connection: allow unlimited bus connections for privileged users

As described in https://code.google.com/p/d-bus/issues/detail?id=9 by
Simon McVittie:

  kdbus allows 256 connections per uid per bus, which the CAP_IPC_OWNER
  may exceed.

  This could get quite tight for the session bus: I currently have 46
  session bus connections, so I'm only an order of magnitude away from
  the limit. The session bus is currently restricted to its owning uid
  only, and even if other uids are allowed in (perhaps via restricted
  endpoints) for Android-style sandboxing, I expect it will be mostly
  populated by its owning uid.

I agree with David Herrmann's solution:

  Connections are already limited by the per-user FD limit. So maybe we
  should just allow unlimited connections by the bus UID, too? All other
  connections must be limited, obviously. Otherwise, they can trigger
  slow-paths and reduce performance of the bus considerably.

Signed-off-by: Daniel Mack <daniel@zonque.org>

diff --git a/connection.c b/connection.c
index 9e6bec81a2b6621428a34fe9d67afde1027142c2..7773a71cf90c502e2306cbf4387406693c03f15f 100644 (file)
--- a/connection.c
+++ b/connection.c
@@ -1571,7 +1571,7 @@ int kdbus_conn_new(struct kdbus_ep *ep,
                goto exit_unref_user_unlock;
        }
 
-       if (!capable(CAP_IPC_OWNER) &&
+       if (!kdbus_bus_uid_is_privileged(bus) &&
            atomic_inc_return(&conn->user->connections) > KDBUS_USER_MAX_CONN) {
                atomic_dec(&conn->user->connections);
                ret = -EMFILE;