Revert last three commits

This reverts commit a97adf188b. This reverts commit c61fb504c6 This reverts commit 0bb5c528ee
2025-05-14 11:22:23 +02:00
parent 0bb5c528ee
commit 0f16f071b4
1 changed files with 31 additions and 11 deletions
--- a/src/agent.rs
+++ b/src/agent.rs
@@ -1,10 +1,11 @@
 use anyhow::{bail, Result};
 use libc::{
-    c_char, c_void, close, execve, fork, ftruncate, memfd_create, mmap, perror, syscall,
-    SYS_memfd_secret, MAP_FAILED, MAP_SHARED, PROT_READ, PROT_WRITE,
+    c_char, c_void, close, execve, fcntl, fork, ftruncate, memfd_create, mmap, perror, syscall,
+    SYS_futex, FUTEX_WAIT, FUTEX_WAKE, F_ADD_SEALS, F_SEAL_FUTURE_WRITE, MAP_FAILED, MAP_SHARED,
+    MFD_ALLOW_SEALING, PROT_READ, PROT_WRITE,
 };
 use shared_memory_heap::get_shared_mem_fd;
-use std::{arch::x86_64::_mm_mfence, ffi::CString, path::Path, ptr};
+use std::{ffi::CString, path::Path, ptr, usize};

 pub struct Agent {
    sync_mem: *mut usize,
@@ -15,7 +16,7 @@ unsafe impl Send for Agent {}
 impl Agent {
    pub(crate) unsafe fn new(agent_path: &Path, keyfile_path: &Path) -> Result<Self> {
        let data_fd = get_shared_mem_fd();
-        let sync_fd = syscall(SYS_memfd_secret, 0) as i32;
+        let sync_fd = memfd_create("sync\x00".as_ptr() as *const c_char, MFD_ALLOW_SEALING);

        if sync_fd <= 0 {
            bail!("creating memfd failed");
@@ -35,6 +36,8 @@ impl Agent {
            0,
        ) as *mut usize;

+        fcntl(sync_fd, F_ADD_SEALS, F_SEAL_FUTURE_WRITE);
+
        if sync_mem == MAP_FAILED as *mut usize {
            bail!("mmap failed");
        }
@@ -63,7 +66,7 @@ impl Agent {

            execve(path.as_ptr() as *const c_char, args.as_ptr(), ptr::null());

-            perror(r#"execve:\0"#.as_ptr() as *const c_char);
+            perror("execve:\x00".as_ptr() as *const c_char);

            panic!("execve failed");
        }
@@ -80,12 +83,29 @@ impl Agent {
            *self.sync_mem.add(i + 2) = *ptr;
        }

-        *self.sync_mem = 1;
-
-        _mm_mfence();
-        #[allow(clippy::while_immutable_condition)]
-        while *self.sync_mem == 1 {
-            _mm_mfence();
+        // wake agent
+        let mut woken_up = 0;
+        while woken_up == 0 {
+            woken_up = syscall(
+                SYS_futex,
+                self.sync_mem,
+                FUTEX_WAKE,
+                1,
+                ptr::null::<u8>(),
+                ptr::null::<u8>(),
+                0,
+            );
        }
+
+        // wait for agent to be finished
+        syscall(
+            SYS_futex,
+            self.sync_mem,
+            FUTEX_WAIT,
+            0,
+            ptr::null::<u8>(),
+            ptr::null::<u8>(),
+            0,
+        );
    }
 }