src/lxc/af_unix.c

   1 /*
   2  * lxc: linux Container library
   3  *
   4  * (C) Copyright IBM Corp. 2007, 2008
   5  *
   6  * Authors:
   7  * Daniel Lezcano <dlezcano at fr.ibm.com>
   8  *
   9  * This library is free software; you can redistribute it and/or
  10  * modify it under the terms of the GNU Lesser General Public
  11  * License as published by the Free Software Foundation; either
  12  * version 2.1 of the License, or (at your option) any later version.
  13  *
  14  * This library is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  17  * Lesser General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU Lesser General Public
  20  * License along with this library; if not, write to the Free Software
  21  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  22  */
  23 #include <string.h>
  24 #include <unistd.h>
  25 #include <fcntl.h>
  26 #define __USE_GNU
  27 #include <sys/socket.h>
  28 #undef __USE_GNU
  29 #include <sys/un.h>
  30
  31
  32 int lxc_af_unix_open(const char *path, int type, int flags)
  33 {
  34         int fd;
  35         struct sockaddr_un addr;
  36
  37         if (flags & O_TRUNC)
  38                 unlink(path);
  39
  40         fd = socket(PF_UNIX, type, 0);
  41         if (fd < 0)
  42                 return -1;
  43
  44         memset(&addr, 0, sizeof(addr));
  45
  46         if (!path)
  47                 return fd;
  48
  49         addr.sun_family = AF_UNIX;
  50         /* copy entire buffer in case of abstract socket */
  51         memcpy(addr.sun_path, path,
  52                path[0]?strlen(path):sizeof(addr.sun_path));
  53
  54         if (bind(fd, (struct sockaddr *)&addr, sizeof(addr))) {
  55                 close(fd);
  56                 return -1;
  57         }
  58
  59         if (type == SOCK_STREAM && listen(fd, 100)) {
  60                 close(fd);
  61                 return -1;
  62         }
  63
  64         return fd;
  65 }
  66
  67 int lxc_af_unix_close(int fd)
  68 {
  69         struct sockaddr_un addr;
  70         socklen_t addrlen;
  71
  72         if (!getsockname(fd, (struct sockaddr *)&addr, &addrlen) &&
  73             addr.sun_path[0])
  74                 unlink(addr.sun_path);
  75
  76         close(fd);
  77
  78         return 0;
  79 }
  80
  81 int lxc_af_unix_connect(const char *path)
  82 {
  83         int fd;
  84         struct sockaddr_un addr;
  85
  86         fd = socket(PF_UNIX, SOCK_STREAM, 0);
  87         if (fd < 0)
  88                 return -1;
  89
  90         memset(&addr, 0, sizeof(addr));
  91
  92         addr.sun_family = AF_UNIX;
  93         /* copy entire buffer in case of abstract socket */
  94         memcpy(addr.sun_path, path,
  95                path[0]?strlen(path):sizeof(addr.sun_path));
  96
  97         if (connect(fd, (struct sockaddr *)&addr, sizeof(addr))) {
  98                 close(fd);
  99                 return -1;
 100         }
 101
 102         return fd;
 103 }
 104
 105 int lxc_af_unix_send_fd(int fd, int sendfd, void *data, size_t size)
 106 {
 107         struct msghdr msg = { 0 };
 108         struct iovec iov;
 109         struct cmsghdr *cmsg;
 110         char cmsgbuf[CMSG_SPACE(sizeof(int))];
 111         char buf[1];
 112
 113         msg.msg_control = cmsgbuf;
 114         msg.msg_controllen = sizeof(cmsgbuf);
 115
 116         cmsg = CMSG_FIRSTHDR(&msg);
 117         cmsg->cmsg_len = CMSG_LEN(sizeof(int));
 118         cmsg->cmsg_level = SOL_SOCKET;
 119         cmsg->cmsg_type = SCM_RIGHTS;
 120         *((int *) CMSG_DATA(cmsg)) = sendfd;
 121         msg.msg_controllen = cmsg->cmsg_len;
 122
 123         msg.msg_name = NULL;
 124         msg.msg_namelen = 0;
 125
 126         iov.iov_base = data ? data : buf;
 127         iov.iov_len = data ? size : sizeof(buf);
 128         msg.msg_iov = &iov;
 129         msg.msg_iovlen = 1;
 130
 131         return sendmsg(fd, &msg, 0);
 132 }
 133
 134 int lxc_af_unix_recv_fd(int fd, int *recvfd, void *data, size_t size)
 135 {
 136         struct msghdr msg = { 0 };
 137         struct iovec iov;
 138         struct cmsghdr *cmsg;
 139         char cmsgbuf[CMSG_SPACE(sizeof(int))];
 140         char buf[1];
 141         int ret;
 142
 143         msg.msg_name = NULL;
 144         msg.msg_namelen = 0;
 145         msg.msg_control = cmsgbuf;
 146         msg.msg_controllen = sizeof(cmsgbuf);
 147
 148         iov.iov_base = data ? data : buf;
 149         iov.iov_len = data ? size : sizeof(buf);
 150         msg.msg_iov = &iov;
 151         msg.msg_iovlen = 1;
 152
 153         ret = recvmsg(fd, &msg, 0);
 154         if (ret <= 0)
 155                 goto out;
 156
 157         cmsg = CMSG_FIRSTHDR(&msg);
 158
 159         /* if the message is wrong the variable will not be
 160          * filled and the peer will notified about a problem */
 161         *recvfd = -1;
 162
 163         if (cmsg && cmsg->cmsg_len == CMSG_LEN(sizeof(int)) &&
 164             cmsg->cmsg_level == SOL_SOCKET &&
 165             cmsg->cmsg_type == SCM_RIGHTS) {
 166                 *recvfd = *((int *) CMSG_DATA(cmsg));
 167         }
 168 out:
 169         return ret;
 170 }
 171
 172 int lxc_af_unix_send_credential(int fd, void *data, size_t size)
 173 {
 174         struct msghdr msg = { 0 };
 175         struct iovec iov;
 176         struct cmsghdr *cmsg;
 177         struct ucred cred = {
 178                 .pid = getpid(),
 179                 .uid = getuid(),
 180                 .gid = getgid(),
 181         };
 182         char cmsgbuf[CMSG_SPACE(sizeof(cred))];
 183         char buf[1];
 184
 185         msg.msg_control = cmsgbuf;
 186         msg.msg_controllen = sizeof(cmsgbuf);
 187
 188         cmsg = CMSG_FIRSTHDR(&msg);
 189         cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
 190         cmsg->cmsg_level = SOL_SOCKET;
 191         cmsg->cmsg_type = SCM_CREDENTIALS;
 192         *((struct ucred *) CMSG_DATA(cmsg)) = cred;
 193         msg.msg_controllen = cmsg->cmsg_len;
 194
 195         msg.msg_name = NULL;
 196         msg.msg_namelen = 0;
 197
 198         iov.iov_base = data ? data : buf;
 199         iov.iov_len = data ? size : sizeof(buf);
 200         msg.msg_iov = &iov;
 201         msg.msg_iovlen = 1;
 202
 203         return sendmsg(fd, &msg, 0);
 204 }
 205
 206 int lxc_af_unix_rcv_credential(int fd, void *data, size_t size)
 207 {
 208         struct msghdr msg = { 0 };
 209         struct iovec iov;
 210         struct cmsghdr *cmsg;
 211         struct ucred cred;
 212         char cmsgbuf[CMSG_SPACE(sizeof(cred))];
 213         char buf[1];
 214         int ret;
 215
 216         msg.msg_name = NULL;
 217         msg.msg_namelen = 0;
 218         msg.msg_control = cmsgbuf;
 219         msg.msg_controllen = sizeof(cmsgbuf);
 220
 221         iov.iov_base = data ? data : buf;
 222         iov.iov_len = data ? size : sizeof(buf);
 223         msg.msg_iov = &iov;
 224         msg.msg_iovlen = 1;
 225
 226         ret = recvmsg(fd, &msg, 0);
 227         if (ret <= 0)
 228                 goto out;
 229
 230         cmsg = CMSG_FIRSTHDR(&msg);
 231
 232         ret = -1;
 233
 234         if (cmsg && cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)) &&
 235             cmsg->cmsg_level == SOL_SOCKET &&
 236             cmsg->cmsg_type == SCM_CREDENTIALS) {
 237                 cred = *((struct ucred *) CMSG_DATA(cmsg));
 238                 if (cred.uid == getuid() && cred.gid == getgid())
 239                         ret = 0;
 240         }
 241 out:
 242         return ret;
 243 }