]>
git.proxmox.com Git - mirror_lxc.git/blob - src/lxc/af_unix.c
2 * lxc: linux Container library
4 * (C) Copyright IBM Corp. 2007, 2008
7 * Daniel Lezcano <daniel.lezcano at free.fr>
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
32 #include <sys/socket.h>
33 #include <sys/syscall.h>
39 lxc_log_define(lxc_af_unix
, lxc
);
41 int lxc_abstract_unix_open(const char *path
, int type
, int flags
)
45 struct sockaddr_un addr
;
47 fd
= socket(PF_UNIX
, type
, 0);
51 /* Clear address structure */
52 memset(&addr
, 0, sizeof(addr
));
57 addr
.sun_family
= AF_UNIX
;
59 len
= strlen(&path
[1]);
60 /* do not enforce \0-termination */
61 if (len
>= sizeof(addr
.sun_path
)) {
66 /* addr.sun_path[0] has already been set to 0 by memset() */
67 strncpy(&addr
.sun_path
[1], &path
[1], len
);
69 ret
= bind(fd
, (struct sockaddr
*)&addr
,
70 offsetof(struct sockaddr_un
, sun_path
) + len
+ 1);
78 if (type
== SOCK_STREAM
) {
79 ret
= listen(fd
, 100);
92 int lxc_abstract_unix_close(int fd
)
98 int lxc_abstract_unix_connect(const char *path
)
102 struct sockaddr_un addr
;
104 fd
= socket(PF_UNIX
, SOCK_STREAM
, 0);
108 memset(&addr
, 0, sizeof(addr
));
110 addr
.sun_family
= AF_UNIX
;
112 len
= strlen(&path
[1]);
113 /* do not enforce \0-termination */
114 if (len
>= sizeof(addr
.sun_path
)) {
116 errno
= ENAMETOOLONG
;
119 /* addr.sun_path[0] has already been set to 0 by memset() */
120 strncpy(&addr
.sun_path
[1], &path
[1], strlen(&path
[1]));
122 ret
= connect(fd
, (struct sockaddr
*)&addr
,
123 offsetof(struct sockaddr_un
, sun_path
) + len
+ 1);
132 int lxc_abstract_unix_send_fds(int fd
, int *sendfds
, int num_sendfds
,
133 void *data
, size_t size
)
138 struct cmsghdr
*cmsg
= NULL
;
141 size_t cmsgbufsize
= CMSG_SPACE(num_sendfds
* sizeof(int));
143 memset(&msg
, 0, sizeof(msg
));
144 memset(&iov
, 0, sizeof(iov
));
146 cmsgbuf
= malloc(cmsgbufsize
);
150 msg
.msg_control
= cmsgbuf
;
151 msg
.msg_controllen
= cmsgbufsize
;
153 cmsg
= CMSG_FIRSTHDR(&msg
);
154 cmsg
->cmsg_level
= SOL_SOCKET
;
155 cmsg
->cmsg_type
= SCM_RIGHTS
;
156 cmsg
->cmsg_len
= CMSG_LEN(num_sendfds
* sizeof(int));
158 msg
.msg_controllen
= cmsg
->cmsg_len
;
160 memcpy(CMSG_DATA(cmsg
), sendfds
, num_sendfds
* sizeof(int));
162 iov
.iov_base
= data
? data
: buf
;
163 iov
.iov_len
= data
? size
: sizeof(buf
);
167 ret
= sendmsg(fd
, &msg
, MSG_NOSIGNAL
);
172 int lxc_abstract_unix_recv_fds(int fd
, int *recvfds
, int num_recvfds
,
173 void *data
, size_t size
)
178 struct cmsghdr
*cmsg
= NULL
;
181 size_t cmsgbufsize
= CMSG_SPACE(num_recvfds
* sizeof(int));
183 memset(&msg
, 0, sizeof(msg
));
184 memset(&iov
, 0, sizeof(iov
));
186 cmsgbuf
= malloc(cmsgbufsize
);
190 msg
.msg_control
= cmsgbuf
;
191 msg
.msg_controllen
= cmsgbufsize
;
193 iov
.iov_base
= data
? data
: buf
;
194 iov
.iov_len
= data
? size
: sizeof(buf
);
198 ret
= recvmsg(fd
, &msg
, 0);
202 cmsg
= CMSG_FIRSTHDR(&msg
);
204 memset(recvfds
, -1, num_recvfds
* sizeof(int));
205 if (cmsg
&& cmsg
->cmsg_len
== CMSG_LEN(num_recvfds
* sizeof(int)) &&
206 cmsg
->cmsg_level
== SOL_SOCKET
&& cmsg
->cmsg_type
== SCM_RIGHTS
) {
207 memcpy(recvfds
, CMSG_DATA(cmsg
), num_recvfds
* sizeof(int));
215 int lxc_abstract_unix_send_credential(int fd
, void *data
, size_t size
)
217 struct msghdr msg
= {0};
219 struct cmsghdr
*cmsg
;
220 struct ucred cred
= {
221 .pid
= lxc_raw_getpid(), .uid
= getuid(), .gid
= getgid(),
223 char cmsgbuf
[CMSG_SPACE(sizeof(cred
))] = {0};
226 msg
.msg_control
= cmsgbuf
;
227 msg
.msg_controllen
= sizeof(cmsgbuf
);
229 cmsg
= CMSG_FIRSTHDR(&msg
);
230 cmsg
->cmsg_len
= CMSG_LEN(sizeof(struct ucred
));
231 cmsg
->cmsg_level
= SOL_SOCKET
;
232 cmsg
->cmsg_type
= SCM_CREDENTIALS
;
233 memcpy(CMSG_DATA(cmsg
), &cred
, sizeof(cred
));
238 iov
.iov_base
= data
? data
: buf
;
239 iov
.iov_len
= data
? size
: sizeof(buf
);
243 return sendmsg(fd
, &msg
, MSG_NOSIGNAL
);
246 int lxc_abstract_unix_rcv_credential(int fd
, void *data
, size_t size
)
248 struct msghdr msg
= {0};
250 struct cmsghdr
*cmsg
;
253 char cmsgbuf
[CMSG_SPACE(sizeof(cred
))] = {0};
258 msg
.msg_control
= cmsgbuf
;
259 msg
.msg_controllen
= sizeof(cmsgbuf
);
261 iov
.iov_base
= data
? data
: buf
;
262 iov
.iov_len
= data
? size
: sizeof(buf
);
266 ret
= recvmsg(fd
, &msg
, 0);
270 cmsg
= CMSG_FIRSTHDR(&msg
);
272 if (cmsg
&& cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
)) &&
273 cmsg
->cmsg_level
== SOL_SOCKET
&&
274 cmsg
->cmsg_type
== SCM_CREDENTIALS
) {
275 memcpy(&cred
, CMSG_DATA(cmsg
), sizeof(cred
));
277 (cred
.uid
!= getuid() || cred
.gid
!= getgid())) {
278 INFO("message denied for '%d/%d'", cred
.uid
, cred
.gid
);