summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/basic/macro.h11
-rw-r--r--src/libsystemd/sd-bus/bus-error.c8
-rw-r--r--src/libsystemd/sd-bus/bus-internal.h1
-rw-r--r--src/libsystemd/sd-bus/bus-match.c37
-rw-r--r--src/libsystemd/sd-bus/bus-match.h8
-rw-r--r--src/libsystemd/sd-bus/bus-slot.c2
-rw-r--r--src/libsystemd/sd-bus/sd-bus.c37
-rw-r--r--src/libsystemd/sd-bus/test-bus-match.c16
-rw-r--r--src/libsystemd/sd-event/sd-event.c15
-rw-r--r--src/nspawn/nspawn.c3
-rw-r--r--src/udev/udevd.c6
11 files changed, 110 insertions, 34 deletions
diff --git a/src/basic/macro.h b/src/basic/macro.h
index cc1c9e73c0..5fa17ed208 100644
--- a/src/basic/macro.h
+++ b/src/basic/macro.h
@@ -248,18 +248,19 @@ static inline unsigned long ALIGN_POWER2(unsigned long u) {
REENABLE_WARNING
#endif
+#define assert_log(expr) ((_likely_(expr)) \
+ ? (true) \
+ : (log_assert_failed_return(#expr, __FILE__, __LINE__, __PRETTY_FUNCTION__), false))
+
#define assert_return(expr, r) \
do { \
- if (_unlikely_(!(expr))) { \
- log_assert_failed_return(#expr, __FILE__, __LINE__, __PRETTY_FUNCTION__); \
+ if (!assert_log(expr)) \
return (r); \
- } \
} while (false)
#define assert_return_errno(expr, r, err) \
do { \
- if (_unlikely_(!(expr))) { \
- log_assert_failed_return(#expr, __FILE__, __LINE__, __PRETTY_FUNCTION__); \
+ if (!assert_log(expr)) { \
errno = err; \
return (r); \
} \
diff --git a/src/libsystemd/sd-bus/bus-error.c b/src/libsystemd/sd-bus/bus-error.c
index dac157be16..64a5a972ae 100644
--- a/src/libsystemd/sd-bus/bus-error.c
+++ b/src/libsystemd/sd-bus/bus-error.c
@@ -70,9 +70,11 @@ BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_standard_errors[] = {
SD_BUS_ERROR_MAP_END
};
-/* GCC maps this magically to the beginning and end of the BUS_ERROR_MAP section */
-extern const sd_bus_error_map __start_BUS_ERROR_MAP[];
-extern const sd_bus_error_map __stop_BUS_ERROR_MAP[];
+/* GCC maps this magically to the beginning and end of the BUS_ERROR_MAP section.
+ * Hide them; for currently unknown reasons they get exported to the shared libries
+ * even without being listed in the sym file. */
+extern const sd_bus_error_map __start_BUS_ERROR_MAP[] _hidden_;
+extern const sd_bus_error_map __stop_BUS_ERROR_MAP[] _hidden_;
/* Additional maps registered with sd_bus_error_add_map() are in this
* NULL terminated array */
diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h
index 88c058889a..c3e20ee1bf 100644
--- a/src/libsystemd/sd-bus/bus-internal.h
+++ b/src/libsystemd/sd-bus/bus-internal.h
@@ -141,6 +141,7 @@ struct sd_bus_slot {
void *userdata;
BusSlotType type:5;
bool floating:1;
+ bool match_added:1;
char *description;
LIST_FIELDS(sd_bus_slot, slots);
diff --git a/src/libsystemd/sd-bus/bus-match.c b/src/libsystemd/sd-bus/bus-match.c
index 7c5264fad4..132b37526e 100644
--- a/src/libsystemd/sd-bus/bus-match.c
+++ b/src/libsystemd/sd-bus/bus-match.c
@@ -1149,3 +1149,40 @@ void bus_match_dump(struct bus_match_node *node, unsigned level) {
for (c = node->child; c; c = c->next)
bus_match_dump(c, level + 1);
}
+
+enum bus_match_scope bus_match_get_scope(const struct bus_match_component *components, unsigned n_components) {
+ bool found_driver = false;
+ unsigned i;
+
+ if (n_components <= 0)
+ return BUS_MATCH_GENERIC;
+
+ assert(components);
+
+ /* Checks whether the specified match can only match the
+ * pseudo-service for local messages, which we detect by
+ * sender, interface or path. If a match is not restricted to
+ * local messages, then we check if it only matches on the
+ * driver. */
+
+ for (i = 0; i < n_components; i++) {
+ const struct bus_match_component *c = components + i;
+
+ if (c->type == BUS_MATCH_SENDER) {
+ if (streq_ptr(c->value_str, "org.freedesktop.DBus.Local"))
+ return BUS_MATCH_LOCAL;
+
+ if (streq_ptr(c->value_str, "org.freedesktop.DBus"))
+ found_driver = true;
+ }
+
+ if (c->type == BUS_MATCH_INTERFACE && streq_ptr(c->value_str, "org.freedesktop.DBus.Local"))
+ return BUS_MATCH_LOCAL;
+
+ if (c->type == BUS_MATCH_PATH && streq_ptr(c->value_str, "/org/freedesktop/DBus/Local"))
+ return BUS_MATCH_LOCAL;
+ }
+
+ return found_driver ? BUS_MATCH_DRIVER : BUS_MATCH_GENERIC;
+
+}
diff --git a/src/libsystemd/sd-bus/bus-match.h b/src/libsystemd/sd-bus/bus-match.h
index af5f65d073..56516be9fa 100644
--- a/src/libsystemd/sd-bus/bus-match.h
+++ b/src/libsystemd/sd-bus/bus-match.h
@@ -73,6 +73,12 @@ struct bus_match_component {
char *value_str;
};
+enum bus_match_scope {
+ BUS_MATCH_GENERIC,
+ BUS_MATCH_LOCAL,
+ BUS_MATCH_DRIVER,
+};
+
int bus_match_run(sd_bus *bus, struct bus_match_node *root, sd_bus_message *m);
int bus_match_add(struct bus_match_node *root, struct bus_match_component *components, unsigned n_components, struct match_callback *callback);
@@ -90,3 +96,5 @@ enum bus_match_node_type bus_match_node_type_from_string(const char *k, size_t n
int bus_match_parse(const char *match, struct bus_match_component **_components, unsigned *_n_components);
void bus_match_parse_free(struct bus_match_component *components, unsigned n_components);
char *bus_match_to_string(struct bus_match_component *components, unsigned n_components);
+
+enum bus_match_scope bus_match_get_scope(const struct bus_match_component *components, unsigned n_components);
diff --git a/src/libsystemd/sd-bus/bus-slot.c b/src/libsystemd/sd-bus/bus-slot.c
index 8060e9882c..c452477566 100644
--- a/src/libsystemd/sd-bus/bus-slot.c
+++ b/src/libsystemd/sd-bus/bus-slot.c
@@ -89,7 +89,7 @@ void bus_slot_disconnect(sd_bus_slot *slot) {
case BUS_MATCH_CALLBACK:
- if (slot->bus->bus_client)
+ if (slot->match_added)
bus_remove_match_internal(slot->bus, slot->match_callback.match_string, slot->match_callback.cookie);
slot->bus->match_callbacks_modified = true;
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index 2805b29839..0881b4779a 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -2952,22 +2952,35 @@ _public_ int sd_bus_add_match(
s->match_callback.cookie = ++bus->match_cookie;
if (bus->bus_client) {
+ enum bus_match_scope scope;
- if (!bus->is_kernel) {
- /* When this is not a kernel transport, we
- * store the original match string, so that we
- * can use it to remove the match again */
+ scope = bus_match_get_scope(components, n_components);
- s->match_callback.match_string = strdup(match);
- if (!s->match_callback.match_string) {
- r = -ENOMEM;
- goto finish;
+ /* Do not install server-side matches for matches
+ * against the local service, interface or bus
+ * path. Also, when on kdbus don't install driver
+ * matches server side. */
+ if (scope == BUS_MATCH_GENERIC ||
+ (!bus->is_kernel && scope == BUS_MATCH_DRIVER)) {
+
+ if (!bus->is_kernel) {
+ /* When this is not a kernel transport, we
+ * store the original match string, so that we
+ * can use it to remove the match again */
+
+ s->match_callback.match_string = strdup(match);
+ if (!s->match_callback.match_string) {
+ r = -ENOMEM;
+ goto finish;
+ }
}
- }
- r = bus_add_match_internal(bus, s->match_callback.match_string, components, n_components, s->match_callback.cookie);
- if (r < 0)
- goto finish;
+ r = bus_add_match_internal(bus, s->match_callback.match_string, components, n_components, s->match_callback.cookie);
+ if (r < 0)
+ goto finish;
+
+ s->match_added = true;
+ }
}
bus->match_callbacks_modified = true;
diff --git a/src/libsystemd/sd-bus/test-bus-match.c b/src/libsystemd/sd-bus/test-bus-match.c
index 40c67046da..a1687b1c7b 100644
--- a/src/libsystemd/sd-bus/test-bus-match.c
+++ b/src/libsystemd/sd-bus/test-bus-match.c
@@ -77,6 +77,15 @@ static int match_add(sd_bus_slot *slots, struct bus_match_node *root, const char
return r;
}
+static void test_match_scope(const char *match, enum bus_match_scope scope) {
+ struct bus_match_component *components = NULL;
+ unsigned n_components = 0;
+
+ assert_se(bus_match_parse(match, &components, &n_components) >= 0);
+ assert_se(bus_match_get_scope(components, n_components) == scope);
+ bus_match_parse_free(components, n_components);
+}
+
int main(int argc, char *argv[]) {
struct bus_match_node root = {
.type = BUS_MATCH_ROOT,
@@ -142,5 +151,12 @@ int main(int argc, char *argv[]) {
bus_match_free(&root);
+ test_match_scope("interface='foobar'", BUS_MATCH_GENERIC);
+ test_match_scope("", BUS_MATCH_GENERIC);
+ test_match_scope("interface='org.freedesktop.DBus.Local'", BUS_MATCH_LOCAL);
+ test_match_scope("sender='org.freedesktop.DBus.Local'", BUS_MATCH_LOCAL);
+ test_match_scope("member='gurke',path='/org/freedesktop/DBus/Local'", BUS_MATCH_LOCAL);
+ test_match_scope("arg2='piep',sender='org.freedesktop.DBus',member='waldo'", BUS_MATCH_DRIVER);
+
return 0;
}
diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c
index 00880c983b..76964aa0cc 100644
--- a/src/libsystemd/sd-event/sd-event.c
+++ b/src/libsystemd/sd-event/sd-event.c
@@ -468,24 +468,22 @@ static bool event_pid_changed(sd_event *e) {
return e->original_pid != getpid();
}
-static int source_io_unregister(sd_event_source *s) {
+static void source_io_unregister(sd_event_source *s) {
int r;
assert(s);
assert(s->type == SOURCE_IO);
if (event_pid_changed(s->event))
- return 0;
+ return;
if (!s->io.registered)
- return 0;
+ return;
r = epoll_ctl(s->event->epoll_fd, EPOLL_CTL_DEL, s->io.fd, NULL);
- if (r < 0)
- return -errno;
+ assert_log(r >= 0);
s->io.registered = false;
- return 0;
}
static int source_io_register(
@@ -1457,10 +1455,7 @@ _public_ int sd_event_source_set_enabled(sd_event_source *s, int m) {
switch (s->type) {
case SOURCE_IO:
- r = source_io_unregister(s);
- if (r < 0)
- return r;
-
+ source_io_unregister(s);
s->enabled = m;
break;
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index eea994d0b3..3c31629d1e 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1013,6 +1013,9 @@ static int parse_argv(int argc, char *argv[]) {
return -EINVAL;
}
+ if (arg_userns && access("/proc/self/uid_map", F_OK) < 0)
+ return log_error_errno(EOPNOTSUPP, "--private-users= is not supported, kernel compiled without user namespace support.");
+
arg_retain = (arg_retain | plus | (arg_private_network ? 1ULL << CAP_NET_ADMIN : 0)) & ~minus;
if (arg_boot && arg_kill_signal <= 0)
diff --git a/src/udev/udevd.c b/src/udev/udevd.c
index d3797bb5e6..5ce11606c9 100644
--- a/src/udev/udevd.c
+++ b/src/udev/udevd.c
@@ -735,14 +735,14 @@ static void manager_exit(Manager *manager) {
"STATUS=Starting shutdown...");
/* close sources of new events and discard buffered events */
- manager->ctrl = udev_ctrl_unref(manager->ctrl);
manager->ctrl_event = sd_event_source_unref(manager->ctrl_event);
+ manager->ctrl = udev_ctrl_unref(manager->ctrl);
- manager->fd_inotify = safe_close(manager->fd_inotify);
manager->inotify_event = sd_event_source_unref(manager->inotify_event);
+ manager->fd_inotify = safe_close(manager->fd_inotify);
- manager->monitor = udev_monitor_unref(manager->monitor);
manager->uevent_event = sd_event_source_unref(manager->uevent_event);
+ manager->monitor = udev_monitor_unref(manager->monitor);
/* discard queued events and kill workers */
event_queue_cleanup(manager, EVENT_QUEUED);
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-11-11 08:59:52 +0000