16062852561

Committed 03 Jul 2025 10:04PM UTC coverage: 72.193% (+0.1%) from 72.096%

Build # 16062852561

Build Type

push

github

Committed by

bluca

Commit Message

pcrlock: process components outside of location window properly

So far, when we tried to match a component to eent log entries we
skipped those components if they were outside of our location window.
That however is too aggressive, since it means any components that are
already in the logs, but outside of the location window will be
considered unrecognized in the logs, and thus removed from the PCR
policy.

Change things around: always try to match up all components, regardless
if inside the location window or outside, but then make it non-fatal we
can't find a component outside of the location window.

Fixes: #36079

Run Details

7 of 9 new or added lines in 1 file covered. (77.78%)

4116 existing lines in 75 files now uncovered.

301219 of 417241 relevant lines covered (72.19%)

730820.5 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

85.19

/src/basic/socket-util.h

/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once

#include <linux/if_ether.h>
#include <linux/if_infiniband.h>
#include <linux/if_packet.h>
#include <linux/netlink.h>
#include <linux/vm_sockets.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <sys/un.h>

#include "forward.h"
#include "memory-util.h"
#include "missing_network.h"

union sockaddr_union {
        /* The minimal, abstract version */
        struct sockaddr sa;

        /* The libc provided version that allocates "enough room" for every protocol */
        struct sockaddr_storage storage;

        /* Protocol-specific implementations */
        struct sockaddr_in in;
        struct sockaddr_in6 in6;
        struct sockaddr_un un;
        struct sockaddr_nl nl;
        struct sockaddr_ll ll;
        struct sockaddr_vm vm;

        /* Ensure there is enough space to store Infiniband addresses */
        uint8_t ll_buffer[offsetof(struct sockaddr_ll, sll_addr) + CONST_MAX(ETH_ALEN, INFINIBAND_ALEN)];

        /* Ensure there is enough space after the AF_UNIX sun_path for one more NUL byte, just to be sure that the path
         * component is always followed by at least one NUL byte. */
        uint8_t un_buffer[sizeof(struct sockaddr_un) + 1];
};

#define SUN_PATH_LEN (sizeof(((struct sockaddr_un){}).sun_path))

typedef struct SocketAddress {
        union sockaddr_union sockaddr;

        /* We store the size here explicitly due to the weird
         * sockaddr_un semantics for abstract sockets */
        socklen_t size;

        /* Socket type, i.e. SOCK_STREAM, SOCK_DGRAM, ... */
        int type;

        /* Socket protocol, IPPROTO_xxx, usually 0, except for netlink */
        int protocol;
} SocketAddress;

typedef enum SocketAddressBindIPv6Only {
        SOCKET_ADDRESS_DEFAULT,
        SOCKET_ADDRESS_BOTH,
        SOCKET_ADDRESS_IPV6_ONLY,
        _SOCKET_ADDRESS_BIND_IPV6_ONLY_MAX,
        _SOCKET_ADDRESS_BIND_IPV6_ONLY_INVALID = -EINVAL,
} SocketAddressBindIPv6Only;

#define socket_address_family(a) ((a)->sockaddr.sa.sa_family)

const char* socket_address_type_to_string(int t) _const_;
int socket_address_type_from_string(const char *s) _pure_;

int sockaddr_un_unlink(const struct sockaddr_un *sa);

static inline int socket_address_unlink(const SocketAddress *a) {
        return socket_address_family(a) == AF_UNIX ? sockaddr_un_unlink(&a->sockaddr.un) : 0;
}

bool socket_address_can_accept(const SocketAddress *a) _pure_;

int socket_address_listen(
                const SocketAddress *a,
                int flags,
                int backlog,
                SocketAddressBindIPv6Only only,
                const char *bind_to_device,
                bool reuse_port,
                bool free_bind,
                bool transparent,
                mode_t directory_mode,
                mode_t socket_mode,
                const char *label);

int socket_address_verify(const SocketAddress *a, bool strict) _pure_;
int socket_address_print(const SocketAddress *a, char **p);
bool socket_address_matches_fd(const SocketAddress *a, int fd);

bool socket_address_equal(const SocketAddress *a, const SocketAddress *b) _pure_;

const char* socket_address_get_path(const SocketAddress *a);

bool socket_ipv6_is_supported(void);
bool socket_ipv6_is_enabled(void);

int sockaddr_port(const struct sockaddr *_sa, unsigned *port);
const union in_addr_union *sockaddr_in_addr(const struct sockaddr *sa);
int sockaddr_set_in_addr(union sockaddr_union *u, int family, const union in_addr_union *a, uint16_t port);

int sockaddr_pretty(const struct sockaddr *_sa, socklen_t salen, bool translate_ipv6, bool include_port, char **ret);
int getpeername_pretty(int fd, bool include_port, char **ret);
int getsockname_pretty(int fd, char **ret);

int socknameinfo_pretty(const struct sockaddr *sa, socklen_t salen, char **_ret);

const char* socket_address_bind_ipv6_only_to_string(SocketAddressBindIPv6Only b) _const_;
SocketAddressBindIPv6Only socket_address_bind_ipv6_only_from_string(const char *s) _pure_;
SocketAddressBindIPv6Only socket_address_bind_ipv6_only_or_bool_from_string(const char *s);

int netlink_family_to_string_alloc(int b, char **s);
int netlink_family_from_string(const char *s) _pure_;

bool sockaddr_equal(const union sockaddr_union *a, const union sockaddr_union *b);

int fd_set_sndbuf(int fd, size_t n, bool increase);
static inline int fd_inc_sndbuf(int fd, size_t n) {
        return fd_set_sndbuf(fd, n, true);
}
int fd_set_rcvbuf(int fd, size_t n, bool increase);
static inline int fd_increase_rxbuf(int fd, size_t n) {
        return fd_set_rcvbuf(fd, n, true);
}

int ip_tos_to_string_alloc(int i, char **s);
int ip_tos_from_string(const char *s);

typedef enum {
        IFNAME_VALID_ALTERNATIVE = 1 << 0, /* Allow "altnames" too */
        IFNAME_VALID_NUMERIC     = 1 << 1, /* Allow decimal formatted ifindexes too */
        IFNAME_VALID_SPECIAL     = 1 << 2, /* Allow the special names "all" and "default" */
        _IFNAME_VALID_ALL        = IFNAME_VALID_ALTERNATIVE | IFNAME_VALID_NUMERIC | IFNAME_VALID_SPECIAL,
} IfnameValidFlags;
bool ifname_valid_char(char a) _const_;
bool ifname_valid_full(const char *p, IfnameValidFlags flags) _pure_;
static inline bool ifname_valid(const char *p) {
        return ifname_valid_full(p, 0);
}
bool address_label_valid(const char *p) _pure_;

int getpeercred(int fd, struct ucred *ucred);
int getpeersec(int fd, char **ret);
int getpeergroups(int fd, gid_t **ret);
int getpeerpidfd(int fd);
int getpeerpidref(int fd, PidRef *ret);

ssize_t send_many_fds_iov_sa(
                int transport_fd,
                int *fds_array, size_t n_fds_array,
                const struct iovec *iov, size_t iovlen,
                const struct sockaddr *sa, socklen_t len,
                int flags);
static inline ssize_t send_many_fds_iov(
                int transport_fd,
                int *fds_array, size_t n_fds_array,
                const struct iovec *iov, size_t iovlen,
                int flags) {

        return send_many_fds_iov_sa(transport_fd, fds_array, n_fds_array, iov, iovlen, NULL, 0, flags);
}
static inline int send_many_fds(
                int transport_fd,
                int *fds_array,
                size_t n_fds_array,
                int flags) {

        return send_many_fds_iov_sa(transport_fd, fds_array, n_fds_array, NULL, 0, NULL, 0, flags);
}
ssize_t send_one_fd_iov_sa(
                int transport_fd,
                int fd,
                const struct iovec *iov, size_t iovlen,
                const struct sockaddr *sa, socklen_t len,
                int flags);
int send_one_fd_sa(int transport_fd,
                   int fd,
                   const struct sockaddr *sa, socklen_t len,
                   int flags);
#define send_one_fd_iov(transport_fd, fd, iov, iovlen, flags) send_one_fd_iov_sa(transport_fd, fd, iov, iovlen, NULL, 0, flags)
#define send_one_fd(transport_fd, fd, flags) send_one_fd_iov_sa(transport_fd, fd, NULL, 0, NULL, 0, flags)
ssize_t receive_one_fd_iov(int transport_fd, struct iovec *iov, size_t iovlen, int flags, int *ret_fd);
int receive_one_fd(int transport_fd, int flags);
ssize_t receive_many_fds_iov(int transport_fd, struct iovec *iov, size_t iovlen, int **ret_fds_array, size_t *ret_n_fds_array, int flags);
int receive_many_fds(int transport_fd, int **ret_fds_array, size_t *ret_n_fds_array, int flags);

ssize_t next_datagram_size_fd(int fd);

int flush_accept(int fd);
ssize_t flush_mqueue(int fd);

#define CMSG_FOREACH(cmsg, mh)                                          \
        for ((cmsg) = CMSG_FIRSTHDR(mh); (cmsg); (cmsg) = CMSG_NXTHDR((mh), (cmsg)))

/* Returns the cmsghdr's data pointer, but safely cast to the specified type. Does two alignment checks: one
 * at compile time, that the requested type has a smaller or same alignment as 'struct cmsghdr', and one
 * during runtime, that the actual pointer matches the alignment too. This is supposed to catch cases such as
 * 'struct timeval' is embedded into 'struct cmsghdr' on architectures where the alignment of the former is 8
 * bytes (because of a 64-bit time_t), but of the latter is 4 bytes (because size_t is 32 bits), such as
 * riscv32. */
#define CMSG_TYPED_DATA(cmsg, type)                                     \
        ({                                                              \
                struct cmsghdr *_cmsg = (cmsg);                         \
                assert_cc(alignof(type) <= alignof(struct cmsghdr));    \
                _cmsg ? CAST_ALIGN_PTR(type, CMSG_DATA(_cmsg)) : (type*) NULL; \
        })

struct cmsghdr* cmsg_find(struct msghdr *mh, int level, int type, socklen_t length);
void* cmsg_find_and_copy_data(struct msghdr *mh, int level, int type, void *buf, size_t buf_len);

/* Type-safe, dereferencing version of cmsg_find() */
#define CMSG_FIND_DATA(mh, level, type, ctype)                          \
        CMSG_TYPED_DATA(cmsg_find(mh, level, type, CMSG_LEN(sizeof(ctype))), ctype)

/* Type-safe version of cmsg_find_and_copy_data() */
#define CMSG_FIND_AND_COPY_DATA(mh, level, type, ctype)             \
        (ctype*) cmsg_find_and_copy_data(mh, level, type, &(ctype){}, sizeof(ctype))

/* Resolves to a type that can carry cmsghdr structures. Make sure things are properly aligned, i.e. the type
 * itself is placed properly in memory and the size is also aligned to what's appropriate for "cmsghdr"
 * structures. */
#define CMSG_BUFFER_TYPE(size)                                          \
        union {                                                         \
                struct cmsghdr cmsghdr;                                 \
                uint8_t buf[size];                                      \
                uint8_t align_check[(size) >= CMSG_SPACE(0) &&          \
                                    (size) == CMSG_ALIGN(size) ? 1 : -1]; \
        }

size_t sockaddr_ll_len(const struct sockaddr_ll *sa);

size_t sockaddr_un_len(const struct sockaddr_un *sa);

size_t sockaddr_len(const union sockaddr_union *sa);

int socket_ioctl_fd(void);

int sockaddr_un_set_path(struct sockaddr_un *ret, const char *path);

static inline int setsockopt_int(int fd, int level, int optname, int value) {
        if (setsockopt(fd, level, optname, &value, sizeof(value)) < 0)
                return -errno;

        return 0;
}

int getsockopt_int(int fd, int level, int optname, int *ret);

int socket_bind_to_ifname(int fd, const char *ifname);
int socket_bind_to_ifindex(int fd, int ifindex);

int socket_autobind(int fd, char **ret_name);

/* Define a 64-bit version of timeval/timespec in any case, even on 32-bit userspace. */
struct timeval_large {
        uint64_t tvl_sec, tvl_usec;
};
struct timespec_large {
        uint64_t tvl_sec, tvl_nsec;
};

/* glibc duplicates timespec/timeval on certain 32-bit arches, once in 32-bit and once in 64-bit.
 * See __convert_scm_timestamps() in glibc source code. Hence, we need additional buffer space for them
 * to prevent truncating control msg (recvmsg() MSG_CTRUNC). */
#define CMSG_SPACE_TIMEVAL                                              \
        ((sizeof(struct timeval) == sizeof(struct timeval_large)) ?     \
         CMSG_SPACE(sizeof(struct timeval)) :                           \
         CMSG_SPACE(sizeof(struct timeval)) +                           \
         CMSG_SPACE(sizeof(struct timeval_large)))
#define CMSG_SPACE_TIMESPEC                                             \
        ((sizeof(struct timespec) == sizeof(struct timespec_large)) ?   \
         CMSG_SPACE(sizeof(struct timespec)) :                          \
         CMSG_SPACE(sizeof(struct timespec)) +                          \
         CMSG_SPACE(sizeof(struct timespec_large)))

ssize_t recvmsg_safe(int sockfd, struct msghdr *msg, int flags);

int socket_get_family(int fd);
int socket_set_recvpktinfo(int fd, int af, bool b);
int socket_set_unicast_if(int fd, int af, int ifi);

int socket_set_option(int fd, int af, int opt_ipv4, int opt_ipv6, int val);
static inline int socket_set_recverr(int fd, int af, bool b) {
        return socket_set_option(fd, af, IP_RECVERR, IPV6_RECVERR, b);
}
static inline int socket_set_recvttl(int fd, int af, bool b) {
        return socket_set_option(fd, af, IP_RECVTTL, IPV6_RECVHOPLIMIT, b);
}
static inline int socket_set_ttl(int fd, int af, int ttl) {
        return socket_set_option(fd, af, IP_TTL, IPV6_UNICAST_HOPS, ttl);
}
static inline int socket_set_freebind(int fd, int af, bool b) {
        return socket_set_option(fd, af, IP_FREEBIND, IPV6_FREEBIND, b);
}
static inline int socket_set_transparent(int fd, int af, bool b) {
        return socket_set_option(fd, af, IP_TRANSPARENT, IPV6_TRANSPARENT, b);
}
static inline int socket_set_recvfragsize(int fd, int af, bool b) {
        return socket_set_option(fd, af, IP_RECVFRAGSIZE, IPV6_RECVFRAGSIZE, b);
}

int socket_get_mtu(int fd, int af, size_t *ret);

/* an initializer for struct ucred that initialized all fields to the invalid value appropriate for each */
#define UCRED_INVALID { .pid = 0, .uid = UID_INVALID, .gid = GID_INVALID }

int connect_unix_path(int fd, int dir_fd, const char *path);

static inline bool VSOCK_CID_IS_REGULAR(unsigned cid) {
        /* 0, 1, 2, UINT32_MAX are special, refuse those */
        return cid > 2 && cid < UINT32_MAX;
}

int vsock_parse_port(const char *s, unsigned *ret);
int vsock_parse_cid(const char *s, unsigned *ret);

/* Parses AF_UNIX and AF_VSOCK addresses. AF_INET[6] require some netlink calls, so it cannot be in
 * src/basic/ and is done from 'socket_local_address from src/shared/. Return -EPROTO in case of
 * protocol mismatch. */
int socket_address_parse_unix(SocketAddress *ret_address, const char *s);
int socket_address_parse_vsock(SocketAddress *ret_address, const char *s);
int socket_address_equal_unix(const char *a, const char *b);

/* libc's SOMAXCONN is defined to 128 or 4096 (at least on glibc). But actually, the value can be much
 * larger. In our codebase we want to set it to the max usually, since nowadays socket memory is properly
 * tracked by memcg, and hence we don't need to enforce extra limits here. Moreover, the kernel caps it to
 * /proc/sys/net/core/somaxconn anyway, thus by setting this to unbounded we just make that sysctl file
 * authoritative. */
#define SOMAXCONN_DELUXE INT_MAX

int vsock_get_local_cid(unsigned *ret);

int netlink_socket_get_multicast_groups(int fd, size_t *ret_len, uint32_t **ret_groups);

int socket_get_cookie(int fd, uint64_t *ret);

void cmsg_close_all(struct msghdr *mh);

1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
2	#pragma once
3
4	#include <linux/if_ether.h>
5	#include <linux/if_infiniband.h>
6	#include <linux/if_packet.h>
7	#include <linux/netlink.h>
8	#include <linux/vm_sockets.h>
9	#include <netinet/in.h>
10	#include <sys/socket.h>
11	#include <sys/un.h>
12
13	#include "forward.h"
14	#include "memory-util.h"
15	#include "missing_network.h"
16
17	union sockaddr_union {
18	/* The minimal, abstract version */
19	struct sockaddr sa;
20
21	/* The libc provided version that allocates "enough room" for every protocol */
22	struct sockaddr_storage storage;
23
24	/* Protocol-specific implementations */
25	struct sockaddr_in in;
26	struct sockaddr_in6 in6;
27	struct sockaddr_un un;
28	struct sockaddr_nl nl;
29	struct sockaddr_ll ll;
30	struct sockaddr_vm vm;
31
32	/* Ensure there is enough space to store Infiniband addresses */
33	uint8_t ll_buffer[offsetof(struct sockaddr_ll, sll_addr) + CONST_MAX(ETH_ALEN, INFINIBAND_ALEN)];
34
35	/* Ensure there is enough space after the AF_UNIX sun_path for one more NUL byte, just to be sure that the path
36	* component is always followed by at least one NUL byte. */
37	uint8_t un_buffer[sizeof(struct sockaddr_un) + 1];
38	};
39
40	#define SUN_PATH_LEN (sizeof(((struct sockaddr_un){}).sun_path))
41
42	typedef struct SocketAddress {
43	union sockaddr_union sockaddr;
44
45	/* We store the size here explicitly due to the weird
46	* sockaddr_un semantics for abstract sockets */
47	socklen_t size;
48
49	/* Socket type, i.e. SOCK_STREAM, SOCK_DGRAM, ... */
50	int type;
51
52	/* Socket protocol, IPPROTO_xxx, usually 0, except for netlink */
53	int protocol;
54	} SocketAddress;
55
56	typedef enum SocketAddressBindIPv6Only {
57	SOCKET_ADDRESS_DEFAULT,
58	SOCKET_ADDRESS_BOTH,
59	SOCKET_ADDRESS_IPV6_ONLY,
60	_SOCKET_ADDRESS_BIND_IPV6_ONLY_MAX,
61	_SOCKET_ADDRESS_BIND_IPV6_ONLY_INVALID = -EINVAL,
62	} SocketAddressBindIPv6Only;
63
64	#define socket_address_family(a) ((a)->sockaddr.sa.sa_family)
65
66	const char* socket_address_type_to_string(int t) _const_;
67	int socket_address_type_from_string(const char *s) _pure_;
68
69	int sockaddr_un_unlink(const struct sockaddr_un *sa);
70
71	static inline int socket_address_unlink(const SocketAddress *a) {	54✔
72	return socket_address_family(a) == AF_UNIX ? sockaddr_un_unlink(&a->sockaddr.un) : 0;	54✔
73	}
74
75	bool socket_address_can_accept(const SocketAddress *a) _pure_;
76
77	int socket_address_listen(
78	const SocketAddress *a,
79	int flags,
80	int backlog,
81	SocketAddressBindIPv6Only only,
82	const char *bind_to_device,
83	bool reuse_port,
84	bool free_bind,
85	bool transparent,
86	mode_t directory_mode,
87	mode_t socket_mode,
88	const char *label);
89
90	int socket_address_verify(const SocketAddress *a, bool strict) _pure_;
91	int socket_address_print(const SocketAddress a, char *p);
92	bool socket_address_matches_fd(const SocketAddress *a, int fd);
93
94	bool socket_address_equal(const SocketAddress a, const SocketAddress b) _pure_;
95
96	const char* socket_address_get_path(const SocketAddress *a);
97
98	bool socket_ipv6_is_supported(void);
99	bool socket_ipv6_is_enabled(void);
100
101	int sockaddr_port(const struct sockaddr _sa, unsigned port);
102	const union in_addr_union sockaddr_in_addr(const struct sockaddr sa);
103	int sockaddr_set_in_addr(union sockaddr_union u, int family, const union in_addr_union a, uint16_t port);
104
105	int sockaddr_pretty(const struct sockaddr _sa, socklen_t salen, bool translate_ipv6, bool include_port, char *ret);
106	int getpeername_pretty(int fd, bool include_port, char **ret);
107	int getsockname_pretty(int fd, char **ret);
108
109	int socknameinfo_pretty(const struct sockaddr sa, socklen_t salen, char *_ret);
110
111	const char* socket_address_bind_ipv6_only_to_string(SocketAddressBindIPv6Only b) _const_;
112	SocketAddressBindIPv6Only socket_address_bind_ipv6_only_from_string(const char *s) _pure_;
113	SocketAddressBindIPv6Only socket_address_bind_ipv6_only_or_bool_from_string(const char *s);
114
115	int netlink_family_to_string_alloc(int b, char **s);
116	int netlink_family_from_string(const char *s) _pure_;
117
118	bool sockaddr_equal(const union sockaddr_union a, const union sockaddr_union b);
119
120	int fd_set_sndbuf(int fd, size_t n, bool increase);
121	static inline int fd_inc_sndbuf(int fd, size_t n) {	430,310✔
122	return fd_set_sndbuf(fd, n, true);	430,310✔
123	}
124	int fd_set_rcvbuf(int fd, size_t n, bool increase);
125	static inline int fd_increase_rxbuf(int fd, size_t n) {	32,559✔
126	return fd_set_rcvbuf(fd, n, true);	32,559✔
127	}
128
129	int ip_tos_to_string_alloc(int i, char **s);
130	int ip_tos_from_string(const char *s);
131
132	typedef enum {
133	IFNAME_VALID_ALTERNATIVE = 1 << 0, /* Allow "altnames" too */
134	IFNAME_VALID_NUMERIC = 1 << 1, /* Allow decimal formatted ifindexes too */
135	IFNAME_VALID_SPECIAL = 1 << 2, /* Allow the special names "all" and "default" */
136	_IFNAME_VALID_ALL = IFNAME_VALID_ALTERNATIVE \| IFNAME_VALID_NUMERIC \| IFNAME_VALID_SPECIAL,
137	} IfnameValidFlags;
138	bool ifname_valid_char(char a) _const_;
139	bool ifname_valid_full(const char *p, IfnameValidFlags flags) _pure_;
140	static inline bool ifname_valid(const char *p) {	5,625✔
141	return ifname_valid_full(p, 0);	5,625✔
142	}
143	bool address_label_valid(const char *p) _pure_;
144
145	int getpeercred(int fd, struct ucred *ucred);
146	int getpeersec(int fd, char **ret);
147	int getpeergroups(int fd, gid_t **ret);
148	int getpeerpidfd(int fd);
149	int getpeerpidref(int fd, PidRef *ret);
150
151	ssize_t send_many_fds_iov_sa(
152	int transport_fd,
153	int *fds_array, size_t n_fds_array,
154	const struct iovec *iov, size_t iovlen,
155	const struct sockaddr *sa, socklen_t len,
156	int flags);
157	static inline ssize_t send_many_fds_iov(	1✔
158	int transport_fd,
159	int *fds_array, size_t n_fds_array,
160	const struct iovec *iov, size_t iovlen,
161	int flags) {
162
163	return send_many_fds_iov_sa(transport_fd, fds_array, n_fds_array, iov, iovlen, NULL, 0, flags);	1✔
164	}
165	static inline int send_many_fds(
166	int transport_fd,
167	int *fds_array,
168	size_t n_fds_array,
169	int flags) {
170
171	return send_many_fds_iov_sa(transport_fd, fds_array, n_fds_array, NULL, 0, NULL, 0, flags);
172	}
173	ssize_t send_one_fd_iov_sa(
174	int transport_fd,
175	int fd,
176	const struct iovec *iov, size_t iovlen,
177	const struct sockaddr *sa, socklen_t len,
178	int flags);
179	int send_one_fd_sa(int transport_fd,
180	int fd,
181	const struct sockaddr *sa, socklen_t len,
182	int flags);
183	#define send_one_fd_iov(transport_fd, fd, iov, iovlen, flags) send_one_fd_iov_sa(transport_fd, fd, iov, iovlen, NULL, 0, flags)
184	#define send_one_fd(transport_fd, fd, flags) send_one_fd_iov_sa(transport_fd, fd, NULL, 0, NULL, 0, flags)
185	ssize_t receive_one_fd_iov(int transport_fd, struct iovec iov, size_t iovlen, int flags, int ret_fd);
186	int receive_one_fd(int transport_fd, int flags);
187	ssize_t receive_many_fds_iov(int transport_fd, struct iovec iov, size_t iovlen, int ret_fds_array, size_t ret_n_fds_array, int flags);
188	int receive_many_fds(int transport_fd, int *ret_fds_array, size_t ret_n_fds_array, int flags);
189
190	ssize_t next_datagram_size_fd(int fd);
191
192	int flush_accept(int fd);
193	ssize_t flush_mqueue(int fd);
194
195	#define CMSG_FOREACH(cmsg, mh) \
196	for ((cmsg) = CMSG_FIRSTHDR(mh); (cmsg); (cmsg) = CMSG_NXTHDR((mh), (cmsg)))
197
198	/* Returns the cmsghdr's data pointer, but safely cast to the specified type. Does two alignment checks: one
199	* at compile time, that the requested type has a smaller or same alignment as 'struct cmsghdr', and one
200	* during runtime, that the actual pointer matches the alignment too. This is supposed to catch cases such as
201	* 'struct timeval' is embedded into 'struct cmsghdr' on architectures where the alignment of the former is 8
202	* bytes (because of a 64-bit time_t), but of the latter is 4 bytes (because size_t is 32 bits), such as
203	* riscv32. */
204	#define CMSG_TYPED_DATA(cmsg, type) \
205	({ \
206	struct cmsghdr *_cmsg = (cmsg); \
207	assert_cc(alignof(type) <= alignof(struct cmsghdr)); \
208	_cmsg ? CAST_ALIGN_PTR(type, CMSG_DATA(_cmsg)) : (type*) NULL; \
209	})
210
211	struct cmsghdr* cmsg_find(struct msghdr *mh, int level, int type, socklen_t length);
212	void* cmsg_find_and_copy_data(struct msghdr mh, int level, int type, void buf, size_t buf_len);
213
214	/* Type-safe, dereferencing version of cmsg_find() */
215	#define CMSG_FIND_DATA(mh, level, type, ctype) \
216	CMSG_TYPED_DATA(cmsg_find(mh, level, type, CMSG_LEN(sizeof(ctype))), ctype)
217
218	/* Type-safe version of cmsg_find_and_copy_data() */
219	#define CMSG_FIND_AND_COPY_DATA(mh, level, type, ctype) \
220	(ctype*) cmsg_find_and_copy_data(mh, level, type, &(ctype){}, sizeof(ctype))
221
222	/* Resolves to a type that can carry cmsghdr structures. Make sure things are properly aligned, i.e. the type
223	* itself is placed properly in memory and the size is also aligned to what's appropriate for "cmsghdr"
224	* structures. */
225	#define CMSG_BUFFER_TYPE(size) \
226	union { \
227	struct cmsghdr cmsghdr; \
228	uint8_t buf[size]; \
229	uint8_t align_check[(size) >= CMSG_SPACE(0) && \
230	(size) == CMSG_ALIGN(size) ? 1 : -1]; \
231	}
232
233	size_t sockaddr_ll_len(const struct sockaddr_ll *sa);
234
235	size_t sockaddr_un_len(const struct sockaddr_un *sa);
236
237	size_t sockaddr_len(const union sockaddr_union *sa);
238
239	int socket_ioctl_fd(void);
240
241	int sockaddr_un_set_path(struct sockaddr_un ret, const char path);
242
243	static inline int setsockopt_int(int fd, int level, int optname, int value) {	1,163,959✔
244	if (setsockopt(fd, level, optname, &value, sizeof(value)) < 0)	1,163,959✔
245	return -errno;	167,152✔
246
247	return 0;
248	}
249
250	int getsockopt_int(int fd, int level, int optname, int *ret);
251
252	int socket_bind_to_ifname(int fd, const char *ifname);
253	int socket_bind_to_ifindex(int fd, int ifindex);
254
255	int socket_autobind(int fd, char **ret_name);
256
257	/* Define a 64-bit version of timeval/timespec in any case, even on 32-bit userspace. */
258	struct timeval_large {
259	uint64_t tvl_sec, tvl_usec;
260	};
261	struct timespec_large {
262	uint64_t tvl_sec, tvl_nsec;
263	};
264
265	/* glibc duplicates timespec/timeval on certain 32-bit arches, once in 32-bit and once in 64-bit.
266	* See __convert_scm_timestamps() in glibc source code. Hence, we need additional buffer space for them
267	* to prevent truncating control msg (recvmsg() MSG_CTRUNC). */
268	#define CMSG_SPACE_TIMEVAL \
269	((sizeof(struct timeval) == sizeof(struct timeval_large)) ? \
270	CMSG_SPACE(sizeof(struct timeval)) : \
271	CMSG_SPACE(sizeof(struct timeval)) + \
272	CMSG_SPACE(sizeof(struct timeval_large)))
273	#define CMSG_SPACE_TIMESPEC \
274	((sizeof(struct timespec) == sizeof(struct timespec_large)) ? \
275	CMSG_SPACE(sizeof(struct timespec)) : \
276	CMSG_SPACE(sizeof(struct timespec)) + \
277	CMSG_SPACE(sizeof(struct timespec_large)))
278
279	ssize_t recvmsg_safe(int sockfd, struct msghdr *msg, int flags);
280
281	int socket_get_family(int fd);
282	int socket_set_recvpktinfo(int fd, int af, bool b);
283	int socket_set_unicast_if(int fd, int af, int ifi);
284
285	int socket_set_option(int fd, int af, int opt_ipv4, int opt_ipv6, int val);
286	static inline int socket_set_recverr(int fd, int af, bool b) {	9,214✔
287	return socket_set_option(fd, af, IP_RECVERR, IPV6_RECVERR, b);	9,214✔
288	}
289	static inline int socket_set_recvttl(int fd, int af, bool b) {	1,498✔
290	return socket_set_option(fd, af, IP_RECVTTL, IPV6_RECVHOPLIMIT, b);	1,498✔
291	}
292	static inline int socket_set_ttl(int fd, int af, int ttl) {	1,108✔
293	return socket_set_option(fd, af, IP_TTL, IPV6_UNICAST_HOPS, ttl);	1,108✔
294	}
295	static inline int socket_set_freebind(int fd, int af, bool b) {	6✔
296	return socket_set_option(fd, af, IP_FREEBIND, IPV6_FREEBIND, b);	6✔
297	}
UNCOV 298	static inline int socket_set_transparent(int fd, int af, bool b) {	×
299	return socket_set_option(fd, af, IP_TRANSPARENT, IPV6_TRANSPARENT, b);	×
300	}
301	static inline int socket_set_recvfragsize(int fd, int af, bool b) {	9,414✔
302	return socket_set_option(fd, af, IP_RECVFRAGSIZE, IPV6_RECVFRAGSIZE, b);	9,414✔
303	}
304
305	int socket_get_mtu(int fd, int af, size_t *ret);
306
307	/* an initializer for struct ucred that initialized all fields to the invalid value appropriate for each */
308	#define UCRED_INVALID { .pid = 0, .uid = UID_INVALID, .gid = GID_INVALID }
309
310	int connect_unix_path(int fd, int dir_fd, const char *path);
311
UNCOV 312	static inline bool VSOCK_CID_IS_REGULAR(unsigned cid) {	×
313	/* 0, 1, 2, UINT32_MAX are special, refuse those */
UNCOV 314	return cid > 2 && cid < UINT32_MAX;	×
315	}
316
317	int vsock_parse_port(const char s, unsigned ret);
318	int vsock_parse_cid(const char s, unsigned ret);
319
320	/* Parses AF_UNIX and AF_VSOCK addresses. AF_INET[6] require some netlink calls, so it cannot be in
321	* src/basic/ and is done from 'socket_local_address from src/shared/. Return -EPROTO in case of
322	* protocol mismatch. */
323	int socket_address_parse_unix(SocketAddress ret_address, const char s);
324	int socket_address_parse_vsock(SocketAddress ret_address, const char s);
325	int socket_address_equal_unix(const char a, const char b);
326
327	/* libc's SOMAXCONN is defined to 128 or 4096 (at least on glibc). But actually, the value can be much
328	* larger. In our codebase we want to set it to the max usually, since nowadays socket memory is properly
329	* tracked by memcg, and hence we don't need to enforce extra limits here. Moreover, the kernel caps it to
330	* /proc/sys/net/core/somaxconn anyway, thus by setting this to unbounded we just make that sysctl file
331	* authoritative. */
332	#define SOMAXCONN_DELUXE INT_MAX
333
334	int vsock_get_local_cid(unsigned *ret);
335
336	int netlink_socket_get_multicast_groups(int fd, size_t ret_len, uint32_t *ret_groups);
337
338	int socket_get_cookie(int fd, uint64_t *ret);
339
340	void cmsg_close_all(struct msghdr *mh);

systemd / systemd / 16062852561

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous