]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/udev/udev-rules.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #18863 from keszybz/cmdline-escaping
[thirdparty/systemd.git] / src / udev / udev-rules.c
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2
3 #include <ctype.h>
4
5 #include "alloc-util.h"
6 #include "architecture.h"
7 #include "conf-files.h"
8 #include "def.h"
9 #include "device-private.h"
10 #include "device-util.h"
11 #include "dirent-util.h"
12 #include "escape.h"
13 #include "fd-util.h"
14 #include "fileio.h"
15 #include "format-util.h"
16 #include "fs-util.h"
17 #include "glob-util.h"
18 #include "list.h"
19 #include "mkdir.h"
20 #include "nulstr-util.h"
21 #include "parse-util.h"
22 #include "path-util.h"
23 #include "proc-cmdline.h"
24 #include "stat-util.h"
25 #include "strv.h"
26 #include "strxcpyx.h"
27 #include "sysctl-util.h"
28 #include "syslog-util.h"
29 #include "udev-builtin.h"
30 #include "udev-event.h"
31 #include "udev-rules.h"
32 #include "user-util.h"
33 #include "virt.h"
34
35 #define RULES_DIRS (const char* const*) CONF_PATHS_STRV("udev/rules.d")
36
37 typedef enum {
38 OP_MATCH, /* == */
39 OP_NOMATCH, /* != */
40 OP_ADD, /* += */
41 OP_REMOVE, /* -= */
42 OP_ASSIGN, /* = */
43 OP_ASSIGN_FINAL, /* := */
44 _OP_TYPE_MAX,
45 _OP_TYPE_INVALID = -EINVAL,
46 } UdevRuleOperatorType;
47
48 typedef enum {
49 MATCH_TYPE_EMPTY, /* empty string */
50 MATCH_TYPE_PLAIN, /* no special characters */
51 MATCH_TYPE_PLAIN_WITH_EMPTY, /* no special characters with empty string, e.g., "|foo" */
52 MATCH_TYPE_GLOB, /* shell globs ?,*,[] */
53 MATCH_TYPE_GLOB_WITH_EMPTY, /* shell globs ?,*,[] with empty string, e.g., "|foo*" */
54 MATCH_TYPE_SUBSYSTEM, /* "subsystem", "bus", or "class" */
55 _MATCH_TYPE_MAX,
56 _MATCH_TYPE_INVALID = -EINVAL,
57 } UdevRuleMatchType;
58
59 typedef enum {
60 SUBST_TYPE_PLAIN, /* no substitution */
61 SUBST_TYPE_FORMAT, /* % or $ */
62 SUBST_TYPE_SUBSYS, /* "[<SUBSYSTEM>/<KERNEL>]<attribute>" format */
63 _SUBST_TYPE_MAX,
64 _SUBST_TYPE_INVALID = -EINVAL,
65 } UdevRuleSubstituteType;
66
67 typedef enum {
68 /* lvalues which take match or nomatch operator */
69 TK_M_ACTION, /* string, device_get_action() */
70 TK_M_DEVPATH, /* path, sd_device_get_devpath() */
71 TK_M_KERNEL, /* string, sd_device_get_sysname() */
72 TK_M_DEVLINK, /* strv, sd_device_get_devlink_first(), sd_device_get_devlink_next() */
73 TK_M_NAME, /* string, name of network interface */
74 TK_M_ENV, /* string, device property, takes key through attribute */
75 TK_M_CONST, /* string, system-specific hard-coded constant */
76 TK_M_TAG, /* strv, sd_device_get_tag_first(), sd_device_get_tag_next() */
77 TK_M_SUBSYSTEM, /* string, sd_device_get_subsystem() */
78 TK_M_DRIVER, /* string, sd_device_get_driver() */
79 TK_M_ATTR, /* string, takes filename through attribute, sd_device_get_sysattr_value(), udev_resolve_subsys_kernel(), etc. */
80 TK_M_SYSCTL, /* string, takes kernel parameter through attribute */
81
82 /* matches parent parameters */
83 TK_M_PARENTS_KERNEL, /* string */
84 TK_M_PARENTS_SUBSYSTEM, /* string */
85 TK_M_PARENTS_DRIVER, /* string */
86 TK_M_PARENTS_ATTR, /* string */
87 TK_M_PARENTS_TAG, /* strv */
88
89 TK_M_TEST, /* path, optionally mode_t can be specified by attribute, test the existence of a file */
90 TK_M_PROGRAM, /* string, execute a program */
91 TK_M_IMPORT_FILE, /* path */
92 TK_M_IMPORT_PROGRAM, /* string, import properties from the result of program */
93 TK_M_IMPORT_BUILTIN, /* string, import properties from the result of built-in command */
94 TK_M_IMPORT_DB, /* string, import properties from database */
95 TK_M_IMPORT_CMDLINE, /* string, kernel command line */
96 TK_M_IMPORT_PARENT, /* string, parent property */
97 TK_M_RESULT, /* string, result of TK_M_PROGRAM */
98
99 #define _TK_M_MAX (TK_M_RESULT + 1)
100 #define _TK_A_MIN _TK_M_MAX
101
102 /* lvalues which take one of assign operators */
103 TK_A_OPTIONS_STRING_ESCAPE_NONE, /* no argument */
104 TK_A_OPTIONS_STRING_ESCAPE_REPLACE, /* no argument */
105 TK_A_OPTIONS_DB_PERSIST, /* no argument */
106 TK_A_OPTIONS_INOTIFY_WATCH, /* boolean */
107 TK_A_OPTIONS_DEVLINK_PRIORITY, /* int */
108 TK_A_OPTIONS_LOG_LEVEL, /* string of log level or "reset" */
109 TK_A_OWNER, /* user name */
110 TK_A_GROUP, /* group name */
111 TK_A_MODE, /* mode string */
112 TK_A_OWNER_ID, /* uid_t */
113 TK_A_GROUP_ID, /* gid_t */
114 TK_A_MODE_ID, /* mode_t */
115 TK_A_TAG, /* string */
116 TK_A_OPTIONS_STATIC_NODE, /* device path, /dev/... */
117 TK_A_SECLABEL, /* string with attribute */
118 TK_A_ENV, /* string with attribute */
119 TK_A_NAME, /* ifname */
120 TK_A_DEVLINK, /* string */
121 TK_A_ATTR, /* string with attribute */
122 TK_A_SYSCTL, /* string with attribute */
123 TK_A_RUN_BUILTIN, /* string */
124 TK_A_RUN_PROGRAM, /* string */
125
126 _TK_TYPE_MAX,
127 _TK_TYPE_INVALID = -EINVAL,
128 } UdevRuleTokenType;
129
130 typedef enum {
131 LINE_HAS_NAME = 1 << 0, /* has NAME= */
132 LINE_HAS_DEVLINK = 1 << 1, /* has SYMLINK=, OWNER=, GROUP= or MODE= */
133 LINE_HAS_STATIC_NODE = 1 << 2, /* has OPTIONS=static_node */
134 LINE_HAS_GOTO = 1 << 3, /* has GOTO= */
135 LINE_HAS_LABEL = 1 << 4, /* has LABEL= */
136 LINE_UPDATE_SOMETHING = 1 << 5, /* has other TK_A_* or TK_M_IMPORT tokens */
137 } UdevRuleLineType;
138
139 typedef struct UdevRuleFile UdevRuleFile;
140 typedef struct UdevRuleLine UdevRuleLine;
141 typedef struct UdevRuleToken UdevRuleToken;
142
143 struct UdevRuleToken {
144 UdevRuleTokenType type:8;
145 UdevRuleOperatorType op:8;
146 UdevRuleMatchType match_type:8;
147 UdevRuleSubstituteType attr_subst_type:7;
148 bool attr_match_remove_trailing_whitespace:1;
149 const char *value;
150 void *data;
151 LIST_FIELDS(UdevRuleToken, tokens);
152 };
153
154 struct UdevRuleLine {
155 char *line;
156 unsigned line_number;
157 UdevRuleLineType type;
158
159 const char *label;
160 const char *goto_label;
161 UdevRuleLine *goto_line;
162
163 UdevRuleFile *rule_file;
164 UdevRuleToken *current_token;
165 LIST_HEAD(UdevRuleToken, tokens);
166 LIST_FIELDS(UdevRuleLine, rule_lines);
167 };
168
169 struct UdevRuleFile {
170 char *filename;
171 UdevRuleLine *current_line;
172 LIST_HEAD(UdevRuleLine, rule_lines);
173 LIST_FIELDS(UdevRuleFile, rule_files);
174 };
175
176 struct UdevRules {
177 usec_t dirs_ts_usec;
178 ResolveNameTiming resolve_name_timing;
179 Hashmap *known_users;
180 Hashmap *known_groups;
181 UdevRuleFile *current_file;
182 LIST_HEAD(UdevRuleFile, rule_files);
183 };
184
185 /*** Logging helpers ***/
186
187 #define log_rule_full_errno_zerook(device, rules, level, error, fmt, ...) \
188 ({ \
189 UdevRules *_r = (rules); \
190 UdevRuleFile *_f = _r ? _r->current_file : NULL; \
191 UdevRuleLine *_l = _f ? _f->current_line : NULL; \
192 const char *_n = _f ? _f->filename : NULL; \
193 \
194 log_device_full_errno_zerook( \
195 device, level, error, "%s:%u " fmt, \
196 strna(_n), _l ? _l->line_number : 0, \
197 ##__VA_ARGS__); \
198 })
199
200 #define log_rule_full_errno(device, rules, level, error, fmt, ...) \
201 ({ \
202 int _error = (error); \
203 ASSERT_NON_ZERO(_error); \
204 log_rule_full_errno_zerook( \
205 device, rules, level, _error, fmt, ##__VA_ARGS__); \
206 })
207
208 #define log_rule_full(device, rules, level, ...) (void) log_rule_full_errno_zerook(device, rules, level, 0, __VA_ARGS__)
209
210 #define log_rule_debug(device, rules, ...) log_rule_full(device, rules, LOG_DEBUG, __VA_ARGS__)
211 #define log_rule_info(device, rules, ...) log_rule_full(device, rules, LOG_INFO, __VA_ARGS__)
212 #define log_rule_notice(device, rules, ...) log_rule_full(device, rules, LOG_NOTICE, __VA_ARGS__)
213 #define log_rule_warning(device, rules, ...) log_rule_full(device, rules, LOG_WARNING, __VA_ARGS__)
214 #define log_rule_error(device, rules, ...) log_rule_full(device, rules, LOG_ERR, __VA_ARGS__)
215
216 #define log_rule_debug_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_DEBUG, error, __VA_ARGS__)
217 #define log_rule_info_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_INFO, error, __VA_ARGS__)
218 #define log_rule_notice_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_NOTICE, error, __VA_ARGS__)
219 #define log_rule_warning_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_WARNING, error, __VA_ARGS__)
220 #define log_rule_error_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_ERR, error, __VA_ARGS__)
221
222 #define log_token_full_errno_zerook(rules, level, error, ...) log_rule_full_errno_zerook(NULL, rules, level, error, __VA_ARGS__)
223 #define log_token_full_errno(rules, level, error, ...) log_rule_full_errno(NULL, rules, level, error, __VA_ARGS__)
224 #define log_token_full(rules, level, ...) (void) log_token_full_errno_zerook(rules, level, 0, __VA_ARGS__)
225
226 #define log_token_debug(rules, ...) log_token_full(rules, LOG_DEBUG, __VA_ARGS__)
227 #define log_token_info(rules, ...) log_token_full(rules, LOG_INFO, __VA_ARGS__)
228 #define log_token_notice(rules, ...) log_token_full(rules, LOG_NOTICE, __VA_ARGS__)
229 #define log_token_warning(rules, ...) log_token_full(rules, LOG_WARNING, __VA_ARGS__)
230 #define log_token_error(rules, ...) log_token_full(rules, LOG_ERR, __VA_ARGS__)
231
232 #define log_token_debug_errno(rules, error, ...) log_token_full_errno(rules, LOG_DEBUG, error, __VA_ARGS__)
233 #define log_token_info_errno(rules, error, ...) log_token_full_errno(rules, LOG_INFO, error, __VA_ARGS__)
234 #define log_token_notice_errno(rules, error, ...) log_token_full_errno(rules, LOG_NOTICE, error, __VA_ARGS__)
235 #define log_token_warning_errno(rules, error, ...) log_token_full_errno(rules, LOG_WARNING, error, __VA_ARGS__)
236 #define log_token_error_errno(rules, error, ...) log_token_full_errno(rules, LOG_ERR, error, __VA_ARGS__)
237
238 #define _log_token_invalid(rules, key, type) \
239 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
240 "Invalid %s for %s.", type, key)
241
242 #define log_token_invalid_op(rules, key) _log_token_invalid(rules, key, "operator")
243 #define log_token_invalid_attr(rules, key) _log_token_invalid(rules, key, "attribute")
244
245 #define log_token_invalid_attr_format(rules, key, attr, offset, hint) \
246 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
247 "Invalid attribute \"%s\" for %s (char %zu: %s), ignoring, but please fix it.", \
248 attr, key, offset, hint)
249 #define log_token_invalid_value(rules, key, value, offset, hint) \
250 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
251 "Invalid value \"%s\" for %s (char %zu: %s), ignoring, but please fix it.", \
252 value, key, offset, hint)
253
254 static void log_unknown_owner(sd_device *dev, UdevRules *rules, int error, const char *entity, const char *name) {
255 if (IN_SET(abs(error), ENOENT, ESRCH))
256 log_rule_error(dev, rules, "Unknown %s '%s', ignoring", entity, name);
257 else
258 log_rule_error_errno(dev, rules, error, "Failed to resolve %s '%s', ignoring: %m", entity, name);
259 }
260
261 /*** Other functions ***/
262
263 static void udev_rule_token_free(UdevRuleToken *token) {
264 free(token);
265 }
266
267 static void udev_rule_line_clear_tokens(UdevRuleLine *rule_line) {
268 UdevRuleToken *i, *next;
269
270 assert(rule_line);
271
272 LIST_FOREACH_SAFE(tokens, i, next, rule_line->tokens)
273 udev_rule_token_free(i);
274
275 rule_line->tokens = NULL;
276 }
277
278 static UdevRuleLine* udev_rule_line_free(UdevRuleLine *rule_line) {
279 if (!rule_line)
280 return NULL;
281
282 udev_rule_line_clear_tokens(rule_line);
283
284 if (rule_line->rule_file) {
285 if (rule_line->rule_file->current_line == rule_line)
286 rule_line->rule_file->current_line = rule_line->rule_lines_prev;
287
288 LIST_REMOVE(rule_lines, rule_line->rule_file->rule_lines, rule_line);
289 }
290
291 free(rule_line->line);
292 return mfree(rule_line);
293 }
294
295 DEFINE_TRIVIAL_CLEANUP_FUNC(UdevRuleLine*, udev_rule_line_free);
296
297 static void udev_rule_file_free(UdevRuleFile *rule_file) {
298 UdevRuleLine *i, *next;
299
300 if (!rule_file)
301 return;
302
303 LIST_FOREACH_SAFE(rule_lines, i, next, rule_file->rule_lines)
304 udev_rule_line_free(i);
305
306 free(rule_file->filename);
307 free(rule_file);
308 }
309
310 UdevRules *udev_rules_free(UdevRules *rules) {
311 UdevRuleFile *i, *next;
312
313 if (!rules)
314 return NULL;
315
316 LIST_FOREACH_SAFE(rule_files, i, next, rules->rule_files)
317 udev_rule_file_free(i);
318
319 hashmap_free_free_key(rules->known_users);
320 hashmap_free_free_key(rules->known_groups);
321 return mfree(rules);
322 }
323
324 static int rule_resolve_user(UdevRules *rules, const char *name, uid_t *ret) {
325 _cleanup_free_ char *n = NULL;
326 uid_t uid;
327 void *val;
328 int r;
329
330 assert(rules);
331 assert(name);
332
333 val = hashmap_get(rules->known_users, name);
334 if (val) {
335 *ret = PTR_TO_UID(val);
336 return 0;
337 }
338
339 r = get_user_creds(&name, &uid, NULL, NULL, NULL, USER_CREDS_ALLOW_MISSING);
340 if (r < 0) {
341 log_unknown_owner(NULL, rules, r, "user", name);
342 *ret = UID_INVALID;
343 return 0;
344 }
345
346 n = strdup(name);
347 if (!n)
348 return -ENOMEM;
349
350 r = hashmap_ensure_put(&rules->known_users, &string_hash_ops, n, UID_TO_PTR(uid));
351 if (r < 0)
352 return r;
353
354 TAKE_PTR(n);
355 *ret = uid;
356 return 0;
357 }
358
359 static int rule_resolve_group(UdevRules *rules, const char *name, gid_t *ret) {
360 _cleanup_free_ char *n = NULL;
361 gid_t gid;
362 void *val;
363 int r;
364
365 assert(rules);
366 assert(name);
367
368 val = hashmap_get(rules->known_groups, name);
369 if (val) {
370 *ret = PTR_TO_GID(val);
371 return 0;
372 }
373
374 r = get_group_creds(&name, &gid, USER_CREDS_ALLOW_MISSING);
375 if (r < 0) {
376 log_unknown_owner(NULL, rules, r, "group", name);
377 *ret = GID_INVALID;
378 return 0;
379 }
380
381 n = strdup(name);
382 if (!n)
383 return -ENOMEM;
384
385 r = hashmap_ensure_put(&rules->known_groups, &string_hash_ops, n, GID_TO_PTR(gid));
386 if (r < 0)
387 return r;
388
389 TAKE_PTR(n);
390 *ret = gid;
391 return 0;
392 }
393
394 static UdevRuleSubstituteType rule_get_substitution_type(const char *str) {
395 assert(str);
396
397 if (str[0] == '[')
398 return SUBST_TYPE_SUBSYS;
399 if (strchr(str, '%') || strchr(str, '$'))
400 return SUBST_TYPE_FORMAT;
401 return SUBST_TYPE_PLAIN;
402 }
403
404 static void rule_line_append_token(UdevRuleLine *rule_line, UdevRuleToken *token) {
405 assert(rule_line);
406 assert(token);
407
408 if (rule_line->current_token)
409 LIST_APPEND(tokens, rule_line->current_token, token);
410 else
411 LIST_APPEND(tokens, rule_line->tokens, token);
412
413 rule_line->current_token = token;
414 }
415
416 static int rule_line_add_token(UdevRuleLine *rule_line, UdevRuleTokenType type, UdevRuleOperatorType op, char *value, void *data) {
417 UdevRuleToken *token;
418 UdevRuleMatchType match_type = _MATCH_TYPE_INVALID;
419 UdevRuleSubstituteType subst_type = _SUBST_TYPE_INVALID;
420 bool remove_trailing_whitespace = false;
421 size_t len;
422
423 assert(rule_line);
424 assert(type >= 0 && type < _TK_TYPE_MAX);
425 assert(op >= 0 && op < _OP_TYPE_MAX);
426
427 if (type < _TK_M_MAX) {
428 assert(value);
429 assert(IN_SET(op, OP_MATCH, OP_NOMATCH));
430
431 if (type == TK_M_SUBSYSTEM && STR_IN_SET(value, "subsystem", "bus", "class"))
432 match_type = MATCH_TYPE_SUBSYSTEM;
433 else if (isempty(value))
434 match_type = MATCH_TYPE_EMPTY;
435 else if (streq(value, "?*")) {
436 /* Convert KEY=="?*" -> KEY!="" */
437 match_type = MATCH_TYPE_EMPTY;
438 op = op == OP_MATCH ? OP_NOMATCH : OP_MATCH;
439 } else if (string_is_glob(value))
440 match_type = MATCH_TYPE_GLOB;
441 else
442 match_type = MATCH_TYPE_PLAIN;
443
444 if (type < TK_M_TEST || type == TK_M_RESULT) {
445 /* Convert value string to nulstr. */
446 bool bar = true, empty = false;
447 char *a, *b;
448
449 for (a = b = value; *a != '\0'; a++) {
450 if (*a != '|') {
451 *b++ = *a;
452 bar = false;
453 } else {
454 if (bar)
455 empty = true;
456 else
457 *b++ = '\0';
458 bar = true;
459 }
460 }
461 *b = '\0';
462
463 /* Make sure the value is end, so NULSTR_FOREACH can read correct match */
464 if (b < a)
465 b[1] = '\0';
466
467 if (bar)
468 empty = true;
469
470 if (empty) {
471 if (match_type == MATCH_TYPE_GLOB)
472 match_type = MATCH_TYPE_GLOB_WITH_EMPTY;
473 if (match_type == MATCH_TYPE_PLAIN)
474 match_type = MATCH_TYPE_PLAIN_WITH_EMPTY;
475 }
476 }
477 }
478
479 if (IN_SET(type, TK_M_ATTR, TK_M_PARENTS_ATTR)) {
480 assert(value);
481 assert(data);
482
483 len = strlen(value);
484 if (len > 0 && !isspace(value[len - 1]))
485 remove_trailing_whitespace = true;
486
487 subst_type = rule_get_substitution_type(data);
488 }
489
490 token = new(UdevRuleToken, 1);
491 if (!token)
492 return -ENOMEM;
493
494 *token = (UdevRuleToken) {
495 .type = type,
496 .op = op,
497 .value = value,
498 .data = data,
499 .match_type = match_type,
500 .attr_subst_type = subst_type,
501 .attr_match_remove_trailing_whitespace = remove_trailing_whitespace,
502 };
503
504 rule_line_append_token(rule_line, token);
505
506 if (token->type == TK_A_NAME)
507 SET_FLAG(rule_line->type, LINE_HAS_NAME, true);
508
509 else if (IN_SET(token->type, TK_A_DEVLINK,
510 TK_A_OWNER, TK_A_GROUP, TK_A_MODE,
511 TK_A_OWNER_ID, TK_A_GROUP_ID, TK_A_MODE_ID))
512 SET_FLAG(rule_line->type, LINE_HAS_DEVLINK, true);
513
514 else if (token->type == TK_A_OPTIONS_STATIC_NODE)
515 SET_FLAG(rule_line->type, LINE_HAS_STATIC_NODE, true);
516
517 else if (token->type >= _TK_A_MIN ||
518 IN_SET(token->type, TK_M_PROGRAM,
519 TK_M_IMPORT_FILE, TK_M_IMPORT_PROGRAM, TK_M_IMPORT_BUILTIN,
520 TK_M_IMPORT_DB, TK_M_IMPORT_CMDLINE, TK_M_IMPORT_PARENT))
521 SET_FLAG(rule_line->type, LINE_UPDATE_SOMETHING, true);
522
523 return 0;
524 }
525
526 static void check_value_format_and_warn(UdevRules *rules, const char *key, const char *value, bool nonempty) {
527 size_t offset;
528 const char *hint;
529
530 if (nonempty && isempty(value))
531 log_token_invalid_value(rules, key, value, (size_t) 0, "empty value");
532 else if (udev_check_format(value, &offset, &hint) < 0)
533 log_token_invalid_value(rules, key, value, offset + 1, hint);
534 }
535
536 static int check_attr_format_and_warn(UdevRules *rules, const char *key, const char *value) {
537 size_t offset;
538 const char *hint;
539
540 if (isempty(value))
541 return log_token_invalid_attr(rules, key);
542 if (udev_check_format(value, &offset, &hint) < 0)
543 log_token_invalid_attr_format(rules, key, value, offset + 1, hint);
544 return 0;
545 }
546
547 static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOperatorType op, char *value) {
548 bool is_match = IN_SET(op, OP_MATCH, OP_NOMATCH);
549 UdevRuleLine *rule_line;
550 int r;
551
552 assert(rules);
553 assert(rules->current_file);
554 assert(rules->current_file->current_line);
555 assert(key);
556 assert(value);
557
558 rule_line = rules->current_file->current_line;
559
560 if (streq(key, "ACTION")) {
561 if (attr)
562 return log_token_invalid_attr(rules, key);
563 if (!is_match)
564 return log_token_invalid_op(rules, key);
565
566 r = rule_line_add_token(rule_line, TK_M_ACTION, op, value, NULL);
567 } else if (streq(key, "DEVPATH")) {
568 if (attr)
569 return log_token_invalid_attr(rules, key);
570 if (!is_match)
571 return log_token_invalid_op(rules, key);
572
573 r = rule_line_add_token(rule_line, TK_M_DEVPATH, op, value, NULL);
574 } else if (streq(key, "KERNEL")) {
575 if (attr)
576 return log_token_invalid_attr(rules, key);
577 if (!is_match)
578 return log_token_invalid_op(rules, key);
579
580 r = rule_line_add_token(rule_line, TK_M_KERNEL, op, value, NULL);
581 } else if (streq(key, "SYMLINK")) {
582 if (attr)
583 return log_token_invalid_attr(rules, key);
584 if (op == OP_REMOVE)
585 return log_token_invalid_op(rules, key);
586
587 if (!is_match) {
588 check_value_format_and_warn(rules, key, value, false);
589 r = rule_line_add_token(rule_line, TK_A_DEVLINK, op, value, NULL);
590 } else
591 r = rule_line_add_token(rule_line, TK_M_DEVLINK, op, value, NULL);
592 } else if (streq(key, "NAME")) {
593 if (attr)
594 return log_token_invalid_attr(rules, key);
595 if (op == OP_REMOVE)
596 return log_token_invalid_op(rules, key);
597 if (op == OP_ADD) {
598 log_token_warning(rules, "%s key takes '==', '!=', '=', or ':=' operator, assuming '=', but please fix it.", key);
599 op = OP_ASSIGN;
600 }
601
602 if (!is_match) {
603 if (streq(value, "%k"))
604 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
605 "NAME=\"%%k\" is ignored, as it breaks kernel supplied names.");
606 if (isempty(value))
607 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
608 "Ignoring NAME=\"\", as udev will not delete any device nodes.");
609 check_value_format_and_warn(rules, key, value, false);
610
611 r = rule_line_add_token(rule_line, TK_A_NAME, op, value, NULL);
612 } else
613 r = rule_line_add_token(rule_line, TK_M_NAME, op, value, NULL);
614 } else if (streq(key, "ENV")) {
615 if (isempty(attr))
616 return log_token_invalid_attr(rules, key);
617 if (op == OP_REMOVE)
618 return log_token_invalid_op(rules, key);
619 if (op == OP_ASSIGN_FINAL) {
620 log_token_warning(rules, "%s key takes '==', '!=', '=', or '+=' operator, assuming '=', but please fix it.", key);
621 op = OP_ASSIGN;
622 }
623
624 if (!is_match) {
625 if (STR_IN_SET(attr,
626 "ACTION", "DEVLINKS", "DEVNAME", "DEVPATH", "DEVTYPE", "DRIVER",
627 "IFINDEX", "MAJOR", "MINOR", "SEQNUM", "SUBSYSTEM", "TAGS"))
628 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
629 "Invalid ENV attribute. '%s' cannot be set.", attr);
630
631 check_value_format_and_warn(rules, key, value, false);
632
633 r = rule_line_add_token(rule_line, TK_A_ENV, op, value, attr);
634 } else
635 r = rule_line_add_token(rule_line, TK_M_ENV, op, value, attr);
636 } else if (streq(key, "CONST")) {
637 if (isempty(attr) || !STR_IN_SET(attr, "arch", "virt"))
638 return log_token_invalid_attr(rules, key);
639 if (!is_match)
640 return log_token_invalid_op(rules, key);
641 r = rule_line_add_token(rule_line, TK_M_CONST, op, value, attr);
642 } else if (streq(key, "TAG")) {
643 if (attr)
644 return log_token_invalid_attr(rules, key);
645 if (op == OP_ASSIGN_FINAL) {
646 log_token_warning(rules, "%s key takes '==', '!=', '=', or '+=' operator, assuming '=', but please fix it.", key);
647 op = OP_ASSIGN;
648 }
649
650 if (!is_match) {
651 check_value_format_and_warn(rules, key, value, true);
652
653 r = rule_line_add_token(rule_line, TK_A_TAG, op, value, NULL);
654 } else
655 r = rule_line_add_token(rule_line, TK_M_TAG, op, value, NULL);
656 } else if (streq(key, "SUBSYSTEM")) {
657 if (attr)
658 return log_token_invalid_attr(rules, key);
659 if (!is_match)
660 return log_token_invalid_op(rules, key);
661
662 if (STR_IN_SET(value, "bus", "class"))
663 log_token_warning(rules, "'%s' must be specified as 'subsystem'; please fix it", value);
664
665 r = rule_line_add_token(rule_line, TK_M_SUBSYSTEM, op, value, NULL);
666 } else if (streq(key, "DRIVER")) {
667 if (attr)
668 return log_token_invalid_attr(rules, key);
669 if (!is_match)
670 return log_token_invalid_op(rules, key);
671
672 r = rule_line_add_token(rule_line, TK_M_DRIVER, op, value, NULL);
673 } else if (streq(key, "ATTR")) {
674 r = check_attr_format_and_warn(rules, key, attr);
675 if (r < 0)
676 return r;
677 if (op == OP_REMOVE)
678 return log_token_invalid_op(rules, key);
679 if (IN_SET(op, OP_ADD, OP_ASSIGN_FINAL)) {
680 log_token_warning(rules, "%s key takes '==', '!=', or '=' operator, assuming '=', but please fix it.", key);
681 op = OP_ASSIGN;
682 }
683
684 if (!is_match) {
685 check_value_format_and_warn(rules, key, value, false);
686 r = rule_line_add_token(rule_line, TK_A_ATTR, op, value, attr);
687 } else
688 r = rule_line_add_token(rule_line, TK_M_ATTR, op, value, attr);
689 } else if (streq(key, "SYSCTL")) {
690 r = check_attr_format_and_warn(rules, key, attr);
691 if (r < 0)
692 return r;
693 if (op == OP_REMOVE)
694 return log_token_invalid_op(rules, key);
695 if (IN_SET(op, OP_ADD, OP_ASSIGN_FINAL)) {
696 log_token_warning(rules, "%s key takes '==', '!=', or '=' operator, assuming '=', but please fix it.", key);
697 op = OP_ASSIGN;
698 }
699
700 if (!is_match) {
701 check_value_format_and_warn(rules, key, value, false);
702 r = rule_line_add_token(rule_line, TK_A_SYSCTL, op, value, attr);
703 } else
704 r = rule_line_add_token(rule_line, TK_M_SYSCTL, op, value, attr);
705 } else if (streq(key, "KERNELS")) {
706 if (attr)
707 return log_token_invalid_attr(rules, key);
708 if (!is_match)
709 return log_token_invalid_op(rules, key);
710
711 r = rule_line_add_token(rule_line, TK_M_PARENTS_KERNEL, op, value, NULL);
712 } else if (streq(key, "SUBSYSTEMS")) {
713 if (attr)
714 return log_token_invalid_attr(rules, key);
715 if (!is_match)
716 return log_token_invalid_op(rules, key);
717
718 r = rule_line_add_token(rule_line, TK_M_PARENTS_SUBSYSTEM, op, value, NULL);
719 } else if (streq(key, "DRIVERS")) {
720 if (attr)
721 return log_token_invalid_attr(rules, key);
722 if (!is_match)
723 return log_token_invalid_op(rules, key);
724
725 r = rule_line_add_token(rule_line, TK_M_PARENTS_DRIVER, op, value, NULL);
726 } else if (streq(key, "ATTRS")) {
727 r = check_attr_format_and_warn(rules, key, attr);
728 if (r < 0)
729 return r;
730 if (!is_match)
731 return log_token_invalid_op(rules, key);
732
733 if (startswith(attr, "device/"))
734 log_token_warning(rules, "'device' link may not be available in future kernels; please fix it.");
735 if (strstr(attr, "../"))
736 log_token_warning(rules, "Direct reference to parent sysfs directory, may break in future kernels; please fix it.");
737
738 r = rule_line_add_token(rule_line, TK_M_PARENTS_ATTR, op, value, attr);
739 } else if (streq(key, "TAGS")) {
740 if (attr)
741 return log_token_invalid_attr(rules, key);
742 if (!is_match)
743 return log_token_invalid_op(rules, key);
744
745 r = rule_line_add_token(rule_line, TK_M_PARENTS_TAG, op, value, NULL);
746 } else if (streq(key, "TEST")) {
747 mode_t mode = MODE_INVALID;
748
749 if (!isempty(attr)) {
750 r = parse_mode(attr, &mode);
751 if (r < 0)
752 return log_token_error_errno(rules, r, "Failed to parse mode '%s': %m", attr);
753 }
754 check_value_format_and_warn(rules, key, value, true);
755 if (!is_match)
756 return log_token_invalid_op(rules, key);
757
758 r = rule_line_add_token(rule_line, TK_M_TEST, op, value, MODE_TO_PTR(mode));
759 } else if (streq(key, "PROGRAM")) {
760 if (attr)
761 return log_token_invalid_attr(rules, key);
762 check_value_format_and_warn(rules, key, value, true);
763 if (op == OP_REMOVE)
764 return log_token_invalid_op(rules, key);
765 if (!is_match)
766 op = OP_MATCH;
767
768 r = rule_line_add_token(rule_line, TK_M_PROGRAM, op, value, NULL);
769 } else if (streq(key, "IMPORT")) {
770 if (isempty(attr))
771 return log_token_invalid_attr(rules, key);
772 check_value_format_and_warn(rules, key, value, true);
773 if (op == OP_REMOVE)
774 return log_token_invalid_op(rules, key);
775 if (!is_match)
776 op = OP_MATCH;
777
778 if (streq(attr, "file"))
779 r = rule_line_add_token(rule_line, TK_M_IMPORT_FILE, op, value, NULL);
780 else if (streq(attr, "program")) {
781 UdevBuiltinCommand cmd;
782
783 cmd = udev_builtin_lookup(value);
784 if (cmd >= 0) {
785 log_token_debug(rules,"Found builtin command '%s' for %s, replacing attribute", value, key);
786 r = rule_line_add_token(rule_line, TK_M_IMPORT_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
787 } else
788 r = rule_line_add_token(rule_line, TK_M_IMPORT_PROGRAM, op, value, NULL);
789 } else if (streq(attr, "builtin")) {
790 UdevBuiltinCommand cmd;
791
792 cmd = udev_builtin_lookup(value);
793 if (cmd < 0)
794 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
795 "Unknown builtin command: %s", value);
796 r = rule_line_add_token(rule_line, TK_M_IMPORT_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
797 } else if (streq(attr, "db"))
798 r = rule_line_add_token(rule_line, TK_M_IMPORT_DB, op, value, NULL);
799 else if (streq(attr, "cmdline"))
800 r = rule_line_add_token(rule_line, TK_M_IMPORT_CMDLINE, op, value, NULL);
801 else if (streq(attr, "parent"))
802 r = rule_line_add_token(rule_line, TK_M_IMPORT_PARENT, op, value, NULL);
803 else
804 return log_token_invalid_attr(rules, key);
805 } else if (streq(key, "RESULT")) {
806 if (attr)
807 return log_token_invalid_attr(rules, key);
808 if (!is_match)
809 return log_token_invalid_op(rules, key);
810
811 r = rule_line_add_token(rule_line, TK_M_RESULT, op, value, NULL);
812 } else if (streq(key, "OPTIONS")) {
813 char *tmp;
814
815 if (attr)
816 return log_token_invalid_attr(rules, key);
817 if (is_match || op == OP_REMOVE)
818 return log_token_invalid_op(rules, key);
819 if (op == OP_ADD)
820 op = OP_ASSIGN;
821
822 if (streq(value, "string_escape=none"))
823 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STRING_ESCAPE_NONE, op, NULL, NULL);
824 else if (streq(value, "string_escape=replace"))
825 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STRING_ESCAPE_REPLACE, op, NULL, NULL);
826 else if (streq(value, "db_persist"))
827 r = rule_line_add_token(rule_line, TK_A_OPTIONS_DB_PERSIST, op, NULL, NULL);
828 else if (streq(value, "watch"))
829 r = rule_line_add_token(rule_line, TK_A_OPTIONS_INOTIFY_WATCH, op, NULL, INT_TO_PTR(1));
830 else if (streq(value, "nowatch"))
831 r = rule_line_add_token(rule_line, TK_A_OPTIONS_INOTIFY_WATCH, op, NULL, INT_TO_PTR(0));
832 else if ((tmp = startswith(value, "static_node=")))
833 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STATIC_NODE, op, tmp, NULL);
834 else if ((tmp = startswith(value, "link_priority="))) {
835 int prio;
836
837 r = safe_atoi(tmp, &prio);
838 if (r < 0)
839 return log_token_error_errno(rules, r, "Failed to parse link priority '%s': %m", tmp);
840 r = rule_line_add_token(rule_line, TK_A_OPTIONS_DEVLINK_PRIORITY, op, NULL, INT_TO_PTR(prio));
841 } else if ((tmp = startswith(value, "log_level="))) {
842 int level;
843
844 if (streq(tmp, "reset"))
845 level = -1;
846 else {
847 level = log_level_from_string(tmp);
848 if (level < 0)
849 return log_token_error_errno(rules, level, "Failed to parse log level '%s': %m", tmp);
850 }
851 r = rule_line_add_token(rule_line, TK_A_OPTIONS_LOG_LEVEL, op, NULL, INT_TO_PTR(level));
852 } else {
853 log_token_warning(rules, "Invalid value for OPTIONS key, ignoring: '%s'", value);
854 return 0;
855 }
856 } else if (streq(key, "OWNER")) {
857 uid_t uid;
858
859 if (attr)
860 return log_token_invalid_attr(rules, key);
861 if (is_match || op == OP_REMOVE)
862 return log_token_invalid_op(rules, key);
863 if (op == OP_ADD) {
864 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
865 op = OP_ASSIGN;
866 }
867
868 if (parse_uid(value, &uid) >= 0)
869 r = rule_line_add_token(rule_line, TK_A_OWNER_ID, op, NULL, UID_TO_PTR(uid));
870 else if (rules->resolve_name_timing == RESOLVE_NAME_EARLY &&
871 rule_get_substitution_type(value) == SUBST_TYPE_PLAIN) {
872 r = rule_resolve_user(rules, value, &uid);
873 if (r < 0)
874 return log_token_error_errno(rules, r, "Failed to resolve user name '%s': %m", value);
875
876 r = rule_line_add_token(rule_line, TK_A_OWNER_ID, op, NULL, UID_TO_PTR(uid));
877 } else if (rules->resolve_name_timing != RESOLVE_NAME_NEVER) {
878 check_value_format_and_warn(rules, key, value, true);
879 r = rule_line_add_token(rule_line, TK_A_OWNER, op, value, NULL);
880 } else {
881 log_token_debug(rules, "User name resolution is disabled, ignoring %s=%s", key, value);
882 return 0;
883 }
884 } else if (streq(key, "GROUP")) {
885 gid_t gid;
886
887 if (attr)
888 return log_token_invalid_attr(rules, key);
889 if (is_match || op == OP_REMOVE)
890 return log_token_invalid_op(rules, key);
891 if (op == OP_ADD) {
892 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
893 op = OP_ASSIGN;
894 }
895
896 if (parse_gid(value, &gid) >= 0)
897 r = rule_line_add_token(rule_line, TK_A_GROUP_ID, op, NULL, GID_TO_PTR(gid));
898 else if (rules->resolve_name_timing == RESOLVE_NAME_EARLY &&
899 rule_get_substitution_type(value) == SUBST_TYPE_PLAIN) {
900 r = rule_resolve_group(rules, value, &gid);
901 if (r < 0)
902 return log_token_error_errno(rules, r, "Failed to resolve group name '%s': %m", value);
903
904 r = rule_line_add_token(rule_line, TK_A_GROUP_ID, op, NULL, GID_TO_PTR(gid));
905 } else if (rules->resolve_name_timing != RESOLVE_NAME_NEVER) {
906 check_value_format_and_warn(rules, key, value, true);
907 r = rule_line_add_token(rule_line, TK_A_GROUP, op, value, NULL);
908 } else {
909 log_token_debug(rules, "Resolving group name is disabled, ignoring %s=%s", key, value);
910 return 0;
911 }
912 } else if (streq(key, "MODE")) {
913 mode_t mode;
914
915 if (attr)
916 return log_token_invalid_attr(rules, key);
917 if (is_match || op == OP_REMOVE)
918 return log_token_invalid_op(rules, key);
919 if (op == OP_ADD) {
920 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
921 op = OP_ASSIGN;
922 }
923
924 if (parse_mode(value, &mode) >= 0)
925 r = rule_line_add_token(rule_line, TK_A_MODE_ID, op, NULL, MODE_TO_PTR(mode));
926 else {
927 check_value_format_and_warn(rules, key, value, true);
928 r = rule_line_add_token(rule_line, TK_A_MODE, op, value, NULL);
929 }
930 } else if (streq(key, "SECLABEL")) {
931 if (isempty(attr))
932 return log_token_invalid_attr(rules, key);
933 check_value_format_and_warn(rules, key, value, true);
934 if (is_match || op == OP_REMOVE)
935 return log_token_invalid_op(rules, key);
936 if (op == OP_ASSIGN_FINAL) {
937 log_token_warning(rules, "%s key takes '=' or '+=' operator, assuming '=', but please fix it.", key);
938 op = OP_ASSIGN;
939 }
940
941 r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, attr);
942 } else if (streq(key, "RUN")) {
943 if (is_match || op == OP_REMOVE)
944 return log_token_invalid_op(rules, key);
945 check_value_format_and_warn(rules, key, value, true);
946 if (!attr || streq(attr, "program"))
947 r = rule_line_add_token(rule_line, TK_A_RUN_PROGRAM, op, value, NULL);
948 else if (streq(attr, "builtin")) {
949 UdevBuiltinCommand cmd;
950
951 cmd = udev_builtin_lookup(value);
952 if (cmd < 0)
953 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
954 "Unknown builtin command '%s', ignoring", value);
955 r = rule_line_add_token(rule_line, TK_A_RUN_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
956 } else
957 return log_token_invalid_attr(rules, key);
958 } else if (streq(key, "GOTO")) {
959 if (attr)
960 return log_token_invalid_attr(rules, key);
961 if (op != OP_ASSIGN)
962 return log_token_invalid_op(rules, key);
963 if (FLAGS_SET(rule_line->type, LINE_HAS_GOTO)) {
964 log_token_warning(rules, "Contains multiple GOTO keys, ignoring GOTO=\"%s\".", value);
965 return 0;
966 }
967
968 rule_line->goto_label = value;
969 SET_FLAG(rule_line->type, LINE_HAS_GOTO, true);
970 return 1;
971 } else if (streq(key, "LABEL")) {
972 if (attr)
973 return log_token_invalid_attr(rules, key);
974 if (op != OP_ASSIGN)
975 return log_token_invalid_op(rules, key);
976
977 rule_line->label = value;
978 SET_FLAG(rule_line->type, LINE_HAS_LABEL, true);
979 return 1;
980 } else
981 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), "Invalid key '%s'", key);
982 if (r < 0)
983 return log_oom();
984
985 return 1;
986 }
987
988 static UdevRuleOperatorType parse_operator(const char *op) {
989 assert(op);
990
991 if (startswith(op, "=="))
992 return OP_MATCH;
993 if (startswith(op, "!="))
994 return OP_NOMATCH;
995 if (startswith(op, "+="))
996 return OP_ADD;
997 if (startswith(op, "-="))
998 return OP_REMOVE;
999 if (startswith(op, "="))
1000 return OP_ASSIGN;
1001 if (startswith(op, ":="))
1002 return OP_ASSIGN_FINAL;
1003
1004 return _OP_TYPE_INVALID;
1005 }
1006
1007 static int parse_line(char **line, char **ret_key, char **ret_attr, UdevRuleOperatorType *ret_op, char **ret_value) {
1008 char *key_begin, *key_end, *attr, *tmp;
1009 UdevRuleOperatorType op;
1010 int r;
1011
1012 assert(line);
1013 assert(*line);
1014 assert(ret_key);
1015 assert(ret_op);
1016 assert(ret_value);
1017
1018 key_begin = skip_leading_chars(*line, WHITESPACE ",");
1019
1020 if (isempty(key_begin))
1021 return 0;
1022
1023 for (key_end = key_begin; ; key_end++) {
1024 if (key_end[0] == '\0')
1025 return -EINVAL;
1026 if (strchr(WHITESPACE "={", key_end[0]))
1027 break;
1028 if (strchr("+-!:", key_end[0]) && key_end[1] == '=')
1029 break;
1030 }
1031 if (key_end[0] == '{') {
1032 attr = key_end + 1;
1033 tmp = strchr(attr, '}');
1034 if (!tmp)
1035 return -EINVAL;
1036 *tmp++ = '\0';
1037 } else {
1038 attr = NULL;
1039 tmp = key_end;
1040 }
1041
1042 tmp = skip_leading_chars(tmp, NULL);
1043 op = parse_operator(tmp);
1044 if (op < 0)
1045 return -EINVAL;
1046
1047 key_end[0] = '\0';
1048
1049 tmp += op == OP_ASSIGN ? 1 : 2;
1050 tmp = skip_leading_chars(tmp, NULL);
1051 r = udev_rule_parse_value(tmp, ret_value, line);
1052 if (r < 0)
1053 return r;
1054
1055 *ret_key = key_begin;
1056 *ret_attr = attr;
1057 *ret_op = op;
1058 return 1;
1059 }
1060
1061 static void sort_tokens(UdevRuleLine *rule_line) {
1062 UdevRuleToken *head_old;
1063
1064 assert(rule_line);
1065
1066 head_old = TAKE_PTR(rule_line->tokens);
1067 rule_line->current_token = NULL;
1068
1069 while (!LIST_IS_EMPTY(head_old)) {
1070 UdevRuleToken *t, *min_token = NULL;
1071
1072 LIST_FOREACH(tokens, t, head_old)
1073 if (!min_token || min_token->type > t->type)
1074 min_token = t;
1075
1076 LIST_REMOVE(tokens, head_old, min_token);
1077 rule_line_append_token(rule_line, min_token);
1078 }
1079 }
1080
1081 static int rule_add_line(UdevRules *rules, const char *line_str, unsigned line_nr) {
1082 _cleanup_(udev_rule_line_freep) UdevRuleLine *rule_line = NULL;
1083 _cleanup_free_ char *line = NULL;
1084 UdevRuleFile *rule_file;
1085 char *p;
1086 int r;
1087
1088 assert(rules);
1089 assert(rules->current_file);
1090 assert(line_str);
1091
1092 rule_file = rules->current_file;
1093
1094 if (isempty(line_str))
1095 return 0;
1096
1097 /* We use memdup_suffix0() here, since we want to add a second NUL byte to the end, since possibly
1098 * some parsers might turn this into a "nulstr", which requires an extra NUL at the end. */
1099 line = memdup_suffix0(line_str, strlen(line_str) + 1);
1100 if (!line)
1101 return log_oom();
1102
1103 rule_line = new(UdevRuleLine, 1);
1104 if (!rule_line)
1105 return log_oom();
1106
1107 *rule_line = (UdevRuleLine) {
1108 .line = TAKE_PTR(line),
1109 .line_number = line_nr,
1110 .rule_file = rule_file,
1111 };
1112
1113 if (rule_file->current_line)
1114 LIST_APPEND(rule_lines, rule_file->current_line, rule_line);
1115 else
1116 LIST_APPEND(rule_lines, rule_file->rule_lines, rule_line);
1117
1118 rule_file->current_line = rule_line;
1119
1120 for (p = rule_line->line; !isempty(p); ) {
1121 char *key, *attr, *value;
1122 UdevRuleOperatorType op;
1123
1124 r = parse_line(&p, &key, &attr, &op, &value);
1125 if (r < 0)
1126 return log_token_error_errno(rules, r, "Invalid key/value pair, ignoring.");
1127 if (r == 0)
1128 break;
1129
1130 r = parse_token(rules, key, attr, op, value);
1131 if (r < 0)
1132 return r;
1133 }
1134
1135 if (rule_line->type == 0) {
1136 log_token_warning(rules, "The line takes no effect, ignoring.");
1137 return 0;
1138 }
1139
1140 sort_tokens(rule_line);
1141 TAKE_PTR(rule_line);
1142 return 0;
1143 }
1144
1145 static void rule_resolve_goto(UdevRuleFile *rule_file) {
1146 UdevRuleLine *line, *line_next, *i;
1147
1148 assert(rule_file);
1149
1150 /* link GOTOs to LABEL rules in this file to be able to fast-forward */
1151 LIST_FOREACH_SAFE(rule_lines, line, line_next, rule_file->rule_lines) {
1152 if (!FLAGS_SET(line->type, LINE_HAS_GOTO))
1153 continue;
1154
1155 LIST_FOREACH_AFTER(rule_lines, i, line)
1156 if (streq_ptr(i->label, line->goto_label)) {
1157 line->goto_line = i;
1158 break;
1159 }
1160
1161 if (!line->goto_line) {
1162 log_error("%s:%u: GOTO=\"%s\" has no matching label, ignoring",
1163 rule_file->filename, line->line_number, line->goto_label);
1164
1165 SET_FLAG(line->type, LINE_HAS_GOTO, false);
1166 line->goto_label = NULL;
1167
1168 if ((line->type & ~LINE_HAS_LABEL) == 0) {
1169 log_notice("%s:%u: The line takes no effect any more, dropping",
1170 rule_file->filename, line->line_number);
1171 if (line->type == LINE_HAS_LABEL)
1172 udev_rule_line_clear_tokens(line);
1173 else
1174 udev_rule_line_free(line);
1175 }
1176 }
1177 }
1178 }
1179
1180 int udev_rules_parse_file(UdevRules *rules, const char *filename) {
1181 _cleanup_free_ char *continuation = NULL, *name = NULL;
1182 _cleanup_fclose_ FILE *f = NULL;
1183 UdevRuleFile *rule_file;
1184 bool ignore_line = false;
1185 unsigned line_nr = 0;
1186 int r;
1187
1188 f = fopen(filename, "re");
1189 if (!f) {
1190 if (errno == ENOENT)
1191 return 0;
1192
1193 return -errno;
1194 }
1195
1196 (void) fd_warn_permissions(filename, fileno(f));
1197
1198 if (null_or_empty_fd(fileno(f))) {
1199 log_debug("Skipping empty file: %s", filename);
1200 return 0;
1201 }
1202
1203 log_debug("Reading rules file: %s", filename);
1204
1205 name = strdup(filename);
1206 if (!name)
1207 return log_oom();
1208
1209 rule_file = new(UdevRuleFile, 1);
1210 if (!rule_file)
1211 return log_oom();
1212
1213 *rule_file = (UdevRuleFile) {
1214 .filename = TAKE_PTR(name),
1215 };
1216
1217 if (rules->current_file)
1218 LIST_APPEND(rule_files, rules->current_file, rule_file);
1219 else
1220 LIST_APPEND(rule_files, rules->rule_files, rule_file);
1221
1222 rules->current_file = rule_file;
1223
1224 for (;;) {
1225 _cleanup_free_ char *buf = NULL;
1226 size_t len;
1227 char *line;
1228
1229 r = read_line(f, UDEV_LINE_SIZE, &buf);
1230 if (r < 0)
1231 return r;
1232 if (r == 0)
1233 break;
1234
1235 line_nr++;
1236 line = skip_leading_chars(buf, NULL);
1237
1238 if (line[0] == '#')
1239 continue;
1240
1241 len = strlen(line);
1242
1243 if (continuation && !ignore_line) {
1244 if (strlen(continuation) + len >= UDEV_LINE_SIZE)
1245 ignore_line = true;
1246
1247 if (!strextend(&continuation, line))
1248 return log_oom();
1249
1250 if (!ignore_line) {
1251 line = continuation;
1252 len = strlen(line);
1253 }
1254 }
1255
1256 if (len > 0 && line[len - 1] == '\\') {
1257 if (ignore_line)
1258 continue;
1259
1260 line[len - 1] = '\0';
1261 if (!continuation) {
1262 continuation = strdup(line);
1263 if (!continuation)
1264 return log_oom();
1265 }
1266
1267 continue;
1268 }
1269
1270 if (ignore_line)
1271 log_error("%s:%u: Line is too long, ignored", filename, line_nr);
1272 else if (len > 0)
1273 (void) rule_add_line(rules, line, line_nr);
1274
1275 continuation = mfree(continuation);
1276 ignore_line = false;
1277 }
1278
1279 rule_resolve_goto(rule_file);
1280 return 0;
1281 }
1282
1283 UdevRules* udev_rules_new(ResolveNameTiming resolve_name_timing) {
1284 assert(resolve_name_timing >= 0 && resolve_name_timing < _RESOLVE_NAME_TIMING_MAX);
1285
1286 UdevRules *rules = new(UdevRules, 1);
1287 if (!rules)
1288 return NULL;
1289
1290 *rules = (UdevRules) {
1291 .resolve_name_timing = resolve_name_timing,
1292 };
1293
1294 return rules;
1295 }
1296
1297 int udev_rules_load(UdevRules **ret_rules, ResolveNameTiming resolve_name_timing) {
1298 _cleanup_(udev_rules_freep) UdevRules *rules = NULL;
1299 _cleanup_strv_free_ char **files = NULL;
1300 char **f;
1301 int r;
1302
1303 rules = udev_rules_new(resolve_name_timing);
1304 if (!rules)
1305 return -ENOMEM;
1306
1307 (void) udev_rules_check_timestamp(rules);
1308
1309 r = conf_files_list_strv(&files, ".rules", NULL, 0, RULES_DIRS);
1310 if (r < 0)
1311 return log_debug_errno(r, "Failed to enumerate rules files: %m");
1312
1313 STRV_FOREACH(f, files) {
1314 r = udev_rules_parse_file(rules, *f);
1315 if (r < 0)
1316 log_debug_errno(r, "Failed to read rules file %s, ignoring: %m", *f);
1317 }
1318
1319 *ret_rules = TAKE_PTR(rules);
1320 return 0;
1321 }
1322
1323 bool udev_rules_check_timestamp(UdevRules *rules) {
1324 if (!rules)
1325 return false;
1326
1327 return paths_check_timestamp(RULES_DIRS, &rules->dirs_ts_usec, true);
1328 }
1329
1330 static bool token_match_string(UdevRuleToken *token, const char *str) {
1331 const char *i, *value;
1332 bool match = false;
1333
1334 assert(token);
1335 assert(token->value);
1336 assert(token->type < _TK_M_MAX);
1337
1338 str = strempty(str);
1339 value = token->value;
1340
1341 switch (token->match_type) {
1342 case MATCH_TYPE_EMPTY:
1343 match = isempty(str);
1344 break;
1345 case MATCH_TYPE_SUBSYSTEM:
1346 match = STR_IN_SET(str, "subsystem", "class", "bus");
1347 break;
1348 case MATCH_TYPE_PLAIN_WITH_EMPTY:
1349 if (isempty(str)) {
1350 match = true;
1351 break;
1352 }
1353 _fallthrough_;
1354 case MATCH_TYPE_PLAIN:
1355 NULSTR_FOREACH(i, value)
1356 if (streq(i, str)) {
1357 match = true;
1358 break;
1359 }
1360 break;
1361 case MATCH_TYPE_GLOB_WITH_EMPTY:
1362 if (isempty(str)) {
1363 match = true;
1364 break;
1365 }
1366 _fallthrough_;
1367 case MATCH_TYPE_GLOB:
1368 NULSTR_FOREACH(i, value)
1369 if ((fnmatch(i, str, 0) == 0)) {
1370 match = true;
1371 break;
1372 }
1373 break;
1374 default:
1375 assert_not_reached("Invalid match type");
1376 }
1377
1378 return token->op == (match ? OP_MATCH : OP_NOMATCH);
1379 }
1380
1381 static bool token_match_attr(UdevRuleToken *token, sd_device *dev, UdevEvent *event) {
1382 char nbuf[UDEV_NAME_SIZE], vbuf[UDEV_NAME_SIZE];
1383 const char *name, *value;
1384
1385 assert(token);
1386 assert(dev);
1387 assert(event);
1388
1389 name = token->data;
1390
1391 switch (token->attr_subst_type) {
1392 case SUBST_TYPE_FORMAT:
1393 (void) udev_event_apply_format(event, name, nbuf, sizeof(nbuf), false);
1394 name = nbuf;
1395 _fallthrough_;
1396 case SUBST_TYPE_PLAIN:
1397 if (sd_device_get_sysattr_value(dev, name, &value) < 0)
1398 return false;
1399 break;
1400 case SUBST_TYPE_SUBSYS:
1401 if (udev_resolve_subsys_kernel(name, vbuf, sizeof(vbuf), true) < 0)
1402 return false;
1403 value = vbuf;
1404 break;
1405 default:
1406 assert_not_reached("Invalid attribute substitution type");
1407 }
1408
1409 /* remove trailing whitespace, if not asked to match for it */
1410 if (token->attr_match_remove_trailing_whitespace) {
1411 if (value != vbuf) {
1412 strscpy(vbuf, sizeof(vbuf), value);
1413 value = vbuf;
1414 }
1415
1416 delete_trailing_chars(vbuf, NULL);
1417 }
1418
1419 return token_match_string(token, value);
1420 }
1421
1422 static int get_property_from_string(char *line, char **ret_key, char **ret_value) {
1423 char *key, *val;
1424 size_t len;
1425
1426 assert(line);
1427 assert(ret_key);
1428 assert(ret_value);
1429
1430 /* find key */
1431 key = skip_leading_chars(line, NULL);
1432
1433 /* comment or empty line */
1434 if (IN_SET(key[0], '#', '\0')) {
1435 *ret_key = *ret_value = NULL;
1436 return 0;
1437 }
1438
1439 /* split key/value */
1440 val = strchr(key, '=');
1441 if (!val)
1442 return -EINVAL;
1443 *val++ = '\0';
1444
1445 key = strstrip(key);
1446 if (isempty(key))
1447 return -EINVAL;
1448
1449 val = strstrip(val);
1450 if (isempty(val))
1451 return -EINVAL;
1452
1453 /* unquote */
1454 if (IN_SET(val[0], '"', '\'')) {
1455 len = strlen(val);
1456 if (len == 1 || val[len-1] != val[0])
1457 return -EINVAL;
1458 val[len-1] = '\0';
1459 val++;
1460 }
1461
1462 *ret_key = key;
1463 *ret_value = val;
1464 return 1;
1465 }
1466
1467 static int import_parent_into_properties(sd_device *dev, const char *filter) {
1468 const char *key, *val;
1469 sd_device *parent;
1470 int r;
1471
1472 assert(dev);
1473 assert(filter);
1474
1475 r = sd_device_get_parent(dev, &parent);
1476 if (r == -ENOENT)
1477 return 0;
1478 if (r < 0)
1479 return r;
1480
1481 FOREACH_DEVICE_PROPERTY(parent, key, val) {
1482 if (fnmatch(filter, key, 0) != 0)
1483 continue;
1484 r = device_add_property(dev, key, val);
1485 if (r < 0)
1486 return r;
1487 }
1488
1489 return 1;
1490 }
1491
1492 static int attr_subst_subdir(char attr[static UDEV_PATH_SIZE]) {
1493 _cleanup_closedir_ DIR *dir = NULL;
1494 struct dirent *dent;
1495 char buf[UDEV_PATH_SIZE], *p;
1496 const char *tail;
1497 size_t len, size;
1498
1499 assert(attr);
1500
1501 tail = strstr(attr, "/*/");
1502 if (!tail)
1503 return 0;
1504
1505 len = tail - attr + 1; /* include slash at the end */
1506 tail += 2; /* include slash at the beginning */
1507
1508 p = buf;
1509 size = sizeof(buf);
1510 size -= strnpcpy(&p, size, attr, len);
1511
1512 dir = opendir(buf);
1513 if (!dir)
1514 return -errno;
1515
1516 FOREACH_DIRENT_ALL(dent, dir, break) {
1517 if (dent->d_name[0] == '.')
1518 continue;
1519
1520 strscpyl(p, size, dent->d_name, tail, NULL);
1521 if (faccessat(dirfd(dir), p, F_OK, 0) < 0)
1522 continue;
1523
1524 strcpy(attr, buf);
1525 return 0;
1526 }
1527
1528 return -ENOENT;
1529 }
1530
1531 static int udev_rule_apply_token_to_event(
1532 UdevRules *rules,
1533 sd_device *dev,
1534 UdevEvent *event,
1535 usec_t timeout_usec,
1536 int timeout_signal,
1537 Hashmap *properties_list) {
1538
1539 UdevRuleToken *token;
1540 char buf[UDEV_PATH_SIZE];
1541 const char *val;
1542 size_t count;
1543 bool match;
1544 int r;
1545
1546 assert(rules);
1547 assert(dev);
1548 assert(event);
1549
1550 /* This returns the following values:
1551 * 0 on the current token does not match the event,
1552 * 1 on the current token matches the event, and
1553 * negative errno on some critical errors. */
1554
1555 token = rules->current_file->current_line->current_token;
1556
1557 switch (token->type) {
1558 case TK_M_ACTION: {
1559 sd_device_action_t a;
1560
1561 r = sd_device_get_action(dev, &a);
1562 if (r < 0)
1563 return log_rule_error_errno(dev, rules, r, "Failed to get uevent action type: %m");
1564
1565 return token_match_string(token, device_action_to_string(a));
1566 }
1567 case TK_M_DEVPATH:
1568 r = sd_device_get_devpath(dev, &val);
1569 if (r < 0)
1570 return log_rule_error_errno(dev, rules, r, "Failed to get devpath: %m");
1571
1572 return token_match_string(token, val);
1573 case TK_M_KERNEL:
1574 case TK_M_PARENTS_KERNEL:
1575 r = sd_device_get_sysname(dev, &val);
1576 if (r < 0)
1577 return log_rule_error_errno(dev, rules, r, "Failed to get sysname: %m");
1578
1579 return token_match_string(token, val);
1580 case TK_M_DEVLINK:
1581 FOREACH_DEVICE_DEVLINK(dev, val)
1582 if (token_match_string(token, strempty(startswith(val, "/dev/"))))
1583 return token->op == OP_MATCH;
1584 return token->op == OP_NOMATCH;
1585 case TK_M_NAME:
1586 return token_match_string(token, event->name);
1587 case TK_M_ENV:
1588 if (sd_device_get_property_value(dev, token->data, &val) < 0)
1589 val = hashmap_get(properties_list, token->data);
1590
1591 return token_match_string(token, val);
1592 case TK_M_CONST: {
1593 const char *k = token->data;
1594
1595 if (streq(k, "arch"))
1596 val = architecture_to_string(uname_architecture());
1597 else if (streq(k, "virt"))
1598 val = virtualization_to_string(detect_virtualization());
1599 else
1600 assert_not_reached("Invalid CONST key");
1601 return token_match_string(token, val);
1602 }
1603 case TK_M_TAG:
1604 case TK_M_PARENTS_TAG:
1605 FOREACH_DEVICE_TAG(dev, val)
1606 if (token_match_string(token, val))
1607 return token->op == OP_MATCH;
1608 return token->op == OP_NOMATCH;
1609 case TK_M_SUBSYSTEM:
1610 case TK_M_PARENTS_SUBSYSTEM:
1611 r = sd_device_get_subsystem(dev, &val);
1612 if (r == -ENOENT)
1613 val = NULL;
1614 else if (r < 0)
1615 return log_rule_error_errno(dev, rules, r, "Failed to get subsystem: %m");
1616
1617 return token_match_string(token, val);
1618 case TK_M_DRIVER:
1619 case TK_M_PARENTS_DRIVER:
1620 r = sd_device_get_driver(dev, &val);
1621 if (r == -ENOENT)
1622 val = NULL;
1623 else if (r < 0)
1624 return log_rule_error_errno(dev, rules, r, "Failed to get driver: %m");
1625
1626 return token_match_string(token, val);
1627 case TK_M_ATTR:
1628 case TK_M_PARENTS_ATTR:
1629 return token_match_attr(token, dev, event);
1630 case TK_M_SYSCTL: {
1631 _cleanup_free_ char *value = NULL;
1632
1633 (void) udev_event_apply_format(event, token->data, buf, sizeof(buf), false);
1634 r = sysctl_read(sysctl_normalize(buf), &value);
1635 if (r < 0 && r != -ENOENT)
1636 return log_rule_error_errno(dev, rules, r, "Failed to read sysctl '%s': %m", buf);
1637
1638 return token_match_string(token, strstrip(value));
1639 }
1640 case TK_M_TEST: {
1641 mode_t mode = PTR_TO_MODE(token->data);
1642 struct stat statbuf;
1643
1644 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1645 if (!path_is_absolute(buf) &&
1646 udev_resolve_subsys_kernel(buf, buf, sizeof(buf), false) < 0) {
1647 char tmp[UDEV_PATH_SIZE];
1648
1649 r = sd_device_get_syspath(dev, &val);
1650 if (r < 0)
1651 return log_rule_error_errno(dev, rules, r, "Failed to get syspath: %m");
1652
1653 strscpy(tmp, sizeof(tmp), buf);
1654 strscpyl(buf, sizeof(buf), val, "/", tmp, NULL);
1655 }
1656
1657 r = attr_subst_subdir(buf);
1658 if (r == -ENOENT)
1659 return token->op == OP_NOMATCH;
1660 if (r < 0)
1661 return log_rule_error_errno(dev, rules, r, "Failed to test for the existence of '%s': %m", buf);
1662
1663 if (stat(buf, &statbuf) < 0)
1664 return token->op == OP_NOMATCH;
1665
1666 if (mode == MODE_INVALID)
1667 return token->op == OP_MATCH;
1668
1669 match = (statbuf.st_mode & mode) > 0;
1670 return token->op == (match ? OP_MATCH : OP_NOMATCH);
1671 }
1672 case TK_M_PROGRAM: {
1673 char result[UDEV_LINE_SIZE];
1674
1675 event->program_result = mfree(event->program_result);
1676 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1677 log_rule_debug(dev, rules, "Running PROGRAM '%s'", buf);
1678
1679 r = udev_event_spawn(event, timeout_usec, timeout_signal, true, buf, result, sizeof(result));
1680 if (r != 0) {
1681 if (r < 0)
1682 log_rule_warning_errno(dev, rules, r, "Failed to execute \"%s\": %m", buf);
1683 else /* returned value is positive when program fails */
1684 log_rule_debug(dev, rules, "Command \"%s\" returned %d (error)", buf, r);
1685 return token->op == OP_NOMATCH;
1686 }
1687
1688 delete_trailing_chars(result, "\n");
1689 count = udev_replace_chars(result, UDEV_ALLOWED_CHARS_INPUT);
1690 if (count > 0)
1691 log_rule_debug(dev, rules, "Replaced %zu character(s) in result of \"%s\"",
1692 count, buf);
1693
1694 event->program_result = strdup(result);
1695 return token->op == OP_MATCH;
1696 }
1697 case TK_M_IMPORT_FILE: {
1698 _cleanup_fclose_ FILE *f = NULL;
1699
1700 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1701 log_rule_debug(dev, rules, "Importing properties from '%s'", buf);
1702
1703 f = fopen(buf, "re");
1704 if (!f) {
1705 if (errno != ENOENT)
1706 return log_rule_error_errno(dev, rules, errno,
1707 "Failed to open '%s': %m", buf);
1708 return token->op == OP_NOMATCH;
1709 }
1710
1711 for (;;) {
1712 _cleanup_free_ char *line = NULL;
1713 char *key, *value;
1714
1715 r = read_line(f, LONG_LINE_MAX, &line);
1716 if (r < 0) {
1717 log_rule_debug_errno(dev, rules, r,
1718 "Failed to read '%s', ignoring: %m", buf);
1719 return token->op == OP_NOMATCH;
1720 }
1721 if (r == 0)
1722 break;
1723
1724 r = get_property_from_string(line, &key, &value);
1725 if (r < 0) {
1726 log_rule_debug_errno(dev, rules, r,
1727 "Failed to parse key and value from '%s', ignoring: %m",
1728 line);
1729 continue;
1730 }
1731 if (r == 0)
1732 continue;
1733
1734 r = device_add_property(dev, key, value);
1735 if (r < 0)
1736 return log_rule_error_errno(dev, rules, r,
1737 "Failed to add property %s=%s: %m",
1738 key, value);
1739 }
1740
1741 return token->op == OP_MATCH;
1742 }
1743 case TK_M_IMPORT_PROGRAM: {
1744 _cleanup_strv_free_ char **lines = NULL;
1745 char result[UDEV_LINE_SIZE], **line;
1746
1747 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1748 log_rule_debug(dev, rules, "Importing properties from results of '%s'", buf);
1749
1750 r = udev_event_spawn(event, timeout_usec, timeout_signal, true, buf, result, sizeof result);
1751 if (r != 0) {
1752 if (r < 0)
1753 log_rule_warning_errno(dev, rules, r, "Failed to execute '%s', ignoring: %m", buf);
1754 else /* returned value is positive when program fails */
1755 log_rule_debug(dev, rules, "Command \"%s\" returned %d (error), ignoring", buf, r);
1756 return token->op == OP_NOMATCH;
1757 }
1758
1759 r = strv_split_newlines_full(&lines, result, EXTRACT_RETAIN_ESCAPE);
1760 if (r < 0)
1761 log_rule_warning_errno(dev, rules, r,
1762 "Failed to extract lines from result of command \"%s\", ignoring: %m", buf);
1763
1764 STRV_FOREACH(line, lines) {
1765 char *key, *value;
1766
1767 r = get_property_from_string(*line, &key, &value);
1768 if (r < 0) {
1769 log_rule_debug_errno(dev, rules, r,
1770 "Failed to parse key and value from '%s', ignoring: %m",
1771 *line);
1772 continue;
1773 }
1774 if (r == 0)
1775 continue;
1776
1777 r = device_add_property(dev, key, value);
1778 if (r < 0)
1779 return log_rule_error_errno(dev, rules, r,
1780 "Failed to add property %s=%s: %m",
1781 key, value);
1782 }
1783
1784 return token->op == OP_MATCH;
1785 }
1786 case TK_M_IMPORT_BUILTIN: {
1787 UdevBuiltinCommand cmd = PTR_TO_UDEV_BUILTIN_CMD(token->data);
1788 assert(cmd >= 0 && cmd < _UDEV_BUILTIN_MAX);
1789 unsigned mask = 1U << (int) cmd;
1790
1791 if (udev_builtin_run_once(cmd)) {
1792 /* check if we ran already */
1793 if (event->builtin_run & mask) {
1794 log_rule_debug(dev, rules, "Skipping builtin '%s' in IMPORT key",
1795 udev_builtin_name(cmd));
1796 /* return the result from earlier run */
1797 return token->op == (event->builtin_ret & mask ? OP_NOMATCH : OP_MATCH);
1798 }
1799 /* mark as ran */
1800 event->builtin_run |= mask;
1801 }
1802
1803 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1804 log_rule_debug(dev, rules, "Importing properties from results of builtin command '%s'", buf);
1805
1806 r = udev_builtin_run(dev, cmd, buf, false);
1807 if (r < 0) {
1808 /* remember failure */
1809 log_rule_debug_errno(dev, rules, r, "Failed to run builtin '%s': %m", buf);
1810 event->builtin_ret |= mask;
1811 }
1812 return token->op == (r >= 0 ? OP_MATCH : OP_NOMATCH);
1813 }
1814 case TK_M_IMPORT_DB: {
1815 if (!event->dev_db_clone)
1816 return token->op == OP_NOMATCH;
1817 r = sd_device_get_property_value(event->dev_db_clone, token->value, &val);
1818 if (r == -ENOENT)
1819 return token->op == OP_NOMATCH;
1820 if (r < 0)
1821 return log_rule_error_errno(dev, rules, r,
1822 "Failed to get property '%s' from database: %m",
1823 token->value);
1824
1825 r = device_add_property(dev, token->value, val);
1826 if (r < 0)
1827 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m",
1828 token->value, val);
1829 return token->op == OP_MATCH;
1830 }
1831 case TK_M_IMPORT_CMDLINE: {
1832 _cleanup_free_ char *value = NULL;
1833
1834 r = proc_cmdline_get_key(token->value, PROC_CMDLINE_VALUE_OPTIONAL|PROC_CMDLINE_IGNORE_EFI_OPTIONS, &value);
1835 if (r < 0)
1836 return log_rule_error_errno(dev, rules, r,
1837 "Failed to read '%s' option from /proc/cmdline: %m",
1838 token->value);
1839 if (r == 0)
1840 return token->op == OP_NOMATCH;
1841
1842 r = device_add_property(dev, token->value, value ?: "1");
1843 if (r < 0)
1844 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m",
1845 token->value, value ?: "1");
1846 return token->op == OP_MATCH;
1847 }
1848 case TK_M_IMPORT_PARENT: {
1849 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1850 r = import_parent_into_properties(dev, buf);
1851 if (r < 0)
1852 return log_rule_error_errno(dev, rules, r,
1853 "Failed to import properties '%s' from parent: %m",
1854 buf);
1855 return token->op == (r > 0 ? OP_MATCH : OP_NOMATCH);
1856 }
1857 case TK_M_RESULT:
1858 return token_match_string(token, event->program_result);
1859 case TK_A_OPTIONS_STRING_ESCAPE_NONE:
1860 event->esc = ESCAPE_NONE;
1861 break;
1862 case TK_A_OPTIONS_STRING_ESCAPE_REPLACE:
1863 event->esc = ESCAPE_REPLACE;
1864 break;
1865 case TK_A_OPTIONS_DB_PERSIST:
1866 device_set_db_persist(dev);
1867 break;
1868 case TK_A_OPTIONS_INOTIFY_WATCH:
1869 if (event->inotify_watch_final)
1870 break;
1871 if (token->op == OP_ASSIGN_FINAL)
1872 event->inotify_watch_final = true;
1873
1874 event->inotify_watch = token->data;
1875 break;
1876 case TK_A_OPTIONS_DEVLINK_PRIORITY:
1877 device_set_devlink_priority(dev, PTR_TO_INT(token->data));
1878 break;
1879 case TK_A_OPTIONS_LOG_LEVEL: {
1880 int level = PTR_TO_INT(token->data);
1881
1882 if (level < 0)
1883 level = event->default_log_level;
1884
1885 log_set_max_level(level);
1886
1887 if (level == LOG_DEBUG && !event->log_level_was_debug) {
1888 /* The log level becomes LOG_DEBUG at first time. Let's log basic information. */
1889 log_device_uevent(dev, "The log level is changed to 'debug' while processing device");
1890 event->log_level_was_debug = true;
1891 }
1892
1893 break;
1894 }
1895 case TK_A_OWNER: {
1896 char owner[UDEV_NAME_SIZE];
1897 const char *ow = owner;
1898
1899 if (event->owner_final)
1900 break;
1901 if (token->op == OP_ASSIGN_FINAL)
1902 event->owner_final = true;
1903
1904 (void) udev_event_apply_format(event, token->value, owner, sizeof(owner), false);
1905 r = get_user_creds(&ow, &event->uid, NULL, NULL, NULL, USER_CREDS_ALLOW_MISSING);
1906 if (r < 0)
1907 log_unknown_owner(dev, rules, r, "user", owner);
1908 else
1909 log_rule_debug(dev, rules, "OWNER %s(%u)", owner, event->uid);
1910 break;
1911 }
1912 case TK_A_GROUP: {
1913 char group[UDEV_NAME_SIZE];
1914 const char *gr = group;
1915
1916 if (event->group_final)
1917 break;
1918 if (token->op == OP_ASSIGN_FINAL)
1919 event->group_final = true;
1920
1921 (void) udev_event_apply_format(event, token->value, group, sizeof(group), false);
1922 r = get_group_creds(&gr, &event->gid, USER_CREDS_ALLOW_MISSING);
1923 if (r < 0)
1924 log_unknown_owner(dev, rules, r, "group", group);
1925 else
1926 log_rule_debug(dev, rules, "GROUP %s(%u)", group, event->gid);
1927 break;
1928 }
1929 case TK_A_MODE: {
1930 char mode_str[UDEV_NAME_SIZE];
1931
1932 if (event->mode_final)
1933 break;
1934 if (token->op == OP_ASSIGN_FINAL)
1935 event->mode_final = true;
1936
1937 (void) udev_event_apply_format(event, token->value, mode_str, sizeof(mode_str), false);
1938 r = parse_mode(mode_str, &event->mode);
1939 if (r < 0)
1940 log_rule_error_errno(dev, rules, r, "Failed to parse mode '%s', ignoring: %m", mode_str);
1941 else
1942 log_rule_debug(dev, rules, "MODE %#o", event->mode);
1943 break;
1944 }
1945 case TK_A_OWNER_ID:
1946 if (event->owner_final)
1947 break;
1948 if (token->op == OP_ASSIGN_FINAL)
1949 event->owner_final = true;
1950 if (!token->data)
1951 break;
1952 event->uid = PTR_TO_UID(token->data);
1953 log_rule_debug(dev, rules, "OWNER %u", event->uid);
1954 break;
1955 case TK_A_GROUP_ID:
1956 if (event->group_final)
1957 break;
1958 if (token->op == OP_ASSIGN_FINAL)
1959 event->group_final = true;
1960 if (!token->data)
1961 break;
1962 event->gid = PTR_TO_GID(token->data);
1963 log_rule_debug(dev, rules, "GROUP %u", event->gid);
1964 break;
1965 case TK_A_MODE_ID:
1966 if (event->mode_final)
1967 break;
1968 if (token->op == OP_ASSIGN_FINAL)
1969 event->mode_final = true;
1970 if (!token->data)
1971 break;
1972 event->mode = PTR_TO_MODE(token->data);
1973 log_rule_debug(dev, rules, "MODE %#o", event->mode);
1974 break;
1975 case TK_A_SECLABEL: {
1976 _cleanup_free_ char *name = NULL, *label = NULL;
1977 char label_str[UDEV_LINE_SIZE] = {};
1978
1979 name = strdup(token->data);
1980 if (!name)
1981 return log_oom();
1982
1983 (void) udev_event_apply_format(event, token->value, label_str, sizeof(label_str), false);
1984 if (!isempty(label_str))
1985 label = strdup(label_str);
1986 else
1987 label = strdup(token->value);
1988 if (!label)
1989 return log_oom();
1990
1991 if (token->op == OP_ASSIGN)
1992 ordered_hashmap_clear_free_free(event->seclabel_list);
1993
1994 r = ordered_hashmap_ensure_put(&event->seclabel_list, NULL, name, label);
1995 if (r == -ENOMEM)
1996 return log_oom();
1997 if (r < 0)
1998 return log_rule_error_errno(dev, rules, r, "Failed to store SECLABEL{%s}='%s': %m", name, label);;
1999
2000 log_rule_debug(dev, rules, "SECLABEL{%s}='%s'", name, label);
2001
2002 TAKE_PTR(name);
2003 TAKE_PTR(label);
2004 break;
2005 }
2006 case TK_A_ENV: {
2007 const char *name = token->data;
2008 char value_new[UDEV_NAME_SIZE], *p = value_new;
2009 size_t l = sizeof(value_new);
2010
2011 if (isempty(token->value)) {
2012 if (token->op == OP_ADD)
2013 break;
2014 r = device_add_property(dev, name, NULL);
2015 if (r < 0)
2016 return log_rule_error_errno(dev, rules, r, "Failed to remove property '%s': %m", name);
2017 break;
2018 }
2019
2020 if (token->op == OP_ADD &&
2021 sd_device_get_property_value(dev, name, &val) >= 0)
2022 l = strpcpyl(&p, l, val, " ", NULL);
2023
2024 (void) udev_event_apply_format(event, token->value, p, l, false);
2025
2026 r = device_add_property(dev, name, value_new);
2027 if (r < 0)
2028 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m", name, value_new);
2029 break;
2030 }
2031 case TK_A_TAG: {
2032 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2033 if (token->op == OP_ASSIGN)
2034 device_cleanup_tags(dev);
2035
2036 if (buf[strspn(buf, ALPHANUMERICAL "-_")] != '\0') {
2037 log_rule_error(dev, rules, "Invalid tag name '%s', ignoring", buf);
2038 break;
2039 }
2040 if (token->op == OP_REMOVE)
2041 device_remove_tag(dev, buf);
2042 else {
2043 r = device_add_tag(dev, buf, true);
2044 if (r < 0)
2045 return log_rule_error_errno(dev, rules, r, "Failed to add tag '%s': %m", buf);
2046 }
2047 break;
2048 }
2049 case TK_A_NAME: {
2050 if (event->name_final)
2051 break;
2052 if (token->op == OP_ASSIGN_FINAL)
2053 event->name_final = true;
2054
2055 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2056 if (IN_SET(event->esc, ESCAPE_UNSET, ESCAPE_REPLACE)) {
2057 count = udev_replace_chars(buf, "/");
2058 if (count > 0)
2059 log_rule_debug(dev, rules, "Replaced %zu character(s) from result of NAME=\"%s\"",
2060 count, token->value);
2061 }
2062 if (sd_device_get_devnum(dev, NULL) >= 0 &&
2063 (sd_device_get_devname(dev, &val) < 0 ||
2064 !streq_ptr(buf, path_startswith(val, "/dev/")))) {
2065 log_rule_error(dev, rules,
2066 "Kernel device nodes cannot be renamed, ignoring NAME=\"%s\"; please fix it.",
2067 token->value);
2068 break;
2069 }
2070 r = free_and_strdup_warn(&event->name, buf);
2071 if (r < 0)
2072 return r;
2073
2074 log_rule_debug(dev, rules, "NAME '%s'", event->name);
2075 break;
2076 }
2077 case TK_A_DEVLINK: {
2078 char *p;
2079
2080 if (event->devlink_final)
2081 break;
2082 if (sd_device_get_devnum(dev, NULL) < 0)
2083 break;
2084 if (token->op == OP_ASSIGN_FINAL)
2085 event->devlink_final = true;
2086 if (IN_SET(token->op, OP_ASSIGN, OP_ASSIGN_FINAL))
2087 device_cleanup_devlinks(dev);
2088
2089 /* allow multiple symlinks separated by spaces */
2090 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), event->esc != ESCAPE_NONE);
2091 if (event->esc == ESCAPE_UNSET)
2092 count = udev_replace_chars(buf, "/ ");
2093 else if (event->esc == ESCAPE_REPLACE)
2094 count = udev_replace_chars(buf, "/");
2095 else
2096 count = 0;
2097 if (count > 0)
2098 log_rule_debug(dev, rules, "Replaced %zu character(s) from result of LINK", count);
2099
2100 p = skip_leading_chars(buf, NULL);
2101 while (!isempty(p)) {
2102 char filename[UDEV_PATH_SIZE], *next;
2103
2104 next = strchr(p, ' ');
2105 if (next) {
2106 *next++ = '\0';
2107 next = skip_leading_chars(next, NULL);
2108 }
2109
2110 strscpyl(filename, sizeof(filename), "/dev/", p, NULL);
2111 r = device_add_devlink(dev, filename);
2112 if (r < 0)
2113 return log_rule_error_errno(dev, rules, r, "Failed to add devlink '%s': %m", filename);
2114
2115 log_rule_debug(dev, rules, "LINK '%s'", p);
2116 p = next;
2117 }
2118 break;
2119 }
2120 case TK_A_ATTR: {
2121 const char *key_name = token->data;
2122 char value[UDEV_NAME_SIZE];
2123
2124 if (udev_resolve_subsys_kernel(key_name, buf, sizeof(buf), false) < 0 &&
2125 sd_device_get_syspath(dev, &val) >= 0)
2126 strscpyl(buf, sizeof(buf), val, "/", key_name, NULL);
2127
2128 r = attr_subst_subdir(buf);
2129 if (r < 0) {
2130 log_rule_error_errno(dev, rules, r, "Could not find file matches '%s', ignoring: %m", buf);
2131 break;
2132 }
2133 (void) udev_event_apply_format(event, token->value, value, sizeof(value), false);
2134
2135 log_rule_debug(dev, rules, "ATTR '%s' writing '%s'", buf, value);
2136 r = write_string_file(buf, value,
2137 WRITE_STRING_FILE_VERIFY_ON_FAILURE |
2138 WRITE_STRING_FILE_DISABLE_BUFFER |
2139 WRITE_STRING_FILE_AVOID_NEWLINE |
2140 WRITE_STRING_FILE_VERIFY_IGNORE_NEWLINE);
2141 if (r < 0)
2142 log_rule_error_errno(dev, rules, r, "Failed to write ATTR{%s}, ignoring: %m", buf);
2143 break;
2144 }
2145 case TK_A_SYSCTL: {
2146 char value[UDEV_NAME_SIZE];
2147
2148 (void) udev_event_apply_format(event, token->data, buf, sizeof(buf), false);
2149 (void) udev_event_apply_format(event, token->value, value, sizeof(value), false);
2150 sysctl_normalize(buf);
2151 log_rule_debug(dev, rules, "SYSCTL '%s' writing '%s'", buf, value);
2152 r = sysctl_write(buf, value);
2153 if (r < 0)
2154 log_rule_error_errno(dev, rules, r, "Failed to write SYSCTL{%s}='%s', ignoring: %m", buf, value);
2155 break;
2156 }
2157 case TK_A_RUN_BUILTIN:
2158 case TK_A_RUN_PROGRAM: {
2159 _cleanup_free_ char *cmd = NULL;
2160
2161 if (event->run_final)
2162 break;
2163 if (token->op == OP_ASSIGN_FINAL)
2164 event->run_final = true;
2165
2166 if (IN_SET(token->op, OP_ASSIGN, OP_ASSIGN_FINAL))
2167 ordered_hashmap_clear_free_key(event->run_list);
2168
2169 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2170
2171 cmd = strdup(buf);
2172 if (!cmd)
2173 return log_oom();
2174
2175 r = ordered_hashmap_ensure_put(&event->run_list, NULL, cmd, token->data);
2176 if (r == -ENOMEM)
2177 return log_oom();
2178 if (r < 0)
2179 return log_rule_error_errno(dev, rules, r, "Failed to store command '%s': %m", cmd);
2180
2181 TAKE_PTR(cmd);
2182
2183 log_rule_debug(dev, rules, "RUN '%s'", token->value);
2184 break;
2185 }
2186 case TK_A_OPTIONS_STATIC_NODE:
2187 /* do nothing for events. */
2188 break;
2189 default:
2190 assert_not_reached("Invalid token type");
2191 }
2192
2193 return true;
2194 }
2195
2196 static bool token_is_for_parents(UdevRuleToken *token) {
2197 return token->type >= TK_M_PARENTS_KERNEL && token->type <= TK_M_PARENTS_TAG;
2198 }
2199
2200 static int udev_rule_apply_parent_token_to_event(
2201 UdevRules *rules,
2202 UdevEvent *event,
2203 int timeout_signal) {
2204
2205 UdevRuleLine *line;
2206 UdevRuleToken *head;
2207 int r;
2208
2209 line = rules->current_file->current_line;
2210 head = rules->current_file->current_line->current_token;
2211 event->dev_parent = event->dev;
2212 for (;;) {
2213 LIST_FOREACH(tokens, line->current_token, head) {
2214 if (!token_is_for_parents(line->current_token))
2215 return true; /* All parent tokens match. */
2216 r = udev_rule_apply_token_to_event(rules, event->dev_parent, event, 0, timeout_signal, NULL);
2217 if (r < 0)
2218 return r;
2219 if (r == 0)
2220 break;
2221 }
2222 if (!line->current_token)
2223 /* All parent tokens match. But no assign tokens in the line. Hmm... */
2224 return true;
2225
2226 if (sd_device_get_parent(event->dev_parent, &event->dev_parent) < 0) {
2227 event->dev_parent = NULL;
2228 return false;
2229 }
2230 }
2231 }
2232
2233 static int udev_rule_apply_line_to_event(
2234 UdevRules *rules,
2235 UdevEvent *event,
2236 usec_t timeout_usec,
2237 int timeout_signal,
2238 Hashmap *properties_list,
2239 UdevRuleLine **next_line) {
2240
2241 UdevRuleLine *line = rules->current_file->current_line;
2242 UdevRuleLineType mask = LINE_HAS_GOTO | LINE_UPDATE_SOMETHING;
2243 UdevRuleToken *token, *next_token;
2244 bool parents_done = false;
2245 sd_device_action_t action;
2246 int r;
2247
2248 r = sd_device_get_action(event->dev, &action);
2249 if (r < 0)
2250 return r;
2251
2252 if (action != SD_DEVICE_REMOVE) {
2253 if (sd_device_get_devnum(event->dev, NULL) >= 0)
2254 mask |= LINE_HAS_DEVLINK;
2255
2256 if (sd_device_get_ifindex(event->dev, NULL) >= 0)
2257 mask |= LINE_HAS_NAME;
2258 }
2259
2260 if ((line->type & mask) == 0)
2261 return 0;
2262
2263 event->esc = ESCAPE_UNSET;
2264 LIST_FOREACH_SAFE(tokens, token, next_token, line->tokens) {
2265 line->current_token = token;
2266
2267 if (token_is_for_parents(token)) {
2268 if (parents_done)
2269 continue;
2270
2271 r = udev_rule_apply_parent_token_to_event(rules, event, timeout_signal);
2272 if (r <= 0)
2273 return r;
2274
2275 parents_done = true;
2276 continue;
2277 }
2278
2279 r = udev_rule_apply_token_to_event(rules, event->dev, event, timeout_usec, timeout_signal, properties_list);
2280 if (r <= 0)
2281 return r;
2282 }
2283
2284 if (line->goto_line)
2285 *next_line = line->goto_line;
2286
2287 return 0;
2288 }
2289
2290 int udev_rules_apply_to_event(
2291 UdevRules *rules,
2292 UdevEvent *event,
2293 usec_t timeout_usec,
2294 int timeout_signal,
2295 Hashmap *properties_list) {
2296
2297 UdevRuleFile *file;
2298 UdevRuleLine *next_line;
2299 int r;
2300
2301 assert(rules);
2302 assert(event);
2303
2304 LIST_FOREACH(rule_files, file, rules->rule_files) {
2305 rules->current_file = file;
2306 LIST_FOREACH_SAFE(rule_lines, file->current_line, next_line, file->rule_lines) {
2307 r = udev_rule_apply_line_to_event(rules, event, timeout_usec, timeout_signal, properties_list, &next_line);
2308 if (r < 0)
2309 return r;
2310 }
2311 }
2312
2313 return 0;
2314 }
2315
2316 static int apply_static_dev_perms(const char *devnode, uid_t uid, gid_t gid, mode_t mode, char **tags) {
2317 char device_node[UDEV_PATH_SIZE], tags_dir[UDEV_PATH_SIZE], tag_symlink[UDEV_PATH_SIZE];
2318 _cleanup_free_ char *unescaped_filename = NULL;
2319 struct stat stats;
2320 char **t;
2321 int r;
2322
2323 assert(devnode);
2324
2325 if (uid == UID_INVALID && gid == GID_INVALID && mode == MODE_INVALID && !tags)
2326 return 0;
2327
2328 strscpyl(device_node, sizeof(device_node), "/dev/", devnode, NULL);
2329 if (stat(device_node, &stats) < 0) {
2330 if (errno != ENOENT)
2331 return log_error_errno(errno, "Failed to stat %s: %m", device_node);
2332 return 0;
2333 }
2334
2335 if (!S_ISBLK(stats.st_mode) && !S_ISCHR(stats.st_mode)) {
2336 log_warning("%s is neither block nor character device, ignoring.", device_node);
2337 return 0;
2338 }
2339
2340 if (!strv_isempty(tags)) {
2341 unescaped_filename = xescape(devnode, "/.");
2342 if (!unescaped_filename)
2343 return log_oom();
2344 }
2345
2346 /* export the tags to a directory as symlinks, allowing otherwise dead nodes to be tagged */
2347 STRV_FOREACH(t, tags) {
2348 strscpyl(tags_dir, sizeof(tags_dir), "/run/udev/static_node-tags/", *t, "/", NULL);
2349 r = mkdir_p(tags_dir, 0755);
2350 if (r < 0)
2351 return log_error_errno(r, "Failed to create %s: %m", tags_dir);
2352
2353 strscpyl(tag_symlink, sizeof(tag_symlink), tags_dir, unescaped_filename, NULL);
2354 r = symlink(device_node, tag_symlink);
2355 if (r < 0 && errno != EEXIST)
2356 return log_error_errno(errno, "Failed to create symlink %s -> %s: %m",
2357 tag_symlink, device_node);
2358 }
2359
2360 /* don't touch the permissions if only the tags were set */
2361 if (uid == UID_INVALID && gid == GID_INVALID && mode == MODE_INVALID)
2362 return 0;
2363
2364 if (mode == MODE_INVALID)
2365 mode = gid_is_valid(gid) ? 0660 : 0600;
2366 if (!uid_is_valid(uid))
2367 uid = 0;
2368 if (!gid_is_valid(gid))
2369 gid = 0;
2370
2371 r = chmod_and_chown(device_node, mode, uid, gid);
2372 if (r == -ENOENT)
2373 return 0;
2374 if (r < 0)
2375 return log_error_errno(r, "Failed to chown '%s' %u %u: %m", device_node, uid, gid);
2376 else
2377 log_debug("chown '%s' %u:%u with mode %#o", device_node, uid, gid, mode);
2378
2379 (void) utimensat(AT_FDCWD, device_node, NULL, 0);
2380 return 0;
2381 }
2382
2383 static int udev_rule_line_apply_static_dev_perms(UdevRuleLine *rule_line) {
2384 UdevRuleToken *token;
2385 _cleanup_strv_free_ char **tags = NULL;
2386 uid_t uid = UID_INVALID;
2387 gid_t gid = GID_INVALID;
2388 mode_t mode = MODE_INVALID;
2389 int r;
2390
2391 assert(rule_line);
2392
2393 if (!FLAGS_SET(rule_line->type, LINE_HAS_STATIC_NODE))
2394 return 0;
2395
2396 LIST_FOREACH(tokens, token, rule_line->tokens)
2397 if (token->type == TK_A_OWNER_ID)
2398 uid = PTR_TO_UID(token->data);
2399 else if (token->type == TK_A_GROUP_ID)
2400 gid = PTR_TO_GID(token->data);
2401 else if (token->type == TK_A_MODE_ID)
2402 mode = PTR_TO_MODE(token->data);
2403 else if (token->type == TK_A_TAG) {
2404 r = strv_extend(&tags, token->value);
2405 if (r < 0)
2406 return log_oom();
2407 } else if (token->type == TK_A_OPTIONS_STATIC_NODE) {
2408 r = apply_static_dev_perms(token->value, uid, gid, mode, tags);
2409 if (r < 0)
2410 return r;
2411 }
2412
2413 return 0;
2414 }
2415
2416 int udev_rules_apply_static_dev_perms(UdevRules *rules) {
2417 UdevRuleFile *file;
2418 UdevRuleLine *line;
2419 int r;
2420
2421 assert(rules);
2422
2423 LIST_FOREACH(rule_files, file, rules->rule_files)
2424 LIST_FOREACH(rule_lines, line, file->rule_lines) {
2425 r = udev_rule_line_apply_static_dev_perms(line);
2426 if (r < 0)
2427 return r;
2428 }
2429
2430 return 0;
2431 }
Unnamed repository; edit this file 'description' to name the repository.