| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
into its own flag
No functional change, preparation for later commits.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This partially reverts 02eabaffe98c9a3b5dec1c4837968a4d3e2ff7db.
As noted in https://github.com/systemd/systemd/pull/35211:
> The configuration parsing simply stores the string as-is, rather than
> creating the appropriate object
One way to fix the issue would be to store the "appropriate object", i.e.
actually the class. But that makes the code very verbose, with the conversion
being done in two places. And that still doesn't fix the issue, because we need
to map the class objects back to the original name in error messages.
So instead, store the setting as a string and only map it to the class much
later. This makes the code simpler and fixes the error messages too.
Resolves https://github.com/systemd/systemd/pull/35193
|
| |
|
|
| |
Follow-up for 09db4106064dd600c64d12a4e06bd88143b2e4f7.
|
| |
|
|
|
|
|
|
|
| |
Add the `arm_fadvise64_64` syscall to the allow_list, in addition
to the existing `fadvise64` and `fadvise64_64` syscalls, as this is
the syscall actually defined for `arm` architecture. Adding it fixes
the syscall being rejected in arm32 containers.
Fixes #35194
|
| | |
|
| |
|
|
|
|
| |
systemd-boot uses the existance of loader/keys/auto to determine
whether to auto-enroll secure boot or not so only create the directory
if we're actually going to put auto-enroll signature lists in it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The proposal in https://github.com/systemd/systemd/pull/35091 suggests
that there are going to be more resources sooner or later that shall be
embeddable in a UKI, but are specific to some machine. The .hwids logic
as it is implemented right now is conceptually flexible enough to cover
that too (as long as the system has SMBIOS and thus CHIDs). Hence, let's
prepare the ground for a future (that might possibly never come, but
let's keep the door open) where the section can be reused for this
purpose.
The patch is really dumb ultimately. it just changes the initial field
in the "Device" struct to carry not just the size of it (as before) but
also a type indicator, that is for now fixed to 1, indicating DT blobs.
This breaks compatibility, hence this should get merged before we do the
v257 release, so that this is done properly before the first release
with .hwids.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use the $WATCHDOG_USEC variable for two very closely uses: as part of
the sd_watchdog_enabled() protocol for implementing service watchdogs.
And as part of the protocol between the service manager and
systemd-shutdown across the PID 1 execve() transition during shutdown.
Apparently some exitrds tools got confused by the latter use. Let's
address that by setting $WATCHDOG_PID to 1, in accordance to the
sd_watchdog_enabled() protocol to make clear this is only intended for
PID 1 and nothing else.
Replaces: #35135
|
| |
|
|
|
|
|
|
| |
Given how long it took to come to a conclusion of the discussions around
https://github.com/systemd/systemd/issues/35026, let's add a comment
that makes this easier to grok for the next time this comes up.
Follow-up for: 6e207b370e91e681efb08c497a6c8ad78e3c8d83
|
| |
|
|
| |
Follow-up for 688f166972916b5cfc9287055582ac1aeef3d486.
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Stub behavior will be as following:
1. If there are no `.dtbauto` sections then is used `.dtb` if present
2. If there are `.dtbauto` sections and there is at least one matching
(either with the firmware-provided DT or via `.hwids`) then it'll be
used instead of the `.dtb`.
Based on #28959 and [dtbloader](https://github.com/TravMurav/dtbloader)
Closes #28959
Fixes #31946
|
| | |
| |
| |
| | |
This section contains a predefined set of HWIDs and the corresponding compatibles to be used in dtb matching
|
| | | |
|
| |\ \
| | |
| | | |
Closes #35116.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
unspecified
Follow-up for efedb6b0f3cff37950112fd37cb750c16d599bc7.
Closes #35116.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
copy_devnodes()
While doing that, even if mknod() failed, we anyway try to fall back to
use bind mount if arg_uid_shift == 0.
Mostly no functional change, just refactoring and preparation for later commit.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Follow-up for dc3223919f663b7c8b8d8d1d6072b4487df7709b.
If nspawn is invoked with DevicePolicy= but DeviceAllow= does not
contain /dev/fuse, nspawn will fail to get fuse version with -EPERM.
Let's silence the warning in that case.
|
| |\ \ \
| |_|/
|/| |
| | |
| | | |
(#35119)
Fixes #33470.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
requested
Previously, when multiple routers send RAs with the same preference,
then the kernel merges routes with the same gateway address:
===
default proto ra metric 1024 expires 595sec pref medium
nexthop via fe80::200:10ff:fe10:1060 dev enp0s9 weight 1
nexthop via fe80::200:10ff:fe10:1061 dev enp0s9 weight 1
===
This causes IPv6 Conformance Test v6LC.2.2.11 failure, as reported in #33470.
To avoid the coalescing issue, we can use nexthop, as suggested by Ido Schimmel:
https://lore.kernel.org/netdev/ZytjEINNRmtpadr_@shredder/
> BTW, you can avoid the coalescing problem by using the nexthop API.
> # ip nexthop add id 1 via fe80::200:10ff:fe10:1060 dev enp0s9
> # ip -6 route add default nhid 1 expires 600 proto ra
> # ip nexthop add id 2 via fe80::200:10ff:fe10:1061 dev enp0s9
> # ip -6 route append default nhid 2 expires 600 proto ra
> # ip -6 route
> fe80::/64 dev enp0s9 proto kernel metric 256 pref medium
> default nhid 1 via fe80::200:10ff:fe10:1060 dev enp0s9 proto ra metric 1024 expires 563sec pref medium
> default nhid 2 via fe80::200:10ff:fe10:1061 dev enp0s9 proto ra metric 1024 expires 594sec pref medium
Fixes #33470.
Suggested-by: Ido Schimmel <idosch@idosch.org>
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Preparation for later commits.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
There's no synchoronization between the intermediate process
and the double-forked child, and the semantics are not useful.
Refuse such combination.
|
| | | |
| | |
| | |
| | | |
See justifications at https://github.com/systemd/systemd/pull/32235#issuecomment-2062327783
|
| |\ \ \
| |_|/
|/| | |
Follow-ups for #34909.
|
| | | |
| | |
| | |
| | |
| | | |
Otherwise, when a .netdev file for tun or tap netdev is updated,
reloading the file leaks the previous file descriptor.
|
| | | |
| | |
| | |
| | |
| | | |
Some bonding parameters cannot be updated when the netdev is already up
or already has at least one slave interface.
|
| | | |
| | |
| | |
| | |
| | | |
Some netdevs cannot update there properties after created.
Let's skip requests in that case.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Follow-up for 1003093604661bd984574889167f2ff4dfd6209c.
If a netdev is detached for some reasons, then previously the request
was simply cancelled, and the underlying interface never enter the
configured state, as the 'stacked_netdevs_created' flag never set.
This makes the counter decremented manually by the function, and set the
flag. So, the underlying interface can eter the configured state.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
After PR #34909, networkd tries to update an existing netdev interface if
possible. But, when .netdev files are loaded on start, we have not
enumerate interfaces, so we do not know if the corresponding interface
exists or not. Let's delay processing request a bit.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Follow-up for PR #34909.
This fixes an issue that network interfaces cannot join a master netdev,
like bond or bridge, when the corresponding .netdev is reloaded.
With PR #34909, networkd supports reloading .netdev files. However,
When a .netdev file is modified and reloaded, ifindex is copied from
the old NetDev object to the new one. Thus, even if the interface is
successfully updated, netdev_set_ifindex_impl() will return 0 and
netdev_enter_ready() will never called. If the netdev is a kind of
master netdev, then port interfaces cannot join the master netdev,
as REQUEST_TYPE_SET_LINK_MASTER requires that the master netdev is
in the ready state.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Follow-up for 17c5337f7b2993619d84acc2088b2ba1789e6477.
Older kernels (older than v6.5) refuse RTM_NEWLINK messages with IFLA_ADDRESS
attribute when the netdev already exists and is running, even if the MAC
address is unchanged.
So, let's not set IFLA_ADDRESS or IFLA_MTU if they are unchanged, and
set the attributes only when we can update them.
|
| | | |
| | |
| | |
| | | |
Otherwise, the kernel older than v6.2 will refuse the netlink message.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Outside of x86, some machines (e.g. Apple silicon, AMD Opteron A1100)
have physical memory mapped above 4GiB, meaning this allocation will
fail, causing the entire boot process to fail on these machines.
This commit makes it so that the below-4GB address space allocation
requirement is only set on x86 platforms, and not on other platforms
(that don't have the specific Linux x86 boot protocol), thereby fixing
boot on those that have no memory mapped below 4GiB in their address
space.
Tested on an Apple silicon M1 laptop and an AMD x86_64 desktop tower.
Fixes: #35026
|
| |\ \ \
| |_|/
|/| |
| | | |
fixes for sd_bus_error handling (#35150)
|
| | | |
| | |
| | |
| | |
| | |
| | | |
When kill_whom == _ALL, there can be two cases that lead to
ESRCH: the session expects no scope at all or the scope is
not active. Let's distinguish the two cases.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
The concept of synthetic errnos is about logging, which
is irrelevant irt bus error and we don't do any special
treatment in sd-bus for them, meaning the value propagated
would be spurious.
|
| | |/ |
|
| | |
| |
| |
| |
| | |
KeepConfiguration=dhcp keeps not only DHCP configurations but
also SLAAC or IPV4LL. Let's rename the value to 'dynamic'.
|
| | |
| |
| |
| |
| | |
This is similar to what we do for DHCPv4 address, but for IPv4LL
address.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
KeepConfiguration=dhcp-on-stop
By the previous commit, configuration source of addresses and routes are
saved on stop and restored on start. Hence, we can keep dynamic
configurations on stop.
Co-authored-by: Jian Zhang <zhangjian.3032@bytedance.com>
|
| |/
|
|
|
|
|
|
|
|
| |
Currently, only configuration sources and providers of addresses and
routes are serialized/deserialized.
This should mostly not change behavior, as dynamic (except for DHCPv4)
configurations will be dropped before stopping networkd, and for DHCPv4
protocol, we have already had another logic to handle DHCPv4
configurations.
Preparation for later commits.
|
| | |
|
| |\
| |
| |
| |
| |
| |
| | |
Follow-up for 972f1d17ab461a51142a142609dd3ec50bae8440.
This fixes the logic of removing unnecessary routes configured by the
previously received RAs. Previously, we wrongly handled existing routes
could be updated, and unexpected routes would be kept.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
if existing route can be updated
Follow-up for 972f1d17ab461a51142a142609dd3ec50bae8440.
This fixes the logic of removing unnecessary routes configured by the
previously received RAs. Previously, we wrongly handled existing routes
could be updated, and unexpected routes would be kept.
|
| | |
| |
| |
| |
| |
| | |
These applies common parameters to the route to be requested or removed.
No functional change, just refactoring and preparation for later
commits.
|
| | |
| |
| |
| |
| |
| | |
- drop unnecessary call of ndisc_set_route_priority() at the beginning,
as it is called later in the loop below,
- use RET_GATHER() and remove all possible routes even if failed.
|
| | |
| |
| |
| |
| |
| | |
where applicable
No functional change, and preparation for later commits.
|
| |\ \
| | |
| | |
| | | |
Fixes: #35033
Fixes: #35100
|
