1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00
Commit Graph

17092 Commits

Author SHA1 Message Date
Daniel Mack
20725d929f bus-policy: add test utility
Add some test files and routines for dbus policy checking.
2014-09-20 18:47:45 +02:00
Daniel Mack
38349552d8 bus-policy: add policy check function
Add policy_check() to actually check whether an incoming message is allowed
by the policy. The code is not yet used from the proxy daemon, though.
2014-09-20 18:47:45 +02:00
Daniel Mack
ed91202f1c bus-policy: print numeric [gu]id in dump_items() 2014-09-20 18:47:45 +02:00
Daniel Mack
e42bb8d4ed bus-policy: do not exit() from policy_dump()
This function is quite useful for debugging. Exiting from it seems
unnecessary.
2014-09-20 18:47:45 +02:00
Daniel Mack
080edb3484 bus-policy: implement dump_items() with LIST_FOREACH
Instead of making the function call itself recursively.
2014-09-20 18:47:45 +02:00
Daniel Mack
9eacea6b51 bus-policy: resolve [ug]id of POLICY_ITEM_{USER,GROUP}
Do the lookup during parsing already, and set i->uid, or i->gid to the
numerical values.
2014-09-20 18:47:45 +02:00
Daniel Mack
c3502b59ec bus_policy: set i->[ug]id_valid 2014-09-20 18:47:45 +02:00
Daniel Mack
e7eb49db07 bus-policy: append items rather than prepending them
In the D-Bus policy, the order of items matters, so make sure to store them
in the same order as they are parsed by the sax parser.
2014-09-20 18:47:45 +02:00
Daniel Mack
303174638a bus-policy: story mandatory items in right list 2014-09-20 18:47:45 +02:00
Tom Gundersen
9158d03e40 test: udev - restrict nemuric uid's to existing ones
We now verify the existence of uid's before applying them to devicenodes, so change the
test accordingly. We assume that both uid/gid 1 and 2 exist on the test system.
2014-09-20 18:12:53 +02:00
David Herrmann
0fbd4d113e terminal: fix mode sync for connectors
The GETXY ioctls of DRM are usually called twice by libdrm: Once to
retrieve the number of objects, a second time with suitably sized buffers
to actually retrieve all objects. In grdrm, we avoid these excessive calls
and instead just call ioctls with cached buffers and resize them if they
were too small.

However, connectors need to read the mode list via EDID, which is horribly
slow. As the kernel still cannot do that asynchronously (seriously, we
need to fix this!), it has a hack to only do it if count_modes==0. This is
fine with libdrm, as it calls every ioctl twice, anyway. However, we fail
horribly with this as we usually never pass 0.

Fix this by calling into GETCONNECTOR ioctls twice in case we received an
hotplug event. Only in those cases, we need to re-read modes, so this
should be totally fine.
2014-09-20 11:46:49 +02:00
David Herrmann
f919ad9d3d terminal: restructure some logging calls in grdrm
Multiple issues here:
 1) Don't print excessive card dumps on each resync. Disable it and make
    developers add it themselves.
 2) Ignore EINVAL on page-flips. Some cards don't support page-flips, so
    we'd print it on each frame. Maybe, at some point, the kernel will add
    support to retrieve capabilities for that. Until then, simply ignore
    it.
 3) Replace the now dropped card-dump with a short message about resyncing
    the card.
2014-09-20 11:46:49 +02:00
David Herrmann
7b12a45b2d terminal: grdev: schedule virtual frame events if hw doesn't support it
Whenever we cannot use hardware frame events, we now schedule a virtual
frame event to make sure applications don't have to do this. Usually,
applications render only on data changes, but we can further reduce
render-time by also limiting rendering to vsyncs.
2014-09-20 11:46:49 +02:00
David Herrmann
3ec19e5d91 terminal: grdev: raise frame event after DISPLAY_ADD/CHANGE
Whenever a display is added or changed, we suppressed any frame events.
Make sure to raise them manually so we can avoid rendering when handling
anything but FRAME events.
2014-09-20 11:46:49 +02:00
David Herrmann
95dbf6b19e terminal: split grdrm_crtc_commit() apart
This helper is quite huge, split it apart to make it easier to follow.
2014-09-20 11:46:49 +02:00
David Herrmann
6221d249d1 terminal: grdev: refresh device state on hotplug events
Whenever we get udev hotplug events, re-read the device state so we
properly detect any changed in the display setups.
2014-09-20 11:46:49 +02:00
David Herrmann
a3eabec96b terminal: grdev: treat udev-devices without devnum as hotplug
If we get udev-device events via sysview, but they lack devnum
annotations, we know it cannot be a DRM card. Look through it's parents
and treat it as hotplug event in case we find such a card.

This will treat any new/removed connectors as sub-devices of the real
card, instead of as devices on its own.
2014-09-20 11:46:49 +02:00
David Herrmann
46c9a12780 terminal: modeset: forward DEVICE_CHANGE events into grdev
Properly forward DEVICE_CHANGE events into grdev so we can react to
changing display setups.
2014-09-20 11:46:49 +02:00
David Herrmann
39cf40e846 terminal: reduce speed of morphing colors in modeset test
The high frequency of the color-morphing is kinda irritating. Reduce it
to a much lower frequency so you can actually look at it longer than few
seconds.
2014-09-20 11:46:49 +02:00
David Herrmann
c1102405c1 terminal: make drm-connectors first-level devices
So far, we only forward DRM cards via sysview APIs. However, with MST,
connectors can be hotplugged, too. Forward the connectors as first-level
devices via sysview so API users can react to changing DRM connectors.
2014-09-20 11:46:49 +02:00
David Herrmann
965f7a3f9b terminal: forward DEVICE_CHANGE events via sysview
Whe need to react to "change" events on devices, but we want to avoid
duplicating udev-monitors everywhere. Therefore, make sysview forward
change events to the sysview controllers, which can then properly react
to it.
2014-09-20 11:46:49 +02:00
David Herrmann
3e7f6cf956 terminal: parse ID_SEAT not only for parents but the device itself
When deciding what seat a device is on, we have to traverse all parents
to find one with an ID_SEAT tag, otherwise, input devices plugged on a
seated USB-hub are not automatically attached to the right seat. But any
tags on the main device still overwrite the tags of the childs, so fix our
logic to check the device itself first, before traversing the parents.
2014-09-20 11:46:49 +02:00
Tom Gundersen
c00524c9cc nspawn: don't try to create veth link with too long ifname
Reported by: James Lott <james@lottspot.com>
2014-09-19 23:02:00 +02:00
David Herrmann
810626a80d terminal: add systemd-modeset debugging tool
The systemd-modeset tool is meant to debug grdev issues. It simply
displays morphing colors on any found display. This is pretty handy to
look for tearing in the backends and debug hotplug issues.

Note that this tool requires systemd-logind to be compiled from git
(there're important fixes that haven't been released, yet).
2014-09-19 14:48:54 +02:00
David Herrmann
f22e0bce37 terminal: add grdev DRM backend
The grdev-drm backend manages DRM cards for grdev. Any DRM card with
DUMB_BUFFER support can be used. So far, our policy is to configure all
available connectors, but keep pipes inactive as long as users don't
enable the displays on top.

We hard-code double-buffering so far, but can easily support
single-buffering or n-buffering. We also require XRGB8888 as format as
this is required to be supported by all DRM drivers and it is what VTs
use. This allows us to switch from VTs to grdev via page-flips instead of
deep modesets.

There is still a lot room for improvements in this backend, but it works
smoothly so far so more enhanced features can be added later.
2014-09-19 14:13:06 +02:00
David Herrmann
650c544427 terminal: add graphics interface
The grdev layer provides graphics-device access via the
libsystemd-terminal library. It will be used by all terminal helpers to
actually access display hardware.

Like idev, the grdev layer is built around session objects. On each
session object you add/remove graphics devices as they appear and vanish.
Any device type can be supported via specific card-backends. The exported
grdev API hides any device details.

Graphics devices are represented by "cards". Those are hidden in the
session and any pipe-configuration is automatically applied. Out of those,
we configure displays which are then exported to the API user. Displays
are meant as lowest hardware entity available outside of grdev. The
underlying pipe configuration is fully hidden and not accessible from the
outside. The grdev tiling layer allows almost arbitrary setups out of
multiple pipes, but so far we only use a small subset of this. More will
follow.

A grdev-display is meant to represent real connected displays/monitors.
The upper level screen arrangements are user policy and not controlled by
grdev. Applications are free to apply any policy they want.

Real card-backends will follow in later patches.
2014-09-19 14:05:52 +02:00
David Herrmann
2ec3ff668f login: pause devices before acknowledging VT switches
If a session controller does not need synchronous VT switches, we allow
them to pass VT control to logind, which acknowledges all VT switches
unconditionally. This works fine with all sessions using the dbus API,
but causes out-of-sync device use if we switch to legacy sessions that
are notified via VT signals. Those are processed before logind notices
the session-switch via sysfs. Therefore, leaving the old session still
active for a short amount of time.

This, in fact, may cause the legacy session to prepare graphics devices
before the old session was deactivated, and thus, maybe causing the old
session to interfer with graphics device usage.

Fix this by releasing devices immediately before acknowledging VT
switches. This way, sessions without VT handlers are required to support
async session switching (which they do in that case, anyway).
2014-09-19 13:26:39 +02:00
Michal Sekletar
16115b0a7b socket: introduce SELinuxContextFromNet option
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.

Implementation of label_get_child_mls_label derived from xinetd.

Reviewed-by: Paul Moore <pmoore@redhat.com>
2014-09-19 12:32:06 +02:00
Tom Gundersen
863f3ce0d0 shared: wtmp-utmp - don't clear store_wtmp in utmp_put_dead_process()
Also modernize a few other things and add comments to explain CID #1237503
and CID #1237504.
2014-09-19 08:06:52 +02:00
Thomas Hindoe Paaboel Andersen
cbb452e7ef test: warn if we could not parse the loop count argument
Found by coverity. Fixes: CID#1237512
2014-09-19 01:45:59 +02:00
Emil Renner Berthing
8e8af4cfc7 shared/sparse-endian.h: add missing byteswap.h include 2014-09-19 00:27:42 +02:00
Emil Renner Berthing
45f15021e3 shared/label.h: add missing stdio.h include 2014-09-19 00:26:49 +02:00
David Herrmann
fb1f4170d0 pty: include linux/ioctl.h for TIOCSIG
TIOCSIG is linux specific, so include the linux ioctl header to make sure
it's defined. We currently rely on some rather non-obvious recursive
includes. Make sure its always defined regardless of the system headers.
2014-09-19 00:26:49 +02:00
Thomas Hindoe Paaboel Andersen
66a16e7e9f nss: remove dead code
c > 0 is already guaranteed from earlier checks.

We go from

ms = ALIGN(l+1) +
        sizeof(char*) +
        (c > 0 ? c : 1) * ALIGN(alen) +
        (c > 0 ? c+1 : 2) * sizeof(char*);

to

ms = ALIGN(l+1) +
        sizeof(char*) +
        c * ALIGN(alen) +
        (c+1) * sizeof(char*);

to

ms = ALIGN(l+1) + c * ALIGN(alen) + (c+2) * sizeof(char*);

Found by coverity. Fixes: CID#1237570 and CID#1237610
2014-09-19 00:15:39 +02:00
Tom Gundersen
2f905e821e timesyncd: check return of setting IP_TOS
Fonud by Coverity. Fixes CID #1237534.
2014-09-18 23:37:07 +02:00
Tom Gundersen
25773e7fc5 udevd: don't fail if /run/udev exists 2014-09-18 21:57:49 +02:00
Tom Gundersen
65fea570f0 udev: fix typos
Spotted by Andreas Henriksson.
2014-09-18 20:25:33 +02:00
Tom Gundersen
4bbdff757e udev: ctrl - log if setting SO_PASSCRED fails
No functional change.

Found by Coverity. Fixes CID #1237533.
2014-09-18 19:26:11 +02:00
Tom Gundersen
543afdc63c udev: node - warn if chmod/chown fails
No functional change, just log the warning.

Fonud by Coverity. Fixes CID #1237544.
2014-09-18 19:22:09 +02:00
Tom Gundersen
f901aaadd6 udevadm: hwdb - check return value of fseeko()
Fonud by Coverity. Fixes CID #996255.
2014-09-18 19:16:54 +02:00
Tom Gundersen
d457ff8319 udevd: check return of various functions
One reported by Coverity. Fixes CID #996252.
2014-09-18 19:10:23 +02:00
Tom Gundersen
6f5cf8a8b1 udevd: parse_argv - warn if argumens are invalid
Found by Coverity. Fixes CID #1238780.
2014-09-18 19:02:42 +02:00
Andreas Henriksson
b1604b341b journal-remote: check return code of sd_event_default
Handle sd_event_default returning error and bail out properly
as done in every other caller of this function.

Found by coverity. Fixes: CID#1238957
2014-09-18 18:33:44 +02:00
Philippe De Swert
56d21cdebc sysusers: Remove some gcc warnings about uninitialized variables
Gcc is spewing some warnings about uninitialized variables.
Let's get rid of the noise.
2014-09-18 18:32:18 +02:00
Philippe De Swert
96f2f3b1b5 core: Remove uninitialized warnings from bus-endpoint.c
Gcc is spewing some warnings about uninitialized variables.
Let's get rid of the noise.
2014-09-18 18:32:18 +02:00
Philippe De Swert
b88a40a7e5 journal-upload: Remove compilation warning
When compiling we see this curl warning popping up:
src/journal-remote/journal-upload.c:194:17: warning: call to
‘_curl_easy_setopt_err_error_buffer’ declared with attribute
warning: curl_easy_setopt expects a char buffer of CURL_ERROR_SIZE
as argument for this option [enabled by default]
This patch removes the warning (which occurs twice).
2014-09-18 18:32:18 +02:00
Emil Renner Berthing
141a1ceaa6 mount: order options before other arguments to mount 2014-09-18 18:12:51 +02:00
Emil Renner Berthing
fdb8bd0fe7 include fcntl.h rather than sys/fcntl.h 2014-09-18 17:59:15 +02:00
Emil Renner Berthing
1ed96046cb sd-rtnl: rtnl-message: remove unneeded linux includes 2014-09-18 17:37:55 +02:00
Emil Renner Berthing
58c9846d32 udev: link-config: remove unneded linux/netdevice.h include 2014-09-18 17:36:20 +02:00