diff options
Diffstat (limited to 'meta-security/recipes-core/dbus-cynara/dbus-cynara')
9 files changed, 712 insertions, 1197 deletions
diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0001-Fix-memleak-in-GetConnectionCredentials-handler.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0001-Fix-memleak-in-GetConnectionCredentials-handler.patch deleted file mode 100644 index 271ac48a1..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0001-Fix-memleak-in-GetConnectionCredentials-handler.patch +++ /dev/null @@ -1,32 +0,0 @@ -From eacdc525a1f7bfc534e248a5a946c08b6f4aab35 Mon Sep 17 00:00:00 2001 -From: Jacek Bukarewicz <j.bukarewicz@samsung.com> -Date: Wed, 17 Jun 2015 18:53:41 +0100 -Subject: [PATCH 1/8] Fix memleak in GetConnectionCredentials handler - -Reply message was not unreferenced when GetConnectionCredentials -handler was successful. - -Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com> -[smcv: changed bus_message_unref() to dbus_message_unref()] -Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> -Bug: https://bugs.freedesktop.org/show_bug.cgi?id=91008 ---- - bus/driver.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/bus/driver.c b/bus/driver.c -index f5d3ebe..888c7ca 100644 ---- a/bus/driver.c -+++ b/bus/driver.c -@@ -1613,6 +1613,8 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, - goto oom; - } - -+ dbus_message_unref (reply); -+ - return TRUE; - - oom: --- -2.1.4 - diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0004-Integration-of-Cynara-asynchronous-security-checks.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0001-Integration-of-Cynara-asynchronous-security-checks.patch index 70d5fc9d7..6a7e8a39d 100644 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0004-Integration-of-Cynara-asynchronous-security-checks.patch +++ b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0001-Integration-of-Cynara-asynchronous-security-checks.patch @@ -1,7 +1,10 @@ -From 4dcfb02f17247ff9de966b62182cd2e08f301238 Mon Sep 17 00:00:00 2001 +From 8f69153081140fa4c347ab1729c348ec77b309ec Mon Sep 17 00:00:00 2001 From: Jacek Bukarewicz <j.bukarewicz@samsung.com> Date: Thu, 27 Nov 2014 18:11:05 +0100 -Subject: [PATCH 4/8] Integration of Cynara asynchronous security checks +Subject: [PATCH 1/5] Integration of Cynara asynchronous security checks +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit This commit introduces basic framework for asynchronous policy checks and Cynara integration code. Functions for checking security @@ -13,30 +16,35 @@ done in such situation. Proper handling of such case will be implemented in subsequent commits. Currently such return value results in message denial. +Cherry picked from 4dcfb02f17247ff9de966b62182cd2e08f301238 +by José Bollo. + Change-Id: I9bcbce34577e5dc2a3cecf6233a0a2b0e43e1108 +Signed-off-by: José Bollo <jose.bollo@iot.bzh> --- bus/Makefile.am | 6 + - bus/bus.c | 134 +++++--- - bus/bus.h | 58 ++-- - bus/check.c | 215 ++++++++++++ + bus/bus.c | 136 +++++--- + bus/bus.h | 32 +- + bus/check.c | 217 ++++++++++++ bus/check.h | 68 ++++ bus/config-parser-common.c | 6 + bus/config-parser-common.h | 1 + bus/config-parser.c | 71 +++- bus/connection.c | 56 ++- - bus/connection.h | 5 + + bus/connection.h | 4 + bus/cynara.c | 374 +++++++++++++++++++++ bus/cynara.h | 37 ++ - bus/dispatch.c | 51 ++- + bus/dispatch.c | 44 ++- bus/policy.c | 193 +++++++---- bus/policy.h | 51 ++- - configure.ac | 13 + + configure.ac | 12 + test/Makefile.am | 1 + test/data/invalid-config-files/badcheck-1.conf | 9 + test/data/invalid-config-files/badcheck-2.conf | 9 + test/data/valid-config-files/check-1.conf | 9 + .../valid-config-files/debug-check-some.conf.in | 18 + - 22 files changed, 1211 insertions(+), 180 deletions(-) + tools/dbus-send.c | 2 +- + 22 files changed, 1193 insertions(+), 163 deletions(-) create mode 100644 bus/check.c create mode 100644 bus/check.h create mode 100644 bus/cynara.c @@ -47,10 +55,10 @@ Change-Id: I9bcbce34577e5dc2a3cecf6233a0a2b0e43e1108 create mode 100644 test/data/valid-config-files/debug-check-some.conf.in diff --git a/bus/Makefile.am b/bus/Makefile.am -index f335e30..b057d6b 100644 +index 33af09b0..3f57cc48 100644 --- a/bus/Makefile.am +++ b/bus/Makefile.am -@@ -7,6 +7,7 @@ DBUS_BUS_LIBS = \ +@@ -9,6 +9,7 @@ DBUS_BUS_LIBS = \ $(THREAD_LIBS) \ $(ADT_LIBS) \ $(NETWORK_libs) \ @@ -58,16 +66,16 @@ index f335e30..b057d6b 100644 $(NULL) DBUS_LAUNCHER_LIBS = \ -@@ -21,6 +22,7 @@ AM_CPPFLAGS = \ - -DDBUS_SYSTEM_CONFIG_FILE=\""$(configdir)/system.conf"\" \ +@@ -24,6 +25,7 @@ AM_CPPFLAGS = \ + $(APPARMOR_CFLAGS) \ + -DDBUS_SYSTEM_CONFIG_FILE=\""$(dbusdatadir)/system.conf"\" \ -DDBUS_COMPILATION \ - -DDBUS_STATIC_BUILD \ + $(CYNARA_CFLAGS) \ $(NULL) # if assertions are enabled, improve backtraces -@@ -60,12 +62,16 @@ BUS_SOURCES= \ - activation-exit-codes.h \ +@@ -82,12 +84,16 @@ BUS_SOURCES= \ + audit.h \ bus.c \ bus.h \ + check.c \ @@ -84,18 +92,18 @@ index f335e30..b057d6b 100644 desktop-file.h \ $(DIR_WATCH_SOURCE) \ diff --git a/bus/bus.c b/bus/bus.c -index f0d980e..ac9ea8d 100644 +index fd4ab9e4..c4008505 100644 --- a/bus/bus.c +++ b/bus/bus.c -@@ -35,6 +35,7 @@ - #include "signals.h" - #include "selinux.h" +@@ -37,6 +37,7 @@ + #include "apparmor.h" + #include "audit.h" #include "dir-watch.h" +#include "check.h" #include <dbus/dbus-list.h> #include <dbus/dbus-hash.h> #include <dbus/dbus-credentials.h> -@@ -63,6 +64,7 @@ struct BusContext +@@ -65,6 +66,7 @@ struct BusContext BusRegistry *registry; BusPolicy *policy; BusMatchmaker *matchmaker; @@ -103,8 +111,8 @@ index f0d980e..ac9ea8d 100644 BusLimits limits; DBusRLimit *initial_fd_limit; unsigned int fork : 1; -@@ -962,6 +964,10 @@ bus_context_new (const DBusString *config_file, - #endif +@@ -988,6 +990,10 @@ bus_context_new (const DBusString *config_file, + parser = NULL; } + context->check = bus_check_new(context, error); @@ -114,7 +122,7 @@ index f0d980e..ac9ea8d 100644 dbus_server_free_data_slot (&server_data_slot); return context; -@@ -1086,6 +1092,12 @@ bus_context_unref (BusContext *context) +@@ -1112,6 +1118,12 @@ bus_context_unref (BusContext *context) bus_context_shutdown (context); @@ -127,7 +135,7 @@ index f0d980e..ac9ea8d 100644 if (context->connections) { bus_connections_unref (context->connections); -@@ -1215,6 +1227,12 @@ bus_context_get_loop (BusContext *context) +@@ -1241,6 +1253,12 @@ bus_context_get_loop (BusContext *context) return context->loop; } @@ -140,7 +148,7 @@ index f0d980e..ac9ea8d 100644 dbus_bool_t bus_context_allow_unix_user (BusContext *context, unsigned long uid) -@@ -1386,6 +1404,7 @@ complain_about_message (BusContext *context, +@@ -1456,6 +1474,7 @@ complain_about_message (BusContext *context, DBusConnection *proposed_recipient, dbus_bool_t requested_reply, dbus_bool_t log, @@ -148,7 +156,7 @@ index f0d980e..ac9ea8d 100644 DBusError *error) { DBusError stack_error = DBUS_ERROR_INIT; -@@ -1415,7 +1434,8 @@ complain_about_message (BusContext *context, +@@ -1485,7 +1504,8 @@ complain_about_message (BusContext *context, dbus_set_error (&stack_error, error_name, "%s, %d matched rules; type=\"%s\", sender=\"%s\" (%s) " "interface=\"%s\" member=\"%s\" error name=\"%s\" " @@ -158,7 +166,7 @@ index f0d980e..ac9ea8d 100644 complaint, matched_rules, dbus_message_type_to_string (dbus_message_get_type (message)), -@@ -1426,7 +1446,8 @@ complain_about_message (BusContext *context, +@@ -1496,7 +1516,8 @@ complain_about_message (BusContext *context, nonnull (dbus_message_get_error_name (message), "(unset)"), requested_reply, nonnull (dbus_message_get_destination (message), DBUS_SERVICE_DBUS), @@ -168,7 +176,7 @@ index f0d980e..ac9ea8d 100644 /* If we hit OOM while setting the error, this will syslog "out of memory" * which is itself an indication that something is seriously wrong */ -@@ -1450,14 +1471,15 @@ complain_about_message (BusContext *context, +@@ -1520,14 +1541,15 @@ complain_about_message (BusContext *context, * NULL for addressed_recipient may mean the bus driver, or may mean * no destination was specified in the message (e.g. a signal). */ @@ -190,17 +198,17 @@ index f0d980e..ac9ea8d 100644 + DBusError *error, + BusDeferredMessage **deferred_message) { - const char *dest; + const char *src, *dest; BusClientPolicy *sender_policy; -@@ -1466,6 +1488,7 @@ bus_context_check_security_policy (BusContext *context, +@@ -1536,6 +1558,7 @@ bus_context_check_security_policy (BusContext *context, dbus_bool_t log; int type; dbus_bool_t requested_reply; + const char *privilege; type = dbus_message_get_type (message); - dest = dbus_message_get_destination (message); -@@ -1493,7 +1516,7 @@ bus_context_check_security_policy (BusContext *context, + src = dbus_message_get_sender (message); +@@ -1564,7 +1587,7 @@ bus_context_check_security_policy (BusContext *context, dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, "Message bus will not accept messages of unknown type\n"); @@ -209,7 +217,16 @@ index f0d980e..ac9ea8d 100644 } requested_reply = FALSE; -@@ -1517,11 +1540,11 @@ bus_context_check_security_policy (BusContext *context, +@@ -1594,7 +1617,7 @@ bus_context_check_security_policy (BusContext *context, + if (dbus_error_is_set (&error2)) + { + dbus_move_error (&error2, error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + } + } +@@ -1621,11 +1644,11 @@ bus_context_check_security_policy (BusContext *context, complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, "An SELinux policy prevents this sender from sending this " "message to this recipient", @@ -222,17 +239,17 @@ index f0d980e..ac9ea8d 100644 + return BUS_RESULT_FALSE; } - if (bus_connection_is_active (sender)) -@@ -1547,7 +1570,7 @@ bus_context_check_security_policy (BusContext *context, - if (dbus_error_is_set (&error2)) - { - dbus_move_error (&error2, error); -- return FALSE; -+ return BUS_RESULT_FALSE; - } - } - } -@@ -1564,7 +1587,7 @@ bus_context_check_security_policy (BusContext *context, + /* next verify AppArmor access controls. If allowed then +@@ -1642,7 +1665,7 @@ bus_context_check_security_policy (BusContext *context, + dest ? dest : DBUS_SERVICE_DBUS, + src ? src : DBUS_SERVICE_DBUS, + error)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + if (!bus_connection_is_active (sender)) + { +@@ -1656,7 +1679,7 @@ bus_context_check_security_policy (BusContext *context, { _dbus_verbose ("security check allowing %s message\n", "Hello"); @@ -241,7 +258,7 @@ index f0d980e..ac9ea8d 100644 } else { -@@ -1575,7 +1598,7 @@ bus_context_check_security_policy (BusContext *context, +@@ -1667,7 +1690,7 @@ bus_context_check_security_policy (BusContext *context, "Client tried to send a message other than %s without being registered", "Hello"); @@ -250,7 +267,7 @@ index f0d980e..ac9ea8d 100644 } } } -@@ -1624,20 +1647,29 @@ bus_context_check_security_policy (BusContext *context, +@@ -1716,20 +1739,29 @@ bus_context_check_security_policy (BusContext *context, (proposed_recipient == NULL && recipient_policy == NULL)); log = FALSE; @@ -294,7 +311,7 @@ index f0d980e..ac9ea8d 100644 if (log) { -@@ -1646,23 +1678,29 @@ bus_context_check_security_policy (BusContext *context, +@@ -1738,23 +1770,29 @@ bus_context_check_security_policy (BusContext *context, complain_about_message (context, DBUS_ERROR_ACCESS_DENIED, "Would reject message", toggles, message, sender, proposed_recipient, requested_reply, @@ -338,7 +355,7 @@ index f0d980e..ac9ea8d 100644 } /* See if limits on size have been exceeded */ -@@ -1672,10 +1710,10 @@ bus_context_check_security_policy (BusContext *context, +@@ -1764,10 +1802,10 @@ bus_context_check_security_policy (BusContext *context, { complain_about_message (context, DBUS_ERROR_LIMITS_EXCEEDED, "Rejected: destination has a full message queue", @@ -351,7 +368,7 @@ index f0d980e..ac9ea8d 100644 } /* Record that we will allow a reply here in the future (don't -@@ -1692,11 +1730,11 @@ bus_context_check_security_policy (BusContext *context, +@@ -1784,11 +1822,11 @@ bus_context_check_security_policy (BusContext *context, message, error)) { _dbus_verbose ("Failed to record reply expectation or problem with the message expecting a reply\n"); @@ -366,42 +383,16 @@ index f0d980e..ac9ea8d 100644 void diff --git a/bus/bus.h b/bus/bus.h -index dac6ea5..78084dd 100644 +index 3fab59ff..dab7791f 100644 --- a/bus/bus.h +++ b/bus/bus.h -@@ -30,19 +30,35 @@ - #include <dbus/dbus-pipe.h> - #include <dbus/dbus-sysdeps.h> - --typedef struct BusActivation BusActivation; --typedef struct BusConnections BusConnections; --typedef struct BusContext BusContext; --typedef struct BusPolicy BusPolicy; --typedef struct BusClientPolicy BusClientPolicy; --typedef struct BusPolicyRule BusPolicyRule; --typedef struct BusRegistry BusRegistry; --typedef struct BusSELinuxID BusSELinuxID; --typedef struct BusService BusService; --typedef struct BusOwner BusOwner; --typedef struct BusTransaction BusTransaction; --typedef struct BusMatchmaker BusMatchmaker; --typedef struct BusMatchRule BusMatchRule; -+typedef struct BusActivation BusActivation; -+typedef struct BusConnections BusConnections; -+typedef struct BusContext BusContext; -+typedef struct BusPolicy BusPolicy; -+typedef struct BusClientPolicy BusClientPolicy; -+typedef struct BusPolicyRule BusPolicyRule; -+typedef struct BusRegistry BusRegistry; -+typedef struct BusSELinuxID BusSELinuxID; -+typedef struct BusService BusService; -+typedef struct BusOwner BusOwner; -+typedef struct BusTransaction BusTransaction; -+typedef struct BusMatchmaker BusMatchmaker; -+typedef struct BusMatchRule BusMatchRule; -+typedef struct BusCheck BusCheck; +@@ -44,6 +44,22 @@ typedef struct BusOwner BusOwner; + typedef struct BusTransaction BusTransaction; + typedef struct BusMatchmaker BusMatchmaker; + typedef struct BusMatchRule BusMatchRule; ++typedef struct BusCheck BusCheck; +typedef struct BusDeferredMessage BusDeferredMessage; -+typedef struct BusCynara BusCynara; ++typedef struct BusCynara BusCynara; + +/** + * BusResult is defined as a pointer to a dummy structure to allow detection of type mismatches. @@ -418,7 +409,7 @@ index dac6ea5..78084dd 100644 typedef struct { -@@ -96,6 +112,7 @@ BusConnections* bus_context_get_connections (BusContext +@@ -97,6 +113,7 @@ BusConnections* bus_context_get_connections (BusContext BusActivation* bus_context_get_activation (BusContext *context); BusMatchmaker* bus_context_get_matchmaker (BusContext *context); DBusLoop* bus_context_get_loop (BusContext *context); @@ -426,10 +417,10 @@ index dac6ea5..78084dd 100644 dbus_bool_t bus_context_allow_unix_user (BusContext *context, unsigned long uid); dbus_bool_t bus_context_allow_windows_user (BusContext *context, -@@ -121,13 +138,14 @@ void bus_context_log (BusContext - DBusSystemLogSeverity severity, +@@ -131,13 +148,14 @@ void bus_context_log_and_set_error (BusContext + const char *name, const char *msg, - ...); + ...) _DBUS_GNUC_PRINTF (5, 6); -dbus_bool_t bus_context_check_security_policy (BusContext *context, - BusTransaction *transaction, - DBusConnection *sender, @@ -437,7 +428,6 @@ index dac6ea5..78084dd 100644 - DBusConnection *proposed_recipient, - DBusMessage *message, - DBusError *error); - void bus_context_check_all_watches (BusContext *context); +BusResult bus_context_check_security_policy (BusContext *context, + BusTransaction *transaction, + DBusConnection *sender, @@ -446,14 +436,15 @@ index dac6ea5..78084dd 100644 + DBusMessage *message, + DBusError *error, + BusDeferredMessage **deferred_message); + void bus_context_check_all_watches (BusContext *context); #endif /* BUS_BUS_H */ diff --git a/bus/check.c b/bus/check.c new file mode 100644 -index 0000000..d2f418a +index 00000000..5b72d31c --- /dev/null +++ b/bus/check.c -@@ -0,0 +1,215 @@ +@@ -0,0 +1,217 @@ +/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ +/* check.c Bus security policy runtime check + * @@ -581,7 +572,9 @@ index 0000000..d2f418a + BusDeferredMessage **deferred_message) +{ + BusResult result = BUS_RESULT_FALSE; ++#ifdef DBUS_ENABLE_CYNARA + BusCynara *cynara; ++#endif + DBusConnection *connection; + + connection = check_type == BUS_DEFERRED_MESSAGE_CHECK_RECEIVE ? proposed_recipient : sender; @@ -671,7 +664,7 @@ index 0000000..d2f418a +} diff --git a/bus/check.h b/bus/check.h new file mode 100644 -index 0000000..c3fcaf9 +index 00000000..c3fcaf90 --- /dev/null +++ b/bus/check.h @@ -0,0 +1,68 @@ @@ -744,7 +737,7 @@ index 0000000..c3fcaf9 + BusResult result); +#endif /* BUS_CHECK_H */ diff --git a/bus/config-parser-common.c b/bus/config-parser-common.c -index c522ff4..1cfe4c8 100644 +index 5db6b289..ea25f5e6 100644 --- a/bus/config-parser-common.c +++ b/bus/config-parser-common.c @@ -75,6 +75,10 @@ bus_config_parser_element_name_to_type (const char *name) @@ -758,7 +751,7 @@ index c522ff4..1cfe4c8 100644 else if (strcmp (name, "servicehelper") == 0) { return ELEMENT_SERVICEHELPER; -@@ -155,6 +159,8 @@ bus_config_parser_element_type_to_name (ElementType type) +@@ -159,6 +163,8 @@ bus_config_parser_element_type_to_name (ElementType type) return "allow"; case ELEMENT_DENY: return "deny"; @@ -768,7 +761,7 @@ index c522ff4..1cfe4c8 100644 return "fork"; case ELEMENT_PIDFILE: diff --git a/bus/config-parser-common.h b/bus/config-parser-common.h -index 186bf4c..bff6fdb 100644 +index 382a0141..9e026d10 100644 --- a/bus/config-parser-common.h +++ b/bus/config-parser-common.h @@ -36,6 +36,7 @@ typedef enum @@ -780,10 +773,10 @@ index 186bf4c..bff6fdb 100644 ELEMENT_PIDFILE, ELEMENT_SERVICEDIR, diff --git a/bus/config-parser.c b/bus/config-parser.c -index ee2d4e7..73c9e6f 100644 +index d9f6042c..a8c4ca5d 100644 --- a/bus/config-parser.c +++ b/bus/config-parser.c -@@ -1150,7 +1150,7 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1172,7 +1172,7 @@ append_rule_from_element (BusConfigParser *parser, const char *element_name, const char **attribute_names, const char **attribute_values, @@ -792,7 +785,7 @@ index ee2d4e7..73c9e6f 100644 DBusError *error) { const char *log; -@@ -1173,6 +1173,7 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1195,6 +1195,7 @@ append_rule_from_element (BusConfigParser *parser, const char *own_prefix; const char *user; const char *group; @@ -800,7 +793,7 @@ index ee2d4e7..73c9e6f 100644 BusPolicyRule *rule; -@@ -1200,6 +1201,7 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1222,6 +1223,7 @@ append_rule_from_element (BusConfigParser *parser, "user", &user, "group", &group, "log", &log, @@ -808,7 +801,7 @@ index ee2d4e7..73c9e6f 100644 NULL)) return FALSE; -@@ -1208,6 +1210,7 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1230,6 +1232,7 @@ append_rule_from_element (BusConfigParser *parser, receive_interface || receive_member || receive_error || receive_sender || receive_type || receive_path || eavesdrop || send_requested_reply || receive_requested_reply || @@ -816,7 +809,7 @@ index ee2d4e7..73c9e6f 100644 own || own_prefix || user || group)) { dbus_set_error (error, DBUS_ERROR_FAILED, -@@ -1224,7 +1227,30 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1246,7 +1249,30 @@ append_rule_from_element (BusConfigParser *parser, element_name); return FALSE; } @@ -848,7 +841,7 @@ index ee2d4e7..73c9e6f 100644 /* Allowed combinations of elements are: * * base, must be all send or all receive: -@@ -1398,7 +1424,7 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1420,7 +1446,7 @@ append_rule_from_element (BusConfigParser *parser, return FALSE; } @@ -857,7 +850,7 @@ index ee2d4e7..73c9e6f 100644 if (rule == NULL) goto nomem; -@@ -1480,7 +1506,7 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1502,7 +1528,7 @@ append_rule_from_element (BusConfigParser *parser, return FALSE; } @@ -866,7 +859,7 @@ index ee2d4e7..73c9e6f 100644 if (rule == NULL) goto nomem; -@@ -1510,7 +1536,7 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1532,7 +1558,7 @@ append_rule_from_element (BusConfigParser *parser, } else if (own || own_prefix) { @@ -875,7 +868,7 @@ index ee2d4e7..73c9e6f 100644 if (rule == NULL) goto nomem; -@@ -1536,7 +1562,7 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1558,7 +1584,7 @@ append_rule_from_element (BusConfigParser *parser, { if (IS_WILDCARD (user)) { @@ -884,7 +877,7 @@ index ee2d4e7..73c9e6f 100644 if (rule == NULL) goto nomem; -@@ -1551,7 +1577,7 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1573,7 +1599,7 @@ append_rule_from_element (BusConfigParser *parser, if (_dbus_parse_unix_user_from_config (&username, &uid)) { @@ -893,7 +886,7 @@ index ee2d4e7..73c9e6f 100644 if (rule == NULL) goto nomem; -@@ -1568,7 +1594,7 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1590,7 +1616,7 @@ append_rule_from_element (BusConfigParser *parser, { if (IS_WILDCARD (group)) { @@ -902,7 +895,7 @@ index ee2d4e7..73c9e6f 100644 if (rule == NULL) goto nomem; -@@ -1583,7 +1609,7 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1605,7 +1631,7 @@ append_rule_from_element (BusConfigParser *parser, if (_dbus_parse_unix_group_from_config (&groupname, &gid)) { @@ -911,7 +904,7 @@ index ee2d4e7..73c9e6f 100644 if (rule == NULL) goto nomem; -@@ -1607,6 +1633,10 @@ append_rule_from_element (BusConfigParser *parser, +@@ -1629,6 +1655,10 @@ append_rule_from_element (BusConfigParser *parser, _dbus_assert (pe != NULL); _dbus_assert (pe->type == ELEMENT_POLICY); @@ -922,7 +915,7 @@ index ee2d4e7..73c9e6f 100644 switch (pe->d.policy.type) { case POLICY_IGNORED: -@@ -1681,7 +1711,7 @@ start_policy_child (BusConfigParser *parser, +@@ -1703,7 +1733,7 @@ start_policy_child (BusConfigParser *parser, { if (!append_rule_from_element (parser, element_name, attribute_names, attribute_values, @@ -931,7 +924,7 @@ index ee2d4e7..73c9e6f 100644 return FALSE; if (push_element (parser, ELEMENT_ALLOW) == NULL) -@@ -1696,7 +1726,7 @@ start_policy_child (BusConfigParser *parser, +@@ -1718,7 +1748,7 @@ start_policy_child (BusConfigParser *parser, { if (!append_rule_from_element (parser, element_name, attribute_names, attribute_values, @@ -940,10 +933,12 @@ index ee2d4e7..73c9e6f 100644 return FALSE; if (push_element (parser, ELEMENT_DENY) == NULL) -@@ -1707,6 +1737,21 @@ start_policy_child (BusConfigParser *parser, +@@ -1727,6 +1757,21 @@ start_policy_child (BusConfigParser *parser, + return FALSE; + } - return TRUE; - } ++ return TRUE; ++ } + else if (strcmp (element_name, "check") == 0) + { + if (!append_rule_from_element (parser, element_name, @@ -957,12 +952,10 @@ index ee2d4e7..73c9e6f 100644 + return FALSE; + } + -+ return TRUE; -+ } + return TRUE; + } else - { - dbus_set_error (error, DBUS_ERROR_FAILED, -@@ -2066,6 +2111,7 @@ bus_config_parser_end_element (BusConfigParser *parser, +@@ -2088,6 +2133,7 @@ bus_config_parser_end_element (BusConfigParser *parser, case ELEMENT_POLICY: case ELEMENT_ALLOW: case ELEMENT_DENY: @@ -970,7 +963,7 @@ index ee2d4e7..73c9e6f 100644 case ELEMENT_FORK: case ELEMENT_SYSLOG: case ELEMENT_KEEP_UMASK: -@@ -2365,6 +2411,7 @@ bus_config_parser_content (BusConfigParser *parser, +@@ -2397,6 +2443,7 @@ bus_config_parser_content (BusConfigParser *parser, case ELEMENT_POLICY: case ELEMENT_ALLOW: case ELEMENT_DENY: @@ -978,7 +971,7 @@ index ee2d4e7..73c9e6f 100644 case ELEMENT_FORK: case ELEMENT_SYSLOG: case ELEMENT_KEEP_UMASK: -@@ -2829,6 +2876,8 @@ do_load (const DBusString *full_path, +@@ -2862,6 +2909,8 @@ do_load (const DBusString *full_path, dbus_error_init (&error); parser = bus_config_load (full_path, TRUE, NULL, &error); @@ -988,13 +981,13 @@ index ee2d4e7..73c9e6f 100644 { _DBUS_ASSERT_ERROR_IS_SET (&error); diff --git a/bus/connection.c b/bus/connection.c -index 7107434..a6d87e5 100644 +index 02d6c220..eea50ecd 100644 --- a/bus/connection.c +++ b/bus/connection.c -@@ -34,6 +34,10 @@ - #include <dbus/dbus-hash.h> +@@ -36,6 +36,10 @@ #include <dbus/dbus-timeout.h> #include <dbus/dbus-connection-internal.h> + #include <dbus/dbus-internals.h> +#ifdef DBUS_ENABLE_CYNARA +#include <stdlib.h> +#include <cynara-session.h> @@ -1002,17 +995,17 @@ index 7107434..a6d87e5 100644 /* Trim executed commands to this length; we want to keep logs readable */ #define MAX_LOG_COMMAND_LEN 50 -@@ -105,6 +109,9 @@ typedef struct - #endif - int n_pending_unix_fds; - DBusTimeout *pending_unix_fds_timeout; +@@ -116,6 +120,9 @@ typedef struct + + /** non-NULL if and only if this is a monitor */ + DBusList *link_in_monitors; +#ifdef DBUS_ENABLE_CYNARA + char *cynara_session_id; +#endif } BusConnectionData; static dbus_bool_t bus_pending_reply_expired (BusExpireList *list, -@@ -118,8 +125,8 @@ static dbus_bool_t expire_incomplete_timeout (void *data); +@@ -129,8 +136,8 @@ static dbus_bool_t expire_incomplete_timeout (void *data); #define BUS_CONNECTION_DATA(connection) (dbus_connection_get_data ((connection), connection_data_slot)) @@ -1023,7 +1016,7 @@ index 7107434..a6d87e5 100644 { BusConnectionData *d; -@@ -331,7 +338,7 @@ add_connection_watch (DBusWatch *watch, +@@ -354,7 +361,7 @@ add_connection_watch (DBusWatch *watch, { DBusConnection *connection = data; @@ -1032,7 +1025,7 @@ index 7107434..a6d87e5 100644 } static void -@@ -340,7 +347,7 @@ remove_connection_watch (DBusWatch *watch, +@@ -363,7 +370,7 @@ remove_connection_watch (DBusWatch *watch, { DBusConnection *connection = data; @@ -1041,7 +1034,7 @@ index 7107434..a6d87e5 100644 } static void -@@ -349,7 +356,7 @@ toggle_connection_watch (DBusWatch *watch, +@@ -372,7 +379,7 @@ toggle_connection_watch (DBusWatch *watch, { DBusConnection *connection = data; @@ -1050,7 +1043,7 @@ index 7107434..a6d87e5 100644 } static dbus_bool_t -@@ -358,7 +365,7 @@ add_connection_timeout (DBusTimeout *timeout, +@@ -381,7 +388,7 @@ add_connection_timeout (DBusTimeout *timeout, { DBusConnection *connection = data; @@ -1059,7 +1052,7 @@ index 7107434..a6d87e5 100644 } static void -@@ -367,7 +374,7 @@ remove_connection_timeout (DBusTimeout *timeout, +@@ -390,7 +397,7 @@ remove_connection_timeout (DBusTimeout *timeout, { DBusConnection *connection = data; @@ -1068,7 +1061,7 @@ index 7107434..a6d87e5 100644 } static void -@@ -425,6 +432,10 @@ free_connection_data (void *data) +@@ -451,6 +458,10 @@ free_connection_data (void *data) dbus_free (d->name); @@ -1079,7 +1072,7 @@ index 7107434..a6d87e5 100644 dbus_free (d); } -@@ -984,6 +995,22 @@ bus_connection_get_policy (DBusConnection *connection) +@@ -1063,6 +1074,22 @@ bus_connection_get_policy (DBusConnection *connection) return d->policy; } @@ -1102,38 +1095,44 @@ index 7107434..a6d87e5 100644 static dbus_bool_t foreach_active (BusConnections *connections, BusConnectionForeachFunction function, -@@ -2104,6 +2131,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction, - DBusConnection *connection, +@@ -2289,6 +2316,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction, DBusMessage *message) { + DBusError error = DBUS_ERROR_INIT; + BusResult res; + /* We have to set the sender to the driver, and have * to check security policy since it was not done in - * dispatch.c -@@ -2132,10 +2160,18 @@ bus_transaction_send_from_driver (BusTransaction *transaction, - /* If security policy doesn't allow the message, we silently - * eat it; the driver doesn't care about getting a reply. +@@ -2326,9 +2354,11 @@ bus_transaction_send_from_driver (BusTransaction *transaction, + * if we're actively capturing messages, it's nice to log that we + * tried to send it and did not allow ourselves to do so. */ - if (!bus_context_check_security_policy (bus_transaction_get_context (transaction), - transaction, -- NULL, connection, connection, message, NULL)) +- NULL, connection, connection, message, &error)) + res = bus_context_check_security_policy (bus_transaction_get_context (transaction), + transaction, -+ NULL, connection, connection, message, NULL, ++ NULL, connection, connection, message, &error, + NULL); -+ + if (res == BUS_RESULT_FALSE) - return TRUE; + { + if (!bus_transaction_capture_error_reply (transaction, &error, message)) + { +@@ -2342,6 +2372,12 @@ bus_transaction_send_from_driver (BusTransaction *transaction, + dbus_error_free (&error); + return TRUE; + } + else if (res == BUS_RESULT_LATER) + { + _dbus_verbose ("Cannot delay sending message from bus driver, dropping it\n"); ++ dbus_error_free (&error); + return TRUE; + } return bus_transaction_send (transaction, connection, message); } diff --git a/bus/connection.h b/bus/connection.h -index 6fbcd38..7433746 100644 +index 8c68d0a0..a6e5dfde 100644 --- a/bus/connection.h +++ b/bus/connection.h @@ -31,6 +31,7 @@ @@ -1144,20 +1143,19 @@ index 6fbcd38..7433746 100644 BusConnections* bus_connections_new (BusContext *context); BusConnections* bus_connections_ref (BusConnections *connections); -@@ -116,6 +117,10 @@ dbus_bool_t bus_connection_get_unix_groups (DBusConnection *connecti - DBusError *error); - BusClientPolicy* bus_connection_get_policy (DBusConnection *connection); - +@@ -122,6 +123,9 @@ dbus_bool_t bus_connection_be_monitor (DBusConnection *connection, + BusTransaction *transaction, + DBusList **rules, + DBusError *error); +#ifdef DBUS_ENABLE_CYNARA +const char *bus_connection_get_cynara_session_id (DBusConnection *connection); +#endif -+ + /* transaction API so we can send or not send a block of messages as a whole */ - typedef void (* BusTransactionCancelFunction) (void *data); diff --git a/bus/cynara.c b/bus/cynara.c new file mode 100644 -index 0000000..57a4c45 +index 00000000..57a4c45c --- /dev/null +++ b/bus/cynara.c @@ -0,0 +1,374 @@ @@ -1537,7 +1535,7 @@ index 0000000..57a4c45 +#endif /* DBUS_ENABLE_CYNARA */ diff --git a/bus/cynara.h b/bus/cynara.h new file mode 100644 -index 0000000..c4728bb +index 00000000..c4728bb7 --- /dev/null +++ b/bus/cynara.h @@ -0,0 +1,37 @@ @@ -1579,7 +1577,7 @@ index 0000000..c4728bb + BusDeferredMessageStatus check_type, + BusDeferredMessage **deferred_message); diff --git a/bus/dispatch.c b/bus/dispatch.c -index 7a61953..ce4076d 100644 +index edfa1b44..05be3bdf 100644 --- a/bus/dispatch.c +++ b/bus/dispatch.c @@ -25,6 +25,7 @@ @@ -1590,29 +1588,27 @@ index 7a61953..ce4076d 100644 #include "connection.h" #include "driver.h" #include "services.h" -@@ -56,13 +57,14 @@ send_one_message (DBusConnection *connection, - BusTransaction *transaction, +@@ -64,13 +65,17 @@ send_one_message (DBusConnection *connection, DBusError *error) { -- if (!bus_context_check_security_policy (context, transaction, -- sender, -- addressed_recipient, -- connection, -- message, -- NULL)) -- return TRUE; /* silently don't send it */ + DBusError stack_error = DBUS_ERROR_INIT; + BusDeferredMessage *deferred_message; + BusResult result; -+ -+ result = bus_context_check_security_policy (context, transaction, sender, addressed_recipient, -+ connection, message, NULL, &deferred_message); -+ -+ if (result != BUS_RESULT_TRUE) -+ return TRUE; /* silently don't send it */ - if (dbus_message_contains_unix_fds(message) && - !dbus_connection_can_send_type(connection, DBUS_TYPE_UNIX_FD)) -@@ -92,6 +94,7 @@ bus_dispatch_matches (BusTransaction *transaction, +- if (!bus_context_check_security_policy (context, transaction, ++ result = bus_context_check_security_policy (context, transaction, + sender, + addressed_recipient, + connection, + message, +- &stack_error)) ++ &stack_error, ++ &deferred_message); ++ if (result != BUS_RESULT_TRUE) + { + if (!bus_transaction_capture_error_reply (transaction, &stack_error, + message)) +@@ -129,6 +134,7 @@ bus_dispatch_matches (BusTransaction *transaction, BusMatchmaker *matchmaker; DBusList *link; BusContext *context; @@ -1620,7 +1616,7 @@ index 7a61953..ce4076d 100644 _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -107,11 +110,21 @@ bus_dispatch_matches (BusTransaction *transaction, +@@ -144,11 +150,21 @@ bus_dispatch_matches (BusTransaction *transaction, /* First, send the message to the addressed_recipient, if there is one. */ if (addressed_recipient != NULL) { @@ -1646,7 +1642,7 @@ index 7a61953..ce4076d 100644 if (dbus_message_contains_unix_fds (message) && !dbus_connection_can_send_type (addressed_recipient, -@@ -273,12 +286,24 @@ bus_dispatch (DBusConnection *connection, +@@ -379,12 +395,24 @@ bus_dispatch (DBusConnection *connection, if (service_name && strcmp (service_name, DBUS_SERVICE_DBUS) == 0) /* to bus driver */ { @@ -1674,7 +1670,7 @@ index 7a61953..ce4076d 100644 _dbus_verbose ("Giving message to %s\n", DBUS_SERVICE_DBUS); if (!bus_driver_handle_message (connection, transaction, message, &error)) diff --git a/bus/policy.c b/bus/policy.c -index 082f385..ec888df 100644 +index 082f3853..bcade176 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -22,6 +22,7 @@ @@ -1863,7 +1859,7 @@ index 082f385..ec888df 100644 - _dbus_verbose (" (policy) used rule, allow now = %d\n", - allowed); + _dbus_verbose (" (policy) used rule, result now = %d\n", -+ result); ++ (int)(intptr_t)result); } - return allowed; @@ -2021,7 +2017,7 @@ index 082f385..ec888df 100644 - _dbus_verbose (" (policy) used rule, allow now = %d\n", - allowed); + _dbus_verbose (" (policy) used rule, result now = %d\n", -+ result); ++ (int)(intptr_t)result); } - return allowed; @@ -2054,7 +2050,7 @@ index 082f385..ec888df 100644 return allowed; diff --git a/bus/policy.h b/bus/policy.h -index d1d3e72..e9f193a 100644 +index d1d3e72b..e9f193af 100644 --- a/bus/policy.h +++ b/bus/policy.h @@ -39,6 +39,14 @@ typedef enum @@ -2137,12 +2133,12 @@ index d1d3e72..e9f193a 100644 const DBusString *service_name); dbus_bool_t bus_client_policy_append_rule (BusClientPolicy *policy, diff --git a/configure.ac b/configure.ac -index eb803af..b131f30 100644 +index 71e3515c..f3a2ffc1 100644 --- a/configure.ac +++ b/configure.ac -@@ -1748,6 +1748,18 @@ if test "x$enable_stats" = xyes; then - [Define to enable bus daemon usage statistics]) - fi +@@ -1873,6 +1873,17 @@ AC_ARG_ENABLE([user-session], + AM_CONDITIONAL([DBUS_ENABLE_USER_SESSION], + [test "x$enable_user_session" = xyes]) +#enable cynara integration +AC_ARG_ENABLE([cynara], [AS_HELP_STRING([--enable-cynara], [enable Cynara integration])], [], [enable_cynara=no]) @@ -2155,33 +2151,32 @@ index eb803af..b131f30 100644 +AC_SUBST([CYNARA_CFLAGS]) +AC_SUBST([CYNARA_LIBS]) + -+ AC_CONFIG_FILES([ Doxyfile - dbus/versioninfo.rc -@@ -1778,6 +1790,7 @@ dbus-1.pc - dbus-1-uninstalled.pc - test/data/valid-config-files/debug-allow-all.conf - test/data/valid-config-files/debug-allow-all-sha1.conf -+test/data/valid-config-files/debug-check-some.conf - test/data/valid-config-files/incoming-limit.conf - test/data/valid-config-files-system/debug-allow-all-pass.conf - test/data/valid-config-files-system/debug-allow-all-fail.conf + dbus/Version +@@ -1952,6 +1963,7 @@ echo " + Building bus stats API: ${enable_stats} + Building SELinux support: ${have_selinux} + Building AppArmor support: ${have_apparmor} ++ Building Cynara support: ${enable_cynara} + Building inotify support: ${have_inotify} + Building kqueue support: ${have_kqueue} + Building systemd support: ${have_systemd} diff --git a/test/Makefile.am b/test/Makefile.am -index e0ed3c8..ab63edc 100644 +index 914dd7f2..86882537 100644 --- a/test/Makefile.am +++ b/test/Makefile.am -@@ -254,6 +254,7 @@ in_data = \ - data/valid-config-files-system/debug-allow-all-pass.conf.in \ - data/valid-config-files/debug-allow-all-sha1.conf.in \ +@@ -341,6 +341,7 @@ in_data = \ data/valid-config-files/debug-allow-all.conf.in \ + data/valid-config-files/finite-timeout.conf.in \ + data/valid-config-files/forbidding.conf.in \ + data/valid-config-files/debug-check-some.conf.in \ data/valid-config-files/incoming-limit.conf.in \ - data/invalid-service-files-system/org.freedesktop.DBus.TestSuiteNoExec.service.in \ - data/invalid-service-files-system/org.freedesktop.DBus.TestSuiteNoService.service.in \ + data/valid-config-files/multi-user.conf.in \ + data/valid-config-files/systemd-activation.conf.in \ diff --git a/test/data/invalid-config-files/badcheck-1.conf b/test/data/invalid-config-files/badcheck-1.conf new file mode 100644 -index 0000000..fad9f50 +index 00000000..fad9f502 --- /dev/null +++ b/test/data/invalid-config-files/badcheck-1.conf @@ -0,0 +1,9 @@ @@ -2196,7 +2191,7 @@ index 0000000..fad9f50 +</busconfig> diff --git a/test/data/invalid-config-files/badcheck-2.conf b/test/data/invalid-config-files/badcheck-2.conf new file mode 100644 -index 0000000..63c7ef2 +index 00000000..63c7ef25 --- /dev/null +++ b/test/data/invalid-config-files/badcheck-2.conf @@ -0,0 +1,9 @@ @@ -2211,7 +2206,7 @@ index 0000000..63c7ef2 +</busconfig> diff --git a/test/data/valid-config-files/check-1.conf b/test/data/valid-config-files/check-1.conf new file mode 100644 -index 0000000..ad71473 +index 00000000..ad714733 --- /dev/null +++ b/test/data/valid-config-files/check-1.conf @@ -0,0 +1,9 @@ @@ -2226,7 +2221,7 @@ index 0000000..ad71473 +</busconfig> diff --git a/test/data/valid-config-files/debug-check-some.conf.in b/test/data/valid-config-files/debug-check-some.conf.in new file mode 100644 -index 0000000..47ee854 +index 00000000..47ee8548 --- /dev/null +++ b/test/data/valid-config-files/debug-check-some.conf.in @@ -0,0 +1,18 @@ @@ -2248,6 +2243,19 @@ index 0000000..47ee854 + <check privilege="foo" send_interface="org.freedesktop.TestSuite" send_member="Echo"/> + </policy> +</busconfig> +diff --git a/tools/dbus-send.c b/tools/dbus-send.c +index 0dc1f5b3..76ddab3f 100644 +--- a/tools/dbus-send.c ++++ b/tools/dbus-send.c +@@ -458,7 +458,7 @@ main (int argc, char *argv[]) + char *arg; + char *c; + int type; +- int secondary_type; ++ int secondary_type = 0; + int container_type; + DBusMessageIter *target_iter; + DBusMessageIter container_iter; -- -2.1.4 +2.14.3 diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Disable-message-dispatching-when-send-rule-result-is.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0002-Disable-message-dispatching-when-send-rule-result-is.patch index ca787149e..b1c3f3fdc 100644 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Disable-message-dispatching-when-send-rule-result-is.patch +++ b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0002-Disable-message-dispatching-when-send-rule-result-is.patch @@ -1,8 +1,11 @@ -From b1b87ad9f20b2052c28431b48e81073078a745ce Mon Sep 17 00:00:00 2001 +From 9bea6ec0497391b6af41daca18d7868af2656cef Mon Sep 17 00:00:00 2001 From: Jacek Bukarewicz <j.bukarewicz@samsung.com> Date: Fri, 28 Nov 2014 12:07:39 +0100 -Subject: [PATCH 5/8] Disable message dispatching when send rule result is not +Subject: [PATCH 2/5] Disable message dispatching when send rule result is not known +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit When unicast message is sent to addressed recipient and policy result is not available message dispatch from the sender is disabled. @@ -15,23 +18,28 @@ rejected. Also, if message is sent to non-addressed recipient and policy result is unknown, message is silently dropped. Change-Id: I57eccbf973525fd51369c7d4e58908292f44da80 + +Cherry-picked from b1b87ad9f20b2052c28431b48e81073078a745ce +by Jose Bollo. + +Signed-off-by: José Bollo <jose.bollo@iot.bzh> --- - bus/activation.c | 79 +++++++++++++++-- + bus/activation.c | 78 +++++++++++++++-- bus/check.c | 109 ++++++++++++++++++++++-- bus/check.h | 10 +++ bus/cynara.c | 1 - - bus/dispatch.c | 183 ++++++++++++++++++++++++++++++++++++---- + bus/dispatch.c | 184 ++++++++++++++++++++++++++++++++++++---- bus/dispatch.h | 2 +- - bus/driver.c | 13 ++- - dbus/dbus-connection-internal.h | 9 ++ + bus/driver.c | 12 ++- + dbus/dbus-connection-internal.h | 15 ++++ dbus/dbus-connection.c | 125 +++++++++++++++++++++++++-- dbus/dbus-list.c | 29 +++++++ - dbus/dbus-list.h | 2 + + dbus/dbus-list.h | 3 + dbus/dbus-shared.h | 3 +- - 12 files changed, 522 insertions(+), 43 deletions(-) + 12 files changed, 528 insertions(+), 43 deletions(-) diff --git a/bus/activation.c b/bus/activation.c -index ecd19bb..8c43941 100644 +index 1a98af6d..343d3f22 100644 --- a/bus/activation.c +++ b/bus/activation.c @@ -31,6 +31,7 @@ @@ -143,7 +151,7 @@ index ecd19bb..8c43941 100644 return FALSE; } -@@ -2009,13 +2059,24 @@ bus_activation_activate_service (BusActivation *activation, +@@ -2028,13 +2078,23 @@ bus_activation_activate_service (BusActivation *activation, if (service != NULL) { @@ -160,18 +168,17 @@ index ecd19bb..8c43941 100644 + + if (res == BUS_RESULT_TRUE) + retval = TRUE; -+ else if (res == BUS_RESULT_FALSE) -+ retval = FALSE; -+ else if (res == BUS_RESULT_LATER) ++ else + { -+ _dbus_verbose("Unexpectedly need time to check message from bus driver to systemd - dropping the message.\n"); + retval = FALSE; ++ if (res == BUS_RESULT_LATER) ++ _dbus_verbose("Unexpectedly need time to check message from bus driver to systemd - dropping the message.\n"); + } } else { diff --git a/bus/check.c b/bus/check.c -index d2f418a..cd6a74b 100644 +index 5b72d31c..4b8a6994 100644 --- a/bus/check.c +++ b/bus/check.c @@ -55,6 +55,8 @@ typedef struct BusDeferredMessage @@ -250,7 +257,7 @@ index d2f418a..cd6a74b 100644 +} + +#ifdef DBUS_ENABLE_EMBEDDED_TESTS -+dbus_bool_t (*bus_check_test_override) (DBusConnection *connection, ++BusResult (*bus_check_test_override) (DBusConnection *connection, + const char *privilege); +#endif + @@ -263,9 +270,9 @@ index d2f418a..cd6a74b 100644 { + BusDeferredMessage *previous_deferred_message; BusResult result = BUS_RESULT_FALSE; + #ifdef DBUS_ENABLE_CYNARA BusCynara *cynara; - DBusConnection *connection; -@@ -135,16 +186,54 @@ bus_check_privilege (BusCheck *check, +@@ -137,16 +188,54 @@ bus_check_privilege (BusCheck *check, return BUS_RESULT_FALSE; } @@ -327,7 +334,7 @@ index d2f418a..cd6a74b 100644 } return result; } -@@ -204,6 +293,12 @@ bus_deferred_message_unref (BusDeferredMessage *deferred_message) +@@ -206,6 +295,12 @@ bus_deferred_message_unref (BusDeferredMessage *deferred_message) } } @@ -341,7 +348,7 @@ index d2f418a..cd6a74b 100644 bus_deferred_message_response_received (BusDeferredMessage *deferred_message, BusResult result) diff --git a/bus/check.h b/bus/check.h -index c3fcaf9..f381789 100644 +index c3fcaf90..d1775497 100644 --- a/bus/check.h +++ b/bus/check.h @@ -55,6 +55,7 @@ BusResult bus_check_privilege (BusCheck *check, @@ -361,13 +368,13 @@ index c3fcaf9..f381789 100644 +BusDeferredMessageStatus bus_deferred_message_get_status (BusDeferredMessage *deferred_message); + +#ifdef DBUS_ENABLE_EMBEDDED_TESTS -+extern dbus_bool_t (*bus_check_test_override) (DBusConnection *connection, ++extern BusResult (*bus_check_test_override) (DBusConnection *connection, + const char *privilege); +#endif + #endif /* BUS_CHECK_H */ diff --git a/bus/cynara.c b/bus/cynara.c -index 57a4c45..77aed62 100644 +index 57a4c45c..77aed623 100644 --- a/bus/cynara.c +++ b/bus/cynara.c @@ -36,7 +36,6 @@ @@ -379,10 +386,18 @@ index 57a4c45..77aed62 100644 typedef struct BusCynara { diff --git a/bus/dispatch.c b/bus/dispatch.c -index ce4076d..6b0eadc 100644 +index 05be3bdf..7353501b 100644 --- a/bus/dispatch.c +++ b/bus/dispatch.c -@@ -81,7 +81,7 @@ send_one_message (DBusConnection *connection, +@@ -35,6 +35,7 @@ + #include "signals.h" + #include "test.h" + #include <dbus/dbus-internals.h> ++#include <dbus/dbus-connection-internal.h> + #include <dbus/dbus-misc.h> + #include <string.h> + +@@ -121,7 +122,7 @@ send_one_message (DBusConnection *connection, return TRUE; } @@ -391,7 +406,7 @@ index ce4076d..6b0eadc 100644 bus_dispatch_matches (BusTransaction *transaction, DBusConnection *sender, DBusConnection *addressed_recipient, -@@ -117,13 +117,29 @@ bus_dispatch_matches (BusTransaction *transaction, +@@ -157,13 +158,29 @@ bus_dispatch_matches (BusTransaction *transaction, message, error, &deferred_message); if (res == BUS_RESULT_FALSE) @@ -426,7 +441,7 @@ index ce4076d..6b0eadc 100644 } if (dbus_message_contains_unix_fds (message) && -@@ -134,14 +150,14 @@ bus_dispatch_matches (BusTransaction *transaction, +@@ -174,14 +191,14 @@ bus_dispatch_matches (BusTransaction *transaction, DBUS_ERROR_NOT_SUPPORTED, "Tried to send message with Unix file descriptors" "to a client that doesn't support that."); @@ -444,7 +459,7 @@ index ce4076d..6b0eadc 100644 } } -@@ -156,7 +172,7 @@ bus_dispatch_matches (BusTransaction *transaction, +@@ -196,7 +213,7 @@ bus_dispatch_matches (BusTransaction *transaction, &recipients)) { BUS_SET_OOM (error); @@ -453,7 +468,7 @@ index ce4076d..6b0eadc 100644 } link = _dbus_list_get_first_link (&recipients); -@@ -178,10 +194,10 @@ bus_dispatch_matches (BusTransaction *transaction, +@@ -218,10 +235,10 @@ bus_dispatch_matches (BusTransaction *transaction, if (dbus_error_is_set (&tmp_error)) { dbus_move_error (&tmp_error, error); @@ -466,7 +481,7 @@ index ce4076d..6b0eadc 100644 } static DBusHandlerResult -@@ -298,10 +314,12 @@ bus_dispatch (DBusConnection *connection, +@@ -407,10 +424,12 @@ bus_dispatch (DBusConnection *connection, } else if (res == BUS_RESULT_LATER) { @@ -483,7 +498,7 @@ index ce4076d..6b0eadc 100644 goto out; } -@@ -366,8 +384,14 @@ bus_dispatch (DBusConnection *connection, +@@ -475,8 +494,14 @@ bus_dispatch (DBusConnection *connection, * addressed_recipient == NULL), and match it against other connections' * match rules. */ @@ -500,7 +515,7 @@ index ce4076d..6b0eadc 100644 out: if (dbus_error_is_set (&error)) -@@ -4714,9 +4738,132 @@ bus_dispatch_test_conf_fail (const DBusString *test_data_dir, +@@ -5001,9 +5026,132 @@ bus_dispatch_test_conf_fail (const DBusString *test_data_dir, return TRUE; } @@ -531,7 +546,7 @@ index ce4076d..6b0eadc 100644 + return TRUE; +} + -+static dbus_bool_t ++static BusResult +bus_dispatch_test_check_override (DBusConnection *connection, + const char *privilege) +{ @@ -597,7 +612,7 @@ index ce4076d..6b0eadc 100644 + if (!check_double_hello_message (context, foo)) + _dbus_assert_not_reached ("double hello message failed"); + -+ if (!check_add_match_all (context, foo)) ++ if (!check_add_match (context, foo, "")) + _dbus_assert_not_reached ("AddMatch message failed"); + + /* @@ -634,7 +649,7 @@ index ce4076d..6b0eadc 100644 _dbus_verbose ("Normal activation tests\n"); if (!bus_dispatch_test_conf (test_data_dir, diff --git a/bus/dispatch.h b/bus/dispatch.h -index fb5ba7a..afba6a2 100644 +index fb5ba7a5..afba6a24 100644 --- a/bus/dispatch.h +++ b/bus/dispatch.h @@ -29,7 +29,7 @@ @@ -647,10 +662,10 @@ index fb5ba7a..afba6a2 100644 DBusConnection *recipient, DBusMessage *message, diff --git a/bus/driver.c b/bus/driver.c -index 11706f8..4dbce3d 100644 +index b7e1a0a0..a5823d4d 100644 --- a/bus/driver.c +++ b/bus/driver.c -@@ -97,6 +97,7 @@ bus_driver_send_service_owner_changed (const char *service_name, +@@ -225,6 +225,7 @@ bus_driver_send_service_owner_changed (const char *service_name, { DBusMessage *message; dbus_bool_t retval; @@ -658,47 +673,52 @@ index 11706f8..4dbce3d 100644 const char *null_service; _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -129,7 +130,17 @@ bus_driver_send_service_owner_changed (const char *service_name, - - _dbus_assert (dbus_message_has_signature (message, "sss")); +@@ -260,7 +261,16 @@ bus_driver_send_service_owner_changed (const char *service_name, + if (!bus_transaction_capture (transaction, NULL, message)) + goto oom; - retval = bus_dispatch_matches (transaction, NULL, NULL, message, error); + res = bus_dispatch_matches (transaction, NULL, NULL, message, error); + if (res == BUS_RESULT_TRUE) + retval = TRUE; -+ else if (res == BUS_RESULT_FALSE) -+ retval = FALSE; -+ else if (res == BUS_RESULT_LATER) ++ else + { -+ /* should never happen */ -+ _dbus_assert_not_reached ("bus_dispatch_matches returned BUS_RESULT_LATER unexpectedly"); + retval = FALSE; ++ if (res == BUS_RESULT_LATER) ++ /* should never happen */ ++ _dbus_assert_not_reached ("bus_dispatch_matches returned BUS_RESULT_LATER unexpectedly"); + } dbus_message_unref (message); return retval; diff --git a/dbus/dbus-connection-internal.h b/dbus/dbus-connection-internal.h -index 64ef336..4fcd118 100644 +index 48357321..94b1c951 100644 --- a/dbus/dbus-connection-internal.h +++ b/dbus/dbus-connection-internal.h -@@ -109,6 +109,15 @@ void _dbus_connection_set_pending_fds_function (DBusConnectio - +@@ -118,6 +118,21 @@ DBUS_PRIVATE_EXPORT dbus_bool_t _dbus_connection_get_linux_security_label (DBusConnection *connection, char **label_p); + ++DBUS_PRIVATE_EXPORT +void _dbus_connection_enable_dispatch (DBusConnection *connection); ++DBUS_PRIVATE_EXPORT +void _dbus_connection_disable_dispatch (DBusConnection *connection); ++ ++DBUS_PRIVATE_EXPORT +dbus_bool_t _dbus_connection_putback_message (DBusConnection *connection, + DBusMessage *after_message, + DBusMessage *message, + DBusError *error); + ++DBUS_PRIVATE_EXPORT +dbus_bool_t _dbus_connection_remove_message (DBusConnection *connection, + DBusMessage *message); - ++ /* if DBUS_ENABLE_STATS */ + DBUS_PRIVATE_EXPORT void _dbus_connection_get_stats (DBusConnection *connection, diff --git a/dbus/dbus-connection.c b/dbus/dbus-connection.c -index 8952b75..5d8d943 100644 +index 7f5b3292..ed0be70d 100644 --- a/dbus/dbus-connection.c +++ b/dbus/dbus-connection.c @@ -311,7 +311,8 @@ struct DBusConnection @@ -751,7 +771,7 @@ index 8952b75..5d8d943 100644 #ifdef DBUS_ENABLE_EMBEDDED_TESTS /** * Gets the locks so we can examine them -@@ -4068,6 +4102,82 @@ _dbus_connection_putback_message_link_unlocked (DBusConnection *connection, +@@ -4070,6 +4104,82 @@ _dbus_connection_putback_message_link_unlocked (DBusConnection *connection, "_dbus_connection_putback_message_link_unlocked"); } @@ -834,7 +854,7 @@ index 8952b75..5d8d943 100644 /** * Returns the first-received message from the incoming message queue, * removing it from the queue. The caller owns a reference to the -@@ -4251,8 +4361,9 @@ static DBusDispatchStatus +@@ -4253,8 +4363,9 @@ static DBusDispatchStatus _dbus_connection_get_dispatch_status_unlocked (DBusConnection *connection) { HAVE_LOCK_CHECK (connection); @@ -846,7 +866,7 @@ index 8952b75..5d8d943 100644 return DBUS_DISPATCH_DATA_REMAINS; else if (!_dbus_transport_queue_messages (connection->transport)) return DBUS_DISPATCH_NEED_MEMORY; -@@ -4689,6 +4800,8 @@ dbus_connection_dispatch (DBusConnection *connection) +@@ -4717,6 +4828,8 @@ dbus_connection_dispatch (DBusConnection *connection) CONNECTION_LOCK (connection); @@ -855,7 +875,7 @@ index 8952b75..5d8d943 100644 if (result == DBUS_HANDLER_RESULT_NEED_MEMORY) { _dbus_verbose ("No memory\n"); -@@ -4811,9 +4924,11 @@ dbus_connection_dispatch (DBusConnection *connection) +@@ -4839,9 +4952,11 @@ dbus_connection_dispatch (DBusConnection *connection) connection); out: @@ -870,13 +890,14 @@ index 8952b75..5d8d943 100644 /* Put message back, and we'll start over. * Yes this means handlers must be idempotent if they diff --git a/dbus/dbus-list.c b/dbus/dbus-list.c -index c4c1856..f84918b 100644 +index c4c1856f..f84918b1 100644 --- a/dbus/dbus-list.c +++ b/dbus/dbus-list.c -@@ -459,6 +459,35 @@ _dbus_list_remove_last (DBusList **list, +@@ -458,6 +458,35 @@ _dbus_list_remove_last (DBusList **list, + return FALSE; } - /** ++/** + * Finds a value in the list. Returns the first link + * with value equal to the given data pointer. + * This is a linear-time operation. @@ -905,25 +926,25 @@ index c4c1856..f84918b 100644 + return NULL; +} + -+/** + /** * Finds a value in the list. Returns the last link * with value equal to the given data pointer. - * This is a linear-time operation. diff --git a/dbus/dbus-list.h b/dbus/dbus-list.h -index 910d738..abe8331 100644 +index 9350a0da..fee9f1bc 100644 --- a/dbus/dbus-list.h +++ b/dbus/dbus-list.h -@@ -59,6 +59,8 @@ dbus_bool_t _dbus_list_remove_last (DBusList **list, - void *data); +@@ -68,6 +68,9 @@ DBUS_PRIVATE_EXPORT void _dbus_list_remove_link (DBusList **list, DBusList *link); + DBUS_PRIVATE_EXPORT +DBusList* _dbus_list_find_first (DBusList **list, + void *data); ++DBUS_PRIVATE_EXPORT DBusList* _dbus_list_find_last (DBusList **list, void *data); - void _dbus_list_clear (DBusList **list); + DBUS_PRIVATE_EXPORT diff --git a/dbus/dbus-shared.h b/dbus/dbus-shared.h -index 6a57670..5371d88 100644 +index 7ab91035..e5bfbed6 100644 --- a/dbus/dbus-shared.h +++ b/dbus/dbus-shared.h @@ -67,7 +67,8 @@ typedef enum @@ -937,5 +958,5 @@ index 6a57670..5371d88 100644 /* Bus names */ -- -2.1.4 +2.14.3 diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0002-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0002-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch deleted file mode 100644 index 64c8b9b50..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0002-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch +++ /dev/null @@ -1,97 +0,0 @@ -From 25cb15916402c55112cae2be0954d24afe74e2f2 Mon Sep 17 00:00:00 2001 -From: Tyler Hicks <tyhicks@canonical.com> -Date: Thu, 13 Mar 2014 17:37:38 -0500 -Subject: [PATCH 2/8] New a{sv} helper for using byte arrays as the variant - -Create a new helper for using a byte array as the value in the mapping -from string to variant. - -Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75113 -Bug: https://bugs.freedesktop.org/show_bug.cgi?id=89041 -Signed-off-by: Tyler Hicks <tyhicks@canonical.com> -Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> -Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk> ---- - dbus/dbus-asv-util.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++ - dbus/dbus-asv-util.h | 4 ++++ - 2 files changed, 58 insertions(+) - -diff --git a/dbus/dbus-asv-util.c b/dbus/dbus-asv-util.c -index 583e41f..d3ac5e9 100644 ---- a/dbus/dbus-asv-util.c -+++ b/dbus/dbus-asv-util.c -@@ -258,3 +258,57 @@ _dbus_asv_add_string (DBusMessageIter *arr_iter, - - return TRUE; - } -+ -+/** -+ * Create a new entry in an a{sv} (map from string to variant) -+ * with a byte array value. -+ * -+ * If this function fails, the a{sv} must be abandoned, for instance -+ * with _dbus_asv_abandon(). -+ * -+ * @param arr_iter the iterator which is appending to the array -+ * @param key a UTF-8 key for the map -+ * @param value the value -+ * @param n_elements the number of elements to append -+ * @returns #TRUE on success, or #FALSE if not enough memory -+ */ -+dbus_bool_t -+_dbus_asv_add_byte_array (DBusMessageIter *arr_iter, -+ const char *key, -+ const void *value, -+ int n_elements) -+{ -+ DBusMessageIter entry_iter; -+ DBusMessageIter var_iter; -+ DBusMessageIter byte_array_iter; -+ -+ if (!_dbus_asv_open_entry (arr_iter, &entry_iter, key, "ay", &var_iter)) -+ return FALSE; -+ -+ if (!dbus_message_iter_open_container (&var_iter, DBUS_TYPE_ARRAY, -+ DBUS_TYPE_BYTE_AS_STRING, -+ &byte_array_iter)) -+ { -+ _dbus_asv_abandon_entry (arr_iter, &entry_iter, &var_iter); -+ return FALSE; -+ } -+ -+ if (!dbus_message_iter_append_fixed_array (&byte_array_iter, DBUS_TYPE_BYTE, -+ &value, n_elements)) -+ { -+ dbus_message_iter_abandon_container (&var_iter, &byte_array_iter); -+ _dbus_asv_abandon_entry (arr_iter, &entry_iter, &var_iter); -+ return FALSE; -+ } -+ -+ if (!dbus_message_iter_close_container (&var_iter, &byte_array_iter)) -+ { -+ _dbus_asv_abandon_entry (arr_iter, &entry_iter, &var_iter); -+ return FALSE; -+ } -+ -+ if (!_dbus_asv_close_entry (arr_iter, &entry_iter, &var_iter)) -+ return FALSE; -+ -+ return TRUE; -+} -diff --git a/dbus/dbus-asv-util.h b/dbus/dbus-asv-util.h -index 0337260..277ab80 100644 ---- a/dbus/dbus-asv-util.h -+++ b/dbus/dbus-asv-util.h -@@ -42,5 +42,9 @@ dbus_bool_t _dbus_asv_add_uint32 (DBusMessageIter *arr_iter, - dbus_bool_t _dbus_asv_add_string (DBusMessageIter *arr_iter, - const char *key, - const char *value); -+dbus_bool_t _dbus_asv_add_byte_array (DBusMessageIter *arr_iter, -+ const char *key, -+ const void *value, -+ int n_elements); - - #endif --- -2.1.4 - diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0003-Add-LSM-agnostic-support-for-LinuxSecurityLabel-cred.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0003-Add-LSM-agnostic-support-for-LinuxSecurityLabel-cred.patch deleted file mode 100644 index fcb85504d..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0003-Add-LSM-agnostic-support-for-LinuxSecurityLabel-cred.patch +++ /dev/null @@ -1,515 +0,0 @@ -From 9da49d4eb6982c659fec988231baef8cd1b05be2 Mon Sep 17 00:00:00 2001 -From: Simon McVittie <simon.mcvittie@collabora.co.uk> -Date: Wed, 11 Feb 2015 13:19:15 +0000 -Subject: [PATCH 3/8] Add LSM-agnostic support for LinuxSecurityLabel - credential - -Bug: https://bugs.freedesktop.org/show_bug.cgi?id=89041 -Change-Id: I70512843d1a7661c87461b1b6d86fbfbda934ad5 -Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk> -Acked-by: Stephen Smalley <sds@tycho.nsa.gov> (for SELinux) -Acked-by: John Johansen <john.johansen@canonical.com> (for AppArmor) -Acked-by: Casey Schaufler <casey@schaufler-ca.com> (for Smack) -Tested-by: Tyler Hicks <tyhicks@canonical.com> ---- - bus/driver.c | 19 ++++++++ - dbus/dbus-auth.c | 11 +++-- - dbus/dbus-connection-internal.h | 3 ++ - dbus/dbus-connection.c | 26 ++++++++++ - dbus/dbus-credentials.c | 68 ++++++++++++++++++++++++++ - dbus/dbus-credentials.h | 4 ++ - dbus/dbus-sysdeps-unix.c | 105 ++++++++++++++++++++++++++++++++++++++++ - dbus/dbus-transport.c | 27 +++++++++++ - dbus/dbus-transport.h | 3 ++ - 9 files changed, 262 insertions(+), 4 deletions(-) - -diff --git a/bus/driver.c b/bus/driver.c -index 888c7ca..11706f8 100644 ---- a/bus/driver.c -+++ b/bus/driver.c -@@ -34,6 +34,7 @@ - #include "utils.h" - - #include <dbus/dbus-asv-util.h> -+#include <dbus/dbus-connection-internal.h> - #include <dbus/dbus-string.h> - #include <dbus/dbus-internals.h> - #include <dbus/dbus-message.h> -@@ -1567,6 +1568,7 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, - DBusMessageIter reply_iter; - DBusMessageIter array_iter; - unsigned long ulong_val; -+ char *s; - const char *service; - - _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -1601,6 +1603,23 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, - goto oom; - } - -+ if (_dbus_connection_get_linux_security_label (conn, &s)) -+ { -+ if (s == NULL) -+ goto oom; -+ -+ /* use the GVariant bytestring convention for strings of unknown -+ * encoding: include the \0 in the payload, for zero-copy reading */ -+ if (!_dbus_asv_add_byte_array (&array_iter, "LinuxSecurityLabel", -+ s, strlen (s) + 1)) -+ { -+ dbus_free (s); -+ goto oom; -+ } -+ -+ dbus_free (s); -+ } -+ - if (!_dbus_asv_close (&reply_iter, &array_iter)) - goto oom; - -diff --git a/dbus/dbus-auth.c b/dbus/dbus-auth.c -index 6a07665..aee877d 100644 ---- a/dbus/dbus-auth.c -+++ b/dbus/dbus-auth.c -@@ -1102,20 +1102,23 @@ handle_server_data_external_mech (DBusAuth *auth, - auth->desired_identity)) - return FALSE; - -- /* also copy process ID from the socket credentials -+ /* also copy misc process info from the socket credentials - */ - if (!_dbus_credentials_add_credential (auth->authorized_identity, - DBUS_CREDENTIAL_UNIX_PROCESS_ID, - auth->credentials)) - return FALSE; - -- /* also copy audit data from the socket credentials -- */ - if (!_dbus_credentials_add_credential (auth->authorized_identity, - DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID, - auth->credentials)) - return FALSE; -- -+ -+ if (!_dbus_credentials_add_credential (auth->authorized_identity, -+ DBUS_CREDENTIAL_LINUX_SECURITY_LABEL, -+ auth->credentials)) -+ return FALSE; -+ - if (!send_ok (auth)) - return FALSE; - -diff --git a/dbus/dbus-connection-internal.h b/dbus/dbus-connection-internal.h -index 2897404..64ef336 100644 ---- a/dbus/dbus-connection-internal.h -+++ b/dbus/dbus-connection-internal.h -@@ -107,6 +107,9 @@ void _dbus_connection_set_pending_fds_function (DBusConnectio - DBusPendingFdsChangeFunction callback, - void *data); - -+dbus_bool_t _dbus_connection_get_linux_security_label (DBusConnection *connection, -+ char **label_p); -+ - /* if DBUS_ENABLE_STATS */ - void _dbus_connection_get_stats (DBusConnection *connection, - dbus_uint32_t *in_messages, -diff --git a/dbus/dbus-connection.c b/dbus/dbus-connection.c -index b574207..8952b75 100644 ---- a/dbus/dbus-connection.c -+++ b/dbus/dbus-connection.c -@@ -5322,6 +5322,32 @@ dbus_connection_set_unix_user_function (DBusConnection *connection, - (* old_free_function) (old_data); - } - -+/* Same calling convention as dbus_connection_get_windows_user */ -+dbus_bool_t -+_dbus_connection_get_linux_security_label (DBusConnection *connection, -+ char **label_p) -+{ -+ dbus_bool_t result; -+ -+ _dbus_assert (connection != NULL); -+ _dbus_assert (label_p != NULL); -+ -+ CONNECTION_LOCK (connection); -+ -+ if (!_dbus_transport_try_to_authenticate (connection->transport)) -+ result = FALSE; -+ else -+ result = _dbus_transport_get_linux_security_label (connection->transport, -+ label_p); -+#ifndef __linux__ -+ _dbus_assert (!result); -+#endif -+ -+ CONNECTION_UNLOCK (connection); -+ -+ return result; -+} -+ - /** - * Gets the Windows user SID of the connection if known. Returns - * #TRUE if the ID is filled in. Always returns #FALSE on non-Windows -diff --git a/dbus/dbus-credentials.c b/dbus/dbus-credentials.c -index 7325125..151bb00 100644 ---- a/dbus/dbus-credentials.c -+++ b/dbus/dbus-credentials.c -@@ -50,6 +50,7 @@ struct DBusCredentials { - dbus_uid_t unix_uid; - dbus_pid_t pid; - char *windows_sid; -+ char *linux_security_label; - void *adt_audit_data; - dbus_int32_t adt_audit_data_size; - }; -@@ -79,6 +80,7 @@ _dbus_credentials_new (void) - creds->unix_uid = DBUS_UID_UNSET; - creds->pid = DBUS_PID_UNSET; - creds->windows_sid = NULL; -+ creds->linux_security_label = NULL; - creds->adt_audit_data = NULL; - creds->adt_audit_data_size = 0; - -@@ -133,6 +135,7 @@ _dbus_credentials_unref (DBusCredentials *credentials) - if (credentials->refcount == 0) - { - dbus_free (credentials->windows_sid); -+ dbus_free (credentials->linux_security_label); - dbus_free (credentials->adt_audit_data); - dbus_free (credentials); - } -@@ -193,6 +196,30 @@ _dbus_credentials_add_windows_sid (DBusCredentials *credentials, - } - - /** -+ * Add a Linux security label, as used by LSMs such as SELinux, Smack and -+ * AppArmor, to the credentials. -+ * -+ * @param credentials the object -+ * @param label the label -+ * @returns #FALSE if no memory -+ */ -+dbus_bool_t -+_dbus_credentials_add_linux_security_label (DBusCredentials *credentials, -+ const char *label) -+{ -+ char *copy; -+ -+ copy = _dbus_strdup (label); -+ if (copy == NULL) -+ return FALSE; -+ -+ dbus_free (credentials->linux_security_label); -+ credentials->linux_security_label = copy; -+ -+ return TRUE; -+} -+ -+/** - * Add ADT audit data to the credentials. - * - * @param credentials the object -@@ -236,6 +263,8 @@ _dbus_credentials_include (DBusCredentials *credentials, - return credentials->unix_uid != DBUS_UID_UNSET; - case DBUS_CREDENTIAL_WINDOWS_SID: - return credentials->windows_sid != NULL; -+ case DBUS_CREDENTIAL_LINUX_SECURITY_LABEL: -+ return credentials->linux_security_label != NULL; - case DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID: - return credentials->adt_audit_data != NULL; - } -@@ -284,6 +313,19 @@ _dbus_credentials_get_windows_sid (DBusCredentials *credentials) - } - - /** -+ * Gets the Linux security label (as used by LSMs) from the credentials, -+ * or #NULL if the credentials object doesn't contain a security label. -+ * -+ * @param credentials the object -+ * @returns the security label -+ */ -+const char * -+_dbus_credentials_get_linux_security_label (DBusCredentials *credentials) -+{ -+ return credentials->linux_security_label; -+} -+ -+/** - * Gets the ADT audit data in the credentials, or #NULL if - * the credentials object doesn't contain ADT audit data. - * -@@ -329,6 +371,10 @@ _dbus_credentials_are_superset (DBusCredentials *credentials, - (possible_subset->windows_sid == NULL || - (credentials->windows_sid && strcmp (possible_subset->windows_sid, - credentials->windows_sid) == 0)) && -+ (possible_subset->linux_security_label == NULL || -+ (credentials->linux_security_label != NULL && -+ strcmp (possible_subset->linux_security_label, -+ credentials->linux_security_label) == 0)) && - (possible_subset->adt_audit_data == NULL || - (credentials->adt_audit_data && memcmp (possible_subset->adt_audit_data, - credentials->adt_audit_data, -@@ -348,6 +394,7 @@ _dbus_credentials_are_empty (DBusCredentials *credentials) - credentials->pid == DBUS_PID_UNSET && - credentials->unix_uid == DBUS_UID_UNSET && - credentials->windows_sid == NULL && -+ credentials->linux_security_label == NULL && - credentials->adt_audit_data == NULL; - } - -@@ -388,6 +435,9 @@ _dbus_credentials_add_credentials (DBusCredentials *credentials, - DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID, - other_credentials) && - _dbus_credentials_add_credential (credentials, -+ DBUS_CREDENTIAL_LINUX_SECURITY_LABEL, -+ other_credentials) && -+ _dbus_credentials_add_credential (credentials, - DBUS_CREDENTIAL_WINDOWS_SID, - other_credentials); - } -@@ -427,6 +477,13 @@ _dbus_credentials_add_credential (DBusCredentials *credentials, - if (!_dbus_credentials_add_windows_sid (credentials, other_credentials->windows_sid)) - return FALSE; - } -+ else if (which == DBUS_CREDENTIAL_LINUX_SECURITY_LABEL && -+ other_credentials->linux_security_label != NULL) -+ { -+ if (!_dbus_credentials_add_linux_security_label (credentials, -+ other_credentials->linux_security_label)) -+ return FALSE; -+ } - else if (which == DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID && - other_credentials->adt_audit_data != NULL) - { -@@ -449,6 +506,8 @@ _dbus_credentials_clear (DBusCredentials *credentials) - credentials->unix_uid = DBUS_UID_UNSET; - dbus_free (credentials->windows_sid); - credentials->windows_sid = NULL; -+ dbus_free (credentials->linux_security_label); -+ credentials->linux_security_label = NULL; - dbus_free (credentials->adt_audit_data); - credentials->adt_audit_data = NULL; - credentials->adt_audit_data_size = 0; -@@ -540,6 +599,15 @@ _dbus_credentials_to_string_append (DBusCredentials *credentials, - else - join = FALSE; - -+ if (credentials->linux_security_label != NULL) -+ { -+ if (!_dbus_string_append_printf (string, "%slsm='%s'", -+ join ? " " : "", -+ credentials->linux_security_label)) -+ goto oom; -+ join = TRUE; -+ } -+ - return TRUE; - oom: - return FALSE; -diff --git a/dbus/dbus-credentials.h b/dbus/dbus-credentials.h -index abcc4bb..ab74eac 100644 ---- a/dbus/dbus-credentials.h -+++ b/dbus/dbus-credentials.h -@@ -34,6 +34,7 @@ typedef enum { - DBUS_CREDENTIAL_UNIX_PROCESS_ID, - DBUS_CREDENTIAL_UNIX_USER_ID, - DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID, -+ DBUS_CREDENTIAL_LINUX_SECURITY_LABEL, - DBUS_CREDENTIAL_WINDOWS_SID - } DBusCredentialType; - -@@ -47,6 +48,8 @@ dbus_bool_t _dbus_credentials_add_unix_uid (DBusCredentials - dbus_uid_t uid); - dbus_bool_t _dbus_credentials_add_windows_sid (DBusCredentials *credentials, - const char *windows_sid); -+dbus_bool_t _dbus_credentials_add_linux_security_label (DBusCredentials *credentials, -+ const char *label); - dbus_bool_t _dbus_credentials_add_adt_audit_data (DBusCredentials *credentials, - void *audit_data, - dbus_int32_t size); -@@ -55,6 +58,7 @@ dbus_bool_t _dbus_credentials_include (DBusCredentials - dbus_pid_t _dbus_credentials_get_pid (DBusCredentials *credentials); - dbus_uid_t _dbus_credentials_get_unix_uid (DBusCredentials *credentials); - const char* _dbus_credentials_get_windows_sid (DBusCredentials *credentials); -+const char * _dbus_credentials_get_linux_security_label (DBusCredentials *credentials); - void * _dbus_credentials_get_adt_audit_data (DBusCredentials *credentials); - dbus_int32_t _dbus_credentials_get_adt_audit_data_size (DBusCredentials *credentials); - dbus_bool_t _dbus_credentials_are_superset (DBusCredentials *credentials, -diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c -index fe891ab..61af423 100644 ---- a/dbus/dbus-sysdeps-unix.c -+++ b/dbus/dbus-sysdeps-unix.c -@@ -1639,6 +1639,105 @@ write_credentials_byte (int server_fd, - } - } - -+/* return FALSE on OOM, TRUE otherwise, even if no credentials were found */ -+static dbus_bool_t -+add_linux_security_label_to_credentials (int client_fd, -+ DBusCredentials *credentials) -+{ -+#if defined(__linux__) && defined(SO_PEERSEC) -+ DBusString buf; -+ socklen_t len = 1024; -+ dbus_bool_t oom = FALSE; -+ -+ if (!_dbus_string_init_preallocated (&buf, len) || -+ !_dbus_string_set_length (&buf, len)) -+ return FALSE; -+ -+ while (getsockopt (client_fd, SOL_SOCKET, SO_PEERSEC, -+ _dbus_string_get_data (&buf), &len) < 0) -+ { -+ int e = errno; -+ -+ _dbus_verbose ("getsockopt failed with %s, len now %lu\n", -+ _dbus_strerror (e), (unsigned long) len); -+ -+ if (e != ERANGE || len <= _dbus_string_get_length (&buf)) -+ { -+ _dbus_verbose ("Failed to getsockopt(SO_PEERSEC): %s\n", -+ _dbus_strerror (e)); -+ goto out; -+ } -+ -+ /* If not enough space, len is updated to be enough. -+ * Try again with a large enough buffer. */ -+ if (!_dbus_string_set_length (&buf, len)) -+ { -+ oom = TRUE; -+ goto out; -+ } -+ -+ _dbus_verbose ("will try again with %lu\n", (unsigned long) len); -+ } -+ -+ if (len <= 0) -+ { -+ _dbus_verbose ("getsockopt(SO_PEERSEC) yielded <= 0 bytes: %lu\n", -+ (unsigned long) len); -+ goto out; -+ } -+ -+ if (len > _dbus_string_get_length (&buf)) -+ { -+ _dbus_verbose ("%lu > %d", (unsigned long) len, -+ _dbus_string_get_length (&buf)); -+ _dbus_assert_not_reached ("getsockopt(SO_PEERSEC) overflowed"); -+ } -+ -+ if (_dbus_string_get_byte (&buf, len - 1) == 0) -+ { -+ /* the kernel included the trailing \0 in its count, -+ * but DBusString always has an extra \0 after the data anyway */ -+ _dbus_verbose ("subtracting trailing \\0\n"); -+ len--; -+ } -+ -+ if (!_dbus_string_set_length (&buf, len)) -+ { -+ _dbus_assert_not_reached ("shortening string should not lead to OOM"); -+ oom = TRUE; -+ goto out; -+ } -+ -+ if (strlen (_dbus_string_get_const_data (&buf)) != len) -+ { -+ /* LSM people on the linux-security-module@ mailing list say this -+ * should never happen: the label should be a bytestring with -+ * an optional trailing \0 */ -+ _dbus_verbose ("security label from kernel had an embedded \\0, " -+ "ignoring it\n"); -+ goto out; -+ } -+ -+ _dbus_verbose ("getsockopt(SO_PEERSEC): %lu bytes excluding \\0: %s\n", -+ (unsigned long) len, -+ _dbus_string_get_const_data (&buf)); -+ -+ if (!_dbus_credentials_add_linux_security_label (credentials, -+ _dbus_string_get_const_data (&buf))) -+ { -+ oom = TRUE; -+ goto out; -+ } -+ -+out: -+ _dbus_string_free (&buf); -+ return !oom; -+#else -+ /* no error */ -+ return TRUE; -+#endif -+} -+ - /** - * Reads a single byte which must be nul (an error occurs otherwise), - * and reads unix credentials if available. Clears the credentials -@@ -1922,6 +2021,12 @@ _dbus_read_credentials_socket (int client_fd, - } - } - -+ if (!add_linux_security_label_to_credentials (client_fd, credentials)) -+ { -+ _DBUS_SET_OOM (error); -+ return FALSE; -+ } -+ - return TRUE; - } - -diff --git a/dbus/dbus-transport.c b/dbus/dbus-transport.c -index e9dcc56..a43e7bb 100644 ---- a/dbus/dbus-transport.c -+++ b/dbus/dbus-transport.c -@@ -1425,6 +1425,33 @@ _dbus_transport_set_unix_user_function (DBusTransport *transport, - transport->free_unix_user_data = free_data_function; - } - -+dbus_bool_t -+_dbus_transport_get_linux_security_label (DBusTransport *transport, -+ char **label_p) -+{ -+ DBusCredentials *auth_identity; -+ -+ *label_p = NULL; -+ -+ if (!transport->authenticated) -+ return FALSE; -+ -+ auth_identity = _dbus_auth_get_identity (transport->auth); -+ -+ if (_dbus_credentials_include (auth_identity, -+ DBUS_CREDENTIAL_LINUX_SECURITY_LABEL)) -+ { -+ /* If no memory, we are supposed to return TRUE and set NULL */ -+ *label_p = _dbus_strdup (_dbus_credentials_get_linux_security_label (auth_identity)); -+ -+ return TRUE; -+ } -+ else -+ { -+ return FALSE; -+ } -+} -+ - /** - * See dbus_connection_get_windows_user(). - * -diff --git a/dbus/dbus-transport.h b/dbus/dbus-transport.h -index 39c74c4..843f231 100644 ---- a/dbus/dbus-transport.h -+++ b/dbus/dbus-transport.h -@@ -87,6 +87,9 @@ void _dbus_transport_set_unix_user_function (DBusTransport - DBusFreeFunction *old_free_data_function); - dbus_bool_t _dbus_transport_get_windows_user (DBusTransport *transport, - char **windows_sid_p); -+dbus_bool_t _dbus_transport_get_linux_security_label (DBusTransport *transport, -+ char **label_p); -+ - void _dbus_transport_set_windows_user_function (DBusTransport *transport, - DBusAllowWindowsUserFunction function, - void *data, --- -2.1.4 - diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0006-Handle-unavailability-of-policy-results-for-broadcas.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0003-Handle-unavailability-of-policy-results-for-broadcas.patch index 66f4e14e5..b797064ec 100644 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0006-Handle-unavailability-of-policy-results-for-broadcas.patch +++ b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0003-Handle-unavailability-of-policy-results-for-broadcas.patch @@ -1,8 +1,11 @@ -From 1e231194610892dd4360224998d91336097b05a1 Mon Sep 17 00:00:00 2001 +From 8c5fd05f7b2f14ac0f4423cae300f60c6bb51c74 Mon Sep 17 00:00:00 2001 From: Jacek Bukarewicz <j.bukarewicz@samsung.com> Date: Fri, 28 Nov 2014 12:39:33 +0100 -Subject: [PATCH 6/8] Handle unavailability of policy results for broadcasts +Subject: [PATCH 3/5] Handle unavailability of policy results for broadcasts and receive rules +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit When message is sent to the addressed recipient and receive rule result is unavailable we don't want to block the sender @@ -17,22 +20,26 @@ message recipients) are handled in a similar way. The difference is that it is not full dispatch meaning message is sent to a single recipient. Change-Id: Iecd5395f75a4c7811fa97247a37d8fc4d42e8814 + +Cherry picked from 1e231194610892dd4360224998d91336097b05a1 by Jose Bollo + +Signed-off-by: José Bollo <jose.bollo@iot.bzh> --- bus/activation.c | 4 +- bus/bus.c | 50 +++++++-- bus/bus.h | 19 ++++ bus/check.c | 307 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ bus/check.h | 25 +++++ - bus/connection.c | 166 ++++++++++++++++++++++++++++-- + bus/connection.c | 169 ++++++++++++++++++++++++++++-- bus/connection.h | 19 +++- - bus/dispatch.c | 122 ++++++++++++++++++---- + bus/dispatch.c | 121 ++++++++++++++++++---- bus/dispatch.h | 11 +- bus/driver.c | 2 +- bus/policy.c | 6 ++ - 11 files changed, 685 insertions(+), 46 deletions(-) + 11 files changed, 686 insertions(+), 47 deletions(-) diff --git a/bus/activation.c b/bus/activation.c -index 8c43941..308bf41 100644 +index 343d3f22..11bd8386 100644 --- a/bus/activation.c +++ b/bus/activation.c @@ -1198,7 +1198,7 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation @@ -44,7 +51,7 @@ index 8c43941..308bf41 100644 if (res == BUS_RESULT_FALSE) { /* If permission is denied, we just want to return the error -@@ -2066,7 +2066,7 @@ bus_activation_activate_service (BusActivation *activation, +@@ -2085,7 +2085,7 @@ bus_activation_activate_service (BusActivation *activation, entry->systemd_service); /* Wonderful, systemd is connected, let's just send the msg */ res = bus_dispatch_matches (activation_transaction, NULL, bus_service_get_primary_owners_connection (service), @@ -54,10 +61,10 @@ index 8c43941..308bf41 100644 if (res == BUS_RESULT_TRUE) retval = TRUE; diff --git a/bus/bus.c b/bus/bus.c -index ac9ea8d..b478b8e 100644 +index c4008505..911e2340 100644 --- a/bus/bus.c +++ b/bus/bus.c -@@ -1704,17 +1704,9 @@ bus_context_check_security_policy (BusContext *context, +@@ -1796,17 +1796,9 @@ bus_context_check_security_policy (BusContext *context, } /* See if limits on size have been exceeded */ @@ -77,7 +84,7 @@ index ac9ea8d..b478b8e 100644 /* Record that we will allow a reply here in the future (don't * bother if the recipient is the bus or this is an eavesdropping -@@ -1769,3 +1761,41 @@ bus_context_check_all_watches (BusContext *context) +@@ -1861,3 +1853,41 @@ bus_context_check_all_watches (BusContext *context) _dbus_server_toggle_all_watches (server, enabled); } } @@ -120,12 +127,12 @@ index ac9ea8d..b478b8e 100644 + return TRUE; +} diff --git a/bus/bus.h b/bus/bus.h -index 78084dd..27a5e49 100644 +index dab7791f..445165c9 100644 --- a/bus/bus.h +++ b/bus/bus.h -@@ -148,4 +148,23 @@ BusResult bus_context_check_security_policy (BusContext - DBusError *error, +@@ -158,4 +158,23 @@ BusResult bus_context_check_security_policy (BusContext BusDeferredMessage **deferred_message); + void bus_context_check_all_watches (BusContext *context); +dbus_bool_t bus_context_check_recipient_message_limits (BusContext *context, + DBusConnection *recipient, @@ -148,7 +155,7 @@ index 78084dd..27a5e49 100644 + #endif /* BUS_BUS_H */ diff --git a/bus/check.c b/bus/check.c -index cd6a74b..733763a 100644 +index 4b8a6994..b8833349 100644 --- a/bus/check.c +++ b/bus/check.c @@ -49,6 +49,9 @@ typedef struct BusDeferredMessage @@ -161,10 +168,11 @@ index cd6a74b..733763a 100644 dbus_bool_t full_dispatch; BusDeferredMessageStatus status; BusResult response; -@@ -136,6 +139,89 @@ bus_check_enable_dispatch_callback (BusDeferredMessage *deferred_message, +@@ -135,6 +138,89 @@ bus_check_enable_dispatch_callback (BusDeferredMessage *deferred_message, + _dbus_connection_enable_dispatch(deferred_message->sender); } - static void ++static void +bus_check_queued_message_reply_callback (BusDeferredMessage *deferred_message, + BusResult result) +{ @@ -247,10 +255,9 @@ index cd6a74b..733763a 100644 + return TRUE; +} + -+static void + static void deferred_message_free_function(void *data) { - BusDeferredMessage *deferred_message = (BusDeferredMessage *)data; @@ -159,6 +245,20 @@ bus_deferred_message_disable_sender (BusDeferredMessage *deferred_message) deferred_message->response_callback = bus_check_enable_dispatch_callback; } @@ -270,9 +277,9 @@ index cd6a74b..733763a 100644 + + #ifdef DBUS_ENABLE_EMBEDDED_TESTS - dbus_bool_t (*bus_check_test_override) (DBusConnection *connection, + BusResult (*bus_check_test_override) (DBusConnection *connection, const char *privilege); -@@ -257,6 +357,9 @@ BusDeferredMessage *bus_deferred_message_new (DBusMessage *message, +@@ -259,6 +359,9 @@ BusDeferredMessage *bus_deferred_message_new (DBusMessage *message, deferred_message->addressed_recipient = addressed_recipient != NULL ? dbus_connection_ref(addressed_recipient) : NULL; deferred_message->proposed_recipient = proposed_recipient != NULL ? dbus_connection_ref(proposed_recipient) : NULL; deferred_message->message = dbus_message_ref(message); @@ -282,7 +289,7 @@ index cd6a74b..733763a 100644 deferred_message->response = response; deferred_message->status = 0; deferred_message->full_dispatch = FALSE; -@@ -293,12 +396,215 @@ bus_deferred_message_unref (BusDeferredMessage *deferred_message) +@@ -295,12 +398,215 @@ bus_deferred_message_unref (BusDeferredMessage *deferred_message) } } @@ -498,13 +505,13 @@ index cd6a74b..733763a 100644 void bus_deferred_message_response_received (BusDeferredMessage *deferred_message, BusResult result) -@@ -308,3 +614,4 @@ bus_deferred_message_response_received (BusDeferredMessage *deferred_message, +@@ -310,3 +616,4 @@ bus_deferred_message_response_received (BusDeferredMessage *deferred_message, deferred_message->response_callback(deferred_message, result); } } + diff --git a/bus/check.h b/bus/check.h -index f381789..3c6b2a1 100644 +index d1775497..9c13c184 100644 --- a/bus/check.h +++ b/bus/check.h @@ -64,12 +64,37 @@ BusDeferredMessage *bus_deferred_message_new (DBusMessage *messag @@ -543,26 +550,27 @@ index f381789..3c6b2a1 100644 + + #ifdef DBUS_ENABLE_EMBEDDED_TESTS - extern dbus_bool_t (*bus_check_test_override) (DBusConnection *connection, + extern BusResult (*bus_check_test_override) (DBusConnection *connection, const char *privilege); diff --git a/bus/connection.c b/bus/connection.c -index a6d87e5..d2ebe82 100644 +index eea50ecd..1c0bdffb 100644 --- a/bus/connection.c +++ b/bus/connection.c -@@ -30,10 +30,12 @@ - #include "signals.h" +@@ -31,11 +31,13 @@ #include "expirelist.h" #include "selinux.h" + #include "apparmor.h" +#include "check.h" #include <dbus/dbus-list.h> #include <dbus/dbus-hash.h> #include <dbus/dbus-timeout.h> #include <dbus/dbus-connection-internal.h> + #include <dbus/dbus-internals.h> +#include <dbus/dbus-message-internal.h> #ifdef DBUS_ENABLE_CYNARA #include <stdlib.h> #include <cynara-session.h> -@@ -95,6 +97,7 @@ typedef struct +@@ -102,6 +104,7 @@ typedef struct DBusMessage *oom_message; DBusPreallocatedSend *oom_preallocated; BusClientPolicy *policy; @@ -570,7 +578,7 @@ index a6d87e5..d2ebe82 100644 char *cached_loginfo_string; BusSELinuxID *selinux_id; -@@ -256,6 +259,8 @@ bus_connection_disconnected (DBusConnection *connection) +@@ -268,6 +271,8 @@ bus_connection_disconnected (DBusConnection *connection) bus_transaction_execute_and_free (transaction); } @@ -579,26 +587,39 @@ index a6d87e5..d2ebe82 100644 bus_dispatch_remove_connection (connection); /* no more watching */ -@@ -2132,6 +2137,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction, - DBusMessage *message) +@@ -2264,7 +2269,7 @@ bus_transaction_capture (BusTransaction *transaction, + { + DBusConnection *recipient = link->data; + +- if (!bus_transaction_send (transaction, recipient, message)) ++ if (!bus_transaction_send (transaction, recipient, message, FALSE)) + goto out; + } + +@@ -2317,6 +2322,7 @@ bus_transaction_send_from_driver (BusTransaction *transaction, { + DBusError error = DBUS_ERROR_INIT; BusResult res; + BusDeferredMessage *deferred_message; + /* We have to set the sender to the driver, and have * to check security policy since it was not done in - * dispatch.c -@@ -2163,23 +2169,25 @@ bus_transaction_send_from_driver (BusTransaction *transaction, +@@ -2357,7 +2363,8 @@ bus_transaction_send_from_driver (BusTransaction *transaction, res = bus_context_check_security_policy (bus_transaction_get_context (transaction), transaction, - NULL, connection, connection, message, NULL, + NULL, connection, connection, message, &error, - NULL); + &deferred_message); - ++ if (res == BUS_RESULT_FALSE) - return TRUE; + { + if (!bus_transaction_capture_error_reply (transaction, &error, message)) +@@ -2374,18 +2381,20 @@ bus_transaction_send_from_driver (BusTransaction *transaction, + } else if (res == BUS_RESULT_LATER) { - _dbus_verbose ("Cannot delay sending message from bus driver, dropping it\n"); + dbus_error_free (&error); - return TRUE; + if (!bus_deferred_message_queue_at_recipient(deferred_message, transaction, FALSE, FALSE)) + return FALSE; @@ -618,7 +639,7 @@ index a6d87e5..d2ebe82 100644 { MessageToSend *to_send; BusConnectionData *d; -@@ -2205,7 +2213,28 @@ bus_transaction_send (BusTransaction *transaction, +@@ -2411,7 +2420,28 @@ bus_transaction_send (BusTransaction *transaction, d = BUS_CONNECTION_DATA (connection); _dbus_assert (d != NULL); @@ -648,7 +669,7 @@ index a6d87e5..d2ebe82 100644 to_send = dbus_new (MessageToSend, 1); if (to_send == NULL) { -@@ -2457,6 +2486,131 @@ bus_transaction_add_cancel_hook (BusTransaction *transaction, +@@ -2663,6 +2693,131 @@ bus_transaction_add_cancel_hook (BusTransaction *transaction, return TRUE; } @@ -781,10 +802,10 @@ index a6d87e5..d2ebe82 100644 bus_connections_get_n_active (BusConnections *connections) { diff --git a/bus/connection.h b/bus/connection.h -index 7433746..8d49b25 100644 +index a6e5dfde..46e883e6 100644 --- a/bus/connection.h +++ b/bus/connection.h -@@ -82,6 +82,22 @@ dbus_bool_t bus_connection_preallocate_oom_error (DBusConnection *connection); +@@ -83,6 +83,22 @@ dbus_bool_t bus_connection_preallocate_oom_error (DBusConnection *connection); void bus_connection_send_oom_error (DBusConnection *connection, DBusMessage *in_reply_to); @@ -807,42 +828,40 @@ index 7433746..8d49b25 100644 /* called by signals.c */ dbus_bool_t bus_connection_add_match_rule (DBusConnection *connection, BusMatchRule *rule); -@@ -129,7 +145,8 @@ BusTransaction* bus_transaction_new (BusContext * +@@ -135,7 +151,8 @@ BusTransaction* bus_transaction_new (BusContext * BusContext* bus_transaction_get_context (BusTransaction *transaction); dbus_bool_t bus_transaction_send (BusTransaction *transaction, DBusConnection *connection, - DBusMessage *message); + DBusMessage *message, + dbus_bool_t deferred_dispatch); - dbus_bool_t bus_transaction_send_from_driver (BusTransaction *transaction, + dbus_bool_t bus_transaction_capture (BusTransaction *transaction, DBusConnection *connection, DBusMessage *message); diff --git a/bus/dispatch.c b/bus/dispatch.c -index 6b0eadc..9972e76 100644 +index 7353501b..e32c9263 100644 --- a/bus/dispatch.c +++ b/bus/dispatch.c -@@ -33,8 +33,10 @@ +@@ -33,6 +33,7 @@ #include "utils.h" #include "bus.h" #include "signals.h" +#include "dispatch.h" #include "test.h" #include <dbus/dbus-internals.h> -+#include <dbus/dbus-connection-internal.h> - #include <dbus/dbus-misc.h> - #include <string.h> - -@@ -63,16 +65,26 @@ send_one_message (DBusConnection *connection, - result = bus_context_check_security_policy (context, transaction, sender, addressed_recipient, - connection, message, NULL, &deferred_message); - + #include <dbus/dbus-connection-internal.h> +@@ -76,7 +77,7 @@ send_one_message (DBusConnection *connection, + message, + &stack_error, + &deferred_message); - if (result != BUS_RESULT_TRUE) + if (result == BUS_RESULT_FALSE) - return TRUE; /* silently don't send it */ - - if (dbus_message_contains_unix_fds(message) && - !dbus_connection_can_send_type(connection, DBUS_TYPE_UNIX_FD)) - return TRUE; /* silently don't send it */ + { + if (!bus_transaction_capture_error_reply (transaction, &stack_error, + message)) +@@ -111,9 +112,19 @@ send_one_message (DBusConnection *connection, + return TRUE; /* don't send it but don't return an error either */ + } + if (result == BUS_RESULT_LATER) + { @@ -861,7 +880,7 @@ index 6b0eadc..9972e76 100644 { BUS_SET_OOM (error); return FALSE; -@@ -82,11 +94,12 @@ send_one_message (DBusConnection *connection, +@@ -123,11 +134,12 @@ send_one_message (DBusConnection *connection, } BusResult @@ -879,7 +898,7 @@ index 6b0eadc..9972e76 100644 { DBusError tmp_error; BusConnections *connections; -@@ -110,17 +123,78 @@ bus_dispatch_matches (BusTransaction *transaction, +@@ -151,17 +163,78 @@ bus_dispatch_matches (BusTransaction *transaction, /* First, send the message to the addressed_recipient, if there is one. */ if (addressed_recipient != NULL) { @@ -966,7 +985,7 @@ index 6b0eadc..9972e76 100644 status = bus_deferred_message_get_status(deferred_message); if (status & BUS_DEFERRED_MESSAGE_CHECK_SEND) -@@ -131,13 +205,18 @@ bus_dispatch_matches (BusTransaction *transaction, +@@ -172,13 +245,18 @@ bus_dispatch_matches (BusTransaction *transaction, } else if (status & BUS_DEFERRED_MESSAGE_CHECK_RECEIVE) { @@ -989,7 +1008,7 @@ index 6b0eadc..9972e76 100644 return BUS_RESULT_FALSE; } } -@@ -154,7 +233,8 @@ bus_dispatch_matches (BusTransaction *transaction, +@@ -195,7 +273,8 @@ bus_dispatch_matches (BusTransaction *transaction, } /* Dispatch the message */ @@ -999,7 +1018,7 @@ index 6b0eadc..9972e76 100644 { BUS_SET_OOM (error); return BUS_RESULT_FALSE; -@@ -385,7 +465,7 @@ bus_dispatch (DBusConnection *connection, +@@ -495,7 +574,7 @@ bus_dispatch (DBusConnection *connection, * match rules. */ if (BUS_RESULT_LATER == bus_dispatch_matches (transaction, connection, addressed_recipient, @@ -1009,7 +1028,7 @@ index 6b0eadc..9972e76 100644 /* Roll back and dispatch the message once the policy result is available */ bus_transaction_cancel_and_free (transaction); diff --git a/bus/dispatch.h b/bus/dispatch.h -index afba6a2..f6102e8 100644 +index afba6a24..f6102e80 100644 --- a/bus/dispatch.h +++ b/bus/dispatch.h @@ -29,10 +29,11 @@ @@ -1030,20 +1049,20 @@ index afba6a2..f6102e8 100644 #endif /* BUS_DISPATCH_H */ diff --git a/bus/driver.c b/bus/driver.c -index 4dbce3d..2fb1385 100644 +index a5823d4d..5acdd62a 100644 --- a/bus/driver.c +++ b/bus/driver.c -@@ -130,7 +130,7 @@ bus_driver_send_service_owner_changed (const char *service_name, - - _dbus_assert (dbus_message_has_signature (message, "sss")); +@@ -261,7 +261,7 @@ bus_driver_send_service_owner_changed (const char *service_name, + if (!bus_transaction_capture (transaction, NULL, message)) + goto oom; - res = bus_dispatch_matches (transaction, NULL, NULL, message, error); + res = bus_dispatch_matches (transaction, NULL, NULL, message, NULL, error); if (res == BUS_RESULT_TRUE) retval = TRUE; - else if (res == BUS_RESULT_FALSE) + else diff --git a/bus/policy.c b/bus/policy.c -index ec888df..448147f 100644 +index bcade176..47bd1a24 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -1071,6 +1071,9 @@ bus_client_policy_check_can_send (DBusConnection *sender, @@ -1067,5 +1086,5 @@ index ec888df..448147f 100644 else privilege = NULL; -- -2.1.4 +2.14.3 diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0007-Add-own-rule-result-unavailability-handling.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0004-Add-own-rule-result-unavailability-handling.patch index e1b1e62f1..1086f5b12 100644 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0007-Add-own-rule-result-unavailability-handling.patch +++ b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0004-Add-own-rule-result-unavailability-handling.patch @@ -1,7 +1,10 @@ -From 35ef89cd6777ea2430077fc621d21bd01df92349 Mon Sep 17 00:00:00 2001 +From 5bf7f759a738a451ea70732731d9a1b3e064353b Mon Sep 17 00:00:00 2001 From: Jacek Bukarewicz <j.bukarewicz@samsung.com> Date: Thu, 27 Nov 2014 11:26:21 +0100 -Subject: [PATCH 7/8] Add own rule result unavailability handling +Subject: [PATCH 4/5] Add own rule result unavailability handling +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit Own rule result unavailability is handled like send rules - dispatching messages from the sender is blocked and resumed when result becomes @@ -13,22 +16,27 @@ Since bus message handlers are put into function pointer array other message handler function singatures are also affected. Change-Id: I4c2cbd4585e41fccd8a30f825a8f0d342ab56755 + +Cherry-picked from 35ef89cd6777ea2430077fc621d21bd01df92349 by Jose.bollo + +Signed-off-by: José Bollo <jose.bollo@iot.bzh> --- bus/dispatch.c | 11 ++- - bus/driver.c | 227 ++++++++++++++++++++++++++++++--------------------------- + bus/driver.c | 259 ++++++++++++++++++++++++++++++--------------------------- bus/driver.h | 2 +- - bus/policy.c | 51 ++++++++++--- + bus/policy.c | 51 +++++++++--- bus/policy.h | 6 +- - bus/services.c | 26 +++++-- + bus/services.c | 26 ++++-- bus/services.h | 3 +- - bus/stats.c | 16 ++-- - 8 files changed, 204 insertions(+), 138 deletions(-) + bus/stats.c | 28 +++---- + bus/stats.h | 6 +- + 9 files changed, 229 insertions(+), 163 deletions(-) diff --git a/bus/dispatch.c b/bus/dispatch.c -index 9972e76..d3b970f 100644 +index e32c9263..4d57c556 100644 --- a/bus/dispatch.c +++ b/bus/dispatch.c -@@ -404,8 +404,17 @@ bus_dispatch (DBusConnection *connection, +@@ -513,8 +513,17 @@ bus_dispatch (DBusConnection *connection, } _dbus_verbose ("Giving message to %s\n", DBUS_SERVICE_DBUS); @@ -48,10 +56,10 @@ index 9972e76..d3b970f 100644 else if (!bus_connection_is_active (connection)) /* clients must talk to bus driver first */ { diff --git a/bus/driver.c b/bus/driver.c -index 2fb1385..9708f49 100644 +index 5acdd62a..bc4ce0b5 100644 --- a/bus/driver.c +++ b/bus/driver.c -@@ -297,7 +297,7 @@ create_unique_client_name (BusRegistry *registry, +@@ -427,7 +427,7 @@ create_unique_client_name (BusRegistry *registry, return TRUE; } @@ -60,7 +68,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_hello (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -305,7 +305,7 @@ bus_driver_handle_hello (DBusConnection *connection, +@@ -435,7 +435,7 @@ bus_driver_handle_hello (DBusConnection *connection, { DBusString unique_name; BusService *service; @@ -69,7 +77,7 @@ index 2fb1385..9708f49 100644 BusRegistry *registry; BusConnections *connections; -@@ -316,7 +316,7 @@ bus_driver_handle_hello (DBusConnection *connection, +@@ -446,7 +446,7 @@ bus_driver_handle_hello (DBusConnection *connection, /* We already handled an Hello message for this connection. */ dbus_set_error (error, DBUS_ERROR_FAILED, "Already handled an Hello message"); @@ -78,7 +86,7 @@ index 2fb1385..9708f49 100644 } /* Note that when these limits are exceeded we don't disconnect the -@@ -330,16 +330,16 @@ bus_driver_handle_hello (DBusConnection *connection, +@@ -460,16 +460,16 @@ bus_driver_handle_hello (DBusConnection *connection, error)) { _DBUS_ASSERT_ERROR_IS_SET (error); @@ -98,7 +106,7 @@ index 2fb1385..9708f49 100644 registry = bus_connection_get_registry (connection); -@@ -372,7 +372,7 @@ bus_driver_handle_hello (DBusConnection *connection, +@@ -502,7 +502,7 @@ bus_driver_handle_hello (DBusConnection *connection, goto out_0; _dbus_assert (bus_connection_is_active (connection)); @@ -107,7 +115,7 @@ index 2fb1385..9708f49 100644 out_0: _dbus_string_free (&unique_name); -@@ -424,7 +424,7 @@ bus_driver_send_welcome_message (DBusConnection *connection, +@@ -554,7 +554,7 @@ bus_driver_send_welcome_message (DBusConnection *connection, } } @@ -116,7 +124,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_list_services (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -446,14 +446,14 @@ bus_driver_handle_list_services (DBusConnection *connection, +@@ -576,14 +576,14 @@ bus_driver_handle_list_services (DBusConnection *connection, if (reply == NULL) { BUS_SET_OOM (error); @@ -133,7 +141,7 @@ index 2fb1385..9708f49 100644 } dbus_message_iter_init_append (reply, &iter); -@@ -465,7 +465,7 @@ bus_driver_handle_list_services (DBusConnection *connection, +@@ -595,7 +595,7 @@ bus_driver_handle_list_services (DBusConnection *connection, dbus_free_string_array (services); dbus_message_unref (reply); BUS_SET_OOM (error); @@ -142,7 +150,7 @@ index 2fb1385..9708f49 100644 } { -@@ -477,7 +477,7 @@ bus_driver_handle_list_services (DBusConnection *connection, +@@ -607,7 +607,7 @@ bus_driver_handle_list_services (DBusConnection *connection, dbus_free_string_array (services); dbus_message_unref (reply); BUS_SET_OOM (error); @@ -151,7 +159,7 @@ index 2fb1385..9708f49 100644 } } -@@ -490,7 +490,7 @@ bus_driver_handle_list_services (DBusConnection *connection, +@@ -620,7 +620,7 @@ bus_driver_handle_list_services (DBusConnection *connection, dbus_free_string_array (services); dbus_message_unref (reply); BUS_SET_OOM (error); @@ -160,7 +168,7 @@ index 2fb1385..9708f49 100644 } ++i; } -@@ -501,23 +501,23 @@ bus_driver_handle_list_services (DBusConnection *connection, +@@ -631,23 +631,23 @@ bus_driver_handle_list_services (DBusConnection *connection, { dbus_message_unref (reply); BUS_SET_OOM (error); @@ -188,7 +196,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_list_activatable_services (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -539,14 +539,14 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, +@@ -669,14 +669,14 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, if (reply == NULL) { BUS_SET_OOM (error); @@ -205,7 +213,7 @@ index 2fb1385..9708f49 100644 } dbus_message_iter_init_append (reply, &iter); -@@ -558,7 +558,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, +@@ -688,7 +688,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, dbus_free_string_array (services); dbus_message_unref (reply); BUS_SET_OOM (error); @@ -214,7 +222,7 @@ index 2fb1385..9708f49 100644 } { -@@ -570,7 +570,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, +@@ -700,7 +700,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, dbus_free_string_array (services); dbus_message_unref (reply); BUS_SET_OOM (error); @@ -223,7 +231,7 @@ index 2fb1385..9708f49 100644 } } -@@ -583,7 +583,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, +@@ -713,7 +713,7 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, dbus_free_string_array (services); dbus_message_unref (reply); BUS_SET_OOM (error); @@ -232,7 +240,7 @@ index 2fb1385..9708f49 100644 } ++i; } -@@ -594,23 +594,23 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, +@@ -724,23 +724,23 @@ bus_driver_handle_list_activatable_services (DBusConnection *connection, { dbus_message_unref (reply); BUS_SET_OOM (error); @@ -260,7 +268,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_acquire_service (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -621,7 +621,8 @@ bus_driver_handle_acquire_service (DBusConnection *connection, +@@ -751,7 +751,8 @@ bus_driver_handle_acquire_service (DBusConnection *connection, const char *name; dbus_uint32_t service_reply; dbus_uint32_t flags; @@ -270,7 +278,7 @@ index 2fb1385..9708f49 100644 BusRegistry *registry; _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -632,20 +633,24 @@ bus_driver_handle_acquire_service (DBusConnection *connection, +@@ -762,20 +763,24 @@ bus_driver_handle_acquire_service (DBusConnection *connection, DBUS_TYPE_STRING, &name, DBUS_TYPE_UINT32, &flags, DBUS_TYPE_INVALID)) @@ -302,7 +310,7 @@ index 2fb1385..9708f49 100644 reply = dbus_message_new_method_return (message); if (reply == NULL) -@@ -666,7 +671,7 @@ bus_driver_handle_acquire_service (DBusConnection *connection, +@@ -796,7 +801,7 @@ bus_driver_handle_acquire_service (DBusConnection *connection, goto out; } @@ -311,7 +319,7 @@ index 2fb1385..9708f49 100644 out: if (reply) -@@ -674,7 +679,7 @@ bus_driver_handle_acquire_service (DBusConnection *connection, +@@ -804,7 +809,7 @@ bus_driver_handle_acquire_service (DBusConnection *connection, return retval; } @@ -320,7 +328,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_release_service (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -684,7 +689,7 @@ bus_driver_handle_release_service (DBusConnection *connection, +@@ -814,7 +819,7 @@ bus_driver_handle_release_service (DBusConnection *connection, DBusString service_name; const char *name; dbus_uint32_t service_reply; @@ -329,7 +337,7 @@ index 2fb1385..9708f49 100644 BusRegistry *registry; _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -694,11 +699,11 @@ bus_driver_handle_release_service (DBusConnection *connection, +@@ -824,11 +829,11 @@ bus_driver_handle_release_service (DBusConnection *connection, if (!dbus_message_get_args (message, error, DBUS_TYPE_STRING, &name, DBUS_TYPE_INVALID)) @@ -343,7 +351,7 @@ index 2fb1385..9708f49 100644 reply = NULL; _dbus_string_init_const (&service_name, name); -@@ -727,7 +732,7 @@ bus_driver_handle_release_service (DBusConnection *connection, +@@ -857,7 +862,7 @@ bus_driver_handle_release_service (DBusConnection *connection, goto out; } @@ -352,7 +360,7 @@ index 2fb1385..9708f49 100644 out: if (reply) -@@ -735,7 +740,7 @@ bus_driver_handle_release_service (DBusConnection *connection, +@@ -865,7 +870,7 @@ bus_driver_handle_release_service (DBusConnection *connection, return retval; } @@ -361,7 +369,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_service_exists (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -746,7 +751,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, +@@ -876,7 +881,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, BusService *service; dbus_bool_t service_exists; const char *name; @@ -370,7 +378,7 @@ index 2fb1385..9708f49 100644 BusRegistry *registry; _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -756,9 +761,9 @@ bus_driver_handle_service_exists (DBusConnection *connection, +@@ -886,9 +891,9 @@ bus_driver_handle_service_exists (DBusConnection *connection, if (!dbus_message_get_args (message, error, DBUS_TYPE_STRING, &name, DBUS_TYPE_INVALID)) @@ -382,7 +390,7 @@ index 2fb1385..9708f49 100644 if (strcmp (name, DBUS_SERVICE_DBUS) == 0) { -@@ -792,7 +797,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, +@@ -922,7 +927,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, goto out; } @@ -391,7 +399,7 @@ index 2fb1385..9708f49 100644 out: if (reply) -@@ -801,7 +806,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, +@@ -931,7 +936,7 @@ bus_driver_handle_service_exists (DBusConnection *connection, return retval; } @@ -400,7 +408,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_activate_service (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -809,7 +814,7 @@ bus_driver_handle_activate_service (DBusConnection *connection, +@@ -939,7 +944,7 @@ bus_driver_handle_activate_service (DBusConnection *connection, { dbus_uint32_t flags; const char *name; @@ -409,7 +417,7 @@ index 2fb1385..9708f49 100644 BusActivation *activation; _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -823,10 +828,10 @@ bus_driver_handle_activate_service (DBusConnection *connection, +@@ -953,10 +958,10 @@ bus_driver_handle_activate_service (DBusConnection *connection, { _DBUS_ASSERT_ERROR_IS_SET (error); _dbus_verbose ("No memory to get arguments to StartServiceByName\n"); @@ -422,7 +430,7 @@ index 2fb1385..9708f49 100644 if (!bus_activation_activate_service (activation, connection, transaction, FALSE, message, name, error)) -@@ -836,7 +841,7 @@ bus_driver_handle_activate_service (DBusConnection *connection, +@@ -966,7 +971,7 @@ bus_driver_handle_activate_service (DBusConnection *connection, goto out; } @@ -431,7 +439,7 @@ index 2fb1385..9708f49 100644 out: return retval; -@@ -872,13 +877,13 @@ send_ack_reply (DBusConnection *connection, +@@ -1068,13 +1073,13 @@ bus_driver_send_or_activate (BusTransaction *transaction, return TRUE; } @@ -445,18 +453,45 @@ index 2fb1385..9708f49 100644 - dbus_bool_t retval; + BusResult retval; BusActivation *activation; + BusContext *context; DBusMessageIter iter; - DBusMessageIter dict_iter; -@@ -939,7 +944,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, +@@ -1090,7 +1095,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + + if (!bus_driver_check_message_is_for_us (message, error)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + #ifdef DBUS_UNIX + { +@@ -1100,7 +1105,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, + */ + if (!bus_driver_check_caller_is_privileged (connection, transaction, + message, error)) +- return FALSE; ++ return BUS_RESULT_FALSE; + } + #endif + +@@ -1111,7 +1116,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, + "Cannot change activation environment " + "on a system bus."); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + + activation = bus_connection_get_activation (connection); +@@ -1125,7 +1130,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, dbus_message_iter_recurse (&iter, &dict_iter); - retval = FALSE; + retval = BUS_RESULT_FALSE; + systemd_message = NULL; /* Then loop through the sent dictionary, add the location of - * the environment keys and values to lists. The result will -@@ -1026,7 +1031,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, +@@ -1291,7 +1296,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, message, error)) goto out; @@ -464,8 +499,8 @@ index 2fb1385..9708f49 100644 + retval = BUS_RESULT_TRUE; out: - _dbus_list_clear (&keys); -@@ -1034,7 +1039,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, + if (systemd_message != NULL) +@@ -1301,7 +1306,7 @@ bus_driver_handle_update_activation_environment (DBusConnection *connection, return retval; } @@ -474,7 +509,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_add_match (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1093,16 +1098,16 @@ bus_driver_handle_add_match (DBusConnection *connection, +@@ -1367,16 +1372,16 @@ bus_driver_handle_add_match (DBusConnection *connection, bus_match_rule_unref (rule); @@ -494,7 +529,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_remove_match (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1146,16 +1151,16 @@ bus_driver_handle_remove_match (DBusConnection *connection, +@@ -1420,16 +1425,16 @@ bus_driver_handle_remove_match (DBusConnection *connection, bus_match_rule_unref (rule); @@ -514,7 +549,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_get_service_owner (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1225,7 +1230,7 @@ bus_driver_handle_get_service_owner (DBusConnection *connection, +@@ -1499,7 +1504,7 @@ bus_driver_handle_get_service_owner (DBusConnection *connection, dbus_message_unref (reply); @@ -523,7 +558,7 @@ index 2fb1385..9708f49 100644 oom: BUS_SET_OOM (error); -@@ -1234,10 +1239,10 @@ bus_driver_handle_get_service_owner (DBusConnection *connection, +@@ -1508,10 +1513,10 @@ bus_driver_handle_get_service_owner (DBusConnection *connection, _DBUS_ASSERT_ERROR_IS_SET (error); if (reply) dbus_message_unref (reply); @@ -536,7 +571,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_list_queued_owners (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1328,7 +1333,7 @@ bus_driver_handle_list_queued_owners (DBusConnection *connection, +@@ -1602,7 +1607,7 @@ bus_driver_handle_list_queued_owners (DBusConnection *connection, dbus_message_unref (reply); @@ -545,7 +580,7 @@ index 2fb1385..9708f49 100644 oom: BUS_SET_OOM (error); -@@ -1341,10 +1346,10 @@ bus_driver_handle_list_queued_owners (DBusConnection *connection, +@@ -1615,10 +1620,10 @@ bus_driver_handle_list_queued_owners (DBusConnection *connection, if (base_names) _dbus_list_clear (&base_names); @@ -558,7 +593,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_get_connection_unix_user (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1389,7 +1394,7 @@ bus_driver_handle_get_connection_unix_user (DBusConnection *connection, +@@ -1673,7 +1678,7 @@ bus_driver_handle_get_connection_unix_user (DBusConnection *connection, dbus_message_unref (reply); @@ -567,7 +602,7 @@ index 2fb1385..9708f49 100644 oom: BUS_SET_OOM (error); -@@ -1398,10 +1403,10 @@ bus_driver_handle_get_connection_unix_user (DBusConnection *connection, +@@ -1682,10 +1687,10 @@ bus_driver_handle_get_connection_unix_user (DBusConnection *connection, _DBUS_ASSERT_ERROR_IS_SET (error); if (reply) dbus_message_unref (reply); @@ -580,7 +615,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1446,7 +1451,7 @@ bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection, +@@ -1740,7 +1745,7 @@ bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection, dbus_message_unref (reply); @@ -589,7 +624,7 @@ index 2fb1385..9708f49 100644 oom: BUS_SET_OOM (error); -@@ -1455,10 +1460,10 @@ bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection, +@@ -1749,10 +1754,10 @@ bus_driver_handle_get_connection_unix_process_id (DBusConnection *connection, _DBUS_ASSERT_ERROR_IS_SET (error); if (reply) dbus_message_unref (reply); @@ -602,7 +637,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1502,7 +1507,7 @@ bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, +@@ -1803,7 +1808,7 @@ bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, dbus_message_unref (reply); @@ -611,7 +646,7 @@ index 2fb1385..9708f49 100644 oom: BUS_SET_OOM (error); -@@ -1511,10 +1516,10 @@ bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, +@@ -1812,10 +1817,10 @@ bus_driver_handle_get_adt_audit_session_data (DBusConnection *connection, _DBUS_ASSERT_ERROR_IS_SET (error); if (reply) dbus_message_unref (reply); @@ -624,7 +659,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_get_connection_selinux_security_context (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1556,7 +1561,7 @@ bus_driver_handle_get_connection_selinux_security_context (DBusConnection *conne +@@ -1863,7 +1868,7 @@ bus_driver_handle_get_connection_selinux_security_context (DBusConnection *conne dbus_message_unref (reply); @@ -633,7 +668,7 @@ index 2fb1385..9708f49 100644 oom: BUS_SET_OOM (error); -@@ -1565,10 +1570,10 @@ bus_driver_handle_get_connection_selinux_security_context (DBusConnection *conne +@@ -1872,10 +1877,10 @@ bus_driver_handle_get_connection_selinux_security_context (DBusConnection *conne _DBUS_ASSERT_ERROR_IS_SET (error); if (reply) dbus_message_unref (reply); @@ -646,7 +681,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_get_connection_credentials (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1645,7 +1650,7 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, +@@ -1987,7 +1992,7 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, dbus_message_unref (reply); @@ -655,7 +690,7 @@ index 2fb1385..9708f49 100644 oom: BUS_SET_OOM (error); -@@ -1659,10 +1664,10 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, +@@ -2001,10 +2006,10 @@ bus_driver_handle_get_connection_credentials (DBusConnection *connection, dbus_message_unref (reply); } @@ -668,7 +703,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_reload_config (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1687,7 +1692,7 @@ bus_driver_handle_reload_config (DBusConnection *connection, +@@ -2029,7 +2034,7 @@ bus_driver_handle_reload_config (DBusConnection *connection, goto oom; dbus_message_unref (reply); @@ -677,7 +712,7 @@ index 2fb1385..9708f49 100644 oom: BUS_SET_OOM (error); -@@ -1696,10 +1701,10 @@ bus_driver_handle_reload_config (DBusConnection *connection, +@@ -2038,11 +2043,11 @@ bus_driver_handle_reload_config (DBusConnection *connection, _DBUS_ASSERT_ERROR_IS_SET (error); if (reply) dbus_message_unref (reply); @@ -685,12 +720,58 @@ index 2fb1385..9708f49 100644 + return BUS_RESULT_FALSE; } + #ifdef DBUS_ENABLE_VERBOSE_MODE +-static dbus_bool_t ++static BusResult + bus_driver_handle_enable_verbose (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -2062,7 +2067,7 @@ bus_driver_handle_enable_verbose (DBusConnection *connection, + _dbus_set_verbose(TRUE); + + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + _DBUS_ASSERT_ERROR_IS_CLEAR (error); +@@ -2071,10 +2076,10 @@ bus_driver_handle_enable_verbose (DBusConnection *connection, + + if (reply) + dbus_message_unref (reply); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + +-static dbus_bool_t ++static BusResult + bus_driver_handle_disable_verbose (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -2094,7 +2099,7 @@ bus_driver_handle_disable_verbose (DBusConnection *connection, + _dbus_set_verbose(FALSE); + + dbus_message_unref (reply); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + _DBUS_ASSERT_ERROR_IS_CLEAR (error); +@@ -2103,11 +2108,11 @@ bus_driver_handle_disable_verbose (DBusConnection *connection, + + if (reply) + dbus_message_unref (reply); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + #endif + -static dbus_bool_t +static BusResult bus_driver_handle_get_id (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1715,7 +1720,7 @@ bus_driver_handle_get_id (DBusConnection *connection, +@@ -2123,7 +2128,7 @@ bus_driver_handle_get_id (DBusConnection *connection, if (!_dbus_string_init (&uuid)) { BUS_SET_OOM (error); @@ -699,7 +780,7 @@ index 2fb1385..9708f49 100644 } reply = NULL; -@@ -1741,7 +1746,7 @@ bus_driver_handle_get_id (DBusConnection *connection, +@@ -2149,7 +2154,7 @@ bus_driver_handle_get_id (DBusConnection *connection, _dbus_string_free (&uuid); dbus_message_unref (reply); @@ -708,7 +789,7 @@ index 2fb1385..9708f49 100644 oom: _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -1751,7 +1756,7 @@ bus_driver_handle_get_id (DBusConnection *connection, +@@ -2159,10 +2164,10 @@ bus_driver_handle_get_id (DBusConnection *connection, if (reply) dbus_message_unref (reply); _dbus_string_free (&uuid); @@ -716,8 +797,34 @@ index 2fb1385..9708f49 100644 + return BUS_RESULT_FALSE; } - typedef struct -@@ -1759,10 +1764,10 @@ typedef struct +-static dbus_bool_t ++static BusResult + bus_driver_handle_become_monitor (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -2178,7 +2183,7 @@ bus_driver_handle_become_monitor (DBusConnection *connection, + int i; + int n_match_rules; + dbus_uint32_t flags; +- dbus_bool_t ret = FALSE; ++ BusResult ret = BUS_RESULT_FALSE; + + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + +@@ -2258,10 +2263,10 @@ bus_driver_handle_become_monitor (DBusConnection *connection, + if (!bus_connection_be_monitor (connection, transaction, &rules, error)) + goto out; + +- ret = TRUE; ++ ret = BUS_RESULT_TRUE; + + out: +- if (ret) ++ if (ret == BUS_RESULT_TRUE) + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + else + _DBUS_ASSERT_ERROR_IS_SET (error); +@@ -2282,10 +2287,10 @@ typedef struct const char *name; const char *in_args; const char *out_args; @@ -732,7 +839,7 @@ index 2fb1385..9708f49 100644 } MessageHandler; /* For speed it might be useful to sort this in order of -@@ -1847,7 +1852,7 @@ static const MessageHandler dbus_message_handlers[] = { +@@ -2370,7 +2375,7 @@ static const MessageHandler dbus_message_handlers[] = { { NULL, NULL, NULL, NULL } }; @@ -741,7 +848,7 @@ index 2fb1385..9708f49 100644 BusTransaction *, DBusMessage *, DBusError *); static const MessageHandler introspectable_message_handlers[] = { -@@ -1973,7 +1978,7 @@ bus_driver_generate_introspect_string (DBusString *xml) +@@ -2514,7 +2519,7 @@ bus_driver_generate_introspect_string (DBusString *xml) return TRUE; } @@ -750,7 +857,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_introspect (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -1993,13 +1998,13 @@ bus_driver_handle_introspect (DBusConnection *connection, +@@ -2534,13 +2539,13 @@ bus_driver_handle_introspect (DBusConnection *connection, DBUS_TYPE_INVALID)) { _DBUS_ASSERT_ERROR_IS_SET (error); @@ -766,7 +873,7 @@ index 2fb1385..9708f49 100644 } if (!bus_driver_generate_introspect_string (&xml)) -@@ -2022,7 +2027,7 @@ bus_driver_handle_introspect (DBusConnection *connection, +@@ -2563,7 +2568,7 @@ bus_driver_handle_introspect (DBusConnection *connection, dbus_message_unref (reply); _dbus_string_free (&xml); @@ -775,7 +882,7 @@ index 2fb1385..9708f49 100644 oom: BUS_SET_OOM (error); -@@ -2032,7 +2037,7 @@ bus_driver_handle_introspect (DBusConnection *connection, +@@ -2573,7 +2578,7 @@ bus_driver_handle_introspect (DBusConnection *connection, _dbus_string_free (&xml); @@ -784,7 +891,7 @@ index 2fb1385..9708f49 100644 } /* -@@ -2067,7 +2072,7 @@ bus_driver_check_message_is_for_us (DBusMessage *message, +@@ -2608,7 +2613,7 @@ bus_driver_check_message_is_for_us (DBusMessage *message, return TRUE; } @@ -793,7 +900,7 @@ index 2fb1385..9708f49 100644 bus_driver_handle_message (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -2077,6 +2082,7 @@ bus_driver_handle_message (DBusConnection *connection, +@@ -2618,6 +2623,7 @@ bus_driver_handle_message (DBusConnection *connection, const InterfaceHandler *ih; const MessageHandler *mh; dbus_bool_t found_interface = FALSE; @@ -801,10 +908,32 @@ index 2fb1385..9708f49 100644 _DBUS_ASSERT_ERROR_IS_CLEAR (error); -@@ -2085,13 +2091,13 @@ bus_driver_handle_message (DBusConnection *connection, - BusContext *context; +@@ -2633,7 +2639,7 @@ bus_driver_handle_message (DBusConnection *connection, + transaction, + message, + error)) +- return FALSE; ++ return BUS_RESULT_FALSE; context = bus_connection_get_context (connection); + systemd = bus_driver_get_owner_of_name (connection, +@@ -2650,7 +2656,7 @@ bus_driver_handle_message (DBusConnection *connection, + attacker ? attacker : "(unauthenticated)", + bus_connection_get_loginfo (connection)); + /* ignore it */ +- return TRUE; ++ return BUS_RESULT_TRUE; + } + + if (!bus_context_get_systemd_activation (context)) +@@ -2658,16 +2664,16 @@ bus_driver_handle_message (DBusConnection *connection, + bus_context_log (context, DBUS_SYSTEM_LOG_WARNING, + "Ignoring unexpected ActivationFailure message " + "while not using systemd activation"); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + - return dbus_activation_systemd_failure(bus_context_get_activation(context), message); + return dbus_activation_systemd_failure(bus_context_get_activation(context), message) == TRUE ? BUS_RESULT_TRUE : BUS_RESULT_FALSE; } @@ -817,7 +946,7 @@ index 2fb1385..9708f49 100644 } /* may be NULL, which means "any interface will do" */ -@@ -2133,20 +2139,27 @@ bus_driver_handle_message (DBusConnection *connection, +@@ -2709,20 +2715,27 @@ bus_driver_handle_message (DBusConnection *connection, name, dbus_message_get_signature (message), mh->in_args); _DBUS_ASSERT_ERROR_IS_SET (error); @@ -850,7 +979,7 @@ index 2fb1385..9708f49 100644 } } } -@@ -2158,7 +2171,7 @@ bus_driver_handle_message (DBusConnection *connection, +@@ -2734,7 +2747,7 @@ bus_driver_handle_message (DBusConnection *connection, "%s does not understand message %s", DBUS_SERVICE_DBUS, name); @@ -860,7 +989,7 @@ index 2fb1385..9708f49 100644 void diff --git a/bus/driver.h b/bus/driver.h -index 201709c..3ff4ff1 100644 +index 201709c4..3ff4ff15 100644 --- a/bus/driver.h +++ b/bus/driver.h @@ -28,7 +28,7 @@ @@ -873,7 +1002,7 @@ index 201709c..3ff4ff1 100644 DBusMessage *message, DBusError *error); diff --git a/bus/policy.c b/bus/policy.c -index 448147f..3672ff9 100644 +index 47bd1a24..7244a46f 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -1323,18 +1323,21 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, @@ -958,12 +1087,12 @@ index 448147f..3672ff9 100644 const DBusString *service_name) { - return bus_rules_check_can_own (policy->default_rules, service_name); -+ return bus_rules_check_can_own (policy->default_rules, service_name, NULL, NULL); ++ return bus_rules_check_can_own (policy->default_rules, service_name, NULL, NULL) == BUS_RESULT_TRUE; } #endif /* DBUS_ENABLE_EMBEDDED_TESTS */ diff --git a/bus/policy.h b/bus/policy.h -index e9f193a..1f23431 100644 +index e9f193af..1f234310 100644 --- a/bus/policy.h +++ b/bus/policy.h @@ -170,8 +170,10 @@ BusResult bus_client_policy_check_can_receive (BusClientPolicy *polic @@ -980,10 +1109,10 @@ index e9f193a..1f23431 100644 BusPolicyRule *rule); void bus_client_policy_optimize (BusClientPolicy *policy); diff --git a/bus/services.c b/bus/services.c -index 584485b..f25fdf3 100644 +index 6a4c8848..fcc2d261 100644 --- a/bus/services.c +++ b/bus/services.c -@@ -374,24 +374,26 @@ bus_registry_list_services (BusRegistry *registry, +@@ -376,24 +376,26 @@ bus_registry_list_services (BusRegistry *registry, return FALSE; } @@ -1013,9 +1142,9 @@ index 584485b..f25fdf3 100644 if (!_dbus_validate_bus_name (service_name, 0, _dbus_string_get_length (service_name))) -@@ -459,7 +461,8 @@ bus_registry_acquire_service (BusRegistry *registry, - goto out; - } +@@ -466,7 +468,8 @@ bus_registry_acquire_service (BusRegistry *registry, + _dbus_string_get_const_data (service_name), error)) + goto out; - if (!bus_client_policy_check_can_own (policy, service_name)) + res = bus_client_policy_check_can_own (policy, service_name, connection, message); @@ -1023,7 +1152,7 @@ index 584485b..f25fdf3 100644 { dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, "Connection \"%s\" is not allowed to own the service \"%s\" due " -@@ -470,6 +473,11 @@ bus_registry_acquire_service (BusRegistry *registry, +@@ -477,6 +480,11 @@ bus_registry_acquire_service (BusRegistry *registry, _dbus_string_get_const_data (service_name)); goto out; } @@ -1035,7 +1164,7 @@ index 584485b..f25fdf3 100644 if (bus_connection_get_n_services_owned (connection) >= bus_context_get_max_services_per_connection (registry->context)) -@@ -586,11 +594,13 @@ bus_registry_acquire_service (BusRegistry *registry, +@@ -593,11 +601,13 @@ bus_registry_acquire_service (BusRegistry *registry, } activation = bus_context_get_activation (registry->context); @@ -1054,7 +1183,7 @@ index 584485b..f25fdf3 100644 out: return retval; diff --git a/bus/services.h b/bus/services.h -index 056dd9f..3df3dd7 100644 +index 056dd9fa..3df3dd7d 100644 --- a/bus/services.h +++ b/bus/services.h @@ -50,8 +50,9 @@ void bus_registry_foreach (BusRegistry *registry @@ -1069,10 +1198,10 @@ index 056dd9f..3df3dd7 100644 dbus_uint32_t flags, dbus_uint32_t *result, diff --git a/bus/stats.c b/bus/stats.c -index 20321e5..61dc428 100644 +index dace0e29..aab0e5c9 100644 --- a/bus/stats.c +++ b/bus/stats.c -@@ -35,7 +35,7 @@ +@@ -36,7 +36,7 @@ #ifdef DBUS_ENABLE_STATS @@ -1081,7 +1210,16 @@ index 20321e5..61dc428 100644 bus_stats_handle_get_stats (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, -@@ -106,17 +106,17 @@ bus_stats_handle_get_stats (DBusConnection *connection, +@@ -52,7 +52,7 @@ bus_stats_handle_get_stats (DBusConnection *connection, + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + + if (!bus_driver_check_message_is_for_us (message, error)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + context = bus_transaction_get_context (transaction); + connections = bus_context_get_connections (context); +@@ -107,17 +107,17 @@ bus_stats_handle_get_stats (DBusConnection *connection, goto oom; dbus_message_unref (reply); @@ -1102,7 +1240,15 @@ index 20321e5..61dc428 100644 bus_stats_handle_get_connection_stats (DBusConnection *caller_connection, BusTransaction *transaction, DBusMessage *message, -@@ -143,7 +143,7 @@ bus_stats_handle_get_connection_stats (DBusConnection *caller_connection, +@@ -137,14 +137,14 @@ bus_stats_handle_get_connection_stats (DBusConnection *caller_connection, + _DBUS_ASSERT_ERROR_IS_CLEAR (error); + + if (!bus_driver_check_message_is_for_us (message, error)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + registry = bus_connection_get_registry (caller_connection); + if (! dbus_message_get_args (message, error, DBUS_TYPE_STRING, &bus_name, DBUS_TYPE_INVALID)) @@ -1111,7 +1257,7 @@ index 20321e5..61dc428 100644 _dbus_string_init_const (&bus_name_str, bus_name); service = bus_registry_lookup (registry, &bus_name_str); -@@ -152,7 +152,7 @@ bus_stats_handle_get_connection_stats (DBusConnection *caller_connection, +@@ -153,7 +153,7 @@ bus_stats_handle_get_connection_stats (DBusConnection *caller_connection, { dbus_set_error (error, DBUS_ERROR_NAME_HAS_NO_OWNER, "Bus name '%s' has no owner", bus_name); @@ -1120,7 +1266,7 @@ index 20321e5..61dc428 100644 } stats_connection = bus_service_get_primary_owners_connection (service); -@@ -214,14 +214,14 @@ bus_stats_handle_get_connection_stats (DBusConnection *caller_connection, +@@ -215,18 +215,18 @@ bus_stats_handle_get_connection_stats (DBusConnection *caller_connection, goto oom; dbus_message_unref (reply); @@ -1136,7 +1282,64 @@ index 20321e5..61dc428 100644 + return BUS_RESULT_FALSE; } + +-dbus_bool_t ++BusResult + bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, + BusTransaction *transaction, + DBusMessage *message, +@@ -250,7 +250,7 @@ bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, + matchmaker = bus_context_get_matchmaker (context); + + if (!bus_registry_list_services (registry, &services, &services_len)) +- return FALSE; ++ return BUS_RESULT_FALSE; + + reply = dbus_message_new_method_return (message); + if (reply == NULL) +@@ -329,7 +329,7 @@ bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, + + dbus_message_unref (reply); + dbus_free_string_array (services); +- return TRUE; ++ return BUS_RESULT_TRUE; + + oom: + if (reply != NULL) +@@ -338,7 +338,7 @@ oom: + dbus_free_string_array (services); + + BUS_SET_OOM (error); +- return FALSE; ++ return BUS_RESULT_FALSE; + } + #endif +diff --git a/bus/stats.h b/bus/stats.h +index dcb022c4..683fa175 100644 +--- a/bus/stats.h ++++ b/bus/stats.h +@@ -25,17 +25,17 @@ + + #define BUS_INTERFACE_STATS "org.freedesktop.DBus.Debug.Stats" + +-dbus_bool_t bus_stats_handle_get_stats (DBusConnection *connection, ++BusResult bus_stats_handle_get_stats (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); + +-dbus_bool_t bus_stats_handle_get_connection_stats (DBusConnection *connection, ++BusResult bus_stats_handle_get_connection_stats (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); + +-dbus_bool_t bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, ++BusResult bus_stats_handle_get_all_match_rules (DBusConnection *caller_connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); -- -2.1.4 +2.14.3 diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/Perform-Cynara-runtime-policy-checks-by-default.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch index e573fb3b3..d30b2dbf8 100644 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/Perform-Cynara-runtime-policy-checks-by-default.patch +++ b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0005-Perform-Cynara-runtime-policy-checks-by-default.patch @@ -1,7 +1,10 @@ -From e8610297cf7031e94eb314a2e8c11246f4405403 Mon Sep 17 00:00:00 2001 +From 92a373a6dbb1c7cd7c9824167aac232f3e0daebd Mon Sep 17 00:00:00 2001 From: Jacek Bukarewicz <j.bukarewicz@samsung.com> Date: Tue, 23 Jun 2015 11:08:48 +0200 -Subject: [PATCH] Perform Cynara runtime policy checks by default +Subject: [PATCH 5/5] Perform Cynara runtime policy checks by default +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit This change introduces http://tizen.org/privilege/internal/dbus privilege which is supposed to be available only to trusted system resources. @@ -21,16 +24,19 @@ own security policy. Change-Id: Ifb4a160bf6e0638404e0295a2e4fa3077efd881c Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com> + +Cherry picked from e8610297cf7031e94eb314a2e8c11246f4405403 by Jose Bollo +Signed-off-by: José Bollo <jose.bollo@iot.bzh> --- bus/session.conf.in | 32 ++++++++++++++++++++++++++------ - bus/system.conf.in | 22 ++++++++++++++++------ - 2 files changed, 42 insertions(+), 12 deletions(-) + bus/system.conf.in | 19 +++++++++++++++---- + 2 files changed, 41 insertions(+), 10 deletions(-) diff --git a/bus/session.conf.in b/bus/session.conf.in -index 74d9d1f..fa5c232 100644 +index affa7f1d..157dfb4d 100644 --- a/bus/session.conf.in +++ b/bus/session.conf.in -@@ -17,12 +17,32 @@ +@@ -27,12 +27,32 @@ <standard_session_servicedirs /> <policy context="default"> @@ -68,12 +74,12 @@ index 74d9d1f..fa5c232 100644 + send_member="UpdateActivationEnvironment"/> </policy> - <!-- Config files are placed here that among other things, + <!-- Include legacy configuration location --> diff --git a/bus/system.conf.in b/bus/system.conf.in -index 92f4cc4..dd16947 100644 +index 014f67ee..ebbd468a 100644 --- a/bus/system.conf.in +++ b/bus/system.conf.in -@@ -50,21 +50,31 @@ +@@ -50,23 +50,34 @@ <deny own="*"/> <deny send_type="method_call"/> @@ -96,21 +102,22 @@ index 92f4cc4..dd16947 100644 <allow receive_type="error"/> - <allow receive_type="signal"/> -- <!-- Allow anyone to talk to the message bus --> + <!-- Allow anyone to talk to the message bus --> + <allow send_destination="org.freedesktop.DBus" + send_interface="org.freedesktop.DBus" /> + <allow send_destination="org.freedesktop.DBus" + send_interface="org.freedesktop.DBus.Introspectable"/> + <!-- If there is a need specific bus services could be protected by Cynara as well. + However, this can lead to deadlock during the boot process when such check is made and + Cynara is not yet activated (systemd calls protected method synchronously, + dbus daemon tries to consult Cynara, Cynara waits for systemd activation). + Therefore it is advised to allow root processes to use bus services. + Currently anyone is allowed to talk to the message bus --> - <allow send_destination="org.freedesktop.DBus"/> -- <!-- But disallow some specific bus services --> + <allow receive_sender="org.freedesktop.DBus"/> + -+ <!-- Disallow some specific bus services --> + <!-- But disallow some specific bus services --> <deny send_destination="org.freedesktop.DBus" send_interface="org.freedesktop.DBus" - send_member="UpdateActivationEnvironment"/> -- -2.1.4 +2.14.3 diff --git a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0008-Add-GetConnectionSmackContext-D-Bus-daemon-method.patch b/meta-security/recipes-core/dbus-cynara/dbus-cynara/0008-Add-GetConnectionSmackContext-D-Bus-daemon-method.patch deleted file mode 100644 index 43a1ef658..000000000 --- a/meta-security/recipes-core/dbus-cynara/dbus-cynara/0008-Add-GetConnectionSmackContext-D-Bus-daemon-method.patch +++ /dev/null @@ -1,99 +0,0 @@ -From 6c9997fb1cdff4281166e8c2fb8276018b1025dd Mon Sep 17 00:00:00 2001 -From: Jacek Bukarewicz <j.bukarewicz@samsung.com> -Date: Mon, 15 Jun 2015 11:46:47 +0200 -Subject: [PATCH 8/8] Add "GetConnectionSmackContext" D-Bus daemon method - -This method is used to obtain smack label of given D-Bus client. -Note that it is deprecated and is included only for compatilibity with -existing D-Bus users. GetConnectionCredentials should be used to obtain -client's credentials. - -Change-Id: Idf9648032ca5cbd9605ffab055e6384baa4eb9b4 ---- - bus/driver.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 63 insertions(+) - -diff --git a/bus/driver.c b/bus/driver.c -index 9708f49..4e76224 100644 ---- a/bus/driver.c -+++ b/bus/driver.c -@@ -1759,6 +1759,65 @@ bus_driver_handle_get_id (DBusConnection *connection, - return BUS_RESULT_FALSE; - } - -+static BusResult -+bus_driver_handle_get_connection_smack_context (DBusConnection *connection, -+ BusTransaction *transaction, -+ DBusMessage *message, -+ DBusError *error) -+{ -+ DBusConnection *conn; -+ DBusMessage *reply = NULL; -+ char *label = NULL; -+ const char *service; -+ -+ _DBUS_ASSERT_ERROR_IS_CLEAR (error); -+ -+ conn = bus_driver_get_conn_helper (connection, message, "credentials", -+ &service, error); -+ if (conn == NULL) -+ goto err; -+ -+ reply = dbus_message_new_method_return (message); -+ if (reply == NULL) -+ goto oom; -+ -+ if (!_dbus_connection_get_linux_security_label (conn, &label)) -+ { -+ dbus_set_error (error, DBUS_ERROR_FAILED, -+ "Failed to get smack label of connection", -+ conn); -+ goto err; -+ } -+ -+ if (label == NULL) -+ goto oom; -+ -+ if (!dbus_message_append_args (reply, -+ DBUS_TYPE_STRING, &label, -+ DBUS_TYPE_INVALID)) -+ goto oom; -+ -+ if (!bus_transaction_send_from_driver (transaction, connection, reply)) -+ goto oom; -+ -+ dbus_message_unref (reply); -+ dbus_free(label); -+ -+ return BUS_RESULT_TRUE; -+ -+oom: -+ BUS_SET_OOM (error); -+ -+err: -+ if (reply != NULL) -+ dbus_message_unref (reply); -+ -+ dbus_free(label); -+ -+ return BUS_RESULT_FALSE; -+} -+ -+ - typedef struct - { - const char *name; -@@ -1849,6 +1908,10 @@ static const MessageHandler dbus_message_handlers[] = { - bus_driver_handle_get_id }, - { "GetConnectionCredentials", "s", "a{sv}", - bus_driver_handle_get_connection_credentials }, -+ { "GetConnectionSmackContext", /* deprecated - you should use GetConnectionCredentials instead */ -+ DBUS_TYPE_STRING_AS_STRING, -+ DBUS_TYPE_STRING_AS_STRING, -+ bus_driver_handle_get_connection_smack_context }, - { NULL, NULL, NULL, NULL } - }; - --- -2.1.4 - |