seitan: add injection actions

The inject actions install a new fd into the target. If the action is an
atomic injection then the target is unblock after this action and the
return value of the syscall will be the the file descriptor number that
was allocated in the target

Signed-off-by: Alice Frosi <afrosi@redhat.com>

2 files changed, 18 insertions, 7 deletions

diff --git a/actions.c b/actions.c
index 8f08252..4cef920 100644
--- a/actions.c
+++ b/actions.c
@@ -167,6 +167,7 @@ int do_call(struct arg_clone *c)
 int do_actions(struct action actions[], unsigned int n_actions, int pid,
 	       int notifyfd, uint64_t id)
 {
+	struct seccomp_notif_addfd resp_fd;
 	struct seccomp_notif_resp resp;
 	struct arg_clone c;
 	unsigned int i;
@@ -210,6 +211,23 @@ int do_actions(struct action actions[], unsigned int n_actions, int pid,
 			if (send_target(&resp, notifyfd) == -1)
 				return -1;
 			break;
+		case A_INJECT_A:
+			resp_fd.id = id;
+			resp_fd.flags |= SECCOMP_ADDFD_FLAG_SEND;
+			resp_fd.newfd = actions[i].inj.newfd;
+			resp_fd.srcfd = actions[i].inj.old;
+			resp_fd.flags |= SECCOMP_ADDFD_FLAG_SETFD;
+			if (send_inject_target(&resp_fd, notifyfd) == -1)
+				return -1;
+			break;
+		case A_INJECT:
+			resp_fd.id = id;
+			resp_fd.newfd = actions[i].inj.newfd;
+			resp_fd.srcfd = actions[i].inj.old;
+			resp_fd.flags |= SECCOMP_ADDFD_FLAG_SETFD;
+			if (send_inject_target(&resp_fd, notifyfd) == -1)
+				return -1;
+			break;
 		default:
 			fprintf(stderr, "unknow action %d \n", actions[i].type);
 		}
diff --git a/gluten.h b/gluten.h
index 85254e9..c9f6600 100644
--- a/gluten.h
+++ b/gluten.h
@@ -75,12 +75,6 @@ struct act_inject {
 	uint32_t old;
 };
 
-struct act_inject_a {
-	uint32_t newfd;
-	uint32_t old;
-	int64_t value;
-};
-
 struct action {
 	enum action_type type;
 	union {
@@ -89,7 +83,6 @@ struct action {
 		struct act_continue cont;
 		struct act_return ret;
 		struct act_inject inj;
-		struct act_inject_a inj_a;
 	};
 };
 #endif /* GLUTEN_H */