X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fjournal%2Fjournal-send.c;h=0ee83cdb778fc75421049697b6864c6f6d64be12;hp=d0f3b725ff5ee9a3a1d97e0fc5fe33f4a7fc11f8;hb=73843b52585d42cc1a970a1c664818ece6942e9e;hpb=18c7ed186be28800a2eeb37ad31c9c44480d3d9c diff --git a/src/journal/journal-send.c b/src/journal/journal-send.c index d0f3b725f..0ee83cdb7 100644 --- a/src/journal/journal-send.c +++ b/src/journal/journal-send.c @@ -25,15 +25,28 @@ #include #include #include +#include #define SD_JOURNAL_SUPPRESS_LOCATION #include "sd-journal.h" #include "util.h" #include "socket-util.h" +#include "memfd.h" #define SNDBUF_SIZE (8*1024*1024) +#define ALLOCA_CODE_FUNC(f, func) \ + do { \ + size_t _fl; \ + const char *_func = (func); \ + char **_f = &(f); \ + _fl = strlen(_func) + 1; \ + *_f = alloca(_fl + 10); \ + memcpy(*_f, "CODE_FUNC=", 10); \ + memcpy(*_f + 10, _func, _fl); \ + } while(false) + /* We open a single fd, and we'll share it with the current process, * all its threads, and all its subprocesses. This means we need to * initialize it atomically, and need to operate on it atomically @@ -54,7 +67,7 @@ retry: fd_inc_sndbuf(fd, SNDBUF_SIZE); if (!__sync_bool_compare_and_swap(&fd_plus_one, 0, fd+1)) { - close_nointr_nofail(fd); + safe_close(fd); goto retry; } @@ -79,11 +92,9 @@ _public_ int sd_journal_printv(int priority, const char *format, va_list ap) { char buffer[8 + LINE_MAX], p[11]; struct iovec iov[2]; - if (priority < 0 || priority > 7) - return -EINVAL; - - if (!format) - return -EINVAL; + assert_return(priority >= 0, -EINVAL); + assert_return(priority <= 7, -EINVAL); + assert_return(format, -EINVAL); snprintf(p, sizeof(p), "PRIORITY=%i", priority & LOG_PRIMASK); char_array_0(p); @@ -99,13 +110,12 @@ _public_ int sd_journal_printv(int priority, const char *format, va_list ap) { return sd_journal_sendv(iov, 2); } -static int fill_iovec_sprintf(const char *format, va_list ap, int extra, struct iovec **_iov) { +_printf_(1, 0) static int fill_iovec_sprintf(const char *format, va_list ap, int extra, struct iovec **_iov) { + PROTECT_ERRNO; int r, n = 0, i = 0, j; struct iovec *iov = NULL; - int saved_errno; assert(_iov); - saved_errno = errno; if (extra > 0) { n = MAX(extra * 2, extra + 4); @@ -121,6 +131,7 @@ static int fill_iovec_sprintf(const char *format, va_list ap, int extra, struct while (format) { struct iovec *c; char *buffer; + va_list aq; if (i >= n) { n = MAX(i*2, 4); @@ -133,10 +144,15 @@ static int fill_iovec_sprintf(const char *format, va_list ap, int extra, struct iov = c; } - if (vasprintf(&buffer, format, ap) < 0) { + va_copy(aq, ap); + if (vasprintf(&buffer, format, aq) < 0) { + va_end(aq); r = -ENOMEM; goto fail; } + va_end(aq); + + VA_FORMAT_ADVANCE(format, ap); IOVEC_SET_STRING(iov[i++], buffer); @@ -145,7 +161,6 @@ static int fill_iovec_sprintf(const char *format, va_list ap, int extra, struct *_iov = iov; - errno = saved_errno; return i; fail: @@ -154,7 +169,6 @@ fail: free(iov); - errno = saved_errno; return r; } @@ -184,55 +198,53 @@ finish: } _public_ int sd_journal_sendv(const struct iovec *iov, int n) { - int fd, buffer_fd; + PROTECT_ERRNO; + int fd, r; + _cleanup_close_ int buffer_fd = -1; struct iovec *w; uint64_t *l; - int r, i, j = 0; - struct msghdr mh; - struct sockaddr_un sa; + int i, j = 0; + struct sockaddr_un sa = { + .sun_family = AF_UNIX, + .sun_path = "/run/systemd/journal/socket", + }; + struct msghdr mh = { + .msg_name = &sa, + .msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(sa.sun_path), + }; ssize_t k; - int saved_errno; union { struct cmsghdr cmsghdr; uint8_t buf[CMSG_SPACE(sizeof(int))]; } control; struct cmsghdr *cmsg; - /* We use /dev/shm instead of /tmp here, since we want this to - * be a tmpfs, and one that is available from early boot on - * and where unprivileged users can create files. */ - char path[] = "/dev/shm/journal.XXXXXX"; - - if (_unlikely_(!iov)) - return -EINVAL; + bool have_syslog_identifier = false; + bool seal = true; - if (_unlikely_(n <= 0)) - return -EINVAL; + assert_return(iov, -EINVAL); + assert_return(n > 0, -EINVAL); - saved_errno = errno; - - w = alloca(sizeof(struct iovec) * n * 5); + w = alloca(sizeof(struct iovec) * n * 5 + 3); l = alloca(sizeof(uint64_t) * n); for (i = 0; i < n; i++) { char *c, *nl; - if (_unlikely_(!iov[i].iov_base || iov[i].iov_len <= 1)) { - r = -EINVAL; - goto finish; - } + if (_unlikely_(!iov[i].iov_base || iov[i].iov_len <= 1)) + return -EINVAL; c = memchr(iov[i].iov_base, '=', iov[i].iov_len); - if (_unlikely_(!c || c == iov[i].iov_base)) { - r = -EINVAL; - goto finish; - } + if (_unlikely_(!c || c == iov[i].iov_base)) + return -EINVAL; + + have_syslog_identifier = have_syslog_identifier || + (c == (char *) iov[i].iov_base + 17 && + startswith(iov[i].iov_base, "SYSLOG_IDENTIFIER")); nl = memchr(iov[i].iov_base, '\n', iov[i].iov_len); if (nl) { - if (_unlikely_(nl < c)) { - r = -EINVAL; - goto finish; - } + if (_unlikely_(nl < c)) + return -EINVAL; /* Already includes a newline? Bummer, then * let's write the variable name, then a @@ -262,54 +274,66 @@ _public_ int sd_journal_sendv(const struct iovec *iov, int n) { IOVEC_SET_STRING(w[j++], "\n"); } - fd = journal_fd(); - if (_unlikely_(fd < 0)) { - r = fd; - goto finish; + if (!have_syslog_identifier && + string_is_safe(program_invocation_short_name)) { + + /* Implicitly add program_invocation_short_name, if it + * is not set explicitly. We only do this for + * program_invocation_short_name, and nothing else + * since everything else is much nicer to retrieve + * from the outside. */ + + IOVEC_SET_STRING(w[j++], "SYSLOG_IDENTIFIER="); + IOVEC_SET_STRING(w[j++], program_invocation_short_name); + IOVEC_SET_STRING(w[j++], "\n"); } - zero(sa); - sa.sun_family = AF_UNIX; - strncpy(sa.sun_path, "/run/systemd/journal/socket", sizeof(sa.sun_path)); + fd = journal_fd(); + if (_unlikely_(fd < 0)) + return fd; - zero(mh); - mh.msg_name = &sa; - mh.msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(sa.sun_path); mh.msg_iov = w; mh.msg_iovlen = j; k = sendmsg(fd, &mh, MSG_NOSIGNAL); - if (k >= 0) { - r = 0; - goto finish; - } + if (k >= 0) + return 0; - if (errno != EMSGSIZE && errno != ENOBUFS) { - r = -errno; - goto finish; - } + /* Fail silently if the journal is not available */ + if (errno == ENOENT) + return 0; - /* Message doesn't fit... Let's dump the data in a temporary - * file and just pass a file descriptor of it to the other - * side */ + if (errno != EMSGSIZE && errno != ENOBUFS) + return -errno; - buffer_fd = mkostemp(path, O_CLOEXEC|O_RDWR); + /* Message doesn't fit... Let's dump the data in a memfd or + * temporary file and just pass a file descriptor of it to the + * other side. + * + * For the temporary files we use /dev/shm instead of /tmp + * here, since we want this to be a tmpfs, and one that is + * available from early boot on and where unprivileged users + * can create files. */ + buffer_fd = memfd_new(NULL); if (buffer_fd < 0) { - r = -errno; - goto finish; - } + if (buffer_fd == -ENOSYS) { + buffer_fd = open_tmpfile("/dev/shm", O_RDWR | O_CLOEXEC); + if (buffer_fd < 0) + return buffer_fd; - if (unlink(path) < 0) { - close_nointr_nofail(buffer_fd); - r = -errno; - goto finish; + seal = false; + } else + return buffer_fd; } n = writev(buffer_fd, w, j); - if (n < 0) { - close_nointr_nofail(buffer_fd); - r = -errno; - goto finish; + if (n < 0) + return -errno; + + if (seal) { + r = memfd_set_sealed(buffer_fd); + if (r < 0) + return r; } mh.msg_iov = NULL; @@ -328,26 +352,15 @@ _public_ int sd_journal_sendv(const struct iovec *iov, int n) { mh.msg_controllen = cmsg->cmsg_len; k = sendmsg(fd, &mh, MSG_NOSIGNAL); - close_nointr_nofail(buffer_fd); - - if (k < 0) { - r = -errno; - goto finish; - } - - r = 0; - -finish: - errno = saved_errno; + if (k < 0) + return -errno; - return r; + return 0; } static int fill_iovec_perror_and_send(const char *message, int skip, struct iovec iov[]) { - size_t n, k, r; - int saved_errno; - - saved_errno = errno; + PROTECT_ERRNO; + size_t n, k; k = isempty(message) ? 0 : strlen(message) + 2; n = 8 + k + 256 + 1; @@ -357,7 +370,7 @@ static int fill_iovec_perror_and_send(const char *message, int skip, struct iove char* j; errno = 0; - j = strerror_r(saved_errno, buffer + 8 + k, n - 8 - k); + j = strerror_r(_saved_errno_, buffer + 8 + k, n - 8 - k); if (errno == 0) { char error[6 + 10 + 1]; /* for a 32bit value */ @@ -371,24 +384,18 @@ static int fill_iovec_perror_and_send(const char *message, int skip, struct iove memcpy(buffer + 8 + k - 2, ": ", 2); } - snprintf(error, sizeof(error), "ERRNO=%u", saved_errno); + snprintf(error, sizeof(error), "ERRNO=%u", _saved_errno_); char_array_0(error); IOVEC_SET_STRING(iov[skip+0], "PRIORITY=3"); IOVEC_SET_STRING(iov[skip+1], buffer); IOVEC_SET_STRING(iov[skip+2], error); - r = sd_journal_sendv(iov, skip + 3); - - errno = saved_errno; - return r; + return sd_journal_sendv(iov, skip + 3); } - if (errno != ERANGE) { - r = -errno; - errno = saved_errno; - return r; - } + if (errno != ERANGE) + return -errno; n *= 2; } @@ -401,33 +408,28 @@ _public_ int sd_journal_perror(const char *message) { } _public_ int sd_journal_stream_fd(const char *identifier, int priority, int level_prefix) { - union sockaddr_union sa; - int fd; + union sockaddr_union sa = { + .un.sun_family = AF_UNIX, + .un.sun_path = "/run/systemd/journal/stdout", + }; + _cleanup_close_ int fd = -1; char *header; size_t l; - ssize_t r; + int r; - if (priority < 0 || priority > 7) - return -EINVAL; + assert_return(priority >= 0, -EINVAL); + assert_return(priority <= 7, -EINVAL); fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0); if (fd < 0) return -errno; - zero(sa); - sa.un.sun_family = AF_UNIX; - strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path)); - r = connect(fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path)); - if (r < 0) { - close_nointr_nofail(fd); + if (r < 0) return -errno; - } - if (shutdown(fd, SHUT_RD) < 0) { - close_nointr_nofail(fd); + if (shutdown(fd, SHUT_RD) < 0) return -errno; - } fd_inc_sndbuf(fd, SNDBUF_SIZE); @@ -439,7 +441,7 @@ _public_ int sd_journal_stream_fd(const char *identifier, int priority, int leve memcpy(header, identifier, l); header[l++] = '\n'; - header[l++] = '\n'; + header[l++] = '\n'; /* unit id */ header[l++] = '0' + priority; header[l++] = '\n'; header[l++] = '0' + !!level_prefix; @@ -451,18 +453,16 @@ _public_ int sd_journal_stream_fd(const char *identifier, int priority, int leve header[l++] = '0'; header[l++] = '\n'; - r = loop_write(fd, header, l, false); - if (r < 0) { - close_nointr_nofail(fd); - return (int) r; - } + r = (int) loop_write(fd, header, l, false); + if (r < 0) + return r; - if ((size_t) r != l) { - close_nointr_nofail(fd); + if ((size_t) r != l) return -errno; - } - return fd; + r = fd; + fd = -1; + return r; } _public_ int sd_journal_print_with_location(int priority, const char *file, const char *line, const char *func, const char *format, ...) { @@ -480,13 +480,10 @@ _public_ int sd_journal_printv_with_location(int priority, const char *file, con char buffer[8 + LINE_MAX], p[11]; struct iovec iov[5]; char *f; - size_t fl; - - if (priority < 0 || priority > 7) - return -EINVAL; - if (_unlikely_(!format)) - return -EINVAL; + assert_return(priority >= 0, -EINVAL); + assert_return(priority <= 7, -EINVAL); + assert_return(format, -EINVAL); snprintf(p, sizeof(p), "PRIORITY=%i", priority & LOG_PRIMASK); char_array_0(p); @@ -498,10 +495,7 @@ _public_ int sd_journal_printv_with_location(int priority, const char *file, con /* func is initialized from __func__ which is not a macro, but * a static const char[], hence cannot easily be prefixed with * CODE_FUNC=, hence let's do it manually here. */ - fl = strlen(func); - f = alloca(fl + 10); - memcpy(f, "CODE_FUNC=", 10); - memcpy(f + 10, func, fl + 1); + ALLOCA_CODE_FUNC(f, func); zero(iov); IOVEC_SET_STRING(iov[0], buffer); @@ -518,7 +512,6 @@ _public_ int sd_journal_send_with_location(const char *file, const char *line, c va_list ap; struct iovec *iov = NULL; char *f; - size_t fl; va_start(ap, format); i = fill_iovec_sprintf(format, ap, 3, &iov); @@ -529,10 +522,7 @@ _public_ int sd_journal_send_with_location(const char *file, const char *line, c goto finish; } - fl = strlen(func); - f = alloca(fl + 10); - memcpy(f, "CODE_FUNC=", 10); - memcpy(f + 10, func, fl + 1); + ALLOCA_CODE_FUNC(f, func); IOVEC_SET_STRING(iov[0], file); IOVEC_SET_STRING(iov[1], line); @@ -556,21 +546,14 @@ _public_ int sd_journal_sendv_with_location( struct iovec *niov; char *f; - size_t fl; - - if (_unlikely_(!iov)) - return -EINVAL; - if (_unlikely_(n <= 0)) - return -EINVAL; + assert_return(iov, -EINVAL); + assert_return(n > 0, -EINVAL); niov = alloca(sizeof(struct iovec) * (n + 3)); memcpy(niov, iov, sizeof(struct iovec) * n); - fl = strlen(func); - f = alloca(fl + 10); - memcpy(f, "CODE_FUNC=", 10); - memcpy(f + 10, func, fl + 1); + ALLOCA_CODE_FUNC(f, func); IOVEC_SET_STRING(niov[n++], file); IOVEC_SET_STRING(niov[n++], line); @@ -585,13 +568,9 @@ _public_ int sd_journal_perror_with_location( const char *message) { struct iovec iov[6]; - size_t fl; char *f; - fl = strlen(func); - f = alloca(fl + 10); - memcpy(f, "CODE_FUNC=", 10); - memcpy(f + 10, func, fl + 1); + ALLOCA_CODE_FUNC(f, func); IOVEC_SET_STRING(iov[0], file); IOVEC_SET_STRING(iov[1], line);