lirent/vatrog-vm-signaling
1
0
Fork 0
mirror of https://dev.lirent.ru/Vatrog/vm-automation-signaling.git synced 2026-06-26 04:36:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

memwrite: per-process (cr3) target and full-extent socket SRC

Browse Source 
- CMD_MEMWRITE now carries a target page-table root (cr3) as its first field;
  cr3 == 0 keeps the kernel address-space default (backward-compatible). A control
  that has discovered a process's cr3 through its own read-only perception can
  write that process's private memory under the same exclusive write lease.
  Freshness of the cr3 is the control's responsibility — signaling does not
  validate it (that is perception, not coherence), mirroring the read side.

- A socket control can now carry an SRC larger than the inline frame budget: a
  length-prefixed SRC tail follows the CMD_MEMWRITE frame (flag SRC_PAYLOAD, the
  length being the frame's own len). A per-connection two-phase receiver
  accumulates the tail into a fixed conn-owned buffer up to the extent bound,
  matching the in-process payload path. A zero or over-bound length is a framing
  violation that closes the connection: leaving the promised tail unread would
  desync the stream and draining an arbitrary length would be a denial of service.

The capability, exclusive lease, source and extent gates are unchanged and
reused; only the event header gained the cr3 field and the socket transport
gained the tail receiver. The adapter resolves cr3 == 0 to the kernel root on
its worker thread and writes atomically.
This commit is contained in:
Gregory Lirent
2026-06-20 21:21:20 +03:00
parent e9aee057c7
commit e6c7aed8eb
7 changed files with 309 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/vmsig_socket.h
+8 -1
View File
@@ -10,7 +10,14 @@
/* Wire format: fixed-size, pointer-free — the same contract on the external
* poller. Single host (unix socket) => native byte order. Only the event's
* inline part is serialized (payload pointers do not go on the wire). */
* inline part is serialized (payload pointers do not go on the wire).
*
* Exception (DOWN only): a CMD_MEMWRITE frame with VMSIG_MW_SRC_PAYLOAD is followed
* on the stream by exactly vmsig_memwrite.len SRC bytes (length-prefixed by the
* contract's mw.len, no separate wire prefix). A client writes the 80-byte frame,
* then the len SRC bytes (1..VMSIG_MEMWRITE_MAX). For len <= VMSIG_MEMWRITE_INLINE the
* client uses VMSIG_MW_SRC_INLINE instead (SRC rides in the inln tail, no trailing
* bytes). All other DOWN frames and all UP deliveries are a single fixed frame. */
#define VMSIG_WIRE_MAGIC 0x47495356u /* 'VSIG' */
#define VMSIG_WIRE_VERSION 1u
typedef struct {