| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| | |
yuwata/udev-net-assign-alternative-names-only-on-add-event
udev/net: assign alternative names only on add event
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Now that clients might convey comm/description strings via the sockaddr,
let's actually use them on the other side, read the data via
getpeername() parse it, and include it in the "owner" creds (which is
how we call the peer's creds).
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
comm + bus description string
Let's pass some additional meta information along bus connections
without actually altering the communication protocol.
Pass the client comm and client description string of the bus via
including it in the abstract namespace client socket address we connect
to. This is purely informational (and entirely user controlled), but has
the benefit that servers can make use of the information if they want,
but really don't have to. It works entirely transparently.
This takes inspiration from how we convey similar information via
credential socket connections.
|
| | | |
|
| |/ |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GCC document [1] says:
The pure attribute prohibits a function from modifying the state
of the program that is observable by means other than inspecting
the function’s return value.
And there is an example:
`int hash (char *) __attribute__ ((pure));`
... Even though hash takes a non-const pointer argument it must
not modify the array it points to, ...
But we are modifying the object pointed to by the pointer u, which is
clearly a violation of the semantic of pure.
With -ftrivial-auto-var-init (enabled by -Dmode=release), on some
targets (GCC 12.2 on AArch64 and GCC 13.1 on x86_64) performs an
optimization: as the variable "u" in bus_match_parse has been
zero-initialized (by the -ftrivial-auto-var-init option) and never
modified (because a "pure" bus_message_type_from_string is not allowed
to modify it), "u" will be always 0.
Then 0 is used to initialize .value_u8 field of struct
bus_match_component. This then causes a infinite event loop, so
"systemctl restart" never stops, and pam_systemd timeouts communicating
with logind, etc.
So we should remove the "pure" attribute here.
Fixes #26395.
[1]:https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attributes.html#index-pure-function-attribute
|
| |
|
|
|
|
|
| |
This also makes journal corruption always handled gracefully, and drop
potentially unsatisfied assertion on corrupted journal.
Fixes #27533.
|
| |
|
|
|
| |
`test_object()` may call `journal_file_move_to_object()` and thus
the `array` object may be invalidated.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Previously we'd honour --pid= from the main notification we send, but
not from the barrier. This is confusing at best. Let's fix that.
|
| |
|
|
|
|
|
| |
This reverts commit a8fbcc0e3c033a43e511550052cace6b0dcf3df7.
The commit is not necessary, as the invalid entry array object is
filtered earlier by the previous commit.
|
| |
|
|
|
|
|
| |
Then, if it is invalid, refuse to use the entry array object.
Follow-up for a8fbcc0e3c033a43e511550052cace6b0dcf3df7.
Fixes #27489.
|
| |
|
|
|
| |
Journal corruption is not only indicated by EBADMSG but also by
EADDRNOTAVAIL so treat that as corruption in a few more cases.
|
| |\
| |
| | |
test: check all public functions are listed in .sym file
|
| | |
| |
| |
| | |
Co-authored-by: Frantisek Sumsal <frantisek@sumsal.cz>
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
If .next_entry_array_offset points to one of the previous entry or the
self entry, then the loop for entry array objects may run infinitely.
Let's assume that the offsets of each entry array object are in
increasing order, and check that in loop.
Fixes #27470.
|
| | | |
|
| | |
| |
| |
| |
| | |
Otherwise, the object may be invalidated by the previous call of
journal_file_move_to_object().
|
| | |
| |
| |
| |
| | |
Otherwise, the object with invalid type may pass check_object_header()
when the requested type is OBJECT_UNUSED.
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
on free
|
| | |
| |
| |
| |
| | |
Otherwise, potentially, the assertion in
journal_file_unlink_newest_by_bood_id() will be triggered.
|
| |/
|
|
|
|
|
| |
As commented in the code, we need to replace the pointer to the key,
hence, hashmap_replace() must be used, instead of hashmap_update().
Fixes #27459.
|
| | |
|
| | |
|
| |
|
|
|
| |
The pointer to boot ID may be invalidate by journal_file_move_to_object()
calls in the later loop.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
If journal_file_data_payload() returns -EBADMSG or -EADDRNOTAVAIL,
we skip the entry and go to the next entry, but we never modify
the number of items that we pass to journal_file_append_entry_internal()
if that happens, which means we could try to append garbage to the
journal file.
Let's keep track of the number of fields we've appended to avoid this
problem.
|
| |\
| |
| | |
sd: avoid closing sd-bus in a fork, store module-global id for sd-bus/sd-session/sd-journal
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
sd-event objects use hashmaps, which use module-global state, so it is not safe
to pass a sd-event object created by a module instance to another module instance
(e.g.: when two libraries static linking sd-event are pulled in a single process).
Initialize a random per-module origin id and store it in the object, and compare
it when entering a public API, and error out if they don't match, together with
the PID.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
sd-journal objects use hashmaps, which use module-global state, so it is not safe
to pass a sd-journal object created by a module instance to another module instance
(e.g.: when two libraries static linking sd-journal are pulled in a single process).
Initialize a random per-module origin id and store it in the object, and compare
it when entering a public API, and error out if they don't match, together with
the PID.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
sd-bus objects use hashmaps, which use module-global state, so it is not safe
to pass a sd-bus object created by a module instance to another module instance
(e.g.: when two libraries static linking sd-bus are pulled in a single process).
Initialize a random per-module origin id and store it in the object, and compare
it when entering a public API, and error out if they don't match, together with
the PID.
|
| | |
| |
| |
| |
| |
| |
| | |
If we try to close after a fork, the FDs will have been cloned
too and we'll assert. This can happen for example in PAM modules.
Avoid the macro and define ref/unref by hand to do the same check.
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
I guess it was only a question of time until we need to add the final
frontier of notification functions: one that combines the features of
all the others:
1. specifiying a source PID
2. taking a list of fds to send along
3. accepting a format string for the status string
Hence, let's add it.
|
| |
|
|
|
|
| |
Let's use our nice macros a bit more.
(Not comprehensive)
|
| |\
| |
| | |
socket-util: introduce CMSG_FIND_AND_COPY_DATA()
|
| | | |
|
| |/
|
|
|
|
|
|
|
| |
strstrafter() is like strstr() but returns a pointer to the first
character *after* the found substring, not on the substring itself.
Quite often this is what we actually want.
Inspired by #27267 I think it makes sense to add a helper for this,
to avoid the potentially fragile manual pointer increment afterwards.
|
| | |
|
| | |
|
| |\
| |
| | |
sd-device: several follow-ups about devlink creation
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This also makes device node path is handled with the same logic.
Addresses https://github.com/systemd/systemd/pull/27169#discussion_r1162739511.
Follow-up for 2c5f119c3cc78bd7da0c7c56b57eca43bac464c1.
|
| |\ \
| |/
|/| |
Use CLEANUP_ARRAY more
|
