1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-23 17:34:00 +03:00
Commit Graph

57134 Commits

Author SHA1 Message Date
dependabot[bot]
a1a1e0b79f build(deps): bump github/codeql-action from 1.1.3 to 2.1.6
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.1.3 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](75f07e7ab2...28eead2408)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 21:39:20 +00:00
dependabot[bot]
5f82d58bb0 build(deps): bump github/super-linter from 4.8.5 to 4.9.1
Bumps [github/super-linter](https://github.com/github/super-linter) from 4.8.5 to 4.9.1.
- [Release notes](https://github.com/github/super-linter/releases)
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md)
- [Commits](b8641364ca...3792fe5373)

---
updated-dependencies:
- dependency-name: github/super-linter
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 21:37:14 +00:00
Lennart Poettering
bd4dea76de veritysetup: fix memory corruption
We must copy the option string, since in one case we are called with a
pointer into dynamic memory that will be freed by the caller.

As discussed here: https://github.com/systemd/systemd/pull/22908/files#r839394490

Follow-up for: #22908
2022-04-02 02:22:39 +09:00
Yu Watanabe
95cd21928f
Merge pull request #22939 from yuwata/tree-wide-space
tree-wide: add space after if, switch, for, and while
2022-04-02 01:32:26 +09:00
Yu Watanabe
b17a681be5 tree-wide: fix typo 2022-04-02 00:34:39 +09:00
Lennart Poettering
0d08db7f89 udev: add /dev/disk/by-diskseq symlink for block devices
This adds another symlink for block devices:

    /dev/disk/by-diskseq/<number>

where the number is the diskseq number as exposed by the kernel. It's
useful for apps because they can use it to open a device by diskseq, in
a way that is safe against device node reuse. I.e. if a device node path
like this is passed to an app it could open the device node via the
symlink and also parse the diskseq from the path. Once the device is
opened it could compare the parsed diskseq with the one returned by
BLKGETDISKSEQ on the open node, and if it matches they know they are
talking to the right device.

Fixes: #22906
2022-04-01 23:44:37 +09:00
Yu Watanabe
37ebfe49de
Merge pull request #22926 from bluca/analyze_offline_filter
analyze: fix offline checks for syscall filter and 'native' architecture
2022-04-01 23:43:18 +09:00
Lennart Poettering
356ad32dc2
Merge pull request #22921 from poettering/uid-range-tweaks
userns uid range tweaks: taint systemd if assigned userns uid range too short, and show userns uid range in userdbctl output
2022-04-01 15:58:55 +02:00
Yu Watanabe
798931160e tree-wide: add a space after if, switch, for, and while 2022-04-01 22:48:42 +09:00
Yu Watanabe
72dce85a60 test: add space between arguments 2022-04-01 22:28:13 +09:00
Lennart Poettering
fdf02a4f26 path-util: use STR_IN_SET() where appropriate 2022-04-01 15:23:43 +02:00
Lennart Poettering
6cdd6d1acc notify: remove spurious whitespace 2022-04-01 15:23:43 +02:00
Lennart Poettering
ca782b85fc
Merge pull request #22934 from poettering/tls-test-fix-root
tests: make test-resolved-stream suceed even when run as root with restrictive access mode on build tree dir
2022-04-01 15:22:43 +02:00
Lennart Poettering
aed3c5eca3 process-util: refactor APIs for reading /proc/self/xyz symlinks
The three functions for reading cwd, exe and root symlinks of processes
already share a common core: get_process_link_contents(). Let's refactor
that a bit, and move formatting of the /proc/self/ path into this helper
function instead of doing that in the caller, thus sharing more code.

While we are at it, make the return parameters optional, in case the
information if the links are readable is interesting, but the contents
is not. (This also means safe_getcwd() and readlinkat_malloc() are
updated to make the return parameter optional, as these are called by
the relevant three functions)
2022-04-01 15:22:27 +02:00
Luca Boccassi
dd51e725df analyze: fix offline check for syscal filter
The deny/allow list check was inverted, if we are deny listing and the
hashmap contains the syscall then that's good

Fixes https://github.com/systemd/systemd/issues/22914
2022-04-01 10:42:48 +01:00
Luca Boccassi
1449b0f8a9 analyze: fix offline check for 'native' syscall architecture
Enum values are stored in the set, not strings
2022-04-01 10:42:48 +01:00
Yu Watanabe
b8529cf376
Merge pull request #22872 from yuwata/udevadm-wait
udevadm: introduce 'wait' command
2022-04-01 18:41:03 +09:00
Lennart Poettering
9cce7fb193 userdbctl: also show available UID range in current userns
Containers generally have a smaller UID range assigned than host
systems. Let's visualize this in the user/group tables. We insert
markers for unavailable regions. This way display is identical to status
quo ante on host systems, but in containers unavailable ranges will be
shown as that.

And while we are at it, also hide well-known UID ranges when they are
outside of userns uid_map range. This is mostly about the "container"
range. It's pointless showing the cotnainer range (i.e. a range UID >
65535) if that range isn#t available in the container anyway.
2022-04-01 11:21:44 +02:00
Lennart Poettering
49888d31b6 update TODO 2022-04-01 11:21:44 +02:00
Lennart Poettering
63e8df046b pid1: add taint flag if uid/gid userns range too small
This will taint systemd if invoked in containers that do not have the
full 16bit range of UIDs defined.

we pretty much need uid root…nobody to be defined for a variety of
purposes, hence let's add this taint flag. Of course taints are
graceful, but it at least communicates the mess in some way...
2022-04-01 11:21:44 +02:00
Lennart Poettering
556560495e uid-range: replace uid_range_contains() by more generalized uid_range_covers()
The former checks if one UID is inside the uid range set. The latter
checks if a full UID range is inside the uid range set. The former is
hence a special case of the latter.
2022-04-01 11:20:12 +02:00
Lennart Poettering
0a5c6a57c6 uid-range: add some overflow checks 2022-04-01 11:20:12 +02:00
Lennart Poettering
5674aa7a2c uid-range: add new uid_range_load_userns() for loading /proc/self/uid_map 2022-04-01 11:20:12 +02:00
Lennart Poettering
2e37ebdae9 test: port test-uid-range to tests.h 2022-04-01 11:20:12 +02:00
Lennart Poettering
09bbaa419b uid-range: use size_t for array size 2022-04-01 11:20:12 +02:00
Lennart Poettering
ed59b44309 test-resolved-stream: before entering user/network namespaces check if that's safe
I regularly run my tests also as root, since some of the tested code
uses privileged APIs. The test-resolved-stream so far tried to run its
tests in a user/network namespace if that can be allocated. This caused
the tests to fail on my system where once the user namespace is opened
access to the build tree in my $HOME is prohibited (due to restricted
access modes on my home dir). Let's add a check for that: before
actually isolating the test in a user/network namespace, let's see if
that would make it impossible for us to access the build tree (which we
need to do load the TLS certificates the test requires).

This should make the test pass when run as root from a build tree with
restrictive access mode.
2022-04-01 11:14:56 +02:00
Lennart Poettering
8419213d99 tests: modernize load_testdata_env() a bit
Let's add assert() around everyhing we don't expect to fail.

Port to path_extract_directory().

Log errrors from load_env_file_pairs() which we ignore.
2022-04-01 11:14:56 +02:00
Lennart Poettering
5b89bff55f update TODO 2022-04-01 11:03:59 +02:00
Yu Watanabe
78e278ad48 udev: use sd_device_open() where appropriate 2022-04-01 15:21:05 +09:00
Yu Watanabe
9534d6c9ea test: add test for sd_device_open() 2022-04-01 15:20:48 +09:00
Yu Watanabe
f9a726abef sd-device: introduce sd_device_open()
We usually open() device node obtained by sd_device_get_devname().
However, the device node corresponds to the sd-device object may be
already removed, and another device node with the same path may be
created, hence an unexpected device may be opened.

The sd_device_open() opens device node, and checks the devnum and
diskseq of opened devnum, to avoid the above possibility.

Prompted by https://github.com/systemd/systemd/issues/22906#issuecomment-1082736443.
2022-04-01 15:13:18 +09:00
Yu Watanabe
7e93a65868 fd-util: rename loop_get_diskseq() -> fd_get_diskseq()
And move it from loop-util.[ch] -> fd-util.[ch]
2022-04-01 15:13:18 +09:00
Yu Watanabe
2076612f84 basic/missing: move BLKGETDISKSEQ to missing_fs.h
As it is defined at linux/fs.h.
2022-04-01 15:13:18 +09:00
Yu Watanabe
e529abe24d test: replace helper_wait_for_dev() with 'udevadm wait' 2022-04-01 15:13:18 +09:00
Yu Watanabe
aa2b0d8d29 udevadm: introduce new 'wait' command
Prompted by https://github.com/systemd/systemd/pull/22717#issuecomment-1067348496.

The new command 'udevadm wait' waits for device or device symlink being
created. This may be useful to wait for a device is processed by udevd
after e.g. formatting or partitioning the device.
2022-04-01 15:13:18 +09:00
Yu Watanabe
209294ad24 test: add more tests for sd_device_new_from_xxx() 2022-04-01 15:13:14 +09:00
Yu Watanabe
e418f9658b sd-device: introduce sd_device_new_from_devname()
and sd_device_new_from_path() which takes devname or syspath.
2022-04-01 15:03:33 +09:00
Lennart Poettering
45bff9b4e2 systemctl: show tainted state 2022-03-31 22:11:32 +01:00
Lennart Poettering
40efaaed42 pid1: check for kernels older than baseline
Let's make this detectable explicitly.
2022-03-31 22:11:20 +01:00
Luca Boccassi
58270534bf
Merge pull request #22923 from poettering/userns-check-refactor
virt: minor running_in_userns() modernizations
2022-03-31 22:11:03 +01:00
Lennart Poettering
d6d450074f
Merge pull request #22919 from poettering/cryptsetup-tweaks
various minor tweaks to cryptsetup/veritysetup/integritysetup
2022-03-31 16:50:37 +02:00
Lennart Poettering
16fa47463c virt: use read_virtual_file() for reading /proc/self/setgroups 2022-03-31 16:34:41 +02:00
Lennart Poettering
b2a331f2e0 virt: simplify userns_has_mapping() by using fscanf() instead of scanf()
And while we are at it, also fix propagation of an uninitialized errno
error.
2022-03-31 16:34:41 +02:00
Antonio Alvarez Feijoo
49be03838d cryptsetup: fall back to traditional unlocking if any TPM2 operation fails
If any TPM2 operation fails, the boot process should continue and
prompt for a text password (if configured to do so).

Fixes #22870
2022-03-31 14:58:21 +01:00
Lennart Poettering
9e83d3e45f update TODO 2022-03-31 14:39:55 +02:00
Martin Liska
0bd292567a Support -D_FORTIFY_SOURCE=3 by using __builtin_dynamic_object_size.
As explained in the issue, -D_FORTIFY_SOURCE=3 requires usage
of __builtin_dynamic_object_size in MALLOC_SIZEOF_SAFE macro.

Fixes: #22801
2022-03-31 21:13:34 +09:00
Franck Bui
f887eab1da meson: build kernel-install man page when necessary 2022-03-31 21:12:05 +09:00
Sebastian Pucilowski
f81ac115dc Fix "link-local" language inconsistencies
"Link-local" and "link local" are used throughout man pages and program
output, with the former used far more than the latter. This commit makes
it consistent throughout the project.
2022-03-31 12:08:29 +02:00
Lennart Poettering
e2bc5194af integritysetup: also validate volume name
Exactly like for veritysetup/cryptsetup
2022-03-31 11:44:46 +02:00
Lennart Poettering
752d859442 integritysetup: also port to mangle_none()
Let's make the tool work more like veritysetup/cryptsetup in this regard
too.
2022-03-31 11:44:46 +02:00