Project

General

Profile

Bug #1286 ยป 0001-Fix-Use-unix-socket-peercred-for-pid-uid-gid-credent.patch

Mathieu Desnoyers, 10/12/2020 04:57 PM

View differences:

include/lttng/ust-error.h
LTTNG_UST_ERR_INVAL_MAGIC = 1031, /* Invalid magic number */
LTTNG_UST_ERR_INVAL_SOCKET_TYPE = 1032, /* Invalid socket type */
LTTNG_UST_ERR_UNSUP_MAJOR = 1033, /* Unsupported major version */
LTTNG_UST_ERR_PEERCRED = 1034, /* Cannot get unix socket peer credentials */
/* MUST be last element */
LTTNG_UST_ERR_NR, /* Last element */
liblttng-ust-comm/lttng-ust-comm.c
[ USTCOMM_CODE_OFFSET(LTTNG_UST_ERR_INVAL_MAGIC) ] = "Invalid magic number",
[ USTCOMM_CODE_OFFSET(LTTNG_UST_ERR_INVAL_SOCKET_TYPE) ] = "Invalid socket type",
[ USTCOMM_CODE_OFFSET(LTTNG_UST_ERR_UNSUP_MAJOR) ] = "Unsupported major version",
[ USTCOMM_CODE_OFFSET(LTTNG_UST_ERR_PEERCRED) ] = "Cannot get unix socket peer credentials",
};
/*
liblttng-ust-ctl/ustctl.c
#include <string.h>
#include <sys/mman.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <lttng/ust-config.h>
#include <lttng/ust-ctl.h>
......
{
ssize_t len;
struct ustctl_reg_msg reg_msg;
struct ucred ucred;
socklen_t ucred_len = sizeof(struct ucred);
int ret;
len = ustcomm_recv_unix_sock(sock, &reg_msg, sizeof(reg_msg));
if (len > 0 && len != sizeof(reg_msg))
......
}
*major = reg_msg.major;
*minor = reg_msg.minor;
*pid = reg_msg.pid;
*ppid = reg_msg.ppid;
*uid = reg_msg.uid;
*gid = reg_msg.gid;
*bits_per_long = reg_msg.bits_per_long;
*uint8_t_alignment = reg_msg.uint8_t_alignment;
*uint16_t_alignment = reg_msg.uint16_t_alignment;
......
return -LTTNG_UST_ERR_UNSUP_MAJOR;
}
/* Override application pid/gid/uid with unix socket credentials. */
#ifdef __linux__
ret = getsockopt(sock, SOL_SOCKET, SO_PEERCRED, &ucred, &ucred_len);
if (ret) {
return -LTTNG_UST_ERR_PEERCRED;
}
DBG("Unix socket peercred [ pid: %u, uid: %u, gid: %u ], "
"application registered claiming [ pid: %u, uid: %u, gid: %u ]",
ucred.pid, ucred.uid, ucred.gid,
reg_msg.pid, reg_msg.uid, reg_msg.gid);
*pid = ucred.pid;
*uid = ucred.uid;
*gid = ucred.gid;
#else
/* TODO: implement for BSD as well with LOCAL_PEERCRED (provides uid and gid only). */
DBG("Application registered claiming [ pid: %u, uid: %u, gid: %u ]",
reg_msg.pid, reg_msg.uid, reg_msg.gid);
*pid = reg_msg.pid;
*uid = reg_msg.uid;
*gid = reg_msg.gid;
#endif
/*
* The parent pid is unused, and it is tricky to get without
* using /proc and thus being affected by pid-reuse. So rather
* than expose a parent pid number which should not be trusted,
* set it to -1.
*/
*ppid = -1;
return 0;
}
    (1-1/1)