X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Flibsystemd-bus%2Fbus-objects.c;h=8ffda2f95db0f6ecef8be40e70761d14d2e2aeb6;hb=6e8df5f00a3874decf1e5542da3d65b25f6da1dc;hp=d9be3ddbfc207d23d09000a25192f162251a236a;hpb=df2d202e6ed4001a21c6512c244acad5d4706c87;p=elogind.git
diff --git a/src/libsystemd-bus/bus-objects.c b/src/libsystemd-bus/bus-objects.c
index d9be3ddbf..8ffda2f95 100644
--- a/src/libsystemd-bus/bus-objects.c
+++ b/src/libsystemd-bus/bus-objects.c
@@ -19,6 +19,8 @@
along with systemd; If not, see .
***/
+#include
+
#include "strv.h"
#include "set.h"
#include "bus-internal.h"
@@ -33,7 +35,8 @@ static int node_vtable_get_userdata(
sd_bus *bus,
const char *path,
struct node_vtable *c,
- void **userdata) {
+ void **userdata,
+ sd_bus_error *error) {
void *u;
int r;
@@ -44,8 +47,12 @@ static int node_vtable_get_userdata(
u = c->userdata;
if (c->find) {
- r = c->find(bus, path, c->interface, &u, u);
- if (r <= 0)
+ r = c->find(bus, path, c->interface, u, &u, error);
+ if (r < 0)
+ return r;
+ if (sd_bus_error_is_set(error))
+ return sd_bus_error_get_errno(error);
+ if (r == 0)
return r;
}
@@ -65,7 +72,8 @@ static int vtable_property_get_userdata(
sd_bus *bus,
const char *path,
struct vtable_member *p,
- void **userdata) {
+ void **userdata,
+ sd_bus_error *error) {
void *u;
int r;
@@ -75,7 +83,7 @@ static int vtable_property_get_userdata(
assert(p);
assert(userdata);
- r = node_vtable_get_userdata(bus, path, p->parent, &u);
+ r = node_vtable_get_userdata(bus, path, p->parent, &u, error);
if (r <= 0)
return r;
if (bus->nodes_modified)
@@ -89,7 +97,8 @@ static int add_enumerated_to_set(
sd_bus *bus,
const char *prefix,
struct node_enumerator *first,
- Set *s) {
+ Set *s,
+ sd_bus_error *error) {
struct node_enumerator *c;
int r;
@@ -104,9 +113,11 @@ static int add_enumerated_to_set(
if (bus->nodes_modified)
return 0;
- r = c->callback(bus, prefix, &children, c->userdata);
+ r = c->callback(bus, prefix, c->userdata, &children, error);
if (r < 0)
return r;
+ if (sd_bus_error_is_set(error))
+ return sd_bus_error_get_errno(error);
STRV_FOREACH(k, children) {
if (r < 0) {
@@ -126,6 +137,8 @@ static int add_enumerated_to_set(
}
r = set_consume(s, *k);
+ if (r == -EEXIST)
+ r = 0;
}
free(children);
@@ -140,7 +153,8 @@ static int add_subtree_to_set(
sd_bus *bus,
const char *prefix,
struct node *n,
- Set *s) {
+ Set *s,
+ sd_bus_error *error) {
struct node *i;
int r;
@@ -150,7 +164,7 @@ static int add_subtree_to_set(
assert(n);
assert(s);
- r = add_enumerated_to_set(bus, prefix, n->enumerators, s);
+ r = add_enumerated_to_set(bus, prefix, n->enumerators, s, error);
if (r < 0)
return r;
if (bus->nodes_modified)
@@ -170,7 +184,7 @@ static int add_subtree_to_set(
if (r < 0 && r != -EEXIST)
return r;
- r = add_subtree_to_set(bus, prefix, i, s);
+ r = add_subtree_to_set(bus, prefix, i, s, error);
if (r < 0)
return r;
if (bus->nodes_modified)
@@ -184,7 +198,8 @@ static int get_child_nodes(
sd_bus *bus,
const char *prefix,
struct node *n,
- Set **_s) {
+ Set **_s,
+ sd_bus_error *error) {
Set *s = NULL;
int r;
@@ -198,7 +213,7 @@ static int get_child_nodes(
if (!s)
return -ENOMEM;
- r = add_subtree_to_set(bus, prefix, n, s);
+ r = add_subtree_to_set(bus, prefix, n, s, error);
if (r < 0) {
set_free_free(s);
return r;
@@ -223,6 +238,8 @@ static int node_callbacks_run(
assert(found_object);
LIST_FOREACH(callbacks, c, first) {
+ _cleanup_bus_error_free_ sd_bus_error error_buffer = SD_BUS_ERROR_NULL;
+
if (bus->nodes_modified)
return 0;
@@ -240,7 +257,8 @@ static int node_callbacks_run(
if (r < 0)
return r;
- r = c->callback(bus, m, c->userdata);
+ r = c->callback(bus, m, c->userdata, &error_buffer);
+ r = bus_maybe_reply_error(m, r, &error_buffer);
if (r != 0)
return r;
}
@@ -248,6 +266,64 @@ static int node_callbacks_run(
return 0;
}
+#define CAPABILITY_SHIFT(x) (((x) >> __builtin_ctzll(_SD_BUS_VTABLE_CAPABILITY_MASK)) & 0xFFFF)
+
+static int check_access(sd_bus *bus, sd_bus_message *m, struct vtable_member *c, sd_bus_error *error) {
+ _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL;
+ uint64_t cap;
+ uid_t uid;
+ int r;
+
+ assert(bus);
+ assert(m);
+ assert(c);
+
+ /* If the entire bus is trusted let's grant access */
+ if (bus->trusted)
+ return 0;
+
+ /* If the member is marked UNPRIVILEGED let's grant access */
+ if (c->vtable->flags & SD_BUS_VTABLE_UNPRIVILEGED)
+ return 0;
+
+ /* If we are not connected to kdbus we cannot retrieve the
+ * effective capability set without race. Since we need this
+ * for a security decision we cannot use racy data, hence
+ * don't request it. */
+ if (bus->is_kernel)
+ r = sd_bus_query_sender_creds(m, SD_BUS_CREDS_UID|SD_BUS_CREDS_EFFECTIVE_CAPS, &creds);
+ else
+ r = sd_bus_query_sender_creds(m, SD_BUS_CREDS_UID, &creds);
+ if (r < 0)
+ return r;
+
+ /* Check have the caller has the requested capability
+ * set. Note that the flags value contains the capability
+ * number plus one, which we need to subtract here. We do this
+ * so that we have 0 as special value for "default
+ * capability". */
+ cap = CAPABILITY_SHIFT(c->vtable->flags);
+ if (cap == 0)
+ cap = CAPABILITY_SHIFT(c->parent->vtable[0].flags);
+ if (cap == 0)
+ cap = CAP_SYS_ADMIN;
+ else
+ cap --;
+
+ r = sd_bus_creds_has_effective_cap(creds, cap);
+ if (r > 0)
+ return 1;
+
+ /* Caller has same UID as us, then let's grant access */
+ r = sd_bus_creds_get_uid(creds, &uid);
+ if (r >= 0) {
+ if (uid == getuid())
+ return 1;
+ }
+
+ return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Access to %s.%s() not permitted.", c->interface, c->member);
+}
+
static int method_callbacks_run(
sd_bus *bus,
sd_bus_message *m,
@@ -255,6 +331,7 @@ static int method_callbacks_run(
bool require_fallback,
bool *found_object) {
+ _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
const char *signature;
void *u;
int r;
@@ -267,9 +344,13 @@ static int method_callbacks_run(
if (require_fallback && !c->parent->is_fallback)
return 0;
- r = node_vtable_get_userdata(bus, m->path, c->parent, &u);
+ r = check_access(bus, m, c, &error);
+ if (r < 0)
+ return bus_maybe_reply_error(m, r, &error);
+
+ r = node_vtable_get_userdata(bus, m->path, c->parent, &u, &error);
if (r <= 0)
- return r;
+ return bus_maybe_reply_error(m, r, &error);
if (bus->nodes_modified)
return 0;
@@ -288,20 +369,23 @@ static int method_callbacks_run(
if (!signature)
return -EINVAL;
- if (!streq(strempty(c->vtable->x.method.signature), signature)) {
- r = sd_bus_reply_method_errorf(m,
- SD_BUS_ERROR_INVALID_ARGS,
- "Invalid arguments '%s' to call %s:%s, expecting '%s'.",
- signature, c->interface, c->member, strempty(c->vtable->x.method.signature));
- if (r < 0)
- return r;
-
- return 1;
+ if (!streq(strempty(c->vtable->x.method.signature), signature))
+ return sd_bus_reply_method_errorf(
+ m,
+ SD_BUS_ERROR_INVALID_ARGS,
+ "Invalid arguments '%s' to call %s.%s(), expecting '%s'.",
+ signature, c->interface, c->member, strempty(c->vtable->x.method.signature));
+
+ /* Keep track what the signature of the reply to this message
+ * should be, so that this can be enforced when sealing the
+ * reply. */
+ m->enforced_reply_signature = strempty(c->vtable->x.method.result);
+
+ if (c->vtable->x.method.handler) {
+ r = c->vtable->x.method.handler(bus, m, u, &error);
+ return bus_maybe_reply_error(m, r, &error);
}
- if (c->vtable->x.method.handler)
- return c->vtable->x.method.handler(bus, m, u);
-
/* If the method callback is NULL, make this a successful NOP */
r = sd_bus_reply_method_return(m, NULL);
if (r < 0)
@@ -316,26 +400,33 @@ static int invoke_property_get(
const char *path,
const char *interface,
const char *property,
- sd_bus_message *m,
- sd_bus_error *error,
- void *userdata) {
+ sd_bus_message *reply,
+ void *userdata,
+ sd_bus_error *error) {
const void *p;
+ int r;
assert(bus);
assert(v);
assert(path);
assert(interface);
assert(property);
- assert(m);
+ assert(reply);
- if (v->x.property.get)
- return v->x.property.get(bus, path, interface, property, m, error, userdata);
+ if (v->x.property.get) {
+ r = v->x.property.get(bus, path, interface, property, reply, userdata, error);
+ if (r < 0)
+ return r;
+ if (sd_bus_error_is_set(error))
+ return sd_bus_error_get_errno(error);
+ return r;
+ }
/* Automatic handling if no callback is defined. */
if (streq(v->x.property.signature, "as"))
- return sd_bus_message_append_strv(m, *(char***) userdata);
+ return sd_bus_message_append_strv(reply, *(char***) userdata);
assert(signature_is_single(v->x.property.signature, false));
assert(bus_type_is_basic(v->x.property.signature[0]));
@@ -357,7 +448,7 @@ static int invoke_property_get(
break;
}
- return sd_bus_message_append_basic(m, v->x.property.signature[0], p);
+ return sd_bus_message_append_basic(reply, v->x.property.signature[0], p);
}
static int invoke_property_set(
@@ -367,8 +458,8 @@ static int invoke_property_set(
const char *interface,
const char *property,
sd_bus_message *value,
- sd_bus_error *error,
- void *userdata) {
+ void *userdata,
+ sd_bus_error *error) {
int r;
@@ -379,8 +470,14 @@ static int invoke_property_set(
assert(property);
assert(value);
- if (v->x.property.set)
- return v->x.property.set(bus, path, interface, property, value, error, userdata);
+ if (v->x.property.set) {
+ r = v->x.property.set(bus, path, interface, property, value, userdata, error);
+ if (r < 0)
+ return r;
+ if (sd_bus_error_is_set(error))
+ return sd_bus_error_get_errno(error);
+ return r;
+ }
/* Automatic handling if no callback is defined. */
@@ -428,8 +525,8 @@ static int property_get_set_callbacks_run(
bool is_get,
bool *found_object) {
- _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
+ _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
void *u;
int r;
@@ -441,9 +538,9 @@ static int property_get_set_callbacks_run(
if (require_fallback && !c->parent->is_fallback)
return 0;
- r = vtable_property_get_userdata(bus, m->path, c, &u);
+ r = vtable_property_get_userdata(bus, m->path, c, &u, &error);
if (r <= 0)
- return r;
+ return bus_maybe_reply_error(m, r, &error);
if (bus->nodes_modified)
return 0;
@@ -465,17 +562,14 @@ static int property_get_set_callbacks_run(
if (r < 0)
return r;
- r = invoke_property_get(bus, c->vtable, m->path, c->interface, c->member, reply, &error, u);
- if (r < 0)
- return r;
+ /* Note that we do not do an access check here. Read
+ * access to properties is always unrestricted, since
+ * PropertiesChanged signals broadcast contents
+ * anyway. */
- if (sd_bus_error_is_set(&error)) {
- r = sd_bus_reply_method_error(m, &error);
- if (r < 0)
- return r;
-
- return 1;
- }
+ r = invoke_property_get(bus, c->vtable, m->path, c->interface, c->member, reply, u, &error);
+ if (r < 0)
+ return bus_maybe_reply_error(m, r, &error);
if (bus->nodes_modified)
return 0;
@@ -486,33 +580,27 @@ static int property_get_set_callbacks_run(
} else {
if (c->vtable->type != _SD_BUS_VTABLE_WRITABLE_PROPERTY)
- sd_bus_error_setf(&error, SD_BUS_ERROR_PROPERTY_READ_ONLY, "Property '%s' is not writable.", c->member);
- else {
- /* Avoid that we call the set routine more
- * than once if the processing of this message
- * got restarted because the node tree
- * changed. */
- if (c->last_iteration == bus->iteration_counter)
- return 0;
+ return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_PROPERTY_READ_ONLY, "Property '%s' is not writable.", c->member);
- c->last_iteration = bus->iteration_counter;
+ /* Avoid that we call the set routine more than once
+ * if the processing of this message got restarted
+ * because the node tree changed. */
+ if (c->last_iteration == bus->iteration_counter)
+ return 0;
- r = sd_bus_message_enter_container(m, 'v', c->vtable->x.property.signature);
- if (r < 0)
- return r;
+ c->last_iteration = bus->iteration_counter;
- r = invoke_property_set(bus, c->vtable, m->path, c->interface, c->member, m, &error, u);
- if (r < 0)
- return r;
- }
+ r = sd_bus_message_enter_container(m, 'v', c->vtable->x.property.signature);
+ if (r < 0)
+ return r;
- if (sd_bus_error_is_set(&error)) {
- r = sd_bus_reply_method_error(m, &error);
- if (r < 0)
- return r;
+ r = check_access(bus, m, c, &error);
+ if (r < 0)
+ return bus_maybe_reply_error(m, r, &error);
- return 1;
- }
+ r = invoke_property_set(bus, c->vtable, m->path, c->interface, c->member, m, u, &error);
+ if (r < 0)
+ return bus_maybe_reply_error(m, r, &error);
if (bus->nodes_modified)
return 0;
@@ -545,10 +633,16 @@ static int vtable_append_all_properties(
assert(path);
assert(c);
+ if (c->vtable[0].flags & SD_BUS_VTABLE_HIDDEN)
+ return 1;
+
for (v = c->vtable+1; v->type != _SD_BUS_VTABLE_END; v++) {
if (v->type != _SD_BUS_VTABLE_PROPERTY && v->type != _SD_BUS_VTABLE_WRITABLE_PROPERTY)
continue;
+ if (v->flags & SD_BUS_VTABLE_HIDDEN)
+ continue;
+
r = sd_bus_message_open_container(reply, 'e', "sv");
if (r < 0)
return r;
@@ -561,11 +655,9 @@ static int vtable_append_all_properties(
if (r < 0)
return r;
- r = invoke_property_get(bus, v, path, c->interface, v->x.property.member, reply, error, vtable_property_convert_userdata(v, userdata));
+ r = invoke_property_get(bus, v, path, c->interface, v->x.property.member, reply, vtable_property_convert_userdata(v, userdata), error);
if (r < 0)
return r;
- if (sd_bus_error_is_set(error))
- return 0;
if (bus->nodes_modified)
return 0;
@@ -618,9 +710,9 @@ static int property_get_all_callbacks_run(
if (require_fallback && !c->is_fallback)
continue;
- r = node_vtable_get_userdata(bus, m->path, c, &u);
+ r = node_vtable_get_userdata(bus, m->path, c, &u, &error);
if (r < 0)
- return r;
+ return bus_maybe_reply_error(m, r, &error);
if (bus->nodes_modified)
return 0;
if (r == 0)
@@ -634,15 +726,7 @@ static int property_get_all_callbacks_run(
r = vtable_append_all_properties(bus, reply, m->path, c, u, &error);
if (r < 0)
- return r;
-
- if (sd_bus_error_is_set(&error)) {
- r = sd_bus_reply_method_error(m, &error);
- if (r < 0)
- return r;
-
- return 1;
- }
+ return bus_maybe_reply_error(m, r, &error);
if (bus->nodes_modified)
return 0;
}
@@ -706,11 +790,12 @@ static bool bus_node_exists(
}
LIST_FOREACH(vtables, c, n->vtables) {
+ _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
if (require_fallback && !c->is_fallback)
continue;
- if (node_vtable_get_userdata(bus, path, c, NULL) > 0)
+ if (node_vtable_get_userdata(bus, path, c, NULL, &error) > 0)
return true;
if (bus->nodes_modified)
return false;
@@ -726,6 +811,7 @@ static int process_introspect(
bool require_fallback,
bool *found_object) {
+ _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
_cleanup_set_free_free_ Set *s = NULL;
const char *previous_interface = NULL;
@@ -739,9 +825,9 @@ static int process_introspect(
assert(n);
assert(found_object);
- r = get_child_nodes(bus, m->path, n, &s);
+ r = get_child_nodes(bus, m->path, n, &s, &error);
if (r < 0)
- return r;
+ return bus_maybe_reply_error(m, r, &error);
if (bus->nodes_modified)
return 0;
@@ -759,16 +845,23 @@ static int process_introspect(
if (require_fallback && !c->is_fallback)
continue;
- r = node_vtable_get_userdata(bus, m->path, c, NULL);
- if (r < 0)
- return r;
- if (bus->nodes_modified)
- return 0;
+ r = node_vtable_get_userdata(bus, m->path, c, NULL, &error);
+ if (r < 0) {
+ r = bus_maybe_reply_error(m, r, &error);
+ goto finish;
+ }
+ if (bus->nodes_modified) {
+ r = 0;
+ goto finish;
+ }
if (r == 0)
continue;
empty = false;
+ if (c->vtable[0].flags & SD_BUS_VTABLE_HIDDEN)
+ continue;
+
if (!streq_ptr(previous_interface, c->interface)) {
if (previous_interface)
@@ -850,7 +943,7 @@ static int object_manager_serialize_path(
if (require_fallback && !i->is_fallback)
continue;
- r = node_vtable_get_userdata(bus, path, i, &u);
+ r = node_vtable_get_userdata(bus, path, i, &u, error);
if (r < 0)
return r;
if (bus->nodes_modified)
@@ -909,8 +1002,6 @@ static int object_manager_serialize_path(
r = vtable_append_all_properties(bus, reply, path, i, u, error);
if (r < 0)
return r;
- if (sd_bus_error_is_set(error))
- return 0;
if (bus->nodes_modified)
return 0;
@@ -958,8 +1049,6 @@ static int object_manager_serialize_path_and_fallbacks(
r = object_manager_serialize_path(bus, reply, path, path, false, error);
if (r < 0)
return r;
- if (sd_bus_error_is_set(error))
- return 0;
if (bus->nodes_modified)
return 0;
@@ -969,8 +1058,6 @@ static int object_manager_serialize_path_and_fallbacks(
r = object_manager_serialize_path(bus, reply, prefix, path, true, error);
if (r < 0)
return r;
- if (sd_bus_error_is_set(error))
- return 0;
if (bus->nodes_modified)
return 0;
}
@@ -985,6 +1072,7 @@ static int process_get_managed_objects(
bool require_fallback,
bool *found_object) {
+ _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
_cleanup_set_free_free_ Set *s = NULL;
bool empty;
@@ -998,7 +1086,7 @@ static int process_get_managed_objects(
if (!bus_node_with_object_manager(bus, n))
return 0;
- r = get_child_nodes(bus, m->path, n, &s);
+ r = get_child_nodes(bus, m->path, n, &s, &error);
if (r < 0)
return r;
if (bus->nodes_modified)
@@ -1041,19 +1129,9 @@ static int process_get_managed_objects(
char *path;
SET_FOREACH(path, s, i) {
- _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
-
r = object_manager_serialize_path_and_fallbacks(bus, reply, path, &error);
if (r < 0)
- return -ENOMEM;
-
- if (sd_bus_error_is_set(&error)) {
- r = sd_bus_reply_method_error(m, &error);
- if (r < 0)
- return r;
-
- return 1;
- }
+ return r;
if (bus->nodes_modified)
return 0;
@@ -1131,7 +1209,7 @@ static int object_find_and_run(
r = sd_bus_message_read(m, "ss", &vtable_key.interface, &vtable_key.member);
if (r < 0)
- return r;
+ return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_INVALID_ARGS, "Expected interface and member parameters");
v = hashmap_get(bus->vtable_properties, &vtable_key);
if (v) {
@@ -1149,7 +1227,7 @@ static int object_find_and_run(
r = sd_bus_message_read(m, "s", &iface);
if (r < 0)
- return r;
+ return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_INVALID_ARGS, "Expected interface parameter");
if (iface[0] == 0)
iface = NULL;
@@ -1161,12 +1239,18 @@ static int object_find_and_run(
} else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus.Introspectable", "Introspect")) {
+ if (!isempty(sd_bus_message_get_signature(m, true)))
+ return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_INVALID_ARGS, "Expected no parameters");
+
r = process_introspect(bus, m, n, require_fallback, found_object);
if (r != 0)
return r;
} else if (sd_bus_message_is_method_call(m, "org.freedesktop.DBus.ObjectManager", "GetManagedObjects")) {
+ if (!isempty(sd_bus_message_get_signature(m, true)))
+ return sd_bus_reply_method_errorf(m, SD_BUS_ERROR_INVALID_ARGS, "Expected no parameters");
+
r = process_get_managed_objects(bus, m, n, require_fallback, found_object);
if (r != 0)
return r;
@@ -1197,12 +1281,12 @@ int bus_process_object(sd_bus *bus, sd_bus_message *m) {
if (m->header->type != SD_BUS_MESSAGE_METHOD_CALL)
return 0;
- if (!m->path)
- return 0;
-
if (hashmap_isempty(bus->nodes))
return 0;
+ assert(m->path);
+ assert(m->member);
+
pl = strlen(m->path);
do {
char prefix[pl+1];
@@ -1634,7 +1718,8 @@ static int add_object_vtable_internal(
!signature_is_single(v->x.property.signature, false) ||
!(v->x.property.get || bus_type_is_basic(v->x.property.signature[0]) || streq(v->x.property.signature, "as")) ||
v->flags & SD_BUS_VTABLE_METHOD_NO_REPLY ||
- (v->flags & SD_BUS_VTABLE_PROPERTY_INVALIDATE_ONLY && !(v->flags & SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE))) {
+ (v->flags & SD_BUS_VTABLE_PROPERTY_INVALIDATE_ONLY && !(v->flags & SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE)) ||
+ (v->flags & SD_BUS_VTABLE_UNPRIVILEGED && v->type == _SD_BUS_VTABLE_PROPERTY)) {
r = -EINVAL;
goto fail;
}
@@ -1664,7 +1749,8 @@ static int add_object_vtable_internal(
case _SD_BUS_VTABLE_SIGNAL:
if (!member_name_is_valid(v->x.signal.member) ||
- !signature_is_valid(strempty(v->x.signal.signature), false)) {
+ !signature_is_valid(strempty(v->x.signal.signature), false) ||
+ v->flags & SD_BUS_VTABLE_UNPRIVILEGED) {
r = -EINVAL;
goto fail;
}
@@ -1858,6 +1944,7 @@ static int emit_properties_changed_on_interface(
bool require_fallback,
char **names) {
+ _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_bus_message_unref_ sd_bus_message *m = NULL;
bool has_invalidating = false, has_changing = false;
struct vtable_member key = {};
@@ -1898,7 +1985,7 @@ static int emit_properties_changed_on_interface(
if (!streq(c->interface, interface))
continue;
- r = node_vtable_get_userdata(bus, path, c, &u);
+ r = node_vtable_get_userdata(bus, path, c, &u, &error);
if (r < 0)
return r;
if (bus->nodes_modified)
@@ -1907,7 +1994,6 @@ static int emit_properties_changed_on_interface(
continue;
STRV_FOREACH(property, names) {
- _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
struct vtable_member *v;
assert_return(member_name_is_valid(*property), -EINVAL);
@@ -1944,7 +2030,7 @@ static int emit_properties_changed_on_interface(
if (r < 0)
return r;
- r = invoke_property_get(bus, v->vtable, m->path, interface, *property, m, &error, vtable_property_convert_userdata(v->vtable, u));
+ r = invoke_property_get(bus, v->vtable, m->path, interface, *property, m, vtable_property_convert_userdata(v->vtable, u), &error);
if (r < 0)
return r;
if (bus->nodes_modified)
@@ -1979,7 +2065,7 @@ static int emit_properties_changed_on_interface(
if (!streq(c->interface, interface))
continue;
- r = node_vtable_get_userdata(bus, path, c, &u);
+ r = node_vtable_get_userdata(bus, path, c, &u, &error);
if (r < 0)
return r;
if (bus->nodes_modified)
@@ -2111,7 +2197,7 @@ static int interfaces_added_append_one_prefix(
if (!streq(c->interface, interface))
continue;
- r = node_vtable_get_userdata(bus, path, c, &u);
+ r = node_vtable_get_userdata(bus, path, c, &u, &error);
if (r < 0)
return r;
if (bus->nodes_modified)