Age | Commit message (Collapse) | Author |
|
string-util.[ch]
There are more than enough calls doing string manipulations to deserve
its own files, hence do something about it.
This patch also sorts the #include blocks of all files that needed to be
updated, according to the sorting suggestions from CODING_STYLE. Since
pretty much every file needs our string manipulation functions this
effectively means that most files have sorted #include blocks now.
Also touches a few unrelated include files.
|
|
This replaces this:
free(p);
p = NULL;
by this:
p = mfree(p);
Change generated using coccinelle. Semantic patch is added to the
sources.
|
|
Various networkd and dhcp updates
|
|
This reverts commit d4d00020d6ad855d65d31020fefa5003e1bb477f. The idea of
the commit is broken and needs to be reworked. We really cannot reduce
the bus-addresses to a single address. We always will have systemd with
native clients and legacy clients at the same time, so we also need both
addresses at the same time.
|
|
It's an OK way to check whether a message contains an erro, let's not
consider this a loggable assertion event.
|
|
Previously, sd-bus inofficially already supported bus matches that
tested a string against an array of strings ("as"). This was done via an
enhanced way to interpret "arg0=" matches. This is problematic however,
since clients have no way to determine if their respective
implementation understood strv matches or not, thus allowing invalid
matches to be installed without a way to detect that.
This patch changes the logic to only allow such matches with a new
"arg0has=" syntax. This has the benefit that non-conforming
implementations will return a parse error and a client application may
thus efficiently detect support for the match type.
Matches of this type are useful for "udev"-like systems that "tag" objects
with a number of strings, and clients need to be able to match against
any of these "tags".
The name "has" takes inspiration from Python's ".has_key()" construct.
|
|
Delete unnecessary checks before some function calls
|
|
tree-wide: generate EBADF when we get invalid fds
|
|
The function "mfree" should be called instead of "free" at a specific
source code place.
|
|
This is a follow-up to #907, and makes the same change for all our other
public APIs.
|
|
We should not fall back to dbus-1 and connect to the proxy when kdbus
returns an error that indicates that kdbus is running but just does not
accept new connections because of quota limits or something similar.
Using is_kdbus_available() in libsystemd/ requires it to move from
shared/ to libsystemd/.
Based on a patch from David Herrmann:
https://github.com/systemd/systemd/pull/886
|
|
bus can never be NULL due to assert
|
|
The gvariant root container contains a 'variant' at the end, which embeds
the whole message body. This variant *must* contain a structure so we are
compatible to dbus1. Otherwise, it could encode at most 1 type, instead
of a full signature.
Our gvariant message parser already parses the variant-content as a
structure, so we're mostly good. However, it does *not* include the
opening and closing parantheses, nor does it parse them.
This patch fixes the decoder to verify a message contains the
parantheses, and also make the encoder add those parantheses into the
marshaled message.
|
|
The unary type has a fixed size of 1 in gvariant. Make sure we properly
encode it as such. Right now, we encode/decode it as empty sequence.
|
|
If c->item_size is 0, the next item to parse in a structure is empty.
However, this also implies that the signature must be empty. The latter
case is already handled just fine by enter_struct_or_dict_entry() so
there is no reason to handle the same case in the caller.
|
|
Right now sd_bus_message_skip() will abort execution if passed a
signature of the unary type "()". Regardless whether this should be
supported or not, we really must not abort. Drop the incorrect assertion
and add a test-case for this.
|
|
In gvariant, all fixed-size objects need to be sized a multiple of their
alignment. If a structure has only fixed-size members, it is required to
be fixed size itself. If you imagine a structure like (ty), you have an
8-byte member followed by an 1-byte member. Hence, the overall inner-size
is 9. The alignment of the object is 8, though. Therefore, the specs
mandates final padding after fixed-size structures, to make sure it's
sized a multiple of its alignment (=> 16).
On the gvariant decoder side, we already account for this in
bus_gvariant_get_size(), as we apply overall padding to the size of the
structure. Therefore, our decoder correctly skips such final padding when
parsing fixed-size structure.
On the gvariant encoder side, however, we don't account for this final
padding. This patch fixes the structure and dict-entry encoders to
properly place such padding at the end of non-uniform fixed-size
structures.
The problem can be easily seen by running:
$ busctl --user monitor
and
$ busctl call --user org.freedesktop.systemd1 / org.foobar foobar "(ty)" 777 8
The monitor will fail to parse the message and print an error. With this
patch applied, everything works fine again.
This patch also adds a bunch of test-cases to force non-uniform
structures with non-pre-aligned positions.
Thanks to Jan Alexander Steffens <jan.steffens@gmail.com> for spotting
this and narrowing it down to non-uniform gvariant structures. Fixes #597.
|
|
|
|
use it anymore
|
|
Avoid unbound for(;;) loop and use the established coding-style:
while ((r = sd_bus_message_read*(...)) > 0) {
}
if (r < 0)
return r;
This is much easier to read and used all over the code base.
|
|
CID #1237548.
|
|
Replace ENOTSUP by EOPNOTSUPP as this is what linux actually uses.
|
|
This assignment is already done in the parent context, no need to do it
again.
|
|
CID #1271349.
|
|
This patch removes includes that are not used. The removals were found with
include-what-you-use which checks if any of the symbols from a header is
in use.
|
|
"allow-interactive-authentication" message flag
Most of our client tools want to set this bit for all their method
calls, even though it defaults to off in sd-bus, and rightfully so.
Hence, to simplify thing, introduce a per sd_bus-object flag that sets
the default value for all messages created on the connection.
|
|
and 32bit on dbus1
|
|
their entirety as gvariant objects""
This reverts commit 954871d8ba15911d014f76ed2c7a9492953cf39d.
|
|
|
|
entirety as gvariant objects"
This breaks booting with kdbus.
This reverts commit b381de4197157748ed96e469fcc372c23f842ae1.
|
|
as gvariant objects
Previously, we only minimally altered the dbus1 framing for kdbus, and
while the header and its fields where compliant Gvariant objects, and so
was the body, the entire message together was not.
As result of discussions with Ryan Lortie this is now changed, so that
the messages in there entirely are fully compliant GVariants. This
follows the framing description described here:
https://wiki.gnome.org/Projects/GLib/GDBus/Version2
Note that this change changes the framing of *all* messages sent via
kdbus, this means you have to reboot your kdbus system, after compiling
and installing this new version.
|
|
|
|
We really need to use va_arg() with the right type here as uint64_t and
double might have the same size, but are passed differently as
arguments.
|
|
Whenever a process performs an action on an object, the kernel uses the
EUID of the process to do permission checks and to apply on any newly
created objects. The UID of a process is only used if someone *ELSE* acts
on the process. That is, the UID of a process defines who owns the
process, the EUID defines what privileges are used by this process when
performing an action.
Process limits, on the other hand, are always applied to the real UID, not
the effective UID. This is, because a process has a user object linked,
which always corresponds to its UID. A process never has a user object
linked for its EUID. Thus, accounting (and limits) is always done on the
real UID.
This commit fixes all sd-bus users to use the EUID when performing
privilege checks and alike. Furthermore, it fixes unix-creds to be parsed
as EUID, not UID (as the kernel always takes the EUID on UDS). Anyone
using UID (eg., to do user-accounting) has to fall back to the EUID as UDS
does not transmit the UID.
|
|
|
|
Changes:
* bloom parameters are returned in an offset via HELLO
* FREE now takes items just like any other ioctl
|
|
|
|
Make sure the whole cmd_free object is zeroed before passing it into the
kernel. This makes valgrind happy and makes us future proof.
|
|
We must restore part->mmap_begin when poping memfds from the memfd-cache.
We rely on the memfds to be unsealed, so we can be sure that we own the
whole FD. Therefore, simply set part->mmap_begin to the same as
part->data.
This fixes test-bus-kernel-benchmark.
|
|
|
|
kdbus-git gained two new features:
* memfd offsets: This allows to specify a 'start' offset in kdbus_memfd
so you can send partial memfd hunks instead of always
the full memfd
* KDBUS_HELLO_UNPRIVILEGED: If passed during HELLO, the client will be
treated as unprivileged.
|
|
|
|
|
|
|
|
skip a single element of any type
|
|
|
|
|
|
constructing message
|
|
any body
|
|
kdbus learned to accept both a numerical destination ID as well as a
well-known-name. In that case, kdbus makes sure that the numerical ID is in
fact the owner of the provided name and fails otherwise.
This allows for race-free assertion of a bus name owner while sending a
message, which is a requirement for bus-proxyd.
Add two new fields to sd_bus_message, and set the numerical ID to
verify_destination_id if bus_message_setup_kmsg() is called for a
message with a well-known name.
Also, set the destination's name in the kdbus item to .destination_ptr
if it is non-NULL.
Normal users should not touch these fields, and they're not publicy
accessible.
|