| Age | Commit message (Collapse) | Author |
|---|
|
Also, make the call to free kdbus slices generic and use it everywhere
|
|
shouldn't confuse the empty list with unknown information
|
|
to us, no need to convert to uid_t manually
This way, we can save one allocation and avoid copying the array
unnecesarily.
|
|
|
|
This simplifies things a bit and makes sure we free any previously set
creds component before writing in a new one.
|
|
|
|
|
|
selinux context
|
|
KDBUS_ITEM_PIDS structure from KDBUS_ITEM_CREDS
Also:
- adds support for euid, suid, fsuid, egid, sgid, fsgid fields.
- makes augmentation of creds with data from /proc explicitly
controllable to give apps better control over this, given that this is
racy.
- enables augmentation for kdbus connections (previously we only did it
for dbus1). This is useful since with recent kdbus versions it is
possible for clients to control the metadata they want to send.
- changes sd_bus_query_sender_privilege() to take the euid of the client
into consideration, if known
- when we don't have permissions to read augmentation data from /proc,
don't fail, just don't add the data in
|
|
kdbus learned parsing the attach flags for the KDBUS_CMD_BUS_CREATOR_INFO
ioctl. Bits not set in this mask will not be exported. Set that field to
_KDBUS_ATTACH_ALL for now.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
kdbus recently renamed this concept, and so should we in what we expose
in userspace.
|
|
Catch up with some changes in kdbus.h:
* KDBUS_{ITEM,ATTACH}_CONN_NAME were renamed to
KDBUS_{ITEM,ATTACH}_CONN_DESCRIPTION, so the term 'name' is not
overloaded as much.
* The item types were re-ordered a little so they are lined up to the
order of the corresponding KDBUS_ATTACH flags
* A new item type KDBUS_ITEM_OWNED_NAME was introduced, designated to
store a struct kdbus_name in item->name. KDBUS_ITEM_NAME soley
stores data in item->str now
* Some kerneldoc fixes
|
|
Some comment fixes and header cleanups in kdbus.h, and the task capability
meta information has been factored out to its own struct.
|
|
sd_bus_get_owner_creds() was only halfly ported over to
_cleanup_bus_creds_unref_.
|
|
kdbus learned a new ioctl to tell userspace about a bus creator's
credentials, which is what we need to implement sd_bus_get_owner_creds() for
kdbus.
Move the function from sd-bus.c to bus-control.c to be able to reuse
the bus_populate_creds_from_items() helper.
|
|
sd_bus_get_peer_creds()
Clean up the function namespace by renaming the following:
sd_bus_get_owner_uid() → sd_bus_get_name_creds_uid()
sd_bus_get_owner_machine_id() → sd_bus_get_name_machine_id()
sd_bus_get_peer_creds() → sd_bus_get_owner_creds()
|
|
We will re-use the code to walk items in order to populate a creds object,
so let's factor it out first.
|
|
kdbus learned a new command to query a bus creator's credentials. Sync
kdbus.h first, which also renames some struct to more generic terms.
That is, however, not an ABI break this time.
|
|
In kdbus.h, the following details changed:
* All commands gained a 'kernel_flags' field to report the flags supported
by the driver. Before, this was done in the 'flags' field in a
bidirectional way, which turned out to be a problem for the code in
sd-bus, as many parts of it reuse the same ioctl struct more than once
and consider them to be owned by userspace.
* Name listings are now returned by a new struct instead of reusing struct
kdbus_cmd_name for that matter. This way, we don't add more unneeded
fields to it and make the API cleaner.
* 'conn_flags' was renamed to 'flags' in struct kdbus_cmd_hello to make
the API a bit more unified.
|
|
|
|
In kdbus.h, the 'features' field has been dropped again. Instead of
negotiating features that way, we decided to make the kernel return the
set of supported flags in each ioctl struct's .flags field, in both the
success and error cases.
|
|
Commit 710fc9779b7c (kdbus repo) introduced attaching items[]
instead of name[] in kdbus_cmd_conn_info struct. Commit 581fe6c81
(systemd repo) caught up with this change, but item size was not
properly calculated.
|
|
The KDBUS_CMD_FREE ioctl now uses a struct rather than a direct pointer
to the offset to free.
The KDBUS_CMD_MSG_CANCEL ioctl has also changes, but there's no user of
it yet in systemd.
|
|
struct kdbus_cmd_conn_info takes a list of items now instead of a string.
Fix the only user in SD of that ioctl.
|
|
Move the +1 calculus onto the definition of the variable, just to make
the code a little easier to read. No functional change.
|
|
Just a rename of two struct members to make the header file c++ compatible.
|
|
The kdbus logic name registry logic was changed to transport the actual
name to acquire, release or report in a kdbus item.
This brings the name API a little more in line with other calls, and allows
for later augmentation.
Follow that change on the systemd side.
|
|
All kdbus ioctl arguments must be 8byte aligned. Make sure we use
alloca_align() and _alignas_(8) in all situations where gcc doesn't
guarantee 8-byte alignment.
Note that objects on the stack are always 8byte aligned as we put
_alignas_(8) into the structure definition in kdbus.h.
|
|
On systems without properly setup systemd, cg_get_root_path returns
-ENOENT. This means that busctl doesn't display much information.
busctl monitor also fails whenever it intercepts messages.
This fix fakes creates a fake "/" root cgroup which lets busctl work
on such systems.
|
|
|
|
|
|
|
|
|
|
A terminated connection is a runtime error and not a developer mistake,
hence don't use assert_return() to check for it.
|
|
|
|
This mirrors set_consume and makes the common use a bit nicer.
|
|
first (or second)
Previously the returned object of constructor functions where sometimes
returned as last, sometimes as first and sometimes as second parameter.
Let's clean this up a bit. Here are the new rules:
1. The object the new object is derived from is put first, if there is any
2. The object we are creating will be returned in the next arguments
3. This is followed by any additional arguments
Rationale:
For functions that operate on an object we always put that object first.
Constructors should probably not be too different in this regard. Also,
if the additional parameters might want to use varargs which suggests to
put them last.
Note that this new scheme only applies to constructor functions, not to
all other functions. We do give a lot of freedom for those.
Note that this commit only changes the order of the new functions we
added, for old ones we accept the wrong order and leave it like that.
|
|
If -flto is used then gcc will generate a lot more warnings than before,
among them a number of use-without-initialization warnings. Most of them
without are false positives, but let's make them go away, because it
doesn't really matter.
|
|
sizes and numbers of hash functions
In order to make the bloom filter logic more future proof communicate
bloom filter parameters from the original bus creator to the clients,
and allow them to be variable within certain ranges.
|
|
|
|
flags non-inverted
|
|
|
|
We still only produce on .so, but let's keep the sources separate to make things a bit
less messy.
|
