]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
ba6929f6 | 2 | |
07630cea LP |
3 | #include <errno.h> |
4 | #include <linux/filter.h> | |
5 | #include <linux/netlink.h> | |
6 | #include <poll.h> | |
7 | #include <stddef.h> | |
ba6929f6 KS |
8 | #include <stdio.h> |
9 | #include <stdlib.h> | |
ba6929f6 | 10 | #include <string.h> |
ba6929f6 | 11 | #include <sys/socket.h> |
07630cea | 12 | #include <unistd.h> |
ba6929f6 | 13 | |
b4bbcaa9 TA |
14 | #include "libudev.h" |
15 | ||
b5efdb8a | 16 | #include "alloc-util.h" |
3ffd4af2 | 17 | #include "fd-util.h" |
0d39fa9c | 18 | #include "fileio.h" |
f97b34a6 | 19 | #include "format-util.h" |
ba6929f6 | 20 | #include "libudev-private.h" |
3782454c | 21 | #include "libudev-device-internal.h" |
df32a1ca | 22 | #include "missing.h" |
4e036b7a | 23 | #include "mount-util.h" |
07630cea LP |
24 | #include "socket-util.h" |
25 | #include "string-util.h" | |
ba6929f6 | 26 | |
ce1d6d7f KS |
27 | /** |
28 | * SECTION:libudev-monitor | |
29 | * @short_description: device event source | |
30 | * | |
31 | * Connects to a device event source. | |
32 | */ | |
33 | ||
ce1d6d7f KS |
34 | /** |
35 | * udev_monitor: | |
36 | * | |
50579295 | 37 | * Opaque object handling an event source. |
ce1d6d7f | 38 | */ |
ba6929f6 | 39 | struct udev_monitor { |
912541b0 | 40 | struct udev *udev; |
3c6ac219 | 41 | unsigned n_ref; |
912541b0 | 42 | int sock; |
b49d9b50 KS |
43 | union sockaddr_union snl; |
44 | union sockaddr_union snl_trusted_sender; | |
45 | union sockaddr_union snl_destination; | |
912541b0 KS |
46 | socklen_t addrlen; |
47 | struct udev_list filter_subsystem_list; | |
48 | struct udev_list filter_tag_list; | |
49 | bool bound; | |
ba6929f6 KS |
50 | }; |
51 | ||
f2b93744 | 52 | enum udev_monitor_netlink_group { |
912541b0 KS |
53 | UDEV_MONITOR_NONE, |
54 | UDEV_MONITOR_KERNEL, | |
55 | UDEV_MONITOR_UDEV, | |
f2b93744 KS |
56 | }; |
57 | ||
912541b0 | 58 | #define UDEV_MONITOR_MAGIC 0xfeedcafe |
e14bdd88 | 59 | struct udev_monitor_netlink_header { |
912541b0 KS |
60 | /* "libudev" prefix to distinguish libudev and kernel messages */ |
61 | char prefix[8]; | |
62 | /* | |
63 | * magic to protect against daemon <-> library message format mismatch | |
64 | * used in the kernel from socket filter rules; needs to be stored in network order | |
65 | */ | |
7f797207 | 66 | unsigned magic; |
912541b0 | 67 | /* total length of header structure known to the sender */ |
7f797207 | 68 | unsigned header_size; |
912541b0 | 69 | /* properties string buffer */ |
7f797207 YW |
70 | unsigned properties_off; |
71 | unsigned properties_len; | |
912541b0 KS |
72 | /* |
73 | * hashes of primary device properties strings, to let libudev subscribers | |
74 | * use in-kernel socket filters; values need to be stored in network order | |
75 | */ | |
7f797207 YW |
76 | unsigned filter_subsystem_hash; |
77 | unsigned filter_devtype_hash; | |
78 | unsigned filter_tag_bloom_hi; | |
79 | unsigned filter_tag_bloom_lo; | |
e14bdd88 KS |
80 | }; |
81 | ||
654c87e0 | 82 | static struct udev_monitor *udev_monitor_new(struct udev *udev) { |
912541b0 KS |
83 | struct udev_monitor *udev_monitor; |
84 | ||
955d98c9 | 85 | udev_monitor = new0(struct udev_monitor, 1); |
309f631d LP |
86 | if (udev_monitor == NULL) { |
87 | errno = ENOMEM; | |
912541b0 | 88 | return NULL; |
309f631d | 89 | } |
3c6ac219 | 90 | udev_monitor->n_ref = 1; |
912541b0 KS |
91 | udev_monitor->udev = udev; |
92 | udev_list_init(udev, &udev_monitor->filter_subsystem_list, false); | |
93 | udev_list_init(udev, &udev_monitor->filter_tag_list, true); | |
94 | return udev_monitor; | |
e14bdd88 KS |
95 | } |
96 | ||
a062a72f | 97 | static int udev_monitor_set_nl_address(struct udev_monitor *udev_monitor) { |
44daf75d TG |
98 | union sockaddr_union snl; |
99 | socklen_t addrlen; | |
44daf75d TG |
100 | |
101 | assert(udev_monitor); | |
102 | ||
a062a72f YW |
103 | /* Get the address the kernel has assigned us. |
104 | * It is usually, but not necessarily the pid. */ | |
44daf75d | 105 | addrlen = sizeof(struct sockaddr_nl); |
a062a72f YW |
106 | if (getsockname(udev_monitor->sock, &snl.sa, &addrlen) < 0) |
107 | return -errno; | |
108 | ||
109 | udev_monitor->snl.nl.nl_pid = snl.nl.nl_pid; | |
110 | return 0; | |
44daf75d TG |
111 | } |
112 | ||
654c87e0 | 113 | struct udev_monitor *udev_monitor_new_from_netlink_fd(struct udev *udev, const char *name, int fd) { |
912541b0 | 114 | struct udev_monitor *udev_monitor; |
7f797207 | 115 | unsigned group; |
912541b0 | 116 | |
912541b0 KS |
117 | if (name == NULL) |
118 | group = UDEV_MONITOR_NONE; | |
e8a3b2dc KS |
119 | else if (streq(name, "udev")) { |
120 | /* | |
121 | * We do not support subscribing to uevents if no instance of | |
122 | * udev is running. Uevents would otherwise broadcast the | |
123 | * processing data of the host into containers, which is not | |
124 | * desired. | |
125 | * | |
126 | * Containers will currently not get any udev uevents, until | |
127 | * a supporting infrastructure is available. | |
128 | * | |
129 | * We do not set a netlink multicast group here, so the socket | |
130 | * will not receive any messages. | |
131 | */ | |
be1791ad | 132 | if (access("/run/udev/control", F_OK) < 0 && dev_is_devtmpfs() <= 0) { |
ff49bc32 | 133 | log_debug("the udev service seems not to be active, disable the monitor"); |
e8a3b2dc KS |
134 | group = UDEV_MONITOR_NONE; |
135 | } else | |
136 | group = UDEV_MONITOR_UDEV; | |
137 | } else if (streq(name, "kernel")) | |
912541b0 | 138 | group = UDEV_MONITOR_KERNEL; |
309f631d LP |
139 | else { |
140 | errno = EINVAL; | |
912541b0 | 141 | return NULL; |
309f631d | 142 | } |
912541b0 KS |
143 | |
144 | udev_monitor = udev_monitor_new(udev); | |
145 | if (udev_monitor == NULL) | |
146 | return NULL; | |
147 | ||
148 | if (fd < 0) { | |
149 | udev_monitor->sock = socket(PF_NETLINK, SOCK_RAW|SOCK_CLOEXEC|SOCK_NONBLOCK, NETLINK_KOBJECT_UEVENT); | |
44daf75d | 150 | if (udev_monitor->sock < 0) { |
56f64d95 | 151 | log_debug_errno(errno, "error getting socket: %m"); |
6b430fdb | 152 | return mfree(udev_monitor); |
912541b0 KS |
153 | } |
154 | } else { | |
155 | udev_monitor->bound = true; | |
156 | udev_monitor->sock = fd; | |
a062a72f | 157 | udev_monitor_set_nl_address(udev_monitor); |
912541b0 KS |
158 | } |
159 | ||
b49d9b50 KS |
160 | udev_monitor->snl.nl.nl_family = AF_NETLINK; |
161 | udev_monitor->snl.nl.nl_groups = group; | |
912541b0 KS |
162 | |
163 | /* default destination for sending */ | |
b49d9b50 KS |
164 | udev_monitor->snl_destination.nl.nl_family = AF_NETLINK; |
165 | udev_monitor->snl_destination.nl.nl_groups = UDEV_MONITOR_UDEV; | |
912541b0 | 166 | |
912541b0 | 167 | return udev_monitor; |
1c7047ea KS |
168 | } |
169 | ||
7459bcdc KS |
170 | /** |
171 | * udev_monitor_new_from_netlink: | |
172 | * @udev: udev library context | |
173 | * @name: name of event source | |
174 | * | |
175 | * Create new udev monitor and connect to a specified event | |
176 | * source. Valid sources identifiers are "udev" and "kernel". | |
177 | * | |
178 | * Applications should usually not connect directly to the | |
179 | * "kernel" events, because the devices might not be useable | |
180 | * at that time, before udev has configured them, and created | |
50579295 KS |
181 | * device nodes. Accessing devices at the same time as udev, |
182 | * might result in unpredictable behavior. The "udev" events | |
183 | * are sent out after udev has finished its event processing, | |
184 | * all rules have been processed, and needed device nodes are | |
185 | * created. | |
7459bcdc KS |
186 | * |
187 | * The initial refcount is 1, and needs to be decremented to | |
188 | * release the resources of the udev monitor. | |
189 | * | |
190 | * Returns: a new udev monitor, or #NULL, in case of an error | |
191 | **/ | |
654c87e0 | 192 | _public_ struct udev_monitor *udev_monitor_new_from_netlink(struct udev *udev, const char *name) { |
912541b0 | 193 | return udev_monitor_new_from_netlink_fd(udev, name, -1); |
7459bcdc KS |
194 | } |
195 | ||
3d01fa90 YW |
196 | static void bpf_stmt(struct sock_filter *ins, unsigned *i, |
197 | unsigned short code, unsigned data) { | |
198 | ins[(*i)++] = (struct sock_filter) { | |
199 | .code = code, | |
200 | .k = data, | |
201 | }; | |
e14bdd88 KS |
202 | } |
203 | ||
3d01fa90 YW |
204 | static void bpf_jmp(struct sock_filter *ins, unsigned *i, |
205 | unsigned short code, unsigned data, | |
206 | unsigned short jt, unsigned short jf) { | |
207 | ins[(*i)++] = (struct sock_filter) { | |
208 | .code = code, | |
209 | .jt = jt, | |
210 | .jf = jf, | |
211 | .k = data, | |
212 | }; | |
e14bdd88 KS |
213 | } |
214 | ||
ce1d6d7f KS |
215 | /** |
216 | * udev_monitor_filter_update: | |
217 | * @udev_monitor: monitor | |
218 | * | |
50579295 KS |
219 | * Update the installed socket filter. This is only needed, |
220 | * if the filter was removed or changed. | |
ce1d6d7f KS |
221 | * |
222 | * Returns: 0 on success, otherwise a negative error value. | |
223 | */ | |
54cf0b7f | 224 | _public_ int udev_monitor_filter_update(struct udev_monitor *udev_monitor) |
e14bdd88 | 225 | { |
912541b0 KS |
226 | struct sock_filter ins[512]; |
227 | struct sock_fprog filter; | |
7f797207 | 228 | unsigned i; |
912541b0 KS |
229 | struct udev_list_entry *list_entry; |
230 | int err; | |
231 | ||
232 | if (udev_list_get_entry(&udev_monitor->filter_subsystem_list) == NULL && | |
233 | udev_list_get_entry(&udev_monitor->filter_tag_list) == NULL) | |
234 | return 0; | |
235 | ||
29804cc1 | 236 | memzero(ins, sizeof(ins)); |
912541b0 KS |
237 | i = 0; |
238 | ||
239 | /* load magic in A */ | |
240 | bpf_stmt(ins, &i, BPF_LD|BPF_W|BPF_ABS, offsetof(struct udev_monitor_netlink_header, magic)); | |
241 | /* jump if magic matches */ | |
242 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, UDEV_MONITOR_MAGIC, 1, 0); | |
243 | /* wrong magic, pass packet */ | |
244 | bpf_stmt(ins, &i, BPF_RET|BPF_K, 0xffffffff); | |
245 | ||
246 | if (udev_list_get_entry(&udev_monitor->filter_tag_list) != NULL) { | |
247 | int tag_matches; | |
248 | ||
249 | /* count tag matches, to calculate end of tag match block */ | |
250 | tag_matches = 0; | |
251 | udev_list_entry_foreach(list_entry, udev_list_get_entry(&udev_monitor->filter_tag_list)) | |
252 | tag_matches++; | |
253 | ||
254 | /* add all tags matches */ | |
255 | udev_list_entry_foreach(list_entry, udev_list_get_entry(&udev_monitor->filter_tag_list)) { | |
256 | uint64_t tag_bloom_bits = util_string_bloom64(udev_list_entry_get_name(list_entry)); | |
257 | uint32_t tag_bloom_hi = tag_bloom_bits >> 32; | |
258 | uint32_t tag_bloom_lo = tag_bloom_bits & 0xffffffff; | |
259 | ||
260 | /* load device bloom bits in A */ | |
261 | bpf_stmt(ins, &i, BPF_LD|BPF_W|BPF_ABS, offsetof(struct udev_monitor_netlink_header, filter_tag_bloom_hi)); | |
262 | /* clear bits (tag bits & bloom bits) */ | |
263 | bpf_stmt(ins, &i, BPF_ALU|BPF_AND|BPF_K, tag_bloom_hi); | |
264 | /* jump to next tag if it does not match */ | |
265 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, tag_bloom_hi, 0, 3); | |
266 | ||
267 | /* load device bloom bits in A */ | |
268 | bpf_stmt(ins, &i, BPF_LD|BPF_W|BPF_ABS, offsetof(struct udev_monitor_netlink_header, filter_tag_bloom_lo)); | |
269 | /* clear bits (tag bits & bloom bits) */ | |
270 | bpf_stmt(ins, &i, BPF_ALU|BPF_AND|BPF_K, tag_bloom_lo); | |
271 | /* jump behind end of tag match block if tag matches */ | |
272 | tag_matches--; | |
273 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, tag_bloom_lo, 1 + (tag_matches * 6), 0); | |
274 | } | |
275 | ||
276 | /* nothing matched, drop packet */ | |
277 | bpf_stmt(ins, &i, BPF_RET|BPF_K, 0); | |
278 | } | |
279 | ||
280 | /* add all subsystem matches */ | |
281 | if (udev_list_get_entry(&udev_monitor->filter_subsystem_list) != NULL) { | |
282 | udev_list_entry_foreach(list_entry, udev_list_get_entry(&udev_monitor->filter_subsystem_list)) { | |
7f797207 | 283 | uint32_t hash = util_string_hash32(udev_list_entry_get_name(list_entry)); |
912541b0 KS |
284 | |
285 | /* load device subsystem value in A */ | |
286 | bpf_stmt(ins, &i, BPF_LD|BPF_W|BPF_ABS, offsetof(struct udev_monitor_netlink_header, filter_subsystem_hash)); | |
287 | if (udev_list_entry_get_value(list_entry) == NULL) { | |
288 | /* jump if subsystem does not match */ | |
289 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, hash, 0, 1); | |
290 | } else { | |
291 | /* jump if subsystem does not match */ | |
292 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, hash, 0, 3); | |
293 | ||
294 | /* load device devtype value in A */ | |
295 | bpf_stmt(ins, &i, BPF_LD|BPF_W|BPF_ABS, offsetof(struct udev_monitor_netlink_header, filter_devtype_hash)); | |
296 | /* jump if value does not match */ | |
297 | hash = util_string_hash32(udev_list_entry_get_value(list_entry)); | |
298 | bpf_jmp(ins, &i, BPF_JMP|BPF_JEQ|BPF_K, hash, 0, 1); | |
299 | } | |
300 | ||
301 | /* matched, pass packet */ | |
302 | bpf_stmt(ins, &i, BPF_RET|BPF_K, 0xffffffff); | |
303 | ||
8fef0ff2 | 304 | if (i+1 >= ELEMENTSOF(ins)) |
994e0234 | 305 | return -E2BIG; |
912541b0 KS |
306 | } |
307 | ||
308 | /* nothing matched, drop packet */ | |
309 | bpf_stmt(ins, &i, BPF_RET|BPF_K, 0); | |
310 | } | |
311 | ||
312 | /* matched, pass packet */ | |
313 | bpf_stmt(ins, &i, BPF_RET|BPF_K, 0xffffffff); | |
314 | ||
315 | /* install filter */ | |
29804cc1 | 316 | memzero(&filter, sizeof(filter)); |
912541b0 KS |
317 | filter.len = i; |
318 | filter.filter = ins; | |
319 | err = setsockopt(udev_monitor->sock, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof(filter)); | |
994e0234 | 320 | return err < 0 ? -errno : 0; |
e14bdd88 KS |
321 | } |
322 | ||
1e03b754 KS |
323 | int udev_monitor_allow_unicast_sender(struct udev_monitor *udev_monitor, struct udev_monitor *sender) |
324 | { | |
b49d9b50 | 325 | udev_monitor->snl_trusted_sender.nl.nl_pid = sender->snl.nl.nl_pid; |
912541b0 | 326 | return 0; |
1e03b754 | 327 | } |
44daf75d | 328 | |
ce1d6d7f KS |
329 | /** |
330 | * udev_monitor_enable_receiving: | |
331 | * @udev_monitor: the monitor which should receive events | |
332 | * | |
333 | * Binds the @udev_monitor socket to the event source. | |
334 | * | |
335 | * Returns: 0 on success, otherwise a negative error value. | |
336 | */ | |
54cf0b7f | 337 | _public_ int udev_monitor_enable_receiving(struct udev_monitor *udev_monitor) |
d59f11e1 | 338 | { |
912541b0 KS |
339 | int err = 0; |
340 | const int on = 1; | |
341 | ||
2d13da88 KS |
342 | udev_monitor_filter_update(udev_monitor); |
343 | ||
344 | if (!udev_monitor->bound) { | |
345 | err = bind(udev_monitor->sock, | |
b49d9b50 | 346 | &udev_monitor->snl.sa, sizeof(struct sockaddr_nl)); |
2d13da88 KS |
347 | if (err == 0) |
348 | udev_monitor->bound = true; | |
912541b0 KS |
349 | } |
350 | ||
44daf75d | 351 | if (err >= 0) |
a062a72f | 352 | udev_monitor_set_nl_address(udev_monitor); |
e1427b13 MS |
353 | else |
354 | return log_debug_errno(errno, "bind failed: %m"); | |
912541b0 KS |
355 | |
356 | /* enable receiving of sender credentials */ | |
9dedfe7f TG |
357 | err = setsockopt(udev_monitor->sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); |
358 | if (err < 0) | |
56f64d95 | 359 | log_debug_errno(errno, "setting SO_PASSCRED failed: %m"); |
9dedfe7f | 360 | |
912541b0 | 361 | return 0; |
ba6929f6 KS |
362 | } |
363 | ||
f712894d KS |
364 | /** |
365 | * udev_monitor_set_receive_buffer_size: | |
366 | * @udev_monitor: the monitor which should receive events | |
367 | * @size: the size in bytes | |
368 | * | |
369 | * Set the size of the kernel socket buffer. This call needs the | |
370 | * appropriate privileges to succeed. | |
371 | * | |
372 | * Returns: 0 on success, otherwise -1 on error. | |
373 | */ | |
54cf0b7f | 374 | _public_ int udev_monitor_set_receive_buffer_size(struct udev_monitor *udev_monitor, int size) |
cb25a958 | 375 | { |
912541b0 | 376 | if (udev_monitor == NULL) |
994e0234 | 377 | return -EINVAL; |
309f631d LP |
378 | if (setsockopt(udev_monitor->sock, SOL_SOCKET, SO_RCVBUFFORCE, &size, sizeof(size)) < 0) |
379 | return -errno; | |
380 | ||
381 | return 0; | |
cb25a958 KS |
382 | } |
383 | ||
50d21589 YW |
384 | int udev_monitor_disconnect(struct udev_monitor *udev_monitor) { |
385 | assert(udev_monitor); | |
1e03b754 | 386 | |
50d21589 YW |
387 | udev_monitor->sock = safe_close(udev_monitor->sock); |
388 | return 0; | |
1e03b754 KS |
389 | } |
390 | ||
3c6ac219 YW |
391 | static struct udev_monitor *udev_monitor_free(struct udev_monitor *udev_monitor) { |
392 | assert(udev_monitor); | |
393 | ||
394 | udev_monitor_disconnect(udev_monitor); | |
395 | udev_list_cleanup(&udev_monitor->filter_subsystem_list); | |
396 | udev_list_cleanup(&udev_monitor->filter_tag_list); | |
397 | return mfree(udev_monitor); | |
398 | } | |
399 | ||
7d8787b3 KS |
400 | /** |
401 | * udev_monitor_ref: | |
402 | * @udev_monitor: udev monitor | |
403 | * | |
404 | * Take a reference of a udev monitor. | |
405 | * | |
406 | * Returns: the passed udev monitor | |
407 | **/ | |
ba6929f6 | 408 | |
7d8787b3 KS |
409 | /** |
410 | * udev_monitor_unref: | |
411 | * @udev_monitor: udev monitor | |
412 | * | |
ff109b8d | 413 | * Drop a reference of a udev monitor. If the refcount reaches zero, |
be7de409 | 414 | * the bound socket will be closed, and the resources of the monitor |
7d8787b3 KS |
415 | * will be released. |
416 | * | |
725d7e6c | 417 | * Returns: #NULL |
7d8787b3 | 418 | **/ |
3c6ac219 | 419 | DEFINE_PUBLIC_TRIVIAL_REF_UNREF_FUNC(struct udev_monitor, udev_monitor, udev_monitor_free); |
ba6929f6 | 420 | |
7d8787b3 KS |
421 | /** |
422 | * udev_monitor_get_udev: | |
423 | * @udev_monitor: udev monitor | |
424 | * | |
b98fd840 | 425 | * Retrieve the udev library context the monitor was created with. |
7d8787b3 KS |
426 | * |
427 | * Returns: the udev library context | |
428 | **/ | |
54cf0b7f | 429 | _public_ struct udev *udev_monitor_get_udev(struct udev_monitor *udev_monitor) |
ba6929f6 | 430 | { |
912541b0 KS |
431 | if (udev_monitor == NULL) |
432 | return NULL; | |
433 | return udev_monitor->udev; | |
ba6929f6 KS |
434 | } |
435 | ||
7d8787b3 KS |
436 | /** |
437 | * udev_monitor_get_fd: | |
438 | * @udev_monitor: udev monitor | |
439 | * | |
440 | * Retrieve the socket file descriptor associated with the monitor. | |
441 | * | |
442 | * Returns: the socket file descriptor | |
443 | **/ | |
54cf0b7f | 444 | _public_ int udev_monitor_get_fd(struct udev_monitor *udev_monitor) |
ba6929f6 | 445 | { |
912541b0 | 446 | if (udev_monitor == NULL) |
994e0234 | 447 | return -EINVAL; |
912541b0 | 448 | return udev_monitor->sock; |
ba6929f6 KS |
449 | } |
450 | ||
e14bdd88 KS |
451 | static int passes_filter(struct udev_monitor *udev_monitor, struct udev_device *udev_device) |
452 | { | |
912541b0 KS |
453 | struct udev_list_entry *list_entry; |
454 | ||
455 | if (udev_list_get_entry(&udev_monitor->filter_subsystem_list) == NULL) | |
456 | goto tag; | |
457 | udev_list_entry_foreach(list_entry, udev_list_get_entry(&udev_monitor->filter_subsystem_list)) { | |
458 | const char *subsys = udev_list_entry_get_name(list_entry); | |
459 | const char *dsubsys = udev_device_get_subsystem(udev_device); | |
460 | const char *devtype; | |
461 | const char *ddevtype; | |
462 | ||
090be865 | 463 | if (!streq(dsubsys, subsys)) |
912541b0 KS |
464 | continue; |
465 | ||
466 | devtype = udev_list_entry_get_value(list_entry); | |
467 | if (devtype == NULL) | |
468 | goto tag; | |
469 | ddevtype = udev_device_get_devtype(udev_device); | |
470 | if (ddevtype == NULL) | |
471 | continue; | |
090be865 | 472 | if (streq(ddevtype, devtype)) |
912541b0 KS |
473 | goto tag; |
474 | } | |
475 | return 0; | |
28460195 KS |
476 | |
477 | tag: | |
912541b0 KS |
478 | if (udev_list_get_entry(&udev_monitor->filter_tag_list) == NULL) |
479 | return 1; | |
480 | udev_list_entry_foreach(list_entry, udev_list_get_entry(&udev_monitor->filter_tag_list)) { | |
481 | const char *tag = udev_list_entry_get_name(list_entry); | |
482 | ||
483 | if (udev_device_has_tag(udev_device, tag)) | |
484 | return 1; | |
485 | } | |
486 | return 0; | |
e14bdd88 KS |
487 | } |
488 | ||
7d8787b3 | 489 | /** |
d59f11e1 | 490 | * udev_monitor_receive_device: |
7d8787b3 KS |
491 | * @udev_monitor: udev monitor |
492 | * | |
d59f11e1 | 493 | * Receive data from the udev monitor socket, allocate a new udev |
b98fd840 | 494 | * device, fill in the received data, and return the device. |
7d8787b3 | 495 | * |
50579295 | 496 | * Only socket connections with uid=0 are accepted. |
7d8787b3 | 497 | * |
b30b4260 KS |
498 | * The monitor socket is by default set to NONBLOCK. A variant of poll() on |
499 | * the file descriptor returned by udev_monitor_get_fd() should to be used to | |
500 | * wake up when new devices arrive, or alternatively the file descriptor | |
501 | * switched into blocking mode. | |
502 | * | |
7d8787b3 | 503 | * The initial refcount is 1, and needs to be decremented to |
be7de409 | 504 | * release the resources of the udev device. |
7d8787b3 KS |
505 | * |
506 | * Returns: a new udev device, or #NULL, in case of an error | |
507 | **/ | |
54cf0b7f | 508 | _public_ struct udev_device *udev_monitor_receive_device(struct udev_monitor *udev_monitor) |
ba6929f6 | 509 | { |
912541b0 KS |
510 | struct udev_device *udev_device; |
511 | struct msghdr smsg; | |
512 | struct iovec iov; | |
513 | char cred_msg[CMSG_SPACE(sizeof(struct ucred))]; | |
514 | struct cmsghdr *cmsg; | |
b49d9b50 | 515 | union sockaddr_union snl; |
912541b0 | 516 | struct ucred *cred; |
bf3dd6b1 SL |
517 | union { |
518 | struct udev_monitor_netlink_header nlh; | |
519 | char raw[8192]; | |
520 | } buf; | |
912541b0 KS |
521 | ssize_t buflen; |
522 | ssize_t bufpos; | |
2df959ec | 523 | bool is_initialized = false; |
ba6929f6 | 524 | |
e14bdd88 | 525 | retry: |
309f631d LP |
526 | if (udev_monitor == NULL) { |
527 | errno = EINVAL; | |
912541b0 | 528 | return NULL; |
309f631d | 529 | } |
912541b0 KS |
530 | iov.iov_base = &buf; |
531 | iov.iov_len = sizeof(buf); | |
29804cc1 | 532 | memzero(&smsg, sizeof(struct msghdr)); |
912541b0 KS |
533 | smsg.msg_iov = &iov; |
534 | smsg.msg_iovlen = 1; | |
535 | smsg.msg_control = cred_msg; | |
536 | smsg.msg_controllen = sizeof(cred_msg); | |
f6613dd9 KS |
537 | smsg.msg_name = &snl; |
538 | smsg.msg_namelen = sizeof(snl); | |
912541b0 | 539 | |
a38d9945 | 540 | buflen = recvmsg(udev_monitor->sock, &smsg, 0); |
912541b0 KS |
541 | if (buflen < 0) { |
542 | if (errno != EINTR) | |
ff49bc32 | 543 | log_debug("unable to receive message"); |
912541b0 KS |
544 | return NULL; |
545 | } | |
546 | ||
9c89c1ca | 547 | if (buflen < 32 || (smsg.msg_flags & MSG_TRUNC)) { |
ff49bc32 | 548 | log_debug("invalid message length"); |
309f631d | 549 | errno = EINVAL; |
912541b0 KS |
550 | return NULL; |
551 | } | |
552 | ||
f6613dd9 KS |
553 | if (snl.nl.nl_groups == 0) { |
554 | /* unicast message, check if we trust the sender */ | |
555 | if (udev_monitor->snl_trusted_sender.nl.nl_pid == 0 || | |
556 | snl.nl.nl_pid != udev_monitor->snl_trusted_sender.nl.nl_pid) { | |
ff49bc32 | 557 | log_debug("unicast netlink message ignored"); |
309f631d | 558 | errno = EAGAIN; |
f6613dd9 KS |
559 | return NULL; |
560 | } | |
561 | } else if (snl.nl.nl_groups == UDEV_MONITOR_KERNEL) { | |
562 | if (snl.nl.nl_pid > 0) { | |
1fa2f38f ZJS |
563 | log_debug("multicast kernel netlink message from PID %"PRIu32" ignored", |
564 | snl.nl.nl_pid); | |
309f631d | 565 | errno = EAGAIN; |
f6613dd9 | 566 | return NULL; |
912541b0 KS |
567 | } |
568 | } | |
569 | ||
570 | cmsg = CMSG_FIRSTHDR(&smsg); | |
571 | if (cmsg == NULL || cmsg->cmsg_type != SCM_CREDENTIALS) { | |
ff49bc32 | 572 | log_debug("no sender credentials received, message ignored"); |
309f631d | 573 | errno = EAGAIN; |
912541b0 KS |
574 | return NULL; |
575 | } | |
576 | ||
577 | cred = (struct ucred *)CMSG_DATA(cmsg); | |
578 | if (cred->uid != 0) { | |
1fa2f38f | 579 | log_debug("sender uid="UID_FMT", message ignored", cred->uid); |
309f631d | 580 | errno = EAGAIN; |
912541b0 KS |
581 | return NULL; |
582 | } | |
583 | ||
bf3dd6b1 | 584 | if (memcmp(buf.raw, "libudev", 8) == 0) { |
912541b0 | 585 | /* udev message needs proper version magic */ |
8e38570e | 586 | if (buf.nlh.magic != htobe32(UDEV_MONITOR_MAGIC)) { |
ff49bc32 | 587 | log_debug("unrecognized message signature (%x != %x)", |
8e38570e | 588 | buf.nlh.magic, htobe32(UDEV_MONITOR_MAGIC)); |
309f631d | 589 | errno = EAGAIN; |
912541b0 KS |
590 | return NULL; |
591 | } | |
bf3dd6b1 | 592 | if (buf.nlh.properties_off+32 > (size_t)buflen) { |
e6ac88dd TG |
593 | log_debug("message smaller than expected (%u > %zd)", |
594 | buf.nlh.properties_off+32, buflen); | |
309f631d | 595 | errno = EAGAIN; |
912541b0 | 596 | return NULL; |
f6613dd9 KS |
597 | } |
598 | ||
bf3dd6b1 | 599 | bufpos = buf.nlh.properties_off; |
f6613dd9 KS |
600 | |
601 | /* devices received from udev are always initialized */ | |
2df959ec | 602 | is_initialized = true; |
912541b0 KS |
603 | } else { |
604 | /* kernel message with header */ | |
bf3dd6b1 | 605 | bufpos = strlen(buf.raw) + 1; |
912541b0 | 606 | if ((size_t)bufpos < sizeof("a@/d") || bufpos >= buflen) { |
ff49bc32 | 607 | log_debug("invalid message length"); |
309f631d | 608 | errno = EAGAIN; |
912541b0 KS |
609 | return NULL; |
610 | } | |
611 | ||
612 | /* check message header */ | |
bf3dd6b1 | 613 | if (strstr(buf.raw, "@/") == NULL) { |
ff49bc32 | 614 | log_debug("unrecognized message header"); |
309f631d | 615 | errno = EAGAIN; |
912541b0 KS |
616 | return NULL; |
617 | } | |
618 | } | |
619 | ||
2df959ec | 620 | udev_device = udev_device_new_from_nulstr(udev_monitor->udev, &buf.raw[bufpos], buflen - bufpos); |
e6ac88dd | 621 | if (!udev_device) { |
25f027c5 | 622 | log_debug_errno(errno, "could not create device: %m"); |
912541b0 | 623 | return NULL; |
e6ac88dd | 624 | } |
2df959ec TG |
625 | |
626 | if (is_initialized) | |
627 | udev_device_set_is_initialized(udev_device); | |
912541b0 KS |
628 | |
629 | /* skip device, if it does not pass the current filter */ | |
630 | if (!passes_filter(udev_monitor, udev_device)) { | |
631 | struct pollfd pfd[1]; | |
632 | int rc; | |
633 | ||
634 | udev_device_unref(udev_device); | |
635 | ||
636 | /* if something is queued, get next device */ | |
637 | pfd[0].fd = udev_monitor->sock; | |
638 | pfd[0].events = POLLIN; | |
639 | rc = poll(pfd, 1, 0); | |
640 | if (rc > 0) | |
641 | goto retry; | |
309f631d LP |
642 | |
643 | errno = EAGAIN; | |
912541b0 KS |
644 | return NULL; |
645 | } | |
646 | ||
647 | return udev_device; | |
ba6929f6 | 648 | } |
9925ab04 | 649 | |
3782454c YW |
650 | int udev_monitor_receive_sd_device(struct udev_monitor *udev_monitor, sd_device **ret) { |
651 | _cleanup_(udev_device_unrefp) struct udev_device *udev_device = NULL; | |
652 | ||
653 | assert(ret); | |
654 | ||
655 | udev_device = udev_monitor_receive_device(udev_monitor); | |
656 | if (!udev_device) | |
657 | return -errno; | |
658 | ||
659 | *ret = sd_device_ref(udev_device->device); | |
660 | return 0; | |
661 | } | |
662 | ||
1e03b754 | 663 | int udev_monitor_send_device(struct udev_monitor *udev_monitor, |
912541b0 | 664 | struct udev_monitor *destination, struct udev_device *udev_device) |
9925ab04 | 665 | { |
81b9fe54 ZJS |
666 | const char *buf, *val; |
667 | ssize_t blen, count; | |
668 | struct udev_monitor_netlink_header nlh = { | |
669 | .prefix = "libudev", | |
8e38570e | 670 | .magic = htobe32(UDEV_MONITOR_MAGIC), |
81b9fe54 ZJS |
671 | .header_size = sizeof nlh, |
672 | }; | |
673 | struct iovec iov[2] = { | |
674 | { .iov_base = &nlh, .iov_len = sizeof nlh }, | |
675 | }; | |
676 | struct msghdr smsg = { | |
677 | .msg_iov = iov, | |
678 | .msg_iovlen = 2, | |
679 | }; | |
2d13da88 KS |
680 | struct udev_list_entry *list_entry; |
681 | uint64_t tag_bloom_bits; | |
682 | ||
912541b0 | 683 | blen = udev_device_get_properties_monitor_buf(udev_device, &buf); |
e6ac88dd TG |
684 | if (blen < 32) { |
685 | log_debug("device buffer is too small to contain a valid device"); | |
912541b0 | 686 | return -EINVAL; |
e6ac88dd | 687 | } |
912541b0 | 688 | |
81b9fe54 | 689 | /* fill in versioned header */ |
2d13da88 | 690 | val = udev_device_get_subsystem(udev_device); |
8e38570e | 691 | nlh.filter_subsystem_hash = htobe32(util_string_hash32(val)); |
81b9fe54 | 692 | |
2d13da88 KS |
693 | val = udev_device_get_devtype(udev_device); |
694 | if (val != NULL) | |
8e38570e | 695 | nlh.filter_devtype_hash = htobe32(util_string_hash32(val)); |
2d13da88 KS |
696 | |
697 | /* add tag bloom filter */ | |
698 | tag_bloom_bits = 0; | |
699 | udev_list_entry_foreach(list_entry, udev_device_get_tags_list_entry(udev_device)) | |
700 | tag_bloom_bits |= util_string_bloom64(udev_list_entry_get_name(list_entry)); | |
701 | if (tag_bloom_bits > 0) { | |
8e38570e LP |
702 | nlh.filter_tag_bloom_hi = htobe32(tag_bloom_bits >> 32); |
703 | nlh.filter_tag_bloom_lo = htobe32(tag_bloom_bits & 0xffffffff); | |
912541b0 KS |
704 | } |
705 | ||
2d13da88 KS |
706 | /* add properties list */ |
707 | nlh.properties_off = iov[0].iov_len; | |
708 | nlh.properties_len = blen; | |
709 | iov[1].iov_base = (char *)buf; | |
710 | iov[1].iov_len = blen; | |
912541b0 | 711 | |
2d13da88 KS |
712 | /* |
713 | * Use custom address for target, or the default one. | |
714 | * | |
715 | * If we send to a multicast group, we will get | |
716 | * ECONNREFUSED, which is expected. | |
717 | */ | |
a4445e88 | 718 | if (destination) |
2d13da88 KS |
719 | smsg.msg_name = &destination->snl; |
720 | else | |
721 | smsg.msg_name = &udev_monitor->snl_destination; | |
722 | smsg.msg_namelen = sizeof(struct sockaddr_nl); | |
723 | count = sendmsg(udev_monitor->sock, &smsg, 0); | |
a4445e88 TG |
724 | if (count < 0) { |
725 | if (!destination && errno == ECONNREFUSED) { | |
7800bf71 | 726 | log_debug("passed device to netlink monitor %p", udev_monitor); |
a4445e88 TG |
727 | return 0; |
728 | } else | |
729 | return -errno; | |
730 | } | |
731 | ||
965288c5 | 732 | log_debug("passed %zi byte device to netlink monitor %p", count, udev_monitor); |
2d13da88 | 733 | return count; |
9925ab04 | 734 | } |
e14bdd88 | 735 | |
ce1d6d7f KS |
736 | /** |
737 | * udev_monitor_filter_add_match_subsystem_devtype: | |
738 | * @udev_monitor: the monitor | |
739 | * @subsystem: the subsystem value to match the incoming devices against | |
214a6c79 | 740 | * @devtype: the devtype value to match the incoming devices against |
ce1d6d7f | 741 | * |
50579295 | 742 | * This filter is efficiently executed inside the kernel, and libudev subscribers |
28460195 KS |
743 | * will usually not be woken up for devices which do not match. |
744 | * | |
ce1d6d7f KS |
745 | * The filter must be installed before the monitor is switched to listening mode. |
746 | * | |
747 | * Returns: 0 on success, otherwise a negative error value. | |
748 | */ | |
54cf0b7f | 749 | _public_ int udev_monitor_filter_add_match_subsystem_devtype(struct udev_monitor *udev_monitor, const char *subsystem, const char *devtype) |
e14bdd88 | 750 | { |
912541b0 KS |
751 | if (udev_monitor == NULL) |
752 | return -EINVAL; | |
753 | if (subsystem == NULL) | |
754 | return -EINVAL; | |
755 | if (udev_list_entry_add(&udev_monitor->filter_subsystem_list, subsystem, devtype) == NULL) | |
756 | return -ENOMEM; | |
757 | return 0; | |
e14bdd88 | 758 | } |
08a7a795 | 759 | |
28460195 KS |
760 | /** |
761 | * udev_monitor_filter_add_match_tag: | |
762 | * @udev_monitor: the monitor | |
763 | * @tag: the name of a tag | |
764 | * | |
50579295 | 765 | * This filter is efficiently executed inside the kernel, and libudev subscribers |
28460195 KS |
766 | * will usually not be woken up for devices which do not match. |
767 | * | |
768 | * The filter must be installed before the monitor is switched to listening mode. | |
769 | * | |
770 | * Returns: 0 on success, otherwise a negative error value. | |
771 | */ | |
54cf0b7f | 772 | _public_ int udev_monitor_filter_add_match_tag(struct udev_monitor *udev_monitor, const char *tag) |
28460195 | 773 | { |
912541b0 KS |
774 | if (udev_monitor == NULL) |
775 | return -EINVAL; | |
776 | if (tag == NULL) | |
777 | return -EINVAL; | |
778 | if (udev_list_entry_add(&udev_monitor->filter_tag_list, tag, NULL) == NULL) | |
779 | return -ENOMEM; | |
780 | return 0; | |
28460195 KS |
781 | } |
782 | ||
ce1d6d7f KS |
783 | /** |
784 | * udev_monitor_filter_remove: | |
785 | * @udev_monitor: monitor | |
786 | * | |
787 | * Remove all filters from monitor. | |
788 | * | |
789 | * Returns: 0 on success, otherwise a negative error value. | |
790 | */ | |
54cf0b7f | 791 | _public_ int udev_monitor_filter_remove(struct udev_monitor *udev_monitor) |
08a7a795 | 792 | { |
309f631d | 793 | static const struct sock_fprog filter = { 0, NULL }; |
08a7a795 | 794 | |
912541b0 | 795 | udev_list_cleanup(&udev_monitor->filter_subsystem_list); |
309f631d LP |
796 | if (setsockopt(udev_monitor->sock, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof(filter)) < 0) |
797 | return -errno; | |
798 | ||
799 | return 0; | |
08a7a795 | 800 | } |