = wasm_stack->low + capacity; + + /* Set the initial bytes to read / write */ + rc = mprotect(wasm_stack->low, capacity, PROT_READ | PROT_WRITE); + if (unlikely(rc != 0)) { perror("sandbox set stack read/write"); goto err_stack_prot_failed; } ps_list_init_d(wasm_stack); - wasm_stack->capacity = capacity; - wasm_stack->high = wasm_stack->low + capacity; rc = 0; done: