1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-11 09:18:07 +03:00
Commit Graph

56186 Commits

Author SHA1 Message Date
Anita Zhang
3a17ffa68e
Merge pull request #22373 from DaanDeMeyer/journald-file-rename
journal: Rename JournaldFile to ManagedJournalFile
2022-02-02 13:53:18 -08:00
Luca Boccassi
dde009a879 core: simply freeing list in job_free()
Follow-up for cdebedb4d4
2022-02-02 16:33:25 +00:00
Luca Boccassi
b7b4252443 core: use strextend instead of strextendf when possible
Follow-up for cdebedb4d4
2022-02-02 16:33:25 +00:00
Luca Boccassi
5c10b98350
Merge pull request #22358 from yuwata/udevadm-test-support-dev-path-or-device-unit
udevadm: test,test-builtin: support /dev path or device unit
2022-02-02 15:32:20 +00:00
Yu Watanabe
84e8602dfe test: use rm_rf_physical_and_freep cleanup function 2022-02-02 15:31:40 +00:00
Daan De Meyer
d02af6f33b journal: Rename JournaldFile to ManagedJournalFile
JournalFile and JournaldFile are hard to distinguish from each other.
Let's use ManagedJournalFile instead to make the distinction more clear.
2022-02-02 14:39:39 +00:00
Yu Watanabe
613d65d88f network: update operational state when we remove an address 2022-02-02 20:44:47 +09:00
Evgeny Vereshchagin
9216fddc5a dhcp-identifier: always use a fixed machine-id while fuzzing
It's a follow-up to https://github.com/systemd/systemd/pull/10200 where
that fuzzer was introduced. At the time it was run regularly on machines
where machine-id wasn't present so it was kind of reproducible. Now
it's run on CIFuzz and CFLite using GHActions with the public OSS-Fuzz
corpora (based on that particular machine-id) so to fully utilize
those corpora it's necessary to use it always. Other than that
it makes it possible for fuzzers targeting outgoing packets
based on incoming packets like https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1795921
to get past client_parse_message on my machine :-)
2022-02-02 20:44:27 +09:00
Yu Watanabe
4900ae14a5 sd-device: drop device_new_from_synthetic_event() from libsystemd
It is used by only test-udev.c.
2022-02-02 20:34:38 +09:00
Yu Watanabe
043543f1bb udevadm: trigger: drop unnecessary slash 2022-02-02 20:34:38 +09:00
Yu Watanabe
f4f3249539 udevadm: make test and test-builtin command accept /dev path or device unit 2022-02-02 20:34:38 +09:00
Yu Watanabe
2079898088 sd-device: make device_set_action() take sd_device_action_t 2022-02-02 20:34:38 +09:00
Yu Watanabe
7f2e3eea28 sd-device: move device_read_uevent_file() to device-private.h
Then, it can be used by our tools or daemons.
2022-02-02 20:34:38 +09:00
Yu Watanabe
f30943c12f udev: do not generate format dynamically
Prompted by LGTM.
2022-02-02 20:34:31 +09:00
Yu Watanabe
e85fdacc8a test: allow to set NULL to intro or outro
Addresses https://github.com/systemd/systemd/pull/22338#discussion_r796741033.
2022-02-02 11:06:54 +00:00
Luca Boccassi
b0c7e3d0e1
Merge pull request #22359 from yuwata/mkdir-fix
mkdir: allow to create directory whose path contains symlink
2022-02-02 11:03:04 +00:00
Yu Watanabe
6f6b017b9b test: add a test for mkdir_p() 2022-02-02 15:09:45 +09:00
Yu Watanabe
5117059ee9 mkdir: allow to create directory whose path contains symlink
Fixes a regression caused by 3008a6f21c.

Before the commit, when `mkdir_parents_internal()` is called from `mkdir_p()`,
it uses `_mkdir()` as `flag` is zero. But after the commit, `mkdir_safe_internal()`
is always used. Hence, if the path contains a symlink, it fails with -ENOTDIR.

To fix the issue, this makes `mkdir_p()` calls `mkdir_parents_internal()` with
MKDIR_FOLLOW_SYMLINK flag.

Fixes #22334.
2022-02-02 15:09:45 +09:00
Yu Watanabe
e22916e61d mkdir: CHASE_NONEXISTENT cannot used in chase_symlinks_and_stat() 2022-02-02 15:09:45 +09:00
Yu Watanabe
e4de58c823 core/mount: fail early if directory cannot be created
Prompted by #22334.
2022-02-02 15:09:45 +09:00
Yu Watanabe
891c9b36cf
Merge pull request #22350 from poettering/journal-read-object-fix
journal: various fixes to journal_file_read_object()
2022-02-02 13:47:32 +09:00
Lennart Poettering
92b29166e1 systemctl: strings returned by sd_bus_message_read_basic() are immutable
It's totally not OK to write to the strings returned by it, the data is
shared by all code that references the message.

While we are at it, simplify the code via
json_variant_set_field_string().

Follow-up for: 5ef599b324
2022-02-02 13:46:46 +09:00
Lennart Poettering
e6d4a1106c journal-file: don't use pread() when determining where to append, use mmap as before
This partially undoes the effect of
ab6e257b3e.

Originally, we always used the mmap logic to determine the current end
of the file. ab6e257b3e changed this so
that we always used pread().

With this change we'll use pread() from the synchronization thread and
mmap otherwise.
2022-02-02 11:21:44 +09:00
Lennart Poettering
99839c7ebd tests: rework test macros to not take code as parameters
C macros are nasty. We use them, but we try to be conservative with
them. In particular passing literal, complex code blocks as argument is
icky, because of "," handling of C, and also because it's quite a
challange for most code highlighters and similar. Hence, let's avoid
that. Using macros for genreating functions is OK but if so, the
parameters should be simple words, not full code blocks.

hence, rework DEFINE_CUSTOM_TEST_MAIN() to take a function name instead
of code block as argument.

As side-effect this also fixes a bunch of cases where we might end up
returning a negative value from main().

Some uses of DEFINE_CUSTOM_TEST_MAIN() inserted local variables into the
main() functions, these are replaced by static variables, and their
destructors by the static destructor logic.

This doesn't fix any bugs or so, it's just supposed to make the code
easier to work with and improve it easthetically.

Or in other words: let's use macros where it really makes sense, but
let's not go overboard with it.

(And yes, FOREACH_DIRENT() is another one of those macros that take
code, and I dislike that too and regret I ever added that.)
2022-02-02 11:00:16 +09:00
Yu Watanabe
faa1b3c6c4 network: dhcp-server: make empty string to DNS= or friends clear previously specified servers 2022-02-02 10:02:57 +09:00
Yu Watanabe
32f8a613c5 sd-dhcp-lease: store static routes and classless static routes in different arrays
When classless static routes option is provided, then static routes
option should not be used. Hence, let's not mix and store them in one
storage.

This introduce sd_dhcp_lease_get_static_routes() and
sd_dhcp_lease_get_classless_routes().
2022-02-02 10:02:44 +09:00
Yu Watanabe
64a6b5ed21
Merge pull request #22351 from mrc0mmand/TEST-56-cgroupsv1
test: require unified cgroup hierarchy for TEST-56
2022-02-02 10:02:26 +09:00
Lennart Poettering
7ac29d2dab resolve: add missing OOM check 2022-02-02 07:08:03 +09:00
Luca Boccassi
86838bf08b core: warn on ExitType=cgroup with legacy cgroup setup
'cgroup empty' notifications are not reliable on v1, so log a warning.

See: https://github.com/systemd/systemd/issues/22320
2022-02-02 07:07:47 +09:00
Yu Watanabe
6a8ab6dd1e
Merge pull request #22332 from yuwata/network-dhcp-server-dns-server-address
network: dhcp-server: allow to specify server address for DNS= or friends
2022-02-02 07:07:22 +09:00
Yu Watanabe
e0ec975148
Merge pull request #22327 from joanbm/main_resolved_improvements
resolved: misc. small DnsStream refactors and improvements
2022-02-02 07:06:56 +09:00
Frantisek Sumsal
e262082018 test: require unified cgroup hierarchy for TEST-56
since cgroup empty notifications are unreliable in legacy cgroups.

See: systemd/systemd#22320
Complements: systemd/systemd#22344
2022-02-01 22:13:48 +01:00
Frantisek Sumsal
f723740871 test: introduce `get_cgroup_hierarchy() helper
which returns the host's cgroup hierarchy (unified, hybrid, or legacy).
2022-02-01 22:13:45 +01:00
Lennart Poettering
23b1e8d087 units: we need systemd-journald.service from systemd-journal-flush.service
This is a follow-up for d5ee050ffc, and
reintroduces a requirement dep from systemd-journal-flush.service onto
systemd-journald.service, but a weaker one than originally: a Wants= one
instead of a Requires= one.

Why? Simply because the service issues an IPC call to the journald,
hence it should pull it in. (Note that socket activation doesn't happen
for the Varlink socket it uses, hence we should pull in the service
itself.)
2022-02-02 05:09:39 +09:00
Yu Watanabe
c5f7a08739 test-network: add tests for DNS=_server_address in [DHCPServer] 2022-02-02 05:01:59 +09:00
Yu Watanabe
5f468b9f57 network: dhcp-server: introduce special value DNS=_server_address
Closes #15026.
2022-02-02 05:01:53 +09:00
Yu Watanabe
82140e956c
Merge pull request #22310 from yuwata/sd-dhcp-lease-fixes
sd-dhcp-lease: two fixes
2022-02-02 04:55:07 +09:00
Luca Boccassi
1e15b7c7f7
Merge pull request #22343 from poettering/assert-se-efi
efi: add/user assert_se()/ASSERT_SE_PTR() for OOM handling
2022-02-01 19:26:57 +00:00
Lennart Poettering
c0f65909cb analyze: correctly mention that --json= is also understood by inspect-elf 2022-02-02 03:55:51 +09:00
Joan Bruguera
c76120f1b8 resolved: Allow test-resolved-stream to run concurrently
Since test-resolved-stream brings up a simple DNS server on 127.0.0.1:12345,
only one instance could run at a time, so it would fail when run like
`meson test -C build test-resolved-stream --repeat=1000`.
Similarly, if by chance something is up on port 12345, the test would fail.

To make the test more reliable, run it in an isolated user + network namespace.
If this fails (some distributions disable user namespaces), just run as before.
2022-02-01 19:25:32 +01:00
Joan Bruguera
839a70c353 resolved: Read as much as possible per stream EPOLLIN event
In commit 2aaf6bb6e9, an issue was fixed where
systemd-resolved could get stuck for multiple seconds waiting for incoming data,
since GnuTLS/OpenSSL can buffer a TLS record, so data could be available, but
no EPOLLIN event would be generated.

To fix this, a somewhat elaborate logic consisting on asking the TLS library
whether it had buffered data, then "faking" an EPOLLIN event was implemented.

However, there is a much simpler solution: Always read as much data as available
(i.e. until we get an event like EAGAIN when trying to read) from the stream
when we get an EPOLLIN event, instead of at most a single packet per event.
This approach does not require asking the TLS library whether it has buffered
data, and the logic is exactly the same for both the TCP and TLS case.

test-resolved-stream is fixed to avoid a latent double free bug.
2022-02-01 19:25:32 +01:00
Joan Bruguera
aa892849d5 resolved: Avoid multiple SSL writes per DoT packet
In the DoT case, dns_stream_writev decomposed an iovec into multiple
dnstls_stream_write calls, which resulted in multiple SSL writes and multiple
TLS records. This can be checked from a network capture, e.g. using socat:
socat -v -x openssl-listen:853,reuseaddr,fork,cert=my.cert,key=my.key,verify=0 openssl:8.8.8.8:853

Instead, propagate the iovec as-is into the DoT handling code. For GnuTLS, the
library provides support for buffering ('corking') a record. OpenSSL has no
such facility, so we join the iovec into a single buffer then call SSL_write.

socat capture of `resolvectl -4 query --cache=no example.com` before the commit:

> 2022/01/30 13:35:52.194200  length=2 from=0 to=1
 00 28                                            .(
--
> 2022/01/30 13:35:52.194253  length=40 from=2 to=41
 1e b2 01 00 00 01 00 00 00 00 00 01 07 65 78 61  .............exa
 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 00 00 29  mple.com.......)
 ff e4 00 00 00 00 00 00                          ........
--
< 2022/01/30 13:35:52.232798  length=58 from=0 to=57
 00 38 1e b2 81 80 00 01 00 01 00 00 00 01 07 65  .8.............e
 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 c0  xample.com......
 0c 00 01 00 01 00 00 53 6f 00 04 5d b8 d8 22 00  .......So..]..".
 00 29 02 00 00 00 00 00 00 00                    .)........

socat capture of `resolvectl -4 query --cache=no example.com` after the commit:

> 2022/01/30 13:34:47.598099  length=42 from=504 to=545
 00 28 37 86 01 00 00 01 00 00 00 00 00 01 07 65  .(7............e
 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 00  xample.com......
 00 29 ff e4 00 00 00 00 00 00                    .)........
--
< 2022/01/30 13:34:47.613203  length=58 from=756 to=813
 00 38 37 86 81 80 00 01 00 01 00 00 00 01 07 65  .87............e
 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 c0  xample.com......
 0c 00 01 00 01 00 00 52 5e 00 04 5d b8 d8 22 00  .......R^..]..".
 00 29 02 00 00 00 00 00 00 00                    .)........
2022-02-01 19:24:40 +01:00
Joan Bruguera
eff107736e resolved: Make event flags logic robust for DoT
Since when handling a DNS over TLS stream, the TLS library can override the
requested events through dnstls_events for handshake/shutdown purposes,
obtaining the event flags through sd_event_source_get_io_events and checking
for EPOLLIN or EPOLLOUT does not really tell us whether we want to read/write
a packet. Instead, it could just be OpenSSL/GnuTLS doing something else.

To make the logic more robust (and simpler), save the flags that tell us
whether we want to read/write a packet, and check them instead of the IO flags.

(& use uint32_t for the flags like in sd_event_source_set_io_events prototype)
2022-02-01 19:24:40 +01:00
Lennart Poettering
e5d8473335 journal: various fixes to journal_file_read_object()
This fixes a bunch of issues:

pread() returns ssize_t, and returns errors in 'errno', handle that
correctly.

More importantly: it might incompletely read data in case we hit
EOF. Check for that, and handle it.

Finally, rename the function to journal_file_read_object_header(), since
it really doesn't read full objects, but only their headers.

Follow-up for: 117e21121e
2022-02-01 18:45:23 +01:00
Lennart Poettering
bb7031bcaa NEWS: minor formatting tweaks 2022-02-01 17:59:49 +01:00
Luca Boccassi
a1cad433bd
Merge pull request #22341 from poettering/pam-end-fix
pid1: pam_end() PAM_DATA_SILENT fix
2022-02-01 16:34:00 +00:00
Lennart Poettering
007e03b284 util: another set of CVE-2021-4034 assert()s
It's a good idea that we validate argc/argv when we are supposed to
store them away.
2022-02-01 14:44:08 +00:00
Lennart Poettering
1462d2451a efi: use assert_se() instead of assert() to guard for OOM issues in EFI code 2022-02-01 15:31:20 +01:00
Lennart Poettering
8890ec82f5 macro: add ASSERT_SE_PTR() macro
ASSERT_SE_PTR() is like ASSERT_PTR() but uses assert_se() instead of
assert() internally.

Code should use ASSERT_SE_PTR() where the check should never be
optimized away, even if NDEBUG is set.

Rationale: assert() is the right choice for validating assumptions about
our own code, i.e. checking conditions that are "impossible" to not
hold, because we ourselves hacked things up the "right" way of course.
assert_se() is the right choice for tests that come with a weaker
guarantee, they encode assumptions over other's API behaviour, i.e.
whether something can fail there or not.

When developing tools that are not oom-safe assert_se() is the right
choice: we know that on Linux OOM doesn't really happen, even though
theoretically the API allows it to happen.

Usecase for ASSERT_SE_PTR() is mostly the fatal memory allocation logic
for EFI memory allocations. So far it used regular assert() i.e. OOM
failurs would be totally ignored if NDEBUG is set. We'd rather have our
EFI program to print an assert message and freeze instead though.
2022-02-01 15:31:05 +01:00
Lennart Poettering
3b23a6c40a fundamental: support assert_se() in EFI mode too 2022-02-01 15:29:21 +01:00