aboutgitcodelistschat:MatrixIRC
diff options
context:
space:
mode:
-rw-r--r--actions.c35
-rw-r--r--gluten.h14
-rw-r--r--tests/unit/test_actions.c6
3 files changed, 40 insertions, 15 deletions
diff --git a/actions.c b/actions.c
index bb603af..35d8e07 100644
--- a/actions.c
+++ b/actions.c
@@ -164,6 +164,27 @@ int do_call(struct arg_clone *c)
return 0;
}
+static void set_inject_fields(uint64_t id, void *data,
+ const struct action *a,struct seccomp_notif_addfd *resp)
+{
+ const struct fd_type *new = &(a->inj).newfd;
+ const struct fd_type *old = &(a->inj).oldfd;
+
+ resp->flags = SECCOMP_ADDFD_FLAG_SETFD;
+ resp->id = id;
+ if (new->type == IMMEDIATE)
+ resp->newfd = new->fd;
+ else
+ memcpy(&resp->srcfd, (uint16_t *)data + old->fd_off,
+ sizeof(resp->srcfd));
+ if (old->type == IMMEDIATE)
+ resp->srcfd = old->fd;
+ else
+ memcpy(&resp->srcfd, (uint16_t *)data + old->fd_off,
+ sizeof(resp->srcfd));
+ resp->newfd_flags = 0;
+}
+
int do_actions(void *data, struct action actions[], unsigned int n_actions, int pid,
int notifyfd, uint64_t id)
{
@@ -231,21 +252,13 @@ int do_actions(void *data, struct action actions[], unsigned int n_actions, int
return -1;
break;
case A_INJECT_A:
- resp_fd.id = id;
- resp_fd.flags = SECCOMP_ADDFD_FLAG_SEND;
- resp_fd.newfd = actions[i].inj.newfd;
- resp_fd.srcfd = actions[i].inj.oldfd;
- resp_fd.flags |= SECCOMP_ADDFD_FLAG_SETFD;
- resp_fd.newfd_flags = 0;
+ set_inject_fields(id, data, &actions[i], &resp_fd);
+ resp_fd.flags |= SECCOMP_ADDFD_FLAG_SEND;
if (send_inject_target(&resp_fd, notifyfd) == -1)
return -1;
break;
case A_INJECT:
- resp_fd.id = id;
- resp_fd.newfd = actions[i].inj.newfd;
- resp_fd.srcfd = actions[i].inj.oldfd;
- resp_fd.flags = SECCOMP_ADDFD_FLAG_SETFD;
- resp_fd.newfd_flags = 0;
+ set_inject_fields(id, data, &actions[i], &resp_fd);
if (send_inject_target(&resp_fd, notifyfd) == -1)
return -1;
break;
diff --git a/gluten.h b/gluten.h
index 760f82b..c25ec97 100644
--- a/gluten.h
+++ b/gluten.h
@@ -66,6 +66,7 @@ struct act_call {
};
struct act_block {
+ enum value_type type;
int32_t error;
};
@@ -81,9 +82,18 @@ struct act_return {
};
};
+struct fd_type {
+ enum value_type type;
+ union {
+ uint32_t fd;
+ uint16_t fd_off;
+ };
+
+};
+
struct act_inject {
- uint32_t newfd;
- uint32_t oldfd;
+ struct fd_type newfd;
+ struct fd_type oldfd;
};
struct action {
diff --git a/tests/unit/test_actions.c b/tests/unit/test_actions.c
index e648063..0913133 100644
--- a/tests/unit/test_actions.c
+++ b/tests/unit/test_actions.c
@@ -312,8 +312,10 @@ static void test_inject(struct action actions[], int n)
fd_inj = create_test_fd();
ck_assert_int_ge(fd_inj,0);
- actions[0].inj.newfd = fd_inj;
- actions[0].inj.oldfd = test_fd;
+ actions[0].inj.newfd.fd = fd_inj;
+ actions[0].inj.newfd.type = IMMEDIATE;
+ actions[0].inj.oldfd.fd = test_fd;
+ actions[0].inj.oldfd.type = IMMEDIATE;
ret = do_actions(NULL, actions, n, -1, notifyfd, req.id);
ck_assert_msg(ret == 0, strerror(errno));