chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
socket: Set SO_REUSEPORT before bind()
[elogind.git]
/
src
/
shared
/
socket-label.c
diff --git
a/src/shared/socket-label.c
b/src/shared/socket-label.c
index 83ea1a9ef83323a3165c7ee93965841ec14fd8cb..144e6fd86edd056ca0f3634add1803bb492b1ccc 100644
(file)
--- a/
src/shared/socket-label.c
+++ b/
src/shared/socket-label.c
@@
-19,25
+19,18
@@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#include <assert.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
-#include <stdlib.h>
-#include <arpa/inet.h>
-#include <stdio.h>
-#include <net/if.h>
-#include <sys/types.h>
#include <sys/stat.h>
#include <stddef.h>
#include <sys/stat.h>
#include <stddef.h>
-#include <sys/ioctl.h>
#include "macro.h"
#include "util.h"
#include "mkdir.h"
#include "macro.h"
#include "util.h"
#include "mkdir.h"
-#include "socket-util.h"
#include "missing.h"
#include "missing.h"
-#include "label.h"
+#include "selinux-util.h"
+#include "socket-util.h"
int socket_address_listen(
const SocketAddress *a,
int socket_address_listen(
const SocketAddress *a,
@@
-45,6
+38,7
@@
int socket_address_listen(
int backlog,
SocketAddressBindIPv6Only only,
const char *bind_to_device,
int backlog,
SocketAddressBindIPv6Only only,
const char *bind_to_device,
+ bool reuse_port,
bool free_bind,
bool transparent,
mode_t directory_mode,
bool free_bind,
bool transparent,
mode_t directory_mode,
@@
-64,7
+58,7
@@
int socket_address_listen(
return -EAFNOSUPPORT;
if (label) {
return -EAFNOSUPPORT;
if (label) {
- r =
label_socket_set
(label);
+ r =
mac_selinux_create_socket_prepare
(label);
if (r < 0)
return r;
}
if (r < 0)
return r;
}
@@
-73,7
+67,7
@@
int socket_address_listen(
r = fd < 0 ? -errno : 0;
if (label)
r = fd < 0 ? -errno : 0;
if (label)
-
label
_socket_clear();
+
mac_selinux_create
_socket_clear();
if (r < 0)
return r;
if (r < 0)
return r;
@@
-90,16
+84,22
@@
int socket_address_listen(
if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, bind_to_device, strlen(bind_to_device)+1) < 0)
return -errno;
if (setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, bind_to_device, strlen(bind_to_device)+1) < 0)
return -errno;
+ if (reuse_port) {
+ one = 1;
+ if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &one, sizeof(one)) < 0)
+ log_warning_errno(errno, "SO_REUSEPORT failed: %m");
+ }
+
if (free_bind) {
one = 1;
if (setsockopt(fd, IPPROTO_IP, IP_FREEBIND, &one, sizeof(one)) < 0)
if (free_bind) {
one = 1;
if (setsockopt(fd, IPPROTO_IP, IP_FREEBIND, &one, sizeof(one)) < 0)
- log_warning
(
"IP_FREEBIND failed: %m");
+ log_warning
_errno(errno,
"IP_FREEBIND failed: %m");
}
if (transparent) {
one = 1;
if (setsockopt(fd, IPPROTO_IP, IP_TRANSPARENT, &one, sizeof(one)) < 0)
}
if (transparent) {
one = 1;
if (setsockopt(fd, IPPROTO_IP, IP_TRANSPARENT, &one, sizeof(one)) < 0)
- log_warning
(
"IP_TRANSPARENT failed: %m");
+ log_warning
_errno(errno,
"IP_TRANSPARENT failed: %m");
}
}
}
}
@@
-116,10
+116,7
@@
int socket_address_listen(
/* Enforce the right access mode for the socket */
old_mask = umask(~ socket_mode);
/* Enforce the right access mode for the socket */
old_mask = umask(~ socket_mode);
- /* Include the original umask in our mask */
- umask(~socket_mode | old_mask);
-
- r = label_bind(fd, &a->sockaddr.sa, a->size);
+ r = mac_selinux_bind(fd, &a->sockaddr.sa, a->size);
if (r < 0 && errno == EADDRINUSE) {
/* Unlink and try again */
if (r < 0 && errno == EADDRINUSE) {
/* Unlink and try again */
@@
-150,23
+147,22
@@
int make_socket_fd(int log_level, const char* address, int flags) {
r = socket_address_parse(&a, address);
if (r < 0) {
r = socket_address_parse(&a, address);
if (r < 0) {
- log_error("Failed to parse socket: %s", strerror(-r));
+ log_error("Failed to parse socket address \"%s\": %s",
+ address, strerror(-r));
return r;
}
fd = socket_address_listen(&a, flags, SOMAXCONN, SOCKET_ADDRESS_DEFAULT,
return r;
}
fd = socket_address_listen(&a, flags, SOMAXCONN, SOCKET_ADDRESS_DEFAULT,
- NULL, false, false, 0755, 0644, NULL);
+ NULL, false, false,
false,
0755, 0644, NULL);
if (fd < 0 || log_get_max_level() >= log_level) {
_cleanup_free_ char *p = NULL;
r = socket_address_print(&a, &p);
if (fd < 0 || log_get_max_level() >= log_level) {
_cleanup_free_ char *p = NULL;
r = socket_address_print(&a, &p);
- if (r < 0) {
- log_error("socket_address_print(): %s", strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "socket_address_print(): %m");
if (fd < 0)
if (fd < 0)
- log_error
("Failed to listen on %s: %s", p, strerror(-fd)
);
+ log_error
_errno(fd, "Failed to listen on %s: %m", p
);
else
log_full(log_level, "Listening on %s", p);
}
else
log_full(log_level, "Listening on %s", p);
}