projects / lttng-tools.git / blob
? search:


c77f198c4d4061adade2b550846d38efbd387cf8
[lttng-tools.git] / src / common / runas.c
1 /*
2 * Copyright (C) 2011 - David Goulet <david.goulet@polymtl.ca>
3 * Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License, version 2 only,
7 * as published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12 * more details.
13 *
14 * You should have received a copy of the GNU General Public License along
15 * with this program; if not, write to the Free Software Foundation, Inc.,
16 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
17 */
18
19 #define _LGPL_SOURCE
20 #include <errno.h>
21 #include <limits.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <sys/wait.h>
26 #include <sys/types.h>
27 #include <sys/stat.h>
28 #include <unistd.h>
29 #include <fcntl.h>
30 #include <sched.h>
31 #include <signal.h>
32 #include <assert.h>
33 #include <signal.h>
34
35 #include <common/lttng-kernel.h>
36 #include <common/common.h>
37 #include <common/utils.h>
38 #include <common/compat/getenv.h>
39 #include <common/compat/prctl.h>
40 #include <common/unix.h>
41 #include <common/defaults.h>
42 #include <common/lttng-elf.h>
43
44 #include <lttng/constant.h>
45
46 #include "runas.h"
47
48 struct run_as_data;
49 struct run_as_ret;
50 typedef int (*run_as_fct)(struct run_as_data *data, struct run_as_ret *ret_value);
51
52 struct run_as_mkdirat_data {
53 char path[PATH_MAX];
54 mode_t mode;
55 };
56
57 struct run_as_open_data {
58 char path[PATH_MAX];
59 int flags;
60 mode_t mode;
61 };
62
63 struct run_as_unlink_data {
64 char path[PATH_MAX];
65 };
66
67 struct run_as_rmdir_recursive_data {
68 char path[PATH_MAX];
69 };
70
71 struct run_as_extract_elf_symbol_offset_data {
72 char function[LTTNG_SYMBOL_NAME_LEN];
73 };
74
75 struct run_as_extract_sdt_probe_offsets_data {
76 char probe_name[LTTNG_SYMBOL_NAME_LEN];
77 char provider_name[LTTNG_SYMBOL_NAME_LEN];
78 };
79
80 struct run_as_mkdirat_ret {
81 int ret;
82 };
83
84 struct run_as_open_ret {
85 int ret;
86 };
87
88 struct run_as_unlink_ret {
89 int ret;
90 };
91
92 struct run_as_rmdir_recursive_ret {
93 int ret;
94 };
95
96 struct run_as_extract_elf_symbol_offset_ret {
97 uint64_t offset;
98 };
99
100 struct run_as_extract_sdt_probe_offsets_ret {
101 uint32_t num_offset;
102 uint64_t offsets[LTTNG_KERNEL_MAX_UPROBE_NUM];
103 };
104
105 enum run_as_cmd {
106 RUN_AS_MKDIR,
107 RUN_AS_MKDIRAT,
108 RUN_AS_MKDIR_RECURSIVE,
109 RUN_AS_MKDIRAT_RECURSIVE,
110 RUN_AS_OPEN,
111 RUN_AS_OPENAT,
112 RUN_AS_UNLINK,
113 RUN_AS_UNLINKAT,
114 RUN_AS_RMDIR_RECURSIVE,
115 RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET,
116 RUN_AS_EXTRACT_SDT_PROBE_OFFSETS,
117 };
118
119 struct run_as_data {
120 enum run_as_cmd cmd;
121 int fd;
122 union {
123 struct run_as_mkdirat_data mkdirat;
124 struct run_as_open_data open;
125 struct run_as_unlink_data unlink;
126 struct run_as_rmdir_recursive_data rmdir_recursive;
127 struct run_as_extract_elf_symbol_offset_data extract_elf_symbol_offset;
128 struct run_as_extract_sdt_probe_offsets_data extract_sdt_probe_offsets;
129 } u;
130 uid_t uid;
131 gid_t gid;
132 };
133
134 /*
135 * The run_as_ret structure holds the returned value and status of the command.
136 *
137 * The `u` union field holds the return value of the command; in most cases it
138 * represents the success or the failure of the command. In more complex
139 * commands, it holds a computed value.
140 *
141 * The _errno field is the errno recorded after the execution of the command.
142 *
143 * The _error fields is used the signify that return status of the command. For
144 * simple commands returning `int` the _error field will be the same as the
145 * ret_int field. In complex commands, it signify the success or failure of the
146 * command.
147 *
148 */
149 struct run_as_ret {
150 int fd;
151 union {
152 struct run_as_mkdirat_ret mkdirat;
153 struct run_as_open_ret open;
154 struct run_as_unlink_ret unlink;
155 struct run_as_rmdir_recursive_ret rmdir_recursive;
156 struct run_as_extract_elf_symbol_offset_ret extract_elf_symbol_offset;
157 struct run_as_extract_sdt_probe_offsets_ret extract_sdt_probe_offsets;
158 } u;
159 int _errno;
160 bool _error;
161 };
162
163 struct run_as_worker {
164 pid_t pid; /* Worker PID. */
165 int sockpair[2];
166 char *procname;
167 };
168
169 /* Single global worker per process (for now). */
170 static struct run_as_worker *global_worker;
171 /* Lock protecting the worker. */
172 static pthread_mutex_t worker_lock = PTHREAD_MUTEX_INITIALIZER;
173
174 #ifdef VALGRIND
175 static
176 int use_clone(void)
177 {
178 return 0;
179 }
180 #else
181 static
182 int use_clone(void)
183 {
184 return !lttng_secure_getenv("LTTNG_DEBUG_NOCLONE");
185 }
186 #endif
187
188 /*
189 * Create recursively directory using the FULL path.
190 */
191 static
192 int _mkdirat_recursive(struct run_as_data *data, struct run_as_ret *ret_value)
193 {
194 const char *path;
195 mode_t mode;
196 struct lttng_directory_handle handle;
197
198 path = data->u.mkdirat.path;
199 mode = data->u.mkdirat.mode;
200
201 (void) lttng_directory_handle_init_from_dirfd(&handle, data->fd);
202 /* Safe to call as we have transitioned to the requested uid/gid. */
203 ret_value->u.mkdirat.ret =
204 lttng_directory_handle_create_subdirectory_recursive(
205 &handle, path, mode);
206 ret_value->_errno = errno;
207 ret_value->_error = (ret_value->u.mkdirat.ret) ? true : false;
208 lttng_directory_handle_fini(&handle);
209 return ret_value->u.mkdirat.ret;
210 }
211
212 static
213 int _mkdirat(struct run_as_data *data, struct run_as_ret *ret_value)
214 {
215 const char *path;
216 mode_t mode;
217 struct lttng_directory_handle handle;
218
219 path = data->u.mkdirat.path;
220 mode = data->u.mkdirat.mode;
221
222 (void) lttng_directory_handle_init_from_dirfd(&handle, data->fd);
223 /* Safe to call as we have transitioned to the requested uid/gid. */
224 ret_value->u.mkdirat.ret =
225 lttng_directory_handle_create_subdirectory(
226 &handle, path, mode);
227 ret_value->_errno = errno;
228 ret_value->_error = (ret_value->u.mkdirat.ret) ? true : false;
229 lttng_directory_handle_fini(&handle);
230 return ret_value->u.mkdirat.ret;
231 }
232
233 static
234 int _open(struct run_as_data *data, struct run_as_ret *ret_value)
235 {
236 ret_value->u.open.ret = openat(data->fd, data->u.open.path,
237 data->u.open.flags, data->u.open.mode);
238 ret_value->fd = ret_value->u.open.ret;
239 ret_value->_errno = errno;
240 ret_value->_error = ret_value->u.open.ret < 0;
241 return ret_value->u.open.ret;
242 }
243
244 static
245 int _unlink(struct run_as_data *data, struct run_as_ret *ret_value)
246 {
247 ret_value->u.unlink.ret = unlinkat(data->fd, data->u.unlink.path, 0);
248 ret_value->_errno = errno;
249 ret_value->_error = (ret_value->u.unlink.ret) ? true : false;
250 return ret_value->u.unlink.ret;
251 }
252
253 static
254 int _rmdir_recursive(struct run_as_data *data, struct run_as_ret *ret_value)
255 {
256 ret_value->u.rmdir_recursive.ret = utils_recursive_rmdir(data->u.rmdir_recursive.path);
257 ret_value->_errno = errno;
258 ret_value->_error = (ret_value->u.rmdir_recursive.ret) ? true : false;
259 return ret_value->u.rmdir_recursive.ret;
260 }
261
262 #ifdef HAVE_ELF_H
263 static
264 int _extract_elf_symbol_offset(struct run_as_data *data,
265 struct run_as_ret *ret_value)
266 {
267 int ret = 0;
268 ret_value->_error = false;
269
270 ret = lttng_elf_get_symbol_offset(data->fd,
271 data->u.extract_elf_symbol_offset.function,
272 &ret_value->u.extract_elf_symbol_offset.offset);
273 if (ret) {
274 DBG("Failed to extract ELF function offset");
275 ret_value->_error = true;
276 }
277
278 return ret;
279 }
280
281 static
282 int _extract_sdt_probe_offsets(struct run_as_data *data,
283 struct run_as_ret *ret_value)
284 {
285 int ret = 0;
286 uint64_t *offsets = NULL;
287 uint32_t num_offset;
288
289 ret_value->_error = false;
290
291 /* On success, this call allocates the offsets paramater. */
292 ret = lttng_elf_get_sdt_probe_offsets(data->fd,
293 data->u.extract_sdt_probe_offsets.provider_name,
294 data->u.extract_sdt_probe_offsets.probe_name,
295 &offsets, &num_offset);
296
297 if (ret) {
298 DBG("Failed to extract SDT probe offsets");
299 ret_value->_error = true;
300 goto end;
301 }
302
303 if (num_offset <= 0 || num_offset > LTTNG_KERNEL_MAX_UPROBE_NUM) {
304 DBG("Wrong number of probes.");
305 ret = -1;
306 ret_value->_error = true;
307 goto free_offset;
308 }
309
310 /* Copy the content of the offsets array to the ret struct. */
311 memcpy(ret_value->u.extract_sdt_probe_offsets.offsets,
312 offsets, num_offset * sizeof(uint64_t));
313
314 ret_value->u.extract_sdt_probe_offsets.num_offset = num_offset;
315
316 free_offset:
317 free(offsets);
318 end:
319 return ret;
320 }
321 #else
322 static
323 int _extract_elf_symbol_offset(struct run_as_data *data,
324 struct run_as_ret *ret_value)
325 {
326 ERR("Unimplemented runas command RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET");
327 return -1;
328 }
329
330 static
331 int _extract_sdt_probe_offsets(struct run_as_data *data,
332 struct run_as_ret *ret_value)
333 {
334 ERR("Unimplemented runas command RUN_AS_EXTRACT_SDT_PROBE_OFFSETS");
335 return -1;
336 }
337 #endif
338
339 static
340 run_as_fct run_as_enum_to_fct(enum run_as_cmd cmd)
341 {
342 switch (cmd) {
343 case RUN_AS_MKDIR:
344 case RUN_AS_MKDIRAT:
345 return _mkdirat;
346 case RUN_AS_MKDIR_RECURSIVE:
347 case RUN_AS_MKDIRAT_RECURSIVE:
348 return _mkdirat_recursive;
349 case RUN_AS_OPEN:
350 case RUN_AS_OPENAT:
351 return _open;
352 case RUN_AS_UNLINK:
353 case RUN_AS_UNLINKAT:
354 return _unlink;
355 case RUN_AS_RMDIR_RECURSIVE:
356 return _rmdir_recursive;
357 case RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET:
358 return _extract_elf_symbol_offset;
359 case RUN_AS_EXTRACT_SDT_PROBE_OFFSETS:
360 return _extract_sdt_probe_offsets;
361 default:
362 ERR("Unknown command %d", (int) cmd);
363 return NULL;
364 }
365 }
366
367 static
368 int do_send_fd(int sock, int fd)
369 {
370 ssize_t len;
371
372 if (fd < 0) {
373 ERR("Attempt to send invalid file descriptor to master (fd = %i)", fd);
374 /* Return 0 as this is not a fatal error. */
375 return 0;
376 }
377
378 len = lttcomm_send_fds_unix_sock(sock, &fd, 1);
379 if (len < 0) {
380 PERROR("lttcomm_send_fds_unix_sock");
381 return -1;
382 }
383 return 0;
384 }
385
386 static
387 int do_recv_fd(int sock, int *fd)
388 {
389 ssize_t len;
390
391 len = lttcomm_recv_fds_unix_sock(sock, fd, 1);
392
393 if (!len) {
394 return -1;
395 } else if (len < 0) {
396 PERROR("lttcomm_recv_fds_unix_sock");
397 return -1;
398 }
399 if (*fd < 0) {
400 ERR("Invalid file descriptor received from worker (fd = %i)", *fd);
401 /* Return 0 as this is not a fatal error. */
402 return 0;
403 }
404
405 return 0;
406 }
407
408 static
409 int send_fd_to_worker(struct run_as_worker *worker, enum run_as_cmd cmd, int fd)
410 {
411 int ret = 0;
412
413 switch (cmd) {
414 case RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET:
415 case RUN_AS_EXTRACT_SDT_PROBE_OFFSETS:
416 case RUN_AS_MKDIRAT:
417 case RUN_AS_MKDIRAT_RECURSIVE:
418 case RUN_AS_OPENAT:
419 case RUN_AS_UNLINKAT:
420 break;
421 default:
422 return 0;
423 }
424
425 if (fd < 0) {
426 ERR("Refusing to send invalid fd to worker (fd = %i)", fd);
427 return -1;
428 }
429
430 ret = do_send_fd(worker->sockpair[0], fd);
431 if (ret < 0) {
432 PERROR("do_send_fd");
433 ret = -1;
434 }
435
436 return ret;
437 }
438
439 static
440 int send_fd_to_master(struct run_as_worker *worker, enum run_as_cmd cmd, int fd)
441 {
442 int ret = 0, ret_close = 0;
443
444 switch (cmd) {
445 case RUN_AS_OPEN:
446 case RUN_AS_OPENAT:
447 break;
448 default:
449 return 0;
450 }
451
452 if (fd < 0) {
453 DBG("Not sending file descriptor to master as it is invalid (fd = %i)", fd);
454 return 0;
455 }
456 ret = do_send_fd(worker->sockpair[1], fd);
457 if (ret < 0) {
458 PERROR("do_send_fd error");
459 ret = -1;
460 }
461
462 ret_close = close(fd);
463 if (ret_close < 0) {
464 PERROR("close");
465 }
466
467 return ret;
468 }
469
470 static
471 int recv_fd_from_worker(struct run_as_worker *worker, enum run_as_cmd cmd, int *fd)
472 {
473 int ret = 0;
474
475 switch (cmd) {
476 case RUN_AS_OPEN:
477 case RUN_AS_OPENAT:
478 break;
479 default:
480 return 0;
481 }
482
483 ret = do_recv_fd(worker->sockpair[0], fd);
484 if (ret < 0) {
485 PERROR("do_recv_fd error");
486 ret = -1;
487 }
488
489 return ret;
490 }
491
492 static
493 int recv_fd_from_master(struct run_as_worker *worker, enum run_as_cmd cmd, int *fd)
494 {
495 int ret = 0;
496
497 switch (cmd) {
498 case RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET:
499 case RUN_AS_EXTRACT_SDT_PROBE_OFFSETS:
500 case RUN_AS_MKDIRAT:
501 case RUN_AS_MKDIRAT_RECURSIVE:
502 case RUN_AS_OPENAT:
503 case RUN_AS_UNLINKAT:
504 break;
505 case RUN_AS_MKDIR:
506 case RUN_AS_MKDIR_RECURSIVE:
507 case RUN_AS_OPEN:
508 case RUN_AS_UNLINK:
509 *fd = AT_FDCWD;
510 /* fall-through */
511 default:
512 return 0;
513 }
514
515 ret = do_recv_fd(worker->sockpair[1], fd);
516 if (ret < 0) {
517 PERROR("do_recv_fd error");
518 ret = -1;
519 }
520
521 return ret;
522 }
523
524 static
525 int cleanup_received_fd(enum run_as_cmd cmd, int fd)
526 {
527 int ret = 0;
528
529 switch (cmd) {
530 case RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET:
531 case RUN_AS_EXTRACT_SDT_PROBE_OFFSETS:
532 case RUN_AS_MKDIRAT:
533 case RUN_AS_MKDIRAT_RECURSIVE:
534 case RUN_AS_OPEN:
535 case RUN_AS_OPENAT:
536 case RUN_AS_UNLINK:
537 case RUN_AS_UNLINKAT:
538 break;
539 default:
540 return 0;
541 }
542
543 if (fd < 0) {
544 return 0;
545 }
546 ret = close(fd);
547 if (ret < 0) {
548 PERROR("close error");
549 ret = -1;
550 }
551
552 return ret;
553 }
554
555 /*
556 * Return < 0 on error, 0 if OK, 1 on hangup.
557 */
558 static
559 int handle_one_cmd(struct run_as_worker *worker)
560 {
561 int ret = 0;
562 struct run_as_data data;
563 ssize_t readlen, writelen;
564 struct run_as_ret sendret;
565 run_as_fct cmd;
566 uid_t prev_euid;
567
568 memset(&sendret, 0, sizeof(sendret));
569 sendret.fd = -1;
570
571 /*
572 * Stage 1: Receive run_as_data struct from the master.
573 * The structure contains the command type and all the parameters needed for
574 * its execution
575 */
576 readlen = lttcomm_recv_unix_sock(worker->sockpair[1], &data,
577 sizeof(data));
578 if (readlen == 0) {
579 /* hang up */
580 ret = 1;
581 goto end;
582 }
583 if (readlen < sizeof(data)) {
584 PERROR("lttcomm_recv_unix_sock error");
585 ret = -1;
586 goto end;
587 }
588
589 cmd = run_as_enum_to_fct(data.cmd);
590 if (!cmd) {
591 ret = -1;
592 goto end;
593 }
594
595 /*
596 * Stage 2: Receive file descriptor from master.
597 * Some commands need a file descriptor as input so if it's needed we
598 * receive the fd using the Unix socket.
599 */
600 ret = recv_fd_from_master(worker, data.cmd, &data.fd);
601 if (ret < 0) {
602 PERROR("recv_fd_from_master error");
603 ret = -1;
604 goto end;
605 }
606
607 prev_euid = getuid();
608 if (data.gid != getegid()) {
609 ret = setegid(data.gid);
610 if (ret < 0) {
611 sendret._error = true;
612 sendret._errno = errno;
613 PERROR("setegid");
614 goto write_return;
615 }
616 }
617 if (data.uid != prev_euid) {
618 ret = seteuid(data.uid);
619 if (ret < 0) {
620 sendret._error = true;
621 sendret._errno = errno;
622 PERROR("seteuid");
623 goto write_return;
624 }
625 }
626
627 /*
628 * Also set umask to 0 for mkdir executable bit.
629 */
630 umask(0);
631
632 /*
633 * Stage 3: Execute the command
634 */
635 ret = (*cmd)(&data, &sendret);
636 if (ret < 0) {
637 DBG("Execution of command returned an error");
638 }
639
640 write_return:
641 ret = cleanup_received_fd(data.cmd, data.fd);
642 if (ret < 0) {
643 ERR("Error cleaning up FD");
644 goto end;
645 }
646
647 /*
648 * Stage 4: Send run_as_ret structure to the master.
649 * This structure contain the return value of the command and the errno.
650 */
651 writelen = lttcomm_send_unix_sock(worker->sockpair[1], &sendret,
652 sizeof(sendret));
653 if (writelen < sizeof(sendret)) {
654 PERROR("lttcomm_send_unix_sock error");
655 ret = -1;
656 goto end;
657 }
658
659 /*
660 * Stage 5: Send file descriptor to the master
661 * Some commands return a file descriptor so if it's needed we pass it back
662 * to the master using the Unix socket.
663 */
664 ret = send_fd_to_master(worker, data.cmd, sendret.fd);
665 if (ret < 0) {
666 DBG("Sending FD to master returned an error");
667 goto end;
668 }
669
670 if (seteuid(prev_euid) < 0) {
671 PERROR("seteuid");
672 ret = -1;
673 goto end;
674 }
675 ret = 0;
676 end:
677 return ret;
678 }
679
680 static
681 int run_as_worker(struct run_as_worker *worker)
682 {
683 int ret;
684 ssize_t writelen;
685 struct run_as_ret sendret;
686 size_t proc_orig_len;
687
688 /*
689 * Initialize worker. Set a different process cmdline.
690 */
691 proc_orig_len = strlen(worker->procname);
692 memset(worker->procname, 0, proc_orig_len);
693 strncpy(worker->procname, DEFAULT_RUN_AS_WORKER_NAME, proc_orig_len);
694
695 ret = lttng_prctl(PR_SET_NAME,
696 (unsigned long) DEFAULT_RUN_AS_WORKER_NAME, 0, 0, 0);
697 if (ret && ret != -ENOSYS) {
698 /* Don't fail as this is not essential. */
699 PERROR("prctl PR_SET_NAME");
700 }
701
702 memset(&sendret, 0, sizeof(sendret));
703
704 writelen = lttcomm_send_unix_sock(worker->sockpair[1], &sendret,
705 sizeof(sendret));
706 if (writelen < sizeof(sendret)) {
707 PERROR("lttcomm_send_unix_sock error");
708 ret = EXIT_FAILURE;
709 goto end;
710 }
711
712 for (;;) {
713 ret = handle_one_cmd(worker);
714 if (ret < 0) {
715 ret = EXIT_FAILURE;
716 goto end;
717 } else if (ret > 0) {
718 break;
719 } else {
720 continue; /* Next command. */
721 }
722 }
723 ret = EXIT_SUCCESS;
724 end:
725 return ret;
726 }
727
728 static
729 int run_as_cmd(struct run_as_worker *worker,
730 enum run_as_cmd cmd,
731 struct run_as_data *data,
732 struct run_as_ret *ret_value,
733 uid_t uid, gid_t gid)
734 {
735 int ret = 0;
736 ssize_t readlen, writelen;
737
738 /*
739 * If we are non-root, we can only deal with our own uid.
740 */
741 if (geteuid() != 0) {
742 if (uid != geteuid()) {
743 ret = -1;
744 ret_value->_errno = EPERM;
745 ERR("Client (%d)/Server (%d) UID mismatch (and sessiond is not root)",
746 (int) uid, (int) geteuid());
747 goto end;
748 }
749 }
750
751 data->cmd = cmd;
752 data->uid = uid;
753 data->gid = gid;
754
755 /*
756 * Stage 1: Send the run_as_data struct to the worker process
757 */
758 writelen = lttcomm_send_unix_sock(worker->sockpair[0], data,
759 sizeof(*data));
760 if (writelen < sizeof(*data)) {
761 PERROR("Error writing message to run_as");
762 ret = -1;
763 ret_value->_errno = EIO;
764 goto end;
765 }
766
767 /*
768 * Stage 2: Send file descriptor to the worker process if needed
769 */
770 ret = send_fd_to_worker(worker, data->cmd, data->fd);
771 if (ret) {
772 PERROR("do_send_fd error");
773 ret = -1;
774 ret_value->_errno = EIO;
775 goto end;
776 }
777
778 /*
779 * Stage 3: Wait for the execution of the command
780 */
781
782 /*
783 * Stage 4: Receive the run_as_ret struct containing the return value and
784 * errno
785 */
786 readlen = lttcomm_recv_unix_sock(worker->sockpair[0], ret_value,
787 sizeof(*ret_value));
788 if (!readlen) {
789 ERR("Run-as worker has hung-up during run_as_cmd");
790 ret = -1;
791 ret_value->_errno = EIO;
792 goto end;
793 } else if (readlen < sizeof(*ret_value)) {
794 PERROR("Error reading response from run_as");
795 ret = -1;
796 ret_value->_errno = errno;
797 goto end;
798 }
799
800 if (ret_value->_error) {
801 /* Skip stage 5 on error as there will be no fd to receive. */
802 goto end;
803 }
804
805 /*
806 * Stage 5: Receive file descriptor if needed
807 */
808 ret = recv_fd_from_worker(worker, data->cmd, &ret_value->fd);
809 if (ret < 0) {
810 ERR("Error receiving fd");
811 ret = -1;
812 ret_value->_errno = EIO;
813 }
814
815 end:
816 return ret;
817 }
818
819 /*
820 * This is for debugging ONLY and should not be considered secure.
821 */
822 static
823 int run_as_noworker(enum run_as_cmd cmd,
824 struct run_as_data *data, struct run_as_ret *ret_value,
825 uid_t uid, gid_t gid)
826 {
827 int ret, saved_errno;
828 mode_t old_mask;
829 run_as_fct fct;
830
831 fct = run_as_enum_to_fct(cmd);
832 if (!fct) {
833 errno = -ENOSYS;
834 ret = -1;
835 goto end;
836 }
837 old_mask = umask(0);
838 ret = fct(data, ret_value);
839 saved_errno = ret_value->_errno;
840 umask(old_mask);
841 errno = saved_errno;
842 end:
843 return ret;
844 }
845
846 static
847 int reset_sighandler(void)
848 {
849 int sig;
850
851 DBG("Resetting run_as worker signal handlers to default");
852 for (sig = 1; sig <= 31; sig++) {
853 (void) signal(sig, SIG_DFL);
854 }
855 return 0;
856 }
857
858 static
859 void worker_sighandler(int sig)
860 {
861 const char *signame;
862
863 /*
864 * The worker will inherit its parent's signals since they are part of
865 * the same process group. However, in the case of SIGINT and SIGTERM,
866 * we want to give the worker a chance to teardown gracefully when its
867 * parent closes the command socket.
868 */
869 switch (sig) {
870 case SIGINT:
871 signame = "SIGINT";
872 break;
873 case SIGTERM:
874 signame = "SIGTERM";
875 break;
876 default:
877 signame = NULL;
878 }
879
880 if (signame) {
881 DBG("run_as worker received signal %s", signame);
882 } else {
883 DBG("run_as_worker received signal %d", sig);
884 }
885 }
886
887 static
888 int set_worker_sighandlers(void)
889 {
890 int ret = 0;
891 sigset_t sigset;
892 struct sigaction sa;
893
894 if ((ret = sigemptyset(&sigset)) < 0) {
895 PERROR("sigemptyset");
896 goto end;
897 }
898
899 sa.sa_handler = worker_sighandler;
900 sa.sa_mask = sigset;
901 sa.sa_flags = 0;
902 if ((ret = sigaction(SIGINT, &sa, NULL)) < 0) {
903 PERROR("sigaction SIGINT");
904 goto end;
905 }
906
907 if ((ret = sigaction(SIGTERM, &sa, NULL)) < 0) {
908 PERROR("sigaction SIGTERM");
909 goto end;
910 }
911
912 DBG("run_as signal handler set for SIGTERM and SIGINT");
913 end:
914 return ret;
915 }
916
917 static
918 int run_as_create_worker_no_lock(const char *procname,
919 post_fork_cleanup_cb clean_up_func,
920 void *clean_up_user_data)
921 {
922 pid_t pid;
923 int i, ret = 0;
924 ssize_t readlen;
925 struct run_as_ret recvret;
926 struct run_as_worker *worker;
927
928 assert(!global_worker);
929 if (!use_clone()) {
930 /*
931 * Don't initialize a worker, all run_as tasks will be performed
932 * in the current process.
933 */
934 ret = 0;
935 goto end;
936 }
937 worker = zmalloc(sizeof(*worker));
938 if (!worker) {
939 ret = -ENOMEM;
940 goto end;
941 }
942 worker->procname = strdup(procname);
943 if (!worker->procname) {
944 ret = -ENOMEM;
945 goto error_procname_alloc;
946 }
947 /* Create unix socket. */
948 if (lttcomm_create_anon_unix_socketpair(worker->sockpair) < 0) {
949 ret = -1;
950 goto error_sock;
951 }
952
953 /* Fork worker. */
954 pid = fork();
955 if (pid < 0) {
956 PERROR("fork");
957 ret = -1;
958 goto error_fork;
959 } else if (pid == 0) {
960 /* Child */
961
962 reset_sighandler();
963
964 set_worker_sighandlers();
965 if (clean_up_func) {
966 if (clean_up_func(clean_up_user_data) < 0) {
967 ERR("Run-as post-fork clean-up failed, exiting.");
968 exit(EXIT_FAILURE);
969 }
970 }
971
972 /* Just close, no shutdown. */
973 if (close(worker->sockpair[0])) {
974 PERROR("close");
975 exit(EXIT_FAILURE);
976 }
977
978 /*
979 * Close all FDs aside from STDIN, STDOUT, STDERR and sockpair[1]
980 * Sockpair[1] is used as a control channel with the master
981 */
982 for (i = 3; i < sysconf(_SC_OPEN_MAX); i++) {
983 if (i != worker->sockpair[1]) {
984 (void) close(i);
985 }
986 }
987
988 worker->sockpair[0] = -1;
989 ret = run_as_worker(worker);
990 if (lttcomm_close_unix_sock(worker->sockpair[1])) {
991 PERROR("close");
992 ret = -1;
993 }
994 worker->sockpair[1] = -1;
995 free(worker->procname);
996 free(worker);
997 LOG(ret ? PRINT_ERR : PRINT_DBG, "run_as worker exiting (ret = %d)", ret);
998 exit(ret ? EXIT_FAILURE : EXIT_SUCCESS);
999 } else {
1000 /* Parent */
1001
1002 /* Just close, no shutdown. */
1003 if (close(worker->sockpair[1])) {
1004 PERROR("close");
1005 ret = -1;
1006 goto error_fork;
1007 }
1008 worker->sockpair[1] = -1;
1009 worker->pid = pid;
1010 /* Wait for worker to become ready. */
1011 readlen = lttcomm_recv_unix_sock(worker->sockpair[0],
1012 &recvret, sizeof(recvret));
1013 if (readlen < sizeof(recvret)) {
1014 ERR("readlen: %zd", readlen);
1015 PERROR("Error reading response from run_as at creation");
1016 ret = -1;
1017 goto error_fork;
1018 }
1019 global_worker = worker;
1020 }
1021 end:
1022 return ret;
1023
1024 /* Error handling. */
1025 error_fork:
1026 for (i = 0; i < 2; i++) {
1027 if (worker->sockpair[i] < 0) {
1028 continue;
1029 }
1030 if (lttcomm_close_unix_sock(worker->sockpair[i])) {
1031 PERROR("close");
1032 }
1033 worker->sockpair[i] = -1;
1034 }
1035 error_sock:
1036 free(worker->procname);
1037 error_procname_alloc:
1038 free(worker);
1039 return ret;
1040 }
1041
1042 static
1043 void run_as_destroy_worker_no_lock(void)
1044 {
1045 struct run_as_worker *worker = global_worker;
1046
1047 DBG("Destroying run_as worker");
1048 if (!worker) {
1049 return;
1050 }
1051 /* Close unix socket */
1052 DBG("Closing run_as worker socket");
1053 if (lttcomm_close_unix_sock(worker->sockpair[0])) {
1054 PERROR("close");
1055 }
1056 worker->sockpair[0] = -1;
1057 /* Wait for worker. */
1058 for (;;) {
1059 int status;
1060 pid_t wait_ret;
1061
1062 wait_ret = waitpid(worker->pid, &status, 0);
1063 if (wait_ret < 0) {
1064 if (errno == EINTR) {
1065 continue;
1066 }
1067 PERROR("waitpid");
1068 break;
1069 }
1070
1071 if (WIFEXITED(status)) {
1072 LOG(WEXITSTATUS(status) == 0 ? PRINT_DBG : PRINT_ERR,
1073 DEFAULT_RUN_AS_WORKER_NAME " terminated with status code %d",
1074 WEXITSTATUS(status));
1075 break;
1076 } else if (WIFSIGNALED(status)) {
1077 ERR(DEFAULT_RUN_AS_WORKER_NAME " was killed by signal %d",
1078 WTERMSIG(status));
1079 break;
1080 }
1081 }
1082 free(worker->procname);
1083 free(worker);
1084 global_worker = NULL;
1085 }
1086
1087 static
1088 int run_as_restart_worker(struct run_as_worker *worker)
1089 {
1090 int ret = 0;
1091 char *procname = NULL;
1092
1093 procname = worker->procname;
1094
1095 /* Close socket to run_as worker process and clean up the zombie process */
1096 run_as_destroy_worker_no_lock();
1097
1098 /* Create a new run_as worker process*/
1099 ret = run_as_create_worker_no_lock(procname, NULL, NULL);
1100 if (ret < 0 ) {
1101 ERR("Restarting the worker process failed");
1102 ret = -1;
1103 goto err;
1104 }
1105 err:
1106 return ret;
1107 }
1108
1109 static
1110 int run_as(enum run_as_cmd cmd, struct run_as_data *data,
1111 struct run_as_ret *ret_value, uid_t uid, gid_t gid)
1112 {
1113 int ret, saved_errno;
1114
1115 pthread_mutex_lock(&worker_lock);
1116 if (use_clone()) {
1117 DBG("Using run_as worker");
1118
1119 assert(global_worker);
1120
1121 ret = run_as_cmd(global_worker, cmd, data, ret_value, uid, gid);
1122 saved_errno = ret_value->_errno;
1123
1124 /*
1125 * If the worker thread crashed the errno is set to EIO. we log
1126 * the error and start a new worker process.
1127 */
1128 if (ret == -1 && saved_errno == EIO) {
1129 DBG("Socket closed unexpectedly... "
1130 "Restarting the worker process");
1131 ret = run_as_restart_worker(global_worker);
1132 if (ret == -1) {
1133 ERR("Failed to restart worker process.");
1134 goto err;
1135 }
1136 }
1137 } else {
1138 DBG("Using run_as without worker");
1139 ret = run_as_noworker(cmd, data, ret_value, uid, gid);
1140 }
1141 err:
1142 pthread_mutex_unlock(&worker_lock);
1143 return ret;
1144 }
1145
1146 LTTNG_HIDDEN
1147 int run_as_mkdir_recursive(const char *path, mode_t mode, uid_t uid, gid_t gid)
1148 {
1149 return run_as_mkdirat_recursive(AT_FDCWD, path, mode, uid, gid);
1150 }
1151
1152 LTTNG_HIDDEN
1153 int run_as_mkdirat_recursive(int dirfd, const char *path, mode_t mode,
1154 uid_t uid, gid_t gid)
1155 {
1156 int ret;
1157 struct run_as_data data;
1158 struct run_as_ret run_as_ret;
1159
1160 memset(&data, 0, sizeof(data));
1161 memset(&run_as_ret, 0, sizeof(run_as_ret));
1162 DBG3("mkdirat() recursive fd = %d%s, path = %s, mode = %d, uid = %d, gid = %d",
1163 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1164 path, (int) mode, (int) uid, (int) gid);
1165 ret = lttng_strncpy(data.u.mkdirat.path, path,
1166 sizeof(data.u.mkdirat.path));
1167 if (ret) {
1168 ERR("Failed to copy path argument of mkdirat recursive command");
1169 goto error;
1170 }
1171 data.u.mkdirat.path[PATH_MAX - 1] = '\0';
1172 data.u.mkdirat.mode = mode;
1173 data.fd = dirfd;
1174 run_as(dirfd == AT_FDCWD ? RUN_AS_MKDIR_RECURSIVE : RUN_AS_MKDIRAT_RECURSIVE,
1175 &data, &run_as_ret, uid, gid);
1176 errno = run_as_ret._errno;
1177 ret = run_as_ret.u.mkdirat.ret;
1178 error:
1179 return ret;
1180 }
1181
1182 LTTNG_HIDDEN
1183 int run_as_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid)
1184 {
1185 return run_as_mkdirat(AT_FDCWD, path, mode, uid, gid);
1186 }
1187
1188 LTTNG_HIDDEN
1189 int run_as_mkdirat(int dirfd, const char *path, mode_t mode,
1190 uid_t uid, gid_t gid)
1191 {
1192 int ret;
1193 struct run_as_data data;
1194 struct run_as_ret run_as_ret;
1195
1196 memset(&data, 0, sizeof(data));
1197 memset(&run_as_ret, 0, sizeof(run_as_ret));
1198
1199 DBG3("mkdirat() recursive fd = %d%s, path = %s, mode = %d, uid = %d, gid = %d",
1200 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1201 path, (int) mode, (int) uid, (int) gid);
1202 ret = lttng_strncpy(data.u.mkdirat.path, path,
1203 sizeof(data.u.mkdirat.path));
1204 if (ret) {
1205 ERR("Failed to copy path argument of mkdirat command");
1206 goto error;
1207 }
1208 data.u.mkdirat.path[PATH_MAX - 1] = '\0';
1209 data.u.mkdirat.mode = mode;
1210 data.fd = dirfd;
1211 run_as(dirfd == AT_FDCWD ? RUN_AS_MKDIR : RUN_AS_MKDIRAT,
1212 &data, &run_as_ret, uid, gid);
1213 errno = run_as_ret._errno;
1214 ret = run_as_ret._errno;
1215 error:
1216 return ret;
1217 }
1218
1219 LTTNG_HIDDEN
1220 int run_as_open(const char *path, int flags, mode_t mode, uid_t uid,
1221 gid_t gid)
1222 {
1223 return run_as_openat(AT_FDCWD, path, flags, mode, uid, gid);
1224 }
1225
1226 LTTNG_HIDDEN
1227 int run_as_openat(int dirfd, const char *path, int flags, mode_t mode,
1228 uid_t uid, gid_t gid)
1229 {
1230 struct run_as_data data;
1231 struct run_as_ret ret;
1232
1233 memset(&data, 0, sizeof(data));
1234 memset(&ret, 0, sizeof(ret));
1235
1236 DBG3("openat() fd = %d%s, path = %s, flags = %X, mode = %d, uid %d, gid %d",
1237 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1238 path, flags, (int) mode, (int) uid, (int) gid);
1239 strncpy(data.u.open.path, path, PATH_MAX - 1);
1240 data.u.open.path[PATH_MAX - 1] = '\0';
1241 data.u.open.flags = flags;
1242 data.u.open.mode = mode;
1243 data.fd = dirfd;
1244 run_as(dirfd == AT_FDCWD ? RUN_AS_OPEN : RUN_AS_OPENAT,
1245 &data, &ret, uid, gid);
1246 errno = ret._errno;
1247 ret.u.open.ret = ret.fd;
1248 return ret.u.open.ret;
1249 }
1250
1251 LTTNG_HIDDEN
1252 int run_as_unlink(const char *path, uid_t uid, gid_t gid)
1253 {
1254 return run_as_unlinkat(AT_FDCWD, path, uid, gid);
1255 }
1256
1257 LTTNG_HIDDEN
1258 int run_as_unlinkat(int dirfd, const char *path, uid_t uid, gid_t gid)
1259 {
1260 struct run_as_data data;
1261 struct run_as_ret ret;
1262
1263 memset(&data, 0, sizeof(data));
1264 memset(&ret, 0, sizeof(ret));
1265
1266 DBG3("unlinkat() fd = %d%s, path = %s, uid = %d, gid = %d",
1267 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1268 path, (int) uid, (int) gid);
1269 strncpy(data.u.unlink.path, path, PATH_MAX - 1);
1270 data.u.unlink.path[PATH_MAX - 1] = '\0';
1271 data.fd = dirfd;
1272 run_as(RUN_AS_UNLINK, &data, &ret, uid, gid);
1273 errno = ret._errno;
1274 return ret.u.unlink.ret;
1275 }
1276
1277 LTTNG_HIDDEN
1278 int run_as_rmdir_recursive(const char *path, uid_t uid, gid_t gid)
1279 {
1280 struct run_as_data data;
1281 struct run_as_ret ret;
1282
1283 memset(&data, 0, sizeof(data));
1284 memset(&ret, 0, sizeof(ret));
1285
1286 DBG3("rmdir_recursive() %s with for uid %d and gid %d",
1287 path, (int) uid, (int) gid);
1288 strncpy(data.u.rmdir_recursive.path, path, PATH_MAX - 1);
1289 data.u.rmdir_recursive.path[PATH_MAX - 1] = '\0';
1290 run_as(RUN_AS_RMDIR_RECURSIVE, &data, &ret, uid, gid);
1291 errno = ret._errno;
1292 return ret.u.rmdir_recursive.ret;
1293 }
1294
1295 LTTNG_HIDDEN
1296 int run_as_extract_elf_symbol_offset(int fd, const char* function,
1297 uid_t uid, gid_t gid, uint64_t *offset)
1298 {
1299 struct run_as_data data;
1300 struct run_as_ret ret;
1301
1302 memset(&data, 0, sizeof(data));
1303 memset(&ret, 0, sizeof(ret));
1304
1305 DBG3("extract_elf_symbol_offset() on fd=%d and function=%s "
1306 "with for uid %d and gid %d", fd, function, (int) uid, (int) gid);
1307
1308 data.fd = fd;
1309
1310 strncpy(data.u.extract_elf_symbol_offset.function, function, LTTNG_SYMBOL_NAME_LEN - 1);
1311
1312 data.u.extract_elf_symbol_offset.function[LTTNG_SYMBOL_NAME_LEN - 1] = '\0';
1313
1314 run_as(RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET, &data, &ret, uid, gid);
1315
1316 errno = ret._errno;
1317
1318 if (ret._error) {
1319 return -1;
1320 }
1321
1322 *offset = ret.u.extract_elf_symbol_offset.offset;
1323 return 0;
1324 }
1325
1326 LTTNG_HIDDEN
1327 int run_as_extract_sdt_probe_offsets(int fd, const char* provider_name,
1328 const char* probe_name, uid_t uid, gid_t gid,
1329 uint64_t **offsets, uint32_t *num_offset)
1330 {
1331 struct run_as_data data;
1332 struct run_as_ret ret;
1333
1334 memset(&data, 0, sizeof(data));
1335 memset(&ret, 0, sizeof(ret));
1336
1337 DBG3("extract_sdt_probe_offsets() on fd=%d, probe_name=%s and "
1338 "provider_name=%s with for uid %d and gid %d", fd, probe_name,
1339 provider_name, (int) uid, (int) gid);
1340
1341 data.fd = fd;
1342
1343 strncpy(data.u.extract_sdt_probe_offsets.probe_name, probe_name, LTTNG_SYMBOL_NAME_LEN - 1);
1344 strncpy(data.u.extract_sdt_probe_offsets.provider_name, provider_name, LTTNG_SYMBOL_NAME_LEN - 1);
1345
1346 data.u.extract_sdt_probe_offsets.probe_name[LTTNG_SYMBOL_NAME_LEN - 1] = '\0';
1347 data.u.extract_sdt_probe_offsets.provider_name[LTTNG_SYMBOL_NAME_LEN - 1] = '\0';
1348
1349 run_as(RUN_AS_EXTRACT_SDT_PROBE_OFFSETS, &data, &ret, uid, gid);
1350
1351 errno = ret._errno;
1352
1353 if (ret._error) {
1354 return -1;
1355 }
1356
1357 *num_offset = ret.u.extract_sdt_probe_offsets.num_offset;
1358
1359 *offsets = zmalloc(*num_offset * sizeof(uint64_t));
1360 if (!*offsets) {
1361 return -ENOMEM;
1362 }
1363
1364 memcpy(*offsets, ret.u.extract_sdt_probe_offsets.offsets, *num_offset * sizeof(uint64_t));
1365 return 0;
1366 }
1367
1368 LTTNG_HIDDEN
1369 int run_as_create_worker(const char *procname,
1370 post_fork_cleanup_cb clean_up_func,
1371 void *clean_up_user_data)
1372 {
1373 int ret;
1374
1375 pthread_mutex_lock(&worker_lock);
1376 ret = run_as_create_worker_no_lock(procname, clean_up_func,
1377 clean_up_user_data);
1378 pthread_mutex_unlock(&worker_lock);
1379 return ret;
1380 }
1381
1382 LTTNG_HIDDEN
1383 void run_as_destroy_worker(void)
1384 {
1385 pthread_mutex_lock(&worker_lock);
1386 run_as_destroy_worker_no_lock();
1387 pthread_mutex_unlock(&worker_lock);
1388 }
LTTng tools - Deliverables
This page took 0.093335 seconds and 5 git commands to generate.