]> git.proxmox.com Git - mirror_lxc.git/blob - src/lxc/af_unix.c
projects / mirror_lxc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
licensing: Add missing headers and FSF address
[mirror_lxc.git] / src / lxc / af_unix.c
1 /*
2 * lxc: linux Container library
3 *
4 * (C) Copyright IBM Corp. 2007, 2008
5 *
6 * Authors:
7 * Daniel Lezcano <daniel.lezcano at free.fr>
8 *
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
13 *
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22 */
23 #include <string.h>
24 #include <unistd.h>
25 #include <fcntl.h>
26 #include <errno.h>
27 #define __USE_GNU
28 #include <sys/socket.h>
29 #undef __USE_GNU
30 #include <sys/un.h>
31
32 #include "log.h"
33
34 lxc_log_define(lxc_af_unix, lxc);
35
36 int lxc_af_unix_open(const char *path, int type, int flags)
37 {
38 int fd;
39 size_t len;
40 struct sockaddr_un addr;
41
42 if (flags & O_TRUNC)
43 unlink(path);
44
45 fd = socket(PF_UNIX, type, 0);
46 if (fd < 0)
47 return -1;
48
49 memset(&addr, 0, sizeof(addr));
50
51 if (!path)
52 return fd;
53
54 addr.sun_family = AF_UNIX;
55 /* copy entire buffer in case of abstract socket */
56 len = sizeof(addr.sun_path);
57 if (path[0]) {
58 len = strlen(path);
59 if (len >= sizeof(addr.sun_path)) {
60 close(fd);
61 errno = ENAMETOOLONG;
62 return -1;
63 }
64 }
65 memcpy(addr.sun_path, path, len);
66
67 if (bind(fd, (struct sockaddr *)&addr, sizeof(addr))) {
68 int tmp = errno;
69 close(fd);
70 errno = tmp;
71 return -1;
72 }
73
74 if (type == SOCK_STREAM && listen(fd, 100)) {
75 int tmp = errno;
76 close(fd);
77 errno = tmp;
78 return -1;
79 }
80
81 return fd;
82 }
83
84 int lxc_af_unix_close(int fd)
85 {
86 struct sockaddr_un addr;
87 socklen_t addrlen = sizeof(addr);
88
89 if (!getsockname(fd, (struct sockaddr *)&addr, &addrlen) &&
90 addr.sun_path[0])
91 unlink(addr.sun_path);
92
93 close(fd);
94
95 return 0;
96 }
97
98 int lxc_af_unix_connect(const char *path)
99 {
100 int fd;
101 struct sockaddr_un addr;
102
103 fd = socket(PF_UNIX, SOCK_STREAM, 0);
104 if (fd < 0)
105 return -1;
106
107 memset(&addr, 0, sizeof(addr));
108
109 addr.sun_family = AF_UNIX;
110 /* copy entire buffer in case of abstract socket */
111 memcpy(addr.sun_path, path,
112 path[0]?strlen(path):sizeof(addr.sun_path));
113
114 if (connect(fd, (struct sockaddr *)&addr, sizeof(addr))) {
115 int tmp = errno;
116 close(fd);
117 errno = tmp;
118 return -1;
119 }
120
121 return fd;
122 }
123
124 int lxc_af_unix_send_fd(int fd, int sendfd, void *data, size_t size)
125 {
126 struct msghdr msg = { 0 };
127 struct iovec iov;
128 struct cmsghdr *cmsg;
129 char cmsgbuf[CMSG_SPACE(sizeof(int))];
130 char buf[1];
131 int *val;
132
133 msg.msg_control = cmsgbuf;
134 msg.msg_controllen = sizeof(cmsgbuf);
135
136 cmsg = CMSG_FIRSTHDR(&msg);
137 cmsg->cmsg_len = CMSG_LEN(sizeof(int));
138 cmsg->cmsg_level = SOL_SOCKET;
139 cmsg->cmsg_type = SCM_RIGHTS;
140 val = (int *)(CMSG_DATA(cmsg));
141 *val = sendfd;
142
143 msg.msg_name = NULL;
144 msg.msg_namelen = 0;
145
146 iov.iov_base = data ? data : buf;
147 iov.iov_len = data ? size : sizeof(buf);
148 msg.msg_iov = &iov;
149 msg.msg_iovlen = 1;
150
151 return sendmsg(fd, &msg, 0);
152 }
153
154 int lxc_af_unix_recv_fd(int fd, int *recvfd, void *data, size_t size)
155 {
156 struct msghdr msg = { 0 };
157 struct iovec iov;
158 struct cmsghdr *cmsg;
159 char cmsgbuf[CMSG_SPACE(sizeof(int))];
160 char buf[1];
161 int ret, *val;
162
163 msg.msg_name = NULL;
164 msg.msg_namelen = 0;
165 msg.msg_control = cmsgbuf;
166 msg.msg_controllen = sizeof(cmsgbuf);
167
168 iov.iov_base = data ? data : buf;
169 iov.iov_len = data ? size : sizeof(buf);
170 msg.msg_iov = &iov;
171 msg.msg_iovlen = 1;
172
173 ret = recvmsg(fd, &msg, 0);
174 if (ret <= 0)
175 goto out;
176
177 cmsg = CMSG_FIRSTHDR(&msg);
178
179 /* if the message is wrong the variable will not be
180 * filled and the peer will notified about a problem */
181 *recvfd = -1;
182
183 if (cmsg && cmsg->cmsg_len == CMSG_LEN(sizeof(int)) &&
184 cmsg->cmsg_level == SOL_SOCKET &&
185 cmsg->cmsg_type == SCM_RIGHTS) {
186 val = (int *) CMSG_DATA(cmsg);
187 *recvfd = *val;
188 }
189 out:
190 return ret;
191 }
192
193 int lxc_af_unix_send_credential(int fd, void *data, size_t size)
194 {
195 struct msghdr msg = { 0 };
196 struct iovec iov;
197 struct cmsghdr *cmsg;
198 struct ucred cred = {
199 .pid = getpid(),
200 .uid = getuid(),
201 .gid = getgid(),
202 };
203 char cmsgbuf[CMSG_SPACE(sizeof(cred))];
204 char buf[1];
205
206 msg.msg_control = cmsgbuf;
207 msg.msg_controllen = sizeof(cmsgbuf);
208
209 cmsg = CMSG_FIRSTHDR(&msg);
210 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
211 cmsg->cmsg_level = SOL_SOCKET;
212 cmsg->cmsg_type = SCM_CREDENTIALS;
213 memcpy(CMSG_DATA(cmsg), &cred, sizeof(cred));
214
215 msg.msg_name = NULL;
216 msg.msg_namelen = 0;
217
218 iov.iov_base = data ? data : buf;
219 iov.iov_len = data ? size : sizeof(buf);
220 msg.msg_iov = &iov;
221 msg.msg_iovlen = 1;
222
223 return sendmsg(fd, &msg, 0);
224 }
225
226 int lxc_af_unix_rcv_credential(int fd, void *data, size_t size)
227 {
228 struct msghdr msg = { 0 };
229 struct iovec iov;
230 struct cmsghdr *cmsg;
231 struct ucred cred;
232 char cmsgbuf[CMSG_SPACE(sizeof(cred))];
233 char buf[1];
234 int ret;
235
236 msg.msg_name = NULL;
237 msg.msg_namelen = 0;
238 msg.msg_control = cmsgbuf;
239 msg.msg_controllen = sizeof(cmsgbuf);
240
241 iov.iov_base = data ? data : buf;
242 iov.iov_len = data ? size : sizeof(buf);
243 msg.msg_iov = &iov;
244 msg.msg_iovlen = 1;
245
246 ret = recvmsg(fd, &msg, 0);
247 if (ret <= 0)
248 goto out;
249
250 cmsg = CMSG_FIRSTHDR(&msg);
251
252 if (cmsg && cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)) &&
253 cmsg->cmsg_level == SOL_SOCKET &&
254 cmsg->cmsg_type == SCM_CREDENTIALS) {
255 memcpy(&cred, CMSG_DATA(cmsg), sizeof(cred));
256 if (cred.uid && (cred.uid != getuid() || cred.gid != getgid())) {
257 INFO("message denied for '%d/%d'", cred.uid, cred.gid);
258 return -EACCES;
259 }
260 }
261 out:
262 return ret;
263 }
LXC mirror