]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/udev/udev-rules.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core,journald: use quoted commandlines
[thirdparty/systemd.git] / src / udev / udev-rules.c
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2
3 #include <ctype.h>
4
5 #include "alloc-util.h"
6 #include "architecture.h"
7 #include "conf-files.h"
8 #include "def.h"
9 #include "device-private.h"
10 #include "device-util.h"
11 #include "dirent-util.h"
12 #include "escape.h"
13 #include "fd-util.h"
14 #include "fileio.h"
15 #include "format-util.h"
16 #include "fs-util.h"
17 #include "glob-util.h"
18 #include "list.h"
19 #include "mkdir.h"
20 #include "nulstr-util.h"
21 #include "parse-util.h"
22 #include "path-util.h"
23 #include "proc-cmdline.h"
24 #include "stat-util.h"
25 #include "strv.h"
26 #include "strxcpyx.h"
27 #include "sysctl-util.h"
28 #include "syslog-util.h"
29 #include "udev-builtin.h"
30 #include "udev-event.h"
31 #include "udev-rules.h"
32 #include "user-util.h"
33 #include "virt.h"
34
35 #define RULES_DIRS (const char* const*) CONF_PATHS_STRV("udev/rules.d")
36
37 typedef enum {
38 OP_MATCH, /* == */
39 OP_NOMATCH, /* != */
40 OP_ADD, /* += */
41 OP_REMOVE, /* -= */
42 OP_ASSIGN, /* = */
43 OP_ASSIGN_FINAL, /* := */
44 _OP_TYPE_MAX,
45 _OP_TYPE_INVALID = -EINVAL,
46 } UdevRuleOperatorType;
47
48 typedef enum {
49 MATCH_TYPE_EMPTY, /* empty string */
50 MATCH_TYPE_PLAIN, /* no special characters */
51 MATCH_TYPE_PLAIN_WITH_EMPTY, /* no special characters with empty string, e.g., "|foo" */
52 MATCH_TYPE_GLOB, /* shell globs ?,*,[] */
53 MATCH_TYPE_GLOB_WITH_EMPTY, /* shell globs ?,*,[] with empty string, e.g., "|foo*" */
54 MATCH_TYPE_SUBSYSTEM, /* "subsystem", "bus", or "class" */
55 _MATCH_TYPE_MAX,
56 _MATCH_TYPE_INVALID = -EINVAL,
57 } UdevRuleMatchType;
58
59 typedef enum {
60 SUBST_TYPE_PLAIN, /* no substitution */
61 SUBST_TYPE_FORMAT, /* % or $ */
62 SUBST_TYPE_SUBSYS, /* "[<SUBSYSTEM>/<KERNEL>]<attribute>" format */
63 _SUBST_TYPE_MAX,
64 _SUBST_TYPE_INVALID = -EINVAL,
65 } UdevRuleSubstituteType;
66
67 typedef enum {
68 /* lvalues which take match or nomatch operator */
69 TK_M_ACTION, /* string, device_get_action() */
70 TK_M_DEVPATH, /* path, sd_device_get_devpath() */
71 TK_M_KERNEL, /* string, sd_device_get_sysname() */
72 TK_M_DEVLINK, /* strv, sd_device_get_devlink_first(), sd_device_get_devlink_next() */
73 TK_M_NAME, /* string, name of network interface */
74 TK_M_ENV, /* string, device property, takes key through attribute */
75 TK_M_CONST, /* string, system-specific hard-coded constant */
76 TK_M_TAG, /* strv, sd_device_get_tag_first(), sd_device_get_tag_next() */
77 TK_M_SUBSYSTEM, /* string, sd_device_get_subsystem() */
78 TK_M_DRIVER, /* string, sd_device_get_driver() */
79 TK_M_ATTR, /* string, takes filename through attribute, sd_device_get_sysattr_value(), udev_resolve_subsys_kernel(), etc. */
80 TK_M_SYSCTL, /* string, takes kernel parameter through attribute */
81
82 /* matches parent parameters */
83 TK_M_PARENTS_KERNEL, /* string */
84 TK_M_PARENTS_SUBSYSTEM, /* string */
85 TK_M_PARENTS_DRIVER, /* string */
86 TK_M_PARENTS_ATTR, /* string */
87 TK_M_PARENTS_TAG, /* strv */
88
89 TK_M_TEST, /* path, optionally mode_t can be specified by attribute, test the existence of a file */
90 TK_M_PROGRAM, /* string, execute a program */
91 TK_M_IMPORT_FILE, /* path */
92 TK_M_IMPORT_PROGRAM, /* string, import properties from the result of program */
93 TK_M_IMPORT_BUILTIN, /* string, import properties from the result of built-in command */
94 TK_M_IMPORT_DB, /* string, import properties from database */
95 TK_M_IMPORT_CMDLINE, /* string, kernel command line */
96 TK_M_IMPORT_PARENT, /* string, parent property */
97 TK_M_RESULT, /* string, result of TK_M_PROGRAM */
98
99 #define _TK_M_MAX (TK_M_RESULT + 1)
100 #define _TK_A_MIN _TK_M_MAX
101
102 /* lvalues which take one of assign operators */
103 TK_A_OPTIONS_STRING_ESCAPE_NONE, /* no argument */
104 TK_A_OPTIONS_STRING_ESCAPE_REPLACE, /* no argument */
105 TK_A_OPTIONS_DB_PERSIST, /* no argument */
106 TK_A_OPTIONS_INOTIFY_WATCH, /* boolean */
107 TK_A_OPTIONS_DEVLINK_PRIORITY, /* int */
108 TK_A_OPTIONS_LOG_LEVEL, /* string of log level or "reset" */
109 TK_A_OWNER, /* user name */
110 TK_A_GROUP, /* group name */
111 TK_A_MODE, /* mode string */
112 TK_A_OWNER_ID, /* uid_t */
113 TK_A_GROUP_ID, /* gid_t */
114 TK_A_MODE_ID, /* mode_t */
115 TK_A_TAG, /* string */
116 TK_A_OPTIONS_STATIC_NODE, /* device path, /dev/... */
117 TK_A_SECLABEL, /* string with attribute */
118 TK_A_ENV, /* string with attribute */
119 TK_A_NAME, /* ifname */
120 TK_A_DEVLINK, /* string */
121 TK_A_ATTR, /* string with attribute */
122 TK_A_SYSCTL, /* string with attribute */
123 TK_A_RUN_BUILTIN, /* string */
124 TK_A_RUN_PROGRAM, /* string */
125
126 _TK_TYPE_MAX,
127 _TK_TYPE_INVALID = -EINVAL,
128 } UdevRuleTokenType;
129
130 typedef enum {
131 LINE_HAS_NAME = 1 << 0, /* has NAME= */
132 LINE_HAS_DEVLINK = 1 << 1, /* has SYMLINK=, OWNER=, GROUP= or MODE= */
133 LINE_HAS_STATIC_NODE = 1 << 2, /* has OPTIONS=static_node */
134 LINE_HAS_GOTO = 1 << 3, /* has GOTO= */
135 LINE_HAS_LABEL = 1 << 4, /* has LABEL= */
136 LINE_UPDATE_SOMETHING = 1 << 5, /* has other TK_A_* or TK_M_IMPORT tokens */
137 } UdevRuleLineType;
138
139 typedef struct UdevRuleFile UdevRuleFile;
140 typedef struct UdevRuleLine UdevRuleLine;
141 typedef struct UdevRuleToken UdevRuleToken;
142
143 struct UdevRuleToken {
144 UdevRuleTokenType type:8;
145 UdevRuleOperatorType op:8;
146 UdevRuleMatchType match_type:8;
147 UdevRuleSubstituteType attr_subst_type:7;
148 bool attr_match_remove_trailing_whitespace:1;
149 const char *value;
150 void *data;
151 LIST_FIELDS(UdevRuleToken, tokens);
152 };
153
154 struct UdevRuleLine {
155 char *line;
156 unsigned line_number;
157 UdevRuleLineType type;
158
159 const char *label;
160 const char *goto_label;
161 UdevRuleLine *goto_line;
162
163 UdevRuleFile *rule_file;
164 UdevRuleToken *current_token;
165 LIST_HEAD(UdevRuleToken, tokens);
166 LIST_FIELDS(UdevRuleLine, rule_lines);
167 };
168
169 struct UdevRuleFile {
170 char *filename;
171 UdevRuleLine *current_line;
172 LIST_HEAD(UdevRuleLine, rule_lines);
173 LIST_FIELDS(UdevRuleFile, rule_files);
174 };
175
176 struct UdevRules {
177 usec_t dirs_ts_usec;
178 ResolveNameTiming resolve_name_timing;
179 Hashmap *known_users;
180 Hashmap *known_groups;
181 UdevRuleFile *current_file;
182 LIST_HEAD(UdevRuleFile, rule_files);
183 };
184
185 /*** Logging helpers ***/
186
187 #define log_rule_full_errno(device, rules, level, error, fmt, ...) \
188 ({ \
189 UdevRules *_r = (rules); \
190 UdevRuleFile *_f = _r ? _r->current_file : NULL; \
191 UdevRuleLine *_l = _f ? _f->current_line : NULL; \
192 const char *_n = _f ? _f->filename : NULL; \
193 \
194 log_device_full_errno(device, level, error, "%s:%u " fmt, \
195 strna(_n), _l ? _l->line_number : 0, \
196 ##__VA_ARGS__); \
197 })
198
199 #define log_rule_full(device, rules, level, ...) (void) log_rule_full_errno(device, rules, level, 0, __VA_ARGS__)
200
201 #define log_rule_debug(device, rules, ...) log_rule_full_errno(device, rules, LOG_DEBUG, 0, __VA_ARGS__)
202 #define log_rule_info(device, rules, ...) log_rule_full(device, rules, LOG_INFO, __VA_ARGS__)
203 #define log_rule_notice(device, rules, ...) log_rule_full(device, rules, LOG_NOTICE, __VA_ARGS__)
204 #define log_rule_warning(device, rules, ...) log_rule_full(device, rules, LOG_WARNING, __VA_ARGS__)
205 #define log_rule_error(device, rules, ...) log_rule_full(device, rules, LOG_ERR, __VA_ARGS__)
206
207 #define log_rule_debug_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_DEBUG, error, __VA_ARGS__)
208 #define log_rule_info_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_INFO, error, __VA_ARGS__)
209 #define log_rule_notice_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_NOTICE, error, __VA_ARGS__)
210 #define log_rule_warning_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_WARNING, error, __VA_ARGS__)
211 #define log_rule_error_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_ERR, error, __VA_ARGS__)
212
213 #define log_token_full_errno(rules, level, error, ...) log_rule_full_errno(NULL, rules, level, error, __VA_ARGS__)
214 #define log_token_full(rules, level, ...) (void) log_token_full_errno(rules, level, 0, __VA_ARGS__)
215
216 #define log_token_debug(rules, ...) log_token_full_errno(rules, LOG_DEBUG, 0, __VA_ARGS__)
217 #define log_token_info(rules, ...) log_token_full(rules, LOG_INFO, __VA_ARGS__)
218 #define log_token_notice(rules, ...) log_token_full(rules, LOG_NOTICE, __VA_ARGS__)
219 #define log_token_warning(rules, ...) log_token_full(rules, LOG_WARNING, __VA_ARGS__)
220 #define log_token_error(rules, ...) log_token_full(rules, LOG_ERR, __VA_ARGS__)
221
222 #define log_token_debug_errno(rules, error, ...) log_token_full_errno(rules, LOG_DEBUG, error, __VA_ARGS__)
223 #define log_token_info_errno(rules, error, ...) log_token_full_errno(rules, LOG_INFO, error, __VA_ARGS__)
224 #define log_token_notice_errno(rules, error, ...) log_token_full_errno(rules, LOG_NOTICE, error, __VA_ARGS__)
225 #define log_token_warning_errno(rules, error, ...) log_token_full_errno(rules, LOG_WARNING, error, __VA_ARGS__)
226 #define log_token_error_errno(rules, error, ...) log_token_full_errno(rules, LOG_ERR, error, __VA_ARGS__)
227
228 #define _log_token_invalid(rules, key, type) \
229 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
230 "Invalid %s for %s.", type, key)
231
232 #define log_token_invalid_op(rules, key) _log_token_invalid(rules, key, "operator")
233 #define log_token_invalid_attr(rules, key) _log_token_invalid(rules, key, "attribute")
234
235 #define log_token_invalid_attr_format(rules, key, attr, offset, hint) \
236 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
237 "Invalid attribute \"%s\" for %s (char %zu: %s), ignoring, but please fix it.", \
238 attr, key, offset, hint)
239 #define log_token_invalid_value(rules, key, value, offset, hint) \
240 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
241 "Invalid value \"%s\" for %s (char %zu: %s), ignoring, but please fix it.", \
242 value, key, offset, hint)
243
244 static void log_unknown_owner(sd_device *dev, UdevRules *rules, int error, const char *entity, const char *name) {
245 if (IN_SET(abs(error), ENOENT, ESRCH))
246 log_rule_error(dev, rules, "Unknown %s '%s', ignoring", entity, name);
247 else
248 log_rule_error_errno(dev, rules, error, "Failed to resolve %s '%s', ignoring: %m", entity, name);
249 }
250
251 /*** Other functions ***/
252
253 static void udev_rule_token_free(UdevRuleToken *token) {
254 free(token);
255 }
256
257 static void udev_rule_line_clear_tokens(UdevRuleLine *rule_line) {
258 UdevRuleToken *i, *next;
259
260 assert(rule_line);
261
262 LIST_FOREACH_SAFE(tokens, i, next, rule_line->tokens)
263 udev_rule_token_free(i);
264
265 rule_line->tokens = NULL;
266 }
267
268 static UdevRuleLine* udev_rule_line_free(UdevRuleLine *rule_line) {
269 if (!rule_line)
270 return NULL;
271
272 udev_rule_line_clear_tokens(rule_line);
273
274 if (rule_line->rule_file) {
275 if (rule_line->rule_file->current_line == rule_line)
276 rule_line->rule_file->current_line = rule_line->rule_lines_prev;
277
278 LIST_REMOVE(rule_lines, rule_line->rule_file->rule_lines, rule_line);
279 }
280
281 free(rule_line->line);
282 return mfree(rule_line);
283 }
284
285 DEFINE_TRIVIAL_CLEANUP_FUNC(UdevRuleLine*, udev_rule_line_free);
286
287 static void udev_rule_file_free(UdevRuleFile *rule_file) {
288 UdevRuleLine *i, *next;
289
290 if (!rule_file)
291 return;
292
293 LIST_FOREACH_SAFE(rule_lines, i, next, rule_file->rule_lines)
294 udev_rule_line_free(i);
295
296 free(rule_file->filename);
297 free(rule_file);
298 }
299
300 UdevRules *udev_rules_free(UdevRules *rules) {
301 UdevRuleFile *i, *next;
302
303 if (!rules)
304 return NULL;
305
306 LIST_FOREACH_SAFE(rule_files, i, next, rules->rule_files)
307 udev_rule_file_free(i);
308
309 hashmap_free_free_key(rules->known_users);
310 hashmap_free_free_key(rules->known_groups);
311 return mfree(rules);
312 }
313
314 static int rule_resolve_user(UdevRules *rules, const char *name, uid_t *ret) {
315 _cleanup_free_ char *n = NULL;
316 uid_t uid;
317 void *val;
318 int r;
319
320 assert(rules);
321 assert(name);
322
323 val = hashmap_get(rules->known_users, name);
324 if (val) {
325 *ret = PTR_TO_UID(val);
326 return 0;
327 }
328
329 r = get_user_creds(&name, &uid, NULL, NULL, NULL, USER_CREDS_ALLOW_MISSING);
330 if (r < 0) {
331 log_unknown_owner(NULL, rules, r, "user", name);
332 *ret = UID_INVALID;
333 return 0;
334 }
335
336 n = strdup(name);
337 if (!n)
338 return -ENOMEM;
339
340 r = hashmap_ensure_put(&rules->known_users, &string_hash_ops, n, UID_TO_PTR(uid));
341 if (r < 0)
342 return r;
343
344 TAKE_PTR(n);
345 *ret = uid;
346 return 0;
347 }
348
349 static int rule_resolve_group(UdevRules *rules, const char *name, gid_t *ret) {
350 _cleanup_free_ char *n = NULL;
351 gid_t gid;
352 void *val;
353 int r;
354
355 assert(rules);
356 assert(name);
357
358 val = hashmap_get(rules->known_groups, name);
359 if (val) {
360 *ret = PTR_TO_GID(val);
361 return 0;
362 }
363
364 r = get_group_creds(&name, &gid, USER_CREDS_ALLOW_MISSING);
365 if (r < 0) {
366 log_unknown_owner(NULL, rules, r, "group", name);
367 *ret = GID_INVALID;
368 return 0;
369 }
370
371 n = strdup(name);
372 if (!n)
373 return -ENOMEM;
374
375 r = hashmap_ensure_put(&rules->known_groups, &string_hash_ops, n, GID_TO_PTR(gid));
376 if (r < 0)
377 return r;
378
379 TAKE_PTR(n);
380 *ret = gid;
381 return 0;
382 }
383
384 static UdevRuleSubstituteType rule_get_substitution_type(const char *str) {
385 assert(str);
386
387 if (str[0] == '[')
388 return SUBST_TYPE_SUBSYS;
389 if (strchr(str, '%') || strchr(str, '$'))
390 return SUBST_TYPE_FORMAT;
391 return SUBST_TYPE_PLAIN;
392 }
393
394 static void rule_line_append_token(UdevRuleLine *rule_line, UdevRuleToken *token) {
395 assert(rule_line);
396 assert(token);
397
398 if (rule_line->current_token)
399 LIST_APPEND(tokens, rule_line->current_token, token);
400 else
401 LIST_APPEND(tokens, rule_line->tokens, token);
402
403 rule_line->current_token = token;
404 }
405
406 static int rule_line_add_token(UdevRuleLine *rule_line, UdevRuleTokenType type, UdevRuleOperatorType op, char *value, void *data) {
407 UdevRuleToken *token;
408 UdevRuleMatchType match_type = _MATCH_TYPE_INVALID;
409 UdevRuleSubstituteType subst_type = _SUBST_TYPE_INVALID;
410 bool remove_trailing_whitespace = false;
411 size_t len;
412
413 assert(rule_line);
414 assert(type >= 0 && type < _TK_TYPE_MAX);
415 assert(op >= 0 && op < _OP_TYPE_MAX);
416
417 if (type < _TK_M_MAX) {
418 assert(value);
419 assert(IN_SET(op, OP_MATCH, OP_NOMATCH));
420
421 if (type == TK_M_SUBSYSTEM && STR_IN_SET(value, "subsystem", "bus", "class"))
422 match_type = MATCH_TYPE_SUBSYSTEM;
423 else if (isempty(value))
424 match_type = MATCH_TYPE_EMPTY;
425 else if (streq(value, "?*")) {
426 /* Convert KEY=="?*" -> KEY!="" */
427 match_type = MATCH_TYPE_EMPTY;
428 op = op == OP_MATCH ? OP_NOMATCH : OP_MATCH;
429 } else if (string_is_glob(value))
430 match_type = MATCH_TYPE_GLOB;
431 else
432 match_type = MATCH_TYPE_PLAIN;
433
434 if (type < TK_M_TEST || type == TK_M_RESULT) {
435 /* Convert value string to nulstr. */
436 bool bar = true, empty = false;
437 char *a, *b;
438
439 for (a = b = value; *a != '\0'; a++) {
440 if (*a != '|') {
441 *b++ = *a;
442 bar = false;
443 } else {
444 if (bar)
445 empty = true;
446 else
447 *b++ = '\0';
448 bar = true;
449 }
450 }
451 *b = '\0';
452
453 /* Make sure the value is end, so NULSTR_FOREACH can read correct match */
454 if (b < a)
455 b[1] = '\0';
456
457 if (bar)
458 empty = true;
459
460 if (empty) {
461 if (match_type == MATCH_TYPE_GLOB)
462 match_type = MATCH_TYPE_GLOB_WITH_EMPTY;
463 if (match_type == MATCH_TYPE_PLAIN)
464 match_type = MATCH_TYPE_PLAIN_WITH_EMPTY;
465 }
466 }
467 }
468
469 if (IN_SET(type, TK_M_ATTR, TK_M_PARENTS_ATTR)) {
470 assert(value);
471 assert(data);
472
473 len = strlen(value);
474 if (len > 0 && !isspace(value[len - 1]))
475 remove_trailing_whitespace = true;
476
477 subst_type = rule_get_substitution_type(data);
478 }
479
480 token = new(UdevRuleToken, 1);
481 if (!token)
482 return -ENOMEM;
483
484 *token = (UdevRuleToken) {
485 .type = type,
486 .op = op,
487 .value = value,
488 .data = data,
489 .match_type = match_type,
490 .attr_subst_type = subst_type,
491 .attr_match_remove_trailing_whitespace = remove_trailing_whitespace,
492 };
493
494 rule_line_append_token(rule_line, token);
495
496 if (token->type == TK_A_NAME)
497 SET_FLAG(rule_line->type, LINE_HAS_NAME, true);
498
499 else if (IN_SET(token->type, TK_A_DEVLINK,
500 TK_A_OWNER, TK_A_GROUP, TK_A_MODE,
501 TK_A_OWNER_ID, TK_A_GROUP_ID, TK_A_MODE_ID))
502 SET_FLAG(rule_line->type, LINE_HAS_DEVLINK, true);
503
504 else if (token->type == TK_A_OPTIONS_STATIC_NODE)
505 SET_FLAG(rule_line->type, LINE_HAS_STATIC_NODE, true);
506
507 else if (token->type >= _TK_A_MIN ||
508 IN_SET(token->type, TK_M_PROGRAM,
509 TK_M_IMPORT_FILE, TK_M_IMPORT_PROGRAM, TK_M_IMPORT_BUILTIN,
510 TK_M_IMPORT_DB, TK_M_IMPORT_CMDLINE, TK_M_IMPORT_PARENT))
511 SET_FLAG(rule_line->type, LINE_UPDATE_SOMETHING, true);
512
513 return 0;
514 }
515
516 static void check_value_format_and_warn(UdevRules *rules, const char *key, const char *value, bool nonempty) {
517 size_t offset;
518 const char *hint;
519
520 if (nonempty && isempty(value))
521 log_token_invalid_value(rules, key, value, (size_t) 0, "empty value");
522 else if (udev_check_format(value, &offset, &hint) < 0)
523 log_token_invalid_value(rules, key, value, offset + 1, hint);
524 }
525
526 static int check_attr_format_and_warn(UdevRules *rules, const char *key, const char *value) {
527 size_t offset;
528 const char *hint;
529
530 if (isempty(value))
531 return log_token_invalid_attr(rules, key);
532 if (udev_check_format(value, &offset, &hint) < 0)
533 log_token_invalid_attr_format(rules, key, value, offset + 1, hint);
534 return 0;
535 }
536
537 static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOperatorType op, char *value) {
538 bool is_match = IN_SET(op, OP_MATCH, OP_NOMATCH);
539 UdevRuleLine *rule_line;
540 int r;
541
542 assert(rules);
543 assert(rules->current_file);
544 assert(rules->current_file->current_line);
545 assert(key);
546 assert(value);
547
548 rule_line = rules->current_file->current_line;
549
550 if (streq(key, "ACTION")) {
551 if (attr)
552 return log_token_invalid_attr(rules, key);
553 if (!is_match)
554 return log_token_invalid_op(rules, key);
555
556 r = rule_line_add_token(rule_line, TK_M_ACTION, op, value, NULL);
557 } else if (streq(key, "DEVPATH")) {
558 if (attr)
559 return log_token_invalid_attr(rules, key);
560 if (!is_match)
561 return log_token_invalid_op(rules, key);
562
563 r = rule_line_add_token(rule_line, TK_M_DEVPATH, op, value, NULL);
564 } else if (streq(key, "KERNEL")) {
565 if (attr)
566 return log_token_invalid_attr(rules, key);
567 if (!is_match)
568 return log_token_invalid_op(rules, key);
569
570 r = rule_line_add_token(rule_line, TK_M_KERNEL, op, value, NULL);
571 } else if (streq(key, "SYMLINK")) {
572 if (attr)
573 return log_token_invalid_attr(rules, key);
574 if (op == OP_REMOVE)
575 return log_token_invalid_op(rules, key);
576
577 if (!is_match) {
578 check_value_format_and_warn(rules, key, value, false);
579 r = rule_line_add_token(rule_line, TK_A_DEVLINK, op, value, NULL);
580 } else
581 r = rule_line_add_token(rule_line, TK_M_DEVLINK, op, value, NULL);
582 } else if (streq(key, "NAME")) {
583 if (attr)
584 return log_token_invalid_attr(rules, key);
585 if (op == OP_REMOVE)
586 return log_token_invalid_op(rules, key);
587 if (op == OP_ADD) {
588 log_token_warning(rules, "%s key takes '==', '!=', '=', or ':=' operator, assuming '=', but please fix it.", key);
589 op = OP_ASSIGN;
590 }
591
592 if (!is_match) {
593 if (streq(value, "%k"))
594 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
595 "NAME=\"%%k\" is ignored, as it breaks kernel supplied names.");
596 if (isempty(value))
597 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
598 "Ignoring NAME=\"\", as udev will not delete any device nodes.");
599 check_value_format_and_warn(rules, key, value, false);
600
601 r = rule_line_add_token(rule_line, TK_A_NAME, op, value, NULL);
602 } else
603 r = rule_line_add_token(rule_line, TK_M_NAME, op, value, NULL);
604 } else if (streq(key, "ENV")) {
605 if (isempty(attr))
606 return log_token_invalid_attr(rules, key);
607 if (op == OP_REMOVE)
608 return log_token_invalid_op(rules, key);
609 if (op == OP_ASSIGN_FINAL) {
610 log_token_warning(rules, "%s key takes '==', '!=', '=', or '+=' operator, assuming '=', but please fix it.", key);
611 op = OP_ASSIGN;
612 }
613
614 if (!is_match) {
615 if (STR_IN_SET(attr,
616 "ACTION", "DEVLINKS", "DEVNAME", "DEVPATH", "DEVTYPE", "DRIVER",
617 "IFINDEX", "MAJOR", "MINOR", "SEQNUM", "SUBSYSTEM", "TAGS"))
618 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
619 "Invalid ENV attribute. '%s' cannot be set.", attr);
620
621 check_value_format_and_warn(rules, key, value, false);
622
623 r = rule_line_add_token(rule_line, TK_A_ENV, op, value, attr);
624 } else
625 r = rule_line_add_token(rule_line, TK_M_ENV, op, value, attr);
626 } else if (streq(key, "CONST")) {
627 if (isempty(attr) || !STR_IN_SET(attr, "arch", "virt"))
628 return log_token_invalid_attr(rules, key);
629 if (!is_match)
630 return log_token_invalid_op(rules, key);
631 r = rule_line_add_token(rule_line, TK_M_CONST, op, value, attr);
632 } else if (streq(key, "TAG")) {
633 if (attr)
634 return log_token_invalid_attr(rules, key);
635 if (op == OP_ASSIGN_FINAL) {
636 log_token_warning(rules, "%s key takes '==', '!=', '=', or '+=' operator, assuming '=', but please fix it.", key);
637 op = OP_ASSIGN;
638 }
639
640 if (!is_match) {
641 check_value_format_and_warn(rules, key, value, true);
642
643 r = rule_line_add_token(rule_line, TK_A_TAG, op, value, NULL);
644 } else
645 r = rule_line_add_token(rule_line, TK_M_TAG, op, value, NULL);
646 } else if (streq(key, "SUBSYSTEM")) {
647 if (attr)
648 return log_token_invalid_attr(rules, key);
649 if (!is_match)
650 return log_token_invalid_op(rules, key);
651
652 if (STR_IN_SET(value, "bus", "class"))
653 log_token_warning(rules, "'%s' must be specified as 'subsystem'; please fix it", value);
654
655 r = rule_line_add_token(rule_line, TK_M_SUBSYSTEM, op, value, NULL);
656 } else if (streq(key, "DRIVER")) {
657 if (attr)
658 return log_token_invalid_attr(rules, key);
659 if (!is_match)
660 return log_token_invalid_op(rules, key);
661
662 r = rule_line_add_token(rule_line, TK_M_DRIVER, op, value, NULL);
663 } else if (streq(key, "ATTR")) {
664 r = check_attr_format_and_warn(rules, key, attr);
665 if (r < 0)
666 return r;
667 if (op == OP_REMOVE)
668 return log_token_invalid_op(rules, key);
669 if (IN_SET(op, OP_ADD, OP_ASSIGN_FINAL)) {
670 log_token_warning(rules, "%s key takes '==', '!=', or '=' operator, assuming '=', but please fix it.", key);
671 op = OP_ASSIGN;
672 }
673
674 if (!is_match) {
675 check_value_format_and_warn(rules, key, value, false);
676 r = rule_line_add_token(rule_line, TK_A_ATTR, op, value, attr);
677 } else
678 r = rule_line_add_token(rule_line, TK_M_ATTR, op, value, attr);
679 } else if (streq(key, "SYSCTL")) {
680 r = check_attr_format_and_warn(rules, key, attr);
681 if (r < 0)
682 return r;
683 if (op == OP_REMOVE)
684 return log_token_invalid_op(rules, key);
685 if (IN_SET(op, OP_ADD, OP_ASSIGN_FINAL)) {
686 log_token_warning(rules, "%s key takes '==', '!=', or '=' operator, assuming '=', but please fix it.", key);
687 op = OP_ASSIGN;
688 }
689
690 if (!is_match) {
691 check_value_format_and_warn(rules, key, value, false);
692 r = rule_line_add_token(rule_line, TK_A_SYSCTL, op, value, attr);
693 } else
694 r = rule_line_add_token(rule_line, TK_M_SYSCTL, op, value, attr);
695 } else if (streq(key, "KERNELS")) {
696 if (attr)
697 return log_token_invalid_attr(rules, key);
698 if (!is_match)
699 return log_token_invalid_op(rules, key);
700
701 r = rule_line_add_token(rule_line, TK_M_PARENTS_KERNEL, op, value, NULL);
702 } else if (streq(key, "SUBSYSTEMS")) {
703 if (attr)
704 return log_token_invalid_attr(rules, key);
705 if (!is_match)
706 return log_token_invalid_op(rules, key);
707
708 r = rule_line_add_token(rule_line, TK_M_PARENTS_SUBSYSTEM, op, value, NULL);
709 } else if (streq(key, "DRIVERS")) {
710 if (attr)
711 return log_token_invalid_attr(rules, key);
712 if (!is_match)
713 return log_token_invalid_op(rules, key);
714
715 r = rule_line_add_token(rule_line, TK_M_PARENTS_DRIVER, op, value, NULL);
716 } else if (streq(key, "ATTRS")) {
717 r = check_attr_format_and_warn(rules, key, attr);
718 if (r < 0)
719 return r;
720 if (!is_match)
721 return log_token_invalid_op(rules, key);
722
723 if (startswith(attr, "device/"))
724 log_token_warning(rules, "'device' link may not be available in future kernels; please fix it.");
725 if (strstr(attr, "../"))
726 log_token_warning(rules, "Direct reference to parent sysfs directory, may break in future kernels; please fix it.");
727
728 r = rule_line_add_token(rule_line, TK_M_PARENTS_ATTR, op, value, attr);
729 } else if (streq(key, "TAGS")) {
730 if (attr)
731 return log_token_invalid_attr(rules, key);
732 if (!is_match)
733 return log_token_invalid_op(rules, key);
734
735 r = rule_line_add_token(rule_line, TK_M_PARENTS_TAG, op, value, NULL);
736 } else if (streq(key, "TEST")) {
737 mode_t mode = MODE_INVALID;
738
739 if (!isempty(attr)) {
740 r = parse_mode(attr, &mode);
741 if (r < 0)
742 return log_token_error_errno(rules, r, "Failed to parse mode '%s': %m", attr);
743 }
744 check_value_format_and_warn(rules, key, value, true);
745 if (!is_match)
746 return log_token_invalid_op(rules, key);
747
748 r = rule_line_add_token(rule_line, TK_M_TEST, op, value, MODE_TO_PTR(mode));
749 } else if (streq(key, "PROGRAM")) {
750 if (attr)
751 return log_token_invalid_attr(rules, key);
752 check_value_format_and_warn(rules, key, value, true);
753 if (op == OP_REMOVE)
754 return log_token_invalid_op(rules, key);
755 if (!is_match)
756 op = OP_MATCH;
757
758 r = rule_line_add_token(rule_line, TK_M_PROGRAM, op, value, NULL);
759 } else if (streq(key, "IMPORT")) {
760 if (isempty(attr))
761 return log_token_invalid_attr(rules, key);
762 check_value_format_and_warn(rules, key, value, true);
763 if (op == OP_REMOVE)
764 return log_token_invalid_op(rules, key);
765 if (!is_match)
766 op = OP_MATCH;
767
768 if (streq(attr, "file"))
769 r = rule_line_add_token(rule_line, TK_M_IMPORT_FILE, op, value, NULL);
770 else if (streq(attr, "program")) {
771 UdevBuiltinCommand cmd;
772
773 cmd = udev_builtin_lookup(value);
774 if (cmd >= 0) {
775 log_token_debug(rules,"Found builtin command '%s' for %s, replacing attribute", value, key);
776 r = rule_line_add_token(rule_line, TK_M_IMPORT_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
777 } else
778 r = rule_line_add_token(rule_line, TK_M_IMPORT_PROGRAM, op, value, NULL);
779 } else if (streq(attr, "builtin")) {
780 UdevBuiltinCommand cmd;
781
782 cmd = udev_builtin_lookup(value);
783 if (cmd < 0)
784 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
785 "Unknown builtin command: %s", value);
786 r = rule_line_add_token(rule_line, TK_M_IMPORT_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
787 } else if (streq(attr, "db"))
788 r = rule_line_add_token(rule_line, TK_M_IMPORT_DB, op, value, NULL);
789 else if (streq(attr, "cmdline"))
790 r = rule_line_add_token(rule_line, TK_M_IMPORT_CMDLINE, op, value, NULL);
791 else if (streq(attr, "parent"))
792 r = rule_line_add_token(rule_line, TK_M_IMPORT_PARENT, op, value, NULL);
793 else
794 return log_token_invalid_attr(rules, key);
795 } else if (streq(key, "RESULT")) {
796 if (attr)
797 return log_token_invalid_attr(rules, key);
798 if (!is_match)
799 return log_token_invalid_op(rules, key);
800
801 r = rule_line_add_token(rule_line, TK_M_RESULT, op, value, NULL);
802 } else if (streq(key, "OPTIONS")) {
803 char *tmp;
804
805 if (attr)
806 return log_token_invalid_attr(rules, key);
807 if (is_match || op == OP_REMOVE)
808 return log_token_invalid_op(rules, key);
809 if (op == OP_ADD)
810 op = OP_ASSIGN;
811
812 if (streq(value, "string_escape=none"))
813 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STRING_ESCAPE_NONE, op, NULL, NULL);
814 else if (streq(value, "string_escape=replace"))
815 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STRING_ESCAPE_REPLACE, op, NULL, NULL);
816 else if (streq(value, "db_persist"))
817 r = rule_line_add_token(rule_line, TK_A_OPTIONS_DB_PERSIST, op, NULL, NULL);
818 else if (streq(value, "watch"))
819 r = rule_line_add_token(rule_line, TK_A_OPTIONS_INOTIFY_WATCH, op, NULL, INT_TO_PTR(1));
820 else if (streq(value, "nowatch"))
821 r = rule_line_add_token(rule_line, TK_A_OPTIONS_INOTIFY_WATCH, op, NULL, INT_TO_PTR(0));
822 else if ((tmp = startswith(value, "static_node=")))
823 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STATIC_NODE, op, tmp, NULL);
824 else if ((tmp = startswith(value, "link_priority="))) {
825 int prio;
826
827 r = safe_atoi(tmp, &prio);
828 if (r < 0)
829 return log_token_error_errno(rules, r, "Failed to parse link priority '%s': %m", tmp);
830 r = rule_line_add_token(rule_line, TK_A_OPTIONS_DEVLINK_PRIORITY, op, NULL, INT_TO_PTR(prio));
831 } else if ((tmp = startswith(value, "log_level="))) {
832 int level;
833
834 if (streq(tmp, "reset"))
835 level = -1;
836 else {
837 level = log_level_from_string(tmp);
838 if (level < 0)
839 return log_token_error_errno(rules, level, "Failed to parse log level '%s': %m", tmp);
840 }
841 r = rule_line_add_token(rule_line, TK_A_OPTIONS_LOG_LEVEL, op, NULL, INT_TO_PTR(level));
842 } else {
843 log_token_warning(rules, "Invalid value for OPTIONS key, ignoring: '%s'", value);
844 return 0;
845 }
846 } else if (streq(key, "OWNER")) {
847 uid_t uid;
848
849 if (attr)
850 return log_token_invalid_attr(rules, key);
851 if (is_match || op == OP_REMOVE)
852 return log_token_invalid_op(rules, key);
853 if (op == OP_ADD) {
854 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
855 op = OP_ASSIGN;
856 }
857
858 if (parse_uid(value, &uid) >= 0)
859 r = rule_line_add_token(rule_line, TK_A_OWNER_ID, op, NULL, UID_TO_PTR(uid));
860 else if (rules->resolve_name_timing == RESOLVE_NAME_EARLY &&
861 rule_get_substitution_type(value) == SUBST_TYPE_PLAIN) {
862 r = rule_resolve_user(rules, value, &uid);
863 if (r < 0)
864 return log_token_error_errno(rules, r, "Failed to resolve user name '%s': %m", value);
865
866 r = rule_line_add_token(rule_line, TK_A_OWNER_ID, op, NULL, UID_TO_PTR(uid));
867 } else if (rules->resolve_name_timing != RESOLVE_NAME_NEVER) {
868 check_value_format_and_warn(rules, key, value, true);
869 r = rule_line_add_token(rule_line, TK_A_OWNER, op, value, NULL);
870 } else {
871 log_token_debug(rules, "User name resolution is disabled, ignoring %s=%s", key, value);
872 return 0;
873 }
874 } else if (streq(key, "GROUP")) {
875 gid_t gid;
876
877 if (attr)
878 return log_token_invalid_attr(rules, key);
879 if (is_match || op == OP_REMOVE)
880 return log_token_invalid_op(rules, key);
881 if (op == OP_ADD) {
882 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
883 op = OP_ASSIGN;
884 }
885
886 if (parse_gid(value, &gid) >= 0)
887 r = rule_line_add_token(rule_line, TK_A_GROUP_ID, op, NULL, GID_TO_PTR(gid));
888 else if (rules->resolve_name_timing == RESOLVE_NAME_EARLY &&
889 rule_get_substitution_type(value) == SUBST_TYPE_PLAIN) {
890 r = rule_resolve_group(rules, value, &gid);
891 if (r < 0)
892 return log_token_error_errno(rules, r, "Failed to resolve group name '%s': %m", value);
893
894 r = rule_line_add_token(rule_line, TK_A_GROUP_ID, op, NULL, GID_TO_PTR(gid));
895 } else if (rules->resolve_name_timing != RESOLVE_NAME_NEVER) {
896 check_value_format_and_warn(rules, key, value, true);
897 r = rule_line_add_token(rule_line, TK_A_GROUP, op, value, NULL);
898 } else {
899 log_token_debug(rules, "Resolving group name is disabled, ignoring %s=%s", key, value);
900 return 0;
901 }
902 } else if (streq(key, "MODE")) {
903 mode_t mode;
904
905 if (attr)
906 return log_token_invalid_attr(rules, key);
907 if (is_match || op == OP_REMOVE)
908 return log_token_invalid_op(rules, key);
909 if (op == OP_ADD) {
910 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
911 op = OP_ASSIGN;
912 }
913
914 if (parse_mode(value, &mode) >= 0)
915 r = rule_line_add_token(rule_line, TK_A_MODE_ID, op, NULL, MODE_TO_PTR(mode));
916 else {
917 check_value_format_and_warn(rules, key, value, true);
918 r = rule_line_add_token(rule_line, TK_A_MODE, op, value, NULL);
919 }
920 } else if (streq(key, "SECLABEL")) {
921 if (isempty(attr))
922 return log_token_invalid_attr(rules, key);
923 check_value_format_and_warn(rules, key, value, true);
924 if (is_match || op == OP_REMOVE)
925 return log_token_invalid_op(rules, key);
926 if (op == OP_ASSIGN_FINAL) {
927 log_token_warning(rules, "%s key takes '=' or '+=' operator, assuming '=', but please fix it.", key);
928 op = OP_ASSIGN;
929 }
930
931 r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, attr);
932 } else if (streq(key, "RUN")) {
933 if (is_match || op == OP_REMOVE)
934 return log_token_invalid_op(rules, key);
935 check_value_format_and_warn(rules, key, value, true);
936 if (!attr || streq(attr, "program"))
937 r = rule_line_add_token(rule_line, TK_A_RUN_PROGRAM, op, value, NULL);
938 else if (streq(attr, "builtin")) {
939 UdevBuiltinCommand cmd;
940
941 cmd = udev_builtin_lookup(value);
942 if (cmd < 0)
943 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
944 "Unknown builtin command '%s', ignoring", value);
945 r = rule_line_add_token(rule_line, TK_A_RUN_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
946 } else
947 return log_token_invalid_attr(rules, key);
948 } else if (streq(key, "GOTO")) {
949 if (attr)
950 return log_token_invalid_attr(rules, key);
951 if (op != OP_ASSIGN)
952 return log_token_invalid_op(rules, key);
953 if (FLAGS_SET(rule_line->type, LINE_HAS_GOTO)) {
954 log_token_warning(rules, "Contains multiple GOTO keys, ignoring GOTO=\"%s\".", value);
955 return 0;
956 }
957
958 rule_line->goto_label = value;
959 SET_FLAG(rule_line->type, LINE_HAS_GOTO, true);
960 return 1;
961 } else if (streq(key, "LABEL")) {
962 if (attr)
963 return log_token_invalid_attr(rules, key);
964 if (op != OP_ASSIGN)
965 return log_token_invalid_op(rules, key);
966
967 rule_line->label = value;
968 SET_FLAG(rule_line->type, LINE_HAS_LABEL, true);
969 return 1;
970 } else
971 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), "Invalid key '%s'", key);
972 if (r < 0)
973 return log_oom();
974
975 return 1;
976 }
977
978 static UdevRuleOperatorType parse_operator(const char *op) {
979 assert(op);
980
981 if (startswith(op, "=="))
982 return OP_MATCH;
983 if (startswith(op, "!="))
984 return OP_NOMATCH;
985 if (startswith(op, "+="))
986 return OP_ADD;
987 if (startswith(op, "-="))
988 return OP_REMOVE;
989 if (startswith(op, "="))
990 return OP_ASSIGN;
991 if (startswith(op, ":="))
992 return OP_ASSIGN_FINAL;
993
994 return _OP_TYPE_INVALID;
995 }
996
997 static int parse_line(char **line, char **ret_key, char **ret_attr, UdevRuleOperatorType *ret_op, char **ret_value) {
998 char *key_begin, *key_end, *attr, *tmp;
999 UdevRuleOperatorType op;
1000 int r;
1001
1002 assert(line);
1003 assert(*line);
1004 assert(ret_key);
1005 assert(ret_op);
1006 assert(ret_value);
1007
1008 key_begin = skip_leading_chars(*line, WHITESPACE ",");
1009
1010 if (isempty(key_begin))
1011 return 0;
1012
1013 for (key_end = key_begin; ; key_end++) {
1014 if (key_end[0] == '\0')
1015 return -EINVAL;
1016 if (strchr(WHITESPACE "={", key_end[0]))
1017 break;
1018 if (strchr("+-!:", key_end[0]) && key_end[1] == '=')
1019 break;
1020 }
1021 if (key_end[0] == '{') {
1022 attr = key_end + 1;
1023 tmp = strchr(attr, '}');
1024 if (!tmp)
1025 return -EINVAL;
1026 *tmp++ = '\0';
1027 } else {
1028 attr = NULL;
1029 tmp = key_end;
1030 }
1031
1032 tmp = skip_leading_chars(tmp, NULL);
1033 op = parse_operator(tmp);
1034 if (op < 0)
1035 return -EINVAL;
1036
1037 key_end[0] = '\0';
1038
1039 tmp += op == OP_ASSIGN ? 1 : 2;
1040 tmp = skip_leading_chars(tmp, NULL);
1041 r = udev_rule_parse_value(tmp, ret_value, line);
1042 if (r < 0)
1043 return r;
1044
1045 *ret_key = key_begin;
1046 *ret_attr = attr;
1047 *ret_op = op;
1048 return 1;
1049 }
1050
1051 static void sort_tokens(UdevRuleLine *rule_line) {
1052 UdevRuleToken *head_old;
1053
1054 assert(rule_line);
1055
1056 head_old = TAKE_PTR(rule_line->tokens);
1057 rule_line->current_token = NULL;
1058
1059 while (!LIST_IS_EMPTY(head_old)) {
1060 UdevRuleToken *t, *min_token = NULL;
1061
1062 LIST_FOREACH(tokens, t, head_old)
1063 if (!min_token || min_token->type > t->type)
1064 min_token = t;
1065
1066 LIST_REMOVE(tokens, head_old, min_token);
1067 rule_line_append_token(rule_line, min_token);
1068 }
1069 }
1070
1071 static int rule_add_line(UdevRules *rules, const char *line_str, unsigned line_nr) {
1072 _cleanup_(udev_rule_line_freep) UdevRuleLine *rule_line = NULL;
1073 _cleanup_free_ char *line = NULL;
1074 UdevRuleFile *rule_file;
1075 char *p;
1076 int r;
1077
1078 assert(rules);
1079 assert(rules->current_file);
1080 assert(line_str);
1081
1082 rule_file = rules->current_file;
1083
1084 if (isempty(line_str))
1085 return 0;
1086
1087 /* We use memdup_suffix0() here, since we want to add a second NUL byte to the end, since possibly
1088 * some parsers might turn this into a "nulstr", which requires an extra NUL at the end. */
1089 line = memdup_suffix0(line_str, strlen(line_str) + 1);
1090 if (!line)
1091 return log_oom();
1092
1093 rule_line = new(UdevRuleLine, 1);
1094 if (!rule_line)
1095 return log_oom();
1096
1097 *rule_line = (UdevRuleLine) {
1098 .line = TAKE_PTR(line),
1099 .line_number = line_nr,
1100 .rule_file = rule_file,
1101 };
1102
1103 if (rule_file->current_line)
1104 LIST_APPEND(rule_lines, rule_file->current_line, rule_line);
1105 else
1106 LIST_APPEND(rule_lines, rule_file->rule_lines, rule_line);
1107
1108 rule_file->current_line = rule_line;
1109
1110 for (p = rule_line->line; !isempty(p); ) {
1111 char *key, *attr, *value;
1112 UdevRuleOperatorType op;
1113
1114 r = parse_line(&p, &key, &attr, &op, &value);
1115 if (r < 0)
1116 return log_token_error_errno(rules, r, "Invalid key/value pair, ignoring.");
1117 if (r == 0)
1118 break;
1119
1120 r = parse_token(rules, key, attr, op, value);
1121 if (r < 0)
1122 return r;
1123 }
1124
1125 if (rule_line->type == 0) {
1126 log_token_warning(rules, "The line takes no effect, ignoring.");
1127 return 0;
1128 }
1129
1130 sort_tokens(rule_line);
1131 TAKE_PTR(rule_line);
1132 return 0;
1133 }
1134
1135 static void rule_resolve_goto(UdevRuleFile *rule_file) {
1136 UdevRuleLine *line, *line_next, *i;
1137
1138 assert(rule_file);
1139
1140 /* link GOTOs to LABEL rules in this file to be able to fast-forward */
1141 LIST_FOREACH_SAFE(rule_lines, line, line_next, rule_file->rule_lines) {
1142 if (!FLAGS_SET(line->type, LINE_HAS_GOTO))
1143 continue;
1144
1145 LIST_FOREACH_AFTER(rule_lines, i, line)
1146 if (streq_ptr(i->label, line->goto_label)) {
1147 line->goto_line = i;
1148 break;
1149 }
1150
1151 if (!line->goto_line) {
1152 log_error("%s:%u: GOTO=\"%s\" has no matching label, ignoring",
1153 rule_file->filename, line->line_number, line->goto_label);
1154
1155 SET_FLAG(line->type, LINE_HAS_GOTO, false);
1156 line->goto_label = NULL;
1157
1158 if ((line->type & ~LINE_HAS_LABEL) == 0) {
1159 log_notice("%s:%u: The line takes no effect any more, dropping",
1160 rule_file->filename, line->line_number);
1161 if (line->type == LINE_HAS_LABEL)
1162 udev_rule_line_clear_tokens(line);
1163 else
1164 udev_rule_line_free(line);
1165 }
1166 }
1167 }
1168 }
1169
1170 int udev_rules_parse_file(UdevRules *rules, const char *filename) {
1171 _cleanup_free_ char *continuation = NULL, *name = NULL;
1172 _cleanup_fclose_ FILE *f = NULL;
1173 UdevRuleFile *rule_file;
1174 bool ignore_line = false;
1175 unsigned line_nr = 0;
1176 int r;
1177
1178 f = fopen(filename, "re");
1179 if (!f) {
1180 if (errno == ENOENT)
1181 return 0;
1182
1183 return -errno;
1184 }
1185
1186 (void) fd_warn_permissions(filename, fileno(f));
1187
1188 if (null_or_empty_fd(fileno(f))) {
1189 log_debug("Skipping empty file: %s", filename);
1190 return 0;
1191 }
1192
1193 log_debug("Reading rules file: %s", filename);
1194
1195 name = strdup(filename);
1196 if (!name)
1197 return log_oom();
1198
1199 rule_file = new(UdevRuleFile, 1);
1200 if (!rule_file)
1201 return log_oom();
1202
1203 *rule_file = (UdevRuleFile) {
1204 .filename = TAKE_PTR(name),
1205 };
1206
1207 if (rules->current_file)
1208 LIST_APPEND(rule_files, rules->current_file, rule_file);
1209 else
1210 LIST_APPEND(rule_files, rules->rule_files, rule_file);
1211
1212 rules->current_file = rule_file;
1213
1214 for (;;) {
1215 _cleanup_free_ char *buf = NULL;
1216 size_t len;
1217 char *line;
1218
1219 r = read_line(f, UDEV_LINE_SIZE, &buf);
1220 if (r < 0)
1221 return r;
1222 if (r == 0)
1223 break;
1224
1225 line_nr++;
1226 line = skip_leading_chars(buf, NULL);
1227
1228 if (line[0] == '#')
1229 continue;
1230
1231 len = strlen(line);
1232
1233 if (continuation && !ignore_line) {
1234 if (strlen(continuation) + len >= UDEV_LINE_SIZE)
1235 ignore_line = true;
1236
1237 if (!strextend(&continuation, line))
1238 return log_oom();
1239
1240 if (!ignore_line) {
1241 line = continuation;
1242 len = strlen(line);
1243 }
1244 }
1245
1246 if (len > 0 && line[len - 1] == '\\') {
1247 if (ignore_line)
1248 continue;
1249
1250 line[len - 1] = '\0';
1251 if (!continuation) {
1252 continuation = strdup(line);
1253 if (!continuation)
1254 return log_oom();
1255 }
1256
1257 continue;
1258 }
1259
1260 if (ignore_line)
1261 log_error("%s:%u: Line is too long, ignored", filename, line_nr);
1262 else if (len > 0)
1263 (void) rule_add_line(rules, line, line_nr);
1264
1265 continuation = mfree(continuation);
1266 ignore_line = false;
1267 }
1268
1269 rule_resolve_goto(rule_file);
1270 return 0;
1271 }
1272
1273 UdevRules* udev_rules_new(ResolveNameTiming resolve_name_timing) {
1274 assert(resolve_name_timing >= 0 && resolve_name_timing < _RESOLVE_NAME_TIMING_MAX);
1275
1276 UdevRules *rules = new(UdevRules, 1);
1277 if (!rules)
1278 return NULL;
1279
1280 *rules = (UdevRules) {
1281 .resolve_name_timing = resolve_name_timing,
1282 };
1283
1284 return rules;
1285 }
1286
1287 int udev_rules_load(UdevRules **ret_rules, ResolveNameTiming resolve_name_timing) {
1288 _cleanup_(udev_rules_freep) UdevRules *rules = NULL;
1289 _cleanup_strv_free_ char **files = NULL;
1290 char **f;
1291 int r;
1292
1293 rules = udev_rules_new(resolve_name_timing);
1294 if (!rules)
1295 return -ENOMEM;
1296
1297 (void) udev_rules_check_timestamp(rules);
1298
1299 r = conf_files_list_strv(&files, ".rules", NULL, 0, RULES_DIRS);
1300 if (r < 0)
1301 return log_debug_errno(r, "Failed to enumerate rules files: %m");
1302
1303 STRV_FOREACH(f, files) {
1304 r = udev_rules_parse_file(rules, *f);
1305 if (r < 0)
1306 log_debug_errno(r, "Failed to read rules file %s, ignoring: %m", *f);
1307 }
1308
1309 *ret_rules = TAKE_PTR(rules);
1310 return 0;
1311 }
1312
1313 bool udev_rules_check_timestamp(UdevRules *rules) {
1314 if (!rules)
1315 return false;
1316
1317 return paths_check_timestamp(RULES_DIRS, &rules->dirs_ts_usec, true);
1318 }
1319
1320 static bool token_match_string(UdevRuleToken *token, const char *str) {
1321 const char *i, *value;
1322 bool match = false;
1323
1324 assert(token);
1325 assert(token->value);
1326 assert(token->type < _TK_M_MAX);
1327
1328 str = strempty(str);
1329 value = token->value;
1330
1331 switch (token->match_type) {
1332 case MATCH_TYPE_EMPTY:
1333 match = isempty(str);
1334 break;
1335 case MATCH_TYPE_SUBSYSTEM:
1336 match = STR_IN_SET(str, "subsystem", "class", "bus");
1337 break;
1338 case MATCH_TYPE_PLAIN_WITH_EMPTY:
1339 if (isempty(str)) {
1340 match = true;
1341 break;
1342 }
1343 _fallthrough_;
1344 case MATCH_TYPE_PLAIN:
1345 NULSTR_FOREACH(i, value)
1346 if (streq(i, str)) {
1347 match = true;
1348 break;
1349 }
1350 break;
1351 case MATCH_TYPE_GLOB_WITH_EMPTY:
1352 if (isempty(str)) {
1353 match = true;
1354 break;
1355 }
1356 _fallthrough_;
1357 case MATCH_TYPE_GLOB:
1358 NULSTR_FOREACH(i, value)
1359 if ((fnmatch(i, str, 0) == 0)) {
1360 match = true;
1361 break;
1362 }
1363 break;
1364 default:
1365 assert_not_reached("Invalid match type");
1366 }
1367
1368 return token->op == (match ? OP_MATCH : OP_NOMATCH);
1369 }
1370
1371 static bool token_match_attr(UdevRuleToken *token, sd_device *dev, UdevEvent *event) {
1372 char nbuf[UDEV_NAME_SIZE], vbuf[UDEV_NAME_SIZE];
1373 const char *name, *value;
1374
1375 assert(token);
1376 assert(dev);
1377 assert(event);
1378
1379 name = token->data;
1380
1381 switch (token->attr_subst_type) {
1382 case SUBST_TYPE_FORMAT:
1383 (void) udev_event_apply_format(event, name, nbuf, sizeof(nbuf), false);
1384 name = nbuf;
1385 _fallthrough_;
1386 case SUBST_TYPE_PLAIN:
1387 if (sd_device_get_sysattr_value(dev, name, &value) < 0)
1388 return false;
1389 break;
1390 case SUBST_TYPE_SUBSYS:
1391 if (udev_resolve_subsys_kernel(name, vbuf, sizeof(vbuf), true) < 0)
1392 return false;
1393 value = vbuf;
1394 break;
1395 default:
1396 assert_not_reached("Invalid attribute substitution type");
1397 }
1398
1399 /* remove trailing whitespace, if not asked to match for it */
1400 if (token->attr_match_remove_trailing_whitespace) {
1401 if (value != vbuf) {
1402 strscpy(vbuf, sizeof(vbuf), value);
1403 value = vbuf;
1404 }
1405
1406 delete_trailing_chars(vbuf, NULL);
1407 }
1408
1409 return token_match_string(token, value);
1410 }
1411
1412 static int get_property_from_string(char *line, char **ret_key, char **ret_value) {
1413 char *key, *val;
1414 size_t len;
1415
1416 assert(line);
1417 assert(ret_key);
1418 assert(ret_value);
1419
1420 /* find key */
1421 key = skip_leading_chars(line, NULL);
1422
1423 /* comment or empty line */
1424 if (IN_SET(key[0], '#', '\0')) {
1425 *ret_key = *ret_value = NULL;
1426 return 0;
1427 }
1428
1429 /* split key/value */
1430 val = strchr(key, '=');
1431 if (!val)
1432 return -EINVAL;
1433 *val++ = '\0';
1434
1435 key = strstrip(key);
1436 if (isempty(key))
1437 return -EINVAL;
1438
1439 val = strstrip(val);
1440 if (isempty(val))
1441 return -EINVAL;
1442
1443 /* unquote */
1444 if (IN_SET(val[0], '"', '\'')) {
1445 len = strlen(val);
1446 if (len == 1 || val[len-1] != val[0])
1447 return -EINVAL;
1448 val[len-1] = '\0';
1449 val++;
1450 }
1451
1452 *ret_key = key;
1453 *ret_value = val;
1454 return 1;
1455 }
1456
1457 static int import_parent_into_properties(sd_device *dev, const char *filter) {
1458 const char *key, *val;
1459 sd_device *parent;
1460 int r;
1461
1462 assert(dev);
1463 assert(filter);
1464
1465 r = sd_device_get_parent(dev, &parent);
1466 if (r == -ENOENT)
1467 return 0;
1468 if (r < 0)
1469 return r;
1470
1471 FOREACH_DEVICE_PROPERTY(parent, key, val) {
1472 if (fnmatch(filter, key, 0) != 0)
1473 continue;
1474 r = device_add_property(dev, key, val);
1475 if (r < 0)
1476 return r;
1477 }
1478
1479 return 1;
1480 }
1481
1482 static int attr_subst_subdir(char attr[static UDEV_PATH_SIZE]) {
1483 _cleanup_closedir_ DIR *dir = NULL;
1484 struct dirent *dent;
1485 char buf[UDEV_PATH_SIZE], *p;
1486 const char *tail;
1487 size_t len, size;
1488
1489 assert(attr);
1490
1491 tail = strstr(attr, "/*/");
1492 if (!tail)
1493 return 0;
1494
1495 len = tail - attr + 1; /* include slash at the end */
1496 tail += 2; /* include slash at the beginning */
1497
1498 p = buf;
1499 size = sizeof(buf);
1500 size -= strnpcpy(&p, size, attr, len);
1501
1502 dir = opendir(buf);
1503 if (!dir)
1504 return -errno;
1505
1506 FOREACH_DIRENT_ALL(dent, dir, break) {
1507 if (dent->d_name[0] == '.')
1508 continue;
1509
1510 strscpyl(p, size, dent->d_name, tail, NULL);
1511 if (faccessat(dirfd(dir), p, F_OK, 0) < 0)
1512 continue;
1513
1514 strcpy(attr, buf);
1515 return 0;
1516 }
1517
1518 return -ENOENT;
1519 }
1520
1521 static int udev_rule_apply_token_to_event(
1522 UdevRules *rules,
1523 sd_device *dev,
1524 UdevEvent *event,
1525 usec_t timeout_usec,
1526 int timeout_signal,
1527 Hashmap *properties_list) {
1528
1529 UdevRuleToken *token;
1530 char buf[UDEV_PATH_SIZE];
1531 const char *val;
1532 size_t count;
1533 bool match;
1534 int r;
1535
1536 assert(rules);
1537 assert(dev);
1538 assert(event);
1539
1540 /* This returns the following values:
1541 * 0 on the current token does not match the event,
1542 * 1 on the current token matches the event, and
1543 * negative errno on some critical errors. */
1544
1545 token = rules->current_file->current_line->current_token;
1546
1547 switch (token->type) {
1548 case TK_M_ACTION: {
1549 sd_device_action_t a;
1550
1551 r = sd_device_get_action(dev, &a);
1552 if (r < 0)
1553 return log_rule_error_errno(dev, rules, r, "Failed to get uevent action type: %m");
1554
1555 return token_match_string(token, device_action_to_string(a));
1556 }
1557 case TK_M_DEVPATH:
1558 r = sd_device_get_devpath(dev, &val);
1559 if (r < 0)
1560 return log_rule_error_errno(dev, rules, r, "Failed to get devpath: %m");
1561
1562 return token_match_string(token, val);
1563 case TK_M_KERNEL:
1564 case TK_M_PARENTS_KERNEL:
1565 r = sd_device_get_sysname(dev, &val);
1566 if (r < 0)
1567 return log_rule_error_errno(dev, rules, r, "Failed to get sysname: %m");
1568
1569 return token_match_string(token, val);
1570 case TK_M_DEVLINK:
1571 FOREACH_DEVICE_DEVLINK(dev, val)
1572 if (token_match_string(token, strempty(startswith(val, "/dev/"))))
1573 return token->op == OP_MATCH;
1574 return token->op == OP_NOMATCH;
1575 case TK_M_NAME:
1576 return token_match_string(token, event->name);
1577 case TK_M_ENV:
1578 if (sd_device_get_property_value(dev, token->data, &val) < 0)
1579 val = hashmap_get(properties_list, token->data);
1580
1581 return token_match_string(token, val);
1582 case TK_M_CONST: {
1583 const char *k = token->data;
1584
1585 if (streq(k, "arch"))
1586 val = architecture_to_string(uname_architecture());
1587 else if (streq(k, "virt"))
1588 val = virtualization_to_string(detect_virtualization());
1589 else
1590 assert_not_reached("Invalid CONST key");
1591 return token_match_string(token, val);
1592 }
1593 case TK_M_TAG:
1594 case TK_M_PARENTS_TAG:
1595 FOREACH_DEVICE_TAG(dev, val)
1596 if (token_match_string(token, val))
1597 return token->op == OP_MATCH;
1598 return token->op == OP_NOMATCH;
1599 case TK_M_SUBSYSTEM:
1600 case TK_M_PARENTS_SUBSYSTEM:
1601 r = sd_device_get_subsystem(dev, &val);
1602 if (r == -ENOENT)
1603 val = NULL;
1604 else if (r < 0)
1605 return log_rule_error_errno(dev, rules, r, "Failed to get subsystem: %m");
1606
1607 return token_match_string(token, val);
1608 case TK_M_DRIVER:
1609 case TK_M_PARENTS_DRIVER:
1610 r = sd_device_get_driver(dev, &val);
1611 if (r == -ENOENT)
1612 val = NULL;
1613 else if (r < 0)
1614 return log_rule_error_errno(dev, rules, r, "Failed to get driver: %m");
1615
1616 return token_match_string(token, val);
1617 case TK_M_ATTR:
1618 case TK_M_PARENTS_ATTR:
1619 return token_match_attr(token, dev, event);
1620 case TK_M_SYSCTL: {
1621 _cleanup_free_ char *value = NULL;
1622
1623 (void) udev_event_apply_format(event, token->data, buf, sizeof(buf), false);
1624 r = sysctl_read(sysctl_normalize(buf), &value);
1625 if (r < 0 && r != -ENOENT)
1626 return log_rule_error_errno(dev, rules, r, "Failed to read sysctl '%s': %m", buf);
1627
1628 return token_match_string(token, strstrip(value));
1629 }
1630 case TK_M_TEST: {
1631 mode_t mode = PTR_TO_MODE(token->data);
1632 struct stat statbuf;
1633
1634 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1635 if (!path_is_absolute(buf) &&
1636 udev_resolve_subsys_kernel(buf, buf, sizeof(buf), false) < 0) {
1637 char tmp[UDEV_PATH_SIZE];
1638
1639 r = sd_device_get_syspath(dev, &val);
1640 if (r < 0)
1641 return log_rule_error_errno(dev, rules, r, "Failed to get syspath: %m");
1642
1643 strscpy(tmp, sizeof(tmp), buf);
1644 strscpyl(buf, sizeof(buf), val, "/", tmp, NULL);
1645 }
1646
1647 r = attr_subst_subdir(buf);
1648 if (r == -ENOENT)
1649 return token->op == OP_NOMATCH;
1650 if (r < 0)
1651 return log_rule_error_errno(dev, rules, r, "Failed to test for the existence of '%s': %m", buf);
1652
1653 if (stat(buf, &statbuf) < 0)
1654 return token->op == OP_NOMATCH;
1655
1656 if (mode == MODE_INVALID)
1657 return token->op == OP_MATCH;
1658
1659 match = (statbuf.st_mode & mode) > 0;
1660 return token->op == (match ? OP_MATCH : OP_NOMATCH);
1661 }
1662 case TK_M_PROGRAM: {
1663 char result[UDEV_LINE_SIZE];
1664
1665 event->program_result = mfree(event->program_result);
1666 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1667 log_rule_debug(dev, rules, "Running PROGRAM '%s'", buf);
1668
1669 r = udev_event_spawn(event, timeout_usec, timeout_signal, true, buf, result, sizeof(result));
1670 if (r != 0) {
1671 if (r < 0)
1672 log_rule_warning_errno(dev, rules, r, "Failed to execute \"%s\": %m", buf);
1673 else /* returned value is positive when program fails */
1674 log_rule_debug(dev, rules, "Command \"%s\" returned %d (error)", buf, r);
1675 return token->op == OP_NOMATCH;
1676 }
1677
1678 delete_trailing_chars(result, "\n");
1679 count = udev_replace_chars(result, UDEV_ALLOWED_CHARS_INPUT);
1680 if (count > 0)
1681 log_rule_debug(dev, rules, "Replaced %zu character(s) in result of \"%s\"",
1682 count, buf);
1683
1684 event->program_result = strdup(result);
1685 return token->op == OP_MATCH;
1686 }
1687 case TK_M_IMPORT_FILE: {
1688 _cleanup_fclose_ FILE *f = NULL;
1689
1690 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1691 log_rule_debug(dev, rules, "Importing properties from '%s'", buf);
1692
1693 f = fopen(buf, "re");
1694 if (!f) {
1695 if (errno != ENOENT)
1696 return log_rule_error_errno(dev, rules, errno,
1697 "Failed to open '%s': %m", buf);
1698 return token->op == OP_NOMATCH;
1699 }
1700
1701 for (;;) {
1702 _cleanup_free_ char *line = NULL;
1703 char *key, *value;
1704
1705 r = read_line(f, LONG_LINE_MAX, &line);
1706 if (r < 0) {
1707 log_rule_debug_errno(dev, rules, r,
1708 "Failed to read '%s', ignoring: %m", buf);
1709 return token->op == OP_NOMATCH;
1710 }
1711 if (r == 0)
1712 break;
1713
1714 r = get_property_from_string(line, &key, &value);
1715 if (r < 0) {
1716 log_rule_debug_errno(dev, rules, r,
1717 "Failed to parse key and value from '%s', ignoring: %m",
1718 line);
1719 continue;
1720 }
1721 if (r == 0)
1722 continue;
1723
1724 r = device_add_property(dev, key, value);
1725 if (r < 0)
1726 return log_rule_error_errno(dev, rules, r,
1727 "Failed to add property %s=%s: %m",
1728 key, value);
1729 }
1730
1731 return token->op == OP_MATCH;
1732 }
1733 case TK_M_IMPORT_PROGRAM: {
1734 _cleanup_strv_free_ char **lines = NULL;
1735 char result[UDEV_LINE_SIZE], **line;
1736
1737 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1738 log_rule_debug(dev, rules, "Importing properties from results of '%s'", buf);
1739
1740 r = udev_event_spawn(event, timeout_usec, timeout_signal, true, buf, result, sizeof result);
1741 if (r != 0) {
1742 if (r < 0)
1743 log_rule_warning_errno(dev, rules, r, "Failed to execute '%s', ignoring: %m", buf);
1744 else /* returned value is positive when program fails */
1745 log_rule_debug(dev, rules, "Command \"%s\" returned %d (error), ignoring", buf, r);
1746 return token->op == OP_NOMATCH;
1747 }
1748
1749 r = strv_split_newlines_full(&lines, result, EXTRACT_RETAIN_ESCAPE);
1750 if (r < 0)
1751 log_rule_warning_errno(dev, rules, r,
1752 "Failed to extract lines from result of command \"%s\", ignoring: %m", buf);
1753
1754 STRV_FOREACH(line, lines) {
1755 char *key, *value;
1756
1757 r = get_property_from_string(*line, &key, &value);
1758 if (r < 0) {
1759 log_rule_debug_errno(dev, rules, r,
1760 "Failed to parse key and value from '%s', ignoring: %m",
1761 *line);
1762 continue;
1763 }
1764 if (r == 0)
1765 continue;
1766
1767 r = device_add_property(dev, key, value);
1768 if (r < 0)
1769 return log_rule_error_errno(dev, rules, r,
1770 "Failed to add property %s=%s: %m",
1771 key, value);
1772 }
1773
1774 return token->op == OP_MATCH;
1775 }
1776 case TK_M_IMPORT_BUILTIN: {
1777 UdevBuiltinCommand cmd = PTR_TO_UDEV_BUILTIN_CMD(token->data);
1778 assert(cmd >= 0 && cmd < _UDEV_BUILTIN_MAX);
1779 unsigned mask = 1U << (int) cmd;
1780
1781 if (udev_builtin_run_once(cmd)) {
1782 /* check if we ran already */
1783 if (event->builtin_run & mask) {
1784 log_rule_debug(dev, rules, "Skipping builtin '%s' in IMPORT key",
1785 udev_builtin_name(cmd));
1786 /* return the result from earlier run */
1787 return token->op == (event->builtin_ret & mask ? OP_NOMATCH : OP_MATCH);
1788 }
1789 /* mark as ran */
1790 event->builtin_run |= mask;
1791 }
1792
1793 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1794 log_rule_debug(dev, rules, "Importing properties from results of builtin command '%s'", buf);
1795
1796 r = udev_builtin_run(dev, cmd, buf, false);
1797 if (r < 0) {
1798 /* remember failure */
1799 log_rule_debug_errno(dev, rules, r, "Failed to run builtin '%s': %m", buf);
1800 event->builtin_ret |= mask;
1801 }
1802 return token->op == (r >= 0 ? OP_MATCH : OP_NOMATCH);
1803 }
1804 case TK_M_IMPORT_DB: {
1805 if (!event->dev_db_clone)
1806 return token->op == OP_NOMATCH;
1807 r = sd_device_get_property_value(event->dev_db_clone, token->value, &val);
1808 if (r == -ENOENT)
1809 return token->op == OP_NOMATCH;
1810 if (r < 0)
1811 return log_rule_error_errno(dev, rules, r,
1812 "Failed to get property '%s' from database: %m",
1813 token->value);
1814
1815 r = device_add_property(dev, token->value, val);
1816 if (r < 0)
1817 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m",
1818 token->value, val);
1819 return token->op == OP_MATCH;
1820 }
1821 case TK_M_IMPORT_CMDLINE: {
1822 _cleanup_free_ char *value = NULL;
1823
1824 r = proc_cmdline_get_key(token->value, PROC_CMDLINE_VALUE_OPTIONAL|PROC_CMDLINE_IGNORE_EFI_OPTIONS, &value);
1825 if (r < 0)
1826 return log_rule_error_errno(dev, rules, r,
1827 "Failed to read '%s' option from /proc/cmdline: %m",
1828 token->value);
1829 if (r == 0)
1830 return token->op == OP_NOMATCH;
1831
1832 r = device_add_property(dev, token->value, value ?: "1");
1833 if (r < 0)
1834 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m",
1835 token->value, value ?: "1");
1836 return token->op == OP_MATCH;
1837 }
1838 case TK_M_IMPORT_PARENT: {
1839 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1840 r = import_parent_into_properties(dev, buf);
1841 if (r < 0)
1842 return log_rule_error_errno(dev, rules, r,
1843 "Failed to import properties '%s' from parent: %m",
1844 buf);
1845 return token->op == (r > 0 ? OP_MATCH : OP_NOMATCH);
1846 }
1847 case TK_M_RESULT:
1848 return token_match_string(token, event->program_result);
1849 case TK_A_OPTIONS_STRING_ESCAPE_NONE:
1850 event->esc = ESCAPE_NONE;
1851 break;
1852 case TK_A_OPTIONS_STRING_ESCAPE_REPLACE:
1853 event->esc = ESCAPE_REPLACE;
1854 break;
1855 case TK_A_OPTIONS_DB_PERSIST:
1856 device_set_db_persist(dev);
1857 break;
1858 case TK_A_OPTIONS_INOTIFY_WATCH:
1859 if (event->inotify_watch_final)
1860 break;
1861 if (token->op == OP_ASSIGN_FINAL)
1862 event->inotify_watch_final = true;
1863
1864 event->inotify_watch = token->data;
1865 break;
1866 case TK_A_OPTIONS_DEVLINK_PRIORITY:
1867 device_set_devlink_priority(dev, PTR_TO_INT(token->data));
1868 break;
1869 case TK_A_OPTIONS_LOG_LEVEL: {
1870 int level = PTR_TO_INT(token->data);
1871
1872 if (level < 0)
1873 level = event->default_log_level;
1874
1875 log_set_max_level(level);
1876
1877 if (level == LOG_DEBUG && !event->log_level_was_debug) {
1878 /* The log level becomes LOG_DEBUG at first time. Let's log basic information. */
1879 log_device_uevent(dev, "The log level is changed to 'debug' while processing device");
1880 event->log_level_was_debug = true;
1881 }
1882
1883 break;
1884 }
1885 case TK_A_OWNER: {
1886 char owner[UDEV_NAME_SIZE];
1887 const char *ow = owner;
1888
1889 if (event->owner_final)
1890 break;
1891 if (token->op == OP_ASSIGN_FINAL)
1892 event->owner_final = true;
1893
1894 (void) udev_event_apply_format(event, token->value, owner, sizeof(owner), false);
1895 r = get_user_creds(&ow, &event->uid, NULL, NULL, NULL, USER_CREDS_ALLOW_MISSING);
1896 if (r < 0)
1897 log_unknown_owner(dev, rules, r, "user", owner);
1898 else
1899 log_rule_debug(dev, rules, "OWNER %s(%u)", owner, event->uid);
1900 break;
1901 }
1902 case TK_A_GROUP: {
1903 char group[UDEV_NAME_SIZE];
1904 const char *gr = group;
1905
1906 if (event->group_final)
1907 break;
1908 if (token->op == OP_ASSIGN_FINAL)
1909 event->group_final = true;
1910
1911 (void) udev_event_apply_format(event, token->value, group, sizeof(group), false);
1912 r = get_group_creds(&gr, &event->gid, USER_CREDS_ALLOW_MISSING);
1913 if (r < 0)
1914 log_unknown_owner(dev, rules, r, "group", group);
1915 else
1916 log_rule_debug(dev, rules, "GROUP %s(%u)", group, event->gid);
1917 break;
1918 }
1919 case TK_A_MODE: {
1920 char mode_str[UDEV_NAME_SIZE];
1921
1922 if (event->mode_final)
1923 break;
1924 if (token->op == OP_ASSIGN_FINAL)
1925 event->mode_final = true;
1926
1927 (void) udev_event_apply_format(event, token->value, mode_str, sizeof(mode_str), false);
1928 r = parse_mode(mode_str, &event->mode);
1929 if (r < 0)
1930 log_rule_error_errno(dev, rules, r, "Failed to parse mode '%s', ignoring: %m", mode_str);
1931 else
1932 log_rule_debug(dev, rules, "MODE %#o", event->mode);
1933 break;
1934 }
1935 case TK_A_OWNER_ID:
1936 if (event->owner_final)
1937 break;
1938 if (token->op == OP_ASSIGN_FINAL)
1939 event->owner_final = true;
1940 if (!token->data)
1941 break;
1942 event->uid = PTR_TO_UID(token->data);
1943 log_rule_debug(dev, rules, "OWNER %u", event->uid);
1944 break;
1945 case TK_A_GROUP_ID:
1946 if (event->group_final)
1947 break;
1948 if (token->op == OP_ASSIGN_FINAL)
1949 event->group_final = true;
1950 if (!token->data)
1951 break;
1952 event->gid = PTR_TO_GID(token->data);
1953 log_rule_debug(dev, rules, "GROUP %u", event->gid);
1954 break;
1955 case TK_A_MODE_ID:
1956 if (event->mode_final)
1957 break;
1958 if (token->op == OP_ASSIGN_FINAL)
1959 event->mode_final = true;
1960 if (!token->data)
1961 break;
1962 event->mode = PTR_TO_MODE(token->data);
1963 log_rule_debug(dev, rules, "MODE %#o", event->mode);
1964 break;
1965 case TK_A_SECLABEL: {
1966 _cleanup_free_ char *name = NULL, *label = NULL;
1967 char label_str[UDEV_LINE_SIZE] = {};
1968
1969 name = strdup(token->data);
1970 if (!name)
1971 return log_oom();
1972
1973 (void) udev_event_apply_format(event, token->value, label_str, sizeof(label_str), false);
1974 if (!isempty(label_str))
1975 label = strdup(label_str);
1976 else
1977 label = strdup(token->value);
1978 if (!label)
1979 return log_oom();
1980
1981 if (token->op == OP_ASSIGN)
1982 ordered_hashmap_clear_free_free(event->seclabel_list);
1983
1984 r = ordered_hashmap_ensure_put(&event->seclabel_list, NULL, name, label);
1985 if (r == -ENOMEM)
1986 return log_oom();
1987 if (r < 0)
1988 return log_rule_error_errno(dev, rules, r, "Failed to store SECLABEL{%s}='%s': %m", name, label);;
1989
1990 log_rule_debug(dev, rules, "SECLABEL{%s}='%s'", name, label);
1991
1992 TAKE_PTR(name);
1993 TAKE_PTR(label);
1994 break;
1995 }
1996 case TK_A_ENV: {
1997 const char *name = token->data;
1998 char value_new[UDEV_NAME_SIZE], *p = value_new;
1999 size_t l = sizeof(value_new);
2000
2001 if (isempty(token->value)) {
2002 if (token->op == OP_ADD)
2003 break;
2004 r = device_add_property(dev, name, NULL);
2005 if (r < 0)
2006 return log_rule_error_errno(dev, rules, r, "Failed to remove property '%s': %m", name);
2007 break;
2008 }
2009
2010 if (token->op == OP_ADD &&
2011 sd_device_get_property_value(dev, name, &val) >= 0)
2012 l = strpcpyl(&p, l, val, " ", NULL);
2013
2014 (void) udev_event_apply_format(event, token->value, p, l, false);
2015
2016 r = device_add_property(dev, name, value_new);
2017 if (r < 0)
2018 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m", name, value_new);
2019 break;
2020 }
2021 case TK_A_TAG: {
2022 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2023 if (token->op == OP_ASSIGN)
2024 device_cleanup_tags(dev);
2025
2026 if (buf[strspn(buf, ALPHANUMERICAL "-_")] != '\0') {
2027 log_rule_error(dev, rules, "Invalid tag name '%s', ignoring", buf);
2028 break;
2029 }
2030 if (token->op == OP_REMOVE)
2031 device_remove_tag(dev, buf);
2032 else {
2033 r = device_add_tag(dev, buf, true);
2034 if (r < 0)
2035 return log_rule_error_errno(dev, rules, r, "Failed to add tag '%s': %m", buf);
2036 }
2037 break;
2038 }
2039 case TK_A_NAME: {
2040 if (event->name_final)
2041 break;
2042 if (token->op == OP_ASSIGN_FINAL)
2043 event->name_final = true;
2044
2045 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2046 if (IN_SET(event->esc, ESCAPE_UNSET, ESCAPE_REPLACE)) {
2047 count = udev_replace_chars(buf, "/");
2048 if (count > 0)
2049 log_rule_debug(dev, rules, "Replaced %zu character(s) from result of NAME=\"%s\"",
2050 count, token->value);
2051 }
2052 if (sd_device_get_devnum(dev, NULL) >= 0 &&
2053 (sd_device_get_devname(dev, &val) < 0 ||
2054 !streq_ptr(buf, path_startswith(val, "/dev/")))) {
2055 log_rule_error(dev, rules,
2056 "Kernel device nodes cannot be renamed, ignoring NAME=\"%s\"; please fix it.",
2057 token->value);
2058 break;
2059 }
2060 r = free_and_strdup_warn(&event->name, buf);
2061 if (r < 0)
2062 return r;
2063
2064 log_rule_debug(dev, rules, "NAME '%s'", event->name);
2065 break;
2066 }
2067 case TK_A_DEVLINK: {
2068 char *p;
2069
2070 if (event->devlink_final)
2071 break;
2072 if (sd_device_get_devnum(dev, NULL) < 0)
2073 break;
2074 if (token->op == OP_ASSIGN_FINAL)
2075 event->devlink_final = true;
2076 if (IN_SET(token->op, OP_ASSIGN, OP_ASSIGN_FINAL))
2077 device_cleanup_devlinks(dev);
2078
2079 /* allow multiple symlinks separated by spaces */
2080 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), event->esc != ESCAPE_NONE);
2081 if (event->esc == ESCAPE_UNSET)
2082 count = udev_replace_chars(buf, "/ ");
2083 else if (event->esc == ESCAPE_REPLACE)
2084 count = udev_replace_chars(buf, "/");
2085 else
2086 count = 0;
2087 if (count > 0)
2088 log_rule_debug(dev, rules, "Replaced %zu character(s) from result of LINK", count);
2089
2090 p = skip_leading_chars(buf, NULL);
2091 while (!isempty(p)) {
2092 char filename[UDEV_PATH_SIZE], *next;
2093
2094 next = strchr(p, ' ');
2095 if (next) {
2096 *next++ = '\0';
2097 next = skip_leading_chars(next, NULL);
2098 }
2099
2100 strscpyl(filename, sizeof(filename), "/dev/", p, NULL);
2101 r = device_add_devlink(dev, filename);
2102 if (r < 0)
2103 return log_rule_error_errno(dev, rules, r, "Failed to add devlink '%s': %m", filename);
2104
2105 log_rule_debug(dev, rules, "LINK '%s'", p);
2106 p = next;
2107 }
2108 break;
2109 }
2110 case TK_A_ATTR: {
2111 const char *key_name = token->data;
2112 char value[UDEV_NAME_SIZE];
2113
2114 if (udev_resolve_subsys_kernel(key_name, buf, sizeof(buf), false) < 0 &&
2115 sd_device_get_syspath(dev, &val) >= 0)
2116 strscpyl(buf, sizeof(buf), val, "/", key_name, NULL);
2117
2118 r = attr_subst_subdir(buf);
2119 if (r < 0) {
2120 log_rule_error_errno(dev, rules, r, "Could not find file matches '%s', ignoring: %m", buf);
2121 break;
2122 }
2123 (void) udev_event_apply_format(event, token->value, value, sizeof(value), false);
2124
2125 log_rule_debug(dev, rules, "ATTR '%s' writing '%s'", buf, value);
2126 r = write_string_file(buf, value, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER | WRITE_STRING_FILE_AVOID_NEWLINE);
2127 if (r < 0)
2128 log_rule_error_errno(dev, rules, r, "Failed to write ATTR{%s}, ignoring: %m", buf);
2129 break;
2130 }
2131 case TK_A_SYSCTL: {
2132 char value[UDEV_NAME_SIZE];
2133
2134 (void) udev_event_apply_format(event, token->data, buf, sizeof(buf), false);
2135 (void) udev_event_apply_format(event, token->value, value, sizeof(value), false);
2136 sysctl_normalize(buf);
2137 log_rule_debug(dev, rules, "SYSCTL '%s' writing '%s'", buf, value);
2138 r = sysctl_write(buf, value);
2139 if (r < 0)
2140 log_rule_error_errno(dev, rules, r, "Failed to write SYSCTL{%s}='%s', ignoring: %m", buf, value);
2141 break;
2142 }
2143 case TK_A_RUN_BUILTIN:
2144 case TK_A_RUN_PROGRAM: {
2145 _cleanup_free_ char *cmd = NULL;
2146
2147 if (event->run_final)
2148 break;
2149 if (token->op == OP_ASSIGN_FINAL)
2150 event->run_final = true;
2151
2152 if (IN_SET(token->op, OP_ASSIGN, OP_ASSIGN_FINAL))
2153 ordered_hashmap_clear_free_key(event->run_list);
2154
2155 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2156
2157 cmd = strdup(buf);
2158 if (!cmd)
2159 return log_oom();
2160
2161 r = ordered_hashmap_ensure_put(&event->run_list, NULL, cmd, token->data);
2162 if (r == -ENOMEM)
2163 return log_oom();
2164 if (r < 0)
2165 return log_rule_error_errno(dev, rules, r, "Failed to store command '%s': %m", cmd);
2166
2167 TAKE_PTR(cmd);
2168
2169 log_rule_debug(dev, rules, "RUN '%s'", token->value);
2170 break;
2171 }
2172 case TK_A_OPTIONS_STATIC_NODE:
2173 /* do nothing for events. */
2174 break;
2175 default:
2176 assert_not_reached("Invalid token type");
2177 }
2178
2179 return true;
2180 }
2181
2182 static bool token_is_for_parents(UdevRuleToken *token) {
2183 return token->type >= TK_M_PARENTS_KERNEL && token->type <= TK_M_PARENTS_TAG;
2184 }
2185
2186 static int udev_rule_apply_parent_token_to_event(
2187 UdevRules *rules,
2188 UdevEvent *event,
2189 int timeout_signal) {
2190
2191 UdevRuleLine *line;
2192 UdevRuleToken *head;
2193 int r;
2194
2195 line = rules->current_file->current_line;
2196 head = rules->current_file->current_line->current_token;
2197 event->dev_parent = event->dev;
2198 for (;;) {
2199 LIST_FOREACH(tokens, line->current_token, head) {
2200 if (!token_is_for_parents(line->current_token))
2201 return true; /* All parent tokens match. */
2202 r = udev_rule_apply_token_to_event(rules, event->dev_parent, event, 0, timeout_signal, NULL);
2203 if (r < 0)
2204 return r;
2205 if (r == 0)
2206 break;
2207 }
2208 if (!line->current_token)
2209 /* All parent tokens match. But no assign tokens in the line. Hmm... */
2210 return true;
2211
2212 if (sd_device_get_parent(event->dev_parent, &event->dev_parent) < 0) {
2213 event->dev_parent = NULL;
2214 return false;
2215 }
2216 }
2217 }
2218
2219 static int udev_rule_apply_line_to_event(
2220 UdevRules *rules,
2221 UdevEvent *event,
2222 usec_t timeout_usec,
2223 int timeout_signal,
2224 Hashmap *properties_list,
2225 UdevRuleLine **next_line) {
2226
2227 UdevRuleLine *line = rules->current_file->current_line;
2228 UdevRuleLineType mask = LINE_HAS_GOTO | LINE_UPDATE_SOMETHING;
2229 UdevRuleToken *token, *next_token;
2230 bool parents_done = false;
2231 sd_device_action_t action;
2232 int r;
2233
2234 r = sd_device_get_action(event->dev, &action);
2235 if (r < 0)
2236 return r;
2237
2238 if (action != SD_DEVICE_REMOVE) {
2239 if (sd_device_get_devnum(event->dev, NULL) >= 0)
2240 mask |= LINE_HAS_DEVLINK;
2241
2242 if (sd_device_get_ifindex(event->dev, NULL) >= 0)
2243 mask |= LINE_HAS_NAME;
2244 }
2245
2246 if ((line->type & mask) == 0)
2247 return 0;
2248
2249 event->esc = ESCAPE_UNSET;
2250 LIST_FOREACH_SAFE(tokens, token, next_token, line->tokens) {
2251 line->current_token = token;
2252
2253 if (token_is_for_parents(token)) {
2254 if (parents_done)
2255 continue;
2256
2257 r = udev_rule_apply_parent_token_to_event(rules, event, timeout_signal);
2258 if (r <= 0)
2259 return r;
2260
2261 parents_done = true;
2262 continue;
2263 }
2264
2265 r = udev_rule_apply_token_to_event(rules, event->dev, event, timeout_usec, timeout_signal, properties_list);
2266 if (r <= 0)
2267 return r;
2268 }
2269
2270 if (line->goto_line)
2271 *next_line = line->goto_line;
2272
2273 return 0;
2274 }
2275
2276 int udev_rules_apply_to_event(
2277 UdevRules *rules,
2278 UdevEvent *event,
2279 usec_t timeout_usec,
2280 int timeout_signal,
2281 Hashmap *properties_list) {
2282
2283 UdevRuleFile *file;
2284 UdevRuleLine *next_line;
2285 int r;
2286
2287 assert(rules);
2288 assert(event);
2289
2290 LIST_FOREACH(rule_files, file, rules->rule_files) {
2291 rules->current_file = file;
2292 LIST_FOREACH_SAFE(rule_lines, file->current_line, next_line, file->rule_lines) {
2293 r = udev_rule_apply_line_to_event(rules, event, timeout_usec, timeout_signal, properties_list, &next_line);
2294 if (r < 0)
2295 return r;
2296 }
2297 }
2298
2299 return 0;
2300 }
2301
2302 static int apply_static_dev_perms(const char *devnode, uid_t uid, gid_t gid, mode_t mode, char **tags) {
2303 char device_node[UDEV_PATH_SIZE], tags_dir[UDEV_PATH_SIZE], tag_symlink[UDEV_PATH_SIZE];
2304 _cleanup_free_ char *unescaped_filename = NULL;
2305 struct stat stats;
2306 char **t;
2307 int r;
2308
2309 assert(devnode);
2310
2311 if (uid == UID_INVALID && gid == GID_INVALID && mode == MODE_INVALID && !tags)
2312 return 0;
2313
2314 strscpyl(device_node, sizeof(device_node), "/dev/", devnode, NULL);
2315 if (stat(device_node, &stats) < 0) {
2316 if (errno != ENOENT)
2317 return log_error_errno(errno, "Failed to stat %s: %m", device_node);
2318 return 0;
2319 }
2320
2321 if (!S_ISBLK(stats.st_mode) && !S_ISCHR(stats.st_mode)) {
2322 log_warning("%s is neither block nor character device, ignoring.", device_node);
2323 return 0;
2324 }
2325
2326 if (!strv_isempty(tags)) {
2327 unescaped_filename = xescape(devnode, "/.");
2328 if (!unescaped_filename)
2329 return log_oom();
2330 }
2331
2332 /* export the tags to a directory as symlinks, allowing otherwise dead nodes to be tagged */
2333 STRV_FOREACH(t, tags) {
2334 strscpyl(tags_dir, sizeof(tags_dir), "/run/udev/static_node-tags/", *t, "/", NULL);
2335 r = mkdir_p(tags_dir, 0755);
2336 if (r < 0)
2337 return log_error_errno(r, "Failed to create %s: %m", tags_dir);
2338
2339 strscpyl(tag_symlink, sizeof(tag_symlink), tags_dir, unescaped_filename, NULL);
2340 r = symlink(device_node, tag_symlink);
2341 if (r < 0 && errno != EEXIST)
2342 return log_error_errno(errno, "Failed to create symlink %s -> %s: %m",
2343 tag_symlink, device_node);
2344 }
2345
2346 /* don't touch the permissions if only the tags were set */
2347 if (uid == UID_INVALID && gid == GID_INVALID && mode == MODE_INVALID)
2348 return 0;
2349
2350 if (mode == MODE_INVALID)
2351 mode = gid_is_valid(gid) ? 0660 : 0600;
2352 if (!uid_is_valid(uid))
2353 uid = 0;
2354 if (!gid_is_valid(gid))
2355 gid = 0;
2356
2357 r = chmod_and_chown(device_node, mode, uid, gid);
2358 if (r == -ENOENT)
2359 return 0;
2360 if (r < 0)
2361 return log_error_errno(r, "Failed to chown '%s' %u %u: %m", device_node, uid, gid);
2362 else
2363 log_debug("chown '%s' %u:%u with mode %#o", device_node, uid, gid, mode);
2364
2365 (void) utimensat(AT_FDCWD, device_node, NULL, 0);
2366 return 0;
2367 }
2368
2369 static int udev_rule_line_apply_static_dev_perms(UdevRuleLine *rule_line) {
2370 UdevRuleToken *token;
2371 _cleanup_strv_free_ char **tags = NULL;
2372 uid_t uid = UID_INVALID;
2373 gid_t gid = GID_INVALID;
2374 mode_t mode = MODE_INVALID;
2375 int r;
2376
2377 assert(rule_line);
2378
2379 if (!FLAGS_SET(rule_line->type, LINE_HAS_STATIC_NODE))
2380 return 0;
2381
2382 LIST_FOREACH(tokens, token, rule_line->tokens)
2383 if (token->type == TK_A_OWNER_ID)
2384 uid = PTR_TO_UID(token->data);
2385 else if (token->type == TK_A_GROUP_ID)
2386 gid = PTR_TO_GID(token->data);
2387 else if (token->type == TK_A_MODE_ID)
2388 mode = PTR_TO_MODE(token->data);
2389 else if (token->type == TK_A_TAG) {
2390 r = strv_extend(&tags, token->value);
2391 if (r < 0)
2392 return log_oom();
2393 } else if (token->type == TK_A_OPTIONS_STATIC_NODE) {
2394 r = apply_static_dev_perms(token->value, uid, gid, mode, tags);
2395 if (r < 0)
2396 return r;
2397 }
2398
2399 return 0;
2400 }
2401
2402 int udev_rules_apply_static_dev_perms(UdevRules *rules) {
2403 UdevRuleFile *file;
2404 UdevRuleLine *line;
2405 int r;
2406
2407 assert(rules);
2408
2409 LIST_FOREACH(rule_files, file, rules->rule_files)
2410 LIST_FOREACH(rule_lines, line, file->rule_lines) {
2411 r = udev_rule_line_apply_static_dev_perms(line);
2412 if (r < 0)
2413 return r;
2414 }
2415
2416 return 0;
2417 }
Unnamed repository; edit this file 'description' to name the repository.