1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2013 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #ifdef HAVE_VALGRIND_MEMCHECK_H
23 #include <valgrind/memcheck.h>
30 #include <sys/prctl.h>
34 #include "memfd-util.h"
35 #include "cgroup-util.h"
38 #include "bus-internal.h"
39 #include "bus-message.h"
40 #include "bus-kernel.h"
41 #include "bus-bloom.h"
43 #include "bus-label.h"
45 #define UNIQUE_NAME_MAX (3+DECIMAL_STR_MAX(uint64_t))
47 int bus_kernel_parse_unique_name(const char *s, uint64_t *id) {
53 if (!startswith(s, ":1."))
56 r = safe_atou64(s + 3, id);
63 static void append_payload_vec(struct kdbus_item **d, const void *p, size_t sz) {
69 /* Note that p can be NULL, which encodes a region full of
70 * zeroes, which is useful to optimize certain padding
73 (*d)->size = offsetof(struct kdbus_item, vec) + sizeof(struct kdbus_vec);
74 (*d)->type = KDBUS_ITEM_PAYLOAD_VEC;
75 (*d)->vec.address = PTR_TO_UINT64(p);
78 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
81 static void append_payload_memfd(struct kdbus_item **d, int memfd, size_t start, size_t sz) {
87 (*d)->size = offsetof(struct kdbus_item, memfd) + sizeof(struct kdbus_memfd);
88 (*d)->type = KDBUS_ITEM_PAYLOAD_MEMFD;
89 (*d)->memfd.fd = memfd;
90 (*d)->memfd.start = start;
91 (*d)->memfd.size = sz;
93 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
96 static void append_destination(struct kdbus_item **d, const char *s, size_t length) {
102 (*d)->size = offsetof(struct kdbus_item, str) + length + 1;
103 (*d)->type = KDBUS_ITEM_DST_NAME;
104 memcpy((*d)->str, s, length + 1);
106 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
109 static struct kdbus_bloom_filter *append_bloom(struct kdbus_item **d, size_t length) {
110 struct kdbus_item *i;
116 i->size = offsetof(struct kdbus_item, bloom_filter) +
117 offsetof(struct kdbus_bloom_filter, data) +
119 i->type = KDBUS_ITEM_BLOOM_FILTER;
121 *d = (struct kdbus_item *) ((uint8_t*) i + i->size);
123 return &i->bloom_filter;
126 static void append_fds(struct kdbus_item **d, const int fds[], unsigned n_fds) {
132 (*d)->size = offsetof(struct kdbus_item, fds) + sizeof(int) * n_fds;
133 (*d)->type = KDBUS_ITEM_FDS;
134 memcpy((*d)->fds, fds, sizeof(int) * n_fds);
136 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
139 static void add_bloom_arg(void *data, size_t size, unsigned n_hash, unsigned i, const char *t) {
140 char buf[sizeof("arg")-1 + 2 + sizeof("-slash-prefix")];
148 e = stpcpy(buf, "arg");
150 *(e++) = '0' + (char) i;
152 *(e++) = '0' + (char) (i / 10);
153 *(e++) = '0' + (char) (i % 10);
157 bloom_add_pair(data, size, n_hash, buf, t);
159 strcpy(e, "-dot-prefix");
160 bloom_add_prefixes(data, size, n_hash, buf, t, '.');
161 strcpy(e, "-slash-prefix");
162 bloom_add_prefixes(data, size, n_hash, buf, t, '/');
165 static int bus_message_setup_bloom(sd_bus_message *m, struct kdbus_bloom_filter *bloom) {
174 memzero(data, m->bus->bloom_size);
175 bloom->generation = 0;
177 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "message-type", bus_message_type_to_string(m->header->type));
180 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "interface", m->interface);
182 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "member", m->member);
184 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "path", m->path);
185 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "path-slash-prefix", m->path);
186 bloom_add_prefixes(data, m->bus->bloom_size, m->bus->bloom_n_hash, "path-slash-prefix", m->path, '/');
189 r = sd_bus_message_rewind(m, true);
193 for (i = 0; i < 64; i++) {
194 const char *t, *contents;
197 r = sd_bus_message_peek_type(m, &type, &contents);
201 if (IN_SET(type, SD_BUS_TYPE_STRING, SD_BUS_TYPE_OBJECT_PATH, SD_BUS_TYPE_SIGNATURE)) {
203 /* The bloom filter includes simple strings of any kind */
204 r = sd_bus_message_read_basic(m, type, &t);
208 add_bloom_arg(data, m->bus->bloom_size, m->bus->bloom_n_hash, i, t);
209 } if (type == SD_BUS_TYPE_ARRAY && STR_IN_SET(contents, "s", "o", "g")) {
211 /* As well as array of simple strings of any kinds */
212 r = sd_bus_message_enter_container(m, type, contents);
216 while ((r = sd_bus_message_read_basic(m, contents[0], &t)) > 0)
217 add_bloom_arg(data, m->bus->bloom_size, m->bus->bloom_n_hash, i, t);
221 r = sd_bus_message_exit_container(m);
226 /* Stop adding to bloom filter as soon as we
227 * run into the first argument we cannot add
235 static int bus_message_setup_kmsg(sd_bus *b, sd_bus_message *m) {
236 struct bus_body_part *part;
237 struct kdbus_item *d;
238 const char *destination;
249 /* We put this together only once, if this message is reused
250 * we reuse the earlier-built version */
254 destination = m->destination ?: m->destination_ptr;
257 r = bus_kernel_parse_unique_name(destination, &unique);
265 sz = offsetof(struct kdbus_msg, items);
267 /* Add in fixed header, fields header and payload */
268 sz += (1 + m->n_body_parts) * ALIGN8(offsetof(struct kdbus_item, vec) +
269 MAX(sizeof(struct kdbus_vec),
270 sizeof(struct kdbus_memfd)));
272 /* Add space for bloom filter */
273 sz += ALIGN8(offsetof(struct kdbus_item, bloom_filter) +
274 offsetof(struct kdbus_bloom_filter, data) +
277 /* Add in well-known destination header */
279 dl = strlen(destination);
280 sz += ALIGN8(offsetof(struct kdbus_item, str) + dl + 1);
283 /* Add space for unix fds */
285 sz += ALIGN8(offsetof(struct kdbus_item, fds) + sizeof(int)*m->n_fds);
287 m->kdbus = memalign(8, sz);
293 m->free_kdbus = true;
294 memzero(m->kdbus, sz);
297 ((m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) ? 0 : KDBUS_MSG_EXPECT_REPLY) |
298 ((m->header->flags & BUS_MESSAGE_NO_AUTO_START) ? KDBUS_MSG_NO_AUTO_START : 0);
301 /* verify_destination_id will usually be 0, which makes the kernel driver only look
302 * at the provided well-known name. Otherwise, the kernel will make sure the provided
303 * destination id matches the owner of the provided weel-known-name, and fail if they
304 * differ. Currently, this is only needed for bus-proxyd. */
305 m->kdbus->dst_id = m->verify_destination_id;
307 m->kdbus->dst_id = destination ? unique : KDBUS_DST_ID_BROADCAST;
309 m->kdbus->payload_type = KDBUS_PAYLOAD_DBUS;
310 m->kdbus->cookie = (uint64_t) m->header->serial;
311 m->kdbus->priority = m->priority;
313 if (m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
314 m->kdbus->cookie_reply = m->reply_cookie;
318 assert_se(clock_gettime(CLOCK_MONOTONIC_COARSE, &now) == 0);
319 m->kdbus->timeout_ns = now.tv_sec * NSEC_PER_SEC + now.tv_nsec +
320 m->timeout * NSEC_PER_USEC;
326 append_destination(&d, destination, dl);
328 append_payload_vec(&d, m->header, BUS_MESSAGE_BODY_BEGIN(m));
330 MESSAGE_FOREACH_PART(part, i, m) {
332 /* If this is padding then simply send a
333 * vector with a NULL data pointer which the
334 * kernel will just pass through. This is the
335 * most efficient way to encode zeroes */
337 append_payload_vec(&d, NULL, part->size);
341 if (part->memfd >= 0 && part->sealed && destination) {
342 /* Try to send a memfd, if the part is
343 * sealed and this is not a broadcast. Since we can only */
345 append_payload_memfd(&d, part->memfd, part->memfd_offset, part->size);
349 /* Otherwise, let's send a vector to the actual data.
350 * For that, we need to map it first. */
351 r = bus_body_part_map(part);
355 append_payload_vec(&d, part->data, part->size);
358 if (m->kdbus->dst_id == KDBUS_DST_ID_BROADCAST) {
359 struct kdbus_bloom_filter *bloom;
361 bloom = append_bloom(&d, m->bus->bloom_size);
362 r = bus_message_setup_bloom(m, bloom);
368 append_fds(&d, m->fds, m->n_fds);
370 m->kdbus->size = (uint8_t*) d - (uint8_t*) m->kdbus;
371 assert(m->kdbus->size <= sz);
380 static void bus_message_set_sender_driver(sd_bus *bus, sd_bus_message *m) {
384 m->sender = m->creds.unique_name = (char*) "org.freedesktop.DBus";
385 m->creds.well_known_names_driver = true;
386 m->creds.mask |= (SD_BUS_CREDS_UNIQUE_NAME|SD_BUS_CREDS_WELL_KNOWN_NAMES) & bus->creds_mask;
389 static void unset_memfds(struct sd_bus_message *m) {
390 struct bus_body_part *part;
395 /* Make sure the memfds are not freed twice */
396 MESSAGE_FOREACH_PART(part, i, m)
397 if (part->memfd >= 0)
401 static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) {
402 sd_bus_message *m = NULL;
403 struct kdbus_item *d;
405 _cleanup_free_ int *fds = NULL;
406 struct bus_header *h = NULL;
407 size_t total, n_bytes = 0, idx = 0;
408 const char *destination = NULL, *seclabel = NULL;
413 assert(k->payload_type == KDBUS_PAYLOAD_DBUS);
415 KDBUS_ITEM_FOREACH(d, k, items) {
418 l = d->size - offsetof(struct kdbus_item, data);
422 case KDBUS_ITEM_PAYLOAD_OFF:
424 h = (struct bus_header *)((uint8_t *)bus->kdbus_buffer + d->vec.offset);
426 if (!bus_header_is_complete(h, d->vec.size))
430 n_bytes += d->vec.size;
433 case KDBUS_ITEM_PAYLOAD_MEMFD:
437 n_bytes += d->memfd.size;
440 case KDBUS_ITEM_FDS: {
445 f = realloc(fds, sizeof(int) * (n_fds + j));
450 memcpy(fds + n_fds, d->fds, sizeof(int) * j);
455 case KDBUS_ITEM_SECLABEL:
464 r = bus_header_message_size(h, &total);
468 if (n_bytes != total)
471 /* on kdbus we only speak native endian gvariant, never dbus1
472 * marshalling or reverse endian */
473 if (h->version != 2 ||
474 h->endian != BUS_NATIVE_ENDIAN)
477 r = bus_message_from_header(bus, h, sizeof(struct bus_header), fds, n_fds, NULL, seclabel, 0, &m);
481 /* The well-known names list is different from the other
482 credentials. If we asked for it, but nothing is there, this
483 means that the list of well-known names is simply empty, not
484 that we lack any data */
486 m->creds.mask |= (SD_BUS_CREDS_UNIQUE_NAME|SD_BUS_CREDS_WELL_KNOWN_NAMES) & bus->creds_mask;
488 KDBUS_ITEM_FOREACH(d, k, items) {
491 l = d->size - offsetof(struct kdbus_item, data);
495 case KDBUS_ITEM_PAYLOAD_OFF: {
498 begin_body = BUS_MESSAGE_BODY_BEGIN(m);
500 if (idx + d->vec.size > begin_body) {
501 struct bus_body_part *part;
503 /* Contains body material */
505 part = message_append_part(m);
511 /* A -1 offset is NUL padding. */
512 part->is_zero = d->vec.offset == ~0ULL;
514 if (idx >= begin_body) {
516 part->data = (uint8_t *)bus->kdbus_buffer + d->vec.offset;
517 part->size = d->vec.size;
520 part->data = (uint8_t *)bus->kdbus_buffer + d->vec.offset + (begin_body - idx);
521 part->size = d->vec.size - (begin_body - idx);
531 case KDBUS_ITEM_PAYLOAD_MEMFD: {
532 struct bus_body_part *part;
534 if (idx < BUS_MESSAGE_BODY_BEGIN(m)) {
539 part = message_append_part(m);
545 part->memfd = d->memfd.fd;
546 part->memfd_offset = d->memfd.start;
547 part->size = d->memfd.size;
550 idx += d->memfd.size;
554 case KDBUS_ITEM_PIDS:
556 /* The PID/TID might be missing, when the data
557 * is faked by some data bus proxy and it
558 * lacks that information about the real
559 * client since SO_PEERCRED is used for
562 if (d->pids.pid > 0) {
563 m->creds.pid = (pid_t) d->pids.pid;
564 m->creds.mask |= SD_BUS_CREDS_PID & bus->creds_mask;
567 if (d->pids.tid > 0) {
568 m->creds.tid = (pid_t) d->pids.tid;
569 m->creds.mask |= SD_BUS_CREDS_TID & bus->creds_mask;
574 case KDBUS_ITEM_CREDS:
576 /* EUID/SUID/FSUID/EGID/SGID/FSGID might be missing too (see above). */
578 if ((uid_t) d->creds.uid != UID_INVALID) {
579 m->creds.uid = (uid_t) d->creds.uid;
580 m->creds.mask |= SD_BUS_CREDS_UID & bus->creds_mask;
583 if ((uid_t) d->creds.euid != UID_INVALID) {
584 m->creds.euid = (uid_t) d->creds.euid;
585 m->creds.mask |= SD_BUS_CREDS_EUID & bus->creds_mask;
588 if ((uid_t) d->creds.suid != UID_INVALID) {
589 m->creds.suid = (uid_t) d->creds.suid;
590 m->creds.mask |= SD_BUS_CREDS_SUID & bus->creds_mask;
593 if ((uid_t) d->creds.fsuid != UID_INVALID) {
594 m->creds.fsuid = (uid_t) d->creds.fsuid;
595 m->creds.mask |= SD_BUS_CREDS_FSUID & bus->creds_mask;
598 if ((gid_t) d->creds.gid != GID_INVALID) {
599 m->creds.gid = (gid_t) d->creds.gid;
600 m->creds.mask |= SD_BUS_CREDS_GID & bus->creds_mask;
603 if ((gid_t) d->creds.egid != GID_INVALID) {
604 m->creds.egid = (gid_t) d->creds.egid;
605 m->creds.mask |= SD_BUS_CREDS_EGID & bus->creds_mask;
608 if ((gid_t) d->creds.sgid != GID_INVALID) {
609 m->creds.sgid = (gid_t) d->creds.sgid;
610 m->creds.mask |= SD_BUS_CREDS_SGID & bus->creds_mask;
613 if ((gid_t) d->creds.fsgid != GID_INVALID) {
614 m->creds.fsgid = (gid_t) d->creds.fsgid;
615 m->creds.mask |= SD_BUS_CREDS_FSGID & bus->creds_mask;
620 case KDBUS_ITEM_TIMESTAMP:
622 if (bus->attach_flags & KDBUS_ATTACH_TIMESTAMP) {
623 m->realtime = d->timestamp.realtime_ns / NSEC_PER_USEC;
624 m->monotonic = d->timestamp.monotonic_ns / NSEC_PER_USEC;
625 m->seqnum = d->timestamp.seqnum;
630 case KDBUS_ITEM_PID_COMM:
631 m->creds.comm = d->str;
632 m->creds.mask |= SD_BUS_CREDS_COMM & bus->creds_mask;
635 case KDBUS_ITEM_TID_COMM:
636 m->creds.tid_comm = d->str;
637 m->creds.mask |= SD_BUS_CREDS_TID_COMM & bus->creds_mask;
641 m->creds.exe = d->str;
642 m->creds.mask |= SD_BUS_CREDS_EXE & bus->creds_mask;
645 case KDBUS_ITEM_CMDLINE:
646 m->creds.cmdline = d->str;
647 m->creds.cmdline_size = l;
648 m->creds.mask |= SD_BUS_CREDS_CMDLINE & bus->creds_mask;
651 case KDBUS_ITEM_CGROUP:
652 m->creds.cgroup = d->str;
653 m->creds.mask |= (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID) & bus->creds_mask;
655 r = bus_get_root_path(bus);
659 m->creds.cgroup_root = bus->cgroup_root;
663 case KDBUS_ITEM_AUDIT:
664 if ((uint32_t) d->audit.sessionid != (uint32_t) -1) {
665 m->creds.audit_session_id = (uint32_t) d->audit.sessionid;
666 m->creds.mask |= SD_BUS_CREDS_AUDIT_SESSION_ID & bus->creds_mask;
669 if ((uid_t) d->audit.loginuid != UID_INVALID) {
670 m->creds.audit_login_uid = (uid_t) d->audit.loginuid;
671 m->creds.mask |= SD_BUS_CREDS_AUDIT_LOGIN_UID & bus->creds_mask;
675 case KDBUS_ITEM_CAPS:
676 m->creds.capability = (uint8_t *) d->caps.caps;
677 m->creds.capability_size = d->size - offsetof(struct kdbus_item, caps.caps);
678 m->creds.mask |= (SD_BUS_CREDS_EFFECTIVE_CAPS|SD_BUS_CREDS_PERMITTED_CAPS|SD_BUS_CREDS_INHERITABLE_CAPS|SD_BUS_CREDS_BOUNDING_CAPS) & bus->creds_mask;
681 case KDBUS_ITEM_DST_NAME:
682 if (!service_name_is_valid(d->str)) {
687 destination = d->str;
690 case KDBUS_ITEM_OWNED_NAME:
691 if (!service_name_is_valid(d->name.name)) {
696 if (bus->creds_mask & SD_BUS_CREDS_WELL_KNOWN_NAMES) {
700 /* We just extend the array here, but
701 * do not allocate the strings inside
702 * of it, instead we just point to our
703 * buffer directly. */
704 n = strv_length(m->creds.well_known_names);
705 wkn = realloc(m->creds.well_known_names, (n + 2) * sizeof(char*));
711 wkn[n] = d->name.name;
713 m->creds.well_known_names = wkn;
715 m->creds.mask |= SD_BUS_CREDS_WELL_KNOWN_NAMES;
719 case KDBUS_ITEM_CONN_DESCRIPTION:
720 m->creds.description = d->str;
721 m->creds.mask |= SD_BUS_CREDS_DESCRIPTION & bus->creds_mask;
724 case KDBUS_ITEM_AUXGROUPS:
726 if (bus->creds_mask & SD_BUS_CREDS_SUPPLEMENTARY_GIDS) {
727 assert_cc(sizeof(gid_t) == sizeof(uint32_t));
729 m->creds.n_supplementary_gids = (d->size - offsetof(struct kdbus_item, data32)) / sizeof(uint32_t);
730 m->creds.supplementary_gids = (gid_t*) d->data32;
731 m->creds.mask |= SD_BUS_CREDS_SUPPLEMENTARY_GIDS;
737 case KDBUS_ITEM_SECLABEL:
741 log_debug("Got unknown field from kernel %llu", d->type);
745 /* If we requested the list of well-known names to be appended
746 * and the sender had none no item for it will be
747 * attached. However, this does *not* mean that we the kernel
748 * didn't want to provide this information to us. Hence, let's
749 * explicitly mark this information as available if it was
751 m->creds.mask |= bus->creds_mask & SD_BUS_CREDS_WELL_KNOWN_NAMES;
753 r = bus_message_parse_fields(m);
757 /* Refuse messages if kdbus and dbus1 cookie doesn't match up */
758 if ((uint64_t) m->header->serial != k->cookie) {
763 /* Refuse messages where the reply flag doesn't match up */
764 if (!(m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) != !!(k->flags & KDBUS_MSG_EXPECT_REPLY)) {
769 /* Refuse reply messages where the reply cookie doesn't match up */
770 if ((m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) && m->reply_cookie != k->cookie_reply) {
775 /* Refuse messages where the autostart flag doesn't match up */
776 if (!(m->header->flags & BUS_MESSAGE_NO_AUTO_START) != !(k->flags & KDBUS_MSG_NO_AUTO_START)) {
781 /* Override information from the user header with data from the kernel */
782 if (k->src_id == KDBUS_SRC_ID_KERNEL)
783 bus_message_set_sender_driver(bus, m);
785 snprintf(m->sender_buffer, sizeof(m->sender_buffer), ":1.%llu", (unsigned long long) k->src_id);
786 m->sender = m->creds.unique_name = m->sender_buffer;
790 m->destination = destination;
791 else if (k->dst_id == KDBUS_DST_ID_BROADCAST)
792 m->destination = NULL;
793 else if (k->dst_id == KDBUS_DST_ID_NAME)
794 m->destination = bus->unique_name; /* fill in unique name if the well-known name is missing */
796 snprintf(m->destination_buffer, sizeof(m->destination_buffer), ":1.%llu", (unsigned long long) k->dst_id);
797 m->destination = m->destination_buffer;
800 /* We take possession of the kmsg struct now */
802 m->release_kdbus = true;
806 bus->rqueue[bus->rqueue_size++] = m;
812 sd_bus_message_unref(m);
817 int bus_kernel_take_fd(sd_bus *b) {
818 struct kdbus_cmd_hello *hello;
819 struct kdbus_item *item;
820 _cleanup_free_ char *g = NULL;
822 size_t l = 0, m = 0, sz;
832 if (b->description) {
833 g = bus_label_escape(b->description);
841 /* If no name is explicitly set, we'll include a hint
842 * indicating the library implementation, a hint which
843 * kind of bus this is and the thread name */
845 assert_se(prctl(PR_GET_NAME, (unsigned long) pr) >= 0);
848 name = b->is_system ? "sd-system" :
849 b->is_user ? "sd-user" : "sd";
851 _cleanup_free_ char *e = NULL;
853 e = bus_label_escape(pr);
857 g = strappend(b->is_system ? "sd-system-" :
858 b->is_user ? "sd-user-" : "sd-",
866 b->description = bus_label_unescape(name);
873 sz = ALIGN8(offsetof(struct kdbus_cmd_hello, items)) +
874 ALIGN8(offsetof(struct kdbus_item, str) + m + 1);
876 if (b->fake_creds_valid)
877 sz += ALIGN8(offsetof(struct kdbus_item, creds) + sizeof(struct kdbus_creds));
879 if (b->fake_pids_valid)
880 sz += ALIGN8(offsetof(struct kdbus_item, pids) + sizeof(struct kdbus_pids));
883 l = strlen(b->fake_label);
884 sz += ALIGN8(offsetof(struct kdbus_item, str) + l + 1);
887 hello = alloca0_align(sz, 8);
889 hello->flags = b->hello_flags;
890 hello->attach_flags_send = _KDBUS_ATTACH_ANY;
891 hello->attach_flags_recv = b->attach_flags;
892 hello->pool_size = KDBUS_POOL_SIZE;
896 item->size = offsetof(struct kdbus_item, str) + m + 1;
897 item->type = KDBUS_ITEM_CONN_DESCRIPTION;
898 memcpy(item->str, name, m + 1);
899 item = KDBUS_ITEM_NEXT(item);
901 if (b->fake_creds_valid) {
902 item->size = offsetof(struct kdbus_item, creds) + sizeof(struct kdbus_creds);
903 item->type = KDBUS_ITEM_CREDS;
904 item->creds = b->fake_creds;
906 item = KDBUS_ITEM_NEXT(item);
909 if (b->fake_pids_valid) {
910 item->size = offsetof(struct kdbus_item, pids) + sizeof(struct kdbus_pids);
911 item->type = KDBUS_ITEM_PIDS;
912 item->pids = b->fake_pids;
914 item = KDBUS_ITEM_NEXT(item);
918 item->size = offsetof(struct kdbus_item, str) + l + 1;
919 item->type = KDBUS_ITEM_SECLABEL;
920 memcpy(item->str, b->fake_label, l+1);
923 r = ioctl(b->input_fd, KDBUS_CMD_HELLO, hello);
927 if (!b->kdbus_buffer) {
928 b->kdbus_buffer = mmap(NULL, KDBUS_POOL_SIZE, PROT_READ, MAP_SHARED, b->input_fd, 0);
929 if (b->kdbus_buffer == MAP_FAILED) {
930 b->kdbus_buffer = NULL;
935 /* The higher 32bit of the bus_flags fields are considered
936 * 'incompatible flags'. Refuse them all for now. */
937 if (hello->bus_flags > 0xFFFFFFFFULL)
940 if (!bloom_validate_parameters((size_t) hello->bloom.size, (unsigned) hello->bloom.n_hash))
943 b->bloom_size = (size_t) hello->bloom.size;
944 b->bloom_n_hash = (unsigned) hello->bloom.n_hash;
946 if (asprintf(&b->unique_name, ":1.%llu", (unsigned long long) hello->id) < 0)
949 b->unique_id = hello->id;
952 b->bus_client = true;
953 b->can_fds = !!(hello->flags & KDBUS_HELLO_ACCEPT_FD);
954 b->message_version = 2;
955 b->message_endian = BUS_NATIVE_ENDIAN;
957 /* the kernel told us the UUID of the underlying bus */
958 memcpy(b->server_id.bytes, hello->id128, sizeof(b->server_id.bytes));
960 return bus_start_running(b);
963 int bus_kernel_connect(sd_bus *b) {
965 assert(b->input_fd < 0);
966 assert(b->output_fd < 0);
972 b->input_fd = open(b->kernel, O_RDWR|O_NOCTTY|O_CLOEXEC);
976 b->output_fd = b->input_fd;
978 return bus_kernel_take_fd(b);
981 int bus_kernel_cmd_free(sd_bus *bus, uint64_t offset) {
982 struct kdbus_cmd_free cmd = {
989 assert(bus->is_kernel);
991 r = ioctl(bus->input_fd, KDBUS_CMD_FREE, &cmd);
998 static void close_kdbus_msg(sd_bus *bus, struct kdbus_msg *k) {
999 struct kdbus_item *d;
1004 KDBUS_ITEM_FOREACH(d, k, items) {
1005 if (d->type == KDBUS_ITEM_FDS)
1006 close_many(d->fds, (d->size - offsetof(struct kdbus_item, fds)) / sizeof(int));
1007 else if (d->type == KDBUS_ITEM_PAYLOAD_MEMFD)
1008 safe_close(d->memfd.fd);
1011 bus_kernel_cmd_free(bus, (uint8_t*) k - (uint8_t*) bus->kdbus_buffer);
1014 int bus_kernel_write_message(sd_bus *bus, sd_bus_message *m, bool hint_sync_call) {
1015 struct kdbus_cmd_send cmd = { };
1020 assert(bus->state == BUS_RUNNING);
1022 /* If we can't deliver, we want room for the error message */
1023 r = bus_rqueue_make_room(bus);
1027 r = bus_message_setup_kmsg(bus, m);
1031 cmd.size = sizeof(cmd);
1032 cmd.msg_address = (uintptr_t)m->kdbus;
1034 /* If this is a synchronous method call, then let's tell the
1035 * kernel, so that it can pass CPU time/scheduling to the
1036 * destination for the time, if it wants to. If we
1037 * synchronously wait for the result anyway, we won't need CPU
1039 if (hint_sync_call) {
1040 m->kdbus->flags |= KDBUS_MSG_EXPECT_REPLY;
1041 cmd.flags |= KDBUS_SEND_SYNC_REPLY;
1044 r = ioctl(bus->output_fd, KDBUS_CMD_SEND, &cmd);
1046 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1047 sd_bus_message *reply;
1049 if (errno == EAGAIN || errno == EINTR)
1051 else if (errno == ENXIO || errno == ESRCH) {
1053 /* ENXIO: unique name not known
1054 * ESRCH: well-known name not known */
1056 if (m->header->type == SD_BUS_MESSAGE_METHOD_CALL)
1057 sd_bus_error_setf(&error, SD_BUS_ERROR_SERVICE_UNKNOWN, "Destination %s not known", m->destination);
1059 log_debug("Could not deliver message to %s as destination is not known. Ignoring.", m->destination);
1063 } else if (errno == EADDRNOTAVAIL) {
1065 /* EADDRNOTAVAIL: activation is possible, but turned off in request flags */
1067 if (m->header->type == SD_BUS_MESSAGE_METHOD_CALL)
1068 sd_bus_error_setf(&error, SD_BUS_ERROR_SERVICE_UNKNOWN, "Activation of %s not requested", m->destination);
1070 log_debug("Could not deliver message to %s as destination is not activated. Ignoring.", m->destination);
1076 r = bus_message_new_synthetic_error(
1078 BUS_MESSAGE_COOKIE(m),
1085 r = bus_seal_synthetic_message(bus, reply);
1089 bus->rqueue[bus->rqueue_size++] = reply;
1091 } else if (hint_sync_call) {
1092 struct kdbus_msg *k;
1094 k = (struct kdbus_msg *)((uint8_t *)bus->kdbus_buffer + cmd.reply.offset);
1097 if (k->payload_type == KDBUS_PAYLOAD_DBUS) {
1099 r = bus_kernel_make_message(bus, k);
1101 close_kdbus_msg(bus, k);
1103 /* Anybody can send us invalid messages, let's just drop them. */
1104 if (r == -EBADMSG || r == -EPROTOTYPE)
1105 log_debug_errno(r, "Ignoring invalid message: %m");
1110 log_debug("Ignoring message with unknown payload type %llu.", (unsigned long long) k->payload_type);
1111 close_kdbus_msg(bus, k);
1118 static int push_name_owner_changed(sd_bus *bus, const char *name, const char *old_owner, const char *new_owner) {
1119 _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
1124 r = sd_bus_message_new_signal(
1127 "/org/freedesktop/DBus",
1128 "org.freedesktop.DBus",
1129 "NameOwnerChanged");
1133 r = sd_bus_message_append(m, "sss", name, old_owner, new_owner);
1137 bus_message_set_sender_driver(bus, m);
1139 r = bus_seal_synthetic_message(bus, m);
1143 bus->rqueue[bus->rqueue_size++] = m;
1149 static int translate_name_change(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) {
1150 char new_owner[UNIQUE_NAME_MAX], old_owner[UNIQUE_NAME_MAX];
1156 if (d->type == KDBUS_ITEM_NAME_ADD || (d->name_change.old_id.flags & (KDBUS_NAME_IN_QUEUE|KDBUS_NAME_ACTIVATOR)))
1159 sprintf(old_owner, ":1.%llu", (unsigned long long) d->name_change.old_id.id);
1161 if (d->type == KDBUS_ITEM_NAME_REMOVE || (d->name_change.new_id.flags & (KDBUS_NAME_IN_QUEUE|KDBUS_NAME_ACTIVATOR))) {
1163 if (isempty(old_owner))
1168 sprintf(new_owner, ":1.%llu", (unsigned long long) d->name_change.new_id.id);
1170 return push_name_owner_changed(bus, d->name_change.name, old_owner, new_owner);
1173 static int translate_id_change(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) {
1174 char owner[UNIQUE_NAME_MAX];
1180 sprintf(owner, ":1.%llu", d->id_change.id);
1182 return push_name_owner_changed(
1184 d->type == KDBUS_ITEM_ID_ADD ? NULL : owner,
1185 d->type == KDBUS_ITEM_ID_ADD ? owner : NULL);
1188 static int translate_reply(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) {
1189 _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
1196 r = bus_message_new_synthetic_error(
1199 d->type == KDBUS_ITEM_REPLY_TIMEOUT ?
1200 &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_NO_REPLY, "Method call timed out") :
1201 &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_NO_REPLY, "Method call peer died"),
1206 bus_message_set_sender_driver(bus, m);
1208 r = bus_seal_synthetic_message(bus, m);
1212 bus->rqueue[bus->rqueue_size++] = m;
1218 static int bus_kernel_translate_message(sd_bus *bus, struct kdbus_msg *k) {
1219 struct kdbus_item *d, *found = NULL;
1221 static int (* const translate[])(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) = {
1222 [KDBUS_ITEM_NAME_ADD - _KDBUS_ITEM_KERNEL_BASE] = translate_name_change,
1223 [KDBUS_ITEM_NAME_REMOVE - _KDBUS_ITEM_KERNEL_BASE] = translate_name_change,
1224 [KDBUS_ITEM_NAME_CHANGE - _KDBUS_ITEM_KERNEL_BASE] = translate_name_change,
1226 [KDBUS_ITEM_ID_ADD - _KDBUS_ITEM_KERNEL_BASE] = translate_id_change,
1227 [KDBUS_ITEM_ID_REMOVE - _KDBUS_ITEM_KERNEL_BASE] = translate_id_change,
1229 [KDBUS_ITEM_REPLY_TIMEOUT - _KDBUS_ITEM_KERNEL_BASE] = translate_reply,
1230 [KDBUS_ITEM_REPLY_DEAD - _KDBUS_ITEM_KERNEL_BASE] = translate_reply,
1235 assert(k->payload_type == KDBUS_PAYLOAD_KERNEL);
1237 KDBUS_ITEM_FOREACH(d, k, items) {
1238 if (d->type >= _KDBUS_ITEM_KERNEL_BASE && d->type < _KDBUS_ITEM_KERNEL_BASE + ELEMENTSOF(translate)) {
1243 log_debug("Got unknown field from kernel %llu", d->type);
1247 log_debug("Didn't find a kernel message to translate.");
1251 return translate[found->type - _KDBUS_ITEM_KERNEL_BASE](bus, k, found);
1254 int bus_kernel_read_message(sd_bus *bus, bool hint_priority, int64_t priority) {
1255 struct kdbus_cmd_recv recv = { .size = sizeof(recv) };
1256 struct kdbus_msg *k;
1261 r = bus_rqueue_make_room(bus);
1265 if (hint_priority) {
1266 recv.flags |= KDBUS_RECV_USE_PRIORITY;
1267 recv.priority = priority;
1270 r = ioctl(bus->input_fd, KDBUS_CMD_RECV, &recv);
1272 if (errno == EAGAIN)
1275 if (errno == EOVERFLOW) {
1276 log_debug("%s: kdbus reports %" PRIu64 " dropped broadcast messages, ignoring.", strna(bus->description), (uint64_t) recv.dropped_msgs);
1283 k = (struct kdbus_msg *)((uint8_t *)bus->kdbus_buffer + recv.reply.offset);
1284 if (k->payload_type == KDBUS_PAYLOAD_DBUS) {
1285 r = bus_kernel_make_message(bus, k);
1287 /* Anybody can send us invalid messages, let's just drop them. */
1288 if (r == -EBADMSG || r == -EPROTOTYPE) {
1289 log_debug_errno(r, "Ignoring invalid message: %m");
1293 } else if (k->payload_type == KDBUS_PAYLOAD_KERNEL)
1294 r = bus_kernel_translate_message(bus, k);
1296 log_debug("Ignoring message with unknown payload type %llu.", (unsigned long long) k->payload_type);
1301 close_kdbus_msg(bus, k);
1303 return r < 0 ? r : 1;
1306 int bus_kernel_pop_memfd(sd_bus *bus, void **address, size_t *mapped, size_t *allocated) {
1307 struct memfd_cache *c;
1314 if (!bus || !bus->is_kernel)
1317 assert_se(pthread_mutex_lock(&bus->memfd_cache_mutex) >= 0);
1319 if (bus->n_memfd_cache <= 0) {
1322 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1324 r = memfd_new(bus->description);
1334 c = &bus->memfd_cache[--bus->n_memfd_cache];
1337 assert(c->mapped == 0 || c->address);
1339 *address = c->address;
1340 *mapped = c->mapped;
1341 *allocated = c->allocated;
1344 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1349 static void close_and_munmap(int fd, void *address, size_t size) {
1351 assert_se(munmap(address, PAGE_ALIGN(size)) >= 0);
1356 void bus_kernel_push_memfd(sd_bus *bus, int fd, void *address, size_t mapped, size_t allocated) {
1357 struct memfd_cache *c;
1358 uint64_t max_mapped = PAGE_ALIGN(MEMFD_CACHE_ITEM_SIZE_MAX);
1361 assert(mapped == 0 || address);
1363 if (!bus || !bus->is_kernel) {
1364 close_and_munmap(fd, address, mapped);
1368 assert_se(pthread_mutex_lock(&bus->memfd_cache_mutex) >= 0);
1370 if (bus->n_memfd_cache >= ELEMENTSOF(bus->memfd_cache)) {
1371 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1373 close_and_munmap(fd, address, mapped);
1377 c = &bus->memfd_cache[bus->n_memfd_cache++];
1379 c->address = address;
1381 /* If overly long, let's return a bit to the OS */
1382 if (mapped > max_mapped) {
1383 assert_se(memfd_set_size(fd, max_mapped) >= 0);
1384 assert_se(munmap((uint8_t*) address + max_mapped, PAGE_ALIGN(mapped - max_mapped)) >= 0);
1385 c->mapped = c->allocated = max_mapped;
1388 c->allocated = allocated;
1391 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1394 void bus_kernel_flush_memfd(sd_bus *b) {
1399 for (i = 0; i < b->n_memfd_cache; i++)
1400 close_and_munmap(b->memfd_cache[i].fd, b->memfd_cache[i].address, b->memfd_cache[i].mapped);
1403 uint64_t request_name_flags_to_kdbus(uint64_t flags) {
1406 if (flags & SD_BUS_NAME_ALLOW_REPLACEMENT)
1407 f |= KDBUS_NAME_ALLOW_REPLACEMENT;
1409 if (flags & SD_BUS_NAME_REPLACE_EXISTING)
1410 f |= KDBUS_NAME_REPLACE_EXISTING;
1412 if (flags & SD_BUS_NAME_QUEUE)
1413 f |= KDBUS_NAME_QUEUE;
1418 uint64_t attach_flags_to_kdbus(uint64_t mask) {
1421 if (mask & (SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID|
1422 SD_BUS_CREDS_GID|SD_BUS_CREDS_EGID|SD_BUS_CREDS_SGID|SD_BUS_CREDS_FSGID))
1423 m |= KDBUS_ATTACH_CREDS;
1425 if (mask & (SD_BUS_CREDS_PID|SD_BUS_CREDS_TID))
1426 m |= KDBUS_ATTACH_PIDS;
1428 if (mask & SD_BUS_CREDS_COMM)
1429 m |= KDBUS_ATTACH_PID_COMM;
1431 if (mask & SD_BUS_CREDS_TID_COMM)
1432 m |= KDBUS_ATTACH_TID_COMM;
1434 if (mask & SD_BUS_CREDS_EXE)
1435 m |= KDBUS_ATTACH_EXE;
1437 if (mask & SD_BUS_CREDS_CMDLINE)
1438 m |= KDBUS_ATTACH_CMDLINE;
1440 if (mask & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID))
1441 m |= KDBUS_ATTACH_CGROUP;
1443 if (mask & (SD_BUS_CREDS_EFFECTIVE_CAPS|SD_BUS_CREDS_PERMITTED_CAPS|SD_BUS_CREDS_INHERITABLE_CAPS|SD_BUS_CREDS_BOUNDING_CAPS))
1444 m |= KDBUS_ATTACH_CAPS;
1446 if (mask & SD_BUS_CREDS_SELINUX_CONTEXT)
1447 m |= KDBUS_ATTACH_SECLABEL;
1449 if (mask & (SD_BUS_CREDS_AUDIT_SESSION_ID|SD_BUS_CREDS_AUDIT_LOGIN_UID))
1450 m |= KDBUS_ATTACH_AUDIT;
1452 if (mask & SD_BUS_CREDS_WELL_KNOWN_NAMES)
1453 m |= KDBUS_ATTACH_NAMES;
1455 if (mask & SD_BUS_CREDS_DESCRIPTION)
1456 m |= KDBUS_ATTACH_CONN_DESCRIPTION;
1458 if (mask & SD_BUS_CREDS_SUPPLEMENTARY_GIDS)
1459 m |= KDBUS_ATTACH_AUXGROUPS;
1464 int bus_kernel_create_bus(const char *name, bool world, char **s) {
1465 struct kdbus_cmd_make *make;
1466 struct kdbus_item *n;
1473 fd = open("/sys/fs/kdbus/control", O_RDWR|O_NOCTTY|O_CLOEXEC);
1478 make = alloca0_align(offsetof(struct kdbus_cmd_make, items) +
1479 ALIGN8(offsetof(struct kdbus_item, bloom_parameter) + sizeof(struct kdbus_bloom_parameter)) +
1480 ALIGN8(offsetof(struct kdbus_item, data64) + sizeof(uint64_t)) +
1481 ALIGN8(offsetof(struct kdbus_item, str) + DECIMAL_STR_MAX(uid_t) + 1 + l + 1),
1484 make->size = offsetof(struct kdbus_cmd_make, items);
1486 /* Set the bloom parameters */
1488 n->size = offsetof(struct kdbus_item, bloom_parameter) +
1489 sizeof(struct kdbus_bloom_parameter);
1490 n->type = KDBUS_ITEM_BLOOM_PARAMETER;
1491 n->bloom_parameter.size = DEFAULT_BLOOM_SIZE;
1492 n->bloom_parameter.n_hash = DEFAULT_BLOOM_N_HASH;
1494 assert_cc(DEFAULT_BLOOM_SIZE > 0);
1495 assert_cc(DEFAULT_BLOOM_N_HASH > 0);
1497 make->size += ALIGN8(n->size);
1499 /* The busses we create make no restrictions on what metadata
1500 * peers can read from incoming messages. */
1501 n = KDBUS_ITEM_NEXT(n);
1502 n->type = KDBUS_ITEM_ATTACH_FLAGS_RECV;
1503 n->size = offsetof(struct kdbus_item, data64) + sizeof(uint64_t);
1504 n->data64[0] = _KDBUS_ATTACH_ANY;
1505 make->size += ALIGN8(n->size);
1507 /* Set the a good name */
1508 n = KDBUS_ITEM_NEXT(n);
1509 sprintf(n->str, UID_FMT "-%s", getuid(), name);
1510 n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
1511 n->type = KDBUS_ITEM_MAKE_NAME;
1512 make->size += ALIGN8(n->size);
1514 make->flags = world ? KDBUS_MAKE_ACCESS_WORLD : 0;
1516 if (ioctl(fd, KDBUS_CMD_BUS_MAKE, make) < 0) {
1524 p = strjoin("/sys/fs/kdbus/", n->str, "/bus", NULL);
1536 static int bus_kernel_translate_access(BusPolicyAccess access) {
1537 assert(access >= 0);
1538 assert(access < _BUS_POLICY_ACCESS_MAX);
1542 case BUS_POLICY_ACCESS_SEE:
1543 return KDBUS_POLICY_SEE;
1545 case BUS_POLICY_ACCESS_TALK:
1546 return KDBUS_POLICY_TALK;
1548 case BUS_POLICY_ACCESS_OWN:
1549 return KDBUS_POLICY_OWN;
1552 assert_not_reached("Unknown policy access");
1556 static int bus_kernel_translate_policy(const BusNamePolicy *policy, struct kdbus_item *item) {
1562 switch (policy->type) {
1564 case BUSNAME_POLICY_TYPE_USER: {
1565 const char *user = policy->name;
1568 r = get_user_creds(&user, &uid, NULL, NULL, NULL);
1572 item->policy_access.type = KDBUS_POLICY_ACCESS_USER;
1573 item->policy_access.id = uid;
1577 case BUSNAME_POLICY_TYPE_GROUP: {
1578 const char *group = policy->name;
1581 r = get_group_creds(&group, &gid);
1585 item->policy_access.type = KDBUS_POLICY_ACCESS_GROUP;
1586 item->policy_access.id = gid;
1591 assert_not_reached("Unknown policy type");
1594 item->policy_access.access = bus_kernel_translate_access(policy->access);
1599 int bus_kernel_open_bus_fd(const char *bus, char **path) {
1606 len = strlen("/sys/fs/kdbus/") + DECIMAL_STR_MAX(uid_t) + 1 + strlen(bus) + strlen("/bus") + 1;
1613 p = newa(char, len);
1615 sprintf(p, "/sys/fs/kdbus/" UID_FMT "-%s/bus", getuid(), bus);
1617 fd = open(p, O_RDWR|O_NOCTTY|O_CLOEXEC);
1631 int bus_kernel_create_endpoint(const char *bus_name, const char *ep_name, char **ep_path) {
1632 _cleanup_free_ char *path = NULL;
1633 struct kdbus_cmd_make *make;
1634 struct kdbus_item *n;
1638 fd = bus_kernel_open_bus_fd(bus_name, &path);
1642 make = alloca0_align(ALIGN8(offsetof(struct kdbus_cmd_make, items)) +
1643 ALIGN8(offsetof(struct kdbus_item, str) + DECIMAL_STR_MAX(uid_t) + 1 + strlen(ep_name) + 1),
1645 make->size = ALIGN8(offsetof(struct kdbus_cmd_make, items));
1646 make->flags = KDBUS_MAKE_ACCESS_WORLD;
1649 sprintf(n->str, UID_FMT "-%s", getuid(), ep_name);
1650 n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
1651 n->type = KDBUS_ITEM_MAKE_NAME;
1652 make->size += ALIGN8(n->size);
1655 if (ioctl(fd, KDBUS_CMD_ENDPOINT_MAKE, make) < 0) {
1663 p = strjoin(dirname(path), "/", name, NULL);
1675 int bus_kernel_set_endpoint_policy(int fd, uid_t uid, BusEndpoint *ep) {
1677 struct kdbus_cmd_update *update;
1678 struct kdbus_item *n;
1679 BusEndpointPolicy *po;
1684 size = ALIGN8(offsetof(struct kdbus_cmd_update, items));
1686 HASHMAP_FOREACH(po, ep->policy_hash, i) {
1687 size += ALIGN8(offsetof(struct kdbus_item, str) + strlen(po->name) + 1);
1688 size += ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access));
1691 update = alloca0_align(size, 8);
1692 update->size = size;
1696 HASHMAP_FOREACH(po, ep->policy_hash, i) {
1697 n->type = KDBUS_ITEM_NAME;
1698 n->size = offsetof(struct kdbus_item, str) + strlen(po->name) + 1;
1699 strcpy(n->str, po->name);
1700 n = KDBUS_ITEM_NEXT(n);
1702 n->type = KDBUS_ITEM_POLICY_ACCESS;
1703 n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
1705 n->policy_access.type = KDBUS_POLICY_ACCESS_USER;
1706 n->policy_access.access = bus_kernel_translate_access(po->access);
1707 n->policy_access.id = uid;
1709 n = KDBUS_ITEM_NEXT(n);
1712 r = ioctl(fd, KDBUS_CMD_ENDPOINT_UPDATE, update);
1719 int bus_kernel_make_starter(
1724 BusNamePolicy *policy,
1725 BusPolicyAccess world_policy) {
1727 struct kdbus_cmd_hello *hello;
1728 struct kdbus_item *n;
1729 size_t policy_cnt = 0;
1737 LIST_FOREACH(policy, po, policy)
1740 if (world_policy >= 0)
1743 size = offsetof(struct kdbus_cmd_hello, items) +
1744 ALIGN8(offsetof(struct kdbus_item, str) + strlen(name) + 1) +
1745 policy_cnt * ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access));
1747 hello = alloca0_align(size, 8);
1750 strcpy(n->str, name);
1751 n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
1752 n->type = KDBUS_ITEM_NAME;
1753 n = KDBUS_ITEM_NEXT(n);
1755 LIST_FOREACH(policy, po, policy) {
1756 n->type = KDBUS_ITEM_POLICY_ACCESS;
1757 n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
1759 r = bus_kernel_translate_policy(po, n);
1763 n = KDBUS_ITEM_NEXT(n);
1766 if (world_policy >= 0) {
1767 n->type = KDBUS_ITEM_POLICY_ACCESS;
1768 n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
1769 n->policy_access.type = KDBUS_POLICY_ACCESS_WORLD;
1770 n->policy_access.access = bus_kernel_translate_access(world_policy);
1775 (activating ? KDBUS_HELLO_ACTIVATOR : KDBUS_HELLO_POLICY_HOLDER) |
1776 (accept_fd ? KDBUS_HELLO_ACCEPT_FD : 0);
1777 hello->pool_size = KDBUS_POOL_SIZE;
1778 hello->attach_flags_send = _KDBUS_ATTACH_ANY;
1779 hello->attach_flags_recv = _KDBUS_ATTACH_ANY;
1781 if (ioctl(fd, KDBUS_CMD_HELLO, hello) < 0)
1784 /* The higher 32bit of the bus_flags fields are considered
1785 * 'incompatible flags'. Refuse them all for now. */
1786 if (hello->bus_flags > 0xFFFFFFFFULL)
1789 if (!bloom_validate_parameters((size_t) hello->bloom.size, (unsigned) hello->bloom.n_hash))
1795 int bus_kernel_try_close(sd_bus *bus) {
1797 assert(bus->is_kernel);
1799 if (ioctl(bus->input_fd, KDBUS_CMD_BYEBYE) < 0)
1805 int bus_kernel_drop_one(int fd) {
1806 struct kdbus_cmd_recv recv = {
1807 .size = sizeof(recv),
1808 .flags = KDBUS_RECV_DROP,
1813 if (ioctl(fd, KDBUS_CMD_RECV, &recv) < 0)
1819 int bus_kernel_realize_attach_flags(sd_bus *bus) {
1820 struct kdbus_cmd_update *update;
1821 struct kdbus_item *n;
1824 assert(bus->is_kernel);
1826 update = alloca0_align(offsetof(struct kdbus_cmd_update, items) +
1827 ALIGN8(offsetof(struct kdbus_item, data64) + sizeof(uint64_t)),
1831 n->type = KDBUS_ITEM_ATTACH_FLAGS_RECV;
1832 n->size = offsetof(struct kdbus_item, data64) + sizeof(uint64_t);
1833 n->data64[0] = bus->attach_flags;
1836 offsetof(struct kdbus_cmd_update, items) +
1839 if (ioctl(bus->input_fd, KDBUS_CMD_CONN_UPDATE, update) < 0)
1845 int bus_kernel_fix_attach_mask(void) {
1846 _cleanup_free_ char *mask = NULL;
1847 uint64_t m = (uint64_t) -1;
1851 /* By default we don't want any kdbus metadata fields to be
1852 * suppressed, hence we reset the kernel mask for it to
1853 * (uint64_t) -1. This is overridable via a kernel command
1854 * line option, however. */
1856 r = get_proc_cmdline_key("systemd.kdbus_attach_flags_mask=", &mask);
1858 return log_warning_errno(r, "Failed to read kernel command line: %m");
1861 const char *p = mask;
1863 if (startswith(p, "0x"))
1866 if (sscanf(p, "%" PRIx64, &m) != 1)
1867 log_warning("Couldn't parse systemd.kdbus_attach_flags_mask= kernel command line parameter.");
1870 sprintf(buf, "0x%" PRIx64 "\n", m);
1871 r = write_string_file("/sys/module/kdbus/parameters/attach_flags_mask", buf);
1873 return log_full_errno(
1874 IN_SET(r, -ENOENT, -EROFS) ? LOG_DEBUG : LOG_WARNING, r,
1875 "Failed to write kdbus attach mask: %m");
1880 int bus_kernel_get_bus_name(sd_bus *bus, char **name) {
1881 struct kdbus_cmd_info cmd = {
1882 .size = sizeof(struct kdbus_cmd_info),
1884 struct kdbus_info *info;
1885 struct kdbus_item *item;
1891 assert(bus->is_kernel);
1893 r = ioctl(bus->input_fd, KDBUS_CMD_BUS_CREATOR_INFO, &cmd);
1897 info = (struct kdbus_info*) ((uint8_t*) bus->kdbus_buffer + cmd.offset);
1899 KDBUS_ITEM_FOREACH(item, info, items)
1900 if (item->type == KDBUS_ITEM_MAKE_NAME) {
1901 r = free_and_strdup(&n, item->str);
1905 bus_kernel_cmd_free(bus, cmd.offset);