chiark / gitweb /
~ianmdlvl / elogind.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
bus-policy: actually test messages against the newly added test.conf
[elogind.git] / src / bus-proxyd / bus-policy.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4   This file is part of systemd.
5
6   Copyright 2013 Lennart Poettering
7
8   systemd is free software; you can redistribute it and/or modify it
9   under the terms of the GNU Lesser General Public License as published by
10   the Free Software Foundation; either version 2.1 of the License, or
11   (at your option) any later version.
12
13   systemd is distributed in the hope that it will be useful, but
14   WITHOUT ANY WARRANTY; without even the implied warranty of
15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16   Lesser General Public License for more details.
17
18   You should have received a copy of the GNU Lesser General Public License
19   along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include "xml.h"
23 #include "fileio.h"
24 #include "strv.h"
25 #include "conf-files.h"
26 #include "bus-internal.h"
27 #include "bus-message.h"
28 #include "bus-policy.h"
29
30 static void policy_item_free(PolicyItem *i) {
31         assert(i);
32
33         free(i->interface);
34         free(i->member);
35         free(i->error);
36         free(i->name);
37         free(i->path);
38         free(i);
39 }
40
41 DEFINE_TRIVIAL_CLEANUP_FUNC(PolicyItem*, policy_item_free);
42
43 static void item_append(PolicyItem *i, PolicyItem **list) {
44
45         PolicyItem *tail;
46
47         LIST_FIND_TAIL(items, *list, tail);
48         LIST_INSERT_AFTER(items, *list, tail, i);
49 }
50
51 static int file_load(Policy *p, const char *path) {
52
53         _cleanup_free_ char *c = NULL, *policy_user = NULL, *policy_group = NULL;
54         _cleanup_(policy_item_freep) PolicyItem *i = NULL;
55         void *xml_state = NULL;
56         unsigned n_other = 0;
57         const char *q;
58         int r;
59
60         enum {
61                 STATE_OUTSIDE,
62                 STATE_BUSCONFIG,
63                 STATE_POLICY,
64                 STATE_POLICY_CONTEXT,
65                 STATE_POLICY_USER,
66                 STATE_POLICY_GROUP,
67                 STATE_POLICY_OTHER_ATTRIBUTE,
68                 STATE_ALLOW_DENY,
69                 STATE_ALLOW_DENY_INTERFACE,
70                 STATE_ALLOW_DENY_MEMBER,
71                 STATE_ALLOW_DENY_ERROR,
72                 STATE_ALLOW_DENY_PATH,
73                 STATE_ALLOW_DENY_MESSAGE_TYPE,
74                 STATE_ALLOW_DENY_NAME,
75                 STATE_ALLOW_DENY_OTHER_ATTRIBUTE,
76                 STATE_OTHER,
77         } state = STATE_OUTSIDE;
78
79         enum {
80                 POLICY_CATEGORY_NONE,
81                 POLICY_CATEGORY_DEFAULT,
82                 POLICY_CATEGORY_MANDATORY,
83                 POLICY_CATEGORY_USER,
84                 POLICY_CATEGORY_GROUP
85         } policy_category = POLICY_CATEGORY_NONE;
86
87         unsigned line = 0;
88
89         assert(p);
90
91         r = read_full_file(path, &c, NULL);
92         if (r < 0) {
93                 if (r == -ENOENT)
94                         return 0;
95                 if (r == -EISDIR)
96                         return r;
97
98                 log_error("Failed to load %s: %s", path, strerror(-r));
99                 return r;
100         }
101
102         q = c;
103         for (;;) {
104                 _cleanup_free_ char *name = NULL;
105                 int t;
106
107                 t = xml_tokenize(&q, &name, &xml_state, &line);
108                 if (t < 0) {
109                         log_error("XML parse failure in %s: %s", path, strerror(-t));
110                         return t;
111                 }
112
113                 switch (state) {
114
115                 case STATE_OUTSIDE:
116
117                         if (t == XML_TAG_OPEN) {
118                                 if (streq(name, "busconfig"))
119                                         state = STATE_BUSCONFIG;
120                                 else {
121                                         log_error("Unexpected tag %s at %s:%u.", name, path, line);
122                                         return -EINVAL;
123                                 }
124
125                         } else if (t == XML_END)
126                                 return 0;
127                         else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
128                                 log_error("Unexpected token (1) at %s:%u.", path, line);
129                                 return -EINVAL;
130                         }
131
132                         break;
133
134                 case STATE_BUSCONFIG:
135
136                         if (t == XML_TAG_OPEN) {
137                                 if (streq(name, "policy")) {
138                                         state = STATE_POLICY;
139                                         policy_category = POLICY_CATEGORY_NONE;
140                                         free(policy_user);
141                                         free(policy_group);
142                                         policy_user = policy_group = NULL;
143                                 } else {
144                                         state = STATE_OTHER;
145                                         n_other = 0;
146                                 }
147                         } else if (t == XML_TAG_CLOSE_EMPTY ||
148                                    (t == XML_TAG_CLOSE && streq(name, "busconfig")))
149                                 state = STATE_OUTSIDE;
150                         else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
151                                 log_error("Unexpected token (2) at %s:%u.", path, line);
152                                 return -EINVAL;
153                         }
154
155                         break;
156
157                 case STATE_POLICY:
158
159                         if (t == XML_ATTRIBUTE_NAME) {
160                                 if (streq(name, "context"))
161                                         state = STATE_POLICY_CONTEXT;
162                                 else if (streq(name, "user"))
163                                         state = STATE_POLICY_USER;
164                                 else if (streq(name, "group"))
165                                         state = STATE_POLICY_GROUP;
166                                 else {
167                                         if (streq(name, "at_console"))
168                                                 log_debug("Attribute %s of <policy> tag unsupported at %s:%u, ignoring.", name, path, line);
169                                         else
170                                                 log_warning("Attribute %s of <policy> tag unknown at %s:%u, ignoring.", name, path, line);
171                                         state = STATE_POLICY_OTHER_ATTRIBUTE;
172                                 }
173                         } else if (t == XML_TAG_CLOSE_EMPTY ||
174                                    (t == XML_TAG_CLOSE && streq(name, "policy")))
175                                 state = STATE_BUSCONFIG;
176                         else if (t == XML_TAG_OPEN) {
177                                 PolicyItemType it;
178
179                                 if (streq(name, "allow"))
180                                         it = POLICY_ITEM_ALLOW;
181                                 else if (streq(name, "deny"))
182                                         it = POLICY_ITEM_DENY;
183                                 else {
184                                         log_warning("Unknown tag %s in <policy> %s:%u.", name, path, line);
185                                         return -EINVAL;
186                                 }
187
188                                 assert(!i);
189                                 i = new0(PolicyItem, 1);
190                                 if (!i)
191                                         return log_oom();
192
193                                 i->type = it;
194                                 state = STATE_ALLOW_DENY;
195
196                         } else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
197                                 log_error("Unexpected token (3) at %s:%u.", path, line);
198                                 return -EINVAL;
199                         }
200
201                         break;
202
203                 case STATE_POLICY_CONTEXT:
204
205                         if (t == XML_ATTRIBUTE_VALUE) {
206                                 if (streq(name, "default")) {
207                                         policy_category = POLICY_CATEGORY_DEFAULT;
208                                         state = STATE_POLICY;
209                                 } else if (streq(name, "mandatory")) {
210                                         policy_category = POLICY_CATEGORY_MANDATORY;
211                                         state = STATE_POLICY;
212                                 } else {
213                                         log_error("context= parameter %s unknown for <policy> at %s:%u.", name, path, line);
214                                         return -EINVAL;
215                                 }
216                         } else {
217                                 log_error("Unexpected token (4) at %s:%u.", path, line);
218                                 return -EINVAL;
219                         }
220
221                         break;
222
223                 case STATE_POLICY_USER:
224
225                         if (t == XML_ATTRIBUTE_VALUE) {
226                                 free(policy_user);
227                                 policy_user = name;
228                                 name = NULL;
229                                 policy_category = POLICY_CATEGORY_USER;
230                                 state = STATE_POLICY;
231                         } else {
232                                 log_error("Unexpected token (5) in %s:%u.", path, line);
233                                 return -EINVAL;
234                         }
235
236                         break;
237
238                 case STATE_POLICY_GROUP:
239
240                         if (t == XML_ATTRIBUTE_VALUE) {
241                                 free(policy_group);
242                                 policy_group = name;
243                                 name = NULL;
244                                 policy_category = POLICY_CATEGORY_GROUP;
245                                 state = STATE_POLICY;
246                         } else {
247                                 log_error("Unexpected token (6) at %s:%u.", path, line);
248                                 return -EINVAL;
249                         }
250
251                         break;
252
253                 case STATE_POLICY_OTHER_ATTRIBUTE:
254
255                         if (t == XML_ATTRIBUTE_VALUE)
256                                 state = STATE_POLICY;
257                         else {
258                                 log_error("Unexpected token (7) in %s:%u.", path, line);
259                                 return -EINVAL;
260                         }
261
262                         break;
263
264                 case STATE_ALLOW_DENY:
265
266                         assert(i);
267
268                         if (t == XML_ATTRIBUTE_NAME) {
269                                 PolicyItemClass ic;
270
271                                 if (startswith(name, "send_"))
272                                         ic = POLICY_ITEM_SEND;
273                                 else if (startswith(name, "receive_"))
274                                         ic = POLICY_ITEM_RECV;
275                                 else if (streq(name, "own"))
276                                         ic = POLICY_ITEM_OWN;
277                                 else if (streq(name, "own_prefix"))
278                                         ic = POLICY_ITEM_OWN_PREFIX;
279                                 else if (streq(name, "user"))
280                                         ic = POLICY_ITEM_USER;
281                                 else if (streq(name, "group"))
282                                         ic = POLICY_ITEM_GROUP;
283                                 else if (streq(name, "eavesdrop")) {
284                                         log_debug("Unsupported attribute %s= at %s:%u, ignoring.", name, path, line);
285                                         i->class = POLICY_ITEM_IGNORE;
286                                         state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE;
287                                         break;
288                                 } else {
289                                         log_error("Unknown attribute %s= at %s:%u, ignoring.", name, path, line);
290                                         state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE;
291                                         break;
292                                 }
293
294                                 if (i->class != _POLICY_ITEM_CLASS_UNSET && ic != i->class) {
295                                         log_error("send_ and receive_ fields mixed on same tag at %s:%u.", path, line);
296                                         return -EINVAL;
297                                 }
298
299                                 i->class = ic;
300
301                                 if (ic == POLICY_ITEM_SEND || ic == POLICY_ITEM_RECV) {
302                                         const char *u;
303
304                                         u = strchr(name, '_');
305                                         assert(u);
306
307                                         u++;
308
309                                         if (streq(u, "interface"))
310                                                 state = STATE_ALLOW_DENY_INTERFACE;
311                                         else if (streq(u, "member"))
312                                                 state = STATE_ALLOW_DENY_MEMBER;
313                                         else if (streq(u, "error"))
314                                                 state = STATE_ALLOW_DENY_ERROR;
315                                         else if (streq(u, "path"))
316                                                 state = STATE_ALLOW_DENY_PATH;
317                                         else if (streq(u, "type"))
318                                                 state = STATE_ALLOW_DENY_MESSAGE_TYPE;
319                                         else if ((streq(u, "destination") && ic == POLICY_ITEM_SEND) ||
320                                                  (streq(u, "sender") && ic == POLICY_ITEM_RECV))
321                                                 state = STATE_ALLOW_DENY_NAME;
322                                         else {
323                                                 if (streq(u, "requested_reply"))
324                                                         log_debug("Unsupported attribute %s= at %s:%u, ignoring.", name, path, line);
325                                                 else
326                                                         log_error("Unknown attribute %s= at %s:%u, ignoring.", name, path, line);
327                                                 state = STATE_ALLOW_DENY_OTHER_ATTRIBUTE;
328                                                 break;
329                                         }
330                                 } else
331                                         state = STATE_ALLOW_DENY_NAME;
332
333                         } else if (t == XML_TAG_CLOSE_EMPTY ||
334                                    (t == XML_TAG_CLOSE && streq(name, i->type == POLICY_ITEM_ALLOW ? "allow" : "deny"))) {
335
336                                 if (i->class == _POLICY_ITEM_CLASS_UNSET) {
337                                         log_error("Policy not set at %s:%u.", path, line);
338                                         return -EINVAL;
339                                 }
340
341                                 if (policy_category == POLICY_CATEGORY_DEFAULT)
342                                         item_append(i, &p->default_items);
343                                 else if (policy_category == POLICY_CATEGORY_MANDATORY)
344                                         item_append(i, &p->mandatory_items);
345                                 else if (policy_category == POLICY_CATEGORY_USER) {
346                                         const char *u = policy_user;
347
348                                         assert_cc(sizeof(uid_t) == sizeof(uint32_t));
349
350                                         r = hashmap_ensure_allocated(&p->user_items, NULL);
351                                         if (r < 0)
352                                                 return log_oom();
353
354                                         if (!u) {
355                                                 log_error("User policy without name");
356                                                 return -EINVAL;
357                                         }
358
359                                         r = get_user_creds(&u, &i->uid, NULL, NULL, NULL);
360                                         if (r < 0) {
361                                                 log_error("Failed to resolve user %s, ignoring policy: %s", u, strerror(-r));
362                                                 free(i);
363                                         } else {
364                                                 PolicyItem *first;
365
366                                                 first = hashmap_get(p->user_items, UINT32_TO_PTR(i->uid));
367                                                 item_append(i, &first);
368                                                 i->uid_valid = true;
369
370                                                 r = hashmap_replace(p->user_items, UINT32_TO_PTR(i->uid), first);
371                                                 if (r < 0) {
372                                                         LIST_REMOVE(items, first, i);
373                                                         return log_oom();
374                                                 }
375                                         }
376
377                                 } else if (policy_category == POLICY_CATEGORY_GROUP) {
378                                         const char *g = policy_group;
379
380                                         assert_cc(sizeof(gid_t) == sizeof(uint32_t));
381
382                                         r = hashmap_ensure_allocated(&p->group_items, NULL);
383                                         if (r < 0)
384                                                 return log_oom();
385
386                                         if (!g) {
387                                                 log_error("Group policy without name");
388                                                 return -EINVAL;
389                                         }
390
391                                         r = get_group_creds(&g, &i->gid);
392                                         if (r < 0) {
393                                                 log_error("Failed to resolve group %s, ignoring policy: %s", g, strerror(-r));
394                                                 free(i);
395                                         } else {
396                                                 PolicyItem *first;
397
398                                                 first = hashmap_get(p->group_items, UINT32_TO_PTR(i->gid));
399                                                 item_append(i, &first);
400                                                 i->gid_valid = true;
401
402                                                 r = hashmap_replace(p->group_items, UINT32_TO_PTR(i->gid), first);
403                                                 if (r < 0) {
404                                                         LIST_REMOVE(items, first, i);
405                                                         return log_oom();
406                                                 }
407                                         }
408                                 }
409
410                                 state = STATE_POLICY;
411                                 i = NULL;
412
413                         } else if (t != XML_TEXT || !in_charset(name, WHITESPACE)) {
414                                 log_error("Unexpected token (8) at %s:%u.", path, line);
415                                 return -EINVAL;
416                         }
417
418                         break;
419
420                 case STATE_ALLOW_DENY_INTERFACE:
421
422                         if (t == XML_ATTRIBUTE_VALUE) {
423                                 assert(i);
424                                 if (i->interface) {
425                                         log_error("Duplicate interface at %s:%u.", path, line);
426                                         return -EINVAL;
427                                 }
428
429                                 i->interface = name;
430                                 name = NULL;
431                                 state = STATE_ALLOW_DENY;
432                         } else {
433                                 log_error("Unexpected token (9) at %s:%u.", path, line);
434                                 return -EINVAL;
435                         }
436
437                         break;
438
439                 case STATE_ALLOW_DENY_MEMBER:
440
441                         if (t == XML_ATTRIBUTE_VALUE) {
442                                 assert(i);
443                                 if (i->member) {
444                                         log_error("Duplicate member in %s:%u.", path, line);
445                                         return -EINVAL;
446                                 }
447
448                                 i->member = name;
449                                 name = NULL;
450                                 state = STATE_ALLOW_DENY;
451                         } else {
452                                 log_error("Unexpected token (10) in %s:%u.", path, line);
453                                 return -EINVAL;
454                         }
455
456                         break;
457
458                 case STATE_ALLOW_DENY_ERROR:
459
460                         if (t == XML_ATTRIBUTE_VALUE) {
461                                 assert(i);
462                                 if (i->error) {
463                                         log_error("Duplicate error in %s:%u.", path, line);
464                                         return -EINVAL;
465                                 }
466
467                                 i->error = name;
468                                 name = NULL;
469                                 state = STATE_ALLOW_DENY;
470                         } else {
471                                 log_error("Unexpected token (11) in %s:%u.", path, line);
472                                 return -EINVAL;
473                         }
474
475                         break;
476
477                 case STATE_ALLOW_DENY_PATH:
478
479                         if (t == XML_ATTRIBUTE_VALUE) {
480                                 assert(i);
481                                 if (i->path) {
482                                         log_error("Duplicate path in %s:%u.", path, line);
483                                         return -EINVAL;
484                                 }
485
486                                 i->path = name;
487                                 name = NULL;
488                                 state = STATE_ALLOW_DENY;
489                         } else {
490                                 log_error("Unexpected token (12) in %s:%u.", path, line);
491                                 return -EINVAL;
492                         }
493
494                         break;
495
496                 case STATE_ALLOW_DENY_MESSAGE_TYPE:
497
498                         if (t == XML_ATTRIBUTE_VALUE) {
499                                 assert(i);
500
501                                 if (i->message_type != 0) {
502                                         log_error("Duplicate message type in %s:%u.", path, line);
503                                         return -EINVAL;
504                                 }
505
506                                 r = bus_message_type_from_string(name, &i->message_type);
507                                 if (r < 0) {
508                                         log_error("Invalid message type in %s:%u.", path, line);
509                                         return -EINVAL;
510                                 }
511
512                                 state = STATE_ALLOW_DENY;
513                         } else {
514                                 log_error("Unexpected token (13) in %s:%u.", path, line);
515                                 return -EINVAL;
516                         }
517
518                         break;
519
520                 case STATE_ALLOW_DENY_NAME:
521
522                         if (t == XML_ATTRIBUTE_VALUE) {
523                                 assert(i);
524                                 if (i->name) {
525                                         log_error("Duplicate name in %s:%u.", path, line);
526                                         return -EINVAL;
527                                 }
528
529                                 switch (i->class) {
530                                 case POLICY_ITEM_USER:
531                                         if (!streq(name, "*")) {
532                                                 const char *u = name;
533
534                                                 r = get_user_creds(&u, &i->uid, NULL, NULL, NULL);
535                                                 if (r < 0)
536                                                         log_error("Failed to resolve user %s: %s", name, strerror(-r));
537                                                 else
538                                                         i->uid_valid = true;
539                                         }
540                                         break;
541                                 case POLICY_ITEM_GROUP:
542                                         if (!streq(name, "*")) {
543                                                 const char *g = name;
544
545                                                 r = get_group_creds(&g, &i->gid);
546                                                 if (r < 0)
547                                                         log_error("Failed to resolve group %s: %s", name, strerror(-r));
548                                                 else
549                                                         i->gid_valid = true;
550                                         }
551                                         break;
552                                 default:
553                                         break;
554                                 }
555
556                                 i->name = name;
557                                 name = NULL;
558
559                                 state = STATE_ALLOW_DENY;
560                         } else {
561                                 log_error("Unexpected token (14) in %s:%u.", path, line);
562                                 return -EINVAL;
563                         }
564
565                         break;
566
567                 case STATE_ALLOW_DENY_OTHER_ATTRIBUTE:
568
569                         if (t == XML_ATTRIBUTE_VALUE)
570                                 state = STATE_ALLOW_DENY;
571                         else {
572                                 log_error("Unexpected token (15) in %s:%u.", path, line);
573                                 return -EINVAL;
574                         }
575
576                         break;
577
578                 case STATE_OTHER:
579
580                         if (t == XML_TAG_OPEN)
581                                 n_other++;
582                         else if (t == XML_TAG_CLOSE || t == XML_TAG_CLOSE_EMPTY) {
583
584                                 if (n_other == 0)
585                                         state = STATE_BUSCONFIG;
586                                 else
587                                         n_other--;
588                         }
589
590                         break;
591                 }
592         }
593 }
594
595 enum {
596         ALLOW,
597         DUNNO,
598         DENY,
599 };
600
601 struct policy_check_filter {
602         PolicyItemClass class;
603         const struct ucred *ucred;
604         int message_type;
605         const char *name;
606         const char *interface;
607         const char *path;
608         const char *member;
609 };
610
611 static int is_permissive(PolicyItem *i) {
612
613         assert(i);
614
615         return (i->type == POLICY_ITEM_ALLOW) ? ALLOW : DENY;
616 }
617
618 static int check_policy_item(PolicyItem *i, const struct policy_check_filter *filter) {
619
620         assert(i);
621         assert(filter);
622
623         switch (i->class) {
624         case POLICY_ITEM_SEND:
625         case POLICY_ITEM_RECV:
626
627                 if (i->name && !streq_ptr(i->name, filter->name))
628                         break;
629
630                 if ((i->message_type != 0) && (i->message_type != filter->message_type))
631                         break;
632
633                 if (i->path && !streq_ptr(i->path, filter->path))
634                         break;
635
636                 if (i->member && !streq_ptr(i->member, filter->member))
637                         break;
638
639                 if (i->interface && !streq_ptr(i->interface, filter->interface))
640                         break;
641
642                 return is_permissive(i);
643
644         case POLICY_ITEM_OWN:
645                 assert(filter->name);
646
647                 if (streq(i->name, "*") || streq(i->name, filter->name))
648                         return is_permissive(i);
649                 break;
650
651         case POLICY_ITEM_OWN_PREFIX:
652                 assert(filter->name);
653
654                 if (streq(i->name, "*") || service_name_startswith(filter->name, i->name))
655                         return is_permissive(i);
656                 break;
657
658         case POLICY_ITEM_USER:
659                 assert(filter->ucred);
660
661                 if ((streq_ptr(i->name, "*") || (i->uid_valid && i->uid == filter->ucred->uid)))
662                         return is_permissive(i);
663                 break;
664
665         case POLICY_ITEM_GROUP:
666                 assert(filter->ucred);
667
668                 if ((streq_ptr(i->name, "*") || (i->gid_valid && i->gid == filter->ucred->gid)))
669                         return is_permissive(i);
670                 break;
671
672         case POLICY_ITEM_IGNORE:
673         default:
674                 break;
675         }
676
677         return DUNNO;
678 }
679
680 static int check_policy_items(PolicyItem *items, const struct policy_check_filter *filter) {
681
682         PolicyItem *i;
683         int r, ret = DUNNO;
684
685         assert(filter);
686
687         /* Check all policies in a set - a broader one might be followed by a more specific one,
688          * and the order of rules in policy definitions matters */
689         LIST_FOREACH(items, i, items) {
690                 if (i->class != filter->class &&
691                     !(i->class == POLICY_ITEM_OWN_PREFIX && filter->class == POLICY_ITEM_OWN))
692                         continue;
693
694                 r = check_policy_item(i, filter);
695                 if (r != DUNNO)
696                         ret = r;
697         }
698
699         return ret;
700 }
701
702 static int policy_check(Policy *p, const struct policy_check_filter *filter) {
703
704         PolicyItem *items;
705         int r;
706
707         assert(p);
708         assert(filter);
709
710         assert(IN_SET(filter->class, POLICY_ITEM_SEND, POLICY_ITEM_RECV, POLICY_ITEM_OWN, POLICY_ITEM_USER, POLICY_ITEM_GROUP));
711
712         /*
713          * The policy check is implemented by the following logic:
714          *
715          * 1. Check mandatory items. If the message matches any of these, it is decisive.
716          * 2. See if the passed ucred match against the user/group hashmaps. A matching entry is also decisive.
717          * 3. Consult the defaults if non of the above matched with a more specific rule.
718          * 4. If the message isn't caught be the defaults either, reject it.
719          */
720
721         r = check_policy_items(p->mandatory_items, filter);
722         if (r != DUNNO)
723                 return r;
724
725         if (filter->ucred) {
726                 items = hashmap_get(p->user_items, UINT32_TO_PTR(filter->ucred->uid));
727                 if (items) {
728                         r = check_policy_items(items, filter);
729                         if (r != DUNNO)
730                                 return r;
731                 }
732
733                 items = hashmap_get(p->group_items, UINT32_TO_PTR(filter->ucred->gid));
734                 if (items) {
735                         r = check_policy_items(items, filter);
736                         if (r != DUNNO)
737                                 return r;
738                 }
739         }
740
741         return check_policy_items(p->default_items, filter);
742 }
743
744 bool policy_check_own(Policy *p, const struct ucred *ucred, const char *name) {
745
746         struct policy_check_filter filter = {
747                 .class = POLICY_ITEM_OWN,
748                 .ucred = ucred,
749                 .name  = name,
750         };
751
752         return policy_check(p, &filter) == ALLOW;
753 }
754
755 bool policy_check_hello(Policy *p, const struct ucred *ucred) {
756
757         struct policy_check_filter filter = {
758                 .ucred  = ucred,
759         };
760         int user, group;
761
762         filter.class = POLICY_ITEM_USER;
763         user = policy_check(p, &filter);
764         if (user == DENY)
765                 return false;
766
767         filter.class = POLICY_ITEM_GROUP;
768         group = policy_check(p, &filter);
769         if (group == DENY)
770                 return false;
771
772         return !(user == DUNNO && group == DUNNO);
773 }
774
775 bool policy_check_recv(Policy *p,
776                        const struct ucred *ucred,
777                        int message_type,
778                        const char *name,
779                        const char *path,
780                        const char *interface,
781                        const char *member) {
782
783         struct policy_check_filter filter = {
784                 .class        = POLICY_ITEM_RECV,
785                 .ucred        = ucred,
786                 .message_type = message_type,
787                 .name         = name,
788                 .interface    = interface,
789                 .path         = path,
790                 .member       = member,
791         };
792
793         return policy_check(p, &filter) == ALLOW;
794 }
795
796 bool policy_check_send(Policy *p,
797                        const struct ucred *ucred,
798                        int message_type,
799                        const char *name,
800                        const char *path,
801                        const char *interface,
802                        const char *member) {
803
804         struct policy_check_filter filter = {
805                 .class        = POLICY_ITEM_SEND,
806                 .ucred        = ucred,
807                 .message_type = message_type,
808                 .name         = name,
809                 .interface    = interface,
810                 .path         = path,
811                 .member       = member,
812         };
813
814         return policy_check(p, &filter) == ALLOW;
815 }
816
817 int policy_load(Policy *p, char **files) {
818         char **i;
819         int r;
820
821         assert(p);
822
823         STRV_FOREACH(i, files) {
824
825                 r = file_load(p, *i);
826                 if (r == -EISDIR) {
827                         _cleanup_strv_free_ char **l = NULL;
828                         char **j;
829
830                         r = conf_files_list(&l, ".conf", NULL, *i, NULL);
831                         if (r < 0) {
832                                 log_error("Failed to get configuration file list: %s", strerror(-r));
833                                 return r;
834                         }
835
836                         STRV_FOREACH(j, l)
837                                 file_load(p, *j);
838                 }
839
840                 /* We ignore all errors but EISDIR, and just proceed. */
841         }
842
843         return 0;
844 }
845
846 void policy_free(Policy *p) {
847         PolicyItem *i, *first;
848
849         if (!p)
850                 return;
851
852         while ((i = p->default_items)) {
853                 LIST_REMOVE(items, p->default_items, i);
854                 policy_item_free(i);
855         }
856
857         while ((i = p->mandatory_items)) {
858                 LIST_REMOVE(items, p->mandatory_items, i);
859                 policy_item_free(i);
860         }
861
862         while ((first = hashmap_steal_first(p->user_items))) {
863
864                 while ((i = first)) {
865                         LIST_REMOVE(items, first, i);
866                         policy_item_free(i);
867                 }
868         }
869
870         while ((first = hashmap_steal_first(p->group_items))) {
871
872                 while ((i = first)) {
873                         LIST_REMOVE(items, first, i);
874                         policy_item_free(i);
875                 }
876         }
877
878         hashmap_free(p->user_items);
879         hashmap_free(p->group_items);
880
881         p->user_items = p->group_items = NULL;
882 }
883
884 static void dump_items(PolicyItem *items, const char *prefix) {
885
886         PolicyItem *i;
887
888         if (!items)
889                 return;
890
891         if (!prefix)
892                 prefix = "";
893
894         LIST_FOREACH(items, i, items) {
895
896                 printf("%sType: %s\n"
897                        "%sClass: %s\n",
898                        prefix, policy_item_type_to_string(i->type),
899                        prefix, policy_item_class_to_string(i->class));
900
901                 if (i->interface)
902                         printf("%sInterface: %s\n",
903                                prefix, i->interface);
904
905                 if (i->member)
906                         printf("%sMember: %s\n",
907                                prefix, i->member);
908
909                 if (i->error)
910                         printf("%sError: %s\n",
911                                prefix, i->error);
912
913                 if (i->path)
914                         printf("%sPath: %s\n",
915                                prefix, i->path);
916
917                 if (i->name)
918                         printf("%sName: %s\n",
919                                prefix, i->name);
920
921                 if (i->message_type != 0)
922                         printf("%sMessage Type: %s\n",
923                                prefix, bus_message_type_to_string(i->message_type));
924
925                 if (i->uid_valid) {
926                         _cleanup_free_ char *user;
927
928                         user = uid_to_name(i->uid);
929
930                         printf("%sUser: %s (%d)\n",
931                                prefix, strna(user), i->uid);
932                 }
933
934                 if (i->gid_valid) {
935                         _cleanup_free_ char *group;
936
937                         group = gid_to_name(i->gid);
938
939                         printf("%sGroup: %s (%d)\n",
940                                prefix, strna(group), i->gid);
941                 }
942         }
943 }
944
945 static void dump_hashmap_items(Hashmap *h) {
946         PolicyItem *i;
947         Iterator j;
948         void *k;
949
950         HASHMAP_FOREACH_KEY(i, k, h, j) {
951                 printf("\t%s Item for %u:\n", draw_special_char(DRAW_ARROW), PTR_TO_UINT(k));
952                 dump_items(i, "\t\t");
953         }
954 }
955
956 void policy_dump(Policy *p) {
957
958         printf("%s Default Items:\n", draw_special_char(DRAW_ARROW));
959         dump_items(p->default_items, "\t");
960
961         printf("%s Group Items:\n", draw_special_char(DRAW_ARROW));
962         dump_hashmap_items(p->group_items);
963
964         printf("%s User Items:\n", draw_special_char(DRAW_ARROW));
965         dump_hashmap_items(p->user_items);
966
967         printf("%s Mandatory Items:\n", draw_special_char(DRAW_ARROW));
968         dump_items(p->mandatory_items, "\t");
969 }
970
971 static const char* const policy_item_type_table[_POLICY_ITEM_TYPE_MAX] = {
972         [_POLICY_ITEM_TYPE_UNSET] = "unset",
973         [POLICY_ITEM_ALLOW] = "allow",
974         [POLICY_ITEM_DENY] = "deny",
975 };
976 DEFINE_STRING_TABLE_LOOKUP(policy_item_type, PolicyItemType);
977
978 static const char* const policy_item_class_table[_POLICY_ITEM_CLASS_MAX] = {
979         [_POLICY_ITEM_CLASS_UNSET] = "unset",
980         [POLICY_ITEM_SEND] = "send",
981         [POLICY_ITEM_RECV] = "recv",
982         [POLICY_ITEM_OWN] = "own",
983         [POLICY_ITEM_OWN_PREFIX] = "own-prefix",
984         [POLICY_ITEM_USER] = "user",
985         [POLICY_ITEM_GROUP] = "group",
986         [POLICY_ITEM_IGNORE] = "ignore",
987 };
988 DEFINE_STRING_TABLE_LOOKUP(policy_item_class, PolicyItemClass);
Unnamed repository; edit this file 'description' to name the repository.