diff options
-rw-r--r-- | Makefile.am | 18 | ||||
-rw-r--r-- | src/bus-proxyd/bus-proxyd.c | 3 | ||||
-rw-r--r-- | src/bus-proxyd/bus-xml-policy.c (renamed from src/bus-proxyd/bus-policy.c) | 2 | ||||
-rw-r--r-- | src/bus-proxyd/bus-xml-policy.h (renamed from src/bus-proxyd/bus-policy.h) | 0 | ||||
-rw-r--r-- | src/bus-proxyd/test-bus-xml-policy.c (renamed from src/bus-proxyd/test-bus-policy.c) | 6 | ||||
-rw-r--r-- | src/core/bus-common.c | 35 | ||||
-rw-r--r-- | src/core/bus-common.h | 35 | ||||
-rw-r--r-- | src/core/bus-endpoint.c | 56 | ||||
-rw-r--r-- | src/core/bus-endpoint.h | 4 | ||||
-rw-r--r-- | src/core/busname.c | 3 | ||||
-rw-r--r-- | src/core/busname.h | 17 | ||||
-rw-r--r-- | src/core/execute.c | 2 | ||||
-rw-r--r-- | src/libsystemd/sd-bus/bus-internal.h | 1 | ||||
-rw-r--r-- | src/libsystemd/sd-bus/bus-kernel.c | 185 | ||||
-rw-r--r-- | src/libsystemd/sd-bus/bus-kernel.h | 5 | ||||
-rw-r--r-- | src/libsystemd/sd-bus/busctl.c | 1 | ||||
-rw-r--r-- | src/test/test-tables.c | 3 |
17 files changed, 74 insertions, 302 deletions
diff --git a/Makefile.am b/Makefile.am index 904517ffa6..96c9fc44f2 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1046,10 +1046,10 @@ libsystemd_core_la_SOURCES = \ src/core/socket.h \ src/core/busname.c \ src/core/busname.h \ - src/core/bus-common.c \ - src/core/bus-common.h \ src/core/bus-endpoint.c \ src/core/bus-endpoint.h \ + src/core/bus-policy.c \ + src/core/bus-policy.h \ src/core/target.c \ src/core/target.h \ src/core/snapshot.c \ @@ -1713,8 +1713,8 @@ test_unaligned_SOURCES = \ test_tables_SOURCES = \ src/test/test-tables.c \ src/shared/test-tables.h \ - src/bus-proxyd/bus-policy.c \ - src/bus-proxyd/bus-policy.h \ + src/bus-proxyd/bus-xml-policy.c \ + src/bus-proxyd/bus-xml-policy.h \ src/journal/journald-server.c \ src/journal/journald-server.h @@ -1948,9 +1948,9 @@ test_conf_files_LDADD = \ libsystemd-shared.la test_bus_policy_SOURCES = \ - src/bus-proxyd/test-bus-policy.c \ - src/bus-proxyd/bus-policy.c \ - src/bus-proxyd/bus-policy.h + src/bus-proxyd/test-bus-xml-policy.c \ + src/bus-proxyd/bus-xml-policy.c \ + src/bus-proxyd/bus-xml-policy.h test_bus_policy_LDADD = \ libsystemd-internal.la \ @@ -2598,8 +2598,8 @@ systemd_run_LDADD = \ # ------------------------------------------------------------------------------ systemd_bus_proxyd_SOURCES = \ src/bus-proxyd/bus-proxyd.c \ - src/bus-proxyd/bus-policy.c \ - src/bus-proxyd/bus-policy.h + src/bus-proxyd/bus-xml-policy.c \ + src/bus-proxyd/bus-xml-policy.h systemd_bus_proxyd_LDADD = \ libsystemd-internal.la \ diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c index 6da7fb9b55..64c11ffd16 100644 --- a/src/bus-proxyd/bus-proxyd.c +++ b/src/bus-proxyd/bus-proxyd.c @@ -44,9 +44,10 @@ #include "strv.h" #include "def.h" #include "capability.h" -#include "bus-policy.h" #include "bus-control.h" #include "smack-util.h" +#include "set.h" +#include "bus-xml-policy.h" static char *arg_address = NULL; static char *arg_command_line_buffer = NULL; diff --git a/src/bus-proxyd/bus-policy.c b/src/bus-proxyd/bus-xml-policy.c index 59cc1d788b..ac0e14b4f9 100644 --- a/src/bus-proxyd/bus-policy.c +++ b/src/bus-proxyd/bus-xml-policy.c @@ -25,7 +25,7 @@ #include "conf-files.h" #include "bus-internal.h" #include "bus-message.h" -#include "bus-policy.h" +#include "bus-xml-policy.h" static void policy_item_free(PolicyItem *i) { assert(i); diff --git a/src/bus-proxyd/bus-policy.h b/src/bus-proxyd/bus-xml-policy.h index 933a53ceb5..933a53ceb5 100644 --- a/src/bus-proxyd/bus-policy.h +++ b/src/bus-proxyd/bus-xml-policy.h diff --git a/src/bus-proxyd/test-bus-policy.c b/src/bus-proxyd/test-bus-xml-policy.c index 91ab33da4a..b0f4ed7d3d 100644 --- a/src/bus-proxyd/test-bus-policy.c +++ b/src/bus-proxyd/test-bus-xml-policy.c @@ -40,11 +40,9 @@ #include "strv.h" #include "def.h" #include "capability.h" +#include "bus-xml-policy.h" -#include <bus-proxyd/bus-policy.h> - -static int test_policy_load(Policy *p, const char *name) -{ +static int test_policy_load(Policy *p, const char *name) { _cleanup_free_ char *path = NULL; int r = 0; diff --git a/src/core/bus-common.c b/src/core/bus-common.c deleted file mode 100644 index 4a61cb9a3a..0000000000 --- a/src/core/bus-common.c +++ /dev/null @@ -1,35 +0,0 @@ -/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ - -/*** - This file is part of systemd. - - Copyright 2014 Daniel Mack - - systemd is free software; you can redistribute it and/or modify it - under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - systemd is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with systemd; If not, see <http://www.gnu.org/licenses/>. -***/ - -#include "special.h" -#include "bus-kernel.h" -#include "bus-internal.h" -#include "bus-util.h" -#include "service.h" -#include "bus-common.h" - -static const char* const bus_policy_access_table[_BUS_POLICY_ACCESS_MAX] = { - [BUS_POLICY_ACCESS_SEE] = "see", - [BUS_POLICY_ACCESS_TALK] = "talk", - [BUS_POLICY_ACCESS_OWN] = "own", -}; - -DEFINE_STRING_TABLE_LOOKUP(bus_policy_access, BusPolicyAccess); diff --git a/src/core/bus-common.h b/src/core/bus-common.h deleted file mode 100644 index 209f870c72..0000000000 --- a/src/core/bus-common.h +++ /dev/null @@ -1,35 +0,0 @@ -/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ - -#pragma once - -#include "macro.h" - -/*** - This file is part of systemd. - - Copyright 2014 Daniel Mack - - systemd is free software; you can redistribute it and/or modify it - under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - systemd is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with systemd; If not, see <http://www.gnu.org/licenses/>. -***/ - -typedef enum BusPolicyAccess { - BUS_POLICY_ACCESS_SEE, - BUS_POLICY_ACCESS_TALK, - BUS_POLICY_ACCESS_OWN, - _BUS_POLICY_ACCESS_MAX, - _BUS_POLICY_ACCESS_INVALID = -1 -} BusPolicyAccess; - -const char* bus_policy_access_to_string(BusPolicyAccess i) _const_; -BusPolicyAccess bus_policy_access_from_string(const char *s) _pure_; diff --git a/src/core/bus-endpoint.c b/src/core/bus-endpoint.c index aac540ddee..27dd192a2f 100644 --- a/src/core/bus-endpoint.c +++ b/src/core/bus-endpoint.c @@ -19,10 +19,56 @@ #include <stdlib.h> +#include "kdbus.h" +#include "bus-kernel.h" +#include "bus-policy.h" #include "bus-endpoint.h" -int bus_endpoint_new(BusEndpoint **ep) -{ +int bus_kernel_set_endpoint_policy(int fd, uid_t uid, BusEndpoint *ep) { + + struct kdbus_cmd_update *update; + struct kdbus_item *n; + BusEndpointPolicy *po; + Iterator i; + size_t size; + int r; + + size = ALIGN8(offsetof(struct kdbus_cmd_update, items)); + + HASHMAP_FOREACH(po, ep->policy_hash, i) { + size += ALIGN8(offsetof(struct kdbus_item, str) + strlen(po->name) + 1); + size += ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access)); + } + + update = alloca0_align(size, 8); + update->size = size; + + n = update->items; + + HASHMAP_FOREACH(po, ep->policy_hash, i) { + n->type = KDBUS_ITEM_NAME; + n->size = offsetof(struct kdbus_item, str) + strlen(po->name) + 1; + strcpy(n->str, po->name); + n = KDBUS_ITEM_NEXT(n); + + n->type = KDBUS_ITEM_POLICY_ACCESS; + n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access); + + n->policy_access.type = KDBUS_POLICY_ACCESS_USER; + n->policy_access.access = bus_kernel_translate_access(po->access); + n->policy_access.id = uid; + + n = KDBUS_ITEM_NEXT(n); + } + + r = ioctl(fd, KDBUS_CMD_ENDPOINT_UPDATE, update); + if (r < 0) + return -errno; + + return 0; +} + +int bus_endpoint_new(BusEndpoint **ep) { assert(ep); *ep = new0(BusEndpoint, 1); @@ -32,8 +78,7 @@ int bus_endpoint_new(BusEndpoint **ep) return 0; } -int bus_endpoint_add_policy(BusEndpoint *ep, const char *name, BusPolicyAccess access) -{ +int bus_endpoint_add_policy(BusEndpoint *ep, const char *name, BusPolicyAccess access) { _cleanup_free_ BusEndpointPolicy *po = NULL; _cleanup_free_ char *key = NULL; int r; @@ -80,8 +125,7 @@ int bus_endpoint_add_policy(BusEndpoint *ep, const char *name, BusPolicyAccess a return 0; } -void bus_endpoint_free(BusEndpoint *endpoint) -{ +void bus_endpoint_free(BusEndpoint *endpoint) { if (!endpoint) return; diff --git a/src/core/bus-endpoint.h b/src/core/bus-endpoint.h index 2c5415f34e..4a31f4c4be 100644 --- a/src/core/bus-endpoint.h +++ b/src/core/bus-endpoint.h @@ -24,8 +24,8 @@ typedef struct BusEndpoint BusEndpoint; typedef struct BusEndpointPolicy BusEndpointPolicy; -#include "bus-common.h" #include "hashmap.h" +#include "bus-policy.h" struct BusEndpointPolicy { char *name; @@ -40,3 +40,5 @@ int bus_endpoint_new(BusEndpoint **ep); void bus_endpoint_free(BusEndpoint *endpoint); int bus_endpoint_add_policy(BusEndpoint *ep, const char *name, BusPolicyAccess access); + +int bus_kernel_set_endpoint_policy(int fd, uid_t uid, BusEndpoint *ep); diff --git a/src/core/busname.c b/src/core/busname.c index acd665282d..9ab95569eb 100644 --- a/src/core/busname.c +++ b/src/core/busname.c @@ -26,9 +26,10 @@ #include "bus-internal.h" #include "bus-util.h" #include "service.h" +#include "kdbus.h" +#include "bus-policy.h" #include "dbus-busname.h" #include "busname.h" -#include "kdbus.h" static const UnitActiveState state_translation_table[_BUSNAME_STATE_MAX] = { [BUSNAME_DEAD] = UNIT_INACTIVE, diff --git a/src/core/busname.h b/src/core/busname.h index c9b653d82e..775822d8de 100644 --- a/src/core/busname.h +++ b/src/core/busname.h @@ -25,7 +25,6 @@ typedef struct BusName BusName; typedef struct BusNamePolicy BusNamePolicy; #include "unit.h" -#include "bus-common.h" typedef enum BusNameState { BUSNAME_DEAD, @@ -52,22 +51,6 @@ typedef enum BusNameResult { _BUSNAME_RESULT_INVALID = -1 } BusNameResult; -typedef enum BusNamePolicyType { - BUSNAME_POLICY_TYPE_USER, - BUSNAME_POLICY_TYPE_GROUP, - _BUSNAME_POLICY_TYPE_MAX, - _BUSNAME_POLICY_TYPE_INVALID = -1 -} BusNamePolicyType; - -struct BusNamePolicy { - BusNamePolicyType type; - BusPolicyAccess access; - - char *name; - - LIST_FIELDS(BusNamePolicy, policy); -}; - struct BusName { Unit meta; diff --git a/src/core/execute.c b/src/core/execute.c index 4735ab2417..c472dadfed 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -84,7 +84,7 @@ #include "mkdir.h" #include "apparmor-util.h" #include "smack-util.h" -#include "bus-kernel.h" +#include "bus-endpoint.h" #include "label.h" #include "cap-list.h" diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h index 977b3407ba..cb529d5a9e 100644 --- a/src/libsystemd/sd-bus/bus-internal.h +++ b/src/libsystemd/sd-bus/bus-internal.h @@ -31,6 +31,7 @@ #include "list.h" #include "util.h" #include "refcnt.h" +#include "socket-util.h" #include "sd-bus.h" #include "bus-error.h" diff --git a/src/libsystemd/sd-bus/bus-kernel.c b/src/libsystemd/sd-bus/bus-kernel.c index a69628945d..a7811eea0a 100644 --- a/src/libsystemd/sd-bus/bus-kernel.c +++ b/src/libsystemd/sd-bus/bus-kernel.c @@ -1576,69 +1576,6 @@ int bus_kernel_create_bus(const char *name, bool world, char **s) { return fd; } -static int bus_kernel_translate_access(BusPolicyAccess access) { - assert(access >= 0); - assert(access < _BUS_POLICY_ACCESS_MAX); - - switch (access) { - - case BUS_POLICY_ACCESS_SEE: - return KDBUS_POLICY_SEE; - - case BUS_POLICY_ACCESS_TALK: - return KDBUS_POLICY_TALK; - - case BUS_POLICY_ACCESS_OWN: - return KDBUS_POLICY_OWN; - - default: - assert_not_reached("Unknown policy access"); - } -} - -static int bus_kernel_translate_policy(const BusNamePolicy *policy, struct kdbus_item *item) { - int r; - - assert(policy); - assert(item); - - switch (policy->type) { - - case BUSNAME_POLICY_TYPE_USER: { - const char *user = policy->name; - uid_t uid; - - r = get_user_creds(&user, &uid, NULL, NULL, NULL); - if (r < 0) - return r; - - item->policy_access.type = KDBUS_POLICY_ACCESS_USER; - item->policy_access.id = uid; - break; - } - - case BUSNAME_POLICY_TYPE_GROUP: { - const char *group = policy->name; - gid_t gid; - - r = get_group_creds(&group, &gid); - if (r < 0) - return r; - - item->policy_access.type = KDBUS_POLICY_ACCESS_GROUP; - item->policy_access.id = gid; - break; - } - - default: - assert_not_reached("Unknown policy type"); - } - - item->policy_access.access = bus_kernel_translate_access(policy->access); - - return 0; -} - int bus_kernel_open_bus_fd(const char *bus, char **path) { char *p; int fd; @@ -1715,128 +1652,6 @@ int bus_kernel_create_endpoint(const char *bus_name, const char *ep_name, char * return fd; } -int bus_kernel_set_endpoint_policy(int fd, uid_t uid, BusEndpoint *ep) { - - struct kdbus_cmd_update *update; - struct kdbus_item *n; - BusEndpointPolicy *po; - Iterator i; - size_t size; - int r; - - size = ALIGN8(offsetof(struct kdbus_cmd_update, items)); - - HASHMAP_FOREACH(po, ep->policy_hash, i) { - size += ALIGN8(offsetof(struct kdbus_item, str) + strlen(po->name) + 1); - size += ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access)); - } - - update = alloca0_align(size, 8); - update->size = size; - - n = update->items; - - HASHMAP_FOREACH(po, ep->policy_hash, i) { - n->type = KDBUS_ITEM_NAME; - n->size = offsetof(struct kdbus_item, str) + strlen(po->name) + 1; - strcpy(n->str, po->name); - n = KDBUS_ITEM_NEXT(n); - - n->type = KDBUS_ITEM_POLICY_ACCESS; - n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access); - - n->policy_access.type = KDBUS_POLICY_ACCESS_USER; - n->policy_access.access = bus_kernel_translate_access(po->access); - n->policy_access.id = uid; - - n = KDBUS_ITEM_NEXT(n); - } - - r = ioctl(fd, KDBUS_CMD_ENDPOINT_UPDATE, update); - if (r < 0) - return -errno; - - return 0; -} - -int bus_kernel_make_starter( - int fd, - const char *name, - bool activating, - bool accept_fd, - BusNamePolicy *policy, - BusPolicyAccess world_policy) { - - struct kdbus_cmd_free cmd_free = { .size = sizeof(cmd_free) }; - struct kdbus_cmd_hello *hello; - struct kdbus_item *n; - size_t policy_cnt = 0; - BusNamePolicy *po; - size_t size; - int r; - - assert(fd >= 0); - assert(name); - - LIST_FOREACH(policy, po, policy) - policy_cnt++; - - if (world_policy >= 0) - policy_cnt++; - - size = offsetof(struct kdbus_cmd_hello, items) + - ALIGN8(offsetof(struct kdbus_item, str) + strlen(name) + 1) + - policy_cnt * ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access)); - - hello = alloca0_align(size, 8); - - n = hello->items; - strcpy(n->str, name); - n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1; - n->type = KDBUS_ITEM_NAME; - n = KDBUS_ITEM_NEXT(n); - - LIST_FOREACH(policy, po, policy) { - n->type = KDBUS_ITEM_POLICY_ACCESS; - n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access); - - r = bus_kernel_translate_policy(po, n); - if (r < 0) - return r; - - n = KDBUS_ITEM_NEXT(n); - } - - if (world_policy >= 0) { - n->type = KDBUS_ITEM_POLICY_ACCESS; - n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access); - n->policy_access.type = KDBUS_POLICY_ACCESS_WORLD; - n->policy_access.access = bus_kernel_translate_access(world_policy); - } - - hello->size = size; - hello->flags = - (activating ? KDBUS_HELLO_ACTIVATOR : KDBUS_HELLO_POLICY_HOLDER) | - (accept_fd ? KDBUS_HELLO_ACCEPT_FD : 0); - hello->pool_size = KDBUS_POOL_SIZE; - hello->attach_flags_send = _KDBUS_ATTACH_ANY; - hello->attach_flags_recv = _KDBUS_ATTACH_ANY; - - if (ioctl(fd, KDBUS_CMD_HELLO, hello) < 0) - return -errno; - - /* not interested in any output values */ - cmd_free.offset = hello->offset; - (void) ioctl(fd, KDBUS_CMD_FREE, &cmd_free); - - /* The higher 32bit of the bus_flags fields are considered - * 'incompatible flags'. Refuse them all for now. */ - if (hello->bus_flags > 0xFFFFFFFFULL) - return -ENOTSUP; - - return fd; -} - int bus_kernel_try_close(sd_bus *bus) { assert(bus); assert(bus->is_kernel); diff --git a/src/libsystemd/sd-bus/bus-kernel.h b/src/libsystemd/sd-bus/bus-kernel.h index 2152f62d12..7b1e9ef981 100644 --- a/src/libsystemd/sd-bus/bus-kernel.h +++ b/src/libsystemd/sd-bus/bus-kernel.h @@ -23,8 +23,6 @@ #include <stdbool.h> -#include "busname.h" -#include "bus-endpoint.h" #include "sd-bus.h" #define KDBUS_ITEM_NEXT(item) \ @@ -67,13 +65,10 @@ int bus_kernel_write_message(sd_bus *bus, sd_bus_message *m, bool hint_sync_call int bus_kernel_read_message(sd_bus *bus, bool hint_priority, int64_t priority); int bus_kernel_open_bus_fd(const char *bus, char **path); -int bus_kernel_make_starter(int fd, const char *name, bool activating, bool accept_fd, BusNamePolicy *policy, BusPolicyAccess world_policy); int bus_kernel_create_bus(const char *name, bool world, char **s); int bus_kernel_create_endpoint(const char *bus_name, const char *ep_name, char **path); -int bus_kernel_set_endpoint_policy(int fd, uid_t uid, BusEndpoint *ep); - int bus_kernel_pop_memfd(sd_bus *bus, void **address, size_t *mapped, size_t *allocated); void bus_kernel_push_memfd(sd_bus *bus, int fd, void *address, size_t mapped, size_t allocated); diff --git a/src/libsystemd/sd-bus/busctl.c b/src/libsystemd/sd-bus/busctl.c index dd6ae865b6..3233c1b29b 100644 --- a/src/libsystemd/sd-bus/busctl.c +++ b/src/libsystemd/sd-bus/busctl.c @@ -28,6 +28,7 @@ #include "pager.h" #include "xml.h" #include "path-util.h" +#include "set.h" #include "sd-bus.h" #include "bus-message.h" diff --git a/src/test/test-tables.c b/src/test/test-tables.c index 97d5609adf..bda224bec6 100644 --- a/src/test/test-tables.c +++ b/src/test/test-tables.c @@ -46,7 +46,8 @@ #include "util.h" #include "architecture.h" #include "link-config.h" -#include "bus-policy.h" +#include "bus-xml-policy.h" +#include "busname.h" #include "journald-server.h" #include "locale-util.h" |