Validate sender credentials on netlink msg receive (c4956766) · Commits · e / os / android_system_core

libsysutils/src/NetlinkListener.cpp

+26 −3

Original line number	Diff line number	Diff line
		@@ -17,6 +17,7 @@

		#include <sys/types.h>
		#include <sys/socket.h>
		#include <linux/netlink.h>
		#include <string.h>

		#define LOG_TAG "NetlinkListener"
		@@ -32,10 +33,32 @@ NetlinkListener::NetlinkListener(int socket) :
		bool NetlinkListener::onDataAvailable(SocketClient *cli)
		{
		int socket = cli->getSocket();
		int count;
		ssize_t count;
		char cred_msg[CMSG_SPACE(sizeof(struct ucred))];
		struct sockaddr_nl snl;
		struct iovec iov = {mBuffer, sizeof(mBuffer)};
		struct msghdr hdr = {&snl, sizeof(snl), &iov, 1, cred_msg, sizeof(cred_msg), 0};

		if ((count = recv(socket, mBuffer, sizeof(mBuffer), 0)) < 0) {
		SLOGE("recv failed (%s)", strerror(errno));
		if ((count = recvmsg(socket, &hdr, 0)) < 0) {
		SLOGE("recvmsg failed (%s)", strerror(errno));
		return false;
		}

		if ((snl.nl_groups != 1) \|\| (snl.nl_pid != 0)) {
		SLOGE("ignoring non-kernel netlink multicast message");
		return false;
		}

		struct cmsghdr * cmsg = CMSG_FIRSTHDR(&hdr);

		if (cmsg == NULL \|\| cmsg->cmsg_type != SCM_CREDENTIALS) {
		SLOGE("ignoring message with no sender credentials");
		return false;
		}

		struct ucred * cred = (struct ucred *)CMSG_DATA(cmsg);
		if (cred->uid != 0) {
		SLOGE("ignoring message from non-root UID %d", cred->uid);
		return false;
		}