]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd/sd-bus/bus-internal.h
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
seccomp: remove '@credentials' syscall set (#6958)
[thirdparty/systemd.git] / src / libsystemd / sd-bus / bus-internal.h
1 #pragma once
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2013 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <pthread.h>
23 #include <sys/socket.h>
24
25 #include "sd-bus.h"
26
27 #include "bus-error.h"
28 #include "bus-kernel.h"
29 #include "bus-match.h"
30 #include "def.h"
31 #include "hashmap.h"
32 #include "list.h"
33 #include "prioq.h"
34 #include "refcnt.h"
35 #include "socket-util.h"
36 #include "util.h"
37
38 struct reply_callback {
39 sd_bus_message_handler_t callback;
40 usec_t timeout;
41 uint64_t cookie;
42 unsigned prioq_idx;
43 };
44
45 struct filter_callback {
46 sd_bus_message_handler_t callback;
47
48 unsigned last_iteration;
49
50 LIST_FIELDS(struct filter_callback, callbacks);
51 };
52
53 struct match_callback {
54 sd_bus_message_handler_t callback;
55
56 uint64_t cookie;
57 unsigned last_iteration;
58
59 char *match_string;
60
61 struct bus_match_node *match_node;
62 };
63
64 struct node {
65 char *path;
66 struct node *parent;
67 LIST_HEAD(struct node, child);
68 LIST_FIELDS(struct node, siblings);
69
70 LIST_HEAD(struct node_callback, callbacks);
71 LIST_HEAD(struct node_vtable, vtables);
72 LIST_HEAD(struct node_enumerator, enumerators);
73 LIST_HEAD(struct node_object_manager, object_managers);
74 };
75
76 struct node_callback {
77 struct node *node;
78
79 bool is_fallback;
80 sd_bus_message_handler_t callback;
81
82 unsigned last_iteration;
83
84 LIST_FIELDS(struct node_callback, callbacks);
85 };
86
87 struct node_enumerator {
88 struct node *node;
89
90 sd_bus_node_enumerator_t callback;
91
92 unsigned last_iteration;
93
94 LIST_FIELDS(struct node_enumerator, enumerators);
95 };
96
97 struct node_object_manager {
98 struct node *node;
99
100 LIST_FIELDS(struct node_object_manager, object_managers);
101 };
102
103 struct node_vtable {
104 struct node *node;
105
106 char *interface;
107 bool is_fallback;
108 const sd_bus_vtable *vtable;
109 sd_bus_object_find_t find;
110
111 unsigned last_iteration;
112
113 LIST_FIELDS(struct node_vtable, vtables);
114 };
115
116 struct vtable_member {
117 const char *path;
118 const char *interface;
119 const char *member;
120 struct node_vtable *parent;
121 unsigned last_iteration;
122 const sd_bus_vtable *vtable;
123 };
124
125 typedef enum BusSlotType {
126 BUS_REPLY_CALLBACK,
127 BUS_FILTER_CALLBACK,
128 BUS_MATCH_CALLBACK,
129 BUS_NODE_CALLBACK,
130 BUS_NODE_ENUMERATOR,
131 BUS_NODE_VTABLE,
132 BUS_NODE_OBJECT_MANAGER,
133 _BUS_SLOT_INVALID = -1,
134 } BusSlotType;
135
136 struct sd_bus_slot {
137 unsigned n_ref;
138 sd_bus *bus;
139 void *userdata;
140 BusSlotType type:5;
141 bool floating:1;
142 bool match_added:1;
143 char *description;
144
145 LIST_FIELDS(sd_bus_slot, slots);
146
147 union {
148 struct reply_callback reply_callback;
149 struct filter_callback filter_callback;
150 struct match_callback match_callback;
151 struct node_callback node_callback;
152 struct node_enumerator node_enumerator;
153 struct node_object_manager node_object_manager;
154 struct node_vtable node_vtable;
155 };
156 };
157
158 enum bus_state {
159 BUS_UNSET,
160 BUS_OPENING,
161 BUS_AUTHENTICATING,
162 BUS_HELLO,
163 BUS_RUNNING,
164 BUS_CLOSING,
165 BUS_CLOSED
166 };
167
168 static inline bool BUS_IS_OPEN(enum bus_state state) {
169 return state > BUS_UNSET && state < BUS_CLOSING;
170 }
171
172 enum bus_auth {
173 _BUS_AUTH_INVALID,
174 BUS_AUTH_EXTERNAL,
175 BUS_AUTH_ANONYMOUS
176 };
177
178 struct sd_bus {
179 /* We use atomic ref counting here since sd_bus_message
180 objects retain references to their originating sd_bus but
181 we want to allow them to be processed in a different
182 thread. We won't provide full thread safety, but only the
183 bare minimum that makes it possible to use sd_bus and
184 sd_bus_message objects independently and on different
185 threads as long as each object is used only once at the
186 same time. */
187 RefCount n_ref;
188
189 enum bus_state state;
190 int input_fd, output_fd;
191 int message_version;
192 int message_endian;
193
194 bool can_fds:1;
195 bool bus_client:1;
196 bool ucred_valid:1;
197 bool is_server:1;
198 bool anonymous_auth:1;
199 bool prefer_readv:1;
200 bool prefer_writev:1;
201 bool match_callbacks_modified:1;
202 bool filter_callbacks_modified:1;
203 bool nodes_modified:1;
204 bool trusted:1;
205 bool manual_peer_interface:1;
206 bool is_system:1;
207 bool is_user:1;
208 bool allow_interactive_authorization:1;
209 bool exit_on_disconnect:1;
210 bool exited:1;
211 bool exit_triggered:1;
212 bool is_local:1;
213
214 int use_memfd;
215
216 void *rbuffer;
217 size_t rbuffer_size;
218
219 sd_bus_message **rqueue;
220 unsigned rqueue_size;
221 size_t rqueue_allocated;
222
223 sd_bus_message **wqueue;
224 unsigned wqueue_size;
225 size_t windex;
226 size_t wqueue_allocated;
227
228 uint64_t cookie;
229
230 char *unique_name;
231 uint64_t unique_id;
232
233 struct bus_match_node match_callbacks;
234 Prioq *reply_callbacks_prioq;
235 OrderedHashmap *reply_callbacks;
236 LIST_HEAD(struct filter_callback, filter_callbacks);
237
238 Hashmap *nodes;
239 Hashmap *vtable_methods;
240 Hashmap *vtable_properties;
241
242 union sockaddr_union sockaddr;
243 socklen_t sockaddr_size;
244
245 char *machine;
246 pid_t nspid;
247
248 sd_id128_t server_id;
249
250 char *address;
251 unsigned address_index;
252
253 int last_connect_error;
254
255 enum bus_auth auth;
256 size_t auth_rbegin;
257 struct iovec auth_iovec[3];
258 unsigned auth_index;
259 char *auth_buffer;
260 usec_t auth_timeout;
261
262 struct ucred ucred;
263 char *label;
264
265 uint64_t creds_mask;
266
267 int *fds;
268 unsigned n_fds;
269
270 char *exec_path;
271 char **exec_argv;
272
273 unsigned iteration_counter;
274
275 /* We do locking around the memfd cache, since we want to
276 * allow people to process a sd_bus_message in a different
277 * thread then it was generated on and free it there. Since
278 * adding something to the memfd cache might happen when a
279 * message is released, we hence need to protect this bit with
280 * a mutex. */
281 pthread_mutex_t memfd_cache_mutex;
282 struct memfd_cache memfd_cache[MEMFD_CACHE_MAX];
283 unsigned n_memfd_cache;
284
285 pid_t original_pid;
286
287 uint64_t hello_flags;
288 uint64_t attach_flags;
289
290 uint64_t match_cookie;
291
292 sd_event_source *input_io_event_source;
293 sd_event_source *output_io_event_source;
294 sd_event_source *time_event_source;
295 sd_event_source *quit_event_source;
296 sd_event *event;
297 int event_priority;
298
299 sd_bus_message *current_message;
300 sd_bus_slot *current_slot;
301 sd_bus_message_handler_t current_handler;
302 void *current_userdata;
303
304 sd_bus **default_bus_ptr;
305 pid_t tid;
306
307 char *cgroup_root;
308
309 char *description;
310
311 size_t bloom_size;
312 unsigned bloom_n_hash;
313
314 sd_bus_track *track_queue;
315
316 LIST_HEAD(sd_bus_slot, slots);
317 LIST_HEAD(sd_bus_track, tracks);
318 };
319
320 /* For method calls we time-out at 25s, like in the D-Bus reference implementation */
321 #define BUS_DEFAULT_TIMEOUT ((usec_t) (25 * USEC_PER_SEC))
322
323 /* For the authentication phase we grant 90s, to provide extra room during boot, when RNGs and such are not filled up
324 * with enough entropy yet and might delay the boot */
325 #define BUS_AUTH_TIMEOUT ((usec_t) DEFAULT_TIMEOUT_USEC)
326
327 #define BUS_WQUEUE_MAX (192*1024)
328 #define BUS_RQUEUE_MAX (192*1024)
329
330 #define BUS_MESSAGE_SIZE_MAX (64*1024*1024)
331 #define BUS_AUTH_SIZE_MAX (64*1024)
332
333 #define BUS_CONTAINER_DEPTH 128
334
335 /* Defined by the specification as maximum size of an array in
336 * bytes */
337 #define BUS_ARRAY_MAX_SIZE 67108864
338
339 #define BUS_FDS_MAX 1024
340
341 #define BUS_EXEC_ARGV_MAX 256
342
343 bool interface_name_is_valid(const char *p) _pure_;
344 bool service_name_is_valid(const char *p) _pure_;
345 char* service_name_startswith(const char *a, const char *b);
346 bool member_name_is_valid(const char *p) _pure_;
347 bool object_path_is_valid(const char *p) _pure_;
348 char *object_path_startswith(const char *a, const char *b) _pure_;
349
350 bool namespace_complex_pattern(const char *pattern, const char *value) _pure_;
351 bool path_complex_pattern(const char *pattern, const char *value) _pure_;
352
353 bool namespace_simple_pattern(const char *pattern, const char *value) _pure_;
354 bool path_simple_pattern(const char *pattern, const char *value) _pure_;
355
356 int bus_message_type_from_string(const char *s, uint8_t *u) _pure_;
357 const char *bus_message_type_to_string(uint8_t u) _pure_;
358
359 #define error_name_is_valid interface_name_is_valid
360
361 int bus_ensure_running(sd_bus *bus);
362 int bus_start_running(sd_bus *bus);
363 int bus_next_address(sd_bus *bus);
364
365 int bus_seal_synthetic_message(sd_bus *b, sd_bus_message *m);
366
367 int bus_rqueue_make_room(sd_bus *bus);
368
369 bool bus_pid_changed(sd_bus *bus);
370
371 char *bus_address_escape(const char *v);
372
373 #define OBJECT_PATH_FOREACH_PREFIX(prefix, path) \
374 for (char *_slash = ({ strcpy((prefix), (path)); streq((prefix), "/") ? NULL : strrchr((prefix), '/'); }) ; \
375 _slash && !(_slash[(_slash) == (prefix)] = 0); \
376 _slash = streq((prefix), "/") ? NULL : strrchr((prefix), '/'))
377
378 /* If we are invoking callbacks of a bus object, ensure unreffing the
379 * bus from the callback doesn't destroy the object we are working
380 * on */
381 #define BUS_DONT_DESTROY(bus) \
382 _cleanup_(sd_bus_unrefp) _unused_ sd_bus *_dont_destroy_##bus = sd_bus_ref(bus)
383
384 int bus_set_address_system(sd_bus *bus);
385 int bus_set_address_user(sd_bus *bus);
386 int bus_set_address_system_remote(sd_bus *b, const char *host);
387 int bus_set_address_system_machine(sd_bus *b, const char *machine);
388
389 int bus_remove_match_by_string(sd_bus *bus, const char *match, sd_bus_message_handler_t callback, void *userdata);
390
391 int bus_get_root_path(sd_bus *bus);
392
393 int bus_maybe_reply_error(sd_bus_message *m, int r, sd_bus_error *error);
394
395 #define bus_assert_return(expr, r, error) \
396 do { \
397 if (!assert_log(expr, #expr)) \
398 return sd_bus_error_set_errno(error, r); \
399 } while (false)
400
401 /**
402 * enum kdbus_attach_flags - flags for metadata attachments
403 * @KDBUS_ATTACH_TIMESTAMP: Timestamp
404 * @KDBUS_ATTACH_CREDS: Credentials
405 * @KDBUS_ATTACH_PIDS: PIDs
406 * @KDBUS_ATTACH_AUXGROUPS: Auxiliary groups
407 * @KDBUS_ATTACH_NAMES: Well-known names
408 * @KDBUS_ATTACH_TID_COMM: The "comm" process identifier of the TID
409 * @KDBUS_ATTACH_PID_COMM: The "comm" process identifier of the PID
410 * @KDBUS_ATTACH_EXE: The path of the executable
411 * @KDBUS_ATTACH_CMDLINE: The process command line
412 * @KDBUS_ATTACH_CGROUP: The croup membership
413 * @KDBUS_ATTACH_CAPS: The process capabilities
414 * @KDBUS_ATTACH_SECLABEL: The security label
415 * @KDBUS_ATTACH_AUDIT: The audit IDs
416 * @KDBUS_ATTACH_CONN_DESCRIPTION: The human-readable connection name
417 * @_KDBUS_ATTACH_ALL: All of the above
418 * @_KDBUS_ATTACH_ANY: Wildcard match to enable any kind of
419 * metatdata.
420 */
421 enum kdbus_attach_flags {
422 KDBUS_ATTACH_TIMESTAMP = 1ULL << 0,
423 KDBUS_ATTACH_CREDS = 1ULL << 1,
424 KDBUS_ATTACH_PIDS = 1ULL << 2,
425 KDBUS_ATTACH_AUXGROUPS = 1ULL << 3,
426 KDBUS_ATTACH_NAMES = 1ULL << 4,
427 KDBUS_ATTACH_TID_COMM = 1ULL << 5,
428 KDBUS_ATTACH_PID_COMM = 1ULL << 6,
429 KDBUS_ATTACH_EXE = 1ULL << 7,
430 KDBUS_ATTACH_CMDLINE = 1ULL << 8,
431 KDBUS_ATTACH_CGROUP = 1ULL << 9,
432 KDBUS_ATTACH_CAPS = 1ULL << 10,
433 KDBUS_ATTACH_SECLABEL = 1ULL << 11,
434 KDBUS_ATTACH_AUDIT = 1ULL << 12,
435 KDBUS_ATTACH_CONN_DESCRIPTION = 1ULL << 13,
436 _KDBUS_ATTACH_ALL = (1ULL << 14) - 1,
437 _KDBUS_ATTACH_ANY = ~0ULL
438 };
439
440 /**
441 * enum kdbus_hello_flags - flags for struct kdbus_cmd_hello
442 * @KDBUS_HELLO_ACCEPT_FD: The connection allows the reception of
443 * any passed file descriptors
444 * @KDBUS_HELLO_ACTIVATOR: Special-purpose connection which registers
445 * a well-know name for a process to be started
446 * when traffic arrives
447 * @KDBUS_HELLO_POLICY_HOLDER: Special-purpose connection which registers
448 * policy entries for a name. The provided name
449 * is not activated and not registered with the
450 * name database, it only allows unprivileged
451 * connections to acquire a name, talk or discover
452 * a service
453 * @KDBUS_HELLO_MONITOR: Special-purpose connection to monitor
454 * bus traffic
455 */
456 enum kdbus_hello_flags {
457 KDBUS_HELLO_ACCEPT_FD = 1ULL << 0,
458 KDBUS_HELLO_ACTIVATOR = 1ULL << 1,
459 KDBUS_HELLO_POLICY_HOLDER = 1ULL << 2,
460 KDBUS_HELLO_MONITOR = 1ULL << 3,
461 };
Unnamed repository; edit this file 'description' to name the repository.