shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-06 13:17:44 +03:00
Code
55,123 Commits 36 Branches 652 Tags 226 MiB
e67a5c14f0
Commit Graph

55123 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Yu Watanabe
99f8a6d7f5
Merge pull request #21581 from keszybz/really-random-fixlets 
Really random fixlets
 2021-12-01 12:54:00 +09:00
Yu Watanabe
361bf5fb77
Merge pull request #21564 from yuwata/errno-eagain-eintr 
tree-wide: introduce ERRNO_IS_TRANSIENT() and use it
 2021-12-01 12:52:27 +09:00
Yu Watanabe
db58f6a933
Merge pull request #21536 from medhefgo/test 
test: Introduce TEST_RET macro
 2021-12-01 12:52:10 +09:00
Yu Watanabe
c8cbe8e0eb
Merge pull request #21288 from loongarch64/la64/main 
Add support for the LoongArch architecture.
 2021-12-01 12:51:48 +09:00
Luca Boccassi
c7b5d3b5e4
Merge pull request #21553 from yuwata/network-wireguard-add-routes-to-allowed-ips 
network: wireguard: add routes to AllowedIPs=
 2021-11-30 23:30:31 +00:00
Luca Boccassi
917e655457 analyze: add inspect-elf verb to parse package metadata 
Parses and prints package metadata from executables, libraries and core files

$ systemd-analyze inspect-elf /tmp/core ../fsverity-utils/fsverityb /bin/bash --json=off --no-pager
__________________________
           path: /tmp/core
        elfType: coredump
elfArchitecture: AMD x86-64

    module name: /tmp/crash
           type: deb
           name: hello
        version: 1.0
   architecture: amd64
             os: debian
      osVersion: 11
        buildId: b33541096a09c29a0ba4ec5c69364a2711b7c269

    module name: /usr/lib/x86_64-linux-gnu/libc-2.31.so
           type: deb
           name: hello
        version: 1.0
   architecture: amd64
             os: debian
      osVersion: 11
        buildId: 54eef5ce96cf37cb175b0d93186836ca1caf470c

    module name: /usr/lib/x86_64-linux-gnu/ld-2.31.so
           type: deb
           name: hello
        version: 1.0
   architecture: amd64
             os: debian
      osVersion: 11
        buildId: 32438eb3b034da54caf58c7a65446639f7cfe274
__________________________________________________________________
           path: /home/luca/git/systemd/../fsverity-utils/fsverity
        elfType: executable
elfArchitecture: AMD x86-64

           type: deb
           name: fsverity-utils
        version: 1.3-1
   architecture: amd64
             os: debian
   debugInfoUrl: https://debuginfod.debian.net
        buildId: 05b899e6ee0d3653e20458719b202ed3ca8d566f
_________________________
           path: /bin/bash
        elfType: executable
elfArchitecture: AMD x86-64

        buildId: 4fef260f60e257d2dbd4126bf8add83837aea190
$
$ systemd-analyze inspect-elf /tmp/core ../fsverity-utils/fsverity /bin/bash /tmp/core.test-condition.1000.f9b9a84a9fd1482c9702d6afa6f6934b.37640.1637083078000000 --json=pretty --no-pager
{
	"elfType" : "coredump",
	"elfArchitecture" : "AMD x86-64",
	"/home/bluca/git/fsverity-utils/fsverity" : {
		"type" : "deb",
		"name" : "fsverity-utils",
		"version" : "1.3-1",
		"buildId" : "7c895ecd2a271f93e96268f479fdc3c64a2ec4ee"
	},
	"/home/bluca/git/fsverity-utils/libfsverity.so.0" : {
		"type" : "deb",
		"name" : "fsverity-utils",
		"version" : "1.3-1",
		"buildId" : "b5e428254abf14237b0ae70ed85fffbb98a78f88"
	}
}
{
	"elfType" : "executable",
	"elfArchitecture" : "AMD x86-64",
	"/home/bluca/git/systemd/../fsverity-utils/fsverity" : {
		"type" : "deb",
		"name" : "fsverity-utils",
		"version" : "1.3-1",
		"buildId" : "7c895ecd2a271f93e96268f479fdc3c64a2ec4ee"
	}
}
{
	"elfType" : "executable",
	"elfArchitecture" : "AMD x86-64",
	"/bin/bash" : {
		"buildId" : "3313b4cb119dcce16927a9b6cc61dcd97dfc4d59"
	}
}
{
	"elfType" : "coredump",
	"elfArchitecture" : "AMD x86-64"
}
 2021-11-30 23:14:07 +00:00
Luca Boccassi
d48c2721b6 elf-util: add function to parse metadata out of ELF objects 
Parse the packaging metadata from an ELF object, if any, and
print a pretty table following the spec defined at:
https://systemd.io/COREDUMP_PACKAGE_METADATA/
 2021-11-30 23:14:07 +00:00
Kevin Kuehler
1cd7a2c172 resolve: Port dnskey verification by ds to openssl^gcrypt 
Co-authored-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
 2021-11-30 23:00:21 +01:00
Kevin Kuehler
0351cbb9e4 resolve: Port dnssec verify from gcrypt to openssl^gcrypt 
Co-authored-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
 2021-11-30 23:00:21 +01:00
Zbigniew Jędrzejewski-Szmek
667dac6ed6 resolved: split out function to hash signature 
dnssec_verify_rrset() is just too long.
 2021-11-30 23:00:21 +01:00
Zbigniew Jędrzejewski-Szmek
cc1ecbaaf3 resolved: split out function to generate signature 
dnssec_verify_rrset() is just too long.
 2021-11-30 23:00:21 +01:00
Kevin Kuehler
bf4b1adf6f resolve: Add coverage for dnssec ecdsa (rfc6605) 2021-11-30 23:00:21 +01:00
Zbigniew Jędrzejewski-Szmek
6214d42bd2 import: port importd from libgcrypt to openssl^gcrypt 
This is heavily based on Kevin Kuehler's work, but the logic is also
significantly changed: instead of a straighforward port to openssl, both
versions of the code are kept, and at compile time we pick one or the other.

The code is purposefully kept "dumb" — the idea is that the libgcrypt codepaths
are only temporary and will be removed after everybody upgrades to openssl 3.
Thus, a separate abstraction layer is not introduced. Instead, very simple
ifdefs are used to select one or the other. If we added an abstraction layer,
we'd have to remove it again afterwards, and it don't think it makes sense to
do that for a temporary solution.

Co-authored-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>

# Conflicts:
#	meson.build
 2021-11-30 23:00:21 +01:00
Zbigniew Jędrzejewski-Szmek
57633d2376 meson: add config setting to select between openssl and gcrypt 
This is not pretty, but it is supposed to be only a temporary measure.
 2021-11-30 23:00:21 +01:00
Kevin Kuehler
ade99252e2 repart: port to our home-grown hmac_sha256 
This reduces dependencies. The speed of the code here is uimportant, because we
hash only a tiny amount of input data.

Debian and Ubuntu currently build without repart, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976959
> repart requires openssl and so far I tried to avoid linking against
> both gnutls and openssl.

Co-authored-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
 2021-11-30 23:00:21 +01:00
Zbigniew Jędrzejewski-Szmek
160dadc035 tmpfiles: 'st' may have been used uninitialized 2021-11-30 22:57:31 +01:00
Zbigniew Jędrzejewski-Szmek
baf60a80b5 man: prettify line number handling in python example 
This way the 'line_number' variable contains the actual line number as we think
of it, instead of adjusting it on output.
 2021-11-30 22:56:51 +01:00
Zbigniew Jędrzejewski-Szmek
75c293f37d test-sizeof: show stack and heap randomization 
It's useful to reassure yourself those those things actually work ;)
 2021-11-30 22:55:15 +01:00
Zbigniew Jędrzejewski-Szmek
4248b9f6a5
Merge pull request #21580 from bluca/core_fork 
Switch coredump ELF parsing to fork+dlopen
 2021-11-30 21:49:53 +01:00
Yu Watanabe
6387cac3f3 test-network: add tests for creating routes to wireguard's AllowedIPs= 2021-12-01 04:00:16 +09:00
Yu Watanabe
e908434458 network: wireguard: automatically configure routes to addresses specified in AllowedIPs= 
Closes #14176.
 2021-12-01 04:00:11 +09:00
Yu Watanabe
28870a9d2e network: route: expose route_hash_ops 2021-12-01 03:56:00 +09:00
Yu Watanabe
9e11bd58fb network/wireguard: drop unnecessary .in6 specifier 
This should not change any behavior, as the size of the IPv4 address is
smaller than IPv6.
 2021-12-01 03:56:00 +09:00
Yu Watanabe
5e82a61375 network: route: read RTA_TABLE attribute to get route table 
If the table of a route is larger than 255, then the value is stored in
RTA_TABLE attribute. But the attribute is not supported by old kernels.
So, first try to read the value from RTA_TABLE attribute, then fallback
to the value in the message header.
 2021-12-01 03:53:09 +09:00
Yu Watanabe
af31670340 network: route: use typesafe function 2021-12-01 03:52:11 +09:00
Zbigniew Jędrzejewski-Szmek
5f1d6ebd2a oomd: use type suffix instead of casting 
The end result is the same.
 2021-11-30 18:42:47 +01:00
Yu Watanabe
528da64a0c network: address: drop deprecated temporary address 
Fixes #19838.
 2021-11-30 18:17:23 +01:00
Luca Boccassi
d2d8bd3a17 TODO: update dlopen todo list 2021-11-30 16:49:59 +00:00
Luca Boccassi
56f2a72919 elf-util: switch libelf/libdw to dlopen() 
In order to avoid inflating the dependency list for the core
library, use dlopen when inspecting elfs, since it's only
used in two non-core executables.
 2021-11-30 16:49:59 +00:00
Luca Boccassi
5361f62d6d meson: remove libdw dependency from pstore 
systemd-pstore does not use any symbol from libdw, and never did,
but the dependency was listed since the beginning
 2021-11-30 16:49:59 +00:00
Luca Boccassi
889f252973 elf-util: add stub for builds without libdw 2021-11-30 16:49:59 +00:00
Luca Boccassi
5564c6d802 elf-util: split out helper to parse build-id 2021-11-30 16:49:59 +00:00
Luca Boccassi
ea680f0524 coredump: move elf parsing utilities to src/shared/elf-util 2021-11-30 16:49:59 +00:00
Luca Boccassi
f05b5cddfb coredump: always log on failure in parse_core() 2021-11-30 16:49:58 +00:00
Luca Boccassi
f0e2377a68 coredump: make the buffer optional when analyzing a core file 
Allow later usage when we only want to fetch the JSON packaging metadata
 2021-11-30 16:49:58 +00:00
Luca Boccassi
61aea456c1 coredump: analyze object with libdwelf in forked process 
Parsing objects is risky as data could be malformed or malicious,
so avoid doing that from the main systemd-coredump process and
instead fork another process, and set it to avoid generating
core files itself.
 2021-11-30 16:49:58 +00:00
Luca Boccassi
67f7675f47 coredump: use _cleanup_ pattern 
Note that c.f needs to be closed _before_ taking or freeing
the buf pointer, as it might be invalidated
 2021-11-30 16:49:58 +00:00
Luca Boccassi
fe165e70cd coredump: flush accumulating buffer after parsing core file 2021-11-30 16:49:58 +00:00
Luca Boccassi
0e62d0340c coredump: check return of dwarf_getscopes 2021-11-30 16:49:58 +00:00
Zbigniew Jędrzejewski-Szmek
8592a0d799
Merge pull request #21578 from bluca/json_spec 
docs: clarify JSON terms in COREDUMP_PACKAGE_METADATA
 2021-11-30 16:36:36 +01:00
Xiaotian Wu
0444a6e4be gpt: update the gpt test case for LoongArch 2021-11-30 23:34:29 +08:00
Wu Xiaotian
5c0968a2d1 architecture: Add support for the LoongArch architecture 2021-11-30 23:34:20 +08:00
Rasmus Villemoes
4ced52595f sysusers: avoid creating spurious "nobody" group 
On distros using Debian's base-passwd, the name of the group with gid 65534 is
nogroup. Currently, systemd-sysusers creates a spurious "nobody" group

  systemd-sysusers[243]: Creating group nobody with gid 996

That's both confusing and redundant, as the nobody user still has primary group
65534 aka nogroup, and the nobody group simply goes completely unused.

So explicitly specify the primary group of the nobody user, and add a line
ensuring that that group exists.

This is not a problem for Debian (or Ubuntu) itself, as they add their own
version of basic.conf in their systemd build logic. But it appears on for
example Yocto/OpenEmbedded.
 2021-11-30 16:16:25 +01:00
Luca Boccassi
3d170ca580
Merge pull request #21573 from keszybz/one-more-table-sort 
One more table sort and man page updates
 2021-11-30 14:52:08 +00:00
Luca Boccassi
45f822ceb3 docs: clarify ELF note usage in COREDUMP_PACKAGE_METADATA 2021-11-30 14:42:43 +00:00
Yu Watanabe
b3d06b9226 libsystemd: ignore both EINTR and EAGAIN 2021-11-30 23:06:43 +09:00
Yu Watanabe
8add30a03c tree-wide: use ERRNO_IS_TRANSIENT() 2021-11-30 23:06:43 +09:00
Yu Watanabe
7aad83580f errno-util: introduce ERRNO_IS_TRANSIENT() 2021-11-30 23:06:43 +09:00
Yu Watanabe
16edfadc67 ask-password: fix error handling 
ERRNO_IS_NOT_SUPPORTED() also matches positive values.
Fortunately, lookup_key() does not return positive values.
 2021-11-30 23:05:24 +09:00
Yu Watanabe
97e80ee4a8 sd-dhcp6-client: fix error handling 2021-11-30 22:37:21 +09:00