diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-02-13 17:32:38 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2015-02-16 15:03:44 +0100 |
| commit | 2ac7c17f9d8eeb403b91ee5a389562edaf47fb87 (patch) | |
| tree | 3b55981e7648c1b58aaf6d656e28003c53c3497c | |
| parent | 38ab096869ad6bb39a9ef9a012abfb42ea62cd93 (diff) | |
| download | systemd-2ac7c17f9d8eeb403b91ee5a389562edaf47fb87.tar.gz | |
Revert "Revert "sd-bus: change serialization of kdbus messages to qualify in their entirety as gvariant objects""
This reverts commit 954871d8ba15911d014f76ed2c7a9492953cf39d.
| -rw-r--r-- | src/libsystemd/sd-bus/DIFFERENCES | 7 | ||||
| -rw-r--r-- | src/libsystemd/sd-bus/GVARIANT-SERIALIZATION | 79 | ||||
| -rw-r--r-- | src/libsystemd/sd-bus/bus-gvariant.c | 60 | ||||
| -rw-r--r-- | src/libsystemd/sd-bus/bus-gvariant.h | 4 | ||||
| -rw-r--r-- | src/libsystemd/sd-bus/bus-kernel.c | 65 | ||||
| -rw-r--r-- | src/libsystemd/sd-bus/bus-message.c | 656 | ||||
| -rw-r--r-- | src/libsystemd/sd-bus/bus-message.h | 47 | ||||
| -rw-r--r-- | src/libsystemd/sd-bus/bus-protocol.h | 35 | ||||
| -rw-r--r-- | src/libsystemd/sd-bus/test-bus-gvariant.c | 24 |
9 files changed, 656 insertions, 321 deletions
diff --git a/src/libsystemd/sd-bus/DIFFERENCES b/src/libsystemd/sd-bus/DIFFERENCES index fd7506b993..db269675a7 100644 --- a/src/libsystemd/sd-bus/DIFFERENCES +++ b/src/libsystemd/sd-bus/DIFFERENCES @@ -18,11 +18,8 @@ Known differences between dbus1 and kdbus: - Serial numbers of synthesized messages are always (uint32_t) -1. -- The org.freedesktop.DBus "driver" service is not special on - kdbus. It is a bus activated service like any other with its own - unique name. - - NameOwnerChanged is a synthetic message, generated locally and not - by the driver. + by the driver. On dbus1 only the Disconnected message was + synthesized like this. - There's no standard per-session bus anymore. Only a per-user bus. diff --git a/src/libsystemd/sd-bus/GVARIANT-SERIALIZATION b/src/libsystemd/sd-bus/GVARIANT-SERIALIZATION index 5dffc25bb3..859e2715f9 100644 --- a/src/libsystemd/sd-bus/GVARIANT-SERIALIZATION +++ b/src/libsystemd/sd-bus/GVARIANT-SERIALIZATION @@ -1,8 +1,9 @@ How we use GVariant for serializing D-Bus messages -------------------------------------------------- -We stay as close to the original dbus1 framing as possible. dbus1 has -the following framing: +We stay close to the original dbus1 framing as possible, but make +certain changes to adapt for GVariant. dbus1 has the following +framing: 1. A fixed header of "yyyyuu" 2. Additional header fields of "a(yv)" @@ -20,40 +21,86 @@ The header consists of the following: y Flags y Protocol version, '1' u Length of the body, i.e. the length of part 4 above - u Serial number + u 32bit Serial number = 12 bytes +This header is then followed by the the fields array, whose first +value is a 32bit array size. + When using GVariant we keep the basic structure in place, only -slightly extend the header, and define protocol version '2'. The new +slightly alter the header, and define protocol version '2'. The new header: y Endianness, 'l' or 'B' y Message Type y Flags y Protocol version, '2' - u Length of the body, i.e. the length of part 4 above - u Serial number - u Length of the additional header fields array + u Reserved, must be 0 + t 64bit Cookie = 16 bytes -This has the nice benefit that the beginning of the additional header -fields array is aligned to an 8 byte boundary. Also, in dbus1 -marshalling arrays start with a length value of 32bit, which means in -both dbus1 and gvariant marshallings the size of the header fields -array will be at the same location between bytes 12 and 16. To -visualize that: +This is then followed by the GVariant fields array ("a{tv}"), and +finally the actual body as variant (v). Putting this altogether a +packet on dbus2 hence qualifies as a fully compliant GVariant +structure of (yyyyuta{tv}v). + +For details on gvariant, see: + +https://people.gnome.org/~desrt/gvariant-serialisation.pdf + +Regarding the framing of dbus2, also see: + +https://wiki.gnome.org/Projects/GLib/GDBus/Version2 + +The first four bytes of the header are defined the same way for dbus1 +and dbus2. The first bytes contain the endianess field and the +protocol version, so that the remainder of the message can be safely +made sense of just by looking at the first 32bit. + +Note that the length of the body is no longer included in the header +on dbus2! In fact, the message size must be known in advance, from the +underlying transport in order to parse dbus2 messages, while it is +directly included in dbus1 message headers. This change of semantics +is an effect of GVariant's basic design. + +The serial number has been renamed cookie and has been extended from +32bit to 64bit. It is recommended to avoid the higher 32bit of the +cookie field though, to simplify compatibility with dbus1 peers. Note +that not only the cookie/serial field in the fixed header, but also +the reply_cookie/reply_serial additional header field has been +increased from 32bit to 64bit, too! + +The header field identifiers have been extended from 8bit to +64bit. This has been done to simplify things (as kdbus otherwise uses +exclusively 64bit types, unless there is a strong reason not to), and +has no effect on the serialization size, as due to alignment for each +8bit header field identifier 56 bits of padding had to be added. + +Note that the header size changed, due to these changes. However, +consider that on dbus1 the beginning of the fields array contains the +32bit array size (since that is how arrays are encoded on dbus1), +thus, if one considers that size part of the header, instead of the +array, the size of the header on dbus1 and dbus2 stays identical, at +16 bytes. 0 4 8 12 16 - Common: | E | T | F | V | Body Length | Serial | Fields Length | + Common: | E | T | F | V | ... - dbus1: | ... (as above) ... | Fields array ... + dbus1: | (as above) | Body Length | Serial | Fields Length | Fields array ... - gvariant: | ... (as above) ... | Fields Length | Fields array ... + gvariant: | (as above) | Reserved | Cookie | Fields array ... And that's already it. +Note: to simplify parsing, valid kdbus/dbus2 messages must include the +entire fixed header and additional header fields in a single non-memfd +message part. Also, the signature string of the body variant all the +way to the end of the message must be in a single non-memfd part +too. The parts for this extended header and footer can be the same +one, and can also continue any amount of additional body bytes. + Note: on kdbus only native endian messages marshalled in gvariant may be sent. If a client receives a message in non-native endianness or in dbus1 marshalling it shall ignore the message. diff --git a/src/libsystemd/sd-bus/bus-gvariant.c b/src/libsystemd/sd-bus/bus-gvariant.c index dc40009925..02b95cd136 100644 --- a/src/libsystemd/sd-bus/bus-gvariant.c +++ b/src/libsystemd/sd-bus/bus-gvariant.c @@ -247,3 +247,63 @@ int bus_gvariant_is_fixed_size(const char *signature) { return true; } + +size_t bus_gvariant_determine_word_size(size_t sz, size_t extra) { + if (sz + extra <= 0xFF) + return 1; + else if (sz + extra*2 <= 0xFFFF) + return 2; + else if (sz + extra*4 <= 0xFFFFFFFF) + return 4; + else + return 8; +} + +size_t bus_gvariant_read_word_le(void *p, size_t sz) { + union { + uint16_t u16; + uint32_t u32; + uint64_t u64; + } x; + + assert(p); + + if (sz == 1) + return *(uint8_t*) p; + + memcpy(&x, p, sz); + + if (sz == 2) + return le16toh(x.u16); + else if (sz == 4) + return le32toh(x.u32); + else if (sz == 8) + return le64toh(x.u64); + + assert_not_reached("unknown word width"); +} + +void bus_gvariant_write_word_le(void *p, size_t sz, size_t value) { + union { + uint16_t u16; + uint32_t u32; + uint64_t u64; + } x; + + assert(p); + assert(sz == 8 || (value < (1ULL << (sz*8)))); + + if (sz == 1) { + *(uint8_t*) p = value; + return; + } else if (sz == 2) + x.u16 = htole16((uint16_t) value); + else if (sz == 4) + x.u32 = htole32((uint32_t) value); + else if (sz == 8) + x.u64 = htole64((uint64_t) value); + else + assert_not_reached("unknown word width"); + + memcpy(p, &x, sz); +} diff --git a/src/libsystemd/sd-bus/bus-gvariant.h b/src/libsystemd/sd-bus/bus-gvariant.h index fdf533591b..875d34b59b 100644 --- a/src/libsystemd/sd-bus/bus-gvariant.h +++ b/src/libsystemd/sd-bus/bus-gvariant.h @@ -26,3 +26,7 @@ int bus_gvariant_get_size(const char *signature) _pure_; int bus_gvariant_get_alignment(const char *signature) _pure_; int bus_gvariant_is_fixed_size(const char *signature) _pure_; + +size_t bus_gvariant_determine_word_size(size_t sz, size_t extra); +void bus_gvariant_write_word_le(void *p, size_t sz, size_t value); +size_t bus_gvariant_read_word_le(void *p, size_t sz); diff --git a/src/libsystemd/sd-bus/bus-kernel.c b/src/libsystemd/sd-bus/bus-kernel.c index bdc770600b..f6ef868e72 100644 --- a/src/libsystemd/sd-bus/bus-kernel.c +++ b/src/libsystemd/sd-bus/bus-kernel.c @@ -314,7 +314,7 @@ static int bus_message_setup_kmsg(sd_bus *b, sd_bus_message *m) { m->kdbus->dst_id = destination ? unique : KDBUS_DST_ID_BROADCAST; m->kdbus->payload_type = KDBUS_PAYLOAD_DBUS; - m->kdbus->cookie = (uint64_t) m->header->serial; + m->kdbus->cookie = m->header->dbus2.cookie; m->kdbus->priority = m->priority; if (m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED) @@ -416,9 +416,12 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { struct kdbus_item *d; unsigned n_fds = 0; _cleanup_free_ int *fds = NULL; - struct bus_header *h = NULL; - size_t total, n_bytes = 0, idx = 0; + struct bus_header *header = NULL; + void *footer = NULL; + size_t header_size = 0, footer_size = 0; + size_t n_bytes = 0, idx = 0; const char *destination = NULL, *seclabel = NULL; + bool last_was_memfd = false; int r; assert(bus); @@ -433,21 +436,24 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { switch (d->type) { case KDBUS_ITEM_PAYLOAD_OFF: - if (!h) { - h = (struct bus_header *)((uint8_t *)k + d->vec.offset); - - if (!bus_header_is_complete(h, d->vec.size)) - return -EBADMSG; + if (!header) { + header = (struct bus_header*)((uint8_t*) k + d->vec.offset); + header_size = d->vec.size; } + footer = (uint8_t*) k + d->vec.offset; + footer_size = d->vec.size; + n_bytes += d->vec.size; + last_was_memfd = false; break; case KDBUS_ITEM_PAYLOAD_MEMFD: - if (!h) + if (!header) /* memfd cannot be first part */ return -EBADMSG; n_bytes += d->memfd.size; + last_was_memfd = true; break; case KDBUS_ITEM_FDS: { @@ -471,23 +477,29 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { } } - if (!h) + if (last_was_memfd) /* memfd cannot be last part */ return -EBADMSG; - r = bus_header_message_size(h, &total); - if (r < 0) - return r; + if (!header) + return -EBADMSG; - if (n_bytes != total) + if (header_size < sizeof(struct bus_header)) return -EBADMSG; /* on kdbus we only speak native endian gvariant, never dbus1 * marshalling or reverse endian */ - if (h->version != 2 || - h->endian != BUS_NATIVE_ENDIAN) + if (header->version != 2 || + header->endian != BUS_NATIVE_ENDIAN) return -EPROTOTYPE; - r = bus_message_from_header(bus, h, sizeof(struct bus_header), fds, n_fds, NULL, seclabel, 0, &m); + r = bus_message_from_header( + bus, + header, header_size, + footer, footer_size, + n_bytes, + fds, n_fds, + NULL, + seclabel, 0, &m); if (r < 0) return r; @@ -526,11 +538,11 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { if (idx >= begin_body) { if (!part->is_zero) - part->data = (uint8_t *)k + d->vec.offset; + part->data = (uint8_t* )k + d->vec.offset; part->size = d->vec.size; } else { if (!part->is_zero) - part->data = (uint8_t *)k + d->vec.offset + (begin_body - idx); + part->data = (uint8_t*) k + d->vec.offset + (begin_body - idx); part->size = d->vec.size - (begin_body - idx); } @@ -567,10 +579,11 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { case KDBUS_ITEM_PIDS: /* The PID/TID might be missing, when the data - * is faked by some data bus proxy and it - * lacks that information about the real - * client since SO_PEERCRED is used for - * that. */ + * is faked by a bus proxy and it lacks that + * information about the real client (since + * SO_PEERCRED is used for that). Also kernel + * namespacing might make some of this data + * unavailable when untranslatable. */ if (d->pids.pid > 0) { m->creds.pid = (pid_t) d->pids.pid; @@ -586,7 +599,8 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { case KDBUS_ITEM_CREDS: - /* EUID/SUID/FSUID/EGID/SGID/FSGID might be missing too (see above). */ + /* EUID/SUID/FSUID/EGID/SGID/FSGID might be + * missing too (see above). */ if ((uid_t) d->creds.uid != UID_INVALID) { m->creds.uid = (uid_t) d->creds.uid; @@ -664,7 +678,6 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { goto fail; m->creds.cgroup_root = bus->cgroup_root; - break; case KDBUS_ITEM_AUDIT: @@ -767,7 +780,7 @@ static int bus_kernel_make_message(sd_bus *bus, struct kdbus_msg *k) { goto fail; /* Refuse messages if kdbus and dbus1 cookie doesn't match up */ - if ((uint64_t) m->header->serial != k->cookie) { + if ((uint64_t) m->header->dbus2.cookie != k->cookie) { r = -EBADMSG; goto fail; } diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c index da14a28c9a..447595764e 100644 --- a/src/libsystemd/sd-bus/bus-message.c +++ b/src/libsystemd/sd-bus/bus-message.c @@ -169,16 +169,17 @@ static void *message_extend_fields(sd_bus_message *m, size_t align, size_t sz, b if (m->poisoned) return NULL; - old_size = sizeof(struct bus_header) + m->header->fields_size; + old_size = sizeof(struct bus_header) + m->fields_size; start = ALIGN_TO(old_size, align); new_size = start + sz; + if (new_size < start || + new_size > (size_t) ((uint32_t) -1)) + goto poison; + if (old_size == new_size) return (uint8_t*) m->header + old_size; - if (new_size > (size_t) ((uint32_t) -1)) - goto poison; - if (m->free_header) { np = realloc(m->header, ALIGN8(new_size)); if (!np) @@ -201,7 +202,7 @@ static void *message_extend_fields(sd_bus_message *m, size_t align, size_t sz, b op = m->header; m->header = np; - m->header->fields_size = new_size - sizeof(struct bus_header); + m->fields_size = new_size - sizeof(struct bus_header); /* Adjust quick access pointers */ m->path = adjust_pointer(m->path, op, old_size, m->header); @@ -229,7 +230,7 @@ poison: static int message_append_field_string( sd_bus_message *m, - uint8_t h, + uint64_t h, char type, const char *s, const char **ret) { @@ -239,6 +240,10 @@ static int message_append_field_string( assert(m); + /* dbus1 only allows 8bit header field ids */ + if (h > 0xFF) + return -EINVAL; + /* dbus1 doesn't allow strings over 32bit, let's enforce this * globally, to not risk convertability */ l = strlen(s); @@ -249,13 +254,12 @@ static int message_append_field_string( if (BUS_MESSAGE_IS_GVARIANT(m)) { - /* (field id byte + 7x padding, ((string + NUL) + NUL + signature string 's') */ - p = message_extend_fields(m, 8, 1 + 7 + l + 1 + 1 + 1, true); + /* (field id 64bit, ((string + NUL) + NUL + signature string 's') */ + p = message_extend_fields(m, 8, 8 + l + 1 + 1 + 1, true); if (!p) return -ENOMEM; - p[0] = h; - memzero(p+1, 7); + *((uint64_t*) p) = h; memcpy(p+8, s, l); p[8+l] = 0; p[8+l+1] = 0; @@ -270,7 +274,7 @@ static int message_append_field_string( if (!p) return -ENOMEM; - p[0] = h; + p[0] = (uint8_t) h; p[1] = 1; p[2] = type; p[3] = 0; @@ -287,7 +291,7 @@ static int message_append_field_string( static int message_append_field_signature( sd_bus_message *m, - uint8_t h, + uint64_t h, const char *s, const char **ret) { @@ -296,7 +300,11 @@ static int message_append_field_signature( assert(m); - /* dbus1 doesn't allow signatures over 32bit, let's enforce + /* dbus1 only allows 8bit header field ids */ + if (h > 0xFF) + return -EINVAL; + + /* dbus1 doesn't allow signatures over 8bit, let's enforce * this globally, to not risk convertability */ l = strlen(s); if (l > 255) @@ -313,7 +321,7 @@ static int message_append_field_signature( if (!p) return -ENOMEM; - p[0] = h; + p[0] = (uint8_t) h; p[1] = 1; p[2] = SD_BUS_TYPE_SIGNATURE; p[3] = 0; @@ -327,20 +335,23 @@ static int message_append_field_signature( return 0; } -static int message_append_field_uint32(sd_bus_message *m, uint8_t h, uint32_t x) { +static int message_append_field_uint32(sd_bus_message *m, uint64_t h, uint32_t x) { uint8_t *p; assert(m); + /* dbus1 only allows 8bit header field ids */ + if (h > 0xFF) + return -EINVAL; + if (BUS_MESSAGE_IS_GVARIANT(m)) { - /* (field id byte + 7x padding + ((value + NUL + signature string 'u') */ + /* (field id 64bit + ((value + NUL + signature string 'u') */ - p = message_extend_fields(m, 8, 1 + 7 + 4 + 1 + 1, true); + p = message_extend_fields(m, 8, 8 + 4 + 1 + 1, true); if (!p) return -ENOMEM; - p[0] = h; - memzero(p+1, 7); + *((uint64_t*) p) = h; *((uint32_t*) (p + 8)) = x; p[12] = 0; p[13] = 'u'; @@ -350,9 +361,9 @@ static int message_append_field_uint32(sd_bus_message *m, uint8_t h, uint32_t x) if (!p) return -ENOMEM; - p[0] = h; + p[0] = (uint8_t) h; p[1] = 1; - p[2] = SD_BUS_TYPE_UINT32; + p[2] = 'u'; p[3] = 0; ((uint32_t*) p)[1] = x; @@ -361,10 +372,54 @@ static int message_append_field_uint32(sd_bus_message *m, uint8_t h, uint32_t x) return 0; } +static int message_append_field_uint64(sd_bus_message *m, uint64_t h, uint64_t x) { + uint8_t *p; + + assert(m); + + /* dbus1 only allows 8bit header field ids */ + if (h > 0xFF) + return -EINVAL; + + if (BUS_MESSAGE_IS_GVARIANT(m)) { + /* (field id 64bit + ((value + NUL + signature string 't') */ + + p = message_extend_fields(m, 8, 8 + 8 + 1 + 1, true); + if (!p) + return -ENOMEM; + + *((uint64_t*) p) = h; + *((uint64_t*) (p + 8)) = x; + p[16] = 0; + p[17] = 't'; + } else { + /* (field id byte + (signature length + signature 't' + NUL) + 4 byte padding + value) */ + p = message_extend_fields(m, 8, 4 + 4 + 8, false); + if (!p) + return -ENOMEM; + + p[0] = (uint8_t) h; + p[1] = 1; + p[2] = 't'; + p[3] = 0; + p[4] = 0; + p[5] = 0; + p[6] = 0; + p[7] = 0; + + ((uint64_t*) p)[1] = x; + } + + return 0; +} + int bus_message_from_header( sd_bus *bus, - void *buffer, - size_t length, + void *header, + size_t header_accessible, + void *footer, + size_t footer_accessible, + size_t message_size, int *fds, unsigned n_fds, const struct ucred *ucred, @@ -377,19 +432,22 @@ int bus_message_from_header( size_t a, label_sz; assert(bus); - assert(buffer || length <= 0); + assert(header || header_accessible <= 0); + assert(footer || footer_accessible <= 0); assert(fds || n_fds <= 0); assert(ret); - if (length < sizeof(struct bus_header)) + if (header_accessible < sizeof(struct bus_header)) return -EBADMSG; - h = buffer; - if (h->version != 1 && - h->version != 2) + if (header_accessible > message_size) + return -EBADMSG; + if (footer_accessible > message_size) return -EBADMSG; - if (h->serial == 0) + h = header; + if (h->version != 1 && + h->version != 2) return -EBADMSG; if (h->type == _SD_BUS_MESSAGE_TYPE_INVALID) @@ -399,6 +457,8 @@ int bus_message_from_header( h->endian != BUS_BIG_ENDIAN) return -EBADMSG; + /* Note that we are happy with unknown flags in the flags header! */ + a = ALIGN(sizeof(sd_bus_message)) + ALIGN(extra); if (label) { @@ -412,7 +472,48 @@ int bus_message_from_header( m->n_ref = 1; m->sealed = true; - m->header = h; + m->header = header; + m->header_accessible = header_accessible; + m->footer = footer; + m->footer_accessible = footer_accessible; + + if (BUS_MESSAGE_IS_GVARIANT(m)) { + size_t ws; + + if (h->dbus2.cookie == 0) + return -EBADMSG; + + /* dbus2 derives the sizes from the message size and + the offset table at the end, since it is formatted as + gvariant "yyyyuta{tv}v". Since the message itself is a + structure with precisely to variable sized entries, + there's only one offset in the table, which marks the + end of the fields array. */ + + ws = bus_gvariant_determine_word_size(message_size, 0); + if (footer_accessible < ws) + return -EBADMSG; + + m->fields_size = bus_gvariant_read_word_le((uint8_t*) footer + footer_accessible - ws, ws); + if (ALIGN8(m->fields_size) > message_size - ws) + return -EBADMSG; + if (m->fields_size < sizeof(struct bus_header)) + return -EBADMSG; + + m->fields_size -= sizeof(struct bus_header); + m->body_size = message_size - (sizeof(struct bus_header) + ALIGN8(m->fields_size)); + } else { + if (h->dbus1.serial == 0) + return -EBADMSG; + + /* dbus1 has the sizes in the header */ + m->fields_size = BUS_MESSAGE_BSWAP32(m, h->dbus1.fields_size); + m->body_size = BUS_MESSAGE_BSWAP32(m, h->dbus1.body_size); + + if (sizeof(struct bus_header) + ALIGN8(m->fields_size) + m->body_size != message_size) + return -EBADMSG; + } + m->fds = fds; m->n_fds = n_fds; @@ -460,19 +561,21 @@ int bus_message_from_malloc( size_t sz; int r; - r = bus_message_from_header(bus, buffer, length, fds, n_fds, ucred, label, 0, &m); + r = bus_message_from_header( + bus, + buffer, length, /* in this case the initial bytes and the final bytes are the same */ + buffer, length, + length, + fds, n_fds, + ucred, label, + 0, &m); if (r < 0) return r; - if (length != BUS_MESSAGE_SIZE(m)) { - r = -EBADMSG; - goto fail; - } - - sz = length - sizeof(struct bus_header) - ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m)); + sz = length - sizeof(struct bus_header) - ALIGN8(m->fields_size); if (sz > 0) { m->n_body_parts = 1; - m->body.data = (uint8_t*) buffer + sizeof(struct bus_header) + ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m)); + m->body.data = (uint8_t*) buffer + sizeof(struct bus_header) + ALIGN8(m->fields_size); m->body.size = sz; m->body.sealed = true; m->body.memfd = -1; @@ -631,8 +734,17 @@ static int message_new_reply( t->header->flags |= BUS_MESSAGE_NO_REPLY_EXPECTED; t->reply_cookie = BUS_MESSAGE_COOKIE(call); + if (t->reply_cookie == 0) + return -ENOTSUP; - r = message_append_field_uint32(t, BUS_MESSAGE_HEADER_REPLY_SERIAL, (uint32_t) t->reply_cookie); + if (BUS_MESSAGE_IS_GVARIANT(t)) + r = message_append_field_uint64(t, BUS_MESSAGE_HEADER_REPLY_SERIAL, t->reply_cookie); + else { + if (t->reply_cookie > 0xffffffff) + return -ENOTSUP; + + r = message_append_field_uint32(t, BUS_MESSAGE_HEADER_REPLY_SERIAL, (uint32_t) t->reply_cookie); + } if (r < 0) goto fail; @@ -851,9 +963,14 @@ _public_ int sd_bus_message_get_type(sd_bus_message *m, uint8_t *type) { } _public_ int sd_bus_message_get_cookie(sd_bus_message *m, uint64_t *cookie) { + uint64_t c; + assert_return(m, -EINVAL); assert_return(cookie, -EINVAL); - assert_return(m->header->serial != 0, -ENODATA); + + c = BUS_MESSAGE_COOKIE(m); + if (c == 0) + return -ENODATA; *cookie = BUS_MESSAGE_COOKIE(m); return 0; @@ -862,7 +979,9 @@ _public_ int sd_bus_message_get_cookie(sd_bus_message *m, uint64_t *cookie) { _public_ int sd_bus_message_get_reply_cookie(sd_bus_message *m, uint64_t *cookie) { assert_return(m, -EINVAL); assert_return(cookie, -EINVAL); - assert_return(m->reply_cookie != 0, -ENODATA); + + if (m->reply_cookie == 0) + return -ENODATA; *cookie = m->reply_cookie; return 0; @@ -967,9 +1086,11 @@ _public_ sd_bus_creds *sd_bus_message_get_creds(sd_bus_message *m) { return &m->creds; } -_public_ int sd_bus_message_is_signal(sd_bus_message *m, - const char *interface, - const char *member) { +_public_ int sd_bus_message_is_signal( + sd_bus_message *m, + const char *interface, + const char *member) { + assert_return(m, -EINVAL); if (m->header->type != SD_BUS_MESSAGE_SIGNAL) @@ -984,9 +1105,11 @@ _public_ int sd_bus_message_is_signal(sd_bus_message *m, return 1; } -_public_ int sd_bus_message_is_method_call(sd_bus_message *m, - const char *interface, - const char *member) { +_public_ int sd_bus_message_is_method_call( + sd_bus_message *m, + const char *interface, + const char *member) { + assert_return(m, -EINVAL); if (m->header->type != SD_BUS_MESSAGE_METHOD_CALL) @@ -1221,7 +1344,13 @@ static void message_extend_containers(sd_bus_message *m, size_t expand) { } } -static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz, bool add_offset) { +static void *message_extend_body( + sd_bus_message *m, + size_t align, + size_t sz, + bool add_offset, + bool force_inline) { + size_t start_body, end_body, padding, added; void *p; int r; @@ -1233,14 +1362,15 @@ static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz, boo if (m->poisoned) return NULL; - start_body = ALIGN_TO((size_t) m->header->body_size, align); + start_body = ALIGN_TO((size_t) m->body_size, align); end_body = start_body + sz; - padding = start_body - m->header->body_size; + padding = start_body - m->body_size; added = padding + sz; /* Check for 32bit overflows */ - if (end_body > (size_t) ((uint32_t) -1)) { + if (end_body > (size_t) ((uint32_t) -1) || + end_body < start_body) { m->poisoned = true; return NULL; } @@ -1252,7 +1382,8 @@ static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz, boo add_new_part = m->n_body_parts <= 0 || m->body_end->sealed || - padding != ALIGN_TO(m->body_end->size, align) - m->body_end->size; + (padding != ALIGN_TO(m->body_end->size, align) - m->body_end->size) || + (force_inline && m->body_end->size > MEMFD_MIN_SIZE); /* if this must be an inlined extension, let's create a new part if the previous part is large enough to be inlined */ if (add_new_part) { if (padding > 0) { @@ -1301,7 +1432,7 @@ static void *message_extend_body(sd_bus_message *m, size_t align, size_t sz, boo /* Return something that is not NULL and is aligned */ p = (uint8_t *) NULL + align; - m->header->body_size = end_body; + m->body_size = end_body; message_extend_containers(m, added); if (add_offset) { @@ -1427,7 +1558,7 @@ int message_append_basic(sd_bus_message *m, char type, const void *p, const void assert(align > 0); assert(sz > 0); - a = message_extend_body(m, align, sz, true); + a = message_extend_body(m, align, sz, true, false); if (!a) return -ENOMEM; @@ -1496,7 +1627,7 @@ int message_append_basic(sd_bus_message *m, char type, const void *p, const void assert(align > 0); assert(sz > 0); - a = message_extend_body(m, align, sz, false); + a = message_extend_body(m, align, sz, false, false); if (!a) return -ENOMEM; @@ -1570,13 +1701,13 @@ _public_ int sd_bus_message_append_string_space( } if (BUS_MESSAGE_IS_GVARIANT(m)) { - a = message_extend_body(m, 1, size + 1, true); + a = message_extend_body(m, 1, size + 1, true, false); if (!a) return -ENOMEM; *s = a; } else { - a = message_extend_body(m, 4, 4 + size + 1, false); + a = message_extend_body(m, 4, 4 + size + 1, false, false); if (!a) return -ENOMEM; @@ -1681,14 +1812,14 @@ static int bus_message_open_array( return alignment; /* Add alignment padding and add to offset list */ - if (!message_extend_body(m, alignment, 0, false)) + if (!message_extend_body(m, alignment, 0, false, false)) return -ENOMEM; r = bus_gvariant_is_fixed_size(contents); if (r < 0) return r; - *begin = m->header->body_size; + *begin = m->body_size; *need_offsets = r == 0; } else { void *a, *op; @@ -1699,7 +1830,7 @@ static int bus_message_open_array( if (alignment < 0) return alignment; - a = message_extend_body(m, 4, 4, false); + a = message_extend_body(m, 4, 4, false, false); if (!a) return -ENOMEM; @@ -1708,7 +1839,7 @@ static int bus_message_open_array( os = m->body_end->size; /* Add alignment between size and first element */ - if (!message_extend_body(m, alignment, 0, false)) + if (!message_extend_body(m, alignment, 0, false, false)) return -ENOMEM; /* location of array size might have changed so let's readjust a */ @@ -1761,7 +1892,7 @@ static int bus_message_open_variant( if (BUS_MESSAGE_IS_GVARIANT(m)) { /* Variants are always aligned to 8 */ - if (!message_extend_body(m, 8, 0, false)) + if (!message_extend_body(m, 8, 0, false, false)) return -ENOMEM; } else { @@ -1769,7 +1900,7 @@ static int bus_message_open_variant( void *a; l = strlen(contents); - a = message_extend_body(m, 1, 1 + l + 1, false); + a = message_extend_body(m, 1, 1 + l + 1, false, false); if (!a) return -ENOMEM; @@ -1835,18 +1966,18 @@ static int bus_message_open_struct( if (alignment < 0) return alignment; - if (!message_extend_body(m, alignment, 0, false)) + if (!message_extend_body(m, alignment, 0, false, false)) return -ENOMEM; r = bus_gvariant_is_fixed_size(contents); if (r < 0) return r; - *begin = m->header->body_size; + *begin = m->body_size; *need_offsets = r == 0; } else { /* Align contents to 8 byte boundary */ - if (!message_extend_body(m, 8, 0, false)) + if (!message_extend_body(m, 8, 0, false, false)) return -ENOMEM; } @@ -1896,18 +2027,18 @@ static int bus_message_open_dict_entry( if (alignment < 0) return alignment; - if (!message_extend_body(m, alignment, 0, false)) + if (!message_extend_body(m, alignment, 0, false, false)) return -ENOMEM; r = bus_gvariant_is_fixed_size(contents); if (r < 0) return r; - *begin = m->header->body_size; + *begin = m->body_size; *need_offsets = r == 0; } else { /* Align contents to 8 byte boundary */ - if (!message_extend_body(m, 8, 0, false)) + if (!message_extend_body(m, 8, 0, false, false)) return -ENOMEM; } @@ -1948,7 +2079,7 @@ _public_ int sd_bus_message_open_container( /* Save old index in the parent container, in case we have to * abort this container */ c->saved_index = c->index; - before = m->header->body_size; + before = m->body_size; if (type == SD_BUS_TYPE_ARRAY) r = bus_message_open_array(m, c, contents, &array_size, &begin, &need_offsets); @@ -1981,66 +2112,6 @@ _public_ int sd_bus_message_open_container( return 0; } -static size_t determine_word_size(size_t sz, size_t extra) { - if (sz + extra <= 0xFF) - return 1; - else if (sz + extra*2 <= 0xFFFF) - return 2; - else if (sz + extra*4 <= 0xFFFFFFFF) - return 4; - else - return 8; -} - -static size_t read_word_le(void *p, size_t sz) { - union { - uint16_t u16; - uint32_t u32; - uint64_t u64; - } x; - - assert(p); - - if (sz == 1) - return *(uint8_t*) p; - - memcpy(&x, p, sz); - - if (sz == 2) - return le16toh(x.u16); - else if (sz == 4) - return le32toh(x.u32); - else if (sz == 8) - return le64toh(x.u64); - - assert_not_reached("unknown word width"); -} - -static void write_word_le(void *p, size_t sz, size_t value) { - union { - uint16_t u16; - uint32_t u32; - uint64_t u64; - } x; - - assert(p); - assert(sz == 8 || (value < (1ULL << (sz*8)))); - - if (sz == 1) { - *(uint8_t*) p = value; - return; - } else if (sz == 2) - x.u16 = htole16((uint16_t) value); - else if (sz == 4) - x.u32 = htole32((uint32_t) value); - else if (sz == 8) - x.u64 = htole64((uint64_t) value); - else - assert_not_reached("unknown word width"); - - memcpy(p, &x, sz); -} - static int bus_message_close_array(sd_bus_message *m, struct bus_container *c) { assert(m); @@ -2056,20 +2127,20 @@ static int bus_message_close_array(sd_bus_message *m, struct bus_container *c) { /* Variable-width arrays */ payload = c->n_offsets > 0 ? c->offsets[c->n_offsets-1] - c->begin : 0; - sz = determine_word_size(payload, c->n_offsets); + sz = bus_gvariant_determine_word_size(payload, c->n_offsets); - a = message_extend_body(m, 1, sz * c->n_offsets, true); + a = message_extend_body(m, 1, sz * c->n_offsets, true, false); if (!a) return -ENOMEM; for (i = 0; i < c->n_offsets; i++) - write_word_le(a + sz*i, sz, c->offsets[i] - c->begin); + bus_gvariant_write_word_le(a + sz*i, sz, c->offsets[i] - c->begin); } else { void *a; /* Fixed-width or empty arrays */ - a = message_extend_body(m, 1, 0, true); /* let's add offset to parent */ + a = message_extend_body(m, 1, 0, true, false); /* let's add offset to parent */ if (!a) return -ENOMEM; } @@ -2090,7 +2161,7 @@ static int bus_message_close_variant(sd_bus_message *m, struct bus_container *c) l = strlen(c->signature); - a = message_extend_body(m, 1, 1 + l, true); + a = message_extend_body(m, 1, 1 + l, true, false); if (!a) return -ENOMEM; @@ -2147,18 +2218,18 @@ static int bus_message_close_struct(sd_bus_message *m, struct bus_container *c, assert(c->need_offsets || n_variable == 0); if (n_variable <= 0) { - a = message_extend_body(m, 1, 0, add_offset); + a = message_extend_body(m, 1, 0, add_offset, false); if (!a) return -ENOMEM; } else { size_t sz; unsigned j; - assert(c->offsets[c->n_offsets-1] == m->header->body_size); + assert(c->offsets[c->n_offsets-1] == m->body_size); - sz = determine_word_size(m->header->body_size - c->begin, n_variable); + sz = bus_gvariant_determine_word_size(m->body_size - c->begin, n_variable); - a = message_extend_body(m, 1, sz * n_variable, add_offset); + a = message_extend_body(m, 1, sz * n_variable, add_offset, false); if (!a) return -ENOMEM; @@ -2187,7 +2258,7 @@ static int bus_message_close_struct(sd_bus_message *m, struct bus_container *c, k = n_variable - 1 - j; - write_word_le(a + k * sz, sz, c->offsets[i] - c->begin); + bus_gvariant_write_word_le(a + k * sz, sz, c->offsets[i] - c->begin); j++; } @@ -2518,7 +2589,7 @@ _public_ int sd_bus_message_append_array_space( if (r < 0) return r; - a = message_extend_body(m, align, size, false); + a = message_extend_body(m, align, size, false, false); if (!a) return -ENOMEM; @@ -2647,7 +2718,7 @@ _public_ int sd_bus_message_append_array_memfd( if (r < 0) return r; - a = message_extend_body(m, align, 0, false); + a = message_extend_body(m, align, 0, false, false); if (!a) return -ENOMEM; @@ -2661,7 +2732,7 @@ _public_ int sd_bus_message_append_array_memfd( part->size = size; copy_fd = -1; - m->header->body_size += size; + m->body_size += size; message_extend_containers(m, size); return sd_bus_message_close_container(m); @@ -2731,7 +2802,7 @@ _public_ int sd_bus_message_append_string_memfd( } if (!BUS_MESSAGE_IS_GVARIANT(m)) { - a = message_extend_body(m, 4, 4, false); + a = message_extend_body(m, 4, 4, false, false); if (!a) return -ENOMEM; @@ -2748,11 +2819,11 @@ _public_ int sd_bus_message_append_string_memfd( part->size = size; copy_fd = -1; - m->header->body_size += size; + m->body_size += size; message_extend_containers(m, size); if (BUS_MESSAGE_IS_GVARIANT(m)) { - r = message_add_offset(m, m->header->body_size); + r = message_add_offset(m, m->body_size); if (r < 0) { m->poisoned = true; return -ENOMEM; @@ -2787,34 +2858,66 @@ _public_ int sd_bus_message_append_strv(sd_bus_message *m, char **l) { } static int bus_message_close_header(sd_bus_message *m) { - uint8_t *a; - size_t sz, i; assert(m); - if (!BUS_MESSAGE_IS_GVARIANT(m)) - return 0; + /* The actual user data is finished now, we just complete the + variant and struct now (at least on gvariant). Remember + this position, so that during parsing we know where to to + put the outer container end. */ + m->user_body_size = m->body_size; - if (m->n_header_offsets < 1) - return 0; + if (BUS_MESSAGE_IS_GVARIANT(m)) { + const char *signature; + size_t sz, l; + void *d; - assert(m->header->fields_size == m->header_offsets[m->n_header_offsets-1]); + /* Add offset table to end of fields array */ + if (m->n_header_offsets >= 1) { + uint8_t *a; + unsigned i; - sz = determine_word_size(m->header->fields_size, m->n_header_offsets); + assert(m->fields_size == m->header_offsets[m->n_header_offsets-1]); - a = message_extend_fields(m, 1, sz * m->n_header_offsets, false); - if (!a) - return -ENOMEM; + sz = bus_gvariant_determine_word_size(m->fields_size, m->n_header_offsets); + a = message_extend_fields(m, 1, sz * m->n_header_offsets, false); + if (!a) + return -ENOMEM; + + for (i = 0; i < m->n_header_offsets; i++) + bus_gvariant_write_word_le(a + sz*i, sz, m->header_offsets[i]); + } + + /* Add gvariant NUL byte plus signature to the end of + * the body, followed by the final offset pointing to + * the end of the fields array */ - for (i = 0; i < m->n_header_offsets; i++) - write_word_le(a + sz*i, sz, m->header_offsets[i]); + signature = strempty(m->root_container.signature); + l = strlen(signature); + + sz = bus_gvariant_determine_word_size(sizeof(struct bus_header) + ALIGN8(m->fields_size) + m->body_size + 1 + l, 1); + d = message_extend_body(m, 1, 1 + l + sz, false, true); + if (!d) + return -ENOMEM; + + *(uint8_t*) d = 0; + memcpy((uint8_t*) d + 1, signature, l); + + bus_gvariant_write_word_le((uint8_t*) d + 1 + l, sz, sizeof(struct bus_header) + m->fields_size); + + m->footer = d; + m->footer_accessible = 1 + l + sz; + } else { + m->header->dbus1.fields_size = m->fields_size; + m->header->dbus1.body_size = m->body_size; + } return 0; } int bus_message_seal(sd_bus_message *m, uint64_t cookie, usec_t timeout) { struct bus_body_part *part; - size_t l, a; + size_t a; unsigned i; int r; @@ -2829,6 +2932,10 @@ int bus_message_seal(sd_bus_message *m, uint64_t cookie, usec_t timeout) { if (m->poisoned) return -ESTALE; + if (cookie > 0xffffffffULL && + !BUS_MESSAGE_IS_GVARIANT(m)) + return -ENOTSUP; + /* In vtables the return signature of method calls is listed, * let's check if they match if this is a response */ if (m->header->type == SD_BUS_MESSAGE_METHOD_RETURN && @@ -2841,8 +2948,9 @@ int bus_message_seal(sd_bus_message *m, uint64_t cookie, usec_t timeout) { if (r < 0) return r; - /* If there's a non-trivial signature set, then add it in here */ - if (!isempty(m->root_container.signature)) { + /* If there's a non-trivial signature set, then add it in + * here, but only on dbus1 */ + if (!isempty(m->root_container.signature) && !BUS_MESSAGE_IS_GVARIANT(m)) { r = message_append_field_signature(m, BUS_MESSAGE_HEADER_SIGNATURE, m->root_container.signature, NULL); if (r < 0) return r; @@ -2858,24 +2966,30 @@ int bus_message_seal(sd_bus_message *m, uint64_t cookie, usec_t timeout) { if (r < 0) return r; - m->header->serial = (uint32_t) cookie; + if (BUS_MESSAGE_IS_GVARIANT(m)) + m->header->dbus2.cookie = cookie; + else + m->header->dbus1.serial = (uint32_t) cookie; + m->timeout = m->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED ? 0 : timeout; /* Add padding at the end of the fields part, since we know * the body needs to start at an 8 byte alignment. We made * sure we allocated enough space for this, so all we need to * do here is to zero it out. */ - l = BUS_MESSAGE_FIELDS_SIZE(m); - a = ALIGN8(l) - l; + a = ALIGN8(m->fields_size) - m->fields_size; if (a > 0) - memzero((uint8_t*) BUS_MESSAGE_FIELDS(m) + l, a); + memzero((uint8_t*) BUS_MESSAGE_FIELDS(m) + m->fields_size, a); /* If this is something we can send as memfd, then let's seal the memfd now. Note that we can send memfds as payload only for directed messages, and not for broadcasts. */ if (m->destination && m->bus->use_memfd) { MESSAGE_FOREACH_PART(part, i, m) - if (part->memfd >= 0 && !part->sealed && (part->size > MEMFD_MIN_SIZE || m->bus->use_memfd < 0)) { + if (part->memfd >= 0 && + !part->sealed && + (part->size > MEMFD_MIN_SIZE || m->bus->use_memfd < 0) && + part != m->body_end) { /* The last part may never be sent as memfd */ uint64_t sz; /* Try to seal it if that makes @@ -2895,7 +3009,7 @@ int bus_message_seal(sd_bus_message *m, uint64_t cookie, usec_t timeout) { } } - m->root_container.end = BUS_MESSAGE_BODY_SIZE(m); + m->root_container.end = m->user_body_size; m->root_container.index = 0; m->root_container.offset_index = 0; m->root_container.item_size = m->root_container.n_offsets > 0 ? m->root_container.offsets[0] : 0; @@ -3181,7 +3295,7 @@ static int message_peek_body( padding = start - *rindex; end = start + nbytes; - if (end > BUS_MESSAGE_BODY_SIZE(m)) + if (end > m->user_body_size) return -EBADMSG; part = find_part(m, *rindex, padding, (void**) &q); @@ -3554,14 +3668,14 @@ static int bus_message_enter_array( unsigned i; /* gvariant: variable length array */ - sz = determine_word_size(c->item_size, 0); + sz = bus_gvariant_determine_word_size(c->item_size, 0); where = rindex + c->item_size - sz; r = message_peek_body(m, &where, 1, sz, &q); if (r < 0) return r; - framing = read_word_le(q, sz); + framing = bus_gvariant_read_word_le(q, sz); if (framing > c->item_size - sz) return -EBADMSG; if ((c->item_size - framing) % sz != 0) @@ -3581,7 +3695,7 @@ static int bus_message_enter_array( for (i = 0; i < *n_offsets; i++) { size_t x; - x = read_word_le((uint8_t*) q + i * sz, sz); + x = bus_gvariant_read_word_le((uint8_t*) q + i * sz, sz); if (x > c->item_size - sz) return -EBADMSG; if (x < p) @@ -3704,7 +3818,7 @@ static int build_struct_offsets( return 0; } - sz = determine_word_size(size, 0); + sz = bus_gvariant_determine_word_size(size, 0); if (sz <= 0) return -EBADMSG; @@ -3778,7 +3892,7 @@ static int build_struct_offsets( if (v > 0) { v--; - x = read_word_le((uint8_t*) q + v*sz, sz); + x = bus_gvariant_read_word_le((uint8_t*) q + v*sz, sz); if (x >= size) return -EBADMSG; if (m->rindex + x < previous) @@ -4659,10 +4773,12 @@ _public_ int sd_bus_message_skip(sd_bus_message *m, const char *types) { } } -_public_ int sd_bus_message_read_array(sd_bus_message *m, - char type, - const void **ptr, - size_t *size) { +_public_ int sd_bus_message_read_array( + sd_bus_message *m, + char type, + const void **ptr, + size_t *size) { + struct bus_container *c; void *p; size_t sz; @@ -4731,7 +4847,7 @@ static int message_peek_fields( assert(rindex); assert(align > 0); - return buffer_peek(BUS_MESSAGE_FIELDS(m), BUS_MESSAGE_FIELDS_SIZE(m), rindex, align, nbytes, ret); + return buffer_peek(BUS_MESSAGE_FIELDS(m), m->fields_size, rindex, align, nbytes, ret); } static int message_peek_field_uint32( @@ -4761,6 +4877,33 @@ static int message_peek_field_uint32( return 0; } +static int message_peek_field_uint64( + sd_bus_message *m, + size_t *ri, + size_t item_size, + uint64_t *ret) { + + int r; + void *q; + + assert(m); + assert(ri); + + if (BUS_MESSAGE_IS_GVARIANT(m) && item_size != 8) + return -EBADMSG; + + /* identical for gvariant and dbus1 */ + + r = message_peek_fields(m, ri, 8, 8, &q); + if (r < 0) + return r; + + if (ret) + *ret = BUS_MESSAGE_BSWAP64(m, *(uint64_t*) q); + + return 0; +} + static int message_peek_field_string( sd_bus_message *m, bool (*validate)(const char *p), @@ -5006,59 +5149,106 @@ int bus_message_parse_fields(sd_bus_message *m) { assert(m); if (BUS_MESSAGE_IS_GVARIANT(m)) { - void *q; + char *p; + + /* Read the signature from the end of the body variant first */ + sz = bus_gvariant_determine_word_size(BUS_MESSAGE_SIZE(m), 0); + if (m->footer_accessible < 1 + sz) + return -EBADMSG; + + p = (char*) m->footer + m->footer_accessible - (1 + sz); + for (;;) { + if (p < (char*) m->footer) + return -EBADMSG; + + if (*p == 0) { + char *c; + + /* We found the beginning of the signature string, yay! */ + + c = strndup(p + 1, ((char*) m->footer + m->footer_accessible) - p - (1 + sz)); + if (!c) + return -ENOMEM; + + free(m->root_container.signature); + m->root_container.signature = c; + break; + } - sz = determine_word_size(BUS_MESSAGE_FIELDS_SIZE(m), 0); + p--; + } + + /* Calculate the actual user body size, by removing + * the trailing variant signature and struct offset + * table */ + m->user_body_size = m->body_size - ((char*) m->footer + m->footer_accessible - p); + + /* Pull out the offset table for the fields array */ + sz = bus_gvariant_determine_word_size(m->fields_size, 0); if (sz > 0) { size_t framing; + void *q; - ri = BUS_MESSAGE_FIELDS_SIZE(m) - sz; + ri = m->fields_size - sz; r = message_peek_fields(m, &ri, 1, sz, &q); if (r < 0) return r; - framing = read_word_le(q, sz); - if (framing >= BUS_MESSAGE_FIELDS_SIZE(m) - sz) + framing = bus_gvariant_read_word_le(q, sz); + if (framing >= m->fields_size - sz) return -EBADMSG; - if ((BUS_MESSAGE_FIELDS_SIZE(m) - framing) % sz != 0) + if ((m->fields_size - framing) % sz != 0) return -EBADMSG; ri = framing; - r = message_peek_fields(m, &ri, 1, BUS_MESSAGE_FIELDS_SIZE(m) - framing, &offsets); + r = message_peek_fields(m, &ri, 1, m->fields_size - framing, &offsets); if (r < 0) return r; - n_offsets = (BUS_MESSAGE_FIELDS_SIZE(m) - framing) / sz; + n_offsets = (m->fields_size - framing) / sz; } - } + } else + m->user_body_size = m->body_size; ri = 0; - while (ri < BUS_MESSAGE_FIELDS_SIZE(m)) { + while (ri < m->fields_size) { _cleanup_free_ char *sig = NULL; const char *signature; - uint8_t *header; + uint64_t field_type; size_t item_size = (size_t) -1; if (BUS_MESSAGE_IS_GVARIANT(m)) { + uint64_t *u64; + if (i >= n_offsets) break; if (i == 0) ri = 0; else - ri = ALIGN_TO(read_word_le((uint8_t*) offsets + (i-1)*sz, sz), 8); - } + ri = ALIGN_TO(bus_gvariant_read_word_le((uint8_t*) offsets + (i-1)*sz, sz), 8); - r = message_peek_fields(m, &ri, 8, 1, (void**) &header); - if (r < 0) - return r; + r = message_peek_fields(m, &ri, 8, 8, (void**) &u64); + if (r < 0) + return r; + + field_type = BUS_MESSAGE_BSWAP64(m, *u64); + } else { + uint8_t *u8; + + r = message_peek_fields(m, &ri, 8, 1, (void**) &u8); + if (r < 0) + return r; + + field_type = *u8; + } if (BUS_MESSAGE_IS_GVARIANT(m)) { size_t where, end; char *b; void *q; - end = read_word_le((uint8_t*) offsets + i*sz, sz); + end = bus_gvariant_read_word_le((uint8_t*) offsets + i*sz, sz); if (end < ri) return -EBADMSG; @@ -5085,7 +5275,8 @@ int bus_message_parse_fields(sd_bus_message *m) { return r; } - switch (*header) { + switch (field_type) { + case _BUS_MESSAGE_HEADER_INVALID: return -EBADMSG; @@ -5169,6 +5360,9 @@ int bus_message_parse_fields(sd_bus_message *m) { const char *s; char *c; + if (BUS_MESSAGE_IS_GVARIANT(m)) /* only applies to dbus1 */ + return -EBADMSG; + if (m->root_container.signature) return -EBADMSG; @@ -5188,26 +5382,38 @@ int bus_message_parse_fields(sd_bus_message *m) { break; } - case BUS_MESSAGE_HEADER_REPLY_SERIAL: { - uint32_t serial; + case BUS_MESSAGE_HEADER_REPLY_SERIAL: if (m->reply_cookie != 0) return -EBADMSG; - if (!streq(signature, "u")) - return -EBADMSG; + if (BUS_MESSAGE_IS_GVARIANT(m)) { + /* 64bit on dbus2 */ - r = message_peek_field_uint32(m, &ri, item_size, &serial); - if (r < 0) - return r; + if (!streq(signature, "t")) + return -EBADMSG; + + r = message_peek_field_uint64(m, &ri, item_size, &m->reply_cookie); + if (r < 0) + return r; + } else { + /* 32bit on dbus1 */ + uint32_t serial; + + if (!streq(signature, "u")) + return -EBADMSG; - m->reply_cookie = serial; + r = message_peek_field_uint32(m, &ri, item_size, &serial); + if (r < 0) + return r; + + m->reply_cookie = serial; + } if (m->reply_cookie == 0) return -EBADMSG; break; - } case BUS_MESSAGE_HEADER_UNIX_FDS: if (unix_fds_set) @@ -5279,13 +5485,13 @@ int bus_message_parse_fields(sd_bus_message *m) { if (streq_ptr(m->sender, "org.freedesktop.DBus.Local")) return -EBADMSG; - m->root_container.end = BUS_MESSAGE_BODY_SIZE(m); + m->root_container.end = m->user_body_size; if (BUS_MESSAGE_IS_GVARIANT(m)) { r = build_struct_offsets( m, m->root_container.signature, - BUS_MESSAGE_BODY_SIZE(m), + m->user_body_size, &m->root_container.item_size, &m->root_container.offsets, &m->root_container.n_offsets); @@ -5439,40 +5645,6 @@ int bus_message_get_arg(sd_bus_message *m, unsigned i, const char **str, char ** return 0; } -bool bus_header_is_complete(struct bus_header *h, size_t size) { - size_t full; - - assert(h); - assert(size); - - if (size < sizeof(struct bus_header)) - return false; - - full = sizeof(struct bus_header) + - (h->endian == BUS_NATIVE_ENDIAN ? h->fields_size : bswap_32(h->fields_size)); - - return size >= full; -} - -int bus_header_message_size(struct bus_header *h, size_t *sum) { - size_t fs, bs; - - assert(h); - assert(sum); - - if (h->endian == BUS_NATIVE_ENDIAN) { - fs = h->fields_size; - bs = h->body_size; - } else if (h->endian == BUS_REVERSE_ENDIAN) { - fs = bswap_32(h->fields_size); - bs = bswap_32(h->body_size); - } else - return -EBADMSG; - - *sum = sizeof(struct bus_header) + ALIGN8(fs) + bs; - return 0; -} - _public_ int sd_bus_message_get_errno(sd_bus_message *m) { assert_return(m, EINVAL); diff --git a/src/libsystemd/sd-bus/bus-message.h b/src/libsystemd/sd-bus/bus-message.h index b4cdce7bf4..32955329b4 100644 --- a/src/libsystemd/sd-bus/bus-message.h +++ b/src/libsystemd/sd-bus/bus-message.h @@ -99,7 +99,18 @@ struct sd_bus_message { bool release_kdbus:1; bool poisoned:1; + /* The first and last bytes of the message */ struct bus_header *header; + void *footer; + + /* How many bytes are accessible in the above pointers */ + size_t header_accessible; + size_t footer_accessible; + + size_t fields_size; + size_t body_size; + size_t user_body_size; + struct bus_body_part body; struct bus_body_part *body_end; unsigned n_body_parts; @@ -112,7 +123,7 @@ struct sd_bus_message { int *fds; struct bus_container root_container, *containers; - unsigned n_containers; + size_t n_containers; size_t containers_allocated; struct iovec *iovec; @@ -138,7 +149,9 @@ struct sd_bus_message { unsigned n_header_offsets; }; -#define BUS_MESSAGE_NEED_BSWAP(m) ((m)->header->endian != BUS_NATIVE_ENDIAN) +static inline bool BUS_MESSAGE_NEED_BSWAP(sd_bus_message *m) { + return m->header->endian != BUS_NATIVE_ENDIAN; +} static inline uint16_t BUS_MESSAGE_BSWAP16(sd_bus_message *m, uint16_t u) { return BUS_MESSAGE_NEED_BSWAP(m) ? bswap_16(u) : u; @@ -153,29 +166,23 @@ static inline uint64_t BUS_MESSAGE_BSWAP64(sd_bus_message *m, uint64_t u) { } static inline uint64_t BUS_MESSAGE_COOKIE(sd_bus_message *m) { - /* Note that we return the serial converted to a 64bit value here */ - return BUS_MESSAGE_BSWAP32(m, m->header->serial); -} + if (m->header->version == 2) + return BUS_MESSAGE_BSWAP64(m, m->header->dbus2.cookie); -static inline uint32_t BUS_MESSAGE_BODY_SIZE(sd_bus_message *m) { - return BUS_MESSAGE_BSWAP32(m, m->header->body_size); + return BUS_MESSAGE_BSWAP32(m, m->header->dbus1.serial); } -static inline uint32_t BUS_MESSAGE_FIELDS_SIZE(sd_bus_message *m) { - return BUS_MESSAGE_BSWAP32(m, m->header->fields_size); -} - -static inline uint32_t BUS_MESSAGE_SIZE(sd_bus_message *m) { +static inline size_t BUS_MESSAGE_SIZE(sd_bus_message *m) { return sizeof(struct bus_header) + - ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m)) + - BUS_MESSAGE_BODY_SIZE(m); + ALIGN8(m->fields_size) + + m->body_size; } -static inline uint32_t BUS_MESSAGE_BODY_BEGIN(sd_bus_message *m) { +static inline size_t BUS_MESSAGE_BODY_BEGIN(sd_bus_message *m) { return sizeof(struct bus_header) + - ALIGN8(BUS_MESSAGE_FIELDS_SIZE(m)); + ALIGN8(m->fields_size); } static inline void* BUS_MESSAGE_FIELDS(sd_bus_message *m) { @@ -193,7 +200,10 @@ int bus_message_read_strv_extend(sd_bus_message *m, char ***l); int bus_message_from_header( sd_bus *bus, void *header, - size_t length, + size_t header_accessible, + void *footer, + size_t footer_accessible, + size_t message_size, int *fds, unsigned n_fds, const struct ucred *ucred, @@ -217,9 +227,6 @@ int bus_message_append_ap(sd_bus_message *m, const char *types, va_list ap); int bus_message_parse_fields(sd_bus_message *m); -bool bus_header_is_complete(struct bus_header *h, size_t size); -int bus_header_message_size(struct bus_header *h, size_t *sum); - struct bus_body_part *message_append_part(sd_bus_message *m); #define MESSAGE_FOREACH_PART(part, i, m) \ diff --git a/src/libsystemd/sd-bus/bus-protocol.h b/src/libsystemd/sd-bus/bus-protocol.h index 6431dfbff8..183af89a63 100644 --- a/src/libsystemd/sd-bus/bus-protocol.h +++ b/src/libsystemd/sd-bus/bus-protocol.h @@ -23,21 +23,38 @@ #include <endian.h> +#include "macro.h" + /* Packet header */ -struct bus_header { +struct _packed_ bus_header { + /* The first four fields are identical for dbus1, and dbus2 */ uint8_t endian; uint8_t type; uint8_t flags; uint8_t version; - uint32_t body_size; - - /* Note that what the bus spec calls "serial" we'll call - "cookie" instead, because we don't want to imply that the - cookie was in any way monotonically increasing. */ - uint32_t serial; - uint32_t fields_size; -} _packed_; + + union _packed_ { + /* dbus1: Used for SOCK_STREAM connections */ + struct _packed_ { + uint32_t body_size; + + /* Note that what the bus spec calls "serial" we'll call + "cookie" instead, because we don't want to imply that the + cookie was in any way monotonically increasing. */ + uint32_t serial; + uint32_t fields_size; + } dbus1; + + /* dbus2: Used for kdbus connections */ + struct _packed_ { + uint32_t _reserved; + uint64_t cookie; + } dbus2; + + /* Note that both header versions have the same size! */ + }; +}; /* Endianness */ diff --git a/src/libsystemd/sd-bus/test-bus-gvariant.c b/src/libsystemd/sd-bus/test-bus-gvariant.c index 6992ec44de..992edacb28 100644 --- a/src/libsystemd/sd-bus/test-bus-gvariant.c +++ b/src/libsystemd/sd-bus/test-bus-gvariant.c @@ -132,7 +132,7 @@ static void test_bus_gvariant_get_alignment(void) { static void test_marshal(void) { _cleanup_bus_message_unref_ sd_bus_message *m = NULL, *n = NULL; - _cleanup_bus_unref_ sd_bus *bus = NULL; + _cleanup_bus_close_unref_ sd_bus *bus = NULL; _cleanup_free_ void *blob; size_t sz; int r; @@ -145,6 +145,8 @@ static void test_marshal(void) { assert_se(sd_bus_message_new_method_call(bus, &m, "a.service.name", "/an/object/path/which/is/really/really/long/so/that/we/hit/the/eight/bit/boundary/by/quite/some/margin/to/test/this/stuff/that/it/really/works", "an.interface.name", "AMethodName") >= 0); + assert_cc(sizeof(struct bus_header) == 16); + assert_se(sd_bus_message_append(m, "a(usv)", 3, 4711, "first-string-parameter", "(st)", "X", (uint64_t) 1111, @@ -162,13 +164,15 @@ static void test_marshal(void) { g_type_init(); #endif - v = g_variant_new_from_data(G_VARIANT_TYPE("(yyyyuuua(yv))"), m->header, sizeof(struct bus_header) + BUS_MESSAGE_FIELDS_SIZE(m), false, NULL, NULL); + v = g_variant_new_from_data(G_VARIANT_TYPE("(yyyyuta{tv})"), m->header, sizeof(struct bus_header) + m->fields_size, false, NULL, NULL); + assert_se(g_variant_is_normal_form(v)); t = g_variant_print(v, TRUE); printf("%s\n", t); g_free(t); g_variant_unref(v); - v = g_variant_new_from_data(G_VARIANT_TYPE("(a(usv))"), m->body.data, BUS_MESSAGE_BODY_SIZE(m), false, NULL, NULL); + v = g_variant_new_from_data(G_VARIANT_TYPE("(a(usv))"), m->body.data, m->user_body_size, false, NULL, NULL); + assert_se(g_variant_is_normal_form(v)); t = g_variant_print(v, TRUE); printf("%s\n", t); g_free(t); @@ -180,6 +184,20 @@ static void test_marshal(void) { assert_se(bus_message_get_blob(m, &blob, &sz) >= 0); +#ifdef HAVE_GLIB + { + GVariant *v; + char *t; + + v = g_variant_new_from_data(G_VARIANT_TYPE("(yyyyuta{tv}v)"), blob, sz, false, NULL, NULL); + assert_se(g_variant_is_normal_form(v)); + t = g_variant_print(v, TRUE); + printf("%s\n", t); + g_free(t); + g_variant_unref(v); + } +#endif + assert_se(bus_message_from_malloc(bus, blob, sz, NULL, 0, NULL, NULL, &n) >= 0); blob = NULL; |