1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 23 /* 24 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 25 * Use is subject to license terms. 26 */ 27 28 #pragma ident "%Z%%M% %I% %E% SMI" 29 30 #include "synonyms.h" 31 #include <mtlib.h> 32 #include <sys/types.h> 33 #include <pwd.h> 34 #include <nss_dbdefs.h> 35 #include <stdio.h> 36 #include <synch.h> 37 #include <sys/param.h> 38 #include <fcntl.h> 39 #include <unistd.h> 40 #include <getxby_door.h> 41 #include <sys/door.h> 42 #include "libc.h" 43 #include "base_conversion.h" 44 45 /* 46 * 47 * Routine that actually performs the door call. 48 * Note that we cache a file descriptor. We do 49 * the following to prevent disasters: 50 * 51 * 1) Never use 0,1 or 2; if we get this from the open 52 * we dup it upwards. 53 * 54 * 2) Set the close on exec flags so descriptor remains available 55 * to child processes. 56 * 57 * 3) Verify that the door is still the same one we had before 58 * by using door_info on the client side. 59 * 60 * Note that we never close the file descriptor if it isn't one 61 * we allocated; we check this with door info. The rather tricky 62 * logic is designed to be fast in the normal case (fd is already 63 * allocated and is ok) while handling the case where the application 64 * closed it underneath us or where the nscd dies or re-execs itself 65 * and we're a multi-threaded application. Note that we cannot protect 66 * the application if it closes the fd and it is multi-threaded. 67 * 68 * int _nsc_trydoorcall(void *dptr, int *bufsize, int *actualsize); 69 * 70 * *dptr IN: points to arg buffer OUT: points to results buffer 71 * *bufsize IN: overall size of buffer OUT: overall size of buffer 72 * *actualsize IN: size of call data OUT: size of return data 73 * 74 * Note that *dptr may change if provided space as defined by *bufsize is 75 * inadequate. In this case the door call mmaps more space and places 76 * the answer there and sets dptr to contain a pointer to the space, which 77 * should be freed with munmap. 78 * 79 * Returns 0 if the door call reached the server, -1 if contact was not made. 80 * 81 */ 82 83 static mutex_t _door_lock = DEFAULTMUTEX; 84 85 int 86 _nsc_trydoorcall(nsc_data_t **dptr, int *ndata, int *adata) 87 { 88 static int doorfd = -1; 89 static door_info_t real_door; 90 door_info_t my_door; 91 door_arg_t param; 92 93 /* 94 * the first time in we try and open and validate the door. 95 * the validations are that the door must have been 96 * created with the name service door cookie and 97 * that the file attached to the door is owned by root 98 * and readonly by user, group and other. If any of these 99 * validations fail we refuse to use the door. 100 */ 101 102 lmutex_lock(&_door_lock); 103 104 try_again: 105 106 if (doorfd == -1) { 107 int tbc[3]; 108 int i; 109 110 if ((doorfd = open64(NAME_SERVICE_DOOR, O_RDONLY, 0)) == -1) { 111 lmutex_unlock(&_door_lock); 112 return (NOSERVER); 113 } 114 115 /* 116 * dup up the file descriptor if we have 0 - 2 117 * to avoid problems with shells stdin/out/err 118 */ 119 i = 0; 120 121 while (doorfd < 3) { /* we have a reserved fd */ 122 tbc[i++] = doorfd; 123 if ((doorfd = dup(doorfd)) < 0) { 124 while (i--) 125 (void) close(tbc[i]); 126 doorfd = -1; 127 lmutex_unlock(&_door_lock); 128 return (NOSERVER); 129 } 130 } 131 132 while (i--) 133 (void) close(tbc[i]); 134 135 /* 136 * mark this door descriptor as close on exec 137 */ 138 (void) fcntl(doorfd, F_SETFD, FD_CLOEXEC); 139 if (__door_info(doorfd, &real_door) == -1 || 140 (real_door.di_attributes & DOOR_REVOKED) || 141 real_door.di_data != (uintptr_t)NAME_SERVICE_DOOR_COOKIE) { 142 /* 143 * we should close doorfd because we just opened it 144 */ 145 (void) close(doorfd); 146 doorfd = -1; 147 lmutex_unlock(&_door_lock); 148 return (NOSERVER); 149 } 150 } else { 151 if (__door_info(doorfd, &my_door) == -1 || 152 my_door.di_data != (uintptr_t)NAME_SERVICE_DOOR_COOKIE || 153 my_door.di_uniquifier != real_door.di_uniquifier) { 154 /* 155 * don't close it - 156 * someone else has clobbered fd 157 */ 158 doorfd = -1; 159 goto try_again; 160 } 161 162 if (my_door.di_attributes & DOOR_REVOKED) { 163 (void) close(doorfd); /* nscd exited .... */ 164 doorfd = -1; /* try and restart connection */ 165 goto try_again; 166 } 167 } 168 169 lmutex_unlock(&_door_lock); 170 171 param.rbuf = (char *)*dptr; 172 param.rsize = *ndata; 173 param.data_ptr = (char *)*dptr; 174 param.data_size = *adata; 175 param.desc_ptr = NULL; 176 param.desc_num = 0; 177 if (__door_call(doorfd, ¶m) == -1) { 178 return (NOSERVER); 179 } 180 *adata = (int)param.data_size; 181 *ndata = (int)param.rsize; 182 *dptr = (nsc_data_t *)(uintptr_t)param.data_ptr; 183 if (*adata == 0 || *dptr == NULL) { 184 return (NOSERVER); 185 } 186 187 return ((*dptr)->nsc_ret.nsc_return_code); 188 } 189