2024-11-02 03:03:44 +09:00
|
|
|
package shim0
|
2024-10-11 01:55:33 +09:00
|
|
|
|
2024-10-27 00:46:15 +09:00
|
|
|
import (
|
|
|
|
"encoding/gob"
|
|
|
|
"net"
|
|
|
|
|
|
|
|
"git.ophivana.moe/security/fortify/helper/bwrap"
|
|
|
|
"git.ophivana.moe/security/fortify/internal/fmsg"
|
|
|
|
)
|
2024-10-11 01:55:33 +09:00
|
|
|
|
2024-11-02 03:03:44 +09:00
|
|
|
const Env = "FORTIFY_SHIM"
|
2024-10-11 01:55:33 +09:00
|
|
|
|
|
|
|
type Payload struct {
|
|
|
|
// child full argv
|
|
|
|
Argv []string
|
2024-11-02 03:03:44 +09:00
|
|
|
// bwrap, target full exec path
|
|
|
|
Exec [2]string
|
2024-10-13 17:19:50 +09:00
|
|
|
// bwrap config
|
2024-10-11 01:55:33 +09:00
|
|
|
Bwrap *bwrap.Config
|
2024-12-06 04:25:33 +09:00
|
|
|
// sync fd
|
|
|
|
Sync *uintptr
|
2024-10-11 01:55:33 +09:00
|
|
|
|
|
|
|
// verbosity pass through
|
|
|
|
Verbose bool
|
|
|
|
}
|
2024-10-27 00:46:15 +09:00
|
|
|
|
2024-12-06 04:25:33 +09:00
|
|
|
func (p *Payload) Serve(conn *net.UnixConn) error {
|
2024-10-27 00:46:15 +09:00
|
|
|
if err := gob.NewEncoder(conn).Encode(*p); err != nil {
|
|
|
|
return fmsg.WrapErrorSuffix(err,
|
|
|
|
"cannot stream shim payload:")
|
|
|
|
}
|
|
|
|
|
|
|
|
return fmsg.WrapErrorSuffix(conn.Close(),
|
|
|
|
"cannot close setup connection:")
|
|
|
|
}
|