Mirrors_Framework/nuttx
1
0
Fork 0
mirror of https://github.com/apache/nuttx.git synced 2026-05-25 18:27:56 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

libc/fdcheck: add fdcheck module

Browse Source 
In embedded development environments, due to the lack of address isolation between processes,
fd may be passed between processes and lead to misuse,

We have designed an fd cross-process automatic detection tool,
fdcheck_protect returns the fd containing the pid information,
indicating that the ownership of the current fd belongs to the pid and is not allowed to be used by other processes.
fdcheck_restore will obtain the true fd and check if the ownership of the fd is legal

For ease of understanding, let's give an example where
the following information is represented in 32-bit binary format

fd        00000000 00000000 00000000 10001010
pid       00000000 00000000 00000011 01010101
ret       00000000 00000011 01010101 10001010

Signed-off-by: hujun5 <hujun5@xiaomi.com>
This commit is contained in:
hujun5
2023-06-05 15:43:05 +08:00
committed by Xiang Xiao
parent d36e2a8394
commit 8fe8417ffb
7 changed files with 314 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/sys/select.h
+16 -3
View File
@@ -32,6 +32,10 @@
#include <signal.h>
#include <sys/time.h>
#ifdef CONFIG_FDCHECK
# include <nuttx/fdcheck.h>
#endif
/****************************************************************************
* Pre-processor Definitions
****************************************************************************/
@@ -71,12 +75,21 @@
/* Standard helper macros */
#define FD_CLR(fd,set) \
#ifdef CONFIG_FDCHECK
# define FD_CLR(fd,set) \
((((fd_set*)(set))->arr)[_FD_NDX(fdcheck_restore(fd))] &= ~(UINT32_C(1)<< _FD_BIT(fdcheck_restore(fd))))
# define FD_SET(fd,set) \
((((fd_set*)(set))->arr)[_FD_NDX(fdcheck_restore(fd))] |= (UINT32_C(1) << _FD_BIT(fdcheck_restore(fd))))
# define FD_ISSET(fd,set) \
(((((fd_set*)(set))->arr)[_FD_NDX(fdcheck_restore(fd))] & (UINT32_C(1) << _FD_BIT(fdcheck_restore(fd)))) != 0)
#else
# define FD_CLR(fd,set) \
((((fd_set*)(set))->arr)[_FD_NDX(fd)] &= ~(UINT32_C(1)<< _FD_BIT(fd)))
#define FD_SET(fd,set) \
# define FD_SET(fd,set) \
((((fd_set*)(set))->arr)[_FD_NDX(fd)] |= (UINT32_C(1) << _FD_BIT(fd)))
#define FD_ISSET(fd,set) \
# define FD_ISSET(fd,set) \
(((((fd_set*)(set))->arr)[_FD_NDX(fd)] & (UINT32_C(1) << _FD_BIT(fd))) != 0)
#endif
#define FD_ZERO(set) \
memset((set), 0, sizeof(fd_set))