[pve-lxc-syscalld.git] / src / sys_mknod.rs

use std::ffi::CString;
use std::os::unix::io::{AsRawFd, FromRawFd};

use failure::Error;
use nix::errno::Errno;
use nix::sys::stat;

use crate::fork::forking_syscall;
use crate::lxcseccomp::ProxyMessageBuffer;
use crate::pidfd::PidFd;
use crate::syscall::SyscallStatus;
use crate::tools::Fd;

pub async fn mknod(msg: &ProxyMessageBuffer) -> Result<SyscallStatus, Error> {
    let pathname = msg.arg_c_string(0)?;
    let mode = msg.arg_mode_t(1)?;
    let dev = msg.arg_dev_t(2)?;
    let cwd = msg.pid_fd().fd_cwd()?;

    let pidfd = unsafe { PidFd::from_raw_fd(msg.pid_fd().as_raw_fd()) };
    do_mknodat(pidfd, cwd, pathname, mode, dev).await
}

pub async fn mknodat(msg: &ProxyMessageBuffer) -> Result<SyscallStatus, Error> {
    let dirfd = msg.arg_fd(0, libc::O_DIRECTORY)?;
    let pathname = msg.arg_c_string(1)?;
    let mode = msg.arg_mode_t(2)?;
    let dev = msg.arg_dev_t(3)?;

    let pidfd = unsafe { PidFd::from_raw_fd(msg.pid_fd().as_raw_fd()) };
    do_mknodat(pidfd, dirfd, pathname, mode, dev).await
}

async fn do_mknodat(
    pidfd: PidFd,
    dirfd: Fd,
    _pathname: CString,
    _mode: stat::mode_t,
    _dev: stat::dev_t,
) -> Result<SyscallStatus, Error> {
    println!("=> Responding with ENOENT");
    Ok(forking_syscall(move || {
        pidfd.mount_namespace()?.setns()?;
        std::mem::drop(pidfd);
        std::mem::drop(dirfd);
        Ok(SyscallStatus::Err(libc::ENOENT))
    })
    .await?)
}
Commit	Line	Data
937921aa	1	use std::ffi::CString;
275009ec	2	use std::os::unix::io::{AsRawFd, FromRawFd};
937921aa	3
e420f6f9	4	use failure::Error;
937921aa WB	5	use nix::errno::Errno;
937921aa WB	6	use nix::sys::stat;
e420f6f9	7
61bfa355	8	use crate::fork::forking_syscall;
e420f6f9	9	use crate::lxcseccomp::ProxyMessageBuffer;
275009ec	10	use crate::pidfd::PidFd;
c95be5f6	11	use crate::syscall::SyscallStatus;
937921aa	12	use crate::tools::Fd;
e420f6f9	13
c95be5f6	14	pub async fn mknod(msg: &ProxyMessageBuffer) -> Result<SyscallStatus, Error> {
937921aa WB	15	let pathname = msg.arg_c_string(0)?;
	16	let mode = msg.arg_mode_t(1)?;
	17	let dev = msg.arg_dev_t(2)?;
	18	let cwd = msg.pid_fd().fd_cwd()?;
275009ec WB	19
	20	let pidfd = unsafe { PidFd::from_raw_fd(msg.pid_fd().as_raw_fd()) };
	21	do_mknodat(pidfd, cwd, pathname, mode, dev).await
937921aa WB	22	}
	23
	24	pub async fn mknodat(msg: &ProxyMessageBuffer) -> Result<SyscallStatus, Error> {
	25	let dirfd = msg.arg_fd(0, libc::O_DIRECTORY)?;
	26	let pathname = msg.arg_c_string(1)?;
	27	let mode = msg.arg_mode_t(2)?;
	28	let dev = msg.arg_dev_t(3)?;
275009ec WB	29
	30	let pidfd = unsafe { PidFd::from_raw_fd(msg.pid_fd().as_raw_fd()) };
	31	do_mknodat(pidfd, dirfd, pathname, mode, dev).await
e420f6f9 WB	32	}
e420f6f9 WB	33
937921aa	34	async fn do_mknodat(
275009ec WB	35	pidfd: PidFd,
275009ec WB	36	dirfd: Fd,
937921aa	37	_pathname: CString,
61bfa355	38	_mode: stat::mode_t,
937921aa WB	39	_dev: stat::dev_t,
	40	) -> Result<SyscallStatus, Error> {
	41	println!("=> Responding with ENOENT");
61bfa355	42	Ok(forking_syscall(move \|\| {
275009ec WB	43	pidfd.mount_namespace()?.setns()?;
	44	std::mem::drop(pidfd);
	45	std::mem::drop(dirfd);
	46	Ok(SyscallStatus::Err(libc::ENOENT))
	47	})
	48	.await?)
e420f6f9	49	}