colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

bunpen: pasta: never outlive the parent bunpen lifetime

Browse Source
This commit is contained in:
Colin
2024-12-19 07:53:33 +00:00
parent 066bf3c3d4
commit 27e67748d4
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pkgs/by-name/bunpen/restrict/ns/pasta.ha
View File

@@ -30,7 +30,7 @@ fn setup_pasta(net: restrict::net_subset) void = {
let (pipe_parent_rd, pipe_child_wr) = unix::pipe()!;
log::printfln("[namespace/pasta]: forking: parent will launch pasta while child will exec user code");
match (os::exec::fork()) {
match (fork_and_die_with_parent()) {
case let child_pid: os::exec::process =>
io::close(pipe_child_wr)!;
@@ -58,14 +58,14 @@ fn setup_pasta(net: restrict::net_subset) void = {
// though pasta hasn't created the device.
io::close(pipe_child_wr)!;
case let e: os::exec::error =>
case let e: (os::exec::error | rt::errno) =>
errors::ext::check("setup_pasta: fork", e);
};
};
// spawn pasta as a separate process, and have it attach to the netns of the given pid.
fn attach_pasta(net: restrict::net_subset, child: os::exec::process) (void | os::exec::error | rt::errno) = {
return match (os::exec::fork()?) {
return match (fork_and_die_with_parent()?) {
case let pasta_pid: os::exec::process => yield void;
case void =>
// pasta needs permissions to create a device in the netns (it apparently