projects / lttng-tools.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix: relayd: compare viewer chunks by ID rather than address
[lttng-tools.git] / src / common / runas.c
1 /*
2 * Copyright (C) 2011 David Goulet <david.goulet@polymtl.ca>
3 * Copyright (C) 2011 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
4 * Copyright (C) 2019 Jérémie Galarneau <jeremie.galarneau@efficios.com>
5 *
6 * SPDX-License-Identifier: GPL-2.0-only
7 *
8 */
9
10 #define _LGPL_SOURCE
11 #include <assert.h>
12 #include <fcntl.h>
13 #include <grp.h>
14 #include <limits.h>
15 #include <pwd.h>
16 #include <sched.h>
17 #include <signal.h>
18 #include <stdio.h>
19 #include <stdlib.h>
20 #include <string.h>
21 #include <sys/stat.h>
22 #include <sys/types.h>
23 #include <sys/wait.h>
24 #include <unistd.h>
25
26 #include <common/lttng-kernel.h>
27 #include <common/common.h>
28 #include <common/utils.h>
29 #include <common/compat/getenv.h>
30 #include <common/compat/prctl.h>
31 #include <common/unix.h>
32 #include <common/defaults.h>
33 #include <common/lttng-elf.h>
34
35 #include <lttng/constant.h>
36
37 #include "runas.h"
38
39 #define GETPW_BUFFER_FALLBACK_SIZE 4096
40
41 struct run_as_data;
42 struct run_as_ret;
43 typedef int (*run_as_fct)(struct run_as_data *data, struct run_as_ret *ret_value);
44
45 enum run_as_cmd {
46 RUN_AS_MKDIR,
47 RUN_AS_MKDIRAT,
48 RUN_AS_MKDIR_RECURSIVE,
49 RUN_AS_MKDIRAT_RECURSIVE,
50 RUN_AS_OPEN,
51 RUN_AS_OPENAT,
52 RUN_AS_UNLINK,
53 RUN_AS_UNLINKAT,
54 RUN_AS_RMDIR,
55 RUN_AS_RMDIRAT,
56 RUN_AS_RMDIR_RECURSIVE,
57 RUN_AS_RMDIRAT_RECURSIVE,
58 RUN_AS_RENAME,
59 RUN_AS_RENAMEAT,
60 RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET,
61 RUN_AS_EXTRACT_SDT_PROBE_OFFSETS,
62 };
63
64 struct run_as_mkdir_data {
65 int dirfd;
66 char path[LTTNG_PATH_MAX];
67 mode_t mode;
68 } LTTNG_PACKED;
69
70 struct run_as_open_data {
71 int dirfd;
72 char path[LTTNG_PATH_MAX];
73 int flags;
74 mode_t mode;
75 } LTTNG_PACKED;
76
77 struct run_as_unlink_data {
78 int dirfd;
79 char path[LTTNG_PATH_MAX];
80 } LTTNG_PACKED;
81
82 struct run_as_rmdir_data {
83 int dirfd;
84 char path[LTTNG_PATH_MAX];
85 int flags; /* enum lttng_directory_handle_rmdir_recursive_flags */
86 } LTTNG_PACKED;
87
88 struct run_as_extract_elf_symbol_offset_data {
89 int fd;
90 char function[LTTNG_SYMBOL_NAME_LEN];
91 } LTTNG_PACKED;
92
93 struct run_as_extract_sdt_probe_offsets_data {
94 int fd;
95 char probe_name[LTTNG_SYMBOL_NAME_LEN];
96 char provider_name[LTTNG_SYMBOL_NAME_LEN];
97 } LTTNG_PACKED;
98
99 struct run_as_rename_data {
100 /*
101 * [0] = old_dirfd
102 * [1] = new_dirfd
103 */
104 int dirfds[2];
105 char old_path[LTTNG_PATH_MAX];
106 char new_path[LTTNG_PATH_MAX];
107 } LTTNG_PACKED;
108
109 struct run_as_open_ret {
110 int fd;
111 } LTTNG_PACKED;
112
113 struct run_as_extract_elf_symbol_offset_ret {
114 uint64_t offset;
115 } LTTNG_PACKED;
116
117 struct run_as_extract_sdt_probe_offsets_ret {
118 uint32_t num_offset;
119 uint64_t offsets[LTTNG_KERNEL_MAX_UPROBE_NUM];
120 } LTTNG_PACKED;
121
122 struct run_as_data {
123 enum run_as_cmd cmd;
124 union {
125 struct run_as_mkdir_data mkdir;
126 struct run_as_open_data open;
127 struct run_as_unlink_data unlink;
128 struct run_as_rmdir_data rmdir;
129 struct run_as_rename_data rename;
130 struct run_as_extract_elf_symbol_offset_data extract_elf_symbol_offset;
131 struct run_as_extract_sdt_probe_offsets_data extract_sdt_probe_offsets;
132 } u;
133 uid_t uid;
134 gid_t gid;
135 } LTTNG_PACKED;
136
137 /*
138 * The run_as_ret structure holds the returned value and status of the command.
139 *
140 * The `u` union field holds the return value of the command; in most cases it
141 * represents the success or the failure of the command. In more complex
142 * commands, it holds a computed value.
143 *
144 * The _errno field is the errno recorded after the execution of the command.
145 *
146 * The _error fields is used the signify that return status of the command. For
147 * simple commands returning `int` the _error field will be the same as the
148 * ret_int field. In complex commands, it signify the success or failure of the
149 * command.
150 *
151 */
152 struct run_as_ret {
153 union {
154 int ret;
155 struct run_as_open_ret open;
156 struct run_as_extract_elf_symbol_offset_ret extract_elf_symbol_offset;
157 struct run_as_extract_sdt_probe_offsets_ret extract_sdt_probe_offsets;
158 } u;
159 int _errno;
160 bool _error;
161 } LTTNG_PACKED;
162
163 #define COMMAND_IN_FDS(data_ptr) ({ \
164 int *fds = NULL; \
165 if (command_properties[data_ptr->cmd].in_fds_offset != -1) { \
166 fds = (int *) ((char *) data_ptr + command_properties[data_ptr->cmd].in_fds_offset); \
167 } \
168 fds; \
169 })
170
171 #define COMMAND_OUT_FDS(cmd, ret_ptr) ({ \
172 int *fds = NULL; \
173 if (command_properties[cmd].out_fds_offset != -1) { \
174 fds = (int *) ((char *) ret_ptr + command_properties[cmd].out_fds_offset); \
175 } \
176 fds; \
177 })
178
179 #define COMMAND_IN_FD_COUNT(data_ptr) ({ \
180 command_properties[data_ptr->cmd].in_fd_count; \
181 })
182
183 #define COMMAND_OUT_FD_COUNT(cmd) ({ \
184 command_properties[cmd].out_fd_count; \
185 })
186
187 #define COMMAND_USE_CWD_FD(data_ptr) command_properties[data_ptr->cmd].use_cwd_fd
188
189 struct run_as_command_properties {
190 /* Set to -1 when not applicable. */
191 ptrdiff_t in_fds_offset, out_fds_offset;
192 unsigned int in_fd_count, out_fd_count;
193 bool use_cwd_fd;
194 };
195
196 static const struct run_as_command_properties command_properties[] = {
197 [RUN_AS_MKDIR] = {
198 .in_fds_offset = offsetof(struct run_as_data, u.mkdir.dirfd),
199 .in_fd_count = 1,
200 .out_fds_offset = -1,
201 .out_fd_count = 0,
202 .use_cwd_fd = true,
203 },
204 [RUN_AS_MKDIRAT] = {
205 .in_fds_offset = offsetof(struct run_as_data, u.mkdir.dirfd),
206 .in_fd_count = 1,
207 .out_fds_offset = -1,
208 .out_fd_count = 0,
209 .use_cwd_fd = false,
210 },
211 [RUN_AS_MKDIR_RECURSIVE] = {
212 .in_fds_offset = offsetof(struct run_as_data, u.mkdir.dirfd),
213 .in_fd_count = 1,
214 .out_fds_offset = -1,
215 .out_fd_count = 0,
216 .use_cwd_fd = true,
217 },
218 [RUN_AS_MKDIRAT_RECURSIVE] = {
219 .in_fds_offset = offsetof(struct run_as_data, u.mkdir.dirfd),
220 .in_fd_count = 1,
221 .out_fds_offset = -1,
222 .out_fd_count = 0,
223 .use_cwd_fd = false,
224 },
225 [RUN_AS_OPEN] = {
226 .in_fds_offset = offsetof(struct run_as_data, u.open.dirfd),
227 .in_fd_count = 1,
228 .out_fds_offset = offsetof(struct run_as_ret, u.open.fd),
229 .out_fd_count = 1,
230 .use_cwd_fd = true,
231 },
232 [RUN_AS_OPENAT] = {
233 .in_fds_offset = offsetof(struct run_as_data, u.open.dirfd),
234 .in_fd_count = 1,
235 .out_fds_offset = offsetof(struct run_as_ret, u.open.fd),
236 .out_fd_count = 1,
237 .use_cwd_fd = false,
238 },
239 [RUN_AS_UNLINK] = {
240 .in_fds_offset = offsetof(struct run_as_data, u.unlink.dirfd),
241 .in_fd_count = 1,
242 .out_fds_offset = -1,
243 .out_fd_count = 0,
244 .use_cwd_fd = true,
245 },
246 [RUN_AS_UNLINKAT] = {
247 .in_fds_offset = offsetof(struct run_as_data, u.unlink.dirfd),
248 .in_fd_count = 1,
249 .out_fds_offset = -1,
250 .out_fd_count = 0,
251 .use_cwd_fd = false,
252 },
253 [RUN_AS_RMDIR_RECURSIVE] = {
254 .in_fds_offset = offsetof(struct run_as_data, u.rmdir.dirfd),
255 .in_fd_count = 1,
256 .out_fds_offset = -1,
257 .out_fd_count = 0,
258 .use_cwd_fd = true,
259 },
260 [RUN_AS_RMDIRAT_RECURSIVE] = {
261 .in_fds_offset = offsetof(struct run_as_data, u.rmdir.dirfd),
262 .in_fd_count = 1,
263 .out_fds_offset = -1,
264 .out_fd_count = 0,
265 .use_cwd_fd = false,
266 },
267 [RUN_AS_RMDIR] = {
268 .in_fds_offset = offsetof(struct run_as_data, u.rmdir.dirfd),
269 .in_fd_count = 1,
270 .out_fds_offset = -1,
271 .out_fd_count = 0,
272 .use_cwd_fd = true,
273 },
274 [RUN_AS_RMDIRAT] = {
275 .in_fds_offset = offsetof(struct run_as_data, u.rmdir.dirfd),
276 .in_fd_count = 1,
277 .out_fds_offset = -1,
278 .out_fd_count = 0,
279 .use_cwd_fd = false,
280 },
281 [RUN_AS_RENAME] = {
282 .in_fds_offset = offsetof(struct run_as_data, u.rename.dirfds),
283 .in_fd_count = 2,
284 .out_fds_offset = -1,
285 .out_fd_count = 0,
286 .use_cwd_fd = true,
287 },
288 [RUN_AS_RENAMEAT] = {
289 .in_fds_offset = offsetof(struct run_as_data, u.rename.dirfds),
290 .in_fd_count = 2,
291 .out_fds_offset = -1,
292 .out_fd_count = 0,
293 .use_cwd_fd = false,
294 },
295 [RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET] = {
296 .in_fds_offset = offsetof(struct run_as_data,
297 u.extract_elf_symbol_offset.fd),
298 .in_fd_count = 1,
299 .out_fds_offset = -1,
300 .out_fd_count = 0,
301 .use_cwd_fd = false,
302 },
303 [RUN_AS_EXTRACT_SDT_PROBE_OFFSETS] = {
304 .in_fds_offset = offsetof(struct run_as_data,
305 u.extract_sdt_probe_offsets.fd),
306 .in_fd_count = 1,
307 .out_fds_offset = -1,
308 .out_fd_count = 0,
309 .use_cwd_fd = false,
310 },
311 };
312
313 struct run_as_worker {
314 pid_t pid; /* Worker PID. */
315 int sockpair[2];
316 char *procname;
317 };
318
319 /* Single global worker per process (for now). */
320 static struct run_as_worker *global_worker;
321 /* Lock protecting the worker. */
322 static pthread_mutex_t worker_lock = PTHREAD_MUTEX_INITIALIZER;
323
324 #ifdef VALGRIND
325 static
326 int use_clone(void)
327 {
328 return 0;
329 }
330 #else
331 static
332 int use_clone(void)
333 {
334 return !lttng_secure_getenv("LTTNG_DEBUG_NOCLONE");
335 }
336 #endif
337
338 /*
339 * Create recursively directory using the FULL path.
340 */
341 static
342 int _mkdirat_recursive(struct run_as_data *data, struct run_as_ret *ret_value)
343 {
344 const char *path;
345 mode_t mode;
346 struct lttng_directory_handle *handle;
347
348 path = data->u.mkdir.path;
349 mode = data->u.mkdir.mode;
350
351 handle = lttng_directory_handle_create_from_dirfd(data->u.mkdir.dirfd);
352 if (!handle) {
353 ret_value->_errno = errno;
354 ret_value->_error = true;
355 ret_value->u.ret = -1;
356 goto end;
357 }
358 /* Ownership of dirfd is transferred to the handle. */
359 data->u.mkdir.dirfd = -1;
360 /* Safe to call as we have transitioned to the requested uid/gid. */
361 ret_value->u.ret = lttng_directory_handle_create_subdirectory_recursive(
362 handle, path, mode);
363 ret_value->_errno = errno;
364 ret_value->_error = (ret_value->u.ret) ? true : false;
365 lttng_directory_handle_put(handle);
366 end:
367 return ret_value->u.ret;
368 }
369
370 static
371 int _mkdirat(struct run_as_data *data, struct run_as_ret *ret_value)
372 {
373 const char *path;
374 mode_t mode;
375 struct lttng_directory_handle *handle;
376
377 path = data->u.mkdir.path;
378 mode = data->u.mkdir.mode;
379
380 handle = lttng_directory_handle_create_from_dirfd(data->u.mkdir.dirfd);
381 if (!handle) {
382 ret_value->u.ret = -1;
383 ret_value->_errno = errno;
384 ret_value->_error = true;
385 goto end;
386 }
387 /* Ownership of dirfd is transferred to the handle. */
388 data->u.mkdir.dirfd = -1;
389 /* Safe to call as we have transitioned to the requested uid/gid. */
390 ret_value->u.ret = lttng_directory_handle_create_subdirectory(
391 handle, path, mode);
392 ret_value->_errno = errno;
393 ret_value->_error = (ret_value->u.ret) ? true : false;
394 lttng_directory_handle_put(handle);
395 end:
396 return ret_value->u.ret;
397 }
398
399 static
400 int _open(struct run_as_data *data, struct run_as_ret *ret_value)
401 {
402 int fd;
403 struct lttng_directory_handle *handle;
404
405 handle = lttng_directory_handle_create_from_dirfd(data->u.open.dirfd);
406 if (!handle) {
407 ret_value->_errno = errno;
408 ret_value->_error = true;
409 ret_value->u.ret = -1;
410 goto end;
411 }
412 /* Ownership of dirfd is transferred to the handle. */
413 data->u.open.dirfd = -1;
414
415 fd = lttng_directory_handle_open_file(handle,
416 data->u.open.path, data->u.open.flags,
417 data->u.open.mode);
418 if (fd < 0) {
419 ret_value->u.ret = -1;
420 ret_value->u.open.fd = -1;
421 } else {
422 ret_value->u.ret = 0;
423 ret_value->u.open.fd = fd;
424 }
425
426 ret_value->_errno = errno;
427 ret_value->_error = fd < 0;
428 lttng_directory_handle_put(handle);
429 end:
430 return ret_value->u.ret;
431 }
432
433 static
434 int _unlink(struct run_as_data *data, struct run_as_ret *ret_value)
435 {
436 struct lttng_directory_handle *handle;
437
438 handle = lttng_directory_handle_create_from_dirfd(data->u.unlink.dirfd);
439 if (!handle) {
440 ret_value->u.ret = -1;
441 ret_value->_errno = errno;
442 ret_value->_error = true;
443 goto end;
444 }
445
446 /* Ownership of dirfd is transferred to the handle. */
447 data->u.unlink.dirfd = -1;
448
449 ret_value->u.ret = lttng_directory_handle_unlink_file(handle,
450 data->u.unlink.path);
451 ret_value->_errno = errno;
452 ret_value->_error = (ret_value->u.ret) ? true : false;
453 lttng_directory_handle_put(handle);
454 end:
455 return ret_value->u.ret;
456 }
457
458 static
459 int _rmdir(struct run_as_data *data, struct run_as_ret *ret_value)
460 {
461 struct lttng_directory_handle *handle;
462
463 handle = lttng_directory_handle_create_from_dirfd(data->u.rmdir.dirfd);
464 if (!handle) {
465 ret_value->u.ret = -1;
466 ret_value->_errno = errno;
467 ret_value->_error = true;
468 goto end;
469 }
470
471 /* Ownership of dirfd is transferred to the handle. */
472 data->u.rmdir.dirfd = -1;
473
474 ret_value->u.ret = lttng_directory_handle_remove_subdirectory(
475 handle, data->u.rmdir.path);
476 ret_value->_errno = errno;
477 ret_value->_error = (ret_value->u.ret) ? true : false;
478 lttng_directory_handle_put(handle);
479 end:
480 return ret_value->u.ret;
481 }
482
483 static
484 int _rmdir_recursive(struct run_as_data *data, struct run_as_ret *ret_value)
485 {
486 struct lttng_directory_handle *handle;
487
488 handle = lttng_directory_handle_create_from_dirfd(data->u.rmdir.dirfd);
489 if (!handle) {
490 ret_value->u.ret = -1;
491 ret_value->_errno = errno;
492 ret_value->_error = true;
493 goto end;
494 }
495
496 /* Ownership of dirfd is transferred to the handle. */
497 data->u.rmdir.dirfd = -1;
498
499 ret_value->u.ret = lttng_directory_handle_remove_subdirectory_recursive(
500 handle, data->u.rmdir.path, data->u.rmdir.flags);
501 ret_value->_errno = errno;
502 ret_value->_error = (ret_value->u.ret) ? true : false;
503 lttng_directory_handle_put(handle);
504 end:
505 return ret_value->u.ret;
506 }
507
508 static
509 int _rename(struct run_as_data *data, struct run_as_ret *ret_value)
510 {
511 const char *old_path, *new_path;
512 struct lttng_directory_handle *old_handle = NULL, *new_handle = NULL;
513
514 old_path = data->u.rename.old_path;
515 new_path = data->u.rename.new_path;
516
517 old_handle = lttng_directory_handle_create_from_dirfd(
518 data->u.rename.dirfds[0]);
519 if (!old_handle) {
520 ret_value->u.ret = -1;
521 goto end;
522 }
523 new_handle = lttng_directory_handle_create_from_dirfd(
524 data->u.rename.dirfds[1]);
525 if (!new_handle) {
526 ret_value->u.ret = -1;
527 goto end;
528 }
529
530 /* Ownership of dirfds are transferred to the handles. */
531 data->u.rename.dirfds[0] = data->u.rename.dirfds[1] = -1;
532
533 /* Safe to call as we have transitioned to the requested uid/gid. */
534 ret_value->u.ret = lttng_directory_handle_rename(
535 old_handle, old_path, new_handle, new_path);
536 end:
537 lttng_directory_handle_put(old_handle);
538 lttng_directory_handle_put(new_handle);
539 ret_value->_errno = errno;
540 ret_value->_error = (ret_value->u.ret) ? true : false;
541 return ret_value->u.ret;
542 }
543
544 #ifdef HAVE_ELF_H
545 static
546 int _extract_elf_symbol_offset(struct run_as_data *data,
547 struct run_as_ret *ret_value)
548 {
549 int ret = 0;
550 uint64_t offset;
551
552 ret_value->_error = false;
553 ret = lttng_elf_get_symbol_offset(data->u.extract_elf_symbol_offset.fd,
554 data->u.extract_elf_symbol_offset.function,
555 &offset);
556 if (ret) {
557 DBG("Failed to extract ELF function offset");
558 ret_value->_error = true;
559 }
560 ret_value->u.extract_elf_symbol_offset.offset = offset;
561
562 return ret;
563 }
564
565 static
566 int _extract_sdt_probe_offsets(struct run_as_data *data,
567 struct run_as_ret *ret_value)
568 {
569 int ret = 0;
570 uint64_t *offsets = NULL;
571 uint32_t num_offset;
572
573 ret_value->_error = false;
574
575 /* On success, this call allocates the offsets paramater. */
576 ret = lttng_elf_get_sdt_probe_offsets(
577 data->u.extract_sdt_probe_offsets.fd,
578 data->u.extract_sdt_probe_offsets.provider_name,
579 data->u.extract_sdt_probe_offsets.probe_name,
580 &offsets, &num_offset);
581
582 if (ret) {
583 DBG("Failed to extract SDT probe offsets");
584 ret_value->_error = true;
585 goto end;
586 }
587
588 if (num_offset <= 0 || num_offset > LTTNG_KERNEL_MAX_UPROBE_NUM) {
589 DBG("Wrong number of probes.");
590 ret = -1;
591 ret_value->_error = true;
592 goto free_offset;
593 }
594
595 /* Copy the content of the offsets array to the ret struct. */
596 memcpy(ret_value->u.extract_sdt_probe_offsets.offsets,
597 offsets, num_offset * sizeof(uint64_t));
598
599 ret_value->u.extract_sdt_probe_offsets.num_offset = num_offset;
600
601 free_offset:
602 free(offsets);
603 end:
604 return ret;
605 }
606 #else
607 static
608 int _extract_elf_symbol_offset(struct run_as_data *data,
609 struct run_as_ret *ret_value)
610 {
611 ERR("Unimplemented runas command RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET");
612 return -1;
613 }
614
615 static
616 int _extract_sdt_probe_offsets(struct run_as_data *data,
617 struct run_as_ret *ret_value)
618 {
619 ERR("Unimplemented runas command RUN_AS_EXTRACT_SDT_PROBE_OFFSETS");
620 return -1;
621 }
622 #endif
623
624 static
625 run_as_fct run_as_enum_to_fct(enum run_as_cmd cmd)
626 {
627 switch (cmd) {
628 case RUN_AS_MKDIR:
629 case RUN_AS_MKDIRAT:
630 return _mkdirat;
631 case RUN_AS_MKDIR_RECURSIVE:
632 case RUN_AS_MKDIRAT_RECURSIVE:
633 return _mkdirat_recursive;
634 case RUN_AS_OPEN:
635 case RUN_AS_OPENAT:
636 return _open;
637 case RUN_AS_UNLINK:
638 case RUN_AS_UNLINKAT:
639 return _unlink;
640 case RUN_AS_RMDIR:
641 case RUN_AS_RMDIRAT:
642 return _rmdir;
643 case RUN_AS_RMDIR_RECURSIVE:
644 case RUN_AS_RMDIRAT_RECURSIVE:
645 return _rmdir_recursive;
646 case RUN_AS_RENAME:
647 case RUN_AS_RENAMEAT:
648 return _rename;
649 case RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET:
650 return _extract_elf_symbol_offset;
651 case RUN_AS_EXTRACT_SDT_PROBE_OFFSETS:
652 return _extract_sdt_probe_offsets;
653 default:
654 ERR("Unknown command %d", (int) cmd);
655 return NULL;
656 }
657 }
658
659 static
660 int do_send_fds(int sock, const int *fds, unsigned int fd_count)
661 {
662 ssize_t len;
663 unsigned int i;
664
665 for (i = 0; i < fd_count; i++) {
666 if (fds[i] < 0) {
667 ERR("Attempt to send invalid file descriptor to master (fd = %i)",
668 fds[i]);
669 /* Return 0 as this is not a fatal error. */
670 return 0;
671 }
672 }
673
674 len = lttcomm_send_fds_unix_sock(sock, fds, fd_count);
675 return len < 0 ? -1 : 0;
676 }
677
678 static
679 int do_recv_fds(int sock, int *fds, unsigned int fd_count)
680 {
681 int ret = 0;
682 unsigned int i;
683 ssize_t len;
684
685 len = lttcomm_recv_fds_unix_sock(sock, fds, fd_count);
686 if (len == 0) {
687 ret = -1;
688 goto end;
689 } else if (len < 0) {
690 PERROR("Failed to receive file descriptors from socket");
691 ret = -1;
692 goto end;
693 }
694
695 for (i = 0; i < fd_count; i++) {
696 if (fds[i] < 0) {
697 ERR("Invalid file descriptor received from worker (fd = %i)", fds[i]);
698 /* Return 0 as this is not a fatal error. */
699 }
700 }
701 end:
702 return ret;
703 }
704
705 static
706 int send_fds_to_worker(const struct run_as_worker *worker,
707 const struct run_as_data *data)
708 {
709 int ret = 0;
710 unsigned int i;
711
712 if (COMMAND_USE_CWD_FD(data) || COMMAND_IN_FD_COUNT(data) == 0) {
713 goto end;
714 }
715
716 for (i = 0; i < COMMAND_IN_FD_COUNT(data); i++) {
717 if (COMMAND_IN_FDS(data)[i] < 0) {
718 ERR("Refusing to send invalid fd to worker (fd = %i)",
719 COMMAND_IN_FDS(data)[i]);
720 ret = -1;
721 goto end;
722 }
723 }
724
725 ret = do_send_fds(worker->sockpair[0], COMMAND_IN_FDS(data),
726 COMMAND_IN_FD_COUNT(data));
727 if (ret < 0) {
728 PERROR("Failed to send file descriptor to run-as worker");
729 ret = -1;
730 goto end;
731 }
732 end:
733 return ret;
734 }
735
736 static
737 int send_fds_to_master(struct run_as_worker *worker, enum run_as_cmd cmd,
738 struct run_as_ret *run_as_ret)
739 {
740 int ret = 0;
741 unsigned int i;
742
743 if (COMMAND_OUT_FD_COUNT(cmd) == 0) {
744 goto end;
745 }
746
747 ret = do_send_fds(worker->sockpair[1], COMMAND_OUT_FDS(cmd, run_as_ret),
748 COMMAND_OUT_FD_COUNT(cmd));
749 if (ret < 0) {
750 PERROR("Failed to send file descriptor to master process");
751 goto end;
752 }
753
754 for (i = 0; i < COMMAND_OUT_FD_COUNT(cmd); i++) {
755 int ret_close = close(COMMAND_OUT_FDS(cmd, run_as_ret)[i]);
756
757 if (ret_close < 0) {
758 PERROR("Failed to close result file descriptor");
759 }
760 }
761 end:
762 return ret;
763 }
764
765 static
766 int recv_fds_from_worker(const struct run_as_worker *worker, enum run_as_cmd cmd,
767 struct run_as_ret *run_as_ret)
768 {
769 int ret = 0;
770
771 if (COMMAND_OUT_FD_COUNT(cmd) == 0) {
772 goto end;
773 }
774
775 ret = do_recv_fds(worker->sockpair[0], COMMAND_OUT_FDS(cmd, run_as_ret),
776 COMMAND_OUT_FD_COUNT(cmd));
777 if (ret < 0) {
778 PERROR("Failed to receive file descriptor from run-as worker");
779 ret = -1;
780 }
781 end:
782 return ret;
783 }
784
785 static
786 int recv_fds_from_master(struct run_as_worker *worker, struct run_as_data *data)
787 {
788 int ret = 0;
789
790 if (COMMAND_USE_CWD_FD(data)) {
791 unsigned int i;
792
793 for (i = 0; i < COMMAND_IN_FD_COUNT(data); i++) {
794 COMMAND_IN_FDS(data)[i] = AT_FDCWD;
795 }
796 goto end;
797 }
798
799 ret = do_recv_fds(worker->sockpair[1], COMMAND_IN_FDS(data),
800 COMMAND_IN_FD_COUNT(data));
801 if (ret < 0) {
802 PERROR("Failed to receive file descriptors from master process");
803 ret = -1;
804 }
805 end:
806 return ret;
807 }
808
809 static
810 int cleanup_received_fds(struct run_as_data *data)
811 {
812 int ret = 0, i;
813
814 for (i = 0; i < COMMAND_IN_FD_COUNT(data); i++) {
815 if (COMMAND_IN_FDS(data)[i] == -1) {
816 continue;
817 }
818 ret = close(COMMAND_IN_FDS(data)[i]);
819 if (ret) {
820 PERROR("Failed to close file descriptor received fd in run-as worker");
821 goto end;
822 }
823 }
824 end:
825 return ret;
826 }
827
828 static int get_user_infos_from_uid(
829 uid_t uid, char **username, gid_t *primary_gid)
830 {
831 int ret;
832 char *buf = NULL;
833 long raw_get_pw_buf_size;
834 size_t get_pw_buf_size;
835 struct passwd pwd;
836 struct passwd *result = NULL;
837
838 /* Fetch the max size for the temporary buffer. */
839 errno = 0;
840 raw_get_pw_buf_size = sysconf(_SC_GETPW_R_SIZE_MAX);
841 if (raw_get_pw_buf_size < 0) {
842 if (errno != 0) {
843 PERROR("Failed to query _SC_GETPW_R_SIZE_MAX");
844 goto error;
845 }
846
847 /* Limit is indeterminate. */
848 WARN("Failed to query _SC_GETPW_R_SIZE_MAX as it is "
849 "indeterminate; falling back to default buffer size");
850 raw_get_pw_buf_size = GETPW_BUFFER_FALLBACK_SIZE;
851 }
852
853 get_pw_buf_size = (size_t) raw_get_pw_buf_size;
854
855 buf = zmalloc(get_pw_buf_size);
856 if (buf == NULL) {
857 PERROR("Failed to allocate buffer to get password file entries");
858 goto error;
859 }
860
861 ret = getpwuid_r(uid, &pwd, buf, get_pw_buf_size, &result);
862 if (ret < 0) {
863 PERROR("Failed to get user information for user: uid = %d",
864 (int) uid);
865 goto error;
866 }
867
868 if (result == NULL) {
869 ERR("Failed to find user information in password entries: uid = %d",
870 (int) uid);
871 ret = -1;
872 goto error;
873 }
874
875 *username = strdup(result->pw_name);
876 if (*username == NULL) {
877 PERROR("Failed to copy user name");
878 goto error;
879 }
880
881 *primary_gid = result->pw_gid;
882
883 end:
884 free(buf);
885 return ret;
886 error:
887 *username = NULL;
888 *primary_gid = -1;
889 ret = -1;
890 goto end;
891 }
892
893 static int demote_creds(
894 uid_t prev_uid, gid_t prev_gid, uid_t new_uid, gid_t new_gid)
895 {
896 int ret = 0;
897 gid_t primary_gid;
898 char *username = NULL;
899
900 /* Change the group id. */
901 if (prev_gid != new_gid) {
902 ret = setegid(new_gid);
903 if (ret < 0) {
904 PERROR("Failed to set effective group id: new_gid = %d",
905 (int) new_gid);
906 goto end;
907 }
908 }
909
910 /* Change the user id. */
911 if (prev_uid != new_uid) {
912 ret = get_user_infos_from_uid(new_uid, &username, &primary_gid);
913 if (ret < 0) {
914 goto end;
915 }
916
917 /*
918 * Initialize the supplementary group access list.
919 *
920 * This is needed to handle cases where the supplementary groups
921 * of the user the process is demoting-to would give it access
922 * to a given file/folder, but not it's primary group.
923 *
924 * e.g
925 * username: User1
926 * Primary Group: User1
927 * Secondary group: Disk, Network
928 *
929 * mkdir inside the following directory must work since User1
930 * is part of the Network group.
931 *
932 * drwxrwx--- 2 root Network 4096 Jul 23 17:17 /tmp/my_folder/
933 *
934 *
935 * The order of the following initgroups and seteuid calls is
936 * important here;
937 * Only a root process or one with CAP_SETGID capability can
938 * call the the initgroups() function. We must initialize the
939 * supplementary groups before we change the effective
940 * UID to a less-privileged user.
941 */
942 ret = initgroups(username, primary_gid);
943 if (ret < 0) {
944 PERROR("Failed to init the supplementary group access list: "
945 "username = `%s`, primary gid = %d", username,
946 (int) primary_gid);
947 goto end;
948 }
949
950 ret = seteuid(new_uid);
951 if (ret < 0) {
952 PERROR("Failed to set effective user id: new_uid = %d",
953 (int) new_uid);
954 goto end;
955 }
956 }
957 end:
958 free(username);
959 return ret;
960 }
961
962 static int promote_creds(
963 uid_t prev_uid, gid_t prev_gid, uid_t new_uid, gid_t new_gid)
964 {
965 int ret = 0;
966 gid_t primary_gid;
967 char *username = NULL;
968
969 /* Change the group id. */
970 if (prev_gid != new_gid) {
971 ret = setegid(new_gid);
972 if (ret < 0) {
973 PERROR("Failed to set effective group id: new_gid = %d",
974 (int) new_gid);
975 goto end;
976 }
977 }
978
979 /* Change the user id. */
980 if (prev_uid != new_uid) {
981 ret = get_user_infos_from_uid(new_uid, &username, &primary_gid);
982 if (ret < 0) {
983 goto end;
984 }
985
986 /*
987 * seteuid call must be done before the initgroups call because
988 * we need to be privileged (CAP_SETGID) to call initgroups().
989 */
990 ret = seteuid(new_uid);
991 if (ret < 0) {
992 PERROR("Failed to set effective user id: new_uid = %d",
993 (int) new_uid);
994 goto end;
995 }
996
997 /*
998 * Initialize the supplementary group access list.
999 *
1000 * There is a possibility the groups we set in the following
1001 * initgroups() call are not exactly the same as the ones we
1002 * had when we originally demoted. This can happen if the
1003 * /etc/group file is modified after the runas process is
1004 * forked. This is very unlikely.
1005 */
1006 ret = initgroups(username, primary_gid);
1007 if (ret < 0) {
1008 PERROR("Failed to init the supplementary group access "
1009 "list: username = `%s`, primary gid = %d",
1010 username, (int) primary_gid)
1011 goto end;
1012 }
1013 }
1014 end:
1015 free(username);
1016 return ret;
1017 }
1018
1019 /*
1020 * Return < 0 on error, 0 if OK, 1 on hangup.
1021 */
1022 static
1023 int handle_one_cmd(struct run_as_worker *worker)
1024 {
1025 int ret = 0, promote_ret;
1026 struct run_as_data data = {};
1027 ssize_t readlen, writelen;
1028 struct run_as_ret sendret = {};
1029 run_as_fct cmd;
1030 uid_t prev_ruid;
1031 gid_t prev_rgid;
1032
1033 /*
1034 * Stage 1: Receive run_as_data struct from the master.
1035 * The structure contains the command type and all the parameters needed for
1036 * its execution
1037 */
1038 readlen = lttcomm_recv_unix_sock(worker->sockpair[1], &data,
1039 sizeof(data));
1040 if (readlen == 0) {
1041 /* hang up */
1042 ret = 1;
1043 goto end;
1044 }
1045 if (readlen < sizeof(data)) {
1046 PERROR("lttcomm_recv_unix_sock error");
1047 ret = -1;
1048 goto end;
1049 }
1050
1051 cmd = run_as_enum_to_fct(data.cmd);
1052 if (!cmd) {
1053 ret = -1;
1054 goto end;
1055 }
1056
1057 /*
1058 * Stage 2: Receive file descriptor from master.
1059 * Some commands need a file descriptor as input so if it's needed we
1060 * receive the fd using the Unix socket.
1061 */
1062 ret = recv_fds_from_master(worker, &data);
1063 if (ret < 0) {
1064 PERROR("recv_fd_from_master error");
1065 ret = -1;
1066 goto end;
1067 }
1068
1069 prev_ruid = getuid();
1070 prev_rgid = getgid();
1071
1072 ret = demote_creds(prev_ruid, prev_rgid, data.uid, data.gid);
1073 if (ret < 0) {
1074 goto write_return;
1075 }
1076
1077 /*
1078 * Also set umask to 0 for mkdir executable bit.
1079 */
1080 umask(0);
1081
1082 /*
1083 * Stage 3: Execute the command
1084 */
1085 ret = (*cmd)(&data, &sendret);
1086 if (ret < 0) {
1087 DBG("Execution of command returned an error");
1088 }
1089
1090 write_return:
1091 ret = cleanup_received_fds(&data);
1092 if (ret < 0) {
1093 ERR("Error cleaning up FD");
1094 goto promote_back;
1095 }
1096
1097 /*
1098 * Stage 4: Send run_as_ret structure to the master.
1099 * This structure contain the return value of the command and the errno.
1100 */
1101 writelen = lttcomm_send_unix_sock(worker->sockpair[1], &sendret,
1102 sizeof(sendret));
1103 if (writelen < sizeof(sendret)) {
1104 PERROR("lttcomm_send_unix_sock error");
1105 ret = -1;
1106 goto promote_back;
1107 }
1108
1109 /*
1110 * Stage 5: Send resulting file descriptors to the master.
1111 */
1112 ret = send_fds_to_master(worker, data.cmd, &sendret);
1113 if (ret < 0) {
1114 DBG("Sending FD to master returned an error");
1115 }
1116
1117 ret = 0;
1118
1119 promote_back:
1120 /* Return to previous uid/gid. */
1121 promote_ret = promote_creds(data.uid, data.gid, prev_ruid, prev_rgid);
1122 if (promote_ret < 0) {
1123 ERR("Failed to promote back to the initial credentials");
1124 }
1125
1126 end:
1127 return ret;
1128 }
1129
1130 static
1131 int run_as_worker(struct run_as_worker *worker)
1132 {
1133 int ret;
1134 ssize_t writelen;
1135 struct run_as_ret sendret;
1136 size_t proc_orig_len;
1137
1138 /*
1139 * Initialize worker. Set a different process cmdline.
1140 */
1141 proc_orig_len = strlen(worker->procname);
1142 memset(worker->procname, 0, proc_orig_len);
1143 strncpy(worker->procname, DEFAULT_RUN_AS_WORKER_NAME, proc_orig_len);
1144
1145 ret = lttng_prctl(PR_SET_NAME,
1146 (unsigned long) DEFAULT_RUN_AS_WORKER_NAME, 0, 0, 0);
1147 if (ret && ret != -ENOSYS) {
1148 /* Don't fail as this is not essential. */
1149 PERROR("prctl PR_SET_NAME");
1150 }
1151
1152 memset(&sendret, 0, sizeof(sendret));
1153
1154 writelen = lttcomm_send_unix_sock(worker->sockpair[1], &sendret,
1155 sizeof(sendret));
1156 if (writelen < sizeof(sendret)) {
1157 PERROR("lttcomm_send_unix_sock error");
1158 ret = EXIT_FAILURE;
1159 goto end;
1160 }
1161
1162 for (;;) {
1163 ret = handle_one_cmd(worker);
1164 if (ret < 0) {
1165 ret = EXIT_FAILURE;
1166 goto end;
1167 } else if (ret > 0) {
1168 break;
1169 } else {
1170 continue; /* Next command. */
1171 }
1172 }
1173 ret = EXIT_SUCCESS;
1174 end:
1175 return ret;
1176 }
1177
1178 static
1179 int run_as_cmd(struct run_as_worker *worker,
1180 enum run_as_cmd cmd,
1181 struct run_as_data *data,
1182 struct run_as_ret *ret_value,
1183 uid_t uid, gid_t gid)
1184 {
1185 int ret = 0;
1186 ssize_t readlen, writelen;
1187
1188 /*
1189 * If we are non-root, we can only deal with our own uid.
1190 */
1191 if (geteuid() != 0) {
1192 if (uid != geteuid()) {
1193 ret = -1;
1194 ret_value->_errno = EPERM;
1195 ERR("Client (%d)/Server (%d) UID mismatch (and sessiond is not root)",
1196 (int) uid, (int) geteuid());
1197 goto end;
1198 }
1199 }
1200
1201 data->cmd = cmd;
1202 data->uid = uid;
1203 data->gid = gid;
1204
1205 /*
1206 * Stage 1: Send the run_as_data struct to the worker process
1207 */
1208 writelen = lttcomm_send_unix_sock(worker->sockpair[0], data,
1209 sizeof(*data));
1210 if (writelen < sizeof(*data)) {
1211 PERROR("Error writing message to run_as");
1212 ret = -1;
1213 ret_value->_errno = EIO;
1214 goto end;
1215 }
1216
1217 /*
1218 * Stage 2: Send file descriptor to the worker process if needed
1219 */
1220 ret = send_fds_to_worker(worker, data);
1221 if (ret) {
1222 PERROR("do_send_fd error");
1223 ret = -1;
1224 ret_value->_errno = EIO;
1225 goto end;
1226 }
1227
1228 /*
1229 * Stage 3: Wait for the execution of the command
1230 */
1231
1232 /*
1233 * Stage 4: Receive the run_as_ret struct containing the return value and
1234 * errno
1235 */
1236 readlen = lttcomm_recv_unix_sock(worker->sockpair[0], ret_value,
1237 sizeof(*ret_value));
1238 if (!readlen) {
1239 ERR("Run-as worker has hung-up during run_as_cmd");
1240 ret = -1;
1241 ret_value->_errno = EIO;
1242 goto end;
1243 } else if (readlen < sizeof(*ret_value)) {
1244 PERROR("Error reading response from run_as");
1245 ret = -1;
1246 ret_value->_errno = errno;
1247 goto end;
1248 }
1249
1250 if (ret_value->_error) {
1251 /* Skip stage 5 on error as there will be no fd to receive. */
1252 goto end;
1253 }
1254
1255 /*
1256 * Stage 5: Receive file descriptor if needed
1257 */
1258 ret = recv_fds_from_worker(worker, cmd, ret_value);
1259 if (ret < 0) {
1260 ERR("Error receiving fd");
1261 ret = -1;
1262 ret_value->_errno = EIO;
1263 }
1264
1265 end:
1266 return ret;
1267 }
1268
1269 /*
1270 * This is for debugging ONLY and should not be considered secure.
1271 */
1272 static
1273 int run_as_noworker(enum run_as_cmd cmd,
1274 struct run_as_data *data, struct run_as_ret *ret_value,
1275 uid_t uid, gid_t gid)
1276 {
1277 int ret, saved_errno;
1278 mode_t old_mask;
1279 run_as_fct fct;
1280
1281 fct = run_as_enum_to_fct(cmd);
1282 if (!fct) {
1283 errno = -ENOSYS;
1284 ret = -1;
1285 goto end;
1286 }
1287 old_mask = umask(0);
1288 ret = fct(data, ret_value);
1289 saved_errno = ret_value->_errno;
1290 umask(old_mask);
1291 errno = saved_errno;
1292 end:
1293 return ret;
1294 }
1295
1296 static
1297 int reset_sighandler(void)
1298 {
1299 int sig;
1300
1301 DBG("Resetting run_as worker signal handlers to default");
1302 for (sig = 1; sig <= 31; sig++) {
1303 (void) signal(sig, SIG_DFL);
1304 }
1305 return 0;
1306 }
1307
1308 static
1309 void worker_sighandler(int sig)
1310 {
1311 const char *signame;
1312
1313 /*
1314 * The worker will inherit its parent's signals since they are part of
1315 * the same process group. However, in the case of SIGINT and SIGTERM,
1316 * we want to give the worker a chance to teardown gracefully when its
1317 * parent closes the command socket.
1318 */
1319 switch (sig) {
1320 case SIGINT:
1321 signame = "SIGINT";
1322 break;
1323 case SIGTERM:
1324 signame = "SIGTERM";
1325 break;
1326 default:
1327 signame = NULL;
1328 }
1329
1330 if (signame) {
1331 DBG("run_as worker received signal %s", signame);
1332 } else {
1333 DBG("run_as_worker received signal %d", sig);
1334 }
1335 }
1336
1337 static
1338 int set_worker_sighandlers(void)
1339 {
1340 int ret = 0;
1341 sigset_t sigset;
1342 struct sigaction sa;
1343
1344 if ((ret = sigemptyset(&sigset)) < 0) {
1345 PERROR("sigemptyset");
1346 goto end;
1347 }
1348
1349 sa.sa_handler = worker_sighandler;
1350 sa.sa_mask = sigset;
1351 sa.sa_flags = 0;
1352 if ((ret = sigaction(SIGINT, &sa, NULL)) < 0) {
1353 PERROR("sigaction SIGINT");
1354 goto end;
1355 }
1356
1357 if ((ret = sigaction(SIGTERM, &sa, NULL)) < 0) {
1358 PERROR("sigaction SIGTERM");
1359 goto end;
1360 }
1361
1362 DBG("run_as signal handler set for SIGTERM and SIGINT");
1363 end:
1364 return ret;
1365 }
1366
1367 static
1368 int run_as_create_worker_no_lock(const char *procname,
1369 post_fork_cleanup_cb clean_up_func,
1370 void *clean_up_user_data)
1371 {
1372 pid_t pid;
1373 int i, ret = 0;
1374 ssize_t readlen;
1375 struct run_as_ret recvret;
1376 struct run_as_worker *worker;
1377
1378 assert(!global_worker);
1379 if (!use_clone()) {
1380 /*
1381 * Don't initialize a worker, all run_as tasks will be performed
1382 * in the current process.
1383 */
1384 ret = 0;
1385 goto end;
1386 }
1387 worker = zmalloc(sizeof(*worker));
1388 if (!worker) {
1389 ret = -ENOMEM;
1390 goto end;
1391 }
1392 worker->procname = strdup(procname);
1393 if (!worker->procname) {
1394 ret = -ENOMEM;
1395 goto error_procname_alloc;
1396 }
1397 /* Create unix socket. */
1398 if (lttcomm_create_anon_unix_socketpair(worker->sockpair) < 0) {
1399 ret = -1;
1400 goto error_sock;
1401 }
1402
1403 /* Fork worker. */
1404 pid = fork();
1405 if (pid < 0) {
1406 PERROR("fork");
1407 ret = -1;
1408 goto error_fork;
1409 } else if (pid == 0) {
1410 /* Child */
1411
1412 reset_sighandler();
1413
1414 set_worker_sighandlers();
1415 if (clean_up_func) {
1416 if (clean_up_func(clean_up_user_data) < 0) {
1417 ERR("Run-as post-fork clean-up failed, exiting.");
1418 exit(EXIT_FAILURE);
1419 }
1420 }
1421
1422 /* Just close, no shutdown. */
1423 if (close(worker->sockpair[0])) {
1424 PERROR("close");
1425 exit(EXIT_FAILURE);
1426 }
1427
1428 /*
1429 * Close all FDs aside from STDIN, STDOUT, STDERR and sockpair[1]
1430 * Sockpair[1] is used as a control channel with the master
1431 */
1432 for (i = 3; i < sysconf(_SC_OPEN_MAX); i++) {
1433 if (i != worker->sockpair[1]) {
1434 (void) close(i);
1435 }
1436 }
1437
1438 worker->sockpair[0] = -1;
1439 ret = run_as_worker(worker);
1440 if (lttcomm_close_unix_sock(worker->sockpair[1])) {
1441 PERROR("close");
1442 ret = -1;
1443 }
1444 worker->sockpair[1] = -1;
1445 free(worker->procname);
1446 free(worker);
1447 LOG(ret ? PRINT_ERR : PRINT_DBG, "run_as worker exiting (ret = %d)", ret);
1448 exit(ret ? EXIT_FAILURE : EXIT_SUCCESS);
1449 } else {
1450 /* Parent */
1451
1452 /* Just close, no shutdown. */
1453 if (close(worker->sockpair[1])) {
1454 PERROR("close");
1455 ret = -1;
1456 goto error_fork;
1457 }
1458 worker->sockpair[1] = -1;
1459 worker->pid = pid;
1460 /* Wait for worker to become ready. */
1461 readlen = lttcomm_recv_unix_sock(worker->sockpair[0],
1462 &recvret, sizeof(recvret));
1463 if (readlen < sizeof(recvret)) {
1464 ERR("readlen: %zd", readlen);
1465 PERROR("Error reading response from run_as at creation");
1466 ret = -1;
1467 goto error_fork;
1468 }
1469 global_worker = worker;
1470 }
1471 end:
1472 return ret;
1473
1474 /* Error handling. */
1475 error_fork:
1476 for (i = 0; i < 2; i++) {
1477 if (worker->sockpair[i] < 0) {
1478 continue;
1479 }
1480 if (lttcomm_close_unix_sock(worker->sockpair[i])) {
1481 PERROR("close");
1482 }
1483 worker->sockpair[i] = -1;
1484 }
1485 error_sock:
1486 free(worker->procname);
1487 error_procname_alloc:
1488 free(worker);
1489 return ret;
1490 }
1491
1492 static
1493 void run_as_destroy_worker_no_lock(void)
1494 {
1495 struct run_as_worker *worker = global_worker;
1496
1497 DBG("Destroying run_as worker");
1498 if (!worker) {
1499 return;
1500 }
1501 /* Close unix socket */
1502 DBG("Closing run_as worker socket");
1503 if (lttcomm_close_unix_sock(worker->sockpair[0])) {
1504 PERROR("close");
1505 }
1506 worker->sockpair[0] = -1;
1507 /* Wait for worker. */
1508 for (;;) {
1509 int status;
1510 pid_t wait_ret;
1511
1512 wait_ret = waitpid(worker->pid, &status, 0);
1513 if (wait_ret < 0) {
1514 if (errno == EINTR) {
1515 continue;
1516 }
1517 PERROR("waitpid");
1518 break;
1519 }
1520
1521 if (WIFEXITED(status)) {
1522 LOG(WEXITSTATUS(status) == 0 ? PRINT_DBG : PRINT_ERR,
1523 DEFAULT_RUN_AS_WORKER_NAME " terminated with status code %d",
1524 WEXITSTATUS(status));
1525 break;
1526 } else if (WIFSIGNALED(status)) {
1527 ERR(DEFAULT_RUN_AS_WORKER_NAME " was killed by signal %d",
1528 WTERMSIG(status));
1529 break;
1530 }
1531 }
1532 free(worker->procname);
1533 free(worker);
1534 global_worker = NULL;
1535 }
1536
1537 static
1538 int run_as_restart_worker(struct run_as_worker *worker)
1539 {
1540 int ret = 0;
1541 char *procname = NULL;
1542
1543 procname = worker->procname;
1544
1545 /* Close socket to run_as worker process and clean up the zombie process */
1546 run_as_destroy_worker_no_lock();
1547
1548 /* Create a new run_as worker process*/
1549 ret = run_as_create_worker_no_lock(procname, NULL, NULL);
1550 if (ret < 0 ) {
1551 ERR("Restarting the worker process failed");
1552 ret = -1;
1553 goto err;
1554 }
1555 err:
1556 return ret;
1557 }
1558
1559 static
1560 int run_as(enum run_as_cmd cmd, struct run_as_data *data,
1561 struct run_as_ret *ret_value, uid_t uid, gid_t gid)
1562 {
1563 int ret, saved_errno;
1564
1565 pthread_mutex_lock(&worker_lock);
1566 if (use_clone()) {
1567 DBG("Using run_as worker");
1568
1569 assert(global_worker);
1570
1571 ret = run_as_cmd(global_worker, cmd, data, ret_value, uid, gid);
1572 saved_errno = ret_value->_errno;
1573
1574 /*
1575 * If the worker thread crashed the errno is set to EIO. we log
1576 * the error and start a new worker process.
1577 */
1578 if (ret == -1 && saved_errno == EIO) {
1579 DBG("Socket closed unexpectedly... "
1580 "Restarting the worker process");
1581 ret = run_as_restart_worker(global_worker);
1582 if (ret == -1) {
1583 ERR("Failed to restart worker process.");
1584 goto err;
1585 }
1586 }
1587 } else {
1588 DBG("Using run_as without worker");
1589 ret = run_as_noworker(cmd, data, ret_value, uid, gid);
1590 }
1591 err:
1592 pthread_mutex_unlock(&worker_lock);
1593 return ret;
1594 }
1595
1596 LTTNG_HIDDEN
1597 int run_as_mkdir_recursive(const char *path, mode_t mode, uid_t uid, gid_t gid)
1598 {
1599 return run_as_mkdirat_recursive(AT_FDCWD, path, mode, uid, gid);
1600 }
1601
1602 LTTNG_HIDDEN
1603 int run_as_mkdirat_recursive(int dirfd, const char *path, mode_t mode,
1604 uid_t uid, gid_t gid)
1605 {
1606 int ret;
1607 struct run_as_data data = {};
1608 struct run_as_ret run_as_ret = {};
1609
1610 DBG3("mkdirat() recursive fd = %d%s, path = %s, mode = %d, uid = %d, gid = %d",
1611 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1612 path, (int) mode, (int) uid, (int) gid);
1613 ret = lttng_strncpy(data.u.mkdir.path, path,
1614 sizeof(data.u.mkdir.path));
1615 if (ret) {
1616 ERR("Failed to copy path argument of mkdirat recursive command");
1617 goto error;
1618 }
1619 data.u.mkdir.path[sizeof(data.u.mkdir.path) - 1] = '\0';
1620 data.u.mkdir.mode = mode;
1621 data.u.mkdir.dirfd = dirfd;
1622 run_as(dirfd == AT_FDCWD ? RUN_AS_MKDIR_RECURSIVE : RUN_AS_MKDIRAT_RECURSIVE,
1623 &data, &run_as_ret, uid, gid);
1624 errno = run_as_ret._errno;
1625 ret = run_as_ret.u.ret;
1626 error:
1627 return ret;
1628 }
1629
1630 LTTNG_HIDDEN
1631 int run_as_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid)
1632 {
1633 return run_as_mkdirat(AT_FDCWD, path, mode, uid, gid);
1634 }
1635
1636 LTTNG_HIDDEN
1637 int run_as_mkdirat(int dirfd, const char *path, mode_t mode,
1638 uid_t uid, gid_t gid)
1639 {
1640 int ret;
1641 struct run_as_data data = {};
1642 struct run_as_ret run_as_ret = {};
1643
1644 DBG3("mkdirat() recursive fd = %d%s, path = %s, mode = %d, uid = %d, gid = %d",
1645 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1646 path, (int) mode, (int) uid, (int) gid);
1647 ret = lttng_strncpy(data.u.mkdir.path, path,
1648 sizeof(data.u.mkdir.path));
1649 if (ret) {
1650 ERR("Failed to copy path argument of mkdirat command");
1651 goto error;
1652 }
1653 data.u.mkdir.path[sizeof(data.u.mkdir.path) - 1] = '\0';
1654 data.u.mkdir.mode = mode;
1655 data.u.mkdir.dirfd = dirfd;
1656 run_as(dirfd == AT_FDCWD ? RUN_AS_MKDIR : RUN_AS_MKDIRAT,
1657 &data, &run_as_ret, uid, gid);
1658 errno = run_as_ret._errno;
1659 ret = run_as_ret.u.ret;
1660 error:
1661 return ret;
1662 }
1663
1664 LTTNG_HIDDEN
1665 int run_as_open(const char *path, int flags, mode_t mode, uid_t uid,
1666 gid_t gid)
1667 {
1668 return run_as_openat(AT_FDCWD, path, flags, mode, uid, gid);
1669 }
1670
1671 LTTNG_HIDDEN
1672 int run_as_openat(int dirfd, const char *path, int flags, mode_t mode,
1673 uid_t uid, gid_t gid)
1674 {
1675 int ret;
1676 struct run_as_data data = {};
1677 struct run_as_ret run_as_ret = {};
1678
1679 DBG3("openat() fd = %d%s, path = %s, flags = %X, mode = %d, uid %d, gid %d",
1680 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1681 path, flags, (int) mode, (int) uid, (int) gid);
1682 ret = lttng_strncpy(data.u.open.path, path, sizeof(data.u.open.path));
1683 if (ret) {
1684 ERR("Failed to copy path argument of open command");
1685 goto error;
1686 }
1687 data.u.open.flags = flags;
1688 data.u.open.mode = mode;
1689 data.u.open.dirfd = dirfd;
1690 run_as(dirfd == AT_FDCWD ? RUN_AS_OPEN : RUN_AS_OPENAT,
1691 &data, &run_as_ret, uid, gid);
1692 errno = run_as_ret._errno;
1693 ret = run_as_ret.u.ret < 0 ? run_as_ret.u.ret :
1694 run_as_ret.u.open.fd;
1695 error:
1696 return ret;
1697 }
1698
1699 LTTNG_HIDDEN
1700 int run_as_unlink(const char *path, uid_t uid, gid_t gid)
1701 {
1702 return run_as_unlinkat(AT_FDCWD, path, uid, gid);
1703 }
1704
1705 LTTNG_HIDDEN
1706 int run_as_unlinkat(int dirfd, const char *path, uid_t uid, gid_t gid)
1707 {
1708 int ret;
1709 struct run_as_data data = {};
1710 struct run_as_ret run_as_ret = {};
1711
1712 DBG3("unlinkat() fd = %d%s, path = %s, uid = %d, gid = %d",
1713 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1714 path, (int) uid, (int) gid);
1715 ret = lttng_strncpy(data.u.unlink.path, path,
1716 sizeof(data.u.unlink.path));
1717 if (ret) {
1718 goto error;
1719 }
1720 data.u.unlink.dirfd = dirfd;
1721 run_as(dirfd == AT_FDCWD ? RUN_AS_UNLINK : RUN_AS_UNLINKAT, &data,
1722 &run_as_ret, uid, gid);
1723 errno = run_as_ret._errno;
1724 ret = run_as_ret.u.ret;
1725 error:
1726 return ret;
1727 }
1728
1729 LTTNG_HIDDEN
1730 int run_as_rmdir(const char *path, uid_t uid, gid_t gid)
1731 {
1732 return run_as_rmdirat(AT_FDCWD, path, uid, gid);
1733 }
1734
1735 LTTNG_HIDDEN
1736 int run_as_rmdirat(int dirfd, const char *path, uid_t uid, gid_t gid)
1737 {
1738 int ret;
1739 struct run_as_data data = {};
1740 struct run_as_ret run_as_ret = {};
1741
1742 DBG3("rmdirat() fd = %d%s, path = %s, uid = %d, gid = %d",
1743 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1744 path, (int) uid, (int) gid);
1745 ret = lttng_strncpy(data.u.rmdir.path, path,
1746 sizeof(data.u.rmdir.path));
1747 if (ret) {
1748 goto error;
1749 }
1750 data.u.rmdir.dirfd = dirfd;
1751 run_as(dirfd == AT_FDCWD ? RUN_AS_RMDIR : RUN_AS_RMDIRAT, &data,
1752 &run_as_ret, uid, gid);
1753 errno = run_as_ret._errno;
1754 ret = run_as_ret.u.ret;
1755 error:
1756 return ret;
1757 }
1758
1759 LTTNG_HIDDEN
1760 int run_as_rmdir_recursive(const char *path, uid_t uid, gid_t gid, int flags)
1761 {
1762 return run_as_rmdirat_recursive(AT_FDCWD, path, uid, gid, flags);
1763 }
1764
1765 LTTNG_HIDDEN
1766 int run_as_rmdirat_recursive(int dirfd, const char *path, uid_t uid, gid_t gid, int flags)
1767 {
1768 int ret;
1769 struct run_as_data data = {};
1770 struct run_as_ret run_as_ret = {};
1771
1772 DBG3("rmdirat() recursive fd = %d%s, path = %s, uid = %d, gid = %d",
1773 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1774 path, (int) uid, (int) gid);
1775 ret = lttng_strncpy(data.u.rmdir.path, path,
1776 sizeof(data.u.rmdir.path));
1777 if (ret) {
1778 goto error;
1779 }
1780 data.u.rmdir.dirfd = dirfd;
1781 data.u.rmdir.flags = flags;
1782 run_as(dirfd == AT_FDCWD ? RUN_AS_RMDIR_RECURSIVE : RUN_AS_RMDIRAT_RECURSIVE,
1783 &data, &run_as_ret, uid, gid);
1784 errno = run_as_ret._errno;
1785 ret = run_as_ret.u.ret;
1786 error:
1787 return ret;
1788 }
1789
1790 LTTNG_HIDDEN
1791 int run_as_rename(const char *old, const char *new, uid_t uid, gid_t gid)
1792 {
1793 return run_as_renameat(AT_FDCWD, old, AT_FDCWD, new, uid, gid);
1794 }
1795
1796 LTTNG_HIDDEN
1797 int run_as_renameat(int old_dirfd, const char *old_name,
1798 int new_dirfd, const char *new_name, uid_t uid, gid_t gid)
1799 {
1800 int ret;
1801 struct run_as_data data = {};
1802 struct run_as_ret run_as_ret = {};
1803
1804 DBG3("renameat() old_dirfd = %d%s, old_name = %s, new_dirfd = %d%s, new_name = %s, uid = %d, gid = %d",
1805 old_dirfd, old_dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1806 old_name,
1807 new_dirfd, new_dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1808 new_name, (int) uid, (int) gid);
1809 ret = lttng_strncpy(data.u.rename.old_path, old_name,
1810 sizeof(data.u.rename.old_path));
1811 if (ret) {
1812 goto error;
1813 }
1814 ret = lttng_strncpy(data.u.rename.new_path, new_name,
1815 sizeof(data.u.rename.new_path));
1816 if (ret) {
1817 goto error;
1818 }
1819
1820 data.u.rename.dirfds[0] = old_dirfd;
1821 data.u.rename.dirfds[1] = new_dirfd;
1822 run_as(old_dirfd == AT_FDCWD && new_dirfd == AT_FDCWD ?
1823 RUN_AS_RENAME : RUN_AS_RENAMEAT,
1824 &data, &run_as_ret, uid, gid);
1825 errno = run_as_ret._errno;
1826 ret = run_as_ret.u.ret;
1827 error:
1828 return ret;
1829 }
1830
1831 LTTNG_HIDDEN
1832 int run_as_extract_elf_symbol_offset(int fd, const char* function,
1833 uid_t uid, gid_t gid, uint64_t *offset)
1834 {
1835 int ret;
1836 struct run_as_data data = {};
1837 struct run_as_ret run_as_ret = {};
1838
1839 DBG3("extract_elf_symbol_offset() on fd=%d and function=%s "
1840 "with for uid %d and gid %d", fd, function,
1841 (int) uid, (int) gid);
1842
1843 data.u.extract_elf_symbol_offset.fd = fd;
1844
1845 strncpy(data.u.extract_elf_symbol_offset.function, function, LTTNG_SYMBOL_NAME_LEN - 1);
1846 data.u.extract_elf_symbol_offset.function[LTTNG_SYMBOL_NAME_LEN - 1] = '\0';
1847 ret = lttng_strncpy(data.u.extract_elf_symbol_offset.function,
1848 function,
1849 sizeof(data.u.extract_elf_symbol_offset.function));
1850 if (ret) {
1851 goto error;
1852 }
1853
1854 run_as(RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET, &data, &run_as_ret, uid, gid);
1855 errno = run_as_ret._errno;
1856 if (run_as_ret._error) {
1857 ret = -1;
1858 goto error;
1859 }
1860
1861 *offset = run_as_ret.u.extract_elf_symbol_offset.offset;
1862 error:
1863 return ret;
1864 }
1865
1866 LTTNG_HIDDEN
1867 int run_as_extract_sdt_probe_offsets(int fd, const char* provider_name,
1868 const char* probe_name, uid_t uid, gid_t gid,
1869 uint64_t **offsets, uint32_t *num_offset)
1870 {
1871 int ret;
1872 struct run_as_data data = {};
1873 struct run_as_ret run_as_ret = {};
1874
1875 DBG3("extract_sdt_probe_offsets() on fd=%d, probe_name=%s and "
1876 "provider_name=%s with for uid %d and gid %d", fd,
1877 probe_name, provider_name, (int) uid, (int) gid);
1878
1879 data.u.extract_sdt_probe_offsets.fd = fd;
1880
1881 ret = lttng_strncpy(data.u.extract_sdt_probe_offsets.probe_name, probe_name,
1882 sizeof(data.u.extract_sdt_probe_offsets.probe_name));
1883 if (ret) {
1884 goto error;
1885 }
1886 ret = lttng_strncpy(data.u.extract_sdt_probe_offsets.provider_name,
1887 provider_name,
1888 sizeof(data.u.extract_sdt_probe_offsets.provider_name));
1889 if (ret) {
1890 goto error;
1891 }
1892
1893 run_as(RUN_AS_EXTRACT_SDT_PROBE_OFFSETS, &data, &run_as_ret, uid, gid);
1894 errno = run_as_ret._errno;
1895 if (run_as_ret._error) {
1896 ret = -1;
1897 goto error;
1898 }
1899
1900 *num_offset = run_as_ret.u.extract_sdt_probe_offsets.num_offset;
1901 *offsets = zmalloc(*num_offset * sizeof(uint64_t));
1902 if (!*offsets) {
1903 ret = -ENOMEM;
1904 goto error;
1905 }
1906
1907 memcpy(*offsets, run_as_ret.u.extract_sdt_probe_offsets.offsets,
1908 *num_offset * sizeof(uint64_t));
1909 error:
1910 return ret;
1911 }
1912
1913 LTTNG_HIDDEN
1914 int run_as_create_worker(const char *procname,
1915 post_fork_cleanup_cb clean_up_func,
1916 void *clean_up_user_data)
1917 {
1918 int ret;
1919
1920 pthread_mutex_lock(&worker_lock);
1921 ret = run_as_create_worker_no_lock(procname, clean_up_func,
1922 clean_up_user_data);
1923 pthread_mutex_unlock(&worker_lock);
1924 return ret;
1925 }
1926
1927 LTTNG_HIDDEN
1928 void run_as_destroy_worker(void)
1929 {
1930 pthread_mutex_lock(&worker_lock);
1931 run_as_destroy_worker_no_lock();
1932 pthread_mutex_unlock(&worker_lock);
1933 }
LTTng 2.0 tools and control repository
This page took 0.098175 seconds and 4 git commands to generate.