If we're using a set with _put_strdup(), most of the time we want to use
string hash ops on the set, and free the strings when done. This defines
the appropriate a new string_hash_ops_free structure to automatically free
the keys when removing the set, and makes set_put_strdup() and set_put_strdupv()
instantiate the set with those hash ops.
hashmap_put_strdup() was already doing something similar.
(It is OK to instantiate the set earlier, possibly with a different hash ops
structure. set_put_strdup() will then use the existing set. It is also OK
to call set_free_free() instead of set_free() on a set with
string_hash_ops_free, the effect is the same, we're just overriding the
override of the cleanup function.)
No functional change intended.
Let's be extra careful whenever we return from recvmsg() and see
MSG_CTRUNC set. This generally means we ran into a programming error, as
we didn't size the control buffer large enough. It's an error condition
we should at least log about, or propagate up. Hence do that.
This is particularly important when receiving fds, since for those the
control data can be of any size. In particular on stream sockets that's
nasty, because if we miss an fd because of control data truncation we
cannot recover, we might not even realize that we are one off.
(Also, when failing early, if there's any chance the socket might be
AF_UNIX let's close all received fds, all the time. We got this right
most of the time, but there were a few cases missing. God, UNIX is hard
to use)
The function sd_device_get_property_value has some paths where it exits without
touching the n pointer. In those cases, n remained uninitialized until it was
eventually read inside isempty where it caused the segmentation fault.
Fixes#15078
The names with multiple lowercase words run together are hard to read. We
started that way with very short names like rootprefix, but then same pattern
was applied to longer and longer names. Looking at the body of .pc files
available on my machine, many packages use underscores; let's do the same. Old
names are kept for compatiblity, so this is backwards compatible.
Up to now each uevent logs the following things at debug level:
- Device is queued
- Processing device
- Device processed
However when the device is queued it might still have to wait for
earlier devices to be processed before being able to start being
processed itself. When analysing logs this dependency information is
quite cruicial, so add respective debug log calls.
Add SECLABEL{selinux}="some value" cause udevadm crash
systemd-udevd[x]: Worker [x] terminated by signal 11 (SEGV)
It happens since 25de7aa7b9 (Yu Watanabe 2019-04-25 01:21:11 +0200)
when udev rules processing changed to token model. Yu forgot store
attr to SECLABEL token so fix it.
Where we have a device that looks like a mouse and is connected over i2c, tag
it as pointing stick. There is no such thing as a i2c mouse.
Even touchpads that aren't recognized by the kernel will not show up as i2c
mouse - either the touchpad follows the Win8.1 specs in which case the kernel
switches it to multitouch mode and it shows up like a touchpad. The built-in
trackpoint, if any, is then the i2c mouse device.
Where the touchpad doesn't follow the spec, the kernel will not handle it and
the touchpad remains on the PS/2 legacy bus - not i2c. Hence we can assume
that any i2c mouse device is really a pointing stick.
If the peripheral device type is that of a host managed zone block device (0x14),
the device supports the same identification mechanisms as conventional disks (0x00).
Two releases ago we started warning about this, and I think it is now to turn
this into a hard error. People get bitten by this every once in a while, and
there doesn't see to be any legitimate use case where the same .link or
.network files should be applied to _all_ interfaces, since in particular that
configuration would apply both to lo and any other interfaces. And if for
whatever reason that is actually desired, OriginalName=* or Name=* can be
easily added to silence the warning and achieve the effect.
(The case described in #12098 is particularly nasty: 'echo -n >foo.network'
creates a mask file, 'echo >foo.network' creates a "match all" file.)
Fixes#717, #12098 for realz now.
When running the program with udev_event_spawn it is possible to miss
output in stdout when the program exits causing the result to be empty
which can cause rules using the result to not function correctly.
This is due to the on_spawn_sigchld callback being processed while IO is
still pending and causing the event loop to exit.
To correct this the sigchld event source is made a lower priority than
the other event sources to ensure it is processed after IO. This
requires changing the IO event source to oneshot and re-enabling it when
valid data is read but not for EOF, this prevents the empty pipes
constantly generating IO events.
If udevd receives an exit signal, it releases its reference on the udev
monitor in manager_exit(). If at this time a worker is hanging, and if
the event timeout for this worker expires before udevd exits, udevd
crashes in on_sigchld()->udev_monitor_send_device(), because the monitor
has already been freed.
Fix this by testing the validity of manager->monitor in on_sigchld().
If udevd receives an exit signal, it releases its reference on the udev
monitor in manager_exit(). If at this time a worker is hanging, and if
the event timeout for this worker expires before udevd exits, udevd
crashes in on_sigchld()->udev_monitor_send_device(), because the monitor
has already been freed.
Fix this by releasing the main process's monitor ref later, in
manager_free().
On some systems with lots of devices, device probing for certain drivers can
take a very long time. If systemd-udevd detects a timeout and kills the worker
running modprobe using SIGKILL, some devices will not be probed, or end up in
unusable state. The --event-timeout option can be used to modify the maximum
time spent in an uevent handler. But if systemd-udevd exits, it uses a
different timeout, hard-coded to 30s, and exits when this timeout expires,
causing all workers to be KILLed by systemd afterwards. In practice, this may
lead to workers being killed after significantly less time than specified with
the event-timeout. This is particularly significant during initrd processing:
systemd-udevd will be stopped by systemd when initrd-switch-root.target is
about to be isolated, which usually happens quickly after finding and mounting
the root FS.
If systemd-udevd is started by PID 1 (i.e. basically always), systemd will
kill both udevd and the workers after expiry of TimeoutStopSec. This is
actually better than the built-in udevd timeout, because it's more transparent
and configurable for users. This way users can avoid the mentioned boot problem
by simply increasing StopTimeoutSec= in systemd-udevd.service.
If udevd is not started by systemd (standalone), this is still an
improvement. udevd will kill hanging workers when the event timeout is
reached, which is configurable via the udev.event_timeout= kernel
command line parameter. Before this patch, udevd would simply exit with
workers still running, which would then become zombie processes.
With the timeout removed, the sd_event_now() assertion in manager_exit() can be
dropped.
When autoclose is set (kernel default but many distributions reverse the
setting) opening a CD-rom device causes the tray to close.
The function of blkid is to report the current state of the device and
not to change it. Hence it should use O_NONBLOCK when opening the
device to avoid closing a CD-rom tray.
blkid is used liberally in scripts so it can potentially interfere with
the user operating the CD-rom hardware.
[kzak@redhat.com: add O_NONBLOCK also to:
- wipefs
- blkid_new_probe_from_filename()
- blkid_evaluate_tag()]
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Signed-off-by: Karel Zak <kzak@redhat.com>
(cherry picked from commit 39f5af25982d8b0244000e92a9d0e0e6557d0e17)
chase_symlinks() would return negative on error, and either a non-negative status
or a non-negative fd when CHASE_OPEN was given. This made the interface quite
complicated, because dependning on the flags used, we would get two different
"types" of return object. Coverity was always confused by this, and flagged
every use of chase_symlinks() without CHASE_OPEN as a resource leak (because it
would this that an fd is returned). This patch uses a saparate output parameter,
so there is no confusion.
(I think it is OK to have functions which return either an error or an fd. It's
only returning *either* an fd or a non-fd that is confusing.)
When you have a CD automunt solution that talks directly to the kernel
independently of udev it races with cdrom_id for exclusive access to the
device failing unpredictably.
The whole is_mounted function in cdrom_id is broken: there is no saying
what happens between calling is_mounted and opening the device.
Hence assume that the device can be mounted asynchronously at any time,
do not use exclusive access, and do away with is_mouted.
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
Currently, there is no way to match against system-wide constants, such
as architecture or virtualization type, without forking helper binaries.
That potentially results in a huge number of spawned processes which
output always the same answer.
This patch introduces a special CONST keyword which takes a hard-coded
string as its key and returns a value assigned to that key. Currently
implemented are CONST{arch} and CONST{virt}, which can be used to match
against the system's architecture and virtualization type.
Original revisions of the SAT (SCSI-ATA Translation) specification
required that all sense data be reported in Descriptor Format (72h).
Later revisions specifcally allow and account for sense data being
reported in Fixed Format (70h).
The current code checks for a Descriptor Format sense structure (0x72),
then looks specifically at the first byte of the first descriptor for the
ATA specific code 0x9, cross referencing it with the first byte which is
just a length field 0x0c (as a sanity check).
In the Fixed Format case(0x70), we can fall back to using the top-level
SCSI Sense data for the Additional Sense code (0x0) and then the
Additional Sense Code Qualifier (0x1d),
That identifies that the sense data is of the format associated with:
`ATA PASS THROUGH INFORMATION AVAILABLE`.
This fallback mechanism retains support for SATLs compliant with ANSI
INCITS 431-2007, and enables support for Fixed Format Sense data
enabled by SATLs with later revisions.
Glad to do so. This patch allows ata_id to export attributes correctly. I believe that any drive can potentially return information in this format on any SATL using the libata-scsi (the Linux builtin SATL), but in this particular case, it appears it is the SATL itself. Attaching the disk to the AHCI controller changes the behavior impacted here. (Not entirely surprisingly, SATLs are are pretty inconsistent).
Test:
This case specifically is an LSI SATL. I'll illustrate that without the patch, ata_id does not return
any output for a valid SATA drive but after the patch does.
1. Verify the device is ATA, by looking at the vpd page specific to ATA drives
```
root@machine:~# sg_vpd -p ai /dev/sdn
ATA information VPD page:
SAT Vendor identification: LSI
SAT Product identification: LSI SATL
SAT Product revision level: 0008
Device signature indicates SATA transport
ATA command IDENTIFY DEVICE response summary:
model: HGST HUH728080ALE604
serial number: ZZZZH3VX
firmware revision: A4GNW7J0
```
2. Look at what udev thinks of the disk, it says ID_BUS=scsi
ATA information says ID_MODEL should be HGST_HUH728080ALE604
udev says it is HGST_HUH728080AL (Missing E604, 4 bytes), and no ATA attributes are
populated.
```
root@machine:~# udevadm info -q all /dev/sdn
P: /devices/pci0000:00/0000:00:03.0/0000:05:00.0/host2/port-2:0/expander-2:0/port-2:0:11/end_device-2:0:11/target2:0:11/2:0:11:0/block/sdn
N: sdn
S: disk/by-id/scsi-35000cca23be1dc3c
S: disk/by-id/wwn-0x5000cca23be1dc3c
S: disk/by-path/pci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0
E: DEVLINKS=/dev/disk/by-id/wwn-0x5000cca23be1dc3c /dev/disk/by-id/scsi-35000cca23be1dc3c /dev/disk/by-path/pci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0
E: DEVNAME=/dev/sdn
E: DEVPATH=/devices/pci0000:00/0000:00:03.0/0000:05:00.0/host2/port-2:0/expander-2:0/port-2:0:11/end_device-2:0:11/target2:0:11/2:0:11:0/block/sdn
E: DEVTYPE=disk
E: ID_BUS=scsi
E: ID_MODEL=HGST_HUH728080AL
E: ID_MODEL_ENC=HGST\x20HUH728080AL
E: ID_PATH=pci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0
E: ID_PATH_TAG=pci-0000_05_00_0-sas-exp0x500605b0000272bf-phy11-lun-0
E: ID_REVISION=W7J0
E: ID_SCSI=1
E: ID_SCSI_SERIAL=ZZZZH3VX
E: ID_SERIAL=35000cca23be1dc3c
E: ID_SERIAL_SHORT=5000cca23be1dc3c
E: ID_TYPE=disk
E: ID_VENDOR=ATA
E: ID_VENDOR_ENC=ATA\x20\x20\x20\x20\x20
E: ID_WWN=0x5000cca23be1dc3c
E: ID_WWN_WITH_EXTENSION=0x5000cca23be1dc3c
E: MAJOR=8
E: MINOR=208
E: SUBSYSTEM=block
E: TAGS=:systemd:
```
3. Run ata_id (unpatched) (Outputs nothing, RC=2)
```
root@machine:~# strace -e ioctl /lib/udev/ata_id /dev/sdn -x
ioctl(3, SG_IO, {'Q', BSG_PROTOCOL_SCSI, BSG_SUB_PROTOCOL_SCSI_CMD, request[6]=[12, 00, 00, 00, 24, 00], request_tag=0, request_attr=0, request_priority=0, request_extra=0, max_response_len=32, dout_iovec_count=0, dout_xfer_len=0, din_iovec_count=0, din_xfer_len=36, timeout=30000, flags=0, usr_ptr=0, spare_in=0, dout[0]=NULL}) = -1 EINVAL (Invalid argument)
ioctl(3, SG_IO, {'S', SG_DXFER_FROM_DEV, cmd[6]=[12, 00, 00, 00, 24, 00], mx_sb_len=32, iovec_count=0, dxfer_len=36, timeout=30000, flags=0, data[36]=[00, 00, 06, 12, 45, 00, 00, 02, 41, 54, 41, 20, 20, 20, 20, 20, 48, 47, 53, 54, 20, 48, 55, 48, 37, 32, 38, 30, 38, 30, 41, 4c, ...], status=00, masked_status=00, sb[0]=[], host_status=0, driver_status=0, resid=0, duration=1, info=0}) = 0
ioctl(3, SG_IO, {'Q', BSG_PROTOCOL_SCSI, BSG_SUB_PROTOCOL_SCSI_CMD, request[12]=[a1, 08, 2e, 00, 01, 00, 00, 00, 00, ec, 00, 00], request_tag=0, request_attr=0, request_priority=0, request_extra=0, max_response_len=32, dout_iovec_count=0, dout_xfer_len=0, din_iovec_count=0, din_xfer_len=512, timeout=30000, flags=0, usr_ptr=0, spare_in=0, dout[0]=NULL}) = -1 EINVAL (Invalid argument)
ioctl(3, SG_IO, {'S', SG_DXFER_FROM_DEV, cmd[12]=[a1, 08, 2e, 00, 01, 00, 00, 00, 00, ec, 00, 00], mx_sb_len=32, iovec_count=0, dxfer_len=512, timeout=30000, flags=0, data[0]=[], status=02, masked_status=01, sb[18]=[70, 00, 01, 00, 00, 00, 00, 0a, 00, 00, 00, 00, 00, 1d, 00, 00, 00, 00], host_status=0, driver_status=0x8, resid=512, duration=0, info=0x1}) = 0
ioctl(3, HDIO_GET_IDENTITY, 0x7ffe408f7590) = -1 EINVAL (Invalid argument)
+++ exited with 2 +++
```
Sense buffers visible with the strace:
`sb[18]=[70, 00, 01, 00, 00, 00, 00, 0a, 00, 00, 00, 00, 00, 1d, 00, 00, 00, 00]` is the important bit, see 70, 0a and 1d bytes
4. Run patched version: model is HGST_HUH728080ALE604 as expected, ATA attributes are
correctly populated.
```
root@machine:~# ./ata_id /dev/sdn -x
ID_ATA=1
ID_TYPE=disk
ID_BUS=ata
ID_MODEL=HGST_HUH728080ALE604
ID_MODEL_ENC=HGST\x20HUH728080ALE604\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20
ID_REVISION=A4GNW7J0
ID_SERIAL=HGST_HUH728080ALE604_ZZZZH3VX
ID_SERIAL_SHORT=ZZZZH3VX
ID_ATA_WRITE_CACHE=1
ID_ATA_WRITE_CACHE_ENABLED=1
ID_ATA_FEATURE_SET_HPA=1
ID_ATA_FEATURE_SET_HPA_ENABLED=1
ID_ATA_FEATURE_SET_PM=1
ID_ATA_FEATURE_SET_PM_ENABLED=1
ID_ATA_FEATURE_SET_SECURITY=1
ID_ATA_FEATURE_SET_SECURITY_ENABLED=0
ID_ATA_FEATURE_SET_SECURITY_ERASE_UNIT_MIN=66522
ID_ATA_FEATURE_SET_SMART=1
ID_ATA_FEATURE_SET_SMART_ENABLED=1
ID_ATA_FEATURE_SET_PUIS=1
ID_ATA_FEATURE_SET_PUIS_ENABLED=0
ID_ATA_FEATURE_SET_APM=1
ID_ATA_FEATURE_SET_APM_ENABLED=1
ID_ATA_FEATURE_SET_APM_CURRENT_VALUE=254
ID_ATA_DOWNLOAD_MICROCODE=1
ID_ATA_SATA=1
ID_ATA_SATA_SIGNAL_RATE_GEN2=1
ID_ATA_SATA_SIGNAL_RATE_GEN1=1
ID_ATA_ROTATION_RATE_RPM=7200
ID_WWN=0x5000cca23be1dc3c
ID_WWN_WITH_EXTENSION=0x5000cca23be1dc3c
```
5. Drop it in place and verify: we see that ata_id does work.
```
root@hw1-b01left-2212a:~# udevadm test /block/sdn
<truncated>
GROUP 6 /lib/udev/rules.d/50-udev-default.rules:55
IMPORT 'ata_id --export /dev/sdn' /lib/udev/rules.d/60-persistent-storage.rules:33
starting 'ata_id --export /dev/sdn'
'ata_id --export /dev/sdn'(out) 'ID_ATA=1'
'ata_id --export /dev/sdn'(out) 'ID_TYPE=disk'
'ata_id --export /dev/sdn'(out) 'ID_BUS=ata'
'ata_id --export /dev/sdn'(out) 'ID_MODEL=HGST_HUH728080ALE604'
'ata_id --export /dev/sdn'(out) 'ID_MODEL_ENC=HGST\x20HUH728080ALE604\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20'
'ata_id --export /dev/sdn'(out) 'ID_REVISION=A4GNW7J0'
'ata_id --export /dev/sdn'(out) 'ID_SERIAL=HGST_HUH728080ALE604_ZZZZH3VX'
'ata_id --export /dev/sdn'(out) 'ID_SERIAL_SHORT=ZZZZH3VX'
'ata_id --export /dev/sdn'(out) 'ID_ATA_WRITE_CACHE=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_WRITE_CACHE_ENABLED=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_HPA=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_HPA_ENABLED=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_PM=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_PM_ENABLED=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_SECURITY=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_SECURITY_ENABLED=0'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_SECURITY_ERASE_UNIT_MIN=66522'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_SMART=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_SMART_ENABLED=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_PUIS=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_PUIS_ENABLED=0'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_APM=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_APM_ENABLED=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_FEATURE_SET_APM_CURRENT_VALUE=254'
'ata_id --export /dev/sdn'(out) 'ID_ATA_DOWNLOAD_MICROCODE=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_SATA=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_SATA_SIGNAL_RATE_GEN2=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_SATA_SIGNAL_RATE_GEN1=1'
'ata_id --export /dev/sdn'(out) 'ID_ATA_ROTATION_RATE_RPM=7200'
'ata_id --export /dev/sdn'(out) 'ID_WWN=0x5000cca23be1dc3c'
'ata_id --export /dev/sdn'(out) 'ID_WWN_WITH_EXTENSION=0x5000cca23be1dc3c'
Process 'ata_id --export /dev/sdn' succeeded.
LINK 'disk/by-id/ata-HGST_HUH728080ALE604_ZZZZH3VX' /lib/udev/rules.d/60-persistent-storage.rules:47
IMPORT builtin 'path_id' /lib/udev/rules.d/60-persistent-storage.rules:65
LINK 'disk/by-path/pci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0' /lib/udev/rules.d/60-persistent-storage.rules:66
IMPORT builtin 'blkid' /lib/udev/rules.d/60-persistent-storage.rules:81
probe /dev/sdn raid offset=0
LINK 'disk/by-id/wwn-0x5000cca23be1dc3c' /lib/udev/rules.d/60-persistent-storage.rules:88
RUN '/usr/lib/python-dsnet-appliance/hotplug disk udev-disk-add' /etc/udev/rules.d/99-appliance-hotplug.rules:1
update old name, '/dev/disk/by-id/scsi-35000cca23be1dc3c' no longer belonging to '/devices/pci0000:00/0000:00:03.0/0000:05:00.0/host2/port-2:0/expander-2:0/port-2:0:11/end_device-2:0:11/target2:0:11/2:0:11:0/block/sdn'
no reference left, remove '/dev/disk/by-id/scsi-35000cca23be1dc3c'
handling device node '/dev/sdn', devnum=b8:208, mode=0660, uid=0, gid=6
preserve permissions /dev/sdn, 060660, uid=0, gid=6
preserve already existing symlink '/dev/block/8:208' to '../sdn'
creating link '/dev/disk/by-id/ata-HGST_HUH728080ALE604_ZZZZH3VX' to '/dev/sdn'
creating symlink '/dev/disk/by-id/ata-HGST_HUH728080ALE604_ZZZZH3VX' to '../../sdn'
found 'b8:208' claiming '/run/udev/links/\x2fdisk\x2fby-id\x2fwwn-0x5000cca23be1dc3c'
creating link '/dev/disk/by-id/wwn-0x5000cca23be1dc3c' to '/dev/sdn'
preserve already existing symlink '/dev/disk/by-id/wwn-0x5000cca23be1dc3c' to '../../sdn'
found 'b8:208' claiming '/run/udev/links/\x2fdisk\x2fby-path\x2fpci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0'
creating link '/dev/disk/by-path/pci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0' to '/dev/sdn'
preserve already existing symlink '/dev/disk/by-path/pci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0' to '../../sdn'
created db file '/run/udev/data/b8:208' for '/devices/pci0000:00/0000:00:03.0/0000:05:00.0/host2/port-2:0/expander-2:0/port-2:0:11/end_device-2:0:11/target2:0:11/2:0:11:0/block/sdn'
ACTION=add
DEVLINKS=/dev/disk/by-path/pci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0 /dev/disk/by-id/ata-HGST_HUH728080ALE604_ZZZZH3VX /dev/disk/by-id/wwn-0x5000cca23be1dc3c
DEVNAME=/dev/sdn
DEVPATH=/devices/pci0000:00/0000:00:03.0/0000:05:00.0/host2/port-2:0/expander-2:0/port-2:0:11/end_device-2:0:11/target2:0:11/2:0:11:0/block/sdn
DEVTYPE=disk
ID_ATA=1
ID_ATA_DOWNLOAD_MICROCODE=1
ID_ATA_FEATURE_SET_APM=1
ID_ATA_FEATURE_SET_APM_CURRENT_VALUE=254
ID_ATA_FEATURE_SET_APM_ENABLED=1
ID_ATA_FEATURE_SET_HPA=1
ID_ATA_FEATURE_SET_HPA_ENABLED=1
ID_ATA_FEATURE_SET_PM=1
ID_ATA_FEATURE_SET_PM_ENABLED=1
ID_ATA_FEATURE_SET_PUIS=1
ID_ATA_FEATURE_SET_PUIS_ENABLED=0
ID_ATA_FEATURE_SET_SECURITY=1
ID_ATA_FEATURE_SET_SECURITY_ENABLED=0
ID_ATA_FEATURE_SET_SECURITY_ERASE_UNIT_MIN=66522
ID_ATA_FEATURE_SET_SMART=1
ID_ATA_FEATURE_SET_SMART_ENABLED=1
ID_ATA_ROTATION_RATE_RPM=7200
ID_ATA_SATA=1
ID_ATA_SATA_SIGNAL_RATE_GEN1=1
ID_ATA_SATA_SIGNAL_RATE_GEN2=1
ID_ATA_WRITE_CACHE=1
ID_ATA_WRITE_CACHE_ENABLED=1
ID_BUS=ata
ID_MODEL=HGST_HUH728080ALE604
ID_MODEL_ENC=HGST\x20HUH728080ALE604\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20
ID_PATH=pci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0
ID_PATH_TAG=pci-0000_05_00_0-sas-exp0x500605b0000272bf-phy11-lun-0
ID_REVISION=A4GNW7J0
ID_SERIAL=HGST_HUH728080ALE604_ZZZZH3VX
ID_SERIAL_SHORT=ZZZZH3VX
ID_TYPE=disk
ID_WWN=0x5000cca23be1dc3c
ID_WWN_WITH_EXTENSION=0x5000cca23be1dc3c
MAJOR=8
MINOR=208
SUBSYSTEM=block
TAGS=:systemd:
USEC_INITIALIZED=6055690
run: '/usr/lib/python-dsnet-appliance/hotplug disk udev-disk-add'
Unload module index
Unloaded link configuration context.
```
6. Query just to double check: (ID_BUS=ata, model correct, etc).
```
root@machine:~# udevadm info /dev/sdn
P: /devices/pci0000:00/0000:00:03.0/0000:05:00.0/host2/port-2:0/expander-2:0/port-2:0:11/end_device-2:0:11/target2:0:11/2:0:11:0/block/sdn
N: sdn
S: disk/by-id/ata-HGST_HUH728080ALE604_ZZZZH3VX
S: disk/by-id/wwn-0x5000cca23be1dc3c
S: disk/by-path/pci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0
E: DEVLINKS=/dev/disk/by-id/wwn-0x5000cca23be1dc3c /dev/disk/by-path/pci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0 /dev/disk/by-id/ata-HGST_HUH728080ALE604_ZZZZH3VX
E: DEVNAME=/dev/sdn
E: DEVPATH=/devices/pci0000:00/0000:00:03.0/0000:05:00.0/host2/port-2:0/expander-2:0/port-2:0:11/end_device-2:0:11/target2:0:11/2:0:11:0/block/sdn
E: DEVTYPE=disk
E: ID_ATA=1
E: ID_ATA_DOWNLOAD_MICROCODE=1
E: ID_ATA_FEATURE_SET_APM=1
E: ID_ATA_FEATURE_SET_APM_CURRENT_VALUE=254
E: ID_ATA_FEATURE_SET_APM_ENABLED=1
E: ID_ATA_FEATURE_SET_HPA=1
E: ID_ATA_FEATURE_SET_HPA_ENABLED=1
E: ID_ATA_FEATURE_SET_PM=1
E: ID_ATA_FEATURE_SET_PM_ENABLED=1
E: ID_ATA_FEATURE_SET_PUIS=1
E: ID_ATA_FEATURE_SET_PUIS_ENABLED=0
E: ID_ATA_FEATURE_SET_SECURITY=1
E: ID_ATA_FEATURE_SET_SECURITY_ENABLED=0
E: ID_ATA_FEATURE_SET_SECURITY_ERASE_UNIT_MIN=66522
E: ID_ATA_FEATURE_SET_SMART=1
E: ID_ATA_FEATURE_SET_SMART_ENABLED=1
E: ID_ATA_ROTATION_RATE_RPM=7200
E: ID_ATA_SATA=1
E: ID_ATA_SATA_SIGNAL_RATE_GEN1=1
E: ID_ATA_SATA_SIGNAL_RATE_GEN2=1
E: ID_ATA_WRITE_CACHE=1
E: ID_ATA_WRITE_CACHE_ENABLED=1
E: ID_BUS=ata
E: ID_MODEL=HGST_HUH728080ALE604
E: ID_MODEL_ENC=HGST\x20HUH728080ALE604\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20
E: ID_PATH=pci-0000:05:00.0-sas-exp0x500605b0000272bf-phy11-lun-0
E: ID_PATH_TAG=pci-0000_05_00_0-sas-exp0x500605b0000272bf-phy11-lun-0
E: ID_REVISION=A4GNW7J0
E: ID_SERIAL=HGST_HUH728080ALE604_ZZZZH3VX
E: ID_SERIAL_SHORT=ZZZZH3VX
E: ID_TYPE=disk
E: ID_WWN=0x5000cca23be1dc3c
E: ID_WWN_WITH_EXTENSION=0x5000cca23be1dc3c
E: MAJOR=8
E: MINOR=208
E: SUBSYSTEM=block
E: TAGS=:systemd:
E: USEC_INITIALIZED=6055690
```
If I install the same disk into a machine using an ATA driver, this behavior changes:
```
root@machine2:~# sg_vpd -p ai /dev/sdb
ATA information VPD page:
SAT Vendor identification: linux
SAT Product identification: libata
SAT Product revision level: 3.00
Device signature indicates SATA transport
ATA command IDENTIFY DEVICE response summary:
model: HGST HUH728080ALE604
serial number: ZZZZH3VX
firmware revision: A4GNW7J0
root@machine-2:~# /lib/udev/ata_id -x /dev/sdb
ID_ATA=1
ID_TYPE=disk
ID_BUS=ata
ID_MODEL=HGST_HUH728080ALE604
ID_MODEL_ENC=HGST\x20HUH728080ALE604\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20
ID_REVISION=A4GNW7J0
<truncated>
```
Inside container, writing file returns EACCESS. Moreover, some devices
return ENODEV rather than EACCES. So, let's also ignore these two
error causes.
Closes#13652.
I want to use efivars.[ch] in proc-cmdline.c, but most of the efivars stuff is
not needed in basic/. Move the file from shared/ to basic/, but then move back
most of the higher-level functions to the new shared/efi-loader.c file.
Add a fido_id program meant to be run for devices in the hidraw
subsystem via an IMPORT directive. The program parses the HID report
descriptor and assigns the ID_SECURITY_TOKEN environment variable if a
declared usage matches the FIDO_CTAPHID_USAGE declared in the FIDO CTAP
specification. This replaces the previous approach of whitelisting all
known security token models manually.
This commit is accompanied by a test suite and a fuzzer target for the
descriptor parsing routine.
Fixes: #11996.
let's add [static] where it was missing so far
Drop [static] on parameters that can be NULL.
Add an assert() around parameters that have [static] and can't be NULL
hence.
Add some "const" where it was forgotten.
We'd log to the "console", losing structured logs during configuration file parsing.
Let's be nice to journalctl users, and log to the journal immediately.
This partially reverts 25de7aa7b9. I don't think the
change was intended there.
The problem I'm trying to solve: for /dev/kvm we get first an ADD uevent, and
then CHANGE whenever something connects or disconnects to the character device.
The rules in 50-default-udev.rules set UID, GID, and MODE on ADD, but not on
CHANGE. When the change event happens, we would reset the ownership and
permissions.
This happens because node_permissions_apply() would (after 25de7aa7b9)
set uid=gid=0 if they weren't set by the rules.
So let's only pass uid/gid/mode to node_permissions_apply() if appropriately
configured. Also let node_permissions_apply() do the skip of uid/gid/mode if
not set, and rename "always_apply" to more closely reflect its meaning.
It is pretty hard to figure out what the problem actually is, esp. when the rule
is long.
On my machine:
systemd[1]: Starting udev Kernel Device Manager...
systemd-udevd[217399]: /usr/lib/udev/rules.d/11-dm-lvm.rules:40 Invalid value for OPTIONS key, ignoring: 'event_timeout=180'
systemd-udevd[217399]: /usr/lib/udev/rules.d/11-dm-lvm.rules:40 The line takes no effect, ignoring.
systemd-udevd[217399]: /etc/udev/rules.d/60-ipath.rules:4 Invalid value "kcopy/%02n" for NAME (char 7: invalid substitution type), ignoring, but please fix it.
systemd-udevd[217399]: /usr/lib/udev/rules.d/65-md-incremental.rules:28 Invalid value "/sbin/mdadm -I $env{DEVNAME} --export $devnode --offroot ${DEVLINKS}" for IMPORT (char 58: invalid substitution type), ignoring, but please fix it.
systemd-udevd[217399]: /etc/udev/rules.d/73-special-net-names.rules:14 Invalid value "/bin/sh -ec 'D=${DEVPATH#*/vio/}; D=${D%%%%/*}; D=${D#????}; D=${D#0}; D=${D#0}; D=${D#0}; D=${D#0}; echo ${D:-0}'" for PROGRAM (char 16: invalid substitution type), ignoring, but please fix it.
systemd-udevd[217399]: /usr/lib/udev/rules.d/84-nm-drivers.rules:10 Invalid value "/bin/sh -c 'ethtool -i $1 | sed -n s/^driver:\ //p' -- $env{INTERFACE}" for PROGRAM (char 24: invalid substitution type), ignoring, but please fix it.
systemd-udevd[217399]: /usr/lib/udev/rules.d/90-libgpod.rules:19 IMPORT key takes '==' or '!=' operator, assuming '==', but please fix it.
systemd-udevd[217399]: /usr/lib/udev/rules.d/90-libgpod.rules:23 IMPORT key takes '==' or '!=' operator, assuming '==', but please fix it.
systemd-udevd[217399]: /usr/lib/udev/rules.d/99-vmware-scsi-udev.rules:5 Invalid value "/bin/sh -c 'echo 180 >/sys$DEVPATH/device/timeout'" for RUN (char 27: invalid substitution type), ignoring, but please fix it.
systemd-udevd[217399]: /usr/lib/udev/rules.d/99-vmware-scsi-udev.rules:6 Invalid value "/bin/sh -c 'echo 180 >/sys$DEVPATH/device/timeout'" for RUN (char 27: invalid substitution type), ignoring, but please fix it.
systemd[1]: Started udev Kernel Device Manager.
# udevadm control --property=HELLO=WORLD
Received udev control message (ENV), unsetting 'HELLO'
# udevadm control --property=HELLO=
Received udev control message (ENV), setting 'HELLO='
Oh no, it's busted. Let's try removing this one little negation real quick
to see if it helps...
# udevadm control --property=HELLO=WORLD
Received udev control message (ENV), setting 'HELLO=WORLD'
# udevadm control --property=HELLO=
Received udev control message (ENV), unsetting 'HELLO'
Feels much better now.
This is for 6d36464065. It turns out that this is causing more problems than
expected. Let's retroactively introduce naming scheme v241 to conditionalize
this change.
Follow-up for #12792 and 6d36464065. See also
https://bugzilla.suse.com/show_bug.cgi?id=1136600.
$ SYSTEMD_LOG_LEVEL=debug NET_NAMING_SCHEME=v240 build/udevadm test-builtin net_setup_link /sys/class/net/br11
$ SYSTEMD_LOG_LEVEL=debug NET_NAMING_SCHEME=v241 build/udevadm test-builtin net_setup_link /sys/class/net/br11
...
@@ -20,11 +20,13 @@
link_config: could not set ethtool features for br11
Could not set offload features of br11: Operation not permitted
br11: Device has name_assign_type=3
-Using interface naming scheme 'v240'.
+Using interface naming scheme 'v241'.
br11: Policy *keep*: keeping existing userspace name
br11: Device has addr_assign_type=1
-br11: No stable identifying information found
-br11: Could not generate persistent MAC: No data available
+br11: Using "br11" as stable identifying information
+br11: Using generated persistent MAC address
+Could not set Alias=, MACAddress= or MTU= on br11: Operation not permitted
+br11: Could not apply link config, ignoring: Operation not permitted
Unload module index
Unloaded link configuration context.
ID_NET_DRIVER=bridge
This is in preparation for later changes. Let's change the documentation of
net.naming-scheme= to also say that it applies to MAC addresses. This commit
doesn't actually implement that though.
When udevadm trigger is called, the list of devices to trigger is always
generated through enumeration, and devices can come and go, so we should not
treat -ENOENT as a failure. But other types of failure should be logged.
It seems they were logged until baa30fbc2c.
Also, return the first error. (I'm not sure if there are other failure modes
which we want to ignore. If they are, they'll need to be whitelisted like
-ENOENT.).
This does the following:
- rename enum udev_builtin_cmd -> UdevBuiltinCmd
- rename struct udev_builtin -> UdevBuiltin
- move type definitions to udev-rules.h
- move prototypes of functions defined in udev-rules.c to udev-rules.h
- drop to use strbuf
- propagate critical errors in applying rules,
- drop limitation for number of tokens per line.
This suppress the following warning:
```
systemd-udevd[437]: Config file /usr/lib/systemd/network/99-default.link
applies to device based on potentially unpredictable interface name 'wlan0'
```
Follow-up for 84ea567eb4.
The length of device identification VPD page is filled with two bytes,
but scsi_id only gets the low byte. Fix it.
Signed-off-by: Zhang Xianwei <zhang.xianwei8@zte.com.cn>
Fixes the following build failure with musl:
../git/src/udev/udev-event.c: In function 'spawn_wait':
../git/src/udev/udev-event.c:600:53: error: 'WEXITED' undeclared (first use in this function); did you mean 'WIFEXITED'?
r = sd_event_add_child(e, NULL, spawn->pid, WEXITED, on_spawn_sigchld, spawn);
^~~~~~~
This looks like a bug in udev-event.c that could also have broken
the compilation after some future glibc header reshuffle.
Follow-up for faae64fa3d, which increased the
default number of udev workers per cpu regardless of how big the system is.
It's not really clear from the commit message if the new number of workers
improved the overall time for the boot process or only reduced the number of
times the max number of children limit was reached (and in this case
5406c36844 commit might have been more appropriate in the first place).
But systems with ~1000 CPUs are not rare these days and the worker numbers get
quite large with CPU factor of 8. Spawning more than 2000 workers can't be
healthy on any system, no matter how big.
Indeed the main mistake is the belief that udev is CPU-intensive, and thus the
number of allowed workers has to increase with the number of CPUs. It is not,
at probably has never been. It's I/O bound, and sometimes, bound by resources
such as locks.
This is an argument to:
- scale only weakly with the number of CPUs, and the rationale to switch back
to a scale factor C=2 but with a higher offset number which should affect
systems with a small number of CPUs only. With this patch applied the offset
is increased from O=8 to O=16.
- put an absolute maximum limit to make sure no more than 2048 workers are
spawned no matter how big the system is.
This still provides more workers for the laptop cases (where the number of CPUs
is limited), while avoiding sky-rocketing numbers for big systems.
Note that on most desktop systems, the memory limit will kick in. The following
table collects numbers about children-max. For each scenario, the first column
is the "cpu_limit" limit, and the second number is the minimum amount of memory
for the "cpu_limit" limit to become relevant (with less RAM, memory will limit
the number of children thus "mem_limit" will become the active limit).
| > v240 | < v240 | this patch |
CPUs | C = 8, O = 8 | C = 2, O = 8 | C = 2, O = 16 |
-------------------------------------------------------
1 | 16 2 | 10 1.3 | 18 2 |
2 | 24 3 | 12 1.5 | 20 2 |
4 | 40 5 | 16 2 | 24 3 |
8 | 72 9 | 24 3 | 32 4 |
16 | 136 17 | 40 5 | 48 5 |
64 | 520 65 | 136 17 | 144 18 |
1024 | 8200 1025 | 2056 263 | 2048 256 |
2048 |16392 2049 | 4104 513 | 2048 256 |
This patch is mainly based on Martin Wilck's analyze and comments.
The comment in udev-builtin-net_id.c (removed in grandparent commit) showed the
property without the prefix. I assume that was always the intent, because it
doesn't make much sense to concatenate anything to an arbitrary user-specified
field.
I decided to make this a separate man page because it is freakin' long.
This content could equally well go in systemd-udevd.service(8), systemd.link(5),
or a new man page for the net_id builtin.
v2:
- rename to systemd.net-naming-scheme
- add udevadm test-builtin net_id example
Checking if we are root on the client side is generally pointless, since the
privileged operation will fail anyway and we can than log what precisly went
wrong.
A check like this makes sense only if:
- we need to do some expensive unprivileged operation before attempting the
privileged operation, and the check allows us avoid wasting resources.
- the privileged operation would fail but in an unclear way.
Neither of those cases applies here.
This fixes calls like 'udevadm control -h' as unprivileged user.
gcc was warning about strncpy() leaving an unterminated string.
In this case, it was correct.
The code was doing strncpy()+strncat()+strlen() essentially to determine
if the strings have expected length. If the length was correct, a buffer
overread was performed (or at least some garbage bytes were used from the
uninitialized part of the buffer). Let's do the length check first and then
only copy stuff if everything agrees.
For some reason the function was called "prepend", when it obviously does
an "append".
When booting with "udev.log-priority=debug" for example, the output might be
spammed with messages like this:
systemd-udevd[23545]: maximum number (248) of children reached
systemd-udevd[23545]: maximum number (248) of children reached
systemd-udevd[23545]: maximum number (248) of children reached
systemd-udevd[23545]: maximum number (248) of children reached
systemd-udevd[23545]: maximum number (248) of children reached
systemd-udevd[23545]: maximum number (248) of children reached
systemd-udevd[23545]: maximum number (248) of children reached
While the message itself is useful, printing it per batch of events should be
enough.
In order to properly and predictably name netdevsim netdevices,
introduce a separate implementation, as the netdevices reside on a
specific netdevsim bus. Note that this applies only to netdevsim devices
created using sysfs, because those expose phys_port_name attribute.
Signed-off-by: Jiri Pirko <jiri@mellanox.com>
We had all kinds of indentation: 2 sp, 3 sp, 4 sp, 8 sp, and mixed.
4 sp was the most common, in particular the majority of scripts under test/
used that. Let's standarize on 4 sp, because many commandlines are long and
there's a lot of nesting, and with 8sp indentation less stuff fits. 4 sp
also seems to be the default indentation, so this will make it less likely
that people will mess up if they don't load the editor config. (I think people
often use vi, and vi has no support to load project-wide configuration
automatically. We distribute a .vimrc file, but it is not loaded by default,
and even the instructions in it seem to discourage its use for security
reasons.)
Also remove the few vim config lines that were left. We should either have them
on all files, or none.
Also remove some strange stuff like '#!/bin/env bash', yikes.
We have a few cases or reported issues which are about a timeout to parse
the input in 25 s. In all cases, the input is a few hundred kb. We don't really
care if the config parsers are super efficent, so let's set a limit on the input
size to avoid triggering such issues. The parsers often contain quadratic
algorithms. This is OK, because the numbers of elements are almost always very
small in real use. Rewriting the code to use more complicated data structures
to speed this up would not only complicate the code, but also pessimize behaviour
for the overwhelmingly common case of small samples. Note that in all those
cases, the input data is trusted. We care about memory correctness, and not
not so much about efficiency.
The size checks are done twice: using options for libfuzzer, and using an
internal check for afl. Those should be changed together. I didn't use a define,
because there is no easy mechanism to share the define between the two files.
It was already the case before commit a75211421f,
which upgraded the log to warning.
This seems an unintended side effect as the commit message doesn't mention it
and the old behavior looks more appropriate.
This fixes bugs introduced by 29448498c7
and d838e14515.
Previously, RUN and SECLABEL keys are stored in udev_list with its unique
flag is false. If the flag is false, then udev_list is just a linked
list and new entries are always added in the last.
So, we should use OrderedHashmap instead of Hashmap.
Fixes#11368.
CID#996458. Coverity warns that we trust desc->bLength as read in
the input data to adjust our position in the buffer. This value could
be anything, leading to overflow. It's unlikely that the kernel feeds
us invalid data, but let's me more careful.
If any error is encountered, more logs are given.
