|
2 | 2 |
|
3 | 3 | use std::alloc::{handle_alloc_error, GlobalAlloc, Layout}; |
4 | 4 | use std::ffi::c_void; |
5 | | -use std::mem::{offset_of, zeroed}; |
| 5 | +use std::mem::{align_of, size_of, zeroed}; |
6 | 6 | use std::os::fd::{AsRawFd, FromRawFd, OwnedFd}; |
7 | 7 | use std::os::unix::net::UnixStream; |
8 | 8 | use std::os::unix::process::CommandExt; |
@@ -41,9 +41,8 @@ struct NotifyAllocs { |
41 | 41 | } |
42 | 42 |
|
43 | 43 | fn alloc_dynamic<T>(runtime_size: u16) -> (*mut T, usize) { |
44 | | - const { |
45 | | - assert!(size_of::<T>() > 0); |
46 | | - } |
| 44 | + // FIXME put this in a const block once the MSRV has been bumped enough |
| 45 | + assert!(size_of::<T>() > 0); |
47 | 46 |
|
48 | 47 | let layout = Layout::from_size_align( |
49 | 48 | cmp::max(runtime_size.into(), size_of::<T>()), |
@@ -231,10 +230,15 @@ pub fn add_noexec_filter(command: &mut Command, file_closer: &mut FileCloser) { |
231 | 230 | unsafe { |
232 | 231 | // SAFETY: The closure only calls async-signal-safe functions. |
233 | 232 | command.pre_exec(move || { |
| 233 | + // FIXME replace with offset_of!(seccomp_data, nr) once MSRV is bumped to 1.77 |
| 234 | + // SAFETY: seccomp_data can be safely zero-initialized. |
| 235 | + let dummy: seccomp_data = zeroed(); |
| 236 | + let nr_offset = (&dummy.nr) as *const _ as usize - &dummy as *const _ as usize; |
| 237 | + |
234 | 238 | // SAFETY: libc unnecessarily marks these functions as unsafe |
235 | 239 | let exec_filter: [sock_filter; 5] = [ |
236 | 240 | // Load syscall number into the accumulator |
237 | | - BPF_STMT((BPF_LD | BPF_ABS) as _, offset_of!(seccomp_data, nr) as _), |
| 241 | + BPF_STMT((BPF_LD | BPF_ABS) as _, nr_offset as _), |
238 | 242 | // Jump to user notify for execve/execveat |
239 | 243 | BPF_JUMP((BPF_JMP | BPF_JEQ | BPF_K) as _, SYS_execve as _, 2, 0), |
240 | 244 | BPF_JUMP((BPF_JMP | BPF_JEQ | BPF_K) as _, SYS_execveat as _, 1, 0), |
|
0 commit comments