hg/dhcpcd: src/privsep-root.c annotate

annotate src/privsep-root.c @ 5525:26b5d9bc2985 draft

privsep: Send all log messages to the privileged actioneer If dhcpcd starts and no syslogd implementation is running then various syscall filters could be triggered when dhcpcd wants to syslog and it's already in a chroot. Not all libc openlog implementations support LOG_NDELAY and openlog does not return an error code and can also mask errno back to 0. So we have no way of knowing if we have a syslog connection or not. This means we cannot cache the connection at startup because syslog itself will try and open if no connection. As such, all logging is now directed to the dhcpcd privileged actioneer process which will handle all the syslog and log file writing actions. The only downside of this approach (other than an extra fd per process) is that we no longer know which PID raised the message. While we could put the correct PID in the logfile as we control the API, we cannot put it into syslog as we cannot control that API. As all privsep errors should log which function they came from this will hopefully not be an issue as on the happy path only the master process will log stuff.

author	Roy Marples <roy@marples.name>
date	Fri, 30 Oct 2020 03:43:51 +0000
parents	6cd47402148f
children	b1a3d9055662

rev	line source
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	1 /* SPDX-License-Identifier: BSD-2-Clause */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	2 /*
5060 4539ffcdd656 spelling: Correct both privilege and separation Roy Marples <roy@marples.name> parents: 4997 diff changeset	3 * Privilege Separation for dhcpcd, privileged actioneer
4922 555d7d1a4939 Welcome to 2020! Roy Marples <roy@marples.name> parents: 4868 diff changeset	4 * Copyright (c) 2006-2020 Roy Marples <roy@marples.name>
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	5 * All rights reserved
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	6
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	7 * Redistribution and use in source and binary forms, with or without
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	8 * modification, are permitted provided that the following conditions
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	9 * are met:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	10 * 1. Redistributions of source code must retain the above copyright
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	11 * notice, this list of conditions and the following disclaimer.
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	12 * 2. Redistributions in binary form must reproduce the above copyright
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	13 * notice, this list of conditions and the following disclaimer in the
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	14 * documentation and/or other materials provided with the distribution.
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	15 *
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	26 * SUCH DAMAGE.
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	27 */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	28
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	29 #include <sys/ioctl.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	30 #include <sys/socket.h>
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	31 #include <sys/stat.h>
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	32 #include <sys/time.h>
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	33 #include <sys/types.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	34 #include <sys/wait.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	35
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	36 #include <assert.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	37 #include <errno.h>
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	38 #include <fcntl.h>
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	39 #include <pwd.h>
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	40 #include <signal.h>
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	41 #include <stddef.h>
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	42 #include <stdlib.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	43 #include <string.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	44 #include <unistd.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	45
5299 b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	46 #include "auth.h"
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	47 #include "common.h"
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	48 #include "dev.h"
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	49 #include "dhcpcd.h"
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	50 #include "dhcp6.h"
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	51 #include "eloop.h"
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	52 #include "if.h"
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	53 #include "ipv6nd.h"
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	54 #include "logerr.h"
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	55 #include "privsep.h"
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	56 #include "sa.h"
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	57 #include "script.h"
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	58
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	59 __CTASSERT(sizeof(ioctl_request_t) <= sizeof(unsigned long));
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	60
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	61 struct psr_error
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	62 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	63 ssize_t psr_result;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	64 int psr_errno;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	65 char psr_pad[sizeof(ssize_t) - sizeof(int)];
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	66 size_t psr_datalen;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	67 };
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	68
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	69 struct psr_ctx {
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	70 struct dhcpcd_ctx *psr_ctx;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	71 struct psr_error psr_error;
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	72 size_t psr_datalen;
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	73 void *psr_data;
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	74 };
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	75
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	76 static void
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	77 ps_root_readerrorcb(void *arg)
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	78 {
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	79 struct psr_ctx *psr_ctx = arg;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	80 struct dhcpcd_ctx *ctx = psr_ctx->psr_ctx;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	81 struct psr_error *psr_error = &psr_ctx->psr_error;
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	82 struct iovec iov[] = {
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	83 { .iov_base = psr_error, .iov_len = sizeof(*psr_error) },
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	84 { .iov_base = psr_ctx->psr_data,
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	85 .iov_len = psr_ctx->psr_datalen },
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	86 };
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	87 ssize_t len;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	88 int exit_code = EXIT_FAILURE;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	89
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	90 #define PSR_ERROR(e) \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	91 do { \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	92 psr_error->psr_result = -1; \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	93 psr_error->psr_errno = (e); \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	94 goto out; \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	95 } while (0 /* CONSTCOND */)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	96
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	97 len = readv(ctx->ps_root_fd, iov, __arraycount(iov));
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	98 if (len == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	99 PSR_ERROR(errno);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	100 else if ((size_t)len < sizeof(*psr_error))
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	101 PSR_ERROR(EINVAL);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	102 exit_code = EXIT_SUCCESS;
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	103
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	104 out:
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	105 eloop_exit(ctx->ps_eloop, exit_code);
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	106 }
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	107
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	108 ssize_t
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	109 ps_root_readerror(struct dhcpcd_ctx ctx, void data, size_t len)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	110 {
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	111 struct psr_ctx psr_ctx = {
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	112 .psr_ctx = ctx,
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	113 .psr_data = data, .psr_datalen = len,
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	114 };
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	115
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	116 if (eloop_event_add(ctx->ps_eloop, ctx->ps_root_fd,
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	117 ps_root_readerrorcb, &psr_ctx) == -1)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	118 return -1;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	119
5297 477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	120 eloop_enter(ctx->ps_eloop);
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	121 eloop_start(ctx->ps_eloop, &ctx->sigset);
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	122
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	123 errno = psr_ctx.psr_error.psr_errno;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	124 return psr_ctx.psr_error.psr_result;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	125 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	126
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	127 #ifdef PRIVSEP_GETIFADDRS
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	128 static void
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	129 ps_root_mreaderrorcb(void *arg)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	130 {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	131 struct psr_ctx *psr_ctx = arg;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	132 struct dhcpcd_ctx *ctx = psr_ctx->psr_ctx;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	133 struct psr_error *psr_error = &psr_ctx->psr_error;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	134 struct iovec iov[] = {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	135 { .iov_base = psr_error, .iov_len = sizeof(*psr_error) },
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	136 { .iov_base = NULL, .iov_len = 0 },
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	137 };
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	138 ssize_t len;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	139 int exit_code = EXIT_FAILURE;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	140
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	141 len = recv(ctx->ps_root_fd, psr_error, sizeof(*psr_error), MSG_PEEK);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	142 if (len == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	143 PSR_ERROR(errno);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	144 else if ((size_t)len < sizeof(*psr_error))
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	145 PSR_ERROR(EINVAL);
5345 f6051f78e441 Try and guard against impossibly large data. Roy Marples <roy@marples.name> parents: 5330 diff changeset	146
f6051f78e441 Try and guard against impossibly large data. Roy Marples <roy@marples.name> parents: 5330 diff changeset	147 if (psr_error->psr_datalen > SSIZE_MAX)
5329 cc6b3545c52c privsep: limit psr_datalen to SSIZE_MAX Roy Marples <roy@marples.name> parents: 5321 diff changeset	148 PSR_ERROR(ENOBUFS);
5345 f6051f78e441 Try and guard against impossibly large data. Roy Marples <roy@marples.name> parents: 5330 diff changeset	149 else if (psr_error->psr_datalen != 0) {
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	150 psr_ctx->psr_data = malloc(psr_error->psr_datalen);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	151 if (psr_ctx->psr_data == NULL)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	152 PSR_ERROR(errno);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	153 psr_ctx->psr_datalen = psr_error->psr_datalen;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	154 iov[1].iov_base = psr_ctx->psr_data;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	155 iov[1].iov_len = psr_ctx->psr_datalen;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	156 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	157
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	158 len = readv(ctx->ps_root_fd, iov, __arraycount(iov));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	159 if (len == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	160 PSR_ERROR(errno);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	161 else if ((size_t)len != sizeof(*psr_error) + psr_ctx->psr_datalen)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	162 PSR_ERROR(EINVAL);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	163 exit_code = EXIT_SUCCESS;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	164
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	165 out:
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	166 eloop_exit(ctx->ps_eloop, exit_code);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	167 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	168
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	169 ssize_t
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	170 ps_root_mreaderror(struct dhcpcd_ctx ctx, void data, size_t len)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	171 {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	172 struct psr_ctx psr_ctx = {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	173 .psr_ctx = ctx,
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	174 };
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	175
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	176 if (eloop_event_add(ctx->ps_eloop, ctx->ps_root_fd,
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	177 ps_root_mreaderrorcb, &psr_ctx) == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	178 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	179
5297 477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	180 eloop_enter(ctx->ps_eloop);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	181 eloop_start(ctx->ps_eloop, &ctx->sigset);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	182
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	183 errno = psr_ctx.psr_error.psr_errno;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	184 *data = psr_ctx.psr_data;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	185 *len = psr_ctx.psr_datalen;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	186 return psr_ctx.psr_error.psr_result;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	187 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	188 #endif
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	189
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	190 static ssize_t
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	191 ps_root_writeerror(struct dhcpcd_ctx *ctx, ssize_t result,
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	192 void *data, size_t len)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	193 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	194 struct psr_error psr = {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	195 .psr_result = result,
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	196 .psr_errno = errno,
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	197 .psr_datalen = len,
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	198 };
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	199 struct iovec iov[] = {
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	200 { .iov_base = &psr, .iov_len = sizeof(psr) },
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	201 { .iov_base = data, .iov_len = len },
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	202 };
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	203
4868 119c8986dfc8 privsep: Enable ARP BPF filtering for interesting addresses Roy Marples <roy@marples.name> parents: 4851 diff changeset	204 #ifdef PRIVSEP_DEBUG
119c8986dfc8 privsep: Enable ARP BPF filtering for interesting addresses Roy Marples <roy@marples.name> parents: 4851 diff changeset	205 logdebugx("%s: result %zd errno %d", __func__, result, errno);
119c8986dfc8 privsep: Enable ARP BPF filtering for interesting addresses Roy Marples <roy@marples.name> parents: 4851 diff changeset	206 #endif
119c8986dfc8 privsep: Enable ARP BPF filtering for interesting addresses Roy Marples <roy@marples.name> parents: 4851 diff changeset	207
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	208 return writev(ctx->ps_root_fd, iov, __arraycount(iov));
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	209 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	210
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	211 static ssize_t
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	212 ps_root_doioctl(unsigned long req, void *data, size_t len)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	213 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	214 int s, err;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	215
5246 52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	216 /* Only allow these ioctls */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	217 switch(req) {
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	218 #ifdef SIOCAIFADDR
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	219 case SIOCAIFADDR: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	220 case SIOCDIFADDR: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	221 #endif
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	222 #ifdef SIOCSIFHWADDR
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	223 case SIOCSIFHWADDR: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	224 #endif
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	225 #ifdef SIOCGIFPRIORITY
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	226 case SIOCGIFPRIORITY: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	227 #endif
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	228 case SIOCSIFFLAGS: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	229 case SIOCGIFMTU: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	230 case SIOCSIFMTU:
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	231 break;
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	232 default:
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	233 errno = EPERM;
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	234 return -1;
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	235 }
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	236
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	237 s = socket(PF_INET, SOCK_DGRAM, 0);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	238 if (s != -1)
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	239 #ifdef IOCTL_REQUEST_TYPE
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	240 {
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	241 ioctl_request_t reqt;
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	242
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	243 memcpy(&reqt, &req, sizeof(reqt));
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	244 err = ioctl(s, reqt, data, len);
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	245 }
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	246 #else
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	247 err = ioctl(s, req, data, len);
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	248 #endif
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	249 else
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	250 err = -1;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	251 if (s != -1)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	252 close(s);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	253 return err;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	254 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	255
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	256 static ssize_t
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	257 ps_root_run_script(struct dhcpcd_ctx ctx, const void data, size_t len)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	258 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	259 const char *envbuf = data;
5255 ee23398a68db dhcpcd: Move the script file from per interface to global context Roy Marples <roy@marples.name> parents: 5253 diff changeset	260 char * const argv[] = { ctx->script, NULL };
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	261 pid_t pid;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	262 int status;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	263
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	264 if (len == 0)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	265 return 0;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	266
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	267 if (script_buftoenv(ctx, UNCONST(envbuf), len) == NULL)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	268 return -1;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	269
5123 9422e8c904d5 scripts: Run with an empty sigmask Christos Zoulas <christos@zoulas.com> parents: 5112 diff changeset	270 pid = script_exec(argv, ctx->script_env);
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	271 if (pid == -1)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	272 return -1;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	273 /* Wait for the script to finish */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	274 while (waitpid(pid, &status, 0) == -1) {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	275 if (errno != EINTR) {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	276 logerr(__func__);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	277 status = 0;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	278 break;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	279 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	280 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	281 return status;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	282 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	283
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	284 static bool
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	285 ps_root_validpath(const struct dhcpcd_ctx ctx, uint16_t cmd, const char path)
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	286 {
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	287
5267 95976721c27d privsep: Avoid the /proc/../ escape Roy Marples <roy@marples.name> parents: 5263 diff changeset	288 /* Avoid a previous directory attack to avoid /proc/../
95976721c27d privsep: Avoid the /proc/../ escape Roy Marples <roy@marples.name> parents: 5263 diff changeset	289 * dhcpcd should never use a path with double dots. */
95976721c27d privsep: Avoid the /proc/../ escape Roy Marples <roy@marples.name> parents: 5263 diff changeset	290 if (strstr(path, "..") != NULL)
95976721c27d privsep: Avoid the /proc/../ escape Roy Marples <roy@marples.name> parents: 5263 diff changeset	291 return false;
95976721c27d privsep: Avoid the /proc/../ escape Roy Marples <roy@marples.name> parents: 5263 diff changeset	292
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	293 if (cmd == PS_READFILE) {
5309 700fa2afe696 Fix installing the embedded config as a file. Roy Marples <roy@marples.name> parents: 5306 diff changeset	294 #ifdef EMBEDDED_CONFIG
700fa2afe696 Fix installing the embedded config as a file. Roy Marples <roy@marples.name> parents: 5306 diff changeset	295 if (strcmp(ctx->cffile, EMBEDDED_CONFIG) == 0)
700fa2afe696 Fix installing the embedded config as a file. Roy Marples <roy@marples.name> parents: 5306 diff changeset	296 return true;
700fa2afe696 Fix installing the embedded config as a file. Roy Marples <roy@marples.name> parents: 5306 diff changeset	297 #endif
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	298 if (strcmp(ctx->cffile, path) == 0)
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	299 return true;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	300 }
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	301 if (strncmp(DBDIR, path, strlen(DBDIR)) == 0)
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	302 return true;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	303 if (strncmp(RUNDIR, path, strlen(RUNDIR)) == 0)
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	304 return true;
5258 f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	305
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	306 #ifdef __linux__
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	307 if (strncmp("/proc/net/", path, strlen("/proc/net/")) == 0 \|\|
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	308 strncmp("/proc/sys/net/", path, strlen("/proc/sys/net/")) == 0 \|\|
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	309 strncmp("/sys/class/net/", path, strlen("/sys/class/net/")) == 0)
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	310 return true;
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	311 #endif
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	312
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	313 errno = EPERM;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	314 return false;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	315 }
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	316
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	317 static ssize_t
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	318 ps_root_dowritefile(const struct dhcpcd_ctx *ctx,
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	319 mode_t mode, void *data, size_t len)
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	320 {
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	321 char file = data, nc;
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	322
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	323 nc = memchr(file, '\0', len);
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	324 if (nc == NULL) {
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	325 errno = EINVAL;
ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	326 return -1;
ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	327 }
5258 f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	328
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	329 if (!ps_root_validpath(ctx, PS_WRITEFILE, file))
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	330 return -1;
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	331 nc++;
5208 6e53055c9989 Fix compile warnings with prior. Roy Marples <roy@marples.name> parents: 5207 diff changeset	332 return writefile(file, mode, nc, len - (size_t)(nc - file));
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	333 }
ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	334
5299 b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	335 #ifdef AUTH
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	336 static ssize_t
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	337 ps_root_monordm(uint64_t *rdm, size_t len)
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	338 {
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	339
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	340 if (len != sizeof(*rdm)) {
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	341 errno = EINVAL;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	342 return -1;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	343 }
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	344 return auth_get_rdm_monotonic(rdm);
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	345 }
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	346 #endif
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	347
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	348 #ifdef PRIVSEP_GETIFADDRS
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	349 #define IFA_NADDRS 4
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	350 static ssize_t
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	351 ps_root_dogetifaddrs(void *rdata, size_t rlen)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	352 {
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	353 struct ifaddrs ifaddrs, ifa;
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	354 size_t len;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	355 uint8_t buf, sap;
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	356 socklen_t salen;
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	357
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	358 if (getifaddrs(&ifaddrs) == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	359 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	360 if (ifaddrs == NULL) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	361 *rdata = NULL;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	362 *rlen = 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	363 return 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	364 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	365
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	366 /* Work out the buffer length required.
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	367 * Ensure everything is aligned correctly, which does
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	368 * create a larger buffer than what is needed to send,
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	369 * but makes creating the same structure in the client
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	370 * much easier. */
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	371 len = 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	372 for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	373 len += ALIGN(sizeof(*ifa));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	374 len += ALIGN(IFNAMSIZ);
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	375 len += ALIGN(sizeof(salen) * IFA_NADDRS);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	376 if (ifa->ifa_addr != NULL)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	377 len += ALIGN(sa_len(ifa->ifa_addr));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	378 if (ifa->ifa_netmask != NULL)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	379 len += ALIGN(sa_len(ifa->ifa_netmask));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	380 if (ifa->ifa_broadaddr != NULL)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	381 len += ALIGN(sa_len(ifa->ifa_broadaddr));
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	382 #ifdef BSD
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	383 /*
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	384 * On BSD we need to carry ifa_data so we can access
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	385 * if_data->ifi_link_state
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	386 */
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	387 if (ifa->ifa_addr != NULL &&
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	388 ifa->ifa_addr->sa_family == AF_LINK)
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	389 len += ALIGN(sizeof(struct if_data));
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	390 #endif
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	391 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	392
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	393 /* Use calloc to set everything to zero.
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	394 * This satisfies memory sanitizers because don't write
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	395 * where we don't need to. */
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	396 buf = calloc(1, len);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	397 if (buf == NULL) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	398 freeifaddrs(ifaddrs);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	399 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	400 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	401 *rdata = buf;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	402 *rlen = len;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	403
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	404 for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	405 memcpy(buf, ifa, sizeof(*ifa));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	406 buf += ALIGN(sizeof(*ifa));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	407
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	408 strlcpy((char *)buf, ifa->ifa_name, IFNAMSIZ);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	409 buf += ALIGN(IFNAMSIZ);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	410 sap = buf;
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	411 buf += ALIGN(sizeof(salen) * IFA_NADDRS);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	412
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	413 #define COPYINSA(addr) \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	414 do { \
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	415 if ((addr) != NULL) \
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	416 salen = sa_len((addr)); \
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	417 else \
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	418 salen = 0; \
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	419 if (salen != 0) { \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	420 memcpy(sap, &salen, sizeof(salen)); \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	421 memcpy(buf, (addr), salen); \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	422 buf += ALIGN(salen); \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	423 } \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	424 sap += sizeof(salen); \
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	425 } while (0 /CONSTCOND /)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	426
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	427 COPYINSA(ifa->ifa_addr);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	428 COPYINSA(ifa->ifa_netmask);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	429 COPYINSA(ifa->ifa_broadaddr);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	430
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	431 #ifdef BSD
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	432 if (ifa->ifa_addr != NULL &&
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	433 ifa->ifa_addr->sa_family == AF_LINK)
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	434 {
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	435 salen = (socklen_t)sizeof(struct if_data);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	436 memcpy(buf, ifa->ifa_data, salen);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	437 buf += ALIGN(salen);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	438 } else
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	439 #endif
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	440 salen = 0;
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	441 memcpy(sap, &salen, sizeof(salen));
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	442 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	443
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	444 freeifaddrs(ifaddrs);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	445 return 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	446 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	447 #endif
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	448
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	449 static ssize_t
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	450 ps_root_recvmsgcb(void arg, struct ps_msghdr psm, struct msghdr *msg)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	451 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	452 struct dhcpcd_ctx *ctx = arg;
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	453 uint16_t cmd;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	454 struct ps_process *psp;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	455 struct iovec *iov = msg->msg_iov;
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	456 void data = iov->iov_base, rdata = NULL;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	457 size_t len = iov->iov_len, rlen = 0;
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	458 uint8_t buf[PS_BUFLEN];
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	459 time_t mtime;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	460 ssize_t err;
5253 7a0d53acbb06 privsep: Validate UDP ports Roy Marples <roy@marples.name> parents: 5249 diff changeset	461 bool free_rdata = false;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	462
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	463 cmd = (uint16_t)(psm->ps_cmd & ~(PS_START \| PS_STOP));
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	464 psp = ps_findprocess(ctx, &psm->ps_id);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	465
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	466 #ifdef PRIVSEP_DEBUG
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	467 logerrx("%s: IN cmd %x, psp %p", __func__, psm->ps_cmd, psp);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	468 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	469
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	470 if (psp != NULL) {
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	471 if (psm->ps_cmd & PS_STOP) {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	472 int ret = ps_dostop(ctx, &psp->psp_pid, &psp->psp_fd);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	473
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	474 ps_freeprocess(psp);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	475 return ret;
5297 477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	476 } else if (psm->ps_cmd & PS_START) {
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	477 /* Process has already started .... */
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	478 return 0;
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	479 }
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	480
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	481 err = ps_sendpsmmsg(ctx, psp->psp_fd, psm, msg);
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	482 if (err == -1) {
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	483 logerr("%s: failed to send message to pid %d",
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	484 __func__, psp->psp_pid);
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	485 shutdown(psp->psp_fd, SHUT_RDWR);
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	486 close(psp->psp_fd);
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	487 psp->psp_fd = -1;
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	488 ps_freeprocess(psp);
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	489 }
5242 0dd9b7f7cf6b privsep: Ensure we don't scribble garbage to BPF Roy Marples <roy@marples.name> parents: 5231 diff changeset	490 return 0;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	491 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	492
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	493 if (psm->ps_cmd & PS_STOP && psp == NULL)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	494 return 0;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	495
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	496 switch (cmd) {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	497 #ifdef INET
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	498 #ifdef ARP
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	499 case PS_BPF_ARP: /* FALLTHROUGH */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	500 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	501 case PS_BPF_BOOTP:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	502 return ps_bpf_cmd(ctx, psm, msg);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	503 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	504 #ifdef INET
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	505 case PS_BOOTP:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	506 return ps_inet_cmd(ctx, psm, msg);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	507 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	508 #ifdef INET6
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	509 #ifdef DHCP6
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	510 case PS_DHCP6: /* FALLTHROUGH */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	511 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	512 case PS_ND:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	513 return ps_inet_cmd(ctx, psm, msg);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	514 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	515 default:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	516 break;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	517 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	518
5204 47f18579daae privsep: Implement pledge(2) support as found on OpenBSD Roy Marples <roy@marples.name> parents: 5202 diff changeset	519 assert(msg->msg_iovlen == 0 \|\| msg->msg_iovlen == 1);
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	520
4844 2281307b0ef5 privsep: Expect errors from ioctl so dont log them. Roy Marples <roy@marples.name> parents: 4840 diff changeset	521 /* Reset errno */
2281307b0ef5 privsep: Expect errors from ioctl so dont log them. Roy Marples <roy@marples.name> parents: 4840 diff changeset	522 errno = 0;
2281307b0ef5 privsep: Expect errors from ioctl so dont log them. Roy Marples <roy@marples.name> parents: 4840 diff changeset	523
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	524 switch (psm->ps_cmd) {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	525 case PS_IOCTL:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	526 err = ps_root_doioctl(psm->ps_flags, data, len);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	527 if (err != -1) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	528 rdata = data;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	529 rlen = len;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	530 }
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	531 break;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	532 case PS_SCRIPT:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	533 err = ps_root_run_script(ctx, data, len);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	534 break;
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	535 case PS_UNLINK:
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	536 if (!ps_root_validpath(ctx, psm->ps_cmd, data)) {
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	537 err = -1;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	538 break;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	539 }
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	540 err = unlink(data);
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	541 break;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	542 case PS_READFILE:
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	543 if (!ps_root_validpath(ctx, psm->ps_cmd, data)) {
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	544 err = -1;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	545 break;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	546 }
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	547 err = readfile(data, buf, sizeof(buf));
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	548 if (err != -1) {
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	549 rdata = buf;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	550 rlen = (size_t)err;
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	551 }
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	552 break;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	553 case PS_WRITEFILE:
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	554 err = ps_root_dowritefile(ctx, (mode_t)psm->ps_flags,
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	555 data, len);
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	556 break;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	557 case PS_FILEMTIME:
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	558 err = filemtime(data, &mtime);
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	559 if (err != -1) {
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	560 rdata = &mtime;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	561 rlen = sizeof(mtime);
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	562 }
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	563 break;
5299 b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	564 #ifdef AUTH
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	565 case PS_AUTH_MONORDM:
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	566 err = ps_root_monordm(data, len);
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	567 if (err != -1) {
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	568 rdata = data;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	569 rlen = len;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	570 }
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	571 break;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	572 #endif
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	573 #ifdef PRIVSEP_GETIFADDRS
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	574 case PS_GETIFADDRS:
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	575 err = ps_root_dogetifaddrs(&rdata, &rlen);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	576 free_rdata = true;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	577 break;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	578 #endif
5286 b820f26385b7 Fix compile with inet or inet6 disabled Roy Marples <roy@marples.name> parents: 5267 diff changeset	579 #if defined(INET6) && (defined(__linux__) \|\| defined(HAVE_PLEDGE))
5258 f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	580 case PS_IP6FORWARDING:
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	581 err = ip6_forwarding(data);
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	582 break;
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	583 #endif
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	584 #ifdef PLUGIN_DEV
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	585 case PS_DEV_INITTED:
5457 7fb0274b9127 Linux: detect network namespace and deny udev in one Roy Marples <roy@marples.name> parents: 5425 diff changeset	586 err = dev_initialised(ctx, data);
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	587 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	588 case PS_DEV_LISTENING:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	589 err = dev_listening(ctx);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	590 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	591 #endif
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	592 default:
5302 ef799c0ff5cb privsep: Fix returning indirect ioctl data Roy Marples <roy@marples.name> parents: 5301 diff changeset	593 err = ps_root_os(psm, msg, &rdata, &rlen);
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	594 break;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	595 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	596
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	597 err = ps_root_writeerror(ctx, err, rlen != 0 ? rdata : 0, rlen);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	598 if (free_rdata)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	599 free(rdata);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	600 return err;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	601 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	602
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	603 /* Receive from state engine, do an action. */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	604 static void
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	605 ps_root_recvmsg(void *arg)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	606 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	607 struct dhcpcd_ctx *ctx = arg;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	608
5306 d10b3ad73215 privsep: Log ECONNRESET errors again Roy Marples <roy@marples.name> parents: 5304 diff changeset	609 if (ps_recvpsmsg(ctx, ctx->ps_root_fd, ps_root_recvmsgcb, ctx) == -1)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	610 logerr(__func__);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	611 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	612
5262 f168a25dd330 privsep: Fix compile for prior without dev plugins Roy Marples <roy@marples.name> parents: 5260 diff changeset	613 #ifdef PLUGIN_DEV
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	614 static int
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	615 ps_root_handleinterface(void arg, int action, const char ifname)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	616 {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	617 struct dhcpcd_ctx *ctx = arg;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	618 unsigned long flag;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	619
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	620 if (action == 1)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	621 flag = PS_DEV_IFADDED;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	622 else if (action == -1)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	623 flag = PS_DEV_IFREMOVED;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	624 else if (action == 0)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	625 flag = PS_DEV_IFUPDATED;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	626 else {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	627 errno = EINVAL;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	628 return -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	629 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	630
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	631 return (int)ps_sendcmd(ctx, ctx->ps_data_fd, PS_DEV_IFCMD, flag,
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	632 ifname, strlen(ifname) + 1);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	633 }
5262 f168a25dd330 privsep: Fix compile for prior without dev plugins Roy Marples <roy@marples.name> parents: 5260 diff changeset	634 #endif
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	635
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	636 static int
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	637 ps_root_startcb(void *arg)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	638 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	639 struct dhcpcd_ctx *ctx = arg;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	640
5169 f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	641 if (ctx->options & DHCPCD_MASTER)
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	642 setproctitle("[privileged actioneer]");
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	643 else
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	644 setproctitle("[privileged actioneer] %s%s%s",
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	645 ctx->ifv[0],
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	646 ctx->options & DHCPCD_IPV4 ? " [ip4]" : "",
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	647 ctx->options & DHCPCD_IPV6 ? " [ip6]" : "");
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	648 ctx->ps_root_pid = getpid();
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	649 ctx->options \|= DHCPCD_PRIVSEPROOT;
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	650
5417 96a086beb655 Revert "privsep: shutdown read end of the write only sockets" Roy Marples <roy@marples.name> parents: 5408 diff changeset	651 /* Open network sockets for sending.
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	652 * This is a small bit wasteful for non sandboxed OS's
a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	653 * but makes life very easy for unicasting DHCPv6 in non master
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	654 * mode as we no longer care about address selection.
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	655 * We can't call shutdown SHUT_RD on the socket because it's
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	656 * not connectd. All we can do is try and set a zero sized
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	657 * receive buffer and just let it overflow.
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	658 * Reading from it just to drain it is a waste of CPU time. */
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	659 #ifdef INET
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	660 if (ctx->options & DHCPCD_IPV4) {
5422 66a1c1c34366 Use a minimum bufsize of 1 as 0 doesn't work on some OS. Roy Marples <roy@marples.name> parents: 5421 diff changeset	661 int buflen = 1;
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	662
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	663 ctx->udp_wfd = xsocket(PF_INET,
b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	664 SOCK_RAW \| SOCK_CXNB, IPPROTO_UDP);
b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	665 if (ctx->udp_wfd == -1)
b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	666 logerr("%s: dhcp_openraw", __func__);
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	667 else if (setsockopt(ctx->udp_wfd, SOL_SOCKET, SO_RCVBUF,
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	668 &buflen, sizeof(buflen)) == -1)
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	669 logerr("%s: setsockopt SO_RCVBUF DHCP", __func__);
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	670 }
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	671 #endif
a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	672 #ifdef INET6
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	673 if (ctx->options & DHCPCD_IPV6) {
5422 66a1c1c34366 Use a minimum bufsize of 1 as 0 doesn't work on some OS. Roy Marples <roy@marples.name> parents: 5421 diff changeset	674 int buflen = 1;
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	675
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	676 ctx->nd_fd = ipv6nd_open(false);
5330 7b6f2daea002 privsep: Fix bogus warnings without inet. Roy Marples <roy@marples.name> parents: 5329 diff changeset	677 if (ctx->nd_fd == -1)
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	678 logerr("%s: ipv6nd_open", __func__);
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	679 else if (setsockopt(ctx->nd_fd, SOL_SOCKET, SO_RCVBUF,
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	680 &buflen, sizeof(buflen)) == -1)
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	681 logerr("%s: setsockopt SO_RCVBUF ND", __func__);
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	682 }
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	683 #endif
a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	684 #ifdef DHCP6
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	685 if (ctx->options & DHCPCD_IPV6) {
5422 66a1c1c34366 Use a minimum bufsize of 1 as 0 doesn't work on some OS. Roy Marples <roy@marples.name> parents: 5421 diff changeset	686 int buflen = 1;
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	687
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	688 ctx->dhcp6_wfd = dhcp6_openraw();
5330 7b6f2daea002 privsep: Fix bogus warnings without inet. Roy Marples <roy@marples.name> parents: 5329 diff changeset	689 if (ctx->dhcp6_wfd == -1)
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	690 logerr("%s: dhcp6_openraw", __func__);
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	691 else if (setsockopt(ctx->dhcp6_wfd, SOL_SOCKET, SO_RCVBUF,
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	692 &buflen, sizeof(buflen)) == -1)
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	693 logerr("%s: setsockopt SO_RCVBUF DHCP6", __func__);
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	694 }
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	695 #endif
a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	696
5262 f168a25dd330 privsep: Fix compile for prior without dev plugins Roy Marples <roy@marples.name> parents: 5260 diff changeset	697 #ifdef PLUGIN_DEV
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	698 /* Start any dev listening plugin which may want to
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	699 * change the interface name provided by the kernel */
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	700 if ((ctx->options & (DHCPCD_MASTER \| DHCPCD_DEV)) ==
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	701 (DHCPCD_MASTER \| DHCPCD_DEV))
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	702 dev_start(ctx, ps_root_handleinterface);
5262 f168a25dd330 privsep: Fix compile for prior without dev plugins Roy Marples <roy@marples.name> parents: 5260 diff changeset	703 #endif
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	704
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	705 return 0;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	706 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	707
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	708 static void
5425 9edfc000a89b privsep: Only the master process accepts signals Roy Marples <roy@marples.name> parents: 5422 diff changeset	709 ps_root_signalcb(int sig, __unused void *arg)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	710 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	711
5371 0c4a9b4da8e6 privsep: Simplyfy signal handling Roy Marples <roy@marples.name> parents: 5367 diff changeset	712 if (sig == SIGCHLD) {
5304 04f26d9f1885 privsep: Don't wait for the process to finish when stopping it Roy Marples <roy@marples.name> parents: 5302 diff changeset	713 while (waitpid(-1, NULL, WNOHANG) > 0)
04f26d9f1885 privsep: Don't wait for the process to finish when stopping it Roy Marples <roy@marples.name> parents: 5302 diff changeset	714 ;
04f26d9f1885 privsep: Don't wait for the process to finish when stopping it Roy Marples <roy@marples.name> parents: 5302 diff changeset	715 return;
04f26d9f1885 privsep: Don't wait for the process to finish when stopping it Roy Marples <roy@marples.name> parents: 5302 diff changeset	716 }
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	717 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	718
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	719 int (handle_interface)(void , int, const char *);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	720
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	721 #ifdef PLUGIN_DEV
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	722 static ssize_t
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	723 ps_root_devcb(struct dhcpcd_ctx ctx, struct ps_msghdr psm, struct msghdr *msg)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	724 {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	725 int action;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	726 struct iovec *iov = msg->msg_iov;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	727
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	728 if (msg->msg_iovlen != 1) {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	729 errno = EINVAL;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	730 return -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	731 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	732
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	733 switch(psm->ps_flags) {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	734 case PS_DEV_IFADDED:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	735 action = 1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	736 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	737 case PS_DEV_IFREMOVED:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	738 action = -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	739 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	740 case PS_DEV_IFUPDATED:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	741 action = 0;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	742 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	743 default:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	744 errno = EINVAL;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	745 return -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	746 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	747
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	748 return dhcpcd_handleinterface(ctx, action, iov->iov_base);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	749 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	750 #endif
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	751
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	752 static ssize_t
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	753 ps_root_dispatchcb(void arg, struct ps_msghdr psm, struct msghdr *msg)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	754 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	755 struct dhcpcd_ctx *ctx = arg;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	756 ssize_t err;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	757
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	758 switch(psm->ps_cmd) {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	759 #ifdef PLUGIN_DEV
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	760 case PS_DEV_IFCMD:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	761 err = ps_root_devcb(ctx, psm, msg);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	762 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	763 #endif
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	764 default:
5286 b820f26385b7 Fix compile with inet or inet6 disabled Roy Marples <roy@marples.name> parents: 5267 diff changeset	765 #ifdef INET
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	766 err = ps_bpf_dispatch(ctx, psm, msg);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	767 if (err == -1 && errno == ENOTSUP)
5112 899adcd7f449 Fix build without INET or INET6 Roy Marples <roy@marples.name> parents: 5060 diff changeset	768 #endif
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	769 err = ps_inet_dispatch(ctx, psm, msg);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	770 }
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	771 return err;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	772 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	773
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	774 static void
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	775 ps_root_dispatch(void *arg)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	776 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	777 struct dhcpcd_ctx *ctx = arg;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	778
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	779 if (ps_recvpsmsg(ctx, ctx->ps_data_fd, ps_root_dispatchcb, ctx) == -1)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	780 logerr(__func__);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	781 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	782
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	783 static void
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	784 ps_root_syslog(void *arg)
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	785 {
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	786 struct dhcpcd_ctx *ctx = arg;
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	787
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	788 if (loghandlesyslogfd(ctx->ps_syslog_fd) == -1)
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	789 logerr(__func__);
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	790 }
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	791
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	792 pid_t
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	793 ps_root_start(struct dhcpcd_ctx *ctx)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	794 {
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	795 int logfd[2], datafd[2];
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	796 pid_t pid;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	797
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	798 if (xsocketpair(AF_UNIX, SOCK_DGRAM \| SOCK_CXNB, 0, logfd) == -1)
5321 41b99a2a12cf privsep: Limit rights generically rather than Capsicum specifc Roy Marples <roy@marples.name> parents: 5316 diff changeset	799 return -1;
41b99a2a12cf privsep: Limit rights generically rather than Capsicum specifc Roy Marples <roy@marples.name> parents: 5316 diff changeset	800 #ifdef PRIVSEP_RIGHTS
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	801 if (ps_rights_limit_fdpair(logfd) == -1)
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	802 return -1;
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	803 #endif
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	804
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	805 if (socketpair(AF_UNIX, SOCK_DGRAM \| SOCK_CXNB, 0, datafd) == -1)
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	806 return -1;
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	807 if (ps_setbuf_fdpair(datafd) == -1)
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	808 return -1;
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	809 #ifdef PRIVSEP_RIGHTS
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	810 if (ps_rights_limit_fdpair(datafd) == -1)
5321 41b99a2a12cf privsep: Limit rights generically rather than Capsicum specifc Roy Marples <roy@marples.name> parents: 5316 diff changeset	811 return -1;
41b99a2a12cf privsep: Limit rights generically rather than Capsicum specifc Roy Marples <roy@marples.name> parents: 5316 diff changeset	812 #endif
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	813
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	814 pid = ps_dostart(ctx, &ctx->ps_root_pid, &ctx->ps_root_fd,
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	815 ps_root_recvmsg, NULL, ctx,
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	816 ps_root_startcb, ps_root_signalcb, 0);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	817
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	818 if (pid == 0) {
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	819 ctx->ps_syslog_fd = logfd[1];
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	820 if (eloop_event_add(ctx->eloop, ctx->ps_syslog_fd,
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	821 ps_root_syslog, ctx) == -1)
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	822 return -1;
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	823 close(logfd[0]);
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	824 ctx->ps_data_fd = datafd[1];
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	825 close(datafd[0]);
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	826 return 0;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	827 } else if (pid == -1)
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	828 return -1;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	829
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	830 logsetsyslogfd(logfd[0]);
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	831 close(logfd[1]);
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	832
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	833 ctx->ps_data_fd = datafd[0];
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	834 close(datafd[1]);
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	835 if (eloop_event_add(ctx->eloop, ctx->ps_data_fd,
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	836 ps_root_dispatch, ctx) == -1)
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	837 return -1;
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	838
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	839 if ((ctx->ps_eloop = eloop_new()) == NULL)
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	840 return -1;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	841
5301 e6f1372f2cf0 eloop: Just use ppoll(2) Roy Marples <roy@marples.name> parents: 5299 diff changeset	842 eloop_signal_set_cb(ctx->ps_eloop,
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	843 dhcpcd_signals, dhcpcd_signals_len,
5367 fce20bebb28a privsep: Use root signal_cb for all signals here. Roy Marples <roy@marples.name> parents: 5365 diff changeset	844 ps_root_signalcb, ctx);
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	845
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	846 return pid;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	847 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	848
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	849 int
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	850 ps_root_stop(struct dhcpcd_ctx *ctx)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	851 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	852
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	853 return ps_dostop(ctx, &ctx->ps_root_pid, &ctx->ps_root_fd);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	854 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	855
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	856 ssize_t
5255 ee23398a68db dhcpcd: Move the script file from per interface to global context Roy Marples <roy@marples.name> parents: 5253 diff changeset	857 ps_root_script(struct dhcpcd_ctx ctx, const void data, size_t len)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	858 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	859
5255 ee23398a68db dhcpcd: Move the script file from per interface to global context Roy Marples <roy@marples.name> parents: 5253 diff changeset	860 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_SCRIPT, 0, data, len) == -1)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	861 return -1;
5255 ee23398a68db dhcpcd: Move the script file from per interface to global context Roy Marples <roy@marples.name> parents: 5253 diff changeset	862 return ps_root_readerror(ctx, NULL, 0);
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	863 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	864
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	865 ssize_t
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	866 ps_root_ioctl(struct dhcpcd_ctx ctx, ioctl_request_t req, void data,
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	867 size_t len)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	868 {
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	869 #ifdef IOCTL_REQUEST_TYPE
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	870 unsigned long ulreq = 0;
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	871
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	872 memcpy(&ulreq, &req, sizeof(req));
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	873 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_IOCTL, ulreq, data, len) == -1)
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	874 return -1;
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	875 #else
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	876 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_IOCTL, req, data, len) == -1)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	877 return -1;
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	878 #endif
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	879 return ps_root_readerror(ctx, data, len);
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	880 }
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	881
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	882 ssize_t
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	883 ps_root_unlink(struct dhcpcd_ctx ctx, const char file)
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	884 {
ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	885
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	886 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_UNLINK, 0,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	887 file, strlen(file) + 1) == -1)
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	888 return -1;
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	889 return ps_root_readerror(ctx, NULL, 0);
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	890 }
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	891
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	892 ssize_t
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	893 ps_root_readfile(struct dhcpcd_ctx ctx, const char file,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	894 void *data, size_t len)
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	895 {
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	896 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_READFILE, 0,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	897 file, strlen(file) + 1) == -1)
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	898 return -1;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	899 return ps_root_readerror(ctx, data, len);
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	900 }
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	901
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	902 ssize_t
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	903 ps_root_writefile(struct dhcpcd_ctx ctx, const char file, mode_t mode,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	904 const void *data, size_t len)
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	905 {
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	906 char buf[PS_BUFLEN];
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	907 size_t flen;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	908
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	909 flen = strlcpy(buf, file, sizeof(buf));
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	910 flen += 1;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	911 if (flen > sizeof(buf) \|\| flen + len > sizeof(buf)) {
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	912 errno = ENOBUFS;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	913 return -1;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	914 }
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	915 memcpy(buf + flen, data, len);
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	916
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	917 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_WRITEFILE, mode,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	918 buf, flen + len) == -1)
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	919 return -1;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	920 return ps_root_readerror(ctx, NULL, 0);
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	921 }
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	922
5208 6e53055c9989 Fix compile warnings with prior. Roy Marples <roy@marples.name> parents: 5207 diff changeset	923 ssize_t
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	924 ps_root_filemtime(struct dhcpcd_ctx ctx, const char file, time_t *time)
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	925 {
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	926
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	927 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_FILEMTIME, 0,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	928 file, strlen(file) + 1) == -1)
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	929 return -1;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	930 return ps_root_readerror(ctx, time, sizeof(*time));
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	931 }
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	932
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	933 #ifdef PRIVSEP_GETIFADDRS
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	934 int
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	935 ps_root_getifaddrs(struct dhcpcd_ctx ctx, struct ifaddrs *ifahead)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	936 {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	937 struct ifaddrs *ifa;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	938 void *buf = NULL;
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	939 char bp, sap;
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	940 socklen_t salen;
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	941 size_t len;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	942 ssize_t err;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	943
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	944 if (ps_sendcmd(ctx, ctx->ps_root_fd,
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	945 PS_GETIFADDRS, 0, NULL, 0) == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	946 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	947 err = ps_root_mreaderror(ctx, &buf, &len);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	948
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	949 if (err == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	950 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	951
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	952 /* Should be impossible - lo0 will always exist. */
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	953 if (len == 0) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	954 *ifahead = NULL;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	955 return 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	956 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	957
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	958 bp = buf;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	959 ifahead = (struct ifaddrs )(void *)bp;
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	960 for (ifa = *ifahead; ifa != NULL; ifa = ifa->ifa_next) {
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	961 if (len < ALIGN(sizeof(*ifa)) +
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	962 ALIGN(IFNAMSIZ) + ALIGN(sizeof(salen) * IFA_NADDRS))
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	963 goto err;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	964 bp += ALIGN(sizeof(*ifa));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	965 ifa->ifa_name = bp;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	966 bp += ALIGN(IFNAMSIZ);
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	967 sap = bp;
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	968 bp += ALIGN(sizeof(salen) * IFA_NADDRS);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	969 len -= ALIGN(sizeof(*ifa)) +
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	970 ALIGN(IFNAMSIZ) + ALIGN(sizeof(salen) * IFA_NADDRS);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	971
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	972 #define COPYOUTSA(addr) \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	973 do { \
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	974 memcpy(&salen, sap, sizeof(salen)); \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	975 if (len < salen) \
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	976 goto err; \
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	977 if (salen != 0) { \
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	978 (addr) = (struct sockaddr *)bp; \
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	979 bp += ALIGN(salen); \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	980 len -= ALIGN(salen); \
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	981 } \
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	982 sap += sizeof(salen); \
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	983 } while (0 /* CONSTCOND */)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	984
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	985 COPYOUTSA(ifa->ifa_addr);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	986 COPYOUTSA(ifa->ifa_netmask);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	987 COPYOUTSA(ifa->ifa_broadaddr);
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	988
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	989 memcpy(&salen, sap, sizeof(salen));
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	990 if (len < salen)
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	991 goto err;
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	992 if (salen != 0) {
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	993 ifa->ifa_data = bp;
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	994 bp += ALIGN(salen);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	995 len -= ALIGN(salen);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	996 } else
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	997 ifa->ifa_data = NULL;
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	998
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	999 if (len != 0)
0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	1000 ifa->ifa_next = (struct ifaddrs )(void )bp;
0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	1001 else
0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	1002 ifa->ifa_next = NULL;
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1003 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1004 return 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1005
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1006 err:
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1007 free(buf);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1008 *ifahead = NULL;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1009 errno = EINVAL;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1010 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1011 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1012 #endif
5258 f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1013
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1014 #if defined(__linux__) \|\| defined(HAVE_PLEDGE)
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1015 ssize_t
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1016 ps_root_ip6forwarding(struct dhcpcd_ctx ctx, const char ifname)
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1017 {
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1018
5263 1e7ce40ed871 Fix prior for BSD Roy Marples <roy@marples.name> parents: 5262 diff changeset	1019 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_IP6FORWARDING, 0,
1e7ce40ed871 Fix prior for BSD Roy Marples <roy@marples.name> parents: 5262 diff changeset	1020 ifname, ifname != NULL ? strlen(ifname) + 1 : 0) == -1)
5258 f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1021 return -1;
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1022 return ps_root_readerror(ctx, NULL, 0);
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1023 }
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1024 #endif
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1025
5299 b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1026 #ifdef AUTH
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1027 int
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1028 ps_root_getauthrdm(struct dhcpcd_ctx ctx, uint64_t rdm)
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1029 {
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1030
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1031 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_AUTH_MONORDM, 0,
5350 f97d9554afb4 privsep: fix size of rdm Roy Marples <roy@marples.name> parents: 5345 diff changeset	1032 rdm, sizeof(*rdm))== -1)
5299 b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1033 return -1;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1034 return (int)ps_root_readerror(ctx, rdm, sizeof(*rdm));
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1035 }
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1036 #endif
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1037
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1038 #ifdef PLUGIN_DEV
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1039 int
5457 7fb0274b9127 Linux: detect network namespace and deny udev in one Roy Marples <roy@marples.name> parents: 5425 diff changeset	1040 ps_root_dev_initialised(struct dhcpcd_ctx ctx, const char ifname)
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1041 {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1042
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1043 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_DEV_INITTED, 0,
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1044 ifname, strlen(ifname) + 1)== -1)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1045 return -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1046 return (int)ps_root_readerror(ctx, NULL, 0);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1047 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1048
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1049 int
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1050 ps_root_dev_listening(struct dhcpcd_ctx * ctx)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1051 {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1052
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1053 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_DEV_LISTENING, 0, NULL, 0)== -1)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1054 return -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1055 return (int)ps_root_readerror(ctx, NULL, 0);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1056 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1057 #endif

Mercurial > hg > dhcpcd

annotate src/privsep-root.c @ 5525:26b5d9bc2985 draft