]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd/sd-bus/bus-kernel.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
treewide: use log_*_errno whenever %m is in the format string
[thirdparty/systemd.git] / src / libsystemd / sd-bus / bus-kernel.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2013 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #ifdef HAVE_VALGRIND_MEMCHECK_H
23 #include <valgrind/memcheck.h>
24 #endif
25
26 #include <fcntl.h>
27 #include <malloc.h>
28 #include <libgen.h>
29 #include <sys/mman.h>
30 #include <sys/prctl.h>
31
32 #include "util.h"
33 #include "strv.h"
34 #include "memfd-util.h"
35 #include "cgroup-util.h"
36 #include "fileio.h"
37
38 #include "bus-internal.h"
39 #include "bus-message.h"
40 #include "bus-kernel.h"
41 #include "bus-bloom.h"
42 #include "bus-util.h"
43 #include "bus-label.h"
44
45 #define UNIQUE_NAME_MAX (3+DECIMAL_STR_MAX(uint64_t))
46
47 int bus_kernel_parse_unique_name(const char *s, uint64_t *id) {
48 int r;
49
50 assert(s);
51 assert(id);
52
53 if (!startswith(s, ":1."))
54 return 0;
55
56 r = safe_atou64(s + 3, id);
57 if (r < 0)
58 return r;
59
60 return 1;
61 }
62
63 static void append_payload_vec(struct kdbus_item **d, const void *p, size_t sz) {
64 assert(d);
65 assert(sz > 0);
66
67 *d = ALIGN8_PTR(*d);
68
69 /* Note that p can be NULL, which encodes a region full of
70 * zeroes, which is useful to optimize certain padding
71 * conditions */
72
73 (*d)->size = offsetof(struct kdbus_item, vec) + sizeof(struct kdbus_vec);
74 (*d)->type = KDBUS_ITEM_PAYLOAD_VEC;
75 (*d)->vec.address = PTR_TO_UINT64(p);
76 (*d)->vec.size = sz;
77
78 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
79 }
80
81 static void append_payload_memfd(struct kdbus_item **d, int memfd, size_t sz) {
82 assert(d);
83 assert(memfd >= 0);
84 assert(sz > 0);
85
86 *d = ALIGN8_PTR(*d);
87 (*d)->size = offsetof(struct kdbus_item, memfd) + sizeof(struct kdbus_memfd);
88 (*d)->type = KDBUS_ITEM_PAYLOAD_MEMFD;
89 (*d)->memfd.fd = memfd;
90 (*d)->memfd.size = sz;
91
92 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
93 }
94
95 static void append_destination(struct kdbus_item **d, const char *s, size_t length) {
96 assert(d);
97 assert(s);
98
99 *d = ALIGN8_PTR(*d);
100
101 (*d)->size = offsetof(struct kdbus_item, str) + length + 1;
102 (*d)->type = KDBUS_ITEM_DST_NAME;
103 memcpy((*d)->str, s, length + 1);
104
105 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
106 }
107
108 static struct kdbus_bloom_filter *append_bloom(struct kdbus_item **d, size_t length) {
109 struct kdbus_item *i;
110
111 assert(d);
112
113 i = ALIGN8_PTR(*d);
114
115 i->size = offsetof(struct kdbus_item, bloom_filter) +
116 offsetof(struct kdbus_bloom_filter, data) +
117 length;
118 i->type = KDBUS_ITEM_BLOOM_FILTER;
119
120 *d = (struct kdbus_item *) ((uint8_t*) i + i->size);
121
122 return &i->bloom_filter;
123 }
124
125 static void append_fds(struct kdbus_item **d, const int fds[], unsigned n_fds) {
126 assert(d);
127 assert(fds);
128 assert(n_fds > 0);
129
130 *d = ALIGN8_PTR(*d);
131 (*d)->size = offsetof(struct kdbus_item, fds) + sizeof(int) * n_fds;
132 (*d)->type = KDBUS_ITEM_FDS;
133 memcpy((*d)->fds, fds, sizeof(int) * n_fds);
134
135 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
136 }
137
138 static int bus_message_setup_bloom(sd_bus_message *m, struct kdbus_bloom_filter *bloom) {
139 void *data;
140 unsigned i;
141 int r;
142
143 assert(m);
144 assert(bloom);
145
146 data = bloom->data;
147 memzero(data, m->bus->bloom_size);
148 bloom->generation = 0;
149
150 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "message-type", bus_message_type_to_string(m->header->type));
151
152 if (m->interface)
153 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "interface", m->interface);
154 if (m->member)
155 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "member", m->member);
156 if (m->path) {
157 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "path", m->path);
158 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "path-slash-prefix", m->path);
159 bloom_add_prefixes(data, m->bus->bloom_size, m->bus->bloom_n_hash, "path-slash-prefix", m->path, '/');
160 }
161
162 r = sd_bus_message_rewind(m, true);
163 if (r < 0)
164 return r;
165
166 for (i = 0; i < 64; i++) {
167 char type;
168 const char *t;
169 char buf[sizeof("arg")-1 + 2 + sizeof("-slash-prefix")];
170 char *e;
171
172 r = sd_bus_message_peek_type(m, &type, NULL);
173 if (r < 0)
174 return r;
175
176 if (type != SD_BUS_TYPE_STRING &&
177 type != SD_BUS_TYPE_OBJECT_PATH &&
178 type != SD_BUS_TYPE_SIGNATURE)
179 break;
180
181 r = sd_bus_message_read_basic(m, type, &t);
182 if (r < 0)
183 return r;
184
185 e = stpcpy(buf, "arg");
186 if (i < 10)
187 *(e++) = '0' + (char) i;
188 else {
189 *(e++) = '0' + (char) (i / 10);
190 *(e++) = '0' + (char) (i % 10);
191 }
192
193 *e = 0;
194 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, buf, t);
195
196 strcpy(e, "-dot-prefix");
197 bloom_add_prefixes(data, m->bus->bloom_size, m->bus->bloom_n_hash, buf, t, '.');
198 strcpy(e, "-slash-prefix");
199 bloom_add_prefixes(data, m->bus->bloom_size, m->bus->bloom_n_hash, buf, t, '/');
200 }
201
202 return 0;
203 }
204
205 static int bus_message_setup_kmsg(sd_bus *b, sd_bus_message *m) {
206 struct bus_body_part *part;
207 struct kdbus_item *d;
208 const char *destination;
209 bool well_known;
210 uint64_t unique;
211 size_t sz, dl;
212 unsigned i;
213 int r;
214
215 assert(b);
216 assert(m);
217 assert(m->sealed);
218
219 /* We put this together only once, if this message is reused
220 * we reuse the earlier-built version */
221 if (m->kdbus)
222 return 0;
223
224 destination = m->destination ?: m->destination_ptr;
225
226 if (destination) {
227 r = bus_kernel_parse_unique_name(destination, &unique);
228 if (r < 0)
229 return r;
230
231 well_known = r == 0;
232 } else
233 well_known = false;
234
235 sz = offsetof(struct kdbus_msg, items);
236
237 assert_cc(ALIGN8(offsetof(struct kdbus_item, vec) + sizeof(struct kdbus_vec)) ==
238 ALIGN8(offsetof(struct kdbus_item, memfd) + sizeof(struct kdbus_memfd)));
239
240 /* Add in fixed header, fields header and payload */
241 sz += (1 + m->n_body_parts) *
242 ALIGN8(offsetof(struct kdbus_item, vec) + sizeof(struct kdbus_vec));
243
244 /* Add space for bloom filter */
245 sz += ALIGN8(offsetof(struct kdbus_item, bloom_filter) +
246 offsetof(struct kdbus_bloom_filter, data) +
247 m->bus->bloom_size);
248
249 /* Add in well-known destination header */
250 if (well_known) {
251 dl = strlen(destination);
252 sz += ALIGN8(offsetof(struct kdbus_item, str) + dl + 1);
253 }
254
255 /* Add space for unix fds */
256 if (m->n_fds > 0)
257 sz += ALIGN8(offsetof(struct kdbus_item, fds) + sizeof(int)*m->n_fds);
258
259 m->kdbus = memalign(8, sz);
260 if (!m->kdbus) {
261 r = -ENOMEM;
262 goto fail;
263 }
264
265 m->free_kdbus = true;
266 memzero(m->kdbus, sz);
267
268 m->kdbus->flags =
269 ((m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) ? 0 : KDBUS_MSG_FLAGS_EXPECT_REPLY) |
270 ((m->header->flags & BUS_MESSAGE_NO_AUTO_START) ? KDBUS_MSG_FLAGS_NO_AUTO_START : 0);
271
272 if (well_known)
273 /* verify_destination_id will usually be 0, which makes the kernel driver only look
274 * at the provided well-known name. Otherwise, the kernel will make sure the provided
275 * destination id matches the owner of the provided weel-known-name, and fail if they
276 * differ. Currently, this is only needed for bus-proxyd. */
277 m->kdbus->dst_id = m->verify_destination_id;
278 else
279 m->kdbus->dst_id = destination ? unique : KDBUS_DST_ID_BROADCAST;
280
281 m->kdbus->payload_type = KDBUS_PAYLOAD_DBUS;
282 m->kdbus->cookie = (uint64_t) m->header->serial;
283 m->kdbus->priority = m->priority;
284
285 if (m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
286 m->kdbus->cookie_reply = m->reply_cookie;
287 else {
288 struct timespec now;
289
290 assert_se(clock_gettime(CLOCK_MONOTONIC_COARSE, &now) == 0);
291 m->kdbus->timeout_ns = now.tv_sec * NSEC_PER_SEC + now.tv_nsec +
292 m->timeout * NSEC_PER_USEC;
293 }
294
295 d = m->kdbus->items;
296
297 if (well_known)
298 append_destination(&d, destination, dl);
299
300 append_payload_vec(&d, m->header, BUS_MESSAGE_BODY_BEGIN(m));
301
302 MESSAGE_FOREACH_PART(part, i, m) {
303 if (part->is_zero) {
304 /* If this is padding then simply send a
305 * vector with a NULL data pointer which the
306 * kernel will just pass through. This is the
307 * most efficient way to encode zeroes */
308
309 append_payload_vec(&d, NULL, part->size);
310 continue;
311 }
312
313 if (part->memfd >= 0 && part->sealed && destination) {
314 /* Try to send a memfd, if the part is
315 * sealed and this is not a broadcast. Since we can only */
316
317 append_payload_memfd(&d, part->memfd, part->size);
318 continue;
319 }
320
321 /* Otherwise, let's send a vector to the actual data.
322 * For that, we need to map it first. */
323 r = bus_body_part_map(part);
324 if (r < 0)
325 goto fail;
326
327 append_payload_vec(&d, part->data, part->size);
328 }
329
330 if (m->kdbus->dst_id == KDBUS_DST_ID_BROADCAST) {
331 struct kdbus_bloom_filter *bloom;
332
333 bloom = append_bloom(&d, m->bus->bloom_size);
334 r = bus_message_setup_bloom(m, bloom);
335 if (r < 0)
336 goto fail;
337 }
338
339 if (m->n_fds > 0)
340 append_fds(&d, m->fds, m->n_fds);
341
342 m->kdbus->size = (uint8_t*) d - (uint8_t*) m->kdbus;
343 assert(m->kdbus->size <= sz);
344
345 return 0;
346
347 fail:
348 m->poisoned = true;
349 return r;
350 }
351
352 static void bus_message_set_sender_driver(sd_bus *bus, sd_bus_message *m) {
353 assert(bus);
354 assert(m);
355
356 m->sender = m->creds.unique_name = (char*) "org.freedesktop.DBus";
357 m->creds.well_known_names_driver = true;
358 m->creds.mask |= (SD_BUS_CREDS_UNIQUE_NAME|SD_BUS_CREDS_WELL_KNOWN_NAMES) & bus->creds_mask;
359 }
360
361 static void unset_memfds(struct sd_bus_message *m) {
362 struct bus_body_part *part;
363 unsigned i;
364
365 assert(m);
366
367 /* Make sure the memfds are not freed twice */
368 MESSAGE_FOREACH_PART(part, i, m)
369 if (part->memfd >= 0)
370 part->memfd = -1;
371 }
372
373 static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) {
374 sd_bus_message *m = NULL;
375 struct kdbus_item *d;
376 unsigned n_fds = 0;
377 _cleanup_free_ int *fds = NULL;
378 struct bus_header *h = NULL;
379 size_t total, n_bytes = 0, idx = 0;
380 const char *destination = NULL, *seclabel = NULL;
381 int r;
382
383 assert(bus);
384 assert(k);
385 assert(k->payload_type == KDBUS_PAYLOAD_DBUS);
386
387 KDBUS_ITEM_FOREACH(d, k, items) {
388 size_t l;
389
390 l = d->size - offsetof(struct kdbus_item, data);
391
392 switch (d->type) {
393
394 case KDBUS_ITEM_PAYLOAD_OFF:
395 if (!h) {
396 h = (struct bus_header *)((uint8_t *)k + d->vec.offset);
397
398 if (!bus_header_is_complete(h, d->vec.size))
399 return -EBADMSG;
400 }
401
402 n_bytes += d->vec.size;
403 break;
404
405 case KDBUS_ITEM_PAYLOAD_MEMFD:
406 if (!h)
407 return -EBADMSG;
408
409 n_bytes += d->memfd.size;
410 break;
411
412 case KDBUS_ITEM_FDS: {
413 int *f;
414 unsigned j;
415
416 j = l / sizeof(int);
417 f = realloc(fds, sizeof(int) * (n_fds + j));
418 if (!f)
419 return -ENOMEM;
420
421 fds = f;
422 memcpy(fds + n_fds, d->fds, sizeof(int) * j);
423 n_fds += j;
424 break;
425 }
426
427 case KDBUS_ITEM_SECLABEL:
428 seclabel = d->str;
429 break;
430 }
431 }
432
433 if (!h)
434 return -EBADMSG;
435
436 r = bus_header_message_size(h, &total);
437 if (r < 0)
438 return r;
439
440 if (n_bytes != total)
441 return -EBADMSG;
442
443 /* on kdbus we only speak native endian gvariant, never dbus1
444 * marshalling or reverse endian */
445 if (h->version != 2 ||
446 h->endian != BUS_NATIVE_ENDIAN)
447 return -EPROTOTYPE;
448
449 r = bus_message_from_header(bus, h, sizeof(struct bus_header), fds, n_fds, NULL, seclabel, 0, &m);
450 if (r < 0)
451 return r;
452
453 /* The well-known names list is different from the other
454 credentials. If we asked for it, but nothing is there, this
455 means that the list of well-known names is simply empty, not
456 that we lack any data */
457
458 m->creds.mask |= (SD_BUS_CREDS_UNIQUE_NAME|SD_BUS_CREDS_WELL_KNOWN_NAMES) & bus->creds_mask;
459
460 KDBUS_ITEM_FOREACH(d, k, items) {
461 size_t l;
462
463 l = d->size - offsetof(struct kdbus_item, data);
464
465 switch (d->type) {
466
467 case KDBUS_ITEM_PAYLOAD_OFF: {
468 size_t begin_body;
469
470 begin_body = BUS_MESSAGE_BODY_BEGIN(m);
471
472 if (idx + d->vec.size > begin_body) {
473 struct bus_body_part *part;
474
475 /* Contains body material */
476
477 part = message_append_part(m);
478 if (!part) {
479 r = -ENOMEM;
480 goto fail;
481 }
482
483 /* A -1 offset is NUL padding. */
484 part->is_zero = d->vec.offset == ~0ULL;
485
486 if (idx >= begin_body) {
487 if (!part->is_zero)
488 part->data = (uint8_t *)k + d->vec.offset;
489 part->size = d->vec.size;
490 } else {
491 if (!part->is_zero)
492 part->data = (uint8_t *)k + d->vec.offset + (begin_body - idx);
493 part->size = d->vec.size - (begin_body - idx);
494 }
495
496 part->sealed = true;
497 }
498
499 idx += d->vec.size;
500 break;
501 }
502
503 case KDBUS_ITEM_PAYLOAD_MEMFD: {
504 struct bus_body_part *part;
505
506 if (idx < BUS_MESSAGE_BODY_BEGIN(m)) {
507 r = -EBADMSG;
508 goto fail;
509 }
510
511 part = message_append_part(m);
512 if (!part) {
513 r = -ENOMEM;
514 goto fail;
515 }
516
517 part->memfd = d->memfd.fd;
518 part->size = d->memfd.size;
519 part->sealed = true;
520
521 idx += d->memfd.size;
522 break;
523 }
524
525 case KDBUS_ITEM_PIDS:
526
527 /* The PID starttime/TID might be missing,
528 * when the data is faked by some data bus
529 * proxy and it lacks that information about
530 * the real client since SO_PEERCRED is used
531 * for that. */
532
533 if (d->pids.pid > 0) {
534 m->creds.pid = (pid_t) d->pids.pid;
535 m->creds.mask |= SD_BUS_CREDS_PID & bus->creds_mask;
536 }
537
538 if (d->pids.starttime > 0) {
539 m->creds.pid_starttime = d->pids.starttime / NSEC_PER_USEC;
540 m->creds.mask |= SD_BUS_CREDS_PID_STARTTIME & bus->creds_mask;
541 }
542
543 if (d->pids.tid > 0) {
544 m->creds.tid = (pid_t) d->pids.tid;
545 m->creds.mask |= SD_BUS_CREDS_TID & bus->creds_mask;
546 }
547
548 break;
549
550 case KDBUS_ITEM_CREDS:
551
552 /* EUID/SUID/FSUID/EGID/SGID/FSGID might be missing too (see above). */
553
554 if ((uid_t) d->creds.uid != (uid_t) -1) {
555 m->creds.uid = (uid_t) d->creds.uid;
556 m->creds.mask |= SD_BUS_CREDS_UID & bus->creds_mask;
557 }
558
559 if ((uid_t) d->creds.euid != (uid_t) -1) {
560 m->creds.euid = (uid_t) d->creds.euid;
561 m->creds.mask |= SD_BUS_CREDS_EUID & bus->creds_mask;
562 }
563
564 if ((uid_t) d->creds.suid != (uid_t) -1) {
565 m->creds.suid = (uid_t) d->creds.suid;
566 m->creds.mask |= SD_BUS_CREDS_SUID & bus->creds_mask;
567 }
568
569 if ((uid_t) d->creds.fsuid != (uid_t) -1) {
570 m->creds.fsuid = (uid_t) d->creds.fsuid;
571 m->creds.mask |= SD_BUS_CREDS_FSUID & bus->creds_mask;
572 }
573
574 if ((gid_t) d->creds.gid != (gid_t) -1) {
575 m->creds.gid = (gid_t) d->creds.gid;
576 m->creds.mask |= SD_BUS_CREDS_GID & bus->creds_mask;
577 }
578
579 if ((gid_t) d->creds.egid != (gid_t) -1) {
580 m->creds.egid = (gid_t) d->creds.egid;
581 m->creds.mask |= SD_BUS_CREDS_EGID & bus->creds_mask;
582 }
583
584 if ((gid_t) d->creds.sgid != (gid_t) -1) {
585 m->creds.sgid = (gid_t) d->creds.sgid;
586 m->creds.mask |= SD_BUS_CREDS_SGID & bus->creds_mask;
587 }
588
589 if ((gid_t) d->creds.fsgid != (gid_t) -1) {
590 m->creds.fsgid = (gid_t) d->creds.fsgid;
591 m->creds.mask |= SD_BUS_CREDS_FSGID & bus->creds_mask;
592 }
593
594 break;
595
596 case KDBUS_ITEM_TIMESTAMP:
597
598 if (bus->attach_flags & KDBUS_ATTACH_TIMESTAMP) {
599 m->realtime = d->timestamp.realtime_ns / NSEC_PER_USEC;
600 m->monotonic = d->timestamp.monotonic_ns / NSEC_PER_USEC;
601 m->seqnum = d->timestamp.seqnum;
602 }
603
604 break;
605
606 case KDBUS_ITEM_PID_COMM:
607 m->creds.comm = d->str;
608 m->creds.mask |= SD_BUS_CREDS_COMM & bus->creds_mask;
609 break;
610
611 case KDBUS_ITEM_TID_COMM:
612 m->creds.tid_comm = d->str;
613 m->creds.mask |= SD_BUS_CREDS_TID_COMM & bus->creds_mask;
614 break;
615
616 case KDBUS_ITEM_EXE:
617 m->creds.exe = d->str;
618 m->creds.mask |= SD_BUS_CREDS_EXE & bus->creds_mask;
619 break;
620
621 case KDBUS_ITEM_CMDLINE:
622 m->creds.cmdline = d->str;
623 m->creds.cmdline_size = l;
624 m->creds.mask |= SD_BUS_CREDS_CMDLINE & bus->creds_mask;
625 break;
626
627 case KDBUS_ITEM_CGROUP:
628 m->creds.cgroup = d->str;
629 m->creds.mask |= (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID) & bus->creds_mask;
630
631 r = bus_get_root_path(bus);
632 if (r < 0)
633 goto fail;
634
635 m->creds.cgroup_root = bus->cgroup_root;
636
637 break;
638
639 case KDBUS_ITEM_AUDIT:
640 if ((uint32_t) d->audit.sessionid != (uint32_t) -1) {
641 m->creds.audit_session_id = (uint32_t) d->audit.sessionid;
642 m->creds.mask |= SD_BUS_CREDS_AUDIT_SESSION_ID & bus->creds_mask;
643 }
644
645 if ((uid_t) d->audit.loginuid != (uid_t) -1) {
646 m->creds.audit_login_uid = (uid_t) d->audit.loginuid;
647 m->creds.mask |= SD_BUS_CREDS_AUDIT_LOGIN_UID & bus->creds_mask;
648 }
649 break;
650
651 case KDBUS_ITEM_CAPS:
652 m->creds.capability = (uint8_t *) d->caps.caps;
653 m->creds.capability_size = d->size - offsetof(struct kdbus_item, caps.caps);
654 m->creds.mask |= (SD_BUS_CREDS_EFFECTIVE_CAPS|SD_BUS_CREDS_PERMITTED_CAPS|SD_BUS_CREDS_INHERITABLE_CAPS|SD_BUS_CREDS_BOUNDING_CAPS) & bus->creds_mask;
655 break;
656
657 case KDBUS_ITEM_DST_NAME:
658 if (!service_name_is_valid(d->str)) {
659 r = -EBADMSG;
660 goto fail;
661 }
662
663 destination = d->str;
664 break;
665
666 case KDBUS_ITEM_OWNED_NAME:
667 if (!service_name_is_valid(d->name.name)) {
668 r = -EBADMSG;
669 goto fail;
670 }
671
672 if (bus->creds_mask & SD_BUS_CREDS_WELL_KNOWN_NAMES) {
673 char **wkn;
674 size_t n;
675
676 /* We just extend the array here, but
677 * do not allocate the strings inside
678 * of it, instead we just point to our
679 * buffer directly. */
680 n = strv_length(m->creds.well_known_names);
681 wkn = realloc(m->creds.well_known_names, (n + 2) * sizeof(char*));
682 if (!wkn) {
683 r = -ENOMEM;
684 goto fail;
685 }
686
687 wkn[n] = d->name.name;
688 wkn[n+1] = NULL;
689 m->creds.well_known_names = wkn;
690
691 m->creds.mask |= SD_BUS_CREDS_WELL_KNOWN_NAMES;
692 }
693 break;
694
695 case KDBUS_ITEM_CONN_DESCRIPTION:
696 m->creds.description = d->str;
697 m->creds.mask |= SD_BUS_CREDS_DESCRIPTION & bus->creds_mask;
698 break;
699
700 case KDBUS_ITEM_AUXGROUPS:
701
702 if (bus->creds_mask & SD_BUS_CREDS_SUPPLEMENTARY_GIDS) {
703 assert_cc(sizeof(gid_t) == sizeof(uint32_t));
704
705 m->creds.n_supplementary_gids = (d->size - offsetof(struct kdbus_item, data32)) / sizeof(uint32_t);
706 m->creds.supplementary_gids = (gid_t*) d->data32;
707 m->creds.mask |= SD_BUS_CREDS_SUPPLEMENTARY_GIDS;
708 }
709
710 break;
711
712 case KDBUS_ITEM_FDS:
713 case KDBUS_ITEM_SECLABEL:
714 break;
715
716 default:
717 log_debug("Got unknown field from kernel %llu", d->type);
718 }
719 }
720
721 /* If we requested the list of well-known names to be appended
722 * and the sender had none no item for it will be
723 * attached. However, this does *not* mean that we the kernel
724 * didn't want to provide this information to us. Hence, let's
725 * explicitly mark this information as available if it was
726 * requested. */
727 m->creds.mask |= bus->creds_mask & SD_BUS_CREDS_WELL_KNOWN_NAMES;
728
729 r = bus_message_parse_fields(m);
730 if (r < 0)
731 goto fail;
732
733 /* Refuse messages if kdbus and dbus1 cookie doesn't match up */
734 if ((uint64_t) m->header->serial != k->cookie) {
735 r = -EBADMSG;
736 goto fail;
737 }
738
739 /* Refuse messages where the reply flag doesn't match up */
740 if (!(m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) != !!(k->flags & KDBUS_MSG_FLAGS_EXPECT_REPLY)) {
741 r = -EBADMSG;
742 goto fail;
743 }
744
745 /* Refuse reply messages where the reply cookie doesn't match up */
746 if ((m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) && m->reply_cookie != k->cookie_reply) {
747 r = -EBADMSG;
748 goto fail;
749 }
750
751 /* Refuse messages where the autostart flag doesn't match up */
752 if (!(m->header->flags & BUS_MESSAGE_NO_AUTO_START) != !(k->flags & KDBUS_MSG_FLAGS_NO_AUTO_START)) {
753 r = -EBADMSG;
754 goto fail;
755 }
756
757 /* Override information from the user header with data from the kernel */
758 if (k->src_id == KDBUS_SRC_ID_KERNEL)
759 bus_message_set_sender_driver(bus, m);
760 else {
761 snprintf(m->sender_buffer, sizeof(m->sender_buffer), ":1.%llu", (unsigned long long) k->src_id);
762 m->sender = m->creds.unique_name = m->sender_buffer;
763 }
764
765 if (destination)
766 m->destination = destination;
767 else if (k->dst_id == KDBUS_DST_ID_BROADCAST)
768 m->destination = NULL;
769 else if (k->dst_id == KDBUS_DST_ID_NAME)
770 m->destination = bus->unique_name; /* fill in unique name if the well-known name is missing */
771 else {
772 snprintf(m->destination_buffer, sizeof(m->destination_buffer), ":1.%llu", (unsigned long long) k->dst_id);
773 m->destination = m->destination_buffer;
774 }
775
776 /* We take possession of the kmsg struct now */
777 m->kdbus = k;
778 m->release_kdbus = true;
779 m->free_fds = true;
780 fds = NULL;
781
782 bus->rqueue[bus->rqueue_size++] = m;
783
784 return 1;
785
786 fail:
787 unset_memfds(m);
788 sd_bus_message_unref(m);
789
790 return r;
791 }
792
793 int bus_kernel_take_fd(sd_bus *b) {
794 struct kdbus_cmd_hello *hello;
795 struct kdbus_item *item;
796 _cleanup_free_ char *g = NULL;
797 const char *name;
798 size_t l = 0, m = 0, sz;
799 int r;
800
801 assert(b);
802
803 if (b->is_server)
804 return -EINVAL;
805
806 b->use_memfd = 1;
807
808 if (b->description) {
809 g = bus_label_escape(b->description);
810 if (!g)
811 return -ENOMEM;
812
813 name = g;
814 } else {
815 char pr[17] = {};
816
817 /* If no name is explicitly set, we'll include a hint
818 * indicating the library implementation, a hint which
819 * kind of bus this is and the thread name */
820
821 assert_se(prctl(PR_GET_NAME, (unsigned long) pr) >= 0);
822
823 if (isempty(pr)) {
824 name = b->is_system ? "sd-system" :
825 b->is_user ? "sd-user" : "sd";
826 } else {
827 _cleanup_free_ char *e = NULL;
828
829 e = bus_label_escape(pr);
830 if (!e)
831 return -ENOMEM;
832
833 g = strappend(b->is_system ? "sd-system-" :
834 b->is_user ? "sd-user-" : "sd-",
835 e);
836 if (!g)
837 return -ENOMEM;
838
839 name = g;
840 }
841
842 b->description = bus_label_unescape(name);
843 if (!b->description)
844 return -ENOMEM;
845 }
846
847 m = strlen(name);
848
849 sz = ALIGN8(offsetof(struct kdbus_cmd_hello, items)) +
850 ALIGN8(offsetof(struct kdbus_item, str) + m + 1);
851
852 if (b->fake_creds_valid)
853 sz += ALIGN8(offsetof(struct kdbus_item, creds) + sizeof(struct kdbus_creds));
854
855 if (b->fake_pids_valid)
856 sz += ALIGN8(offsetof(struct kdbus_item, pids) + sizeof(struct kdbus_pids));
857
858 if (b->fake_label) {
859 l = strlen(b->fake_label);
860 sz += ALIGN8(offsetof(struct kdbus_item, str) + l + 1);
861 }
862
863 hello = alloca0_align(sz, 8);
864 hello->size = sz;
865 hello->flags = b->hello_flags;
866 hello->attach_flags_send = _KDBUS_ATTACH_ANY;
867 hello->attach_flags_recv = b->attach_flags;
868 hello->pool_size = KDBUS_POOL_SIZE;
869
870 item = hello->items;
871
872 item->size = offsetof(struct kdbus_item, str) + m + 1;
873 item->type = KDBUS_ITEM_CONN_DESCRIPTION;
874 memcpy(item->str, name, m + 1);
875 item = KDBUS_ITEM_NEXT(item);
876
877 if (b->fake_creds_valid) {
878 item->size = offsetof(struct kdbus_item, creds) + sizeof(struct kdbus_creds);
879 item->type = KDBUS_ITEM_CREDS;
880 item->creds = b->fake_creds;
881
882 item = KDBUS_ITEM_NEXT(item);
883 }
884
885 if (b->fake_pids_valid) {
886 item->size = offsetof(struct kdbus_item, pids) + sizeof(struct kdbus_pids);
887 item->type = KDBUS_ITEM_PIDS;
888 item->pids = b->fake_pids;
889
890 item = KDBUS_ITEM_NEXT(item);
891 }
892
893 if (b->fake_label) {
894 item->size = offsetof(struct kdbus_item, str) + l + 1;
895 item->type = KDBUS_ITEM_SECLABEL;
896 memcpy(item->str, b->fake_label, l+1);
897 }
898
899 r = ioctl(b->input_fd, KDBUS_CMD_HELLO, hello);
900 if (r < 0)
901 return -errno;
902
903 if (!b->kdbus_buffer) {
904 b->kdbus_buffer = mmap(NULL, KDBUS_POOL_SIZE, PROT_READ, MAP_SHARED, b->input_fd, 0);
905 if (b->kdbus_buffer == MAP_FAILED) {
906 b->kdbus_buffer = NULL;
907 return -errno;
908 }
909 }
910
911 /* The higher 32bit of the bus_flags fields are considered
912 * 'incompatible flags'. Refuse them all for now. */
913 if (hello->bus_flags > 0xFFFFFFFFULL)
914 return -ENOTSUP;
915
916 if (!bloom_validate_parameters((size_t) hello->bloom.size, (unsigned) hello->bloom.n_hash))
917 return -ENOTSUP;
918
919 b->bloom_size = (size_t) hello->bloom.size;
920 b->bloom_n_hash = (unsigned) hello->bloom.n_hash;
921
922 if (asprintf(&b->unique_name, ":1.%llu", (unsigned long long) hello->id) < 0)
923 return -ENOMEM;
924
925 b->unique_id = hello->id;
926
927 b->is_kernel = true;
928 b->bus_client = true;
929 b->can_fds = !!(hello->flags & KDBUS_HELLO_ACCEPT_FD);
930 b->message_version = 2;
931 b->message_endian = BUS_NATIVE_ENDIAN;
932
933 /* the kernel told us the UUID of the underlying bus */
934 memcpy(b->server_id.bytes, hello->id128, sizeof(b->server_id.bytes));
935
936 return bus_start_running(b);
937 }
938
939 int bus_kernel_connect(sd_bus *b) {
940 assert(b);
941 assert(b->input_fd < 0);
942 assert(b->output_fd < 0);
943 assert(b->kernel);
944
945 if (b->is_server)
946 return -EINVAL;
947
948 b->input_fd = open(b->kernel, O_RDWR|O_NOCTTY|O_CLOEXEC);
949 if (b->input_fd < 0)
950 return -errno;
951
952 b->output_fd = b->input_fd;
953
954 return bus_kernel_take_fd(b);
955 }
956
957 int bus_kernel_cmd_free(sd_bus *bus, uint64_t offset) {
958 struct kdbus_cmd_free cmd = {
959 .flags = 0,
960 .offset = offset,
961 };
962 int r;
963
964 assert(bus);
965 assert(bus->is_kernel);
966
967 r = ioctl(bus->input_fd, KDBUS_CMD_FREE, &cmd);
968 if (r < 0)
969 return -errno;
970
971 return 0;
972 }
973
974 static void close_kdbus_msg(sd_bus *bus, struct kdbus_msg *k) {
975 struct kdbus_item *d;
976
977 assert(bus);
978 assert(k);
979
980 KDBUS_ITEM_FOREACH(d, k, items) {
981 if (d->type == KDBUS_ITEM_FDS)
982 close_many(d->fds, (d->size - offsetof(struct kdbus_item, fds)) / sizeof(int));
983 else if (d->type == KDBUS_ITEM_PAYLOAD_MEMFD)
984 safe_close(d->memfd.fd);
985 }
986
987 bus_kernel_cmd_free(bus, (uint8_t*) k - (uint8_t*) bus->kdbus_buffer);
988 }
989
990 int bus_kernel_write_message(sd_bus *bus, sd_bus_message *m, bool hint_sync_call) {
991 int r;
992
993 assert(bus);
994 assert(m);
995 assert(bus->state == BUS_RUNNING);
996
997 /* If we can't deliver, we want room for the error message */
998 r = bus_rqueue_make_room(bus);
999 if (r < 0)
1000 return r;
1001
1002 r = bus_message_setup_kmsg(bus, m);
1003 if (r < 0)
1004 return r;
1005
1006 /* If this is a synchronous method call, then let's tell the
1007 * kernel, so that it can pass CPU time/scheduling to the
1008 * destination for the time, if it wants to. If we
1009 * synchronously wait for the result anyway, we won't need CPU
1010 * anyway. */
1011 if (hint_sync_call)
1012 m->kdbus->flags |= KDBUS_MSG_FLAGS_EXPECT_REPLY|KDBUS_MSG_FLAGS_SYNC_REPLY;
1013
1014 r = ioctl(bus->output_fd, KDBUS_CMD_MSG_SEND, m->kdbus);
1015 if (r < 0) {
1016 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1017 sd_bus_message *reply;
1018
1019 if (errno == EAGAIN || errno == EINTR)
1020 return 0;
1021 else if (errno == ENXIO || errno == ESRCH) {
1022
1023 /* ENXIO: unique name not known
1024 * ESRCH: well-known name not known */
1025
1026 if (m->header->type == SD_BUS_MESSAGE_METHOD_CALL)
1027 sd_bus_error_setf(&error, SD_BUS_ERROR_SERVICE_UNKNOWN, "Destination %s not known", m->destination);
1028 else {
1029 log_debug("Could not deliver message to %s as destination is not known. Ignoring.", m->destination);
1030 return 0;
1031 }
1032
1033 } else if (errno == EADDRNOTAVAIL) {
1034
1035 /* EADDRNOTAVAIL: activation is possible, but turned off in request flags */
1036
1037 if (m->header->type == SD_BUS_MESSAGE_METHOD_CALL)
1038 sd_bus_error_setf(&error, SD_BUS_ERROR_SERVICE_UNKNOWN, "Activation of %s not requested", m->destination);
1039 else {
1040 log_debug("Could not deliver message to %s as destination is not activated. Ignoring.", m->destination);
1041 return 0;
1042 }
1043 } else
1044 return -errno;
1045
1046 r = bus_message_new_synthetic_error(
1047 bus,
1048 BUS_MESSAGE_COOKIE(m),
1049 &error,
1050 &reply);
1051
1052 if (r < 0)
1053 return r;
1054
1055 r = bus_seal_synthetic_message(bus, reply);
1056 if (r < 0)
1057 return r;
1058
1059 bus->rqueue[bus->rqueue_size++] = reply;
1060
1061 } else if (hint_sync_call) {
1062 struct kdbus_msg *k;
1063
1064 k = (struct kdbus_msg *)((uint8_t *)bus->kdbus_buffer + m->kdbus->offset_reply);
1065 assert(k);
1066
1067 if (k->payload_type == KDBUS_PAYLOAD_DBUS) {
1068
1069 r = bus_kernel_make_message(bus, k);
1070 if (r < 0) {
1071 close_kdbus_msg(bus, k);
1072
1073 /* Anybody can send us invalid messages, let's just drop them. */
1074 if (r == -EBADMSG || r == -EPROTOTYPE)
1075 log_debug_errno(r, "Ignoring invalid message: %m");
1076 else
1077 return r;
1078 }
1079 } else {
1080 log_debug("Ignoring message with unknown payload type %llu.", (unsigned long long) k->payload_type);
1081 close_kdbus_msg(bus, k);
1082 }
1083 }
1084
1085 return 1;
1086 }
1087
1088 static int push_name_owner_changed(sd_bus *bus, const char *name, const char *old_owner, const char *new_owner) {
1089 _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
1090 int r;
1091
1092 assert(bus);
1093
1094 r = sd_bus_message_new_signal(
1095 bus,
1096 &m,
1097 "/org/freedesktop/DBus",
1098 "org.freedesktop.DBus",
1099 "NameOwnerChanged");
1100 if (r < 0)
1101 return r;
1102
1103 r = sd_bus_message_append(m, "sss", name, old_owner, new_owner);
1104 if (r < 0)
1105 return r;
1106
1107 bus_message_set_sender_driver(bus, m);
1108
1109 r = bus_seal_synthetic_message(bus, m);
1110 if (r < 0)
1111 return r;
1112
1113 bus->rqueue[bus->rqueue_size++] = m;
1114 m = NULL;
1115
1116 return 1;
1117 }
1118
1119 static int translate_name_change(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) {
1120 char new_owner[UNIQUE_NAME_MAX], old_owner[UNIQUE_NAME_MAX];
1121
1122 assert(bus);
1123 assert(k);
1124 assert(d);
1125
1126 if (d->type == KDBUS_ITEM_NAME_ADD || (d->name_change.old_id.flags & (KDBUS_NAME_IN_QUEUE|KDBUS_NAME_ACTIVATOR)))
1127 old_owner[0] = 0;
1128 else
1129 sprintf(old_owner, ":1.%llu", (unsigned long long) d->name_change.old_id.id);
1130
1131 if (d->type == KDBUS_ITEM_NAME_REMOVE || (d->name_change.new_id.flags & (KDBUS_NAME_IN_QUEUE|KDBUS_NAME_ACTIVATOR))) {
1132
1133 if (isempty(old_owner))
1134 return 0;
1135
1136 new_owner[0] = 0;
1137 } else
1138 sprintf(new_owner, ":1.%llu", (unsigned long long) d->name_change.new_id.id);
1139
1140 return push_name_owner_changed(bus, d->name_change.name, old_owner, new_owner);
1141 }
1142
1143 static int translate_id_change(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) {
1144 char owner[UNIQUE_NAME_MAX];
1145
1146 assert(bus);
1147 assert(k);
1148 assert(d);
1149
1150 sprintf(owner, ":1.%llu", d->id_change.id);
1151
1152 return push_name_owner_changed(
1153 bus, owner,
1154 d->type == KDBUS_ITEM_ID_ADD ? NULL : owner,
1155 d->type == KDBUS_ITEM_ID_ADD ? owner : NULL);
1156 }
1157
1158 static int translate_reply(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) {
1159 _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
1160 int r;
1161
1162 assert(bus);
1163 assert(k);
1164 assert(d);
1165
1166 r = bus_message_new_synthetic_error(
1167 bus,
1168 k->cookie_reply,
1169 d->type == KDBUS_ITEM_REPLY_TIMEOUT ?
1170 &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_NO_REPLY, "Method call timed out") :
1171 &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_NO_REPLY, "Method call peer died"),
1172 &m);
1173 if (r < 0)
1174 return r;
1175
1176 bus_message_set_sender_driver(bus, m);
1177
1178 r = bus_seal_synthetic_message(bus, m);
1179 if (r < 0)
1180 return r;
1181
1182 bus->rqueue[bus->rqueue_size++] = m;
1183 m = NULL;
1184
1185 return 1;
1186 }
1187
1188 static int bus_kernel_translate_message(sd_bus *bus, struct kdbus_msg *k) {
1189 struct kdbus_item *d, *found = NULL;
1190
1191 static int (* const translate[])(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) = {
1192 [KDBUS_ITEM_NAME_ADD - _KDBUS_ITEM_KERNEL_BASE] = translate_name_change,
1193 [KDBUS_ITEM_NAME_REMOVE - _KDBUS_ITEM_KERNEL_BASE] = translate_name_change,
1194 [KDBUS_ITEM_NAME_CHANGE - _KDBUS_ITEM_KERNEL_BASE] = translate_name_change,
1195
1196 [KDBUS_ITEM_ID_ADD - _KDBUS_ITEM_KERNEL_BASE] = translate_id_change,
1197 [KDBUS_ITEM_ID_REMOVE - _KDBUS_ITEM_KERNEL_BASE] = translate_id_change,
1198
1199 [KDBUS_ITEM_REPLY_TIMEOUT - _KDBUS_ITEM_KERNEL_BASE] = translate_reply,
1200 [KDBUS_ITEM_REPLY_DEAD - _KDBUS_ITEM_KERNEL_BASE] = translate_reply,
1201 };
1202
1203 assert(bus);
1204 assert(k);
1205 assert(k->payload_type == KDBUS_PAYLOAD_KERNEL);
1206
1207 KDBUS_ITEM_FOREACH(d, k, items) {
1208 if (d->type >= _KDBUS_ITEM_KERNEL_BASE && d->type < _KDBUS_ITEM_KERNEL_BASE + ELEMENTSOF(translate)) {
1209 if (found)
1210 return -EBADMSG;
1211 found = d;
1212 } else
1213 log_debug("Got unknown field from kernel %llu", d->type);
1214 }
1215
1216 if (!found) {
1217 log_debug("Didn't find a kernel message to translate.");
1218 return 0;
1219 }
1220
1221 return translate[found->type - _KDBUS_ITEM_KERNEL_BASE](bus, k, found);
1222 }
1223
1224 int bus_kernel_read_message(sd_bus *bus, bool hint_priority, int64_t priority) {
1225 struct kdbus_cmd_recv recv = {};
1226 struct kdbus_msg *k;
1227 int r;
1228
1229 assert(bus);
1230
1231 r = bus_rqueue_make_room(bus);
1232 if (r < 0)
1233 return r;
1234
1235 if (hint_priority) {
1236 recv.flags |= KDBUS_RECV_USE_PRIORITY;
1237 recv.priority = priority;
1238 }
1239
1240 r = ioctl(bus->input_fd, KDBUS_CMD_MSG_RECV, &recv);
1241 if (r < 0) {
1242 if (errno == EAGAIN)
1243 return 0;
1244
1245 if (errno == EOVERFLOW) {
1246 log_debug("%s: kdbus reports %" PRIu64 " dropped broadcast messages, ignoring.", strna(bus->description), (uint64_t) recv.dropped_msgs);
1247 return 0;
1248 }
1249
1250 return -errno;
1251 }
1252
1253 k = (struct kdbus_msg *)((uint8_t *)bus->kdbus_buffer + recv.offset);
1254 if (k->payload_type == KDBUS_PAYLOAD_DBUS) {
1255 r = bus_kernel_make_message(bus, k);
1256
1257 /* Anybody can send us invalid messages, let's just drop them. */
1258 if (r == -EBADMSG || r == -EPROTOTYPE) {
1259 log_debug_errno(r, "Ignoring invalid message: %m");
1260 r = 0;
1261 }
1262
1263 } else if (k->payload_type == KDBUS_PAYLOAD_KERNEL)
1264 r = bus_kernel_translate_message(bus, k);
1265 else {
1266 log_debug("Ignoring message with unknown payload type %llu.", (unsigned long long) k->payload_type);
1267 r = 0;
1268 }
1269
1270 if (r <= 0)
1271 close_kdbus_msg(bus, k);
1272
1273 return r < 0 ? r : 1;
1274 }
1275
1276 int bus_kernel_pop_memfd(sd_bus *bus, void **address, size_t *mapped, size_t *allocated) {
1277 struct memfd_cache *c;
1278 int fd;
1279
1280 assert(address);
1281 assert(mapped);
1282 assert(allocated);
1283
1284 if (!bus || !bus->is_kernel)
1285 return -ENOTSUP;
1286
1287 assert_se(pthread_mutex_lock(&bus->memfd_cache_mutex) >= 0);
1288
1289 if (bus->n_memfd_cache <= 0) {
1290 int r;
1291
1292 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1293
1294 r = memfd_new(bus->description);
1295 if (r < 0)
1296 return r;
1297
1298 *address = NULL;
1299 *mapped = 0;
1300 *allocated = 0;
1301 return r;
1302 }
1303
1304 c = &bus->memfd_cache[--bus->n_memfd_cache];
1305
1306 assert(c->fd >= 0);
1307 assert(c->mapped == 0 || c->address);
1308
1309 *address = c->address;
1310 *mapped = c->mapped;
1311 *allocated = c->allocated;
1312 fd = c->fd;
1313
1314 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1315
1316 return fd;
1317 }
1318
1319 static void close_and_munmap(int fd, void *address, size_t size) {
1320 if (size > 0)
1321 assert_se(munmap(address, PAGE_ALIGN(size)) >= 0);
1322
1323 safe_close(fd);
1324 }
1325
1326 void bus_kernel_push_memfd(sd_bus *bus, int fd, void *address, size_t mapped, size_t allocated) {
1327 struct memfd_cache *c;
1328 uint64_t max_mapped = PAGE_ALIGN(MEMFD_CACHE_ITEM_SIZE_MAX);
1329
1330 assert(fd >= 0);
1331 assert(mapped == 0 || address);
1332
1333 if (!bus || !bus->is_kernel) {
1334 close_and_munmap(fd, address, mapped);
1335 return;
1336 }
1337
1338 assert_se(pthread_mutex_lock(&bus->memfd_cache_mutex) >= 0);
1339
1340 if (bus->n_memfd_cache >= ELEMENTSOF(bus->memfd_cache)) {
1341 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1342
1343 close_and_munmap(fd, address, mapped);
1344 return;
1345 }
1346
1347 c = &bus->memfd_cache[bus->n_memfd_cache++];
1348 c->fd = fd;
1349 c->address = address;
1350
1351 /* If overly long, let's return a bit to the OS */
1352 if (mapped > max_mapped) {
1353 assert_se(memfd_set_size(fd, max_mapped) >= 0);
1354 assert_se(munmap((uint8_t*) address + max_mapped, PAGE_ALIGN(mapped - max_mapped)) >= 0);
1355 c->mapped = c->allocated = max_mapped;
1356 } else {
1357 c->mapped = mapped;
1358 c->allocated = allocated;
1359 }
1360
1361 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1362 }
1363
1364 void bus_kernel_flush_memfd(sd_bus *b) {
1365 unsigned i;
1366
1367 assert(b);
1368
1369 for (i = 0; i < b->n_memfd_cache; i++)
1370 close_and_munmap(b->memfd_cache[i].fd, b->memfd_cache[i].address, b->memfd_cache[i].mapped);
1371 }
1372
1373 uint64_t request_name_flags_to_kdbus(uint64_t flags) {
1374 uint64_t f = 0;
1375
1376 if (flags & SD_BUS_NAME_ALLOW_REPLACEMENT)
1377 f |= KDBUS_NAME_ALLOW_REPLACEMENT;
1378
1379 if (flags & SD_BUS_NAME_REPLACE_EXISTING)
1380 f |= KDBUS_NAME_REPLACE_EXISTING;
1381
1382 if (flags & SD_BUS_NAME_QUEUE)
1383 f |= KDBUS_NAME_QUEUE;
1384
1385 return f;
1386 }
1387
1388 uint64_t attach_flags_to_kdbus(uint64_t mask) {
1389 uint64_t m = 0;
1390
1391 if (mask & (SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID|
1392 SD_BUS_CREDS_GID|SD_BUS_CREDS_EGID|SD_BUS_CREDS_SGID|SD_BUS_CREDS_FSGID))
1393 m |= KDBUS_ATTACH_CREDS;
1394
1395 if (mask & (SD_BUS_CREDS_PID|SD_BUS_CREDS_PID_STARTTIME|SD_BUS_CREDS_TID))
1396 m |= KDBUS_ATTACH_PIDS;
1397
1398 if (mask & SD_BUS_CREDS_COMM)
1399 m |= KDBUS_ATTACH_PID_COMM;
1400
1401 if (mask & SD_BUS_CREDS_TID_COMM)
1402 m |= KDBUS_ATTACH_TID_COMM;
1403
1404 if (mask & SD_BUS_CREDS_EXE)
1405 m |= KDBUS_ATTACH_EXE;
1406
1407 if (mask & SD_BUS_CREDS_CMDLINE)
1408 m |= KDBUS_ATTACH_CMDLINE;
1409
1410 if (mask & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID))
1411 m |= KDBUS_ATTACH_CGROUP;
1412
1413 if (mask & (SD_BUS_CREDS_EFFECTIVE_CAPS|SD_BUS_CREDS_PERMITTED_CAPS|SD_BUS_CREDS_INHERITABLE_CAPS|SD_BUS_CREDS_BOUNDING_CAPS))
1414 m |= KDBUS_ATTACH_CAPS;
1415
1416 if (mask & SD_BUS_CREDS_SELINUX_CONTEXT)
1417 m |= KDBUS_ATTACH_SECLABEL;
1418
1419 if (mask & (SD_BUS_CREDS_AUDIT_SESSION_ID|SD_BUS_CREDS_AUDIT_LOGIN_UID))
1420 m |= KDBUS_ATTACH_AUDIT;
1421
1422 if (mask & SD_BUS_CREDS_WELL_KNOWN_NAMES)
1423 m |= KDBUS_ATTACH_NAMES;
1424
1425 if (mask & SD_BUS_CREDS_DESCRIPTION)
1426 m |= KDBUS_ATTACH_CONN_DESCRIPTION;
1427
1428 if (mask & SD_BUS_CREDS_SUPPLEMENTARY_GIDS)
1429 m |= KDBUS_ATTACH_AUXGROUPS;
1430
1431 return m;
1432 }
1433
1434 int bus_kernel_create_bus(const char *name, bool world, char **s) {
1435 struct kdbus_cmd_make *make;
1436 struct kdbus_item *n;
1437 size_t l;
1438 int fd;
1439
1440 assert(name);
1441 assert(s);
1442
1443 fd = open("/sys/fs/kdbus/control", O_RDWR|O_NOCTTY|O_CLOEXEC);
1444 if (fd < 0)
1445 return -errno;
1446
1447 l = strlen(name);
1448 make = alloca0_align(offsetof(struct kdbus_cmd_make, items) +
1449 ALIGN8(offsetof(struct kdbus_item, bloom_parameter) + sizeof(struct kdbus_bloom_parameter)) +
1450 ALIGN8(offsetof(struct kdbus_item, data64) + sizeof(uint64_t)) +
1451 ALIGN8(offsetof(struct kdbus_item, str) + DECIMAL_STR_MAX(uid_t) + 1 + l + 1),
1452 8);
1453
1454 make->size = offsetof(struct kdbus_cmd_make, items);
1455
1456 /* Set the bloom parameters */
1457 n = make->items;
1458 n->size = offsetof(struct kdbus_item, bloom_parameter) +
1459 sizeof(struct kdbus_bloom_parameter);
1460 n->type = KDBUS_ITEM_BLOOM_PARAMETER;
1461 n->bloom_parameter.size = DEFAULT_BLOOM_SIZE;
1462 n->bloom_parameter.n_hash = DEFAULT_BLOOM_N_HASH;
1463
1464 assert_cc(DEFAULT_BLOOM_SIZE > 0);
1465 assert_cc(DEFAULT_BLOOM_N_HASH > 0);
1466
1467 make->size += ALIGN8(n->size);
1468
1469 /* The busses we create make no restrictions on what metadata
1470 * peers can read from incoming messages. */
1471 n = KDBUS_ITEM_NEXT(n);
1472 n->type = KDBUS_ITEM_ATTACH_FLAGS_RECV;
1473 n->size = offsetof(struct kdbus_item, data64) + sizeof(uint64_t);
1474 n->data64[0] = _KDBUS_ATTACH_ANY;
1475 make->size += ALIGN8(n->size);
1476
1477 /* Set the a good name */
1478 n = KDBUS_ITEM_NEXT(n);
1479 sprintf(n->str, UID_FMT "-%s", getuid(), name);
1480 n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
1481 n->type = KDBUS_ITEM_MAKE_NAME;
1482 make->size += ALIGN8(n->size);
1483
1484 make->flags = world ? KDBUS_MAKE_ACCESS_WORLD : 0;
1485
1486 if (ioctl(fd, KDBUS_CMD_BUS_MAKE, make) < 0) {
1487 safe_close(fd);
1488 return -errno;
1489 }
1490
1491 if (s) {
1492 char *p;
1493
1494 p = strjoin("/sys/fs/kdbus/", n->str, "/bus", NULL);
1495 if (!p) {
1496 safe_close(fd);
1497 return -ENOMEM;
1498 }
1499
1500 *s = p;
1501 }
1502
1503 return fd;
1504 }
1505
1506 static int bus_kernel_translate_access(BusPolicyAccess access) {
1507 assert(access >= 0);
1508 assert(access < _BUS_POLICY_ACCESS_MAX);
1509
1510 switch (access) {
1511
1512 case BUS_POLICY_ACCESS_SEE:
1513 return KDBUS_POLICY_SEE;
1514
1515 case BUS_POLICY_ACCESS_TALK:
1516 return KDBUS_POLICY_TALK;
1517
1518 case BUS_POLICY_ACCESS_OWN:
1519 return KDBUS_POLICY_OWN;
1520
1521 default:
1522 assert_not_reached("Unknown policy access");
1523 }
1524 }
1525
1526 static int bus_kernel_translate_policy(const BusNamePolicy *policy, struct kdbus_item *item) {
1527 int r;
1528
1529 assert(policy);
1530 assert(item);
1531
1532 switch (policy->type) {
1533
1534 case BUSNAME_POLICY_TYPE_USER: {
1535 const char *user = policy->name;
1536 uid_t uid;
1537
1538 r = get_user_creds(&user, &uid, NULL, NULL, NULL);
1539 if (r < 0)
1540 return r;
1541
1542 item->policy_access.type = KDBUS_POLICY_ACCESS_USER;
1543 item->policy_access.id = uid;
1544 break;
1545 }
1546
1547 case BUSNAME_POLICY_TYPE_GROUP: {
1548 const char *group = policy->name;
1549 gid_t gid;
1550
1551 r = get_group_creds(&group, &gid);
1552 if (r < 0)
1553 return r;
1554
1555 item->policy_access.type = KDBUS_POLICY_ACCESS_GROUP;
1556 item->policy_access.id = gid;
1557 break;
1558 }
1559
1560 default:
1561 assert_not_reached("Unknown policy type");
1562 }
1563
1564 item->policy_access.access = bus_kernel_translate_access(policy->access);
1565
1566 return 0;
1567 }
1568
1569 int bus_kernel_open_bus_fd(const char *bus, char **path) {
1570 char *p;
1571 int fd;
1572 size_t len;
1573
1574 assert(bus);
1575
1576 len = strlen("/sys/fs/kdbus/") + DECIMAL_STR_MAX(uid_t) + 1 + strlen(bus) + strlen("/bus") + 1;
1577
1578 if (path) {
1579 p = new(char, len);
1580 if (!p)
1581 return -ENOMEM;
1582 } else
1583 p = newa(char, len);
1584
1585 sprintf(p, "/sys/fs/kdbus/" UID_FMT "-%s/bus", getuid(), bus);
1586
1587 fd = open(p, O_RDWR|O_NOCTTY|O_CLOEXEC);
1588 if (fd < 0) {
1589 if (path)
1590 free(p);
1591
1592 return -errno;
1593 }
1594
1595 if (path)
1596 *path = p;
1597
1598 return fd;
1599 }
1600
1601 int bus_kernel_create_endpoint(const char *bus_name, const char *ep_name, char **ep_path) {
1602 _cleanup_free_ char *path = NULL;
1603 struct kdbus_cmd_make *make;
1604 struct kdbus_item *n;
1605 const char *name;
1606 int fd;
1607
1608 fd = bus_kernel_open_bus_fd(bus_name, &path);
1609 if (fd < 0)
1610 return fd;
1611
1612 make = alloca0_align(ALIGN8(offsetof(struct kdbus_cmd_make, items)) +
1613 ALIGN8(offsetof(struct kdbus_item, str) + DECIMAL_STR_MAX(uid_t) + 1 + strlen(ep_name) + 1),
1614 8);
1615 make->size = ALIGN8(offsetof(struct kdbus_cmd_make, items));
1616 make->flags = KDBUS_MAKE_ACCESS_WORLD;
1617
1618 n = make->items;
1619 sprintf(n->str, UID_FMT "-%s", getuid(), ep_name);
1620 n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
1621 n->type = KDBUS_ITEM_MAKE_NAME;
1622 make->size += ALIGN8(n->size);
1623 name = n->str;
1624
1625 if (ioctl(fd, KDBUS_CMD_ENDPOINT_MAKE, make) < 0) {
1626 safe_close(fd);
1627 return -errno;
1628 }
1629
1630 if (ep_path) {
1631 char *p;
1632
1633 p = strjoin(dirname(path), "/", name, NULL);
1634 if (!p) {
1635 safe_close(fd);
1636 return -ENOMEM;
1637 }
1638
1639 *ep_path = p;
1640 }
1641
1642 return fd;
1643 }
1644
1645 int bus_kernel_set_endpoint_policy(int fd, uid_t uid, BusEndpoint *ep) {
1646
1647 struct kdbus_cmd_update *update;
1648 struct kdbus_item *n;
1649 BusEndpointPolicy *po;
1650 Iterator i;
1651 size_t size;
1652 int r;
1653
1654 size = ALIGN8(offsetof(struct kdbus_cmd_update, items));
1655
1656 HASHMAP_FOREACH(po, ep->policy_hash, i) {
1657 size += ALIGN8(offsetof(struct kdbus_item, str) + strlen(po->name) + 1);
1658 size += ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access));
1659 }
1660
1661 update = alloca0_align(size, 8);
1662 update->size = size;
1663
1664 n = update->items;
1665
1666 HASHMAP_FOREACH(po, ep->policy_hash, i) {
1667 n->type = KDBUS_ITEM_NAME;
1668 n->size = offsetof(struct kdbus_item, str) + strlen(po->name) + 1;
1669 strcpy(n->str, po->name);
1670 n = KDBUS_ITEM_NEXT(n);
1671
1672 n->type = KDBUS_ITEM_POLICY_ACCESS;
1673 n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
1674
1675 n->policy_access.type = KDBUS_POLICY_ACCESS_USER;
1676 n->policy_access.access = bus_kernel_translate_access(po->access);
1677 n->policy_access.id = uid;
1678
1679 n = KDBUS_ITEM_NEXT(n);
1680 }
1681
1682 r = ioctl(fd, KDBUS_CMD_ENDPOINT_UPDATE, update);
1683 if (r < 0)
1684 return -errno;
1685
1686 return 0;
1687 }
1688
1689 int bus_kernel_make_starter(
1690 int fd,
1691 const char *name,
1692 bool activating,
1693 bool accept_fd,
1694 BusNamePolicy *policy,
1695 BusPolicyAccess world_policy) {
1696
1697 struct kdbus_cmd_hello *hello;
1698 struct kdbus_item *n;
1699 size_t policy_cnt = 0;
1700 BusNamePolicy *po;
1701 size_t size;
1702 int r;
1703
1704 assert(fd >= 0);
1705 assert(name);
1706
1707 LIST_FOREACH(policy, po, policy)
1708 policy_cnt++;
1709
1710 if (world_policy >= 0)
1711 policy_cnt++;
1712
1713 size = offsetof(struct kdbus_cmd_hello, items) +
1714 ALIGN8(offsetof(struct kdbus_item, str) + strlen(name) + 1) +
1715 policy_cnt * ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access));
1716
1717 hello = alloca0_align(size, 8);
1718
1719 n = hello->items;
1720 strcpy(n->str, name);
1721 n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
1722 n->type = KDBUS_ITEM_NAME;
1723 n = KDBUS_ITEM_NEXT(n);
1724
1725 LIST_FOREACH(policy, po, policy) {
1726 n->type = KDBUS_ITEM_POLICY_ACCESS;
1727 n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
1728
1729 r = bus_kernel_translate_policy(po, n);
1730 if (r < 0)
1731 return r;
1732
1733 n = KDBUS_ITEM_NEXT(n);
1734 }
1735
1736 if (world_policy >= 0) {
1737 n->type = KDBUS_ITEM_POLICY_ACCESS;
1738 n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
1739 n->policy_access.type = KDBUS_POLICY_ACCESS_WORLD;
1740 n->policy_access.access = bus_kernel_translate_access(world_policy);
1741 }
1742
1743 hello->size = size;
1744 hello->flags =
1745 (activating ? KDBUS_HELLO_ACTIVATOR : KDBUS_HELLO_POLICY_HOLDER) |
1746 (accept_fd ? KDBUS_HELLO_ACCEPT_FD : 0);
1747 hello->pool_size = KDBUS_POOL_SIZE;
1748 hello->attach_flags_send = _KDBUS_ATTACH_ANY;
1749 hello->attach_flags_recv = _KDBUS_ATTACH_ANY;
1750
1751 if (ioctl(fd, KDBUS_CMD_HELLO, hello) < 0)
1752 return -errno;
1753
1754 /* The higher 32bit of the bus_flags fields are considered
1755 * 'incompatible flags'. Refuse them all for now. */
1756 if (hello->bus_flags > 0xFFFFFFFFULL)
1757 return -ENOTSUP;
1758
1759 if (!bloom_validate_parameters((size_t) hello->bloom.size, (unsigned) hello->bloom.n_hash))
1760 return -ENOTSUP;
1761
1762 return fd;
1763 }
1764
1765 int bus_kernel_try_close(sd_bus *bus) {
1766 assert(bus);
1767 assert(bus->is_kernel);
1768
1769 if (ioctl(bus->input_fd, KDBUS_CMD_BYEBYE) < 0)
1770 return -errno;
1771
1772 return 0;
1773 }
1774
1775 int bus_kernel_drop_one(int fd) {
1776 struct kdbus_cmd_recv recv = {
1777 .flags = KDBUS_RECV_DROP
1778 };
1779
1780 assert(fd >= 0);
1781
1782 if (ioctl(fd, KDBUS_CMD_MSG_RECV, &recv) < 0)
1783 return -errno;
1784
1785 return 0;
1786 }
1787
1788 int bus_kernel_realize_attach_flags(sd_bus *bus) {
1789 struct kdbus_cmd_update *update;
1790 struct kdbus_item *n;
1791
1792 assert(bus);
1793 assert(bus->is_kernel);
1794
1795 update = alloca0_align(offsetof(struct kdbus_cmd_update, items) +
1796 ALIGN8(offsetof(struct kdbus_item, data64) + sizeof(uint64_t)),
1797 8);
1798
1799 n = update->items;
1800 n->type = KDBUS_ITEM_ATTACH_FLAGS_RECV;
1801 n->size = offsetof(struct kdbus_item, data64) + sizeof(uint64_t);
1802 n->data64[0] = bus->attach_flags;
1803
1804 update->size =
1805 offsetof(struct kdbus_cmd_update, items) +
1806 ALIGN8(n->size);
1807
1808 if (ioctl(bus->input_fd, KDBUS_CMD_CONN_UPDATE, update) < 0)
1809 return -errno;
1810
1811 return 0;
1812 }
1813
1814 int bus_kernel_fix_attach_mask(void) {
1815 _cleanup_free_ char *mask = NULL;
1816 uint64_t m = (uint64_t) -1;
1817 char buf[2+16+2];
1818 int r;
1819
1820 /* By default we don't want any kdbus metadata fields to be
1821 * suppressed, hence we reset the kernel mask for it to
1822 * (uint64_t) -1. This is overridable via a kernel command
1823 * line option, however. */
1824
1825 r = get_proc_cmdline_key("systemd.kdbus_attach_flags_mask=", &mask);
1826 if (r < 0)
1827 return log_warning_errno(r, "Failed to read kernel command line: %m");
1828
1829 if (mask) {
1830 const char *p = mask;
1831
1832 if (startswith(p, "0x"))
1833 p += 2;
1834
1835 if (sscanf(p, "%" PRIx64, &m) != 1)
1836 log_warning("Couldn't parse systemd.kdbus_attach_flags_mask= kernel command line parameter.");
1837 }
1838
1839 sprintf(buf, "0x%" PRIx64 "\n", m);
1840 r = write_string_file("/sys/module/kdbus/parameters/attach_flags_mask", buf);
1841 if (r < 0)
1842 return log_full_errno(
1843 r == -EROFS ? LOG_DEBUG : LOG_WARNING, r,
1844 "Failed to write kdbus attach mask: %m");
1845
1846 return 0;
1847 }
1848
1849 int bus_kernel_get_bus_name(sd_bus *bus, char **name) {
1850 struct kdbus_cmd_info cmd = {
1851 .size = sizeof(struct kdbus_cmd_info),
1852 };
1853 struct kdbus_info *info;
1854 struct kdbus_item *item;
1855 char *n = NULL;
1856 int r;
1857
1858 assert(bus);
1859 assert(name);
1860 assert(bus->is_kernel);
1861
1862 r = ioctl(bus->input_fd, KDBUS_CMD_BUS_CREATOR_INFO, &cmd);
1863 if (r < 0)
1864 return -errno;
1865
1866 info = (struct kdbus_info*) ((uint8_t*) bus->kdbus_buffer + cmd.offset);
1867
1868 KDBUS_ITEM_FOREACH(item, info, items)
1869 if (item->type == KDBUS_ITEM_MAKE_NAME) {
1870 r = free_and_strdup(&n, item->str);
1871 break;
1872 }
1873
1874 bus_kernel_cmd_free(bus, cmd.offset);
1875
1876 if (r < 0)
1877 return r;
1878 if (!n)
1879 return -EIO;
1880
1881 *name = n;
1882 return 0;
1883 }
Unnamed repository; edit this file 'description' to name the repository.