aboutgitcodebugslistschat
path: root/passt.c
diff options
context:
space:
mode:
authorStefano Brivio <sbrivio@redhat.com>2021-10-14 01:21:29 +0200
committerStefano Brivio <sbrivio@redhat.com>2021-10-14 13:16:03 +0200
commit32d07f5e59f2372939a7c99c4c4bcbb5f60b0e05 (patch)
treed5cc1d83190b38f58eb86bd094fc5ce6f5d3eef9 /passt.c
parent66d5930ec77caed942404ceef4829f2c4ca431bd (diff)
downloadpasst-32d07f5e59f2372939a7c99c4c4bcbb5f60b0e05.tar
passt-32d07f5e59f2372939a7c99c4c4bcbb5f60b0e05.tar.gz
passt-32d07f5e59f2372939a7c99c4c4bcbb5f60b0e05.tar.bz2
passt-32d07f5e59f2372939a7c99c4c4bcbb5f60b0e05.tar.lz
passt-32d07f5e59f2372939a7c99c4c4bcbb5f60b0e05.tar.xz
passt-32d07f5e59f2372939a7c99c4c4bcbb5f60b0e05.tar.zst
passt-32d07f5e59f2372939a7c99c4c4bcbb5f60b0e05.zip
passt, pasta: Completely avoid dynamic memory allocation
Replace libc functions that might dynamically allocate memory with own implementations or wrappers. Drop brk(2) from list of allowed syscalls in seccomp profile. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'passt.c')
-rw-r--r--passt.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/passt.c b/passt.c
index 0628d8c..e8f4e62 100644
--- a/passt.c
+++ b/passt.c
@@ -192,10 +192,10 @@ static void seccomp(struct ctx *c)
*
* Return: 0 once interrupted, non-zero on failure
*
- * #syscalls read write open close fork dup2 exit chdir brk ioctl writev syslog
+ * #syscalls read write open close fork dup2 exit chdir ioctl writev syslog
* #syscalls prlimit64 epoll_ctl epoll_create1 epoll_wait accept4 accept listen
* #syscalls socket bind connect getsockopt setsockopt recvfrom sendto shutdown
- * #syscalls openat fstat fcntl lseek
+ * #syscalls openat fstat fcntl lseek clone setsid exit_group
* #syscalls:pasta rt_sigreturn
*/
int main(int argc, char **argv)
@@ -226,16 +226,16 @@ int main(int argc, char **argv)
if (madvise(pkt_buf, TAP_BUF_BYTES, MADV_HUGEPAGE))
perror("madvise");
- openlog(log_name, 0, LOG_DAEMON);
+ __openlog(log_name, 0, LOG_DAEMON);
- setlogmask(LOG_MASK(LOG_EMERG));
+ __setlogmask(LOG_MASK(LOG_EMERG));
conf(&c, argc, argv);
seccomp(&c);
if (!c.debug && (c.stderr || isatty(fileno(stdout))))
- openlog(log_name, LOG_PERROR, LOG_DAEMON);
+ __openlog(log_name, LOG_PERROR, LOG_DAEMON);
c.epollfd = epoll_create1(0);
if (c.epollfd == -1) {
@@ -271,11 +271,11 @@ int main(int argc, char **argv)
dhcpv6_init(&c);
if (c.debug)
- setlogmask(LOG_UPTO(LOG_DEBUG));
+ __setlogmask(LOG_UPTO(LOG_DEBUG));
else if (c.quiet)
- setlogmask(LOG_UPTO(LOG_ERR));
+ __setlogmask(LOG_UPTO(LOG_ERR));
else
- setlogmask(LOG_UPTO(LOG_INFO));
+ __setlogmask(LOG_UPTO(LOG_INFO));
if (isatty(fileno(stdout)) && !c.foreground)
daemon(0, 0);