| 1116 | } |
| 1117 | |
| 1118 | func sendContainerProcessState(listenerPath string, state *specs.ContainerProcessState, file *os.File) error { |
| 1119 | conn, err := net.Dial("unix", listenerPath) |
| 1120 | if err != nil { |
| 1121 | return fmt.Errorf("failed to connect with seccomp agent specified in the seccomp profile: %w", err) |
| 1122 | } |
| 1123 | defer conn.Close() |
| 1124 | |
| 1125 | socket, err := conn.(*net.UnixConn).File() |
| 1126 | if err != nil { |
| 1127 | return fmt.Errorf("cannot get seccomp socket: %w", err) |
| 1128 | } |
| 1129 | defer socket.Close() |
| 1130 | |
| 1131 | b, err := json.Marshal(state) |
| 1132 | if err != nil { |
| 1133 | return fmt.Errorf("cannot marshall seccomp state: %w", err) |
| 1134 | } |
| 1135 | |
| 1136 | if err := cmsg.SendRawFd(socket, string(b), file.Fd()); err != nil { |
| 1137 | return fmt.Errorf("cannot send seccomp fd to %s: %w", listenerPath, err) |
| 1138 | } |
| 1139 | runtime.KeepAlive(file) |
| 1140 | return nil |
| 1141 | } |
| 1142 | |
| 1143 | func getPipeFds(pid int) ([]string, error) { |
| 1144 | fds := make([]string, 3) |