1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-12-11 01:58:05 -05:00
Commit graph

82 commits

Author SHA1 Message Date
Asher Gomez
6fb7e8d93b
feat(permissions): add "--deny-*" flags (#19070)
This commit adds new "--deny-*" permission flags. These are complimentary to
"--allow-*" flags.

These flags can be used to restrict access to certain resources, even if they
were granted using "--allow-*" flags or the "--allow-all" ("-A") flag.

Eg. specifying "--allow-read --deny-read" will result in a permission error,
while "--allow-read --deny-read=/etc" will allow read access to all FS but the
"/etc" directory.

Runtime permissions APIs ("Deno.permissions") were adjusted as well, mainly
by adding, a new "PermissionStatus.partial" field. This field denotes that
while permission might be granted to requested resource, it's only partial (ie.
a "--deny-*" flag was specified that excludes some of the requested resources).
Eg. specifying "--allow-read=foo/ --deny-read=foo/bar" and then querying for
permissions like "Deno.permissions.query({ name: "read", path: "foo/" })"
will return "PermissionStatus { state: "granted", onchange: null, partial: true }",
denoting that some of the subpaths don't have read access.

Closes #18804.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Nayeem Rahman <nayeemrmn99@gmail.com>
2023-08-03 13:19:19 +02:00
Aapo Alasuutari
e348c11b64
perf(ext/ffi): Avoid receiving on FFI async work channel when no UnsafeCallback exists (#19454) 2023-07-30 16:43:22 +03:00
Aapo Alasuutari
0536ae8658
fix(ext/ffi): UnsafeCallback can hang with 'deno test' (#19018) 2023-05-07 10:31:01 +00:00
Matt Mastracci
3487fde236
perf(core) Reduce copying and cloning in extension initialization (#18252)
Follow-up to #18210:

* we are passing the generated `cfg` object into the state function
rather than passing individual config fields
 * reduce cloning dramatically by making the state_fn `FnOnce`
 * `take` for `ExtensionBuilder` to avoid more unnecessary copies
 * renamed `config` to `options`
2023-03-17 22:15:27 +00:00
Matt Mastracci
e55b448730
feat(core) deno_core::extension! macro to simplify extension registration (#18210)
This implements two macros to simplify extension registration and centralize a lot of the boilerplate as a base for future improvements:

* `deno_core::ops!` registers a block of `#[op]`s, optionally with type
parameters, useful for places where we share lists of ops
* `deno_core::extension!` is used to register an extension, and creates
two methods that can be used at runtime/snapshot generation time:
`init_ops` and `init_ops_and_esm`.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-03-17 18:22:15 +00:00
Bartek Iwańczuk
d1685b120b
refactor(core): remove RuntimeOptions::extensions_with_js (#18099)
This commit removes "deno_core::RuntimeOptions::extensions_with_js".

Now it's embedders' responsibility to properly register extensions
that will not contains JavaScript sources when running from an existing
snapshot.

Prerequisite for https://github.com/denoland/deno/pull/18080
2023-03-09 19:22:27 -05:00
Bartek Iwańczuk
8f207c0f3f
refactor: Split extension registration for runtime and snapshotting (#18095)
This commit splits "<ext_name>::init" functions into "init_ops" and
"init_ops_and_esm". That way we don't have to construct list of
ESM sources on each startup if we're running with a snapshot.

In a follow up commit "deno_core" will be changed to not have a split
between "extensions" and "extensions_with_js" - it will be embedders'
responsibility to pass appropriately configured extensions.

Prerequisite for https://github.com/denoland/deno/pull/18080
2023-03-09 14:56:19 +00:00
Bartek Iwańczuk
c3cba7f22c
refactor(core): Extension::builder_with_deps (#18093)
Prerequisite for https://github.com/denoland/deno/pull/18080
2023-03-09 12:10:54 +00:00
Bartek Iwańczuk
b32a6f8ad2
refactor(core): don't use Result in ExtensionBuilder::state (#18066)
There's no point for this API to expect result. If something fails it should
result in a panic during build time to signal to embedder that setup is
wrong.
2023-03-07 22:37:37 +01:00
Bartek Iwańczuk
76b173b60c
refactor: move "pathFromURL" to deno_web extension (#18037)
This API is required by several extensions like "ext/node", "ext/ffi"
and also FS APIs that we want to move to a separate crate. Because 
of that "pathFromURL" API was moved to "deno_web" extension so
other extension crates can rely on it.
2023-03-05 22:46:37 +00:00
Aapo Alasuutari
0f9daaeacb
fix(ext/ffi): Fix re-ref'ing UnsafeCallback (#17704) 2023-02-22 19:09:59 +00:00
Aapo Alasuutari
b56b8c8a75
feat(ext/ffi): Replace pointer integers with v8::External objects (#16889) 2023-02-22 19:32:38 +02:00
Leo Kettmeir
49af1ab18d
refactor: remove prefix from include_js_files & use extension name (#17683) 2023-02-07 21:09:50 +00:00
Leo Kettmeir
b4aa153097
refactor: Use ES modules for internal runtime code (#17648)
This PR refactors all internal js files (except core) to be written as
ES modules.
`__bootstrap`has been mostly replaced with static imports in form in
`internal:[path to file from repo root]`.
To specify if files are ESM, an `esm` method has been added to
`Extension`, similar to the `js` method.
A new ModuleLoader called `InternalModuleLoader` has been added to
enable the loading of internal specifiers, which is used in all
situations except when a snapshot is only loaded, and not a new one is
created from it.

---------

Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-02-07 20:22:46 +01:00
Leo Kettmeir
84a96110cd
refactor: rename deno specifiers to internal (#17655) 2023-02-05 17:49:20 +01:00
David Sherret
f5840bdcd3
chore: upgrade to Rust 1.67 (#17548)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
2023-01-27 10:43:16 -05:00
Leo Kettmeir
c41d4ff90e
feat(core): allow specifying name and dependencies of an Extension (#17301) 2023-01-08 23:48:46 +01:00
David Sherret
10e4b2e140
chore: update copyright year to 2023 (#17247)
Yearly tradition of creating extra noise in git.
2023-01-02 21:00:42 +00:00
Divy Srivastava
a2db70a8d0
refactor(ext/ffi): split into multiple parts (#16950)
- [x] `dlfcn.rs` - `dlopen()`-related code.
- [x] `turbocall.rs` - Call trampoline JIT compiler. 
- [x] `repr.rs` - Pointer representation. Home of the UnsafePointerView
ops.
- [x] `symbol.rs` - Function symbol related code.
- [x] `callback.rs` - Home of `Deno.UnsafeCallback` ops.
- [x] `ir.rs` - Intermediate representation for values. Home of the
`NativeValue` type.
- [x] `call.rs` - Generic call ops. Home to everything related to
calling FFI symbols.
- [x] `static.rs` - static symbol support

I find easier to work with this setup, I eventually want to expand
TurboCall to unroll type conversion loop in generic calls, generate code
for individual symbols (lazy function pointers), etc.
2022-12-12 14:14:20 +00:00
Divy Srivastava
55595ca1b7
fix(ops): disallow auto-borrowing OpState across potential await point (#16952)
Fixes https://github.com/denoland/deno/issues/16934

Example compiler error:
```
error: mutable opstate is not supported in async ops
   --> core/ops_builtin.rs:122:1
    |
122 | #[op]
    | ^^^^^
    |
    = note: this error originates in the attribute macro `op` (in Nightly builds, run with -Z macro-backtrace for more info)
```
2022-12-05 21:40:22 +05:30
Aapo Alasuutari
a4dfc6f955
fix(ext/ffi): Null buffer pointer value is inconsistent (#16625)
Currently, slow call path will always create a dangling pointer to
replace a null pointer when called with eg. a `new Uint8Array()`
parameter, which V8 initialises as a null pointer backed buffer.

However, the fast call path will never change the pointer value and will
thus expose a null pointer. Thus, it's possible that the pointer value
that a native call sees coming from Deno changes between two sequential
invocations of the same function with the exact same parameters.

Since null pointers can be quite important, and `Uint8Array` is the
chosen fast path for Deno FFI `"buffer"` parameters, I think it is
fairly important that the null pointer be properly exposed to the native
code. Thus this PR.

### `*mut c_void`
While here, I also changed the type of our pointer values to `*mut
c_void`. This is mainly due to JS buffers always being `*mut`, and
because we offer a way to turn a pointer into a JS `ArrayBuffer`
(`op_ffi_get_buf`) which is read-write. I'm not exactly sure which way
we should really go here, we have pointers that are definitely mut but
we also cannot assume all of our pointers are. So, do we go with the
maxima or the minima?

### `optimisedCall(new Uint8Array())`
V8 seems to have a bug where calling an optimised function with a newly
created empty `Uint8Array` (no argument or 0) will not see the data
pointer being null but instead it's some stable pointer, perhaps
pointing to some internal null-backing-store. The pointer value is also
an odd (not even) number, so it might specifically be a tagged pointer.

This will probably be an issue for some users, if they try to use eg.
`method(cstr("something"), new Uint8Array())` as a way to do a fast call
to `method` with a null pointer as the second parameter.

If instead of a `new Uint8Array()` the user instead uses some `const
NULL = new Uint8Array()` where the `NULL` buffer has been passed to a
slow call previously, then the fast call will properly see a null
pointer.

I'll take this up with some V8 engineers to see if this couldn't be
fixed.
2022-11-27 14:38:54 +00:00
Divy Srivastava
fcdcc8c0c3
feat(ops): support raw pointer arguments (#16826)
See https://github.com/denoland/deno/pull/16814#discussion_r1032744083.
Allows nullable buffers in low-level ops like FFI:

```rust
fn op_ffi_ptr_of<FP>(
  state: &mut OpState,
  buf: *const u8,
  out: &mut [u32],
) 
where
  FP: FfiPermissions + 'static {
  // ..
}
```
2022-11-26 20:07:43 +05:30
Bartek Iwańczuk
869acee8fb
chore: upgrade rusty_v8 to 0.54.0 (#16368)
<!--
Before submitting a PR, please read http://deno.land/manual/contributing

1. Give the PR a descriptive title.

  Examples of good title:
    - fix(std/http): Fix race condition in server
    - docs(console): Update docstrings
    - feat(doc): Handle nested reexports

  Examples of bad title:
    - fix #7123
    - update docs
    - fix bugs

2. Ensure there is a related issue and it is referenced in the PR text.
3. Ensure there are tests that cover the changes.
4. Ensure `cargo test` passes.
5. Ensure `./tools/format.js` passes without changing files.
6. Ensure `./tools/lint.js` passes.
-->
2022-10-20 21:01:49 +02:00
Aapo Alasuutari
e2be70b035
feat(ext/ffi): Make op_ffi_ptr_of fast (#16297)
Makes `op_ffi_ptr_of` fast. One of the tests changed from printing
`false` to `true` as the fast `&[u8]` slice path creates the slice with
a null pointer. Thus the `op_ffi_ptr_of` will now return a null pointer
value whereas previously it returned a dangling pointer value.
2022-10-20 09:37:37 +05:30
Aapo Alasuutari
722ea20e86
perf(ext/ffi): Fast UnsafePointerView read functions (#16351)
This PR makes pointer read methods of `Deno.UnsafePointerView` Fast API
compliant, with the exception of `getCString` which cannot be made fast
with current V8 Fast API.
2022-10-20 09:35:56 +05:30
Aapo Alasuutari
75acec0aea
fix(ext/ffi): Fix UnsafeCallback ref'ing making Deno enter a live-loop (#16216)
Fixes #15136

Currently `UnsafeCallback` class' `ref()` and `unref()` methods rely on
the `event_loop_middleware` implementation in core. If even a single
`UnsafeCallback` is ref'ed, then the FFI event loop middleware will
always return `true` to signify that there may still be more work for
the event loop to do.

The middleware handling in core does not wait a moment to check again,
but will instead synchronously directly re-poll the event loop and
middlewares for more work. This becomes a live-loop.

This PR introduces a `Future` implementation for the `CallbackInfo`
struct that acts as the intermediary data storage between an
`UnsafeCallback` and the `libffi` C callback. Ref'ing a callback now
means calling an async op that binds to the `CallbackInfo` Future and
only resolves once the callback is unref'ed. The `libffi` C callback
will call the waker of this Future when it fires to make sure that the
main thread wakes up to receive the callback.
2022-10-15 19:19:46 +05:30
Aapo Alasuutari
17271532d4
fix(ext/ffi): Invalid 'function' return type check logic, remove U32x2 as unnecessary (#16259)
The return type checking for `"function"` type FFI values was incorrect
and presumed that functions were still being registered as objects
containing a "function" key.

While here, I also removed the whole return type checking logic as it
was needed for optionally creating BigInts on return when needed, but
serde_v8 does this automatically now (I think).
2022-10-13 17:36:52 +05:30
Aapo Alasuutari
19e4e821d5
fix(ext/ffi): Fix usize and isize FFI callback parameters missing match arm (#16172)
Mea culpa. Back when I re-introduced parameter and return value types to
FFI callbacks I failed to properly account for the change in match arm
logic. As a result, usize and isize parameters in FFI callbacks
currently enter the branch meant for void only.

This PR changes the match arms to all be explicit, making sure that void
is the only arm marked unreachable and that it stays that way.
2022-10-07 10:20:18 +05:30
Divy Srivastava
027d4d433d
perf(ops): inline &[u8] arguments and enable fast API (#15731) 2022-09-07 16:21:47 +05:30
Arnau Orriols
8bdc3c2baf
feat(ext/ffi): Implement FFI fast-call trampoline with Dynasmrt (#15305) 2022-09-07 12:23:56 +05:30
Aapo Alasuutari
16dbf4adc3
feat(ext/ffi): Support bool FFI type (#15754) 2022-09-05 08:56:52 +05:30
Divy Srivastava
e34260c5b0
BREAKING(ext/ffi): specialized buffer type (#15518) 2022-08-23 09:16:43 +05:30
Mathias Lafeldt
e96933bc16
chore: use Rust 1.63.0 (#15464) 2022-08-21 19:31:14 +02:00
Luca Casonato
bdd8ddbe4c
fix(ext/ffi): unstable op_ffi_unsafe_callback_ref (#15439) 2022-08-10 08:39:45 +05:30
Aapo Alasuutari
569910856e
fix(ext/ffi): Check CStr for UTF-8 validity on read (#15318)
Co-authored-by: Phosra <phosra@tutanota.com>
2022-08-05 21:56:54 +05:30
Divy Srivastava
ef7bc2e6cc
perf(ext/ffi): use fast api calls for 64bit return types (#15313) 2022-07-28 18:08:22 +05:30
Divy Srivastava
fad8d7d32a
perf(ext/ffi): support Uint8Array in fast calls (#15319) 2022-07-27 19:32:21 +05:30
Aapo Alasuutari
8911bdb6d0
chore(ext/ffi): Remove unnecessary byte_offset conditional slicing (#15320) 2022-07-27 11:13:30 +05:30
Divy Srivastava
58d1126fa4
chore(ext/ffi): remove dependency on stdint.h (#15294) 2022-07-24 18:38:13 +05:30
Aapo Alasuutari
f8fee6cd21
feat(ext/ffi): Safe number pointers (#15173) 2022-07-24 16:11:11 +05:30
Aapo Alasuutari
e1cbd2364f
feat(ext/ffi): Add support to get ArrayBuffers from UnsafePointerView (#15143) 2022-07-23 22:41:06 +05:30
Aapo Alasuutari
244c00d95b
perf(ext/ffi): Optimise common pointer related APIs (#15144) 2022-07-22 16:37:35 +05:30
Bartek Iwańczuk
1bdf5a2081
chore: upgrade rusty_v8 to 0.47.0 (#15247) 2022-07-19 21:36:15 +02:00
David Sherret
635eed9373
chore: fix Windows specific clippy errors (#15212) 2022-07-15 12:30:25 -04:00
Aapo Alasuutari
007e1b4bd5
fix(ext/ffi): i64 arg to C mapping was wrong (#15162) 2022-07-12 16:14:54 +05:30
Aapo Alasuutari
d725cb28ca
feat(ext/ffi): Support 64 bit parameters in Fast API calls (#15140)
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
2022-07-12 08:20:20 +05:30
Divy Srivastava
77d065e034
fix(ext/ffi): trampoline for fast calls (#15139) 2022-07-12 06:33:05 +05:30
Divy Srivastava
132c761e87
fix(ext/ffi): allow opting out of fast ffi calls (#15131) 2022-07-09 18:41:07 +05:30
Divy Srivastava
20cbd7f0f8
perf(ext/ffi): leverage V8 Fast Calls (#15125) 2022-07-08 23:19:09 +05:30
Bartek Iwańczuk
b8b82c3ea4
chore: use Rust 1.62.0 (#15028) 2022-07-01 15:28:06 +02:00