]> git.proxmox.com Git - qemu.git/blob - fsdev/virtfs-proxy-helper.c
projects / qemu.git / blob
? search:


204bb4a5404dd1c68751b0178d1b06b806d58ea6
[qemu.git] / fsdev / virtfs-proxy-helper.c
1 /*
2 * Helper for QEMU Proxy FS Driver
3 * Copyright IBM, Corp. 2011
4 *
5 * Authors:
6 * M. Mohan Kumar <mohan@in.ibm.com>
7 *
8 * This work is licensed under the terms of the GNU GPL, version 2. See
9 * the COPYING file in the top-level directory.
10 */
11 #include <stdio.h>
12 #include <sys/socket.h>
13 #include <string.h>
14 #include <sys/un.h>
15 #include <limits.h>
16 #include <signal.h>
17 #include <errno.h>
18 #include <stdlib.h>
19 #include <sys/resource.h>
20 #include <sys/stat.h>
21 #include <getopt.h>
22 #include <unistd.h>
23 #include <syslog.h>
24 #include <sys/capability.h>
25 #include <sys/fsuid.h>
26 #include <stdarg.h>
27 #include <stdbool.h>
28 #include <sys/vfs.h>
29 #include <sys/stat.h>
30 #include "qemu-common.h"
31 #include "virtio-9p-marshal.h"
32 #include "hw/9pfs/virtio-9p-proxy.h"
33 #include "fsdev/virtio-9p-marshal.h"
34
35 #define PROGNAME "virtfs-proxy-helper"
36
37 static struct option helper_opts[] = {
38 {"fd", required_argument, NULL, 'f'},
39 {"path", required_argument, NULL, 'p'},
40 {"nodaemon", no_argument, NULL, 'n'},
41 };
42
43 static bool is_daemon;
44
45 static void do_log(int loglevel, const char *format, ...)
46 {
47 va_list ap;
48
49 va_start(ap, format);
50 if (is_daemon) {
51 vsyslog(LOG_CRIT, format, ap);
52 } else {
53 vfprintf(stderr, format, ap);
54 }
55 va_end(ap);
56 }
57
58 static void do_perror(const char *string)
59 {
60 if (is_daemon) {
61 syslog(LOG_CRIT, "%s:%s", string, strerror(errno));
62 } else {
63 fprintf(stderr, "%s:%s\n", string, strerror(errno));
64 }
65 }
66
67 static int do_cap_set(cap_value_t *cap_value, int size, int reset)
68 {
69 cap_t caps;
70 if (reset) {
71 /*
72 * Start with an empty set and set permitted and effective
73 */
74 caps = cap_init();
75 if (caps == NULL) {
76 do_perror("cap_init");
77 return -1;
78 }
79 if (cap_set_flag(caps, CAP_PERMITTED, size, cap_value, CAP_SET) < 0) {
80 do_perror("cap_set_flag");
81 goto error;
82 }
83 } else {
84 caps = cap_get_proc();
85 if (!caps) {
86 do_perror("cap_get_proc");
87 return -1;
88 }
89 }
90 if (cap_set_flag(caps, CAP_EFFECTIVE, size, cap_value, CAP_SET) < 0) {
91 do_perror("cap_set_flag");
92 goto error;
93 }
94 if (cap_set_proc(caps) < 0) {
95 do_perror("cap_set_proc");
96 goto error;
97 }
98 cap_free(caps);
99 return 0;
100
101 error:
102 cap_free(caps);
103 return -1;
104 }
105
106 static int init_capabilities(void)
107 {
108 /* helper needs following capbabilities only */
109 cap_value_t cap_list[] = {
110 CAP_CHOWN,
111 CAP_DAC_OVERRIDE,
112 CAP_FOWNER,
113 CAP_FSETID,
114 CAP_SETGID,
115 CAP_MKNOD,
116 CAP_SETUID,
117 };
118 return do_cap_set(cap_list, ARRAY_SIZE(cap_list), 1);
119 }
120
121 static int socket_read(int sockfd, void *buff, ssize_t size)
122 {
123 ssize_t retval, total = 0;
124
125 while (size) {
126 retval = read(sockfd, buff, size);
127 if (retval == 0) {
128 return -EIO;
129 }
130 if (retval < 0) {
131 if (errno == EINTR) {
132 continue;
133 }
134 return -errno;
135 }
136 size -= retval;
137 buff += retval;
138 total += retval;
139 }
140 return total;
141 }
142
143 static int socket_write(int sockfd, void *buff, ssize_t size)
144 {
145 ssize_t retval, total = 0;
146
147 while (size) {
148 retval = write(sockfd, buff, size);
149 if (retval < 0) {
150 if (errno == EINTR) {
151 continue;
152 }
153 return -errno;
154 }
155 size -= retval;
156 buff += retval;
157 total += retval;
158 }
159 return total;
160 }
161
162 static int read_request(int sockfd, struct iovec *iovec, ProxyHeader *header)
163 {
164 int retval;
165
166 /*
167 * read the request header.
168 */
169 iovec->iov_len = 0;
170 retval = socket_read(sockfd, iovec->iov_base, PROXY_HDR_SZ);
171 if (retval < 0) {
172 return retval;
173 }
174 iovec->iov_len = PROXY_HDR_SZ;
175 retval = proxy_unmarshal(iovec, 0, "dd", &header->type, &header->size);
176 if (retval < 0) {
177 return retval;
178 }
179 /*
180 * We can't process message.size > PROXY_MAX_IO_SZ.
181 * Treat it as fatal error
182 */
183 if (header->size > PROXY_MAX_IO_SZ) {
184 return -ENOBUFS;
185 }
186 retval = socket_read(sockfd, iovec->iov_base + PROXY_HDR_SZ, header->size);
187 if (retval < 0) {
188 return retval;
189 }
190 iovec->iov_len += header->size;
191 return 0;
192 }
193
194 static int send_fd(int sockfd, int fd)
195 {
196 struct msghdr msg;
197 struct iovec iov;
198 int retval, data;
199 struct cmsghdr *cmsg;
200 union MsgControl msg_control;
201
202 iov.iov_base = &data;
203 iov.iov_len = sizeof(data);
204
205 memset(&msg, 0, sizeof(msg));
206 msg.msg_iov = &iov;
207 msg.msg_iovlen = 1;
208 /* No ancillary data on error */
209 if (fd < 0) {
210 /* fd is really negative errno if the request failed */
211 data = fd;
212 } else {
213 data = V9FS_FD_VALID;
214 msg.msg_control = &msg_control;
215 msg.msg_controllen = sizeof(msg_control);
216
217 cmsg = &msg_control.cmsg;
218 cmsg->cmsg_len = CMSG_LEN(sizeof(fd));
219 cmsg->cmsg_level = SOL_SOCKET;
220 cmsg->cmsg_type = SCM_RIGHTS;
221 memcpy(CMSG_DATA(cmsg), &fd, sizeof(fd));
222 }
223
224 do {
225 retval = sendmsg(sockfd, &msg, 0);
226 } while (retval < 0 && errno == EINTR);
227 if (fd >= 0) {
228 close(fd);
229 }
230 if (retval < 0) {
231 return retval;
232 }
233 return 0;
234 }
235
236 static int send_status(int sockfd, struct iovec *iovec, int status)
237 {
238 ProxyHeader header;
239 int retval, msg_size;;
240
241 if (status < 0) {
242 header.type = T_ERROR;
243 } else {
244 header.type = T_SUCCESS;
245 }
246 header.size = sizeof(status);
247 /*
248 * marshal the return status. We don't check error.
249 * because we are sure we have enough space for the status
250 */
251 msg_size = proxy_marshal(iovec, 0, "ddd", header.type,
252 header.size, status);
253 retval = socket_write(sockfd, iovec->iov_base, msg_size);
254 if (retval < 0) {
255 return retval;
256 }
257 return 0;
258 }
259
260 /*
261 * from man 7 capabilities, section
262 * Effect of User ID Changes on Capabilities:
263 * 4. If the file system user ID is changed from 0 to nonzero (see setfsuid(2))
264 * then the following capabilities are cleared from the effective set:
265 * CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_DAC_READ_SEARCH, CAP_FOWNER, CAP_FSETID,
266 * CAP_LINUX_IMMUTABLE (since Linux 2.2.30), CAP_MAC_OVERRIDE, and CAP_MKNOD
267 * (since Linux 2.2.30). If the file system UID is changed from nonzero to 0,
268 * then any of these capabilities that are enabled in the permitted set
269 * are enabled in the effective set.
270 */
271 static int setfsugid(int uid, int gid)
272 {
273 /*
274 * We still need DAC_OVERRIDE because we don't change
275 * supplementary group ids, and hence may be subjected DAC rules
276 */
277 cap_value_t cap_list[] = {
278 CAP_DAC_OVERRIDE,
279 };
280
281 setfsgid(gid);
282 setfsuid(uid);
283
284 if (uid != 0 || gid != 0) {
285 return do_cap_set(cap_list, ARRAY_SIZE(cap_list), 0);
286 }
287 return 0;
288 }
289
290 /*
291 * send response in two parts
292 * 1) ProxyHeader
293 * 2) Response or error status
294 * This function should be called with marshaled response
295 * send_response constructs header part and error part only.
296 * send response sends {ProxyHeader,Response} if the request was success
297 * otherwise sends {ProxyHeader,error status}
298 */
299 static int send_response(int sock, struct iovec *iovec, int size)
300 {
301 int retval;
302 ProxyHeader header;
303
304 /*
305 * If response size exceeds available iovec->iov_len,
306 * we return ENOBUFS
307 */
308 if (size > PROXY_MAX_IO_SZ) {
309 size = -ENOBUFS;
310 }
311
312 if (size < 0) {
313 /*
314 * In case of error we would not have got the error encoded
315 * already so encode the error here.
316 */
317 header.type = T_ERROR;
318 header.size = sizeof(size);
319 proxy_marshal(iovec, PROXY_HDR_SZ, "d", size);
320 } else {
321 header.type = T_SUCCESS;
322 header.size = size;
323 }
324 proxy_marshal(iovec, 0, "dd", header.type, header.size);
325 retval = socket_write(sock, iovec->iov_base, header.size + PROXY_HDR_SZ);
326 if (retval < 0) {
327 return retval;;
328 }
329 return 0;
330 }
331
332 static void stat_to_prstat(ProxyStat *pr_stat, struct stat *stat)
333 {
334 memset(pr_stat, 0, sizeof(*pr_stat));
335 pr_stat->st_dev = stat->st_dev;
336 pr_stat->st_ino = stat->st_ino;
337 pr_stat->st_nlink = stat->st_nlink;
338 pr_stat->st_mode = stat->st_mode;
339 pr_stat->st_uid = stat->st_uid;
340 pr_stat->st_gid = stat->st_gid;
341 pr_stat->st_rdev = stat->st_rdev;
342 pr_stat->st_size = stat->st_size;
343 pr_stat->st_blksize = stat->st_blksize;
344 pr_stat->st_blocks = stat->st_blocks;
345 pr_stat->st_atim_sec = stat->st_atim.tv_sec;
346 pr_stat->st_atim_nsec = stat->st_atim.tv_nsec;
347 pr_stat->st_mtim_sec = stat->st_mtim.tv_sec;
348 pr_stat->st_mtim_nsec = stat->st_mtim.tv_nsec;
349 pr_stat->st_ctim_sec = stat->st_ctim.tv_sec;
350 pr_stat->st_ctim_nsec = stat->st_ctim.tv_nsec;
351 }
352
353 static void statfs_to_prstatfs(ProxyStatFS *pr_stfs, struct statfs *stfs)
354 {
355 memset(pr_stfs, 0, sizeof(*pr_stfs));
356 pr_stfs->f_type = stfs->f_type;
357 pr_stfs->f_bsize = stfs->f_bsize;
358 pr_stfs->f_blocks = stfs->f_blocks;
359 pr_stfs->f_bfree = stfs->f_bfree;
360 pr_stfs->f_bavail = stfs->f_bavail;
361 pr_stfs->f_files = stfs->f_files;
362 pr_stfs->f_ffree = stfs->f_ffree;
363 pr_stfs->f_fsid[0] = stfs->f_fsid.__val[0];
364 pr_stfs->f_fsid[1] = stfs->f_fsid.__val[1];
365 pr_stfs->f_namelen = stfs->f_namelen;
366 pr_stfs->f_frsize = stfs->f_frsize;
367 }
368
369 /*
370 * Gets stat/statfs information and packs in out_iovec structure
371 * on success returns number of bytes packed in out_iovec struture
372 * otherwise returns -errno
373 */
374 static int do_stat(int type, struct iovec *iovec, struct iovec *out_iovec)
375 {
376 int retval;
377 V9fsString path;
378 ProxyStat pr_stat;
379 ProxyStatFS pr_stfs;
380 struct stat st_buf;
381 struct statfs stfs_buf;
382
383 v9fs_string_init(&path);
384 retval = proxy_unmarshal(iovec, PROXY_HDR_SZ, "s", &path);
385 if (retval < 0) {
386 return retval;
387 }
388
389 switch (type) {
390 case T_LSTAT:
391 retval = lstat(path.data, &st_buf);
392 if (retval < 0) {
393 retval = -errno;
394 } else {
395 stat_to_prstat(&pr_stat, &st_buf);
396 retval = proxy_marshal(out_iovec, PROXY_HDR_SZ,
397 "qqqdddqqqqqqqqqq", pr_stat.st_dev,
398 pr_stat.st_ino, pr_stat.st_nlink,
399 pr_stat.st_mode, pr_stat.st_uid,
400 pr_stat.st_gid, pr_stat.st_rdev,
401 pr_stat.st_size, pr_stat.st_blksize,
402 pr_stat.st_blocks,
403 pr_stat.st_atim_sec, pr_stat.st_atim_nsec,
404 pr_stat.st_mtim_sec, pr_stat.st_mtim_nsec,
405 pr_stat.st_ctim_sec, pr_stat.st_ctim_nsec);
406 }
407 break;
408 case T_STATFS:
409 retval = statfs(path.data, &stfs_buf);
410 if (retval < 0) {
411 retval = -errno;
412 } else {
413 statfs_to_prstatfs(&pr_stfs, &stfs_buf);
414 retval = proxy_marshal(out_iovec, PROXY_HDR_SZ,
415 "qqqqqqqqqqq", pr_stfs.f_type,
416 pr_stfs.f_bsize, pr_stfs.f_blocks,
417 pr_stfs.f_bfree, pr_stfs.f_bavail,
418 pr_stfs.f_files, pr_stfs.f_ffree,
419 pr_stfs.f_fsid[0], pr_stfs.f_fsid[1],
420 pr_stfs.f_namelen, pr_stfs.f_frsize);
421 }
422 break;
423 }
424 v9fs_string_free(&path);
425 return retval;
426 }
427
428 static int do_readlink(struct iovec *iovec, struct iovec *out_iovec)
429 {
430 char *buffer;
431 int size, retval;
432 V9fsString target, path;
433
434 v9fs_string_init(&path);
435 retval = proxy_unmarshal(iovec, PROXY_HDR_SZ, "sd", &path, &size);
436 if (retval < 0) {
437 v9fs_string_free(&path);
438 return retval;
439 }
440 buffer = g_malloc(size);
441 v9fs_string_init(&target);
442 retval = readlink(path.data, buffer, size);
443 if (retval > 0) {
444 buffer[retval] = '\0';
445 v9fs_string_sprintf(&target, "%s", buffer);
446 retval = proxy_marshal(out_iovec, PROXY_HDR_SZ, "s", &target);
447 } else {
448 retval = -errno;
449 }
450 g_free(buffer);
451 v9fs_string_free(&target);
452 v9fs_string_free(&path);
453 return retval;
454 }
455
456 /*
457 * create other filesystem objects and send 0 on success
458 * return -errno on error
459 */
460 static int do_create_others(int type, struct iovec *iovec)
461 {
462 dev_t rdev;
463 int retval = 0;
464 int offset = PROXY_HDR_SZ;
465 V9fsString oldpath, path;
466 int mode, uid, gid, cur_uid, cur_gid;
467
468 v9fs_string_init(&path);
469 v9fs_string_init(&oldpath);
470 cur_uid = geteuid();
471 cur_gid = getegid();
472
473 retval = proxy_unmarshal(iovec, offset, "dd", &uid, &gid);
474 if (retval < 0) {
475 return retval;
476 }
477 offset += retval;
478 retval = setfsugid(uid, gid);
479 if (retval < 0) {
480 retval = -errno;
481 goto err_out;
482 }
483 switch (type) {
484 case T_MKNOD:
485 retval = proxy_unmarshal(iovec, offset, "sdq", &path, &mode, &rdev);
486 if (retval < 0) {
487 goto err_out;
488 }
489 retval = mknod(path.data, mode, rdev);
490 break;
491 case T_MKDIR:
492 retval = proxy_unmarshal(iovec, offset, "sd", &path, &mode);
493 if (retval < 0) {
494 goto err_out;
495 }
496 retval = mkdir(path.data, mode);
497 break;
498 case T_SYMLINK:
499 retval = proxy_unmarshal(iovec, offset, "ss", &oldpath, &path);
500 if (retval < 0) {
501 goto err_out;
502 }
503 retval = symlink(oldpath.data, path.data);
504 break;
505 }
506 if (retval < 0) {
507 retval = -errno;
508 }
509
510 err_out:
511 v9fs_string_free(&path);
512 v9fs_string_free(&oldpath);
513 setfsugid(cur_uid, cur_gid);
514 return retval;
515 }
516
517 /*
518 * create a file and send fd on success
519 * return -errno on error
520 */
521 static int do_create(struct iovec *iovec)
522 {
523 int ret;
524 V9fsString path;
525 int flags, mode, uid, gid, cur_uid, cur_gid;
526
527 v9fs_string_init(&path);
528 ret = proxy_unmarshal(iovec, PROXY_HDR_SZ, "sdddd",
529 &path, &flags, &mode, &uid, &gid);
530 if (ret < 0) {
531 goto unmarshal_err_out;
532 }
533 cur_uid = geteuid();
534 cur_gid = getegid();
535 ret = setfsugid(uid, gid);
536 if (ret < 0) {
537 /*
538 * On failure reset back to the
539 * old uid/gid
540 */
541 ret = -errno;
542 goto err_out;
543 }
544 ret = open(path.data, flags, mode);
545 if (ret < 0) {
546 ret = -errno;
547 }
548
549 err_out:
550 setfsugid(cur_uid, cur_gid);
551 unmarshal_err_out:
552 v9fs_string_free(&path);
553 return ret;
554 }
555
556 /*
557 * open a file and send fd on success
558 * return -errno on error
559 */
560 static int do_open(struct iovec *iovec)
561 {
562 int flags, ret;
563 V9fsString path;
564
565 v9fs_string_init(&path);
566 ret = proxy_unmarshal(iovec, PROXY_HDR_SZ, "sd", &path, &flags);
567 if (ret < 0) {
568 goto err_out;
569 }
570 ret = open(path.data, flags);
571 if (ret < 0) {
572 ret = -errno;
573 }
574 err_out:
575 v9fs_string_free(&path);
576 return ret;
577 }
578
579 static void usage(char *prog)
580 {
581 fprintf(stderr, "usage: %s\n"
582 " -p|--path <path> 9p path to export\n"
583 " {-f|--fd <socket-descriptor>} socket file descriptor to be used\n"
584 " [-n|--nodaemon] Run as a normal program\n",
585 basename(prog));
586 }
587
588 static int process_reply(int sock, int type,
589 struct iovec *out_iovec, int retval)
590 {
591 switch (type) {
592 case T_OPEN:
593 case T_CREATE:
594 if (send_fd(sock, retval) < 0) {
595 return -1;
596 }
597 break;
598 case T_MKNOD:
599 case T_MKDIR:
600 case T_SYMLINK:
601 case T_LINK:
602 case T_CHMOD:
603 case T_CHOWN:
604 case T_TRUNCATE:
605 case T_UTIME:
606 case T_RENAME:
607 case T_REMOVE:
608 if (send_status(sock, out_iovec, retval) < 0) {
609 return -1;
610 }
611 break;
612 case T_LSTAT:
613 case T_STATFS:
614 case T_READLINK:
615 if (send_response(sock, out_iovec, retval) < 0) {
616 return -1;
617 }
618 break;
619 default:
620 return -1;
621 break;
622 }
623 return 0;
624 }
625
626 static int process_requests(int sock)
627 {
628 int retval = 0;
629 uint64_t offset;
630 ProxyHeader header;
631 int mode, uid, gid;
632 struct timespec spec[2];
633 V9fsString oldpath, path;
634 struct iovec in_iovec, out_iovec;
635
636 in_iovec.iov_base = g_malloc(PROXY_MAX_IO_SZ + PROXY_HDR_SZ);
637 in_iovec.iov_len = PROXY_MAX_IO_SZ + PROXY_HDR_SZ;
638 out_iovec.iov_base = g_malloc(PROXY_MAX_IO_SZ + PROXY_HDR_SZ);
639 out_iovec.iov_len = PROXY_MAX_IO_SZ + PROXY_HDR_SZ;
640
641 while (1) {
642 /*
643 * initialize the header type, so that we send
644 * response to proper request type.
645 */
646 header.type = 0;
647 retval = read_request(sock, &in_iovec, &header);
648 if (retval < 0) {
649 goto err_out;
650 }
651
652 switch (header.type) {
653 case T_OPEN:
654 retval = do_open(&in_iovec);
655 break;
656 case T_CREATE:
657 retval = do_create(&in_iovec);
658 break;
659 case T_MKNOD:
660 case T_MKDIR:
661 case T_SYMLINK:
662 retval = do_create_others(header.type, &in_iovec);
663 break;
664 case T_LINK:
665 v9fs_string_init(&path);
666 v9fs_string_init(&oldpath);
667 retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ,
668 "ss", &oldpath, &path);
669 if (retval > 0) {
670 retval = link(oldpath.data, path.data);
671 if (retval < 0) {
672 retval = -errno;
673 }
674 }
675 v9fs_string_free(&oldpath);
676 v9fs_string_free(&path);
677 break;
678 case T_LSTAT:
679 case T_STATFS:
680 retval = do_stat(header.type, &in_iovec, &out_iovec);
681 break;
682 case T_READLINK:
683 retval = do_readlink(&in_iovec, &out_iovec);
684 break;
685 case T_CHMOD:
686 v9fs_string_init(&path);
687 retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ,
688 "sd", &path, &mode);
689 if (retval > 0) {
690 retval = chmod(path.data, mode);
691 if (retval < 0) {
692 retval = -errno;
693 }
694 }
695 v9fs_string_free(&path);
696 break;
697 case T_CHOWN:
698 v9fs_string_init(&path);
699 retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "sdd", &path,
700 &uid, &gid);
701 if (retval > 0) {
702 retval = lchown(path.data, uid, gid);
703 if (retval < 0) {
704 retval = -errno;
705 }
706 }
707 v9fs_string_free(&path);
708 break;
709 case T_TRUNCATE:
710 v9fs_string_init(&path);
711 retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "sq",
712 &path, &offset);
713 if (retval > 0) {
714 retval = truncate(path.data, offset);
715 if (retval < 0) {
716 retval = -errno;
717 }
718 }
719 v9fs_string_free(&path);
720 break;
721 case T_UTIME:
722 v9fs_string_init(&path);
723 retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "sqqqq", &path,
724 &spec[0].tv_sec, &spec[0].tv_nsec,
725 &spec[1].tv_sec, &spec[1].tv_nsec);
726 if (retval > 0) {
727 retval = qemu_utimens(path.data, spec);
728 if (retval < 0) {
729 retval = -errno;
730 }
731 }
732 v9fs_string_free(&path);
733 break;
734 case T_RENAME:
735 v9fs_string_init(&path);
736 v9fs_string_init(&oldpath);
737 retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ,
738 "ss", &oldpath, &path);
739 if (retval > 0) {
740 retval = rename(oldpath.data, path.data);
741 if (retval < 0) {
742 retval = -errno;
743 }
744 }
745 v9fs_string_free(&oldpath);
746 v9fs_string_free(&path);
747 break;
748 case T_REMOVE:
749 v9fs_string_init(&path);
750 retval = proxy_unmarshal(&in_iovec, PROXY_HDR_SZ, "s", &path);
751 if (retval > 0) {
752 retval = remove(path.data);
753 if (retval < 0) {
754 retval = -errno;
755 }
756 }
757 v9fs_string_free(&path);
758 break;
759 default:
760 goto err_out;
761 break;
762 }
763
764 if (process_reply(sock, header.type, &out_iovec, retval) < 0) {
765 goto err_out;
766 }
767 }
768 err_out:
769 g_free(in_iovec.iov_base);
770 g_free(out_iovec.iov_base);
771 return -1;
772 }
773
774 int main(int argc, char **argv)
775 {
776 int sock;
777 char *rpath = NULL;
778 struct stat stbuf;
779 int c, option_index;
780
781 is_daemon = true;
782 sock = -1;
783 while (1) {
784 option_index = 0;
785 c = getopt_long(argc, argv, "p:nh?f:", helper_opts,
786 &option_index);
787 if (c == -1) {
788 break;
789 }
790 switch (c) {
791 case 'p':
792 rpath = strdup(optarg);
793 break;
794 case 'n':
795 is_daemon = false;
796 break;
797 case 'f':
798 sock = atoi(optarg);
799 break;
800 case '?':
801 case 'h':
802 default:
803 usage(argv[0]);
804 exit(EXIT_FAILURE);
805 }
806 }
807
808 /* Parameter validation */
809 if (sock == -1 || rpath == NULL) {
810 fprintf(stderr, "socket descriptor or path not specified\n");
811 usage(argv[0]);
812 exit(EXIT_FAILURE);
813 }
814
815 if (lstat(rpath, &stbuf) < 0) {
816 fprintf(stderr, "invalid path \"%s\" specified, %s\n",
817 rpath, strerror(errno));
818 exit(EXIT_FAILURE);
819 }
820
821 if (!S_ISDIR(stbuf.st_mode)) {
822 fprintf(stderr, "specified path \"%s\" is not directory\n", rpath);
823 exit(EXIT_FAILURE);
824 }
825
826 if (is_daemon) {
827 if (daemon(0, 0) < 0) {
828 fprintf(stderr, "daemon call failed\n");
829 exit(EXIT_FAILURE);
830 }
831 openlog(PROGNAME, LOG_PID, LOG_DAEMON);
832 }
833
834 do_log(LOG_INFO, "Started\n");
835
836 if (chdir("/") < 0) {
837 do_perror("chdir");
838 goto error;
839 }
840 if (chroot(rpath) < 0) {
841 do_perror("chroot");
842 goto error;
843 }
844 umask(0);
845
846 if (init_capabilities() < 0) {
847 goto error;
848 }
849
850 process_requests(sock);
851 error:
852 do_log(LOG_INFO, "Done\n");
853 closelog();
854 return 0;
855 }
Qemu copy for testing