From 425877c7e80de4164f857a6c525ab1cdf6396e1e Mon Sep 17 00:00:00 2001
From: Marius Halden <marius.h@lden.org>
Date: Tue, 19 Mar 2019 13:36:53 +0100
Subject: Add jail(2) syscall

---
 jail.go | 80 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 80 insertions(+)

diff --git a/jail.go b/jail.go
index 46aa5c1..49d3bc0 100644
--- a/jail.go
+++ b/jail.go
@@ -74,6 +74,86 @@ var ENoent = errors.New(C.GoString(C.strerror(C.ENOENT)))
 var EExist = errors.New(C.GoString(C.strerror(C.EEXIST)))
 var ENameTooLong = errors.New(C.GoString(C.strerror(C.ENAMETOOLONG)))
 
+type Jail struct {
+	Version  int32
+	Path     string
+	Hostname string
+	Jailname string
+	Ip4s     []string
+	Ip6s     []string
+}
+
+func (j Jail) Jail() (int, error) {
+	var jid int = 0
+	var err error = nil
+
+	c_jail := (*C.struct_jail)(C.malloc(C.sizeof_struct_jail))
+
+	c_jail.version = C.uint32_t(j.Version)
+	c_jail.path = C.CString(j.Path)
+	c_jail.hostname = C.CString(j.Hostname)
+	c_jail.jailname = C.CString(j.Jailname)
+
+	c_jail.ip4s = C.uint32_t(len(j.Ip4s))
+	c_jail.ip6s = C.uint32_t(len(j.Ip6s))
+
+	if c_jail.ip4s > 0 {
+		ip4 := (*C.struct_in_addr)(C.malloc(C.ulong(C.sizeof_struct_in_addr * c_jail.ip4s)))
+
+		for i, ip := range j.Ip4s {
+			c_str := C.CString(ip)
+			ptr := C.get_in_addr_ptr((*C.struct_in_addr)(ip4), C.int(i))
+
+			if C.inet_pton(C.AF_INET, c_str, unsafe.Pointer(ptr)) == -1 {
+				panic("Invalid IPv4 address")
+			}
+
+			C.free(unsafe.Pointer(c_str))
+		}
+
+		c_jail.ip4 = ip4
+	} else {
+		c_jail.ip4 = (*C.struct_in_addr)(C.NULL)
+	}
+
+	if c_jail.ip6s > 0 {
+		ip6 := (*C.struct_in6_addr)(C.malloc(C.ulong(C.sizeof_struct_in6_addr * c_jail.ip6s)))
+
+		for i, ip := range j.Ip6s {
+			c_str := C.CString(ip)
+			ptr := C.get_in6_addr_ptr((*C.struct_in6_addr)(ip6), C.int(i))
+
+			if C.inet_pton(C.AF_INET6, c_str, unsafe.Pointer(ptr)) == -1 {
+				panic("Invalid IPv6 address")
+			}
+
+			C.free(unsafe.Pointer(c_str))
+		}
+
+		c_jail.ip6 = ip6
+	} else {
+		c_jail.ip6 = (*C.struct_in6_addr)(C.NULL)
+	}
+
+	ret := C.jail(c_jail)
+	if ret == -1 {
+		err = errnoToError()
+		goto do_free
+	}
+
+	jid = int(ret)
+
+do_free:
+	C.free(unsafe.Pointer(c_jail.path))
+	C.free(unsafe.Pointer(c_jail.hostname))
+	C.free(unsafe.Pointer(c_jail.jailname))
+	C.free(unsafe.Pointer(c_jail.ip4))
+	C.free(unsafe.Pointer(c_jail.ip6))
+	C.free(unsafe.Pointer(c_jail))
+
+	return jid, err
+}
+
 func mapToIov(params map[string]interface{}) (unsafe.Pointer, int, []unsafe.Pointer) {
 	var freeList []unsafe.Pointer
 	var i = 0
-- 
cgit v1.2.3