Previously, dns_answer_add() was O(n^2).
With this change dns_packet_extract() becomes ~15 times faster for some
extremal case.
Before:
```
$ time ./fuzz-dns-packet ~/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808
/home/watanabe/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808... ok
real 0m15.453s
user 0m15.430s
sys 0m0.007s
```
After:
```
$ time ./fuzz-dns-packet ~/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808
/home/watanabe/downloads/clusterfuzz-testcase-minimized-fuzz-dns-packet-5631106733047808... ok
real 0m0.831s
user 0m0.824s
sys 0m0.006s
```
Hopefully fixes oss-fuzz#19227.
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19227
We already handle foreign routing policy rules correctly by the previous
commit. So, the serialization/deserialization of rules are not necessary
anymore.
networkd already drop foreign address, routes, and nexthops on startup,
except those created by kernel. However, previously, routing policy
rules were not. The logic of serialization/deserialization of rules only
works for rules created by previous invocation of networkd, and does not
work for one created by other tools like `ip rule`.
This makes networkd drop foreign routing policy rules except created by
kernel on startup. Also, remove rules created by networkd when the
corresponding links are dropped or networkd is stopping.
When compiling with CFLAGS='-Werror=maybe-uninitialized -Og' we get a
warning about uninitialized "next_timeout" variable.
Avoid the warning by adding an (unreachable) "default" label.
Fixes: c24288d21e ("sd-dhcp-client: correct dhcpv4 renew/rebind retransmit timeouts")
In situations where a service fails to start, systemd suggests the user to
use "journalctl -xe" to get details about the failure. While running this
command does provide some additional details, most of the information is
similar to what was already printed when the service fails.
often the actual reason for the failure can be found in the logs of the
service that fails to start.
This patch updates the wording to suggest using "-u" to view the service
logs instead.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit adds support for disabling the read and write
workqueues with the new crypttab options no-read-workqueue
and no-write-workqueue. These correspond to the cryptsetup
options --perf-no_read_workqueue and --perf-no_write_workqueue
respectively.
cdrom_id udev helper does not parse all MMC profiles. Following change
fixes this issue and parse all 34 profiles from all MMC standard versions.
Also it replaces magic constants by macros provided by linux/cdrom.h and
fixes cd_profiles_old_mmc() to issue READ_DISC_INFO command in two steps,
like it is doing kernel and also mkudffs.
Allow configuration for IPv6 discovered routes to be ignored instead of
adding them as a route. This can be used to block unwanted routes, for
example, you may wish to not receive some set of routes on an interface
if they are causing issues.
If users do not enable a service like systemd-time-wait-sync.target
(because they don't want to delay boot for external events, such as an
NTP sync), then timers should still take the the weaker time-set.target
feature into account, so that the clock is at least monotonic.
Hence, order timer units after both of the targets: time-sync.target
*and* time-set.target. That way, the right thing will happen regardless
if people have no NTP server (and thus also no
systemd-time-wait-sync.service or equivalent) or, only have an NTP
server (and no systemd-time-wait-sync.service), or have both.
Ordering after time-set.target is basically "free". The logic it is
backed by should be instant, without communication with the outside
going on. It's useful still so that time servers that implement the
timestamp from /var/ logic can run in later boot.
This is similar to the base64 support, but fixed-size hash values are
typically preferably presented as series of hex values, hence store them
here like that too.
Optionally, embedd PKCS#11 token URI and encrypted key in LUKS2 JSON
metadata header. That way it becomes very easy to unlock properly set up
PKCS#11-enabled LUKS2 volumes, a simple /etc/crypttab line like the
following suffices:
mytest /dev/disk/by-partuuid/41c1df55-e628-4dbb-8492-bc69d81e172e - pkcs11-uri=auto
Such a line declares that unlocking via PKCS#11 shall be attempted, and
the token URI and the encrypted key shall be read from the LUKS2 header.
An external key file for the encrypted PKCS#11 key is hence no longer
necessary, nor is specifying the precise URI to use.
So the currentl and only fd_is_mount_point() check is actually entirely
bogus: it passes "/" as filename argument, but that's not actually a
a valid filename, but an absolute path.
fd_is_mount_point() is written in a way tha the fd refers to a directory
and the specified path is a file directly below it that shall be
checked. The test call actually violated that rule, but still expected
success.
Let's fix this, and check for this explicitly, and refuse it.
Let's extend the test and move it to test-mountpoint-util.c where the
rest of the tests for related calls are placed.
Replaces: #18004Fixes: #17950
This allows them to be executed in parallel and also gives us
better reporting.
The dump files are renamed to avoid repeating "dmidecode-dump", since that
string is already present in the subdirectory name.
Add memory_id program to set properties about the physical memory
devices in the system. This is useful on machines with removable memory
modules to show how the machine can be upgraded, and on all devices to
detect the actual RAM size, without relying on the OS accessible amount.
Closes: #16651