| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
journald calls fd_get_path() a lot (it probably shouldn't, there's some
room for improvement there, but I'll leave that for another time), hence
it's worth optimizing the call a bit, in particular as it's easy.
Previously we'd open the dir /proc/self/fd/ first, before reading the
symlink inside it. This means the whole function requires three system
calls: open(), readlinkat(), close(). The reason for doing it this way
is to distinguish the case when we see ENOENT because /proc is not
mounted and the case when the fd doesn't exist.
With this change we'll directly go for the readlink(), and only if that
fails do an access() to see if /proc is mounted at all.
This optimizes the common case (where the fd is valid and /proc
mounted), in favour of the uncommon case (where the fd doesn#t exist or
/proc is not mounted).
(cherry picked from commit f267719c389de57ceda433f6288a505e7eeb2f8f)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I noticed while profiling journald that we invoke readlinkat() a ton on
open /proc/self/fd/<fd>, and that the returned paths are more often than
not longer than the 99 chars used before, when we look at archived
journal files. This means for these cases we generally need to execute
two rather than one syscalls.
Let's increase the buffer size a tiny bit, so that we reduce the number
of syscalls executed. This is really a low-hanging fruit of
optimization.
(cherry picked from commit 8e060ec225b74bbf22e5bdbacd604efcc73294c0)
|
|
|
|
|
|
|
|
| |
This function is about compatibility, nothing else, hence we should make
it properly compatible.
Fixes: #9556
(cherry picked from commit def34f63fe066c964764733242b332774070bac6)
|
|
|
|
| |
(cherry picked from commit 8f7329ac276306dfaf6cc47920f3c5e71a0ab586)
|
|
|
|
|
|
|
|
|
|
|
| |
The helper is supposed to properly handle cases where .sun_path does not
contain a NUL byte, and thus copies out the path suffix a NUL as
necessary.
This also reworks the more specific socket_address_unlink() to be a
wrapper around the more generic sockaddr_un_unlink()
(cherry picked from commit 9f20fc28f0a624ea49ac941bcde57b5435a01b6e)
|
|
|
|
| |
(cherry picked from commit 242c41b850af8ebc0c7a0cd44be057e50b5a027a)
|
|
|
|
|
|
| |
CID 1394372
(cherry picked from commit ee7b9f1dfc4653cc8ce26d57cbed249d7f9cea4b)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mempool use is enabled or disabled based on the mempool_use_allowed symbol that
is linked in.
Should fix assert crashes in external programs caused by #9792.
Replaces #10286.
v2:
- use two different source files instead of a gcc constructor
(cherry picked from commit a5d8835c78112206bbf0812dd4cb471f803bfe88)
|
|
|
|
|
|
| |
The only user is in hashmap.c, but it's a mempool thing.
(cherry picked from commit 7c48ea02800782651b7da373c6165abb052f1382)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
between threads
When clients don't follow protocol and use the same object from
different threads, then we previously would silently corrupt memory.
With this assert we'll fail with an assert(). This doesn't fix anything
but certainly makes mis-uses easier to detect and debug.
Triggered by https://bugzilla.redhat.com/show_bug.cgi?id=1609349
(cherry picked from commit 205c085bc36c2c61a09dc40621d8561b135d9b57)
|
|
|
|
|
|
|
|
| |
hashmaps
Triggered by https://bugzilla.redhat.com/show_bug.cgi?id=1609349
(cherry picked from commit b4f607433cac749b617e15b3d5d122322ed2bc71)
|
|
|
|
|
|
|
|
| |
Let's make sure the integers we parse out are not larger than USHRT_MAX.
This is a good idea as the kernel's TIOCSWINSZ ioctl for sizing
terminals can't take larger values, and we shouldn't risk an overflow.
(cherry picked from commit d09a71356e3ed78be7cef3cd7d9919dc77508b41)
|
|
|
|
|
|
|
|
|
|
|
| |
Comes with tests.
Also add direct test for $SYSTEMD_PROC_CMDLINE.
In test-proc-cmdline, "true" was masquerading as PROC_CMDLINE_STRIP_RD_PREFIX,
fix that. Also, reorder functions to match call order.
(cherry picked from commit 9a135c084ae6d06734ec3380f0eafdecd7c216f8)
|
|
|
|
| |
(cherry picked from commit 0307ea49c70b1ed4f3af3c80566c8c098dc080bb)
|
|
|
|
| |
(cherry picked from commit 14ee72b7d8de34a6b02767b865c3c49ceef2ed84)
|
|
|
|
| |
(cherry picked from commit eaa680c09e5701a62e8ac819211e5969eda84f2d)
|
|
|
|
|
|
|
|
|
| |
LGTM was complaining:
> Multiplication result may overflow 'int' before it is converted to 'long'.
Fix this by changing all types to ssize_t and add a check for overflow
while at it.
(cherry picked from commit 3d6c1844744f631995af72867d5f293430d8015b)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
v2: fix error in free_and_strndup()
When the orignal and copied message were the same, but shorter than specified
length l, memory read past the end of the buffer would be performed. A test
case is included: a string that had an embedded NUL ("q\0") is used to replace
"q".
v3: Fix one more bug in free_and_strndup and add tests.
v4: Some style fixed based on review, one more use of free_and_replace, and
make the tests more comprehensive.
(cherry picked from commit 7f546026abbdc56c453a577e52d57159458c3e9c)
|
|
|
|
|
|
|
| |
This function logs about all errors, but one case was forgotten. Fix
that.
(cherry picked from commit 653d469519f78d3931c0bc9fe5597d18454bef3d)
|
|
|
|
|
|
|
|
|
| |
Just paranoia, as putenv() can fail and we should catch it, like we
catch all other errors.
Follow-up for #10073
(cherry picked from commit ed689f7894e56024a11bd02327b2bdfce5636dfd)
|
|
|
|
| |
(cherry picked from commit 78ec1bb436fb18df3b56212c442cc4775a136d1a)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Quoting https://github.com/systemd/systemd/issues/10074:
> detect_vm_uml() reads /proc/cpuinfo with read_full_file()
> read_full_file() has a file max limit size of READ_FULL_BYTES_MAX=(4U*1024U*1024U)
> Unfortunately, the size of my /proc/cpuinfo is bigger, approximately:
> echo $(( 4* $(cat /proc/cpuinfo | wc -c)))
> 9918072
> This causes read_full_file() to fail and the Condition test fallout.
Let's just read line by line until we find an intersting line. This also
helps if not running under UML, because we avoid reading as much data.
(cherry picked from commit 6058516a14ada1748313af6783f5b4e7e3006654)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SO_RCVBUF/SO_SNDBUF fails
Both SO_SNDBUFFORCE and SO_RCVBUFFORCE requires capability 'net_admin'.
If this capability is not granted to the service the first attempt to increase
the recv/snd buffers (via sd_notify()) with SO_RCVBUFFORCE/SO_SNDBUFFORCE will
fail, even if the requested size is lower than the limit enforced by the
kernel.
If apparmor is used, the DENIED logs for net_admin will show up. These log
entries are seen as red warning light, because they could indicate that a
program has been hacked and tries to compromise the system.
It would be nicer if they can be avoided without giving services (relying on
sd_notify) net_admin capability or dropping DENIED logs for all such services
via their apparmor profile.
I'm not sure if sd_notify really needs to forcibly increase the buffer sizes,
but at least if the requested size is below the kernel limit, the capability
(hence the log entries) should be avoided.
Hence let's first ask politely for increasing the buffers and only if it fails
then ignore the kernel limit if we have sufficient privileges.
(cherry picked from commit 10ce2e0681ac16e7bb3619b7bb1a72a6f98a2f2c)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to RFC2616[1], HTTP header names are case-insensitive. So
it's totally valid to have a header starting with either `Date:` or
`date:`.
However, when systemd-importd pulls an image from an HTTP server, it
parses HTTP headers by comparing header names as-is, without any
conversion. That causes failures when some HTTP servers return headers
with different combinations of upper-/lower-cases.
An example:
https://alpha.release.flatcar-linux.net/amd64-usr/current/flatcar_developer_container.bin.bz2 returns `Etag: "pe89so9oir60"`,
while https://alpha.release.core-os.net/amd64-usr/current/coreos_developer_container.bin.bz2
returns `ETag: "f03372edea9a1e7232e282c346099857"`.
Since systemd-importd expects to see `ETag`, the etag for the Container Linux image
is correctly interpreted as a part of the hidden file name.
However, it cannot parse etag for Flatcar Linux, so the etag the Flatcar Linux image
is not appended to the hidden file name.
```
$ sudo ls -al /var/lib/machines/
-r--r--r-- 1 root root 3303014400 Aug 21 20:07 '.raw-https:\x2f\x2falpha\x2erelease\x2ecore-os\x2enet\x2famd64-usr\x2fcurrent\x2fcoreos_developer_container\x2ebin\x2ebz2.\x22f03372edea9a1e7232e282c346099857\x22.raw'
-r--r--r-- 1 root root 3303014400 Aug 17 06:15 '.raw-https:\x2f\x2falpha\x2erelease\x2eflatcar-linux\x2enet\x2famd64-usr\x2fcurrent\x2fflatcar_developer_container\x2ebin\x2ebz2.raw'
```
As a result, when the Flatcar image is removed and downloaded again,
systemd-importd is not able to determine if the file has been already
downloaded, so it always download it again. Then it fails to rename it
to an expected name, because there's already a hidden file.
To fix this issue, let's introduce a new helper function
`memory_startswith_no_case()`, which compares memory regions in a
case-insensitive way. Use this function in `curl_header_strdup()`.
See also https://github.com/kinvolk/kube-spawn/issues/304
[1]: https://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.2
(cherry picked from commit 21224070e802878f81c342835364880ef1a63e88)
|
|
|
|
|
|
|
|
|
|
| |
This replaces strndupa() by strndup() in socket_address_parse(),
as input string may be too long.
Fixes issue 10007 by ClusterFuzz-External:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10007
(cherry picked from commit 8d30fcb9b51b1d102a589171b6e28f5f370236f6)
|
|
|
|
|
|
| |
Fixes #9773.
(cherry picked from commit 68c597e9e4bb36ade966d9df54dfaa9f956230e9)
|
|
|
|
| |
(cherry picked from commit 1595b257df98b361d178b3ce3e4ca5ac463be0cd)
|
|
|
|
|
|
|
|
|
|
| |
If 'v' is negative, it's wrong to add the decimal to it, as we'd
actually need to subtract it in this case. But given that we don't want
to allow negative vaues anyway, simply check earlier whether what we
have parsed so far was negative, and react to that before adding the
decimal to it.
(cherry picked from commit 8cbc92d5975b603002c3141364a7709a9c66e23a)
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately this needs libshared to link to libkmod. Before it was linked
into systemd-udevd, udevadm, and systemd each seperately. On most systems this
doesn't make much difference, because at least systemd would be installed, but
it might not be in small chroots. It is a small library, so I hope this is not
a big issue.
(cherry picked from commit 3cb9b42af3b205fba176ebf51ce0e07739698278)
|
|
|
|
| |
(cherry picked from commit 475d8599b0821eefb6e6c283f4f9847cffbb4b7b)
|
|
|
|
|
|
| |
Fixes #9549.
(cherry picked from commit a26db0bc5d4011de24e5930af6fd9051deeb46be)
|
|
|
|
|
|
| |
ENABLE_GSHADOW is defined to be 0 or 1. So #if should be used instead of #ifdef.
(cherry picked from commit 4f07ffa8f5ab85011422bb7114f1cddf49d4923d)
|
|
|
|
|
|
| |
Fixes: 96f64eb5741b157f26a9089816fdd992e959792e
Closes: https://github.com/systemd/systemd/issues/9444
(cherry picked from commit 358248caa3eca525751694de7c34b16bb46d5a9c)
|
|
|
|
|
|
| |
Fixes #10290.
(cherry picked from commit c250bf671b89768ed27984defe9b5af262618e42)
|
|
|
|
|
|
|
|
| |
Using _GNU_SOURCE is better because that's how we include the headers in the
actual build, and some headers define different stuff when it is defined.
sys/stat.h for example defines 'struct statx' conditionally.
(cherry picked from commit 9c869d08d82c73f62ab3527567858ce4b0cf1257)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Starting with glibc 2.27.9000-36.fc29, include file sys/stat.h will have a
definition for struct statx, in which case include file linux/stat.h should be
avoided, in order to prevent a duplicate definition.
In file included from ../src/basic/missing.h:18,
from ../src/basic/util.h:28,
from ../src/basic/hashmap.h:10,
from ../src/shared/bus-util.h:12,
from ../src/libsystemd/sd-bus/bus-creds.c:11:
/usr/include/linux/stat.h:99:8: error: redefinition of ‘struct statx’
struct statx {
^~~~~
In file included from /usr/include/sys/stat.h:446,
from ../src/basic/util.h:19,
from ../src/basic/hashmap.h:10,
from ../src/shared/bus-util.h:12,
from ../src/libsystemd/sd-bus/bus-creds.c:11:
/usr/include/bits/statx.h:36:8: note: originally defined here
struct statx
^~~~~
Extend our meson.build to look for struct statx when only sys/stat.h is
included and, in that case, do not include linux/stat.h anymore.
Tested that systemd builds correctly when using a glibc version that includes a
definition for struct statx.
glibc Fedora RPM update:
https://src.fedoraproject.org/rpms/glibc/c/28cb5d31fc1e5887912283c889689c47076278ae
glibc upstream commit:
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=fd70af45528d59a00eb3190ef6706cb299488fcd
(cherry picked from commit 75720bff62a84896e9a0654afc7cf9408cf89a38)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently the path to system_bus_socket is hardcoded to
/run/dbus/system_bus_socket
which works everywhere for systemd.
However, distributions which do no symlink /var/run on /run will have
it only accessible via
/run/dbus/system_bus_socket
which should be supported by elogind, too.
Closes #77
Signed-off-by: Christoph Willing <chris.willing@linux.com>
Sigend-off-by: Sven Eden <sven.eden@prydeworx.com>
|
|
|
|
|
|
|
| |
It appears that the necessary bits were already there, but commented
out. When meson checked for 'struct statx', the inclusion of both
sys/stat.h and linux/stat.h where commented out. Uncommenting them
should be enough.
|
|
|
|
|
|
| |
Closes: https://github.com/elogind/elogind/issues/74
Signed-off-by: Christoph Willing <chris.willing@linux.com>
Signed-off-by: Sven Eden <sven.eden@prydeworx.com>
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
them.
|
|
|
|
| |
by strstrip()
|