]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/udev/udev-rules.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tree-wide: use -EINVAL for enum invalid values
[thirdparty/systemd.git] / src / udev / udev-rules.c
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2
3 #include <ctype.h>
4
5 #include "alloc-util.h"
6 #include "architecture.h"
7 #include "conf-files.h"
8 #include "def.h"
9 #include "device-util.h"
10 #include "dirent-util.h"
11 #include "escape.h"
12 #include "fd-util.h"
13 #include "fileio.h"
14 #include "format-util.h"
15 #include "fs-util.h"
16 #include "glob-util.h"
17 #include "list.h"
18 #include "mkdir.h"
19 #include "nulstr-util.h"
20 #include "parse-util.h"
21 #include "path-util.h"
22 #include "proc-cmdline.h"
23 #include "stat-util.h"
24 #include "strv.h"
25 #include "strxcpyx.h"
26 #include "sysctl-util.h"
27 #include "syslog-util.h"
28 #include "udev-builtin.h"
29 #include "udev-event.h"
30 #include "udev-rules.h"
31 #include "user-util.h"
32 #include "virt.h"
33
34 #define RULES_DIRS (const char* const*) CONF_PATHS_STRV("udev/rules.d")
35
36 typedef enum {
37 OP_MATCH, /* == */
38 OP_NOMATCH, /* != */
39 OP_ADD, /* += */
40 OP_REMOVE, /* -= */
41 OP_ASSIGN, /* = */
42 OP_ASSIGN_FINAL, /* := */
43 _OP_TYPE_MAX,
44 _OP_TYPE_INVALID = -EINVAL,
45 } UdevRuleOperatorType;
46
47 typedef enum {
48 MATCH_TYPE_EMPTY, /* empty string */
49 MATCH_TYPE_PLAIN, /* no special characters */
50 MATCH_TYPE_PLAIN_WITH_EMPTY, /* no special characters with empty string, e.g., "|foo" */
51 MATCH_TYPE_GLOB, /* shell globs ?,*,[] */
52 MATCH_TYPE_GLOB_WITH_EMPTY, /* shell globs ?,*,[] with empty string, e.g., "|foo*" */
53 MATCH_TYPE_SUBSYSTEM, /* "subsystem", "bus", or "class" */
54 _MATCH_TYPE_MAX,
55 _MATCH_TYPE_INVALID = -EINVAL,
56 } UdevRuleMatchType;
57
58 typedef enum {
59 SUBST_TYPE_PLAIN, /* no substitution */
60 SUBST_TYPE_FORMAT, /* % or $ */
61 SUBST_TYPE_SUBSYS, /* "[<SUBSYSTEM>/<KERNEL>]<attribute>" format */
62 _SUBST_TYPE_MAX,
63 _SUBST_TYPE_INVALID = -EINVAL,
64 } UdevRuleSubstituteType;
65
66 typedef enum {
67 /* lvalues which take match or nomatch operator */
68 TK_M_ACTION, /* string, device_get_action() */
69 TK_M_DEVPATH, /* path, sd_device_get_devpath() */
70 TK_M_KERNEL, /* string, sd_device_get_sysname() */
71 TK_M_DEVLINK, /* strv, sd_device_get_devlink_first(), sd_device_get_devlink_next() */
72 TK_M_NAME, /* string, name of network interface */
73 TK_M_ENV, /* string, device property, takes key through attribute */
74 TK_M_CONST, /* string, system-specific hard-coded constant */
75 TK_M_TAG, /* strv, sd_device_get_tag_first(), sd_device_get_tag_next() */
76 TK_M_SUBSYSTEM, /* string, sd_device_get_subsystem() */
77 TK_M_DRIVER, /* string, sd_device_get_driver() */
78 TK_M_ATTR, /* string, takes filename through attribute, sd_device_get_sysattr_value(), udev_resolve_subsys_kernel(), etc. */
79 TK_M_SYSCTL, /* string, takes kernel parameter through attribute */
80
81 /* matches parent parameters */
82 TK_M_PARENTS_KERNEL, /* string */
83 TK_M_PARENTS_SUBSYSTEM, /* string */
84 TK_M_PARENTS_DRIVER, /* string */
85 TK_M_PARENTS_ATTR, /* string */
86 TK_M_PARENTS_TAG, /* strv */
87
88 TK_M_TEST, /* path, optionally mode_t can be specified by attribute, test the existence of a file */
89 TK_M_PROGRAM, /* string, execute a program */
90 TK_M_IMPORT_FILE, /* path */
91 TK_M_IMPORT_PROGRAM, /* string, import properties from the result of program */
92 TK_M_IMPORT_BUILTIN, /* string, import properties from the result of built-in command */
93 TK_M_IMPORT_DB, /* string, import properties from database */
94 TK_M_IMPORT_CMDLINE, /* string, kernel command line */
95 TK_M_IMPORT_PARENT, /* string, parent property */
96 TK_M_RESULT, /* string, result of TK_M_PROGRAM */
97
98 #define _TK_M_MAX (TK_M_RESULT + 1)
99 #define _TK_A_MIN _TK_M_MAX
100
101 /* lvalues which take one of assign operators */
102 TK_A_OPTIONS_STRING_ESCAPE_NONE, /* no argument */
103 TK_A_OPTIONS_STRING_ESCAPE_REPLACE, /* no argument */
104 TK_A_OPTIONS_DB_PERSIST, /* no argument */
105 TK_A_OPTIONS_INOTIFY_WATCH, /* boolean */
106 TK_A_OPTIONS_DEVLINK_PRIORITY, /* int */
107 TK_A_OPTIONS_LOG_LEVEL, /* string of log level or "reset" */
108 TK_A_OWNER, /* user name */
109 TK_A_GROUP, /* group name */
110 TK_A_MODE, /* mode string */
111 TK_A_OWNER_ID, /* uid_t */
112 TK_A_GROUP_ID, /* gid_t */
113 TK_A_MODE_ID, /* mode_t */
114 TK_A_TAG, /* string */
115 TK_A_OPTIONS_STATIC_NODE, /* device path, /dev/... */
116 TK_A_SECLABEL, /* string with attribute */
117 TK_A_ENV, /* string with attribute */
118 TK_A_NAME, /* ifname */
119 TK_A_DEVLINK, /* string */
120 TK_A_ATTR, /* string with attribute */
121 TK_A_SYSCTL, /* string with attribute */
122 TK_A_RUN_BUILTIN, /* string */
123 TK_A_RUN_PROGRAM, /* string */
124
125 _TK_TYPE_MAX,
126 _TK_TYPE_INVALID = -EINVAL,
127 } UdevRuleTokenType;
128
129 typedef enum {
130 LINE_HAS_NAME = 1 << 0, /* has NAME= */
131 LINE_HAS_DEVLINK = 1 << 1, /* has SYMLINK=, OWNER=, GROUP= or MODE= */
132 LINE_HAS_STATIC_NODE = 1 << 2, /* has OPTIONS=static_node */
133 LINE_HAS_GOTO = 1 << 3, /* has GOTO= */
134 LINE_HAS_LABEL = 1 << 4, /* has LABEL= */
135 LINE_UPDATE_SOMETHING = 1 << 5, /* has other TK_A_* or TK_M_IMPORT tokens */
136 } UdevRuleLineType;
137
138 typedef struct UdevRuleFile UdevRuleFile;
139 typedef struct UdevRuleLine UdevRuleLine;
140 typedef struct UdevRuleToken UdevRuleToken;
141
142 struct UdevRuleToken {
143 UdevRuleTokenType type:8;
144 UdevRuleOperatorType op:8;
145 UdevRuleMatchType match_type:8;
146 UdevRuleSubstituteType attr_subst_type:7;
147 bool attr_match_remove_trailing_whitespace:1;
148 const char *value;
149 void *data;
150 LIST_FIELDS(UdevRuleToken, tokens);
151 };
152
153 struct UdevRuleLine {
154 char *line;
155 unsigned line_number;
156 UdevRuleLineType type;
157
158 const char *label;
159 const char *goto_label;
160 UdevRuleLine *goto_line;
161
162 UdevRuleFile *rule_file;
163 UdevRuleToken *current_token;
164 LIST_HEAD(UdevRuleToken, tokens);
165 LIST_FIELDS(UdevRuleLine, rule_lines);
166 };
167
168 struct UdevRuleFile {
169 char *filename;
170 UdevRuleLine *current_line;
171 LIST_HEAD(UdevRuleLine, rule_lines);
172 LIST_FIELDS(UdevRuleFile, rule_files);
173 };
174
175 struct UdevRules {
176 usec_t dirs_ts_usec;
177 ResolveNameTiming resolve_name_timing;
178 Hashmap *known_users;
179 Hashmap *known_groups;
180 UdevRuleFile *current_file;
181 LIST_HEAD(UdevRuleFile, rule_files);
182 };
183
184 /*** Logging helpers ***/
185
186 #define log_rule_full_errno(device, rules, level, error, fmt, ...) \
187 ({ \
188 UdevRules *_r = (rules); \
189 UdevRuleFile *_f = _r ? _r->current_file : NULL; \
190 UdevRuleLine *_l = _f ? _f->current_line : NULL; \
191 const char *_n = _f ? _f->filename : NULL; \
192 \
193 log_device_full_errno(device, level, error, "%s:%u " fmt, \
194 strna(_n), _l ? _l->line_number : 0, \
195 ##__VA_ARGS__); \
196 })
197
198 #define log_rule_full(device, rules, level, ...) (void) log_rule_full_errno(device, rules, level, 0, __VA_ARGS__)
199
200 #define log_rule_debug(device, rules, ...) log_rule_full_errno(device, rules, LOG_DEBUG, 0, __VA_ARGS__)
201 #define log_rule_info(device, rules, ...) log_rule_full(device, rules, LOG_INFO, __VA_ARGS__)
202 #define log_rule_notice(device, rules, ...) log_rule_full(device, rules, LOG_NOTICE, __VA_ARGS__)
203 #define log_rule_warning(device, rules, ...) log_rule_full(device, rules, LOG_WARNING, __VA_ARGS__)
204 #define log_rule_error(device, rules, ...) log_rule_full(device, rules, LOG_ERR, __VA_ARGS__)
205
206 #define log_rule_debug_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_DEBUG, error, __VA_ARGS__)
207 #define log_rule_info_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_INFO, error, __VA_ARGS__)
208 #define log_rule_notice_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_NOTICE, error, __VA_ARGS__)
209 #define log_rule_warning_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_WARNING, error, __VA_ARGS__)
210 #define log_rule_error_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_ERR, error, __VA_ARGS__)
211
212 #define log_token_full_errno(rules, level, error, ...) log_rule_full_errno(NULL, rules, level, error, __VA_ARGS__)
213 #define log_token_full(rules, level, ...) (void) log_token_full_errno(rules, level, 0, __VA_ARGS__)
214
215 #define log_token_debug(rules, ...) log_token_full_errno(rules, LOG_DEBUG, 0, __VA_ARGS__)
216 #define log_token_info(rules, ...) log_token_full(rules, LOG_INFO, __VA_ARGS__)
217 #define log_token_notice(rules, ...) log_token_full(rules, LOG_NOTICE, __VA_ARGS__)
218 #define log_token_warning(rules, ...) log_token_full(rules, LOG_WARNING, __VA_ARGS__)
219 #define log_token_error(rules, ...) log_token_full(rules, LOG_ERR, __VA_ARGS__)
220
221 #define log_token_debug_errno(rules, error, ...) log_token_full_errno(rules, LOG_DEBUG, error, __VA_ARGS__)
222 #define log_token_info_errno(rules, error, ...) log_token_full_errno(rules, LOG_INFO, error, __VA_ARGS__)
223 #define log_token_notice_errno(rules, error, ...) log_token_full_errno(rules, LOG_NOTICE, error, __VA_ARGS__)
224 #define log_token_warning_errno(rules, error, ...) log_token_full_errno(rules, LOG_WARNING, error, __VA_ARGS__)
225 #define log_token_error_errno(rules, error, ...) log_token_full_errno(rules, LOG_ERR, error, __VA_ARGS__)
226
227 #define _log_token_invalid(rules, key, type) \
228 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
229 "Invalid %s for %s.", type, key)
230
231 #define log_token_invalid_op(rules, key) _log_token_invalid(rules, key, "operator")
232 #define log_token_invalid_attr(rules, key) _log_token_invalid(rules, key, "attribute")
233
234 #define log_token_invalid_attr_format(rules, key, attr, offset, hint) \
235 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
236 "Invalid attribute \"%s\" for %s (char %zu: %s), ignoring, but please fix it.", \
237 attr, key, offset, hint)
238 #define log_token_invalid_value(rules, key, value, offset, hint) \
239 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
240 "Invalid value \"%s\" for %s (char %zu: %s), ignoring, but please fix it.", \
241 value, key, offset, hint)
242
243 static void log_unknown_owner(sd_device *dev, UdevRules *rules, int error, const char *entity, const char *name) {
244 if (IN_SET(abs(error), ENOENT, ESRCH))
245 log_rule_error(dev, rules, "Unknown %s '%s', ignoring", entity, name);
246 else
247 log_rule_error_errno(dev, rules, error, "Failed to resolve %s '%s', ignoring: %m", entity, name);
248 }
249
250 /*** Other functions ***/
251
252 static void udev_rule_token_free(UdevRuleToken *token) {
253 free(token);
254 }
255
256 static void udev_rule_line_clear_tokens(UdevRuleLine *rule_line) {
257 UdevRuleToken *i, *next;
258
259 assert(rule_line);
260
261 LIST_FOREACH_SAFE(tokens, i, next, rule_line->tokens)
262 udev_rule_token_free(i);
263
264 rule_line->tokens = NULL;
265 }
266
267 static void udev_rule_line_free(UdevRuleLine *rule_line) {
268 if (!rule_line)
269 return;
270
271 udev_rule_line_clear_tokens(rule_line);
272
273 if (rule_line->rule_file) {
274 if (rule_line->rule_file->current_line == rule_line)
275 rule_line->rule_file->current_line = rule_line->rule_lines_prev;
276
277 LIST_REMOVE(rule_lines, rule_line->rule_file->rule_lines, rule_line);
278 }
279
280 free(rule_line->line);
281 free(rule_line);
282 }
283
284 DEFINE_TRIVIAL_CLEANUP_FUNC(UdevRuleLine*, udev_rule_line_free);
285
286 static void udev_rule_file_free(UdevRuleFile *rule_file) {
287 UdevRuleLine *i, *next;
288
289 if (!rule_file)
290 return;
291
292 LIST_FOREACH_SAFE(rule_lines, i, next, rule_file->rule_lines)
293 udev_rule_line_free(i);
294
295 free(rule_file->filename);
296 free(rule_file);
297 }
298
299 UdevRules *udev_rules_free(UdevRules *rules) {
300 UdevRuleFile *i, *next;
301
302 if (!rules)
303 return NULL;
304
305 LIST_FOREACH_SAFE(rule_files, i, next, rules->rule_files)
306 udev_rule_file_free(i);
307
308 hashmap_free_free_key(rules->known_users);
309 hashmap_free_free_key(rules->known_groups);
310 return mfree(rules);
311 }
312
313 static int rule_resolve_user(UdevRules *rules, const char *name, uid_t *ret) {
314 _cleanup_free_ char *n = NULL;
315 uid_t uid;
316 void *val;
317 int r;
318
319 assert(rules);
320 assert(name);
321
322 val = hashmap_get(rules->known_users, name);
323 if (val) {
324 *ret = PTR_TO_UID(val);
325 return 0;
326 }
327
328 r = get_user_creds(&name, &uid, NULL, NULL, NULL, USER_CREDS_ALLOW_MISSING);
329 if (r < 0) {
330 log_unknown_owner(NULL, rules, r, "user", name);
331 *ret = UID_INVALID;
332 return 0;
333 }
334
335 n = strdup(name);
336 if (!n)
337 return -ENOMEM;
338
339 r = hashmap_ensure_put(&rules->known_users, &string_hash_ops, n, UID_TO_PTR(uid));
340 if (r < 0)
341 return r;
342
343 TAKE_PTR(n);
344 *ret = uid;
345 return 0;
346 }
347
348 static int rule_resolve_group(UdevRules *rules, const char *name, gid_t *ret) {
349 _cleanup_free_ char *n = NULL;
350 gid_t gid;
351 void *val;
352 int r;
353
354 assert(rules);
355 assert(name);
356
357 val = hashmap_get(rules->known_groups, name);
358 if (val) {
359 *ret = PTR_TO_GID(val);
360 return 0;
361 }
362
363 r = get_group_creds(&name, &gid, USER_CREDS_ALLOW_MISSING);
364 if (r < 0) {
365 log_unknown_owner(NULL, rules, r, "group", name);
366 *ret = GID_INVALID;
367 return 0;
368 }
369
370 n = strdup(name);
371 if (!n)
372 return -ENOMEM;
373
374 r = hashmap_ensure_put(&rules->known_groups, &string_hash_ops, n, GID_TO_PTR(gid));
375 if (r < 0)
376 return r;
377
378 TAKE_PTR(n);
379 *ret = gid;
380 return 0;
381 }
382
383 static UdevRuleSubstituteType rule_get_substitution_type(const char *str) {
384 assert(str);
385
386 if (str[0] == '[')
387 return SUBST_TYPE_SUBSYS;
388 if (strchr(str, '%') || strchr(str, '$'))
389 return SUBST_TYPE_FORMAT;
390 return SUBST_TYPE_PLAIN;
391 }
392
393 static void rule_line_append_token(UdevRuleLine *rule_line, UdevRuleToken *token) {
394 assert(rule_line);
395 assert(token);
396
397 if (rule_line->current_token)
398 LIST_APPEND(tokens, rule_line->current_token, token);
399 else
400 LIST_APPEND(tokens, rule_line->tokens, token);
401
402 rule_line->current_token = token;
403 }
404
405 static int rule_line_add_token(UdevRuleLine *rule_line, UdevRuleTokenType type, UdevRuleOperatorType op, char *value, void *data) {
406 UdevRuleToken *token;
407 UdevRuleMatchType match_type = _MATCH_TYPE_INVALID;
408 UdevRuleSubstituteType subst_type = _SUBST_TYPE_INVALID;
409 bool remove_trailing_whitespace = false;
410 size_t len;
411
412 assert(rule_line);
413 assert(type >= 0 && type < _TK_TYPE_MAX);
414 assert(op >= 0 && op < _OP_TYPE_MAX);
415
416 if (type < _TK_M_MAX) {
417 assert(value);
418 assert(IN_SET(op, OP_MATCH, OP_NOMATCH));
419
420 if (type == TK_M_SUBSYSTEM && STR_IN_SET(value, "subsystem", "bus", "class"))
421 match_type = MATCH_TYPE_SUBSYSTEM;
422 else if (isempty(value))
423 match_type = MATCH_TYPE_EMPTY;
424 else if (streq(value, "?*")) {
425 /* Convert KEY=="?*" -> KEY!="" */
426 match_type = MATCH_TYPE_EMPTY;
427 op = op == OP_MATCH ? OP_NOMATCH : OP_MATCH;
428 } else if (string_is_glob(value))
429 match_type = MATCH_TYPE_GLOB;
430 else
431 match_type = MATCH_TYPE_PLAIN;
432
433 if (type < TK_M_TEST || type == TK_M_RESULT) {
434 /* Convert value string to nulstr. */
435 bool bar = true, empty = false;
436 char *a, *b;
437
438 for (a = b = value; *a != '\0'; a++) {
439 if (*a != '|') {
440 *b++ = *a;
441 bar = false;
442 } else {
443 if (bar)
444 empty = true;
445 else
446 *b++ = '\0';
447 bar = true;
448 }
449 }
450 *b = '\0';
451
452 /* Make sure the value is end, so NULSTR_FOREACH can read correct match */
453 if (b < a)
454 b[1] = '\0';
455
456 if (bar)
457 empty = true;
458
459 if (empty) {
460 if (match_type == MATCH_TYPE_GLOB)
461 match_type = MATCH_TYPE_GLOB_WITH_EMPTY;
462 if (match_type == MATCH_TYPE_PLAIN)
463 match_type = MATCH_TYPE_PLAIN_WITH_EMPTY;
464 }
465 }
466 }
467
468 if (IN_SET(type, TK_M_ATTR, TK_M_PARENTS_ATTR)) {
469 assert(value);
470 assert(data);
471
472 len = strlen(value);
473 if (len > 0 && !isspace(value[len - 1]))
474 remove_trailing_whitespace = true;
475
476 subst_type = rule_get_substitution_type(data);
477 }
478
479 token = new(UdevRuleToken, 1);
480 if (!token)
481 return -ENOMEM;
482
483 *token = (UdevRuleToken) {
484 .type = type,
485 .op = op,
486 .value = value,
487 .data = data,
488 .match_type = match_type,
489 .attr_subst_type = subst_type,
490 .attr_match_remove_trailing_whitespace = remove_trailing_whitespace,
491 };
492
493 rule_line_append_token(rule_line, token);
494
495 if (token->type == TK_A_NAME)
496 SET_FLAG(rule_line->type, LINE_HAS_NAME, true);
497
498 else if (IN_SET(token->type, TK_A_DEVLINK,
499 TK_A_OWNER, TK_A_GROUP, TK_A_MODE,
500 TK_A_OWNER_ID, TK_A_GROUP_ID, TK_A_MODE_ID))
501 SET_FLAG(rule_line->type, LINE_HAS_DEVLINK, true);
502
503 else if (token->type == TK_A_OPTIONS_STATIC_NODE)
504 SET_FLAG(rule_line->type, LINE_HAS_STATIC_NODE, true);
505
506 else if (token->type >= _TK_A_MIN ||
507 IN_SET(token->type, TK_M_PROGRAM,
508 TK_M_IMPORT_FILE, TK_M_IMPORT_PROGRAM, TK_M_IMPORT_BUILTIN,
509 TK_M_IMPORT_DB, TK_M_IMPORT_CMDLINE, TK_M_IMPORT_PARENT))
510 SET_FLAG(rule_line->type, LINE_UPDATE_SOMETHING, true);
511
512 return 0;
513 }
514
515 static void check_value_format_and_warn(UdevRules *rules, const char *key, const char *value, bool nonempty) {
516 size_t offset;
517 const char *hint;
518
519 if (nonempty && isempty(value))
520 log_token_invalid_value(rules, key, value, (size_t) 0, "empty value");
521 else if (udev_check_format(value, &offset, &hint) < 0)
522 log_token_invalid_value(rules, key, value, offset + 1, hint);
523 }
524
525 static int check_attr_format_and_warn(UdevRules *rules, const char *key, const char *value) {
526 size_t offset;
527 const char *hint;
528
529 if (isempty(value))
530 return log_token_invalid_attr(rules, key);
531 if (udev_check_format(value, &offset, &hint) < 0)
532 log_token_invalid_attr_format(rules, key, value, offset + 1, hint);
533 return 0;
534 }
535
536 static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOperatorType op, char *value) {
537 bool is_match = IN_SET(op, OP_MATCH, OP_NOMATCH);
538 UdevRuleLine *rule_line;
539 int r;
540
541 assert(rules);
542 assert(rules->current_file);
543 assert(rules->current_file->current_line);
544 assert(key);
545 assert(value);
546
547 rule_line = rules->current_file->current_line;
548
549 if (streq(key, "ACTION")) {
550 if (attr)
551 return log_token_invalid_attr(rules, key);
552 if (!is_match)
553 return log_token_invalid_op(rules, key);
554
555 r = rule_line_add_token(rule_line, TK_M_ACTION, op, value, NULL);
556 } else if (streq(key, "DEVPATH")) {
557 if (attr)
558 return log_token_invalid_attr(rules, key);
559 if (!is_match)
560 return log_token_invalid_op(rules, key);
561
562 r = rule_line_add_token(rule_line, TK_M_DEVPATH, op, value, NULL);
563 } else if (streq(key, "KERNEL")) {
564 if (attr)
565 return log_token_invalid_attr(rules, key);
566 if (!is_match)
567 return log_token_invalid_op(rules, key);
568
569 r = rule_line_add_token(rule_line, TK_M_KERNEL, op, value, NULL);
570 } else if (streq(key, "SYMLINK")) {
571 if (attr)
572 return log_token_invalid_attr(rules, key);
573 if (op == OP_REMOVE)
574 return log_token_invalid_op(rules, key);
575
576 if (!is_match) {
577 check_value_format_and_warn(rules, key, value, false);
578 r = rule_line_add_token(rule_line, TK_A_DEVLINK, op, value, NULL);
579 } else
580 r = rule_line_add_token(rule_line, TK_M_DEVLINK, op, value, NULL);
581 } else if (streq(key, "NAME")) {
582 if (attr)
583 return log_token_invalid_attr(rules, key);
584 if (op == OP_REMOVE)
585 return log_token_invalid_op(rules, key);
586 if (op == OP_ADD) {
587 log_token_warning(rules, "%s key takes '==', '!=', '=', or ':=' operator, assuming '=', but please fix it.", key);
588 op = OP_ASSIGN;
589 }
590
591 if (!is_match) {
592 if (streq(value, "%k"))
593 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
594 "NAME=\"%%k\" is ignored, as it breaks kernel supplied names.");
595 if (isempty(value))
596 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
597 "Ignoring NAME=\"\", as udev will not delete any device nodes.");
598 check_value_format_and_warn(rules, key, value, false);
599
600 r = rule_line_add_token(rule_line, TK_A_NAME, op, value, NULL);
601 } else
602 r = rule_line_add_token(rule_line, TK_M_NAME, op, value, NULL);
603 } else if (streq(key, "ENV")) {
604 if (isempty(attr))
605 return log_token_invalid_attr(rules, key);
606 if (op == OP_REMOVE)
607 return log_token_invalid_op(rules, key);
608 if (op == OP_ASSIGN_FINAL) {
609 log_token_warning(rules, "%s key takes '==', '!=', '=', or '+=' operator, assuming '=', but please fix it.", key);
610 op = OP_ASSIGN;
611 }
612
613 if (!is_match) {
614 if (STR_IN_SET(attr,
615 "ACTION", "DEVLINKS", "DEVNAME", "DEVPATH", "DEVTYPE", "DRIVER",
616 "IFINDEX", "MAJOR", "MINOR", "SEQNUM", "SUBSYSTEM", "TAGS"))
617 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
618 "Invalid ENV attribute. '%s' cannot be set.", attr);
619
620 check_value_format_and_warn(rules, key, value, false);
621
622 r = rule_line_add_token(rule_line, TK_A_ENV, op, value, attr);
623 } else
624 r = rule_line_add_token(rule_line, TK_M_ENV, op, value, attr);
625 } else if (streq(key, "CONST")) {
626 if (isempty(attr) || !STR_IN_SET(attr, "arch", "virt"))
627 return log_token_invalid_attr(rules, key);
628 if (!is_match)
629 return log_token_invalid_op(rules, key);
630 r = rule_line_add_token(rule_line, TK_M_CONST, op, value, attr);
631 } else if (streq(key, "TAG")) {
632 if (attr)
633 return log_token_invalid_attr(rules, key);
634 if (op == OP_ASSIGN_FINAL) {
635 log_token_warning(rules, "%s key takes '==', '!=', '=', or '+=' operator, assuming '=', but please fix it.", key);
636 op = OP_ASSIGN;
637 }
638
639 if (!is_match) {
640 check_value_format_and_warn(rules, key, value, true);
641
642 r = rule_line_add_token(rule_line, TK_A_TAG, op, value, NULL);
643 } else
644 r = rule_line_add_token(rule_line, TK_M_TAG, op, value, NULL);
645 } else if (streq(key, "SUBSYSTEM")) {
646 if (attr)
647 return log_token_invalid_attr(rules, key);
648 if (!is_match)
649 return log_token_invalid_op(rules, key);
650
651 if (STR_IN_SET(value, "bus", "class"))
652 log_token_warning(rules, "'%s' must be specified as 'subsystem'; please fix it", value);
653
654 r = rule_line_add_token(rule_line, TK_M_SUBSYSTEM, op, value, NULL);
655 } else if (streq(key, "DRIVER")) {
656 if (attr)
657 return log_token_invalid_attr(rules, key);
658 if (!is_match)
659 return log_token_invalid_op(rules, key);
660
661 r = rule_line_add_token(rule_line, TK_M_DRIVER, op, value, NULL);
662 } else if (streq(key, "ATTR")) {
663 r = check_attr_format_and_warn(rules, key, attr);
664 if (r < 0)
665 return r;
666 if (op == OP_REMOVE)
667 return log_token_invalid_op(rules, key);
668 if (IN_SET(op, OP_ADD, OP_ASSIGN_FINAL)) {
669 log_token_warning(rules, "%s key takes '==', '!=', or '=' operator, assuming '=', but please fix it.", key);
670 op = OP_ASSIGN;
671 }
672
673 if (!is_match) {
674 check_value_format_and_warn(rules, key, value, false);
675 r = rule_line_add_token(rule_line, TK_A_ATTR, op, value, attr);
676 } else
677 r = rule_line_add_token(rule_line, TK_M_ATTR, op, value, attr);
678 } else if (streq(key, "SYSCTL")) {
679 r = check_attr_format_and_warn(rules, key, attr);
680 if (r < 0)
681 return r;
682 if (op == OP_REMOVE)
683 return log_token_invalid_op(rules, key);
684 if (IN_SET(op, OP_ADD, OP_ASSIGN_FINAL)) {
685 log_token_warning(rules, "%s key takes '==', '!=', or '=' operator, assuming '=', but please fix it.", key);
686 op = OP_ASSIGN;
687 }
688
689 if (!is_match) {
690 check_value_format_and_warn(rules, key, value, false);
691 r = rule_line_add_token(rule_line, TK_A_SYSCTL, op, value, attr);
692 } else
693 r = rule_line_add_token(rule_line, TK_M_SYSCTL, op, value, attr);
694 } else if (streq(key, "KERNELS")) {
695 if (attr)
696 return log_token_invalid_attr(rules, key);
697 if (!is_match)
698 return log_token_invalid_op(rules, key);
699
700 r = rule_line_add_token(rule_line, TK_M_PARENTS_KERNEL, op, value, NULL);
701 } else if (streq(key, "SUBSYSTEMS")) {
702 if (attr)
703 return log_token_invalid_attr(rules, key);
704 if (!is_match)
705 return log_token_invalid_op(rules, key);
706
707 r = rule_line_add_token(rule_line, TK_M_PARENTS_SUBSYSTEM, op, value, NULL);
708 } else if (streq(key, "DRIVERS")) {
709 if (attr)
710 return log_token_invalid_attr(rules, key);
711 if (!is_match)
712 return log_token_invalid_op(rules, key);
713
714 r = rule_line_add_token(rule_line, TK_M_PARENTS_DRIVER, op, value, NULL);
715 } else if (streq(key, "ATTRS")) {
716 r = check_attr_format_and_warn(rules, key, attr);
717 if (r < 0)
718 return r;
719 if (!is_match)
720 return log_token_invalid_op(rules, key);
721
722 if (startswith(attr, "device/"))
723 log_token_warning(rules, "'device' link may not be available in future kernels; please fix it.");
724 if (strstr(attr, "../"))
725 log_token_warning(rules, "Direct reference to parent sysfs directory, may break in future kernels; please fix it.");
726
727 r = rule_line_add_token(rule_line, TK_M_PARENTS_ATTR, op, value, attr);
728 } else if (streq(key, "TAGS")) {
729 if (attr)
730 return log_token_invalid_attr(rules, key);
731 if (!is_match)
732 return log_token_invalid_op(rules, key);
733
734 r = rule_line_add_token(rule_line, TK_M_PARENTS_TAG, op, value, NULL);
735 } else if (streq(key, "TEST")) {
736 mode_t mode = MODE_INVALID;
737
738 if (!isempty(attr)) {
739 r = parse_mode(attr, &mode);
740 if (r < 0)
741 return log_token_error_errno(rules, r, "Failed to parse mode '%s': %m", attr);
742 }
743 check_value_format_and_warn(rules, key, value, true);
744 if (!is_match)
745 return log_token_invalid_op(rules, key);
746
747 r = rule_line_add_token(rule_line, TK_M_TEST, op, value, MODE_TO_PTR(mode));
748 } else if (streq(key, "PROGRAM")) {
749 if (attr)
750 return log_token_invalid_attr(rules, key);
751 check_value_format_and_warn(rules, key, value, true);
752 if (op == OP_REMOVE)
753 return log_token_invalid_op(rules, key);
754 if (!is_match)
755 op = OP_MATCH;
756
757 r = rule_line_add_token(rule_line, TK_M_PROGRAM, op, value, NULL);
758 } else if (streq(key, "IMPORT")) {
759 if (isempty(attr))
760 return log_token_invalid_attr(rules, key);
761 check_value_format_and_warn(rules, key, value, true);
762 if (op == OP_REMOVE)
763 return log_token_invalid_op(rules, key);
764 if (!is_match)
765 op = OP_MATCH;
766
767 if (streq(attr, "file"))
768 r = rule_line_add_token(rule_line, TK_M_IMPORT_FILE, op, value, NULL);
769 else if (streq(attr, "program")) {
770 UdevBuiltinCommand cmd;
771
772 cmd = udev_builtin_lookup(value);
773 if (cmd >= 0) {
774 log_token_debug(rules,"Found builtin command '%s' for %s, replacing attribute", value, key);
775 r = rule_line_add_token(rule_line, TK_M_IMPORT_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
776 } else
777 r = rule_line_add_token(rule_line, TK_M_IMPORT_PROGRAM, op, value, NULL);
778 } else if (streq(attr, "builtin")) {
779 UdevBuiltinCommand cmd;
780
781 cmd = udev_builtin_lookup(value);
782 if (cmd < 0)
783 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
784 "Unknown builtin command: %s", value);
785 r = rule_line_add_token(rule_line, TK_M_IMPORT_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
786 } else if (streq(attr, "db"))
787 r = rule_line_add_token(rule_line, TK_M_IMPORT_DB, op, value, NULL);
788 else if (streq(attr, "cmdline"))
789 r = rule_line_add_token(rule_line, TK_M_IMPORT_CMDLINE, op, value, NULL);
790 else if (streq(attr, "parent"))
791 r = rule_line_add_token(rule_line, TK_M_IMPORT_PARENT, op, value, NULL);
792 else
793 return log_token_invalid_attr(rules, key);
794 } else if (streq(key, "RESULT")) {
795 if (attr)
796 return log_token_invalid_attr(rules, key);
797 if (!is_match)
798 return log_token_invalid_op(rules, key);
799
800 r = rule_line_add_token(rule_line, TK_M_RESULT, op, value, NULL);
801 } else if (streq(key, "OPTIONS")) {
802 char *tmp;
803
804 if (attr)
805 return log_token_invalid_attr(rules, key);
806 if (is_match || op == OP_REMOVE)
807 return log_token_invalid_op(rules, key);
808 if (op == OP_ADD)
809 op = OP_ASSIGN;
810
811 if (streq(value, "string_escape=none"))
812 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STRING_ESCAPE_NONE, op, NULL, NULL);
813 else if (streq(value, "string_escape=replace"))
814 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STRING_ESCAPE_REPLACE, op, NULL, NULL);
815 else if (streq(value, "db_persist"))
816 r = rule_line_add_token(rule_line, TK_A_OPTIONS_DB_PERSIST, op, NULL, NULL);
817 else if (streq(value, "watch"))
818 r = rule_line_add_token(rule_line, TK_A_OPTIONS_INOTIFY_WATCH, op, NULL, INT_TO_PTR(1));
819 else if (streq(value, "nowatch"))
820 r = rule_line_add_token(rule_line, TK_A_OPTIONS_INOTIFY_WATCH, op, NULL, INT_TO_PTR(0));
821 else if ((tmp = startswith(value, "static_node=")))
822 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STATIC_NODE, op, tmp, NULL);
823 else if ((tmp = startswith(value, "link_priority="))) {
824 int prio;
825
826 r = safe_atoi(tmp, &prio);
827 if (r < 0)
828 return log_token_error_errno(rules, r, "Failed to parse link priority '%s': %m", tmp);
829 r = rule_line_add_token(rule_line, TK_A_OPTIONS_DEVLINK_PRIORITY, op, NULL, INT_TO_PTR(prio));
830 } else if ((tmp = startswith(value, "log_level="))) {
831 int level;
832
833 if (streq(tmp, "reset"))
834 level = -1;
835 else {
836 level = log_level_from_string(tmp);
837 if (level < 0)
838 return log_token_error_errno(rules, level, "Failed to parse log level '%s': %m", tmp);
839 }
840 r = rule_line_add_token(rule_line, TK_A_OPTIONS_LOG_LEVEL, op, NULL, INT_TO_PTR(level));
841 } else {
842 log_token_warning(rules, "Invalid value for OPTIONS key, ignoring: '%s'", value);
843 return 0;
844 }
845 } else if (streq(key, "OWNER")) {
846 uid_t uid;
847
848 if (attr)
849 return log_token_invalid_attr(rules, key);
850 if (is_match || op == OP_REMOVE)
851 return log_token_invalid_op(rules, key);
852 if (op == OP_ADD) {
853 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
854 op = OP_ASSIGN;
855 }
856
857 if (parse_uid(value, &uid) >= 0)
858 r = rule_line_add_token(rule_line, TK_A_OWNER_ID, op, NULL, UID_TO_PTR(uid));
859 else if (rules->resolve_name_timing == RESOLVE_NAME_EARLY &&
860 rule_get_substitution_type(value) == SUBST_TYPE_PLAIN) {
861 r = rule_resolve_user(rules, value, &uid);
862 if (r < 0)
863 return log_token_error_errno(rules, r, "Failed to resolve user name '%s': %m", value);
864
865 r = rule_line_add_token(rule_line, TK_A_OWNER_ID, op, NULL, UID_TO_PTR(uid));
866 } else if (rules->resolve_name_timing != RESOLVE_NAME_NEVER) {
867 check_value_format_and_warn(rules, key, value, true);
868 r = rule_line_add_token(rule_line, TK_A_OWNER, op, value, NULL);
869 } else {
870 log_token_debug(rules, "User name resolution is disabled, ignoring %s=%s", key, value);
871 return 0;
872 }
873 } else if (streq(key, "GROUP")) {
874 gid_t gid;
875
876 if (attr)
877 return log_token_invalid_attr(rules, key);
878 if (is_match || op == OP_REMOVE)
879 return log_token_invalid_op(rules, key);
880 if (op == OP_ADD) {
881 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
882 op = OP_ASSIGN;
883 }
884
885 if (parse_gid(value, &gid) >= 0)
886 r = rule_line_add_token(rule_line, TK_A_GROUP_ID, op, NULL, GID_TO_PTR(gid));
887 else if (rules->resolve_name_timing == RESOLVE_NAME_EARLY &&
888 rule_get_substitution_type(value) == SUBST_TYPE_PLAIN) {
889 r = rule_resolve_group(rules, value, &gid);
890 if (r < 0)
891 return log_token_error_errno(rules, r, "Failed to resolve group name '%s': %m", value);
892
893 r = rule_line_add_token(rule_line, TK_A_GROUP_ID, op, NULL, GID_TO_PTR(gid));
894 } else if (rules->resolve_name_timing != RESOLVE_NAME_NEVER) {
895 check_value_format_and_warn(rules, key, value, true);
896 r = rule_line_add_token(rule_line, TK_A_GROUP, op, value, NULL);
897 } else {
898 log_token_debug(rules, "Resolving group name is disabled, ignoring %s=%s", key, value);
899 return 0;
900 }
901 } else if (streq(key, "MODE")) {
902 mode_t mode;
903
904 if (attr)
905 return log_token_invalid_attr(rules, key);
906 if (is_match || op == OP_REMOVE)
907 return log_token_invalid_op(rules, key);
908 if (op == OP_ADD) {
909 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
910 op = OP_ASSIGN;
911 }
912
913 if (parse_mode(value, &mode) >= 0)
914 r = rule_line_add_token(rule_line, TK_A_MODE_ID, op, NULL, MODE_TO_PTR(mode));
915 else {
916 check_value_format_and_warn(rules, key, value, true);
917 r = rule_line_add_token(rule_line, TK_A_MODE, op, value, NULL);
918 }
919 } else if (streq(key, "SECLABEL")) {
920 if (isempty(attr))
921 return log_token_invalid_attr(rules, key);
922 check_value_format_and_warn(rules, key, value, true);
923 if (is_match || op == OP_REMOVE)
924 return log_token_invalid_op(rules, key);
925 if (op == OP_ASSIGN_FINAL) {
926 log_token_warning(rules, "%s key takes '=' or '+=' operator, assuming '=', but please fix it.", key);
927 op = OP_ASSIGN;
928 }
929
930 r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, attr);
931 } else if (streq(key, "RUN")) {
932 if (is_match || op == OP_REMOVE)
933 return log_token_invalid_op(rules, key);
934 check_value_format_and_warn(rules, key, value, true);
935 if (!attr || streq(attr, "program"))
936 r = rule_line_add_token(rule_line, TK_A_RUN_PROGRAM, op, value, NULL);
937 else if (streq(attr, "builtin")) {
938 UdevBuiltinCommand cmd;
939
940 cmd = udev_builtin_lookup(value);
941 if (cmd < 0)
942 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
943 "Unknown builtin command '%s', ignoring", value);
944 r = rule_line_add_token(rule_line, TK_A_RUN_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
945 } else
946 return log_token_invalid_attr(rules, key);
947 } else if (streq(key, "GOTO")) {
948 if (attr)
949 return log_token_invalid_attr(rules, key);
950 if (op != OP_ASSIGN)
951 return log_token_invalid_op(rules, key);
952 if (FLAGS_SET(rule_line->type, LINE_HAS_GOTO)) {
953 log_token_warning(rules, "Contains multiple GOTO keys, ignoring GOTO=\"%s\".", value);
954 return 0;
955 }
956
957 rule_line->goto_label = value;
958 SET_FLAG(rule_line->type, LINE_HAS_GOTO, true);
959 return 1;
960 } else if (streq(key, "LABEL")) {
961 if (attr)
962 return log_token_invalid_attr(rules, key);
963 if (op != OP_ASSIGN)
964 return log_token_invalid_op(rules, key);
965
966 rule_line->label = value;
967 SET_FLAG(rule_line->type, LINE_HAS_LABEL, true);
968 return 1;
969 } else
970 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), "Invalid key '%s'", key);
971 if (r < 0)
972 return log_oom();
973
974 return 1;
975 }
976
977 static UdevRuleOperatorType parse_operator(const char *op) {
978 assert(op);
979
980 if (startswith(op, "=="))
981 return OP_MATCH;
982 if (startswith(op, "!="))
983 return OP_NOMATCH;
984 if (startswith(op, "+="))
985 return OP_ADD;
986 if (startswith(op, "-="))
987 return OP_REMOVE;
988 if (startswith(op, "="))
989 return OP_ASSIGN;
990 if (startswith(op, ":="))
991 return OP_ASSIGN_FINAL;
992
993 return _OP_TYPE_INVALID;
994 }
995
996 static int parse_line(char **line, char **ret_key, char **ret_attr, UdevRuleOperatorType *ret_op, char **ret_value) {
997 char *key_begin, *key_end, *attr, *tmp;
998 UdevRuleOperatorType op;
999 int r;
1000
1001 assert(line);
1002 assert(*line);
1003 assert(ret_key);
1004 assert(ret_op);
1005 assert(ret_value);
1006
1007 key_begin = skip_leading_chars(*line, WHITESPACE ",");
1008
1009 if (isempty(key_begin))
1010 return 0;
1011
1012 for (key_end = key_begin; ; key_end++) {
1013 if (key_end[0] == '\0')
1014 return -EINVAL;
1015 if (strchr(WHITESPACE "={", key_end[0]))
1016 break;
1017 if (strchr("+-!:", key_end[0]) && key_end[1] == '=')
1018 break;
1019 }
1020 if (key_end[0] == '{') {
1021 attr = key_end + 1;
1022 tmp = strchr(attr, '}');
1023 if (!tmp)
1024 return -EINVAL;
1025 *tmp++ = '\0';
1026 } else {
1027 attr = NULL;
1028 tmp = key_end;
1029 }
1030
1031 tmp = skip_leading_chars(tmp, NULL);
1032 op = parse_operator(tmp);
1033 if (op < 0)
1034 return -EINVAL;
1035
1036 key_end[0] = '\0';
1037
1038 tmp += op == OP_ASSIGN ? 1 : 2;
1039 tmp = skip_leading_chars(tmp, NULL);
1040 r = udev_rule_parse_value(tmp, ret_value, line);
1041 if (r < 0)
1042 return r;
1043
1044 *ret_key = key_begin;
1045 *ret_attr = attr;
1046 *ret_op = op;
1047 return 1;
1048 }
1049
1050 static void sort_tokens(UdevRuleLine *rule_line) {
1051 UdevRuleToken *head_old;
1052
1053 assert(rule_line);
1054
1055 head_old = TAKE_PTR(rule_line->tokens);
1056 rule_line->current_token = NULL;
1057
1058 while (!LIST_IS_EMPTY(head_old)) {
1059 UdevRuleToken *t, *min_token = NULL;
1060
1061 LIST_FOREACH(tokens, t, head_old)
1062 if (!min_token || min_token->type > t->type)
1063 min_token = t;
1064
1065 LIST_REMOVE(tokens, head_old, min_token);
1066 rule_line_append_token(rule_line, min_token);
1067 }
1068 }
1069
1070 static int rule_add_line(UdevRules *rules, const char *line_str, unsigned line_nr) {
1071 _cleanup_(udev_rule_line_freep) UdevRuleLine *rule_line = NULL;
1072 _cleanup_free_ char *line = NULL;
1073 UdevRuleFile *rule_file;
1074 char *p;
1075 int r;
1076
1077 assert(rules);
1078 assert(rules->current_file);
1079 assert(line_str);
1080
1081 rule_file = rules->current_file;
1082
1083 if (isempty(line_str))
1084 return 0;
1085
1086 /* We use memdup_suffix0() here, since we want to add a second NUL byte to the end, since possibly
1087 * some parsers might turn this into a "nulstr", which requires an extra NUL at the end. */
1088 line = memdup_suffix0(line_str, strlen(line_str) + 1);
1089 if (!line)
1090 return log_oom();
1091
1092 rule_line = new(UdevRuleLine, 1);
1093 if (!rule_line)
1094 return log_oom();
1095
1096 *rule_line = (UdevRuleLine) {
1097 .line = TAKE_PTR(line),
1098 .line_number = line_nr,
1099 .rule_file = rule_file,
1100 };
1101
1102 if (rule_file->current_line)
1103 LIST_APPEND(rule_lines, rule_file->current_line, rule_line);
1104 else
1105 LIST_APPEND(rule_lines, rule_file->rule_lines, rule_line);
1106
1107 rule_file->current_line = rule_line;
1108
1109 for (p = rule_line->line; !isempty(p); ) {
1110 char *key, *attr, *value;
1111 UdevRuleOperatorType op;
1112
1113 r = parse_line(&p, &key, &attr, &op, &value);
1114 if (r < 0)
1115 return log_token_error_errno(rules, r, "Invalid key/value pair, ignoring.");
1116 if (r == 0)
1117 break;
1118
1119 r = parse_token(rules, key, attr, op, value);
1120 if (r < 0)
1121 return r;
1122 }
1123
1124 if (rule_line->type == 0) {
1125 log_token_warning(rules, "The line takes no effect, ignoring.");
1126 return 0;
1127 }
1128
1129 sort_tokens(rule_line);
1130 TAKE_PTR(rule_line);
1131 return 0;
1132 }
1133
1134 static void rule_resolve_goto(UdevRuleFile *rule_file) {
1135 UdevRuleLine *line, *line_next, *i;
1136
1137 assert(rule_file);
1138
1139 /* link GOTOs to LABEL rules in this file to be able to fast-forward */
1140 LIST_FOREACH_SAFE(rule_lines, line, line_next, rule_file->rule_lines) {
1141 if (!FLAGS_SET(line->type, LINE_HAS_GOTO))
1142 continue;
1143
1144 LIST_FOREACH_AFTER(rule_lines, i, line)
1145 if (streq_ptr(i->label, line->goto_label)) {
1146 line->goto_line = i;
1147 break;
1148 }
1149
1150 if (!line->goto_line) {
1151 log_error("%s:%u: GOTO=\"%s\" has no matching label, ignoring",
1152 rule_file->filename, line->line_number, line->goto_label);
1153
1154 SET_FLAG(line->type, LINE_HAS_GOTO, false);
1155 line->goto_label = NULL;
1156
1157 if ((line->type & ~LINE_HAS_LABEL) == 0) {
1158 log_notice("%s:%u: The line takes no effect any more, dropping",
1159 rule_file->filename, line->line_number);
1160 if (line->type == LINE_HAS_LABEL)
1161 udev_rule_line_clear_tokens(line);
1162 else
1163 udev_rule_line_free(line);
1164 }
1165 }
1166 }
1167 }
1168
1169 int udev_rules_parse_file(UdevRules *rules, const char *filename) {
1170 _cleanup_free_ char *continuation = NULL, *name = NULL;
1171 _cleanup_fclose_ FILE *f = NULL;
1172 UdevRuleFile *rule_file;
1173 bool ignore_line = false;
1174 unsigned line_nr = 0;
1175 int r;
1176
1177 f = fopen(filename, "re");
1178 if (!f) {
1179 if (errno == ENOENT)
1180 return 0;
1181
1182 return -errno;
1183 }
1184
1185 (void) fd_warn_permissions(filename, fileno(f));
1186
1187 if (null_or_empty_fd(fileno(f))) {
1188 log_debug("Skipping empty file: %s", filename);
1189 return 0;
1190 }
1191
1192 log_debug("Reading rules file: %s", filename);
1193
1194 name = strdup(filename);
1195 if (!name)
1196 return log_oom();
1197
1198 rule_file = new(UdevRuleFile, 1);
1199 if (!rule_file)
1200 return log_oom();
1201
1202 *rule_file = (UdevRuleFile) {
1203 .filename = TAKE_PTR(name),
1204 };
1205
1206 if (rules->current_file)
1207 LIST_APPEND(rule_files, rules->current_file, rule_file);
1208 else
1209 LIST_APPEND(rule_files, rules->rule_files, rule_file);
1210
1211 rules->current_file = rule_file;
1212
1213 for (;;) {
1214 _cleanup_free_ char *buf = NULL;
1215 size_t len;
1216 char *line;
1217
1218 r = read_line(f, UDEV_LINE_SIZE, &buf);
1219 if (r < 0)
1220 return r;
1221 if (r == 0)
1222 break;
1223
1224 line_nr++;
1225 line = skip_leading_chars(buf, NULL);
1226
1227 if (line[0] == '#')
1228 continue;
1229
1230 len = strlen(line);
1231
1232 if (continuation && !ignore_line) {
1233 if (strlen(continuation) + len >= UDEV_LINE_SIZE)
1234 ignore_line = true;
1235
1236 if (!strextend(&continuation, line))
1237 return log_oom();
1238
1239 if (!ignore_line) {
1240 line = continuation;
1241 len = strlen(line);
1242 }
1243 }
1244
1245 if (len > 0 && line[len - 1] == '\\') {
1246 if (ignore_line)
1247 continue;
1248
1249 line[len - 1] = '\0';
1250 if (!continuation) {
1251 continuation = strdup(line);
1252 if (!continuation)
1253 return log_oom();
1254 }
1255
1256 continue;
1257 }
1258
1259 if (ignore_line)
1260 log_error("%s:%u: Line is too long, ignored", filename, line_nr);
1261 else if (len > 0)
1262 (void) rule_add_line(rules, line, line_nr);
1263
1264 continuation = mfree(continuation);
1265 ignore_line = false;
1266 }
1267
1268 rule_resolve_goto(rule_file);
1269 return 0;
1270 }
1271
1272 UdevRules* udev_rules_new(ResolveNameTiming resolve_name_timing) {
1273 assert(resolve_name_timing >= 0 && resolve_name_timing < _RESOLVE_NAME_TIMING_MAX);
1274
1275 UdevRules *rules = new(UdevRules, 1);
1276 if (!rules)
1277 return NULL;
1278
1279 *rules = (UdevRules) {
1280 .resolve_name_timing = resolve_name_timing,
1281 };
1282
1283 return rules;
1284 }
1285
1286 int udev_rules_load(UdevRules **ret_rules, ResolveNameTiming resolve_name_timing) {
1287 _cleanup_(udev_rules_freep) UdevRules *rules = NULL;
1288 _cleanup_strv_free_ char **files = NULL;
1289 char **f;
1290 int r;
1291
1292 rules = udev_rules_new(resolve_name_timing);
1293 if (!rules)
1294 return -ENOMEM;
1295
1296 (void) udev_rules_check_timestamp(rules);
1297
1298 r = conf_files_list_strv(&files, ".rules", NULL, 0, RULES_DIRS);
1299 if (r < 0)
1300 return log_debug_errno(r, "Failed to enumerate rules files: %m");
1301
1302 STRV_FOREACH(f, files) {
1303 r = udev_rules_parse_file(rules, *f);
1304 if (r < 0)
1305 log_debug_errno(r, "Failed to read rules file %s, ignoring: %m", *f);
1306 }
1307
1308 *ret_rules = TAKE_PTR(rules);
1309 return 0;
1310 }
1311
1312 bool udev_rules_check_timestamp(UdevRules *rules) {
1313 if (!rules)
1314 return false;
1315
1316 return paths_check_timestamp(RULES_DIRS, &rules->dirs_ts_usec, true);
1317 }
1318
1319 static bool token_match_string(UdevRuleToken *token, const char *str) {
1320 const char *i, *value;
1321 bool match = false;
1322
1323 assert(token);
1324 assert(token->value);
1325 assert(token->type < _TK_M_MAX);
1326
1327 str = strempty(str);
1328 value = token->value;
1329
1330 switch (token->match_type) {
1331 case MATCH_TYPE_EMPTY:
1332 match = isempty(str);
1333 break;
1334 case MATCH_TYPE_SUBSYSTEM:
1335 match = STR_IN_SET(str, "subsystem", "class", "bus");
1336 break;
1337 case MATCH_TYPE_PLAIN_WITH_EMPTY:
1338 if (isempty(str)) {
1339 match = true;
1340 break;
1341 }
1342 _fallthrough_;
1343 case MATCH_TYPE_PLAIN:
1344 NULSTR_FOREACH(i, value)
1345 if (streq(i, str)) {
1346 match = true;
1347 break;
1348 }
1349 break;
1350 case MATCH_TYPE_GLOB_WITH_EMPTY:
1351 if (isempty(str)) {
1352 match = true;
1353 break;
1354 }
1355 _fallthrough_;
1356 case MATCH_TYPE_GLOB:
1357 NULSTR_FOREACH(i, value)
1358 if ((fnmatch(i, str, 0) == 0)) {
1359 match = true;
1360 break;
1361 }
1362 break;
1363 default:
1364 assert_not_reached("Invalid match type");
1365 }
1366
1367 return token->op == (match ? OP_MATCH : OP_NOMATCH);
1368 }
1369
1370 static bool token_match_attr(UdevRuleToken *token, sd_device *dev, UdevEvent *event) {
1371 char nbuf[UDEV_NAME_SIZE], vbuf[UDEV_NAME_SIZE];
1372 const char *name, *value;
1373
1374 assert(token);
1375 assert(dev);
1376 assert(event);
1377
1378 name = token->data;
1379
1380 switch (token->attr_subst_type) {
1381 case SUBST_TYPE_FORMAT:
1382 (void) udev_event_apply_format(event, name, nbuf, sizeof(nbuf), false);
1383 name = nbuf;
1384 _fallthrough_;
1385 case SUBST_TYPE_PLAIN:
1386 if (sd_device_get_sysattr_value(dev, name, &value) < 0)
1387 return false;
1388 break;
1389 case SUBST_TYPE_SUBSYS:
1390 if (udev_resolve_subsys_kernel(name, vbuf, sizeof(vbuf), true) < 0)
1391 return false;
1392 value = vbuf;
1393 break;
1394 default:
1395 assert_not_reached("Invalid attribute substitution type");
1396 }
1397
1398 /* remove trailing whitespace, if not asked to match for it */
1399 if (token->attr_match_remove_trailing_whitespace) {
1400 if (value != vbuf) {
1401 strscpy(vbuf, sizeof(vbuf), value);
1402 value = vbuf;
1403 }
1404
1405 delete_trailing_chars(vbuf, NULL);
1406 }
1407
1408 return token_match_string(token, value);
1409 }
1410
1411 static int get_property_from_string(char *line, char **ret_key, char **ret_value) {
1412 char *key, *val;
1413 size_t len;
1414
1415 assert(line);
1416 assert(ret_key);
1417 assert(ret_value);
1418
1419 /* find key */
1420 key = skip_leading_chars(line, NULL);
1421
1422 /* comment or empty line */
1423 if (IN_SET(key[0], '#', '\0')) {
1424 *ret_key = *ret_value = NULL;
1425 return 0;
1426 }
1427
1428 /* split key/value */
1429 val = strchr(key, '=');
1430 if (!val)
1431 return -EINVAL;
1432 *val++ = '\0';
1433
1434 key = strstrip(key);
1435 if (isempty(key))
1436 return -EINVAL;
1437
1438 val = strstrip(val);
1439 if (isempty(val))
1440 return -EINVAL;
1441
1442 /* unquote */
1443 if (IN_SET(val[0], '"', '\'')) {
1444 len = strlen(val);
1445 if (len == 1 || val[len-1] != val[0])
1446 return -EINVAL;
1447 val[len-1] = '\0';
1448 val++;
1449 }
1450
1451 *ret_key = key;
1452 *ret_value = val;
1453 return 1;
1454 }
1455
1456 static int import_parent_into_properties(sd_device *dev, const char *filter) {
1457 const char *key, *val;
1458 sd_device *parent;
1459 int r;
1460
1461 assert(dev);
1462 assert(filter);
1463
1464 r = sd_device_get_parent(dev, &parent);
1465 if (r == -ENOENT)
1466 return 0;
1467 if (r < 0)
1468 return r;
1469
1470 FOREACH_DEVICE_PROPERTY(parent, key, val) {
1471 if (fnmatch(filter, key, 0) != 0)
1472 continue;
1473 r = device_add_property(dev, key, val);
1474 if (r < 0)
1475 return r;
1476 }
1477
1478 return 1;
1479 }
1480
1481 static int attr_subst_subdir(char attr[static UDEV_PATH_SIZE]) {
1482 _cleanup_closedir_ DIR *dir = NULL;
1483 struct dirent *dent;
1484 char buf[UDEV_PATH_SIZE], *p;
1485 const char *tail;
1486 size_t len, size;
1487
1488 assert(attr);
1489
1490 tail = strstr(attr, "/*/");
1491 if (!tail)
1492 return 0;
1493
1494 len = tail - attr + 1; /* include slash at the end */
1495 tail += 2; /* include slash at the beginning */
1496
1497 p = buf;
1498 size = sizeof(buf);
1499 size -= strnpcpy(&p, size, attr, len);
1500
1501 dir = opendir(buf);
1502 if (!dir)
1503 return -errno;
1504
1505 FOREACH_DIRENT_ALL(dent, dir, break) {
1506 if (dent->d_name[0] == '.')
1507 continue;
1508
1509 strscpyl(p, size, dent->d_name, tail, NULL);
1510 if (faccessat(dirfd(dir), p, F_OK, 0) < 0)
1511 continue;
1512
1513 strcpy(attr, buf);
1514 return 0;
1515 }
1516
1517 return -ENOENT;
1518 }
1519
1520 static int udev_rule_apply_token_to_event(
1521 UdevRules *rules,
1522 sd_device *dev,
1523 UdevEvent *event,
1524 usec_t timeout_usec,
1525 int timeout_signal,
1526 Hashmap *properties_list) {
1527
1528 UdevRuleToken *token;
1529 char buf[UDEV_PATH_SIZE];
1530 const char *val;
1531 size_t count;
1532 bool match;
1533 int r;
1534
1535 assert(rules);
1536 assert(dev);
1537 assert(event);
1538
1539 /* This returns the following values:
1540 * 0 on the current token does not match the event,
1541 * 1 on the current token matches the event, and
1542 * negative errno on some critical errors. */
1543
1544 token = rules->current_file->current_line->current_token;
1545
1546 switch (token->type) {
1547 case TK_M_ACTION: {
1548 DeviceAction a;
1549
1550 r = device_get_action(dev, &a);
1551 if (r < 0)
1552 return log_rule_error_errno(dev, rules, r, "Failed to get uevent action type: %m");
1553
1554 return token_match_string(token, device_action_to_string(a));
1555 }
1556 case TK_M_DEVPATH:
1557 r = sd_device_get_devpath(dev, &val);
1558 if (r < 0)
1559 return log_rule_error_errno(dev, rules, r, "Failed to get devpath: %m");
1560
1561 return token_match_string(token, val);
1562 case TK_M_KERNEL:
1563 case TK_M_PARENTS_KERNEL:
1564 r = sd_device_get_sysname(dev, &val);
1565 if (r < 0)
1566 return log_rule_error_errno(dev, rules, r, "Failed to get sysname: %m");
1567
1568 return token_match_string(token, val);
1569 case TK_M_DEVLINK:
1570 FOREACH_DEVICE_DEVLINK(dev, val)
1571 if (token_match_string(token, strempty(startswith(val, "/dev/"))))
1572 return token->op == OP_MATCH;
1573 return token->op == OP_NOMATCH;
1574 case TK_M_NAME:
1575 return token_match_string(token, event->name);
1576 case TK_M_ENV:
1577 if (sd_device_get_property_value(dev, token->data, &val) < 0)
1578 val = hashmap_get(properties_list, token->data);
1579
1580 return token_match_string(token, val);
1581 case TK_M_CONST: {
1582 const char *k = token->data;
1583
1584 if (streq(k, "arch"))
1585 val = architecture_to_string(uname_architecture());
1586 else if (streq(k, "virt"))
1587 val = virtualization_to_string(detect_virtualization());
1588 else
1589 assert_not_reached("Invalid CONST key");
1590 return token_match_string(token, val);
1591 }
1592 case TK_M_TAG:
1593 case TK_M_PARENTS_TAG:
1594 FOREACH_DEVICE_TAG(dev, val)
1595 if (token_match_string(token, val))
1596 return token->op == OP_MATCH;
1597 return token->op == OP_NOMATCH;
1598 case TK_M_SUBSYSTEM:
1599 case TK_M_PARENTS_SUBSYSTEM:
1600 r = sd_device_get_subsystem(dev, &val);
1601 if (r == -ENOENT)
1602 val = NULL;
1603 else if (r < 0)
1604 return log_rule_error_errno(dev, rules, r, "Failed to get subsystem: %m");
1605
1606 return token_match_string(token, val);
1607 case TK_M_DRIVER:
1608 case TK_M_PARENTS_DRIVER:
1609 r = sd_device_get_driver(dev, &val);
1610 if (r == -ENOENT)
1611 val = NULL;
1612 else if (r < 0)
1613 return log_rule_error_errno(dev, rules, r, "Failed to get driver: %m");
1614
1615 return token_match_string(token, val);
1616 case TK_M_ATTR:
1617 case TK_M_PARENTS_ATTR:
1618 return token_match_attr(token, dev, event);
1619 case TK_M_SYSCTL: {
1620 _cleanup_free_ char *value = NULL;
1621
1622 (void) udev_event_apply_format(event, token->data, buf, sizeof(buf), false);
1623 r = sysctl_read(sysctl_normalize(buf), &value);
1624 if (r < 0 && r != -ENOENT)
1625 return log_rule_error_errno(dev, rules, r, "Failed to read sysctl '%s': %m", buf);
1626
1627 return token_match_string(token, strstrip(value));
1628 }
1629 case TK_M_TEST: {
1630 mode_t mode = PTR_TO_MODE(token->data);
1631 struct stat statbuf;
1632
1633 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1634 if (!path_is_absolute(buf) &&
1635 udev_resolve_subsys_kernel(buf, buf, sizeof(buf), false) < 0) {
1636 char tmp[UDEV_PATH_SIZE];
1637
1638 r = sd_device_get_syspath(dev, &val);
1639 if (r < 0)
1640 return log_rule_error_errno(dev, rules, r, "Failed to get syspath: %m");
1641
1642 strscpy(tmp, sizeof(tmp), buf);
1643 strscpyl(buf, sizeof(buf), val, "/", tmp, NULL);
1644 }
1645
1646 r = attr_subst_subdir(buf);
1647 if (r == -ENOENT)
1648 return token->op == OP_NOMATCH;
1649 if (r < 0)
1650 return log_rule_error_errno(dev, rules, r, "Failed to test for the existence of '%s': %m", buf);
1651
1652 if (stat(buf, &statbuf) < 0)
1653 return token->op == OP_NOMATCH;
1654
1655 if (mode == MODE_INVALID)
1656 return token->op == OP_MATCH;
1657
1658 match = (statbuf.st_mode & mode) > 0;
1659 return token->op == (match ? OP_MATCH : OP_NOMATCH);
1660 }
1661 case TK_M_PROGRAM: {
1662 char result[UDEV_LINE_SIZE];
1663
1664 event->program_result = mfree(event->program_result);
1665 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1666 log_rule_debug(dev, rules, "Running PROGRAM '%s'", buf);
1667
1668 r = udev_event_spawn(event, timeout_usec, timeout_signal, true, buf, result, sizeof(result));
1669 if (r != 0) {
1670 if (r < 0)
1671 log_rule_warning_errno(dev, rules, r, "Failed to execute \"%s\": %m", buf);
1672 else /* returned value is positive when program fails */
1673 log_rule_debug(dev, rules, "Command \"%s\" returned %d (error)", buf, r);
1674 return token->op == OP_NOMATCH;
1675 }
1676
1677 delete_trailing_chars(result, "\n");
1678 count = udev_replace_chars(result, UDEV_ALLOWED_CHARS_INPUT);
1679 if (count > 0)
1680 log_rule_debug(dev, rules, "Replaced %zu character(s) in result of \"%s\"",
1681 count, buf);
1682
1683 event->program_result = strdup(result);
1684 return token->op == OP_MATCH;
1685 }
1686 case TK_M_IMPORT_FILE: {
1687 _cleanup_fclose_ FILE *f = NULL;
1688
1689 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1690 log_rule_debug(dev, rules, "Importing properties from '%s'", buf);
1691
1692 f = fopen(buf, "re");
1693 if (!f) {
1694 if (errno != ENOENT)
1695 return log_rule_error_errno(dev, rules, errno,
1696 "Failed to open '%s': %m", buf);
1697 return token->op == OP_NOMATCH;
1698 }
1699
1700 for (;;) {
1701 _cleanup_free_ char *line = NULL;
1702 char *key, *value;
1703
1704 r = read_line(f, LONG_LINE_MAX, &line);
1705 if (r < 0) {
1706 log_rule_debug_errno(dev, rules, r,
1707 "Failed to read '%s', ignoring: %m", buf);
1708 return token->op == OP_NOMATCH;
1709 }
1710 if (r == 0)
1711 break;
1712
1713 r = get_property_from_string(line, &key, &value);
1714 if (r < 0) {
1715 log_rule_debug_errno(dev, rules, r,
1716 "Failed to parse key and value from '%s', ignoring: %m",
1717 line);
1718 continue;
1719 }
1720 if (r == 0)
1721 continue;
1722
1723 r = device_add_property(dev, key, value);
1724 if (r < 0)
1725 return log_rule_error_errno(dev, rules, r,
1726 "Failed to add property %s=%s: %m",
1727 key, value);
1728 }
1729
1730 return token->op == OP_MATCH;
1731 }
1732 case TK_M_IMPORT_PROGRAM: {
1733 _cleanup_strv_free_ char **lines = NULL;
1734 char result[UDEV_LINE_SIZE], **line;
1735
1736 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1737 log_rule_debug(dev, rules, "Importing properties from results of '%s'", buf);
1738
1739 r = udev_event_spawn(event, timeout_usec, timeout_signal, true, buf, result, sizeof result);
1740 if (r != 0) {
1741 if (r < 0)
1742 log_rule_warning_errno(dev, rules, r, "Failed to execute '%s', ignoring: %m", buf);
1743 else /* returned value is positive when program fails */
1744 log_rule_debug(dev, rules, "Command \"%s\" returned %d (error), ignoring", buf, r);
1745 return token->op == OP_NOMATCH;
1746 }
1747
1748 lines = strv_split_newlines(result);
1749 if (!lines)
1750 return log_oom();
1751
1752 STRV_FOREACH(line, lines) {
1753 char *key, *value;
1754
1755 r = get_property_from_string(*line, &key, &value);
1756 if (r < 0) {
1757 log_rule_debug_errno(dev, rules, r,
1758 "Failed to parse key and value from '%s', ignoring: %m",
1759 *line);
1760 continue;
1761 }
1762 if (r == 0)
1763 continue;
1764
1765 r = device_add_property(dev, key, value);
1766 if (r < 0)
1767 return log_rule_error_errno(dev, rules, r,
1768 "Failed to add property %s=%s: %m",
1769 key, value);
1770 }
1771
1772 return token->op == OP_MATCH;
1773 }
1774 case TK_M_IMPORT_BUILTIN: {
1775 UdevBuiltinCommand cmd = PTR_TO_UDEV_BUILTIN_CMD(token->data);
1776 unsigned mask = 1U << (int) cmd;
1777
1778 if (udev_builtin_run_once(cmd)) {
1779 /* check if we ran already */
1780 if (event->builtin_run & mask) {
1781 log_rule_debug(dev, rules, "Skipping builtin '%s' in IMPORT key",
1782 udev_builtin_name(cmd));
1783 /* return the result from earlier run */
1784 return token->op == (event->builtin_ret & mask ? OP_NOMATCH : OP_MATCH);
1785 }
1786 /* mark as ran */
1787 event->builtin_run |= mask;
1788 }
1789
1790 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1791 log_rule_debug(dev, rules, "Importing properties from results of builtin command '%s'", buf);
1792
1793 r = udev_builtin_run(dev, cmd, buf, false);
1794 if (r < 0) {
1795 /* remember failure */
1796 log_rule_debug_errno(dev, rules, r, "Failed to run builtin '%s': %m", buf);
1797 event->builtin_ret |= mask;
1798 }
1799 return token->op == (r >= 0 ? OP_MATCH : OP_NOMATCH);
1800 }
1801 case TK_M_IMPORT_DB: {
1802 if (!event->dev_db_clone)
1803 return token->op == OP_NOMATCH;
1804 r = sd_device_get_property_value(event->dev_db_clone, token->value, &val);
1805 if (r == -ENOENT)
1806 return token->op == OP_NOMATCH;
1807 if (r < 0)
1808 return log_rule_error_errno(dev, rules, r,
1809 "Failed to get property '%s' from database: %m",
1810 token->value);
1811
1812 r = device_add_property(dev, token->value, val);
1813 if (r < 0)
1814 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m",
1815 token->value, val);
1816 return token->op == OP_MATCH;
1817 }
1818 case TK_M_IMPORT_CMDLINE: {
1819 _cleanup_free_ char *value = NULL;
1820
1821 r = proc_cmdline_get_key(token->value, PROC_CMDLINE_VALUE_OPTIONAL|PROC_CMDLINE_IGNORE_EFI_OPTIONS, &value);
1822 if (r < 0)
1823 return log_rule_error_errno(dev, rules, r,
1824 "Failed to read '%s' option from /proc/cmdline: %m",
1825 token->value);
1826 if (r == 0)
1827 return token->op == OP_NOMATCH;
1828
1829 r = device_add_property(dev, token->value, value ?: "1");
1830 if (r < 0)
1831 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m",
1832 token->value, value ?: "1");
1833 return token->op == OP_MATCH;
1834 }
1835 case TK_M_IMPORT_PARENT: {
1836 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1837 r = import_parent_into_properties(dev, buf);
1838 if (r < 0)
1839 return log_rule_error_errno(dev, rules, r,
1840 "Failed to import properties '%s' from parent: %m",
1841 buf);
1842 return token->op == (r > 0 ? OP_MATCH : OP_NOMATCH);
1843 }
1844 case TK_M_RESULT:
1845 return token_match_string(token, event->program_result);
1846 case TK_A_OPTIONS_STRING_ESCAPE_NONE:
1847 event->esc = ESCAPE_NONE;
1848 break;
1849 case TK_A_OPTIONS_STRING_ESCAPE_REPLACE:
1850 event->esc = ESCAPE_REPLACE;
1851 break;
1852 case TK_A_OPTIONS_DB_PERSIST:
1853 device_set_db_persist(dev);
1854 break;
1855 case TK_A_OPTIONS_INOTIFY_WATCH:
1856 if (event->inotify_watch_final)
1857 break;
1858 if (token->op == OP_ASSIGN_FINAL)
1859 event->inotify_watch_final = true;
1860
1861 event->inotify_watch = token->data;
1862 break;
1863 case TK_A_OPTIONS_DEVLINK_PRIORITY:
1864 device_set_devlink_priority(dev, PTR_TO_INT(token->data));
1865 break;
1866 case TK_A_OPTIONS_LOG_LEVEL: {
1867 int level = PTR_TO_INT(token->data);
1868
1869 if (level < 0)
1870 level = event->default_log_level;
1871
1872 log_set_max_level(level);
1873
1874 if (level == LOG_DEBUG && !event->log_level_was_debug) {
1875 /* The log level becomes LOG_DEBUG at first time. Let's log basic information. */
1876 log_device_uevent(dev, "The log level is changed to 'debug' while processing device");
1877 event->log_level_was_debug = true;
1878 }
1879
1880 break;
1881 }
1882 case TK_A_OWNER: {
1883 char owner[UDEV_NAME_SIZE];
1884 const char *ow = owner;
1885
1886 if (event->owner_final)
1887 break;
1888 if (token->op == OP_ASSIGN_FINAL)
1889 event->owner_final = true;
1890
1891 (void) udev_event_apply_format(event, token->value, owner, sizeof(owner), false);
1892 r = get_user_creds(&ow, &event->uid, NULL, NULL, NULL, USER_CREDS_ALLOW_MISSING);
1893 if (r < 0)
1894 log_unknown_owner(dev, rules, r, "user", owner);
1895 else
1896 log_rule_debug(dev, rules, "OWNER %s(%u)", owner, event->uid);
1897 break;
1898 }
1899 case TK_A_GROUP: {
1900 char group[UDEV_NAME_SIZE];
1901 const char *gr = group;
1902
1903 if (event->group_final)
1904 break;
1905 if (token->op == OP_ASSIGN_FINAL)
1906 event->group_final = true;
1907
1908 (void) udev_event_apply_format(event, token->value, group, sizeof(group), false);
1909 r = get_group_creds(&gr, &event->gid, USER_CREDS_ALLOW_MISSING);
1910 if (r < 0)
1911 log_unknown_owner(dev, rules, r, "group", group);
1912 else
1913 log_rule_debug(dev, rules, "GROUP %s(%u)", group, event->gid);
1914 break;
1915 }
1916 case TK_A_MODE: {
1917 char mode_str[UDEV_NAME_SIZE];
1918
1919 if (event->mode_final)
1920 break;
1921 if (token->op == OP_ASSIGN_FINAL)
1922 event->mode_final = true;
1923
1924 (void) udev_event_apply_format(event, token->value, mode_str, sizeof(mode_str), false);
1925 r = parse_mode(mode_str, &event->mode);
1926 if (r < 0)
1927 log_rule_error_errno(dev, rules, r, "Failed to parse mode '%s', ignoring: %m", mode_str);
1928 else
1929 log_rule_debug(dev, rules, "MODE %#o", event->mode);
1930 break;
1931 }
1932 case TK_A_OWNER_ID:
1933 if (event->owner_final)
1934 break;
1935 if (token->op == OP_ASSIGN_FINAL)
1936 event->owner_final = true;
1937 if (!token->data)
1938 break;
1939 event->uid = PTR_TO_UID(token->data);
1940 log_rule_debug(dev, rules, "OWNER %u", event->uid);
1941 break;
1942 case TK_A_GROUP_ID:
1943 if (event->group_final)
1944 break;
1945 if (token->op == OP_ASSIGN_FINAL)
1946 event->group_final = true;
1947 if (!token->data)
1948 break;
1949 event->gid = PTR_TO_GID(token->data);
1950 log_rule_debug(dev, rules, "GROUP %u", event->gid);
1951 break;
1952 case TK_A_MODE_ID:
1953 if (event->mode_final)
1954 break;
1955 if (token->op == OP_ASSIGN_FINAL)
1956 event->mode_final = true;
1957 if (!token->data)
1958 break;
1959 event->mode = PTR_TO_MODE(token->data);
1960 log_rule_debug(dev, rules, "MODE %#o", event->mode);
1961 break;
1962 case TK_A_SECLABEL: {
1963 _cleanup_free_ char *name = NULL, *label = NULL;
1964 char label_str[UDEV_LINE_SIZE] = {};
1965
1966 name = strdup(token->data);
1967 if (!name)
1968 return log_oom();
1969
1970 (void) udev_event_apply_format(event, token->value, label_str, sizeof(label_str), false);
1971 if (!isempty(label_str))
1972 label = strdup(label_str);
1973 else
1974 label = strdup(token->value);
1975 if (!label)
1976 return log_oom();
1977
1978 if (token->op == OP_ASSIGN)
1979 ordered_hashmap_clear_free_free(event->seclabel_list);
1980
1981 r = ordered_hashmap_ensure_put(&event->seclabel_list, NULL, name, label);
1982 if (r == -ENOMEM)
1983 return log_oom();
1984 if (r < 0)
1985 return log_rule_error_errno(dev, rules, r, "Failed to store SECLABEL{%s}='%s': %m", name, label);;
1986
1987 log_rule_debug(dev, rules, "SECLABEL{%s}='%s'", name, label);
1988
1989 TAKE_PTR(name);
1990 TAKE_PTR(label);
1991 break;
1992 }
1993 case TK_A_ENV: {
1994 const char *name = token->data;
1995 char value_new[UDEV_NAME_SIZE], *p = value_new;
1996 size_t l = sizeof(value_new);
1997
1998 if (isempty(token->value)) {
1999 if (token->op == OP_ADD)
2000 break;
2001 r = device_add_property(dev, name, NULL);
2002 if (r < 0)
2003 return log_rule_error_errno(dev, rules, r, "Failed to remove property '%s': %m", name);
2004 break;
2005 }
2006
2007 if (token->op == OP_ADD &&
2008 sd_device_get_property_value(dev, name, &val) >= 0)
2009 l = strpcpyl(&p, l, val, " ", NULL);
2010
2011 (void) udev_event_apply_format(event, token->value, p, l, false);
2012
2013 r = device_add_property(dev, name, value_new);
2014 if (r < 0)
2015 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m", name, value_new);
2016 break;
2017 }
2018 case TK_A_TAG: {
2019 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2020 if (token->op == OP_ASSIGN)
2021 device_cleanup_tags(dev);
2022
2023 if (buf[strspn(buf, ALPHANUMERICAL "-_")] != '\0') {
2024 log_rule_error(dev, rules, "Invalid tag name '%s', ignoring", buf);
2025 break;
2026 }
2027 if (token->op == OP_REMOVE)
2028 device_remove_tag(dev, buf);
2029 else {
2030 r = device_add_tag(dev, buf, true);
2031 if (r < 0)
2032 return log_rule_error_errno(dev, rules, r, "Failed to add tag '%s': %m", buf);
2033 }
2034 break;
2035 }
2036 case TK_A_NAME: {
2037 if (event->name_final)
2038 break;
2039 if (token->op == OP_ASSIGN_FINAL)
2040 event->name_final = true;
2041
2042 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2043 if (IN_SET(event->esc, ESCAPE_UNSET, ESCAPE_REPLACE)) {
2044 count = udev_replace_chars(buf, "/");
2045 if (count > 0)
2046 log_rule_debug(dev, rules, "Replaced %zu character(s) from result of NAME=\"%s\"",
2047 count, token->value);
2048 }
2049 if (sd_device_get_devnum(dev, NULL) >= 0 &&
2050 (sd_device_get_devname(dev, &val) < 0 ||
2051 !streq_ptr(buf, path_startswith(val, "/dev/")))) {
2052 log_rule_error(dev, rules,
2053 "Kernel device nodes cannot be renamed, ignoring NAME=\"%s\"; please fix it.",
2054 token->value);
2055 break;
2056 }
2057 if (free_and_strdup(&event->name, buf) < 0)
2058 return log_oom();
2059
2060 log_rule_debug(dev, rules, "NAME '%s'", event->name);
2061 break;
2062 }
2063 case TK_A_DEVLINK: {
2064 char *p;
2065
2066 if (event->devlink_final)
2067 break;
2068 if (sd_device_get_devnum(dev, NULL) < 0)
2069 break;
2070 if (token->op == OP_ASSIGN_FINAL)
2071 event->devlink_final = true;
2072 if (IN_SET(token->op, OP_ASSIGN, OP_ASSIGN_FINAL))
2073 device_cleanup_devlinks(dev);
2074
2075 /* allow multiple symlinks separated by spaces */
2076 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), event->esc != ESCAPE_NONE);
2077 if (event->esc == ESCAPE_UNSET)
2078 count = udev_replace_chars(buf, "/ ");
2079 else if (event->esc == ESCAPE_REPLACE)
2080 count = udev_replace_chars(buf, "/");
2081 else
2082 count = 0;
2083 if (count > 0)
2084 log_rule_debug(dev, rules, "Replaced %zu character(s) from result of LINK", count);
2085
2086 p = skip_leading_chars(buf, NULL);
2087 while (!isempty(p)) {
2088 char filename[UDEV_PATH_SIZE], *next;
2089
2090 next = strchr(p, ' ');
2091 if (next) {
2092 *next++ = '\0';
2093 next = skip_leading_chars(next, NULL);
2094 }
2095
2096 strscpyl(filename, sizeof(filename), "/dev/", p, NULL);
2097 r = device_add_devlink(dev, filename);
2098 if (r < 0)
2099 return log_rule_error_errno(dev, rules, r, "Failed to add devlink '%s': %m", filename);
2100
2101 log_rule_debug(dev, rules, "LINK '%s'", p);
2102 p = next;
2103 }
2104 break;
2105 }
2106 case TK_A_ATTR: {
2107 const char *key_name = token->data;
2108 char value[UDEV_NAME_SIZE];
2109
2110 if (udev_resolve_subsys_kernel(key_name, buf, sizeof(buf), false) < 0 &&
2111 sd_device_get_syspath(dev, &val) >= 0)
2112 strscpyl(buf, sizeof(buf), val, "/", key_name, NULL);
2113
2114 r = attr_subst_subdir(buf);
2115 if (r < 0) {
2116 log_rule_error_errno(dev, rules, r, "Could not find file matches '%s', ignoring: %m", buf);
2117 break;
2118 }
2119 (void) udev_event_apply_format(event, token->value, value, sizeof(value), false);
2120
2121 log_rule_debug(dev, rules, "ATTR '%s' writing '%s'", buf, value);
2122 r = write_string_file(buf, value, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER | WRITE_STRING_FILE_AVOID_NEWLINE);
2123 if (r < 0)
2124 log_rule_error_errno(dev, rules, r, "Failed to write ATTR{%s}, ignoring: %m", buf);
2125 break;
2126 }
2127 case TK_A_SYSCTL: {
2128 char value[UDEV_NAME_SIZE];
2129
2130 (void) udev_event_apply_format(event, token->data, buf, sizeof(buf), false);
2131 (void) udev_event_apply_format(event, token->value, value, sizeof(value), false);
2132 sysctl_normalize(buf);
2133 log_rule_debug(dev, rules, "SYSCTL '%s' writing '%s'", buf, value);
2134 r = sysctl_write(buf, value);
2135 if (r < 0)
2136 log_rule_error_errno(dev, rules, r, "Failed to write SYSCTL{%s}='%s', ignoring: %m", buf, value);
2137 break;
2138 }
2139 case TK_A_RUN_BUILTIN:
2140 case TK_A_RUN_PROGRAM: {
2141 _cleanup_free_ char *cmd = NULL;
2142
2143 if (event->run_final)
2144 break;
2145 if (token->op == OP_ASSIGN_FINAL)
2146 event->run_final = true;
2147
2148 if (IN_SET(token->op, OP_ASSIGN, OP_ASSIGN_FINAL))
2149 ordered_hashmap_clear_free_key(event->run_list);
2150
2151 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2152
2153 cmd = strdup(buf);
2154 if (!cmd)
2155 return log_oom();
2156
2157 r = ordered_hashmap_ensure_put(&event->run_list, NULL, cmd, token->data);
2158 if (r == -ENOMEM)
2159 return log_oom();
2160 if (r < 0)
2161 return log_rule_error_errno(dev, rules, r, "Failed to store command '%s': %m", cmd);
2162
2163 TAKE_PTR(cmd);
2164
2165 log_rule_debug(dev, rules, "RUN '%s'", token->value);
2166 break;
2167 }
2168 case TK_A_OPTIONS_STATIC_NODE:
2169 /* do nothing for events. */
2170 break;
2171 default:
2172 assert_not_reached("Invalid token type");
2173 }
2174
2175 return true;
2176 }
2177
2178 static bool token_is_for_parents(UdevRuleToken *token) {
2179 return token->type >= TK_M_PARENTS_KERNEL && token->type <= TK_M_PARENTS_TAG;
2180 }
2181
2182 static int udev_rule_apply_parent_token_to_event(
2183 UdevRules *rules,
2184 UdevEvent *event,
2185 int timeout_signal) {
2186
2187 UdevRuleLine *line;
2188 UdevRuleToken *head;
2189 int r;
2190
2191 line = rules->current_file->current_line;
2192 head = rules->current_file->current_line->current_token;
2193 event->dev_parent = event->dev;
2194 for (;;) {
2195 LIST_FOREACH(tokens, line->current_token, head) {
2196 if (!token_is_for_parents(line->current_token))
2197 return true; /* All parent tokens match. */
2198 r = udev_rule_apply_token_to_event(rules, event->dev_parent, event, 0, timeout_signal, NULL);
2199 if (r < 0)
2200 return r;
2201 if (r == 0)
2202 break;
2203 }
2204 if (!line->current_token)
2205 /* All parent tokens match. But no assign tokens in the line. Hmm... */
2206 return true;
2207
2208 if (sd_device_get_parent(event->dev_parent, &event->dev_parent) < 0) {
2209 event->dev_parent = NULL;
2210 return false;
2211 }
2212 }
2213 }
2214
2215 static int udev_rule_apply_line_to_event(
2216 UdevRules *rules,
2217 UdevEvent *event,
2218 usec_t timeout_usec,
2219 int timeout_signal,
2220 Hashmap *properties_list,
2221 UdevRuleLine **next_line) {
2222
2223 UdevRuleLine *line = rules->current_file->current_line;
2224 UdevRuleLineType mask = LINE_HAS_GOTO | LINE_UPDATE_SOMETHING;
2225 UdevRuleToken *token, *next_token;
2226 bool parents_done = false;
2227 DeviceAction action;
2228 int r;
2229
2230 r = device_get_action(event->dev, &action);
2231 if (r < 0)
2232 return r;
2233
2234 if (action != DEVICE_ACTION_REMOVE) {
2235 if (sd_device_get_devnum(event->dev, NULL) >= 0)
2236 mask |= LINE_HAS_DEVLINK;
2237
2238 if (sd_device_get_ifindex(event->dev, NULL) >= 0)
2239 mask |= LINE_HAS_NAME;
2240 }
2241
2242 if ((line->type & mask) == 0)
2243 return 0;
2244
2245 event->esc = ESCAPE_UNSET;
2246 LIST_FOREACH_SAFE(tokens, token, next_token, line->tokens) {
2247 line->current_token = token;
2248
2249 if (token_is_for_parents(token)) {
2250 if (parents_done)
2251 continue;
2252
2253 r = udev_rule_apply_parent_token_to_event(rules, event, timeout_signal);
2254 if (r <= 0)
2255 return r;
2256
2257 parents_done = true;
2258 continue;
2259 }
2260
2261 r = udev_rule_apply_token_to_event(rules, event->dev, event, timeout_usec, timeout_signal, properties_list);
2262 if (r <= 0)
2263 return r;
2264 }
2265
2266 if (line->goto_line)
2267 *next_line = line->goto_line;
2268
2269 return 0;
2270 }
2271
2272 int udev_rules_apply_to_event(
2273 UdevRules *rules,
2274 UdevEvent *event,
2275 usec_t timeout_usec,
2276 int timeout_signal,
2277 Hashmap *properties_list) {
2278
2279 UdevRuleFile *file;
2280 UdevRuleLine *next_line;
2281 int r;
2282
2283 assert(rules);
2284 assert(event);
2285
2286 LIST_FOREACH(rule_files, file, rules->rule_files) {
2287 rules->current_file = file;
2288 LIST_FOREACH_SAFE(rule_lines, file->current_line, next_line, file->rule_lines) {
2289 r = udev_rule_apply_line_to_event(rules, event, timeout_usec, timeout_signal, properties_list, &next_line);
2290 if (r < 0)
2291 return r;
2292 }
2293 }
2294
2295 return 0;
2296 }
2297
2298 static int apply_static_dev_perms(const char *devnode, uid_t uid, gid_t gid, mode_t mode, char **tags) {
2299 char device_node[UDEV_PATH_SIZE], tags_dir[UDEV_PATH_SIZE], tag_symlink[UDEV_PATH_SIZE];
2300 _cleanup_free_ char *unescaped_filename = NULL;
2301 struct stat stats;
2302 char **t;
2303 int r;
2304
2305 assert(devnode);
2306
2307 if (uid == UID_INVALID && gid == GID_INVALID && mode == MODE_INVALID && !tags)
2308 return 0;
2309
2310 strscpyl(device_node, sizeof(device_node), "/dev/", devnode, NULL);
2311 if (stat(device_node, &stats) < 0) {
2312 if (errno != ENOENT)
2313 return log_error_errno(errno, "Failed to stat %s: %m", device_node);
2314 return 0;
2315 }
2316
2317 if (!S_ISBLK(stats.st_mode) && !S_ISCHR(stats.st_mode)) {
2318 log_warning("%s is neither block nor character device, ignoring.", device_node);
2319 return 0;
2320 }
2321
2322 if (!strv_isempty(tags)) {
2323 unescaped_filename = xescape(devnode, "/.");
2324 if (!unescaped_filename)
2325 return log_oom();
2326 }
2327
2328 /* export the tags to a directory as symlinks, allowing otherwise dead nodes to be tagged */
2329 STRV_FOREACH(t, tags) {
2330 strscpyl(tags_dir, sizeof(tags_dir), "/run/udev/static_node-tags/", *t, "/", NULL);
2331 r = mkdir_p(tags_dir, 0755);
2332 if (r < 0)
2333 return log_error_errno(r, "Failed to create %s: %m", tags_dir);
2334
2335 strscpyl(tag_symlink, sizeof(tag_symlink), tags_dir, unescaped_filename, NULL);
2336 r = symlink(device_node, tag_symlink);
2337 if (r < 0 && errno != EEXIST)
2338 return log_error_errno(errno, "Failed to create symlink %s -> %s: %m",
2339 tag_symlink, device_node);
2340 }
2341
2342 /* don't touch the permissions if only the tags were set */
2343 if (uid == UID_INVALID && gid == GID_INVALID && mode == MODE_INVALID)
2344 return 0;
2345
2346 if (mode == MODE_INVALID)
2347 mode = gid_is_valid(gid) ? 0660 : 0600;
2348 if (!uid_is_valid(uid))
2349 uid = 0;
2350 if (!gid_is_valid(gid))
2351 gid = 0;
2352
2353 r = chmod_and_chown(device_node, mode, uid, gid);
2354 if (r == -ENOENT)
2355 return 0;
2356 if (r < 0)
2357 return log_error_errno(r, "Failed to chown '%s' %u %u: %m", device_node, uid, gid);
2358 else
2359 log_debug("chown '%s' %u:%u with mode %#o", device_node, uid, gid, mode);
2360
2361 (void) utimensat(AT_FDCWD, device_node, NULL, 0);
2362 return 0;
2363 }
2364
2365 static int udev_rule_line_apply_static_dev_perms(UdevRuleLine *rule_line) {
2366 UdevRuleToken *token;
2367 _cleanup_strv_free_ char **tags = NULL;
2368 uid_t uid = UID_INVALID;
2369 gid_t gid = GID_INVALID;
2370 mode_t mode = MODE_INVALID;
2371 int r;
2372
2373 assert(rule_line);
2374
2375 if (!FLAGS_SET(rule_line->type, LINE_HAS_STATIC_NODE))
2376 return 0;
2377
2378 LIST_FOREACH(tokens, token, rule_line->tokens)
2379 if (token->type == TK_A_OWNER_ID)
2380 uid = PTR_TO_UID(token->data);
2381 else if (token->type == TK_A_GROUP_ID)
2382 gid = PTR_TO_GID(token->data);
2383 else if (token->type == TK_A_MODE_ID)
2384 mode = PTR_TO_MODE(token->data);
2385 else if (token->type == TK_A_TAG) {
2386 r = strv_extend(&tags, token->value);
2387 if (r < 0)
2388 return log_oom();
2389 } else if (token->type == TK_A_OPTIONS_STATIC_NODE) {
2390 r = apply_static_dev_perms(token->value, uid, gid, mode, tags);
2391 if (r < 0)
2392 return r;
2393 }
2394
2395 return 0;
2396 }
2397
2398 int udev_rules_apply_static_dev_perms(UdevRules *rules) {
2399 UdevRuleFile *file;
2400 UdevRuleLine *line;
2401 int r;
2402
2403 assert(rules);
2404
2405 LIST_FOREACH(rule_files, file, rules->rule_files)
2406 LIST_FOREACH(rule_lines, line, file->rule_lines) {
2407 r = udev_rule_line_apply_static_dev_perms(line);
2408 if (r < 0)
2409 return r;
2410 }
2411
2412 return 0;
2413 }
Unnamed repository; edit this file 'description' to name the repository.