lib: Add per-user packet pools

The IRMd will now check the user UID and GID for privileged access,
avoiding unprivileged users being able to disrupt all IPC (e.g. by
shm_open the single pool and corrupting its metadata).

Non-privileged users are now limited to a PUP (per-user pool) for
sending/receiving packets. It is still created by the IRMd, but owned
by the user (uid) with 600 permissions. It does not add additional
copies for local IPC between their own processes (i.e. over the local
IPCP), but packets between processes owned by a different user or
destined over the network (other IPCPs) will incur a copy when
crossing the PUP / PUP or the PUP / GSPP boundary.

Privileged users and users in the ouroboros group still have direct
access to the GSPP (globally shared private pool) for packet transfer
that will avoid additional copies when processing packets between
processes owned by different users and to the network.

This aligns the security model with UNIX trust domains defined by UID
and GID by leveraging file permission on the pools in shared memory.

┌─────────────────────────────────────────────────────────────┐
│ Source Pool    │ Dest Pool      │ Operation    │ Copies     │
├─────────────────────────────────────────────────────────────┤
│ GSPP           │ GSPP           │ Zero-copy    │ 0          │
│ PUP.uid        │ PUP.uid        │ Zero-copy    │ 0          │
│ PUP.uid1       │ PUP.uid2       │ memcpy()     │ 1          │
│ PUP.uid        │ GSPP           │ memcpy()     │ 1          │
│ GSPP           │ PUP.uid        │ memcpy()     │ 1          │
└─────────────────────────────────────────────────────────────┘

This also renames the struct ai ("application instance") in dev.c to
struct proc (process).

Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>

6 files changed, 42 insertions, 1 deletions

diff --git a/cmake/ipcp/broadcast.cmake b/cmake/ipcp/broadcast.cmake
index 20610a25..4f43d001 100644
--- a/cmake/ipcp/broadcast.cmake
+++ b/cmake/ipcp/broadcast.cmake
@@ -19,4 +19,10 @@ add_executable(${IPCP_BROADCAST_TARGET}
 
 target_include_directories(${IPCP_BROADCAST_TARGET} PRIVATE ${IPCP_INCLUDE_DIRS})
 target_link_libraries(${IPCP_BROADCAST_TARGET} PUBLIC ouroboros-dev)
+
+include(utils/AddCompileFlags)
+if (CMAKE_BUILD_TYPE MATCHES "Debug*")
+  add_compile_flags(${IPCP_BROADCAST_TARGET} -DCONFIG_OUROBOROS_DEBUG)
+endif ()
+
 install(TARGETS ${IPCP_BROADCAST_TARGET} RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR})
diff --git a/cmake/ipcp/eth.cmake b/cmake/ipcp/eth.cmake
index c14a1d6e..0960c8a5 100644
--- a/cmake/ipcp/eth.cmake
+++ b/cmake/ipcp/eth.cmake
@@ -38,5 +38,11 @@ if (HAVE_ETH)
     target_link_libraries(${target} PUBLIC ouroboros-dev)
   endforeach()
 
+  include(utils/AddCompileFlags)
+  if (CMAKE_BUILD_TYPE MATCHES "Debug*")
+    add_compile_flags(${IPCP_ETH_LLC_TARGET} -DCONFIG_OUROBOROS_DEBUG)
+    add_compile_flags(${IPCP_ETH_DIX_TARGET} -DCONFIG_OUROBOROS_DEBUG)
+  endif ()
+
   install(TARGETS ${IPCP_ETH_LLC_TARGET} ${IPCP_ETH_DIX_TARGET} RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR})
 endif ()
diff --git a/cmake/ipcp/ipcp.cmake b/cmake/ipcp/ipcp.cmake
index f821f481..006e76b0 100644
--- a/cmake/ipcp/ipcp.cmake
+++ b/cmake/ipcp/ipcp.cmake
@@ -23,7 +23,7 @@ set(BUILD_CONTAINER FALSE CACHE BOOL
   "Disable thread priority setting for container compatibility")
 
 if (CMAKE_SYSTEM_NAME STREQUAL "Linux")
-   set(IPCP_LINUX_TIMERSLACK_NS 1000 CACHE STRING
+   set(IPCP_LINUX_TIMERSLACK_NS 100 CACHE STRING
        "Slack value for high resolution timers on Linux systems.")
 endif ()
 
diff --git a/cmake/ipcp/local.cmake b/cmake/ipcp/local.cmake
index 9e320aad..7b604ba1 100644
--- a/cmake/ipcp/local.cmake
+++ b/cmake/ipcp/local.cmake
@@ -5,7 +5,24 @@ set(IPCP_LOCAL_TARGET ipcpd-local CACHE INTERNAL "")
 set(IPCP_LOCAL_MPL 100 CACHE STRING
   "Default maximum packet lifetime for the Local IPCP, in ms")
 
+set(IPCP_LOCAL_POLLING FALSE CACHE BOOL
+  "Enable active polling in the Local IPCP for low-latency mode")
+
 add_executable(${IPCP_LOCAL_TARGET} "${LOCAL_SOURCE_DIR}/main.c" ${IPCP_SOURCES})
 target_include_directories(${IPCP_LOCAL_TARGET} PRIVATE ${IPCP_INCLUDE_DIRS})
 target_link_libraries(${IPCP_LOCAL_TARGET} PUBLIC ouroboros-dev)
+
+include(utils/AddCompileFlags)
+if (CMAKE_BUILD_TYPE MATCHES "Debug*")
+  add_compile_flags(${IPCP_LOCAL_TARGET} -DCONFIG_OUROBOROS_DEBUG)
+endif ()
+
+if (IPCP_LOCAL_POLLING)
+  add_compile_flags(${IPCP_LOCAL_TARGET} -DCONFIG_IPCP_LOCAL_POLLING)
+endif ()
+
+if (IPCP_LOCAL_POLLING)
+  add_compile_flags(${IPCP_LOCAL_TARGET} -DCONFIG_IPCP_LOCAL_POLLING)
+endif ()
+
 install(TARGETS ${IPCP_LOCAL_TARGET} RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR})
diff --git a/cmake/ipcp/udp.cmake b/cmake/ipcp/udp.cmake
index 7195dfa1..360330c5 100644
--- a/cmake/ipcp/udp.cmake
+++ b/cmake/ipcp/udp.cmake
@@ -48,4 +48,10 @@ foreach(target ${IPCP_UDP4_TARGET} ${IPCP_UDP6_TARGET})
   target_link_libraries(${target} PUBLIC ouroboros-dev)
 endforeach()
 
+include(utils/AddCompileFlags)
+if (CMAKE_BUILD_TYPE MATCHES "Debug*")
+  add_compile_flags(${IPCP_UDP4_TARGET} -DCONFIG_OUROBOROS_DEBUG)
+  add_compile_flags(${IPCP_UDP6_TARGET} -DCONFIG_OUROBOROS_DEBUG)
+endif ()
+
 install(TARGETS ${IPCP_UDP4_TARGET} ${IPCP_UDP6_TARGET} RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR})
diff --git a/cmake/ipcp/unicast.cmake b/cmake/ipcp/unicast.cmake
index 2a2f7a3f..de237500 100644
--- a/cmake/ipcp/unicast.cmake
+++ b/cmake/ipcp/unicast.cmake
@@ -47,4 +47,10 @@ add_executable(${IPCP_UNICAST_TARGET}
 target_include_directories(${IPCP_UNICAST_TARGET} PRIVATE ${IPCP_INCLUDE_DIRS})
 target_include_directories(${IPCP_UNICAST_TARGET} PRIVATE "${UNICAST_SOURCE_DIR}")
 target_link_libraries(${IPCP_UNICAST_TARGET} PUBLIC ouroboros-dev)
+
+include(utils/AddCompileFlags)
+if (CMAKE_BUILD_TYPE MATCHES "Debug*")
+  add_compile_flags(${IPCP_UNICAST_TARGET} -DCONFIG_OUROBOROS_DEBUG)
+endif ()
+
 install(TARGETS ${IPCP_UNICAST_TARGET} RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR})