X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fbus-proxyd%2Fdriver.c;h=b27583959cfe289a4178a85294df84f94bb0eb55;hb=2a560338c471f47ca0caf6f1ec8c54a61e005d7f;hp=c1f7fc4a3c86e5dde34091b2960a71e33d892999;hpb=f3c4724635951c5b8a2b3f3c3f25798ce4d290cd;p=elogind.git diff --git a/src/bus-proxyd/driver.c b/src/bus-proxyd/driver.c index c1f7fc4a3..b27583959 100644 --- a/src/bus-proxyd/driver.c +++ b/src/bus-proxyd/driver.c @@ -80,7 +80,7 @@ static int get_creds_by_message(sd_bus *bus, sd_bus_message *m, uint64_t mask, s return get_creds_by_name(bus, name, mask, _creds, error); } -int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *policy, const struct ucred *ucred, Set *owned_names) { +int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPolicy *sp, const struct ucred *ucred, Set *owned_names) { int r; assert(a); @@ -252,11 +252,11 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *po if (!sd_bus_message_has_signature(m, "s")) return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters")); - r = get_creds_by_message(a, m, SD_BUS_CREDS_UID, &creds, &error); + r = get_creds_by_message(a, m, SD_BUS_CREDS_EUID, &creds, &error); if (r < 0) return synthetic_reply_method_errno(m, r, &error); - return synthetic_reply_method_return(m, "u", (uint32_t) creds->uid); + return synthetic_reply_method_return(m, "u", (uint32_t) creds->euid); } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "GetId")) { sd_id128_t server_id; @@ -327,9 +327,8 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *po return synthetic_reply_return_strv(m, names); } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "ListQueuedOwners")) { - struct kdbus_cmd_name_list cmd = {}; - struct kdbus_name_list *name_list; - struct kdbus_name_info *name; + struct kdbus_cmd_list cmd = {}; + struct kdbus_info *name_list, *name; _cleanup_strv_free_ char **owners = NULL; _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; char *arg0; @@ -350,14 +349,15 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *po if (r < 0) return synthetic_reply_method_errno(m, r, NULL); - cmd.flags = KDBUS_NAME_LIST_QUEUED; - r = ioctl(a->input_fd, KDBUS_CMD_NAME_LIST, &cmd); + cmd.flags = KDBUS_LIST_QUEUED; + cmd.size = sizeof(cmd); + r = ioctl(a->input_fd, KDBUS_CMD_LIST, &cmd); if (r < 0) return synthetic_reply_method_errno(m, -errno, NULL); - name_list = (struct kdbus_name_list *) ((uint8_t *) a->kdbus_buffer + cmd.offset); + name_list = (struct kdbus_info *) ((uint8_t *) a->kdbus_buffer + cmd.offset); - KDBUS_ITEM_FOREACH(name, name_list, names) { + KDBUS_FOREACH(name, name_list, cmd.list_size) { const char *entry_name = NULL; struct kdbus_item *item; char *n; @@ -369,7 +369,7 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *po if (!streq_ptr(entry_name, arg0)) continue; - if (asprintf(&n, ":1.%llu", (unsigned long long) name->owner_id) < 0) { + if (asprintf(&n, ":1.%llu", (unsigned long long) name->id) < 0) { err = -ENOMEM; break; } @@ -434,14 +434,14 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *po return synthetic_reply_method_return(m, "u", BUS_NAME_RELEASED); } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "ReloadConfig")) { - _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; - if (!sd_bus_message_has_signature(m, "")) return synthetic_reply_method_error(m, &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_INVALID_ARGS, "Invalid parameters")); - r = sd_bus_error_setf(&error, SD_BUS_ERROR_NOT_SUPPORTED, "%s() is not supported", sd_bus_message_get_member(m)); + r = shared_policy_reload(sp); + if (r < 0) + return synthetic_reply_method_errno(m, r, NULL); - return synthetic_reply_method_errno(m, r, &error); + return synthetic_reply_method_return(m, NULL); } else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus", "RequestName")) { const char *name; @@ -455,8 +455,16 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *po if (r < 0) return synthetic_reply_method_errno(m, r, NULL); - if (policy && !policy_check_own(policy, ucred->uid, ucred->gid, name)) - return synthetic_reply_method_errno(m, -EPERM, NULL); + if (sp) { + Policy *policy; + bool denied; + + policy = shared_policy_acquire(sp); + denied = !policy_check_own(policy, ucred->uid, ucred->gid, name); + shared_policy_release(sp, policy); + if (denied) + return synthetic_reply_method_errno(m, -EPERM, NULL); + } if ((flags & ~(BUS_NAME_ALLOW_REPLACEMENT|BUS_NAME_REPLACE_EXISTING|BUS_NAME_DO_NOT_QUEUE)) != 0) return synthetic_reply_method_errno(m, -EINVAL, NULL); @@ -587,7 +595,7 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *po if (r < 0) return synthetic_reply_method_errno(m, r, NULL); - return synthetic_reply_method_return(m, NULL); + return synthetic_reply_method_return(m, NULL); } else { _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;