From 7cb6760e3ebdc7a95f167bbeee793e8050215d2c Mon Sep 17 00:00:00 2001
From: Alice Frosi <afrosi@redhat.com>
Date: Thu, 26 Jan 2023 17:12:23 +0100
Subject: seitan: add injection actions

The inject actions install a new fd into the target. If the action is an
atomic injection then the target is unblock after this action and the
return value of the syscall will be the the file descriptor number that
was allocated in the target

Signed-off-by: Alice Frosi <afrosi@redhat.com>
---
 actions.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'actions.c')

diff --git a/actions.c b/actions.c
index 8f08252..4cef920 100644
--- a/actions.c
+++ b/actions.c
@@ -167,6 +167,7 @@ int do_call(struct arg_clone *c)
 int do_actions(struct action actions[], unsigned int n_actions, int pid,
 	       int notifyfd, uint64_t id)
 {
+	struct seccomp_notif_addfd resp_fd;
 	struct seccomp_notif_resp resp;
 	struct arg_clone c;
 	unsigned int i;
@@ -210,6 +211,23 @@ int do_actions(struct action actions[], unsigned int n_actions, int pid,
 			if (send_target(&resp, notifyfd) == -1)
 				return -1;
 			break;
+		case A_INJECT_A:
+			resp_fd.id = id;
+			resp_fd.flags |= SECCOMP_ADDFD_FLAG_SEND;
+			resp_fd.newfd = actions[i].inj.newfd;
+			resp_fd.srcfd = actions[i].inj.old;
+			resp_fd.flags |= SECCOMP_ADDFD_FLAG_SETFD;
+			if (send_inject_target(&resp_fd, notifyfd) == -1)
+				return -1;
+			break;
+		case A_INJECT:
+			resp_fd.id = id;
+			resp_fd.newfd = actions[i].inj.newfd;
+			resp_fd.srcfd = actions[i].inj.old;
+			resp_fd.flags |= SECCOMP_ADDFD_FLAG_SETFD;
+			if (send_inject_target(&resp_fd, notifyfd) == -1)
+				return -1;
+			break;
 		default:
 			fprintf(stderr, "unknow action %d \n", actions[i].type);
 		}
-- 
cgit v1.2.3