From e129536a08a74045719640676b55a03b926117d9 Mon Sep 17 00:00:00 2001 From: Kenny Levinsen Date: Sat, 1 Aug 2020 03:23:56 +0200 Subject: devices: Use path to check device type FreeBSD device numbers cannot be used to check the type of a device, as they are merely unique filesystem IDs. As the paths we use have been sanitized with realpath, we can simply use the path to check if a requested file is an evdev or drm device. This also allows us to make the check before the file is opened. --- common/drm.c | 22 +++++++++++++- common/evdev.c | 13 +++++++- include/compiler.h | 2 ++ include/drm.h | 7 +++-- include/evdev.h | 7 +++-- include/seat.h | 8 ++++- seatd/seat.c | 89 ++++++++++++++++++++++++++++++------------------------ 7 files changed, 102 insertions(+), 46 deletions(-) diff --git a/common/drm.c b/common/drm.c index 3234e81..684a925 100644 --- a/common/drm.c +++ b/common/drm.c @@ -1,10 +1,12 @@ +#include #include #include -#ifdef __linux__ +#if defined(__linux__) #include #endif +#include "compiler.h" #include "drm.h" // From libdrm @@ -21,6 +23,24 @@ int drm_drop_master(int fd) { return ioctl(fd, DRM_IOCTL_DROP_MASTER, 0); } +static int path_is_drm_card(const char *path) { + static const char prefix[] = "/dev/dri/card"; + static const int prefixlen = STRLEN(prefix); + return strncmp(prefix, path, prefixlen) == 0; +} + +static int path_is_drm_render(const char *path) { + static const char prefix[] = "/dev/dri/renderD"; + static const int prefixlen = STRLEN(prefix); + return strncmp(prefix, path, prefixlen) == 0; +} + +int path_is_drm(const char *path) { + return path_is_drm_card(path) || path_is_drm_render(path); +} + +#if defined(__linux__) int dev_is_drm(dev_t device) { return major(device) == 226; } +#endif diff --git a/common/evdev.c b/common/evdev.c index f3b39c6..69c368d 100644 --- a/common/evdev.c +++ b/common/evdev.c @@ -1,9 +1,11 @@ #include +#include #include #include #if defined(__linux__) #include +#include #include #elif defined(__FreeBSD__) #include @@ -11,12 +13,21 @@ #error Unsupported platform #endif +#include "compiler.h" #include "evdev.h" +int path_is_evdev(const char *path) { + static const char prefix[] = "/dev/input/event"; + static const size_t prefixlen = STRLEN(prefix); + return strncmp(prefix, path, prefixlen) == 0; +} + int evdev_revoke(int fd) { return ioctl(fd, EVIOCREVOKE, NULL); } +#if defined(__linux__) int dev_is_evdev(dev_t device) { - return major(device) == 13; + return major(device) == INPUT_MAJOR; } +#endif diff --git a/include/compiler.h b/include/compiler.h index d0f6ed2..11f3495 100644 --- a/include/compiler.h +++ b/include/compiler.h @@ -15,4 +15,6 @@ #define ALWAYS_INLINE inline #endif +#define STRLEN(s) ((sizeof(s) / sizeof(s[0])) - 1) + #endif diff --git a/include/drm.h b/include/drm.h index 1012c89..8a7fb10 100644 --- a/include/drm.h +++ b/include/drm.h @@ -1,10 +1,13 @@ #ifndef _SEATD_DRM_H #define _SEATD_DRM_H -#include - int drm_set_master(int fd); int drm_drop_master(int fd); +int path_is_drm(const char *path); + +#if defined(__linux__) +#include int dev_is_drm(dev_t device); +#endif #endif diff --git a/include/evdev.h b/include/evdev.h index 0f20e3e..6ebd943 100644 --- a/include/evdev.h +++ b/include/evdev.h @@ -1,9 +1,12 @@ #ifndef _SEATD_EVDEV_H #define _SEATD_EVDEV_H -#include - int evdev_revoke(int fd); +int path_is_evdev(const char *path); + +#if defined(__linux__) +#include int dev_is_evdev(dev_t device); +#endif #endif diff --git a/include/seat.h b/include/seat.h index e52a961..e0d3533 100644 --- a/include/seat.h +++ b/include/seat.h @@ -8,13 +8,19 @@ struct client; +enum seat_device_type { + SEAT_DEVICE_TYPE_NORMAL, + SEAT_DEVICE_TYPE_EVDEV, + SEAT_DEVICE_TYPE_DRM, +}; + struct seat_device { int device_id; int fd; int ref_cnt; bool active; char *path; - dev_t dev; + enum seat_device_type type; }; struct seat { diff --git a/seatd/seat.c b/seatd/seat.c index 77e2990..d90581d 100644 --- a/seatd/seat.c +++ b/seatd/seat.c @@ -141,6 +141,17 @@ struct seat_device *seat_open_device(struct client *client, const char *path) { return NULL; } + enum seat_device_type type; + if (path_is_evdev(sanitized_path)) { + type = SEAT_DEVICE_TYPE_EVDEV; + } else if (path_is_drm(sanitized_path)) { + type = SEAT_DEVICE_TYPE_DRM; + } else { + log_errorf("invalid path '%s'", sanitized_path); + errno = ENOENT; + return NULL; + } + int device_id = 1; for (size_t idx = 0; idx < client->devices.length; idx++) { struct seat_device *device = client->devices.items[idx]; @@ -164,39 +175,24 @@ struct seat_device *seat_open_device(struct client *client, const char *path) { return NULL; } - const char *prefix = "/dev/"; - if (strncmp(prefix, sanitized_path, strlen(prefix)) != 0) { - log_errorf("invalid path '%s': expected device in /dev", sanitized_path); - errno = ENOENT; - return NULL; - } - int fd = open(sanitized_path, O_RDWR | O_NOCTTY | O_NOFOLLOW | O_CLOEXEC | O_NONBLOCK); if (fd == -1) { log_errorf("could not open file: %s", strerror(errno)); return NULL; } - struct stat st; - if (fstat(fd, &st) == -1) { - log_errorf("could not fstat: %s", strerror(errno)); - close(fd); - errno = EACCES; - return NULL; - } - - if (dev_is_drm(st.st_rdev)) { + switch (type) { + case SEAT_DEVICE_TYPE_DRM: if (drm_set_master(fd) == -1) { log_debugf("drm_set_master failed: %s", strerror(errno)); } - } else if (dev_is_evdev(st.st_rdev)) { + break; + case SEAT_DEVICE_TYPE_EVDEV: // Nothing to do here - } else { - // Not a device type we want to share - log_errorf("disallowed device type for '%s': %ld", sanitized_path, st.st_rdev); - close(fd); - errno = EACCES; - return NULL; + break; + default: + log_error("invalid seat device type"); + abort(); } struct seat_device *device = calloc(1, sizeof(struct seat_device)); @@ -218,8 +214,8 @@ struct seat_device *seat_open_device(struct client *client, const char *path) { log_debugf("seat: %p, client: %p, path: '%s', device_id: %d", (void *)seat, (void *)client, path, device_id); - device->ref_cnt++; - device->dev = st.st_rdev; + device->ref_cnt = 1; + device->type = type; device->fd = fd; device->device_id = device_id; device->active = true; @@ -252,14 +248,20 @@ int seat_close_device(struct client *client, struct seat_device *seat_device) { // The ref count hit zero, so destroy the device list_del(&client->devices, idx); if (seat_device->active && seat_device->fd != -1) { - if (dev_is_drm(seat_device->dev)) { + switch (seat_device->type) { + case SEAT_DEVICE_TYPE_DRM: if (drm_drop_master(seat_device->fd) == -1) { log_debugf("drm_drop_master failed: %s", strerror(errno)); } - } else if (dev_is_evdev(seat_device->dev)) { + break; + case SEAT_DEVICE_TYPE_EVDEV: if (evdev_revoke(seat_device->fd) == -1) { log_debugf("evdev_revoke failed: %s", strerror(errno)); } + break; + default: + log_error("invalid seat device type"); + abort(); } close(seat_device->fd); seat_device->fd = -1; @@ -277,17 +279,22 @@ static int seat_deactivate_device(struct client *client, struct seat_device *sea if (!seat_device->active) { return 0; } - if (dev_is_drm(seat_device->dev)) { + switch (seat_device->type) { + case SEAT_DEVICE_TYPE_DRM: if (drm_drop_master(seat_device->fd) == -1) { + log_debugf("drm_drop_master failed: %s", strerror(errno)); return -1; } - } else if (dev_is_evdev(seat_device->dev)) { + break; + case SEAT_DEVICE_TYPE_EVDEV: if (evdev_revoke(seat_device->fd) == -1) { + log_debugf("evdev_revoke failed: %s", strerror(errno)); return -1; } - } else { - errno = EACCES; - return -1; + break; + default: + log_error("invalid seat device type"); + abort(); } seat_device->active = false; return 0; @@ -301,17 +308,21 @@ static int seat_activate_device(struct client *client, struct seat_device *seat_ if (seat_device->active) { return 0; } - if (dev_is_drm(seat_device->dev)) { - drm_set_master(seat_device->fd); + switch (seat_device->type) { + case SEAT_DEVICE_TYPE_DRM: + if (drm_set_master(seat_device->fd) == -1) { + log_debugf("drmset_master failed: %s", strerror(errno)); + } seat_device->active = true; - } else if (dev_is_evdev(seat_device->dev)) { - // We can't do anything here + break; + case SEAT_DEVICE_TYPE_EVDEV: errno = EINVAL; return -1; - } else { - errno = EACCES; - return -1; + default: + log_error("invalid seat device type"); + abort(); } + return 0; } -- cgit v1.2.3