diff options
author | Alice Frosi <afrosi@redhat.com> | 2023-02-21 15:21:52 +0100 |
---|---|---|
committer | Alice Frosi <afrosi@redhat.com> | 2023-02-21 16:33:04 +0100 |
commit | ace464e5066c9f30a13d77d267d9392ce84b3e73 (patch) | |
tree | 18c478d840e6fcec3e51249f170e34d3c035e6ed | |
parent | 4cad95ec182ab9f3d28f37cfab9fb28ccb596cd7 (diff) | |
download | seitan-ace464e5066c9f30a13d77d267d9392ce84b3e73.tar seitan-ace464e5066c9f30a13d77d267d9392ce84b3e73.tar.gz seitan-ace464e5066c9f30a13d77d267d9392ce84b3e73.tar.bz2 seitan-ace464e5066c9f30a13d77d267d9392ce84b3e73.tar.lz seitan-ace464e5066c9f30a13d77d267d9392ce84b3e73.tar.xz seitan-ace464e5066c9f30a13d77d267d9392ce84b3e73.tar.zst seitan-ace464e5066c9f30a13d77d267d9392ce84b3e73.zip |
actions: add reference for the fds
-rw-r--r-- | actions.c | 35 | ||||
-rw-r--r-- | gluten.h | 14 | ||||
-rw-r--r-- | tests/unit/test_actions.c | 6 |
3 files changed, 40 insertions, 15 deletions
@@ -164,6 +164,27 @@ int do_call(struct arg_clone *c) return 0; } +static void set_inject_fields(uint64_t id, void *data, + const struct action *a,struct seccomp_notif_addfd *resp) +{ + const struct fd_type *new = &(a->inj).newfd; + const struct fd_type *old = &(a->inj).oldfd; + + resp->flags = SECCOMP_ADDFD_FLAG_SETFD; + resp->id = id; + if (new->type == IMMEDIATE) + resp->newfd = new->fd; + else + memcpy(&resp->srcfd, (uint16_t *)data + old->fd_off, + sizeof(resp->srcfd)); + if (old->type == IMMEDIATE) + resp->srcfd = old->fd; + else + memcpy(&resp->srcfd, (uint16_t *)data + old->fd_off, + sizeof(resp->srcfd)); + resp->newfd_flags = 0; +} + int do_actions(void *data, struct action actions[], unsigned int n_actions, int pid, int notifyfd, uint64_t id) { @@ -231,21 +252,13 @@ int do_actions(void *data, struct action actions[], unsigned int n_actions, int return -1; break; case A_INJECT_A: - resp_fd.id = id; - resp_fd.flags = SECCOMP_ADDFD_FLAG_SEND; - resp_fd.newfd = actions[i].inj.newfd; - resp_fd.srcfd = actions[i].inj.oldfd; - resp_fd.flags |= SECCOMP_ADDFD_FLAG_SETFD; - resp_fd.newfd_flags = 0; + set_inject_fields(id, data, &actions[i], &resp_fd); + resp_fd.flags |= SECCOMP_ADDFD_FLAG_SEND; if (send_inject_target(&resp_fd, notifyfd) == -1) return -1; break; case A_INJECT: - resp_fd.id = id; - resp_fd.newfd = actions[i].inj.newfd; - resp_fd.srcfd = actions[i].inj.oldfd; - resp_fd.flags = SECCOMP_ADDFD_FLAG_SETFD; - resp_fd.newfd_flags = 0; + set_inject_fields(id, data, &actions[i], &resp_fd); if (send_inject_target(&resp_fd, notifyfd) == -1) return -1; break; @@ -66,6 +66,7 @@ struct act_call { }; struct act_block { + enum value_type type; int32_t error; }; @@ -81,9 +82,18 @@ struct act_return { }; }; +struct fd_type { + enum value_type type; + union { + uint32_t fd; + uint16_t fd_off; + }; + +}; + struct act_inject { - uint32_t newfd; - uint32_t oldfd; + struct fd_type newfd; + struct fd_type oldfd; }; struct action { diff --git a/tests/unit/test_actions.c b/tests/unit/test_actions.c index e648063..0913133 100644 --- a/tests/unit/test_actions.c +++ b/tests/unit/test_actions.c @@ -312,8 +312,10 @@ static void test_inject(struct action actions[], int n) fd_inj = create_test_fd(); ck_assert_int_ge(fd_inj,0); - actions[0].inj.newfd = fd_inj; - actions[0].inj.oldfd = test_fd; + actions[0].inj.newfd.fd = fd_inj; + actions[0].inj.newfd.type = IMMEDIATE; + actions[0].inj.oldfd.fd = test_fd; + actions[0].inj.oldfd.type = IMMEDIATE; ret = do_actions(NULL, actions, n, -1, notifyfd, req.id); ck_assert_msg(ret == 0, strerror(errno)); |