mleku/wazero
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
3cf29f9f7606c3e00ea50b267a385f6af85e6b3c
wazero/internal/syscallfs/readfs.go
Crypt Keeper 3cf29f9f76 fs: adds string for better error experience (#1042) 
This prepares for pseudo-root when the CLI doesn't provide one by
improving the error messages in general, as well being consistent about
parameter order.

Signed-off-by: Adrian Cole <adrian@tetrate.io>

Signed-off-by: Adrian Cole <adrian@tetrate.io>
2023-01-17 10:01:51 -06:00

156 lines
4.1 KiB
Go
Raw Blame History

package syscallfs
import (
"fmt"
"io"
"io/fs"
"os"
"syscall"
)
// NewReadFS is used to mask an existing FS for reads. Notably, this allows
// the CLI to do read-only mounts of directories the host user can write, but
// doesn't want the guest wasm to. For example, Python libraries shouldn't be
// written to at runtime by the python wasm file.
func NewReadFS(fs FS) FS {
if _, ok := fs.(*readFS); ok {
return fs
} else if _, ok = fs.(*adapter); ok {
return fs // fs.FS is always read-only
} else if _, ok = fs.(empty); ok {
return fs // empty is always read-only
}
return &readFS{fs}
}
type readFS struct{ fs FS }
// String implements fmt.Stringer
func (r *readFS) String() string {
return r.fs.String() + ":ro"
}
// Open implements the same method as documented on fs.FS
func (r *readFS) Open(name string) (fs.File, error) {
panic(fmt.Errorf("unexpected to call fs.FS.Open(%s)", name))
}
// GuestDir implements FS.GuestDir
func (r *readFS) GuestDir() string {
return r.fs.GuestDir()
}
// OpenFile implements FS.OpenFile
func (r *readFS) OpenFile(path string, flag int, perm fs.FileMode) (fs.File, error) {
// TODO: Once the real implementation is complete, move the below to
// /RATIONALE.md. Doing this while the type is unstable creates
// documentation drift as we expect a lot of reshaping meanwhile.
//
// Callers of this function expect to either open a valid file handle, or
// get an error, if they can't. We want to return ENOSYS if opened for
// anything except reads.
//
// Instead, we could return a fake no-op file on O_WRONLY. However, this
// hurts observability because a later write error to that file will be on
// a different source code line than the root cause which is opening with
// an unsupported flag.
//
// The tricky part is os.RD_ONLY is typically defined as zero, so while the
// parameter is named flag, the part about opening read vs write isn't a
// typical bitflag. We can't compare against zero anyway, because even if
// there isn't a current flag to OR in with that, there may be in the
// future. What we do instead is mask the flags about read/write mode and
// check if they are the opposite of read or not.
switch flag & (os.O_RDONLY | os.O_WRONLY | os.O_RDWR) {
case os.O_WRONLY, os.O_RDWR:
return nil, syscall.ENOSYS
default: // os.O_RDONLY so we are ok!
}
f, err := r.fs.OpenFile(path, flag, perm)
if err != nil {
return nil, err
}
return maskForReads(f), nil
}
// maskForReads masks the file with read-only interfaces used by wazero.
//
// This technique was adapted from similar code in zipkin-go.
func maskForReads(f fs.File) fs.File {
// The below are the types wazero casts into.
// Note: os.File implements this even for normal files.
d, i0 := f.(fs.ReadDirFile)
ra, i1 := f.(io.ReaderAt)
s, i2 := f.(io.Seeker)
// Wrap any combination of the types above.
switch {
case !i0 && !i1 && !i2: // 0, 0, 0
return struct{ fs.File }{f}
case !i0 && !i1 && i2: // 0, 0, 1
return struct {
fs.File
io.Seeker
}{f, s}
case !i0 && i1 && !i2: // 0, 1, 0
return struct {
fs.File
io.ReaderAt
}{f, ra}
case !i0 && i1 && i2: // 0, 1, 1
return struct {
fs.File
io.ReaderAt
io.Seeker
}{f, ra, s}
case i0 && !i1 && !i2: // 1, 0, 0
return struct {
fs.ReadDirFile
}{d}
case i0 && !i1 && i2: // 1, 0, 1
return struct {
fs.ReadDirFile
io.Seeker
}{d, s}
case i0 && i1 && !i2: // 1, 1, 0
return struct {
fs.ReadDirFile
io.ReaderAt
}{d, ra}
case i0 && i1 && i2: // 1, 1, 1
return struct {
fs.ReadDirFile
io.ReaderAt
io.Seeker
}{d, ra, s}
default:
panic("BUG: unhandled pattern")
}
}
// Mkdir implements FS.Mkdir
func (r *readFS) Mkdir(path string, perm fs.FileMode) error {
return syscall.ENOSYS
}
// Rename implements FS.Rename
func (r *readFS) Rename(from, to string) error {
return syscall.ENOSYS
}
// Rmdir implements FS.Rmdir
func (r *readFS) Rmdir(path string) error {
return syscall.ENOSYS
}
// Unlink implements FS.Unlink
func (r *readFS) Unlink(path string) error {
return syscall.ENOSYS
}
// Utimes implements FS.Utimes
func (r *readFS) Utimes(path string, atimeNsec, mtimeNsec int64) error {
return syscall.ENOSYS
}
Reference in New Issue View Git Blame Copy Permalink