commit 6e9cd2c5cb4ec3d03da7dacd7ad9ff71b85f45b1
Author: niansa <anton-sa@web.de>
Date:   Mon Jul 19 10:54:59 2021 +0200

    Initial commit

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..01e00f3
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+CMakeLists.txt.user
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..354fd87
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,6 @@
+[submodule "qipc"]
+	path = qipc
+	url = https://gitlab.com/niansa/quickipc.git
+[submodule "dlhandlepp"]
+	path = dlhandlepp
+	url = https://gitlab.com/niansa/dlhandlepp
diff --git a/CMakeLists.txt b/CMakeLists.txt
new file mode 100644
index 0000000..9fe863a
--- /dev/null
+++ b/CMakeLists.txt
@@ -0,0 +1,16 @@
+cmake_minimum_required(VERSION 3.5)
+
+project(libhss LANGUAGES CXX)
+
+set(CMAKE_CXX_STANDARD 17)
+set(CMAKE_CXX_STANDARD_REQUIRED ON)
+
+add_executable(HSSChildLauncher child_launcher.cpp)
+target_link_libraries(HSSChildLauncher PRIVATE seccomp dl)
+target_include_directories(HSSChildLauncher PRIVATE qipc/include dlhandlepp)
+
+include(GNUInstallDirs)
+install(TARGETS HSSChildLauncher
+        RUNTIME DESTINATION bin
+)
+install(FILES hss.hpp DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/)
diff --git a/child_launcher.cpp b/child_launcher.cpp
new file mode 100644
index 0000000..2bd5543
--- /dev/null
+++ b/child_launcher.cpp
@@ -0,0 +1,49 @@
+#include <stdexcept>
+
+#include <linux/seccomp.h>
+#include <sys/time.h>
+#include <sys/resource.h>
+#include <seccomp.h>
+
+#include <QIPC/ipc.hpp>
+#include <dlhandle.hpp>
+
+
+void enable_limits() {
+    // rlimit
+    constexpr size_t memLimit = 4 * 1000; // 4 KB
+    rlimit memRLimit{memLimit, memLimit};
+    if (setrlimit(RLIMIT_AS, &memRLimit) < 0) {
+        throw std::runtime_error("Error setting ressource limits");
+    }
+    // Seccomp
+    scmp_filter_ctx ctx = seccomp_init(SCMP_ACT_ERRNO(EOPNOTSUPP));
+    for (const auto sysc : {
+         SCMP_SYS(mmap), SCMP_SYS(mmap2), SCMP_SYS(munmap),
+         SCMP_SYS(write), SCMP_SYS(read), SCMP_SYS(close),
+         SCMP_SYS(exit), SCMP_SYS(exit_group)
+                            }) {
+        seccomp_rule_add(ctx, SCMP_ACT_ALLOW, sysc, 0);
+    }
+    seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(write), 0);
+    if (seccomp_load(ctx) < 0) {
+        throw std::runtime_error("Error setting up seccomp");
+    }
+}
+
+int main(int argc, char **argv) {
+    // Get IPC
+    if (argc != 4) {
+        abort();
+    }
+    QIPC ipc(QIPC::Fds{{std::stoi(argv[1]), std::stoi(argv[2])}});
+    // Launch
+    close(STDIN_FILENO);
+    close(STDOUT_FILENO);
+    close(STDERR_FILENO);
+    Dlhandle dl(argv[3], RTLD_NOW | RTLD_LOCAL);
+    auto entry = dl.get<void*(QIPC&)>("entry");
+    enable_limits();
+    entry(ipc);
+    exit(EXIT_SUCCESS);
+}
diff --git a/example/CMakeLists.txt b/example/CMakeLists.txt
new file mode 100644
index 0000000..e997f29
--- /dev/null
+++ b/example/CMakeLists.txt
@@ -0,0 +1,12 @@
+cmake_minimum_required(VERSION 3.5)
+
+project(hss_examples LANGUAGES CXX)
+
+set(CMAKE_CXX_STANDARD 17)
+set(CMAKE_CXX_STANDARD_REQUIRED ON)
+
+add_executable(HSSTestMain main.cpp)
+target_include_directories(HSSTestMain PRIVATE qipc/include ..)
+
+add_library(HSSTestChild SHARED child.cpp)
+target_include_directories(HSSTestChild PRIVATE qipc/include ..)
diff --git a/example/child.cpp b/example/child.cpp
new file mode 100644
index 0000000..89bafa1
--- /dev/null
+++ b/example/child.cpp
@@ -0,0 +1,14 @@
+#include <string>
+#include <sys/mman.h>
+#include <QIPC/ipc.hpp>
+
+
+extern "C"
+void entry(QIPC& ipc) {
+    open("lol", 0);
+    ipc.send("Lol");
+    std::string test = "Dynamic ";
+    test += "memory";
+    ipc.send(test.c_str());
+    ipc.send_raw(size_t(1234567890));
+}
diff --git a/example/main.cpp b/example/main.cpp
new file mode 100644
index 0000000..687e632
--- /dev/null
+++ b/example/main.cpp
@@ -0,0 +1,17 @@
+#include <iostream>
+#include <string>
+#include <unistd.h>
+#include <QIPC/ipc.hpp>
+#include <hss.hpp>
+
+
+int main() {
+    QIPC ipc;
+    ipc.create();
+
+    HSS::run(ipc, "./libHSSTestChild.so");
+
+    std::cout << ipc.recv() << std::endl;
+    std::cout << ipc.recv() << std::endl;
+    std::cout << ipc.recv_raw<size_t>() << std::endl;
+}
diff --git a/hss.hpp b/hss.hpp
new file mode 100644
index 0000000..f6cc253
--- /dev/null
+++ b/hss.hpp
@@ -0,0 +1,18 @@
+#include <string>
+#include <unistd.h>
+#include <QIPC/ipc.hpp>
+
+
+
+namespace HSS {
+inline void run(QIPC& ipc, const std::string& file) {
+    if (fork() == 0) {
+        execlp("HSSChildLauncher", "child",
+               std::to_string(ipc.get_fds().get_in()).c_str(),
+               std::to_string(ipc.get_fds().get_out()).c_str(),
+               file.c_str(),
+               nullptr);
+        throw std::runtime_error("Failed to run HSSChildLauncher");
+    }
+}
+}