]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd/sd-bus/bus-socket.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #8336 from poettering/coccinelle-reallocarray
[thirdparty/systemd.git] / src / libsystemd / sd-bus / bus-socket.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2013 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <endian.h>
22 #include <poll.h>
23 #include <stdlib.h>
24 #include <unistd.h>
25
26 #include "sd-bus.h"
27 #include "sd-daemon.h"
28
29 #include "alloc-util.h"
30 #include "bus-internal.h"
31 #include "bus-message.h"
32 #include "bus-socket.h"
33 #include "fd-util.h"
34 #include "format-util.h"
35 #include "fs-util.h"
36 #include "hexdecoct.h"
37 #include "io-util.h"
38 #include "macro.h"
39 #include "missing.h"
40 #include "path-util.h"
41 #include "process-util.h"
42 #include "selinux-util.h"
43 #include "signal-util.h"
44 #include "stdio-util.h"
45 #include "string-util.h"
46 #include "user-util.h"
47 #include "utf8.h"
48 #include "util.h"
49
50 #define SNDBUF_SIZE (8*1024*1024)
51
52 static void iovec_advance(struct iovec iov[], unsigned *idx, size_t size) {
53
54 while (size > 0) {
55 struct iovec *i = iov + *idx;
56
57 if (i->iov_len > size) {
58 i->iov_base = (uint8_t*) i->iov_base + size;
59 i->iov_len -= size;
60 return;
61 }
62
63 size -= i->iov_len;
64
65 i->iov_base = NULL;
66 i->iov_len = 0;
67
68 (*idx)++;
69 }
70 }
71
72 static int append_iovec(sd_bus_message *m, const void *p, size_t sz) {
73 assert(m);
74 assert(p);
75 assert(sz > 0);
76
77 m->iovec[m->n_iovec].iov_base = (void*) p;
78 m->iovec[m->n_iovec].iov_len = sz;
79 m->n_iovec++;
80
81 return 0;
82 }
83
84 static int bus_message_setup_iovec(sd_bus_message *m) {
85 struct bus_body_part *part;
86 unsigned n, i;
87 int r;
88
89 assert(m);
90 assert(m->sealed);
91
92 if (m->n_iovec > 0)
93 return 0;
94
95 assert(!m->iovec);
96
97 n = 1 + m->n_body_parts;
98 if (n < ELEMENTSOF(m->iovec_fixed))
99 m->iovec = m->iovec_fixed;
100 else {
101 m->iovec = new(struct iovec, n);
102 if (!m->iovec) {
103 r = -ENOMEM;
104 goto fail;
105 }
106 }
107
108 r = append_iovec(m, m->header, BUS_MESSAGE_BODY_BEGIN(m));
109 if (r < 0)
110 goto fail;
111
112 MESSAGE_FOREACH_PART(part, i, m) {
113 r = bus_body_part_map(part);
114 if (r < 0)
115 goto fail;
116
117 r = append_iovec(m, part->data, part->size);
118 if (r < 0)
119 goto fail;
120 }
121
122 assert(n == m->n_iovec);
123
124 return 0;
125
126 fail:
127 m->poisoned = true;
128 return r;
129 }
130
131 bool bus_socket_auth_needs_write(sd_bus *b) {
132
133 unsigned i;
134
135 if (b->auth_index >= ELEMENTSOF(b->auth_iovec))
136 return false;
137
138 for (i = b->auth_index; i < ELEMENTSOF(b->auth_iovec); i++) {
139 struct iovec *j = b->auth_iovec + i;
140
141 if (j->iov_len > 0)
142 return true;
143 }
144
145 return false;
146 }
147
148 static int bus_socket_write_auth(sd_bus *b) {
149 ssize_t k;
150
151 assert(b);
152 assert(b->state == BUS_AUTHENTICATING);
153
154 if (!bus_socket_auth_needs_write(b))
155 return 0;
156
157 if (b->prefer_writev)
158 k = writev(b->output_fd, b->auth_iovec + b->auth_index, ELEMENTSOF(b->auth_iovec) - b->auth_index);
159 else {
160 struct msghdr mh;
161 zero(mh);
162
163 mh.msg_iov = b->auth_iovec + b->auth_index;
164 mh.msg_iovlen = ELEMENTSOF(b->auth_iovec) - b->auth_index;
165
166 k = sendmsg(b->output_fd, &mh, MSG_DONTWAIT|MSG_NOSIGNAL);
167 if (k < 0 && errno == ENOTSOCK) {
168 b->prefer_writev = true;
169 k = writev(b->output_fd, b->auth_iovec + b->auth_index, ELEMENTSOF(b->auth_iovec) - b->auth_index);
170 }
171 }
172
173 if (k < 0)
174 return errno == EAGAIN ? 0 : -errno;
175
176 iovec_advance(b->auth_iovec, &b->auth_index, (size_t) k);
177 return 1;
178 }
179
180 static int bus_socket_auth_verify_client(sd_bus *b) {
181 char *e, *f, *start;
182 sd_id128_t peer;
183 unsigned i;
184 int r;
185
186 assert(b);
187
188 /* We expect two response lines: "OK" and possibly
189 * "AGREE_UNIX_FD" */
190
191 e = memmem_safe(b->rbuffer, b->rbuffer_size, "\r\n", 2);
192 if (!e)
193 return 0;
194
195 if (b->accept_fd) {
196 f = memmem(e + 2, b->rbuffer_size - (e - (char*) b->rbuffer) - 2, "\r\n", 2);
197 if (!f)
198 return 0;
199
200 start = f + 2;
201 } else {
202 f = NULL;
203 start = e + 2;
204 }
205
206 /* Nice! We got all the lines we need. First check the OK
207 * line */
208
209 if (e - (char*) b->rbuffer != 3 + 32)
210 return -EPERM;
211
212 if (memcmp(b->rbuffer, "OK ", 3))
213 return -EPERM;
214
215 b->auth = b->anonymous_auth ? BUS_AUTH_ANONYMOUS : BUS_AUTH_EXTERNAL;
216
217 for (i = 0; i < 32; i += 2) {
218 int x, y;
219
220 x = unhexchar(((char*) b->rbuffer)[3 + i]);
221 y = unhexchar(((char*) b->rbuffer)[3 + i + 1]);
222
223 if (x < 0 || y < 0)
224 return -EINVAL;
225
226 peer.bytes[i/2] = ((uint8_t) x << 4 | (uint8_t) y);
227 }
228
229 if (!sd_id128_is_null(b->server_id) &&
230 !sd_id128_equal(b->server_id, peer))
231 return -EPERM;
232
233 b->server_id = peer;
234
235 /* And possibly check the second line, too */
236
237 if (f)
238 b->can_fds =
239 (f - e == STRLEN("\r\nAGREE_UNIX_FD")) &&
240 memcmp(e + 2, "AGREE_UNIX_FD",
241 STRLEN("AGREE_UNIX_FD")) == 0;
242
243 b->rbuffer_size -= (start - (char*) b->rbuffer);
244 memmove(b->rbuffer, start, b->rbuffer_size);
245
246 r = bus_start_running(b);
247 if (r < 0)
248 return r;
249
250 return 1;
251 }
252
253 static bool line_equals(const char *s, size_t m, const char *line) {
254 size_t l;
255
256 l = strlen(line);
257 if (l != m)
258 return false;
259
260 return memcmp(s, line, l) == 0;
261 }
262
263 static bool line_begins(const char *s, size_t m, const char *word) {
264 size_t l;
265
266 l = strlen(word);
267 if (m < l)
268 return false;
269
270 if (memcmp(s, word, l) != 0)
271 return false;
272
273 return m == l || (m > l && s[l] == ' ');
274 }
275
276 static int verify_anonymous_token(sd_bus *b, const char *p, size_t l) {
277 _cleanup_free_ char *token = NULL;
278 size_t len;
279 int r;
280
281 if (!b->anonymous_auth)
282 return 0;
283
284 if (l <= 0)
285 return 1;
286
287 assert(p[0] == ' ');
288 p++; l--;
289
290 if (l % 2 != 0)
291 return 0;
292
293 r = unhexmem(p, l, (void **) &token, &len);
294 if (r < 0)
295 return 0;
296
297 if (memchr(token, 0, len))
298 return 0;
299
300 return !!utf8_is_valid(token);
301 }
302
303 static int verify_external_token(sd_bus *b, const char *p, size_t l) {
304 _cleanup_free_ char *token = NULL;
305 size_t len;
306 uid_t u;
307 int r;
308
309 /* We don't do any real authentication here. Instead, we if
310 * the owner of this bus wanted authentication he should have
311 * checked SO_PEERCRED before even creating the bus object. */
312
313 if (!b->anonymous_auth && !b->ucred_valid)
314 return 0;
315
316 if (l <= 0)
317 return 1;
318
319 assert(p[0] == ' ');
320 p++; l--;
321
322 if (l % 2 != 0)
323 return 0;
324
325 r = unhexmem(p, l, (void**) &token, &len);
326 if (r < 0)
327 return 0;
328
329 if (memchr(token, 0, len))
330 return 0;
331
332 r = parse_uid(token, &u);
333 if (r < 0)
334 return 0;
335
336 /* We ignore the passed value if anonymous authentication is
337 * on anyway. */
338 if (!b->anonymous_auth && u != b->ucred.uid)
339 return 0;
340
341 return 1;
342 }
343
344 static int bus_socket_auth_write(sd_bus *b, const char *t) {
345 char *p;
346 size_t l;
347
348 assert(b);
349 assert(t);
350
351 /* We only make use of the first iovec */
352 assert(IN_SET(b->auth_index, 0, 1));
353
354 l = strlen(t);
355 p = malloc(b->auth_iovec[0].iov_len + l);
356 if (!p)
357 return -ENOMEM;
358
359 memcpy_safe(p, b->auth_iovec[0].iov_base, b->auth_iovec[0].iov_len);
360 memcpy(p + b->auth_iovec[0].iov_len, t, l);
361
362 b->auth_iovec[0].iov_base = p;
363 b->auth_iovec[0].iov_len += l;
364
365 free(b->auth_buffer);
366 b->auth_buffer = p;
367 b->auth_index = 0;
368 return 0;
369 }
370
371 static int bus_socket_auth_write_ok(sd_bus *b) {
372 char t[3 + 32 + 2 + 1];
373
374 assert(b);
375
376 xsprintf(t, "OK " SD_ID128_FORMAT_STR "\r\n", SD_ID128_FORMAT_VAL(b->server_id));
377
378 return bus_socket_auth_write(b, t);
379 }
380
381 static int bus_socket_auth_verify_server(sd_bus *b) {
382 char *e;
383 const char *line;
384 size_t l;
385 bool processed = false;
386 int r;
387
388 assert(b);
389
390 if (b->rbuffer_size < 1)
391 return 0;
392
393 /* First char must be a NUL byte */
394 if (*(char*) b->rbuffer != 0)
395 return -EIO;
396
397 if (b->rbuffer_size < 3)
398 return 0;
399
400 /* Begin with the first line */
401 if (b->auth_rbegin <= 0)
402 b->auth_rbegin = 1;
403
404 for (;;) {
405 /* Check if line is complete */
406 line = (char*) b->rbuffer + b->auth_rbegin;
407 e = memmem(line, b->rbuffer_size - b->auth_rbegin, "\r\n", 2);
408 if (!e)
409 return processed;
410
411 l = e - line;
412
413 if (line_begins(line, l, "AUTH ANONYMOUS")) {
414
415 r = verify_anonymous_token(b, line + 14, l - 14);
416 if (r < 0)
417 return r;
418 if (r == 0)
419 r = bus_socket_auth_write(b, "REJECTED\r\n");
420 else {
421 b->auth = BUS_AUTH_ANONYMOUS;
422 r = bus_socket_auth_write_ok(b);
423 }
424
425 } else if (line_begins(line, l, "AUTH EXTERNAL")) {
426
427 r = verify_external_token(b, line + 13, l - 13);
428 if (r < 0)
429 return r;
430 if (r == 0)
431 r = bus_socket_auth_write(b, "REJECTED\r\n");
432 else {
433 b->auth = BUS_AUTH_EXTERNAL;
434 r = bus_socket_auth_write_ok(b);
435 }
436
437 } else if (line_begins(line, l, "AUTH"))
438 r = bus_socket_auth_write(b, "REJECTED EXTERNAL ANONYMOUS\r\n");
439 else if (line_equals(line, l, "CANCEL") ||
440 line_begins(line, l, "ERROR")) {
441
442 b->auth = _BUS_AUTH_INVALID;
443 r = bus_socket_auth_write(b, "REJECTED\r\n");
444
445 } else if (line_equals(line, l, "BEGIN")) {
446
447 if (b->auth == _BUS_AUTH_INVALID)
448 r = bus_socket_auth_write(b, "ERROR\r\n");
449 else {
450 /* We can't leave from the auth phase
451 * before we haven't written
452 * everything queued, so let's check
453 * that */
454
455 if (bus_socket_auth_needs_write(b))
456 return 1;
457
458 b->rbuffer_size -= (e + 2 - (char*) b->rbuffer);
459 memmove(b->rbuffer, e + 2, b->rbuffer_size);
460 return bus_start_running(b);
461 }
462
463 } else if (line_begins(line, l, "DATA")) {
464
465 if (b->auth == _BUS_AUTH_INVALID)
466 r = bus_socket_auth_write(b, "ERROR\r\n");
467 else {
468 if (b->auth == BUS_AUTH_ANONYMOUS)
469 r = verify_anonymous_token(b, line + 4, l - 4);
470 else
471 r = verify_external_token(b, line + 4, l - 4);
472
473 if (r < 0)
474 return r;
475 if (r == 0) {
476 b->auth = _BUS_AUTH_INVALID;
477 r = bus_socket_auth_write(b, "REJECTED\r\n");
478 } else
479 r = bus_socket_auth_write_ok(b);
480 }
481 } else if (line_equals(line, l, "NEGOTIATE_UNIX_FD")) {
482 if (b->auth == _BUS_AUTH_INVALID || !b->accept_fd)
483 r = bus_socket_auth_write(b, "ERROR\r\n");
484 else {
485 b->can_fds = true;
486 r = bus_socket_auth_write(b, "AGREE_UNIX_FD\r\n");
487 }
488 } else
489 r = bus_socket_auth_write(b, "ERROR\r\n");
490
491 if (r < 0)
492 return r;
493
494 b->auth_rbegin = e + 2 - (char*) b->rbuffer;
495
496 processed = true;
497 }
498 }
499
500 static int bus_socket_auth_verify(sd_bus *b) {
501 assert(b);
502
503 if (b->is_server)
504 return bus_socket_auth_verify_server(b);
505 else
506 return bus_socket_auth_verify_client(b);
507 }
508
509 static int bus_socket_read_auth(sd_bus *b) {
510 struct msghdr mh;
511 struct iovec iov = {};
512 size_t n;
513 ssize_t k;
514 int r;
515 void *p;
516 union {
517 struct cmsghdr cmsghdr;
518 uint8_t buf[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX)];
519 } control;
520 bool handle_cmsg = false;
521
522 assert(b);
523 assert(b->state == BUS_AUTHENTICATING);
524
525 r = bus_socket_auth_verify(b);
526 if (r != 0)
527 return r;
528
529 n = MAX(256u, b->rbuffer_size * 2);
530
531 if (n > BUS_AUTH_SIZE_MAX)
532 n = BUS_AUTH_SIZE_MAX;
533
534 if (b->rbuffer_size >= n)
535 return -ENOBUFS;
536
537 p = realloc(b->rbuffer, n);
538 if (!p)
539 return -ENOMEM;
540
541 b->rbuffer = p;
542
543 iov.iov_base = (uint8_t*) b->rbuffer + b->rbuffer_size;
544 iov.iov_len = n - b->rbuffer_size;
545
546 if (b->prefer_readv)
547 k = readv(b->input_fd, &iov, 1);
548 else {
549 zero(mh);
550 mh.msg_iov = &iov;
551 mh.msg_iovlen = 1;
552 mh.msg_control = &control;
553 mh.msg_controllen = sizeof(control);
554
555 k = recvmsg(b->input_fd, &mh, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_CMSG_CLOEXEC);
556 if (k < 0 && errno == ENOTSOCK) {
557 b->prefer_readv = true;
558 k = readv(b->input_fd, &iov, 1);
559 } else
560 handle_cmsg = true;
561 }
562 if (k < 0)
563 return errno == EAGAIN ? 0 : -errno;
564 if (k == 0)
565 return -ECONNRESET;
566
567 b->rbuffer_size += k;
568
569 if (handle_cmsg) {
570 struct cmsghdr *cmsg;
571
572 CMSG_FOREACH(cmsg, &mh)
573 if (cmsg->cmsg_level == SOL_SOCKET &&
574 cmsg->cmsg_type == SCM_RIGHTS) {
575 int j;
576
577 /* Whut? We received fds during the auth
578 * protocol? Somebody is playing games with
579 * us. Close them all, and fail */
580 j = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
581 close_many((int*) CMSG_DATA(cmsg), j);
582 return -EIO;
583 } else
584 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
585 cmsg->cmsg_level, cmsg->cmsg_type);
586 }
587
588 r = bus_socket_auth_verify(b);
589 if (r != 0)
590 return r;
591
592 return 1;
593 }
594
595 void bus_socket_setup(sd_bus *b) {
596 assert(b);
597
598 /* Increase the buffers to 8 MB */
599 (void) fd_inc_rcvbuf(b->input_fd, SNDBUF_SIZE);
600 (void) fd_inc_sndbuf(b->output_fd, SNDBUF_SIZE);
601
602 b->message_version = 1;
603 b->message_endian = 0;
604 }
605
606 static void bus_get_peercred(sd_bus *b) {
607 int r;
608
609 assert(b);
610 assert(!b->ucred_valid);
611 assert(!b->label);
612 assert(b->n_groups == (size_t) -1);
613
614 /* Get the peer for socketpair() sockets */
615 b->ucred_valid = getpeercred(b->input_fd, &b->ucred) >= 0;
616
617 /* Get the SELinux context of the peer */
618 r = getpeersec(b->input_fd, &b->label);
619 if (r < 0 && !IN_SET(r, -EOPNOTSUPP, -ENOPROTOOPT))
620 log_debug_errno(r, "Failed to determine peer security context: %m");
621
622 /* Get the list of auxiliary groups of the peer */
623 r = getpeergroups(b->input_fd, &b->groups);
624 if (r >= 0)
625 b->n_groups = (size_t) r;
626 else if (!IN_SET(r, -EOPNOTSUPP, -ENOPROTOOPT))
627 log_debug_errno(r, "Failed to determine peer's group list: %m");
628 }
629
630 static int bus_socket_start_auth_client(sd_bus *b) {
631 size_t l;
632 const char *auth_suffix, *auth_prefix;
633
634 assert(b);
635
636 if (b->anonymous_auth) {
637 auth_prefix = "\0AUTH ANONYMOUS ";
638
639 /* For ANONYMOUS auth we send some arbitrary "trace" string */
640 l = 9;
641 b->auth_buffer = hexmem("anonymous", l);
642 } else {
643 char text[DECIMAL_STR_MAX(uid_t) + 1];
644
645 auth_prefix = "\0AUTH EXTERNAL ";
646
647 xsprintf(text, UID_FMT, geteuid());
648
649 l = strlen(text);
650 b->auth_buffer = hexmem(text, l);
651 }
652
653 if (!b->auth_buffer)
654 return -ENOMEM;
655
656 if (b->accept_fd)
657 auth_suffix = "\r\nNEGOTIATE_UNIX_FD\r\nBEGIN\r\n";
658 else
659 auth_suffix = "\r\nBEGIN\r\n";
660
661 b->auth_iovec[0].iov_base = (void*) auth_prefix;
662 b->auth_iovec[0].iov_len = 1 + strlen(auth_prefix + 1);
663 b->auth_iovec[1].iov_base = (void*) b->auth_buffer;
664 b->auth_iovec[1].iov_len = l * 2;
665 b->auth_iovec[2].iov_base = (void*) auth_suffix;
666 b->auth_iovec[2].iov_len = strlen(auth_suffix);
667
668 return bus_socket_write_auth(b);
669 }
670
671 int bus_socket_start_auth(sd_bus *b) {
672 assert(b);
673
674 bus_get_peercred(b);
675
676 bus_set_state(b, BUS_AUTHENTICATING);
677 b->auth_timeout = now(CLOCK_MONOTONIC) + BUS_AUTH_TIMEOUT;
678
679 if (sd_is_socket(b->input_fd, AF_UNIX, 0, 0) <= 0)
680 b->accept_fd = false;
681
682 if (b->output_fd != b->input_fd)
683 if (sd_is_socket(b->output_fd, AF_UNIX, 0, 0) <= 0)
684 b->accept_fd = false;
685
686 if (b->is_server)
687 return bus_socket_read_auth(b);
688 else
689 return bus_socket_start_auth_client(b);
690 }
691
692 static int bus_socket_inotify_setup(sd_bus *b) {
693 _cleanup_free_ int *new_watches = NULL;
694 _cleanup_free_ char *absolute = NULL;
695 size_t n_allocated = 0, n = 0, done = 0, i;
696 unsigned max_follow = 32;
697 const char *p;
698 int wd, r;
699
700 assert(b);
701 assert(b->watch_bind);
702 assert(b->sockaddr.sa.sa_family == AF_UNIX);
703 assert(b->sockaddr.un.sun_path[0] != 0);
704
705 /* Sets up an inotify fd in case watch_bind is enabled: wait until the configured AF_UNIX file system socket
706 * appears before connecting to it. The implemented is pretty simplistic: we just subscribe to relevant changes
707 * to all prefix components of the path, and every time we get an event for that we try to reconnect again,
708 * without actually caring what precisely the event we got told us. If we still can't connect we re-subscribe
709 * to all relevant changes of anything in the path, so that our watches include any possibly newly created path
710 * components. */
711
712 if (b->inotify_fd < 0) {
713 b->inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
714 if (b->inotify_fd < 0)
715 return -errno;
716
717 b->inotify_fd = fd_move_above_stdio(b->inotify_fd);
718 }
719
720 /* Make sure the path is NUL terminated */
721 p = strndupa(b->sockaddr.un.sun_path, sizeof(b->sockaddr.un.sun_path));
722
723 /* Make sure the path is absolute */
724 r = path_make_absolute_cwd(p, &absolute);
725 if (r < 0)
726 goto fail;
727
728 /* Watch all parent directories, and don't mind any prefix that doesn't exist yet. For the innermost directory
729 * that exists we want to know when files are created or moved into it. For all parents of it we just care if
730 * they are removed or renamed. */
731
732 if (!GREEDY_REALLOC(new_watches, n_allocated, n + 1)) {
733 r = -ENOMEM;
734 goto fail;
735 }
736
737 /* Start with the top-level directory, which is a bit simpler than the rest, since it can't be a symlink, and
738 * always exists */
739 wd = inotify_add_watch(b->inotify_fd, "/", IN_CREATE|IN_MOVED_TO);
740 if (wd < 0) {
741 r = log_debug_errno(errno, "Failed to add inotify watch on /: %m");
742 goto fail;
743 } else
744 new_watches[n++] = wd;
745
746 for (;;) {
747 _cleanup_free_ char *component = NULL, *prefix = NULL, *destination = NULL;
748 size_t n_slashes, n_component;
749 char *c = NULL;
750
751 n_slashes = strspn(absolute + done, "/");
752 n_component = n_slashes + strcspn(absolute + done + n_slashes, "/");
753
754 if (n_component == 0) /* The end */
755 break;
756
757 component = strndup(absolute + done, n_component);
758 if (!component) {
759 r = -ENOMEM;
760 goto fail;
761 }
762
763 /* A trailing slash? That's a directory, and not a socket then */
764 if (path_equal(component, "/")) {
765 r = -EISDIR;
766 goto fail;
767 }
768
769 /* A single dot? Let's eat this up */
770 if (path_equal(component, "/.")) {
771 done += n_component;
772 continue;
773 }
774
775 prefix = strndup(absolute, done + n_component);
776 if (!prefix) {
777 r = -ENOMEM;
778 goto fail;
779 }
780
781 if (!GREEDY_REALLOC(new_watches, n_allocated, n + 1)) {
782 r = -ENOMEM;
783 goto fail;
784 }
785
786 wd = inotify_add_watch(b->inotify_fd, prefix, IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB|IN_CREATE|IN_MOVED_TO|IN_DONT_FOLLOW);
787 log_debug("Added inotify watch for %s on bus %s: %i", prefix, strna(b->description), wd);
788
789 if (wd < 0) {
790 if (IN_SET(errno, ENOENT, ELOOP))
791 break; /* This component doesn't exist yet, or the path contains a cyclic symlink right now */
792
793 r = log_debug_errno(errno, "Failed to add inotify watch on %s: %m", isempty(prefix) ? "/" : prefix);
794 goto fail;
795 } else
796 new_watches[n++] = wd;
797
798 /* Check if this is possibly a symlink. If so, let's follow it and watch it too. */
799 r = readlink_malloc(prefix, &destination);
800 if (r == -EINVAL) { /* not a symlink */
801 done += n_component;
802 continue;
803 }
804 if (r < 0)
805 goto fail;
806
807 if (isempty(destination)) { /* Empty symlink target? Yuck! */
808 r = -EINVAL;
809 goto fail;
810 }
811
812 if (max_follow <= 0) { /* Let's make sure we don't follow symlinks forever */
813 r = -ELOOP;
814 goto fail;
815 }
816
817 if (path_is_absolute(destination)) {
818 /* For absolute symlinks we build the new path and start anew */
819 c = strjoin(destination, absolute + done + n_component);
820 done = 0;
821 } else {
822 _cleanup_free_ char *t = NULL;
823
824 /* For relative symlinks we replace the last component, and try again */
825 t = strndup(absolute, done);
826 if (!t)
827 return -ENOMEM;
828
829 c = strjoin(t, "/", destination, absolute + done + n_component);
830 }
831 if (!c) {
832 r = -ENOMEM;
833 goto fail;
834 }
835
836 free(absolute);
837 absolute = c;
838
839 max_follow--;
840 }
841
842 /* And now, let's remove all watches from the previous iteration we don't need anymore */
843 for (i = 0; i < b->n_inotify_watches; i++) {
844 bool found = false;
845 size_t j;
846
847 for (j = 0; j < n; j++)
848 if (new_watches[j] == b->inotify_watches[i]) {
849 found = true;
850 break;
851 }
852
853 if (found)
854 continue;
855
856 (void) inotify_rm_watch(b->inotify_fd, b->inotify_watches[i]);
857 }
858
859 free_and_replace(b->inotify_watches, new_watches);
860 b->n_inotify_watches = n;
861
862 return 0;
863
864 fail:
865 bus_close_inotify_fd(b);
866 return r;
867 }
868
869 int bus_socket_connect(sd_bus *b) {
870 bool inotify_done = false;
871 int r;
872
873 assert(b);
874
875 for (;;) {
876 assert(b->input_fd < 0);
877 assert(b->output_fd < 0);
878 assert(b->sockaddr.sa.sa_family != AF_UNSPEC);
879
880 b->input_fd = socket(b->sockaddr.sa.sa_family, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
881 if (b->input_fd < 0)
882 return -errno;
883
884 b->input_fd = fd_move_above_stdio(b->input_fd);
885
886 b->output_fd = b->input_fd;
887 bus_socket_setup(b);
888
889 if (connect(b->input_fd, &b->sockaddr.sa, b->sockaddr_size) < 0) {
890 if (errno == EINPROGRESS) {
891
892 /* If we have any inotify watches open, close them now, we don't need them anymore, as
893 * we have successfully initiated a connection */
894 bus_close_inotify_fd(b);
895
896 /* Note that very likely we are already in BUS_OPENING state here, as we enter it when
897 * we start parsing the address string. The only reason we set the state explicitly
898 * here, is to undo BUS_WATCH_BIND, in case we did the inotify magic. */
899 bus_set_state(b, BUS_OPENING);
900 return 1;
901 }
902
903 if (IN_SET(errno, ENOENT, ECONNREFUSED) && /* ENOENT → unix socket doesn't exist at all; ECONNREFUSED → unix socket stale */
904 b->watch_bind &&
905 b->sockaddr.sa.sa_family == AF_UNIX &&
906 b->sockaddr.un.sun_path[0] != 0) {
907
908 /* This connection attempt failed, let's release the socket for now, and start with a
909 * fresh one when reconnecting. */
910 bus_close_io_fds(b);
911
912 if (inotify_done) {
913 /* inotify set up already, don't do it again, just return now, and remember
914 * that we are waiting for inotify events now. */
915 bus_set_state(b, BUS_WATCH_BIND);
916 return 1;
917 }
918
919 /* This is a file system socket, and the inotify logic is enabled. Let's create the necessary inotify fd. */
920 r = bus_socket_inotify_setup(b);
921 if (r < 0)
922 return r;
923
924 /* Let's now try to connect a second time, because in theory there's otherwise a race
925 * here: the socket might have been created in the time between our first connect() and
926 * the time we set up the inotify logic. But let's remember that we set up inotify now,
927 * so that we don't do the connect() more than twice. */
928 inotify_done = true;
929
930 } else
931 return -errno;
932 } else
933 break;
934 }
935
936 /* Yay, established, we don't need no inotify anymore! */
937 bus_close_inotify_fd(b);
938
939 return bus_socket_start_auth(b);
940 }
941
942 int bus_socket_exec(sd_bus *b) {
943 int s[2], r;
944
945 assert(b);
946 assert(b->input_fd < 0);
947 assert(b->output_fd < 0);
948 assert(b->exec_path);
949 assert(b->busexec_pid == 0);
950
951 r = socketpair(AF_UNIX, SOCK_STREAM|SOCK_NONBLOCK|SOCK_CLOEXEC, 0, s);
952 if (r < 0)
953 return -errno;
954
955 r = safe_fork_full("(sd-busexec)", s+1, 1, FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS, &b->busexec_pid);
956 if (r < 0) {
957 safe_close_pair(s);
958 return r;
959 }
960 if (r == 0) {
961 /* Child */
962
963 assert_se(dup3(s[1], STDIN_FILENO, 0) == STDIN_FILENO);
964 assert_se(dup3(s[1], STDOUT_FILENO, 0) == STDOUT_FILENO);
965
966 if (!IN_SET(s[1], STDIN_FILENO, STDOUT_FILENO))
967 safe_close(s[1]);
968
969 (void) fd_cloexec(STDIN_FILENO, false);
970 (void) fd_cloexec(STDOUT_FILENO, false);
971 (void) fd_nonblock(STDIN_FILENO, false);
972 (void) fd_nonblock(STDOUT_FILENO, false);
973
974 if (b->exec_argv)
975 execvp(b->exec_path, b->exec_argv);
976 else {
977 const char *argv[] = { b->exec_path, NULL };
978 execvp(b->exec_path, (char**) argv);
979 }
980
981 _exit(EXIT_FAILURE);
982 }
983
984 safe_close(s[1]);
985 b->output_fd = b->input_fd = fd_move_above_stdio(s[0]);
986
987 bus_socket_setup(b);
988
989 return bus_socket_start_auth(b);
990 }
991
992 int bus_socket_take_fd(sd_bus *b) {
993 assert(b);
994
995 bus_socket_setup(b);
996
997 return bus_socket_start_auth(b);
998 }
999
1000 int bus_socket_write_message(sd_bus *bus, sd_bus_message *m, size_t *idx) {
1001 struct iovec *iov;
1002 ssize_t k;
1003 size_t n;
1004 unsigned j;
1005 int r;
1006
1007 assert(bus);
1008 assert(m);
1009 assert(idx);
1010 assert(IN_SET(bus->state, BUS_RUNNING, BUS_HELLO));
1011
1012 if (*idx >= BUS_MESSAGE_SIZE(m))
1013 return 0;
1014
1015 r = bus_message_setup_iovec(m);
1016 if (r < 0)
1017 return r;
1018
1019 n = m->n_iovec * sizeof(struct iovec);
1020 iov = alloca(n);
1021 memcpy_safe(iov, m->iovec, n);
1022
1023 j = 0;
1024 iovec_advance(iov, &j, *idx);
1025
1026 if (bus->prefer_writev)
1027 k = writev(bus->output_fd, iov, m->n_iovec);
1028 else {
1029 struct msghdr mh = {
1030 .msg_iov = iov,
1031 .msg_iovlen = m->n_iovec,
1032 };
1033
1034 if (m->n_fds > 0 && *idx == 0) {
1035 struct cmsghdr *control;
1036
1037 mh.msg_control = control = alloca(CMSG_SPACE(sizeof(int) * m->n_fds));
1038 mh.msg_controllen = control->cmsg_len = CMSG_LEN(sizeof(int) * m->n_fds);
1039 control->cmsg_level = SOL_SOCKET;
1040 control->cmsg_type = SCM_RIGHTS;
1041 memcpy(CMSG_DATA(control), m->fds, sizeof(int) * m->n_fds);
1042 }
1043
1044 k = sendmsg(bus->output_fd, &mh, MSG_DONTWAIT|MSG_NOSIGNAL);
1045 if (k < 0 && errno == ENOTSOCK) {
1046 bus->prefer_writev = true;
1047 k = writev(bus->output_fd, iov, m->n_iovec);
1048 }
1049 }
1050
1051 if (k < 0)
1052 return errno == EAGAIN ? 0 : -errno;
1053
1054 *idx += (size_t) k;
1055 return 1;
1056 }
1057
1058 static int bus_socket_read_message_need(sd_bus *bus, size_t *need) {
1059 uint32_t a, b;
1060 uint8_t e;
1061 uint64_t sum;
1062
1063 assert(bus);
1064 assert(need);
1065 assert(IN_SET(bus->state, BUS_RUNNING, BUS_HELLO));
1066
1067 if (bus->rbuffer_size < sizeof(struct bus_header)) {
1068 *need = sizeof(struct bus_header) + 8;
1069
1070 /* Minimum message size:
1071 *
1072 * Header +
1073 *
1074 * Method Call: +2 string headers
1075 * Signal: +3 string headers
1076 * Method Error: +1 string headers
1077 * +1 uint32 headers
1078 * Method Reply: +1 uint32 headers
1079 *
1080 * A string header is at least 9 bytes
1081 * A uint32 header is at least 8 bytes
1082 *
1083 * Hence the minimum message size of a valid message
1084 * is header + 8 bytes */
1085
1086 return 0;
1087 }
1088
1089 a = ((const uint32_t*) bus->rbuffer)[1];
1090 b = ((const uint32_t*) bus->rbuffer)[3];
1091
1092 e = ((const uint8_t*) bus->rbuffer)[0];
1093 if (e == BUS_LITTLE_ENDIAN) {
1094 a = le32toh(a);
1095 b = le32toh(b);
1096 } else if (e == BUS_BIG_ENDIAN) {
1097 a = be32toh(a);
1098 b = be32toh(b);
1099 } else
1100 return -EBADMSG;
1101
1102 sum = (uint64_t) sizeof(struct bus_header) + (uint64_t) ALIGN_TO(b, 8) + (uint64_t) a;
1103 if (sum >= BUS_MESSAGE_SIZE_MAX)
1104 return -ENOBUFS;
1105
1106 *need = (size_t) sum;
1107 return 0;
1108 }
1109
1110 static int bus_socket_make_message(sd_bus *bus, size_t size) {
1111 sd_bus_message *t;
1112 void *b;
1113 int r;
1114
1115 assert(bus);
1116 assert(bus->rbuffer_size >= size);
1117 assert(IN_SET(bus->state, BUS_RUNNING, BUS_HELLO));
1118
1119 r = bus_rqueue_make_room(bus);
1120 if (r < 0)
1121 return r;
1122
1123 if (bus->rbuffer_size > size) {
1124 b = memdup((const uint8_t*) bus->rbuffer + size,
1125 bus->rbuffer_size - size);
1126 if (!b)
1127 return -ENOMEM;
1128 } else
1129 b = NULL;
1130
1131 r = bus_message_from_malloc(bus,
1132 bus->rbuffer, size,
1133 bus->fds, bus->n_fds,
1134 NULL,
1135 &t);
1136 if (r < 0) {
1137 free(b);
1138 return r;
1139 }
1140
1141 bus->rbuffer = b;
1142 bus->rbuffer_size -= size;
1143
1144 bus->fds = NULL;
1145 bus->n_fds = 0;
1146
1147 bus->rqueue[bus->rqueue_size++] = t;
1148
1149 return 1;
1150 }
1151
1152 int bus_socket_read_message(sd_bus *bus) {
1153 struct msghdr mh;
1154 struct iovec iov = {};
1155 ssize_t k;
1156 size_t need;
1157 int r;
1158 void *b;
1159 union {
1160 struct cmsghdr cmsghdr;
1161 uint8_t buf[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX)];
1162 } control;
1163 bool handle_cmsg = false;
1164
1165 assert(bus);
1166 assert(IN_SET(bus->state, BUS_RUNNING, BUS_HELLO));
1167
1168 r = bus_socket_read_message_need(bus, &need);
1169 if (r < 0)
1170 return r;
1171
1172 if (bus->rbuffer_size >= need)
1173 return bus_socket_make_message(bus, need);
1174
1175 b = realloc(bus->rbuffer, need);
1176 if (!b)
1177 return -ENOMEM;
1178
1179 bus->rbuffer = b;
1180
1181 iov.iov_base = (uint8_t*) bus->rbuffer + bus->rbuffer_size;
1182 iov.iov_len = need - bus->rbuffer_size;
1183
1184 if (bus->prefer_readv)
1185 k = readv(bus->input_fd, &iov, 1);
1186 else {
1187 zero(mh);
1188 mh.msg_iov = &iov;
1189 mh.msg_iovlen = 1;
1190 mh.msg_control = &control;
1191 mh.msg_controllen = sizeof(control);
1192
1193 k = recvmsg(bus->input_fd, &mh, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_CMSG_CLOEXEC);
1194 if (k < 0 && errno == ENOTSOCK) {
1195 bus->prefer_readv = true;
1196 k = readv(bus->input_fd, &iov, 1);
1197 } else
1198 handle_cmsg = true;
1199 }
1200 if (k < 0)
1201 return errno == EAGAIN ? 0 : -errno;
1202 if (k == 0)
1203 return -ECONNRESET;
1204
1205 bus->rbuffer_size += k;
1206
1207 if (handle_cmsg) {
1208 struct cmsghdr *cmsg;
1209
1210 CMSG_FOREACH(cmsg, &mh)
1211 if (cmsg->cmsg_level == SOL_SOCKET &&
1212 cmsg->cmsg_type == SCM_RIGHTS) {
1213 int n, *f, i;
1214
1215 n = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1216
1217 if (!bus->can_fds) {
1218 /* Whut? We received fds but this
1219 * isn't actually enabled? Close them,
1220 * and fail */
1221
1222 close_many((int*) CMSG_DATA(cmsg), n);
1223 return -EIO;
1224 }
1225
1226 f = reallocarray(bus->fds, bus->n_fds + n, sizeof(int));
1227 if (!f) {
1228 close_many((int*) CMSG_DATA(cmsg), n);
1229 return -ENOMEM;
1230 }
1231
1232 for (i = 0; i < n; i++)
1233 f[bus->n_fds++] = fd_move_above_stdio(((int*) CMSG_DATA(cmsg))[i]);
1234 bus->fds = f;
1235 } else
1236 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
1237 cmsg->cmsg_level, cmsg->cmsg_type);
1238 }
1239
1240 r = bus_socket_read_message_need(bus, &need);
1241 if (r < 0)
1242 return r;
1243
1244 if (bus->rbuffer_size >= need)
1245 return bus_socket_make_message(bus, need);
1246
1247 return 1;
1248 }
1249
1250 int bus_socket_process_opening(sd_bus *b) {
1251 int error = 0;
1252 socklen_t slen = sizeof(error);
1253 struct pollfd p = {
1254 .fd = b->output_fd,
1255 .events = POLLOUT,
1256 };
1257 int r;
1258
1259 assert(b->state == BUS_OPENING);
1260
1261 r = poll(&p, 1, 0);
1262 if (r < 0)
1263 return -errno;
1264
1265 if (!(p.revents & (POLLOUT|POLLERR|POLLHUP)))
1266 return 0;
1267
1268 r = getsockopt(b->output_fd, SOL_SOCKET, SO_ERROR, &error, &slen);
1269 if (r < 0)
1270 b->last_connect_error = errno;
1271 else if (error != 0)
1272 b->last_connect_error = error;
1273 else if (p.revents & (POLLERR|POLLHUP))
1274 b->last_connect_error = ECONNREFUSED;
1275 else
1276 return bus_socket_start_auth(b);
1277
1278 return bus_next_address(b);
1279 }
1280
1281 int bus_socket_process_authenticating(sd_bus *b) {
1282 int r;
1283
1284 assert(b);
1285 assert(b->state == BUS_AUTHENTICATING);
1286
1287 if (now(CLOCK_MONOTONIC) >= b->auth_timeout)
1288 return -ETIMEDOUT;
1289
1290 r = bus_socket_write_auth(b);
1291 if (r != 0)
1292 return r;
1293
1294 return bus_socket_read_auth(b);
1295 }
1296
1297 int bus_socket_process_watch_bind(sd_bus *b) {
1298 int r, q;
1299
1300 assert(b);
1301 assert(b->state == BUS_WATCH_BIND);
1302 assert(b->inotify_fd >= 0);
1303
1304 r = flush_fd(b->inotify_fd);
1305 if (r <= 0)
1306 return r;
1307
1308 log_debug("Got inotify event on bus %s.", strna(b->description));
1309
1310 /* We flushed events out of the inotify fd. In that case, maybe the socket is valid now? Let's try to connect
1311 * to it again */
1312
1313 r = bus_socket_connect(b);
1314 if (r < 0)
1315 return r;
1316
1317 q = bus_attach_io_events(b);
1318 if (q < 0)
1319 return q;
1320
1321 q = bus_attach_inotify_event(b);
1322 if (q < 0)
1323 return q;
1324
1325 return r;
1326 }
Unnamed repository; edit this file 'description' to name the repository.