pcap_io: introduce init_once helper that is called with priviledges

When using netsniff-ng with dropping priviledges, we have to introduce
another pcap helper function that is called once before we drop the
priviledges. In this function we have to invoke the disc I/O scheduler
policy, because it needs priviledges. Otherwise netsniff-ng will fail
with "Failed to set io prio for pid" on startup, since we're not root
anymore.

Reported-by: Doug Burks <doug.burks@gmail.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>

1 files changed, 9 insertions, 0 deletions

diff --git a/netsniff-ng.c b/netsniff-ng.c
index eaf2416..25f59ac 100644
--- a/netsniff-ng.c
+++ b/netsniff-ng.c
@@ -187,6 +187,9 @@ static void pcap_to_xmit(struct ctx *ctx)
 		fd = open_or_die(ctx->device_in, O_RDONLY | O_LARGEFILE | O_NOATIME);
 	}
 
+	if (__pcap_io->init_once_pcap)
+		__pcap_io->init_once_pcap();
+
 	ret = __pcap_io->pull_fhdr_pcap(fd, &ctx->magic, &ctx->link_type);
 	if (ret)
 		panic("Error reading pcap header!\n");
@@ -545,6 +548,9 @@ static void read_pcap(struct ctx *ctx)
 		fd = open_or_die(ctx->device_in, O_RDONLY | O_LARGEFILE | O_NOATIME);
 	}
 
+	if (__pcap_io->init_once_pcap)
+		__pcap_io->init_once_pcap();
+
 	ret = __pcap_io->pull_fhdr_pcap(fd, &ctx->magic, &ctx->link_type);
 	if (ret)
 		panic("Error reading pcap header!\n");
@@ -866,6 +872,9 @@ static void recv_only_or_dump(struct ctx *ctx)
 	if (ctx->promiscuous)
 		ifflags = enter_promiscuous_mode(ctx->device_in);
 
+	if (dump_to_pcap(ctx) && __pcap_io->init_once_pcap)
+		__pcap_io->init_once_pcap();
+
 	drop_privileges(ctx->enforce, ctx->uid, ctx->gid);
 
 	if (dump_to_pcap(ctx)) {