Allow block and char classes in DeviceAllow bus properties (#4353)

Allowed paths are unified betwen the configuration file parses and the bus property checker. The biggest change is that the bus code now allows "block-" and "char-" classes. In addition, path_startswith("/dev") was used in the bus code, and startswith("/dev") was used in the config file code. It seems reasonable to use path_startswith() which allows a slightly broader class of strings. Fixes #3935.
2016-10-12 05:12:11 -04:00 · 2016-10-12 05:12:11 -04:00 · 3ccb886283
parent 9f1008d513
commit 3ccb886283
4 changed files with 11 additions and 7 deletions
--- a/src/basic/path-util.c
+++ b/src/basic/path-util.c
@ -812,9 +812,14 @@ bool is_device_path(const char *path) {
        /* Returns true on paths that refer to a device, either in
         * sysfs or in /dev */

-        return
-                path_startswith(path, "/dev/") ||
-                path_startswith(path, "/sys/");
+        return path_startswith(path, "/dev/") ||
+               path_startswith(path, "/sys/");
+}
+
+bool is_deviceallow_pattern(const char *path) {
+        return path_startswith(path, "/dev/") ||
+               startswith(path, "block-") ||
+               startswith(path, "char-");
 }

 int systemd_installation_has_version(const char *root, unsigned minimal_version) {
--- a/src/basic/path-util.h
+++ b/src/basic/path-util.h
@ -125,5 +125,6 @@ char *file_in_same_dir(const char *path, const char *filename);
 bool hidden_or_backup_file(const char *filename) _pure_;

 bool is_device_path(const char *path);
+bool is_deviceallow_pattern(const char *path);

 int systemd_installation_has_version(const char *root, unsigned minimal_version);
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@ -3084,9 +3084,7 @@ int config_parse_device_allow(
        if (!path)
                return log_oom();

-        if (!startswith(path, "/dev/") &&
-            !startswith(path, "block-") &&
-            !startswith(path, "char-")) {
+        if (!is_deviceallow_pattern(path)) {
                log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
                return 0;
        }
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
@ -303,7 +303,7 @@ int bus_append_unit_property_assignment(sd_bus_message *m, const char *assignmen
                                rwm = "";
                        }

-                        if (!path_startswith(path, "/dev")) {
+                        if (!is_deviceallow_pattern(path)) {
                                log_error("%s is not a device file in /dev.", path);
                                return -EINVAL;
                        }