diff options
| author | Lukas Nykryn <lnykryn@redhat.com> | 2023-12-08 12:33:06 +0100 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2023-12-19 11:15:52 +0100 |
| commit | 3b2e7dc5a285edbbb1bf6aed2d88b889d801613f (patch) | |
| tree | 3dcda000313d0fb0b09d67fe9ba44150ba0ca270 /src/udev/udev-builtin-net_id.c | |
| parent | Merge pull request #30491 from fbuihuu/vconsole-handle-kd-grahpics-mode (diff) | |
| download | systemd-3b2e7dc5a285edbbb1bf6aed2d88b889d801613f.tar.xz systemd-3b2e7dc5a285edbbb1bf6aed2d88b889d801613f.zip | |
udev: allow/denylist for reading sysfs attributes when composing a NIC name
Users can currently pick specific versions of NIC naming, but that
does not guarantee that NIC names won't change after the kernel adds
a new sysfs attribute.
This patch allows for an allow/deny list of sysfs attributes
that could be used when composing the name.
These lists can be supplied as an hwdb entry in the form of
/etc/udev/hwdb.d/50-net-naming-allowlist.hwdb
net:naming:drvirtio_net
ID_NET_NAME_ALLOW=0
ID_NET_NAME_ALLOW_ACPI_INDEX=1
ID_NET_NAME_ALLOW_ADDR_ASSIGN_TYPE=1
ID_NET_NAME_ALLOW_ADDRESS=1
ID_NET_NAME_ALLOW_ARI_ENABLED=1
ID_NET_NAME_ALLOW_DEV_PORT=1
ID_NET_NAME_ALLOW_FUNCTION_ID=1
ID_NET_NAME_ALLOW_IFLINK=1
ID_NET_NAME_ALLOW_INDEX=1
ID_NET_NAME_ALLOW_LABEL=1
ID_NET_NAME_ALLOW_PHYS_PORT_NAME=1
ID_NET_NAME_ALLOW_TYPE=1
Diffstat (limited to '')
| -rw-r--r-- | src/udev/udev-builtin-net_id.c | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c index 91b40088f4..841e4615fc 100644 --- a/src/udev/udev-builtin-net_id.c +++ b/src/udev/udev-builtin-net_id.c @@ -188,7 +188,7 @@ static int get_dev_port(sd_device *dev, bool fallback_to_dev_id, unsigned *ret) /* Get kernel provided port index for the case when multiple ports on a single PCI function. */ - r = device_get_sysattr_unsigned(dev, "dev_port", &v); + r = device_get_sysattr_unsigned_filtered(dev, "dev_port", &v); if (r < 0) return r; if (r > 0) { @@ -204,7 +204,7 @@ static int get_dev_port(sd_device *dev, bool fallback_to_dev_id, unsigned *ret) if (fallback_to_dev_id) { unsigned iftype; - r = device_get_sysattr_unsigned(dev, "type", &iftype); + r = device_get_sysattr_unsigned_filtered(dev, "type", &iftype); if (r < 0) return r; @@ -212,7 +212,7 @@ static int get_dev_port(sd_device *dev, bool fallback_to_dev_id, unsigned *ret) } if (fallback_to_dev_id) - return device_get_sysattr_unsigned(dev, "dev_id", ret); + return device_get_sysattr_unsigned_filtered(dev, "dev_id", ret); /* Otherwise, return the original index 0. */ *ret = 0; @@ -229,7 +229,7 @@ static int get_port_specifier(sd_device *dev, bool fallback_to_dev_id, char **re assert(ret); /* First, try to use the kernel provided front panel port name for multiple port PCI device. */ - r = sd_device_get_sysattr_value(dev, "phys_port_name", &phys_port_name); + r = device_get_sysattr_value_filtered(dev, "phys_port_name", &phys_port_name); if (r >= 0 && !isempty(phys_port_name)) { if (naming_scheme_has(NAMING_SR_IOV_R)) { int vf_id = -1; @@ -292,10 +292,10 @@ static int pci_get_onboard_index(sd_device *dev, unsigned *ret) { assert(ret); /* ACPI _DSM — device specific method for naming a PCI or PCI Express device */ - r = device_get_sysattr_unsigned(dev, "acpi_index", &idx); + r = device_get_sysattr_unsigned_filtered(dev, "acpi_index", &idx); if (r < 0) /* SMBIOS type 41 — Onboard Devices Extended Information */ - r = device_get_sysattr_unsigned(dev, "index", &idx); + r = device_get_sysattr_unsigned_filtered(dev, "index", &idx); if (r < 0) return log_device_debug_errno(dev, r, "Could not obtain onboard index: %m"); @@ -347,7 +347,7 @@ static int names_pci_onboard_label(sd_device *dev, sd_device *pci_dev, const cha assert(prefix); /* retrieve on-board label from firmware */ - r = sd_device_get_sysattr_value(pci_dev, "label", &label); + r = device_get_sysattr_value_filtered(pci_dev, "label", &label); if (r < 0) return log_device_debug_errno(pci_dev, r, "Failed to get PCI onboard label: %m"); @@ -392,7 +392,7 @@ static int is_pci_multifunction(sd_device *dev) { static bool is_pci_ari_enabled(sd_device *dev) { assert(dev); - return device_get_sysattr_bool(dev, "ari_enabled") > 0; + return device_get_sysattr_bool_filtered(dev, "ari_enabled") > 0; } static bool is_pci_bridge(sd_device *dev) { @@ -400,7 +400,7 @@ static bool is_pci_bridge(sd_device *dev) { assert(dev); - if (sd_device_get_sysattr_value(dev, "modalias", &v) < 0) + if (device_get_sysattr_value_filtered(dev, "modalias", &v) < 0) return false; if (!startswith(v, "pci:")) @@ -442,7 +442,7 @@ static int parse_hotplug_slot_from_function_id(sd_device *dev, int slots_dirfd, return 0; } - if (sd_device_get_sysattr_value(dev, "function_id", &attr) < 0) { + if (device_get_sysattr_value_filtered(dev, "function_id", &attr) < 0) { *ret = 0; return 0; } @@ -505,7 +505,7 @@ static int pci_get_hotplug_slot_from_address( if (!path) return log_oom_debug(); - if (sd_device_get_sysattr_value(pci, path, &address) < 0) + if (device_get_sysattr_value_filtered(pci, path, &address) < 0) continue; /* match slot address with device by stripping the function */ @@ -845,7 +845,7 @@ static int names_devicetree(sd_device *dev, const char *prefix, bool test) { if (!alias_index) continue; - if (sd_device_get_sysattr_value(aliases_dev, alias, &alias_path) < 0) + if (device_get_sysattr_value_filtered(aliases_dev, alias, &alias_path) < 0) continue; if (!path_equal(ofnode_path, alias_path)) @@ -864,7 +864,7 @@ static int names_devicetree(sd_device *dev, const char *prefix, bool test) { } /* ...but make sure we don't have an alias conflict */ - if (i == 0 && sd_device_get_sysattr_value(aliases_dev, conflict, NULL) >= 0) + if (i == 0 && device_get_sysattr_value_filtered(aliases_dev, conflict, NULL) >= 0) return log_device_debug_errno(dev, SYNTHETIC_ERRNO(EEXIST), "Ethernet alias conflict: ethernet and ethernet0 both exist"); @@ -1133,7 +1133,7 @@ static int names_mac(sd_device *dev, const char *prefix, bool test) { assert(dev); assert(prefix); - r = device_get_sysattr_unsigned(dev, "type", &iftype); + r = device_get_sysattr_unsigned_filtered(dev, "type", &iftype); if (r < 0) return log_device_debug_errno(dev, r, "Failed to read 'type' attribute: %m"); @@ -1145,7 +1145,7 @@ static int names_mac(sd_device *dev, const char *prefix, bool test) { "Not generating MAC name for infiniband device."); /* check for NET_ADDR_PERM, skip random MAC addresses */ - r = device_get_sysattr_unsigned(dev, "addr_assign_type", &assign_type); + r = device_get_sysattr_unsigned_filtered(dev, "addr_assign_type", &assign_type); if (r < 0) return log_device_debug_errno(dev, r, "Failed to read/parse addr_assign_type: %m"); @@ -1153,7 +1153,7 @@ static int names_mac(sd_device *dev, const char *prefix, bool test) { return log_device_debug_errno(dev, SYNTHETIC_ERRNO(EINVAL), "addr_assign_type=%u, MAC address is not permanent.", assign_type); - r = sd_device_get_sysattr_value(dev, "address", &s); + r = device_get_sysattr_value_filtered(dev, "address", &s); if (r < 0) return log_device_debug_errno(dev, r, "Failed to read 'address' attribute: %m"); @@ -1203,7 +1203,7 @@ static int names_netdevsim(sd_device *dev, const char *prefix, bool test) { if (r < 0) return log_device_debug_errno(netdevsimdev, r, "Failed to parse device sysnum: %m"); - r = sd_device_get_sysattr_value(dev, "phys_port_name", &phys_port_name); + r = device_get_sysattr_value_filtered(dev, "phys_port_name", &phys_port_name); if (r < 0) return log_device_debug_errno(dev, r, "Failed to get 'phys_port_name' attribute: %m"); if (isempty(phys_port_name)) @@ -1265,7 +1265,7 @@ static int get_ifname_prefix(sd_device *dev, const char **ret) { assert(dev); assert(ret); - r = device_get_sysattr_unsigned(dev, "type", &iftype); + r = device_get_sysattr_unsigned_filtered(dev, "type", &iftype); if (r < 0) return r; @@ -1311,7 +1311,7 @@ static int device_is_stacked(sd_device *dev) { if (r < 0) return r; - r = device_get_sysattr_int(dev, "iflink", &iflink); + r = device_get_sysattr_int_filtered(dev, "iflink", &iflink); if (r < 0) return r; |