mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-14 06:59:57 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

access: add access checks

Browse source 
Rework the access checks.
Add owner field to more objects to do access control checks
Make sure the object global is set in the object before signaling the
new global.
This commit is contained in:
Wim Taymans 2017-04-12 19:24:48 +02:00
parent d9bb116d27
commit 4cf59e3953
18 changed files with 230 additions and 200 deletions
Download patch file Download diff file Expand all files Collapse all files

7
pinos/server/access.c
View file

@ -18,10 +18,3 @@
*/
#include "pinos/server/core.h"
void
pinos_access_init (PinosAccess *access)
{
pinos_signal_init (&access->check_send);
pinos_signal_init (&access->check_dispatch);
}

27
pinos/server/access.h
View file

@ -30,20 +30,18 @@ extern "C" {
#include <pinos/client/sig.h>
typedef struct _PinosAccess PinosAccess;
typedef struct _PinosAccessData PinosAccessData;
#include <pinos/server/client.h>
#include <pinos/server/resource.h>
typedef struct {
SpaResult res;
PinosClient *client;
PinosResource *resource;
uint32_t opcode;
void *message;
bool flush;
} PinosAccessData;
struct _PinosAccessData {
SpaResult res;
void (*complete_cb) (PinosAccessData *data);
void (*cancel_cb) (PinosAccessData *data);
void *user_data;
};
typedef SpaResult (*PinosAccessFunc) (PinosAccessData *data);
/**
* PinosAccess:
@ -51,16 +49,11 @@ typedef SpaResult (*PinosAccessFunc) (PinosAccessData *data);
* Pinos Access support struct.
*/
struct _PinosAccess {
PINOS_SIGNAL (check_send, (PinosListener *listener,
PinosAccessFunc func,
PinosAccessData *data));
PINOS_SIGNAL (check_dispatch, (PinosListener *listener,
PinosAccessFunc func,
PinosAccessData *data));
SpaResult (*check_global) (PinosAccess *access,
PinosClient *client,
PinosGlobal *global);
};
void pinos_access_init (PinosAccess *access);
#ifdef __cplusplus
}
#endif

1
pinos/server/client-node.c
View file

@ -1177,6 +1177,7 @@ pinos_client_node_new (PinosClient *client,
proxy_init (&impl->proxy, NULL, client->core->support, client->core->n_support);
this->node = pinos_node_new (client->core,
client,
name,
true,
&impl->proxy.node,

13
pinos/server/client.c
View file

@ -111,12 +111,13 @@ pinos_client_new (PinosCore *core,
spa_list_insert (core->client_list.prev, &this->link);
this->global = pinos_core_add_global (core,
this,
core->type.client,
0,
this,
client_bind_func);
pinos_core_add_global (core,
this,
core->type.client,
0,
this,
client_bind_func,
&this->global);
this->info.id = this->global->id;
this->info.props = this->properties ? &this->properties->dict : NULL;

53
pinos/server/core.c
View file

@ -38,6 +38,10 @@ typedef struct {
} PinosCoreImpl;
#define ACCESS_CHECK_GLOBAL(client,global) (client->core->access && \
client->core->access->check_global (client->core->access, \
client, global) == SPA_RESULT_OK)
static void
registry_bind (void *object,
uint32_t id,
@ -55,6 +59,9 @@ registry_bind (void *object,
if (&global->link == &core->global_list)
goto no_id;
if (!ACCESS_CHECK_GLOBAL (client, global))
goto no_id;
pinos_log_debug ("global %p: bind object id %d to %d", global, id, new_id);
pinos_global_bind (global, client, 0, new_id);
@ -121,10 +128,12 @@ core_get_registry (void *object,
spa_list_insert (this->registry_resource_list.prev, &registry_resource->link);
spa_list_for_each (global, &this->global_list, link)
pinos_registry_notify_global (registry_resource,
global->id,
spa_type_map_get_type (this->type.map, global->type));
spa_list_for_each (global, &this->global_list, link) {
if (ACCESS_CHECK_GLOBAL (client, global))
pinos_registry_notify_global (registry_resource,
global->id,
spa_type_map_get_type (this->type.map, global->type));
}
return;
@ -291,7 +300,6 @@ pinos_core_new (PinosMainLoop *main_loop,
this->properties = properties;
pinos_type_init (&this->type);
pinos_access_init (&this->access);
pinos_map_init (&this->objects, 128, 32);
impl->support[0].type = SPA_TYPE__TypeMap;
@ -318,12 +326,13 @@ pinos_core_new (PinosMainLoop *main_loop,
pinos_signal_init (&this->global_added);
pinos_signal_init (&this->global_removed);
this->global = pinos_core_add_global (this,
NULL,
this->type.core,
0,
this,
core_bind_func);
pinos_core_add_global (this,
NULL,
this->type.core,
0,
this,
core_bind_func,
&this->global);
this->info.id = this->global->id;
this->info.change_mask = 0;
@ -358,13 +367,14 @@ pinos_core_destroy (PinosCore *core)
free (impl);
}
PinosGlobal *
bool
pinos_core_add_global (PinosCore *core,
PinosClient *owner,
uint32_t type,
uint32_t version,
void *object,
PinosBindFunc bind)
PinosBindFunc bind,
PinosGlobal **global)
{
PinosGlobalImpl *impl;
PinosGlobal *this;
@ -373,7 +383,7 @@ pinos_core_add_global (PinosCore *core,
impl = calloc (1, sizeof (PinosGlobalImpl));
if (impl == NULL)
return NULL;
return false;
this = &impl->this;
impl->bind = bind;
@ -383,6 +393,7 @@ pinos_core_add_global (PinosCore *core,
this->type = type;
this->version = version;
this->object = object;
*global = this;
pinos_signal_init (&this->destroy_signal);
@ -392,14 +403,15 @@ pinos_core_add_global (PinosCore *core,
pinos_signal_emit (&core->global_added, core, this);
type_name = spa_type_map_get_type (core->type.map, this->type);
pinos_log_debug ("global %p: new %u %s", this, this->id, type_name);
pinos_log_debug ("global %p: new %u %s, owner %p", this, this->id, type_name, owner);
spa_list_for_each (registry, &core->registry_resource_list, link)
pinos_registry_notify_global (registry,
this->id,
type_name);
if (ACCESS_CHECK_GLOBAL (registry->client, this))
pinos_registry_notify_global (registry,
this->id,
type_name);
return this;
return true;
}
SpaResult
@ -433,7 +445,8 @@ pinos_global_destroy (PinosGlobal *global)
pinos_signal_emit (&global->destroy_signal, global);
spa_list_for_each (registry, &core->registry_resource_list, link)
pinos_registry_notify_global_remove (registry, global->id);
if (ACCESS_CHECK_GLOBAL (registry->client, global))
pinos_registry_notify_global_remove (registry, global->id);
pinos_map_remove (&core->objects, global->id);

7
pinos/server/core.h
View file

@ -69,7 +69,7 @@ struct _PinosCore {
PinosProperties *properties;
PinosType type;
PinosAccess access;
PinosAccess *access;
PinosMap objects;
@ -105,12 +105,13 @@ void pinos_core_destroy (PinosCore *core);
void pinos_core_update_properties (PinosCore *core,
const SpaDict *dict);
PinosGlobal * pinos_core_add_global (PinosCore *core,
bool pinos_core_add_global (PinosCore *core,
PinosClient *owner,
uint32_t type,
uint32_t version,
void *object,
PinosBindFunc bind);
PinosBindFunc bind,
PinosGlobal **global);
SpaResult pinos_global_bind (PinosGlobal *global,
PinosClient *client,

13
pinos/server/link.c
View file

@ -891,12 +891,13 @@ pinos_link_new (PinosCore *core,
spa_list_insert (core->link_list.prev, &this->link);
this->global = pinos_core_add_global (core,
NULL,
core->type.link,
0,
this,
link_bind_func);
pinos_core_add_global (core,
NULL,
core->type.link,
0,
this,
link_bind_func,
&this->global);
return this;
}

13
pinos/server/module.c
View file

@ -192,12 +192,13 @@ pinos_module_load (PinosCore *core,
if (!init_func (this, (char *) args))
goto init_failed;
this->global = pinos_core_add_global (core,
NULL,
core->type.module,
0,
impl,
module_bind_func);
pinos_core_add_global (core,
NULL,
core->type.module,
0,
impl,
module_bind_func,
&this->global);
this->info.id = this->global->id;
this->info.name = name ? strdup (name) : NULL;

21
pinos/server/node.c
View file

@ -485,15 +485,16 @@ init_complete (PinosNode *this)
pinos_log_debug ("node %p: init completed", this);
impl->async_init = false;
pinos_node_update_state (this, PINOS_NODE_STATE_SUSPENDED, NULL);
spa_list_insert (this->core->node_list.prev, &this->link);
this->global = pinos_core_add_global (this->core,
NULL,
this->core->type.node,
0,
this,
node_bind_func);
pinos_core_add_global (this->core,
this->owner,
this->core->type.node,
0,
this,
node_bind_func,
&this->global);
pinos_node_update_state (this, PINOS_NODE_STATE_SUSPENDED, NULL);
}
void
@ -506,6 +507,7 @@ pinos_node_set_data_loop (PinosNode *node,
PinosNode *
pinos_node_new (PinosCore *core,
PinosClient *owner,
const char *name,
bool async,
SpaNode *node,
@ -521,7 +523,8 @@ pinos_node_new (PinosCore *core,
this = &impl->this;
this->core = core;
pinos_log_debug ("node %p: new", this);
this->owner = owner;
pinos_log_debug ("node %p: new, owner %p", this, owner);
impl->work = pinos_work_queue_new (this->core->main_loop->loop);

2
pinos/server/node.h
View file

@ -51,6 +51,7 @@ struct _PinosNode {
SpaList link;
PinosGlobal *global;
PinosClient *owner;
char *name;
PinosProperties *properties;
PinosNodeState state;
@ -109,6 +110,7 @@ struct _PinosNode {
};
PinosNode * pinos_node_new (PinosCore *core,
PinosClient *owner,
const char *name,
bool async,
SpaNode *node,

64
pinos/server/protocol-native.c
View file

@ -101,7 +101,7 @@ core_marshal_info (void *object,
}
spa_pod_builder_add (&b.b, -SPA_POD_TYPE_STRUCT, &f, 0);
pinos_connection_end_write (connection, resource->id, 0, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CORE_EVENT_INFO, b.b.offset);
}
static void
@ -118,7 +118,7 @@ core_marshal_done (void *object,
spa_pod_builder_struct (&b.b, &f,
SPA_POD_TYPE_INT, seq);
pinos_connection_end_write (connection, resource->id, 1, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CORE_EVENT_DONE, b.b.offset);
}
static void
@ -145,7 +145,7 @@ core_marshal_error (void *object,
SPA_POD_TYPE_INT, res,
SPA_POD_TYPE_STRING, buffer);
pinos_connection_end_write (connection, resource->id, 2, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CORE_EVENT_ERROR, b.b.offset);
}
static void
@ -162,7 +162,7 @@ core_marshal_remove_id (void *object,
spa_pod_builder_struct (&b.b, &f,
SPA_POD_TYPE_INT, id);
pinos_connection_end_write (connection, resource->id, 3, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CORE_EVENT_REMOVE_ID, b.b.offset);
}
static void
@ -189,7 +189,7 @@ core_marshal_update_types (void *object,
spa_pod_builder_add (&b.b,
-SPA_POD_TYPE_STRUCT, &f, 0);
pinos_connection_end_write (connection, resource->id, 4, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CORE_EVENT_UPDATE_TYPES, b.b.offset);
}
static bool
@ -375,7 +375,7 @@ registry_marshal_global (void *object,
SPA_POD_TYPE_INT, id,
SPA_POD_TYPE_STRING, type);
pinos_connection_end_write (connection, resource->id, 0, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_REGISTRY_EVENT_GLOBAL, b.b.offset);
}
static void
@ -392,7 +392,7 @@ registry_marshal_global_remove (void *object,
spa_pod_builder_struct (&b.b, &f,
SPA_POD_TYPE_INT, id);
pinos_connection_end_write (connection, resource->id, 1, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_REGISTRY_EVENT_GLOBAL_REMOVE, b.b.offset);
}
static bool
@ -446,7 +446,7 @@ module_marshal_info (void *object,
}
spa_pod_builder_add (&b.b, -SPA_POD_TYPE_STRUCT, &f, 0);
pinos_connection_end_write (connection, resource->id, 0, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_MODULE_EVENT_INFO, b.b.offset);
}
static void
@ -495,7 +495,7 @@ node_marshal_info (void *object,
}
spa_pod_builder_add (&b.b, -SPA_POD_TYPE_STRUCT, &f, 0);
pinos_connection_end_write (connection, resource->id, 0, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_NODE_EVENT_INFO, b.b.offset);
}
static void
@ -525,7 +525,7 @@ client_marshal_info (void *object,
}
spa_pod_builder_add (&b.b, -SPA_POD_TYPE_STRUCT, &f, 0);
pinos_connection_end_write (connection, resource->id, 0, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_EVENT_INFO, b.b.offset);
}
static void
@ -542,7 +542,7 @@ client_node_marshal_done (void *object,
spa_pod_builder_struct (&b.b, &f,
SPA_POD_TYPE_INT, pinos_connection_add_fd (connection, datafd));
pinos_connection_end_write (connection, resource->id, 0, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_NODE_EVENT_DONE, b.b.offset);
}
static void
@ -559,7 +559,7 @@ client_node_marshal_event (void *object,
spa_pod_builder_struct (&b.b, &f,
SPA_POD_TYPE_POD, event);
pinos_connection_end_write (connection, resource->id, 1, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_NODE_EVENT_EVENT, b.b.offset);
}
static void
@ -580,7 +580,7 @@ client_node_marshal_add_port (void *object,
SPA_POD_TYPE_INT, direction,
SPA_POD_TYPE_INT, port_id);
pinos_connection_end_write (connection, resource->id, 2, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_NODE_EVENT_ADD_PORT, b.b.offset);
}
static void
@ -601,7 +601,7 @@ client_node_marshal_remove_port (void *object,
SPA_POD_TYPE_INT, direction,
SPA_POD_TYPE_INT, port_id);
pinos_connection_end_write (connection, resource->id, 3, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_NODE_EVENT_REMOVE_PORT, b.b.offset);
}
static void
@ -626,7 +626,7 @@ client_node_marshal_set_format (void *object,
SPA_POD_TYPE_INT, flags,
SPA_POD_TYPE_POD, format);
pinos_connection_end_write (connection, resource->id, 4, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_NODE_EVENT_SET_FORMAT, b.b.offset);
}
static void
@ -648,7 +648,7 @@ client_node_marshal_set_property (void *object,
SPA_POD_TYPE_INT, id,
SPA_POD_TYPE_BYTES, value, size);
pinos_connection_end_write (connection, resource->id, 5, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_NODE_EVENT_SET_PROPERTY, b.b.offset);
}
static void
@ -679,7 +679,7 @@ client_node_marshal_add_mem (void *object,
SPA_POD_TYPE_INT, offset,
SPA_POD_TYPE_INT, size);
pinos_connection_end_write (connection, resource->id, 6, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_NODE_EVENT_ADD_MEM, b.b.offset);
}
static void
@ -734,7 +734,7 @@ client_node_marshal_use_buffers (void *object,
}
spa_pod_builder_add (&b.b, -SPA_POD_TYPE_STRUCT, &f, 0);
pinos_connection_end_write (connection, resource->id, 7, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_NODE_EVENT_USE_BUFFERS, b.b.offset);
}
static void
@ -753,7 +753,7 @@ client_node_marshal_node_command (void *object,
SPA_POD_TYPE_INT, seq,
SPA_POD_TYPE_POD, command);
pinos_connection_end_write (connection, resource->id, 8, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_NODE_EVENT_NODE_COMMAND, b.b.offset);
}
static void
@ -772,7 +772,7 @@ client_node_marshal_port_command (void *object,
SPA_POD_TYPE_INT, port_id,
SPA_POD_TYPE_POD, command);
pinos_connection_end_write (connection, resource->id, 9, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_NODE_EVENT_PORT_COMMAND, b.b.offset);
}
static void
@ -793,7 +793,7 @@ client_node_marshal_transport (void *object,
SPA_POD_TYPE_INT, offset,
SPA_POD_TYPE_INT, size);
pinos_connection_end_write (connection, resource->id, 10, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_CLIENT_NODE_EVENT_TRANSPORT, b.b.offset);
}
static bool
@ -949,7 +949,7 @@ link_marshal_info (void *object,
SPA_POD_TYPE_INT, info->input_node_id,
SPA_POD_TYPE_INT, info->input_port_id);
pinos_connection_end_write (connection, resource->id, 0, b.b.offset);
pinos_connection_end_write (connection, resource->id, PINOS_LINK_EVENT_INFO, b.b.offset);
}
static const PinosDemarshalFunc pinos_protocol_native_server_core_demarshal[] = {
@ -970,8 +970,8 @@ static const PinosCoreEvents pinos_protocol_native_server_core_events = {
};
const PinosInterface pinos_protocol_native_server_core_interface = {
6, pinos_protocol_native_server_core_demarshal,
5, &pinos_protocol_native_server_core_events,
PINOS_CORE_METHOD_NUM, pinos_protocol_native_server_core_demarshal,
PINOS_CORE_EVENT_NUM, &pinos_protocol_native_server_core_events,
};
static const PinosDemarshalFunc pinos_protocol_native_server_registry_demarshal[] = {
@ -984,8 +984,8 @@ static const PinosRegistryEvents pinos_protocol_native_server_registry_events =
};
const PinosInterface pinos_protocol_native_server_registry_interface = {
1, pinos_protocol_native_server_registry_demarshal,
2, &pinos_protocol_native_server_registry_events,
PINOS_REGISTRY_METHOD_NUM, pinos_protocol_native_server_registry_demarshal,
PINOS_REGISTRY_EVENT_NUM, &pinos_protocol_native_server_registry_events,
};
static const PinosModuleEvents pinos_protocol_native_server_module_events = {
@ -994,7 +994,7 @@ static const PinosModuleEvents pinos_protocol_native_server_module_events = {
const PinosInterface pinos_protocol_native_server_module_interface = {
0, NULL,
1, &pinos_protocol_native_server_module_events,
PINOS_MODULE_EVENT_NUM, &pinos_protocol_native_server_module_events,
};
static const PinosNodeEvents pinos_protocol_native_server_node_events = {
@ -1003,7 +1003,7 @@ static const PinosNodeEvents pinos_protocol_native_server_node_events = {
const PinosInterface pinos_protocol_native_server_node_interface = {
0, NULL,
1, &pinos_protocol_native_server_node_events,
PINOS_NODE_EVENT_NUM, &pinos_protocol_native_server_node_events,
};
static const PinosClientEvents pinos_protocol_native_server_client_events = {
@ -1012,7 +1012,7 @@ static const PinosClientEvents pinos_protocol_native_server_client_events = {
const PinosInterface pinos_protocol_native_server_client_interface = {
0, NULL,
2, &pinos_protocol_native_server_client_events,
PINOS_CLIENT_EVENT_NUM, &pinos_protocol_native_server_client_events,
};
static const PinosDemarshalFunc pinos_protocol_native_server_client_node_demarshal[] = {
@ -1037,8 +1037,8 @@ static const PinosClientNodeEvents pinos_protocol_native_server_client_node_even
};
const PinosInterface pinos_protocol_native_server_client_node_interface = {
4, &pinos_protocol_native_server_client_node_demarshal,
11, &pinos_protocol_native_server_client_node_events,
PINOS_CLIENT_NODE_METHOD_NUM, &pinos_protocol_native_server_client_node_demarshal,
PINOS_CLIENT_NODE_EVENT_NUM, &pinos_protocol_native_server_client_node_events,
};
static const PinosLinkEvents pinos_protocol_native_server_link_events = {
@ -1047,7 +1047,7 @@ static const PinosLinkEvents pinos_protocol_native_server_link_events = {
const PinosInterface pinos_protocol_native_server_link_interface = {
0, NULL,
1, &pinos_protocol_native_server_link_events,
PINOS_LINK_EVENT_NUM, &pinos_protocol_native_server_link_events,
};
bool