X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fshared%2Futil.c;h=c824c3934e3dedc2c8cda61581fd0ee9b0ed1f1d;hp=1c35edfbb19595027742df31e6fa4c0f4280267a;hb=b4696bce07e0a596accf097b7bff84bf30198f25;hpb=98088803bb2a9f89b7bbc063123dda3343138f18 diff --git a/src/shared/util.c b/src/shared/util.c index 1c35edfbb..c824c3934 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -61,6 +61,10 @@ #include #undef basename +#ifdef HAVE_SYS_AUXV_H +#include +#endif + #include "macro.h" #include "util.h" #include "ioprio.h" @@ -86,7 +90,7 @@ static volatile unsigned cached_columns = 0; static volatile unsigned cached_lines = 0; size_t page_size(void) { - static __thread size_t pgsz = 0; + static thread_local size_t pgsz = 0; long r; if (_likely_(pgsz > 0)) @@ -436,8 +440,7 @@ char *split_quoted(const char *c, size_t *l, char **state) { int get_parent_of_pid(pid_t pid, pid_t *_ppid) { int r; - _cleanup_fclose_ FILE *f = NULL; - char line[LINE_MAX]; + _cleanup_free_ char *line = NULL; long unsigned ppid; const char *p; @@ -450,14 +453,9 @@ int get_parent_of_pid(pid_t pid, pid_t *_ppid) { } p = procfs_file_alloca(pid, "stat"); - f = fopen(p, "re"); - if (!f) - return -errno; - - if (!fgets(line, sizeof(line), f)) { - r = feof(f) ? -EIO : -errno; + r = read_one_line_file(p, &line); + if (r < 0) return r; - } /* Let's skip the pid and comm fields. The latter is enclosed * in () but does not escape any () in its value, so let's @@ -484,28 +482,17 @@ int get_parent_of_pid(pid_t pid, pid_t *_ppid) { } int get_starttime_of_pid(pid_t pid, unsigned long long *st) { - _cleanup_fclose_ FILE *f = NULL; - char line[LINE_MAX]; + int r; + _cleanup_free_ char *line = NULL; const char *p; assert(pid >= 0); assert(st); - if (pid == 0) - p = "/proc/self/stat"; - else - p = procfs_file_alloca(pid, "stat"); - - f = fopen(p, "re"); - if (!f) - return errno == ENOENT ? -ESRCH : -errno; - - if (!fgets(line, sizeof(line), f)) { - if (ferror(f)) - return -errno; - - return -EIO; - } + p = procfs_file_alloca(pid, "stat"); + r = read_one_line_file(p, &line); + if (r < 0) + return r; /* Let's skip the pid and comm fields. The latter is enclosed * in () but does not escape any () in its value, so let's @@ -569,10 +556,7 @@ int get_process_comm(pid_t pid, char **name) { assert(name); assert(pid >= 0); - if (pid == 0) - p = "/proc/self/comm"; - else - p = procfs_file_alloca(pid, "comm"); + p = procfs_file_alloca(pid, "comm"); r = read_one_line_file(p, name); if (r == -ENOENT) @@ -590,10 +574,7 @@ int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char * assert(line); assert(pid >= 0); - if (pid == 0) - p = "/proc/self/cmdline"; - else - p = procfs_file_alloca(pid, "cmdline"); + p = procfs_file_alloca(pid, "cmdline"); f = fopen(p, "re"); if (!f) @@ -712,10 +693,7 @@ int get_process_capeff(pid_t pid, char **capeff) { assert(capeff); assert(pid >= 0); - if (pid == 0) - p = "/proc/self/status"; - else - p = procfs_file_alloca(pid, "status"); + p = procfs_file_alloca(pid, "status"); return get_status_field(p, "\nCapEff:", capeff); } @@ -728,10 +706,7 @@ int get_process_exe(pid_t pid, char **name) { assert(pid >= 0); assert(name); - if (pid == 0) - p = "/proc/self/exe"; - else - p = procfs_file_alloca(pid, "exe"); + p = procfs_file_alloca(pid, "exe"); r = readlink_malloc(p, name); if (r < 0) @@ -2306,7 +2281,6 @@ bool is_device_path(const char *path) { int dir_is_empty(const char *path) { _cleanup_closedir_ DIR *d; - int r; d = opendir(path); if (!d) @@ -2314,11 +2288,11 @@ int dir_is_empty(const char *path) { for (;;) { struct dirent *de; - union dirent_storage buf; - r = readdir_r(d, &buf.de, &de); - if (r > 0) - return -r; + errno = 0; + de = readdir(d); + if (!de && errno != 0) + return -errno; if (!de) return 1; @@ -2346,42 +2320,48 @@ char* dirname_malloc(const char *path) { return dir; } -unsigned long long random_ull(void) { +void random_bytes(void *p, size_t n) { + static bool srand_called = false; _cleanup_close_ int fd; - uint64_t ull; - ssize_t r; + ssize_t k; + uint8_t *q; fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY); if (fd < 0) goto fallback; - r = loop_read(fd, &ull, sizeof(ull), true); - if (r != sizeof(ull)) + k = loop_read(fd, p, n, true); + if (k < 0 || (size_t) k != n) goto fallback; - return ull; + return; fallback: - return random() * RAND_MAX + random(); -} -unsigned random_u(void) { - _cleanup_close_ int fd; - unsigned u; - ssize_t r; + if (!srand_called) { - fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY); - if (fd < 0) - goto fallback; +#ifdef HAVE_SYS_AUXV_H + /* The kernel provides us with a bit of entropy in + * auxv, so let's try to make use of that to seed the + * pseudo-random generator. It's better than + * nothing... */ - r = loop_read(fd, &u, sizeof(u), true); - if (r != sizeof(u)) - goto fallback; + void *auxv; - return u; + auxv = (void*) getauxval(AT_RANDOM); + if (auxv) + srand(*(unsigned*) auxv); + else +#endif + srand(time(NULL) + gettid()); -fallback: - return random() * RAND_MAX + random(); + srand_called = true; + } + + /* If some idiot made /dev/urandom unavailable to us, he'll + * get a PRNG instead. */ + for (q = p; q < (uint8_t*) p + n; q ++) + *q = rand(); } void rename_process(const char name[8]) { @@ -2533,24 +2513,17 @@ int getttyname_harder(int fd, char **r) { } int get_ctty_devnr(pid_t pid, dev_t *d) { - _cleanup_fclose_ FILE *f = NULL; - char line[LINE_MAX], *p; + int r; + _cleanup_free_ char *line = NULL; + const char *p; unsigned long ttynr; - const char *fn; assert(pid >= 0); - if (pid == 0) - fn = "/proc/self/stat"; - else - fn = procfs_file_alloca(pid, "stat"); - - f = fopen(fn, "re"); - if (!f) - return -errno; - - if (!fgets(line, sizeof(line), f)) - return feof(f) ? -EIO : -errno; + p = procfs_file_alloca(pid, "stat"); + r = read_one_line_file(p, &line); + if (r < 0) + return r; p = strrchr(line, ')'); if (!p) @@ -2660,14 +2633,15 @@ int rm_rf_children_dangerous(int fd, bool only_dirs, bool honour_sticky, struct for (;;) { struct dirent *de; - union dirent_storage buf; bool is_dir, keep_around; struct stat st; int r; - r = readdir_r(d, &buf.de, &de); - if (r != 0 && ret == 0) { - ret = -r; + errno = 0; + de = readdir(d); + if (!de && errno != 0) { + if (ret == 0) + ret = -errno; break; } @@ -2737,9 +2711,9 @@ int rm_rf_children_dangerous(int fd, bool only_dirs, bool honour_sticky, struct _pure_ static int is_temporary_fs(struct statfs *s) { assert(s); - return - F_TYPE_EQUAL(s->f_type, TMPFS_MAGIC) || - F_TYPE_EQUAL(s->f_type, RAMFS_MAGIC); + + return F_TYPE_EQUAL(s->f_type, TMPFS_MAGIC) || + F_TYPE_EQUAL(s->f_type, RAMFS_MAGIC); } int rm_rf_children(int fd, bool only_dirs, bool honour_sticky, struct stat *root_dev) { @@ -3469,7 +3443,7 @@ int wait_for_terminate_and_warn(const char *name, pid_t pid) { return -EPROTO; } -_noreturn_ void freeze(void) { +noreturn void freeze(void) { /* Make sure nobody waits for us on a socket anymore */ close_all_fds(NULL, 0); @@ -4137,7 +4111,7 @@ int symlink_atomic(const char *from, const char *to) { _cleanup_free_ char *t; const char *fn; size_t k; - unsigned long long ull; + uint64_t u; unsigned i; int r; @@ -4154,10 +4128,10 @@ int symlink_atomic(const char *from, const char *to) { t[k] = '.'; x = stpcpy(t+k+1, fn); - ull = random_ull(); + u = random_u64(); for (i = 0; i < 16; i++) { - *(x++) = hexchar(ull & 0xF); - ull >>= 4; + *(x++) = hexchar(u & 0xF); + u >>= 4; } *x = 0; @@ -4485,13 +4459,11 @@ int get_files_in_directory(const char *path, char ***list) { for (;;) { struct dirent *de; - union dirent_storage buf; - int k; - k = readdir_r(d, &buf.de, &de); - assert(k >= 0); - if (k > 0) - return -k; + errno = 0; + de = readdir(d); + if (!de && errno != 0) + return -errno; if (!de) break; @@ -4580,7 +4552,7 @@ char *strjoin(const char *x, ...) { } bool is_main_thread(void) { - static __thread int cached = 0; + static thread_local int cached = 0; if (_unlikely_(cached == 0)) cached = getpid() == gettid() ? 1 : -1; @@ -4798,7 +4770,7 @@ static const char *const __signal_table[] = { DEFINE_PRIVATE_STRING_TABLE_LOOKUP(__signal, int); const char *signal_to_string(int signo) { - static __thread char buf[sizeof("RTMIN+")-1 + DECIMAL_STR_MAX(int) + 1]; + static thread_local char buf[sizeof("RTMIN+")-1 + DECIMAL_STR_MAX(int) + 1]; const char *name; name = __signal_to_string(signo); @@ -4936,15 +4908,15 @@ int fd_inc_sndbuf(int fd, size_t n) { socklen_t l = sizeof(value); r = getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, &l); - if (r >= 0 && - l == sizeof(value) && - (size_t) value >= n*2) + if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2) return 0; + /* If we have the privileges we will ignore the kernel limit. */ + value = (int) n; - r = setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)); - if (r < 0) - return -errno; + if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0) + if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0) + return -errno; return 1; } @@ -4954,16 +4926,15 @@ int fd_inc_rcvbuf(int fd, size_t n) { socklen_t l = sizeof(value); r = getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, &l); - if (r >= 0 && - l == sizeof(value) && - (size_t) value >= n*2) + if (r >= 0 && l == sizeof(value) && (size_t) value >= n*2) return 0; - value = (int) n; - r = setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)); - if (r < 0) - return -errno; + /* If we have the privileges we will ignore the kernel limit. */ + value = (int) n; + if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0) + if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0) + return -errno; return 1; } @@ -5088,10 +5059,7 @@ int getenv_for_pid(pid_t pid, const char *field, char **_value) { assert(field); assert(_value); - if (pid == 0) - path = "/proc/self/environ"; - else - path = procfs_file_alloca(pid, "environ"); + path = procfs_file_alloca(pid, "environ"); f = fopen(path, "re"); if (!f) @@ -5155,7 +5123,7 @@ bool is_valid_documentation_url(const char *url) { } bool in_initrd(void) { - static __thread int saved = -1; + static int saved = -1; struct statfs s; if (saved >= 0) @@ -5220,10 +5188,10 @@ int make_console_stdio(void) { } int get_home_dir(char **_h) { - char *h; + struct passwd *p; const char *e; + char *h; uid_t u; - struct passwd *p; assert(_h); @@ -5266,6 +5234,53 @@ int get_home_dir(char **_h) { return 0; } +int get_shell(char **_s) { + struct passwd *p; + const char *e; + char *s; + uid_t u; + + assert(_s); + + /* Take the user specified one */ + e = getenv("SHELL"); + if (e) { + s = strdup(e); + if (!s) + return -ENOMEM; + + *_s = s; + return 0; + } + + /* Hardcode home directory for root to avoid NSS */ + u = getuid(); + if (u == 0) { + s = strdup("/bin/sh"); + if (!s) + return -ENOMEM; + + *_s = s; + return 0; + } + + /* Check the database... */ + errno = 0; + p = getpwuid(u); + if (!p) + return errno > 0 ? -errno : -ESRCH; + + if (!path_is_absolute(p->pw_shell)) + return -EINVAL; + + s = strdup(p->pw_shell); + if (!s) + return -ENOMEM; + + *_s = s; + return 0; +} + bool filename_is_safe(const char *p) { if (isempty(p)) @@ -5571,15 +5586,14 @@ int on_ac_power(void) { for (;;) { struct dirent *de; - union dirent_storage buf; _cleanup_close_ int fd = -1, device = -1; char contents[6]; ssize_t n; - int k; - k = readdir_r(d, &buf.de, &de); - if (k != 0) - return -k; + errno = 0; + de = readdir(d); + if (!de && errno != 0) + return -errno; if (!de) break; @@ -5941,8 +5955,20 @@ int proc_cmdline(char **ret) { int r; if (detect_container(NULL) > 0) { - *ret = NULL; - return 0; + char *buf, *p; + size_t sz = 0; + + r = read_full_file("/proc/1/cmdline", &buf, &sz); + if (r < 0) + return r; + + for (p = buf; p + 1 < buf + sz; p++) + if (*p == 0) + *p = ' '; + + *p = 0; + *ret = buf; + return 1; } r = read_one_line_file("/proc/cmdline", ret); @@ -5951,3 +5977,167 @@ int proc_cmdline(char **ret) { return 1; } + +int container_get_leader(const char *machine, pid_t *pid) { + _cleanup_free_ char *s = NULL, *class = NULL; + const char *p; + pid_t leader; + int r; + + assert(machine); + assert(pid); + + p = strappenda("/run/systemd/machines/", machine); + r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL); + if (r == -ENOENT) + return -EHOSTDOWN; + if (r < 0) + return r; + if (!s) + return -EIO; + + if (!streq_ptr(class, "container")) + return -EIO; + + r = parse_pid(s, &leader); + if (r < 0) + return r; + if (leader <= 1) + return -EIO; + + *pid = leader; + return 0; +} + +int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *root_fd) { + _cleanup_close_ int pidnsfd = -1, mntnsfd = -1; + const char *pidns, *mntns, *root; + int rfd; + + assert(pid >= 0); + assert(pidns_fd); + assert(mntns_fd); + assert(root_fd); + + mntns = procfs_file_alloca(pid, "ns/mnt"); + mntnsfd = open(mntns, O_RDONLY|O_NOCTTY|O_CLOEXEC); + if (mntnsfd < 0) + return -errno; + + pidns = procfs_file_alloca(pid, "ns/pid"); + pidnsfd = open(pidns, O_RDONLY|O_NOCTTY|O_CLOEXEC); + if (pidnsfd < 0) + return -errno; + + root = procfs_file_alloca(pid, "root"); + rfd = open(root, O_RDONLY|O_NOCTTY|O_CLOEXEC|O_DIRECTORY); + if (rfd < 0) + return -errno; + + *pidns_fd = pidnsfd; + *mntns_fd = mntnsfd; + *root_fd = rfd; + pidnsfd = -1; + mntnsfd = -1; + + return 0; +} + +int namespace_enter(int pidns_fd, int mntns_fd, int root_fd) { + assert(pidns_fd >= 0); + assert(mntns_fd >= 0); + assert(root_fd >= 0); + + if (setns(pidns_fd, CLONE_NEWPID) < 0) + return -errno; + + if (setns(mntns_fd, CLONE_NEWNS) < 0) + return -errno; + + if (fchdir(root_fd) < 0) + return -errno; + + if (chroot(".") < 0) + return -errno; + + if (setresgid(0, 0, 0) < 0) + return -errno; + + if (setresuid(0, 0, 0) < 0) + return -errno; + + return 0; +} + +bool pid_valid(pid_t pid) { + if (pid <= 0) + return false; + + if (kill(pid, 0) >= 0) + return true; + + return errno != ESRCH; +} + +int getpeercred(int fd, struct ucred *ucred) { + socklen_t n = sizeof(struct ucred); + struct ucred u; + int r; + + assert(fd >= 0); + assert(ucred); + + r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &u, &n); + if (r < 0) + return -errno; + + if (n != sizeof(struct ucred)) + return -EIO; + + /* Check if the data is actually useful and not suppressed due + * to namespacing issues */ + if (u.pid <= 0) + return -ENODATA; + + *ucred = u; + return 0; +} + +int getpeersec(int fd, char **ret) { + socklen_t n = 64; + char *s; + int r; + + assert(fd >= 0); + assert(ret); + + s = new0(char, n); + if (!s) + return -ENOMEM; + + r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n); + if (r < 0) { + free(s); + + if (errno != ERANGE) + return -errno; + + s = new0(char, n); + if (!s) + return -ENOMEM; + + r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n); + if (r < 0) { + free(s); + return -errno; + } + } + + if (isempty(s)) { + free(s); + return -ENOTSUP; + } + + *ret = s; + return 0; +}