tetratelabs · yagehu · Jun 14, 2024 · Jun 17, 2024 · Jun 17, 2024 · Jun 17, 2024
@@ -1,6 +1,10 @@
 package fsapi
 
-import experimentalsys "github.com/tetratelabs/wazero/experimental/sys"
+import (
+	"io/fs"
+
+	experimentalsys "github.com/tetratelabs/wazero/experimental/sys"
+)
 
 // File includes methods not yet ready to document for end users, notably
 // non-blocking functionality.
@@ -66,4 +70,22 @@ type File interface {
 	//     immediately true, as data will never become available.
 	//   - See /RATIONALE.md for detailed notes including impact of blocking.
 	Poll(flag Pflag, timeoutMillis int32) (ready bool, errno experimentalsys.Errno)
+
+	// OpenAt opens a file with a path relative to this directory.
+	//
+	// # Parameters
+	//
+	// The `path` parameter must be a relative path. The `flag` and `mode`
+	// parameters have the same semantics as [internal/sysfs.OpenFileAt].
+	//
+	// # Notes
+	//
+	//   - This is like `openat` in POSIX.
+	//     See https://pubs.opengroup.org/onlinepubs/9699919799/functions/open.html
+	OpenAt(
+		fs experimentalsys.FS,
+		path string,
+		flag experimentalsys.Oflag,
+		mode fs.FileMode,
+	) (experimentalsys.File, experimentalsys.Errno)
 }
@@ -1,11 +1,18 @@
 package fsapi
 
-import experimentalsys "github.com/tetratelabs/wazero/experimental/sys"
+import (
+	"fmt"
+	"io/fs"
+
+	"github.com/tetratelabs/wazero/experimental/sys"
+	experimentalsys "github.com/tetratelabs/wazero/experimental/sys"
+)
 
 func Adapt(f experimentalsys.File) File {
 	if f, ok := f.(File); ok {
 		return f
 	}
+	fmt.Printf("unimplmented %T\n", f)
 	return unimplementedFile{f}
 }
 
@@ -25,3 +32,13 @@ func (unimplementedFile) SetNonblock(bool) experimentalsys.Errno {
 func (unimplementedFile) Poll(Pflag, int32) (ready bool, errno experimentalsys.Errno) {
 	return false, experimentalsys.ENOSYS
 }
+
+// OpenAt implements File.OpenAt
+func (unimplementedFile) OpenAt(
+	fs experimentalsys.FS,
+	path string,
+	flag experimentalsys.Oflag,
+	mode fs.FileMode,
+) (sys.File, experimentalsys.Errno) {
+	return nil, experimentalsys.ENOSYS
+}
@@ -1,6 +1,8 @@
 package sys
 
 import (
+	"io/fs"
+
 	experimentalsys "github.com/tetratelabs/wazero/experimental/sys"
 	"github.com/tetratelabs/wazero/internal/fsapi"
 	"github.com/tetratelabs/wazero/sys"
@@ -149,3 +151,22 @@ func (d *lazyDir) SetNonblock(bool) experimentalsys.Errno {
 func (d *lazyDir) Poll(fsapi.Pflag, int32) (ready bool, errno experimentalsys.Errno) {
 	return false, experimentalsys.ENOSYS
 }
+
+func (d *lazyDir) OpenAt(
+	fs experimentalsys.FS,
+	path string,
+	flag experimentalsys.Oflag,
+	mode fs.FileMode,
+) (experimentalsys.File, experimentalsys.Errno) {
+	f, ok := d.file()
+	if !ok {
+		return nil, experimentalsys.EBADF
+	}
+
+	dir, ok := f.(fsapi.File)
+	if !ok {
+		return nil, experimentalsys.EBADF
+	}
+
+	return dir.OpenAt(fs, path, flag, mode)
+}
@@ -2,6 +2,7 @@ package sys
 
 import (
 	"io"
+	"io/fs"
 	"os"
 
 	experimentalsys "github.com/tetratelabs/wazero/experimental/sys"
@@ -99,6 +100,16 @@ func (noopStdioFile) Poll(fsapi.Pflag, int32) (ready bool, errno experimentalsys
 	return false, experimentalsys.ENOSYS
 }
 
+// OpenAt implements the same method as documented on fsapi.File
+func (noopStdioFile) OpenAt(
+	fs experimentalsys.FS,
+	path string,
+	flag experimentalsys.Oflag,
+	mode fs.FileMode,
+) (experimentalsys.File, experimentalsys.Errno) {
+	return nil, experimentalsys.EBADF
+}
+
 func stdinFileEntry(r io.Reader) (*FileEntry, error) {
 	if r == nil {
 		return &FileEntry{Name: "stdin", IsPreopen: true, File: &noopStdinFile{}}, nil

@@ -41,11 +41,44 @@ func OpenFile(path string, flag experimentalsys.Oflag, perm fs.FileMode) (*os.Fi
 	return openFile(path, flag, perm)
 }
 
+func OpenFileAt(
+	dir *os.File,
+	path string,
+	flag experimentalsys.Oflag,
+	perm fs.FileMode,
+) (*os.File, experimentalsys.Errno) {
+	return openFileAt(dir, path, flag, perm)
+}
+
 func OpenOSFile(path string, flag experimentalsys.Oflag, perm fs.FileMode) (experimentalsys.File, experimentalsys.Errno) {
 	f, errno := OpenFile(path, flag, perm)
 	if errno != 0 {
 		return nil, errno
 	}
+
+	return newOsFile(path, flag, perm, f), 0
+}
+
+func OpenOSFileAt(
+	dir experimentalsys.File,
+	path string,
+	flag experimentalsys.Oflag,
+	perm fs.FileMode,
+) (experimentalsys.File, experimentalsys.Errno) {
+	if len(path) == 0 {
+		return nil, experimentalsys.EINVAL
+	}
+
+	dirOsFile, ok := dir.(*osFile)
+	if !ok {
+		return nil, experimentalsys.EBADF
+	}
+
+	f, errno := OpenFileAt(dirOsFile.file, path, flag, perm)
+	if errno != 0 {
+		return nil, errno
+	}
+
 	return newOsFile(path, flag, perm, f), 0
 }
 
@@ -356,6 +389,15 @@ func (f *fsFile) Poll(fsapi.Pflag, int32) (ready bool, errno experimentalsys.Err
 	return false, experimentalsys.ENOSYS
 }
 
+func (f *fsFile) OpenAt(
+	fs experimentalsys.FS,
+	path string,
+	oflags experimentalsys.Oflag,
+	mode fs.FileMode,
+) (experimentalsys.File, experimentalsys.Errno) {
+	return nil, experimentalsys.ENOSYS
+}
+
 // dirError is used for commands that work against a directory, but not a file.
 func dirError(f experimentalsys.File, isClosed bool, errno experimentalsys.Errno) experimentalsys.Errno {
 	if vErrno := validate(f, isClosed, false, true); vErrno != 0 {

@@ -8,23 +8,47 @@ import (
 	"github.com/tetratelabs/wazero/experimental/sys"
 )
 
+// NTStatus corresponds with NTSTATUS, error values returned by ntdll.dll and
+// other native functions.
+type NTStatus uint32
+
+func rtlNtStatusToDosErrorNoTeb(ntstatus NTStatus) syscall.Errno {
+	r0, _, _ := syscall.SyscallN(procRtlNtStatusToDosErrorNoTeb.Addr(), uintptr(ntstatus))
+
+	return syscall.Errno(r0)
+}
+
+func (s NTStatus) Errno() syscall.Errno {
+	return rtlNtStatusToDosErrorNoTeb(s)
+}
+
 const (
 	nonBlockingFileReadSupported  = true
 	nonBlockingFileWriteSupported = false
 
 	_ERROR_IO_INCOMPLETE = syscall.Errno(996)
 )
 
-var kernel32 = syscall.NewLazyDLL("kernel32.dll")
+var (
+	kernel32 = syscall.NewLazyDLL("kernel32.dll")
+	ntdll    = syscall.NewLazyDLL("ntdll.dll")
+)
 
-// procPeekNamedPipe is the syscall.LazyProc in kernel32 for PeekNamedPipe
 var (
+	// procFormatMessageW is the syscall.LazyProc in kernel32 for FormatMessageW
+	procFormatMessageW = kernel32.NewProc("FormatMessageW")
 	// procPeekNamedPipe is the syscall.LazyProc in kernel32 for PeekNamedPipe
 	procPeekNamedPipe = kernel32.NewProc("PeekNamedPipe")
 	// procGetOverlappedResult is the syscall.LazyProc in kernel32 for GetOverlappedResult
 	procGetOverlappedResult = kernel32.NewProc("GetOverlappedResult")
 	// procCreateEventW is the syscall.LazyProc in kernel32 for CreateEventW
 	procCreateEventW = kernel32.NewProc("CreateEventW")
+	// procNtCreateFile is the syscall.LazyProc in ntdll for NtCreateFile
+	procNtCreateFile = ntdll.NewProc("NtCreateFile")
+	// procRtlInitUnicodeString is the syscall.LazyProc in ntdll for RtlInitUnicodeString
+	procRtlInitUnicodeString = ntdll.NewProc("RtlInitUnicodeString")
+	// procRtlNtStatusToDosErrorNoTeb is the syscall.LazyProc in ntdll for RtlNtStatusToDosErrorNoTeb
+	procRtlNtStatusToDosErrorNoTeb = ntdll.NewProc("RtlNtStatusToDosErrorNoTeb")
 )
 
 // readFd returns ENOSYS on unsupported platforms.

@@ -0,0 +1,135 @@
+package sysfs
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+// NTUnicodeString is a UTF-16 string for NT native APIs, corresponding to UNICODE_STRING.
+type NTUnicodeString struct {
+	Length        uint16
+	MaximumLength uint16
+	Buffer        *uint16
+}
+
+type OBJECT_ATTRIBUTES struct {
+	Length        uint32
+	RootDirectory syscall.Handle
+	ObjectName    *NTUnicodeString
+	Attributes    uint32
+
+	// Always nil.
+	SecurityDescriptor uintptr
+
+	// Always nil.
+	SecurityQoS uintptr
+}
+
+type IO_STATUS_BLOCK struct {
+	Status      NTStatus
+	Information uintptr
+}
+
+// https://learn.microsoft.com/en-us/windows/win32/secauthz/access-mask
+type ACCESS_MASK uint32
+
+// Constants for type ACCESS_MASK
+const (
+	READ_CONTROL            = 0x00020000
+	SYNCHRONIZE             = 0x00100000
+	STANDARD_RIGHTS_READ    = READ_CONTROL
+	STANDARD_RIGHTS_WRITE   = READ_CONTROL
+	STANDARD_RIGHTS_EXECUTE = READ_CONTROL
+)
+
+// File access rights constants.
+// https://learn.microsoft.com/en-us/windows/win32/fileio/file-access-rights-constants
+const (
+	FILE_READ_DATA        = 0x00000001
+	FILE_READ_ATTRIBUTES  = 0x00000080
+	FILE_READ_EA          = 0x00000008
+	FILE_WRITE_DATA       = 0x00000002
+	FILE_WRITE_ATTRIBUTES = 0x00000100
+	FILE_WRITE_EA         = 0x00000010
+	FILE_APPEND_DATA      = 0x00000004
+	FILE_EXECUTE          = 0x00000020
+)
+
+const (
+	FILE_GENERIC_READ    = STANDARD_RIGHTS_READ | FILE_READ_DATA | FILE_READ_ATTRIBUTES | FILE_READ_EA | SYNCHRONIZE
+	FILE_GENERIC_WRITE   = STANDARD_RIGHTS_WRITE | FILE_WRITE_DATA | FILE_WRITE_ATTRIBUTES | FILE_WRITE_EA | FILE_APPEND_DATA | SYNCHRONIZE
+	FILE_GENERIC_EXECUTE = STANDARD_RIGHTS_EXECUTE | FILE_READ_ATTRIBUTES | FILE_EXECUTE | SYNCHRONIZE
+)
+
+// NtCreateFile CreateDisposition
+const (
+	FILE_SUPERSEDE = 0x00000000
+	FILE_OPEN      = 0x00000001
+	FILE_CREATE    = 0x00000002
+	FILE_OPEN_IF   = 0x00000003
+	FILE_OVERWRITE = 0x00000004
+)
+
+const (
+	// NtCreateFile CreateOptions
+	FILE_OPEN_FOR_BACKUP_INTENT = 0x00004000
+
+	// https://learn.microsoft.com/en-us/windows/win32/api/ntdef/nf-ntdef-initializeobjectattributes
+	OBJ_CASE_INSENSITIVE = 0x00000040
+)
+
+func NtCreateFile(
+	handle *syscall.Handle,
+	access uint32,
+	oa *OBJECT_ATTRIBUTES,
+	iosb *IO_STATUS_BLOCK,
+	allocationSize *int64,
+	attributes uint32,
+	share uint32,
+	disposition uint32,
+	options uint32,
+	eabuffer uintptr,
+	ealength uint32,
+) syscall.Errno {
+	r0, _, _ := syscall.SyscallN(
+		procNtCreateFile.Addr(),
+		uintptr(unsafe.Pointer(handle)),
+		uintptr(access),
+		uintptr(unsafe.Pointer(oa)),
+		uintptr(unsafe.Pointer(iosb)),
+		uintptr(unsafe.Pointer(allocationSize)),
+		uintptr(attributes),
+		uintptr(share),
+		uintptr(disposition),
+		uintptr(options),
+		uintptr(eabuffer),
+		uintptr(ealength),
+	)
+
+	return NTStatus(r0).Errno()
+}
+
+// NewNTUnicodeString returns a new NTUnicodeString structure for use with native
+// NT APIs that work over the NTUnicodeString type. Note that most Windows APIs
+// do not use NTUnicodeString, and instead UTF16PtrFromString should be used for
+// the more common *uint16 string type.
+func NewNTUnicodeString(s string) (*NTUnicodeString, error) {
+	var u NTUnicodeString
+
+	s16, err := syscall.UTF16PtrFromString(s)
+	if err != nil {
+		return nil, err
+	}
+
+	RtlInitUnicodeString(&u, s16)
+
+	return &u, nil
+}
+
+func RtlInitUnicodeString(destinationString *NTUnicodeString, sourceString *uint16) {
+	syscall.SyscallN(
+		procRtlInitUnicodeString.Addr(),
+		uintptr(unsafe.Pointer(destinationString)),
+		uintptr(unsafe.Pointer(sourceString)),
+	)
+}