From 8f44e3ea3e0821625e584938e54623e7fb381bb8 Mon Sep 17 00:00:00 2001 From: Daniel Mack Date: Wed, 22 Oct 2014 19:43:09 +0200 Subject: sd-bus: implement sd_bus_get_owner_creds() for kdbus kdbus learned a new ioctl to tell userspace about a bus creator's credentials, which is what we need to implement sd_bus_get_owner_creds() for kdbus. Move the function from sd-bus.c to bus-control.c to be able to reuse the bus_populate_creds_from_items() helper. --- src/libsystemd/sd-bus/bus-control.c | 66 +++++++++++++++++++++++++++++++++++++ src/libsystemd/sd-bus/sd-bus.c | 51 ---------------------------- 2 files changed, 66 insertions(+), 51 deletions(-) diff --git a/src/libsystemd/sd-bus/bus-control.c b/src/libsystemd/sd-bus/bus-control.c index 96f59f9b36..a84b060b4f 100644 --- a/src/libsystemd/sd-bus/bus-control.c +++ b/src/libsystemd/sd-bus/bus-control.c @@ -796,6 +796,72 @@ _public_ int sd_bus_get_name_creds( return bus_get_name_creds_dbus1(bus, name, mask, creds); } +_public_ int sd_bus_get_owner_creds(sd_bus *bus, uint64_t mask, sd_bus_creds **ret) { + _cleanup_bus_creds_unref_ sd_bus_creds *c = NULL; + pid_t pid = 0; + int r; + + assert_return(bus, -EINVAL); + assert_return(mask <= _SD_BUS_CREDS_ALL, -ENOTSUP); + assert_return(ret, -EINVAL); + assert_return(!bus_pid_changed(bus), -ECHILD); + + if (!BUS_IS_OPEN(bus->state)) + return -ENOTCONN; + + if (!bus->ucred_valid && !isempty(bus->label)) + return -ENODATA; + + c = bus_creds_new(); + if (!c) + return -ENOMEM; + + if (bus->ucred_valid) { + pid = c->pid = bus->ucred.pid; + c->uid = bus->ucred.uid; + c->gid = bus->ucred.gid; + + c->mask |= (SD_BUS_CREDS_UID | SD_BUS_CREDS_PID | SD_BUS_CREDS_GID) & mask; + } + + if (!isempty(bus->label) && (mask & SD_BUS_CREDS_SELINUX_CONTEXT)) { + c->label = strdup(bus->label); + if (!c->label) { + sd_bus_creds_unref(c); + return -ENOMEM; + } + + c->mask |= SD_BUS_CREDS_SELINUX_CONTEXT; + } + + if (bus->is_kernel) { + struct kdbus_cmd_info cmd = {}; + struct kdbus_info *creator_info; + + cmd.size = sizeof(cmd); + r = ioctl(bus->input_fd, KDBUS_CMD_BUS_CREATOR_INFO, &cmd); + if (r < 0) + return -errno; + + creator_info = (struct kdbus_info *) ((uint8_t *) bus->kdbus_buffer + cmd.offset); + + r = bus_populate_creds_from_items(bus, creator_info, mask, c); + kernel_cmd_free(bus, cmd.offset); + + if (r < 0) + return r; + } else { + r = bus_creds_add_more(c, mask, pid, 0); + if (r < 0) { + sd_bus_creds_unref(c); + return r; + } + } + + *ret = c; + return 0; +} + static int add_name_change_match(sd_bus *bus, uint64_t cookie, const char *name, diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c index 9ec15658df..f3796175cc 100644 --- a/src/libsystemd/sd-bus/sd-bus.c +++ b/src/libsystemd/sd-bus/sd-bus.c @@ -3300,57 +3300,6 @@ _public_ int sd_bus_path_decode(const char *path, const char *prefix, char **ext return 1; } -_public_ int sd_bus_get_owner_creds(sd_bus *bus, uint64_t mask, sd_bus_creds **ret) { - sd_bus_creds *c; - pid_t pid = 0; - int r; - - assert_return(bus, -EINVAL); - assert_return(mask <= _SD_BUS_CREDS_ALL, -ENOTSUP); - assert_return(ret, -EINVAL); - assert_return(!bus_pid_changed(bus), -ECHILD); - - if (bus->is_kernel) - return -ENOTSUP; - - if (!BUS_IS_OPEN(bus->state)) - return -ENOTCONN; - - if (!bus->ucred_valid && !isempty(bus->label)) - return -ENODATA; - - c = bus_creds_new(); - if (!c) - return -ENOMEM; - - if (bus->ucred_valid) { - pid = c->pid = bus->ucred.pid; - c->uid = bus->ucred.uid; - c->gid = bus->ucred.gid; - - c->mask |= (SD_BUS_CREDS_UID | SD_BUS_CREDS_PID | SD_BUS_CREDS_GID) & mask; - } - - if (!isempty(bus->label) && (mask & SD_BUS_CREDS_SELINUX_CONTEXT)) { - c->label = strdup(bus->label); - if (!c->label) { - sd_bus_creds_unref(c); - return -ENOMEM; - } - - c->mask |= SD_BUS_CREDS_SELINUX_CONTEXT; - } - - r = bus_creds_add_more(c, mask, pid, 0); - if (r < 0) { - sd_bus_creds_unref(c); - return r; - } - - *ret = c; - return 0; -} - _public_ int sd_bus_try_close(sd_bus *bus) { int r; -- cgit v1.2.3-54-g00ecf