From 8d44fb83386c1834163f037b077c03cf6cc7f748 Mon Sep 17 00:00:00 2001
From: Alice Frosi <afrosi@redhat.com>
Date: Mon, 16 Jan 2023 17:22:51 +0100
Subject: Use signals instead of connect for synchronization

The connect syscall was used to synchronize seitan and the eater for the
seccomp installation filter and notifier initialization. However, we
assume that the fd 0 is always free, and this might not always be the
case.
Try to implement an alternative and more robust solution.

Signed-off-by: Alice Frosi <afrosi@redhat.com>
---
 seitan.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'seitan.c')

diff --git a/seitan.c b/seitan.c
index b227fc8..6c66593 100644
--- a/seitan.c
+++ b/seitan.c
@@ -168,6 +168,19 @@ struct table {
 
 static struct table t[16];
 
+static int pidfd_send_signal(int pidfd, int sig, siginfo_t *info,
+		unsigned int flags)
+{
+	return syscall(__NR_pidfd_send_signal, pidfd, sig, info, flags);
+}
+
+static void unblock_eater(int pidfd){
+	if (pidfd_send_signal(pidfd, SIGCONT, NULL, 0) == -1) {
+		perror("pidfd_send_signal");
+		exit(EXIT_FAILURE);
+	}
+}
+
 int handle(struct seccomp_notif *req, int notifyfd)
 {
 	char path[PATH_MAX + 1];
@@ -259,6 +272,9 @@ int main(int argc, char **argv)
                perror("epoll_ctl: notifier");
                exit(EXIT_FAILURE);
         }
+	/* Unblock seitan-loader */
+	unblock_eater(pidfd);
+
 	while(running) {
 		nevents = epoll_wait(epollfd, events, EPOLL_EVENTS, -1);
 		if (nevents < 0 ) {
-- 
cgit v1.2.3