]> git.ipfire.org Git - thirdparty/systemd.git/blobdiff - src/libsystemd/sd-bus/bus-socket.c
tree-wide: use sd_id128_is_null() instead of sd_id128_equal where appropriate
[thirdparty/systemd.git] / src / libsystemd / sd-bus / bus-socket.c
index 24b9c4d117a3c96edb4192452d621aad3f0deead..cfd775313905a9faa79c1f5c31dd4571f2dbf939 100644 (file)
@@ -1,5 +1,3 @@
-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
 /***
   This file is part of systemd.
 
 ***/
 
 #include <endian.h>
+#include <poll.h>
 #include <stdlib.h>
 #include <unistd.h>
-#include <poll.h>
 
-#include "util.h"
-#include "macro.h"
-#include "missing.h"
-#include "utf8.h"
+#include "sd-bus.h"
 #include "sd-daemon.h"
-#include "formats-util.h"
 
-#include "sd-bus.h"
-#include "bus-socket.h"
+#include "alloc-util.h"
 #include "bus-internal.h"
 #include "bus-message.h"
+#include "bus-socket.h"
+#include "fd-util.h"
+#include "formats-util.h"
+#include "hexdecoct.h"
+#include "macro.h"
+#include "missing.h"
+#include "selinux-util.h"
+#include "signal-util.h"
+#include "stdio-util.h"
+#include "string-util.h"
+#include "user-util.h"
+#include "utf8.h"
+#include "util.h"
 
 #define SNDBUF_SIZE (8*1024*1024)
 
@@ -54,7 +60,7 @@ static void iovec_advance(struct iovec iov[], unsigned *idx, size_t size) {
                 i->iov_base = NULL;
                 i->iov_len = 0;
 
-                (*idx) ++;
+                (*idx)++;
         }
 }
 
@@ -215,7 +221,7 @@ static int bus_socket_auth_verify_client(sd_bus *b) {
                 peer.bytes[i/2] = ((uint8_t) x << 4 | (uint8_t) y);
         }
 
-        if (!sd_id128_equal(b->server_id, SD_ID128_NULL) &&
+        if (!sd_id128_is_null(b->server_id) &&
             !sd_id128_equal(b->server_id, peer))
                 return -EPERM;
 
@@ -263,6 +269,8 @@ static bool line_begins(const char *s, size_t m, const char *word) {
 
 static int verify_anonymous_token(sd_bus *b, const char *p, size_t l) {
         _cleanup_free_ char *token = NULL;
+        size_t len;
+        int r;
 
         if (!b->anonymous_auth)
                 return 0;
@@ -275,11 +283,12 @@ static int verify_anonymous_token(sd_bus *b, const char *p, size_t l) {
 
         if (l % 2 != 0)
                 return 0;
-        token = unhexmem(p, l);
-        if (!token)
-                return -ENOMEM;
 
-        if (memchr(token, 0, l/2))
+        r = unhexmem(p, l, (void **) &token, &len);
+        if (r < 0)
+                return 0;
+
+        if (memchr(token, 0, len))
                 return 0;
 
         return !!utf8_is_valid(token);
@@ -287,6 +296,7 @@ static int verify_anonymous_token(sd_bus *b, const char *p, size_t l) {
 
 static int verify_external_token(sd_bus *b, const char *p, size_t l) {
         _cleanup_free_ char *token = NULL;
+        size_t len;
         uid_t u;
         int r;
 
@@ -306,11 +316,11 @@ static int verify_external_token(sd_bus *b, const char *p, size_t l) {
         if (l % 2 != 0)
                 return 0;
 
-        token = unhexmem(p, l);
-        if (!token)
-                return -ENOMEM;
+        r = unhexmem(p, l, (void**) &token, &len);
+        if (r < 0)
+                return 0;
 
-        if (memchr(token, 0, l/2))
+        if (memchr(token, 0, len))
                 return 0;
 
         r = parse_uid(token, &u);
@@ -340,7 +350,7 @@ static int bus_socket_auth_write(sd_bus *b, const char *t) {
         if (!p)
                 return -ENOMEM;
 
-        memcpy(p, b->auth_iovec[0].iov_base, b->auth_iovec[0].iov_len);
+        memcpy_safe(p, b->auth_iovec[0].iov_base, b->auth_iovec[0].iov_len);
         memcpy(p + b->auth_iovec[0].iov_len, t, l);
 
         b->auth_iovec[0].iov_base = p;
@@ -492,18 +502,15 @@ static int bus_socket_auth_verify(sd_bus *b) {
 
 static int bus_socket_read_auth(sd_bus *b) {
         struct msghdr mh;
-        struct iovec iov;
+        struct iovec iov = {};
         size_t n;
         ssize_t k;
         int r;
         void *p;
         union {
                 struct cmsghdr cmsghdr;
-                uint8_t buf[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX) +
-                            CMSG_SPACE(sizeof(struct ucred)) +
-                            CMSG_SPACE(NAME_MAX)]; /*selinux label */
+                uint8_t buf[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX)];
         } control;
-        struct cmsghdr *cmsg;
         bool handle_cmsg = false;
 
         assert(b);
@@ -527,7 +534,6 @@ static int bus_socket_read_auth(sd_bus *b) {
 
         b->rbuffer = p;
 
-        zero(iov);
         iov.iov_base = (uint8_t*) b->rbuffer + b->rbuffer_size;
         iov.iov_len = n - b->rbuffer_size;
 
@@ -555,7 +561,9 @@ static int bus_socket_read_auth(sd_bus *b) {
         b->rbuffer_size += k;
 
         if (handle_cmsg) {
-                for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
+                struct cmsghdr *cmsg;
+
+                CMSG_FOREACH(cmsg, &mh)
                         if (cmsg->cmsg_level == SOL_SOCKET &&
                             cmsg->cmsg_type == SCM_RIGHTS) {
                                 int j;
@@ -566,30 +574,9 @@ static int bus_socket_read_auth(sd_bus *b) {
                                 j = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
                                 close_many((int*) CMSG_DATA(cmsg), j);
                                 return -EIO;
-
-                        } else if (cmsg->cmsg_level == SOL_SOCKET &&
-                                   cmsg->cmsg_type == SCM_CREDENTIALS &&
-                                   cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {
-
-                                /* Ignore bogus data, which we might
-                                 * get on socketpair() sockets */
-                                if (((struct ucred*) CMSG_DATA(cmsg))->pid != 0) {
-                                        memcpy(&b->ucred, CMSG_DATA(cmsg), sizeof(struct ucred));
-                                        b->ucred_valid = true;
-                                }
-
-                        } else if (cmsg->cmsg_level == SOL_SOCKET &&
-                                   cmsg->cmsg_type == SCM_SECURITY) {
-
-                                size_t l;
-
-                                l = cmsg->cmsg_len - CMSG_LEN(0);
-                                if (l > 0) {
-                                        memcpy(&b->label, CMSG_DATA(cmsg), l);
-                                        b->label[l] = 0;
-                                }
-                        }
-                }
+                        } else
+                                log_debug("Got unexpected auxiliary data with level=%d and type=%d",
+                                          cmsg->cmsg_level, cmsg->cmsg_type);
         }
 
         r = bus_socket_auth_verify(b);
@@ -600,18 +587,8 @@ static int bus_socket_read_auth(sd_bus *b) {
 }
 
 void bus_socket_setup(sd_bus *b) {
-        int enable;
-
         assert(b);
 
-        /* Enable SO_PASSCRED + SO_PASSEC. We try this on any
-         * socket, just in case. */
-        enable = !b->bus_client;
-        (void) setsockopt(b->input_fd, SOL_SOCKET, SO_PASSCRED, &enable, sizeof(enable));
-
-        enable = !b->bus_client && (b->attach_flags & KDBUS_ATTACH_SECLABEL);
-        (void) setsockopt(b->input_fd, SOL_SOCKET, SO_PASSSEC, &enable, sizeof(enable));
-
         /* Increase the buffers to 8 MB */
         fd_inc_rcvbuf(b->input_fd, SNDBUF_SIZE);
         fd_inc_sndbuf(b->output_fd, SNDBUF_SIZE);
@@ -622,10 +599,19 @@ void bus_socket_setup(sd_bus *b) {
 }
 
 static void bus_get_peercred(sd_bus *b) {
+        int r;
+
         assert(b);
 
         /* Get the peer for socketpair() sockets */
         b->ucred_valid = getpeercred(b->input_fd, &b->ucred) >= 0;
+
+        /* Get the SELinux context of the peer */
+        if (mac_selinux_have()) {
+                r = getpeersec(b->input_fd, &b->label);
+                if (r < 0 && r != -EOPNOTSUPP)
+                        log_debug_errno(r, "Failed to determine peer security context: %m");
+        }
 }
 
 static int bus_socket_start_auth_client(sd_bus *b) {
@@ -738,7 +724,8 @@ int bus_socket_exec(sd_bus *b) {
         if (pid == 0) {
                 /* Child */
 
-                reset_all_signal_handlers();
+                (void) reset_all_signal_handlers();
+                (void) reset_signal_mask();
 
                 close_all_fds(s+1, 1);
 
@@ -800,7 +787,7 @@ int bus_socket_write_message(sd_bus *bus, sd_bus_message *m, size_t *idx) {
 
         n = m->n_iovec * sizeof(struct iovec);
         iov = alloca(n);
-        memcpy(iov, m->iovec, n);
+        memcpy_safe(iov, m->iovec, n);
 
         j = 0;
         iovec_advance(iov, &j, *idx);
@@ -808,23 +795,21 @@ int bus_socket_write_message(sd_bus *bus, sd_bus_message *m, size_t *idx) {
         if (bus->prefer_writev)
                 k = writev(bus->output_fd, iov, m->n_iovec);
         else {
-                struct msghdr mh;
-                zero(mh);
+                struct msghdr mh = {
+                        .msg_iov = iov,
+                        .msg_iovlen = m->n_iovec,
+                };
 
                 if (m->n_fds > 0) {
                         struct cmsghdr *control;
-                        control = alloca(CMSG_SPACE(sizeof(int) * m->n_fds));
 
-                        mh.msg_control = control;
+                        mh.msg_control = control = alloca(CMSG_SPACE(sizeof(int) * m->n_fds));
+                        mh.msg_controllen = control->cmsg_len = CMSG_LEN(sizeof(int) * m->n_fds);
                         control->cmsg_level = SOL_SOCKET;
                         control->cmsg_type = SCM_RIGHTS;
-                        mh.msg_controllen = control->cmsg_len = CMSG_LEN(sizeof(int) * m->n_fds);
                         memcpy(CMSG_DATA(control), m->fds, sizeof(int) * m->n_fds);
                 }
 
-                mh.msg_iov = iov;
-                mh.msg_iovlen = m->n_iovec;
-
                 k = sendmsg(bus->output_fd, &mh, MSG_DONTWAIT|MSG_NOSIGNAL);
                 if (k < 0 && errno == ENOTSOCK) {
                         bus->prefer_writev = true;
@@ -916,7 +901,6 @@ static int bus_socket_make_message(sd_bus *bus, size_t size) {
                                     bus->rbuffer, size,
                                     bus->fds, bus->n_fds,
                                     NULL,
-                                    NULL,
                                     &t);
         if (r < 0) {
                 free(b);
@@ -936,18 +920,15 @@ static int bus_socket_make_message(sd_bus *bus, size_t size) {
 
 int bus_socket_read_message(sd_bus *bus) {
         struct msghdr mh;
-        struct iovec iov;
+        struct iovec iov = {};
         ssize_t k;
         size_t need;
         int r;
         void *b;
         union {
                 struct cmsghdr cmsghdr;
-                uint8_t buf[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX) +
-                            CMSG_SPACE(sizeof(struct ucred)) +
-                            CMSG_SPACE(NAME_MAX)]; /*selinux label */
+                uint8_t buf[CMSG_SPACE(sizeof(int) * BUS_FDS_MAX)];
         } control;
-        struct cmsghdr *cmsg;
         bool handle_cmsg = false;
 
         assert(bus);
@@ -966,7 +947,6 @@ int bus_socket_read_message(sd_bus *bus) {
 
         bus->rbuffer = b;
 
-        zero(iov);
         iov.iov_base = (uint8_t*) bus->rbuffer + bus->rbuffer_size;
         iov.iov_len = need - bus->rbuffer_size;
 
@@ -994,7 +974,9 @@ int bus_socket_read_message(sd_bus *bus) {
         bus->rbuffer_size += k;
 
         if (handle_cmsg) {
-                for (cmsg = CMSG_FIRSTHDR(&mh); cmsg; cmsg = CMSG_NXTHDR(&mh, cmsg)) {
+                struct cmsghdr *cmsg;
+
+                CMSG_FOREACH(cmsg, &mh)
                         if (cmsg->cmsg_level == SOL_SOCKET &&
                             cmsg->cmsg_type == SCM_RIGHTS) {
                                 int n, *f;
@@ -1010,37 +992,18 @@ int bus_socket_read_message(sd_bus *bus) {
                                         return -EIO;
                                 }
 
-                                f = realloc(bus->fds, sizeof(int) + (bus->n_fds + n));
+                                f = realloc(bus->fds, sizeof(int) * (bus->n_fds + n));
                                 if (!f) {
                                         close_many((int*) CMSG_DATA(cmsg), n);
                                         return -ENOMEM;
                                 }
 
-                                memcpy(f + bus->n_fds, CMSG_DATA(cmsg), n * sizeof(int));
+                                memcpy_safe(f + bus->n_fds, CMSG_DATA(cmsg), n * sizeof(int));
                                 bus->fds = f;
                                 bus->n_fds += n;
-                        } else if (cmsg->cmsg_level == SOL_SOCKET &&
-                                   cmsg->cmsg_type == SCM_CREDENTIALS &&
-                                   cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {
-
-                                /* Ignore bogus data, which we might
-                                 * get on socketpair() sockets */
-                                if (((struct ucred*) CMSG_DATA(cmsg))->pid != 0) {
-                                        memcpy(&bus->ucred, CMSG_DATA(cmsg), sizeof(struct ucred));
-                                        bus->ucred_valid = true;
-                                }
-
-                        } else if (cmsg->cmsg_level == SOL_SOCKET &&
-                                   cmsg->cmsg_type == SCM_SECURITY) {
-
-                                size_t l;
-                                l = cmsg->cmsg_len - CMSG_LEN(0);
-                                if (l > 0) {
-                                        memcpy(&bus->label, CMSG_DATA(cmsg), l);
-                                        bus->label[l] = 0;
-                                }
-                        }
-                }
+                        } else
+                                log_debug("Got unexpected auxiliary data with level=%d and type=%d",
+                                          cmsg->cmsg_level, cmsg->cmsg_type);
         }
 
         r = bus_socket_read_message_need(bus, &need);