diff options
Diffstat (limited to 'cap/oslocks.go')
-rw-r--r-- | cap/oslocks.go | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/cap/oslocks.go b/cap/oslocks.go new file mode 100644 index 0000000..9754020 --- /dev/null +++ b/cap/oslocks.go @@ -0,0 +1,51 @@ +// +build go1.10 + +package cap + +import "syscall" + +// LaunchSupported indicates that is safe to return from a locked +// OS Thread and have that OS Thread be terminated by the runtime. The +// Launch functionality really needs to rely on the fact that an +// excess of runtime.LockOSThread() vs. runtime.UnlockOSThread() calls +// in a returning go routine will cause the underlying locked OSThread +// to terminate. That feature was added to the Go runtime in version +// 1.10. +// +// See these bugs for the discussion and feature assumed by the code +// in this Launch() functionality: +// +// https://github.com/golang/go/issues/20395 +// https://github.com/golang/go/issues/20458 +// +// A value of false for this constant causes the Launch functionality +// to fail with an error: cap.ErrNoLaunch. If this value is false you +// have two choices with respect to the Launch functionality: +// +// 1) don't use cap.(*Launcher).Launch() +// 2) upgrade your Go toolchain to 1.10+ (ie., do this one). +const LaunchSupported = true + +// validatePA confirms that the pa.Sys entry is not incompatible with +// Launch and loads up the chroot value. +func validatePA(pa *syscall.ProcAttr, chroot string) (bool, error) { + s := pa.Sys + if s == nil { + if chroot == "" { + return false, nil + } + s = &syscall.SysProcAttr{ + Chroot: chroot, + } + pa.Sys = s + } else if s.Chroot != "" { + return false, ErrAmbiguousChroot + } + if s.Credential != nil { + return false, ErrAmbiguousIDs + } + if len(s.AmbientCaps) != 0 { + return false, ErrAmbiguousAmbient + } + return s != nil && s.Chroot != "", nil +} |