IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
(cherry picked from commit 20e933ae7404154f642fd5459c11532102f8a598)
(cherry picked from commit f1ea9cd55e236d89b082529411f0d98776af2ba0)
(cherry picked from commit 46ee98edd5da6515ce0aac71885027a5c37898ad)
(… or other boot loaders implementing the Boot Loader Interface.)
Fixes#27857.
(cherry picked from commit 088d8c99fe98e00eefdb8263cc9ce218a8023718)
(cherry picked from commit 3222272c46fc47c983df52063810e99c63c77439)
(cherry picked from commit a00581680eb331d8f8e32a1aaca5fb83b22f9bc9)
98d81cf974 moved the assertion at the beginning of home_dispatch_acquire(),
which is however before we even check for any ongoing operation, hence we
might hit it even in legitimate cases.
Let's move it back to after we check for any possibly ongoing operation, to
make it once again a safety check.
Follow-up to 98d81cf974.
Resolves: #22443 and #24036
(cherry picked from commit e4ab2db9df997e2c7d788440fbfe645b2d816306)
(cherry picked from commit 23b7bf3d0151d5344bc2bf10c58272d74cdd2fdf)
(cherry picked from commit 6e55a4d928260a1a40cee3d6b7ba4b0d37aa2b44)
Only notable change is that memfd_secret is now defined on s390(x).
(cherry picked from commit 7b975e9f45940d781d522a7ef814cd7784c7e23b)
(cherry picked from commit 5f3ca32d0c3ce46623b3ceba92526287524ac524)
(cherry picked from commit a95176e436a49306d013903874081547ea022b0a)
(cherry picked from commit 30868c1c8d6e518a4da9c491df7eb8559951365d)
(cherry picked from commit 375e6be16cf455d23b81f6b60aeaeca5606e587f)
(cherry picked from commit ae8679d7a734d404b7b9c43d7cb75d36fbcb18d1)
Let's explicitly order these against initrd-switch-root.target, so
that they are properly shut down before we switch root. Otherwise,
there's a race condition where networkd might only shut down after
switching root and after we've already we've loaded the unit graph,
meaning it won't be restarted in the rootfs.
Fixes#27718
(cherry picked from commit 75efd16fb001ba19d12362198ba5c44cb6f40d04)
(cherry picked from commit 2e10f8874aeb1972322c3e0c8237cb8263bccd53)
(cherry picked from commit bc3bad00567d02e00888e6690e1230a554432077)
If we fail to combine the new entry with a previous one, or update it in
the hashmap, we might later on attempt a double-free:
=================================================================
==10==ERROR: AddressSanitizer: attempting double-free on 0x611000039fc0 in thread T0:
SCARINESS: 42 (double-free)
#0 0x4a0962 in __interceptor_free /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:52:3
#1 0x7f55e431d9f2 in _hashmap_clear /work/build/../../src/systemd/src/basic/hashmap.c:927:33
#2 0x7f55e431d4c8 in _hashmap_free /work/build/../../src/systemd/src/basic/hashmap.c:896:17
#3 0x4de1de in ordered_hashmap_free_free_free /work/build/../../src/systemd/src/basic/hashmap.h:120:24
#4 0x4de1de in ordered_hashmap_free_free_freep /work/build/../../src/systemd/src/basic/hashmap.h:434:1
#5 0x4de1de in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-catalog.c:26:1
#6 0x4de8b8 in NaloFuzzerTestOneInput (/build/fuzz-catalog+0x4de8b8)
#7 0x4fd8c3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15
#8 0x4fd0aa in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:514:3
#9 0x4fe779 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:757:19
#10 0x4ff445 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:895:5
#11 0x4ee7af in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:912:6
#12 0x4ef078 in LLVMFuzzerRunDriver /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:925:10
#13 0x4deb35 in main (/build/fuzz-catalog+0x4deb35)
#14 0x7f55e3a32082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
#15 0x41f7cd in _start (/build/fuzz-catalog+0x41f7cd)
DEDUP_TOKEN: __interceptor_free--_hashmap_clear--_hashmap_free
0x611000039fc0 is located 0 bytes inside of 224-byte region [0x611000039fc0,0x61100003a0a0)
freed by thread T0 here:
#0 0x4a0962 in __interceptor_free /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:52:3
#1 0x7f55e451493d in freep /work/build/../../src/systemd/src/basic/alloc-util.h:107:22
#2 0x7f55e451493d in finish_item /work/build/../../src/systemd/src/libsystemd/sd-journal/catalog.c:187:1
#3 0x7f55e4513e56 in catalog_import_file /work/build/../../src/systemd/src/libsystemd/sd-journal/catalog.c:313:45
#4 0x4de1be in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-catalog.c:23:16
#5 0x4de8b8 in NaloFuzzerTestOneInput (/build/fuzz-catalog+0x4de8b8)
#6 0x4fd8c3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15
#7 0x4fd0aa in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:514:3
#8 0x4fe779 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:757:19
#9 0x4ff445 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:895:5
#10 0x4ee7af in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:912:6
#11 0x4ef078 in LLVMFuzzerRunDriver /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:925:10
#12 0x4deb35 in main (/build/fuzz-catalog+0x4deb35)
#13 0x7f55e3a32082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
DEDUP_TOKEN: __interceptor_free--freep--finish_item
previously allocated by thread T0 here:
#0 0x4a0c06 in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3
#1 0x4de539 in malloc (/build/fuzz-catalog+0x4de539)
#2 0x7f55e42bf96b in memdup /work/build/../../src/systemd/src/basic/alloc-util.c:16:15
#3 0x7f55e451475d in finish_item /work/build/../../src/systemd/src/libsystemd/sd-journal/catalog.c:176:28
#4 0x7f55e4513e56 in catalog_import_file /work/build/../../src/systemd/src/libsystemd/sd-journal/catalog.c:313:45
#5 0x4de1be in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-catalog.c:23:16
#6 0x4de8b8 in NaloFuzzerTestOneInput (/build/fuzz-catalog+0x4de8b8)
#7 0x4fd8c3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15
#8 0x4fd0aa in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:514:3
#9 0x4fe779 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:757:19
#10 0x4ff445 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:895:5
#11 0x4ee7af in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:912:6
#12 0x4ef078 in LLVMFuzzerRunDriver /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:925:10
#13 0x4deb35 in main (/build/fuzz-catalog+0x4deb35)
#14 0x7f55e3a32082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
DEDUP_TOKEN: __interceptor_malloc--malloc--memdup
SUMMARY: AddressSanitizer: double-free /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:52:3 in __interceptor_free
Found by Nallocfuzz.
(cherry picked from commit ac874b8fb13bf293986a3814149a820729b27a30)
(cherry picked from commit b1663b83338dc335e86eda05e28f229f25bdfa48)
(cherry picked from commit 6ebbc8fcdc844e1fa82cc995880470e0f8b31239)
If we're doing a daemon-reload, we'll be going from TIMER_DEAD => TIMER_WAITING,
so we won't use inactive_exit_timestamp because TIMER_DEAD != UNIT_ACTIVE, even
though inactive_exit_timestamp is serialized/deserialized and will be valid after
the daemon-reload.
This issue can lead to timers never firing as we'll always calculate the next
elapse based on the current realtime on daemon-reload, so if daemon-reload happens
often enough, the elapse interval will be moved into the future every time, which
means the timer will never trigger.
To fix the issue, let's always use inactive_exit_timestamp if it is set, and only
fall back to the current realtime if it is not set.
(cherry picked from commit 6546045fa0bf84737bd8b2e1e8bf7dd3941d8352)
(cherry picked from commit aa48ecb0a6fa80a2d9295d699716f663a34f13a8)
(cherry picked from commit 48445d27c76c1ae5d40e63ddf31173ffe3e20ae5)
We want thawing operations to still succeed even in the presence of an
unfreezable unit type (e.g. mount) appearing under a slice after the
slice was frozen. The appearance of such units should never cause the
slice thawing operation to fail to prevent potential future repeats of
https://github.com/systemd/systemd/issues/25356.
(cherry picked from commit b458659a1619337fa83353b5f41bae35d7ad4c69)
(cherry picked from commit ac380e43a4f850ea212247639ba5ab80c58d73f0)
(cherry picked from commit d901bfa0c92aba4bdaf77d256068bec5c22a73e8)
Recent gcc versions have started to trigger false positive
maybe-uninitialized warnings. Let's make sure we initialize
variables annotated with _cleanup_ to avoid these.
(cherry picked from commit 3d41b6b8e864abbf7b81c938532f42e97a900e22)
(cherry picked from commit 53bc78d3e0c3e1b7e1c0f1ce5fe7056805d889eb)
(cherry picked from commit d2208e4b8457421283f5d1ffabb083d4686b7476)
We can't dereference the variant object directly, as it might be
a magic object (which has an address on a faulting page); use
json_variant_is_sensitive() instead that handles this case.
For example, with an empty array:
==1547789==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000023 (pc 0x7fd616ca9a18 bp 0x7ffcba1dc7c0 sp 0x7ffcba1dc6d0 T0)
==1547789==The signal is caused by a READ memory access.
==1547789==Hint: address points to the zero page.
SCARINESS: 10 (null-deref)
#0 0x7fd616ca9a18 in json_variant_strv ../src/shared/json.c:2190
#1 0x408332 in oci_args ../src/nspawn/nspawn-oci.c:173
#2 0x7fd616cc09ce in json_dispatch ../src/shared/json.c:4400
#3 0x40addf in oci_process ../src/nspawn/nspawn-oci.c:428
#4 0x7fd616cc09ce in json_dispatch ../src/shared/json.c:4400
#5 0x41fef5 in oci_load ../src/nspawn/nspawn-oci.c:2187
#6 0x4061e4 in LLVMFuzzerTestOneInput ../src/nspawn/fuzz-nspawn-oci.c:23
#7 0x40691c in main ../src/fuzz/fuzz-main.c:50
#8 0x7fd61564a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
#9 0x7fd61564a5c8 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x275c8)
#10 0x405da4 in _start (/home/fsumsal/repos/@systemd/systemd/build-san/fuzz-nspawn-oci+0x405da4)
DEDUP_TOKEN: json_variant_strv--oci_args--json_dispatch
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ../src/shared/json.c:2190 in json_variant_strv
==1547789==ABORTING
Or with an empty string in an array:
../src/shared/json.c:2202:39: runtime error: member access within misaligned address 0x000000000007 for type 'struct JsonVariant', which requires 8 byte alignment
0x000000000007: note: pointer points here
<memory cannot be printed>
#0 0x7f35f4ca9bcf in json_variant_strv ../src/shared/json.c:2202
#1 0x408332 in oci_args ../src/nspawn/nspawn-oci.c:173
#2 0x7f35f4cc09ce in json_dispatch ../src/shared/json.c:4400
#3 0x40addf in oci_process ../src/nspawn/nspawn-oci.c:428
#4 0x7f35f4cc09ce in json_dispatch ../src/shared/json.c:4400
#5 0x41fef5 in oci_load ../src/nspawn/nspawn-oci.c:2187
#6 0x4061e4 in LLVMFuzzerTestOneInput ../src/nspawn/fuzz-nspawn-oci.c:23
#7 0x40691c in main ../src/fuzz/fuzz-main.c:50
#8 0x7f35f364a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
#9 0x7f35f364a5c8 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x275c8)
#10 0x405da4 in _start (/home/fsumsal/repos/@systemd/systemd/build-san/fuzz-nspawn-oci+0x405da4)
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../src/shared/json.c:2202:39 in
Note: this happens only if json_variant_copy() in json_variant_set_source() fails.
Found by Nallocfuzz.
(cherry picked from commit 909eb4c01de03a32c915a2267166501dca5b78f6)
(cherry picked from commit 58c1816aa43b96b5ce0953bc8ff78c37c4226216)
(cherry picked from commit 89ab32d166a6920a14c19b90fe528c02ed5f4142)
Bug introduced in 335f6ab4f13abcd8073fe84f2a3c70c67271126e. pw/sp are totally
wrong in this context, most likely NULL.
(cherry picked from commit 7e4c61491a720d7a28186cf9e7e144049885a926)
(cherry picked from commit fbb2c5ab19d9b17387a44a87ecec4c085657345c)
(cherry picked from commit fe09df464cd2feb8a309169f4b07a626af2b31be)
(cherry picked from commit a3256ea8f4684ff92622ca9df1dc18dc517a4c6e)
(cherry picked from commit 286ce2be44422e53347edd8f79acd5532b96780c)
(cherry picked from commit 5cfc6e18b794c647bd238cd358d292573cc6f99b)
Re-watching pids on cgroup v1 (needed because of unreliability of cgroup
empty notifications in containers) is handled bellow at the end of
service_sigchld_event() and depends on value main_pid_known flag.
In CentOS Stream 8 container on cgroup v1 the stop action would get stuck
indefinitely on unit like this,
$ cat /run/systemd/system/foo.service
[Service]
ExecStart=/bin/bash -c 'trap "nohup sleep 1 & exit 0" TERM; sleep infinity'
ExecStop=/bin/bash -c 'kill -s TERM $MAINPID'
TimeoutSec=0
However, upstream works "fine" because in upstream version of systemd we
actually never wait on processes killed in containers and proceed
immediately to sending SIGKILL hence re-watching of pids in the cgroup
is not necessary. But for the sake of correctness we should merge the
patch also upstream.
(cherry picked from commit ff32060f2ed37b68dc26256b05e2e69013b0ecfe)
(cherry picked from commit ae83e97a51519ca33e70d7ba142cb3ed24212825)
(cherry picked from commit 03c270fa6bf0488d1b6b6151f8c03fdbd8a1b869)
instead of just asserting in case the memstream couldn't be resized.
Found by Nallocufuzz.
(cherry picked from commit 3575c371697a07995c3e65ae03aed55262ab00ed)
(cherry picked from commit f0bb96738803a5b0a905fedf1d52c98860b619c5)
(cherry picked from commit 3bf6ebc61331c335191577973b9945013ad70d28)
Provides coverage for #24565.
(cherry picked from commit c11c50a53f677f3977f3144b9fc5f02a3516de9f)
(cherry picked from commit debce7c1849877f233c105bffb509bc5902c4748)
(cherry picked from commit 420944320ce07b13b4701b9117d05ea34f8e0885)
Set --boot with --follow only if it's not already set and if --merge is
not used, since it's not compatible with --boot.
Follow-up to 2dd9285bac.
Resolves: #24565
(cherry picked from commit e47622a61cc252df3f19190d362de5a27c93060d)
(cherry picked from commit 604d132fdefbb5ca2697a0f64922b4bc5ccbc1dd)
(cherry picked from commit 8920580f6a031b4edd3a3f30de745e27be09042e)
Without acceleration this part of the test takes over 10 minutes (!),
which feels quite unnecessary. Let's cut down the number of stuff we
dump to the journal in such case, but keep the original value if we run
with acceleration (since in that case it takes less than 10 seconds).
(cherry picked from commit ff40235b9bd2a944131c36b1c7ccfd88f49a194e)
(cherry picked from commit 6a4c05c61558961ded25d4e1faaed5fdf4692265)
(cherry picked from commit d4cea5d5f54d0df5cf7715141af4e0cf1eeb1a0d)
We can make the message shorter and more direct without changing
the meaning.
(cherry picked from commit d0cf9a9562fd396ca471613cc9155191b1d77295)
(cherry picked from commit c756ffea57c7c979e720a6150be14d2fdf829e53)
(cherry picked from commit 9dc52d7592fc1e5955a0614561648b2bf845d283)
This in unnecessarilly unpleasant: the code might report about a bus
connection, e.g. in an error message or assert. Let's let it query
the name of the object.
This partially reverts f4b2933ee7890e5d414ab266d8586f19027a2bd9.
(cherry picked from commit ed7a6f51eab5af40d3d7884ce846f74aea0c00f0)
(cherry picked from commit a3e5eb5606d92b5c4db9306cbd3fcac56e9ff10a)
(cherry picked from commit 299573b5d7eeec6b25e07cf6ec12b2ffef151f85)
The code has an explicit fallback using runtime_scope_to_string(), which
is also documented in the man page. So -ENXIO should only be returned when
the fallback doesn't work, i.e. bus->runtime_scope == -EINVAL.
Fixup for f4b2933ee7890e5d414ab266d8586f19027a2bd9.
This should fix the following errors during boot:
May 18 16:05:37 fedora systemd-update-utmp[263]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:38 fedora systemctl[360]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:38 fedora systemctl[363]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:38 fedora systemd-update-utmp[372]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:38 fedora @ystemctl[387]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:40 fedora systemd-update-utmp[477]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:41 fedora systemd-homed[509]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:41 fedora systemd-logind[510]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:41 fedora systemd-update-utmp[529]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:42 fedora systemd-user-runtime-dir[531]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:42 fedora systemctl[542]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:42 fedora systemd-hostnamed[556]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
(cherry picked from commit aa77ed55e1dc0f7bcb633d637eb604cdc3807957)
(cherry picked from commit e91557a1e08c4f34b8ce91636e316143a60c4490)
(cherry picked from commit 06f8fd3244eb5fa613ffcf19af71b02484c54db0)
(cherry picked from commit 0d4519dd84878ff1f94ba8f08d4a81350c3b1d08)
(cherry picked from commit 93b3bd12ac5f0e60c63de57c6728dc6f155e84be)
(cherry picked from commit 2bf86d04f06c120fe82f5fee0c62108711cb5568)
by not printing (null) and dropping the extraneous slash, e.g.:
systemd-nspawn[2049]: Failed to resolve (null)//proc: Permission denied
(cherry picked from commit e85c644ede7ee73a7bd72702b68a727fe2740f16)
(cherry picked from commit c51273941d41ecdd5cc2fda7d363f0aae2555124)
(cherry picked from commit 27efa4a0dc76f99c63d94b326b339640efecf408)
This reverts part of commit bd2538b50ba283c9ce39142d5d16d90184a55b90,
specifically changes to the description of service state between auto-restarts.
Fixes#27594
(cherry picked from commit 2200cf47ce7e0f049bcda156a897565f45233838)
(cherry picked from commit e85daabd3ebf06add790c00d19b1df5bdd7b9e4b)
(cherry picked from commit 3d00dba68ea2dba44f73035e5b45f85cec1cb542)
Reported and diagnosed by gitterman. Fixes#26617.
(cherry picked from commit f90360eb7417e083650034ad819790df0c389bd1)
(cherry picked from commit 3e286a7b2e1a97ff71282cd78087a3a7f43a53f0)
(cherry picked from commit cb511894bdf38d2bad2ecf6609b3748bd89ff67b)
Also fix the grammar: "neither" can only be used with two values, and
here we have an inderminate number >= 1.
Fixes#26460.
(cherry picked from commit 2f76f1cfaee2f775df8b367cb77aed751af45956)
(cherry picked from commit cb6641bde3d2d8d236c4eccf16172a77d6295d5f)
(cherry picked from commit fdac06ec81a48a7a79181bd4935cf3fb35c9f430)
Fixes#26413: the docs said that the filter prevents writes, but it just a
filter at the system call level, and some of those calls are used for writing
and reading. This is confusing esp. when a higher level library call like
ntp_gettime() is denied.
I don't think it's realistic that we'll make the filter smarter in the near
future, so let's change the docs to describe the implementation.
Also, split out the advice part into a separate paragraph.
(cherry picked from commit 42eccfec6e47a5436bd143ee357d2a2da620c2f2)
(cherry picked from commit 65bf6c5a8f16448528af674cc381fd05fcc6c338)
(cherry picked from commit 54652191b4e7c5ce886378e6821d310b7ca4741d)
(cherry picked from commit cd70372b934bded2249f26c72d4b6ab9bdf50a13)
(cherry picked from commit 1809fff3927c21b908b5f4e1b0d80a58a98d4c42)
(cherry picked from commit cf56245d57cd3acb97e41841d0dfd08e5729a0db)
(cherry picked from commit fc832965476d106fb3d5a6c9a43f5ff3166987b2)
(cherry picked from commit 756e77b93636a6de55110e46158defd1d7e69aca)
(cherry picked from commit 40024e6d39bbcc9ee9a3f2de60edaaa7fc5a132c)
Otherwise hilarity ensues:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==722==ERROR: AddressSanitizer: SEGV on unknown address 0xffffffff00000000 (pc 0x7f8d50ca9ffb bp 0x7fff11b0d4a0 sp 0x7fff11b0cc30 T0)
==722==The signal is caused by a READ memory access.
#0 0x7f8d50ca9ffb in __interceptor_strcmp.part.0 (/lib64/libasan.so.8+0xa9ffb)
#1 0x7f8d4f9cf5a1 in strcmp_ptr ../src/fundamental/string-util-fundamental.h:33
#2 0x7f8d4f9cf5f8 in streq_ptr ../src/fundamental/string-util-fundamental.h:46
#3 0x7f8d4f9d74d2 in free_and_strdup ../src/basic/string-util.c:948
#4 0x49139a in free_and_strdup_warn ../src/basic/string-util.h:197
#5 0x4923eb in oci_absolute_path ../src/nspawn/nspawn-oci.c:139
#6 0x7f8d4f6bd359 in json_dispatch ../src/shared/json.c:4395
#7 0x4a8831 in oci_hooks_array ../src/nspawn/nspawn-oci.c:2089
#8 0x7f8d4f6bd359 in json_dispatch ../src/shared/json.c:4395
#9 0x4a8b56 in oci_hooks ../src/nspawn/nspawn-oci.c:2112
#10 0x7f8d4f6bd359 in json_dispatch ../src/shared/json.c:4395
#11 0x4aa298 in oci_load ../src/nspawn/nspawn-oci.c:2197
#12 0x446cec in load_oci_bundle ../src/nspawn/nspawn.c:4744
#13 0x44ffa7 in run ../src/nspawn/nspawn.c:5477
#14 0x4552fb in main ../src/nspawn/nspawn.c:5920
#15 0x7f8d4e04a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
#16 0x7f8d4e04a5c8 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x275c8)
#17 0x40d284 in _start (/usr/bin/systemd-nspawn+0x40d284)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib64/libasan.so.8+0xa9ffb) in __interceptor_strcmp.part.0
==722==ABORTING
(cherry picked from commit f4e5c042c9a5659a5eebb4c91c0f1132f02a2c59)
(cherry picked from commit c7861222ba57e929fa6bb3efd73ab20540b243c2)
(cherry picked from commit d45301d66053ce3c96c6aa9a33b91eeeafff741b)
Use the returned errno even though we are going to ignore it, otherwise
the log message is just confusing:
config.json:119:13: Failed to resolve device node 4:2, ignoring: Success
(cherry picked from commit e5c275fedc0ab416730fe288a8754a20a014e200)
(cherry picked from commit 6f577f5d92c7f881f86ee2284e5eab0ba16b57c0)
(cherry picked from commit 07eb3a33b2d7c1c663785a2f05a11d5809140168)
When merging the settings we take the pointer to the array of extra
devices, but don't reset the array counter to zero. This later leads to
a NULL pointer dereference, where device_node_array_free() attempts to
loop over a NULL pointer:
+ systemd-nspawn --oci-bundle=/var/lib/machines/testsuite-13.oci-bundle.Npo
../src/nspawn/nspawn-settings.c:118:29: runtime error: member access within null pointer of type 'struct DeviceNode'
#0 0x4b91ee in device_node_array_free ../src/nspawn/nspawn-settings.c:118
#1 0x4ba42a in settings_free ../src/nspawn/nspawn-settings.c:161
#2 0x410b79 in settings_freep ../src/nspawn/nspawn-settings.h:249
#3 0x446ce8 in load_oci_bundle ../src/nspawn/nspawn.c:4733
#4 0x44ff42 in run ../src/nspawn/nspawn.c:5476
#5 0x455296 in main ../src/nspawn/nspawn.c:5919
#6 0x7f0cb7a4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
#7 0x7f0cb7a4a5c8 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x275c8)
#8 0x40d284 in _start (/usr/bin/systemd-nspawn+0x40d284)
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../src/nspawn/nspawn-settings.c:118:29 in
Also, add an appropriate assert to catch such issues in the future.
(cherry picked from commit 825210d4e5d52655ff893d600da2d2c8e5c0c8e1)
(cherry picked from commit 9a7c6ed56834d085f9fdcea3b3f939b96f88c371)
(cherry picked from commit 66f187a7ff50b5c51dfd56e6d7b5d542f48d218f)
(cherry picked from commit 3426ec8efb7f075f71768e993dfe8c3c104b68ab)
(cherry picked from commit 17c7b07c676992335814e93292100366985d398c)
(cherry picked from commit 5d56a6ca631e0ed92d074fa11d827f6098babaf9)
(cherry picked from commit 55d3c136d940a5dbed8fd226c988b641f27bf48c)
(cherry picked from commit b13e836315f915ba11ed1859af361eff56010ad9)
(cherry picked from commit f3256dcaea967589064fe63e4adce10c0c55ec4f)
Unlike most other bus connections in our codebase this one is created
manually and every setting set invididually. It hence does not have a
description by default (as all automatic connections have). Set one
explicitly.
(cherry picked from commit acf493390ac601d90dc4ac188475635a5c327522)
(cherry picked from commit d88225ef4434bf12e5b76bcee222284a3007c373)
(cherry picked from commit 6356d775c7077dfb37d244243b2a87aeb3093fab)
As per:
https://social.treehouse.systems/@grawity/110376583742207755
(cherry picked from commit 7e0aaeb244dafd7a3ff69295b8ea60e827fe2f21)
(cherry picked from commit 29115ef32e5c4e1a89c80ec2cdfcff5190e70e8f)
(cherry picked from commit 0086c49546fd84460c3acc9e50dd25d4a64fc5ad)
(cherry picked from commit 5571048919cbcc8f4331f589e7590316bc162f9d)
(cherry picked from commit 051f86ae0e4e13f53352b0bb3cdb0211a7d3dd0d)
(cherry picked from commit c1fdf8fdcdc31058d083bcd454d7fcf31a2b35ce)
(cherry picked from commit 7362947c3f3992cf3660b170f46bd80bb5fe1021)
(cherry picked from commit d7e75c73150e6169ed94f600e188e80b6341db3f)
(cherry picked from commit 99a52432d08d51c15fcfdac9471d7ebd33ed6d37)
+ machinectl status long-running long-running long-running
=================================================================
==986==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 1568 byte(s) in 2 object(s) allocated from:
#0 0x7fe57caba097 in calloc (/lib64/libasan.so.8+0xba097)
#1 0x7fe57b891e8e in message_from_header ../src/libsystemd/sd-bus/bus-message.c:372
#2 0x7fe57b892dfd in bus_message_from_malloc ../src/libsystemd/sd-bus/bus-message.c:421
#3 0x7fe57b9089a8 in bus_socket_make_message ../src/libsystemd/sd-bus/bus-socket.c:1165
#4 0x7fe57b90affe in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1294
#5 0x7fe57b92db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
#6 0x7fe57b933352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
#7 0x7fe57b84da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
#8 0x7fe57b2789e8 in bus_call_method ../src/shared/bus-locator.c:109
#9 0x40f71c in show_machine ../src/machine/machinectl.c:713
#10 0x7fe57b65c8cf in dispatch_verb ../src/shared/verbs.c:103
#11 0x42e9ce in machinectl_main ../src/machine/machinectl.c:2980
#12 0x42ebf9 in run ../src/machine/machinectl.c:3005
#13 0x42ed1f in main ../src/machine/machinectl.c:3008
#14 0x7fe579e4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
Indirect leak of 234 byte(s) in 2 object(s) allocated from:
#0 0x7fe57cab95b5 in __interceptor_realloc.part.0 (/lib64/libasan.so.8+0xb95b5)
#1 0x7fe57b909822 in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1214
#2 0x7fe57b92db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
#3 0x7fe57b933352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
#4 0x7fe57b84da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
#5 0x7fe57b2789e8 in bus_call_method ../src/shared/bus-locator.c:109
#6 0x40f71c in show_machine ../src/machine/machinectl.c:713
#7 0x7fe57b65c8cf in dispatch_verb ../src/shared/verbs.c:103
#8 0x42e9ce in machinectl_main ../src/machine/machinectl.c:2980
#9 0x42ebf9 in run ../src/machine/machinectl.c:3005
#10 0x42ed1f in main ../src/machine/machinectl.c:3008
#11 0x7fe579e4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
Indirect leak of 4 byte(s) in 2 object(s) allocated from:
#0 0x7fe57ca7243b in strdup (/lib64/libasan.so.8+0x7243b)
#1 0x7fe57b8c1543 in message_parse_fields ../src/libsystemd/sd-bus/bus-message.c:4125
#2 0x7fe57b893586 in bus_message_from_malloc ../src/libsystemd/sd-bus/bus-message.c:443
#3 0x7fe57b9089a8 in bus_socket_make_message ../src/libsystemd/sd-bus/bus-socket.c:1165
#4 0x7fe57b90affe in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1294
#5 0x7fe57b92db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
#6 0x7fe57b933352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
#7 0x7fe57b84da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
#8 0x7fe57b2789e8 in bus_call_method ../src/shared/bus-locator.c:109
#9 0x40f71c in show_machine ../src/machine/machinectl.c:713
#10 0x7fe57b65c8cf in dispatch_verb ../src/shared/verbs.c:103
#11 0x42e9ce in machinectl_main ../src/machine/machinectl.c:2980
#12 0x42ebf9 in run ../src/machine/machinectl.c:3005
#13 0x42ed1f in main ../src/machine/machinectl.c:3008
#14 0x7fe579e4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
SUMMARY: AddressSanitizer: 1806 byte(s) leaked in 6 allocation(s).
(cherry picked from commit efdaa92ecb1b358e9f27f7d263bb3383f6ab69c9)
(cherry picked from commit 4d29f741c853b95b198f58a3b8f2ae1df175522e)
(cherry picked from commit ee06c7db0cd9d3d1104ae8bfdd1a6968a6b6b6a9)
+ machinectl image-status container1 container1 container0 container1 container2 container3 container4
=================================================================
==1354==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 4704 byte(s) in 6 object(s) allocated from:
#0 0x7fc3670ba097 in calloc (/lib64/libasan.so.8+0xba097)
#1 0x7fc365e91e8e in message_from_header ../src/libsystemd/sd-bus/bus-message.c:372
#2 0x7fc365e92dfd in bus_message_from_malloc ../src/libsystemd/sd-bus/bus-message.c:421
#3 0x7fc365f089a8 in bus_socket_make_message ../src/libsystemd/sd-bus/bus-socket.c:1165
#4 0x7fc365f0affe in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1294
#5 0x7fc365f2db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
#6 0x7fc365f33352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
#7 0x7fc365e4da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
#8 0x7fc3658789e8 in bus_call_method ../src/shared/bus-locator.c:109
#9 0x413b76 in show_image ../src/machine/machinectl.c:1014
#10 0x7fc365c5c8cf in dispatch_verb ../src/shared/verbs.c:103
#11 0x42e992 in machinectl_main ../src/machine/machinectl.c:2981
#12 0x42ebbd in run ../src/machine/machinectl.c:3006
#13 0x42ece3 in main ../src/machine/machinectl.c:3009
#14 0x7fc36444a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
Indirect leak of 666 byte(s) in 6 object(s) allocated from:
#0 0x7fc3670b95b5 in __interceptor_realloc.part.0 (/lib64/libasan.so.8+0xb95b5)
#1 0x7fc365f09822 in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1214
#2 0x7fc365f2db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
#3 0x7fc365f33352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
#4 0x7fc365e4da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
#5 0x7fc3658789e8 in bus_call_method ../src/shared/bus-locator.c:109
#6 0x413b76 in show_image ../src/machine/machinectl.c:1014
#7 0x7fc365c5c8cf in dispatch_verb ../src/shared/verbs.c:103
#8 0x42e992 in machinectl_main ../src/machine/machinectl.c:2981
#9 0x42ebbd in run ../src/machine/machinectl.c:3006
#10 0x42ece3 in main ../src/machine/machinectl.c:3009
#11 0x7fc36444a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
Indirect leak of 12 byte(s) in 6 object(s) allocated from:
#0 0x7fc36707243b in strdup (/lib64/libasan.so.8+0x7243b)
#1 0x7fc365ec1543 in message_parse_fields ../src/libsystemd/sd-bus/bus-message.c:4125
#2 0x7fc365e93586 in bus_message_from_malloc ../src/libsystemd/sd-bus/bus-message.c:443
#3 0x7fc365f089a8 in bus_socket_make_message ../src/libsystemd/sd-bus/bus-socket.c:1165
#4 0x7fc365f0affe in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1294
#5 0x7fc365f2db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
#6 0x7fc365f33352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
#7 0x7fc365e4da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
#8 0x7fc3658789e8 in bus_call_method ../src/shared/bus-locator.c:109
#9 0x413b76 in show_image ../src/machine/machinectl.c:1014
#10 0x7fc365c5c8cf in dispatch_verb ../src/shared/verbs.c:103
#11 0x42e992 in machinectl_main ../src/machine/machinectl.c:2981
#12 0x42ebbd in run ../src/machine/machinectl.c:3006
#13 0x42ece3 in main ../src/machine/machinectl.c:3009
#14 0x7fc36444a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
SUMMARY: AddressSanitizer: 5382 byte(s) leaked in 18 allocation(s).
(cherry picked from commit 4b6ce580eee3f70412637c1df4239e448995535f)
(cherry picked from commit e6a719598c80c284fb4b570c0eb89e7416616a98)
(cherry picked from commit 8dd68c29ff5a56bb4215fe9fcbb7399e21f6560c)
(cherry picked from commit 32fe629abc986195c4b8fc5f9b8be1b60b48e766)
(cherry picked from commit ea221dc6855b15006f7987f2f58788576725116b)
(cherry picked from commit fd1185cfd0b7f509ae8755074e914e264a401992)
(cherry picked from commit d7aee3f41f69f46d8328f658cab84f8a4b05bb86)
Backport of the cloexec filter for v253, and for v252 (actually tested
with v252). Note that I've left the name _s of the function parameter as
it was before.
(cherry picked from commit 4c3b06f255642c39b6dccb8b063efaf66bce88c9)
(cherry picked from commit 1e932bf95e5536fea97bc48f1a409e4f1d0f7f30)
So here's the thing. One library we use (libselinux) is opening fds
behind our back when we initialize it and keeps it open. On the other
hand we want to automatically pick up all fds passed in to us, so that
we can distribute them to our services and close the rest. We pick them
up very early in our code, to ensure that we don't get confused by open
fds at that point. Except that libselinux insists on being initialized
even earlier. So suddenly we might take possession of libselinux' fds,
and then close them later when we decide no service wants them. Then
during shutdown we close down selinux and selinux closes its fds, but
since already closed long ago this ight close our fds instead. Hilarity
ensues.
I wish low-level software wouldn't do such things behind our back, but
well, let's make the best of it.
This changes the fd pick-up logic to only pick up fds that have
O_CLOEXEC unset. O_CLOEXEC must be unset for any fds passed in to us
over execve() after all. And for all our own fds we should set O_CLOEXEC
since we generally don't want to litter fd tables for execve(). Also,
libselinux thankfully appears to set O_CLOEXEC correctly on its fds,
hence the filter works.
Fixes: #27491
(cherry picked from commit eb564f928e401def8d3aaa2a90f33cb09cdc1517)
Backport of the cloexec filter for v253, and for v252 (actually tested
with v252). Note that I've left the name _s of the function parameter as
it was before.
(cherry picked from commit 88bf6b5815d81cb6d29e9a41f752c70584fac062)
(cherry picked from commit 4dd3f8934a51d065d2b3df6d368989f9610a37b5)
The systemd-cryptenroll man page states:
Takes a comma separated list of numeric slot indexes, or the special
strings ..., or any combination of these strings or numeric
indexes, in which case all slots matching either are wiped.
but we'd allow only one special string at any given time as the value
was not ORed when assigning. So, for example, --wipe=recovery,password
would actually become --wipe=password, etc.
(cherry picked from commit b0582f6b635011506fdf68d0afdc128ab10f6c6a)
(cherry picked from commit aedfe41cdaeff8e2723e2cf09f6d7c9703c523c9)
(cherry picked from commit 66634a2d41491b3193d042fc682e9276a8fc7093)
