Add setgroups and fix getgroups (#1006)

yujincheng08 · web-flow · commit 2fc59e9e4ee7 · 2024-03-19T13:22:20.000-07:00
diff --git a/src/backend/libc/thread/syscalls.rs b/src/backend/libc/thread/syscalls.rs
@@ -531,3 +531,12 @@ unsafe fn futex_old(
         val3,
     ) as isize)
 }
+
+#[cfg(linux_kernel)]
+#[inline]
+pub(crate) fn setgroups_thread(groups: &[crate::ugid::Gid]) -> io::Result<()> {
+    syscall! {
+        fn setgroups(size: c::size_t, list: *const c::gid_t) via SYS_setgroups -> c::c_int
+    }
+    ret(unsafe { setgroups(groups.len(), groups.as_ptr().cast()) })
+}
diff --git a/src/backend/linux_raw/thread/syscalls.rs b/src/backend/linux_raw/thread/syscalls.rs
@@ -7,7 +7,7 @@
 
 use crate::backend::c;
 use crate::backend::conv::{
-    by_mut, by_ref, c_int, c_uint, ret, ret_c_int, ret_c_int_infallible, ret_usize,
+    by_mut, by_ref, c_int, c_uint, ret, ret_c_int, ret_c_int_infallible, ret_usize, slice,
     slice_just_addr, slice_just_addr_mut, zero,
 };
 use crate::fd::BorrowedFd;
@@ -345,3 +345,9 @@ pub(crate) fn setresgid_thread(
         ret(syscall_readonly!(__NR_setresgid, rgid, egid, sgid))
     }
 }
+
+#[inline]
+pub(crate) fn setgroups_thread(gids: &[crate::ugid::Gid]) -> io::Result<()> {
+    let (addr, len) = slice(gids);
+    unsafe { ret(syscall_readonly!(__NR_setgroups, len, addr)) }
+}
diff --git a/src/process/id.rs b/src/process/id.rs
@@ -213,20 +213,9 @@ pub fn setsid() -> io::Result<Pid> {
 pub fn getgroups() -> io::Result<Vec<Gid>> {
     // This code would benefit from having a better way to read into
     // uninitialized memory, but that requires `unsafe`.
-    let mut buffer = Vec::with_capacity(8);
-    buffer.resize(buffer.capacity(), Gid::ROOT);
-
-    loop {
-        let ngroups = backend::process::syscalls::getgroups(&mut buffer)?;
-
-        let ngroups = ngroups as usize;
-        assert!(ngroups <= buffer.len());
-        if ngroups < buffer.len() {
-            buffer.resize(ngroups, Gid::ROOT);
-            return Ok(buffer);
-        }
-        // Use `Vec` reallocation strategy to grow capacity exponentially.
-        buffer.reserve(1);
-        buffer.resize(buffer.capacity(), Gid::ROOT);
-    }
+    let mut buffer = Vec::with_capacity(0);
+    let ngroups = backend::process::syscalls::getgroups(&mut buffer)?;
+    buffer.resize(ngroups, Gid::ROOT);
+    backend::process::syscalls::getgroups(&mut buffer)?;
+    Ok(buffer)
 }
diff --git a/src/thread/id.rs b/src/thread/id.rs
@@ -113,3 +113,15 @@ pub fn set_thread_gid(gid: Gid) -> io::Result<()> {
 pub fn set_thread_res_gid(rgid: Gid, egid: Gid, sgid: Gid) -> io::Result<()> {
     backend::thread::syscalls::setresgid_thread(rgid, egid, sgid)
 }
+
+/// `setgroups(groups)`-Sets the supplementary group IDs for the calling thread.
+///
+/// # References
+/// - [Linux]
+///
+/// [Linux]: https://man7.org/linux/man-pages/man2/setgroups.2.html
+#[cfg(linux_kernel)]
+#[inline]
+pub fn set_thread_groups(groups: &[Gid]) -> io::Result<()> {
+    backend::thread::syscalls::setgroups_thread(groups)
+}
diff --git a/src/thread/mod.rs b/src/thread/mod.rs
@@ -19,8 +19,8 @@ pub use clock::*;
 pub use futex::{futex, FutexFlags, FutexOperation};
 #[cfg(linux_kernel)]
 pub use id::{
-    gettid, set_thread_gid, set_thread_res_gid, set_thread_res_uid, set_thread_uid, Gid, Pid,
-    RawGid, RawPid, RawUid, Uid,
+    gettid, set_thread_gid, set_thread_groups, set_thread_res_gid, set_thread_res_uid,
+    set_thread_uid, Gid, Pid, RawGid, RawPid, RawUid, Uid,
 };
 #[cfg(linux_kernel)]
 pub use libcap::{capabilities, set_capabilities, CapabilityFlags, CapabilitySets};
