summaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* switch-root: add a comment regarding the safety limits of rm_rf_children()Lennart Poettering2023-05-171-0/+2
|
* Merge pull request #27606 from YHNdnzj/loginctl-list-show-stateYu Watanabe2023-05-171-25/+68
|\ | | | | loginctl: list-{users,sessions}: add a column for showing state
| * loginctl: list-sessions: also show stateMike Yuan2023-05-161-3/+20
| |
| * loginctl: list-sessions: minor modernizationMike Yuan2023-05-161-18/+19
| |
| * loginctl: list-users: also show stateMike Yuan2023-05-161-5/+30
| |
* | Merge pull request #27655 from ↵Yu Watanabe2023-05-1722-89/+176
|\ \ | | | | | | | | | | | | yuwata/udev-net-assign-alternative-names-only-on-add-event udev/net: assign alternative names only on add event
| * | udev/net: assign alternative names only on add ueventYu Watanabe2023-05-165-31/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, we first assign alternative names to a network interface, then later change its main name if requested. So, we could not assign the name that currently assigned as the main name of an interface as an alternative name. So, we retry to assign the previous main name as an alternative name on later move uevent. However, that causes some confusing situation. E.g. if a .link file has ``` Name=foo AlternativeNames=foo baz ``` then even if the interface is renamed by a user e.g. by invoking 'ip link' command manually, the interface can be still referenced as 'foo', as the name is now assigned as an alternative name. This makes the order of name assignment inverse: the main name is first changed, and then the requested alternative names are assigned. And udevd do not assign alternative names on move uevent. Replaces #27506.
| * | sd-netlink: make rtnl_set_link_name() optionally append alternative namesYu Watanabe2023-05-164-24/+78
| | |
| * | udev/net: generate new network interface name only on add ueventYu Watanabe2023-05-161-1/+1
| | | | | | | | | | | | | | | On other uevents, the name will be anyway ignored in rename_netif() in udev-event.c.
| * | udev/net: verify ID_NET_XYZ before trying to assign it as an alternative nameYu Watanabe2023-05-161-1/+1
| | |
| * | udev: make udev_builtin_run() take UdevEvent*Yu Watanabe2023-05-1616-31/+41
| | | | | | | | | | | | No functional change, preparation for later commits.
| * | udev: use SYNTHETIC_ERRNO() at one more placeYu Watanabe2023-05-161-2/+1
| |/
* | Merge pull request #27651 from mrc0mmand/more-nspawn-testsFrantisek Sumsal2023-05-163-30/+30
|\ \ | | | | | | nspawn: OCI related fixes & tests
| * | nspawn: make sure the device type survives when setting device modeFrantisek Sumsal2023-05-161-1/+1
| | |
| * | nspawn: fix a global-buffer-overflowFrantisek Sumsal2023-05-161-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Whoopsie. ================================================================= ==3789231==ERROR: AddressSanitizer: global-buffer-overflow on address 0x00000051d0b8 at pc 0x7f70850bc904 bp 0x7ffd9bbdf660 sp 0x7ffd9bbdf658 READ of size 8 at 0x00000051d0b8 thread T0 #0 0x7f70850bc903 in json_dispatch ../src/shared/json.c:4347 #1 0x4a5b54 in oci_seccomp_syscalls ../src/nspawn/nspawn-oci.c:1838 #2 0x7f70850bd359 in json_dispatch ../src/shared/json.c:4395 #3 0x4a668c in oci_seccomp ../src/nspawn/nspawn-oci.c:1905 #4 0x7f70850bd359 in json_dispatch ../src/shared/json.c:4395 #5 0x4a7d8c in oci_linux ../src/nspawn/nspawn-oci.c:2030 #6 0x7f70850bd359 in json_dispatch ../src/shared/json.c:4395 #7 0x4aa31c in oci_load ../src/nspawn/nspawn-oci.c:2198 #8 0x446cec in load_oci_bundle ../src/nspawn/nspawn.c:4744 #9 0x44ffa7 in run ../src/nspawn/nspawn.c:5477 #10 0x4552fb in main ../src/nspawn/nspawn.c:5920 #11 0x7f7083a4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f) #12 0x7f7083a4a5c8 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x275c8) #13 0x40d284 in _start (/home/fsumsal/repos/@systemd/systemd/build-san/systemd-nspawn+0x40d284) 0x00000051d0b8 is located 40 bytes to the left of global variable 'bus_standard_errors_copy_0' defined in '../src/libsystemd/sd-bus/bus-error.h:57:1' (0x51d0e0) of size 8 0x00000051d0b8 is located 0 bytes to the right of global variable 'table' defined in '../src/nspawn/nspawn-oci.c:1829:43' (0x51d040) of size 120 SUMMARY: AddressSanitizer: global-buffer-overflow ../src/shared/json.c:4347 in json_dispatch Shadow bytes around the buggy address: 0x00008009b9c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x00008009b9d0: 00 00 00 00 f9 f9 f9 f9 00 00 00 00 00 00 00 00 0x00008009b9e0: 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 0x00008009b9f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x00008009ba00: 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 =>0x00008009ba10: 00 00 00 00 00 00 00[f9]f9 f9 f9 f9 00 f9 f9 f9 0x00008009ba20: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00 0x00008009ba30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x00008009ba40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x00008009ba50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x00008009ba60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==3789231==ABORTING
| * | nspawn: fix inverted conditionFrantisek Sumsal2023-05-161-1/+1
| | |
| * | nspawn: call json_dispatch() with a correct pointerFrantisek Sumsal2023-05-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Otherwise hilarity ensues: AddressSanitizer:DEADLYSIGNAL ================================================================= ==722==ERROR: AddressSanitizer: SEGV on unknown address 0xffffffff00000000 (pc 0x7f8d50ca9ffb bp 0x7fff11b0d4a0 sp 0x7fff11b0cc30 T0) ==722==The signal is caused by a READ memory access. #0 0x7f8d50ca9ffb in __interceptor_strcmp.part.0 (/lib64/libasan.so.8+0xa9ffb) #1 0x7f8d4f9cf5a1 in strcmp_ptr ../src/fundamental/string-util-fundamental.h:33 #2 0x7f8d4f9cf5f8 in streq_ptr ../src/fundamental/string-util-fundamental.h:46 #3 0x7f8d4f9d74d2 in free_and_strdup ../src/basic/string-util.c:948 #4 0x49139a in free_and_strdup_warn ../src/basic/string-util.h:197 #5 0x4923eb in oci_absolute_path ../src/nspawn/nspawn-oci.c:139 #6 0x7f8d4f6bd359 in json_dispatch ../src/shared/json.c:4395 #7 0x4a8831 in oci_hooks_array ../src/nspawn/nspawn-oci.c:2089 #8 0x7f8d4f6bd359 in json_dispatch ../src/shared/json.c:4395 #9 0x4a8b56 in oci_hooks ../src/nspawn/nspawn-oci.c:2112 #10 0x7f8d4f6bd359 in json_dispatch ../src/shared/json.c:4395 #11 0x4aa298 in oci_load ../src/nspawn/nspawn-oci.c:2197 #12 0x446cec in load_oci_bundle ../src/nspawn/nspawn.c:4744 #13 0x44ffa7 in run ../src/nspawn/nspawn.c:5477 #14 0x4552fb in main ../src/nspawn/nspawn.c:5920 #15 0x7f8d4e04a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f) #16 0x7f8d4e04a5c8 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x275c8) #17 0x40d284 in _start (/usr/bin/systemd-nspawn+0x40d284) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/lib64/libasan.so.8+0xa9ffb) in __interceptor_strcmp.part.0 ==722==ABORTING
| * | nspawn: all hooks should be arrays of objects, not just objectsFrantisek Sumsal2023-05-161-3/+3
| | | | | | | | | | | | See: https://github.com/opencontainers/runtime-spec/blob/v1.0.0/config.md#posix-platform-hooks
| * | nspawn: use the just returned errno in the log messageFrantisek Sumsal2023-05-161-1/+1
| | | | | | | | | | | | | | | | | | | | | Use the returned errno even though we are going to ignore it, otherwise the log message is just confusing: config.json:119:13: Failed to resolve device node 4:2, ignoring: Success
| * | nspawn: disableOOMKiller should be boolean, not intFrantisek Sumsal2023-05-161-7/+7
| | | | | | | | | | | | See: https://github.com/opencontainers/runtime-spec/blob/v1.0.0/config-linux.md#memory
| * | nspawn: modernize the cleanup functions a bitFrantisek Sumsal2023-05-161-16/+12
| | |
| * | nspawn: avoid NULL pointer dereferenceFrantisek Sumsal2023-05-162-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When merging the settings we take the pointer to the array of extra devices, but don't reset the array counter to zero. This later leads to a NULL pointer dereference, where device_node_array_free() attempts to loop over a NULL pointer: + systemd-nspawn --oci-bundle=/var/lib/machines/testsuite-13.oci-bundle.Npo ../src/nspawn/nspawn-settings.c:118:29: runtime error: member access within null pointer of type 'struct DeviceNode' #0 0x4b91ee in device_node_array_free ../src/nspawn/nspawn-settings.c:118 #1 0x4ba42a in settings_free ../src/nspawn/nspawn-settings.c:161 #2 0x410b79 in settings_freep ../src/nspawn/nspawn-settings.h:249 #3 0x446ce8 in load_oci_bundle ../src/nspawn/nspawn.c:4733 #4 0x44ff42 in run ../src/nspawn/nspawn.c:5476 #5 0x455296 in main ../src/nspawn/nspawn.c:5919 #6 0x7f0cb7a4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f) #7 0x7f0cb7a4a5c8 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x275c8) #8 0x40d284 in _start (/usr/bin/systemd-nspawn+0x40d284) SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../src/nspawn/nspawn-settings.c:118:29 in Also, add an appropriate assert to catch such issues in the future.
| * | nspawn: file system namespace -> mount namespaceFrantisek Sumsal2023-05-151-1/+1
| | |
| * | nspawn: fix a typo in an error messageFrantisek Sumsal2023-05-151-1/+1
| | |
* | | Merge pull request #27659 from yuwata/memfd-sealMike Yuan2023-05-164-2/+48
|\ \ \ | | | | | | | | memfd-util: handle F_SEAL_EXEC flag
| * | | test: add basic test for memfd_set_sealed() and memfd_get_sealed()Yu Watanabe2023-05-162-0/+31
| | | |
| * | | memfd-util: set F_SEAL_EXEC flag if supportedYu Watanabe2023-05-161-1/+7
| | | |
| * | | memfd-util: memfd may also have F_SEAL_EXEC flagYu Watanabe2023-05-161-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | Follow-up for c29715a8f77d96cd731b4a3083b3a852b3b61eb8. Fixes #27608.
| * | | missing: add more F_SEAL_XYZ flagsYu Watanabe2023-05-161-0/+8
| | |/ | |/|
* | | Merge pull request #27638 from YHNdnzj/upheldby-unit-fileMike Yuan2023-05-167-13/+39
|\ \ \ | | | | | | | | unit-file: support UpheldBy= in [Install] settings (adding Upholds= deps from .upholds/)
| * | | test: add tests for UpheldBy= in [Install] sectionMike Yuan2023-05-151-2/+10
| | | |
| * | | unit-file: support UpheldBy= in [Install] settings (adding Upholds= depsMike Yuan2023-05-156-11/+29
| | |/ | |/| | | | | | | | | | | | | from .upholds/) Closes #26896
* | | Merge pull request #27573 from poettering/sd-bus-descriptionLennart Poettering2023-05-169-112/+346
|\ \ \ | | | | | | | | sd-bus: pass bus description (and comm name) to per via socket address binding on AF_UNIX
| * | | busctl: set a description for the bus connectionLennart Poettering2023-05-161-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Unlike most other bus connections in our codebase this one is created manually and every setting set invididually. It hence does not have a description by default (as all automatic connections have). Set one explicitly.
| * | | pid1: debug log client comm/description strings if available for incoming ↵Lennart Poettering2023-05-161-2/+20
| | | | | | | | | | | | | | | | | | | | | | | | connections Very useful for debugging, to see which clients actually connect.
| * | | test: add testcase for the new sockaddr metainfo logicLennart Poettering2023-05-162-0/+131
| | | |
| * | | sd-bus: use the new information in the client's sockaddr in the creds structureLennart Poettering2023-05-163-2/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Now that clients might convey comm/description strings via the sockaddr, let's actually use them on the other side, read the data via getpeername() parse it, and include it in the "owner" creds (which is how we call the peer's creds).
| * | | sd-bus: bind outgoing AF_UNIX sockets to abstract addresses conveying client ↵Lennart Poettering2023-05-161-0/+49
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | comm + bus description string Let's pass some additional meta information along bus connections without actually altering the communication protocol. Pass the client comm and client description string of the bus via including it in the abstract namespace client socket address we connect to. This is purely informational (and entirely user controlled), but has the benefit that servers can make use of the information if they want, but really don't have to. It works entirely transparently. This takes inspiration from how we convey similar information via credential socket connections.
| * | | test-bus-server: minor modernizationsLennart Poettering2023-05-161-6/+1
| | | |
| * | | test-bus-chat: modernize a few thingsLennart Poettering2023-05-161-102/+54
| | |/ | |/|
* | | Merge pull request #27648 from poettering/common-dissect-dirLennart Poettering2023-05-1615-42/+60
|\ \ \ | | | | | | | | pid1: add common root dir inode to mount disk images to in private namespaces
| * | | dissect-image: port mount_image_privately_interactively() to use ↵Lennart Poettering2023-05-1612-39/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | /run/systemd/mount-rootfs/ too Let's use the same common directory as the unit logic uses. This means we have less to clean up, and opens the door to eventually allow unprivileged operation of the mount_image_privately_interactively() logic.
| * | | pid1: port unit namespacing to new /run/systemd/mount-rootfs dirLennart Poettering2023-05-161-3/+4
| | | |
| * | | namespace: introduce a common dir in /run/ that we can use to see new root ↵Lennart Poettering2023-05-161-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fs up on This creates a new dir /run/systemd/mount-rootfs/ early in PID 1 that thus always exists. It's supposed to be used by any code that creates its own mount namespace and then sets up a new root dir to switch into. So far in many cases we used a temporary dir (which needed explicit clean-up) or a purpose-specific fixed dir. Let's create a common dir instead, that always exists (as it is created in PID 1 early on, always). Besides making things more robust, as manual clean-up of the inode is not necessary anymore this also opens the door for unprivileged programs to use the same dir, since it now always exists. Set the access mode to 555 (instead of the otherwise previously used 0755, 0700 or similar), so that unprivileged programs can access it, but we make clear it's not supposed to be written directly to, by anyone, not even root.
| * | | mount-util: add umount_and_free() helperLennart Poettering2023-05-161-0/+8
| |/ /
* | | Merge pull request #27647 from poettering/mount-setup-tweakletsLennart Poettering2023-05-161-21/+17
|\ \ \ | | | | | | | | mount-setup: minor tweaks
| * | | mount-setup: minor modernizationLennart Poettering2023-05-161-15/+13
| | | |
| * | | mount-setup: minor log improvementLennart Poettering2023-05-161-1/+1
| | | |
| * | | mount-setup: port to logging about mount attempts via mount_*follow_verbose()Lennart Poettering2023-05-161-5/+3
| |/ /
* | | base-filesystem: mention why we don't carry an entry for /tmp/ for nowLennart Poettering2023-05-161-0/+4
| | |
View Lorry Controller Status