Secure promiscuous mode for posix semaphores

Adjusts the permissions of posix semaphores when promiscuous mode is enabled. Note that changing permissions of semaphores is only supported on linux by using the /dev/shm filesystem. As of now, linux does not use posix semaphores anymore so this code is currently unsed.
2017-03-18 11:33:30 +01:00 · 2017-03-18 11:33:30 +01:00 · d4f925c2ea
parent 5d89eba8c7
commit d4f925c2ea
2 changed files with 26 additions and 3 deletions
--- a/posix/JackPosixSemaphore.cpp
+++ b/posix/JackPosixSemaphore.cpp
@ -24,10 +24,22 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 #include <fcntl.h>
 #include <stdio.h>
 #include <sys/time.h>
+#ifdef __linux__
+#include "promiscuous.h"
+#endif

 namespace Jack
 {

+JackPosixSemaphore::JackPosixSemaphore() : JackSynchro(), fSemaphore(NULL)
+{
+    const char* promiscuous = getenv("JACK_PROMISCUOUS_SERVER");
+    fPromiscuous = (promiscuous != NULL);
+#ifdef __linux__
+    fPromiscuousGid = jack_group2gid(promiscuous);
+#endif
+}
+
 void JackPosixSemaphore::BuildName(const char* client_name, const char* server_name, char* res, int size)
 {
    char ext_client_name[SYNC_MAX_NAME_SIZE + 1];
@ -35,7 +47,7 @@ void JackPosixSemaphore::BuildName(const char* client_name, const char* server_n
 #if __APPLE__  // POSIX semaphore names are limited to 32 characters... 
    snprintf(res, 32, "js_%s", ext_client_name); 
 #else
-    if (getenv("JACK_PROMISCUOUS_SERVER")) {
+    if (fPromiscuous) {
        snprintf(res, size, "jack_sem.%s_%s", server_name, ext_client_name);
    } else {
        snprintf(res, size, "jack_sem.%d_%s_%s", JackTools::GetUID(), server_name, ext_client_name);
@ -147,6 +159,14 @@ bool JackPosixSemaphore::Allocate(const char* name, const char* server_name, int
        jack_error("Allocate: can't check in named semaphore name = %s err = %s", fName, strerror(errno));
        return false;
    } else {
+#ifdef __linux__
+        if (fPromiscuous) {
+            char sempath[SYNC_MAX_NAME_SIZE+13];
+            snprintf(sempath, sizeof(sempath), "/dev/shm/sem.%s", fName);
+            if (jack_promiscuous_perms(-1, sempath, fPromiscuousGid) < 0)
+                return false;
+        }
+#endif
        return true;
    }
 }
--- a/posix/JackPosixSemaphore.h
+++ b/posix/JackPosixSemaphore.h
@ -39,6 +39,10 @@ class SERVER_EXPORT JackPosixSemaphore : public detail::JackSynchro
    private:

        sem_t* fSemaphore;
+        bool fPromiscuous;
+#ifdef __linux__
+        int fPromiscuousGid;
+#endif

    protected:

@ -46,8 +50,7 @@ class SERVER_EXPORT JackPosixSemaphore : public detail::JackSynchro

    public:

-        JackPosixSemaphore():JackSynchro(), fSemaphore(NULL)
-        {}
+        JackPosixSemaphore();

        bool Signal();
        bool SignalAll();