diff options
author | Googler <noreply@google.com> | 2018-04-27 10:37:02 -0700 |
---|---|---|
committer | Adin Scannell <ascannell@google.com> | 2018-04-28 01:44:26 -0400 |
commit | d02b74a5dcfed4bfc8f2f8e545bca4d2afabb296 (patch) | |
tree | 54f95eef73aee6bacbfc736fffc631be2605ed53 /pkg/sentry/usermem/README.md | |
parent | f70210e742919f40aa2f0934a22f1c9ba6dada62 (diff) |
Check in gVisor.
PiperOrigin-RevId: 194583126
Change-Id: Ica1d8821a90f74e7e745962d71801c598c652463
Diffstat (limited to 'pkg/sentry/usermem/README.md')
-rw-r--r-- | pkg/sentry/usermem/README.md | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/pkg/sentry/usermem/README.md b/pkg/sentry/usermem/README.md new file mode 100644 index 000000000..2ebd3bcc1 --- /dev/null +++ b/pkg/sentry/usermem/README.md @@ -0,0 +1,31 @@ +This package defines primitives for sentry access to application memory. + +Major types: + +- The `IO` interface represents a virtual address space and provides I/O methods + on that address space. `IO` is the lowest-level primitive. The primary + implementation of the `IO` interface is `mm.MemoryManager`. + +- `IOSequence` represents a collection of individually-contiguous address ranges + in a `IO` that is operated on sequentially, analogous to Linux's `struct + iov_iter`. + +Major usage patterns: + +- Access to a task's virtual memory, subject to the application's memory + protections and while running on that task's goroutine, from a context that is + at or above the level of the `kernel` package (e.g. most syscall + implementations in `syscalls/linux`); use the `kernel.Task.Copy*` wrappers + defined in `kernel/task_usermem.go`. + +- Access to a task's virtual memory, from a context that is at or above the + level of the `kernel` package, but where any of the above constraints does not + hold (e.g. `PTRACE_POKEDATA`, which ignores application memory protections); + obtain the task's `mm.MemoryManager` by calling `kernel.Task.MemoryManager`, + and call its `IO` methods directly. + +- Access to a task's virtual memory, from a context that is below the level of + the `kernel` package (e.g. filesystem I/O); clients must pass I/O arguments + from higher layers, usually in the form of an `IOSequence`. The + `kernel.Task.SingleIOSequence` and `kernel.Task.IovecsIOSequence` functions in + `kernel/task_usermem.go` are convenience functions for doing so. |