1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-22 13:33:56 +03:00

service: do fine-grained validation of CPUSchedulingPriority= at execution time

The precise bounds of the scheduling priority depend on the scheduling policy,
so depending on the order in which the two settings are specified the
validation might pass or fail.
When checking the setting only validate the outer range (valid values in general are 0 to 99),
and let the execution fail later if the priority does not match the
specified policy (1 to 99 for RR/FIFO, 0 for the rest).

Fixes https://github.com/systemd/systemd/issues/20320
This commit is contained in:
Luca Boccassi 2022-10-19 23:52:58 +01:00 committed by Zbigniew Jędrzejewski-Szmek
parent 1726ce726f
commit 40c05a3459
4 changed files with 11 additions and 13 deletions

View File

@ -2718,15 +2718,15 @@ int bus_exec_context_set_transient_property(
return 1;
} else if (streq(name, "CPUSchedulingPriority")) {
int32_t p, min, max;
int32_t p;
r = sd_bus_message_read(message, "i", &p);
if (r < 0)
return r;
min = sched_get_priority_min(c->cpu_sched_policy);
max = sched_get_priority_max(c->cpu_sched_policy);
if (p < min || p > max)
/* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0. Policy might be set
* later so we do not check the precise range, but only the generic outer bounds. */
if (p < 0 || p > 99)
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid CPU scheduling priority: %i", p);
if (!UNIT_WRITE_FLAGS_NOOP(flags)) {

View File

@ -1599,7 +1599,7 @@ int config_parse_exec_cpu_sched_prio(const char *unit,
void *userdata) {
ExecContext *c = ASSERT_PTR(data);
int i, min, max, r;
int i, r;
assert(filename);
assert(lvalue);
@ -1611,11 +1611,9 @@ int config_parse_exec_cpu_sched_prio(const char *unit,
return 0;
}
/* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
min = sched_get_priority_min(c->cpu_sched_policy);
max = sched_get_priority_max(c->cpu_sched_policy);
if (i < min || i > max) {
/* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0. Policy might be set later so
* we do not check the precise range, but only the generic outer bounds. */
if (i < 0 || i > 99) {
log_syntax(unit, LOG_WARNING, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue);
return 0;
}

View File

@ -4,6 +4,6 @@ Description=Bad sched priority for RR
[Service]
ExecStart=/bin/true
CPUSchedulingPolicy=rr
CPUSchedulingPriority=0
CPUSchedulingPriority=-1
CPUSchedulingPriority=100
CPUSchedulingPolicy=rr

View File

@ -4,7 +4,7 @@ Description=Change prio
[Service]
ExecStart=/bin/true
CPUSchedulingPolicy=rr
CPUSchedulingPriority=1
CPUSchedulingPriority=2
CPUSchedulingPriority=99
CPUSchedulingPolicy=rr