]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd/sd-bus/bus-socket.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2013 Lennart Poettering
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
27 #include "sd-daemon.h"
29 #include "alloc-util.h"
30 #include "bus-internal.h"
31 #include "bus-message.h"
32 #include "bus-socket.h"
34 #include "format-util.h"
36 #include "hexdecoct.h"
40 #include "path-util.h"
41 #include "selinux-util.h"
42 #include "signal-util.h"
43 #include "stdio-util.h"
44 #include "string-util.h"
45 #include "user-util.h"
49 #define SNDBUF_SIZE (8*1024*1024)
51 static void iovec_advance(struct iovec iov
[], unsigned *idx
, size_t size
) {
54 struct iovec
*i
= iov
+ *idx
;
56 if (i
->iov_len
> size
) {
57 i
->iov_base
= (uint8_t*) i
->iov_base
+ size
;
71 static int append_iovec(sd_bus_message
*m
, const void *p
, size_t sz
) {
76 m
->iovec
[m
->n_iovec
].iov_base
= (void*) p
;
77 m
->iovec
[m
->n_iovec
].iov_len
= sz
;
83 static int bus_message_setup_iovec(sd_bus_message
*m
) {
84 struct bus_body_part
*part
;
96 n
= 1 + m
->n_body_parts
;
97 if (n
< ELEMENTSOF(m
->iovec_fixed
))
98 m
->iovec
= m
->iovec_fixed
;
100 m
->iovec
= new(struct iovec
, n
);
107 r
= append_iovec(m
, m
->header
, BUS_MESSAGE_BODY_BEGIN(m
));
111 MESSAGE_FOREACH_PART(part
, i
, m
) {
112 r
= bus_body_part_map(part
);
116 r
= append_iovec(m
, part
->data
, part
->size
);
121 assert(n
== m
->n_iovec
);
130 bool bus_socket_auth_needs_write(sd_bus
*b
) {
134 if (b
->auth_index
>= ELEMENTSOF(b
->auth_iovec
))
137 for (i
= b
->auth_index
; i
< ELEMENTSOF(b
->auth_iovec
); i
++) {
138 struct iovec
*j
= b
->auth_iovec
+ i
;
147 static int bus_socket_write_auth(sd_bus
*b
) {
151 assert(b
->state
== BUS_AUTHENTICATING
);
153 if (!bus_socket_auth_needs_write(b
))
156 if (b
->prefer_writev
)
157 k
= writev(b
->output_fd
, b
->auth_iovec
+ b
->auth_index
, ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
);
162 mh
.msg_iov
= b
->auth_iovec
+ b
->auth_index
;
163 mh
.msg_iovlen
= ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
;
165 k
= sendmsg(b
->output_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
);
166 if (k
< 0 && errno
== ENOTSOCK
) {
167 b
->prefer_writev
= true;
168 k
= writev(b
->output_fd
, b
->auth_iovec
+ b
->auth_index
, ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
);
173 return errno
== EAGAIN
? 0 : -errno
;
175 iovec_advance(b
->auth_iovec
, &b
->auth_index
, (size_t) k
);
179 static int bus_socket_auth_verify_client(sd_bus
*b
) {
187 /* We expect two response lines: "OK" and possibly
190 e
= memmem_safe(b
->rbuffer
, b
->rbuffer_size
, "\r\n", 2);
195 f
= memmem(e
+ 2, b
->rbuffer_size
- (e
- (char*) b
->rbuffer
) - 2, "\r\n", 2);
205 /* Nice! We got all the lines we need. First check the OK
208 if (e
- (char*) b
->rbuffer
!= 3 + 32)
211 if (memcmp(b
->rbuffer
, "OK ", 3))
214 b
->auth
= b
->anonymous_auth
? BUS_AUTH_ANONYMOUS
: BUS_AUTH_EXTERNAL
;
216 for (i
= 0; i
< 32; i
+= 2) {
219 x
= unhexchar(((char*) b
->rbuffer
)[3 + i
]);
220 y
= unhexchar(((char*) b
->rbuffer
)[3 + i
+ 1]);
225 peer
.bytes
[i
/2] = ((uint8_t) x
<< 4 | (uint8_t) y
);
228 if (!sd_id128_is_null(b
->server_id
) &&
229 !sd_id128_equal(b
->server_id
, peer
))
234 /* And possibly check the second line, too */
238 (f
- e
== STRLEN("\r\nAGREE_UNIX_FD")) &&
239 memcmp(e
+ 2, "AGREE_UNIX_FD",
240 STRLEN("AGREE_UNIX_FD")) == 0;
242 b
->rbuffer_size
-= (start
- (char*) b
->rbuffer
);
243 memmove(b
->rbuffer
, start
, b
->rbuffer_size
);
245 r
= bus_start_running(b
);
252 static bool line_equals(const char *s
, size_t m
, const char *line
) {
259 return memcmp(s
, line
, l
) == 0;
262 static bool line_begins(const char *s
, size_t m
, const char *word
) {
269 if (memcmp(s
, word
, l
) != 0)
272 return m
== l
|| (m
> l
&& s
[l
] == ' ');
275 static int verify_anonymous_token(sd_bus
*b
, const char *p
, size_t l
) {
276 _cleanup_free_
char *token
= NULL
;
280 if (!b
->anonymous_auth
)
292 r
= unhexmem(p
, l
, (void **) &token
, &len
);
296 if (memchr(token
, 0, len
))
299 return !!utf8_is_valid(token
);
302 static int verify_external_token(sd_bus
*b
, const char *p
, size_t l
) {
303 _cleanup_free_
char *token
= NULL
;
308 /* We don't do any real authentication here. Instead, we if
309 * the owner of this bus wanted authentication he should have
310 * checked SO_PEERCRED before even creating the bus object. */
312 if (!b
->anonymous_auth
&& !b
->ucred_valid
)
324 r
= unhexmem(p
, l
, (void**) &token
, &len
);
328 if (memchr(token
, 0, len
))
331 r
= parse_uid(token
, &u
);
335 /* We ignore the passed value if anonymous authentication is
337 if (!b
->anonymous_auth
&& u
!= b
->ucred
.uid
)
343 static int bus_socket_auth_write(sd_bus
*b
, const char *t
) {
350 /* We only make use of the first iovec */
351 assert(IN_SET(b
->auth_index
, 0, 1));
354 p
= malloc(b
->auth_iovec
[0].iov_len
+ l
);
358 memcpy_safe(p
, b
->auth_iovec
[0].iov_base
, b
->auth_iovec
[0].iov_len
);
359 memcpy(p
+ b
->auth_iovec
[0].iov_len
, t
, l
);
361 b
->auth_iovec
[0].iov_base
= p
;
362 b
->auth_iovec
[0].iov_len
+= l
;
364 free(b
->auth_buffer
);
370 static int bus_socket_auth_write_ok(sd_bus
*b
) {
371 char t
[3 + 32 + 2 + 1];
375 xsprintf(t
, "OK " SD_ID128_FORMAT_STR
"\r\n", SD_ID128_FORMAT_VAL(b
->server_id
));
377 return bus_socket_auth_write(b
, t
);
380 static int bus_socket_auth_verify_server(sd_bus
*b
) {
384 bool processed
= false;
389 if (b
->rbuffer_size
< 1)
392 /* First char must be a NUL byte */
393 if (*(char*) b
->rbuffer
!= 0)
396 if (b
->rbuffer_size
< 3)
399 /* Begin with the first line */
400 if (b
->auth_rbegin
<= 0)
404 /* Check if line is complete */
405 line
= (char*) b
->rbuffer
+ b
->auth_rbegin
;
406 e
= memmem(line
, b
->rbuffer_size
- b
->auth_rbegin
, "\r\n", 2);
412 if (line_begins(line
, l
, "AUTH ANONYMOUS")) {
414 r
= verify_anonymous_token(b
, line
+ 14, l
- 14);
418 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
420 b
->auth
= BUS_AUTH_ANONYMOUS
;
421 r
= bus_socket_auth_write_ok(b
);
424 } else if (line_begins(line
, l
, "AUTH EXTERNAL")) {
426 r
= verify_external_token(b
, line
+ 13, l
- 13);
430 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
432 b
->auth
= BUS_AUTH_EXTERNAL
;
433 r
= bus_socket_auth_write_ok(b
);
436 } else if (line_begins(line
, l
, "AUTH"))
437 r
= bus_socket_auth_write(b
, "REJECTED EXTERNAL ANONYMOUS\r\n");
438 else if (line_equals(line
, l
, "CANCEL") ||
439 line_begins(line
, l
, "ERROR")) {
441 b
->auth
= _BUS_AUTH_INVALID
;
442 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
444 } else if (line_equals(line
, l
, "BEGIN")) {
446 if (b
->auth
== _BUS_AUTH_INVALID
)
447 r
= bus_socket_auth_write(b
, "ERROR\r\n");
449 /* We can't leave from the auth phase
450 * before we haven't written
451 * everything queued, so let's check
454 if (bus_socket_auth_needs_write(b
))
457 b
->rbuffer_size
-= (e
+ 2 - (char*) b
->rbuffer
);
458 memmove(b
->rbuffer
, e
+ 2, b
->rbuffer_size
);
459 return bus_start_running(b
);
462 } else if (line_begins(line
, l
, "DATA")) {
464 if (b
->auth
== _BUS_AUTH_INVALID
)
465 r
= bus_socket_auth_write(b
, "ERROR\r\n");
467 if (b
->auth
== BUS_AUTH_ANONYMOUS
)
468 r
= verify_anonymous_token(b
, line
+ 4, l
- 4);
470 r
= verify_external_token(b
, line
+ 4, l
- 4);
475 b
->auth
= _BUS_AUTH_INVALID
;
476 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
478 r
= bus_socket_auth_write_ok(b
);
480 } else if (line_equals(line
, l
, "NEGOTIATE_UNIX_FD")) {
481 if (b
->auth
== _BUS_AUTH_INVALID
|| !b
->accept_fd
)
482 r
= bus_socket_auth_write(b
, "ERROR\r\n");
485 r
= bus_socket_auth_write(b
, "AGREE_UNIX_FD\r\n");
488 r
= bus_socket_auth_write(b
, "ERROR\r\n");
493 b
->auth_rbegin
= e
+ 2 - (char*) b
->rbuffer
;
499 static int bus_socket_auth_verify(sd_bus
*b
) {
503 return bus_socket_auth_verify_server(b
);
505 return bus_socket_auth_verify_client(b
);
508 static int bus_socket_read_auth(sd_bus
*b
) {
510 struct iovec iov
= {};
516 struct cmsghdr cmsghdr
;
517 uint8_t buf
[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX
)];
519 bool handle_cmsg
= false;
522 assert(b
->state
== BUS_AUTHENTICATING
);
524 r
= bus_socket_auth_verify(b
);
528 n
= MAX(256u, b
->rbuffer_size
* 2);
530 if (n
> BUS_AUTH_SIZE_MAX
)
531 n
= BUS_AUTH_SIZE_MAX
;
533 if (b
->rbuffer_size
>= n
)
536 p
= realloc(b
->rbuffer
, n
);
542 iov
.iov_base
= (uint8_t*) b
->rbuffer
+ b
->rbuffer_size
;
543 iov
.iov_len
= n
- b
->rbuffer_size
;
546 k
= readv(b
->input_fd
, &iov
, 1);
551 mh
.msg_control
= &control
;
552 mh
.msg_controllen
= sizeof(control
);
554 k
= recvmsg(b
->input_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
|MSG_CMSG_CLOEXEC
);
555 if (k
< 0 && errno
== ENOTSOCK
) {
556 b
->prefer_readv
= true;
557 k
= readv(b
->input_fd
, &iov
, 1);
562 return errno
== EAGAIN
? 0 : -errno
;
566 b
->rbuffer_size
+= k
;
569 struct cmsghdr
*cmsg
;
571 CMSG_FOREACH(cmsg
, &mh
)
572 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
573 cmsg
->cmsg_type
== SCM_RIGHTS
) {
576 /* Whut? We received fds during the auth
577 * protocol? Somebody is playing games with
578 * us. Close them all, and fail */
579 j
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
580 close_many((int*) CMSG_DATA(cmsg
), j
);
583 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
584 cmsg
->cmsg_level
, cmsg
->cmsg_type
);
587 r
= bus_socket_auth_verify(b
);
594 void bus_socket_setup(sd_bus
*b
) {
597 /* Increase the buffers to 8 MB */
598 (void) fd_inc_rcvbuf(b
->input_fd
, SNDBUF_SIZE
);
599 (void) fd_inc_sndbuf(b
->output_fd
, SNDBUF_SIZE
);
601 b
->message_version
= 1;
602 b
->message_endian
= 0;
605 static void bus_get_peercred(sd_bus
*b
) {
609 assert(!b
->ucred_valid
);
611 assert(b
->n_groups
== (size_t) -1);
613 /* Get the peer for socketpair() sockets */
614 b
->ucred_valid
= getpeercred(b
->input_fd
, &b
->ucred
) >= 0;
616 /* Get the SELinux context of the peer */
617 r
= getpeersec(b
->input_fd
, &b
->label
);
618 if (r
< 0 && !IN_SET(r
, -EOPNOTSUPP
, -ENOPROTOOPT
))
619 log_debug_errno(r
, "Failed to determine peer security context: %m");
621 /* Get the list of auxiliary groups of the peer */
622 r
= getpeergroups(b
->input_fd
, &b
->groups
);
624 if (!IN_SET(r
, -EOPNOTSUPP
, -ENOPROTOOPT
))
625 log_debug_errno(r
, "Failed to determine peer groups list: %m");
627 b
->n_groups
= (size_t) -1;
629 b
->n_groups
= (size_t) r
;
632 static int bus_socket_start_auth_client(sd_bus
*b
) {
634 const char *auth_suffix
, *auth_prefix
;
638 if (b
->anonymous_auth
) {
639 auth_prefix
= "\0AUTH ANONYMOUS ";
641 /* For ANONYMOUS auth we send some arbitrary "trace" string */
643 b
->auth_buffer
= hexmem("anonymous", l
);
645 char text
[DECIMAL_STR_MAX(uid_t
) + 1];
647 auth_prefix
= "\0AUTH EXTERNAL ";
649 xsprintf(text
, UID_FMT
, geteuid());
652 b
->auth_buffer
= hexmem(text
, l
);
659 auth_suffix
= "\r\nNEGOTIATE_UNIX_FD\r\nBEGIN\r\n";
661 auth_suffix
= "\r\nBEGIN\r\n";
663 b
->auth_iovec
[0].iov_base
= (void*) auth_prefix
;
664 b
->auth_iovec
[0].iov_len
= 1 + strlen(auth_prefix
+ 1);
665 b
->auth_iovec
[1].iov_base
= (void*) b
->auth_buffer
;
666 b
->auth_iovec
[1].iov_len
= l
* 2;
667 b
->auth_iovec
[2].iov_base
= (void*) auth_suffix
;
668 b
->auth_iovec
[2].iov_len
= strlen(auth_suffix
);
670 return bus_socket_write_auth(b
);
673 int bus_socket_start_auth(sd_bus
*b
) {
678 bus_set_state(b
, BUS_AUTHENTICATING
);
679 b
->auth_timeout
= now(CLOCK_MONOTONIC
) + BUS_AUTH_TIMEOUT
;
681 if (sd_is_socket(b
->input_fd
, AF_UNIX
, 0, 0) <= 0)
682 b
->accept_fd
= false;
684 if (b
->output_fd
!= b
->input_fd
)
685 if (sd_is_socket(b
->output_fd
, AF_UNIX
, 0, 0) <= 0)
686 b
->accept_fd
= false;
689 return bus_socket_read_auth(b
);
691 return bus_socket_start_auth_client(b
);
694 static int bus_socket_inotify_setup(sd_bus
*b
) {
695 _cleanup_free_
int *new_watches
= NULL
;
696 _cleanup_free_
char *absolute
= NULL
;
697 size_t n_allocated
= 0, n
= 0, done
= 0, i
;
698 unsigned max_follow
= 32;
703 assert(b
->watch_bind
);
704 assert(b
->sockaddr
.sa
.sa_family
== AF_UNIX
);
705 assert(b
->sockaddr
.un
.sun_path
[0] != 0);
707 /* Sets up an inotify fd in case watch_bind is enabled: wait until the configured AF_UNIX file system socket
708 * appears before connecting to it. The implemented is pretty simplistic: we just subscribe to relevant changes
709 * to all prefix components of the path, and every time we get an event for that we try to reconnect again,
710 * without actually caring what precisely the event we got told us. If we still can't connect we re-subscribe
711 * to all relevant changes of anything in the path, so that our watches include any possibly newly created path
714 if (b
->inotify_fd
< 0) {
715 b
->inotify_fd
= inotify_init1(IN_NONBLOCK
|IN_CLOEXEC
);
716 if (b
->inotify_fd
< 0)
720 /* Make sure the path is NUL terminated */
721 p
= strndupa(b
->sockaddr
.un
.sun_path
, sizeof(b
->sockaddr
.un
.sun_path
));
723 /* Make sure the path is absolute */
724 r
= path_make_absolute_cwd(p
, &absolute
);
728 /* Watch all parent directories, and don't mind any prefix that doesn't exist yet. For the innermost directory
729 * that exists we want to know when files are created or moved into it. For all parents of it we just care if
730 * they are removed or renamed. */
732 if (!GREEDY_REALLOC(new_watches
, n_allocated
, n
+ 1)) {
737 /* Start with the top-level directory, which is a bit simpler than the rest, since it can't be a symlink, and
739 wd
= inotify_add_watch(b
->inotify_fd
, "/", IN_CREATE
|IN_MOVED_TO
);
741 r
= log_debug_errno(errno
, "Failed to add inotify watch on /: %m");
744 new_watches
[n
++] = wd
;
747 _cleanup_free_
char *component
= NULL
, *prefix
= NULL
, *destination
= NULL
;
748 size_t n_slashes
, n_component
;
751 n_slashes
= strspn(absolute
+ done
, "/");
752 n_component
= n_slashes
+ strcspn(absolute
+ done
+ n_slashes
, "/");
754 if (n_component
== 0) /* The end */
757 component
= strndup(absolute
+ done
, n_component
);
763 /* A trailing slash? That's a directory, and not a socket then */
764 if (path_equal(component
, "/")) {
769 /* A single dot? Let's eat this up */
770 if (path_equal(component
, "/.")) {
775 prefix
= strndup(absolute
, done
+ n_component
);
781 if (!GREEDY_REALLOC(new_watches
, n_allocated
, n
+ 1)) {
786 wd
= inotify_add_watch(b
->inotify_fd
, prefix
, IN_DELETE_SELF
|IN_MOVE_SELF
|IN_ATTRIB
|IN_CREATE
|IN_MOVED_TO
|IN_DONT_FOLLOW
);
787 log_debug("Added inotify watch for %s on bus %s: %i", prefix
, strna(b
->description
), wd
);
790 if (IN_SET(errno
, ENOENT
, ELOOP
))
791 break; /* This component doesn't exist yet, or the path contains a cyclic symlink right now */
793 r
= log_debug_errno(errno
, "Failed to add inotify watch on %s: %m", isempty(prefix
) ? "/" : prefix
);
796 new_watches
[n
++] = wd
;
798 /* Check if this is possibly a symlink. If so, let's follow it and watch it too. */
799 r
= readlink_malloc(prefix
, &destination
);
800 if (r
== -EINVAL
) { /* not a symlink */
807 if (isempty(destination
)) { /* Empty symlink target? Yuck! */
812 if (max_follow
<= 0) { /* Let's make sure we don't follow symlinks forever */
817 if (path_is_absolute(destination
)) {
818 /* For absolute symlinks we build the new path and start anew */
819 c
= strjoin(destination
, absolute
+ done
+ n_component
);
822 _cleanup_free_
char *t
= NULL
;
824 /* For relative symlinks we replace the last component, and try again */
825 t
= strndup(absolute
, done
);
829 c
= strjoin(t
, "/", destination
, absolute
+ done
+ n_component
);
842 /* And now, let's remove all watches from the previous iteration we don't need anymore */
843 for (i
= 0; i
< b
->n_inotify_watches
; i
++) {
847 for (j
= 0; j
< n
; j
++)
848 if (new_watches
[j
] == b
->inotify_watches
[i
]) {
856 (void) inotify_rm_watch(b
->inotify_fd
, b
->inotify_watches
[i
]);
859 free_and_replace(b
->inotify_watches
, new_watches
);
860 b
->n_inotify_watches
= n
;
865 bus_close_inotify_fd(b
);
869 int bus_socket_connect(sd_bus
*b
) {
870 bool inotify_done
= false;
876 assert(b
->input_fd
< 0);
877 assert(b
->output_fd
< 0);
878 assert(b
->sockaddr
.sa
.sa_family
!= AF_UNSPEC
);
880 b
->input_fd
= socket(b
->sockaddr
.sa
.sa_family
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
884 b
->output_fd
= b
->input_fd
;
887 if (connect(b
->input_fd
, &b
->sockaddr
.sa
, b
->sockaddr_size
) < 0) {
888 if (errno
== EINPROGRESS
) {
890 /* If we have any inotify watches open, close them now, we don't need them anymore, as
891 * we have successfully initiated a connection */
892 bus_close_inotify_fd(b
);
894 /* Note that very likely we are already in BUS_OPENING state here, as we enter it when
895 * we start parsing the address string. The only reason we set the state explicitly
896 * here, is to undo BUS_WATCH_BIND, in case we did the inotify magic. */
897 bus_set_state(b
, BUS_OPENING
);
901 if (IN_SET(errno
, ENOENT
, ECONNREFUSED
) && /* ENOENT → unix socket doesn't exist at all; ECONNREFUSED → unix socket stale */
903 b
->sockaddr
.sa
.sa_family
== AF_UNIX
&&
904 b
->sockaddr
.un
.sun_path
[0] != 0) {
906 /* This connection attempt failed, let's release the socket for now, and start with a
907 * fresh one when reconnecting. */
911 /* inotify set up already, don't do it again, just return now, and remember
912 * that we are waiting for inotify events now. */
913 bus_set_state(b
, BUS_WATCH_BIND
);
917 /* This is a file system socket, and the inotify logic is enabled. Let's create the necessary inotify fd. */
918 r
= bus_socket_inotify_setup(b
);
922 /* Let's now try to connect a second time, because in theory there's otherwise a race
923 * here: the socket might have been created in the time between our first connect() and
924 * the time we set up the inotify logic. But let's remember that we set up inotify now,
925 * so that we don't do the connect() more than twice. */
934 /* Yay, established, we don't need no inotify anymore! */
935 bus_close_inotify_fd(b
);
937 return bus_socket_start_auth(b
);
940 int bus_socket_exec(sd_bus
*b
) {
945 assert(b
->input_fd
< 0);
946 assert(b
->output_fd
< 0);
947 assert(b
->exec_path
);
949 r
= socketpair(AF_UNIX
, SOCK_STREAM
|SOCK_NONBLOCK
|SOCK_CLOEXEC
, 0, s
);
953 r
= safe_fork_full("(sd-busexec)", s
+1, 1, FORK_RESET_SIGNALS
|FORK_CLOSE_ALL_FDS
, &pid
);
961 assert_se(dup3(s
[1], STDIN_FILENO
, 0) == STDIN_FILENO
);
962 assert_se(dup3(s
[1], STDOUT_FILENO
, 0) == STDOUT_FILENO
);
964 if (!IN_SET(s
[1], STDIN_FILENO
, STDOUT_FILENO
))
967 (void) fd_cloexec(STDIN_FILENO
, false);
968 (void) fd_cloexec(STDOUT_FILENO
, false);
969 (void) fd_nonblock(STDIN_FILENO
, false);
970 (void) fd_nonblock(STDOUT_FILENO
, false);
973 execvp(b
->exec_path
, b
->exec_argv
);
975 const char *argv
[] = { b
->exec_path
, NULL
};
976 execvp(b
->exec_path
, (char**) argv
);
983 b
->output_fd
= b
->input_fd
= s
[0];
987 return bus_socket_start_auth(b
);
990 int bus_socket_take_fd(sd_bus
*b
) {
995 return bus_socket_start_auth(b
);
998 int bus_socket_write_message(sd_bus
*bus
, sd_bus_message
*m
, size_t *idx
) {
1008 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1010 if (*idx
>= BUS_MESSAGE_SIZE(m
))
1013 r
= bus_message_setup_iovec(m
);
1017 n
= m
->n_iovec
* sizeof(struct iovec
);
1019 memcpy_safe(iov
, m
->iovec
, n
);
1022 iovec_advance(iov
, &j
, *idx
);
1024 if (bus
->prefer_writev
)
1025 k
= writev(bus
->output_fd
, iov
, m
->n_iovec
);
1027 struct msghdr mh
= {
1029 .msg_iovlen
= m
->n_iovec
,
1032 if (m
->n_fds
> 0 && *idx
== 0) {
1033 struct cmsghdr
*control
;
1035 mh
.msg_control
= control
= alloca(CMSG_SPACE(sizeof(int) * m
->n_fds
));
1036 mh
.msg_controllen
= control
->cmsg_len
= CMSG_LEN(sizeof(int) * m
->n_fds
);
1037 control
->cmsg_level
= SOL_SOCKET
;
1038 control
->cmsg_type
= SCM_RIGHTS
;
1039 memcpy(CMSG_DATA(control
), m
->fds
, sizeof(int) * m
->n_fds
);
1042 k
= sendmsg(bus
->output_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
);
1043 if (k
< 0 && errno
== ENOTSOCK
) {
1044 bus
->prefer_writev
= true;
1045 k
= writev(bus
->output_fd
, iov
, m
->n_iovec
);
1050 return errno
== EAGAIN
? 0 : -errno
;
1056 static int bus_socket_read_message_need(sd_bus
*bus
, size_t *need
) {
1063 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1065 if (bus
->rbuffer_size
< sizeof(struct bus_header
)) {
1066 *need
= sizeof(struct bus_header
) + 8;
1068 /* Minimum message size:
1072 * Method Call: +2 string headers
1073 * Signal: +3 string headers
1074 * Method Error: +1 string headers
1076 * Method Reply: +1 uint32 headers
1078 * A string header is at least 9 bytes
1079 * A uint32 header is at least 8 bytes
1081 * Hence the minimum message size of a valid message
1082 * is header + 8 bytes */
1087 a
= ((const uint32_t*) bus
->rbuffer
)[1];
1088 b
= ((const uint32_t*) bus
->rbuffer
)[3];
1090 e
= ((const uint8_t*) bus
->rbuffer
)[0];
1091 if (e
== BUS_LITTLE_ENDIAN
) {
1094 } else if (e
== BUS_BIG_ENDIAN
) {
1100 sum
= (uint64_t) sizeof(struct bus_header
) + (uint64_t) ALIGN_TO(b
, 8) + (uint64_t) a
;
1101 if (sum
>= BUS_MESSAGE_SIZE_MAX
)
1104 *need
= (size_t) sum
;
1108 static int bus_socket_make_message(sd_bus
*bus
, size_t size
) {
1114 assert(bus
->rbuffer_size
>= size
);
1115 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1117 r
= bus_rqueue_make_room(bus
);
1121 if (bus
->rbuffer_size
> size
) {
1122 b
= memdup((const uint8_t*) bus
->rbuffer
+ size
,
1123 bus
->rbuffer_size
- size
);
1129 r
= bus_message_from_malloc(bus
,
1131 bus
->fds
, bus
->n_fds
,
1140 bus
->rbuffer_size
-= size
;
1145 bus
->rqueue
[bus
->rqueue_size
++] = t
;
1150 int bus_socket_read_message(sd_bus
*bus
) {
1152 struct iovec iov
= {};
1158 struct cmsghdr cmsghdr
;
1159 uint8_t buf
[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX
)];
1161 bool handle_cmsg
= false;
1164 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1166 r
= bus_socket_read_message_need(bus
, &need
);
1170 if (bus
->rbuffer_size
>= need
)
1171 return bus_socket_make_message(bus
, need
);
1173 b
= realloc(bus
->rbuffer
, need
);
1179 iov
.iov_base
= (uint8_t*) bus
->rbuffer
+ bus
->rbuffer_size
;
1180 iov
.iov_len
= need
- bus
->rbuffer_size
;
1182 if (bus
->prefer_readv
)
1183 k
= readv(bus
->input_fd
, &iov
, 1);
1188 mh
.msg_control
= &control
;
1189 mh
.msg_controllen
= sizeof(control
);
1191 k
= recvmsg(bus
->input_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
|MSG_CMSG_CLOEXEC
);
1192 if (k
< 0 && errno
== ENOTSOCK
) {
1193 bus
->prefer_readv
= true;
1194 k
= readv(bus
->input_fd
, &iov
, 1);
1199 return errno
== EAGAIN
? 0 : -errno
;
1203 bus
->rbuffer_size
+= k
;
1206 struct cmsghdr
*cmsg
;
1208 CMSG_FOREACH(cmsg
, &mh
)
1209 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1210 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1213 n
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1215 if (!bus
->can_fds
) {
1216 /* Whut? We received fds but this
1217 * isn't actually enabled? Close them,
1220 close_many((int*) CMSG_DATA(cmsg
), n
);
1224 f
= realloc(bus
->fds
, sizeof(int) * (bus
->n_fds
+ n
));
1226 close_many((int*) CMSG_DATA(cmsg
), n
);
1230 memcpy_safe(f
+ bus
->n_fds
, CMSG_DATA(cmsg
), n
* sizeof(int));
1234 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
1235 cmsg
->cmsg_level
, cmsg
->cmsg_type
);
1238 r
= bus_socket_read_message_need(bus
, &need
);
1242 if (bus
->rbuffer_size
>= need
)
1243 return bus_socket_make_message(bus
, need
);
1248 int bus_socket_process_opening(sd_bus
*b
) {
1250 socklen_t slen
= sizeof(error
);
1257 assert(b
->state
== BUS_OPENING
);
1263 if (!(p
.revents
& (POLLOUT
|POLLERR
|POLLHUP
)))
1266 r
= getsockopt(b
->output_fd
, SOL_SOCKET
, SO_ERROR
, &error
, &slen
);
1268 b
->last_connect_error
= errno
;
1269 else if (error
!= 0)
1270 b
->last_connect_error
= error
;
1271 else if (p
.revents
& (POLLERR
|POLLHUP
))
1272 b
->last_connect_error
= ECONNREFUSED
;
1274 return bus_socket_start_auth(b
);
1276 return bus_next_address(b
);
1279 int bus_socket_process_authenticating(sd_bus
*b
) {
1283 assert(b
->state
== BUS_AUTHENTICATING
);
1285 if (now(CLOCK_MONOTONIC
) >= b
->auth_timeout
)
1288 r
= bus_socket_write_auth(b
);
1292 return bus_socket_read_auth(b
);
1295 int bus_socket_process_watch_bind(sd_bus
*b
) {
1299 assert(b
->state
== BUS_WATCH_BIND
);
1300 assert(b
->inotify_fd
>= 0);
1302 r
= flush_fd(b
->inotify_fd
);
1306 log_debug("Got inotify event on bus %s.", strna(b
->description
));
1308 /* We flushed events out of the inotify fd. In that case, maybe the socket is valid now? Let's try to connect
1311 r
= bus_socket_connect(b
);
1315 q
= bus_attach_io_events(b
);
1319 q
= bus_attach_inotify_event(b
);