On Wed, Nov 07, 2018 at 07:06:09PM -0500, Bryan Steele wrote: > I'm revisiting some old tcpdump diffs, now that mestre@ has added proper > unveil(2) support! :-) > > Refresher: https://marc.info/?l=openbsd-tech&m=150535073209723&w=2 > > This hoists opening pf.os(5) fingerprints '-o' from the 'RUN' state to > the 'FILTER' state, this will allow for a reduced pledge(2) at runtime > in the (currently root) monitor process.
This was a bit of copy & paste, sorry. This moves the opening of pf.os earlier and avoids the unveil later on. Of course, reducing the runtime pledge(2) promises will come later! :-) > > This still works as well as it already has. :-) > > ( ... ) [tcp sum ok] (src OS: OpenBSD 6.1) 3311509932:3311509932(0) win > 16384 <mss 1460,nop,nop,sackOK,nop,wscale 6,nop,nop,timestamp 3905153931 0> > (DF) (ttl 64, id 41239, len 64) > > The only potential difference is that if /etc/pf.os is replaced at > runtime, tcpdump won't reopen it. > > I don't think that's a problem.. > > ok? > > -Bryan. Remove the now unused internal privsep "getline" code, which passed lines over a socket, replaced with explicit fdpassing of /etc/pf.os. This depends on the previous diff.. ok? -Bryan. Index: privsep.c =================================================================== RCS file: /cvs/src/usr.sbin/tcpdump/privsep.c,v retrieving revision 1.49 diff -u -p -u -r1.49 privsep.c --- privsep.c 28 Sep 2018 06:48:59 -0000 1.49 +++ privsep.c 8 Nov 2018 00:19:47 -0000 @@ -77,8 +77,8 @@ static const int allowed_max[] = { ALLOW(PRIV_GETPROTOENTRIES) | ALLOW(PRIV_ETHER_NTOHOST) | ALLOW(PRIV_INIT_DONE), /* RUN */ ALLOW(PRIV_GETHOSTBYADDR) | ALLOW(PRIV_ETHER_NTOHOST) | - ALLOW(PRIV_GETRPCBYNUMBER) | ALLOW(PRIV_GETLINES) | - ALLOW(PRIV_LOCALTIME) | ALLOW(PRIV_PCAP_STATS), + ALLOW(PRIV_GETRPCBYNUMBER) | ALLOW(PRIV_LOCALTIME) | + ALLOW(PRIV_PCAP_STATS), /* EXIT */ 0 }; @@ -90,21 +90,10 @@ static int allowed_ext[] = { /* INIT */ ALLOW(PRIV_SETFILTER), /* BPF */ ALLOW(PRIV_SETFILTER), /* FILTER */ ALLOW(PRIV_GETSERVENTRIES), - /* RUN */ ALLOW(PRIV_GETLINES) | ALLOW(PRIV_LOCALTIME) | - ALLOW(PRIV_PCAP_STATS), + /* RUN */ ALLOW(PRIV_LOCALTIME) | ALLOW(PRIV_PCAP_STATS), /* EXIT */ 0 }; -struct ftab { - char *name; - int max; - int count; -}; - -static struct ftab file_table[] = {{PF_OSFP_FILE, 1, 0}}; - -#define NUM_FILETAB (sizeof(file_table) / sizeof(struct ftab)) - int debug_level = LOG_INFO; int priv_fd = -1; volatile pid_t child_pid = -1; @@ -123,7 +112,6 @@ static void impl_getrpcbynumber(int); static void impl_getserventries(int); static void impl_getprotoentries(int); static void impl_localtime(int fd); -static void impl_getlines(int); static void impl_pcap_stats(int, int *); static void test_state(int, int); @@ -345,10 +333,6 @@ priv_exec(int argc, char *argv[]) test_state(cmd, STATE_RUN); impl_localtime(sock); break; - case PRIV_GETLINES: - test_state(cmd, STATE_RUN); - impl_getlines(sock); - break; case PRIV_PCAP_STATS: test_state(cmd, STATE_RUN); impl_pcap_stats(sock, &bpfd); @@ -577,55 +561,6 @@ impl_localtime(int fd) } static void -impl_getlines(int fd) -{ - FILE *fp; - char *buf, *lbuf, *file; - size_t len, fid; - - logmsg(LOG_DEBUG, "[priv]: msg PRIV_GETLINES received"); - - must_read(fd, &fid, sizeof(size_t)); - if (fid >= NUM_FILETAB) - errx(1, "invalid file id"); - - file = file_table[fid].name; - - if (file == NULL) - errx(1, "invalid file referenced"); - - if (file_table[fid].count >= file_table[fid].max) - errx(1, "maximum open count exceeded for %s", file); - - file_table[fid].count++; - - if ((fp = fopen(file, "r")) == NULL) { - write_zero(fd); - return; - } - - lbuf = NULL; - while ((buf = fgetln(fp, &len))) { - if (buf[len - 1] == '\n') - buf[len - 1] = '\0'; - else { - if ((lbuf = malloc(len + 1)) == NULL) - err(1, NULL); - memcpy(lbuf, buf, len); - lbuf[len] = '\0'; - buf = lbuf; - } - - write_string(fd, buf); - - free(lbuf); - lbuf = NULL; - } - write_zero(fd); - fclose(fp); -} - -static void impl_pcap_stats(int fd, int *bpfd) { struct pcap_stat stats; @@ -786,17 +721,6 @@ priv_localtime(const time_t *t) return < } -/* start getting lines from a file */ -void -priv_getlines(size_t sz) -{ - if (priv_fd < 0) - errx(1, "%s called from privileged portion", __func__); - - write_command(priv_fd, PRIV_GETLINES); - must_write(priv_fd, &sz, sizeof(size_t)); -} - int priv_pcap_stats(struct pcap_stat *ps) { @@ -806,18 +730,6 @@ priv_pcap_stats(struct pcap_stat *ps) write_command(priv_fd, PRIV_PCAP_STATS); must_read(priv_fd, ps, sizeof(*ps)); return (0); -} - -/* retrieve a line from a file, should be called repeatedly after calling - priv_getlines(), until it returns zero. */ -size_t -priv_getline(char *line, size_t line_len) -{ - if (priv_fd < 0) - errx(1, "%s called from privileged portion", __func__); - - /* read the line */ - return (read_string(priv_fd, line, line_len, __func__)); } /* Read all data or return 1 for error. */ Index: privsep.h =================================================================== RCS file: /cvs/src/usr.sbin/tcpdump/privsep.h,v retrieving revision 1.10 diff -u -p -u -r1.10 privsep.h --- privsep.h 8 Sep 2017 19:10:57 -0000 1.10 +++ privsep.h 8 Nov 2018 00:19:47 -0000 @@ -21,9 +21,6 @@ #define TCPDUMP_MAGIC 0xa1b2c3d4 -/* file ids used by priv_getlines */ -#define FTAB_PFOSFP 0 - enum cmd_types { PRIV_OPEN_BPF, /* open a bpf descriptor */ PRIV_OPEN_DUMP, /* open dump file for reading */ @@ -35,7 +32,6 @@ enum cmd_types { PRIV_GETSERVENTRIES, /* get the service entries table */ PRIV_GETPROTOENTRIES, /* get the ip protocol entries table */ PRIV_LOCALTIME, /* return localtime */ - PRIV_GETLINES, /* get lines from a file */ PRIV_INIT_DONE, /* signal that the initialization is done */ PRIV_PCAP_STATS /* get pcap_stats() results */ }; @@ -74,13 +70,6 @@ void priv_getprotoentries(void); /* Retrieve a single protocol entry, should be called repeatedly after calling priv_getprotoentries() until it returns zero */ size_t priv_getprotoentry(char *, size_t, int *); - -/* Start getting lines from a file */ -void priv_getlines(size_t); - -/* Retrieve a single line from a file, should be called repeatedly after - calling priv_getlines() until it returns zero */ -size_t priv_getline(char *, size_t); /* Return the pcap statistics upon completion */ int priv_pcap_stats(struct pcap_stat *);