X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fcore%2Fdbus-execute.c;h=2402e8c34d58018b53ba364946abf5c05b5970c5;hp=ef55ef12b977f9df2c7552cf918d6fa13645c52a;hb=68313d3dfa2082dae8a06643d639e0200afc19fc;hpb=5430f7f2bc7330f3088b894166bf3524a067e3d8 diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index ef55ef12b..2402e8c34 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -28,13 +28,13 @@ #include "ioprio.h" #include "strv.h" #include "dbus-common.h" +#include "syscall-list.h" +#include "fileio.h" -DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_execute_append_kill_mode, kill_mode, KillMode); +static DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_execute_append_input, exec_input, ExecInput); +static DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_execute_append_output, exec_output, ExecOutput); -DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_execute_append_input, exec_input, ExecInput); -DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_execute_append_output, exec_output, ExecOutput); - -int bus_execute_append_env_files(DBusMessageIter *i, const char *property, void *data) { +static int bus_execute_append_env_files(DBusMessageIter *i, const char *property, void *data) { char **env_files = data, **j; DBusMessageIter sub, sub2; @@ -66,7 +66,7 @@ int bus_execute_append_env_files(DBusMessageIter *i, const char *property, void return 0; } -int bus_execute_append_oom_score_adjust(DBusMessageIter *i, const char *property, void *data) { +static int bus_execute_append_oom_score_adjust(DBusMessageIter *i, const char *property, void *data) { ExecContext *c = data; int32_t n; @@ -77,20 +77,11 @@ int bus_execute_append_oom_score_adjust(DBusMessageIter *i, const char *property if (c->oom_score_adjust_set) n = c->oom_score_adjust; else { - char *t; + _cleanup_free_ char *t = NULL; n = 0; if (read_one_line_file("/proc/self/oom_score_adj", &t) >= 0) { safe_atoi(t, &n); - free(t); - } else if (read_one_line_file("/proc/self/oom_adj", &t) >= 0) { - safe_atoi(t, &n); - free(t); - - if (n == OOM_ADJUST_MAX) - n = OOM_SCORE_ADJ_MAX; - else - n = (n * OOM_SCORE_ADJ_MAX) / -OOM_DISABLE; } } @@ -100,7 +91,7 @@ int bus_execute_append_oom_score_adjust(DBusMessageIter *i, const char *property return 0; } -int bus_execute_append_nice(DBusMessageIter *i, const char *property, void *data) { +static int bus_execute_append_nice(DBusMessageIter *i, const char *property, void *data) { ExecContext *c = data; int32_t n; @@ -119,7 +110,7 @@ int bus_execute_append_nice(DBusMessageIter *i, const char *property, void *data return 0; } -int bus_execute_append_ioprio(DBusMessageIter *i, const char *property, void *data) { +static int bus_execute_append_ioprio(DBusMessageIter *i, const char *property, void *data) { ExecContext *c = data; int32_t n; @@ -138,7 +129,7 @@ int bus_execute_append_ioprio(DBusMessageIter *i, const char *property, void *da return 0; } -int bus_execute_append_cpu_sched_policy(DBusMessageIter *i, const char *property, void *data) { +static int bus_execute_append_cpu_sched_policy(DBusMessageIter *i, const char *property, void *data) { ExecContext *c = data; int32_t n; @@ -157,7 +148,7 @@ int bus_execute_append_cpu_sched_policy(DBusMessageIter *i, const char *property return 0; } -int bus_execute_append_cpu_sched_priority(DBusMessageIter *i, const char *property, void *data) { +static int bus_execute_append_cpu_sched_priority(DBusMessageIter *i, const char *property, void *data) { ExecContext *c = data; int32_t n; @@ -168,12 +159,12 @@ int bus_execute_append_cpu_sched_priority(DBusMessageIter *i, const char *proper if (c->cpu_sched_set) n = c->cpu_sched_priority; else { - struct sched_param p; - n = 0; + struct sched_param p = {}; - zero(p); if (sched_getparam(0, &p) >= 0) n = p.sched_priority; + else + n = 0; } if (!dbus_message_iter_append_basic(i, DBUS_TYPE_INT32, &n)) @@ -182,7 +173,7 @@ int bus_execute_append_cpu_sched_priority(DBusMessageIter *i, const char *proper return 0; } -int bus_execute_append_affinity(DBusMessageIter *i, const char *property, void *data) { +static int bus_execute_append_affinity(DBusMessageIter *i, const char *property, void *data) { ExecContext *c = data; dbus_bool_t b; DBusMessageIter sub; @@ -208,7 +199,7 @@ int bus_execute_append_affinity(DBusMessageIter *i, const char *property, void * return 0; } -int bus_execute_append_timer_slack_nsec(DBusMessageIter *i, const char *property, void *data) { +static int bus_execute_append_timer_slack_nsec(DBusMessageIter *i, const char *property, void *data) { ExecContext *c = data; uint64_t u; @@ -216,7 +207,7 @@ int bus_execute_append_timer_slack_nsec(DBusMessageIter *i, const char *property assert(property); assert(c); - if (c->timer_slack_nsec_set) + if (c->timer_slack_nsec != (nsec_t) -1) u = (uint64_t) c->timer_slack_nsec; else u = (uint64_t) prctl(PR_GET_TIMERSLACK); @@ -227,7 +218,7 @@ int bus_execute_append_timer_slack_nsec(DBusMessageIter *i, const char *property return 0; } -int bus_execute_append_capability_bs(DBusMessageIter *i, const char *property, void *data) { +static int bus_execute_append_capability_bs(DBusMessageIter *i, const char *property, void *data) { ExecContext *c = data; uint64_t normal, inverted; @@ -244,7 +235,7 @@ int bus_execute_append_capability_bs(DBusMessageIter *i, const char *property, v return bus_property_append_uint64(i, property, &inverted); } -int bus_execute_append_capabilities(DBusMessageIter *i, const char *property, void *data) { +static int bus_execute_append_capabilities(DBusMessageIter *i, const char *property, void *data) { ExecContext *c = data; char *t = NULL; const char *s; @@ -273,7 +264,7 @@ int bus_execute_append_capabilities(DBusMessageIter *i, const char *property, vo return 0; } -int bus_execute_append_rlimits(DBusMessageIter *i, const char *property, void *data) { +static int bus_execute_append_rlimits(DBusMessageIter *i, const char *property, void *data) { ExecContext *c = data; int r; uint64_t u; @@ -287,9 +278,8 @@ int bus_execute_append_rlimits(DBusMessageIter *i, const char *property, void *d if (c->rlimit[r]) u = (uint64_t) c->rlimit[r]->rlim_max; else { - struct rlimit rl; + struct rlimit rl = {}; - zero(rl); getrlimit(r, &rl); u = (uint64_t) rl.rlim_max; @@ -356,6 +346,32 @@ int bus_execute_append_command(DBusMessageIter *i, const char *property, void *d return 0; } +static int bus_execute_append_syscall_filter(DBusMessageIter *i, const char *property, void *data) { + ExecContext *c = data; + dbus_bool_t b; + DBusMessageIter sub; + + assert(i); + assert(property); + assert(c); + + if (!dbus_message_iter_open_container(i, DBUS_TYPE_ARRAY, "u", &sub)) + return -ENOMEM; + + if (c->syscall_filter) + b = dbus_message_iter_append_fixed_array(&sub, DBUS_TYPE_UINT32, &c->syscall_filter, (syscall_max() + 31) >> 4); + else + b = dbus_message_iter_append_fixed_array(&sub, DBUS_TYPE_UINT32, &c->syscall_filter, 0); + + if (!b) + return -ENOMEM; + + if (!dbus_message_iter_close_container(i, &sub)) + return -ENOMEM; + + return 0; +} + const BusProperty bus_exec_context_properties[] = { { "Environment", bus_property_append_strv, "as", offsetof(ExecContext, environment), true }, { "EnvironmentFiles", bus_execute_append_env_files, "a(sb)", offsetof(ExecContext, environment_files), true }, @@ -412,11 +428,9 @@ const BusProperty bus_exec_context_properties[] = { { "PrivateTmp", bus_property_append_bool, "b", offsetof(ExecContext, private_tmp) }, { "PrivateNetwork", bus_property_append_bool, "b", offsetof(ExecContext, private_network) }, { "SameProcessGroup", bus_property_append_bool, "b", offsetof(ExecContext, same_pgrp) }, - { "KillMode", bus_execute_append_kill_mode, "s", offsetof(ExecContext, kill_mode) }, - { "KillSignal", bus_property_append_int, "i", offsetof(ExecContext, kill_signal) }, { "UtmpIdentifier", bus_property_append_string, "s", offsetof(ExecContext, utmp_id), true }, - { "ControlGroupModify", bus_property_append_bool, "b", offsetof(ExecContext, control_group_modify) }, - { "ControlGroupPersistent", bus_property_append_tristate_false, "b", offsetof(ExecContext, control_group_persistent) }, - { "IgnoreSIGPIPE", bus_property_append_bool, "b", offsetof(ExecContext, ignore_sigpipe ) }, - { NULL, } + { "IgnoreSIGPIPE", bus_property_append_bool, "b", offsetof(ExecContext, ignore_sigpipe) }, + { "NoNewPrivileges", bus_property_append_bool, "b", offsetof(ExecContext, no_new_privileges) }, + { "SystemCallFilter", bus_execute_append_syscall_filter, "au", 0 }, + {} };