cgroup: do not allow manipulating the cgroup path of units within the systemd:/system...

[elogind.git] / src / libsystemd-bus / bus-kernel.c

diff --git a/src/libsystemd-bus/bus-kernel.c b/src/libsystemd-bus/bus-kernel.c
index 086877eb8646f16442b359affb2a83848aca658d..61013ff3c4760adc8dcee21e2d4a689cc0977d54 100644 (file)
--- a/src/libsystemd-bus/bus-kernel.c
+++ b/src/libsystemd-bus/bus-kernel.c
@@ -24,6 +24,7 @@
 #endif
 
 #include <fcntl.h>
+#include <malloc.h>
 
 #include "util.h"
 
@@ -34,6 +35,7 @@
 
 #define KDBUS_ITEM_NEXT(item) \
         (typeof(item))(((uint8_t *)item) + ALIGN8((item)->size))
+
 #define KDBUS_ITEM_FOREACH(item, head)                                          \
         for (item = (head)->items;                                              \
              (uint8_t *)(item) < (uint8_t *)(head) + (head)->size;              \
@@ -64,7 +66,7 @@ static void append_payload_vec(struct kdbus_msg_item **d, const void *p, size_t
 
         (*d)->size = offsetof(struct kdbus_msg_item, vec) + sizeof(struct kdbus_vec);
         (*d)->type = KDBUS_MSG_PAYLOAD_VEC;
-        (*d)->vec.address = (uint64_t) p;
+        (*d)->vec.address = (intptr_t) p;
         (*d)->vec.size = sz;
 
         *d = (struct kdbus_msg_item *) ((uint8_t*) *d + (*d)->size);
@@ -99,6 +101,19 @@ static void* append_bloom(struct kdbus_msg_item **d, size_t length) {
         return r;
 }
 
+static void append_fds(struct kdbus_msg_item **d, const int fds[], unsigned n_fds) {
+        assert(d);
+        assert(fds);
+        assert(n_fds > 0);
+
+        *d = ALIGN8_PTR(*d);
+        (*d)->size = offsetof(struct kdbus_msg_item, fds) + sizeof(int) * n_fds;
+        (*d)->type = KDBUS_MSG_UNIX_FDS;
+        memcpy((*d)->fds, fds, sizeof(int) * n_fds);
+
+        *d = (struct kdbus_msg_item *) ((uint8_t*) *d + (*d)->size);
+}
+
 static int bus_message_setup_bloom(sd_bus_message *m, void *bloom) {
         unsigned i;
         int r;
@@ -199,7 +214,11 @@ static int bus_message_setup_kmsg(sd_bus *b, sd_bus_message *m) {
                 sz += ALIGN8(offsetof(struct kdbus_msg_item, str) + dl + 1);
         }
 
-        m->kdbus = aligned_alloc(8, sz);
+        /* Add space for unix fds */
+        if (m->n_fds > 0)
+                sz += ALIGN8(offsetof(struct kdbus_msg_item, fds) + sizeof(int)*m->n_fds);
+
+        m->kdbus = memalign(8, sz);
         if (!m->kdbus)
                 return -ENOMEM;
 
@@ -232,7 +251,6 @@ static int bus_message_setup_kmsg(sd_bus *b, sd_bus_message *m) {
         if (m->kdbus->dst_id == KDBUS_DST_ID_BROADCAST) {
                 void *p;
 
-                /* For now, let's add a mask all bloom filter */
                 p = append_bloom(&d, BLOOM_SIZE);
                 r = bus_message_setup_bloom(m, p);
                 if (r < 0) {
@@ -242,6 +260,9 @@ static int bus_message_setup_kmsg(sd_bus *b, sd_bus_message *m) {
                 }
         }
 
+        if (m->n_fds > 0)
+                append_fds(&d, m->fds, m->n_fds);
+
         m->kdbus->size = (uint8_t*) d - (uint8_t*) m->kdbus;
         assert(m->kdbus->size <= sz);
 
@@ -288,6 +309,7 @@ int bus_kernel_take_fd(sd_bus *b) {
 
         b->is_kernel = true;
         b->bus_client = true;
+        b->can_fds = true;
 
         r = bus_start_running(b);
         if (r < 0)
@@ -388,7 +410,7 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k, sd_bus_mess
                                 return -ENOMEM;
 
                         fds = f;
-                        memcpy(fds + n_fds, d->fds, j);
+                        memcpy(fds + n_fds, d->fds, sizeof(int) * j);
                         n_fds += j;
 
                 } else if (d->type == KDBUS_MSG_DST_NAME)
@@ -451,7 +473,12 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k, sd_bus_mess
                         m->cmdline_length = l;
                 } else if (d->type == KDBUS_MSG_SRC_CGROUP)
                         m->cgroup = d->str;
-                else
+                else if (d->type == KDBUS_MSG_SRC_AUDIT)
+                        m->audit = &d->audit;
+                else if (d->type == KDBUS_MSG_SRC_CAPS) {
+                        m->capability = d->data;
+                        m->capability_size = l;
+                } else
                         log_debug("Got unknown field from kernel %llu", d->type);
         }
 
@@ -500,7 +527,7 @@ int bus_kernel_read_message(sd_bus *bus, sd_bus_message **m) {
         for (;;) {
                 void *q;
 
-                q = aligned_alloc(8, sz);
+                q = memalign(8, sz);
                 if (!q)
                         return -errno;
 
@@ -539,6 +566,7 @@ int bus_kernel_read_message(sd_bus *bus, sd_bus_message **m) {
 
 int bus_kernel_create(const char *name, char **s) {
         struct kdbus_cmd_bus_make *make;
+        struct kdbus_cmd_make_item *n, *cg;
         size_t l;
         int fd;
         char *p;
@@ -551,16 +579,27 @@ int bus_kernel_create(const char *name, char **s) {
                 return -errno;
 
         l = strlen(name);
-        make = alloca0(offsetof(struct kdbus_cmd_bus_make, name) + DECIMAL_STR_MAX(uid_t) + 1 + l + 1);
-        sprintf(make->name, "%lu-%s", (unsigned long) getuid(), name);
-        make->size = offsetof(struct kdbus_cmd_bus_make, name) + strlen(make->name) + 1;
+        make = alloca0(offsetof(struct kdbus_cmd_bus_make, items) +
+                       sizeof(struct kdbus_cmd_make_item) + sizeof(uint64_t) +
+                       sizeof(struct kdbus_cmd_make_item) + DECIMAL_STR_MAX(uid_t) + 1 + l + 1);
+
+        cg = make->items;
+        cg->type = KDBUS_CMD_MAKE_CGROUP;
+        cg->data64[0] = 1;
+        cg->size = sizeof(struct kdbus_cmd_make_item) + sizeof(uint64_t);
+
+        n = KDBUS_ITEM_NEXT(cg);
+        n->type = KDBUS_CMD_MAKE_NAME;
+        sprintf(n->str, "%lu-%s", (unsigned long) getuid(), name);
+        n->size = sizeof(struct kdbus_cmd_make_item) + strlen(n->str) + 1;
+
+        make->size = offsetof(struct kdbus_cmd_bus_make, items) + cg->size + n->size;
         make->flags = KDBUS_ACCESS_WORLD | KDBUS_POLICY_OPEN;
         make->bus_flags = 0;
         make->bloom_size = BLOOM_SIZE;
-        make->cgroup_id = 1;
         assert_cc(BLOOM_SIZE % 8 == 0);
 
-        p = strjoin("/dev/kdbus/", make->name, "/bus", NULL);
+        p = strjoin("/dev/kdbus/", n->str, "/bus", NULL);
         if (!p)
                 return -ENOMEM;