X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=udevd.c;h=366c227a3bc9c48c42d1236c4e2fe5006e3cc685;hb=2e31718495a89e6b582240ed527950f78e7d1849;hp=8ba833186e100bb3958acb0d0c6b2ff6e81beae1;hpb=2f6cbd19113167746dc4fb6b4f3f5fd64a1c211f;p=elogind.git diff --git a/udevd.c b/udevd.c index 8ba833186..366c227a3 100644 --- a/udevd.c +++ b/udevd.c @@ -40,7 +40,6 @@ #include "udevd.h" #include "logging.h" -unsigned char logname[42]; static int expected_seqnum = 0; volatile static int children_waiting; volatile static int msg_q_timeout; @@ -52,6 +51,13 @@ LIST_HEAD(running_list); static void exec_queue_manager(void); static void msg_queue_manager(void); +unsigned char logname[42]; + +int log_ok(void) +{ + return 1; +} + static void msg_dump_queue(void) { struct hotplug_msg *msg; @@ -108,14 +114,18 @@ static void msg_queue_insert(struct hotplug_msg *msg) static void udev_run(struct hotplug_msg *msg) { pid_t pid; - setenv("ACTION", msg->action, 1); - setenv("DEVPATH", msg->devpath, 1); + char action[32]; + char devpath[256]; + char *env[] = { action, devpath, NULL }; + + snprintf(action, sizeof(action), "ACTION=%s", msg->action); + snprintf(devpath, sizeof(devpath), "DEVPATH=%s", msg->devpath); pid = fork(); switch (pid) { case 0: /* child */ - execl(UDEV_BIN, "udev", msg->subsystem, NULL); + execle(UDEV_BIN, "udev", msg->subsystem, NULL, env); dbg("exec of child failed"); exit(1); break; @@ -212,6 +222,11 @@ static void handle_msg(int sock) { struct hotplug_msg *msg; int retval; + struct msghdr smsg; + struct cmsghdr *cmsg; + struct iovec iov; + struct ucred *cred; + char cred_msg[CMSG_SPACE(sizeof(struct ucred))]; msg = msg_create(); if (msg == NULL) { @@ -219,13 +234,30 @@ static void handle_msg(int sock) return; } - retval = recv(sock, msg, sizeof(struct hotplug_msg), 0); + iov.iov_base = msg; + iov.iov_len = sizeof(struct hotplug_msg); + + memset(&smsg, 0x00, sizeof(struct msghdr)); + smsg.msg_iov = &iov; + smsg.msg_iovlen = 1; + smsg.msg_control = cred_msg; + smsg.msg_controllen = sizeof(cred_msg); + + retval = recvmsg(sock, &smsg, 0); if (retval < 0) { if (errno != EINTR) dbg("unable to receive message"); return; } - + cmsg = CMSG_FIRSTHDR(&smsg); + cred = (struct ucred *) CMSG_DATA(cmsg); + + if (cred->uid != 0) { + dbg("sender uid=%i, message ignored", cred->uid); + free(msg); + return; + } + if (strncmp(msg->magic, UDEV_MAGIC, sizeof(UDEV_MAGIC)) != 0 ) { dbg("message magic '%s' doesn't match, ignore it", msg->magic); free(msg); @@ -279,17 +311,22 @@ int main(int argc, char *argv[]) struct sockaddr_un saddr; socklen_t addrlen; int retval; + const int on = 1; + struct sigaction act; init_logging("udevd"); - signal(SIGINT, sig_handler); - signal(SIGTERM, sig_handler); - signal(SIGALRM, sig_handler); - signal(SIGCHLD, sig_handler); + /* set signal handler */ + act.sa_handler = sig_handler; + sigemptyset (&act.sa_mask); + act.sa_flags = SA_RESTART; + sigaction(SIGINT, &act, NULL); + sigaction(SIGTERM, &act, NULL); /* we want these two to interrupt system calls */ - siginterrupt(SIGALRM, 1); - siginterrupt(SIGCHLD, 1); + act.sa_flags = 0; + sigaction(SIGALRM, &act, NULL); + sigaction(SIGCHLD, &act, NULL); memset(&saddr, 0x00, sizeof(saddr)); saddr.sun_family = AF_LOCAL; @@ -304,12 +341,15 @@ int main(int argc, char *argv[]) } /* the bind takes care of ensuring only one copy running */ - retval = bind(ssock, &saddr, addrlen); + retval = bind(ssock, (struct sockaddr *) &saddr, addrlen); if (retval < 0) { dbg("bind failed\n"); goto exit; } + /* enable receiving of the sender credentials */ + setsockopt(ssock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); + while (1) { handle_msg(ssock);