From 8b51341545af1cc93722780acb4c1b24bf67f176 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 17 Oct 2023 11:27:06 +0200
Subject: [PATCH] =?utf8?q?process-util:=20add=20pidref=5Fget=5Fuid()=20and?=
 =?utf8?q?=20rename=20get=5Fprocess=5Fuid()=20=E2=86=92=20pidref=5Fget=5Fu?=
 =?utf8?q?id()?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

---
 src/basic/process-util.c       | 23 ++++++++++++++++++++++-
 src/basic/process-util.h       |  3 ++-
 src/core/dbus-unit.c           |  2 +-
 src/journal/journald-context.c |  2 +-
 src/shared/killall.c           |  2 +-
 src/test/test-process-util.c   |  2 +-
 6 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/src/basic/process-util.c b/src/basic/process-util.c
index 2374387850..f381b6369c 100644
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -572,7 +572,8 @@ static int get_process_id(pid_t pid, const char *field, uid_t *ret) {
         return -EIO;
 }
 
-int get_process_uid(pid_t pid, uid_t *ret) {
+int pid_get_uid(pid_t pid, uid_t *ret) {
+        assert(ret);
 
         if (pid == 0 || pid == getpid_cached()) {
                 *ret = getuid();
@@ -582,6 +583,26 @@ int get_process_uid(pid_t pid, uid_t *ret) {
         return get_process_id(pid, "Uid:", ret);
 }
 
+int pidref_get_uid(const PidRef *pid, uid_t *ret) {
+        uid_t uid;
+        int r;
+
+        if (!pidref_is_set(pid))
+                return -ESRCH;
+
+        r = pid_get_uid(pid->pid, &uid);
+        if (r < 0)
+                return r;
+
+        r = pidref_verify(pid);
+        if (r < 0)
+                return r;
+
+        if (ret)
+                *ret = uid;
+        return 0;
+}
+
 int get_process_gid(pid_t pid, gid_t *ret) {
 
         if (pid == 0 || pid == getpid_cached()) {
diff --git a/src/basic/process-util.h b/src/basic/process-util.h
index f49e487bd1..53dce1ee71 100644
--- a/src/basic/process-util.h
+++ b/src/basic/process-util.h
@@ -46,7 +46,8 @@ int pidref_get_cmdline(const PidRef *pid, size_t max_columns, ProcessCmdlineFlag
 int pid_get_cmdline_strv(pid_t pid, ProcessCmdlineFlags flags, char ***ret);
 int pidref_get_cmdline_strv(const PidRef *pid, ProcessCmdlineFlags flags, char ***ret);
 int get_process_exe(pid_t pid, char **ret);
-int get_process_uid(pid_t pid, uid_t *ret);
+int pid_get_uid(pid_t pid, uid_t *ret);
+int pidref_get_uid(const PidRef *pid, uid_t *ret);
 int get_process_gid(pid_t pid, gid_t *ret);
 int get_process_capeff(pid_t pid, char **ret);
 int get_process_cwd(pid_t pid, char **ret);
diff --git a/src/core/dbus-unit.c b/src/core/dbus-unit.c
index 91660cf3aa..8c9ad0ef9f 100644
--- a/src/core/dbus-unit.c
+++ b/src/core/dbus-unit.c
@@ -1530,7 +1530,7 @@ int bus_unit_method_attach_processes(sd_bus_message *message, void *userdata, sd
                 /* Let's validate security: if the sender is root, then all is OK. If the sender is any other unit,
                  * then the process' UID and the target unit's UID have to match the sender's UID */
                 if (sender_uid != 0 && sender_uid != getuid()) {
-                        r = get_process_uid(pidref->pid, &process_uid);
+                        r = pidref_get_uid(pidref, &process_uid);
                         if (r < 0)
                                 return sd_bus_error_set_errnof(error, r, "Failed to retrieve process UID: %m");
 
diff --git a/src/journal/journald-context.c b/src/journal/journald-context.c
index 3cf337a089..1f653801ad 100644
--- a/src/journal/journald-context.c
+++ b/src/journal/journald-context.c
@@ -210,7 +210,7 @@ static void client_context_read_uid_gid(ClientContext *c, const struct ucred *uc
         if (ucred && uid_is_valid(ucred->uid))
                 c->uid = ucred->uid;
         else
-                (void) get_process_uid(c->pid, &c->uid);
+                (void) pid_get_uid(c->pid, &c->uid);
 
         if (ucred && gid_is_valid(ucred->gid))
                 c->gid = ucred->gid;
diff --git a/src/shared/killall.c b/src/shared/killall.c
index ac1b69e6bb..df0f450a88 100644
--- a/src/shared/killall.c
+++ b/src/shared/killall.c
@@ -85,7 +85,7 @@ static bool ignore_proc(pid_t pid, bool warn_rootfs) {
         if (is_survivor_cgroup(pid))
                 return true;
 
-        r = get_process_uid(pid, &uid);
+        r = pid_get_uid(pid, &uid);
         if (r < 0)
                 return true; /* not really, but better safe than sorry */
 
diff --git a/src/test/test-process-util.c b/src/test/test-process-util.c
index ab508867ff..6f548ecae9 100644
--- a/src/test/test-process-util.c
+++ b/src/test/test-process-util.c
@@ -82,7 +82,7 @@ static void test_pid_get_comm_one(pid_t pid) {
         assert_se(r >= 0 || r == -EACCES);
         log_info("PID"PID_FMT" exe: '%s'", pid, strna(f));
 
-        assert_se(get_process_uid(pid, &u) == 0);
+        assert_se(pid_get_uid(pid, &u) == 0);
         log_info("PID"PID_FMT" UID: "UID_FMT, pid, u);
 
         assert_se(get_process_gid(pid, &g) == 0);
-- 
2.25.1