1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00
Commit Graph

610 Commits

Author SHA1 Message Date
Luca Boccassi
b0d3095fd6 Drop split-usr and unmerged-usr support
As previously announced, execute order 66:

https://lists.freedesktop.org/archives/systemd-devel/2022-September/048352.html

The meson options split-usr, rootlibdir and rootprefix become no-ops
that print a warning if they are set to anything other than the
default values. We can remove them in a future release.
2023-07-28 19:34:03 +01:00
Yu Watanabe
16e1e4b3e7 meson: drop doubled empty line 2023-06-27 22:34:25 -06:00
Daan De Meyer
9c0c670125 core: Add RootEphemeral= setting
This setting allows services to run in an ephemeral copy of the root
directory or root image. To make sure the ephemeral copies are always
cleaned up, we add a tmpfiles snippet to unconditionally clean up
/var/lib/systemd/ephemeral. To prevent in use ephemeral copies from
being cleaned up by tmpfiles, we use the newly added COPY_LOCK_BSD
and BTRFS_SNAPSHOT_LOCK_BSD flags to take a BSD lock on the ephemeral
copies which instruct tmpfiles to not touch those ephemeral copies as
long as the BSD lock is held.
2023-06-21 12:48:46 +02:00
Jan Janssen
739a62bb40 meson: Use fs module in more places 2023-06-14 16:05:52 +02:00
Frantisek Sumsal
909eb4c01d json: correctly handle magic strings when parsing variant strv
We can't dereference the variant object directly, as it might be
a magic object (which has an address on a faulting page); use
json_variant_is_sensitive() instead that handles this case.

For example, with an empty array:

==1547789==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000023 (pc 0x7fd616ca9a18 bp 0x7ffcba1dc7c0 sp 0x7ffcba1dc6d0 T0)
==1547789==The signal is caused by a READ memory access.
==1547789==Hint: address points to the zero page.
SCARINESS: 10 (null-deref)
    #0 0x7fd616ca9a18 in json_variant_strv ../src/shared/json.c:2190
    #1 0x408332 in oci_args ../src/nspawn/nspawn-oci.c:173
    #2 0x7fd616cc09ce in json_dispatch ../src/shared/json.c:4400
    #3 0x40addf in oci_process ../src/nspawn/nspawn-oci.c:428
    #4 0x7fd616cc09ce in json_dispatch ../src/shared/json.c:4400
    #5 0x41fef5 in oci_load ../src/nspawn/nspawn-oci.c:2187
    #6 0x4061e4 in LLVMFuzzerTestOneInput ../src/nspawn/fuzz-nspawn-oci.c:23
    #7 0x40691c in main ../src/fuzz/fuzz-main.c:50
    #8 0x7fd61564a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
    #9 0x7fd61564a5c8 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x275c8)
    #10 0x405da4 in _start (/home/fsumsal/repos/@systemd/systemd/build-san/fuzz-nspawn-oci+0x405da4)

DEDUP_TOKEN: json_variant_strv--oci_args--json_dispatch
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ../src/shared/json.c:2190 in json_variant_strv
==1547789==ABORTING

Or with an empty string in an array:

../src/shared/json.c:2202:39: runtime error: member access within misaligned address 0x000000000007 for type 'struct JsonVariant', which requires 8 byte alignment
0x000000000007: note: pointer points here
<memory cannot be printed>
    #0 0x7f35f4ca9bcf in json_variant_strv ../src/shared/json.c:2202
    #1 0x408332 in oci_args ../src/nspawn/nspawn-oci.c:173
    #2 0x7f35f4cc09ce in json_dispatch ../src/shared/json.c:4400
    #3 0x40addf in oci_process ../src/nspawn/nspawn-oci.c:428
    #4 0x7f35f4cc09ce in json_dispatch ../src/shared/json.c:4400
    #5 0x41fef5 in oci_load ../src/nspawn/nspawn-oci.c:2187
    #6 0x4061e4 in LLVMFuzzerTestOneInput ../src/nspawn/fuzz-nspawn-oci.c:23
    #7 0x40691c in main ../src/fuzz/fuzz-main.c:50
    #8 0x7f35f364a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
    #9 0x7f35f364a5c8 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x275c8)
    #10 0x405da4 in _start (/home/fsumsal/repos/@systemd/systemd/build-san/fuzz-nspawn-oci+0x405da4)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../src/shared/json.c:2202:39 in

Note: this happens only if json_variant_copy() in json_variant_set_source() fails.

Found by Nallocfuzz.
2023-05-23 20:18:21 +02:00
Zbigniew Jędrzejewski-Szmek
e2e736cbbd fuzz: rename long samples
With those long filenames, output doesn't fit on the terminal.
2023-05-18 15:23:27 +02:00
Frantisek Sumsal
a5a4d5a18e
Merge pull request #27651 from mrc0mmand/more-nspawn-tests
nspawn: OCI related fixes & tests
2023-05-16 17:26:25 +02:00
Mike Yuan
0313c41068
Merge pull request #27638 from YHNdnzj/upheldby-unit-file
unit-file: support UpheldBy= in [Install] settings (adding Upholds= deps from .upholds/)
2023-05-16 21:53:24 +08:00
Frantisek Sumsal
f00519b5b3 fuzz: update the base JSON for fuzz-nspawn-oci 2023-05-16 11:27:10 +02:00
Mike Yuan
b5b1351317
test: add tests for UpheldBy= in [Install] section 2023-05-15 15:04:38 +08:00
Frantisek Sumsal
1c8bf49b67 test: update nspawn's basic config file used for fuzzing 2023-05-15 09:00:17 +02:00
Frantisek Sumsal
e8dba80626 core: fix memory leak during deserialization
when activation-details-unit-name is encountered multiple times.

Resolves: #27623
2023-05-13 00:42:25 +09:00
Frantisek Sumsal
380a36582d test: add a test case for #27521
Which got resolved by e652663a04.
2023-05-05 22:15:23 +02:00
Frantisek Sumsal
24e91e08f8 core: check the unit type more thoroughly when deserializing
Resolves: #27523
2023-05-05 22:15:23 +02:00
Frantisek Sumsal
cc938f1ce0 shared: refuse fd == INT_MAX
Since we do `FD_TO_PTR(fd)` that expands to `INT_TO_PTR(fd) + 1` which
triggers an integer overflow.

Resolves: #27522
2023-05-05 22:15:23 +02:00
Frantisek Sumsal
740831076c shared: reject empty attachment path 2023-05-03 10:09:53 +02:00
Frantisek Sumsal
1febf60f9d shared: ignore invalid valink socket fd when deserializing 2023-05-03 10:09:53 +02:00
Frantisek Sumsal
45b1017488 core: fix NULL pointer dereference during deserialization 2023-05-03 10:09:53 +02:00
Frantisek Sumsal
24e6759cbc test: add a simple fuzzer for manager serialization 2023-05-03 10:09:53 +02:00
Yu Watanabe
6fdc9fbc0f udev/scsi_id: rename positional arguments 2023-04-11 06:07:03 +09:00
Yu Watanabe
d77d42ed3a systemctl: refuse to acquire dbus connection with --global
Maybe, better to check the runtime scope each verb for better log
message, but this is a good start point to not trigger assertion.

Fixes oss-fuzz#56915 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56915).

Fixes #26402 and #26754.
2023-03-13 12:27:34 +01:00
Yu Watanabe
054749e413 core: add missing MemoryPressureWatch= and MemoryPressureThresholdSec= setting
Follow-up for #26393.

Addresses https://github.com/systemd/systemd/pull/26393#issuecomment-1458655798.
2023-03-09 23:43:04 +09:00
Michal Koutný
edd84b8e4b meson: Copy files with git only in true git repository
When mkosi is run from git-worktree(1), the .git is not a repository
directory but a textfile pointing to the real git dir
(e.g. /home/user/systemd/.git/worktrees/systemd-worktree). This git dir
is not bind mounted into build environment and it fails with:

> fatal: not a git repository: /home/user/systemd/.git/worktrees/systemd-worktree
> test/meson.build:190:16: ERROR: Command `/usr/bin/env -u GIT_WORK_TREE /usr/bin/git --git-dir=/root/src/.git ls-files ':/test/dmidecode-dumps/*.bin'` failed with status 128.

There is already a fallback to use shell globbing instead of ls-files,
use it with git worktrees as well.
2023-03-02 15:04:40 +00:00
Quentin Deslandes
523ea1237a journal: log filtering options support in PID1
Define new unit parameter (LogFilterPatterns) to filter logs processed by
journald.

This option is used to store a regular expression which is carried from
PID1 to systemd-journald through a cgroup xattrs:
`user.journald_log_filter_patterns`.
2022-12-15 09:57:39 +00:00
Yu Watanabe
16a6bc5a7a resolve: dedup entries in /etc/hosts
This improves the performance of parsing the file and reduces memory pressure.

Running 'fuzz-etc-hosts timeout-strv' with valgrind,

Before:
total heap usage: 321,020 allocs, 321,020 frees, 15,820,387,193 bytes allocated
real    0m23.531s
user    0m21.458s
sys     0m1.961s

After:
total heap usage: 112,408 allocs, 112,408 frees, 7,297,480 bytes allocated
real    0m8.664s
user    0m8.545s
sys     0m0.065s

Hopefully fixes oss-fuzz#47708 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47708).
2022-12-13 20:37:48 +09:00
Yu Watanabe
029a7f5a0e fuzz: shorten filename of testcase
Follow-up for 46dc071985 and
76519cecc7.
2022-12-09 05:01:04 +09:00
Yu Watanabe
b9152f2d63 resolve: optimize conversion of TXT fields to json
Fixes oss-fuzz#54080 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54080).

Fixes #25654.
2022-12-09 04:59:49 +09:00
Yu Watanabe
7d34567444 hexdecoct: fix NULL pointer dereferences in hexmem()
Fixes oss-fuzz#54090 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54090).

Fixes #25655.
2022-12-09 04:55:47 +09:00
Yu Watanabe
45655e776f hexdecoct: add missing NULL check
Fixes oss-fuzz#54065 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54065).

Fixes #25650.
2022-12-09 04:54:43 +09:00
Yu Watanabe
76519cecc7 escape: fix wrong octescape of bad character
Fixes a bug introduced by 95052df376.

This also makes octescape() support NULL or zero length string.

Fixes [oss-fuzz#54059](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54059).

Fixes #25643.
2022-12-06 12:18:10 +09:00
Zbigniew Jędrzejewski-Szmek
cda7c31065
Merge pull request #25537 from evverx/fuzz-resource-records
tests: fuzz dns resource records
2022-12-05 13:41:38 +01:00
Yu Watanabe
46dc071985 bootspec: fix null-dereference-read
Fixes [oss-fuzz#53578](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53578).
Fixes #25450.
2022-12-02 14:23:45 +01:00
Evgeny Vereshchagin
49f936cd0a tests: add a file triggering "applying zero offset to null pointer"
```
../src/basic/hexdecoct.c:66:44: runtime error: applying zero offset to null pointer
    #0 0x7f6022650c44 in hexmem /home/vagrant/systemd/build-fuzzers/../src/basic/hexdecoct.c:66:44
    #1 0x577583 in dns_resource_record_to_string /home/vagrant/systemd/build-fuzzers/../src/resolve/resolved-dns-rr.c:1140:21
    #2 0x563669 in LLVMFuzzerTestOneInput /home/vagrant/systemd/build-fuzzers/../src/resolve/fuzz-resource-record.c:25:39
    #3 0x44d2a1 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/vagrant/systemd/out/fuzz-resource-record+0x44d2a1) (BuildId: 88135c111396e9441a475302ccabd2f9a58c7e89)
    #4 0x42d32f in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/vagrant/systemd/out/fuzz-resource-record+0x42d32f) (BuildId: 88135c111396e9441a475302ccabd2f9a58c7e89)
    #5 0x434920 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/vagrant/systemd/out/fuzz-resource-record+0x434920) (BuildId: 88135c111396e9441a475302ccabd2f9a58c7e89)
    #6 0x424006 in main (/home/vagrant/systemd/out/fuzz-resource-record+0x424006) (BuildId: 88135c111396e9441a475302ccabd2f9a58c7e89)
    #7 0x7f602142950f in __libc_start_call_main (/lib64/libc.so.6+0x2950f) (BuildId: 85c438f4ff93e21675ff174371c9c583dca00b2c)
    #8 0x7f60214295c8 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x295c8) (BuildId: 85c438f4ff93e21675ff174371c9c583dca00b2c)
    #9 0x424044 in _start (/home/vagrant/systemd/out/fuzz-resource-record+0x424044) (BuildId: 88135c111396e9441a475302ccabd2f9a58c7e89)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../src/basic/hexdecoct.c:66:44 in
```
2022-11-26 11:57:22 +00:00
Evgeny Vereshchagin
b6e8a4f2b6 tests: add a file triggering crash in type_bitmap_to_json
It's a follow-up to https://github.com/systemd/systemd/pull/25518
2022-11-25 19:32:04 +00:00
Pasha Vorobyev
d7fe0a6723 MemoryZSwapMax directive to configure new memory.zswap.max cgroup file 2022-11-15 21:15:37 +01:00
Michal Koutný
7e343b530e meson: Generate fuzzer inputs with directives
The lists of directives for fuzzer tests are maintained manually in the
repo. There is a tools/check-directives.sh script that runs during test
phase and reports stale directive lists.
Let's rework the script into a generator so that these directive files
are created on-the-flight and needn't be updated whenever a unit file
directives change. The scripts is rewritten in Python to get rid of gawk
dependency and each generated file is a separate meson target so that
incremental builds refresh what is just necessary (and parallelize
(negligible)).

Note: test/fuzz/fuzz-unit-file/directives-all.slice is kept since there
is not automated way to generate it (it is not covered by the check
script neither).
2022-10-20 14:43:50 +02:00
Michal Koutný
7db5761dda meson: Store fuzz tests in structured way
Put fuzzer tests into dictionary that maps `fuzzer->list of inputs`
instead of the flat list.
This is just refactoring with no intentional .
2022-10-11 09:48:05 +02:00
Zbigniew Jędrzejewski-Szmek
b75bc18887 fuzz: shorten name of fuzz test case
Wide fuzzer case names make meson test output very wide…
2022-10-08 03:24:01 +09:00
Yu Watanabe
69a34a4fd4 fuzz: add a test case for fuzz-bootspec
This adds a testcase for the issue oss-fuzz#50949
(https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50949).
2022-09-03 23:32:54 +09:00
Topi Miettinen
4b3590c324 network: NetLabel integration
New directive `NetLabel=` provides a method for integrating static and dynamic
network configuration into Linux NetLabel subsystem rules, used by Linux
Security Modules (LSMs) for network access control. The label, with suitable
LSM rules, can be used to control connectivity of (for example) a service with
peers in the local network. At least with SELinux, only the ingress can be
controlled but not egress. The benefit of using this setting is that it may be
possible to apply interface independent part of NetLabel configuration at very
early stage of system boot sequence, at the time when the network interfaces
are not available yet, with netlabelctl(8), and the per-interface configuration
with systemd-networkd once the interfaces appear later.  Currently this feature
is only implemented for SELinux.

The option expects a single NetLabel label. The label must conform to lexical
restrictions of LSM labels. When an interface is configured with IP addresses,
the addresses and subnetwork masks will be appended to the NetLabel Fallback
Peer Labeling rules. They will be removed when the interface is
deconfigured. Failures to manage the labels will be ignored.

Example:
```
[DHCPv4]
NetLabel=system_u:object_r:localnet_peer_t:s0
```

With the above rules for interface `eth0`, when the interface is configured with
an IPv4 address of 10.0.0.123/8, `systemd-networkd` performs the equivalent of
`netlabelctl` operation

```
$ sudo netlabelctl unlbl add interface eth0 address:10.0.0.0/8 label:system_u:object_r:localnet_peer_t:s0
```

Result:
```
$ sudo netlabelctl -p unlbl list
...
 interface: eth0
   address: 10.0.0.0/8
    label: "system_u:object_r:localnet_peer_t:s0"
...
```
2022-08-29 14:23:17 +09:00
Yu Watanabe
dc7c21f001 network: introduce TCPCongestionControlAlgorithm=
Closes #24432.
2022-08-26 19:47:23 +09:00
Zbigniew Jędrzejewski-Szmek
4ccde410a3 tree-wide: change --kill-who to --kill-whom
getopt allows non-ambiguous abbreviations, so backwards-compat is maintained, and
people can use --kill-who (or even shorter abbreviations). English is flexible,
so in common speach people would use both forms, even if "whom" is technically
more correct. The advantage of using the longer form in the code is that we
effectively allow both forms, so we stop punishing people who DTGCT¹, but still
allow people to use the spoken form if they prefer.

1. Do the gramatically correct thing
2022-08-26 11:15:44 +09:00
Michal Sekletar
466266c172 rules: import previous SYSTEMD_READY state for suspended DM devices and skip other rules
We can't get any FS meta-data from a suspended device. Hence defer
making any plugged/unplugged decisions, i.e. we just import whatever was
previous state and skip processing all other rules.

Thanks Lennart Poettering <lennart@poettering.net> for suggesting this
solution.
2022-08-19 20:13:47 +01:00
Yu Watanabe
f8b7c17764 network/tuntap: introduce KeepCarrier= setting
Closes #24267.
2022-08-16 21:57:31 +09:00
Lennart Poettering
351f7d5143 fuzz: add ConditionCredential= to fuzz files, and sort their sections 2022-07-15 10:53:45 +02:00
Andre Kalb
34b63c9e45 network: Add support to select an IPv4 link-local start address 2022-07-13 23:57:18 +02:00
Yu Watanabe
917c6bb4b3
Merge pull request #23916 from keszybz/assorted-patches
Assorted patches
2022-07-06 14:15:50 +09:00
Zbigniew Jędrzejewski-Szmek
cec3e9a774 fuzz: rename samples to avoid long test names 2022-07-05 21:49:12 +02:00
nl6720
0e68582323 tree-wide: link to docs.kernel.org for kernel documentation
https://www.kernel.org/ links to https://docs.kernel.org/ for the documentation.
See https://git.kernel.org/pub/scm/docs/kernel/website.git/commit/?id=ebc1c372850f249dd143c6d942e66c88ec610520

These URLs are shorter and nicer looking.
2022-07-04 19:56:53 +02:00
Yu Watanabe
a32badc5a6 Revert "networkd: NetLabel integration"
This reverts PR #23269 and its follow-up commit. Especially,
2299b1cae3 (partially), and
3cf63830ac.

The PR was merged without final approval, and has several issues:
- The NetLabel for static addresses are not assigned, as labels are
  stored in the Address objects managed by Network, instead of Link.
- If NetLabel is specified for a static address, then the address
  section will be invalid and the address will not be configured,
- It should be implemented with Request object,
- There is no test about the feature.
2022-06-22 22:34:26 +09:00