]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
ba6929f6 | 2 | |
07630cea LP |
3 | #include <errno.h> |
4 | #include <linux/filter.h> | |
5 | #include <linux/netlink.h> | |
6 | #include <poll.h> | |
7 | #include <stddef.h> | |
ba6929f6 KS |
8 | #include <stdio.h> |
9 | #include <stdlib.h> | |
ba6929f6 | 10 | #include <string.h> |
ba6929f6 | 11 | #include <sys/socket.h> |
07630cea | 12 | #include <unistd.h> |
ba6929f6 | 13 | |
b4bbcaa9 TA |
14 | #include "libudev.h" |
15 | ||
b5efdb8a | 16 | #include "alloc-util.h" |
3ffd4af2 | 17 | #include "fd-util.h" |
0d39fa9c | 18 | #include "fileio.h" |
f97b34a6 | 19 | #include "format-util.h" |
ba6929f6 | 20 | #include "libudev-private.h" |
3782454c | 21 | #include "libudev-device-internal.h" |
df32a1ca | 22 | #include "missing.h" |
4e036b7a | 23 | #include "mount-util.h" |
07630cea LP |
24 | #include "socket-util.h" |
25 | #include "string-util.h" | |
ba6929f6 | 26 | |
ce1d6d7f KS |
27 | /** |
28 | * SECTION:libudev-monitor | |
29 | * @short_description: device event source | |
30 | * | |
31 | * Connects to a device event source. | |
32 | */ | |
33 | ||
ce1d6d7f KS |
34 | /** |
35 | * udev_monitor: | |
36 | * | |
50579295 | 37 | * Opaque object handling an event source. |
ce1d6d7f | 38 | */ |
ba6929f6 | 39 | struct udev_monitor { |
912541b0 | 40 | struct udev *udev; |
3c6ac219 | 41 | unsigned n_ref; |
912541b0 | 42 | int sock; |
b49d9b50 KS |
43 | union sockaddr_union snl; |
44 | union sockaddr_union snl_trusted_sender; | |
45 | union sockaddr_union snl_destination; | |
912541b0 KS |
46 | socklen_t addrlen; |
47 | struct udev_list filter_subsystem_list; | |
48 | struct udev_list filter_tag_list; | |
49 | bool bound; | |
ba6929f6 KS |
50 | }; |
51 | ||
f2b93744 | 52 | enum udev_monitor_netlink_group { |
912541b0 KS |
53 | UDEV_MONITOR_NONE, |
54 | UDEV_MONITOR_KERNEL, | |
55 | UDEV_MONITOR_UDEV, | |
f2b93744 KS |
56 | }; |
57 | ||
912541b0 | 58 | #define UDEV_MONITOR_MAGIC 0xfeedcafe |
e14bdd88 | 59 | struct udev_monitor_netlink_header { |
912541b0 KS |
60 | /* "libudev" prefix to distinguish libudev and kernel messages */ |
61 | char prefix[8]; | |
62 | /* | |
63 | * magic to protect against daemon <-> library message format mismatch | |
64 | * used in the kernel from socket filter rules; needs to be stored in network order | |
65 | */ | |
7f797207 | 66 | unsigned magic; |
912541b0 | 67 | /* total length of header structure known to the sender */ |
7f797207 | 68 | unsigned header_size; |
912541b0 | 69 | /* properties string buffer */ |
7f797207 YW |
70 | unsigned properties_off; |
71 | unsigned properties_len; | |
912541b0 KS |
72 | /* |
73 | * hashes of primary device properties strings, to let libudev subscribers | |
74 | * use in-kernel socket filters; values need to be stored in network order | |
75 | */ | |
7f797207 YW |
76 | unsigned filter_subsystem_hash; |
77 | unsigned filter_devtype_hash; | |
78 | unsigned filter_tag_bloom_hi; | |
79 | unsigned filter_tag_bloom_lo; | |
e14bdd88 KS |
80 | }; |
81 | ||
654c87e0 | 82 | static struct udev_monitor *udev_monitor_new(struct udev *udev) { |
912541b0 KS |
83 | struct udev_monitor *udev_monitor; |
84 | ||
955d98c9 | 85 | udev_monitor = new0(struct udev_monitor, 1); |
309f631d LP |
86 | if (udev_monitor == NULL) { |
87 | errno = ENOMEM; | |
912541b0 | 88 | return NULL; |
309f631d | 89 | } |
3c6ac219 | 90 | udev_monitor->n_ref = 1; |
912541b0 KS |
91 | udev_monitor->udev = udev; |
92 | udev_list_init(udev, &udev_monitor->filter_subsystem_list, false); | |
93 | udev_list_init(udev, &udev_monitor->filter_tag_list, true); | |
94 | return udev_monitor; | |
e14bdd88 KS |
95 | } |
96 | ||
df32a1ca KS |
97 | /* we consider udev running when /dev is on devtmpfs */ |
98 | static bool udev_has_devtmpfs(struct udev *udev) { | |
21749924 | 99 | |
df32a1ca KS |
100 | _cleanup_fclose_ FILE *f = NULL; |
101 | char line[LINE_MAX], *e; | |
654c87e0 | 102 | int mount_id, r; |
df32a1ca | 103 | |
654c87e0 | 104 | r = path_get_mnt_id("/dev", &mount_id); |
e6c47472 | 105 | if (r < 0) { |
654c87e0 LP |
106 | if (r != -EOPNOTSUPP) |
107 | log_debug_errno(r, "name_to_handle_at on /dev: %m"); | |
108 | ||
df32a1ca | 109 | return false; |
e6c47472 | 110 | } |
df32a1ca | 111 | |
df32a1ca KS |
112 | f = fopen("/proc/self/mountinfo", "re"); |
113 | if (!f) | |
114 | return false; | |
115 | ||
116 | FOREACH_LINE(line, f, return false) { | |
df32a1ca KS |
117 | int mid; |
118 | ||
119 | if (sscanf(line, "%i", &mid) != 1) | |
120 | continue; | |
121 | ||
122 | if (mid != mount_id) | |
123 | continue; | |
124 | ||
125 | e = strstr(line, " - "); | |
126 | if (!e) | |
127 | continue; | |
128 | ||
129 | /* accept any name that starts with the currently expected type */ | |
130 | if (startswith(e + 3, "devtmpfs")) | |
131 | return true; | |
132 | } | |
133 | ||
134 | return false; | |
135 | } | |
136 | ||
44daf75d TG |
137 | static void monitor_set_nl_address(struct udev_monitor *udev_monitor) { |
138 | union sockaddr_union snl; | |
139 | socklen_t addrlen; | |
140 | int r; | |
141 | ||
142 | assert(udev_monitor); | |
143 | ||
144 | /* get the address the kernel has assigned us | |
145 | * it is usually, but not necessarily the pid | |
146 | */ | |
147 | addrlen = sizeof(struct sockaddr_nl); | |
148 | r = getsockname(udev_monitor->sock, &snl.sa, &addrlen); | |
149 | if (r >= 0) | |
150 | udev_monitor->snl.nl.nl_pid = snl.nl.nl_pid; | |
151 | } | |
152 | ||
654c87e0 | 153 | struct udev_monitor *udev_monitor_new_from_netlink_fd(struct udev *udev, const char *name, int fd) { |
912541b0 | 154 | struct udev_monitor *udev_monitor; |
7f797207 | 155 | unsigned group; |
912541b0 | 156 | |
912541b0 KS |
157 | if (name == NULL) |
158 | group = UDEV_MONITOR_NONE; | |
e8a3b2dc KS |
159 | else if (streq(name, "udev")) { |
160 | /* | |
161 | * We do not support subscribing to uevents if no instance of | |
162 | * udev is running. Uevents would otherwise broadcast the | |
163 | * processing data of the host into containers, which is not | |
164 | * desired. | |
165 | * | |
166 | * Containers will currently not get any udev uevents, until | |
167 | * a supporting infrastructure is available. | |
168 | * | |
169 | * We do not set a netlink multicast group here, so the socket | |
170 | * will not receive any messages. | |
171 | */ | |
9ea28c55 | 172 | if (access("/run/udev/control", F_OK) < 0 && !udev_has_devtmpfs(udev)) { |
ff49bc32 | 173 | log_debug("the udev service seems not to be active, disable the monitor"); |
e8a3b2dc KS |
174 | group = UDEV_MONITOR_NONE; |
175 | } else | |
176 | group = UDEV_MONITOR_UDEV; | |
177 | } else if (streq(name, "kernel")) | |
912541b0 | 178 | group = UDEV_MONITOR_KERNEL; |
309f631d LP |
179 | else { |
180 | errno = EINVAL; | |
912541b0 | 181 | return NULL; |
309f631d | 182 | } |
912541b0 KS |
183 | |
184 | udev_monitor = udev_monitor_new(udev); | |
185 | if (udev_monitor == NULL) | |
186 | return NULL; | |
187 | ||
188 | if (fd < 0) { | |
189 | udev_monitor->sock = socket(PF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_KOBJECT_UEVENT); | |
44daf75d | 190 | if (udev_monitor->sock < 0) { |
56f64d95 | 191 | log_debug_errno(errno, "error getting socket: %m"); |
6b430fdb | 192 | return mfree(udev_monitor); |
912541b0 KS |
193 | } |
194 | } else { | |
195 | udev_monitor->bound = true; | |
196 | udev_monitor->sock = fd; | |
44daf75d | 197 | monitor_set_nl_address(udev_monitor); |
912541b0 KS |
198 | } |
199 | ||
b49d9b50 KS |
200 | udev_monitor->snl.nl.nl_family = AF_NETLINK; |
201 | udev_monitor->snl.nl.nl_groups = group; | |
912541b0 KS |
202 | |
203 | /* default destination for sending */ | |
b49d9b50 KS |
204 | udev_monitor->snl_destination.nl.nl_family = AF_NETLINK; |
205 | udev_monitor->snl_destination.nl.nl_groups = UDEV_MONITOR_UDEV; | |
912541b0 | 206 | |
912541b0 | 207 | return udev_monitor; |
1c7047ea KS |
208 | } |
209 | ||
7459bcdc KS |
210 | /** |
211 | * udev_monitor_new_from_netlink: | |
212 | * @udev: udev library context | |
213 | * @name: name of event source | |
214 | * | |
215 | * Create new udev monitor and connect to a specified event | |
216 | * source. Valid sources identifiers are "udev" and "kernel". | |
217 | * | |
218 | * Applications should usually not connect directly to the | |
219 | * "kernel" events, because the devices might not be useable | |
220 | * at that time, before udev has configured them, and created | |
50579295 KS |
221 | * device nodes. Accessing devices at the same time as udev, |
222 | * might result in unpredictable behavior. The "udev" events | |
223 | * are sent out after udev has finished its event processing, | |
224 | * all rules have been processed, and needed device nodes are | |
225 | * created. | |
7459bcdc KS |
226 | * |
227 | * The initial refcount is 1, and needs to be decremented to | |
228 | * release the resources of the udev monitor. | |
229 | * | |
230 | * Returns: a new udev monitor, or #NULL, in case of an error | |
231 | **/ | |
654c87e0 | 232 | _public_ struct udev_monitor *udev_monitor_new_from_netlink(struct udev *udev, const char *name) { |
912541b0 | 233 | return udev_monitor_new_from_netlink_fd(udev, name, -1); |
7459bcdc KS |
234 | } |
235 | ||
7f797207 YW |
236 | static inline void bpf_stmt(struct sock_filter *inss, unsigned *i, |
237 | unsigned short code, unsigned data) { | |
912541b0 | 238 | struct sock_filter *ins = &inss[*i]; |
e14bdd88 | 239 | |
912541b0 KS |
240 | ins->code = code; |
241 | ins->k = data; | |
242 | (*i)++; | |
e14bdd88 KS |
243 | } |
244 | ||
7f797207 YW |
245 | static inline void bpf_jmp(struct sock_filter *inss, unsigned *i, |
246 | unsigned short code, unsigned data, | |
912541b0 | 247 | unsigned short jt, unsigned short jf) |
e14bdd88 | 248 | { |
912541b0 | 249 | struct sock_filter *ins = &inss[*i]; |
e14bdd88 | 250 | |
912541b0 KS |
251 | ins->code = code; |
252 | ins->jt = jt; | |
253 | ins->jf = jf; | |
254 | ins->k = data; | |
255 | (*i)++; | |
e14bdd88 KS |
256 | } |
257 | ||
ce1d6d7f KS |
258 | /** |
259 | * udev_monitor_filter_update: | |
260 | * @udev_monitor: monitor | |
261 | * | |
50579295 KS |
262 | * Update the installed socket filter. This is only needed, |
263 | * if the filter was removed or changed. | |
ce1d6d7f KS |
264 | * |
265 | * Returns: 0 on success, otherwise a negative error value. | |
266 | */ | |
54cf0b7f | 267 | _public_ int udev_monitor_filter_update(struct udev_monitor *udev_monitor) |
e14bdd88 | 268 | { |
912541b0 KS |
269 | struct sock_filter ins[512]; |
270 | struct sock_fprog filter; | |
7f797207 | 271 | unsigned i; |
912541b0 KS |
272 | struct udev_list_entry *list_entry; |
273 | int err; | |
274 | ||
275 | if (udev_list_get_entry(&udev_monitor->filter_subsystem_list) == NULL && | |
276 | udev_list_get_entry(&udev_monitor->filter_tag_list) == NULL) | |
277 | return 0; | |
278 | ||
29804cc1 | 279 | memzero(ins, sizeof(ins)); |
912541b0 KS |
280 | i = 0; |
281 | ||
282 | /* load magic in A */ | |
283 | bpf_stmt(ins, &i, BPF_LD|BPF_W|BPF_ABS, offsetof(struct udev_monitor_netlink_header, magic)); | |
284 | /* jump if magic matches */ | |
285 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, UDEV_MONITOR_MAGIC, 1, 0); | |
286 | /* wrong magic, pass packet */ | |
287 | bpf_stmt(ins, &i, BPF_RET|BPF_K, 0xffffffff); | |
288 | ||
289 | if (udev_list_get_entry(&udev_monitor->filter_tag_list) != NULL) { | |
290 | int tag_matches; | |
291 | ||
292 | /* count tag matches, to calculate end of tag match block */ | |
293 | tag_matches = 0; | |
294 | udev_list_entry_foreach(list_entry, udev_list_get_entry(&udev_monitor->filter_tag_list)) | |
295 | tag_matches++; | |
296 | ||
297 | /* add all tags matches */ | |
298 | udev_list_entry_foreach(list_entry, udev_list_get_entry(&udev_monitor->filter_tag_list)) { | |
299 | uint64_t tag_bloom_bits = util_string_bloom64(udev_list_entry_get_name(list_entry)); | |
300 | uint32_t tag_bloom_hi = tag_bloom_bits >> 32; | |
301 | uint32_t tag_bloom_lo = tag_bloom_bits & 0xffffffff; | |
302 | ||
303 | /* load device bloom bits in A */ | |
304 | bpf_stmt(ins, &i, BPF_LD|BPF_W|BPF_ABS, offsetof(struct udev_monitor_netlink_header, filter_tag_bloom_hi)); | |
305 | /* clear bits (tag bits & bloom bits) */ | |
306 | bpf_stmt(ins, &i, BPF_ALU|BPF_AND|BPF_K, tag_bloom_hi); | |
307 | /* jump to next tag if it does not match */ | |
308 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, tag_bloom_hi, 0, 3); | |
309 | ||
310 | /* load device bloom bits in A */ | |
311 | bpf_stmt(ins, &i, BPF_LD|BPF_W|BPF_ABS, offsetof(struct udev_monitor_netlink_header, filter_tag_bloom_lo)); | |
312 | /* clear bits (tag bits & bloom bits) */ | |
313 | bpf_stmt(ins, &i, BPF_ALU|BPF_AND|BPF_K, tag_bloom_lo); | |
314 | /* jump behind end of tag match block if tag matches */ | |
315 | tag_matches--; | |
316 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, tag_bloom_lo, 1 + (tag_matches * 6), 0); | |
317 | } | |
318 | ||
319 | /* nothing matched, drop packet */ | |
320 | bpf_stmt(ins, &i, BPF_RET|BPF_K, 0); | |
321 | } | |
322 | ||
323 | /* add all subsystem matches */ | |
324 | if (udev_list_get_entry(&udev_monitor->filter_subsystem_list) != NULL) { | |
325 | udev_list_entry_foreach(list_entry, udev_list_get_entry(&udev_monitor->filter_subsystem_list)) { | |
7f797207 | 326 | uint32_t hash = util_string_hash32(udev_list_entry_get_name(list_entry)); |
912541b0 KS |
327 | |
328 | /* load device subsystem value in A */ | |
329 | bpf_stmt(ins, &i, BPF_LD|BPF_W|BPF_ABS, offsetof(struct udev_monitor_netlink_header, filter_subsystem_hash)); | |
330 | if (udev_list_entry_get_value(list_entry) == NULL) { | |
331 | /* jump if subsystem does not match */ | |
332 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, hash, 0, 1); | |
333 | } else { | |
334 | /* jump if subsystem does not match */ | |
335 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, hash, 0, 3); | |
336 | ||
337 | /* load device devtype value in A */ | |
338 | bpf_stmt(ins, &i, BPF_LD|BPF_W|BPF_ABS, offsetof(struct udev_monitor_netlink_header, filter_devtype_hash)); | |
339 | /* jump if value does not match */ | |
340 | hash = util_string_hash32(udev_list_entry_get_value(list_entry)); | |
341 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, hash, 0, 1); | |
342 | } | |
343 | ||
344 | /* matched, pass packet */ | |
345 | bpf_stmt(ins, &i, BPF_RET|BPF_K, 0xffffffff); | |
346 | ||
8fef0ff2 | 347 | if (i+1 >= ELEMENTSOF(ins)) |
994e0234 | 348 | return -E2BIG; |
912541b0 KS |
349 | } |
350 | ||
351 | /* nothing matched, drop packet */ | |
352 | bpf_stmt(ins, &i, BPF_RET|BPF_K, 0); | |
353 | } | |
354 | ||
355 | /* matched, pass packet */ | |
356 | bpf_stmt(ins, &i, BPF_RET|BPF_K, 0xffffffff); | |
357 | ||
358 | /* install filter */ | |
29804cc1 | 359 | memzero(&filter, sizeof(filter)); |
912541b0 KS |
360 | filter.len = i; |
361 | filter.filter = ins; | |
362 | err = setsockopt(udev_monitor->sock, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof(filter)); | |
994e0234 | 363 | return err < 0 ? -errno : 0; |
e14bdd88 KS |
364 | } |
365 | ||
1e03b754 KS |
366 | int udev_monitor_allow_unicast_sender(struct udev_monitor *udev_monitor, struct udev_monitor *sender) |
367 | { | |
b49d9b50 | 368 | udev_monitor->snl_trusted_sender.nl.nl_pid = sender->snl.nl.nl_pid; |
912541b0 | 369 | return 0; |
1e03b754 | 370 | } |
44daf75d | 371 | |
ce1d6d7f KS |
372 | /** |
373 | * udev_monitor_enable_receiving: | |
374 | * @udev_monitor: the monitor which should receive events | |
375 | * | |
376 | * Binds the @udev_monitor socket to the event source. | |
377 | * | |
378 | * Returns: 0 on success, otherwise a negative error value. | |
379 | */ | |
54cf0b7f | 380 | _public_ int udev_monitor_enable_receiving(struct udev_monitor *udev_monitor) |
d59f11e1 | 381 | { |
912541b0 KS |
382 | int err = 0; |
383 | const int on = 1; | |
384 | ||
2d13da88 KS |
385 | udev_monitor_filter_update(udev_monitor); |
386 | ||
387 | if (!udev_monitor->bound) { | |
388 | err = bind(udev_monitor->sock, | |
b49d9b50 | 389 | &udev_monitor->snl.sa, sizeof(struct sockaddr_nl)); |
2d13da88 KS |
390 | if (err == 0) |
391 | udev_monitor->bound = true; | |
912541b0 KS |
392 | } |
393 | ||
44daf75d TG |
394 | if (err >= 0) |
395 | monitor_set_nl_address(udev_monitor); | |
e1427b13 MS |
396 | else |
397 | return log_debug_errno(errno, "bind failed: %m"); | |
912541b0 KS |
398 | |
399 | /* enable receiving of sender credentials */ | |
9dedfe7f TG |
400 | err = setsockopt(udev_monitor->sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); |
401 | if (err < 0) | |
56f64d95 | 402 | log_debug_errno(errno, "setting SO_PASSCRED failed: %m"); |
9dedfe7f | 403 | |
912541b0 | 404 | return 0; |
ba6929f6 KS |
405 | } |
406 | ||
f712894d KS |
407 | /** |
408 | * udev_monitor_set_receive_buffer_size: | |
409 | * @udev_monitor: the monitor which should receive events | |
410 | * @size: the size in bytes | |
411 | * | |
412 | * Set the size of the kernel socket buffer. This call needs the | |
413 | * appropriate privileges to succeed. | |
414 | * | |
415 | * Returns: 0 on success, otherwise -1 on error. | |
416 | */ | |
54cf0b7f | 417 | _public_ int udev_monitor_set_receive_buffer_size(struct udev_monitor *udev_monitor, int size) |
cb25a958 | 418 | { |
912541b0 | 419 | if (udev_monitor == NULL) |
994e0234 | 420 | return -EINVAL; |
309f631d LP |
421 | if (setsockopt(udev_monitor->sock, SOL_SOCKET, SO_RCVBUFFORCE, &size, sizeof(size)) < 0) |
422 | return -errno; | |
423 | ||
424 | return 0; | |
cb25a958 KS |
425 | } |
426 | ||
50d21589 YW |
427 | int udev_monitor_disconnect(struct udev_monitor *udev_monitor) { |
428 | assert(udev_monitor); | |
1e03b754 | 429 | |
50d21589 YW |
430 | udev_monitor->sock = safe_close(udev_monitor->sock); |
431 | return 0; | |
1e03b754 KS |
432 | } |
433 | ||
3c6ac219 YW |
434 | static struct udev_monitor *udev_monitor_free(struct udev_monitor *udev_monitor) { |
435 | assert(udev_monitor); | |
436 | ||
437 | udev_monitor_disconnect(udev_monitor); | |
438 | udev_list_cleanup(&udev_monitor->filter_subsystem_list); | |
439 | udev_list_cleanup(&udev_monitor->filter_tag_list); | |
440 | return mfree(udev_monitor); | |
441 | } | |
442 | ||
7d8787b3 KS |
443 | /** |
444 | * udev_monitor_ref: | |
445 | * @udev_monitor: udev monitor | |
446 | * | |
447 | * Take a reference of a udev monitor. | |
448 | * | |
449 | * Returns: the passed udev monitor | |
450 | **/ | |
ba6929f6 | 451 | |
7d8787b3 KS |
452 | /** |
453 | * udev_monitor_unref: | |
454 | * @udev_monitor: udev monitor | |
455 | * | |
ff109b8d | 456 | * Drop a reference of a udev monitor. If the refcount reaches zero, |
be7de409 | 457 | * the bound socket will be closed, and the resources of the monitor |
7d8787b3 KS |
458 | * will be released. |
459 | * | |
725d7e6c | 460 | * Returns: #NULL |
7d8787b3 | 461 | **/ |
3c6ac219 | 462 | DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(struct udev_monitor, udev_monitor, udev_monitor_free); |
ba6929f6 | 463 | |
7d8787b3 KS |
464 | /** |
465 | * udev_monitor_get_udev: | |
466 | * @udev_monitor: udev monitor | |
467 | * | |
b98fd840 | 468 | * Retrieve the udev library context the monitor was created with. |
7d8787b3 KS |
469 | * |
470 | * Returns: the udev library context | |
471 | **/ | |
54cf0b7f | 472 | _public_ struct udev *udev_monitor_get_udev(struct udev_monitor *udev_monitor) |
ba6929f6 | 473 | { |
912541b0 KS |
474 | if (udev_monitor == NULL) |
475 | return NULL; | |
476 | return udev_monitor->udev; | |
ba6929f6 KS |
477 | } |
478 | ||
7d8787b3 KS |
479 | /** |
480 | * udev_monitor_get_fd: | |
481 | * @udev_monitor: udev monitor | |
482 | * | |
483 | * Retrieve the socket file descriptor associated with the monitor. | |
484 | * | |
485 | * Returns: the socket file descriptor | |
486 | **/ | |
54cf0b7f | 487 | _public_ int udev_monitor_get_fd(struct udev_monitor *udev_monitor) |
ba6929f6 | 488 | { |
912541b0 | 489 | if (udev_monitor == NULL) |
994e0234 | 490 | return -EINVAL; |
912541b0 | 491 | return udev_monitor->sock; |
ba6929f6 KS |
492 | } |
493 | ||
e14bdd88 KS |
494 | static int passes_filter(struct udev_monitor *udev_monitor, struct udev_device *udev_device) |
495 | { | |
912541b0 KS |
496 | struct udev_list_entry *list_entry; |
497 | ||
498 | if (udev_list_get_entry(&udev_monitor->filter_subsystem_list) == NULL) | |
499 | goto tag; | |
500 | udev_list_entry_foreach(list_entry, udev_list_get_entry(&udev_monitor->filter_subsystem_list)) { | |
501 | const char *subsys = udev_list_entry_get_name(list_entry); | |
502 | const char *dsubsys = udev_device_get_subsystem(udev_device); | |
503 | const char *devtype; | |
504 | const char *ddevtype; | |
505 | ||
090be865 | 506 | if (!streq(dsubsys, subsys)) |
912541b0 KS |
507 | continue; |
508 | ||
509 | devtype = udev_list_entry_get_value(list_entry); | |
510 | if (devtype == NULL) | |
511 | goto tag; | |
512 | ddevtype = udev_device_get_devtype(udev_device); | |
513 | if (ddevtype == NULL) | |
514 | continue; | |
090be865 | 515 | if (streq(ddevtype, devtype)) |
912541b0 KS |
516 | goto tag; |
517 | } | |
518 | return 0; | |
28460195 KS |
519 | |
520 | tag: | |
912541b0 KS |
521 | if (udev_list_get_entry(&udev_monitor->filter_tag_list) == NULL) |
522 | return 1; | |
523 | udev_list_entry_foreach(list_entry, udev_list_get_entry(&udev_monitor->filter_tag_list)) { | |
524 | const char *tag = udev_list_entry_get_name(list_entry); | |
525 | ||
526 | if (udev_device_has_tag(udev_device, tag)) | |
527 | return 1; | |
528 | } | |
529 | return 0; | |
e14bdd88 KS |
530 | } |
531 | ||
7d8787b3 | 532 | /** |
d59f11e1 | 533 | * udev_monitor_receive_device: |
7d8787b3 KS |
534 | * @udev_monitor: udev monitor |
535 | * | |
d59f11e1 | 536 | * Receive data from the udev monitor socket, allocate a new udev |
b98fd840 | 537 | * device, fill in the received data, and return the device. |
7d8787b3 | 538 | * |
50579295 | 539 | * Only socket connections with uid=0 are accepted. |
7d8787b3 | 540 | * |
b30b4260 KS |
541 | * The monitor socket is by default set to NONBLOCK. A variant of poll() on |
542 | * the file descriptor returned by udev_monitor_get_fd() should to be used to | |
543 | * wake up when new devices arrive, or alternatively the file descriptor | |
544 | * switched into blocking mode. | |
545 | * | |
7d8787b3 | 546 | * The initial refcount is 1, and needs to be decremented to |
be7de409 | 547 | * release the resources of the udev device. |
7d8787b3 KS |
548 | * |
549 | * Returns: a new udev device, or #NULL, in case of an error | |
550 | **/ | |
54cf0b7f | 551 | _public_ struct udev_device *udev_monitor_receive_device(struct udev_monitor *udev_monitor) |
ba6929f6 | 552 | { |
912541b0 KS |
553 | struct udev_device *udev_device; |
554 | struct msghdr smsg; | |
555 | struct iovec iov; | |
556 | char cred_msg[CMSG_SPACE(sizeof(struct ucred))]; | |
557 | struct cmsghdr *cmsg; | |
b49d9b50 | 558 | union sockaddr_union snl; |
912541b0 | 559 | struct ucred *cred; |
bf3dd6b1 SL |
560 | union { |
561 | struct udev_monitor_netlink_header nlh; | |
562 | char raw[8192]; | |
563 | } buf; | |
912541b0 KS |
564 | ssize_t buflen; |
565 | ssize_t bufpos; | |
2df959ec | 566 | bool is_initialized = false; |
ba6929f6 | 567 | |
e14bdd88 | 568 | retry: |
309f631d LP |
569 | if (udev_monitor == NULL) { |
570 | errno = EINVAL; | |
912541b0 | 571 | return NULL; |
309f631d | 572 | } |
912541b0 KS |
573 | iov.iov_base = &buf; |
574 | iov.iov_len = sizeof(buf); | |
29804cc1 | 575 | memzero(&smsg, sizeof(struct msghdr)); |
912541b0 KS |
576 | smsg.msg_iov = &iov; |
577 | smsg.msg_iovlen = 1; | |
578 | smsg.msg_control = cred_msg; | |
579 | smsg.msg_controllen = sizeof(cred_msg); | |
f6613dd9 KS |
580 | smsg.msg_name = &snl; |
581 | smsg.msg_namelen = sizeof(snl); | |
912541b0 | 582 | |
a38d9945 | 583 | buflen = recvmsg(udev_monitor->sock, &smsg, 0); |
912541b0 KS |
584 | if (buflen < 0) { |
585 | if (errno != EINTR) | |
ff49bc32 | 586 | log_debug("unable to receive message"); |
912541b0 KS |
587 | return NULL; |
588 | } | |
589 | ||
9c89c1ca | 590 | if (buflen < 32 || (smsg.msg_flags & MSG_TRUNC)) { |
ff49bc32 | 591 | log_debug("invalid message length"); |
309f631d | 592 | errno = EINVAL; |
912541b0 KS |
593 | return NULL; |
594 | } | |
595 | ||
f6613dd9 KS |
596 | if (snl.nl.nl_groups == 0) { |
597 | /* unicast message, check if we trust the sender */ | |
598 | if (udev_monitor->snl_trusted_sender.nl.nl_pid == 0 || | |
599 | snl.nl.nl_pid != udev_monitor->snl_trusted_sender.nl.nl_pid) { | |
ff49bc32 | 600 | log_debug("unicast netlink message ignored"); |
309f631d | 601 | errno = EAGAIN; |
f6613dd9 KS |
602 | return NULL; |
603 | } | |
604 | } else if (snl.nl.nl_groups == UDEV_MONITOR_KERNEL) { | |
605 | if (snl.nl.nl_pid > 0) { | |
1fa2f38f ZJS |
606 | log_debug("multicast kernel netlink message from PID %"PRIu32" ignored", |
607 | snl.nl.nl_pid); | |
309f631d | 608 | errno = EAGAIN; |
f6613dd9 | 609 | return NULL; |
912541b0 KS |
610 | } |
611 | } | |
612 | ||
613 | cmsg = CMSG_FIRSTHDR(&smsg); | |
614 | if (cmsg == NULL || cmsg->cmsg_type != SCM_CREDENTIALS) { | |
ff49bc32 | 615 | log_debug("no sender credentials received, message ignored"); |
309f631d | 616 | errno = EAGAIN; |
912541b0 KS |
617 | return NULL; |
618 | } | |
619 | ||
620 | cred = (struct ucred *)CMSG_DATA(cmsg); | |
621 | if (cred->uid != 0) { | |
1fa2f38f | 622 | log_debug("sender uid="UID_FMT", message ignored", cred->uid); |
309f631d | 623 | errno = EAGAIN; |
912541b0 KS |
624 | return NULL; |
625 | } | |
626 | ||
bf3dd6b1 | 627 | if (memcmp(buf.raw, "libudev", 8) == 0) { |
912541b0 | 628 | /* udev message needs proper version magic */ |
8e38570e | 629 | if (buf.nlh.magic != htobe32(UDEV_MONITOR_MAGIC)) { |
ff49bc32 | 630 | log_debug("unrecognized message signature (%x != %x)", |
8e38570e | 631 | buf.nlh.magic, htobe32(UDEV_MONITOR_MAGIC)); |
309f631d | 632 | errno = EAGAIN; |
912541b0 KS |
633 | return NULL; |
634 | } | |
bf3dd6b1 | 635 | if (buf.nlh.properties_off+32 > (size_t)buflen) { |
e6ac88dd TG |
636 | log_debug("message smaller than expected (%u > %zd)", |
637 | buf.nlh.properties_off+32, buflen); | |
309f631d | 638 | errno = EAGAIN; |
912541b0 | 639 | return NULL; |
f6613dd9 KS |
640 | } |
641 | ||
bf3dd6b1 | 642 | bufpos = buf.nlh.properties_off; |
f6613dd9 KS |
643 | |
644 | /* devices received from udev are always initialized */ | |
2df959ec | 645 | is_initialized = true; |
912541b0 KS |
646 | } else { |
647 | /* kernel message with header */ | |
bf3dd6b1 | 648 | bufpos = strlen(buf.raw) + 1; |
912541b0 | 649 | if ((size_t)bufpos < sizeof("a@/d") || bufpos >= buflen) { |
ff49bc32 | 650 | log_debug("invalid message length"); |
309f631d | 651 | errno = EAGAIN; |
912541b0 KS |
652 | return NULL; |
653 | } | |
654 | ||
655 | /* check message header */ | |
bf3dd6b1 | 656 | if (strstr(buf.raw, "@/") == NULL) { |
ff49bc32 | 657 | log_debug("unrecognized message header"); |
309f631d | 658 | errno = EAGAIN; |
912541b0 KS |
659 | return NULL; |
660 | } | |
661 | } | |
662 | ||
2df959ec | 663 | udev_device = udev_device_new_from_nulstr(udev_monitor->udev, &buf.raw[bufpos], buflen - bufpos); |
e6ac88dd | 664 | if (!udev_device) { |
25f027c5 | 665 | log_debug_errno(errno, "could not create device: %m"); |
912541b0 | 666 | return NULL; |
e6ac88dd | 667 | } |
2df959ec TG |
668 | |
669 | if (is_initialized) | |
670 | udev_device_set_is_initialized(udev_device); | |
912541b0 KS |
671 | |
672 | /* skip device, if it does not pass the current filter */ | |
673 | if (!passes_filter(udev_monitor, udev_device)) { | |
674 | struct pollfd pfd[1]; | |
675 | int rc; | |
676 | ||
677 | udev_device_unref(udev_device); | |
678 | ||
679 | /* if something is queued, get next device */ | |
680 | pfd[0].fd = udev_monitor->sock; | |
681 | pfd[0].events = POLLIN; | |
682 | rc = poll(pfd, 1, 0); | |
683 | if (rc > 0) | |
684 | goto retry; | |
309f631d LP |
685 | |
686 | errno = EAGAIN; | |
912541b0 KS |
687 | return NULL; |
688 | } | |
689 | ||
690 | return udev_device; | |
ba6929f6 | 691 | } |
9925ab04 | 692 | |
3782454c YW |
693 | int udev_monitor_receive_sd_device(struct udev_monitor *udev_monitor, sd_device **ret) { |
694 | _cleanup_(udev_device_unrefp) struct udev_device *udev_device = NULL; | |
695 | ||
696 | assert(ret); | |
697 | ||
698 | udev_device = udev_monitor_receive_device(udev_monitor); | |
699 | if (!udev_device) | |
700 | return -errno; | |
701 | ||
702 | *ret = sd_device_ref(udev_device->device); | |
703 | return 0; | |
704 | } | |
705 | ||
1e03b754 | 706 | int udev_monitor_send_device(struct udev_monitor *udev_monitor, |
912541b0 | 707 | struct udev_monitor *destination, struct udev_device *udev_device) |
9925ab04 | 708 | { |
81b9fe54 ZJS |
709 | const char *buf, *val; |
710 | ssize_t blen, count; | |
711 | struct udev_monitor_netlink_header nlh = { | |
712 | .prefix = "libudev", | |
8e38570e | 713 | .magic = htobe32(UDEV_MONITOR_MAGIC), |
81b9fe54 ZJS |
714 | .header_size = sizeof nlh, |
715 | }; | |
716 | struct iovec iov[2] = { | |
717 | { .iov_base = &nlh, .iov_len = sizeof nlh }, | |
718 | }; | |
719 | struct msghdr smsg = { | |
720 | .msg_iov = iov, | |
721 | .msg_iovlen = 2, | |
722 | }; | |
2d13da88 KS |
723 | struct udev_list_entry *list_entry; |
724 | uint64_t tag_bloom_bits; | |
725 | ||
912541b0 | 726 | blen = udev_device_get_properties_monitor_buf(udev_device, &buf); |
e6ac88dd TG |
727 | if (blen < 32) { |
728 | log_debug("device buffer is too small to contain a valid device"); | |
912541b0 | 729 | return -EINVAL; |
e6ac88dd | 730 | } |
912541b0 | 731 | |
81b9fe54 | 732 | /* fill in versioned header */ |
2d13da88 | 733 | val = udev_device_get_subsystem(udev_device); |
8e38570e | 734 | nlh.filter_subsystem_hash = htobe32(util_string_hash32(val)); |
81b9fe54 | 735 | |
2d13da88 KS |
736 | val = udev_device_get_devtype(udev_device); |
737 | if (val != NULL) | |
8e38570e | 738 | nlh.filter_devtype_hash = htobe32(util_string_hash32(val)); |
2d13da88 KS |
739 | |
740 | /* add tag bloom filter */ | |
741 | tag_bloom_bits = 0; | |
742 | udev_list_entry_foreach(list_entry, udev_device_get_tags_list_entry(udev_device)) | |
743 | tag_bloom_bits |= util_string_bloom64(udev_list_entry_get_name(list_entry)); | |
744 | if (tag_bloom_bits > 0) { | |
8e38570e LP |
745 | nlh.filter_tag_bloom_hi = htobe32(tag_bloom_bits >> 32); |
746 | nlh.filter_tag_bloom_lo = htobe32(tag_bloom_bits & 0xffffffff); | |
912541b0 KS |
747 | } |
748 | ||
2d13da88 KS |
749 | /* add properties list */ |
750 | nlh.properties_off = iov[0].iov_len; | |
751 | nlh.properties_len = blen; | |
752 | iov[1].iov_base = (char *)buf; | |
753 | iov[1].iov_len = blen; | |
912541b0 | 754 | |
2d13da88 KS |
755 | /* |
756 | * Use custom address for target, or the default one. | |
757 | * | |
758 | * If we send to a multicast group, we will get | |
759 | * ECONNREFUSED, which is expected. | |
760 | */ | |
a4445e88 | 761 | if (destination) |
2d13da88 KS |
762 | smsg.msg_name = &destination->snl; |
763 | else | |
764 | smsg.msg_name = &udev_monitor->snl_destination; | |
765 | smsg.msg_namelen = sizeof(struct sockaddr_nl); | |
766 | count = sendmsg(udev_monitor->sock, &smsg, 0); | |
a4445e88 TG |
767 | if (count < 0) { |
768 | if (!destination && errno == ECONNREFUSED) { | |
7800bf71 | 769 | log_debug("passed device to netlink monitor %p", udev_monitor); |
a4445e88 TG |
770 | return 0; |
771 | } else | |
772 | return -errno; | |
773 | } | |
774 | ||
965288c5 | 775 | log_debug("passed %zi byte device to netlink monitor %p", count, udev_monitor); |
2d13da88 | 776 | return count; |
9925ab04 | 777 | } |
e14bdd88 | 778 | |
ce1d6d7f KS |
779 | /** |
780 | * udev_monitor_filter_add_match_subsystem_devtype: | |
781 | * @udev_monitor: the monitor | |
782 | * @subsystem: the subsystem value to match the incoming devices against | |
214a6c79 | 783 | * @devtype: the devtype value to match the incoming devices against |
ce1d6d7f | 784 | * |
50579295 | 785 | * This filter is efficiently executed inside the kernel, and libudev subscribers |
28460195 KS |
786 | * will usually not be woken up for devices which do not match. |
787 | * | |
ce1d6d7f KS |
788 | * The filter must be installed before the monitor is switched to listening mode. |
789 | * | |
790 | * Returns: 0 on success, otherwise a negative error value. | |
791 | */ | |
54cf0b7f | 792 | _public_ int udev_monitor_filter_add_match_subsystem_devtype(struct udev_monitor *udev_monitor, const char *subsystem, const char *devtype) |
e14bdd88 | 793 | { |
912541b0 KS |
794 | if (udev_monitor == NULL) |
795 | return -EINVAL; | |
796 | if (subsystem == NULL) | |
797 | return -EINVAL; | |
798 | if (udev_list_entry_add(&udev_monitor->filter_subsystem_list, subsystem, devtype) == NULL) | |
799 | return -ENOMEM; | |
800 | return 0; | |
e14bdd88 | 801 | } |
08a7a795 | 802 | |
28460195 KS |
803 | /** |
804 | * udev_monitor_filter_add_match_tag: | |
805 | * @udev_monitor: the monitor | |
806 | * @tag: the name of a tag | |
807 | * | |
50579295 | 808 | * This filter is efficiently executed inside the kernel, and libudev subscribers |
28460195 KS |
809 | * will usually not be woken up for devices which do not match. |
810 | * | |
811 | * The filter must be installed before the monitor is switched to listening mode. | |
812 | * | |
813 | * Returns: 0 on success, otherwise a negative error value. | |
814 | */ | |
54cf0b7f | 815 | _public_ int udev_monitor_filter_add_match_tag(struct udev_monitor *udev_monitor, const char *tag) |
28460195 | 816 | { |
912541b0 KS |
817 | if (udev_monitor == NULL) |
818 | return -EINVAL; | |
819 | if (tag == NULL) | |
820 | return -EINVAL; | |
821 | if (udev_list_entry_add(&udev_monitor->filter_tag_list, tag, NULL) == NULL) | |
822 | return -ENOMEM; | |
823 | return 0; | |
28460195 KS |
824 | } |
825 | ||
ce1d6d7f KS |
826 | /** |
827 | * udev_monitor_filter_remove: | |
828 | * @udev_monitor: monitor | |
829 | * | |
830 | * Remove all filters from monitor. | |
831 | * | |
832 | * Returns: 0 on success, otherwise a negative error value. | |
833 | */ | |
54cf0b7f | 834 | _public_ int udev_monitor_filter_remove(struct udev_monitor *udev_monitor) |
08a7a795 | 835 | { |
309f631d | 836 | static const struct sock_fprog filter = { 0, NULL }; |
08a7a795 | 837 | |
912541b0 | 838 | udev_list_cleanup(&udev_monitor->filter_subsystem_list); |
309f631d LP |
839 | if (setsockopt(udev_monitor->sock, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof(filter)) < 0) |
840 | return -errno; | |
841 | ||
842 | return 0; | |
08a7a795 | 843 | } |