| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Current kdbus receive pool size is too small (only 2MB - in GLib
we have 16MB). Due to quite specific 'pool layout' in kdbus module,
2MB was not enough for 512kB messages - according to kdbus docs:
"50% of a pool is always owned by the connection. It is reserved for
kernel queries, handling received messages and other tasks that are
under control of the pool owner. The other 50% of the pool are used
as incoming queue.
As we optionally support user-space based policies, we need fair
allocation schemes. Furthermore, resource utilization should be
maximized, so only minimal resources stay reserved. However, we need
to adapt to a dynamic number of users, as we cannot know how many
users will talk to a connection. Therefore, the current allocation
works like this:
We limit the number of bytes in a destination's pool per sending
user. The space available for a user is 33% of the unused pool space
(whereas the space used by the user itself is also treated as
'unused'). This way, we favor users coming first, but keep enough
pool space available for any following users. Given that messages are
dequeued in FIFO order, this should balance nicely if the number of
users grows. At the same time, this algorithm guarantees that the
space available to a connection is reduced dynamically, the more
concurrent users talk to a connection."
Change-Id: Iffddc018f0d8bf08451d12d305c8d392ed3e1f55
|
|
Change-Id: I48e9799e4fccaea2016cd77a92ebe971eeb1b660
|
|
for blocking call(pending_call_block)
after acuire io path, check pending call completion before iteration(poll)
and wake up by any reason, but there are no reply, timeout is not reached, then retry polling,
next time, if it acquire io path, then just enter iteration(poll) without completion check,
for multi-threaded blocking call,
1. if first thread waiting io path(not 1st iteration),
2. second thread is polling,
3. reply message is arrived and this wake up seconds thread's polling,
4. first thread just enter polling until timeout
5. if there are no incoming event, then dead-lock until timeout.
Change-Id: Ifcfe53b7610996d1892519f4a69cf435aa395968
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
|
|
Change-Id: Ib7b2115ab6a3ea76f25915eaf153772d2fa1c02f
|
|
|
|
Change-Id: I641e09e8710d97e03ffdb467a35cff4c8889edc7
|
|
Change-Id: I04c508a6e14568ad6e28f687a433f6bde3f815f8
|
|
Change-Id: Ie68b9b9d88cb30f48341f7fcf8cc7caf01c06126
|
|
Change-Id: I75a6267471b7fdff2d147514210726a3cec6c5dd
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
|
|
Change-Id: Iffc672d09b30447ba714e50d5ab182fd6370078f
Signed-off-by: Paweł Szewczyk <p.szewczyk@samsung.com>
|
|
Change-Id: I9e28b9eeaa185caa1eeea8e5d7f79feaaae7d799
|
|
WGID 31177: strcpy/stpcpy->snprintf
WGID 31178: strcpy/stpcpy->snprintf
WGID 31179: strcpy/stpcpy->snprintf/strncpy
WGID 31180: use _dbus_strdup for string duplication
WGID 31183: sprintf->snprintf
WGID 31184: sprintf->snprintf
WGID 31185: sprintf->snprintf
WGID 31186: sprintf->snprintf
WGID 31200: added explanation and unified conditions
WGID 31210: added cast to __u64
all other sprintf->snprintf in dbus-transport-kdbus.c
Change-Id: I8a488d37ec8be66370cba7b88a464787dcfeefc3
|
|
With dbus-1.10 depending on systemd code there is no benefit
in keeping separate spec files.
Change-Id: I3a9311e1730b51b3d4ff1dda513b564d19065aa9
|
|
dbus-x11 is not used on tizen.org in any of available profiles.
Change-Id: I94205fbdb526a96202bd2f2165e6a5bcf2c2a080
|
|
Change-Id: I3b2ddc48b26819452ffa73d25d35177997c844b1
|
|
When a message is created, it is created without context
of a bus. Thus, we have to guess what type of protocol
is correct for the message. This commit introduces
a possibility to influence guessing.
An environment variable is introduced (DBUS_DEFAULT_PROTOCOL_STRATEGY),
with following values recognized:
* first-bus - messages created for type of first opened bus;
* last-bus - messages created for type of last opened bus;
* last-message - messages created for type of last sent message;
* dbus1 - messages created with dbus1 protocol;
* gvariant - messages created with GVariant protocol.
last-bus is a default strategy.
Change-Id: I2a185761973191ad5917bc2b6f4bfb2f4a3ed547
|
|
Change-Id: I5c9c0f7c5e50f89e69db9e5f000b181ebc98add6
|
|
Change-Id: I4060e9ad4a6703cdcfdccd3bce69fd2b2c958031
|
|
Constructing bloom filters belongs to low level API now.
Change-Id: I95b524e91905029a1a040a95204e7008120cd89c
|
|
String name to unique id conversion simplified.
Item names for debug strings simplified.
Change-Id: I934c6e3f64708db777dfdff2ffb4b4f5e7fa41a2
|
|
Change-Id: I91cb72a2c52d1d55fdfd8afb1e6599483d637ea1
|
|
Change-Id: I934800df6da5ad5fa34366683541782eb88daa9f
|
|
Change-Id: I2a39f9b86a5ebbde11ee496ecc40a6cc08e6a1a1
|
|
Freeing non-converted message after conversion
Freeing string objects
Freeing unique name in kdbus transport at end-of-life
Freeing matchmaker in kdbus transport at end-of-life
Change-Id: Iae4e231c52b78af3efd5a8a366fc01e50b03feeb
|
|
Change-Id: I666bc6474475906aa0ca2de96e47bfaa2c402ce2
|
|
Note: from version 1.10 it's required to have systemd support to be enabled not
only in dbus-daemon code but also in libdbus. This is because maintainers removed
built-in systemd support code (dbus/sd-daemon.c) and now depend on libsystemd-
provided functionality.
Additionally, update pkgconfig name to libsystemd (as required by configure.ac)
Change-Id: I2056086a9281543695643ac31fd3ab8648a4d205
|
|
Signed-off-by: Hyotaek, Shim <hyotaek.shim@samsung.com>
Change-Id: Ie0e4364412bdf83cde0dd33faddef7a22b856f58
|
|
Change-Id: I1bef17d3930a2ca626d3c002eaa10cf6f16c8aac
|
|
Change-Id: I439cfcbf9c8e44217f6a906836c579dd952b9ec7
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
|
|
A few fixes:
- remarshalling to GVariant lacked locking of messages. It caused
missing signature and offsets.
- dbus_message_get_signature returned signature with outer parentheses.
- removed unused param in _dbus_header_load_gvariant().
- editorial corrections in kdbus_decode_dbus_message().
Change-Id: I29ca21cef6769b725be0c98580f54313bda842c8
|
|
In GVariant, offsets in structs are stored for every end
of variable-sized elements except the last one.
We never know if an element we just added is the last one.
Therefore, the offset may be added when next element is added.
However, some users use multiple iterators. This change fixes
it at the root level - last offset value and position is kept
in the message.
Change-Id: I954657424d9da075edb10e5630b27df5bca8f917
|
|
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I84cf169d64f59b6b2086ade14a827b252ab44b97
|
|
This reverts commit 197db0df78e0a9f82df4162885854f99ff749505,
which reverts commit 771f5155c9a393a242329988d56661a51fc04e6c.
Change-Id: I4133020c585a6f9b42f487ffae4d2005b25a1d08
|
|
Change-Id: Iea6db9311c918f99059bb98e8bd396b36387d902
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
|
|
This reverts commit 771f5155c9a393a242329988d56661a51fc04e6c.
Change-Id: I73b6adc6b76b63e972f7228c88c18dabda81b006
|
|
This commit introduces ABI break due to size change of DBusMessageIter
structure. Consequently, all packages depending on libdbus need to be rebuilt.
Other authors:
Paweł Szewczyk <p.szewczyk@samsung.com>
Karol Lewandowski <k.lewandowsk@samsung.com>
and possibly others
Change-Id: Ie04b34295c38e5aaac63982996fa9eddc97dd696
|
|
This reverts commit e8610297cf7031e94eb314a2e8c11246f4405403.
Change-Id: Ifb60464c705f5b4e92f02f9e809d23e982d31c3d
Signed-off-by: Lukasz Skalski <l.skalski@samsung.com>
|
|
This change introduces http://tizen.org/privilege/internal/dbus privilege
which is supposed to be available only to trusted system resources.
Checks for this privilege are used in place of certain allow rules to
make security policy more strict.
For system bus sending and receiving signals now requires
http://tizen.org/privilege/internal/dbus privilege. Requesting name
ownership and sending methods is still denied by default.
For session bus http://tizen.org/privilege/internal/dbus privilege
is now required for requesting name, calling methods, sending and receiving
signals.
Services are supposed to override these default settings to implement their
own security policy.
Change-Id: Ifb4a160bf6e0638404e0295a2e4fa3077efd881c
Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com>
|
|
When running the command sed provided by toybox, the expression
[^[:cntrl:]] is not understood, what forbids to detect DBUS and
cause further errors.
This patch removes this expression.
Change-Id: If30543fadddf8b6811e14b548a747be99612894b
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
|
|
Change-Id: I8de1d91e6ab3c891de9549bfb94ae637d7ff664a
|
|
Change-Id: I765c1f189a4496620e5edc8c02b3055db5b45c09
|
|
Cynara cache was required when processing messages that have been
blocked at the sender's message queue. Reliance on cache turned out to be
unacceptable due to the fact that some policies are not cacheable. For example
responses provided by Cynara askuser plugin might be single-use and thus cannot
be cached.
The solution is to attach deferred message to the message object when policy result
is unavailable. Upon next bus_check_privilege call use response from Cynara which
is saved in deferred message object.
Change-Id: I17152343540d7b8d13ad3540c25c043d57aa5949
|
|
They were found by temporarily redefining BusResult in the following way:
typedef enum { BUS_RESULT_TRUE_E, BUS_RESULT_FALSE_E, BUS_RESULT_LATER_E } bus_result_t;
typedef struct { bus_result_t result; } BusResult;
#define BUS_RESULT_TRUE ((BusResult){BUS_RESULT_TRUE_E})
#define BUS_RESULT_FALSE ((BusResult){BUS_RESULT_FALSE_E})
#define BUS_RESULT_LATER ((BusResult){BUS_RESULT_LATER_E})
It doesn't compile because equality operator is not defined for structs.
Also, structs are not allowed in switch statement. However, some errors
indicated type mismatches which are now fixed.
Change-Id: I0eb5368359f342e0f4239a2ad95d34b9a8e10a23
Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com>
|
|
Policy result unavailability is handled like send rules - dispatching
messages from the sender is blocked and resumed when result becomes
available.
Handler of "RequestName" method needs to return BUS_RESULT_LATER when
policy result is not known therefore its return type is modified.
Since bus message handlers are put into function pointer array other
message handler function singatures are also affected.
Change-Id: I4c2cbd4585e41fccd8a30f825a8f0d342ab56755
|
|
When message is sent to the addressed recipient and receive rule
result is unavailable we don't want to block the sender
as it most likely will be the privileged service, so instead we queue
it at the recipient. Any further messages sent to it will be queued to
maintain message order. Once the answer from Cynara arrives messages are
dispatched from the recipient queue. In such case full dispatch is
performed - messages are sent to addressed recipient and other
interested connections.
Messages sent to non-addressed recipients (eavesdroppers or broadcast
message recipients) are handled in a similar way. The difference is
that it is not full dispatch meaning message is sent to a single recipient.
Change-Id: Iecd5395f75a4c7811fa97247a37d8fc4d42e8814
|
|
When unicast message to addressed recipient is sent and policy result
is not available message dispatch from the sender is disabled.
This also means that any further messages from the given connection are
put into the incoming queue. If response is received message dispatching
is resumed. This time answer is expected to be in cache so the message is
processed synchronously.
Receive rule result unavailability is not yet handled - such messages are
rejected. Also, if message is sent to non-addressed recipient message
is silently dropped.
Change-Id: Ia45905baf667ca42f386c1def108eca190d615bb
|
|
This commit introduces basic framework for asynchronous policy
checks and Cynara integration code. Functions for checking security
policy can now return third value - BUS_RESULT_LATER denoting check
result unavailability. Whenever policy checker cannot decide on the
result of the check it is supposed to allocate DeferredMessage structure
that will be passed to the upper layers which can decide what should be
done in such situation.
Proper handling of such case will be implemented in subsequent commits.
Currently such return value results in message denial.
Change-Id: I324b6ab68442e493853d8fe219c7a37fbd831872
|
|
The new <check> element is almost the same as <allow> and <deny>. The
difference is that it has an additional "privilege" parameter which
will be tested at runtime. Depending on the outcome of the check, the
rule turns into an allow or deny rule.
Executing these checks will be implemented separately. At the moment,
a <check> is basically the same as <deny>.
The representation of a rule grows by one additional pointer and needs
one additional bit to represent <check> in addition to <allow>/<deny>.
Reordering elements might mitigate this effect.
Change-Id: I25baa802fdf41413a78200273c3a0b17ae7f1cfa
|
