1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 23:21:22 +03:00
Commit Graph

42631 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
b069c2a3f2 shared/seccomp: avoid possibly writing bogus errno code in debug log
CID 1409488.

This code was added in 903659e7b2. The change
that is done here is a simple fix to avoid use of a
unitialized/wrongly-initialized variable, but the bigger issue is that nothing
looks at the returned result to distinguish between 0 and a positive return
value.
2019-12-06 15:12:40 +01:00
Zbigniew Jędrzejewski-Szmek
36f43076b9
Merge pull request #14235 from fbuihuu/cryptsetup-fixes
Cryptsetup fixes
2019-12-06 12:46:42 +01:00
Yu Watanabe
2c7b826ddf network: do not drop foreign config if interface is in initialized state
If the interface is in initialized state, no network file is assigned to
the interface. If an interface is not managed by networkd, previously,
the foreign configs of the interface was dropped.

Fixes #14250.
2019-12-06 12:27:47 +01:00
Zbigniew Jędrzejewski-Szmek
6b2a8b80b4 shared/loop-util: drop inline function with one use 2019-12-06 10:56:49 +01:00
Zbigniew Jędrzejewski-Szmek
ba5450f411 shared/loop-util: fix leak of fd in error path 2019-12-06 10:40:20 +01:00
Zbigniew Jędrzejewski-Szmek
1163a2e98a shared/loop-util: operate on the right fd
'loop' is always -1 at this point in the code.
2019-12-06 10:39:14 +01:00
Lennart Poettering
9929fe8c95
Merge pull request #14252 from keszybz/growfs-port-resizefs
Port growfs over to resizefs
2019-12-06 08:55:30 +01:00
Lennart Poettering
5391dd7bc0
Merge pull request #14253 from keszybz/cleanups
Cleanups
2019-12-06 08:55:15 +01:00
Lennart Poettering
5face5a50a
Merge pull request #14167 from cpaelzer/fix-MemoryDenyWriteExecute-x86-s390-bug-1853852-UPSTREAM
Fix memory_deny_write_execute on x86 and s390 with libseccomp 2.4.2
2019-12-06 08:54:54 +01:00
Dan Streetman
7db0544705 test-network: add tests to verify IPv6MTUBytes 2019-12-05 17:53:10 -05:00
Dan Streetman
3e82152543 test-network: disable restart limiting for networkd
Some of the tests restart networkd rapidly, so restart limiting
must be disabled to avoid start ratelimiting from causing test
failures.
2019-12-05 17:53:10 -05:00
Dan Streetman
fd372b1a68 test-network: in wait_online() allow a few seconds to reach setup_state 2019-12-05 17:53:03 -05:00
Dan Streetman
befd4b8b60 test-network: read link attribute at any depth 2019-12-05 17:50:15 -05:00
Dan Streetman
9dfc1a9339 test-network: allow specifying only individual drop-in files 2019-12-05 17:50:10 -05:00
Dan Streetman
d236718c16 network: set ipv6 mtu after link-up or device mtu change
The kernel resets the ipv6 mtu after NETDEV_UP or NETDEV_CHANGEMTU event,
so we must reset the ipv6 mtu to our configured value after we detect
IFF_UP flag set or after we set the device mtu.

Fixes: #13914.
2019-12-05 17:49:47 -05:00
Anita Zhang
a0b7f19876
Merge pull request #14258 from TimoWilken/patch-1
Fix typo (duplicate "or")
2019-12-05 10:55:20 -08:00
Timo Wilken
ab4fae0c8c
Fix typo (duplicate "or")
This fixes a double "or" in the text of `systemctl --help`.
2019-12-05 18:36:57 +00:00
Zbigniew Jędrzejewski-Szmek
14bb274d3f networkd: check return value
CID 1408497.
2019-12-05 18:19:06 +01:00
Franck Bui
362c378291 cryptsetup: umount encrypted devices before detaching it during shutdown
This is done by ordering local-fs-pre.target and remote-fs-pre.target after
cryptsetup.target and remote-cryptsetup.target respectively.

Fixes: #8472
2019-12-05 11:43:05 +01:00
Franck Bui
1dc85eff1d crypsetup: introduce x-initrd.attach option
This option is an indication for PID1 that the entry in crypttab is handled by
initrd only and therefore it shouldn't interfer during the usual start-up and
shutdown process.

It should be primarily used with the encrypted device containing the root FS as
we want to keep it (and thus its encrypted device) until the very end of the
shutdown process, i.e. when initrd takes over.

This option is the counterpart of "x-initrd.mount" used in fstab.

Note that the slice containing the cryptsetup services also needs to drop the
usual shutdown dependencies as it's required by the cryptsetup services.

Fixes: #14224
2019-12-05 11:43:02 +01:00
Zbigniew Jędrzejewski-Szmek
5ebbb45bde TODO: remove obsolete entries
"introspect" is well established and OK. We shouldn't change it at this point.
2019-12-05 10:35:32 +01:00
Zbigniew Jędrzejewski-Szmek
bddeb54cbb Fix use of unitialized variable in error path
CID 1408478.
2019-12-05 10:31:34 +01:00
Zbigniew Jędrzejewski-Szmek
9142bbd19c
Merge pull request #14209 from poettering/sd-bus-sensitive
sd-bus bits from homed PR
2019-12-05 10:22:01 +01:00
Zbigniew Jędrzejewski-Szmek
68296b8b83
Merge pull request #14221 from poettering/homed-preparatory-resizefs
preparatory fs resizing support split out of homed PR
2019-12-05 10:17:10 +01:00
Zbigniew Jędrzejewski-Szmek
d6f1e66076 growfs: port over to resize_fs() 2019-12-05 10:15:49 +01:00
Zbigniew Jędrzejewski-Szmek
2b82a99fe0 growfs: define main function through macro 2019-12-05 09:22:13 +01:00
Yu Watanabe
ec34e7d1ab
Merge pull request #14229 from yuwata/nspawn-network-interface-14223
nspawn: do not fail if udev is not running
2019-12-05 16:10:29 +09:00
Christian Ehrhardt
49219b5c2a
seccomp: mmap test results depend on kernel/libseccomp/glibc
Like with shmat already the actual results of the test
test_memory_deny_write_execute_mmap depend on kernel/libseccomp/glibc
of the platform it is running on.

There are known-good platforms, but on the others do not assert success
(which implies test has actually failed as no seccomp blocking was achieved),
but instead make the check dependent to the success of the mmap call
on that platforms.

Finally the assert of the munmap on that valid pointer should return ==0,
so that is what the check should be for in case of p != MAP_FAILED.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2019-12-05 07:19:12 +01:00
Christian Ehrhardt
5ef3ed97e3
seccomp: use per arch shmat_syscall
At the beginning of seccomp_memory_deny_write_execute architectures
can set individual filter_syscall, block_syscall, shmat_syscall values.
The former two are then used in the call to add_seccomp_syscall_filter
but shmat_syscall is not.

Right now all shmat_syscall values are the same, so the change is a
no-op, but if ever an architecture is added/modified this would be a
subtle source for a mistake so fix it by using shmat_syscall later.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2019-12-05 07:19:12 +01:00
Christian Ehrhardt
903659e7b2
seccomp: ensure rules are loaded in seccomp_memory_deny_write_execute
If seccomp_memory_deny_write_execute was fatally failing to load rules it
already returned a bad retval.
But if any adding filters failed it skipped the subsequent seccomp_load and
always returned an rc of 0 even if no rule was loaded at all.

Lets fix this requiring to (non fatally-failing) load at least one rule set.

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2019-12-05 07:19:12 +01:00
Christian Ehrhardt
bed4668d1d
seccomp: fix multiplexed system calls
Since libseccomp 2.4.2 more architectures have shmat handled as multiplexed
call. Those will fail to be added due to seccomp_rule_add_exact failing
on them since they'd need to add multiple rules [1].
See the discussion at https://github.com/seccomp/libseccomp/issues/193

After discussions about the options rejected [2][3] the initial thought of
a fallback to the non '_exact' version of the seccomp rule adding the next
option is to handle those now affected (i386, s390, s390x) the same way as
ppc which ignores and does not block shmat.

[1]: https://github.com/seccomp/libseccomp/issues/193
[2]: https://github.com/systemd/systemd/pull/14167#issuecomment-559136906
[3]: https://github.com/systemd/systemd/commit/469830d1
2019-12-05 07:19:07 +01:00
Anita Zhang
da4dd97405
Merge pull request #14173 from ssahani/tc-sfq
network: tc: introduce sfq and tbf
2019-12-04 16:14:11 -08:00
Anita Zhang
adae5eb977
Merge pull request #14219 from poettering/homed-preparatory-loop
preparatory /dev/loopN support split out of homed PR
2019-12-04 16:07:41 -08:00
Yu Watanabe
bf331d8717 network: if /sys is rw, then udev should be around
This switches detect_container() to path_is_read_only_rw("/sys"), as if
systemd-udevd.service is conditionalized with that way.

This also updates the log message.
2019-12-05 08:22:52 +09:00
Yu Watanabe
26208d5b96 nspawn: do not fail if udev is not running
If /sys is read only filesystem, e.g., nspawn is running in container,
then usually udev is not running. In such a case, let's assume that
the interface is already initialized. Also, this makes nspawn refuse
to use the network interface which is under renaming.

Fixes #14223.
2019-12-05 08:22:16 +09:00
Guilhem Lettron
2e22a54f4e Implement SNI when using DNS-over-TLS
Some DNS providers need SNI to identify client.

This can be used by adding #name to a DNS.
Example:
[Resolve]
DNS=192.168.1.1#example.com
2019-12-04 23:24:06 +09:00
Lennart Poettering
b7aa08ca15
Merge pull request #14111 from keszybz/unknown-section-warning
Warn about unknown sections
2019-12-04 14:12:24 +01:00
Lennart Poettering
6f0245b342 sd-bus: don't include properties maked as "emit-invalidation" in InterfacesAdded signals
Properties marked this way really shouldn't be sent around willy-nilly,
that's what the flag is about, hence exclude it from InterfacesAdded
signals (and in fact anything that is a signal).
2019-12-04 13:46:23 +01:00
Lennart Poettering
7a77d2a41c sd-bus: add new call sd_bus_message_sensitive() and SD_BUS_VTABLE_SENSITIVE
This allows marking messages that contain "sensitive" data with a flag.
If it's set then the messages are erased from memory when the message is
freed.

Similar, a flag may be set on vtable entries: incoming/outgoing message
matching the entry will then automatically be flagged this way.

This is supposed to be an easy method to mark messages containing
potentially sensitive data (such as passwords) for proper destruction.

(Note that this of course is only is as safe as the broker in between is
doing something similar. But let's at least not be the ones at fault
here.)
2019-12-04 13:46:23 +01:00
Zbigniew Jędrzejewski-Szmek
41ab3b7a85
Merge pull request #13953 from SpencerMichaels/systemd-boot-efistub-id-fix
boot: Fix default/oneshot selection for EFISTUB entries
2019-12-04 13:30:52 +01:00
Lennart Poettering
f9f8268ac6
Merge pull request #14218 from poettering/homed-preparatory-small-stuff
Assorted smaller stuff split out from homed PR
2019-12-04 13:13:38 +01:00
Lennart Poettering
ef560d8b06
Merge pull request #13886 from poettering/sd-event-pidfd
add pidfd support to sd-event (but not yet PID 1)
2019-12-04 13:13:18 +01:00
Yu Watanabe
0ab9279132 test-network: add a test case for SFQ 2019-12-04 20:58:33 +09:00
Yu Watanabe
b2340fbb5a network: SFQ cannot be configured with netem or TBF 2019-12-04 20:58:33 +09:00
Susant Sahani
9942b71089 network: tc introduce sfq - Stochastic Fairness Queueing
Stochastic Fairness Queueing is a classless queueing discipline.
SFQ does not shape traffic but only schedules the transmission of packets, based on 'flows'.
The goal is to ensure fairness so that each flow is able to send data in turn,
thus preventing any single flow from drowning out the rest.
2019-12-04 20:58:17 +09:00
Yu Watanabe
1b628c4f64 test-network: add test case for TBF 2019-12-04 20:57:48 +09:00
Yu Watanabe
f1dba55565 network: drop unnecessary headers 2019-12-04 20:57:48 +09:00
Yu Watanabe
6483f04381 network: make network_emulator_fill_message() take NetworkEmulator 2019-12-04 20:57:39 +09:00
Yu Watanabe
edc54f2f75 network: rename QDiscs to QDisc 2019-12-04 20:57:01 +09:00
Yu Watanabe
8efb93f02d network: ignore sections which have both NetworkEmulator and TokenBufferFilter settings 2019-12-04 20:55:55 +09:00