[thirdparty/systemd.git] / src / shared / clean-ipc.c

/* SPDX-License-Identifier: LGPL-2.1+ */
/***
  This file is part of systemd.

  Copyright 2014 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
#include <limits.h>
#include <mqueue.h>
#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <sys/ipc.h>
#include <sys/msg.h>
#include <sys/sem.h>
#include <sys/shm.h>
#include <sys/stat.h>
#include <unistd.h>

#include "clean-ipc.h"
#include "dirent-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "format-util.h"
#include "log.h"
#include "macro.h"
#include "string-util.h"
#include "strv.h"
#include "user-util.h"

static bool match_uid_gid(uid_t subject_uid, gid_t subject_gid, uid_t delete_uid, gid_t delete_gid) {

        if (uid_is_valid(delete_uid) && subject_uid == delete_uid)
                return true;

        if (gid_is_valid(delete_gid) && subject_gid == delete_gid)
                return true;

        return false;
}

static int clean_sysvipc_shm(uid_t delete_uid, gid_t delete_gid, bool rm) {
        _cleanup_fclose_ FILE *f = NULL;
        char line[LINE_MAX];
        bool first = true;
        int ret = 0;

        f = fopen("/proc/sysvipc/shm", "re");
        if (!f) {
                if (errno == ENOENT)
                        return 0;

                return log_warning_errno(errno, "Failed to open /proc/sysvipc/shm: %m");
        }

        FOREACH_LINE(line, f, goto fail) {
                unsigned n_attached;
                pid_t cpid, lpid;
                uid_t uid, cuid;
                gid_t gid, cgid;
                int shmid;

                if (first) {
                        first = false;
                        continue;
                }

                truncate_nl(line);

                if (sscanf(line, "%*i %i %*o %*u " PID_FMT " " PID_FMT " %u " UID_FMT " " GID_FMT " " UID_FMT " " GID_FMT,
                           &shmid, &cpid, &lpid, &n_attached, &uid, &gid, &cuid, &cgid) != 8)
                        continue;

                if (n_attached > 0)
                        continue;

                if (!match_uid_gid(uid, gid, delete_uid, delete_gid))
                        continue;

                if (!rm)
                        return 1;

                if (shmctl(shmid, IPC_RMID, NULL) < 0) {

                        /* Ignore entries that are already deleted */
                        if (IN_SET(errno, EIDRM, EINVAL))
                                continue;

                        ret = log_warning_errno(errno,
                                                "Failed to remove SysV shared memory segment %i: %m",
                                                shmid);
                } else {
                        log_debug("Removed SysV shared memory segment %i.", shmid);
                        if (ret == 0)
                                ret = 1;
                }
        }

        return ret;

fail:
        return log_warning_errno(errno, "Failed to read /proc/sysvipc/shm: %m");
}

static int clean_sysvipc_sem(uid_t delete_uid, gid_t delete_gid, bool rm) {
        _cleanup_fclose_ FILE *f = NULL;
        char line[LINE_MAX];
        bool first = true;
        int ret = 0;

        f = fopen("/proc/sysvipc/sem", "re");
        if (!f) {
                if (errno == ENOENT)
                        return 0;

                return log_warning_errno(errno, "Failed to open /proc/sysvipc/sem: %m");
        }

        FOREACH_LINE(line, f, goto fail) {
                uid_t uid, cuid;
                gid_t gid, cgid;
                int semid;

                if (first) {
                        first = false;
                        continue;
                }

                truncate_nl(line);

                if (sscanf(line, "%*i %i %*o %*u " UID_FMT " " GID_FMT " " UID_FMT " " GID_FMT,
                           &semid, &uid, &gid, &cuid, &cgid) != 5)
                        continue;

                if (!match_uid_gid(uid, gid, delete_uid, delete_gid))
                        continue;

                if (!rm)
                        return 1;

                if (semctl(semid, 0, IPC_RMID) < 0) {

                        /* Ignore entries that are already deleted */
                        if (IN_SET(errno, EIDRM, EINVAL))
                                continue;

                        ret = log_warning_errno(errno,
                                                "Failed to remove SysV semaphores object %i: %m",
                                                semid);
                } else {
                        log_debug("Removed SysV semaphore %i.", semid);
                        if (ret == 0)
                                ret = 1;
                }
        }

        return ret;

fail:
        return log_warning_errno(errno, "Failed to read /proc/sysvipc/sem: %m");
}

static int clean_sysvipc_msg(uid_t delete_uid, gid_t delete_gid, bool rm) {
        _cleanup_fclose_ FILE *f = NULL;
        char line[LINE_MAX];
        bool first = true;
        int ret = 0;

        f = fopen("/proc/sysvipc/msg", "re");
        if (!f) {
                if (errno == ENOENT)
                        return 0;

                return log_warning_errno(errno, "Failed to open /proc/sysvipc/msg: %m");
        }

        FOREACH_LINE(line, f, goto fail) {
                uid_t uid, cuid;
                gid_t gid, cgid;
                pid_t cpid, lpid;
                int msgid;

                if (first) {
                        first = false;
                        continue;
                }

                truncate_nl(line);

                if (sscanf(line, "%*i %i %*o %*u %*u " PID_FMT " " PID_FMT " " UID_FMT " " GID_FMT " " UID_FMT " " GID_FMT,
                           &msgid, &cpid, &lpid, &uid, &gid, &cuid, &cgid) != 7)
                        continue;

                if (!match_uid_gid(uid, gid, delete_uid, delete_gid))
                        continue;

                if (!rm)
                        return 1;

                if (msgctl(msgid, IPC_RMID, NULL) < 0) {

                        /* Ignore entries that are already deleted */
                        if (IN_SET(errno, EIDRM, EINVAL))
                                continue;

                        ret = log_warning_errno(errno,
                                                "Failed to remove SysV message queue %i: %m",
                                                msgid);
                } else {
                        log_debug("Removed SysV message queue %i.", msgid);
                        if (ret == 0)
                                ret = 1;
                }
        }

        return ret;

fail:
        return log_warning_errno(errno, "Failed to read /proc/sysvipc/msg: %m");
}

static int clean_posix_shm_internal(DIR *dir, uid_t uid, gid_t gid, bool rm) {
        struct dirent *de;
        int ret = 0, r;

        assert(dir);

        FOREACH_DIRENT_ALL(de, dir, goto fail) {
                struct stat st;

                if (dot_or_dot_dot(de->d_name))
                        continue;

                if (fstatat(dirfd(dir), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
                        if (errno == ENOENT)
                                continue;

                        ret = log_warning_errno(errno, "Failed to stat() POSIX shared memory segment %s: %m", de->d_name);
                        continue;
                }

                if (S_ISDIR(st.st_mode)) {
                        _cleanup_closedir_ DIR *kid;

                        kid = xopendirat(dirfd(dir), de->d_name, O_NOFOLLOW|O_NOATIME);
                        if (!kid) {
                                if (errno != ENOENT)
                                        ret = log_warning_errno(errno, "Failed to enter shared memory directory %s: %m", de->d_name);
                        } else {
                                r = clean_posix_shm_internal(kid, uid, gid, rm);
                                if (r < 0)
                                        ret = r;
                        }

                        if (!match_uid_gid(st.st_uid, st.st_gid, uid, gid))
                                continue;

                        if (!rm)
                                return 1;

                        if (unlinkat(dirfd(dir), de->d_name, AT_REMOVEDIR) < 0) {

                                if (errno == ENOENT)
                                        continue;

                                ret = log_warning_errno(errno, "Failed to remove POSIX shared memory directory %s: %m", de->d_name);
                        } else {
                                log_debug("Removed POSIX shared memory directory %s", de->d_name);
                                if (ret == 0)
                                        ret = 1;
                        }
                } else {

                        if (!match_uid_gid(st.st_uid, st.st_gid, uid, gid))
                                continue;

                        if (!rm)
                                return 1;

                        if (unlinkat(dirfd(dir), de->d_name, 0) < 0) {

                                if (errno == ENOENT)
                                        continue;

                                ret = log_warning_errno(errno, "Failed to remove POSIX shared memory segment %s: %m", de->d_name);
                        } else {
                                log_debug("Removed POSIX shared memory segment %s", de->d_name);
                                if (ret == 0)
                                        ret = 1;
                        }
                }
        }

        return ret;

fail:
        return log_warning_errno(errno, "Failed to read /dev/shm: %m");
}

static int clean_posix_shm(uid_t uid, gid_t gid, bool rm) {
        _cleanup_closedir_ DIR *dir = NULL;

        dir = opendir("/dev/shm");
        if (!dir) {
                if (errno == ENOENT)
                        return 0;

                return log_warning_errno(errno, "Failed to open /dev/shm: %m");
        }

        return clean_posix_shm_internal(dir, uid, gid, rm);
}

static int clean_posix_mq(uid_t uid, gid_t gid, bool rm) {
        _cleanup_closedir_ DIR *dir = NULL;
        struct dirent *de;
        int ret = 0;

        dir = opendir("/dev/mqueue");
        if (!dir) {
                if (errno == ENOENT)
                        return 0;

                return log_warning_errno(errno, "Failed to open /dev/mqueue: %m");
        }

        FOREACH_DIRENT_ALL(de, dir, goto fail) {
                struct stat st;
                char fn[1+strlen(de->d_name)+1];

                if (dot_or_dot_dot(de->d_name))
                        continue;

                if (fstatat(dirfd(dir), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
                        if (errno == ENOENT)
                                continue;

                        ret = log_warning_errno(errno,
                                                "Failed to stat() MQ segment %s: %m",
                                                de->d_name);
                        continue;
                }

                if (!match_uid_gid(st.st_uid, st.st_gid, uid, gid))
                        continue;

                if (!rm)
                        return 1;

                fn[0] = '/';
                strcpy(fn+1, de->d_name);

                if (mq_unlink(fn) < 0) {
                        if (errno == ENOENT)
                                continue;

                        ret = log_warning_errno(errno,
                                                "Failed to unlink POSIX message queue %s: %m",
                                                fn);
                } else {
                        log_debug("Removed POSIX message queue %s", fn);
                        if (ret == 0)
                                ret = 1;
                }
        }

        return ret;

fail:
        return log_warning_errno(errno, "Failed to read /dev/mqueue: %m");
}

int clean_ipc_internal(uid_t uid, gid_t gid, bool rm) {
        int ret = 0, r;

        /* If 'rm' is true, clean all IPC objects owned by either the specified UID or the specified GID. Return the
         * last error encountered or == 0 if no matching IPC objects have been found or > 0 if matching IPC objects
         * have been found and have been removed.
         *
         * If 'rm' is false, just search for IPC objects owned by either the specified UID or the specified GID. In
         * this case we return < 0 on error, > 0 if we found a matching object, == 0 if we didn't.
         *
         * As special rule: if UID/GID is specified as root we'll silently not clean up things, and always claim that
         * there are IPC objects for it. */

        if (uid == 0) {
                if (!rm)
                        return 1;

                uid = UID_INVALID;
        }
        if (gid == 0) {
                if (!rm)
                        return 1;

                gid = GID_INVALID;
        }

        /* Anything to do? */
        if (!uid_is_valid(uid) && !gid_is_valid(gid))
                return 0;

        r = clean_sysvipc_shm(uid, gid, rm);
        if (r != 0) {
                if (!rm)
                        return r;
                if (ret == 0)
                        ret = r;
        }

        r = clean_sysvipc_sem(uid, gid, rm);
        if (r != 0) {
                if (!rm)
                        return r;
                if (ret == 0)
                        ret = r;
        }

        r = clean_sysvipc_msg(uid, gid, rm);
        if (r != 0) {
                if (!rm)
                        return r;
                if (ret == 0)
                        ret = r;
        }

        r = clean_posix_shm(uid, gid, rm);
        if (r != 0) {
                if (!rm)
                        return r;
                if (ret == 0)
                        ret = r;
        }

        r = clean_posix_mq(uid, gid, rm);
        if (r != 0) {
                if (!rm)
                        return r;
                if (ret == 0)
                        ret = r;
        }

        return ret;
}

int clean_ipc_by_uid(uid_t uid) {
        return clean_ipc_internal(uid, GID_INVALID, true);
}

int clean_ipc_by_gid(gid_t gid) {
        return clean_ipc_internal(UID_INVALID, gid, true);
}
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
66cdd0f2 LP	2	/***
	3	This file is part of systemd.
	4
	5	Copyright 2014 Lennart Poettering
	6
	7	systemd is free software; you can redistribute it and/or modify it
	8	under the terms of the GNU Lesser General Public License as published by
	9	the Free Software Foundation; either version 2.1 of the License, or
	10	(at your option) any later version.
	11
	12	systemd is distributed in the hope that it will be useful, but
	13	WITHOUT ANY WARRANTY; without even the implied warranty of
	14	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	15	Lesser General Public License for more details.
	16
	17	You should have received a copy of the GNU Lesser General Public License
	18	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	19	***/
	20
07630cea	21	#include <dirent.h>
a8fbdf54	22	#include <errno.h>
07630cea	23	#include <fcntl.h>
a8fbdf54	24	#include <limits.h>
07630cea	25	#include <mqueue.h>
a8fbdf54 TA	26	#include <stdbool.h>
	27	#include <stdio.h>
	28	#include <string.h>
66cdd0f2	29	#include <sys/ipc.h>
66cdd0f2	30	#include <sys/msg.h>
07630cea LP	31	#include <sys/sem.h>
07630cea LP	32	#include <sys/shm.h>
66cdd0f2	33	#include <sys/stat.h>
a8fbdf54	34	#include <unistd.h>
66cdd0f2	35
3ffd4af2	36	#include "clean-ipc.h"
cf0fbc49	37	#include "dirent-util.h"
3ffd4af2	38	#include "fd-util.h"
0d39fa9c	39	#include "fileio.h"
f97b34a6	40	#include "format-util.h"
a8fbdf54 TA	41	#include "log.h"
a8fbdf54 TA	42	#include "macro.h"
07630cea	43	#include "string-util.h"
66cdd0f2	44	#include "strv.h"
00d9ef85	45	#include "user-util.h"
66cdd0f2	46
00d9ef85 LP	47	static bool match_uid_gid(uid_t subject_uid, gid_t subject_gid, uid_t delete_uid, gid_t delete_gid) {
	48
	49	if (uid_is_valid(delete_uid) && subject_uid == delete_uid)
	50	return true;
	51
	52	if (gid_is_valid(delete_gid) && subject_gid == delete_gid)
	53	return true;
	54
	55	return false;
	56	}
	57
98e4fcec	58	static int clean_sysvipc_shm(uid_t delete_uid, gid_t delete_gid, bool rm) {
66cdd0f2 LP	59	_cleanup_fclose_ FILE *f = NULL;
	60	char line[LINE_MAX];
	61	bool first = true;
	62	int ret = 0;
	63
	64	f = fopen("/proc/sysvipc/shm", "re");
	65	if (!f) {
	66	if (errno == ENOENT)
	67	return 0;
	68
e1427b13	69	return log_warning_errno(errno, "Failed to open /proc/sysvipc/shm: %m");
66cdd0f2 LP	70	}
	71
	72	FOREACH_LINE(line, f, goto fail) {
	73	unsigned n_attached;
	74	pid_t cpid, lpid;
	75	uid_t uid, cuid;
	76	gid_t gid, cgid;
	77	int shmid;
	78
	79	if (first) {
	80	first = false;
	81	continue;
	82	}
	83
	84	truncate_nl(line);
	85
	86	if (sscanf(line, "%i %i %o %*u " PID_FMT " " PID_FMT " %u " UID_FMT " " GID_FMT " " UID_FMT " " GID_FMT,
	87	&shmid, &cpid, &lpid, &n_attached, &uid, &gid, &cuid, &cgid) != 8)
	88	continue;
	89
	90	if (n_attached > 0)
	91	continue;
	92
00d9ef85	93	if (!match_uid_gid(uid, gid, delete_uid, delete_gid))
66cdd0f2 LP	94	continue;
66cdd0f2 LP	95
98e4fcec LP	96	if (!rm)
	97	return 1;
	98
66cdd0f2 LP	99	if (shmctl(shmid, IPC_RMID, NULL) < 0) {
	100
	101	/* Ignore entries that are already deleted */
3742095b	102	if (IN_SET(errno, EIDRM, EINVAL))
66cdd0f2 LP	103	continue;
66cdd0f2 LP	104
94c156cd LP	105	ret = log_warning_errno(errno,
	106	"Failed to remove SysV shared memory segment %i: %m",
	107	shmid);
98e4fcec	108	} else {
8a384842	109	log_debug("Removed SysV shared memory segment %i.", shmid);
98e4fcec LP	110	if (ret == 0)
	111	ret = 1;
	112	}
66cdd0f2 LP	113	}
	114
	115	return ret;
	116
	117	fail:
e1427b13	118	return log_warning_errno(errno, "Failed to read /proc/sysvipc/shm: %m");
66cdd0f2 LP	119	}
66cdd0f2 LP	120
98e4fcec	121	static int clean_sysvipc_sem(uid_t delete_uid, gid_t delete_gid, bool rm) {
66cdd0f2 LP	122	_cleanup_fclose_ FILE *f = NULL;
	123	char line[LINE_MAX];
	124	bool first = true;
	125	int ret = 0;
	126
	127	f = fopen("/proc/sysvipc/sem", "re");
	128	if (!f) {
	129	if (errno == ENOENT)
	130	return 0;
	131
e1427b13	132	return log_warning_errno(errno, "Failed to open /proc/sysvipc/sem: %m");
66cdd0f2 LP	133	}
	134
	135	FOREACH_LINE(line, f, goto fail) {
	136	uid_t uid, cuid;
	137	gid_t gid, cgid;
	138	int semid;
	139
	140	if (first) {
	141	first = false;
	142	continue;
	143	}
	144
	145	truncate_nl(line);
	146
	147	if (sscanf(line, "%i %i %o %*u " UID_FMT " " GID_FMT " " UID_FMT " " GID_FMT,
	148	&semid, &uid, &gid, &cuid, &cgid) != 5)
	149	continue;
	150
00d9ef85	151	if (!match_uid_gid(uid, gid, delete_uid, delete_gid))
66cdd0f2 LP	152	continue;
66cdd0f2 LP	153
98e4fcec LP	154	if (!rm)
	155	return 1;
	156
66cdd0f2 LP	157	if (semctl(semid, 0, IPC_RMID) < 0) {
	158
	159	/* Ignore entries that are already deleted */
3742095b	160	if (IN_SET(errno, EIDRM, EINVAL))
66cdd0f2 LP	161	continue;
66cdd0f2 LP	162
94c156cd LP	163	ret = log_warning_errno(errno,
	164	"Failed to remove SysV semaphores object %i: %m",
	165	semid);
98e4fcec	166	} else {
8a384842	167	log_debug("Removed SysV semaphore %i.", semid);
98e4fcec LP	168	if (ret == 0)
	169	ret = 1;
	170	}
66cdd0f2 LP	171	}
	172
	173	return ret;
	174
	175	fail:
e1427b13	176	return log_warning_errno(errno, "Failed to read /proc/sysvipc/sem: %m");
66cdd0f2 LP	177	}
66cdd0f2 LP	178
98e4fcec	179	static int clean_sysvipc_msg(uid_t delete_uid, gid_t delete_gid, bool rm) {
66cdd0f2 LP	180	_cleanup_fclose_ FILE *f = NULL;
	181	char line[LINE_MAX];
	182	bool first = true;
	183	int ret = 0;
	184
	185	f = fopen("/proc/sysvipc/msg", "re");
	186	if (!f) {
	187	if (errno == ENOENT)
	188	return 0;
	189
e1427b13	190	return log_warning_errno(errno, "Failed to open /proc/sysvipc/msg: %m");
66cdd0f2 LP	191	}
	192
	193	FOREACH_LINE(line, f, goto fail) {
	194	uid_t uid, cuid;
	195	gid_t gid, cgid;
	196	pid_t cpid, lpid;
	197	int msgid;
	198
	199	if (first) {
	200	first = false;
	201	continue;
	202	}
	203
	204	truncate_nl(line);
	205
	206	if (sscanf(line, "%i %i %o %u %u " PID_FMT " " PID_FMT " " UID_FMT " " GID_FMT " " UID_FMT " " GID_FMT,
	207	&msgid, &cpid, &lpid, &uid, &gid, &cuid, &cgid) != 7)
	208	continue;
	209
00d9ef85	210	if (!match_uid_gid(uid, gid, delete_uid, delete_gid))
66cdd0f2 LP	211	continue;
66cdd0f2 LP	212
98e4fcec LP	213	if (!rm)
	214	return 1;
	215
66cdd0f2 LP	216	if (msgctl(msgid, IPC_RMID, NULL) < 0) {
	217
	218	/* Ignore entries that are already deleted */
3742095b	219	if (IN_SET(errno, EIDRM, EINVAL))
66cdd0f2 LP	220	continue;
66cdd0f2 LP	221
94c156cd LP	222	ret = log_warning_errno(errno,
	223	"Failed to remove SysV message queue %i: %m",
	224	msgid);
98e4fcec	225	} else {
8a384842	226	log_debug("Removed SysV message queue %i.", msgid);
98e4fcec LP	227	if (ret == 0)
	228	ret = 1;
	229	}
66cdd0f2 LP	230	}
	231
	232	return ret;
	233
	234	fail:
e1427b13	235	return log_warning_errno(errno, "Failed to read /proc/sysvipc/msg: %m");
66cdd0f2 LP	236	}
66cdd0f2 LP	237
98e4fcec	238	static int clean_posix_shm_internal(DIR *dir, uid_t uid, gid_t gid, bool rm) {
66cdd0f2 LP	239	struct dirent *de;
	240	int ret = 0, r;
	241
	242	assert(dir);
	243
91f2048c	244	FOREACH_DIRENT_ALL(de, dir, goto fail) {
66cdd0f2 LP	245	struct stat st;
66cdd0f2 LP	246
49bfc877	247	if (dot_or_dot_dot(de->d_name))
66cdd0f2 LP	248	continue;
	249
	250	if (fstatat(dirfd(dir), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
	251	if (errno == ENOENT)
	252	continue;
	253
3db99289	254	ret = log_warning_errno(errno, "Failed to stat() POSIX shared memory segment %s: %m", de->d_name);
66cdd0f2 LP	255	continue;
	256	}
	257
66cdd0f2 LP	258	if (S_ISDIR(st.st_mode)) {
	259	_cleanup_closedir_ DIR *kid;
	260
	261	kid = xopendirat(dirfd(dir), de->d_name, O_NOFOLLOW\|O_NOATIME);
	262	if (!kid) {
3db99289 LP	263	if (errno != ENOENT)
3db99289 LP	264	ret = log_warning_errno(errno, "Failed to enter shared memory directory %s: %m", de->d_name);
66cdd0f2	265	} else {
98e4fcec	266	r = clean_posix_shm_internal(kid, uid, gid, rm);
66cdd0f2 LP	267	if (r < 0)
	268	ret = r;
	269	}
	270
98e4fcec LP	271	if (!match_uid_gid(st.st_uid, st.st_gid, uid, gid))
	272	continue;
	273
	274	if (!rm)
	275	return 1;
	276
66cdd0f2 LP	277	if (unlinkat(dirfd(dir), de->d_name, AT_REMOVEDIR) < 0) {
	278
	279	if (errno == ENOENT)
	280	continue;
	281
3db99289	282	ret = log_warning_errno(errno, "Failed to remove POSIX shared memory directory %s: %m", de->d_name);
98e4fcec	283	} else {
8a384842	284	log_debug("Removed POSIX shared memory directory %s", de->d_name);
98e4fcec LP	285	if (ret == 0)
	286	ret = 1;
	287	}
66cdd0f2 LP	288	} else {
66cdd0f2 LP	289
98e4fcec LP	290	if (!match_uid_gid(st.st_uid, st.st_gid, uid, gid))
	291	continue;
	292
	293	if (!rm)
	294	return 1;
	295
66cdd0f2 LP	296	if (unlinkat(dirfd(dir), de->d_name, 0) < 0) {
	297
	298	if (errno == ENOENT)
	299	continue;
	300
3db99289	301	ret = log_warning_errno(errno, "Failed to remove POSIX shared memory segment %s: %m", de->d_name);
98e4fcec	302	} else {
8a384842	303	log_debug("Removed POSIX shared memory segment %s", de->d_name);
98e4fcec LP	304	if (ret == 0)
	305	ret = 1;
	306	}
66cdd0f2 LP	307	}
	308	}
	309
	310	return ret;
	311
	312	fail:
3db99289	313	return log_warning_errno(errno, "Failed to read /dev/shm: %m");
66cdd0f2 LP	314	}
66cdd0f2 LP	315
98e4fcec	316	static int clean_posix_shm(uid_t uid, gid_t gid, bool rm) {
66cdd0f2 LP	317	_cleanup_closedir_ DIR *dir = NULL;
	318
	319	dir = opendir("/dev/shm");
	320	if (!dir) {
	321	if (errno == ENOENT)
	322	return 0;
	323
e1427b13	324	return log_warning_errno(errno, "Failed to open /dev/shm: %m");
66cdd0f2 LP	325	}
66cdd0f2 LP	326
98e4fcec	327	return clean_posix_shm_internal(dir, uid, gid, rm);
66cdd0f2 LP	328	}
66cdd0f2 LP	329
98e4fcec	330	static int clean_posix_mq(uid_t uid, gid_t gid, bool rm) {
66cdd0f2 LP	331	_cleanup_closedir_ DIR *dir = NULL;
	332	struct dirent *de;
	333	int ret = 0;
	334
	335	dir = opendir("/dev/mqueue");
	336	if (!dir) {
	337	if (errno == ENOENT)
	338	return 0;
	339
e1427b13	340	return log_warning_errno(errno, "Failed to open /dev/mqueue: %m");
66cdd0f2 LP	341	}
66cdd0f2 LP	342
91f2048c	343	FOREACH_DIRENT_ALL(de, dir, goto fail) {
66cdd0f2 LP	344	struct stat st;
	345	char fn[1+strlen(de->d_name)+1];
	346
49bfc877	347	if (dot_or_dot_dot(de->d_name))
66cdd0f2 LP	348	continue;
	349
	350	if (fstatat(dirfd(dir), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
	351	if (errno == ENOENT)
	352	continue;
	353
94c156cd LP	354	ret = log_warning_errno(errno,
	355	"Failed to stat() MQ segment %s: %m",
	356	de->d_name);
66cdd0f2 LP	357	continue;
	358	}
	359
00d9ef85	360	if (!match_uid_gid(st.st_uid, st.st_gid, uid, gid))
66cdd0f2 LP	361	continue;
66cdd0f2 LP	362
98e4fcec LP	363	if (!rm)
	364	return 1;
	365
66cdd0f2 LP	366	fn[0] = '/';
	367	strcpy(fn+1, de->d_name);
	368
	369	if (mq_unlink(fn) < 0) {
	370	if (errno == ENOENT)
	371	continue;
	372
94c156cd LP	373	ret = log_warning_errno(errno,
	374	"Failed to unlink POSIX message queue %s: %m",
	375	fn);
98e4fcec	376	} else {
8a384842	377	log_debug("Removed POSIX message queue %s", fn);
98e4fcec LP	378	if (ret == 0)
	379	ret = 1;
	380	}
66cdd0f2 LP	381	}
	382
	383	return ret;
	384
	385	fail:
e1427b13	386	return log_warning_errno(errno, "Failed to read /dev/mqueue: %m");
66cdd0f2 LP	387	}
66cdd0f2 LP	388
98e4fcec	389	int clean_ipc_internal(uid_t uid, gid_t gid, bool rm) {
66cdd0f2 LP	390	int ret = 0, r;
66cdd0f2 LP	391
98e4fcec LP	392	/* If 'rm' is true, clean all IPC objects owned by either the specified UID or the specified GID. Return the
	393	* last error encountered or == 0 if no matching IPC objects have been found or > 0 if matching IPC objects
	394	* have been found and have been removed.
	395	*
	396	* If 'rm' is false, just search for IPC objects owned by either the specified UID or the specified GID. In
	397	* this case we return < 0 on error, > 0 if we found a matching object, == 0 if we didn't.
	398	*
	399	* As special rule: if UID/GID is specified as root we'll silently not clean up things, and always claim that
	400	* there are IPC objects for it. */
	401
	402	if (uid == 0) {
	403	if (!rm)
	404	return 1;
	405
	406	uid = UID_INVALID;
	407	}
	408	if (gid == 0) {
	409	if (!rm)
	410	return 1;
	411
	412	gid = GID_INVALID;
	413	}
	414
00d9ef85 LP	415	/* Anything to do? */
00d9ef85 LP	416	if (!uid_is_valid(uid) && !gid_is_valid(gid))
66cdd0f2 LP	417	return 0;
66cdd0f2 LP	418
98e4fcec LP	419	r = clean_sysvipc_shm(uid, gid, rm);
	420	if (r != 0) {
	421	if (!rm)
	422	return r;
	423	if (ret == 0)
	424	ret = r;
	425	}
66cdd0f2	426
98e4fcec LP	427	r = clean_sysvipc_sem(uid, gid, rm);
	428	if (r != 0) {
	429	if (!rm)
	430	return r;
	431	if (ret == 0)
	432	ret = r;
	433	}
66cdd0f2	434
98e4fcec LP	435	r = clean_sysvipc_msg(uid, gid, rm);
	436	if (r != 0) {
	437	if (!rm)
	438	return r;
	439	if (ret == 0)
	440	ret = r;
	441	}
66cdd0f2	442
98e4fcec LP	443	r = clean_posix_shm(uid, gid, rm);
	444	if (r != 0) {
	445	if (!rm)
	446	return r;
	447	if (ret == 0)
	448	ret = r;
	449	}
66cdd0f2	450
98e4fcec LP	451	r = clean_posix_mq(uid, gid, rm);
	452	if (r != 0) {
	453	if (!rm)
	454	return r;
	455	if (ret == 0)
	456	ret = r;
	457	}
66cdd0f2 LP	458
	459	return ret;
	460	}
00d9ef85 LP	461
00d9ef85 LP	462	int clean_ipc_by_uid(uid_t uid) {
98e4fcec	463	return clean_ipc_internal(uid, GID_INVALID, true);
00d9ef85 LP	464	}
	465
	466	int clean_ipc_by_gid(gid_t gid) {
98e4fcec	467	return clean_ipc_internal(UID_INVALID, gid, true);
00d9ef85	468	}