From d3917582873df723aa2a3ddbb6116950292e114c Mon Sep 17 00:00:00 2001
From: Alice Frosi <afrosi@redhat.com>
Date: Tue, 29 Aug 2023 11:50:00 +0200
Subject: cooker: simplify tag and add caller metadata

Group the metadata information:
  - simplify the json by removing the 'tag' and only using 'get' and 'set'
    keys
  - get uid and gid at runtime for the target ('caller'). This can be useful when
    the the UID and GID of the target are only known at runtime and they
    need to be used for setting the permissions of files
  - updated example demo/mknod.hjson

Signed-off-by: Alice Frosi <afrosi@redhat.com>
---
 common/gluten.h | 12 +++++++++++-
 common/util.c   |  3 ++-
 2 files changed, 13 insertions(+), 2 deletions(-)

(limited to 'common')

diff --git a/common/gluten.h b/common/gluten.h
index fe62827..6414e20 100644
--- a/common/gluten.h
+++ b/common/gluten.h
@@ -42,7 +42,8 @@ enum gluten_offset_type {
 	OFFSET_DATA		= 2,
 	OFFSET_SECCOMP_DATA	= 3,
 	OFFSET_INSTRUCTION	= 4,
-	OFFSET_TYPE_MAX		= OFFSET_INSTRUCTION,
+	OFFSET_METADATA		= 5,
+	OFFSET_TYPE_MAX		= OFFSET_METADATA,
 };
 
 #define NULL_OFFSET ((struct gluten_offset){ .type = OFFSET_NULL })
@@ -143,6 +144,13 @@ struct context_desc {
 BUILD_BUG_ON(BITS_PER_NUM(CONTEXT_TYPE_MAX) +				\
 	     BITS_PER_NUM(CONTEXT_SPEC_TYPE_MAX) > 8)
 
+enum metadata_type {
+	UID_TARGET = 0,
+	GID_TARGET = 1,
+	METADATA_MAX = GID_TARGET,
+};
+extern const char *metadata_type_str[METADATA_MAX + 1];
+
 struct syscall_desc {
 	uint32_t nr		:9;
 	uint32_t arg_count	:3;
@@ -289,6 +297,8 @@ struct gluten {
 
 	GLUTEN_CONST char ro_data[RO_DATA_SIZE];
 
+	GLUTEN_CONST enum metadata_type metadata;
+
 	char data[DATA_SIZE];
 } __attribute__((packed));
 
diff --git a/common/util.c b/common/util.c
index 8e15837..8815ecb 100644
--- a/common/util.c
+++ b/common/util.c
@@ -35,7 +35,8 @@ logfn(debug)
 
 const char *gluten_offset_name[OFFSET_TYPE_MAX + 1] = {
 	"NULL",
-	"read-only data", "temporary data", "seccomp data", "instruction area",
+	"read-only data", "temporary data", "seccomp data",
+	"instruction area", "metadata",
 };
 
 const char *context_type_name[CONTEXT_TYPE_MAX + 1] = {
-- 
cgit v1.2.3