d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Separate POSIX sem/shm objects in jails, by prepending the jail's path

Browse Source 
name to the object's "path".  While the objects don't have real path
names, it's a filesystem-like namespace, which allows jails to be
kept to their own space, but still allows the system / jail parent to
access a jail's IPC.

PR:		208082
This commit is contained in:
Jamie Gritton 2016-04-13 20:14:13 +00:00
parent c9767ca834
commit cc7b259a26
2 changed files with 64 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
sys/kern/uipc_sem.c
View File

@ -44,6 +44,7 @@ __FBSDID("$FreeBSD$");
#include <sys/file.h>
#include <sys/filedesc.h>
#include <sys/fnv_hash.h>
#include <sys/jail.h>
#include <sys/kernel.h>
#include <sys/ksem.h>
#include <sys/lock.h>
@ -258,7 +259,9 @@ ksem_closef(struct file *fp, struct thread *td)
static int
ksem_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp)
{
const char *path, *pr_path;
struct ksem *ks;
size_t pr_pathlen;
kif->kf_type = KF_TYPE_SEM;
ks = fp->f_data;
@ -269,7 +272,19 @@ ksem_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp)
if (ks->ks_path != NULL) {
sx_slock(&ksem_dict_lock);
if (ks->ks_path != NULL)
strlcpy(kif->kf_path, ks->ks_path, sizeof(kif->kf_path));
{
path = ks->ks_path;
pr_path = curthread->td_ucred->cr_prison->pr_path;
if (strcmp(pr_path, "/") != 0)
{
/* Return the jail-rooted pathname */
pr_pathlen = strlen(pr_path);
if (strncmp(path, pr_path, pr_pathlen) == 0 &&
path[pr_pathlen] == '/')
path += pr_pathlen;
}
strlcpy(kif->kf_path, path, sizeof(kif->kf_path));
}
sx_sunlock(&ksem_dict_lock);
}
return (0);
@ -449,6 +464,8 @@ ksem_create(struct thread *td, const char *name, semid_t *semidp, mode_t mode,
struct ksem *ks;
struct file *fp;
char *path;
const char *pr_path;
size_t pr_pathlen;
Fnv32_t fnv;
int error, fd;
@ -485,10 +502,15 @@ ksem_create(struct thread *td, const char *name, semid_t *semidp, mode_t mode,
ks->ks_flags |= KS_ANONYMOUS;
} else {
path = malloc(MAXPATHLEN, M_KSEM, M_WAITOK);
error = copyinstr(name, path, MAXPATHLEN, NULL);
pr_path = td->td_ucred->cr_prison->pr_path;
/* Construct a full pathname for jailed callers */
pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
: strlcpy(path, pr_path, MAXPATHLEN);
error = copyinstr(name, path + pr_pathlen,
MAXPATHLEN - pr_pathlen, NULL);
/* Require paths to start with a '/' character. */
if (error == 0 && path[0] != '/')
if (error == 0 && path[pr_pathlen] != '/')
error = EINVAL;
if (error) {
fdclose(td, fp, fd);
@ -624,11 +646,17 @@ int
sys_ksem_unlink(struct thread *td, struct ksem_unlink_args *uap)
{
char *path;
const char *pr_path;
size_t pr_pathlen;
Fnv32_t fnv;
int error;
path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
error = copyinstr(uap->name, path, MAXPATHLEN, NULL);
pr_path = td->td_ucred->cr_prison->pr_path;
pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
: strlcpy(path, pr_path, MAXPATHLEN);
error = copyinstr(uap->name, path + pr_pathlen, MAXPATHLEN - pr_pathlen,
NULL);
if (error) {
free(path, M_TEMP);
return (error);

37
sys/kern/uipc_shm.c
View File

@ -57,6 +57,7 @@ __FBSDID("$FreeBSD$");
#include <sys/kernel.h>
#include <sys/uio.h>
#include <sys/signal.h>
#include <sys/jail.h>
#include <sys/ktrace.h>
#include <sys/lock.h>
#include <sys/malloc.h>
@ -687,6 +688,8 @@ kern_shm_open(struct thread *td, const char *userpath, int flags, mode_t mode,
struct shmfd *shmfd;
struct file *fp;
char *path;
const char *pr_path;
size_t pr_pathlen;
Fnv32_t fnv;
mode_t cmode;
int fd, error;
@ -723,13 +726,18 @@ kern_shm_open(struct thread *td, const char *userpath, int flags, mode_t mode,
shmfd = shm_alloc(td->td_ucred, cmode);
} else {
path = malloc(MAXPATHLEN, M_SHMFD, M_WAITOK);
error = copyinstr(userpath, path, MAXPATHLEN, NULL);
pr_path = td->td_ucred->cr_prison->pr_path;
/* Construct a full pathname for jailed callers */
pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
: strlcpy(path, pr_path, MAXPATHLEN);
error = copyinstr(userpath, path + pr_pathlen,
MAXPATHLEN - pr_pathlen, NULL);
#ifdef KTRACE
if (error == 0 && KTRPOINT(curthread, KTR_NAMEI))
ktrnamei(path);
#endif
/* Require paths to start with a '/' character. */
if (error == 0 && path[0] != '/')
if (error == 0 && path[pr_pathlen] != '/')
error = EINVAL;
if (error) {
fdclose(td, fp, fd);
@ -823,11 +831,17 @@ int
sys_shm_unlink(struct thread *td, struct shm_unlink_args *uap)
{
char *path;
const char *pr_path;
size_t pr_pathlen;
Fnv32_t fnv;
int error;
path = malloc(MAXPATHLEN, M_TEMP, M_WAITOK);
error = copyinstr(uap->path, path, MAXPATHLEN, NULL);
pr_path = td->td_ucred->cr_prison->pr_path;
pr_pathlen = strcmp(pr_path, "/") == 0 ? 0
: strlcpy(path, pr_path, MAXPATHLEN);
error = copyinstr(uap->path, path + pr_pathlen, MAXPATHLEN - pr_pathlen,
NULL);
if (error) {
free(path, M_TEMP);
return (error);
@ -1060,7 +1074,9 @@ shm_unmap(struct file *fp, void *mem, size_t size)
static int
shm_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp)
{
const char *path, *pr_path;
struct shmfd *shmfd;
size_t pr_pathlen;
kif->kf_type = KF_TYPE_SHM;
shmfd = fp->f_data;
@ -1072,8 +1088,19 @@ shm_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp)
if (shmfd->shm_path != NULL) {
sx_slock(&shm_dict_lock);
if (shmfd->shm_path != NULL)
strlcpy(kif->kf_path, shmfd->shm_path,
sizeof(kif->kf_path));
{
path = shmfd->shm_path;
pr_path = curthread->td_ucred->cr_prison->pr_path;
if (strcmp(pr_path, "/") != 0)
{
/* Return the jail-rooted pathname */
pr_pathlen = strlen(pr_path);
if (strncmp(path, pr_path, pr_pathlen) == 0 &&
path[pr_pathlen] == '/')
path += pr_pathlen;
}
strlcpy(kif->kf_path, path, sizeof(kif->kf_path));
}
sx_sunlock(&shm_dict_lock);
}
return (0);