diff options
| author | Alice Frosi <afrosi@redhat.com> | 2023-08-29 11:50:00 +0200 |
|---|---|---|
| committer | Alice Frosi <afrosi@redhat.com> | 2023-08-30 10:48:59 +0200 |
| commit | d3917582873df723aa2a3ddbb6116950292e114c (patch) | |
| tree | 778089680e396cf9bf86c201476952f0870e93de /common | |
| parent | 0e8806838763655f5f35822e19a20cb21e8d4747 (diff) | |
| download | seitan-d3917582873df723aa2a3ddbb6116950292e114c.tar seitan-d3917582873df723aa2a3ddbb6116950292e114c.tar.gz seitan-d3917582873df723aa2a3ddbb6116950292e114c.tar.bz2 seitan-d3917582873df723aa2a3ddbb6116950292e114c.tar.lz seitan-d3917582873df723aa2a3ddbb6116950292e114c.tar.xz seitan-d3917582873df723aa2a3ddbb6116950292e114c.tar.zst seitan-d3917582873df723aa2a3ddbb6116950292e114c.zip | |
cooker: simplify tag and add caller metadata
Group the metadata information:
- simplify the json by removing the 'tag' and only using 'get' and 'set'
keys
- get uid and gid at runtime for the target ('caller'). This can be useful when
the the UID and GID of the target are only known at runtime and they
need to be used for setting the permissions of files
- updated example demo/mknod.hjson
Signed-off-by: Alice Frosi <afrosi@redhat.com>
Diffstat (limited to 'common')
| -rw-r--r-- | common/gluten.h | 12 | ||||
| -rw-r--r-- | common/util.c | 3 |
2 files changed, 13 insertions, 2 deletions
diff --git a/common/gluten.h b/common/gluten.h index fe62827..6414e20 100644 --- a/common/gluten.h +++ b/common/gluten.h @@ -42,7 +42,8 @@ enum gluten_offset_type { OFFSET_DATA = 2, OFFSET_SECCOMP_DATA = 3, OFFSET_INSTRUCTION = 4, - OFFSET_TYPE_MAX = OFFSET_INSTRUCTION, + OFFSET_METADATA = 5, + OFFSET_TYPE_MAX = OFFSET_METADATA, }; #define NULL_OFFSET ((struct gluten_offset){ .type = OFFSET_NULL }) @@ -143,6 +144,13 @@ struct context_desc { BUILD_BUG_ON(BITS_PER_NUM(CONTEXT_TYPE_MAX) + \ BITS_PER_NUM(CONTEXT_SPEC_TYPE_MAX) > 8) +enum metadata_type { + UID_TARGET = 0, + GID_TARGET = 1, + METADATA_MAX = GID_TARGET, +}; +extern const char *metadata_type_str[METADATA_MAX + 1]; + struct syscall_desc { uint32_t nr :9; uint32_t arg_count :3; @@ -289,6 +297,8 @@ struct gluten { GLUTEN_CONST char ro_data[RO_DATA_SIZE]; + GLUTEN_CONST enum metadata_type metadata; + char data[DATA_SIZE]; } __attribute__((packed)); diff --git a/common/util.c b/common/util.c index 8e15837..8815ecb 100644 --- a/common/util.c +++ b/common/util.c @@ -35,7 +35,8 @@ logfn(debug) const char *gluten_offset_name[OFFSET_TYPE_MAX + 1] = { "NULL", - "read-only data", "temporary data", "seccomp data", "instruction area", + "read-only data", "temporary data", "seccomp data", + "instruction area", "metadata", }; const char *context_type_name[CONTEXT_TYPE_MAX + 1] = { |