- added buffered r/w

fortanix · Nov 12, 2024 · 4d1e96b · 4d1e96b
1 parent 7f320a3
commit 4d1e96b
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 7 deletions.
diff --git a/tools/container-converter/build.rs b/tools/container-converter/build.rs
@@ -39,7 +39,7 @@ fn main() -> Result<(), Box<dyn Error>> {
 
     let current_dir = env::current_dir().expect("Failed retrieving current directory");
 
-    {
+    let status = {
         let mut result = Command::new("cargo");
 
         result.current_dir(current_dir.join("../../vsock-proxy"))
@@ -52,6 +52,10 @@ fn main() -> Result<(), Box<dyn Error>> {
         result
     }.status().expect("Failed to build vsock-proxy project");
 
+    if !status.success() {
+        panic!("Failed to build vsock-proxy project");
+    }
+
     fs::copy(vsock_proxy_bin_dir.join("enclave"), resources_enclave_dir.join("enclave"))
         .expect("Failed to copy enclave bin");
     fs::copy(vsock_proxy_bin_dir.join("parent"), resources_parent_dir.join("parent"))

diff --git a/vsock-proxy/parent/src/packet_capture.rs b/vsock-proxy/parent/src/packet_capture.rs
@@ -55,6 +55,11 @@ async fn read_from_device_async(
 ) -> Result<(), String> {
     let mut unsupported_protocols = HashSet::<u8>::new();
 
+    use tokio::io::BufReader;
+    use tokio::io::BufWriter;
+
+    let mut buffered_vsock = BufWriter::new(enclave_stream);
+
     loop {
         let packets = match capture.next().await {
             Some(Ok(packets)) => packets,
@@ -81,7 +86,7 @@ async fn read_from_device_async(
                     _ => {}
                 }
 
-                enclave_stream.write_lv_bytes(&data).await?;
+                buffered_vsock.write_lv_bytes(&data).await?;
             } else {
                 warn!(
                     "Dropped PCAP captured packet! \
@@ -102,6 +107,10 @@ async fn write_to_device_async(
     let (packet_tx, packet_rx) = mpsc::channel();
     let (error_tx, error_rx) = mpsc::sync_channel(1);
 
+    use tokio::io::BufReader;
+    let mut buffered_vsock = BufReader::new(from_enclave);
+
+
     // This is a fix to avoid blocking when writing packets to pcap,
     // as there is no async write function available in pcap crate.
     thread::spawn(move || {
@@ -117,7 +126,7 @@ async fn write_to_device_async(
     });
 
     loop {
-        let packet = from_enclave
+        let packet = buffered_vsock
             .read_lv_bytes()
             .await
             .map_err(|err| format!("Failed to read packet from enclave {:?}", err))?;

diff --git a/vsock-proxy/shared/src/tap.rs b/vsock-proxy/shared/src/tap.rs
@@ -73,25 +73,36 @@ async fn read_from_tap_async(
     mut vsock: WriteHalf<AsyncVsockStream>,
     buf_len: u32,
 ) -> Result<(), String> {
+    use tokio::io::BufReader;
+    use tokio::io::BufWriter;
+
     let mut buf = vec![0 as u8; (MAX_ETHERNET_HEADER_SIZE + buf_len) as usize];
+    let mut buffered_device = BufReader::new(device);
+    let mut buffered_vsock = BufWriter::new(vsock);
 
     loop {
-        let amount = AsyncReadExt::read(&mut device, &mut buf)
+        let amount = AsyncReadExt::read(&mut buffered_device, &mut buf)
             .await
             .map_err(|err| format!("Cannot read from tap {:?}", err))?;
 
-        vsock
+        buffered_vsock
             .write_lv_bytes(&buf[..amount])
             .await
             .map_err(|err| format!("Failed to write to enclave vsock {:?}", err))?;
     }
 }
 
 async fn write_to_tap_async(mut device: WriteHalf<AsyncDevice>, mut vsock: ReadHalf<AsyncVsockStream>) -> Result<(), String> {
+    use tokio::io::BufReader;
+    use tokio::io::BufWriter;
+
+    let mut buffered_device = BufWriter::new(device);
+    let mut buffered_vsock = BufReader::new(vsock);
+
     loop {
-        let packet = vsock.read_lv_bytes().await?;
+        let packet = buffered_vsock.read_lv_bytes().await?;
 
-        AsyncWriteExt::write_all(&mut device, &packet)
+        AsyncWriteExt::write_all(&mut buffered_device, &packet)
             .await
             .map_err(|err| format!("Cannot write to tap {:?}", err))?;
     }