core: adding cgroup/invocationid lookups to io.systemd.Unit.List (#38032)

If one of PID, UID, GID, or SIGNAL is missing, then parse_uid() and
friends in the below will trigger assertion. This fixes that.

Also, only PID, UID, GID, SIGNAL, and COMM are mandatory fields, but
others are not, hence this drops others from the condition.

Moreover, this mekes 'coredumpctl --list' not fail even if there exists a
broken coredump entry in journal.

.gitignore

@@ -33,3 +33,4 @@ __pycache__/
 .dir-locals-2.el
 .vscode/
 /pkg/
+.aider*

docs/ENVIRONMENT.md

@@ -783,15 +783,14 @@ Tools using the Varlink protocol (such as `varlinkctl`) or sd-bus (such as
 
 `systemd-run`, `run0`, `systemd-nspawn`, `systemd-vmspawn`:
 
-* `$SYSTEMD_TINT_BACKGROUND` – Takes a boolean. When false the automatic
-  tinting of the background for containers, VMs, and interactive `systemd-run`
-  and `run0` invocations is turned off. Note that this environment variable has
-  no effect if the background color is explicitly selected via the relevant
-  `--background=` switch of the tool.
+* `$SYSTEMD_TINT_BACKGROUND` – Takes a boolean. When false the automatic and
+  explicit tinting of the background (via `--background=`) for containers, VMs,
+  `systemd-pty-forward` and interactive  `systemd-run` and `run0` invocations is
+  turned off.
 
 * `$SYSTEMD_ADJUST_TERMINAL_TITLE` – Takes a boolean. When false the terminal
-  window title will not be updated for interactive invocation of the mentioned
-  tools.
+  window title will not be updated for interactive invocation of the tools
+  mentioned above.
 
 `systemd-hostnamed`, `systemd-importd`, `systemd-localed`, `systemd-machined`,
 `systemd-portabled`, `systemd-timedated`:

src/basic/iovec-wrapper.c

@@ -1,5 +1,7 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
+#include <stdio.h>
+
 #include "alloc-util.h"
 #include "iovec-util.h"
 #include "iovec-wrapper.h"
@@ -59,7 +61,7 @@ int iovw_put(struct iovec_wrapper *iovw, void *data, size_t len) {
         return 0;
 }
 
-int iovw_put_string_field(struct iovec_wrapper *iovw, const char *field, const char *value) {
+int iovw_put_string_field_full(struct iovec_wrapper *iovw, bool replace, const char *field, const char *value) {
         _cleanup_free_ char *x = NULL;
         int r;
 
@@ -69,6 +71,14 @@ int iovw_put_string_field(struct iovec_wrapper *iovw, const char *field, const c
         if (!x)
                 return -ENOMEM;
 
+        if (replace)
+                FOREACH_ARRAY(iovec, iovw->iovec, iovw->count)
+                        if (memory_startswith(iovec->iov_base, iovec->iov_len, field)) {
+                                iovec->iov_len = strlen(x);
+                                free_and_replace(iovec->iov_base, x);
+                                return 0;
+                        }
+
         r = iovw_put(iovw, x, strlen(x));
         if (r >= 0)
                 TAKE_PTR(x);
@@ -76,6 +86,22 @@ int iovw_put_string_field(struct iovec_wrapper *iovw, const char *field, const c
         return r;
 }
 
+int iovw_put_string_fieldf_full(struct iovec_wrapper *iovw, bool replace, const char *field, const char *format, ...) {
+        _cleanup_free_ char *value = NULL;
+        va_list ap;
+        int r;
+
+        assert(format);
+
+        va_start(ap, format);
+        r = vasprintf(&value, format, ap);
+        va_end(ap);
+        if (r < 0)
+                return -ENOMEM;
+
+        return iovw_put_string_field_full(iovw, replace, field, value);
+}
+
 int iovw_put_string_field_free(struct iovec_wrapper *iovw, const char *field, char *value) {
         _cleanup_free_ _unused_ char *free_ptr = value;
 

src/basic/iovec-wrapper.h

@@ -33,7 +33,16 @@ static inline bool iovw_isempty(const struct iovec_wrapper *iovw) {
         return !iovw || iovw->count == 0;
 }
 
-int iovw_put_string_field(struct iovec_wrapper *iovw, const char *field, const char *value);
+int iovw_put_string_field_full(struct iovec_wrapper *iovw, bool replace, const char *field, const char *value);
+static inline int iovw_put_string_field(struct iovec_wrapper *iovw, const char *field, const char *value) {
+        return iovw_put_string_field_full(iovw, false, field, value);
+}
+static inline int iovw_replace_string_field(struct iovec_wrapper *iovw, const char *field, const char *value) {
+        return iovw_put_string_field_full(iovw, true, field, value);
+}
+int iovw_put_string_fieldf_full(struct iovec_wrapper *iovw, bool replace, const char *field, const char *format, ...) _printf_(4, 5);
+#define iovw_put_string_fieldf(iovw, ...)     iovw_put_string_fieldf_full(iovw, false, __VA_ARGS__)
+#define iovw_replace_string_fieldf(iovw, ...) iovw_put_string_fieldf_full(iovw, true, __VA_ARGS__)
 int iovw_put_string_field_free(struct iovec_wrapper *iovw, const char *field, char *value);
 void iovw_rebase(struct iovec_wrapper *iovw, void *old, void *new);
 size_t iovw_size(const struct iovec_wrapper *iovw);

src/basic/pidfd-util.c

@@ -73,7 +73,7 @@ int pidfd_get_namespace(int fd, unsigned long ns_type_cmd) {
         return nsfd;
 }
 
-static int pidfd_get_info(int fd, struct pidfd_info *info) {
+int pidfd_get_info(int fd, struct pidfd_info *info) {
         static bool cached_supported = true;
 
         assert(fd >= 0);

src/basic/pidfd-util.h

@@ -7,6 +7,8 @@
 
 int pidfd_get_namespace(int fd, unsigned long ns_type_cmd);
 
+int pidfd_get_info(int fd, struct pidfd_info *info);
+
 int pidfd_get_pid(int fd, pid_t *ret);
 int pidfd_verify_pid(int pidfd, pid_t pid);
 

src/basic/pidref.h

@@ -55,6 +55,10 @@ static inline bool pidref_is_set(const PidRef *pidref) {
 
 bool pidref_is_automatic(const PidRef *pidref);
 
+static inline bool pidref_is_set_or_automatic(const PidRef *pidref) {
+        return pidref_is_set(pidref) || pidref_is_automatic(pidref);
+}
+
 static inline bool pidref_is_remote(const PidRef *pidref) {
         /* If the fd is set to -EREMOTE we assume PidRef does not refer to a local PID, but on another
          * machine (and we just got the PidRef initialized due to deserialization of some RPC message) */

src/core/varlink-unit.c

@@ -6,10 +6,13 @@
 #include "cgroup.h"
 #include "condition.h"
 #include "execute.h"
+#include "format-util.h"
 #include "install.h"
 #include "json-util.h"
 #include "manager.h"
+#include "path-util.h"
 #include "pidref.h"
+#include "selinux-access.h"
 #include "set.h"
 #include "strv.h"
 #include "unit.h"
@@ -328,6 +331,21 @@ static int list_unit_one(sd_varlink *link, Unit *unit, bool more) {
         return sd_varlink_reply(link, v);
 }
 
+static int list_unit_one_with_selinux_access_check(sd_varlink *link, Unit *unit, bool more) {
+        int r;
+
+        assert(link);
+        assert(unit);
+
+        r = mac_selinux_unit_access_check_varlink(unit, link, "status");
+        if (r < 0)
+                /* If mac_selinux_unit_access_check_varlink() returned a error,
+                 * it means that SELinux enforce is on. It also does all the logging(). */
+                return sd_varlink_error(link, SD_VARLINK_ERROR_PERMISSION_DENIED, NULL);
+
+        return list_unit_one(link, unit, more);
+}
+
 static int lookup_unit_by_pidref(sd_varlink *link, Manager *manager, PidRef *pidref, Unit **ret_unit) {
         _cleanup_(pidref_done) PidRef peer = PIDREF_NULL;
         Unit *unit;
@@ -355,8 +373,9 @@ static int lookup_unit_by_pidref(sd_varlink *link, Manager *manager, PidRef *pid
 }
 
 typedef struct UnitLookupParameters {
-        const char *name;
+        const char *name, *cgroup;
         PidRef pidref;
+        sd_id128_t invocation_id;
 } UnitLookupParameters;
 
 static void unit_lookup_parameters_done(UnitLookupParameters *p) {
@@ -364,10 +383,89 @@ static void unit_lookup_parameters_done(UnitLookupParameters *p) {
         pidref_done(&p->pidref);
 }
 
+static int varlink_error_no_such_unit(sd_varlink *v, const char *name) {
+        return sd_varlink_errorbo(
+                        ASSERT_PTR(v),
+                        VARLINK_ERROR_UNIT_NO_SUCH_UNIT,
+                        JSON_BUILD_PAIR_STRING_NON_EMPTY("parameter", name));
+}
+
+static int varlink_error_conflict_lookup_parameters(sd_varlink *v, const UnitLookupParameters *p) {
+        log_debug_errno(
+                        ESRCH,
+                        "Searching unit by lookup parameters name='%s' pid="PID_FMT" cgroup='%s' invocationID='%s' resulted in multiple different units",
+                        p->name,
+                        p->pidref.pid,
+                        p->cgroup,
+                        sd_id128_is_null(p->invocation_id) ? "" : SD_ID128_TO_UUID_STRING(p->invocation_id));
+
+        return varlink_error_no_such_unit(v, /* name= */ NULL);
+}
+
+static int lookup_unit_by_parameters(sd_varlink *link, Manager *manager, UnitLookupParameters *p, Unit **ret_unit) {
+        /* The function can return ret_unit=NULL if no lookup parameters provided */
+        Unit *unit = NULL;
+        int r;
+
+        assert(link);
+        assert(manager);
+        assert(p);
+        assert(ret_unit);
+
+        if (p->name) {
+                unit = manager_get_unit(manager, p->name);
+                if (!unit)
+                        return varlink_error_no_such_unit(link, "name");
+        }
+
+        if (pidref_is_set_or_automatic(&p->pidref)) {
+                Unit *pid_unit;
+                r = lookup_unit_by_pidref(link, manager, &p->pidref, &pid_unit);
+                if (r == -EINVAL)
+                        return sd_varlink_error_invalid_parameter_name(link, "pid");
+                if (r == -ESRCH)
+                        return varlink_error_no_such_unit(link, "pid");
+                if (r < 0)
+                        return r;
+                if (pid_unit != unit && unit != NULL)
+                        return varlink_error_conflict_lookup_parameters(link, p);
+
+                unit = pid_unit;
+        }
+
+        if (p->cgroup) {
+                if (!path_is_safe(p->cgroup))
+                        return sd_varlink_error_invalid_parameter_name(link, "cgroup");
+
+                Unit *cgroup_unit = manager_get_unit_by_cgroup(manager, p->cgroup);
+                if (!cgroup_unit)
+                        return varlink_error_no_such_unit(link, "cgroup");
+                if (cgroup_unit != unit && unit != NULL)
+                        return varlink_error_conflict_lookup_parameters(link, p);
+
+                unit = cgroup_unit;
+        }
+
+        if (!sd_id128_is_null(p->invocation_id)) {
+                Unit *id128_unit = hashmap_get(manager->units_by_invocation_id, &p->invocation_id);
+                if (!id128_unit)
+                        return varlink_error_no_such_unit(link, "invocationID");
+                if (id128_unit != unit && unit != NULL)
+                        return varlink_error_conflict_lookup_parameters(link, p);
+
+                unit = id128_unit;
+        }
+
+        *ret_unit = unit;
+        return 0;
+}
+
 int vl_method_list_units(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata) {
         static const sd_json_dispatch_field dispatch_table[] = {
-                { "name", SD_JSON_VARIANT_STRING,        json_dispatch_const_unit_name, offsetof(UnitLookupParameters, name),   0 /* allows UNIT_NAME_PLAIN | UNIT_NAME_INSTANCE */ },
-                { "pid",  _SD_JSON_VARIANT_TYPE_INVALID, json_dispatch_pidref,          offsetof(UnitLookupParameters, pidref), SD_JSON_RELAX /* allows PID_AUTOMATIC */            },
+                { "name",         SD_JSON_VARIANT_STRING,        json_dispatch_const_unit_name, offsetof(UnitLookupParameters, name),          0 /* allows UNIT_NAME_PLAIN | UNIT_NAME_INSTANCE */ },
+                { "pid",          _SD_JSON_VARIANT_TYPE_INVALID, json_dispatch_pidref,          offsetof(UnitLookupParameters, pidref),        SD_JSON_RELAX /* allows PID_AUTOMATIC */            },
+                { "cgroup",       SD_JSON_VARIANT_STRING,        json_dispatch_const_path,      offsetof(UnitLookupParameters, cgroup),        SD_JSON_STRICT /* require normalized path */        },
+                { "invocationID", SD_JSON_VARIANT_STRING,        sd_json_dispatch_id128,        offsetof(UnitLookupParameters, invocation_id), 0                                                   },
                 {}
         };
 
@@ -375,6 +473,8 @@ int vl_method_list_units(sd_varlink *link, sd_json_variant *parameters, sd_varli
          _cleanup_(unit_lookup_parameters_done) UnitLookupParameters p = {
                  .pidref = PIDREF_NULL,
         };
+        Unit *unit, *previous = NULL;
+        const char *k;
         int r;
 
         assert(link);
@@ -384,37 +484,18 @@ int vl_method_list_units(sd_varlink *link, sd_json_variant *parameters, sd_varli
         if (r != 0)
                 return r;
 
-        if (p.name) {
-                Unit *unit = manager_get_unit(manager, p.name);
-                if (!unit)
-                        return sd_varlink_error(link, VARLINK_ERROR_UNIT_NO_SUCH_UNIT, NULL);
-
-                return list_unit_one(link, unit, /* more = */ false);
-        }
-
-        if (pidref_is_set(&p.pidref) || pidref_is_automatic(&p.pidref)) {
-                Unit *unit;
-                r = lookup_unit_by_pidref(link, manager, &p.pidref, &unit);
-                if (r == -EINVAL)
-                        return sd_varlink_error_invalid_parameter_name(link, "pid");
-                if (r == -ESRCH)
-                        return sd_varlink_error(link, VARLINK_ERROR_UNIT_NO_SUCH_UNIT, NULL);
-                if (r < 0)
-                        return r;
-
-                return list_unit_one(link, unit, /* more = */ false);
-        }
-
-        // TODO lookup by invocationID, CGroup
+        r = lookup_unit_by_parameters(link, manager, &p, &unit);
+        if (r < 0)
+                return r;
+        if (unit)
+                return list_unit_one_with_selinux_access_check(link, unit, /* more = */ false);
 
         if (!FLAGS_SET(flags, SD_VARLINK_METHOD_MORE))
                 return sd_varlink_error(link, SD_VARLINK_ERROR_EXPECTED_MORE, NULL);
 
-        const char *k;
-        Unit *u, *previous = NULL;
-        HASHMAP_FOREACH_KEY(u, k, manager->units) {
+        HASHMAP_FOREACH_KEY(unit, k, manager->units) {
                 /* ignore aliases */
-                if (k != u->id)
+                if (k != unit->id)
                         continue;
 
                 if (previous) {
@@ -423,7 +504,7 @@ int vl_method_list_units(sd_varlink *link, sd_json_variant *parameters, sd_varli
                                 return r;
                 }
 
-                previous = u;
+                previous = unit;
         }
 
         if (previous)

src/coredump/coredumpctl.c

@@ -543,7 +543,7 @@ static int resolve_filename(const char *root, char **p) {
 static int print_list(FILE* file, sd_journal *j, Table *t) {
         _cleanup_free_ char
                 *mid = NULL, *pid = NULL, *uid = NULL, *gid = NULL,
-                *sgnl = NULL, *exe = NULL, *comm = NULL, *cmdline = NULL,
+                *sgnl = NULL, *exe = NULL, *comm = NULL,
                 *filename = NULL, *truncated = NULL, *coredump = NULL;
         const void *d;
         size_t l;
@@ -568,14 +568,16 @@ static int print_list(FILE* file, sd_journal *j, Table *t) {
                 RETRIEVE(d, l, "COREDUMP_SIGNAL", sgnl);
                 RETRIEVE(d, l, "COREDUMP_EXE", exe);
                 RETRIEVE(d, l, "COREDUMP_COMM", comm);
-                RETRIEVE(d, l, "COREDUMP_CMDLINE", cmdline);
                 RETRIEVE(d, l, "COREDUMP_FILENAME", filename);
                 RETRIEVE(d, l, "COREDUMP_TRUNCATED", truncated);
                 RETRIEVE(d, l, "COREDUMP", coredump);
         }
 
-        if (!pid && !uid && !gid && !sgnl && !exe && !comm && !cmdline && !filename)
-                return log_warning_errno(SYNTHETIC_ERRNO(EINVAL), "Empty coredump log entry");
+        if (!pid || !uid || !gid || !sgnl || !comm) {
+                log_warning("Found a coredump entry without mandatory fields (PID=%s, UID=%s, GID=%s, SIGNAL=%s, COMM=%s), ignoring.",
+                            strna(pid), strna(uid), strna(gid), strna(sgnl), strna(comm));
+                return 0;
+        }
 
         (void) parse_uid(uid, &uid_as_int);
         (void) parse_gid(gid, &gid_as_int);
@@ -614,7 +616,7 @@ static int print_list(FILE* file, sd_journal *j, Table *t) {
                         TABLE_SIGNAL, normal_coredump ? signal_as_int : 0,
                         TABLE_STRING, present,
                         TABLE_SET_COLOR, color,
-                        TABLE_STRING, exe ?: comm ?: cmdline,
+                        TABLE_STRING, exe ?: comm,
                         TABLE_SIZE, size);
         if (r < 0)
                 return table_log_add_error(r);

src/include/override/sys/pidfd.h

@@ -42,8 +42,56 @@ int missing_pidfd_send_signal(int fd, int sig, siginfo_t *info, unsigned flags);
 
 /* defined in linux/pidfd.h */
 #ifndef PIDFD_GET_INFO
+
+/* Flags for pidfd_info. */
+#define PIDFD_INFO_PID                  (1UL << 0) /* Always returned, even if not requested */
+#define PIDFD_INFO_CREDS                (1UL << 1) /* Always returned, even if not requested */
+#define PIDFD_INFO_CGROUPID             (1UL << 2) /* Always returned if available, even if not requested */
+#define PIDFD_INFO_EXIT                 (1UL << 3) /* Only returned if requested. */
+#define PIDFD_INFO_COREDUMP             (1UL << 4) /* Only returned if requested. */
+
+#define PIDFD_INFO_SIZE_VER0            64 /* sizeof first published struct */
+
+/*
+ * Values for @coredump_mask in pidfd_info.
+ * Only valid if PIDFD_INFO_COREDUMP is set in @mask.
+ *
+ * Note, the @PIDFD_COREDUMP_ROOT flag indicates that the generated
+ * coredump should be treated as sensitive and access should only be
+ * granted to privileged users.
+ */
+#define PIDFD_COREDUMPED        (1U << 0) /* Did crash and... */
+#define PIDFD_COREDUMP_SKIP     (1U << 1) /* coredumping generation was skipped. */
+#define PIDFD_COREDUMP_USER     (1U << 2) /* coredump was done as the user. */
+#define PIDFD_COREDUMP_ROOT     (1U << 3) /* coredump was done as root. */
+
 struct pidfd_info {
+        /*
+         * This mask is similar to the request_mask in statx(2).
+         *
+         * Userspace indicates what extensions or expensive-to-calculate fields
+         * they want by setting the corresponding bits in mask. The kernel
+         * will ignore bits that it does not know about.
+         *
+         * When filling the structure, the kernel will only set bits
+         * corresponding to the fields that were actually filled by the kernel.
+         * This also includes any future extensions that might be automatically
+         * filled. If the structure size is too small to contain a field
+         * (requested or not), to avoid confusion the mask will not
+         * contain a bit for that field.
+         *
+         * As such, userspace MUST verify that mask contains the
+         * corresponding flags after the ioctl(2) returns to ensure that it is
+         * using valid data.
+         */
         __u64 mask;
+        /*
+         * The information contained in the following fields might be stale at the
+         * time it is received, as the target process might have exited as soon as
+         * the IOCTL was processed, and there is no way to avoid that. However, it
+         * is guaranteed that if the call was successful, then the information was
+         * correct and referred to the intended process at the time the work was
+         * performed. */
         __u64 cgroupid;
         __u32 pid;
         __u32 tgid;
@@ -56,11 +104,10 @@ struct pidfd_info {
         __u32 sgid;
         __u32 fsuid;
         __u32 fsgid;
-        __u32 spare0[1];
+        __s32 exit_code;     /* since kernel v6.15 (7477d7dce48a996ae4e4f0b5f7bd82de7ec9131b) */
+        __u32 coredump_mask; /* since kernel v6.16 (1d8db6fd698de1f73b1a7d72aea578fdd18d9a87) */
+        __u32 __spare1;
 };
 
 #define PIDFD_GET_INFO          _IOWR(PIDFS_IOCTL_MAGIC, 11, struct pidfd_info)
-#define PIDFD_INFO_PID          (1UL << 0)
-#define PIDFD_INFO_CREDS        (1UL << 1)
-#define PIDFD_INFO_CGROUPID     (1UL << 2)
-#endif
+#endif /* PIDFD_GET_INFO */

src/include/uapi/linux/coredump.h

@@ -0,0 +1,104 @@
+/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
+
+#ifndef _LINUX_COREDUMP_H
+#define _LINUX_COREDUMP_H
+
+#include <linux/types.h>
+
+/**
+ * coredump_{req,ack} flags
+ * @COREDUMP_KERNEL: kernel writes coredump
+ * @COREDUMP_USERSPACE: userspace writes coredump
+ * @COREDUMP_REJECT: don't generate coredump
+ * @COREDUMP_WAIT: wait for coredump server
+ */
+enum {
+	COREDUMP_KERNEL		= (1ULL << 0),
+	COREDUMP_USERSPACE	= (1ULL << 1),
+	COREDUMP_REJECT		= (1ULL << 2),
+	COREDUMP_WAIT		= (1ULL << 3),
+};
+
+/**
+ * struct coredump_req - message kernel sends to userspace
+ * @size: size of struct coredump_req
+ * @size_ack: known size of struct coredump_ack on this kernel
+ * @mask: supported features
+ *
+ * When a coredump happens the kernel will connect to the coredump
+ * socket and send a coredump request to the coredump server. The @size
+ * member is set to the size of struct coredump_req and provides a hint
+ * to userspace how much data can be read. Userspace may use MSG_PEEK to
+ * peek the size of struct coredump_req and then choose to consume it in
+ * one go. Userspace may also simply read a COREDUMP_ACK_SIZE_VER0
+ * request. If the size the kernel sends is larger userspace simply
+ * discards any remaining data.
+ *
+ * The coredump_req->mask member is set to the currently know features.
+ * Userspace may only set coredump_ack->mask to the bits raised by the
+ * kernel in coredump_req->mask.
+ *
+ * The coredump_req->size_ack member is set by the kernel to the size of
+ * struct coredump_ack the kernel knows. Userspace may only send up to
+ * coredump_req->size_ack bytes to the kernel and must set
+ * coredump_ack->size accordingly.
+ */
+struct coredump_req {
+	__u32 size;
+	__u32 size_ack;
+	__u64 mask;
+};
+
+enum {
+	COREDUMP_REQ_SIZE_VER0 = 16U, /* size of first published struct */
+};
+
+/**
+ * struct coredump_ack - message userspace sends to kernel
+ * @size: size of the struct
+ * @spare: unused
+ * @mask: features kernel is supposed to use
+ *
+ * The @size member must be set to the size of struct coredump_ack. It
+ * may never exceed what the kernel returned in coredump_req->size_ack
+ * but it may of course be smaller (>= COREDUMP_ACK_SIZE_VER0 and <=
+ * coredump_req->size_ack).
+ *
+ * The @mask member must be set to the features the coredump server
+ * wants the kernel to use. Only bits the kernel returned in
+ * coredump_req->mask may be set.
+ */
+struct coredump_ack {
+	__u32 size;
+	__u32 spare;
+	__u64 mask;
+};
+
+enum {
+	COREDUMP_ACK_SIZE_VER0 = 16U, /* size of first published struct */
+};
+
+/**
+ * enum coredump_mark - Markers for the coredump socket
+ *
+ * The kernel will place a single byte on the coredump socket. The
+ * markers notify userspace whether the coredump ack succeeded or
+ * failed.
+ *
+ * @COREDUMP_MARK_MINSIZE: the provided coredump_ack size was too small
+ * @COREDUMP_MARK_MAXSIZE: the provided coredump_ack size was too big
+ * @COREDUMP_MARK_UNSUPPORTED: the provided coredump_ack mask was invalid
+ * @COREDUMP_MARK_CONFLICTING: the provided coredump_ack mask has conflicting options
+ * @COREDUMP_MARK_REQACK: the coredump request and ack was successful
+ * @__COREDUMP_MARK_MAX: the maximum coredump mark value
+ */
+enum coredump_mark {
+	COREDUMP_MARK_REQACK		= 0U,
+	COREDUMP_MARK_MINSIZE		= 1U,
+	COREDUMP_MARK_MAXSIZE		= 2U,
+	COREDUMP_MARK_UNSUPPORTED	= 3U,
+	COREDUMP_MARK_CONFLICTING	= 4U,
+	__COREDUMP_MARK_MAX		= (1U << 31),
+};
+
+#endif /* _LINUX_COREDUMP_H */

src/libsystemd-network/dns-resolver-internal.h

@@ -6,25 +6,6 @@
 #include "sd-forward.h"
 #include "socket-netlink.h"
 
-/* https://www.iana.org/assignments/dns-svcb/dns-svcb.xhtml#dns-svcparamkeys */
-enum {
-        DNS_SVC_PARAM_KEY_MANDATORY       = 0, /* RFC 9460 § 8 */
-        DNS_SVC_PARAM_KEY_ALPN            = 1, /* RFC 9460 § 7.1 */
-        DNS_SVC_PARAM_KEY_NO_DEFAULT_ALPN = 2, /* RFC 9460 § 7.1 */
-        DNS_SVC_PARAM_KEY_PORT            = 3, /* RFC 9460 § 7.2 */
-        DNS_SVC_PARAM_KEY_IPV4HINT        = 4, /* RFC 9460 § 7.3 */
-        DNS_SVC_PARAM_KEY_ECH             = 5, /* RFC 9460 */
-        DNS_SVC_PARAM_KEY_IPV6HINT        = 6, /* RFC 9460 § 7.3  */
-        DNS_SVC_PARAM_KEY_DOHPATH         = 7, /* RFC 9461 */
-        DNS_SVC_PARAM_KEY_OHTTP           = 8,
-        _DNS_SVC_PARAM_KEY_MAX_DEFINED,
-        DNS_SVC_PARAM_KEY_INVALID         = 65535 /* RFC 9460 */
-};
-
-const char* dns_svc_param_key_to_string(int i) _const_;
-const char* format_dns_svc_param_key(uint16_t i, char buf[static DECIMAL_STR_MAX(uint16_t)+3]);
-#define FORMAT_DNS_SVC_PARAM_KEY(i) format_dns_svc_param_key(i, (char [DECIMAL_STR_MAX(uint16_t)+3]) {})
-
 /* Represents a "designated resolver" */
 /* typedef struct sd_dns_resolver sd_dns_resolver; */
 typedef struct sd_dns_resolver {

src/libsystemd-network/ndisc-option.c

@@ -8,6 +8,7 @@
 #include "alloc-util.h"
 #include "dns-def.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
 #include "dns-resolver-internal.h"
 #include "ether-addr-util.h"
 #include "hash-funcs.h"

src/libsystemd-network/sd-dhcp-server.c

@@ -1072,7 +1072,8 @@ int dhcp_server_handle_message(sd_dhcp_server *server, DHCPMessage *message, siz
 
                 /* for now pick a random free address from the pool */
                 if (static_lease) {
-                        if (existing_lease != hashmap_get(server->bound_leases_by_address, UINT32_TO_PTR(static_lease->address)))
+                        sd_dhcp_server_lease *l = hashmap_get(server->bound_leases_by_address, UINT32_TO_PTR(static_lease->address));
+                        if (l && l != existing_lease)
                                 /* The address is already assigned to another host. Refusing. */
                                 return 0;
 
@@ -1186,7 +1187,8 @@ int dhcp_server_handle_message(sd_dhcp_server *server, DHCPMessage *message, siz
                                 /* The client requested an address which is different from the static lease. Refusing. */
                                 return server_send_nak_or_ignore(server, init_reboot, req);
 
-                        if (existing_lease != hashmap_get(server->bound_leases_by_address, UINT32_TO_PTR(address)))
+                        sd_dhcp_server_lease *l = hashmap_get(server->bound_leases_by_address, UINT32_TO_PTR(address));
+                        if (l && l != existing_lease)
                                 /* The requested address is already assigned to another host. Refusing. */
                                 return server_send_nak_or_ignore(server, init_reboot, req);
 

src/libsystemd-network/sd-dns-resolver.c

@@ -1,6 +1,7 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
 #include "alloc-util.h"
+#include "dns-packet.h"
 #include "dns-resolver-internal.h"
 #include "errno-util.h"
 #include "siphash24.h"
@@ -154,29 +155,6 @@ void siphash24_compress_resolver(const sd_dns_resolver *res, struct siphash *sta
                 siphash24_compress_typesafe(*addr, state);
 }
 
-static const char* const dns_svc_param_key_table[_DNS_SVC_PARAM_KEY_MAX_DEFINED] = {
-        [DNS_SVC_PARAM_KEY_MANDATORY]       = "mandatory",
-        [DNS_SVC_PARAM_KEY_ALPN]            = "alpn",
-        [DNS_SVC_PARAM_KEY_NO_DEFAULT_ALPN] = "no-default-alpn",
-        [DNS_SVC_PARAM_KEY_PORT]            = "port",
-        [DNS_SVC_PARAM_KEY_IPV4HINT]        = "ipv4hint",
-        [DNS_SVC_PARAM_KEY_ECH]             = "ech",
-        [DNS_SVC_PARAM_KEY_IPV6HINT]        = "ipv6hint",
-        [DNS_SVC_PARAM_KEY_DOHPATH]         = "dohpath",
-        [DNS_SVC_PARAM_KEY_OHTTP]           = "ohttp",
-};
-DEFINE_STRING_TABLE_LOOKUP_TO_STRING(dns_svc_param_key, int);
-
-const char* format_dns_svc_param_key(uint16_t i, char buf[static DECIMAL_STR_MAX(uint16_t)+3]) {
-        assert(buf);
-
-        const char *p = dns_svc_param_key_to_string(i);
-        if (p)
-                return p;
-
-        return snprintf_ok(buf, DECIMAL_STR_MAX(uint16_t)+3, "key%i", i);
-}
-
 int dns_resolver_transports_to_strv(sd_dns_alpn_flags transports, char ***ret) {
         _cleanup_strv_free_ char **ans = NULL;
 

src/libsystemd-network/test-dhcp-server.c

@@ -214,6 +214,45 @@ static void test_message_handler(void) {
         test.option_requested_ip.address = htobe32(INADDR_LOOPBACK + 30);
         ASSERT_OK_EQ(dhcp_server_handle_message(server, (DHCPMessage*)&test, sizeof(test), NULL), DHCP_ACK);
 
+        /* add the static lease for the client ID */
+        ASSERT_OK(sd_dhcp_server_stop(server));
+        ASSERT_OK(sd_dhcp_server_set_static_lease(server, &(struct in_addr){ .s_addr = htobe32(INADDR_LOOPBACK + 31) },
+                                                  (uint8_t[7]){ 0x01, 'A', 'B', 'C', 'D', 'E', 'F' }, 7));
+        ASSERT_OK(sd_dhcp_server_start(server));
+
+        /* discover */
+        test.option_type.type = DHCP_DISCOVER;
+        ASSERT_OK_EQ(dhcp_server_handle_message(server, (DHCPMessage*)&test, sizeof(test), NULL), DHCP_OFFER);
+
+        /* request neither bound nor static address */
+        test.option_type.type = DHCP_REQUEST;
+        test.option_requested_ip.address = htobe32(INADDR_LOOPBACK + 29);
+        ASSERT_OK_ZERO(dhcp_server_handle_message(server, (DHCPMessage*)&test, sizeof(test), NULL));
+
+        /* request the currently assigned address */
+        test.option_requested_ip.address = htobe32(INADDR_LOOPBACK + 30);
+        ASSERT_OK_ZERO(dhcp_server_handle_message(server, (DHCPMessage*)&test, sizeof(test), NULL));
+
+        /* request the new static address */
+        test.option_requested_ip.address = htobe32(INADDR_LOOPBACK + 31);
+        ASSERT_OK_EQ(dhcp_server_handle_message(server, (DHCPMessage*)&test, sizeof(test), NULL), DHCP_ACK);
+
+        /* release the bound static lease */
+        test.message.ciaddr = htobe32(INADDR_LOOPBACK + 31);
+        test.option_type.type = DHCP_RELEASE;
+        ASSERT_OK_ZERO(dhcp_server_handle_message(server, (DHCPMessage*)&test, sizeof(test), NULL));
+
+        /* drop the static lease for the client ID */
+        ASSERT_OK(sd_dhcp_server_stop(server));
+        ASSERT_OK(sd_dhcp_server_set_static_lease(server, NULL, (uint8_t[7]){ 0x01, 'A', 'B', 'C', 'D', 'E', 'F' }, 7));
+        ASSERT_OK(sd_dhcp_server_start(server));
+
+        /* request a new non-static address */
+        test.message.ciaddr = 0;
+        test.option_type.type = DHCP_REQUEST;
+        test.option_requested_ip.address = htobe32(INADDR_LOOPBACK + 29);
+        ASSERT_OK_EQ(dhcp_server_handle_message(server, (DHCPMessage*)&test, sizeof(test), NULL), DHCP_ACK);
+
         /* request address reserved for static lease (unmatching client ID) */
         test.option_client_id.id[6] = 'H';
         test.option_requested_ip.address = htobe32(INADDR_LOOPBACK + 42);

src/network/networkd-dhcp-server.c

@@ -8,6 +8,7 @@
 #include "conf-parser.h"
 #include "dhcp-protocol.h"
 #include "dhcp-server-lease-internal.h"
+#include "dns-domain.h"
 #include "errno-util.h"
 #include "extract-word.h"
 #include "fd-util.h"
@@ -32,30 +33,6 @@
 #include "string-util.h"
 #include "strv.h"
 
-static int get_hostname_domain(char **ret) {
-        _cleanup_free_ char *hostname = NULL;
-        const char *domain;
-        int r;
-
-        assert(ret);
-
-        /* Get the full hostname (FQDN if available) */
-        r = gethostname_full(GET_HOSTNAME_ALLOW_LOCALHOST | GET_HOSTNAME_FALLBACK_DEFAULT, &hostname);
-        if (r < 0)
-                return r;
-
-        /* Find the first dot to extract the domain part */
-        domain = strchr(hostname, '.');
-        if (!domain)
-                return -ENOENT;  /* No domain part in hostname */
-
-        domain++;  /* Skip the dot */
-        if (isempty(domain))
-                return -ENOENT;  /* Empty domain after dot */
-
-        return strdup_to(ret, domain);
-}
-
 static bool link_dhcp4_server_enabled(Link *link) {
         assert(link);
 
@@ -553,6 +530,36 @@ static int dhcp4_server_set_dns_from_resolve_conf(Link *link) {
         return sd_dhcp_server_set_dns(link->dhcp_server, addresses, n_addresses);
 }
 
+static int dhcp_server_set_domain(Link *link) {
+        int r;
+
+        assert(link);
+        assert(link->network);
+        assert(link->dhcp_server);
+
+        if (!link->network->dhcp_server_emit_domain)
+                return 0;
+
+        if (link->network->dhcp_server_domain)
+                return sd_dhcp_server_set_domain_name(link->dhcp_server, link->network->dhcp_server_domain);
+
+        /* When domain is not specified, use the domain part of the current hostname. */
+        _cleanup_free_ char *hostname = NULL;
+        r = gethostname_full(GET_HOSTNAME_ALLOW_LOCALHOST | GET_HOSTNAME_FALLBACK_DEFAULT, &hostname);
+        if (r < 0)
+                return r;
+
+        const char *domain = hostname;
+        r = dns_name_parent(&domain);
+        if (r < 0)
+                return r;
+
+        if (isempty(domain))
+                return -ENXIO;
+
+        return sd_dhcp_server_set_domain_name(link->dhcp_server, domain);
+}
+
 static int dhcp4_server_configure(Link *link) {
         bool acquired_uplink = false;
         sd_dhcp_option *p;
@@ -703,28 +710,11 @@ static int dhcp4_server_configure(Link *link) {
                 }
         }
 
-        if (link->network->dhcp_server_emit_domain) {
-                _cleanup_free_ char *buffer = NULL;
-                const char *domain = NULL;
-
-                if (link->network->dhcp_server_domain)
-                        domain = link->network->dhcp_server_domain;
-                else {
-                        r = get_hostname_domain(&buffer);
-                        if (r < 0)
-                                log_link_warning_errno(link, r, "Failed to determine domain name from host's hostname, will not send domain in DHCP leases: %m");
-                        else {
-                                domain = buffer;
-                                log_link_debug(link, "Using autodetected domain name '%s' for DHCP server.", domain);
-                        }
-                }
-
-                if (domain) {
-                        r = sd_dhcp_server_set_domain_name(link->dhcp_server, domain);
-                        if (r < 0)
-                                return log_link_error_errno(link, r, "Failed to set domain name for DHCP server: %m");
-                }
-        }
+        r = dhcp_server_set_domain(link);
+        if (r == -ENXIO)
+                log_link_warning_errno(link, r, "Cannot get domain from the current hostname, DHCP server will not emit domain option.");
+        else if (r < 0)
+                return log_link_error_errno(link, r, "Failed to set domain name for DHCP server: %m");
 
         ORDERED_HASHMAP_FOREACH(p, link->network->dhcp_server_send_options) {
                 r = sd_dhcp_server_add_option(link->dhcp_server, p);

src/nspawn/nspawn.c

@@ -5646,7 +5646,7 @@ static int run_container(
                                                 arg_console_width,
                                                 arg_console_height);
 
-                        if (!arg_background && shall_tint_background()) {
+                        if (!arg_background) {
                                 _cleanup_free_ char *bg = NULL;
 
                                 r = terminal_tint_color(220 /* blue */, &bg);

src/resolve/fuzz-dns-packet.c

@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
+#include "dns-packet.h"
 #include "fuzz.h"
-#include "resolved-dns-packet.h"
 
 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
         _cleanup_(dns_packet_unrefp) DnsPacket *p = NULL;

src/resolve/fuzz-resource-record.c

@@ -2,10 +2,10 @@
 
 #include "sd-json.h"
 
+#include "dns-packet.h"
+#include "dns-rr.h"
 #include "fuzz.h"
 #include "memstream-util.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-rr.h"
 #include "string-util.h"
 
 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {

src/resolve/meson.build

@@ -8,19 +8,14 @@ systemd_resolved_sources = files(
         'resolved.c',
 )
 systemd_resolved_extract_sources = files(
-        'dns-type.c',
         'resolved-bus.c',
         'resolved-conf.c',
-        'resolved-dns-answer.c',
         'resolved-dns-browse-services.c',
         'resolved-dns-cache.c',
         'resolved-dns-delegate.c',
         'resolved-dns-delegate-bus.c',
         'resolved-dns-dnssec.c',
-        'resolved-dns-packet.c',
         'resolved-dns-query.c',
-        'resolved-dns-question.c',
-        'resolved-dns-rr.c',
         'resolved-dns-scope.c',
         'resolved-dns-search-domain.c',
         'resolved-dns-server.c',
@@ -46,38 +41,6 @@ systemd_resolved_extract_sources = files(
 
 ############################################################
 
-dns_type_list_txt = custom_target(
-        input : ['generate-dns_type-list.sed', 'dns-type.h'],
-        output : 'dns_type-list.txt',
-        command : [sed, '-n', '-r', '-f', '@INPUT0@', '@INPUT1@'],
-        capture : true)
-
-gperf_file = custom_target(
-        input : dns_type_list_txt,
-        output : 'dns_type-from-name.gperf',
-        command : [files('generate-dns_type-gperf.py'),
-                   'dns_type',
-                   'DNS_TYPE_',
-                   '@INPUT@'],
-        capture : true)
-
-dns_type_from_name_inc = custom_target(
-        input : gperf_file,
-        output : 'dns_type-from-name.inc',
-        command : [gperf,
-                   '-L', 'ANSI-C', '-t', '--ignore-case',
-                   '-N', 'lookup_dns_type',
-                   '-H', 'hash_dns_type_name',
-                   '-p', '-C',
-                   '@INPUT@'],
-        capture : true)
-
-dns_type_to_name_inc = custom_target(
-        input : ['dns_type-to-name.awk', dns_type_list_txt],
-        output : 'dns_type-to-name.inc',
-        command : [awk, '-f', '@INPUT0@', '@INPUT1@'],
-        capture : true)
-
 resolved_gperf_c = custom_target(
         input : 'resolved-gperf.gperf',
         output : 'resolved-gperf.c',
@@ -93,8 +56,8 @@ resolved_dns_delegate_gperf_c = custom_target(
         output : 'resolved-dns-delegate-gperf.c',
         command : [gperf, '@INPUT@', '--output-file', '@OUTPUT@'])
 
-generated_sources += [dns_type_from_name_inc, dns_type_to_name_inc, resolved_gperf_c, resolved_dnssd_gperf_c, resolved_dns_delegate_gperf_c]
-systemd_resolved_extract_sources += [dns_type_from_name_inc, dns_type_to_name_inc, resolved_gperf_c, resolved_dnssd_gperf_c, resolved_dns_delegate_gperf_c]
+generated_sources += [resolved_gperf_c, resolved_dnssd_gperf_c, resolved_dns_delegate_gperf_c]
+systemd_resolved_extract_sources += [resolved_gperf_c, resolved_dnssd_gperf_c, resolved_dns_delegate_gperf_c]
 
 if conf.get('ENABLE_DNS_OVER_TLS') == 1
         systemd_resolved_extract_sources += files(

src/resolve/resolvectl.c

@@ -22,6 +22,8 @@
 #include "bus-message-util.h"
 #include "bus-util.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-rr.h"
 #include "errno-list.h"
 #include "errno-util.h"
 #include "escape.h"
@@ -42,8 +44,6 @@
 #include "resolve-util.h"
 #include "resolvectl.h"
 #include "resolved-def.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-rr.h"
 #include "resolved-util.h"
 #include "socket-netlink.h"
 #include "sort-util.h"

src/resolve/resolved-bus.c

@@ -11,20 +11,20 @@
 #include "bus-object.h"
 #include "bus-polkit.h"
 #include "bus-util.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "format-util.h"
 #include "path-util.h"
 #include "resolve-util.h"
 #include "resolved-bus.h"
 #include "resolved-def.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-delegate.h"
 #include "resolved-dns-delegate-bus.h"
+#include "resolved-dns-delegate.h"
 #include "resolved-dns-dnssec.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-query.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-search-domain.h"
 #include "resolved-dns-server.h"
@@ -32,10 +32,10 @@
 #include "resolved-dns-stub.h"
 #include "resolved-dns-synthesize.h"
 #include "resolved-dns-transaction.h"
-#include "resolved-dnssd.h"
 #include "resolved-dnssd-bus.h"
-#include "resolved-link.h"
+#include "resolved-dnssd.h"
 #include "resolved-link-bus.h"
+#include "resolved-link.h"
 #include "resolved-manager.h"
 #include "resolved-resolv-conf.h"
 #include "set.h"

src/resolve/resolved-dns-browse-services.c

@@ -2,15 +2,15 @@
 
 #include "af-list.h"
 #include "alloc-util.h"
-#include "event-util.h"
 #include "dns-domain.h"
+#include "dns-question.h"
+#include "dns-rr.h"
+#include "event-util.h"
 #include "log.h"
 #include "random-util.h"
 #include "resolved-dns-browse-services.h"
 #include "resolved-dns-cache.h"
-#include "resolved-dns-question.h"
 #include "resolved-dns-query.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-manager.h"
 #include "string-table.h"

src/resolve/resolved-dns-browse-services.h

@@ -2,9 +2,10 @@
 #pragma once
 
 #include "sd-varlink.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
+
+#include "dns-answer.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 
 typedef struct DnsServiceBrowser DnsServiceBrowser;
 typedef struct DnssdDiscoveredService DnssdDiscoveredService;

src/resolve/resolved-dns-cache.c

@@ -5,16 +5,16 @@
 #include "af-list.h"
 #include "alloc-util.h"
 #include "bitmap.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-rr.h"
 #include "format-ifname.h"
 #include "log.h"
 #include "prioq.h"
 #include "resolve-util.h"
-#include "resolved-dns-answer.h"
 #include "resolved-dns-cache.h"
 #include "resolved-dns-dnssec.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-rr.h"
 #include "string-util.h"
 #include "time-util.h"
 

src/resolve/resolved-dns-dnssec.c

@@ -2,16 +2,16 @@
 
 #include "alloc-util.h"
 #include "bitmap.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-rr.h"
 #include "dns-type.h"
 #include "hexdecoct.h"
 #include "log.h"
 #include "memory-util.h"
 #include "memstream-util.h"
 #include "openssl-util.h"
-#include "resolved-dns-answer.h"
 #include "resolved-dns-dnssec.h"
-#include "resolved-dns-rr.h"
 #include "sort-util.h"
 #include "string-table.h"
 #include "string-util.h"
@@ -45,32 +45,6 @@ REENABLE_WARNING;
  *            Normal RR → RRSIG/DNSKEY+ → DS → RRSIG/DNSKEY+ → DS → ... → DS → RRSIG/DNSKEY+ → DS
  */
 
-uint16_t dnssec_keytag(DnsResourceRecord *dnskey, bool mask_revoke) {
-        const uint8_t *p;
-        uint32_t sum, f;
-
-        /* The algorithm from RFC 4034, Appendix B. */
-
-        assert(dnskey);
-        assert(dnskey->key->type == DNS_TYPE_DNSKEY);
-
-        f = (uint32_t) dnskey->dnskey.flags;
-
-        if (mask_revoke)
-                f &= ~DNSKEY_FLAG_REVOKE;
-
-        sum = f + ((((uint32_t) dnskey->dnskey.protocol) << 8) + (uint32_t) dnskey->dnskey.algorithm);
-
-        p = dnskey->dnskey.key;
-
-        for (size_t i = 0; i < dnskey->dnskey.key_size; i++)
-                sum += (i & 1) == 0 ? (uint32_t) p[i] << 8 : (uint32_t) p[i];
-
-        sum += (sum >> 16) & UINT32_C(0xFFFF);
-
-        return sum & UINT32_C(0xFFFF);
-}
-
 #if HAVE_OPENSSL
 
 static int rr_compare(DnsResourceRecord * const *a, DnsResourceRecord * const *b) {

src/resolve/resolved-dns-dnssec.h

@@ -59,8 +59,6 @@ int dnssec_verify_dnskey_by_ds_search(DnsResourceRecord *dnskey, DnsAnswer *vali
 
 int dnssec_has_rrsig(DnsAnswer *a, const DnsResourceKey *key);
 
-uint16_t dnssec_keytag(DnsResourceRecord *dnskey, bool mask_revoke);
-
 int dnssec_nsec3_hash(DnsResourceRecord *nsec3, const char *name, void *ret);
 
 typedef enum DnssecNsecResult {

src/resolve/resolved-dns-query.c

@@ -4,16 +4,16 @@
 #include "sd-varlink.h"
 
 #include "alloc-util.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "dns-type.h"
 #include "event-util.h"
 #include "glyph-util.h"
 #include "log.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-query.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-search-domain.h"
 #include "resolved-dns-synthesize.h"

src/resolve/resolved-dns-query.h

@@ -1,10 +1,10 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 #pragma once
 
+#include "dns-packet.h"
 #include "in-addr-util.h"
 #include "list.h"
 #include "resolved-dns-browse-services.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-transaction.h"
 #include "resolved-forward.h"
 

src/resolve/resolved-dns-scope.c

@@ -7,20 +7,20 @@
 
 #include "af-list.h"
 #include "alloc-util.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "dns-type.h"
 #include "errno-util.h"
 #include "fd-util.h"
 #include "hostname-util.h"
 #include "log.h"
 #include "random-util.h"
-#include "resolved-dns-answer.h"
 #include "resolved-dns-browse-services.h"
 #include "resolved-dns-delegate.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-query.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-search-domain.h"
 #include "resolved-dns-server.h"

src/resolve/resolved-dns-scope.h

@@ -2,11 +2,11 @@
 #pragma once
 
 #include "dns-def.h"
+#include "dns-packet.h"
 #include "list.h"
 #include "ratelimit.h"
 #include "resolve-util.h"
 #include "resolved-dns-cache.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-zone.h"
 #include "resolved-forward.h"
 

src/resolve/resolved-dns-server.c

@@ -5,6 +5,7 @@
 
 #include "alloc-util.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
 #include "errno-util.h"
 #include "extract-word.h"
 #include "fd-util.h"
@@ -13,7 +14,6 @@
 #include "resolved-bus.h"
 #include "resolved-dns-cache.h"
 #include "resolved-dns-delegate.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-search-domain.h"
 #include "resolved-dns-server.h"

src/resolve/resolved-dns-stream.c

@@ -5,13 +5,13 @@
 #include "sd-event.h"
 
 #include "alloc-util.h"
+#include "dns-packet.h"
 #include "errno-util.h"
 #include "fd-util.h"
 #include "iovec-util.h"
 #include "log.h"
 #include "missing-network.h"
 #include "ordered-set.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-server.h"
 #include "resolved-dns-stream.h"
 #include "resolved-manager.h"

src/resolve/resolved-dns-stream.h

@@ -1,8 +1,8 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 #pragma once
 
+#include "dns-packet.h"
 #include "list.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dnstls.h"
 #include "resolved-forward.h"
 #include "socket-util.h"

src/resolve/resolved-dns-stub.c

@@ -7,17 +7,17 @@
 
 #include "alloc-util.h"
 #include "capability-util.h"
+#include "dns-answer.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "dns-type.h"
 #include "errno-util.h"
 #include "fd-util.h"
 #include "log.h"
 #include "missing-network.h"
 #include "resolve-util.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-query.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-stream.h"
 #include "resolved-dns-stub.h"
 #include "resolved-dns-transaction.h"

src/resolve/resolved-dns-synthesize.c

@@ -1,7 +1,11 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
 #include "alloc-util.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "dns-type.h"
 #include "env-util.h"
 #include "hostname-util.h"
@@ -9,10 +13,6 @@
 #include "log.h"
 #include "missing-network.h"
 #include "resolved-def.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-synthesize.h"
 #include "resolved-manager.h"
 #include "socket-util.h"

src/resolve/resolved-dns-transaction.c

@@ -5,19 +5,19 @@
 
 #include "af-list.h"
 #include "alloc-util.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "errno-list.h"
 #include "errno-util.h"
 #include "fd-util.h"
 #include "glyph-util.h"
 #include "log.h"
 #include "random-util.h"
-#include "resolved-dns-answer.h"
 #include "resolved-dns-cache.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-query.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-server.h"
 #include "resolved-dns-stream.h"

src/resolve/resolved-dns-trust-anchor.c

@@ -5,7 +5,9 @@
 #include "alloc-util.h"
 #include "conf-files.h"
 #include "constants.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-rr.h"
 #include "extract-word.h"
 #include "fd-util.h"
 #include "fileio.h"
@@ -13,9 +15,7 @@
 #include "log.h"
 #include "nulstr-util.h"
 #include "parse-util.h"
-#include "resolved-dns-answer.h"
 #include "resolved-dns-dnssec.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-trust-anchor.h"
 #include "set.h"
 #include "string-util.h"

src/resolve/resolved-dns-zone.c

@@ -3,12 +3,12 @@
 #include <stdio.h>
 
 #include "alloc-util.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-rr.h"
 #include "list.h"
 #include "log.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-transaction.h"
 #include "resolved-dns-zone.h"

src/resolve/resolved-dnssd.c

@@ -7,12 +7,12 @@
 #include "conf-parser.h"
 #include "constants.h"
 #include "dns-domain.h"
+#include "dns-rr.h"
 #include "extract-word.h"
 #include "hashmap.h"
 #include "hexdecoct.h"
 #include "path-util.h"
 #include "resolved-conf.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-zone.h"
 #include "resolved-dnssd.h"
 #include "resolved-manager.h"

src/resolve/resolved-etc-hosts.c

@@ -4,15 +4,15 @@
 #include "sd-event.h"
 
 #include "alloc-util.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "extract-word.h"
 #include "fd-util.h"
 #include "fileio.h"
 #include "hostname-util.h"
 #include "log.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-etc-hosts.h"
 #include "resolved-manager.h"
 #include "set.h"

src/resolve/resolved-link.c

@@ -8,6 +8,8 @@
 
 #include "alloc-util.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-rr.h"
 #include "env-file.h"
 #include "extract-word.h"
 #include "fd-util.h"
@@ -18,8 +20,6 @@
 #include "netif-util.h"
 #include "parse-util.h"
 #include "resolved-dns-browse-services.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-search-domain.h"
 #include "resolved-dns-server.h"

src/resolve/resolved-llmnr.c

@@ -5,11 +5,11 @@
 
 #include "sd-event.h"
 
+#include "dns-packet.h"
 #include "errno-util.h"
 #include "fd-util.h"
 #include "hashmap.h"
 #include "log.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-transaction.h"
 #include "resolved-link.h"

src/resolve/resolved-manager.c

@@ -14,7 +14,11 @@
 #include "alloc-util.h"
 #include "daemon-util.h"
 #include "dirent-util.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "errno-util.h"
 #include "event-util.h"
 #include "fd-util.h"
@@ -30,12 +34,8 @@
 #include "random-util.h"
 #include "resolved-bus.h"
 #include "resolved-conf.h"
-#include "resolved-dns-answer.h"
 #include "resolved-dns-delegate.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-query.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-search-domain.h"
 #include "resolved-dns-server.h"

src/resolve/resolved-mdns.c

@@ -5,13 +5,13 @@
 #include "sd-event.h"
 
 #include "alloc-util.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "fd-util.h"
 #include "log.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-transaction.h"
 #include "resolved-link.h"

src/resolve/resolved-varlink.c

@@ -4,19 +4,19 @@
 
 #include "alloc-util.h"
 #include "bus-polkit.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "dns-type.h"
 #include "errno-util.h"
 #include "in-addr-util.h"
 #include "iovec-util.h"
 #include "json-util.h"
-#include "resolved-dns-answer.h"
 #include "resolved-dns-browse-services.h"
 #include "resolved-dns-dnssec.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-query.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-search-domain.h"
 #include "resolved-dns-server.h"

src/resolve/test-dns-answer.c

@@ -1,9 +1,9 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
+#include "dns-answer.h"
+#include "dns-rr.h"
 #include "dns-type.h"
 #include "memstream-util.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-rr.h"
 #include "strv.h"
 #include "tests.h"
 

src/resolve/test-dns-cache.c

@@ -6,16 +6,16 @@
 
 #include "sd-json.h"
 
+#include "dns-answer.h"
+#include "dns-packet.h"
+#include "dns-rr.h"
 #include "dns-type.h"
 #include "fd-util.h"
 #include "fileio.h"
 #include "resolve-util.h"
 #include "resolved-def.h"
-#include "resolved-dns-answer.h"
 #include "resolved-dns-cache.h"
 #include "resolved-dns-dnssec.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-rr.h"
 #include "tests.h"
 #include "time-util.h"
 #include "tmpfile-util.h"

src/resolve/test-dns-packet-append.c

@@ -1,12 +1,12 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
+#include "dns-answer.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "dns-type.h"
 #include "list.h"
 #include "log.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "tests.h"
 
 #define BIT_QR (1 << 7)

src/resolve/test-dns-packet-extract.c

@@ -1,10 +1,10 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
+#include "dns-answer.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "dns-type.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "tests.h"
 
 #define BIT_QR (1 << 7)

src/resolve/test-dns-packet.c

@@ -3,11 +3,11 @@
 #include "sd-id128.h"
 
 #include "alloc-util.h"
+#include "dns-packet.h"
+#include "dns-rr.h"
 #include "fileio.h"
 #include "glob-util.h"
 #include "log.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-rr.h"
 #include "siphash24.h"
 #include "strv.h"
 #include "tests.h"

src/resolve/test-dns-query.c

@@ -2,11 +2,11 @@
 
 #include "sd-event.h"
 
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
+#include "dns-answer.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "resolved-dns-query.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-search-domain.h"
 #include "resolved-dns-server.h"

src/resolve/test-dns-question.c

@@ -1,10 +1,10 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "dns-type.h"
 #include "in-addr-util.h"
 #include "memstream-util.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "tests.h"
 
 /* ================================================================

src/resolve/test-dns-rr.c

@@ -2,9 +2,9 @@
 
 #include "sd-json.h"
 
+#include "dns-packet.h"
+#include "dns-rr.h"
 #include "dns-type.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-rr.h"
 #include "tests.h"
 
 /* ================================================================

src/resolve/test-dns-synthesize.c

@@ -1,9 +1,9 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
+#include "dns-answer.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "resolved-dns-synthesize.h"
 #include "resolved-manager.h"
 #include "tests.h"

src/resolve/test-dns-zone.c

@@ -1,9 +1,9 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
+#include "dns-answer.h"
+#include "dns-packet.h"
+#include "dns-rr.h"
 #include "dns-type.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-zone.h"
 #include "resolved-manager.h"

src/resolve/test-dnssec.c

@@ -5,10 +5,10 @@
 
 #include "alloc-util.h"
 #include "bitmap.h"
+#include "dns-answer.h"
+#include "dns-rr.h"
 #include "hexdecoct.h"
-#include "resolved-dns-answer.h"
 #include "resolved-dns-dnssec.h"
-#include "resolved-dns-rr.h"
 #include "string-util.h"
 #include "tests.h"
 #include "time-util.h"

src/resolve/test-resolve-tables.c

@@ -1,8 +1,8 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
+#include "dns-packet.h"
 #include "dns-type.h"
 #include "resolved-dns-dnssec.h"
-#include "resolved-dns-packet.h"
 #include "test-tables.h"
 #include "tests.h"
 

src/resolve/test-resolved-dummy-server.c

@@ -3,14 +3,14 @@
 #include "sd-daemon.h"
 #include "sd-event.h"
 
+#include "dns-packet.h"
+#include "dns-question.h"
 #include "dns-type.h"
 #include "errno-util.h"
 #include "fd-util.h"
 #include "iovec-util.h"
 #include "log.h"
 #include "main-func.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-question.h"
 #include "resolved-manager.h"
 #include "socket-netlink.h"
 #include "socket-util.h"

src/resolve/test-resolved-link.c

@@ -5,8 +5,8 @@
 #include "sd-event.h"
 #include "sd-netlink.h"
 
+#include "dns-packet.h"
 #include "netlink-internal.h"
-#include "resolved-dns-packet.h"
 #include "resolved-dns-scope.h"
 #include "resolved-dns-server.h"
 #include "resolved-link.h"

src/resolve/test-resolved-packet.c

@@ -2,11 +2,11 @@
 
 #include "sd-json.h"
 
+#include "dns-answer.h"
+#include "dns-packet.h"
+#include "dns-rr.h"
 #include "hexdecoct.h"
 #include "log.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-rr.h"
 #include "tests.h"
 
 TEST(dns_packet_new) {

src/resolve/test-resolved-stream.c

@@ -13,14 +13,14 @@
 
 #include "sd-event.h"
 
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "fd-util.h"
 #include "log.h"
 #include "path-util.h"
 #include "process-util.h"
 #include "random-util.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "resolved-dns-server.h"
 #include "resolved-dns-stream.h"
 #include "resolved-dnstls.h"

src/run/run.c

@@ -1161,7 +1161,7 @@ static int parse_argv_sudo_mode(int argc, char *argv[]) {
         if (strv_extend(&arg_property, "IgnoreSIGPIPE=no") < 0)
                 return log_oom();
 
-        if (!arg_background && arg_stdio == ARG_STDIO_PTY && shall_tint_background()) {
+        if (!arg_background && arg_stdio == ARG_STDIO_PTY) {
                 double hue;
 
                 if (privileged_execution())

src/shared/dns-answer.c

@@ -3,11 +3,11 @@
 #include <stdio.h>
 
 #include "alloc-util.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-rr.h"
 #include "log.h"
 #include "random-util.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-rr.h"
 #include "siphash24.h"
 #include "string-util.h"
 

src/shared/dns-answer.h

@@ -2,7 +2,7 @@
 #pragma once
 
 #include "ordered-set.h"
-#include "resolved-forward.h"
+#include "shared-forward.h"
 
 /* A simple array of resource records. We keep track of the originating ifindex for each RR where that makes
  * sense, so that we can qualify A and AAAA RRs referring to a local link with the right ifindex.

src/shared/dns-domain.c

@@ -27,7 +27,12 @@ int dns_label_unescape(const char **name, char *dest, size_t sz, DNSLabelFlags f
         int r = 0;
 
         assert(name);
-        assert(*name);
+
+        if (isempty(*name)) {
+                if (dest && sz >= 1)
+                        dest[0] = 0;
+                return 0;
+        }
 
         n = *name;
         d = dest;
@@ -649,12 +654,10 @@ int dns_name_change_suffix(const char *name, const char *old_suffix, const char
         int r, q;
 
         assert(name);
-        assert(old_suffix);
-        assert(new_suffix);
         assert(ret);
 
         n = name;
-        s = old_suffix;
+        s = strempty(old_suffix);
 
         for (;;) {
                 char ln[DNS_LABEL_MAX+1], ls[DNS_LABEL_MAX+1];

src/shared/dns-packet.c

@@ -2,14 +2,14 @@
 
 #include "alloc-util.h"
 #include "bitmap.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "escape.h"
 #include "log.h"
 #include "memory-util.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "set.h"
 #include "siphash24.h"
 #include "stdio-util.h"

src/shared/dns-packet.h

@@ -8,7 +8,7 @@
 #include "in-addr-util.h"
 #include "memory-util.h"
 #include "resolved-def.h"
-#include "resolved-forward.h"
+#include "shared-forward.h"
 #include "sparse-endian.h"
 
 typedef enum DnsProtocol {

src/shared/dns-question.c

@@ -4,9 +4,9 @@
 
 #include "alloc-util.h"
 #include "dns-domain.h"
+#include "dns-question.h"
+#include "dns-rr.h"
 #include "dns-type.h"
-#include "resolved-dns-question.h"
-#include "resolved-dns-rr.h"
 #include "socket-util.h"
 #include "string-util.h"
 

src/shared/dns-question.h

@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 #pragma once
 
-#include "resolved-forward.h"
+#include "shared-forward.h"
 
 /* A simple array of resource keys */
 

src/shared/dns-rr.c

@@ -4,17 +4,16 @@
 
 #include "alloc-util.h"
 #include "bitmap.h"
+#include "dns-answer.h"
 #include "dns-domain.h"
+#include "dns-packet.h"
+#include "dns-rr.h"
 #include "dns-type.h"
 #include "escape.h"
 #include "hash-funcs.h"
 #include "hexdecoct.h"
 #include "json-util.h"
 #include "memory-util.h"
-#include "resolved-dns-answer.h"
-#include "resolved-dns-dnssec.h"
-#include "resolved-dns-packet.h"
-#include "resolved-dns-rr.h"
 #include "siphash24.h"
 #include "string-table.h"
 #include "string-util.h"
@@ -977,6 +976,32 @@ static char *format_svc_params(DnsSvcParam *first) {
         return strv_join(params, " ");
 }
 
+uint16_t dnssec_keytag(DnsResourceRecord *dnskey, bool mask_revoke) {
+        const uint8_t *p;
+        uint32_t sum, f;
+
+        /* The algorithm from RFC 4034, Appendix B. */
+
+        assert(dnskey);
+        assert(dnskey->key->type == DNS_TYPE_DNSKEY);
+
+        f = (uint32_t) dnskey->dnskey.flags;
+
+        if (mask_revoke)
+                f &= ~DNSKEY_FLAG_REVOKE;
+
+        sum = f + ((((uint32_t) dnskey->dnskey.protocol) << 8) + (uint32_t) dnskey->dnskey.algorithm);
+
+        p = dnskey->dnskey.key;
+
+        for (size_t i = 0; i < dnskey->dnskey.key_size; i++)
+                sum += (i & 1) == 0 ? (uint32_t) p[i] << 8 : (uint32_t) p[i];
+
+        sum += (sum >> 16) & UINT32_C(0xFFFF);
+
+        return sum & UINT32_C(0xFFFF);
+}
+
 const char* dns_resource_record_to_string(DnsResourceRecord *rr) {
         _cleanup_free_ char *s = NULL, *t = NULL;
         char k[DNS_RESOURCE_KEY_STRING_MAX];
@@ -2180,14 +2205,16 @@ int dns_resource_key_from_json(sd_json_variant *v, DnsResourceKey **ret) {
         };
 
         static const sd_json_dispatch_field dispatch_table[] = {
-                { "class", _SD_JSON_VARIANT_TYPE_INVALID, sd_json_dispatch_uint16,       offsetof(struct params, class), SD_JSON_MANDATORY },
+                { "class", _SD_JSON_VARIANT_TYPE_INVALID, sd_json_dispatch_uint16,       offsetof(struct params, class), 0                 },
                 { "type",  _SD_JSON_VARIANT_TYPE_INVALID, sd_json_dispatch_uint16,       offsetof(struct params, type),  SD_JSON_MANDATORY },
                 { "name",  SD_JSON_VARIANT_STRING,        sd_json_dispatch_const_string, offsetof(struct params, name),  SD_JSON_MANDATORY },
                 {}
         };
 
         _cleanup_(dns_resource_key_unrefp) DnsResourceKey *key = NULL;
-        struct params p;
+        struct params p = {
+                .class = DNS_CLASS_IN,
+        };
         int r;
 
         assert(v);

src/shared/dns-rr.h

@@ -6,7 +6,7 @@
 #include "dns-def.h"
 #include "dns-type.h"
 #include "list.h"
-#include "resolved-forward.h"
+#include "shared-forward.h"
 
 /* DNSKEY RR flags */
 #define DNSKEY_FLAG_SEP            (UINT16_C(1) << 0)
@@ -427,6 +427,8 @@ int dns_resource_key_compare_func(const DnsResourceKey *x, const DnsResourceKey
 void dns_resource_record_hash_func(const DnsResourceRecord *i, struct siphash *state);
 int dns_resource_record_compare_func(const DnsResourceRecord *x, const DnsResourceRecord *y);
 
+uint16_t dnssec_keytag(DnsResourceRecord *dnskey, bool mask_revoke);
+
 extern const struct hash_ops dns_resource_key_hash_ops;
 extern const struct hash_ops dns_resource_record_hash_ops;
 extern const struct hash_ops dns_resource_record_hash_ops_by_key;

src/shared/hostname-setup.c

@@ -1,5 +1,6 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
+#include <sched.h>
 #include <stdio.h>
 #include <sys/utsname.h>
 #include <unistd.h>
@@ -15,8 +16,12 @@
 #include "hostname-setup.h"
 #include "hostname-util.h"
 #include "initrd-util.h"
+#include "io-util.h"
 #include "log.h"
+#include "namespace-util.h"
+#include "pidref.h"
 #include "proc-cmdline.h"
+#include "process-util.h"
 #include "siphash24.h"
 #include "string-table.h"
 #include "string-util.h"
@@ -344,3 +349,66 @@ int gethostname_full(GetHostnameFlags flags, char **ret) {
         *ret = TAKE_PTR(buf);
         return 0;
 }
+
+int pidref_gethostname_full(PidRef *pidref, GetHostnameFlags flags, char **ret) {
+        int r;
+
+        assert(pidref);
+        assert(ret);
+
+        r = pidref_in_same_namespace(pidref, NULL, NAMESPACE_UTS);
+        if (r < 0)
+                return r;
+        if (r > 0)
+                return gethostname_full(flags, ret);
+
+        _cleanup_close_ int utsns_fd = r = pidref_namespace_open_by_type(pidref, NAMESPACE_UTS);
+        if (r < 0)
+                return r;
+
+        _cleanup_close_pair_ int errno_pipe[2] = EBADF_PAIR;
+        r = pipe2(errno_pipe, O_CLOEXEC);
+        if (r < 0)
+                return -errno;
+
+        _cleanup_close_pair_ int result_pipe[2] = EBADF_PAIR;
+        r = pipe2(result_pipe, O_CLOEXEC);
+        if (r < 0)
+                return -errno;
+
+        _cleanup_(pidref_done_sigkill_wait) PidRef child = PIDREF_NULL;
+        r = pidref_safe_fork("(gethostname)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL, &child);
+        if (r < 0)
+                return r;
+        if (r == 0) {
+                errno_pipe[0] = safe_close(errno_pipe[0]);
+                result_pipe[0] = safe_close(result_pipe[0]);
+
+                if (setns(utsns_fd, CLONE_NEWUTS) < 0)
+                        report_errno_and_exit(errno_pipe[1], -errno);
+
+                char *t;
+                r = gethostname_full(flags, &t);
+                if (r < 0)
+                        report_errno_and_exit(errno_pipe[1], r);
+
+                r = loop_write(result_pipe[1], t, strlen(t) + 1);
+                report_errno_and_exit(errno_pipe[1], r);
+        }
+
+        errno_pipe[1] = safe_close(errno_pipe[1]);
+        result_pipe[1] = safe_close(result_pipe[1]);
+
+        r = read_errno(errno_pipe[0]);
+        if (r < 0)
+                return r;
+
+        char buf[HOST_NAME_MAX+1];
+        ssize_t n = loop_read(result_pipe[0], buf, sizeof(buf), /* do_poll = */ false);
+        if (n < 0)
+                return n;
+        if (n == 0 || buf[n - 1] != '\0')
+                return -EPROTO;
+
+        return strdup_to(ret, buf);
+}

src/shared/hostname-setup.h

@@ -56,3 +56,5 @@ static inline char* gethostname_short_malloc(void) {
 
         return s;
 }
+
+int pidref_gethostname_full(PidRef *pidref, GetHostnameFlags flags, char **ret);

src/shared/loop-util.c

@@ -375,6 +375,44 @@ static int loop_configure(
         return 0;
 }
 
+static int fd_get_max_discard(int fd, uint64_t *ret) {
+        struct stat st;
+        char sysfs_path[STRLEN("/sys/dev/block/" ":" "/queue/discard_max_bytes") + DECIMAL_STR_MAX(dev_t) * 2 + 1];
+        _cleanup_free_ char *buffer = NULL;
+        int r;
+
+        assert(ret);
+
+        if (fstat(ASSERT_FD(fd), &st) < 0)
+                return -errno;
+
+        if (!S_ISBLK(st.st_mode))
+                return -ENOTBLK;
+
+        xsprintf(sysfs_path, "/sys/dev/block/" DEVNUM_FORMAT_STR "/queue/discard_max_bytes", DEVNUM_FORMAT_VAL(st.st_rdev));
+
+        r = read_one_line_file(sysfs_path, &buffer);
+        if (r < 0)
+                return r;
+
+        return safe_atou64(buffer, ret);
+}
+
+static int fd_set_max_discard(int fd, uint64_t max_discard) {
+        struct stat st;
+        char sysfs_path[STRLEN("/sys/dev/block/" ":" "/queue/discard_max_bytes") + DECIMAL_STR_MAX(dev_t) * 2 + 1];
+
+        if (fstat(ASSERT_FD(fd), &st) < 0)
+                return -errno;
+
+        if (!S_ISBLK(st.st_mode))
+                return -ENOTBLK;
+
+        xsprintf(sysfs_path, "/sys/dev/block/" DEVNUM_FORMAT_STR "/queue/discard_max_bytes", DEVNUM_FORMAT_VAL(st.st_rdev));
+
+        return write_string_filef(sysfs_path, WRITE_STRING_FILE_DISABLE_BUFFER, "%" PRIu64, max_discard);
+}
+
 static int loop_device_make_internal(
                 const char *path,
                 int fd,
@@ -572,6 +610,23 @@ static int loop_device_make_internal(
                 (void) usleep_safe(usec);
         }
 
+        if (S_ISBLK(st.st_mode)) {
+                /* Propagate backing device's discard byte limit to our loopback block device. We do this in
+                 * order to avoid that (supposedly quick) discard requests on the loopback device get turned
+                 * into (likely slow) zero-out requests on backing devices that do not support discarding
+                 * natively, but do support zero-out. */
+                uint64_t discard_max_bytes;
+
+                r = fd_get_max_discard(fd, &discard_max_bytes);
+                if (r < 0)
+                        log_debug_errno(r, "Failed to read 'discard_max_bytes' of backing device, ignoring: %m");
+                else {
+                        r = fd_set_max_discard(d->fd, discard_max_bytes);
+                        if (r < 0)
+                                log_debug_errno(r, "Failed to write 'discard_max_bytes' of loop device, ignoring: %m");
+                }
+        }
+
         d->backing_file = TAKE_PTR(backing_file);
         d->backing_inode = st.st_ino;
         d->backing_devno = st.st_dev;

src/shared/meson.build

@@ -61,7 +61,12 @@ shared_sources = files(
         'discover-image.c',
         'dissect-image.c',
         'dm-util.c',
+        'dns-answer.c',
         'dns-domain.c',
+        'dns-packet.c',
+        'dns-question.c',
+        'dns-rr.c',
+        'dns-type.c',
         'dropin.c',
         'edit-util.c',
         'efi-api.c',
@@ -313,6 +318,41 @@ ethtool_link_mode_xml = custom_target(
         capture : true)
 man_page_depends += ethtool_link_mode_xml
 
+dns_type_list_txt = custom_target(
+        input : ['generate-dns_type-list.sed', 'dns-type.h'],
+        output : 'dns_type-list.txt',
+        command : [sed, '-n', '-r', '-f', '@INPUT0@', '@INPUT1@'],
+        capture : true)
+
+gperf_file = custom_target(
+        input : dns_type_list_txt,
+        output : 'dns_type-from-name.gperf',
+        command : [files('generate-dns_type-gperf.py'),
+                   'dns_type',
+                   'DNS_TYPE_',
+                   '@INPUT@'],
+        capture : true)
+
+dns_type_from_name_inc = custom_target(
+        input : gperf_file,
+        output : 'dns_type-from-name.inc',
+        command : [gperf,
+                   '-L', 'ANSI-C', '-t', '--ignore-case',
+                   '-N', 'lookup_dns_type',
+                   '-H', 'hash_dns_type_name',
+                   '-p', '-C',
+                   '@INPUT@'],
+        capture : true)
+
+dns_type_to_name_inc = custom_target(
+        input : ['dns_type-to-name.awk', dns_type_list_txt],
+        output : 'dns_type-to-name.inc',
+        command : [awk, '-f', '@INPUT0@', '@INPUT1@'],
+        capture : true)
+
+generated_sources += [dns_type_from_name_inc, dns_type_to_name_inc]
+shared_sources += [dns_type_from_name_inc, dns_type_to_name_inc]
+
 libshared_name = 'systemd-shared-@0@'.format(shared_lib_tag)
 
 libshared_deps = [threads,

src/shared/ptyfwd.c

@@ -19,6 +19,7 @@
 #include "hostname-setup.h"
 #include "io-util.h"
 #include "log.h"
+#include "pretty-print.h"
 #include "ptyfwd.h"
 #include "stat-util.h"
 #include "string-util.h"
@@ -318,6 +319,9 @@ static int insert_background_color(PTYForward *f, size_t offset) {
         if (!f->background_color)
                 return 0;
 
+        if (!shall_tint_background())
+                return 0;
+
         s = background_color_sequence(f);
         if (!s)
                 return -ENOMEM;
@@ -403,6 +407,9 @@ static int insert_background_fix(PTYForward *f, size_t offset) {
         if (!f->background_color)
                 return 0;
 
+        if (!shall_tint_background())
+                return 0;
+
         if (!is_csi_background_reset_sequence(strempty(f->csi_sequence)))
                 return 0;
 
@@ -605,7 +612,7 @@ static int do_shovel(PTYForward *f) {
                  * shovelling. Hence, possibly send some initial ANSI sequences. But do so only if we are
                  * talking to an actual TTY. */
 
-                if (f->background_color) {
+                if (f->background_color && shall_tint_background()) {
                         /* Erase the first line when we start */
                         f->out_buffer = background_color_sequence(f);
                         if (!f->out_buffer)

src/shared/resolved-def.h

@@ -1,7 +1,7 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 #pragma once
 
-#include "resolved-forward.h"
+#include "shared-forward.h"
 #include "time-util.h"
 
 /* Input + Output: The various protocols we can use */

src/shared/shared-forward.h

@@ -18,8 +18,10 @@ typedef enum BusPrintPropertyFlags BusPrintPropertyFlags;
 typedef enum BusTransport BusTransport;
 typedef enum CatFlags CatFlags;
 typedef enum CertificateSourceType CertificateSourceType;
+typedef enum DnsAnswerFlags DnsAnswerFlags;
 typedef enum DnsCacheMode DnsCacheMode;
 typedef enum DnsOverTlsMode DnsOverTlsMode;
+typedef enum DnsProtocol DnsProtocol;
 typedef enum DnssecMode DnssecMode;
 typedef enum Fido2EnrollFlags Fido2EnrollFlags;
 typedef enum KeySourceType KeySourceType;
@@ -50,6 +52,13 @@ typedef struct Condition Condition;
 typedef struct ConfigSection ConfigSection;
 typedef struct ConfigTableItem ConfigTableItem;
 typedef struct CPUSet CPUSet;
+typedef struct DnsAnswer DnsAnswer;
+typedef struct DnsPacket DnsPacket;
+typedef struct DnsQuestion DnsQuestion;
+typedef struct DnsResourceKey DnsResourceKey;
+typedef struct DnsResourceRecord DnsResourceRecord;
+typedef struct DnsSvcParam DnsSvcParam;
+typedef struct DnsTxtItem DnsTxtItem;
 typedef struct FDSet FDSet;
 typedef struct Fido2HmacSalt Fido2HmacSalt;
 typedef struct GroupRecord GroupRecord;

src/shared/varlink-io.systemd.Resolve.c

@@ -4,8 +4,8 @@
 
 SD_VARLINK_DEFINE_STRUCT_TYPE(
                 ResourceKey,
-                SD_VARLINK_FIELD_COMMENT("The RR class, almost always IN, i.e 0x01."),
-                SD_VARLINK_DEFINE_FIELD(class, SD_VARLINK_INT, 0),
+                SD_VARLINK_FIELD_COMMENT("The RR class, almost always IN, i.e 0x01. If unspecified defaults to IN."),
+                SD_VARLINK_DEFINE_FIELD(class, SD_VARLINK_INT, SD_VARLINK_NULLABLE),
                 SD_VARLINK_FIELD_COMMENT("The RR types, one of A, AAAA, PTR, …"),
                 SD_VARLINK_DEFINE_FIELD(type, SD_VARLINK_INT, 0),
                 SD_VARLINK_FIELD_COMMENT("The domain name."),

src/shared/varlink-io.systemd.Unit.c

@@ -1006,7 +1006,9 @@ static SD_VARLINK_DEFINE_STRUCT_TYPE(
                 SD_VARLINK_FIELD_COMMENT("The cgroup runtime of the unit"),
                 SD_VARLINK_DEFINE_FIELD_BY_TYPE(CGroup, CGroupRuntime, SD_VARLINK_NULLABLE));
 
-static SD_VARLINK_DEFINE_ERROR(NoSuchUnit);
+static SD_VARLINK_DEFINE_ERROR(
+                NoSuchUnit,
+                SD_VARLINK_DEFINE_FIELD(parameter, SD_VARLINK_STRING, SD_VARLINK_NULLABLE));
 
 static SD_VARLINK_DEFINE_METHOD_FULL(
                 List,
@@ -1015,6 +1017,10 @@ static SD_VARLINK_DEFINE_METHOD_FULL(
                 SD_VARLINK_DEFINE_INPUT(name, SD_VARLINK_STRING, SD_VARLINK_NULLABLE),
                 SD_VARLINK_FIELD_COMMENT("If non-null the PID of a unit. Special value 0 means to take pid of the caller."),
                 SD_VARLINK_DEFINE_INPUT_BY_TYPE(pid, ProcessId, SD_VARLINK_NULLABLE),
+                SD_VARLINK_FIELD_COMMENT("If non-null the cgroup of a unit"),
+                SD_VARLINK_DEFINE_INPUT(cgroup, SD_VARLINK_STRING, SD_VARLINK_NULLABLE),
+                SD_VARLINK_FIELD_COMMENT("If non-null the invocation ID of a unit"),
+                SD_VARLINK_DEFINE_INPUT(invocationID, SD_VARLINK_STRING, SD_VARLINK_NULLABLE),
                 SD_VARLINK_FIELD_COMMENT("Configuration of the unit"),
                 SD_VARLINK_DEFINE_OUTPUT_BY_TYPE(context, UnitContext, 0),
                 SD_VARLINK_FIELD_COMMENT("Runtime information of the unit"),

src/test/test-dns-domain.c

@@ -654,6 +654,9 @@ TEST(dns_name_change_suffix) {
         test_dns_name_change_suffix_one("", "", "piff.paff", 1, "piff.paff");
         test_dns_name_change_suffix_one("", "", "", 1, ".");
         test_dns_name_change_suffix_one("a", "b", "c", 0, NULL);
+        test_dns_name_change_suffix_one("wau.wau", "wau", NULL, 1, "wau");
+        test_dns_name_change_suffix_one("wau.wau", NULL, "wau", 1, "wau.wau.wau");
+        test_dns_name_change_suffix_one("wau.wau", NULL, NULL, 1, "wau.wau");
 }
 
 static void test_dns_name_suffix_one(const char *name, unsigned n_labels, const char *result, int ret) {
@@ -842,4 +845,40 @@ TEST(dns_name_dot_suffixed) {
         assert_se(dns_name_dot_suffixed("foo.bar\\.\\.\\.\\.") == 0);
 }
 
+TEST(dns_name_parent) {
+        const char *name = "hoge.hoge.foo.bar.example.com";
+
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("hoge"));
+        ASSERT_STREQ(name, "hoge.foo.bar.example.com");
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("hoge"));
+        ASSERT_STREQ(name, "foo.bar.example.com");
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("foo"));
+        ASSERT_STREQ(name, "bar.example.com");
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("bar"));
+        ASSERT_STREQ(name, "example.com");
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("example"));
+        ASSERT_STREQ(name, "com");
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("com"));
+        ASSERT_STREQ(name, "");
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN(""));
+        ASSERT_STREQ(name, "");
+
+        name = "hoge.hoge.foo.bar.example.com.";
+
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("hoge"));
+        ASSERT_STREQ(name, "hoge.foo.bar.example.com.");
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("hoge"));
+        ASSERT_STREQ(name, "foo.bar.example.com.");
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("foo"));
+        ASSERT_STREQ(name, "bar.example.com.");
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("bar"));
+        ASSERT_STREQ(name, "example.com.");
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("example"));
+        ASSERT_STREQ(name, "com.");
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN("com"));
+        ASSERT_STREQ(name, ""); /* The trailint dot is suppressed. */
+        ASSERT_OK_EQ(dns_name_parent(&name), (int) STRLEN(""));
+        ASSERT_STREQ(name, "");
+}
+
 DEFINE_TEST_MAIN(LOG_DEBUG);

src/test/test-hostname-setup.c

@@ -1,6 +1,7 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
 #include <fnmatch.h>
+#include <sched.h>
 #include <stdlib.h>
 
 #include "alloc-util.h"
@@ -9,6 +10,8 @@
 #include "hostname-setup.h"
 #include "hostname-util.h"
 #include "id128-util.h"
+#include "pidref.h"
+#include "process-util.h"
 #include "tests.h"
 #include "tmpfile-util.h"
 
@@ -132,4 +135,69 @@ TEST(default_hostname) {
         ASSERT_TRUE(hostname_is_valid(m, VALID_HOSTNAME_QUESTION_MARK));
 }
 
+TEST(pidref_gethostname_full) {
+        int r;
+
+        if (geteuid() != 0)
+                return (void) log_tests_skipped("Not privileged");
+
+        _cleanup_free_ char *original = NULL, *original_short = NULL;
+        ASSERT_NOT_NULL(original = gethostname_malloc());
+        ASSERT_NOT_NULL(original_short = gethostname_short_malloc());
+
+        _cleanup_close_pair_ int fds[2] = EBADF_PAIR;
+        ASSERT_OK_ERRNO(pipe2(fds, O_CLOEXEC));
+
+        _cleanup_(pidref_done_sigkill_wait) PidRef pidref = PIDREF_NULL;
+        r = pidref_safe_fork("(test-pidref-gethostname)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL, &pidref);
+        ASSERT_OK(r);
+        if (r == 0) {
+                fds[0] = safe_close(fds[0]);
+
+                ASSERT_OK_ERRNO(unshare(CLONE_NEWUTS));
+                ASSERT_OK(sethostname_idempotent("hogehoge.example.com"));
+
+                ASSERT_OK_EQ_ERRNO(write(fds[1], &(const char[]) { 'x' }, 1), 1);
+                freeze();
+        }
+
+        fds[1] = safe_close(fds[1]);
+
+        char x;
+        ASSERT_OK_EQ_ERRNO(read(fds[0], &x, 1), 1);
+        ASSERT_EQ(x, 'x');
+
+        _cleanup_free_ char *s = NULL;
+        ASSERT_OK(pidref_gethostname_full(&pidref, /* flags= */ 0, &s));
+        ASSERT_STREQ(s, "hogehoge.example.com");
+
+        s = mfree(s);
+
+        ASSERT_OK(pidref_gethostname_full(&pidref, GET_HOSTNAME_SHORT, &s));
+        ASSERT_STREQ(s, "hogehoge");
+
+        s = mfree(s);
+
+        _cleanup_(pidref_done) PidRef self = PIDREF_NULL;
+        ASSERT_OK(pidref_set_self(&self));
+
+        ASSERT_OK(pidref_gethostname_full(&self, /* flags= */ 0, &s));
+        ASSERT_STREQ(s, original);
+
+        s = mfree(s);
+
+        ASSERT_OK(pidref_gethostname_full(&self, GET_HOSTNAME_SHORT, &s));
+        ASSERT_STREQ(s, original_short);
+
+        s = mfree(s);
+
+        ASSERT_NOT_NULL(s = gethostname_malloc());
+        ASSERT_STREQ(s, original);
+
+        s = mfree(s);
+
+        ASSERT_NOT_NULL(s = gethostname_short_malloc());
+        ASSERT_STREQ(s, original_short);
+}
+
 DEFINE_TEST_MAIN(LOG_DEBUG);

src/vmspawn/vmspawn.c

@@ -2745,7 +2745,7 @@ static int run_virtual_machine(int kvm_device_fd, int vhost_device_fd) {
                 if (r < 0)
                         return log_error_errno(r, "Failed to create PTY forwarder: %m");
 
-                if (!arg_background && shall_tint_background()) {
+                if (!arg_background) {
                         _cleanup_free_ char *bg = NULL;
 
                         r = terminal_tint_color(130 /* green */, &bg);

test/units/TEST-74-AUX-UTILS.varlinkctl.sh

@@ -190,11 +190,17 @@ varlinkctl info /run/systemd/io.systemd.Manager
 varlinkctl introspect /run/systemd/io.systemd.Manager io.systemd.Unit
 varlinkctl --more call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{}'
 varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"name": "multi-user.target"}'
-varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"pid": {"pid": 0}}'
+varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"pid": {"pid": 1}}'
 (! varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{}' |& grep -q "called without 'more' flag")
+varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"name": "init.scope", "pid": {"pid": 1}}'
 (! varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"name": ""}')
 (! varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"name": "non-existent.service"}')
 (! varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"pid": {"pid": -1}}' )
+(! varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"name": "multi-user.target", "pid": {"pid": 1}}')
+
+varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List '{"cgroup": "/init.scope"}'
+invocation_id=$(varlinkctl call --collect /run/systemd/io.systemd.Manager io.systemd.Unit.List '{}' | jq -r '.[] | .runtime.InvocationID' | grep -v null | tail -n 1)
+varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Unit.List "{\"invocationID\": \"$invocation_id\"}"
 
 # test io.systemd.Manager in user manager
 testuser_uid=$(id -u testuser)