X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=src%2Fcore%2Fexecute.h;h=349f583c1a6697330e83144f8652b57da4d81c8b;hb=18d73705874f9bf0643485714e9dc069a2e9b599;hp=c923b1fa21304fd64c8600105497e631c8874835;hpb=05d6628ad2572418aed697d70a74fa60f3cd8baa;p=thirdparty%2Fsystemd.git diff --git a/src/core/execute.h b/src/core/execute.h index c923b1fa213..349f583c1a6 100644 --- a/src/core/execute.h +++ b/src/core/execute.h @@ -14,6 +14,7 @@ typedef struct Manager Manager; #include #include "cgroup-util.h" +#include "coredump-util.h" #include "cpu-set-util.h" #include "exec-util.h" #include "fdset.h" @@ -21,6 +22,7 @@ typedef struct Manager Manager; #include "missing_resource.h" #include "namespace.h" #include "nsflags.h" +#include "numa-util.h" #include "time-util.h" #define EXEC_STDIN_DATA_MAX (64U*1024U*1024U) @@ -50,8 +52,6 @@ typedef enum ExecOutput { EXEC_OUTPUT_INHERIT, EXEC_OUTPUT_NULL, EXEC_OUTPUT_TTY, - EXEC_OUTPUT_SYSLOG, - EXEC_OUTPUT_SYSLOG_AND_CONSOLE, EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE, EXEC_OUTPUT_JOURNAL, @@ -155,11 +155,15 @@ struct ExecContext { char **unset_environment; struct rlimit *rlimit[_RLIMIT_MAX]; - char *working_directory, *root_directory, *root_image; + char *working_directory, *root_directory, *root_image, *root_verity, *root_hash_path, *root_hash_sig_path; + void *root_hash, *root_hash_sig; + size_t root_hash_size, root_hash_sig_size; + LIST_HEAD(MountOptions, root_image_options); bool working_directory_missing_ok:1; bool working_directory_home:1; bool oom_score_adjust_set:1; + bool coredump_filter_set:1; bool nice_set:1; bool ioprio_set:1; bool cpu_sched_set:1; @@ -178,9 +182,11 @@ struct ExecContext { int ioprio; int cpu_sched_policy; int cpu_sched_priority; + uint64_t coredump_filter; CPUSet cpu_set; NUMAPolicy numa_policy; + bool cpu_affinity_from_numa; ExecInput std_input; ExecOutput std_output; @@ -250,6 +256,8 @@ struct ExecContext { int log_level_max; + char *log_namespace; + bool private_tmp; bool private_network; bool private_devices; @@ -258,6 +266,7 @@ struct ExecContext { bool protect_kernel_tunables; bool protect_kernel_modules; bool protect_kernel_logs; + bool protect_clock; bool protect_control_groups; ProtectSystem protect_system; ProtectHome protect_home; @@ -279,9 +288,9 @@ struct ExecContext { Hashmap *syscall_filter; Set *syscall_archs; int syscall_errno; - bool syscall_whitelist:1; + bool syscall_allow_list:1; - bool address_families_whitelist:1; + bool address_families_allow_list:1; Set *address_families; char *network_namespace_path; @@ -397,11 +406,13 @@ ExecRuntime *exec_runtime_unref(ExecRuntime *r, bool destroy); int exec_runtime_serialize(const Manager *m, FILE *f, FDSet *fds); int exec_runtime_deserialize_compat(Unit *u, const char *key, const char *value, FDSet *fds); -void exec_runtime_deserialize_one(Manager *m, const char *value, FDSet *fds); +int exec_runtime_deserialize_one(Manager *m, const char *value, FDSet *fds); void exec_runtime_vacuum(Manager *m); void exec_params_clear(ExecParameters *p); +bool exec_context_get_cpu_affinity_from_numa(const ExecContext *c); + const char* exec_output_to_string(ExecOutput i) _const_; ExecOutput exec_output_from_string(const char *s) _pure_;