bunpen: pasta: fix to send the full 4bytes of the netns fd across the pipe

pkgs/by-name/bunpen/restrict/pasta.ha

@@ -53,8 +53,13 @@ fn pasta_restrict(net: resources::net_subset) void = {
       capability_restrict(rt::ext::CAPS_NONE);
 
       // let the other thread know we're ready for pasta to attach to us
-      assert(netns_fd < 256); // FIXME: encode fd as 4xu8 instead of just one u8
+      let netns_fd_bytes = [
-      io::write(pipe_parent_wr, [netns_fd: u8])!;
+        netns_fd: u8,
+        (netns_fd >> 8): u8,
+        (netns_fd >> 16): u8,
+        (netns_fd >> 24): u8,
+      ];
+      io::write(pipe_parent_wr, netns_fd_bytes)!;
 
       // wait for the other thread to attach pasta.
       // pasta signals readiness by writing its pid (followed by \n) to a file.
@@ -77,11 +82,17 @@ fn pasta_restrict(net: resources::net_subset) void = {
       );
 
       // wait for the parent to signal that it's ready for us to attach pasta.
-      let netns_u8 = [0u8];
+      let netns_child_fd_bytes: [4]u8 = [0...];
-      io::readall(pipe_child_rd, &netns_u8)!;
+      io::readall(pipe_child_rd, &netns_child_fd_bytes)!;
+      let netns_child_fd: int = (
+        (netns_child_fd_bytes[0]: int) |
+        (netns_child_fd_bytes[1]: int << 8) |
+        (netns_child_fd_bytes[1]: int << 16) |
+        (netns_child_fd_bytes[1]: int << 24)
+      );
       let netns = errors::ext::check_int(
         "setup_pasta: pidfd_getfd(parent_pidfd, netns_u8)",
-        rt::ext::pidfd_getfd(parent_pidfd, netns_u8[0]: int),
+        rt::ext::pidfd_getfd(parent_pidfd, netns_child_fd),
       );
 
       // exec into pasta.