1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*
3 * Privilege Separation for dhcpcd, control proxy
4 * Copyright (c) 2006-2023 Roy Marples <roy@marples.name>
5 * All rights reserved
6
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 */
28
29 #include <errno.h>
30 #include <stdlib.h>
31 #include <string.h>
32
33 #include "dhcpcd.h"
34 #include "control.h"
35 #include "eloop.h"
36 #include "logerr.h"
37 #include "privsep.h"
38
39 static int
ps_ctl_startcb(struct ps_process * psp)40 ps_ctl_startcb(struct ps_process *psp)
41 {
42 struct dhcpcd_ctx *ctx = psp->psp_ctx;
43 sa_family_t af;
44
45 if (ctx->options & DHCPCD_MANAGER) {
46 setproctitle("[control proxy]");
47 af = AF_UNSPEC;
48 } else {
49 setproctitle("[control proxy] %s%s%s",
50 ctx->ifv[0],
51 ctx->options & DHCPCD_IPV4 ? " [ip4]" : "",
52 ctx->options & DHCPCD_IPV6 ? " [ip6]" : "");
53 if ((ctx->options &
54 (DHCPCD_IPV4 | DHCPCD_IPV6)) == DHCPCD_IPV4)
55 af = AF_INET;
56 else if ((ctx->options &
57 (DHCPCD_IPV4 | DHCPCD_IPV6)) == DHCPCD_IPV6)
58 af = AF_INET6;
59 else
60 af = AF_UNSPEC;
61 }
62
63 return control_start(ctx,
64 ctx->options & DHCPCD_MANAGER ? NULL : *ctx->ifv, af);
65 }
66
67 static void
ps_ctl_recvmsg(void * arg,unsigned short events)68 ps_ctl_recvmsg(void *arg, unsigned short events)
69 {
70 struct ps_process *psp = arg;
71
72 if (ps_recvpsmsg(psp->psp_ctx, psp->psp_fd, events, NULL, NULL) == -1)
73 logerr(__func__);
74 }
75
76 ssize_t
ps_ctl_handleargs(struct fd_list * fd,char * data,size_t len)77 ps_ctl_handleargs(struct fd_list *fd, char *data, size_t len)
78 {
79
80 /* Make any change here in dhcpcd.c as well. */
81 if (strncmp(data, "--version",
82 MIN(strlen("--version"), len)) == 0) {
83 return control_queue(fd, UNCONST(VERSION),
84 strlen(VERSION) + 1);
85 } else if (strncmp(data, "--getconfigfile",
86 MIN(strlen("--getconfigfile"), len)) == 0) {
87 return control_queue(fd, UNCONST(fd->ctx->cffile),
88 strlen(fd->ctx->cffile) + 1);
89 } else if (strncmp(data, "--listen",
90 MIN(strlen("--listen"), len)) == 0) {
91 fd->flags |= FD_LISTEN;
92 return 0;
93 }
94
95 if (fd->ctx->ps_control_client != NULL &&
96 fd->ctx->ps_control_client != fd)
97 {
98 logerrx("%s: cannot handle another client", __func__);
99 return 0;
100 }
101 return 1;
102 }
103
104 static ssize_t
ps_ctl_dispatch(void * arg,struct ps_msghdr * psm,struct msghdr * msg)105 ps_ctl_dispatch(void *arg, struct ps_msghdr *psm, struct msghdr *msg)
106 {
107 struct dhcpcd_ctx *ctx = arg;
108 struct iovec *iov = msg->msg_iov;
109 struct fd_list *fd;
110 unsigned int fd_flags = FD_SENDLEN;
111
112 switch (psm->ps_flags) {
113 case PS_CTL_PRIV:
114 break;
115 case PS_CTL_UNPRIV:
116 fd_flags |= FD_UNPRIV;
117 break;
118 }
119
120 switch (psm->ps_cmd) {
121 case PS_CTL:
122 if (msg->msg_iovlen != 1) {
123 errno = EINVAL;
124 return -1;
125 }
126 if (ctx->ps_control_client != NULL) {
127 logerrx("%s: cannot handle another client", __func__);
128 return 0;
129 }
130 fd = control_new(ctx, ctx->ps_ctl->psp_work_fd, fd_flags);
131 if (fd == NULL)
132 return -1;
133 ctx->ps_control_client = fd;
134 control_recvdata(fd, iov->iov_base, iov->iov_len);
135 break;
136 case PS_CTL_EOF:
137 ctx->ps_control_client = NULL;
138 break;
139 default:
140 errno = ENOTSUP;
141 return -1;
142 }
143 return 0;
144 }
145
146 static void
ps_ctl_dodispatch(void * arg,unsigned short events)147 ps_ctl_dodispatch(void *arg, unsigned short events)
148 {
149 struct ps_process *psp = arg;
150
151 if (ps_recvpsmsg(psp->psp_ctx, psp->psp_fd, events,
152 ps_ctl_dispatch, psp->psp_ctx) == -1)
153 logerr(__func__);
154 }
155
156 static void
ps_ctl_recv(void * arg,unsigned short events)157 ps_ctl_recv(void *arg, unsigned short events)
158 {
159 struct dhcpcd_ctx *ctx = arg;
160 char buf[BUFSIZ];
161 ssize_t len;
162
163 if (!(events & (ELE_READ | ELE_HANGUP)))
164 logerrx("%s: unexpected event 0x%04x", __func__, events);
165
166 if (events & ELE_READ) {
167 len = read(ctx->ps_ctl->psp_work_fd, buf, sizeof(buf));
168 if (len == -1)
169 logerr("%s: read", __func__);
170 else if (len == 0)
171 // FIXME: Why does this happen?
172 ;
173 else if (ctx->ps_control_client == NULL)
174 logerrx("%s: clientfd #%d disconnected (len=%zd)",
175 __func__, ctx->ps_ctl->psp_work_fd, len);
176 else {
177 errno = 0;
178 if (control_queue(ctx->ps_control_client,
179 buf, (size_t)len) == -1)
180 logerr("%s: control_queue", __func__);
181 }
182 }
183 }
184
185 static void
ps_ctl_listen(void * arg,unsigned short events)186 ps_ctl_listen(void *arg, unsigned short events)
187 {
188 struct dhcpcd_ctx *ctx = arg;
189 char buf[BUFSIZ];
190 ssize_t len;
191 struct fd_list *fd;
192
193 if (!(events & ELE_READ))
194 logerrx("%s: unexpected event 0x%04x", __func__, events);
195
196 len = read(ctx->ps_control->fd, buf, sizeof(buf));
197 if (len == -1) {
198 logerr("%s: read", __func__);
199 eloop_exit(ctx->eloop, EXIT_FAILURE);
200 return;
201 }
202
203 /* Send to our listeners */
204 TAILQ_FOREACH(fd, &ctx->control_fds, next) {
205 if (!(fd->flags & FD_LISTEN))
206 continue;
207 if (control_queue(fd, buf, (size_t)len)== -1)
208 logerr("%s: control_queue", __func__);
209 }
210 }
211
212 pid_t
ps_ctl_start(struct dhcpcd_ctx * ctx)213 ps_ctl_start(struct dhcpcd_ctx *ctx)
214 {
215 struct ps_id id = {
216 .psi_ifindex = 0,
217 .psi_cmd = PS_CTL,
218 };
219 struct ps_process *psp;
220 int data_fd[2], listen_fd[2];
221 pid_t pid;
222
223 if (xsocketpair(AF_UNIX, SOCK_STREAM | SOCK_CXNB, 0, data_fd) == -1 ||
224 xsocketpair(AF_UNIX, SOCK_STREAM | SOCK_CXNB, 0, listen_fd) == -1)
225 return -1;
226 #ifdef PRIVSEP_RIGHTS
227 if (ps_rights_limit_fdpair(data_fd) == -1 ||
228 ps_rights_limit_fdpair(listen_fd) == -1)
229 return -1;
230 #endif
231
232 psp = ctx->ps_ctl = ps_newprocess(ctx, &id);
233 strlcpy(psp->psp_name, "control proxy", sizeof(psp->psp_name));
234 pid = ps_startprocess(psp, ps_ctl_recvmsg, ps_ctl_dodispatch,
235 ps_ctl_startcb, NULL, PSF_DROPPRIVS);
236
237 if (pid == -1)
238 return -1;
239 else if (pid != 0) {
240 psp->psp_work_fd = data_fd[1];
241 close(data_fd[0]);
242 ctx->ps_control = control_new(ctx,
243 listen_fd[1], FD_SENDLEN | FD_LISTEN);
244 if (ctx->ps_control == NULL)
245 return -1;
246 close(listen_fd[0]);
247 return pid;
248 }
249
250 psp->psp_work_fd = data_fd[0];
251 close(data_fd[1]);
252 if (eloop_event_add(ctx->eloop, psp->psp_work_fd, ELE_READ,
253 ps_ctl_recv, ctx) == -1)
254 return -1;
255
256 ctx->ps_control = control_new(ctx, listen_fd[0], 0);
257 close(listen_fd[1]);
258 if (ctx->ps_control == NULL)
259 return -1;
260 if (eloop_event_add(ctx->eloop, ctx->ps_control->fd, ELE_READ,
261 ps_ctl_listen, ctx) == -1)
262 return -1;
263
264 ps_entersandbox("stdio inet", NULL);
265 return 0;
266 }
267
268 int
ps_ctl_stop(struct dhcpcd_ctx * ctx)269 ps_ctl_stop(struct dhcpcd_ctx *ctx)
270 {
271
272 return ps_stopprocess(ctx->ps_ctl);
273 }
274
275 ssize_t
ps_ctl_sendargs(struct fd_list * fd,void * data,size_t len)276 ps_ctl_sendargs(struct fd_list *fd, void *data, size_t len)
277 {
278 struct dhcpcd_ctx *ctx = fd->ctx;
279
280 if (ctx->ps_control_client != NULL && ctx->ps_control_client != fd)
281 logerrx("%s: cannot deal with another client", __func__);
282 ctx->ps_control_client = fd;
283 return ps_sendcmd(ctx, ctx->ps_ctl->psp_fd, PS_CTL,
284 fd->flags & FD_UNPRIV ? PS_CTL_UNPRIV : PS_CTL_PRIV,
285 data, len);
286 }
287
288 ssize_t
ps_ctl_sendeof(struct fd_list * fd)289 ps_ctl_sendeof(struct fd_list *fd)
290 {
291 struct dhcpcd_ctx *ctx = fd->ctx;
292
293 return ps_sendcmd(ctx, ctx->ps_ctl->psp_fd, PS_CTL_EOF, 0, NULL, 0);
294 }
295