X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Flibsystemd%2Fsd-bus%2Fbus-kernel.c;h=3a3ed200a0782c0a48f8c8846b96329f47eb5137;hp=6baa84c042815691f63608eedc50606840e9938e;hb=7d31d92400bab9648016136da1b1e8c5cff1bfcf;hpb=8aee3fc7eae2e60592bac838bc7268720e1d489c diff --git a/src/libsystemd/sd-bus/bus-kernel.c b/src/libsystemd/sd-bus/bus-kernel.c index 6baa84c04..3a3ed200a 100644 --- a/src/libsystemd/sd-bus/bus-kernel.c +++ b/src/libsystemd/sd-bus/bus-kernel.c @@ -268,23 +268,22 @@ static int bus_message_setup_kmsg(sd_bus *b, sd_bus_message *m) { ((m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) ? 0 : KDBUS_MSG_FLAGS_EXPECT_REPLY) | ((m->header->flags & BUS_MESSAGE_NO_AUTO_START) ? KDBUS_MSG_FLAGS_NO_AUTO_START : 0); - if (well_known) { + if (well_known) /* verify_destination_id will usually be 0, which makes the kernel driver only look * at the provided well-known name. Otherwise, the kernel will make sure the provided * destination id matches the owner of the provided weel-known-name, and fail if they * differ. Currently, this is only needed for bus-proxyd. */ m->kdbus->dst_id = m->verify_destination_id; - } else { + else m->kdbus->dst_id = destination ? unique : KDBUS_DST_ID_BROADCAST; - } m->kdbus->payload_type = KDBUS_PAYLOAD_DBUS; m->kdbus->cookie = (uint64_t) m->header->serial; m->kdbus->priority = m->priority; - if (m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) { + if (m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) m->kdbus->cookie_reply = m->reply_cookie; - } else { + else { struct timespec now; assert_se(clock_gettime(CLOCK_MONOTONIC_COARSE, &now) == 0); @@ -349,6 +348,15 @@ fail: return r; } +static void bus_message_set_sender_driver(sd_bus *bus, sd_bus_message *m) { + assert(bus); + assert(m); + + m->sender = m->creds.unique_name = (char*) "org.freedesktop.DBus"; + m->creds.well_known_names_driver = true; + m->creds.mask |= (SD_BUS_CREDS_UNIQUE_NAME|SD_BUS_CREDS_WELL_KNOWN_NAMES) & bus->creds_mask; +} + static void unset_memfds(struct sd_bus_message *m) { struct bus_body_part *part; unsigned i; @@ -661,9 +669,23 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { } if (bus->creds_mask & SD_BUS_CREDS_WELL_KNOWN_NAMES) { - r = strv_extend(&m->creds.well_known_names, d->name.name); - if (r < 0) + char **wkn; + size_t n; + + /* We just extend the array here, but + * do not allocate the strings inside + * of it, instead we just point to our + * buffer directly. */ + n = strv_length(m->creds.well_known_names); + wkn = realloc(m->creds.well_known_names, (n + 2) * sizeof(char*)); + if (!wkn) { + r = -ENOMEM; goto fail; + } + + wkn[n] = d->name.name; + wkn[n+1] = NULL; + m->creds.well_known_names = wkn; m->creds.mask |= SD_BUS_CREDS_WELL_KNOWN_NAMES; } @@ -677,21 +699,10 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { case KDBUS_ITEM_AUXGROUPS: if (bus->creds_mask & SD_BUS_CREDS_SUPPLEMENTARY_GIDS) { - size_t i, n; - uid_t *u; - n = (d->size - offsetof(struct kdbus_item, data64)) / sizeof(uint64_t); - u = new(uid_t, n); - if (!u) { - r = -ENOMEM; - goto fail; - } - - for (i = 0; i < n; i++) - u[i] = (uid_t) d->data64[i]; - - m->creds.supplementary_gids = u; - m->creds.n_supplementary_gids = n; + assert_cc(sizeof(gid_t) == sizeof(uint32_t)); + m->creds.n_supplementary_gids = (d->size - offsetof(struct kdbus_item, data32)) / sizeof(uint32_t); + m->creds.supplementary_gids = (gid_t*) d->data32; m->creds.mask |= SD_BUS_CREDS_SUPPLEMENTARY_GIDS; } @@ -710,9 +721,33 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { if (r < 0) goto fail; + /* Refuse messages if kdbus and dbus1 cookie doesn't match up */ + if ((uint64_t) m->header->serial != k->cookie) { + r = -EBADMSG; + goto fail; + } + + /* Refuse messages where the reply flag doesn't match up */ + if (!(m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) != !!(k->flags & KDBUS_MSG_FLAGS_EXPECT_REPLY)) { + r = -EBADMSG; + goto fail; + } + + /* Refuse reply messages where the reply cookie doesn't match up */ + if ((m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) && m->reply_cookie != k->cookie_reply) { + r = -EBADMSG; + goto fail; + } + + /* Refuse messages where the autostart flag doesn't match up */ + if (!(m->header->flags & BUS_MESSAGE_NO_AUTO_START) != !(k->flags & KDBUS_MSG_FLAGS_NO_AUTO_START)) { + r = -EBADMSG; + goto fail; + } + /* Override information from the user header with data from the kernel */ if (k->src_id == KDBUS_SRC_ID_KERNEL) - m->sender = m->creds.unique_name = (char*) "org.freedesktop.DBus"; + bus_message_set_sender_driver(bus, m); else { snprintf(m->sender_buffer, sizeof(m->sender_buffer), ":1.%llu", (unsigned long long) k->src_id); m->sender = m->creds.unique_name = m->sender_buffer; @@ -1047,7 +1082,7 @@ static int push_name_owner_changed(sd_bus *bus, const char *name, const char *ol if (r < 0) return r; - m->sender = "org.freedesktop.DBus"; + bus_message_set_sender_driver(bus, m); r = bus_seal_synthetic_message(bus, m); if (r < 0) @@ -1116,7 +1151,7 @@ static int translate_reply(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item * if (r < 0) return r; - m->sender = "org.freedesktop.DBus"; + bus_message_set_sender_driver(bus, m); r = bus_seal_synthetic_message(bus, m); if (r < 0) @@ -1545,25 +1580,25 @@ int bus_kernel_create_endpoint(const char *bus_name, const char *ep_name, char * _cleanup_free_ char *path = NULL; struct kdbus_cmd_make *make; struct kdbus_item *n; - size_t size; + const char *name; int fd; fd = bus_kernel_open_bus_fd(bus_name, &path); if (fd < 0) return fd; - size = ALIGN8(offsetof(struct kdbus_cmd_make, items)); - size += ALIGN8(offsetof(struct kdbus_item, str) + strlen(ep_name) + 1); - - make = alloca0_align(size, 8); - make->size = size; + make = alloca0_align(ALIGN8(offsetof(struct kdbus_cmd_make, items)) + + ALIGN8(offsetof(struct kdbus_item, str) + DECIMAL_STR_MAX(uid_t) + 1 + strlen(ep_name) + 1), + 8); + make->size = ALIGN8(offsetof(struct kdbus_cmd_make, items)); make->flags = KDBUS_MAKE_ACCESS_WORLD; n = make->items; - + sprintf(n->str, UID_FMT "-%s", getuid(), ep_name); + n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1; n->type = KDBUS_ITEM_MAKE_NAME; - n->size = offsetof(struct kdbus_item, str) + strlen(ep_name) + 1; - strcpy(n->str, ep_name); + make->size += ALIGN8(n->size); + name = n->str; if (ioctl(fd, KDBUS_CMD_ENDPOINT_MAKE, make) < 0) { safe_close(fd); @@ -1573,7 +1608,7 @@ int bus_kernel_create_endpoint(const char *bus_name, const char *ep_name, char * if (ep_path) { char *p; - p = strjoin(dirname(path), "/", ep_name, NULL); + p = strjoin(dirname(path), "/", name, NULL); if (!p) { safe_close(fd); return -ENOMEM; @@ -1689,7 +1724,7 @@ int bus_kernel_make_starter( (accept_fd ? KDBUS_HELLO_ACCEPT_FD : 0); hello->pool_size = KDBUS_POOL_SIZE; hello->attach_flags_send = _KDBUS_ATTACH_ANY; - hello->attach_flags_recv = _KDBUS_ATTACH_ALL; + hello->attach_flags_recv = _KDBUS_ATTACH_ANY; if (ioctl(fd, KDBUS_CMD_HELLO, hello) < 0) return -errno;