Hi Sam,
I made a patch based on your advice that solves the issue for me. Any
feedback
would be appreciated. Thanks for your help.
diff --git a/pflocal/io.c b/pflocal/io.c
index 23e71ea4..2a6b104c 100644
--- a/pflocal/io.c
+++ b/pflocal/io.c
@@ -327,6 +327,8 @@ S_io_stat (struct sock_user *user, struct stat *st)
st->st_ino = sock->id;
/* As we try to be clever with large transfers, ask for them. */
st->st_blksize = vm_page_size * 16;
+ st->st_uid = sock->uid;
+ st->st_gid = sock->gid;
pthread_mutex_lock (&sock->lock); /* Make sure the pipes don't go
away... */
diff --git a/pflocal/mig-mutate.h b/pflocal/mig-mutate.h
index 0743f336..88c9d7da 100644
--- a/pflocal/mig-mutate.h
+++ b/pflocal/mig-mutate.h
@@ -39,4 +39,10 @@
#define ADDRPORT_INTRAN_PAYLOAD addr_t begin_using_addr_payload
#define ADDRPORT_DESTRUCTOR end_using_addr_port (addr_t)
-#define SOCKET_IMPORTS import "mig-decls.h";
+#define SOCKET_IMPORTS \
+ import "mig-decls.h"; \
+ import "../libtrivfs/mig-decls.h"; \
+
+#define PF_INTRAN trivfs_protid_t trivfs_begin_using_protid (pf_t)
+#define PF_INTRAN_PAYLOAD trivfs_protid_t trivfs_begin_using_protid_payload
+#define PF_DESTRUCTOR trivfs_end_using_protid (trivfs_protid_t)
diff --git a/pflocal/pf.c b/pflocal/pf.c
index 35b3d8c3..c905f3bf 100644
--- a/pflocal/pf.c
+++ b/pflocal/pf.c
@@ -21,6 +21,7 @@
#include <stddef.h>
#include <sys/socket.h>
#include <hurd/pipe.h>
+#include <hurd/trivfs.h>
#include "sock.h"
@@ -29,7 +30,7 @@
/* Create a new socket. Sock type is, for example, SOCK_STREAM,
SOCK_DGRAM, or some such. */
error_t
-S_socket_create (mach_port_t pf,
+S_socket_create (trivfs_protid_t pf,
int sock_type, int protocol,
mach_port_t *port, mach_msg_type_name_t *port_type)
{
@@ -77,6 +78,11 @@ S_socket_create (mach_port_t pf,
else
*port_type = MACH_MSG_TYPE_MAKE_SEND;
}
+
+ if (pf->user->uids->num > 0)
+ sock->uid = pf->user->uids->ids[0];
+ if (pf->user->gids->num > 0)
+ sock->gid = pf->user->gids->ids[0];
return err;
}
diff --git a/pflocal/sock.c b/pflocal/sock.c
index 89ba16e2..e39e2932 100644
--- a/pflocal/sock.c
+++ b/pflocal/sock.c
@@ -123,6 +123,8 @@ sock_create (struct pipe_class *pipe_class, mode_t
mode, struct sock **sock)
new->connect_queue = NULL;
new->pipe_class = pipe_class;
new->addr = NULL;
+ new->uid = 0;
+ new->gid = 0;
memset (&new->change_time, 0, sizeof (new->change_time));
pthread_mutex_init (&new->lock, NULL);
diff --git a/pflocal/sock.h b/pflocal/sock.h
index c1e73f9b..c3061246 100644
--- a/pflocal/sock.h
+++ b/pflocal/sock.h
@@ -85,6 +85,10 @@ struct sock
/* A connection queue we're attempting to connect through; a socket may
only be attempting one connection at a time. */
struct connq *connect_queue;
+
+ uid_t uid;
+
+ gid_t gid;
};
/* Socket flags */
*Andrew Eggenberger*
On Mon, Nov 9, 2020 at 2:53 PM Samuel Thibault <samuel.thiba...@gnu.org>
wrote:
> Andrew Eggenberger, le jeu. 29 oct. 2020 16:12:47 -0500, a ecrit:
> > I think the problem is with the pflocal/io.c implementation of
> S_io_stat.
> [...]
> > calling fstat on the
> > file descriptor of a socket created with cloexec_socket (AF_UNIX,
> > SOCK_STREAM, 0);. But S_io_stat doesn't set uid.
>
> Indeed. The more complete story is that
>
> - on the application side, socket() calls _hurd_socket_server, which
> opens /servers/socket/1
> - on the pflocal side, that translates to calling trivfs_S_dir_lookup,
> which does receive the user credentials in its cred parameter, and
> calls trivfs_open that creates a struct trivfs_peropen and struct
> trivfs_protid in which the user field points to the credentials.
>
> - then on the application side, socket() calls __socket_create
> - on the pflocal side, that translates to calling S_socket_create.
> There, the pf port is for now untranslated (showing up as a
> mach_port_t), but you can add to pflocal/mig-mutate.h the same
> PF_INTRAN, PF_INTRAN_PAYLOAD, and PF_DESTRUCTOR as in e.g.
> pfinet/mig-mutate.h, so that S_socket_create (and others in the same
> file) get the translated port (showing up as a struct trivfs_protid
> *master). Then you have access to the credential, and can record
> uid/gid in a new field of struct sock.
>
> > The problem is that /hurd/pflocal is owned by and in
> > the group root,
>
> Well, that's unrelated. io_stat memsets the struct stat to 0 anyway.
>
> Samuel
>
