summaryrefslogtreecommitdiff
path: root/src/libsystemd/sd-id128
Commit message (Collapse)AuthorAgeFilesLines
* sd-id128: introduce id128_get_machine() and id128_get_machine_at()Yu Watanabe2023-04-052-0/+37
|
* sd-id128: introduce ID128_REFUSE_NULL flagYu Watanabe2023-04-053-10/+19
|
* sd-id128: introduce id128_write_at()Yu Watanabe2023-04-042-4/+8
|
* sd-id128: introduce id128_read_at()Yu Watanabe2023-04-042-4/+10
|
* sd-id128: rename Id128FormatFlag -> Id128FlagYu Watanabe2023-04-042-13/+13
| | | | As the flag is not only for formatting.
* sd-id128: rename argument and add missing assertionYu Watanabe2023-04-042-6/+10
|
* Revert "sd-id128: make id128_read() optionally take root directory"Yu Watanabe2023-04-043-11/+8
| | | | This reverts commit 830e52caa2bf1a29f56cb93e7ed85acb1bda11c3.
* sd-id128: make id128_read() optionally take root directoryYu Watanabe2023-03-273-8/+11
|
* Include <threads.h> if possible to get thread_local definitionCristian Rodríguez2023-03-061-0/+1
| | | | | | | | | | | | IN C23, thread_local is a reserved keyword and we shall therefore do nothing to redefine it. glibc has it defined for older standard version with the right conditions. v2 by Yu Watanabe: Move the definition to missing_threads.h like the way we define e.g. missing syscalls or missing definitions, and include it by the users. Co-authored-by: Yu Watanabe <watanabe.yu+github@gmail.com>
* id128: introduce ERRNO_IS_MACHINE_ID_UNSET() helper macroLennart Poettering2023-02-011-0/+7
|
* sd-id128: introduce id128_hash_ops_freeYu Watanabe2023-01-192-0/+2
|
* tree-wide: use -EBADF for fd initializationZbigniew Jędrzejewski-Szmek2022-12-191-2/+2
| | | | | | | | | | | | | | | | -1 was used everywhere, but -EBADF or -EBADFD started being used in various places. Let's make things consistent in the new style. Note that there are two candidates: EBADF 9 Bad file descriptor EBADFD 77 File descriptor in bad state Since we're initializating the fd, we're just assigning a value that means "no fd yet", so it's just a bad file descriptor, and the first errno fits better. If instead we had a valid file descriptor that became invalid because of some operation or state change, the other errno would fit better. In some places, initialization is dropped if unnecessary.
* sd-id128: also refuse an empty invocation IDYu Watanabe2022-12-151-0/+3
|
* sd-id128: allow sd_id128_get_machine() and friend to be called with NULLYu Watanabe2022-12-151-18/+10
| | | | It may be useful to check if the machine ID or friends is set or not.
* sd-id128: make sd_id128_get_machine() or friends return -EUCLEAN when an ID ↵Yu Watanabe2022-12-152-15/+19
| | | | | | | | | | | is in an invalid format EINVAL suggests that the caller passes an invalid argument. EIO is for "input/output error", i.e. the error you'd get if the disk or file system is borked, and this error code could be returned by the underlying read/write functions. Let's make the functions return an unambiguous error code.
* sd-id128: fold do_sync flag into Id128FormatFlagYu Watanabe2022-12-122-6/+8
|
* sd-id128: make sd_id128_get_boot() and friend return -ENOSYS when /proc/ is ↵Yu Watanabe2022-12-121-0/+3
| | | | not mounted
* sd-id128: make sd_id128_get_boot() and friend return -ENOMEDIUMYu Watanabe2022-12-121-0/+3
|
* sd-id128: make id128_read() or friends return -ENOPKG when the file contents ↵Yu Watanabe2022-12-123-34/+32
| | | | | | | | | is "uninitialized" Then, this drops ID128_PLAIN_OR_UNINIT. Also, this renames Id128Format -> Id128FormatFlag, and make it bitfield. Fixes #25634.
* sd-id128: several cleanupsYu Watanabe2022-12-122-46/+33
| | | | | | - use SD_ID128_STRING_MAX or friend, - use sizeof(sd_id128_t), - use newly introduced ascii_ishex().
* basic: rename util.h to logarithm.hZbigniew Jędrzejewski-Szmek2022-11-081-1/+0
| | | | | util.h is now about logarithms only, so we can rename it. Many files included util.h for no apparent reason… Those includes are dropped.
* tree-wide: add global ascii_isdigit() + ascii_isalpha()Lennart Poettering2022-07-051-2/+2
| | | | | | | | We now have a local implementation in string-util-fundamental.c, but it's useful at a lot of other places, hence let's give it a more expressive name and share it across the tree. Follow-up for: 8d9156660d6958c8d63b1d44692968f1b5d33920
* sd-id128: don't allow chars > f in valid id128 valuesLennart Poettering2022-07-051-4/+4
|
* sd-id128: rename and export sd_id128_string_equal()Zbigniew Jędrzejewski-Szmek2022-06-303-18/+16
| | | | | | | | We find this function useful in our code, so no reason not to export it. I changed the order of last two words in the name to match the arguments. (With "equal_string" I expected sd_id128_t first, string second, but in actual use, the second argument is usually a long constant so it's nice to keep this order of arguments.)
* fix: sd_id128_get_invocation now works for user servicesi-do-cpp2022-06-101-1/+4
|
* Simplify random number selectionJason A. Donenfeld2022-05-311-4/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We currently have a convoluted and complex selection of which random numbers to use. We can simplify this down to two functions that cover all of our use cases: 1) Randomness for crypto: this one needs to wait until the RNG is initialized. So it uses getrandom(0). If that's not available, it polls on /dev/random, and then reads from /dev/urandom. This function returns whether or not it was successful, as before. 2) Randomness for other things: this one uses getrandom(GRND_INSECURE). If it's not available it uses getrandom(GRND_NONBLOCK). And if that would block, then it falls back to /dev/urandom. And if /dev/urandom isn't available, it uses the fallback code. It never fails and doesn't return a value. These two cases match all the uses of randomness inside of systemd. I would prefer to make both of these return void, and get rid of the fallback code, and simply assert in the incredibly unlikely case that /dev/urandom doesn't exist. But Luca disagrees, so this commit attempts to instead keep case (1) returning a return value, which all the callers already check, and fix the fallback code in (2) to be less bad than before. For the less bad fallback code for (2), we now use auxval and some timestamps, together with various counters representing the invocation, hash it all together and provide the output. Provided that AT_RANDOM is secure, this construction is probably okay too, though notably it doesn't have any forward secrecy. Fortunately, it's only used by random_bytes() and not by crypto_random_bytes().
* random-util: remove RDRAND usageJason A. Donenfeld2022-03-141-3/+1
| | | | | | | | | | | | | | | | | | | /dev/urandom is seeded with RDRAND. Calling genuine_random_bytes(..., ..., 0) will use /dev/urandom as a last resort. Hence, we gain nothing here by having our own RDRAND wrapper, because /dev/urandom already is based on RDRAND output, even before /dev/urandom has fully initialized. Furthermore, RDRAND is not actually fast! And on each successive generation of new x86 CPUs, from both AMD and Intel, it just gets slower. This commit simplifies things by just using /dev/urandom in cases where we before might use RDRAND, since /dev/urandom will always have RDRAND mixed in as part of it. And above where I say "/dev/urandom", what I actually mean is GRND_INSECURE, which is the same thing but won't generate warnings in dmesg.
* id128-util: add new helper id128_equal_string()Lennart Poettering2022-02-142-0/+18
| | | | | | | | | Quite often we compare uuids/id128 formatted as strings with specific values. So far we usually used streq() for that. let's add a new explicit helper for this in id128_equal_string() that compares a string with an sd_id128_t and is more robust than a simple string comparison. Moreover, we can mroe easily reuse the various defines we have for specific UUIDs, for example those from gpt.h.
* sd128: export sd_id128_to_uuid_string()Lennart Poettering2022-02-143-39/+30
| | | | | | | | | We expose various other forms of UUID helpers already, i.e. SD_ID128_UUID_FORMAT_STR and SD_ID128_MAKE_UUID_STR(), and we parse UUIDs, hence add a high-level helper for formatting UUIDs too. This doesn't add any new code, it just moves some helpers id128-util.[ch] → sd-id128.[ch], to make them public.
* sd-id128: use /proc/device-treeYu Watanabe2021-11-111-1/+1
|
* libsystemd/sd-id128: use only internal hmac, remove khash/OpenSSL supportLuca Boccassi2021-10-081-39/+4
| | | | | | | | | | | | | Using OpenSSL brings in an additional dependency for all users of libsystemd.so even though it's just one API that makes use of it. The khash implementation is awkward as it requires context switches and computation inside the kernel, thus leaving the process. Remove both from libsystemd.so, and use exclusively the internal hmac fallback. While this is not optimized, the sd-id128 API is not used in performance-critical contexts where hardware acceleration would make a noticeable difference.
* basic: split out sync() family of calls from fs-util.[ch] into new c/h fileLennart Poettering2021-10-051-5/+2
| | | | No changes in code, just some splitting out.
* sd-id128: add compound literal love to sd_id128_to_string() + ↵Lennart Poettering2021-08-201-0/+2
| | | | id128_to_uuid_string()
* sd-id128: make sure sd_id128_get_machine_app_specific() logic also works ↵Lennart Poettering2021-07-081-3/+26
| | | | | | | | | | | without "khash" So, as it turns out AF_ALG is turned off in a lot of kernels/container environments, including our CI. Hence, if we link against OpenSSL anyway, let's just use that client side. It's also faster. One of those days we should drop the khash code, and ust use OpenSSL, once the licensing issues are resolved.
* id128-util: use common implementation of helper to get/validate product IDLennart Poettering2021-04-292-0/+24
|
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-093-3/+3
|
* id128: add format which treats "uninitialized" like an empty idHarald Seiler2020-10-192-1/+11
| | | | | | | Add a new ID128_PLAIN_OR_UNINIT format which treats the string "uninitialized" like the file was empty and return -ENOMEDIUM. This format should be used when reading an /etc/machine-id file from an image that is not currently running.
* id128: move make_v4_uuid into id128-util.h to make it generally usefulLennart Poettering2020-01-203-15/+17
|
* id128: introduce ID128_UUID_STRING_MAX for sizing UUID buffersLennart Poettering2019-12-102-2/+4
|
* tree-wide: drop missing.hYu Watanabe2019-10-311-1/+1
|
* sd-id128: expose ID128_UUID_FORMAT_STRZbigniew Jędrzejewski-Szmek2019-04-051-3/+0
| | | | | It is generally useful, and can be made public in the same manner that SD_ID128_FORMAT_STR is.
* sd-id128: look for invocation id in environment first, keyring secondZbigniew Jędrzejewski-Szmek2019-03-211-18/+9
| | | | | | | | | | | As general principle, we generally check command line args first, the enviroment second, and external configuration and system state only later. In case of the invocation ID, checking the keyring before the environment was implemented as a poor-man's security measure. But this is not really useful, since we're moving within the same security boundary. So let's just do the expected thing, and check environment first. Prompted by https://github.com/systemd/systemd/pull/11991#issuecomment-474647652.
* sd-id128: split the logic obtaining invocation ID from sd_id128_get_invocation()Yu Watanabe2019-03-151-7/+13
|
* Use c99 static array size declarations in exported functions tooZbigniew Jędrzejewski-Szmek2019-01-041-1/+1
| | | | | | | | | | | | | | | | | | It seems quite useful to provide this additional information in public exported functions. This is a c99 feature, not supported in C++. Without the check in _sd-common.h: FAILED: test-bus-vtable-cc@exe/src_libsystemd_sd-bus_test-bus-vtable-cc.cc.o ... In file included from ../src/libsystemd/sd-bus/test-bus-vtable-cc.cc:9: In file included from ../src/systemd/sd-bus-vtable.h:26: In file included from ../src/systemd/sd-bus.h:26: ../src/systemd/sd-id128.h:38:47: error: static array size is a C99 feature, not permitted in C++ char *sd_id128_to_string(sd_id128_t id, char s[static SD_ID128_STRING_MAX]); ^ In .c files, I opted to use the define for consistency, even though we don't support compilation with a C++ compiler, so the unconditional keyword would work too.
* tree-wide: make hash_ops typesafeYu Watanabe2018-12-022-9/+6
|
* random-util: optionally allow randomness to be generated via RDRANDLennart Poettering2018-11-081-1/+3
| | | | | | | | We only use this when we don't require the best randomness. The primary usecase for this is UUID generation, as this means we don't drain randomness from the kernel pool for them. Since UUIDs are usually not secrets RDRAND should be goot enough for them to avoid real-life collisions.
* random-util: change high_quality_required bool parameter into a flags parameterLennart Poettering2018-11-081-1/+1
| | | | No change in behaviour, just some refactoring.
* random-util: rename acquire_random_bytes() → genuine_random_bytes()Lennart Poettering2018-11-081-1/+1
| | | | | | | | | It's more descriptive, since we also have a function random_bytes() which sounds very similar. Also rename pseudorandom_bytes() to pseudo_random_bytes(). This way the two functions are nicely systematic, one returning genuine random bytes and the other pseudo random ones.
* sd-id128: add sd_id128_get_boot_app_specific()Zbigniew Jędrzejewski-Szmek2018-10-021-8/+30
|
* tree-wide: drop double newlineYu Watanabe2018-06-291-1/+0
|
View Lorry Controller Status