shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-03-10 16:58:28 +03:00
Code
68,282 Commits 4 Branches 403 Tags
Commit Graph

68282 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Luca Boccassi
759cca0348
Merge pull request #29629 from bluca/mount_tunnel_pidref 
mount tunnel: use PidRef
 2023-10-19 18:59:22 +01:00
Luca Boccassi
6fbd1b0457
Merge pull request #29623 from YHNdnzj/core-followup 
Follow-ups for recent changes to core/
 2023-10-19 18:04:40 +01:00
Frantisek Sumsal
e98f7f9122 test: skip Protect{Home,System}= tests with coverage builds 
With coverage builds we disable Protect{Home,System}= via a service.d
dropin in /etc, which has, unfortunately, higher priority than our
transient systemd-run stuff. Let's just skip the affected tests in that
case instead of making the test setup even more complicated.
 2023-10-19 18:03:57 +01:00
Zbigniew Jędrzejewski-Szmek
af189d7b50 pid1,vconsole-setup: lock /dev/console instead of the tty device 
As requested in https://github.com/systemd/systemd/pull/27867#pullrequestreview-1567161854.
/dev/console, /dev/tty0, and /dev/ttyN are "different" device nodes
that may point to a single underlying device. We want to use a single
lock so that we don't get a race if different writers are using a different
device path, so let's just always lock around /dev/console.
This effectively makes the locking less granular.

Fixup for a0043bfa51281c2374878e2a98cf2a3ee10fd92c.
Fixes https://github.com/systemd/systemd/issues/28721.
Maybe fixes https://github.com/systemd/systemd/issues/28778 and
https://github.com/systemd/systemd/issues/28634.
 2023-10-19 18:03:21 +01:00
Frantisek Sumsal
a2dd592002 test: unify checking for user xattrs support in cgroupfs 
Also, run the coredump forwarding test only if user xattrs are
supported.
 2023-10-19 18:01:07 +01:00
Zbigniew Jędrzejewski-Szmek
725e646854 meson: generate proper version tag when git fails on permission errors 
When building with mkosi I would get the following:

    [1/477] Generating version.h with a custom command
    fatal: detected dubious ownership in repository at '/work/src'
    To add an exception for this directory, call:

            git config --global --add safe.directory /work/src

and then the tag would be generated as 'v254-'. This is obviously some problem
with the setup, but we should handle this gracefully. Let's fall back to 'v254'
instead.

In the case where we have a repo but no tags, use --dirty=^ too, as in the case
with tags.

I tested four cases:
- normal checkout
- checkout with .git removed
- checkout with .git chowned to root
- checkout wiht all tags removed
 2023-10-19 17:52:44 +02:00
Luca Boccassi
8c08523736 Update TODO 2023-10-19 16:31:05 +01:00
Luca Boccassi
5f48198af8 mount tunnel: use PidRef 2023-10-19 16:31:05 +01:00
Frantisek Sumsal
d31330c1fa core: properly cleanup ExecParameter's prefix array 2023-10-19 16:59:43 +02:00
Frantisek Sumsal
4701425dd5 test: add coverage for #29610 
As reproducing it is actually pretty easy, with the benefit of hindsight:

~# systemd-run -P -p MountImages="/this/should/definitely/not/exist.img:/run/img2\:3:nosuid" false
Running as unit: run-u42.service
free(): double free detected in tcache 2
 2023-10-19 16:23:28 +02:00
Frantisek Sumsal
447894be41 test: add a real-world state to the corpus 
To give the fuzzer a nice head start.
 2023-10-19 16:12:45 +02:00
Mike Yuan
bca0805311
core/service: check error first and log about errno 
Follow-up for becdfcb9f1cb555c50dcfe51894cb0b155f7f01e
 2023-10-19 21:37:39 +08:00
Mike Yuan
f65a40fb0b
cgroup-util: use RET_GATHER more, return first error 2023-10-19 21:37:33 +08:00
Mike Yuan
dbc0342e61
core/exec-invoke: use correct exit status 
These calls can fail not only due to OOM.
 2023-10-19 21:37:33 +08:00
Mike Yuan
bbe92ea5cc
core/namespace: merge if blocks 2023-10-19 21:37:33 +08:00
Luca Boccassi
9dc6a6af28 executor: fix double free of MountOptions 
This list is owned by ExecContext, which is cleaned up when sd-executor
fails, but it is also cleaned up when namespace setup exits, so we get
a double free.

Fixes https://github.com/systemd/systemd/issues/29610

Follow-up for bb5232b6a3
 2023-10-19 14:24:55 +01:00
Luca Boccassi
41204a6d74
Merge pull request #29617 from keszybz/efi-no-xmalloc0 
efi: drop duplicate initialization to 0
 2023-10-19 14:23:54 +01:00
Arseny Maslennikov
8b45281daa seccomp: also check the mode parameter of fchmodat2(2) 
If there is no libseccomp support, just ban the entire syscall instead
so wrappers will fall back to older, supported syscalls.
Also reflect all of this in `test-seccomp.c`.
 2023-10-19 15:53:58 +03:00
Arseny Maslennikov
6e10405aa2 seccomp: include fchmodat2 in @file-system 2023-10-19 15:53:45 +03:00
Yu Watanabe
be3b6b6fe5 cgroup-util: drop dead code block 
Follow-up for 4d1b2df199227ed4b934bbcb054364e92e93a1a6.

Fixes CID#1522888.
 2023-10-19 20:24:54 +08:00
Arseny Maslennikov
3677364cc3 basic/missing_syscall: generate defs for fchmodat2(2) 
We will need this to set seccomp filters on this system call regardless
of libseccomp or kernel support.
 2023-10-19 14:07:54 +03:00
Arseny Maslennikov
c83f838193 Update system call tables for Linux 6.6 
We are doing this to obtain the definition of fchmodat2.
 2023-10-19 14:07:54 +03:00
Arseny Maslennikov
a539314a87 seccomp: fix debug logging typo 
Fixes: da4dc9a67487 ("seccomp: rework how the S[UG]ID filter is installed")
 2023-10-19 14:07:54 +03:00
Luca Boccassi
1ca8cc9fb6
Merge pull request #29595 from YHNdnzj/systemctl-failed-system 
systemctl: is-failed: check if system is degraded when no unit given
 2023-10-19 12:07:37 +01:00
Zbigniew Jędrzejewski-Szmek
6e98ddf825 efi: drop unused xmalloc0() 
Keeping this separate to make it easy to revert if it's ever needed again.
 2023-10-19 12:24:53 +02:00
Zbigniew Jędrzejewski-Szmek
586f19976a efi: do not memzero fields before initializing them 
In all three cases we immediately overwrite the whole field anyway,
so the call to memzero is not needed.
 2023-10-19 12:24:53 +02:00
Arthur Shau
1bd0b9c053 varlink: Add new varlink_collect method 
varlink_collect is meant to be used when the client is willing to wait for the reply from the varlink method, much like varlink_call.
However, unlike varlink_call, it allows the client to collect all "more" replies that may be sent by method before the "final" reply is enqueued.
It aggregates all of these replies into a json variant array that it returns to the client.
 2023-10-19 11:52:09 +02:00
Yu Watanabe
0c3d606c50 core/namespace: split out create_temporary_mount_point() 
No functional change, preparation for later commits.
 2023-10-19 18:45:51 +09:00
Yu Watanabe
cbdac0c33a tree-wide: check results of PAGE_ALIGN() 
Fixes CID#1491282, CID#1491283, CID#1491285, CID#1491288.
 2023-10-19 18:31:44 +09:00
Yu Watanabe
c886f2d26e mmap-cache: check offset and size more carefully 
PAGE_ALIGN() and friends take size_t, while offset is uint64_t.
Let's use macros for uint64_t.

Also, mmap() takes size_t for size. So, let's also use size_t to
calculate a window size.

Prompted by CID#1491286.
 2023-10-19 18:31:44 +09:00
Yu Watanabe
ffee7b97e3 macro: introduce u64_multiply_safe() to avoid overflow 
Just a paranoia.
 2023-10-19 18:31:44 +09:00
Yu Watanabe
b39907c712 sd-journal: use PAGE_ALIGN_U64() and friends 
This also make constants declared with UINT64_C().
 2023-10-19 18:31:44 +09:00
Yu Watanabe
2977904cad macro: introduce several helper functions for alignment 
Some of them are not used in this commit, but will be used later.
 2023-10-19 18:31:44 +09:00
Yu Watanabe
d54c0f37d8 macro: paranoia about overflow 
E.g. Consider the case ALIGN_TO(SIZE_MAX - 3, 4). The overflow check
passes as the condition
```
SIZE_MAX - 3 > SIZE_MAX - (4 - 1)
```
is false.
However, the value
```
l + ali - 1
```
may overflow as it is equivalent to
```
SIZE_MAX - 3 + 4 - 1
```
 2023-10-19 18:31:44 +09:00
Yu Watanabe
86cbbc6d05 tree-wide: check if return value of lseek() and friends is negative 
We usually check return value of syscalls or glibc functions by it is
negative or not, something like that `if (stat(path, &st) < 0)`.
Let's also use the same style for lseek() and friends even the type of
their return value is off_t.

Note, fseeko() returns int, instead of off_t.
 2023-10-19 18:31:44 +09:00
Frantisek Sumsal
4820c9d417 fuzz: unify logging setup 
Make sure we don't log anything when running in "fuzzing" mode. Also,
when at it, unify the setup logic into a helper, pretty similar to
the test_setup_logging() one.

Addresses:
  - https://github.com/systemd/systemd/pull/29558#pullrequestreview-1676060607
  - https://github.com/systemd/systemd/pull/29558#discussion_r1358940663
 2023-10-19 10:05:20 +01:00
Luca Boccassi
47174dc054
Merge pull request #29611 from mrc0mmand/execute-serialize-fuzz 
test: add a fuzzer for exec_{serialize,deserialize}_invocation()
 2023-10-18 23:33:00 +01:00
Frantisek Sumsal
892eb4d795 core: don't assert when serializing malformed state 2023-10-18 22:44:16 +02:00
Frantisek Sumsal
81c4be64da test: add a fuzzer for exec_{serialize,deserialize}_invocation() 2023-10-18 22:44:16 +02:00
Mike Yuan
2ee346160c
systemctl: is-failed: check if system is degraded when no unit given 
Closes #3335
 2023-10-19 00:12:28 +08:00
Mike Yuan
def1e20a18
systemctl: minor modernization 2023-10-19 00:12:27 +08:00
Lennart Poettering
81c1c387fe
Merge pull request #29594 from poettering/cgroup-rename-ret-params 
more pidfdification
 2023-10-18 17:25:44 +02:00
Frantisek Sumsal
7e9c7d6f5b test: use Type=exec for the test unit 
Make sure everything we need is set up before continuing further with
the test. This should, hopefully, help with a race where we check
a dynamic user before it's created by NFTSet= stuff.

Before:
$ journalctl -o short-monotonic --grep '(test-nft|NFT|testsuite-75)' --no-hostname
...
[ 3657.929223] testsuite-75.sh[48]: + systemd-run -u test-nft.service -p DynamicUser=yes -p 'NFTSet=cgroup:inet:sd_test:c user:inet:sd_test:u group:inet:sd_test:g' sleep 10000
...
[ 3657.977372] systemd[1]: test-nft.service: Changed dead -> running
[ 3657.977388] systemd[1]: test-nft.service: Job 376 test-nft.service/start finished, result=done
[ 3657.977407] testsuite-75.sh[853]: Running as unit: test-nft.service; invocation ID: 8776af2ec7864a60a058cb5d403d1ca6
[ 3657.982437] testsuite-75.sh[856]:                 elements = { "system.slice/test-nft.service" }
[ 3657.984570] testsuite-75.sh[48]: + grep -qF test-nft.service /tmp/tmp.uqXKfyzcpJ
[ 3657.985400] testsuite-75.sh[859]: ++ getent passwd test-nft
[ 3657.986434] systemd[1]: varlink-12: New incoming message: {"method":"io.systemd.UserDatabase.GetUserRecord","parameters":{"userName":"test-nft","service":"io.systemd.DynamicUser"}}
[ 3657.986503] systemd[1]: varlink-12: Sending message: {"error":"io.systemd.UserDatabase.NoRecordFound","parameters":{}}
[ 3657.986643] systemd[1]: testsuite-75.service: Child 48 belongs to testsuite-75.service.
[ 3657.986660] systemd[1]: testsuite-75.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
[ 3657.986681] systemd[1]: testsuite-75.service: Failed with result 'exit-code'.
...
[ 3657.989885] systemd[1]: test-nft.service: User lookup succeeded: uid=64568 gid=64568
[ 3657.989936] systemd[1]: Added NFT set: family inet, table sd_test, set u, ID 64568
[ 3657.989965] systemd[1]: Added NFT set: family inet, table sd_test, set g, ID 64568

After:
$ journalctl -o short-monotonic --grep '(test-nft|NFT|testsuite-75)' --no-hostname
[ 1523.874408] testsuite-75.sh[49]: + systemd-run -u test-nft.service --service-type=exec -p DynamicUser=yes -p 'NFTSet=cgroup:inet:sd_test:c user:inet:sd_test:u group:inet:sd_test:g' sleep 10000
...
[ 1523.924091] systemd[1]: Starting test-nft.service...
[ 1523.928891] systemd[1]: test-nft.service: User lookup succeeded: uid=64568 gid=64568
[ 1523.929102] systemd[1]: Added NFT set: family inet, table sd_test, set u, ID 64568
[ 1523.929220] systemd[1]: Added NFT set: family inet, table sd_test, set g, ID 64568
...
[ 1523.933263] systemd[1]: Started test-nft.service.
[ 1523.933626] testsuite-75.sh[849]: Running as unit: test-nft.service; invocation ID: d1a5c3eacbc647a7a5fcbd46c7b2f863
[ 1523.940810] testsuite-75.sh[852]:                 elements = { "system.slice/test-nft.service" }
[ 1523.942880] testsuite-75.sh[49]: + grep -qF test-nft.service /tmp/tmp.gWka2x3mQq
[ 1523.944031] testsuite-75.sh[855]: ++ getent passwd test-nft
[ 1523.945496] systemd[1]: varlink-18: New incoming message: {"method":"io.systemd.UserDatabase.GetUserRecord","parameters":{"userName":"test-nft","service":"io.systemd.DynamicUser"}}
[ 1523.951593] systemd[1]: varlink-18: Sending message: {"parameters":{"record":{"userName":"test-nft","uid":64568,"gid":64568,"realName":"Dynamic User",...
 2023-10-18 16:08:44 +01:00
Lennart Poettering
06044356de manager: move idle_pipe allocation to manager.c and make it atomic 
Let's make sure it either fails or suceeds, but never fails half-way
leaving a half-initialized array around.
 2023-10-18 16:07:41 +01:00
Luca Boccassi
668d60627e
Merge pull request #29583 from poettering/deserialize-fd-many 
add serialize_fd_many() + deserialize_fd_many() helpers
 2023-10-18 16:06:22 +01:00
Lennart Poettering
1158b06b47 update TODO 2023-10-18 14:49:40 +02:00
Lennart Poettering
d0547385d9 test-cgroup: make test case a bit more robust towards previous aborted runs 2023-10-18 14:49:40 +02:00
Lennart Poettering
2d79017564 killall: port killing spree loop over to PidRef 2023-10-18 14:49:40 +02:00
Lennart Poettering
957f84e950 test: port tests over to new /proc/ enumeration API 2023-10-18 14:49:40 +02:00
Lennart Poettering
eefb7d22ce process-util: add API for enumerating processes in /proc/ and pinning them via PidRef 2023-10-18 14:49:40 +02:00