fortify/helper/seccomp/export.go

package seccomp

import (
	"os"
	"runtime"
	"sync"
)

type exporter struct {
	opts SyscallOpts
	r, w *os.File

	prepareOnce sync.Once
	prepareErr  error
	closeOnce   sync.Once
	closeErr    error
	exportErr   <-chan error
}

func (e *exporter) prepare() error {
	e.prepareOnce.Do(func() {
		if r, w, err := os.Pipe(); err != nil {
			e.prepareErr = err
			return
		} else {
			e.r, e.w = r, w
		}

		ec := make(chan error, 1)
		go func(fd uintptr) { ec <- exportFilter(fd, e.opts); close(ec); _ = e.closeWrite() }(e.w.Fd())
		e.exportErr = ec
		runtime.SetFinalizer(e, (*exporter).closeWrite)
	})
	return e.prepareErr
}

func (e *exporter) closeWrite() error {
	e.closeOnce.Do(func() {
		if e.w == nil {
			panic("closeWrite called on invalid exporter")
		}
		e.closeErr = e.w.Close()

		// no need for a finalizer anymore
		runtime.SetFinalizer(e, nil)
	})

	return e.closeErr
}

func newExporter(opts SyscallOpts) *exporter {
	return &exporter{opts: opts}
}
helper/seccomp: separate seccomp package Signed-off-by: Ophestra <cat@gensokyo.uk> 2025-01-25 12:59:11 +09:00			`package seccomp`

			`import (`
			`"os"`
helper/seccomp: implement reader interface via pipe This also does not require the libc tmpfile call. BPF programs emitted by libseccomp seems to be deterministic. The tests would catch regressions as it verifies the program against known good output backed by manual testing. Signed-off-by: Ophestra <cat@gensokyo.uk> 2025-02-03 18:10:29 +09:00			`"runtime"`
			`"sync"`
helper/seccomp: separate seccomp package Signed-off-by: Ophestra <cat@gensokyo.uk> 2025-01-25 12:59:11 +09:00			`)`

helper/seccomp: implement reader interface via pipe This also does not require the libc tmpfile call. BPF programs emitted by libseccomp seems to be deterministic. The tests would catch regressions as it verifies the program against known good output backed by manual testing. Signed-off-by: Ophestra <cat@gensokyo.uk> 2025-02-03 18:10:29 +09:00			`type exporter struct {`
			`opts SyscallOpts`
			`r, w *os.File`

			`prepareOnce sync.Once`
			`prepareErr error`
helper/seccomp: use sync.Once for closeWrite This makes the code much cleaner, and eliminates the intermittent ErrInvalid errors. Signed-off-by: Ophestra <cat@gensokyo.uk> 2025-02-13 22:49:16 +09:00			`closeOnce sync.Once`
			`closeErr error`
helper/seccomp: implement reader interface via pipe This also does not require the libc tmpfile call. BPF programs emitted by libseccomp seems to be deterministic. The tests would catch regressions as it verifies the program against known good output backed by manual testing. Signed-off-by: Ophestra <cat@gensokyo.uk> 2025-02-03 18:10:29 +09:00			`exportErr <-chan error`
			`}`

			`func (e *exporter) prepare() error {`
			`e.prepareOnce.Do(func() {`
			`if r, w, err := os.Pipe(); err != nil {`
			`e.prepareErr = err`
			`return`
			`} else {`
			`e.r, e.w = r, w`
			`}`

			`ec := make(chan error, 1)`
helper/seccomp: eliminate data race on pfd Turns out the doc comment on os.File was lying about its methods being safe for concurrent use. The race detector picked up a data race from concurrent use of Fd and Close. This change eliminates that by calling Fd in the prepare routine. Signed-off-by: Ophestra <cat@gensokyo.uk> 2025-02-13 10:40:51 +09:00			`go func(fd uintptr) { ec <- exportFilter(fd, e.opts); close(ec); _ = e.closeWrite() }(e.w.Fd())`
helper/seccomp: implement reader interface via pipe This also does not require the libc tmpfile call. BPF programs emitted by libseccomp seems to be deterministic. The tests would catch regressions as it verifies the program against known good output backed by manual testing. Signed-off-by: Ophestra <cat@gensokyo.uk> 2025-02-03 18:10:29 +09:00			`e.exportErr = ec`
			`runtime.SetFinalizer(e, (*exporter).closeWrite)`
			`})`
			`return e.prepareErr`
			`}`

			`func (e *exporter) closeWrite() error {`
helper/seccomp: use sync.Once for closeWrite This makes the code much cleaner, and eliminates the intermittent ErrInvalid errors. Signed-off-by: Ophestra <cat@gensokyo.uk> 2025-02-13 22:49:16 +09:00			`e.closeOnce.Do(func() {`
			`if e.w == nil {`
			`panic("closeWrite called on invalid exporter")`
			`}`
			`e.closeErr = e.w.Close()`

			`// no need for a finalizer anymore`
			`runtime.SetFinalizer(e, nil)`
			`})`

			`return e.closeErr`
helper/seccomp: implement reader interface via pipe This also does not require the libc tmpfile call. BPF programs emitted by libseccomp seems to be deterministic. The tests would catch regressions as it verifies the program against known good output backed by manual testing. Signed-off-by: Ophestra <cat@gensokyo.uk> 2025-02-03 18:10:29 +09:00			`}`

			`func newExporter(opts SyscallOpts) *exporter {`
			`return &exporter{opts: opts}`
helper/seccomp: separate seccomp package Signed-off-by: Ophestra <cat@gensokyo.uk> 2025-01-25 12:59:11 +09:00			`}`