| 1 | /* |
| 2 | * Copyright (C) 2011 David Goulet <dgoulet@efficios.com> |
| 3 | * |
| 4 | * SPDX-License-Identifier: GPL-2.0-only |
| 5 | * |
| 6 | */ |
| 7 | |
| 8 | #ifndef _COMPAT_SOCKET_H |
| 9 | #define _COMPAT_SOCKET_H |
| 10 | |
| 11 | #include <sys/socket.h> |
| 12 | #include <sys/un.h> |
| 13 | #include <unistd.h> |
| 14 | |
| 15 | #include <common/macros.h> |
| 16 | |
| 17 | #ifndef MSG_NOSIGNAL |
| 18 | # ifdef SO_NOSIGPIPE |
| 19 | # define MSG_NOSIGNAL SO_NOSIGPIPE |
| 20 | # endif |
| 21 | #endif |
| 22 | |
| 23 | #if defined(MSG_NOSIGNAL) |
| 24 | static inline |
| 25 | ssize_t lttng_recvmsg_nosigpipe(int sockfd, struct msghdr *msg) |
| 26 | { |
| 27 | return recvmsg(sockfd, msg, MSG_NOSIGNAL); |
| 28 | } |
| 29 | #else |
| 30 | |
| 31 | #include <signal.h> |
| 32 | #include <common/compat/errno.h> |
| 33 | |
| 34 | static inline |
| 35 | ssize_t lttng_recvmsg_nosigpipe(int sockfd, struct msghdr *msg) |
| 36 | { |
| 37 | ssize_t received; |
| 38 | int saved_err; |
| 39 | sigset_t sigpipe_set, pending_set, old_set; |
| 40 | int sigpipe_was_pending; |
| 41 | |
| 42 | /* |
| 43 | * Discard the SIGPIPE from send(), not disturbing any SIGPIPE |
| 44 | * that might be already pending. If a bogus SIGPIPE is sent to |
| 45 | * the entire process concurrently by a malicious user, it may |
| 46 | * be simply discarded. |
| 47 | */ |
| 48 | if (sigemptyset(&pending_set)) { |
| 49 | return -1; |
| 50 | } |
| 51 | /* |
| 52 | * sigpending returns the mask of signals that are _both_ |
| 53 | * blocked for the thread _and_ pending for either the thread or |
| 54 | * the entire process. |
| 55 | */ |
| 56 | if (sigpending(&pending_set)) { |
| 57 | return -1; |
| 58 | } |
| 59 | sigpipe_was_pending = sigismember(&pending_set, SIGPIPE); |
| 60 | /* |
| 61 | * If sigpipe was pending, it means it was already blocked, so |
| 62 | * no need to block it. |
| 63 | */ |
| 64 | if (!sigpipe_was_pending) { |
| 65 | if (sigemptyset(&sigpipe_set)) { |
| 66 | return -1; |
| 67 | } |
| 68 | if (sigaddset(&sigpipe_set, SIGPIPE)) { |
| 69 | return -1; |
| 70 | } |
| 71 | if (pthread_sigmask(SIG_BLOCK, &sigpipe_set, &old_set)) { |
| 72 | return -1; |
| 73 | } |
| 74 | } |
| 75 | |
| 76 | /* Send and save errno. */ |
| 77 | received = recvmsg(sockfd, msg, 0); |
| 78 | saved_err = errno; |
| 79 | |
| 80 | if (received == -1 && errno == EPIPE && !sigpipe_was_pending) { |
| 81 | struct timespec timeout = { 0, 0 }; |
| 82 | int ret; |
| 83 | |
| 84 | do { |
| 85 | ret = sigtimedwait(&sigpipe_set, NULL, |
| 86 | &timeout); |
| 87 | } while (ret == -1 && errno == EINTR); |
| 88 | } |
| 89 | if (!sigpipe_was_pending) { |
| 90 | if (pthread_sigmask(SIG_SETMASK, &old_set, NULL)) { |
| 91 | return -1; |
| 92 | } |
| 93 | } |
| 94 | /* Restore send() errno */ |
| 95 | errno = saved_err; |
| 96 | |
| 97 | return received; |
| 98 | } |
| 99 | #endif |
| 100 | |
| 101 | #ifdef __sun__ |
| 102 | |
| 103 | # ifndef CMSG_ALIGN |
| 104 | # ifdef _CMSG_DATA_ALIGN |
| 105 | # define CMSG_ALIGN(len) _CMSG_DATA_ALIGN(len) |
| 106 | # else |
| 107 | /* aligning to sizeof (long) is assumed to be portable (fd.o#40235) */ |
| 108 | # define CMSG_ALIGN(len) (((len) + sizeof (long) - 1) & ~(sizeof (long) - 1)) |
| 109 | # endif |
| 110 | # ifndef CMSG_SPACE |
| 111 | # define CMSG_SPACE(len) (CMSG_ALIGN (sizeof (struct cmsghdr)) + CMSG_ALIGN (len)) |
| 112 | # endif |
| 113 | # ifndef CMSG_LEN |
| 114 | # define CMSG_LEN(len) (CMSG_ALIGN (sizeof (struct cmsghdr)) + (len)) |
| 115 | # endif |
| 116 | # endif |
| 117 | |
| 118 | #include <ucred.h> |
| 119 | |
| 120 | static inline |
| 121 | int getpeereid(int s, uid_t *euid, gid_t *gid) |
| 122 | { |
| 123 | int ret = 0; |
| 124 | ucred_t *ucred = NULL; |
| 125 | |
| 126 | ret = getpeerucred(s, &ucred); |
| 127 | if (ret == -1) { |
| 128 | goto end; |
| 129 | } |
| 130 | |
| 131 | ret = ucred_geteuid(ucred); |
| 132 | if (ret == -1) { |
| 133 | goto free; |
| 134 | } |
| 135 | *euid = ret; |
| 136 | |
| 137 | ret = ucred_getrgid(ucred); |
| 138 | if (ret == -1) { |
| 139 | goto free; |
| 140 | } |
| 141 | *gid = ret; |
| 142 | |
| 143 | ret = 0; |
| 144 | free: |
| 145 | ucred_free(ucred); |
| 146 | end: |
| 147 | return ret; |
| 148 | } |
| 149 | #endif /* __sun__ */ |
| 150 | |
| 151 | |
| 152 | #if defined(__linux__) || defined(__CYGWIN__) |
| 153 | |
| 154 | #define LTTNG_SOCK_CREDS SCM_CREDENTIALS |
| 155 | |
| 156 | typedef struct ucred lttng_sock_cred; |
| 157 | |
| 158 | #define LTTNG_SOCK_SET_UID_CRED(c, u) LTTNG_REF(c)->uid = u |
| 159 | #define LTTNG_SOCK_SET_GID_CRED(c, g) LTTNG_REF(c)->gid = g |
| 160 | #define LTTNG_SOCK_SET_PID_CRED(c, p) LTTNG_REF(c)->pid = p |
| 161 | |
| 162 | #define LTTNG_SOCK_GET_UID_CRED(c) LTTNG_REF(c)->uid |
| 163 | #define LTTNG_SOCK_GET_GID_CRED(c) LTTNG_REF(c)->gid |
| 164 | #define LTTNG_SOCK_GET_PID_CRED(c) LTTNG_REF(c)->pid |
| 165 | |
| 166 | #elif (defined(__FreeBSD__) || defined(__sun__) || defined(__APPLE__)) |
| 167 | |
| 168 | struct lttng_sock_cred { |
| 169 | uid_t uid; |
| 170 | gid_t gid; |
| 171 | pid_t pid; |
| 172 | }; |
| 173 | |
| 174 | typedef struct lttng_sock_cred lttng_sock_cred; |
| 175 | |
| 176 | #define LTTNG_SOCK_SET_UID_CRED(c, u) LTTNG_REF(c)->uid = u |
| 177 | #define LTTNG_SOCK_SET_GID_CRED(c, g) LTTNG_REF(c)->gid = g |
| 178 | #define LTTNG_SOCK_SET_PID_CRED(c, p) LTTNG_REF(c)->pid = p |
| 179 | |
| 180 | #define LTTNG_SOCK_GET_UID_CRED(c) LTTNG_REF(c)->uid |
| 181 | #define LTTNG_SOCK_GET_GID_CRED(c) LTTNG_REF(c)->gid |
| 182 | #define LTTNG_SOCK_GET_PID_CRED(c) LTTNG_REF(c)->pid |
| 183 | |
| 184 | #ifdef __APPLE__ |
| 185 | |
| 186 | static inline |
| 187 | int lttng_get_unix_socket_peer_pid(int socket_fd, pid_t *pid) |
| 188 | { |
| 189 | /* The getsockopt LOCAL_PEERPID option is available since macOS 10.8. */ |
| 190 | return getsockopt(socket_fd, SOL_LOCAL, LOCAL_PEERPID, pid, |
| 191 | &((socklen_t) {sizeof(*pid)})); |
| 192 | } |
| 193 | |
| 194 | #elif defined(__sun__) |
| 195 | |
| 196 | /* Use the getpeerucreds interface on Solaris. */ |
| 197 | static inline |
| 198 | int lttng_get_unix_socket_peer_pid(int socket_fd, pid_t *pid) |
| 199 | { |
| 200 | int ret = 0; |
| 201 | ucred_t *ucred = NULL; |
| 202 | |
| 203 | ret = getpeerucred(s, &ucred); |
| 204 | if (ret == -1) { |
| 205 | goto end; |
| 206 | } |
| 207 | |
| 208 | ret = ucred_getpid(ucred); |
| 209 | if (ret == -1) { |
| 210 | goto free; |
| 211 | } |
| 212 | |
| 213 | *pid = ret; |
| 214 | ret = 0; |
| 215 | free: |
| 216 | ucred_free(ucred); |
| 217 | end: |
| 218 | return ret; |
| 219 | } |
| 220 | |
| 221 | #elif defined(__FreeBSD__) |
| 222 | |
| 223 | #include <sys/ucred.h> |
| 224 | |
| 225 | static inline |
| 226 | int lttng_get_unix_socket_peer_pid(int socket_fd, pid_t *pid) |
| 227 | { |
| 228 | int ret; |
| 229 | struct xucred sock_creds = {}; |
| 230 | |
| 231 | /* Only available in FreeBSD 13.0 and up. */ |
| 232 | ret = getsockopt(socket_fd, SOL_LOCAL, LOCAL_PEERCRED, &sock_creds, |
| 233 | &((socklen_t) {sizeof(sock_creds)})); |
| 234 | if (ret) { |
| 235 | goto end; |
| 236 | } |
| 237 | |
| 238 | *pid = sock_creds.cr_pid; |
| 239 | end: |
| 240 | return ret; |
| 241 | } |
| 242 | |
| 243 | #endif /* __APPLE__ */ |
| 244 | |
| 245 | |
| 246 | static inline |
| 247 | int lttng_get_unix_socket_peer_creds(int socket_fd, struct lttng_sock_cred *creds) |
| 248 | { |
| 249 | int ret; |
| 250 | |
| 251 | /* This is a BSD extension that is supported by Cygwin. */ |
| 252 | ret = getpeereid(socket_fd, &creds->uid, &creds->gid); |
| 253 | if (ret) { |
| 254 | goto end; |
| 255 | } |
| 256 | |
| 257 | /* |
| 258 | * Getting a peer's PID is a bit more troublesome as it is platform |
| 259 | * specific. |
| 260 | */ |
| 261 | ret = lttng_get_unix_socket_peer_pid(socket_fd, &creds->pid); |
| 262 | end: |
| 263 | return ret; |
| 264 | } |
| 265 | |
| 266 | #else |
| 267 | #error "Please add support for your OS." |
| 268 | #endif /* __linux__ , __FreeBSD__, __APPLE__ */ |
| 269 | |
| 270 | #endif /* _COMPAT_SOCKET_H */ |