1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-26 09:10:40 -05:00
Commit graph

14 commits

Author SHA1 Message Date
Asher Gomez
6fb7e8d93b
feat(permissions): add "--deny-*" flags (#19070)
This commit adds new "--deny-*" permission flags. These are complimentary to
"--allow-*" flags.

These flags can be used to restrict access to certain resources, even if they
were granted using "--allow-*" flags or the "--allow-all" ("-A") flag.

Eg. specifying "--allow-read --deny-read" will result in a permission error,
while "--allow-read --deny-read=/etc" will allow read access to all FS but the
"/etc" directory.

Runtime permissions APIs ("Deno.permissions") were adjusted as well, mainly
by adding, a new "PermissionStatus.partial" field. This field denotes that
while permission might be granted to requested resource, it's only partial (ie.
a "--deny-*" flag was specified that excludes some of the requested resources).
Eg. specifying "--allow-read=foo/ --deny-read=foo/bar" and then querying for
permissions like "Deno.permissions.query({ name: "read", path: "foo/" })"
will return "PermissionStatus { state: "granted", onchange: null, partial: true }",
denoting that some of the subpaths don't have read access.

Closes #18804.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Nayeem Rahman <nayeemrmn99@gmail.com>
2023-08-03 13:19:19 +02:00
Aapo Alasuutari
e348c11b64
perf(ext/ffi): Avoid receiving on FFI async work channel when no UnsafeCallback exists (#19454) 2023-07-30 16:43:22 +03:00
Bartek Iwańczuk
19f82b0eaa
refactor(core): use JoinSet instead of FuturesUnordered (#19378)
This commit migrates "deno_core" from using "FuturesUnordered" to
"tokio::task::JoinSet". This makes every op to be a separate Tokio task
and should unlock better utilization of kqueue/epoll.

There were two quirks added to this PR:
- because of the fact that "JoinSet" immediately polls spawn tasks,
op sanitizers can give false positives in some cases, this was
alleviated by polling event loop once before running a test with 
"deno test", which gives canceled ops an opportunity to settle
- "JsRuntimeState::waker" was moved to "OpState::waker" so that FFI
API can still use threadsafe functions - without this change the
registered wakers were wrong as they would not wake up the 
whole "JsRuntime" but the task associated with an op

---------

Co-authored-by: Matt Mastracci <matthew@mastracci.com>
2023-06-07 23:50:14 +02:00
Aapo Alasuutari
0aa2d7c9c1
perf(ext/ffi): Use Box<[NativeType]> in CallbackInfo parameters (#19032) 2023-05-08 10:57:38 +03:00
Aapo Alasuutari
1de1a265ff
fix(ext/ffi): Callbacks panic on returning isize (#19022) 2023-05-07 17:27:16 +03:00
Aapo Alasuutari
0536ae8658
fix(ext/ffi): UnsafeCallback can hang with 'deno test' (#19018) 2023-05-07 10:31:01 +00:00
Aapo Alasuutari
4835098cf7
fix(ext/ffi): Remove deno_core::OpState qualifiers, fix ops returning pointer defaults (#17959) 2023-02-28 08:26:48 +02:00
Aapo Alasuutari
0f9daaeacb
fix(ext/ffi): Fix re-ref'ing UnsafeCallback (#17704) 2023-02-22 19:09:59 +00:00
Aapo Alasuutari
b56b8c8a75
feat(ext/ffi): Replace pointer integers with v8::External objects (#16889) 2023-02-22 19:32:38 +02:00
Divy Srivastava
5928925541
fix(ext/ffi): disallow empty ffi structs (#17487)
This patch makes `NativeType` to `libffi::middle::Type` conversion
failliable and w.t disallows struct with empty fields. libffi does not
handle "empty" struct because they don't exist in C (or Rust).

Fixes #17481
2023-01-21 21:21:14 +05:30
Dj
ad82918f56
feat(ext/ffi): structs by value (#15060)
Adds support for passing and returning structs as buffers to FFI. This does not implement fastapi support for structs. Needed for certain system APIs such as AppKit on macOS.
2023-01-08 09:28:10 +05:30
David Sherret
10e4b2e140
chore: update copyright year to 2023 (#17247)
Yearly tradition of creating extra noise in git.
2023-01-02 21:00:42 +00:00
linbingquan
f46df3e359
chore: update to Rust 1.66.0 (#17078) 2022-12-17 23:20:15 +01:00
Divy Srivastava
a2db70a8d0
refactor(ext/ffi): split into multiple parts (#16950)
- [x] `dlfcn.rs` - `dlopen()`-related code.
- [x] `turbocall.rs` - Call trampoline JIT compiler. 
- [x] `repr.rs` - Pointer representation. Home of the UnsafePointerView
ops.
- [x] `symbol.rs` - Function symbol related code.
- [x] `callback.rs` - Home of `Deno.UnsafeCallback` ops.
- [x] `ir.rs` - Intermediate representation for values. Home of the
`NativeValue` type.
- [x] `call.rs` - Generic call ops. Home to everything related to
calling FFI symbols.
- [x] `static.rs` - static symbol support

I find easier to work with this setup, I eventually want to expand
TurboCall to unroll type conversion loop in generic calls, generate code
for individual symbols (lazy function pointers), etc.
2022-12-12 14:14:20 +00:00