1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 23:21:22 +03:00
Commit Graph

60115 Commits

Author SHA1 Message Date
Yu Watanabe
c5654483dc fuzz: tighten acceptable data size
Fixes oss-fuzz#51887 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51887).
Fixes #24833.
2022-09-28 09:12:36 +02:00
Sarah Brofeldt
f8151a707c docs/NETWORK_ONLINE: systemd.network hyperlink fix 2022-09-28 15:48:39 +09:00
msizanoen1
b49e029a99 resolve: persist DNSOverTLS configuration in state file
Currently, NetworkManager will set DNSOverTLS according to its
`connection.dnsovertls` configuration only once during connection,
instead of every single restart of systemd-resolved, causing resolved to
lose the configuration on restart.

Fix this by persisting DNSOverTLS in the runtime state file, which will
also make it more consistent with other interface-specific settings.
2022-09-28 08:09:06 +09:00
Edson Juliano Drosdeck
f58ab54a2b
hwdb: fix Positivo-vaio FE14 V2 key toggle touchpad #24822 (#24825) 2022-09-28 08:06:34 +09:00
Luca Boccassi
0e26016e3d resolved notifications: follow-up fixes
Further review comments from: https://github.com/systemd/systemd/pull/22845
2022-09-27 22:34:17 +01:00
Yu Watanabe
a13231a904
Merge pull request #24832 from mrc0mmand/more-TEST-64-tweaks
A couple of performance tweaks for TEST-64 under QEMU
2022-09-28 02:26:55 +09:00
Frantisek Sumsal
998fb5c5e3 test: use fewer partitions/LVs when running with plain QEMU 2022-09-27 15:10:18 +02:00
Frantisek Sumsal
90743af65d test: make the symlink helpers a bit more quiet
and show only errors/warnings.
2022-09-27 15:10:18 +02:00
Frantisek Sumsal
d6ef4ebbda test: ignore tty* devices when checking device units
This lower the runtime of `check_device_units()` in a plain QEMU VM from
~45 seconds to ~25 seconds.
2022-09-27 15:10:18 +02:00
Frantisek Sumsal
dd2b99ee7f test: lower the # of iterations when running with plain QEMU 2022-09-27 15:10:18 +02:00
Frantisek Sumsal
d9e1cb288f test: support open-iscsi >= 2.1.2
Since open-iscsi 2.1.2 [0] the initiator name should be generated via
a one-time service instead of distro package's post-install scripts.
However, some distros still use this approach even after this patch,
so prefer the already existing initiatorname.iscsi file if it exists.

[0] f37d5b653f
2022-09-27 13:24:32 +02:00
Lennart Poettering
dd51b0f952
Merge pull request #24805 from yuwata/sd-network
sd-network: several cleanups
2022-09-27 11:28:25 +02:00
Richard Phibel
8aa3894eae systemctl: add support for --image option
All tools that support --root= should also learn --image=
so that they can operate on disk images directly.
2022-09-27 09:47:01 +02:00
Yu Watanabe
b577d5569d
Merge pull request #24812 from yuwata/udev-drop-netlink
udev: drop workaround for slow read of phys_port_name sysattr
2022-09-27 14:10:02 +09:00
Yu Watanabe
e05dd7718d sd-network: make sd_network_link_get_dns() or friends return -ENODATA
To make them consistent with other functions.
2022-09-27 10:42:31 +09:00
Yu Watanabe
778e3da95e sd-network: drop fallback values
This drops spurious lines in `networkctl status` for unmanaged interfaces.
Before:
```
$ networkctl status --lines 0 lo
● 1: lo
                     Link File: n/a
                  Network File: n/a
                          Type: loopback
                         State: carrier (unmanaged)
                  Online state: unknown
                    HW Address: 00:00:00:00:00:00
                           MTU: 65536
                         QDisc: noqueue
  IPv6 Address Generation Mode: eui64
          Queue Length (Tx/Rx): 1/1
                       Address: 127.0.0.1
                                ::1
             Activation Policy: up
           Required For Online: yes
```
After:
```
$ networkctl status --lines 0 lo
● 1: lo
                     Link File: n/a
                  Network File: n/a
                         State: carrier (unmanaged)
                  Online state: unknown
                          Type: loopback
              Hardware Address: 00:00:00:00:00:00
                           MTU: 65536
                         QDisc: noqueue
  IPv6 Address Generation Mode: eui64
      Number of Queues (Tx/Rx): 1/1
                       Address: 127.0.0.1
                                ::1
```

That is, the lines for Activation Policy and Required For Online are
dropped.
2022-09-27 10:42:31 +09:00
Yu Watanabe
c9d22489ca sd-network: introduce network_link_get_boolean() helper function 2022-09-27 10:42:31 +09:00
Yu Watanabe
27b13df45a sd-network: accept all space-like separators 2022-09-27 10:42:31 +09:00
Yu Watanabe
ce2e75021c sd-network: propagate -ENOENT
On -ENOENT, it suggests that network-manager is not running, and
interfaces are not unmanaged. Such information may be useful for
callers.
2022-09-27 10:42:31 +09:00
Yu Watanabe
e7c1b3f73a sd-network: rename function arguments for storing return value 2022-09-27 10:42:27 +09:00
Yu Watanabe
f1d07d83ab networkctl: use table_add_string_line() at one more place 2022-09-27 10:41:21 +09:00
Yu Watanabe
8f60c998ab networkctl: handle all errors in sd_network_link_get_setup_state() as "unmanaged"
We have already ignored all errors in other fields.
2022-09-27 10:41:13 +09:00
Yu Watanabe
5bbcfbaa11 udev: drop workaround for slow read of phys_port_name sysattr
TL;DR
This effectively reverts 8327fd1b11,
eaba9bb3e6, and its follow-ups, as the
original issue was already fixed by the kernel side.

The original issue that the above commits tried to 'fix' is that reading
phys_port_name triggers a lock in the kernel, hence processing multiple
interfaces at the same time causes extreme slow down.
To workaround the issue, the above commits made several necessary
information retrieved through netlink instead of sysfs attributes.

A patch set for the kernel was proposed as a fix for the issue:
https://lore.kernel.org/all/20210928125500.167943-1-atenart@kernel.org/
and some of them were merged to v5.16:
146e5e7333,
It has been already backported to 5.4.160, 5.10.80, 5.14.19, and 5.15.3.

When these commits were proposed, it is already claimed that such issue
should be fixed by the kernel side, and udevd should not workaround it.
Neverthless the feature was introduced, as these have theoretical
performance improvement, even if phys_port_name sysattr does not have the
above issue, as in that way udevd can obtain multiple information about
the interface with a single netlink socket operation. See the discussion
in #20744.

However, in reality, only `iflink`, `type`, `address`, and `phys_port_name`
attributes from netlink are used in the udev net_id builtin command. Hence,
after the original issue being fixed in the kernel side, there should be
almost no performance improvement for udevd.
Furthermore, combining attributes from netlink and sysfs makes hard to
test net_id builtin. See #21725.

Let's drop mostly meaningless code, and make net_id builtin easily testable.

Closes #21725.
2022-09-27 10:01:46 +09:00
Lennart Poettering
fc70944301 man: document that setting Storage= in namespaces journald menas LogDirectory= in unit file needs setting too
Replaces: #24789
2022-09-26 19:29:49 +01:00
Lennart Poettering
d57e43ad28
Merge pull request #24757 from yuwata/sd-device-get-child-first
sd-device: introduce sd_device_get_child_first() and _next()
2022-09-26 19:03:15 +02:00
Lennart Poettering
09d2ab7e1b
Merge pull request #24808 from medhefgo/fuzz
fuzz: Add fuzzer for some efi string functions
2022-09-26 18:37:08 +02:00
Topi Miettinen
75723d31a6 units: udev: partially emulate ProtectClock=
Drop CAP_SYS_TIME and CAP_WAKE_ALARM capabilities and block clock-related
system calls. Update TODO.
2022-09-26 11:40:28 +02:00
Lennart Poettering
eb8817db6e update TODO 2022-09-26 10:06:11 +02:00
Jan Janssen
af4b8cef38 boot: Make efi_fnmatch non-backtracking 2022-09-25 14:26:00 +02:00
Jan Janssen
ac37f132a1 fuzz: Add fuzzer for some efi string functions 2022-09-25 14:26:00 +02:00
Jan Janssen
4b8eb86360 fuzz: Introduce DO_NOT_OPTIMIZE
The compiler may decide computations like these are not doing anything
and decide to optimize them away. This would defeat the whole fuzzing
exercise. This macro will force the compiler to materialize the value
no matter what. It should be less prone to accidents compared to using
log functions, which would either slow things down or still optimize the
value away (or simply move it into the if branch the log macros create).

The benefit over assert_se would be that no requirement is made on the
value itself. If we are fine getting a string of any size (including
zero), an assert_se would either create a noisy compiler warning about
conditions that would alawys be met or yet again optimize the whole
thing away.
2022-09-25 14:26:00 +02:00
Jan Janssen
e7508839af fuzz-bcd: Do not include bcd.c
This is not needed anymore, so do it the proper way now.
2022-09-25 14:26:00 +02:00
Albert Mikaelyan
ca092bb57b Add Asus G14 GA402 to hwdb 2022-09-25 10:52:32 +01:00
Luca Boccassi
be807dcc5e
Merge pull request #24811 from yuwata/build-without-openssl
meson,tpm2: fix build without openssl
2022-09-25 10:51:45 +01:00
Yu Watanabe
bb1bc2fcb0 sd-device: introduce device_get_sysattr_int() 2022-09-25 13:59:49 +09:00
Yu Watanabe
395c1d9a85 tpm2-util: fix build with -Dopenssl=false
Fixes #24800.
2022-09-25 08:03:19 +09:00
Yu Watanabe
e0f435f935 meson: libfido2 requires openssl
Fixes compile error with -Dopenssl=false.
```
In file included from ../../home/watanabe/git/systemd/src/shared/pkcs11-util.h:12,
                 from ../../home/watanabe/git/systemd/src/cryptenroll/cryptenroll.c:24:
../../home/watanabe/git/systemd/src/shared/openssl-util.h:56:21: error: conflicting types for ‘X509’; have ‘struct X509’
   56 | typedef struct X509 X509;
      |                     ^~~~
In file included from /usr/include/openssl/crypto.h:25,
                 from /usr/include/openssl/bio.h:20,
                 from /usr/include/openssl/asn1.h:16,
                 from /usr/include/openssl/ec.h:17,
                 from /usr/include/fido.h:10,
                 from ../../home/watanabe/git/systemd/src/shared/libfido2-util.h:18,
                 from ../../home/watanabe/git/systemd/src/cryptenroll/cryptenroll-fido2.h:7,
                 from ../../home/watanabe/git/systemd/src/cryptenroll/cryptenroll.c:6:
/usr/include/openssl/ossl_typ.h:123:24: note: previous declaration of ‘X509’ with type ‘X509’ {aka ‘struct x509_st’}
  123 | typedef struct x509_st X509;
      |                        ^~~~
```
2022-09-25 07:53:06 +09:00
Yu Watanabe
e56074a212 tmpfiles: fix wrong return value
Follow-up for 27f6aa0b71.
2022-09-24 13:44:42 +02:00
Christian Göttsche
599b384924 core: respect SELinuxContext= for socket creation
On socket creation respect the SELinuxContext= setting of the associated
service, such that the initial created socket has the same label as the
future process accepting the connection (since w.r.t SELinux sockets
normally have the same label as the owning process).

Triggered by #24702
2022-09-24 14:35:54 +09:00
Yu Watanabe
3b51a183af tree-wide: fix typo 2022-09-24 10:43:58 +09:00
Luca Boccassi
542e6eb38d
Merge pull request #24799 from poettering/initrd-ftw
use "initrd" rather than "initial RAM disk" or "initramfs" to refernce the concept
2022-09-23 20:43:15 +01:00
Daan De Meyer
354dc913c5
Merge pull request #24635 from DaanDeMeyer/repart-verity-sig
repart: Add support for generating verity sig partitions
2022-09-23 18:53:04 +02:00
Daan De Meyer
b456191d3c repart: Add support for generating verity sig partitions 2022-09-23 16:15:37 +02:00
Daan De Meyer
8939d3351d openssl-util: Add x509_fingerprint() 2022-09-23 16:15:37 +02:00
Daan De Meyer
bc958a19e3 openssl-util: Allow declaring openssl struct pointers without openssl 2022-09-23 16:15:34 +02:00
Lennart Poettering
842beda4c5 TODO 2022-09-23 16:13:11 +02:00
Lennart Poettering
dd5533801b
Merge pull request #24700 from poettering/ssh-creds
support easy provisioning for SSH key of root user
2022-09-23 16:01:09 +02:00
Lennart Poettering
6e19a7ce13
Merge pull request #24628 from medhefgo/boot-sections
boot: Try to detect overlapping PE sections
2022-09-23 15:45:28 +02:00
Lennart Poettering
a9dba3ef5f
Merge pull request #24796 from yuwata/doc-update
documentation updates
2022-09-23 15:13:18 +02:00
Lennart Poettering
e711431d50
Merge pull request #24794 from DaanDeMeyer/repart-follow-ups
repart: Extend squashfs logic to all read-only filesystems
2022-09-23 15:12:56 +02:00