1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2 
3 #include <unistd.h>
4 
5 #include "alloc-util.h"
6 #include "bus-util.h"
7 #include "capability-util.h"
8 #include "fileio.h"
9 #include "kmod-setup.h"
10 #include "macro.h"
11 #include "recurse-dir.h"
12 #include "string-util.h"
13 #include "virt.h"
14 
15 #if HAVE_KMOD
16 #include "module-util.h"
17 
systemd_kmod_log(void * data,int priority,const char * file,int line,const char * fn,const char * format,va_list args)18 static void systemd_kmod_log(
19                 void *data,
20                 int priority,
21                 const char *file, int line,
22                 const char *fn,
23                 const char *format,
24                 va_list args) {
25 
26         /* library logging is enabled at debug only */
27         DISABLE_WARNING_FORMAT_NONLITERAL;
28         log_internalv(LOG_DEBUG, 0, file, line, fn, format, args);
29         REENABLE_WARNING;
30 }
31 
has_virtio_rng_recurse_dir_cb(RecurseDirEvent event,const char * path,int dir_fd,int inode_fd,const struct dirent * de,const struct statx * sx,void * userdata)32 static int has_virtio_rng_recurse_dir_cb(
33                 RecurseDirEvent event,
34                 const char *path,
35                 int dir_fd,
36                 int inode_fd,
37                 const struct dirent *de,
38                 const struct statx *sx,
39                 void *userdata) {
40 
41         _cleanup_free_ char *alias = NULL;
42         int r;
43 
44         if (event != RECURSE_DIR_ENTRY)
45                 return RECURSE_DIR_CONTINUE;
46 
47         if (de->d_type != DT_REG)
48                 return RECURSE_DIR_CONTINUE;
49 
50         if (!streq(de->d_name, "modalias"))
51                 return RECURSE_DIR_CONTINUE;
52 
53         r = read_one_line_file(path, &alias);
54         if (r < 0) {
55                 log_debug_errno(r, "Failed to read %s, ignoring: %m", path);
56                 return RECURSE_DIR_LEAVE_DIRECTORY;
57         }
58 
59         if (startswith(alias, "pci:v00001AF4d00001005"))
60                 return 1;
61 
62         if (startswith(alias, "pci:v00001AF4d00001044"))
63                 return 1;
64 
65         return RECURSE_DIR_LEAVE_DIRECTORY;
66 }
67 
has_virtio_rng(void)68 static bool has_virtio_rng(void) {
69         int r;
70 
71         r = recurse_dir_at(
72                         AT_FDCWD,
73                         "/sys/devices/pci0000:00",
74                         /* statx_mask= */ 0,
75                         /* n_depth_max= */ 2,
76                         RECURSE_DIR_ENSURE_TYPE,
77                         has_virtio_rng_recurse_dir_cb,
78                         NULL);
79         if (r < 0)
80                 log_debug_errno(r, "Failed to determine whether host has virtio-rng device, ignoring: %m");
81 
82         return r > 0;
83 }
84 
in_qemu(void)85 static bool in_qemu(void) {
86         return IN_SET(detect_vm(), VIRTUALIZATION_KVM, VIRTUALIZATION_QEMU);
87 }
88 #endif
89 
kmod_setup(void)90 int kmod_setup(void) {
91 #if HAVE_KMOD
92 
93         static const struct {
94                 const char *module;
95                 const char *path;
96                 bool warn_if_unavailable:1;
97                 bool warn_if_module:1;
98                 bool (*condition_fn)(void);
99         } kmod_table[] = {
100                 /* This one we need to load explicitly, since auto-loading on use doesn't work
101                  * before udev created the ghost device nodes, and we need it earlier than that. */
102                 { "autofs4",   "/sys/class/misc/autofs",    true,   false,   NULL      },
103 
104                 /* This one we need to load explicitly, since auto-loading of IPv6 is not done when
105                  * we try to configure ::1 on the loopback device. */
106                 { "ipv6",      "/sys/module/ipv6",          false,  true,    NULL      },
107 
108                 /* This should never be a module */
109                 { "unix",      "/proc/net/unix",            true,   true,    NULL      },
110 
111 #if HAVE_LIBIPTC
112                 /* netfilter is needed by networkd, nspawn among others, and cannot be autoloaded */
113                 { "ip_tables", "/proc/net/ip_tables_names", false,  false,   NULL      },
114 #endif
115                 /* virtio_rng would be loaded by udev later, but real entropy might be needed very early */
116                 { "virtio_rng", NULL,                       false,  false,   has_virtio_rng },
117 
118                 /* qemu_fw_cfg would be loaded by udev later, but we want to import credentials from it super early */
119                 { "qemu_fw_cfg", "/sys/firmware/qemu_fw_cfg", false, false,  in_qemu   },
120         };
121         _cleanup_(kmod_unrefp) struct kmod_ctx *ctx = NULL;
122         unsigned i;
123 
124         if (have_effective_cap(CAP_SYS_MODULE) == 0)
125                 return 0;
126 
127         for (i = 0; i < ELEMENTSOF(kmod_table); i++) {
128                 if (kmod_table[i].path && access(kmod_table[i].path, F_OK) >= 0)
129                         continue;
130 
131                 if (kmod_table[i].condition_fn && !kmod_table[i].condition_fn())
132                         continue;
133 
134                 if (kmod_table[i].warn_if_module)
135                         log_debug("Your kernel apparently lacks built-in %s support. Might be "
136                                   "a good idea to compile it in. We'll now try to work around "
137                                   "this by loading the module...", kmod_table[i].module);
138 
139                 if (!ctx) {
140                         ctx = kmod_new(NULL, NULL);
141                         if (!ctx)
142                                 return log_oom();
143 
144                         kmod_set_log_fn(ctx, systemd_kmod_log, NULL);
145                         kmod_load_resources(ctx);
146                 }
147 
148                 (void) module_load_and_warn(ctx, kmod_table[i].module, kmod_table[i].warn_if_unavailable);
149         }
150 
151 #endif
152         return 0;
153 }
154