summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/libsystemd/libsystemd.sym.m41
-rw-r--r--src/libsystemd/sd-bus/bus-control.c11
-rw-r--r--src/libsystemd/sd-bus/bus-creds.c33
-rw-r--r--src/libsystemd/sd-bus/bus-creds.h1
-rw-r--r--src/libsystemd/sd-bus/bus-dump.c4
-rw-r--r--src/libsystemd/sd-bus/bus-kernel.c7
-rw-r--r--src/systemd/sd-bus.h60
7 files changed, 83 insertions, 34 deletions
diff --git a/src/libsystemd/libsystemd.sym.m4 b/src/libsystemd/libsystemd.sym.m4
index 1b50486cfa..f2dfec7f08 100644
--- a/src/libsystemd/libsystemd.sym.m4
+++ b/src/libsystemd/libsystemd.sym.m4
@@ -326,6 +326,7 @@ global:
sd_bus_creds_get_uid;
sd_bus_creds_get_gid;
sd_bus_creds_get_pid;
+ sd_bus_creds_get_ppid;
sd_bus_creds_get_tid;
sd_bus_creds_get_comm;
sd_bus_creds_get_tid_comm;
diff --git a/src/libsystemd/sd-bus/bus-control.c b/src/libsystemd/sd-bus/bus-control.c
index 25510f00c7..1084ddc9ca 100644
--- a/src/libsystemd/sd-bus/bus-control.c
+++ b/src/libsystemd/sd-bus/bus-control.c
@@ -413,6 +413,11 @@ static int bus_populate_creds_from_items(
c->mask |= SD_BUS_CREDS_TID;
}
+ if (mask & SD_BUS_CREDS_PPID && item->pids.ppid > 0) {
+ c->ppid = (pid_t) item->pids.ppid;
+ c->mask |= SD_BUS_CREDS_PPID;
+ }
+
break;
case KDBUS_ITEM_CREDS:
@@ -644,7 +649,8 @@ int bus_get_name_creds_kdbus(
* the bits we want, then ask for the PID/TID so that we
* can read the rest from /proc. */
if ((mask & SD_BUS_CREDS_AUGMENT) &&
- (mask & (SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID|
+ (mask & (SD_BUS_CREDS_PPID|
+ SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID|
SD_BUS_CREDS_GID|SD_BUS_CREDS_EGID|SD_BUS_CREDS_SGID|SD_BUS_CREDS_FSGID|
SD_BUS_CREDS_COMM|SD_BUS_CREDS_TID_COMM|SD_BUS_CREDS_EXE|SD_BUS_CREDS_CMDLINE|
SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID|
@@ -910,7 +916,8 @@ static int bus_get_owner_creds_kdbus(sd_bus *bus, uint64_t mask, sd_bus_creds **
* to get the bits we want, then ask for the PID/TID so that we
* can read the rest from /proc. */
if ((mask & SD_BUS_CREDS_AUGMENT) &&
- (mask & (SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID|
+ (mask & (SD_BUS_CREDS_PPID|
+ SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID|
SD_BUS_CREDS_GID|SD_BUS_CREDS_EGID|SD_BUS_CREDS_SGID|SD_BUS_CREDS_FSGID|
SD_BUS_CREDS_COMM|SD_BUS_CREDS_TID_COMM|SD_BUS_CREDS_EXE|SD_BUS_CREDS_CMDLINE|
SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID|
diff --git a/src/libsystemd/sd-bus/bus-creds.c b/src/libsystemd/sd-bus/bus-creds.c
index b00b5308a8..6cb47f55ce 100644
--- a/src/libsystemd/sd-bus/bus-creds.c
+++ b/src/libsystemd/sd-bus/bus-creds.c
@@ -293,6 +293,17 @@ _public_ int sd_bus_creds_get_pid(sd_bus_creds *c, pid_t *pid) {
return 0;
}
+_public_ int sd_bus_creds_get_ppid(sd_bus_creds *c, pid_t *ppid) {
+ assert_return(c, -EINVAL);
+ assert_return(ppid, -EINVAL);
+
+ if (!(c->mask & SD_BUS_CREDS_PPID))
+ return -ENODATA;
+
+ *ppid = c->ppid;
+ return 0;
+}
+
_public_ int sd_bus_creds_get_tid(sd_bus_creds *c, pid_t *tid) {
assert_return(c, -EINVAL);
assert_return(tid, -EINVAL);
@@ -728,7 +739,8 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) {
c->mask |= SD_BUS_CREDS_TID;
}
- if (missing & (SD_BUS_CREDS_UID | SD_BUS_CREDS_EUID | SD_BUS_CREDS_SUID | SD_BUS_CREDS_FSUID |
+ if (missing & (SD_BUS_CREDS_PPID |
+ SD_BUS_CREDS_UID | SD_BUS_CREDS_EUID | SD_BUS_CREDS_SUID | SD_BUS_CREDS_FSUID |
SD_BUS_CREDS_GID | SD_BUS_CREDS_EGID | SD_BUS_CREDS_SGID | SD_BUS_CREDS_FSGID |
SD_BUS_CREDS_SUPPLEMENTARY_GIDS |
SD_BUS_CREDS_EFFECTIVE_CAPS | SD_BUS_CREDS_INHERITABLE_CAPS |
@@ -751,6 +763,20 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) {
FOREACH_LINE(line, f, return -errno) {
truncate_nl(line);
+ if (missing & SD_BUS_CREDS_PPID) {
+ p = startswith(line, "PPid:");
+ if (p) {
+ p += strspn(p, WHITESPACE);
+
+ r = parse_pid(p, &c->ppid);
+ if (r < 0)
+ return r;
+
+ c->mask |= SD_BUS_CREDS_PPID;
+ continue;
+ }
+ }
+
if (missing & (SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID)) {
p = startswith(line, "Uid:");
if (p) {
@@ -1015,6 +1041,11 @@ int bus_creds_extend_by_pid(sd_bus_creds *c, uint64_t mask, sd_bus_creds **ret)
n->mask |= SD_BUS_CREDS_TID;
}
+ if (c->mask & mask & SD_BUS_CREDS_PPID) {
+ n->ppid = c->ppid;
+ n->mask |= SD_BUS_CREDS_PPID;
+ }
+
if (c->mask & mask & SD_BUS_CREDS_UID) {
n->uid = c->uid;
n->mask |= SD_BUS_CREDS_UID;
diff --git a/src/libsystemd/sd-bus/bus-creds.h b/src/libsystemd/sd-bus/bus-creds.h
index 74062a583d..720450625c 100644
--- a/src/libsystemd/sd-bus/bus-creds.h
+++ b/src/libsystemd/sd-bus/bus-creds.h
@@ -44,6 +44,7 @@ struct sd_bus_creds {
gid_t *supplementary_gids;
unsigned n_supplementary_gids;
+ pid_t ppid;
pid_t pid;
pid_t tid;
diff --git a/src/libsystemd/sd-bus/bus-dump.c b/src/libsystemd/sd-bus/bus-dump.c
index 9165dd7d5a..13ff8b956a 100644
--- a/src/libsystemd/sd-bus/bus-dump.c
+++ b/src/libsystemd/sd-bus/bus-dump.c
@@ -362,8 +362,10 @@ int bus_creds_dump(sd_bus_creds *c, FILE *f, bool terse) {
fprintf(f, "%sPID=%s"PID_FMT"%s", prefix, color, c->pid, suffix);
if (c->mask & SD_BUS_CREDS_TID)
fprintf(f, "%sTID=%s"PID_FMT"%s", prefix, color, c->tid, suffix);
+ if (c->mask & SD_BUS_CREDS_PPID)
+ fprintf(f, "%sPPID=%s"PID_FMT"%s", prefix, color, c->ppid, suffix);
- if (terse && ((c->mask & (SD_BUS_CREDS_PID|SD_BUS_CREDS_TID))))
+ if (terse && ((c->mask & (SD_BUS_CREDS_PID|SD_BUS_CREDS_TID|SD_BUS_CREDS_PPID))))
fputs("\n", f);
if (c->mask & SD_BUS_CREDS_UID)
diff --git a/src/libsystemd/sd-bus/bus-kernel.c b/src/libsystemd/sd-bus/bus-kernel.c
index 0062e66d39..a8c04b98a9 100644
--- a/src/libsystemd/sd-bus/bus-kernel.c
+++ b/src/libsystemd/sd-bus/bus-kernel.c
@@ -595,6 +595,11 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) {
m->creds.mask |= SD_BUS_CREDS_TID & bus->creds_mask;
}
+ if (d->pids.ppid > 0) {
+ m->creds.ppid = (pid_t) d->pids.ppid;
+ m->creds.mask |= SD_BUS_CREDS_PPID & bus->creds_mask;
+ }
+
break;
case KDBUS_ITEM_CREDS:
@@ -1506,7 +1511,7 @@ uint64_t attach_flags_to_kdbus(uint64_t mask) {
SD_BUS_CREDS_GID|SD_BUS_CREDS_EGID|SD_BUS_CREDS_SGID|SD_BUS_CREDS_FSGID))
m |= KDBUS_ATTACH_CREDS;
- if (mask & (SD_BUS_CREDS_PID|SD_BUS_CREDS_TID))
+ if (mask & (SD_BUS_CREDS_PID|SD_BUS_CREDS_TID|SD_BUS_CREDS_PPID))
m |= KDBUS_ATTACH_PIDS;
if (mask & SD_BUS_CREDS_COMM)
diff --git a/src/systemd/sd-bus.h b/src/systemd/sd-bus.h
index f24cc08bd8..62dc45f8dd 100644
--- a/src/systemd/sd-bus.h
+++ b/src/systemd/sd-bus.h
@@ -57,35 +57,36 @@ typedef struct {
enum {
SD_BUS_CREDS_PID = 1ULL << 0,
SD_BUS_CREDS_TID = 1ULL << 1,
- SD_BUS_CREDS_UID = 1ULL << 2,
- SD_BUS_CREDS_EUID = 1ULL << 3,
- SD_BUS_CREDS_SUID = 1ULL << 4,
- SD_BUS_CREDS_FSUID = 1ULL << 5,
- SD_BUS_CREDS_GID = 1ULL << 6,
- SD_BUS_CREDS_EGID = 1ULL << 7,
- SD_BUS_CREDS_SGID = 1ULL << 8,
- SD_BUS_CREDS_FSGID = 1ULL << 9,
- SD_BUS_CREDS_SUPPLEMENTARY_GIDS = 1ULL << 10,
- SD_BUS_CREDS_COMM = 1ULL << 11,
- SD_BUS_CREDS_TID_COMM = 1ULL << 12,
- SD_BUS_CREDS_EXE = 1ULL << 13,
- SD_BUS_CREDS_CMDLINE = 1ULL << 14,
- SD_BUS_CREDS_CGROUP = 1ULL << 15,
- SD_BUS_CREDS_UNIT = 1ULL << 16,
- SD_BUS_CREDS_USER_UNIT = 1ULL << 17,
- SD_BUS_CREDS_SLICE = 1ULL << 18,
- SD_BUS_CREDS_SESSION = 1ULL << 19,
- SD_BUS_CREDS_OWNER_UID = 1ULL << 20,
- SD_BUS_CREDS_EFFECTIVE_CAPS = 1ULL << 21,
- SD_BUS_CREDS_PERMITTED_CAPS = 1ULL << 22,
- SD_BUS_CREDS_INHERITABLE_CAPS = 1ULL << 23,
- SD_BUS_CREDS_BOUNDING_CAPS = 1ULL << 24,
- SD_BUS_CREDS_SELINUX_CONTEXT = 1ULL << 25,
- SD_BUS_CREDS_AUDIT_SESSION_ID = 1ULL << 26,
- SD_BUS_CREDS_AUDIT_LOGIN_UID = 1ULL << 27,
- SD_BUS_CREDS_UNIQUE_NAME = 1ULL << 28,
- SD_BUS_CREDS_WELL_KNOWN_NAMES = 1ULL << 29,
- SD_BUS_CREDS_DESCRIPTION = 1ULL << 30,
+ SD_BUS_CREDS_PPID = 1ULL << 2,
+ SD_BUS_CREDS_UID = 1ULL << 3,
+ SD_BUS_CREDS_EUID = 1ULL << 4,
+ SD_BUS_CREDS_SUID = 1ULL << 5,
+ SD_BUS_CREDS_FSUID = 1ULL << 6,
+ SD_BUS_CREDS_GID = 1ULL << 7,
+ SD_BUS_CREDS_EGID = 1ULL << 8,
+ SD_BUS_CREDS_SGID = 1ULL << 9,
+ SD_BUS_CREDS_FSGID = 1ULL << 10,
+ SD_BUS_CREDS_SUPPLEMENTARY_GIDS = 1ULL << 11,
+ SD_BUS_CREDS_COMM = 1ULL << 12,
+ SD_BUS_CREDS_TID_COMM = 1ULL << 13,
+ SD_BUS_CREDS_EXE = 1ULL << 14,
+ SD_BUS_CREDS_CMDLINE = 1ULL << 15,
+ SD_BUS_CREDS_CGROUP = 1ULL << 16,
+ SD_BUS_CREDS_UNIT = 1ULL << 17,
+ SD_BUS_CREDS_USER_UNIT = 1ULL << 18,
+ SD_BUS_CREDS_SLICE = 1ULL << 19,
+ SD_BUS_CREDS_SESSION = 1ULL << 20,
+ SD_BUS_CREDS_OWNER_UID = 1ULL << 21,
+ SD_BUS_CREDS_EFFECTIVE_CAPS = 1ULL << 22,
+ SD_BUS_CREDS_PERMITTED_CAPS = 1ULL << 23,
+ SD_BUS_CREDS_INHERITABLE_CAPS = 1ULL << 24,
+ SD_BUS_CREDS_BOUNDING_CAPS = 1ULL << 25,
+ SD_BUS_CREDS_SELINUX_CONTEXT = 1ULL << 26,
+ SD_BUS_CREDS_AUDIT_SESSION_ID = 1ULL << 27,
+ SD_BUS_CREDS_AUDIT_LOGIN_UID = 1ULL << 28,
+ SD_BUS_CREDS_UNIQUE_NAME = 1ULL << 29,
+ SD_BUS_CREDS_WELL_KNOWN_NAMES = 1ULL << 30,
+ SD_BUS_CREDS_DESCRIPTION = 1ULL << 31,
SD_BUS_CREDS_AUGMENT = 1ULL << 63, /* special flag, if on sd-bus will augment creds struct, in a potentially race-full way. */
_SD_BUS_CREDS_ALL = (1ULL << 32) -1,
};
@@ -332,6 +333,7 @@ uint64_t sd_bus_creds_get_mask(const sd_bus_creds *c);
uint64_t sd_bus_creds_get_augmented_mask(const sd_bus_creds *c);
int sd_bus_creds_get_pid(sd_bus_creds *c, pid_t *pid);
+int sd_bus_creds_get_ppid(sd_bus_creds *c, pid_t *ppid);
int sd_bus_creds_get_tid(sd_bus_creds *c, pid_t *tid);
int sd_bus_creds_get_uid(sd_bus_creds *c, uid_t *uid);
int sd_bus_creds_get_euid(sd_bus_creds *c, uid_t *euid);