1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-22 13:33:56 +03:00
Commit Graph

55680 Commits

Author SHA1 Message Date
Yu Watanabe
9f689fda54 sd-ipv4acd: actually drop the arp packet from one of the host interface
Fixes a bug in 7f77917c0e.

Fixes #23001.

(cherry picked from commit 239adf0384)
2022-04-28 19:00:24 +02:00
Yu Watanabe
e3d57bc301 sd-event: make inotify event work after the process is forked
(cherry picked from commit fbae50904f)
2022-04-28 18:59:21 +02:00
Yu Watanabe
a5fc32fa34 sd-event: do not kill a child process from another child
(cherry picked from commit 86587c93b0)
2022-04-28 18:59:17 +02:00
Yu Watanabe
c36ab05b4f sd-event: do not update signal fd after PID is changed
Otherwise, child event source will not work after the process is forked
and the event source is unref()ed on the child process.

(cherry picked from commit 01e6af7374)
2022-04-28 18:59:12 +02:00
Yu Watanabe
e006b56c18 sd-event: set pid to event source after all setup processes finished
Otherwise, the assertion in source_disconnect() may be triggered,

(cherry picked from commit 54988a27b9)
2022-04-28 18:59:03 +02:00
Yu Watanabe
d2e3b5a841 sd-event: rebreak comments
(cherry picked from commit 91c700713f)
2022-04-28 18:58:59 +02:00
Luca Boccassi
6673131917 core: fix dm-verity auto-discovery in MountImageUnit()
The implementation of MountImageUnit()/systemctl mount-image was
changed to use a /proc/self/fd path as the source, but that causes
the dm-verity files autodiscovery to fail, as it looks for files
in the same directory as the image.

Use the original file path when setting up dm-verity.

(cherry picked from commit cedf5b1aef)
2022-04-28 18:57:48 +02:00
Daan De Meyer
10ee46a2ca analyze: Fix verify exit status regression
Previously, systemd-analyze verify would return 0 even if warnings
were raised during analysis of the specified units or their
dependencies. With 3cc3dc7, verify was changed to return 1 when
warnings were raised.

This commit changes the default mode to _RECURSIVE_ERRORS_INVALID
so that verify returns zero again by default when warnings are
raised.

(cherry picked from commit cae7c28272)
2022-04-28 18:57:37 +02:00
Yu Watanabe
df6253cbda hwdb: fix parsing options
Fixes #22976.

(cherry picked from commit 5674b74c4f)
2022-04-28 18:51:47 +02:00
Yu Watanabe
9727b9ee7b core: command argument can be longer than PATH_MAX
Fixes a bug introduced by 0653649202.

Fixes #22957.

(cherry picked from commit 58dd4999dc)
2022-04-28 18:48:16 +02:00
Yu Watanabe
12f05b856c network: ignore all errors in loading .network files
This partially reverts 9202b567bc.

Fixes #22954.

(cherry picked from commit 036a8d503f)
2022-04-28 18:47:58 +02:00
Luca Boccassi
b5dfdf0301 analyze: fix offline check for syscal filter
The deny/allow list check was inverted, if we are deny listing and the
hashmap contains the syscall then that's good

Fixes https://github.com/systemd/systemd/issues/22914

(cherry picked from commit dd51e725df)
2022-04-28 18:47:27 +02:00
Luca Boccassi
8ed1490de6 analyze: fix offline check for 'native' syscall architecture
Enum values are stored in the set, not strings

(cherry picked from commit 1449b0f8a9)
2022-04-28 18:47:24 +02:00
Romain Naour
72d0c6b171 missing-syscall: define MOVE_MOUNT_T_EMPTY_PATH if missing
MOVE_MOUNT_T_EMPTY_PATH has been added to systemd 250 by [1]
but it's defined in kernel headers since version 5.2.

[1] c7bf079bbc

(cherry picked from commit 608c3b0293)
2022-04-28 18:46:34 +02:00
Yu Watanabe
bba396d78c journal-remote: refuse to specify --trust option when gnutls is disabled
and check_permission() should not be called in that case.

Replaces #22847.

(cherry picked from commit f7adeaeb89)
2022-04-28 18:46:14 +02:00
Gibeom Gwon
8d4c0d2383 calendarspec: fix possibly skips next elapse
If the time unit changes after adding the repetition value, the
timer may skip the next elapse. This patch reset sub time units
to minimum value when upper unit is changed.

Fixes #22665.

(cherry picked from commit 1e582ede3b)
2022-04-28 18:45:54 +02:00
Franck Bui
d9ea8dab6d copy: use FLAGS_SET() in copy_xattr()
(cherry picked from commit e394a6fc09)
2022-04-28 18:43:36 +02:00
Franck Bui
077ca08b38 journal: preserve acls when rotating user journals with NOCOW attribute set
When restoring the COW flag for journals on BTRFS, the full journal contents
are copied into new files. But during these operations, the acls of the
previous files were lost and users were not able to access to their old
journal contents anymore.

(cherry picked from commit 11ee11dbb3)
2022-04-28 18:43:16 +02:00
Frantisek Sumsal
25b3c48ec5 macro: account for negative values in DECIMAL_STR_WIDTH()
With negative numbers we wouldn't account for the minus sign, thus
returning a string with one character too short, triggering buffer
overflows in certain situations.

(cherry picked from commit e3dd9ea8ea)
2022-04-28 18:37:25 +02:00
Yu Watanabe
8f2f6a94d8 network: enable KeepConfiguration= when running on network filesystem
Also, set KeepConfiguration=dhcp-on-stop by default when running in
initrd.

Fixes #21967.

(cherry picked from commit ea853de57d)
2022-04-28 18:35:20 +02:00
Yu Watanabe
61649fbada stat-util: introduce path_is_network_fs()
(cherry picked from commit 4e247216e5)
2022-04-28 18:35:12 +02:00
Yu Watanabe
3f6e62eccb network-generator: rename DHCP_TYPE_DHCP -> DHCP_TYPE_DHCP4
To emphasize this is DHCPv4. No behavior is changed.

(cherry picked from commit 318a53d10a)
2022-04-28 18:35:07 +02:00
Georges Basile Stavracas Neto
a7585a3a38 hwdb: Add AV production access to Elgado Stream Deck devices
The Stream Deck products from Elgato are simple key pads
intended to be used as macro pads. They're popular within
the streaming community.

This commit adds all 5 Stream Deck variants available to
the AV production file.

See https://www.elgato.com/en/stream-deck

(cherry picked from commit e982320b44)
2022-04-19 05:30:54 +09:00
Be
18c0096ec2 Add AV production controllers to hwdb and add uaccess
This adds support for AV production controller devices, such
as DJ tables, music-oriented key pads, and others.

The USB vendor and product IDs come from Mixxx, Ctlra, and
Ardour.

Fixes #20533

Co-developed-by: Georges Basile Stavracas Neto <georges.stavracas@gmail.com>

(cherry picked from commit f2c36c0e24)
2022-04-19 05:30:54 +09:00
Luca Boccassi
2298094b2c packit: drop bfq patch
Does not apply on v250-stable
2022-04-02 01:56:36 +09:00
Luca Boccassi
7cda67d4f4 packit: build on and use Fedora 36 spec file
It's targeted to the v250 branch, while the rawhide one follows
the newest upstream release, and the command line options are not
compatible
2022-04-02 01:56:36 +09:00
Laura Barcziova
056bae9f1b Packit: build SRPMs in Copr
Add srpm_build_deps key to the Packit config to specify needed dependencies for SRPM build
and indicate to build SRPM in Copr.

(cherry picked from commit d15e1a29e3)
2022-04-02 01:56:36 +09:00
Lennart Poettering
6253eb576c journal-file: if we are going down, don't use event loop to schedule post
The event loop is already shutting down, hence no point in using it
anymore, it's not going to run any further iteration.

(cherry picked from commit 47f04c2a69)
2022-04-01 14:27:11 +09:00
Lennart Poettering
c901bc8680 journald: make sure SIGTERM handling doesn't get starved out
Fixes: #22642
(cherry picked from commit 19252b2548)
2022-04-01 14:27:11 +09:00
Jason A. Donenfeld
ed46ff2bd6 random-seed: hash together old seed and new seed before writing out file
If we're consuming an on-disk seed, we usually write out a new one after
consuming it. In that case, we might be at early boot and the randomness
could be rather poor, and the kernel doesn't guarantee that it'll use
the new randomness right away for us. In order to prevent the new
entropy from getting any worse, hash together the old seed and the new
seed, and replace the final bytes of the new seed with the hash output.
This way, entropy strictly increases and never regresses.

(cherry picked from commit da2862ef06)
2022-03-24 22:38:29 +00:00
Joan Bruguera
6d3e2f0188 resolved: Allow test-resolved-stream to run concurrently
Since test-resolved-stream brings up a simple DNS server on 127.0.0.1:12345,
only one instance could run at a time, so it would fail when run like
`meson test -C build test-resolved-stream --repeat=1000`.
Similarly, if by chance something is up on port 12345, the test would fail.

To make the test more reliable, run it in an isolated user + network namespace.
If this fails (some distributions disable user namespaces), just run as before.

(cherry picked from commit c76120f1b8)
2022-03-18 02:36:10 +09:00
Joan Bruguera
781b2b2e66 resolved: Read as much as possible per stream EPOLLIN event
In commit 2aaf6bb6e9, an issue was fixed where
systemd-resolved could get stuck for multiple seconds waiting for incoming data,
since GnuTLS/OpenSSL can buffer a TLS record, so data could be available, but
no EPOLLIN event would be generated.

To fix this, a somewhat elaborate logic consisting on asking the TLS library
whether it had buffered data, then "faking" an EPOLLIN event was implemented.

However, there is a much simpler solution: Always read as much data as available
(i.e. until we get an event like EAGAIN when trying to read) from the stream
when we get an EPOLLIN event, instead of at most a single packet per event.
This approach does not require asking the TLS library whether it has buffered
data, and the logic is exactly the same for both the TCP and TLS case.

test-resolved-stream is fixed to avoid a latent double free bug.

(cherry picked from commit 839a70c353)
2022-03-18 02:36:10 +09:00
Joan Bruguera
03692af607 resolved: Avoid multiple SSL writes per DoT packet
In the DoT case, dns_stream_writev decomposed an iovec into multiple
dnstls_stream_write calls, which resulted in multiple SSL writes and multiple
TLS records. This can be checked from a network capture, e.g. using socat:
socat -v -x openssl-listen:853,reuseaddr,fork,cert=my.cert,key=my.key,verify=0 openssl:8.8.8.8:853

Instead, propagate the iovec as-is into the DoT handling code. For GnuTLS, the
library provides support for buffering ('corking') a record. OpenSSL has no
such facility, so we join the iovec into a single buffer then call SSL_write.

socat capture of `resolvectl -4 query --cache=no example.com` before the commit:

> 2022/01/30 13:35:52.194200  length=2 from=0 to=1
 00 28                                            .(
--
> 2022/01/30 13:35:52.194253  length=40 from=2 to=41
 1e b2 01 00 00 01 00 00 00 00 00 01 07 65 78 61  .............exa
 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 00 00 29  mple.com.......)
 ff e4 00 00 00 00 00 00                          ........
--
< 2022/01/30 13:35:52.232798  length=58 from=0 to=57
 00 38 1e b2 81 80 00 01 00 01 00 00 00 01 07 65  .8.............e
 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 c0  xample.com......
 0c 00 01 00 01 00 00 53 6f 00 04 5d b8 d8 22 00  .......So..]..".
 00 29 02 00 00 00 00 00 00 00                    .)........

socat capture of `resolvectl -4 query --cache=no example.com` after the commit:

> 2022/01/30 13:34:47.598099  length=42 from=504 to=545
 00 28 37 86 01 00 00 01 00 00 00 00 00 01 07 65  .(7............e
 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 00  xample.com......
 00 29 ff e4 00 00 00 00 00 00                    .)........
--
< 2022/01/30 13:34:47.613203  length=58 from=756 to=813
 00 38 37 86 81 80 00 01 00 01 00 00 00 01 07 65  .87............e
 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 c0  xample.com......
 0c 00 01 00 01 00 00 52 5e 00 04 5d b8 d8 22 00  .......R^..]..".
 00 29 02 00 00 00 00 00 00 00                    .)........

(cherry picked from commit aa892849d5)
2022-03-18 02:36:10 +09:00
Joan Bruguera
3227f542a7 resolved: Make event flags logic robust for DoT
Since when handling a DNS over TLS stream, the TLS library can override the
requested events through dnstls_events for handshake/shutdown purposes,
obtaining the event flags through sd_event_source_get_io_events and checking
for EPOLLIN or EPOLLOUT does not really tell us whether we want to read/write
a packet. Instead, it could just be OpenSSL/GnuTLS doing something else.

To make the logic more robust (and simpler), save the flags that tell us
whether we want to read/write a packet, and check them instead of the IO flags.

(& use uint32_t for the flags like in sd_event_source_set_io_events prototype)

(cherry picked from commit eff107736e)
2022-03-18 02:36:10 +09:00
Yu Watanabe
9c710c66c3 resolve: llmnr: fix never hit condition
Previously, the condition in on_stream_io_impl() never hit, as the
read packet is always taken from the stream in the few lines above.

Instead of the dns_stream_complete() under the condition, the stream
is unref()ed in the on_packet callback for LLMNR stream, unlike the
other on_packet callbacks.

That's quite tricky. Also, potentially, the stream may still have
queued packets to write.

This fix the condition, and drops the unref() in the on_packet callback.

C.f. https://github.com/systemd/systemd/pull/22274#issuecomment-1023708449.

Closes #22266.

(cherry picked from commit a5e2a488e8)
2022-03-18 02:36:10 +09:00
Yu Watanabe
d65808ef7e resolve: mention that dns_stream_update() needs to be called after dns_stream_take_read_packet()
Based on the analysis by Joan Bruguera <joanbrugueram@gmail.com>.
See https://github.com/systemd/systemd/pull/22132#discussion_r793951650.

(cherry picked from commit 4aa6129897)
2022-03-18 02:36:10 +09:00
Yu Watanabe
b2f82f643a resolve: call dns_stream_take_read_packet() in on_stream_io()
As dns_stream_take_read_packet() is called only in on_packet callbacks,
and all on_packet callbacks call it.

(cherry picked from commit 624f907ea9)
2022-03-18 02:36:10 +09:00
Yu Watanabe
fe4c208c98 resolve: make dns_stream_new() take on_packet and complete callbacks
And make on_packet callback mandatory.

(cherry picked from commit 18230451c0)
2022-03-18 02:36:10 +09:00
Joan Bruguera
f447648ae4 resolved: Test for DnsStream (plain TCP DNS and DoT)
Tests DnsStream event handling, both for plain TCP DNS and DNS over TLS.

The DoT test requires the "openssl s_server" command line tool to mock a simple
TLS server. Thus the test's TLS part is skipped if openssl it not available.
The test works for both DNS_OVER_TLS_USE_GNUTLS and DNS_OVER_TLS_USE_OPENSSL.

The DoT case fails due to a bug, which is fixed on the next commit.

(cherry picked from commit 726bcd81b9)
2022-03-18 02:36:10 +09:00
Joan Bruguera
88b4e8f74e resolved: Fix DoT timeout on multiple answer records
When sending multiple DNS questions to a DNS-over-TLS server (e.g. a question
for A and AAAA records, as is typical) on the same session, the server may
answer to each question in a separate TLS record, but it may also aggregate
multiple answers in a single TLS record.
(Some servers do this very often (e.g. Cloudflare 1.0.0.1), some do it sometimes
(e.g. Google 8.8.8.8) and some seem to never do it (e.g. Quad9 9.9.9.10)).

Both cases should be handled equivalently, as the byte stream is the same, but
when multiple answers came in a single TLS record, usually the first answer was
processed, but the second answer was entirely ignored, which caused a 10s delay
until the resolution timed out and the missing question was retried.
This can be reproduced by configuring one of the offending server and running
`resolvectl query google.com --cache=no` a few times.

To be notified of incoming data, systemd-resolved listens to `EPOLLIN` events
on the underlying socket. However, when DNS-over-TLS is used, the TLS library
(OpenSSL or GnuTLS) may read and buffer the entire TLS record when reading the
first answer, so usually no further `EPOLLIN` events will be generated, and the
second answer will never be processed.

To avoid this, if there's buffered TLS data, generate a "fake" EPOLLIN event.
This is hacky, but it makes this case transparent to the rest of the IO code.

(cherry picked from commit 2aaf6bb6e9)
2022-03-18 02:36:10 +09:00
Frantisek Sumsal
d5b871bdfe test: increase image size
From v251 we split libsystemd-core to save disk space, but
until then we need larger images for the integration tests.
2022-03-18 02:36:10 +09:00
Jason A. Donenfeld
c3aead5568 random-util: unify RANDOM_ALLOW_INSECURE and !RANDOM_BLOCK and simplify
RANDOM_BLOCK has existed for a long time, but RANDOM_ALLOW_INSECURE was
added more recently, leading to an awkward relationship between the two.
It turns out that only one, RANDOM_BLOCK, is needed.

RANDOM_BLOCK means return cryptographically secure numbers no matter
what. If it's not set, it means try to do that, but if it fails, fall
back to using unseeded randomness.

This part of falling back to unseeded randomness is the intent of
GRND_INSECURE, which is what RANDOM_ALLOW_INSECURE previously aliased.
Rather than having an additional flag for that, it makes more sense to
just use it whenever RANDOM_BLOCK is not set. This saves us the overhead
of having to open up /dev/urandom.

Additionally, when getrandom returns too little data, but not zero data,
we currently fall back to using /dev/urandom if RANDOM_BLOCK is not set.
This doesn't quite make sense, because if getrandom returned seeded data
once, then it will forever after return the same thing as whatever
/dev/urandom does. So in that case, we should just loop again.

Since there's never really a time where /dev/urandom is able to return
some easily but more with difficulty, we can also get rid of
RANDOM_EXTEND_WITH_PSEUDO. Once the RNG is initialized, bytes
should just flow normally.

This also makes RANDOM_MAY_FAIL obsolete, because the only case this ran
was where we'd fall back to /dev/urandom on old kernels and return
GRND_INSECURE bytes on new kernels. So also get rid of that flag.

Finally, since we're always able to use GRND_INSECURE on newer kernels,
and we only fall back to /dev/urandom on older kernels, also only fall
back to using RDRAND on those older kernels. There, the only reason to
have RDRAND is to avoid a kmsg entry about unseeded randomness.

The result of this commit is that we now cascade like this:

  - Use getrandom(0) if RANDOM_BLOCK.
  - Use getrandom(GRND_INSECURE) if !RANDOM_BLOCK.
  - Use /dev/urandom if !RANDOM_BLOCK and no GRND_INSECURE support.
  - Use /dev/urandom if no getrandom() support.
  - Use RDRAND if we would use /dev/urandom for any of the above reasons
    and RANDOM_ALLOW_RDRAND is set.

(cherry picked from commit 31234fbeec)
2022-03-11 13:37:06 +00:00
Frantisek Sumsal
037160fc69 network: s/confiured/configured/
A quick typo fix I noticed whilst debugging.

(cherry picked from commit e3d1ffcc48)
2022-03-11 16:33:33 +09:00
Yu Watanabe
056fcd4e31 wait-online: make manager_link_is_online() return 0 when in unmanaged state
Previously, even if a link is in unmanaged state, the function may
returns positive value. So, even if all managed links are in the configured
sate but do not satisfy the online criteria, e.g., IPv4 address state,
then wait-online finishes with positive value.

This makes the function always return 0 for unmanaged state. So, at
least one managed link must satisfies the online criteria.

This also adds more comments and debugging logs.

Fixes #22246.

(cherry picked from commit cd7fcda543)
2022-03-11 16:33:33 +09:00
Yu Watanabe
397ede8dcd wait-online: rename Manager elements
(cherry picked from commit 5f200833ed)
2022-03-11 16:33:33 +09:00
Luca Boccassi
5b7c7ed357 core: do not return 'skipped' when Condition*= fail with StartUnitWithFlags()
Backward incompatible change to avoid returning 'skipped' if a condition causes
a job activation to be skipped when using StartUnitWithFlags().
Job results are broadcasted, so it is theoretically possible that existing
software could get confused if they see this result.

Replaces https://github.com/systemd/systemd/pull/22369

(cherry picked from commit ee3ae55e75)
2022-03-10 20:40:50 +00:00
Bastien Nocera
1072a9382b memory-id: Work-around incorrect "Number of slots"
In some BIOSes, the "Number of slots or sockets available for Memory
Devices in this array" is incorrectly set to the number of memory array
that's populated.

Work-around this problem by outputting the number of sockets after
having parsed them so that consumers of this data can carry on expecting
an accurate number in this property.

This fixes the number of memory slots advertised for the HP Z600.

See https://gitlab.gnome.org/GNOME/gnome-control-center/-/issues/1686

(cherry picked from commit d48bf01636)
2022-03-09 23:15:43 +00:00
Luca Boccassi
042bf8d0e6 TEST-29: do not pass -q to mk/unsquashfs, not supported on CentOS 8
(cherry picked from commit 963c560a29)
2022-03-09 21:20:15 +00:00
Zbigniew Jędrzejewski-Szmek
00b5aa8d74 portable: add return parameter to GetImageMetadataWithExtensions
The complaint was that the output array was used for two kinds of data, and the
input flag decided whether this extra data should be included. The flag is
removed, and instead the old method is changed to include the data always as
a separate parameter.

This breaks backward compatibility, but  the old method is effectively broken
and does not appear to be used yet, at least in open source code, by
searching on codesearch.debian.net and github.com.

Fixes #22404.

Co-authored-by: Luca Boccassi <bluca@debian.org>
(cherry picked from commit 087a799f64)
2022-03-09 21:20:15 +00:00
Zbigniew Jędrzejewski-Szmek
06d466a05c portable: inline one variable declaration
(cherry picked from commit 90e3f3581d)
2022-03-09 21:20:15 +00:00