diff --git a/interfaces/innerkits/control_fd/control_fd.h b/interfaces/innerkits/control_fd/control_fd.h index 1e68259b65afe60aef95632dbdae75574b33e561..a1ffcc7e8c2635f5942a6735790ec491bd926c68 100644 --- a/interfaces/innerkits/control_fd/control_fd.h +++ b/interfaces/innerkits/control_fd/control_fd.h @@ -65,7 +65,6 @@ typedef void (* CallbackControlFdProcess)(uint16_t type, const char *serviceCmd, typedef enum { ACTION_SANDBOX = 0, ACTION_DUMP, - ACTION_PARAM_SHELL, ACTION_MODULEMGR, ACTION_MAX } ActionType; @@ -88,4 +87,4 @@ void CmdServiceProcessDestroyClient(void); #endif #endif -#endif \ No newline at end of file +#endif diff --git a/interfaces/innerkits/control_fd/control_fd_service.c b/interfaces/innerkits/control_fd/control_fd_service.c index 45cda8d38f346d7f3f9f8fd2447d8bf09986dcf7..25e70d5ae15c537289ab3359c81b37934a3482a7 100644 --- a/interfaces/innerkits/control_fd/control_fd_service.c +++ b/interfaces/innerkits/control_fd/control_fd_service.c @@ -15,6 +15,8 @@ #include #include +#include +#include #include "beget_ext.h" #include "control_fd.h" @@ -34,6 +36,22 @@ static void OnClose(const TaskHandle task) OH_ListInit(&agent->item); } +CONTROL_FD_STATIC int CheckSocketPermission(const TaskHandle task) +{ + struct ucred uc = {-1, -1, -1}; + socklen_t len = sizeof(uc); + if (getsockopt(LE_GetSocketFd(task), SOL_SOCKET, SO_PEERCRED, &uc, &len) < 0) { + BEGET_LOGE("Failed to get socket option. err = %d", errno); + return -1; + } + // Only root is permitted to use control fd of init. + if (uc.uid != 0) { // non-root user + errno = EPERM; + return -1; + } + return 0; +} + CONTROL_FD_STATIC void CmdOnRecvMessage(const TaskHandle task, const uint8_t *buffer, uint32_t buffLen) { if (buffer == NULL) { @@ -45,17 +63,23 @@ CONTROL_FD_STATIC void CmdOnRecvMessage(const TaskHandle task, const uint8_t *bu // parse msg to exec CmdMessage *msg = (CmdMessage *)buffer; if ((msg->type >= ACTION_MAX) || (msg->cmd[0] == '\0') || (msg->ptyName[0] == '\0')) { - BEGET_LOGE("[control_fd] Received msg is invaild"); + BEGET_LOGE("[control_fd] Received msg is invalid"); + return; + } + + if (CheckSocketPermission(task) < 0) { + BEGET_LOGE("Check socket permission failed, err = %d", errno); return; } + #ifndef STARTUP_INIT_TEST agent->pid = fork(); if (agent->pid == 0) { OpenConsole(); char *realPath = GetRealPath(msg->ptyName); BEGET_ERROR_CHECK(realPath != NULL, _exit(1), "Failed get realpath, err=%d", errno); - char *strl = strstr(realPath, "/dev/pts"); - BEGET_ERROR_CHECK(strl != NULL, free(realPath); _exit(1), "pts path %s is invaild", realPath); + int n = strncmp(realPath, "/dev/pts/", strlen("/dev/pts/")); + BEGET_ERROR_CHECK(n == 0, free(realPath); _exit(1), "pts path %s is invaild", realPath); int fd = open(realPath, O_RDWR); free(realPath); BEGET_ERROR_CHECK(fd >= 0, _exit(1), "Failed open %s, err=%d", msg->ptyName, errno); @@ -68,7 +92,7 @@ CONTROL_FD_STATIC void CmdOnRecvMessage(const TaskHandle task, const uint8_t *bu } _exit(0); } else if (agent->pid < 0) { - BEGET_LOGE("[control_fd] Failed fork service"); + BEGET_LOGE("[control_fd] Failed to fork child process, err = %d", errno); } #endif return; diff --git a/services/init/standard/init_control_fd_service.c b/services/init/standard/init_control_fd_service.c index 6f2bbeaecf6e7650c72ea4f9fcc45ccd34fa15f4..6b87dc69c62613a54952be541283beb0b5c48d15 100755 --- a/services/init/standard/init_control_fd_service.c +++ b/services/init/standard/init_control_fd_service.c @@ -218,22 +218,6 @@ static void ProcessModuleMgrControlFd(uint16_t type, const char *serviceCmd) } } -static void ProcessParamShellControlFd(uint16_t type, const char *serviceCmd) -{ - if ((type != ACTION_PARAM_SHELL) || (serviceCmd == NULL)) { - return; - } - (void)setuid(2000); // 2000 shell group - (void)setgid(2000); // 2000 shell group - char *args[] = {(char *)serviceCmd, NULL}; - int ret = execv(args[0], args); - if (ret < 0) { - INIT_LOGE("error on exec %d \n", errno); - exit(-1); - } - exit(0); -} - void ProcessControlFd(uint16_t type, const char *serviceCmd, const void *context) { if ((type >= ACTION_MAX) || (serviceCmd == NULL)) { @@ -246,9 +230,6 @@ void ProcessControlFd(uint16_t type, const char *serviceCmd, const void *context case ACTION_DUMP : ProcessDumpServiceControlFd(type, serviceCmd); break; - case ACTION_PARAM_SHELL : - ProcessParamShellControlFd(type, serviceCmd); - break; case ACTION_MODULEMGR : ProcessModuleMgrControlFd(type, serviceCmd); break; diff --git a/services/loopevent/socket/le_socket.c b/services/loopevent/socket/le_socket.c index c8ff93110266948096ba5f161d2c90eb233b0dc0..0e27e72681891bb99c02c745e9f4f8b09230bf99 100644 --- a/services/loopevent/socket/le_socket.c +++ b/services/loopevent/socket/le_socket.c @@ -63,8 +63,12 @@ static int CreatePipeSocket_(const char *server) LE_CHECK(fd > 0, return fd, "Failed to create socket"); SetNoBlock(fd); + int on = 1; + int ret = setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); + LE_CHECK(ret == 0, return ret, "Failed to set socket option"); + struct sockaddr_un serverAddr; - int ret = memset_s(&serverAddr, sizeof(serverAddr), 0, sizeof(serverAddr)); + ret = memset_s(&serverAddr, sizeof(serverAddr), 0, sizeof(serverAddr)); LE_CHECK(ret == 0, close(fd); return ret, "Failed to memset_s serverAddr"); serverAddr.sun_family = AF_UNIX; @@ -118,9 +122,13 @@ static int CreateTcpSocket_(const char *server) LE_CHECK(fd > 0, return fd, "Failed to create socket"); SetNoBlock(fd); + int on = 1; + int ret = setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); + LE_CHECK(ret == 0, return ret, "Failed to set socket option"); + struct sockaddr_in serverAddr; GetSockaddrFromServer_(server, &serverAddr); - int ret = connect(fd, (struct sockaddr *)&serverAddr, sizeof(serverAddr)); + ret = connect(fd, (struct sockaddr *)&serverAddr, sizeof(serverAddr)); LE_CHECK(ret >= 0, close(fd); return ret, "Failed to connect socket errno:%d", errno); return fd;