From f21536d2f0bc7ef8ab2207a04eba2accd55b9254 Mon Sep 17 00:00:00 2001 From: Philippe Guibert Date: Wed, 24 Apr 2019 11:10:27 +0200 Subject: [PATCH] bfd: add bfdd_privs to the bglobal structure this structure contains the bfdd_privs structure in charge of the privilege settings. The initialisation has moved a bit, in order that the preinit settings are done. Signed-off-by: Philippe Guibert --- bfdd/bfd.h | 4 ++-- bfdd/bfd_packet.c | 16 ++++++++-------- bfdd/bfdd.c | 39 +++++++++++++++++++++------------------ 3 files changed, 31 insertions(+), 28 deletions(-) diff --git a/bfdd/bfd.h b/bfdd/bfd.h index 2bfdcc4055..3f3d603832 100644 --- a/bfdd/bfd.h +++ b/bfdd/bfd.h @@ -50,8 +50,6 @@ DECLARE_MTYPE(BFDD_SESSION_OBSERVER); DECLARE_MTYPE(BFDD_NOTIFICATION); DECLARE_MTYPE(BFDD_VRF); -extern struct zebra_privs_t bfdd_privs; - struct bfd_timers { uint32_t desired_min_tx; uint32_t required_min_rx; @@ -402,6 +400,8 @@ struct bfd_global { struct pllist bg_pllist; struct obslist bg_obslist; + + struct zebra_privs_t bfdd_privs; }; extern struct bfd_global bglobal; extern struct bfd_diag_str_list diag_list[]; diff --git a/bfdd/bfd_packet.c b/bfdd/bfd_packet.c index 58ae5bb4f1..8edba05d12 100644 --- a/bfdd/bfd_packet.c +++ b/bfdd/bfd_packet.c @@ -883,7 +883,7 @@ int bp_udp_shop(vrf_id_t vrf_id) { int sd; - frr_elevate_privs(&bfdd_privs) { + frr_elevate_privs(&bglobal.bfdd_privs) { sd = vrf_socket(AF_INET, SOCK_DGRAM, PF_UNSPEC, vrf_id, NULL); } if (sd == -1) @@ -898,7 +898,7 @@ int bp_udp_mhop(vrf_id_t vrf_id) { int sd; - frr_elevate_privs(&bfdd_privs) { + frr_elevate_privs(&bglobal.bfdd_privs) { sd = vrf_socket(AF_INET, SOCK_DGRAM, PF_UNSPEC, vrf_id, NULL); } if (sd == -1) @@ -923,7 +923,7 @@ int bp_peer_socket(const struct bfd_session *bs) && bs->key.vrfname[0]) device_to_bind = (const char *)bs->key.vrfname; - frr_elevate_privs(&bfdd_privs) { + frr_elevate_privs(&bglobal.bfdd_privs) { sd = vrf_socket(AF_INET, SOCK_DGRAM, PF_UNSPEC, bs->vrf->vrf_id, device_to_bind); } @@ -990,7 +990,7 @@ int bp_peer_socketv6(const struct bfd_session *bs) && bs->key.vrfname[0]) device_to_bind = (const char *)bs->key.vrfname; - frr_elevate_privs(&bfdd_privs) { + frr_elevate_privs(&bglobal.bfdd_privs) { sd = vrf_socket(AF_INET6, SOCK_DGRAM, PF_UNSPEC, bs->vrf->vrf_id, device_to_bind); } @@ -1110,7 +1110,7 @@ int bp_udp6_shop(vrf_id_t vrf_id) { int sd; - frr_elevate_privs(&bfdd_privs) { + frr_elevate_privs(&bglobal.bfdd_privs) { sd = vrf_socket(AF_INET6, SOCK_DGRAM, PF_UNSPEC, vrf_id, NULL); } if (sd == -1) @@ -1126,7 +1126,7 @@ int bp_udp6_mhop(vrf_id_t vrf_id) { int sd; - frr_elevate_privs(&bfdd_privs) { + frr_elevate_privs(&bglobal.bfdd_privs) { sd = vrf_socket(AF_INET6, SOCK_DGRAM, PF_UNSPEC, vrf_id, NULL); } if (sd == -1) @@ -1142,7 +1142,7 @@ int bp_echo_socket(vrf_id_t vrf_id) { int s; - frr_elevate_privs(&bfdd_privs) { + frr_elevate_privs(&bglobal.bfdd_privs) { s = vrf_socket(AF_INET, SOCK_DGRAM, 0, vrf_id, NULL); } if (s == -1) @@ -1158,7 +1158,7 @@ int bp_echov6_socket(vrf_id_t vrf_id) { int s; - frr_elevate_privs(&bfdd_privs) { + frr_elevate_privs(&bglobal.bfdd_privs) { s = vrf_socket(AF_INET6, SOCK_DGRAM, 0, vrf_id, NULL); } if (s == -1) diff --git a/bfdd/bfdd.c b/bfdd/bfdd.c index fe4408bc8b..218f0883c5 100644 --- a/bfdd/bfdd.c +++ b/bfdd/bfdd.c @@ -42,19 +42,6 @@ struct thread_master *master; /* BFDd privileges */ static zebra_capabilities_t _caps_p[] = {ZCAP_BIND, ZCAP_SYS_ADMIN, ZCAP_NET_RAW}; -struct zebra_privs_t bfdd_privs = { -#if defined(FRR_USER) && defined(FRR_GROUP) - .user = FRR_USER, - .group = FRR_GROUP, -#endif -#if defined(VTY_GROUP) - .vty_group = VTY_GROUP, -#endif - .caps_p = _caps_p, - .cap_num_p = array_size(_caps_p), - .cap_num_i = 0, -}; - void socket_close(int *s) { if (*s <= 0) @@ -112,7 +99,7 @@ static struct quagga_signal_t bfd_signals[] = { FRR_DAEMON_INFO(bfdd, BFD, .vty_port = 2617, .proghelp = "Implementation of the BFD protocol.", .signals = bfd_signals, .n_signals = array_size(bfd_signals), - .privs = &bfdd_privs) + .privs = &bglobal.bfdd_privs) #define OPTION_CTLSOCK 1001 static struct option longopts[] = { @@ -149,8 +136,24 @@ struct bfd_state_str_list state_list[] = { static void bg_init(void) { + struct zebra_privs_t bfdd_privs = { +#if defined(FRR_USER) && defined(FRR_GROUP) + .user = FRR_USER, + .group = FRR_GROUP, +#endif +#if defined(VTY_GROUP) + .vty_group = VTY_GROUP, +#endif + .caps_p = _caps_p, + .cap_num_p = array_size(_caps_p), + .cap_num_i = 0, + }; + TAILQ_INIT(&bglobal.bg_bcslist); TAILQ_INIT(&bglobal.bg_obslist); + + memcpy(&bglobal.bfdd_privs, &bfdd_privs, + sizeof(bfdd_privs)); } int main(int argc, char *argv[]) @@ -158,6 +161,9 @@ int main(int argc, char *argv[]) const char *ctl_path = BFDD_CONTROL_SOCKET; int opt; + /* Initialize system sockets. */ + bg_init(); + frr_preinit(&bfdd_di, argc, argv); frr_opt_add("", longopts, " --bfdctl Specify bfdd control socket\n"); @@ -185,9 +191,6 @@ int main(int argc, char *argv[]) /* Initialize logging API. */ log_init(1, BLOG_DEBUG, &bfdd_di); - /* Initialize system sockets. */ - bg_init(); - /* Initialize control socket. */ control_init(ctl_path); @@ -200,7 +203,7 @@ int main(int argc, char *argv[]) bfd_vrf_init(); /* Initialize zebra connection. */ - bfdd_zclient_init(&bfdd_privs); + bfdd_zclient_init(&bglobal.bfdd_privs); thread_add_read(master, control_accept, NULL, bglobal.bg_csock, &bglobal.bg_csockev); -- 2.39.5