]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd/sd-bus/bus-socket.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2013 Lennart Poettering
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
27 #include "sd-daemon.h"
29 #include "alloc-util.h"
30 #include "bus-internal.h"
31 #include "bus-message.h"
32 #include "bus-socket.h"
34 #include "format-util.h"
36 #include "hexdecoct.h"
40 #include "path-util.h"
41 #include "process-util.h"
42 #include "selinux-util.h"
43 #include "signal-util.h"
44 #include "stdio-util.h"
45 #include "string-util.h"
46 #include "user-util.h"
50 #define SNDBUF_SIZE (8*1024*1024)
52 static void iovec_advance(struct iovec iov
[], unsigned *idx
, size_t size
) {
55 struct iovec
*i
= iov
+ *idx
;
57 if (i
->iov_len
> size
) {
58 i
->iov_base
= (uint8_t*) i
->iov_base
+ size
;
72 static int append_iovec(sd_bus_message
*m
, const void *p
, size_t sz
) {
77 m
->iovec
[m
->n_iovec
].iov_base
= (void*) p
;
78 m
->iovec
[m
->n_iovec
].iov_len
= sz
;
84 static int bus_message_setup_iovec(sd_bus_message
*m
) {
85 struct bus_body_part
*part
;
97 n
= 1 + m
->n_body_parts
;
98 if (n
< ELEMENTSOF(m
->iovec_fixed
))
99 m
->iovec
= m
->iovec_fixed
;
101 m
->iovec
= new(struct iovec
, n
);
108 r
= append_iovec(m
, m
->header
, BUS_MESSAGE_BODY_BEGIN(m
));
112 MESSAGE_FOREACH_PART(part
, i
, m
) {
113 r
= bus_body_part_map(part
);
117 r
= append_iovec(m
, part
->data
, part
->size
);
122 assert(n
== m
->n_iovec
);
131 bool bus_socket_auth_needs_write(sd_bus
*b
) {
135 if (b
->auth_index
>= ELEMENTSOF(b
->auth_iovec
))
138 for (i
= b
->auth_index
; i
< ELEMENTSOF(b
->auth_iovec
); i
++) {
139 struct iovec
*j
= b
->auth_iovec
+ i
;
148 static int bus_socket_write_auth(sd_bus
*b
) {
152 assert(b
->state
== BUS_AUTHENTICATING
);
154 if (!bus_socket_auth_needs_write(b
))
157 if (b
->prefer_writev
)
158 k
= writev(b
->output_fd
, b
->auth_iovec
+ b
->auth_index
, ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
);
163 mh
.msg_iov
= b
->auth_iovec
+ b
->auth_index
;
164 mh
.msg_iovlen
= ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
;
166 k
= sendmsg(b
->output_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
);
167 if (k
< 0 && errno
== ENOTSOCK
) {
168 b
->prefer_writev
= true;
169 k
= writev(b
->output_fd
, b
->auth_iovec
+ b
->auth_index
, ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
);
174 return errno
== EAGAIN
? 0 : -errno
;
176 iovec_advance(b
->auth_iovec
, &b
->auth_index
, (size_t) k
);
180 static int bus_socket_auth_verify_client(sd_bus
*b
) {
188 /* We expect two response lines: "OK" and possibly
191 e
= memmem_safe(b
->rbuffer
, b
->rbuffer_size
, "\r\n", 2);
196 f
= memmem(e
+ 2, b
->rbuffer_size
- (e
- (char*) b
->rbuffer
) - 2, "\r\n", 2);
206 /* Nice! We got all the lines we need. First check the OK
209 if (e
- (char*) b
->rbuffer
!= 3 + 32)
212 if (memcmp(b
->rbuffer
, "OK ", 3))
215 b
->auth
= b
->anonymous_auth
? BUS_AUTH_ANONYMOUS
: BUS_AUTH_EXTERNAL
;
217 for (i
= 0; i
< 32; i
+= 2) {
220 x
= unhexchar(((char*) b
->rbuffer
)[3 + i
]);
221 y
= unhexchar(((char*) b
->rbuffer
)[3 + i
+ 1]);
226 peer
.bytes
[i
/2] = ((uint8_t) x
<< 4 | (uint8_t) y
);
229 if (!sd_id128_is_null(b
->server_id
) &&
230 !sd_id128_equal(b
->server_id
, peer
))
235 /* And possibly check the second line, too */
239 (f
- e
== STRLEN("\r\nAGREE_UNIX_FD")) &&
240 memcmp(e
+ 2, "AGREE_UNIX_FD",
241 STRLEN("AGREE_UNIX_FD")) == 0;
243 b
->rbuffer_size
-= (start
- (char*) b
->rbuffer
);
244 memmove(b
->rbuffer
, start
, b
->rbuffer_size
);
246 r
= bus_start_running(b
);
253 static bool line_equals(const char *s
, size_t m
, const char *line
) {
260 return memcmp(s
, line
, l
) == 0;
263 static bool line_begins(const char *s
, size_t m
, const char *word
) {
270 if (memcmp(s
, word
, l
) != 0)
273 return m
== l
|| (m
> l
&& s
[l
] == ' ');
276 static int verify_anonymous_token(sd_bus
*b
, const char *p
, size_t l
) {
277 _cleanup_free_
char *token
= NULL
;
281 if (!b
->anonymous_auth
)
293 r
= unhexmem(p
, l
, (void **) &token
, &len
);
297 if (memchr(token
, 0, len
))
300 return !!utf8_is_valid(token
);
303 static int verify_external_token(sd_bus
*b
, const char *p
, size_t l
) {
304 _cleanup_free_
char *token
= NULL
;
309 /* We don't do any real authentication here. Instead, we if
310 * the owner of this bus wanted authentication he should have
311 * checked SO_PEERCRED before even creating the bus object. */
313 if (!b
->anonymous_auth
&& !b
->ucred_valid
)
325 r
= unhexmem(p
, l
, (void**) &token
, &len
);
329 if (memchr(token
, 0, len
))
332 r
= parse_uid(token
, &u
);
336 /* We ignore the passed value if anonymous authentication is
338 if (!b
->anonymous_auth
&& u
!= b
->ucred
.uid
)
344 static int bus_socket_auth_write(sd_bus
*b
, const char *t
) {
351 /* We only make use of the first iovec */
352 assert(IN_SET(b
->auth_index
, 0, 1));
355 p
= malloc(b
->auth_iovec
[0].iov_len
+ l
);
359 memcpy_safe(p
, b
->auth_iovec
[0].iov_base
, b
->auth_iovec
[0].iov_len
);
360 memcpy(p
+ b
->auth_iovec
[0].iov_len
, t
, l
);
362 b
->auth_iovec
[0].iov_base
= p
;
363 b
->auth_iovec
[0].iov_len
+= l
;
365 free(b
->auth_buffer
);
371 static int bus_socket_auth_write_ok(sd_bus
*b
) {
372 char t
[3 + 32 + 2 + 1];
376 xsprintf(t
, "OK " SD_ID128_FORMAT_STR
"\r\n", SD_ID128_FORMAT_VAL(b
->server_id
));
378 return bus_socket_auth_write(b
, t
);
381 static int bus_socket_auth_verify_server(sd_bus
*b
) {
385 bool processed
= false;
390 if (b
->rbuffer_size
< 1)
393 /* First char must be a NUL byte */
394 if (*(char*) b
->rbuffer
!= 0)
397 if (b
->rbuffer_size
< 3)
400 /* Begin with the first line */
401 if (b
->auth_rbegin
<= 0)
405 /* Check if line is complete */
406 line
= (char*) b
->rbuffer
+ b
->auth_rbegin
;
407 e
= memmem(line
, b
->rbuffer_size
- b
->auth_rbegin
, "\r\n", 2);
413 if (line_begins(line
, l
, "AUTH ANONYMOUS")) {
415 r
= verify_anonymous_token(b
, line
+ 14, l
- 14);
419 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
421 b
->auth
= BUS_AUTH_ANONYMOUS
;
422 r
= bus_socket_auth_write_ok(b
);
425 } else if (line_begins(line
, l
, "AUTH EXTERNAL")) {
427 r
= verify_external_token(b
, line
+ 13, l
- 13);
431 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
433 b
->auth
= BUS_AUTH_EXTERNAL
;
434 r
= bus_socket_auth_write_ok(b
);
437 } else if (line_begins(line
, l
, "AUTH"))
438 r
= bus_socket_auth_write(b
, "REJECTED EXTERNAL ANONYMOUS\r\n");
439 else if (line_equals(line
, l
, "CANCEL") ||
440 line_begins(line
, l
, "ERROR")) {
442 b
->auth
= _BUS_AUTH_INVALID
;
443 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
445 } else if (line_equals(line
, l
, "BEGIN")) {
447 if (b
->auth
== _BUS_AUTH_INVALID
)
448 r
= bus_socket_auth_write(b
, "ERROR\r\n");
450 /* We can't leave from the auth phase
451 * before we haven't written
452 * everything queued, so let's check
455 if (bus_socket_auth_needs_write(b
))
458 b
->rbuffer_size
-= (e
+ 2 - (char*) b
->rbuffer
);
459 memmove(b
->rbuffer
, e
+ 2, b
->rbuffer_size
);
460 return bus_start_running(b
);
463 } else if (line_begins(line
, l
, "DATA")) {
465 if (b
->auth
== _BUS_AUTH_INVALID
)
466 r
= bus_socket_auth_write(b
, "ERROR\r\n");
468 if (b
->auth
== BUS_AUTH_ANONYMOUS
)
469 r
= verify_anonymous_token(b
, line
+ 4, l
- 4);
471 r
= verify_external_token(b
, line
+ 4, l
- 4);
476 b
->auth
= _BUS_AUTH_INVALID
;
477 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
479 r
= bus_socket_auth_write_ok(b
);
481 } else if (line_equals(line
, l
, "NEGOTIATE_UNIX_FD")) {
482 if (b
->auth
== _BUS_AUTH_INVALID
|| !b
->accept_fd
)
483 r
= bus_socket_auth_write(b
, "ERROR\r\n");
486 r
= bus_socket_auth_write(b
, "AGREE_UNIX_FD\r\n");
489 r
= bus_socket_auth_write(b
, "ERROR\r\n");
494 b
->auth_rbegin
= e
+ 2 - (char*) b
->rbuffer
;
500 static int bus_socket_auth_verify(sd_bus
*b
) {
504 return bus_socket_auth_verify_server(b
);
506 return bus_socket_auth_verify_client(b
);
509 static int bus_socket_read_auth(sd_bus
*b
) {
511 struct iovec iov
= {};
517 struct cmsghdr cmsghdr
;
518 uint8_t buf
[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX
)];
520 bool handle_cmsg
= false;
523 assert(b
->state
== BUS_AUTHENTICATING
);
525 r
= bus_socket_auth_verify(b
);
529 n
= MAX(256u, b
->rbuffer_size
* 2);
531 if (n
> BUS_AUTH_SIZE_MAX
)
532 n
= BUS_AUTH_SIZE_MAX
;
534 if (b
->rbuffer_size
>= n
)
537 p
= realloc(b
->rbuffer
, n
);
543 iov
.iov_base
= (uint8_t*) b
->rbuffer
+ b
->rbuffer_size
;
544 iov
.iov_len
= n
- b
->rbuffer_size
;
547 k
= readv(b
->input_fd
, &iov
, 1);
552 mh
.msg_control
= &control
;
553 mh
.msg_controllen
= sizeof(control
);
555 k
= recvmsg(b
->input_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
|MSG_CMSG_CLOEXEC
);
556 if (k
< 0 && errno
== ENOTSOCK
) {
557 b
->prefer_readv
= true;
558 k
= readv(b
->input_fd
, &iov
, 1);
563 return errno
== EAGAIN
? 0 : -errno
;
567 b
->rbuffer_size
+= k
;
570 struct cmsghdr
*cmsg
;
572 CMSG_FOREACH(cmsg
, &mh
)
573 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
574 cmsg
->cmsg_type
== SCM_RIGHTS
) {
577 /* Whut? We received fds during the auth
578 * protocol? Somebody is playing games with
579 * us. Close them all, and fail */
580 j
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
581 close_many((int*) CMSG_DATA(cmsg
), j
);
584 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
585 cmsg
->cmsg_level
, cmsg
->cmsg_type
);
588 r
= bus_socket_auth_verify(b
);
595 void bus_socket_setup(sd_bus
*b
) {
598 /* Increase the buffers to 8 MB */
599 (void) fd_inc_rcvbuf(b
->input_fd
, SNDBUF_SIZE
);
600 (void) fd_inc_sndbuf(b
->output_fd
, SNDBUF_SIZE
);
602 b
->message_version
= 1;
603 b
->message_endian
= 0;
606 static void bus_get_peercred(sd_bus
*b
) {
610 assert(!b
->ucred_valid
);
612 assert(b
->n_groups
== (size_t) -1);
614 /* Get the peer for socketpair() sockets */
615 b
->ucred_valid
= getpeercred(b
->input_fd
, &b
->ucred
) >= 0;
617 /* Get the SELinux context of the peer */
618 r
= getpeersec(b
->input_fd
, &b
->label
);
619 if (r
< 0 && !IN_SET(r
, -EOPNOTSUPP
, -ENOPROTOOPT
))
620 log_debug_errno(r
, "Failed to determine peer security context: %m");
622 /* Get the list of auxiliary groups of the peer */
623 r
= getpeergroups(b
->input_fd
, &b
->groups
);
625 b
->n_groups
= (size_t) r
;
626 else if (!IN_SET(r
, -EOPNOTSUPP
, -ENOPROTOOPT
))
627 log_debug_errno(r
, "Failed to determine peer's group list: %m");
630 static int bus_socket_start_auth_client(sd_bus
*b
) {
632 const char *auth_suffix
, *auth_prefix
;
636 if (b
->anonymous_auth
) {
637 auth_prefix
= "\0AUTH ANONYMOUS ";
639 /* For ANONYMOUS auth we send some arbitrary "trace" string */
641 b
->auth_buffer
= hexmem("anonymous", l
);
643 char text
[DECIMAL_STR_MAX(uid_t
) + 1];
645 auth_prefix
= "\0AUTH EXTERNAL ";
647 xsprintf(text
, UID_FMT
, geteuid());
650 b
->auth_buffer
= hexmem(text
, l
);
657 auth_suffix
= "\r\nNEGOTIATE_UNIX_FD\r\nBEGIN\r\n";
659 auth_suffix
= "\r\nBEGIN\r\n";
661 b
->auth_iovec
[0].iov_base
= (void*) auth_prefix
;
662 b
->auth_iovec
[0].iov_len
= 1 + strlen(auth_prefix
+ 1);
663 b
->auth_iovec
[1].iov_base
= (void*) b
->auth_buffer
;
664 b
->auth_iovec
[1].iov_len
= l
* 2;
665 b
->auth_iovec
[2].iov_base
= (void*) auth_suffix
;
666 b
->auth_iovec
[2].iov_len
= strlen(auth_suffix
);
668 return bus_socket_write_auth(b
);
671 int bus_socket_start_auth(sd_bus
*b
) {
676 bus_set_state(b
, BUS_AUTHENTICATING
);
677 b
->auth_timeout
= now(CLOCK_MONOTONIC
) + BUS_AUTH_TIMEOUT
;
679 if (sd_is_socket(b
->input_fd
, AF_UNIX
, 0, 0) <= 0)
680 b
->accept_fd
= false;
682 if (b
->output_fd
!= b
->input_fd
)
683 if (sd_is_socket(b
->output_fd
, AF_UNIX
, 0, 0) <= 0)
684 b
->accept_fd
= false;
687 return bus_socket_read_auth(b
);
689 return bus_socket_start_auth_client(b
);
692 static int bus_socket_inotify_setup(sd_bus
*b
) {
693 _cleanup_free_
int *new_watches
= NULL
;
694 _cleanup_free_
char *absolute
= NULL
;
695 size_t n_allocated
= 0, n
= 0, done
= 0, i
;
696 unsigned max_follow
= 32;
701 assert(b
->watch_bind
);
702 assert(b
->sockaddr
.sa
.sa_family
== AF_UNIX
);
703 assert(b
->sockaddr
.un
.sun_path
[0] != 0);
705 /* Sets up an inotify fd in case watch_bind is enabled: wait until the configured AF_UNIX file system socket
706 * appears before connecting to it. The implemented is pretty simplistic: we just subscribe to relevant changes
707 * to all prefix components of the path, and every time we get an event for that we try to reconnect again,
708 * without actually caring what precisely the event we got told us. If we still can't connect we re-subscribe
709 * to all relevant changes of anything in the path, so that our watches include any possibly newly created path
712 if (b
->inotify_fd
< 0) {
713 b
->inotify_fd
= inotify_init1(IN_NONBLOCK
|IN_CLOEXEC
);
714 if (b
->inotify_fd
< 0)
718 /* Make sure the path is NUL terminated */
719 p
= strndupa(b
->sockaddr
.un
.sun_path
, sizeof(b
->sockaddr
.un
.sun_path
));
721 /* Make sure the path is absolute */
722 r
= path_make_absolute_cwd(p
, &absolute
);
726 /* Watch all parent directories, and don't mind any prefix that doesn't exist yet. For the innermost directory
727 * that exists we want to know when files are created or moved into it. For all parents of it we just care if
728 * they are removed or renamed. */
730 if (!GREEDY_REALLOC(new_watches
, n_allocated
, n
+ 1)) {
735 /* Start with the top-level directory, which is a bit simpler than the rest, since it can't be a symlink, and
737 wd
= inotify_add_watch(b
->inotify_fd
, "/", IN_CREATE
|IN_MOVED_TO
);
739 r
= log_debug_errno(errno
, "Failed to add inotify watch on /: %m");
742 new_watches
[n
++] = wd
;
745 _cleanup_free_
char *component
= NULL
, *prefix
= NULL
, *destination
= NULL
;
746 size_t n_slashes
, n_component
;
749 n_slashes
= strspn(absolute
+ done
, "/");
750 n_component
= n_slashes
+ strcspn(absolute
+ done
+ n_slashes
, "/");
752 if (n_component
== 0) /* The end */
755 component
= strndup(absolute
+ done
, n_component
);
761 /* A trailing slash? That's a directory, and not a socket then */
762 if (path_equal(component
, "/")) {
767 /* A single dot? Let's eat this up */
768 if (path_equal(component
, "/.")) {
773 prefix
= strndup(absolute
, done
+ n_component
);
779 if (!GREEDY_REALLOC(new_watches
, n_allocated
, n
+ 1)) {
784 wd
= inotify_add_watch(b
->inotify_fd
, prefix
, IN_DELETE_SELF
|IN_MOVE_SELF
|IN_ATTRIB
|IN_CREATE
|IN_MOVED_TO
|IN_DONT_FOLLOW
);
785 log_debug("Added inotify watch for %s on bus %s: %i", prefix
, strna(b
->description
), wd
);
788 if (IN_SET(errno
, ENOENT
, ELOOP
))
789 break; /* This component doesn't exist yet, or the path contains a cyclic symlink right now */
791 r
= log_debug_errno(errno
, "Failed to add inotify watch on %s: %m", isempty(prefix
) ? "/" : prefix
);
794 new_watches
[n
++] = wd
;
796 /* Check if this is possibly a symlink. If so, let's follow it and watch it too. */
797 r
= readlink_malloc(prefix
, &destination
);
798 if (r
== -EINVAL
) { /* not a symlink */
805 if (isempty(destination
)) { /* Empty symlink target? Yuck! */
810 if (max_follow
<= 0) { /* Let's make sure we don't follow symlinks forever */
815 if (path_is_absolute(destination
)) {
816 /* For absolute symlinks we build the new path and start anew */
817 c
= strjoin(destination
, absolute
+ done
+ n_component
);
820 _cleanup_free_
char *t
= NULL
;
822 /* For relative symlinks we replace the last component, and try again */
823 t
= strndup(absolute
, done
);
827 c
= strjoin(t
, "/", destination
, absolute
+ done
+ n_component
);
840 /* And now, let's remove all watches from the previous iteration we don't need anymore */
841 for (i
= 0; i
< b
->n_inotify_watches
; i
++) {
845 for (j
= 0; j
< n
; j
++)
846 if (new_watches
[j
] == b
->inotify_watches
[i
]) {
854 (void) inotify_rm_watch(b
->inotify_fd
, b
->inotify_watches
[i
]);
857 free_and_replace(b
->inotify_watches
, new_watches
);
858 b
->n_inotify_watches
= n
;
863 bus_close_inotify_fd(b
);
867 int bus_socket_connect(sd_bus
*b
) {
868 bool inotify_done
= false;
874 assert(b
->input_fd
< 0);
875 assert(b
->output_fd
< 0);
876 assert(b
->sockaddr
.sa
.sa_family
!= AF_UNSPEC
);
878 b
->input_fd
= socket(b
->sockaddr
.sa
.sa_family
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
882 b
->output_fd
= b
->input_fd
;
885 if (connect(b
->input_fd
, &b
->sockaddr
.sa
, b
->sockaddr_size
) < 0) {
886 if (errno
== EINPROGRESS
) {
888 /* If we have any inotify watches open, close them now, we don't need them anymore, as
889 * we have successfully initiated a connection */
890 bus_close_inotify_fd(b
);
892 /* Note that very likely we are already in BUS_OPENING state here, as we enter it when
893 * we start parsing the address string. The only reason we set the state explicitly
894 * here, is to undo BUS_WATCH_BIND, in case we did the inotify magic. */
895 bus_set_state(b
, BUS_OPENING
);
899 if (IN_SET(errno
, ENOENT
, ECONNREFUSED
) && /* ENOENT → unix socket doesn't exist at all; ECONNREFUSED → unix socket stale */
901 b
->sockaddr
.sa
.sa_family
== AF_UNIX
&&
902 b
->sockaddr
.un
.sun_path
[0] != 0) {
904 /* This connection attempt failed, let's release the socket for now, and start with a
905 * fresh one when reconnecting. */
909 /* inotify set up already, don't do it again, just return now, and remember
910 * that we are waiting for inotify events now. */
911 bus_set_state(b
, BUS_WATCH_BIND
);
915 /* This is a file system socket, and the inotify logic is enabled. Let's create the necessary inotify fd. */
916 r
= bus_socket_inotify_setup(b
);
920 /* Let's now try to connect a second time, because in theory there's otherwise a race
921 * here: the socket might have been created in the time between our first connect() and
922 * the time we set up the inotify logic. But let's remember that we set up inotify now,
923 * so that we don't do the connect() more than twice. */
932 /* Yay, established, we don't need no inotify anymore! */
933 bus_close_inotify_fd(b
);
935 return bus_socket_start_auth(b
);
938 int bus_socket_exec(sd_bus
*b
) {
943 assert(b
->input_fd
< 0);
944 assert(b
->output_fd
< 0);
945 assert(b
->exec_path
);
947 r
= socketpair(AF_UNIX
, SOCK_STREAM
|SOCK_NONBLOCK
|SOCK_CLOEXEC
, 0, s
);
951 r
= safe_fork_full("(sd-busexec)", s
+1, 1, FORK_RESET_SIGNALS
|FORK_CLOSE_ALL_FDS
, &pid
);
959 assert_se(dup3(s
[1], STDIN_FILENO
, 0) == STDIN_FILENO
);
960 assert_se(dup3(s
[1], STDOUT_FILENO
, 0) == STDOUT_FILENO
);
962 if (!IN_SET(s
[1], STDIN_FILENO
, STDOUT_FILENO
))
965 (void) fd_cloexec(STDIN_FILENO
, false);
966 (void) fd_cloexec(STDOUT_FILENO
, false);
967 (void) fd_nonblock(STDIN_FILENO
, false);
968 (void) fd_nonblock(STDOUT_FILENO
, false);
971 execvp(b
->exec_path
, b
->exec_argv
);
973 const char *argv
[] = { b
->exec_path
, NULL
};
974 execvp(b
->exec_path
, (char**) argv
);
981 b
->output_fd
= b
->input_fd
= s
[0];
985 return bus_socket_start_auth(b
);
988 int bus_socket_take_fd(sd_bus
*b
) {
993 return bus_socket_start_auth(b
);
996 int bus_socket_write_message(sd_bus
*bus
, sd_bus_message
*m
, size_t *idx
) {
1006 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1008 if (*idx
>= BUS_MESSAGE_SIZE(m
))
1011 r
= bus_message_setup_iovec(m
);
1015 n
= m
->n_iovec
* sizeof(struct iovec
);
1017 memcpy_safe(iov
, m
->iovec
, n
);
1020 iovec_advance(iov
, &j
, *idx
);
1022 if (bus
->prefer_writev
)
1023 k
= writev(bus
->output_fd
, iov
, m
->n_iovec
);
1025 struct msghdr mh
= {
1027 .msg_iovlen
= m
->n_iovec
,
1030 if (m
->n_fds
> 0 && *idx
== 0) {
1031 struct cmsghdr
*control
;
1033 mh
.msg_control
= control
= alloca(CMSG_SPACE(sizeof(int) * m
->n_fds
));
1034 mh
.msg_controllen
= control
->cmsg_len
= CMSG_LEN(sizeof(int) * m
->n_fds
);
1035 control
->cmsg_level
= SOL_SOCKET
;
1036 control
->cmsg_type
= SCM_RIGHTS
;
1037 memcpy(CMSG_DATA(control
), m
->fds
, sizeof(int) * m
->n_fds
);
1040 k
= sendmsg(bus
->output_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
);
1041 if (k
< 0 && errno
== ENOTSOCK
) {
1042 bus
->prefer_writev
= true;
1043 k
= writev(bus
->output_fd
, iov
, m
->n_iovec
);
1048 return errno
== EAGAIN
? 0 : -errno
;
1054 static int bus_socket_read_message_need(sd_bus
*bus
, size_t *need
) {
1061 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1063 if (bus
->rbuffer_size
< sizeof(struct bus_header
)) {
1064 *need
= sizeof(struct bus_header
) + 8;
1066 /* Minimum message size:
1070 * Method Call: +2 string headers
1071 * Signal: +3 string headers
1072 * Method Error: +1 string headers
1074 * Method Reply: +1 uint32 headers
1076 * A string header is at least 9 bytes
1077 * A uint32 header is at least 8 bytes
1079 * Hence the minimum message size of a valid message
1080 * is header + 8 bytes */
1085 a
= ((const uint32_t*) bus
->rbuffer
)[1];
1086 b
= ((const uint32_t*) bus
->rbuffer
)[3];
1088 e
= ((const uint8_t*) bus
->rbuffer
)[0];
1089 if (e
== BUS_LITTLE_ENDIAN
) {
1092 } else if (e
== BUS_BIG_ENDIAN
) {
1098 sum
= (uint64_t) sizeof(struct bus_header
) + (uint64_t) ALIGN_TO(b
, 8) + (uint64_t) a
;
1099 if (sum
>= BUS_MESSAGE_SIZE_MAX
)
1102 *need
= (size_t) sum
;
1106 static int bus_socket_make_message(sd_bus
*bus
, size_t size
) {
1112 assert(bus
->rbuffer_size
>= size
);
1113 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1115 r
= bus_rqueue_make_room(bus
);
1119 if (bus
->rbuffer_size
> size
) {
1120 b
= memdup((const uint8_t*) bus
->rbuffer
+ size
,
1121 bus
->rbuffer_size
- size
);
1127 r
= bus_message_from_malloc(bus
,
1129 bus
->fds
, bus
->n_fds
,
1138 bus
->rbuffer_size
-= size
;
1143 bus
->rqueue
[bus
->rqueue_size
++] = t
;
1148 int bus_socket_read_message(sd_bus
*bus
) {
1150 struct iovec iov
= {};
1156 struct cmsghdr cmsghdr
;
1157 uint8_t buf
[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX
)];
1159 bool handle_cmsg
= false;
1162 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1164 r
= bus_socket_read_message_need(bus
, &need
);
1168 if (bus
->rbuffer_size
>= need
)
1169 return bus_socket_make_message(bus
, need
);
1171 b
= realloc(bus
->rbuffer
, need
);
1177 iov
.iov_base
= (uint8_t*) bus
->rbuffer
+ bus
->rbuffer_size
;
1178 iov
.iov_len
= need
- bus
->rbuffer_size
;
1180 if (bus
->prefer_readv
)
1181 k
= readv(bus
->input_fd
, &iov
, 1);
1186 mh
.msg_control
= &control
;
1187 mh
.msg_controllen
= sizeof(control
);
1189 k
= recvmsg(bus
->input_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
|MSG_CMSG_CLOEXEC
);
1190 if (k
< 0 && errno
== ENOTSOCK
) {
1191 bus
->prefer_readv
= true;
1192 k
= readv(bus
->input_fd
, &iov
, 1);
1197 return errno
== EAGAIN
? 0 : -errno
;
1201 bus
->rbuffer_size
+= k
;
1204 struct cmsghdr
*cmsg
;
1206 CMSG_FOREACH(cmsg
, &mh
)
1207 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1208 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1211 n
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1213 if (!bus
->can_fds
) {
1214 /* Whut? We received fds but this
1215 * isn't actually enabled? Close them,
1218 close_many((int*) CMSG_DATA(cmsg
), n
);
1222 f
= realloc(bus
->fds
, sizeof(int) * (bus
->n_fds
+ n
));
1224 close_many((int*) CMSG_DATA(cmsg
), n
);
1228 memcpy_safe(f
+ bus
->n_fds
, CMSG_DATA(cmsg
), n
* sizeof(int));
1232 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
1233 cmsg
->cmsg_level
, cmsg
->cmsg_type
);
1236 r
= bus_socket_read_message_need(bus
, &need
);
1240 if (bus
->rbuffer_size
>= need
)
1241 return bus_socket_make_message(bus
, need
);
1246 int bus_socket_process_opening(sd_bus
*b
) {
1248 socklen_t slen
= sizeof(error
);
1255 assert(b
->state
== BUS_OPENING
);
1261 if (!(p
.revents
& (POLLOUT
|POLLERR
|POLLHUP
)))
1264 r
= getsockopt(b
->output_fd
, SOL_SOCKET
, SO_ERROR
, &error
, &slen
);
1266 b
->last_connect_error
= errno
;
1267 else if (error
!= 0)
1268 b
->last_connect_error
= error
;
1269 else if (p
.revents
& (POLLERR
|POLLHUP
))
1270 b
->last_connect_error
= ECONNREFUSED
;
1272 return bus_socket_start_auth(b
);
1274 return bus_next_address(b
);
1277 int bus_socket_process_authenticating(sd_bus
*b
) {
1281 assert(b
->state
== BUS_AUTHENTICATING
);
1283 if (now(CLOCK_MONOTONIC
) >= b
->auth_timeout
)
1286 r
= bus_socket_write_auth(b
);
1290 return bus_socket_read_auth(b
);
1293 int bus_socket_process_watch_bind(sd_bus
*b
) {
1297 assert(b
->state
== BUS_WATCH_BIND
);
1298 assert(b
->inotify_fd
>= 0);
1300 r
= flush_fd(b
->inotify_fd
);
1304 log_debug("Got inotify event on bus %s.", strna(b
->description
));
1306 /* We flushed events out of the inotify fd. In that case, maybe the socket is valid now? Let's try to connect
1309 r
= bus_socket_connect(b
);
1313 q
= bus_attach_io_events(b
);
1317 q
= bus_attach_inotify_event(b
);