1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00
The systemd System and Service Manager
Go to file
Lennart Poettering 1eb8a560a6 json: add builder/dispatcher for PidRef → JSON and back
So far, at the one place we sent a PID over Varlink we did so as a
simple numeric pid_t value. That's of course is racy, since classic PIDs
are recycled too eagerly.

Let's address that, by passing around JSON objects distantly resembling our
PidRef structure. Note that this JSON object does *not* contain the
pidfd, however, but just the pidfd inode number if known.

I originally planned to include the pidfd in some direct form, but I
figured that's not really the best idea, since we always need a
side-channel of some form for that (i.e. AF_UNIX/SCM_RIGHTS), but we
should be able to report about PIDs even without that.

Moreover, while sending the pid number and pidfd id around should always
be OK to do, it's a lot more problematic to always send a pidfd around,
since that implies that fd passing is on and it is OK to install fds
remotely in some IPC peers fd table. For example, when doing a wild dump
of service manager service state we really shouldn't end up with a bunch
of fds installed in our client's fd table.

Hence, all in all I think it is cleaner to define a structure carrying
pid number and pidfd inode id, wich is passed directly as JSON. And then
optionally, in a separate field also pass around a pidfd where it makes
sense.

Note that sending around pidfds is not that beneficial anymore if we
have the pidfd inode id, because we can always securely and reliably get
a pidfd back from a pair of pid + inode id: first we do pidfd_open() on
the pid, and then we check if it is really the right one by comparing
.st_ino after fstat().

This logic is implemented gracefully: if for some reason pidfd/pidfd
inode nrs are not available (too old kernel), we'll fall back to plain
PID numbers.

The dispatching logic knows two distinct levels of validation of the
provided PID data: if SD_JSON_STRICT is specified we'll acquire a pidfd
for the PID, thus verifying it currently exists and failing if it
doesn't. If the flag is not set, well just store the provided info
as-is, will try to acquire a pidfd for it, but not fail if we cannot.
Both modes are important in different contexts.

Also note that in addition to the pidfd inode nr we always store the
current boot ID of the system in the JSON object, since only the
combination of pidfd inode nr and boot ID of the system really is a
world-wide unique reference to a process.

When dispatching a JSON pid field we operate somewhat gracefully: we
either support the triplet structure of pid, pid inode nr, boot id, or
we accept a simple classic UNIX pid.
2024-10-11 10:48:07 +02:00
.clusterfuzzlite ci: unpin CFLite 2022-04-26 09:13:57 +00:00
.github mkosi: fix sections for settings 2024-10-11 07:33:42 +09:00
.semaphore semaphore: do not build docs 2024-10-07 19:40:58 +01:00
catalog catalog: beef up new sysctl message 2024-09-13 07:29:04 +02:00
coccinelle introduce FOREACH_ELEMENT 2024-04-18 17:39:34 +02:00
docs docs/DESKTOP_ENVIRONMENTS: fix formatting 2024-10-11 10:28:22 +02:00
factory man: don't suggest using pam_unix.so's use_authtok switch 2024-01-17 23:59:05 +00:00
hwdb.d hwdb: move key 66/65 handling from specific to generic HP laptop coverage 2024-10-09 10:34:13 +02:00
LICENSES LICENSES/README: expand text to summarize state for binaries and libs 2024-06-28 13:46:58 +02:00
man man: reword comment a bit regarding ExecStartPre= multiple commands 2024-10-11 02:18:24 +09:00
mime creds-util: add a concept of "user-scoped" credentials 2024-01-30 17:07:47 +01:00
mkosi.conf.d mkosi: Fix sections for settings 2024-10-09 20:36:57 +02:00
mkosi.extra mkosi: Disable pagination in gdb 2024-08-14 14:18:40 +02:00
mkosi.images mkosi: Fix sections for settings 2024-10-09 20:36:57 +02:00
mkosi.repart mkosi: Switch back to btrfs 2024-08-05 15:00:24 +02:00
mkosi.sanitizers mkosi: Don't create sanitizer wrappers for every mkfs binary 2024-09-03 08:48:34 +02:00
modprobe.d modprobe: set 'ifb numifbs=0' to avoid autocreating ifb0 2024-01-12 23:24:54 +00:00
network network: request non-NULL SSID when a wlan interface is configured as station 2024-07-31 10:06:04 +09:00
po po: Translated using Weblate (Kabyle) 2024-10-07 14:13:43 +09:00
presets presets: Don't enable systemd-homed-firstboot.service by default 2024-06-08 11:29:55 +01:00
profile.d shell: define three system credentials we can propagate into shell prompts and welcome messages 2024-09-09 19:03:48 +02:00
rules.d udev: allow persistent storage rules for ublk devices 2024-10-11 10:29:26 +02:00
shell-completion shell-completion/analyze: add has-tpm2 2024-09-19 19:08:49 +09:00
src json: add builder/dispatcher for PidRef → JSON and back 2024-10-11 10:48:07 +02:00
sysctl.d sysctl.d: Fix pid_max comment 2023-10-31 13:07:49 +01:00
sysusers.d sysusers: simplify meson config 2024-05-14 20:46:24 +02:00
test test/repart: add test case for hash size derived from max data size 2024-10-09 13:20:14 +02:00
tmpfiles.d tmpfiles.d: Remove purge flag from lines that don't support it 2024-09-17 23:02:01 +02:00
tools mkosi: add helper script to update mkosi hash 2024-09-12 10:52:52 +02:00
units logind: add support for hidraw devices 2024-10-03 09:36:57 +01:00
xorg xorg/50-systemd-user: add a full license header 2021-10-01 14:45:00 +02:00
.clang-format Improve the formatting by adding AlignArrayOfStructures and setting it to Right(right justify) 2024-03-06 15:24:23 +01:00
.ctags editors: Prevent ctags from following symlinks 2019-02-15 11:01:20 -08:00
.dir-locals.el scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.editorconfig editorconfig: add NEWS whitespace configuration 2023-10-26 22:41:03 +01:00
.gitattributes Mark all base64 files as generated 2023-08-16 12:49:45 +02:00
.gitignore gitignore: Ignore /pkg/ instead of pkg/ (#33119) 2024-05-31 14:06:07 +08:00
.gitmodules mkosi: Replace submodules with our own thing 2024-05-30 19:31:32 +02:00
.mailmap mailmap: "reduce contributor count by 13" 2023-08-16 12:49:42 +02:00
.packit.yml Revert "packit: temporarily build systemd without BPF stuff" 2024-02-11 16:45:03 +01:00
.pylintrc Add .pylintrc to globally suppress warnings we don't really care about 2023-08-10 18:13:29 +02:00
.vimrc vimrc: explicitly set shiftwidth for the C file type 2023-09-18 13:11:45 +02:00
.ycm_extra_conf.py ycm: add doc string for all the functions in configuration file 2017-11-29 13:21:49 -07:00
LICENSE.GPL2 relicense to LGPLv2.1 (with exceptions) 2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1 licence: remove references to old FSF address 2012-12-17 11:41:31 +01:00
meson_options.txt core: load IPE policy on boot 2024-10-02 18:29:43 +02:00
meson.build meson: sort includes 2024-10-11 10:41:06 +02:00
meson.version meson: update version to 257~devel 2024-06-11 22:55:29 +01:00
mkosi.clangd mkosi: Add back support for running clangd within mkosi 2024-09-22 15:23:01 +02:00
mkosi.clean mkosi: Add missing SPDX line 2024-09-22 15:23:08 +02:00
mkosi.conf mkosi: Fix sections for settings 2024-10-09 20:36:57 +02:00
mkosi.coredump-journal-storage.conf mkosi: Adapt configuration to take into account configuration rework 2024-07-09 08:07:09 +02:00
mkosi.functions mkosi: Use squashfs for sysext if mkfs.erofs is not available 2024-07-15 16:17:33 +02:00
mkosi.leak-sanitizer-suppressions mkosi: Adapt configuration to take into account configuration rework 2024-07-09 08:07:09 +02:00
mkosi.postinst.chroot ci: Don't add testuser to wheel and systemd-journal groups 2024-09-19 08:47:53 +09:00
NEWS Merge pull request #34593 from Werkov/deprecate-aux-scopes 2024-10-09 10:25:30 +02:00
README README: update requirements for signed dm-verity 2024-07-04 19:04:58 +02:00
README.md README.md: link bug bounty program 2024-04-11 12:58:53 +02:00
TODO update TODO 2024-10-09 15:43:11 +02:00

Systemd

System and Service Manager

Semaphore CI 2.0 Build Status
Coverity Scan Status
OSS-Fuzz Status
CIFuzz
CII Best Practices
CentOS CI - CentOS 9
CentOS CI - Arch
CentOS CI - Arch (sanitizers)
Fossies codespell report
Weblate
Coverage Status
Packaging status
OpenSSF Scorecard

Details

Most documentation is available on systemd's web site.

Assorted, older, general information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Code Map for information about this repository's layout and content.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list, join our IRC channel #systemd on libera.chat or Matrix channel

Stable branches with backported patches are available in the stable repo.

We have a security bug bounty program sponsored by the Sovereign Tech Fund hosted on YesWeHack