-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathcloudabi.txt
1892 lines (1785 loc) · 53.3 KB
/
cloudabi.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
# Copyright (c) 2016 Nuxi (https://nuxi.nl/) and contributors.
#
# SPDX-License-Identifier: BSD-2-Clause
| # Nuxi CloudABI
|
| CloudABI is what you get if you take POSIX, add capability-based
| security, and remove everything that's incompatible with that. The
| result is a minimal ABI consisting of only 49 syscalls.
|
| CloudABI doesn't have its own kernel, but instead is implemented in existing
| kernels: FreeBSD has CloudABI support for x86-64 and arm64, and [a patch-set
| for NetBSD](https://github.com/NuxiNL/netbsd) and [a patch-set for
| Linux](https://github.com/NuxiNL/linux) are available as well. This means that
| CloudABI binaries can be executed on different operating systems, without any
| modification.
|
| ## Capability-Based Security
|
| Capability-based security means that processes can only perform
| actions that have no global impact. Processes cannot open files by
| their absolute path, cannot open network connections, and cannot
| observe global system state such as the process table.
|
| The capabilities of a process are fully determined by its set of open
| file descriptors (fds). For example, files can only be opened if the
| process already has a file descriptor to a directory the file is in.
|
| Unlike in POSIX, where processes are normally started with file
| descriptors 0, 1, and 2 reserved for standard input, output, and
| error, CloudABI does not reserve any file descriptor numbers for
| specific purposes.
|
| In CloudABI, a process depends on its parent process to launch it with
| the right set of resources, since the process will not be able to open
| any new resources. For example, a simple static web server would need
| to be started with a file descriptor to a [TCP
| listener](https://github.com/NuxiNL/flower), and a file descriptor to
| the directory for which to serve files. The web server will then be
| unable to do anything other than reading files in that directory, and
| process incoming network connections.
|
| So, unknown CloudABI binaries can safely be executed without the need
| for containers, virtual machines, or other sandboxing technologies.
|
| Watch [Ed Schouten's Talk at
| 32C3](https://www.youtube.com/watch?v=3N29vrPoDv8) for more
| information about what capability-based security for UNIX means.
|
| ## Cloudlibc
|
| [Cloudlibc](https://github.com/NuxiNL/cloudlibc) is an implementation
| of the C standard library, without all CloudABI-incompatible
| functions. For example, Cloudlibc does not have `printf`, but does
| have `fprintf`. It does not have `open`, but does have `openat`.
|
| ## CloudABI-Ports
|
| [CloudABI-Ports](https://github.com/NuxiNL/cloudabi-ports) is a
| collection of ports of commonly used libraries and applications to
| CloudABI. It contains software such as `zlib`, `libpng`, `boost`,
| `memcached`, and much more. The software is patched to not depend on
| any global state, such as files in `/etc` or `/dev`, using `open()`,
| etc.
|
| ## Using CloudABI
|
| Instructions for using CloudABI (including kernel modules/patches,
| toolchain, and ports) are available for several operating systems:
|
| - [FreeBSD](https://cloudabi.org/run/freebsd/)
| - [Linux](https://cloudabi.org/run/linux/)
| - [macOS](https://cloudabi.org/run/macos/)
|
| ## Specification of the ABI
|
| The entire ABI is specified in a file called
| [`cloudabi.txt`](https://github.com/NuxiNL/cloudabi/blob/master/cloudabi.txt),
| from which all
| [headers](https://github.com/NuxiNL/cloudabi/tree/master/headers)
| and documentation (including the one you're reading now) is generated.
enum uint8 advice
| File or memory access pattern advisory information.
1 dontneed
| The application expects that it will not access the
| specified data in the near future.
2 noreuse
| The application expects to access the specified data
| once and then not reuse it thereafter.
3 normal
| The application has no advice to give on its behavior
| with respect to the specified data.
4 random
| The application expects to access the specified data
| in a random order.
5 sequential
| The application expects to access the specified data
| sequentially from lower offsets to higher offsets.
6 willneed
| The application expects to access the specified data
| in the near future.
enum uint32 auxtype
| Enumeration describing the kind of value stored in [auxv].
@cprefix AT_
256 argdata
| Base address of the binary argument data provided to
| [proc_exec].
257 argdatalen
| Length of the binary argument data provided to
| [proc_exec].
7 base
| Base address at which the executable is placed in
| memory.
258 canary
| Base address of a buffer of random data that may be
| used for non-cryptographic purposes, for example as a
| canary for stack smashing protection.
259 canarylen
| Length of a buffer of random data that may be used
| for non-cryptographic purposes, for example as a
| canary for stack smashing protection.
260 ncpus
| Number of CPUs that the system this process is running
| on has.
0 null
| Terminator of the auxiliary vector.
6 pagesz
| Smallest memory object size for which individual
| memory protection controls can be configured.
3 phdr
| Address of the first ELF program header of the
| executable.
4 phnum
| Number of ELF program headers of the executable.
263 pid
| Identifier of the process.
|
| This environment does not provide any simple numerical
| process identifiers, for the reason that these are not
| useful in distributed contexts. Instead, processes are
| identified by a UUID.
|
| This record should point to sixteen bytes of binary
| data, containing a version 4 UUID (fully random).
262 sysinfo_ehdr
| Address of the ELF header of the vDSO.
|
| The vDSO is a shared library that is mapped in the
| address space of the process. It provides entry points
| for every system call supported by the environment,
| all having a corresponding symbol that is prefixed
| with `cloudabi_sys_`. System calls should be invoked
| through these entry points.
|
| The first advantage of letting processes call into a
| vDSO to perform system calls instead of raising
| hardware traps is that it allows for easy emulation of
| executables on top of existing operating systems. The
| second advantage is that in cases where an operating
| system provides native support for CloudABI executables,
| it may still implement partial userspace
| implementations of these system calls to improve
| performance (e.g., [clock_time_get]). It also provides
| a more dynamic way of adding, removing or replacing
| system calls.
261 tid
| Thread ID of the initial thread of the process.
enum uint32 clockid
| Identifiers for clocks.
@cprefix CLOCK_
1 monotonic
| The system-wide monotonic clock, which is defined as a
| clock measuring real time, whose value cannot be
| adjusted and which cannot have negative clock jumps.
|
| The epoch of this clock is undefined. The absolute
| time value of this clock therefore has no meaning.
2 process_cputime_id
| The CPU-time clock associated with the current
| process.
3 realtime
| The system-wide clock measuring real time. Time value
| zero corresponds with 1970-01-01T00:00:00Z.
4 thread_cputime_id
| The CPU-time clock associated with the current thread.
opaque uint32 condvar
| A userspace condition variable.
0 has_no_waiters
| The condition variable is in its initial state. There
| are no threads waiting to be woken up. If the
| condition variable has any other value, the kernel
| must be called to wake up any sleeping threads.
opaque uint64 device
| Identifier for a device containing a file system. Can be used
| in combination with [inode] to uniquely identify a file on the
| local system.
opaque uint64 dircookie
| A reference to the offset of a directory entry.
0 start
| Permanent reference to the first directory entry
| within a directory.
enum uint16 errno
| Error codes returned by system calls.
|
| Not all of these error codes are returned by the system calls
| provided by this environment, but are either used in userspace
| exclusively or merely provided for alignment with POSIX.
@cprefix E
0 success
| No error occurred. System call completed successfully.
1 2big
| Argument list too long.
2 acces
| Permission denied.
3 addrinuse
| Address in use.
4 addrnotavail
| Address not available.
5 afnosupport
| Address family not supported.
6 again
| Resource unavailable, or operation would block.
7 already
| Connection already in progress.
8 badf
| Bad file descriptor.
9 badmsg
| Bad message.
10 busy
| Device or resource busy.
11 canceled
| Operation canceled.
12 child
| No child processes.
13 connaborted
| Connection aborted.
14 connrefused
| Connection refused.
15 connreset
| Connection reset.
16 deadlk
| Resource deadlock would occur.
17 destaddrreq
| Destination address required.
18 dom
| Mathematics argument out of domain of function.
19 dquot
| Reserved.
20 exist
| File exists.
21 fault
| Bad address.
22 fbig
| File too large.
23 hostunreach
| Host is unreachable.
24 idrm
| Identifier removed.
25 ilseq
| Illegal byte sequence.
26 inprogress
| Operation in progress.
27 intr
| Interrupted function.
28 inval
| Invalid argument.
29 io
| I/O error.
30 isconn
| Socket is connected.
31 isdir
| Is a directory.
32 loop
| Too many levels of symbolic links.
33 mfile
| File descriptor value too large.
34 mlink
| Too many links.
35 msgsize
| Message too large.
36 multihop
| Reserved.
37 nametoolong
| Filename too long.
38 netdown
| Network is down.
39 netreset
| Connection aborted by network.
40 netunreach
| Network unreachable.
41 nfile
| Too many files open in system.
42 nobufs
| No buffer space available.
43 nodev
| No such device.
44 noent
| No such file or directory.
45 noexec
| Executable file format error.
46 nolck
| No locks available.
47 nolink
| Reserved.
48 nomem
| Not enough space.
49 nomsg
| No message of the desired type.
50 noprotoopt
| Protocol not available.
51 nospc
| No space left on device.
52 nosys
| Function not supported.
53 notconn
| The socket is not connected.
54 notdir
| Not a directory or a symbolic link to a directory.
55 notempty
| Directory not empty.
56 notrecoverable
| State not recoverable.
57 notsock
| Not a socket.
58 notsup
| Not supported, or operation not supported on socket.
59 notty
| Inappropriate I/O control operation.
60 nxio
| No such device or address.
61 overflow
| Value too large to be stored in data type.
62 ownerdead
| Previous owner died.
63 perm
| Operation not permitted.
64 pipe
| Broken pipe.
65 proto
| Protocol error.
66 protonosupport
| Protocol not supported.
67 prototype
| Protocol wrong type for socket.
68 range
| Result too large.
69 rofs
| Read-only file system.
70 spipe
| Invalid seek.
71 srch
| No such process.
72 stale
| Reserved.
73 timedout
| Connection timed out.
74 txtbsy
| Text file busy.
75 xdev
| Cross-device link.
76 notcapable
| Extension: Capabilities insufficient.
flags uint16 eventrwflags
| The state of the file descriptor subscribed to with
| [eventtype.fd_read] or [eventtype.fd_write].
@cprefix EVENT_FD_READWRITE_
0x01 hangup
| The peer of this socket has closed or disconnected.
enum uint8 eventtype
| Type of a subscription to an event or its occurrence.
1 clock
| The time value of clock [subscription.clock.clock_id]
| has reached timestamp [subscription.clock.timeout].
2 condvar
| Condition variable [subscription.condvar.condvar] has
| been woken up and [subscription.condvar.lock] has been
| acquired for writing.
3 fd_read
| File descriptor [subscription.fd_readwrite.fd] has
| data available for reading. This event always triggers
| for regular files.
4 fd_write
| File descriptor [subscription.fd_readwrite.fd] has
| capacity available for writing. This event always
| triggers for regular files.
5 lock_rdlock
| Lock [subscription.lock.lock] has been acquired for
| reading.
6 lock_wrlock
| Lock [subscription.lock.lock] has been acquired for
| writing.
7 proc_terminate
| The process associated with process descriptor
| [subscription.proc_terminate.fd] has terminated.
alias uint32 exitcode
| Exit code generated by a process when exiting.
opaque uint32 fd
| A file descriptor number.
|
| Unlike on POSIX-compliant systems, none of the file descriptor
| numbers are reserved for a purpose (e.g., stdin, stdout,
| stderr). Operating systems are not required to allocate new
| file descriptors in ascending order.
@cprefix
0xffffffff process_child
| Returned to the child process by [proc_fork].
0xffffffff map_anon_fd
| Passed to [mem_map] when creating a mapping to
| anonymous memory.
flags uint16 fdflags
| File descriptor flags.
@cprefix FDFLAG_
0x01 append
| Append mode: Data written to the file is always
| appended to the file's end.
0x02 dsync
| Write according to synchronized I/O data integrity
| completion. Only the data stored in the file is
| synchronized.
0x04 nonblock
| Non-blocking mode.
0x08 rsync
| Synchronized read I/O operations.
0x10 sync
| Write according to synchronized I/O file integrity
| completion. In addition to synchronizing the data
| stored in the file, the system may also synchronously
| update the file's metadata.
flags uint16 fdsflags
| Which file descriptor attributes to adjust.
@cprefix FDSTAT_
0x01 flags
| Adjust the file descriptor flags stored in
| [fdstat.fs_flags].
0x02 rights
| Restrict the rights of the file descriptor to the
| rights stored in [fdstat.fs_rights_base] and
| [fdstat.fs_rights_inheriting].
alias int64 filedelta
| Relative offset within a file.
alias uint64 filesize
| Non-negative file size or length of a region within a file.
flags uint16 fsflags
| Which file attributes to adjust.
@cprefix FILESTAT_
0x01 atim
| Adjust the last data access timestamp to the value
| stored in [filestat.st_atim].
0x02 atim_now
| Adjust the last data access timestamp to the time
| of clock [clockid.realtime].
0x04 mtim
| Adjust the last data modification timestamp to the
| value stored in [filestat.st_mtim].
0x08 mtim_now
| Adjust the last data modification timestamp to the
| time of clock [clockid.realtime].
0x10 size
| Truncate or extend the file to the size stored in
| [filestat.st_size].
enum uint8 filetype
| The type of a file descriptor or file.
0x00 unknown
| The type of the file descriptor or file is unknown or
| is different from any of the other types specified.
0x10 block_device
| The file descriptor or file refers to a block device
| inode.
0x11 character_device
| The file descriptor or file refers to a character
| device inode.
0x20 directory
| The file descriptor or file refers to a directory
| inode.
0x50 process
| The file descriptor refers to a process handle.
0x60 regular_file
| The file descriptor or file refers to a regular file
| inode.
0x70 shared_memory
| The file descriptor refers to a shared memory object.
0x80 socket_dgram
| The file descriptor or file refers to a datagram
| socket.
0x82 socket_stream
| The file descriptor or file refers to a byte-stream
| socket.
0x90 symbolic_link
| The file refers to a symbolic link inode.
opaque uint64 inode
| File serial number that is unique within its file system.
alias uint32 linkcount
| Number of hard links to an inode.
opaque uint32 lock
| A userspace read-recursive readers-writer lock, similar to a
| Linux futex or a FreeBSD umtx.
0 unlocked
| Value indicating that the lock is in its initial
| unlocked state.
0x40000000 wrlocked
| Bitmask indicating that the lock is write-locked. If
| set, the lower 30 bits of the lock contain the
| identifier of the thread that owns the write lock.
| Otherwise, the lower 30 bits of the lock contain the
| number of acquired read locks.
0x80000000 kernel_managed
| Bitmask indicating that the lock is either read locked
| or write locked, and that one or more threads have
| their execution suspended, waiting to acquire the
| lock. The last owner of the lock must call the
| kernel to unlock.
|
| When the lock is acquired for reading and this bit is
| set, it means that one or more threads are attempting
| to acquire this lock for writing. In that case, other
| threads should only acquire additional read locks if
| suspending execution would cause a deadlock. It is
| preferred to suspend execution, as this prevents
| starvation of writers.
0x80000000 bogus
| Value indicating that the lock is in an incorrect
| state. A lock cannot be in its initial unlocked state,
| while also managed by the kernel.
flags uint32 lookupflags
| Flags determining the method of how paths are resolved.
@cprefix LOOKUP_
1 symlink_follow
| As long as the resolved path corresponds to a symbolic
| link, it is expanded.
flags uint8 mflags
| Memory mapping flags.
@cprefix MAP_
0x01 anon
| Instead of mapping the contents of the file provided,
| create a mapping to anonymous memory. The file
| descriptor argument must be set to [fd.map_anon_fd],
| and the offset must be set to zero.
0x02 fixed
| Require that the mapping is performed at the base
| address provided.
0x04 private
| Changes are private.
0x08 shared
| Changes are shared.
enum uint8 scope
| Indicates whether an object is stored in private or shared
| memory.
0x04 private
| The object is stored in private memory.
0x08 shared
| The object is stored in shared memory.
flags uint8 mprot
| Memory page protection options.
|
| This implementation enforces the `W^X` property: Pages cannot be
| mapped for execution while also mapped for writing.
@cprefix PROT_
0x01 exec
| Page can be executed.
0x02 write
| Page can be written.
0x04 read
| Page can be read.
flags uint8 msflags
| Methods of synchronizing memory with physical storage.
@cprefix MS_
0x01 async
| Perform asynchronous writes.
0x02 invalidate
| Invalidate cached data.
0x04 sync
| Perform synchronous writes.
alias uint32 nthreads
| Specifies the number of threads sleeping on a condition
| variable that should be woken up.
flags uint16 oflags
| Open flags used by [file_open].
@cprefix O_
0x01 creat
| Create file if it does not exist.
0x02 directory
| Fail if not a directory.
0x04 excl
| Fail if file already exists.
0x08 trunc
| Truncate file to size 0.
flags uint64 rights
| File descriptor rights, determining which actions may be
| performed.
@cprefix RIGHT_
0x0000000000000001 fd_datasync
| The right to invoke [fd_datasync].
|
| If [rights.file_open] is set, includes the right to
| invoke [file_open] with [fdflags.dsync].
0x0000000000000002 fd_read
| The right to invoke [fd_read] and [sock_recv].
|
| If [rights.mem_map] is set, includes the right to
| invoke [mem_map] with memory protection option
| [mprot.read].
|
| If [rights.fd_seek] is set, includes the right to invoke
| [fd_pread].
0x0000000000000004 fd_seek
| The right to invoke [fd_seek]. This flag implies
| [rights.fd_tell].
0x0000000000000008 fd_stat_put_flags
| The right to invoke [fd_stat_put] with
| [fdsflags.flags].
0x0000000000000010 fd_sync
| The right to invoke [fd_sync].
|
| If [rights.file_open] is set, includes the right to
| invoke [file_open] with [fdflags.rsync] and
| [fdflags.dsync].
0x0000000000000020 fd_tell
| The right to invoke [fd_seek] in such a way that the
| file offset remains unaltered (i.e., [whence.cur] with
| offset zero).
0x0000000000000040 fd_write
| The right to invoke [fd_write] and [sock_send].
|
| If [rights.mem_map] is set, includes the right to
| invoke [mem_map] with memory protection option
| [mprot.write].
|
| If [rights.fd_seek] is set, includes the right to
| invoke [fd_pwrite].
0x0000000000000080 file_advise
| The right to invoke [file_advise].
0x0000000000000100 file_allocate
| The right to invoke [file_allocate].
0x0000000000000200 file_create_directory
| The right to invoke [file_create] with
| [filetype.directory].
0x0000000000000400 file_create_file
| If [rights.file_open] is set, the right to invoke
| [file_open] with [oflags.creat].
0x0000000000001000 file_link_source
| The right to invoke [file_link] with the file
| descriptor as the source directory.
0x0000000000002000 file_link_target
| The right to invoke [file_link] with the file
| descriptor as the target directory.
0x0000000000004000 file_open
| The right to invoke [file_open].
# Does not include file_open with oflags.creat and
# oflags.trunc?
0x0000000000008000 file_readdir
| The right to invoke [file_readdir].
0x0000000000010000 file_readlink
| The right to invoke [file_readlink].
0x0000000000020000 file_rename_source
| The right to invoke [file_rename] with the file
| descriptor as the source directory.
0x0000000000040000 file_rename_target
| The right to invoke [file_rename] with the file
| descriptor as the target directory.
0x0000000000080000 file_stat_fget
| The right to invoke [file_stat_fget].
0x0000000000100000 file_stat_fput_size
| The right to invoke [file_stat_fput] with
| [fsflags.size].
|
| If [rights.file_open] is set, includes the right to
| invoke [file_open] with [oflags.trunc].
0x0000000000200000 file_stat_fput_times
| The right to invoke [file_stat_fput] with
| [fsflags.atim], [fsflags.atim_now], [fsflags.mtim],
| and [fsflags.mtim_now].
0x0000000000400000 file_stat_get
| The right to invoke [file_stat_get].
0x0000000000800000 file_stat_put_times
| The right to invoke [file_stat_put] with
| [fsflags.atim], [fsflags.atim_now], [fsflags.mtim],
| and [fsflags.mtim_now].
0x0000000001000000 file_symlink
| The right to invoke [file_symlink].
0x0000000002000000 file_unlink
| The right to invoke [file_unlink].
0x0000000004000000 mem_map
| The right to invoke [mem_map] with [mprot] set to
| zero.
0x0000000008000000 mem_map_exec
| If [rights.mem_map] is set, the right to invoke
| [mem_map] with [mprot.exec].
0x0000000010000000 poll_fd_readwrite
| If [rights.fd_read] is set, includes the right to
| invoke [poll] to subscribe to [eventtype.fd_read].
|
| If [rights.fd_write] is set, includes the right to
| invoke [poll] to subscribe to [eventtype.fd_write].
0x0000000040000000 poll_proc_terminate
| The right to invoke [poll] to subscribe to
| [eventtype.proc_terminate].
0x0000000100000000 proc_exec
| The right to invoke [proc_exec].
0x0000008000000000 sock_shutdown
| The right to invoke [sock_shutdown].
flags uint8 sdflags
| Which channels on a socket need to be shut down.
@cprefix SHUT_
0x01 rd
| Disables further receive operations.
0x02 wr
| Disables further send operations.
flags uint16 siflags
| Flags provided to [sock_send]. As there are currently no flags
| defined, it must be set to zero.
enum uint8 signal
| Signal condition.
@cprefix SIG
1 abrt
| Process abort signal.
|
| Action: Terminates the process.
2 alrm
| Alarm clock.
|
| Action: Terminates the process.
3 bus
| Access to an undefined portion of a memory object.
|
| Action: Terminates the process.
4 chld
| Child process terminated, stopped, or continued.
|
| Action: Ignored.
5 cont
| Continue executing, if stopped.
|
| Action: Continues executing, if stopped.
6 fpe
| Erroneous arithmetic operation.
|
| Action: Terminates the process.
7 hup
| Hangup.
|
| Action: Terminates the process.
8 ill
| Illegal instruction.
|
| Action: Terminates the process.
9 int
| Terminate interrupt signal.
|
| Action: Terminates the process.
10 kill
| Kill.
|
| Action: Terminates the process.
11 pipe
| Write on a pipe with no one to read it.
|
| Action: Ignored.
12 quit
| Terminal quit signal.
|
| Action: Terminates the process.
13 segv
| Invalid memory reference.
|
| Action: Terminates the process.
14 stop
| Stop executing.
|
| Action: Stops executing.
15 sys
| Bad system call.
|
| Action: Terminates the process.
16 term
| Termination signal.
|
| Action: Terminates the process.
17 trap
| Trace/breakpoint trap.
|
| Action: Terminates the process.
18 tstp
| Terminal stop signal.
|
| Action: Stops executing.
19 ttin
| Background process attempting read.
|
| Action: Stops executing.
20 ttou
| Background process attempting write.
|
| Action: Stops executing.
21 urg
| High bandwidth data is available at a socket.
|
| Action: Ignored.
22 usr1
| User-defined signal 1.
|
| Action: Terminates the process.
23 usr2
| User-defined signal 2.
|
| Action: Terminates the process.
24 vtalrm
| Virtual timer expired.
|
| Action: Terminates the process.
25 xcpu
| CPU time limit exceeded.
|
| Action: Terminates the process.
26 xfsz
| File size limit exceeded.
|
| Action: Terminates the process.
flags uint16 subclockflags
| Flags determining how the timestamp provided in
| [subscription.clock.timeout] should be interpreted.
@cprefix SUBSCRIPTION_CLOCK_
0x01 abstime
| If set, treat the timestamp provided in
| [subscription.clock.timeout] as an absolute timestamp
| of clock [subscription.clock.clock_id].
|
| If clear, treat the timestamp provided in
| [subscription.clock.timeout] relative to the current
| time value of clock [subscription.clock.clock_id].
flags uint16 subrwflags
| Flags influencing the method of polling for read or writing on
| a file descriptor.
@cprefix SUBSCRIPTION_FD_READWRITE_
0x01 poll
| Deprecated. Must be set by callers and ignored by
| implementations.
flags uint16 riflags
| Flags provided to [sock_recv].
@cprefix SOCK_RECV_
0x04 peek
| Returns the message without removing it from the
| socket's receive queue.
0x10 waitall
| On byte-stream sockets, block until the full amount
| of data can be returned.
flags uint16 roflags
| Flags returned by [sock_recv].
@cprefix SOCK_RECV_
0x01 fds_truncated
| Returned by [sock_recv]: List of file descriptors
| has been truncated.
0x08 data_truncated
| Returned by [sock_recv]: Message data has been
| truncated.
opaque uint32 tid
| Unique system-local identifier of a thread. This identifier is
| only valid during the lifetime of the thread.
|
| Threads must be aware of their thread identifier, as it is
| written it into locks when acquiring them for writing. It is
| not advised to use these identifiers for any other purpose.
|
| As the thread identifier is also stored in [lock] when
| [lock.wrlocked] is set, the top two bits of the thread
| must always be set to zero.
alias uint64 timestamp
| Timestamp in nanoseconds.
flags uint8 ulflags
| Specifies whether files are unlinked or directories are
| removed.
@cprefix UNLINK_
0x01 removedir
| If set, removes a directory. Otherwise, unlinks any
| non-directory file.
alias uint64 userdata
| User-provided value that can be attached to objects that is
| retained when extracted from the kernel.
enum uint8 whence
| Relative to which position the offset of the file descriptor
| should be set.
1 cur
| Seek relative to current position.
2 end
| Seek relative to end-of-file.
3 set
| Seek relative to start-of-file.
function threadentry
| Entry point for additionally created threads.
in
tid tid
| Thread ID of the current thread.
ptr void aux
| Copy of the value stored in
| [threadattr.argument].
struct auxv
| Auxiliary vector entry.
|
| The auxiliary vector is a list of key-value pairs that is
| provided to the process on startup. Unlike structures, it is
| extensible, as it is possible to add new records later on.
| The auxiliary vector is always terminated by an entry having
| type [auxtype.null].
|
| The auxiliary vector is part of the x86-64 ABI, but is used by
| this environment on all architectures.
auxtype a_type
| The type of the auxiliary vector entry.
variant a_type
argdatalen canarylen ncpus pagesz phnum tid
size a_val
| A numerical value.
argdata base canary phdr pid sysinfo_ehdr
ptr void a_ptr
| A pointer value.
function processentry
| Entry point for a process (`_start`).
in
cptr auxv auxv
| The auxiliary vector. See [auxv].
struct ciovec
| A region of memory for scatter/gather writes.
crange void buf
| The address and length of the buffer to be written.
struct dirent
| A directory entry.
dircookie d_next
| The offset of the next directory entry stored in this
| directory.
inode d_ino
| The serial number of the file referred to by this
| directory entry.
uint32 d_namlen
| The length of the name of the directory entry.
filetype d_type
| The type of the file referred to by this directory
| entry.
struct event
| An event that occurred.
userdata userdata
| User-provided value that got attached to
| [subscription.userdata].
errno error
| If non-zero, an error that occurred while processing
| the subscription request.
eventtype type
| The type of the event that occurred.
variant type
fd_read fd_write
struct fd_readwrite
filesize nbytes
| The number of bytes available
| for reading or writing.
array 4 char unused
| Obsolete.