1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

127 Commits

Author SHA1 Message Date
Lennart Poettering
4e1f0037b8 units: add a tpm2.target synchronization point and small generator that pulls in
Distributions apparently only compile a subset of TPM2 drivers into the
kernel. For those not compiled it but provided as kmod we need a
synchronization point: we must wait before the first TPM2 interaction
until the driver is available and accessible.

This adds a tpm2.target unit as such a synchronization point. It's
ordered after /dev/tpmrm0, and is pulled in by a generator whenever we
detect that the kernel reported a TPM2 to exist but we have no device
for it yet.

This should solve the issue, but might create problems: if there are TPM
devices supported by firmware that we don't have Linux drivers for we'll
hang for a bit. Hence let's add a kernel cmdline switch to disable (or
alternatively force) this logic.

Fixes: #30164
2024-01-03 13:49:02 +01:00
djantti
43ee987a1f udev: add hwdb execution for hidraw subsystem devices
Hwdb call for hidraw subsystem is missing and AV controller devices defined in hwdb.d/70-av-production.hwdb never get the proper permissions for /dev/hidraw*. This patch implements hwdb execution also for hidraw devices.
2023-12-25 02:16:44 +09:00
Franck Bui
3553fddb1e rules: set up tty permissions and group for /dev/hvc* nodes
Before b4bf9007cb, the permissions and group of the hypervisor consoles were
set by agetty(8).
2023-12-20 21:01:05 +09:00
Lukas Nykryn
3b2e7dc5a2 udev: allow/denylist for reading sysfs attributes when composing a NIC name
Users can currently pick specific versions of NIC naming, but that
does not guarantee that NIC names won't change after the kernel adds
a new sysfs attribute.

This patch allows for an allow/deny list of sysfs attributes
that could be used when composing the name.

These lists can be supplied as an hwdb entry in the form of
/etc/udev/hwdb.d/50-net-naming-allowlist.hwdb
net:naming:drvirtio_net
  ID_NET_NAME_ALLOW=0
  ID_NET_NAME_ALLOW_ACPI_INDEX=1
  ID_NET_NAME_ALLOW_ADDR_ASSIGN_TYPE=1
  ID_NET_NAME_ALLOW_ADDRESS=1
  ID_NET_NAME_ALLOW_ARI_ENABLED=1
  ID_NET_NAME_ALLOW_DEV_PORT=1
  ID_NET_NAME_ALLOW_FUNCTION_ID=1
  ID_NET_NAME_ALLOW_IFLINK=1
  ID_NET_NAME_ALLOW_INDEX=1
  ID_NET_NAME_ALLOW_LABEL=1
  ID_NET_NAME_ALLOW_PHYS_PORT_NAME=1
  ID_NET_NAME_ALLOW_TYPE=1
2023-12-19 19:15:52 +09:00
Roland Hieber
3af66c089b udev: generate system-unique storage symlinks using device path
When the same disk image is written to multiple storage units, for
example an external SD card and an internal eMMC, the symlinks in
/dev/disk/by-{label,uuid,partlabel,partuuid}/ are no longer unique, and
will point to the device that is probed last.

Adressing partitions via labels and UUIDs is nice to work with, and
depending on the use case, it might also be more robust than using the
symlinks in /dev/disk/by-path/ containing the partition number. Combine
the two approaches to create unique symlinks containing both the device
path as well as the respective UUIDs or labels, and throw in a symlink
using the devpath and the partition number for the sake of completeness.

For an exemplary GPT-partitioned disk at "platform-2198000.mmc" with a
partition containing an ext4 file system, this might create symlinks of
the following form:

  /dev/disk/by-path/platform-2198000.mmc-part/by-partnum/1
  /dev/disk/by-path/platform-2198000.mmc-part/by-partuuid/e5a75233-3b90-4aec-8075-b4dd7132b48d
  /dev/disk/by-path/platform-2198000.mmc-part/by-partlabel/rootfs
  /dev/disk/by-path/platform-2198000.mmc-part/by-uuid/b2c92f24-8215-4680-b931-f423aae5f1c9
  /dev/disk/by-path/platform-2198000.mmc-part/by-label/rootfs

Signed-off-by: Roland Hieber <rhi@pengutronix.de>
2023-12-06 22:22:08 +01:00
janana
c1a2ada897 rules: go to the end of rules indeed when dm is suspended
The previous patch 466266c does not make sense indeed, that is to say, if the SYSTEMD_READY is not recorded in the database, the GOTO="systemd_end" will not be applied.

The IMPORT{db} is actually a matching token, it returns false when there is no SYSTEMD_READY recorded in the database.

The previous patch 466266c tended to inherit the state of SYSTEMD_READY from the database and skip to the end of current rule file. But when the database does not contain SYSTEMD_READY, e.g., the dm-* is not set db_persistent during initrd and the database will be cleared after switching root, the following rules will still be applied not as expected.
2023-11-29 09:57:55 +01:00
Lennart Poettering
50f4469ed7 rules: don't condition usb-gadget.target target on 'add' action
The dependency should exist continously, like all our similar deps do.
Hence drop the "add" conditionalization.
2023-11-25 12:52:23 +09:00
Lukas Nykryn
2b5b25f123 udev: add new builtin net_driver
Currently the ID_NET_DRIVER is set in net_setup_link builtin.
But this is called pretty late in the udev processing chain.

Right now in some custom rules it was workarounded by calling ethtool
binary directly, which is ugly.

So let's split this code to a separate builtin.
2023-11-01 16:00:19 +00:00
Yu Watanabe
4ef83d9c88 udev: revert workarounds for issues caused by the devlink creation optimization
This reverts the following two commits:
- "udev: decrease devlink priority for encrypted partitions"
  c4521fc17b.
- "udev: decrease devlink priority for iso disks"
  df1dccd255.

These commits are workarounds for issues caused by
331aa7aa15.
With the previous commit, these workarounds are not necessary anymore,
as partitions are always processed later than their whole disk, and
a decrypted volume is also processed later than its backing volume.
2023-11-01 19:47:00 +09:00
Lennart Poettering
ec541c569b hwdb,rules: mark host-to-host network devices as only requiring link local addressing
This is a generalization of this logic:

https://github.com/NetworkManager/NetworkManager/blob/main/data/90-nm-thunderbolt.rules

It applies not just to thunderbolt, but to any kind of device, even
matched by vendor/product, via hwdb.

I added two entries for Prolific PC-to-PC devices (of which I have one
lying around).
2023-10-30 18:57:41 +01:00
Matthias Schiffer
84ff5894db rules: add mtd/by-name symlinks
Add persistent symlinks for MTD devices like SPI-NOR flash, based on the
partition names specified on the cmdline, in a Device Tree, or by other
MTD partitioning parser drivers. Using the persistent name can be
preferable to using the numbered /dev/mtdX device, as the latter can
change depending on probe order or when partitioning has changed.
2023-10-17 11:43:30 +02:00
Chris Patterson
23cbe90d7d 99-systemd.rules.in: tag PTP devices with systemd
Chronyd and similar time services, when using PTP devices, may need
the BindsTo/After directives to ensure the devices are available
before starting.  Tag PTP devices with systemd to allow for wider
adoption.

Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
2023-08-28 10:42:27 +01:00
Yu Watanabe
7a05926fbe udev: re-introduce symlinks for loopback block device
But the directories are changed from /dev/loop/by-ref/ -> /dev/disk/by-loop-ref/
and /dev/loop/by-inode/ -> /dev/disk/by-loop-inode/.
As /dev/loop/ is used by losetup command for other purpose.
See issue #28475.

This effectively reverts commits 9915cc6086,
5022fab15f, and
c0d998248e.
2023-08-10 07:05:47 +09:00
Yu Watanabe
074d90926f udev: set ID_NAME and ID_SERIAL to MMC/memstick devices again
Fixes a bug introduced by 998db5871f.

Fixes #28671.
2023-08-08 12:05:30 +01:00
Yu Watanabe
12b4cffdae meson: introduce HAVE_DMI flag
The condition is used at several places. Let's introduce a simple flag
for that.
2023-08-03 20:37:16 +09:00
Yu Watanabe
c4521fc17b udev: decrease devlink priority for encrypted partitions
Decrease devlink priority for encrypted partitions, and make the priority for
decrypted DM devices relatively higher. This is for the case that an encrypted
partition and its decrypted DM device have the same label.
2023-08-02 22:03:14 +01:00
Luca Boccassi
b0d3095fd6 Drop split-usr and unmerged-usr support
As previously announced, execute order 66:

https://lists.freedesktop.org/archives/systemd-devel/2022-September/048352.html

The meson options split-usr, rootlibdir and rootprefix become no-ops
that print a warning if they are set to anything other than the
default values. We can remove them in a future release.
2023-07-28 19:34:03 +01:00
Yu Watanabe
6636b2b6bf udev: set ID_PATH properties for all pci, usb, and platform devices
Before c43ff248f9, the following line in
60-drm.rules also sets ID_PATH for all pci, usb, and platform devices:
===
ACTION!="remove", SUBSYSTEM=="drm", SUBSYSTEMS=="pci|usb|platform", IMPORT{builtin}="path_id"
===
Unfortunately, some existing rules rely on the unexpected behavior.
To keep the backward compatibility, let's set ID_PATH for them.

Fixes #28411.
2023-07-25 17:56:59 +01:00
Yu Watanabe
df1dccd255 udev: decrease devlink priority for iso disks
Previously, if the priority is same, devlinks are always replaced by
newer events. The commit 331aa7aa15 changes
that to keep the existing devlink. That should not change any behavior
when the devices that request the same symlink do not have any
dependency, e.g. when /dev/sda1 and /dev/adb1 request the same
/dev/disk/by-label symlink, as there are no guarantee that which device
is processed first.

However, when devices has dependency, e.g. /dev/sda and /dev/sda1
request the same /dev/disk/by-label symlink, previously the symlink
always pointed to the partition, as the partition is always processed
later. But, 331aa7aa15 makes the symlink
point to the whole disk.

The change by 331aa7aa15 is crucial to
improve performance of devlink handling, especially when a system has
large number of disks with same label or so. Hence, cannot and should
not be reverted.

So, let's workaround the case, as such situation should happen only when
the disk is a hybrind ISO image, I guess.

Fixes #28468.
2023-07-21 11:42:34 +01:00
Luca Boccassi
9915cc6086 Revert "udev: add /dev/loop/ symlinks"
Turns out this causes a regression and breaks losetup. It will need to
be reworked in conjunction with util-linux changes.

Fixes https://github.com/systemd/systemd/issues/28475

This reverts commit 5ac52d1f7b.
2023-07-20 22:28:23 +01:00
Lennart Poettering
c65c2f0aa6 rules: drop weird spaces 2023-06-20 15:04:31 +02:00
Lennart Poettering
dafd65b150 rules: split out DMI related rules from udev-default.rules
The DMI rules where so far guarded by an ACTION=="add" rule, but that
doesn't really make sense for setting properties (only for setting
access modes/ownership of nodes).

Hence let's move this into its own file, that guards properly on
ACTION!="remove".

Before this change the hardware vendor/model info would be dropped
whenever the device was retriggered.
2023-06-20 14:44:36 +02:00
Simon Braunschmidt
99d3dd2ba7 99-systemd.rules.in: guard systemd-backlight udev rules by ENABLE_BACKLIGHT
Linux kernel will, as documented in drivers/video/backlight/backlight.c,
report changes to a backlights brightness as a uevent (ACTION=change).

systemd-udev will consume the uevent, match on this rule and try to
activate the systemd-backlight service for the backlight. BUT when
systemd is not compiled with backlight support, this will lead to
failure that is reported in the journal.

Since the failure to activate systemd-backlight and subsequent failure
log entry happens on every backlight brightness change, we found the
resulting logspam during regular operation excessive and came up with
this patch to mitigate it.

The conditional is also extended to "*kbd_backlight" match, since
even though we did not investigate to see if the logspam would be
similar, the unconditional match to activate systemd-backlight here
would also not make sense when the feature is not compiled in.

Signed-off-by: Simon Braunschmidt <simon.braunschmidt@iba-group.com>
2023-06-05 17:59:04 +01:00
Yu Watanabe
998db5871f udev: introduce .PART_SUFFIX internal property
To make unify rules for disk and partition.
2023-05-26 16:38:09 +02:00
Stanislaw Gruszka
3d1e78e362 rules: add rule for accel devices
Accel (Compute Acceleration) are new devices for AI/ML computation:
https://docs.kernel.org/accel/introduction.html

They are part of DRM subsystem. Add them to 'render' group since
no other appropriate group in standard linux systems exist. This
can be changed when proper common user-space components will emerge,
and new group for acceleration devices access will be established.

Signed-off-by: Stanislaw Gruszka <stanislaw.gruszka@linux.intel.com>
2023-05-26 04:17:22 +09:00
Zbigniew Jędrzejewski-Szmek
21392bcb1c
Merge pull request #27483 from yuwata/udev-id-path-usb-revision
udev: include USB revision in ID_PATH
2023-05-25 10:24:45 +02:00
Yu Watanabe
873be895ed udev: add USB revision in ID_PATH
xHCI host controller may register two (or more?) USB root hubs for USB
2.0 and USB 3.0, and devices under the hubs may have same ID_PATH.
So, to avoid the conflict, let's introduce ID_PATH_WITH_USB_REVISION
that includes the USB revision.

Closes #19406.
2023-05-20 14:27:10 +09:00
Yu Watanabe
874c408935 udev: check existence of property before use 2023-05-20 14:26:05 +09:00
Zbigniew Jędrzejewski-Szmek
f78d6ff2ab rules: start systemd-vconsole-setup via unit
We started systemd-vconsole-setup in two ways: via a dbus call from localed to
do systemd-vconsole-setup.service/restart, and from udev, calling the binary
directly. This patch makes udev call
  systemctl restart systemd-vconsole-setup.service
effectively implementing the same method as localed.

Ordering is implemented at the unit level, so we can use --no-block to not
block here.
2023-05-19 17:46:47 +02:00
Yu Watanabe
fc73d97182 udev/iocost: invert DEVTYPE match
No functional change, just refactoring.
Addresses https://github.com/systemd/systemd/pull/23325#discussion_r1171006967.
2023-04-26 14:50:25 +09:00
Yu Watanabe
c413ae18b5 udev/iocost: use ID_MODEL_FROM_DATABASE if exists
To make the rule consistent with 'iocost query'.
2023-04-26 14:50:25 +09:00
Luca Boccassi
21453b8b4b
Merge pull request #27349 from mrc0mmand/codespell
tree-wide: code spelling fixes
2023-04-20 22:02:17 +01:00
Frantisek Sumsal
94d82b5980 tree-wide: code spelling fixes
As reported by Fossies.
2023-04-20 21:54:59 +02:00
Gustavo Noronha Silva
6b8e90545e Apply known iocost solutions to block devices
Meta's resource control demo project[0] includes a benchmark tool that can
be used to calculate the best iocost solutions for a given SSD.

  [0]: https://github.com/facebookexperimental/resctl-demo

A project[1] has now been started to create a publicly available database
of results that can be used to apply them automatically.

  [1]: https://github.com/iocost-benchmark/iocost-benchmarks

This change adds a new tool that gets triggered by a udev rule for any
block device and queries the hwdb for known solutions. The format for
the hwdb file that is currently generated by the github action looks like
this:

  # This file was auto-generated on Tue, 23 Aug 2022 13:03:57 +0000.
  # From the following commit:
  # ca82acfe93
  #
  # Match key format:
  # block:<devpath>:name:<model name>:

  # 12 points, MOF=[1.346,1.346], aMOF=[1.249,1.249]
  block:*:name:HFS256GD9TNG-62A0A:fwver:*:
    IOCOST_SOLUTIONS=isolation isolated-bandwidth bandwidth naive
    IOCOST_MODEL_ISOLATION=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
    IOCOST_QOS_ISOLATION=rpct=0.00 rlat=8807 wpct=0.00 wlat=59023 min=100.00 max=100.00
    IOCOST_MODEL_ISOLATED_BANDWIDTH=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
    IOCOST_QOS_ISOLATED_BANDWIDTH=rpct=0.00 rlat=8807 wpct=0.00 wlat=59023 min=100.00 max=100.00
    IOCOST_MODEL_BANDWIDTH=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
    IOCOST_QOS_BANDWIDTH=rpct=0.00 rlat=8807 wpct=0.00 wlat=59023 min=100.00 max=100.00
    IOCOST_MODEL_NAIVE=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
    IOCOST_QOS_NAIVE=rpct=99.00 rlat=8807 wpct=99.00 wlat=59023 min=75.00 max=100.00

The IOCOST_SOLUTIONS key lists the solutions available for that device
in the preferred order for higher isolation, which is a reasonable
default for most client systems. This can be overriden to choose better
defaults for custom use cases, like the various data center workloads.

The tool can also be used to query the known solutions for a specific
device or to apply a non-default solution (say, isolation or bandwidth).

Co-authored-by: Santosh Mahto <santosh.mahto@collabora.com>
2023-04-20 16:45:57 +02:00
Zbigniew Jędrzejewski-Szmek
ba5a469648
Merge pull request #27169 from yuwata/udev-rule-refuse-unsafe-path
sd-device,udev: refuse unsafe path in SYMLINK= and TAG=
2023-04-11 14:43:50 +02:00
Yu Watanabe
6fdc9fbc0f udev/scsi_id: rename positional arguments 2023-04-11 06:07:03 +09:00
Yu Watanabe
49e3e219b0 rules: drop doubled space 2023-04-08 04:50:04 +09:00
Zbigniew Jędrzejewski-Szmek
d05e1be86e udev: restore compat symlink for nvme devices
In 5118e8e71d, the rules were changed to add
OPTIONS="string_escape=replace" to creation of
ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}", so that "/" would be
escaped. But this also changes how the symlink looks for devices that do not
have "/". This adds back the old symlink for compat, except when a slash
is present.

In the meantime, we changed the symlink format to include ${ND_NSID}. Since
the symlink with unescaped characters are older than that, for compat we
only need to cover the older type. (Symlinks without escaping and with ${ND_NSID}
were never created.)  This makes it slightly easier on users: the non-deprecated
symlinks are with "_${ND_NSID}", so they are easier to distinguish.

Fixes #27155.

Mostly untested :(  I only have a boring nvme device with no special characters
in the id, and the symlinks are unchanged for it by this patch.
2023-04-08 04:50:04 +09:00
Dmitry V. Levin
519044f565 rules: add whitespace after comma before the line continuation 2023-03-27 10:00:30 +00:00
Dmitry V. Levin
4c61088497 rules: remove stray whitespace before comma between tokens 2023-03-27 10:00:30 +00:00
Thomas Blume
c5ba7a2a4d udev-rules: fix nvme symlink creation on namespace changes
The nvme by-id symlink changes to the latest namespace when a new namespace gets
added, for example by connecting multiple NVMe/TCP host controllers via nvme
connect-all.
That is incorrect for persistent device links.
The persistent symbolic device link should continue to point to the same NVMe
namespace throughout the lifetime of the current boot.
Therefore the namespace id needs to be added to the link name.
2023-03-21 15:46:45 +01:00
Lennart Poettering
5ac52d1f7b udev: add /dev/loop/ symlinks
This adds symlinks that allow accessing loopback block devices via stable
names that reference their backing block devices, make the unpredictable
naming of loopback devices less of an issue.

Example:

1. Create a loopback block device for a file $F

   losetup --find $F

2. Reference the backing block device via its inode:

   L="$(stat -c '/dev/loop/by-inode/%Hd:%Ld-%i' $F)"
   fdisk $L

In the above the loop device name (which might be /dev/loop47 or any
other name) is not used at all.
2023-03-09 16:41:26 +01:00
Dmitry V. Levin
f94e9529fe rules: do not use blkid builtin if built without blkid support
When built without blkid, then udev-builtin-blkid is not built,
and the verifier warns about the unknown builtin:

60-persistent-storage.rules:114 Unknown builtin command: blkid --hint=session_offset=$env{ID_CDROM_MEDIA_SESSION_LAST_OFFSET}
60-persistent-storage.rules:117 Unknown builtin command: blkid --noraid
60-persistent-storage.rules:120 Unknown builtin command: blkid
60-persistent-storage.rules: udev rules check failed
2023-03-08 18:55:40 +00:00
Dmitry V. Levin
dc652e7dc3 rules: remove redundant duplicate comparisons
$ grep -F -n -o 'ENV{DISKSEQ}=="?*", ' rules.d/60-persistent-storage.rules
139:ENV{DISKSEQ}=="?*",
139:ENV{DISKSEQ}=="?*",
140:ENV{DISKSEQ}=="?*",
140:ENV{DISKSEQ}=="?*",

Reported-by: Alexey Gladkov <legion@kernel.org>
Fixes: 17d97d4c90 ("udev: create disk/by-diskseq symlink only when the device has diskseq")
Fixes: 583dc6d933 ("udev: also create partition /dev/disk/by-diskseq/ symlinks")
2023-02-26 07:51:26 +09:00
Jan Janssen
4c6d1e1665 meson: Install missing udev rule 2023-01-27 18:23:02 +01:00
Lennart Poettering
583dc6d933 udev: also create partition /dev/disk/by-diskseq/ symlinks 2022-12-23 12:42:37 +01:00
Yu Watanabe
de8409ac43 rules: add missing line continuation
Fixes a bug introduced by 953c928c24.

Fixes #25811.
2022-12-21 09:52:07 +01:00
Zbigniew Jędrzejewski-Szmek
953c928c24 udev: rework 60-evdev.rules to be "additive"
We would execute up to four hwdb match patterns (+ the keyboard builtin):
After the first hit, we would skip the other patterns, because of the GOTO="evdev_end"
action.

57bb707d48 (rules: Add extended evdev/input match
rules for event nodes with the same name), added an additional match with
":phys:<phys>:ev:<ev>" inserted. This breaks backwards compatibility for user
hwdb patterns, because we quit after the first match.

In general hwdb properties are "additive". We often have a general rule that
matches a wider class and then some specific overrides. E.g. in this particular
case, we have a match for all trackpoints, and then a bunch of model-specific
settings.

So let's change the rules to try all the match patterns and combine the
received properties. We execute builtin-keyboard once at the end, if there was
at least one match.

Fixes #25698. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2152226.

This also impacts other cases which I think would be very confusing for users.
Since we quit after a first successful match, if we had e.g. a match for
'evdev:input:b*v*p*' in out database, and the user added a match using
'evdev:name:*', which is the approach we document in the .hwdb files and which
users quite often use, it would be silently ignored. What's worse, if we added
our 'evdev:input:b*v*p*' match at a later point, user's match would stop
working. If we combine all the properties, we get more stable behaviour.
2022-12-12 13:44:33 +01:00
Yu Watanabe
5286da064c udev: add safe guard for setting by-id symlink
The ID_BUS property is necessary for creating by-id symlinks.
2022-11-03 09:59:54 +09:00
Yu Watanabe
b2e53f5a0f udev: drop redundant call of usb_id and assignment of ID_USB_INTERFACE_NUM
The usb_id builtin command is already called in the above, and the
command sets the ID_USB_INTERFACE_NUM property.
2022-11-03 09:59:35 +09:00