projects / lttng-tools.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
directory-handle: make lttng_directory_handle_stat public
[lttng-tools.git] / src / common / runas.c
1 /*
2 * Copyright (C) 2011 - David Goulet <david.goulet@polymtl.ca>
3 * Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
4 * 2019 - Jérémie Galarneau <jeremie.galarneau@efficios.com>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License, version 2 only,
8 * as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13 * more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 */
19
20 #define _LGPL_SOURCE
21 #include <errno.h>
22 #include <limits.h>
23 #include <stdio.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <sys/wait.h>
27 #include <sys/types.h>
28 #include <sys/stat.h>
29 #include <unistd.h>
30 #include <fcntl.h>
31 #include <sched.h>
32 #include <signal.h>
33 #include <assert.h>
34 #include <signal.h>
35
36 #include <common/lttng-kernel.h>
37 #include <common/common.h>
38 #include <common/utils.h>
39 #include <common/compat/getenv.h>
40 #include <common/compat/prctl.h>
41 #include <common/unix.h>
42 #include <common/defaults.h>
43 #include <common/lttng-elf.h>
44
45 #include <lttng/constant.h>
46
47 #include "runas.h"
48
49 struct run_as_data;
50 struct run_as_ret;
51 typedef int (*run_as_fct)(struct run_as_data *data, struct run_as_ret *ret_value);
52
53 enum run_as_cmd {
54 RUN_AS_MKDIR,
55 RUN_AS_MKDIRAT,
56 RUN_AS_MKDIR_RECURSIVE,
57 RUN_AS_MKDIRAT_RECURSIVE,
58 RUN_AS_OPEN,
59 RUN_AS_OPENAT,
60 RUN_AS_UNLINK,
61 RUN_AS_UNLINKAT,
62 RUN_AS_RMDIR,
63 RUN_AS_RMDIRAT,
64 RUN_AS_RMDIR_RECURSIVE,
65 RUN_AS_RMDIRAT_RECURSIVE,
66 RUN_AS_RENAME,
67 RUN_AS_RENAMEAT,
68 RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET,
69 RUN_AS_EXTRACT_SDT_PROBE_OFFSETS,
70 };
71
72 struct run_as_mkdir_data {
73 int dirfd;
74 char path[LTTNG_PATH_MAX];
75 mode_t mode;
76 } LTTNG_PACKED;
77
78 struct run_as_open_data {
79 int dirfd;
80 char path[LTTNG_PATH_MAX];
81 int flags;
82 mode_t mode;
83 } LTTNG_PACKED;
84
85 struct run_as_unlink_data {
86 int dirfd;
87 char path[LTTNG_PATH_MAX];
88 } LTTNG_PACKED;
89
90 struct run_as_rmdir_data {
91 int dirfd;
92 char path[LTTNG_PATH_MAX];
93 int flags; /* enum lttng_directory_handle_rmdir_recursive_flags */
94 } LTTNG_PACKED;
95
96 struct run_as_extract_elf_symbol_offset_data {
97 int fd;
98 char function[LTTNG_SYMBOL_NAME_LEN];
99 } LTTNG_PACKED;
100
101 struct run_as_extract_sdt_probe_offsets_data {
102 int fd;
103 char probe_name[LTTNG_SYMBOL_NAME_LEN];
104 char provider_name[LTTNG_SYMBOL_NAME_LEN];
105 } LTTNG_PACKED;
106
107 struct run_as_rename_data {
108 /*
109 * [0] = old_dirfd
110 * [1] = new_dirfd
111 */
112 int dirfds[2];
113 char old_path[LTTNG_PATH_MAX];
114 char new_path[LTTNG_PATH_MAX];
115 } LTTNG_PACKED;
116
117 struct run_as_open_ret {
118 int fd;
119 } LTTNG_PACKED;
120
121 struct run_as_extract_elf_symbol_offset_ret {
122 uint64_t offset;
123 } LTTNG_PACKED;
124
125 struct run_as_extract_sdt_probe_offsets_ret {
126 uint32_t num_offset;
127 uint64_t offsets[LTTNG_KERNEL_MAX_UPROBE_NUM];
128 } LTTNG_PACKED;
129
130 struct run_as_data {
131 enum run_as_cmd cmd;
132 union {
133 struct run_as_mkdir_data mkdir;
134 struct run_as_open_data open;
135 struct run_as_unlink_data unlink;
136 struct run_as_rmdir_data rmdir;
137 struct run_as_rename_data rename;
138 struct run_as_extract_elf_symbol_offset_data extract_elf_symbol_offset;
139 struct run_as_extract_sdt_probe_offsets_data extract_sdt_probe_offsets;
140 } u;
141 uid_t uid;
142 gid_t gid;
143 } LTTNG_PACKED;
144
145 /*
146 * The run_as_ret structure holds the returned value and status of the command.
147 *
148 * The `u` union field holds the return value of the command; in most cases it
149 * represents the success or the failure of the command. In more complex
150 * commands, it holds a computed value.
151 *
152 * The _errno field is the errno recorded after the execution of the command.
153 *
154 * The _error fields is used the signify that return status of the command. For
155 * simple commands returning `int` the _error field will be the same as the
156 * ret_int field. In complex commands, it signify the success or failure of the
157 * command.
158 *
159 */
160 struct run_as_ret {
161 union {
162 int ret;
163 struct run_as_open_ret open;
164 struct run_as_extract_elf_symbol_offset_ret extract_elf_symbol_offset;
165 struct run_as_extract_sdt_probe_offsets_ret extract_sdt_probe_offsets;
166 } u;
167 int _errno;
168 bool _error;
169 } LTTNG_PACKED;
170
171 #define COMMAND_IN_FDS(data_ptr) ({ \
172 int *fds = NULL; \
173 if (command_properties[data_ptr->cmd].in_fds_offset != -1) { \
174 fds = (int *) ((char *) data_ptr + command_properties[data_ptr->cmd].in_fds_offset); \
175 } \
176 fds; \
177 })
178
179 #define COMMAND_OUT_FDS(cmd, ret_ptr) ({ \
180 int *fds = NULL; \
181 if (command_properties[cmd].out_fds_offset != -1) { \
182 fds = (int *) ((char *) ret_ptr + command_properties[cmd].out_fds_offset); \
183 } \
184 fds; \
185 })
186
187 #define COMMAND_IN_FD_COUNT(data_ptr) ({ \
188 command_properties[data_ptr->cmd].in_fd_count; \
189 })
190
191 #define COMMAND_OUT_FD_COUNT(cmd) ({ \
192 command_properties[cmd].out_fd_count; \
193 })
194
195 #define COMMAND_USE_CWD_FD(data_ptr) command_properties[data_ptr->cmd].use_cwd_fd
196
197 struct run_as_command_properties {
198 /* Set to -1 when not applicable. */
199 ptrdiff_t in_fds_offset, out_fds_offset;
200 unsigned int in_fd_count, out_fd_count;
201 bool use_cwd_fd;
202 };
203
204 static const struct run_as_command_properties command_properties[] = {
205 [RUN_AS_MKDIR] = {
206 .in_fds_offset = offsetof(struct run_as_data, u.mkdir.dirfd),
207 .in_fd_count = 1,
208 .out_fds_offset = -1,
209 .out_fd_count = 0,
210 .use_cwd_fd = true,
211 },
212 [RUN_AS_MKDIRAT] = {
213 .in_fds_offset = offsetof(struct run_as_data, u.mkdir.dirfd),
214 .in_fd_count = 1,
215 .out_fds_offset = -1,
216 .out_fd_count = 0,
217 .use_cwd_fd = false,
218 },
219 [RUN_AS_MKDIR_RECURSIVE] = {
220 .in_fds_offset = offsetof(struct run_as_data, u.mkdir.dirfd),
221 .in_fd_count = 1,
222 .out_fds_offset = -1,
223 .out_fd_count = 0,
224 .use_cwd_fd = true,
225 },
226 [RUN_AS_MKDIRAT_RECURSIVE] = {
227 .in_fds_offset = offsetof(struct run_as_data, u.mkdir.dirfd),
228 .in_fd_count = 1,
229 .out_fds_offset = -1,
230 .out_fd_count = 0,
231 .use_cwd_fd = false,
232 },
233 [RUN_AS_OPEN] = {
234 .in_fds_offset = offsetof(struct run_as_data, u.open.dirfd),
235 .in_fd_count = 1,
236 .out_fds_offset = offsetof(struct run_as_ret, u.open.fd),
237 .out_fd_count = 1,
238 .use_cwd_fd = true,
239 },
240 [RUN_AS_OPENAT] = {
241 .in_fds_offset = offsetof(struct run_as_data, u.open.dirfd),
242 .in_fd_count = 1,
243 .out_fds_offset = offsetof(struct run_as_ret, u.open.fd),
244 .out_fd_count = 1,
245 .use_cwd_fd = false,
246 },
247 [RUN_AS_UNLINK] = {
248 .in_fds_offset = offsetof(struct run_as_data, u.unlink.dirfd),
249 .in_fd_count = 1,
250 .out_fds_offset = -1,
251 .out_fd_count = 0,
252 .use_cwd_fd = true,
253 },
254 [RUN_AS_UNLINKAT] = {
255 .in_fds_offset = offsetof(struct run_as_data, u.unlink.dirfd),
256 .in_fd_count = 1,
257 .out_fds_offset = -1,
258 .out_fd_count = 0,
259 .use_cwd_fd = false,
260 },
261 [RUN_AS_RMDIR_RECURSIVE] = {
262 .in_fds_offset = offsetof(struct run_as_data, u.rmdir.dirfd),
263 .in_fd_count = 1,
264 .out_fds_offset = -1,
265 .out_fd_count = 0,
266 .use_cwd_fd = true,
267 },
268 [RUN_AS_RMDIRAT_RECURSIVE] = {
269 .in_fds_offset = offsetof(struct run_as_data, u.rmdir.dirfd),
270 .in_fd_count = 1,
271 .out_fds_offset = -1,
272 .out_fd_count = 0,
273 .use_cwd_fd = false,
274 },
275 [RUN_AS_RMDIR] = {
276 .in_fds_offset = offsetof(struct run_as_data, u.rmdir.dirfd),
277 .in_fd_count = 1,
278 .out_fds_offset = -1,
279 .out_fd_count = 0,
280 .use_cwd_fd = true,
281 },
282 [RUN_AS_RMDIRAT] = {
283 .in_fds_offset = offsetof(struct run_as_data, u.rmdir.dirfd),
284 .in_fd_count = 1,
285 .out_fds_offset = -1,
286 .out_fd_count = 0,
287 .use_cwd_fd = false,
288 },
289 [RUN_AS_RENAME] = {
290 .in_fds_offset = offsetof(struct run_as_data, u.rename.dirfds),
291 .in_fd_count = 2,
292 .out_fds_offset = -1,
293 .out_fd_count = 0,
294 .use_cwd_fd = true,
295 },
296 [RUN_AS_RENAMEAT] = {
297 .in_fds_offset = offsetof(struct run_as_data, u.rename.dirfds),
298 .in_fd_count = 2,
299 .out_fds_offset = -1,
300 .out_fd_count = 0,
301 .use_cwd_fd = false,
302 },
303 [RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET] = {
304 .in_fds_offset = offsetof(struct run_as_data,
305 u.extract_elf_symbol_offset.fd),
306 .in_fd_count = 1,
307 .out_fds_offset = -1,
308 .out_fd_count = 0,
309 .use_cwd_fd = false,
310 },
311 [RUN_AS_EXTRACT_SDT_PROBE_OFFSETS] = {
312 .in_fds_offset = offsetof(struct run_as_data,
313 u.extract_sdt_probe_offsets.fd),
314 .in_fd_count = 1,
315 .out_fds_offset = -1,
316 .out_fd_count = 0,
317 .use_cwd_fd = false,
318 },
319 };
320
321 struct run_as_worker {
322 pid_t pid; /* Worker PID. */
323 int sockpair[2];
324 char *procname;
325 };
326
327 /* Single global worker per process (for now). */
328 static struct run_as_worker *global_worker;
329 /* Lock protecting the worker. */
330 static pthread_mutex_t worker_lock = PTHREAD_MUTEX_INITIALIZER;
331
332 #ifdef VALGRIND
333 static
334 int use_clone(void)
335 {
336 return 0;
337 }
338 #else
339 static
340 int use_clone(void)
341 {
342 return !lttng_secure_getenv("LTTNG_DEBUG_NOCLONE");
343 }
344 #endif
345
346 /*
347 * Create recursively directory using the FULL path.
348 */
349 static
350 int _mkdirat_recursive(struct run_as_data *data, struct run_as_ret *ret_value)
351 {
352 const char *path;
353 mode_t mode;
354 struct lttng_directory_handle *handle;
355
356 path = data->u.mkdir.path;
357 mode = data->u.mkdir.mode;
358
359 handle = lttng_directory_handle_create_from_dirfd(data->u.mkdir.dirfd);
360 if (!handle) {
361 ret_value->_errno = errno;
362 ret_value->_error = true;
363 ret_value->u.ret = -1;
364 goto end;
365 }
366 /* Ownership of dirfd is transferred to the handle. */
367 data->u.mkdir.dirfd = -1;
368 /* Safe to call as we have transitioned to the requested uid/gid. */
369 ret_value->u.ret = lttng_directory_handle_create_subdirectory_recursive(
370 handle, path, mode);
371 ret_value->_errno = errno;
372 ret_value->_error = (ret_value->u.ret) ? true : false;
373 lttng_directory_handle_put(handle);
374 end:
375 return ret_value->u.ret;
376 }
377
378 static
379 int _mkdirat(struct run_as_data *data, struct run_as_ret *ret_value)
380 {
381 const char *path;
382 mode_t mode;
383 struct lttng_directory_handle *handle;
384
385 path = data->u.mkdir.path;
386 mode = data->u.mkdir.mode;
387
388 handle = lttng_directory_handle_create_from_dirfd(data->u.mkdir.dirfd);
389 if (!handle) {
390 ret_value->u.ret = -1;
391 ret_value->_errno = errno;
392 ret_value->_error = true;
393 goto end;
394 }
395 /* Ownership of dirfd is transferred to the handle. */
396 data->u.mkdir.dirfd = -1;
397 /* Safe to call as we have transitioned to the requested uid/gid. */
398 ret_value->u.ret = lttng_directory_handle_create_subdirectory(
399 handle, path, mode);
400 ret_value->_errno = errno;
401 ret_value->_error = (ret_value->u.ret) ? true : false;
402 lttng_directory_handle_put(handle);
403 end:
404 return ret_value->u.ret;
405 }
406
407 static
408 int _open(struct run_as_data *data, struct run_as_ret *ret_value)
409 {
410 int fd;
411 struct lttng_directory_handle *handle;
412
413 handle = lttng_directory_handle_create_from_dirfd(data->u.open.dirfd);
414 if (!handle) {
415 ret_value->_errno = errno;
416 ret_value->_error = true;
417 ret_value->u.ret = -1;
418 goto end;
419 }
420 /* Ownership of dirfd is transferred to the handle. */
421 data->u.open.dirfd = -1;
422
423 fd = lttng_directory_handle_open_file(handle,
424 data->u.open.path, data->u.open.flags,
425 data->u.open.mode);
426 if (fd < 0) {
427 ret_value->u.ret = -1;
428 ret_value->u.open.fd = -1;
429 } else {
430 ret_value->u.ret = 0;
431 ret_value->u.open.fd = fd;
432 }
433
434 ret_value->_errno = errno;
435 ret_value->_error = fd < 0;
436 lttng_directory_handle_put(handle);
437 end:
438 return ret_value->u.ret;
439 }
440
441 static
442 int _unlink(struct run_as_data *data, struct run_as_ret *ret_value)
443 {
444 struct lttng_directory_handle *handle;
445
446 handle = lttng_directory_handle_create_from_dirfd(data->u.unlink.dirfd);
447 if (!handle) {
448 ret_value->u.ret = -1;
449 ret_value->_errno = errno;
450 ret_value->_error = true;
451 goto end;
452 }
453
454 /* Ownership of dirfd is transferred to the handle. */
455 data->u.unlink.dirfd = -1;
456
457 ret_value->u.ret = lttng_directory_handle_unlink_file(handle,
458 data->u.unlink.path);
459 ret_value->_errno = errno;
460 ret_value->_error = (ret_value->u.ret) ? true : false;
461 lttng_directory_handle_put(handle);
462 end:
463 return ret_value->u.ret;
464 }
465
466 static
467 int _rmdir(struct run_as_data *data, struct run_as_ret *ret_value)
468 {
469 struct lttng_directory_handle *handle;
470
471 handle = lttng_directory_handle_create_from_dirfd(data->u.rmdir.dirfd);
472 if (!handle) {
473 ret_value->u.ret = -1;
474 ret_value->_errno = errno;
475 ret_value->_error = true;
476 goto end;
477 }
478
479 /* Ownership of dirfd is transferred to the handle. */
480 data->u.rmdir.dirfd = -1;
481
482 ret_value->u.ret = lttng_directory_handle_remove_subdirectory(
483 handle, data->u.rmdir.path);
484 ret_value->_errno = errno;
485 ret_value->_error = (ret_value->u.ret) ? true : false;
486 lttng_directory_handle_put(handle);
487 end:
488 return ret_value->u.ret;
489 }
490
491 static
492 int _rmdir_recursive(struct run_as_data *data, struct run_as_ret *ret_value)
493 {
494 struct lttng_directory_handle *handle;
495
496 handle = lttng_directory_handle_create_from_dirfd(data->u.rmdir.dirfd);
497 if (!handle) {
498 ret_value->u.ret = -1;
499 ret_value->_errno = errno;
500 ret_value->_error = true;
501 goto end;
502 }
503
504 /* Ownership of dirfd is transferred to the handle. */
505 data->u.rmdir.dirfd = -1;
506
507 ret_value->u.ret = lttng_directory_handle_remove_subdirectory_recursive(
508 handle, data->u.rmdir.path, data->u.rmdir.flags);
509 ret_value->_errno = errno;
510 ret_value->_error = (ret_value->u.ret) ? true : false;
511 lttng_directory_handle_put(handle);
512 end:
513 return ret_value->u.ret;
514 }
515
516 static
517 int _rename(struct run_as_data *data, struct run_as_ret *ret_value)
518 {
519 const char *old_path, *new_path;
520 struct lttng_directory_handle *old_handle = NULL, *new_handle = NULL;
521
522 old_path = data->u.rename.old_path;
523 new_path = data->u.rename.new_path;
524
525 old_handle = lttng_directory_handle_create_from_dirfd(
526 data->u.rename.dirfds[0]);
527 if (!old_handle) {
528 ret_value->u.ret = -1;
529 goto end;
530 }
531 new_handle = lttng_directory_handle_create_from_dirfd(
532 data->u.rename.dirfds[1]);
533 if (!new_handle) {
534 ret_value->u.ret = -1;
535 goto end;
536 }
537
538 /* Ownership of dirfds are transferred to the handles. */
539 data->u.rename.dirfds[0] = data->u.rename.dirfds[1] = -1;
540
541 /* Safe to call as we have transitioned to the requested uid/gid. */
542 ret_value->u.ret = lttng_directory_handle_rename(
543 old_handle, old_path, new_handle, new_path);
544 end:
545 lttng_directory_handle_put(old_handle);
546 lttng_directory_handle_put(new_handle);
547 ret_value->_errno = errno;
548 ret_value->_error = (ret_value->u.ret) ? true : false;
549 return ret_value->u.ret;
550 }
551
552 #ifdef HAVE_ELF_H
553 static
554 int _extract_elf_symbol_offset(struct run_as_data *data,
555 struct run_as_ret *ret_value)
556 {
557 int ret = 0;
558 uint64_t offset;
559
560 ret_value->_error = false;
561 ret = lttng_elf_get_symbol_offset(data->u.extract_elf_symbol_offset.fd,
562 data->u.extract_elf_symbol_offset.function,
563 &offset);
564 if (ret) {
565 DBG("Failed to extract ELF function offset");
566 ret_value->_error = true;
567 }
568 ret_value->u.extract_elf_symbol_offset.offset = offset;
569
570 return ret;
571 }
572
573 static
574 int _extract_sdt_probe_offsets(struct run_as_data *data,
575 struct run_as_ret *ret_value)
576 {
577 int ret = 0;
578 uint64_t *offsets = NULL;
579 uint32_t num_offset;
580
581 ret_value->_error = false;
582
583 /* On success, this call allocates the offsets paramater. */
584 ret = lttng_elf_get_sdt_probe_offsets(
585 data->u.extract_sdt_probe_offsets.fd,
586 data->u.extract_sdt_probe_offsets.provider_name,
587 data->u.extract_sdt_probe_offsets.probe_name,
588 &offsets, &num_offset);
589
590 if (ret) {
591 DBG("Failed to extract SDT probe offsets");
592 ret_value->_error = true;
593 goto end;
594 }
595
596 if (num_offset <= 0 || num_offset > LTTNG_KERNEL_MAX_UPROBE_NUM) {
597 DBG("Wrong number of probes.");
598 ret = -1;
599 ret_value->_error = true;
600 goto free_offset;
601 }
602
603 /* Copy the content of the offsets array to the ret struct. */
604 memcpy(ret_value->u.extract_sdt_probe_offsets.offsets,
605 offsets, num_offset * sizeof(uint64_t));
606
607 ret_value->u.extract_sdt_probe_offsets.num_offset = num_offset;
608
609 free_offset:
610 free(offsets);
611 end:
612 return ret;
613 }
614 #else
615 static
616 int _extract_elf_symbol_offset(struct run_as_data *data,
617 struct run_as_ret *ret_value)
618 {
619 ERR("Unimplemented runas command RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET");
620 return -1;
621 }
622
623 static
624 int _extract_sdt_probe_offsets(struct run_as_data *data,
625 struct run_as_ret *ret_value)
626 {
627 ERR("Unimplemented runas command RUN_AS_EXTRACT_SDT_PROBE_OFFSETS");
628 return -1;
629 }
630 #endif
631
632 static
633 run_as_fct run_as_enum_to_fct(enum run_as_cmd cmd)
634 {
635 switch (cmd) {
636 case RUN_AS_MKDIR:
637 case RUN_AS_MKDIRAT:
638 return _mkdirat;
639 case RUN_AS_MKDIR_RECURSIVE:
640 case RUN_AS_MKDIRAT_RECURSIVE:
641 return _mkdirat_recursive;
642 case RUN_AS_OPEN:
643 case RUN_AS_OPENAT:
644 return _open;
645 case RUN_AS_UNLINK:
646 case RUN_AS_UNLINKAT:
647 return _unlink;
648 case RUN_AS_RMDIR:
649 case RUN_AS_RMDIRAT:
650 return _rmdir;
651 case RUN_AS_RMDIR_RECURSIVE:
652 case RUN_AS_RMDIRAT_RECURSIVE:
653 return _rmdir_recursive;
654 case RUN_AS_RENAME:
655 case RUN_AS_RENAMEAT:
656 return _rename;
657 case RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET:
658 return _extract_elf_symbol_offset;
659 case RUN_AS_EXTRACT_SDT_PROBE_OFFSETS:
660 return _extract_sdt_probe_offsets;
661 default:
662 ERR("Unknown command %d", (int) cmd);
663 return NULL;
664 }
665 }
666
667 static
668 int do_send_fds(int sock, const int *fds, unsigned int fd_count)
669 {
670 ssize_t len;
671 unsigned int i;
672
673 for (i = 0; i < fd_count; i++) {
674 if (fds[i] < 0) {
675 ERR("Attempt to send invalid file descriptor to master (fd = %i)",
676 fds[i]);
677 /* Return 0 as this is not a fatal error. */
678 return 0;
679 }
680 }
681
682 len = lttcomm_send_fds_unix_sock(sock, fds, fd_count);
683 return len < 0 ? -1 : 0;
684 }
685
686 static
687 int do_recv_fds(int sock, int *fds, unsigned int fd_count)
688 {
689 int ret = 0;
690 unsigned int i;
691 ssize_t len;
692
693 len = lttcomm_recv_fds_unix_sock(sock, fds, fd_count);
694 if (len == 0) {
695 ret = -1;
696 goto end;
697 } else if (len < 0) {
698 PERROR("Failed to receive file descriptors from socket");
699 ret = -1;
700 goto end;
701 }
702
703 for (i = 0; i < fd_count; i++) {
704 if (fds[i] < 0) {
705 ERR("Invalid file descriptor received from worker (fd = %i)", fds[i]);
706 /* Return 0 as this is not a fatal error. */
707 }
708 }
709 end:
710 return ret;
711 }
712
713 static
714 int send_fds_to_worker(const struct run_as_worker *worker,
715 const struct run_as_data *data)
716 {
717 int ret = 0;
718 unsigned int i;
719
720 if (COMMAND_USE_CWD_FD(data) || COMMAND_IN_FD_COUNT(data) == 0) {
721 goto end;
722 }
723
724 for (i = 0; i < COMMAND_IN_FD_COUNT(data); i++) {
725 if (COMMAND_IN_FDS(data)[i] < 0) {
726 ERR("Refusing to send invalid fd to worker (fd = %i)",
727 COMMAND_IN_FDS(data)[i]);
728 ret = -1;
729 goto end;
730 }
731 }
732
733 ret = do_send_fds(worker->sockpair[0], COMMAND_IN_FDS(data),
734 COMMAND_IN_FD_COUNT(data));
735 if (ret < 0) {
736 PERROR("Failed to send file descriptor to run-as worker");
737 ret = -1;
738 goto end;
739 }
740 end:
741 return ret;
742 }
743
744 static
745 int send_fds_to_master(struct run_as_worker *worker, enum run_as_cmd cmd,
746 struct run_as_ret *run_as_ret)
747 {
748 int ret = 0;
749 unsigned int i;
750
751 if (COMMAND_OUT_FD_COUNT(cmd) == 0) {
752 goto end;
753 }
754
755 ret = do_send_fds(worker->sockpair[1], COMMAND_OUT_FDS(cmd, run_as_ret),
756 COMMAND_OUT_FD_COUNT(cmd));
757 if (ret < 0) {
758 PERROR("Failed to send file descriptor to master process");
759 goto end;
760 }
761
762 for (i = 0; i < COMMAND_OUT_FD_COUNT(cmd); i++) {
763 int ret_close = close(COMMAND_OUT_FDS(cmd, run_as_ret)[i]);
764
765 if (ret_close < 0) {
766 PERROR("Failed to close result file descriptor");
767 }
768 }
769 end:
770 return ret;
771 }
772
773 static
774 int recv_fds_from_worker(const struct run_as_worker *worker, enum run_as_cmd cmd,
775 struct run_as_ret *run_as_ret)
776 {
777 int ret = 0;
778
779 if (COMMAND_OUT_FD_COUNT(cmd) == 0) {
780 goto end;
781 }
782
783 ret = do_recv_fds(worker->sockpair[0], COMMAND_OUT_FDS(cmd, run_as_ret),
784 COMMAND_OUT_FD_COUNT(cmd));
785 if (ret < 0) {
786 PERROR("Failed to receive file descriptor from run-as worker");
787 ret = -1;
788 }
789 end:
790 return ret;
791 }
792
793 static
794 int recv_fds_from_master(struct run_as_worker *worker, struct run_as_data *data)
795 {
796 int ret = 0;
797
798 if (COMMAND_USE_CWD_FD(data)) {
799 unsigned int i;
800
801 for (i = 0; i < COMMAND_IN_FD_COUNT(data); i++) {
802 COMMAND_IN_FDS(data)[i] = AT_FDCWD;
803 }
804 goto end;
805 }
806
807 ret = do_recv_fds(worker->sockpair[1], COMMAND_IN_FDS(data),
808 COMMAND_IN_FD_COUNT(data));
809 if (ret < 0) {
810 PERROR("Failed to receive file descriptors from master process");
811 ret = -1;
812 }
813 end:
814 return ret;
815 }
816
817 static
818 int cleanup_received_fds(struct run_as_data *data)
819 {
820 int ret = 0, i;
821
822 for (i = 0; i < COMMAND_IN_FD_COUNT(data); i++) {
823 if (COMMAND_IN_FDS(data)[i] == -1) {
824 continue;
825 }
826 ret = close(COMMAND_IN_FDS(data)[i]);
827 if (ret) {
828 PERROR("Failed to close file descriptor received fd in run-as worker");
829 goto end;
830 }
831 }
832 end:
833 return ret;
834 }
835
836 /*
837 * Return < 0 on error, 0 if OK, 1 on hangup.
838 */
839 static
840 int handle_one_cmd(struct run_as_worker *worker)
841 {
842 int ret = 0;
843 struct run_as_data data = {};
844 ssize_t readlen, writelen;
845 struct run_as_ret sendret = {};
846 run_as_fct cmd;
847 uid_t prev_euid;
848
849 /*
850 * Stage 1: Receive run_as_data struct from the master.
851 * The structure contains the command type and all the parameters needed for
852 * its execution
853 */
854 readlen = lttcomm_recv_unix_sock(worker->sockpair[1], &data,
855 sizeof(data));
856 if (readlen == 0) {
857 /* hang up */
858 ret = 1;
859 goto end;
860 }
861 if (readlen < sizeof(data)) {
862 PERROR("lttcomm_recv_unix_sock error");
863 ret = -1;
864 goto end;
865 }
866
867 cmd = run_as_enum_to_fct(data.cmd);
868 if (!cmd) {
869 ret = -1;
870 goto end;
871 }
872
873 /*
874 * Stage 2: Receive file descriptor from master.
875 * Some commands need a file descriptor as input so if it's needed we
876 * receive the fd using the Unix socket.
877 */
878 ret = recv_fds_from_master(worker, &data);
879 if (ret < 0) {
880 PERROR("recv_fd_from_master error");
881 ret = -1;
882 goto end;
883 }
884
885 prev_euid = getuid();
886 if (data.gid != getegid()) {
887 ret = setegid(data.gid);
888 if (ret < 0) {
889 sendret._error = true;
890 sendret._errno = errno;
891 PERROR("setegid");
892 goto write_return;
893 }
894 }
895 if (data.uid != prev_euid) {
896 ret = seteuid(data.uid);
897 if (ret < 0) {
898 sendret._error = true;
899 sendret._errno = errno;
900 PERROR("seteuid");
901 goto write_return;
902 }
903 }
904
905 /*
906 * Also set umask to 0 for mkdir executable bit.
907 */
908 umask(0);
909
910 /*
911 * Stage 3: Execute the command
912 */
913 ret = (*cmd)(&data, &sendret);
914 if (ret < 0) {
915 DBG("Execution of command returned an error");
916 }
917
918 write_return:
919 ret = cleanup_received_fds(&data);
920 if (ret < 0) {
921 ERR("Error cleaning up FD");
922 goto end;
923 }
924
925 /*
926 * Stage 4: Send run_as_ret structure to the master.
927 * This structure contain the return value of the command and the errno.
928 */
929 writelen = lttcomm_send_unix_sock(worker->sockpair[1], &sendret,
930 sizeof(sendret));
931 if (writelen < sizeof(sendret)) {
932 PERROR("lttcomm_send_unix_sock error");
933 ret = -1;
934 goto end;
935 }
936
937 /*
938 * Stage 5: Send resulting file descriptors to the master.
939 */
940 ret = send_fds_to_master(worker, data.cmd, &sendret);
941 if (ret < 0) {
942 DBG("Sending FD to master returned an error");
943 goto end;
944 }
945
946 if (seteuid(prev_euid) < 0) {
947 PERROR("seteuid");
948 ret = -1;
949 goto end;
950 }
951 ret = 0;
952 end:
953 return ret;
954 }
955
956 static
957 int run_as_worker(struct run_as_worker *worker)
958 {
959 int ret;
960 ssize_t writelen;
961 struct run_as_ret sendret;
962 size_t proc_orig_len;
963
964 /*
965 * Initialize worker. Set a different process cmdline.
966 */
967 proc_orig_len = strlen(worker->procname);
968 memset(worker->procname, 0, proc_orig_len);
969 strncpy(worker->procname, DEFAULT_RUN_AS_WORKER_NAME, proc_orig_len);
970
971 ret = lttng_prctl(PR_SET_NAME,
972 (unsigned long) DEFAULT_RUN_AS_WORKER_NAME, 0, 0, 0);
973 if (ret && ret != -ENOSYS) {
974 /* Don't fail as this is not essential. */
975 PERROR("prctl PR_SET_NAME");
976 }
977
978 memset(&sendret, 0, sizeof(sendret));
979
980 writelen = lttcomm_send_unix_sock(worker->sockpair[1], &sendret,
981 sizeof(sendret));
982 if (writelen < sizeof(sendret)) {
983 PERROR("lttcomm_send_unix_sock error");
984 ret = EXIT_FAILURE;
985 goto end;
986 }
987
988 for (;;) {
989 ret = handle_one_cmd(worker);
990 if (ret < 0) {
991 ret = EXIT_FAILURE;
992 goto end;
993 } else if (ret > 0) {
994 break;
995 } else {
996 continue; /* Next command. */
997 }
998 }
999 ret = EXIT_SUCCESS;
1000 end:
1001 return ret;
1002 }
1003
1004 static
1005 int run_as_cmd(struct run_as_worker *worker,
1006 enum run_as_cmd cmd,
1007 struct run_as_data *data,
1008 struct run_as_ret *ret_value,
1009 uid_t uid, gid_t gid)
1010 {
1011 int ret = 0;
1012 ssize_t readlen, writelen;
1013
1014 /*
1015 * If we are non-root, we can only deal with our own uid.
1016 */
1017 if (geteuid() != 0) {
1018 if (uid != geteuid()) {
1019 ret = -1;
1020 ret_value->_errno = EPERM;
1021 ERR("Client (%d)/Server (%d) UID mismatch (and sessiond is not root)",
1022 (int) uid, (int) geteuid());
1023 goto end;
1024 }
1025 }
1026
1027 data->cmd = cmd;
1028 data->uid = uid;
1029 data->gid = gid;
1030
1031 /*
1032 * Stage 1: Send the run_as_data struct to the worker process
1033 */
1034 writelen = lttcomm_send_unix_sock(worker->sockpair[0], data,
1035 sizeof(*data));
1036 if (writelen < sizeof(*data)) {
1037 PERROR("Error writing message to run_as");
1038 ret = -1;
1039 ret_value->_errno = EIO;
1040 goto end;
1041 }
1042
1043 /*
1044 * Stage 2: Send file descriptor to the worker process if needed
1045 */
1046 ret = send_fds_to_worker(worker, data);
1047 if (ret) {
1048 PERROR("do_send_fd error");
1049 ret = -1;
1050 ret_value->_errno = EIO;
1051 goto end;
1052 }
1053
1054 /*
1055 * Stage 3: Wait for the execution of the command
1056 */
1057
1058 /*
1059 * Stage 4: Receive the run_as_ret struct containing the return value and
1060 * errno
1061 */
1062 readlen = lttcomm_recv_unix_sock(worker->sockpair[0], ret_value,
1063 sizeof(*ret_value));
1064 if (!readlen) {
1065 ERR("Run-as worker has hung-up during run_as_cmd");
1066 ret = -1;
1067 ret_value->_errno = EIO;
1068 goto end;
1069 } else if (readlen < sizeof(*ret_value)) {
1070 PERROR("Error reading response from run_as");
1071 ret = -1;
1072 ret_value->_errno = errno;
1073 goto end;
1074 }
1075
1076 if (ret_value->_error) {
1077 /* Skip stage 5 on error as there will be no fd to receive. */
1078 goto end;
1079 }
1080
1081 /*
1082 * Stage 5: Receive file descriptor if needed
1083 */
1084 ret = recv_fds_from_worker(worker, cmd, ret_value);
1085 if (ret < 0) {
1086 ERR("Error receiving fd");
1087 ret = -1;
1088 ret_value->_errno = EIO;
1089 }
1090
1091 end:
1092 return ret;
1093 }
1094
1095 /*
1096 * This is for debugging ONLY and should not be considered secure.
1097 */
1098 static
1099 int run_as_noworker(enum run_as_cmd cmd,
1100 struct run_as_data *data, struct run_as_ret *ret_value,
1101 uid_t uid, gid_t gid)
1102 {
1103 int ret, saved_errno;
1104 mode_t old_mask;
1105 run_as_fct fct;
1106
1107 fct = run_as_enum_to_fct(cmd);
1108 if (!fct) {
1109 errno = -ENOSYS;
1110 ret = -1;
1111 goto end;
1112 }
1113 old_mask = umask(0);
1114 ret = fct(data, ret_value);
1115 saved_errno = ret_value->_errno;
1116 umask(old_mask);
1117 errno = saved_errno;
1118 end:
1119 return ret;
1120 }
1121
1122 static
1123 int reset_sighandler(void)
1124 {
1125 int sig;
1126
1127 DBG("Resetting run_as worker signal handlers to default");
1128 for (sig = 1; sig <= 31; sig++) {
1129 (void) signal(sig, SIG_DFL);
1130 }
1131 return 0;
1132 }
1133
1134 static
1135 void worker_sighandler(int sig)
1136 {
1137 const char *signame;
1138
1139 /*
1140 * The worker will inherit its parent's signals since they are part of
1141 * the same process group. However, in the case of SIGINT and SIGTERM,
1142 * we want to give the worker a chance to teardown gracefully when its
1143 * parent closes the command socket.
1144 */
1145 switch (sig) {
1146 case SIGINT:
1147 signame = "SIGINT";
1148 break;
1149 case SIGTERM:
1150 signame = "SIGTERM";
1151 break;
1152 default:
1153 signame = NULL;
1154 }
1155
1156 if (signame) {
1157 DBG("run_as worker received signal %s", signame);
1158 } else {
1159 DBG("run_as_worker received signal %d", sig);
1160 }
1161 }
1162
1163 static
1164 int set_worker_sighandlers(void)
1165 {
1166 int ret = 0;
1167 sigset_t sigset;
1168 struct sigaction sa;
1169
1170 if ((ret = sigemptyset(&sigset)) < 0) {
1171 PERROR("sigemptyset");
1172 goto end;
1173 }
1174
1175 sa.sa_handler = worker_sighandler;
1176 sa.sa_mask = sigset;
1177 sa.sa_flags = 0;
1178 if ((ret = sigaction(SIGINT, &sa, NULL)) < 0) {
1179 PERROR("sigaction SIGINT");
1180 goto end;
1181 }
1182
1183 if ((ret = sigaction(SIGTERM, &sa, NULL)) < 0) {
1184 PERROR("sigaction SIGTERM");
1185 goto end;
1186 }
1187
1188 DBG("run_as signal handler set for SIGTERM and SIGINT");
1189 end:
1190 return ret;
1191 }
1192
1193 static
1194 int run_as_create_worker_no_lock(const char *procname,
1195 post_fork_cleanup_cb clean_up_func,
1196 void *clean_up_user_data)
1197 {
1198 pid_t pid;
1199 int i, ret = 0;
1200 ssize_t readlen;
1201 struct run_as_ret recvret;
1202 struct run_as_worker *worker;
1203
1204 assert(!global_worker);
1205 if (!use_clone()) {
1206 /*
1207 * Don't initialize a worker, all run_as tasks will be performed
1208 * in the current process.
1209 */
1210 ret = 0;
1211 goto end;
1212 }
1213 worker = zmalloc(sizeof(*worker));
1214 if (!worker) {
1215 ret = -ENOMEM;
1216 goto end;
1217 }
1218 worker->procname = strdup(procname);
1219 if (!worker->procname) {
1220 ret = -ENOMEM;
1221 goto error_procname_alloc;
1222 }
1223 /* Create unix socket. */
1224 if (lttcomm_create_anon_unix_socketpair(worker->sockpair) < 0) {
1225 ret = -1;
1226 goto error_sock;
1227 }
1228
1229 /* Fork worker. */
1230 pid = fork();
1231 if (pid < 0) {
1232 PERROR("fork");
1233 ret = -1;
1234 goto error_fork;
1235 } else if (pid == 0) {
1236 /* Child */
1237
1238 reset_sighandler();
1239
1240 set_worker_sighandlers();
1241 if (clean_up_func) {
1242 if (clean_up_func(clean_up_user_data) < 0) {
1243 ERR("Run-as post-fork clean-up failed, exiting.");
1244 exit(EXIT_FAILURE);
1245 }
1246 }
1247
1248 /* Just close, no shutdown. */
1249 if (close(worker->sockpair[0])) {
1250 PERROR("close");
1251 exit(EXIT_FAILURE);
1252 }
1253
1254 /*
1255 * Close all FDs aside from STDIN, STDOUT, STDERR and sockpair[1]
1256 * Sockpair[1] is used as a control channel with the master
1257 */
1258 for (i = 3; i < sysconf(_SC_OPEN_MAX); i++) {
1259 if (i != worker->sockpair[1]) {
1260 (void) close(i);
1261 }
1262 }
1263
1264 worker->sockpair[0] = -1;
1265 ret = run_as_worker(worker);
1266 if (lttcomm_close_unix_sock(worker->sockpair[1])) {
1267 PERROR("close");
1268 ret = -1;
1269 }
1270 worker->sockpair[1] = -1;
1271 free(worker->procname);
1272 free(worker);
1273 LOG(ret ? PRINT_ERR : PRINT_DBG, "run_as worker exiting (ret = %d)", ret);
1274 exit(ret ? EXIT_FAILURE : EXIT_SUCCESS);
1275 } else {
1276 /* Parent */
1277
1278 /* Just close, no shutdown. */
1279 if (close(worker->sockpair[1])) {
1280 PERROR("close");
1281 ret = -1;
1282 goto error_fork;
1283 }
1284 worker->sockpair[1] = -1;
1285 worker->pid = pid;
1286 /* Wait for worker to become ready. */
1287 readlen = lttcomm_recv_unix_sock(worker->sockpair[0],
1288 &recvret, sizeof(recvret));
1289 if (readlen < sizeof(recvret)) {
1290 ERR("readlen: %zd", readlen);
1291 PERROR("Error reading response from run_as at creation");
1292 ret = -1;
1293 goto error_fork;
1294 }
1295 global_worker = worker;
1296 }
1297 end:
1298 return ret;
1299
1300 /* Error handling. */
1301 error_fork:
1302 for (i = 0; i < 2; i++) {
1303 if (worker->sockpair[i] < 0) {
1304 continue;
1305 }
1306 if (lttcomm_close_unix_sock(worker->sockpair[i])) {
1307 PERROR("close");
1308 }
1309 worker->sockpair[i] = -1;
1310 }
1311 error_sock:
1312 free(worker->procname);
1313 error_procname_alloc:
1314 free(worker);
1315 return ret;
1316 }
1317
1318 static
1319 void run_as_destroy_worker_no_lock(void)
1320 {
1321 struct run_as_worker *worker = global_worker;
1322
1323 DBG("Destroying run_as worker");
1324 if (!worker) {
1325 return;
1326 }
1327 /* Close unix socket */
1328 DBG("Closing run_as worker socket");
1329 if (lttcomm_close_unix_sock(worker->sockpair[0])) {
1330 PERROR("close");
1331 }
1332 worker->sockpair[0] = -1;
1333 /* Wait for worker. */
1334 for (;;) {
1335 int status;
1336 pid_t wait_ret;
1337
1338 wait_ret = waitpid(worker->pid, &status, 0);
1339 if (wait_ret < 0) {
1340 if (errno == EINTR) {
1341 continue;
1342 }
1343 PERROR("waitpid");
1344 break;
1345 }
1346
1347 if (WIFEXITED(status)) {
1348 LOG(WEXITSTATUS(status) == 0 ? PRINT_DBG : PRINT_ERR,
1349 DEFAULT_RUN_AS_WORKER_NAME " terminated with status code %d",
1350 WEXITSTATUS(status));
1351 break;
1352 } else if (WIFSIGNALED(status)) {
1353 ERR(DEFAULT_RUN_AS_WORKER_NAME " was killed by signal %d",
1354 WTERMSIG(status));
1355 break;
1356 }
1357 }
1358 free(worker->procname);
1359 free(worker);
1360 global_worker = NULL;
1361 }
1362
1363 static
1364 int run_as_restart_worker(struct run_as_worker *worker)
1365 {
1366 int ret = 0;
1367 char *procname = NULL;
1368
1369 procname = worker->procname;
1370
1371 /* Close socket to run_as worker process and clean up the zombie process */
1372 run_as_destroy_worker_no_lock();
1373
1374 /* Create a new run_as worker process*/
1375 ret = run_as_create_worker_no_lock(procname, NULL, NULL);
1376 if (ret < 0 ) {
1377 ERR("Restarting the worker process failed");
1378 ret = -1;
1379 goto err;
1380 }
1381 err:
1382 return ret;
1383 }
1384
1385 static
1386 int run_as(enum run_as_cmd cmd, struct run_as_data *data,
1387 struct run_as_ret *ret_value, uid_t uid, gid_t gid)
1388 {
1389 int ret, saved_errno;
1390
1391 pthread_mutex_lock(&worker_lock);
1392 if (use_clone()) {
1393 DBG("Using run_as worker");
1394
1395 assert(global_worker);
1396
1397 ret = run_as_cmd(global_worker, cmd, data, ret_value, uid, gid);
1398 saved_errno = ret_value->_errno;
1399
1400 /*
1401 * If the worker thread crashed the errno is set to EIO. we log
1402 * the error and start a new worker process.
1403 */
1404 if (ret == -1 && saved_errno == EIO) {
1405 DBG("Socket closed unexpectedly... "
1406 "Restarting the worker process");
1407 ret = run_as_restart_worker(global_worker);
1408 if (ret == -1) {
1409 ERR("Failed to restart worker process.");
1410 goto err;
1411 }
1412 }
1413 } else {
1414 DBG("Using run_as without worker");
1415 ret = run_as_noworker(cmd, data, ret_value, uid, gid);
1416 }
1417 err:
1418 pthread_mutex_unlock(&worker_lock);
1419 return ret;
1420 }
1421
1422 LTTNG_HIDDEN
1423 int run_as_mkdir_recursive(const char *path, mode_t mode, uid_t uid, gid_t gid)
1424 {
1425 return run_as_mkdirat_recursive(AT_FDCWD, path, mode, uid, gid);
1426 }
1427
1428 LTTNG_HIDDEN
1429 int run_as_mkdirat_recursive(int dirfd, const char *path, mode_t mode,
1430 uid_t uid, gid_t gid)
1431 {
1432 int ret;
1433 struct run_as_data data = {};
1434 struct run_as_ret run_as_ret = {};
1435
1436 DBG3("mkdirat() recursive fd = %d%s, path = %s, mode = %d, uid = %d, gid = %d",
1437 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1438 path, (int) mode, (int) uid, (int) gid);
1439 ret = lttng_strncpy(data.u.mkdir.path, path,
1440 sizeof(data.u.mkdir.path));
1441 if (ret) {
1442 ERR("Failed to copy path argument of mkdirat recursive command");
1443 goto error;
1444 }
1445 data.u.mkdir.path[sizeof(data.u.mkdir.path) - 1] = '\0';
1446 data.u.mkdir.mode = mode;
1447 data.u.mkdir.dirfd = dirfd;
1448 run_as(dirfd == AT_FDCWD ? RUN_AS_MKDIR_RECURSIVE : RUN_AS_MKDIRAT_RECURSIVE,
1449 &data, &run_as_ret, uid, gid);
1450 errno = run_as_ret._errno;
1451 ret = run_as_ret.u.ret;
1452 error:
1453 return ret;
1454 }
1455
1456 LTTNG_HIDDEN
1457 int run_as_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid)
1458 {
1459 return run_as_mkdirat(AT_FDCWD, path, mode, uid, gid);
1460 }
1461
1462 LTTNG_HIDDEN
1463 int run_as_mkdirat(int dirfd, const char *path, mode_t mode,
1464 uid_t uid, gid_t gid)
1465 {
1466 int ret;
1467 struct run_as_data data = {};
1468 struct run_as_ret run_as_ret = {};
1469
1470 DBG3("mkdirat() recursive fd = %d%s, path = %s, mode = %d, uid = %d, gid = %d",
1471 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1472 path, (int) mode, (int) uid, (int) gid);
1473 ret = lttng_strncpy(data.u.mkdir.path, path,
1474 sizeof(data.u.mkdir.path));
1475 if (ret) {
1476 ERR("Failed to copy path argument of mkdirat command");
1477 goto error;
1478 }
1479 data.u.mkdir.path[sizeof(data.u.mkdir.path) - 1] = '\0';
1480 data.u.mkdir.mode = mode;
1481 data.u.mkdir.dirfd = dirfd;
1482 run_as(dirfd == AT_FDCWD ? RUN_AS_MKDIR : RUN_AS_MKDIRAT,
1483 &data, &run_as_ret, uid, gid);
1484 errno = run_as_ret._errno;
1485 ret = run_as_ret.u.ret;
1486 error:
1487 return ret;
1488 }
1489
1490 LTTNG_HIDDEN
1491 int run_as_open(const char *path, int flags, mode_t mode, uid_t uid,
1492 gid_t gid)
1493 {
1494 return run_as_openat(AT_FDCWD, path, flags, mode, uid, gid);
1495 }
1496
1497 LTTNG_HIDDEN
1498 int run_as_openat(int dirfd, const char *path, int flags, mode_t mode,
1499 uid_t uid, gid_t gid)
1500 {
1501 int ret;
1502 struct run_as_data data = {};
1503 struct run_as_ret run_as_ret = {};
1504
1505 DBG3("openat() fd = %d%s, path = %s, flags = %X, mode = %d, uid %d, gid %d",
1506 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1507 path, flags, (int) mode, (int) uid, (int) gid);
1508 ret = lttng_strncpy(data.u.open.path, path, sizeof(data.u.open.path));
1509 if (ret) {
1510 ERR("Failed to copy path argument of open command");
1511 goto error;
1512 }
1513 data.u.open.flags = flags;
1514 data.u.open.mode = mode;
1515 data.u.open.dirfd = dirfd;
1516 run_as(dirfd == AT_FDCWD ? RUN_AS_OPEN : RUN_AS_OPENAT,
1517 &data, &run_as_ret, uid, gid);
1518 errno = run_as_ret._errno;
1519 ret = run_as_ret.u.ret < 0 ? run_as_ret.u.ret :
1520 run_as_ret.u.open.fd;
1521 error:
1522 return ret;
1523 }
1524
1525 LTTNG_HIDDEN
1526 int run_as_unlink(const char *path, uid_t uid, gid_t gid)
1527 {
1528 return run_as_unlinkat(AT_FDCWD, path, uid, gid);
1529 }
1530
1531 LTTNG_HIDDEN
1532 int run_as_unlinkat(int dirfd, const char *path, uid_t uid, gid_t gid)
1533 {
1534 int ret;
1535 struct run_as_data data = {};
1536 struct run_as_ret run_as_ret = {};
1537
1538 DBG3("unlinkat() fd = %d%s, path = %s, uid = %d, gid = %d",
1539 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1540 path, (int) uid, (int) gid);
1541 ret = lttng_strncpy(data.u.unlink.path, path,
1542 sizeof(data.u.unlink.path));
1543 if (ret) {
1544 goto error;
1545 }
1546 data.u.unlink.dirfd = dirfd;
1547 run_as(dirfd == AT_FDCWD ? RUN_AS_UNLINK : RUN_AS_UNLINKAT, &data,
1548 &run_as_ret, uid, gid);
1549 errno = run_as_ret._errno;
1550 ret = run_as_ret.u.ret;
1551 error:
1552 return ret;
1553 }
1554
1555 LTTNG_HIDDEN
1556 int run_as_rmdir(const char *path, uid_t uid, gid_t gid)
1557 {
1558 return run_as_rmdirat(AT_FDCWD, path, uid, gid);
1559 }
1560
1561 LTTNG_HIDDEN
1562 int run_as_rmdirat(int dirfd, const char *path, uid_t uid, gid_t gid)
1563 {
1564 int ret;
1565 struct run_as_data data = {};
1566 struct run_as_ret run_as_ret = {};
1567
1568 DBG3("rmdirat() fd = %d%s, path = %s, uid = %d, gid = %d",
1569 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1570 path, (int) uid, (int) gid);
1571 ret = lttng_strncpy(data.u.rmdir.path, path,
1572 sizeof(data.u.rmdir.path));
1573 if (ret) {
1574 goto error;
1575 }
1576 data.u.rmdir.dirfd = dirfd;
1577 run_as(dirfd == AT_FDCWD ? RUN_AS_RMDIR : RUN_AS_RMDIRAT, &data,
1578 &run_as_ret, uid, gid);
1579 errno = run_as_ret._errno;
1580 ret = run_as_ret.u.ret;
1581 error:
1582 return ret;
1583 }
1584
1585 LTTNG_HIDDEN
1586 int run_as_rmdir_recursive(const char *path, uid_t uid, gid_t gid, int flags)
1587 {
1588 return run_as_rmdirat_recursive(AT_FDCWD, path, uid, gid, flags);
1589 }
1590
1591 LTTNG_HIDDEN
1592 int run_as_rmdirat_recursive(int dirfd, const char *path, uid_t uid, gid_t gid, int flags)
1593 {
1594 int ret;
1595 struct run_as_data data = {};
1596 struct run_as_ret run_as_ret = {};
1597
1598 DBG3("rmdirat() recursive fd = %d%s, path = %s, uid = %d, gid = %d",
1599 dirfd, dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1600 path, (int) uid, (int) gid);
1601 ret = lttng_strncpy(data.u.rmdir.path, path,
1602 sizeof(data.u.rmdir.path));
1603 if (ret) {
1604 goto error;
1605 }
1606 data.u.rmdir.dirfd = dirfd;
1607 data.u.rmdir.flags = flags;
1608 run_as(dirfd == AT_FDCWD ? RUN_AS_RMDIR_RECURSIVE : RUN_AS_RMDIRAT_RECURSIVE,
1609 &data, &run_as_ret, uid, gid);
1610 errno = run_as_ret._errno;
1611 ret = run_as_ret.u.ret;
1612 error:
1613 return ret;
1614 }
1615
1616 LTTNG_HIDDEN
1617 int run_as_rename(const char *old, const char *new, uid_t uid, gid_t gid)
1618 {
1619 return run_as_renameat(AT_FDCWD, old, AT_FDCWD, new, uid, gid);
1620 }
1621
1622 LTTNG_HIDDEN
1623 int run_as_renameat(int old_dirfd, const char *old_name,
1624 int new_dirfd, const char *new_name, uid_t uid, gid_t gid)
1625 {
1626 int ret;
1627 struct run_as_data data = {};
1628 struct run_as_ret run_as_ret = {};
1629
1630 DBG3("renameat() old_dirfd = %d%s, old_name = %s, new_dirfd = %d%s, new_name = %s, uid = %d, gid = %d",
1631 old_dirfd, old_dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1632 old_name,
1633 new_dirfd, new_dirfd == AT_FDCWD ? " (AT_FDCWD)" : "",
1634 new_name, (int) uid, (int) gid);
1635 ret = lttng_strncpy(data.u.rename.old_path, old_name,
1636 sizeof(data.u.rename.old_path));
1637 if (ret) {
1638 goto error;
1639 }
1640 ret = lttng_strncpy(data.u.rename.new_path, new_name,
1641 sizeof(data.u.rename.new_path));
1642 if (ret) {
1643 goto error;
1644 }
1645
1646 data.u.rename.dirfds[0] = old_dirfd;
1647 data.u.rename.dirfds[1] = new_dirfd;
1648 run_as(old_dirfd == AT_FDCWD && new_dirfd == AT_FDCWD ?
1649 RUN_AS_RENAME : RUN_AS_RENAMEAT,
1650 &data, &run_as_ret, uid, gid);
1651 errno = run_as_ret._errno;
1652 ret = run_as_ret.u.ret;
1653 error:
1654 return ret;
1655 }
1656
1657 LTTNG_HIDDEN
1658 int run_as_extract_elf_symbol_offset(int fd, const char* function,
1659 uid_t uid, gid_t gid, uint64_t *offset)
1660 {
1661 int ret;
1662 struct run_as_data data = {};
1663 struct run_as_ret run_as_ret = {};
1664
1665 DBG3("extract_elf_symbol_offset() on fd=%d and function=%s "
1666 "with for uid %d and gid %d", fd, function,
1667 (int) uid, (int) gid);
1668
1669 data.u.extract_elf_symbol_offset.fd = fd;
1670
1671 strncpy(data.u.extract_elf_symbol_offset.function, function, LTTNG_SYMBOL_NAME_LEN - 1);
1672 data.u.extract_elf_symbol_offset.function[LTTNG_SYMBOL_NAME_LEN - 1] = '\0';
1673 ret = lttng_strncpy(data.u.extract_elf_symbol_offset.function,
1674 function,
1675 sizeof(data.u.extract_elf_symbol_offset.function));
1676 if (ret) {
1677 goto error;
1678 }
1679
1680 run_as(RUN_AS_EXTRACT_ELF_SYMBOL_OFFSET, &data, &run_as_ret, uid, gid);
1681 errno = run_as_ret._errno;
1682 if (run_as_ret._error) {
1683 ret = -1;
1684 goto error;
1685 }
1686
1687 *offset = run_as_ret.u.extract_elf_symbol_offset.offset;
1688 error:
1689 return ret;
1690 }
1691
1692 LTTNG_HIDDEN
1693 int run_as_extract_sdt_probe_offsets(int fd, const char* provider_name,
1694 const char* probe_name, uid_t uid, gid_t gid,
1695 uint64_t **offsets, uint32_t *num_offset)
1696 {
1697 int ret;
1698 struct run_as_data data = {};
1699 struct run_as_ret run_as_ret = {};
1700
1701 DBG3("extract_sdt_probe_offsets() on fd=%d, probe_name=%s and "
1702 "provider_name=%s with for uid %d and gid %d", fd,
1703 probe_name, provider_name, (int) uid, (int) gid);
1704
1705 data.u.extract_sdt_probe_offsets.fd = fd;
1706
1707 ret = lttng_strncpy(data.u.extract_sdt_probe_offsets.probe_name, probe_name,
1708 sizeof(data.u.extract_sdt_probe_offsets.probe_name));
1709 if (ret) {
1710 goto error;
1711 }
1712 ret = lttng_strncpy(data.u.extract_sdt_probe_offsets.provider_name,
1713 provider_name,
1714 sizeof(data.u.extract_sdt_probe_offsets.provider_name));
1715 if (ret) {
1716 goto error;
1717 }
1718
1719 run_as(RUN_AS_EXTRACT_SDT_PROBE_OFFSETS, &data, &run_as_ret, uid, gid);
1720 errno = run_as_ret._errno;
1721 if (run_as_ret._error) {
1722 ret = -1;
1723 goto error;
1724 }
1725
1726 *num_offset = run_as_ret.u.extract_sdt_probe_offsets.num_offset;
1727 *offsets = zmalloc(*num_offset * sizeof(uint64_t));
1728 if (!*offsets) {
1729 ret = -ENOMEM;
1730 goto error;
1731 }
1732
1733 memcpy(*offsets, run_as_ret.u.extract_sdt_probe_offsets.offsets,
1734 *num_offset * sizeof(uint64_t));
1735 error:
1736 return ret;
1737 }
1738
1739 LTTNG_HIDDEN
1740 int run_as_create_worker(const char *procname,
1741 post_fork_cleanup_cb clean_up_func,
1742 void *clean_up_user_data)
1743 {
1744 int ret;
1745
1746 pthread_mutex_lock(&worker_lock);
1747 ret = run_as_create_worker_no_lock(procname, clean_up_func,
1748 clean_up_user_data);
1749 pthread_mutex_unlock(&worker_lock);
1750 return ret;
1751 }
1752
1753 LTTNG_HIDDEN
1754 void run_as_destroy_worker(void)
1755 {
1756 pthread_mutex_lock(&worker_lock);
1757 run_as_destroy_worker_no_lock();
1758 pthread_mutex_unlock(&worker_lock);
1759 }
LTTng 2.0 tools and control repository
This page took 0.06664 seconds and 4 git commands to generate.