chiark / gitweb /
bus: if we hit the end of an array container return 0 as EOF indicator when reading it
[elogind.git] / src / libsystemd-bus / bus-message.c
index e0fb1f4..511bdf5 100644 (file)
@@ -59,17 +59,21 @@ static void message_free_part(sd_bus_message *m, struct bus_body_part *part) {
         assert(part);
 
         if (part->memfd >= 0) {
+                /* If we can reuse the memfd, try that. For that it
+                 * can't be sealed yet. */
 
                 if (!part->sealed)
                         bus_kernel_push_memfd(m->bus, part->memfd, part->data, part->mapped);
                 else {
-                        if (part->size > 0)
-                                assert_se(munmap(part->data, PAGE_ALIGN(part->size)) == 0);
+                        if (part->mapped > 0)
+                                assert_se(munmap(part->data, part->mapped) == 0);
 
                         close_nointr_nofail(part->memfd);
                 }
 
-        } else if (part->free_this)
+        } else if (part->munmap_this)
+                munmap(part->data, part->mapped);
+        else if (part->free_this)
                 free(part->data);
 
         if (part != &m->body)
@@ -116,25 +120,26 @@ static void message_free(sd_bus_message *m) {
         if (m->free_header)
                 free(m->header);
 
-        if (m->free_fields)
-                free(m->fields);
-
         message_reset_parts(m);
 
         if (m->free_kdbus)
                 free(m->kdbus);
 
-        if (m->release_kdbus)
-                ioctl(m->bus->input_fd, KDBUS_CMD_MSG_RELEASE, m->kdbus);
+        if (m->release_kdbus) {
+                uint64_t off;
 
-        if (m->free_fds) {
-                close_many(m->fds, m->n_fds);
-                free(m->fds);
+                off = (uint8_t *)m->kdbus - (uint8_t *)m->bus->kdbus_buffer;
+                ioctl(m->bus->input_fd, KDBUS_CMD_MSG_RELEASE, &off);
         }
 
         if (m->bus)
                 sd_bus_unref(m->bus);
 
+        if (m->free_fds) {
+                close_many(m->fds, m->n_fds);
+                free(m->fds);
+        }
+
         if (m->iovec != m->iovec_fixed)
                 free(m->iovec);
 
@@ -151,66 +156,64 @@ static void message_free(sd_bus_message *m) {
         free(m);
 }
 
-static void* buffer_extend(void **p, uint32_t *sz, size_t align, size_t extend) {
-        size_t start, end;
-        void *k;
-
-        assert(p);
-        assert(sz);
-        assert(align > 0);
-
-        start = ALIGN_TO((size_t) *sz, align);
-        end = start + extend;
-
-        if (end == *sz)
-                return (uint8_t*) *p + start;
+static void *message_extend_fields(sd_bus_message *m, size_t align, size_t sz) {
+        void *op, *np;
+        size_t old_size, new_size, start;
 
-        if (end > (size_t) ((uint32_t) -1))
-                return NULL;
+        assert(m);
 
-        k = realloc(*p, end);
-        if (!k)
+        if (m->poisoned)
                 return NULL;
 
-        /* Zero out padding */
-        if (start > *sz)
-                memset((uint8_t*) k + *sz, 0, start - *sz);
+        old_size = sizeof(struct bus_header) + m->header->fields_size;
+        start = ALIGN_TO(old_size, align);
+        new_size = start + sz;
 
-        *p = k;
-        *sz = end;
+        if (old_size == new_size)
+                return (uint8_t*) m->header + old_size;
 
-        return (uint8_t*) k + start;
-}
+        if (new_size > (size_t) ((uint32_t) -1))
+                goto poison;
 
-static void *message_extend_fields(sd_bus_message *m, size_t align, size_t sz) {
-        void *p, *op;
-        size_t os;
+        if (m->free_header) {
+                np = realloc(m->header, ALIGN8(new_size));
+                if (!np)
+                        goto poison;
+        } else {
+                /* Initially, the header is allocated as part of of
+                 * the sd_bus_message itself, let's replace it by
+                 * dynamic data */
 
-        assert(m);
+                np = malloc(ALIGN8(new_size));
+                if (!np)
+                        goto poison;
 
-        if (m->poisoned)
-                return NULL;
+                memcpy(np, m->header, sizeof(struct bus_header));
+        }
 
-        op = m->fields;
-        os = m->header->fields_size;
+        /* Zero out padding */
+        if (start > old_size)
+                memset((uint8_t*) np + old_size, 0, start - old_size);
 
-        p = buffer_extend(&m->fields, &m->header->fields_size, align, sz);
-        if (!p) {
-                m->poisoned = true;
-                return NULL;
-        }
+        op = m->header;
+        m->header = np;
+        m->header->fields_size = new_size - sizeof(struct bus_header);
 
         /* Adjust quick access pointers */
-        m->path = adjust_pointer(m->path, op, os, m->fields);
-        m->interface = adjust_pointer(m->interface, op, os, m->fields);
-        m->member = adjust_pointer(m->member, op, os, m->fields);
-        m->destination = adjust_pointer(m->destination, op, os, m->fields);
-        m->sender = adjust_pointer(m->sender, op, os, m->fields);
-        m->error.name = adjust_pointer(m->error.name, op, os, m->fields);
+        m->path = adjust_pointer(m->path, op, old_size, m->header);
+        m->interface = adjust_pointer(m->interface, op, old_size, m->header);
+        m->member = adjust_pointer(m->member, op, old_size, m->header);
+        m->destination = adjust_pointer(m->destination, op, old_size, m->header);
+        m->sender = adjust_pointer(m->sender, op, old_size, m->header);
+        m->error.name = adjust_pointer(m->error.name, op, old_size, m->header);
 
-        m->free_fields = true;
+        m->free_header = true;
 
-        return p;
+        return (uint8_t*) np + start;
+
+poison:
+        m->poisoned = true;
+        return NULL;
 }
 
 static int message_append_field_string(
@@ -390,8 +393,6 @@ int bus_message_from_malloc(
                 goto fail;
         }
 
-        m->fields = (uint8_t*) buffer + sizeof(struct bus_header);
-
         m->n_body_parts = 1;
         m->body.data = (uint8_t*) buffer + sizeof(struct bus_header) + ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m));
         m->body.size = length - sizeof(struct bus_header) - ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m));
@@ -460,7 +461,7 @@ int sd_bus_message_new_signal(
         if (bus && bus->state == BUS_UNSET)
                 return -ENOTCONN;
 
-        t = message_new(bus, SD_BUS_MESSAGE_TYPE_SIGNAL);
+        t = message_new(bus, SD_BUS_MESSAGE_SIGNAL);
         if (!t)
                 return -ENOMEM;
 
@@ -495,16 +496,20 @@ int sd_bus_message_new_method_call(
         sd_bus_message *t;
         int r;
 
-        if (!path)
+        if (destination && !service_name_is_valid(destination))
                 return -EINVAL;
-        if (!member)
+        if (!object_path_is_valid(path))
+                return -EINVAL;
+        if (interface && !interface_name_is_valid(interface))
+                return -EINVAL;
+        if (!member_name_is_valid(member))
                 return -EINVAL;
         if (!m)
                 return -EINVAL;
         if (bus && bus->state == BUS_UNSET)
                 return -ENOTCONN;
 
-        t = message_new(bus, SD_BUS_MESSAGE_TYPE_METHOD_CALL);
+        t = message_new(bus, SD_BUS_MESSAGE_METHOD_CALL);
         if (!t)
                 return -ENOMEM;
 
@@ -548,7 +553,7 @@ static int message_new_reply(
                 return -EINVAL;
         if (!call->sealed)
                 return -EPERM;
-        if (call->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
+        if (call->header->type != SD_BUS_MESSAGE_METHOD_CALL)
                 return -EINVAL;
         if (!m)
                 return -EINVAL;
@@ -567,7 +572,7 @@ static int message_new_reply(
                 goto fail;
 
         if (call->sender) {
-                r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, call->sender, &t->sender);
+                r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, call->sender, &t->destination);
                 if (r < 0)
                         goto fail;
         }
@@ -587,7 +592,7 @@ int sd_bus_message_new_method_return(
                 sd_bus_message *call,
                 sd_bus_message **m) {
 
-        return message_new_reply(bus, call, SD_BUS_MESSAGE_TYPE_METHOD_RETURN, m);
+        return message_new_reply(bus, call, SD_BUS_MESSAGE_METHOD_RETURN, m);
 }
 
 int sd_bus_message_new_method_error(
@@ -604,7 +609,7 @@ int sd_bus_message_new_method_error(
         if (!m)
                 return -EINVAL;
 
-        r = message_new_reply(bus, call, SD_BUS_MESSAGE_TYPE_METHOD_ERROR, &t);
+        r = message_new_reply(bus, call, SD_BUS_MESSAGE_METHOD_ERROR, &t);
         if (r < 0)
                 return r;
 
@@ -626,6 +631,117 @@ fail:
         return r;
 }
 
+int sd_bus_message_new_method_errorf(
+                sd_bus *bus,
+                sd_bus_message *call,
+                sd_bus_message **m,
+                const char *name,
+                const char *format,
+                ...) {
+
+        _cleanup_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
+        va_list ap;
+        int r;
+
+        assert_return(name, -EINVAL);
+        assert_return(m, -EINVAL);
+
+        va_start(ap, format);
+        r = bus_error_setfv(&error, name, format, ap);
+        va_end(ap);
+
+        if (r < 0)
+                return r;
+
+        return sd_bus_message_new_method_error(bus, call, &error, m);
+}
+
+int sd_bus_message_new_method_errno(
+                sd_bus *bus,
+                sd_bus_message *call,
+                int error,
+                const sd_bus_error *p,
+                sd_bus_message **m) {
+
+        _cleanup_free_ sd_bus_error berror = SD_BUS_ERROR_NULL;
+
+        if (sd_bus_error_is_set(p))
+                return sd_bus_message_new_method_error(bus, call, p, m);
+
+        sd_bus_error_set_errno(&berror, error);
+
+        return sd_bus_message_new_method_error(bus, call, &berror, m);
+}
+
+int sd_bus_message_new_method_errnof(
+                sd_bus *bus,
+                sd_bus_message *call,
+                sd_bus_message **m,
+                int error,
+                const char *format,
+                ...) {
+
+        _cleanup_free_ sd_bus_error berror = SD_BUS_ERROR_NULL;
+        va_list ap;
+        int r;
+
+        va_start(ap, format);
+        r = bus_error_set_errnofv(&berror, error, format, ap);
+        va_end(ap);
+
+        if (r < 0)
+                return r;
+
+        return sd_bus_message_new_method_error(bus, call, &berror, m);
+}
+
+int bus_message_new_synthetic_error(
+                sd_bus *bus,
+                uint64_t serial,
+                const sd_bus_error *e,
+                sd_bus_message **m) {
+
+        sd_bus_message *t;
+        int r;
+
+        assert(sd_bus_error_is_set(e));
+        assert(m);
+
+        t = message_new(bus, SD_BUS_MESSAGE_METHOD_ERROR);
+        if (!t)
+                return -ENOMEM;
+
+        t->header->flags |= SD_BUS_MESSAGE_NO_REPLY_EXPECTED;
+        t->reply_serial = serial;
+
+        r = message_append_field_uint32(t, SD_BUS_MESSAGE_HEADER_REPLY_SERIAL, t->reply_serial);
+        if (r < 0)
+                goto fail;
+
+        if (bus && bus->unique_name) {
+                r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, bus->unique_name, &t->destination);
+                if (r < 0)
+                        goto fail;
+        }
+
+        r = message_append_field_string(t, SD_BUS_MESSAGE_HEADER_ERROR_NAME, SD_BUS_TYPE_STRING, e->name, &t->error.name);
+        if (r < 0)
+                goto fail;
+
+        if (e->message) {
+                r = message_append_basic(t, SD_BUS_TYPE_STRING, e->message, (const void**) &t->error.message);
+                if (r < 0)
+                        goto fail;
+        }
+
+        *m = t;
+        return 0;
+
+fail:
+        message_free(t);
+        return r;
+}
+
 sd_bus_message* sd_bus_message_ref(sd_bus_message *m) {
         if (!m)
                 return NULL;
@@ -687,7 +803,7 @@ int sd_bus_message_get_no_reply(sd_bus_message *m) {
         if (!m)
                 return -EINVAL;
 
-        return m->header->type == SD_BUS_MESSAGE_TYPE_METHOD_CALL ? !!(m->header->flags & SD_BUS_MESSAGE_NO_REPLY_EXPECTED) : 0;
+        return m->header->type == SD_BUS_MESSAGE_METHOD_CALL ? !!(m->header->flags & SD_BUS_MESSAGE_NO_REPLY_EXPECTED) : 0;
 }
 
 const char *sd_bus_message_get_path(sd_bus_message *m) {
@@ -1024,7 +1140,7 @@ int sd_bus_message_is_signal(sd_bus_message *m, const char *interface, const cha
         if (!m)
                 return -EINVAL;
 
-        if (m->header->type != SD_BUS_MESSAGE_TYPE_SIGNAL)
+        if (m->header->type != SD_BUS_MESSAGE_SIGNAL)
                 return 0;
 
         if (interface && (!m->interface || !streq(m->interface, interface)))
@@ -1040,7 +1156,7 @@ int sd_bus_message_is_method_call(sd_bus_message *m, const char *interface, cons
         if (!m)
                 return -EINVAL;
 
-        if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
+        if (m->header->type != SD_BUS_MESSAGE_METHOD_CALL)
                 return 0;
 
         if (interface && (!m->interface || !streq(m->interface, interface)))
@@ -1056,7 +1172,7 @@ int sd_bus_message_is_method_error(sd_bus_message *m, const char *name) {
         if (!m)
                 return -EINVAL;
 
-        if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_ERROR)
+        if (m->header->type != SD_BUS_MESSAGE_METHOD_ERROR)
                 return 0;
 
         if (name && (!m->error.name || !streq(m->error.name, name)))
@@ -1070,7 +1186,7 @@ int sd_bus_message_set_no_reply(sd_bus_message *m, int b) {
                 return -EINVAL;
         if (m->sealed)
                 return -EPERM;
-        if (m->header->type != SD_BUS_MESSAGE_TYPE_METHOD_CALL)
+        if (m->header->type != SD_BUS_MESSAGE_METHOD_CALL)
                 return -EPERM;
 
         if (b)
@@ -1126,8 +1242,13 @@ static void part_zero(struct bus_body_part *part, size_t sz) {
         assert(sz > 0);
         assert(sz < 8);
 
-        part->data = NULL;
+        /* All other fields can be left in their defaults */
+        assert(!part->data);
+        assert(part->memfd < 0);
+
         part->size = sz;
+        part->is_zero = true;
+        part->sealed = true;
 }
 
 static int part_make_space(
@@ -1158,8 +1279,8 @@ static int part_make_space(
                         return -errno;
                 }
 
-                if (sz > part->mapped) {
-                        size_t psz = PAGE_ALIGN(sz);
+                if (!part->data || sz > part->mapped) {
+                        size_t psz = PAGE_ALIGN(sz > 0 ? sz : 1);
 
                         if (part->mapped <= 0)
                                 n = mmap(NULL, psz, PROT_READ|PROT_WRITE, MAP_SHARED, part->memfd, 0);
@@ -1174,8 +1295,10 @@ static int part_make_space(
                         part->mapped = psz;
                         part->data = n;
                 }
+
+                part->munmap_this = true;
         } else {
-                n = realloc(part->data, sz);
+                n = realloc(part->data, MAX(sz, 1u));
                 if (!n) {
                         m->poisoned = true;
                         return -ENOMEM;
@@ -1192,8 +1315,21 @@ static int part_make_space(
         return 0;
 }
 
-static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz) {
+static void message_extend_containers(sd_bus_message *m, size_t expand) {
         struct bus_container *c;
+
+        assert(m);
+
+        if (expand <= 0)
+                return;
+
+        /* Update counters */
+        for (c = m->containers; c < m->containers + m->n_containers; c++)
+                if (c->array_size)
+                        *c->array_size += expand;
+}
+
+static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz) {
         struct bus_body_part *part = NULL;
         size_t start_body, end_body, padding, start_part, end_part, added;
         bool add_new_part;
@@ -1241,6 +1377,7 @@ static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz) {
                 if (r < 0)
                         return NULL;
         } else {
+                struct bus_container *c;
                 void *op;
                 size_t os;
 
@@ -1267,12 +1404,8 @@ static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz) {
                 m->error.message = (const char*) adjust_pointer(m->error.message, op, os, part->data);
         }
 
-        /* Update counters */
-        for (c = m->containers; c < m->containers + m->n_containers; c++)
-                if (c->array_size)
-                        *c->array_size += added;
-
         m->header->body_size = end_body;
+        message_extend_containers(m, added);
 
         return p;
 }
@@ -1282,7 +1415,6 @@ int message_append_basic(sd_bus_message *m, char type, const void *p, const void
         ssize_t align, sz;
         uint32_t k;
         void *a;
-        char *e = NULL;
         int fd = -1;
         uint32_t fdi = 0;
         int r;
@@ -1306,6 +1438,8 @@ int message_append_basic(sd_bus_message *m, char type, const void *p, const void
                 if (c->signature[c->index] != type)
                         return -ENXIO;
         } else {
+                char *e;
+
                 /* Maybe we can append to the signature? But only if this is the top-level container*/
                 if (c->enclosing != 0)
                         return -ENXIO;
@@ -1438,7 +1572,6 @@ int sd_bus_message_append_basic(sd_bus_message *m, char type, const void *p) {
 
 int sd_bus_message_append_string_space(sd_bus_message *m, size_t size, char **s) {
         struct bus_container *c;
-        char *e;
         void *a;
 
         if (!m)
@@ -1458,6 +1591,8 @@ int sd_bus_message_append_string_space(sd_bus_message *m, size_t size, char **s)
                 if (c->signature[c->index] != SD_BUS_TYPE_STRING)
                         return -ENXIO;
         } else {
+                char *e;
+
                 /* Maybe we can append to the signature? But only if this is the top-level container*/
                 if (c->enclosing != 0)
                         return -ENXIO;
@@ -1469,7 +1604,6 @@ int sd_bus_message_append_string_space(sd_bus_message *m, size_t size, char **s)
                 }
         }
 
-
         a = message_extend_body(m, 4, 4 + size + 1);
         if (!a)
                 return -ENOMEM;
@@ -1492,7 +1626,6 @@ static int bus_message_open_array(
                 uint32_t **array_size) {
 
         unsigned nindex;
-        char *e = NULL;
         void *a, *op;
         int alignment;
         size_t os;
@@ -1503,7 +1636,7 @@ static int bus_message_open_array(
         assert(contents);
         assert(array_size);
 
-        if (!signature_is_single(contents))
+        if (!signature_is_single(contents, true))
                 return -EINVAL;
 
         alignment = bus_type_get_alignment(contents[0]);
@@ -1522,6 +1655,8 @@ static int bus_message_open_array(
 
                 nindex = c->index + 1 + strlen(contents);
         } else {
+                char *e;
+
                 if (c->enclosing != 0)
                         return -ENXIO;
 
@@ -1565,7 +1700,6 @@ static int bus_message_open_variant(
                 struct bus_container *c,
                 const char *contents) {
 
-        char *e = NULL;
         size_t l;
         void *a;
 
@@ -1573,7 +1707,7 @@ static int bus_message_open_variant(
         assert(c);
         assert(contents);
 
-        if (!signature_is_single(contents))
+        if (!signature_is_single(contents, false))
                 return -EINVAL;
 
         if (*contents == SD_BUS_TYPE_DICT_ENTRY_BEGIN)
@@ -1585,6 +1719,8 @@ static int bus_message_open_variant(
                         return -ENXIO;
 
         } else {
+                char *e;
+
                 if (c->enclosing != 0)
                         return -ENXIO;
 
@@ -1615,7 +1751,6 @@ static int bus_message_open_struct(
                 const char *contents) {
 
         size_t nindex;
-        char *e = NULL;
 
         assert(m);
         assert(c);
@@ -1636,6 +1771,8 @@ static int bus_message_open_struct(
 
                 nindex = c->index + 1 + l + 1;
         } else {
+                char *e;
+
                 if (c->enclosing != 0)
                         return -ENXIO;
 
@@ -2106,6 +2243,229 @@ int sd_bus_message_append_array(sd_bus_message *m, char type, const void *ptr, s
         return 0;
 }
 
+int sd_bus_message_append_array_memfd(sd_bus_message *m, char type, sd_memfd *memfd) {
+        _cleanup_close_ int copy_fd = -1;
+        struct bus_body_part *part;
+        ssize_t align, sz;
+        uint64_t size;
+        void *a;
+        int r;
+
+        if (!m)
+                return -EINVAL;
+        if (!memfd)
+                return -EINVAL;
+        if (m->sealed)
+                return -EPERM;
+        if (!bus_type_is_trivial(type))
+                return -EINVAL;
+        if (m->poisoned)
+                return -ESTALE;
+
+        r = sd_memfd_set_sealed(memfd, true);
+        if (r < 0)
+                return r;
+
+        copy_fd = sd_memfd_dup_fd(memfd);
+        if (copy_fd < 0)
+                return copy_fd;
+
+        r = sd_memfd_get_size(memfd, &size);
+        if (r < 0)
+                return r;
+
+        align = bus_type_get_alignment(type);
+        sz = bus_type_get_size(type);
+
+        assert_se(align > 0);
+        assert_se(sz > 0);
+
+        if (size % sz != 0)
+                return -EINVAL;
+
+        if (size > (uint64_t) (uint32_t) -1)
+                return -EINVAL;
+
+        r = sd_bus_message_open_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
+        if (r < 0)
+                return r;
+
+        a = message_extend_body(m, align, 0);
+        if (!a)
+                return -ENOMEM;
+
+        part = message_append_part(m);
+        if (!part)
+                return -ENOMEM;
+
+        part->memfd = copy_fd;
+        part->sealed = true;
+        part->size = size;
+        copy_fd = -1;
+
+        message_extend_containers(m, size);
+        m->header->body_size += size;
+
+        return sd_bus_message_close_container(m);
+}
+
+int sd_bus_message_append_string_memfd(sd_bus_message *m, sd_memfd *memfd) {
+        _cleanup_close_ int copy_fd = -1;
+        struct bus_body_part *part;
+        struct bus_container *c;
+        uint64_t size;
+        void *a;
+        int r;
+
+        assert_return(m, -EINVAL);
+        assert_return(memfd, -EINVAL);
+        assert_return(!m->sealed, -EPERM);
+        assert_return(!m->poisoned, -ESTALE);
+
+        r = sd_memfd_set_sealed(memfd, true);
+        if (r < 0)
+                return r;
+
+        copy_fd = sd_memfd_dup_fd(memfd);
+        if (copy_fd < 0)
+                return copy_fd;
+
+        r = sd_memfd_get_size(memfd, &size);
+        if (r < 0)
+                return r;
+
+        /* We require this to be NUL terminated */
+        if (size == 0)
+                return -EINVAL;
+
+        if (size > (uint64_t) (uint32_t) -1)
+                return -EINVAL;
+
+        c = message_get_container(m);
+        if (c->signature && c->signature[c->index]) {
+                /* Container signature is already set */
+
+                if (c->signature[c->index] != SD_BUS_TYPE_STRING)
+                        return -ENXIO;
+        } else {
+                char *e;
+
+                /* Maybe we can append to the signature? But only if this is the top-level container*/
+                if (c->enclosing != 0)
+                        return -ENXIO;
+
+                e = strextend(&c->signature, CHAR_TO_STR(SD_BUS_TYPE_STRING), NULL);
+                if (!e) {
+                        m->poisoned = true;
+                        return -ENOMEM;
+                }
+        }
+
+        a = message_extend_body(m, 4, 4);
+        if (!a)
+                return -ENOMEM;
+
+        *(uint32_t*) a = size - 1;
+
+        part = message_append_part(m);
+        if (!part)
+                return -ENOMEM;
+
+        part->memfd = copy_fd;
+        part->sealed = true;
+        part->size = size;
+        copy_fd = -1;
+
+        message_extend_containers(m, size);
+        m->header->body_size += size;
+
+        if (c->enclosing != SD_BUS_TYPE_ARRAY)
+                c->index++;
+
+        return 0;
+}
+
+int sd_bus_message_append_strv(sd_bus_message *m, char **l) {
+        char **i;
+        int r;
+
+        assert_return(m, -EINVAL);
+        assert_return(!m->sealed, -EPERM);
+        assert_return(!m->poisoned, -ESTALE);
+
+        r = sd_bus_message_open_container(m, 'a', "s");
+        if (r < 0)
+                return r;
+
+        STRV_FOREACH(i, l) {
+                r = sd_bus_message_append_basic(m, 's', *i);
+                if (r < 0)
+                        return r;
+        }
+
+        return sd_bus_message_close_container(m);
+}
+
+int bus_body_part_map(struct bus_body_part *part) {
+        void *p;
+        size_t psz;
+
+        assert_se(part);
+
+        if (part->data)
+                return 0;
+
+        if (part->size <= 0)
+                return 0;
+
+        /* For smaller zero parts (as used for padding) we don't need to map anything... */
+        if (part->memfd < 0 && part->is_zero && part->size < 8) {
+                static const uint8_t zeroes[7] = { };
+                part->data = (void*) zeroes;
+                return 0;
+        }
+
+        psz = PAGE_ALIGN(part->size);
+
+        if (part->memfd >= 0)
+                p = mmap(NULL, psz, PROT_READ, MAP_SHARED, part->memfd, 0);
+        else if (part->is_zero)
+                p = mmap(NULL, psz, PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
+        else
+                return -EINVAL;
+
+        if (p == MAP_FAILED)
+                return -errno;
+
+        part->mapped = psz;
+        part->data = p;
+        part->munmap_this = true;
+
+        return 0;
+}
+
+void bus_body_part_unmap(struct bus_body_part *part) {
+
+        assert_se(part);
+
+        if (part->memfd < 0)
+                return;
+
+        if (!part->data)
+                return;
+
+        if (!part->munmap_this)
+                return;
+
+        assert_se(munmap(part->data, part->mapped) == 0);
+
+        part->data = NULL;
+        part->mapped = 0;
+        part->munmap_this = false;
+
+        return;
+}
+
 static int buffer_peek(const void *p, uint32_t sz, size_t *rindex, size_t align, size_t nbytes, void **r) {
         size_t k, start, end;
 
@@ -2146,6 +2506,8 @@ static bool message_end_of_array(sd_bus_message *m, size_t index) {
 static struct bus_body_part* find_part(sd_bus_message *m, size_t index, size_t sz, void **p) {
         struct bus_body_part *part;
         size_t begin;
+        int r;
+
         assert(m);
 
         if (m->cached_rindex_part && index >= m->cached_rindex_part_begin) {
@@ -2161,8 +2523,13 @@ static struct bus_body_part* find_part(sd_bus_message *m, size_t index, size_t s
                         return NULL;
 
                 if (index + sz <= begin + part->size) {
+
+                        r = bus_body_part_map(part);
+                        if (r < 0)
+                                return NULL;
+
                         if (p)
-                                *p = part->data ? (uint8_t*) part->data + index - begin : NULL;
+                                *p = (uint8_t*) part->data + index - begin;
 
                         m->cached_rindex_part = part;
                         m->cached_rindex_part_begin = begin;
@@ -2170,6 +2537,7 @@ static struct bus_body_part* find_part(sd_bus_message *m, size_t index, size_t s
                         return part;
                 }
 
+                begin += part->size;
                 part = part->next;
         }
 
@@ -2291,6 +2659,9 @@ int sd_bus_message_read_basic(sd_bus_message *m, char type, void *p) {
         if (!c->signature || c->signature[c->index] == 0)
                 return 0;
 
+        if (message_end_of_array(m, m->rindex))
+                return 0;
+
         if (c->signature[c->index] != type)
                 return -ENXIO;
 
@@ -2431,7 +2802,7 @@ static int bus_message_enter_array(
         assert(contents);
         assert(array_size);
 
-        if (!signature_is_single(contents))
+        if (!signature_is_single(contents, true))
                 return -EINVAL;
 
         alignment = bus_type_get_alignment(contents[0]);
@@ -2485,7 +2856,7 @@ static int bus_message_enter_variant(
         assert(c);
         assert(contents);
 
-        if (!signature_is_single(contents))
+        if (!signature_is_single(contents, false))
                 return -EINVAL;
 
         if (*contents == SD_BUS_TYPE_DICT_ENTRY_BEGIN)
@@ -2639,6 +3010,9 @@ int sd_bus_message_enter_container(sd_bus_message *m, char type, const char *con
         if (!c->signature || c->signature[c->index] == 0)
                 return 0;
 
+        if (message_end_of_array(m, m->rindex))
+                return 0;
+
         signature = strdup(contents);
         if (!signature)
                 return -ENOMEM;
@@ -3093,7 +3467,7 @@ int sd_bus_message_read_array(sd_bus_message *m, char type, const void **ptr, si
                 return align;
 
         r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, CHAR_TO_STR(type));
-        if (r < 0)
+        if (r <= 0)
                 return r;
 
         c = message_get_container(m);
@@ -3132,7 +3506,7 @@ static int message_peek_fields(
         assert(rindex);
         assert(align > 0);
 
-        return buffer_peek(m->fields, BUS_MESSAGE_FIELDS_SIZE(m), rindex, align, nbytes, ret);
+        return buffer_peek(BUS_MESSAGE_FIELDS(m), BUS_MESSAGE_FIELDS_SIZE(m), rindex, align, nbytes, ret);
 }
 
 static int message_peek_field_uint32(
@@ -3522,25 +3896,25 @@ int bus_message_parse_fields(sd_bus_message *m) {
 
         switch (m->header->type) {
 
-        case SD_BUS_MESSAGE_TYPE_SIGNAL:
+        case SD_BUS_MESSAGE_SIGNAL:
                 if (!m->path || !m->interface || !m->member)
                         return -EBADMSG;
                 break;
 
-        case SD_BUS_MESSAGE_TYPE_METHOD_CALL:
+        case SD_BUS_MESSAGE_METHOD_CALL:
 
                 if (!m->path || !m->member)
                         return -EBADMSG;
 
                 break;
 
-        case SD_BUS_MESSAGE_TYPE_METHOD_RETURN:
+        case SD_BUS_MESSAGE_METHOD_RETURN:
 
                 if (m->reply_serial == 0)
                         return -EBADMSG;
                 break;
 
-        case SD_BUS_MESSAGE_TYPE_METHOD_ERROR:
+        case SD_BUS_MESSAGE_METHOD_ERROR:
 
                 if (m->reply_serial == 0 || !m->error.name)
                         return -EBADMSG;
@@ -3548,15 +3922,17 @@ int bus_message_parse_fields(sd_bus_message *m) {
         }
 
         /* Try to read the error message, but if we can't it's a non-issue */
-        if (m->header->type == SD_BUS_MESSAGE_TYPE_METHOD_ERROR)
+        if (m->header->type == SD_BUS_MESSAGE_METHOD_ERROR)
                 sd_bus_message_read(m, "s", &m->error.message);
 
         return 0;
 }
 
 int bus_message_seal(sd_bus_message *m, uint64_t serial) {
-        int r;
+        struct bus_body_part *part;
         size_t l, a;
+        unsigned i;
+        int r;
 
         assert(m);
 
@@ -3566,6 +3942,9 @@ int bus_message_seal(sd_bus_message *m, uint64_t serial) {
         if (m->n_containers > 0)
                 return -EBADMSG;
 
+        if (m->poisoned)
+                return -ESTALE;
+
         /* If there's a non-trivial signature set, then add it in here */
         if (!isempty(m->root_container.signature)) {
                 r = message_append_field_signature(m, SD_BUS_MESSAGE_HEADER_SIGNATURE, m->root_container.signature, NULL);
@@ -3579,20 +3958,26 @@ int bus_message_seal(sd_bus_message *m, uint64_t serial) {
                         return r;
         }
 
+        /* Add padding at the end of the fields part, since we know
+         * the body needs to start at an 8 byte alignment. We made
+         * sure we allocated enough space for this, so all we need to
+         * do here is to zero it out. */
         l = BUS_MESSAGE_FIELDS_SIZE(m);
         a = ALIGN8(l) - l;
-
-        if (a > 0) {
-                /* Add padding at the end, since we know the body
-                 * needs to start at an 8 byte alignment. */
-                void *p;
-
-                p = message_extend_fields(m, 1, a);
-                if (!p)
-                        return -ENOMEM;
-
-                memset(p, 0, a);
-                m->header->fields_size -= a;
+        if (a > 0)
+                memset((uint8_t*) BUS_MESSAGE_FIELDS(m) + l, 0, a);
+
+        /* If this is something we can send as memfd, then let's seal
+        the memfd now. Note that we can send memfds as payload only
+        for directed messages, and not for broadcasts. */
+        if (m->destination && m->bus && m->bus->use_memfd) {
+                MESSAGE_FOREACH_PART(part, i, m)
+                        if (part->memfd >= 0 && !part->sealed && (part->size > MEMFD_MIN_SIZE || m->bus->use_memfd < 0)) {
+                                bus_body_part_unmap(part);
+
+                                if (ioctl(part->memfd, KDBUS_CMD_MEMFD_SEAL_SET, 1) >= 0)
+                                        part->sealed = true;
+                        }
         }
 
         m->header->serial = serial;
@@ -3642,7 +4027,8 @@ int bus_message_dump(sd_bus_message *m) {
                "\treply_serial=%u\n"
                "\terror.name=%s\n"
                "\terror.message=%s\n"
-               "\tsealed=%s\n",
+               "\tsealed=%s\n"
+               "\tn_body_parts=%u\n",
                m,
                m->n_ref,
                m->header->endian,
@@ -3661,7 +4047,8 @@ int bus_message_dump(sd_bus_message *m) {
                m->reply_serial,
                strna(m->error.name),
                strna(m->error.message),
-               yes_no(m->sealed));
+               yes_no(m->sealed),
+               m->n_body_parts);
 
         if (m->pid != 0)
                 printf("\tpid=%lu\n", (unsigned long) m->pid);
@@ -3888,16 +4275,8 @@ int bus_message_get_blob(sd_bus_message *m, void **buffer, size_t *sz) {
         if (!p)
                 return -ENOMEM;
 
-        e = mempcpy(p, m->header, sizeof(*m->header));
-
-        if (m->fields) {
-                e = mempcpy(e, m->fields, m->header->fields_size);
-
-                if (m->header->fields_size % 8 != 0)
-                        e = mempset(e, 0, 8 - (m->header->fields_size % 8));
-        }
-
-        for (i = 0, part = &m->body; i < m->n_body_parts; i++, part = part->next)
+        e = mempcpy(p, m->header, BUS_MESSAGE_BODY_BEGIN(m));
+        MESSAGE_FOREACH_PART(part, i, m)
                 e = mempcpy(e, part->data, part->size);
 
         assert(total == (size_t) ((uint8_t*) e - (uint8_t*) p));
@@ -3970,7 +4349,22 @@ const char* bus_message_get_arg(sd_bus_message *m, unsigned i) {
         return t;
 }
 
-int bus_header_size(struct bus_header *h, size_t *sum) {
+bool bus_header_is_complete(struct bus_header *h, size_t size) {
+        size_t full;
+
+        assert(h);
+        assert(size);
+
+        if (size < sizeof(struct bus_header))
+                return false;
+
+        full = sizeof(struct bus_header) +
+                (h->endian == SD_BUS_NATIVE_ENDIAN ? h->fields_size : bswap_32(h->fields_size));
+
+        return size >= full;
+}
+
+int bus_header_message_size(struct bus_header *h, size_t *sum) {
         size_t fs, bs;
 
         assert(h);
@@ -3988,3 +4382,22 @@ int bus_header_size(struct bus_header *h, size_t *sum) {
         *sum = sizeof(struct bus_header) + ALIGN8(fs) + bs;
         return 0;
 }
+
+int sd_bus_message_get_errno(sd_bus_message *m) {
+        assert_return(m, -EINVAL);
+
+        if (m->header->type != SD_BUS_MESSAGE_METHOD_ERROR)
+                return 0;
+
+        return sd_bus_error_get_errno(&m->error);
+}
+
+const char* sd_bus_message_get_signature(sd_bus_message *m, int complete) {
+        struct bus_container *c;
+
+        if (!m)
+                return NULL;
+
+        c = complete ? &m->root_container : message_get_container(m);
+        return c->signature ?: "";
+}