Line data Source code
1 : /* SPDX-License-Identifier: LGPL-2.1+ */
2 : #pragma once
3 :
4 : #include <pthread.h>
5 : #include <sys/socket.h>
6 :
7 : #include "sd-bus.h"
8 :
9 : #include "bus-error.h"
10 : #include "bus-kernel.h"
11 : #include "bus-match.h"
12 : #include "def.h"
13 : #include "hashmap.h"
14 : #include "list.h"
15 : #include "prioq.h"
16 : #include "socket-util.h"
17 : #include "time-util.h"
18 :
19 : /* Note that we use the new /run prefix here (instead of /var/run) since we require them to be aliases and
20 : * that way we become independent of /var being mounted */
21 : #define DEFAULT_SYSTEM_BUS_ADDRESS "unix:path=/run/dbus/system_bus_socket"
22 : #define DEFAULT_USER_BUS_ADDRESS_FMT "unix:path=%s/bus"
23 :
24 : struct reply_callback {
25 : sd_bus_message_handler_t callback;
26 : usec_t timeout_usec; /* this is a relative timeout until we reach the BUS_HELLO state, and an absolute one right after */
27 : uint64_t cookie;
28 : unsigned prioq_idx;
29 : };
30 :
31 : struct filter_callback {
32 : sd_bus_message_handler_t callback;
33 :
34 : unsigned last_iteration;
35 :
36 : LIST_FIELDS(struct filter_callback, callbacks);
37 : };
38 :
39 : struct match_callback {
40 : sd_bus_message_handler_t callback;
41 : sd_bus_message_handler_t install_callback;
42 :
43 : sd_bus_slot *install_slot; /* The AddMatch() call */
44 :
45 : unsigned last_iteration;
46 :
47 : /* Don't dispatch this slot with with messages that arrived in any iteration before or at the this
48 : * one. We use this to ensure that matches don't apply "retroactively" and thus can confuse the
49 : * caller: matches will only match incoming messages from the moment on the match was installed. */
50 : uint64_t after;
51 :
52 : char *match_string;
53 :
54 : struct bus_match_node *match_node;
55 : };
56 :
57 : struct node {
58 : char *path;
59 : struct node *parent;
60 : LIST_HEAD(struct node, child);
61 : LIST_FIELDS(struct node, siblings);
62 :
63 : LIST_HEAD(struct node_callback, callbacks);
64 : LIST_HEAD(struct node_vtable, vtables);
65 : LIST_HEAD(struct node_enumerator, enumerators);
66 : LIST_HEAD(struct node_object_manager, object_managers);
67 : };
68 :
69 : struct node_callback {
70 : struct node *node;
71 :
72 : bool is_fallback:1;
73 : unsigned last_iteration;
74 :
75 : sd_bus_message_handler_t callback;
76 :
77 : LIST_FIELDS(struct node_callback, callbacks);
78 : };
79 :
80 : struct node_enumerator {
81 : struct node *node;
82 :
83 : sd_bus_node_enumerator_t callback;
84 :
85 : unsigned last_iteration;
86 :
87 : LIST_FIELDS(struct node_enumerator, enumerators);
88 : };
89 :
90 : struct node_object_manager {
91 : struct node *node;
92 :
93 : LIST_FIELDS(struct node_object_manager, object_managers);
94 : };
95 :
96 : struct node_vtable {
97 : struct node *node;
98 :
99 : bool is_fallback:1;
100 : unsigned last_iteration;
101 :
102 : char *interface;
103 : const sd_bus_vtable *vtable;
104 : sd_bus_object_find_t find;
105 :
106 : LIST_FIELDS(struct node_vtable, vtables);
107 : };
108 :
109 : struct vtable_member {
110 : const char *path;
111 : const char *interface;
112 : const char *member;
113 : struct node_vtable *parent;
114 : unsigned last_iteration;
115 : const sd_bus_vtable *vtable;
116 : };
117 :
118 : typedef enum BusSlotType {
119 : BUS_REPLY_CALLBACK,
120 : BUS_FILTER_CALLBACK,
121 : BUS_MATCH_CALLBACK,
122 : BUS_NODE_CALLBACK,
123 : BUS_NODE_ENUMERATOR,
124 : BUS_NODE_VTABLE,
125 : BUS_NODE_OBJECT_MANAGER,
126 : _BUS_SLOT_INVALID = -1,
127 : } BusSlotType;
128 :
129 : struct sd_bus_slot {
130 : unsigned n_ref;
131 : BusSlotType type:5;
132 :
133 : /* Slots can be "floating" or not. If they are not floating (the usual case) then they reference the bus object
134 : * they are associated with. This means the bus object stays allocated at least as long as there is a slot
135 : * around associated with it. If it is floating, then the slot's lifecycle is bound to the lifecycle of the
136 : * bus: it will be disconnected from the bus when the bus is destroyed, and it keeping the slot reffed hence
137 : * won't mean the bus stays reffed too. Internally this means the reference direction is reversed: floating
138 : * slots objects are referenced by the bus object, and not vice versa. */
139 : bool floating:1;
140 :
141 : bool match_added:1;
142 :
143 : sd_bus *bus;
144 : void *userdata;
145 : sd_bus_destroy_t destroy_callback;
146 :
147 : char *description;
148 :
149 : LIST_FIELDS(sd_bus_slot, slots);
150 :
151 : union {
152 : struct reply_callback reply_callback;
153 : struct filter_callback filter_callback;
154 : struct match_callback match_callback;
155 : struct node_callback node_callback;
156 : struct node_enumerator node_enumerator;
157 : struct node_object_manager node_object_manager;
158 : struct node_vtable node_vtable;
159 : };
160 : };
161 :
162 : enum bus_state {
163 : BUS_UNSET,
164 : BUS_WATCH_BIND, /* waiting for the socket to appear via inotify */
165 : BUS_OPENING, /* the kernel's connect() is still not ready */
166 : BUS_AUTHENTICATING, /* we are currently in the "SASL" authorization phase of dbus */
167 : BUS_HELLO, /* we are waiting for the Hello() response */
168 : BUS_RUNNING,
169 : BUS_CLOSING,
170 : BUS_CLOSED,
171 : _BUS_STATE_MAX,
172 : };
173 :
174 739 : static inline bool BUS_IS_OPEN(enum bus_state state) {
175 739 : return state > BUS_UNSET && state < BUS_CLOSING;
176 : }
177 :
178 : enum bus_auth {
179 : _BUS_AUTH_INVALID,
180 : BUS_AUTH_EXTERNAL,
181 : BUS_AUTH_ANONYMOUS
182 : };
183 :
184 : struct sd_bus {
185 : unsigned n_ref;
186 :
187 : enum bus_state state;
188 : int input_fd, output_fd;
189 : int inotify_fd;
190 : int message_version;
191 : int message_endian;
192 :
193 : bool can_fds:1;
194 : bool bus_client:1;
195 : bool ucred_valid:1;
196 : bool is_server:1;
197 : bool anonymous_auth:1;
198 : bool prefer_readv:1;
199 : bool prefer_writev:1;
200 : bool match_callbacks_modified:1;
201 : bool filter_callbacks_modified:1;
202 : bool nodes_modified:1;
203 : bool trusted:1;
204 : bool manual_peer_interface:1;
205 : bool is_system:1;
206 : bool is_user:1;
207 : bool allow_interactive_authorization:1;
208 : bool exit_on_disconnect:1;
209 : bool exited:1;
210 : bool exit_triggered:1;
211 : bool is_local:1;
212 : bool watch_bind:1;
213 : bool is_monitor:1;
214 : bool accept_fd:1;
215 : bool attach_timestamp:1;
216 : bool connected_signal:1;
217 : bool close_on_exit:1;
218 :
219 : signed int use_memfd:2;
220 :
221 : void *rbuffer;
222 : size_t rbuffer_size;
223 :
224 : sd_bus_message **rqueue;
225 : size_t rqueue_size;
226 : size_t rqueue_allocated;
227 :
228 : sd_bus_message **wqueue;
229 : size_t wqueue_size;
230 : size_t windex;
231 : size_t wqueue_allocated;
232 :
233 : uint64_t cookie;
234 : uint64_t read_counter; /* A counter for each incoming msg */
235 :
236 : char *unique_name;
237 : uint64_t unique_id;
238 :
239 : struct bus_match_node match_callbacks;
240 : Prioq *reply_callbacks_prioq;
241 : OrderedHashmap *reply_callbacks;
242 : LIST_HEAD(struct filter_callback, filter_callbacks);
243 :
244 : Hashmap *nodes;
245 : Hashmap *vtable_methods;
246 : Hashmap *vtable_properties;
247 :
248 : union sockaddr_union sockaddr;
249 : socklen_t sockaddr_size;
250 :
251 : pid_t nspid;
252 : char *machine;
253 :
254 : sd_id128_t server_id;
255 :
256 : char *address;
257 : unsigned address_index;
258 :
259 : int last_connect_error;
260 :
261 : enum bus_auth auth;
262 : unsigned auth_index;
263 : struct iovec auth_iovec[3];
264 : size_t auth_rbegin;
265 : char *auth_buffer;
266 : usec_t auth_timeout;
267 :
268 : struct ucred ucred;
269 : char *label;
270 : gid_t *groups;
271 : size_t n_groups;
272 :
273 : uint64_t creds_mask;
274 :
275 : int *fds;
276 : size_t n_fds;
277 :
278 : char *exec_path;
279 : char **exec_argv;
280 :
281 : /* We do locking around the memfd cache, since we want to
282 : * allow people to process a sd_bus_message in a different
283 : * thread then it was generated on and free it there. Since
284 : * adding something to the memfd cache might happen when a
285 : * message is released, we hence need to protect this bit with
286 : * a mutex. */
287 : pthread_mutex_t memfd_cache_mutex;
288 : struct memfd_cache memfd_cache[MEMFD_CACHE_MAX];
289 : unsigned n_memfd_cache;
290 :
291 : pid_t original_pid;
292 : pid_t busexec_pid;
293 :
294 : unsigned iteration_counter;
295 :
296 : sd_event_source *input_io_event_source;
297 : sd_event_source *output_io_event_source;
298 : sd_event_source *time_event_source;
299 : sd_event_source *quit_event_source;
300 : sd_event_source *inotify_event_source;
301 : sd_event *event;
302 : int event_priority;
303 :
304 : pid_t tid;
305 :
306 : sd_bus_message *current_message;
307 : sd_bus_slot *current_slot;
308 : sd_bus_message_handler_t current_handler;
309 : void *current_userdata;
310 :
311 : sd_bus **default_bus_ptr;
312 :
313 : char *description;
314 : char *patch_sender;
315 :
316 : sd_bus_track *track_queue;
317 :
318 : LIST_HEAD(sd_bus_slot, slots);
319 : LIST_HEAD(sd_bus_track, tracks);
320 :
321 : int *inotify_watches;
322 : size_t n_inotify_watches;
323 :
324 : /* zero means use value specified by $SYSTEMD_BUS_TIMEOUT= environment variable or built-in default */
325 : usec_t method_call_timeout;
326 : };
327 :
328 : /* For method calls we timeout at 25s, like in the D-Bus reference implementation */
329 : #define BUS_DEFAULT_TIMEOUT ((usec_t) (25 * USEC_PER_SEC))
330 :
331 : /* For the authentication phase we grant 90s, to provide extra room during boot, when RNGs and such are not filled up
332 : * with enough entropy yet and might delay the boot */
333 : #define BUS_AUTH_TIMEOUT ((usec_t) DEFAULT_TIMEOUT_USEC)
334 :
335 : #define BUS_WQUEUE_MAX (384*1024)
336 : #define BUS_RQUEUE_MAX (384*1024)
337 :
338 : #define BUS_MESSAGE_SIZE_MAX (128*1024*1024)
339 : #define BUS_AUTH_SIZE_MAX (64*1024)
340 : /* Note that the D-Bus specification states that bus paths shall have no size limit. We enforce here one
341 : * anyway, since truly unbounded strings are a security problem. The limit we pick is relatively large however,
342 : * to not clash unnecessarily with real-life applications. */
343 : #define BUS_PATH_SIZE_MAX (64*1024)
344 :
345 : #define BUS_CONTAINER_DEPTH 128
346 :
347 : /* Defined by the specification as maximum size of an array in bytes */
348 : #define BUS_ARRAY_MAX_SIZE 67108864
349 :
350 : #define BUS_FDS_MAX 1024
351 :
352 : #define BUS_EXEC_ARGV_MAX 256
353 :
354 : bool interface_name_is_valid(const char *p) _pure_;
355 : bool service_name_is_valid(const char *p) _pure_;
356 : bool member_name_is_valid(const char *p) _pure_;
357 : bool object_path_is_valid(const char *p) _pure_;
358 : char *object_path_startswith(const char *a, const char *b) _pure_;
359 :
360 : bool namespace_complex_pattern(const char *pattern, const char *value) _pure_;
361 : bool path_complex_pattern(const char *pattern, const char *value) _pure_;
362 :
363 : bool namespace_simple_pattern(const char *pattern, const char *value) _pure_;
364 : bool path_simple_pattern(const char *pattern, const char *value) _pure_;
365 :
366 : int bus_message_type_from_string(const char *s, uint8_t *u) _pure_;
367 : const char *bus_message_type_to_string(uint8_t u) _pure_;
368 :
369 : #define error_name_is_valid interface_name_is_valid
370 :
371 : sd_bus *bus_resolve(sd_bus *bus);
372 :
373 : int bus_ensure_running(sd_bus *bus);
374 : int bus_start_running(sd_bus *bus);
375 : int bus_next_address(sd_bus *bus);
376 :
377 : int bus_seal_synthetic_message(sd_bus *b, sd_bus_message *m);
378 :
379 : int bus_rqueue_make_room(sd_bus *bus);
380 :
381 : bool bus_pid_changed(sd_bus *bus);
382 :
383 : char *bus_address_escape(const char *v);
384 :
385 : int bus_attach_io_events(sd_bus *b);
386 : int bus_attach_inotify_event(sd_bus *b);
387 :
388 : void bus_close_inotify_fd(sd_bus *b);
389 : void bus_close_io_fds(sd_bus *b);
390 :
391 : #define OBJECT_PATH_FOREACH_PREFIX(prefix, path) \
392 : for (char *_slash = ({ strcpy((prefix), (path)); streq((prefix), "/") ? NULL : strrchr((prefix), '/'); }) ; \
393 : _slash && ((_slash[(_slash) == (prefix)] = 0), true); \
394 : _slash = streq((prefix), "/") ? NULL : strrchr((prefix), '/'))
395 :
396 : /* If we are invoking callbacks of a bus object, ensure unreffing the
397 : * bus from the callback doesn't destroy the object we are working on */
398 : #define BUS_DONT_DESTROY(bus) \
399 : _cleanup_(sd_bus_unrefp) _unused_ sd_bus *_dont_destroy_##bus = sd_bus_ref(bus)
400 :
401 : int bus_set_address_system(sd_bus *bus);
402 : int bus_set_address_user(sd_bus *bus);
403 : int bus_set_address_system_remote(sd_bus *b, const char *host);
404 : int bus_set_address_system_machine(sd_bus *b, const char *machine);
405 :
406 : int bus_maybe_reply_error(sd_bus_message *m, int r, sd_bus_error *error);
407 :
408 : #define bus_assert_return(expr, r, error) \
409 : do { \
410 : if (!assert_log(expr, #expr)) \
411 : return sd_bus_error_set_errno(error, r); \
412 : } while (false)
413 :
414 : void bus_enter_closing(sd_bus *bus);
415 :
416 : void bus_set_state(sd_bus *bus, enum bus_state state);
|
