1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-12 09:17:44 +03:00
Commit Graph

49940 Commits

Author SHA1 Message Date
Yu Watanabe
f345918d8d network: configure nexthop before routes that requires gateway
This is a preparation for later commits. When RTA_NH_ID is set to a
route, then the corresponding nexthop must be exist.
2021-02-19 08:34:12 +01:00
Yu Watanabe
b480543cf0 tree-wide: fix typo 2021-02-19 07:56:22 +01:00
Jameer Pathan
63f48ab3fa GH Actions: Fix labeler bot 2021-02-19 14:51:59 +09:00
Yu Watanabe
4c72d851cd network: warn when any positive boolean string is specified for IPMasquerade=
Previously, any positive boolean string for IPMasquerade= enables only IPv4
masquerade. The commit 48ed276647 adds
IPv6 masquerade support. However, only "yes" is handled as "ipv4", and other
positive boolean strings are handled as "both".

This makes all positive boolean strings considered as "ipv4", warn that they
are deprecated, and suggest to use "ipv4" or "both".

Follow-up for 48ed276647.
2021-02-19 14:24:10 +09:00
Yu Watanabe
da0e2baea3 network: address: reuse Address:ip_masquerade_done for IPv6 case
It is not necessary to use different flag for each address family.

Follow-up for 48ed276647.
2021-02-19 14:22:32 +09:00
Yu Watanabe
5be5d1f2a1
Merge pull request #18659 from poettering/permyriadification
use scaling relative to UINT32_MAX instead of percentages/permyriads wherever we can
2021-02-19 14:22:10 +09:00
Zbigniew Jędrzejewski-Szmek
09db71a4a3 Recommend drop-ins over modifications to the main config file
As discussed in https://github.com/systemd/systemd/pull/18347.
2021-02-19 14:05:42 +09:00
Yu Watanabe
71894e1831 table: drop trailing white spaces of the last cell in row
Fixes #18415.
2021-02-19 14:04:32 +09:00
Lennart Poettering
1f3315b8bd update NEWS 2021-02-19 08:45:34 +09:00
Lennart Poettering
d06e7fb532 oomd: increase accuracy of SwapUsedLimit= to permyriads too
oomd.conf has two parameters with fractionals: SwapUsedLimit= and
DefaultMemoryPressureLimit=, but one accepts permyriads, the other only
percentages, for no apparent reason. One carries the "Percent" in the
name, the other doesn't.

Let's clean this up: always accept permyriads, and drop the suffix,
given that it is misleading.

I figure we should internally try to focus on scaling everything
relative to UINT32_MAX, and if that isn't in the cards at least 10000,
but never permille nor percent unless there's a really really good
reason for it (e.g. interface defined by someone else).
2021-02-18 22:40:47 +01:00
Lennart Poettering
d9d3f05def core: use our usual UINT32_MAX scaling for OOMD limits
So far OOMD limits used permyriads, as an upgrade from the original
percent.

The rest of our codebase typically scales stuff relative to UINT32_MAX.
Let's clean this up, an make sure this happens here too. This is
particularly relevant, as this is exposed in unit files and API, and
before we mark this stable we should get the APIs right.
2021-02-18 22:39:37 +01:00
Lennart Poettering
1ead0b2a79 parse-util: add format string macro for outputting permyriad
Let's define a set of macros for making output of permyriad values easy.
They are printed in pure ASCII, i.e. without the permille/permyriad
suffix, using just percent and two places after the dot.
2021-02-18 22:36:34 +01:00
Lennart Poettering
9cba32bcde tree-wide: port various pieces of code over to UINT32_SCALE_FROM_PERMYRIAD() 2021-02-18 22:36:34 +01:00
Lennart Poettering
3b6e71ad03 util: add some helpers for converting percent/permille/permyriad to parts of 2^32-1
At various places we accept values scaled to the range 0…2^32-1 which
are exposed to the user as percentages/permille/permyriad. Let's add
some helper macros (actually: typesafe macro-like functions) that help
with converting our internal encoding to the external encodings.

benefits: some of the previous code rounded up, some down. let's always
round to nearest, to ensure that our conversions are reversible. Also,
check for overflows correctly.

This also adds a test that makes sure that for the full
percent/permille/permyriad ranges we can convert forth and back without
loss of accuracy.
2021-02-18 22:36:34 +01:00
Lennart Poettering
38d0c27006 percent-util: when parsing permyriads, permit percents too with 1 place after the dot
Previously, when parsing myriads, we'd support:

 x%          → percent, no places after the dot
 x.yz%       → percent, two places after the dot
 x‰          → permille, no places after the dot
 x.y‰        → permille, one place after the dot
 x‱          → permyriad, no places after the dot

What's missing is:

 x.y%        → percent, one place after the dot

Let's add it in.
2021-02-18 22:36:34 +01:00
Lennart Poettering
ed5033fd6c util: move percent/permille/permyriad parser into percent-util.[ch]
A good chunk of parse-util.[ch] has been about parsing parts per
hundred/thousand/ten-thousand. Let's split that out into its own file.

No code changes, just some shuffling around.
2021-02-18 22:36:34 +01:00
Lennart Poettering
60dcf3dc1b main: let's use physical_memory_scale() where appropriate
This way we can take benefit of the fact that physical_memory_scale()
aligns on page sizes.
2021-02-18 22:36:34 +01:00
Lennart Poettering
fe845b5e76 tree-wide: parse permyriads wherever we can
Given that we now have a parser for permyriads, let's use it everywhere
for greater accuracy. This means wherever we previously supported % and
‰, we now also support ‱.
2021-02-18 22:36:34 +01:00
Lennart Poettering
75b86b564a limits-util: tweak overflow checks for (physical_memory|system_tasks)_max_scale()
Also, shortcut two special cases for passing through values as-is, so
that we are not needlessly subjected to overflow issues for them.
2021-02-18 22:36:34 +01:00
Lennart Poettering
66e52d2221 update TODO 2021-02-18 22:31:11 +01:00
Yu Watanabe
38ba3da0a1 network: rename UseFQDN= -> UseHostname=
Prompted by
https://github.com/systemd/systemd/pull/18543#issuecomment-780798451.
2021-02-18 21:47:37 +01:00
Lennart Poettering
988338eb19
Merge pull request #18685 from poettering/network-type-tweaks
sd-network.h type tweaks
2021-02-18 21:19:51 +01:00
Lennart Poettering
1a8900e7ed random-util: fix type of random_u64_range()
As the name of the function suggests this is supposed to return
uint64_t, of course. Fix it. Not sure how this mistake happened in the
first place...
2021-02-18 21:19:23 +01:00
Lennart Poettering
e55daa2599
Merge pull request #18546 from poettering/sd-device-action
export sd_device_get_action() API + more
2021-02-18 20:54:25 +01:00
chri2
ba2b8f9239 https://github.com/systemd/systemd/issues/15360
The additional rules fix a firmware bug in the en keyboard of Librem notebooks by Purism.

By doing so the break the keyboard with other layouts which do not have the same bug in their firmware.
2021-02-18 20:49:12 +01:00
Lennart Poettering
f715584018 resolved: improve debug logging on incoming messages a bit 2021-02-18 20:34:18 +01:00
Zbigniew Jędrzejewski-Szmek
e133c454b1
Merge pull request #18679 from keszybz/rfkill-size-leniency
struct rfkill_event read/write size leniency
2021-02-18 19:53:25 +01:00
Lennart Poettering
0eaee8281d journald: when we fail to add a new entry to a journal, return the seqno
Fixes: #18005
2021-02-18 18:30:52 +01:00
Lennart Poettering
ff03bfa508 udevadm: after validating action, use our internal string instead of optarg
This doesn't really change anything, but feels nicer, since it abstracts
away what device_action_from_string()/device_action_to_string() do
internally, and always uses a normalized action string (yes, there's no
ambiguity, but it's nice to stay abstract, maybe one day there is
ambiguity around this)
2021-02-18 18:21:25 +01:00
Lennart Poettering
a113002214 sd-device: add sd_device_get_action() + sd_device_get_seqnum() + sd_device_new_from_stat_rdev()
To make sd-device properly usable for all programs we need to provide an
API for the "action" field of an event, it's one of the most relevant
ones, and it was so far missing.

This also adds sd_device_get_seqnum(), which isn't that interesting,
except for generating pretty debug output, which we use it ourselves
for.

This also makes device_new_from_stat_rdev() public, as it is truly
useful, as we can see in our own uses of it, and I think is fairly
generic to show up in the public APIs.
2021-02-18 18:20:56 +01:00
Lennart Poettering
669963968c
Merge pull request #18664 from poettering/resolved-defrag
resolved: many UDP fragmentation tweaks
2021-02-18 18:20:36 +01:00
Lennart Poettering
96fb82aa06 sd-device: don't compare pointers with numeric zero
Our coding style says no to this.
2021-02-18 18:20:09 +01:00
Lennart Poettering
5f94d96c47
Merge pull request #18667 from poettering/resolved-change-notification
resolved: optimize dbus change notification signals a bit
2021-02-18 18:19:09 +01:00
Lennart Poettering
135c4aad4c network: tighten table alignment a bit 2021-02-18 18:17:16 +01:00
Lennart Poettering
2324fd3a39 network: suffix types with _t in public headers
Apparently, in our current public headers (i.e. those called sd-*.h) we
suffixed typedefs that we use as values with _t, but we didn't do this
for enum typedefs. Fix that while this stuff is not actually public yet.

With this scheme "value typedefs" now end systematically in _t, and
"object typedefs" (i.e. structures that are typically passed around via
pointers and not values) do not.

No code changes, just some renaming.
2021-02-18 18:17:16 +01:00
Lennart Poettering
cbf23f3853 resolved: optimize change notification handling away if bus calls set the same values as were already set
Prompted-by: #17577 (but doesn't fix this, since this commit only
handles D-Bus-induced changes, not the ones made via networkd)
2021-02-18 16:38:27 +01:00
Lennart Poettering
e4304fb8d4 basic: add set_equal() helper 2021-02-18 16:38:27 +01:00
Lennart Poettering
980821f3f0 resolved: take fragment size into consideration when determining EDNS0 udp packet size 2021-02-18 15:55:58 +01:00
Lennart Poettering
acbf761b5d resolved: let's track fragment sizes of servers/retry on fragmenting
Fragmenting sucks, let's avoid it. Thus let's start tracking the maximum
fragment size we receive.

Also, let's redo a transaction via TCP if we see fragmenting on UDP, as
effective mitigation against DNS fragment attacks.
2021-02-18 15:55:58 +01:00
Lennart Poettering
d79677ab44 resolved: tweak how we calculate MTU for sending packets
Let's take all MTU info we possibly have into account, i.e. the one
reported via netlink, as before and the one the socket might now (from
PMTUD and such), clamped by our own ideas.
2021-02-18 15:55:58 +01:00
Lennart Poettering
4565863fff resolved: add udp_header_size() helper 2021-02-18 15:55:58 +01:00
Lennart Poettering
20a001bdd7 resolved: collect incoming fragment size when receiving UDP datagrams
We can later use this to adapt our announced EDNS buffer size in order
to avoid fragmentation to make the best of large datagrams while still
avoiding he security weaknesses of it.
2021-02-18 15:42:18 +01:00
Lennart Poettering
eb170e75ab resolved: disable path MTU discovery for UDP traffic
This disables path MTU discovery both for our UDP upstream connections
and our UDP stub, following the suggestions of:

https://blog.apnic.net/2019/07/12/its-time-to-consider-avoiding-ip-fragmentation-in-the-dns/

This more or less follows the model of other DNS servers on this.
2021-02-18 15:42:18 +01:00
Дамјан Георгиевски
95aa3937da man: Rename duplicate Credentials section name
A "Credentials" section name in systemd.exec man page was used
both for User/Group and for actual credentials support in systemd.

Rename the first instance to "User/Group Identity"
2021-02-18 15:40:47 +01:00
Lennart Poettering
489344f24b networkd-test: reenable dnssec while testing
We need to list the synthesized domains as NTAs, otherwise the DNSSEC
validation of course cannot succeed.

Fixes: #10487 #5029
2021-02-18 14:12:42 +00:00
Zbigniew Jędrzejewski-Szmek
2a5095af0c
Merge pull request #18557 from poettering/enum-force-s64
force public enums to be 64bit wide
2021-02-18 14:16:15 +01:00
Susant Sahani
d75bf6cfe2 network: Add "route_localnet" sysctl support 2021-02-18 21:04:17 +09:00
Zbigniew Jędrzejewski-Szmek
d97a35e228
Merge pull request #18665 from poettering/resolved-fastopen
resolved: use TCP FASTOPEN on the local DNS stub
2021-02-18 12:55:10 +01:00
Luca Boccassi
905348da28
Merge pull request #18625 from bluca/sysext_refactor
dissect: parse and store extension-release metadata
2021-02-18 10:43:08 +00:00
Zbigniew Jędrzejewski-Szmek
a71c096850 rfkill: use short writes and accept long reads
I'm seeing the following with kernel-core-5.10.16-200.fc33.x86_64:

$ sudo SYSTEMD_LOG_LEVEL=debug build/systemd-rfkill
Reading struct rfkill_event: got 8 bytes.
A new rfkill device has been added with index 0 and type bluetooth.
Found cgroup2 on /sys/fs/cgroup/, full unified hierarchy
Found container virtualization none.
rfkill0: Operating on rfkill device 'tpacpi_bluetooth_sw'.
Writing struct rfkill_event successful (8 of 9 bytes).
Loaded state '0' from /var/lib/systemd/rfkill/platform-thinkpad_acpi:bluetooth.
Reading struct rfkill_event: got 8 bytes.
A new rfkill device has been added with index 1 and type wwan.
rfkill1: Operating on rfkill device 'tpacpi_wwan_sw'.
Writing struct rfkill_event successful (8 of 9 bytes).
Loaded state '0' from /var/lib/systemd/rfkill/platform-thinkpad_acpi:wwan.
Reading struct rfkill_event: got 8 bytes.
A new rfkill device has been added with index 2 and type bluetooth.
rfkill2: Operating on rfkill device 'hci0'.
Writing struct rfkill_event successful (8 of 9 bytes).
Loaded state '0' from /var/lib/systemd/rfkill/pci-0000:00:14.0-usb-0:7:1.0:bluetooth.
Reading struct rfkill_event: got 8 bytes.
A new rfkill device has been added with index 3 and type wlan.
rfkill3: Operating on rfkill device 'phy0'.
Writing struct rfkill_event successful (8 of 9 bytes).
Loaded state '0' from /var/lib/systemd/rfkill/pci-0000:04:00.0:wlan.
All events read and idle, exiting.

We were expecting a read of exactly RFKILL_EVENT_SIZE_V1==8 bytes. But the
structure has 9 after [1].

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=14486c82612a177cb910980c70ba900827ca0894

For some reason the kernel does not accept the full structure size, but cuts
the write short after 8 bytes:

static ssize_t rfkill_fop_write(struct file *file, const char __user *buf,
				size_t count, loff_t *pos)
{
	struct rfkill_event ev;

	/* we don't need the 'hard' variable but accept it */
	if (count < RFKILL_EVENT_SIZE_V1 - 1)
		return -EINVAL;

	/*
	 * Copy as much data as we can accept into our 'ev' buffer,
	 * but tell userspace how much we've copied so it can determine
	 * our API version even in a write() call, if it cares.
	 */
	count = min(count, sizeof(ev));
	if (copy_from_user(&ev, buf, count))
		return -EFAULT;

... so it should accept the full size. I'm not sure what is going on here.

But we don't care about the extra fields, so let's accept a write as long as
it's at least RFKILL_EVENT_SIZE_V1.

Fixes #18677.
2021-02-18 11:25:04 +01:00