From: Yu Watanabe Date: Thu, 20 Nov 2025 00:39:32 +0000 (+0900) Subject: socket-label: move prototype of socket_address_listen() and string table for SocketAd... X-Git-Tag: v259-rc2~70^2~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=cb4b36928a3bae9abe614260f1bd1ef7ab7ff30d;p=thirdparty%2Fsystemd.git socket-label: move prototype of socket_address_listen() and string table for SocketAddressBindIPv6Only The function socket_address_listen() is declared at shared/socket-label.c, however its prototype was in basic/socket-util.h. This moves the prototype to shared/socket-label.h. Also, enum SocketAddressBindIPv6Only is not used anymore in basic/*.[ch]. Let's move the definition and its string table to shared/socket-label.[ch]. Follow-up for b25a930f0e2ebe77bc8b0f0acfac8a3b27ef1f0a. --- diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c index 568072a492f..c98cd35d542 100644 --- a/src/basic/socket-util.c +++ b/src/basic/socket-util.c @@ -669,26 +669,6 @@ static const char* const netlink_family_table[] = { DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(netlink_family, int, INT_MAX); -static const char* const socket_address_bind_ipv6_only_table[_SOCKET_ADDRESS_BIND_IPV6_ONLY_MAX] = { - [SOCKET_ADDRESS_DEFAULT] = "default", - [SOCKET_ADDRESS_BOTH] = "both", - [SOCKET_ADDRESS_IPV6_ONLY] = "ipv6-only" -}; - -DEFINE_STRING_TABLE_LOOKUP(socket_address_bind_ipv6_only, SocketAddressBindIPv6Only); - -SocketAddressBindIPv6Only socket_address_bind_ipv6_only_or_bool_from_string(const char *n) { - int r; - - r = parse_boolean(n); - if (r > 0) - return SOCKET_ADDRESS_IPV6_ONLY; - if (r == 0) - return SOCKET_ADDRESS_BOTH; - - return socket_address_bind_ipv6_only_from_string(n); -} - bool sockaddr_equal(const union sockaddr_union *a, const union sockaddr_union *b) { assert(a); assert(b); diff --git a/src/basic/socket-util.h b/src/basic/socket-util.h index 6e937ffee9d..b8cb834131e 100644 --- a/src/basic/socket-util.h +++ b/src/basic/socket-util.h @@ -53,14 +53,6 @@ typedef struct SocketAddress { int protocol; } SocketAddress; -typedef enum SocketAddressBindIPv6Only { - SOCKET_ADDRESS_DEFAULT, - SOCKET_ADDRESS_BOTH, - SOCKET_ADDRESS_IPV6_ONLY, - _SOCKET_ADDRESS_BIND_IPV6_ONLY_MAX, - _SOCKET_ADDRESS_BIND_IPV6_ONLY_INVALID = -EINVAL, -} SocketAddressBindIPv6Only; - #define socket_address_family(a) ((a)->sockaddr.sa.sa_family) const char* socket_address_type_to_string(int t) _const_; @@ -74,19 +66,6 @@ static inline int socket_address_unlink(const SocketAddress *a) { bool socket_address_can_accept(const SocketAddress *a) _pure_; -int socket_address_listen( - const SocketAddress *a, - int flags, - int backlog, - SocketAddressBindIPv6Only only, - const char *bind_to_device, - bool reuse_port, - bool free_bind, - bool transparent, - mode_t directory_mode, - mode_t socket_mode, - const char *label); - int socket_address_verify(const SocketAddress *a, bool strict) _pure_; int socket_address_print(const SocketAddress *a, char **p); bool socket_address_matches_fd(const SocketAddress *a, int fd); @@ -108,10 +87,6 @@ int getsockname_pretty(int fd, char **ret); int socknameinfo_pretty(const struct sockaddr *sa, socklen_t salen, char **_ret); -const char* socket_address_bind_ipv6_only_to_string(SocketAddressBindIPv6Only b) _const_; -SocketAddressBindIPv6Only socket_address_bind_ipv6_only_from_string(const char *s) _pure_; -SocketAddressBindIPv6Only socket_address_bind_ipv6_only_or_bool_from_string(const char *s); - int netlink_family_to_string_alloc(int b, char **s); int netlink_family_from_string(const char *s) _pure_; diff --git a/src/core/socket.h b/src/core/socket.h index cec10dece94..74356e2325e 100644 --- a/src/core/socket.h +++ b/src/core/socket.h @@ -6,6 +6,7 @@ #include "execute.h" #include "list.h" #include "pidref.h" +#include "socket-label.h" #include "socket-util.h" #include "unit.h" diff --git a/src/shared/socket-label.c b/src/shared/socket-label.c index 0e41f2674e1..ad64f4f63d2 100644 --- a/src/shared/socket-label.c +++ b/src/shared/socket-label.c @@ -8,10 +8,33 @@ #include "fs-util.h" #include "log.h" #include "mkdir-label.h" +#include "parse-util.h" #include "selinux-util.h" +#include "socket-label.h" #include "socket-util.h" +#include "string-table.h" #include "umask-util.h" +static const char* const socket_address_bind_ipv6_only_table[_SOCKET_ADDRESS_BIND_IPV6_ONLY_MAX] = { + [SOCKET_ADDRESS_DEFAULT] = "default", + [SOCKET_ADDRESS_BOTH] = "both", + [SOCKET_ADDRESS_IPV6_ONLY] = "ipv6-only" +}; + +DEFINE_STRING_TABLE_LOOKUP(socket_address_bind_ipv6_only, SocketAddressBindIPv6Only); + +SocketAddressBindIPv6Only socket_address_bind_ipv6_only_or_bool_from_string(const char *n) { + int r; + + r = parse_boolean(n); + if (r > 0) + return SOCKET_ADDRESS_IPV6_ONLY; + if (r == 0) + return SOCKET_ADDRESS_BOTH; + + return socket_address_bind_ipv6_only_from_string(n); +} + int socket_address_listen( const SocketAddress *a, int flags, @@ -23,7 +46,7 @@ int socket_address_listen( bool transparent, mode_t directory_mode, mode_t socket_mode, - const char *label) { + const char *selinux_label) { _cleanup_close_ int fd = -EBADF; const char *p; @@ -38,15 +61,15 @@ int socket_address_listen( if (socket_address_family(a) == AF_INET6 && !socket_ipv6_is_supported()) return -EAFNOSUPPORT; - if (label) { - r = mac_selinux_create_socket_prepare(label); + if (selinux_label) { + r = mac_selinux_create_socket_prepare(selinux_label); if (r < 0) return r; } fd = RET_NERRNO(socket(socket_address_family(a), a->type | flags, a->protocol)); - if (label) + if (selinux_label) mac_selinux_create_socket_clear(); if (fd < 0) diff --git a/src/shared/socket-label.h b/src/shared/socket-label.h new file mode 100644 index 00000000000..8d882cb4e28 --- /dev/null +++ b/src/shared/socket-label.h @@ -0,0 +1,29 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include "shared-forward.h" + +typedef enum SocketAddressBindIPv6Only { + SOCKET_ADDRESS_DEFAULT, + SOCKET_ADDRESS_BOTH, + SOCKET_ADDRESS_IPV6_ONLY, + _SOCKET_ADDRESS_BIND_IPV6_ONLY_MAX, + _SOCKET_ADDRESS_BIND_IPV6_ONLY_INVALID = -EINVAL, +} SocketAddressBindIPv6Only; + +const char* socket_address_bind_ipv6_only_to_string(SocketAddressBindIPv6Only b) _const_; +SocketAddressBindIPv6Only socket_address_bind_ipv6_only_from_string(const char *s) _pure_; +SocketAddressBindIPv6Only socket_address_bind_ipv6_only_or_bool_from_string(const char *s); + +int socket_address_listen( + const SocketAddress *a, + int flags, + int backlog, + SocketAddressBindIPv6Only only, + const char *bind_to_device, + bool reuse_port, + bool free_bind, + bool transparent, + mode_t directory_mode, + mode_t socket_mode, + const char *selinux_label); diff --git a/src/shared/socket-netlink.c b/src/shared/socket-netlink.c index 771bf2f799e..060388685f6 100644 --- a/src/shared/socket-netlink.c +++ b/src/shared/socket-netlink.c @@ -15,6 +15,7 @@ #include "netlink-sock-diag.h" #include "netlink-util.h" #include "parse-util.h" +#include "socket-label.h" #include "socket-netlink.h" #include "socket-util.h" #include "string-util.h" diff --git a/src/test/test-tables.c b/src/test/test-tables.c index 41b6cd61364..95ceb0e5ae2 100644 --- a/src/test/test-tables.c +++ b/src/test/test-tables.c @@ -29,6 +29,7 @@ #include "service.h" #include "show-status.h" #include "socket.h" +#include "socket-label.h" #include "socket-util.h" #include "swap.h" #include "test-tables.h"