[systemd-commits] src/libsystemd-bus src/systemd

[Lennart Poettering]

 src/libsystemd-bus/bus-kernel.c  |    5 ++++-
 src/libsystemd-bus/bus-message.c |   19 +++++++++++++++++++
 src/libsystemd-bus/bus-message.h |    3 +++
 src/systemd/sd-bus.h             |    1 +
 4 files changed, 27 insertions(+), 1 deletion(-)

New commits:
commit 102ea8e4f27f0e54de88e7fb7667fd1ed84072ec
Author: Lennart Poettering <lennart at poettering.net>
Date:   Tue Apr 23 00:14:30 2013 -0300

    bus: parse capability kdbus meta data of messages

diff --git a/src/libsystemd-bus/bus-kernel.c b/src/libsystemd-bus/bus-kernel.c
index 42b1696..9e057fb 100644
--- a/src/libsystemd-bus/bus-kernel.c
+++ b/src/libsystemd-bus/bus-kernel.c
@@ -475,7 +475,10 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k, sd_bus_mess
                         m->cgroup = d->str;
                 else if (d->type == KDBUS_MSG_SRC_AUDIT)
                         m->audit = &d->audit;
-                else
+                else if (d->type == KDBUS_MSG_SRC_CAPS) {
+                        m->capability = d->data;
+                        m->capability_size = l;
+                } else
                         log_debug("Got unknown field from kernel %llu", d->type);
         }
 
diff --git a/src/libsystemd-bus/bus-message.c b/src/libsystemd-bus/bus-message.c
index 6b4a0f3..835a9f9 100644
--- a/src/libsystemd-bus/bus-message.c
+++ b/src/libsystemd-bus/bus-message.c
@@ -928,6 +928,23 @@ int sd_bus_message_get_audit_loginuid(sd_bus_message *m, uid_t *uid) {
         return 0;
 }
 
+int sd_bus_message_has_effective_cap(sd_bus_message *m, int capability) {
+        unsigned sz;
+
+        if (!m)
+                return -EINVAL;
+        if (capability < 0)
+                return -EINVAL;
+        if (!m->capability)
+                return -ESRCH;
+
+        sz = m->capability_size / 4;
+        if ((unsigned) capability >= sz*8)
+                return 0;
+
+        return !!(m->capability[2 * sz + (capability / 8)] & (1 << (capability % 8)));
+}
+
 int sd_bus_message_is_signal(sd_bus_message *m, const char *interface, const char *member) {
         if (!m)
                 return -EINVAL;
@@ -3193,6 +3210,8 @@ int bus_message_dump(sd_bus_message *m) {
         if (sd_bus_message_get_audit_sessionid(m, &audit_sessionid) >= 0)
                 printf("\taudit_sessionid=%lu\n", (unsigned long) audit_sessionid);
 
+        printf("\tCAP_KILL=%i\n", sd_bus_message_has_effective_cap(m, 5));
+
         if (sd_bus_message_get_cmdline(m, &cmdline) >= 0) {
                 char **c;
 
diff --git a/src/libsystemd-bus/bus-message.h b/src/libsystemd-bus/bus-message.h
index 66b4348..9c0829c 100644
--- a/src/libsystemd-bus/bus-message.h
+++ b/src/libsystemd-bus/bus-message.h
@@ -121,6 +121,9 @@ struct sd_bus_message {
         char *user_unit;
 
         struct kdbus_audit *audit;
+
+        uint8_t *capability;
+        size_t capability_size;
 };
 
 #define BUS_MESSAGE_NEED_BSWAP(m) ((m)->header->endian != SD_BUS_NATIVE_ENDIAN)
diff --git a/src/systemd/sd-bus.h b/src/systemd/sd-bus.h
index 67923e7..8824efe 100644
--- a/src/systemd/sd-bus.h
+++ b/src/systemd/sd-bus.h
@@ -142,6 +142,7 @@ int sd_bus_message_get_session(sd_bus_message *m, const char **session);
 int sd_bus_message_get_owner_uid(sd_bus_message *m, uid_t *uid);
 int sd_bus_message_get_audit_sessionid(sd_bus_message *m, uint32_t *sessionid);
 int sd_bus_message_get_audit_loginuid(sd_bus_message *m, uid_t *loginuid);
+int sd_bus_message_has_effective_cap(sd_bus_message *m, int capability);
 
 int sd_bus_message_is_signal(sd_bus_message *m, const char *interface, const char *member);
 int sd_bus_message_is_method_call(sd_bus_message *m, const char *interface, const char *member);