1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-11 05:17:44 +03:00
Commit Graph

42600 Commits

Author SHA1 Message Date
Susant Sahani
4e5ef14919 network tc: Add support to conkfigure CoDel - Controlled-Delay Active Queue Management algorithm
```
$ tc qdisc show dev dummy99
qdisc fq_codel 8005: dev dummy99 root refcnt 2 limit 1000p flows 1024 quantum 1514 target 5.0ms interval 100.0ms memory_limit 32Mb ecn
$ network cat dumm99.network
[Match]
Name=dummy99

[TrafficControlQueueingDiscipline]
Parent=root
FairQueuingControlledDelayPacketLimit=1000

```
2019-12-11 00:06:31 +09:00
Susant Sahani
d808102008 network tc: qdisc parent add support to set ingress
```
$ network tc qdisc
qdisc noqueue 0: dev dummy99 root refcnt 2
qdisc ingress ffff: dev dummy99 parent ffff:fff1 ----------------

$ network cat dumm99.network
[Match]
Name=dummy99

[TrafficControlQueueingDiscipline]
Parent=ingress
```
2019-12-11 00:06:31 +09:00
Yu Watanabe
bfb68540d5
Merge pull request #14280 from yuwata/network-tbf-more
network: tc: add more options for TBF
2019-12-11 00:02:43 +09:00
Yu Watanabe
393f783ed3
Merge pull request #14295 from poettering/greedy-alloc-round-up
add new GREEDY_ALLOC_ROUND_UP() to make strv_extend() a bit less slow
2019-12-10 20:17:33 +09:00
Lennart Poettering
5905d7cf5b tree-wide: use SD_ID128_STRING_MAX where appropriate 2019-12-10 11:56:18 +01:00
Lennart Poettering
b5ea030d65 id128: introduce ID128_UUID_STRING_MAX for sizing UUID buffers 2019-12-10 11:56:18 +01:00
Anita Zhang
dd1b315d22
Merge pull request #14284 from yuwata/network-fix-segfault-14283
network: fix segfault in parsing SendOption=
2019-12-09 13:33:36 -08:00
Lennart Poettering
6047637645 strv: when growing strv arrays piecemeal actually allocate memory in exponential steps
Let's improve memory allocation for call such as strv_extend() that just
one item to an strv: these are often called in a loop, where they used
to be very ineffecient, since we'd allocate byte-exact space. With this
change let's improve on that, by allocating exponentially by rounding up
to the next exponent of 2. This way we get GREEDY_REALLOC()-like
behaviour without passing around state.

In fact this should be good enough so that we could replace existing
loops around GREEDY_REALLOC() for strv build-up with plain strv_extend()
and get similar behaviour.
2019-12-09 18:36:03 +01:00
Lennart Poettering
47ac31f792 test-util: add more tests for ALIGN_POWER2 2019-12-09 18:36:00 +01:00
Lennart Poettering
e49e4c33dc macro: introduce new GREEDY_ALLOC_ROUND_UP() helper 2019-12-09 18:35:10 +01:00
Lennart Poettering
85c267afa7 macro: avoid subtraction overflow in ALIGN_POWER2() 2019-12-09 18:34:05 +01:00
Yu Watanabe
886e07a9cf test-network: add tests for new TBF settings 2019-12-10 01:28:38 +09:00
Yu Watanabe
dcfc23ae77 network: tc: add more options for TBF 2019-12-10 01:28:38 +09:00
Yu Watanabe
0810e6d787 test-network: add a test case for SendOption= 2019-12-10 01:28:09 +09:00
Yu Watanabe
83b56c70e6 network: fix segfault in parsing SendOption=
Fixes #14283.
2019-12-10 01:28:09 +09:00
Mike Gilbert
fb4b0465ab seccomp: real syscall numbers are >= 0
Real syscall numbers start at 0. The fake seccomp values seem to be
strictly less than 0.

Fixes: 4df8fe8415
2019-12-09 11:29:06 +01:00
Yong Cong Sin
0cab1f1976 Add Cube iWork 11 Stylus 2019-12-09 11:28:15 +01:00
Yu Watanabe
8ee08dc564 test: do not fail if new device is plugged during enumeration 2019-12-09 08:45:25 +00:00
Yu Watanabe
bc942f69aa test-network: make test_bind_carrier more stable 2019-12-08 19:52:01 +00:00
Yu Watanabe
84043bfd74
Merge pull request #14266 from topimiettinen/dont-resolve-user-if-not-root
resolved: don't resolve the user if not root
2019-12-09 00:15:31 +09:00
Yu Watanabe
debda5a4e5
Merge pull request #14273 from ssahani/ifb
network: introduce IFB
2019-12-08 05:13:08 +09:00
Yu Watanabe
6d62ec61b9 network: fix copy and paste mistake 2019-12-08 05:11:26 +09:00
Topi Miettinen
07317d6e34
resolved, networkd: don't resolve the user if not root
If a daemon is not started as root, most likely it also can't create its
directory and let's not try to resolve the user in that case either.

Create /run/systemd/netif/lldp with tmpfiles.d like other netif directories.

This is also very helpful for preparing a RootImage for the daemons as NSS crud
is not needed.
2019-12-07 18:55:54 +02:00
Yu Watanabe
b076d5d76d test-network: add test case for IFB 2019-12-08 00:03:29 +09:00
Susant Sahani
3295a461b3 network: introduce ifb (Intermediate Functional Block)
Intermediate Functional Block

The Intermediate Functional Block (ifb) pseudo network interface acts as a QoS concentrator for multiple different sources of traffic. Packets from or to other interfaces have to be redirected to it using the mirred action in order to be handled, regularly routed traffic will be dropped. This way, a single stack of qdiscs, classes and filters can be shared between multiple interfaces.

Here's a simple example to feed incoming traffic from multiple interfaces through a Stochastic Fairness Queue (sfq):

(1) # modprobe ifb
(2) # ip link set ifb0 up
(3) # tc qdisc add dev ifb0 root sfq
2019-12-07 15:29:50 +01:00
Susant Sahani
cec1552ad4 sd-netlink: add support for ifb device 2019-12-07 14:35:23 +01:00
Yu Watanabe
43a20059a5
Merge pull request #14102 from ssahani/acd-duplicate-ip
network: introduce DAD for static IPV4 address
2019-12-07 14:11:44 +09:00
Anita Zhang
65ca546f06
Merge pull request #14265 from keszybz/seccomp-log-line-fix
shared/seccomp: avoid possibly writing bogus errno code in debug log
2019-12-06 11:02:56 -08:00
Yu Watanabe
dc7d3c5fd4 test-network: add test case for IPv4 DAD 2019-12-06 23:29:28 +09:00
Susant Sahani
051e77cac1 network: introduce DAD for static address
Closes #2527.
2019-12-06 23:29:07 +09:00
Zbigniew Jędrzejewski-Szmek
b069c2a3f2 shared/seccomp: avoid possibly writing bogus errno code in debug log
CID 1409488.

This code was added in 903659e7b2. The change
that is done here is a simple fix to avoid use of a
unitialized/wrongly-initialized variable, but the bigger issue is that nothing
looks at the returned result to distinguish between 0 and a positive return
value.
2019-12-06 15:12:40 +01:00
Zbigniew Jędrzejewski-Szmek
36f43076b9
Merge pull request #14235 from fbuihuu/cryptsetup-fixes
Cryptsetup fixes
2019-12-06 12:46:42 +01:00
Yu Watanabe
2c7b826ddf network: do not drop foreign config if interface is in initialized state
If the interface is in initialized state, no network file is assigned to
the interface. If an interface is not managed by networkd, previously,
the foreign configs of the interface was dropped.

Fixes #14250.
2019-12-06 12:27:47 +01:00
Lennart Poettering
9929fe8c95
Merge pull request #14252 from keszybz/growfs-port-resizefs
Port growfs over to resizefs
2019-12-06 08:55:30 +01:00
Lennart Poettering
5391dd7bc0
Merge pull request #14253 from keszybz/cleanups
Cleanups
2019-12-06 08:55:15 +01:00
Lennart Poettering
5face5a50a
Merge pull request #14167 from cpaelzer/fix-MemoryDenyWriteExecute-x86-s390-bug-1853852-UPSTREAM
Fix memory_deny_write_execute on x86 and s390 with libseccomp 2.4.2
2019-12-06 08:54:54 +01:00
Dan Streetman
7db0544705 test-network: add tests to verify IPv6MTUBytes 2019-12-05 17:53:10 -05:00
Dan Streetman
3e82152543 test-network: disable restart limiting for networkd
Some of the tests restart networkd rapidly, so restart limiting
must be disabled to avoid start ratelimiting from causing test
failures.
2019-12-05 17:53:10 -05:00
Dan Streetman
fd372b1a68 test-network: in wait_online() allow a few seconds to reach setup_state 2019-12-05 17:53:03 -05:00
Dan Streetman
befd4b8b60 test-network: read link attribute at any depth 2019-12-05 17:50:15 -05:00
Dan Streetman
9dfc1a9339 test-network: allow specifying only individual drop-in files 2019-12-05 17:50:10 -05:00
Dan Streetman
d236718c16 network: set ipv6 mtu after link-up or device mtu change
The kernel resets the ipv6 mtu after NETDEV_UP or NETDEV_CHANGEMTU event,
so we must reset the ipv6 mtu to our configured value after we detect
IFF_UP flag set or after we set the device mtu.

Fixes: #13914.
2019-12-05 17:49:47 -05:00
Anita Zhang
a0b7f19876
Merge pull request #14258 from TimoWilken/patch-1
Fix typo (duplicate "or")
2019-12-05 10:55:20 -08:00
Timo Wilken
ab4fae0c8c
Fix typo (duplicate "or")
This fixes a double "or" in the text of `systemctl --help`.
2019-12-05 18:36:57 +00:00
Franck Bui
362c378291 cryptsetup: umount encrypted devices before detaching it during shutdown
This is done by ordering local-fs-pre.target and remote-fs-pre.target after
cryptsetup.target and remote-cryptsetup.target respectively.

Fixes: #8472
2019-12-05 11:43:05 +01:00
Franck Bui
1dc85eff1d crypsetup: introduce x-initrd.attach option
This option is an indication for PID1 that the entry in crypttab is handled by
initrd only and therefore it shouldn't interfer during the usual start-up and
shutdown process.

It should be primarily used with the encrypted device containing the root FS as
we want to keep it (and thus its encrypted device) until the very end of the
shutdown process, i.e. when initrd takes over.

This option is the counterpart of "x-initrd.mount" used in fstab.

Note that the slice containing the cryptsetup services also needs to drop the
usual shutdown dependencies as it's required by the cryptsetup services.

Fixes: #14224
2019-12-05 11:43:02 +01:00
Zbigniew Jędrzejewski-Szmek
5ebbb45bde TODO: remove obsolete entries
"introspect" is well established and OK. We shouldn't change it at this point.
2019-12-05 10:35:32 +01:00
Zbigniew Jędrzejewski-Szmek
bddeb54cbb Fix use of unitialized variable in error path
CID 1408478.
2019-12-05 10:31:34 +01:00
Zbigniew Jędrzejewski-Szmek
9142bbd19c
Merge pull request #14209 from poettering/sd-bus-sensitive
sd-bus bits from homed PR
2019-12-05 10:22:01 +01:00
Zbigniew Jędrzejewski-Szmek
68296b8b83
Merge pull request #14221 from poettering/homed-preparatory-resizefs
preparatory fs resizing support split out of homed PR
2019-12-05 10:17:10 +01:00