-
Notifications
You must be signed in to change notification settings - Fork 1
/
secretmemfd.c
75 lines (67 loc) · 1.56 KB
/
secretmemfd.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#include <errno.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/syscall.h>
#include <unistd.h>
static void
usage(void)
{
static char const msg[] = "Usage: secretmemfd fd cmd [args]...\n";
if (fputs(msg, stderr) == EOF)
perror("fputs");
}
int
main(int const argc, char *const *const argv)
{
for (int opt; opt = getopt(argc, argv, "+"), opt != -1;) {
switch (opt) {
default:
usage();
return 2;
}
}
if (argc - optind < 2) {
usage();
return 2;
}
char *const strfd = argv[optind];
char *endptr;
errno = 0;
long const longfd = strtol(strfd, &endptr, 10);
if (errno) {
perror("strtol");
return 2;
}
if (endptr == strfd || longfd < 0 || longfd > INT_MAX || *endptr) {
if (fputs("Invalid fd.\n", stderr) == EOF)
perror("fputs");
return 2;
}
int const fd = (int)longfd;
int const memfd = syscall(SYS_memfd_secret, 0);
if (memfd == -1) {
perror("memfd_secret");
return 2;
}
if (memfd != fd) {
int ret;
do {
ret = dup2(memfd, fd);
} while (ret == -1 && errno == EINTR);
if (ret == -1) {
perror("dup2");
return 2;
}
do {
ret = close(memfd);
} while (ret == -1 && errno == EINTR);
if (ret == -1) {
perror("close");
return 2;
}
}
(void)execvp(argv[optind + 1], &argv[optind + 1]);
perror("execvp");
return 2;
}