alloc-util: add strdupa_safe() + strndupa_safe() and use it everywhere
Let's define two helpers strdupa_safe() + strndupa_safe() which do the
same as their non-safe counterparts, except that they abort if called
with allocations larger than ALLOCA_MAX.
This should ensure that all our alloca() based allocations are subject
to this limit.
afaics glibc offers three alloca() based APIs: alloca() itself,
strndupa() + strdupa(). With this we have now replacements for all of
them, that take the limit into account.
Boqun Feng [Wed, 13 Oct 2021 03:32:09 +0000 (11:32 +0800)]
virt: Support detection for ARM64 Hyper-V guests
The detection of Microsoft Hyper-V VMs is done by cpuid currently,
however there is no cpuid on ARM64. And since ARM64 is now a supported
architecture for Microsoft Hyper-V guests[1], then use DMI tables to
detect a Hyper-V guest, which is more generic and works for ARM64.
core: allow "off" as special watchdog time to be specified
Right now we already understand "default" as special string for enabling
the watchdog but not reconfiguring its timeout (it is internally mapped
to USEC_MAX). To be systematic this adds "off" as special string for
disabling the watchdog logic (it is internally mapped to 0, which is how
this behaviour was previously requested).
watchdog: handle timeout programming errors more safely
If an error happened while the timeout value was being programmed, the error
was ignored and the watchdog module used the new timeout value whereas the
watchdog device was left with the previous one.
Now in cases of error, the device is now disabled and closed if it wasn't
opened already otherwise the previous timeout value is kept so the device is
still pinged at correct intervals.
watchdog: passing 0 to watchdog_setup now closes the watchdog
Passing 0 meant "disable the watchdog although still kept it opened". However
this case didn't seem to be useful especially since PID1 closes the device if
it is passed the nul timeout.
Hence let's change the meaning of watchdog_setup(0) to match PID1's behavior
which allows to simplify the code a bit.
watchdog: pass USEC_INFINITY to watchdog_setup() to reuse the programmed timeout value
This patch changes the meaning of USEC_INFINITY value for the watchdog
module.
Previously passing this value was a NOP. It now has a special meaning: it
requests the watchdog module to read the programmed timeout value and reuse it
for pinging the device.
This is mostly useful when the watchdog is started by the firmware and there's
no way to reconfigure the timeout with a different value
afterwards. "RuntimeWatchdogSec=infinity" in system.conf can now be used rather
than putting an arbitrary value that PID1 will fail to set (even if it still
felt back to the programmed timeout).
Please note that "infinity" is not supposed to restore the default value of the
firmware. If the value is changed after booting then "infinity" would simply
reuse the current programmed value. IOW it's a NOP unless the watchdog was
previously closed and in that case it will be reopened and the last programmed
value reused.
Dan Streetman [Tue, 5 Oct 2021 12:49:21 +0000 (08:49 -0400)]
cgroup: check if any controller is in use as v1
Check if any cgroup controller is currently being used as v1, and if so don't
use cgroup unified mode. This is only checked when there is no cgroup already
mounted, and is most useful when running in a container where the host is using
a legacy or hybrid cgroup, since we can't (fully) use unified cgroup, as the
host kernel has the cgroup controllers in use by v1.
This shouldn't be needed if the container manager has pre-mounted cgroups
appropriately based on the host system cgroup setup, but we can't rely
on that always being the case.
coredumpctl: stop truncating information about coredump
With the changes to limit that print 'Found module …' over and over, we were
hitting the journal field message limit, effectively truncating the info output.
Yu Watanabe [Tue, 12 Oct 2021 11:46:18 +0000 (20:46 +0900)]
network: do not request RAPID_COMMIT option
The option must not be included in OPTION_REQUEST option.
See the "Client ORO" field in
https://www.iana.org/assignments/dhcpv6-parameters/dhcpv6-parameters.xhtml#dhcpv6-parameters-2
This deprecates RapidCommit= setting. Note that sd-dhcp6-client always
sets the RAPID_COMMIT option in the solicit message.
I read the message and initially thought that there's some bug in time
subtraction. Let's make it clear that the message is about what we'll
do in the future, and not a report on how we waited up until now.
alexlzhu [Wed, 18 Aug 2021 23:01:05 +0000 (16:01 -0700)]
core: remove refcount for bpf program
Currently ref count of bpf-program is kept in user space. However, the
kernel already implements its own ref count. Thus the ref count we keep for
bpf-program is redundant.
This PR removes ref count for bpf program as part of a task to simplify
bpf-program and remove redundancies, which will make the switch to
code-compiled BPF programs easier.
Frantisek Sumsal [Mon, 11 Oct 2021 19:12:42 +0000 (21:12 +0200)]
ci: use the system llvm-11 package on Focal
ATTOW llvm-11 got into focal-updates, which conflicts with llvm-11
provided by the apt.llvm.org repositories. Let's use the system
llvm package if available in such cases to avoid that.
network: radv: extends lifetime for DNS servers or domains propagated from uplink
Previously, the lifetime was 30 minutes. But it is not necessary to set
to such short time compared with prefix or route prefix lifetime.
Note that the propagated DNS servers and domains are all 'static',
that is, configured in a .network file, and not provided dynamically.
So, it should be safe to use longer lifetime.
homed: keep "pinning" fd open while home dir active
The pin fd keeps the mount busy, ensuring that unmount requests need to
go through us.
Note that this doesn't change too much IRL, since a logged in user
generally has processes keeping the home dir busy anyway. However, in
some corner cases it is safer to protect from accidental unmounts this
way. (e.g. if user manually called "homectl activate" first).
Bogdan Seniuc [Sat, 9 Oct 2021 12:00:36 +0000 (15:00 +0300)]
virt: Fix Xen PV detection when nested inside another hypervisor
Currently, when Xen PV domains are nested within a hypervisor which is
detected through CPUID (such as VMware), the detected hypervisor might
not be Xen, because we don't check for Xen until after the CPUID check.
This change moves the Xen check before CPUID checks to fix the issue,
and moves Dom0 checking to detect_vm_xen so that we keep ignoring Xen
when we are in Dom0.
Max Resch [Thu, 30 Sep 2021 16:43:52 +0000 (18:43 +0200)]
sd-stub: Provide initrd with LINUX_EFI_INITRD_MEDIA_GUID
Register a LINUX_EFI_INITRD_MEDIA_GUID DevicePath with a LoadFile2Protocol interface and serve the initrd to a supported Linux kernel (Version 5.8+)
Leave the x86 code for older kernels in place until supported kernels become more mainstream
recuse-dir: rework to use getdents64() instead of readdir()
Let's use the underlying Linux API directly, instead of
opendir()/readdir(). This makes it possible for us to do a single memory
allocation for all directory entries in common cases, instead of one for
each entry.
ethtool-util: let's use userspace types in userspace code
Using kernel types __u32 is fine for headers shared by the kernel, but
if we define something in userspace and only use it in userspace, in our
own .c files, let's stick to userspace fixed-length types.