diff options
| author | Lennart Poettering <lennart@poettering.net> | 2014-12-23 21:06:01 +0100 | 
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2014-12-23 21:06:01 +0100 | 
| commit | 18d703816300790b041c4fd6991e3561aa2704cb (patch) | |
| tree | 9888f388d7a04370fe42c8b769973dfb8aaaac48 /src | |
| parent | 8b169c0fc24cd63ab24a5389a93bf2151b0c28eb (diff) | |
bus: add missing bus-policy.[ch]
Accidentally forgot to commit this. Sorry!
Diffstat (limited to 'src')
| -rw-r--r-- | src/core/bus-policy.c | 174 | ||||
| -rw-r--r-- | src/core/bus-policy.h | 66 | 
2 files changed, 240 insertions, 0 deletions
| diff --git a/src/core/bus-policy.c b/src/core/bus-policy.c new file mode 100644 index 0000000000..710283dcd1 --- /dev/null +++ b/src/core/bus-policy.c @@ -0,0 +1,174 @@ +/*** +  This file is part of systemd. + +  Copyright 2014 Daniel Mack + +  systemd is free software; you can redistribute it and/or modify it +  under the terms of the GNU Lesser General Public License as published by +  the Free Software Foundation; either version 2.1 of the License, or +  (at your option) any later version. + +  systemd is distributed in the hope that it will be useful, but +  WITHOUT ANY WARRANTY; without even the implied warranty of +  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +  Lesser General Public License for more details. + +  You should have received a copy of the GNU Lesser General Public License +  along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <stdlib.h> + +#include "kdbus.h" +#include "util.h" +#include "bus-kernel.h" +#include "bus-policy.h" + +int bus_kernel_translate_access(BusPolicyAccess access) { +        assert(access >= 0); +        assert(access < _BUS_POLICY_ACCESS_MAX); + +        switch (access) { + +        case BUS_POLICY_ACCESS_SEE: +                return KDBUS_POLICY_SEE; + +        case BUS_POLICY_ACCESS_TALK: +                return KDBUS_POLICY_TALK; + +        case BUS_POLICY_ACCESS_OWN: +                return KDBUS_POLICY_OWN; + +        default: +                assert_not_reached("Unknown policy access"); +        } +} + +int bus_kernel_translate_policy(const BusNamePolicy *policy, struct kdbus_item *item) { +        int r; + +        assert(policy); +        assert(item); + +        switch (policy->type) { + +        case BUSNAME_POLICY_TYPE_USER: { +                const char *user = policy->name; +                uid_t uid; + +                r = get_user_creds(&user, &uid, NULL, NULL, NULL); +                if (r < 0) +                        return r; + +                item->policy_access.type = KDBUS_POLICY_ACCESS_USER; +                item->policy_access.id = uid; +                break; +        } + +        case BUSNAME_POLICY_TYPE_GROUP: { +                const char *group = policy->name; +                gid_t gid; + +                r = get_group_creds(&group, &gid); +                if (r < 0) +                        return r; + +                item->policy_access.type = KDBUS_POLICY_ACCESS_GROUP; +                item->policy_access.id = gid; +                break; +        } + +        default: +                assert_not_reached("Unknown policy type"); +        } + +        item->policy_access.access = bus_kernel_translate_access(policy->access); + +        return 0; +} + +int bus_kernel_make_starter( +                int fd, +                const char *name, +                bool activating, +                bool accept_fd, +                BusNamePolicy *policy, +                BusPolicyAccess world_policy) { + +        struct kdbus_cmd_free cmd_free = { .size = sizeof(cmd_free) }; +        struct kdbus_cmd_hello *hello; +        struct kdbus_item *n; +        size_t policy_cnt = 0; +        BusNamePolicy *po; +        size_t size; +        int r; + +        assert(fd >= 0); +        assert(name); + +        LIST_FOREACH(policy, po, policy) +                policy_cnt++; + +        if (world_policy >= 0) +                policy_cnt++; + +        size = offsetof(struct kdbus_cmd_hello, items) + +               ALIGN8(offsetof(struct kdbus_item, str) + strlen(name) + 1) + +               policy_cnt * ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access)); + +        hello = alloca0_align(size, 8); + +        n = hello->items; +        strcpy(n->str, name); +        n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1; +        n->type = KDBUS_ITEM_NAME; +        n = KDBUS_ITEM_NEXT(n); + +        LIST_FOREACH(policy, po, policy) { +                n->type = KDBUS_ITEM_POLICY_ACCESS; +                n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access); + +                r = bus_kernel_translate_policy(po, n); +                if (r < 0) +                        return r; + +                n = KDBUS_ITEM_NEXT(n); +        } + +        if (world_policy >= 0) { +                n->type = KDBUS_ITEM_POLICY_ACCESS; +                n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access); +                n->policy_access.type = KDBUS_POLICY_ACCESS_WORLD; +                n->policy_access.access = bus_kernel_translate_access(world_policy); +        } + +        hello->size = size; +        hello->flags = +                (activating ? KDBUS_HELLO_ACTIVATOR : KDBUS_HELLO_POLICY_HOLDER) | +                (accept_fd ? KDBUS_HELLO_ACCEPT_FD : 0); +        hello->pool_size = KDBUS_POOL_SIZE; +        hello->attach_flags_send = _KDBUS_ATTACH_ANY; +        hello->attach_flags_recv = _KDBUS_ATTACH_ANY; + +        if (ioctl(fd, KDBUS_CMD_HELLO, hello) < 0) +                return -errno; + +        /* not interested in any output values */ +        cmd_free.offset = hello->offset; +        (void) ioctl(fd, KDBUS_CMD_FREE, &cmd_free); + +        /* The higher 32bit of the bus_flags fields are considered +         * 'incompatible flags'. Refuse them all for now. */ +        if (hello->bus_flags > 0xFFFFFFFFULL) +                return -ENOTSUP; + +        return fd; +} + +static const char* const bus_policy_access_table[_BUS_POLICY_ACCESS_MAX] = { +        [BUS_POLICY_ACCESS_SEE] = "see", +        [BUS_POLICY_ACCESS_TALK] = "talk", +        [BUS_POLICY_ACCESS_OWN] = "own", +}; + +DEFINE_STRING_TABLE_LOOKUP(bus_policy_access, BusPolicyAccess); diff --git a/src/core/bus-policy.h b/src/core/bus-policy.h new file mode 100644 index 0000000000..3b04f5457a --- /dev/null +++ b/src/core/bus-policy.h @@ -0,0 +1,66 @@ +/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ + +#pragma once + +/*** +  This file is part of systemd. + +  Copyright 2014 Daniel Mack + +  systemd is free software; you can redistribute it and/or modify it +  under the terms of the GNU Lesser General Public License as published by +  the Free Software Foundation; either version 2.1 of the License, or +  (at your option) any later version. + +  systemd is distributed in the hope that it will be useful, but +  WITHOUT ANY WARRANTY; without even the implied warranty of +  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +  Lesser General Public License for more details. + +  You should have received a copy of the GNU Lesser General Public License +  along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include "list.h" +#include "macro.h" +#include "kdbus.h" + +typedef struct BusNamePolicy BusNamePolicy; + +typedef enum BusPolicyAccess { +        BUS_POLICY_ACCESS_SEE, +        BUS_POLICY_ACCESS_TALK, +        BUS_POLICY_ACCESS_OWN, +        _BUS_POLICY_ACCESS_MAX, +        _BUS_POLICY_ACCESS_INVALID = -1 +} BusPolicyAccess; + +typedef enum BusNamePolicyType { +        BUSNAME_POLICY_TYPE_USER, +        BUSNAME_POLICY_TYPE_GROUP, +        _BUSNAME_POLICY_TYPE_MAX, +        _BUSNAME_POLICY_TYPE_INVALID = -1 +} BusNamePolicyType; + +struct BusNamePolicy { +        BusNamePolicyType type; +        BusPolicyAccess access; + +        char *name; + +        LIST_FIELDS(BusNamePolicy, policy); +}; + +int bus_kernel_translate_access(BusPolicyAccess access); +int bus_kernel_translate_policy(const BusNamePolicy *policy, struct kdbus_item *item); + +const char* bus_policy_access_to_string(BusPolicyAccess i) _const_; +BusPolicyAccess bus_policy_access_from_string(const char *s) _pure_; + +int bus_kernel_make_starter( +                int fd, +                const char *name, +                bool activating, +                bool accept_fd, +                BusNamePolicy *policy, +                BusPolicyAccess world_policy); | 
