1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00
Commit Graph

69636 Commits

Author SHA1 Message Date
Frantisek Sumsal
fcd2db31c0 coccinelle: properly drop braces around single-statement if()s 2023-12-25 13:53:02 +01:00
Frantisek Sumsal
6688db4194 coccinelle: fix the log-json rule
As it generated very questionable results.
2023-12-25 13:53:02 +01:00
Frantisek Sumsal
c988ef4cf4 coccinelle: rework how we run the Coccinelle transformations
Turns out that the original way we did things was quite broken, as it
skipped a _lot_ of code. This was because we just threw everything into
one pile and tried to spatch it, but this made Coccinelle sad, like when
man page examples redefined some of our macros, causing typedef
conflicts.

For example, with a minimal reproducer that defines a cleanup macro in
two source files, Coccinelle has no issues when spatch-ing each one
separately:

$ spatch --verbose-parsing --sp-file zz-drop-braces.cocci main.c
init_defs_builtins: /usr/lib64/coccinelle/standard.h
HANDLING: main.c
SPECIAL NAMES: adding _cleanup_ as a attribute with arguments
SPECIAL NAMES: adding _cleanup_free_ as a attribute

$ spatch --verbose-parsing --sp-file zz-drop-braces.cocci
logcontrol-example.c
init_defs_builtins: /usr/lib64/coccinelle/standard.h
HANDLING: logcontrol-example.c
SPECIAL NAMES: adding _cleanup_ as a attribute with arguments

But when you try to spatch both of them at once, Coccinelle starts
complaining and skipping the "bad" code:

$ spatch --verbose-parsing --sp-file zz-drop-braces.cocci main.c logcontrol-example.c
init_defs_builtins: /usr/lib64/coccinelle/standard.h
HANDLING: main.c logcontrol-example.c
SPECIAL NAMES: adding _cleanup_ as a attribute with arguments
SPECIAL NAMES: adding _cleanup_free_ as a attribute
remapping: _cleanup_ to an ident in macro name
ERROR-RECOV: found sync end of #define, line 44
parsing pass2: try again
ERROR-RECOV: found sync end of #define, line 44
parse error
 = File "logcontrol-example.c", line 44, column 21, charpos = 1719
  around = '__attribute__',
  whole content = #define _cleanup_(f) __attribute__((cleanup(f)))
badcount: 2
bad: #include <systemd/sd-journal.h>
bad:
BAD:!!!!! #define _cleanup_(f) __attribute__((cleanup(f)))

This was, unfortunately, hidden as it is visible only with
--verbose-parsing (or --parse-error-msg).

Another issue was how we handled includes. The original way of throwing
them into the pile of source files doesn't really work, leading up to
similar issues as above. The better way is to let Coccinelle properly
resolve all includes by telling it where to find our own include files
(basically the same thing we already do during compilation).

After fixing all this, Coccinelle now has a chance to process much more
of our code (there are still some issues in more complex macros, but
that requires further investigation). However, there's a huge downside
from all of this - doing a _proper_ code analysis is surprisingly time
and resource heavy; meaning that processing just one Coccinelle rule now
takes 15 - 30 minutes.

To make this slightly less painful, Coccinelle supports caching the
generated ASTs, which actually helps a lot - it gets the runtime of one
rule from 15 - 30 minutes down to ~1 minute. It, of course, has its own
downside - the cache is _really_ big (ATTOW the cache takes ~15 GiB).

However, even with the aggressive AST caching you're still looking at
~1 hour for one full Coccinelle run, which is a bit annoying, but I
guess that's the price of doing things _properly_ (but I'll definitely
look into ways of further optimizing this).
2023-12-25 13:52:42 +01:00
Yu Watanabe
902279f0e4
Merge pull request #30620 from mrc0mmand/more-test-tweaks
test: a couple of fixes for failing tests
2023-12-25 00:19:14 +09:00
Frantisek Sumsal
b4a21d5148 busctl: avoid asserting on NULL message
Avoid passing a NULL message to sd_bus_message_is_signal(), to not trip
over an assertion:

[  132.869436] H testsuite-82.sh[614]: + systemctl --no-block --check-inhibitors=yes soft-reboot
[  132.967386] H systemd[1]: Created slice system-systemd\x2dcoredump.slice.
[  133.018292] H systemd[1]: Starting inhibit.service...
[  133.122610] H systemd[1]: Started systemd-coredump@0-665-0.service.
[  133.163643] H systemd[1]: Started inhibit.service.
[  133.206836] H testsuite-82.sh[614]: + exec sleep infinity
[  133.236762] H systemd-logind[611]: The system will reboot now!
[  135.891607] H systemd-coredump[667]: [🡕] Process 663 (busctl) of user 0 dumped core.

                                        Stack trace of thread 663:
                                        #0  0x00007f2ec45e6acf raise (libc.so.6 + 0x4eacf)
                                        #1  0x00007f2ec45b9ea5 abort (libc.so.6 + 0x21ea5)
                                        #2  0x00007f2ec4b5c9a6 log_assert_failed (libsystemd-shared-255.so + 0x1ff9a6)
                                        #3  0x00007f2ec4b5dca5 log_assert_failed_return (libsystemd-shared-255.so + 0x200ca5)
                                        #4  0x00007f2ec4bb3df6 sd_bus_message_is_signal (libsystemd-shared-255.so + 0x256df6)
                                        #5  0x000000000040e478 monitor (busctl + 0xe478)
                                        #6  0x000000000040e82f verb_monitor (busctl + 0xe82f)
                                        #7  0x00007f2ec4b202cb dispatch_verb (libsystemd-shared-255.so + 0x1c32cb)
                                        #8  0x00000000004074fa busctl_main (busctl + 0x74fa)
                                        #9  0x0000000000407525 run (busctl + 0x7525)
                                        #10 0x000000000040ff67 main (busctl + 0xff67)
                                        #11 0x00007f2ec45d2d85 __libc_start_main (libc.so.6 + 0x3ad85)
                                        #12 0x00000000004044be _start (busctl + 0x44be)
                                        ELF object binary architecture: AMD x86-64
[  136.141152] H dbus-daemon[634]: [system] Monitoring connection :1.2 closed.
[  136.152233] H systemd[1]: busctl.service: Main process exited, code=dumped, status=6/ABRT
[  136.153996] H systemd[1]: busctl.service: Failed with result 'core-dump'.

The asertion in question:

Assertion 'm' failed at src/libsystemd/sd-bus/bus-message.c:1015, function sd_bus_message_is_signal(). Aborting.

We can get a NULL message here through sd_bus_process() ->
bus_process_internal() -> process_running(), so let's handle this case
appropriately.
2023-12-24 15:04:28 +01:00
Frantisek Sumsal
4ddf27c57b test: flush the socket once the triggered unit exits
Since the triggered unit intentionally fails without consuming any data
from the socket, we'd try to trigger it again and again, and we might
try to check the unit state in one of the "in-between" states, failing
the test:

[  165.271698] H testsuite-07.sh[1032]: + systemctl start badbin_assert.socket
[  165.977637] H testsuite-07.sh[1032]: + socat - ABSTRACT-CONNECT:badbin_assert.socket
[  165.983787] H systemd[1]: Cannot find unit for notify message of PID 1039, ignoring.
[  166.817187] H testsuite-07.sh[1032]: + timeout 10 sh -c 'while systemctl is-active badbin_assert.service; do sleep .5; done'
[  167.049218] H testsuite-07.sh[1065]: active
[  167.146854] H systemd[1]: Listening on badbin_assert.socket.
[  167.163473] H systemd[1]: badbin_assert.socket: Incoming traffic
[  167.542626] H systemd[1]: Cannot find unit for notify message of PID 1065, ignoring.
[  167.543437] H (badbin)[1062]: badbin_assert.service: Failed to execute /tmp/badbin: Exec format error
[  167.548346] H systemd[1]: badbin_assert.service: Main process exited, code=exited, status=203/EXEC
[  167.549482] H systemd[1]: badbin_assert.service: Failed with result 'exit-code'.
[  167.561537] H systemd[1]: badbin_assert.socket: Incoming traffic
[  167.933390] H systemd[1]: Started badbin_assert.service.
[  167.950489] H (badbin)[1070]: badbin_assert.service: Failed to execute /tmp/badbin: Exec format error
[  167.956318] H systemd[1]: badbin_assert.service: Main process exited, code=exited, status=203/EXEC
[  167.957173] H systemd[1]: badbin_assert.service: Failed with result 'exit-code'.
[  167.974609] H systemd[1]: badbin_assert.socket: Incoming traffic
[  168.042838] H testsuite-07.sh[1072]: failed
[  168.094431] H testsuite-07.sh[1075]: ++ systemctl show -P ExecMainStatus badbin_assert.service
[  168.704022] H systemd[1]: Started badbin_assert.service.
[  168.778680] H (badbin)[1074]: badbin_assert.service: Failed to execute /tmp/badbin: Exec format error
[  168.826881] H systemd[1]: badbin_assert.service: Main process exited, code=exited, status=203/EXEC
[  168.833825] H systemd[1]: badbin_assert.service: Failed with result 'exit-code'.
[  168.923931] H testsuite-07.sh[1032]: + [[ 0 == 203 ]]
[  168.951492] H systemd[1]: Cannot find unit for notify message of PID 1075, ignoring.
[  168.999862] H testsuite-07.sh[615]: + echo 'Subtest /usr/lib/systemd/tests/testdata/units/testsuite-07.issue-30412.sh failed'
[  168.999862] H testsuite-07.sh[615]: Subtest /usr/lib/systemd/tests/testdata/units/testsuite-07.issue-30412.sh failed

Follow-up for 1eeaa93de3 and 28a2d27650.
2023-12-24 13:00:56 +01:00
Yu Watanabe
891e81edf4
Merge pull request #30615 from dtardon/docbook-valid-1
DocBook validation fixes (part 1)
2023-12-24 19:27:26 +09:00
David Tardon
7e59b569a1 man: adjust indentation 2023-12-24 10:46:55 +01:00
David Tardon
74512bbc38 man: use the right element for untitled example 2023-12-24 09:43:22 +01:00
David Tardon
74cd284ad0 man: fix markup 2023-12-24 09:43:22 +01:00
David Tardon
b2e6aae674 man: fix option value 2023-12-24 09:43:22 +01:00
David Tardon
1eb07e6ffa man: fix markup 2023-12-24 09:43:22 +01:00
David Tardon
5b297dcec8 man: drop stray empty paragraph 2023-12-24 09:32:29 +01:00
David Tardon
3c2b711f4a man: wrap sentinel in <parameter> 2023-12-24 09:32:28 +01:00
David Tardon
08b96745dd man: use just one <listitem> for the description
<varlistentry> allows one or more <term>s, but exactly one <listitem>.
2023-12-24 09:32:28 +01:00
David Tardon
7a0f2298b8 man: wrap the whole description in <listitem>
Unfortunately, version-info includes and standard-options includes are
not composable...
2023-12-24 09:32:28 +01:00
David Tardon
35fcba4a8c man: move misplaced </varlistentry> 2023-12-24 09:32:28 +01:00
David Tardon
d9655d11bc man: move </listitem> to the right position 2023-12-24 09:32:28 +01:00
David Tardon
a5fcbfea45 man: add missing <listitem> 2023-12-24 09:32:28 +01:00
David Tardon
35fc10756b man: add missing <cmdsynopsis> wrapper 2023-12-24 09:32:28 +01:00
David Tardon
af355f198e man: add required <title> 2023-12-24 09:32:26 +01:00
David Tardon
bbd0645a3e man: match doctype and root element 2023-12-24 09:23:53 +01:00
Luca Boccassi
d6fe382122
Merge pull request #30594 from yuwata/udev-timeout-cleanups
udev: several cleanups for timeout settings
2023-12-24 00:26:13 +01:00
Luca Boccassi
65e1e29e55
Merge pull request #30596 from yuwata/sd-device-db-cleanups
sd-device: several cleanups for udev database related functions
2023-12-24 00:23:35 +01:00
Luca Boccassi
85915f312c meson: check for pefile dependency before enabling ukify
ukify (and all the tests, including the autogenerated check-version-ukify)
does not work unless pefile is available, so track it as a dependency
in meson to avoid unit test failures later
2023-12-24 06:54:41 +09:00
Yu Watanabe
48e06208ce
Merge pull request #30609 from YHNdnzj/analyze-fdstore
analyze-fdstore: minor fixups
2023-12-24 06:44:31 +09:00
Yu Watanabe
36013380a9 core/executor: use log level specified in LogLevelMax=
Follow-up for cc9f4cad8c.

Otherwise, still unexpected lines may be logged by executor.
2023-12-24 06:44:03 +09:00
Mike Yuan
c6195c9667
analyze-fdstore: don't log duplicate error
table_print_with_pager() logs print error internally.
2023-12-24 04:27:55 +08:00
Mike Yuan
9e710d2665
analyze-fdstore: ignore table header when checking stored fd count 2023-12-24 04:27:55 +08:00
Yu Watanabe
08ba85c71e systemctl: swap cached_id_map and cached_name_map at one more place
Follow-up for 2962a50850.
Fortunately, this does not change any behavior.

Replaces #30601.
Fixes CID#1532831.
2023-12-24 03:41:09 +09:00
Yu Watanabe
d24d9a3786
Merge pull request #30604 from mrc0mmand/test-journal-shenanigans
test: redirect stdout/stderr of TEST-04-JOURNAL to console as well
2023-12-24 03:40:50 +09:00
Yu Watanabe
c4d501d060
Merge pull request #30587 from mrc0mmand/test-stuff
test: slightly extend uid0's coverage
2023-12-24 03:40:22 +09:00
Raito Bezarius
b49595503d networkd: support proxy_arp_pvlan sysctl
The proxy ARP private VLAN sysctl is useful for VLAN aggregation, see
https://sysctl-explorer.net/net/ipv4/proxy_arp_pvlan/ for details.
2023-12-24 03:40:03 +09:00
Yu Watanabe
b6c424a2f2
Merge pull request #30049 from yuwata/assert-return-critical
test: make assert_return() critical by default
2023-12-24 03:39:18 +09:00
Yu Watanabe
b5dd61e3c1 network: use json_variant_append_arrayb()
No functional change, just refactoring and shortening code.
2023-12-23 17:30:54 +00:00
Yu Watanabe
fce9e8a168 log: make assert_return() critical when -Dmode=developer
Triggering assert_return() should be a bug in general, and we should
really fix that.  But, previously, it is hard to notice such bug, as
it was not critical.
This is for making CI or our testing environment fail if we unexpectedly
trigger assert_return(). So, hopefully we can easily find such bugs.
2023-12-24 02:03:30 +09:00
Yu Watanabe
8161f6086e test: make assert_return() critical by default on fuzzer and unit tests
Several test cases intentionally trigger assert_return(). So, to avoid
the entire test fails, this introduces several macros that tentatively
make assert_return() not critical.
2023-12-24 02:02:18 +09:00
Yu Watanabe
93bb67090c log: introduce a knob to make assert_return() critical
These can be used to check if we trigger assert_return()
unexpectedly.

Co-authored-by: Frantisek Sumsal <frantisek@sumsal.cz>
2023-12-24 01:52:26 +09:00
Frantisek Sumsal
addbe898a7 test: make the variable names slightly more descriptive
Follow-up for 5ca8d2474c.
2023-12-23 16:37:30 +01:00
Frantisek Sumsal
7de2118916 test: slightly extend uid0's coverage 2023-12-23 16:37:30 +01:00
Frantisek Sumsal
a6fb61be77 test: make the test actually test
Follow-up for dd25a95763.
2023-12-23 16:37:30 +01:00
Yu Watanabe
354171a5db
Merge pull request #30603 from mrc0mmand/openssl-shenanigans
test/ukify: make the tests happy with OpenSSL 3.2.0+
2023-12-24 00:27:20 +09:00
Frantisek Sumsal
b3ed0808d1 test: redirect stdout/stderr of TEST-04-JOURNAL to console as well
This effectively reverts fa6f37c043 just for TEST-04, as we nuke the
journal repeatedly in this test which makes it particularly hard to
debug. Let's hope the issue behind fa6f37c043 won't bite us back in this
case.

Follow-up for: fa6f37c043
Reverts: 8f7c876bdc
2023-12-23 15:54:51 +01:00
Frantisek Sumsal
eb3cdf49b1 test: don't truncate the final journal
This is no longer necessary, as the test for which this was introduced
in the first place has this handled explicitly (testsuite-04.journal.sh).

Follow-up to 9457dd8bae.
2023-12-23 15:35:08 +01:00
Frantisek Sumsal
4e5984f027 test: make sure the dummy CA certificate is marked as such
With OpenSSL 3.2.0+ this is necessary, otherwise the verification
of such CA certificate fails badly:

$ openssl s_client -CAfile /run/systemd/remote-pki/ca.crt -connect localhost:19532
...
Connecting to ::1
CONNECTED(00000003)
Can't use SSL_get_servername
depth=1 C=CZ, L=Brno, O=Foo, OU=Bar, CN=Test CA
verify error:num=79:invalid CA certificate
verify return:1
depth=1 C=CZ, L=Brno, O=Foo, OU=Bar, CN=Test CA
verify error:num=26:unsuitable certificate purpose
verify return:1
...
---
SSL handshake has read 1566 bytes and written 409 bytes
Verification error: unsuitable certificate purpose
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 26 (unsuitable certificate purpose)
2023-12-23 13:42:09 +01:00
Frantisek Sumsal
338ed5bea4 ukify: make the test happy with the latest OpenSSL
Which dropped some whitespaces in the output:

$ openssl version
OpenSSL 3.2.0 23 Nov 2023 (Library: OpenSSL 3.2.0 23 Nov 2023)
$ openssl x509 -in cert.pem -text -noout | grep Issuer
        Issuer: C=AU, ST=Some-State, O=Internet Widgits Pty Ltd

$ openssl version
OpenSSL 3.0.9 30 May 2023 (Library: OpenSSL 3.0.9 30 May 2023)
$ openssl x509 -in cert.pem -text -noout | grep Issuer
        Issuer: C = XX, L = Default City, O = Default Company Ltd

Making test-ukify unhappy:

>       assert 'Issuer: CN = SecureBoot signing key on host' in out
E       AssertionError: assert 'Issuer: CN = SecureBoot signing key on host' in '<...snip...>Issuer: CN=SecureBoot signing key on host archlinux2\n...'
2023-12-23 12:32:31 +01:00
Yu Watanabe
24f4144a08
Merge pull request #30600 from dtardon/see-also-simplelist
man: use `<simplelist>` for 'See also' sections
2023-12-23 19:08:31 +09:00
Luca Boccassi
d45ca9a905 man: conditionalize sd-pcrlock and sd-measure on the same variable as their binaries
The binaries are built and installed if HAVE_TPM2 is set, and ignore ENABLE_BOOTLOADER,
so do the same for the manpages.

For the sd-pcrlock case this also installs the manpage aliases for the units, which
are not installed with -Dbootloader=disabled, but there's no way to conditionalize
the aliases, so on balance it's better to have too much documentation rather than
too little.

Fixes https://github.com/systemd/systemd/issues/30588
2023-12-23 18:04:08 +08:00
David Tardon
59b4437973 man: capitalize "also" for consistency
Almost all our man pages write it that way.
2023-12-23 08:28:57 +01:00
David Tardon
13a69c120b man: use <simplelist> for 'See also' sections
This is just a slight markup improvement; there should be no difference
in rendering.
2023-12-23 08:28:57 +01:00