X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;ds=sidebyside;f=src%2Fshared%2Fclean-ipc.c;h=7e2ef4a8eb7130664064bc2838f31c79af17ba87;hb=53e1b683907c2f12330f00feb9630150196f064d;hp=a3ac7aeb822a738a50e4ef88c1d1977e98d9c1b1;hpb=91ba5ac7d0196074863ff08f5251689d324a6550;p=thirdparty%2Fsystemd.git diff --git a/src/shared/clean-ipc.c b/src/shared/clean-ipc.c index a3ac7aeb822..7e2ef4a8eb7 100644 --- a/src/shared/clean-ipc.c +++ b/src/shared/clean-ipc.c @@ -1,3 +1,4 @@ +/* SPDX-License-Identifier: LGPL-2.1+ */ /*** This file is part of systemd. @@ -36,13 +37,25 @@ #include "dirent-util.h" #include "fd-util.h" #include "fileio.h" -#include "formats-util.h" +#include "format-util.h" #include "log.h" #include "macro.h" #include "string-util.h" #include "strv.h" +#include "user-util.h" -static int clean_sysvipc_shm(uid_t delete_uid) { +static bool match_uid_gid(uid_t subject_uid, gid_t subject_gid, uid_t delete_uid, gid_t delete_gid) { + + if (uid_is_valid(delete_uid) && subject_uid == delete_uid) + return true; + + if (gid_is_valid(delete_gid) && subject_gid == delete_gid) + return true; + + return false; +} + +static int clean_sysvipc_shm(uid_t delete_uid, gid_t delete_gid, bool rm) { _cleanup_fclose_ FILE *f = NULL; char line[LINE_MAX]; bool first = true; @@ -77,18 +90,25 @@ static int clean_sysvipc_shm(uid_t delete_uid) { if (n_attached > 0) continue; - if (uid != delete_uid) + if (!match_uid_gid(uid, gid, delete_uid, delete_gid)) continue; + if (!rm) + return 1; + if (shmctl(shmid, IPC_RMID, NULL) < 0) { /* Ignore entries that are already deleted */ - if (errno == EIDRM || errno == EINVAL) + if (IN_SET(errno, EIDRM, EINVAL)) continue; ret = log_warning_errno(errno, "Failed to remove SysV shared memory segment %i: %m", shmid); + } else { + log_debug("Removed SysV shared memory segment %i.", shmid); + if (ret == 0) + ret = 1; } } @@ -98,7 +118,7 @@ fail: return log_warning_errno(errno, "Failed to read /proc/sysvipc/shm: %m"); } -static int clean_sysvipc_sem(uid_t delete_uid) { +static int clean_sysvipc_sem(uid_t delete_uid, gid_t delete_gid, bool rm) { _cleanup_fclose_ FILE *f = NULL; char line[LINE_MAX]; bool first = true; @@ -128,18 +148,25 @@ static int clean_sysvipc_sem(uid_t delete_uid) { &semid, &uid, &gid, &cuid, &cgid) != 5) continue; - if (uid != delete_uid) + if (!match_uid_gid(uid, gid, delete_uid, delete_gid)) continue; + if (!rm) + return 1; + if (semctl(semid, 0, IPC_RMID) < 0) { /* Ignore entries that are already deleted */ - if (errno == EIDRM || errno == EINVAL) + if (IN_SET(errno, EIDRM, EINVAL)) continue; ret = log_warning_errno(errno, "Failed to remove SysV semaphores object %i: %m", semid); + } else { + log_debug("Removed SysV semaphore %i.", semid); + if (ret == 0) + ret = 1; } } @@ -149,7 +176,7 @@ fail: return log_warning_errno(errno, "Failed to read /proc/sysvipc/sem: %m"); } -static int clean_sysvipc_msg(uid_t delete_uid) { +static int clean_sysvipc_msg(uid_t delete_uid, gid_t delete_gid, bool rm) { _cleanup_fclose_ FILE *f = NULL; char line[LINE_MAX]; bool first = true; @@ -180,18 +207,25 @@ static int clean_sysvipc_msg(uid_t delete_uid) { &msgid, &cpid, &lpid, &uid, &gid, &cuid, &cgid) != 7) continue; - if (uid != delete_uid) + if (!match_uid_gid(uid, gid, delete_uid, delete_gid)) continue; + if (!rm) + return 1; + if (msgctl(msgid, IPC_RMID, NULL) < 0) { /* Ignore entries that are already deleted */ - if (errno == EIDRM || errno == EINVAL) + if (IN_SET(errno, EIDRM, EINVAL)) continue; ret = log_warning_errno(errno, "Failed to remove SysV message queue %i: %m", msgid); + } else { + log_debug("Removed SysV message queue %i.", msgid); + if (ret == 0) + ret = 1; } } @@ -201,62 +235,74 @@ fail: return log_warning_errno(errno, "Failed to read /proc/sysvipc/msg: %m"); } -static int clean_posix_shm_internal(DIR *dir, uid_t uid) { +static int clean_posix_shm_internal(DIR *dir, uid_t uid, gid_t gid, bool rm) { struct dirent *de; int ret = 0, r; assert(dir); - FOREACH_DIRENT(de, dir, goto fail) { + FOREACH_DIRENT_ALL(de, dir, goto fail) { struct stat st; - if (STR_IN_SET(de->d_name, "..", ".")) + if (dot_or_dot_dot(de->d_name)) continue; if (fstatat(dirfd(dir), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) { if (errno == ENOENT) continue; - log_warning_errno(errno, "Failed to stat() POSIX shared memory segment %s: %m", de->d_name); - ret = -errno; + ret = log_warning_errno(errno, "Failed to stat() POSIX shared memory segment %s: %m", de->d_name); continue; } - if (st.st_uid != uid) - continue; - if (S_ISDIR(st.st_mode)) { _cleanup_closedir_ DIR *kid; kid = xopendirat(dirfd(dir), de->d_name, O_NOFOLLOW|O_NOATIME); if (!kid) { - if (errno != ENOENT) { - log_warning_errno(errno, "Failed to enter shared memory directory %s: %m", de->d_name); - ret = -errno; - } + if (errno != ENOENT) + ret = log_warning_errno(errno, "Failed to enter shared memory directory %s: %m", de->d_name); } else { - r = clean_posix_shm_internal(kid, uid); + r = clean_posix_shm_internal(kid, uid, gid, rm); if (r < 0) ret = r; } + if (!match_uid_gid(st.st_uid, st.st_gid, uid, gid)) + continue; + + if (!rm) + return 1; + if (unlinkat(dirfd(dir), de->d_name, AT_REMOVEDIR) < 0) { if (errno == ENOENT) continue; - log_warning_errno(errno, "Failed to remove POSIX shared memory directory %s: %m", de->d_name); - ret = -errno; + ret = log_warning_errno(errno, "Failed to remove POSIX shared memory directory %s: %m", de->d_name); + } else { + log_debug("Removed POSIX shared memory directory %s", de->d_name); + if (ret == 0) + ret = 1; } } else { + if (!match_uid_gid(st.st_uid, st.st_gid, uid, gid)) + continue; + + if (!rm) + return 1; + if (unlinkat(dirfd(dir), de->d_name, 0) < 0) { if (errno == ENOENT) continue; - log_warning_errno(errno, "Failed to remove POSIX shared memory segment %s: %m", de->d_name); - ret = -errno; + ret = log_warning_errno(errno, "Failed to remove POSIX shared memory segment %s: %m", de->d_name); + } else { + log_debug("Removed POSIX shared memory segment %s", de->d_name); + if (ret == 0) + ret = 1; } } } @@ -264,11 +310,10 @@ static int clean_posix_shm_internal(DIR *dir, uid_t uid) { return ret; fail: - log_warning_errno(errno, "Failed to read /dev/shm: %m"); - return -errno; + return log_warning_errno(errno, "Failed to read /dev/shm: %m"); } -static int clean_posix_shm(uid_t uid) { +static int clean_posix_shm(uid_t uid, gid_t gid, bool rm) { _cleanup_closedir_ DIR *dir = NULL; dir = opendir("/dev/shm"); @@ -279,10 +324,10 @@ static int clean_posix_shm(uid_t uid) { return log_warning_errno(errno, "Failed to open /dev/shm: %m"); } - return clean_posix_shm_internal(dir, uid); + return clean_posix_shm_internal(dir, uid, gid, rm); } -static int clean_posix_mq(uid_t uid) { +static int clean_posix_mq(uid_t uid, gid_t gid, bool rm) { _cleanup_closedir_ DIR *dir = NULL; struct dirent *de; int ret = 0; @@ -295,11 +340,11 @@ static int clean_posix_mq(uid_t uid) { return log_warning_errno(errno, "Failed to open /dev/mqueue: %m"); } - FOREACH_DIRENT(de, dir, goto fail) { + FOREACH_DIRENT_ALL(de, dir, goto fail) { struct stat st; char fn[1+strlen(de->d_name)+1]; - if (STR_IN_SET(de->d_name, "..", ".")) + if (dot_or_dot_dot(de->d_name)) continue; if (fstatat(dirfd(dir), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) { @@ -312,9 +357,12 @@ static int clean_posix_mq(uid_t uid) { continue; } - if (st.st_uid != uid) + if (!match_uid_gid(st.st_uid, st.st_gid, uid, gid)) continue; + if (!rm) + return 1; + fn[0] = '/'; strcpy(fn+1, de->d_name); @@ -325,6 +373,10 @@ static int clean_posix_mq(uid_t uid) { ret = log_warning_errno(errno, "Failed to unlink POSIX message queue %s: %m", fn); + } else { + log_debug("Removed POSIX message queue %s", fn); + if (ret == 0) + ret = 1; } } @@ -334,32 +386,83 @@ fail: return log_warning_errno(errno, "Failed to read /dev/mqueue: %m"); } -int clean_ipc(uid_t uid) { +int clean_ipc_internal(uid_t uid, gid_t gid, bool rm) { int ret = 0, r; - /* Refuse to clean IPC of the root and system users */ - if (uid <= SYSTEM_UID_MAX) + /* If 'rm' is true, clean all IPC objects owned by either the specified UID or the specified GID. Return the + * last error encountered or == 0 if no matching IPC objects have been found or > 0 if matching IPC objects + * have been found and have been removed. + * + * If 'rm' is false, just search for IPC objects owned by either the specified UID or the specified GID. In + * this case we return < 0 on error, > 0 if we found a matching object, == 0 if we didn't. + * + * As special rule: if UID/GID is specified as root we'll silently not clean up things, and always claim that + * there are IPC objects for it. */ + + if (uid == 0) { + if (!rm) + return 1; + + uid = UID_INVALID; + } + if (gid == 0) { + if (!rm) + return 1; + + gid = GID_INVALID; + } + + /* Anything to do? */ + if (!uid_is_valid(uid) && !gid_is_valid(gid)) return 0; - r = clean_sysvipc_shm(uid); - if (r < 0) - ret = r; + r = clean_sysvipc_shm(uid, gid, rm); + if (r != 0) { + if (!rm) + return r; + if (ret == 0) + ret = r; + } - r = clean_sysvipc_sem(uid); - if (r < 0) - ret = r; + r = clean_sysvipc_sem(uid, gid, rm); + if (r != 0) { + if (!rm) + return r; + if (ret == 0) + ret = r; + } - r = clean_sysvipc_msg(uid); - if (r < 0) - ret = r; + r = clean_sysvipc_msg(uid, gid, rm); + if (r != 0) { + if (!rm) + return r; + if (ret == 0) + ret = r; + } - r = clean_posix_shm(uid); - if (r < 0) - ret = r; + r = clean_posix_shm(uid, gid, rm); + if (r != 0) { + if (!rm) + return r; + if (ret == 0) + ret = r; + } - r = clean_posix_mq(uid); - if (r < 0) - ret = r; + r = clean_posix_mq(uid, gid, rm); + if (r != 0) { + if (!rm) + return r; + if (ret == 0) + ret = r; + } return ret; } + +int clean_ipc_by_uid(uid_t uid) { + return clean_ipc_internal(uid, GID_INVALID, true); +} + +int clean_ipc_by_gid(gid_t gid) { + return clean_ipc_internal(UID_INVALID, gid, true); +}