]> git.proxmox.com Git - systemd.git/blob - src/udev/udev-rules.c
projects / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
New upstream version 249~rc1
[systemd.git] / src / udev / udev-rules.c
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2
3 #include <ctype.h>
4
5 #include "alloc-util.h"
6 #include "architecture.h"
7 #include "conf-files.h"
8 #include "def.h"
9 #include "device-private.h"
10 #include "device-util.h"
11 #include "dirent-util.h"
12 #include "escape.h"
13 #include "fd-util.h"
14 #include "fileio.h"
15 #include "format-util.h"
16 #include "fs-util.h"
17 #include "glob-util.h"
18 #include "list.h"
19 #include "mkdir.h"
20 #include "nulstr-util.h"
21 #include "parse-util.h"
22 #include "path-util.h"
23 #include "proc-cmdline.h"
24 #include "stat-util.h"
25 #include "strv.h"
26 #include "strxcpyx.h"
27 #include "sysctl-util.h"
28 #include "syslog-util.h"
29 #include "udev-builtin.h"
30 #include "udev-event.h"
31 #include "udev-rules.h"
32 #include "udev-util.h"
33 #include "user-util.h"
34 #include "virt.h"
35
36 #define RULES_DIRS (const char* const*) CONF_PATHS_STRV("udev/rules.d")
37
38 typedef enum {
39 OP_MATCH, /* == */
40 OP_NOMATCH, /* != */
41 OP_ADD, /* += */
42 OP_REMOVE, /* -= */
43 OP_ASSIGN, /* = */
44 OP_ASSIGN_FINAL, /* := */
45 _OP_TYPE_MAX,
46 _OP_TYPE_INVALID = -EINVAL,
47 } UdevRuleOperatorType;
48
49 typedef enum {
50 MATCH_TYPE_EMPTY, /* empty string */
51 MATCH_TYPE_PLAIN, /* no special characters */
52 MATCH_TYPE_PLAIN_WITH_EMPTY, /* no special characters with empty string, e.g., "|foo" */
53 MATCH_TYPE_GLOB, /* shell globs ?,*,[] */
54 MATCH_TYPE_GLOB_WITH_EMPTY, /* shell globs ?,*,[] with empty string, e.g., "|foo*" */
55 MATCH_TYPE_SUBSYSTEM, /* "subsystem", "bus", or "class" */
56 _MATCH_TYPE_MAX,
57 _MATCH_TYPE_INVALID = -EINVAL,
58 } UdevRuleMatchType;
59
60 typedef enum {
61 SUBST_TYPE_PLAIN, /* no substitution */
62 SUBST_TYPE_FORMAT, /* % or $ */
63 SUBST_TYPE_SUBSYS, /* "[<SUBSYSTEM>/<KERNEL>]<attribute>" format */
64 _SUBST_TYPE_MAX,
65 _SUBST_TYPE_INVALID = -EINVAL,
66 } UdevRuleSubstituteType;
67
68 typedef enum {
69 /* lvalues which take match or nomatch operator */
70 TK_M_ACTION, /* string, device_get_action() */
71 TK_M_DEVPATH, /* path, sd_device_get_devpath() */
72 TK_M_KERNEL, /* string, sd_device_get_sysname() */
73 TK_M_DEVLINK, /* strv, sd_device_get_devlink_first(), sd_device_get_devlink_next() */
74 TK_M_NAME, /* string, name of network interface */
75 TK_M_ENV, /* string, device property, takes key through attribute */
76 TK_M_CONST, /* string, system-specific hard-coded constant */
77 TK_M_TAG, /* strv, sd_device_get_tag_first(), sd_device_get_tag_next() */
78 TK_M_SUBSYSTEM, /* string, sd_device_get_subsystem() */
79 TK_M_DRIVER, /* string, sd_device_get_driver() */
80 TK_M_ATTR, /* string, takes filename through attribute, sd_device_get_sysattr_value(), udev_resolve_subsys_kernel(), etc. */
81 TK_M_SYSCTL, /* string, takes kernel parameter through attribute */
82
83 /* matches parent parameters */
84 TK_M_PARENTS_KERNEL, /* string */
85 TK_M_PARENTS_SUBSYSTEM, /* string */
86 TK_M_PARENTS_DRIVER, /* string */
87 TK_M_PARENTS_ATTR, /* string */
88 TK_M_PARENTS_TAG, /* strv */
89
90 TK_M_TEST, /* path, optionally mode_t can be specified by attribute, test the existence of a file */
91 TK_M_PROGRAM, /* string, execute a program */
92 TK_M_IMPORT_FILE, /* path */
93 TK_M_IMPORT_PROGRAM, /* string, import properties from the result of program */
94 TK_M_IMPORT_BUILTIN, /* string, import properties from the result of built-in command */
95 TK_M_IMPORT_DB, /* string, import properties from database */
96 TK_M_IMPORT_CMDLINE, /* string, kernel command line */
97 TK_M_IMPORT_PARENT, /* string, parent property */
98 TK_M_RESULT, /* string, result of TK_M_PROGRAM */
99
100 #define _TK_M_MAX (TK_M_RESULT + 1)
101 #define _TK_A_MIN _TK_M_MAX
102
103 /* lvalues which take one of assign operators */
104 TK_A_OPTIONS_STRING_ESCAPE_NONE, /* no argument */
105 TK_A_OPTIONS_STRING_ESCAPE_REPLACE, /* no argument */
106 TK_A_OPTIONS_DB_PERSIST, /* no argument */
107 TK_A_OPTIONS_INOTIFY_WATCH, /* boolean */
108 TK_A_OPTIONS_DEVLINK_PRIORITY, /* int */
109 TK_A_OPTIONS_LOG_LEVEL, /* string of log level or "reset" */
110 TK_A_OWNER, /* user name */
111 TK_A_GROUP, /* group name */
112 TK_A_MODE, /* mode string */
113 TK_A_OWNER_ID, /* uid_t */
114 TK_A_GROUP_ID, /* gid_t */
115 TK_A_MODE_ID, /* mode_t */
116 TK_A_TAG, /* string */
117 TK_A_OPTIONS_STATIC_NODE, /* device path, /dev/... */
118 TK_A_SECLABEL, /* string with attribute */
119 TK_A_ENV, /* string with attribute */
120 TK_A_NAME, /* ifname */
121 TK_A_DEVLINK, /* string */
122 TK_A_ATTR, /* string with attribute */
123 TK_A_SYSCTL, /* string with attribute */
124 TK_A_RUN_BUILTIN, /* string */
125 TK_A_RUN_PROGRAM, /* string */
126
127 _TK_TYPE_MAX,
128 _TK_TYPE_INVALID = -EINVAL,
129 } UdevRuleTokenType;
130
131 typedef enum {
132 LINE_HAS_NAME = 1 << 0, /* has NAME= */
133 LINE_HAS_DEVLINK = 1 << 1, /* has SYMLINK=, OWNER=, GROUP= or MODE= */
134 LINE_HAS_STATIC_NODE = 1 << 2, /* has OPTIONS=static_node */
135 LINE_HAS_GOTO = 1 << 3, /* has GOTO= */
136 LINE_HAS_LABEL = 1 << 4, /* has LABEL= */
137 LINE_UPDATE_SOMETHING = 1 << 5, /* has other TK_A_* or TK_M_IMPORT tokens */
138 } UdevRuleLineType;
139
140 typedef struct UdevRuleFile UdevRuleFile;
141 typedef struct UdevRuleLine UdevRuleLine;
142 typedef struct UdevRuleToken UdevRuleToken;
143
144 struct UdevRuleToken {
145 UdevRuleTokenType type:8;
146 UdevRuleOperatorType op:8;
147 UdevRuleMatchType match_type:8;
148 UdevRuleSubstituteType attr_subst_type:7;
149 bool attr_match_remove_trailing_whitespace:1;
150 const char *value;
151 void *data;
152 LIST_FIELDS(UdevRuleToken, tokens);
153 };
154
155 struct UdevRuleLine {
156 char *line;
157 unsigned line_number;
158 UdevRuleLineType type;
159
160 const char *label;
161 const char *goto_label;
162 UdevRuleLine *goto_line;
163
164 UdevRuleFile *rule_file;
165 UdevRuleToken *current_token;
166 LIST_HEAD(UdevRuleToken, tokens);
167 LIST_FIELDS(UdevRuleLine, rule_lines);
168 };
169
170 struct UdevRuleFile {
171 char *filename;
172 UdevRuleLine *current_line;
173 LIST_HEAD(UdevRuleLine, rule_lines);
174 LIST_FIELDS(UdevRuleFile, rule_files);
175 };
176
177 struct UdevRules {
178 usec_t dirs_ts_usec;
179 ResolveNameTiming resolve_name_timing;
180 Hashmap *known_users;
181 Hashmap *known_groups;
182 UdevRuleFile *current_file;
183 LIST_HEAD(UdevRuleFile, rule_files);
184 };
185
186 /*** Logging helpers ***/
187
188 #define log_rule_full_errno_zerook(device, rules, level, error, fmt, ...) \
189 ({ \
190 UdevRules *_r = (rules); \
191 UdevRuleFile *_f = _r ? _r->current_file : NULL; \
192 UdevRuleLine *_l = _f ? _f->current_line : NULL; \
193 const char *_n = _f ? _f->filename : NULL; \
194 \
195 log_device_full_errno_zerook( \
196 device, level, error, "%s:%u " fmt, \
197 strna(_n), _l ? _l->line_number : 0, \
198 ##__VA_ARGS__); \
199 })
200
201 #define log_rule_full_errno(device, rules, level, error, fmt, ...) \
202 ({ \
203 int _error = (error); \
204 ASSERT_NON_ZERO(_error); \
205 log_rule_full_errno_zerook( \
206 device, rules, level, _error, fmt, ##__VA_ARGS__); \
207 })
208
209 #define log_rule_full(device, rules, level, ...) (void) log_rule_full_errno_zerook(device, rules, level, 0, __VA_ARGS__)
210
211 #define log_rule_debug(device, rules, ...) log_rule_full(device, rules, LOG_DEBUG, __VA_ARGS__)
212 #define log_rule_info(device, rules, ...) log_rule_full(device, rules, LOG_INFO, __VA_ARGS__)
213 #define log_rule_notice(device, rules, ...) log_rule_full(device, rules, LOG_NOTICE, __VA_ARGS__)
214 #define log_rule_warning(device, rules, ...) log_rule_full(device, rules, LOG_WARNING, __VA_ARGS__)
215 #define log_rule_error(device, rules, ...) log_rule_full(device, rules, LOG_ERR, __VA_ARGS__)
216
217 #define log_rule_debug_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_DEBUG, error, __VA_ARGS__)
218 #define log_rule_info_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_INFO, error, __VA_ARGS__)
219 #define log_rule_notice_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_NOTICE, error, __VA_ARGS__)
220 #define log_rule_warning_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_WARNING, error, __VA_ARGS__)
221 #define log_rule_error_errno(device, rules, error, ...) log_rule_full_errno(device, rules, LOG_ERR, error, __VA_ARGS__)
222
223 #define log_token_full_errno_zerook(rules, level, error, ...) log_rule_full_errno_zerook(NULL, rules, level, error, __VA_ARGS__)
224 #define log_token_full_errno(rules, level, error, ...) log_rule_full_errno(NULL, rules, level, error, __VA_ARGS__)
225 #define log_token_full(rules, level, ...) (void) log_token_full_errno_zerook(rules, level, 0, __VA_ARGS__)
226
227 #define log_token_debug(rules, ...) log_token_full(rules, LOG_DEBUG, __VA_ARGS__)
228 #define log_token_info(rules, ...) log_token_full(rules, LOG_INFO, __VA_ARGS__)
229 #define log_token_notice(rules, ...) log_token_full(rules, LOG_NOTICE, __VA_ARGS__)
230 #define log_token_warning(rules, ...) log_token_full(rules, LOG_WARNING, __VA_ARGS__)
231 #define log_token_error(rules, ...) log_token_full(rules, LOG_ERR, __VA_ARGS__)
232
233 #define log_token_debug_errno(rules, error, ...) log_token_full_errno(rules, LOG_DEBUG, error, __VA_ARGS__)
234 #define log_token_info_errno(rules, error, ...) log_token_full_errno(rules, LOG_INFO, error, __VA_ARGS__)
235 #define log_token_notice_errno(rules, error, ...) log_token_full_errno(rules, LOG_NOTICE, error, __VA_ARGS__)
236 #define log_token_warning_errno(rules, error, ...) log_token_full_errno(rules, LOG_WARNING, error, __VA_ARGS__)
237 #define log_token_error_errno(rules, error, ...) log_token_full_errno(rules, LOG_ERR, error, __VA_ARGS__)
238
239 #define _log_token_invalid(rules, key, type) \
240 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
241 "Invalid %s for %s.", type, key)
242
243 #define log_token_invalid_op(rules, key) _log_token_invalid(rules, key, "operator")
244 #define log_token_invalid_attr(rules, key) _log_token_invalid(rules, key, "attribute")
245
246 #define log_token_invalid_attr_format(rules, key, attr, offset, hint) \
247 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
248 "Invalid attribute \"%s\" for %s (char %zu: %s), ignoring, but please fix it.", \
249 attr, key, offset, hint)
250 #define log_token_invalid_value(rules, key, value, offset, hint) \
251 log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), \
252 "Invalid value \"%s\" for %s (char %zu: %s), ignoring, but please fix it.", \
253 value, key, offset, hint)
254
255 static void log_unknown_owner(sd_device *dev, UdevRules *rules, int error, const char *entity, const char *name) {
256 if (IN_SET(abs(error), ENOENT, ESRCH))
257 log_rule_error(dev, rules, "Unknown %s '%s', ignoring", entity, name);
258 else
259 log_rule_error_errno(dev, rules, error, "Failed to resolve %s '%s', ignoring: %m", entity, name);
260 }
261
262 /*** Other functions ***/
263
264 static void udev_rule_token_free(UdevRuleToken *token) {
265 free(token);
266 }
267
268 static void udev_rule_line_clear_tokens(UdevRuleLine *rule_line) {
269 UdevRuleToken *i, *next;
270
271 assert(rule_line);
272
273 LIST_FOREACH_SAFE(tokens, i, next, rule_line->tokens)
274 udev_rule_token_free(i);
275
276 rule_line->tokens = NULL;
277 }
278
279 static UdevRuleLine* udev_rule_line_free(UdevRuleLine *rule_line) {
280 if (!rule_line)
281 return NULL;
282
283 udev_rule_line_clear_tokens(rule_line);
284
285 if (rule_line->rule_file) {
286 if (rule_line->rule_file->current_line == rule_line)
287 rule_line->rule_file->current_line = rule_line->rule_lines_prev;
288
289 LIST_REMOVE(rule_lines, rule_line->rule_file->rule_lines, rule_line);
290 }
291
292 free(rule_line->line);
293 return mfree(rule_line);
294 }
295
296 DEFINE_TRIVIAL_CLEANUP_FUNC(UdevRuleLine*, udev_rule_line_free);
297
298 static void udev_rule_file_free(UdevRuleFile *rule_file) {
299 UdevRuleLine *i, *next;
300
301 if (!rule_file)
302 return;
303
304 LIST_FOREACH_SAFE(rule_lines, i, next, rule_file->rule_lines)
305 udev_rule_line_free(i);
306
307 free(rule_file->filename);
308 free(rule_file);
309 }
310
311 UdevRules *udev_rules_free(UdevRules *rules) {
312 UdevRuleFile *i, *next;
313
314 if (!rules)
315 return NULL;
316
317 LIST_FOREACH_SAFE(rule_files, i, next, rules->rule_files)
318 udev_rule_file_free(i);
319
320 hashmap_free_free_key(rules->known_users);
321 hashmap_free_free_key(rules->known_groups);
322 return mfree(rules);
323 }
324
325 static int rule_resolve_user(UdevRules *rules, const char *name, uid_t *ret) {
326 _cleanup_free_ char *n = NULL;
327 uid_t uid;
328 void *val;
329 int r;
330
331 assert(rules);
332 assert(name);
333
334 val = hashmap_get(rules->known_users, name);
335 if (val) {
336 *ret = PTR_TO_UID(val);
337 return 0;
338 }
339
340 r = get_user_creds(&name, &uid, NULL, NULL, NULL, USER_CREDS_ALLOW_MISSING);
341 if (r < 0) {
342 log_unknown_owner(NULL, rules, r, "user", name);
343 *ret = UID_INVALID;
344 return 0;
345 }
346
347 n = strdup(name);
348 if (!n)
349 return -ENOMEM;
350
351 r = hashmap_ensure_put(&rules->known_users, &string_hash_ops, n, UID_TO_PTR(uid));
352 if (r < 0)
353 return r;
354
355 TAKE_PTR(n);
356 *ret = uid;
357 return 0;
358 }
359
360 static int rule_resolve_group(UdevRules *rules, const char *name, gid_t *ret) {
361 _cleanup_free_ char *n = NULL;
362 gid_t gid;
363 void *val;
364 int r;
365
366 assert(rules);
367 assert(name);
368
369 val = hashmap_get(rules->known_groups, name);
370 if (val) {
371 *ret = PTR_TO_GID(val);
372 return 0;
373 }
374
375 r = get_group_creds(&name, &gid, USER_CREDS_ALLOW_MISSING);
376 if (r < 0) {
377 log_unknown_owner(NULL, rules, r, "group", name);
378 *ret = GID_INVALID;
379 return 0;
380 }
381
382 n = strdup(name);
383 if (!n)
384 return -ENOMEM;
385
386 r = hashmap_ensure_put(&rules->known_groups, &string_hash_ops, n, GID_TO_PTR(gid));
387 if (r < 0)
388 return r;
389
390 TAKE_PTR(n);
391 *ret = gid;
392 return 0;
393 }
394
395 static UdevRuleSubstituteType rule_get_substitution_type(const char *str) {
396 assert(str);
397
398 if (str[0] == '[')
399 return SUBST_TYPE_SUBSYS;
400 if (strchr(str, '%') || strchr(str, '$'))
401 return SUBST_TYPE_FORMAT;
402 return SUBST_TYPE_PLAIN;
403 }
404
405 static void rule_line_append_token(UdevRuleLine *rule_line, UdevRuleToken *token) {
406 assert(rule_line);
407 assert(token);
408
409 if (rule_line->current_token)
410 LIST_APPEND(tokens, rule_line->current_token, token);
411 else
412 LIST_APPEND(tokens, rule_line->tokens, token);
413
414 rule_line->current_token = token;
415 }
416
417 static int rule_line_add_token(UdevRuleLine *rule_line, UdevRuleTokenType type, UdevRuleOperatorType op, char *value, void *data) {
418 UdevRuleToken *token;
419 UdevRuleMatchType match_type = _MATCH_TYPE_INVALID;
420 UdevRuleSubstituteType subst_type = _SUBST_TYPE_INVALID;
421 bool remove_trailing_whitespace = false;
422 size_t len;
423
424 assert(rule_line);
425 assert(type >= 0 && type < _TK_TYPE_MAX);
426 assert(op >= 0 && op < _OP_TYPE_MAX);
427
428 if (type < _TK_M_MAX) {
429 assert(value);
430 assert(IN_SET(op, OP_MATCH, OP_NOMATCH));
431
432 if (type == TK_M_SUBSYSTEM && STR_IN_SET(value, "subsystem", "bus", "class"))
433 match_type = MATCH_TYPE_SUBSYSTEM;
434 else if (isempty(value))
435 match_type = MATCH_TYPE_EMPTY;
436 else if (streq(value, "?*")) {
437 /* Convert KEY=="?*" -> KEY!="" */
438 match_type = MATCH_TYPE_EMPTY;
439 op = op == OP_MATCH ? OP_NOMATCH : OP_MATCH;
440 } else if (string_is_glob(value))
441 match_type = MATCH_TYPE_GLOB;
442 else
443 match_type = MATCH_TYPE_PLAIN;
444
445 if (type < TK_M_TEST || type == TK_M_RESULT) {
446 /* Convert value string to nulstr. */
447 bool bar = true, empty = false;
448 char *a, *b;
449
450 for (a = b = value; *a != '\0'; a++) {
451 if (*a != '|') {
452 *b++ = *a;
453 bar = false;
454 } else {
455 if (bar)
456 empty = true;
457 else
458 *b++ = '\0';
459 bar = true;
460 }
461 }
462 *b = '\0';
463
464 /* Make sure the value is end, so NULSTR_FOREACH can read correct match */
465 if (b < a)
466 b[1] = '\0';
467
468 if (bar)
469 empty = true;
470
471 if (empty) {
472 if (match_type == MATCH_TYPE_GLOB)
473 match_type = MATCH_TYPE_GLOB_WITH_EMPTY;
474 if (match_type == MATCH_TYPE_PLAIN)
475 match_type = MATCH_TYPE_PLAIN_WITH_EMPTY;
476 }
477 }
478 }
479
480 if (IN_SET(type, TK_M_ATTR, TK_M_PARENTS_ATTR)) {
481 assert(value);
482 assert(data);
483
484 len = strlen(value);
485 if (len > 0 && !isspace(value[len - 1]))
486 remove_trailing_whitespace = true;
487
488 subst_type = rule_get_substitution_type(data);
489 }
490
491 token = new(UdevRuleToken, 1);
492 if (!token)
493 return -ENOMEM;
494
495 *token = (UdevRuleToken) {
496 .type = type,
497 .op = op,
498 .value = value,
499 .data = data,
500 .match_type = match_type,
501 .attr_subst_type = subst_type,
502 .attr_match_remove_trailing_whitespace = remove_trailing_whitespace,
503 };
504
505 rule_line_append_token(rule_line, token);
506
507 if (token->type == TK_A_NAME)
508 SET_FLAG(rule_line->type, LINE_HAS_NAME, true);
509
510 else if (IN_SET(token->type, TK_A_DEVLINK,
511 TK_A_OWNER, TK_A_GROUP, TK_A_MODE,
512 TK_A_OWNER_ID, TK_A_GROUP_ID, TK_A_MODE_ID))
513 SET_FLAG(rule_line->type, LINE_HAS_DEVLINK, true);
514
515 else if (token->type == TK_A_OPTIONS_STATIC_NODE)
516 SET_FLAG(rule_line->type, LINE_HAS_STATIC_NODE, true);
517
518 else if (token->type >= _TK_A_MIN ||
519 IN_SET(token->type, TK_M_PROGRAM,
520 TK_M_IMPORT_FILE, TK_M_IMPORT_PROGRAM, TK_M_IMPORT_BUILTIN,
521 TK_M_IMPORT_DB, TK_M_IMPORT_CMDLINE, TK_M_IMPORT_PARENT))
522 SET_FLAG(rule_line->type, LINE_UPDATE_SOMETHING, true);
523
524 return 0;
525 }
526
527 static void check_value_format_and_warn(UdevRules *rules, const char *key, const char *value, bool nonempty) {
528 size_t offset;
529 const char *hint;
530
531 if (nonempty && isempty(value))
532 log_token_invalid_value(rules, key, value, (size_t) 0, "empty value");
533 else if (udev_check_format(value, &offset, &hint) < 0)
534 log_token_invalid_value(rules, key, value, offset + 1, hint);
535 }
536
537 static int check_attr_format_and_warn(UdevRules *rules, const char *key, const char *value) {
538 size_t offset;
539 const char *hint;
540
541 if (isempty(value))
542 return log_token_invalid_attr(rules, key);
543 if (udev_check_format(value, &offset, &hint) < 0)
544 log_token_invalid_attr_format(rules, key, value, offset + 1, hint);
545 return 0;
546 }
547
548 static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOperatorType op, char *value) {
549 bool is_match = IN_SET(op, OP_MATCH, OP_NOMATCH);
550 UdevRuleLine *rule_line;
551 int r;
552
553 assert(rules);
554 assert(rules->current_file);
555 assert(rules->current_file->current_line);
556 assert(key);
557 assert(value);
558
559 rule_line = rules->current_file->current_line;
560
561 if (streq(key, "ACTION")) {
562 if (attr)
563 return log_token_invalid_attr(rules, key);
564 if (!is_match)
565 return log_token_invalid_op(rules, key);
566
567 r = rule_line_add_token(rule_line, TK_M_ACTION, op, value, NULL);
568 } else if (streq(key, "DEVPATH")) {
569 if (attr)
570 return log_token_invalid_attr(rules, key);
571 if (!is_match)
572 return log_token_invalid_op(rules, key);
573
574 r = rule_line_add_token(rule_line, TK_M_DEVPATH, op, value, NULL);
575 } else if (streq(key, "KERNEL")) {
576 if (attr)
577 return log_token_invalid_attr(rules, key);
578 if (!is_match)
579 return log_token_invalid_op(rules, key);
580
581 r = rule_line_add_token(rule_line, TK_M_KERNEL, op, value, NULL);
582 } else if (streq(key, "SYMLINK")) {
583 if (attr)
584 return log_token_invalid_attr(rules, key);
585 if (op == OP_REMOVE)
586 return log_token_invalid_op(rules, key);
587
588 if (!is_match) {
589 check_value_format_and_warn(rules, key, value, false);
590 r = rule_line_add_token(rule_line, TK_A_DEVLINK, op, value, NULL);
591 } else
592 r = rule_line_add_token(rule_line, TK_M_DEVLINK, op, value, NULL);
593 } else if (streq(key, "NAME")) {
594 if (attr)
595 return log_token_invalid_attr(rules, key);
596 if (op == OP_REMOVE)
597 return log_token_invalid_op(rules, key);
598 if (op == OP_ADD) {
599 log_token_warning(rules, "%s key takes '==', '!=', '=', or ':=' operator, assuming '=', but please fix it.", key);
600 op = OP_ASSIGN;
601 }
602
603 if (!is_match) {
604 if (streq(value, "%k"))
605 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
606 "NAME=\"%%k\" is ignored, as it breaks kernel supplied names.");
607 if (isempty(value))
608 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
609 "Ignoring NAME=\"\", as udev will not delete any device nodes.");
610 check_value_format_and_warn(rules, key, value, false);
611
612 r = rule_line_add_token(rule_line, TK_A_NAME, op, value, NULL);
613 } else
614 r = rule_line_add_token(rule_line, TK_M_NAME, op, value, NULL);
615 } else if (streq(key, "ENV")) {
616 if (isempty(attr))
617 return log_token_invalid_attr(rules, key);
618 if (op == OP_REMOVE)
619 return log_token_invalid_op(rules, key);
620 if (op == OP_ASSIGN_FINAL) {
621 log_token_warning(rules, "%s key takes '==', '!=', '=', or '+=' operator, assuming '=', but please fix it.", key);
622 op = OP_ASSIGN;
623 }
624
625 if (!is_match) {
626 if (STR_IN_SET(attr,
627 "ACTION", "DEVLINKS", "DEVNAME", "DEVPATH", "DEVTYPE", "DRIVER",
628 "IFINDEX", "MAJOR", "MINOR", "SEQNUM", "SUBSYSTEM", "TAGS"))
629 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
630 "Invalid ENV attribute. '%s' cannot be set.", attr);
631
632 check_value_format_and_warn(rules, key, value, false);
633
634 r = rule_line_add_token(rule_line, TK_A_ENV, op, value, attr);
635 } else
636 r = rule_line_add_token(rule_line, TK_M_ENV, op, value, attr);
637 } else if (streq(key, "CONST")) {
638 if (isempty(attr) || !STR_IN_SET(attr, "arch", "virt"))
639 return log_token_invalid_attr(rules, key);
640 if (!is_match)
641 return log_token_invalid_op(rules, key);
642 r = rule_line_add_token(rule_line, TK_M_CONST, op, value, attr);
643 } else if (streq(key, "TAG")) {
644 if (attr)
645 return log_token_invalid_attr(rules, key);
646 if (op == OP_ASSIGN_FINAL) {
647 log_token_warning(rules, "%s key takes '==', '!=', '=', or '+=' operator, assuming '=', but please fix it.", key);
648 op = OP_ASSIGN;
649 }
650
651 if (!is_match) {
652 check_value_format_and_warn(rules, key, value, true);
653
654 r = rule_line_add_token(rule_line, TK_A_TAG, op, value, NULL);
655 } else
656 r = rule_line_add_token(rule_line, TK_M_TAG, op, value, NULL);
657 } else if (streq(key, "SUBSYSTEM")) {
658 if (attr)
659 return log_token_invalid_attr(rules, key);
660 if (!is_match)
661 return log_token_invalid_op(rules, key);
662
663 if (STR_IN_SET(value, "bus", "class"))
664 log_token_warning(rules, "'%s' must be specified as 'subsystem'; please fix it", value);
665
666 r = rule_line_add_token(rule_line, TK_M_SUBSYSTEM, op, value, NULL);
667 } else if (streq(key, "DRIVER")) {
668 if (attr)
669 return log_token_invalid_attr(rules, key);
670 if (!is_match)
671 return log_token_invalid_op(rules, key);
672
673 r = rule_line_add_token(rule_line, TK_M_DRIVER, op, value, NULL);
674 } else if (streq(key, "ATTR")) {
675 r = check_attr_format_and_warn(rules, key, attr);
676 if (r < 0)
677 return r;
678 if (op == OP_REMOVE)
679 return log_token_invalid_op(rules, key);
680 if (IN_SET(op, OP_ADD, OP_ASSIGN_FINAL)) {
681 log_token_warning(rules, "%s key takes '==', '!=', or '=' operator, assuming '=', but please fix it.", key);
682 op = OP_ASSIGN;
683 }
684
685 if (!is_match) {
686 check_value_format_and_warn(rules, key, value, false);
687 r = rule_line_add_token(rule_line, TK_A_ATTR, op, value, attr);
688 } else
689 r = rule_line_add_token(rule_line, TK_M_ATTR, op, value, attr);
690 } else if (streq(key, "SYSCTL")) {
691 r = check_attr_format_and_warn(rules, key, attr);
692 if (r < 0)
693 return r;
694 if (op == OP_REMOVE)
695 return log_token_invalid_op(rules, key);
696 if (IN_SET(op, OP_ADD, OP_ASSIGN_FINAL)) {
697 log_token_warning(rules, "%s key takes '==', '!=', or '=' operator, assuming '=', but please fix it.", key);
698 op = OP_ASSIGN;
699 }
700
701 if (!is_match) {
702 check_value_format_and_warn(rules, key, value, false);
703 r = rule_line_add_token(rule_line, TK_A_SYSCTL, op, value, attr);
704 } else
705 r = rule_line_add_token(rule_line, TK_M_SYSCTL, op, value, attr);
706 } else if (streq(key, "KERNELS")) {
707 if (attr)
708 return log_token_invalid_attr(rules, key);
709 if (!is_match)
710 return log_token_invalid_op(rules, key);
711
712 r = rule_line_add_token(rule_line, TK_M_PARENTS_KERNEL, op, value, NULL);
713 } else if (streq(key, "SUBSYSTEMS")) {
714 if (attr)
715 return log_token_invalid_attr(rules, key);
716 if (!is_match)
717 return log_token_invalid_op(rules, key);
718
719 r = rule_line_add_token(rule_line, TK_M_PARENTS_SUBSYSTEM, op, value, NULL);
720 } else if (streq(key, "DRIVERS")) {
721 if (attr)
722 return log_token_invalid_attr(rules, key);
723 if (!is_match)
724 return log_token_invalid_op(rules, key);
725
726 r = rule_line_add_token(rule_line, TK_M_PARENTS_DRIVER, op, value, NULL);
727 } else if (streq(key, "ATTRS")) {
728 r = check_attr_format_and_warn(rules, key, attr);
729 if (r < 0)
730 return r;
731 if (!is_match)
732 return log_token_invalid_op(rules, key);
733
734 if (startswith(attr, "device/"))
735 log_token_warning(rules, "'device' link may not be available in future kernels; please fix it.");
736 if (strstr(attr, "../"))
737 log_token_warning(rules, "Direct reference to parent sysfs directory, may break in future kernels; please fix it.");
738
739 r = rule_line_add_token(rule_line, TK_M_PARENTS_ATTR, op, value, attr);
740 } else if (streq(key, "TAGS")) {
741 if (attr)
742 return log_token_invalid_attr(rules, key);
743 if (!is_match)
744 return log_token_invalid_op(rules, key);
745
746 r = rule_line_add_token(rule_line, TK_M_PARENTS_TAG, op, value, NULL);
747 } else if (streq(key, "TEST")) {
748 mode_t mode = MODE_INVALID;
749
750 if (!isempty(attr)) {
751 r = parse_mode(attr, &mode);
752 if (r < 0)
753 return log_token_error_errno(rules, r, "Failed to parse mode '%s': %m", attr);
754 }
755 check_value_format_and_warn(rules, key, value, true);
756 if (!is_match)
757 return log_token_invalid_op(rules, key);
758
759 r = rule_line_add_token(rule_line, TK_M_TEST, op, value, MODE_TO_PTR(mode));
760 } else if (streq(key, "PROGRAM")) {
761 if (attr)
762 return log_token_invalid_attr(rules, key);
763 check_value_format_and_warn(rules, key, value, true);
764 if (op == OP_REMOVE)
765 return log_token_invalid_op(rules, key);
766 if (!is_match)
767 op = OP_MATCH;
768
769 r = rule_line_add_token(rule_line, TK_M_PROGRAM, op, value, NULL);
770 } else if (streq(key, "IMPORT")) {
771 if (isempty(attr))
772 return log_token_invalid_attr(rules, key);
773 check_value_format_and_warn(rules, key, value, true);
774 if (op == OP_REMOVE)
775 return log_token_invalid_op(rules, key);
776 if (!is_match)
777 op = OP_MATCH;
778
779 if (streq(attr, "file"))
780 r = rule_line_add_token(rule_line, TK_M_IMPORT_FILE, op, value, NULL);
781 else if (streq(attr, "program")) {
782 UdevBuiltinCommand cmd;
783
784 cmd = udev_builtin_lookup(value);
785 if (cmd >= 0) {
786 log_token_debug(rules,"Found builtin command '%s' for %s, replacing attribute", value, key);
787 r = rule_line_add_token(rule_line, TK_M_IMPORT_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
788 } else
789 r = rule_line_add_token(rule_line, TK_M_IMPORT_PROGRAM, op, value, NULL);
790 } else if (streq(attr, "builtin")) {
791 UdevBuiltinCommand cmd;
792
793 cmd = udev_builtin_lookup(value);
794 if (cmd < 0)
795 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
796 "Unknown builtin command: %s", value);
797 r = rule_line_add_token(rule_line, TK_M_IMPORT_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
798 } else if (streq(attr, "db"))
799 r = rule_line_add_token(rule_line, TK_M_IMPORT_DB, op, value, NULL);
800 else if (streq(attr, "cmdline"))
801 r = rule_line_add_token(rule_line, TK_M_IMPORT_CMDLINE, op, value, NULL);
802 else if (streq(attr, "parent"))
803 r = rule_line_add_token(rule_line, TK_M_IMPORT_PARENT, op, value, NULL);
804 else
805 return log_token_invalid_attr(rules, key);
806 } else if (streq(key, "RESULT")) {
807 if (attr)
808 return log_token_invalid_attr(rules, key);
809 if (!is_match)
810 return log_token_invalid_op(rules, key);
811
812 r = rule_line_add_token(rule_line, TK_M_RESULT, op, value, NULL);
813 } else if (streq(key, "OPTIONS")) {
814 char *tmp;
815
816 if (attr)
817 return log_token_invalid_attr(rules, key);
818 if (is_match || op == OP_REMOVE)
819 return log_token_invalid_op(rules, key);
820 if (op == OP_ADD)
821 op = OP_ASSIGN;
822
823 if (streq(value, "string_escape=none"))
824 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STRING_ESCAPE_NONE, op, NULL, NULL);
825 else if (streq(value, "string_escape=replace"))
826 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STRING_ESCAPE_REPLACE, op, NULL, NULL);
827 else if (streq(value, "db_persist"))
828 r = rule_line_add_token(rule_line, TK_A_OPTIONS_DB_PERSIST, op, NULL, NULL);
829 else if (streq(value, "watch"))
830 r = rule_line_add_token(rule_line, TK_A_OPTIONS_INOTIFY_WATCH, op, NULL, INT_TO_PTR(1));
831 else if (streq(value, "nowatch"))
832 r = rule_line_add_token(rule_line, TK_A_OPTIONS_INOTIFY_WATCH, op, NULL, INT_TO_PTR(0));
833 else if ((tmp = startswith(value, "static_node=")))
834 r = rule_line_add_token(rule_line, TK_A_OPTIONS_STATIC_NODE, op, tmp, NULL);
835 else if ((tmp = startswith(value, "link_priority="))) {
836 int prio;
837
838 r = safe_atoi(tmp, &prio);
839 if (r < 0)
840 return log_token_error_errno(rules, r, "Failed to parse link priority '%s': %m", tmp);
841 r = rule_line_add_token(rule_line, TK_A_OPTIONS_DEVLINK_PRIORITY, op, NULL, INT_TO_PTR(prio));
842 } else if ((tmp = startswith(value, "log_level="))) {
843 int level;
844
845 if (streq(tmp, "reset"))
846 level = -1;
847 else {
848 level = log_level_from_string(tmp);
849 if (level < 0)
850 return log_token_error_errno(rules, level, "Failed to parse log level '%s': %m", tmp);
851 }
852 r = rule_line_add_token(rule_line, TK_A_OPTIONS_LOG_LEVEL, op, NULL, INT_TO_PTR(level));
853 } else {
854 log_token_warning(rules, "Invalid value for OPTIONS key, ignoring: '%s'", value);
855 return 0;
856 }
857 } else if (streq(key, "OWNER")) {
858 uid_t uid;
859
860 if (attr)
861 return log_token_invalid_attr(rules, key);
862 if (is_match || op == OP_REMOVE)
863 return log_token_invalid_op(rules, key);
864 if (op == OP_ADD) {
865 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
866 op = OP_ASSIGN;
867 }
868
869 if (parse_uid(value, &uid) >= 0)
870 r = rule_line_add_token(rule_line, TK_A_OWNER_ID, op, NULL, UID_TO_PTR(uid));
871 else if (rules->resolve_name_timing == RESOLVE_NAME_EARLY &&
872 rule_get_substitution_type(value) == SUBST_TYPE_PLAIN) {
873 r = rule_resolve_user(rules, value, &uid);
874 if (r < 0)
875 return log_token_error_errno(rules, r, "Failed to resolve user name '%s': %m", value);
876
877 r = rule_line_add_token(rule_line, TK_A_OWNER_ID, op, NULL, UID_TO_PTR(uid));
878 } else if (rules->resolve_name_timing != RESOLVE_NAME_NEVER) {
879 check_value_format_and_warn(rules, key, value, true);
880 r = rule_line_add_token(rule_line, TK_A_OWNER, op, value, NULL);
881 } else {
882 log_token_debug(rules, "User name resolution is disabled, ignoring %s=%s", key, value);
883 return 0;
884 }
885 } else if (streq(key, "GROUP")) {
886 gid_t gid;
887
888 if (attr)
889 return log_token_invalid_attr(rules, key);
890 if (is_match || op == OP_REMOVE)
891 return log_token_invalid_op(rules, key);
892 if (op == OP_ADD) {
893 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
894 op = OP_ASSIGN;
895 }
896
897 if (parse_gid(value, &gid) >= 0)
898 r = rule_line_add_token(rule_line, TK_A_GROUP_ID, op, NULL, GID_TO_PTR(gid));
899 else if (rules->resolve_name_timing == RESOLVE_NAME_EARLY &&
900 rule_get_substitution_type(value) == SUBST_TYPE_PLAIN) {
901 r = rule_resolve_group(rules, value, &gid);
902 if (r < 0)
903 return log_token_error_errno(rules, r, "Failed to resolve group name '%s': %m", value);
904
905 r = rule_line_add_token(rule_line, TK_A_GROUP_ID, op, NULL, GID_TO_PTR(gid));
906 } else if (rules->resolve_name_timing != RESOLVE_NAME_NEVER) {
907 check_value_format_and_warn(rules, key, value, true);
908 r = rule_line_add_token(rule_line, TK_A_GROUP, op, value, NULL);
909 } else {
910 log_token_debug(rules, "Resolving group name is disabled, ignoring %s=%s", key, value);
911 return 0;
912 }
913 } else if (streq(key, "MODE")) {
914 mode_t mode;
915
916 if (attr)
917 return log_token_invalid_attr(rules, key);
918 if (is_match || op == OP_REMOVE)
919 return log_token_invalid_op(rules, key);
920 if (op == OP_ADD) {
921 log_token_warning(rules, "%s key takes '=' or ':=' operator, assuming '=', but please fix it.", key);
922 op = OP_ASSIGN;
923 }
924
925 if (parse_mode(value, &mode) >= 0)
926 r = rule_line_add_token(rule_line, TK_A_MODE_ID, op, NULL, MODE_TO_PTR(mode));
927 else {
928 check_value_format_and_warn(rules, key, value, true);
929 r = rule_line_add_token(rule_line, TK_A_MODE, op, value, NULL);
930 }
931 } else if (streq(key, "SECLABEL")) {
932 if (isempty(attr))
933 return log_token_invalid_attr(rules, key);
934 check_value_format_and_warn(rules, key, value, true);
935 if (is_match || op == OP_REMOVE)
936 return log_token_invalid_op(rules, key);
937 if (op == OP_ASSIGN_FINAL) {
938 log_token_warning(rules, "%s key takes '=' or '+=' operator, assuming '=', but please fix it.", key);
939 op = OP_ASSIGN;
940 }
941
942 r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, attr);
943 } else if (streq(key, "RUN")) {
944 if (is_match || op == OP_REMOVE)
945 return log_token_invalid_op(rules, key);
946 check_value_format_and_warn(rules, key, value, true);
947 if (!attr || streq(attr, "program"))
948 r = rule_line_add_token(rule_line, TK_A_RUN_PROGRAM, op, value, NULL);
949 else if (streq(attr, "builtin")) {
950 UdevBuiltinCommand cmd;
951
952 cmd = udev_builtin_lookup(value);
953 if (cmd < 0)
954 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL),
955 "Unknown builtin command '%s', ignoring", value);
956 r = rule_line_add_token(rule_line, TK_A_RUN_BUILTIN, op, value, UDEV_BUILTIN_CMD_TO_PTR(cmd));
957 } else
958 return log_token_invalid_attr(rules, key);
959 } else if (streq(key, "GOTO")) {
960 if (attr)
961 return log_token_invalid_attr(rules, key);
962 if (op != OP_ASSIGN)
963 return log_token_invalid_op(rules, key);
964 if (FLAGS_SET(rule_line->type, LINE_HAS_GOTO)) {
965 log_token_warning(rules, "Contains multiple GOTO keys, ignoring GOTO=\"%s\".", value);
966 return 0;
967 }
968
969 rule_line->goto_label = value;
970 SET_FLAG(rule_line->type, LINE_HAS_GOTO, true);
971 return 1;
972 } else if (streq(key, "LABEL")) {
973 if (attr)
974 return log_token_invalid_attr(rules, key);
975 if (op != OP_ASSIGN)
976 return log_token_invalid_op(rules, key);
977
978 rule_line->label = value;
979 SET_FLAG(rule_line->type, LINE_HAS_LABEL, true);
980 return 1;
981 } else
982 return log_token_error_errno(rules, SYNTHETIC_ERRNO(EINVAL), "Invalid key '%s'", key);
983 if (r < 0)
984 return log_oom();
985
986 return 1;
987 }
988
989 static UdevRuleOperatorType parse_operator(const char *op) {
990 assert(op);
991
992 if (startswith(op, "=="))
993 return OP_MATCH;
994 if (startswith(op, "!="))
995 return OP_NOMATCH;
996 if (startswith(op, "+="))
997 return OP_ADD;
998 if (startswith(op, "-="))
999 return OP_REMOVE;
1000 if (startswith(op, "="))
1001 return OP_ASSIGN;
1002 if (startswith(op, ":="))
1003 return OP_ASSIGN_FINAL;
1004
1005 return _OP_TYPE_INVALID;
1006 }
1007
1008 static int parse_line(char **line, char **ret_key, char **ret_attr, UdevRuleOperatorType *ret_op, char **ret_value) {
1009 char *key_begin, *key_end, *attr, *tmp;
1010 UdevRuleOperatorType op;
1011 int r;
1012
1013 assert(line);
1014 assert(*line);
1015 assert(ret_key);
1016 assert(ret_op);
1017 assert(ret_value);
1018
1019 key_begin = skip_leading_chars(*line, WHITESPACE ",");
1020
1021 if (isempty(key_begin))
1022 return 0;
1023
1024 for (key_end = key_begin; ; key_end++) {
1025 if (key_end[0] == '\0')
1026 return -EINVAL;
1027 if (strchr(WHITESPACE "={", key_end[0]))
1028 break;
1029 if (strchr("+-!:", key_end[0]) && key_end[1] == '=')
1030 break;
1031 }
1032 if (key_end[0] == '{') {
1033 attr = key_end + 1;
1034 tmp = strchr(attr, '}');
1035 if (!tmp)
1036 return -EINVAL;
1037 *tmp++ = '\0';
1038 } else {
1039 attr = NULL;
1040 tmp = key_end;
1041 }
1042
1043 tmp = skip_leading_chars(tmp, NULL);
1044 op = parse_operator(tmp);
1045 if (op < 0)
1046 return -EINVAL;
1047
1048 key_end[0] = '\0';
1049
1050 tmp += op == OP_ASSIGN ? 1 : 2;
1051 tmp = skip_leading_chars(tmp, NULL);
1052 r = udev_rule_parse_value(tmp, ret_value, line);
1053 if (r < 0)
1054 return r;
1055
1056 *ret_key = key_begin;
1057 *ret_attr = attr;
1058 *ret_op = op;
1059 return 1;
1060 }
1061
1062 static void sort_tokens(UdevRuleLine *rule_line) {
1063 UdevRuleToken *head_old;
1064
1065 assert(rule_line);
1066
1067 head_old = TAKE_PTR(rule_line->tokens);
1068 rule_line->current_token = NULL;
1069
1070 while (!LIST_IS_EMPTY(head_old)) {
1071 UdevRuleToken *t, *min_token = NULL;
1072
1073 LIST_FOREACH(tokens, t, head_old)
1074 if (!min_token || min_token->type > t->type)
1075 min_token = t;
1076
1077 LIST_REMOVE(tokens, head_old, min_token);
1078 rule_line_append_token(rule_line, min_token);
1079 }
1080 }
1081
1082 static int rule_add_line(UdevRules *rules, const char *line_str, unsigned line_nr) {
1083 _cleanup_(udev_rule_line_freep) UdevRuleLine *rule_line = NULL;
1084 _cleanup_free_ char *line = NULL;
1085 UdevRuleFile *rule_file;
1086 char *p;
1087 int r;
1088
1089 assert(rules);
1090 assert(rules->current_file);
1091 assert(line_str);
1092
1093 rule_file = rules->current_file;
1094
1095 if (isempty(line_str))
1096 return 0;
1097
1098 /* We use memdup_suffix0() here, since we want to add a second NUL byte to the end, since possibly
1099 * some parsers might turn this into a "nulstr", which requires an extra NUL at the end. */
1100 line = memdup_suffix0(line_str, strlen(line_str) + 1);
1101 if (!line)
1102 return log_oom();
1103
1104 rule_line = new(UdevRuleLine, 1);
1105 if (!rule_line)
1106 return log_oom();
1107
1108 *rule_line = (UdevRuleLine) {
1109 .line = TAKE_PTR(line),
1110 .line_number = line_nr,
1111 .rule_file = rule_file,
1112 };
1113
1114 if (rule_file->current_line)
1115 LIST_APPEND(rule_lines, rule_file->current_line, rule_line);
1116 else
1117 LIST_APPEND(rule_lines, rule_file->rule_lines, rule_line);
1118
1119 rule_file->current_line = rule_line;
1120
1121 for (p = rule_line->line; !isempty(p); ) {
1122 char *key, *attr, *value;
1123 UdevRuleOperatorType op;
1124
1125 r = parse_line(&p, &key, &attr, &op, &value);
1126 if (r < 0)
1127 return log_token_error_errno(rules, r, "Invalid key/value pair, ignoring.");
1128 if (r == 0)
1129 break;
1130
1131 r = parse_token(rules, key, attr, op, value);
1132 if (r < 0)
1133 return r;
1134 }
1135
1136 if (rule_line->type == 0) {
1137 log_token_warning(rules, "The line takes no effect, ignoring.");
1138 return 0;
1139 }
1140
1141 sort_tokens(rule_line);
1142 TAKE_PTR(rule_line);
1143 return 0;
1144 }
1145
1146 static void rule_resolve_goto(UdevRuleFile *rule_file) {
1147 UdevRuleLine *line, *line_next, *i;
1148
1149 assert(rule_file);
1150
1151 /* link GOTOs to LABEL rules in this file to be able to fast-forward */
1152 LIST_FOREACH_SAFE(rule_lines, line, line_next, rule_file->rule_lines) {
1153 if (!FLAGS_SET(line->type, LINE_HAS_GOTO))
1154 continue;
1155
1156 LIST_FOREACH_AFTER(rule_lines, i, line)
1157 if (streq_ptr(i->label, line->goto_label)) {
1158 line->goto_line = i;
1159 break;
1160 }
1161
1162 if (!line->goto_line) {
1163 log_error("%s:%u: GOTO=\"%s\" has no matching label, ignoring",
1164 rule_file->filename, line->line_number, line->goto_label);
1165
1166 SET_FLAG(line->type, LINE_HAS_GOTO, false);
1167 line->goto_label = NULL;
1168
1169 if ((line->type & ~LINE_HAS_LABEL) == 0) {
1170 log_notice("%s:%u: The line takes no effect any more, dropping",
1171 rule_file->filename, line->line_number);
1172 if (line->type == LINE_HAS_LABEL)
1173 udev_rule_line_clear_tokens(line);
1174 else
1175 udev_rule_line_free(line);
1176 }
1177 }
1178 }
1179 }
1180
1181 int udev_rules_parse_file(UdevRules *rules, const char *filename) {
1182 _cleanup_free_ char *continuation = NULL, *name = NULL;
1183 _cleanup_fclose_ FILE *f = NULL;
1184 UdevRuleFile *rule_file;
1185 bool ignore_line = false;
1186 unsigned line_nr = 0;
1187 int r;
1188
1189 f = fopen(filename, "re");
1190 if (!f) {
1191 if (errno == ENOENT)
1192 return 0;
1193
1194 return -errno;
1195 }
1196
1197 (void) fd_warn_permissions(filename, fileno(f));
1198
1199 if (null_or_empty_fd(fileno(f))) {
1200 log_debug("Skipping empty file: %s", filename);
1201 return 0;
1202 }
1203
1204 log_debug("Reading rules file: %s", filename);
1205
1206 name = strdup(filename);
1207 if (!name)
1208 return log_oom();
1209
1210 rule_file = new(UdevRuleFile, 1);
1211 if (!rule_file)
1212 return log_oom();
1213
1214 *rule_file = (UdevRuleFile) {
1215 .filename = TAKE_PTR(name),
1216 };
1217
1218 if (rules->current_file)
1219 LIST_APPEND(rule_files, rules->current_file, rule_file);
1220 else
1221 LIST_APPEND(rule_files, rules->rule_files, rule_file);
1222
1223 rules->current_file = rule_file;
1224
1225 for (;;) {
1226 _cleanup_free_ char *buf = NULL;
1227 size_t len;
1228 char *line;
1229
1230 r = read_line(f, UDEV_LINE_SIZE, &buf);
1231 if (r < 0)
1232 return r;
1233 if (r == 0)
1234 break;
1235
1236 line_nr++;
1237 line = skip_leading_chars(buf, NULL);
1238
1239 if (line[0] == '#')
1240 continue;
1241
1242 len = strlen(line);
1243
1244 if (continuation && !ignore_line) {
1245 if (strlen(continuation) + len >= UDEV_LINE_SIZE)
1246 ignore_line = true;
1247
1248 if (!strextend(&continuation, line))
1249 return log_oom();
1250
1251 if (!ignore_line) {
1252 line = continuation;
1253 len = strlen(line);
1254 }
1255 }
1256
1257 if (len > 0 && line[len - 1] == '\\') {
1258 if (ignore_line)
1259 continue;
1260
1261 line[len - 1] = '\0';
1262 if (!continuation) {
1263 continuation = strdup(line);
1264 if (!continuation)
1265 return log_oom();
1266 }
1267
1268 continue;
1269 }
1270
1271 if (ignore_line)
1272 log_error("%s:%u: Line is too long, ignored", filename, line_nr);
1273 else if (len > 0)
1274 (void) rule_add_line(rules, line, line_nr);
1275
1276 continuation = mfree(continuation);
1277 ignore_line = false;
1278 }
1279
1280 rule_resolve_goto(rule_file);
1281 return 0;
1282 }
1283
1284 UdevRules* udev_rules_new(ResolveNameTiming resolve_name_timing) {
1285 assert(resolve_name_timing >= 0 && resolve_name_timing < _RESOLVE_NAME_TIMING_MAX);
1286
1287 UdevRules *rules = new(UdevRules, 1);
1288 if (!rules)
1289 return NULL;
1290
1291 *rules = (UdevRules) {
1292 .resolve_name_timing = resolve_name_timing,
1293 };
1294
1295 return rules;
1296 }
1297
1298 int udev_rules_load(UdevRules **ret_rules, ResolveNameTiming resolve_name_timing) {
1299 _cleanup_(udev_rules_freep) UdevRules *rules = NULL;
1300 _cleanup_strv_free_ char **files = NULL;
1301 char **f;
1302 int r;
1303
1304 rules = udev_rules_new(resolve_name_timing);
1305 if (!rules)
1306 return -ENOMEM;
1307
1308 (void) udev_rules_check_timestamp(rules);
1309
1310 r = conf_files_list_strv(&files, ".rules", NULL, 0, RULES_DIRS);
1311 if (r < 0)
1312 return log_debug_errno(r, "Failed to enumerate rules files: %m");
1313
1314 STRV_FOREACH(f, files) {
1315 r = udev_rules_parse_file(rules, *f);
1316 if (r < 0)
1317 log_debug_errno(r, "Failed to read rules file %s, ignoring: %m", *f);
1318 }
1319
1320 *ret_rules = TAKE_PTR(rules);
1321 return 0;
1322 }
1323
1324 bool udev_rules_check_timestamp(UdevRules *rules) {
1325 if (!rules)
1326 return false;
1327
1328 return paths_check_timestamp(RULES_DIRS, &rules->dirs_ts_usec, true);
1329 }
1330
1331 static bool token_match_string(UdevRuleToken *token, const char *str) {
1332 const char *i, *value;
1333 bool match = false;
1334
1335 assert(token);
1336 assert(token->value);
1337 assert(token->type < _TK_M_MAX);
1338
1339 str = strempty(str);
1340 value = token->value;
1341
1342 switch (token->match_type) {
1343 case MATCH_TYPE_EMPTY:
1344 match = isempty(str);
1345 break;
1346 case MATCH_TYPE_SUBSYSTEM:
1347 match = STR_IN_SET(str, "subsystem", "class", "bus");
1348 break;
1349 case MATCH_TYPE_PLAIN_WITH_EMPTY:
1350 if (isempty(str)) {
1351 match = true;
1352 break;
1353 }
1354 _fallthrough_;
1355 case MATCH_TYPE_PLAIN:
1356 NULSTR_FOREACH(i, value)
1357 if (streq(i, str)) {
1358 match = true;
1359 break;
1360 }
1361 break;
1362 case MATCH_TYPE_GLOB_WITH_EMPTY:
1363 if (isempty(str)) {
1364 match = true;
1365 break;
1366 }
1367 _fallthrough_;
1368 case MATCH_TYPE_GLOB:
1369 NULSTR_FOREACH(i, value)
1370 if ((fnmatch(i, str, 0) == 0)) {
1371 match = true;
1372 break;
1373 }
1374 break;
1375 default:
1376 assert_not_reached("Invalid match type");
1377 }
1378
1379 return token->op == (match ? OP_MATCH : OP_NOMATCH);
1380 }
1381
1382 static bool token_match_attr(UdevRuleToken *token, sd_device *dev, UdevEvent *event) {
1383 char nbuf[UDEV_NAME_SIZE], vbuf[UDEV_NAME_SIZE];
1384 const char *name, *value;
1385
1386 assert(token);
1387 assert(dev);
1388 assert(event);
1389
1390 name = token->data;
1391
1392 switch (token->attr_subst_type) {
1393 case SUBST_TYPE_FORMAT:
1394 (void) udev_event_apply_format(event, name, nbuf, sizeof(nbuf), false);
1395 name = nbuf;
1396 _fallthrough_;
1397 case SUBST_TYPE_PLAIN:
1398 if (sd_device_get_sysattr_value(dev, name, &value) < 0)
1399 return false;
1400 break;
1401 case SUBST_TYPE_SUBSYS:
1402 if (udev_resolve_subsys_kernel(name, vbuf, sizeof(vbuf), true) < 0)
1403 return false;
1404 value = vbuf;
1405 break;
1406 default:
1407 assert_not_reached("Invalid attribute substitution type");
1408 }
1409
1410 /* remove trailing whitespace, if not asked to match for it */
1411 if (token->attr_match_remove_trailing_whitespace) {
1412 if (value != vbuf) {
1413 strscpy(vbuf, sizeof(vbuf), value);
1414 value = vbuf;
1415 }
1416
1417 delete_trailing_chars(vbuf, NULL);
1418 }
1419
1420 return token_match_string(token, value);
1421 }
1422
1423 static int get_property_from_string(char *line, char **ret_key, char **ret_value) {
1424 char *key, *val;
1425 size_t len;
1426
1427 assert(line);
1428 assert(ret_key);
1429 assert(ret_value);
1430
1431 /* find key */
1432 key = skip_leading_chars(line, NULL);
1433
1434 /* comment or empty line */
1435 if (IN_SET(key[0], '#', '\0')) {
1436 *ret_key = *ret_value = NULL;
1437 return 0;
1438 }
1439
1440 /* split key/value */
1441 val = strchr(key, '=');
1442 if (!val)
1443 return -EINVAL;
1444 *val++ = '\0';
1445
1446 key = strstrip(key);
1447 if (isempty(key))
1448 return -EINVAL;
1449
1450 val = strstrip(val);
1451 if (isempty(val))
1452 return -EINVAL;
1453
1454 /* unquote */
1455 if (IN_SET(val[0], '"', '\'')) {
1456 len = strlen(val);
1457 if (len == 1 || val[len-1] != val[0])
1458 return -EINVAL;
1459 val[len-1] = '\0';
1460 val++;
1461 }
1462
1463 *ret_key = key;
1464 *ret_value = val;
1465 return 1;
1466 }
1467
1468 static int import_parent_into_properties(sd_device *dev, const char *filter) {
1469 const char *key, *val;
1470 sd_device *parent;
1471 int r;
1472
1473 assert(dev);
1474 assert(filter);
1475
1476 r = sd_device_get_parent(dev, &parent);
1477 if (r == -ENOENT)
1478 return 0;
1479 if (r < 0)
1480 return r;
1481
1482 FOREACH_DEVICE_PROPERTY(parent, key, val) {
1483 if (fnmatch(filter, key, 0) != 0)
1484 continue;
1485 r = device_add_property(dev, key, val);
1486 if (r < 0)
1487 return r;
1488 }
1489
1490 return 1;
1491 }
1492
1493 static int attr_subst_subdir(char attr[static UDEV_PATH_SIZE]) {
1494 _cleanup_closedir_ DIR *dir = NULL;
1495 struct dirent *dent;
1496 char buf[UDEV_PATH_SIZE], *p;
1497 const char *tail;
1498 size_t len, size;
1499
1500 assert(attr);
1501
1502 tail = strstr(attr, "/*/");
1503 if (!tail)
1504 return 0;
1505
1506 len = tail - attr + 1; /* include slash at the end */
1507 tail += 2; /* include slash at the beginning */
1508
1509 p = buf;
1510 size = sizeof(buf);
1511 size -= strnpcpy(&p, size, attr, len);
1512
1513 dir = opendir(buf);
1514 if (!dir)
1515 return -errno;
1516
1517 FOREACH_DIRENT_ALL(dent, dir, break) {
1518 if (dent->d_name[0] == '.')
1519 continue;
1520
1521 strscpyl(p, size, dent->d_name, tail, NULL);
1522 if (faccessat(dirfd(dir), p, F_OK, 0) < 0)
1523 continue;
1524
1525 strcpy(attr, buf);
1526 return 0;
1527 }
1528
1529 return -ENOENT;
1530 }
1531
1532 static int udev_rule_apply_token_to_event(
1533 UdevRules *rules,
1534 sd_device *dev,
1535 UdevEvent *event,
1536 usec_t timeout_usec,
1537 int timeout_signal,
1538 Hashmap *properties_list) {
1539
1540 UdevRuleToken *token;
1541 char buf[UDEV_PATH_SIZE];
1542 const char *val;
1543 size_t count;
1544 bool match;
1545 int r;
1546
1547 assert(rules);
1548 assert(dev);
1549 assert(event);
1550
1551 /* This returns the following values:
1552 * 0 on the current token does not match the event,
1553 * 1 on the current token matches the event, and
1554 * negative errno on some critical errors. */
1555
1556 token = rules->current_file->current_line->current_token;
1557
1558 switch (token->type) {
1559 case TK_M_ACTION: {
1560 sd_device_action_t a;
1561
1562 r = sd_device_get_action(dev, &a);
1563 if (r < 0)
1564 return log_rule_error_errno(dev, rules, r, "Failed to get uevent action type: %m");
1565
1566 return token_match_string(token, device_action_to_string(a));
1567 }
1568 case TK_M_DEVPATH:
1569 r = sd_device_get_devpath(dev, &val);
1570 if (r < 0)
1571 return log_rule_error_errno(dev, rules, r, "Failed to get devpath: %m");
1572
1573 return token_match_string(token, val);
1574 case TK_M_KERNEL:
1575 case TK_M_PARENTS_KERNEL:
1576 r = sd_device_get_sysname(dev, &val);
1577 if (r < 0)
1578 return log_rule_error_errno(dev, rules, r, "Failed to get sysname: %m");
1579
1580 return token_match_string(token, val);
1581 case TK_M_DEVLINK:
1582 FOREACH_DEVICE_DEVLINK(dev, val)
1583 if (token_match_string(token, strempty(startswith(val, "/dev/"))))
1584 return token->op == OP_MATCH;
1585 return token->op == OP_NOMATCH;
1586 case TK_M_NAME:
1587 return token_match_string(token, event->name);
1588 case TK_M_ENV:
1589 if (sd_device_get_property_value(dev, token->data, &val) < 0)
1590 val = hashmap_get(properties_list, token->data);
1591
1592 return token_match_string(token, val);
1593 case TK_M_CONST: {
1594 const char *k = token->data;
1595
1596 if (streq(k, "arch"))
1597 val = architecture_to_string(uname_architecture());
1598 else if (streq(k, "virt"))
1599 val = virtualization_to_string(detect_virtualization());
1600 else
1601 assert_not_reached("Invalid CONST key");
1602 return token_match_string(token, val);
1603 }
1604 case TK_M_TAG:
1605 case TK_M_PARENTS_TAG:
1606 FOREACH_DEVICE_TAG(dev, val)
1607 if (token_match_string(token, val))
1608 return token->op == OP_MATCH;
1609 return token->op == OP_NOMATCH;
1610 case TK_M_SUBSYSTEM:
1611 case TK_M_PARENTS_SUBSYSTEM:
1612 r = sd_device_get_subsystem(dev, &val);
1613 if (r == -ENOENT)
1614 val = NULL;
1615 else if (r < 0)
1616 return log_rule_error_errno(dev, rules, r, "Failed to get subsystem: %m");
1617
1618 return token_match_string(token, val);
1619 case TK_M_DRIVER:
1620 case TK_M_PARENTS_DRIVER:
1621 r = sd_device_get_driver(dev, &val);
1622 if (r == -ENOENT)
1623 val = NULL;
1624 else if (r < 0)
1625 return log_rule_error_errno(dev, rules, r, "Failed to get driver: %m");
1626
1627 return token_match_string(token, val);
1628 case TK_M_ATTR:
1629 case TK_M_PARENTS_ATTR:
1630 return token_match_attr(token, dev, event);
1631 case TK_M_SYSCTL: {
1632 _cleanup_free_ char *value = NULL;
1633
1634 (void) udev_event_apply_format(event, token->data, buf, sizeof(buf), false);
1635 r = sysctl_read(sysctl_normalize(buf), &value);
1636 if (r < 0 && r != -ENOENT)
1637 return log_rule_error_errno(dev, rules, r, "Failed to read sysctl '%s': %m", buf);
1638
1639 return token_match_string(token, strstrip(value));
1640 }
1641 case TK_M_TEST: {
1642 mode_t mode = PTR_TO_MODE(token->data);
1643 struct stat statbuf;
1644
1645 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1646 if (!path_is_absolute(buf) &&
1647 udev_resolve_subsys_kernel(buf, buf, sizeof(buf), false) < 0) {
1648 char tmp[UDEV_PATH_SIZE];
1649
1650 r = sd_device_get_syspath(dev, &val);
1651 if (r < 0)
1652 return log_rule_error_errno(dev, rules, r, "Failed to get syspath: %m");
1653
1654 strscpy(tmp, sizeof(tmp), buf);
1655 strscpyl(buf, sizeof(buf), val, "/", tmp, NULL);
1656 }
1657
1658 r = attr_subst_subdir(buf);
1659 if (r == -ENOENT)
1660 return token->op == OP_NOMATCH;
1661 if (r < 0)
1662 return log_rule_error_errno(dev, rules, r, "Failed to test for the existence of '%s': %m", buf);
1663
1664 if (stat(buf, &statbuf) < 0)
1665 return token->op == OP_NOMATCH;
1666
1667 if (mode == MODE_INVALID)
1668 return token->op == OP_MATCH;
1669
1670 match = (statbuf.st_mode & mode) > 0;
1671 return token->op == (match ? OP_MATCH : OP_NOMATCH);
1672 }
1673 case TK_M_PROGRAM: {
1674 char result[UDEV_LINE_SIZE];
1675
1676 event->program_result = mfree(event->program_result);
1677 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1678 log_rule_debug(dev, rules, "Running PROGRAM '%s'", buf);
1679
1680 r = udev_event_spawn(event, timeout_usec, timeout_signal, true, buf, result, sizeof(result));
1681 if (r != 0) {
1682 if (r < 0)
1683 log_rule_warning_errno(dev, rules, r, "Failed to execute \"%s\": %m", buf);
1684 else /* returned value is positive when program fails */
1685 log_rule_debug(dev, rules, "Command \"%s\" returned %d (error)", buf, r);
1686 return token->op == OP_NOMATCH;
1687 }
1688
1689 delete_trailing_chars(result, "\n");
1690 count = udev_replace_chars(result, UDEV_ALLOWED_CHARS_INPUT);
1691 if (count > 0)
1692 log_rule_debug(dev, rules, "Replaced %zu character(s) in result of \"%s\"",
1693 count, buf);
1694
1695 event->program_result = strdup(result);
1696 return token->op == OP_MATCH;
1697 }
1698 case TK_M_IMPORT_FILE: {
1699 _cleanup_fclose_ FILE *f = NULL;
1700
1701 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1702 log_rule_debug(dev, rules, "Importing properties from '%s'", buf);
1703
1704 f = fopen(buf, "re");
1705 if (!f) {
1706 if (errno != ENOENT)
1707 return log_rule_error_errno(dev, rules, errno,
1708 "Failed to open '%s': %m", buf);
1709 return token->op == OP_NOMATCH;
1710 }
1711
1712 for (;;) {
1713 _cleanup_free_ char *line = NULL;
1714 char *key, *value;
1715
1716 r = read_line(f, LONG_LINE_MAX, &line);
1717 if (r < 0) {
1718 log_rule_debug_errno(dev, rules, r,
1719 "Failed to read '%s', ignoring: %m", buf);
1720 return token->op == OP_NOMATCH;
1721 }
1722 if (r == 0)
1723 break;
1724
1725 r = get_property_from_string(line, &key, &value);
1726 if (r < 0) {
1727 log_rule_debug_errno(dev, rules, r,
1728 "Failed to parse key and value from '%s', ignoring: %m",
1729 line);
1730 continue;
1731 }
1732 if (r == 0)
1733 continue;
1734
1735 r = device_add_property(dev, key, value);
1736 if (r < 0)
1737 return log_rule_error_errno(dev, rules, r,
1738 "Failed to add property %s=%s: %m",
1739 key, value);
1740 }
1741
1742 return token->op == OP_MATCH;
1743 }
1744 case TK_M_IMPORT_PROGRAM: {
1745 _cleanup_strv_free_ char **lines = NULL;
1746 char result[UDEV_LINE_SIZE], **line;
1747
1748 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1749 log_rule_debug(dev, rules, "Importing properties from results of '%s'", buf);
1750
1751 r = udev_event_spawn(event, timeout_usec, timeout_signal, true, buf, result, sizeof result);
1752 if (r != 0) {
1753 if (r < 0)
1754 log_rule_warning_errno(dev, rules, r, "Failed to execute '%s', ignoring: %m", buf);
1755 else /* returned value is positive when program fails */
1756 log_rule_debug(dev, rules, "Command \"%s\" returned %d (error), ignoring", buf, r);
1757 return token->op == OP_NOMATCH;
1758 }
1759
1760 r = strv_split_newlines_full(&lines, result, EXTRACT_RETAIN_ESCAPE);
1761 if (r < 0)
1762 log_rule_warning_errno(dev, rules, r,
1763 "Failed to extract lines from result of command \"%s\", ignoring: %m", buf);
1764
1765 STRV_FOREACH(line, lines) {
1766 char *key, *value;
1767
1768 r = get_property_from_string(*line, &key, &value);
1769 if (r < 0) {
1770 log_rule_debug_errno(dev, rules, r,
1771 "Failed to parse key and value from '%s', ignoring: %m",
1772 *line);
1773 continue;
1774 }
1775 if (r == 0)
1776 continue;
1777
1778 r = device_add_property(dev, key, value);
1779 if (r < 0)
1780 return log_rule_error_errno(dev, rules, r,
1781 "Failed to add property %s=%s: %m",
1782 key, value);
1783 }
1784
1785 return token->op == OP_MATCH;
1786 }
1787 case TK_M_IMPORT_BUILTIN: {
1788 UdevBuiltinCommand cmd = PTR_TO_UDEV_BUILTIN_CMD(token->data);
1789 assert(cmd >= 0 && cmd < _UDEV_BUILTIN_MAX);
1790 unsigned mask = 1U << (int) cmd;
1791
1792 if (udev_builtin_run_once(cmd)) {
1793 /* check if we ran already */
1794 if (event->builtin_run & mask) {
1795 log_rule_debug(dev, rules, "Skipping builtin '%s' in IMPORT key",
1796 udev_builtin_name(cmd));
1797 /* return the result from earlier run */
1798 return token->op == (event->builtin_ret & mask ? OP_NOMATCH : OP_MATCH);
1799 }
1800 /* mark as ran */
1801 event->builtin_run |= mask;
1802 }
1803
1804 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1805 log_rule_debug(dev, rules, "Importing properties from results of builtin command '%s'", buf);
1806
1807 r = udev_builtin_run(dev, cmd, buf, false);
1808 if (r < 0) {
1809 /* remember failure */
1810 log_rule_debug_errno(dev, rules, r, "Failed to run builtin '%s': %m", buf);
1811 event->builtin_ret |= mask;
1812 }
1813 return token->op == (r >= 0 ? OP_MATCH : OP_NOMATCH);
1814 }
1815 case TK_M_IMPORT_DB: {
1816 if (!event->dev_db_clone)
1817 return token->op == OP_NOMATCH;
1818 r = sd_device_get_property_value(event->dev_db_clone, token->value, &val);
1819 if (r == -ENOENT)
1820 return token->op == OP_NOMATCH;
1821 if (r < 0)
1822 return log_rule_error_errno(dev, rules, r,
1823 "Failed to get property '%s' from database: %m",
1824 token->value);
1825
1826 r = device_add_property(dev, token->value, val);
1827 if (r < 0)
1828 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m",
1829 token->value, val);
1830 return token->op == OP_MATCH;
1831 }
1832 case TK_M_IMPORT_CMDLINE: {
1833 _cleanup_free_ char *value = NULL;
1834
1835 r = proc_cmdline_get_key(token->value, PROC_CMDLINE_VALUE_OPTIONAL|PROC_CMDLINE_IGNORE_EFI_OPTIONS, &value);
1836 if (r < 0)
1837 return log_rule_error_errno(dev, rules, r,
1838 "Failed to read '%s' option from /proc/cmdline: %m",
1839 token->value);
1840 if (r == 0)
1841 return token->op == OP_NOMATCH;
1842
1843 r = device_add_property(dev, token->value, value ?: "1");
1844 if (r < 0)
1845 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m",
1846 token->value, value ?: "1");
1847 return token->op == OP_MATCH;
1848 }
1849 case TK_M_IMPORT_PARENT: {
1850 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
1851 r = import_parent_into_properties(dev, buf);
1852 if (r < 0)
1853 return log_rule_error_errno(dev, rules, r,
1854 "Failed to import properties '%s' from parent: %m",
1855 buf);
1856 return token->op == (r > 0 ? OP_MATCH : OP_NOMATCH);
1857 }
1858 case TK_M_RESULT:
1859 return token_match_string(token, event->program_result);
1860 case TK_A_OPTIONS_STRING_ESCAPE_NONE:
1861 event->esc = ESCAPE_NONE;
1862 break;
1863 case TK_A_OPTIONS_STRING_ESCAPE_REPLACE:
1864 event->esc = ESCAPE_REPLACE;
1865 break;
1866 case TK_A_OPTIONS_DB_PERSIST:
1867 device_set_db_persist(dev);
1868 break;
1869 case TK_A_OPTIONS_INOTIFY_WATCH:
1870 if (event->inotify_watch_final)
1871 break;
1872 if (token->op == OP_ASSIGN_FINAL)
1873 event->inotify_watch_final = true;
1874
1875 event->inotify_watch = token->data;
1876 break;
1877 case TK_A_OPTIONS_DEVLINK_PRIORITY:
1878 device_set_devlink_priority(dev, PTR_TO_INT(token->data));
1879 break;
1880 case TK_A_OPTIONS_LOG_LEVEL: {
1881 int level = PTR_TO_INT(token->data);
1882
1883 if (level < 0)
1884 level = event->default_log_level;
1885
1886 log_set_max_level(level);
1887
1888 if (level == LOG_DEBUG && !event->log_level_was_debug) {
1889 /* The log level becomes LOG_DEBUG at first time. Let's log basic information. */
1890 log_device_uevent(dev, "The log level is changed to 'debug' while processing device");
1891 event->log_level_was_debug = true;
1892 }
1893
1894 break;
1895 }
1896 case TK_A_OWNER: {
1897 char owner[UDEV_NAME_SIZE];
1898 const char *ow = owner;
1899
1900 if (event->owner_final)
1901 break;
1902 if (token->op == OP_ASSIGN_FINAL)
1903 event->owner_final = true;
1904
1905 (void) udev_event_apply_format(event, token->value, owner, sizeof(owner), false);
1906 r = get_user_creds(&ow, &event->uid, NULL, NULL, NULL, USER_CREDS_ALLOW_MISSING);
1907 if (r < 0)
1908 log_unknown_owner(dev, rules, r, "user", owner);
1909 else
1910 log_rule_debug(dev, rules, "OWNER %s(%u)", owner, event->uid);
1911 break;
1912 }
1913 case TK_A_GROUP: {
1914 char group[UDEV_NAME_SIZE];
1915 const char *gr = group;
1916
1917 if (event->group_final)
1918 break;
1919 if (token->op == OP_ASSIGN_FINAL)
1920 event->group_final = true;
1921
1922 (void) udev_event_apply_format(event, token->value, group, sizeof(group), false);
1923 r = get_group_creds(&gr, &event->gid, USER_CREDS_ALLOW_MISSING);
1924 if (r < 0)
1925 log_unknown_owner(dev, rules, r, "group", group);
1926 else
1927 log_rule_debug(dev, rules, "GROUP %s(%u)", group, event->gid);
1928 break;
1929 }
1930 case TK_A_MODE: {
1931 char mode_str[UDEV_NAME_SIZE];
1932
1933 if (event->mode_final)
1934 break;
1935 if (token->op == OP_ASSIGN_FINAL)
1936 event->mode_final = true;
1937
1938 (void) udev_event_apply_format(event, token->value, mode_str, sizeof(mode_str), false);
1939 r = parse_mode(mode_str, &event->mode);
1940 if (r < 0)
1941 log_rule_error_errno(dev, rules, r, "Failed to parse mode '%s', ignoring: %m", mode_str);
1942 else
1943 log_rule_debug(dev, rules, "MODE %#o", event->mode);
1944 break;
1945 }
1946 case TK_A_OWNER_ID:
1947 if (event->owner_final)
1948 break;
1949 if (token->op == OP_ASSIGN_FINAL)
1950 event->owner_final = true;
1951 if (!token->data)
1952 break;
1953 event->uid = PTR_TO_UID(token->data);
1954 log_rule_debug(dev, rules, "OWNER %u", event->uid);
1955 break;
1956 case TK_A_GROUP_ID:
1957 if (event->group_final)
1958 break;
1959 if (token->op == OP_ASSIGN_FINAL)
1960 event->group_final = true;
1961 if (!token->data)
1962 break;
1963 event->gid = PTR_TO_GID(token->data);
1964 log_rule_debug(dev, rules, "GROUP %u", event->gid);
1965 break;
1966 case TK_A_MODE_ID:
1967 if (event->mode_final)
1968 break;
1969 if (token->op == OP_ASSIGN_FINAL)
1970 event->mode_final = true;
1971 if (!token->data)
1972 break;
1973 event->mode = PTR_TO_MODE(token->data);
1974 log_rule_debug(dev, rules, "MODE %#o", event->mode);
1975 break;
1976 case TK_A_SECLABEL: {
1977 _cleanup_free_ char *name = NULL, *label = NULL;
1978 char label_str[UDEV_LINE_SIZE] = {};
1979
1980 name = strdup(token->data);
1981 if (!name)
1982 return log_oom();
1983
1984 (void) udev_event_apply_format(event, token->value, label_str, sizeof(label_str), false);
1985 if (!isempty(label_str))
1986 label = strdup(label_str);
1987 else
1988 label = strdup(token->value);
1989 if (!label)
1990 return log_oom();
1991
1992 if (token->op == OP_ASSIGN)
1993 ordered_hashmap_clear_free_free(event->seclabel_list);
1994
1995 r = ordered_hashmap_ensure_put(&event->seclabel_list, NULL, name, label);
1996 if (r == -ENOMEM)
1997 return log_oom();
1998 if (r < 0)
1999 return log_rule_error_errno(dev, rules, r, "Failed to store SECLABEL{%s}='%s': %m", name, label);;
2000
2001 log_rule_debug(dev, rules, "SECLABEL{%s}='%s'", name, label);
2002
2003 TAKE_PTR(name);
2004 TAKE_PTR(label);
2005 break;
2006 }
2007 case TK_A_ENV: {
2008 const char *name = token->data;
2009 char value_new[UDEV_NAME_SIZE], *p = value_new;
2010 size_t l = sizeof(value_new);
2011
2012 if (isempty(token->value)) {
2013 if (token->op == OP_ADD)
2014 break;
2015 r = device_add_property(dev, name, NULL);
2016 if (r < 0)
2017 return log_rule_error_errno(dev, rules, r, "Failed to remove property '%s': %m", name);
2018 break;
2019 }
2020
2021 if (token->op == OP_ADD &&
2022 sd_device_get_property_value(dev, name, &val) >= 0)
2023 l = strpcpyl(&p, l, val, " ", NULL);
2024
2025 (void) udev_event_apply_format(event, token->value, p, l, false);
2026
2027 r = device_add_property(dev, name, value_new);
2028 if (r < 0)
2029 return log_rule_error_errno(dev, rules, r, "Failed to add property '%s=%s': %m", name, value_new);
2030 break;
2031 }
2032 case TK_A_TAG: {
2033 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2034 if (token->op == OP_ASSIGN)
2035 device_cleanup_tags(dev);
2036
2037 if (buf[strspn(buf, ALPHANUMERICAL "-_")] != '\0') {
2038 log_rule_error(dev, rules, "Invalid tag name '%s', ignoring", buf);
2039 break;
2040 }
2041 if (token->op == OP_REMOVE)
2042 device_remove_tag(dev, buf);
2043 else {
2044 r = device_add_tag(dev, buf, true);
2045 if (r < 0)
2046 return log_rule_error_errno(dev, rules, r, "Failed to add tag '%s': %m", buf);
2047 }
2048 break;
2049 }
2050 case TK_A_NAME: {
2051 if (event->name_final)
2052 break;
2053 if (token->op == OP_ASSIGN_FINAL)
2054 event->name_final = true;
2055
2056 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2057 if (IN_SET(event->esc, ESCAPE_UNSET, ESCAPE_REPLACE)) {
2058 count = udev_replace_chars(buf, "/");
2059 if (count > 0)
2060 log_rule_debug(dev, rules, "Replaced %zu character(s) from result of NAME=\"%s\"",
2061 count, token->value);
2062 }
2063 if (sd_device_get_devnum(dev, NULL) >= 0 &&
2064 (sd_device_get_devname(dev, &val) < 0 ||
2065 !streq_ptr(buf, path_startswith(val, "/dev/")))) {
2066 log_rule_error(dev, rules,
2067 "Kernel device nodes cannot be renamed, ignoring NAME=\"%s\"; please fix it.",
2068 token->value);
2069 break;
2070 }
2071 r = free_and_strdup_warn(&event->name, buf);
2072 if (r < 0)
2073 return r;
2074
2075 log_rule_debug(dev, rules, "NAME '%s'", event->name);
2076 break;
2077 }
2078 case TK_A_DEVLINK: {
2079 char *p;
2080
2081 if (event->devlink_final)
2082 break;
2083 if (sd_device_get_devnum(dev, NULL) < 0)
2084 break;
2085 if (token->op == OP_ASSIGN_FINAL)
2086 event->devlink_final = true;
2087 if (IN_SET(token->op, OP_ASSIGN, OP_ASSIGN_FINAL))
2088 device_cleanup_devlinks(dev);
2089
2090 /* allow multiple symlinks separated by spaces */
2091 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), event->esc != ESCAPE_NONE);
2092 if (event->esc == ESCAPE_UNSET)
2093 count = udev_replace_chars(buf, "/ ");
2094 else if (event->esc == ESCAPE_REPLACE)
2095 count = udev_replace_chars(buf, "/");
2096 else
2097 count = 0;
2098 if (count > 0)
2099 log_rule_debug(dev, rules, "Replaced %zu character(s) from result of LINK", count);
2100
2101 p = skip_leading_chars(buf, NULL);
2102 while (!isempty(p)) {
2103 char filename[UDEV_PATH_SIZE], *next;
2104
2105 next = strchr(p, ' ');
2106 if (next) {
2107 *next++ = '\0';
2108 next = skip_leading_chars(next, NULL);
2109 }
2110
2111 strscpyl(filename, sizeof(filename), "/dev/", p, NULL);
2112 r = device_add_devlink(dev, filename);
2113 if (r < 0)
2114 return log_rule_error_errno(dev, rules, r, "Failed to add devlink '%s': %m", filename);
2115
2116 log_rule_debug(dev, rules, "LINK '%s'", p);
2117 p = next;
2118 }
2119 break;
2120 }
2121 case TK_A_ATTR: {
2122 const char *key_name = token->data;
2123 char value[UDEV_NAME_SIZE];
2124
2125 if (udev_resolve_subsys_kernel(key_name, buf, sizeof(buf), false) < 0 &&
2126 sd_device_get_syspath(dev, &val) >= 0)
2127 strscpyl(buf, sizeof(buf), val, "/", key_name, NULL);
2128
2129 r = attr_subst_subdir(buf);
2130 if (r < 0) {
2131 log_rule_error_errno(dev, rules, r, "Could not find file matches '%s', ignoring: %m", buf);
2132 break;
2133 }
2134 (void) udev_event_apply_format(event, token->value, value, sizeof(value), false);
2135
2136 log_rule_debug(dev, rules, "ATTR '%s' writing '%s'", buf, value);
2137 r = write_string_file(buf, value,
2138 WRITE_STRING_FILE_VERIFY_ON_FAILURE |
2139 WRITE_STRING_FILE_DISABLE_BUFFER |
2140 WRITE_STRING_FILE_AVOID_NEWLINE |
2141 WRITE_STRING_FILE_VERIFY_IGNORE_NEWLINE);
2142 if (r < 0)
2143 log_rule_error_errno(dev, rules, r, "Failed to write ATTR{%s}, ignoring: %m", buf);
2144 break;
2145 }
2146 case TK_A_SYSCTL: {
2147 char value[UDEV_NAME_SIZE];
2148
2149 (void) udev_event_apply_format(event, token->data, buf, sizeof(buf), false);
2150 (void) udev_event_apply_format(event, token->value, value, sizeof(value), false);
2151 sysctl_normalize(buf);
2152 log_rule_debug(dev, rules, "SYSCTL '%s' writing '%s'", buf, value);
2153 r = sysctl_write(buf, value);
2154 if (r < 0)
2155 log_rule_error_errno(dev, rules, r, "Failed to write SYSCTL{%s}='%s', ignoring: %m", buf, value);
2156 break;
2157 }
2158 case TK_A_RUN_BUILTIN:
2159 case TK_A_RUN_PROGRAM: {
2160 _cleanup_free_ char *cmd = NULL;
2161
2162 if (event->run_final)
2163 break;
2164 if (token->op == OP_ASSIGN_FINAL)
2165 event->run_final = true;
2166
2167 if (IN_SET(token->op, OP_ASSIGN, OP_ASSIGN_FINAL))
2168 ordered_hashmap_clear_free_key(event->run_list);
2169
2170 (void) udev_event_apply_format(event, token->value, buf, sizeof(buf), false);
2171
2172 cmd = strdup(buf);
2173 if (!cmd)
2174 return log_oom();
2175
2176 r = ordered_hashmap_ensure_put(&event->run_list, NULL, cmd, token->data);
2177 if (r == -ENOMEM)
2178 return log_oom();
2179 if (r < 0)
2180 return log_rule_error_errno(dev, rules, r, "Failed to store command '%s': %m", cmd);
2181
2182 TAKE_PTR(cmd);
2183
2184 log_rule_debug(dev, rules, "RUN '%s'", token->value);
2185 break;
2186 }
2187 case TK_A_OPTIONS_STATIC_NODE:
2188 /* do nothing for events. */
2189 break;
2190 default:
2191 assert_not_reached("Invalid token type");
2192 }
2193
2194 return true;
2195 }
2196
2197 static bool token_is_for_parents(UdevRuleToken *token) {
2198 return token->type >= TK_M_PARENTS_KERNEL && token->type <= TK_M_PARENTS_TAG;
2199 }
2200
2201 static int udev_rule_apply_parent_token_to_event(
2202 UdevRules *rules,
2203 UdevEvent *event,
2204 int timeout_signal) {
2205
2206 UdevRuleLine *line;
2207 UdevRuleToken *head;
2208 int r;
2209
2210 line = rules->current_file->current_line;
2211 head = rules->current_file->current_line->current_token;
2212 event->dev_parent = event->dev;
2213 for (;;) {
2214 LIST_FOREACH(tokens, line->current_token, head) {
2215 if (!token_is_for_parents(line->current_token))
2216 return true; /* All parent tokens match. */
2217 r = udev_rule_apply_token_to_event(rules, event->dev_parent, event, 0, timeout_signal, NULL);
2218 if (r < 0)
2219 return r;
2220 if (r == 0)
2221 break;
2222 }
2223 if (!line->current_token)
2224 /* All parent tokens match. But no assign tokens in the line. Hmm... */
2225 return true;
2226
2227 if (sd_device_get_parent(event->dev_parent, &event->dev_parent) < 0) {
2228 event->dev_parent = NULL;
2229 return false;
2230 }
2231 }
2232 }
2233
2234 static int udev_rule_apply_line_to_event(
2235 UdevRules *rules,
2236 UdevEvent *event,
2237 usec_t timeout_usec,
2238 int timeout_signal,
2239 Hashmap *properties_list,
2240 UdevRuleLine **next_line) {
2241
2242 UdevRuleLine *line = rules->current_file->current_line;
2243 UdevRuleLineType mask = LINE_HAS_GOTO | LINE_UPDATE_SOMETHING;
2244 UdevRuleToken *token, *next_token;
2245 bool parents_done = false;
2246 sd_device_action_t action;
2247 int r;
2248
2249 r = sd_device_get_action(event->dev, &action);
2250 if (r < 0)
2251 return r;
2252
2253 if (action != SD_DEVICE_REMOVE) {
2254 if (sd_device_get_devnum(event->dev, NULL) >= 0)
2255 mask |= LINE_HAS_DEVLINK;
2256
2257 if (sd_device_get_ifindex(event->dev, NULL) >= 0)
2258 mask |= LINE_HAS_NAME;
2259 }
2260
2261 if ((line->type & mask) == 0)
2262 return 0;
2263
2264 event->esc = ESCAPE_UNSET;
2265
2266 DEVICE_TRACE_POINT(rules_apply_line, event->dev, line->rule_file->filename, line->line_number);
2267
2268 LIST_FOREACH_SAFE(tokens, token, next_token, line->tokens) {
2269 line->current_token = token;
2270
2271 if (token_is_for_parents(token)) {
2272 if (parents_done)
2273 continue;
2274
2275 r = udev_rule_apply_parent_token_to_event(rules, event, timeout_signal);
2276 if (r <= 0)
2277 return r;
2278
2279 parents_done = true;
2280 continue;
2281 }
2282
2283 r = udev_rule_apply_token_to_event(rules, event->dev, event, timeout_usec, timeout_signal, properties_list);
2284 if (r <= 0)
2285 return r;
2286 }
2287
2288 if (line->goto_line)
2289 *next_line = line->goto_line;
2290
2291 return 0;
2292 }
2293
2294 int udev_rules_apply_to_event(
2295 UdevRules *rules,
2296 UdevEvent *event,
2297 usec_t timeout_usec,
2298 int timeout_signal,
2299 Hashmap *properties_list) {
2300
2301 UdevRuleFile *file;
2302 UdevRuleLine *next_line;
2303 int r;
2304
2305 assert(rules);
2306 assert(event);
2307
2308 LIST_FOREACH(rule_files, file, rules->rule_files) {
2309 rules->current_file = file;
2310 LIST_FOREACH_SAFE(rule_lines, file->current_line, next_line, file->rule_lines) {
2311 r = udev_rule_apply_line_to_event(rules, event, timeout_usec, timeout_signal, properties_list, &next_line);
2312 if (r < 0)
2313 return r;
2314 }
2315 }
2316
2317 return 0;
2318 }
2319
2320 static int apply_static_dev_perms(const char *devnode, uid_t uid, gid_t gid, mode_t mode, char **tags) {
2321 char device_node[UDEV_PATH_SIZE], tags_dir[UDEV_PATH_SIZE], tag_symlink[UDEV_PATH_SIZE];
2322 _cleanup_free_ char *unescaped_filename = NULL;
2323 struct stat stats;
2324 char **t;
2325 int r;
2326
2327 assert(devnode);
2328
2329 if (uid == UID_INVALID && gid == GID_INVALID && mode == MODE_INVALID && !tags)
2330 return 0;
2331
2332 strscpyl(device_node, sizeof(device_node), "/dev/", devnode, NULL);
2333 if (stat(device_node, &stats) < 0) {
2334 if (errno != ENOENT)
2335 return log_error_errno(errno, "Failed to stat %s: %m", device_node);
2336 return 0;
2337 }
2338
2339 if (!S_ISBLK(stats.st_mode) && !S_ISCHR(stats.st_mode)) {
2340 log_warning("%s is neither block nor character device, ignoring.", device_node);
2341 return 0;
2342 }
2343
2344 if (!strv_isempty(tags)) {
2345 unescaped_filename = xescape(devnode, "/.");
2346 if (!unescaped_filename)
2347 return log_oom();
2348 }
2349
2350 /* export the tags to a directory as symlinks, allowing otherwise dead nodes to be tagged */
2351 STRV_FOREACH(t, tags) {
2352 strscpyl(tags_dir, sizeof(tags_dir), "/run/udev/static_node-tags/", *t, "/", NULL);
2353 r = mkdir_p(tags_dir, 0755);
2354 if (r < 0)
2355 return log_error_errno(r, "Failed to create %s: %m", tags_dir);
2356
2357 strscpyl(tag_symlink, sizeof(tag_symlink), tags_dir, unescaped_filename, NULL);
2358 r = symlink(device_node, tag_symlink);
2359 if (r < 0 && errno != EEXIST)
2360 return log_error_errno(errno, "Failed to create symlink %s -> %s: %m",
2361 tag_symlink, device_node);
2362 }
2363
2364 /* don't touch the permissions if only the tags were set */
2365 if (uid == UID_INVALID && gid == GID_INVALID && mode == MODE_INVALID)
2366 return 0;
2367
2368 if (mode == MODE_INVALID)
2369 mode = gid_is_valid(gid) ? 0660 : 0600;
2370 if (!uid_is_valid(uid))
2371 uid = 0;
2372 if (!gid_is_valid(gid))
2373 gid = 0;
2374
2375 r = chmod_and_chown(device_node, mode, uid, gid);
2376 if (r == -ENOENT)
2377 return 0;
2378 if (r < 0)
2379 return log_error_errno(r, "Failed to chown '%s' %u %u: %m", device_node, uid, gid);
2380 else
2381 log_debug("chown '%s' %u:%u with mode %#o", device_node, uid, gid, mode);
2382
2383 (void) utimensat(AT_FDCWD, device_node, NULL, 0);
2384 return 0;
2385 }
2386
2387 static int udev_rule_line_apply_static_dev_perms(UdevRuleLine *rule_line) {
2388 UdevRuleToken *token;
2389 _cleanup_strv_free_ char **tags = NULL;
2390 uid_t uid = UID_INVALID;
2391 gid_t gid = GID_INVALID;
2392 mode_t mode = MODE_INVALID;
2393 int r;
2394
2395 assert(rule_line);
2396
2397 if (!FLAGS_SET(rule_line->type, LINE_HAS_STATIC_NODE))
2398 return 0;
2399
2400 LIST_FOREACH(tokens, token, rule_line->tokens)
2401 if (token->type == TK_A_OWNER_ID)
2402 uid = PTR_TO_UID(token->data);
2403 else if (token->type == TK_A_GROUP_ID)
2404 gid = PTR_TO_GID(token->data);
2405 else if (token->type == TK_A_MODE_ID)
2406 mode = PTR_TO_MODE(token->data);
2407 else if (token->type == TK_A_TAG) {
2408 r = strv_extend(&tags, token->value);
2409 if (r < 0)
2410 return log_oom();
2411 } else if (token->type == TK_A_OPTIONS_STATIC_NODE) {
2412 r = apply_static_dev_perms(token->value, uid, gid, mode, tags);
2413 if (r < 0)
2414 return r;
2415 }
2416
2417 return 0;
2418 }
2419
2420 int udev_rules_apply_static_dev_perms(UdevRules *rules) {
2421 UdevRuleFile *file;
2422 UdevRuleLine *line;
2423 int r;
2424
2425 assert(rules);
2426
2427 LIST_FOREACH(rule_files, file, rules->rule_files)
2428 LIST_FOREACH(rule_lines, line, file->rule_lines) {
2429 r = udev_rule_line_apply_static_dev_perms(line);
2430 if (r < 0)
2431 return r;
2432 }
2433
2434 return 0;
2435 }
systemd for Proxmox projects