+ /* First check if we (the sender) can send to this name */
+ if (strv_isempty(destination_names)) {
+ if (policy_check_send(policy, our_ucred->uid, our_ucred->gid, m->header->type, NULL, m->path, m->interface, m->member, true))
+ granted = true;
+ } else {
+ char **n;
+
+ STRV_FOREACH(n, destination_names) {
+ if (policy_check_send(policy, our_ucred->uid, our_ucred->gid, m->header->type, *n, m->path, m->interface, m->member, true)) {
+
+ /* If we made a receiver decision,
+ then remember which name's policy
+ we used, and to which unique ID it
+ mapped when we made the
+ decision. Then, let's pass this to
+ the kernel when sending the
+ message, so that it refuses the
+ operation should the name and
+ unique ID not map to each other
+ anymore. */
+
+ r = free_and_strdup(&m->destination_ptr, *n);
+ if (r < 0)
+ return r;
+
+ r = bus_kernel_parse_unique_name(destination_unique, &m->verify_destination_id);
+ if (r < 0)
+ break;
+
+ granted = true;
+ break;
+ }
+ }
+ }
+
+ /* Then check if the recipient can receive from our name */
+ if (granted) {
+ if (sd_bus_message_is_signal(m, NULL, NULL)) {
+ /* If we forward a signal from dbus-1 to kdbus,
+ * we have no idea who the recipient is.
+ * Therefore, we cannot apply any dbus-1
+ * receiver policies that match on receiver
+ * credentials. We know sd-bus always sets
+ * KDBUS_MSG_SIGNAL, so the kernel applies
+ * receiver policies to the message. Therefore,
+ * skip policy checks in this case. */
+ return 0;
+ } else if (set_isempty(owned_names)) {
+ if (policy_check_recv(policy, destination_uid, destination_gid, m->header->type, NULL, m->path, m->interface, m->member, true))
+ return 0;
+ } else {
+ Iterator i;
+ char *n;
+
+ SET_FOREACH(n, owned_names, i)
+ if (policy_check_recv(policy, destination_uid, destination_gid, m->header->type, n, m->path, m->interface, m->member, true))
+ return 0;
+ }
+ }
+
+ /* Return an error back to the caller */
+ if (m->header->type == SD_BUS_MESSAGE_METHOD_CALL)
+ return synthetic_reply_method_errorf(m, SD_BUS_ERROR_ACCESS_DENIED, "Access prohibited by XML sender policy.");
+
+ /* Return 1, indicating that the message shall not be processed any further */
+ return 1;