1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-31 16:21:26 +03:00
Commit Graph

49691 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
a71c096850 rfkill: use short writes and accept long reads
I'm seeing the following with kernel-core-5.10.16-200.fc33.x86_64:

$ sudo SYSTEMD_LOG_LEVEL=debug build/systemd-rfkill
Reading struct rfkill_event: got 8 bytes.
A new rfkill device has been added with index 0 and type bluetooth.
Found cgroup2 on /sys/fs/cgroup/, full unified hierarchy
Found container virtualization none.
rfkill0: Operating on rfkill device 'tpacpi_bluetooth_sw'.
Writing struct rfkill_event successful (8 of 9 bytes).
Loaded state '0' from /var/lib/systemd/rfkill/platform-thinkpad_acpi:bluetooth.
Reading struct rfkill_event: got 8 bytes.
A new rfkill device has been added with index 1 and type wwan.
rfkill1: Operating on rfkill device 'tpacpi_wwan_sw'.
Writing struct rfkill_event successful (8 of 9 bytes).
Loaded state '0' from /var/lib/systemd/rfkill/platform-thinkpad_acpi:wwan.
Reading struct rfkill_event: got 8 bytes.
A new rfkill device has been added with index 2 and type bluetooth.
rfkill2: Operating on rfkill device 'hci0'.
Writing struct rfkill_event successful (8 of 9 bytes).
Loaded state '0' from /var/lib/systemd/rfkill/pci-0000:00:14.0-usb-0:7:1.0:bluetooth.
Reading struct rfkill_event: got 8 bytes.
A new rfkill device has been added with index 3 and type wlan.
rfkill3: Operating on rfkill device 'phy0'.
Writing struct rfkill_event successful (8 of 9 bytes).
Loaded state '0' from /var/lib/systemd/rfkill/pci-0000:04:00.0:wlan.
All events read and idle, exiting.

We were expecting a read of exactly RFKILL_EVENT_SIZE_V1==8 bytes. But the
structure has 9 after [1].

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=14486c82612a177cb910980c70ba900827ca0894

For some reason the kernel does not accept the full structure size, but cuts
the write short after 8 bytes:

static ssize_t rfkill_fop_write(struct file *file, const char __user *buf,
				size_t count, loff_t *pos)
{
	struct rfkill_event ev;

	/* we don't need the 'hard' variable but accept it */
	if (count < RFKILL_EVENT_SIZE_V1 - 1)
		return -EINVAL;

	/*
	 * Copy as much data as we can accept into our 'ev' buffer,
	 * but tell userspace how much we've copied so it can determine
	 * our API version even in a write() call, if it cares.
	 */
	count = min(count, sizeof(ev));
	if (copy_from_user(&ev, buf, count))
		return -EFAULT;

... so it should accept the full size. I'm not sure what is going on here.

But we don't care about the extra fields, so let's accept a write as long as
it's at least RFKILL_EVENT_SIZE_V1.

Fixes #18677.
2021-02-18 11:25:04 +01:00
Zbigniew Jędrzejewski-Szmek
6c7afdeab0 rfkill: improve error logging
If we get something of unexpected size, log the sizes. Also, don't log twice.
2021-02-18 10:40:16 +01:00
Richard Laager
f542f3b2ed Remove outdated disable_ipv6 docs
This was changed in commit 482efedc08,
which was released in v243, to only enable and never disable IPv6.

Signed-off-by: Richard Laager <rlaager@wiktel.com>
2021-02-18 16:51:27 +09:00
Lennart Poettering
dc288ffeab
Merge pull request #18596 from keszybz/systemctl-quiet-legend
systemctl: hide legends with --quiet, allow overriding
2021-02-17 23:40:04 +01:00
Lennart Poettering
a63b54eda5
Merge pull request #18651 from poettering/einval-followup
two follow-up fixes for the enum einvalification
2021-02-17 23:15:50 +01:00
Susant Sahani
176321cb95 network: DHCP option- use correct byteorder 2021-02-17 23:15:26 +01:00
Lennart Poettering
07335f7f1f
Merge pull request #18656 from yuwata/network-nexthop-tiny-cleanups
network: nexthop: tiny cleanups
2021-02-17 23:14:12 +01:00
Lennart Poettering
6e825539d2 hwdb: fix indentation
a bunch of entries use 2ch instead of 1ch indentation. Fix that.
2021-02-17 23:13:45 +01:00
Lennart Poettering
2840d6f61d
Merge pull request #18662 from yuwata/in-addr-is-set
in-addr-util: introduce in_addr_is_set() or friends
2021-02-17 23:13:27 +01:00
Zbigniew Jędrzejewski-Szmek
42a033f784 sysctl: downgrade warning about excluded keys
Our own config generates logs like this:
systemd-sysctl[1280]: Not setting net/ipv4/conf/all/rp_filter (explicit setting exists).
systemd-sysctl[1280]: Not setting net/ipv4/conf/default/rp_filter (explicit setting exists).
systemd-sysctl[1280]: Not setting net/ipv4/conf/all/accept_source_route (explicit setting exists).
systemd-sysctl[1280]: Not setting net/ipv4/conf/default/accept_source_route (explicit setting exists).
systemd-sysctl[1280]: Not setting net/ipv4/conf/all/promote_secondaries (explicit setting exists).
systemd-sysctl[1280]: Not setting net/ipv4/conf/default/promote_secondaries (explicit setting exists).

There is no error and nothing really to see.
2021-02-17 23:13:01 +01:00
Luca Boccassi
93547f2812 env-util: refactor parsing helper for SYSTEMD_SYSEXT_HIERARCHIES out of sysext 2021-02-17 21:45:31 +00:00
Luca Boccassi
d335f4c583 os-util: allow missing VERSION_ID on the host
Rolling releases, like ArchLinux, do not set VERSION_ID in
their os-release files, so allow matching simply on ID if the host
does not provide anything.
2021-02-17 21:45:31 +00:00
Luca Boccassi
7eda2d7fa5 os-util: split extension_release_validate out of sysext 2021-02-17 21:45:31 +00:00
Luca Boccassi
bcf94222a5 machine: parse and store extension-release
Follow the same pattern as os-release parsing, and store the key-value
pairs in a strv if found
2021-02-17 21:45:31 +00:00
Luca Boccassi
7718ac9721 dissect: parse, store and show extension-release info 2021-02-17 21:45:31 +00:00
Luca Boccassi
593fe6c04d dissect: store image name, following usual parsing rules
The name of '/foo/bar/baz.raw' name is 'baz'
2021-02-17 21:24:23 +00:00
Luca Boccassi
42e6a77bc5 env-util: add strv_env_pairs_get helper 2021-02-17 21:24:23 +00:00
Luca Boccassi
eb590035b9 os-util: add load_extension_release_pairs helper 2021-02-17 21:24:23 +00:00
Luca Boccassi
1d0796739c os-util: add path_is_extension_tree helper 2021-02-17 21:24:23 +00:00
Lennart Poettering
b850e51320 resolved: also use TCP tweaks on LLMNR (plus unify setsockopt() code) 2021-02-17 21:12:53 +01:00
Lennart Poettering
8624f1286a resolved: enable TCP_FASTOPEN + TCP_NODELAY on stub TCP socket
Latency matters. Four our local DNS stub it's not really that important,
but let's still do it, it's basically free after all.
2021-02-17 21:12:53 +01:00
Zbigniew Jędrzejewski-Szmek
d60bd2ffb7 shell-completion: complete --legend=no for resolvectl and systemctl
I don't think it makes sense to complete --legend=yes. It is the default, and
it would be only used very rarely (and then it is easy enough to just remove
the '=no' part from the suggested string).
2021-02-17 21:09:14 +01:00
Zbigniew Jędrzejewski-Szmek
6906da2692 systemctl: hide legends with --quiet, allow overriding
--no-legend is replaced by --legend=no.

--quiet now implies --legend=no, but --legend=yes may be used to override that.
--quiet controls hints and warnings and such, and --legend controls just the
legends. I think it makes sense to allow both to controlled independently, in
particular --quiet --legend makes sense when using systemctl in a script to
provide some user-visible output.

Fixes #18560.
2021-02-17 21:09:14 +01:00
Zbigniew Jędrzejewski-Szmek
b01031e3ff journal-remote: inline one more iterator variable declaration 2021-02-17 21:09:14 +01:00
Zbigniew Jędrzejewski-Szmek
9c7f220173 journal-remote: convert to parse_boolean_argument() and fix type confusion
We were passing a reference to 'int arg_seal' to config_parse_bool(),
which expects a 'bool *'. Luckily, this would work, because 'bool'
is smaller than 'int', so config_parse_bool() would set the least-significant
byte of arg_seal. At least I think so. But let's use consistent types ;)

Also, modernize style a bit and don't use integers in boolean context.
2021-02-17 21:08:50 +01:00
Zbigniew Jędrzejewski-Szmek
c3470872c6 tree-wide: use parse_boolean_argument() for variables with non-boolean type
This still works nicely, but we need to assign the return value ourselves.
As before, one nice effect is that error messages are uniform.
2021-02-17 21:08:47 +01:00
Zbigniew Jędrzejewski-Szmek
599c7c545f tree-wide: add a helper to parse boolean optarg
This nicely covers the case when optarg is optional. The same parser can be
used when the option string passed to getopt_long() requires a parameter and
when it doesn't.

The error messages are made consistent.
Also fixes a log error c&p in --crash-reboot message.
2021-02-17 21:06:31 +01:00
Yu Watanabe
ccbd74f602 network: NHA_ID should be always set 2021-02-18 03:56:26 +09:00
Yu Watanabe
c004cd2bbe network: constify arguments 2021-02-18 03:54:50 +09:00
Yu Watanabe
56223d926d network: introduce log_nexthop_debug() 2021-02-18 03:54:50 +09:00
Lennart Poettering
6283e71ba8
Merge pull request #18640 from poettering/resolved-dnssec-retry-harder
resolved: two dnssec retry/downgrade tweaks
2021-02-17 19:50:58 +01:00
Yu Watanabe
c633628daf tree-wide: constify variables if possible 2021-02-18 03:48:07 +09:00
Yu Watanabe
94af46fc66 network: use temporary buffer for safety 2021-02-18 03:48:07 +09:00
Yu Watanabe
5380707aba network: use in_addr_prefix_to_string() 2021-02-18 03:48:07 +09:00
Yu Watanabe
b1dea5cffa resolve: use sockaddr_in_addr() 2021-02-18 03:48:07 +09:00
Yu Watanabe
bb3b08ad98 resolve: make manager_find_ifindex() or friends return earlier 2021-02-18 03:48:07 +09:00
Yu Watanabe
94876904bb tree-wide: use in_addr_is_set() or friends 2021-02-18 03:48:07 +09:00
Yu Watanabe
275468c033 network: assign values after all checks are passed 2021-02-18 03:48:07 +09:00
Yu Watanabe
fa55043450 in-addr-util: introduce in6_addr_equal() 2021-02-18 03:48:06 +09:00
Yu Watanabe
1235befadd in-addr-util: introduce in6_addr_is_link_local() 2021-02-18 03:48:06 +09:00
Yu Watanabe
7653dcc328 in-addr-util: introduce in_addr_is_set() or friends 2021-02-18 03:48:06 +09:00
Yu Watanabe
0c0585ca25 network: enumerate nexthops before routes
Preparation for the later commits.
Routes may have RTA_NH_ID attribute. To resolve the nexthop ID, all
nexthops must be enumerated earlier.
2021-02-17 19:40:02 +01:00
Yu Watanabe
055e4909de network: nexthop: first create nexthops with ID
Otherwise, an ID-less nexthop may conflict with a later nexthop with ID.
2021-02-17 19:39:37 +01:00
Lennart Poettering
ba5b6c5925 portable: make PortableChangeType enum anonymous
Same reasons as previous commit.
2021-02-17 19:29:24 +01:00
Lennart Poettering
93419a9601 install: make UnitFileChangeType enum anonymous
We almost never use the named enum type, in almost all cases we use
"int" instead, since we overload it with negative errnos. To simplify
things, let's use "int" really everywhere.

Moreover, let's rename the fields for this enum to "type_or_errno", to
make the overloading clear. And let's ad some assertions that things are
in the right range.
2021-02-17 19:29:24 +01:00
Lennart Poettering
e30a62bfe6 resolved: see if it's worth retrying a lookup on "failed-auxiliary" DNSSEC error
Maybe we learnt something about the server feature set, let's hence
retry.

Fixes: #11102
2021-02-17 19:25:13 +01:00
Lennart Poettering
d96275d8eb resolved: in DNSSEC permissive mode, check if DO bit wasn't copied from request to response
If the server doesn't copy the DO bit from request to response, this is
a very early and easy indication that it doesn#t support DNSSEC
properly. Hence, let's immediately downgrade to non-DNSSEC mode if we
see this – if permissive mode is on and this is allowed.
2021-02-17 19:25:13 +01:00
Luca Boccassi
0761da386a test: avoid leaking open loop devices
When a subshell is used ('make' or 'make all') the LOOPDEV environment
variable, which is used to store the opened loop device, is lost.
So the cleanup on trap/exit doesn't do anything, and the loop
device used to mount the test image is left around.

Avoid using a subshell to fix the issue.
2021-02-17 18:55:05 +01:00
Lennart Poettering
50fc7d7036
Merge pull request #18653 from yuwata/in-addr-prefix-nth
in-addr-util: fix in_addr_prefix_nth() and use the function to get ip address range in firewall-util
2021-02-17 18:52:24 +01:00
Lennart Poettering
1ed4e584f3 resolved: address DVE-2018-0001
This is an updated version of #8608 with more restrictive logic. To
quite the original bug:

    Some captive portals, lie and do not respond with the captive portal
    IP address, if the query is with EDNS0 enabled and D0 bit set to
    zero. Thus retry "secure" domain name look ups with less secure
    methods, upon NXDOMAIN.

https://github.com/dns-violations/dns-violations/blob/master/2018/DVE-2018-0001.md

Yes, this fix sucks hard, but I guess this is what we need to do to make
sure resolved works IRL.

Heavily based on the original patch from Dimitri John Ledkov, and I
copied the commentary verbatim.

Replaces: #8608
2021-02-17 18:06:13 +01:00