|
|
bd1529 |
From 905a97ce65352d80af7260d34b74fd8342792c35 Mon Sep 17 00:00:00 2001
|
|
|
bd1529 |
From: Lennart Poettering <lennart@poettering.net>
|
|
|
bd1529 |
Date: Wed, 27 May 2020 19:36:56 +0200
|
|
|
bd1529 |
Subject: [PATCH] core: add new PassPacketInfo= socket unit property
|
|
|
bd1529 |
|
|
|
bd1529 |
(cherry picked from commit a3d19f5d99c44940831a33df8b5bece4aaf749f7)
|
|
|
bd1529 |
|
|
|
bd1529 |
Resolves: #1887181
|
|
|
bd1529 |
---
|
|
|
bd1529 |
doc/TRANSIENT-SETTINGS.md | 1 +
|
|
|
bd1529 |
man/systemd.socket.xml | 9 +++++++++
|
|
|
bd1529 |
src/core/dbus-socket.c | 4 ++++
|
|
|
bd1529 |
src/core/load-fragment-gperf.gperf.m4 | 1 +
|
|
|
bd1529 |
src/core/socket.c | 8 ++++++++
|
|
|
bd1529 |
src/core/socket.h | 1 +
|
|
|
bd1529 |
src/shared/bus-unit-util.c | 3 +--
|
|
|
bd1529 |
test/fuzz/fuzz-unit-file/directives.service | 1 +
|
|
|
bd1529 |
8 files changed, 26 insertions(+), 2 deletions(-)
|
|
|
bd1529 |
|
|
|
bd1529 |
diff --git a/doc/TRANSIENT-SETTINGS.md b/doc/TRANSIENT-SETTINGS.md
|
|
|
bd1529 |
index 995b8797ef..de0ef9cc49 100644
|
|
|
bd1529 |
--- a/doc/TRANSIENT-SETTINGS.md
|
|
|
bd1529 |
+++ b/doc/TRANSIENT-SETTINGS.md
|
|
|
bd1529 |
@@ -410,6 +410,7 @@ Most socket unit settings are available to transient units.
|
|
|
bd1529 |
✓ Broadcast=
|
|
|
bd1529 |
✓ PassCredentials=
|
|
|
bd1529 |
✓ PassSecurity=
|
|
|
bd1529 |
+✓ PassPacketInfo=
|
|
|
bd1529 |
✓ TCPCongestion=
|
|
|
bd1529 |
✓ ReusePort=
|
|
|
bd1529 |
✓ MessageQueueMaxMessages=
|
|
|
bd1529 |
diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml
|
|
|
bd1529 |
index 8676b4e03f..a908d5b6d8 100644
|
|
|
bd1529 |
--- a/man/systemd.socket.xml
|
|
|
bd1529 |
+++ b/man/systemd.socket.xml
|
|
|
bd1529 |
@@ -712,6 +712,15 @@
|
|
|
bd1529 |
Defaults to <option>false</option>.</para></listitem>
|
|
|
bd1529 |
</varlistentry>
|
|
|
bd1529 |
|
|
|
bd1529 |
+ <varlistentry>
|
|
|
bd1529 |
+ <term><varname>PassPacketInfo=</varname></term>
|
|
|
bd1529 |
+ <listitem><para>Takes a boolean value. This controls the <constant>IP_PKTINFO</constant>,
|
|
|
bd1529 |
+ <constant>IPV6_RECVPKTINFO</constant> and <constant>NETLINK_PKTINFO</constant> socket options, which
|
|
|
bd1529 |
+ enable reception of additional per-packet metadata as ancillary message, on
|
|
|
bd1529 |
+ <constant>AF_INET</constant>, <constant>AF_INET6</constant> and <constant>AF_UNIX</constant> sockets.
|
|
|
bd1529 |
+ Defaults to <option>false</option>.</para></listitem>
|
|
|
bd1529 |
+ </varlistentry>
|
|
|
bd1529 |
+
|
|
|
bd1529 |
<varlistentry>
|
|
|
bd1529 |
<term><varname>TCPCongestion=</varname></term>
|
|
|
bd1529 |
<listitem><para>Takes a string value. Controls the TCP
|
|
|
bd1529 |
diff --git a/src/core/dbus-socket.c b/src/core/dbus-socket.c
|
|
|
bd1529 |
index fa6bbe2c6f..17494b80c8 100644
|
|
|
bd1529 |
--- a/src/core/dbus-socket.c
|
|
|
bd1529 |
+++ b/src/core/dbus-socket.c
|
|
|
bd1529 |
@@ -104,6 +104,7 @@ const sd_bus_vtable bus_socket_vtable[] = {
|
|
|
bd1529 |
SD_BUS_PROPERTY("Broadcast", "b", bus_property_get_bool, offsetof(Socket, broadcast), SD_BUS_VTABLE_PROPERTY_CONST),
|
|
|
bd1529 |
SD_BUS_PROPERTY("PassCredentials", "b", bus_property_get_bool, offsetof(Socket, pass_cred), SD_BUS_VTABLE_PROPERTY_CONST),
|
|
|
bd1529 |
SD_BUS_PROPERTY("PassSecurity", "b", bus_property_get_bool, offsetof(Socket, pass_sec), SD_BUS_VTABLE_PROPERTY_CONST),
|
|
|
bd1529 |
+ SD_BUS_PROPERTY("PassPacketInfo", "b", bus_property_get_bool, offsetof(Socket, pass_pktinfo), SD_BUS_VTABLE_PROPERTY_CONST),
|
|
|
bd1529 |
SD_BUS_PROPERTY("RemoveOnStop", "b", bus_property_get_bool, offsetof(Socket, remove_on_stop), SD_BUS_VTABLE_PROPERTY_CONST),
|
|
|
bd1529 |
SD_BUS_PROPERTY("Listen", "a(ss)", property_get_listen, 0, SD_BUS_VTABLE_PROPERTY_CONST),
|
|
|
bd1529 |
SD_BUS_PROPERTY("Symlinks", "as", NULL, offsetof(Socket, symlinks), SD_BUS_VTABLE_PROPERTY_CONST),
|
|
|
bd1529 |
@@ -205,6 +206,9 @@ static int bus_socket_set_transient_property(
|
|
|
bd1529 |
if (streq(name, "PassSecurity"))
|
|
|
bd1529 |
return bus_set_transient_bool(u, name, &s->pass_sec, message, flags, error);
|
|
|
bd1529 |
|
|
|
bd1529 |
+ if (streq(name, "PassPacketInfo"))
|
|
|
bd1529 |
+ return bus_set_transient_bool(u, name, &s->pass_pktinfo, message, flags, error);
|
|
|
bd1529 |
+
|
|
|
bd1529 |
if (streq(name, "ReusePort"))
|
|
|
bd1529 |
return bus_set_transient_bool(u, name, &s->reuse_port, message, flags, error);
|
|
|
bd1529 |
|
|
|
bd1529 |
diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4
|
|
|
bd1529 |
index 156a4d0a6d..7d683cc84b 100644
|
|
|
bd1529 |
--- a/src/core/load-fragment-gperf.gperf.m4
|
|
|
bd1529 |
+++ b/src/core/load-fragment-gperf.gperf.m4
|
|
|
bd1529 |
@@ -381,6 +381,7 @@ Socket.Transparent, config_parse_bool, 0,
|
|
|
bd1529 |
Socket.Broadcast, config_parse_bool, 0, offsetof(Socket, broadcast)
|
|
|
bd1529 |
Socket.PassCredentials, config_parse_bool, 0, offsetof(Socket, pass_cred)
|
|
|
bd1529 |
Socket.PassSecurity, config_parse_bool, 0, offsetof(Socket, pass_sec)
|
|
|
bd1529 |
+Socket.PassPacketInfo, config_parse_bool, 0, offsetof(Socket, pass_pktinfo)
|
|
|
bd1529 |
Socket.TCPCongestion, config_parse_string, 0, offsetof(Socket, tcp_congestion)
|
|
|
bd1529 |
Socket.ReusePort, config_parse_bool, 0, offsetof(Socket, reuse_port)
|
|
|
bd1529 |
Socket.MessageQueueMaxMessages, config_parse_long, 0, offsetof(Socket, mq_maxmsg)
|
|
|
bd1529 |
diff --git a/src/core/socket.c b/src/core/socket.c
|
|
|
bd1529 |
index 97c3a7fc9a..50c32ed8f4 100644
|
|
|
bd1529 |
--- a/src/core/socket.c
|
|
|
bd1529 |
+++ b/src/core/socket.c
|
|
|
bd1529 |
@@ -660,6 +660,7 @@ static void socket_dump(Unit *u, FILE *f, const char *prefix) {
|
|
|
bd1529 |
"%sBroadcast: %s\n"
|
|
|
bd1529 |
"%sPassCredentials: %s\n"
|
|
|
bd1529 |
"%sPassSecurity: %s\n"
|
|
|
bd1529 |
+ "%sPassPacketInfo: %s\n"
|
|
|
bd1529 |
"%sTCPCongestion: %s\n"
|
|
|
bd1529 |
"%sRemoveOnStop: %s\n"
|
|
|
bd1529 |
"%sWritable: %s\n"
|
|
|
bd1529 |
@@ -678,6 +679,7 @@ static void socket_dump(Unit *u, FILE *f, const char *prefix) {
|
|
|
bd1529 |
prefix, yes_no(s->broadcast),
|
|
|
bd1529 |
prefix, yes_no(s->pass_cred),
|
|
|
bd1529 |
prefix, yes_no(s->pass_sec),
|
|
|
bd1529 |
+ prefix, yes_no(s->pass_pktinfo),
|
|
|
bd1529 |
prefix, strna(s->tcp_congestion),
|
|
|
bd1529 |
prefix, yes_no(s->remove_on_stop),
|
|
|
bd1529 |
prefix, yes_no(s->writable),
|
|
|
bd1529 |
@@ -1099,6 +1101,12 @@ static void socket_apply_socket_options(Socket *s, int fd) {
|
|
|
bd1529 |
log_unit_warning_errno(UNIT(s), errno, "SO_PASSSEC failed: %m");
|
|
|
bd1529 |
}
|
|
|
bd1529 |
|
|
|
bd1529 |
+ if (s->pass_pktinfo) {
|
|
|
bd1529 |
+ r = socket_pass_pktinfo(fd, true);
|
|
|
bd1529 |
+ if (r < 0)
|
|
|
bd1529 |
+ log_unit_warning_errno(UNIT(s), r, "Failed to enable packet info socket option: %m");
|
|
|
bd1529 |
+ }
|
|
|
bd1529 |
+
|
|
|
bd1529 |
if (s->priority >= 0)
|
|
|
bd1529 |
if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
|
|
|
bd1529 |
log_unit_warning_errno(UNIT(s), errno, "SO_PRIORITY failed: %m");
|
|
|
bd1529 |
diff --git a/src/core/socket.h b/src/core/socket.h
|
|
|
bd1529 |
index b7a25d91fd..2409dbf2a0 100644
|
|
|
bd1529 |
--- a/src/core/socket.h
|
|
|
bd1529 |
+++ b/src/core/socket.h
|
|
|
bd1529 |
@@ -121,6 +121,7 @@ struct Socket {
|
|
|
bd1529 |
bool broadcast;
|
|
|
bd1529 |
bool pass_cred;
|
|
|
bd1529 |
bool pass_sec;
|
|
|
bd1529 |
+ bool pass_pktinfo;
|
|
|
bd1529 |
|
|
|
bd1529 |
/* Only for INET6 sockets: issue IPV6_V6ONLY sockopt */
|
|
|
bd1529 |
SocketAddressBindIPv6Only bind_ipv6_only;
|
|
|
bd1529 |
diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
|
|
|
bd1529 |
index daa2c2dce5..9010448aaf 100644
|
|
|
bd1529 |
--- a/src/shared/bus-unit-util.c
|
|
|
bd1529 |
+++ b/src/shared/bus-unit-util.c
|
|
|
bd1529 |
@@ -1478,8 +1478,7 @@ static int bus_append_socket_property(sd_bus_message *m, const char *field, cons
|
|
|
bd1529 |
if (STR_IN_SET(field,
|
|
|
bd1529 |
"Accept", "Writable", "KeepAlive", "NoDelay", "FreeBind", "Transparent", "Broadcast",
|
|
|
bd1529 |
"PassCredentials", "PassSecurity", "ReusePort", "RemoveOnStop", "SELinuxContextFromNet",
|
|
|
bd1529 |
- "FlushPending"))
|
|
|
bd1529 |
-
|
|
|
bd1529 |
+ "FlushPending", "PassPacketInfo"))
|
|
|
bd1529 |
return bus_append_parse_boolean(m, field, eq);
|
|
|
bd1529 |
|
|
|
bd1529 |
if (STR_IN_SET(field, "Priority", "IPTTL", "Mark"))
|
|
|
bd1529 |
diff --git a/test/fuzz/fuzz-unit-file/directives.service b/test/fuzz/fuzz-unit-file/directives.service
|
|
|
bd1529 |
index 9d0530df72..8fde27fc90 100644
|
|
|
bd1529 |
--- a/test/fuzz/fuzz-unit-file/directives.service
|
|
|
bd1529 |
+++ b/test/fuzz/fuzz-unit-file/directives.service
|
|
|
bd1529 |
@@ -161,6 +161,7 @@ PIDFile=
|
|
|
bd1529 |
PartOf=
|
|
|
bd1529 |
PassCredentials=
|
|
|
bd1529 |
PassSecurity=
|
|
|
bd1529 |
+PassPacketInfo=
|
|
|
bd1529 |
PathChanged=
|
|
|
bd1529 |
PathExists=
|
|
|
bd1529 |
PathExistsGlob=
|