]>
Commit | Line | Data |
---|---|---|
cc73685d | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
d06245b8 | 2 | |
d38dd64a CB |
3 | #ifndef _GNU_SOURCE |
4 | #define _GNU_SOURCE 1 | |
5 | #endif | |
94ac256f CB |
6 | #include <errno.h> |
7 | #include <fcntl.h> | |
8 | #include <stddef.h> | |
ae467c54 CB |
9 | #include <stdio.h> |
10 | #include <stdlib.h> | |
b0a33c1e | 11 | #include <string.h> |
12 | #include <unistd.h> | |
b0a33c1e | 13 | #include <sys/socket.h> |
94ac256f | 14 | #include <sys/syscall.h> |
b0a33c1e | 15 | #include <sys/un.h> |
16 | ||
59eac805 | 17 | #include "af_unix.h" |
d38dd64a | 18 | #include "config.h" |
2dcb28a9 | 19 | #include "log.h" |
2fb94e95 | 20 | #include "macro.h" |
83c11f1d | 21 | #include "memory_utils.h" |
f40988c7 | 22 | #include "process_utils.h" |
0059379f | 23 | #include "utils.h" |
2dcb28a9 | 24 | |
9de31d5a CB |
25 | #ifndef HAVE_STRLCPY |
26 | #include "include/strlcpy.h" | |
27 | #endif | |
28 | ||
ac2cecc4 | 29 | lxc_log_define(af_unix, lxc); |
b0a33c1e | 30 | |
c62fb5e0 | 31 | static ssize_t lxc_abstract_unix_set_sockaddr(struct sockaddr_un *addr, |
2fb94e95 | 32 | const char *path) |
b0a33c1e | 33 | { |
ddb17f1f | 34 | size_t len; |
b0a33c1e | 35 | |
2fb94e95 CB |
36 | if (!addr || !path) |
37 | return ret_errno(EINVAL); | |
b0a33c1e | 38 | |
aae93dd3 | 39 | /* Clear address structure */ |
c62fb5e0 | 40 | memset(addr, 0, sizeof(*addr)); |
b0a33c1e | 41 | |
c62fb5e0 | 42 | addr->sun_family = AF_UNIX; |
aae93dd3 | 43 | |
caf3beb0 | 44 | len = strlen(&path[1]); |
c62fb5e0 | 45 | |
caf3beb0 | 46 | /* do not enforce \0-termination */ |
2fb94e95 CB |
47 | if (len >= INT_MAX || len >= sizeof(addr->sun_path)) |
48 | return ret_errno(ENAMETOOLONG); | |
9de31d5a CB |
49 | |
50 | /* do not enforce \0-termination */ | |
c62fb5e0 | 51 | memcpy(&addr->sun_path[1], &path[1], len); |
52 | return len; | |
53 | } | |
54 | ||
55 | int lxc_abstract_unix_open(const char *path, int type, int flags) | |
56 | { | |
f62cf1d4 | 57 | __do_close int fd = -EBADF; |
2fb94e95 | 58 | int ret; |
c62fb5e0 | 59 | ssize_t len; |
60 | struct sockaddr_un addr; | |
61 | ||
ad9429e5 | 62 | fd = socket(PF_UNIX, type | SOCK_CLOEXEC, 0); |
c62fb5e0 | 63 | if (fd < 0) |
64 | return -1; | |
65 | ||
66 | if (!path) | |
2fb94e95 | 67 | return move_fd(fd); |
c62fb5e0 | 68 | |
69 | len = lxc_abstract_unix_set_sockaddr(&addr, path); | |
2fb94e95 | 70 | if (len < 0) |
c62fb5e0 | 71 | return -1; |
b0a33c1e | 72 | |
77b0073a CB |
73 | ret = bind(fd, (struct sockaddr *)&addr, |
74 | offsetof(struct sockaddr_un, sun_path) + len + 1); | |
2fb94e95 | 75 | if (ret < 0) |
b0a33c1e | 76 | return -1; |
ddb17f1f | 77 | |
77b0073a CB |
78 | if (type == SOCK_STREAM) { |
79 | ret = listen(fd, 100); | |
2fb94e95 | 80 | if (ret < 0) |
77b0073a | 81 | return -1; |
b0a33c1e | 82 | } |
83 | ||
2fb94e95 | 84 | return move_fd(fd); |
b0a33c1e | 85 | } |
86 | ||
9044b79e | 87 | void lxc_abstract_unix_close(int fd) |
b0a33c1e | 88 | { |
b0a33c1e | 89 | close(fd); |
b0a33c1e | 90 | } |
91 | ||
aae93dd3 | 92 | int lxc_abstract_unix_connect(const char *path) |
b0a33c1e | 93 | { |
f62cf1d4 | 94 | __do_close int fd = -EBADF; |
2fb94e95 | 95 | int ret; |
c62fb5e0 | 96 | ssize_t len; |
b0a33c1e | 97 | struct sockaddr_un addr; |
98 | ||
ad9429e5 | 99 | fd = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0); |
b0a33c1e | 100 | if (fd < 0) |
101 | return -1; | |
102 | ||
c62fb5e0 | 103 | len = lxc_abstract_unix_set_sockaddr(&addr, path); |
2fb94e95 | 104 | if (len < 0) |
aae93dd3 | 105 | return -1; |
9de31d5a | 106 | |
77b0073a CB |
107 | ret = connect(fd, (struct sockaddr *)&addr, |
108 | offsetof(struct sockaddr_un, sun_path) + len + 1); | |
2fb94e95 | 109 | if (ret < 0) |
b0a33c1e | 110 | return -1; |
b0a33c1e | 111 | |
2fb94e95 | 112 | return move_fd(fd); |
b0a33c1e | 113 | } |
114 | ||
d17c815d | 115 | int lxc_abstract_unix_send_fds_iov(int fd, const int *sendfds, int num_sendfds, |
780215cf | 116 | struct iovec *const iov, size_t iovlen) |
b0a33c1e | 117 | { |
c3e3c21a CB |
118 | __do_free char *cmsgbuf = NULL; |
119 | int ret; | |
d17c815d | 120 | struct msghdr msg = {}; |
ae467c54 | 121 | struct cmsghdr *cmsg = NULL; |
ae467c54 CB |
122 | size_t cmsgbufsize = CMSG_SPACE(num_sendfds * sizeof(int)); |
123 | ||
95103b60 CB |
124 | if (num_sendfds <= 0) |
125 | return ret_errno(EINVAL); | |
126 | ||
ae467c54 | 127 | cmsgbuf = malloc(cmsgbufsize); |
d17c815d CB |
128 | if (!cmsgbuf) |
129 | return ret_errno(-ENOMEM); | |
b0a33c1e | 130 | |
604f0955 | 131 | msg.msg_control = cmsgbuf; |
ae467c54 | 132 | msg.msg_controllen = cmsgbufsize; |
b0a33c1e | 133 | |
604f0955 | 134 | cmsg = CMSG_FIRSTHDR(&msg); |
604f0955 ÇO |
135 | cmsg->cmsg_level = SOL_SOCKET; |
136 | cmsg->cmsg_type = SCM_RIGHTS; | |
ae467c54 | 137 | cmsg->cmsg_len = CMSG_LEN(num_sendfds * sizeof(int)); |
b0a33c1e | 138 | |
ae467c54 CB |
139 | msg.msg_controllen = cmsg->cmsg_len; |
140 | ||
141 | memcpy(CMSG_DATA(cmsg), sendfds, num_sendfds * sizeof(int)); | |
b0a33c1e | 142 | |
e1726045 WB |
143 | msg.msg_iov = iov; |
144 | msg.msg_iovlen = iovlen; | |
b0a33c1e | 145 | |
2fb94e95 CB |
146 | do { |
147 | ret = sendmsg(fd, &msg, MSG_NOSIGNAL); | |
148 | } while (ret < 0 && errno == EINTR); | |
c3e3c21a CB |
149 | |
150 | return ret; | |
b0a33c1e | 151 | } |
152 | ||
d17c815d | 153 | int lxc_abstract_unix_send_fds(int fd, const int *sendfds, int num_sendfds, |
e1726045 WB |
154 | void *data, size_t size) |
155 | { | |
d17c815d | 156 | char buf[1] = {}; |
e1726045 | 157 | struct iovec iov = { |
d17c815d CB |
158 | .iov_base = data ? data : buf, |
159 | .iov_len = data ? size : sizeof(buf), | |
e1726045 | 160 | }; |
2fb94e95 | 161 | return lxc_abstract_unix_send_fds_iov(fd, sendfds, num_sendfds, &iov, 1); |
e1726045 WB |
162 | } |
163 | ||
5ed06d3a CB |
164 | int lxc_unix_send_fds(int fd, int *sendfds, int num_sendfds, void *data, |
165 | size_t size) | |
166 | { | |
167 | return lxc_abstract_unix_send_fds(fd, sendfds, num_sendfds, data, size); | |
168 | } | |
169 | ||
1b82d721 CB |
170 | int __lxc_abstract_unix_send_two_fds(int fd, int fd_first, int fd_second, |
171 | void *data, size_t size) | |
172 | { | |
173 | int fd_send[2] = { | |
174 | fd_first, | |
175 | fd_second, | |
176 | }; | |
177 | return lxc_abstract_unix_send_fds(fd, fd_send, 2, data, size); | |
178 | } | |
179 | ||
d17c815d CB |
180 | static ssize_t lxc_abstract_unix_recv_fds_iov(int fd, |
181 | struct unix_fds *ret_fds, | |
182 | struct iovec *ret_iov, | |
183 | size_t size_ret_iov) | |
b0a33c1e | 184 | { |
c3e3c21a | 185 | __do_free char *cmsgbuf = NULL; |
d17c815d CB |
186 | ssize_t ret; |
187 | struct msghdr msg = {}; | |
188 | struct cmsghdr *cmsg = NULL; | |
cdb2a47f | 189 | size_t cmsgbufsize = CMSG_SPACE(sizeof(struct ucred)) + |
d17c815d | 190 | CMSG_SPACE(ret_fds->fd_count_max * sizeof(int)); |
ae467c54 | 191 | |
780215cf CB |
192 | if (ret_fds->flags & ~UNIX_FDS_ACCEPT_MASK) |
193 | return ret_errno(EINVAL); | |
194 | ||
195 | if (hweight32((ret_fds->flags & ~UNIX_FDS_ACCEPT_NONE)) > 1) | |
196 | return ret_errno(EINVAL); | |
197 | ||
d961ebd9 CB |
198 | if (ret_fds->fd_count_max >= KERNEL_SCM_MAX_FD) |
199 | return ret_errno(EINVAL); | |
200 | ||
201 | if (ret_fds->fd_count_ret != 0) | |
202 | return ret_errno(EINVAL); | |
203 | ||
d17c815d | 204 | cmsgbuf = zalloc(cmsgbufsize); |
2fb94e95 CB |
205 | if (!cmsgbuf) |
206 | return ret_errno(ENOMEM); | |
b0a33c1e | 207 | |
d17c815d CB |
208 | msg.msg_control = cmsgbuf; |
209 | msg.msg_controllen = cmsgbufsize; | |
b0a33c1e | 210 | |
d17c815d CB |
211 | msg.msg_iov = ret_iov; |
212 | msg.msg_iovlen = size_ret_iov; | |
b0a33c1e | 213 | |
d17c815d CB |
214 | again: |
215 | ret = recvmsg(fd, &msg, MSG_CMSG_CLOEXEC); | |
216 | if (ret < 0) { | |
217 | if (errno == EINTR) | |
218 | goto again; | |
b0a33c1e | 219 | |
2d7b0895 | 220 | return syserror("Failed to receive response"); |
d17c815d CB |
221 | } |
222 | if (ret == 0) | |
223 | return 0; | |
224 | ||
225 | /* If SO_PASSCRED is set we will always get a ucred message. */ | |
226 | for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) { | |
227 | if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) { | |
228 | __u32 idx; | |
8af9b5da | 229 | /* |
780215cf | 230 | * This causes some compilers to complain about |
8af9b5da CB |
231 | * increased alignment requirements but I haven't found |
232 | * a better way to deal with this yet. Suggestions | |
233 | * welcome! | |
234 | */ | |
d17c815d CB |
235 | #pragma GCC diagnostic push |
236 | #pragma GCC diagnostic ignored "-Wcast-align" | |
237 | int *fds_raw = (int *)CMSG_DATA(cmsg); | |
238 | #pragma GCC diagnostic pop | |
239 | __u32 num_raw = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int); | |
240 | ||
241 | /* | |
242 | * We received an insane amount of file descriptors | |
243 | * which exceeds the kernel limit we know about so | |
244 | * close them and return an error. | |
245 | */ | |
92fea74b | 246 | if (num_raw >= KERNEL_SCM_MAX_FD) { |
d17c815d CB |
247 | for (idx = 0; idx < num_raw; idx++) |
248 | close(fds_raw[idx]); | |
249 | ||
060aaa39 | 250 | return syserror_set(-EFBIG, "Received excessive number of file descriptors"); |
d17c815d CB |
251 | } |
252 | ||
780215cf CB |
253 | if (msg.msg_flags & MSG_CTRUNC) { |
254 | for (idx = 0; idx < num_raw; idx++) | |
255 | close(fds_raw[idx]); | |
256 | ||
060aaa39 | 257 | return syserror_set(-EFBIG, "Control message was truncated; closing all fds and rejecting incomplete message"); |
780215cf CB |
258 | } |
259 | ||
d17c815d | 260 | if (ret_fds->fd_count_max > num_raw) { |
780215cf CB |
261 | if (!(ret_fds->flags & UNIX_FDS_ACCEPT_LESS)) { |
262 | for (idx = 0; idx < num_raw; idx++) | |
263 | close(fds_raw[idx]); | |
264 | ||
060aaa39 | 265 | return syserror_set(-EINVAL, "Received fewer file descriptors than we expected %u != %u", |
780215cf CB |
266 | ret_fds->fd_count_max, num_raw); |
267 | } | |
268 | ||
d17c815d CB |
269 | /* |
270 | * Make sure any excess entries in the fd array | |
271 | * are set to -EBADF so our cleanup functions | |
272 | * can safely be called. | |
273 | */ | |
274 | for (idx = num_raw; idx < ret_fds->fd_count_max; idx++) | |
275 | ret_fds->fd[idx] = -EBADF; | |
276 | ||
780215cf | 277 | ret_fds->flags |= UNIX_FDS_RECEIVED_LESS; |
d17c815d | 278 | } else if (ret_fds->fd_count_max < num_raw) { |
780215cf CB |
279 | if (!(ret_fds->flags & UNIX_FDS_ACCEPT_MORE)) { |
280 | for (idx = 0; idx < num_raw; idx++) | |
281 | close(fds_raw[idx]); | |
282 | ||
060aaa39 | 283 | return syserror_set(-EINVAL, "Received more file descriptors than we expected %u != %u", |
780215cf CB |
284 | ret_fds->fd_count_max, num_raw); |
285 | } | |
286 | ||
d17c815d CB |
287 | /* Make sure we close any excess fds we received. */ |
288 | for (idx = ret_fds->fd_count_max; idx < num_raw; idx++) | |
289 | close(fds_raw[idx]); | |
290 | ||
d17c815d CB |
291 | /* Cap the number of received file descriptors. */ |
292 | num_raw = ret_fds->fd_count_max; | |
780215cf CB |
293 | ret_fds->flags |= UNIX_FDS_RECEIVED_MORE; |
294 | } else { | |
295 | ret_fds->flags |= UNIX_FDS_RECEIVED_EXACT; | |
296 | } | |
297 | ||
298 | if (hweight32((ret_fds->flags & ~UNIX_FDS_ACCEPT_MASK)) > 1) { | |
299 | for (idx = 0; idx < num_raw; idx++) | |
300 | close(fds_raw[idx]); | |
301 | ||
060aaa39 | 302 | return syserror_set(-EINVAL, "Invalid flag combination; closing to not risk leaking fds %u != %u", |
780215cf | 303 | ret_fds->fd_count_max, num_raw); |
d17c815d CB |
304 | } |
305 | ||
306 | memcpy(ret_fds->fd, CMSG_DATA(cmsg), num_raw * sizeof(int)); | |
307 | ret_fds->fd_count_ret = num_raw; | |
308 | break; | |
309 | } | |
cdb2a47f | 310 | } |
ae467c54 | 311 | |
780215cf CB |
312 | if (ret_fds->fd_count_ret == 0) { |
313 | ret_fds->flags |= UNIX_FDS_RECEIVED_NONE; | |
314 | ||
315 | /* We expected to receive file descriptors. */ | |
316 | if ((ret_fds->flags & UNIX_FDS_ACCEPT_MASK) && | |
317 | !(ret_fds->flags & UNIX_FDS_ACCEPT_NONE)) | |
060aaa39 | 318 | return syserror_set(-EINVAL, "Received no file descriptors"); |
780215cf CB |
319 | } |
320 | ||
604f0955 | 321 | return ret; |
b0a33c1e | 322 | } |
323 | ||
d17c815d CB |
324 | ssize_t lxc_abstract_unix_recv_fds(int fd, struct unix_fds *ret_fds, |
325 | void *ret_data, size_t size_ret_data) | |
dc85e31e | 326 | { |
d17c815d CB |
327 | char buf[1] = {}; |
328 | struct iovec iov = { | |
329 | .iov_base = ret_data ? ret_data : buf, | |
330 | .iov_len = ret_data ? size_ret_data : sizeof(buf), | |
331 | }; | |
332 | ssize_t ret; | |
333 | ||
334 | ret = lxc_abstract_unix_recv_fds_iov(fd, ret_fds, &iov, 1); | |
335 | if (ret < 0) | |
336 | return ret; | |
337 | ||
338 | return ret; | |
339 | } | |
340 | ||
341 | ssize_t lxc_abstract_unix_recv_one_fd(int fd, int *ret_fd, void *ret_data, | |
342 | size_t size_ret_data) | |
343 | { | |
344 | call_cleaner(put_unix_fds) struct unix_fds *fds = NULL; | |
345 | char buf[1] = {}; | |
346 | struct iovec iov = { | |
347 | .iov_base = ret_data ? ret_data : buf, | |
348 | .iov_len = ret_data ? size_ret_data : sizeof(buf), | |
349 | }; | |
350 | ssize_t ret; | |
351 | ||
352 | fds = &(struct unix_fds){ | |
353 | .fd_count_max = 1, | |
354 | }; | |
355 | ||
356 | ret = lxc_abstract_unix_recv_fds_iov(fd, fds, &iov, 1); | |
357 | if (ret < 0) | |
358 | return ret; | |
359 | ||
360 | if (ret == 0) | |
361 | return ret_errno(ENODATA); | |
362 | ||
363 | if (fds->fd_count_ret != fds->fd_count_max) | |
364 | *ret_fd = -EBADF; | |
365 | else | |
366 | *ret_fd = move_fd(fds->fd[0]); | |
367 | ||
368 | return ret; | |
369 | } | |
370 | ||
1b82d721 CB |
371 | ssize_t __lxc_abstract_unix_recv_two_fds(int fd, int *fd_first, int *fd_second, |
372 | void *data, size_t size) | |
d17c815d CB |
373 | { |
374 | call_cleaner(put_unix_fds) struct unix_fds *fds = NULL; | |
375 | char buf[1] = {}; | |
dc85e31e | 376 | struct iovec iov = { |
1b82d721 CB |
377 | .iov_base = data ?: buf, |
378 | .iov_len = size ?: sizeof(buf), | |
dc85e31e | 379 | }; |
d17c815d CB |
380 | ssize_t ret; |
381 | ||
382 | fds = &(struct unix_fds){ | |
383 | .fd_count_max = 2, | |
384 | }; | |
385 | ||
386 | ret = lxc_abstract_unix_recv_fds_iov(fd, fds, &iov, 1); | |
387 | if (ret < 0) | |
388 | return ret; | |
389 | ||
390 | if (ret == 0) | |
391 | return ret_errno(ENODATA); | |
392 | ||
393 | if (fds->fd_count_ret != fds->fd_count_max) { | |
1b82d721 CB |
394 | *fd_first = -EBADF; |
395 | *fd_second = -EBADF; | |
d17c815d | 396 | } else { |
1b82d721 CB |
397 | *fd_first = move_fd(fds->fd[0]); |
398 | *fd_second = move_fd(fds->fd[1]); | |
d17c815d CB |
399 | } |
400 | ||
401 | return 0; | |
dc85e31e CB |
402 | } |
403 | ||
aae93dd3 | 404 | int lxc_abstract_unix_send_credential(int fd, void *data, size_t size) |
b0a33c1e | 405 | { |
77b0073a | 406 | struct msghdr msg = {0}; |
604f0955 ÇO |
407 | struct iovec iov; |
408 | struct cmsghdr *cmsg; | |
b0a33c1e | 409 | struct ucred cred = { |
2fb94e95 CB |
410 | .pid = lxc_raw_getpid(), |
411 | .uid = getuid(), | |
412 | .gid = getgid(), | |
b0a33c1e | 413 | }; |
caf3beb0 CB |
414 | char cmsgbuf[CMSG_SPACE(sizeof(cred))] = {0}; |
415 | char buf[1] = {0}; | |
b0a33c1e | 416 | |
604f0955 ÇO |
417 | msg.msg_control = cmsgbuf; |
418 | msg.msg_controllen = sizeof(cmsgbuf); | |
b0a33c1e | 419 | |
604f0955 ÇO |
420 | cmsg = CMSG_FIRSTHDR(&msg); |
421 | cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred)); | |
422 | cmsg->cmsg_level = SOL_SOCKET; | |
423 | cmsg->cmsg_type = SCM_CREDENTIALS; | |
0e391e57 | 424 | memcpy(CMSG_DATA(cmsg), &cred, sizeof(cred)); |
b0a33c1e | 425 | |
604f0955 ÇO |
426 | msg.msg_name = NULL; |
427 | msg.msg_namelen = 0; | |
b0a33c1e | 428 | |
604f0955 ÇO |
429 | iov.iov_base = data ? data : buf; |
430 | iov.iov_len = data ? size : sizeof(buf); | |
431 | msg.msg_iov = &iov; | |
432 | msg.msg_iovlen = 1; | |
b0a33c1e | 433 | |
6168ff15 | 434 | return sendmsg(fd, &msg, MSG_NOSIGNAL); |
b0a33c1e | 435 | } |
436 | ||
aae93dd3 | 437 | int lxc_abstract_unix_rcv_credential(int fd, void *data, size_t size) |
b0a33c1e | 438 | { |
77b0073a | 439 | struct msghdr msg = {0}; |
604f0955 ÇO |
440 | struct iovec iov; |
441 | struct cmsghdr *cmsg; | |
b0a33c1e | 442 | struct ucred cred; |
b0a33c1e | 443 | int ret; |
caf3beb0 CB |
444 | char cmsgbuf[CMSG_SPACE(sizeof(cred))] = {0}; |
445 | char buf[1] = {0}; | |
b0a33c1e | 446 | |
604f0955 ÇO |
447 | msg.msg_name = NULL; |
448 | msg.msg_namelen = 0; | |
449 | msg.msg_control = cmsgbuf; | |
450 | msg.msg_controllen = sizeof(cmsgbuf); | |
b0a33c1e | 451 | |
604f0955 ÇO |
452 | iov.iov_base = data ? data : buf; |
453 | iov.iov_len = data ? size : sizeof(buf); | |
454 | msg.msg_iov = &iov; | |
455 | msg.msg_iovlen = 1; | |
b0a33c1e | 456 | |
457 | ret = recvmsg(fd, &msg, 0); | |
458 | if (ret <= 0) | |
2fb94e95 | 459 | return ret; |
b0a33c1e | 460 | |
604f0955 | 461 | cmsg = CMSG_FIRSTHDR(&msg); |
b0a33c1e | 462 | |
604f0955 | 463 | if (cmsg && cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)) && |
77b0073a CB |
464 | cmsg->cmsg_level == SOL_SOCKET && |
465 | cmsg->cmsg_type == SCM_CREDENTIALS) { | |
0e391e57 | 466 | memcpy(&cred, CMSG_DATA(cmsg), sizeof(cred)); |
2fb94e95 CB |
467 | |
468 | if (cred.uid && (cred.uid != getuid() || cred.gid != getgid())) | |
469 | return log_error_errno(-1, EACCES, | |
470 | "Message denied for '%d/%d'", | |
471 | cred.uid, cred.gid); | |
604f0955 | 472 | } |
9044b79e | 473 | |
604f0955 | 474 | return ret; |
b0a33c1e | 475 | } |
86ce1da1 CB |
476 | |
477 | int lxc_unix_sockaddr(struct sockaddr_un *ret, const char *path) | |
478 | { | |
479 | size_t len; | |
480 | ||
481 | len = strlen(path); | |
482 | if (len == 0) | |
b28be01f | 483 | return ret_errno(EINVAL); |
86ce1da1 | 484 | if (path[0] != '/' && path[0] != '@') |
b28be01f | 485 | return ret_errno(EINVAL); |
86ce1da1 | 486 | if (path[1] == '\0') |
b28be01f | 487 | return ret_errno(EINVAL); |
86ce1da1 CB |
488 | |
489 | if (len + 1 > sizeof(ret->sun_path)) | |
b28be01f | 490 | return ret_errno(EINVAL); |
86ce1da1 CB |
491 | |
492 | *ret = (struct sockaddr_un){ | |
b28be01f | 493 | .sun_family = AF_UNIX, |
86ce1da1 CB |
494 | }; |
495 | ||
496 | if (path[0] == '@') { | |
497 | memcpy(ret->sun_path + 1, path + 1, len); | |
498 | return (int)(offsetof(struct sockaddr_un, sun_path) + len); | |
499 | } | |
500 | ||
501 | memcpy(ret->sun_path, path, len + 1); | |
502 | return (int)(offsetof(struct sockaddr_un, sun_path) + len + 1); | |
503 | } | |
504 | ||
970ef13d | 505 | int lxc_unix_connect_type(struct sockaddr_un *addr, int type) |
86ce1da1 | 506 | { |
f62cf1d4 | 507 | __do_close int fd = -EBADF; |
86ce1da1 CB |
508 | int ret; |
509 | ssize_t len; | |
510 | ||
970ef13d | 511 | fd = socket(AF_UNIX, type | SOCK_CLOEXEC, 0); |
2fb94e95 CB |
512 | if (fd < 0) |
513 | return log_error_errno(-1, errno, | |
514 | "Failed to open new AF_UNIX socket"); | |
86ce1da1 CB |
515 | |
516 | if (addr->sun_path[0] == '\0') | |
517 | len = strlen(&addr->sun_path[1]); | |
518 | else | |
519 | len = strlen(&addr->sun_path[0]); | |
2ac0f627 CB |
520 | |
521 | ret = connect(fd, (struct sockaddr *)addr, | |
522 | offsetof(struct sockaddr_un, sun_path) + len); | |
2fb94e95 CB |
523 | if (ret < 0) |
524 | return log_error_errno(-1, errno, | |
525 | "Failed to bind new AF_UNIX socket"); | |
86ce1da1 CB |
526 | |
527 | return move_fd(fd); | |
528 | } | |
529 | ||
59eac805 | 530 | int lxc_unix_connect(struct sockaddr_un *addr) |
970ef13d WB |
531 | { |
532 | return lxc_unix_connect_type(addr, SOCK_STREAM); | |
533 | } | |
534 | ||
86ce1da1 CB |
535 | int lxc_socket_set_timeout(int fd, int rcv_timeout, int snd_timeout) |
536 | { | |
537 | struct timeval out = {0}; | |
538 | int ret; | |
539 | ||
540 | out.tv_sec = snd_timeout; | |
541 | ret = setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, (const void *)&out, | |
542 | sizeof(out)); | |
543 | if (ret < 0) | |
544 | return -1; | |
545 | ||
546 | out.tv_sec = rcv_timeout; | |
547 | ret = setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, (const void *)&out, | |
548 | sizeof(out)); | |
549 | if (ret < 0) | |
550 | return -1; | |
551 | ||
552 | return 0; | |
553 | } |