Fix: worker structure is leaked in run_as process
[deliverable/lttng-tools.git] / src / common / runas.c
CommitLineData
60b6c79c
MD
1/*
2 * Copyright (C) 2011 - David Goulet <david.goulet@polymtl.ca>
3 * Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
4 *
d14d33bf
AM
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License, version 2 only,
7 * as published by the Free Software Foundation.
60b6c79c
MD
8 *
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
d14d33bf 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
60b6c79c
MD
12 * more details.
13 *
d14d33bf
AM
14 * You should have received a copy of the GNU General Public License along
15 * with this program; if not, write to the Free Software Foundation, Inc.,
16 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
60b6c79c
MD
17 */
18
6c1c0768 19#define _LGPL_SOURCE
60b6c79c
MD
20#include <errno.h>
21#include <limits.h>
22#include <stdio.h>
23#include <stdlib.h>
24#include <string.h>
25#include <sys/wait.h>
26#include <sys/types.h>
27#include <sys/stat.h>
28#include <unistd.h>
29#include <fcntl.h>
c2b75c49 30#include <sched.h>
0452bf08 31#include <signal.h>
749b7a0c 32#include <assert.h>
e1055edb 33#include <signal.h>
60b6c79c 34
0ef03255 35#include <common/lttng-kernel.h>
90e535ef 36#include <common/common.h>
3fd15a74 37#include <common/utils.h>
e8fa9fb0 38#include <common/compat/getenv.h>
e1055edb 39#include <common/compat/prctl.h>
2038dd6c
JG
40#include <common/unix.h>
41#include <common/defaults.h>
241e0a5a
FD
42#include <common/lttng-elf.h>
43
44#include <lttng/constant.h>
60b6c79c 45
0857097f
DG
46#include "runas.h"
47
7567352f 48struct run_as_data;
fe9f7760
FD
49struct run_as_ret;
50typedef int (*run_as_fct)(struct run_as_data *data, struct run_as_ret *ret_value);
c2b75c49 51
e11d277b 52struct run_as_mkdir_data {
7567352f 53 char path[PATH_MAX];
60b6c79c
MD
54 mode_t mode;
55};
56
e11d277b 57struct run_as_open_data {
7567352f 58 char path[PATH_MAX];
60b6c79c
MD
59 int flags;
60 mode_t mode;
61};
62
4628484a 63struct run_as_unlink_data {
7567352f 64 char path[PATH_MAX];
4628484a
MD
65};
66
7567352f
MD
67struct run_as_rmdir_recursive_data {
68 char path[PATH_MAX];
69};
70
241e0a5a
FD
71struct run_as_extract_elf_symbol_offset_data {
72 char function[LTTNG_SYMBOL_NAME_LEN];
73};
74
0ef03255
FD
75struct run_as_extract_sdt_probe_offsets_data {
76 char probe_name[LTTNG_SYMBOL_NAME_LEN];
77 char provider_name[LTTNG_SYMBOL_NAME_LEN];
78};
79
fe9f7760
FD
80struct run_as_mkdir_ret {
81 int ret;
82};
83
84struct run_as_open_ret {
85 int ret;
86};
87
88struct run_as_unlink_ret {
89 int ret;
90};
91
92struct run_as_rmdir_recursive_ret {
93 int ret;
94};
95
241e0a5a
FD
96struct run_as_extract_elf_symbol_offset_ret {
97 uint64_t offset;
98};
99
0ef03255
FD
100struct run_as_extract_sdt_probe_offsets_ret {
101 uint32_t num_offset;
102 uint64_t offsets[LTTNG_KERNEL_MAX_UPROBE_NUM];
103};
104
7567352f
MD
105enum run_as_cmd {
106 RUN_AS_MKDIR,
107 RUN_AS_OPEN,
108 RUN_AS_UNLINK,
109 RUN_AS_RMDIR_RECURSIVE,
110 RUN_AS_MKDIR_RECURSIVE,
241e0a5a 111 RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET,
0ef03255 112 RUN_AS_EXTRACT_SDT_PROBE_OFFSETS,
7567352f
MD
113};
114
115struct run_as_data {
116 enum run_as_cmd cmd;
fe9f7760 117 int fd;
7567352f
MD
118 union {
119 struct run_as_mkdir_data mkdir;
120 struct run_as_open_data open;
121 struct run_as_unlink_data unlink;
122 struct run_as_rmdir_recursive_data rmdir_recursive;
241e0a5a 123 struct run_as_extract_elf_symbol_offset_data extract_elf_symbol_offset;
0ef03255 124 struct run_as_extract_sdt_probe_offsets_data extract_sdt_probe_offsets;
7567352f
MD
125 } u;
126 uid_t uid;
127 gid_t gid;
4628484a
MD
128};
129
fe9f7760
FD
130/*
131 * The run_as_ret structure holds the returned value and status of the command.
132 *
133 * The `u` union field holds the return value of the command; in most cases it
134 * represents the success or the failure of the command. In more complex
135 * commands, it holds a computed value.
136 *
137 * The _errno field is the errno recorded after the execution of the command.
138 *
139 * The _error fields is used the signify that return status of the command. For
140 * simple commands returning `int` the _error field will be the same as the
141 * ret_int field. In complex commands, it signify the success or failure of the
142 * command.
143 *
144 */
df5b86c8 145struct run_as_ret {
fe9f7760
FD
146 int fd;
147 union {
148 struct run_as_mkdir_ret mkdir;
149 struct run_as_open_ret open;
150 struct run_as_unlink_ret unlink;
151 struct run_as_rmdir_recursive_ret rmdir_recursive;
241e0a5a 152 struct run_as_extract_elf_symbol_offset_ret extract_elf_symbol_offset;
0ef03255 153 struct run_as_extract_sdt_probe_offsets_ret extract_sdt_probe_offsets;
fe9f7760 154 } u;
df5b86c8 155 int _errno;
fe9f7760 156 bool _error;
df5b86c8
MD
157};
158
7567352f
MD
159struct run_as_worker {
160 pid_t pid; /* Worker PID. */
161 int sockpair[2];
162 char *procname;
163};
164
165/* Single global worker per process (for now). */
166static struct run_as_worker *global_worker;
167/* Lock protecting the worker. */
168static pthread_mutex_t worker_lock = PTHREAD_MUTEX_INITIALIZER;
169
8f0044bf
MD
170#ifdef VALGRIND
171static
172int use_clone(void)
173{
174 return 0;
175}
176#else
177static
178int use_clone(void)
179{
e8fa9fb0 180 return !lttng_secure_getenv("LTTNG_DEBUG_NOCLONE");
8f0044bf
MD
181}
182#endif
183
d77dded2
JG
184LTTNG_HIDDEN
185int _utils_mkdir_recursive_unsafe(const char *path, mode_t mode);
186
60b6c79c
MD
187/*
188 * Create recursively directory using the FULL path.
189 */
190static
fe9f7760 191int _mkdir_recursive(struct run_as_data *data, struct run_as_ret *ret_value)
60b6c79c 192{
60b6c79c 193 const char *path;
60b6c79c 194 mode_t mode;
60b6c79c 195
7567352f
MD
196 path = data->u.mkdir.path;
197 mode = data->u.mkdir.mode;
60b6c79c 198
d77dded2 199 /* Safe to call as we have transitioned to the requested uid/gid. */
fe9f7760
FD
200 ret_value->u.mkdir.ret = _utils_mkdir_recursive_unsafe(path, mode);
201 ret_value->_errno = errno;
202 ret_value->_error = (ret_value->u.mkdir.ret) ? true : false;
203 return ret_value->u.mkdir.ret;
60b6c79c
MD
204}
205
206static
fe9f7760 207int _mkdir(struct run_as_data *data, struct run_as_ret *ret_value)
60b6c79c 208{
fe9f7760
FD
209 ret_value->u.mkdir.ret = mkdir(data->u.mkdir.path, data->u.mkdir.mode);
210 ret_value->_errno = errno;
211 ret_value->_error = (ret_value->u.mkdir.ret) ? true : false;
212 return ret_value->u.mkdir.ret;
7567352f 213}
7ce36756 214
7567352f 215static
fe9f7760 216int _open(struct run_as_data *data, struct run_as_ret *ret_value)
7567352f 217{
fe9f7760
FD
218 ret_value->u.open.ret = open(data->u.open.path, data->u.open.flags, data->u.open.mode);
219 ret_value->fd = ret_value->u.open.ret;
220 ret_value->_errno = errno;
7da8e14c 221 ret_value->_error = ret_value->u.open.ret < 0;
fe9f7760 222 return ret_value->u.open.ret;
7567352f
MD
223}
224
225static
fe9f7760 226int _unlink(struct run_as_data *data, struct run_as_ret *ret_value)
7567352f 227{
fe9f7760
FD
228 ret_value->u.unlink.ret = unlink(data->u.unlink.path);
229 ret_value->_errno = errno;
230 ret_value->_error = (ret_value->u.unlink.ret) ? true : false;
231 return ret_value->u.unlink.ret;
60b6c79c
MD
232}
233
234static
fe9f7760 235int _rmdir_recursive(struct run_as_data *data, struct run_as_ret *ret_value)
60b6c79c 236{
fe9f7760
FD
237 ret_value->u.rmdir_recursive.ret = utils_recursive_rmdir(data->u.rmdir_recursive.path);
238 ret_value->_errno = errno;
239 ret_value->_error = (ret_value->u.rmdir_recursive.ret) ? true : false;
240 return ret_value->u.rmdir_recursive.ret;
7567352f 241}
df5b86c8 242
241e0a5a
FD
243static
244int _extract_elf_symbol_offset(struct run_as_data *data,
245 struct run_as_ret *ret_value)
246{
247 int ret = 0;
248 ret_value->_error = false;
249
250 ret = lttng_elf_get_symbol_offset(data->fd,
251 data->u.extract_elf_symbol_offset.function,
252 &ret_value->u.extract_elf_symbol_offset.offset);
253 if (ret) {
254 DBG("Failed to extract ELF function offset");
255 ret_value->_error = true;
256 }
257
258 return ret;
259}
260
0ef03255
FD
261static
262int _extract_sdt_probe_offsets(struct run_as_data *data,
263 struct run_as_ret *ret_value)
264{
265 int ret = 0;
266 uint64_t *offsets = NULL;
267 uint32_t num_offset;
268
269 ret_value->_error = false;
270
271 /* On success, this call allocates the offsets paramater. */
272 ret = lttng_elf_get_sdt_probe_offsets(data->fd,
273 data->u.extract_sdt_probe_offsets.provider_name,
274 data->u.extract_sdt_probe_offsets.probe_name,
275 &offsets, &num_offset);
276
277 if (ret) {
278 DBG("Failed to extract SDT probe offsets");
279 ret_value->_error = true;
280 goto end;
281 }
282
283 if (num_offset <= 0 || num_offset > LTTNG_KERNEL_MAX_UPROBE_NUM) {
284 DBG("Wrong number of probes.");
285 ret = -1;
286 ret_value->_error = true;
287 goto free_offset;
288 }
289
290 /* Copy the content of the offsets array to the ret struct. */
291 memcpy(ret_value->u.extract_sdt_probe_offsets.offsets,
292 offsets, num_offset * sizeof(uint64_t));
293
294 ret_value->u.extract_sdt_probe_offsets.num_offset = num_offset;
295
296free_offset:
297 free(offsets);
298end:
299 return ret;
300}
241e0a5a 301
7567352f
MD
302static
303run_as_fct run_as_enum_to_fct(enum run_as_cmd cmd)
304{
305 switch (cmd) {
306 case RUN_AS_MKDIR:
307 return _mkdir;
308 case RUN_AS_OPEN:
309 return _open;
310 case RUN_AS_UNLINK:
311 return _unlink;
312 case RUN_AS_RMDIR_RECURSIVE:
313 return _rmdir_recursive;
314 case RUN_AS_MKDIR_RECURSIVE:
315 return _mkdir_recursive;
241e0a5a
FD
316 case RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET:
317 return _extract_elf_symbol_offset;
0ef03255
FD
318 case RUN_AS_EXTRACT_SDT_PROBE_OFFSETS:
319 return _extract_sdt_probe_offsets;
7567352f 320 default:
62a7b8ed 321 ERR("Unknown command %d", (int) cmd);
7567352f
MD
322 return NULL;
323 }
60b6c79c
MD
324}
325
4628484a 326static
fe9f7760 327int do_send_fd(int sock, int fd)
4628484a 328{
7567352f 329 ssize_t len;
4628484a 330
7567352f 331 if (fd < 0) {
ca9eb994
JG
332 ERR("Attempt to send invalid file descriptor to master (fd = %i)", fd);
333 /* Return 0 as this is not a fatal error. */
7567352f
MD
334 return 0;
335 }
fe9f7760
FD
336
337 len = lttcomm_send_fds_unix_sock(sock, &fd, 1);
7567352f
MD
338 if (len < 0) {
339 PERROR("lttcomm_send_fds_unix_sock");
340 return -1;
341 }
7567352f 342 return 0;
4628484a
MD
343}
344
345static
fe9f7760 346int do_recv_fd(int sock, int *fd)
4628484a 347{
7567352f 348 ssize_t len;
4628484a 349
fe9f7760
FD
350 len = lttcomm_recv_fds_unix_sock(sock, fd, 1);
351
da9ee832
JG
352 if (!len) {
353 return -1;
354 } else if (len < 0) {
7567352f
MD
355 PERROR("lttcomm_recv_fds_unix_sock");
356 return -1;
357 }
ca9eb994
JG
358 if (*fd < 0) {
359 ERR("Invalid file descriptor received from worker (fd = %i)", *fd);
360 /* Return 0 as this is not a fatal error. */
361 return 0;
362 }
363
7567352f 364 return 0;
4628484a
MD
365}
366
fe9f7760
FD
367static
368int send_fd_to_worker(struct run_as_worker *worker, enum run_as_cmd cmd, int fd)
369{
370 int ret = 0;
371
372 switch (cmd) {
241e0a5a 373 case RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET:
0ef03255 374 case RUN_AS_EXTRACT_SDT_PROBE_OFFSETS:
241e0a5a 375 break;
fe9f7760
FD
376 default:
377 return 0;
378 }
379
ca9eb994
JG
380 if (fd < 0) {
381 ERR("Refusing to send invalid fd to worker (fd = %i)", fd);
382 return -1;
383 }
384
fe9f7760
FD
385 ret = do_send_fd(worker->sockpair[0], fd);
386 if (ret < 0) {
387 PERROR("do_send_fd");
388 ret = -1;
389 }
390
391 return ret;
392}
393
394static
395int send_fd_to_master(struct run_as_worker *worker, enum run_as_cmd cmd, int fd)
396{
397 int ret = 0, ret_close = 0;
398
399 switch (cmd) {
400 case RUN_AS_OPEN:
401 break;
402 default:
403 return 0;
404 }
405
ca9eb994
JG
406 if (fd < 0) {
407 DBG("Not sending file descriptor to master as it is invalid (fd = %i)", fd);
408 return 0;
409 }
fe9f7760
FD
410 ret = do_send_fd(worker->sockpair[1], fd);
411 if (ret < 0) {
412 PERROR("do_send_fd error");
413 ret = -1;
414 }
415
416 ret_close = close(fd);
417 if (ret_close < 0) {
418 PERROR("close");
419 }
ca9eb994 420
fe9f7760
FD
421 return ret;
422}
423
424static
425int recv_fd_from_worker(struct run_as_worker *worker, enum run_as_cmd cmd, int *fd)
426{
427 int ret = 0;
428
429 switch (cmd) {
430 case RUN_AS_OPEN:
431 break;
432 default:
433 return 0;
434 }
435
436 ret = do_recv_fd(worker->sockpair[0], fd);
437 if (ret < 0) {
438 PERROR("do_recv_fd error");
439 ret = -1;
440 }
441
442 return ret;
443}
444
445static
446int recv_fd_from_master(struct run_as_worker *worker, enum run_as_cmd cmd, int *fd)
447{
448 int ret = 0;
449
450 switch (cmd) {
241e0a5a 451 case RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET:
0ef03255 452 case RUN_AS_EXTRACT_SDT_PROBE_OFFSETS:
241e0a5a 453 break;
fe9f7760
FD
454 default:
455 return 0;
456 }
457
458 ret = do_recv_fd(worker->sockpair[1], fd);
459 if (ret < 0) {
460 PERROR("do_recv_fd error");
461 ret = -1;
462 }
463
464 return ret;
465}
466
467static
468int cleanup_received_fd(enum run_as_cmd cmd, int fd)
469{
470 int ret = 0;
471
472 switch (cmd) {
241e0a5a 473 case RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET:
0ef03255 474 case RUN_AS_EXTRACT_SDT_PROBE_OFFSETS:
241e0a5a 475 break;
fe9f7760
FD
476 default:
477 return 0;
478 }
479
9abb7e4a
JG
480 if (fd < 0) {
481 return 0;
482 }
fe9f7760
FD
483 ret = close(fd);
484 if (ret < 0) {
485 PERROR("close error");
486 ret = -1;
487 }
488
489 return ret;
490}
0ef03255 491
7567352f
MD
492/*
493 * Return < 0 on error, 0 if OK, 1 on hangup.
494 */
c2b75c49 495static
7567352f 496int handle_one_cmd(struct run_as_worker *worker)
c2b75c49 497{
7567352f
MD
498 int ret = 0;
499 struct run_as_data data;
500 ssize_t readlen, writelen;
df5b86c8 501 struct run_as_ret sendret;
7567352f
MD
502 run_as_fct cmd;
503 uid_t prev_euid;
504
ee5fcf1d
JG
505 memset(&sendret, 0, sizeof(sendret));
506 sendret.fd = -1;
507
fe9f7760
FD
508 /*
509 * Stage 1: Receive run_as_data struct from the master.
510 * The structure contains the command type and all the parameters needed for
511 * its execution
512 */
7567352f
MD
513 readlen = lttcomm_recv_unix_sock(worker->sockpair[1], &data,
514 sizeof(data));
515 if (readlen == 0) {
516 /* hang up */
517 ret = 1;
518 goto end;
519 }
520 if (readlen < sizeof(data)) {
521 PERROR("lttcomm_recv_unix_sock error");
522 ret = -1;
523 goto end;
524 }
c2b75c49 525
7567352f
MD
526 cmd = run_as_enum_to_fct(data.cmd);
527 if (!cmd) {
528 ret = -1;
529 goto end;
530 }
531
fe9f7760
FD
532 /*
533 * Stage 2: Receive file descriptor from master.
534 * Some commands need a file descriptor as input so if it's needed we
535 * receive the fd using the Unix socket.
536 */
537 ret = recv_fd_from_master(worker, data.cmd, &data.fd);
538 if (ret < 0) {
539 PERROR("recv_fd_from_master error");
540 ret = -1;
541 goto end;
542 }
543
7567352f
MD
544 prev_euid = getuid();
545 if (data.gid != getegid()) {
546 ret = setegid(data.gid);
1576d582 547 if (ret < 0) {
561f5f2c
JG
548 sendret._error = true;
549 sendret._errno = errno;
4c462e79 550 PERROR("setegid");
6d73c4ef 551 goto write_return;
1576d582 552 }
c2b75c49 553 }
7567352f
MD
554 if (data.uid != prev_euid) {
555 ret = seteuid(data.uid);
1576d582 556 if (ret < 0) {
561f5f2c
JG
557 sendret._error = true;
558 sendret._errno = errno;
4c462e79 559 PERROR("seteuid");
6d73c4ef 560 goto write_return;
1576d582 561 }
c2b75c49 562 }
fe9f7760 563
c2b75c49
MD
564 /*
565 * Also set umask to 0 for mkdir executable bit.
566 */
567 umask(0);
fe9f7760
FD
568
569 /*
570 * Stage 3: Execute the command
571 */
572 ret = (*cmd)(&data, &sendret);
573 if (ret < 0) {
574 DBG("Execution of command returned an error");
575 }
6d73c4ef
MD
576
577write_return:
fe9f7760
FD
578 ret = cleanup_received_fd(data.cmd, data.fd);
579 if (ret < 0) {
580 ERR("Error cleaning up FD");
581 goto end;
582 }
583
584 /*
585 * Stage 4: Send run_as_ret structure to the master.
586 * This structure contain the return value of the command and the errno.
587 */
7567352f
MD
588 writelen = lttcomm_send_unix_sock(worker->sockpair[1], &sendret,
589 sizeof(sendret));
6cd525e8 590 if (writelen < sizeof(sendret)) {
7567352f
MD
591 PERROR("lttcomm_send_unix_sock error");
592 ret = -1;
593 goto end;
594 }
fe9f7760
FD
595
596 /*
597 * Stage 5: Send file descriptor to the master
598 * Some commands return a file descriptor so if it's needed we pass it back
599 * to the master using the Unix socket.
600 */
601 ret = send_fd_to_master(worker, data.cmd, sendret.fd);
602 if (ret < 0) {
603 DBG("Sending FD to master returned an error");
7567352f
MD
604 goto end;
605 }
fe9f7760 606
7567352f
MD
607 if (seteuid(prev_euid) < 0) {
608 PERROR("seteuid");
609 ret = -1;
610 goto end;
611 }
612 ret = 0;
613end:
614 return ret;
615}
616
617static
618int run_as_worker(struct run_as_worker *worker)
619{
620 int ret;
621 ssize_t writelen;
622 struct run_as_ret sendret;
623 size_t proc_orig_len;
624
625 /*
626 * Initialize worker. Set a different process cmdline.
627 */
628 proc_orig_len = strlen(worker->procname);
629 memset(worker->procname, 0, proc_orig_len);
630 strncpy(worker->procname, DEFAULT_RUN_AS_WORKER_NAME, proc_orig_len);
631
e1055edb
JG
632 ret = lttng_prctl(PR_SET_NAME,
633 (unsigned long) DEFAULT_RUN_AS_WORKER_NAME, 0, 0, 0);
634 if (ret && ret != -ENOSYS) {
b8090274
JG
635 /* Don't fail as this is not essential. */
636 PERROR("prctl PR_SET_NAME");
6cd525e8 637 }
7567352f 638
fe9f7760
FD
639 memset(&sendret, 0, sizeof(sendret));
640
7567352f
MD
641 writelen = lttcomm_send_unix_sock(worker->sockpair[1], &sendret,
642 sizeof(sendret));
643 if (writelen < sizeof(sendret)) {
644 PERROR("lttcomm_send_unix_sock error");
645 ret = EXIT_FAILURE;
646 goto end;
647 }
648
649 for (;;) {
650 ret = handle_one_cmd(worker);
651 if (ret < 0) {
652 ret = EXIT_FAILURE;
653 goto end;
654 } else if (ret > 0) {
655 break;
656 } else {
657 continue; /* Next command. */
658 }
659 }
660 ret = EXIT_SUCCESS;
661end:
662 return ret;
c2b75c49
MD
663}
664
60b6c79c 665static
7567352f
MD
666int run_as_cmd(struct run_as_worker *worker,
667 enum run_as_cmd cmd,
668 struct run_as_data *data,
fe9f7760 669 struct run_as_ret *ret_value,
7567352f 670 uid_t uid, gid_t gid)
60b6c79c 671{
fe9f7760 672 int ret = 0;
7567352f 673 ssize_t readlen, writelen;
60b6c79c
MD
674
675 /*
676 * If we are non-root, we can only deal with our own uid.
677 */
678 if (geteuid() != 0) {
679 if (uid != geteuid()) {
fe9f7760
FD
680 ret = -1;
681 ret_value->_errno = EPERM;
60b6c79c 682 ERR("Client (%d)/Server (%d) UID mismatch (and sessiond is not root)",
08797918 683 (int) uid, (int) geteuid());
df5b86c8 684 goto end;
60b6c79c 685 }
60b6c79c
MD
686 }
687
7567352f
MD
688 data->cmd = cmd;
689 data->uid = uid;
690 data->gid = gid;
691
fe9f7760
FD
692 /*
693 * Stage 1: Send the run_as_data struct to the worker process
694 */
7567352f
MD
695 writelen = lttcomm_send_unix_sock(worker->sockpair[0], data,
696 sizeof(*data));
697 if (writelen < sizeof(*data)) {
698 PERROR("Error writing message to run_as");
fe9f7760
FD
699 ret = -1;
700 ret_value->_errno = EIO;
60b6c79c 701 goto end;
c2b75c49 702 }
7567352f 703
fe9f7760
FD
704 /*
705 * Stage 2: Send file descriptor to the worker process if needed
706 */
707 ret = send_fd_to_worker(worker, data->cmd, data->fd);
708 if (ret) {
709 PERROR("do_send_fd error");
710 ret = -1;
711 ret_value->_errno = EIO;
712 goto end;
713 }
714
715 /*
716 * Stage 3: Wait for the execution of the command
717 */
718
719 /*
720 * Stage 4: Receive the run_as_ret struct containing the return value and
721 * errno
722 */
723 readlen = lttcomm_recv_unix_sock(worker->sockpair[0], ret_value,
724 sizeof(*ret_value));
da9ee832
JG
725 if (!readlen) {
726 ERR("Run-as worker has hung-up during run_as_cmd");
fe9f7760
FD
727 ret = -1;
728 ret_value->_errno = EIO;
da9ee832 729 goto end;
fe9f7760 730 } else if (readlen < sizeof(*ret_value)) {
7567352f 731 PERROR("Error reading response from run_as");
fe9f7760
FD
732 ret = -1;
733 ret_value->_errno = errno;
033b58a7 734 goto end;
6cd525e8 735 }
fe9f7760 736
ca9eb994
JG
737 if (ret_value->_error) {
738 /* Skip stage 5 on error as there will be no fd to receive. */
739 goto end;
740 }
741
fe9f7760
FD
742 /*
743 * Stage 5: Receive file descriptor if needed
744 */
745 ret = recv_fd_from_worker(worker, data->cmd, &ret_value->fd);
746 if (ret < 0) {
747 ERR("Error receiving fd");
748 ret = -1;
749 ret_value->_errno = EIO;
4c462e79 750 }
7567352f 751
60b6c79c 752end:
fe9f7760 753 return ret;
60b6c79c
MD
754}
755
2d85a600 756/*
7567352f 757 * This is for debugging ONLY and should not be considered secure.
2d85a600
MD
758 */
759static
fe9f7760
FD
760int run_as_noworker(enum run_as_cmd cmd,
761 struct run_as_data *data, struct run_as_ret *ret_value,
762 uid_t uid, gid_t gid)
2d85a600 763{
df5b86c8 764 int ret, saved_errno;
5b73926f 765 mode_t old_mask;
7567352f 766 run_as_fct fct;
5b73926f 767
7567352f
MD
768 fct = run_as_enum_to_fct(cmd);
769 if (!fct) {
770 errno = -ENOSYS;
771 ret = -1;
772 goto end;
773 }
5b73926f 774 old_mask = umask(0);
fe9f7760
FD
775 ret = fct(data, ret_value);
776 saved_errno = ret_value->_errno;
5b73926f 777 umask(old_mask);
df5b86c8 778 errno = saved_errno;
7567352f 779end:
5b73926f 780 return ret;
2d85a600
MD
781}
782
8fec83ea
JG
783static
784int reset_sighandler(void)
785{
786 int sig;
787
788 DBG("Resetting run_as worker signal handlers to default");
789 for (sig = 1; sig <= 31; sig++) {
790 (void) signal(sig, SIG_DFL);
791 }
792 return 0;
793}
794
795static
796void worker_sighandler(int sig)
797{
798 const char *signame;
799
800 /*
801 * The worker will inherit its parent's signals since they are part of
802 * the same process group. However, in the case of SIGINT and SIGTERM,
803 * we want to give the worker a chance to teardown gracefully when its
804 * parent closes the command socket.
805 */
806 switch (sig) {
807 case SIGINT:
808 signame = "SIGINT";
809 break;
810 case SIGTERM:
811 signame = "SIGTERM";
812 break;
813 default:
814 signame = NULL;
815 }
816
817 if (signame) {
818 DBG("run_as worker received signal %s", signame);
819 } else {
820 DBG("run_as_worker received signal %d", sig);
821 }
822}
823
824static
825int set_worker_sighandlers(void)
826{
827 int ret = 0;
828 sigset_t sigset;
829 struct sigaction sa;
830
831 if ((ret = sigemptyset(&sigset)) < 0) {
832 PERROR("sigemptyset");
833 goto end;
834 }
835
836 sa.sa_handler = worker_sighandler;
837 sa.sa_mask = sigset;
838 sa.sa_flags = 0;
839 if ((ret = sigaction(SIGINT, &sa, NULL)) < 0) {
840 PERROR("sigaction SIGINT");
841 goto end;
842 }
843
844 if ((ret = sigaction(SIGTERM, &sa, NULL)) < 0) {
845 PERROR("sigaction SIGTERM");
846 goto end;
847 }
848
849 DBG("run_as signal handler set for SIGTERM and SIGINT");
850end:
851 return ret;
852}
853
854static
855int run_as_create_worker_no_lock(const char *procname)
856{
857 pid_t pid;
858 int i, ret = 0;
859 ssize_t readlen;
860 struct run_as_ret recvret;
861 struct run_as_worker *worker;
862
863 assert(!global_worker);
864 if (!use_clone()) {
865 /*
866 * Don't initialize a worker, all run_as tasks will be performed
867 * in the current process.
868 */
869 ret = 0;
870 goto end;
871 }
872 worker = zmalloc(sizeof(*worker));
873 if (!worker) {
874 ret = -ENOMEM;
875 goto end;
876 }
877 worker->procname = strdup(procname);
878 if (!worker->procname) {
879 ret = -ENOMEM;
8c96eded 880 goto error_procname_alloc;
8fec83ea
JG
881 }
882 /* Create unix socket. */
883 if (lttcomm_create_anon_unix_socketpair(worker->sockpair) < 0) {
884 ret = -1;
885 goto error_sock;
886 }
887
888 /* Fork worker. */
889 pid = fork();
890 if (pid < 0) {
891 PERROR("fork");
892 ret = -1;
893 goto error_fork;
894 } else if (pid == 0) {
895 /* Child */
896
897 reset_sighandler();
898
899 set_worker_sighandlers();
900
901 /* Just close, no shutdown. */
902 if (close(worker->sockpair[0])) {
903 PERROR("close");
904 exit(EXIT_FAILURE);
905 }
906
907 /*
908 * Close all FDs aside from STDIN, STDOUT, STDERR and sockpair[1]
909 * Sockpair[1] is used as a control channel with the master
910 */
911 for (i = 3; i < sysconf(_SC_OPEN_MAX); i++) {
912 if (i != worker->sockpair[1]) {
913 (void) close(i);
914 }
915 }
916
917 worker->sockpair[0] = -1;
918 ret = run_as_worker(worker);
919 if (lttcomm_close_unix_sock(worker->sockpair[1])) {
920 PERROR("close");
921 ret = -1;
922 }
923 worker->sockpair[1] = -1;
340cf672
JG
924 free(worker->procname);
925 free(worker);
8fec83ea
JG
926 LOG(ret ? PRINT_ERR : PRINT_DBG, "run_as worker exiting (ret = %d)", ret);
927 exit(ret ? EXIT_FAILURE : EXIT_SUCCESS);
928 } else {
929 /* Parent */
930
931 /* Just close, no shutdown. */
932 if (close(worker->sockpair[1])) {
933 PERROR("close");
934 ret = -1;
935 goto error_fork;
936 }
937 worker->sockpair[1] = -1;
938 worker->pid = pid;
939 /* Wait for worker to become ready. */
940 readlen = lttcomm_recv_unix_sock(worker->sockpair[0],
941 &recvret, sizeof(recvret));
942 if (readlen < sizeof(recvret)) {
943 ERR("readlen: %zd", readlen);
944 PERROR("Error reading response from run_as at creation");
945 ret = -1;
946 goto error_fork;
947 }
948 global_worker = worker;
949 }
950end:
951 return ret;
952
953 /* Error handling. */
954error_fork:
955 for (i = 0; i < 2; i++) {
956 if (worker->sockpair[i] < 0) {
957 continue;
958 }
959 if (lttcomm_close_unix_sock(worker->sockpair[i])) {
960 PERROR("close");
961 }
962 worker->sockpair[i] = -1;
963 }
964error_sock:
8c96eded
FD
965 free(worker->procname);
966error_procname_alloc:
8fec83ea
JG
967 free(worker);
968 return ret;
969}
970
2d85a600 971static
fe9f7760 972int run_as_restart_worker(struct run_as_worker *worker)
2d85a600 973{
fe9f7760
FD
974 int ret = 0;
975 char *procname = NULL;
976
977 procname = worker->procname;
978
979 /* Close socket to run_as worker process and clean up the zombie process */
980 run_as_destroy_worker();
981
982 /* Create a new run_as worker process*/
8fec83ea 983 ret = run_as_create_worker_no_lock(procname);
fe9f7760
FD
984 if (ret < 0 ) {
985 ERR("Restarting the worker process failed");
986 ret = -1;
987 goto err;
988 }
989err:
990 return ret;
991}
992
993static
994int run_as(enum run_as_cmd cmd, struct run_as_data *data,
995 struct run_as_ret *ret_value, uid_t uid, gid_t gid)
996{
997 int ret, saved_errno;
7567352f 998
8fec83ea 999 pthread_mutex_lock(&worker_lock);
749b7a0c 1000 if (use_clone()) {
7567352f 1001 DBG("Using run_as worker");
8fec83ea 1002
749b7a0c 1003 assert(global_worker);
749b7a0c 1004
fe9f7760
FD
1005 ret = run_as_cmd(global_worker, cmd, data, ret_value, uid, gid);
1006 saved_errno = ret_value->_errno;
1007
fe9f7760
FD
1008 /*
1009 * If the worker thread crashed the errno is set to EIO. we log
1010 * the error and start a new worker process.
1011 */
1012 if (ret == -1 && saved_errno == EIO) {
1013 DBG("Socket closed unexpectedly... "
1014 "Restarting the worker process");
1015 ret = run_as_restart_worker(global_worker);
fe9f7760
FD
1016 if (ret == -1) {
1017 ERR("Failed to restart worker process.");
1018 goto err;
1019 }
1020 }
2d85a600 1021 } else {
7567352f 1022 DBG("Using run_as without worker");
fe9f7760 1023 ret = run_as_noworker(cmd, data, ret_value, uid, gid);
2d85a600 1024 }
fe9f7760 1025err:
8fec83ea 1026 pthread_mutex_unlock(&worker_lock);
7567352f 1027 return ret;
2d85a600
MD
1028}
1029
90e535ef 1030LTTNG_HIDDEN
e11d277b 1031int run_as_mkdir_recursive(const char *path, mode_t mode, uid_t uid, gid_t gid)
60b6c79c 1032{
7567352f 1033 struct run_as_data data;
fe9f7760 1034 struct run_as_ret ret;
60b6c79c 1035
8446e5eb 1036 memset(&data, 0, sizeof(data));
fe9f7760 1037 memset(&ret, 0, sizeof(ret));
60b6c79c 1038 DBG3("mkdir() recursive %s with mode %d for uid %d and gid %d",
08797918 1039 path, (int) mode, (int) uid, (int) gid);
7567352f
MD
1040 strncpy(data.u.mkdir.path, path, PATH_MAX - 1);
1041 data.u.mkdir.path[PATH_MAX - 1] = '\0';
1042 data.u.mkdir.mode = mode;
fe9f7760
FD
1043
1044 run_as(RUN_AS_MKDIR_RECURSIVE, &data, &ret, uid, gid);
1045 errno = ret._errno;
1046 return ret.u.mkdir.ret;
60b6c79c
MD
1047}
1048
90e535ef 1049LTTNG_HIDDEN
e11d277b 1050int run_as_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid)
60b6c79c 1051{
7567352f 1052 struct run_as_data data;
fe9f7760 1053 struct run_as_ret ret;
60b6c79c 1054
8446e5eb 1055 memset(&data, 0, sizeof(data));
fe9f7760
FD
1056 memset(&ret, 0, sizeof(ret));
1057
60b6c79c 1058 DBG3("mkdir() %s with mode %d for uid %d and gid %d",
08797918 1059 path, (int) mode, (int) uid, (int) gid);
7567352f
MD
1060 strncpy(data.u.mkdir.path, path, PATH_MAX - 1);
1061 data.u.mkdir.path[PATH_MAX - 1] = '\0';
1062 data.u.mkdir.mode = mode;
fe9f7760
FD
1063 run_as(RUN_AS_MKDIR, &data, &ret, uid, gid);
1064 errno = ret._errno;
1065 return ret.u.mkdir.ret;
60b6c79c
MD
1066}
1067
90e535ef 1068LTTNG_HIDDEN
e11d277b 1069int run_as_open(const char *path, int flags, mode_t mode, uid_t uid, gid_t gid)
60b6c79c 1070{
7567352f 1071 struct run_as_data data;
fe9f7760 1072 struct run_as_ret ret;
c2b75c49 1073
8446e5eb 1074 memset(&data, 0, sizeof(data));
fe9f7760
FD
1075 memset(&ret, 0, sizeof(ret));
1076
47fb7563 1077 DBG3("open() %s with flags %X mode %d for uid %d and gid %d",
08797918 1078 path, flags, (int) mode, (int) uid, (int) gid);
7567352f
MD
1079 strncpy(data.u.open.path, path, PATH_MAX - 1);
1080 data.u.open.path[PATH_MAX - 1] = '\0';
1081 data.u.open.flags = flags;
1082 data.u.open.mode = mode;
fe9f7760
FD
1083 run_as(RUN_AS_OPEN, &data, &ret, uid, gid);
1084 errno = ret._errno;
1085 ret.u.open.ret = ret.fd;
1086 return ret.u.open.ret;
60b6c79c 1087}
4628484a
MD
1088
1089LTTNG_HIDDEN
1090int run_as_unlink(const char *path, uid_t uid, gid_t gid)
1091{
7567352f 1092 struct run_as_data data;
fe9f7760 1093 struct run_as_ret ret;
4628484a 1094
8446e5eb 1095 memset(&data, 0, sizeof(data));
fe9f7760
FD
1096 memset(&ret, 0, sizeof(ret));
1097
4628484a 1098 DBG3("unlink() %s with for uid %d and gid %d",
08797918 1099 path, (int) uid, (int) gid);
7567352f
MD
1100 strncpy(data.u.unlink.path, path, PATH_MAX - 1);
1101 data.u.unlink.path[PATH_MAX - 1] = '\0';
fe9f7760
FD
1102 run_as(RUN_AS_UNLINK, &data, &ret, uid, gid);
1103 errno = ret._errno;
1104 return ret.u.unlink.ret;
4628484a
MD
1105}
1106
1107LTTNG_HIDDEN
7567352f 1108int run_as_rmdir_recursive(const char *path, uid_t uid, gid_t gid)
4628484a 1109{
7567352f 1110 struct run_as_data data;
fe9f7760
FD
1111 struct run_as_ret ret;
1112
1113 memset(&data, 0, sizeof(data));
1114 memset(&ret, 0, sizeof(ret));
4628484a 1115
7567352f 1116 DBG3("rmdir_recursive() %s with for uid %d and gid %d",
08797918 1117 path, (int) uid, (int) gid);
7567352f
MD
1118 strncpy(data.u.rmdir_recursive.path, path, PATH_MAX - 1);
1119 data.u.rmdir_recursive.path[PATH_MAX - 1] = '\0';
fe9f7760
FD
1120 run_as(RUN_AS_RMDIR_RECURSIVE, &data, &ret, uid, gid);
1121 errno = ret._errno;
1122 return ret.u.rmdir_recursive.ret;
7567352f
MD
1123}
1124
241e0a5a
FD
1125LTTNG_HIDDEN
1126int run_as_extract_elf_symbol_offset(int fd, const char* function,
1127 uid_t uid, gid_t gid, uint64_t *offset)
1128{
1129 struct run_as_data data;
1130 struct run_as_ret ret;
1131
f726677b
JG
1132 memset(&data, 0, sizeof(data));
1133 memset(&ret, 0, sizeof(ret));
1134
241e0a5a
FD
1135 DBG3("extract_elf_symbol_offset() on fd=%d and function=%s "
1136 "with for uid %d and gid %d", fd, function, (int) uid, (int) gid);
1137
1138 data.fd = fd;
1139
1140 strncpy(data.u.extract_elf_symbol_offset.function, function, LTTNG_SYMBOL_NAME_LEN - 1);
1141
1142 data.u.extract_elf_symbol_offset.function[LTTNG_SYMBOL_NAME_LEN - 1] = '\0';
1143
1144 run_as(RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET, &data, &ret, uid, gid);
1145
1146 errno = ret._errno;
1147
1148 if (ret._error) {
1149 return -1;
1150 }
1151
1152 *offset = ret.u.extract_elf_symbol_offset.offset;
1153 return 0;
1154}
1155
0ef03255
FD
1156LTTNG_HIDDEN
1157int run_as_extract_sdt_probe_offsets(int fd, const char* provider_name,
1158 const char* probe_name, uid_t uid, gid_t gid,
1159 uint64_t **offsets, uint32_t *num_offset)
1160{
1161 struct run_as_data data;
1162 struct run_as_ret ret;
1163
f726677b
JG
1164 memset(&data, 0, sizeof(data));
1165 memset(&ret, 0, sizeof(ret));
1166
0ef03255
FD
1167 DBG3("extract_sdt_probe_offsets() on fd=%d, probe_name=%s and "
1168 "provider_name=%s with for uid %d and gid %d", fd, probe_name,
1169 provider_name, (int) uid, (int) gid);
1170
1171 data.fd = fd;
1172
1173 strncpy(data.u.extract_sdt_probe_offsets.probe_name, probe_name, LTTNG_SYMBOL_NAME_LEN - 1);
1174 strncpy(data.u.extract_sdt_probe_offsets.provider_name, provider_name, LTTNG_SYMBOL_NAME_LEN - 1);
1175
1176 data.u.extract_sdt_probe_offsets.probe_name[LTTNG_SYMBOL_NAME_LEN - 1] = '\0';
1177 data.u.extract_sdt_probe_offsets.provider_name[LTTNG_SYMBOL_NAME_LEN - 1] = '\0';
1178
1179 run_as(RUN_AS_EXTRACT_SDT_PROBE_OFFSETS, &data, &ret, uid, gid);
1180
1181 errno = ret._errno;
1182
1183 if (ret._error) {
1184 return -1;
1185 }
1186
1187 *num_offset = ret.u.extract_sdt_probe_offsets.num_offset;
1188
1189 *offsets = zmalloc(*num_offset * sizeof(uint64_t));
1190 if (!*offsets) {
1191 return -ENOMEM;
1192 }
1193
1194 memcpy(*offsets, ret.u.extract_sdt_probe_offsets.offsets, *num_offset * sizeof(uint64_t));
1195 return 0;
1196}
1197
7567352f 1198LTTNG_HIDDEN
8fec83ea 1199int run_as_create_worker(const char *procname)
7567352f 1200{
8fec83ea 1201 int ret;
7567352f 1202
749b7a0c 1203 pthread_mutex_lock(&worker_lock);
8fec83ea 1204 ret = run_as_create_worker_no_lock(procname);
749b7a0c 1205 pthread_mutex_unlock(&worker_lock);
7567352f
MD
1206 return ret;
1207}
1208
1209LTTNG_HIDDEN
1210void run_as_destroy_worker(void)
1211{
1212 struct run_as_worker *worker = global_worker;
7567352f 1213
978d5d79 1214 DBG("Destroying run_as worker");
749b7a0c 1215 pthread_mutex_lock(&worker_lock);
7567352f 1216 if (!worker) {
749b7a0c 1217 goto end;
7567352f
MD
1218 }
1219 /* Close unix socket */
978d5d79 1220 DBG("Closing run_as worker socket");
7567352f
MD
1221 if (lttcomm_close_unix_sock(worker->sockpair[0])) {
1222 PERROR("close");
1223 }
1224 worker->sockpair[0] = -1;
1225 /* Wait for worker. */
f8f66d38
JG
1226 for (;;) {
1227 int status;
1228 pid_t wait_ret;
1229
1230 wait_ret = waitpid(worker->pid, &status, 0);
1231 if (wait_ret < 0) {
1232 if (errno == EINTR) {
1233 continue;
1234 }
1235 PERROR("waitpid");
1236 break;
1237 }
1238
1239 if (WIFEXITED(status)) {
1240 LOG(WEXITSTATUS(status) == 0 ? PRINT_DBG : PRINT_ERR,
1241 DEFAULT_RUN_AS_WORKER_NAME " terminated with status code %d",
1242 WEXITSTATUS(status));
1243 break;
1244 } else if (WIFSIGNALED(status)) {
1245 ERR(DEFAULT_RUN_AS_WORKER_NAME " was killed by signal %d",
1246 WTERMSIG(status));
1247 break;
1248 }
7567352f 1249 }
8fec83ea 1250 free(worker->procname);
7567352f
MD
1251 free(worker);
1252 global_worker = NULL;
749b7a0c
JG
1253end:
1254 pthread_mutex_unlock(&worker_lock);
4628484a 1255}
This page took 0.165031 seconds and 5 git commands to generate.