From 04bf637e25a2e0134c7a3f82739e6245b257dd61 Mon Sep 17 00:00:00 2001
From: Ivan Kruglov <mail@ikruglov.com>
Date: Tue, 7 Jan 2025 11:10:44 +0100
Subject: [PATCH] machine: set SD_VARLINK_SERVER_ALLOW_FD_PASSING_OUTPUT for
 varlink server

---
 src/machine/machine-varlink.c  | 10 ++++------
 src/machine/machined-varlink.c |  6 +++++-
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/src/machine/machine-varlink.c b/src/machine/machine-varlink.c
index 89d047f954f..f680b5c3da6 100644
--- a/src/machine/machine-varlink.c
+++ b/src/machine/machine-varlink.c
@@ -479,10 +479,6 @@ int vl_method_open(sd_varlink *link, sd_json_variant *parameters, sd_varlink_met
         assert(link);
         assert(parameters);
 
-        r = sd_varlink_set_allow_fd_passing_output(link, true);
-        if (r < 0)
-                return log_error_errno(r, "Failed to enable varlink fd passing for write: %m");
-
         r = sd_varlink_dispatch(link, parameters, dispatch_table, &p);
         if (r != 0)
                 return r;
@@ -559,7 +555,8 @@ int vl_method_open(sd_varlink *link, sd_json_variant *parameters, sd_varlink_met
         }
 
         ptmx_fd_idx = sd_varlink_push_fd(link, ptmx_fd);
-        /* no need to handle -EPERM because we do sd_varlink_set_allow_fd_passing_output() above */
+        if (ERRNO_IS_PRIVILEGE(ptmx_fd_idx))
+                return sd_varlink_error(link, SD_VARLINK_ERROR_PERMISSION_DENIED, NULL);
         if (ptmx_fd_idx < 0)
                 return log_debug_errno(ptmx_fd_idx, "Failed to push file descriptor over varlink: %m");
 
@@ -944,7 +941,8 @@ int vl_method_open_root_directory_internal(sd_varlink *link, sd_json_variant *pa
                 return log_debug_errno(fd, "Failed to open root directory of machine '%s': %m", machine->name);
 
         int fd_idx = sd_varlink_push_fd(link, fd);
-        /* no need to handle -EPERM because server has SD_VARLINK_SERVER_ALLOW_FD_PASSING_OUTPUT */
+        if (ERRNO_IS_PRIVILEGE(fd_idx))
+                return sd_varlink_error(link, SD_VARLINK_ERROR_PERMISSION_DENIED, NULL);
         if (fd_idx < 0)
                 return log_debug_errno(fd_idx, "Failed to push file descriptor over varlink: %m");
 
diff --git a/src/machine/machined-varlink.c b/src/machine/machined-varlink.c
index b94cce296d8..da8d5615385 100644
--- a/src/machine/machined-varlink.c
+++ b/src/machine/machined-varlink.c
@@ -765,7 +765,11 @@ static int manager_varlink_init_machine(Manager *m) {
         if (m->varlink_machine_server)
                 return 0;
 
-        r = varlink_server_new(&s, SD_VARLINK_SERVER_ACCOUNT_UID|SD_VARLINK_SERVER_INHERIT_USERDATA, m);
+        r = varlink_server_new(
+                        &s,
+                        SD_VARLINK_SERVER_ACCOUNT_UID|SD_VARLINK_SERVER_INHERIT_USERDATA|
+                        SD_VARLINK_SERVER_ALLOW_FD_PASSING_OUTPUT,
+                        m);
         if (r < 0)
                 return log_error_errno(r, "Failed to allocate varlink server object: %m");
 
-- 
2.47.3