summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-07-23Merge pull request #683 from ssahani/tun1Tom Gundersen
networkd: ip6gre add support for flowlabel
2015-07-23Merge pull request #670 from floppym/ptsuidLennart Poettering
nspawn: Don't pass uid mount option for devpts
2015-07-23Merge pull request #678 from eworm-de/oracle-kvmLennart Poettering
Oracle kvm
2015-07-23Merge pull request #691 from teg/networkd-after-sysctlDaniel Mack
units: order networkd after sysctl
2015-07-23virt: handle Virtualbox 5.0 with kvm hypervisorChristian Hesse
Virtualbox 5.0 now supports kvm hypervisor. In this case cpuid identidies as "kvm", which breaks units depending on ConditionVirtualization=oracle. So return "oracle" even with kvm hypervisor.
2015-07-23Merge pull request #682 from ssahani/bridgeLennart Poettering
networkd: add bridge link properties
2015-07-23units: order networkd after sysctlTom Gundersen
This way networkd will correctly and race-freely inherit the default settings applied by sysctl. Suggested in issue #468.
2015-07-23man: add man for bridge paramsSusant Sahani
2015-07-23networkd: add bridge link propertiesSusant Sahani
new bridge properties br.network [Match] Name=enp0s25 [Network] Bridge=br-test [Bridge] Cost=332 BPDUGuard = true HairPin = true FastLeave = true RootBlock = true UnicastFlood = true
2015-07-23Merge pull request #604 from heftig/masterLennart Poettering
build-sys: Use slim LTO objects if possible
2015-07-23Merge pull request #690 from teg/resolved-fixes-2Lennart Poettering
resolved: assorted fixes v2
2015-07-23resolve: transaction - stop processing packet when found to be invalidTom Gundersen
We were stopping the transaction, but we need to stop processing the packet alltogether.
2015-07-23resolved: packet - fix segfault in truncate()Tom Gundersen
A size_t was being accessed as a char* due to the order of arguments being inverted.
2015-07-23resolved: rr - ignore pseudo types in NSEC(3) bitmapsTom Gundersen
2015-07-23resolved: rr - fix parsing of NSEC3Tom Gundersen
We were appending rather than reading the bitmap.
2015-07-23resolved: rr - don't read past end of RR when parsing NSEC(3)Tom Gundersen
We can never read past the end of the packet, so this seems impossible to exploit, but let's error out early as reading past the end of the current RR is clearly an error. Found by Lennart, based on patch by Daniel.
2015-07-23resolved: rr - SSHFP contains the fingerprint, not the keyTom Gundersen
Rename the field to make this clearer.
2015-07-23resolved: packet - fail on invalid zero-length dataTom Gundersen
Most blobs (keys, signatures, ...) should have a specific size given by the relevant algorithm. However, as we don't use/verify the algorithms yet, let's just ensure that we don't read out zero-length data in cases where this does not make sense. The only exceptions, where zero-length data is allowed are in the NSEC3 salt field, and the generic data (which we don't know anything about, so better not make any assumptions).
2015-07-23Merge pull request #687 from poettering/bitmap-fixesDaniel Mack
bitmap: various clean-ups
2015-07-23bitmap: various clean-upsLennart Poettering
a) use memcmp() to compare bitmaps efficiently b) use UINT64_C() macro instead of ULL suffixes to get right suffix for uint64_t constants c) add a few assert()s d) when comparing integers with 0 we generally try to make this explicit with "!= 0". e) remove redundant bitmap_isset() if check, as we don't have it in bitmap_isset() either. f) It should be fine to invoke bitmap_unset() on a NULL bitmap
2015-07-23Merge pull request #669 from poettering/dns-rr-memdupTom Gundersen
resolve: unify memdup() code when parsing RRs
2015-07-23networkd: ip6gre add support for flowlabelSusant Sahani
2015-07-23sd-netlink: add bridge NL paramsSusant Sahani
2015-07-23Add bridge NL params to missing.hSusant Sahani
2015-07-23Merge pull request #677 from zonque/bitmap2Tom Gundersen
basic: bitmap: use uint64_t instead if long long unsigned
2015-07-23Merge pull request #674 from ssahani/tunnelDaniel Mack
ip6 tunnel: add support for DSCP
2015-07-23man: add man for DSCPSusant Sahani
2015-07-23Merge pull request #537 from poettering/nss-mymachines-usernsDavid Herrmann
Hook up container userns with nss-mymachines
2015-07-23Merge pull request #663 from poettering/tmpfiles-chattr-enottyDaniel Mack
tmpfiles: downgrade errors when a file system does not support file a…
2015-07-23Merge pull request #673 from poettering/dns-packet-append-type-windowDaniel Mack
resolved: make sure we alway initialize *start in dns_packet_append_t…
2015-07-23basic: bitmap: use uint64_t instead if long long unsignedDaniel Mack
long long unsigned is always 64 bit wide, so use a more readable type.
2015-07-23Merge pull request #672 from poettering/bitmap-isclearDaniel Mack
bitmap: bitmap_clear()
2015-07-23networkd: ip6 tunnel add DSCPSusant Sahani
This patch adds support for setting the DSCP field in the ip6 tunnel. when set it inherits DSCP field between inner and outer header.
2015-07-23resolved: make sure we alway initialize *start in ↵Lennart Poettering
dns_packet_append_type_window()
2015-07-23bitmap: bitmap_clear()Lennart Poettering
No need to actually reset the bitmap, we can just truncate it back zero size. That not only makes bitmap_clear() quicker, but also subsequent bitmap_isclear().
2015-07-23resolve: unify memdup() code when parsing RRsLennart Poettering
Let's make dns_packet_read_public_key() more generic by renaming it to dns_packet_read_memdup() (which more accurately describes what it does...). Then, patch all cases where we memdup() RR data to use this new call. This specifically checks for zero-length objects, and handles them gracefully. It will set zero length payload fields as a result. Special care should be taken to ensure that any code using this call can handle the returned allocated field to be NULL if the size is specified as 0!
2015-07-22nspawn: Don't pass uid mount option for devptsMike Gilbert
Mounting devpts with a uid breaks pty allocation with recent glibc versions, which expect that the kernel will set the correct owner for user-allocated ptys. The kernel seems to be smart enough to use the correct uid for root when we switch to a user namespace. This resolves #337.
2015-07-23Merge pull request #667 from poettering/dns-rr-memleakTom Gundersen
resolve: fix two minor memory leaks
2015-07-23Merge pull request #666 from poettering/drop-good-dns-serverTom Gundersen
resolve: drop dns_scope_good_dns_server()
2015-07-23resolve: fix two minor memory leaksLennart Poettering
strv_extend() already strdup()s internally, no need to to this twice. (Also, was missing OOM check...). Use strv_consume() when we already have a string allocated whose ownership we want to pass to the strv. This fixes 50f1e641a93cacfc693b0c3d300bee5df0c8c460.
2015-07-23resolve: drop dns_scope_good_dns_server()Lennart Poettering
It's not used anymore since 29815b6c608b836cada5e349d06a96b63eaa65f3, hence let's remove it from the sources.
2015-07-23Merge pull request #665 from poettering/reword-journal-size-msgDaniel Mack
journal: reword msg about enforced size limits a bit
2015-07-23journal: reword msg about enforced size limits a bitLennart Poettering
http://lists.freedesktop.org/archives/systemd-devel/2015-July/033574.html
2015-07-23Merge pull request #632 from Stebalien/cgls-nspawnDaniel Mack
Machines can also be services
2015-07-22cgls: machines can also be servicesSteven Allen
This makes `systemd-cgls -M <machine name>` work with nspawn containers in systemd 222.
2015-07-22tmpfiles: downgrade errors when a file system does not support file attributesLennart Poettering
This downgrades errors from setting file attributes via tmpfiles to warnings and makes them non-fatal. Also, as a special case, if a file system does not support file attributes at all, then the message is downgraded to debug, so that it is not seen at all. With this change reiserfs should not see any messages at all anymore (since it apparently does not implement file attributes at all), but XFS will still get a warning but no failure. The warning is something the XFS kernel folks should fix though, by adjusting their file attributes behaviour to be identical to ext234's. Fixes #560.
2015-07-22Merge pull request #660 from michich/in-setMichal Schmidt
improve IN_SET macro
2015-07-22basic: more optimizable IN_SET macroMichal Schmidt
Making the array static allows gcc -O2 to generate smaller code: "size systemd" before: text data bss dec hex filename 1377286 128608 2632 1508526 1704ae systemd After: text data bss dec hex filename 1374326 128572 2664 1505562 16f91a systemd (IN_SET still results in worse generated code than using "x == FOO || x == BAR || ...". I don't think we'll be able to match that with the C preprocessor.) This change limits the use of IN_SET to sets with constant elements. All present callers use constants. The compiler would report an "initializer element is not constant" error otherwise.
2015-07-22basic: better readable IN_SET macroMichal Schmidt
Putting the set elements in an array variable and using ELEMENTSOF makes it clearer what's going on. Incidentally, it also makes gcc -O2 generate slightly smaller code: "size systemd", before: text data bss dec hex filename 1378318 128608 2632 1509558 1708b6 systemd After: text data bss dec hex filename 1377286 128608 2632 1508526 1704ae systemd
2015-07-22Merge pull request #654 from ssahani/nlLennart Poettering
network: Add tunnel params