diff options
Diffstat (limited to 'runtime')
| -rw-r--r-- | runtime/module-template.h | 37 | ||||
| -rw-r--r-- | runtime/modules.c | 11 | ||||
| -rw-r--r-- | runtime/modules.h | 1 | ||||
| -rw-r--r-- | runtime/rsconf.c | 50 |
4 files changed, 84 insertions, 15 deletions
diff --git a/runtime/module-template.h b/runtime/module-template.h index f44cb54a..0440d02d 100644 --- a/runtime/module-template.h +++ b/runtime/module-template.h @@ -478,6 +478,15 @@ static rsRetVal queryEtryPt(uchar *name, rsRetVal (**pEtryPoint)())\ *pEtryPoint = freeCnf;\ } + +/* the following block is to be added for modules that require + * pre priv drop activation support. + */ +#define CODEqueryEtryPt_STD_CONF2_PREPRIVDROP_QUERIES \ + else if(!strcmp((char*) name, "activateCnfPrePrivDrop")) {\ + *pEtryPoint = activateCnfPrePrivDrop;\ + } + /* the following definition is the standard block for queryEtryPt for LIBRARY * modules. This can be used if no specific handling (e.g. to cover version * differences) is needed. @@ -622,7 +631,7 @@ static rsRetVal modExit(void)\ * the module. -- rgerards, 2011-05-03 */ #define BEGINbeginCnfLoad \ -static rsRetVal beginCnfLoad(modConfData_t **ptr, rsconf_t *pConf)\ +static rsRetVal beginCnfLoad(modConfData_t **ptr, __attribute__((unused)) rsconf_t *pConf)\ {\ modConfData_t *pModConf; \ DEFiRet; @@ -650,7 +659,7 @@ static rsRetVal beginCnfLoad(modConfData_t **ptr, rsconf_t *pConf)\ #define BEGINendCnfLoad \ static rsRetVal endCnfLoad(modConfData_t *ptr)\ {\ - modConfData_t *pModConf = (modConfData_t*) ptr; \ + modConfData_t __attribute__((unused)) *pModConf = (modConfData_t*) ptr; \ DEFiRet; #define CODESTARTendCnfLoad @@ -672,7 +681,7 @@ static rsRetVal endCnfLoad(modConfData_t *ptr)\ #define BEGINcheckCnf \ static rsRetVal checkCnf(modConfData_t *ptr)\ {\ - modConfData_t *pModConf = (modConfData_t*) ptr; \ + modConfData_t __attribute__((unused)) *pModConf = (modConfData_t*) ptr; \ DEFiRet; #define CODESTARTcheckCnf @@ -682,6 +691,26 @@ static rsRetVal checkCnf(modConfData_t *ptr)\ } +/* activateCnfPrePrivDrop() + * Initial config activation, before dropping privileges. This is an optional + * entry points that should only be implemented by those module that really need + * it. Processing should be limited to the minimum possible. Main activation + * should happen in the normal activateCnf() call. + * rgerhards, 2011-05-06 + */ +#define BEGINactivateCnfPrePrivDrop \ +static rsRetVal activateCnfPrePrivDrop(modConfData_t *ptr)\ +{\ + modConfData_t *pModConf = (modConfData_t*) ptr; \ + DEFiRet; + +#define CODESTARTactivateCnfPrePrivDrop + +#define ENDactivateCnfPrePrivDrop \ + RETiRet;\ +} + + /* activateCnf() * This activates the provided config, and may report errors if they are detected * during activation. @@ -690,7 +719,7 @@ static rsRetVal checkCnf(modConfData_t *ptr)\ #define BEGINactivateCnf \ static rsRetVal activateCnf(modConfData_t *ptr)\ {\ - modConfData_t *pModConf = (modConfData_t*) ptr; \ + modConfData_t __attribute__((unused)) *pModConf = (modConfData_t*) ptr; \ DEFiRet; #define CODESTARTactivateCnf diff --git a/runtime/modules.c b/runtime/modules.c index bf944dba..4cd1ef4f 100644 --- a/runtime/modules.c +++ b/runtime/modules.c @@ -371,7 +371,6 @@ addModToCnfList(modInfo_t *pThis) pNew->next = NULL; pNew->pMod = pThis; -dbgprintf("XXXX: beginCnfLoad %p\n", pThis->beginCnfLoad); if(pThis->beginCnfLoad != NULL) { CHKiRet(pThis->beginCnfLoad(&pNew->modCnf, loadConf)); } @@ -528,6 +527,12 @@ doModInit(rsRetVal (*modInit)(int, int*, rsRetVal(**)(), rsRetVal(*)(), modInfo_ CHKiRet((*pNew->modQueryEtryPt)((uchar*)"freeCnf", &pNew->freeCnf)); CHKiRet((*pNew->modQueryEtryPt)((uchar*)"checkCnf", &pNew->checkCnf)); CHKiRet((*pNew->modQueryEtryPt)((uchar*)"activateCnf", &pNew->activateCnf)); + localRet = (*pNew->modQueryEtryPt)((uchar*)"activateCnfPrePrivDrop", &pNew->activateCnfPrePrivDrop); + if(localRet == RS_RET_MODULE_ENTRY_POINT_NOT_FOUND) { + pNew->activateCnfPrePrivDrop = NULL; + } else { + CHKiRet(localRet); + } } else if(localRet == RS_RET_MODULE_ENTRY_POINT_NOT_FOUND) { pNew->beginCnfLoad = NULL; /* flag as non-present */ } else { @@ -706,7 +711,9 @@ static void modPrintList(void) dbgprintf("\tdbgPrintInstInfo: 0x%lx\n", (unsigned long) pMod->dbgPrintInstInfo); dbgprintf("\tfreeInstance: 0x%lx\n", (unsigned long) pMod->freeInstance); dbgprintf("\tbeginCnfLoad: 0x%lx\n", (unsigned long) pMod->beginCnfLoad); - dbgprintf("\tendCnfLoad: 0x%lx\n", (unsigned long) pMod->endCnfLoad); + dbgprintf("\tcheckCnf: 0x%lx\n", (unsigned long) pMod->checkCnf); + dbgprintf("\tactivateCnfPrePrivDrop: 0x%lx\n", (unsigned long) pMod->activateCnfPrePrivDrop); + dbgprintf("\tactivateCnf: 0x%lx\n", (unsigned long) pMod->activateCnf); dbgprintf("\tfreeCnf: 0x%lx\n", (unsigned long) pMod->freeCnf); switch(pMod->eType) { case eMOD_OUT: diff --git a/runtime/modules.h b/runtime/modules.h index e3af1ad9..a62b1750 100644 --- a/runtime/modules.h +++ b/runtime/modules.h @@ -115,6 +115,7 @@ struct modInfo_s { rsRetVal (*beginCnfLoad)(void*newCnf, rsconf_t *pConf); rsRetVal (*endCnfLoad)(void*Cnf); rsRetVal (*checkCnf)(void*Cnf); + rsRetVal (*activateCnfPrePrivDrop)(void*Cnf); rsRetVal (*activateCnf)(void*Cnf); /* make provided config the running conf */ rsRetVal (*freeCnf)(void*Cnf); /* end v2 config system specific */ diff --git a/runtime/rsconf.c b/runtime/rsconf.c index 92c17b5c..94190d76 100644 --- a/runtime/rsconf.c +++ b/runtime/rsconf.c @@ -296,7 +296,7 @@ dropPrivileges(rsconf_t *cnf) /* Tell input modules that the config parsing stage is over. */ static rsRetVal -tellInputsConfigLoadDone(void) +tellModulesConfigLoadDone(void) { cfgmodules_etry_t *node; @@ -316,7 +316,7 @@ tellInputsConfigLoadDone(void) /* Tell input modules to verify config object */ static rsRetVal -tellInputsCheckConfig(void) +tellModulesCheckConfig(void) { cfgmodules_etry_t *node; rsRetVal localRet; @@ -343,9 +343,40 @@ tellInputsCheckConfig(void) } -/* Tell input modules to activate current running config */ +/* Tell modules to activate current running config (pre privilege drop) */ static rsRetVal -tellInputsActivateConfig(void) +tellModulesActivateConfigPrePrivDrop(void) +{ + cfgmodules_etry_t *node; + rsRetVal localRet; + + BEGINfunc + DBGPRINTF("telling modules to activate config (before dropping privs) %p\n", runConf); + node = module.GetNxtCnfType(runConf, NULL, eMOD_ANY); + while(node != NULL) { + if( node->pMod->beginCnfLoad != NULL + && node->pMod->activateCnfPrePrivDrop != NULL + && node->canActivate) { + DBGPRINTF("activating config %p for module %s\n", + runConf, node->pMod->pszName); + localRet = node->pMod->activateCnfPrePrivDrop(node->modCnf); + if(localRet != RS_RET_OK) { + errmsg.LogError(0, localRet, "activation of module %s failed", + node->pMod->pszName); + node->canActivate = 0; /* in a sense, could not activate... */ + } + } + node = module.GetNxtCnfType(runConf, node, eMOD_IN); + } + + ENDfunc + return RS_RET_OK; /* intentional: we do not care about module errors */ +} + + +/* Tell modules to activate current running config */ +static rsRetVal +tellModulesActivateConfig(void) { cfgmodules_etry_t *node; rsRetVal localRet; @@ -398,7 +429,7 @@ runInputModules(void) } -/* Make the input modules check if they are ready to start. +/* Make the modules check if they are ready to start. */ static rsRetVal startInputModules(void) @@ -463,8 +494,8 @@ activate(rsconf_t *cnf) if(ourConf->globals.pszConfDAGFile != NULL) generateConfigDAG(ourConf->globals.pszConfDAGFile); # endif - tellInputsConfigLoadDone(); - tellInputsCheckConfig(); + tellModulesConfigLoadDone(); + tellModulesCheckConfig(); /* the output part and the queue is now ready to run. So it is a good time * to initialize the inputs. Please note that the net code above should be @@ -474,11 +505,12 @@ activate(rsconf_t *cnf) * Keep in mind. though, that the outputs already run if the queue was * persisted to disk. -- rgerhards */ - tellInputsActivateConfig(); - startInputModules(); + tellModulesActivateConfigPrePrivDrop(); CHKiRet(dropPrivileges(cnf)); + tellModulesActivateConfig(); + startInputModules(); CHKiRet(activateActions()); CHKiRet(activateMainQueue()); /* finally let the inputs run... */ |