1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-18 10:04:04 +03:00

72588 Commits

Author SHA1 Message Date
Mike Yuan
dbbc86ffbd
string-util: correct comment in strextendf_with_separator 2024-04-13 02:35:01 +08:00
Sam Leonard
edd85c8414 vmspawn: add --discard-disk= to control handling of disk discard requests
Fixes issue #32024, using --discard-disk=yes will enable handling of disk
discarding requests, saving space for long running VMs as desired.
2024-04-12 20:32:38 +02:00
Frantisek Sumsal
844af666ed test: add instructions on how to run Coverity locally
This requires a Coverity license, so the usefulness of the instructions
is somewhat limited, but at least I won't have to re-discover everything
from scratch when I need to debug something Coverity-related again in the
future.
2024-04-12 14:42:00 +02:00
Sam Leonard
0f85622950 vmspawn: update parse_boolean to parse_boolean_argument 2024-04-12 13:26:36 +01:00
Antonio Alvarez Feijoo
126928de76 bus-polkit: fix return value for varlink_allow_interactive_authentication()
Follow-up for d04c1a1c8e7c95daa483d8d52d5fc4c25fbc67f2
2024-04-12 13:26:22 +01:00
Zbigniew Jędrzejewski-Szmek
c71b50179e meson: do not fail build with newer kernel headers
systemd-255 is failing a build with the latest kernel headers… Let's downgrade
this warning, because it's fine if there's a file system we don't know about
and it makes thing less brittle if we don't treat this as a hard error.

(I initially conditionalized this on BUILD_MODE, but I don't think we need a
hard error there either. A warning will be noticed and fixed.)
2024-04-12 11:44:58 +01:00
Yu Watanabe
296afa8477 ndisc-option: also ignore Prefix Information option with multicast address
Fixes https://github.com/systemd/systemd/pull/32215#issuecomment-2049624693
2024-04-12 10:34:12 +01:00
Daan De Meyer
dd63f00c64
Merge pull request #32240 from yuwata/network-ndisc-fix-on-link-prefix
network/ndisc: fixlets for on-link prefix
2024-04-12 08:46:34 +02:00
Yu Watanabe
b263362254 network/ndisc: drop onlink prefix when valid lifetime is zero
Replaces 155d7a2c049cf866a0bfde8de371f09dfb3b6f29.
2024-04-12 06:12:03 +09:00
Yu Watanabe
9f368d9eb2 network/ndisc: do nothing for existing routes if on-link flag is zero
This effectively reverts commit 155d7a2c049cf866a0bfde8de371f09dfb3b6f29.

From RFC 4861 section 6.3.4:
> Note, however, that a Prefix Information option with the on-link flag
> set to zero conveys no information concerning on-link determination and
> MUST NOT be interpreted to mean that addresses covered by the prefix
> are off-link.

So, we should not drop previously configured routes when receieved a RA
with Prefix Information option without on-link flag.

Closes #28435.
2024-04-12 06:12:03 +09:00
Ronan Pigott
3a768db480 resolved: use NULL to represent an empty answer 2024-04-12 06:10:51 +09:00
Sam Leonard
657be6bdc7 vmspawn: enabled free page reporting in qemu by default
Fixes issue #32025, I saw no reason not to enable this by default so I
added it to the initial qemu cmdline.
2024-04-12 06:10:25 +09:00
Yu Watanabe
f87a606e10
Merge pull request #32213 from yuwata/network-ndisc-redirect-fix-sender-address-verification
network/ndisc: fix sender address verification of Redirect message
2024-04-12 06:09:44 +09:00
Ludwig Nussel
e7705e2191 nsresourced: don't redefine of bpf_rdonly_cast
bpf_rdonly_cast() was introduced in libbpf commit 688879f together with
the definition of a bpf_core_cast macro. So use that one to avoid
defining a prototype for bpf_rdonly_cast;
2024-04-12 05:55:27 +09:00
Yu Watanabe
bffa1c4889 sd-ndisc-redirect: fix verification of target address
See RFC 4861 section 8.1.
2024-04-12 04:59:42 +09:00
Yu Watanabe
9944629eee network/ndisc: fix verification of sender of Redirect message
The sender must be the first-hop router of the destination. Previously,
we only accepted Redirect messages whose sender is the current default
router with the highest priority.

See RFC 4861 section 8.1 for more details.

Fixes #31981.
2024-04-12 04:59:42 +09:00
Yu Watanabe
f76814757d network/ndisc: split out ndisc_redirect_verify_sender()
No functional change, preparation for later commits.
2024-04-12 04:59:42 +09:00
Yu Watanabe
d9688518ff network/ndisc: drop ndisc_request_redirect_route()
It is now called by only ndisc_redirect_handler(), and the check in
ndisc_request_redirect_route() is redundant and already done by
ndisc_redirect_verify_sender().

No functional change, just refactoring.
2024-04-12 04:59:42 +09:00
Yu Watanabe
ef6495ebb2 network/ndisc: redirect routes do not have lifetime
Hence, ndisc_router_update_redirect() does nothing. Let's remove it.
Also, ndisc_request_route() does not set lifetime for the route, it is
not necessary to set the third argument.
2024-04-12 04:59:42 +09:00
Yu Watanabe
33cab1d4ef network/ndisc: introduce ndisc_request_router_route()
Then, make ndisc_request_route() generic and usable for configuring
routes based on both Router Advertisement and Redirect messages.

Note, ndisc_request_router() never set lifetime, so the dropped comment
in ndisc_request_redirect_route() is wrong.

No functional change, just refactoring.
2024-04-12 04:59:42 +09:00
Yu Watanabe
2e73aa507b network/ndisc: do not set per-route MTU and hop limit
Setting MTU announced in RA message to routes is problematic, as the
value may be larger than the device MTU (IFLA_MTU), and in such case the
route cannot be used.

These two properties are now set per-interface, and gracefully handled
such invalid cases. Hence not necessary to set them to each route.

Follow-up for #32195.
2024-04-12 04:59:38 +09:00
Antonio Alvarez Feijoo
3ec49af973 journal-remote: fix two minor memory leaks 2024-04-12 02:37:25 +08:00
Frantisek Sumsal
fc49bf6041
Merge pull request #32228 from mrc0mmand/more-test-tweaks
A couple of follow-ups for #32189
2024-04-11 20:35:27 +02:00
Frantisek Sumsal
6d13aacaac test: make sd-journal-gatewayd tests even more debug-able
Unfortunately bfd30e8af6 is not enough and the test fails, that still
occasionally occur, don't provide enough information to see what's
wrong. Let's rework the test a little to improve this, namely:

  - redirect curl's output into a temporary file instead of piping it
    directly into the "check" expression; that way we can simply dump
    the temporary file when the test fails, providing potentially
    crucial information. We don't want to always dump everything to
    stdout, as some of the tests request an entire system journal (note
    that shell redirection instead of `curl -o file` is used
    intentionally, so the output file is always nuked first)
  - by dropping the pipes in curl commands we can re-enable pipefail
  - also, split some very long commands to multiple lines to (slightly)
    improve readability

Follow-up for bfd30e8af64a0d39ad110258dca69be919f6df34.
2024-04-11 14:42:45 +02:00
Luca Boccassi
947143e897
Merge pull request #32215 from yuwata/network-ndisc-address-lifetime
network/ndisc: fix assignment of valid lifetime
2024-04-11 12:16:31 +01:00
Ludwig Nussel
aadbe55925 creds: allow null when decrypting
pcrlock writes a credential file using null key. Make sure systemd-creds
can show the file
2024-04-11 12:15:32 +01:00
Daan De Meyer
eff0a82534
Merge pull request #32216 from DaanDeMeyer/fix
journal-remote: Use sd_event_set_signal_exit()
2024-04-11 13:01:46 +02:00
Luca Boccassi
a6f0f20eb3 README.md: link bug bounty program 2024-04-11 12:58:53 +02:00
dependabot[bot]
1fdafca718 build(deps): bump pkg/fedora from 2822a03 to 3f8c38e
Bumps pkg/fedora from `2822a03` to `3f8c38e`.

---
updated-dependencies:
- dependency-name: pkg/fedora
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-04-11 12:13:12 +02:00
Frantisek Sumsal
8d9cdb31f7 test: make the output of TEST-69 less painful to read
The logs from TEST-69 still contain a lot of unnecessary shell
metacharacters, so to make the output more readable let's just set
TERM=dumb, instead of having to strip everything semi-manually. Also,
move the related --background= tweak to TEST-69, since it's relevant
only for that particular test.

Follow-up for 8d4bfd38ed941aa8003d7007145eccc01f52a5f6.
2024-04-11 11:35:17 +02:00
Daan De Meyer
b50e9011d0 journal-remote: Use "event" instead of "events"
We use singular "event" everywhere else, so let's use it here as well.
2024-04-11 10:01:56 +02:00
Daan De Meyer
dcd332ae00 journal-remote: Use sd_event_set_signal_exit()
This also fixes bugs in the previous code where we pass the server
object as userdata to sd_event_add_signal which means that sd-event
tries to use the value of the server pointer as its exit code when
a signal is triggered.
2024-04-11 10:01:16 +02:00
Yu Watanabe
fc4a9c9ce6 test: PROJECT_FILE macro cannot be used in generated code
If the build directory is outside of the source tree, ASSERT_XYZ()
triggers the following warning:
===
[20/569] Compiling C object test-hashmap.p/meson-generated_.._src_test_test-hashmap-ordered.c.o
In file included from ../../home/watanabe/git/systemd/src/basic/macro.h:399,
                 from ../../home/watanabe/git/systemd/src/basic/alloc-util.h:10,
                 from src/test/test-hashmap-ordered.c:5:
src/test/test-hashmap-ordered.c: In function ‘test_ordered_hashmap_get’:
../../home/watanabe/git/systemd/src/basic/log.h:216:27: warning: offset ‘32’ outside bounds of constant string [-Warray-bounds=]
  216 |                         ? log_internal(_level, _e, PROJECT_FILE, __LINE__, __func__, __VA_ARGS__) \
      |                           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../home/watanabe/git/systemd/src/basic/log.h:238:24: note: in expansion of macro ‘log_full_errno_zerook’
  238 |                 (void) log_full_errno_zerook(level, 0, fmt, ##__VA_ARGS__); \
      |                        ^~~~~~~~~~~~~~~~~~~~~
../../home/watanabe/git/systemd/src/basic/log.h:248:28: note: in expansion of macro ‘log_full’
  248 | #define log_error(...)     log_full(LOG_ERR,     __VA_ARGS__)
      |                            ^~~~~~~~
../../home/watanabe/git/systemd/src/shared/tests.h:251:25: note: in expansion of macro ‘log_error’
  251 |                         log_error("%s:%i: Assertion failed: expected \"%s\" to be NULL, but \"%p\" != NULL",    \
      |                         ^~~~~~~~~
src/test/test-hashmap-ordered.c:614:9: note: in expansion of macro ‘ASSERT_NULL’
  614 |         ASSERT_NULL(r);
      |         ^~~~~~~~~~~
===
2024-04-11 09:29:22 +02:00
Daan De Meyer
8e7c157387
Merge pull request #32210 from YHNdnzj/execcommand-done
core: modernize ExecCommand parsing and fix one memory leak
2024-04-11 09:26:37 +02:00
Yu Watanabe
e42a74803a network/ndisc: fix updating valid lifetime of configured address
This makes the logic mostly follows RFC 4862 section 5.5.3 (e),
as draft-ietf-6man-slaac-renum-07 is deprecated.

Fixes #31449.
2024-04-11 15:56:01 +09:00
Yu Watanabe
2d4c9c42ac network/ndisc: set provider address in caller
Follow-up for 43d184682d640e438ad140b0743e2fd258455b12.

No functional change, just refactoring.
2024-04-11 15:56:01 +09:00
Yu Watanabe
1ae891037e
Merge pull request #32202 from DaanDeMeyer/assert
tests: Improve assertion error messages
2024-04-11 09:51:49 +09:00
Luca Boccassi
798ea5c05a
Merge pull request #32181 from YHNdnzj/open-file
Some fixes/improvements for OpenFile=
2024-04-10 23:15:56 +01:00
Luca Boccassi
d0ea800943
Merge pull request #32195 from yuwata/network-ndisc-mtu
network: several cleanups for IPv6 MTU
2024-04-10 23:12:21 +01:00
Luca Boccassi
bf5e509840
Merge pull request #32166 from yuwata/network-rfc7217-dad
network: generate another address on conflict
2024-04-10 22:59:01 +01:00
Yu Watanabe
8e91738fe9 libsystemd-network: do not trigger assertion by sd_*_is_running() with NULL
If systemd is built with developer mode, previously they trigger
hard assertions. Even built with release mode, we should not log about
that. Let's silently accept NULL and return false.

Prompted by https://github.com/systemd/systemd/pull/32166#issuecomment-2044710151.
2024-04-10 22:53:55 +01:00
Luca Boccassi
6dfaa0edaf
Merge pull request #32204 from DaanDeMeyer/post-rewrite
git: Add post-rewrite hook that invokes git submodule update
2024-04-10 22:52:45 +01:00
Luca Boccassi
af60f679a3
Merge pull request #32205 from YHNdnzj/bless-boot
Minor cleanup for bless-boot
2024-04-10 22:52:11 +01:00
Mike Yuan
ee9895e295
core/dbus-execute: fix potential memory leak 2024-04-11 04:44:57 +08:00
Mike Yuan
f09604b0a6
core/execute: introduce exec_command_free 2024-04-11 04:44:57 +08:00
Mike Yuan
ccbb85a58b
core/dbus-execute: modernize a bit 2024-04-11 04:44:36 +08:00
Mike Yuan
21b366121f
core/load-fragment: modernize config_parse_exec 2024-04-11 04:44:35 +08:00
Daan De Meyer
5c041971eb docs: Add Tests section to coding style doc 2024-04-10 18:24:29 +02:00
Daan De Meyer
681e39c1dc Introduce ASSERT_OK_ERRNO()
ASSERT_OK() is for functions that return negative errno. Let's
introduce ASSERT_OK_ERRNO() for syscalls that return -1 and store
the error in errno.
2024-04-10 18:24:26 +02:00
Daan De Meyer
29b27d59d5 tests: Improve assertion error messages 2024-04-10 18:20:23 +02:00