diff options
-rw-r--r-- | src/libsystemd/libsystemd.sym.m4 | 1 | ||||
-rw-r--r-- | src/libsystemd/sd-bus/bus-control.c | 11 | ||||
-rw-r--r-- | src/libsystemd/sd-bus/bus-creds.c | 33 | ||||
-rw-r--r-- | src/libsystemd/sd-bus/bus-creds.h | 1 | ||||
-rw-r--r-- | src/libsystemd/sd-bus/bus-dump.c | 4 | ||||
-rw-r--r-- | src/libsystemd/sd-bus/bus-kernel.c | 7 | ||||
-rw-r--r-- | src/systemd/sd-bus.h | 60 |
7 files changed, 83 insertions, 34 deletions
diff --git a/src/libsystemd/libsystemd.sym.m4 b/src/libsystemd/libsystemd.sym.m4 index 1b50486cfa..f2dfec7f08 100644 --- a/src/libsystemd/libsystemd.sym.m4 +++ b/src/libsystemd/libsystemd.sym.m4 @@ -326,6 +326,7 @@ global: sd_bus_creds_get_uid; sd_bus_creds_get_gid; sd_bus_creds_get_pid; + sd_bus_creds_get_ppid; sd_bus_creds_get_tid; sd_bus_creds_get_comm; sd_bus_creds_get_tid_comm; diff --git a/src/libsystemd/sd-bus/bus-control.c b/src/libsystemd/sd-bus/bus-control.c index 25510f00c7..1084ddc9ca 100644 --- a/src/libsystemd/sd-bus/bus-control.c +++ b/src/libsystemd/sd-bus/bus-control.c @@ -413,6 +413,11 @@ static int bus_populate_creds_from_items( c->mask |= SD_BUS_CREDS_TID; } + if (mask & SD_BUS_CREDS_PPID && item->pids.ppid > 0) { + c->ppid = (pid_t) item->pids.ppid; + c->mask |= SD_BUS_CREDS_PPID; + } + break; case KDBUS_ITEM_CREDS: @@ -644,7 +649,8 @@ int bus_get_name_creds_kdbus( * the bits we want, then ask for the PID/TID so that we * can read the rest from /proc. */ if ((mask & SD_BUS_CREDS_AUGMENT) && - (mask & (SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID| + (mask & (SD_BUS_CREDS_PPID| + SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID| SD_BUS_CREDS_GID|SD_BUS_CREDS_EGID|SD_BUS_CREDS_SGID|SD_BUS_CREDS_FSGID| SD_BUS_CREDS_COMM|SD_BUS_CREDS_TID_COMM|SD_BUS_CREDS_EXE|SD_BUS_CREDS_CMDLINE| SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID| @@ -910,7 +916,8 @@ static int bus_get_owner_creds_kdbus(sd_bus *bus, uint64_t mask, sd_bus_creds ** * to get the bits we want, then ask for the PID/TID so that we * can read the rest from /proc. */ if ((mask & SD_BUS_CREDS_AUGMENT) && - (mask & (SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID| + (mask & (SD_BUS_CREDS_PPID| + SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID| SD_BUS_CREDS_GID|SD_BUS_CREDS_EGID|SD_BUS_CREDS_SGID|SD_BUS_CREDS_FSGID| SD_BUS_CREDS_COMM|SD_BUS_CREDS_TID_COMM|SD_BUS_CREDS_EXE|SD_BUS_CREDS_CMDLINE| SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID| diff --git a/src/libsystemd/sd-bus/bus-creds.c b/src/libsystemd/sd-bus/bus-creds.c index b00b5308a8..6cb47f55ce 100644 --- a/src/libsystemd/sd-bus/bus-creds.c +++ b/src/libsystemd/sd-bus/bus-creds.c @@ -293,6 +293,17 @@ _public_ int sd_bus_creds_get_pid(sd_bus_creds *c, pid_t *pid) { return 0; } +_public_ int sd_bus_creds_get_ppid(sd_bus_creds *c, pid_t *ppid) { + assert_return(c, -EINVAL); + assert_return(ppid, -EINVAL); + + if (!(c->mask & SD_BUS_CREDS_PPID)) + return -ENODATA; + + *ppid = c->ppid; + return 0; +} + _public_ int sd_bus_creds_get_tid(sd_bus_creds *c, pid_t *tid) { assert_return(c, -EINVAL); assert_return(tid, -EINVAL); @@ -728,7 +739,8 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) { c->mask |= SD_BUS_CREDS_TID; } - if (missing & (SD_BUS_CREDS_UID | SD_BUS_CREDS_EUID | SD_BUS_CREDS_SUID | SD_BUS_CREDS_FSUID | + if (missing & (SD_BUS_CREDS_PPID | + SD_BUS_CREDS_UID | SD_BUS_CREDS_EUID | SD_BUS_CREDS_SUID | SD_BUS_CREDS_FSUID | SD_BUS_CREDS_GID | SD_BUS_CREDS_EGID | SD_BUS_CREDS_SGID | SD_BUS_CREDS_FSGID | SD_BUS_CREDS_SUPPLEMENTARY_GIDS | SD_BUS_CREDS_EFFECTIVE_CAPS | SD_BUS_CREDS_INHERITABLE_CAPS | @@ -751,6 +763,20 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) { FOREACH_LINE(line, f, return -errno) { truncate_nl(line); + if (missing & SD_BUS_CREDS_PPID) { + p = startswith(line, "PPid:"); + if (p) { + p += strspn(p, WHITESPACE); + + r = parse_pid(p, &c->ppid); + if (r < 0) + return r; + + c->mask |= SD_BUS_CREDS_PPID; + continue; + } + } + if (missing & (SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID)) { p = startswith(line, "Uid:"); if (p) { @@ -1015,6 +1041,11 @@ int bus_creds_extend_by_pid(sd_bus_creds *c, uint64_t mask, sd_bus_creds **ret) n->mask |= SD_BUS_CREDS_TID; } + if (c->mask & mask & SD_BUS_CREDS_PPID) { + n->ppid = c->ppid; + n->mask |= SD_BUS_CREDS_PPID; + } + if (c->mask & mask & SD_BUS_CREDS_UID) { n->uid = c->uid; n->mask |= SD_BUS_CREDS_UID; diff --git a/src/libsystemd/sd-bus/bus-creds.h b/src/libsystemd/sd-bus/bus-creds.h index 74062a583d..720450625c 100644 --- a/src/libsystemd/sd-bus/bus-creds.h +++ b/src/libsystemd/sd-bus/bus-creds.h @@ -44,6 +44,7 @@ struct sd_bus_creds { gid_t *supplementary_gids; unsigned n_supplementary_gids; + pid_t ppid; pid_t pid; pid_t tid; diff --git a/src/libsystemd/sd-bus/bus-dump.c b/src/libsystemd/sd-bus/bus-dump.c index 9165dd7d5a..13ff8b956a 100644 --- a/src/libsystemd/sd-bus/bus-dump.c +++ b/src/libsystemd/sd-bus/bus-dump.c @@ -362,8 +362,10 @@ int bus_creds_dump(sd_bus_creds *c, FILE *f, bool terse) { fprintf(f, "%sPID=%s"PID_FMT"%s", prefix, color, c->pid, suffix); if (c->mask & SD_BUS_CREDS_TID) fprintf(f, "%sTID=%s"PID_FMT"%s", prefix, color, c->tid, suffix); + if (c->mask & SD_BUS_CREDS_PPID) + fprintf(f, "%sPPID=%s"PID_FMT"%s", prefix, color, c->ppid, suffix); - if (terse && ((c->mask & (SD_BUS_CREDS_PID|SD_BUS_CREDS_TID)))) + if (terse && ((c->mask & (SD_BUS_CREDS_PID|SD_BUS_CREDS_TID|SD_BUS_CREDS_PPID)))) fputs("\n", f); if (c->mask & SD_BUS_CREDS_UID) diff --git a/src/libsystemd/sd-bus/bus-kernel.c b/src/libsystemd/sd-bus/bus-kernel.c index 0062e66d39..a8c04b98a9 100644 --- a/src/libsystemd/sd-bus/bus-kernel.c +++ b/src/libsystemd/sd-bus/bus-kernel.c @@ -595,6 +595,11 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { m->creds.mask |= SD_BUS_CREDS_TID & bus->creds_mask; } + if (d->pids.ppid > 0) { + m->creds.ppid = (pid_t) d->pids.ppid; + m->creds.mask |= SD_BUS_CREDS_PPID & bus->creds_mask; + } + break; case KDBUS_ITEM_CREDS: @@ -1506,7 +1511,7 @@ uint64_t attach_flags_to_kdbus(uint64_t mask) { SD_BUS_CREDS_GID|SD_BUS_CREDS_EGID|SD_BUS_CREDS_SGID|SD_BUS_CREDS_FSGID)) m |= KDBUS_ATTACH_CREDS; - if (mask & (SD_BUS_CREDS_PID|SD_BUS_CREDS_TID)) + if (mask & (SD_BUS_CREDS_PID|SD_BUS_CREDS_TID|SD_BUS_CREDS_PPID)) m |= KDBUS_ATTACH_PIDS; if (mask & SD_BUS_CREDS_COMM) diff --git a/src/systemd/sd-bus.h b/src/systemd/sd-bus.h index f24cc08bd8..62dc45f8dd 100644 --- a/src/systemd/sd-bus.h +++ b/src/systemd/sd-bus.h @@ -57,35 +57,36 @@ typedef struct { enum { SD_BUS_CREDS_PID = 1ULL << 0, SD_BUS_CREDS_TID = 1ULL << 1, - SD_BUS_CREDS_UID = 1ULL << 2, - SD_BUS_CREDS_EUID = 1ULL << 3, - SD_BUS_CREDS_SUID = 1ULL << 4, - SD_BUS_CREDS_FSUID = 1ULL << 5, - SD_BUS_CREDS_GID = 1ULL << 6, - SD_BUS_CREDS_EGID = 1ULL << 7, - SD_BUS_CREDS_SGID = 1ULL << 8, - SD_BUS_CREDS_FSGID = 1ULL << 9, - SD_BUS_CREDS_SUPPLEMENTARY_GIDS = 1ULL << 10, - SD_BUS_CREDS_COMM = 1ULL << 11, - SD_BUS_CREDS_TID_COMM = 1ULL << 12, - SD_BUS_CREDS_EXE = 1ULL << 13, - SD_BUS_CREDS_CMDLINE = 1ULL << 14, - SD_BUS_CREDS_CGROUP = 1ULL << 15, - SD_BUS_CREDS_UNIT = 1ULL << 16, - SD_BUS_CREDS_USER_UNIT = 1ULL << 17, - SD_BUS_CREDS_SLICE = 1ULL << 18, - SD_BUS_CREDS_SESSION = 1ULL << 19, - SD_BUS_CREDS_OWNER_UID = 1ULL << 20, - SD_BUS_CREDS_EFFECTIVE_CAPS = 1ULL << 21, - SD_BUS_CREDS_PERMITTED_CAPS = 1ULL << 22, - SD_BUS_CREDS_INHERITABLE_CAPS = 1ULL << 23, - SD_BUS_CREDS_BOUNDING_CAPS = 1ULL << 24, - SD_BUS_CREDS_SELINUX_CONTEXT = 1ULL << 25, - SD_BUS_CREDS_AUDIT_SESSION_ID = 1ULL << 26, - SD_BUS_CREDS_AUDIT_LOGIN_UID = 1ULL << 27, - SD_BUS_CREDS_UNIQUE_NAME = 1ULL << 28, - SD_BUS_CREDS_WELL_KNOWN_NAMES = 1ULL << 29, - SD_BUS_CREDS_DESCRIPTION = 1ULL << 30, + SD_BUS_CREDS_PPID = 1ULL << 2, + SD_BUS_CREDS_UID = 1ULL << 3, + SD_BUS_CREDS_EUID = 1ULL << 4, + SD_BUS_CREDS_SUID = 1ULL << 5, + SD_BUS_CREDS_FSUID = 1ULL << 6, + SD_BUS_CREDS_GID = 1ULL << 7, + SD_BUS_CREDS_EGID = 1ULL << 8, + SD_BUS_CREDS_SGID = 1ULL << 9, + SD_BUS_CREDS_FSGID = 1ULL << 10, + SD_BUS_CREDS_SUPPLEMENTARY_GIDS = 1ULL << 11, + SD_BUS_CREDS_COMM = 1ULL << 12, + SD_BUS_CREDS_TID_COMM = 1ULL << 13, + SD_BUS_CREDS_EXE = 1ULL << 14, + SD_BUS_CREDS_CMDLINE = 1ULL << 15, + SD_BUS_CREDS_CGROUP = 1ULL << 16, + SD_BUS_CREDS_UNIT = 1ULL << 17, + SD_BUS_CREDS_USER_UNIT = 1ULL << 18, + SD_BUS_CREDS_SLICE = 1ULL << 19, + SD_BUS_CREDS_SESSION = 1ULL << 20, + SD_BUS_CREDS_OWNER_UID = 1ULL << 21, + SD_BUS_CREDS_EFFECTIVE_CAPS = 1ULL << 22, + SD_BUS_CREDS_PERMITTED_CAPS = 1ULL << 23, + SD_BUS_CREDS_INHERITABLE_CAPS = 1ULL << 24, + SD_BUS_CREDS_BOUNDING_CAPS = 1ULL << 25, + SD_BUS_CREDS_SELINUX_CONTEXT = 1ULL << 26, + SD_BUS_CREDS_AUDIT_SESSION_ID = 1ULL << 27, + SD_BUS_CREDS_AUDIT_LOGIN_UID = 1ULL << 28, + SD_BUS_CREDS_UNIQUE_NAME = 1ULL << 29, + SD_BUS_CREDS_WELL_KNOWN_NAMES = 1ULL << 30, + SD_BUS_CREDS_DESCRIPTION = 1ULL << 31, SD_BUS_CREDS_AUGMENT = 1ULL << 63, /* special flag, if on sd-bus will augment creds struct, in a potentially race-full way. */ _SD_BUS_CREDS_ALL = (1ULL << 32) -1, }; @@ -332,6 +333,7 @@ uint64_t sd_bus_creds_get_mask(const sd_bus_creds *c); uint64_t sd_bus_creds_get_augmented_mask(const sd_bus_creds *c); int sd_bus_creds_get_pid(sd_bus_creds *c, pid_t *pid); +int sd_bus_creds_get_ppid(sd_bus_creds *c, pid_t *ppid); int sd_bus_creds_get_tid(sd_bus_creds *c, pid_t *tid); int sd_bus_creds_get_uid(sd_bus_creds *c, uid_t *uid); int sd_bus_creds_get_euid(sd_bus_creds *c, uid_t *euid); |