Gecko [ v99win.today ]

Name	Size	Permission
git-SEM_VALUE_MAX.diff	600 B	-rw-r--r--
git-WAIT.diff	1.44 KB	-rw-r--r--
git-barrier-1.diff	694 B	-rw-r--r--
git-bsd4.3-ioctls.diff	873 B	-rw-r--r--
git-clock-cputime.diff	2.86 KB	-rw-r--r--
git-cond_destroy.diff	6.02 KB	-rw-r--r--
git-cthreads-symbols.diff	1.03 KB	-rw-r--r--
git-cthreads.diff	21.02 KB	-rw-r--r--
git-fexecve.diff	1.2 KB	-rw-r--r--
git-fix-longjmp.diff	3.03 KB	-rw-r--r--
git-fork-pthread_exit.diff	1.23 KB	-rw-r--r--
git-futex-internal.diff	1.82 KB	-rw-r--r--
git-holes.diff	1.42 KB	-rw-r--r--
git-hurd-version.diff	1.02 KB	-rw-r--r--
git-hurdsig-SA_SIGINFO.diff	20.64 KB	-rw-r--r--
git-intr-msg-unwind.diff	1.23 KB	-rw-r--r--
git-ld-library-path-checks.dif...	3.57 KB	-rw-r--r--
git-libc-open.diff	970 B	-rw-r--r--
git-libpthread-nodelete.diff	771 B	-rw-r--r--
git-libpthread-testcancel.diff	1.21 KB	-rw-r--r--
git-libpthread_plt.diff	1.24 KB	-rw-r--r--
git-libpthread_syms.diff	4.68 KB	-rw-r--r--
git-lll-initializer.diff	3.15 KB	-rw-r--r--
git-lll-private.diff	611 B	-rw-r--r--
git-lll-ptr.diff	19.54 KB	-rw-r--r--
git-lll-wait-intr.diff	5.41 KB	-rw-r--r--
git-longjmp-onstack.diff	9.07 KB	-rw-r--r--
git-mmap-EINVAL.diff	668 B	-rw-r--r--
git-mmap_addr.diff	1.43 KB	-rw-r--r--
git-posix_openpt.diff	2.71 KB	-rw-r--r--
git-pselect.diff	5.72 KB	-rw-r--r--
git-pthread_atfork-hidden.diff	1.9 KB	-rw-r--r--
git-pthread_get_cleanup_stack....	2.43 KB	-rw-r--r--
git-pthread_link_tests.diff	1.86 KB	-rw-r--r--
git-pthread_self.diff	1.16 KB	-rw-r--r--
git-raise.diff	1.08 KB	-rw-r--r--
git-register-atfork.diff	7.98 KB	-rw-r--r--
git-register-atfork2.diff	1.1 KB	-rw-r--r--
git-sbrk-end.diff	5.13 KB	-rw-r--r--
git-sched_sets.diff	3.13 KB	-rw-r--r--
git-sem-intr.diff	4.85 KB	-rw-r--r--
git-sem-open-init.diff	2.51 KB	-rw-r--r--
git-sem-open.diff	31.92 KB	-rw-r--r--
git-sem-pshared.diff	15.5 KB	-rw-r--r--
git-siginfo_uesp.diff	811 B	-rw-r--r--
git-sigstate_thread_reference....	3.71 KB	-rw-r--r--
git-spin_lock.diff	829 B	-rw-r--r--
git-ss_init.diff	1.15 KB	-rw-r--r--
git-strtol-test.diff	1.47 KB	-rw-r--r--
git-tiocflush.diff	976 B	-rw-r--r--
git-trunc-times.diff	1.13 KB	-rw-r--r--
git-tst-udp.diff	3.43 KB	-rw-r--r--
git-waitid.diff	5.65 KB	-rw-r--r--
local-ED.diff	1.21 KB	-rw-r--r--
local-clock_gettime_MONOTONIC....	3.38 KB	-rw-r--r--
local-disable-ioctls.diff	1.53 KB	-rw-r--r--
local-enable-ldconfig.diff	1.15 KB	-rw-r--r--
local-exec_filename.diff	4.35 KB	-rw-r--r--
local-fix-nss.diff	1.37 KB	-rw-r--r--
local-mach_print.diff	658 B	-rw-r--r--
local-madvise_warn.diff	553 B	-rw-r--r--
local-no-bootstrap-fs-access.d...	786 B	-rw-r--r--
local-no_unsupported_ioctls.di...	2.14 KB	-rw-r--r--
local-tls-ie-align.diff	1.08 KB	-rw-r--r--
local-usr.diff	593 B	-rw-r--r--
submitted-AF_LINK.diff	1.08 KB	-rw-r--r--
submitted-bind_umask2.diff	1.65 KB	-rw-r--r--
submitted-net.diff	81.49 KB	-rw-r--r--
submitted-path_mounted.diff	1.41 KB	-rw-r--r--
sysvshm-lll.diff	532 B	-rw-r--r--
tg-EGREGIOUS-fr.diff	794 B	-rw-r--r--
tg-EIEIO-fr.diff	805 B	-rw-r--r--
tg-bigmem.diff	1.42 KB	-rw-r--r--
tg-bits_atomic.h_multiple_thre...	11.56 KB	-rw-r--r--
tg-bootstrap.diff	775 B	-rw-r--r--
tg-eintr.diff	786 B	-rw-r--r--
tg-glibc-2.24-restore-malloc-h...	548 B	-rw-r--r--
tg-hooks.diff	2.49 KB	-rw-r--r--
tg-ifaddrs_v6.diff	10.71 KB	-rw-r--r--
tg-libc_rwlock_recursive.diff	3.61 KB	-rw-r--r--
tg-mach-hurd-link.diff	987 B	-rw-r--r--
tg-sendmsg-SCM_CREDS.diff	8.03 KB	-rw-r--r--
tg-sysvshm.diff	21.62 KB	-rw-r--r--
tg-thread-cancel.diff	2.81 KB	-rw-r--r--
tg-unlockpt-chroot.diff	741 B	-rw-r--r--
unsubmitted-clock_t_centisecon...	1.79 KB	-rw-r--r--
unsubmitted-getaux_at_secure.d...	637 B	-rw-r--r--
unsubmitted-mremap.diff	838 B	-rw-r--r--
unsubmitted-prof-eintr.diff	668 B	-rw-r--r--

Code Editor : tg-sendmsg-SCM_CREDS.diff

Subject: [PATCH] hurd: SCM_CREDS support

Svante Signell  <svante.signell@gmail.com>
Samuel Thibault  <samuel.thibault@ens-lyon.org>

* sysdeps/mach/hurd/sendmsg.c (__libc_sendmsg): On SCM_CREDS
	control messages, record uids, pass a rendez-vous port in the
	control message, and call __auth_user_authenticate_request to
	make auth send credentials on that port.  Do not wait for a
	reply.
	* sysdeps/mach/hurd/recvmsg.c (contains_uid, contains_gid,
	check_auth): New functions.
	(__libc_recvmsg): On SCM_CREDS control messages, call check_auth
	to check the passed credentials thanks to the answer from the
	auth server.
	* hurd/Makefile (user-interfaces): Add auth_request and
	auth_reply.

---
 hurd/Makefile               |   2 +-
 sysdeps/mach/hurd/recvmsg.c | 137 ++++++++++++++++++++++++++++++++++++++++++++
 sysdeps/mach/hurd/sendmsg.c |  34 +++++++++++
 3 files changed, 172 insertions(+), 1 deletion(-)

diff --git a/sysdeps/mach/hurd/recvmsg.c b/sysdeps/mach/hurd/recvmsg.c
index 0200b13..b66e5b5 100644
--- a/sysdeps/mach/hurd/recvmsg.c
+++ b/sysdeps/mach/hurd/recvmsg.c
@@ -23,6 +23,123 @@
 #include <hurd/fd.h>
 #include <hurd/socket.h>
 
+static unsigned
+contains_uid (unsigned int n, __uid_t uids[n], __uid_t uid)
+{
+  unsigned i;
+
+  for (i = 0; i < n; i++)
+    if (uids[i] == uid)
+      return 1;
+  return 0;
+}
+
+static unsigned
+contains_gid (unsigned int n, __gid_t gids[n], __gid_t gid)
+{
+  unsigned i;
+
+  for (i = 0; i < n; i++)
+    if (gids[i] == gid)
+      return 1;
+  return 0;
+}
+
+/* Check the passed credentials.  */
+static error_t
+check_auth (mach_port_t rendezvous,
+		    __pid_t pid,
+		    __uid_t uid, __uid_t euid,
+		    __gid_t gid,
+		    int ngroups, __gid_t groups[ngroups])
+{
+  error_t err;
+  size_t neuids = CMGROUP_MAX, nauids = CMGROUP_MAX;
+  size_t negids = CMGROUP_MAX, nagids = CMGROUP_MAX;
+  __uid_t euids_buf[neuids], auids_buf[nauids];
+  __gid_t egids_buf[negids], agids_buf[nagids];
+  __uid_t *euids = euids_buf, *auids = auids_buf;
+  __gid_t *egids = egids_buf, *agids = agids_buf;
+
+  struct procinfo *pi = NULL;
+  mach_msg_type_number_t pi_size = 0;
+  int flags = PI_FETCH_TASKINFO;
+  char *tw = NULL;
+  size_t tw_size = 0;
+  unsigned i;
+
+  err = __mach_port_mod_refs (mach_task_self (), rendezvous,
+			    MACH_PORT_RIGHT_SEND, 1);
+  if (err)
+    goto out;
+
+  do
+    err = __USEPORT
+      (AUTH, __auth_server_authenticate (port,
+					 rendezvous, MACH_MSG_TYPE_COPY_SEND,
+					 MACH_PORT_NULL, 0,
+					 &euids, &neuids, &auids, &nauids,
+					 &egids, &negids, &agids, &nagids));
+  while (err == EINTR);
+  if (err)
+    goto out;
+
+  /* Check whether this process indeed has these IDs */
+  if (   !contains_uid (neuids, euids,  uid)
+      && !contains_uid (nauids, auids,  uid)
+   ||    !contains_uid (neuids, euids, euid)
+      && !contains_uid (nauids, auids, euid)
+   ||    !contains_gid (negids, egids,  gid)
+      && !contains_gid (nagids, agids,  gid)
+    )
+    {
+      err = EIO;
+      goto out;
+    }
+
+  /* Check groups */
+  for (i = 0; i < ngroups; i++)
+    if (   !contains_gid (negids, egids, groups[i])
+	&& !contains_gid (nagids, agids, groups[i]))
+      {
+	err = EIO;
+	goto out;
+      }
+
+  /* Check PID  */
+  /* XXX: Using proc_getprocinfo until
+     proc_user_authenticate proc_server_authenticate is implemented
+  */
+  /* Get procinfo to check the owner.  Maybe he faked the pid, but at least we
+     check the owner.  */
+  err = __USEPORT (PROC, __proc_getprocinfo (port, pid, &flags,
+					     (procinfo_t *)&pi,
+					     &pi_size, &tw, &tw_size));
+  if (err)
+    goto out;
+
+  if (   !contains_uid (neuids, euids, pi->owner)
+      && !contains_uid (nauids, auids, pi->owner))
+    err = EIO;
+
+out:
+  __mach_port_deallocate (__mach_task_self (), rendezvous);
+  if (euids != euids_buf)
+    __vm_deallocate (__mach_task_self(), (vm_address_t) euids, neuids * sizeof(uid_t));
+  if (auids != auids_buf)
+    __vm_deallocate (__mach_task_self(), (vm_address_t) auids, nauids * sizeof(uid_t));
+  if (egids != egids_buf)
+    __vm_deallocate (__mach_task_self(), (vm_address_t) egids, negids * sizeof(uid_t));
+  if (agids != agids_buf)
+    __vm_deallocate (__mach_task_self(), (vm_address_t) agids, nagids * sizeof(uid_t));
+  if (tw_size)
+    __vm_deallocate (__mach_task_self(), (vm_address_t) tw, tw_size);
+  if (pi_size)
+    __vm_deallocate (__mach_task_self(), (vm_address_t) pi, pi_size);
+
+  return err;
+}
+
 /* Receive a message as described by MESSAGE from socket FD.
    Returns the number of bytes read or -1 for errors.  */
 ssize_t
@@ -191,6 +308,21 @@ __libc_recvmsg (int fd, struct msghdr *message, int flags)
 	    newfds++;
 	  }
       }
+    else if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_CREDS)
+      {
+	/* SCM_CREDS support.  */
+	/* Check received credentials */
+	struct cmsgcred *ucredp = (struct cmsgcred *) CMSG_DATA(cmsg);
+
+	err = check_auth (ports[i],
+			  ucredp->cmcred_pid,
+			  ucredp->cmcred_uid, ucredp->cmcred_euid,
+			  ucredp->cmcred_gid,
+			  ucredp->cmcred_ngroups, ucredp->cmcred_groups);
+	if (err)
+	  goto cleanup;
+	i++;
+      }
   }
 
   for (i = 0; i < nports; i++)
@@ -221,6 +353,11 @@ cleanup:
 		__mach_port_deallocate (__mach_task_self (), ports[ii]);
 	      }
 	    }
+	  else if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_CREDS)
+	    {
+	      __mach_port_deallocate (__mach_task_self (), ports[ii]);
+	      ii++;
+	    }
 	}
     }
 
diff --git a/sysdeps/mach/hurd/sendmsg.c b/sysdeps/mach/hurd/sendmsg.c
index 612581c..51167e8 100644
--- a/sysdeps/mach/hurd/sendmsg.c
+++ b/sysdeps/mach/hurd/sendmsg.c
@@ -19,11 +19,13 @@
 #include <string.h>
 #include <sys/socket.h>
 #include <sys/un.h>
+#include <unistd.h>
 
 #include <hurd.h>
 #include <hurd/fd.h>
 #include <hurd/ifsock.h>
 #include <hurd/socket.h>
+#include <hurd/auth_request.h>
 #include "hurd/hurdsocket.h"
 
 /* Send a message described MESSAGE on socket FD.
@@ -111,6 +111,8 @@ __libc_sendmsg (int fd, const struct msghdr *message, int flags)
     if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS)
       nports += (cmsg->cmsg_len - CMSG_ALIGN (sizeof (struct cmsghdr)))
 		/ sizeof (int);
+    else if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_CREDS)
+      nports++;
 
   if (nports)
     ports = __alloca (nports * sizeof (mach_port_t));
@@ -145,6 +147,38 @@ __libc_sendmsg (int fd, const struct msghdr *message, int flags)
 		goto out;
 	    }
 	}
+      else if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_CREDS)
+	{
+	  /* SCM_CREDS support: send credentials.   */
+	  mach_port_t rendezvous  = __mach_reply_port (), reply;
+	  struct cmsgcred *ucredp;
+
+	  err = __mach_port_insert_right (mach_task_self (), rendezvous,
+					  rendezvous, MACH_MSG_TYPE_MAKE_SEND);
+	  ports[nports++] = rendezvous;
+	  if (err)
+	    goto out;
+
+	  ucredp = (struct cmsgcred *) CMSG_DATA(cmsg);
+	  /* Fill in credentials data */
+	  ucredp->cmcred_pid = __getpid();
+	  ucredp->cmcred_uid = __getuid();
+	  ucredp->cmcred_euid = __geteuid();
+	  ucredp->cmcred_gid = __getgid();
+	  ucredp->cmcred_ngroups =
+	    __getgroups (sizeof (ucredp->cmcred_groups) / sizeof (gid_t),
+			 ucredp->cmcred_groups);
+
+	  /* And make auth server authenticate us.  */
+	  reply = __mach_reply_port();
+	  err = __USEPORT
+	    (AUTH, __auth_user_authenticate_request (port,
+					reply, MACH_MSG_TYPE_MAKE_SEND_ONCE,
+					rendezvous, MACH_MSG_TYPE_MAKE_SEND));
+	  __mach_port_deallocate (__mach_task_self (), reply);
+	  if (err)
+	    goto out;
+	}
     }
 
   if (addr)
diff --git a/hurd/Makefile b/hurd/Makefile
index 4387253..0ee417d 100644
--- a/hurd/Makefile
+++ b/hurd/Makefile
@@ -33,7 +33,7 @@ inline-headers = hurd.h $(addprefix hurd/,fd.h signal.h \
 # The RPC interfaces go in a separate library.
 interface-library := libhurduser
 user-interfaces		:= $(addprefix hurd/,\
-				       auth startup \
+				       auth auth_request auth_reply startup \
 				       process process_request \
 				       msg msg_reply msg_request \
 				       exec exec_startup crash interrupt \
-- 
tg: (511e7f1..) t/sendmsg-SCM_CREDS (depends on: t/sendmsg-SCM_RIGHTS)

${this.title}

Code Editor : tg-sendmsg-SCM_CREDS.diff