Do not add keymgr its msg fd if not started.

Reshuffles the keymgr_active flag to keymgr.c and let it be figured out from inside kore_server_start() instead of the worker init code.
2019-10-07 10:31:35 +02:00 · 2019-10-07 10:31:35 +02:00 · 0eb11794f5
parent 7209a67d47
commit 0eb11794f5
6 changed files with 19 additions and 13 deletions
--- a/include/kore/kore.h
+++ b/include/kore/kore.h
@ -559,6 +559,7 @@ extern volatile sig_atomic_t	sig_recv;
 extern int	tls_version;
 extern DH	*tls_dhparam;
 extern char	*rand_file;
+extern int	keymgr_active;
 extern char	*keymgr_runas_user;
 extern char	*keymgr_root_path;

--- a/src/keymgr.c
+++ b/src/keymgr.c
@ -123,6 +123,7 @@ static void	keymgr_rsa_encrypt(struct kore_msg *, const void *,
 static void	keymgr_ecdsa_sign(struct kore_msg *, const void *,
 		    struct key *);

+int	keymgr_active = 0;
 char	*keymgr_root_path = NULL;
 char	*keymgr_runas_user = NULL;

@ -132,6 +133,9 @@ kore_keymgr_run(void)
 	int		quit;
 	u_int64_t	now, last_seed;

+	if (keymgr_active == 0)
+		fatal("%s: called with keymgr_active == 0", __func__);
+
 	quit = 0;

 	kore_server_closeall();
--- a/src/kore.c
+++ b/src/kore.c
@ -806,6 +806,7 @@ static void
 kore_server_start(int argc, char *argv[])
 {
 	u_int32_t			tmp;
+	struct kore_server		*srv;
 	u_int64_t			netwait;
 	int				quit, last_sig;
 #if defined(KORE_SINGLE_BINARY)
@ -829,6 +830,9 @@ kore_server_start(int argc, char *argv[])

 	if (!kore_quiet) {
 		kore_log(LOG_NOTICE, "%s is starting up", __progname);
+#if defined(__linux__)
+		kore_log(LOG_NOTICE, "seccomp sandbox enabled");
+#endif
 #if defined(KORE_USE_PGSQL)
 		kore_log(LOG_NOTICE, "pgsql built-in enabled");
 #endif
@ -852,6 +856,14 @@ kore_server_start(int argc, char *argv[])
 		kore_call_parent_configure(argc, argv);
 #endif

+	/* Check if keymgr will be active. */
+	LIST_FOREACH(srv, &kore_servers, list) {
+		if (srv->tls) {
+			keymgr_active = 1;
+			break;
+		}
+	}
+
 	kore_platform_proctitle("[parent]");
 	kore_msg_init();
 	kore_worker_init();
--- a/src/msg.c
+++ b/src/msg.c
@ -54,6 +54,8 @@ kore_msg_parent_init(void)
 	struct kore_worker	*kw;

 	for (i = 0; i < worker_count; i++) {
+		if (keymgr_active == 0 && i == KORE_WORKER_KEYMGR)
+			continue;
 		kw = kore_worker_data(i);
 		kore_msg_parent_add(kw);
 	}
--- a/src/seccomp.c
+++ b/src/seccomp.c
@ -260,9 +260,6 @@ kore_seccomp_enable(void)
 	if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog) == -1)
 		fatalx("prctl: %s", errno_s);

-	if (!kore_quiet)
-		kore_log(LOG_INFO, "seccomp sandbox activated");
-
 #if defined(KORE_USE_PYTHON)
 	kore_python_seccomp_cleanup();
 #endif
--- a/src/worker.c
+++ b/src/worker.c
@ -83,7 +83,6 @@ static struct kore_worker		*kore_workers;
 static int				worker_no_lock;
 static int				shm_accept_key;
 static struct wlock			*accept_lock;
-static int				keymgr_active = 0;

 struct kore_worker		*worker = NULL;
 u_int8_t			worker_set_affinity = 1;
@ -98,7 +97,6 @@ kore_worker_init(void)
 {
 	size_t			len;
 	struct kore_worker	*kw;
-	struct kore_server	*srv;
 	u_int16_t		i, cpu;

 	worker_no_lock = 0;
@ -106,14 +104,6 @@ kore_worker_init(void)
 	if (worker_count == 0)
 		worker_count = cpu_count;

-	/* Check if keymgr will be active. */
-	LIST_FOREACH(srv, &kore_servers, list) {
-		if (srv->tls) {
-			keymgr_active = 1;
-			break;
-		}
-	}
-
 	/* Account for the keymgr even if we don't end up starting it. */
 	worker_count += 1;