Skip to content

Latest commit

 

History

History
3187 lines (1843 loc) · 113 KB

cloudabi.md

File metadata and controls

3187 lines (1843 loc) · 113 KB

NOTE: This project is unmaintained

CloudABI is no longer being maintained. It was an awesome experiment, but it never got enough traction to be sustainable. If you like the idea behind CloudABI, please consider looking into the WebAssembly System Interface (WASI). WASI's design has been inspired by CloudABI.

The author of CloudABI (Ed Schouten) would like to thank all of the people who contributed to this project. Let's hope CloudABI lives on in spirit and influences the way software is designed in the future!

Nuxi CloudABI

CloudABI is what you get if you take POSIX, add capability-based security, and remove everything that's incompatible with that. The result is a minimal ABI consisting of only 49 syscalls.

CloudABI doesn't have its own kernel, but instead is implemented in existing kernels: FreeBSD has CloudABI support for x86-64 and arm64, and a patch-set for NetBSD and a patch-set for Linux are available as well. This means that CloudABI binaries can be executed on different operating systems, without any modification.

Capability-Based Security

Capability-based security means that processes can only perform actions that have no global impact. Processes cannot open files by their absolute path, cannot open network connections, and cannot observe global system state such as the process table.

The capabilities of a process are fully determined by its set of open file descriptors (fds). For example, files can only be opened if the process already has a file descriptor to a directory the file is in.

Unlike in POSIX, where processes are normally started with file descriptors 0, 1, and 2 reserved for standard input, output, and error, CloudABI does not reserve any file descriptor numbers for specific purposes.

In CloudABI, a process depends on its parent process to launch it with the right set of resources, since the process will not be able to open any new resources. For example, a simple static web server would need to be started with a file descriptor to a TCP listener, and a file descriptor to the directory for which to serve files. The web server will then be unable to do anything other than reading files in that directory, and process incoming network connections.

So, unknown CloudABI binaries can safely be executed without the need for containers, virtual machines, or other sandboxing technologies.

Watch Ed Schouten's Talk at 32C3 for more information about what capability-based security for UNIX means.

Cloudlibc

Cloudlibc is an implementation of the C standard library, without all CloudABI-incompatible functions. For example, Cloudlibc does not have printf, but does have fprintf. It does not have open, but does have openat.

CloudABI-Ports

CloudABI-Ports is a collection of ports of commonly used libraries and applications to CloudABI. It contains software such as zlib, libpng, boost, memcached, and much more. The software is patched to not depend on any global state, such as files in /etc or /dev, using open(), etc.

Using CloudABI

Instructions for using CloudABI (including kernel modules/patches, toolchain, and ports) are available for several operating systems:

Specification of the ABI

The entire ABI is specified in a file called cloudabi.txt, from which all headers and documentation (including the one you're reading now) is generated.

System calls

cloudabi_sys_clock_res_get()

Obtains the resolution of a clock.

Inputs:

Outputs:

cloudabi_sys_clock_time_get()

Obtains the time value of a clock.

Inputs:

  • cloudabi_clockid_t clock_id

    The clock for which the time needs to be returned.

  • cloudabi_timestamp_t precision

    The maximum lag (exclusive) that the returned time value may have, compared to its actual value.

Outputs:

cloudabi_sys_condvar_signal()

Wakes up threads waiting on a userspace condition variable.

If an invocation of this system call causes all waiting threads to be woken up, the value of the condition variable is set to CLOUDABI_CONDVAR_HAS_NO_WAITERS. As long as the condition variable is set to this value, it is not needed to invoke this system call.

Inputs:

  • _Atomic(cloudabi_condvar_t) *condvar

    The userspace condition variable that has waiting threads.

  • cloudabi_scope_t scope

    Whether the condition variable is stored in private or shared memory.

  • cloudabi_nthreads_t nwaiters

    The number of threads that need to be woken up. If it exceeds the number of waiting threads, all threads are woken up.

cloudabi_sys_fd_close()

Closes a file descriptor.

Inputs:

cloudabi_sys_fd_create1()

Creates a file descriptor.

Inputs:

Outputs:

cloudabi_sys_fd_create2()

Creates a pair of file descriptors.

Inputs:

Outputs:

cloudabi_sys_fd_datasync()

Synchronizes the data of a file to disk.

Inputs:

  • cloudabi_fd_t fd

    The file descriptor of the file whose data needs to be synchronized to disk.

cloudabi_sys_fd_dup()

Duplicates a file descriptor.

Inputs:

  • cloudabi_fd_t from

    The file descriptor that needs to be duplicated.

Outputs:

cloudabi_sys_fd_pread()

Reads from a file descriptor, without using and updating the file descriptor's offset.

Inputs:

  • cloudabi_fd_t fd

    The file descriptor from which data should be read.

  • const cloudabi_iovec_t *iovs and size_t iovs_len

    List of scatter/gather vectors where data should be stored.

  • cloudabi_filesize_t offset

    The offset within the file at which reading should start.

Outputs:

  • size_t nread

    The number of bytes read.

cloudabi_sys_fd_pwrite()

Writes to a file descriptor, without using and updating the file descriptor's offset.

Inputs:

  • cloudabi_fd_t fd

    The file descriptor to which data should be written.

  • const cloudabi_ciovec_t *iovs and size_t iovs_len

    List of scatter/gather vectors where data should be retrieved.

  • cloudabi_filesize_t offset

    The offset within the file at which writing should start.

Outputs:

  • size_t nwritten

    The number of bytes written.

cloudabi_sys_fd_read()

Reads from a file descriptor.

Inputs:

  • cloudabi_fd_t fd

    The file descriptor from which data should be read.

  • const cloudabi_iovec_t *iovs and size_t iovs_len

    List of scatter/gather vectors where data should be stored.

Outputs:

  • size_t nread

    The number of bytes read.

cloudabi_sys_fd_replace()

Atomically replaces a file descriptor by a copy of another file descriptor.

Due to the strong focus on thread safety, this environment does not provide a mechanism to duplicate a file descriptor to an arbitrary number, like dup2(). This would be prone to race conditions, as an actual file descriptor with the same number could be allocated by a different thread at the same time.

This system call provides a way to atomically replace file descriptors, which would disappear if dup2() were to be removed entirely.

Inputs:

  • cloudabi_fd_t from

    The file descriptor that needs to be copied.

  • cloudabi_fd_t to

    The file descriptor that needs to be overwritten.

cloudabi_sys_fd_seek()

Moves the offset of the file descriptor.

Inputs:

Outputs:

  • cloudabi_filesize_t newoffset

    The new offset of the file descriptor, relative to the start of the file.

cloudabi_sys_fd_stat_get()

Gets attributes of a file descriptor.

Inputs:

  • cloudabi_fd_t fd

    The file descriptor whose attributes have to be obtained.

  • cloudabi_fdstat_t *buf

    The buffer where the file descriptor's attributes are stored.

cloudabi_sys_fd_stat_put()

Adjusts attributes of a file descriptor.

Inputs:

  • cloudabi_fd_t fd

    The file descriptor whose attributes have to be adjusted.

  • const cloudabi_fdstat_t *buf

    The desired values of the file descriptor attributes that are adjusted.

  • cloudabi_fdsflags_t flags

    A bitmask indicating which attributes have to be adjusted.

cloudabi_sys_fd_sync()

Synchronizes the data and metadata of a file to disk.

Inputs:

  • cloudabi_fd_t fd

    The file descriptor of the file whose data and metadata needs to be synchronized to disk.

cloudabi_sys_fd_write()

Writes to a file descriptor.

Inputs:

  • cloudabi_fd_t fd

    The file descriptor to which data should be written.

  • const cloudabi_ciovec_t *iovs and size_t iovs_len

    List of scatter/gather vectors where data should be retrieved.

Outputs:

  • size_t nwritten

    The number of bytes written.

cloudabi_sys_file_advise()

Provides file advisory information on a file descriptor.

Inputs:

cloudabi_sys_file_allocate()

Forces the allocation of space in a file.

Inputs:

cloudabi_sys_file_create()

Creates a file of a specified type.

Inputs:

cloudabi_sys_file_link()

Creates a hard link.

Inputs:

  • cloudabi_lookup_t fd1

    The working directory at which the resolution of the source path starts.

  • const char *path1 and size_t path1_len

    The source path of the file that should be hard linked.

  • cloudabi_fd_t fd2

    The working directory at which the resolution of the destination path starts.

  • const char *path2 and size_t path2_len

    The destination path at which the hard link should be created.

cloudabi_sys_file_open()

Opens a file.

Inputs:

Outputs:

  • cloudabi_fd_t fd

    The file descriptor of the file that has been opened.

cloudabi_sys_file_readdir()

Reads directory entries from a directory.

When successful, the contents of the output buffer consist of a sequence of directory entries. Each directory entry consists of a cloudabi_dirent_t object, followed by cloudabi_dirent_t::d_namlen bytes holding the name of the directory entry.

This system call fills the output buffer as much as possible, potentially truncating the last directory entry. This allows the caller to grow its read buffer size in case it's too small to fit a single large directory entry, or skip the oversized directory entry.

Inputs:

  • cloudabi_fd_t fd

    The directory from which to read the directory entries.

  • void *buf and size_t buf_len

    The buffer where directory entries are stored.

  • cloudabi_dircookie_t cookie

    The location within the directory to start reading.

Outputs:

  • size_t bufused

    The number of bytes stored in the read buffer. If less than the size of the read buffer, the end of the directory has been reached.

cloudabi_sys_file_readlink()

Reads the contents of a symbolic link.

Inputs:

  • cloudabi_fd_t fd

    The working directory at which the resolution of the path of the symbolic starts.

  • const char *path and size_t path_len

    The path of the symbolic link whose contents should be read.

  • char *buf and size_t buf_len

    The buffer where the contents of the symbolic link should be stored.

Outputs:

  • size_t bufused

    The number of bytes placed in the buffer.

cloudabi_sys_file_rename()

Renames a file.

Inputs:

  • cloudabi_fd_t fd1

    The working directory at which the resolution of the source path starts.

  • const char *path1 and size_t path1_len

    The source path of the file that should be renamed.

  • cloudabi_fd_t fd2

    The working directory at which the resolution of the destination path starts.

  • const char *path2 and size_t path2_len

    The destination path to which the file should be renamed.

cloudabi_sys_file_stat_fget()

Gets attributes of a file by file descriptor.

Inputs:

cloudabi_sys_file_stat_fput()

Adjusts attributes of a file by file descriptor.

Inputs:

  • cloudabi_fd_t fd

    The file descriptor whose attributes have to be adjusted.

  • const cloudabi_filestat_t *buf

    The desired values of the file attributes that are adjusted.

  • cloudabi_fsflags_t flags

    A bitmask indicating which attributes have to be adjusted.

cloudabi_sys_file_stat_get()

Gets attributes of a file by path.

Inputs:

  • cloudabi_lookup_t fd

    The working directory at which the resolution of the path whose attributes have to be obtained starts.

  • const char *path and size_t path_len

    The path of the file whose attributes have to be obtained.

  • cloudabi_filestat_t *buf

    The buffer where the file's attributes are stored.

cloudabi_sys_file_stat_put()

Adjusts attributes of a file by path.

Inputs:

  • cloudabi_lookup_t fd

    The working directory at which the resolution of the path whose attributes have to be adjusted starts.

  • const char *path and size_t path_len

    The path of the file whose attributes have to be adjusted.

  • const cloudabi_filestat_t *buf

    The desired values of the file attributes that are adjusted.

  • cloudabi_fsflags_t flags

    A bitmask indicating which attributes have to be adjusted.

cloudabi_sys_file_symlink()

Creates a symbolic link.

Inputs:

  • const char *path1 and size_t path1_len

    The contents of the symbolic link.

  • cloudabi_fd_t fd

    The working directory at which the resolution of the destination path starts.

  • const char *path2 and size_t path2_len

    The destination path at which the symbolic link should be created.

cloudabi_sys_file_unlink()

Unlinks a file, or removes a directory.

Inputs:

  • cloudabi_fd_t fd

    The working directory at which the resolution of the path starts.

  • const char *path and size_t path_len

    The path that needs to be unlinked or removed.

  • cloudabi_ulflags_t flags

    Possible values:

cloudabi_sys_lock_unlock()

Unlocks a write-locked userspace lock.

If a userspace lock is unlocked while having its CLOUDABI_LOCK_KERNEL_MANAGED flag set, the lock cannot be unlocked in userspace directly. This system call needs to be performed instead, so that any waiting threads can be woken up.

To prevent spurious invocations of this system call, the lock must be locked for writing. This prevents other threads from acquiring additional read locks while the system call is in progress. If the lock is acquired for reading, it must first be upgraded to a write lock.

Inputs:

  • _Atomic(cloudabi_lock_t) *lock

    The userspace lock that is locked for writing by the calling thread.

  • cloudabi_scope_t scope

    Whether the lock is stored in private or shared memory.

cloudabi_sys_mem_advise()

Provides memory advisory information on a region of memory.

Inputs:

  • void *mapping and size_t mapping_len

    The pages for which to provide memory advisory information.

  • cloudabi_advice_t advice

    The advice.

cloudabi_sys_mem_map()

Creates a memory mapping, making the contents of a file accessible through memory.

Inputs:

Outputs:

  • void *mem

    The starting address of the memory mapping.

cloudabi_sys_mem_protect()

Change the protection of a memory mapping.

Inputs:

  • void *mapping and size_t mapping_len

    The pages that need their protection changed.

  • cloudabi_mprot_t prot

    New protection options.

cloudabi_sys_mem_sync()

Synchronize a region of memory with its physical storage.

Inputs:

  • void *mapping and size_t mapping_len

    The pages that need to be synchronized.

  • cloudabi_msflags_t flags

    The method of synchronization.

cloudabi_sys_mem_unmap()

Unmaps a region of memory.

Inputs:

  • void *mapping and size_t mapping_len

    The pages that needs to be unmapped.

cloudabi_sys_poll()

Concurrently polls for the occurrence of a set of events.

Inputs:

Outputs:

  • size_t nevents

    The number of events stored.

cloudabi_sys_proc_exec()

Replaces the process by a new executable.

Process execution in CloudABI differs from POSIX in two ways: handling of arguments and inheritance of file descriptors.

CloudABI does not use string command line arguments. Instead, a buffer with binary data is copied into the address space of the new executable. The kernel does not enforce any specific structure to this data, although CloudABI's C library uses it to store a tree structure that is semantically identical to YAML.

Due to the strong focus on thread safety, file descriptors aren't inherited through close-on-exec flags. An explicit list of file descriptors that need to be retained needs to be provided. After execution, file descriptors are placed in the order in which they are stored in the array. This not only makes the execution process deterministic. It also prevents potential information disclosures about the layout of the original process.

Inputs:

  • cloudabi_fd_t fd

    A file descriptor of the new executable.

  • const void *data and size_t data_len

    Binary argument data that is passed on to the new executable.

  • const cloudabi_fd_t *fds and size_t fds_len

    The layout of the file descriptor table after execution.

cloudabi_sys_proc_exit()

Terminates the process normally.

Inputs:

Does not return.

cloudabi_sys_proc_fork()

Forks the process of the calling thread.

After forking, a new process shall be created, having only a copy of the calling thread. The parent process will obtain a process descriptor. When closed, the child process is automatically signaled with CLOUDABI_SIGKILL.

Outputs:

  • cloudabi_fd_t fd

    In the parent process: the file descriptor number of the process descriptor.

    In the child process: CLOUDABI_PROCESS_CHILD.

  • cloudabi_tid_t tid

    In the parent process: undefined.

    In the child process: the thread ID of the initial thread of the child process.

cloudabi_sys_proc_raise()

Sends a signal to the process of the calling thread.

Inputs:

cloudabi_sys_random_get()

Obtains random data from the kernel random number generator.

As this interface is not guaranteed to be fast, it is advised that the random data obtained through this system call is used as the seed for a userspace pseudo-random number generator.

Inputs:

  • void *buf and size_t buf_len

    The buffer that needs to be filled with random data.

cloudabi_sys_sock_recv()

Receives a message on a socket.

Inputs:

cloudabi_sys_sock_send()

Sends a message on a socket.

Inputs:

cloudabi_sys_sock_shutdown()

Shuts down socket send and receive channels.

Inputs:

cloudabi_sys_thread_create()

Creates a new thread within the current process.

Inputs:

Outputs:

cloudabi_sys_thread_exit()

Terminates the calling thread.

This system call can also unlock a single userspace lock after termination, which can be used to implement thread joining.

Inputs:

  • _Atomic(cloudabi_lock_t) *lock

    Userspace lock that is locked for writing by the calling thread.

  • cloudabi_scope_t scope

    Whether the lock is stored in private or shared memory.

Does not return.

cloudabi_sys_thread_yield()

Temporarily yields execution of the calling thread.

Types

cloudabi_advice_t (uint8_t)

File or memory access pattern advisory information.

Used by cloudabi_sys_file_advise() and cloudabi_sys_mem_advise().

Possible values:

  • CLOUDABI_ADVICE_DONTNEED

    The application expects that it will not access the specified data in the near future.

  • CLOUDABI_ADVICE_NOREUSE

    The application expects to access the specified data once and then not reuse it thereafter.

  • CLOUDABI_ADVICE_NORMAL

    The application has no advice to give on its behavior with respect to the specified data.

  • CLOUDABI_ADVICE_RANDOM

    The application expects to access the specified data in a random order.

  • CLOUDABI_ADVICE_SEQUENTIAL

    The application expects to access the specified data sequentially from lower offsets to higher offsets.

  • CLOUDABI_ADVICE_WILLNEED

    The application expects to access the specified data in the near future.

cloudabi_auxtype_t (uint32_t)

Enumeration describing the kind of value stored in cloudabi_auxv_t.

Possible values:

  • CLOUDABI_AT_ARGDATA

    Base address of the binary argument data provided to cloudabi_sys_proc_exec().

  • CLOUDABI_AT_ARGDATALEN

    Length of the binary argument data provided to cloudabi_sys_proc_exec().

  • CLOUDABI_AT_BASE

    Base address at which the executable is placed in memory.

  • CLOUDABI_AT_CANARY

    Base address of a buffer of random data that may be used for non-cryptographic purposes, for example as a canary for stack smashing protection.

  • CLOUDABI_AT_CANARYLEN

    Length of a buffer of random data that may be used for non-cryptographic purposes, for example as a canary for stack smashing protection.

  • CLOUDABI_AT_NCPUS

    Number of CPUs that the system this process is running on has.

  • CLOUDABI_AT_NULL

    Terminator of the auxiliary vector.

  • CLOUDABI_AT_PAGESZ

    Smallest memory object size for which individual memory protection controls can be configured.

  • CLOUDABI_AT_PHDR

    Address of the first ELF program header of the executable.

  • CLOUDABI_AT_PHNUM

    Number of ELF program headers of the executable.

  • CLOUDABI_AT_PID

    Identifier of the process.

    This environment does not provide any simple numerical process identifiers, for the reason that these are not useful in distributed contexts. Instead, processes are identified by a UUID.

    This record should point to sixteen bytes of binary data, containing a version 4 UUID (fully random).

  • CLOUDABI_AT_SYSINFO_EHDR

    Address of the ELF header of the vDSO.

    The vDSO is a shared library that is mapped in the address space of the process. It provides entry points for every system call supported by the environment, all having a corresponding symbol that is prefixed with cloudabi_sys_. System calls should be invoked through these entry points.

    The first advantage of letting processes call into a vDSO to perform system calls instead of raising hardware traps is that it allows for easy emulation of executables on top of existing operating systems. The second advantage is that in cases where an operating system provides native support for CloudABI executables, it may still implement partial userspace implementations of these system calls to improve performance (e.g., cloudabi_sys_clock_time_get()). It also provides a more dynamic way of adding, removing or replacing system calls.

  • CLOUDABI_AT_TID

    Thread ID of the initial thread of the process.

cloudabi_auxv_t (struct)

Auxiliary vector entry.

The auxiliary vector is a list of key-value pairs that is provided to the process on startup. Unlike structures, it is extensible, as it is possible to add new records later on. The auxiliary vector is always terminated by an entry having type CLOUDABI_AT_NULL.

The auxiliary vector is part of the x86-64 ABI, but is used by this environment on all architectures.

Used by cloudabi_processentry_t.

Members:

cloudabi_ciovec_t (struct)

A region of memory for scatter/gather writes.

Used by cloudabi_send_in_t, cloudabi_sys_fd_pwrite(), and cloudabi_sys_fd_write().

Members:

  • const void *buf and size_t buf_len

    The address and length of the buffer to be written.

cloudabi_clockid_t (uint32_t)

Identifiers for clocks.

Used by cloudabi_subscription_t, cloudabi_sys_clock_res_get(), and cloudabi_sys_clock_time_get().

Possible values:

  • CLOUDABI_CLOCK_MONOTONIC

    The system-wide monotonic clock, which is defined as a clock measuring real time, whose value cannot be adjusted and which cannot have negative clock jumps.

    The epoch of this clock is undefined. The absolute time value of this clock therefore has no meaning.

  • CLOUDABI_CLOCK_PROCESS_CPUTIME_ID

    The CPU-time clock associated with the current process.

  • CLOUDABI_CLOCK_REALTIME

    The system-wide clock measuring real time. Time value zero corresponds with 1970-01-01T00:00:00Z.

  • CLOUDABI_CLOCK_THREAD_CPUTIME_ID

    The CPU-time clock associated with the current thread.

cloudabi_condvar_t (uint32_t)

A userspace condition variable.

Used by cloudabi_subscription_t and cloudabi_sys_condvar_signal().

Special values:

  • CLOUDABI_CONDVAR_HAS_NO_WAITERS

    The condition variable is in its initial state. There are no threads waiting to be woken up. If the condition variable has any other value, the kernel must be called to wake up any sleeping threads.

cloudabi_device_t (uint64_t)

Identifier for a device containing a file system. Can be used in combination with cloudabi_inode_t to uniquely identify a file on the local system.

Used by cloudabi_filestat_t.

cloudabi_dircookie_t (uint64_t)

A reference to the offset of a directory entry.

Used by cloudabi_dirent_t and cloudabi_sys_file_readdir().

Special values:

  • CLOUDABI_DIRCOOKIE_START

    Permanent reference to the first directory entry within a directory.

cloudabi_dirent_t (struct)

A directory entry.

Members:

  • cloudabi_dircookie_t d_next

    The offset of the next directory entry stored in this directory.

  • cloudabi_inode_t d_ino

    The serial number of the file referred to by this directory entry.

  • uint32_t d_namlen

    The length of the name of the directory entry.

  • cloudabi_filetype_t d_type

    The type of the file referred to by this directory entry.

cloudabi_errno_t (uint16_t)

Error codes returned by system calls.

Not all of these error codes are returned by the system calls provided by this environment, but are either used in userspace exclusively or merely provided for alignment with POSIX.

Used by cloudabi_event_t.

Possible values:

  • CLOUDABI_ESUCCESS

    No error occurred. System call completed successfully.

  • CLOUDABI_E2BIG

    Argument list too long.

  • CLOUDABI_EACCES

    Permission denied.

  • CLOUDABI_EADDRINUSE

    Address in use.

  • CLOUDABI_EADDRNOTAVAIL

    Address not available.

  • CLOUDABI_EAFNOSUPPORT

    Address family not supported.

  • CLOUDABI_EAGAIN

    Resource unavailable, or operation would block.

  • CLOUDABI_EALREADY

    Connection already in progress.

  • CLOUDABI_EBADF

    Bad file descriptor.

  • CLOUDABI_EBADMSG

    Bad message.

  • CLOUDABI_EBUSY

    Device or resource busy.

  • CLOUDABI_ECANCELED

    Operation canceled.

  • CLOUDABI_ECHILD

    No child processes.

  • CLOUDABI_ECONNABORTED

    Connection aborted.

  • CLOUDABI_ECONNREFUSED

    Connection refused.

  • CLOUDABI_ECONNRESET

    Connection reset.

  • CLOUDABI_EDEADLK

    Resource deadlock would occur.

  • CLOUDABI_EDESTADDRREQ

    Destination address required.

  • CLOUDABI_EDOM

    Mathematics argument out of domain of function.

  • CLOUDABI_EDQUOT

    Reserved.

  • CLOUDABI_EEXIST

    File exists.

  • CLOUDABI_EFAULT

    Bad address.

  • CLOUDABI_EFBIG

    File too large.

  • CLOUDABI_EHOSTUNREACH

    Host is unreachable.

  • CLOUDABI_EIDRM

    Identifier removed.

  • CLOUDABI_EILSEQ

    Illegal byte sequence.

  • CLOUDABI_EINPROGRESS

    Operation in progress.

  • CLOUDABI_EINTR

    Interrupted function.

  • CLOUDABI_EINVAL

    Invalid argument.

  • CLOUDABI_EIO

    I/O error.

  • CLOUDABI_EISCONN

    Socket is connected.

  • CLOUDABI_EISDIR

    Is a directory.

  • CLOUDABI_ELOOP

    Too many levels of symbolic links.

  • CLOUDABI_EMFILE

    File descriptor value too large.

  • CLOUDABI_EMLINK

    Too many links.

  • CLOUDABI_EMSGSIZE

    Message too large.

  • CLOUDABI_EMULTIHOP

    Reserved.

  • CLOUDABI_ENAMETOOLONG

    Filename too long.

  • CLOUDABI_ENETDOWN

    Network is down.

  • CLOUDABI_ENETRESET

    Connection aborted by network.

  • CLOUDABI_ENETUNREACH

    Network unreachable.

  • CLOUDABI_ENFILE

    Too many files open in system.

  • CLOUDABI_ENOBUFS

    No buffer space available.

  • CLOUDABI_ENODEV

    No such device.

  • CLOUDABI_ENOENT

    No such file or directory.

  • CLOUDABI_ENOEXEC

    Executable file format error.

  • CLOUDABI_ENOLCK

    No locks available.

  • CLOUDABI_ENOLINK

    Reserved.

  • CLOUDABI_ENOMEM

    Not enough space.

  • CLOUDABI_ENOMSG

    No message of the desired type.

  • CLOUDABI_ENOPROTOOPT

    Protocol not available.

  • CLOUDABI_ENOSPC

    No space left on device.

  • CLOUDABI_ENOSYS

    Function not supported.

  • CLOUDABI_ENOTCONN

    The socket is not connected.

  • CLOUDABI_ENOTDIR

    Not a directory or a symbolic link to a directory.

  • CLOUDABI_ENOTEMPTY

    Directory not empty.

  • CLOUDABI_ENOTRECOVERABLE

    State not recoverable.

  • CLOUDABI_ENOTSOCK

    Not a socket.

  • CLOUDABI_ENOTSUP

    Not supported, or operation not supported on socket.

  • CLOUDABI_ENOTTY

    Inappropriate I/O control operation.

  • CLOUDABI_ENXIO

    No such device or address.

  • CLOUDABI_EOVERFLOW

    Value too large to be stored in data type.

  • CLOUDABI_EOWNERDEAD

    Previous owner died.

  • CLOUDABI_EPERM

    Operation not permitted.

  • CLOUDABI_EPIPE

    Broken pipe.

  • CLOUDABI_EPROTO

    Protocol error.

  • CLOUDABI_EPROTONOSUPPORT

    Protocol not supported.

  • CLOUDABI_EPROTOTYPE

    Protocol wrong type for socket.

  • CLOUDABI_ERANGE

    Result too large.

  • CLOUDABI_EROFS

    Read-only file system.

  • CLOUDABI_ESPIPE

    Invalid seek.

  • CLOUDABI_ESRCH

    No such process.

  • CLOUDABI_ESTALE

    Reserved.

  • CLOUDABI_ETIMEDOUT

    Connection timed out.

  • CLOUDABI_ETXTBSY

    Text file busy.

  • CLOUDABI_EXDEV

    Cross-device link.

  • CLOUDABI_ENOTCAPABLE

    Extension: Capabilities insufficient.

cloudabi_event_t (struct)

An event that occurred.

Used by cloudabi_sys_poll().

Members:

cloudabi_eventrwflags_t (uint16_t bitfield)

The state of the file descriptor subscribed to with CLOUDABI_EVENTTYPE_FD_READ or CLOUDABI_EVENTTYPE_FD_WRITE.

Used by cloudabi_event_t.

Possible values:

  • CLOUDABI_EVENT_FD_READWRITE_HANGUP

    The peer of this socket has closed or disconnected.

cloudabi_eventtype_t (uint8_t)

Type of a subscription to an event or its occurrence.

Used by cloudabi_event_t and cloudabi_subscription_t.

Possible values:

cloudabi_exitcode_t (uint32_t)

Exit code generated by a process when exiting.

Used by cloudabi_event_t and cloudabi_sys_proc_exit().

cloudabi_fd_t (uint32_t)

A file descriptor number.

Unlike on POSIX-compliant systems, none of the file descriptor numbers are reserved for a purpose (e.g., stdin, stdout, stderr). Operating systems are not required to allocate new file descriptors in ascending order.

Special values:

cloudabi_fdflags_t (uint16_t bitfield)

File descriptor flags.

Used by cloudabi_fdstat_t.

Possible values:

  • CLOUDABI_FDFLAG_APPEND

    Append mode: Data written to the file is always appended to the file's end.

  • CLOUDABI_FDFLAG_DSYNC

    Write according to synchronized I/O data integrity completion. Only the data stored in the file is synchronized.

  • CLOUDABI_FDFLAG_NONBLOCK

    Non-blocking mode.

  • CLOUDABI_FDFLAG_RSYNC

    Synchronized read I/O operations.

  • CLOUDABI_FDFLAG_SYNC

    Write according to synchronized I/O file integrity completion. In addition to synchronizing the data stored in the file, the system may also synchronously update the file's metadata.

cloudabi_fdsflags_t (uint16_t bitfield)

Which file descriptor attributes to adjust.

Used by cloudabi_sys_fd_stat_put().

Possible values:

cloudabi_fdstat_t (struct)

File descriptor attributes.

Used by cloudabi_sys_fd_stat_get(), cloudabi_sys_fd_stat_put(), and cloudabi_sys_file_open().

Members:

cloudabi_filedelta_t (int64_t)

Relative offset within a file.

Used by cloudabi_sys_fd_seek().

cloudabi_filesize_t (uint64_t)

Non-negative file size or length of a region within a file.

Used by cloudabi_event_t, cloudabi_filestat_t, cloudabi_sys_fd_pread(), cloudabi_sys_fd_pwrite(), cloudabi_sys_fd_seek(), cloudabi_sys_file_advise(), cloudabi_sys_file_allocate(), and cloudabi_sys_mem_map().

cloudabi_filestat_t (struct)

File attributes.

Used by cloudabi_sys_file_stat_fget(), cloudabi_sys_file_stat_fput(), cloudabi_sys_file_stat_get(), and cloudabi_sys_file_stat_put().

Members:

cloudabi_filetype_t (uint8_t)

The type of a file descriptor or file.

Used by cloudabi_dirent_t, cloudabi_fdstat_t, cloudabi_filestat_t, cloudabi_sys_fd_create1(), cloudabi_sys_fd_create2(), and cloudabi_sys_file_create().

Possible values:

  • CLOUDABI_FILETYPE_UNKNOWN

    The type of the file descriptor or file is unknown or is different from any of the other types specified.

  • CLOUDABI_FILETYPE_BLOCK_DEVICE

    The file descriptor or file refers to a block device inode.

  • CLOUDABI_FILETYPE_CHARACTER_DEVICE

    The file descriptor or file refers to a character device inode.

  • CLOUDABI_FILETYPE_DIRECTORY

    The file descriptor or file refers to a directory inode.

  • CLOUDABI_FILETYPE_PROCESS

    The file descriptor refers to a process handle.

  • CLOUDABI_FILETYPE_REGULAR_FILE

    The file descriptor or file refers to a regular file inode.

  • CLOUDABI_FILETYPE_SHARED_MEMORY

    The file descriptor refers to a shared memory object.

  • CLOUDABI_FILETYPE_SOCKET_DGRAM

    The file descriptor or file refers to a datagram socket.

  • CLOUDABI_FILETYPE_SOCKET_STREAM

    The file descriptor or file refers to a byte-stream socket.

  • CLOUDABI_FILETYPE_SYMBOLIC_LINK

    The file refers to a symbolic link inode.

cloudabi_fsflags_t (uint16_t bitfield)

Which file attributes to adjust.

Used by cloudabi_sys_file_stat_fput() and cloudabi_sys_file_stat_put().

Possible values:

cloudabi_inode_t (uint64_t)

File serial number that is unique within its file system.

Used by cloudabi_dirent_t and cloudabi_filestat_t.

cloudabi_iovec_t (struct)

A region of memory for scatter/gather reads.

Used by cloudabi_recv_in_t, cloudabi_sys_fd_pread(), and cloudabi_sys_fd_read().

Members:

  • void *buf and size_t buf_len

    The address and length of the buffer to be filled.

cloudabi_linkcount_t (uint32_t)

Number of hard links to an inode.

Used by cloudabi_filestat_t.

cloudabi_lock_t (uint32_t)

A userspace read-recursive readers-writer lock, similar to a Linux futex or a FreeBSD umtx.

Used by cloudabi_subscription_t, cloudabi_sys_lock_unlock(), and cloudabi_sys_thread_exit().

Special values:

  • CLOUDABI_LOCK_UNLOCKED

    Value indicating that the lock is in its initial unlocked state.

  • CLOUDABI_LOCK_WRLOCKED

    Bitmask indicating that the lock is write-locked. If set, the lower 30 bits of the lock contain the identifier of the thread that owns the write lock. Otherwise, the lower 30 bits of the lock contain the number of acquired read locks.

  • CLOUDABI_LOCK_KERNEL_MANAGED

    Bitmask indicating that the lock is either read locked or write locked, and that one or more threads have their execution suspended, waiting to acquire the lock. The last owner of the lock must call the kernel to unlock.

    When the lock is acquired for reading and this bit is set, it means that one or more threads are attempting to acquire this lock for writing. In that case, other threads should only acquire additional read locks if suspending execution would cause a deadlock. It is preferred to suspend execution, as this prevents starvation of writers.

  • CLOUDABI_LOCK_BOGUS

    Value indicating that the lock is in an incorrect state. A lock cannot be in its initial unlocked state, while also managed by the kernel.

cloudabi_lookup_t (struct)

Path lookup properties.

Used by cloudabi_sys_file_link(), cloudabi_sys_file_open(), cloudabi_sys_file_stat_get(), and cloudabi_sys_file_stat_put().

Members:

cloudabi_lookupflags_t (uint32_t bitfield)

Flags determining the method of how paths are resolved.

Used by cloudabi_lookup_t.

Possible values:

  • CLOUDABI_LOOKUP_SYMLINK_FOLLOW

    As long as the resolved path corresponds to a symbolic link, it is expanded.

cloudabi_mflags_t (uint8_t bitfield)

Memory mapping flags.

Used by cloudabi_sys_mem_map().

Possible values:

  • CLOUDABI_MAP_ANON

    Instead of mapping the contents of the file provided, create a mapping to anonymous memory. The file descriptor argument must be set to CLOUDABI_MAP_ANON_FD, and the offset must be set to zero.

  • CLOUDABI_MAP_FIXED

    Require that the mapping is performed at the base address provided.

  • CLOUDABI_MAP_PRIVATE

    Changes are private.

  • CLOUDABI_MAP_SHARED

    Changes are shared.

cloudabi_mprot_t (uint8_t bitfield)

Memory page protection options.

This implementation enforces the W^X property: Pages cannot be mapped for execution while also mapped for writing.

Used by cloudabi_sys_mem_map() and cloudabi_sys_mem_protect().

Possible values:

  • CLOUDABI_PROT_EXEC

    Page can be executed.

  • CLOUDABI_PROT_WRITE

    Page can be written.

  • CLOUDABI_PROT_READ

    Page can be read.

cloudabi_msflags_t (uint8_t bitfield)

Methods of synchronizing memory with physical storage.

Used by cloudabi_sys_mem_sync().

Possible values:

  • CLOUDABI_MS_ASYNC

    Perform asynchronous writes.

  • CLOUDABI_MS_INVALIDATE

    Invalidate cached data.

  • CLOUDABI_MS_SYNC

    Perform synchronous writes.

cloudabi_nthreads_t (uint32_t)

Specifies the number of threads sleeping on a condition variable that should be woken up.

Used by cloudabi_sys_condvar_signal().

cloudabi_oflags_t (uint16_t bitfield)

Open flags used by cloudabi_sys_file_open().

Possible values:

  • CLOUDABI_O_CREAT

    Create file if it does not exist.

  • CLOUDABI_O_DIRECTORY

    Fail if not a directory.

  • CLOUDABI_O_EXCL

    Fail if file already exists.

  • CLOUDABI_O_TRUNC

    Truncate file to size 0.

cloudabi_processentry_t (function type)

Entry point for a process (_start).

Parameters:

cloudabi_recv_in_t (struct)

Arguments of cloudabi_sys_sock_recv().

Members:

  • const cloudabi_iovec_t *ri_data and size_t ri_data_len

    List of scatter/gather vectors where message data should be stored.

  • cloudabi_fd_t *ri_fds and size_t ri_fds_len

    Buffer where numbers of incoming file descriptors should be stored.

  • cloudabi_riflags_t ri_flags

    Message flags.

cloudabi_recv_out_t (struct)

Results of cloudabi_sys_sock_recv().

Members:

cloudabi_riflags_t (uint16_t bitfield)

Flags provided to cloudabi_sys_sock_recv().

Used by cloudabi_recv_in_t.

Possible values:

  • CLOUDABI_SOCK_RECV_PEEK

    Returns the message without removing it from the socket's receive queue.

  • CLOUDABI_SOCK_RECV_WAITALL

    On byte-stream sockets, block until the full amount of data can be returned.

cloudabi_rights_t (uint64_t bitfield)

File descriptor rights, determining which actions may be performed.

Used by cloudabi_fdstat_t.

Possible values:

cloudabi_roflags_t (uint16_t bitfield)

Flags returned by cloudabi_sys_sock_recv().

Used by cloudabi_recv_out_t.

Possible values:

cloudabi_scope_t (uint8_t)

Indicates whether an object is stored in private or shared memory.

Used by cloudabi_subscription_t, cloudabi_sys_condvar_signal(), cloudabi_sys_lock_unlock(), and cloudabi_sys_thread_exit().

Possible values:

  • CLOUDABI_SCOPE_PRIVATE

    The object is stored in private memory.

  • CLOUDABI_SCOPE_SHARED

    The object is stored in shared memory.

cloudabi_sdflags_t (uint8_t bitfield)

Which channels on a socket need to be shut down.

Used by cloudabi_sys_sock_shutdown().

Possible values:

  • CLOUDABI_SHUT_RD

    Disables further receive operations.

  • CLOUDABI_SHUT_WR

    Disables further send operations.

cloudabi_send_in_t (struct)

Arguments of cloudabi_sys_sock_send().

Members:

  • const cloudabi_ciovec_t *si_data and size_t si_data_len

    List of scatter/gather vectors where message data should be retrieved.

  • const cloudabi_fd_t *si_fds and size_t si_fds_len

    File descriptors that need to be attached to the message.

  • cloudabi_siflags_t si_flags

    Message flags.

cloudabi_send_out_t (struct)

Results of cloudabi_sys_sock_send().

Members:

  • size_t so_datalen

    Number of bytes transmitted.

cloudabi_siflags_t (uint16_t bitfield)

Flags provided to cloudabi_sys_sock_send(). As there are currently no flags defined, it must be set to zero.

Used by cloudabi_send_in_t.

cloudabi_signal_t (uint8_t)

Signal condition.

Used by cloudabi_event_t and cloudabi_sys_proc_raise().

Possible values:

  • CLOUDABI_SIGABRT

    Process abort signal.

    Action: Terminates the process.

  • CLOUDABI_SIGALRM

    Alarm clock.

    Action: Terminates the process.

  • CLOUDABI_SIGBUS

    Access to an undefined portion of a memory object.

    Action: Terminates the process.

  • CLOUDABI_SIGCHLD

    Child process terminated, stopped, or continued.

    Action: Ignored.

  • CLOUDABI_SIGCONT

    Continue executing, if stopped.

    Action: Continues executing, if stopped.

  • CLOUDABI_SIGFPE

    Erroneous arithmetic operation.

    Action: Terminates the process.

  • CLOUDABI_SIGHUP

    Hangup.

    Action: Terminates the process.

  • CLOUDABI_SIGILL

    Illegal instruction.

    Action: Terminates the process.

  • CLOUDABI_SIGINT

    Terminate interrupt signal.

    Action: Terminates the process.

  • CLOUDABI_SIGKILL

    Kill.

    Action: Terminates the process.

  • CLOUDABI_SIGPIPE

    Write on a pipe with no one to read it.

    Action: Ignored.

  • CLOUDABI_SIGQUIT

    Terminal quit signal.

    Action: Terminates the process.

  • CLOUDABI_SIGSEGV

    Invalid memory reference.

    Action: Terminates the process.

  • CLOUDABI_SIGSTOP

    Stop executing.

    Action: Stops executing.

  • CLOUDABI_SIGSYS

    Bad system call.

    Action: Terminates the process.

  • CLOUDABI_SIGTERM

    Termination signal.

    Action: Terminates the process.

  • CLOUDABI_SIGTRAP

    Trace/breakpoint trap.

    Action: Terminates the process.

  • CLOUDABI_SIGTSTP

    Terminal stop signal.

    Action: Stops executing.

  • CLOUDABI_SIGTTIN

    Background process attempting read.

    Action: Stops executing.

  • CLOUDABI_SIGTTOU

    Background process attempting write.

    Action: Stops executing.

  • CLOUDABI_SIGURG

    High bandwidth data is available at a socket.

    Action: Ignored.

  • CLOUDABI_SIGUSR1

    User-defined signal 1.

    Action: Terminates the process.

  • CLOUDABI_SIGUSR2

    User-defined signal 2.

    Action: Terminates the process.

  • CLOUDABI_SIGVTALRM

    Virtual timer expired.

    Action: Terminates the process.

  • CLOUDABI_SIGXCPU

    CPU time limit exceeded.

    Action: Terminates the process.

  • CLOUDABI_SIGXFSZ

    File size limit exceeded.

    Action: Terminates the process.

cloudabi_subclockflags_t (uint16_t bitfield)

Flags determining how the timestamp provided in cloudabi_subscription_t::clock.timeout should be interpreted.

Used by cloudabi_subscription_t.

Possible values:

cloudabi_subrwflags_t (uint16_t bitfield)

Flags influencing the method of polling for read or writing on a file descriptor.

Used by cloudabi_subscription_t.

Possible values:

  • CLOUDABI_SUBSCRIPTION_FD_READWRITE_POLL

    Deprecated. Must be set by callers and ignored by implementations.

cloudabi_subscription_t (struct)

Subscription to an event.

Used by cloudabi_sys_poll().

Members:

cloudabi_tcb_t (struct)

The Thread Control Block (TCB).

After a thread begins execution (at program startup or when created through cloudabi_sys_thread_create()), the CPU's registers controlling Thread-Local Storage (TLS) will already be initialized. They will point to an area only containing the TCB.

If the thread needs space for storing thread-specific variables, the thread may allocate a larger area and adjust the CPU's registers to point to that area instead. However, it does need to make sure that the TCB is copied over to the new TLS area.

The purpose of the TCB is that it allows light-weight emulators to store information related to individual threads. For example, it may be used to store a copy of the CPU registers prior emulation, so that TLS for the host system can be restored if needed.

Members:

  • void *parent

    Pointer that may be freely assigned by the system. Its value cannot be interpreted by the application.

cloudabi_threadattr_t (struct)

Attributes for thread creation.

Used by cloudabi_sys_thread_create().

Members:

  • cloudabi_threadentry_t *entry_point

    Initial program counter value.

  • void *stack and size_t stack_len

    Region allocated to serve as stack space.

  • void *argument

    Argument to be forwarded to the entry point function.

cloudabi_threadentry_t (function type)

Entry point for additionally created threads.

Used by cloudabi_threadattr_t.

Parameters:

cloudabi_tid_t (uint32_t)

Unique system-local identifier of a thread. This identifier is only valid during the lifetime of the thread.

Threads must be aware of their thread identifier, as it is written it into locks when acquiring them for writing. It is not advised to use these identifiers for any other purpose.

As the thread identifier is also stored in cloudabi_lock_t when CLOUDABI_LOCK_WRLOCKED is set, the top two bits of the thread must always be set to zero.

Used by cloudabi_threadentry_t, cloudabi_sys_proc_fork(), and cloudabi_sys_thread_create().

cloudabi_timestamp_t (uint64_t)

Timestamp in nanoseconds.

Used by cloudabi_filestat_t, cloudabi_subscription_t, cloudabi_sys_clock_res_get(), and cloudabi_sys_clock_time_get().

cloudabi_ulflags_t (uint8_t bitfield)

Specifies whether files are unlinked or directories are removed.

Used by cloudabi_sys_file_unlink().

Possible values:

  • CLOUDABI_UNLINK_REMOVEDIR

    If set, removes a directory. Otherwise, unlinks any non-directory file.

cloudabi_userdata_t (uint64_t)

User-provided value that can be attached to objects that is retained when extracted from the kernel.

Used by cloudabi_event_t and cloudabi_subscription_t.

cloudabi_whence_t (uint8_t)

Relative to which position the offset of the file descriptor should be set.

Used by cloudabi_sys_fd_seek().

Possible values:

  • CLOUDABI_WHENCE_CUR

    Seek relative to current position.

  • CLOUDABI_WHENCE_END

    Seek relative to end-of-file.

  • CLOUDABI_WHENCE_SET

    Seek relative to start-of-file.