From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 23 Apr 2013 03:14:30 +0000 (-0300)
Subject: bus: parse capability kdbus meta data of messages
X-Git-Tag: v203~111
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=102ea8e4f27f0e54de88e7fb7667fd1ed84072ec

bus: parse capability kdbus meta data of messages
---

diff --git a/src/libsystemd-bus/bus-kernel.c b/src/libsystemd-bus/bus-kernel.c
index 42b16966b..9e057fb13 100644
--- a/src/libsystemd-bus/bus-kernel.c
+++ b/src/libsystemd-bus/bus-kernel.c
@@ -475,7 +475,10 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k, sd_bus_mess
                         m->cgroup = d->str;
                 else if (d->type == KDBUS_MSG_SRC_AUDIT)
                         m->audit = &d->audit;
-                else
+                else if (d->type == KDBUS_MSG_SRC_CAPS) {
+                        m->capability = d->data;
+                        m->capability_size = l;
+                } else
                         log_debug("Got unknown field from kernel %llu", d->type);
         }
 
diff --git a/src/libsystemd-bus/bus-message.c b/src/libsystemd-bus/bus-message.c
index 6b4a0f343..835a9f9a4 100644
--- a/src/libsystemd-bus/bus-message.c
+++ b/src/libsystemd-bus/bus-message.c
@@ -928,6 +928,23 @@ int sd_bus_message_get_audit_loginuid(sd_bus_message *m, uid_t *uid) {
         return 0;
 }
 
+int sd_bus_message_has_effective_cap(sd_bus_message *m, int capability) {
+        unsigned sz;
+
+        if (!m)
+                return -EINVAL;
+        if (capability < 0)
+                return -EINVAL;
+        if (!m->capability)
+                return -ESRCH;
+
+        sz = m->capability_size / 4;
+        if ((unsigned) capability >= sz*8)
+                return 0;
+
+        return !!(m->capability[2 * sz + (capability / 8)] & (1 << (capability % 8)));
+}
+
 int sd_bus_message_is_signal(sd_bus_message *m, const char *interface, const char *member) {
         if (!m)
                 return -EINVAL;
@@ -3193,6 +3210,8 @@ int bus_message_dump(sd_bus_message *m) {
         if (sd_bus_message_get_audit_sessionid(m, &audit_sessionid) >= 0)
                 printf("\taudit_sessionid=%lu\n", (unsigned long) audit_sessionid);
 
+        printf("\tCAP_KILL=%i\n", sd_bus_message_has_effective_cap(m, 5));
+
         if (sd_bus_message_get_cmdline(m, &cmdline) >= 0) {
                 char **c;
 
diff --git a/src/libsystemd-bus/bus-message.h b/src/libsystemd-bus/bus-message.h
index 66b434816..9c0829c7f 100644
--- a/src/libsystemd-bus/bus-message.h
+++ b/src/libsystemd-bus/bus-message.h
@@ -121,6 +121,9 @@ struct sd_bus_message {
         char *user_unit;
 
         struct kdbus_audit *audit;
+
+        uint8_t *capability;
+        size_t capability_size;
 };
 
 #define BUS_MESSAGE_NEED_BSWAP(m) ((m)->header->endian != SD_BUS_NATIVE_ENDIAN)
diff --git a/src/systemd/sd-bus.h b/src/systemd/sd-bus.h
index 67923e7fe..8824efeab 100644
--- a/src/systemd/sd-bus.h
+++ b/src/systemd/sd-bus.h
@@ -142,6 +142,7 @@ int sd_bus_message_get_session(sd_bus_message *m, const char **session);
 int sd_bus_message_get_owner_uid(sd_bus_message *m, uid_t *uid);
 int sd_bus_message_get_audit_sessionid(sd_bus_message *m, uint32_t *sessionid);
 int sd_bus_message_get_audit_loginuid(sd_bus_message *m, uid_t *loginuid);
+int sd_bus_message_has_effective_cap(sd_bus_message *m, int capability);
 
 int sd_bus_message_is_signal(sd_bus_message *m, const char *interface, const char *member);
 int sd_bus_message_is_method_call(sd_bus_message *m, const char *interface, const char *member);