cap/oslocks.go


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

// +build go1.10

package cap

import "syscall"

// LaunchSupported indicates that is safe to return from a locked
// OS Thread and have that OS Thread be terminated by the runtime. The
// Launch functionality really needs to rely on the fact that an
// excess of runtime.LockOSThread() vs. runtime.UnlockOSThread() calls
// in a returning go routine will cause the underlying locked OSThread
// to terminate. That feature was added to the Go runtime in version
// 1.10.
//
// See these bugs for the discussion and feature assumed by the code
// in this Launch() functionality:
//
//   https://github.com/golang/go/issues/20395
//   https://github.com/golang/go/issues/20458
//
// A value of false for this constant causes the Launch functionality
// to fail with an error: cap.ErrNoLaunch. If this value is false you
// have two choices with respect to the Launch functionality:
//
//   1) don't use cap.(*Launcher).Launch()
//   2) upgrade your Go toolchain to 1.10+ (ie., do this one).
const LaunchSupported = true

// validatePA confirms that the pa.Sys entry is not incompatible with
// Launch and loads up the chroot value.
func validatePA(pa *syscall.ProcAttr, chroot string) (bool, error) {
	s := pa.Sys
	if s == nil {
		if chroot == "" {
			return false, nil
		}
		s = &syscall.SysProcAttr{
			Chroot: chroot,
		}
		pa.Sys = s
	} else if s.Chroot != "" {
		return false, ErrAmbiguousChroot
	}
	if s.Credential != nil {
		return false, ErrAmbiguousIDs
	}
	if len(s.AmbientCaps) != 0 {
		return false, ErrAmbiguousAmbient
	}
	return s != nil && s.Chroot != "", nil
}