2 * rpcd - UBUS RPC server
4 * Copyright (C) 2013-2014 Jo-Philipp Wich <jow@openwrt.org>
5 * Copyright (C) 2016 Luka Perkov <luka@openwrt.org>
7 * Permission to use, copy, modify, and/or distribute this software for any
8 * purpose with or without fee is hereby granted, provided that the above
9 * copyright notice and this permission notice appear in all copies.
11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
33 #include <libubox/blobmsg.h>
34 #include <libubox/md5.h>
35 #include <libubox/ustream.h>
36 #include <libubox/utils.h>
38 #include <rpcd/plugin.h>
40 /* limit of sys & proc files */
41 #define RPC_FILE_MIN_SIZE (4096)
43 /* limit of regular files and command output data */
44 #define RPC_FILE_MAX_SIZE (4096 * 64)
46 /* limit of command line length for exec acl checks */
47 #define RPC_CMDLINE_MAX_SIZE (1024)
49 #define ustream_for_each_read_buffer(stream, ptr, len) \
50 for (ptr = ustream_get_read_buf(stream, &len); \
51 ptr != NULL && len > 0; \
52 ustream_consume(stream, len), ptr = ustream_get_read_buf(stream, &len))
54 #define ustream_declare(us, fd, name) \
55 us.stream.string_data = true; \
56 us.stream.r.buffer_len = 4096; \
57 us.stream.r.max_buffers = RPC_FILE_MAX_SIZE / 4096; \
58 us.stream.notify_read = rpc_file_##name##_read_cb; \
59 us.stream.notify_state = rpc_file_##name##_state_cb; \
60 ustream_fd_init(&us, fd);
62 static const struct rpc_daemon_ops *ops;
64 struct rpc_file_exec_context {
65 struct ubus_context *context;
66 struct ubus_request_data request;
67 struct uloop_timeout timeout;
68 struct uloop_process process;
69 struct ustream_fd opipe;
70 struct ustream_fd epipe;
75 static struct blob_buf buf;
76 static char *canonpath;
77 static char cmdstr[RPC_CMDLINE_MAX_SIZE];
85 static const struct blobmsg_policy rpc_file_R_policy[__RPC_F_R_MAX] = {
86 [RPC_F_R_PATH] = { .name = "path", .type = BLOBMSG_TYPE_STRING },
87 [RPC_F_R_SESSION] = { .name = "ubus_rpc_session",
88 .type = BLOBMSG_TYPE_STRING },
98 static const struct blobmsg_policy rpc_file_RB_policy[__RPC_F_RB_MAX] = {
99 [RPC_F_RB_PATH] = { .name = "path", .type = BLOBMSG_TYPE_STRING },
100 [RPC_F_RB_BASE64] = { .name = "base64", .type = BLOBMSG_TYPE_BOOL },
101 [RPC_F_RB_SESSION] = { .name = "ubus_rpc_session",
102 .type = BLOBMSG_TYPE_STRING },
115 static const struct blobmsg_policy rpc_file_RW_policy[__RPC_F_RW_MAX] = {
116 [RPC_F_RW_PATH] = { .name = "path", .type = BLOBMSG_TYPE_STRING },
117 [RPC_F_RW_DATA] = { .name = "data", .type = BLOBMSG_TYPE_STRING },
118 [RPC_F_RW_APPEND] = { .name = "append", .type = BLOBMSG_TYPE_BOOL },
119 [RPC_F_RW_MODE] = { .name = "mode", .type = BLOBMSG_TYPE_INT32 },
120 [RPC_F_RW_BASE64] = { .name = "base64", .type = BLOBMSG_TYPE_BOOL },
121 [RPC_F_RW_SESSION] = { .name = "ubus_rpc_session",
122 .type = BLOBMSG_TYPE_STRING },
133 static const struct blobmsg_policy rpc_exec_policy[__RPC_E_MAX] = {
134 [RPC_E_CMD] = { .name = "command", .type = BLOBMSG_TYPE_STRING },
135 [RPC_E_PARM] = { .name = "params", .type = BLOBMSG_TYPE_ARRAY },
136 [RPC_E_ENV] = { .name = "env", .type = BLOBMSG_TYPE_TABLE },
137 [RPC_E_SESSION] = { .name = "ubus_rpc_session",
138 .type = BLOBMSG_TYPE_STRING },
141 static const char *d_types[] = {
144 [DT_DIR] = "directory",
146 [DT_LNK] = "symlink",
148 [DT_SOCK] = "socket",
149 [DT_UNKNOWN] = "unknown",
154 rpc_errno_status(void)
159 return UBUS_STATUS_PERMISSION_DENIED;
162 return UBUS_STATUS_INVALID_ARGUMENT;
165 return UBUS_STATUS_NOT_FOUND;
168 return UBUS_STATUS_INVALID_ARGUMENT;
171 return UBUS_STATUS_UNKNOWN_ERROR;
176 rpc_file_access(const struct blob_attr *sid,
177 const char *path, const char *perm)
182 return ops->session_access(blobmsg_data(sid), "file", path, perm);
186 rpc_canonicalize_path(const char *path)
191 if (path == NULL || *path == '\0')
194 if (canonpath != NULL)
197 canonpath = strdup(path);
199 if (canonpath == NULL)
203 for (cp = canonpath, p = path; *p != '\0'; ) {
207 /* skip repeating / */
216 if ((p[2] == '\0') || (p[2] == '/')) {
221 /* collapse /x/../ */
222 if ((p[2] == '.') && ((p[3] == '\0') || (p[3] == '/'))) {
223 while ((cp > canonpath) && (*--cp != '/'))
235 /* remove trailing slash if not root / */
236 if ((cp > canonpath + 1) && (cp[-1] == '/'))
238 else if (cp == canonpath)
246 static struct blob_attr **
247 __rpc_check_path(const struct blobmsg_policy *policy, size_t policy_len,
248 int policy_path_idx, int policy_sid_idx, const char *perm,
249 struct blob_attr *msg, char **path, struct stat *s)
251 static struct blob_attr *tb[__RPC_F_RW_MAX]; /* largest _MAX constant */
253 blobmsg_parse(policy, policy_len, tb, blob_data(msg), blob_len(msg));
255 if (!tb[policy_path_idx])
261 *path = rpc_canonicalize_path(blobmsg_get_string(tb[policy_path_idx]));
269 if (!rpc_file_access(tb[policy_sid_idx], *path, perm))
275 if (s != NULL && stat(*path, s) != 0)
281 #define rpc_check_path(msg, policy_selector, perm, path, s) \
282 __rpc_check_path(rpc_file_ ## policy_selector ## _policy, \
283 ARRAY_SIZE(rpc_file_ ## policy_selector ## _policy), \
284 RPC_F_ ## policy_selector ## _PATH, \
285 RPC_F_ ## policy_selector ## _SESSION, \
289 rpc_file_read(struct ubus_context *ctx, struct ubus_object *obj,
290 struct ubus_request_data *req, const char *method,
291 struct blob_attr *msg)
293 struct blob_attr **tb;
301 tb = rpc_check_path(msg, RB, "read", &path, &s);
304 return rpc_errno_status();
306 if (s.st_size >= RPC_FILE_MAX_SIZE)
307 return UBUS_STATUS_NOT_SUPPORTED;
309 if ((fd = open(path, O_RDONLY)) < 0)
310 return rpc_errno_status();
312 /* some sysfs files do not report a length */
314 s.st_size = RPC_FILE_MIN_SIZE;
316 blob_buf_init(&buf, 0);
318 if (tb[RPC_F_RB_BASE64])
319 base64 = blobmsg_get_bool(tb[RPC_F_RB_BASE64]);
323 len = B64_ENCODE_LEN(s.st_size);
324 wbuf = blobmsg_alloc_string_buffer(&buf, "data", len);
328 rv = UBUS_STATUS_UNKNOWN_ERROR;
332 if ((len = read(fd, wbuf, s.st_size)) <= 0)
334 rv = UBUS_STATUS_NO_DATA;
340 uint8_t *data = calloc(len, sizeof(uint8_t));
343 rv = UBUS_STATUS_UNKNOWN_ERROR;
346 memcpy(data, wbuf, len);
348 len = b64_encode(data, len, wbuf, B64_ENCODE_LEN(len));
352 rv = UBUS_STATUS_UNKNOWN_ERROR;
357 *(wbuf + len) = '\0';
358 blobmsg_add_string_buffer(&buf);
360 ubus_send_reply(ctx, req, buf.head);
370 rpc_file_write(struct ubus_context *ctx, struct ubus_object *obj,
371 struct ubus_request_data *req, const char *method,
372 struct blob_attr *msg)
374 struct blob_attr **tb;
375 int append = O_TRUNC;
376 mode_t prev_mode, mode = 0666;
380 ssize_t data_len = 0;
382 tb = rpc_check_path(msg, RW, "write", &path, NULL);
385 return rpc_errno_status();
387 if (!tb[RPC_F_RW_DATA])
388 return UBUS_STATUS_INVALID_ARGUMENT;
390 data = blobmsg_data(tb[RPC_F_RW_DATA]);
391 data_len = blobmsg_data_len(tb[RPC_F_RW_DATA]) - 1;
393 if (tb[RPC_F_RW_APPEND] && blobmsg_get_bool(tb[RPC_F_RW_APPEND]))
396 if (tb[RPC_F_RW_MODE])
397 mode = blobmsg_get_u32(tb[RPC_F_RW_MODE]);
399 prev_mode = umask(0);
400 fd = open(path, O_CREAT | O_WRONLY | append, mode);
403 return rpc_errno_status();
405 if (tb[RPC_F_RW_BASE64] && blobmsg_get_bool(tb[RPC_F_RW_BASE64]))
407 data_len = b64_decode(data, data, data_len);
410 rv = UBUS_STATUS_UNKNOWN_ERROR;
415 if (write(fd, data, data_len) < 0)
426 return rpc_errno_status();
432 rpc_file_md5(struct ubus_context *ctx, struct ubus_object *obj,
433 struct ubus_request_data *req, const char *method,
434 struct blob_attr *msg)
442 if (!rpc_check_path(msg, R, "read", &path, &s))
443 return rpc_errno_status();
445 if (!S_ISREG(s.st_mode))
446 return UBUS_STATUS_NOT_SUPPORTED;
448 if ((rv = md5sum(path, md5)) <= 0)
449 return rpc_errno_status();
451 blob_buf_init(&buf, 0);
452 wbuf = blobmsg_alloc_string_buffer(&buf, "md5", 33);
454 for (i = 0; i < 16; i++)
455 sprintf(wbuf + (i * 2), "%02x", (uint8_t) md5[i]);
457 blobmsg_add_string_buffer(&buf);
458 ubus_send_reply(ctx, req, buf.head);
461 return UBUS_STATUS_OK;
465 _rpc_file_add_stat(struct stat *s)
469 type = S_ISREG(s->st_mode) ? DT_REG :
470 S_ISDIR(s->st_mode) ? DT_DIR :
471 S_ISCHR(s->st_mode) ? DT_CHR :
472 S_ISBLK(s->st_mode) ? DT_BLK :
473 S_ISFIFO(s->st_mode) ? DT_FIFO :
474 S_ISLNK(s->st_mode) ? DT_LNK :
475 S_ISSOCK(s->st_mode) ? DT_SOCK :
478 blobmsg_add_string(&buf, "type", d_types[type]);
479 blobmsg_add_u32(&buf, "size", s->st_size);
480 blobmsg_add_u32(&buf, "mode", s->st_mode);
481 blobmsg_add_u32(&buf, "atime", s->st_atime);
482 blobmsg_add_u32(&buf, "mtime", s->st_mtime);
483 blobmsg_add_u32(&buf, "ctime", s->st_ctime);
484 blobmsg_add_u32(&buf, "inode", s->st_ino);
485 blobmsg_add_u32(&buf, "uid", s->st_uid);
486 blobmsg_add_u32(&buf, "gid", s->st_gid);
490 rpc_file_list(struct ubus_context *ctx, struct ubus_object *obj,
491 struct ubus_request_data *req, const char *method,
492 struct blob_attr *msg)
498 char *path, *entrypath;
500 if (!rpc_check_path(msg, R, "list", &path, NULL))
501 return rpc_errno_status();
503 if ((fd = opendir(path)) == NULL)
504 return rpc_errno_status();
506 blob_buf_init(&buf, 0);
507 c = blobmsg_open_array(&buf, "entries");
509 while ((e = readdir(fd)) != NULL)
511 if (!strcmp(e->d_name, ".") || !strcmp(e->d_name, ".."))
514 if (asprintf(&entrypath, "%s/%s", path, e->d_name) < 0)
517 if (!stat(entrypath, &s))
519 d = blobmsg_open_table(&buf, NULL);
520 blobmsg_add_string(&buf, "name", e->d_name);
521 _rpc_file_add_stat(&s);
522 blobmsg_close_table(&buf, d);
530 blobmsg_close_array(&buf, c);
531 ubus_send_reply(ctx, req, buf.head);
538 rpc_file_stat(struct ubus_context *ctx, struct ubus_object *obj,
539 struct ubus_request_data *req, const char *method,
540 struct blob_attr *msg)
545 if (!rpc_check_path(msg, R, "list", &path, &s))
546 return rpc_errno_status();
548 blob_buf_init(&buf, 0);
550 blobmsg_add_string(&buf, "path", path);
551 _rpc_file_add_stat(&s);
553 ubus_send_reply(ctx, req, buf.head);
560 rpc_file_remove_recursive(const char *path);
563 rpc_file_remove_recursive(const char *path)
571 if ((fd = opendir(path)) == NULL)
572 return rpc_errno_status();
574 for (e = readdir(fd); e != NULL && err == 0; e = readdir(fd))
576 if (!strcmp(e->d_name, ".") || !strcmp(e->d_name, ".."))
579 if (asprintf(&entrypath, "%s/%s", path, e->d_name) >= 0)
581 if (!lstat(entrypath, &s))
583 if (S_ISDIR(s.st_mode))
584 err = rpc_file_remove_recursive(entrypath);
585 else if (unlink(entrypath))
586 err = rpc_errno_status();
593 err = UBUS_STATUS_UNKNOWN_ERROR;
599 if (!err && rmdir(path))
600 return rpc_errno_status();
606 rpc_file_remove(struct ubus_context *ctx, struct ubus_object *obj,
607 struct ubus_request_data *req, const char *method,
608 struct blob_attr *msg)
613 if (!rpc_check_path(msg, R, "write", &path, NULL))
614 return rpc_errno_status();
617 return rpc_errno_status();
619 if (S_ISDIR(s.st_mode))
620 return rpc_file_remove_recursive(path);
623 return rpc_errno_status();
629 rpc_file_exec_lookup(const char *cmd)
632 int plen = 0, clen = strlen(cmd) + 1;
634 static char path[PATH_MAX];
636 if (!stat(cmd, &s) && S_ISREG(s.st_mode))
639 search = getenv("PATH");
642 search = "/bin:/usr/bin:/sbin:/usr/sbin";
648 if (*p != ':' && *p != '\0')
653 if ((plen + clen) >= sizeof(path))
656 strncpy(path, search, plen);
657 sprintf(path + plen, "/%s", cmd);
659 if (!stat(path, &s) && S_ISREG(s.st_mode))
671 rpc_ustream_to_blobmsg(struct ustream *s, const char *name)
676 if ((len = ustream_pending_data(s, false)) > 0)
678 wbuf = blobmsg_alloc_string_buffer(&buf, name, len + 1);
683 ustream_for_each_read_buffer(s, rbuf, len)
685 memcpy(wbuf, rbuf, len);
690 blobmsg_add_string_buffer(&buf);
695 rpc_file_exec_reply(struct rpc_file_exec_context *c, int rv)
697 uloop_timeout_cancel(&c->timeout);
698 uloop_process_delete(&c->process);
700 if (rv == UBUS_STATUS_OK)
702 blob_buf_init(&buf, 0);
704 blobmsg_add_u32(&buf, "code", WEXITSTATUS(c->stat));
706 rpc_ustream_to_blobmsg(&c->opipe.stream, "stdout");
707 rpc_ustream_to_blobmsg(&c->epipe.stream, "stderr");
709 ubus_send_reply(c->context, &c->request, buf.head);
713 ubus_complete_deferred_request(c->context, &c->request, rv);
715 ustream_free(&c->opipe.stream);
716 ustream_free(&c->epipe.stream);
718 close(c->opipe.fd.fd);
719 close(c->epipe.fd.fd);
725 rpc_file_exec_timeout_cb(struct uloop_timeout *t)
727 struct rpc_file_exec_context *c =
728 container_of(t, struct rpc_file_exec_context, timeout);
730 kill(c->process.pid, SIGKILL);
731 rpc_file_exec_reply(c, UBUS_STATUS_TIMEOUT);
735 rpc_file_exec_process_cb(struct uloop_process *p, int stat)
737 struct rpc_file_exec_context *c =
738 container_of(p, struct rpc_file_exec_context, process);
742 ustream_poll(&c->opipe.stream);
743 ustream_poll(&c->epipe.stream);
747 rpc_file_exec_opipe_read_cb(struct ustream *s, int bytes)
749 struct rpc_file_exec_context *c =
750 container_of(s, struct rpc_file_exec_context, opipe.stream);
752 if (ustream_read_buf_full(s))
753 rpc_file_exec_reply(c, UBUS_STATUS_NOT_SUPPORTED);
757 rpc_file_exec_epipe_read_cb(struct ustream *s, int bytes)
759 struct rpc_file_exec_context *c =
760 container_of(s, struct rpc_file_exec_context, epipe.stream);
762 if (ustream_read_buf_full(s))
763 rpc_file_exec_reply(c, UBUS_STATUS_NOT_SUPPORTED);
767 rpc_file_exec_opipe_state_cb(struct ustream *s)
769 struct rpc_file_exec_context *c =
770 container_of(s, struct rpc_file_exec_context, opipe.stream);
772 if (c->opipe.stream.eof && c->epipe.stream.eof)
773 rpc_file_exec_reply(c, UBUS_STATUS_OK);
777 rpc_file_exec_epipe_state_cb(struct ustream *s)
779 struct rpc_file_exec_context *c =
780 container_of(s, struct rpc_file_exec_context, epipe.stream);
782 if (c->opipe.stream.eof && c->epipe.stream.eof)
783 rpc_file_exec_reply(c, UBUS_STATUS_OK);
794 rpc_file_exec_run(const char *cmd, const struct blob_attr *sid,
795 const struct blob_attr *arg, const struct blob_attr *env,
796 struct ubus_context *ctx, struct ubus_request_data *req)
805 struct blob_attr *cur;
808 char *executable, **args, **tmp, *p;
810 struct rpc_file_exec_context *c;
812 cmd = rpc_file_exec_lookup(cmd);
815 return UBUS_STATUS_NOT_FOUND;
817 executable = rpc_canonicalize_path(cmd);
819 if (executable == NULL)
820 return UBUS_STATUS_UNKNOWN_ERROR;
822 if (!rpc_file_access(sid, executable, "exec"))
824 if (arg == NULL || strlen(executable) >= sizeof(cmdstr))
825 return UBUS_STATUS_PERMISSION_DENIED;
828 p = cmdstr + sprintf(cmdstr, "%s", executable);
830 blobmsg_for_each_attr(cur, arg, rem)
832 if (blobmsg_type(cur) != BLOBMSG_TYPE_STRING)
836 p + blobmsg_data_len(cur) >= cmdstr + sizeof(cmdstr))
839 p += sprintf(p, " %s", blobmsg_get_string(cur));
843 if (!rpc_file_access(sid, cmdstr, "exec"))
844 return UBUS_STATUS_PERMISSION_DENIED;
847 c = malloc(sizeof(*c));
850 return UBUS_STATUS_UNKNOWN_ERROR;
858 switch ((pid = fork()))
866 devnull = open("/dev/null", O_RDWR);
869 return UBUS_STATUS_UNKNOWN_ERROR;
875 rpc_fdclose(devnull);
876 rpc_fdclose(opipe[0]);
877 rpc_fdclose(opipe[1]);
878 rpc_fdclose(epipe[0]);
879 rpc_fdclose(epipe[1]);
882 args = malloc(sizeof(char *) * arglen);
885 return UBUS_STATUS_UNKNOWN_ERROR;
887 args[0] = (char *)executable;
892 blobmsg_for_each_attr(cur, arg, rem)
894 if (blobmsg_type(cur) != BLOBMSG_TYPE_STRING)
900 return UBUS_STATUS_INVALID_ARGUMENT;
904 tmp = realloc(args, sizeof(char *) * arglen);
909 return UBUS_STATUS_UNKNOWN_ERROR;
913 args[arglen-2] = blobmsg_data(cur);
914 args[arglen-1] = NULL;
920 blobmsg_for_each_attr(cur, env, rem)
922 if (blobmsg_type(cur) != BLOBMSG_TYPE_STRING)
925 setenv(blobmsg_name(cur), blobmsg_data(cur), 1);
929 if (execv(executable, args))
930 return rpc_errno_status();
933 memset(c, 0, sizeof(*c));
935 ustream_declare(c->opipe, opipe[0], exec_opipe);
936 ustream_declare(c->epipe, epipe[0], exec_epipe);
938 c->process.pid = pid;
939 c->process.cb = rpc_file_exec_process_cb;
940 uloop_process_add(&c->process);
942 c->timeout.cb = rpc_file_exec_timeout_cb;
943 uloop_timeout_set(&c->timeout, *ops->exec_timeout);
949 ubus_defer_request(ctx, req, &c->request);
952 return UBUS_STATUS_OK;
964 return rpc_errno_status();
968 rpc_file_exec(struct ubus_context *ctx, struct ubus_object *obj,
969 struct ubus_request_data *req, const char *method,
970 struct blob_attr *msg)
972 struct blob_attr *tb[__RPC_E_MAX];
974 blobmsg_parse(rpc_exec_policy, __RPC_E_MAX, tb,
975 blob_data(msg), blob_len(msg));
978 return UBUS_STATUS_INVALID_ARGUMENT;
980 return rpc_file_exec_run(blobmsg_data(tb[RPC_E_CMD]), tb[RPC_E_SESSION],
981 tb[RPC_E_PARM], tb[RPC_E_ENV], ctx, req);
986 rpc_file_api_init(const struct rpc_daemon_ops *o, struct ubus_context *ctx)
988 static const struct ubus_method file_methods[] = {
989 UBUS_METHOD("read", rpc_file_read, rpc_file_RB_policy),
990 UBUS_METHOD("write", rpc_file_write, rpc_file_RW_policy),
991 UBUS_METHOD("list", rpc_file_list, rpc_file_R_policy),
992 UBUS_METHOD("stat", rpc_file_stat, rpc_file_R_policy),
993 UBUS_METHOD("md5", rpc_file_md5, rpc_file_R_policy),
994 UBUS_METHOD("remove", rpc_file_remove, rpc_file_R_policy),
995 UBUS_METHOD("exec", rpc_file_exec, rpc_exec_policy),
998 static struct ubus_object_type file_type =
999 UBUS_OBJECT_TYPE("luci-rpc-file", file_methods);
1001 static struct ubus_object obj = {
1004 .methods = file_methods,
1005 .n_methods = ARRAY_SIZE(file_methods),
1010 return ubus_add_object(ctx, &obj);
1013 struct rpc_plugin rpc_plugin = {
1014 .init = rpc_file_api_init