1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2013 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #ifdef HAVE_VALGRIND_MEMCHECK_H
23 #include <valgrind/memcheck.h>
30 #include <sys/prctl.h>
34 #include "memfd-util.h"
35 #include "cgroup-util.h"
38 #include "bus-internal.h"
39 #include "bus-message.h"
40 #include "bus-kernel.h"
41 #include "bus-bloom.h"
43 #include "bus-label.h"
45 #define UNIQUE_NAME_MAX (3+DECIMAL_STR_MAX(uint64_t))
47 int bus_kernel_parse_unique_name(const char *s, uint64_t *id) {
53 if (!startswith(s, ":1."))
56 r = safe_atou64(s + 3, id);
63 static void append_payload_vec(struct kdbus_item **d, const void *p, size_t sz) {
69 /* Note that p can be NULL, which encodes a region full of
70 * zeroes, which is useful to optimize certain padding
73 (*d)->size = offsetof(struct kdbus_item, vec) + sizeof(struct kdbus_vec);
74 (*d)->type = KDBUS_ITEM_PAYLOAD_VEC;
75 (*d)->vec.address = PTR_TO_UINT64(p);
78 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
81 static void append_payload_memfd(struct kdbus_item **d, int memfd, size_t start, size_t sz) {
87 (*d)->size = offsetof(struct kdbus_item, memfd) + sizeof(struct kdbus_memfd);
88 (*d)->type = KDBUS_ITEM_PAYLOAD_MEMFD;
89 (*d)->memfd.fd = memfd;
90 (*d)->memfd.start = start;
91 (*d)->memfd.size = sz;
93 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
96 static void append_destination(struct kdbus_item **d, const char *s, size_t length) {
102 (*d)->size = offsetof(struct kdbus_item, str) + length + 1;
103 (*d)->type = KDBUS_ITEM_DST_NAME;
104 memcpy((*d)->str, s, length + 1);
106 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
109 static struct kdbus_bloom_filter *append_bloom(struct kdbus_item **d, size_t length) {
110 struct kdbus_item *i;
116 i->size = offsetof(struct kdbus_item, bloom_filter) +
117 offsetof(struct kdbus_bloom_filter, data) +
119 i->type = KDBUS_ITEM_BLOOM_FILTER;
121 *d = (struct kdbus_item *) ((uint8_t*) i + i->size);
123 return &i->bloom_filter;
126 static void append_fds(struct kdbus_item **d, const int fds[], unsigned n_fds) {
132 (*d)->size = offsetof(struct kdbus_item, fds) + sizeof(int) * n_fds;
133 (*d)->type = KDBUS_ITEM_FDS;
134 memcpy((*d)->fds, fds, sizeof(int) * n_fds);
136 *d = (struct kdbus_item *) ((uint8_t*) *d + (*d)->size);
139 static void add_bloom_arg(void *data, size_t size, unsigned n_hash, unsigned i, const char *t) {
140 char buf[sizeof("arg")-1 + 2 + sizeof("-slash-prefix")];
148 e = stpcpy(buf, "arg");
150 *(e++) = '0' + (char) i;
152 *(e++) = '0' + (char) (i / 10);
153 *(e++) = '0' + (char) (i % 10);
157 bloom_add_pair(data, size, n_hash, buf, t);
159 strcpy(e, "-dot-prefix");
160 bloom_add_prefixes(data, size, n_hash, buf, t, '.');
161 strcpy(e, "-slash-prefix");
162 bloom_add_prefixes(data, size, n_hash, buf, t, '/');
165 static int bus_message_setup_bloom(sd_bus_message *m, struct kdbus_bloom_filter *bloom) {
174 memzero(data, m->bus->bloom_size);
175 bloom->generation = 0;
177 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "message-type", bus_message_type_to_string(m->header->type));
180 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "interface", m->interface);
182 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "member", m->member);
184 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "path", m->path);
185 bloom_add_pair(data, m->bus->bloom_size, m->bus->bloom_n_hash, "path-slash-prefix", m->path);
186 bloom_add_prefixes(data, m->bus->bloom_size, m->bus->bloom_n_hash, "path-slash-prefix", m->path, '/');
189 r = sd_bus_message_rewind(m, true);
193 for (i = 0; i < 64; i++) {
194 const char *t, *contents;
197 r = sd_bus_message_peek_type(m, &type, &contents);
201 if (IN_SET(type, SD_BUS_TYPE_STRING, SD_BUS_TYPE_OBJECT_PATH, SD_BUS_TYPE_SIGNATURE)) {
203 /* The bloom filter includes simple strings of any kind */
204 r = sd_bus_message_read_basic(m, type, &t);
208 add_bloom_arg(data, m->bus->bloom_size, m->bus->bloom_n_hash, i, t);
209 } if (type == SD_BUS_TYPE_ARRAY && STR_IN_SET(contents, "s", "o", "g")) {
211 /* As well as array of simple strings of any kinds */
212 r = sd_bus_message_enter_container(m, type, contents);
216 while ((r = sd_bus_message_read_basic(m, contents[0], &t)) > 0)
217 add_bloom_arg(data, m->bus->bloom_size, m->bus->bloom_n_hash, i, t);
221 r = sd_bus_message_exit_container(m);
226 /* Stop adding to bloom filter as soon as we
227 * run into the first argument we cannot add
235 static int bus_message_setup_kmsg(sd_bus *b, sd_bus_message *m) {
236 struct bus_body_part *part;
237 struct kdbus_item *d;
238 const char *destination;
249 /* We put this together only once, if this message is reused
250 * we reuse the earlier-built version */
254 destination = m->destination ?: m->destination_ptr;
257 r = bus_kernel_parse_unique_name(destination, &unique);
265 sz = offsetof(struct kdbus_msg, items);
267 /* Add in fixed header, fields header and payload */
268 sz += (1 + m->n_body_parts) * ALIGN8(offsetof(struct kdbus_item, vec) +
269 MAX(sizeof(struct kdbus_vec),
270 sizeof(struct kdbus_memfd)));
272 /* Add space for bloom filter */
273 sz += ALIGN8(offsetof(struct kdbus_item, bloom_filter) +
274 offsetof(struct kdbus_bloom_filter, data) +
277 /* Add in well-known destination header */
279 dl = strlen(destination);
280 sz += ALIGN8(offsetof(struct kdbus_item, str) + dl + 1);
283 /* Add space for unix fds */
285 sz += ALIGN8(offsetof(struct kdbus_item, fds) + sizeof(int)*m->n_fds);
287 m->kdbus = memalign(8, sz);
293 m->free_kdbus = true;
294 memzero(m->kdbus, sz);
297 ((m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) ? 0 : KDBUS_MSG_EXPECT_REPLY) |
298 ((m->header->flags & BUS_MESSAGE_NO_AUTO_START) ? KDBUS_MSG_NO_AUTO_START : 0);
301 /* verify_destination_id will usually be 0, which makes the kernel driver only look
302 * at the provided well-known name. Otherwise, the kernel will make sure the provided
303 * destination id matches the owner of the provided weel-known-name, and fail if they
304 * differ. Currently, this is only needed for bus-proxyd. */
305 m->kdbus->dst_id = m->verify_destination_id;
307 m->kdbus->dst_id = destination ? unique : KDBUS_DST_ID_BROADCAST;
309 m->kdbus->payload_type = KDBUS_PAYLOAD_DBUS;
310 m->kdbus->cookie = (uint64_t) m->header->serial;
311 m->kdbus->priority = m->priority;
313 if (m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)
314 m->kdbus->cookie_reply = m->reply_cookie;
318 assert_se(clock_gettime(CLOCK_MONOTONIC_COARSE, &now) == 0);
319 m->kdbus->timeout_ns = now.tv_sec * NSEC_PER_SEC + now.tv_nsec +
320 m->timeout * NSEC_PER_USEC;
326 append_destination(&d, destination, dl);
328 append_payload_vec(&d, m->header, BUS_MESSAGE_BODY_BEGIN(m));
330 MESSAGE_FOREACH_PART(part, i, m) {
332 /* If this is padding then simply send a
333 * vector with a NULL data pointer which the
334 * kernel will just pass through. This is the
335 * most efficient way to encode zeroes */
337 append_payload_vec(&d, NULL, part->size);
341 if (part->memfd >= 0 && part->sealed && destination) {
342 /* Try to send a memfd, if the part is
343 * sealed and this is not a broadcast. Since we can only */
345 append_payload_memfd(&d, part->memfd, part->memfd_offset, part->size);
349 /* Otherwise, let's send a vector to the actual data.
350 * For that, we need to map it first. */
351 r = bus_body_part_map(part);
355 append_payload_vec(&d, part->data, part->size);
358 if (m->kdbus->dst_id == KDBUS_DST_ID_BROADCAST) {
359 struct kdbus_bloom_filter *bloom;
361 bloom = append_bloom(&d, m->bus->bloom_size);
362 r = bus_message_setup_bloom(m, bloom);
368 append_fds(&d, m->fds, m->n_fds);
370 m->kdbus->size = (uint8_t*) d - (uint8_t*) m->kdbus;
371 assert(m->kdbus->size <= sz);
380 static void bus_message_set_sender_driver(sd_bus *bus, sd_bus_message *m) {
384 m->sender = m->creds.unique_name = (char*) "org.freedesktop.DBus";
385 m->creds.well_known_names_driver = true;
386 m->creds.mask |= (SD_BUS_CREDS_UNIQUE_NAME|SD_BUS_CREDS_WELL_KNOWN_NAMES) & bus->creds_mask;
389 static void unset_memfds(struct sd_bus_message *m) {
390 struct bus_body_part *part;
395 /* Make sure the memfds are not freed twice */
396 MESSAGE_FOREACH_PART(part, i, m)
397 if (part->memfd >= 0)
401 static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) {
402 sd_bus_message *m = NULL;
403 struct kdbus_item *d;
405 _cleanup_free_ int *fds = NULL;
406 struct bus_header *h = NULL;
407 size_t total, n_bytes = 0, idx = 0;
408 const char *destination = NULL, *seclabel = NULL;
413 assert(k->payload_type == KDBUS_PAYLOAD_DBUS);
415 KDBUS_ITEM_FOREACH(d, k, items) {
418 l = d->size - offsetof(struct kdbus_item, data);
422 case KDBUS_ITEM_PAYLOAD_OFF:
424 h = (struct bus_header *)((uint8_t *)bus->kdbus_buffer + d->vec.offset);
426 if (!bus_header_is_complete(h, d->vec.size))
430 n_bytes += d->vec.size;
433 case KDBUS_ITEM_PAYLOAD_MEMFD:
437 n_bytes += d->memfd.size;
440 case KDBUS_ITEM_FDS: {
445 f = realloc(fds, sizeof(int) * (n_fds + j));
450 memcpy(fds + n_fds, d->fds, sizeof(int) * j);
455 case KDBUS_ITEM_SECLABEL:
464 r = bus_header_message_size(h, &total);
468 if (n_bytes != total)
471 /* on kdbus we only speak native endian gvariant, never dbus1
472 * marshalling or reverse endian */
473 if (h->version != 2 ||
474 h->endian != BUS_NATIVE_ENDIAN)
477 r = bus_message_from_header(bus, h, sizeof(struct bus_header), fds, n_fds, NULL, seclabel, 0, &m);
481 /* The well-known names list is different from the other
482 credentials. If we asked for it, but nothing is there, this
483 means that the list of well-known names is simply empty, not
484 that we lack any data */
486 m->creds.mask |= (SD_BUS_CREDS_UNIQUE_NAME|SD_BUS_CREDS_WELL_KNOWN_NAMES) & bus->creds_mask;
488 KDBUS_ITEM_FOREACH(d, k, items) {
491 l = d->size - offsetof(struct kdbus_item, data);
495 case KDBUS_ITEM_PAYLOAD_OFF: {
498 begin_body = BUS_MESSAGE_BODY_BEGIN(m);
500 if (idx + d->vec.size > begin_body) {
501 struct bus_body_part *part;
503 /* Contains body material */
505 part = message_append_part(m);
511 /* A -1 offset is NUL padding. */
512 part->is_zero = d->vec.offset == ~0ULL;
514 if (idx >= begin_body) {
516 part->data = (uint8_t *)bus->kdbus_buffer + d->vec.offset;
517 part->size = d->vec.size;
520 part->data = (uint8_t *)bus->kdbus_buffer + d->vec.offset + (begin_body - idx);
521 part->size = d->vec.size - (begin_body - idx);
531 case KDBUS_ITEM_PAYLOAD_MEMFD: {
532 struct bus_body_part *part;
534 if (idx < BUS_MESSAGE_BODY_BEGIN(m)) {
539 part = message_append_part(m);
545 part->memfd = d->memfd.fd;
546 part->memfd_offset = d->memfd.start;
547 part->size = d->memfd.size;
550 idx += d->memfd.size;
554 case KDBUS_ITEM_PIDS:
556 /* The PID/TID might be missing, when the data
557 * is faked by some data bus proxy and it
558 * lacks that information about the real
559 * client since SO_PEERCRED is used for
562 if (d->pids.pid > 0) {
563 m->creds.pid = (pid_t) d->pids.pid;
564 m->creds.mask |= SD_BUS_CREDS_PID & bus->creds_mask;
567 if (d->pids.tid > 0) {
568 m->creds.tid = (pid_t) d->pids.tid;
569 m->creds.mask |= SD_BUS_CREDS_TID & bus->creds_mask;
574 case KDBUS_ITEM_CREDS:
576 /* EUID/SUID/FSUID/EGID/SGID/FSGID might be missing too (see above). */
578 if ((uid_t) d->creds.uid != UID_INVALID) {
579 m->creds.uid = (uid_t) d->creds.uid;
580 m->creds.mask |= SD_BUS_CREDS_UID & bus->creds_mask;
583 if ((uid_t) d->creds.euid != UID_INVALID) {
584 m->creds.euid = (uid_t) d->creds.euid;
585 m->creds.mask |= SD_BUS_CREDS_EUID & bus->creds_mask;
588 if ((uid_t) d->creds.suid != UID_INVALID) {
589 m->creds.suid = (uid_t) d->creds.suid;
590 m->creds.mask |= SD_BUS_CREDS_SUID & bus->creds_mask;
593 if ((uid_t) d->creds.fsuid != UID_INVALID) {
594 m->creds.fsuid = (uid_t) d->creds.fsuid;
595 m->creds.mask |= SD_BUS_CREDS_FSUID & bus->creds_mask;
598 if ((gid_t) d->creds.gid != GID_INVALID) {
599 m->creds.gid = (gid_t) d->creds.gid;
600 m->creds.mask |= SD_BUS_CREDS_GID & bus->creds_mask;
603 if ((gid_t) d->creds.egid != GID_INVALID) {
604 m->creds.egid = (gid_t) d->creds.egid;
605 m->creds.mask |= SD_BUS_CREDS_EGID & bus->creds_mask;
608 if ((gid_t) d->creds.sgid != GID_INVALID) {
609 m->creds.sgid = (gid_t) d->creds.sgid;
610 m->creds.mask |= SD_BUS_CREDS_SGID & bus->creds_mask;
613 if ((gid_t) d->creds.fsgid != GID_INVALID) {
614 m->creds.fsgid = (gid_t) d->creds.fsgid;
615 m->creds.mask |= SD_BUS_CREDS_FSGID & bus->creds_mask;
620 case KDBUS_ITEM_TIMESTAMP:
622 if (bus->attach_flags & KDBUS_ATTACH_TIMESTAMP) {
623 m->realtime = d->timestamp.realtime_ns / NSEC_PER_USEC;
624 m->monotonic = d->timestamp.monotonic_ns / NSEC_PER_USEC;
625 m->seqnum = d->timestamp.seqnum;
630 case KDBUS_ITEM_PID_COMM:
631 m->creds.comm = d->str;
632 m->creds.mask |= SD_BUS_CREDS_COMM & bus->creds_mask;
635 case KDBUS_ITEM_TID_COMM:
636 m->creds.tid_comm = d->str;
637 m->creds.mask |= SD_BUS_CREDS_TID_COMM & bus->creds_mask;
641 m->creds.exe = d->str;
642 m->creds.mask |= SD_BUS_CREDS_EXE & bus->creds_mask;
645 case KDBUS_ITEM_CMDLINE:
646 m->creds.cmdline = d->str;
647 m->creds.cmdline_size = l;
648 m->creds.mask |= SD_BUS_CREDS_CMDLINE & bus->creds_mask;
651 case KDBUS_ITEM_CGROUP:
652 m->creds.cgroup = d->str;
653 m->creds.mask |= (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID) & bus->creds_mask;
655 r = bus_get_root_path(bus);
659 m->creds.cgroup_root = bus->cgroup_root;
663 case KDBUS_ITEM_AUDIT:
664 if ((uint32_t) d->audit.sessionid != (uint32_t) -1) {
665 m->creds.audit_session_id = (uint32_t) d->audit.sessionid;
666 m->creds.mask |= SD_BUS_CREDS_AUDIT_SESSION_ID & bus->creds_mask;
669 if ((uid_t) d->audit.loginuid != UID_INVALID) {
670 m->creds.audit_login_uid = (uid_t) d->audit.loginuid;
671 m->creds.mask |= SD_BUS_CREDS_AUDIT_LOGIN_UID & bus->creds_mask;
675 case KDBUS_ITEM_CAPS:
676 m->creds.capability = (uint8_t *) d->caps.caps;
677 m->creds.capability_size = d->size - offsetof(struct kdbus_item, caps.caps);
678 m->creds.mask |= (SD_BUS_CREDS_EFFECTIVE_CAPS|SD_BUS_CREDS_PERMITTED_CAPS|SD_BUS_CREDS_INHERITABLE_CAPS|SD_BUS_CREDS_BOUNDING_CAPS) & bus->creds_mask;
681 case KDBUS_ITEM_DST_NAME:
682 if (!service_name_is_valid(d->str)) {
687 destination = d->str;
690 case KDBUS_ITEM_OWNED_NAME:
691 if (!service_name_is_valid(d->name.name)) {
696 if (bus->creds_mask & SD_BUS_CREDS_WELL_KNOWN_NAMES) {
700 /* We just extend the array here, but
701 * do not allocate the strings inside
702 * of it, instead we just point to our
703 * buffer directly. */
704 n = strv_length(m->creds.well_known_names);
705 wkn = realloc(m->creds.well_known_names, (n + 2) * sizeof(char*));
711 wkn[n] = d->name.name;
713 m->creds.well_known_names = wkn;
715 m->creds.mask |= SD_BUS_CREDS_WELL_KNOWN_NAMES;
719 case KDBUS_ITEM_CONN_DESCRIPTION:
720 m->creds.description = d->str;
721 m->creds.mask |= SD_BUS_CREDS_DESCRIPTION & bus->creds_mask;
724 case KDBUS_ITEM_AUXGROUPS:
726 if (bus->creds_mask & SD_BUS_CREDS_SUPPLEMENTARY_GIDS) {
727 assert_cc(sizeof(gid_t) == sizeof(uint32_t));
729 m->creds.n_supplementary_gids = (d->size - offsetof(struct kdbus_item, data32)) / sizeof(uint32_t);
730 m->creds.supplementary_gids = (gid_t*) d->data32;
731 m->creds.mask |= SD_BUS_CREDS_SUPPLEMENTARY_GIDS;
737 case KDBUS_ITEM_SECLABEL:
741 log_debug("Got unknown field from kernel %llu", d->type);
745 /* If we requested the list of well-known names to be appended
746 * and the sender had none no item for it will be
747 * attached. However, this does *not* mean that we the kernel
748 * didn't want to provide this information to us. Hence, let's
749 * explicitly mark this information as available if it was
751 m->creds.mask |= bus->creds_mask & SD_BUS_CREDS_WELL_KNOWN_NAMES;
753 r = bus_message_parse_fields(m);
757 /* Refuse messages if kdbus and dbus1 cookie doesn't match up */
758 if ((uint64_t) m->header->serial != k->cookie) {
763 /* Refuse messages where the reply flag doesn't match up */
764 if (!(m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) != !!(k->flags & KDBUS_MSG_EXPECT_REPLY)) {
769 /* Refuse reply messages where the reply cookie doesn't match up */
770 if ((m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) && m->reply_cookie != k->cookie_reply) {
775 /* Refuse messages where the autostart flag doesn't match up */
776 if (!(m->header->flags & BUS_MESSAGE_NO_AUTO_START) != !(k->flags & KDBUS_MSG_NO_AUTO_START)) {
781 /* Override information from the user header with data from the kernel */
782 if (k->src_id == KDBUS_SRC_ID_KERNEL)
783 bus_message_set_sender_driver(bus, m);
785 snprintf(m->sender_buffer, sizeof(m->sender_buffer), ":1.%llu", (unsigned long long) k->src_id);
786 m->sender = m->creds.unique_name = m->sender_buffer;
790 m->destination = destination;
791 else if (k->dst_id == KDBUS_DST_ID_BROADCAST)
792 m->destination = NULL;
793 else if (k->dst_id == KDBUS_DST_ID_NAME)
794 m->destination = bus->unique_name; /* fill in unique name if the well-known name is missing */
796 snprintf(m->destination_buffer, sizeof(m->destination_buffer), ":1.%llu", (unsigned long long) k->dst_id);
797 m->destination = m->destination_buffer;
800 /* We take possession of the kmsg struct now */
802 m->release_kdbus = true;
806 bus->rqueue[bus->rqueue_size++] = m;
812 sd_bus_message_unref(m);
817 int bus_kernel_take_fd(sd_bus *b) {
818 struct kdbus_bloom_parameter *bloom = NULL;
819 struct kdbus_cmd_hello *hello;
820 struct kdbus_item_list *items;
821 struct kdbus_item *item;
822 _cleanup_free_ char *g = NULL;
824 size_t l = 0, m = 0, sz;
834 if (b->description) {
835 g = bus_label_escape(b->description);
843 /* If no name is explicitly set, we'll include a hint
844 * indicating the library implementation, a hint which
845 * kind of bus this is and the thread name */
847 assert_se(prctl(PR_GET_NAME, (unsigned long) pr) >= 0);
850 name = b->is_system ? "sd-system" :
851 b->is_user ? "sd-user" : "sd";
853 _cleanup_free_ char *e = NULL;
855 e = bus_label_escape(pr);
859 g = strappend(b->is_system ? "sd-system-" :
860 b->is_user ? "sd-user-" : "sd-",
868 b->description = bus_label_unescape(name);
875 sz = ALIGN8(offsetof(struct kdbus_cmd_hello, items)) +
876 ALIGN8(offsetof(struct kdbus_item, str) + m + 1);
878 if (b->fake_creds_valid)
879 sz += ALIGN8(offsetof(struct kdbus_item, creds) + sizeof(struct kdbus_creds));
881 if (b->fake_pids_valid)
882 sz += ALIGN8(offsetof(struct kdbus_item, pids) + sizeof(struct kdbus_pids));
885 l = strlen(b->fake_label);
886 sz += ALIGN8(offsetof(struct kdbus_item, str) + l + 1);
889 hello = alloca0_align(sz, 8);
891 hello->flags = b->hello_flags;
892 hello->attach_flags_send = _KDBUS_ATTACH_ANY;
893 hello->attach_flags_recv = b->attach_flags;
894 hello->pool_size = KDBUS_POOL_SIZE;
898 item->size = offsetof(struct kdbus_item, str) + m + 1;
899 item->type = KDBUS_ITEM_CONN_DESCRIPTION;
900 memcpy(item->str, name, m + 1);
901 item = KDBUS_ITEM_NEXT(item);
903 if (b->fake_creds_valid) {
904 item->size = offsetof(struct kdbus_item, creds) + sizeof(struct kdbus_creds);
905 item->type = KDBUS_ITEM_CREDS;
906 item->creds = b->fake_creds;
908 item = KDBUS_ITEM_NEXT(item);
911 if (b->fake_pids_valid) {
912 item->size = offsetof(struct kdbus_item, pids) + sizeof(struct kdbus_pids);
913 item->type = KDBUS_ITEM_PIDS;
914 item->pids = b->fake_pids;
916 item = KDBUS_ITEM_NEXT(item);
920 item->size = offsetof(struct kdbus_item, str) + l + 1;
921 item->type = KDBUS_ITEM_SECLABEL;
922 memcpy(item->str, b->fake_label, l+1);
925 r = ioctl(b->input_fd, KDBUS_CMD_HELLO, hello);
929 if (!b->kdbus_buffer) {
930 b->kdbus_buffer = mmap(NULL, KDBUS_POOL_SIZE, PROT_READ, MAP_SHARED, b->input_fd, 0);
931 if (b->kdbus_buffer == MAP_FAILED) {
932 b->kdbus_buffer = NULL;
938 /* The higher 32bit of the bus_flags fields are considered
939 * 'incompatible flags'. Refuse them all for now. */
940 if (hello->bus_flags > 0xFFFFFFFFULL) {
945 /* extract bloom parameters from items */
946 items = (void*)((uint8_t*)b->kdbus_buffer + hello->offset);
947 KDBUS_ITEM_FOREACH(item, items, items) {
948 switch (item->type) {
949 case KDBUS_ITEM_BLOOM_PARAMETER:
950 bloom = &item->bloom_parameter;
955 if (!bloom || !bloom_validate_parameters((size_t) bloom->size, (unsigned) bloom->n_hash)) {
960 b->bloom_size = (size_t) bloom->size;
961 b->bloom_n_hash = (unsigned) bloom->n_hash;
963 if (asprintf(&b->unique_name, ":1.%llu", (unsigned long long) hello->id) < 0) {
968 b->unique_id = hello->id;
971 b->bus_client = true;
972 b->can_fds = !!(hello->flags & KDBUS_HELLO_ACCEPT_FD);
973 b->message_version = 2;
974 b->message_endian = BUS_NATIVE_ENDIAN;
976 /* the kernel told us the UUID of the underlying bus */
977 memcpy(b->server_id.bytes, hello->id128, sizeof(b->server_id.bytes));
979 /* free returned items */
980 (void) bus_kernel_cmd_free(b, hello->offset);
982 return bus_start_running(b);
985 (void) bus_kernel_cmd_free(b, hello->offset);
989 int bus_kernel_connect(sd_bus *b) {
991 assert(b->input_fd < 0);
992 assert(b->output_fd < 0);
998 b->input_fd = open(b->kernel, O_RDWR|O_NOCTTY|O_CLOEXEC);
1002 b->output_fd = b->input_fd;
1004 return bus_kernel_take_fd(b);
1007 int bus_kernel_cmd_free(sd_bus *bus, uint64_t offset) {
1008 struct kdbus_cmd_free cmd = {
1009 .size = sizeof(cmd),
1016 assert(bus->is_kernel);
1018 r = ioctl(bus->input_fd, KDBUS_CMD_FREE, &cmd);
1025 static void close_kdbus_msg(sd_bus *bus, struct kdbus_msg *k) {
1026 struct kdbus_item *d;
1031 KDBUS_ITEM_FOREACH(d, k, items) {
1032 if (d->type == KDBUS_ITEM_FDS)
1033 close_many(d->fds, (d->size - offsetof(struct kdbus_item, fds)) / sizeof(int));
1034 else if (d->type == KDBUS_ITEM_PAYLOAD_MEMFD)
1035 safe_close(d->memfd.fd);
1038 bus_kernel_cmd_free(bus, (uint8_t*) k - (uint8_t*) bus->kdbus_buffer);
1041 int bus_kernel_write_message(sd_bus *bus, sd_bus_message *m, bool hint_sync_call) {
1042 struct kdbus_cmd_send cmd = { };
1047 assert(bus->state == BUS_RUNNING);
1049 /* If we can't deliver, we want room for the error message */
1050 r = bus_rqueue_make_room(bus);
1054 r = bus_message_setup_kmsg(bus, m);
1058 cmd.size = sizeof(cmd);
1059 cmd.msg_address = (uintptr_t)m->kdbus;
1061 /* If this is a synchronous method call, then let's tell the
1062 * kernel, so that it can pass CPU time/scheduling to the
1063 * destination for the time, if it wants to. If we
1064 * synchronously wait for the result anyway, we won't need CPU
1066 if (hint_sync_call) {
1067 m->kdbus->flags |= KDBUS_MSG_EXPECT_REPLY;
1068 cmd.flags |= KDBUS_SEND_SYNC_REPLY;
1071 r = ioctl(bus->output_fd, KDBUS_CMD_SEND, &cmd);
1073 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1074 sd_bus_message *reply;
1076 if (errno == EAGAIN || errno == EINTR)
1078 else if (errno == ENXIO || errno == ESRCH) {
1080 /* ENXIO: unique name not known
1081 * ESRCH: well-known name not known */
1083 if (m->header->type == SD_BUS_MESSAGE_METHOD_CALL)
1084 sd_bus_error_setf(&error, SD_BUS_ERROR_SERVICE_UNKNOWN, "Destination %s not known", m->destination);
1086 log_debug("Could not deliver message to %s as destination is not known. Ignoring.", m->destination);
1090 } else if (errno == EADDRNOTAVAIL) {
1092 /* EADDRNOTAVAIL: activation is possible, but turned off in request flags */
1094 if (m->header->type == SD_BUS_MESSAGE_METHOD_CALL)
1095 sd_bus_error_setf(&error, SD_BUS_ERROR_SERVICE_UNKNOWN, "Activation of %s not requested", m->destination);
1097 log_debug("Could not deliver message to %s as destination is not activated. Ignoring.", m->destination);
1103 r = bus_message_new_synthetic_error(
1105 BUS_MESSAGE_COOKIE(m),
1112 r = bus_seal_synthetic_message(bus, reply);
1116 bus->rqueue[bus->rqueue_size++] = reply;
1118 } else if (hint_sync_call) {
1119 struct kdbus_msg *k;
1121 k = (struct kdbus_msg *)((uint8_t *)bus->kdbus_buffer + cmd.reply.offset);
1124 if (k->payload_type == KDBUS_PAYLOAD_DBUS) {
1126 r = bus_kernel_make_message(bus, k);
1128 close_kdbus_msg(bus, k);
1130 /* Anybody can send us invalid messages, let's just drop them. */
1131 if (r == -EBADMSG || r == -EPROTOTYPE)
1132 log_debug_errno(r, "Ignoring invalid message: %m");
1137 log_debug("Ignoring message with unknown payload type %llu.", (unsigned long long) k->payload_type);
1138 close_kdbus_msg(bus, k);
1145 static int push_name_owner_changed(sd_bus *bus, const char *name, const char *old_owner, const char *new_owner) {
1146 _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
1151 r = sd_bus_message_new_signal(
1154 "/org/freedesktop/DBus",
1155 "org.freedesktop.DBus",
1156 "NameOwnerChanged");
1160 r = sd_bus_message_append(m, "sss", name, old_owner, new_owner);
1164 bus_message_set_sender_driver(bus, m);
1166 r = bus_seal_synthetic_message(bus, m);
1170 bus->rqueue[bus->rqueue_size++] = m;
1176 static int translate_name_change(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) {
1177 char new_owner[UNIQUE_NAME_MAX], old_owner[UNIQUE_NAME_MAX];
1183 if (d->type == KDBUS_ITEM_NAME_ADD || (d->name_change.old_id.flags & (KDBUS_NAME_IN_QUEUE|KDBUS_NAME_ACTIVATOR)))
1186 sprintf(old_owner, ":1.%llu", (unsigned long long) d->name_change.old_id.id);
1188 if (d->type == KDBUS_ITEM_NAME_REMOVE || (d->name_change.new_id.flags & (KDBUS_NAME_IN_QUEUE|KDBUS_NAME_ACTIVATOR))) {
1190 if (isempty(old_owner))
1195 sprintf(new_owner, ":1.%llu", (unsigned long long) d->name_change.new_id.id);
1197 return push_name_owner_changed(bus, d->name_change.name, old_owner, new_owner);
1200 static int translate_id_change(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) {
1201 char owner[UNIQUE_NAME_MAX];
1207 sprintf(owner, ":1.%llu", d->id_change.id);
1209 return push_name_owner_changed(
1211 d->type == KDBUS_ITEM_ID_ADD ? NULL : owner,
1212 d->type == KDBUS_ITEM_ID_ADD ? owner : NULL);
1215 static int translate_reply(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) {
1216 _cleanup_bus_message_unref_ sd_bus_message *m = NULL;
1223 r = bus_message_new_synthetic_error(
1226 d->type == KDBUS_ITEM_REPLY_TIMEOUT ?
1227 &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_NO_REPLY, "Method call timed out") :
1228 &SD_BUS_ERROR_MAKE_CONST(SD_BUS_ERROR_NO_REPLY, "Method call peer died"),
1233 bus_message_set_sender_driver(bus, m);
1235 r = bus_seal_synthetic_message(bus, m);
1239 bus->rqueue[bus->rqueue_size++] = m;
1245 static int bus_kernel_translate_message(sd_bus *bus, struct kdbus_msg *k) {
1246 struct kdbus_item *d, *found = NULL;
1248 static int (* const translate[])(sd_bus *bus, struct kdbus_msg *k, struct kdbus_item *d) = {
1249 [KDBUS_ITEM_NAME_ADD - _KDBUS_ITEM_KERNEL_BASE] = translate_name_change,
1250 [KDBUS_ITEM_NAME_REMOVE - _KDBUS_ITEM_KERNEL_BASE] = translate_name_change,
1251 [KDBUS_ITEM_NAME_CHANGE - _KDBUS_ITEM_KERNEL_BASE] = translate_name_change,
1253 [KDBUS_ITEM_ID_ADD - _KDBUS_ITEM_KERNEL_BASE] = translate_id_change,
1254 [KDBUS_ITEM_ID_REMOVE - _KDBUS_ITEM_KERNEL_BASE] = translate_id_change,
1256 [KDBUS_ITEM_REPLY_TIMEOUT - _KDBUS_ITEM_KERNEL_BASE] = translate_reply,
1257 [KDBUS_ITEM_REPLY_DEAD - _KDBUS_ITEM_KERNEL_BASE] = translate_reply,
1262 assert(k->payload_type == KDBUS_PAYLOAD_KERNEL);
1264 KDBUS_ITEM_FOREACH(d, k, items) {
1265 if (d->type >= _KDBUS_ITEM_KERNEL_BASE && d->type < _KDBUS_ITEM_KERNEL_BASE + ELEMENTSOF(translate)) {
1270 log_debug("Got unknown field from kernel %llu", d->type);
1274 log_debug("Didn't find a kernel message to translate.");
1278 return translate[found->type - _KDBUS_ITEM_KERNEL_BASE](bus, k, found);
1281 int bus_kernel_read_message(sd_bus *bus, bool hint_priority, int64_t priority) {
1282 struct kdbus_cmd_recv recv = { .size = sizeof(recv) };
1283 struct kdbus_msg *k;
1288 r = bus_rqueue_make_room(bus);
1292 if (hint_priority) {
1293 recv.flags |= KDBUS_RECV_USE_PRIORITY;
1294 recv.priority = priority;
1297 r = ioctl(bus->input_fd, KDBUS_CMD_RECV, &recv);
1299 if (errno == EAGAIN)
1302 if (errno == EOVERFLOW) {
1303 log_debug("%s: kdbus reports %" PRIu64 " dropped broadcast messages, ignoring.", strna(bus->description), (uint64_t) recv.dropped_msgs);
1310 k = (struct kdbus_msg *)((uint8_t *)bus->kdbus_buffer + recv.reply.offset);
1311 if (k->payload_type == KDBUS_PAYLOAD_DBUS) {
1312 r = bus_kernel_make_message(bus, k);
1314 /* Anybody can send us invalid messages, let's just drop them. */
1315 if (r == -EBADMSG || r == -EPROTOTYPE) {
1316 log_debug_errno(r, "Ignoring invalid message: %m");
1320 } else if (k->payload_type == KDBUS_PAYLOAD_KERNEL)
1321 r = bus_kernel_translate_message(bus, k);
1323 log_debug("Ignoring message with unknown payload type %llu.", (unsigned long long) k->payload_type);
1328 close_kdbus_msg(bus, k);
1330 return r < 0 ? r : 1;
1333 int bus_kernel_pop_memfd(sd_bus *bus, void **address, size_t *mapped, size_t *allocated) {
1334 struct memfd_cache *c;
1341 if (!bus || !bus->is_kernel)
1344 assert_se(pthread_mutex_lock(&bus->memfd_cache_mutex) >= 0);
1346 if (bus->n_memfd_cache <= 0) {
1349 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1351 r = memfd_new(bus->description);
1361 c = &bus->memfd_cache[--bus->n_memfd_cache];
1364 assert(c->mapped == 0 || c->address);
1366 *address = c->address;
1367 *mapped = c->mapped;
1368 *allocated = c->allocated;
1371 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1376 static void close_and_munmap(int fd, void *address, size_t size) {
1378 assert_se(munmap(address, PAGE_ALIGN(size)) >= 0);
1383 void bus_kernel_push_memfd(sd_bus *bus, int fd, void *address, size_t mapped, size_t allocated) {
1384 struct memfd_cache *c;
1385 uint64_t max_mapped = PAGE_ALIGN(MEMFD_CACHE_ITEM_SIZE_MAX);
1388 assert(mapped == 0 || address);
1390 if (!bus || !bus->is_kernel) {
1391 close_and_munmap(fd, address, mapped);
1395 assert_se(pthread_mutex_lock(&bus->memfd_cache_mutex) >= 0);
1397 if (bus->n_memfd_cache >= ELEMENTSOF(bus->memfd_cache)) {
1398 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1400 close_and_munmap(fd, address, mapped);
1404 c = &bus->memfd_cache[bus->n_memfd_cache++];
1406 c->address = address;
1408 /* If overly long, let's return a bit to the OS */
1409 if (mapped > max_mapped) {
1410 assert_se(memfd_set_size(fd, max_mapped) >= 0);
1411 assert_se(munmap((uint8_t*) address + max_mapped, PAGE_ALIGN(mapped - max_mapped)) >= 0);
1412 c->mapped = c->allocated = max_mapped;
1415 c->allocated = allocated;
1418 assert_se(pthread_mutex_unlock(&bus->memfd_cache_mutex) >= 0);
1421 void bus_kernel_flush_memfd(sd_bus *b) {
1426 for (i = 0; i < b->n_memfd_cache; i++)
1427 close_and_munmap(b->memfd_cache[i].fd, b->memfd_cache[i].address, b->memfd_cache[i].mapped);
1430 uint64_t request_name_flags_to_kdbus(uint64_t flags) {
1433 if (flags & SD_BUS_NAME_ALLOW_REPLACEMENT)
1434 f |= KDBUS_NAME_ALLOW_REPLACEMENT;
1436 if (flags & SD_BUS_NAME_REPLACE_EXISTING)
1437 f |= KDBUS_NAME_REPLACE_EXISTING;
1439 if (flags & SD_BUS_NAME_QUEUE)
1440 f |= KDBUS_NAME_QUEUE;
1445 uint64_t attach_flags_to_kdbus(uint64_t mask) {
1448 if (mask & (SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID|
1449 SD_BUS_CREDS_GID|SD_BUS_CREDS_EGID|SD_BUS_CREDS_SGID|SD_BUS_CREDS_FSGID))
1450 m |= KDBUS_ATTACH_CREDS;
1452 if (mask & (SD_BUS_CREDS_PID|SD_BUS_CREDS_TID))
1453 m |= KDBUS_ATTACH_PIDS;
1455 if (mask & SD_BUS_CREDS_COMM)
1456 m |= KDBUS_ATTACH_PID_COMM;
1458 if (mask & SD_BUS_CREDS_TID_COMM)
1459 m |= KDBUS_ATTACH_TID_COMM;
1461 if (mask & SD_BUS_CREDS_EXE)
1462 m |= KDBUS_ATTACH_EXE;
1464 if (mask & SD_BUS_CREDS_CMDLINE)
1465 m |= KDBUS_ATTACH_CMDLINE;
1467 if (mask & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID))
1468 m |= KDBUS_ATTACH_CGROUP;
1470 if (mask & (SD_BUS_CREDS_EFFECTIVE_CAPS|SD_BUS_CREDS_PERMITTED_CAPS|SD_BUS_CREDS_INHERITABLE_CAPS|SD_BUS_CREDS_BOUNDING_CAPS))
1471 m |= KDBUS_ATTACH_CAPS;
1473 if (mask & SD_BUS_CREDS_SELINUX_CONTEXT)
1474 m |= KDBUS_ATTACH_SECLABEL;
1476 if (mask & (SD_BUS_CREDS_AUDIT_SESSION_ID|SD_BUS_CREDS_AUDIT_LOGIN_UID))
1477 m |= KDBUS_ATTACH_AUDIT;
1479 if (mask & SD_BUS_CREDS_WELL_KNOWN_NAMES)
1480 m |= KDBUS_ATTACH_NAMES;
1482 if (mask & SD_BUS_CREDS_DESCRIPTION)
1483 m |= KDBUS_ATTACH_CONN_DESCRIPTION;
1485 if (mask & SD_BUS_CREDS_SUPPLEMENTARY_GIDS)
1486 m |= KDBUS_ATTACH_AUXGROUPS;
1491 int bus_kernel_create_bus(const char *name, bool world, char **s) {
1492 struct kdbus_cmd_make *make;
1493 struct kdbus_item *n;
1500 fd = open("/sys/fs/kdbus/control", O_RDWR|O_NOCTTY|O_CLOEXEC);
1505 make = alloca0_align(offsetof(struct kdbus_cmd_make, items) +
1506 ALIGN8(offsetof(struct kdbus_item, bloom_parameter) + sizeof(struct kdbus_bloom_parameter)) +
1507 ALIGN8(offsetof(struct kdbus_item, data64) + sizeof(uint64_t)) +
1508 ALIGN8(offsetof(struct kdbus_item, str) + DECIMAL_STR_MAX(uid_t) + 1 + l + 1),
1511 make->size = offsetof(struct kdbus_cmd_make, items);
1513 /* Set the bloom parameters */
1515 n->size = offsetof(struct kdbus_item, bloom_parameter) +
1516 sizeof(struct kdbus_bloom_parameter);
1517 n->type = KDBUS_ITEM_BLOOM_PARAMETER;
1518 n->bloom_parameter.size = DEFAULT_BLOOM_SIZE;
1519 n->bloom_parameter.n_hash = DEFAULT_BLOOM_N_HASH;
1521 assert_cc(DEFAULT_BLOOM_SIZE > 0);
1522 assert_cc(DEFAULT_BLOOM_N_HASH > 0);
1524 make->size += ALIGN8(n->size);
1526 /* The busses we create make no restrictions on what metadata
1527 * peers can read from incoming messages. */
1528 n = KDBUS_ITEM_NEXT(n);
1529 n->type = KDBUS_ITEM_ATTACH_FLAGS_RECV;
1530 n->size = offsetof(struct kdbus_item, data64) + sizeof(uint64_t);
1531 n->data64[0] = _KDBUS_ATTACH_ANY;
1532 make->size += ALIGN8(n->size);
1534 /* Set the a good name */
1535 n = KDBUS_ITEM_NEXT(n);
1536 sprintf(n->str, UID_FMT "-%s", getuid(), name);
1537 n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
1538 n->type = KDBUS_ITEM_MAKE_NAME;
1539 make->size += ALIGN8(n->size);
1541 make->flags = world ? KDBUS_MAKE_ACCESS_WORLD : 0;
1543 if (ioctl(fd, KDBUS_CMD_BUS_MAKE, make) < 0) {
1551 p = strjoin("/sys/fs/kdbus/", n->str, "/bus", NULL);
1563 static int bus_kernel_translate_access(BusPolicyAccess access) {
1564 assert(access >= 0);
1565 assert(access < _BUS_POLICY_ACCESS_MAX);
1569 case BUS_POLICY_ACCESS_SEE:
1570 return KDBUS_POLICY_SEE;
1572 case BUS_POLICY_ACCESS_TALK:
1573 return KDBUS_POLICY_TALK;
1575 case BUS_POLICY_ACCESS_OWN:
1576 return KDBUS_POLICY_OWN;
1579 assert_not_reached("Unknown policy access");
1583 static int bus_kernel_translate_policy(const BusNamePolicy *policy, struct kdbus_item *item) {
1589 switch (policy->type) {
1591 case BUSNAME_POLICY_TYPE_USER: {
1592 const char *user = policy->name;
1595 r = get_user_creds(&user, &uid, NULL, NULL, NULL);
1599 item->policy_access.type = KDBUS_POLICY_ACCESS_USER;
1600 item->policy_access.id = uid;
1604 case BUSNAME_POLICY_TYPE_GROUP: {
1605 const char *group = policy->name;
1608 r = get_group_creds(&group, &gid);
1612 item->policy_access.type = KDBUS_POLICY_ACCESS_GROUP;
1613 item->policy_access.id = gid;
1618 assert_not_reached("Unknown policy type");
1621 item->policy_access.access = bus_kernel_translate_access(policy->access);
1626 int bus_kernel_open_bus_fd(const char *bus, char **path) {
1633 len = strlen("/sys/fs/kdbus/") + DECIMAL_STR_MAX(uid_t) + 1 + strlen(bus) + strlen("/bus") + 1;
1640 p = newa(char, len);
1642 sprintf(p, "/sys/fs/kdbus/" UID_FMT "-%s/bus", getuid(), bus);
1644 fd = open(p, O_RDWR|O_NOCTTY|O_CLOEXEC);
1658 int bus_kernel_create_endpoint(const char *bus_name, const char *ep_name, char **ep_path) {
1659 _cleanup_free_ char *path = NULL;
1660 struct kdbus_cmd_make *make;
1661 struct kdbus_item *n;
1665 fd = bus_kernel_open_bus_fd(bus_name, &path);
1669 make = alloca0_align(ALIGN8(offsetof(struct kdbus_cmd_make, items)) +
1670 ALIGN8(offsetof(struct kdbus_item, str) + DECIMAL_STR_MAX(uid_t) + 1 + strlen(ep_name) + 1),
1672 make->size = ALIGN8(offsetof(struct kdbus_cmd_make, items));
1673 make->flags = KDBUS_MAKE_ACCESS_WORLD;
1676 sprintf(n->str, UID_FMT "-%s", getuid(), ep_name);
1677 n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
1678 n->type = KDBUS_ITEM_MAKE_NAME;
1679 make->size += ALIGN8(n->size);
1682 if (ioctl(fd, KDBUS_CMD_ENDPOINT_MAKE, make) < 0) {
1690 p = strjoin(dirname(path), "/", name, NULL);
1702 int bus_kernel_set_endpoint_policy(int fd, uid_t uid, BusEndpoint *ep) {
1704 struct kdbus_cmd_update *update;
1705 struct kdbus_item *n;
1706 BusEndpointPolicy *po;
1711 size = ALIGN8(offsetof(struct kdbus_cmd_update, items));
1713 HASHMAP_FOREACH(po, ep->policy_hash, i) {
1714 size += ALIGN8(offsetof(struct kdbus_item, str) + strlen(po->name) + 1);
1715 size += ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access));
1718 update = alloca0_align(size, 8);
1719 update->size = size;
1723 HASHMAP_FOREACH(po, ep->policy_hash, i) {
1724 n->type = KDBUS_ITEM_NAME;
1725 n->size = offsetof(struct kdbus_item, str) + strlen(po->name) + 1;
1726 strcpy(n->str, po->name);
1727 n = KDBUS_ITEM_NEXT(n);
1729 n->type = KDBUS_ITEM_POLICY_ACCESS;
1730 n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
1732 n->policy_access.type = KDBUS_POLICY_ACCESS_USER;
1733 n->policy_access.access = bus_kernel_translate_access(po->access);
1734 n->policy_access.id = uid;
1736 n = KDBUS_ITEM_NEXT(n);
1739 r = ioctl(fd, KDBUS_CMD_ENDPOINT_UPDATE, update);
1746 int bus_kernel_make_starter(
1751 BusNamePolicy *policy,
1752 BusPolicyAccess world_policy) {
1754 struct kdbus_cmd_free cmd_free = { .size = sizeof(cmd_free) };
1755 struct kdbus_cmd_hello *hello;
1756 struct kdbus_item *n;
1757 size_t policy_cnt = 0;
1765 LIST_FOREACH(policy, po, policy)
1768 if (world_policy >= 0)
1771 size = offsetof(struct kdbus_cmd_hello, items) +
1772 ALIGN8(offsetof(struct kdbus_item, str) + strlen(name) + 1) +
1773 policy_cnt * ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access));
1775 hello = alloca0_align(size, 8);
1778 strcpy(n->str, name);
1779 n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
1780 n->type = KDBUS_ITEM_NAME;
1781 n = KDBUS_ITEM_NEXT(n);
1783 LIST_FOREACH(policy, po, policy) {
1784 n->type = KDBUS_ITEM_POLICY_ACCESS;
1785 n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
1787 r = bus_kernel_translate_policy(po, n);
1791 n = KDBUS_ITEM_NEXT(n);
1794 if (world_policy >= 0) {
1795 n->type = KDBUS_ITEM_POLICY_ACCESS;
1796 n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
1797 n->policy_access.type = KDBUS_POLICY_ACCESS_WORLD;
1798 n->policy_access.access = bus_kernel_translate_access(world_policy);
1803 (activating ? KDBUS_HELLO_ACTIVATOR : KDBUS_HELLO_POLICY_HOLDER) |
1804 (accept_fd ? KDBUS_HELLO_ACCEPT_FD : 0);
1805 hello->pool_size = KDBUS_POOL_SIZE;
1806 hello->attach_flags_send = _KDBUS_ATTACH_ANY;
1807 hello->attach_flags_recv = _KDBUS_ATTACH_ANY;
1809 if (ioctl(fd, KDBUS_CMD_HELLO, hello) < 0)
1812 /* not interested in any output values */
1813 cmd_free.offset = hello->offset;
1814 (void) ioctl(fd, KDBUS_CMD_FREE, &cmd_free);
1816 /* The higher 32bit of the bus_flags fields are considered
1817 * 'incompatible flags'. Refuse them all for now. */
1818 if (hello->bus_flags > 0xFFFFFFFFULL)
1824 int bus_kernel_try_close(sd_bus *bus) {
1826 assert(bus->is_kernel);
1828 if (ioctl(bus->input_fd, KDBUS_CMD_BYEBYE) < 0)
1834 int bus_kernel_drop_one(int fd) {
1835 struct kdbus_cmd_recv recv = {
1836 .size = sizeof(recv),
1837 .flags = KDBUS_RECV_DROP,
1842 if (ioctl(fd, KDBUS_CMD_RECV, &recv) < 0)
1848 int bus_kernel_realize_attach_flags(sd_bus *bus) {
1849 struct kdbus_cmd_update *update;
1850 struct kdbus_item *n;
1853 assert(bus->is_kernel);
1855 update = alloca0_align(offsetof(struct kdbus_cmd_update, items) +
1856 ALIGN8(offsetof(struct kdbus_item, data64) + sizeof(uint64_t)),
1860 n->type = KDBUS_ITEM_ATTACH_FLAGS_RECV;
1861 n->size = offsetof(struct kdbus_item, data64) + sizeof(uint64_t);
1862 n->data64[0] = bus->attach_flags;
1865 offsetof(struct kdbus_cmd_update, items) +
1868 if (ioctl(bus->input_fd, KDBUS_CMD_CONN_UPDATE, update) < 0)
1874 int bus_kernel_fix_attach_mask(void) {
1875 _cleanup_free_ char *mask = NULL;
1876 uint64_t m = (uint64_t) -1;
1880 /* By default we don't want any kdbus metadata fields to be
1881 * suppressed, hence we reset the kernel mask for it to
1882 * (uint64_t) -1. This is overridable via a kernel command
1883 * line option, however. */
1885 r = get_proc_cmdline_key("systemd.kdbus_attach_flags_mask=", &mask);
1887 return log_warning_errno(r, "Failed to read kernel command line: %m");
1890 const char *p = mask;
1892 if (startswith(p, "0x"))
1895 if (sscanf(p, "%" PRIx64, &m) != 1)
1896 log_warning("Couldn't parse systemd.kdbus_attach_flags_mask= kernel command line parameter.");
1899 sprintf(buf, "0x%" PRIx64 "\n", m);
1900 r = write_string_file("/sys/module/kdbus/parameters/attach_flags_mask", buf);
1902 return log_full_errno(
1903 IN_SET(r, -ENOENT, -EROFS) ? LOG_DEBUG : LOG_WARNING, r,
1904 "Failed to write kdbus attach mask: %m");
1909 int bus_kernel_get_bus_name(sd_bus *bus, char **name) {
1910 struct kdbus_cmd_info cmd = {
1911 .size = sizeof(struct kdbus_cmd_info),
1913 struct kdbus_info *info;
1914 struct kdbus_item *item;
1920 assert(bus->is_kernel);
1922 r = ioctl(bus->input_fd, KDBUS_CMD_BUS_CREATOR_INFO, &cmd);
1926 info = (struct kdbus_info*) ((uint8_t*) bus->kdbus_buffer + cmd.offset);
1928 KDBUS_ITEM_FOREACH(item, info, items)
1929 if (item->type == KDBUS_ITEM_MAKE_NAME) {
1930 r = free_and_strdup(&n, item->str);
1934 bus_kernel_cmd_free(bus, cmd.offset);