]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd/sd-bus/bus-socket.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2013 Lennart Poettering
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
27 #include "sd-daemon.h"
29 #include "alloc-util.h"
30 #include "bus-internal.h"
31 #include "bus-message.h"
32 #include "bus-socket.h"
34 #include "format-util.h"
36 #include "hexdecoct.h"
40 #include "path-util.h"
41 #include "process-util.h"
42 #include "selinux-util.h"
43 #include "signal-util.h"
44 #include "stdio-util.h"
45 #include "string-util.h"
46 #include "user-util.h"
50 #define SNDBUF_SIZE (8*1024*1024)
52 static void iovec_advance(struct iovec iov
[], unsigned *idx
, size_t size
) {
55 struct iovec
*i
= iov
+ *idx
;
57 if (i
->iov_len
> size
) {
58 i
->iov_base
= (uint8_t*) i
->iov_base
+ size
;
72 static int append_iovec(sd_bus_message
*m
, const void *p
, size_t sz
) {
77 m
->iovec
[m
->n_iovec
].iov_base
= (void*) p
;
78 m
->iovec
[m
->n_iovec
].iov_len
= sz
;
84 static int bus_message_setup_iovec(sd_bus_message
*m
) {
85 struct bus_body_part
*part
;
97 n
= 1 + m
->n_body_parts
;
98 if (n
< ELEMENTSOF(m
->iovec_fixed
))
99 m
->iovec
= m
->iovec_fixed
;
101 m
->iovec
= new(struct iovec
, n
);
108 r
= append_iovec(m
, m
->header
, BUS_MESSAGE_BODY_BEGIN(m
));
112 MESSAGE_FOREACH_PART(part
, i
, m
) {
113 r
= bus_body_part_map(part
);
117 r
= append_iovec(m
, part
->data
, part
->size
);
122 assert(n
== m
->n_iovec
);
131 bool bus_socket_auth_needs_write(sd_bus
*b
) {
135 if (b
->auth_index
>= ELEMENTSOF(b
->auth_iovec
))
138 for (i
= b
->auth_index
; i
< ELEMENTSOF(b
->auth_iovec
); i
++) {
139 struct iovec
*j
= b
->auth_iovec
+ i
;
148 static int bus_socket_write_auth(sd_bus
*b
) {
152 assert(b
->state
== BUS_AUTHENTICATING
);
154 if (!bus_socket_auth_needs_write(b
))
157 if (b
->prefer_writev
)
158 k
= writev(b
->output_fd
, b
->auth_iovec
+ b
->auth_index
, ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
);
163 mh
.msg_iov
= b
->auth_iovec
+ b
->auth_index
;
164 mh
.msg_iovlen
= ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
;
166 k
= sendmsg(b
->output_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
);
167 if (k
< 0 && errno
== ENOTSOCK
) {
168 b
->prefer_writev
= true;
169 k
= writev(b
->output_fd
, b
->auth_iovec
+ b
->auth_index
, ELEMENTSOF(b
->auth_iovec
) - b
->auth_index
);
174 return errno
== EAGAIN
? 0 : -errno
;
176 iovec_advance(b
->auth_iovec
, &b
->auth_index
, (size_t) k
);
180 static int bus_socket_auth_verify_client(sd_bus
*b
) {
188 /* We expect two response lines: "OK" and possibly
191 e
= memmem_safe(b
->rbuffer
, b
->rbuffer_size
, "\r\n", 2);
196 f
= memmem(e
+ 2, b
->rbuffer_size
- (e
- (char*) b
->rbuffer
) - 2, "\r\n", 2);
206 /* Nice! We got all the lines we need. First check the OK
209 if (e
- (char*) b
->rbuffer
!= 3 + 32)
212 if (memcmp(b
->rbuffer
, "OK ", 3))
215 b
->auth
= b
->anonymous_auth
? BUS_AUTH_ANONYMOUS
: BUS_AUTH_EXTERNAL
;
217 for (i
= 0; i
< 32; i
+= 2) {
220 x
= unhexchar(((char*) b
->rbuffer
)[3 + i
]);
221 y
= unhexchar(((char*) b
->rbuffer
)[3 + i
+ 1]);
226 peer
.bytes
[i
/2] = ((uint8_t) x
<< 4 | (uint8_t) y
);
229 if (!sd_id128_is_null(b
->server_id
) &&
230 !sd_id128_equal(b
->server_id
, peer
))
235 /* And possibly check the second line, too */
239 (f
- e
== STRLEN("\r\nAGREE_UNIX_FD")) &&
240 memcmp(e
+ 2, "AGREE_UNIX_FD",
241 STRLEN("AGREE_UNIX_FD")) == 0;
243 b
->rbuffer_size
-= (start
- (char*) b
->rbuffer
);
244 memmove(b
->rbuffer
, start
, b
->rbuffer_size
);
246 r
= bus_start_running(b
);
253 static bool line_equals(const char *s
, size_t m
, const char *line
) {
260 return memcmp(s
, line
, l
) == 0;
263 static bool line_begins(const char *s
, size_t m
, const char *word
) {
270 if (memcmp(s
, word
, l
) != 0)
273 return m
== l
|| (m
> l
&& s
[l
] == ' ');
276 static int verify_anonymous_token(sd_bus
*b
, const char *p
, size_t l
) {
277 _cleanup_free_
char *token
= NULL
;
281 if (!b
->anonymous_auth
)
293 r
= unhexmem(p
, l
, (void **) &token
, &len
);
297 if (memchr(token
, 0, len
))
300 return !!utf8_is_valid(token
);
303 static int verify_external_token(sd_bus
*b
, const char *p
, size_t l
) {
304 _cleanup_free_
char *token
= NULL
;
309 /* We don't do any real authentication here. Instead, we if
310 * the owner of this bus wanted authentication he should have
311 * checked SO_PEERCRED before even creating the bus object. */
313 if (!b
->anonymous_auth
&& !b
->ucred_valid
)
325 r
= unhexmem(p
, l
, (void**) &token
, &len
);
329 if (memchr(token
, 0, len
))
332 r
= parse_uid(token
, &u
);
336 /* We ignore the passed value if anonymous authentication is
338 if (!b
->anonymous_auth
&& u
!= b
->ucred
.uid
)
344 static int bus_socket_auth_write(sd_bus
*b
, const char *t
) {
351 /* We only make use of the first iovec */
352 assert(IN_SET(b
->auth_index
, 0, 1));
355 p
= malloc(b
->auth_iovec
[0].iov_len
+ l
);
359 memcpy_safe(p
, b
->auth_iovec
[0].iov_base
, b
->auth_iovec
[0].iov_len
);
360 memcpy(p
+ b
->auth_iovec
[0].iov_len
, t
, l
);
362 b
->auth_iovec
[0].iov_base
= p
;
363 b
->auth_iovec
[0].iov_len
+= l
;
365 free(b
->auth_buffer
);
371 static int bus_socket_auth_write_ok(sd_bus
*b
) {
372 char t
[3 + 32 + 2 + 1];
376 xsprintf(t
, "OK " SD_ID128_FORMAT_STR
"\r\n", SD_ID128_FORMAT_VAL(b
->server_id
));
378 return bus_socket_auth_write(b
, t
);
381 static int bus_socket_auth_verify_server(sd_bus
*b
) {
385 bool processed
= false;
390 if (b
->rbuffer_size
< 1)
393 /* First char must be a NUL byte */
394 if (*(char*) b
->rbuffer
!= 0)
397 if (b
->rbuffer_size
< 3)
400 /* Begin with the first line */
401 if (b
->auth_rbegin
<= 0)
405 /* Check if line is complete */
406 line
= (char*) b
->rbuffer
+ b
->auth_rbegin
;
407 e
= memmem(line
, b
->rbuffer_size
- b
->auth_rbegin
, "\r\n", 2);
413 if (line_begins(line
, l
, "AUTH ANONYMOUS")) {
415 r
= verify_anonymous_token(b
, line
+ 14, l
- 14);
419 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
421 b
->auth
= BUS_AUTH_ANONYMOUS
;
422 r
= bus_socket_auth_write_ok(b
);
425 } else if (line_begins(line
, l
, "AUTH EXTERNAL")) {
427 r
= verify_external_token(b
, line
+ 13, l
- 13);
431 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
433 b
->auth
= BUS_AUTH_EXTERNAL
;
434 r
= bus_socket_auth_write_ok(b
);
437 } else if (line_begins(line
, l
, "AUTH"))
438 r
= bus_socket_auth_write(b
, "REJECTED EXTERNAL ANONYMOUS\r\n");
439 else if (line_equals(line
, l
, "CANCEL") ||
440 line_begins(line
, l
, "ERROR")) {
442 b
->auth
= _BUS_AUTH_INVALID
;
443 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
445 } else if (line_equals(line
, l
, "BEGIN")) {
447 if (b
->auth
== _BUS_AUTH_INVALID
)
448 r
= bus_socket_auth_write(b
, "ERROR\r\n");
450 /* We can't leave from the auth phase
451 * before we haven't written
452 * everything queued, so let's check
455 if (bus_socket_auth_needs_write(b
))
458 b
->rbuffer_size
-= (e
+ 2 - (char*) b
->rbuffer
);
459 memmove(b
->rbuffer
, e
+ 2, b
->rbuffer_size
);
460 return bus_start_running(b
);
463 } else if (line_begins(line
, l
, "DATA")) {
465 if (b
->auth
== _BUS_AUTH_INVALID
)
466 r
= bus_socket_auth_write(b
, "ERROR\r\n");
468 if (b
->auth
== BUS_AUTH_ANONYMOUS
)
469 r
= verify_anonymous_token(b
, line
+ 4, l
- 4);
471 r
= verify_external_token(b
, line
+ 4, l
- 4);
476 b
->auth
= _BUS_AUTH_INVALID
;
477 r
= bus_socket_auth_write(b
, "REJECTED\r\n");
479 r
= bus_socket_auth_write_ok(b
);
481 } else if (line_equals(line
, l
, "NEGOTIATE_UNIX_FD")) {
482 if (b
->auth
== _BUS_AUTH_INVALID
|| !b
->accept_fd
)
483 r
= bus_socket_auth_write(b
, "ERROR\r\n");
486 r
= bus_socket_auth_write(b
, "AGREE_UNIX_FD\r\n");
489 r
= bus_socket_auth_write(b
, "ERROR\r\n");
494 b
->auth_rbegin
= e
+ 2 - (char*) b
->rbuffer
;
500 static int bus_socket_auth_verify(sd_bus
*b
) {
504 return bus_socket_auth_verify_server(b
);
506 return bus_socket_auth_verify_client(b
);
509 static int bus_socket_read_auth(sd_bus
*b
) {
511 struct iovec iov
= {};
517 struct cmsghdr cmsghdr
;
518 uint8_t buf
[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX
)];
520 bool handle_cmsg
= false;
523 assert(b
->state
== BUS_AUTHENTICATING
);
525 r
= bus_socket_auth_verify(b
);
529 n
= MAX(256u, b
->rbuffer_size
* 2);
531 if (n
> BUS_AUTH_SIZE_MAX
)
532 n
= BUS_AUTH_SIZE_MAX
;
534 if (b
->rbuffer_size
>= n
)
537 p
= realloc(b
->rbuffer
, n
);
543 iov
.iov_base
= (uint8_t*) b
->rbuffer
+ b
->rbuffer_size
;
544 iov
.iov_len
= n
- b
->rbuffer_size
;
547 k
= readv(b
->input_fd
, &iov
, 1);
552 mh
.msg_control
= &control
;
553 mh
.msg_controllen
= sizeof(control
);
555 k
= recvmsg(b
->input_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
|MSG_CMSG_CLOEXEC
);
556 if (k
< 0 && errno
== ENOTSOCK
) {
557 b
->prefer_readv
= true;
558 k
= readv(b
->input_fd
, &iov
, 1);
563 return errno
== EAGAIN
? 0 : -errno
;
567 b
->rbuffer_size
+= k
;
570 struct cmsghdr
*cmsg
;
572 CMSG_FOREACH(cmsg
, &mh
)
573 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
574 cmsg
->cmsg_type
== SCM_RIGHTS
) {
577 /* Whut? We received fds during the auth
578 * protocol? Somebody is playing games with
579 * us. Close them all, and fail */
580 j
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
581 close_many((int*) CMSG_DATA(cmsg
), j
);
584 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
585 cmsg
->cmsg_level
, cmsg
->cmsg_type
);
588 r
= bus_socket_auth_verify(b
);
595 void bus_socket_setup(sd_bus
*b
) {
598 /* Increase the buffers to 8 MB */
599 (void) fd_inc_rcvbuf(b
->input_fd
, SNDBUF_SIZE
);
600 (void) fd_inc_sndbuf(b
->output_fd
, SNDBUF_SIZE
);
602 b
->message_version
= 1;
603 b
->message_endian
= 0;
606 static void bus_get_peercred(sd_bus
*b
) {
610 assert(!b
->ucred_valid
);
612 assert(b
->n_groups
== (size_t) -1);
614 /* Get the peer for socketpair() sockets */
615 b
->ucred_valid
= getpeercred(b
->input_fd
, &b
->ucred
) >= 0;
617 /* Get the SELinux context of the peer */
618 r
= getpeersec(b
->input_fd
, &b
->label
);
619 if (r
< 0 && !IN_SET(r
, -EOPNOTSUPP
, -ENOPROTOOPT
))
620 log_debug_errno(r
, "Failed to determine peer security context: %m");
622 /* Get the list of auxiliary groups of the peer */
623 r
= getpeergroups(b
->input_fd
, &b
->groups
);
625 if (!IN_SET(r
, -EOPNOTSUPP
, -ENOPROTOOPT
))
626 log_debug_errno(r
, "Failed to determine peer groups list: %m");
628 b
->n_groups
= (size_t) -1;
630 b
->n_groups
= (size_t) r
;
633 static int bus_socket_start_auth_client(sd_bus
*b
) {
635 const char *auth_suffix
, *auth_prefix
;
639 if (b
->anonymous_auth
) {
640 auth_prefix
= "\0AUTH ANONYMOUS ";
642 /* For ANONYMOUS auth we send some arbitrary "trace" string */
644 b
->auth_buffer
= hexmem("anonymous", l
);
646 char text
[DECIMAL_STR_MAX(uid_t
) + 1];
648 auth_prefix
= "\0AUTH EXTERNAL ";
650 xsprintf(text
, UID_FMT
, geteuid());
653 b
->auth_buffer
= hexmem(text
, l
);
660 auth_suffix
= "\r\nNEGOTIATE_UNIX_FD\r\nBEGIN\r\n";
662 auth_suffix
= "\r\nBEGIN\r\n";
664 b
->auth_iovec
[0].iov_base
= (void*) auth_prefix
;
665 b
->auth_iovec
[0].iov_len
= 1 + strlen(auth_prefix
+ 1);
666 b
->auth_iovec
[1].iov_base
= (void*) b
->auth_buffer
;
667 b
->auth_iovec
[1].iov_len
= l
* 2;
668 b
->auth_iovec
[2].iov_base
= (void*) auth_suffix
;
669 b
->auth_iovec
[2].iov_len
= strlen(auth_suffix
);
671 return bus_socket_write_auth(b
);
674 int bus_socket_start_auth(sd_bus
*b
) {
679 bus_set_state(b
, BUS_AUTHENTICATING
);
680 b
->auth_timeout
= now(CLOCK_MONOTONIC
) + BUS_AUTH_TIMEOUT
;
682 if (sd_is_socket(b
->input_fd
, AF_UNIX
, 0, 0) <= 0)
683 b
->accept_fd
= false;
685 if (b
->output_fd
!= b
->input_fd
)
686 if (sd_is_socket(b
->output_fd
, AF_UNIX
, 0, 0) <= 0)
687 b
->accept_fd
= false;
690 return bus_socket_read_auth(b
);
692 return bus_socket_start_auth_client(b
);
695 static int bus_socket_inotify_setup(sd_bus
*b
) {
696 _cleanup_free_
int *new_watches
= NULL
;
697 _cleanup_free_
char *absolute
= NULL
;
698 size_t n_allocated
= 0, n
= 0, done
= 0, i
;
699 unsigned max_follow
= 32;
704 assert(b
->watch_bind
);
705 assert(b
->sockaddr
.sa
.sa_family
== AF_UNIX
);
706 assert(b
->sockaddr
.un
.sun_path
[0] != 0);
708 /* Sets up an inotify fd in case watch_bind is enabled: wait until the configured AF_UNIX file system socket
709 * appears before connecting to it. The implemented is pretty simplistic: we just subscribe to relevant changes
710 * to all prefix components of the path, and every time we get an event for that we try to reconnect again,
711 * without actually caring what precisely the event we got told us. If we still can't connect we re-subscribe
712 * to all relevant changes of anything in the path, so that our watches include any possibly newly created path
715 if (b
->inotify_fd
< 0) {
716 b
->inotify_fd
= inotify_init1(IN_NONBLOCK
|IN_CLOEXEC
);
717 if (b
->inotify_fd
< 0)
721 /* Make sure the path is NUL terminated */
722 p
= strndupa(b
->sockaddr
.un
.sun_path
, sizeof(b
->sockaddr
.un
.sun_path
));
724 /* Make sure the path is absolute */
725 r
= path_make_absolute_cwd(p
, &absolute
);
729 /* Watch all parent directories, and don't mind any prefix that doesn't exist yet. For the innermost directory
730 * that exists we want to know when files are created or moved into it. For all parents of it we just care if
731 * they are removed or renamed. */
733 if (!GREEDY_REALLOC(new_watches
, n_allocated
, n
+ 1)) {
738 /* Start with the top-level directory, which is a bit simpler than the rest, since it can't be a symlink, and
740 wd
= inotify_add_watch(b
->inotify_fd
, "/", IN_CREATE
|IN_MOVED_TO
);
742 r
= log_debug_errno(errno
, "Failed to add inotify watch on /: %m");
745 new_watches
[n
++] = wd
;
748 _cleanup_free_
char *component
= NULL
, *prefix
= NULL
, *destination
= NULL
;
749 size_t n_slashes
, n_component
;
752 n_slashes
= strspn(absolute
+ done
, "/");
753 n_component
= n_slashes
+ strcspn(absolute
+ done
+ n_slashes
, "/");
755 if (n_component
== 0) /* The end */
758 component
= strndup(absolute
+ done
, n_component
);
764 /* A trailing slash? That's a directory, and not a socket then */
765 if (path_equal(component
, "/")) {
770 /* A single dot? Let's eat this up */
771 if (path_equal(component
, "/.")) {
776 prefix
= strndup(absolute
, done
+ n_component
);
782 if (!GREEDY_REALLOC(new_watches
, n_allocated
, n
+ 1)) {
787 wd
= inotify_add_watch(b
->inotify_fd
, prefix
, IN_DELETE_SELF
|IN_MOVE_SELF
|IN_ATTRIB
|IN_CREATE
|IN_MOVED_TO
|IN_DONT_FOLLOW
);
788 log_debug("Added inotify watch for %s on bus %s: %i", prefix
, strna(b
->description
), wd
);
791 if (IN_SET(errno
, ENOENT
, ELOOP
))
792 break; /* This component doesn't exist yet, or the path contains a cyclic symlink right now */
794 r
= log_debug_errno(errno
, "Failed to add inotify watch on %s: %m", isempty(prefix
) ? "/" : prefix
);
797 new_watches
[n
++] = wd
;
799 /* Check if this is possibly a symlink. If so, let's follow it and watch it too. */
800 r
= readlink_malloc(prefix
, &destination
);
801 if (r
== -EINVAL
) { /* not a symlink */
808 if (isempty(destination
)) { /* Empty symlink target? Yuck! */
813 if (max_follow
<= 0) { /* Let's make sure we don't follow symlinks forever */
818 if (path_is_absolute(destination
)) {
819 /* For absolute symlinks we build the new path and start anew */
820 c
= strjoin(destination
, absolute
+ done
+ n_component
);
823 _cleanup_free_
char *t
= NULL
;
825 /* For relative symlinks we replace the last component, and try again */
826 t
= strndup(absolute
, done
);
830 c
= strjoin(t
, "/", destination
, absolute
+ done
+ n_component
);
843 /* And now, let's remove all watches from the previous iteration we don't need anymore */
844 for (i
= 0; i
< b
->n_inotify_watches
; i
++) {
848 for (j
= 0; j
< n
; j
++)
849 if (new_watches
[j
] == b
->inotify_watches
[i
]) {
857 (void) inotify_rm_watch(b
->inotify_fd
, b
->inotify_watches
[i
]);
860 free_and_replace(b
->inotify_watches
, new_watches
);
861 b
->n_inotify_watches
= n
;
866 bus_close_inotify_fd(b
);
870 int bus_socket_connect(sd_bus
*b
) {
871 bool inotify_done
= false;
877 assert(b
->input_fd
< 0);
878 assert(b
->output_fd
< 0);
879 assert(b
->sockaddr
.sa
.sa_family
!= AF_UNSPEC
);
881 b
->input_fd
= socket(b
->sockaddr
.sa
.sa_family
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
885 b
->output_fd
= b
->input_fd
;
888 if (connect(b
->input_fd
, &b
->sockaddr
.sa
, b
->sockaddr_size
) < 0) {
889 if (errno
== EINPROGRESS
) {
891 /* If we have any inotify watches open, close them now, we don't need them anymore, as
892 * we have successfully initiated a connection */
893 bus_close_inotify_fd(b
);
895 /* Note that very likely we are already in BUS_OPENING state here, as we enter it when
896 * we start parsing the address string. The only reason we set the state explicitly
897 * here, is to undo BUS_WATCH_BIND, in case we did the inotify magic. */
898 bus_set_state(b
, BUS_OPENING
);
902 if (IN_SET(errno
, ENOENT
, ECONNREFUSED
) && /* ENOENT → unix socket doesn't exist at all; ECONNREFUSED → unix socket stale */
904 b
->sockaddr
.sa
.sa_family
== AF_UNIX
&&
905 b
->sockaddr
.un
.sun_path
[0] != 0) {
907 /* This connection attempt failed, let's release the socket for now, and start with a
908 * fresh one when reconnecting. */
912 /* inotify set up already, don't do it again, just return now, and remember
913 * that we are waiting for inotify events now. */
914 bus_set_state(b
, BUS_WATCH_BIND
);
918 /* This is a file system socket, and the inotify logic is enabled. Let's create the necessary inotify fd. */
919 r
= bus_socket_inotify_setup(b
);
923 /* Let's now try to connect a second time, because in theory there's otherwise a race
924 * here: the socket might have been created in the time between our first connect() and
925 * the time we set up the inotify logic. But let's remember that we set up inotify now,
926 * so that we don't do the connect() more than twice. */
935 /* Yay, established, we don't need no inotify anymore! */
936 bus_close_inotify_fd(b
);
938 return bus_socket_start_auth(b
);
941 int bus_socket_exec(sd_bus
*b
) {
946 assert(b
->input_fd
< 0);
947 assert(b
->output_fd
< 0);
948 assert(b
->exec_path
);
950 r
= socketpair(AF_UNIX
, SOCK_STREAM
|SOCK_NONBLOCK
|SOCK_CLOEXEC
, 0, s
);
954 r
= safe_fork_full("(sd-busexec)", s
+1, 1, FORK_RESET_SIGNALS
|FORK_CLOSE_ALL_FDS
, &pid
);
962 assert_se(dup3(s
[1], STDIN_FILENO
, 0) == STDIN_FILENO
);
963 assert_se(dup3(s
[1], STDOUT_FILENO
, 0) == STDOUT_FILENO
);
965 if (!IN_SET(s
[1], STDIN_FILENO
, STDOUT_FILENO
))
968 (void) fd_cloexec(STDIN_FILENO
, false);
969 (void) fd_cloexec(STDOUT_FILENO
, false);
970 (void) fd_nonblock(STDIN_FILENO
, false);
971 (void) fd_nonblock(STDOUT_FILENO
, false);
974 execvp(b
->exec_path
, b
->exec_argv
);
976 const char *argv
[] = { b
->exec_path
, NULL
};
977 execvp(b
->exec_path
, (char**) argv
);
984 b
->output_fd
= b
->input_fd
= s
[0];
988 return bus_socket_start_auth(b
);
991 int bus_socket_take_fd(sd_bus
*b
) {
996 return bus_socket_start_auth(b
);
999 int bus_socket_write_message(sd_bus
*bus
, sd_bus_message
*m
, size_t *idx
) {
1009 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1011 if (*idx
>= BUS_MESSAGE_SIZE(m
))
1014 r
= bus_message_setup_iovec(m
);
1018 n
= m
->n_iovec
* sizeof(struct iovec
);
1020 memcpy_safe(iov
, m
->iovec
, n
);
1023 iovec_advance(iov
, &j
, *idx
);
1025 if (bus
->prefer_writev
)
1026 k
= writev(bus
->output_fd
, iov
, m
->n_iovec
);
1028 struct msghdr mh
= {
1030 .msg_iovlen
= m
->n_iovec
,
1033 if (m
->n_fds
> 0 && *idx
== 0) {
1034 struct cmsghdr
*control
;
1036 mh
.msg_control
= control
= alloca(CMSG_SPACE(sizeof(int) * m
->n_fds
));
1037 mh
.msg_controllen
= control
->cmsg_len
= CMSG_LEN(sizeof(int) * m
->n_fds
);
1038 control
->cmsg_level
= SOL_SOCKET
;
1039 control
->cmsg_type
= SCM_RIGHTS
;
1040 memcpy(CMSG_DATA(control
), m
->fds
, sizeof(int) * m
->n_fds
);
1043 k
= sendmsg(bus
->output_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
);
1044 if (k
< 0 && errno
== ENOTSOCK
) {
1045 bus
->prefer_writev
= true;
1046 k
= writev(bus
->output_fd
, iov
, m
->n_iovec
);
1051 return errno
== EAGAIN
? 0 : -errno
;
1057 static int bus_socket_read_message_need(sd_bus
*bus
, size_t *need
) {
1064 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1066 if (bus
->rbuffer_size
< sizeof(struct bus_header
)) {
1067 *need
= sizeof(struct bus_header
) + 8;
1069 /* Minimum message size:
1073 * Method Call: +2 string headers
1074 * Signal: +3 string headers
1075 * Method Error: +1 string headers
1077 * Method Reply: +1 uint32 headers
1079 * A string header is at least 9 bytes
1080 * A uint32 header is at least 8 bytes
1082 * Hence the minimum message size of a valid message
1083 * is header + 8 bytes */
1088 a
= ((const uint32_t*) bus
->rbuffer
)[1];
1089 b
= ((const uint32_t*) bus
->rbuffer
)[3];
1091 e
= ((const uint8_t*) bus
->rbuffer
)[0];
1092 if (e
== BUS_LITTLE_ENDIAN
) {
1095 } else if (e
== BUS_BIG_ENDIAN
) {
1101 sum
= (uint64_t) sizeof(struct bus_header
) + (uint64_t) ALIGN_TO(b
, 8) + (uint64_t) a
;
1102 if (sum
>= BUS_MESSAGE_SIZE_MAX
)
1105 *need
= (size_t) sum
;
1109 static int bus_socket_make_message(sd_bus
*bus
, size_t size
) {
1115 assert(bus
->rbuffer_size
>= size
);
1116 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1118 r
= bus_rqueue_make_room(bus
);
1122 if (bus
->rbuffer_size
> size
) {
1123 b
= memdup((const uint8_t*) bus
->rbuffer
+ size
,
1124 bus
->rbuffer_size
- size
);
1130 r
= bus_message_from_malloc(bus
,
1132 bus
->fds
, bus
->n_fds
,
1141 bus
->rbuffer_size
-= size
;
1146 bus
->rqueue
[bus
->rqueue_size
++] = t
;
1151 int bus_socket_read_message(sd_bus
*bus
) {
1153 struct iovec iov
= {};
1159 struct cmsghdr cmsghdr
;
1160 uint8_t buf
[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX
)];
1162 bool handle_cmsg
= false;
1165 assert(IN_SET(bus
->state
, BUS_RUNNING
, BUS_HELLO
));
1167 r
= bus_socket_read_message_need(bus
, &need
);
1171 if (bus
->rbuffer_size
>= need
)
1172 return bus_socket_make_message(bus
, need
);
1174 b
= realloc(bus
->rbuffer
, need
);
1180 iov
.iov_base
= (uint8_t*) bus
->rbuffer
+ bus
->rbuffer_size
;
1181 iov
.iov_len
= need
- bus
->rbuffer_size
;
1183 if (bus
->prefer_readv
)
1184 k
= readv(bus
->input_fd
, &iov
, 1);
1189 mh
.msg_control
= &control
;
1190 mh
.msg_controllen
= sizeof(control
);
1192 k
= recvmsg(bus
->input_fd
, &mh
, MSG_DONTWAIT
|MSG_NOSIGNAL
|MSG_CMSG_CLOEXEC
);
1193 if (k
< 0 && errno
== ENOTSOCK
) {
1194 bus
->prefer_readv
= true;
1195 k
= readv(bus
->input_fd
, &iov
, 1);
1200 return errno
== EAGAIN
? 0 : -errno
;
1204 bus
->rbuffer_size
+= k
;
1207 struct cmsghdr
*cmsg
;
1209 CMSG_FOREACH(cmsg
, &mh
)
1210 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1211 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1214 n
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1216 if (!bus
->can_fds
) {
1217 /* Whut? We received fds but this
1218 * isn't actually enabled? Close them,
1221 close_many((int*) CMSG_DATA(cmsg
), n
);
1225 f
= realloc(bus
->fds
, sizeof(int) * (bus
->n_fds
+ n
));
1227 close_many((int*) CMSG_DATA(cmsg
), n
);
1231 memcpy_safe(f
+ bus
->n_fds
, CMSG_DATA(cmsg
), n
* sizeof(int));
1235 log_debug("Got unexpected auxiliary data with level=%d and type=%d",
1236 cmsg
->cmsg_level
, cmsg
->cmsg_type
);
1239 r
= bus_socket_read_message_need(bus
, &need
);
1243 if (bus
->rbuffer_size
>= need
)
1244 return bus_socket_make_message(bus
, need
);
1249 int bus_socket_process_opening(sd_bus
*b
) {
1251 socklen_t slen
= sizeof(error
);
1258 assert(b
->state
== BUS_OPENING
);
1264 if (!(p
.revents
& (POLLOUT
|POLLERR
|POLLHUP
)))
1267 r
= getsockopt(b
->output_fd
, SOL_SOCKET
, SO_ERROR
, &error
, &slen
);
1269 b
->last_connect_error
= errno
;
1270 else if (error
!= 0)
1271 b
->last_connect_error
= error
;
1272 else if (p
.revents
& (POLLERR
|POLLHUP
))
1273 b
->last_connect_error
= ECONNREFUSED
;
1275 return bus_socket_start_auth(b
);
1277 return bus_next_address(b
);
1280 int bus_socket_process_authenticating(sd_bus
*b
) {
1284 assert(b
->state
== BUS_AUTHENTICATING
);
1286 if (now(CLOCK_MONOTONIC
) >= b
->auth_timeout
)
1289 r
= bus_socket_write_auth(b
);
1293 return bus_socket_read_auth(b
);
1296 int bus_socket_process_watch_bind(sd_bus
*b
) {
1300 assert(b
->state
== BUS_WATCH_BIND
);
1301 assert(b
->inotify_fd
>= 0);
1303 r
= flush_fd(b
->inotify_fd
);
1307 log_debug("Got inotify event on bus %s.", strna(b
->description
));
1309 /* We flushed events out of the inotify fd. In that case, maybe the socket is valid now? Let's try to connect
1312 r
= bus_socket_connect(b
);
1316 q
= bus_attach_io_events(b
);
1320 q
= bus_attach_inotify_event(b
);