cmd/fshim: switch to generic setup func

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>

cmd/fshim/main.go

@@ -13,6 +13,7 @@ import (
 	"git.ophivana.moe/security/fortify/helper"
 	"git.ophivana.moe/security/fortify/internal"
 	"git.ophivana.moe/security/fortify/internal/fmsg"
+	"git.ophivana.moe/security/fortify/internal/proc"
 )
 
 // everything beyond this point runs as unconstrained target user
@@ -110,17 +111,14 @@ func main() {
 
 	var extraFiles []*os.File
 
-	// share config pipe
+	// serve setup payload
-	if r, w, err := os.Pipe(); err != nil {
+	if fd, encoder, err := proc.Setup(&extraFiles); err != nil {
 		fmsg.Fatalf("cannot pipe: %v", err)
 	} else {
-		conf.SetEnv[init0.Env] = strconv.Itoa(3 + len(extraFiles))
+		conf.SetEnv[init0.Env] = strconv.Itoa(fd)
-		extraFiles = append(extraFiles, r)
-
-		fmsg.VPrintln("transmitting config to init")
 		go func() {
-			// stream config to pipe
+			fmsg.VPrintln("transmitting config to init")
-			if err = gob.NewEncoder(w).Encode(&ic); err != nil {
+			if err = encoder.Encode(&ic); err != nil {
 				fmsg.Fatalf("cannot transmit init config: %v", err)
 			}
 		}()

internal/proc/fd.go

@@ -12,6 +12,16 @@ var (
 	ErrInvalid = errors.New("bad file descriptor")
 )
 
+func Setup(extraFiles *[]*os.File) (int, *gob.Encoder, error) {
+	if r, w, err := os.Pipe(); err != nil {
+		return -1, nil, err
+	} else {
+		fd := 3 + len(*extraFiles)
+		*extraFiles = append(*extraFiles, r)
+		return fd, gob.NewEncoder(w), nil
+	}
+}
+
 func Receive(key string, e any) (func() error, error) {
 	var setup *os.File