summaryrefslogtreecommitdiffstats
path: root/man/sd-device.xml (unfollow)
Commit message (Collapse)AuthorFilesLines
2023-05-30shared/ethtool-util: autogenerate table of link mode namesZbigniew Jędrzejewski-Szmek4-93/+44
We updated this table manually, but the kernel adds new modes periodically and we forget to do that. So let that happen automatically whenever we import new kernel headers. C.f. 72dda93acba95a330daae45bd85be8abc788df1c. Effectively, this adds: [ETHTOOL_LINK_MODE_10baseT1L_Full_BIT] = "10baset1l-full", [ETHTOOL_LINK_MODE_800000baseCR8_Full_BIT] = "800000basecr8-full", [ETHTOOL_LINK_MODE_800000baseKR8_Full_BIT] = "800000basekr8-full", [ETHTOOL_LINK_MODE_800000baseDR8_Full_BIT] = "800000basedr8-full", [ETHTOOL_LINK_MODE_800000baseDR8_2_Full_BIT] = "800000basedr8-2-full", [ETHTOOL_LINK_MODE_800000baseSR8_Full_BIT] = "800000basesr8-full", [ETHTOOL_LINK_MODE_800000baseVR8_Full_BIT] = "800000basevr8-full", N_ADVERTISE needed to be increased because we need more bits.
2023-05-29resolvectl: drop extra colonDavid Tardon1-1/+1
2023-05-29basic/syscall: update syscall listYu Watanabe21-2/+23
Only notable change is that memfd_secret is now defined on s390(x).
2023-05-28gpt/DPS: add more aliases for python's machineLuca Boccassi1-0/+3
In mkosi we set the default architecture to platform.machine() which is again slightly incompatible for a few architectures, so add more aliases, so that repart works by default with these names.
2023-05-27po: add a false positive to POTFILES.skipPiotr Drąg1-0/+1
Scripts used to detect files that should be in POTFILES.in, like intltool-update -m used on https://l10n.gnome.org/module/systemd/, falsely detect this file as containing translations. Avoid this behavior by putting the file in POTFILES.skip.
2023-05-27tree-wide: Downgrade a few more noisy log messages to traceDaan De Meyer3-11/+11
2023-05-27boot/measure: replace TPM PolicyPCR session with calculationDan Streetman1-69/+16
Instead of using a trial policy with a TPM to calculate the measurement hash, this uses a function to calculate the hash with no TPM needed.
2023-05-27Add DHCPServer information to JSON output.Rene Hollander1-0/+133
Adds a new JSON object called DHCPServer for each interface that has a DHCPServer configured. It has the following attributes: - PoolSize and PoolOffset from the configuration - List of offered leases - List of static leases from the configuration
2023-05-27Revert "test: add test case for systemd-update-utmp vs daemon-reexec"Frantisek Sumsal1-13/+0
Temporarily revert the test case for #27167, as the additional daemon-reexecs exacerbate #27287, making CIs fail quite often. As the #27167 is also covered by TEST-01-BASIC itself, since we do daemon-reexec there anyway, we shouldn't lose any coverage, but it should make CIs more stable until #27287 is figured out. Resolves (or more like works around): #27807 This reverts commit d689f70a2c18666bbf6500df7a53962a8f3e91a4.
2023-05-26journalctl: split get_boots() into threeYu Watanabe1-155/+140
Previously, get_boots() used for three ways; finding boot entry by boot ID, finding boot entry by offset, listing up all boot IDs. Let's split it into three for each usecase. No functional change, just refactoring.
2023-05-26logs-show: introduce add_match_boot_id() helper functionYu Watanabe3-14/+16
2023-05-26gpt/DPS: alias amd64 to x86-64 and aarch64 to arm64Luca Boccassi1-7/+21
The DSP and our implementation mixes Debian terminology with CPU terminology. It uses arm64 which is a Debian thing instead of aarch64, but x86-64 which is a CPU thing instead of amd64. Add some convenience and transparent aliasing, so that we don't need to maintain architecture-specific and tool-specific translation layers in mkosi among other places, while at the same time the DDIs still look the same (ie: the partlabel does not change depending on which alias is used, the canonical label is used on disk).
2023-05-26test-gpt: verify that alias entries are identical to the primary onesLennart Poettering1-0/+17
Given we allow aliases we better check for consistency of alias entries and the primary one.
2023-05-26tpm2: add tpm2_calculate_sealing_policy()Dan Streetman1-48/+70
This adds a function to fully calculate the authPolicy needed to seal a secret, and updates tpm2_seal() to use the new function instead of a trial policy.
2023-05-26tpm2: use tpm2_policy_authorize()Dan Streetman1-125/+29
This updates the function to build the sealing policy to use the dedicated function to perform PolicyAuthorize. This is separate from the previous commit to make each commit easier to read.
2023-05-26tpm2: add tpm2_policy_authorize()Dan Streetman3-0/+210
This adds functions to get the digest for a PolicyAuthorize operation. For building a policy hash, this provides a function to calculate the hash; and for building a policy hash to satisfy the authPolicy for an existing object, this provides a function to perform PolicyAuthorize with an existing session.
2023-05-26tpm2: add tpm2_policy_auth_value()Dan Streetman3-12/+74
This adds functions to get the digest for a PolicyAuthValue operation. For building a policy hash, this provides a function to calculate the hash; and for building a policy hash to satisfy the authPolicy for an existing object, this provides a function to perform PolicyAuthValue with an existing session.
2023-05-26tpm2: add tpm2_policy_pcr()Dan Streetman3-27/+143
This adds functions to get the digest for a PolicyPCR operation. For building a policy hash, this provides a function to calculate the hash; and for building a policy hash to satisfy the authPolicy for an existing object, this provides a function to perform PolicyPCR with an existing session.
2023-05-26tpm2: rename pcr_values_size vars to n_pcr_valuesDan Streetman1-10/+10
Using the n_ prefix is more appropriate/conventional than the _size suffix. No functional change, this is cosmetic only.
2023-05-26tpm2: add tpm2_get_name()Dan Streetman3-8/+154
This adds functions to get the "name" of a key. The key "name", as defined by the TPM2 spec, includes its entire public area (with attribute fields), not only its key fingerprint. A function is added to calculate the name of a provided key public area, as well as a function to get the name of a key which is present in the TPM.
2023-05-26tpm2: add tpm2_set_auth()Dan Streetman1-27/+38
This provides a function to perform the SetAuth TPM function, which provides the authValue for a key.
2023-05-26tpm2: replace hash_pin() with tpm2_digest_*() functionsDan Streetman1-18/+8
The hash_pin() function is just a specific use case of the digest functions.
2023-05-26tpm2: add tpm2_digest_*() functionsDan Streetman3-5/+194
These functions allow extending (or initializing) a TPM2B_DIGEST with additional data, using a specified hash operation. This is needed to perform hash calculations instead of relying on the TPM to perform the calculations in trial sessions.
2023-05-26man: fix UKI filename suffix in 'tries' descriptionVitaly Kuznetsov1-1/+1
Boot Loader Type #2 entries (UKIs in $BOOT/EFI/Linux/) have '.efi' suffix, not '.conf'.
2023-05-26mount-util: Downgrade another noisy debug log to trace levelDaan De Meyer1-1/+1
2023-05-26nspawn: restore cross-architecture bootingLuca Boccassi1-4/+4
The check added by 4c27749b8c6b24ef7481ba183ae1fca3749afbf7 breaks booting an arm64 image on x86 using qemu-bin-fmt, so remove it. Without it, the image built with mkosi --architecture=aarch64 boots fine in nspawn.
2023-05-26udev: introduce .PART_SUFFIX internal propertyYu Watanabe1-63/+48
To make unify rules for disk and partition.
2023-05-26sd-network: avoid leaking DHCPLeaseFrantisek Sumsal3-18/+42
If we fail any allocation prior adding the lease to the server lease hashmap. ==2103==ERROR: LeakSanitizer: detected memory leaks Direct leak of 128 byte(s) in 2 object(s) allocated from: #0 0x4a203e in __interceptor_calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:77:3 #1 0x4f6341 in calloc (/build/fuzz-dhcp-server+0x4f6341) #2 0x4ec818 in add_lease /work/build/../../src/systemd/src/libsystemd-network/fuzz-dhcp-server.c:26:9 #3 0x4ec2bf in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/libsystemd-network/fuzz-dhcp-server.c:75:9 #4 0x4f68a8 in NaloFuzzerTestOneInput (/build/fuzz-dhcp-server+0x4f68a8) #5 0x5158b3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15 #6 0x51509a in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:514:3 #7 0x516769 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:757:19 #8 0x517435 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:895:5 #9 0x50679f in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:912:6 #10 0x507068 in LLVMFuzzerRunDriver /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:925:10 #11 0x4f6b25 in main (/build/fuzz-dhcp-server+0x4f6b25) #12 0x7f16084e3082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee) DEDUP_TOKEN: __interceptor_calloc--calloc--add_lease SUMMARY: AddressSanitizer: 128 byte(s) leaked in 2 allocation(s). Found by Nallocufzz.
2023-05-26sd-journal: log about errors from ordered_hashmap_*()Frantisek Sumsal1-2/+2
Follow-up to 08a8fd6e8d.
2023-05-26journal-remote: bump the refcount right after creating the writer objectFrantisek Sumsal1-1/+1
Otherwise we might hit an assertion during cleanup if the following mmap_cache_new() call fails: Assertion 'p->n_ref > 0' failed at src/journal-remote/journal-remote-write.c:80, function writer_unref(). Aborting. ==2069==ERROR: AddressSanitizer: ABRT on unknown address 0x000000000815 (pc 0x7f39dcd0200b bp 0x7ffe2fe24db0 sp 0x7ffe2fe24b60 T0) SCARINESS: 10 (signal) #0 0x7f39dcd0200b in raise (/lib/x86_64-linux-gnu/libc.so.6+0x4300b) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee) #1 0x7f39dcce1858 in abort (/lib/x86_64-linux-gnu/libc.so.6+0x22858) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee) #2 0x7f39dd747e49 in log_assert_failed /work/build/../../src/systemd/src/basic/log.c:940:9 #3 0x4e4431 in writer_unref /work/build/../../src/systemd/src/journal-remote/journal-remote-write.c:80:1 #4 0x4e3fd5 in writer_unrefp /work/build/../../src/systemd/src/journal-remote/journal-remote-write.h:27:1 #5 0x4e3fd5 in writer_new /work/build/../../src/systemd/src/journal-remote/journal-remote-write.c:56:1 #6 0x4e04bc in journal_remote_get_writer /work/build/../../src/systemd/src/journal-remote/journal-remote.c:125:21 #7 0x4e0e0b in get_source_for_fd /work/build/../../src/systemd/src/journal-remote/journal-remote.c:181:13 #8 0x4e0e0b in journal_remote_add_source /work/build/../../src/systemd/src/journal-remote/journal-remote.c:233:13 #9 0x4df99f in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/journal-remote/fuzz-journal-remote.c:54:9 #10 0x4e8f48 in NaloFuzzerTestOneInput (/build/fuzz-journal-remote+0x4e8f48) #11 0x507f53 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15 #12 0x50773a in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:514:3 #13 0x508e09 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:757:19 #14 0x509ad5 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:895:5 #15 0x4f8e3f in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:912:6 #16 0x4f9708 in LLVMFuzzerRunDriver /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:925:10 #17 0x4e91c5 in main (/build/fuzz-journal-remote+0x4e91c5) #18 0x7f39dcce3082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee) #19 0x420bcd in _start (/build/fuzz-journal-remote+0x420bcd) DEDUP_TOKEN: raise--abort--log_assert_failed AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: ABRT (/lib/x86_64-linux-gnu/libc.so.6+0x4300b) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee) in raise Found by Nallocufzz.
2023-05-26various: fix error message for bus_wait_for_jobs_new()Zbigniew Jędrzejewski-Szmek2-3/+3
As pointed out by Mike Yuan in review of grandparent commit, bus_wait_for_jobs_new() can also fail for non-oom reasons.
2023-05-26units: order systemd-firstboot after systemd-tmpfiles-setupZbigniew Jędrzejewski-Szmek1-1/+1
We may copy files from factory to /etc. The default mkosi config has factory/etc/vconsole.conf. systemd-firstboot would race with tmpfiles-setup, and sometimes ask for the keymap, and sometimes not. I guess that if there are files in factory, we shouldn't ask the user for the same configuration.
2023-05-26firstboot: synchronously wait for systemd-vconsole-setup.service/restart jobZbigniew Jędrzejewski-Szmek2-4/+20
Requested in https://github.com/systemd/systemd/pull/27755#pullrequestreview-1443489520. I dropped the info message about the job being requested, because we get fairly verbose logs from starting the unit, and the additional message isn't useful. In the unit, the ordering before systemd-vconsole-setup.service is dropped, because now it needs to happen in parallel, while systemd-firstboot.service is running. This means that we may potentially execute vconsole-setup twice, but it's fairly quick, so this doesn't matter much.
2023-05-26fstab-generator: use correct swap name varFrantisek Sumsal1-1/+1
Follow-up to 9445623363.
2023-05-26core: change 'basename' to 'path_extract_filename'Jordan Rome1-2/+6
This is part of a cleanup effort in the TODO doc. Tested locally: `meson compile -C build && meson test -C build`
2023-05-26core/unit: update bidirectional dependency simultaneouslyYu Watanabe1-61/+103
Previously, if unit_add_dependency_hashmap() failed, then a one-directional unit dependency reference might be created, and triggeres use-after-free. See issue #27742 for more details. This makes unit dependency always bidirectional, and cleanly revert partial update on failure. Fixes #27742.
2023-05-26core/unit: search shared namespace in transitive relation of JoinsNamespaceOf=Yu Watanabe5-6/+39
Previously, dependency chain of JoinsNamespaceOf= did not work, e.g. - a.service has JoinsNamespaceOf=b.service - b.service has JoinsNamespaceOf=c.service if, first c.service, next a.service, finally b.service is started, then a.service is not joined to the namespace of c.service. And, as mentioned in the document, the namespace used by b.service is not deterministic. This makes when searching exsiting namespace to be joined, all units in the transitive dependency of JoinsNamespaceOf= are checked.
2023-05-26loginctl: use FORMAT_TIMESTAMP_RELATIVE_MONOTONICMike Yuan1-34/+35
Follow-up for #27769 Addresses https://github.com/systemd/systemd/pull/27769#discussion_r1205215743
2023-05-26loginctl: realign bus_properties_mapMike Yuan1-2/+2
2023-05-26systemctl: list-units: use TABLE_TIMESTAMP_RELATIVE_MONOTONICMike Yuan1-7/+21
2023-05-26time-util,format-table: add relative_monotonic variant for timestampMike Yuan5-21/+42
2023-05-26tmpfiles: Allow C escapesWill Fancher2-2/+2
Fixes #26955