summaryrefslogtreecommitdiff
path: root/src/bus-proxyd
diff options
context:
space:
mode:
Diffstat (limited to 'src/bus-proxyd')
-rw-r--r--src/bus-proxyd/bus-proxyd.c28
-rw-r--r--src/bus-proxyd/bus-xml-policy.c6
-rw-r--r--src/bus-proxyd/driver.c113
-rw-r--r--src/bus-proxyd/proxy.c25
-rw-r--r--src/bus-proxyd/proxy.h13
-rw-r--r--src/bus-proxyd/stdio-bridge.c20
-rw-r--r--src/bus-proxyd/synthesize.c19
7 files changed, 146 insertions, 78 deletions
diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c
index 3cc3b33ae7..2bc265d9b4 100644
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@@ -22,26 +22,26 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <sys/socket.h>
-#include <unistd.h>
-#include <string.h>
#include <errno.h>
-#include <sys/prctl.h>
-#include <stddef.h>
#include <getopt.h>
#include <pthread.h>
+#include <stddef.h>
+#include <string.h>
+#include <sys/prctl.h>
+#include <sys/socket.h>
+#include <unistd.h>
-#include "log.h"
-#include "util.h"
#include "sd-daemon.h"
+
#include "bus-internal.h"
-#include "build.h"
-#include "strv.h"
-#include "def.h"
-#include "capability.h"
#include "bus-xml-policy.h"
-#include "proxy.h"
+#include "capability.h"
+#include "def.h"
#include "formats-util.h"
+#include "log.h"
+#include "proxy.h"
+#include "strv.h"
+#include "util.h"
static char *arg_address = NULL;
static char **arg_configuration = NULL;
@@ -215,9 +215,7 @@ static int parse_argv(int argc, char *argv[]) {
return 0;
case ARG_VERSION:
- puts(PACKAGE_STRING);
- puts(SYSTEMD_FEATURES);
- return 0;
+ return version();
case ARG_ADDRESS:
r = free_and_strdup(&arg_address, optarg);
diff --git a/src/bus-proxyd/bus-xml-policy.c b/src/bus-proxyd/bus-xml-policy.c
index dab5acbcb4..9a3b451c56 100644
--- a/src/bus-proxyd/bus-xml-policy.c
+++ b/src/bus-proxyd/bus-xml-policy.c
@@ -586,10 +586,8 @@ static int file_load(Policy *p, const char *path) {
case POLICY_ITEM_SEND:
case POLICY_ITEM_RECV:
- if (streq(name, "*")) {
- free(name);
- name = NULL;
- }
+ if (streq(name, "*"))
+ name = mfree(name);
break;
diff --git a/src/bus-proxyd/driver.c b/src/bus-proxyd/driver.c
index 1cb5ea5008..fa4aee691a 100644
--- a/src/bus-proxyd/driver.c
+++ b/src/bus-proxyd/driver.c
@@ -35,6 +35,7 @@
#include "driver.h"
#include "proxy.h"
#include "synthesize.h"
+#include "env-util.h"
static int get_creds_by_name(sd_bus *bus, const char *name, uint64_t mask, sd_bus_creds **_creds, sd_bus_error *error) {
_cleanup_bus_creds_unref_ sd_bus_creds *c = NULL;
@@ -71,6 +72,27 @@ static int get_creds_by_message(sd_bus *bus, sd_bus_message *m, uint64_t mask, s
return get_creds_by_name(bus, name, mask, _creds, error);
}
+static int driver_activation(sd_bus_message *reply, void *userdata, sd_bus_error *error) {
+ _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
+ ProxyActivation *activation = userdata;
+
+ /*
+ * The org.freedesktop.DBus.Peer.Ping() call returned. We don't care
+ * whether this succeeded, failed, was not implemented or timed out. We
+ * cannot assume that the target reacts to this properly. Hence, just
+ * send the reply to the activation request and be done.
+ */
+
+ m = activation->request; /* claim reference */
+
+ --activation->proxy->n_activations;
+ LIST_REMOVE(activations_by_proxy, activation->proxy->activations, activation);
+ sd_bus_slot_unref(activation->slot);
+ free(activation);
+
+ return synthetic_reply_method_return(m, "u", BUS_START_REPLY_SUCCESS);
+}
+
int bus_proxy_process_driver(Proxy *p, sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPolicy *sp, const struct ucred *ucred, Set *owned_names) {
int r;
@@ -441,27 +463,29 @@ int bus_proxy_process_driver(Proxy *p, sd_bus *a, sd_bus *b, sd_bus_message *m,
name_list = (struct kdbus_info *) ((uint8_t *) a->kdbus_buffer + cmd.offset);
KDBUS_FOREACH(name, name_list, cmd.list_size) {
- const char *entry_name = NULL;
struct kdbus_item *item;
char *n;
- KDBUS_ITEM_FOREACH(item, name, items)
- if (item->type == KDBUS_ITEM_OWNED_NAME)
- entry_name = item->name.name;
-
- if (!streq_ptr(entry_name, arg0))
- continue;
-
- if (asprintf(&n, ":1.%llu", (unsigned long long) name->id) < 0) {
- err = -ENOMEM;
- break;
+ KDBUS_ITEM_FOREACH(item, name, items) {
+ if (item->type == KDBUS_ITEM_OWNED_NAME) {
+ if (!streq_ptr(item->name.name, arg0))
+ continue;
+
+ if (asprintf(&n, ":1.%llu", (unsigned long long) name->id) < 0) {
+ err = -ENOMEM;
+ break;
+ }
+
+ r = strv_consume(&owners, n);
+ if (r < 0) {
+ err = r;
+ break;
+ }
+ }
}
- r = strv_consume(&owners, n);
- if (r < 0) {
- err = r;
+ if (err < 0)
break;
- }
}
r = bus_kernel_cmd_free(a, cmd.offset);
@@ -585,7 +609,9 @@ int bus_proxy_process_driver(Proxy *p, sd_bus *a, sd_bus *b, sd_bus_message *m,
} else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "StartServiceByName")) {
_cleanup_bus_message_unref_ sd_bus_message *msg = NULL;
+ ProxyActivation *activation;
const char *name;
+ uint64_t cookie;
uint32_t flags;
if (!sd_bus_message_has_signature(m, "su"))
@@ -604,21 +630,46 @@ int bus_proxy_process_driver(Proxy *p, sd_bus *a, sd_bus *b, sd_bus_message *m,
if (r != -ESRCH)
return synthetic_reply_method_errno(m, r, NULL);
- r = sd_bus_message_new_method_call(
- a,
- &msg,
- name,
- "/",
- "org.freedesktop.DBus.Peer",
- "Ping");
+ if (p->n_activations >= PROXY_ACTIVATIONS_MAX)
+ return synthetic_reply_method_errno(m, -EMFILE, NULL);
+
+ r = sd_bus_message_get_cookie(m, &cookie);
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+
+ r = sd_bus_message_new_method_call(a,
+ &msg,
+ name,
+ "/",
+ "org.freedesktop.DBus.Peer",
+ "Ping");
if (r < 0)
return synthetic_reply_method_errno(m, r, NULL);
- r = sd_bus_send(a, msg, NULL);
+ r = bus_message_seal(msg, cookie, BUS_DEFAULT_TIMEOUT);
if (r < 0)
return synthetic_reply_method_errno(m, r, NULL);
- return synthetic_reply_method_return(m, "u", BUS_START_REPLY_SUCCESS);
+ activation = new0(ProxyActivation, 1);
+ if (!activation)
+ return synthetic_reply_method_errno(m, -ENOMEM, NULL);
+
+ r = sd_bus_call_async(a,
+ &activation->slot,
+ msg,
+ driver_activation,
+ activation,
+ 0);
+ if (r < 0) {
+ free(activation);
+ return synthetic_reply_method_errno(m, r, NULL);
+ }
+
+ activation->proxy = p;
+ activation->request = sd_bus_message_ref(m);
+ LIST_PREPEND(activations_by_proxy, p->activations, activation);
+ ++p->n_activations;
+ return 1;
} else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "UpdateActivationEnvironment")) {
_cleanup_bus_message_unref_ sd_bus_message *msg = NULL;
@@ -644,9 +695,13 @@ int bus_proxy_process_driver(Proxy *p, sd_bus *a, sd_bus *b, sd_bus_message *m,
if (!s)
return synthetic_reply_method_errno(m, -ENOMEM, NULL);
- r = strv_extend(&args, s);
- if (r < 0)
- return synthetic_reply_method_errno(m, r, NULL);
+ if (!env_assignment_is_valid(s)) {
+ log_warning("UpdateActivationEnvironment() called with invalid assignment, discarding: %s", s);
+ } else {
+ r = strv_extend(&args, s);
+ if (r < 0)
+ return synthetic_reply_method_errno(m, r, NULL);
+ }
r = sd_bus_message_exit_container(m);
if (r < 0)
@@ -657,8 +712,8 @@ int bus_proxy_process_driver(Proxy *p, sd_bus *a, sd_bus *b, sd_bus_message *m,
if (r < 0)
return synthetic_reply_method_errno(m, r, NULL);
- if (!args)
- return synthetic_reply_method_errno(m, -EINVAL, NULL);
+ if (strv_isempty(args)) /* nothing to do? */
+ return synthetic_reply_method_return(m, NULL);
r = sd_bus_message_new_method_call(
a,
diff --git a/src/bus-proxyd/proxy.c b/src/bus-proxyd/proxy.c
index c37b09b9c0..88800f5e7f 100644
--- a/src/bus-proxyd/proxy.c
+++ b/src/bus-proxyd/proxy.c
@@ -261,9 +261,18 @@ int proxy_new(Proxy **out, int in_fd, int out_fd, const char *destination) {
}
Proxy *proxy_free(Proxy *p) {
+ ProxyActivation *activation;
+
if (!p)
return NULL;
+ while ((activation = p->activations)) {
+ LIST_REMOVE(activations_by_proxy, p->activations, activation);
+ sd_bus_message_unref(activation->request);
+ sd_bus_slot_unref(activation->slot);
+ free(activation);
+ }
+
sd_bus_flush_close_unref(p->local_bus);
sd_bus_flush_close_unref(p->destination_bus);
set_free_free(p->owned_names);
@@ -644,6 +653,10 @@ static int process_hello(Proxy *p, sd_bus_message *m) {
if (r < 0)
return log_error_errno(r, "Failed to append sender to NameAcquired message: %m");
+ r = sd_bus_message_set_destination(n, p->destination_bus->unique_name);
+ if (r < 0)
+ return log_error_errno(r, "Failed to set destination for NameAcquired message: %m");
+
r = bus_seal_synthetic_message(p->local_bus, n);
if (r < 0)
return log_error_errno(r, "Failed to seal NameAcquired message: %m");
@@ -757,19 +770,21 @@ static int proxy_process_destination_to_local(Proxy *p) {
return r;
/* If the peer tries to send a reply and it is
- * rejected with EPERM by the kernel, we ignore the
+ * rejected with EBADSLT by the kernel, we ignore the
* error. This catches cases where the original
* method-call didn't had EXPECT_REPLY set, but the
* proxy-peer still sends a reply. This is allowed in
* dbus1, but not in kdbus. We don't want to track
* reply-windows in the proxy, so we simply ignore
- * EPERM for all replies. The only downside is, that
+ * EBADSLT for all replies. The only downside is, that
* callers are no longer notified if their replies are
* dropped. However, this is equivalent to the
* caller's timeout to expire, so this should be
* acceptable. Nobody sane sends replies without a
* matching method-call, so nobody should care. */
- if (r == -EPERM && m->reply_cookie > 0)
+
+ /* FIXME: remove -EPERM when kdbus is updated */
+ if ((r == -EPERM || r == -EBADSLT) && m->reply_cookie > 0)
return 1;
/* Return the error to the client, if we can */
@@ -850,8 +865,8 @@ static int proxy_process_local_to_destination(Proxy *p) {
if (r == -EREMCHG)
continue;
- /* see above why EPERM is ignored for replies */
- if (r == -EPERM && m->reply_cookie > 0)
+ /* see above why EBADSLT is ignored for replies */
+ if ((r == -EPERM || r == -EBADSLT) && m->reply_cookie > 0)
return 1;
synthetic_reply_method_errnof(m, r, "Failed to forward message we got from local: %m");
diff --git a/src/bus-proxyd/proxy.h b/src/bus-proxyd/proxy.h
index ccb951c109..6aac650ac9 100644
--- a/src/bus-proxyd/proxy.h
+++ b/src/bus-proxyd/proxy.h
@@ -25,6 +25,9 @@
#include "bus-xml-policy.h"
typedef struct Proxy Proxy;
+typedef struct ProxyActivation ProxyActivation;
+
+#define PROXY_ACTIVATIONS_MAX (16) /* max parallel activation requests */
struct Proxy {
sd_bus *local_bus;
@@ -37,12 +40,22 @@ struct Proxy {
Set *owned_names;
SharedPolicy *policy;
+ LIST_HEAD(ProxyActivation, activations);
+ size_t n_activations;
+
bool got_hello : 1;
bool queue_overflow : 1;
bool message_matched : 1;
bool synthetic_matched : 1;
};
+struct ProxyActivation {
+ LIST_FIELDS(ProxyActivation, activations_by_proxy);
+ Proxy *proxy;
+ sd_bus_message *request;
+ sd_bus_slot *slot;
+};
+
int proxy_new(Proxy **out, int in_fd, int out_fd, const char *dest);
Proxy *proxy_free(Proxy *p);
diff --git a/src/bus-proxyd/stdio-bridge.c b/src/bus-proxyd/stdio-bridge.c
index f275f6705f..168fc9ead0 100644
--- a/src/bus-proxyd/stdio-bridge.c
+++ b/src/bus-proxyd/stdio-bridge.c
@@ -21,23 +21,23 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <unistd.h>
-#include <string.h>
#include <errno.h>
-#include <stddef.h>
#include <getopt.h>
+#include <stddef.h>
+#include <string.h>
+#include <unistd.h>
-#include "log.h"
-#include "util.h"
#include "sd-daemon.h"
#include "sd-bus.h"
+
#include "bus-internal.h"
#include "bus-util.h"
-#include "build.h"
-#include "strv.h"
#include "def.h"
-#include "proxy.h"
#include "formats-util.h"
+#include "log.h"
+#include "proxy.h"
+#include "strv.h"
+#include "util.h"
static char *arg_address = NULL;
static char *arg_command_line_buffer = NULL;
@@ -86,9 +86,7 @@ static int parse_argv(int argc, char *argv[]) {
return 0;
case ARG_VERSION:
- puts(PACKAGE_STRING);
- puts(SYSTEMD_FEATURES);
- return 0;
+ return version();
case ARG_ADDRESS: {
char *a;
diff --git a/src/bus-proxyd/synthesize.c b/src/bus-proxyd/synthesize.c
index 3ecedfd575..15d99103f6 100644
--- a/src/bus-proxyd/synthesize.c
+++ b/src/bus-proxyd/synthesize.c
@@ -214,22 +214,13 @@ int synthesize_name_acquired(Proxy *p, sd_bus *a, sd_bus *b, sd_bus_message *m)
if (r < 0)
return r;
- r = bus_seal_synthetic_message(b, n);
+ r = sd_bus_message_set_destination(n, a->unique_name);
if (r < 0)
return r;
- /*
- * Make sure to only forward NameLost/NameAcquired messages if they
- * match an installed MATCH rule of the local client. We really must
- * not send messages the client doesn't expect.
- */
-
- r = bus_match_run(b, &b->match_callbacks, n);
- if (r >= 0 && p->message_matched)
- r = sd_bus_send(b, n, NULL);
-
- p->message_matched = false;
- p->synthetic_matched = false;
+ r = bus_seal_synthetic_message(b, n);
+ if (r < 0)
+ return r;
- return r;
+ return sd_bus_send(b, n, NULL);
}
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2025-02-05 14:50:23 +0000