Still works as advertised, ok mestre@
On 19:32 Wed 07 Nov , Bryan Steele wrote:
> On Wed, Nov 07, 2018 at 07:06:09PM -0500, Bryan Steele wrote:
> > I'm revisiting some old tcpdump diffs, now that mestre@ has added proper
> > unveil(2) support! :-)
> >
> > Refresher: https://marc.info/?l=openbsd-tech&m=150535073209723&w=2
> >
> > This hoists opening pf.os(5) fingerprints '-o' from the 'RUN' state to
> > the 'FILTER' state, this will allow for a reduced pledge(2) at runtime
> > in the (currently root) monitor process.
>
> This was a bit of copy & paste, sorry. This moves the opening of pf.os
> earlier and avoids the unveil later on. Of course, reducing the runtime
> pledge(2) promises will come later! :-)
>
> >
> > This still works as well as it already has. :-)
> >
> > ( ... ) [tcp sum ok] (src OS: OpenBSD 6.1) 3311509932:3311509932(0) win
> > 16384 <mss 1460,nop,nop,sackOK,nop,wscale 6,nop,nop,timestamp 3905153931 0>
> > (DF) (ttl 64, id 41239, len 64)
> >
> > The only potential difference is that if /etc/pf.os is replaced at
> > runtime, tcpdump won't reopen it.
> >
> > I don't think that's a problem..
> >
> > ok?
> >
> > -Bryan.
>
> Remove the now unused internal privsep "getline" code, which passed
> lines over a socket, replaced with explicit fdpassing of /etc/pf.os.
>
> This depends on the previous diff..
>
> ok?
>
> -Bryan.
>
> Index: privsep.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/tcpdump/privsep.c,v
> retrieving revision 1.49
> diff -u -p -u -r1.49 privsep.c
> --- privsep.c 28 Sep 2018 06:48:59 -0000 1.49
> +++ privsep.c 8 Nov 2018 00:19:47 -0000
> @@ -77,8 +77,8 @@ static const int allowed_max[] = {
> ALLOW(PRIV_GETPROTOENTRIES) |
> ALLOW(PRIV_ETHER_NTOHOST) | ALLOW(PRIV_INIT_DONE),
> /* RUN */ ALLOW(PRIV_GETHOSTBYADDR) | ALLOW(PRIV_ETHER_NTOHOST) |
> - ALLOW(PRIV_GETRPCBYNUMBER) | ALLOW(PRIV_GETLINES) |
> - ALLOW(PRIV_LOCALTIME) | ALLOW(PRIV_PCAP_STATS),
> + ALLOW(PRIV_GETRPCBYNUMBER) | ALLOW(PRIV_LOCALTIME) |
> + ALLOW(PRIV_PCAP_STATS),
> /* EXIT */ 0
> };
>
> @@ -90,21 +90,10 @@ static int allowed_ext[] = {
> /* INIT */ ALLOW(PRIV_SETFILTER),
> /* BPF */ ALLOW(PRIV_SETFILTER),
> /* FILTER */ ALLOW(PRIV_GETSERVENTRIES),
> - /* RUN */ ALLOW(PRIV_GETLINES) | ALLOW(PRIV_LOCALTIME) |
> - ALLOW(PRIV_PCAP_STATS),
> + /* RUN */ ALLOW(PRIV_LOCALTIME) | ALLOW(PRIV_PCAP_STATS),
> /* EXIT */ 0
> };
>
> -struct ftab {
> - char *name;
> - int max;
> - int count;
> -};
> -
> -static struct ftab file_table[] = {{PF_OSFP_FILE, 1, 0}};
> -
> -#define NUM_FILETAB (sizeof(file_table) / sizeof(struct ftab))
> -
> int debug_level = LOG_INFO;
> int priv_fd = -1;
> volatile pid_t child_pid = -1;
> @@ -123,7 +112,6 @@ static void impl_getrpcbynumber(int);
> static void impl_getserventries(int);
> static void impl_getprotoentries(int);
> static void impl_localtime(int fd);
> -static void impl_getlines(int);
> static void impl_pcap_stats(int, int *);
>
> static void test_state(int, int);
> @@ -345,10 +333,6 @@ priv_exec(int argc, char *argv[])
> test_state(cmd, STATE_RUN);
> impl_localtime(sock);
> break;
> - case PRIV_GETLINES:
> - test_state(cmd, STATE_RUN);
> - impl_getlines(sock);
> - break;
> case PRIV_PCAP_STATS:
> test_state(cmd, STATE_RUN);
> impl_pcap_stats(sock, &bpfd);
> @@ -577,55 +561,6 @@ impl_localtime(int fd)
> }
>
> static void
> -impl_getlines(int fd)
> -{
> - FILE *fp;
> - char *buf, *lbuf, *file;
> - size_t len, fid;
> -
> - logmsg(LOG_DEBUG, "[priv]: msg PRIV_GETLINES received");
> -
> - must_read(fd, &fid, sizeof(size_t));
> - if (fid >= NUM_FILETAB)
> - errx(1, "invalid file id");
> -
> - file = file_table[fid].name;
> -
> - if (file == NULL)
> - errx(1, "invalid file referenced");
> -
> - if (file_table[fid].count >= file_table[fid].max)
> - errx(1, "maximum open count exceeded for %s", file);
> -
> - file_table[fid].count++;
> -
> - if ((fp = fopen(file, "r")) == NULL) {
> - write_zero(fd);
> - return;
> - }
> -
> - lbuf = NULL;
> - while ((buf = fgetln(fp, &len))) {
> - if (buf[len - 1] == '\n')
> - buf[len - 1] = '\0';
> - else {
> - if ((lbuf = malloc(len + 1)) == NULL)
> - err(1, NULL);
> - memcpy(lbuf, buf, len);
> - lbuf[len] = '\0';
> - buf = lbuf;
> - }
> -
> - write_string(fd, buf);
> -
> - free(lbuf);
> - lbuf = NULL;
> - }
> - write_zero(fd);
> - fclose(fp);
> -}
> -
> -static void
> impl_pcap_stats(int fd, int *bpfd)
> {
> struct pcap_stat stats;
> @@ -786,17 +721,6 @@ priv_localtime(const time_t *t)
> return <
> }
>
> -/* start getting lines from a file */
> -void
> -priv_getlines(size_t sz)
> -{
> - if (priv_fd < 0)
> - errx(1, "%s called from privileged portion", __func__);
> -
> - write_command(priv_fd, PRIV_GETLINES);
> - must_write(priv_fd, &sz, sizeof(size_t));
> -}
> -
> int
> priv_pcap_stats(struct pcap_stat *ps)
> {
> @@ -806,18 +730,6 @@ priv_pcap_stats(struct pcap_stat *ps)
> write_command(priv_fd, PRIV_PCAP_STATS);
> must_read(priv_fd, ps, sizeof(*ps));
> return (0);
> -}
> -
> -/* retrieve a line from a file, should be called repeatedly after calling
> - priv_getlines(), until it returns zero. */
> -size_t
> -priv_getline(char *line, size_t line_len)
> -{
> - if (priv_fd < 0)
> - errx(1, "%s called from privileged portion", __func__);
> -
> - /* read the line */
> - return (read_string(priv_fd, line, line_len, __func__));
> }
>
> /* Read all data or return 1 for error. */
> Index: privsep.h
> ===================================================================
> RCS file: /cvs/src/usr.sbin/tcpdump/privsep.h,v
> retrieving revision 1.10
> diff -u -p -u -r1.10 privsep.h
> --- privsep.h 8 Sep 2017 19:10:57 -0000 1.10
> +++ privsep.h 8 Nov 2018 00:19:47 -0000
> @@ -21,9 +21,6 @@
>
> #define TCPDUMP_MAGIC 0xa1b2c3d4
>
> -/* file ids used by priv_getlines */
> -#define FTAB_PFOSFP 0
> -
> enum cmd_types {
> PRIV_OPEN_BPF, /* open a bpf descriptor */
> PRIV_OPEN_DUMP, /* open dump file for reading */
> @@ -35,7 +32,6 @@ enum cmd_types {
> PRIV_GETSERVENTRIES, /* get the service entries table */
> PRIV_GETPROTOENTRIES, /* get the ip protocol entries table */
> PRIV_LOCALTIME, /* return localtime */
> - PRIV_GETLINES, /* get lines from a file */
> PRIV_INIT_DONE, /* signal that the initialization is done */
> PRIV_PCAP_STATS /* get pcap_stats() results */
> };
> @@ -74,13 +70,6 @@ void priv_getprotoentries(void);
> /* Retrieve a single protocol entry, should be called repeatedly after
> calling priv_getprotoentries() until it returns zero */
> size_t priv_getprotoentry(char *, size_t, int *);
> -
> -/* Start getting lines from a file */
> -void priv_getlines(size_t);
> -
> -/* Retrieve a single line from a file, should be called repeatedly after
> - calling priv_getlines() until it returns zero */
> -size_t priv_getline(char *, size_t);
>
> /* Return the pcap statistics upon completion */
> int priv_pcap_stats(struct pcap_stat *);
>