]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
11c3a4ee | 2 | |
cf0fbc49 | 3 | #include <unistd.h> |
f84f9974 | 4 | |
6c1f72f6 | 5 | #include "alloc-util.h" |
d79acc30 | 6 | #include "bus-util.h" |
cf0fbc49 | 7 | #include "capability-util.h" |
0ae03a0f | 8 | #include "efi-api.h" |
6c1f72f6 | 9 | #include "fileio.h" |
11c3a4ee | 10 | #include "kmod-setup.h" |
cf0fbc49 | 11 | #include "macro.h" |
1d98716e | 12 | #include "module-util.h" |
79a72b1b | 13 | #include "recurse-dir.h" |
6c1f72f6 | 14 | #include "string-util.h" |
fa505db3 | 15 | #include "strv.h" |
5c1d67af | 16 | #include "virt.h" |
11c3a4ee | 17 | |
349cc4a5 | 18 | #if HAVE_KMOD |
e1d8f702 | 19 | static int match_modalias_recurse_dir_cb( |
79a72b1b LP |
20 | RecurseDirEvent event, |
21 | const char *path, | |
22 | int dir_fd, | |
23 | int inode_fd, | |
24 | const struct dirent *de, | |
25 | const struct statx *sx, | |
26 | void *userdata) { | |
6c1f72f6 HH |
27 | |
28 | _cleanup_free_ char *alias = NULL; | |
e1d8f702 | 29 | char **modaliases = ASSERT_PTR(userdata); |
6c1f72f6 HH |
30 | int r; |
31 | ||
79a72b1b LP |
32 | if (event != RECURSE_DIR_ENTRY) |
33 | return RECURSE_DIR_CONTINUE; | |
6c1f72f6 | 34 | |
79a72b1b LP |
35 | if (de->d_type != DT_REG) |
36 | return RECURSE_DIR_CONTINUE; | |
6c1f72f6 | 37 | |
79a72b1b LP |
38 | if (!streq(de->d_name, "modalias")) |
39 | return RECURSE_DIR_CONTINUE; | |
6c1f72f6 | 40 | |
79a72b1b LP |
41 | r = read_one_line_file(path, &alias); |
42 | if (r < 0) { | |
43 | log_debug_errno(r, "Failed to read %s, ignoring: %m", path); | |
44 | return RECURSE_DIR_LEAVE_DIRECTORY; | |
45 | } | |
6c1f72f6 | 46 | |
e1d8f702 | 47 | if (startswith_strv(alias, modaliases)) |
79a72b1b | 48 | return 1; |
6c1f72f6 | 49 | |
79a72b1b | 50 | return RECURSE_DIR_LEAVE_DIRECTORY; |
6c1f72f6 HH |
51 | } |
52 | ||
67c92f3f | 53 | static bool has_virtio_feature(const char *name, char **modaliases) { |
79a72b1b LP |
54 | int r; |
55 | ||
0a5d3c0b LP |
56 | /* Directory traversal might be slow, hence let's do a cheap check first if it's even worth it */ |
57 | if (detect_vm() == VIRTUALIZATION_NONE) | |
58 | return false; | |
59 | ||
79a72b1b LP |
60 | r = recurse_dir_at( |
61 | AT_FDCWD, | |
62 | "/sys/devices/pci0000:00", | |
63 | /* statx_mask= */ 0, | |
67c92f3f | 64 | /* n_depth_max= */ 3, |
79a72b1b | 65 | RECURSE_DIR_ENSURE_TYPE, |
e1d8f702 | 66 | match_modalias_recurse_dir_cb, |
67c92f3f | 67 | modaliases); |
79a72b1b | 68 | if (r < 0) |
67c92f3f | 69 | log_debug_errno(r, "Failed to determine whether host has %s device, ignoring: %m", name); |
79a72b1b LP |
70 | |
71 | return r > 0; | |
6c1f72f6 | 72 | } |
5c1d67af | 73 | |
67c92f3f DDM |
74 | static bool has_virtio_rng(void) { |
75 | return has_virtio_feature("virtio-rng", STRV_MAKE("pci:v00001AF4d00001005", "pci:v00001AF4d00001044")); | |
76 | } | |
a93aaede | 77 | |
67c92f3f DDM |
78 | static bool has_virtio_console(void) { |
79 | return has_virtio_feature("virtio-console", STRV_MAKE("virtio:d00000003v", "virtio:d0000000Bv")); | |
a93aaede DDM |
80 | } |
81 | ||
abf25fae | 82 | static bool has_virtio_vsock(void) { |
67c92f3f DDM |
83 | return has_virtio_feature("virtio-vsock", STRV_MAKE("virtio:d00000013v")); |
84 | } | |
abf25fae | 85 | |
67c92f3f DDM |
86 | static bool has_virtiofs(void) { |
87 | return has_virtio_feature("virtiofs", STRV_MAKE("virtio:d0000001Av")); | |
88 | } | |
abf25fae | 89 | |
67c92f3f DDM |
90 | static bool has_virtio_pci(void) { |
91 | return has_virtio_feature("virtio-pci", STRV_MAKE("pci:v00001AF4d")); | |
abf25fae DDM |
92 | } |
93 | ||
5c1d67af LP |
94 | static bool in_qemu(void) { |
95 | return IN_SET(detect_vm(), VIRTUALIZATION_KVM, VIRTUALIZATION_QEMU); | |
96 | } | |
95441cf2 | 97 | #endif |
6c1f72f6 | 98 | |
7491e6e7 | 99 | int kmod_setup(void) { |
349cc4a5 | 100 | #if HAVE_KMOD |
7491e6e7 KS |
101 | static const struct { |
102 | const char *module; | |
103 | const char *path; | |
0a35e7f6 ZJS |
104 | bool warn_if_unavailable; |
105 | bool warn_if_module; | |
7491e6e7 KS |
106 | bool (*condition_fn)(void); |
107 | } kmod_table[] = { | |
6755bb55 ZJS |
108 | /* This one we need to load explicitly, since auto-loading on use doesn't work |
109 | * before udev created the ghost device nodes, and we need it earlier than that. */ | |
abf25fae | 110 | { "autofs4", "/sys/class/misc/autofs", true, false, NULL }, |
7491e6e7 | 111 | |
6755bb55 ZJS |
112 | /* This one we need to load explicitly, since auto-loading of IPv6 is not done when |
113 | * we try to configure ::1 on the loopback device. */ | |
abf25fae | 114 | { "ipv6", "/sys/module/ipv6", false, true, NULL }, |
7491e6e7 | 115 | |
6755bb55 | 116 | /* This should never be a module */ |
abf25fae | 117 | { "unix", "/proc/net/unix", true, true, NULL }, |
7491e6e7 | 118 | |
349cc4a5 | 119 | #if HAVE_LIBIPTC |
1d308797 | 120 | /* netfilter is needed by networkd, nspawn among others, and cannot be autoloaded */ |
abf25fae | 121 | { "ip_tables", "/proc/net/ip_tables_names", false, false, NULL }, |
a363680f | 122 | #endif |
6c1f72f6 | 123 | /* virtio_rng would be loaded by udev later, but real entropy might be needed very early */ |
abf25fae | 124 | { "virtio_rng", NULL, false, false, has_virtio_rng }, |
a93aaede DDM |
125 | |
126 | /* we want early logging to hvc consoles if possible, and make sure systemd-getty-generator | |
127 | * can rely on all consoles being probed already.*/ | |
abf25fae DDM |
128 | { "virtio_console", NULL, false, false, has_virtio_console }, |
129 | ||
130 | /* Make sure we can send sd-notify messages over vsock as early as possible. */ | |
131 | { "vmw_vsock_virtio_transport", NULL, false, false, has_virtio_vsock }, | |
5c1d67af | 132 | |
67c92f3f DDM |
133 | /* We can't wait for specific virtiofs tags to show up as device nodes so we have to load the |
134 | * virtiofs and virtio_pci modules early to make sure the virtiofs tags are found when | |
135 | * sysroot.mount is started. | |
136 | * | |
137 | * TODO: Remove these again once https://gitlab.com/virtio-fs/virtiofsd/-/issues/128 is | |
138 | * resolved and the kernel fix is widely available. */ | |
139 | { "virtiofs", "/sys/module/virtiofs", false, false, has_virtiofs }, | |
140 | { "virtio_pci", "/sys/module/virtio_pci", false, false, has_virtio_pci }, | |
141 | ||
5c1d67af | 142 | /* qemu_fw_cfg would be loaded by udev later, but we want to import credentials from it super early */ |
abf25fae | 143 | { "qemu_fw_cfg", "/sys/firmware/qemu_fw_cfg", false, false, in_qemu }, |
8313a1a5 LN |
144 | |
145 | /* dmi-sysfs is needed to import credentials from it super early */ | |
abf25fae | 146 | { "dmi-sysfs", "/sys/firmware/dmi/entries", false, false, NULL }, |
0ae03a0f DDM |
147 | |
148 | #if HAVE_TPM2 | |
149 | /* Make sure the tpm subsystem is available which ConditionSecurity=tpm2 depends on. */ | |
abf25fae | 150 | { "tpm", "/sys/class/tpmrm", false, false, efi_has_tpm2 }, |
0ae03a0f | 151 | #endif |
7491e6e7 | 152 | }; |
11c3a4ee | 153 | |
1d98716e LP |
154 | int r; |
155 | ||
26c45a6c | 156 | if (have_effective_cap(CAP_SYS_MODULE) <= 0) |
c47fc1f0 LP |
157 | return 0; |
158 | ||
1d98716e | 159 | _cleanup_(sym_kmod_unrefp) struct kmod_ctx *ctx = NULL; |
0a35e7f6 ZJS |
160 | FOREACH_ARRAY(kmod, kmod_table, ELEMENTSOF(kmod_table)) { |
161 | if (kmod->path && access(kmod->path, F_OK) >= 0) | |
7491e6e7 KS |
162 | continue; |
163 | ||
0a35e7f6 | 164 | if (kmod->condition_fn && !kmod->condition_fn()) |
11c3a4ee LP |
165 | continue; |
166 | ||
0a35e7f6 | 167 | if (kmod->warn_if_module) |
7491e6e7 KS |
168 | log_debug("Your kernel apparently lacks built-in %s support. Might be " |
169 | "a good idea to compile it in. We'll now try to work around " | |
0a35e7f6 | 170 | "this by loading the module...", kmod->module); |
11c3a4ee | 171 | |
728beb28 | 172 | if (!ctx) { |
1d98716e LP |
173 | r = module_setup_context(&ctx); |
174 | if (r < 0) | |
175 | return log_error_errno(r, "Failed to initialize kmod context: %m"); | |
728beb28 | 176 | } |
11c3a4ee | 177 | |
0a35e7f6 | 178 | (void) module_load_and_warn(ctx, kmod->module, kmod->warn_if_unavailable); |
11c3a4ee LP |
179 | } |
180 | ||
f84f9974 | 181 | #endif |
728beb28 | 182 | return 0; |
11c3a4ee | 183 | } |