X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fjournal%2Fjournald-native.c;h=0f3936a1469676670587227bb15bcd0d9633755d;hb=6b9732b2bf0499c5e4ea8a9d4f6051d98033f680;hp=0f9af378cfd072dc7f8f87498cf920674c13e12d;hpb=968f319679d9069af037240d0c3bcd126181cdac;p=elogind.git diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c index 0f9af378c..0f3936a14 100644 --- a/src/journal/journald-native.c +++ b/src/journal/journald-native.c @@ -25,18 +25,15 @@ #include "socket-util.h" #include "path-util.h" +#include "selinux-util.h" #include "journald-server.h" #include "journald-native.h" #include "journald-kmsg.h" #include "journald-console.h" #include "journald-syslog.h" +#include "journald-wall.h" -/* Make sure not to make this smaller than the maximum coredump - * size. See COREDUMP_MAX in coredump.c */ -#define ENTRY_SIZE_MAX (1024*1024*768) -#define DATA_SIZE_MAX (1024*1024*768) - -static bool valid_user_field(const char *p, size_t l) { +bool valid_user_field(const char *p, size_t l, bool allow_protected) { const char *a; /* We kinda enforce POSIX syntax recommendations for @@ -54,7 +51,7 @@ static bool valid_user_field(const char *p, size_t l) { return false; /* Variables starting with an underscore are protected */ - if (p[0] == '_') + if (!allow_protected && p[0] == '_') return false; /* Don't allow digits as first character */ @@ -63,9 +60,9 @@ static bool valid_user_field(const char *p, size_t l) { /* Only allow A-Z0-9 and '_' */ for (a = p; a < p + l; a++) - if (!((*a >= 'A' && *a <= 'Z') || - (*a >= '0' && *a <= '9') || - *a == '_')) + if ((*a < 'A' || *a > 'Z') && + (*a < '0' || *a > '9') && + *a != '_') return false; return true; @@ -85,7 +82,7 @@ void server_process_native_message( struct iovec *iovec = NULL; unsigned n = 0, j, tn = (unsigned) -1; const char *p; - size_t remaining, m = 0; + size_t remaining, m = 0, entry_size = 0; int priority = LOG_INFO; char *identifier = NULL, *message = NULL; pid_t object_pid = 0; @@ -109,9 +106,17 @@ void server_process_native_message( if (e == p) { /* Entry separator */ + + if (entry_size + n + 1 > ENTRY_SIZE_MAX) { /* data + separators + trailer */ + log_debug("Entry is too big with %u properties and %zu bytes, ignoring.", + n, entry_size); + continue; + } + server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority, object_pid); n = 0; priority = LOG_INFO; + entry_size = 0; p++; remaining--; @@ -137,7 +142,7 @@ void server_process_native_message( q = memchr(p, '=', e - p); if (q) { - if (valid_user_field(p, q - p)) { + if (valid_user_field(p, q - p, false)) { size_t l; l = e - p; @@ -149,28 +154,29 @@ void server_process_native_message( iovec[n].iov_base = (char*) p; iovec[n].iov_len = l; n++; + entry_size += iovec[n].iov_len; /* We need to determine the priority * of this entry for the rate limiting * logic */ if (l == 10 && - hasprefix(p, "PRIORITY=") && + startswith(p, "PRIORITY=") && p[9] >= '0' && p[9] <= '9') priority = (priority & LOG_FACMASK) | (p[9] - '0'); else if (l == 17 && - hasprefix(p, "SYSLOG_FACILITY=") && + startswith(p, "SYSLOG_FACILITY=") && p[16] >= '0' && p[16] <= '9') priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3); else if (l == 18 && - hasprefix(p, "SYSLOG_FACILITY=") && + startswith(p, "SYSLOG_FACILITY=") && p[16] >= '0' && p[16] <= '9' && p[17] >= '0' && p[17] <= '9') priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3); else if (l >= 19 && - hasprefix(p, "SYSLOG_IDENTIFIER=")) { + startswith(p, "SYSLOG_IDENTIFIER=")) { char *t; t = strndup(p + 18, l - 18); @@ -179,7 +185,7 @@ void server_process_native_message( identifier = t; } } else if (l >= 8 && - hasprefix(p, "MESSAGE=")) { + startswith(p, "MESSAGE=")) { char *t; t = strndup(p + 8, l - 8); @@ -189,7 +195,7 @@ void server_process_native_message( } } else if (l > strlen("OBJECT_PID=") && l < strlen("OBJECT_PID=") + DECIMAL_STR_MAX(pid_t) && - hasprefix(p, "OBJECT_PID=") && + startswith(p, "OBJECT_PID=") && allow_object_pid(ucred)) { char buf[DECIMAL_STR_MAX(pid_t)]; memcpy(buf, p + strlen("OBJECT_PID="), l - strlen("OBJECT_PID=")); @@ -217,7 +223,7 @@ void server_process_native_message( l = le64toh(l_le); if (l > DATA_SIZE_MAX) { - log_debug("Received binary data block too large, ignoring."); + log_debug("Received binary data block of %zu bytes is too large, ignoring.", l); break; } @@ -237,10 +243,11 @@ void server_process_native_message( k[e - p] = '='; memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l); - if (valid_user_field(p, e - p)) { + if (valid_user_field(p, e - p, false)) { iovec[n].iov_base = k; iovec[n].iov_len = (e - p) + 1 + l; n++; + entry_size += iovec[n].iov_len; } else free(k); @@ -254,6 +261,13 @@ void server_process_native_message( tn = n++; IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal"); + entry_size += strlen("_TRANSPORT=journal"); + + if (entry_size + n + 1 > ENTRY_SIZE_MAX) { /* data + separators + trailer */ + log_debug("Entry is too big with %u properties and %zu bytes, ignoring.", + n, entry_size); + goto finish; + } if (message) { if (s->forward_to_syslog) @@ -264,6 +278,9 @@ void server_process_native_message( if (s->forward_to_console) server_forward_console(s, priority, identifier, message, ucred); + + if (s->forward_to_wall) + server_forward_wall(s, priority, identifier, message, ucred); } server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority, object_pid); @@ -368,7 +385,6 @@ void server_process_native_file( int server_open_native_socket(Server*s) { union sockaddr_union sa; int one, r; - struct epoll_event ev; assert(s); @@ -388,7 +404,7 @@ int server_open_native_socket(Server*s) { r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path)); if (r < 0) { - log_error("bind() failed: %m"); + log_error("bind(%s) failed: %m", sa.un.sun_path); return -errno; } @@ -404,10 +420,12 @@ int server_open_native_socket(Server*s) { } #ifdef HAVE_SELINUX - one = 1; - r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)); - if (r < 0) - log_warning("SO_PASSSEC failed: %m"); + if (use_selinux()) { + one = 1; + r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)); + if (r < 0) + log_warning("SO_PASSSEC failed: %m"); + } #endif one = 1; @@ -417,12 +435,10 @@ int server_open_native_socket(Server*s) { return -errno; } - zero(ev); - ev.events = EPOLLIN; - ev.data.fd = s->native_fd; - if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) { - log_error("Failed to add native server fd to epoll object: %m"); - return -errno; + r = sd_event_add_io(s->event, &s->native_event_source, s->native_fd, EPOLLIN, process_datagram, s); + if (r < 0) { + log_error("Failed to add native server fd to event loop: %s", strerror(-r)); + return r; } return 0;