hg/dhcpcd: src/privsep-root.c annotate

annotate src/privsep-root.c @ 5526:b1a3d9055662 draft

privsep: Allow logfile reopening in a chroot Now that only the privileged actioneer does the actual logging we can safely reopen the file we are logging to. This also closes and re-opens the syslog connection.

author	Roy Marples <roy@marples.name>
date	Fri, 30 Oct 2020 14:19:16 +0000
parents	26b5d9bc2985
children	071a9ea18363

rev	line source
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	1 /* SPDX-License-Identifier: BSD-2-Clause */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	2 /*
5060 4539ffcdd656 spelling: Correct both privilege and separation Roy Marples <roy@marples.name> parents: 4997 diff changeset	3 * Privilege Separation for dhcpcd, privileged actioneer
4922 555d7d1a4939 Welcome to 2020! Roy Marples <roy@marples.name> parents: 4868 diff changeset	4 * Copyright (c) 2006-2020 Roy Marples <roy@marples.name>
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	5 * All rights reserved
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	6
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	7 * Redistribution and use in source and binary forms, with or without
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	8 * modification, are permitted provided that the following conditions
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	9 * are met:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	10 * 1. Redistributions of source code must retain the above copyright
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	11 * notice, this list of conditions and the following disclaimer.
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	12 * 2. Redistributions in binary form must reproduce the above copyright
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	13 * notice, this list of conditions and the following disclaimer in the
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	14 * documentation and/or other materials provided with the distribution.
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	15 *
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	26 * SUCH DAMAGE.
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	27 */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	28
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	29 #include <sys/ioctl.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	30 #include <sys/socket.h>
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	31 #include <sys/stat.h>
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	32 #include <sys/time.h>
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	33 #include <sys/types.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	34 #include <sys/wait.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	35
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	36 #include <assert.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	37 #include <errno.h>
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	38 #include <fcntl.h>
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	39 #include <pwd.h>
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	40 #include <signal.h>
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	41 #include <stddef.h>
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	42 #include <stdlib.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	43 #include <string.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	44 #include <unistd.h>
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	45
5299 b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	46 #include "auth.h"
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	47 #include "common.h"
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	48 #include "dev.h"
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	49 #include "dhcpcd.h"
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	50 #include "dhcp6.h"
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	51 #include "eloop.h"
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	52 #include "if.h"
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	53 #include "ipv6nd.h"
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	54 #include "logerr.h"
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	55 #include "privsep.h"
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	56 #include "sa.h"
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	57 #include "script.h"
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	58
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	59 __CTASSERT(sizeof(ioctl_request_t) <= sizeof(unsigned long));
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	60
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	61 struct psr_error
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	62 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	63 ssize_t psr_result;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	64 int psr_errno;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	65 char psr_pad[sizeof(ssize_t) - sizeof(int)];
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	66 size_t psr_datalen;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	67 };
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	68
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	69 struct psr_ctx {
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	70 struct dhcpcd_ctx *psr_ctx;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	71 struct psr_error psr_error;
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	72 size_t psr_datalen;
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	73 void *psr_data;
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	74 };
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	75
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	76 static void
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	77 ps_root_readerrorcb(void *arg)
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	78 {
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	79 struct psr_ctx *psr_ctx = arg;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	80 struct dhcpcd_ctx *ctx = psr_ctx->psr_ctx;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	81 struct psr_error *psr_error = &psr_ctx->psr_error;
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	82 struct iovec iov[] = {
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	83 { .iov_base = psr_error, .iov_len = sizeof(*psr_error) },
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	84 { .iov_base = psr_ctx->psr_data,
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	85 .iov_len = psr_ctx->psr_datalen },
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	86 };
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	87 ssize_t len;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	88 int exit_code = EXIT_FAILURE;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	89
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	90 #define PSR_ERROR(e) \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	91 do { \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	92 psr_error->psr_result = -1; \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	93 psr_error->psr_errno = (e); \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	94 goto out; \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	95 } while (0 /* CONSTCOND */)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	96
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	97 len = readv(ctx->ps_root_fd, iov, __arraycount(iov));
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	98 if (len == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	99 PSR_ERROR(errno);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	100 else if ((size_t)len < sizeof(*psr_error))
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	101 PSR_ERROR(EINVAL);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	102 exit_code = EXIT_SUCCESS;
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	103
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	104 out:
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	105 eloop_exit(ctx->ps_eloop, exit_code);
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	106 }
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	107
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	108 ssize_t
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	109 ps_root_readerror(struct dhcpcd_ctx ctx, void data, size_t len)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	110 {
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	111 struct psr_ctx psr_ctx = {
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	112 .psr_ctx = ctx,
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	113 .psr_data = data, .psr_datalen = len,
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	114 };
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	115
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	116 if (eloop_event_add(ctx->ps_eloop, ctx->ps_root_fd,
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	117 ps_root_readerrorcb, &psr_ctx) == -1)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	118 return -1;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	119
5297 477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	120 eloop_enter(ctx->ps_eloop);
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	121 eloop_start(ctx->ps_eloop, &ctx->sigset);
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	122
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	123 errno = psr_ctx.psr_error.psr_errno;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	124 return psr_ctx.psr_error.psr_result;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	125 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	126
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	127 #ifdef PRIVSEP_GETIFADDRS
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	128 static void
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	129 ps_root_mreaderrorcb(void *arg)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	130 {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	131 struct psr_ctx *psr_ctx = arg;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	132 struct dhcpcd_ctx *ctx = psr_ctx->psr_ctx;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	133 struct psr_error *psr_error = &psr_ctx->psr_error;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	134 struct iovec iov[] = {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	135 { .iov_base = psr_error, .iov_len = sizeof(*psr_error) },
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	136 { .iov_base = NULL, .iov_len = 0 },
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	137 };
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	138 ssize_t len;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	139 int exit_code = EXIT_FAILURE;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	140
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	141 len = recv(ctx->ps_root_fd, psr_error, sizeof(*psr_error), MSG_PEEK);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	142 if (len == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	143 PSR_ERROR(errno);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	144 else if ((size_t)len < sizeof(*psr_error))
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	145 PSR_ERROR(EINVAL);
5345 f6051f78e441 Try and guard against impossibly large data. Roy Marples <roy@marples.name> parents: 5330 diff changeset	146
f6051f78e441 Try and guard against impossibly large data. Roy Marples <roy@marples.name> parents: 5330 diff changeset	147 if (psr_error->psr_datalen > SSIZE_MAX)
5329 cc6b3545c52c privsep: limit psr_datalen to SSIZE_MAX Roy Marples <roy@marples.name> parents: 5321 diff changeset	148 PSR_ERROR(ENOBUFS);
5345 f6051f78e441 Try and guard against impossibly large data. Roy Marples <roy@marples.name> parents: 5330 diff changeset	149 else if (psr_error->psr_datalen != 0) {
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	150 psr_ctx->psr_data = malloc(psr_error->psr_datalen);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	151 if (psr_ctx->psr_data == NULL)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	152 PSR_ERROR(errno);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	153 psr_ctx->psr_datalen = psr_error->psr_datalen;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	154 iov[1].iov_base = psr_ctx->psr_data;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	155 iov[1].iov_len = psr_ctx->psr_datalen;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	156 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	157
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	158 len = readv(ctx->ps_root_fd, iov, __arraycount(iov));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	159 if (len == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	160 PSR_ERROR(errno);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	161 else if ((size_t)len != sizeof(*psr_error) + psr_ctx->psr_datalen)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	162 PSR_ERROR(EINVAL);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	163 exit_code = EXIT_SUCCESS;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	164
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	165 out:
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	166 eloop_exit(ctx->ps_eloop, exit_code);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	167 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	168
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	169 ssize_t
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	170 ps_root_mreaderror(struct dhcpcd_ctx ctx, void data, size_t len)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	171 {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	172 struct psr_ctx psr_ctx = {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	173 .psr_ctx = ctx,
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	174 };
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	175
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	176 if (eloop_event_add(ctx->ps_eloop, ctx->ps_root_fd,
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	177 ps_root_mreaderrorcb, &psr_ctx) == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	178 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	179
5297 477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	180 eloop_enter(ctx->ps_eloop);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	181 eloop_start(ctx->ps_eloop, &ctx->sigset);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	182
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	183 errno = psr_ctx.psr_error.psr_errno;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	184 *data = psr_ctx.psr_data;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	185 *len = psr_ctx.psr_datalen;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	186 return psr_ctx.psr_error.psr_result;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	187 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	188 #endif
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	189
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	190 static ssize_t
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	191 ps_root_writeerror(struct dhcpcd_ctx *ctx, ssize_t result,
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	192 void *data, size_t len)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	193 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	194 struct psr_error psr = {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	195 .psr_result = result,
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	196 .psr_errno = errno,
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	197 .psr_datalen = len,
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	198 };
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	199 struct iovec iov[] = {
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	200 { .iov_base = &psr, .iov_len = sizeof(psr) },
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	201 { .iov_base = data, .iov_len = len },
318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	202 };
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	203
4868 119c8986dfc8 privsep: Enable ARP BPF filtering for interesting addresses Roy Marples <roy@marples.name> parents: 4851 diff changeset	204 #ifdef PRIVSEP_DEBUG
119c8986dfc8 privsep: Enable ARP BPF filtering for interesting addresses Roy Marples <roy@marples.name> parents: 4851 diff changeset	205 logdebugx("%s: result %zd errno %d", __func__, result, errno);
119c8986dfc8 privsep: Enable ARP BPF filtering for interesting addresses Roy Marples <roy@marples.name> parents: 4851 diff changeset	206 #endif
119c8986dfc8 privsep: Enable ARP BPF filtering for interesting addresses Roy Marples <roy@marples.name> parents: 4851 diff changeset	207
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	208 return writev(ctx->ps_root_fd, iov, __arraycount(iov));
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	209 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	210
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	211 static ssize_t
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	212 ps_root_doioctl(unsigned long req, void *data, size_t len)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	213 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	214 int s, err;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	215
5246 52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	216 /* Only allow these ioctls */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	217 switch(req) {
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	218 #ifdef SIOCAIFADDR
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	219 case SIOCAIFADDR: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	220 case SIOCDIFADDR: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	221 #endif
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	222 #ifdef SIOCSIFHWADDR
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	223 case SIOCSIFHWADDR: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	224 #endif
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	225 #ifdef SIOCGIFPRIORITY
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	226 case SIOCGIFPRIORITY: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	227 #endif
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	228 case SIOCSIFFLAGS: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	229 case SIOCGIFMTU: /* FALLTHROUGH */
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	230 case SIOCSIFMTU:
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	231 break;
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	232 default:
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	233 errno = EPERM;
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	234 return -1;
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	235 }
52a4070231c6 privsep: Filter ioctls to a known list. Roy Marples <roy@marples.name> parents: 5242 diff changeset	236
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	237 s = socket(PF_INET, SOCK_DGRAM, 0);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	238 if (s != -1)
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	239 #ifdef IOCTL_REQUEST_TYPE
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	240 {
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	241 ioctl_request_t reqt;
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	242
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	243 memcpy(&reqt, &req, sizeof(reqt));
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	244 err = ioctl(s, reqt, data, len);
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	245 }
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	246 #else
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	247 err = ioctl(s, req, data, len);
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	248 #endif
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	249 else
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	250 err = -1;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	251 if (s != -1)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	252 close(s);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	253 return err;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	254 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	255
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	256 static ssize_t
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	257 ps_root_run_script(struct dhcpcd_ctx ctx, const void data, size_t len)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	258 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	259 const char *envbuf = data;
5255 ee23398a68db dhcpcd: Move the script file from per interface to global context Roy Marples <roy@marples.name> parents: 5253 diff changeset	260 char * const argv[] = { ctx->script, NULL };
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	261 pid_t pid;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	262 int status;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	263
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	264 if (len == 0)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	265 return 0;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	266
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	267 if (script_buftoenv(ctx, UNCONST(envbuf), len) == NULL)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	268 return -1;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	269
5123 9422e8c904d5 scripts: Run with an empty sigmask Christos Zoulas <christos@zoulas.com> parents: 5112 diff changeset	270 pid = script_exec(argv, ctx->script_env);
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	271 if (pid == -1)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	272 return -1;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	273 /* Wait for the script to finish */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	274 while (waitpid(pid, &status, 0) == -1) {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	275 if (errno != EINTR) {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	276 logerr(__func__);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	277 status = 0;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	278 break;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	279 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	280 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	281 return status;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	282 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	283
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	284 static bool
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	285 ps_root_validpath(const struct dhcpcd_ctx ctx, uint16_t cmd, const char path)
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	286 {
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	287
5267 95976721c27d privsep: Avoid the /proc/../ escape Roy Marples <roy@marples.name> parents: 5263 diff changeset	288 /* Avoid a previous directory attack to avoid /proc/../
95976721c27d privsep: Avoid the /proc/../ escape Roy Marples <roy@marples.name> parents: 5263 diff changeset	289 * dhcpcd should never use a path with double dots. */
95976721c27d privsep: Avoid the /proc/../ escape Roy Marples <roy@marples.name> parents: 5263 diff changeset	290 if (strstr(path, "..") != NULL)
95976721c27d privsep: Avoid the /proc/../ escape Roy Marples <roy@marples.name> parents: 5263 diff changeset	291 return false;
95976721c27d privsep: Avoid the /proc/../ escape Roy Marples <roy@marples.name> parents: 5263 diff changeset	292
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	293 if (cmd == PS_READFILE) {
5309 700fa2afe696 Fix installing the embedded config as a file. Roy Marples <roy@marples.name> parents: 5306 diff changeset	294 #ifdef EMBEDDED_CONFIG
700fa2afe696 Fix installing the embedded config as a file. Roy Marples <roy@marples.name> parents: 5306 diff changeset	295 if (strcmp(ctx->cffile, EMBEDDED_CONFIG) == 0)
700fa2afe696 Fix installing the embedded config as a file. Roy Marples <roy@marples.name> parents: 5306 diff changeset	296 return true;
700fa2afe696 Fix installing the embedded config as a file. Roy Marples <roy@marples.name> parents: 5306 diff changeset	297 #endif
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	298 if (strcmp(ctx->cffile, path) == 0)
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	299 return true;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	300 }
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	301 if (strncmp(DBDIR, path, strlen(DBDIR)) == 0)
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	302 return true;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	303 if (strncmp(RUNDIR, path, strlen(RUNDIR)) == 0)
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	304 return true;
5258 f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	305
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	306 #ifdef __linux__
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	307 if (strncmp("/proc/net/", path, strlen("/proc/net/")) == 0 \|\|
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	308 strncmp("/proc/sys/net/", path, strlen("/proc/sys/net/")) == 0 \|\|
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	309 strncmp("/sys/class/net/", path, strlen("/sys/class/net/")) == 0)
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	310 return true;
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	311 #endif
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	312
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	313 errno = EPERM;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	314 return false;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	315 }
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	316
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	317 static ssize_t
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	318 ps_root_dowritefile(const struct dhcpcd_ctx *ctx,
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	319 mode_t mode, void *data, size_t len)
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	320 {
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	321 char file = data, nc;
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	322
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	323 nc = memchr(file, '\0', len);
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	324 if (nc == NULL) {
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	325 errno = EINVAL;
ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	326 return -1;
ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	327 }
5258 f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	328
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	329 if (!ps_root_validpath(ctx, PS_WRITEFILE, file))
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	330 return -1;
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	331 nc++;
5208 6e53055c9989 Fix compile warnings with prior. Roy Marples <roy@marples.name> parents: 5207 diff changeset	332 return writefile(file, mode, nc, len - (size_t)(nc - file));
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	333 }
ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	334
5299 b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	335 #ifdef AUTH
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	336 static ssize_t
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	337 ps_root_monordm(uint64_t *rdm, size_t len)
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	338 {
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	339
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	340 if (len != sizeof(*rdm)) {
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	341 errno = EINVAL;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	342 return -1;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	343 }
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	344 return auth_get_rdm_monotonic(rdm);
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	345 }
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	346 #endif
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	347
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	348 #ifdef PRIVSEP_GETIFADDRS
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	349 #define IFA_NADDRS 4
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	350 static ssize_t
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	351 ps_root_dogetifaddrs(void *rdata, size_t rlen)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	352 {
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	353 struct ifaddrs ifaddrs, ifa;
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	354 size_t len;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	355 uint8_t buf, sap;
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	356 socklen_t salen;
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	357
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	358 if (getifaddrs(&ifaddrs) == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	359 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	360 if (ifaddrs == NULL) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	361 *rdata = NULL;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	362 *rlen = 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	363 return 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	364 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	365
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	366 /* Work out the buffer length required.
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	367 * Ensure everything is aligned correctly, which does
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	368 * create a larger buffer than what is needed to send,
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	369 * but makes creating the same structure in the client
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	370 * much easier. */
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	371 len = 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	372 for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	373 len += ALIGN(sizeof(*ifa));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	374 len += ALIGN(IFNAMSIZ);
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	375 len += ALIGN(sizeof(salen) * IFA_NADDRS);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	376 if (ifa->ifa_addr != NULL)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	377 len += ALIGN(sa_len(ifa->ifa_addr));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	378 if (ifa->ifa_netmask != NULL)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	379 len += ALIGN(sa_len(ifa->ifa_netmask));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	380 if (ifa->ifa_broadaddr != NULL)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	381 len += ALIGN(sa_len(ifa->ifa_broadaddr));
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	382 #ifdef BSD
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	383 /*
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	384 * On BSD we need to carry ifa_data so we can access
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	385 * if_data->ifi_link_state
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	386 */
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	387 if (ifa->ifa_addr != NULL &&
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	388 ifa->ifa_addr->sa_family == AF_LINK)
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	389 len += ALIGN(sizeof(struct if_data));
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	390 #endif
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	391 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	392
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	393 /* Use calloc to set everything to zero.
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	394 * This satisfies memory sanitizers because don't write
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	395 * where we don't need to. */
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	396 buf = calloc(1, len);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	397 if (buf == NULL) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	398 freeifaddrs(ifaddrs);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	399 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	400 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	401 *rdata = buf;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	402 *rlen = len;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	403
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	404 for (ifa = ifaddrs; ifa != NULL; ifa = ifa->ifa_next) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	405 memcpy(buf, ifa, sizeof(*ifa));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	406 buf += ALIGN(sizeof(*ifa));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	407
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	408 strlcpy((char *)buf, ifa->ifa_name, IFNAMSIZ);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	409 buf += ALIGN(IFNAMSIZ);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	410 sap = buf;
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	411 buf += ALIGN(sizeof(salen) * IFA_NADDRS);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	412
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	413 #define COPYINSA(addr) \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	414 do { \
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	415 if ((addr) != NULL) \
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	416 salen = sa_len((addr)); \
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	417 else \
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	418 salen = 0; \
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	419 if (salen != 0) { \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	420 memcpy(sap, &salen, sizeof(salen)); \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	421 memcpy(buf, (addr), salen); \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	422 buf += ALIGN(salen); \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	423 } \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	424 sap += sizeof(salen); \
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	425 } while (0 /CONSTCOND /)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	426
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	427 COPYINSA(ifa->ifa_addr);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	428 COPYINSA(ifa->ifa_netmask);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	429 COPYINSA(ifa->ifa_broadaddr);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	430
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	431 #ifdef BSD
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	432 if (ifa->ifa_addr != NULL &&
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	433 ifa->ifa_addr->sa_family == AF_LINK)
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	434 {
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	435 salen = (socklen_t)sizeof(struct if_data);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	436 memcpy(buf, ifa->ifa_data, salen);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	437 buf += ALIGN(salen);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	438 } else
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	439 #endif
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	440 salen = 0;
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	441 memcpy(sap, &salen, sizeof(salen));
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	442 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	443
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	444 freeifaddrs(ifaddrs);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	445 return 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	446 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	447 #endif
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	448
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	449 static ssize_t
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	450 ps_root_recvmsgcb(void arg, struct ps_msghdr psm, struct msghdr *msg)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	451 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	452 struct dhcpcd_ctx *ctx = arg;
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	453 uint16_t cmd;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	454 struct ps_process *psp;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	455 struct iovec *iov = msg->msg_iov;
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	456 void data = iov->iov_base, rdata = NULL;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	457 size_t len = iov->iov_len, rlen = 0;
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	458 uint8_t buf[PS_BUFLEN];
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	459 time_t mtime;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	460 ssize_t err;
5253 7a0d53acbb06 privsep: Validate UDP ports Roy Marples <roy@marples.name> parents: 5249 diff changeset	461 bool free_rdata = false;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	462
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	463 cmd = (uint16_t)(psm->ps_cmd & ~(PS_START \| PS_STOP));
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	464 psp = ps_findprocess(ctx, &psm->ps_id);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	465
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	466 #ifdef PRIVSEP_DEBUG
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	467 logerrx("%s: IN cmd %x, psp %p", __func__, psm->ps_cmd, psp);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	468 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	469
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	470 if (psp != NULL) {
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	471 if (psm->ps_cmd & PS_STOP) {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	472 int ret = ps_dostop(ctx, &psp->psp_pid, &psp->psp_fd);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	473
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	474 ps_freeprocess(psp);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	475 return ret;
5297 477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	476 } else if (psm->ps_cmd & PS_START) {
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	477 /* Process has already started .... */
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	478 return 0;
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	479 }
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	480
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	481 err = ps_sendpsmmsg(ctx, psp->psp_fd, psm, msg);
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	482 if (err == -1) {
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	483 logerr("%s: failed to send message to pid %d",
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	484 __func__, psp->psp_pid);
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	485 shutdown(psp->psp_fd, SHUT_RDWR);
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	486 close(psp->psp_fd);
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	487 psp->psp_fd = -1;
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	488 ps_freeprocess(psp);
477edd06fea7 privsep: harden process handling Roy Marples <roy@marples.name> parents: 5293 diff changeset	489 }
5242 0dd9b7f7cf6b privsep: Ensure we don't scribble garbage to BPF Roy Marples <roy@marples.name> parents: 5231 diff changeset	490 return 0;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	491 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	492
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	493 if (psm->ps_cmd & PS_STOP && psp == NULL)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	494 return 0;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	495
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	496 switch (cmd) {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	497 #ifdef INET
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	498 #ifdef ARP
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	499 case PS_BPF_ARP: /* FALLTHROUGH */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	500 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	501 case PS_BPF_BOOTP:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	502 return ps_bpf_cmd(ctx, psm, msg);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	503 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	504 #ifdef INET
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	505 case PS_BOOTP:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	506 return ps_inet_cmd(ctx, psm, msg);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	507 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	508 #ifdef INET6
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	509 #ifdef DHCP6
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	510 case PS_DHCP6: /* FALLTHROUGH */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	511 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	512 case PS_ND:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	513 return ps_inet_cmd(ctx, psm, msg);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	514 #endif
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	515 default:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	516 break;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	517 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	518
5204 47f18579daae privsep: Implement pledge(2) support as found on OpenBSD Roy Marples <roy@marples.name> parents: 5202 diff changeset	519 assert(msg->msg_iovlen == 0 \|\| msg->msg_iovlen == 1);
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	520
4844 2281307b0ef5 privsep: Expect errors from ioctl so dont log them. Roy Marples <roy@marples.name> parents: 4840 diff changeset	521 /* Reset errno */
2281307b0ef5 privsep: Expect errors from ioctl so dont log them. Roy Marples <roy@marples.name> parents: 4840 diff changeset	522 errno = 0;
2281307b0ef5 privsep: Expect errors from ioctl so dont log them. Roy Marples <roy@marples.name> parents: 4840 diff changeset	523
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	524 switch (psm->ps_cmd) {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	525 case PS_IOCTL:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	526 err = ps_root_doioctl(psm->ps_flags, data, len);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	527 if (err != -1) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	528 rdata = data;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	529 rlen = len;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	530 }
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	531 break;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	532 case PS_SCRIPT:
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	533 err = ps_root_run_script(ctx, data, len);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	534 break;
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	535 case PS_UNLINK:
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	536 if (!ps_root_validpath(ctx, psm->ps_cmd, data)) {
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	537 err = -1;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	538 break;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	539 }
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	540 err = unlink(data);
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	541 break;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	542 case PS_READFILE:
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	543 if (!ps_root_validpath(ctx, psm->ps_cmd, data)) {
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	544 err = -1;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	545 break;
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	546 }
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	547 err = readfile(data, buf, sizeof(buf));
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	548 if (err != -1) {
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	549 rdata = buf;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	550 rlen = (size_t)err;
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	551 }
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	552 break;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	553 case PS_WRITEFILE:
5249 a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	554 err = ps_root_dowritefile(ctx, (mode_t)psm->ps_flags,
a8c2969955f9 privsep: Only allow file IO to specific paths Roy Marples <roy@marples.name> parents: 5246 diff changeset	555 data, len);
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	556 break;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	557 case PS_FILEMTIME:
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	558 err = filemtime(data, &mtime);
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	559 if (err != -1) {
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	560 rdata = &mtime;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	561 rlen = sizeof(mtime);
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	562 }
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	563 break;
5526 b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	564 case PS_LOGREOPEN:
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	565 logclose();
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	566 err = logopen(ctx->logfile);
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	567 break;
5299 b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	568 #ifdef AUTH
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	569 case PS_AUTH_MONORDM:
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	570 err = ps_root_monordm(data, len);
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	571 if (err != -1) {
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	572 rdata = data;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	573 rlen = len;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	574 }
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	575 break;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	576 #endif
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	577 #ifdef PRIVSEP_GETIFADDRS
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	578 case PS_GETIFADDRS:
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	579 err = ps_root_dogetifaddrs(&rdata, &rlen);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	580 free_rdata = true;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	581 break;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	582 #endif
5286 b820f26385b7 Fix compile with inet or inet6 disabled Roy Marples <roy@marples.name> parents: 5267 diff changeset	583 #if defined(INET6) && (defined(__linux__) \|\| defined(HAVE_PLEDGE))
5258 f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	584 case PS_IP6FORWARDING:
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	585 err = ip6_forwarding(data);
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	586 break;
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	587 #endif
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	588 #ifdef PLUGIN_DEV
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	589 case PS_DEV_INITTED:
5457 7fb0274b9127 Linux: detect network namespace and deny udev in one Roy Marples <roy@marples.name> parents: 5425 diff changeset	590 err = dev_initialised(ctx, data);
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	591 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	592 case PS_DEV_LISTENING:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	593 err = dev_listening(ctx);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	594 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	595 #endif
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	596 default:
5302 ef799c0ff5cb privsep: Fix returning indirect ioctl data Roy Marples <roy@marples.name> parents: 5301 diff changeset	597 err = ps_root_os(psm, msg, &rdata, &rlen);
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	598 break;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	599 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	600
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	601 err = ps_root_writeerror(ctx, err, rlen != 0 ? rdata : 0, rlen);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	602 if (free_rdata)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	603 free(rdata);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	604 return err;
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	605 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	606
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	607 /* Receive from state engine, do an action. */
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	608 static void
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	609 ps_root_recvmsg(void *arg)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	610 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	611 struct dhcpcd_ctx *ctx = arg;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	612
5306 d10b3ad73215 privsep: Log ECONNRESET errors again Roy Marples <roy@marples.name> parents: 5304 diff changeset	613 if (ps_recvpsmsg(ctx, ctx->ps_root_fd, ps_root_recvmsgcb, ctx) == -1)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	614 logerr(__func__);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	615 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	616
5262 f168a25dd330 privsep: Fix compile for prior without dev plugins Roy Marples <roy@marples.name> parents: 5260 diff changeset	617 #ifdef PLUGIN_DEV
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	618 static int
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	619 ps_root_handleinterface(void arg, int action, const char ifname)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	620 {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	621 struct dhcpcd_ctx *ctx = arg;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	622 unsigned long flag;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	623
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	624 if (action == 1)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	625 flag = PS_DEV_IFADDED;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	626 else if (action == -1)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	627 flag = PS_DEV_IFREMOVED;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	628 else if (action == 0)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	629 flag = PS_DEV_IFUPDATED;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	630 else {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	631 errno = EINVAL;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	632 return -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	633 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	634
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	635 return (int)ps_sendcmd(ctx, ctx->ps_data_fd, PS_DEV_IFCMD, flag,
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	636 ifname, strlen(ifname) + 1);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	637 }
5262 f168a25dd330 privsep: Fix compile for prior without dev plugins Roy Marples <roy@marples.name> parents: 5260 diff changeset	638 #endif
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	639
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	640 static int
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	641 ps_root_startcb(void *arg)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	642 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	643 struct dhcpcd_ctx *ctx = arg;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	644
5169 f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	645 if (ctx->options & DHCPCD_MASTER)
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	646 setproctitle("[privileged actioneer]");
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	647 else
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	648 setproctitle("[privileged actioneer] %s%s%s",
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	649 ctx->ifv[0],
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	650 ctx->options & DHCPCD_IPV4 ? " [ip4]" : "",
f1a2ce25a64b dhcpcd: Fix separation of per interface and per family Roy Marples <roy@marples.name> parents: 5123 diff changeset	651 ctx->options & DHCPCD_IPV6 ? " [ip6]" : "");
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	652 ctx->ps_root_pid = getpid();
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	653 ctx->options \|= DHCPCD_PRIVSEPROOT;
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	654
5417 96a086beb655 Revert "privsep: shutdown read end of the write only sockets" Roy Marples <roy@marples.name> parents: 5408 diff changeset	655 /* Open network sockets for sending.
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	656 * This is a small bit wasteful for non sandboxed OS's
a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	657 * but makes life very easy for unicasting DHCPv6 in non master
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	658 * mode as we no longer care about address selection.
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	659 * We can't call shutdown SHUT_RD on the socket because it's
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	660 * not connectd. All we can do is try and set a zero sized
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	661 * receive buffer and just let it overflow.
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	662 * Reading from it just to drain it is a waste of CPU time. */
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	663 #ifdef INET
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	664 if (ctx->options & DHCPCD_IPV4) {
5422 66a1c1c34366 Use a minimum bufsize of 1 as 0 doesn't work on some OS. Roy Marples <roy@marples.name> parents: 5421 diff changeset	665 int buflen = 1;
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	666
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	667 ctx->udp_wfd = xsocket(PF_INET,
b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	668 SOCK_RAW \| SOCK_CXNB, IPPROTO_UDP);
b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	669 if (ctx->udp_wfd == -1)
b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	670 logerr("%s: dhcp_openraw", __func__);
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	671 else if (setsockopt(ctx->udp_wfd, SOL_SOCKET, SO_RCVBUF,
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	672 &buflen, sizeof(buflen)) == -1)
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	673 logerr("%s: setsockopt SO_RCVBUF DHCP", __func__);
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	674 }
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	675 #endif
a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	676 #ifdef INET6
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	677 if (ctx->options & DHCPCD_IPV6) {
5422 66a1c1c34366 Use a minimum bufsize of 1 as 0 doesn't work on some OS. Roy Marples <roy@marples.name> parents: 5421 diff changeset	678 int buflen = 1;
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	679
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	680 ctx->nd_fd = ipv6nd_open(false);
5330 7b6f2daea002 privsep: Fix bogus warnings without inet. Roy Marples <roy@marples.name> parents: 5329 diff changeset	681 if (ctx->nd_fd == -1)
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	682 logerr("%s: ipv6nd_open", __func__);
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	683 else if (setsockopt(ctx->nd_fd, SOL_SOCKET, SO_RCVBUF,
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	684 &buflen, sizeof(buflen)) == -1)
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	685 logerr("%s: setsockopt SO_RCVBUF ND", __func__);
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	686 }
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	687 #endif
a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	688 #ifdef DHCP6
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	689 if (ctx->options & DHCPCD_IPV6) {
5422 66a1c1c34366 Use a minimum bufsize of 1 as 0 doesn't work on some OS. Roy Marples <roy@marples.name> parents: 5421 diff changeset	690 int buflen = 1;
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	691
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	692 ctx->dhcp6_wfd = dhcp6_openraw();
5330 7b6f2daea002 privsep: Fix bogus warnings without inet. Roy Marples <roy@marples.name> parents: 5329 diff changeset	693 if (ctx->dhcp6_wfd == -1)
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	694 logerr("%s: dhcp6_openraw", __func__);
5421 0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	695 else if (setsockopt(ctx->dhcp6_wfd, SOL_SOCKET, SO_RCVBUF,
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	696 &buflen, sizeof(buflen)) == -1)
0229b76cea16 privsep: Set a zero length receive buffer for write only sockets Roy Marples <roy@marples.name> parents: 5417 diff changeset	697 logerr("%s: setsockopt SO_RCVBUF DHCP6", __func__);
5293 b161ecf0b891 privsep: Only open raw sockets for the needed protocols. Roy Marples <roy@marples.name> parents: 5289 diff changeset	698 }
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	699 #endif
a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	700
5262 f168a25dd330 privsep: Fix compile for prior without dev plugins Roy Marples <roy@marples.name> parents: 5260 diff changeset	701 #ifdef PLUGIN_DEV
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	702 /* Start any dev listening plugin which may want to
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	703 * change the interface name provided by the kernel */
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	704 if ((ctx->options & (DHCPCD_MASTER \| DHCPCD_DEV)) ==
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	705 (DHCPCD_MASTER \| DHCPCD_DEV))
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	706 dev_start(ctx, ps_root_handleinterface);
5262 f168a25dd330 privsep: Fix compile for prior without dev plugins Roy Marples <roy@marples.name> parents: 5260 diff changeset	707 #endif
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	708
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	709 return 0;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	710 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	711
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	712 static void
5425 9edfc000a89b privsep: Only the master process accepts signals Roy Marples <roy@marples.name> parents: 5422 diff changeset	713 ps_root_signalcb(int sig, __unused void *arg)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	714 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	715
5371 0c4a9b4da8e6 privsep: Simplyfy signal handling Roy Marples <roy@marples.name> parents: 5367 diff changeset	716 if (sig == SIGCHLD) {
5304 04f26d9f1885 privsep: Don't wait for the process to finish when stopping it Roy Marples <roy@marples.name> parents: 5302 diff changeset	717 while (waitpid(-1, NULL, WNOHANG) > 0)
04f26d9f1885 privsep: Don't wait for the process to finish when stopping it Roy Marples <roy@marples.name> parents: 5302 diff changeset	718 ;
04f26d9f1885 privsep: Don't wait for the process to finish when stopping it Roy Marples <roy@marples.name> parents: 5302 diff changeset	719 return;
04f26d9f1885 privsep: Don't wait for the process to finish when stopping it Roy Marples <roy@marples.name> parents: 5302 diff changeset	720 }
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	721 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	722
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	723 int (handle_interface)(void , int, const char *);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	724
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	725 #ifdef PLUGIN_DEV
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	726 static ssize_t
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	727 ps_root_devcb(struct dhcpcd_ctx ctx, struct ps_msghdr psm, struct msghdr *msg)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	728 {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	729 int action;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	730 struct iovec *iov = msg->msg_iov;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	731
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	732 if (msg->msg_iovlen != 1) {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	733 errno = EINVAL;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	734 return -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	735 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	736
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	737 switch(psm->ps_flags) {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	738 case PS_DEV_IFADDED:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	739 action = 1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	740 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	741 case PS_DEV_IFREMOVED:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	742 action = -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	743 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	744 case PS_DEV_IFUPDATED:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	745 action = 0;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	746 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	747 default:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	748 errno = EINVAL;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	749 return -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	750 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	751
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	752 return dhcpcd_handleinterface(ctx, action, iov->iov_base);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	753 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	754 #endif
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	755
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	756 static ssize_t
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	757 ps_root_dispatchcb(void arg, struct ps_msghdr psm, struct msghdr *msg)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	758 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	759 struct dhcpcd_ctx *ctx = arg;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	760 ssize_t err;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	761
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	762 switch(psm->ps_cmd) {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	763 #ifdef PLUGIN_DEV
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	764 case PS_DEV_IFCMD:
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	765 err = ps_root_devcb(ctx, psm, msg);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	766 break;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	767 #endif
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	768 default:
5286 b820f26385b7 Fix compile with inet or inet6 disabled Roy Marples <roy@marples.name> parents: 5267 diff changeset	769 #ifdef INET
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	770 err = ps_bpf_dispatch(ctx, psm, msg);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	771 if (err == -1 && errno == ENOTSUP)
5112 899adcd7f449 Fix build without INET or INET6 Roy Marples <roy@marples.name> parents: 5060 diff changeset	772 #endif
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	773 err = ps_inet_dispatch(ctx, psm, msg);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	774 }
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	775 return err;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	776 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	777
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	778 static void
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	779 ps_root_dispatch(void *arg)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	780 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	781 struct dhcpcd_ctx *ctx = arg;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	782
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	783 if (ps_recvpsmsg(ctx, ctx->ps_data_fd, ps_root_dispatchcb, ctx) == -1)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	784 logerr(__func__);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	785 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	786
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	787 static void
5526 b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	788 ps_root_log(void *arg)
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	789 {
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	790 struct dhcpcd_ctx *ctx = arg;
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	791
5526 b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	792 if (logreadfd(ctx->ps_log_fd) == -1)
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	793 logerr(__func__);
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	794 }
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	795
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	796 pid_t
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	797 ps_root_start(struct dhcpcd_ctx *ctx)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	798 {
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	799 int logfd[2], datafd[2];
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	800 pid_t pid;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	801
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	802 if (xsocketpair(AF_UNIX, SOCK_DGRAM \| SOCK_CXNB, 0, logfd) == -1)
5321 41b99a2a12cf privsep: Limit rights generically rather than Capsicum specifc Roy Marples <roy@marples.name> parents: 5316 diff changeset	803 return -1;
41b99a2a12cf privsep: Limit rights generically rather than Capsicum specifc Roy Marples <roy@marples.name> parents: 5316 diff changeset	804 #ifdef PRIVSEP_RIGHTS
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	805 if (ps_rights_limit_fdpair(logfd) == -1)
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	806 return -1;
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	807 #endif
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	808
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	809 if (socketpair(AF_UNIX, SOCK_DGRAM \| SOCK_CXNB, 0, datafd) == -1)
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	810 return -1;
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	811 if (ps_setbuf_fdpair(datafd) == -1)
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	812 return -1;
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	813 #ifdef PRIVSEP_RIGHTS
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	814 if (ps_rights_limit_fdpair(datafd) == -1)
5321 41b99a2a12cf privsep: Limit rights generically rather than Capsicum specifc Roy Marples <roy@marples.name> parents: 5316 diff changeset	815 return -1;
41b99a2a12cf privsep: Limit rights generically rather than Capsicum specifc Roy Marples <roy@marples.name> parents: 5316 diff changeset	816 #endif
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	817
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	818 pid = ps_dostart(ctx, &ctx->ps_root_pid, &ctx->ps_root_fd,
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	819 ps_root_recvmsg, NULL, ctx,
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	820 ps_root_startcb, ps_root_signalcb, 0);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	821
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	822 if (pid == 0) {
5526 b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	823 ctx->ps_log_fd = logfd[1];
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	824 if (eloop_event_add(ctx->eloop, ctx->ps_log_fd,
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	825 ps_root_log, ctx) == -1)
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	826 return -1;
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	827 close(logfd[0]);
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	828 ctx->ps_data_fd = datafd[1];
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	829 close(datafd[0]);
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	830 return 0;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	831 } else if (pid == -1)
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	832 return -1;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	833
5526 b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	834 logsetfd(logfd[0]);
5525 26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	835 close(logfd[1]);
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	836
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	837 ctx->ps_data_fd = datafd[0];
26b5d9bc2985 privsep: Send all log messages to the privileged actioneer Roy Marples <roy@marples.name> parents: 5491 diff changeset	838 close(datafd[1]);
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	839 if (eloop_event_add(ctx->eloop, ctx->ps_data_fd,
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	840 ps_root_dispatch, ctx) == -1)
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	841 return -1;
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	842
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	843 if ((ctx->ps_eloop = eloop_new()) == NULL)
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	844 return -1;
b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	845
5301 e6f1372f2cf0 eloop: Just use ppoll(2) Roy Marples <roy@marples.name> parents: 5299 diff changeset	846 eloop_signal_set_cb(ctx->ps_eloop,
4851 b615d58905ad privsep: Use another eloop instead of a blocking read. Roy Marples <roy@marples.name> parents: 4844 diff changeset	847 dhcpcd_signals, dhcpcd_signals_len,
5367 fce20bebb28a privsep: Use root signal_cb for all signals here. Roy Marples <roy@marples.name> parents: 5365 diff changeset	848 ps_root_signalcb, ctx);
5231 a2c342295221 privsep: Enable Capsicum for all processes. Roy Marples <roy@marples.name> parents: 5225 diff changeset	849
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	850 return pid;
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	851 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	852
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	853 int
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	854 ps_root_stop(struct dhcpcd_ctx *ctx)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	855 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	856
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	857 return ps_dostop(ctx, &ctx->ps_root_pid, &ctx->ps_root_fd);
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	858 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	859
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	860 ssize_t
5255 ee23398a68db dhcpcd: Move the script file from per interface to global context Roy Marples <roy@marples.name> parents: 5253 diff changeset	861 ps_root_script(struct dhcpcd_ctx ctx, const void data, size_t len)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	862 {
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	863
5255 ee23398a68db dhcpcd: Move the script file from per interface to global context Roy Marples <roy@marples.name> parents: 5253 diff changeset	864 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_SCRIPT, 0, data, len) == -1)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	865 return -1;
5255 ee23398a68db dhcpcd: Move the script file from per interface to global context Roy Marples <roy@marples.name> parents: 5253 diff changeset	866 return ps_root_readerror(ctx, NULL, 0);
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	867 }
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	868
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	869 ssize_t
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	870 ps_root_ioctl(struct dhcpcd_ctx ctx, ioctl_request_t req, void data,
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	871 size_t len)
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	872 {
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	873 #ifdef IOCTL_REQUEST_TYPE
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	874 unsigned long ulreq = 0;
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	875
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	876 memcpy(&ulreq, &req, sizeof(req));
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	877 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_IOCTL, ulreq, data, len) == -1)
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	878 return -1;
b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	879 #else
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	880 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_IOCTL, req, data, len) == -1)
073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	881 return -1;
4948 b664b38faf10 ioctl: The POSIX signature differs from BSD and glibc Roy Marples <roy@marples.name> parents: 4922 diff changeset	882 #endif
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	883 return ps_root_readerror(ctx, data, len);
4840 073fcd86db9b privsep: Add support for priviledge separation Roy Marples <roy@marples.name> parents: diff changeset	884 }
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	885
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	886 ssize_t
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	887 ps_root_unlink(struct dhcpcd_ctx ctx, const char file)
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	888 {
ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	889
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	890 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_UNLINK, 0,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	891 file, strlen(file) + 1) == -1)
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	892 return -1;
5202 318cd9e48312 privsep: Copy back ioctl data Roy Marples <roy@marples.name> parents: 5183 diff changeset	893 return ps_root_readerror(ctx, NULL, 0);
4989 ca9234046989 privsep: chroot the master process Roy Marples <roy@marples.name> parents: 4948 diff changeset	894 }
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	895
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	896 ssize_t
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	897 ps_root_readfile(struct dhcpcd_ctx ctx, const char file,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	898 void *data, size_t len)
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	899 {
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	900 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_READFILE, 0,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	901 file, strlen(file) + 1) == -1)
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	902 return -1;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	903 return ps_root_readerror(ctx, data, len);
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	904 }
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	905
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	906 ssize_t
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	907 ps_root_writefile(struct dhcpcd_ctx ctx, const char file, mode_t mode,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	908 const void *data, size_t len)
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	909 {
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	910 char buf[PS_BUFLEN];
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	911 size_t flen;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	912
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	913 flen = strlcpy(buf, file, sizeof(buf));
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	914 flen += 1;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	915 if (flen > sizeof(buf) \|\| flen + len > sizeof(buf)) {
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	916 errno = ENOBUFS;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	917 return -1;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	918 }
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	919 memcpy(buf + flen, data, len);
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	920
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	921 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_WRITEFILE, mode,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	922 buf, flen + len) == -1)
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	923 return -1;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	924 return ps_root_readerror(ctx, NULL, 0);
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	925 }
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	926
5208 6e53055c9989 Fix compile warnings with prior. Roy Marples <roy@marples.name> parents: 5207 diff changeset	927 ssize_t
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	928 ps_root_filemtime(struct dhcpcd_ctx ctx, const char file, time_t *time)
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	929 {
45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	930
5207 84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	931 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_FILEMTIME, 0,
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	932 file, strlen(file) + 1) == -1)
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	933 return -1;
84b63f09c8a4 privsep: Handle all file IO in the Priviledged Actioneer Roy Marples <roy@marples.name> parents: 5204 diff changeset	934 return ps_root_readerror(ctx, time, sizeof(*time));
4991 45bd88c307ed privsep: copy configuration file into chroot Roy Marples <roy@marples.name> parents: 4989 diff changeset	935 }
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	936
5526 b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	937 ssize_t
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	938 ps_root_logreopen(struct dhcpcd_ctx *ctx)
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	939 {
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	940
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	941 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_LOGREOPEN, 0, NULL, 0) == -1)
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	942 return -1;
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	943 return ps_root_readerror(ctx, NULL, 0);
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	944 }
b1a3d9055662 privsep: Allow logfile reopening in a chroot Roy Marples <roy@marples.name> parents: 5525 diff changeset	945
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	946 #ifdef PRIVSEP_GETIFADDRS
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	947 int
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	948 ps_root_getifaddrs(struct dhcpcd_ctx ctx, struct ifaddrs *ifahead)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	949 {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	950 struct ifaddrs *ifa;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	951 void *buf = NULL;
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	952 char bp, sap;
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	953 socklen_t salen;
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	954 size_t len;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	955 ssize_t err;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	956
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	957 if (ps_sendcmd(ctx, ctx->ps_root_fd,
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	958 PS_GETIFADDRS, 0, NULL, 0) == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	959 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	960 err = ps_root_mreaderror(ctx, &buf, &len);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	961
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	962 if (err == -1)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	963 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	964
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	965 /* Should be impossible - lo0 will always exist. */
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	966 if (len == 0) {
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	967 *ifahead = NULL;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	968 return 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	969 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	970
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	971 bp = buf;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	972 ifahead = (struct ifaddrs )(void *)bp;
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	973 for (ifa = *ifahead; ifa != NULL; ifa = ifa->ifa_next) {
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	974 if (len < ALIGN(sizeof(*ifa)) +
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	975 ALIGN(IFNAMSIZ) + ALIGN(sizeof(salen) * IFA_NADDRS))
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	976 goto err;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	977 bp += ALIGN(sizeof(*ifa));
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	978 ifa->ifa_name = bp;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	979 bp += ALIGN(IFNAMSIZ);
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	980 sap = bp;
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	981 bp += ALIGN(sizeof(salen) * IFA_NADDRS);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	982 len -= ALIGN(sizeof(*ifa)) +
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	983 ALIGN(IFNAMSIZ) + ALIGN(sizeof(salen) * IFA_NADDRS);
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	984
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	985 #define COPYOUTSA(addr) \
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	986 do { \
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	987 memcpy(&salen, sap, sizeof(salen)); \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	988 if (len < salen) \
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	989 goto err; \
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	990 if (salen != 0) { \
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	991 (addr) = (struct sockaddr *)bp; \
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	992 bp += ALIGN(salen); \
2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	993 len -= ALIGN(salen); \
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	994 } \
5225 2b18af138e24 privsep: sockaddr len should be socklen_t Roy Marples <roy@marples.name> parents: 5224 diff changeset	995 sap += sizeof(salen); \
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	996 } while (0 /* CONSTCOND */)
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	997
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	998 COPYOUTSA(ifa->ifa_addr);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	999 COPYOUTSA(ifa->ifa_netmask);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1000 COPYOUTSA(ifa->ifa_broadaddr);
5491 6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	1001
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	1002 memcpy(&salen, sap, sizeof(salen));
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	1003 if (len < salen)
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	1004 goto err;
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	1005 if (salen != 0) {
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	1006 ifa->ifa_data = bp;
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	1007 bp += ALIGN(salen);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	1008 len -= ALIGN(salen);
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	1009 } else
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	1010 ifa->ifa_data = NULL;
6cd47402148f privsep: We now need to carry ifa_data for BSD Roy Marples <roy@marples.name> parents: 5457 diff changeset	1011
5316 0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	1012 if (len != 0)
0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	1013 ifa->ifa_next = (struct ifaddrs )(void )bp;
0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	1014 else
0a99cd624a1c Linux: make resource limits work by using getifaddrs over privsep Roy Marples <roy@marples.name> parents: 5309 diff changeset	1015 ifa->ifa_next = NULL;
5223 333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1016 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1017 return 0;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1018
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1019 err:
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1020 free(buf);
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1021 *ifahead = NULL;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1022 errno = EINVAL;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1023 return -1;
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1024 }
333f66ce84bd privsep: Add a generic wrapper for getifaddrs(3) Roy Marples <roy@marples.name> parents: 5208 diff changeset	1025 #endif
5258 f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1026
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1027 #if defined(__linux__) \|\| defined(HAVE_PLEDGE)
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1028 ssize_t
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1029 ps_root_ip6forwarding(struct dhcpcd_ctx ctx, const char ifname)
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1030 {
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1031
5263 1e7ce40ed871 Fix prior for BSD Roy Marples <roy@marples.name> parents: 5262 diff changeset	1032 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_IP6FORWARDING, 0,
1e7ce40ed871 Fix prior for BSD Roy Marples <roy@marples.name> parents: 5262 diff changeset	1033 ifname, ifname != NULL ? strlen(ifname) + 1 : 0) == -1)
5258 f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1034 return -1;
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1035 return ps_root_readerror(ctx, NULL, 0);
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1036 }
f29e384aa13e privsep: Allow Linux to work without needing any mounts Roy Marples <roy@marples.name> parents: 5255 diff changeset	1037 #endif
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1038
5299 b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1039 #ifdef AUTH
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1040 int
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1041 ps_root_getauthrdm(struct dhcpcd_ctx ctx, uint64_t rdm)
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1042 {
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1043
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1044 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_AUTH_MONORDM, 0,
5350 f97d9554afb4 privsep: fix size of rdm Roy Marples <roy@marples.name> parents: 5345 diff changeset	1045 rdm, sizeof(*rdm))== -1)
5299 b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1046 return -1;
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1047 return (int)ps_root_readerror(ctx, rdm, sizeof(*rdm));
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1048 }
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1049 #endif
b7e676ac73c1 privsep: Access the RDM monotic file via IPC Roy Marples <roy@marples.name> parents: 5297 diff changeset	1050
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1051 #ifdef PLUGIN_DEV
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1052 int
5457 7fb0274b9127 Linux: detect network namespace and deny udev in one Roy Marples <roy@marples.name> parents: 5425 diff changeset	1053 ps_root_dev_initialised(struct dhcpcd_ctx ctx, const char ifname)
5260 7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1054 {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1055
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1056 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_DEV_INITTED, 0,
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1057 ifname, strlen(ifname) + 1)== -1)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1058 return -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1059 return (int)ps_root_readerror(ctx, NULL, 0);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1060 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1061
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1062 int
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1063 ps_root_dev_listening(struct dhcpcd_ctx * ctx)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1064 {
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1065
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1066 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_DEV_LISTENING, 0, NULL, 0)== -1)
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1067 return -1;
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1068 return (int)ps_root_readerror(ctx, NULL, 0);
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1069 }
7571d82b48da privsep: Allow dev plugins to work Roy Marples <roy@marples.name> parents: 5258 diff changeset	1070 #endif

Mercurial > hg > dhcpcd

annotate src/privsep-root.c @ 5526:b1a3d9055662 draft