From c99076bf945e658b58b57ce901cc469a87c0d999 Mon Sep 17 00:00:00 2001 From: Christian Blichmann Date: Thu, 5 Nov 2020 02:03:20 -0800 Subject: [PATCH] Replace `std::unique_ptr` with vector No need for the smart pointer indirection when an `std::vector` can also hold the BPF policy. PiperOrigin-RevId: 340809220 Change-Id: I8a63567e8042d9ff875cba739e8552db87b6901a --- sandboxed_api/sandbox2/client.cc | 11 ++++------- sandboxed_api/sandbox2/client.h | 5 +---- 2 files changed, 5 insertions(+), 11 deletions(-) diff --git a/sandboxed_api/sandbox2/client.cc b/sandboxed_api/sandbox2/client.cc index 01f2204..dddbb7a 100644 --- a/sandboxed_api/sandbox2/client.cc +++ b/sandboxed_api/sandbox2/client.cc @@ -169,10 +169,7 @@ void Client::SetUpIPC() { void Client::ReceivePolicy() { std::vector bytes; SAPI_RAW_CHECK(comms_->RecvBytes(&bytes), "receive bytes"); - policy_len_ = bytes.size(); - - policy_ = absl::make_unique(policy_len_); - memcpy(policy_.get(), bytes.data(), policy_len_); + policy_ = std::move(bytes); } void Client::ApplyPolicyAndBecomeTracee() { @@ -201,12 +198,12 @@ void Client::ApplyPolicyAndBecomeTracee() { "setting PR_SET_KEEPCAPS flag"); sock_fprog prog; - prog.len = static_cast(policy_len_ / sizeof(sock_filter)); - prog.filter = reinterpret_cast(policy_.get()); + prog.len = static_cast(policy_.size() / sizeof(sock_filter)); + prog.filter = reinterpret_cast(&policy_.front()); SAPI_RAW_VLOG( 1, "Applying policy in PID %d, sock_fprog.len: %hd entries (%d bytes)", - syscall(__NR_gettid), prog.len, policy_len_); + syscall(__NR_gettid), prog.len, policy_.size()); // Signal executor we are ready to have limits applied on us and be ptraced. // We want limits at the last moment to avoid triggering them too early and we diff --git a/sandboxed_api/sandbox2/client.h b/sandboxed_api/sandbox2/client.h index 8b1d0aa..7d0c917 100644 --- a/sandboxed_api/sandbox2/client.h +++ b/sandboxed_api/sandbox2/client.h @@ -72,10 +72,7 @@ class Client { friend class ForkServer; // Seccomp-bpf policy received from the monitor. - std::unique_ptr policy_; - - // Length of the policy received from the monitor. - int policy_len_; + std::vector policy_; // LogSink that forwards all log messages to the supervisor. std::unique_ptr logsink_;