1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-22 13:33:56 +03:00
Commit Graph

507 Commits

Author SHA1 Message Date
Yu Watanabe
a5b0338e89 sd-bus: fix buffer overflow
Fixes #23486.

(cherry picked from commit 89b6a3f13e)
(cherry picked from commit a5c4e29b2c)
2022-06-02 20:09:14 +02:00
Zbigniew Jędrzejewski-Szmek
5fa1f78f71 shared/json: fix memleak in sort
(cherry picked from commit 99b1145aae)
2022-05-25 16:48:30 +02:00
Zbigniew Jędrzejewski-Szmek
dcd7dfa520 shared/json: fix another memleak in normalization
(cherry picked from commit 3b6ce05537)
2022-05-25 16:48:26 +02:00
Luca Boccassi
e69b2a3a69 Partially revert "sd-dhcp-server: refuse too large packet to send"
This test fails on this branch:

 949/1228 fuzz-dhcp-server-relay-message_clusterfuzz-testcase-minimized-fuzz-dhcp-server-relay-message-4972399731277824_address,undefined FAIL           0.00s (exit status 127)12:43
--- command ---12:43
01:47:36 UBSAN_OPTIONS='print_stacktrace=1:print_summary=1:halt_on_error=1' /usr/bin/env /tmp/autopkgtest-lxc.cl7c6fs0/downtmp/build.X6Z/src/build-deb/fuzz-dhcp-server-relay-message:address,undefined /tmp/autopkgtest-lxc.cl7c6fs0/downtmp/build.X6Z/src/test/fuzz/fuzz-dhcp-server-relay-message/clusterfuzz-testcase-minimized-fuzz-dhcp-server-relay-message-497239973127782412:43
--- stderr ---12:43
/usr/bin/env: ‘/tmp/autopkgtest-lxc.cl7c6fs0/downtmp/build.X6Z/src/build-deb/fuzz-dhcp-server-relay-message:address,undefined’: No such file or directory

This partially reverts commit 76bcd1d6d2.
2022-02-15 14:17:47 +00:00
Luca Boccassi
2614461383 Revert "tests: add a file triggering a memory leak in dhcp_lease_parse_search_domains"
The test fails on this branch:

 948/1228 fuzz-dhcp-client_minimized-from-555a2b073b8d208655b68c294f8dfd592a11e50a_address,undefined                                      FAIL           0.00s (exit status 127)12:43
--- command ---12:43
01:47:36 UBSAN_OPTIONS='print_stacktrace=1:print_summary=1:halt_on_error=1' /usr/bin/env /tmp/autopkgtest-lxc.cl7c6fs0/downtmp/build.X6Z/src/build-deb/fuzz-dhcp-client:address,undefined /tmp/autopkgtest-lxc.cl7c6fs0/downtmp/build.X6Z/src/test/fuzz/fuzz-dhcp-client/minimized-from-555a2b073b8d208655b68c294f8dfd592a11e50a12:43
--- stderr ---12:43
/usr/bin/env: ‘/tmp/autopkgtest-lxc.cl7c6fs0/downtmp/build.X6Z/src/build-deb/fuzz-dhcp-client:address,undefined’: No such file or directory

This reverts commit 87728a590a.
2022-02-15 14:17:47 +00:00
Evgeny Vereshchagin
ba335f6f40 tests: add a file triggering a memory leak in dhcp_lease_parse_search_domains
(cherry picked from commit 998ec39b1d)
2022-02-14 21:56:48 +00:00
Yu Watanabe
530a18d493 sd-dhcp-server: refuse too large packet to send
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44134.

(cherry picked from commit 71df50a973)
2022-02-14 21:56:48 +00:00
Luca Boccassi
47dba9fb09 path unit: add TriggerLimitBurst= and TriggerLimitIntervalSec=
Given there's now a default for these settings, also allow users to configure
them, matching socket units
2021-12-18 23:17:53 +00:00
Jan Janssen
d2a58f0edb meson: Drop meson version compare for fuzz test
We are depending on meson >= 0.53.2 now, so this check can be dropped.
2021-12-12 11:51:03 +09:00
Yu Watanabe
e49bad0179 network: dhcp-pd: add 6rd support
Closes #19152.
2021-12-07 20:33:16 +09:00
Yu Watanabe
a27588d4e7 network: dhcp-pd: rename [DHCPv6PrefixDelegation] -> [DHCPPrefixDelegation]
This just changes the names of settings, variables, functions, files, and so on.
No functionality is changed.

Preparation for supporting 6rd.
2021-12-07 20:30:30 +09:00
Yu Watanabe
2d00239cbe network: dhcp6pd: always use main route table for unreachable route
This mostly reverts e47bcb7d0b.
2021-12-07 18:35:30 +09:00
Yu Watanabe
72e65e6ffd network: add support to configure IPoIB interfaces 2021-12-05 00:18:58 +09:00
Yu Watanabe
b90d0f83b2 network/netdev: add support to create IPoIB subinterface 2021-12-04 15:06:58 +09:00
Luca Boccassi
81513b382b core: add Condition[Memory/CPU/IO]Pressure
By default checks PSI on /proc/pressure, and causes a unit to be skipped
if the threshold is above the given configuration for the avg300
measurement.
Also allow to pass a custom timespan, and a particular slice unit to
check under.

Fixes #20139
2021-12-01 09:53:18 +01:00
Yu Watanabe
e908434458 network: wireguard: automatically configure routes to addresses specified in AllowedIPs=
Closes #14176.
2021-12-01 04:00:11 +09:00
Andrew Stone
7c5cef2211 core/automount: Add ExtraOptions field 2021-11-23 09:44:35 +01:00
Slava Bacherikov
af493fb742 network: Add SuppressInterfaceGroup= into routing policy
This adds SuppressInterfaceGroup= option in the [RoutingPolicyRule] section
which has the same semantics as suppress_ifgroup in `ip rule` command.
2021-11-16 01:54:07 +09:00
Yu Watanabe
e5a7570188
Merge pull request #21226 from yuwata/network-tc-cake
network: add several CAKE settings
2021-11-09 14:18:41 +09:00
Yu Watanabe
1c7a81e626 network: tc/cake: introduce UseRawPacketSize= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
35896db489 network: tc/cake: introduce SplitGSO= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
d05dce95d8 network: tc/cake: introduce Wash= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
049b66ccdd network: tc/cake: introduce FirewallMark= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
fe8e156e7a network: tc/cake: introduce PriorityQueueingProfile= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
863542e1ce network: tc/cake: introduce MPUBytes= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
4bff808648 network: tc/cake: introduce NAT= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
a049cf166c network: tc/cake: introduce FlowIsolationMode= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
b6eccfda1a network: tc/cake: introduce CompensationMode= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
025cd94e1c network: tc/cake: introduce AutoRateIngress= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
610c0db126 network: ndisc: introduce UseGateway= and UseRoutePrefix= settings
Closes #21263.
2021-11-09 08:12:36 +09:00
Zbigniew Jędrzejewski-Szmek
e2de2d28f4
Merge pull request #20813 from unusual-thoughts/exittype_v2
Reintroduce ExitType
2021-11-08 15:06:37 +01:00
Henri Chain
596e447076 Reintroduce ExitType
This introduces `ExitType=main|cgroup` for services.
Similar to how `Type` specifies the launch of a service, `ExitType` is
concerned with how systemd determines that a service exited.

- If set to `main` (the current behavior), the service manager will consider
  the unit stopped when the main process exits.

- The `cgroup` exit type is meant for applications whose forking model is not
  known ahead of time and which might not have a specific main process.
  The service will stay running as long as at least one process in the cgroup
  is running. This is intended for transient or automatically generated
  services, such as graphical applications inside of a desktop environment.

Motivation for this is #16805. The original PR (#18782) was reverted (#20073)
after realizing that the exit status of "the last process in the cgroup" can't
reliably be known (#19385)

This version instead uses the main process exit status if there is one and just
listens to the cgroup empty event otherwise.

The advantages of a service with `ExitType=cgroup` over scopes are:
- Integrated logging / stdout redirection
- Avoids the race / synchronisation issue between launch and scope creation
- More extensive use of drop-ins and thus distro-level configuration:
  by moving from scopes to services we can have drop ins that will affect
  properties that can only be set during service creation,
  like `OOMPolicy` and security-related properties
- It makes systemd-xdg-autostart-generator usable by fixing [1], as obviously
  only services can be used in the generator, not scopes.

[1] https://bugs.kde.org/show_bug.cgi?id=433299
2021-11-08 10:15:23 +01:00
Daan De Meyer
51462135fb exec: Add TTYRows and TTYColumns properties to set TTY dimensions 2021-11-05 21:32:14 +00:00
Yu Watanabe
59aa622013 network: dhcp-server: introduce Router= setting to specify router address
Closes #21202.
2021-11-03 03:15:00 +09:00
Yu Watanabe
dc5cae6c9d network: dhcp6: introduce UplinkInterface= for DHCP6 prefix delegation 2021-10-26 20:43:10 +09:00
Yu Watanabe
0f5ef9b62a network: dhcp6: introduce UseDelegatedPrefix= setting and enable by default
Previously, the prefix delegation is enabled when at least one
downstream interfaces request it. But, when the DHCPv6 client on the
upstream interface is configured, some downstream interfaces may not
exist yet, nor have .network file assigned.

Also, if a system has thousands of interfaces, then the previous logic
introduce O(n^2) search.

This makes the prefix delegation is always enabled, except when it is
explicitly disabled. Hopefully, that should not break anything, as the
DHCPv6 server should ignore the prefix delegation request if the server
do not have any prefix to delegate.
2021-10-26 20:29:08 +09:00
Zbigniew Jędrzejewski-Szmek
1d9a1215e8 gitattributes: introduce and use "generated" attribute
I want to mark some files to be ignored for licensing purposes,
e.g. output from fuzzers and other samples. By using the gitattribute
machinery for this we don't need to design a custom protocol:

$ git check-attr generated test/test-sysusers/unhappy-*
test/test-sysusers/unhappy-1.expected-err: generated: set
test/test-sysusers/unhappy-1.input: generated: unspecified
test/test-sysusers/unhappy-2.expected-err: generated: set
test/test-sysusers/unhappy-2.input: generated: unspecified
test/test-sysusers/unhappy-3.expected-err: generated: set
test/test-sysusers/unhappy-3.input: generated: unspecified
2021-10-18 09:42:55 +02:00
Zbigniew Jędrzejewski-Szmek
7b84e701a8 gitattributes: mark fuzz inputs that are pure binary as such
We also have a bunch of files that have some bytes and a lot
of text, like the journal export format. For those, it is still quite
useful when the tools try to diff them, so let's not mark those.
2021-10-18 09:04:45 +02:00
Yu Watanabe
6830c3a553
Merge pull request #20778 from yuwata/network-ipv6-token
network: rework IPv6 address generation mode
2021-10-07 23:24:00 +09:00
Luca Boccassi
0cf250022c
Merge pull request #20926 from yuwata/udev-net-wol-sopass
udev/net: introduce WakeOnLanPassword=
2021-10-06 23:36:05 +01:00
Yu Watanabe
d3867133f0 udev/net: introduce WakeOnLanPassword=
Closes #20913.
2021-10-07 01:50:37 +09:00
Yu Watanabe
e609cd0694 network: introduce Token= setting in [IPv6Prefix]
Closes #20149.
2021-10-07 01:24:50 +09:00
Yu Watanabe
a73628e647 network: rename IPv6Token= in [Network] -> Token= in [IPv6AcceptRA]
The token is only used by received prefixes through RA.
2021-10-07 01:16:36 +09:00
Iago López Galeiras
e59ccd035c core: add RestrictFileSystems= fragment parser
It takes an allow or deny list of filesystems services should have
access to.
2021-10-06 10:52:14 +02:00
Albert Brox
5918a93355 core: implement RuntimeMaxDeltaSec directive 2021-09-28 16:46:20 +02:00
alexlzhu
8c35c10d20 core: Add ExecSearchPath parameter to specify the directory relative to which binaries executed by Exec*= should be found
Currently there does not exist a way to specify a path relative to which
all binaries executed by Exec should be found. The only way is to
specify the absolute path.

This change implements the functionality to specify a path relative to which
binaries executed by Exec*= can be found.

Closes #6308
2021-09-28 14:52:27 +01:00
Yu Watanabe
94832e6e55 test: also rename {test,fuzz}-lldp.c 2021-09-27 23:55:11 +09:00
Lennart Poettering
49e9218ae3
Merge pull request #20768 from pdmorrow/shutdown_cgroup_ctrl
cgroups: apply StartupAllowedCPUs= and StartupAllowedMemoryNodes= during shutdown
2021-09-27 13:44:54 +02:00
Peter Morrow
1b75e5f343 fuzz: list directives in alphabetical order 2021-09-24 14:43:01 +01:00
Anita Zhang
2b33e41aaf link: connect 5 more properties to ethtool features
Sets up the follow properties and their corresponding ethtool feature:
- ReceiveVLANCTAGHardwareAcceleration == rx-vlan-hw-parse (or rxvlan)
- TransmitVLANCTAGHardwareAcceleration == tx-vlan-hw-insert (or txvlan)
- ReceiveVLANCTAGFilter == rx-vlan-filter
- TransmitVLANSTAGHardwareAcceleration == tx-vlan-stag-hw-insert
- NTupleFilter == rx-ntuple-filter (or ntuple)
2021-09-24 20:40:23 +09:00