+static int process_policy(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *policy, const struct ucred *ucred) {
+ int r;
+ char **name;
+ char **names_strv;
+ bool granted = false;
+ Iterator i;
+
+ assert(a);
+ assert(b);
+ assert(m);
+
+ if (!policy)
+ return 0;
+
+ if (b->is_kernel) {
+
+ /* The message came from the kernel, and is sent to our legacy client. */
+ r = sd_bus_creds_get_well_known_names(&m->creds, &names_strv);
+ if (r < 0)
+ return r;
+
+ STRV_FOREACH(name, names_strv) {
+ if (policy_check_send(policy, ucred, m->header->type, *name, m->path, m->interface, m->member)) {
+ r = free_and_strdup(&m->destination_ptr, *name);
+ if (r < 0)
+ break;
+
+ granted = true;
+ break;
+ }
+ }
+
+ if (r < 0)
+ return r;
+
+ if (!granted)
+ return -EPERM;
+
+ granted = false;
+
+ HASHMAP_FOREACH(name, names_hash, i) {
+ if (policy_check_recv(policy, ucred, m->header->type, *name, m->path, m->interface, m->member))
+ return 0;
+ }
+
+ return -EPERM;
+ } else {
+ sd_bus_creds *bus_creds;
+
+ /* The message came from the legacy client, and is sent to kdbus. */
+ r = sd_bus_get_name_creds(a, m->destination, SD_BUS_CREDS_WELL_KNOWN_NAMES, &bus_creds);
+ if (r < 0)
+ return r;
+
+ STRV_FOREACH(name, names_strv) {
+ if (policy_check_send(policy, ucred, m->header->type, *name, m->path, m->interface, m->member)) {
+ r = free_and_strdup(&m->destination_ptr, *name);
+ if (r < 0)
+ break;
+
+ r = bus_kernel_parse_unique_name(m->sender, &m->verify_destination_id);
+ if (r < 0)
+ break;
+
+ granted = true;
+ break;
+ }
+ }
+
+ if (r < 0)
+ return r;
+
+ if (!granted)
+ return -EPERM;
+
+ granted = false;
+
+ HASHMAP_FOREACH(name, names_hash, i) {
+ if (policy_check_recv(policy, ucred, m->header->type, *name, m->path, m->interface, m->member))
+ return 0;
+ }
+
+ return -EPERM;
+ }
+
+ return 0;
+}
+
+static int process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *policy, const struct ucred *ucred) {