]> git.proxmox.com Git - systemd.git/blob - src/shared/clean-ipc.c
Merge tag 'upstream/229'
[systemd.git] / src / shared / clean-ipc.c
1 /***
2 This file is part of systemd.
3
4 Copyright 2014 Lennart Poettering
5
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
10
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
18 ***/
19
20 #include <dirent.h>
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <limits.h>
24 #include <mqueue.h>
25 #include <stdbool.h>
26 #include <stdio.h>
27 #include <string.h>
28 #include <sys/ipc.h>
29 #include <sys/msg.h>
30 #include <sys/sem.h>
31 #include <sys/shm.h>
32 #include <sys/stat.h>
33 #include <unistd.h>
34
35 #include "clean-ipc.h"
36 #include "dirent-util.h"
37 #include "fd-util.h"
38 #include "fileio.h"
39 #include "formats-util.h"
40 #include "log.h"
41 #include "macro.h"
42 #include "string-util.h"
43 #include "strv.h"
44
45 static int clean_sysvipc_shm(uid_t delete_uid) {
46 _cleanup_fclose_ FILE *f = NULL;
47 char line[LINE_MAX];
48 bool first = true;
49 int ret = 0;
50
51 f = fopen("/proc/sysvipc/shm", "re");
52 if (!f) {
53 if (errno == ENOENT)
54 return 0;
55
56 return log_warning_errno(errno, "Failed to open /proc/sysvipc/shm: %m");
57 }
58
59 FOREACH_LINE(line, f, goto fail) {
60 unsigned n_attached;
61 pid_t cpid, lpid;
62 uid_t uid, cuid;
63 gid_t gid, cgid;
64 int shmid;
65
66 if (first) {
67 first = false;
68 continue;
69 }
70
71 truncate_nl(line);
72
73 if (sscanf(line, "%*i %i %*o %*u " PID_FMT " " PID_FMT " %u " UID_FMT " " GID_FMT " " UID_FMT " " GID_FMT,
74 &shmid, &cpid, &lpid, &n_attached, &uid, &gid, &cuid, &cgid) != 8)
75 continue;
76
77 if (n_attached > 0)
78 continue;
79
80 if (uid != delete_uid)
81 continue;
82
83 if (shmctl(shmid, IPC_RMID, NULL) < 0) {
84
85 /* Ignore entries that are already deleted */
86 if (errno == EIDRM || errno == EINVAL)
87 continue;
88
89 ret = log_warning_errno(errno,
90 "Failed to remove SysV shared memory segment %i: %m",
91 shmid);
92 }
93 }
94
95 return ret;
96
97 fail:
98 return log_warning_errno(errno, "Failed to read /proc/sysvipc/shm: %m");
99 }
100
101 static int clean_sysvipc_sem(uid_t delete_uid) {
102 _cleanup_fclose_ FILE *f = NULL;
103 char line[LINE_MAX];
104 bool first = true;
105 int ret = 0;
106
107 f = fopen("/proc/sysvipc/sem", "re");
108 if (!f) {
109 if (errno == ENOENT)
110 return 0;
111
112 return log_warning_errno(errno, "Failed to open /proc/sysvipc/sem: %m");
113 }
114
115 FOREACH_LINE(line, f, goto fail) {
116 uid_t uid, cuid;
117 gid_t gid, cgid;
118 int semid;
119
120 if (first) {
121 first = false;
122 continue;
123 }
124
125 truncate_nl(line);
126
127 if (sscanf(line, "%*i %i %*o %*u " UID_FMT " " GID_FMT " " UID_FMT " " GID_FMT,
128 &semid, &uid, &gid, &cuid, &cgid) != 5)
129 continue;
130
131 if (uid != delete_uid)
132 continue;
133
134 if (semctl(semid, 0, IPC_RMID) < 0) {
135
136 /* Ignore entries that are already deleted */
137 if (errno == EIDRM || errno == EINVAL)
138 continue;
139
140 ret = log_warning_errno(errno,
141 "Failed to remove SysV semaphores object %i: %m",
142 semid);
143 }
144 }
145
146 return ret;
147
148 fail:
149 return log_warning_errno(errno, "Failed to read /proc/sysvipc/sem: %m");
150 }
151
152 static int clean_sysvipc_msg(uid_t delete_uid) {
153 _cleanup_fclose_ FILE *f = NULL;
154 char line[LINE_MAX];
155 bool first = true;
156 int ret = 0;
157
158 f = fopen("/proc/sysvipc/msg", "re");
159 if (!f) {
160 if (errno == ENOENT)
161 return 0;
162
163 return log_warning_errno(errno, "Failed to open /proc/sysvipc/msg: %m");
164 }
165
166 FOREACH_LINE(line, f, goto fail) {
167 uid_t uid, cuid;
168 gid_t gid, cgid;
169 pid_t cpid, lpid;
170 int msgid;
171
172 if (first) {
173 first = false;
174 continue;
175 }
176
177 truncate_nl(line);
178
179 if (sscanf(line, "%*i %i %*o %*u %*u " PID_FMT " " PID_FMT " " UID_FMT " " GID_FMT " " UID_FMT " " GID_FMT,
180 &msgid, &cpid, &lpid, &uid, &gid, &cuid, &cgid) != 7)
181 continue;
182
183 if (uid != delete_uid)
184 continue;
185
186 if (msgctl(msgid, IPC_RMID, NULL) < 0) {
187
188 /* Ignore entries that are already deleted */
189 if (errno == EIDRM || errno == EINVAL)
190 continue;
191
192 ret = log_warning_errno(errno,
193 "Failed to remove SysV message queue %i: %m",
194 msgid);
195 }
196 }
197
198 return ret;
199
200 fail:
201 return log_warning_errno(errno, "Failed to read /proc/sysvipc/msg: %m");
202 }
203
204 static int clean_posix_shm_internal(DIR *dir, uid_t uid) {
205 struct dirent *de;
206 int ret = 0, r;
207
208 assert(dir);
209
210 FOREACH_DIRENT(de, dir, goto fail) {
211 struct stat st;
212
213 if (STR_IN_SET(de->d_name, "..", "."))
214 continue;
215
216 if (fstatat(dirfd(dir), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
217 if (errno == ENOENT)
218 continue;
219
220 log_warning_errno(errno, "Failed to stat() POSIX shared memory segment %s: %m", de->d_name);
221 ret = -errno;
222 continue;
223 }
224
225 if (st.st_uid != uid)
226 continue;
227
228 if (S_ISDIR(st.st_mode)) {
229 _cleanup_closedir_ DIR *kid;
230
231 kid = xopendirat(dirfd(dir), de->d_name, O_NOFOLLOW|O_NOATIME);
232 if (!kid) {
233 if (errno != ENOENT) {
234 log_warning_errno(errno, "Failed to enter shared memory directory %s: %m", de->d_name);
235 ret = -errno;
236 }
237 } else {
238 r = clean_posix_shm_internal(kid, uid);
239 if (r < 0)
240 ret = r;
241 }
242
243 if (unlinkat(dirfd(dir), de->d_name, AT_REMOVEDIR) < 0) {
244
245 if (errno == ENOENT)
246 continue;
247
248 log_warning_errno(errno, "Failed to remove POSIX shared memory directory %s: %m", de->d_name);
249 ret = -errno;
250 }
251 } else {
252
253 if (unlinkat(dirfd(dir), de->d_name, 0) < 0) {
254
255 if (errno == ENOENT)
256 continue;
257
258 log_warning_errno(errno, "Failed to remove POSIX shared memory segment %s: %m", de->d_name);
259 ret = -errno;
260 }
261 }
262 }
263
264 return ret;
265
266 fail:
267 log_warning_errno(errno, "Failed to read /dev/shm: %m");
268 return -errno;
269 }
270
271 static int clean_posix_shm(uid_t uid) {
272 _cleanup_closedir_ DIR *dir = NULL;
273
274 dir = opendir("/dev/shm");
275 if (!dir) {
276 if (errno == ENOENT)
277 return 0;
278
279 return log_warning_errno(errno, "Failed to open /dev/shm: %m");
280 }
281
282 return clean_posix_shm_internal(dir, uid);
283 }
284
285 static int clean_posix_mq(uid_t uid) {
286 _cleanup_closedir_ DIR *dir = NULL;
287 struct dirent *de;
288 int ret = 0;
289
290 dir = opendir("/dev/mqueue");
291 if (!dir) {
292 if (errno == ENOENT)
293 return 0;
294
295 return log_warning_errno(errno, "Failed to open /dev/mqueue: %m");
296 }
297
298 FOREACH_DIRENT(de, dir, goto fail) {
299 struct stat st;
300 char fn[1+strlen(de->d_name)+1];
301
302 if (STR_IN_SET(de->d_name, "..", "."))
303 continue;
304
305 if (fstatat(dirfd(dir), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
306 if (errno == ENOENT)
307 continue;
308
309 ret = log_warning_errno(errno,
310 "Failed to stat() MQ segment %s: %m",
311 de->d_name);
312 continue;
313 }
314
315 if (st.st_uid != uid)
316 continue;
317
318 fn[0] = '/';
319 strcpy(fn+1, de->d_name);
320
321 if (mq_unlink(fn) < 0) {
322 if (errno == ENOENT)
323 continue;
324
325 ret = log_warning_errno(errno,
326 "Failed to unlink POSIX message queue %s: %m",
327 fn);
328 }
329 }
330
331 return ret;
332
333 fail:
334 return log_warning_errno(errno, "Failed to read /dev/mqueue: %m");
335 }
336
337 int clean_ipc(uid_t uid) {
338 int ret = 0, r;
339
340 /* Refuse to clean IPC of the root and system users */
341 if (uid <= SYSTEM_UID_MAX)
342 return 0;
343
344 r = clean_sysvipc_shm(uid);
345 if (r < 0)
346 ret = r;
347
348 r = clean_sysvipc_sem(uid);
349 if (r < 0)
350 ret = r;
351
352 r = clean_sysvipc_msg(uid);
353 if (r < 0)
354 ret = r;
355
356 r = clean_posix_shm(uid);
357 if (r < 0)
358 ret = r;
359
360 r = clean_posix_mq(uid);
361 if (r < 0)
362 ret = r;
363
364 return ret;
365 }