This is a sandbox, in the spirit of Cloudius Systems' OSv.
The goal is to provide a secure, sandboxed execution mechanism that enables deterministic input, processing and output. Execution is separated out into distinct phases:
- Prepare and load hash-sealed program executables, data.
- Execute program as a black box, with no I/O capability. Runs until exit or CPU budget exhausted (or CPU exception).
- Gather processed data, if any.
A single thread of execution pre-loads necessary data, then simulates a 32-bit little endian Moxie CPU, running the loaded code.
This program is built using the "moxiebox" target in upstream binutils and gcc. A reduced (C-only) gcc toolchain is therefore available for immediate use by developers.
You will need to build and install moxie binutils+gcc cross-compiler toolset:
cd contrib ./download-tools-sources.sh ./build-moxiebox-tools.sh
From the Moxie program's point of view, it is a single thread running as root and is essentially the entire operating system kernel + application, all in a single wrapper.
From the sandbox's point of view, the application is running as an unpriv'd application with only the ability to access data within the hand-built memory map.
More info about the Moxie architecture may be found at http://moxielogic.org/blog/pages/architecture.html and http://moxielogic.org/blog/ . The main code repository is https://github.com/atgreen/moxie-cores.
./sandbox \ -e runtime/test1 \ -d mydata.json \ -d mydata2.dat \ -o file.out
If you specify the -g option, then sandbox will wait for a GDB connection on the given port. For example, run sandbox like so:
$ ./sandbox -e ./basic -g 9999 ep 00001000 ro 00000f6c-00001536 elf0 ro 00001538-00001540 elf1 rw 00001640-00001ab4 elf2 rw 00002ab4-00012ab4 stack ro 00013ab4-00013b74 mapdesc
And, in a separate console, run GDB to connect to sandbox using the
target remote command like so:
$ moxiebox-gdb basic GNU gdb (GDB) 188.8.131.5241227-cvs Copyright (C) 2014 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "--host=x86_64-unknown-linux-gnu --target=moxie-elf". Type "show configuration" for configuration details. For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/. Find the GDB manual and other documentation resources online at: http://www.gnu.org/software/gdb/documentation/. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from basic...done. (gdb) target remote localhost:9999 Remote debugging using localhost:9999 0x00001000 in __start () (gdb) b main Breakpoint 1 at 0x14c8 (gdb) c Continuing. Breakpoint 1, 0x000014c8 in main () (gdb) x/4i $pc => 0x14c8 : xor $r5, $r5 0x14ca : mov $r4, $r5 0x14cc : lda.l $r3, 0x1644 0x14d2 : lda.l $r2, 0x1648 (gdb)