sd-bus: add support for policy upload on activator connections

Activator connections may upload policy when registering to the bus.
This patch contains code to translate between BusNamePolicy objects and
the kdbus specific items.

3 files changed, 64 insertions, 7 deletions

diff --git a/src/core/busname.c b/src/core/busname.c
index 4806e741c..bd7d02d73 100644
--- a/src/core/busname.c
+++ b/src/core/busname.c
@@ -233,7 +233,8 @@ static int busname_open_fd(BusName *n) {
         if (n->starter_fd >= 0)
                 return 0;
 
-        n->starter_fd = bus_kernel_create_starter(UNIT(n)->manager->running_as == SYSTEMD_SYSTEM ? "system" : "user", n->name);
+        n->starter_fd = bus_kernel_create_starter(UNIT(n)->manager->running_as == SYSTEMD_SYSTEM ? "system" : "user",
+                                                  n->name, n->policy);
         if (n->starter_fd < 0) {
                 log_warning_unit(UNIT(n)->id, "Failed to create starter fd: %s", strerror(-n->starter_fd));
                 return n->starter_fd;
diff --git a/src/libsystemd/sd-bus/bus-kernel.c b/src/libsystemd/sd-bus/bus-kernel.c
index 362741131..2a1b0b424 100644
--- a/src/libsystemd/sd-bus/bus-kernel.c
+++ b/src/libsystemd/sd-bus/bus-kernel.c
@@ -1338,9 +1338,51 @@ int bus_kernel_create_bus(const char *name, bool world, char **s) {
         return fd;
 }
 
-int bus_kernel_create_starter(const char *bus, const char *name) {
+static void bus_kernel_translate_policy(const BusNamePolicy *policy, struct kdbus_item *item)
+{
+        switch (policy->type) {
+        case BUSNAME_POLICY_TYPE_USER:
+                item->policy_access.type = KDBUS_POLICY_ACCESS_USER;
+                item->policy_access.id = policy->uid;
+                break;
+
+        case BUSNAME_POLICY_TYPE_GROUP:
+                item->policy_access.type = KDBUS_POLICY_ACCESS_GROUP;
+                item->policy_access.id = policy->gid;
+                break;
+
+        case BUSNAME_POLICY_TYPE_WORLD:
+                item->policy_access.type = KDBUS_POLICY_ACCESS_WORLD;
+                break;
+
+        default:
+                assert_not_reached("Unknown policy type");
+        }
+
+        switch (policy->access) {
+        case BUSNAME_POLICY_ACCESS_SEE:
+                item->policy_access.access = KDBUS_POLICY_SEE;
+                break;
+
+        case BUSNAME_POLICY_ACCESS_TALK:
+                item->policy_access.access = KDBUS_POLICY_TALK;
+                break;
+
+        case BUSNAME_POLICY_ACCESS_OWN:
+                item->policy_access.access = KDBUS_POLICY_OWN;
+                break;
+
+        default:
+                assert_not_reached("Unknown policy access");
+        }
+}
+
+int bus_kernel_create_starter(const char *bus, const char *name, BusNamePolicy *policy) {
         struct kdbus_cmd_hello *hello;
         struct kdbus_item *n;
+        size_t policy_cnt = 0;
+        BusNamePolicy *po;
+        size_t size;
         char *p;
         int fd;
 
@@ -1354,16 +1396,29 @@ int bus_kernel_create_starter(const char *bus, const char *name) {
         if (fd < 0)
                 return -errno;
 
-        hello = alloca0(ALIGN8(offsetof(struct kdbus_cmd_hello, items) +
-                               offsetof(struct kdbus_item, str) +
-                               strlen(name) + 1));
+        LIST_FOREACH(policy, po, policy)
+                policy_cnt++;
+
+        size = ALIGN8(offsetof(struct kdbus_cmd_hello, items)) +
+               ALIGN8(offsetof(struct kdbus_item, str) + strlen(name) + 1) +
+               policy_cnt * ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access));
+
+        hello = alloca0(size);
 
         n = hello->items;
         strcpy(n->str, name);
         n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
         n->type = KDBUS_ITEM_NAME;
+        n = KDBUS_ITEM_NEXT(n);
+
+        LIST_FOREACH(policy, po, policy) {
+                n->type = KDBUS_ITEM_POLICY_ACCESS;
+                n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
+                bus_kernel_translate_policy(po, n);
+                n = KDBUS_ITEM_NEXT(n);
+        }
 
-        hello->size = ALIGN8(offsetof(struct kdbus_cmd_hello, items) + n->size);
+        hello->size = size;
         hello->conn_flags = KDBUS_HELLO_ACTIVATOR;
         hello->pool_size = KDBUS_POOL_SIZE;
 
diff --git a/src/libsystemd/sd-bus/bus-kernel.h b/src/libsystemd/sd-bus/bus-kernel.h
index 8db418a14..c4722cbac 100644
--- a/src/libsystemd/sd-bus/bus-kernel.h
+++ b/src/libsystemd/sd-bus/bus-kernel.h
@@ -23,6 +23,7 @@
 
 #include <stdbool.h>
 
+#include "busname.h"
 #include "sd-bus.h"
 
 #define KDBUS_ITEM_NEXT(item) \
@@ -65,7 +66,7 @@ int bus_kernel_read_message(sd_bus *bus, bool hint_priority, int64_t priority);
 
 int bus_kernel_create_bus(const char *name, bool world, char **s);
 int bus_kernel_create_domain(const char *name, char **s);
-int bus_kernel_create_starter(const char *bus, const char *name);
+int bus_kernel_create_starter(const char *bus, const char *name, BusNamePolicy *policy);
 int bus_kernel_create_monitor(const char *bus);
 
 int bus_kernel_pop_memfd(sd_bus *bus, void **address, size_t *mapped, size_t *allocated);