You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

os-posix.c 8.9KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363
  1. /*
  2. * os-posix.c
  3. *
  4. * Copyright (c) 2003-2008 Fabrice Bellard
  5. * Copyright (c) 2010 Red Hat, Inc.
  6. *
  7. * Permission is hereby granted, free of charge, to any person obtaining a copy
  8. * of this software and associated documentation files (the "Software"), to deal
  9. * in the Software without restriction, including without limitation the rights
  10. * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  11. * copies of the Software, and to permit persons to whom the Software is
  12. * furnished to do so, subject to the following conditions:
  13. *
  14. * The above copyright notice and this permission notice shall be included in
  15. * all copies or substantial portions of the Software.
  16. *
  17. * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  19. * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
  20. * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  21. * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  22. * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  23. * THE SOFTWARE.
  24. */
  25. #include "qemu/osdep.h"
  26. #include <sys/wait.h>
  27. #include <pwd.h>
  28. #include <grp.h>
  29. #include <libgen.h>
  30. #include "qemu-common.h"
  31. /* Needed early for CONFIG_BSD etc. */
  32. #include "sysemu/sysemu.h"
  33. #include "net/slirp.h"
  34. #include "qemu-options.h"
  35. #include "qemu/error-report.h"
  36. #include "qemu/log.h"
  37. #include "qemu/cutils.h"
  38. #ifdef CONFIG_LINUX
  39. #include <sys/prctl.h>
  40. #endif
  41. /*
  42. * Must set all three of these at once.
  43. * Legal combinations are unset by name by uid
  44. */
  45. static struct passwd *user_pwd; /* NULL non-NULL NULL */
  46. static uid_t user_uid = (uid_t)-1; /* -1 -1 >=0 */
  47. static gid_t user_gid = (gid_t)-1; /* -1 -1 >=0 */
  48. static const char *chroot_dir;
  49. static int daemonize;
  50. static int daemon_pipe;
  51. void os_setup_early_signal_handling(void)
  52. {
  53. struct sigaction act;
  54. sigfillset(&act.sa_mask);
  55. act.sa_flags = 0;
  56. act.sa_handler = SIG_IGN;
  57. sigaction(SIGPIPE, &act, NULL);
  58. }
  59. static void termsig_handler(int signal, siginfo_t *info, void *c)
  60. {
  61. qemu_system_killed(info->si_signo, info->si_pid);
  62. }
  63. void os_setup_signal_handling(void)
  64. {
  65. struct sigaction act;
  66. memset(&act, 0, sizeof(act));
  67. act.sa_sigaction = termsig_handler;
  68. act.sa_flags = SA_SIGINFO;
  69. sigaction(SIGINT, &act, NULL);
  70. sigaction(SIGHUP, &act, NULL);
  71. sigaction(SIGTERM, &act, NULL);
  72. }
  73. /* Find a likely location for support files using the location of the binary.
  74. For installed binaries this will be "$bindir/../share/qemu". When
  75. running from the build tree this will be "$bindir/../pc-bios". */
  76. #define SHARE_SUFFIX "/share/qemu"
  77. #define BUILD_SUFFIX "/pc-bios"
  78. char *os_find_datadir(void)
  79. {
  80. char *dir, *exec_dir;
  81. char *res;
  82. size_t max_len;
  83. exec_dir = qemu_get_exec_dir();
  84. if (exec_dir == NULL) {
  85. return NULL;
  86. }
  87. dir = g_path_get_dirname(exec_dir);
  88. max_len = strlen(dir) +
  89. MAX(strlen(SHARE_SUFFIX), strlen(BUILD_SUFFIX)) + 1;
  90. res = g_malloc0(max_len);
  91. snprintf(res, max_len, "%s%s", dir, SHARE_SUFFIX);
  92. if (access(res, R_OK)) {
  93. snprintf(res, max_len, "%s%s", dir, BUILD_SUFFIX);
  94. if (access(res, R_OK)) {
  95. g_free(res);
  96. res = NULL;
  97. }
  98. }
  99. g_free(dir);
  100. g_free(exec_dir);
  101. return res;
  102. }
  103. #undef SHARE_SUFFIX
  104. #undef BUILD_SUFFIX
  105. void os_set_proc_name(const char *s)
  106. {
  107. #if defined(PR_SET_NAME)
  108. char name[16];
  109. if (!s)
  110. return;
  111. pstrcpy(name, sizeof(name), s);
  112. /* Could rewrite argv[0] too, but that's a bit more complicated.
  113. This simple way is enough for `top'. */
  114. if (prctl(PR_SET_NAME, name)) {
  115. error_report("unable to change process name: %s", strerror(errno));
  116. exit(1);
  117. }
  118. #else
  119. error_report("Change of process name not supported by your OS");
  120. exit(1);
  121. #endif
  122. }
  123. static bool os_parse_runas_uid_gid(const char *optarg)
  124. {
  125. unsigned long lv;
  126. const char *ep;
  127. uid_t got_uid;
  128. gid_t got_gid;
  129. int rc;
  130. rc = qemu_strtoul(optarg, &ep, 0, &lv);
  131. got_uid = lv; /* overflow here is ID in C99 */
  132. if (rc || *ep != ':' || got_uid != lv || got_uid == (uid_t)-1) {
  133. return false;
  134. }
  135. rc = qemu_strtoul(ep + 1, 0, 0, &lv);
  136. got_gid = lv; /* overflow here is ID in C99 */
  137. if (rc || got_gid != lv || got_gid == (gid_t)-1) {
  138. return false;
  139. }
  140. user_pwd = NULL;
  141. user_uid = got_uid;
  142. user_gid = got_gid;
  143. return true;
  144. }
  145. /*
  146. * Parse OS specific command line options.
  147. * return 0 if option handled, -1 otherwise
  148. */
  149. int os_parse_cmd_args(int index, const char *optarg)
  150. {
  151. switch (index) {
  152. case QEMU_OPTION_runas:
  153. user_pwd = getpwnam(optarg);
  154. if (user_pwd) {
  155. user_uid = -1;
  156. user_gid = -1;
  157. } else if (!os_parse_runas_uid_gid(optarg)) {
  158. error_report("User \"%s\" doesn't exist"
  159. " (and is not <uid>:<gid>)",
  160. optarg);
  161. exit(1);
  162. }
  163. break;
  164. case QEMU_OPTION_chroot:
  165. chroot_dir = optarg;
  166. break;
  167. case QEMU_OPTION_daemonize:
  168. daemonize = 1;
  169. break;
  170. #if defined(CONFIG_LINUX)
  171. case QEMU_OPTION_enablefips:
  172. fips_set_state(true);
  173. break;
  174. #endif
  175. default:
  176. return -1;
  177. }
  178. return 0;
  179. }
  180. static void change_process_uid(void)
  181. {
  182. assert((user_uid == (uid_t)-1) || user_pwd == NULL);
  183. assert((user_uid == (uid_t)-1) ==
  184. (user_gid == (gid_t)-1));
  185. if (user_pwd || user_uid != (uid_t)-1) {
  186. gid_t intended_gid = user_pwd ? user_pwd->pw_gid : user_gid;
  187. uid_t intended_uid = user_pwd ? user_pwd->pw_uid : user_uid;
  188. if (setgid(intended_gid) < 0) {
  189. error_report("Failed to setgid(%d)", intended_gid);
  190. exit(1);
  191. }
  192. if (user_pwd) {
  193. if (initgroups(user_pwd->pw_name, user_pwd->pw_gid) < 0) {
  194. error_report("Failed to initgroups(\"%s\", %d)",
  195. user_pwd->pw_name, user_pwd->pw_gid);
  196. exit(1);
  197. }
  198. } else {
  199. if (setgroups(1, &user_gid) < 0) {
  200. error_report("Failed to setgroups(1, [%d])",
  201. user_gid);
  202. exit(1);
  203. }
  204. }
  205. if (setuid(intended_uid) < 0) {
  206. error_report("Failed to setuid(%d)", intended_uid);
  207. exit(1);
  208. }
  209. if (setuid(0) != -1) {
  210. error_report("Dropping privileges failed");
  211. exit(1);
  212. }
  213. }
  214. }
  215. static void change_root(void)
  216. {
  217. if (chroot_dir) {
  218. if (chroot(chroot_dir) < 0) {
  219. error_report("chroot failed");
  220. exit(1);
  221. }
  222. if (chdir("/")) {
  223. error_report("not able to chdir to /: %s", strerror(errno));
  224. exit(1);
  225. }
  226. }
  227. }
  228. void os_daemonize(void)
  229. {
  230. if (daemonize) {
  231. pid_t pid;
  232. int fds[2];
  233. if (pipe(fds) == -1) {
  234. exit(1);
  235. }
  236. pid = fork();
  237. if (pid > 0) {
  238. uint8_t status;
  239. ssize_t len;
  240. close(fds[1]);
  241. do {
  242. len = read(fds[0], &status, 1);
  243. } while (len < 0 && errno == EINTR);
  244. /* only exit successfully if our child actually wrote
  245. * a one-byte zero to our pipe, upon successful init */
  246. exit(len == 1 && status == 0 ? 0 : 1);
  247. } else if (pid < 0) {
  248. exit(1);
  249. }
  250. close(fds[0]);
  251. daemon_pipe = fds[1];
  252. qemu_set_cloexec(daemon_pipe);
  253. setsid();
  254. pid = fork();
  255. if (pid > 0) {
  256. exit(0);
  257. } else if (pid < 0) {
  258. exit(1);
  259. }
  260. umask(027);
  261. signal(SIGTSTP, SIG_IGN);
  262. signal(SIGTTOU, SIG_IGN);
  263. signal(SIGTTIN, SIG_IGN);
  264. }
  265. }
  266. void os_setup_post(void)
  267. {
  268. int fd = 0;
  269. if (daemonize) {
  270. if (chdir("/")) {
  271. error_report("not able to chdir to /: %s", strerror(errno));
  272. exit(1);
  273. }
  274. TFR(fd = qemu_open("/dev/null", O_RDWR));
  275. if (fd == -1) {
  276. exit(1);
  277. }
  278. }
  279. change_root();
  280. change_process_uid();
  281. if (daemonize) {
  282. uint8_t status = 0;
  283. ssize_t len;
  284. dup2(fd, 0);
  285. dup2(fd, 1);
  286. /* In case -D is given do not redirect stderr to /dev/null */
  287. if (!qemu_logfile) {
  288. dup2(fd, 2);
  289. }
  290. close(fd);
  291. do {
  292. len = write(daemon_pipe, &status, 1);
  293. } while (len < 0 && errno == EINTR);
  294. if (len != 1) {
  295. exit(1);
  296. }
  297. }
  298. }
  299. void os_set_line_buffering(void)
  300. {
  301. setvbuf(stdout, NULL, _IOLBF, 0);
  302. }
  303. bool is_daemonized(void)
  304. {
  305. return daemonize;
  306. }
  307. int os_mlock(void)
  308. {
  309. int ret = 0;
  310. ret = mlockall(MCL_CURRENT | MCL_FUTURE);
  311. if (ret < 0) {
  312. error_report("mlockall: %s", strerror(errno));
  313. }
  314. return ret;
  315. }