syd 3.52.0

rock-solid application kernel
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245

use std::{fmt, io};

use nix::errno::Errno;

#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum ErrorCode {
    Exec = 1,
    CapSet = 2,
    ParentDeathSignal = 3,
    PreExec = 4,
    ProcessStop = 5,
    ResetSignal = 6,
    SetResourceLimits = 7,
    LandlockFilterScopedSignals = 8,
    Seccomp = 9,
    SeccompFilterIoctl = 10,
    SeccompFilterAppendOnly = 11,
    SeccompFilterKptr = 12,
    SeccompSendFd = 13,
    SeccompWaitFd = 14,
    SetDumpable = 15,
    SetSid = 16,
    SetPty = 17,
    DupPty = 18,
    SetPgrp = 19,
    SetTSC = 20,
}

/// Error running process
///
/// This type has very large number of options and it's enum only to be
/// compact. Probably you shouldn't match on the error cases but just format
/// it for user into string.
#[derive(Debug)]
pub enum Error {
    /// Unknown nix error
    ///
    /// Frankly, this error should not happen when running process. We just
    /// keep it here in case `nix` returns this error, which should not happen.
    NixError(i32), // Not sure it's possible, but it is here to convert from
    // nix::Error safer
    /// Some invalid error code received from child application
    UnknownError,
    /// Error when calling capset syscall
    CapSet(i32),
    /// Error when running execve() systemcall
    Exec(i32),
    /// Unable to set death signal (probably signal number invalid)
    ParentDeathSignal(i32),
    /// Before unfreeze callback error
    BeforeUnfreeze(Box<dyn ::std::error::Error + Send + Sync + 'static>),
    /// Before exec callback error
    PreExec(i32),
    /// Error stopping process
    ProcessStop(i32),
    /// Error resetting signals
    ResetSignal(i32),
    /// Error setting resource limits
    SetResourceLimits(i32),
    /// Error setting scoped signals using landlock(7)
    LandlockFilterScopedSignals(i32),
    /// Seccomp error (loading filter, getting notify fd)
    Seccomp(i32),
    /// Error filtering ioctl(2) requests with seccomp
    SeccompFilterIoctl(i32),
    /// Error filtering pwritev2(2) requests with seccomp
    SeccompFilterAppendOnly(i32),
    /// Error filtering kernel pointers in syscall arguments with seccomp
    SeccompFilterKptr(i32),
    /// Error sending notification fd through the seccomp sender channel
    SeccompSendFd(i32),
    /// Error waiting for parent to receive the seccomp fd
    SeccompWaitFd(i32),
    /// Error calling prctl(PR_SET_DUMPABLE)
    SetDumpable(i32),
    /// Error calling setsid(2)
    SetSid(i32),
    /// Error calling TIOCSCTTY ioctl(2)
    SetPty(i32),
    /// Error calling dup(2) on PTY fd
    DupPty(i32),
    /// Error calling tcsetpgrp(3)
    SetPgrp(i32),
    /// Error calling prctl PR_SET_TSC
    SetTSC(i32),
}

impl std::error::Error for Error {}

impl Error {
    /// Similarly to `io::Error` returns bare error code
    pub fn raw_os_error(&self) -> Option<i32> {
        use self::Error::*;
        match *self {
            UnknownError => None,
            NixError(x) => Some(x),
            CapSet(x) => Some(x),
            Exec(x) => Some(x),
            ParentDeathSignal(x) => Some(x),
            BeforeUnfreeze(..) => None,
            PreExec(x) => Some(x),
            ProcessStop(x) => Some(x),
            ResetSignal(x) => Some(x),
            SetResourceLimits(x) => Some(x),
            LandlockFilterScopedSignals(x) => Some(x),
            Seccomp(x) => Some(x),
            SeccompFilterIoctl(x) => Some(x),
            SeccompFilterAppendOnly(x) => Some(x),
            SeccompFilterKptr(x) => Some(x),
            SeccompSendFd(x) => Some(x),
            SeccompWaitFd(x) => Some(x),
            SetDumpable(x) => Some(x),
            SetSid(x) => Some(x),
            SetPty(x) => Some(x),
            DupPty(x) => Some(x),
            SetPgrp(x) => Some(x),
            SetTSC(x) => Some(x),
        }
    }
}

impl Error {
    fn title(&self) -> &'static str {
        use self::Error::*;
        match *self {
            UnknownError => "unexpected value received via signal pipe",
            NixError(_) => "some unknown nix error",
            CapSet(_) => "error when setting capabilities",
            Exec(_) => "error when executing",
            ParentDeathSignal(_) => "error when death signal",
            BeforeUnfreeze(_) => "error in before_unfreeze callback",
            PreExec(_) => "error in pre_exec callback",
            ProcessStop(_) => "error stopping process",
            ResetSignal(_) => "error resetting signals",
            SetResourceLimits(_) => "error setting resource limits",
            LandlockFilterScopedSignals(_) => "error scoping signals with landlock",
            Seccomp(_) => "error in seccomp filter load",
            SeccompFilterIoctl(_) => "error filtering ioctl requests with seccomp",
            SeccompFilterAppendOnly(_) => "error filtering pwritev2 requests with seccomp",
            SeccompFilterKptr(_) => {
                "error filtering kernel pointers in syscall arguments with seccomp"
            }
            SeccompSendFd(_) => "error sending seccomp file descriptor",
            SeccompWaitFd(_) => "error waiting for parent to receive the seccomp file descriptor",
            SetDumpable(_) => "error resetting process dumpable attribute",
            SetSid(_) => "error calling setsid",
            SetPty(_) => "error setting pty as controlling terminal",
            DupPty(_) => "error duplicating pty onto stdio fds",
            SetPgrp(_) => "error setting foreground process group",
            SetTSC(_) => "error setting timestamp counter prctl",
        }
    }
}

impl fmt::Display for Error {
    fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
        use crate::unshare::Error::*;
        if let Some(code) = self.raw_os_error() {
            let errno = Errno::from_raw(code);
            if let nix::errno::Errno::UnknownErrno = errno {
                // May be OS knows error name better
                write!(
                    fmt,
                    "{}: {}",
                    self.title(),
                    io::Error::from_raw_os_error(code)
                )
            } else {
                // Format similar to that of std::io::Error
                write!(
                    fmt,
                    "{}: {} (os error {})",
                    self.title(),
                    errno.desc(),
                    code
                )
            }
        } else {
            match self {
                BeforeUnfreeze(err) => {
                    write!(fmt, "{}: {}", self.title(), err)
                }
                _ => write!(fmt, "{}", self.title()),
            }
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_error_1() {
        assert_eq!(Error::UnknownError.raw_os_error(), None);
    }

    #[test]
    fn test_error_2() {
        assert_eq!(Error::Exec(1).raw_os_error(), Some(1));
    }

    #[test]
    fn test_error_3() {
        assert_eq!(Error::CapSet(2).raw_os_error(), Some(2));
    }

    #[test]
    fn test_error_4() {
        assert_eq!(Error::Seccomp(22).raw_os_error(), Some(22));
    }

    #[test]
    fn test_error_5() {
        let err = Error::BeforeUnfreeze(Box::new(std::io::Error::from(
            std::io::ErrorKind::PermissionDenied,
        )));
        assert_eq!(err.raw_os_error(), None);
    }

    #[test]
    fn test_error_6() {
        let s = Error::Exec(libc::ENOENT).to_string();
        assert!(s.contains("executing"));
    }

    #[test]
    fn test_error_7() {
        let s = Error::UnknownError.to_string();
        assert!(!s.is_empty());
    }

    #[test]
    fn test_error_8() {
        let s = Error::Seccomp(libc::EINVAL).to_string();
        assert!(s.contains("seccomp"));
    }

    #[test]
    fn test_error_9() {
        assert_eq!(ErrorCode::Exec as i32, 1);
        assert_eq!(ErrorCode::CapSet as i32, 2);
        assert_eq!(ErrorCode::Seccomp as i32, 9);
    }
}