diff options
| author | Julia Kartseva <hex@fb.com> | 2021-06-14 19:14:14 -0700 |
|---|---|---|
| committer | Julia Kartseva <hex@fb.com> | 2021-06-30 00:36:33 -0700 |
| commit | 5587ce7f6ca83b5ae08ad2a73a2b96392b261e9a (patch) | |
| tree | f1d03b4d7331c83f3fbbb462cf8aa466bf2e8fb3 /src/core/cgroup.c | |
| parent | 8bd095aa9a1ec03dd8ccbbf1963d069fb7b2bdda (diff) | |
| download | systemd-5587ce7f6ca83b5ae08ad2a73a2b96392b261e9a.tar.gz | |
fragment: add ip protocol to SocketBind{Allow|Deny}=
Add ip protocol token to SocketBind{Allow|Deny}= property parser.
Use parse_socket_bind_item helper.
Replace int32_t with int in cgroup item for socket-bind as it was
requested in [0].
Update tests.
[0] https://github.com/systemd/systemd/pull/19942#discussion_r652150024
Diffstat (limited to 'src/core/cgroup.c')
| -rw-r--r-- | src/core/cgroup.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/src/core/cgroup.c b/src/core/cgroup.c index 3cec8a5786..1dc5a5b034 100644 --- a/src/core/cgroup.c +++ b/src/core/cgroup.c @@ -20,6 +20,7 @@ #include "fileio.h" #include "fs-util.h" #include "io-util.h" +#include "ip-protocol-list.h" #include "limits-util.h" #include "nulstr-util.h" #include "parse-util.h" @@ -593,18 +594,24 @@ void cgroup_context_dump(Unit *u, FILE* f, const char *prefix) { } void cgroup_context_dump_socket_bind_item(const CGroupSocketBindItem *item, FILE *f) { - const char *family, *colon; + const char *family, *colon1, *protocol = "", *colon2 = ""; family = strempty(af_to_ipv4_ipv6(item->address_family)); - colon = isempty(family) ? "" : ":"; + colon1 = isempty(family) ? "" : ":"; + + if (item->ip_protocol != 0) { + protocol = ip_protocol_to_tcp_udp(item->ip_protocol); + colon2 = ":"; + } if (item->nr_ports == 0) - fprintf(f, " %s%sany", family, colon); + fprintf(f, " %s%s%s%sany", family, colon1, protocol, colon2); else if (item->nr_ports == 1) - fprintf(f, " %s%s%" PRIu16, family, colon, item->port_min); + fprintf(f, " %s%s%s%s%" PRIu16, family, colon1, protocol, colon2, item->port_min); else { uint16_t port_max = item->port_min + item->nr_ports - 1; - fprintf(f, " %s%s%" PRIu16 "-%" PRIu16, family, colon, item->port_min, port_max); + fprintf(f, " %s%s%s%s%" PRIu16 "-%" PRIu16, family, colon1, protocol, colon2, + item->port_min, port_max); } } |