[PATCH] Multipath: Remove duplicated memset() for multipathd show command. [PATCH] multipath-tools: New way to limit the IPC command length. [PATCH] multipath-tools: Perform socket client uid check on IPC commands. Signed-off-by: Gris Ge --- libmultipath/print.c | 10 ---------- libmultipath/uxsock.c | 38 +++++++++++++++++++++++++++++--------- libmultipath/uxsock.h | 9 +++++++++ multipathd/main.c | 15 +++++++++++++-- multipathd/uxlsnr.c | 31 ++++++++++++++++++++++++++----- multipathd/uxlsnr.h | 8 +++++--- 6 files changed, 82 insertions(+), 29 deletions(-) Index: multipath-tools-130222/libmultipath/print.c =================================================================== --- multipath-tools-130222.orig/libmultipath/print.c +++ multipath-tools-130222/libmultipath/print.c @@ -771,8 +771,6 @@ snprint_multipath_header (char * line, i int fwd; struct multipath_data * data; - memset(line, 0, len); - do { if (!TAIL) break; @@ -806,8 +804,6 @@ snprint_multipath (char * line, int len, struct multipath_data * data; char buff[MAX_FIELD_LEN] = {}; - memset(line, 0, len); - do { if (!TAIL) break; @@ -842,8 +838,6 @@ snprint_path_header (char * line, int le int fwd; struct path_data * data; - memset(line, 0, len); - do { if (!TAIL) break; @@ -877,8 +871,6 @@ snprint_path (char * line, int len, char struct path_data * data; char buff[MAX_FIELD_LEN]; - memset(line, 0, len); - do { if (!TAIL) break; @@ -914,8 +906,6 @@ snprint_pathgroup (char * line, int len, struct pathgroup_data * data; char buff[MAX_FIELD_LEN]; - memset(line, 0, len); - do { if (!TAIL) break; Index: multipath-tools-130222/libmultipath/uxsock.c =================================================================== --- multipath-tools-130222.orig/libmultipath/uxsock.c +++ multipath-tools-130222/libmultipath/uxsock.c @@ -20,6 +20,15 @@ #include "memory.h" #include "uxsock.h" + +/* + * Code is similar with mpath_recv_reply() with data size limitation + * and debug-able malloc. + * When limit == 0, it means no limit on data size, used for socket client + * to receiving data from multipathd. + */ +static int _recv_packet(int fd, char **buf, ssize_t limit); + /* * create a unix domain socket and start listening on it * return a file descriptor open on the socket @@ -95,27 +104,38 @@ int send_packet(int fd, const char *buf) return ret; } -/* - * receive a packet in length prefix format - */ -int recv_packet(int fd, char **buf) +static int _recv_packet(int fd, char **buf, ssize_t limit) { - int err; - ssize_t len; + int err = 0; + ssize_t len = 0; unsigned int timeout = DEFAULT_REPLY_TIMEOUT; *buf = NULL; len = mpath_recv_reply_len(fd, timeout); if (len <= 0) return len; + if ((limit > 0) && (len > limit)) + return -EINVAL; (*buf) = MALLOC(len); if (!*buf) return -ENOMEM; err = mpath_recv_reply_data(fd, *buf, len, timeout); - if (err) { + if (err != 0) { FREE(*buf); (*buf) = NULL; - return err; } - return 0; + return err; +} + +/* + * receive a packet in length prefix format + */ +int recv_packet(int fd, char **buf) +{ + return _recv_packet(fd, buf, 0 /* no limit */); +} + +int recv_packet_from_client(int fd, char **buf) +{ + return _recv_packet(fd, buf, _MAX_CMD_LEN); } Index: multipath-tools-130222/libmultipath/uxsock.h =================================================================== --- multipath-tools-130222.orig/libmultipath/uxsock.h +++ multipath-tools-130222/libmultipath/uxsock.h @@ -3,3 +3,12 @@ int ux_socket_listen(const char *name); int send_packet(int fd, const char *buf); int recv_packet(int fd, char **buf); size_t write_all(int fd, const void *buf, size_t len); + +#define _MAX_CMD_LEN 512 + +/* + * Used for receiving socket command from untrusted socket client where data + * size is restricted to 512(_MAX_CMD_LEN) at most. + * Return -EINVAL if data length requested by client exceeded the _MAX_CMD_LEN. + */ +int recv_packet_from_client(int fd, char **buf); Index: multipath-tools-130222/multipathd/main.c =================================================================== --- multipath-tools-130222.orig/multipathd/main.c +++ multipath-tools-130222/multipathd/main.c @@ -18,6 +18,7 @@ #include #include #include +#include #include #include "prioritizers/alua_rtpg.h" @@ -859,7 +860,8 @@ map_discovery (struct vectors * vecs) } int -uxsock_trigger (char * str, char ** reply, int * len, void * trigger_data) +uxsock_trigger (char * str, char ** reply, int * len, bool is_root, + void * trigger_data) { struct vectors * vecs; int r; @@ -872,6 +874,15 @@ uxsock_trigger (char * str, char ** repl lock(vecs->lock); pthread_testcancel(); + if ((str != NULL) && (is_root == false) && + (strncmp(str, "list", strlen("list")) != 0) && + (strncmp(str, "show", strlen("show")) != 0)) { + *reply = STRDUP("permission deny: need to be root"); + *len = strlen(*reply) + 1; + r = 1; + goto out; + } + r = parse_cmd(str, reply, len, vecs); if (r > 0) { @@ -885,7 +896,7 @@ uxsock_trigger (char * str, char ** repl r = 0; } /* else if (r < 0) leave *reply alone */ - +out: lock_cleanup_pop(vecs->lock); return r; } Index: multipath-tools-130222/multipathd/uxlsnr.c =================================================================== --- multipath-tools-130222.orig/multipathd/uxlsnr.c +++ multipath-tools-130222/multipathd/uxlsnr.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include #include @@ -48,6 +49,23 @@ struct pollfd *polls; volatile sig_atomic_t reconfig_sig = 0; volatile sig_atomic_t log_reset_sig = 0; +static bool _socket_client_is_root(int fd); + +static bool _socket_client_is_root(int fd) +{ + socklen_t len = 0; + struct ucred uc; + + len = sizeof(struct ucred); + if ((fd >= 0) && + (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &uc, &len) == 0) && + (uc.uid == 0)) + return true; + + /* Treat error as not root client */ + return false; +} + /* * handle a new client joining */ @@ -105,8 +123,7 @@ void uxsock_cleanup(void *arg) /* * entry point */ -void * uxsock_listen(int (*uxsock_trigger)(char *, char **, int *, void *), - void * trigger_data) +void * uxsock_listen(uxsock_trigger_fn uxsock_trigger, void * trigger_data) { int ux_sock; int rlen; @@ -171,12 +188,16 @@ void * uxsock_listen(int (*uxsock_trigge struct client *next = c->next; if (polls[i].revents & POLLIN) { - if (recv_packet(c->fd, &inbuf) != 0) { + if (recv_packet_from_client(c->fd, + &inbuf) != 0) { dead_client(c); + } else if (!inbuf) { + condlog(4, "recv_packet_from_client " + "get null request"); + continue; } else { condlog(4, "Got request [%s]", inbuf); - uxsock_trigger(inbuf, &reply, &rlen, - trigger_data); + uxsock_trigger(inbuf, &reply, &rlen, _socket_client_is_root(c->fd), trigger_data); if (reply) { if (send_packet(c->fd, reply) != 0) { Index: multipath-tools-130222/multipathd/uxlsnr.h =================================================================== --- multipath-tools-130222.orig/multipathd/uxlsnr.h +++ multipath-tools-130222/multipathd/uxlsnr.h @@ -1,9 +1,11 @@ #ifndef _UXLSNR_H #define _UXLSNR_H -void * uxsock_listen(int (*uxsock_trigger) - (char *, char **, int *, void *), - void * trigger_data); +#include + +typedef int (uxsock_trigger_fn)(char *, char **, int *, bool, void *); + +void *uxsock_listen(uxsock_trigger_fn uxsock_trigger, void * trigger_data); extern volatile sig_atomic_t reconfig_sig; extern volatile sig_atomic_t log_reset_sig;