From 7de6dfe90fa002ea2703d4adacef9b6fed82a1f3 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Mon, 10 Jul 2023 17:35:15 +0200 Subject: [PATCH 1/1] Use private dbus connection for synchronous calls. This change is related to dotnet-launcher which in the process preparation, caused the connection to be established, which had a privileged label and was later used by an unprivileged application From now the connection is established before the dbus method is called and closed immediately after that. Change-Id: Ibc73090c500e0c03551c7733e31cfa1ff560ed93 --- src/storage-external-dbus.c | 52 ++++++++++++++++++++++++++++++++++++++++----- src/storage-inhouse.c | 12 ++++++++++- 2 files changed, 58 insertions(+), 6 deletions(-) diff --git a/src/storage-external-dbus.c b/src/storage-external-dbus.c index b94e311..de90ace 100755 --- a/src/storage-external-dbus.c +++ b/src/storage-external-dbus.c @@ -47,6 +47,17 @@ #define DBUS_REPLY_TIMEOUT (-1) +#define GET_DBUS_CONN_OR_EXIT() \ + ({ \ + dbus_handle_h dbus_handle = gdbus_get_connection(G_BUS_TYPE_SYSTEM, true); \ + if (dbus_handle == NULL) { \ + _E("Failed to get dbus connection"); \ + return -EIO; \ + } \ + dbus_handle; \ + }) + + struct storage_ext_callback { storage_ext_changed_cb func; void *data; @@ -104,12 +115,18 @@ int storage_ext_get_list(GList **list) if (!list) return -EINVAL; - ret_dbus = gdbus_call_sync_with_reply(STORAGE_EXT_BUS_NAME, + dbus_handle_h dbus_handle = GET_DBUS_CONN_OR_EXIT(); + + ret_dbus = gdbus_priv_call_sync_with_reply(dbus_handle, + STORAGE_EXT_BUS_NAME, STORAGE_EXT_PATH_MANAGER, STORAGE_EXT_IFACE_MANAGER, STORAGE_EXT_GET_LIST, g_variant_new("(s)", "all"), &reply); + + gdbus_free_connection(dbus_handle); + if (ret_dbus < 0) { _E("Failed to get storage_ext device info"); //LCOV_EXCL_LINE return -EIO; @@ -173,12 +190,18 @@ int storage_ext_get_statvfs(char *path, struct statvfs_32 *buf) memset(buf, 0, sizeof(struct statvfs_32)); - ret_dbus = gdbus_call_sync_with_reply(STORAGE_EXT_BUS_NAME, + dbus_handle_h dbus_handle = GET_DBUS_CONN_OR_EXIT(); + + ret_dbus = gdbus_priv_call_sync_with_reply(dbus_handle, + STORAGE_EXT_BUS_NAME, STORAGE_EXT_PATH_STORAGE, STORAGE_EXT_IFACE_STORAGE, STORAGE_EXT_GET_STATVFS, g_variant_new("(s)", path), &reply); + + gdbus_free_connection(dbus_handle); + if (ret_dbus < 0) { _E("Failed to get storage_ext device info"); //LCOV_EXCL_LINE return -EIO; @@ -220,12 +243,18 @@ int storage_ext_get_statvfs_size64(char *path, struct statvfs *buf) memset(buf, 0, sizeof(struct statvfs)); - ret_dbus = gdbus_call_sync_with_reply(STORAGE_EXT_BUS_NAME, + dbus_handle_h dbus_handle = GET_DBUS_CONN_OR_EXIT(); + + ret_dbus = gdbus_priv_call_sync_with_reply(dbus_handle, + STORAGE_EXT_BUS_NAME, STORAGE_EXT_PATH_STORAGE, STORAGE_EXT_IFACE_STORAGE, STORAGE_EXT_GET_STATVFS, g_variant_new("(s)", path), &reply); + + gdbus_free_connection(dbus_handle); + if (ret_dbus < 0) { _E("Failed to get storage_ext device info"); //LCOV_EXCL_LINE return -EIO; @@ -265,12 +294,19 @@ int storage_ext_get_storage_level(const char *path, char **level) return -EINVAL; } - ret_dbus = gdbus_call_sync_with_reply(STORAGE_EXT_BUS_NAME, + dbus_handle_h dbus_handle = GET_DBUS_CONN_OR_EXIT(); + + ret_dbus = gdbus_priv_call_sync_with_reply( + dbus_handle, + STORAGE_EXT_BUS_NAME, STORAGE_EXT_PATH_STORAGE, STORAGE_EXT_IFACE_STORAGE, STORAGE_EXT_GET_STORAGE_LEVEL, g_variant_new("(i)", id), &reply); + + gdbus_free_connection(dbus_handle); + if (ret_dbus < 0) { _E("Failed to get %d level", id); return -EIO; @@ -455,12 +491,18 @@ int storage_ext_get_device_info(int storage_id, storage_ext_device *info) GVariant *reply; int ret_dbus; - ret_dbus = gdbus_call_sync_with_reply(STORAGE_EXT_BUS_NAME, + dbus_handle_h dbus_handle = GET_DBUS_CONN_OR_EXIT(); + + ret_dbus = gdbus_priv_call_sync_with_reply(dbus_handle, + STORAGE_EXT_BUS_NAME, STORAGE_EXT_PATH_MANAGER, STORAGE_EXT_IFACE_MANAGER, "GetDeviceInfo", g_variant_new("(i)", storage_id), &reply); + + gdbus_free_connection(dbus_handle); + if (ret_dbus < 0) { _E("There is no storage with the storage id (%d)", storage_id); //LCOV_EXCL_LINE return -ENODEV; diff --git a/src/storage-inhouse.c b/src/storage-inhouse.c index 68b0c20..ef71f98 100755 --- a/src/storage-inhouse.c +++ b/src/storage-inhouse.c @@ -176,12 +176,22 @@ API int storage_get_primary_sdcard(int *storage_id, char **path) if (!storage_ext_is_supported()) return STORAGE_ERROR_NOT_SUPPORTED; - ret_dbus = gdbus_call_sync_with_reply(STORAGE_EXT_BUS_NAME, + dbus_handle_h dbus_handle = gdbus_get_connection(G_BUS_TYPE_SYSTEM, true); + if (dbus_handle == NULL) { + _E("Failed to get dbus connection"); + return STORAGE_ERROR_OPERATION_FAILED; + } + + ret_dbus = gdbus_priv_call_sync_with_reply(dbus_handle, + STORAGE_EXT_BUS_NAME, STORAGE_EXT_PATH_MANAGER, STORAGE_EXT_IFACE_MANAGER, "GetMmcPrimary", NULL, &reply); + + gdbus_free_connection(dbus_handle); + if (ret_dbus < 0) { //LCOV_EXCL_START System Error _E("Failed to get primary sdcard partition"); //LCOV_EXCL_LINE -- 2.7.4