From 3ccb886283a1a98b549f44b6d33edeecc3768f1f Mon Sep 17 00:00:00 2001
From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Wed, 12 Oct 2016 05:12:11 -0400
Subject: Allow block and char classes in DeviceAllow bus properties (#4353)

Allowed paths are unified betwen the configuration file parses and the bus
property checker. The biggest change is that the bus code now allows "block-"
and "char-" classes. In addition, path_startswith("/dev") was used in the bus
code, and startswith("/dev") was used in the config file code. It seems
reasonable to use path_startswith() which allows a slightly broader class of
strings.

Fixes #3935.
---
 src/basic/path-util.c      | 11 ++++++++---
 src/basic/path-util.h      |  1 +
 src/core/load-fragment.c   |  4 +---
 src/shared/bus-unit-util.c |  2 +-
 4 files changed, 11 insertions(+), 7 deletions(-)

(limited to 'src')

diff --git a/src/basic/path-util.c b/src/basic/path-util.c
index c32e961af4..a76963aa9f 100644
--- a/src/basic/path-util.c
+++ b/src/basic/path-util.c
@@ -812,9 +812,14 @@ bool is_device_path(const char *path) {
         /* Returns true on paths that refer to a device, either in
          * sysfs or in /dev */
 
-        return
-                path_startswith(path, "/dev/") ||
-                path_startswith(path, "/sys/");
+        return path_startswith(path, "/dev/") ||
+               path_startswith(path, "/sys/");
+}
+
+bool is_deviceallow_pattern(const char *path) {
+        return path_startswith(path, "/dev/") ||
+               startswith(path, "block-") ||
+               startswith(path, "char-");
 }
 
 int systemd_installation_has_version(const char *root, unsigned minimal_version) {
diff --git a/src/basic/path-util.h b/src/basic/path-util.h
index 78472f0961..66545f52d9 100644
--- a/src/basic/path-util.h
+++ b/src/basic/path-util.h
@@ -125,5 +125,6 @@ char *file_in_same_dir(const char *path, const char *filename);
 bool hidden_or_backup_file(const char *filename) _pure_;
 
 bool is_device_path(const char *path);
+bool is_deviceallow_pattern(const char *path);
 
 int systemd_installation_has_version(const char *root, unsigned minimal_version);
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index 8f067b5586..06c156a623 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -3084,9 +3084,7 @@ int config_parse_device_allow(
         if (!path)
                 return log_oom();
 
-        if (!startswith(path, "/dev/") &&
-            !startswith(path, "block-") &&
-            !startswith(path, "char-")) {
+        if (!is_deviceallow_pattern(path)) {
                 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
                 return 0;
         }
diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
index c6bd2f145c..a550a370b5 100644
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
@@ -303,7 +303,7 @@ int bus_append_unit_property_assignment(sd_bus_message *m, const char *assignmen
                                 rwm = "";
                         }
 
-                        if (!path_startswith(path, "/dev")) {
+                        if (!is_deviceallow_pattern(path)) {
                                 log_error("%s is not a device file in /dev.", path);
                                 return -EINVAL;
                         }
-- 
cgit v1.2.3-54-g00ecf