morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-15 00:47:10 +09:00
Code Issues Packages Projects Releases Wiki Activity
76,705 Commits 1 Branch 0 Tags
d693c483a2bb3eae490fd78d68fc16d0a731fee2
Commit Graph

51388 Commits

Author SHA1 Message Date
Lennart Poettering
d693c483a2 seccomp: allowlist uretprobe() syscall 
This is a new syscall provided by the kernel used to implement faster
uprobes. It's not supposed to be called by userspace, but only by kernel
generated uprobe code.

It should be fine to allow this, as the kernel authenticates the
invocation itself, and we shouldn't break compat with things.

Note that this allowlisting is not sufficient to make ureprobe() work.
libseccomp must be tought the syscall too, but this can happen
independently.

Fixes: #34615
 2024-10-11 11:57:40 +02:00
Daan De Meyer
2d0af8bc35 rpm/systemd-update-helper: Use systemctl reload to reexec/reload user managers 
Let's always use systemctl reload to reexec and reload user managers
now that it always implies a reexec. This moves all the job management
logic to pid 1 instead of bash and reduces the complexity of the logic
as we remove systemd-run, pam and systemd-stdio-bridge from the equation.
 2024-10-11 10:36:08 +02:00
Mike Yuan
155098a702 core/manager-serialize: drop serialization for Manager.ready_sent 
This field indicates whether READY=1 has been sent to
the service manager/supervisor. Whenever we reload/reexec/soft-reboot,
manager_send_reloading() always resets it to false first,
so that READY=1 is sent after reloading finishes. Hence
we utterly get "false" at all times. Kill it.
 2024-10-11 10:36:08 +02:00
Mike Yuan
da81a10865 core/manager: still send out STATUS=Ready for user manager 
This effectively reverts 37d15cd132.

The offending commit wrongly assumed that the second READY=1
notification is for system scope only, but it also serves the purpose
of flushing out previous STATUS= containing user unit job status.
 2024-10-11 10:36:05 +02:00
Yu Watanabe
ba8d48be64 sd-netlink: introduce two more _get_family() 
Then, use them in sd_rtnl_message_get_family().
 2024-10-11 02:53:00 +09:00
Yu Watanabe
9b8cb789dd sd-netlink,network: rename functions and RoutingPolicyRule.type 
To make them consistent to the netlink message header.
No functional change, just refactoring.
 2024-10-11 02:52:58 +09:00
Yu Watanabe
2bc1d78345 sd-netlink: introduce macros to define sd_rtnl_message setters and getters 2024-10-11 02:52:26 +09:00
Yu Watanabe
2fcaeaaaf6 sd-netlink: make size verifier in sd_netlink_message_read_xyz() stricter 
Also, fill remaining output buffer with zero, for safety.
 2024-10-11 02:38:16 +09:00
Yu Watanabe
768237e73a sd-netlink: shorten sd_netlink_message_read_string_strdup() a bit 2024-10-11 02:38:16 +09:00
Yu Watanabe
ae298c938b sd-netlink: various cleanups 
- use uint8_t, uint16_t, and so on, rather than unsigned char, unsigned
  short, and so on, respectively,
- rename output parameters to ret or ret_xyz,
- add several missing assertions.
 2024-10-11 02:38:16 +09:00
Jörg Behrmann
e9984357ad ukify: Fix systemd-measure detection in tests 
Fixes: 206fa93c85
 2024-10-10 15:59:33 +02:00
Yu Watanabe
70516b026b Merge pull request #34684 from yuwata/login-scheduled-shutdown 
login: allow to cancel delayed action by CancelScheduledShutdown()
 2024-10-10 19:32:52 +09:00
Yu Watanabe
ff5ba2d6fe sd-event: rename output parameters to ret 2024-10-10 19:02:53 +09:00
Lennart Poettering
50ed3b1682 machined: use sd_json_dispatch_uint() when parsing CID 
This is preferable, because we will accept CIDs encoded as strings too
now, as we do for all other integers. Also, it's shorter. Yay!
 2024-10-10 11:34:47 +02:00
Yu Watanabe
6e27477666 ukify: fix return value type of resolve_at_path() 
Follow-up for eca003de2f.
 2024-10-10 08:02:13 +02:00
Darsey Litzenberger
4bc7a54d75 network/dhcp4: add support for ARPHRD_RAWIP and ARPHRD_NONE network interface types 
This should fix QMI wwan modems, as noted in
https://github.com/systemd/systemd/issues/27219
 2024-10-10 09:29:30 +09:00
Yu Watanabe
67226c3cb1 repart: fix typo 
Follow-up for d3032e651e.
 2024-10-10 05:30:11 +09:00
Yu Watanabe
d866b0135f core/mount: fix typo 
Follow-up for 00ad3f0227.
 2024-10-10 05:29:08 +09:00
Yu Watanabe
a029550507 Merge pull request #34687 from DaanDeMeyer/mkosi 
Various fixes
 2024-10-10 05:26:14 +09:00
Yu Watanabe
2a796b9f52 stub: reindent lines 
Follow-up for 2ea0487c1b.
 2024-10-10 05:16:36 +09:00
Daan De Meyer
46536e1d6c efi-loader: Add @ to valid characters 
This is now a valid character with the introduction of multi UKI
profiles, so update the function to allow it.
 2024-10-09 20:36:57 +02:00
Daan De Meyer
8c5697182a boot: Introduce file_size and use it when we're working with file_offset 
When we're reading a section from disk, use file_size to use the
size on disk instead of the size in memory.
 2024-10-09 20:36:57 +02:00
Daan De Meyer
78f6571505 boot: Rename pe section size to memory_size 
Let's clearly indicate this is the size in memory and not the size
on disk, these two are not guaranteed to be the same.
 2024-10-09 20:36:57 +02:00
Daan De Meyer
224aa31f4a ukify: Read .profile from path starting with @ 2024-10-09 20:36:57 +02:00
Daan De Meyer
eca003de2f ukify: Introduce resolve_at_path() 2024-10-09 20:36:55 +02:00
Yu Watanabe
f16d33f3a7 Merge pull request #34665 from poettering/fastopen-fallback 
resolved: fix MSG_FASTOPEN fallback logic
 2024-10-10 03:21:35 +09:00
Daan De Meyer
be64d42f9f ukify: Fix off by one error 
We weren't measuring the profile section itself.
 2024-10-09 19:51:08 +02:00
Yu Watanabe
e318675398 Merge pull request #34641 from behrmann/ukifystyle 
Type annotate and format ukify
 2024-10-10 02:21:29 +09:00
Yu Watanabe
0bba543573 logind: add comment why we save action in execute_shutdown_or_sleep() 
When I first read the code, I was confused about that. Hopefully, this
helps maintain code a bit.
 2024-10-10 01:59:53 +09:00
Yu Watanabe
70eedbafd9 login: use event_reset_time_relative() at one more place 2024-10-10 01:59:53 +09:00
Yu Watanabe
e4b138548f login: provide delayed action in ScheduledShutdown property 
Even though we can get the existence of delayed action through
PreparingForShutdownWithMetadata property or friends, for consistency
with CancelScheduledShutdown() method, it is better to also provide the
information through ScheduledShutdown property.
 2024-10-10 01:59:31 +09:00
Yu Watanabe
dc09c61f19 login: allow to cancel delayed action by CancelScheduledShutdown() 
Fixes #34554.
 2024-10-10 01:43:21 +09:00
Yu Watanabe
fa3faf8abb Merge pull request #34636 from WilliButz/repart/verity-hash-max-data-size 
repart: support verity hash partitions sized for custom data size
 2024-10-10 00:51:40 +09:00
Yu Watanabe
af1a594b55 Merge pull request #34691 from poettering/polkit-varlink-field-macro 
polkit: introduce common macro for generating polkit allowInteractive…
 2024-10-10 00:44:29 +09:00
Matteo Croce
c230c9a3e0 network/sysctl-monitor: change variable type to avoid preverifier denial 
The compiler clones the u32 i variable to another register, and fails to
calculate the range of possible values, so the verification fails.

    libbpf: prog 'sysctl_monitor': BPF program load failed: Permission denied
    libbpf: prog 'sysctl_monitor': -- BEGIN PROG LOAD LOG --
    0: R1=ctx() R10=fp0
    ; int sysctl_monitor(struct bpf_sysctl *ctx) { @ sysctl-monitor.bpf.c:65
    0: (bf) r6 = r1                       ; R1=ctx() R6_w=ctx()
    ; if (bpf_current_task_under_cgroup(&cgroup_map, 0)) @ sysctl-monitor.bpf.c:69
    1: (18) r1 = 0xffff892a0fda9c00       ; R1_w=map_ptr(map=cgroup_map,ks=4,vs=4)
    3: (b7) r2 = 0                        ; R2_w=0
    4: (85) call bpf_current_task_under_cgroup#37         ; R0_w=scalar()
    5: (55) if r0 != 0x0 goto pc+88       ; R0_w=0
    ; if (!ctx->write) @ sysctl-monitor.bpf.c:73
    6: (61) r1 = *(u32 *)(r6 +0)          ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6_w=ctx()
    7: (15) if r1 == 0x0 goto pc+86       ; R1_w=scalar(smin=umin=umin32=1,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
    8: (b7) r1 = 1                        ; R1_w=1
    ; we.version = 1; @ sysctl-monitor.bpf.c:81
    9: (7b) *(u64 *)(r10 -480) = r1       ; R1_w=1 R10=fp0 fp-480_w=1
    10: (b7) r8 = 0                       ; R8_w=0
    ; we.path[0] = 0; @ sysctl-monitor.bpf.c:83
    11: (73) *(u8 *)(r10 -440) = r8       ; R8_w=0 R10=fp0 fp-440=???????0
    ; we.newvalue[0] = 0; @ sysctl-monitor.bpf.c:86
    12: (73) *(u8 *)(r10 -180) = r8       ; R8_w=0 R10=fp0 fp-184=???0????
    ; we.current[0] = 0; @ sysctl-monitor.bpf.c:85
    13: (73) *(u8 *)(r10 -340) = r8       ; R8_w=0 R10=fp0 fp-344=???0????
    ; we.comm[0] = 0; @ sysctl-monitor.bpf.c:84
    14: (73) *(u8 *)(r10 -456) = r8       ; R8_w=0 R10=fp0 fp-456=???????0
    ; we.pid = bpf_get_current_pid_tgid() >> 32; @ sysctl-monitor.bpf.c:89
    15: (85) call bpf_get_current_pid_tgid#14     ; R0=scalar()
    16: (77) r0 >>= 32                    ; R0_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
    17: (63) *(u32 *)(r10 -472) = r0      ; R0_w=scalar(id=1,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-472=????scalar(id=1,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
    ; we.cgroup_id = bpf_get_current_cgroup_id(); @ sysctl-monitor.bpf.c:90
    18: (85) call bpf_get_current_cgroup_id#80    ; R0_w=s
    libbpf: prog 'sysctl_monitor': failed to load: -13
    libbpf: failed to load object 'sysctl_monitor_bpf'
    libbpf: failed to load BPF skeleton 'sysctl_monitor_bpf': -13
    Unable to load sysctl monitor BPF program, ignoring: Permission denied.

Change the type to u64 to fix it.
 2024-10-09 17:36:21 +02:00
Lennart Poettering
1913ffb894 namespace: rename drop_unused_mounts() → sort_and_drop_unused_mounts() 
The function sorts the listed mounts, and that's kinda key, hence
reflect that in the name.
 2024-10-09 16:23:13 +01:00
Lennart Poettering
e47dbf5b4e polkit: introduce common macro for generating polkit allowInteractiveAuth varlink method call IDL field 
We define the same field at many places, let's add a macro with it, that
also contains a suitable description comment.
 2024-10-09 15:41:58 +02:00
Tobias Fleig
2ea0487c1b stub: Add support for .initrd addon files 
Teaches systemd-stub how to load additional initrds from addon files.
This is very similar to the support for .ucode sections in addon files,
but with different ordering. Initrds from addons have a chance to
overwrite files from the base initrd in the UKI.
 2024-10-09 14:06:10 +01:00
WilliButz
d3032e651e repart: derive hash partition size from SizeMaxBytes= of data sibling 
This change makes it possible for repart to create dm-verity hash
partitions for a custom amount of protected data. When the property
`SizeMaxBytes=` is specified for a dm-verity data partition, the size
of the corresponding hash partition is set to accommodate hash data
for this maximum size, rather than the actual contents its data
sibling. However, the contained hash data continues to be generated
from said sibling.
 2024-10-09 13:20:14 +02:00
Jörg Behrmann
180f957acc ukify: Factor out sbat into constants 2024-10-09 12:11:57 +02:00
Jörg Behrmann
206fa93c85 ukify: Ensure that find_tool always returns a tool or throws an error 
This also makes the error message configurable, so that find_sbsign and
find_pesign can be inlined again.
 2024-10-09 12:11:57 +02:00
Jörg Behrmann
3d2144a214 ukify: Move summary option handling out of finalize_options 
This way finalize_options will not call sys.exit by itself.
 2024-10-09 12:11:57 +02:00
Jörg Behrmann
e95193504b ukify: Type-annotate ukify 2024-10-09 12:11:57 +02:00
Jörg Behrmann
2572afa405 ukify: Make it lint clean 2024-10-09 12:11:57 +02:00
Jörg Behrmann
521bc9c6c0 ukify: Use OSError insteead of IOError 
The latter was deprecated for the former and is only an alias for it.
 2024-10-09 11:58:02 +02:00
Jörg Behrmann
89842331fb ukify: Use non-deprecated import for Sequence 2024-10-09 11:58:02 +02:00
Jörg Behrmann
8abfd07ea1 ukify: Sort imports 2024-10-09 11:58:02 +02:00
Jörg Behrmann
35d92c0367 ukify: Import Path directly 2024-10-09 11:58:02 +02:00
Jörg Behrmann
6a28cae99a ukify: Format with ruff 2024-10-09 11:58:02 +02:00
Daan De Meyer
61808636a7 Merge pull request #34679 from DaanDeMeyer/bus-log 
Various logging improvements
 2024-10-09 11:42:26 +02:00