[bug#70494,03/23] syscalls: Add missing pieces for derivation build environment.
Commit Message
From: Caleb Ristvedt <caleb.ristvedt@cune.org>
* guix/build/syscalls.scm (ADDR_NO_RANDOMIZE, UNAME26, PER_LINUX32): New
variables. Flags needed for improving determinism / impersonating a 32-bit
machine on a 64-bit machine.
(initialize-loopback, setdomainname, personality): New procedures.
(octal-escaped): New procedure.
(mount-points): Use octal-escaped to properly handle unusual characters in
mount point filenames.
Signed-off-by: Christopher Baines <mail@cbaines.net>
Change-Id: I2f2aa38fe8f97f2565461d20331b95040a2d7539
---
guix/build/syscalls.scm | 45 ++++++++++++++++++++++++++++++++++++++++-
1 file changed, 44 insertions(+), 1 deletion(-)
Comments
Hi!
(Starting to review this patch series, it might take a while…)
Christopher Baines <mail@cbaines.net> skribis:
> From: Caleb Ristvedt <caleb.ristvedt@cune.org>
>
> * guix/build/syscalls.scm (ADDR_NO_RANDOMIZE, UNAME26, PER_LINUX32): New
> variables. Flags needed for improving determinism / impersonating a 32-bit
> machine on a 64-bit machine.
> (initialize-loopback, setdomainname, personality): New procedures.
> (octal-escaped): New procedure.
> (mount-points): Use octal-escaped to properly handle unusual characters in
> mount point filenames.
>
> Signed-off-by: Christopher Baines <mail@cbaines.net>
> Change-Id: I2f2aa38fe8f97f2565461d20331b95040a2d7539
[...]
> +(define (initialize-loopback)
> + (let ((sock (socket PF_INET SOCK_DGRAM IPPROTO_IP)))
> + (dynamic-wind
> + (const #t)
> + (lambda ()
> + (set-network-interface-flags sock "lo"
> + (logior IFF_UP IFF_LOOPBACK IFF_RUNNING)))
> + (lambda ()
> + (close sock)))))
Rather ‘set-loopback-interface-up’, by analogy with
‘set-network-interface-up’. Also please add a docstring any maybe a
unit test, if possible.
> +;; TODO: verify these constants are correct on platforms other than x86-64
> +(define ADDR_NO_RANDOMIZE #x0040000)
> +(define UNAME26 #x0020000)
> +(define PER_LINUX32 #x0008)
> +
> +(define personality
> + (let ((proc (syscall->procedure int "personality" `(,unsigned-long))))
> + (lambda (persona)
> + (let-values (((ret err) (proc persona)))
> + (if (= -1 ret)
> + (throw 'system-error "personality" "~A"
> + (list (strerror err))
> + (list err))
> + ret)))))
Please add a docstring and basic unit test.
> +(define setdomainname
> + (let ((proc (syscall->procedure int "setdomainname" (list '* int))))
> + (lambda (domain-name)
> + (let-values (((ret err) (proc (string->pointer/utf-8 domain-name)
> + (bytevector-length (string->utf8
> + domain-name)))))
> + (if (= -1 ret)
> + (throw 'system-error "setdomainname" "~A"
> + (list (strerror err))
> + (list err))
> + ret)))))
Ditto.
Ludo’.
@@ -162,6 +162,7 @@ (define-module (guix build syscalls)
configure-network-interface
add-network-route/gateway
delete-network-route
+ initialize-loopback
interface?
interface-name
@@ -212,7 +213,12 @@ (define-module (guix build syscalls)
utmpx-address
login-type
utmpx-entries
- (read-utmpx-from-port . read-utmpx)))
+ (read-utmpx-from-port . read-utmpx)
+ personality
+ ADDR_NO_RANDOMIZE
+ setdomainname
+ UNAME26
+ PER_LINUX32))
;;; Commentary:
;;;
@@ -1952,6 +1958,16 @@ (define* (set-network-interface-up name
(lambda ()
(close-port sock)))))
+(define (initialize-loopback)
+ (let ((sock (socket PF_INET SOCK_DGRAM IPPROTO_IP)))
+ (dynamic-wind
+ (const #t)
+ (lambda ()
+ (set-network-interface-flags sock "lo"
+ (logior IFF_UP IFF_LOOPBACK IFF_RUNNING)))
+ (lambda ()
+ (close sock)))))
+
;;;
;;; Network routes.
@@ -2523,4 +2539,31 @@ (define (read-utmpx-from-port port)
((? bytevector? bv)
(read-utmpx bv))))
+;; TODO: verify these constants are correct on platforms other than x86-64
+(define ADDR_NO_RANDOMIZE #x0040000)
+(define UNAME26 #x0020000)
+(define PER_LINUX32 #x0008)
+
+(define personality
+ (let ((proc (syscall->procedure int "personality" `(,unsigned-long))))
+ (lambda (persona)
+ (let-values (((ret err) (proc persona)))
+ (if (= -1 ret)
+ (throw 'system-error "personality" "~A"
+ (list (strerror err))
+ (list err))
+ ret)))))
+
+(define setdomainname
+ (let ((proc (syscall->procedure int "setdomainname" (list '* int))))
+ (lambda (domain-name)
+ (let-values (((ret err) (proc (string->pointer/utf-8 domain-name)
+ (bytevector-length (string->utf8
+ domain-name)))))
+ (if (= -1 ret)
+ (throw 'system-error "setdomainname" "~A"
+ (list (strerror err))
+ (list err))
+ ret)))))
+
;;; syscalls.scm ends here