From 766bcf302aa6a863e4a3e5ee26f2f2742077181d Mon Sep 17 00:00:00 2001 From: Matteo Croce Date: Mon, 1 Jul 2024 21:58:30 +0200 Subject: [PATCH] extend sysctl functions to shadow values Pass to all the sysctl_* functions a hashmap which can be used to optionally save the value written in the sysctl. --- src/basic/sysctl-util.c | 45 +++++++++++++++++++++++++++++++---- src/basic/sysctl-util.h | 25 ++++++++++--------- src/network/networkd-ipv6ll.c | 4 ++-- src/network/networkd-ndisc.c | 6 ++--- src/network/networkd-sysctl.c | 34 +++++++++++++------------- src/test/test-sysctl-util.c | 4 ++-- 6 files changed, 78 insertions(+), 40 deletions(-) diff --git a/src/basic/sysctl-util.c b/src/basic/sysctl-util.c index b284c9ccd20..dfb99e18969 100644 --- a/src/basic/sysctl-util.c +++ b/src/basic/sysctl-util.c @@ -44,8 +44,39 @@ char* sysctl_normalize(char *s) { return s; } -int sysctl_write(const char *property, const char *value) { +static int shadow_update(Hashmap **shadow, const char *property, const char *value) { + _cleanup_free_ char *k = NULL, *v = NULL, *cur_k = NULL, *cur_v = NULL; + int r; + + assert(property); + assert(value); + + if (!shadow) + return 0; + + k = strdup(property); + if (!k) + return -ENOMEM; + + v = strdup(value); + if (!v) + return -ENOMEM; + + cur_v = hashmap_remove2(*shadow, k, (void**)&cur_k); + + r = hashmap_ensure_put(shadow, &path_hash_ops_free_free, k, v); + if (r < 0) + return r; + + TAKE_PTR(k); + TAKE_PTR(v); + + return 0; +} + +int sysctl_write_full(const char *property, const char *value, Hashmap **shadow) { char *p; + int r; assert(property); assert(value); @@ -58,6 +89,10 @@ int sysctl_write(const char *property, const char *value) { log_debug("Setting '%s' to '%s'", p, value); + r = shadow_update(shadow, p, value); + if (r < 0) + return r; + return write_string_file(p, value, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER | WRITE_STRING_FILE_SUPPRESS_REDUNDANT_VIRTUAL); } @@ -76,7 +111,7 @@ int sysctl_writef(const char *property, const char *format, ...) { return sysctl_write(property, v); } -int sysctl_write_ip_property(int af, const char *ifname, const char *property, const char *value) { +int sysctl_write_ip_property(int af, const char *ifname, const char *property, const char *value, Hashmap **shadow) { const char *p; assert(property); @@ -93,10 +128,10 @@ int sysctl_write_ip_property(int af, const char *ifname, const char *property, c } else p = strjoina("net/", af_to_ipv4_ipv6(af), "/", property); - return sysctl_write(p, value); + return sysctl_write_full(p, value, shadow); } -int sysctl_write_ip_neighbor_property(int af, const char *ifname, const char *property, const char *value) { +int sysctl_write_ip_neighbor_property(int af, const char *ifname, const char *property, const char *value, Hashmap **shadow) { const char *p; assert(property); @@ -113,7 +148,7 @@ int sysctl_write_ip_neighbor_property(int af, const char *ifname, const char *pr } else p = strjoina("net/", af_to_ipv4_ipv6(af), "/neigh/default/", property); - return sysctl_write(p, value); + return sysctl_write_full(p, value, shadow); } int sysctl_read(const char *property, char **ret) { diff --git a/src/basic/sysctl-util.h b/src/basic/sysctl-util.h index 2bf5491703f..041292f6933 100644 --- a/src/basic/sysctl-util.h +++ b/src/basic/sysctl-util.h @@ -10,27 +10,30 @@ char* sysctl_normalize(char *s); int sysctl_read(const char *property, char **value); -int sysctl_write(const char *property, const char *value); +int sysctl_write_full(const char *property, const char *value, Hashmap **shadow); int sysctl_writef(const char *property, const char *format, ...) _printf_(2, 3); - -int sysctl_read_ip_property(int af, const char *ifname, const char *property, char **ret); -int sysctl_write_ip_property(int af, const char *ifname, const char *property, const char *value); -static inline int sysctl_write_ip_property_boolean(int af, const char *ifname, const char *property, bool value) { - return sysctl_write_ip_property(af, ifname, property, one_zero(value)); +static inline int sysctl_write(const char *property, const char *value) { + return sysctl_write_full(property, value, NULL); } -int sysctl_write_ip_neighbor_property(int af, const char *ifname, const char *property, const char *value); -static inline int sysctl_write_ip_neighbor_property_uint32(int af, const char *ifname, const char *property, uint32_t value) { +int sysctl_read_ip_property(int af, const char *ifname, const char *property, char **ret); +int sysctl_write_ip_property(int af, const char *ifname, const char *property, const char *value, Hashmap **shadow); +static inline int sysctl_write_ip_property_boolean(int af, const char *ifname, const char *property, bool value, Hashmap **shadow) { + return sysctl_write_ip_property(af, ifname, property, one_zero(value), shadow); +} + +int sysctl_write_ip_neighbor_property(int af, const char *ifname, const char *property, const char *value, Hashmap **shadow); +static inline int sysctl_write_ip_neighbor_property_uint32(int af, const char *ifname, const char *property, uint32_t value, Hashmap **shadow) { char buf[DECIMAL_STR_MAX(uint32_t)]; xsprintf(buf, "%u", value); - return sysctl_write_ip_neighbor_property(af, ifname, property, buf); + return sysctl_write_ip_neighbor_property(af, ifname, property, buf, shadow); } #define DEFINE_SYSCTL_WRITE_IP_PROPERTY(name, type, format) \ - static inline int sysctl_write_ip_property_##name(int af, const char *ifname, const char *property, type value) { \ + static inline int sysctl_write_ip_property_##name(int af, const char *ifname, const char *property, type value, Hashmap **shadow) { \ char buf[DECIMAL_STR_MAX(type)]; \ xsprintf(buf, format, value); \ - return sysctl_write_ip_property(af, ifname, property, buf); \ + return sysctl_write_ip_property(af, ifname, property, buf, shadow); \ } DEFINE_SYSCTL_WRITE_IP_PROPERTY(int, int, "%i"); diff --git a/src/network/networkd-ipv6ll.c b/src/network/networkd-ipv6ll.c index cd23cc94aa1..66705e6a792 100644 --- a/src/network/networkd-ipv6ll.c +++ b/src/network/networkd-ipv6ll.c @@ -219,7 +219,7 @@ int link_set_ipv6ll_stable_secret(Link *link) { } return sysctl_write_ip_property(AF_INET6, link->ifname, "stable_secret", - IN6_ADDR_TO_STRING(&a)); + IN6_ADDR_TO_STRING(&a), NULL); } int link_set_ipv6ll_addrgen_mode(Link *link, IPv6LinkLocalAddressGenMode mode) { @@ -229,7 +229,7 @@ int link_set_ipv6ll_addrgen_mode(Link *link, IPv6LinkLocalAddressGenMode mode) { if (mode == link->ipv6ll_address_gen_mode) return 0; - return sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "addr_gen_mode", mode); + return sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "addr_gen_mode", mode, NULL); } static const char* const ipv6_link_local_address_gen_mode_table[_IPV6_LINK_LOCAL_ADDRESS_GEN_MODE_MAX] = { diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c index f44f03365c3..253ca585aa5 100644 --- a/src/network/networkd-ndisc.c +++ b/src/network/networkd-ndisc.c @@ -986,7 +986,7 @@ static int ndisc_router_process_reachable_time(Link *link, sd_ndisc_router *rt) } /* Set the reachable time for Neighbor Solicitations. */ - r = sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "base_reachable_time_ms", (uint32_t) msec); + r = sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "base_reachable_time_ms", (uint32_t) msec, NULL); if (r < 0) log_link_warning_errno(link, r, "Failed to apply neighbor reachable time (%"PRIu64"), ignoring: %m", msec); @@ -1019,7 +1019,7 @@ static int ndisc_router_process_retransmission_time(Link *link, sd_ndisc_router } /* Set the retransmission time for Neighbor Solicitations. */ - r = sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "retrans_time_ms", (uint32_t) msec); + r = sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "retrans_time_ms", (uint32_t) msec, NULL); if (r < 0) log_link_warning_errno(link, r, "Failed to apply neighbor retransmission time (%"PRIu64"), ignoring: %m", msec); @@ -1054,7 +1054,7 @@ static int ndisc_router_process_hop_limit(Link *link, sd_ndisc_router *rt) { if (hop_limit <= 0) return 0; - r = sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "hop_limit", (uint32_t) hop_limit); + r = sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "hop_limit", (uint32_t) hop_limit, NULL); if (r < 0) log_link_warning_errno(link, r, "Failed to apply hop_limit (%u), ignoring: %m", hop_limit); diff --git a/src/network/networkd-sysctl.c b/src/network/networkd-sysctl.c index 2027a29f276..23c28783590 100644 --- a/src/network/networkd-sysctl.c +++ b/src/network/networkd-sysctl.c @@ -30,13 +30,13 @@ static void manager_set_ip_forwarding(Manager *manager, int family) { return; /* keep */ /* First, set the default value. */ - r = sysctl_write_ip_property_boolean(family, "default", "forwarding", t); + r = sysctl_write_ip_property_boolean(family, "default", "forwarding", t, NULL); if (r < 0) log_warning_errno(r, "Failed to %s the default %s forwarding: %m", enable_disable(t), af_to_ipv4_ipv6(family)); /* Then, set the value to all interfaces. */ - r = sysctl_write_ip_property_boolean(family, "all", "forwarding", t); + r = sysctl_write_ip_property_boolean(family, "all", "forwarding", t, NULL); if (r < 0) log_warning_errno(r, "Failed to %s %s forwarding for all interfaces: %m", enable_disable(t), af_to_ipv4_ipv6(family)); @@ -80,7 +80,7 @@ static int link_update_ipv6_sysctl(Link *link) { if (!link_ipv6_enabled(link)) return 0; - return sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "disable_ipv6", false); + return sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "disable_ipv6", false, NULL); } static int link_set_proxy_arp(Link *link) { @@ -92,7 +92,7 @@ static int link_set_proxy_arp(Link *link) { if (link->network->proxy_arp < 0) return 0; - return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "proxy_arp", link->network->proxy_arp > 0); + return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "proxy_arp", link->network->proxy_arp > 0, NULL); } static int link_set_proxy_arp_pvlan(Link *link) { @@ -104,7 +104,7 @@ static int link_set_proxy_arp_pvlan(Link *link) { if (link->network->proxy_arp_pvlan < 0) return 0; - return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "proxy_arp_pvlan", link->network->proxy_arp_pvlan > 0); + return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "proxy_arp_pvlan", link->network->proxy_arp_pvlan > 0, NULL); } int link_get_ip_forwarding(Link *link, int family) { @@ -145,7 +145,7 @@ static int link_set_ip_forwarding_impl(Link *link, int family) { if (t < 0) return 0; /* keep */ - r = sysctl_write_ip_property_boolean(family, link->ifname, "forwarding", t); + r = sysctl_write_ip_property_boolean(family, link->ifname, "forwarding", t, NULL); if (r < 0) return log_link_warning_errno(link, r, "Failed to %s %s forwarding, ignoring: %m", enable_disable(t), af_to_ipv4_ipv6(family)); @@ -221,7 +221,7 @@ static int link_set_ipv4_rp_filter(Link *link) { if (link->network->ipv4_rp_filter < 0) return 0; - return sysctl_write_ip_property_int(AF_INET, link->ifname, "rp_filter", link->network->ipv4_rp_filter); + return sysctl_write_ip_property_int(AF_INET, link->ifname, "rp_filter", link->network->ipv4_rp_filter, NULL); } static int link_set_ipv6_privacy_extensions(Link *link) { @@ -241,7 +241,7 @@ static int link_set_ipv6_privacy_extensions(Link *link) { if (val == IPV6_PRIVACY_EXTENSIONS_KERNEL) return 0; - return sysctl_write_ip_property_int(AF_INET6, link->ifname, "use_tempaddr", (int) val); + return sysctl_write_ip_property_int(AF_INET6, link->ifname, "use_tempaddr", (int) val, NULL); } static int link_set_ipv6_accept_ra(Link *link) { @@ -250,7 +250,7 @@ static int link_set_ipv6_accept_ra(Link *link) { if (!link_is_configured_for_family(link, AF_INET6)) return 0; - return sysctl_write_ip_property(AF_INET6, link->ifname, "accept_ra", "0"); + return sysctl_write_ip_property(AF_INET6, link->ifname, "accept_ra", "0", NULL); } static int link_set_ipv6_dad_transmits(Link *link) { @@ -262,7 +262,7 @@ static int link_set_ipv6_dad_transmits(Link *link) { if (link->network->ipv6_dad_transmits < 0) return 0; - return sysctl_write_ip_property_int(AF_INET6, link->ifname, "dad_transmits", link->network->ipv6_dad_transmits); + return sysctl_write_ip_property_int(AF_INET6, link->ifname, "dad_transmits", link->network->ipv6_dad_transmits, NULL); } static int link_set_ipv6_hop_limit(Link *link) { @@ -274,7 +274,7 @@ static int link_set_ipv6_hop_limit(Link *link) { if (link->network->ipv6_hop_limit <= 0) return 0; - return sysctl_write_ip_property_int(AF_INET6, link->ifname, "hop_limit", link->network->ipv6_hop_limit); + return sysctl_write_ip_property_int(AF_INET6, link->ifname, "hop_limit", link->network->ipv6_hop_limit, NULL); } static int link_set_ipv6_retransmission_time(Link *link) { @@ -292,7 +292,7 @@ static int link_set_ipv6_retransmission_time(Link *link) { if (retrans_time_ms <= 0 || retrans_time_ms > UINT32_MAX) return 0; - return sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "retrans_time_ms", retrans_time_ms); + return sysctl_write_ip_neighbor_property_uint32(AF_INET6, link->ifname, "retrans_time_ms", retrans_time_ms, NULL); } static int link_set_ipv6_proxy_ndp(Link *link) { @@ -308,7 +308,7 @@ static int link_set_ipv6_proxy_ndp(Link *link) { else v = !set_isempty(link->network->ipv6_proxy_ndp_addresses); - return sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "proxy_ndp", v); + return sysctl_write_ip_property_boolean(AF_INET6, link->ifname, "proxy_ndp", v, NULL); } int link_set_ipv6_mtu(Link *link, int log_level) { @@ -335,7 +335,7 @@ int link_set_ipv6_mtu(Link *link, int log_level) { mtu = link->mtu; } - return sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "mtu", mtu); + return sysctl_write_ip_property_uint32(AF_INET6, link->ifname, "mtu", mtu, NULL); } static int link_set_ipv4_accept_local(Link *link) { @@ -347,7 +347,7 @@ static int link_set_ipv4_accept_local(Link *link) { if (link->network->ipv4_accept_local < 0) return 0; - return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "accept_local", link->network->ipv4_accept_local > 0); + return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "accept_local", link->network->ipv4_accept_local > 0, NULL); } static int link_set_ipv4_route_localnet(Link *link) { @@ -359,7 +359,7 @@ static int link_set_ipv4_route_localnet(Link *link) { if (link->network->ipv4_route_localnet < 0) return 0; - return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "route_localnet", link->network->ipv4_route_localnet > 0); + return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "route_localnet", link->network->ipv4_route_localnet > 0, NULL); } static int link_set_ipv4_promote_secondaries(Link *link) { @@ -373,7 +373,7 @@ static int link_set_ipv4_promote_secondaries(Link *link) { * otherwise. The way systemd-networkd works is that the new IP of a lease is added as a * secondary IP and when the primary one expires it relies on the kernel to promote the * secondary IP. See also https://github.com/systemd/systemd/issues/7163 */ - return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "promote_secondaries", true); + return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "promote_secondaries", true, NULL); } int link_set_sysctl(Link *link) { diff --git a/src/test/test-sysctl-util.c b/src/test/test-sysctl-util.c index e94099605ca..83d6c9036c4 100644 --- a/src/test/test-sysctl-util.c +++ b/src/test/test-sysctl-util.c @@ -53,14 +53,14 @@ TEST(sysctl_read) { assert_se(sysctl_read_ip_property(AF_INET, "lo", "forwarding", &s)); assert_se(STR_IN_SET(s, "0", "1")); - r = sysctl_write_ip_property(AF_INET, "lo", "forwarding", s); + r = sysctl_write_ip_property(AF_INET, "lo", "forwarding", s, NULL); assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r) || r == -EROFS); s = mfree(s); assert_se(sysctl_read_ip_property(AF_INET, NULL, "ip_forward", &s)); assert_se(STR_IN_SET(s, "0", "1")); - r = sysctl_write_ip_property(AF_INET, NULL, "ip_forward", s); + r = sysctl_write_ip_property(AF_INET, NULL, "ip_forward", s, NULL); assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r) || r == -EROFS); s = mfree(s);