1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Privilege Separation for dhcpcd, control proxy 4 * Copyright (c) 2006-2023 Roy Marples <roy@marples.name> 5 * All rights reserved 6 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <errno.h> 30 #include <stdlib.h> 31 #include <string.h> 32 33 #include "dhcpcd.h" 34 #include "control.h" 35 #include "eloop.h" 36 #include "logerr.h" 37 #include "privsep.h" 38 39 static int 40 ps_ctl_startcb(struct ps_process *psp) 41 { 42 struct dhcpcd_ctx *ctx = psp->psp_ctx; 43 sa_family_t af; 44 45 if (ctx->options & DHCPCD_MANAGER) { 46 setproctitle("[control proxy]"); 47 af = AF_UNSPEC; 48 } else { 49 setproctitle("[control proxy] %s%s%s", 50 ctx->ifv[0], 51 ctx->options & DHCPCD_IPV4 ? " [ip4]" : "", 52 ctx->options & DHCPCD_IPV6 ? " [ip6]" : ""); 53 if ((ctx->options & 54 (DHCPCD_IPV4 | DHCPCD_IPV6)) == DHCPCD_IPV4) 55 af = AF_INET; 56 else if ((ctx->options & 57 (DHCPCD_IPV4 | DHCPCD_IPV6)) == DHCPCD_IPV6) 58 af = AF_INET6; 59 else 60 af = AF_UNSPEC; 61 } 62 63 return control_start(ctx, 64 ctx->options & DHCPCD_MANAGER ? NULL : *ctx->ifv, af); 65 } 66 67 static ssize_t 68 ps_ctl_recvmsgcb(void *arg, struct ps_msghdr *psm, __unused struct msghdr *msg) 69 { 70 struct dhcpcd_ctx *ctx = arg; 71 72 if (psm->ps_cmd != PS_CTL_EOF) { 73 errno = ENOTSUP; 74 return -1; 75 } 76 77 ctx->ps_control_client = NULL; 78 return 0; 79 } 80 81 static void 82 ps_ctl_recvmsg(void *arg, unsigned short events) 83 { 84 struct ps_process *psp = arg; 85 86 if (ps_recvpsmsg(psp->psp_ctx, psp->psp_fd, events, 87 ps_ctl_recvmsgcb, psp->psp_ctx) == -1) 88 logerr(__func__); 89 } 90 91 ssize_t 92 ps_ctl_handleargs(struct fd_list *fd, char *data, size_t len) 93 { 94 95 /* Make any change here in dhcpcd.c as well. */ 96 if (strncmp(data, "--version", 97 MIN(strlen("--version"), len)) == 0) { 98 return control_queue(fd, UNCONST(VERSION), 99 strlen(VERSION) + 1); 100 } else if (strncmp(data, "--getconfigfile", 101 MIN(strlen("--getconfigfile"), len)) == 0) { 102 return control_queue(fd, UNCONST(fd->ctx->cffile), 103 strlen(fd->ctx->cffile) + 1); 104 } else if (strncmp(data, "--listen", 105 MIN(strlen("--listen"), len)) == 0) { 106 fd->flags |= FD_LISTEN; 107 return 0; 108 } 109 110 if (fd->ctx->ps_control_client != NULL && 111 fd->ctx->ps_control_client != fd) 112 { 113 logerrx("%s: cannot handle another client", __func__); 114 return 0; 115 } 116 return 1; 117 } 118 119 static ssize_t 120 ps_ctl_dispatch(void *arg, struct ps_msghdr *psm, struct msghdr *msg) 121 { 122 struct dhcpcd_ctx *ctx = arg; 123 struct iovec *iov = msg->msg_iov; 124 struct fd_list *fd; 125 unsigned int fd_flags = FD_SENDLEN; 126 127 switch (psm->ps_flags) { 128 case PS_CTL_PRIV: 129 break; 130 case PS_CTL_UNPRIV: 131 fd_flags |= FD_UNPRIV; 132 break; 133 } 134 135 switch (psm->ps_cmd) { 136 case PS_CTL: 137 if (msg->msg_iovlen != 1) { 138 errno = EINVAL; 139 return -1; 140 } 141 if (ctx->ps_control_client != NULL) { 142 logerrx("%s: cannot handle another client", __func__); 143 return 0; 144 } 145 fd = control_new(ctx, ctx->ps_ctl->psp_work_fd, fd_flags); 146 if (fd == NULL) 147 return -1; 148 ctx->ps_control_client = fd; 149 control_recvdata(fd, iov->iov_base, iov->iov_len); 150 break; 151 case PS_CTL_EOF: 152 ctx->ps_control_client = NULL; 153 break; 154 default: 155 errno = ENOTSUP; 156 return -1; 157 } 158 return 0; 159 } 160 161 static void 162 ps_ctl_dodispatch(void *arg, unsigned short events) 163 { 164 struct ps_process *psp = arg; 165 166 if (ps_recvpsmsg(psp->psp_ctx, psp->psp_fd, events, 167 ps_ctl_dispatch, psp->psp_ctx) == -1) 168 logerr(__func__); 169 } 170 171 static void 172 ps_ctl_recv(void *arg, unsigned short events) 173 { 174 struct dhcpcd_ctx *ctx = arg; 175 char buf[BUFSIZ]; 176 ssize_t len; 177 178 if (!(events & ELE_READ)) 179 logerrx("%s: unexpected event 0x%04x", __func__, events); 180 181 len = read(ctx->ps_ctl->psp_work_fd, buf, sizeof(buf)); 182 if (len == 0) 183 return; 184 if (len == -1) { 185 logerr("%s: read", __func__); 186 eloop_exit(ctx->eloop, EXIT_FAILURE); 187 return; 188 } 189 if (ctx->ps_control_client == NULL) /* client disconnected */ 190 return; 191 errno = 0; 192 if (control_queue(ctx->ps_control_client, buf, (size_t)len) == -1) 193 logerr("%s: control_queue", __func__); 194 } 195 196 static void 197 ps_ctl_listen(void *arg, unsigned short events) 198 { 199 struct dhcpcd_ctx *ctx = arg; 200 char buf[BUFSIZ]; 201 ssize_t len; 202 struct fd_list *fd; 203 204 if (!(events & ELE_READ)) 205 logerrx("%s: unexpected event 0x%04x", __func__, events); 206 207 len = read(ctx->ps_control->fd, buf, sizeof(buf)); 208 if (len == 0) 209 return; 210 if (len == -1) { 211 logerr("%s: read", __func__); 212 eloop_exit(ctx->eloop, EXIT_FAILURE); 213 return; 214 } 215 216 /* Send to our listeners */ 217 TAILQ_FOREACH(fd, &ctx->control_fds, next) { 218 if (!(fd->flags & FD_LISTEN)) 219 continue; 220 if (control_queue(fd, buf, (size_t)len)== -1) 221 logerr("%s: control_queue", __func__); 222 } 223 } 224 225 pid_t 226 ps_ctl_start(struct dhcpcd_ctx *ctx) 227 { 228 struct ps_id id = { 229 .psi_ifindex = 0, 230 .psi_cmd = PS_CTL, 231 }; 232 struct ps_process *psp; 233 int data_fd[2], listen_fd[2]; 234 pid_t pid; 235 236 if (xsocketpair(AF_UNIX, SOCK_STREAM | SOCK_CXNB, 0, data_fd) == -1 || 237 xsocketpair(AF_UNIX, SOCK_STREAM | SOCK_CXNB, 0, listen_fd) == -1) 238 return -1; 239 #ifdef PRIVSEP_RIGHTS 240 if (ps_rights_limit_fdpair(data_fd) == -1 || 241 ps_rights_limit_fdpair(listen_fd) == -1) 242 return -1; 243 #endif 244 245 psp = ctx->ps_ctl = ps_newprocess(ctx, &id); 246 strlcpy(psp->psp_name, "control proxy", sizeof(psp->psp_name)); 247 pid = ps_startprocess(psp, ps_ctl_recvmsg, ps_ctl_dodispatch, 248 ps_ctl_startcb, NULL, PSF_DROPPRIVS); 249 250 if (pid == -1) 251 return -1; 252 else if (pid != 0) { 253 psp->psp_work_fd = data_fd[1]; 254 close(data_fd[0]); 255 ctx->ps_control = control_new(ctx, 256 listen_fd[1], FD_SENDLEN | FD_LISTEN); 257 if (ctx->ps_control == NULL) 258 return -1; 259 close(listen_fd[0]); 260 return pid; 261 } 262 263 psp->psp_work_fd = data_fd[0]; 264 close(data_fd[1]); 265 if (eloop_event_add(ctx->eloop, psp->psp_work_fd, ELE_READ, 266 ps_ctl_recv, ctx) == -1) 267 return -1; 268 269 ctx->ps_control = control_new(ctx, listen_fd[0], 0); 270 close(listen_fd[1]); 271 if (ctx->ps_control == NULL) 272 return -1; 273 if (eloop_event_add(ctx->eloop, ctx->ps_control->fd, ELE_READ, 274 ps_ctl_listen, ctx) == -1) 275 return -1; 276 277 ps_entersandbox("stdio inet", NULL); 278 return 0; 279 } 280 281 int 282 ps_ctl_stop(struct dhcpcd_ctx *ctx) 283 { 284 285 return ps_stopprocess(ctx->ps_ctl); 286 } 287 288 ssize_t 289 ps_ctl_sendargs(struct fd_list *fd, void *data, size_t len) 290 { 291 struct dhcpcd_ctx *ctx = fd->ctx; 292 293 if (ctx->ps_control_client != NULL && ctx->ps_control_client != fd) 294 logerrx("%s: cannot deal with another client", __func__); 295 ctx->ps_control_client = fd; 296 return ps_sendcmd(ctx, ctx->ps_ctl->psp_fd, PS_CTL, 297 fd->flags & FD_UNPRIV ? PS_CTL_UNPRIV : PS_CTL_PRIV, 298 data, len); 299 } 300 301 ssize_t 302 ps_ctl_sendeof(struct fd_list *fd) 303 { 304 struct dhcpcd_ctx *ctx = fd->ctx; 305 306 return ps_sendcmd(ctx, ctx->ps_ctl->psp_fd, PS_CTL_EOF, 0, NULL, 0); 307 } 308