Compare commits
12 Commits
2b7dc56f94
...
61dbcae179
Author | SHA1 | Date |
---|---|---|
Daan De Meyer | 61dbcae179 | |
Daan De Meyer | 8be0135d40 | |
Michael Ferrari | 91ea3dcf35 | |
PavlNekrasov | d80a9042ca | |
Yu Watanabe | a7afe5a3e7 | |
Yu Watanabe | 4d6ad22f8d | |
Yu Watanabe | 099ee34ca1 | |
Yu Watanabe | a2fbe9f3f9 | |
Yu Watanabe | 7c778cecdb | |
Yu Watanabe | 46718d344f | |
Yu Watanabe | 9295c7ae09 | |
Yu Watanabe | 41afafbf2a |
|
@ -256,18 +256,23 @@ int ask_string(char **ret, const char *text, ...) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool press_any_key_to_proceed(void) {
|
bool any_key_to_proceed(void) {
|
||||||
char k = 0;
|
char key = 0;
|
||||||
bool need_nl = true;
|
bool need_nl = true;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Insert a new line here as well as to when the user inputs, as this is also used during the
|
||||||
|
* boot up sequence when status messages may be interleaved with the current program output.
|
||||||
|
* This ensures that the status messages aren't appended on the same line as this message.
|
||||||
|
*/
|
||||||
puts("-- Press any key to proceed --");
|
puts("-- Press any key to proceed --");
|
||||||
|
|
||||||
(void) read_one_char(stdin, &k, USEC_INFINITY, &need_nl);
|
(void) read_one_char(stdin, &key, USEC_INFINITY, &need_nl);
|
||||||
|
|
||||||
if (need_nl)
|
if (need_nl)
|
||||||
putchar('\n');
|
putchar('\n');
|
||||||
|
|
||||||
return k != 'q';
|
return key != 'q';
|
||||||
}
|
}
|
||||||
|
|
||||||
int show_menu(char **x, unsigned n_columns, unsigned width, unsigned percentage) {
|
int show_menu(char **x, unsigned n_columns, unsigned width, unsigned percentage) {
|
||||||
|
@ -308,7 +313,7 @@ int show_menu(char **x, unsigned n_columns, unsigned width, unsigned percentage)
|
||||||
|
|
||||||
/* on the first screen we reserve 2 extra lines for the title */
|
/* on the first screen we reserve 2 extra lines for the title */
|
||||||
if (i % break_lines == break_modulo) {
|
if (i % break_lines == break_modulo) {
|
||||||
if (!press_any_key_to_proceed())
|
if (!any_key_to_proceed())
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -78,7 +78,7 @@ int chvt(int vt);
|
||||||
int read_one_char(FILE *f, char *ret, usec_t timeout, bool *need_nl);
|
int read_one_char(FILE *f, char *ret, usec_t timeout, bool *need_nl);
|
||||||
int ask_char(char *ret, const char *replies, const char *text, ...) _printf_(3, 4);
|
int ask_char(char *ret, const char *replies, const char *text, ...) _printf_(3, 4);
|
||||||
int ask_string(char **ret, const char *text, ...) _printf_(2, 3);
|
int ask_string(char **ret, const char *text, ...) _printf_(2, 3);
|
||||||
bool press_any_key_to_proceed(void);
|
bool any_key_to_proceed(void);
|
||||||
int show_menu(char **x, unsigned n_columns, unsigned width, unsigned percentage);
|
int show_menu(char **x, unsigned n_columns, unsigned width, unsigned percentage);
|
||||||
|
|
||||||
int vt_disallocate(const char *name);
|
int vt_disallocate(const char *name);
|
||||||
|
|
|
@ -93,7 +93,6 @@ STATIC_DESTRUCTOR_REGISTER(arg_root_shell, freep);
|
||||||
STATIC_DESTRUCTOR_REGISTER(arg_kernel_cmdline, freep);
|
STATIC_DESTRUCTOR_REGISTER(arg_kernel_cmdline, freep);
|
||||||
STATIC_DESTRUCTOR_REGISTER(arg_image_policy, image_policy_freep);
|
STATIC_DESTRUCTOR_REGISTER(arg_image_policy, image_policy_freep);
|
||||||
|
|
||||||
|
|
||||||
static void print_welcome(int rfd) {
|
static void print_welcome(int rfd) {
|
||||||
_cleanup_free_ char *pretty_name = NULL, *os_name = NULL, *ansi_color = NULL;
|
_cleanup_free_ char *pretty_name = NULL, *os_name = NULL, *ansi_color = NULL;
|
||||||
static bool done = false;
|
static bool done = false;
|
||||||
|
@ -128,7 +127,7 @@ static void print_welcome(int rfd) {
|
||||||
|
|
||||||
printf("\nPlease configure your system!\n\n");
|
printf("\nPlease configure your system!\n\n");
|
||||||
|
|
||||||
press_any_key_to_proceed();
|
any_key_to_proceed();
|
||||||
|
|
||||||
done = true;
|
done = true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -2434,6 +2434,8 @@ static int create_interactively(void) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
any_key_to_proceed();
|
||||||
|
|
||||||
r = acquire_bus(&bus);
|
r = acquire_bus(&bus);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
|
@ -36,23 +36,22 @@ struct str {
|
||||||
static long cut_last(u32 i, struct str *str) {
|
static long cut_last(u32 i, struct str *str) {
|
||||||
char *s;
|
char *s;
|
||||||
|
|
||||||
|
/* Sanity check for the preverifier */
|
||||||
|
if (i >= str->l)
|
||||||
|
return 1; /* exit from the loop */
|
||||||
|
|
||||||
i = str->l - i - 1;
|
i = str->l - i - 1;
|
||||||
s = str->s + i;
|
s = str->s + i;
|
||||||
|
|
||||||
/* Sanity check for the preverifier */
|
|
||||||
if (i >= str->l)
|
|
||||||
return 1;
|
|
||||||
|
|
||||||
if (*s == 0)
|
if (*s == 0)
|
||||||
return 0;
|
return 0; /* continue */
|
||||||
|
|
||||||
if (*s == '\n' || *s == '\r' || *s == ' ' || *s == '\t') {
|
if (*s == '\n' || *s == '\r' || *s == ' ' || *s == '\t') {
|
||||||
*s = 0;
|
*s = 0;
|
||||||
|
return 0; /* continue */
|
||||||
return 0;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return 1;
|
return 1; /* exit from the loop */
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Cut off trailing whitespace and newlines */
|
/* Cut off trailing whitespace and newlines */
|
||||||
|
|
|
@ -221,7 +221,7 @@ int link_set_ipv6ll_stable_secret(Link *link) {
|
||||||
}
|
}
|
||||||
|
|
||||||
return sysctl_write_ip_property(AF_INET6, link->ifname, "stable_secret",
|
return sysctl_write_ip_property(AF_INET6, link->ifname, "stable_secret",
|
||||||
IN6_ADDR_TO_STRING(&a), &link->manager->sysctl_shadow);
|
IN6_ADDR_TO_STRING(&a), manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
int link_set_ipv6ll_addrgen_mode(Link *link, IPv6LinkLocalAddressGenMode mode) {
|
int link_set_ipv6ll_addrgen_mode(Link *link, IPv6LinkLocalAddressGenMode mode) {
|
||||||
|
@ -232,7 +232,7 @@ int link_set_ipv6ll_addrgen_mode(Link *link, IPv6LinkLocalAddressGenMode mode) {
|
||||||
if (mode == link->ipv6ll_address_gen_mode)
|
if (mode == link->ipv6ll_address_gen_mode)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "addr_gen_mode", mode, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "addr_gen_mode", mode, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static const char* const ipv6_link_local_address_gen_mode_table[_IPV6_LINK_LOCAL_ADDRESS_GEN_MODE_MAX] = {
|
static const char* const ipv6_link_local_address_gen_mode_table[_IPV6_LINK_LOCAL_ADDRESS_GEN_MODE_MAX] = {
|
||||||
|
|
|
@ -604,7 +604,9 @@ int manager_new(Manager **ret, bool test_mode) {
|
||||||
.duid_product_uuid.type = DUID_TYPE_UUID,
|
.duid_product_uuid.type = DUID_TYPE_UUID,
|
||||||
.dhcp_server_persist_leases = true,
|
.dhcp_server_persist_leases = true,
|
||||||
.ip_forwarding = { -1, -1, },
|
.ip_forwarding = { -1, -1, },
|
||||||
|
#if HAVE_VMLINUX_H
|
||||||
.cgroup_fd = -EBADF,
|
.cgroup_fd = -EBADF,
|
||||||
|
#endif
|
||||||
};
|
};
|
||||||
|
|
||||||
*ret = TAKE_PTR(m);
|
*ret = TAKE_PTR(m);
|
||||||
|
@ -624,8 +626,6 @@ Manager* manager_free(Manager *m) {
|
||||||
HASHMAP_FOREACH(link, m->links_by_index)
|
HASHMAP_FOREACH(link, m->links_by_index)
|
||||||
(void) link_stop_engines(link, true);
|
(void) link_stop_engines(link, true);
|
||||||
|
|
||||||
hashmap_free(m->sysctl_shadow);
|
|
||||||
|
|
||||||
m->request_queue = ordered_set_free(m->request_queue);
|
m->request_queue = ordered_set_free(m->request_queue);
|
||||||
m->remove_request_queue = ordered_set_free(m->remove_request_queue);
|
m->remove_request_queue = ordered_set_free(m->remove_request_queue);
|
||||||
|
|
||||||
|
|
|
@ -122,12 +122,14 @@ struct Manager {
|
||||||
|
|
||||||
/* sysctl */
|
/* sysctl */
|
||||||
int ip_forwarding[2];
|
int ip_forwarding[2];
|
||||||
|
#if HAVE_VMLINUX_H
|
||||||
Hashmap *sysctl_shadow;
|
Hashmap *sysctl_shadow;
|
||||||
sd_event_source *sysctl_event_source;
|
sd_event_source *sysctl_event_source;
|
||||||
struct ring_buffer *sysctl_buffer;
|
struct ring_buffer *sysctl_buffer;
|
||||||
struct sysctl_monitor_bpf *sysctl_skel;
|
struct sysctl_monitor_bpf *sysctl_skel;
|
||||||
struct bpf_link *sysctl_link;
|
struct bpf_link *sysctl_link;
|
||||||
int cgroup_fd;
|
int cgroup_fd;
|
||||||
|
#endif
|
||||||
};
|
};
|
||||||
|
|
||||||
int manager_new(Manager **ret, bool test_mode);
|
int manager_new(Manager **ret, bool test_mode);
|
||||||
|
@ -150,4 +152,12 @@ int manager_set_timezone(Manager *m, const char *timezone);
|
||||||
|
|
||||||
int manager_reload(Manager *m, sd_bus_message *message);
|
int manager_reload(Manager *m, sd_bus_message *message);
|
||||||
|
|
||||||
|
static inline Hashmap** manager_get_sysctl_shadow(Manager *manager) {
|
||||||
|
#if HAVE_VMLINUX_H
|
||||||
|
return &ASSERT_PTR(manager)->sysctl_shadow;
|
||||||
|
#else
|
||||||
|
return NULL;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free);
|
DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free);
|
||||||
|
|
|
@ -987,7 +987,7 @@ static int ndisc_router_process_reachable_time(Link *link, sd_ndisc_router *rt)
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Set the reachable time for Neighbor Solicitations. */
|
/* Set the reachable time for Neighbor Solicitations. */
|
||||||
r = sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "base_reachable_time_ms", (uint32_t) msec, &link->manager->sysctl_shadow);
|
r = sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "base_reachable_time_ms", (uint32_t) msec, manager_get_sysctl_shadow(link->manager));
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_link_warning_errno(link, r, "Failed to apply neighbor reachable time (%"PRIu64"), ignoring: %m", msec);
|
log_link_warning_errno(link, r, "Failed to apply neighbor reachable time (%"PRIu64"), ignoring: %m", msec);
|
||||||
|
|
||||||
|
@ -1021,7 +1021,7 @@ static int ndisc_router_process_retransmission_time(Link *link, sd_ndisc_router
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Set the retransmission time for Neighbor Solicitations. */
|
/* Set the retransmission time for Neighbor Solicitations. */
|
||||||
r = sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "retrans_time_ms", (uint32_t) msec, &link->manager->sysctl_shadow);
|
r = sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "retrans_time_ms", (uint32_t) msec, manager_get_sysctl_shadow(link->manager));
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_link_warning_errno(link, r, "Failed to apply neighbor retransmission time (%"PRIu64"), ignoring: %m", msec);
|
log_link_warning_errno(link, r, "Failed to apply neighbor retransmission time (%"PRIu64"), ignoring: %m", msec);
|
||||||
|
|
||||||
|
@ -1057,7 +1057,7 @@ static int ndisc_router_process_hop_limit(Link *link, sd_ndisc_router *rt) {
|
||||||
if (hop_limit <= 0)
|
if (hop_limit <= 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
r = sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "hop_limit", (uint32_t) hop_limit, &link->manager->sysctl_shadow);
|
r = sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "hop_limit", (uint32_t) hop_limit, manager_get_sysctl_shadow(link->manager));
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_link_warning_errno(link, r, "Failed to apply hop_limit (%u), ignoring: %m", hop_limit);
|
log_link_warning_errno(link, r, "Failed to apply hop_limit (%u), ignoring: %m", hop_limit);
|
||||||
|
|
||||||
|
|
|
@ -34,13 +34,7 @@ static struct sysctl_monitor_bpf* sysctl_monitor_bpf_free(struct sysctl_monitor_
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
static struct ring_buffer* rb_free(struct ring_buffer *rb) {
|
|
||||||
sym_ring_buffer__free(rb);
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
DEFINE_TRIVIAL_CLEANUP_FUNC(struct sysctl_monitor_bpf *, sysctl_monitor_bpf_free);
|
DEFINE_TRIVIAL_CLEANUP_FUNC(struct sysctl_monitor_bpf *, sysctl_monitor_bpf_free);
|
||||||
DEFINE_TRIVIAL_CLEANUP_FUNC(struct ring_buffer *, rb_free);
|
|
||||||
|
|
||||||
static int sysctl_event_handler(void *ctx, void *data, size_t data_sz) {
|
static int sysctl_event_handler(void *ctx, void *data, size_t data_sz) {
|
||||||
struct sysctl_write_event *we = ASSERT_PTR(data);
|
struct sysctl_write_event *we = ASSERT_PTR(data);
|
||||||
|
@ -99,10 +93,10 @@ static int on_ringbuf_io(sd_event_source *s, int fd, uint32_t revents, void *use
|
||||||
int sysctl_add_monitor(Manager *manager) {
|
int sysctl_add_monitor(Manager *manager) {
|
||||||
_cleanup_(sysctl_monitor_bpf_freep) struct sysctl_monitor_bpf *obj = NULL;
|
_cleanup_(sysctl_monitor_bpf_freep) struct sysctl_monitor_bpf *obj = NULL;
|
||||||
_cleanup_(bpf_link_freep) struct bpf_link *sysctl_link = NULL;
|
_cleanup_(bpf_link_freep) struct bpf_link *sysctl_link = NULL;
|
||||||
_cleanup_(rb_freep) struct ring_buffer *sysctl_buffer = NULL;
|
_cleanup_(bpf_ring_buffer_freep) struct ring_buffer *sysctl_buffer = NULL;
|
||||||
_cleanup_close_ int cgroup_fd = -EBADF, rootcg = -EBADF;
|
_cleanup_close_ int cgroup_fd = -EBADF, root_cgroup_fd = -EBADF;
|
||||||
_cleanup_free_ char *cgroup = NULL;
|
_cleanup_free_ char *cgroup = NULL;
|
||||||
int idx = 0, r;
|
int idx = 0, r, fd;
|
||||||
|
|
||||||
assert(manager);
|
assert(manager);
|
||||||
|
|
||||||
|
@ -116,9 +110,9 @@ int sysctl_add_monitor(Manager *manager) {
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_warning_errno(r, "Failed to get cgroup path, ignoring: %m.");
|
return log_warning_errno(r, "Failed to get cgroup path, ignoring: %m.");
|
||||||
|
|
||||||
rootcg = cg_path_open(SYSTEMD_CGROUP_CONTROLLER, "/");
|
root_cgroup_fd = cg_path_open(SYSTEMD_CGROUP_CONTROLLER, "/");
|
||||||
if (rootcg < 0)
|
if (root_cgroup_fd < 0)
|
||||||
return log_warning_errno(rootcg, "Failed to open cgroup, ignoring: %m.");
|
return log_warning_errno(root_cgroup_fd, "Failed to open cgroup, ignoring: %m.");
|
||||||
|
|
||||||
obj = sysctl_monitor_bpf__open_and_load();
|
obj = sysctl_monitor_bpf__open_and_load();
|
||||||
if (!obj) {
|
if (!obj) {
|
||||||
|
@ -133,21 +127,27 @@ int sysctl_add_monitor(Manager *manager) {
|
||||||
if (sym_bpf_map_update_elem(sym_bpf_map__fd(obj->maps.cgroup_map), &idx, &cgroup_fd, BPF_ANY))
|
if (sym_bpf_map_update_elem(sym_bpf_map__fd(obj->maps.cgroup_map), &idx, &cgroup_fd, BPF_ANY))
|
||||||
return log_warning_errno(errno, "Failed to update cgroup map: %m");
|
return log_warning_errno(errno, "Failed to update cgroup map: %m");
|
||||||
|
|
||||||
sysctl_link = sym_bpf_program__attach_cgroup(obj->progs.sysctl_monitor, rootcg);
|
sysctl_link = sym_bpf_program__attach_cgroup(obj->progs.sysctl_monitor, root_cgroup_fd);
|
||||||
r = bpf_get_error_translated(sysctl_link);
|
r = bpf_get_error_translated(sysctl_link);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_info_errno(r, "Unable to attach sysctl monitor BPF program to cgroup, ignoring: %m.");
|
log_info_errno(r, "Unable to attach sysctl monitor BPF program to cgroup, ignoring: %m.");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
sysctl_buffer = sym_ring_buffer__new(
|
fd = sym_bpf_map__fd(obj->maps.written_sysctls);
|
||||||
sym_bpf_map__fd(obj->maps.written_sysctls),
|
if (fd < 0)
|
||||||
sysctl_event_handler, &manager->sysctl_shadow, NULL);
|
return log_warning_errno(fd, "Failed to get fd of sysctl maps: %m");
|
||||||
|
|
||||||
|
sysctl_buffer = sym_ring_buffer__new(fd, sysctl_event_handler, &manager->sysctl_shadow, NULL);
|
||||||
if (!sysctl_buffer)
|
if (!sysctl_buffer)
|
||||||
return log_warning_errno(errno, "Failed to create ring buffer: %m");
|
return log_warning_errno(errno, "Failed to create ring buffer: %m");
|
||||||
|
|
||||||
|
fd = sym_ring_buffer__epoll_fd(sysctl_buffer);
|
||||||
|
if (fd < 0)
|
||||||
|
return log_warning_errno(fd, "Failed to get poll fd of ring buffer: %m");
|
||||||
|
|
||||||
r = sd_event_add_io(manager->event, &manager->sysctl_event_source,
|
r = sd_event_add_io(manager->event, &manager->sysctl_event_source,
|
||||||
sym_ring_buffer__epoll_fd(sysctl_buffer), EPOLLIN, on_ringbuf_io, sysctl_buffer);
|
fd, EPOLLIN, on_ringbuf_io, sysctl_buffer);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_warning_errno(r, "Failed to watch sysctl event ringbuffer: %m");
|
return log_warning_errno(r, "Failed to watch sysctl event ringbuffer: %m");
|
||||||
|
|
||||||
|
@ -163,23 +163,11 @@ void sysctl_remove_monitor(Manager *manager) {
|
||||||
assert(manager);
|
assert(manager);
|
||||||
|
|
||||||
manager->sysctl_event_source = sd_event_source_disable_unref(manager->sysctl_event_source);
|
manager->sysctl_event_source = sd_event_source_disable_unref(manager->sysctl_event_source);
|
||||||
|
manager->sysctl_buffer = bpf_ring_buffer_free(manager->sysctl_buffer);
|
||||||
if (manager->sysctl_buffer) {
|
manager->sysctl_link = bpf_link_free(manager->sysctl_link);
|
||||||
sym_ring_buffer__free(manager->sysctl_buffer);
|
manager->sysctl_skel = sysctl_monitor_bpf_free(manager->sysctl_skel);
|
||||||
manager->sysctl_buffer = NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (manager->sysctl_link) {
|
|
||||||
sym_bpf_link__destroy(manager->sysctl_link);
|
|
||||||
manager->sysctl_link = NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (manager->sysctl_skel) {
|
|
||||||
sysctl_monitor_bpf__destroy(manager->sysctl_skel);
|
|
||||||
manager->sysctl_skel = NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
manager->cgroup_fd = safe_close(manager->cgroup_fd);
|
manager->cgroup_fd = safe_close(manager->cgroup_fd);
|
||||||
|
manager->sysctl_shadow = hashmap_free(manager->sysctl_shadow);
|
||||||
}
|
}
|
||||||
|
|
||||||
int sysctl_clear_link_shadows(Link *link) {
|
int sysctl_clear_link_shadows(Link *link) {
|
||||||
|
@ -222,13 +210,13 @@ static void manager_set_ip_forwarding(Manager *manager, int family) {
|
||||||
return; /* keep */
|
return; /* keep */
|
||||||
|
|
||||||
/* First, set the default value. */
|
/* First, set the default value. */
|
||||||
r = sysctl_write_ip_property_boolean(family, "default", "forwarding", t, &manager->sysctl_shadow);
|
r = sysctl_write_ip_property_boolean(family, "default", "forwarding", t, manager_get_sysctl_shadow(manager));
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_warning_errno(r, "Failed to %s the default %s forwarding: %m",
|
log_warning_errno(r, "Failed to %s the default %s forwarding: %m",
|
||||||
enable_disable(t), af_to_ipv4_ipv6(family));
|
enable_disable(t), af_to_ipv4_ipv6(family));
|
||||||
|
|
||||||
/* Then, set the value to all interfaces. */
|
/* Then, set the value to all interfaces. */
|
||||||
r = sysctl_write_ip_property_boolean(family, "all", "forwarding", t, &manager->sysctl_shadow);
|
r = sysctl_write_ip_property_boolean(family, "all", "forwarding", t, manager_get_sysctl_shadow(manager));
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_warning_errno(r, "Failed to %s %s forwarding for all interfaces: %m",
|
log_warning_errno(r, "Failed to %s %s forwarding for all interfaces: %m",
|
||||||
enable_disable(t), af_to_ipv4_ipv6(family));
|
enable_disable(t), af_to_ipv4_ipv6(family));
|
||||||
|
@ -273,7 +261,7 @@ static int link_update_ipv6_sysctl(Link *link) {
|
||||||
if (!link_ipv6_enabled(link))
|
if (!link_ipv6_enabled(link))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "disable_ipv6", false, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "disable_ipv6", false, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int link_set_proxy_arp(Link *link) {
|
static int link_set_proxy_arp(Link *link) {
|
||||||
|
@ -286,7 +274,7 @@ static int link_set_proxy_arp(Link *link) {
|
||||||
if (link->network->proxy_arp < 0)
|
if (link->network->proxy_arp < 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "proxy_arp", link->network->proxy_arp > 0, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "proxy_arp", link->network->proxy_arp > 0, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int link_set_proxy_arp_pvlan(Link *link) {
|
static int link_set_proxy_arp_pvlan(Link *link) {
|
||||||
|
@ -299,7 +287,7 @@ static int link_set_proxy_arp_pvlan(Link *link) {
|
||||||
if (link->network->proxy_arp_pvlan < 0)
|
if (link->network->proxy_arp_pvlan < 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "proxy_arp_pvlan", link->network->proxy_arp_pvlan > 0, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "proxy_arp_pvlan", link->network->proxy_arp_pvlan > 0, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
int link_get_ip_forwarding(Link *link, int family) {
|
int link_get_ip_forwarding(Link *link, int family) {
|
||||||
|
@ -341,7 +329,7 @@ static int link_set_ip_forwarding_impl(Link *link, int family) {
|
||||||
if (t < 0)
|
if (t < 0)
|
||||||
return 0; /* keep */
|
return 0; /* keep */
|
||||||
|
|
||||||
r = sysctl_write_ip_property_boolean(family, link->ifname, "forwarding", t, &link->manager->sysctl_shadow);
|
r = sysctl_write_ip_property_boolean(family, link->ifname, "forwarding", t, manager_get_sysctl_shadow(link->manager));
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_link_warning_errno(link, r, "Failed to %s %s forwarding, ignoring: %m",
|
return log_link_warning_errno(link, r, "Failed to %s %s forwarding, ignoring: %m",
|
||||||
enable_disable(t), af_to_ipv4_ipv6(family));
|
enable_disable(t), af_to_ipv4_ipv6(family));
|
||||||
|
@ -418,7 +406,7 @@ static int link_set_ipv4_rp_filter(Link *link) {
|
||||||
if (link->network->ipv4_rp_filter < 0)
|
if (link->network->ipv4_rp_filter < 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_property_int(AF_INET, link->ifname, "rp_filter", link->network->ipv4_rp_filter, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_int(AF_INET, link->ifname, "rp_filter", link->network->ipv4_rp_filter, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int link_set_ipv6_privacy_extensions(Link *link) {
|
static int link_set_ipv6_privacy_extensions(Link *link) {
|
||||||
|
@ -438,7 +426,7 @@ static int link_set_ipv6_privacy_extensions(Link *link) {
|
||||||
if (val == IPV6_PRIVACY_EXTENSIONS_KERNEL)
|
if (val == IPV6_PRIVACY_EXTENSIONS_KERNEL)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_property_int(AF_INET6, link->ifname, "use_tempaddr", (int) val, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_int(AF_INET6, link->ifname, "use_tempaddr", (int) val, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int link_set_ipv6_accept_ra(Link *link) {
|
static int link_set_ipv6_accept_ra(Link *link) {
|
||||||
|
@ -448,7 +436,7 @@ static int link_set_ipv6_accept_ra(Link *link) {
|
||||||
if (!link_is_configured_for_family(link, AF_INET6))
|
if (!link_is_configured_for_family(link, AF_INET6))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_property(AF_INET6, link->ifname, "accept_ra", "0", &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property(AF_INET6, link->ifname, "accept_ra", "0", manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int link_set_ipv6_dad_transmits(Link *link) {
|
static int link_set_ipv6_dad_transmits(Link *link) {
|
||||||
|
@ -461,7 +449,7 @@ static int link_set_ipv6_dad_transmits(Link *link) {
|
||||||
if (link->network->ipv6_dad_transmits < 0)
|
if (link->network->ipv6_dad_transmits < 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_property_int(AF_INET6, link->ifname, "dad_transmits", link->network->ipv6_dad_transmits, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_int(AF_INET6, link->ifname, "dad_transmits", link->network->ipv6_dad_transmits, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int link_set_ipv6_hop_limit(Link *link) {
|
static int link_set_ipv6_hop_limit(Link *link) {
|
||||||
|
@ -474,7 +462,7 @@ static int link_set_ipv6_hop_limit(Link *link) {
|
||||||
if (link->network->ipv6_hop_limit <= 0)
|
if (link->network->ipv6_hop_limit <= 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_property_int(AF_INET6, link->ifname, "hop_limit", link->network->ipv6_hop_limit, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_int(AF_INET6, link->ifname, "hop_limit", link->network->ipv6_hop_limit, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int link_set_ipv6_retransmission_time(Link *link) {
|
static int link_set_ipv6_retransmission_time(Link *link) {
|
||||||
|
@ -493,7 +481,7 @@ static int link_set_ipv6_retransmission_time(Link *link) {
|
||||||
if (retrans_time_ms <= 0 || retrans_time_ms > UINT32_MAX)
|
if (retrans_time_ms <= 0 || retrans_time_ms > UINT32_MAX)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "retrans_time_ms", retrans_time_ms, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "retrans_time_ms", retrans_time_ms, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int link_set_ipv6_proxy_ndp(Link *link) {
|
static int link_set_ipv6_proxy_ndp(Link *link) {
|
||||||
|
@ -510,7 +498,7 @@ static int link_set_ipv6_proxy_ndp(Link *link) {
|
||||||
else
|
else
|
||||||
v = !set_isempty(link->network->ipv6_proxy_ndp_addresses);
|
v = !set_isempty(link->network->ipv6_proxy_ndp_addresses);
|
||||||
|
|
||||||
return sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "proxy_ndp", v, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "proxy_ndp", v, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
int link_set_ipv6_mtu(Link *link, int log_level) {
|
int link_set_ipv6_mtu(Link *link, int log_level) {
|
||||||
|
@ -538,7 +526,7 @@ int link_set_ipv6_mtu(Link *link, int log_level) {
|
||||||
mtu = link->mtu;
|
mtu = link->mtu;
|
||||||
}
|
}
|
||||||
|
|
||||||
return sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "mtu", mtu, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "mtu", mtu, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int link_set_ipv4_accept_local(Link *link) {
|
static int link_set_ipv4_accept_local(Link *link) {
|
||||||
|
@ -551,7 +539,7 @@ static int link_set_ipv4_accept_local(Link *link) {
|
||||||
if (link->network->ipv4_accept_local < 0)
|
if (link->network->ipv4_accept_local < 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "accept_local", link->network->ipv4_accept_local > 0, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "accept_local", link->network->ipv4_accept_local > 0, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int link_set_ipv4_route_localnet(Link *link) {
|
static int link_set_ipv4_route_localnet(Link *link) {
|
||||||
|
@ -564,7 +552,7 @@ static int link_set_ipv4_route_localnet(Link *link) {
|
||||||
if (link->network->ipv4_route_localnet < 0)
|
if (link->network->ipv4_route_localnet < 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "route_localnet", link->network->ipv4_route_localnet > 0, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "route_localnet", link->network->ipv4_route_localnet > 0, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
static int link_set_ipv4_promote_secondaries(Link *link) {
|
static int link_set_ipv4_promote_secondaries(Link *link) {
|
||||||
|
@ -579,7 +567,7 @@ static int link_set_ipv4_promote_secondaries(Link *link) {
|
||||||
* otherwise. The way systemd-networkd works is that the new IP of a lease is added as a
|
* otherwise. The way systemd-networkd works is that the new IP of a lease is added as a
|
||||||
* secondary IP and when the primary one expires it relies on the kernel to promote the
|
* secondary IP and when the primary one expires it relies on the kernel to promote the
|
||||||
* secondary IP. See also https://github.com/systemd/systemd/issues/7163 */
|
* secondary IP. See also https://github.com/systemd/systemd/issues/7163 */
|
||||||
return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "promote_secondaries", true, &link->manager->sysctl_shadow);
|
return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "promote_secondaries", true, manager_get_sysctl_shadow(link->manager));
|
||||||
}
|
}
|
||||||
|
|
||||||
int link_set_sysctl(Link *link) {
|
int link_set_sysctl(Link *link) {
|
||||||
|
|
|
@ -6,6 +6,7 @@
|
||||||
#include "sd-daemon.h"
|
#include "sd-daemon.h"
|
||||||
|
|
||||||
#include "bpf-dlopen.h"
|
#include "bpf-dlopen.h"
|
||||||
|
#include "bpf-link.h"
|
||||||
#include "build-path.h"
|
#include "build-path.h"
|
||||||
#include "common-signal.h"
|
#include "common-signal.h"
|
||||||
#include "env-util.h"
|
#include "env-util.h"
|
||||||
|
@ -141,8 +142,7 @@ Manager* manager_free(Manager *m) {
|
||||||
|
|
||||||
#if HAVE_VMLINUX_H
|
#if HAVE_VMLINUX_H
|
||||||
sd_event_source_disable_unref(m->userns_restrict_bpf_ring_buffer_event_source);
|
sd_event_source_disable_unref(m->userns_restrict_bpf_ring_buffer_event_source);
|
||||||
if (m->userns_restrict_bpf_ring_buffer)
|
bpf_ring_buffer_free(m->userns_restrict_bpf_ring_buffer);
|
||||||
sym_ring_buffer__free(m->userns_restrict_bpf_ring_buffer);
|
|
||||||
userns_restrict_bpf_free(m->userns_restrict_bpf);
|
userns_restrict_bpf_free(m->userns_restrict_bpf);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
|
@ -31,7 +31,7 @@ int bpf_serialize_link(FILE *f, FDSet *fds, const char *key, struct bpf_link *li
|
||||||
return serialize_fd(f, fds, key, sym_bpf_link__fd(link));
|
return serialize_fd(f, fds, key, sym_bpf_link__fd(link));
|
||||||
}
|
}
|
||||||
|
|
||||||
struct bpf_link *bpf_link_free(struct bpf_link *link) {
|
struct bpf_link* bpf_link_free(struct bpf_link *link) {
|
||||||
/* If libbpf wasn't dlopen()ed, sym_bpf_link__destroy might be unresolved (NULL), so let's not try to
|
/* If libbpf wasn't dlopen()ed, sym_bpf_link__destroy might be unresolved (NULL), so let's not try to
|
||||||
* call it if link is NULL. link might also be a non-null "error pointer", but such a value can only
|
* call it if link is NULL. link might also be a non-null "error pointer", but such a value can only
|
||||||
* originate from a call to libbpf, but that means that libbpf is available, and we can let
|
* originate from a call to libbpf, but that means that libbpf is available, and we can let
|
||||||
|
@ -41,3 +41,10 @@ struct bpf_link *bpf_link_free(struct bpf_link *link) {
|
||||||
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
struct ring_buffer* bpf_ring_buffer_free(struct ring_buffer *rb) {
|
||||||
|
if (rb) /* See the comment in bpf_link_free(). */
|
||||||
|
sym_ring_buffer__free(rb);
|
||||||
|
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
|
@ -12,5 +12,8 @@ bool bpf_can_link_program(struct bpf_program *prog);
|
||||||
|
|
||||||
int bpf_serialize_link(FILE *f, FDSet *fds, const char *key, struct bpf_link *link);
|
int bpf_serialize_link(FILE *f, FDSet *fds, const char *key, struct bpf_link *link);
|
||||||
|
|
||||||
struct bpf_link *bpf_link_free(struct bpf_link *p);
|
struct bpf_link* bpf_link_free(struct bpf_link *p);
|
||||||
DEFINE_TRIVIAL_CLEANUP_FUNC(struct bpf_link *, bpf_link_free);
|
DEFINE_TRIVIAL_CLEANUP_FUNC(struct bpf_link *, bpf_link_free);
|
||||||
|
|
||||||
|
struct ring_buffer* bpf_ring_buffer_free(struct ring_buffer *rb);
|
||||||
|
DEFINE_TRIVIAL_CLEANUP_FUNC(struct ring_buffer *, bpf_ring_buffer_free);
|
||||||
|
|
|
@ -28,17 +28,16 @@ static int output_waiting_jobs(sd_bus *bus, Table *table, uint32_t id, const cha
|
||||||
|
|
||||||
while ((r = sd_bus_message_read(reply, "(usssoo)", &other_id, &name, &type, NULL, NULL, NULL)) > 0) {
|
while ((r = sd_bus_message_read(reply, "(usssoo)", &other_id, &name, &type, NULL, NULL, NULL)) > 0) {
|
||||||
_cleanup_free_ char *row = NULL;
|
_cleanup_free_ char *row = NULL;
|
||||||
int rc;
|
|
||||||
|
|
||||||
if (asprintf(&row, "%s %u (%s/%s)", prefix, other_id, name, type) < 0)
|
if (asprintf(&row, "%s %u (%s/%s)", prefix, other_id, name, type) < 0)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
rc = table_add_many(table,
|
r = table_add_many(table,
|
||||||
TABLE_STRING, special_glyph(SPECIAL_GLYPH_TREE_RIGHT),
|
TABLE_STRING, special_glyph(SPECIAL_GLYPH_TREE_RIGHT),
|
||||||
TABLE_STRING, row,
|
TABLE_STRING, row,
|
||||||
TABLE_EMPTY,
|
TABLE_EMPTY,
|
||||||
TABLE_EMPTY);
|
TABLE_EMPTY);
|
||||||
if (rc < 0)
|
if (r < 0)
|
||||||
return table_log_add_error(r);
|
return table_log_add_error(r);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue