Merge branch 'main' into copilot/fix-119

Author: jaybosamiya-ms

.github/copilot-instructions.md

@@ -0,0 +1,30 @@
+This repository contains a Rust-based, security-focused sandboxing library OS. To maintain high code quality and consistency, please adhere to the following guidelines when contributing.
+
+## Code Standards
+
+### Required Before Each Commit
+- Run `cargo fmt` to format all Rust files using `rustfmt`.
+  - This ensures consistent code style across the codebase.
+
+### Development Workflow
+The recommended sequence during development is:
+1. **Format**: `cargo fmt`
+2. **Build**: `cargo build`
+3. **Lint**: `cargo clippy --all-targets --all-features`
+4. **Test**: `cargo nextest run`
+
+- Full CI checks are defined in `.github/workflows/ci.yml`.
+
+## Key Guidelines
+
+1. Follow Rust best practices and idiomatic patterns.
+2. Preserve the existing code structure and organization.
+3. Minimize use of `unsafe` code. Every `unsafe` block **must** include a clear safety comment explaining why it's sound. Always prefer safe abstractions and code where possible.
+4. Write unit tests for new functionality, especially if it affects public interfaces.
+   - Extremely simple changes do not require explicit unit tests.
+5. Document all public APIs and non-trivial implementation details.
+6. Avoid introducing new dependencies unless strictly necessary. If a dependency is added:
+   - It must be justified.
+   - Prefer `default-features = false` in `Cargo.toml`.
+7. Favor `no_std` compatibility wherever feasible.
+   - Some crates in the workspace may use `std`, but this should be deliberate and justified.

.github/workflows/copilot-setup-steps.yml

@@ -0,0 +1,39 @@
+# Customize GitHub Copilot coding agent development environment
+name: "Copilot Setup Steps"
+
+# Automatically run the setup steps when they are changed to allow for easy validation, and
+# allow manual testing through the repository's "Actions" tab
+on:
+  workflow_dispatch:
+  push:
+    paths:
+      - .github/workflows/copilot-setup-steps.yml
+  pull_request:
+    paths:
+      - .github/workflows/copilot-setup-steps.yml
+
+jobs:
+  # The job MUST be called `copilot-setup-steps` or it will not be picked up by Copilot.
+  copilot-setup-steps:
+    runs-on: ubuntu-latest
+
+    # Set the permissions to the lowest permissions possible needed for your steps.
+    # Copilot will be given its own token for its operations.
+    permissions:
+      # Needed to clone the repository
+      contents: read
+
+    # You can define any steps you want, and they will run before the agent starts.
+    # If you do not check out your code, Copilot will do this for you.
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Rust
+        run: |
+          rustup toolchain install $(awk -F'"' '/channel/{print $2}' rust-toolchain.toml) --profile minimal --no-self-update --component rustfmt,clippy
+      - name: Set up Nextest
+        run: |
+          curl -LsSf https://get.nexte.st/latest/linux | tar zxf - -C ${CARGO_HOME:-~/.cargo}/bin
+      - name: Set up tun device for Linux userland testing
+        run: |
+          sudo ./litebox_platform_linux_userland/scripts/tun-setup.sh

litebox/src/platform/mod.rs

@@ -539,3 +539,33 @@ pub trait SystemInfoProvider {
     /// execution context and transfer control to the syscall handler.
     fn get_syscall_entry_point(&self) -> usize;
 }
+
+/// A provider for thread-local storage.
+pub trait ThreadLocalStorageProvider {
+    type ThreadLocalStorage;
+
+    /// Set a thread-local storage value for the current thread.
+    ///
+    /// # Panics
+    ///
+    /// Panics if TLS is set already.
+    fn set_thread_local_storage(&self, value: Self::ThreadLocalStorage);
+
+    /// Invokes the provided callback function with the thread-local storage value for the current thread.
+    ///
+    /// # Panics
+    ///
+    /// Panics if TLS is not set yet.
+    /// Panics if TLS is borrowed already (e.g., recursive call).
+    fn with_thread_local_storage_mut<F, R>(&self, f: F) -> R
+    where
+        F: FnOnce(&mut Self::ThreadLocalStorage) -> R;
+
+    /// Release the thread-local storage value for the current thread
+    ///
+    /// # Panics
+    ///
+    /// Panics if TLS is not set yet.
+    /// Panics if TLS is being used by [`Self::with_thread_local_storage_mut`].
+    fn release_thread_local_storage(&self) -> Self::ThreadLocalStorage;
+}

litebox_common_linux/Cargo.toml

@@ -4,6 +4,7 @@ version = "0.1.0"
 edition = "2024"
 
 [dependencies]
+bitfield = "0.19.1"
 bitflags = "2.9.0"
 cfg-if = "1.0.0"
 litebox = { path = "../litebox/", version = "0.1.0" }

litebox_common_linux/src/lib.rs

@@ -14,6 +14,8 @@ use syscalls::Sysno;
 
 pub mod errno;
 
+extern crate alloc;
+
 // TODO(jayb): Should errno::Errno be publicly re-exported?
 
 bitflags::bitflags! {
@@ -681,13 +683,102 @@ pub unsafe fn wrfsbase(fs_base: usize) {
     }
 }
 
+/// Reads the GS segment base address
+///
+/// ## Safety
+///
+/// If `CR4.FSGSBASE` is not set, this instruction will throw an `#UD`.
+#[cfg(target_arch = "x86_64")]
+pub unsafe fn rdgsbase() -> usize {
+    let ret: usize;
+    unsafe {
+        core::arch::asm!(
+            "rdgsbase {}",
+            out(reg) ret,
+            options(nostack, nomem)
+        );
+    }
+    ret
+}
+
+/// Writes the GS segment base address
+///
+/// ## Safety
+///
+/// If `CR4.FSGSBASE` is not set, this instruction will throw an `#UD`.
+///
+/// The caller must ensure that this write operation has no unsafe side
+/// effects, as the GS segment base address might be in use.
+#[cfg(target_arch = "x86_64")]
+pub unsafe fn wrgsbase(gs_base: usize) {
+    unsafe {
+        core::arch::asm!(
+            "wrgsbase {}",
+            in(reg) gs_base,
+            options(nostack, nomem)
+        );
+    }
+}
+
+/// Linux's `user_desc` struct used by the `set_thread_area` syscall.
 #[repr(C, packed)]
 #[derive(Debug, Clone)]
 pub struct UserDesc {
-    pub entry_number: i32,
-    pub base_addr: i32,
-    pub limit: i32,
-    pub flags: i32,
+    pub entry_number: u32,
+    pub base_addr: u32,
+    pub limit: u32,
+    pub flags: UserDescFlags,
+}
+
+bitfield::bitfield! {
+    /// Flags for the `user_desc` struct.
+    #[derive(Clone, Copy)]
+    pub struct UserDescFlags(u32);
+    impl Debug;
+    /// 1 if the segment is 32-bit
+    pub seg_32bit, set_seg_32bit: 0;
+    /// Contents of the segment
+    pub contents, set_contents: 1, 2;
+    /// Read-exec only
+    pub read_exec_only, set_read_exec_only: 3;
+    /// Limit in pages
+    pub limit_in_pages, set_limit_in_pages: 4;
+    /// Segment not present
+    pub seg_not_present, set_seg_not_present: 5;
+    /// Usable by userland
+    pub useable, set_useable: 6;
+    /// 1 if the segment is 64-bit (x86_64 only)
+    pub lm, set_lm: 7;
+}
+
+/// Struct for thread-local storage.
+pub struct ThreadLocalStorage<Platform: litebox::platform::RawPointerProvider> {
+    /// Indicates whether the TLS is being borrowed.
+    pub borrowed: bool,
+
+    #[cfg(target_arch = "x86")]
+    pub self_ptr: *mut ThreadLocalStorage<Platform>,
+    pub current_task: alloc::boxed::Box<Task>,
+
+    pub __phantom: core::marker::PhantomData<Platform>,
+}
+
+impl<Platform: litebox::platform::RawPointerProvider> ThreadLocalStorage<Platform> {
+    pub const fn new(task: alloc::boxed::Box<Task>) -> Self {
+        Self {
+            borrowed: false,
+            #[cfg(target_arch = "x86")]
+            self_ptr: core::ptr::null_mut(),
+            current_task: task,
+            __phantom: core::marker::PhantomData,
+        }
+    }
+}
+
+/// A task associated with a thread in LiteBox.
+pub struct Task {
+    /// Thread identifier
+    pub tid: u32,
 }
 
 #[repr(C)]