Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/sys/unix: Enable pid lookup of unix socket peer for darwin #27613

Closed
APTy opened this issue Sep 11, 2018 · 9 comments
Closed

x/sys/unix: Enable pid lookup of unix socket peer for darwin #27613

APTy opened this issue Sep 11, 2018 · 9 comments
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Unreleased

Comments

@APTy
Copy link

APTy commented Sep 11, 2018

Package syscall on linux currently has behavior to look up a Ucred object, which contains the PID of the remote end of a Unix socket using getsockopt + SO_PEERCRED.

This feature request seeks to add similar behavior for darwin (and perhaps BSD). This can be done using getsockopt + LOCAL_PEERPID. Note that we can't use LOCAL_PEERCRED, as the behavior isn't identical to linux: we get a xucred struct, which doesn't contain a pid.

Open question: linux's type syscall.Ucred exposes UID, GID, and PID. These are all useful, however an exact darwin analog doesn't exist. Options:

  1. Conform to the linux golang API
  • Add a custom golang type syscall.Ucred type for darwin that contains UID, GID, and PID.
  • Add func syscall.GetsockoptUcred(...) (syscall.Ucred, error) for darwin that abstracts two getsockopt system calls: (1) LOCAL_PEERPID for the pid, and (2) LOCAL_PEERCRED for the user and group

or

  1. Conform to the darwin C API
  • Expose darwin's xucred struct that contains UID and GID (type syscall.Xucred)
  • Add func syscall.GetsockoptXucred(...) (syscall.Xucred, error) to look up UID and GID
  • Add func syscall.GetsockoptPID(...) (int, error) to look up PID
@gopherbot
Copy link

Change https://golang.org/cl/134535 mentions this issue: syscall/darwin: Enable pid lookup of unix socket peer

@APTy APTy changed the title syscall/darwin: Enable pid lookup of unix socket peer x/sys/unix: Enable pid lookup of unix socket peer for darwin Sep 11, 2018
@gopherbot gopherbot added this to the Unreleased milestone Sep 11, 2018
@APTy
Copy link
Author

APTy commented Sep 11, 2018

After looking more at the x/sys package (didn't realize syscall was frozen), it looks like this is partially possible today:

const (
    _syscall_SOL_LOCAL     = 0
    _syscall_LOCAL_PEERPID = 2
)

pid, _ := unix.GetsockoptInt(fd, _syscall_SOL_LOCAL, _syscall_LOCAL_PEERPID)

would still be nice to figure out the symmetry with respect to its linux counterpart, or get those constants defined otherwise :)

@tklauser
Copy link
Member

Given that x/sys/unix is just a thin wrapper around the OSes syscalls, I'd prefer option 2 (conforming to the Darwin xucred type and add unix.GetsockoptXucred.

Also, I don't think we need a specific unix.GetsockoptPID as it would just duplicate unix.GetsockoptInt or am I missing something?

/cc @ianlancetaylor @bradfitz

@tklauser
Copy link
Member

Given that x/sys/unix is just a thin wrapper around the OSes syscalls, I'd prefer option 2 (conforming to the Darwin xucred type and add unix.GetsockoptXucred.

But then again, we also conform to the Linux specific API on Darwin/BSD e.g. for xattrs, so we might add unix.GetsockoptUcred in addition if there's a need for it.

@APTy
Copy link
Author

APTy commented Sep 11, 2018

Also, I don't think we need a specific unix.GetsockoptPID as it would just duplicate unix.GetsockoptInt or am I missing something?

Definitely agree, we can stick with just unix.GetsockoptInt

@tklauser tklauser added the NeedsFix The path to resolution is known, but the work has not been done. label Sep 25, 2018
@wsc1
Copy link

wsc1 commented Oct 11, 2018

Also, I don't think we need a specific unix.GetsockoptPID as it would just duplicate unix.GetsockoptInt or am I missing something?

Definitely agree, we can stick with just unix.GetsockoptInt

Me too, however perhaps also with documentation that it duplicates GetsockoptPID.

@anjmao anjmao mentioned this issue May 12, 2020
Merged
@bradfitz bradfitz mentioned this issue Feb 15, 2021
Closed
@bradfitz
Copy link
Contributor

@tklauser, I just noticed you asked me a question 2.5 years ago, sorry.

But to answer your question, I just went and added unix.GetsockoptXucred in my local tree as a test because I needed it myself. Then I found this bug and your question.

So, yes, (2) sounds fine.

That https://golang.org/cl/134535 looks like it's much of the way there, but stopped short of finishing it when they were asked to re-send it to a different repo.

I don't think we need unix.GetsockoptPID if we export some new consts instead.

Then I plan to write a high-level portable package around the different ways OSes get this peercred info.

@gopherbot
Copy link

Change https://golang.org/cl/292330 mentions this issue: unix: add Xucred, GetsockoptXucred on darwin

@bradfitz bradfitz mentioned this issue Feb 16, 2021
Closed
bradfitz added a commit to tailscale/peercred that referenced this issue Feb 16, 2021
@bradfitz
Add darwin support
993aa01 
Updates golang/go#27613
Updates tailscale/tailscale#1347
Updates tailscale/tailscale#1348
@bradfitz
Copy link
Contributor

I've published a high-level package that does both the Linux thing and the Darwin thing: inet.af/peercred. I'll be moving my Windows code to it too (that does localhost TCP mapping)

@golang golang locked and limited conversation to collaborators Feb 16, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
5 participants
@bradfitz @tklauser @gopherbot @APTy @wsc1