diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/analyze/analyze-pcrs.c | 2 | ||||
-rw-r--r-- | src/basic/strbuf.c | 5 | ||||
-rw-r--r-- | src/core/service.c | 8 | ||||
-rw-r--r-- | src/fundamental/macro-fundamental.h | 5 | ||||
-rw-r--r-- | src/hostname/hostnamed.c | 11 | ||||
-rw-r--r-- | src/libsystemd-network/sd-dhcp-server.c | 2 | ||||
-rw-r--r-- | src/partition/repart.c | 9 | ||||
-rw-r--r-- | src/resolve/resolved-dns-server.c | 3 | ||||
-rw-r--r-- | src/shared/cryptsetup-util.c | 19 | ||||
-rw-r--r-- | src/shared/cryptsetup-util.h | 6 | ||||
-rw-r--r-- | src/shared/install.c | 14 | ||||
-rw-r--r-- | src/shared/logs-show.c | 6 | ||||
-rw-r--r-- | src/shared/tpm2-util.c | 2 | ||||
-rw-r--r-- | src/systemd/sd-messages.h | 3 | ||||
-rw-r--r-- | src/tmpfiles/tmpfiles.c | 23 | ||||
-rw-r--r-- | src/tpm2-setup/tpm2-setup.c | 13 |
16 files changed, 89 insertions, 42 deletions
diff --git a/src/analyze/analyze-pcrs.c b/src/analyze/analyze-pcrs.c index 43e415f..1c3da3f 100644 --- a/src/analyze/analyze-pcrs.c +++ b/src/analyze/analyze-pcrs.c @@ -11,7 +11,7 @@ static int get_pcr_alg(const char **ret) { assert(ret); - FOREACH_STRING(alg, "sha256", "sha1") { + FOREACH_STRING(alg, "sha256", "sha384", "sha1") { _cleanup_free_ char *p = NULL; if (asprintf(&p, "/sys/class/tpm/tpm0/pcr-%s/0", alg) < 0) diff --git a/src/basic/strbuf.c b/src/basic/strbuf.c index 0617acc..6d43955 100644 --- a/src/basic/strbuf.c +++ b/src/basic/strbuf.c @@ -107,7 +107,6 @@ static void bubbleinsert(struct strbuf_node *node, /* add string, return the index/offset into the buffer */ ssize_t strbuf_add_string(struct strbuf *str, const char *s, size_t len) { uint8_t c; - char *buf_new; struct strbuf_child_entry *child; struct strbuf_node *node; ssize_t off; @@ -147,10 +146,8 @@ ssize_t strbuf_add_string(struct strbuf *str, const char *s, size_t len) { } /* add new string */ - buf_new = realloc(str->buf, str->len + len+1); - if (!buf_new) + if (!GREEDY_REALLOC(str->buf, str->len + len + 1)) return -ENOMEM; - str->buf = buf_new; off = str->len; memcpy(str->buf + off, s, len); str->len += len; diff --git a/src/core/service.c b/src/core/service.c index 8ec27c4..6e81460 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -1351,7 +1351,7 @@ static int service_coldplug(Unit *u) { service_start_watchdog(s); if (UNIT_ISSET(s->accept_socket)) { - Socket* socket = SOCKET(UNIT_DEREF(s->accept_socket)); + Socket *socket = SOCKET(UNIT_DEREF(s->accept_socket)); if (socket->max_connections_per_source > 0) { SocketPeer *peer; @@ -3220,8 +3220,8 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value, } else if (streq(key, "accept-socket")) { Unit *socket; - if (u->type != UNIT_SOCKET) { - log_unit_debug(u, "Failed to deserialize accept-socket: unit is not a socket"); + if (unit_name_to_type(value) != UNIT_SOCKET) { + log_unit_debug(u, "Deserialized accept-socket is not a socket unit, ignoring: %s", value); return 0; } @@ -3230,7 +3230,7 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value, log_unit_debug_errno(u, r, "Failed to load accept-socket unit '%s': %m", value); else { unit_ref_set(&s->accept_socket, u, socket); - SOCKET(socket)->n_connections++; + ASSERT_PTR(SOCKET(socket))->n_connections++; } } else if (streq(key, "socket-fd")) { diff --git a/src/fundamental/macro-fundamental.h b/src/fundamental/macro-fundamental.h index 5ccbda5..8aca5f7 100644 --- a/src/fundamental/macro-fundamental.h +++ b/src/fundamental/macro-fundamental.h @@ -517,6 +517,10 @@ static inline uint64_t ALIGN_OFFSET_U64(uint64_t l, uint64_t ali) { } \ } +/* Restriction/bug (see above) was fixed in GCC 15 and clang 19.*/ +#if __GNUC__ >= 15 || (defined(__clang__) && __clang_major__ >= 19) +#define DECLARE_FLEX_ARRAY(type, name) type name[]; +#else /* Declare a flexible array usable in a union. * This is essentially a work-around for a pointless constraint in C99 * and might go away in some future version of the standard. @@ -528,6 +532,7 @@ static inline uint64_t ALIGN_OFFSET_U64(uint64_t l, uint64_t ali) { dummy_t __empty__ ## name; \ type name[]; \ } +#endif /* Declares an ELF read-only string section that does not occupy memory at runtime. */ #define DECLARE_NOALLOC_SECTION(name, text) \ diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c index 82d0880..fe1216f 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c @@ -1682,6 +1682,13 @@ static int connect_varlink(Context *c) { return 0; } +static bool context_check_idle(void *userdata) { + Context *c = ASSERT_PTR(userdata); + + return varlink_server_current_connections(c->varlink_server) == 0 && + hashmap_isempty(c->polkit_registry); +} + static int run(int argc, char *argv[]) { _cleanup_(context_destroy) Context context = { .hostname_source = _HOSTNAME_INVALID, /* appropriate value will be set later */ @@ -1731,8 +1738,8 @@ static int run(int argc, char *argv[]) { context.bus, "org.freedesktop.hostname1", DEFAULT_EXIT_USEC, - /* check_idle= */ NULL, - /* userdata= */ NULL); + context_check_idle, + &context); if (r < 0) return log_error_errno(r, "Failed to run event loop: %m"); diff --git a/src/libsystemd-network/sd-dhcp-server.c b/src/libsystemd-network/sd-dhcp-server.c index c3b0f82..4967f06 100644 --- a/src/libsystemd-network/sd-dhcp-server.c +++ b/src/libsystemd-network/sd-dhcp-server.c @@ -1252,7 +1252,7 @@ static int server_receive_message(sd_event_source *s, int fd, /* Preallocate the additional size for DHCP Relay Agent Information Option if needed */ buflen += relay_agent_information_length(server->agent_circuit_id, server->agent_remote_id) + 2; - message = malloc(buflen); + message = malloc0(buflen); if (!message) return -ENOMEM; diff --git a/src/partition/repart.c b/src/partition/repart.c index 6f67d46..8f64520 100644 --- a/src/partition/repart.c +++ b/src/partition/repart.c @@ -187,6 +187,7 @@ STATIC_DESTRUCTOR_REGISTER(arg_tpm2_hash_pcr_values, freep); STATIC_DESTRUCTOR_REGISTER(arg_tpm2_public_key, freep); STATIC_DESTRUCTOR_REGISTER(arg_tpm2_pcrlock, freep); STATIC_DESTRUCTOR_REGISTER(arg_filter_partitions, freep); +STATIC_DESTRUCTOR_REGISTER(arg_defer_partitions, freep); STATIC_DESTRUCTOR_REGISTER(arg_image_policy, image_policy_freep); STATIC_DESTRUCTOR_REGISTER(arg_copy_from, strv_freep); STATIC_DESTRUCTOR_REGISTER(arg_copy_source, freep); @@ -3913,7 +3914,7 @@ static int partition_target_sync(Context *context, Partition *p, PartitionTarget } static int partition_encrypt(Context *context, Partition *p, PartitionTarget *target, bool offline) { -#if HAVE_LIBCRYPTSETUP && HAVE_CRYPT_SET_DATA_OFFSET && HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE && HAVE_CRYPT_REENCRYPT +#if HAVE_LIBCRYPTSETUP && HAVE_CRYPT_SET_DATA_OFFSET && HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE && (HAVE_CRYPT_REENCRYPT_RUN || HAVE_CRYPT_REENCRYPT) const char *node = partition_target_path(target); struct crypt_params_luks2 luks_params = { .label = strempty(ASSERT_PTR(p)->new_label), @@ -4220,7 +4221,11 @@ static int partition_encrypt(Context *context, Partition *p, PartitionTarget *ta if (r < 0) return log_error_errno(r, "Failed to load reencryption context: %m"); +#if HAVE_CRYPT_REENCRYPT_RUN + r = sym_crypt_reencrypt_run(cd, NULL, NULL); +#else r = sym_crypt_reencrypt(cd, NULL); +#endif if (r < 0) return log_error_errno(r, "Failed to encrypt %s: %m", node); } else { @@ -4232,7 +4237,7 @@ static int partition_encrypt(Context *context, Partition *p, PartitionTarget *ta dm_name, NULL, VOLUME_KEY_SIZE, - arg_discard ? CRYPT_ACTIVATE_ALLOW_DISCARDS : 0); + (arg_discard ? CRYPT_ACTIVATE_ALLOW_DISCARDS : 0) | CRYPT_ACTIVATE_PRIVATE); if (r < 0) return log_error_errno(r, "Failed to activate LUKS superblock: %m"); diff --git a/src/resolve/resolved-dns-server.c b/src/resolve/resolved-dns-server.c index 340f11f..b37f541 100644 --- a/src/resolve/resolved-dns-server.c +++ b/src/resolve/resolved-dns-server.c @@ -706,9 +706,6 @@ bool dns_server_dnssec_supported(DnsServer *server) { if (dns_server_get_dnssec_mode(server) == DNSSEC_YES) /* If strict DNSSEC mode is enabled, always assume DNSSEC mode is supported. */ return true; - if (!DNS_SERVER_FEATURE_LEVEL_IS_DNSSEC(server->possible_feature_level)) - return false; - if (server->packet_bad_opt) return false; diff --git a/src/shared/cryptsetup-util.c b/src/shared/cryptsetup-util.c index 288e6e8..d0dd434 100644 --- a/src/shared/cryptsetup-util.c +++ b/src/shared/cryptsetup-util.c @@ -54,10 +54,10 @@ DLSYM_FUNCTION(crypt_volume_key_get); #if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE DLSYM_FUNCTION(crypt_reencrypt_init_by_passphrase); #endif -#if HAVE_CRYPT_REENCRYPT -DISABLE_WARNING_DEPRECATED_DECLARATIONS; +#if HAVE_CRYPT_REENCRYPT_RUN +DLSYM_FUNCTION(crypt_reencrypt_run); +#elif HAVE_CRYPT_REENCRYPT DLSYM_FUNCTION(crypt_reencrypt); -REENABLE_WARNING; #endif DLSYM_FUNCTION(crypt_metadata_locking); #if HAVE_CRYPT_SET_DATA_OFFSET @@ -246,11 +246,8 @@ int dlopen_cryptsetup(void) { /* libcryptsetup added crypt_reencrypt() in 2.2.0, and marked it obsolete in 2.4.0, replacing it with * crypt_reencrypt_run(), which takes one extra argument but is otherwise identical. The old call is - * still available though, and given we want to support 2.2.0 for a while longer, we'll stick to the - * old symbol. However, the old symbols now has a GCC deprecation decorator, hence let's turn off - * warnings about this for now. */ - - DISABLE_WARNING_DEPRECATED_DECLARATIONS; + * still available though, and given we want to support 2.2.0 for a while longer, we'll use the old + * symbol if the new one is not available. */ ELF_NOTE_DLOPEN("cryptsetup", "Support for disk encryption, integrity, and authentication", @@ -304,7 +301,9 @@ int dlopen_cryptsetup(void) { #if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE DLSYM_ARG(crypt_reencrypt_init_by_passphrase), #endif -#if HAVE_CRYPT_REENCRYPT +#if HAVE_CRYPT_REENCRYPT_RUN + DLSYM_ARG(crypt_reencrypt_run), +#elif HAVE_CRYPT_REENCRYPT DLSYM_ARG(crypt_reencrypt), #endif DLSYM_ARG(crypt_metadata_locking), @@ -316,8 +315,6 @@ int dlopen_cryptsetup(void) { if (r <= 0) return r; - REENABLE_WARNING; - /* Redirect the default logging calls of libcryptsetup to our own logging infra. (Note that * libcryptsetup also maintains per-"struct crypt_device" log functions, which we'll also set * whenever allocating a "struct crypt_device" context. Why set both? To be defensive: maybe some diff --git a/src/shared/cryptsetup-util.h b/src/shared/cryptsetup-util.h index f00ac36..d255e59 100644 --- a/src/shared/cryptsetup-util.h +++ b/src/shared/cryptsetup-util.h @@ -70,10 +70,10 @@ DLSYM_PROTOTYPE(crypt_volume_key_get); #if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE DLSYM_PROTOTYPE(crypt_reencrypt_init_by_passphrase); #endif -#if HAVE_CRYPT_REENCRYPT -DISABLE_WARNING_DEPRECATED_DECLARATIONS; +#if HAVE_CRYPT_REENCRYPT_RUN +DLSYM_PROTOTYPE(crypt_reencrypt_run); +#elif HAVE_CRYPT_REENCRYPT DLSYM_PROTOTYPE(crypt_reencrypt); -REENABLE_WARNING; #endif DLSYM_PROTOTYPE(crypt_metadata_locking); #if HAVE_CRYPT_SET_DATA_OFFSET diff --git a/src/shared/install.c b/src/shared/install.c index dd2bd5c..c94b456 100644 --- a/src/shared/install.c +++ b/src/shared/install.c @@ -2282,7 +2282,9 @@ static int install_context_mark_for_removal( else { log_debug_errno(r, "Unit %s not found, removing name.", i->name); r = install_changes_add(changes, n_changes, r, i->path ?: i->name, NULL); - if (r < 0) + /* In case there's no unit, we still want to remove any leftover symlink, even if + * the unit might have been removed already, hence treating ENOENT as non-fatal. */ + if (r != -ENOENT) return r; } } else if (r < 0) { @@ -2874,9 +2876,13 @@ static int do_unit_file_disable( r = install_info_add(&ctx, *name, NULL, lp->root_dir, /* auxiliary= */ false, &info); if (r >= 0) r = install_info_traverse(&ctx, lp, info, SEARCH_LOAD|SEARCH_FOLLOW_CONFIG_SYMLINKS, NULL); - - if (r < 0) - return install_changes_add(changes, n_changes, r, *name, NULL); + if (r < 0) { + r = install_changes_add(changes, n_changes, r, *name, NULL); + /* In case there's no unit, we still want to remove any leftover symlink, even if + * the unit might have been removed already, hence treating ENOENT as non-fatal. */ + if (r != -ENOENT) + return r; + } /* If we enable multiple units, some with install info and others without, * the "empty [Install] section" warning is not shown. Let's make the behavior diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c index c71c868..153a411 100644 --- a/src/shared/logs-show.c +++ b/src/shared/logs-show.c @@ -450,6 +450,9 @@ static void parse_display_realtime( assert(j); assert(ret); + // FIXME: _SOURCE_MONOTONIC_TIMESTAMP is in CLOCK_BOOTTIME, hence we cannot use it for adjusting realtime. + source_monotonic = NULL; + /* First, try _SOURCE_REALTIME_TIMESTAMP. */ if (source_realtime && safe_atou64(source_realtime, &t) >= 0 && VALID_REALTIME(t)) { *ret = t; @@ -488,6 +491,9 @@ static void parse_display_timestamp( assert(ret_display_ts); assert(ret_boot_id); + // FIXME: _SOURCE_MONOTONIC_TIMESTAMP is in CLOCK_BOOTTIME, hence we cannot use it for adjusting realtime. + source_monotonic = NULL; + if (source_realtime && safe_atou64(source_realtime, &t) >= 0 && VALID_REALTIME(t)) source_ts.realtime = t; diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c index 87ce53c..9603f18 100644 --- a/src/shared/tpm2-util.c +++ b/src/shared/tpm2-util.c @@ -2119,6 +2119,8 @@ int tpm2_create_primary( /* creationData= */ NULL, /* creationHash= */ NULL, /* creationTicket= */ NULL); + if (rc == TPM2_RC_BAD_AUTH) + return log_debug_errno(SYNTHETIC_ERRNO(EDEADLK), "Authorization failure while attempting to enroll SRK into TPM."); if (rc != TSS2_RC_SUCCESS) return log_debug_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE), "Failed to generate primary key in TPM: %s", diff --git a/src/systemd/sd-messages.h b/src/systemd/sd-messages.h index e3f6806..16e9986 100644 --- a/src/systemd/sd-messages.h +++ b/src/systemd/sd-messages.h @@ -272,6 +272,9 @@ _SD_BEGIN_DECLARATIONS; #define SD_MESSAGE_PORTABLE_DETACHED SD_ID128_MAKE(76,c5,c7,54,d6,28,49,0d,8e,cb,a4,c9,d0,42,11,2b) #define SD_MESSAGE_PORTABLE_DETACHED_STR SD_ID128_MAKE_STR(76,c5,c7,54,d6,28,49,0d,8e,cb,a4,c9,d0,42,11,2b) +#define SD_MESSAGE_SRK_ENROLLMENT_NEEDS_AUTHORIZATION SD_ID128_MAKE(ad,70,89,f9,28,ac,4f,7e,a0,0c,07,45,7d,47,ba,8a) +#define SD_MESSAGE_SRK_ENROLLMENT_NEEDS_AUTHORIZATION_STR SD_ID128_MAKE_STR(ad,70,89,f9,28,ac,4f,7e,a0,0c,07,45,7d,47,ba,8a) + _SD_END_DECLARATIONS; #endif diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c index 807925f..8cc8c1c 100644 --- a/src/tmpfiles/tmpfiles.c +++ b/src/tmpfiles/tmpfiles.c @@ -3024,10 +3024,16 @@ static int remove_recursive( return r; if (remove_instance) { - log_debug("Removing directory \"%s\".", instance); - r = RET_NERRNO(rmdir(instance)); - if (r < 0 && !IN_SET(r, -ENOENT, -ENOTEMPTY)) - return log_error_errno(r, "Failed to remove %s: %m", instance); + log_action("Would remove", "Removing", "%s directory \"%s\".", instance); + if (!arg_dry_run) { + r = RET_NERRNO(rmdir(instance)); + if (r < 0) { + bool fatal = !IN_SET(r, -ENOENT, -ENOTEMPTY); + log_full_errno(fatal ? LOG_ERR : LOG_DEBUG, r, "Failed to remove %s: %m", instance); + if (fatal) + return r; + } + } } return 0; } @@ -4142,7 +4148,9 @@ static int help(void) { "\n%3$sCommands:%4$s\n" " --create Create files and directories\n" " --clean Clean up files and directories\n" - " --remove Remove files and directories\n" + " --remove Remove files and directories marked for removal\n" + " --purge Delete files and directories marked for creation in\n" + " specified configuration files (careful!)\n" " -h --help Show this help\n" " --version Show package version\n" "\n%3$sOptions:%4$s\n" @@ -4151,7 +4159,6 @@ static int help(void) { " --tldr Show non-comment parts of configuration\n" " --boot Execute actions only safe at boot\n" " --graceful Quietly ignore unknown users or groups\n" - " --purge Delete all files owned by the configuration files\n" " --prefix=PATH Only apply rules with the specified prefix\n" " --exclude-prefix=PATH Ignore rules with the specified prefix\n" " -E Ignore rules prefixed with /dev, /proc, /run, /sys\n" @@ -4338,6 +4345,10 @@ static int parse_argv(int argc, char *argv[]) { return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "You need to specify at least one of --clean, --create, --remove, or --purge."); + if (FLAGS_SET(arg_operation, OPERATION_PURGE) && optind >= argc) + return log_error_errno(SYNTHETIC_ERRNO(EINVAL), + "Refusing --purge without specification of a configuration file."); + if (arg_replace && arg_cat_flags != CAT_CONFIG_OFF) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Option --replace= is not supported with --cat-config/--tldr."); diff --git a/src/tpm2-setup/tpm2-setup.c b/src/tpm2-setup/tpm2-setup.c index 35628fc..b95c5e7 100644 --- a/src/tpm2-setup/tpm2-setup.c +++ b/src/tpm2-setup/tpm2-setup.c @@ -3,6 +3,8 @@ #include <getopt.h> #include <unistd.h> +#include "sd-messages.h" + #include "build.h" #include "fd-util.h" #include "fileio.h" @@ -223,6 +225,8 @@ static int load_public_key_tpm2(struct public_key_data *ret) { /* ret_name= */ NULL, /* ret_qname= */ NULL, NULL); + if (r == -EDEADLK) + return r; if (r < 0) return log_error_errno(r, "Failed to get or create SRK: %m"); if (r > 0) @@ -289,6 +293,13 @@ static int run(int argc, char *argv[]) { } r = load_public_key_tpm2(&tpm2_key); + if (r == -EDEADLK) { + log_struct_errno(LOG_INFO, r, + LOG_MESSAGE("Insufficient permissions to access TPM, not generating SRK."), + "MESSAGE_ID=" SD_MESSAGE_SRK_ENROLLMENT_NEEDS_AUTHORIZATION_STR); + return 76; /* Special return value which means "Insufficient permissions to access TPM, + * cannot generate SRK". This isn't really an error when called at boot. */; + } if (r < 0) return r; @@ -383,4 +394,4 @@ static int run(int argc, char *argv[]) { return 0; } -DEFINE_MAIN_FUNCTION(run); +DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE(run); |