From 70c9402fa84ab4173ff2f85fcb24a459eb6b193e Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Fri, 27 Oct 2023 18:51:23 +0100 Subject: [PATCH] containers: Rename "container instance" to "container server" Flatpak has the concept of an "instance ID" for a running app, which we should expose in Containers1, similar to the analogous Wayland specification security-context-v1[1]. If we use the word "instance" for both the Flatpak (or other container manager) side and the D-Bus side, the resulting API will be really confusing. [1] https://gitlab.freedesktop.org/wayland/wayland-protocols/-/tree/main/staging/security-context Signed-off-by: Simon McVittie --- bus/connection.c | 6 +- bus/connection.h | 2 +- bus/containers.c | 372 ++++++++++++++--------------- bus/containers.h | 12 +- bus/dispatch.c | 2 +- bus/driver.c | 14 +- dbus/dbus-marshal-header.c | 4 +- dbus/dbus-message.c | 40 +++- dbus/dbus-message.h | 9 +- dbus/dbus-protocol.h | 10 +- doc/dbus-specification.xml | 142 +++++------ test/containers.c | 138 +++++------ test/internals/dbus-message-util.c | 4 +- 13 files changed, 398 insertions(+), 357 deletions(-) diff --git a/bus/connection.c b/bus/connection.c index f0177c6f..de00ceee 100644 --- a/bus/connection.c +++ b/bus/connection.c @@ -2478,8 +2478,8 @@ bus_transaction_send (BusTransaction *transaction, * until we know we have enough memory for the entire transaction, * and that doesn't happen until we know all the recipients. * So this is about the last possible time we could edit the header. */ - if ((d->want_headers & BUS_EXTRA_HEADERS_CONTAINER_INSTANCE) && - dbus_message_get_container_instance (message) == NULL) + if ((d->want_headers & BUS_EXTRA_HEADERS_CONTAINER_PATH) && + dbus_message_get_container_path (message) == NULL) { const char *path; @@ -2488,7 +2488,7 @@ bus_transaction_send (BusTransaction *transaction, NULL, NULL)) path = "/"; - if (!dbus_message_set_container_instance (message, path)) + if (!dbus_message_set_container_path (message, path)) return FALSE; } diff --git a/bus/connection.h b/bus/connection.h index 0ce60d11..f3eca5d0 100644 --- a/bus/connection.h +++ b/bus/connection.h @@ -32,7 +32,7 @@ typedef enum { - BUS_EXTRA_HEADERS_CONTAINER_INSTANCE = (1 << 0), + BUS_EXTRA_HEADERS_CONTAINER_PATH = (1 << 0), BUS_EXTRA_HEADERS_NONE = 0 } BusExtraHeaders; diff --git a/bus/containers.c b/bus/containers.c index aa3116e4..08c32e13 100644 --- a/bus/containers.c +++ b/bus/containers.c @@ -1,6 +1,6 @@ /* containers.c - restricted bus servers for containers * - * Copyright © 2017 Collabora Ltd. + * Copyright © 2017-2023 Collabora Ltd. * * SPDX-License-Identifier: AFL-2.1 OR GPL-2.0-or-later * @@ -45,7 +45,7 @@ #include "utils.h" /* - * A container instance groups together a per-app-container server with + * A container server groups together a per-app-container server with * all the connections for which it is responsible. */ typedef struct @@ -64,14 +64,14 @@ typedef struct DBusList *connections; unsigned long uid; unsigned announced:1; -} BusContainerInstance; +} BusContainerServer; -/* Data attached to a DBusConnection that has created container instances. */ +/* Data attached to a DBusConnection that has created container servers. */ typedef struct { - /* List of instances created by this connection; unowned. - * The BusContainerInstance removes itself from here on destruction. */ - DBusList *instances; + /* List of servers created by this connection; unowned. + * The BusContainerServer removes itself from here on destruction. */ + DBusList *servers; } BusContainerCreatorData; /* Data slot on DBusConnection, holding BusContainerCreatorData */ @@ -84,16 +84,16 @@ static dbus_int32_t container_creator_data_slot = -1; struct BusContainers { int refcount; - /* path borrowed from BusContainerInstance => unowned BusContainerInstance - * The BusContainerInstance removes itself from here on destruction. */ - DBusHashTable *instances_by_path; + /* path borrowed from BusContainerServer => unowned BusContainerServer + * The BusContainerServer removes itself from here on destruction. */ + DBusHashTable *servers_by_path; /* uid => (void *) (uintptr_t) number of containers */ DBusHashTable *n_containers_by_user; DBusString address_template; dbus_uint64_t next_container_id; }; -/* Data slot on DBusConnection, holding BusContainerInstance */ +/* Data slot on DBusConnection, holding BusContainerServer */ static dbus_int32_t contained_data_slot = -1; BusContainers * @@ -120,7 +120,7 @@ bus_containers_new (void) goto oom; self->refcount = 1; - self->instances_by_path = NULL; + self->servers_by_path = NULL; self->next_container_id = DBUS_UINT64_CONSTANT (0); self->address_template = invalid; @@ -193,7 +193,7 @@ bus_containers_unref (BusContainers *self) if (--self->refcount == 0) { - _dbus_clear_hash_table (&self->instances_by_path); + _dbus_clear_hash_table (&self->servers_by_path); _dbus_clear_hash_table (&self->n_containers_by_user); _dbus_string_free (&self->address_template); dbus_free (self); @@ -206,8 +206,8 @@ bus_containers_unref (BusContainers *self) } } -static BusContainerInstance * -bus_container_instance_ref (BusContainerInstance *self) +static BusContainerServer * +bus_container_server_ref (BusContainerServer *self) { _dbus_assert (self->refcount > 0); _dbus_assert (self->refcount < _DBUS_INT_MAX); @@ -217,7 +217,7 @@ bus_container_instance_ref (BusContainerInstance *self) } static dbus_bool_t -bus_container_instance_emit_removed (BusContainerInstance *self) +bus_container_server_emit_removed (BusContainerServer *self) { BusTransaction *transaction = NULL; DBusMessage *message = NULL; @@ -230,7 +230,7 @@ bus_container_instance_emit_removed (BusContainerInstance *self) message = dbus_message_new_signal (DBUS_PATH_DBUS, DBUS_INTERFACE_CONTAINERS1, - "InstanceRemoved"); + "ServerRemoved"); if (message == NULL || !dbus_message_set_sender (message, DBUS_SERVICE_DBUS) || @@ -251,7 +251,7 @@ bus_container_instance_emit_removed (BusContainerInstance *self) * somehow does happen, we don't want to stay in the OOM-retry loop, * because waiting for more memory will not help; so continue to * execute the transaction anyway. */ - _dbus_warn ("Failed to send InstanceRemoved for a reason " + _dbus_warn ("Failed to send ServerRemoved for a reason " "other than OOM: %s: %s", error.name, error.message); dbus_error_free (&error); } @@ -272,7 +272,7 @@ oom: } static void -bus_container_instance_unref (BusContainerInstance *self) +bus_container_server_unref (BusContainerServer *self) { _dbus_assert (self->refcount > 0); @@ -280,10 +280,10 @@ bus_container_instance_unref (BusContainerInstance *self) { BusContainerCreatorData *creator_data; - /* If we announced the container instance in a reply from + /* If we announced the container server in a reply from * AddServer() (which is also the time at which it becomes * available for the querying methods), then we have to emit - * InstanceRemoved for it. + * ServerRemoved for it. * * Similar to bus/connection.c dropping well-known name ownership, * this isn't really a situation where we can "fail", because @@ -291,29 +291,29 @@ bus_container_instance_unref (BusContainerInstance *self) * connection disconnecting; so we use a retry loop on OOM. */ for (; self->announced; _dbus_wait_for_memory ()) { - if (bus_container_instance_emit_removed (self)) + if (bus_container_server_emit_removed (self)) self->announced = FALSE; } - /* As long as the server is listening, the BusContainerInstance can't + /* As long as the server is listening, the BusContainerServer can't * be freed, because the DBusServer holds a reference to the - * BusContainerInstance */ + * BusContainerServer */ _dbus_assert (self->server == NULL); - /* Similarly, as long as there are connections, the BusContainerInstance + /* Similarly, as long as there are connections, the BusContainerServer * can't be freed, because each connection holds a reference to the - * BusContainerInstance */ + * BusContainerServer */ _dbus_assert (self->connections == NULL); creator_data = dbus_connection_get_data (self->creator, container_creator_data_slot); _dbus_assert (creator_data != NULL); - _dbus_list_remove (&creator_data->instances, self); + _dbus_list_remove (&creator_data->servers, self); - /* It's OK to do this even if we were never added to instances_by_path, + /* It's OK to do this even if we were never added to servers_by_path, * because the paths are globally unique. */ - if (self->path != NULL && self->containers->instances_by_path != NULL && - _dbus_hash_table_remove_string (self->containers->instances_by_path, + if (self->path != NULL && self->containers->servers_by_path != NULL && + _dbus_hash_table_remove_string (self->containers->servers_by_path, self->path)) { DBusHashIter entry; @@ -323,7 +323,7 @@ bus_container_instance_unref (BusContainerInstance *self) (void *) (uintptr_t) self->uid, FALSE, &entry)) _dbus_assert_not_reached ("Container should not be placed in " - "instances_by_path until its " + "servers_by_path until its " "n_containers_by_user entry has " "been allocated"); @@ -345,17 +345,17 @@ bus_container_instance_unref (BusContainerInstance *self) } static inline void -bus_clear_container_instance (BusContainerInstance **instance_p) +bus_clear_container_server (BusContainerServer **server_p) { - _dbus_clear_pointer_impl (BusContainerInstance, instance_p, - bus_container_instance_unref); + _dbus_clear_pointer_impl (BusContainerServer, server_p, + bus_container_server_unref); } static void -bus_container_instance_stop_listening (BusContainerInstance *self) +bus_container_server_stop_listening (BusContainerServer *self) { /* In case the DBusServer holds the last reference to self */ - bus_container_instance_ref (self); + bus_container_server_ref (self); if (self->server != NULL) { @@ -364,16 +364,16 @@ bus_container_instance_stop_listening (BusContainerInstance *self) dbus_clear_server (&self->server); } - bus_container_instance_unref (self); + bus_container_server_unref (self); } -static BusContainerInstance * -bus_container_instance_new (BusContext *context, - BusContainers *containers, - DBusConnection *creator, - DBusError *error) +static BusContainerServer * +bus_container_server_new (BusContext *context, + BusContainers *containers, + DBusConnection *creator, + DBusError *error) { - BusContainerInstance *self = NULL; + BusContainerServer *self = NULL; DBusString path = _DBUS_STRING_INIT_INVALID; _dbus_assert (context != NULL); @@ -387,7 +387,7 @@ bus_container_instance_new (BusContext *context, goto fail; } - self = dbus_new0 (BusContainerInstance, 1); + self = dbus_new0 (BusContainerServer, 1); if (self == NULL) { @@ -432,7 +432,7 @@ fail: _dbus_string_free (&path); if (self != NULL) - bus_container_instance_unref (self); + bus_container_server_unref (self); return NULL; } @@ -440,9 +440,9 @@ fail: static void bus_container_creator_data_free (BusContainerCreatorData *self) { - /* Each instance holds a ref to the creator, so there should be + /* Each server holds a ref to the creator, so there should be * nothing here */ - _dbus_assert (self->instances == NULL); + _dbus_assert (self->servers == NULL); dbus_free (self); } @@ -472,74 +472,74 @@ allow_same_uid_only (DBusConnection *connection, } static void -bus_container_instance_lost_connection (BusContainerInstance *instance, - DBusConnection *connection) +bus_container_server_lost_connection (BusContainerServer *server, + DBusConnection *connection) { - bus_container_instance_ref (instance); + bus_container_server_ref (server); dbus_connection_ref (connection); /* This is O(n), but we don't expect to have many connections per - * container instance. */ - if (_dbus_list_remove (&instance->connections, connection)) + * container server. */ + if (_dbus_list_remove (&server->connections, connection)) dbus_connection_unref (connection); /* We don't set connection's contained_data_slot to NULL, to make sure * that once we have marked a connection as belonging to a container, * there is no going back: even if we somehow keep a reference to it * around, it will never be treated as uncontained. The connection's - * reference to the instance will be cleaned up on last-unref, and - * the list removal above ensures that the instance does not hold a + * reference to the server will be cleaned up on last-unref, and + * the list removal above ensures that the server does not hold a * circular ref to the connection, so the last-unref will happen. */ dbus_connection_unref (connection); - bus_container_instance_unref (instance); + bus_container_server_unref (server); } static void -new_connection_cb (DBusServer *server, +new_connection_cb (DBusServer *lower_level_server, DBusConnection *new_connection, void *data) { - BusContainerInstance *instance = data; - int limit = bus_context_get_max_connections_per_container (instance->context); + BusContainerServer *server = data; + int limit = bus_context_get_max_connections_per_container (server->context); /* This is O(n), but we assume n is small in practice. */ - if (_dbus_list_get_length (&instance->connections) >= limit) + if (_dbus_list_get_length (&server->connections) >= limit) { /* We can't send this error to the new connection, so just log it */ - bus_context_log (instance->context, DBUS_SYSTEM_LOG_WARNING, + bus_context_log (server->context, DBUS_SYSTEM_LOG_WARNING, "Closing connection to container server " "%s (%s \"%s\") because it would exceed resource limit " "(max_connections_per_container=%d)", - instance->path, instance->type, instance->name, limit); + server->path, server->type, server->name, limit); return; } if (!dbus_connection_set_data (new_connection, contained_data_slot, - bus_container_instance_ref (instance), - (DBusFreeFunction) bus_container_instance_unref)) + bus_container_server_ref (server), + (DBusFreeFunction) bus_container_server_unref)) { - bus_container_instance_unref (instance); - bus_container_instance_lost_connection (instance, new_connection); + bus_container_server_unref (server); + bus_container_server_lost_connection (server, new_connection); return; } - if (_dbus_list_append (&instance->connections, new_connection)) + if (_dbus_list_append (&server->connections, new_connection)) { dbus_connection_ref (new_connection); } else { - bus_container_instance_lost_connection (instance, new_connection); + bus_container_server_lost_connection (server, new_connection); return; } /* If this fails it logs a warning, so we don't need to do that. * We don't know how to undo this, so do it last (apart from things that * cannot fail) */ - if (!bus_context_add_incoming_connection (instance->context, new_connection)) + if (!bus_context_add_incoming_connection (server->context, new_connection)) { - bus_container_instance_lost_connection (instance, new_connection); + bus_container_server_lost_connection (server, new_connection); return; } @@ -557,7 +557,7 @@ new_connection_cb (DBusServer *server, * allow_same_uid_only ensures that * this cast does not lose * information */ - (void *) (uintptr_t) instance->uid, + (void *) (uintptr_t) server->uid, NULL); } @@ -635,8 +635,8 @@ out: } static dbus_bool_t -bus_container_instance_listen (BusContainerInstance *self, - DBusError *error) +bus_container_server_listen (BusContainerServer *self, + DBusError *error) { BusContainers *containers = bus_context_get_containers (self->context); const char *address; @@ -663,8 +663,8 @@ bus_container_instance_listen (BusContainerInstance *self, /* Cannot fail because the memory it uses was already allocated */ dbus_server_set_new_connection_function (self->server, new_connection_cb, - bus_container_instance_ref (self), - (DBusFreeFunction) bus_container_instance_unref); + bus_container_server_ref (self), + (DBusFreeFunction) bus_container_server_unref); return TRUE; } @@ -682,7 +682,7 @@ bus_containers_handle_add_server (DBusConnection *connection, const char *type; const char *name; const char *path; - BusContainerInstance *instance = NULL; + BusContainerServer *server = NULL; BusContext *context; BusContainers *containers; char *address = NULL; @@ -707,7 +707,7 @@ bus_containers_handle_add_server (DBusConnection *connection, if (creator_data == NULL) goto oom; - creator_data->instances = NULL; + creator_data->servers = NULL; if (!dbus_connection_set_data (connection, container_creator_data_slot, creator_data, @@ -718,13 +718,13 @@ bus_containers_handle_add_server (DBusConnection *connection, } } - instance = bus_container_instance_new (context, containers, connection, - error); + server = bus_container_server_new (context, containers, connection, + error); - if (instance == NULL) + if (server == NULL) goto fail; - if (!dbus_connection_get_unix_user (connection, &instance->uid)) + if (!dbus_connection_get_unix_user (connection, &server->uid)) { dbus_set_error (error, DBUS_ERROR_FAILED, "Unable to determine user ID of caller"); @@ -740,9 +740,9 @@ bus_containers_handle_add_server (DBusConnection *connection, _dbus_assert (dbus_message_iter_get_arg_type (&iter) == DBUS_TYPE_STRING); dbus_message_iter_get_basic (&iter, &type); - instance->type = _dbus_strdup (type); + server->type = _dbus_strdup (type); - if (instance->type == NULL) + if (server->type == NULL) goto oom; if (!dbus_validate_interface (type, NULL)) @@ -759,9 +759,9 @@ bus_containers_handle_add_server (DBusConnection *connection, _dbus_assert (dbus_message_iter_get_arg_type (&iter) == DBUS_TYPE_STRING); dbus_message_iter_get_basic (&iter, &name); - instance->name = _dbus_strdup (name); + server->name = _dbus_strdup (name); - if (instance->name == NULL) + if (server->name == NULL) goto oom; /* Argument 2: Metadata as defined by container manager */ @@ -769,17 +769,17 @@ bus_containers_handle_add_server (DBusConnection *connection, _dbus_assert_not_reached ("Message type was already checked"); _dbus_assert (dbus_message_iter_get_arg_type (&iter) == DBUS_TYPE_ARRAY); - instance->metadata = _dbus_variant_read (&iter); - _dbus_assert (strcmp (_dbus_variant_get_signature (instance->metadata), + server->metadata = _dbus_variant_read (&iter); + _dbus_assert (strcmp (_dbus_variant_get_signature (server->metadata), "a{sv}") == 0); - /* For simplicity we don't count the size of the BusContainerInstance + /* For simplicity we don't count the size of the BusContainerServer * itself, the object path, lengths, the non-payload parts of the DBusString, * NUL terminators and so on. That overhead is O(1) and relatively small. * This cannot overflow because all parts came from a message, and messages * are constrained to be orders of magnitude smaller than the maximum * int value. */ - metadata_size = _dbus_variant_get_length (instance->metadata) + + metadata_size = _dbus_variant_get_length (server->metadata) + (int) strlen (type) + (int) strlen (name); limit = bus_context_get_max_container_metadata_bytes (context); @@ -831,12 +831,12 @@ bus_containers_handle_add_server (DBusConnection *connection, /* End of arguments */ _dbus_assert (!dbus_message_iter_has_next (&iter)); - if (containers->instances_by_path == NULL) + if (containers->servers_by_path == NULL) { - containers->instances_by_path = _dbus_hash_table_new (DBUS_HASH_STRING, - NULL, NULL); + containers->servers_by_path = _dbus_hash_table_new (DBUS_HASH_STRING, + NULL, NULL); - if (containers->instances_by_path == NULL) + if (containers->servers_by_path == NULL) goto oom; } @@ -851,7 +851,7 @@ bus_containers_handle_add_server (DBusConnection *connection, limit = bus_context_get_max_containers (context); - if (_dbus_hash_table_get_n_entries (containers->instances_by_path) >= limit) + if (_dbus_hash_table_get_n_entries (containers->servers_by_path) >= limit) { DBusError local_error = DBUS_ERROR_INIT; @@ -870,7 +870,7 @@ bus_containers_handle_add_server (DBusConnection *connection, if (!_dbus_hash_iter_lookup (containers->n_containers_by_user, /* We statically assert that a uid fits in a * uintptr_t, so this can't lose information */ - (void *) (uintptr_t) instance->uid, TRUE, + (void *) (uintptr_t) server->uid, TRUE, &n_containers_by_user_entry)) goto oom; @@ -889,34 +889,34 @@ bus_containers_handle_add_server (DBusConnection *connection, "(max_containers_per_user=%d)", bus_connection_get_name (connection), bus_connection_get_loginfo (connection), - instance->uid, limit); + server->uid, limit); bus_context_log_literal (context, DBUS_SYSTEM_LOG_WARNING, local_error.message); dbus_move_error (&local_error, error); goto fail; } - if (!_dbus_hash_table_insert_string (containers->instances_by_path, - instance->path, instance)) + if (!_dbus_hash_table_insert_string (containers->servers_by_path, + server->path, server)) goto oom; /* This cannot fail (we already allocated the memory) so we can do it after - * we already succeeded in adding it to instances_by_path. The matching - * decrement is done whenever we remove it from instances_by_path. */ + * we already succeeded in adding it to servers_by_path. The matching + * decrement is done whenever we remove it from servers_by_path. */ this_user_containers += 1; _dbus_hash_iter_set_value (&n_containers_by_user_entry, (void *) this_user_containers); - if (!_dbus_list_append (&creator_data->instances, instance)) + if (!_dbus_list_append (&creator_data->servers, server)) goto oom; /* This part is separated out because we eventually want to be able to * accept a fd-passed server socket in the named parameters, instead of * creating our own server, and defer listening on it until later */ - if (!bus_container_instance_listen (instance, error)) + if (!bus_container_server_listen (server, error)) goto fail; - address = dbus_server_get_address (instance->server); + address = dbus_server_get_address (server->server); if (!dbus_parse_address (address, &entries, &n_entries, error)) _dbus_assert_not_reached ("listening on unix:dir= should yield a valid address"); @@ -930,7 +930,7 @@ bus_containers_handle_add_server (DBusConnection *connection, reply = dbus_message_new_method_return (message); if (!dbus_message_append_args (reply, - DBUS_TYPE_OBJECT_PATH, &instance->path, + DBUS_TYPE_OBJECT_PATH, &server->path, DBUS_TYPE_INVALID)) goto oom; @@ -961,9 +961,9 @@ bus_containers_handle_add_server (DBusConnection *connection, if (! bus_transaction_send_from_driver (transaction, connection, reply)) goto oom; - instance->announced = TRUE; + server->announced = TRUE; dbus_message_unref (reply); - bus_container_instance_unref (instance); + bus_container_server_unref (server); dbus_address_entries_free (entries); dbus_free (address); return TRUE; @@ -972,18 +972,18 @@ oom: BUS_SET_OOM (error); /* fall through */ fail: - if (instance != NULL) - bus_container_instance_stop_listening (instance); + if (server != NULL) + bus_container_server_stop_listening (server); dbus_clear_message (&reply); dbus_clear_address_entries (&entries); - bus_clear_container_instance (&instance); + bus_clear_container_server (&server); dbus_free (address); return FALSE; } dbus_bool_t -bus_containers_supported_arguments_getter (BusContext *context, +bus_containers_supported_arguments_getter (BusContext *server, DBusMessageIter *var_iter) { DBusMessageIter arr_iter; @@ -996,14 +996,14 @@ bus_containers_supported_arguments_getter (BusContext *context, } dbus_bool_t -bus_containers_handle_stop_instance (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error) +bus_containers_handle_stop_server (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error) { BusContext *context; BusContainers *containers; - BusContainerInstance *instance = NULL; + BusContainerServer *server = NULL; DBusList *iter; const char *path; unsigned long uid; @@ -1016,13 +1016,13 @@ bus_containers_handle_stop_instance (DBusConnection *connection, context = bus_transaction_get_context (transaction); containers = bus_context_get_containers (context); - if (containers->instances_by_path != NULL) + if (containers->servers_by_path != NULL) { - instance = _dbus_hash_table_lookup_string (containers->instances_by_path, - path); + server = _dbus_hash_table_lookup_string (containers->servers_by_path, + path); } - if (instance == NULL) + if (server == NULL) { dbus_set_error (error, DBUS_ERROR_NOT_CONTAINER, "There is no container with path '%s'", path); @@ -1036,23 +1036,23 @@ bus_containers_handle_stop_instance (DBusConnection *connection, goto failed; } - if (uid != instance->uid) + if (uid != server->uid) { dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, "User %lu cannot stop a container server started by " - "user %lu", uid, instance->uid); + "user %lu", uid, server->uid); goto failed; } - bus_container_instance_ref (instance); - bus_container_instance_stop_listening (instance); + bus_container_server_ref (server); + bus_container_server_stop_listening (server); - for (iter = _dbus_list_get_first_link (&instance->connections); + for (iter = _dbus_list_get_first_link (&server->connections); iter != NULL; - iter = _dbus_list_get_next_link (&instance->connections, iter)) + iter = _dbus_list_get_next_link (&server->connections, iter)) dbus_connection_close (iter->data); - bus_container_instance_unref (instance); + bus_container_server_unref (server); if (!bus_driver_send_ack_reply (connection, transaction, message, error)) goto failed; @@ -1072,7 +1072,7 @@ bus_containers_handle_stop_listening (DBusConnection *connection, { BusContext *context; BusContainers *containers; - BusContainerInstance *instance = NULL; + BusContainerServer *server = NULL; const char *path; unsigned long uid; @@ -1084,13 +1084,13 @@ bus_containers_handle_stop_listening (DBusConnection *connection, context = bus_transaction_get_context (transaction); containers = bus_context_get_containers (context); - if (containers->instances_by_path != NULL) + if (containers->servers_by_path != NULL) { - instance = _dbus_hash_table_lookup_string (containers->instances_by_path, - path); + server = _dbus_hash_table_lookup_string (containers->servers_by_path, + path); } - if (instance == NULL) + if (server == NULL) { dbus_set_error (error, DBUS_ERROR_NOT_CONTAINER, "There is no container with path '%s'", path); @@ -1104,17 +1104,17 @@ bus_containers_handle_stop_listening (DBusConnection *connection, goto failed; } - if (uid != instance->uid) + if (uid != server->uid) { dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, "User %lu cannot stop a container server started by " - "user %lu", uid, instance->uid); + "user %lu", uid, server->uid); goto failed; } - bus_container_instance_ref (instance); - bus_container_instance_stop_listening (instance); - bus_container_instance_unref (instance); + bus_container_server_ref (server); + bus_container_server_stop_listening (server); + bus_container_server_unref (server); if (!bus_driver_send_ack_reply (connection, transaction, message, error)) goto failed; @@ -1131,8 +1131,8 @@ failed: * whether to allow sending or receiving a message, which might involve * the dbus-daemon itself as a message sender or recipient. */ -static BusContainerInstance * -connection_get_instance (DBusConnection *connection) +static BusContainerServer * +connection_get_server (DBusConnection *connection) { if (connection == NULL) return NULL; @@ -1144,12 +1144,12 @@ connection_get_instance (DBusConnection *connection) } dbus_bool_t -bus_containers_handle_get_connection_instance (DBusConnection *caller, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error) +bus_containers_handle_get_connection_info (DBusConnection *caller, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error) { - BusContainerInstance *instance; + BusContainerServer *server; BusDriverFound found; DBusConnection *subject; DBusMessage *reply = NULL; @@ -1159,7 +1159,7 @@ bus_containers_handle_get_connection_instance (DBusConnection *caller, _DBUS_ASSERT_ERROR_IS_CLEAR (error); - found = bus_driver_get_conn_helper (caller, message, "container instance", + found = bus_driver_get_conn_helper (caller, message, "container information", &bus_name, &subject, error); switch (found) @@ -1178,9 +1178,9 @@ bus_containers_handle_get_connection_instance (DBusConnection *caller, goto failed; } - instance = connection_get_instance (subject); + server = connection_get_server (subject); - if (instance == NULL) + if (server == NULL) { dbus_set_error (error, DBUS_ERROR_NOT_CONTAINER, "Connection '%s' is not in a container", bus_name); @@ -1193,7 +1193,7 @@ bus_containers_handle_get_connection_instance (DBusConnection *caller, goto oom; if (!dbus_message_append_args (reply, - DBUS_TYPE_OBJECT_PATH, &instance->path, + DBUS_TYPE_OBJECT_PATH, &server->path, DBUS_TYPE_INVALID)) goto oom; @@ -1203,7 +1203,7 @@ bus_containers_handle_get_connection_instance (DBusConnection *caller, &arr_writer)) goto oom; - if (!bus_driver_fill_connection_credentials (NULL, instance->creator, + if (!bus_driver_fill_connection_credentials (NULL, server->creator, caller, &arr_writer)) { @@ -1215,14 +1215,14 @@ bus_containers_handle_get_connection_instance (DBusConnection *caller, goto oom; if (!dbus_message_append_args (reply, - DBUS_TYPE_STRING, &instance->type, - DBUS_TYPE_STRING, &instance->name, + DBUS_TYPE_STRING, &server->type, + DBUS_TYPE_STRING, &server->name, DBUS_TYPE_INVALID)) goto oom; dbus_message_iter_init_append (reply, &writer); - if (!_dbus_variant_write (instance->metadata, &writer)) + if (!_dbus_variant_write (server->metadata, &writer)) goto oom; if (!bus_transaction_send_from_driver (transaction, caller, reply)) @@ -1242,14 +1242,14 @@ failed: } dbus_bool_t -bus_containers_handle_get_instance_info (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error) +bus_containers_handle_get_server_info (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error) { BusContext *context; BusContainers *containers; - BusContainerInstance *instance = NULL; + BusContainerServer *server = NULL; DBusMessage *reply = NULL; DBusMessageIter writer; DBusMessageIter arr_writer; @@ -1263,13 +1263,13 @@ bus_containers_handle_get_instance_info (DBusConnection *connection, context = bus_transaction_get_context (transaction); containers = bus_context_get_containers (context); - if (containers->instances_by_path != NULL) + if (containers->servers_by_path != NULL) { - instance = _dbus_hash_table_lookup_string (containers->instances_by_path, - path); + server = _dbus_hash_table_lookup_string (containers->servers_by_path, + path); } - if (instance == NULL) + if (server == NULL) { dbus_set_error (error, DBUS_ERROR_NOT_CONTAINER, "There is no container with path '%s'", path); @@ -1287,7 +1287,7 @@ bus_containers_handle_get_instance_info (DBusConnection *connection, &arr_writer)) goto oom; - if (!bus_driver_fill_connection_credentials (NULL, instance->creator, + if (!bus_driver_fill_connection_credentials (NULL, server->creator, connection, &arr_writer)) { @@ -1299,14 +1299,14 @@ bus_containers_handle_get_instance_info (DBusConnection *connection, goto oom; if (!dbus_message_append_args (reply, - DBUS_TYPE_STRING, &instance->type, - DBUS_TYPE_STRING, &instance->name, + DBUS_TYPE_STRING, &server->type, + DBUS_TYPE_STRING, &server->name, DBUS_TYPE_INVALID)) goto oom; dbus_message_iter_init_append (reply, &writer); - if (!_dbus_variant_write (instance->metadata, &writer)) + if (!_dbus_variant_write (server->metadata, &writer)) goto oom; if (!bus_transaction_send_from_driver (transaction, connection, reply)) @@ -1346,7 +1346,7 @@ bus_containers_handle_request_header (DBusConnection *caller, } bus_connection_request_headers (caller, - BUS_EXTRA_HEADERS_CONTAINER_INSTANCE); + BUS_EXTRA_HEADERS_CONTAINER_PATH); ret = TRUE; out: @@ -1357,17 +1357,17 @@ out: void bus_containers_stop_listening (BusContainers *self) { - if (self->instances_by_path != NULL) + if (self->servers_by_path != NULL) { DBusHashIter iter; - _dbus_hash_iter_init (self->instances_by_path, &iter); + _dbus_hash_iter_init (self->servers_by_path, &iter); while (_dbus_hash_iter_next (&iter)) { - BusContainerInstance *instance = _dbus_hash_iter_get_value (&iter); + BusContainerServer *server = _dbus_hash_iter_get_value (&iter); - bus_container_instance_stop_listening (instance); + bus_container_server_stop_listening (server); } } } @@ -1410,7 +1410,7 @@ bus_containers_remove_connection (BusContainers *self, { #ifdef DBUS_ENABLE_CONTAINERS BusContainerCreatorData *creator_data; - BusContainerInstance *instance; + BusContainerServer *server; dbus_connection_ref (connection); creator_data = dbus_connection_get_data (connection, @@ -1421,28 +1421,28 @@ bus_containers_remove_connection (BusContainers *self, DBusList *iter; DBusList *next; - for (iter = _dbus_list_get_first_link (&creator_data->instances); + for (iter = _dbus_list_get_first_link (&creator_data->servers); iter != NULL; iter = next) { - instance = iter->data; + server = iter->data; /* Remember where we got to before we do something that might free - * iter and instance */ - next = _dbus_list_get_next_link (&creator_data->instances, iter); + * iter and server */ + next = _dbus_list_get_next_link (&creator_data->servers, iter); - _dbus_assert (instance->creator == connection); + _dbus_assert (server->creator == connection); - /* This will invalidate iter and instance if there are no open - * connections to this instance */ - bus_container_instance_stop_listening (instance); + /* This will invalidate iter and server if there are no open + * connections to this server */ + bus_container_server_stop_listening (server); } } - instance = connection_get_instance (connection); + server = connection_get_server (connection); - if (instance != NULL) - bus_container_instance_lost_connection (instance, connection); + if (server != NULL) + bus_container_server_lost_connection (server, connection); dbus_connection_unref (connection); #endif /* DBUS_ENABLE_CONTAINERS */ @@ -1455,20 +1455,20 @@ bus_containers_connection_is_contained (DBusConnection *connection, const char **name) { #ifdef DBUS_ENABLE_CONTAINERS - BusContainerInstance *instance; + BusContainerServer *server; - instance = connection_get_instance (connection); + server = connection_get_server (connection); - if (instance != NULL) + if (server != NULL) { if (path != NULL) - *path = instance->path; + *path = server->path; if (type != NULL) - *type = instance->type; + *type = server->type; if (name != NULL) - *name = instance->name; + *name = server->name; return TRUE; } diff --git a/bus/containers.h b/bus/containers.h index 842a43f4..c5027f8d 100644 --- a/bus/containers.h +++ b/bus/containers.h @@ -38,7 +38,7 @@ dbus_bool_t bus_containers_handle_add_server (DBusConnection *connecti BusTransaction *transaction, DBusMessage *message, DBusError *error); -dbus_bool_t bus_containers_handle_stop_instance (DBusConnection *connection, +dbus_bool_t bus_containers_handle_stop_server (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, DBusError *error); @@ -46,14 +46,14 @@ dbus_bool_t bus_containers_handle_stop_listening (DBusConnection *connecti BusTransaction *transaction, DBusMessage *message, DBusError *error); -dbus_bool_t bus_containers_handle_get_instance_info (DBusConnection *connection, +dbus_bool_t bus_containers_handle_get_server_info (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, DBusError *error); -dbus_bool_t bus_containers_handle_get_connection_instance (DBusConnection *connection, - BusTransaction *transaction, - DBusMessage *message, - DBusError *error); +dbus_bool_t bus_containers_handle_get_connection_info (DBusConnection *connection, + BusTransaction *transaction, + DBusMessage *message, + DBusError *error); dbus_bool_t bus_containers_handle_request_header (DBusConnection *connection, BusTransaction *transaction, DBusMessage *message, diff --git a/bus/dispatch.c b/bus/dispatch.c index 9bfdf795..b61d9917 100644 --- a/bus/dispatch.c +++ b/bus/dispatch.c @@ -293,7 +293,7 @@ bus_dispatch (DBusConnection *connection, * don't understand (or validate), so that we can add header fields * in future and clients can assume that we have checked them. */ if (!_dbus_message_remove_unknown_fields (message) || - !dbus_message_set_container_instance (message, NULL)) + !dbus_message_set_container_path (message, NULL)) { BUS_SET_OOM (&error); goto out; diff --git a/bus/driver.c b/bus/driver.c index c6bff89d..7b0bba96 100644 --- a/bus/driver.c +++ b/bus/driver.c @@ -2036,7 +2036,7 @@ bus_driver_fill_connection_credentials (DBusCredentials *credentials, bus_containers_connection_is_contained (peer_conn, &path, NULL, NULL)) { if (!_dbus_asv_add_object_path (asv_iter, - DBUS_INTERFACE_CONTAINERS1 ".Instance", + DBUS_INTERFACE_CONTAINERS1 ".Path", path)) return FALSE; } @@ -2496,7 +2496,7 @@ typedef enum * containers are never privileged. */ METHOD_FLAG_PRIVILEGED = (1 << 1), - /* If set, callers must not be associated with a container instance. */ + /* If set, callers must not be associated with a container. */ METHOD_FLAG_NO_CONTAINERS = (1 << 2), METHOD_FLAG_NONE = 0 @@ -2649,14 +2649,14 @@ static const MessageHandler introspectable_message_handlers[] = { static const MessageHandler containers_message_handlers[] = { { "AddServer", "ssa{sv}a{sv}", "oays", bus_containers_handle_add_server, METHOD_FLAG_NO_CONTAINERS }, - { "StopInstance", "o", "", bus_containers_handle_stop_instance, + { "StopServer", "o", "", bus_containers_handle_stop_server, METHOD_FLAG_NO_CONTAINERS }, { "StopListening", "o", "", bus_containers_handle_stop_listening, METHOD_FLAG_NO_CONTAINERS }, - { "GetConnectionInstance", "s", "oa{sv}ssa{sv}", - bus_containers_handle_get_connection_instance, + { "GetConnectionInfo", "s", "oa{sv}ssa{sv}", + bus_containers_handle_get_connection_info, METHOD_FLAG_NONE }, - { "GetInstanceInfo", "o", "a{sv}ssa{sv}", bus_containers_handle_get_instance_info, + { "GetServerInfo", "o", "a{sv}ssa{sv}", bus_containers_handle_get_server_info, METHOD_FLAG_NONE }, { "RequestHeader", "", "", bus_containers_handle_request_header, METHOD_FLAG_NONE }, @@ -2776,7 +2776,7 @@ static InterfaceHandler interface_handlers[] = { #endif #ifdef DBUS_ENABLE_CONTAINERS { DBUS_INTERFACE_CONTAINERS1, containers_message_handlers, - " \n" + " \n" " \n" " \n", INTERFACE_FLAG_NONE, containers_property_handlers }, diff --git a/dbus/dbus-marshal-header.c b/dbus/dbus-marshal-header.c index 30636d79..c4824318 100644 --- a/dbus/dbus-marshal-header.c +++ b/dbus/dbus-marshal-header.c @@ -86,7 +86,7 @@ _dbus_header_field_types[DBUS_HEADER_FIELD_LAST+1] = { { DBUS_HEADER_FIELD_SENDER, DBUS_TYPE_STRING }, { DBUS_HEADER_FIELD_SIGNATURE, DBUS_TYPE_SIGNATURE }, { DBUS_HEADER_FIELD_UNIX_FDS, DBUS_TYPE_UINT32 }, - { DBUS_HEADER_FIELD_CONTAINER_INSTANCE, DBUS_TYPE_OBJECT_PATH } + { DBUS_HEADER_FIELD_CONTAINER_PATH, DBUS_TYPE_OBJECT_PATH } }; /** Macro to look up the correct type for a field */ @@ -922,7 +922,7 @@ load_and_validate_field (DBusHeader *header, string_validation_func = NULL; break; - case DBUS_HEADER_FIELD_CONTAINER_INSTANCE: + case DBUS_HEADER_FIELD_CONTAINER_PATH: /* OBJECT_PATH was validated generically due to its type */ string_validation_func = NULL; break; diff --git a/dbus/dbus-message.c b/dbus/dbus-message.c index b47a8638..edca49fa 100644 --- a/dbus/dbus-message.c +++ b/dbus/dbus-message.c @@ -4097,7 +4097,7 @@ dbus_message_contains_unix_fds(DBusMessage *message) } /** - * Sets the container instance this message was sent from. + * Sets the container context this message was sent from. * * The path must contain only valid characters for an object path * as defined in the D-Bus specification. @@ -4107,8 +4107,8 @@ dbus_message_contains_unix_fds(DBusMessage *message) * @returns #FALSE if not enough memory */ dbus_bool_t -dbus_message_set_container_instance (DBusMessage *message, - const char *object_path) +dbus_message_set_container_path (DBusMessage *message, + const char *object_path) { _dbus_return_val_if_fail (message != NULL, FALSE); _dbus_return_val_if_fail (!message->locked, FALSE); @@ -4117,13 +4117,27 @@ dbus_message_set_container_instance (DBusMessage *message, FALSE); return set_or_delete_string_field (message, - DBUS_HEADER_FIELD_CONTAINER_INSTANCE, + DBUS_HEADER_FIELD_CONTAINER_PATH, DBUS_TYPE_OBJECT_PATH, object_path); } /** - * Gets the container instance this message was sent from, or #NULL + * Deprecated alias for dbus_message_set_container_path(). + * + * @param message the message + * @param object_path the path or #NULL to unset + * @returns #FALSE if not enough memory + */ +dbus_bool_t +dbus_message_set_container_instance (DBusMessage *message, + const char *object_path) +{ + return dbus_message_set_container_path (message, object_path); +} + +/** + * Gets the container context this message was sent from, or #NULL * if none. * * The returned string becomes invalid if the message is @@ -4133,7 +4147,7 @@ dbus_message_set_container_instance (DBusMessage *message, * @returns the path (should not be freed) or #NULL */ const char * -dbus_message_get_container_instance (DBusMessage *message) +dbus_message_get_container_path (DBusMessage *message) { const char *v; @@ -4141,12 +4155,24 @@ dbus_message_get_container_instance (DBusMessage *message) v = NULL; /* in case field doesn't exist */ _dbus_header_get_field_basic (&message->header, - DBUS_HEADER_FIELD_CONTAINER_INSTANCE, + DBUS_HEADER_FIELD_CONTAINER_PATH, DBUS_TYPE_OBJECT_PATH, (void *) &v); return v; } +/** + * Deprecated alias for dbus_message_set_container_instance(). + * + * @param message the message + * @returns the path (should not be freed) or #NULL + */ +const char * +dbus_message_get_container_instance (DBusMessage *message) +{ + return dbus_message_get_container_path (message); +} + /** @} */ /** diff --git a/dbus/dbus-message.h b/dbus/dbus-message.h index 0bbad3d1..3b9e2ded 100644 --- a/dbus/dbus-message.h +++ b/dbus/dbus-message.h @@ -236,10 +236,17 @@ dbus_bool_t dbus_message_get_path_decomposed (DBusMessage *message, char ***path); DBUS_EXPORT -const char *dbus_message_get_container_instance (DBusMessage *message); +const char *dbus_message_get_container_path (DBusMessage *message); DBUS_EXPORT +dbus_bool_t dbus_message_set_container_path (DBusMessage *message, + const char *object_path); +#ifndef DBUS_DISABLE_DEPRECATED +DBUS_EXPORT DBUS_DEPRECATED +const char *dbus_message_get_container_instance (DBusMessage *message); +DBUS_EXPORT DBUS_DEPRECATED dbus_bool_t dbus_message_set_container_instance (DBusMessage *message, const char *object_path); +#endif DBUS_EXPORT dbus_bool_t dbus_message_append_args (DBusMessage *message, diff --git a/dbus/dbus-protocol.h b/dbus/dbus-protocol.h index 33e39df3..8bcd289a 100644 --- a/dbus/dbus-protocol.h +++ b/dbus/dbus-protocol.h @@ -303,9 +303,15 @@ extern "C" { */ #define DBUS_HEADER_FIELD_UNIX_FDS 9 /** - * Header field code for the container instance that sent this message. + * Header field code for the container context that sent this message. */ +#define DBUS_HEADER_FIELD_CONTAINER_PATH 10 +/** + * Deprecated alias for #DBUS_HEADER_FIELD_CONTAINER_PATH + */ +#ifndef DBUS_DISABLE_DEPRECATED #define DBUS_HEADER_FIELD_CONTAINER_INSTANCE 10 +#endif /** @@ -314,7 +320,7 @@ extern "C" { * that unknown codes must be ignored, so check for that before * indexing the array. */ -#define DBUS_HEADER_FIELD_LAST DBUS_HEADER_FIELD_CONTAINER_INSTANCE +#define DBUS_HEADER_FIELD_LAST DBUS_HEADER_FIELD_CONTAINER_PATH /** Header format is defined as a signature: * byte byte order diff --git a/doc/dbus-specification.xml b/doc/dbus-specification.xml index f163e623..83001963 100644 --- a/doc/dbus-specification.xml +++ b/doc/dbus-specification.xml @@ -7024,16 +7024,18 @@ - org.freedesktop.DBus.Containers1.Instance + org.freedesktop.DBus.Containers1.Path OBJECT_PATH - The container instance object path of the server through - which this connection is connected, as returned by - AddServer. Omitted from the + The object path of the container-specific server through + which this connection is connected, as returned by the + AddServer method. Omitted from the dictionary if this connection is not via a container's server. + @@ -7485,7 +7487,7 @@ in STRING container_name, in DICT<STRING,VARIANT> metadata, in DICT<STRING,VARIANT> named_arguments, - out OBJECT_PATH container_instance, + out OBJECT_PATH server_path, out ARRAY<BYTE> socket_path, out STRING connectable_address) @@ -7550,7 +7552,7 @@ OBJECT_PATH An opaque object path identifying the new container - instance. + context. @@ -7590,11 +7592,11 @@ Each call to this method creates a new - container instance, identified by an object + container server, identified by an object path. Even if the specified container type and name are the - same as for a pre-existing container instance, each call + same as for a pre-existing container server, each call creates a new server with a new unique object path, because - the new container instance might represent a different + the new container server might represent a different version of the confined application with different characteristics and restrictions. The message bus may provide an object at the given object path, but is not required to @@ -7655,13 +7657,13 @@ - The container instance object path remains valid for as + The container server object path remains valid for as long as one or more confined connection via the same server socket remain open, or there is a way for the server socket to produce new connections in future (in other words, either it is preparing to listen for new connections, or it is currently listening for new connections). When the - container instance has ceased to listen for new connections + container server has ceased to listen for new connections and no longer has any confined connections, the object path becomes invalid, and API calls that specify it will fail with the org.freedesktop.DBus.Error.NotContainer @@ -7669,12 +7671,12 @@ - - <literal>org.freedesktop.DBus.Containers1.StopInstance</literal> + + <literal>org.freedesktop.DBus.Containers1.StopServer</literal> As a method: - StopInstance (in OBJECT_PATH container_instance) + StopServer (in OBJECT_PATH server_path) Message arguments: @@ -7693,7 +7695,7 @@ The opaque object path that was returned from the AddServer method, identifying a - container instance. + per-container server. @@ -7702,25 +7704,25 @@ - Terminate the container instance. The server will stop + Terminate the container server. The server will stop listening for new connections, and any existing connections to that server will be disconnected. When all connections have - been disconnected, the instance will cease to exist. + been disconnected, the context will cease to exist. If the given object path does not represent a valid container - instance (see + context (see ), the org.freedesktop.DBus.Error.NotContainer error is returned. In particular, if this method is called twice, the second call will fail in this way. - If the given container instance exists but the caller of this + If the given container server exists but the caller of this method is not allowed to stop it (for example because the - caller is in a container instance or because its user ID does + caller is in a container server or because its user ID does not match the user ID of the creator of the container - instance), + context), the org.freedesktop.DBus.Error.AccessDenied error is returned and nothing is stopped. @@ -7731,7 +7733,7 @@ As a method: - StopListening (in OBJECT_PATH container_instance) + StopListening (in OBJECT_PATH server_path) Message arguments: @@ -7750,7 +7752,7 @@ The opaque object path that was returned from the AddServer method, identifying a - container instance. + container server. @@ -7759,47 +7761,45 @@ - Stop listening for new connections to the server in the given - container instance, but do not disconnect any existing - connections. + Stop listening for new connections to the given per-container + server, but do not disconnect any existing connections. If this method is called more than once, while the container - instance still exists because connections to it are still + context still exists because connections to it are still open, the second and subsequent calls will be successful but will have no practical effect. If the given object path does not represent a valid container - instance (see + context (see ), the org.freedesktop.DBus.Error.NotContainer error is returned. In particular, this will happen if the - container instance already stopped listening, and all + per-container server already stopped listening, and all connections to it (if any) were already closed. - If the given container instance exists but the caller of this + If the given per-container server exists but the caller of this method is not allowed to stop it (for example because the - caller is in a container instance or because its user ID does - not match the user ID of the creator of the container - instance), + caller is itself in a container, or because its user ID does + not match the user ID of the creator of the container server), the org.freedesktop.DBus.Error.AccessDenied error is returned and nothing is stopped. - - <literal>org.freedesktop.DBus.Containers1.GetConnectionInstance</literal> + + <literal>org.freedesktop.DBus.Containers1.GetConnectionInfo</literal> As a method: - GetConnectionInstance (in STRING bus_name, - out OBJECT_PATH container_instance, - out DICT<STRING,VARIANT> creator, - out STRING container_type, - out STRING container_name, - out DICT<STRING,VARIANT> metadata) + GetConnectionInfo (in STRING bus_name, + out OBJECT_PATH server_path, + out DICT<STRING,VARIANT> creator, + out STRING container_type, + out STRING container_name, + out DICT<STRING,VARIANT> metadata) Message arguments: @@ -7827,7 +7827,7 @@ The opaque object path that was returned from the AddServer method, identifying a - container instance. + per-container server. This output parameter is produced by the message bus. @@ -7835,7 +7835,8 @@ 2 DICT<STRING,VARIANT> - The connection that created this container instance. + Credentials of the connection that created this + per-container server. The keys and values are the same as those that are documented for org.flatpak or io.snapcraft. This output parameter is controlled by the creator - of the container instance. + of the per-container server. @@ -7865,7 +7866,7 @@ whose meaning is defined by the maintainers of the container type. This output parameter is controlled by the creator - of the container instance. + of the per-container server. @@ -7876,7 +7877,7 @@ keys and values defined by the maintainers of the container type. This output parameter is controlled by the creator - of the container instance. + of the per-container server. @@ -7886,7 +7887,7 @@ If the given unique or well-known bus name is a connection to a - container server, return information about that container instance. + container server, return information about that per-container server. If the bus name exists but is not confined (in other words, if it is a direct connection to the main message bus socket), the org.freedesktop.DBus.Error.NotContainer error @@ -7896,7 +7897,7 @@ Several of the output parameters are controlled by the creator of - the container instance. + the per-container server. On a bus that accepts connections from multiple clients at different privilege levels, it is not appropriate to trust those output parameters or use them in trust decisions unless the @@ -7905,16 +7906,16 @@ - - <literal>org.freedesktop.DBus.Containers1.GetInstanceInfo</literal> + + <literal>org.freedesktop.DBus.Containers1.GetServerInfo</literal> As a method: - GetInstanceInfo (in OBJECT_PATH container_instance, - out DICT<STRING,VARIANT> creator, - out STRING container_type, - out STRING container_name, - out DICT<STRING,VARIANT> metadata) + GetServerInfo (in OBJECT_PATH server_path, + out DICT<STRING,VARIANT> creator, + out STRING container_type, + out STRING container_name, + out DICT<STRING,VARIANT> metadata) Message arguments: @@ -7933,14 +7934,15 @@ The opaque object path that was returned from the AddServer method, identifying a - container instance. + per-container server. 1 DICT<STRING,VARIANT> - The connection that created this container instance. + Credentials of the connection that created this + per-container server. The keys and values are the same as those that are documented for org.flatpak or io.snapcraft. This output parameter is controlled by the creator - of the container instance. + of the per-container server. @@ -7970,7 +7972,7 @@ whose meaning is defined by the maintainers of the container type. This output parameter is controlled by the creator - of the container instance. + of the per-container server. @@ -7981,7 +7983,7 @@ keys and values defined by the maintainers of the container type. This output parameter is controlled by the creator - of the container instance. + of the per-container server. @@ -7990,7 +7992,7 @@ - If the given object path represents a valid container instance, + If the given object path represents a valid per-container server (see ), return information about it. Otherwise, the org.freedesktop.DBus.Error.NotContainer error @@ -7998,18 +8000,18 @@ Several of the output parameters are controlled by the creator of - the container instance. - See + the per-container server. + See for more details. - - <literal>org.freedesktop.DBus.Containers1.InstanceRemoved</literal> + + <literal>org.freedesktop.DBus.Containers1.ServerRemoved</literal> As a signal emitted by the message bus: - InstanceRemoved (OBJECT_PATH container_instance) + ServerRemoved (OBJECT_PATH server_path) Message arguments: @@ -8028,7 +8030,7 @@ The opaque object path that was returned from the AddServer method, identifying a - container instance. + per-container server. @@ -8037,9 +8039,9 @@ - Emitted when a container instance ceases to exist. A container - instance continues to exist as long as it is listening for - new connections, or as long as connections to the instance + Emitted when a per-container server ceases to exist. A per-container + server continues to exist as long as it is listening for + new connections, or as long as connections to the server are open, whichever is longer. diff --git a/test/containers.c b/test/containers.c index f5bf5407..3af9bfb7 100644 --- a/test/containers.c +++ b/test/containers.c @@ -56,7 +56,7 @@ typedef struct { GDBusProxy *proxy; - gchar *instance_path; + gchar *server_path; gchar *socket_path; gchar *socket_dbus_address; GDBusConnection *unconfined_conn; @@ -65,7 +65,7 @@ typedef struct { GDBusConnection *observer_conn; GDBusProxy *observer_proxy; - GHashTable *containers_removed; + GHashTable *servers_removed; guint removed_sub; DBusConnection *libdbus_observer; DBusMessage *latest_shout; @@ -136,13 +136,13 @@ observe_shouting_cb (DBusConnection *observer, } static void -instance_removed_cb (GDBusConnection *observer, - const gchar *sender, - const gchar *path, - const gchar *iface, - const gchar *member, - GVariant *parameters, - gpointer user_data) +server_removed_cb (GDBusConnection *observer, + const gchar *sender, + const gchar *path, + const gchar *iface, + const gchar *member, + GVariant *parameters, + gpointer user_data) { Fixture *f = user_data; const gchar *container; @@ -150,11 +150,11 @@ instance_removed_cb (GDBusConnection *observer, g_assert_cmpstr (sender, ==, DBUS_SERVICE_DBUS); g_assert_cmpstr (path, ==, DBUS_PATH_DBUS); g_assert_cmpstr (iface, ==, DBUS_INTERFACE_CONTAINERS1); - g_assert_cmpstr (member, ==, "InstanceRemoved"); + g_assert_cmpstr (member, ==, "ServerRemoved"); g_assert_cmpstr (g_variant_get_type_string (parameters), ==, "(o)"); g_variant_get (parameters, "(&o)", &container); - g_assert (!g_hash_table_contains (f->containers_removed, container)); - g_hash_table_add (f->containers_removed, g_strdup (container)); + g_assert (!g_hash_table_contains (f->servers_removed, container)); + g_hash_table_add (f->servers_removed, g_strdup (container)); } static void @@ -231,15 +231,15 @@ setup (Fixture *f, G_DBUS_CONNECTION_FLAGS_AUTHENTICATION_CLIENT), NULL, NULL, &f->error); g_assert_no_error (f->error); - f->containers_removed = g_hash_table_new_full (g_str_hash, g_str_equal, - g_free, NULL); + f->servers_removed = g_hash_table_new_full (g_str_hash, g_str_equal, + g_free, NULL); f->removed_sub = g_dbus_connection_signal_subscribe (f->observer_conn, DBUS_SERVICE_DBUS, DBUS_INTERFACE_CONTAINERS1, - "InstanceRemoved", + "ServerRemoved", DBUS_PATH_DBUS, NULL, G_DBUS_SIGNAL_FLAGS_NONE, - instance_removed_cb, + server_removed_cb, f, NULL); /* We have to use libdbus for new header fields, because GDBus doesn't @@ -340,15 +340,15 @@ add_container_server (Fixture *f, g_assert_nonnull (tuple); g_assert_cmpstr (g_variant_get_type_string (tuple), ==, "(oays)"); - g_variant_get (tuple, "(o^ays)", &f->instance_path, &f->socket_path, + g_variant_get (tuple, "(o^ays)", &f->server_path, &f->socket_path, &f->socket_dbus_address); g_assert_true (g_str_has_prefix (f->socket_dbus_address, "unix:")); g_assert_null (strchr (f->socket_dbus_address, ';')); g_assert_null (strchr (f->socket_dbus_address + strlen ("unix:"), ':')); g_clear_pointer (&tuple, g_variant_unref); - g_assert_nonnull (f->instance_path); - g_assert_true (g_variant_is_object_path (f->instance_path)); + g_assert_nonnull (f->server_path); + g_assert_true (g_variant_is_object_path (f->server_path)); g_assert_nonnull (f->socket_path); g_assert_true (g_path_is_absolute (f->socket_path)); g_assert_nonnull (f->socket_dbus_address); @@ -443,7 +443,7 @@ test_basic (Fixture *f, while (f->latest_shout == NULL) iterate_both_main_loops (f->ctx); - g_assert_cmpstr (dbus_message_get_container_instance (f->latest_shout), ==, + g_assert_cmpstr (dbus_message_get_container_path (f->latest_shout), ==, NULL); dbus_clear_message (&f->latest_shout); @@ -454,7 +454,7 @@ test_basic (Fixture *f, while (f->latest_shout == NULL) iterate_both_main_loops (f->ctx); - g_assert_cmpstr (dbus_message_get_container_instance (f->latest_shout), ==, + g_assert_cmpstr (dbus_message_get_container_path (f->latest_shout), ==, NULL); dbus_clear_message (&f->latest_shout); @@ -482,8 +482,8 @@ test_basic (Fixture *f, while (f->latest_shout == NULL) iterate_both_main_loops (f->ctx); - g_assert_cmpstr (dbus_message_get_container_instance (f->latest_shout), ==, - f->instance_path); + g_assert_cmpstr (dbus_message_get_container_path (f->latest_shout), ==, + f->server_path); dbus_clear_message (&f->latest_shout); g_dbus_connection_emit_signal (f->unconfined_conn, NULL, "/", @@ -493,7 +493,7 @@ test_basic (Fixture *f, while (f->latest_shout == NULL) iterate_both_main_loops (f->ctx); - g_assert_cmpstr (dbus_message_get_container_instance (f->latest_shout), ==, + g_assert_cmpstr (dbus_message_get_container_path (f->latest_shout), ==, "/"); dbus_clear_message (&f->latest_shout); @@ -512,7 +512,7 @@ test_basic (Fixture *f, g_test_message ("Inspecting connection container info"); confined_unique_name = g_dbus_connection_get_unique_name (f->confined_conn); - tuple = g_dbus_proxy_call_sync (f->proxy, "GetConnectionInstance", + tuple = g_dbus_proxy_call_sync (f->proxy, "GetConnectionInfo", g_variant_new ("(s)", confined_unique_name), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); @@ -520,7 +520,7 @@ test_basic (Fixture *f, g_assert_cmpstr (g_variant_get_type_string (tuple), ==, "(oa{sv}ssa{sv})"); g_variant_get (tuple, "(&o@a{sv}&s&s@a{sv})", &path_from_query, &creator, &type, &name, &asv); - g_assert_cmpstr (path_from_query, ==, f->instance_path); + g_assert_cmpstr (path_from_query, ==, f->server_path); g_variant_dict_init (&dict, creator); g_assert_true (g_variant_dict_lookup (&dict, "UnixUserID", "u", &uid)); g_assert_cmpuint (uid, ==, _dbus_getuid ()); @@ -533,9 +533,9 @@ test_basic (Fixture *f, g_clear_pointer (&creator, g_variant_unref); g_clear_pointer (&tuple, g_variant_unref); - g_test_message ("Inspecting container instance info"); - tuple = g_dbus_proxy_call_sync (f->proxy, "GetInstanceInfo", - g_variant_new ("(o)", f->instance_path), + g_test_message ("Inspecting container server info"); + tuple = g_dbus_proxy_call_sync (f->proxy, "GetServerInfo", + g_variant_new ("(o)", f->server_path), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); g_assert_nonnull (tuple); @@ -675,15 +675,15 @@ test_metadata (Fixture *f, asv = g_variant_get_child_value (tuple, 0); g_variant_dict_init (&dict, asv); g_assert_true (g_variant_dict_lookup (&dict, - DBUS_INTERFACE_CONTAINERS1 ".Instance", + DBUS_INTERFACE_CONTAINERS1 ".Path", "&o", &path_from_query)); - g_assert_cmpstr (path_from_query, ==, f->instance_path); + g_assert_cmpstr (path_from_query, ==, f->server_path); g_variant_dict_clear (&dict); g_clear_pointer (&asv, g_variant_unref); g_clear_pointer (&tuple, g_variant_unref); g_test_message ("Inspecting connection container info"); - tuple = g_dbus_proxy_call_sync (f->proxy, "GetConnectionInstance", + tuple = g_dbus_proxy_call_sync (f->proxy, "GetConnectionInfo", g_variant_new ("(s)", confined_unique_name), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); @@ -691,7 +691,7 @@ test_metadata (Fixture *f, g_assert_cmpstr (g_variant_get_type_string (tuple), ==, "(oa{sv}ssa{sv})"); g_variant_get (tuple, "(&o@a{sv}&s&s@a{sv})", &path_from_query, &creator, &type, &name, &asv); - g_assert_cmpstr (path_from_query, ==, f->instance_path); + g_assert_cmpstr (path_from_query, ==, f->server_path); g_variant_dict_init (&dict, creator); g_assert_true (g_variant_dict_lookup (&dict, "UnixUserID", "u", &uid)); g_assert_cmpuint (uid, ==, _dbus_getuid ()); @@ -711,9 +711,9 @@ test_metadata (Fixture *f, g_clear_pointer (&creator, g_variant_unref); g_clear_pointer (&tuple, g_variant_unref); - g_test_message ("Inspecting container instance info"); - tuple = g_dbus_proxy_call_sync (f->proxy, "GetInstanceInfo", - g_variant_new ("(o)", f->instance_path), + g_test_message ("Inspecting container server info"); + tuple = g_dbus_proxy_call_sync (f->proxy, "GetServerInfo", + g_variant_new ("(o)", f->server_path), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); g_assert_nonnull (tuple); @@ -753,7 +753,7 @@ test_metadata (Fixture *f, * Test StopListening(), which just closes the listening socket. * * With config->stop_server == STOP_SERVER_FORCE: - * Test StopInstance(), which closes the listening socket and + * Test StopServer(), which closes the listening socket and * disconnects all its clients. */ static void @@ -834,7 +834,7 @@ test_stop_server (Fixture *f, } /* If we are able to switch uid (i.e. we are root), check that a local - * attacker with a different uid cannot close our container instances. */ + * attacker with a different uid cannot close our container servers. */ attacker = test_try_connect_gdbus_as_user (f->bus_address, TEST_USER_OTHER, &f->error); @@ -849,15 +849,15 @@ test_stop_server (Fixture *f, g_assert_no_error (f->error); tuple = g_dbus_proxy_call_sync (attacker_proxy, "StopListening", - g_variant_new ("(o)", f->instance_path), + g_variant_new ("(o)", f->server_path), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_error (f->error, G_DBUS_ERROR, G_DBUS_ERROR_ACCESS_DENIED); g_assert_null (tuple); g_clear_error (&f->error); - tuple = g_dbus_proxy_call_sync (attacker_proxy, "StopInstance", - g_variant_new ("(o)", f->instance_path), + tuple = g_dbus_proxy_call_sync (attacker_proxy, "StopServer", + g_variant_new ("(o)", f->server_path), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_error (f->error, G_DBUS_ERROR, G_DBUS_ERROR_ACCESS_DENIED); @@ -878,8 +878,8 @@ test_stop_server (Fixture *f, g_clear_error (&f->error); } - g_assert_false (g_hash_table_contains (f->containers_removed, - f->instance_path)); + g_assert_false (g_hash_table_contains (f->servers_removed, + f->server_path)); switch (config->stop_server) { @@ -906,18 +906,18 @@ test_stop_server (Fixture *f, case STOP_SERVER_EXPLICITLY: g_test_message ("Stopping server (but not confined connection)..."); tuple = g_dbus_proxy_call_sync (f->proxy, "StopListening", - g_variant_new ("(o)", f->instance_path), + g_variant_new ("(o)", f->server_path), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); g_variant_unref (tuple); - /* The container instance remains open, because the connection has + /* The container server remains open, because the connection has * not gone away yet. Do another method call: if we were going to * get the signal, it would arrive before the reply to this second * method call. Any method will do here, even one that doesn't * exist. */ - g_test_message ("Checking we do not get InstanceRemoved..."); + g_test_message ("Checking we do not get ServerRemoved..."); tuple = g_dbus_proxy_call_sync (f->proxy, "NoSuchMethod", NULL, G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); @@ -930,29 +930,29 @@ test_stop_server (Fixture *f, case STOP_SERVER_NEVER_CONNECTED: g_test_message ("Stopping server (with no confined connections)..."); tuple = g_dbus_proxy_call_sync (f->proxy, "StopListening", - g_variant_new ("(o)", f->instance_path), + g_variant_new ("(o)", f->server_path), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); g_variant_unref (tuple); - g_test_message ("Waiting for InstanceRemoved..."); - while (!g_hash_table_contains (f->containers_removed, f->instance_path)) + g_test_message ("Waiting for ServerRemoved..."); + while (!g_hash_table_contains (f->servers_removed, f->server_path)) g_main_context_iteration (NULL, TRUE); break; case STOP_SERVER_FORCE: g_test_message ("Stopping server and all confined connections..."); - tuple = g_dbus_proxy_call_sync (f->proxy, "StopInstance", - g_variant_new ("(o)", f->instance_path), + tuple = g_dbus_proxy_call_sync (f->proxy, "StopServer", + g_variant_new ("(o)", f->server_path), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); g_variant_unref (tuple); - g_test_message ("Waiting for InstanceRemoved..."); - while (!g_hash_table_contains (f->containers_removed, f->instance_path)) + g_test_message ("Waiting for ServerRemoved..."); + while (!g_hash_table_contains (f->servers_removed, f->server_path)) g_main_context_iteration (NULL, TRUE); break; @@ -1051,10 +1051,10 @@ test_stop_server (Fixture *f, g_assert_cmpstr (name_owner, ==, DBUS_SERVICE_DBUS); g_clear_pointer (&tuple, g_variant_unref); - /* The container instance will not disappear from the bus + /* The container server will not disappear from the bus * until the confined connection goes away */ - tuple = g_dbus_proxy_call_sync (f->observer_proxy, "GetInstanceInfo", - g_variant_new ("(o)", f->instance_path), + tuple = g_dbus_proxy_call_sync (f->observer_proxy, "GetServerInfo", + g_variant_new ("(o)", f->server_path), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_no_error (f->error); @@ -1062,7 +1062,7 @@ test_stop_server (Fixture *f, g_clear_pointer (&tuple, g_variant_unref); /* Now disconnect the last confined connection, which will make the - * container instance go away */ + * container server go away */ g_test_message ("Closing confined connection..."); g_dbus_connection_close_sync (f->confined_conn, NULL, &f->error); g_assert_no_error (f->error); @@ -1074,12 +1074,12 @@ test_stop_server (Fixture *f, /* Whatever happened above, by now it has gone away */ - g_test_message ("Waiting for InstanceRemoved..."); - while (!g_hash_table_contains (f->containers_removed, f->instance_path)) + g_test_message ("Waiting for ServerRemoved..."); + while (!g_hash_table_contains (f->servers_removed, f->server_path)) g_main_context_iteration (NULL, TRUE); - tuple = g_dbus_proxy_call_sync (f->observer_proxy, "GetInstanceInfo", - g_variant_new ("(o)", f->instance_path), + tuple = g_dbus_proxy_call_sync (f->observer_proxy, "GetServerInfo", + g_variant_new ("(o)", f->server_path), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_nonnull (f->error); @@ -1097,7 +1097,7 @@ test_stop_server (Fixture *f, /* * Assert that we cannot get the container metadata for a path that - * isn't a container instance, or a bus name that isn't in a container + * isn't a container server, or a bus name that isn't in a container * or doesn't exist at all. */ static void @@ -1117,7 +1117,7 @@ test_invalid_metadata_getters (Fixture *f, g_test_message ("Inspecting unconfined connection"); unique_name = g_dbus_connection_get_unique_name (f->unconfined_conn); - tuple = g_dbus_proxy_call_sync (f->proxy, "GetConnectionInstance", + tuple = g_dbus_proxy_call_sync (f->proxy, "GetConnectionInfo", g_variant_new ("(s)", unique_name), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_nonnull (f->error); @@ -1133,7 +1133,7 @@ test_invalid_metadata_getters (Fixture *f, g_clear_error (&f->error); g_test_message ("Inspecting dbus-daemon"); - tuple = g_dbus_proxy_call_sync (f->proxy, "GetConnectionInstance", + tuple = g_dbus_proxy_call_sync (f->proxy, "GetConnectionInfo", g_variant_new ("(s)", DBUS_SERVICE_DBUS), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_nonnull (f->error); @@ -1150,7 +1150,7 @@ test_invalid_metadata_getters (Fixture *f, g_test_message ("Inspecting a non-connection"); unique_name = g_dbus_connection_get_unique_name (f->unconfined_conn); - tuple = g_dbus_proxy_call_sync (f->proxy, "GetConnectionInstance", + tuple = g_dbus_proxy_call_sync (f->proxy, "GetConnectionInfo", g_variant_new ("(s)", "com.example.Nope"), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_nonnull (f->error); @@ -1166,8 +1166,8 @@ test_invalid_metadata_getters (Fixture *f, g_clear_error (&f->error); - g_test_message ("Inspecting container instance info"); - tuple = g_dbus_proxy_call_sync (f->proxy, "GetInstanceInfo", + g_test_message ("Inspecting container server info"); + tuple = g_dbus_proxy_call_sync (f->proxy, "GetServerInfo", g_variant_new ("(o)", "/nope"), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &f->error); g_assert_nonnull (f->error); @@ -1643,7 +1643,7 @@ teardown (Fixture *f, g_clear_object (&f->proxy); fixture_disconnect_observer (f); - g_clear_pointer (&f->containers_removed, g_hash_table_unref); + g_clear_pointer (&f->servers_removed, g_hash_table_unref); if (f->libdbus_observer != NULL) { @@ -1679,7 +1679,7 @@ teardown (Fixture *f, } dbus_clear_message (&f->latest_shout); - g_free (f->instance_path); + g_free (f->server_path); g_free (f->socket_path); g_free (f->socket_dbus_address); g_free (f->bus_address); diff --git a/test/internals/dbus-message-util.c b/test/internals/dbus-message-util.c index 310822d6..cd8259c7 100644 --- a/test/internals/dbus-message-util.c +++ b/test/internals/dbus-message-util.c @@ -1170,9 +1170,9 @@ _dbus_message_test (const char *test_data_dir _DBUS_GNUC_UNUSED) _dbus_assert (strcmp (dbus_message_get_path (message), "/foo") == 0); - if (!dbus_message_set_container_instance (message, "/org/freedesktop/DBus/Containers1/c42")) + if (!dbus_message_set_container_path (message, "/org/freedesktop/DBus/Containers1/c42")) _dbus_test_fatal ("out of memory"); - _dbus_assert (strcmp (dbus_message_get_container_instance (message), + _dbus_assert (strcmp (dbus_message_get_container_path (message), "/org/freedesktop/DBus/Containers1/c42") == 0); if (!dbus_message_set_interface (message, "org.Foo"))