From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202410 header.b=XfPjjdsN;
	dkim-atps=neutral
Received: from mail.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3])
	by passt.top (Postfix) with ESMTPS id 6BF975A061E
	for <passt-dev@passt.top>; Mon, 04 Nov 2024 09:40:26 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202410; t=1730709607;
	bh=3b0mebp7yC/Yq1ul12x24WxIQKYST959mt/tWDjpNnQ=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=XfPjjdsNIKcPshyEwZH5lCGBGSpE5HfIRbT8lDr4+6waDD2VskE1HYDS2MuXiSwmh
	 403Ei85Et50BrraZ69ht3XP8ctFMnn+pyCf6wB21SMP/09YQ8kmckPpNvcEjOpxwFL
	 yEk+HrtbZ8vkTw10RGqOkBcN2cQTWa+DrynkmRqM2capiOnxg+++nM+prDroQC3gpM
	 pJTU9mbpVe+kNEAcEfVeve77E1trz0eXyjmM22vgtiTGym89zGxIKPc0a2mNyTvq0q
	 CdAs865mmYYvT7Td9gRl06PlXcSY6wDBuL9+VWoyu8M/YCTBVLv12ZI8VIaJqpXcmW
	 RJDBzw7U9Vw4w==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4XhlK34J91z4xCV; Mon,  4 Nov 2024 19:40:07 +1100 (AEDT)
From: David Gibson <david@gibson.dropbear.id.au>
To: passt-dev@passt.top,
	Stefano Brivio <sbrivio@redhat.com>
Subject: [PATCH v9 10/20] isolation: Abort if mode is not set
Date: Mon,  4 Nov 2024 19:39:53 +1100
Message-ID: <20241104084004.3544294-11-david@gibson.dropbear.id.au>
X-Mailer: git-send-email 2.47.0
In-Reply-To: <20241104084004.3544294-1-david@gibson.dropbear.id.au>
References: <20241104084004.3544294-1-david@gibson.dropbear.id.au>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-ID-Hash: 4UVVLNMTSBBPBVNNGFOWWADJ36ENW476
X-Message-ID-Hash: 4UVVLNMTSBBPBVNNGFOWWADJ36ENW476
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: David Gibson <david@gibson.dropbear.id.au>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20241104084004.3544294-11-david@gibson.dropbear.id.au/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/4UVVLNMTSBBPBVNNGFOWWADJ36ENW476/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

Our mode (passt / pasta / vhost-user) should always be set by the time we
reach isolate_postfork().  Make sure it is with an ASSERT(), rather than
risk continuing with no seccomp filter installed.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
 isolation.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/isolation.c b/isolation.c
index c2a3c7b..c944fb3 100644
--- a/isolation.c
+++ b/isolation.c
@@ -392,6 +392,8 @@ void isolate_postfork(const struct ctx *c)
 		prog.len = (unsigned short)ARRAY_SIZE(filter_vu);
 		prog.filter = filter_vu;
 		break;
+	default:
+		ASSERT(0);
 	}
 
 	if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) ||
-- 
2.47.0