Back to home page

OSCL-LXR
 
 

     

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /*
0003  * cn_proc.c - process events connector
0004  *
0005  * Copyright (C) Matt Helsley, IBM Corp. 2005
0006  * Based on cn_fork.c by Guillaume Thouvenin <guillaume.thouvenin@bull.net>
0007  * Original copyright notice follows:
0008  * Copyright (C) 2005 BULL SA.
0009  */
0010 
0011 #include <linux/kernel.h>
0012 #include <linux/ktime.h>
0013 #include <linux/init.h>
0014 #include <linux/connector.h>
0015 #include <linux/gfp.h>
0016 #include <linux/ptrace.h>
0017 #include <linux/atomic.h>
0018 #include <linux/pid_namespace.h>
0019 
0020 #include <linux/cn_proc.h>
0021 #include <linux/local_lock.h>
0022 
0023 /*
0024  * Size of a cn_msg followed by a proc_event structure.  Since the
0025  * sizeof struct cn_msg is a multiple of 4 bytes, but not 8 bytes, we
0026  * add one 4-byte word to the size here, and then start the actual
0027  * cn_msg structure 4 bytes into the stack buffer.  The result is that
0028  * the immediately following proc_event structure is aligned to 8 bytes.
0029  */
0030 #define CN_PROC_MSG_SIZE (sizeof(struct cn_msg) + sizeof(struct proc_event) + 4)
0031 
0032 /* See comment above; we test our assumption about sizeof struct cn_msg here. */
0033 static inline struct cn_msg *buffer_to_cn_msg(__u8 *buffer)
0034 {
0035     BUILD_BUG_ON(sizeof(struct cn_msg) != 20);
0036     return (struct cn_msg *)(buffer + 4);
0037 }
0038 
0039 static atomic_t proc_event_num_listeners = ATOMIC_INIT(0);
0040 static struct cb_id cn_proc_event_id = { CN_IDX_PROC, CN_VAL_PROC };
0041 
0042 /* local_event.count is used as the sequence number of the netlink message */
0043 struct local_event {
0044     local_lock_t lock;
0045     __u32 count;
0046 };
0047 static DEFINE_PER_CPU(struct local_event, local_event) = {
0048     .lock = INIT_LOCAL_LOCK(lock),
0049 };
0050 
0051 static inline void send_msg(struct cn_msg *msg)
0052 {
0053     local_lock(&local_event.lock);
0054 
0055     msg->seq = __this_cpu_inc_return(local_event.count) - 1;
0056     ((struct proc_event *)msg->data)->cpu = smp_processor_id();
0057 
0058     /*
0059      * local_lock() disables preemption during send to ensure the messages
0060      * are ordered according to their sequence numbers.
0061      *
0062      * If cn_netlink_send() fails, the data is not sent.
0063      */
0064     cn_netlink_send(msg, 0, CN_IDX_PROC, GFP_NOWAIT);
0065 
0066     local_unlock(&local_event.lock);
0067 }
0068 
0069 void proc_fork_connector(struct task_struct *task)
0070 {
0071     struct cn_msg *msg;
0072     struct proc_event *ev;
0073     __u8 buffer[CN_PROC_MSG_SIZE] __aligned(8);
0074     struct task_struct *parent;
0075 
0076     if (atomic_read(&proc_event_num_listeners) < 1)
0077         return;
0078 
0079     msg = buffer_to_cn_msg(buffer);
0080     ev = (struct proc_event *)msg->data;
0081     memset(&ev->event_data, 0, sizeof(ev->event_data));
0082     ev->timestamp_ns = ktime_get_ns();
0083     ev->what = PROC_EVENT_FORK;
0084     rcu_read_lock();
0085     parent = rcu_dereference(task->real_parent);
0086     ev->event_data.fork.parent_pid = parent->pid;
0087     ev->event_data.fork.parent_tgid = parent->tgid;
0088     rcu_read_unlock();
0089     ev->event_data.fork.child_pid = task->pid;
0090     ev->event_data.fork.child_tgid = task->tgid;
0091 
0092     memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id));
0093     msg->ack = 0; /* not used */
0094     msg->len = sizeof(*ev);
0095     msg->flags = 0; /* not used */
0096     send_msg(msg);
0097 }
0098 
0099 void proc_exec_connector(struct task_struct *task)
0100 {
0101     struct cn_msg *msg;
0102     struct proc_event *ev;
0103     __u8 buffer[CN_PROC_MSG_SIZE] __aligned(8);
0104 
0105     if (atomic_read(&proc_event_num_listeners) < 1)
0106         return;
0107 
0108     msg = buffer_to_cn_msg(buffer);
0109     ev = (struct proc_event *)msg->data;
0110     memset(&ev->event_data, 0, sizeof(ev->event_data));
0111     ev->timestamp_ns = ktime_get_ns();
0112     ev->what = PROC_EVENT_EXEC;
0113     ev->event_data.exec.process_pid = task->pid;
0114     ev->event_data.exec.process_tgid = task->tgid;
0115 
0116     memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id));
0117     msg->ack = 0; /* not used */
0118     msg->len = sizeof(*ev);
0119     msg->flags = 0; /* not used */
0120     send_msg(msg);
0121 }
0122 
0123 void proc_id_connector(struct task_struct *task, int which_id)
0124 {
0125     struct cn_msg *msg;
0126     struct proc_event *ev;
0127     __u8 buffer[CN_PROC_MSG_SIZE] __aligned(8);
0128     const struct cred *cred;
0129 
0130     if (atomic_read(&proc_event_num_listeners) < 1)
0131         return;
0132 
0133     msg = buffer_to_cn_msg(buffer);
0134     ev = (struct proc_event *)msg->data;
0135     memset(&ev->event_data, 0, sizeof(ev->event_data));
0136     ev->what = which_id;
0137     ev->event_data.id.process_pid = task->pid;
0138     ev->event_data.id.process_tgid = task->tgid;
0139     rcu_read_lock();
0140     cred = __task_cred(task);
0141     if (which_id == PROC_EVENT_UID) {
0142         ev->event_data.id.r.ruid = from_kuid_munged(&init_user_ns, cred->uid);
0143         ev->event_data.id.e.euid = from_kuid_munged(&init_user_ns, cred->euid);
0144     } else if (which_id == PROC_EVENT_GID) {
0145         ev->event_data.id.r.rgid = from_kgid_munged(&init_user_ns, cred->gid);
0146         ev->event_data.id.e.egid = from_kgid_munged(&init_user_ns, cred->egid);
0147     } else {
0148         rcu_read_unlock();
0149         return;
0150     }
0151     rcu_read_unlock();
0152     ev->timestamp_ns = ktime_get_ns();
0153 
0154     memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id));
0155     msg->ack = 0; /* not used */
0156     msg->len = sizeof(*ev);
0157     msg->flags = 0; /* not used */
0158     send_msg(msg);
0159 }
0160 
0161 void proc_sid_connector(struct task_struct *task)
0162 {
0163     struct cn_msg *msg;
0164     struct proc_event *ev;
0165     __u8 buffer[CN_PROC_MSG_SIZE] __aligned(8);
0166 
0167     if (atomic_read(&proc_event_num_listeners) < 1)
0168         return;
0169 
0170     msg = buffer_to_cn_msg(buffer);
0171     ev = (struct proc_event *)msg->data;
0172     memset(&ev->event_data, 0, sizeof(ev->event_data));
0173     ev->timestamp_ns = ktime_get_ns();
0174     ev->what = PROC_EVENT_SID;
0175     ev->event_data.sid.process_pid = task->pid;
0176     ev->event_data.sid.process_tgid = task->tgid;
0177 
0178     memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id));
0179     msg->ack = 0; /* not used */
0180     msg->len = sizeof(*ev);
0181     msg->flags = 0; /* not used */
0182     send_msg(msg);
0183 }
0184 
0185 void proc_ptrace_connector(struct task_struct *task, int ptrace_id)
0186 {
0187     struct cn_msg *msg;
0188     struct proc_event *ev;
0189     __u8 buffer[CN_PROC_MSG_SIZE] __aligned(8);
0190 
0191     if (atomic_read(&proc_event_num_listeners) < 1)
0192         return;
0193 
0194     msg = buffer_to_cn_msg(buffer);
0195     ev = (struct proc_event *)msg->data;
0196     memset(&ev->event_data, 0, sizeof(ev->event_data));
0197     ev->timestamp_ns = ktime_get_ns();
0198     ev->what = PROC_EVENT_PTRACE;
0199     ev->event_data.ptrace.process_pid  = task->pid;
0200     ev->event_data.ptrace.process_tgid = task->tgid;
0201     if (ptrace_id == PTRACE_ATTACH) {
0202         ev->event_data.ptrace.tracer_pid  = current->pid;
0203         ev->event_data.ptrace.tracer_tgid = current->tgid;
0204     } else if (ptrace_id == PTRACE_DETACH) {
0205         ev->event_data.ptrace.tracer_pid  = 0;
0206         ev->event_data.ptrace.tracer_tgid = 0;
0207     } else
0208         return;
0209 
0210     memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id));
0211     msg->ack = 0; /* not used */
0212     msg->len = sizeof(*ev);
0213     msg->flags = 0; /* not used */
0214     send_msg(msg);
0215 }
0216 
0217 void proc_comm_connector(struct task_struct *task)
0218 {
0219     struct cn_msg *msg;
0220     struct proc_event *ev;
0221     __u8 buffer[CN_PROC_MSG_SIZE] __aligned(8);
0222 
0223     if (atomic_read(&proc_event_num_listeners) < 1)
0224         return;
0225 
0226     msg = buffer_to_cn_msg(buffer);
0227     ev = (struct proc_event *)msg->data;
0228     memset(&ev->event_data, 0, sizeof(ev->event_data));
0229     ev->timestamp_ns = ktime_get_ns();
0230     ev->what = PROC_EVENT_COMM;
0231     ev->event_data.comm.process_pid  = task->pid;
0232     ev->event_data.comm.process_tgid = task->tgid;
0233     get_task_comm(ev->event_data.comm.comm, task);
0234 
0235     memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id));
0236     msg->ack = 0; /* not used */
0237     msg->len = sizeof(*ev);
0238     msg->flags = 0; /* not used */
0239     send_msg(msg);
0240 }
0241 
0242 void proc_coredump_connector(struct task_struct *task)
0243 {
0244     struct cn_msg *msg;
0245     struct proc_event *ev;
0246     struct task_struct *parent;
0247     __u8 buffer[CN_PROC_MSG_SIZE] __aligned(8);
0248 
0249     if (atomic_read(&proc_event_num_listeners) < 1)
0250         return;
0251 
0252     msg = buffer_to_cn_msg(buffer);
0253     ev = (struct proc_event *)msg->data;
0254     memset(&ev->event_data, 0, sizeof(ev->event_data));
0255     ev->timestamp_ns = ktime_get_ns();
0256     ev->what = PROC_EVENT_COREDUMP;
0257     ev->event_data.coredump.process_pid = task->pid;
0258     ev->event_data.coredump.process_tgid = task->tgid;
0259 
0260     rcu_read_lock();
0261     if (pid_alive(task)) {
0262         parent = rcu_dereference(task->real_parent);
0263         ev->event_data.coredump.parent_pid = parent->pid;
0264         ev->event_data.coredump.parent_tgid = parent->tgid;
0265     }
0266     rcu_read_unlock();
0267 
0268     memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id));
0269     msg->ack = 0; /* not used */
0270     msg->len = sizeof(*ev);
0271     msg->flags = 0; /* not used */
0272     send_msg(msg);
0273 }
0274 
0275 void proc_exit_connector(struct task_struct *task)
0276 {
0277     struct cn_msg *msg;
0278     struct proc_event *ev;
0279     struct task_struct *parent;
0280     __u8 buffer[CN_PROC_MSG_SIZE] __aligned(8);
0281 
0282     if (atomic_read(&proc_event_num_listeners) < 1)
0283         return;
0284 
0285     msg = buffer_to_cn_msg(buffer);
0286     ev = (struct proc_event *)msg->data;
0287     memset(&ev->event_data, 0, sizeof(ev->event_data));
0288     ev->timestamp_ns = ktime_get_ns();
0289     ev->what = PROC_EVENT_EXIT;
0290     ev->event_data.exit.process_pid = task->pid;
0291     ev->event_data.exit.process_tgid = task->tgid;
0292     ev->event_data.exit.exit_code = task->exit_code;
0293     ev->event_data.exit.exit_signal = task->exit_signal;
0294 
0295     rcu_read_lock();
0296     if (pid_alive(task)) {
0297         parent = rcu_dereference(task->real_parent);
0298         ev->event_data.exit.parent_pid = parent->pid;
0299         ev->event_data.exit.parent_tgid = parent->tgid;
0300     }
0301     rcu_read_unlock();
0302 
0303     memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id));
0304     msg->ack = 0; /* not used */
0305     msg->len = sizeof(*ev);
0306     msg->flags = 0; /* not used */
0307     send_msg(msg);
0308 }
0309 
0310 /*
0311  * Send an acknowledgement message to userspace
0312  *
0313  * Use 0 for success, EFOO otherwise.
0314  * Note: this is the negative of conventional kernel error
0315  * values because it's not being returned via syscall return
0316  * mechanisms.
0317  */
0318 static void cn_proc_ack(int err, int rcvd_seq, int rcvd_ack)
0319 {
0320     struct cn_msg *msg;
0321     struct proc_event *ev;
0322     __u8 buffer[CN_PROC_MSG_SIZE] __aligned(8);
0323 
0324     if (atomic_read(&proc_event_num_listeners) < 1)
0325         return;
0326 
0327     msg = buffer_to_cn_msg(buffer);
0328     ev = (struct proc_event *)msg->data;
0329     memset(&ev->event_data, 0, sizeof(ev->event_data));
0330     msg->seq = rcvd_seq;
0331     ev->timestamp_ns = ktime_get_ns();
0332     ev->cpu = -1;
0333     ev->what = PROC_EVENT_NONE;
0334     ev->event_data.ack.err = err;
0335     memcpy(&msg->id, &cn_proc_event_id, sizeof(msg->id));
0336     msg->ack = rcvd_ack + 1;
0337     msg->len = sizeof(*ev);
0338     msg->flags = 0; /* not used */
0339     send_msg(msg);
0340 }
0341 
0342 /**
0343  * cn_proc_mcast_ctl
0344  * @data: message sent from userspace via the connector
0345  */
0346 static void cn_proc_mcast_ctl(struct cn_msg *msg,
0347                   struct netlink_skb_parms *nsp)
0348 {
0349     enum proc_cn_mcast_op *mc_op = NULL;
0350     int err = 0;
0351 
0352     if (msg->len != sizeof(*mc_op))
0353         return;
0354 
0355     /* 
0356      * Events are reported with respect to the initial pid
0357      * and user namespaces so ignore requestors from
0358      * other namespaces.
0359      */
0360     if ((current_user_ns() != &init_user_ns) ||
0361         !task_is_in_init_pid_ns(current))
0362         return;
0363 
0364     /* Can only change if privileged. */
0365     if (!__netlink_ns_capable(nsp, &init_user_ns, CAP_NET_ADMIN)) {
0366         err = EPERM;
0367         goto out;
0368     }
0369 
0370     mc_op = (enum proc_cn_mcast_op *)msg->data;
0371     switch (*mc_op) {
0372     case PROC_CN_MCAST_LISTEN:
0373         atomic_inc(&proc_event_num_listeners);
0374         break;
0375     case PROC_CN_MCAST_IGNORE:
0376         atomic_dec(&proc_event_num_listeners);
0377         break;
0378     default:
0379         err = EINVAL;
0380         break;
0381     }
0382 
0383 out:
0384     cn_proc_ack(err, msg->seq, msg->ack);
0385 }
0386 
0387 /*
0388  * cn_proc_init - initialization entry point
0389  *
0390  * Adds the connector callback to the connector driver.
0391  */
0392 static int __init cn_proc_init(void)
0393 {
0394     int err = cn_add_callback(&cn_proc_event_id,
0395                   "cn_proc",
0396                   &cn_proc_mcast_ctl);
0397     if (err) {
0398         pr_warn("cn_proc failed to register\n");
0399         return err;
0400     }
0401     return 0;
0402 }
0403 device_initcall(cn_proc_init);
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!