SD_BUS_CREDS_INHERITABLE_CAPS | SD_BUS_CREDS_BOUNDING_CAPS) & mask;
if (m) {
- c->capability_size = item->size - KDBUS_ITEM_HEADER_SIZE;
- c->capability = memdup(item->data, c->capability_size);
+ c->capability_size = item->size - offsetof(struct kdbus_item, caps.caps);
+ c->capability = memdup(item->caps.caps, c->capability_size);
if (!c->capability)
return -ENOMEM;
return bus_get_name_creds_dbus1(bus, name, mask, creds);
}
+_public_ int sd_bus_get_owner_creds(sd_bus *bus, uint64_t mask, sd_bus_creds **ret) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *c = NULL;
+ pid_t pid = 0;
+ int r;
+
+ assert_return(bus, -EINVAL);
+ assert_return(mask <= _SD_BUS_CREDS_ALL, -ENOTSUP);
+ assert_return(ret, -EINVAL);
+ assert_return(!bus_pid_changed(bus), -ECHILD);
+
+ if (!BUS_IS_OPEN(bus->state))
+ return -ENOTCONN;
+
+ if (!bus->ucred_valid && !isempty(bus->label))
+ return -ENODATA;
+
+ c = bus_creds_new();
+ if (!c)
+ return -ENOMEM;
+
+ if (bus->ucred_valid) {
+ pid = c->pid = bus->ucred.pid;
+ c->uid = bus->ucred.uid;
+ c->gid = bus->ucred.gid;
+
+ c->mask |= (SD_BUS_CREDS_UID | SD_BUS_CREDS_PID | SD_BUS_CREDS_GID) & mask;
+ }
+
+ if (!isempty(bus->label) && (mask & SD_BUS_CREDS_SELINUX_CONTEXT)) {
+ c->label = strdup(bus->label);
+ if (!c->label)
+ return -ENOMEM;
+
+ c->mask |= SD_BUS_CREDS_SELINUX_CONTEXT;
+ }
+
+ if (bus->is_kernel) {
+ struct kdbus_cmd_info cmd = {};
+ struct kdbus_info *creator_info;
+
+ cmd.size = sizeof(cmd);
+ r = ioctl(bus->input_fd, KDBUS_CMD_BUS_CREATOR_INFO, &cmd);
+ if (r < 0)
+ return -errno;
+
+ creator_info = (struct kdbus_info *) ((uint8_t *) bus->kdbus_buffer + cmd.offset);
+
+ r = bus_populate_creds_from_items(bus, creator_info, mask, c);
+ kernel_cmd_free(bus, cmd.offset);
+
+ if (r < 0)
+ return r;
+ } else {
+ r = bus_creds_add_more(c, mask, pid, 0);
+ if (r < 0)
+ return r;
+ }
+
+ *ret = c;
+ c = NULL;
+ return 0;
+}
+
static int add_name_change_match(sd_bus *bus,
uint64_t cookie,
const char *name,
~ianmdlvl / elogind.git / blobdiff