hyperlight_host::sandbox::uninitialized

Struct UninitializedSandbox

Source 
pub struct UninitializedSandbox { /* private fields */ }
Expand description

A preliminary Sandbox, not yet ready to execute guest code.

Prior to initializing a full-fledged Sandbox, you must create one of these UninitializedSandboxes with the new function, register all the host-implemented functions you need to be available to the guest, then call evolve to transform your UninitializedSandbox into an initialized Sandbox.

Implementations§

Source§

impl UninitializedSandbox

Source

pub fn new<'a, 'b>( env: impl Into<GuestEnvironment<'a, 'b>>, cfg: Option<SandboxConfiguration>, ) -> Result<Self>

Create a new sandbox configured to run the binary at path bin_path.

The instrument attribute is used to generate tracing spans and also to emit an error should the Result be an error. The skip attribute is used to skip the guest binary from being printed in the tracing span. The name attribute is used to name the tracing span. The err attribute is used to emit an error should the Result be an error, it uses the std::fmt::Debug trait to print the error.

Source

pub fn set_max_guest_log_level(&mut self, log_level: LevelFilter)

Set the max log level to be used by the guest. If this is not set then the log level will be determined by parsing the RUST_LOG environment variable. If the RUST_LOG environment variable is not set then the max log level will be set to LevelFilter::Error.

Source

pub fn register<Args: ParameterTuple, Output: SupportedReturnType>( &mut self, name: impl AsRef<str>, host_func: impl Into<HostFunction<Output, Args>>, ) -> Result<()>

Register a host function with the given name in the sandbox.

Source

pub fn register_with_extra_allowed_syscalls<Args: ParameterTuple, Output: SupportedReturnType>( &mut self, name: impl AsRef<str>, host_func: impl Into<HostFunction<Output, Args>>, extra_allowed_syscalls: impl IntoIterator<Item = ExtraAllowedSyscall>, ) -> Result<()>

Register the host function with the given name in the sandbox. Unlike register, this variant takes a list of extra syscalls that will allowed during the execution of the function handler.

Source

pub fn register_print( &mut self, print_func: impl Into<HostFunction<i32, (String,)>>, ) -> Result<()>

Register a host function named “HostPrint” that will be called by the guest when it wants to print to the console. The “HostPrint” host function is kind of special, as we expect it to have the FnMut(String) -> i32 signature.

Source

pub fn register_print_with_extra_allowed_syscalls( &mut self, print_func: impl Into<HostFunction<i32, (String,)>>, extra_allowed_syscalls: impl IntoIterator<Item = ExtraAllowedSyscall>, ) -> Result<()>

Register a host function named “HostPrint” that will be called by the guest when it wants to print to the console. The “HostPrint” host function is kind of special, as we expect it to have the FnMut(String) -> i32 signature. Unlike register_print, this variant takes a list of extra syscalls that will allowed during the execution of the function handler.

Trait Implementations§

Source§

impl Debug for UninitializedSandbox

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl EvolvableSandbox<UninitializedSandbox, MultiUseSandbox, Noop<UninitializedSandbox, MultiUseSandbox>> for UninitializedSandbox

Source§

fn evolve( self, _: Noop<UninitializedSandbox, MultiUseSandbox>, ) -> Result<MultiUseSandbox>

Evolve self to a MultiUseSandbox without any additional metadata.

Source§

impl Registerable for UninitializedSandbox

Source§

fn register_host_function<Args: ParameterTuple, Output: SupportedReturnType>( &mut self, name: &str, hf: impl Into<HostFunction<Output, Args>>, ) -> Result<()>

Register a primitive host function
Source§

fn register_host_function_with_syscalls<Args: ParameterTuple, Output: SupportedReturnType>( &mut self, name: &str, hf: impl Into<HostFunction<Output, Args>>, eas: Vec<ExtraAllowedSyscall>, ) -> Result<()>

Register a primitive host function whose worker thread has extra permissive seccomp filters installed
Source§

impl Sandbox for UninitializedSandbox

Source§

fn check_stack_guard(&self) -> Result<bool>

Check to ensure the current stack cookie matches the one that was selected when the stack was constructed. Read more
Source§

impl UninitializedSandbox for UninitializedSandbox

Source§

fn get_uninitialized_sandbox(&self) -> &UninitializedSandbox

Retrieves reference to strongly typed UninitializedSandbox
Source§

fn get_uninitialized_sandbox_mut(&mut self) -> &mut UninitializedSandbox

Retrieves mutable reference to strongly typed UninitializedSandbox

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more