oz-init pid mappings are now properly destroyed as these processes exit.

8 years ago · b567e5ce54
parent a930fbbce0
commit b567e5ce54
2 changed files with 25 additions and 1 deletions
--- a/sgfw/ipc.go
+++ b/sgfw/ipc.go
@ -34,6 +34,7 @@ func addInitPid(pid int, name string) {
 }
 func removeInitPid(pid int) {
 fmt.Println("::::::::::: removing PID: ", pid)
 	for i := 0; i < len(OzInitPids); i++ {
 		if OzInitPids[i].Pid == pid {
 			OzInitPids = append(OzInitPids[:i], OzInitPids[i+1:]...)
@ -174,6 +175,18 @@ func ReceiverLoop(fw *Firewall, c net.Conn) {
 				addInitPid(initpid, ozname)
 				c.Write([]byte("OK.\n"))
 				return
 			} else if tokens[0] == "unregister-init" && len(tokens) == 2 {
 				initp := tokens[1]
 				initpid, err := strconv.Atoi(initp)
 				if err != nil {
 					log.Notice("IPC received invalid oz-init pid: ", initp)
 					c.Write([]byte("Bad command: init pid was invalid"))
 					return
 				}
 				removeInitPid(initpid)
 				c.Write([]byte("OK.\n"))
 			}
 			if len(tokens) != 6 {
--- a/sgfw/policy.go
+++ b/sgfw/policy.go
@ -502,6 +502,7 @@ func findProcessForPacket(pkt *nfqueue.NFQPacket) (*procsnitch.Info, string) {
 		res := procsnitch.LookupTCPSocketProcessAll(srcip, srcp, dstip, dstp, nil)
 		if res == nil {
 			removePids := make([]int, 0)
 			for i := 0; i < len(OzInitPids); i++ {
 				data := ""
@ -511,6 +512,11 @@ fmt.Println("XXX: opening: ", fname)
 				if err != nil {
 					fmt.Println("Error reading proc data from ", fname, ": ", err)
 					if err == syscall.ENOENT {
 						removePids = append(removePids, OzInitPids[i].Pid)
 					}
 					continue
 				} else {
 					data = string(bdata)
@ -538,6 +544,11 @@ fmt.Println("XXX: opening: ", fname)
 				}
 			}
 			for _, p := range removePids {
 				removeInitPid(p)
 			}
 		}
 		return res, optstr