]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
118ecf32 | 2 | |
118ecf32 | 3 | #include <fcntl.h> |
118ecf32 DH |
4 | #include <string.h> |
5 | #include <sys/ioctl.h> | |
118ecf32 | 6 | #include <sys/types.h> |
118ecf32 | 7 | |
4f209af7 | 8 | #include "sd-device.h" |
6ecda0fb | 9 | #include "sd-daemon.h" |
b4bbcaa9 | 10 | |
b5efdb8a | 11 | #include "alloc-util.h" |
cc377381 | 12 | #include "bus-util.h" |
2720b6f2 | 13 | #include "daemon-util.h" |
fb53ee0a | 14 | #include "device-util.h" |
3ffd4af2 | 15 | #include "fd-util.h" |
6ecda0fb | 16 | #include "logind-session-dbus.h" |
cc377381 | 17 | #include "logind-session-device.h" |
f5947a5e YW |
18 | #include "missing_drm.h" |
19 | #include "missing_input.h" | |
aed24c4c | 20 | #include "parse-util.h" |
118ecf32 DH |
21 | |
22 | enum SessionDeviceNotifications { | |
23 | SESSION_DEVICE_RESUME, | |
24 | SESSION_DEVICE_TRY_PAUSE, | |
25 | SESSION_DEVICE_PAUSE, | |
26 | SESSION_DEVICE_RELEASE, | |
27 | }; | |
28 | ||
cc377381 | 29 | static int session_device_notify(SessionDevice *sd, enum SessionDeviceNotifications type) { |
4afd3348 | 30 | _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL; |
118ecf32 DH |
31 | _cleanup_free_ char *path = NULL; |
32 | const char *t = NULL; | |
081dfa85 | 33 | uint32_t major, minor; |
cc377381 | 34 | int r; |
118ecf32 DH |
35 | |
36 | assert(sd); | |
37 | ||
081dfa85 DH |
38 | major = major(sd->dev); |
39 | minor = minor(sd->dev); | |
40 | ||
118ecf32 | 41 | if (!sd->session->controller) |
cc377381 | 42 | return 0; |
118ecf32 DH |
43 | |
44 | path = session_bus_path(sd->session); | |
45 | if (!path) | |
cc377381 | 46 | return -ENOMEM; |
118ecf32 | 47 | |
cc377381 | 48 | r = sd_bus_message_new_signal( |
151b9b96 LP |
49 | sd->session->manager->bus, |
50 | &m, path, | |
cc377381 | 51 | "org.freedesktop.login1.Session", |
0b6a4795 | 52 | type == SESSION_DEVICE_RESUME ? "ResumeDevice" : "PauseDevice"); |
118ecf32 | 53 | if (!m) |
cc377381 | 54 | return r; |
118ecf32 | 55 | |
cc377381 LP |
56 | r = sd_bus_message_set_destination(m, sd->session->controller); |
57 | if (r < 0) | |
58 | return r; | |
118ecf32 DH |
59 | |
60 | switch (type) { | |
864fe630 | 61 | |
118ecf32 | 62 | case SESSION_DEVICE_RESUME: |
cc377381 LP |
63 | r = sd_bus_message_append(m, "uuh", major, minor, sd->fd); |
64 | if (r < 0) | |
65 | return r; | |
118ecf32 | 66 | break; |
864fe630 | 67 | |
118ecf32 DH |
68 | case SESSION_DEVICE_TRY_PAUSE: |
69 | t = "pause"; | |
70 | break; | |
864fe630 | 71 | |
118ecf32 DH |
72 | case SESSION_DEVICE_PAUSE: |
73 | t = "force"; | |
74 | break; | |
864fe630 | 75 | |
118ecf32 DH |
76 | case SESSION_DEVICE_RELEASE: |
77 | t = "gone"; | |
78 | break; | |
864fe630 | 79 | |
118ecf32 | 80 | default: |
cc377381 | 81 | return -EINVAL; |
118ecf32 DH |
82 | } |
83 | ||
cc377381 LP |
84 | if (t) { |
85 | r = sd_bus_message_append(m, "uus", major, minor, t); | |
86 | if (r < 0) | |
87 | return r; | |
88 | } | |
118ecf32 | 89 | |
cc377381 | 90 | return sd_bus_send(sd->session->manager->bus, m, NULL); |
118ecf32 DH |
91 | } |
92 | ||
a3ddf73c | 93 | static void sd_eviocrevoke(int fd) { |
5d5330a8 | 94 | static bool warned = false; |
118ecf32 DH |
95 | |
96 | assert(fd >= 0); | |
97 | ||
5d5330a8 LP |
98 | if (ioctl(fd, EVIOCREVOKE, NULL) < 0) { |
99 | ||
100 | if (errno == EINVAL && !warned) { | |
101 | log_warning_errno(errno, "Kernel does not support evdev-revocation: %m"); | |
118ecf32 | 102 | warned = true; |
118ecf32 DH |
103 | } |
104 | } | |
118ecf32 DH |
105 | } |
106 | ||
107 | static int sd_drmsetmaster(int fd) { | |
118ecf32 | 108 | assert(fd >= 0); |
7c248223 | 109 | return RET_NERRNO(ioctl(fd, DRM_IOCTL_SET_MASTER, 0)); |
118ecf32 DH |
110 | } |
111 | ||
112 | static int sd_drmdropmaster(int fd) { | |
118ecf32 | 113 | assert(fd >= 0); |
7c248223 | 114 | return RET_NERRNO(ioctl(fd, DRM_IOCTL_DROP_MASTER, 0)); |
118ecf32 DH |
115 | } |
116 | ||
117 | static int session_device_open(SessionDevice *sd, bool active) { | |
1189815a MY |
118 | _cleanup_close_ int fd = -EBADF; |
119 | int r; | |
118ecf32 | 120 | |
864fe630 | 121 | assert(sd); |
118ecf32 | 122 | assert(sd->type != DEVICE_TYPE_UNKNOWN); |
864fe630 | 123 | assert(sd->node); |
118ecf32 | 124 | |
65df0ce3 | 125 | /* open device and try to get a udev_device from it */ |
118ecf32 DH |
126 | fd = open(sd->node, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK); |
127 | if (fd < 0) | |
128 | return -errno; | |
129 | ||
130 | switch (sd->type) { | |
864fe630 | 131 | |
118ecf32 | 132 | case DEVICE_TYPE_DRM: |
c2e5d024 | 133 | if (active) { |
864fe630 LP |
134 | /* Weird legacy DRM semantics might return an error even though we're master. No way to detect |
135 | * that so fail at all times and let caller retry in inactive state. */ | |
c2e5d024 | 136 | r = sd_drmsetmaster(fd); |
1189815a | 137 | if (r < 0) |
c2e5d024 | 138 | return r; |
864fe630 LP |
139 | } else |
140 | /* DRM-Master is granted to the first user who opens a device automatically (ughh, | |
141 | * racy!). Hence, we just drop DRM-Master in case we were the first. */ | |
4804600b | 142 | (void) sd_drmdropmaster(fd); |
118ecf32 | 143 | break; |
864fe630 | 144 | |
118ecf32 DH |
145 | case DEVICE_TYPE_EVDEV: |
146 | if (!active) | |
147 | sd_eviocrevoke(fd); | |
148 | break; | |
864fe630 | 149 | |
118ecf32 DH |
150 | case DEVICE_TYPE_UNKNOWN: |
151 | default: | |
5238e957 | 152 | /* fallback for devices without synchronizations */ |
118ecf32 DH |
153 | break; |
154 | } | |
155 | ||
1189815a | 156 | return TAKE_FD(fd); |
118ecf32 DH |
157 | } |
158 | ||
159 | static int session_device_start(SessionDevice *sd) { | |
160 | int r; | |
161 | ||
162 | assert(sd); | |
163 | assert(session_is_active(sd->session)); | |
164 | ||
165 | if (sd->active) | |
166 | return 0; | |
167 | ||
168 | switch (sd->type) { | |
864fe630 | 169 | |
118ecf32 | 170 | case DEVICE_TYPE_DRM: |
baaa35ad ZJS |
171 | if (sd->fd < 0) |
172 | return log_error_errno(SYNTHETIC_ERRNO(EBADF), | |
173 | "Failed to re-activate DRM fd, as the fd was lost (maybe logind restart went wrong?)"); | |
f2705337 AJ |
174 | |
175 | /* Device is kept open. Simply call drmSetMaster() and hope there is no-one else. In case it fails, we | |
176 | * keep the device paused. Maybe at some point we have a drmStealMaster(). */ | |
177 | r = sd_drmsetmaster(sd->fd); | |
178 | if (r < 0) | |
179 | return r; | |
118ecf32 | 180 | break; |
864fe630 | 181 | |
118ecf32 | 182 | case DEVICE_TYPE_EVDEV: |
864fe630 | 183 | /* Evdev devices are revoked while inactive. Reopen it and we are fine. */ |
118ecf32 DH |
184 | r = session_device_open(sd, true); |
185 | if (r < 0) | |
186 | return r; | |
864fe630 LP |
187 | |
188 | /* For evdev devices, the file descriptor might be left uninitialized. This might happen while resuming | |
189 | * into a session and logind has been restarted right before. */ | |
ee3455cf | 190 | close_and_replace(sd->fd, r); |
118ecf32 | 191 | break; |
864fe630 | 192 | |
118ecf32 DH |
193 | case DEVICE_TYPE_UNKNOWN: |
194 | default: | |
340aff15 | 195 | /* fallback for devices without synchronizations */ |
118ecf32 DH |
196 | break; |
197 | } | |
198 | ||
199 | sd->active = true; | |
200 | return 0; | |
201 | } | |
202 | ||
203 | static void session_device_stop(SessionDevice *sd) { | |
204 | assert(sd); | |
205 | ||
206 | if (!sd->active) | |
207 | return; | |
208 | ||
209 | switch (sd->type) { | |
340aff15 | 210 | |
118ecf32 | 211 | case DEVICE_TYPE_DRM: |
f2705337 AJ |
212 | if (sd->fd < 0) { |
213 | log_error("Failed to de-activate DRM fd, as the fd was lost (maybe logind restart went wrong?)"); | |
214 | return; | |
215 | } | |
216 | ||
118ecf32 DH |
217 | /* On DRM devices we simply drop DRM-Master but keep it open. |
218 | * This allows the user to keep resources allocated. The | |
219 | * CAP_SYS_ADMIN restriction to DRM-Master prevents users from | |
220 | * circumventing this. */ | |
221 | sd_drmdropmaster(sd->fd); | |
222 | break; | |
340aff15 | 223 | |
118ecf32 DH |
224 | case DEVICE_TYPE_EVDEV: |
225 | /* Revoke access on evdev file-descriptors during deactivation. | |
226 | * This will basically prevent any operations on the fd and | |
227 | * cannot be undone. Good side is: it needs no CAP_SYS_ADMIN | |
228 | * protection this way. */ | |
229 | sd_eviocrevoke(sd->fd); | |
230 | break; | |
340aff15 | 231 | |
118ecf32 DH |
232 | case DEVICE_TYPE_UNKNOWN: |
233 | default: | |
234 | /* fallback for devices without synchronization */ | |
235 | break; | |
236 | } | |
237 | ||
238 | sd->active = false; | |
239 | } | |
240 | ||
4f209af7 | 241 | static DeviceType detect_device_type(sd_device *dev) { |
fb53ee0a | 242 | const char *sysname; |
118ecf32 | 243 | |
fb53ee0a YW |
244 | if (sd_device_get_sysname(dev, &sysname) < 0) |
245 | return DEVICE_TYPE_UNKNOWN; | |
118ecf32 | 246 | |
fb53ee0a | 247 | if (device_in_subsystem(dev, "drm")) { |
118ecf32 | 248 | if (startswith(sysname, "card")) |
fb53ee0a YW |
249 | return DEVICE_TYPE_DRM; |
250 | ||
251 | } else if (device_in_subsystem(dev, "input")) { | |
118ecf32 | 252 | if (startswith(sysname, "event")) |
fb53ee0a | 253 | return DEVICE_TYPE_EVDEV; |
118ecf32 DH |
254 | } |
255 | ||
fb53ee0a | 256 | return DEVICE_TYPE_UNKNOWN; |
118ecf32 DH |
257 | } |
258 | ||
259 | static int session_device_verify(SessionDevice *sd) { | |
4f209af7 | 260 | _cleanup_(sd_device_unrefp) sd_device *p = NULL; |
c679e12a | 261 | const char *sp, *node; |
4f209af7 | 262 | sd_device *dev; |
118ecf32 DH |
263 | int r; |
264 | ||
c679e12a YW |
265 | r = sd_device_new_from_devnum(&p, 'c', sd->dev); |
266 | if (r < 0) | |
267 | return r; | |
118ecf32 | 268 | |
4f209af7 YW |
269 | dev = p; |
270 | ||
c679e12a YW |
271 | if (sd_device_get_syspath(dev, &sp) < 0 || |
272 | sd_device_get_devname(dev, &node) < 0) | |
4f209af7 | 273 | return -EINVAL; |
118ecf32 DH |
274 | |
275 | /* detect device type so we can find the correct sysfs parent */ | |
276 | sd->type = detect_device_type(dev); | |
4f209af7 | 277 | |
351072ed PH |
278 | /* Prevent opening unsupported devices. Especially devices of |
279 | * subsystem "input" must be opened via the evdev node as | |
280 | * we require EVIOCREVOKE. */ | |
281 | switch (sd->type) { | |
282 | case DEVICE_TYPE_EVDEV: | |
118ecf32 | 283 | /* for evdev devices we need the parent node as device */ |
4f209af7 YW |
284 | if (sd_device_get_parent_with_subsystem_devtype(p, "input", NULL, &dev) < 0) |
285 | return -ENODEV; | |
286 | if (sd_device_get_syspath(dev, &sp) < 0) | |
287 | return -ENODEV; | |
351072ed | 288 | break; |
4f209af7 | 289 | |
351072ed PH |
290 | case DEVICE_TYPE_DRM: |
291 | break; | |
292 | ||
293 | case DEVICE_TYPE_UNKNOWN: | |
294 | default: | |
4f209af7 | 295 | return -ENODEV; |
351072ed | 296 | } |
118ecf32 DH |
297 | |
298 | /* search for an existing seat device and return it if available */ | |
299 | sd->device = hashmap_get(sd->session->manager->devices, sp); | |
300 | if (!sd->device) { | |
301 | /* The caller might have gotten the udev event before we were | |
302 | * able to process it. Hence, fake the "add" event and let the | |
303 | * logind-manager handle the new device. */ | |
304 | r = manager_process_seat_device(sd->session->manager, dev); | |
305 | if (r < 0) | |
4f209af7 | 306 | return r; |
118ecf32 DH |
307 | |
308 | /* if it's still not available, then the device is invalid */ | |
309 | sd->device = hashmap_get(sd->session->manager->devices, sp); | |
4f209af7 YW |
310 | if (!sd->device) |
311 | return -ENODEV; | |
118ecf32 DH |
312 | } |
313 | ||
4f209af7 YW |
314 | if (sd->device->seat != sd->session->seat) |
315 | return -EPERM; | |
118ecf32 DH |
316 | |
317 | sd->node = strdup(node); | |
4f209af7 YW |
318 | if (!sd->node) |
319 | return -ENOMEM; | |
118ecf32 | 320 | |
4f209af7 | 321 | return 0; |
118ecf32 DH |
322 | } |
323 | ||
8ccba83f | 324 | int session_device_new(Session *s, dev_t dev, bool open_device, SessionDevice **ret) { |
118ecf32 DH |
325 | SessionDevice *sd; |
326 | int r; | |
327 | ||
328 | assert(s); | |
118ecf32 DH |
329 | |
330 | if (!s->seat) | |
331 | return -EPERM; | |
332 | ||
8ccba83f | 333 | sd = new(SessionDevice, 1); |
118ecf32 DH |
334 | if (!sd) |
335 | return -ENOMEM; | |
336 | ||
8ccba83f MY |
337 | *sd = (SessionDevice) { |
338 | .session = s, | |
339 | .dev = dev, | |
340 | .fd = -EBADF, | |
341 | .type = DEVICE_TYPE_UNKNOWN, | |
342 | }; | |
118ecf32 DH |
343 | |
344 | r = session_device_verify(sd); | |
345 | if (r < 0) | |
346 | goto error; | |
347 | ||
831dedef | 348 | r = hashmap_put(s->devices, &sd->dev, sd); |
e38aa664 | 349 | if (r < 0) |
118ecf32 | 350 | goto error; |
118ecf32 | 351 | |
aed24c4c FB |
352 | if (open_device) { |
353 | /* Open the device for the first time. We need a valid fd to pass back | |
354 | * to the caller. If the session is not active, this _might_ immediately | |
355 | * revoke access and thus invalidate the fd. But this is still needed | |
356 | * to pass a valid fd back. */ | |
357 | sd->active = session_is_active(s); | |
358 | r = session_device_open(sd, sd->active); | |
359 | if (r < 0) { | |
360 | /* EINVAL _may_ mean a master is active; retry inactive */ | |
361 | if (sd->active && r == -EINVAL) { | |
362 | sd->active = false; | |
363 | r = session_device_open(sd, false); | |
364 | } | |
365 | if (r < 0) | |
366 | goto error; | |
c2e5d024 | 367 | } |
aed24c4c | 368 | sd->fd = r; |
c2e5d024 | 369 | } |
118ecf32 | 370 | |
71fda00f | 371 | LIST_PREPEND(sd_by_device, sd->device->session_devices, sd); |
118ecf32 | 372 | |
8ccba83f MY |
373 | if (ret) |
374 | *ret = sd; | |
375 | ||
118ecf32 DH |
376 | return 0; |
377 | ||
378 | error: | |
831dedef | 379 | hashmap_remove(s->devices, &sd->dev); |
118ecf32 DH |
380 | free(sd->node); |
381 | free(sd); | |
382 | return r; | |
383 | } | |
384 | ||
80e52052 DT |
385 | SessionDevice *session_device_free(SessionDevice *sd) { |
386 | if (!sd) | |
387 | return NULL; | |
118ecf32 | 388 | |
1bef256c | 389 | /* Make sure to remove the pushed fd. */ |
2720b6f2 YW |
390 | if (sd->pushed_fd) |
391 | (void) notify_remove_fd_warnf("session-%s-device-%u-%u", sd->session->id, major(sd->dev), minor(sd->dev)); | |
4050e479 | 392 | |
118ecf32 DH |
393 | session_device_stop(sd); |
394 | session_device_notify(sd, SESSION_DEVICE_RELEASE); | |
4d219f53 | 395 | safe_close(sd->fd); |
118ecf32 | 396 | |
71fda00f | 397 | LIST_REMOVE(sd_by_device, sd->device->session_devices, sd); |
118ecf32 | 398 | |
831dedef | 399 | hashmap_remove(sd->session->devices, &sd->dev); |
118ecf32 DH |
400 | |
401 | free(sd->node); | |
80e52052 DT |
402 | |
403 | return mfree(sd); | |
118ecf32 DH |
404 | } |
405 | ||
406 | void session_device_complete_pause(SessionDevice *sd) { | |
d7bd01b5 | 407 | SessionDevice *iter; |
d7bd01b5 | 408 | |
118ecf32 DH |
409 | if (!sd->active) |
410 | return; | |
411 | ||
412 | session_device_stop(sd); | |
d7bd01b5 DH |
413 | |
414 | /* if not all devices are paused, wait for further completion events */ | |
90e74a66 | 415 | HASHMAP_FOREACH(iter, sd->session->devices) |
d7bd01b5 DH |
416 | if (iter->active) |
417 | return; | |
418 | ||
419 | /* complete any pending session switch */ | |
420 | seat_complete_switch(sd->session->seat); | |
118ecf32 DH |
421 | } |
422 | ||
423 | void session_device_resume_all(Session *s) { | |
424 | SessionDevice *sd; | |
118ecf32 DH |
425 | |
426 | assert(s); | |
427 | ||
90e74a66 | 428 | HASHMAP_FOREACH(sd, s->devices) { |
d7ba71f4 LP |
429 | if (sd->active) |
430 | continue; | |
431 | ||
432 | if (session_device_start(sd) < 0) | |
433 | continue; | |
434 | if (session_device_save(sd) < 0) | |
435 | continue; | |
340aff15 | 436 | |
d7ba71f4 | 437 | session_device_notify(sd, SESSION_DEVICE_RESUME); |
118ecf32 DH |
438 | } |
439 | } | |
440 | ||
441 | void session_device_pause_all(Session *s) { | |
442 | SessionDevice *sd; | |
118ecf32 DH |
443 | |
444 | assert(s); | |
445 | ||
90e74a66 | 446 | HASHMAP_FOREACH(sd, s->devices) { |
d7ba71f4 LP |
447 | if (!sd->active) |
448 | continue; | |
449 | ||
450 | session_device_stop(sd); | |
451 | session_device_notify(sd, SESSION_DEVICE_PAUSE); | |
118ecf32 DH |
452 | } |
453 | } | |
d7bd01b5 | 454 | |
14cb109d | 455 | unsigned session_device_try_pause_all(Session *s) { |
d7ba71f4 | 456 | unsigned num_pending = 0; |
d7bd01b5 | 457 | SessionDevice *sd; |
d7bd01b5 DH |
458 | |
459 | assert(s); | |
460 | ||
90e74a66 | 461 | HASHMAP_FOREACH(sd, s->devices) { |
d7ba71f4 LP |
462 | if (!sd->active) |
463 | continue; | |
464 | ||
465 | session_device_notify(sd, SESSION_DEVICE_TRY_PAUSE); | |
466 | num_pending++; | |
d7bd01b5 DH |
467 | } |
468 | ||
469 | return num_pending; | |
470 | } | |
aed24c4c FB |
471 | |
472 | int session_device_save(SessionDevice *sd) { | |
1bef256c | 473 | const char *id; |
aed24c4c FB |
474 | int r; |
475 | ||
476 | assert(sd); | |
477 | ||
4050e479 LP |
478 | /* Store device fd in PID1. It will send it back to us on restart so revocation will continue to work. To make |
479 | * things simple, send fds for all type of devices even if they don't support the revocation mechanism so we | |
480 | * don't have to handle them differently later. | |
aed24c4c | 481 | * |
4050e479 LP |
482 | * Note: for device supporting revocation, PID1 will drop a stored fd automatically if the corresponding device |
483 | * is revoked. */ | |
484 | ||
485 | if (sd->pushed_fd) | |
486 | return 0; | |
f86fae61 | 487 | |
1bef256c AJ |
488 | /* Session ID does not contain separators. */ |
489 | id = sd->session->id; | |
490 | assert(*(id + strcspn(id, "-\n")) == '\0'); | |
491 | ||
2720b6f2 | 492 | r = notify_push_fdf(sd->fd, "session-%s-device-%u-%u", id, major(sd->dev), minor(sd->dev)); |
aed24c4c | 493 | if (r < 0) |
4050e479 | 494 | return r; |
aed24c4c | 495 | |
4050e479 LP |
496 | sd->pushed_fd = true; |
497 | return 1; | |
aed24c4c FB |
498 | } |
499 | ||
500 | void session_device_attach_fd(SessionDevice *sd, int fd, bool active) { | |
4c9cb12c | 501 | assert(fd >= 0); |
aed24c4c FB |
502 | assert(sd); |
503 | assert(sd->fd < 0); | |
504 | assert(!sd->active); | |
505 | ||
506 | sd->fd = fd; | |
f8f9419e | 507 | sd->pushed_fd = true; |
aed24c4c FB |
508 | sd->active = active; |
509 | } |