X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Flibsystemd-bus%2Fbus-creds.c;h=b2cf687377ef2141e0fc4322132c0cd56bbbae1c;hp=607131273046a8af1f4390f66671f9163cdb4ff3;hb=6206f4b49db2de55ee335d6108f474b715b21ae4;hpb=95c4fe827195b47fad7cc87a3f84bf3af6b657c2 diff --git a/src/libsystemd-bus/bus-creds.c b/src/libsystemd-bus/bus-creds.c index 607131273..b2cf68737 100644 --- a/src/libsystemd-bus/bus-creds.c +++ b/src/libsystemd-bus/bus-creds.c @@ -50,7 +50,7 @@ void bus_creds_done(sd_bus_creds *c) { free(c->slice); strv_free(c->cmdline_array); - strv_free(c->well_known_names_array); + strv_free(c->well_known_names); } _public_ sd_bus_creds *sd_bus_creds_ref(sd_bus_creds *c) { @@ -72,7 +72,9 @@ _public_ sd_bus_creds *sd_bus_creds_ref(sd_bus_creds *c) { } _public_ sd_bus_creds *sd_bus_creds_unref(sd_bus_creds *c) { - assert_return(c, NULL); + + if (!c) + return NULL; if (c->allocated) { assert(c->n_ref > 0); @@ -89,7 +91,7 @@ _public_ sd_bus_creds *sd_bus_creds_unref(sd_bus_creds *c) { free(c->capability); free(c->label); free(c->unique_name); - free(c->well_known_names); + free(c->cgroup_root); free(c); } } else { @@ -156,7 +158,9 @@ _public_ int sd_bus_creds_new_from_pid(pid_t pid, uint64_t mask, sd_bus_creds ** _public_ int sd_bus_creds_get_uid(sd_bus_creds *c, uid_t *uid) { assert_return(c, -EINVAL); assert_return(uid, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_UID, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_UID)) + return -ENODATA; *uid = c->uid; return 0; @@ -165,7 +169,9 @@ _public_ int sd_bus_creds_get_uid(sd_bus_creds *c, uid_t *uid) { _public_ int sd_bus_creds_get_gid(sd_bus_creds *c, gid_t *gid) { assert_return(c, -EINVAL); assert_return(gid, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_UID, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_UID)) + return -ENODATA; *gid = c->gid; return 0; @@ -174,7 +180,9 @@ _public_ int sd_bus_creds_get_gid(sd_bus_creds *c, gid_t *gid) { _public_ int sd_bus_creds_get_pid(sd_bus_creds *c, pid_t *pid) { assert_return(c, -EINVAL); assert_return(pid, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_PID, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_PID)) + return -ENODATA; assert(c->pid > 0); *pid = c->pid; @@ -184,7 +192,9 @@ _public_ int sd_bus_creds_get_pid(sd_bus_creds *c, pid_t *pid) { _public_ int sd_bus_creds_get_tid(sd_bus_creds *c, pid_t *tid) { assert_return(c, -EINVAL); assert_return(tid, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_TID, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_TID)) + return -ENODATA; assert(c->tid > 0); *tid = c->tid; @@ -194,7 +204,9 @@ _public_ int sd_bus_creds_get_tid(sd_bus_creds *c, pid_t *tid) { _public_ int sd_bus_creds_get_pid_starttime(sd_bus_creds *c, uint64_t *usec) { assert_return(c, -EINVAL); assert_return(usec, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_PID_STARTTIME, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_PID_STARTTIME)) + return -ENODATA; assert(c->pid_starttime > 0); *usec = c->pid_starttime; @@ -203,7 +215,9 @@ _public_ int sd_bus_creds_get_pid_starttime(sd_bus_creds *c, uint64_t *usec) { _public_ int sd_bus_creds_get_selinux_context(sd_bus_creds *c, const char **ret) { assert_return(c, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_SELINUX_CONTEXT, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_SELINUX_CONTEXT)) + return -ENODATA; assert(c->label); *ret = c->label; @@ -213,7 +227,9 @@ _public_ int sd_bus_creds_get_selinux_context(sd_bus_creds *c, const char **ret) _public_ int sd_bus_creds_get_comm(sd_bus_creds *c, const char **ret) { assert_return(c, -EINVAL); assert_return(ret, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_COMM, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_COMM)) + return -ENODATA; assert(c->comm); *ret = c->comm; @@ -223,7 +239,9 @@ _public_ int sd_bus_creds_get_comm(sd_bus_creds *c, const char **ret) { _public_ int sd_bus_creds_get_tid_comm(sd_bus_creds *c, const char **ret) { assert_return(c, -EINVAL); assert_return(ret, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_TID_COMM, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_TID_COMM)) + return -ENODATA; assert(c->tid_comm); *ret = c->tid_comm; @@ -233,7 +251,9 @@ _public_ int sd_bus_creds_get_tid_comm(sd_bus_creds *c, const char **ret) { _public_ int sd_bus_creds_get_exe(sd_bus_creds *c, const char **ret) { assert_return(c, -EINVAL); assert_return(ret, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_EXE, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_EXE)) + return -ENODATA; assert(c->exe); *ret = c->exe; @@ -243,7 +263,9 @@ _public_ int sd_bus_creds_get_exe(sd_bus_creds *c, const char **ret) { _public_ int sd_bus_creds_get_cgroup(sd_bus_creds *c, const char **ret) { assert_return(c, -EINVAL); assert_return(ret, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_CGROUP, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_CGROUP)) + return -ENODATA; assert(c->cgroup); *ret = c->cgroup; @@ -255,12 +277,20 @@ _public_ int sd_bus_creds_get_unit(sd_bus_creds *c, const char **ret) { assert_return(c, -EINVAL); assert_return(ret, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_UNIT, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_UNIT)) + return -ENODATA; assert(c->cgroup); if (!c->unit) { - r = cg_path_get_unit(c->cgroup, (char**) &c->unit); + const char *shifted; + + r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted); + if (r < 0) + return r; + + r = cg_path_get_unit(shifted, (char**) &c->unit); if (r < 0) return r; } @@ -274,12 +304,20 @@ _public_ int sd_bus_creds_get_user_unit(sd_bus_creds *c, const char **ret) { assert_return(c, -EINVAL); assert_return(ret, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_USER_UNIT, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_USER_UNIT)) + return -ENODATA; assert(c->cgroup); if (!c->user_unit) { - r = cg_path_get_user_unit(c->cgroup, (char**) &c->user_unit); + const char *shifted; + + r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted); + if (r < 0) + return r; + + r = cg_path_get_user_unit(shifted, (char**) &c->user_unit); if (r < 0) return r; } @@ -293,12 +331,20 @@ _public_ int sd_bus_creds_get_slice(sd_bus_creds *c, const char **ret) { assert_return(c, -EINVAL); assert_return(ret, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_SLICE, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_SLICE)) + return -ENODATA; assert(c->cgroup); if (!c->slice) { - r = cg_path_get_slice(c->cgroup, (char**) &c->slice); + const char *shifted; + + r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted); + if (r < 0) + return r; + + r = cg_path_get_slice(shifted, (char**) &c->slice); if (r < 0) return r; } @@ -312,12 +358,20 @@ _public_ int sd_bus_creds_get_session(sd_bus_creds *c, const char **ret) { assert_return(c, -EINVAL); assert_return(ret, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_SESSION, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_SESSION)) + return -ENODATA; assert(c->cgroup); if (!c->session) { - r = cg_path_get_session(c->cgroup, (char**) &c->session); + const char *shifted; + + r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted); + if (r < 0) + return r; + + r = cg_path_get_session(shifted, (char**) &c->session); if (r < 0) return r; } @@ -327,20 +381,31 @@ _public_ int sd_bus_creds_get_session(sd_bus_creds *c, const char **ret) { } _public_ int sd_bus_creds_get_owner_uid(sd_bus_creds *c, uid_t *uid) { + const char *shifted; + int r; + assert_return(c, -EINVAL); assert_return(uid, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_OWNER_UID, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_OWNER_UID)) + return -ENODATA; assert(c->cgroup); - return cg_path_get_owner_uid(c->cgroup, uid); + r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted); + if (r < 0) + return r; + + return cg_path_get_owner_uid(shifted, uid); } _public_ int sd_bus_creds_get_cmdline(sd_bus_creds *c, char ***cmdline) { assert_return(c, -EINVAL); - assert_return(c->cmdline, -ESRCH); - assert_return(c->mask & SD_BUS_CREDS_CMDLINE, -ENODATA); + if (!(c->mask & SD_BUS_CREDS_CMDLINE)) + return -ENODATA; + + assert_return(c->cmdline, -ESRCH); assert(c->cmdline); if (!c->cmdline_array) { @@ -356,7 +421,9 @@ _public_ int sd_bus_creds_get_cmdline(sd_bus_creds *c, char ***cmdline) { _public_ int sd_bus_creds_get_audit_session_id(sd_bus_creds *c, uint32_t *sessionid) { assert_return(c, -EINVAL); assert_return(sessionid, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_AUDIT_SESSION_ID, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_AUDIT_SESSION_ID)) + return -ENODATA; *sessionid = c->audit_session_id; return 0; @@ -365,7 +432,9 @@ _public_ int sd_bus_creds_get_audit_session_id(sd_bus_creds *c, uint32_t *sessio _public_ int sd_bus_creds_get_audit_login_uid(sd_bus_creds *c, uid_t *uid) { assert_return(c, -EINVAL); assert_return(uid, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_AUDIT_LOGIN_UID, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_AUDIT_LOGIN_UID)) + return -ENODATA; *uid = c->audit_login_uid; return 0; @@ -374,7 +443,9 @@ _public_ int sd_bus_creds_get_audit_login_uid(sd_bus_creds *c, uid_t *uid) { _public_ int sd_bus_creds_get_unique_name(sd_bus_creds *c, const char **unique_name) { assert_return(c, -EINVAL); assert_return(unique_name, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_UNIQUE_NAME, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_UNIQUE_NAME)) + return -ENODATA; *unique_name = c->unique_name; return 0; @@ -383,17 +454,11 @@ _public_ int sd_bus_creds_get_unique_name(sd_bus_creds *c, const char **unique_n _public_ int sd_bus_creds_get_well_known_names(sd_bus_creds *c, char ***well_known_names) { assert_return(c, -EINVAL); assert_return(well_known_names, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_WELL_KNOWN_NAMES, -ENODATA); - - assert(c->well_known_names); - if (!c->well_known_names_array) { - c->well_known_names_array = strv_parse_nulstr(c->well_known_names, c->well_known_names_size); - if (!c->well_known_names_array) - return -ENOMEM; - } + if (!(c->mask & SD_BUS_CREDS_WELL_KNOWN_NAMES)) + return -ENODATA; - *well_known_names = c->well_known_names_array; + *well_known_names = c->well_known_names; return 0; } @@ -413,7 +478,9 @@ static int has_cap(sd_bus_creds *c, unsigned offset, int capability) { _public_ int sd_bus_creds_has_effective_cap(sd_bus_creds *c, int capability) { assert_return(c, -EINVAL); assert_return(capability >= 0, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_EFFECTIVE_CAPS, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_EFFECTIVE_CAPS)) + return -ENODATA; return has_cap(c, CAP_OFFSET_EFFECTIVE, capability); } @@ -421,7 +488,9 @@ _public_ int sd_bus_creds_has_effective_cap(sd_bus_creds *c, int capability) { _public_ int sd_bus_creds_has_permitted_cap(sd_bus_creds *c, int capability) { assert_return(c, -EINVAL); assert_return(capability >= 0, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_PERMITTED_CAPS, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_PERMITTED_CAPS)) + return -ENODATA; return has_cap(c, CAP_OFFSET_PERMITTED, capability); } @@ -429,7 +498,9 @@ _public_ int sd_bus_creds_has_permitted_cap(sd_bus_creds *c, int capability) { _public_ int sd_bus_creds_has_inheritable_cap(sd_bus_creds *c, int capability) { assert_return(c, -EINVAL); assert_return(capability >= 0, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_INHERITABLE_CAPS, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_INHERITABLE_CAPS)) + return -ENODATA; return has_cap(c, CAP_OFFSET_INHERITABLE, capability); } @@ -437,7 +508,9 @@ _public_ int sd_bus_creds_has_inheritable_cap(sd_bus_creds *c, int capability) { _public_ int sd_bus_creds_has_bounding_cap(sd_bus_creds *c, int capability) { assert_return(c, -EINVAL); assert_return(capability >= 0, -EINVAL); - assert_return(c->mask & SD_BUS_CREDS_BOUNDING_CAPS, -ENODATA); + + if (!(c->mask & SD_BUS_CREDS_BOUNDING_CAPS)) + return -ENODATA; return has_cap(c, CAP_OFFSET_BOUNDING, capability); } @@ -670,6 +743,10 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) { if (r < 0) return r; + r = cg_get_root_path(&c->cgroup_root); + if (r < 0) + return r; + c->mask |= missing & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID); } @@ -775,6 +852,10 @@ int bus_creds_extend_by_pid(sd_bus_creds *c, uint64_t mask, sd_bus_creds **ret) if (!n->cgroup) return -ENOMEM; + n->cgroup_root = strdup(c->cgroup_root); + if (!n->cgroup_root) + return -ENOMEM; + n->mask |= mask & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_OWNER_UID); } @@ -804,11 +885,9 @@ int bus_creds_extend_by_pid(sd_bus_creds *c, uint64_t mask, sd_bus_creds **ret) } if (c->mask & mask & SD_BUS_CREDS_WELL_KNOWN_NAMES) { - n->well_known_names = memdup(c->well_known_names, c->well_known_names_size); + n->well_known_names = strv_copy(c->well_known_names); if (!n->well_known_names) return -ENOMEM; - - n->well_known_names_size = c->well_known_names_size; } /* Get more data */