Use PIPE_READ_END, PIPE_WRITE_END to clarify use of a socketpair

smcv · smcv · commit 06bbd285bf5b · 2024-10-30T14:06:23.000Z
Both sockets in the socket pair are technically bidirectional, but we
are using them as though they were unidirectional, with the same
convention as pipe(): the first socket in the array is used for reading,
and the second is for writing.

Signed-off-by: Simon McVittie &lt;smcv@collabora.com&gt;
diff --git a/bubblewrap.c b/bubblewrap.c
@@ -3144,11 +3144,11 @@ main (int    argc,
     {
       /* Parent, outside sandbox, privileged (initially) */
 
-      if (intermediate_pids_sockets[0] != -1)
+      if (intermediate_pids_sockets[PIPE_READ_END] != -1)
         {
-          close (intermediate_pids_sockets[1]);
-          pid = read_pid_from_socket (intermediate_pids_sockets[0]);
-          close (intermediate_pids_sockets[0]);
+          close (intermediate_pids_sockets[PIPE_WRITE_END]);
+          pid = read_pid_from_socket (intermediate_pids_sockets[PIPE_READ_END]);
+          close (intermediate_pids_sockets[PIPE_READ_END]);
         }
 
       /* Discover namespace ids before we drop privileges */
@@ -3232,9 +3232,9 @@ main (int    argc,
 
       /* We're back, either in a child or grandchild, so message the actual pid to the monitor */
 
-      close (intermediate_pids_sockets[0]);
-      send_pid_on_socket (intermediate_pids_sockets[1]);
-      close (intermediate_pids_sockets[1]);
+      close (intermediate_pids_sockets[PIPE_READ_END]);
+      send_pid_on_socket (intermediate_pids_sockets[PIPE_WRITE_END]);
+      close (intermediate_pids_sockets[PIPE_WRITE_END]);
     }
 
   /* Child, in sandbox, privileged in the parent or in the user namespace (if --unshare-user).
diff --git a/utils.c b/utils.c
@@ -782,6 +782,12 @@ send_pid_on_socket (int sockfd)
     die_with_error ("Can't send pid");
 }
 
+/*
+ * Create a socket pair such that if one process calls
+ * send_pid_on_socket(sockets[PIPE_WRITE_END]),
+ * another process will be able to call
+ * read_pid_from_socket(sockets[PIPE_READ_END]).
+ */
 void
 create_pid_socketpair (int sockets[2])
 {
@@ -790,7 +796,7 @@ create_pid_socketpair (int sockets[2])
   if (socketpair (AF_UNIX, SOCK_SEQPACKET | SOCK_CLOEXEC, 0, sockets) != 0)
     die_with_error ("Can't create intermediate pids socket");
 
-  if (setsockopt (sockets[0], SOL_SOCKET, SO_PASSCRED, &enable, sizeof (enable)) < 0)
+  if (setsockopt (sockets[PIPE_READ_END], SOL_SOCKET, SO_PASSCRED, &enable, sizeof (enable)) < 0)
     die_with_error ("Can't set SO_PASSCRED");
 }
 

Original file line number	Diff line number	Diff line change
`@@ -3144,11 +3144,11 @@ main (int argc,`
`3144`	`3144`	`{`
`3145`	`3145`	`/* Parent, outside sandbox, privileged (initially) */`
`3146`	`3146`
`3147`		`- if (intermediate_pids_sockets[0] != -1)`
	`3147`	`+ if (intermediate_pids_sockets[PIPE_READ_END] != -1)`
`3148`	`3148`	`{`
`3149`		`- close (intermediate_pids_sockets[1]);`
`3150`		`- pid = read_pid_from_socket (intermediate_pids_sockets[0]);`
`3151`		`- close (intermediate_pids_sockets[0]);`
	`3149`	`+ close (intermediate_pids_sockets[PIPE_WRITE_END]);`
	`3150`	`+ pid = read_pid_from_socket (intermediate_pids_sockets[PIPE_READ_END]);`
	`3151`	`+ close (intermediate_pids_sockets[PIPE_READ_END]);`
`3152`	`3152`	`}`
`3153`	`3153`
`3154`	`3154`	`/* Discover namespace ids before we drop privileges */`
`@@ -3232,9 +3232,9 @@ main (int argc,`
`3232`	`3232`
`3233`	`3233`	`/* We're back, either in a child or grandchild, so message the actual pid to the monitor */`
`3234`	`3234`
`3235`		`- close (intermediate_pids_sockets[0]);`
`3236`		`- send_pid_on_socket (intermediate_pids_sockets[1]);`
`3237`		`- close (intermediate_pids_sockets[1]);`
	`3235`	`+ close (intermediate_pids_sockets[PIPE_READ_END]);`
	`3236`	`+ send_pid_on_socket (intermediate_pids_sockets[PIPE_WRITE_END]);`
	`3237`	`+ close (intermediate_pids_sockets[PIPE_WRITE_END]);`
`3238`	`3238`	`}`
`3239`	`3239`
`3240`	`3240`	`/* Child, in sandbox, privileged in the parent or in the user namespace (if --unshare-user).`
Original file line number	Diff line number	Diff line change
`@@ -782,6 +782,12 @@ send_pid_on_socket (int sockfd)`
`782`	`782`	`die_with_error ("Can't send pid");`
`783`	`783`	`}`
`784`	`784`
	`785`	`+/*`
	`786`	`+ * Create a socket pair such that if one process calls`
	`787`	`+ * send_pid_on_socket(sockets[PIPE_WRITE_END]),`
	`788`	`+ * another process will be able to call`
	`789`	`+ * read_pid_from_socket(sockets[PIPE_READ_END]).`
	`790`	`+ */`
`785`	`791`	`void`
`786`	`792`	`create_pid_socketpair (int sockets[2])`
`787`	`793`	`{`
`@@ -790,7 +796,7 @@ create_pid_socketpair (int sockets[2])`
`790`	`796`	`if (socketpair (AF_UNIX, SOCK_SEQPACKET \| SOCK_CLOEXEC, 0, sockets) != 0)`
`791`	`797`	`die_with_error ("Can't create intermediate pids socket");`
`792`	`798`
`793`		`- if (setsockopt (sockets[0], SOL_SOCKET, SO_PASSCRED, &enable, sizeof (enable)) < 0)`
	`799`	`+ if (setsockopt (sockets[PIPE_READ_END], SOL_SOCKET, SO_PASSCRED, &enable, sizeof (enable)) < 0)`
`794`	`800`	`die_with_error ("Can't set SO_PASSCRED");`
`795`	`801`	`}`
`796`	`802`