|
|
cac1ea |
diff -up ecryptfs-utils-103/src/include/ecryptfs.h.nozombies ecryptfs-utils-103/src/include/ecryptfs.h
|
|
|
cac1ea |
--- ecryptfs-utils-103/src/include/ecryptfs.h.nozombies 2012-11-30 16:41:02.000000000 +0100
|
|
|
cac1ea |
+++ ecryptfs-utils-103/src/include/ecryptfs.h 2013-01-28 17:24:14.407103573 +0100
|
|
|
cac1ea |
@@ -530,10 +530,6 @@ int ecryptfs_validate_keyring(void);
|
|
|
be2a3c |
#define ECRYPTFS_SHM_KEY 0x3c81b7f5
|
|
|
be2a3c |
#define ECRYPTFS_SEM_KEY 0x3c81b7f6
|
|
|
be2a3c |
#define ECRYPTFS_SHM_SIZE 4096
|
|
|
be2a3c |
-#define ECRYPTFS_ZOMBIE_SLEEP_SECONDS 300
|
|
|
be2a3c |
-int ecryptfs_set_zombie_session_placeholder(void);
|
|
|
be2a3c |
-int ecryptfs_kill_and_clear_zombie_session_placeholder(void);
|
|
|
be2a3c |
-int ecryptfs_list_zombie_session_placeholders(void);
|
|
|
be2a3c |
int ecryptfs_build_linear_subgraph_from_nvp(struct transition_node **trans_node,
|
|
|
be2a3c |
struct ecryptfs_key_mod *key_mod);
|
|
|
be2a3c |
int ecryptfs_build_linear_subgraph(struct transition_node **trans_node,
|
|
|
cac1ea |
diff -up ecryptfs-utils-103/src/libecryptfs/main.c.nozombies ecryptfs-utils-103/src/libecryptfs/main.c
|
|
|
cac1ea |
--- ecryptfs-utils-103/src/libecryptfs/main.c.nozombies 2012-05-18 21:06:17.000000000 +0200
|
|
|
cac1ea |
+++ ecryptfs-utils-103/src/libecryptfs/main.c 2013-01-28 17:24:14.407103573 +0100
|
|
|
cac1ea |
@@ -380,487 +380,6 @@ out:
|
|
|
be2a3c |
return rc;
|
|
|
be2a3c |
}
|
|
|
be2a3c |
|
|
|
be2a3c |
-static int zombie_semaphore_get(void)
|
|
|
be2a3c |
-{
|
|
|
be2a3c |
- int sem_id;
|
|
|
be2a3c |
- struct semid_ds semid_ds;
|
|
|
be2a3c |
- struct sembuf sb;
|
|
|
be2a3c |
- int i;
|
|
|
be2a3c |
- int rc;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- sem_id = semget(ECRYPTFS_SEM_KEY, 1, (0666 | IPC_EXCL | IPC_CREAT));
|
|
|
be2a3c |
- if (sem_id >= 0) {
|
|
|
be2a3c |
- sb.sem_op = 1;
|
|
|
be2a3c |
- sb.sem_flg = 0;
|
|
|
be2a3c |
- sb.sem_num = 0;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- rc = semop(sem_id, &sb, 1);
|
|
|
be2a3c |
- if (rc == -1) {
|
|
|
be2a3c |
- semctl(sem_id, 0, IPC_RMID);
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error initializing semaphore\n");
|
|
|
be2a3c |
- rc = -1;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- } else if (errno == EEXIST) {
|
|
|
be2a3c |
- int initialized = 0;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- sem_id = semget(ECRYPTFS_SEM_KEY, 1, 0);
|
|
|
be2a3c |
- if (sem_id < 0) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error getting existing semaphore");
|
|
|
be2a3c |
- rc = -1;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
-#define RETRY_LIMIT 3
|
|
|
be2a3c |
- for (i = 0; i < RETRY_LIMIT; i++) {
|
|
|
be2a3c |
- semctl(sem_id, 0, IPC_STAT, &semid_ds);
|
|
|
be2a3c |
- if (semid_ds.sem_otime != 0) {
|
|
|
be2a3c |
- initialized = 1;
|
|
|
be2a3c |
- break;
|
|
|
be2a3c |
- } else
|
|
|
be2a3c |
- sleep(1);
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if (!initialized) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Waited too long for initialized "
|
|
|
be2a3c |
- "semaphore; something's wrong\n");
|
|
|
be2a3c |
- rc = -1;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- } else {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error attempting to get semaphore\n");
|
|
|
be2a3c |
- rc = -1;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- rc = sem_id;
|
|
|
be2a3c |
-out:
|
|
|
be2a3c |
- return rc;
|
|
|
be2a3c |
-}
|
|
|
be2a3c |
-
|
|
|
be2a3c |
-static void zombie_semaphore_lock(int sem_id)
|
|
|
be2a3c |
-{
|
|
|
be2a3c |
- struct sembuf sb;
|
|
|
be2a3c |
- int i;
|
|
|
be2a3c |
- int rc;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- sb.sem_num = 0;
|
|
|
be2a3c |
- sb.sem_op = -1;
|
|
|
be2a3c |
- sb.sem_flg = IPC_NOWAIT;
|
|
|
be2a3c |
- for (i = 0; i < RETRY_LIMIT; i++) {
|
|
|
be2a3c |
- rc = semop(sem_id, &sb, 1);
|
|
|
be2a3c |
- if (rc == -1 && errno == EAGAIN) {
|
|
|
be2a3c |
- sleep(1);
|
|
|
be2a3c |
- } else if (rc == -1) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error locking semaphore; errno "
|
|
|
be2a3c |
- "string = [%m]\n");
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- } else
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error locking semaphore; hit max retries\n");
|
|
|
be2a3c |
-out:
|
|
|
be2a3c |
- return;
|
|
|
be2a3c |
-}
|
|
|
be2a3c |
-
|
|
|
be2a3c |
-static void zombie_semaphore_unlock(int sem_id)
|
|
|
be2a3c |
-{
|
|
|
be2a3c |
- struct sembuf sb;
|
|
|
be2a3c |
- int rc;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- sb.sem_num = 0;
|
|
|
be2a3c |
- sb.sem_op = 1;
|
|
|
be2a3c |
- sb.sem_flg = 0;
|
|
|
be2a3c |
- rc = semop(sem_id, &sb, 1);
|
|
|
be2a3c |
- if (rc == -1) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error unlocking semaphore\n");
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
-out:
|
|
|
be2a3c |
- return;
|
|
|
be2a3c |
-}
|
|
|
be2a3c |
-
|
|
|
be2a3c |
-static int get_zombie_shared_mem_locked(int *shm_id, int *sem_id)
|
|
|
be2a3c |
-{
|
|
|
be2a3c |
- int rc;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- (*sem_id) = zombie_semaphore_get();
|
|
|
be2a3c |
- if ((*sem_id) == -1) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error attempting to get zombie semaphore\n");
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- zombie_semaphore_lock((*sem_id));
|
|
|
be2a3c |
- rc = shmget(ECRYPTFS_SHM_KEY, ECRYPTFS_SHM_SIZE, (0666 | IPC_CREAT
|
|
|
be2a3c |
- | IPC_EXCL));
|
|
|
be2a3c |
- if (rc == -1 && errno == EEXIST)
|
|
|
be2a3c |
- rc = shmget(ECRYPTFS_SHM_KEY, ECRYPTFS_SHM_SIZE, 0);
|
|
|
be2a3c |
- else {
|
|
|
be2a3c |
- char *shm_virt;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- (*shm_id) = rc;
|
|
|
be2a3c |
- shm_virt = shmat((*shm_id), NULL, 0);
|
|
|
be2a3c |
- if (shm_virt == (void *)-1) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error attaching to newly allocated "
|
|
|
be2a3c |
- "shared memory; errno string = [%m]\n");
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
- zombie_semaphore_unlock((*sem_id));
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- memset(shm_virt, 0, ECRYPTFS_SHM_SIZE);
|
|
|
be2a3c |
- if ((rc = shmdt(shm_virt))) {
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
- zombie_semaphore_unlock((*sem_id));
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- rc = shmget(ECRYPTFS_SHM_KEY, ECRYPTFS_SHM_SIZE, 0);
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if (rc == -1) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error attempting to get identifier for "
|
|
|
be2a3c |
- "shared memory with key [0x%.8x]\n", ECRYPTFS_SHM_KEY);
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
- zombie_semaphore_unlock((*sem_id));
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- (*shm_id) = rc;
|
|
|
be2a3c |
- rc = 0;
|
|
|
be2a3c |
-out:
|
|
|
be2a3c |
- return rc;
|
|
|
be2a3c |
-}
|
|
|
be2a3c |
-
|
|
|
be2a3c |
-static int list_pid_sid_pairs(int shm_id)
|
|
|
be2a3c |
-{
|
|
|
be2a3c |
- pid_t sid_tmp;
|
|
|
be2a3c |
- pid_t pid_tmp;
|
|
|
be2a3c |
- char *shm_virt;
|
|
|
be2a3c |
- int i;
|
|
|
be2a3c |
- int rc;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- if (sizeof(pid_t) != sizeof(uint32_t)) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "sizeof(pid_t) != sizeof(uint32_t); the code "
|
|
|
be2a3c |
- "needs some tweaking to work on this architecture\n");
|
|
|
be2a3c |
- rc = -EINVAL;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- shm_virt = shmat(shm_id, NULL, 0);
|
|
|
be2a3c |
- if (shm_virt == (void *)-1) {
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- i = 0;
|
|
|
be2a3c |
- memcpy(&sid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- sid_tmp = ntohl(sid_tmp); /* uint32_t */
|
|
|
be2a3c |
- memcpy(&pid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- pid_tmp = ntohl(pid_tmp); /* uint32_t */
|
|
|
be2a3c |
- while (!(sid_tmp == 0 && pid_tmp == 0)) {
|
|
|
be2a3c |
- if ((i + (2 * sizeof(pid_t))) > ECRYPTFS_SHM_SIZE)
|
|
|
be2a3c |
- break;
|
|
|
be2a3c |
- memcpy(&sid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- sid_tmp = ntohl(sid_tmp); /* uint32_t */
|
|
|
be2a3c |
- memcpy(&pid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- pid_tmp = ntohl(pid_tmp); /* uint32_t */
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if ((rc = shmdt(shm_virt)))
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
-out:
|
|
|
be2a3c |
- return rc;
|
|
|
be2a3c |
-}
|
|
|
be2a3c |
-
|
|
|
be2a3c |
-static int find_pid_for_this_sid(pid_t *pid, int shm_id)
|
|
|
be2a3c |
-{
|
|
|
be2a3c |
- pid_t sid_tmp;
|
|
|
be2a3c |
- pid_t sid;
|
|
|
be2a3c |
- pid_t pid_tmp;
|
|
|
be2a3c |
- pid_t this_pid;
|
|
|
be2a3c |
- char *shm_virt;
|
|
|
be2a3c |
- int i;
|
|
|
be2a3c |
- int rc;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- (*pid) = 0;
|
|
|
be2a3c |
- if (sizeof(pid_t) != sizeof(uint32_t)) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "sizeof(pid_t) != sizeof(uint32_t); the code "
|
|
|
be2a3c |
- "needs some tweaking to work on this architecture\n");
|
|
|
be2a3c |
- rc = -EINVAL;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- shm_virt = shmat(shm_id, NULL, 0);
|
|
|
be2a3c |
- if (shm_virt == (void *)-1) {
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- i = 0;
|
|
|
be2a3c |
- memcpy(&sid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- sid_tmp = ntohl(sid_tmp); /* uint32_t */
|
|
|
be2a3c |
- memcpy(&pid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- pid_tmp = ntohl(pid_tmp); /* uint32_t */
|
|
|
be2a3c |
- this_pid = getpid();
|
|
|
be2a3c |
- sid = getsid(this_pid);
|
|
|
be2a3c |
- while (!(sid_tmp == 0 && pid_tmp == 0)) {
|
|
|
be2a3c |
- if (sid_tmp == sid) {
|
|
|
be2a3c |
- (*pid) = pid_tmp;
|
|
|
be2a3c |
- goto end_search;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if ((i + (2 * sizeof(pid_t))) > ECRYPTFS_SHM_SIZE)
|
|
|
be2a3c |
- break;
|
|
|
be2a3c |
- memcpy(&sid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- sid_tmp = ntohl(sid_tmp); /* uint32_t */
|
|
|
be2a3c |
- memcpy(&pid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- pid_tmp = ntohl(pid_tmp); /* uint32_t */
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
-end_search:
|
|
|
be2a3c |
- if ((rc = shmdt(shm_virt))) {
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
- (*pid) = 0;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
-out:
|
|
|
be2a3c |
- return rc;
|
|
|
be2a3c |
-}
|
|
|
be2a3c |
-
|
|
|
be2a3c |
-static int remove_pid_for_this_sid(int shm_id)
|
|
|
be2a3c |
-{
|
|
|
be2a3c |
- pid_t sid_tmp;
|
|
|
be2a3c |
- pid_t sid;
|
|
|
be2a3c |
- pid_t pid_tmp;
|
|
|
be2a3c |
- pid_t pid;
|
|
|
be2a3c |
- pid_t this_pid;
|
|
|
be2a3c |
- char *shm_virt;
|
|
|
be2a3c |
- int i;
|
|
|
be2a3c |
- int rc;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- pid = 0;
|
|
|
be2a3c |
- if (sizeof(pid_t) != sizeof(uint32_t)) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "sizeof(pid_t) != sizeof(uint32_t); the code "
|
|
|
be2a3c |
- "needs some tweaking to work on this architecture\n");
|
|
|
be2a3c |
- rc = -EINVAL;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- shm_virt = shmat(shm_id, NULL, 0);
|
|
|
be2a3c |
- if (shm_virt == (void *)-1) {
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- i = 0;
|
|
|
be2a3c |
- memcpy(&sid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- sid_tmp = ntohl(sid_tmp); /* uint32_t */
|
|
|
be2a3c |
- memcpy(&pid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- pid_tmp = ntohl(pid_tmp); /* uint32_t */
|
|
|
be2a3c |
- this_pid = getpid();
|
|
|
be2a3c |
- sid = getsid(this_pid);
|
|
|
be2a3c |
- while (!(sid_tmp == 0 && pid_tmp == 0)) {
|
|
|
be2a3c |
- if (sid_tmp == sid) {
|
|
|
be2a3c |
- pid = pid_tmp;
|
|
|
be2a3c |
- break;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if ((i + (2 * sizeof(pid_t))) > ECRYPTFS_SHM_SIZE)
|
|
|
be2a3c |
- break;
|
|
|
be2a3c |
- memcpy(&sid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- sid_tmp = ntohl(sid_tmp); /* uint32_t */
|
|
|
be2a3c |
- memcpy(&pid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- pid_tmp = ntohl(pid_tmp); /* uint32_t */
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if (pid != 0) {
|
|
|
be2a3c |
- char *tmp;
|
|
|
be2a3c |
- int remainder = (ECRYPTFS_SHM_SIZE - i);
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- if (remainder != 0) {
|
|
|
be2a3c |
- if ((tmp = malloc(remainder)) == NULL) {
|
|
|
be2a3c |
- rc = -ENOMEM;
|
|
|
be2a3c |
- shmdt(shm_virt);
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- memcpy(tmp, &shm_virt[i], remainder);
|
|
|
be2a3c |
- i -= (2 * sizeof(pid_t));
|
|
|
be2a3c |
- memcpy(&shm_virt[i], tmp, remainder);
|
|
|
be2a3c |
- i += remainder;
|
|
|
be2a3c |
- } else
|
|
|
be2a3c |
- i -= (2 * sizeof(pid_t));
|
|
|
be2a3c |
- memset(&shm_virt[i], 0, (2 * sizeof(pid_t)));
|
|
|
be2a3c |
- if (remainder != 0)
|
|
|
be2a3c |
- free(tmp);
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if ((rc = shmdt(shm_virt)))
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
-out:
|
|
|
be2a3c |
- return rc;
|
|
|
be2a3c |
-}
|
|
|
be2a3c |
-
|
|
|
be2a3c |
-static int add_sid_pid_pair_to_shm(int shm_id)
|
|
|
be2a3c |
-{
|
|
|
be2a3c |
- pid_t sid_tmp;
|
|
|
be2a3c |
- pid_t sid;
|
|
|
be2a3c |
- pid_t pid_tmp;
|
|
|
be2a3c |
- pid_t pid;
|
|
|
be2a3c |
- char *shm_virt;
|
|
|
be2a3c |
- int i;
|
|
|
be2a3c |
- int rc;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- if (sizeof(pid_t) != sizeof(uint32_t)) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "sizeof(pid_t) != sizeof(uint32_t); the code "
|
|
|
be2a3c |
- "needs some tweaking to work on this architecture\n");
|
|
|
be2a3c |
- rc = -EINVAL;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- shm_virt = shmat(shm_id, NULL, 0);
|
|
|
be2a3c |
- if (shm_virt == (void *)-1) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error attaching to shared memory; error "
|
|
|
be2a3c |
- "string = [%m]\n");
|
|
|
be2a3c |
- shm_virt = shmat(shm_id, NULL, 0);
|
|
|
be2a3c |
- if (shm_virt == (void *)-1) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error attaching to shared memory; error "
|
|
|
be2a3c |
- "string = [%m]\n");
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- i = 0;
|
|
|
be2a3c |
- memcpy(&sid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- sid_tmp = ntohl(sid_tmp); /* uint32_t */
|
|
|
be2a3c |
- memcpy(&pid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- pid_tmp = ntohl(pid_tmp); /* uint32_t */
|
|
|
be2a3c |
- while (!(sid_tmp == 0 && pid_tmp == 0)) {
|
|
|
be2a3c |
- if ((i + (2 * sizeof(pid_t))) > ECRYPTFS_SHM_SIZE) {
|
|
|
be2a3c |
- syslog(LOG_ERR,
|
|
|
be2a3c |
- "No space left in shared memory region\n");
|
|
|
be2a3c |
- rc = -ENOMEM;
|
|
|
be2a3c |
- shmdt(shm_virt);
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- memcpy(&sid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- sid_tmp = ntohl(sid_tmp); /* uint32_t */
|
|
|
be2a3c |
- memcpy(&pid_tmp, &shm_virt[i], sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- pid_tmp = ntohl(pid_tmp); /* uint32_t */
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- pid = getpid();
|
|
|
be2a3c |
- sid = getsid(pid);
|
|
|
be2a3c |
- sid = htonl(sid);
|
|
|
be2a3c |
- pid = htonl(pid);
|
|
|
be2a3c |
- i -= (2 * sizeof(pid_t));
|
|
|
be2a3c |
- memcpy(&shm_virt[i], &sid, sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- memcpy(&shm_virt[i], &pid, sizeof(pid_t));
|
|
|
be2a3c |
- i += sizeof(pid_t);
|
|
|
be2a3c |
- if ((i + (2 * sizeof(pid_t))) <= ECRYPTFS_SHM_SIZE)
|
|
|
be2a3c |
- memset(&shm_virt[i], 0, (i + (2 * sizeof(pid_t))));
|
|
|
be2a3c |
- if ((rc = shmdt(shm_virt))) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error detaching from shared memory\n");
|
|
|
be2a3c |
- rc = -EIO;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
-out:
|
|
|
be2a3c |
- return rc;
|
|
|
be2a3c |
-}
|
|
|
be2a3c |
-
|
|
|
be2a3c |
-int ecryptfs_set_zombie_session_placeholder(void)
|
|
|
be2a3c |
-{
|
|
|
be2a3c |
- int shm_id;
|
|
|
be2a3c |
- int sem_id;
|
|
|
be2a3c |
- int rc = 0;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- if ((rc = get_zombie_shared_mem_locked(&shm_id, &sem_id))) {
|
|
|
be2a3c |
- syslog(LOG_ERR,
|
|
|
be2a3c |
- "Error getting shared memory segment\n");
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if ((rc = add_sid_pid_pair_to_shm(shm_id))) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error adding sid/pid pair to shared memory "
|
|
|
be2a3c |
- "segment; rc = [%d]\n", rc);
|
|
|
be2a3c |
- zombie_semaphore_unlock(sem_id);
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- zombie_semaphore_unlock(sem_id);
|
|
|
be2a3c |
- sleep(ECRYPTFS_ZOMBIE_SLEEP_SECONDS);
|
|
|
be2a3c |
- if ((rc = get_zombie_shared_mem_locked(&shm_id, &sem_id))) {
|
|
|
be2a3c |
- syslog(LOG_ERR,
|
|
|
be2a3c |
- "Error getting shared memory segment\n");
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if ((rc = remove_pid_for_this_sid(shm_id))) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error attempting to remove pid/sid "
|
|
|
be2a3c |
- "pair from shared memory segment; rc = [%d]\n",
|
|
|
be2a3c |
- rc);
|
|
|
be2a3c |
- zombie_semaphore_unlock(sem_id);
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- zombie_semaphore_unlock(sem_id);
|
|
|
be2a3c |
- exit(1);
|
|
|
be2a3c |
-out:
|
|
|
be2a3c |
- return rc;
|
|
|
be2a3c |
-}
|
|
|
be2a3c |
-
|
|
|
be2a3c |
-int ecryptfs_kill_and_clear_zombie_session_placeholder(void)
|
|
|
be2a3c |
-{
|
|
|
be2a3c |
- int shm_id;
|
|
|
be2a3c |
- int sem_id;
|
|
|
be2a3c |
- int pid;
|
|
|
be2a3c |
- int rc = 0;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- if ((rc = get_zombie_shared_mem_locked(&shm_id, &sem_id))) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error getting shared memory segment\n");
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if ((rc = find_pid_for_this_sid(&pid, shm_id))) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error finding pid for sid in shared memory "
|
|
|
be2a3c |
- "segment; rc = [%d]\n", rc);
|
|
|
be2a3c |
- zombie_semaphore_unlock(sem_id);
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if (pid == 0) {
|
|
|
be2a3c |
- syslog(LOG_WARNING, "No valid pid found for this sid\n");
|
|
|
be2a3c |
- } else {
|
|
|
be2a3c |
- if ((rc = kill(pid, SIGKILL))) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error attempting to kill process "
|
|
|
be2a3c |
- "[%d]; rc = [%d]; errno string = [%m]\n", pid,
|
|
|
be2a3c |
- rc);
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if ((rc = remove_pid_for_this_sid(shm_id))) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error attempting to remove pid/sid "
|
|
|
be2a3c |
- "pair from shared memory segment; rc = [%d]\n",
|
|
|
be2a3c |
- rc);
|
|
|
be2a3c |
- zombie_semaphore_unlock(sem_id);
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- zombie_semaphore_unlock(sem_id);
|
|
|
be2a3c |
-out:
|
|
|
be2a3c |
- return rc;
|
|
|
be2a3c |
-}
|
|
|
be2a3c |
-
|
|
|
be2a3c |
-int ecryptfs_list_zombie_session_placeholders(void)
|
|
|
be2a3c |
-{
|
|
|
be2a3c |
- int shm_id;
|
|
|
be2a3c |
- int sem_id;
|
|
|
be2a3c |
- int rc = 0;
|
|
|
be2a3c |
-
|
|
|
be2a3c |
- if ((rc = get_zombie_shared_mem_locked(&shm_id, &sem_id))) {
|
|
|
be2a3c |
- syslog(LOG_ERR,
|
|
|
be2a3c |
- "Error getting shared memory segment\n");
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- if ((rc = list_pid_sid_pairs(shm_id))) {
|
|
|
be2a3c |
- syslog(LOG_ERR, "Error listing sid/pid pairs in shared memory "
|
|
|
be2a3c |
- "segment; rc = [%d]\n", rc);
|
|
|
be2a3c |
- zombie_semaphore_unlock(sem_id);
|
|
|
be2a3c |
- goto out;
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- zombie_semaphore_unlock(sem_id);
|
|
|
be2a3c |
-out:
|
|
|
be2a3c |
- return rc;
|
|
|
be2a3c |
-}
|
|
|
be2a3c |
-
|
|
|
be2a3c |
static struct ecryptfs_ctx_ops ctx_ops;
|
|
|
be2a3c |
|
|
|
be2a3c |
struct ecryptfs_ctx_ops *cryptfs_get_ctx_opts (void)
|
|
|
cac1ea |
diff -up ecryptfs-utils-103/src/pam_ecryptfs/pam_ecryptfs.c.nozombies ecryptfs-utils-103/src/pam_ecryptfs/pam_ecryptfs.c
|
|
|
cac1ea |
--- ecryptfs-utils-103/src/pam_ecryptfs/pam_ecryptfs.c.nozombies 2013-01-28 17:24:14.400103517 +0100
|
|
|
cac1ea |
+++ ecryptfs-utils-103/src/pam_ecryptfs/pam_ecryptfs.c 2013-01-28 17:24:14.408103580 +0100
|
|
|
cac1ea |
@@ -214,11 +214,6 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
|
|
|
7731a0 |
syslog(LOG_ERR, "pam_ecryptfs: Error adding passphrase key token to user session keyring; rc = [%ld]\n", rc);
|
|
|
be2a3c |
goto out_child;
|
|
|
be2a3c |
}
|
|
|
be2a3c |
- if (fork() == 0) {
|
|
|
be2a3c |
- if ((rc = ecryptfs_set_zombie_session_placeholder())) {
|
|
|
7731a0 |
- syslog(LOG_ERR, "pam_ecryptfs: Error attempting to create and register zombie process; rc = [%ld]\n", rc);
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
- }
|
|
|
be2a3c |
out_child:
|
|
|
be2a3c |
free(auth_tok_sig);
|
|
|
be2a3c |
_exit(0);
|