aboutgitcodelistschat:MatrixIRC
diff options
context:
space:
mode:
authorAlice Frosi <afrosi@redhat.com>2023-04-21 11:15:02 +0200
committerAlice Frosi <afrosi@redhat.com>2023-04-21 11:15:02 +0200
commit847ffac9ba2bff6558ff6bb2cbec093a029828bc (patch)
treed372b645085389fa276600d431a03b9b534ca763
parent26e87bc6131edf317ad8f1248652233ebf7e6ded (diff)
downloadseitan-847ffac9ba2bff6558ff6bb2cbec093a029828bc.tar
seitan-847ffac9ba2bff6558ff6bb2cbec093a029828bc.tar.gz
seitan-847ffac9ba2bff6558ff6bb2cbec093a029828bc.tar.bz2
seitan-847ffac9ba2bff6558ff6bb2cbec093a029828bc.tar.lz
seitan-847ffac9ba2bff6558ff6bb2cbec093a029828bc.tar.xz
seitan-847ffac9ba2bff6558ff6bb2cbec093a029828bc.tar.zst
seitan-847ffac9ba2bff6558ff6bb2cbec093a029828bc.zip
operation: remove pid and id
Pid and id are reduandant fields as the information are already included in the seccomp request
-rw-r--r--operations.c21
-rw-r--r--operations.h3
-rw-r--r--tests/unit/test_operations.c46
3 files changed, 36 insertions, 34 deletions
diff --git a/operations.c b/operations.c
index 0327e57..a7ea5fb 100644
--- a/operations.c
+++ b/operations.c
@@ -243,6 +243,7 @@ static void set_inject_fields(uint64_t id, void *data, const struct op *a,
else
memcpy(&resp->srcfd, (uint16_t *)data + old->fd_off,
sizeof(resp->srcfd));
+
if (old->type == IMMEDIATE)
resp->srcfd = old->fd;
else
@@ -252,7 +253,7 @@ static void set_inject_fields(uint64_t id, void *data, const struct op *a,
}
int do_operations(void *data, struct op operations[], struct seccomp_notif *req,
- unsigned int n_operations, int pid, int notifyfd, uint64_t id)
+ unsigned int n_operations, int notifyfd)
{
struct seccomp_notif_addfd resp_fd;
struct seccomp_notif_resp resp;
@@ -263,11 +264,11 @@ int do_operations(void *data, struct op operations[], struct seccomp_notif *req,
for (i = 0; i < n_operations; i++) {
switch (operations[i].type) {
case OP_CALL:
- resp.id = id;
+ resp.id = req->id;
resp.val = 0;
resp.flags = 0;
c.args = &operations[i].call;
- c.pid = pid;
+ c.pid = req->pid;
if (do_call(&c) == -1) {
resp.error = -1;
if (send_target(&resp, notifyfd) == -1)
@@ -289,7 +290,7 @@ int do_operations(void *data, struct op operations[], struct seccomp_notif *req,
}
break;
case OP_BLOCK:
- resp.id = id;
+ resp.id = req->id;
resp.val = 0;
resp.flags = 0;
resp.error = operations[i].block.error;
@@ -297,7 +298,7 @@ int do_operations(void *data, struct op operations[], struct seccomp_notif *req,
return -1;
break;
case OP_RETURN:
- resp.id = id;
+ resp.id = req->id;
resp.flags = 0;
resp.error = 0;
if (operations[i].ret.type == IMMEDIATE)
@@ -313,7 +314,7 @@ int do_operations(void *data, struct op operations[], struct seccomp_notif *req,
break;
case OP_CONT:
- resp.id = id;
+ resp.id = req->id;
resp.flags = SECCOMP_USER_NOTIF_FLAG_CONTINUE;
resp.error = 0;
resp.val = 0;
@@ -321,13 +322,15 @@ int do_operations(void *data, struct op operations[], struct seccomp_notif *req,
return -1;
break;
case OP_INJECT_A:
- set_inject_fields(id, data, &operations[i], &resp_fd);
+ set_inject_fields(req->id, data, &operations[i],
+ &resp_fd);
resp_fd.flags |= SECCOMP_ADDFD_FLAG_SEND;
if (send_inject_target(&resp_fd, notifyfd) == -1)
return -1;
break;
case OP_INJECT:
- set_inject_fields(id, data, &operations[i], &resp_fd);
+ set_inject_fields(req->id, data, &operations[i],
+ &resp_fd);
if (send_inject_target(&resp_fd, notifyfd) == -1)
return -1;
break;
@@ -346,7 +349,7 @@ int do_operations(void *data, struct op operations[], struct seccomp_notif *req,
}
break;
case OP_RESOLVEDFD:
- ret = resolve_fd(data, &operations[i].resfd, pid);
+ ret = resolve_fd(data, &operations[i].resfd, req->pid);
if (ret == -1)
return -1;
else if (ret == 1)
diff --git a/operations.h b/operations.h
index 3691a50..3a4caa2 100644
--- a/operations.h
+++ b/operations.h
@@ -21,6 +21,5 @@ struct arg_clone {
int do_call(struct arg_clone *c);
int do_operations(void *data, struct op operations[], struct seccomp_notif *req,
- unsigned int n_operations, int tpid, int notifyfd,
- uint64_t id);
+ unsigned int n_operations, int notifyfd);
#endif /* ACTIONS_H */
diff --git a/tests/unit/test_operations.c b/tests/unit/test_operations.c
index 6ef451f..f8aef76 100644
--- a/tests/unit/test_operations.c
+++ b/tests/unit/test_operations.c
@@ -88,8 +88,8 @@ START_TEST(test_act_continue)
{ .type = OP_CONT },
};
int ret = do_operations(NULL, operations, &req,
- sizeof(operations) / sizeof(operations[0]), -1, notifyfd,
- req.id);
+ sizeof(operations) / sizeof(operations[0]),
+ notifyfd);
ck_assert_msg(ret == 0, strerror(errno));
ck_assert_int_eq(at->err, 0);
}
@@ -104,8 +104,8 @@ START_TEST(test_act_block)
},
};
int ret = do_operations(NULL, operations, &req,
- sizeof(operations) / sizeof(operations[0]), -1, notifyfd,
- req.id);
+ sizeof(operations) / sizeof(operations[0]),
+ notifyfd);
ck_assert_msg(ret == 0, strerror(errno));
/*
* The tests use getpid that returns the error with ret and it is always
@@ -124,8 +124,8 @@ START_TEST(test_act_return)
},
};
int ret = do_operations(NULL, operations, &req,
- sizeof(operations) / sizeof(operations[0]), -1, notifyfd,
- req.id);
+ sizeof(operations) / sizeof(operations[0]),
+ notifyfd);
ck_assert_msg(ret == 0, strerror(errno));
check_target_result(1, 0, false);
}
@@ -144,8 +144,8 @@ START_TEST(test_act_return_ref)
memcpy((uint16_t *)&tmp_data + offset, &v, sizeof(v));
int ret = do_operations(&tmp_data, operations, &req,
- sizeof(operations) / sizeof(operations[0]), -1, notifyfd,
- req.id);
+ sizeof(operations) / sizeof(operations[0]),
+ notifyfd);
ck_assert_msg(ret == 0, strerror(errno));
check_target_result(v, 0, false);
}
@@ -161,8 +161,8 @@ START_TEST(test_act_call)
{ .type = OP_CONT },
};
int ret = do_operations(NULL, operations, &req,
- sizeof(operations) / sizeof(operations[0]), -1, notifyfd,
- req.id);
+ sizeof(operations) / sizeof(operations[0]),
+ notifyfd);
ck_assert_msg(ret == 0, strerror(errno));
check_target_result(1, 0, true);
}
@@ -180,8 +180,8 @@ START_TEST(test_act_call_ret)
{ .type = OP_CONT },
};
int ret = do_operations(&tmp_data, operations, &req,
- sizeof(operations) / sizeof(operations[0]), -1, notifyfd,
- req.id);
+ sizeof(operations) / sizeof(operations[0]),
+ notifyfd);
long r;
ck_assert_msg(ret == 0, strerror(errno));
check_target_result(1, 0, true);
@@ -216,7 +216,7 @@ static void test_inject(struct op operations[], int n, bool reference)
operations[0].inj.oldfd.type = IMMEDIATE;
}
- ret = do_operations(&tmp_data, operations, &req,n, -1, notifyfd, req.id);
+ ret = do_operations(&tmp_data, operations, &req, n, notifyfd);
ck_assert_msg(ret == 0, strerror(errno));
check_target_fd(pid, test_fd);
}
@@ -276,8 +276,8 @@ START_TEST(test_op_copy)
.type = IMMEDIATE,
.size = sizeof(socklen_t) };
ret = do_operations(&tmp_data, operations, &req,
- sizeof(operations) / sizeof(operations[0]), -1,
- notifyfd, req.id);
+ sizeof(operations) / sizeof(operations[0]),
+ notifyfd);
ck_assert_msg(ret == 0, strerror(errno));
check_target_result(0, 0, false);
addr = (struct sockaddr_un *)(tmp_data + o->args[1].args_off);
@@ -309,8 +309,8 @@ START_TEST(test_op_cmp_eq)
memcpy((uint16_t *)&tmp_data + operations[0].cmp.s2_off, &s, sizeof(s));
ret = do_operations(&tmp_data, operations, &req,
- sizeof(operations) / sizeof(operations[0]), -1,
- notifyfd, req.id);
+ sizeof(operations) / sizeof(operations[0]),
+ notifyfd);
ck_assert_msg(ret == 0, strerror(errno));
ck_assert_int_eq(at->err, 0);
}
@@ -338,8 +338,8 @@ START_TEST(test_op_cmp_neq)
sizeof(s2));
ret = do_operations(&tmp_data, operations, &req,
- sizeof(operations) / sizeof(operations[0]), -1,
- notifyfd, req.id);
+ sizeof(operations) / sizeof(operations[0]),
+ notifyfd);
ck_assert_msg(ret == 0, strerror(errno));
check_target_result(-1, 1, false);
}
@@ -363,8 +363,8 @@ START_TEST(test_op_resolvedfd_eq)
memcpy((uint16_t *)&tmp_data + operations[0].resfd.path_off, &path,
sizeof(path));
int ret = do_operations(&tmp_data, operations, &req,
- sizeof(operations) / sizeof(operations[0]), pid,
- notifyfd, req.id);
+ sizeof(operations) / sizeof(operations[0]),
+ notifyfd);
ck_assert_msg(ret == 0, strerror(errno));
check_target_result(-1, 1, false);
}
@@ -388,8 +388,8 @@ START_TEST(test_op_resolvedfd_neq)
memcpy((uint16_t *)&tmp_data + operations[0].resfd.path_off, &path2,
sizeof(path2));
int ret = do_operations(&tmp_data, operations, &req,
- sizeof(operations) / sizeof(operations[0]), pid,
- notifyfd, req.id);
+ sizeof(operations) / sizeof(operations[0]),
+ notifyfd);
ck_assert_msg(ret == 0, strerror(errno));
}
END_TEST