On Thu, Jan 25, 2024 at 08:22:12AM +0100, Anthony Harivel wrote:
> The function qio_channel_get_peercred() returns a pointer to the
> credentials of the peer process connected to this socket.
>
> This credentials structure is defined in <sys/socket.h> as follows:
>
> struct ucred {
> pid_t pid; /* Process ID of the sending process */
> uid_t uid; /* User ID of the sending process */
> gid_t gid; /* Group ID of the sending process */
> };
>
> The use of this function is possible only for connected AF_UNIX stream
> sockets and for AF_UNIX stream and datagram socket pairs.
>
> On platform other than Linux, the function return 0.
>
> Signed-off-by: Anthony Harivel <ahari...@redhat.com>
> ---
> include/io/channel.h | 21 +++++++++++++++++++++
> io/channel-socket.c | 23 +++++++++++++++++++++++
> io/channel.c | 12 ++++++++++++
> 3 files changed, 56 insertions(+)
>
> diff --git a/include/io/channel.h b/include/io/channel.h
> index 5f9dbaab65b0..0413435ce011 100644
> --- a/include/io/channel.h
> +++ b/include/io/channel.h
> @@ -149,6 +149,9 @@ struct QIOChannelClass {
> void *opaque);
> int (*io_flush)(QIOChannel *ioc,
> Error **errp);
> + void (*io_peerpid)(QIOChannel *ioc,
> + unsigned int *pid,
> + Error **errp);
Idented 1 space too many
> };
>
> /* General I/O handling functions */
> @@ -898,4 +901,22 @@ int coroutine_mixed_fn
> qio_channel_writev_full_all(QIOChannel *ioc,
> int qio_channel_flush(QIOChannel *ioc,
> Error **errp);
>
> +/**
> + * qio_channel_get_peercred:
> + * @ioc: the channel object
> + * @pid: pointer to pid
> + * @errp: pointer to a NULL-initialized error object
> + *
> + * Returns the pid of the peer process connected to this socket.
> + *
> + * The use of this function is possible only for connected
> + * AF_UNIX stream sockets and for AF_UNIX stream and datagram
> + * socket pairs on Linux.
> + * Return 0 for the non-Linux OS.
Update to say this returns an error for other platforms
> + *
> + */
> +void qio_channel_get_peerpid(QIOChannel *ioc,
> + unsigned int *pid,
> + Error **errp);
Idented 1 space too many
> +
> #endif /* QIO_CHANNEL_H */
> diff --git a/io/channel-socket.c b/io/channel-socket.c
> index 3a899b060858..e6a73592650c 100644
> --- a/io/channel-socket.c
> +++ b/io/channel-socket.c
> @@ -841,6 +841,28 @@ qio_channel_socket_set_cork(QIOChannel *ioc,
> socket_set_cork(sioc->fd, v);
> }
>
> +static void
> +qio_channel_socket_get_peerpid(QIOChannel *ioc,
> + unsigned int *pid,
> + Error **errp)
> +{
> +#ifdef CONFIG_LINUX
> + QIOChannelSocket *sioc = QIO_CHANNEL_SOCKET(ioc);
> + Error *err = NULL;
> + socklen_t len = sizeof(struct ucred);
> +
> + struct ucred cred;
> + if (getsockopt(sioc->fd,
> + SOL_SOCKET, SO_PEERCRED,
> + &cred, &len) == -1) {
> + error_setg_errno(&err, errno, "Unable to get peer credentials");
> + error_propagate(errp, err);
> + }
> + *pid = (unsigned int)cred.pid;
> +#else
> + *pid = 0;
Defaulting 'pid' to 0 is potentially unsafe, because to a caller it
now appears that the remote party is 'root' and thus implied to be
a privileged account.
We should 'error_setg' for any platform we don't have an impl on,
so the caller will see a fail for any usage.
> +#endif
> +}
>
> static int
> qio_channel_socket_close(QIOChannel *ioc,
> @@ -938,6 +960,7 @@ static void qio_channel_socket_class_init(ObjectClass
> *klass,
> #ifdef QEMU_MSG_ZEROCOPY
> ioc_klass->io_flush = qio_channel_socket_flush;
> #endif
> + ioc_klass->io_peerpid = qio_channel_socket_get_peerpid;
> }
>
> static const TypeInfo qio_channel_socket_info = {
> diff --git a/io/channel.c b/io/channel.c
> index 86c5834510ff..a5646650cf72 100644
> --- a/io/channel.c
> +++ b/io/channel.c
> @@ -490,6 +490,18 @@ void qio_channel_set_cork(QIOChannel *ioc,
> }
> }
>
> +void qio_channel_get_peerpid(QIOChannel *ioc,
> + unsigned int *pid,
> + Error **errp)
> +{
> + QIOChannelClass *klass = QIO_CHANNEL_GET_CLASS(ioc);
> +
> + if (!klass->io_peerpid) {
> + error_setg(errp, "Channel does not support peer pid");
> + return;
> + }
> + klass->io_peerpid(ioc, pid, errp);
> +}
>
> off_t qio_channel_io_seek(QIOChannel *ioc,
> off_t offset,
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
