From d4f925c2eafa050f2cda5b682f077b892d3b3de2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Schieli?= Date: Sat, 18 Mar 2017 11:33:30 +0100 Subject: [PATCH] Secure promiscuous mode for posix semaphores Adjusts the permissions of posix semaphores when promiscuous mode is enabled. Note that changing permissions of semaphores is only supported on linux by using the /dev/shm filesystem. As of now, linux does not use posix semaphores anymore so this code is currently unsed. --- posix/JackPosixSemaphore.cpp | 22 +++++++++++++++++++++- posix/JackPosixSemaphore.h | 7 +++++-- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/posix/JackPosixSemaphore.cpp b/posix/JackPosixSemaphore.cpp index 9e511647..1f4df7a4 100644 --- a/posix/JackPosixSemaphore.cpp +++ b/posix/JackPosixSemaphore.cpp @@ -24,10 +24,22 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. #include #include #include +#ifdef __linux__ +#include "promiscuous.h" +#endif namespace Jack { +JackPosixSemaphore::JackPosixSemaphore() : JackSynchro(), fSemaphore(NULL) +{ + const char* promiscuous = getenv("JACK_PROMISCUOUS_SERVER"); + fPromiscuous = (promiscuous != NULL); +#ifdef __linux__ + fPromiscuousGid = jack_group2gid(promiscuous); +#endif +} + void JackPosixSemaphore::BuildName(const char* client_name, const char* server_name, char* res, int size) { char ext_client_name[SYNC_MAX_NAME_SIZE + 1]; @@ -35,7 +47,7 @@ void JackPosixSemaphore::BuildName(const char* client_name, const char* server_n #if __APPLE__ // POSIX semaphore names are limited to 32 characters... snprintf(res, 32, "js_%s", ext_client_name); #else - if (getenv("JACK_PROMISCUOUS_SERVER")) { + if (fPromiscuous) { snprintf(res, size, "jack_sem.%s_%s", server_name, ext_client_name); } else { snprintf(res, size, "jack_sem.%d_%s_%s", JackTools::GetUID(), server_name, ext_client_name); @@ -147,6 +159,14 @@ bool JackPosixSemaphore::Allocate(const char* name, const char* server_name, int jack_error("Allocate: can't check in named semaphore name = %s err = %s", fName, strerror(errno)); return false; } else { +#ifdef __linux__ + if (fPromiscuous) { + char sempath[SYNC_MAX_NAME_SIZE+13]; + snprintf(sempath, sizeof(sempath), "/dev/shm/sem.%s", fName); + if (jack_promiscuous_perms(-1, sempath, fPromiscuousGid) < 0) + return false; + } +#endif return true; } } diff --git a/posix/JackPosixSemaphore.h b/posix/JackPosixSemaphore.h index 94f4d60f..bc5e0cea 100644 --- a/posix/JackPosixSemaphore.h +++ b/posix/JackPosixSemaphore.h @@ -39,6 +39,10 @@ class SERVER_EXPORT JackPosixSemaphore : public detail::JackSynchro private: sem_t* fSemaphore; + bool fPromiscuous; +#ifdef __linux__ + int fPromiscuousGid; +#endif protected: @@ -46,8 +50,7 @@ class SERVER_EXPORT JackPosixSemaphore : public detail::JackSynchro public: - JackPosixSemaphore():JackSynchro(), fSemaphore(NULL) - {} + JackPosixSemaphore(); bool Signal(); bool SignalAll();