diff options
Diffstat (limited to 'src')
45 files changed, 664 insertions, 134 deletions
| diff --git a/src/basic/extract-word.c b/src/basic/extract-word.c index f8cac3e911..804f14c44c 100644 --- a/src/basic/extract-word.c +++ b/src/basic/extract-word.c @@ -241,7 +241,12 @@ int extract_first_word_and_warn(          return log_syntax(unit, LOG_ERR, filename, line, r, "Unable to decode word \"%s\", ignoring: %m", rvalue);  } -int extract_many_words(const char **p, const char *separators, ExtractFlags flags, ...) { +/* We pass ExtractFlags as unsigned int (to avoid undefined behaviour when passing + * an object that undergoes default argument promotion as an argument to va_start). + * Let's make sure that ExtractFlags fits into an unsigned int. */ +assert_cc(sizeof(enum ExtractFlags) <= sizeof(unsigned)); + +int extract_many_words(const char **p, const char *separators, unsigned flags, ...) {          va_list ap;          char **l;          int n = 0, i, c, r; diff --git a/src/basic/extract-word.h b/src/basic/extract-word.h index 21db5ef33f..04746c6d08 100644 --- a/src/basic/extract-word.h +++ b/src/basic/extract-word.h @@ -32,4 +32,4 @@ typedef enum ExtractFlags {  int extract_first_word(const char **p, char **ret, const char *separators, ExtractFlags flags);  int extract_first_word_and_warn(const char **p, char **ret, const char *separators, ExtractFlags flags, const char *unit, const char *filename, unsigned line, const char *rvalue); -int extract_many_words(const char **p, const char *separators, ExtractFlags flags, ...) _sentinel_; +int extract_many_words(const char **p, const char *separators, unsigned flags, ...) _sentinel_; diff --git a/src/boot/efi/measure.h b/src/boot/efi/measure.h index a2cfe817d0..43aa8a0058 100644 --- a/src/boot/efi/measure.h +++ b/src/boot/efi/measure.h @@ -13,9 +13,6 @@  #ifndef __SDBOOT_MEASURE_H  #define __SDBOOT_MEASURE_H -#ifndef SD_TPM_PCR -#define SD_TPM_PCR 8 -#endif -  EFI_STATUS tpm_log_event(UINT32 pcrindex, const EFI_PHYSICAL_ADDRESS buffer, UINTN buffer_size, const CHAR16 *description); +  #endif diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build index 6c5c856d8c..6241cb1c19 100644 --- a/src/boot/efi/meson.build +++ b/src/boot/efi/meson.build @@ -62,6 +62,8 @@ if have_gnu_efi          efi_conf = configuration_data()          efi_conf.set_quoted('PACKAGE_VERSION', meson.project_version())          efi_conf.set_quoted('EFI_MACHINE_TYPE_NAME', EFI_MACHINE_TYPE_NAME) +        efi_conf.set('SD_BOOT_LOG_TPM', get_option('tpm')) +        efi_conf.set('SD_TPM_PCR', get_option('tpm-pcrindex'))          efi_config_h = configure_file(                  output : 'efi_config.h', diff --git a/src/cgtop/cgtop.c b/src/cgtop/cgtop.c index 67f3a99860..7ebb02fa8c 100644 --- a/src/cgtop/cgtop.c +++ b/src/cgtop/cgtop.c @@ -75,6 +75,7 @@ static usec_t arg_delay = 1*USEC_PER_SEC;  static char* arg_machine = NULL;  static char* arg_root = NULL;  static bool arg_recursive = true; +static bool arg_recursive_unset = false;  static enum {          COUNT_PIDS, @@ -732,7 +733,6 @@ static int parse_argv(int argc, char *argv[]) {                  {}          }; -        bool recursive_unset = false;          int c, r;          assert(argc >= 1); @@ -852,7 +852,7 @@ static int parse_argv(int argc, char *argv[]) {                          }                          arg_recursive = r; -                        recursive_unset = r == 0; +                        arg_recursive_unset = r == 0;                          break;                  case 'M': @@ -873,11 +873,6 @@ static int parse_argv(int argc, char *argv[]) {                  return -EINVAL;          } -        if (recursive_unset && arg_count == COUNT_PIDS) { -                log_error("Non-recursive counting is only supported when counting processes, not tasks. Use -P or -k."); -                return -EINVAL; -        } -          return 1;  } @@ -902,6 +897,10 @@ int main(int argc, char *argv[]) {          log_parse_environment();          log_open(); +        r = parse_argv(argc, argv); +        if (r <= 0) +                goto finish; +          r = cg_mask_supported(&mask);          if (r < 0) {                  log_error_errno(r, "Failed to determine supported controllers: %m"); @@ -910,9 +909,10 @@ int main(int argc, char *argv[]) {          arg_count = (mask & CGROUP_MASK_PIDS) ? COUNT_PIDS : COUNT_USERSPACE_PROCESSES; -        r = parse_argv(argc, argv); -        if (r <= 0) -                goto finish; +        if (arg_recursive_unset && arg_count == COUNT_PIDS) { +                log_error("Non-recursive counting is only supported when counting processes, not tasks. Use -P or -k."); +                return -EINVAL; +        }          r = show_cgroup_get_path_and_warn(arg_machine, arg_root, &root);          if (r < 0) { diff --git a/src/core/dbus-unit.c b/src/core/dbus-unit.c index f15bb2196c..b0645ce294 100644 --- a/src/core/dbus-unit.c +++ b/src/core/dbus-unit.c @@ -748,6 +748,7 @@ const sd_bus_vtable bus_unit_vtable[] = {          SD_BUS_PROPERTY("IgnoreOnIsolate", "b", bus_property_get_bool, offsetof(Unit, ignore_on_isolate), SD_BUS_VTABLE_PROPERTY_CONST),          SD_BUS_PROPERTY("NeedDaemonReload", "b", property_get_need_daemon_reload, 0, SD_BUS_VTABLE_PROPERTY_CONST),          SD_BUS_PROPERTY("JobTimeoutUSec", "t", bus_property_get_usec, offsetof(Unit, job_timeout), SD_BUS_VTABLE_PROPERTY_CONST), +        SD_BUS_PROPERTY("JobRunningTimeoutUSec", "t", bus_property_get_usec, offsetof(Unit, job_running_timeout), SD_BUS_VTABLE_PROPERTY_CONST),          SD_BUS_PROPERTY("JobTimeoutAction", "s", property_get_emergency_action, offsetof(Unit, job_timeout_action), SD_BUS_VTABLE_PROPERTY_CONST),          SD_BUS_PROPERTY("JobTimeoutRebootArgument", "s", NULL, offsetof(Unit, job_timeout_reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST),          SD_BUS_PROPERTY("ConditionResult", "b", bus_property_get_bool, offsetof(Unit, condition_result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE), diff --git a/src/core/device.c b/src/core/device.c index 0e67c96552..da008f6041 100644 --- a/src/core/device.c +++ b/src/core/device.c @@ -112,7 +112,7 @@ static void device_init(Unit *u) {           * indefinitely for plugged in devices, something which cannot           * happen for the other units since their operations time out           * anyway. */ -        u->job_timeout = u->manager->default_timeout_start_usec; +        u->job_running_timeout = u->manager->default_timeout_start_usec;          u->ignore_on_isolate = true;  } diff --git a/src/core/job.c b/src/core/job.c index a02f1bb2bc..5067006d63 100644 --- a/src/core/job.c +++ b/src/core/job.c @@ -576,6 +576,7 @@ int job_run_and_invalidate(Job *j) {          if (!job_is_runnable(j))                  return -EAGAIN; +        job_start_timer(j, true);          job_set_state(j, JOB_RUNNING);          job_add_to_dbus_queue(j); @@ -949,22 +950,45 @@ static int job_dispatch_timer(sd_event_source *s, uint64_t monotonic, void *user          return 0;  } -int job_start_timer(Job *j) { +int job_start_timer(Job *j, bool job_running) {          int r; +        usec_t run_begin, timeout_time, old_timeout_time; -        if (j->timer_event_source) -                return 0; +        if (job_running) { +                if (j->unit->job_running_timeout == USEC_INFINITY) +                        return 0; -        j->begin_usec = now(CLOCK_MONOTONIC); +                run_begin = now(CLOCK_MONOTONIC); +                timeout_time = usec_add(run_begin, j->unit->job_running_timeout); -        if (j->unit->job_timeout == USEC_INFINITY) -                return 0; +                if (j->timer_event_source) { +                        /* Update only if JobRunningTimeoutSec= results in earlier timeout */ +                        r = sd_event_source_get_time(j->timer_event_source, &old_timeout_time); +                        if (r < 0) +                                return r; + +                        if (old_timeout_time <= timeout_time) +                                return 0; + +                        return sd_event_source_set_time(j->timer_event_source, timeout_time); +                } +        } else { +                if (j->timer_event_source) +                        return 0; + +                j->begin_usec = now(CLOCK_MONOTONIC); + +                if (j->unit->job_timeout == USEC_INFINITY) +                        return 0; + +                timeout_time = usec_add(j->begin_usec, j->unit->job_timeout); +        }          r = sd_event_add_time(                          j->manager->event,                          &j->timer_event_source,                          CLOCK_MONOTONIC, -                        usec_add(j->begin_usec, j->unit->job_timeout), 0, +                        timeout_time, 0,                          job_dispatch_timer, j);          if (r < 0)                  return r; diff --git a/src/core/job.h b/src/core/job.h index bea743f462..8b3d38fc60 100644 --- a/src/core/job.h +++ b/src/core/job.h @@ -220,7 +220,7 @@ int job_type_merge_and_collapse(JobType *a, JobType b, Unit *u);  void job_add_to_run_queue(Job *j);  void job_add_to_dbus_queue(Job *j); -int job_start_timer(Job *j); +int job_start_timer(Job *j, bool job_running);  int job_run_and_invalidate(Job *j);  int job_finish_and_invalidate(Job *j, JobResult result, bool recursive, bool already); diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4 index cb9e6fea27..97adbdd7bb 100644 --- a/src/core/load-fragment-gperf.gperf.m4 +++ b/src/core/load-fragment-gperf.gperf.m4 @@ -194,6 +194,7 @@ Unit.OnFailureIsolate,           config_parse_job_mode_isolate,      0,  Unit.IgnoreOnIsolate,            config_parse_bool,                  0,                             offsetof(Unit, ignore_on_isolate)  Unit.IgnoreOnSnapshot,           config_parse_warn_compat,           DISABLED_LEGACY,               0  Unit.JobTimeoutSec,              config_parse_sec_fix_0,             0,                             offsetof(Unit, job_timeout) +Unit.JobRunningTimeoutSec,       config_parse_sec,                   0,                             offsetof(Unit, job_running_timeout)  Unit.JobTimeoutAction,           config_parse_emergency_action,      0,                             offsetof(Unit, job_timeout_action)  Unit.JobTimeoutRebootArgument,   config_parse_unit_string_printf,    0,                             offsetof(Unit, job_timeout_reboot_arg)  Unit.StartLimitIntervalSec,      config_parse_sec,                   0,                             offsetof(Unit, start_limit.interval) diff --git a/src/core/main.c b/src/core/main.c index bcf9ea5f25..e6ae0bee31 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -1162,6 +1162,8 @@ static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching  static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {          struct rlimit nl;          int r; +        int min_max; +        _cleanup_free_ char *nr_open = NULL;          assert(saved_rlimit); @@ -1182,8 +1184,16 @@ static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {                  arg_default_rlimit[RLIMIT_NOFILE] = rl;          } +        /* Get current RLIMIT_NOFILE maximum compiled into the kernel. */ +        r = read_one_line_file("/proc/sys/fs/nr_open", &nr_open); +        if (r == 0) +                r = safe_atoi(nr_open, &min_max); +        /* If we fail, fallback to the hard-coded kernel limit of 1024 * 1024. */ +        if (r < 0) +                min_max = 1024 * 1024; +          /* Bump up the resource limit for ourselves substantially */ -        nl.rlim_cur = nl.rlim_max = 64*1024; +        nl.rlim_cur = nl.rlim_max = min_max;          r = setrlimit_closest(RLIMIT_NOFILE, &nl);          if (r < 0)                  return log_warning_errno(r, "Setting RLIMIT_NOFILE failed, ignoring: %m"); diff --git a/src/core/service.c b/src/core/service.c index a63c6d8bc3..b45929e535 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -2163,7 +2163,6 @@ static int service_serialize_exec_command(Unit *u, FILE *f, ExecCommand *command          unsigned idx;          const char *type;          char **arg; -        _cleanup_strv_free_ char **escaped_args = NULL;          _cleanup_free_ char *args = NULL, *p = NULL;          size_t allocated = 0, length = 0; @@ -2306,7 +2305,7 @@ static int service_deserialize_exec_command(Unit *u, const char *key, const char          bool control, found = false;          ServiceExecCommand id = _SERVICE_EXEC_COMMAND_INVALID;          ExecCommand *command = NULL; -        _cleanup_free_ char *args = NULL, *path = NULL; +        _cleanup_free_ char *path = NULL;          _cleanup_strv_free_ char **argv = NULL;          enum ExecCommandState { diff --git a/src/core/transaction.c b/src/core/transaction.c index b6d1062414..a2dfd8ae90 100644 --- a/src/core/transaction.c +++ b/src/core/transaction.c @@ -632,7 +632,7 @@ static int transaction_apply(Transaction *tr, Manager *m, JobMode mode) {                  job_add_to_run_queue(j);                  job_add_to_dbus_queue(j); -                job_start_timer(j); +                job_start_timer(j, false);                  job_shutdown_magic(j);          } diff --git a/src/core/unit.c b/src/core/unit.c index 25ea5a8591..01fa0d0d46 100644 --- a/src/core/unit.c +++ b/src/core/unit.c @@ -99,6 +99,7 @@ Unit *unit_new(Manager *m, size_t size) {          u->on_failure_job_mode = JOB_REPLACE;          u->cgroup_inotify_wd = -1;          u->job_timeout = USEC_INFINITY; +        u->job_running_timeout = USEC_INFINITY;          u->ref_uid = UID_INVALID;          u->ref_gid = GID_INVALID;          u->cpu_usage_last = NSEC_INFINITY; @@ -1336,6 +1337,9 @@ int unit_load(Unit *u) {                          goto fail;                  } +                if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout) +                        log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect."); +                  unit_update_cgroup_members_masks(u);          } diff --git a/src/core/unit.h b/src/core/unit.h index 8052c234fd..cf21b37e22 100644 --- a/src/core/unit.h +++ b/src/core/unit.h @@ -114,6 +114,7 @@ struct Unit {          /* Job timeout and action to take */          usec_t job_timeout; +        usec_t job_running_timeout;          EmergencyAction job_timeout_action;          char *job_timeout_reboot_arg; diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c index 50d350fce8..b6c1a8781b 100644 --- a/src/fstab-generator/fstab-generator.c +++ b/src/fstab-generator/fstab-generator.c @@ -399,6 +399,10 @@ static int add_mount(          if (r < 0)                  return r; +        r = generator_write_device_deps(dest, what, where, opts); +        if (r < 0) +                return r; +          r = write_mount_timeout(f, where, opts);          if (r < 0)                  return r; diff --git a/src/hostname/meson.build b/src/hostname/meson.build index 68275ba8f5..7cb5fc135a 100644 --- a/src/hostname/meson.build +++ b/src/hostname/meson.build @@ -1,9 +1,9 @@ -install_data('org.freedesktop.hostname1.conf', -             install_dir : dbuspolicydir) -install_data('org.freedesktop.hostname1.service', -             install_dir : dbussystemservicedir) -  if conf.get('ENABLE_HOSTNAMED', 0) == 1 +        install_data('org.freedesktop.hostname1.conf', +                     install_dir : dbuspolicydir) +        install_data('org.freedesktop.hostname1.service', +                     install_dir : dbussystemservicedir) +          custom_target(                  'org.freedesktop.hostname1.policy',                  input : 'org.freedesktop.hostname1.policy.in', diff --git a/src/import/pull-common.c b/src/import/pull-common.c index 4c745288f5..78840dd882 100644 --- a/src/import/pull-common.c +++ b/src/import/pull-common.c @@ -394,7 +394,6 @@ int pull_verify(PullJob *main_job,                  PullJob *signature_job) {          _cleanup_close_pair_ int gpg_pipe[2] = { -1, -1 }; -        _cleanup_free_ char *fn = NULL;          _cleanup_close_ int sig_file = -1;          char sig_file_path[] = "/tmp/sigXXXXXX", gpg_home[] = "/tmp/gpghomeXXXXXX";          _cleanup_(sigkill_waitp) pid_t pid = 0; diff --git a/src/import/pull-raw.c b/src/import/pull-raw.c index fd2e472f09..a15eac1f1f 100644 --- a/src/import/pull-raw.c +++ b/src/import/pull-raw.c @@ -580,7 +580,6 @@ static int raw_pull_job_on_open_disk_generic(                  const char *extra,                  char **temp_path) { -        _cleanup_free_ char *p = NULL;          int r;          assert(i); diff --git a/src/journal-remote/meson.build b/src/journal-remote/meson.build index 394be7068c..072fa14548 100644 --- a/src/journal-remote/meson.build +++ b/src/journal-remote/meson.build @@ -37,13 +37,13 @@ if conf.get('ENABLE_REMOTE', 0) == 1 and conf.get('HAVE_MICROHTTPD', 0) == 1                  configuration : substs)          install_data(journal_remote_conf,                       install_dir : pkgsysconfdir) -endif -install_data('browse.html', -             install_dir : join_paths(pkgdatadir, 'gatewayd')) +        install_data('browse.html', +                     install_dir : join_paths(pkgdatadir, 'gatewayd')) -meson.add_install_script('sh', '-c', -                         mkdir_p.format('/var/log/journal/remote')) -meson.add_install_script('sh', '-c', -                         'chown 0:0 $DESTDIR/var/log/journal/remote && -                          chmod 755 $DESTDIR/var/log/journal/remote || :') +        meson.add_install_script('sh', '-c', +                                 mkdir_p.format('/var/log/journal/remote')) +        meson.add_install_script('sh', '-c', +                                 'chown 0:0 $DESTDIR/var/log/journal/remote && +                                 chmod 755 $DESTDIR/var/log/journal/remote || :') +endif diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c index 14cb01a600..243d5198d9 100644 --- a/src/journal/journal-file.c +++ b/src/journal/journal-file.c @@ -613,6 +613,9 @@ static int journal_file_verify_header(JournalFile *f) {                          return -EBUSY;                  } +                if (f->header->field_hash_table_size == 0 || f->header->data_hash_table_size == 0) +                        return -EBADMSG; +                  /* Don't permit appending to files from the future. Because otherwise the realtime timestamps wouldn't                   * be strictly ordered in the entries in the file anymore, and we can't have that since it breaks                   * bisection. */ diff --git a/src/libsystemd/sd-netlink/netlink-types.c b/src/libsystemd/sd-netlink/netlink-types.c index 248bc90788..923f7dd10c 100644 --- a/src/libsystemd/sd-netlink/netlink-types.c +++ b/src/libsystemd/sd-netlink/netlink-types.c @@ -26,6 +26,7 @@  #include <linux/veth.h>  #include <linux/if_bridge.h>  #include <linux/if_addr.h> +#include <linux/if_addrlabel.h>  #include <linux/if.h>  #include <linux/ip.h>  #include <linux/if_link.h> @@ -586,22 +587,35 @@ static const NLTypeSystem rtnl_neigh_type_system = {          .types = rtnl_neigh_types,  }; +static const NLType rtnl_addrlabel_types[] = { +        [IFAL_ADDRESS]         = { .type = NETLINK_TYPE_IN_ADDR, .size = sizeof(struct in6_addr) }, +        [IFAL_LABEL]           = { .type = NETLINK_TYPE_U32 }, +}; + +static const NLTypeSystem rtnl_addrlabel_type_system = { +        .count = ELEMENTSOF(rtnl_addrlabel_types), +        .types = rtnl_addrlabel_types, +}; +  static const NLType rtnl_types[] = { -        [NLMSG_DONE]   = { .type = NETLINK_TYPE_NESTED, .type_system = &empty_type_system, .size = 0 }, -        [NLMSG_ERROR]  = { .type = NETLINK_TYPE_NESTED, .type_system = &empty_type_system, .size = sizeof(struct nlmsgerr) }, -        [RTM_NEWLINK]  = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, -        [RTM_DELLINK]  = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, -        [RTM_GETLINK]  = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, -        [RTM_SETLINK]  = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, -        [RTM_NEWADDR]  = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, -        [RTM_DELADDR]  = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, -        [RTM_GETADDR]  = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, -        [RTM_NEWROUTE] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, -        [RTM_DELROUTE] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, -        [RTM_GETROUTE] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, -        [RTM_NEWNEIGH] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, -        [RTM_DELNEIGH] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, -        [RTM_GETNEIGH] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, +        [NLMSG_DONE]       = { .type = NETLINK_TYPE_NESTED, .type_system = &empty_type_system, .size = 0 }, +        [NLMSG_ERROR]      = { .type = NETLINK_TYPE_NESTED, .type_system = &empty_type_system, .size = sizeof(struct nlmsgerr) }, +        [RTM_NEWLINK]      = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, +        [RTM_DELLINK]      = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, +        [RTM_GETLINK]      = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, +        [RTM_SETLINK]      = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, +        [RTM_NEWADDR]      = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, +        [RTM_DELADDR]      = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, +        [RTM_GETADDR]      = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, +        [RTM_NEWROUTE]     = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, +        [RTM_DELROUTE]     = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, +        [RTM_GETROUTE]     = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_route_type_system, .size = sizeof(struct rtmsg) }, +        [RTM_NEWNEIGH]     = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, +        [RTM_DELNEIGH]     = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, +        [RTM_GETNEIGH]     = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_neigh_type_system, .size = sizeof(struct ndmsg) }, +        [RTM_NEWADDRLABEL] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_addrlabel_type_system, .size = sizeof(struct ifaddrlblmsg) }, +        [RTM_DELADDRLABEL] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_addrlabel_type_system, .size = sizeof(struct ifaddrlblmsg) }, +        [RTM_GETADDRLABEL] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_addrlabel_type_system, .size = sizeof(struct ifaddrlblmsg) },  };  const NLTypeSystem type_system_root = { diff --git a/src/libsystemd/sd-netlink/netlink-util.h b/src/libsystemd/sd-netlink/netlink-util.h index f49bf4eaa6..49bb226ef3 100644 --- a/src/libsystemd/sd-netlink/netlink-util.h +++ b/src/libsystemd/sd-netlink/netlink-util.h @@ -32,6 +32,10 @@ bool rtnl_message_type_is_addr(uint16_t type);  bool rtnl_message_type_is_route(uint16_t type);  bool rtnl_message_type_is_neigh(uint16_t type); +static inline bool rtnl_message_type_is_addrlabel(uint16_t type) { +        return IN_SET(type, RTM_NEWADDRLABEL, RTM_DELADDRLABEL, RTM_GETADDRLABEL); +} +  int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name);  int rtnl_set_link_properties(sd_netlink **rtnl, int ifindex, const char *alias, const struct ether_addr *mac, unsigned mtu); diff --git a/src/libsystemd/sd-netlink/rtnl-message.c b/src/libsystemd/sd-netlink/rtnl-message.c index b543b5f20c..d5f8b7d15e 100644 --- a/src/libsystemd/sd-netlink/rtnl-message.c +++ b/src/libsystemd/sd-netlink/rtnl-message.c @@ -18,6 +18,7 @@  ***/  #include <netinet/in.h> +#include <linux/if_addrlabel.h>  #include <stdbool.h>  #include <unistd.h> @@ -700,3 +701,42 @@ int sd_rtnl_message_get_family(sd_netlink_message *m, int *family) {          return -EOPNOTSUPP;  } + +int sd_rtnl_message_new_addrlabel(sd_netlink *rtnl, sd_netlink_message **ret, uint16_t nlmsg_type, int ifindex, int ifal_family) { +        struct ifaddrlblmsg *addrlabel; +        int r; + +        assert_return(rtnl_message_type_is_addrlabel(nlmsg_type), -EINVAL); +        assert_return(ret, -EINVAL); + +        r = message_new(rtnl, ret, nlmsg_type); +        if (r < 0) +                return r; + +        if (nlmsg_type == RTM_NEWADDRLABEL) +                (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_EXCL; + +        addrlabel = NLMSG_DATA((*ret)->hdr); + +        addrlabel->ifal_family = ifal_family; +        addrlabel->ifal_index = ifindex; + +        return 0; +} + +int sd_rtnl_message_addrlabel_set_prefixlen(sd_netlink_message *m, unsigned char prefixlen) { +        struct ifaddrlblmsg *addrlabel; + +        assert_return(m, -EINVAL); +        assert_return(m->hdr, -EINVAL); +        assert_return(rtnl_message_type_is_addrlabel(m->hdr->nlmsg_type), -EINVAL); + +        addrlabel = NLMSG_DATA(m->hdr); + +        if (prefixlen > 128) +                return -ERANGE; + +        addrlabel->ifal_prefixlen = prefixlen; + +        return 0; +} diff --git a/src/locale/meson.build b/src/locale/meson.build index f722e0ed92..d03af4c0e2 100644 --- a/src/locale/meson.build +++ b/src/locale/meson.build @@ -27,9 +27,11 @@ endif  kbd_model_map = join_paths(meson.current_source_dir(),  'kbd-model-map')  language_fallback_map = join_paths(meson.current_source_dir(), 'language-fallback-map') -install_data('kbd-model-map', -             'language-fallback-map', -             install_dir : pkgdatadir) +if conf.get('ENABLE_LOCALED', 0) == 1 +        install_data('kbd-model-map', +                     'language-fallback-map', +                     install_dir : pkgdatadir) +endif  tests += [          [['src/locale/test-keymap-util.c', diff --git a/src/machine/meson.build b/src/machine/meson.build index 4ecb1cdb93..953774fdb6 100644 --- a/src/machine/meson.build +++ b/src/machine/meson.build @@ -39,8 +39,7 @@ endif  tests += [          [['src/machine/test-machine-tables.c'],           [libmachine_core, -          libshared, -          libudev], +          libshared],           [threads],           'ENABLE_MACHINED'],  ] diff --git a/src/network/meson.build b/src/network/meson.build index 94bbb156aa..808f9eebbc 100644 --- a/src/network/meson.build +++ b/src/network/meson.build @@ -27,6 +27,8 @@ sources = files('''          netdev/vxlan.h          netdev/geneve.c          netdev/geneve.h +        networkd-address-label.c +        networkd-address-label.h          networkd-address-pool.c          networkd-address-pool.h          networkd-address.c @@ -128,9 +130,8 @@ if conf.get('ENABLE_NETWORKD', 0) == 1       [libnetworkd_core,        libudev_internal,        libsystemd_network, -      libshared, -      libfirewall], -     [libiptc]], +      libshared], +     []],      [['src/network/test-network-tables.c',        'src/network/test-network-tables.c', @@ -139,8 +140,7 @@ if conf.get('ENABLE_NETWORKD', 0) == 1        libudev_internal,        libudev_core,        libsystemd_network, -      libshared, -      libfirewall], +      libshared],       [],       '', '', [],       [network_include_dir] + libudev_core_includes], diff --git a/src/network/netdev/geneve.h b/src/network/netdev/geneve.h index d97dac892c..f93b550b06 100644 --- a/src/network/netdev/geneve.h +++ b/src/network/netdev/geneve.h @@ -25,7 +25,6 @@ typedef struct Geneve Geneve;  #include "netdev.h"  #include "networkd-link.h"  #include "networkd-network.h" -#include "netdev.h"  #define GENEVE_VID_MAX (1u << 24) - 1 diff --git a/src/network/networkd-address-label.c b/src/network/networkd-address-label.c new file mode 100644 index 0000000000..1248719cf3 --- /dev/null +++ b/src/network/networkd-address-label.c @@ -0,0 +1,257 @@ +/*** +  This file is part of systemd. + +  Copyright 2017 Susant Sahani + +  systemd is free software; you can redistribute it and/or modify it +  under the terms of the GNU Lesser General Public License as published by +  the Free Software Foundation; either version 2.1 of the License, or +  (at your option) any later version. + +  systemd is distributed in the hope that it will be useful, but +  WITHOUT ANY WARRANTY; without even the implied warranty of +  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +  Lesser General Public License for more details. + +  You should have received a copy of the GNU Lesser General Public License +  along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <net/if.h> +#include <linux/if_addrlabel.h> + +#include "alloc-util.h" +#include "conf-parser.h" +#include "networkd-address-label.h" +#include "netlink-util.h" +#include "networkd-manager.h" +#include "parse-util.h" +#include "socket-util.h" + +int address_label_new(AddressLabel **ret) { +        _cleanup_address_label_free_ AddressLabel *addrlabel = NULL; + +        addrlabel = new0(AddressLabel, 1); +        if (!addrlabel) +                return -ENOMEM; + +        *ret = addrlabel; +        addrlabel = NULL; + +        return 0; +} + +void address_label_free(AddressLabel *label) { +        if (!label) +                return; + +        if (label->network) { +                LIST_REMOVE(labels, label->network->address_labels, label); +                assert(label->network->n_address_labels > 0); +                label->network->n_address_labels--; + +                if (label->section) { +                        hashmap_remove(label->network->address_labels_by_section, label->section); +                        network_config_section_free(label->section); +                } +        } + +        free(label); +} + +static int address_label_new_static(Network *network, const char *filename, unsigned section_line, AddressLabel **ret) { +        _cleanup_network_config_section_free_ NetworkConfigSection *n = NULL; +        _cleanup_address_label_free_ AddressLabel *label = NULL; +        int r; + +        assert(network); +        assert(ret); +        assert(!!filename == (section_line > 0)); + +        r = network_config_section_new(filename, section_line, &n); +        if (r < 0) +                return r; + +        label = hashmap_get(network->address_labels_by_section, n); +        if (label) { +                *ret = label; +                label = NULL; + +                return 0; +        } + +        r = address_label_new(&label); +        if (r < 0) +                return r; + +        label->section = n; +        n = NULL; + +        r = hashmap_put(network->address_labels_by_section, label->section, label); +        if (r < 0) +                return r; + +        label->network = network; +        LIST_APPEND(labels, network->address_labels, label); +        network->n_address_labels++; + +        *ret = label; +        label = NULL; + +        return 0; +} + +int address_label_configure( +                AddressLabel *label, +                Link *link, +                sd_netlink_message_handler_t callback, +                bool update) { + +        _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL; +        int r; + +        assert(label); +        assert(link); +        assert(link->ifindex > 0); +        assert(link->manager); +        assert(link->manager->rtnl); + +        r = sd_rtnl_message_new_addrlabel(link->manager->rtnl, &req, RTM_NEWADDRLABEL, +                                          link->ifindex, label->family); +        if (r < 0) +                return log_error_errno(r, "Could not allocate RTM_NEWADDR message: %m"); + +        r = sd_rtnl_message_addrlabel_set_prefixlen(req, label->prefixlen); +        if (r < 0) +                return log_error_errno(r, "Could not set prefixlen: %m"); + +        r = sd_netlink_message_append_u32(req, IFAL_LABEL, label->label); +        if (r < 0) +                return log_error_errno(r, "Could not append IFAL_LABEL attribute: %m"); + +        r = sd_netlink_message_append_in6_addr(req, IFA_ADDRESS, &label->in_addr.in6); +        if (r < 0) +                return log_error_errno(r, "Could not append IFA_ADDRESS attribute: %m"); + +        r = sd_netlink_call_async(link->manager->rtnl, req, callback, link, 0, NULL); +        if (r < 0) +                return log_error_errno(r, "Could not send rtnetlink message: %m"); + +        link_ref(link); + +        return 0; +} + +int config_parse_address_label_prefix(const char *unit, +                                      const char *filename, +                                      unsigned line, +                                      const char *section, +                                      unsigned section_line, +                                      const char *lvalue, +                                      int ltype, +                                      const char *rvalue, +                                      void *data, +                                      void *userdata) { + +        _cleanup_address_label_free_ AddressLabel *n = NULL; +        Network *network = userdata; +        const char *prefix, *e; +        union in_addr_union buffer; +        int r, f; + +        assert(filename); +        assert(section); +        assert(lvalue); +        assert(rvalue); +        assert(data); + +        r = address_label_new_static(network, filename, section_line, &n); +        if (r < 0) +                return r; + +        /* AddressLabel=prefix/prefixlen */ + +        /* prefixlen */ +        e = strchr(rvalue, '/'); +        if (e) { +                unsigned i; + +                r = safe_atou(e + 1, &i); +                if (r < 0) { +                        log_syntax(unit, LOG_ERR, filename, line, r, "Prefix length is invalid, ignoring assignment: %s", e + 1); +                        return 0; +                } + +                if (i > 128) { +                        log_syntax(unit, LOG_ERR, filename, line, r, "Prefix length is out of range, ignoring assignment: %s", e + 1); +                        return 0; +                } + +                n->prefixlen = (unsigned char) i; + +                prefix = strndupa(rvalue, e - rvalue); +        } else +                prefix = rvalue; + +        r = in_addr_from_string_auto(prefix, &f, &buffer); +        if (r < 0) { +                log_syntax(unit, LOG_ERR, filename, line, r, "Address label is invalid, ignoring assignment: %s", prefix); +                return 0; +        } + +        if (f != AF_INET6) { +                log_syntax(unit, LOG_ERR, filename, line, 0, "Address label family is not IPv6, ignoring assignment: %s", prefix); +                return 0; +        } + +        n->family = f; +        n->in_addr = buffer; + +        n = NULL; + +        return 0; +} + +int config_parse_address_label( +                const char *unit, +                const char *filename, +                unsigned line, +                const char *section, +                unsigned section_line, +                const char *lvalue, +                int ltype, +                const char *rvalue, +                void *data, +                void *userdata) { + +        _cleanup_address_label_free_ AddressLabel *n = NULL; +        Network *network = userdata; +        uint32_t k; +        int r; + +        assert(filename); +        assert(section); +        assert(lvalue); +        assert(rvalue); +        assert(data); + +        r = address_label_new_static(network, filename, section_line, &n); +        if (r < 0) +                return r; + +        r = safe_atou32(rvalue, &k); +        if (r < 0) { +                log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address label, ignoring: %s", rvalue); +                return 0; +        } + +        if (k == 0xffffffffUL) { +                log_syntax(unit, LOG_ERR, filename, line, r, "Adress label is invalid, ignoring: %s", rvalue); +                return 0; +        } + +        n->label = k; +        n = NULL; + +        return 0; +} diff --git a/src/network/networkd-address-label.h b/src/network/networkd-address-label.h new file mode 100644 index 0000000000..05bb24924c --- /dev/null +++ b/src/network/networkd-address-label.h @@ -0,0 +1,59 @@ +#pragma once + +/*** +  This file is part of systemd. + +  Copyright 2017 Susant Sahani + +  systemd is free software; you can redistribute it and/or modify it +  under the terms of the GNU Lesser General Public License as published by +  the Free Software Foundation; either version 2.1 of the License, or +  (at your option) any later version. + +  systemd is distributed in the hope that it will be useful, but +  WITHOUT ANY WARRANTY; without even the implied warranty of +  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +  Lesser General Public License for more details. + +  You should have received a copy of the GNU Lesser General Public License +  along with systemd; If not, see <http://www.gnu.org/licenses/>. +***/ + +#include <inttypes.h> +#include <stdbool.h> + +#include "in-addr-util.h" + +typedef struct AddressLabel AddressLabel; + +#include "networkd-link.h" +#include "networkd-network.h" + +typedef struct Network Network; +typedef struct Link Link; +typedef struct NetworkConfigSection NetworkConfigSection; + +struct AddressLabel { +        Network *network; +        Link *link; +        NetworkConfigSection *section; + +        int family; +        unsigned char prefixlen; +        uint32_t label; + +        union in_addr_union in_addr; + +        LIST_FIELDS(AddressLabel, labels); +}; + +int address_label_new(AddressLabel **ret); +void address_label_free(AddressLabel *label); + +DEFINE_TRIVIAL_CLEANUP_FUNC(AddressLabel*, address_label_free); +#define _cleanup_address_label_free_ _cleanup_(address_label_freep) + +int address_label_configure(AddressLabel *address, Link *link, sd_netlink_message_handler_t callback, bool update); + +int config_parse_address_label(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); +int config_parse_address_label_prefix(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 1797f144b6..48ee12a317 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -853,6 +853,35 @@ static int address_handler(sd_netlink *rtnl, sd_netlink_message *m, void *userda          return 1;  } +static int address_label_handler(sd_netlink *rtnl, sd_netlink_message *m, void *userdata) { +        _cleanup_link_unref_ Link *link = userdata; +        int r; + +        assert(rtnl); +        assert(m); +        assert(link); +        assert(link->ifname); +        assert(link->link_messages > 0); + +        link->link_messages--; + +        if (IN_SET(link->state, LINK_STATE_FAILED, LINK_STATE_LINGER)) +                return 1; + +        r = sd_netlink_message_get_errno(m); +        if (r < 0 && r != -EEXIST) +                log_link_warning_errno(link, r, "could not set address label: %m"); +        else if (r >= 0) +                manager_rtnl_process_address(rtnl, m, link->manager); + +        if (link->link_messages == 0) { +                log_link_debug(link, "Addresses label set"); +                link_enter_set_routes(link); +        } + +        return 1; +} +  static int link_push_uplink_dns_to_dhcp_server(Link *link, sd_dhcp_server *s) {          _cleanup_free_ struct in_addr *addresses = NULL;          size_t n_addresses = 0, n_allocated = 0; @@ -965,6 +994,7 @@ static int link_set_bridge_fdb(Link *link) {  }  static int link_enter_set_addresses(Link *link) { +        AddressLabel *label;          Address *ad;          int r; @@ -989,6 +1019,17 @@ static int link_enter_set_addresses(Link *link) {                  link->link_messages++;          } +        LIST_FOREACH(labels, label, link->network->address_labels) { +                r = address_label_configure(label, link, address_label_handler, false); +                if (r < 0) { +                        log_link_warning_errno(link, r, "Could not set address label: %m"); +                        link_enter_failed(link); +                        return r; +                } + +                link->link_messages++; +        } +          /* now that we can figure out a default address for the dhcp server,             start it */          if (link_dhcp4_server_enabled(link)) { diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf index 3743113825..6c4530fbd4 100644 --- a/src/network/networkd-network-gperf.gperf +++ b/src/network/networkd-network-gperf.gperf @@ -79,6 +79,8 @@ Address.DuplicateAddressDetection,      config_parse_address_flags,  Address.ManageTemporaryAddress,         config_parse_address_flags,                     0,                             0  Address.PrefixRoute,                    config_parse_address_flags,                     0,                             0  Address.AutoJoin,                       config_parse_address_flags,                     0,                             0 +IPv6AddressLabel.Prefix,                config_parse_address_label_prefix,              0,                             0 +IPv6AddressLabel.Label,                 config_parse_address_label,                     0,                             0  Route.Gateway,                          config_parse_gateway,                           0,                             0  Route.Destination,                      config_parse_destination,                       0,                             0  Route.Source,                           config_parse_destination,                       0,                             0 diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index dd29b4ca48..0c0e661909 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -114,6 +114,7 @@ static int network_load_one(Manager *manager, const char *filename) {          LIST_HEAD_INIT(network->static_routes);          LIST_HEAD_INIT(network->static_fdb_entries);          LIST_HEAD_INIT(network->ipv6_proxy_ndp_addresses); +        LIST_HEAD_INIT(network->address_labels);          network->stacked_netdevs = hashmap_new(&string_hash_ops);          if (!network->stacked_netdevs) @@ -131,6 +132,10 @@ static int network_load_one(Manager *manager, const char *filename) {          if (!network->fdb_entries_by_section)                  return log_oom(); +        network->address_labels_by_section = hashmap_new(&network_config_hash_ops); +        if (!network->address_labels_by_section) +                return log_oom(); +          network->filename = strdup(filename);          if (!network->filename)                  return log_oom(); @@ -192,6 +197,7 @@ static int network_load_one(Manager *manager, const char *filename) {                                "Link\0"                                "Network\0"                                "Address\0" +                              "IPv6AddressLabel\0"                                "Route\0"                                "DHCP\0"                                "DHCPv4\0" /* compat */ @@ -271,6 +277,7 @@ void network_free(Network *network) {          Address *address;          FdbEntry *fdb_entry;          IPv6ProxyNDPAddress *ipv6_proxy_ndp_address; +        AddressLabel *label;          Iterator i;          if (!network) @@ -318,9 +325,13 @@ void network_free(Network *network) {          while ((ipv6_proxy_ndp_address = network->ipv6_proxy_ndp_addresses))                  ipv6_proxy_ndp_address_free(ipv6_proxy_ndp_address); +        while ((label = network->address_labels)) +                address_label_free(label); +          hashmap_free(network->addresses_by_section);          hashmap_free(network->routes_by_section);          hashmap_free(network->fdb_entries_by_section); +        hashmap_free(network->address_labels_by_section);          if (network->manager) {                  if (network->manager->networks) diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h index d6f418d521..28ef285be6 100644 --- a/src/network/networkd-network.h +++ b/src/network/networkd-network.h @@ -28,6 +28,7 @@  #include "resolve-util.h"  #include "networkd-address.h" +#include "networkd-address-label.h"  #include "networkd-brvlan.h"  #include "networkd-fdb.h"  #include "networkd-lldp-tx.h" @@ -202,15 +203,18 @@ struct Network {          LIST_HEAD(Route, static_routes);          LIST_HEAD(FdbEntry, static_fdb_entries);          LIST_HEAD(IPv6ProxyNDPAddress, ipv6_proxy_ndp_addresses); +        LIST_HEAD(AddressLabel, address_labels);          unsigned n_static_addresses;          unsigned n_static_routes;          unsigned n_static_fdb_entries;          unsigned n_ipv6_proxy_ndp_addresses; +        unsigned n_address_labels;          Hashmap *addresses_by_section;          Hashmap *routes_by_section;          Hashmap *fdb_entries_by_section; +        Hashmap *address_labels_by_section;          struct in_addr_data *dns;          unsigned n_dns; diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index fd00d0957a..905dbc4c74 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1158,6 +1158,10 @@ static int parse_argv(int argc, char *argv[]) {          arg_caps_retain = (arg_caps_retain | plus | (arg_private_network ? 1ULL << CAP_NET_ADMIN : 0)) & ~minus; +        r = cg_unified_flush(); +        if (r < 0) +                return log_error_errno(r, "Failed to determine whether the unified cgroups hierarchy is used: %m"); +          e = getenv("SYSTEMD_NSPAWN_CONTAINER_SERVICE");          if (e)                  arg_container_service_name = e; @@ -3545,10 +3549,6 @@ int main(int argc, char *argv[]) {          log_parse_environment();          log_open(); -        r = cg_unified_flush(); -        if (r < 0) -                return log_error_errno(r, "Failed to determine whether the unified cgroups hierarchy is used: %m"); -          /* Make sure rename_process() in the stub init process can work */          saved_argv = argv;          saved_argc = argc; diff --git a/src/resolve/meson.build b/src/resolve/meson.build index 46a417e766..347ffaaeca 100644 --- a/src/resolve/meson.build +++ b/src/resolve/meson.build @@ -135,10 +135,10 @@ if conf.get('ENABLE_RESOLVED', 0) == 1                  configuration : substs)          install_data(resolved_conf,                       install_dir : pkgsysconfdir) -endif -install_data('resolv.conf', -             install_dir : rootlibexecdir) +        install_data('resolv.conf', +                     install_dir : rootlibexecdir) +endif  tests += [          [['src/resolve/test-resolve-tables.c', diff --git a/src/shared/efivars.c b/src/shared/efivars.c index 8631a5a5d9..8229e6b183 100644 --- a/src/shared/efivars.c +++ b/src/shared/efivars.c @@ -269,6 +269,7 @@ int efi_set_variable(          _cleanup_close_ int fd = -1;          assert(name); +        assert(value);          if (asprintf(&p,                       "/sys/firmware/efi/efivars/%s-%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x", diff --git a/src/shared/generator.c b/src/shared/generator.c index 9a069b2f97..19ec133772 100644 --- a/src/shared/generator.c +++ b/src/shared/generator.c @@ -188,10 +188,49 @@ int generator_write_timeouts(          return write_drop_in_format(dir, unit, 50, "device-timeout",                                      "# Automatically generated by %s\n\n" -                                    "[Unit]\nJobTimeoutSec=%s", +                                    "[Unit]\nJobRunningTimeoutSec=%s",                                      program_invocation_short_name, timeout);  } +int generator_write_device_deps( +                const char *dir, +                const char *what, +                const char *where, +                const char *opts) { + +        /* fstab records that specify _netdev option should apply the network +         * ordering on the actual device depending on network connection. If we +         * are not mounting real device (NFS, CIFS), we rely on _netdev effect +         * on the mount unit itself. */ + +        _cleanup_free_ char *node = NULL, *unit = NULL; +        int r; + +        if (!fstab_test_option(opts, "_netdev\0")) +                return 0; + +        node = fstab_node_to_udev_node(what); +        if (!node) +                return log_oom(); + +        /* Nothing to apply dependencies to. */ +        if (!is_device_path(node)) +                return 0; + +        r = unit_name_from_path(node, ".device", &unit); +        if (r < 0) +                return log_error_errno(r, "Failed to make unit name from path: %m"); + +        /* See mount_add_default_dependencies for explanation why we create such +         * dependencies. */ +        return write_drop_in_format(dir, unit, 50, "netdev-dependencies", +                                    "# Automatically generated by %s\n\n" +                                    "[Unit]\n" +                                    "After=" SPECIAL_NETWORK_ONLINE_TARGET " " SPECIAL_NETWORK_TARGET "\n" +                                    "Wants=" SPECIAL_NETWORK_ONLINE_TARGET "\n", +                                    program_invocation_short_name); +} +  int generator_write_initrd_root_device_deps(const char *dir, const char *what) {          _cleanup_free_ char *unit = NULL;          int r; diff --git a/src/shared/generator.h b/src/shared/generator.h index a6017c1b76..825d934c8e 100644 --- a/src/shared/generator.h +++ b/src/shared/generator.h @@ -35,6 +35,12 @@ int generator_write_timeouts(          const char *opts,          char **filtered); +int generator_write_device_deps( +                const char *dir, +                const char *what, +                const char *where, +                const char *opts); +  int generator_write_initrd_root_device_deps(          const char *dir,          const char *what); diff --git a/src/shared/meson.build b/src/shared/meson.build index 8968127d3f..f1d73d1b3f 100644 --- a/src/shared/meson.build +++ b/src/shared/meson.build @@ -34,6 +34,7 @@ shared_sources = '''          efivars.h          fdset.c          fdset.h +        firewall-util.h          fstab-util.c          fstab-util.h          gcrypt-util.c @@ -114,6 +115,10 @@ if conf.get('HAVE_SECCOMP', 0) == 1          shared_sources += ['seccomp-util.c']  endif +if conf.get('HAVE_LIBIPTC', 0) == 1 +        shared_sources += ['firewall-util.c'] +endif +  libshared_name = 'systemd-shared-@0@'.format(meson.project_version())  libshared = shared_library( @@ -122,10 +127,10 @@ libshared = shared_library(          basic_sources,          journal_internal_sources,          libsystemd_internal_sources, +        libudev_sources,          include_directories : includes,          link_args : ['-shared'],          c_args : ['-fvisibility=default'], -        link_with : [libudev],          dependencies : [threads,                          librt,                          libcap, @@ -152,21 +157,9 @@ libshared_static = static_library(                          libcap,                          libacl,                          libcryptsetup, -                        libiptc,                          libseccomp,                          libselinux,                          libidn,                          libxz,                          liblz4,                          libblkid]) - -if conf.get('HAVE_LIBIPTC', 0) == 1 -        libfirewall = static_library( -                'firewall', -                'firewall-util.h', -                'firewall-util.c', -                include_directories : includes, -                dependencies : [libiptc]) -else -        libfirewall = [] -endif diff --git a/src/shared/pager.c b/src/shared/pager.c index 22d7603ec6..4d7b02c63c 100644 --- a/src/shared/pager.c +++ b/src/shared/pager.c @@ -176,12 +176,14 @@ void pager_close(void) {          /* Inform pager that we are done */          (void) fflush(stdout); -        if (stdout_redirected && ((stored_stdout < 0) || (dup2(stored_stdout, STDOUT_FILENO) < 0))) -                (void) close(STDOUT_FILENO); +        if (stdout_redirected) +                if (stored_stdout < 0 || dup2(stored_stdout, STDOUT_FILENO) < 0) +                        (void) close(STDOUT_FILENO);          stored_stdout = safe_close(stored_stdout);          (void) fflush(stderr); -        if (stderr_redirected && ((stored_stderr < 0) || (dup2(stored_stderr, STDERR_FILENO) < 0))) -                (void) close(STDERR_FILENO); +        if (stderr_redirected) +                if (stored_stderr < 0 || dup2(stored_stderr, STDERR_FILENO) < 0) +                        (void) close(STDERR_FILENO);          stored_stderr = safe_close(stored_stderr);          stdout_redirected = stderr_redirected = false; diff --git a/src/systemd/sd-netlink.h b/src/systemd/sd-netlink.h index 7efa8ebe5a..aa39e0a0db 100644 --- a/src/systemd/sd-netlink.h +++ b/src/systemd/sd-netlink.h @@ -155,6 +155,9 @@ int sd_rtnl_message_neigh_get_ifindex(sd_netlink_message *m, int *family);  int sd_rtnl_message_neigh_get_state(sd_netlink_message *m, uint16_t *state);  int sd_rtnl_message_neigh_get_flags(sd_netlink_message *m, uint8_t *flags); +int sd_rtnl_message_new_addrlabel(sd_netlink *rtnl, sd_netlink_message **ret, uint16_t nlmsg_type, int ifindex, int ifal_family); +int sd_rtnl_message_addrlabel_set_prefixlen(sd_netlink_message *m, unsigned char prefixlen); +  _SD_DEFINE_POINTER_CLEANUP_FUNC(sd_netlink, sd_netlink_unref);  _SD_DEFINE_POINTER_CLEANUP_FUNC(sd_netlink_message, sd_netlink_message_unref); diff --git a/src/test/meson.build b/src/test/meson.build index 6c0fd4dca9..4ae1210fe1 100644 --- a/src/test/meson.build +++ b/src/test/meson.build @@ -55,8 +55,7 @@ tests += [          [['src/test/test-job-type.c'],           [libcore, -          libshared, -          libudev], +          libshared],           [threads,            librt,            libseccomp, @@ -66,8 +65,7 @@ tests += [          [['src/test/test-ns.c'],           [libcore, -          libshared, -          libudev], +          libshared],           [threads,            librt,            libseccomp, @@ -88,8 +86,7 @@ tests += [          [['src/test/test-hostname.c'],           [libcore, -          libshared, -          libudev], +          libshared],           [threads,            librt,            libseccomp, @@ -110,8 +107,7 @@ tests += [          [['src/test/test-unit-name.c'],           [libcore, -          libshared, -          libudev], +          libshared],           [threads,            librt,            libseccomp, @@ -121,8 +117,7 @@ tests += [          [['src/test/test-unit-file.c'],           [libcore, -          libshared, -          libudev], +          libshared],           [threads,            librt,            libseccomp, @@ -285,8 +280,7 @@ tests += [          [['src/test/test-namespace.c'],           [libcore, -          libshared, -          libudev], +          libshared],           [threads,            libblkid]], @@ -415,8 +409,7 @@ tests += [          [['src/test/test-firewall-util.c'], -         [libfirewall, -          libshared], +         [libshared],           [],           'HAVE_LIBIPTC'], @@ -461,8 +454,7 @@ tests += [          [['src/test/test-cgroup-mask.c'],           [libcore, -          libshared, -          libudev], +          libshared],           [threads,            librt,            libseccomp, @@ -492,8 +484,7 @@ tests += [          [['src/test/test-path.c'],           [libcore, -          libshared, -          libudev], +          libshared],           [threads,            librt,            libseccomp, @@ -503,8 +494,7 @@ tests += [          [['src/test/test-execute.c'],           [libcore, -          libshared, -          libudev], +          libshared],           [threads,            librt,            libseccomp, @@ -532,8 +522,7 @@ tests += [          [['src/test/test-sched-prio.c'],           [libcore, -          libshared, -          libudev], +          libshared],           [threads,            librt,            libseccomp, @@ -564,8 +553,7 @@ tests += [           []],          [['src/test/test-libudev.c'], -         [libshared, -          libudev], +         [libshared],           []],          [['src/test/test-udev.c'], @@ -615,8 +603,7 @@ tests += [          [['src/journal/test-journal-syslog.c'],           [libjournal_core, -          libshared, -          libudev], +          libshared],           [threads,            libxz,            liblz4, @@ -818,8 +805,7 @@ tests += [            'src/libsystemd-network/dhcp-internal.h',            'src/systemd/sd-dhcp-client.h'],           [libshared, -          libsystemd_network, -          libudev], +          libsystemd_network],           []],          [['src/libsystemd-network/test-dhcp-server.c'], @@ -855,8 +841,7 @@ tests += [            'src/systemd/sd-dhcp6-client.h',            'src/systemd/sd-ndisc.h'],           [libshared, -          libsystemd_network, -          libudev], +          libsystemd_network],           []],          [['src/libsystemd-network/test-dhcp6-client.c', @@ -865,8 +850,7 @@ tests += [            'src/libsystemd-network/dhcp6-internal.h',            'src/systemd/sd-dhcp6-client.h'],           [libshared, -          libsystemd_network, -          libudev], +          libsystemd_network],           []],          [['src/libsystemd-network/test-lldp.c'], @@ -889,7 +873,6 @@ tests += [          [['src/login/test-login-tables.c'],           [liblogind_core, -          libshared, -          libudev], +          libshared],           [threads]],  ] diff --git a/src/test/test-sizeof.c b/src/test/test-sizeof.c index 36389b7710..269adfd18f 100644 --- a/src/test/test-sizeof.c +++ b/src/test/test-sizeof.c @@ -32,6 +32,14 @@                 strstr(STRINGIFY(t), "signed") ? "" :            \                 ((t)-1 < (t)0 ? ", signed" : ", unsigned")); +enum Enum { +        enum_value, +}; + +enum BigEnum { +        big_enum_value = UINT64_C(-1), +}; +  int main(void) {          info(char);          info(signed char); @@ -53,5 +61,8 @@ int main(void) {          info(usec_t);          info(__time_t); +        info(enum Enum); +        info(enum BigEnum); +          return 0;  } diff --git a/src/update-done/update-done.c b/src/update-done/update-done.c index d466e1b759..06e2d7b71b 100644 --- a/src/update-done/update-done.c +++ b/src/update-done/update-done.c @@ -17,8 +17,10 @@    along with systemd; If not, see <http://www.gnu.org/licenses/>.  ***/ +#include "alloc-util.h"  #include "fd-util.h"  #include "fileio.h" +#include "fs-util.h"  #include "io-util.h"  #include "selinux-util.h"  #include "util.h" @@ -36,6 +38,7 @@ static int apply_timestamp(const char *path, struct timespec *ts) {          _cleanup_fclose_ FILE *f = NULL;          int fd = -1;          int r; +        _cleanup_(unlink_and_freep) char *tmp = NULL;          assert(path);          assert(ts); @@ -50,20 +53,20 @@ static int apply_timestamp(const char *path, struct timespec *ts) {          if (r < 0)                  return log_error_errno(r, "Failed to set SELinux context for %s: %m", path); -        fd = open(path, O_CREAT|O_WRONLY|O_TRUNC|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0644); +        fd = open_tmpfile_linkable(path, O_WRONLY|O_CLOEXEC, &tmp);          mac_selinux_create_file_clear();          if (fd < 0) {                  if (errno == EROFS) -                        return log_debug("Can't create timestamp file %s, file system is read-only.", path); +                        return log_debug("Can't create temporary timestamp file %s, file system is read-only.", tmp); -                return log_error_errno(errno, "Failed to create/open timestamp file %s: %m", path); +                return log_error_errno(errno, "Failed to create/open temporary timestamp file %s: %m", tmp);          }          f = fdopen(fd, "we");          if (!f) {                  safe_close(fd); -                return log_error_errno(errno, "Failed to fdopen() timestamp file %s: %m", path); +                return log_error_errno(errno, "Failed to fdopen() timestamp file %s: %m", tmp);          }          (void) fprintf(f, @@ -76,7 +79,15 @@ static int apply_timestamp(const char *path, struct timespec *ts) {                  return log_error_errno(r, "Failed to write timestamp file: %m");          if (futimens(fd, twice) < 0) -                return log_error_errno(errno, "Failed to update timestamp on %s: %m", path); +                return log_error_errno(errno, "Failed to update timestamp on %s: %m", tmp); + +        /* fix permissions */ +        (void) fchmod(fd, 0644); +        r = link_tmpfile(fd, tmp, path); +        if (r < 0) +                return log_error_errno(r, "Failed to move \"%s\" to \"%s\": %m", tmp, path); + +        tmp = mfree(tmp);          return 0;  } | 
