From a9b07d7684536a9fd58ea4686583a484caf6ba45 Mon Sep 17 00:00:00 2001
From: Zygo Blaxell <bees@furryterror.org>
Date: Thu, 9 Jan 2025 01:16:02 -0500
Subject: [PATCH] openat2: create a weak syscall wrapper for it

openat2 allows closing more TOCTOU holes, but we can only use it when
the kernel supports it.

This should disappear seamlessly when libc implements the function.

Signed-off-by: Zygo Blaxell <bees@furryterror.org>
---
 include/crucible/openat2.h | 17 +++++++++++++++++
 lib/Makefile               |  1 +
 lib/openat2.cc             | 13 +++++++++++++
 3 files changed, 31 insertions(+)
 create mode 100644 include/crucible/openat2.h
 create mode 100644 lib/openat2.cc

diff --git a/include/crucible/openat2.h b/include/crucible/openat2.h
new file mode 100644
index 0000000..45f2c7f
--- /dev/null
+++ b/include/crucible/openat2.h
@@ -0,0 +1,17 @@
+#ifndef CRUCIBLE_OPENAT2_H
+#define CRUCIBLE_OPENAT2_H
+
+#include <linux/openat2.h>
+
+#include <fcntl.h>
+#include <sys/syscall.h>
+#include <unistd.h>
+
+extern "C" {
+
+/// Weak symbol to support libc with no syscall wrapper
+int openat2(int dirfd, const char *pathname, struct open_how *how, size_t size) throw();
+
+};
+
+#endif // CRUCIBLE_OPENAT2_H
diff --git a/lib/Makefile b/lib/Makefile
index cddea6f..939f844 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -14,6 +14,7 @@ CRUCIBLE_OBJS = \
 	fs.o \
 	multilock.o \
 	ntoa.o \
+	openat2.o \
 	path.o \
 	process.o \
 	string.o \
diff --git a/lib/openat2.cc b/lib/openat2.cc
new file mode 100644
index 0000000..95c9eb3
--- /dev/null
+++ b/lib/openat2.cc
@@ -0,0 +1,13 @@
+#include "crucible/openat2.h"
+
+extern "C" {
+
+int
+__attribute__((weak))
+openat2(int const dirfd, const char *const pathname, struct open_how *const how, size_t const size)
+throw()
+{
+	return syscall(SYS_openat2, dirfd, pathname, how, size);
+}
+
+};