[systemd-commits] 10 commits - TODO src/bus-driverd src/bus-proxyd src/libsystemd-bus
Lennart Poettering
lennart at kemper.freedesktop.org
Sat Dec 21 14:44:24 PST 2013
TODO | 2
src/bus-driverd/bus-driverd.c | 96 +++++++++++++++----------------
src/bus-proxyd/bus-proxyd.c | 14 ++--
src/libsystemd-bus/bus-control.c | 4 +
src/libsystemd-bus/bus-introspect.c | 13 +++-
src/libsystemd-bus/bus-introspect.h | 3
src/libsystemd-bus/bus-objects.c | 2
src/libsystemd-bus/test-bus-introspect.c | 2
8 files changed, 75 insertions(+), 61 deletions(-)
New commits:
commit dad5f697ddecf91c2ed6604731d907c0a38d0c5f
Author: Lennart Poettering <lennart at poettering.net>
Date: Sat Dec 21 23:32:45 2013 +0100
update TODO
diff --git a/TODO b/TODO
index 6194443..6caa020 100644
--- a/TODO
+++ b/TODO
@@ -120,6 +120,7 @@ Features:
- add API to clone sd_bus_message objects
- SD_BUS_COMMENT() macro for inclusion in vtables, syntax inspired by gdbus
- kdbus: matches against source or destination pids for an "strace -p"-like feel. Problem: The PID info needs to be available in userspace too...
+ - kdbus: we need a way to figure out whether there's currently an activator for a name that is already activated
- longer term:
* priority queues
* priority inheritance
commit 780f962c3eaa88370c1b69a8c53b2cacc3481598
Author: Lennart Poettering <lennart at poettering.net>
Date: Sat Dec 21 23:26:51 2013 +0100
bus: fix bad memory access in driverd when we get an empty triggers list
diff --git a/src/bus-driverd/bus-driverd.c b/src/bus-driverd/bus-driverd.c
index 8dd3418..a420e7f 100644
--- a/src/bus-driverd/bus-driverd.c
+++ b/src/bus-driverd/bus-driverd.c
@@ -694,7 +694,7 @@ static int driver_start_service_by_name(sd_bus *bus, sd_bus_message *m, void *us
if (r < 0)
return r;
- if (!t[0] || t[1])
+ if (!t || !t[0] || t[1])
return -EIO;
r = sd_bus_call_method(
commit c20733832fdfc780380f1b276655d69782057e49
Author: Lennart Poettering <lennart at poettering.net>
Date: Sat Dec 21 18:47:33 2013 +0100
bus: when getting credentials of a bus name that is activatable but not activated, say we don't have anything.
diff --git a/src/libsystemd-bus/bus-control.c b/src/libsystemd-bus/bus-control.c
index c3186a0..f08d78a 100644
--- a/src/libsystemd-bus/bus-control.c
+++ b/src/libsystemd-bus/bus-control.c
@@ -387,6 +387,10 @@ static int bus_get_owner_kdbus(
conn_info = (struct kdbus_conn_info *) ((uint8_t *) bus->kdbus_buffer + cmd->offset);
+ /* Non-activated names are considered not available */
+ if (conn_info->flags & KDBUS_HELLO_ACTIVATOR)
+ return name[0] == ':' ? -ENXIO : -ENOENT;
+
c = bus_creds_new();
if (!c)
return -ENOMEM;
commit 050eb34da8bfe26ecdbda072ce945210279a9753
Author: Lennart Poettering <lennart at poettering.net>
Date: Sat Dec 21 18:35:27 2013 +0100
driverd: properly handle NameHasOwner() for unique names
diff --git a/src/bus-driverd/bus-driverd.c b/src/bus-driverd/bus-driverd.c
index b9c87d1..8dd3418 100644
--- a/src/bus-driverd/bus-driverd.c
+++ b/src/bus-driverd/bus-driverd.c
@@ -555,17 +555,17 @@ static int driver_list_queued_owners(sd_bus *bus, sd_bus_message *m, void *userd
}
static int driver_name_has_owner(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus_error *error) {
- char *arg0;
+ const char *name;
int r;
- r = sd_bus_message_read(m, "s", &arg0);
+ r = sd_bus_message_read(m, "s", &name);
if (r < 0)
return r;
- assert_return(service_name_is_valid(arg0), -EINVAL);
+ assert_return(service_name_is_valid(name), -EINVAL);
- r = sd_bus_get_owner(bus, arg0, 0, NULL);
- if (r < 0 && r != -ENOENT)
+ r = sd_bus_get_owner(bus, name, 0, NULL);
+ if (r < 0 && r != -ENOENT && r != -ENXIO)
return r;
return sd_bus_reply_method_return(m, "b", r >= 0);
commit 908b8720b8df3044b2398f14e5ce0c9a0b1e07dd
Author: Lennart Poettering <lennart at poettering.net>
Date: Sat Dec 21 18:31:00 2013 +0100
bus: unify credential query code in driverd
diff --git a/src/bus-driverd/bus-driverd.c b/src/bus-driverd/bus-driverd.c
index 0fff698..b9c87d1 100644
--- a/src/bus-driverd/bus-driverd.c
+++ b/src/bus-driverd/bus-driverd.c
@@ -364,21 +364,42 @@ finish:
return r;
}
-static int driver_get_security_ctx(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus_error *error) {
- _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
- _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
- char *arg0;
+static int get_creds(sd_bus *bus, sd_bus_message *m, uint64_t mask, sd_bus_creds **_creds, sd_bus_error *error) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *c = NULL;
+ const char *name;
int r;
- r = sd_bus_message_read(m, "s", &arg0);
+ assert(bus);
+ assert(m);
+ assert(_creds);
+
+ r = sd_bus_message_read(m, "s", &name);
if (r < 0)
return r;
- assert_return(service_name_is_valid(arg0), -EINVAL);
+ assert_return(service_name_is_valid(name), -EINVAL);
+
+ r = sd_bus_get_owner(bus, name, mask, &c);
+ if (r == -ENOENT || r == -ENXIO)
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NAME_HAS_NO_OWNER, "Name %s is currently not owned by anyone.", name);
+ if (r < 0)
+ return r;
- r = sd_bus_get_owner(bus, arg0, SD_BUS_CREDS_SELINUX_CONTEXT, &creds);
- if (r == -ENOENT)
- return sd_bus_error_setf(error, SD_BUS_ERROR_NAME_HAS_NO_OWNER, "Name %s is currently not owned by anyone.", arg0);
+ if ((c->mask & mask) != mask)
+ return -ENOTSUP;
+
+ *_creds = c;
+ c = NULL;
+
+ return 0;
+}
+
+static int driver_get_security_context(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus_error *error) {
+ _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+ int r;
+
+ r = get_creds(bus, m, SD_BUS_CREDS_SELINUX_CONTEXT, &creds, error);
if (r < 0)
return r;
@@ -395,42 +416,35 @@ static int driver_get_security_ctx(sd_bus *bus, sd_bus_message *m, void *userdat
static int driver_get_pid(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus_error *error) {
_cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
- char *arg0;
int r;
- r = sd_bus_message_read(m, "s", &arg0);
- if (r < 0)
- return r;
-
- assert_return(service_name_is_valid(arg0), -EINVAL);
-
- r = sd_bus_get_owner(bus, arg0, SD_BUS_CREDS_PID, &creds);
- if (r == -ENOENT)
- return sd_bus_error_setf(error, SD_BUS_ERROR_NAME_HAS_NO_OWNER, "Name %s is currently not owned by anyone.", arg0);
+ r = get_creds(bus, m, SD_BUS_CREDS_PID, &creds, error);
if (r < 0)
return r;
- return sd_bus_reply_method_return(m, "u", creds->pid);
+ return sd_bus_reply_method_return(m, "u", (uint32_t) creds->pid);
}
static int driver_get_user(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus_error *error) {
_cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
- char *arg0;
int r;
- r = sd_bus_message_read(m, "s", &arg0);
+ r = get_creds(bus, m, SD_BUS_CREDS_UID, &creds, error);
if (r < 0)
return r;
- assert_return(service_name_is_valid(arg0), -EINVAL);
+ return sd_bus_reply_method_return(m, "u", (uint32_t) creds->uid);
+}
+
+static int driver_get_name_owner(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus_error *error) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+ int r;
- r = sd_bus_get_owner(bus, arg0, SD_BUS_CREDS_UID, &creds);
- if (r == -ENOENT)
- return sd_bus_error_setf(error, SD_BUS_ERROR_NAME_HAS_NO_OWNER, "Name %s is currently not owned by anyone.", arg0);
+ r = get_creds(bus, m, SD_BUS_CREDS_UNIQUE_NAME, &creds, error);
if (r < 0)
return r;
- return sd_bus_reply_method_return(m, "u", creds->uid);
+ return sd_bus_reply_method_return(m, "s", creds->unique_name);
}
static int driver_get_id(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus_error *error) {
@@ -445,26 +459,6 @@ static int driver_get_id(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus_
return sd_bus_reply_method_return(m, "s", sd_id128_to_string(server_id, buf));
}
-static int driver_get_name_owner(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus_error *error) {
- _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
- char *arg0;
- int r;
-
- r = sd_bus_message_read(m, "s", &arg0);
- if (r < 0)
- return r;
-
- assert_return(service_name_is_valid(arg0), -EINVAL);
-
- r = sd_bus_get_owner(bus, arg0, SD_BUS_CREDS_UNIQUE_NAME, &creds);
- if (r == -ENOENT)
- return sd_bus_error_setf(error, SD_BUS_ERROR_NAME_HAS_NO_OWNER, "Name %s is currently not owned by anyone.", arg0);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(m, "s", creds->unique_name);
-}
-
static int driver_hello(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus_error *error) {
return sd_bus_reply_method_return(m, "s", m->sender);
}
@@ -727,7 +721,7 @@ static int driver_unsupported(sd_bus *bus, sd_bus_message *m, void *userdata, sd
static const sd_bus_vtable driver_vtable[] = {
SD_BUS_VTABLE_START(0),
SD_BUS_METHOD("AddMatch", "s", NULL, driver_add_match, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("GetConnectionSELinuxSecurityContext", "s", "ay", driver_get_security_ctx, SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD("GetConnectionSELinuxSecurityContext", "s", "ay", driver_get_security_context, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("GetConnectionUnixProcessID", "s", "u", driver_get_pid, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("GetConnectionUnixUser", "s", "u", driver_get_user, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("GetId", NULL, "s", driver_get_id, SD_BUS_VTABLE_UNPRIVILEGED),
commit aa56560dbbd485e61fb527214a5211d4b683b3e8
Author: Lennart Poettering <lennart at poettering.net>
Date: Sat Dec 21 18:21:49 2013 +0100
bus: when client asks driverd for credentials of a name, return a useful error if that name doesn't exist on the bus
diff --git a/src/bus-driverd/bus-driverd.c b/src/bus-driverd/bus-driverd.c
index 61491a3..0fff698 100644
--- a/src/bus-driverd/bus-driverd.c
+++ b/src/bus-driverd/bus-driverd.c
@@ -377,6 +377,8 @@ static int driver_get_security_ctx(sd_bus *bus, sd_bus_message *m, void *userdat
assert_return(service_name_is_valid(arg0), -EINVAL);
r = sd_bus_get_owner(bus, arg0, SD_BUS_CREDS_SELINUX_CONTEXT, &creds);
+ if (r == -ENOENT)
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NAME_HAS_NO_OWNER, "Name %s is currently not owned by anyone.", arg0);
if (r < 0)
return r;
@@ -403,6 +405,8 @@ static int driver_get_pid(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bus
assert_return(service_name_is_valid(arg0), -EINVAL);
r = sd_bus_get_owner(bus, arg0, SD_BUS_CREDS_PID, &creds);
+ if (r == -ENOENT)
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NAME_HAS_NO_OWNER, "Name %s is currently not owned by anyone.", arg0);
if (r < 0)
return r;
@@ -421,6 +425,8 @@ static int driver_get_user(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bu
assert_return(service_name_is_valid(arg0), -EINVAL);
r = sd_bus_get_owner(bus, arg0, SD_BUS_CREDS_UID, &creds);
+ if (r == -ENOENT)
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NAME_HAS_NO_OWNER, "Name %s is currently not owned by anyone.", arg0);
if (r < 0)
return r;
@@ -451,6 +457,8 @@ static int driver_get_name_owner(sd_bus *bus, sd_bus_message *m, void *userdata,
assert_return(service_name_is_valid(arg0), -EINVAL);
r = sd_bus_get_owner(bus, arg0, SD_BUS_CREDS_UNIQUE_NAME, &creds);
+ if (r == -ENOENT)
+ return sd_bus_error_setf(error, SD_BUS_ERROR_NAME_HAS_NO_OWNER, "Name %s is currently not owned by anyone.", arg0);
if (r < 0)
return r;
commit 8875e122f0014758a987e2de3eafbd6a8bfef515
Author: Lennart Poettering <lennart at poettering.net>
Date: Sat Dec 21 18:13:05 2013 +0100
driverd: make sure AddMatch is accessible without privileges
diff --git a/src/bus-driverd/bus-driverd.c b/src/bus-driverd/bus-driverd.c
index de23445..61491a3 100644
--- a/src/bus-driverd/bus-driverd.c
+++ b/src/bus-driverd/bus-driverd.c
@@ -718,7 +718,7 @@ static int driver_unsupported(sd_bus *bus, sd_bus_message *m, void *userdata, sd
static const sd_bus_vtable driver_vtable[] = {
SD_BUS_VTABLE_START(0),
- SD_BUS_METHOD("AddMatch", "s", NULL, driver_add_match, 0),
+ SD_BUS_METHOD("AddMatch", "s", NULL, driver_add_match, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("GetConnectionSELinuxSecurityContext", "s", "ay", driver_get_security_ctx, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("GetConnectionUnixProcessID", "s", "u", driver_get_pid, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("GetConnectionUnixUser", "s", "u", driver_get_user, SD_BUS_VTABLE_UNPRIVILEGED),
commit 2aa40788f75d97e2b2187d94ee90430809a2d04a
Author: Lennart Poettering <lennart at poettering.net>
Date: Sat Dec 21 18:13:01 2013 +0100
update TODO
diff --git a/TODO b/TODO
index c9ed37e..6194443 100644
--- a/TODO
+++ b/TODO
@@ -114,7 +114,6 @@ Features:
* libsystemd-bus:
- when kdbus doesn't take our message without memfds, try again with memfds
- implement monitor logic
- - properly map matches with well-known names against messages with unique names
- when triggering property change events, allow a NULL strv indicate that all properties listed as such are send out as changed
- see if we can drop more message validation on the sending side
- support "const" properties as flag
commit 7fb411f035e68b5f3f5e2893157739c9da9917b0
Author: Lennart Poettering <lennart at poettering.net>
Date: Sat Dec 21 18:08:39 2013 +0100
bus: when introspecting, turn unprivileged flag into inverse annoation of "privileged"
Internally, it makes sense to have a default of "privileged" for
methods, and a flag to open it up. However, externally in the bus
introspection turn this around since negative options actually suck.
diff --git a/src/libsystemd-bus/bus-introspect.c b/src/libsystemd-bus/bus-introspect.c
index 504fab1..4d5c25a 100644
--- a/src/libsystemd-bus/bus-introspect.c
+++ b/src/libsystemd-bus/bus-introspect.c
@@ -26,10 +26,11 @@
#include "bus-internal.h"
#include "bus-protocol.h"
-int introspect_begin(struct introspect *i) {
+int introspect_begin(struct introspect *i, bool trusted) {
assert(i);
zero(*i);
+ i->trusted = trusted;
i->f = open_memstream(&i->introspection, &i->size);
if (!i->f)
@@ -87,8 +88,10 @@ static void introspect_write_flags(struct introspect *i, int type, int flags) {
fputs(" <annotation name=\"org.freedesktop.DBus.Property.EmitsChangedSignal\" value=\"invalidates\"/>\n", i->f);
}
- if ((type == _SD_BUS_VTABLE_METHOD || type == _SD_BUS_VTABLE_WRITABLE_PROPERTY) && (flags & SD_BUS_VTABLE_UNPRIVILEGED))
- fputs(" <annotation name=\"org.freedesktop.systemd1.Unprivileged\" value=\"true\"/>\n", i->f);
+ if (!i->trusted &&
+ (type == _SD_BUS_VTABLE_METHOD || type == _SD_BUS_VTABLE_WRITABLE_PROPERTY) &&
+ !(flags & SD_BUS_VTABLE_UNPRIVILEGED))
+ fputs(" <annotation name=\"org.freedesktop.systemd1.Privileged\" value=\"true\"/>\n", i->f);
}
static int introspect_write_arguments(struct introspect *i, const char *signature, const char *direction) {
@@ -121,6 +124,10 @@ int introspect_write_interface(struct introspect *i, const sd_bus_vtable *v) {
for (; v->type != _SD_BUS_VTABLE_END; v++) {
+ /* Ignore methods, signals and properties that are
+ * marked "hidden", but do show the interface
+ * itself */
+
if (v->type != _SD_BUS_VTABLE_START && (v->flags & SD_BUS_VTABLE_HIDDEN))
continue;
diff --git a/src/libsystemd-bus/bus-introspect.h b/src/libsystemd-bus/bus-introspect.h
index 0be12cf..98312d1 100644
--- a/src/libsystemd-bus/bus-introspect.h
+++ b/src/libsystemd-bus/bus-introspect.h
@@ -31,9 +31,10 @@ struct introspect {
FILE *f;
char *introspection;
size_t size;
+ bool trusted;
};
-int introspect_begin(struct introspect *i);
+int introspect_begin(struct introspect *i, bool trusted);
int introspect_write_default_interfaces(struct introspect *i, bool object_manager);
int introspect_write_child_nodes(struct introspect *i, Set *s, const char *prefix);
int introspect_write_interface(struct introspect *i, const sd_bus_vtable *v);
diff --git a/src/libsystemd-bus/bus-objects.c b/src/libsystemd-bus/bus-objects.c
index 54ed754..c3889b7 100644
--- a/src/libsystemd-bus/bus-objects.c
+++ b/src/libsystemd-bus/bus-objects.c
@@ -831,7 +831,7 @@ static int process_introspect(
if (bus->nodes_modified)
return 0;
- r = introspect_begin(&intro);
+ r = introspect_begin(&intro, bus->trusted);
if (r < 0)
return r;
diff --git a/src/libsystemd-bus/test-bus-introspect.c b/src/libsystemd-bus/test-bus-introspect.c
index 50c4c2d..574479d 100644
--- a/src/libsystemd-bus/test-bus-introspect.c
+++ b/src/libsystemd-bus/test-bus-introspect.c
@@ -50,7 +50,7 @@ int main(int argc, char *argv[]) {
log_set_max_level(LOG_DEBUG);
- assert_se(introspect_begin(&intro) >= 0);
+ assert_se(introspect_begin(&intro, false) >= 0);
fprintf(intro.f, " <interface name=\"org.foo\">\n");
assert_se(introspect_write_interface(&intro, vtable) >= 0);
commit b2bb3469fd01cec57f1f1726edb5b851ff8427ad
Author: Lennart Poettering <lennart at poettering.net>
Date: Sat Dec 21 17:46:35 2013 +0100
bus: poll() on the right fds in proxyd
diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c
index d8caf40..91472d9 100644
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@@ -266,6 +266,7 @@ int main(int argc, char *argv[]) {
int events_a, events_b, fd;
uint64_t timeout_a, timeout_b, t;
struct timespec _ts, *ts;
+ struct pollfd *pollfd;
int k;
r = sd_bus_process(a, &m);
@@ -374,14 +375,13 @@ int main(int argc, char *argv[]) {
ts = timespec_store(&_ts, t);
}
- {
- struct pollfd p[3] = {
- {.fd = fd, .events = events_a, },
- {.fd = STDIN_FILENO, .events = events_b & POLLIN, },
- {.fd = STDOUT_FILENO, .events = events_b & POLLOUT, }};
+ pollfd = (struct pollfd[3]) {
+ {.fd = fd, .events = events_a, },
+ {.fd = in_fd, .events = events_b & POLLIN, },
+ {.fd = out_fd, .events = events_b & POLLOUT, }
+ };
- r = ppoll(p, ELEMENTSOF(p), ts, NULL);
- }
+ r = ppoll(pollfd, 3, ts, NULL);
if (r < 0) {
log_error("ppoll() failed: %m");
goto finish;
More information about the systemd-commits
mailing list