Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
sudo-project
GitHub Repository: sudo-project/sudo
 Path: blob/main/src/suspend_parent.c
1532 views
1
/*

2
 * SPDX-License-Identifier: ISC

3
 *

4
 * Copyright (c) 2009-2023 Todd C. Miller <[email protected]>

5
 *

6
 * Permission to use, copy, modify, and distribute this software for any

7
 * purpose with or without fee is hereby granted, provided that the above

8
 * copyright notice and this permission notice appear in all copies.

9
 *

10
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

11
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

12
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

13
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

14
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

15
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

16
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

17
 */

18


19
#include <config.h>

20


21
#include <stdio.h>

22
#include <string.h>

23
#include <unistd.h>

24
#include <errno.h>

25
#include <fcntl.h>

26
#include <signal.h>

27


28
#include <pathnames.h>

29
#include <sudo_debug.h>

30
#include <sudo_fatal.h>

31
#include <sudo_gettext.h>

32
#include <sudo_exec.h>

33


34
static volatile sig_atomic_t got_sigttou;

35


36
/*

37
 * SIGTTOU signal handler for tcsetpgrp_nobg() that just sets a flag.

38
 */

39
static void

40
sigttou(int signo)

41
{

42
    got_sigttou = 1;

43
}

44


45
/*

46
 * Like tcsetpgrp() but restarts on EINTR _except_ for SIGTTOU.

47
 * Returns 0 on success or -1 on failure, setting errno.

48
 * Sets got_sigttou on failure if interrupted by SIGTTOU.

49
 */

50
static int

51
tcsetpgrp_nobg(int fd, pid_t pgrp_id)

52
{

53
    struct sigaction sa, osa;

54
    int rc;

55
    debug_decl(tcsetpgrp_nobg, SUDO_DEBUG_UTIL);

56


57
    /*

58
     * If we receive SIGTTOU from tcsetpgrp() it means we are

59
     * not in the foreground process group.

60
     * This avoid a TOCTOU race compared to using tcgetpgrp().

61
     */

62
    memset(&sa, 0, sizeof(sa));

63
    sigemptyset(&sa.sa_mask);

64
    sa.sa_flags = 0; /* do not restart syscalls */

65
    sa.sa_handler = sigttou;

66
    got_sigttou = 0;

67
    (void)sigaction(SIGTTOU, &sa, &osa);

68
    do {

69
	rc = tcsetpgrp(fd, pgrp_id);

70
    } while (rc != 0 && errno == EINTR && !got_sigttou);

71
    (void)sigaction(SIGTTOU, &osa, NULL);

72


73
    debug_return_int(rc);

74
}

75


76
/*

77
 * Suspend the main process in response to an interactive child process

78
 * being suspended.

79
 */

80
void

81
sudo_suspend_parent(int signo, pid_t my_pid, pid_t my_pgrp, pid_t cmnd_pid,

82
     void *closure, void (*callback)(void *, int))

83
{

84
    struct sigaction sa, osa;

85
    pid_t saved_pgrp = -1;

86
    int fd;

87
    debug_decl(sudo_suspend_parent, SUDO_DEBUG_EXEC);

88


89
    /*

90
     * Save the controlling terminal's process group so we can restore

91
     * it after we resume, if needed.  Most well-behaved shells change

92
     * the pgrp back to its original value before suspending so we must

93
     * not try to restore in that case, lest we race with the command

94
     * upon resume, potentially stopping sudo with SIGTTOU while the

95
     * command continues to run.

96
     */

97
    fd = open(_PATH_TTY, O_RDWR);

98
    if (fd != -1) {

99
	saved_pgrp = tcgetpgrp(fd);

100
	if (saved_pgrp == -1) {

101
	    close(fd);

102
	    fd = -1;

103
	}

104
    }

105


106
    if (saved_pgrp != -1) {

107
	/*

108
	 * Command was stopped trying to access the controlling

109
	 * terminal.  If the command has a different pgrp and we

110
	 * own the controlling terminal, give it to the command's

111
	 * pgrp and let it continue.

112
	 */

113
	if (signo == SIGTTOU || signo == SIGTTIN) {

114
	    if (saved_pgrp == my_pgrp) {

115
		pid_t cmnd_pgrp = getpgid(cmnd_pid);

116
		if (cmnd_pgrp != my_pgrp) {

117
		    if (tcsetpgrp_nobg(fd, cmnd_pgrp) == 0) {

118
			if (killpg(cmnd_pgrp, SIGCONT) != 0)

119
			    sudo_warn("kill(%d, SIGCONT)", (int)cmnd_pgrp);

120
			close(fd);

121
			debug_return;

122
		    }

123
		}

124
	    }

125
	}

126
    }

127


128
    /* Run callback before we suspend. */

129
    if (callback != NULL)

130
	callback(closure, signo);

131


132
    if (signo == SIGTSTP) {

133
	memset(&sa, 0, sizeof(sa));

134
	sigemptyset(&sa.sa_mask);

135
	sa.sa_flags = SA_RESTART;

136
	sa.sa_handler = SIG_DFL;

137
	if (sigaction(SIGTSTP, &sa, &osa) != 0)

138
	    sudo_warn(U_("unable to set handler for signal %d"), SIGTSTP);

139
    }

140
    if (kill(my_pid, signo) != 0)

141
	sudo_warn("kill(%d, %d)", (int)my_pid, signo);

142
    if (signo == SIGTSTP) {

143
	if (sigaction(SIGTSTP, &osa, NULL) != 0)

144
	    sudo_warn(U_("unable to restore handler for signal %d"), SIGTSTP);

145
    }

146


147
    /* Run callback on resume. */

148
    if (callback != NULL)

149
	callback(closure, SIGCONT);

150


151
    if (saved_pgrp != -1) {

152
	/*

153
	 * On resume, restore foreground process group, if different.

154
	 * Otherwise, we cannot resume some shells (pdksh).

155
	 *

156
	 * It is possible that we are no longer the foreground process,

157
	 * use tcsetpgrp_nobg() to prevent sudo from receiving SIGTTOU.

158
	 */

159
	if (saved_pgrp != my_pgrp)

160
	    tcsetpgrp_nobg(fd, saved_pgrp);

161
	close(fd);

162
    }

163


164
    debug_return;

165
}

166


167