Quote unit names in suggested systemctl commandlines
The fact that unit names have to be quoted can be a bit surprising.
Show quotes in the hint commandline, but only after checking that this
is necessary, since quotes are visually heavy and usually not needed.
Patrik Flykt [Fri, 29 Aug 2014 06:20:46 +0000 (09:20 +0300)]
test-dhcp6-client: Fix option length
The whole DHCPv6 test message length was incorrectly used as the length
of DHCPv6 options causing the following bad memory access:
$ build/test-dhcp6-client
Assertion 'interface_index >= -1' failed at ../src/libsystemd-network/sd-dhcp6-client.c:129, function sd_dhcp6_client_set_index(). Ignoring.
=================================================================
==29135==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7fe204aa9148 at pc 0x7fe204a5958f bp 0x7fff3e47d470 sp 0x7fff3e47d460
READ of size 1 at 0x7fe204aa9148 thread T0
#0 0x7fe204a5958e in option_parse_hdr ../src/libsystemd-network/dhcp6-option.c:145
#1 0x7fe204a59884 in dhcp6_option_parse ../src/libsystemd-network/dhcp6-option.c:165
#2 0x7fe204a4eb9c in test_advertise_option ../src/libsystemd-network/test-dhcp6-client.c:227
#3 0x7fe204a51c58 in main ../src/libsystemd-network/test-dhcp6-client.c:584
#4 0x7fe2031590df in __libc_start_main (/lib64/libc.so.6+0x200df)
#5 0x7fe204a4cc5b (/home/test/systemd/build/test-dhcp6-client+0x25c5b)
0x7fe204aa9148 is located 2 bytes to the right of global variable 'msg_advertise' from '../src/libsystemd-network/test-dhcp6-client.c' (0x7fe204aa9080) of size 198
0x7fe204aa9148 is located 56 bytes to the left of global variable 'msg_reply' from '../src/libsystemd-network/test-dhcp6-client.c' (0x7fe204aa9180) of size 173
SUMMARY: AddressSanitizer: global-buffer-overflow ../src/libsystemd-network/dhcp6-option.c:145 option_parse_hdr
We can't use LZ4_compress_limitedOutput_continue() because in the
worst-case scenario the compressed output can be slightly bigger than
the input block. This generally affects very few blocks and is no reason
to abort the compression process.
I ran into this when I noticed that Chromium core dumps weren't being
compressed. After switching to LZ4_compress_continue() a ~330MB Chromium
core dump gets compressed to ~17M.
Dave Reisner [Sat, 30 Aug 2014 00:35:15 +0000 (20:35 -0400)]
completion: filter templates from restartable units
Since c6a373a2634854, we might encounter unit templates via the
'list-units' verb. These aren't restartable (and we throw errors), so
make sure they're filtered out of the completion options.
Miroslav Lichvar [Wed, 27 Aug 2014 14:47:20 +0000 (16:47 +0200)]
timesyncd: check root distance
NTPv4 servers don't reply with unsynchronized status when they lost
synchronization, they only keep increasing the root dispersion and it's
up to the client to decide at which point they no longer consider it
synchronized.
David Herrmann [Thu, 28 Aug 2014 12:45:38 +0000 (14:45 +0200)]
macro: use unique variable names for math-macros
Similar to container_of(), we now use unique variable names for the bascic
math macros MAX, MIN, CLAMP, LESS_BY. Furthermore, unit tests are added to
verify they work as expected.
David Herrmann [Thu, 28 Aug 2014 10:42:03 +0000 (12:42 +0200)]
bus: fix use-after-free in slot-release
We must not access slot->floating after we possible dropped the last
reference to it. Fix all callback-invocations to first check
slot->floating and possible disconnect the slot, then release the last
reference.
David Herrmann [Thu, 28 Aug 2014 10:25:58 +0000 (12:25 +0200)]
terminal: free sysview-device names on destruction
Don't leak the device-names during device destruction in sysview. Somehow,
the device-name is "const char*", so make it "char*" first to avoid
warnings when calling free() on it.
In case 'scan_evdev' and 'scan_drm' are both false, we never set 'r' to
anyhting, thus return an uninitialized error code. Fix this by always
returning 0 as we catch negative codes earlier, anyway. Thanks to Thomas
H.P. Anderson for the report.
David Herrmann [Wed, 27 Aug 2014 16:38:01 +0000 (18:38 +0200)]
terminal: add systemd-evcat input debugging tool
Like systemd-subterm, this new systemd-evcat tool should only be used to
debug libsystemd-terminal. systemd-evcat attaches to the running session
and pushes all evdev devices attached to the current session into an
idev-session. All events of the created idev-devices are then printed to
stdout for input-event debugging.
David Herrmann [Wed, 27 Aug 2014 16:34:55 +0000 (18:34 +0200)]
terminal: add xkb-based keyboard devices to idev
The idev-keyboard object provides keyboard devices to the idev interface.
It uses libxkbcommon to provide proper keymap support.
So far, the keyboard implementation is pretty straightforward with one
keyboard device per matching evdev element. We feed everything into the
system keymap and provide proper high-level keyboard events to the
application. Compose-features and IM need to be added later.
David Herrmann [Wed, 27 Aug 2014 16:31:34 +0000 (18:31 +0200)]
terminal: add evdev elements to idev
The evdev-element provides linux evdev interfaces as idev-elements. This
way, all real input hardware devices on linux can be used with the idev
interface.
We use libevdev to interface with the kernel. It's a simple wrapper
library around the kernel evdev API that takes care to resync devices
after kernel-queue overflows, which is a rather non-trivial task.
Furthermore, it's a well tested interface used by all other major input
users (Xorg, weston, libinput, ...).
Last but not least, it provides nice keycode to keyname lookup tables (and
vice versa), which is really nice for debugging input problems.
David Herrmann [Wed, 27 Aug 2014 16:17:27 +0000 (18:17 +0200)]
terminal: add input interface
The idev-interface provides input drivers for all libsystemd-terminal
based applications. It is split into 4 main objects:
idev_context: The context object tracks global state of the input
interface. This will include data like system-keymaps,
xkb contexts and more.
idev_session: A session serves as controller for a set of devices.
Each session on an idev-context is independent of each
other. The session is also the main notification object.
All events raised via idev are reported through the
session interface. Apart of that, the session is a
pretty dumb object that just contains devices.
idev_element: Elements provide real hardware in the idev stack. For
each hardware device, one element is added. Elements
have no knowledge of higher-level device types, they
only provide raw input data to the upper levels. For
example, each evdev device is represented by a different
element in an idev session.
idev_device: Devices are objects that the application deals with. An
application is usually not interested in elements (and
those are hidden to applications), instead, they want
high-level input devices like keyboard, touchpads, mice
and more. Device are the high-level interface provided
by idev. Each device might be fed by a set of elements.
Elements drive the device. If elements are removed,
devices are destroyed. If elements are added, suitable
devices are created.
Applications should monitor the system for sessions and hardware devices.
For each session they want to operate on, they create an idev_session
object and add hardware to that object. The idev interface requires the
application to monitor the system (preferably via sysview_*, but not
required) for hardware devices. Whenever hardware is added to the idev
session, new devices *might* be created. The relationship between hardware
and high-level idev-devices is hidden in the idev-session and not exposed.
Internally, the idev elements and devices are virtual objects. Each real
hardware and device type inherits those virtual objects and provides real
elements and devices. Those types will be added in follow-up commits.
Data flow from hardware to the application is done via idev_*_feed()
functions. Data flow from applications to hardware is done via
idev_*_feedback() functions. Feedback is usually used for LEDs, FF and
similar operations.
David Herrmann [Tue, 26 Aug 2014 13:03:41 +0000 (15:03 +0200)]
terminal: add system view interface
We're going to need multiple binaries that provide session-services via
logind device management. To avoid re-writing the seat/session/device
scan/monitor interface for each of them, this commit adds a generic helper
to libsystemd-terminal:
The sysview interface scans and tracks seats, sessions and devices on a
system. It basically mirrors the state of logind on the application side.
Now, each session-service can listen for matching sessions and
attach to them. On each session, managed device access is provided. This
way, it is pretty simple to write session-services that attach to multiple
sessions (even split across seats).
David Herrmann [Sun, 24 Aug 2014 16:55:58 +0000 (18:55 +0200)]
bus: split bus_map_all_properties into multiple helpers
The bus_map_all_properties() helper calls
org.freedesktop.DBus.Properties.GetAll() on a given target and parses the
result according to a given property-table. This simplifies dealing with
DBus.Properties significantly. However, the function is blocking and thus
not really useful in many situations.
This patch extracts the core of this function and adds two new helpers
which directly take dbus-messages as arguments. This way, you can issue
asynchronous requests and parse the result via these helpers:
bus_message_map_all_properties():
This is the same as bus_map_all_properties() but takes the result
message from a GetAll() request as argument. You can thus issue an
asynchronous GetAll() request and then use this helper once you got
the result.
bus_message_map_properties_changed():
This function takes a signal-message that was retrieved via a
PropertiesChanged signal and then parses it like if you retrieved
it via GetAll(). Furthermore, this function returns the number of
matched properties that got invalidated by the PropertiesChanged
signal, but didn't carry the new value. This way, the caller can
issue a new GetAll() request and then parse the result.
The old function bus_map_all_properties() is functionally unchanged, but
now uses bus_message_map_all_properties() internally.
David Herrmann [Wed, 27 Aug 2014 16:02:17 +0000 (18:02 +0200)]
udev: add missing new-line in udevadm error
fprintf() does not add new-lines automatically like log_*() does. Add the
missing \n specified so "udevadm" invoked without arguments adds a newline
to:
udevadm: missing or unknown command
David Herrmann [Fri, 22 Aug 2014 12:57:11 +0000 (14:57 +0200)]
login: fix memory-leak on DropController()
Our bus-name watch helpers only remove a bus-name if it's not a
controller, anymore. If we call manager_drop_busname() before
unregistering the controller, the busname will not be dropped. Therefore,
first drop the controller, then drop the bus-name.
David Herrmann [Fri, 22 Aug 2014 12:41:37 +0000 (14:41 +0200)]
shared: make container_of() use unique variable names
If you stack container_of() macros, you will get warnings due to shadowing
variables of the parent context. To avoid this, use unique names for
variables.
Two new helpers are added:
UNIQ: This evaluates to a truly unique value never returned by any
evaluation of this macro. It's a shortcut for __COUNTER__.
UNIQ_T: Takes two arguments and concatenates them. It is a shortcut for
CONCATENATE, but meant to defined typed local variables.
As you usually want to use variables that you just defined, you need to
reference the same unique value at least two times. However, UNIQ returns
a new value on each evaluation, therefore, you have to pass the unique
values into the macro like this:
#define my_macro(a, b) __max_macro(UNIQ, UNIQ, (a), (b))
#define __my_macro(uniqa, uniqb, a, b) ({
typeof(a) UNIQ_T(A, uniqa) = (a);
typeof(b) UNIQ_T(B, uniqb) = (b);
MY_UNSAFE_MACRO(UNIQ_T(A, uniqa), UNIQ_T(B, uniqb));
})
This way, MY_UNSAFE_MACRO() can safely evaluate it's arguments multiple
times as they are local variables. But you can also stack invocations to
the macro my_macro() without clashing names.
This is the same as if you did:
#define my_macro(a, b) __max_macro(__COUNTER__, __COUNTER__, (a), (b))
#define __my_macro(prefixa, prefixb, a, b) ({
typeof(a) CONCATENATE(A, prefixa) = (a);
typeof(b) CONCATENATE(B, prefixb) = (b);
MY_UNSAFE_MACRO(CONCATENATE(A, prefixa), CONCATENATE(B, prefixb));
})
...but in my opinion, the first macro is easier to write and read.
This patch starts by converting container_of() to use this new helper.
Other macros may follow (like MIN, MAX, CLAMP, ...).
David Herrmann [Fri, 22 Aug 2014 12:38:28 +0000 (14:38 +0200)]
shared: drop UNIQUE()
The UNIQUE() macro works fine if used in un-stacked macros. However, once
you stack them like:
MAX(MIN(a, b),
CLAMP(MAX(c, d), e, f))
you will get warnings due to shadowing other variables. gcc uses the last
line of a macro expansion as value for __LINE__, therefore, we cannot even
avoid this by splitting the expressions across lines.
Remove the only user of UNIQUE() so we introduce a new helper in
follow-ups.
Ivan Shapovalov [Tue, 26 Aug 2014 20:17:45 +0000 (00:17 +0400)]
hibernate-resume-generator: add a generator for instantiating the resume unit.
hibernate-resume-generator understands resume= kernel command line parameter
and instantiates the systemd-resume@.service accordingly if it is passed.
This enables resume from hibernation using device specified on the kernel
command line, and it may be specified either as "/dev/disk/by-foo/bar"
or "FOO=bar", not only "/dev/sdXY" which is understood by the in-kernel
implementation.
So now resume= is brought on par with root= in terms of possible ways to
specify a device.
Ivan Shapovalov [Tue, 26 Aug 2014 20:17:43 +0000 (00:17 +0400)]
units: order systemd-fsck@.service after local-fs-pre.target.
With this change, it becomes possible to order a unit to activate before any
modifications to the file systems. This is especially useful for supporting
resume from hibernation.
If we invoke agents, we should make sure we actually can kill them
again. I mean, it's probably not our job to cleanup the signals if our
tools are invoked in weird contexts, but at least we should make sure,
that the subprocesses we invoke and intend to control work as intended.
Tom Gundersen [Fri, 15 Aug 2014 16:49:29 +0000 (18:49 +0200)]
sd-event: split run into prepare/wait/dispatch
This will allow sd-event to be integrated into an external event loop, which
in turn will allow (say) glib-based applications to use our various libraries,
without manually integrating each of them (bus, rtnl, dhcp, ...).
The external event-loop should integrate sd-event int he following way:
Every iteration must start with a call to sd_event_prepare(), which will
return 0 if no event sources are ready to be processed, a positive value if
they are and a negative value on error. sd_event_prepare() may only be called
following sd_event_dispatch(); a call to sd_event_wait() indicating that no
sources are ready to be dispatched; or a failed call to sd_event_dispatch() or
sd_event_wait().
A successful call to sd_event_prepare() indicating that no event sources are
ready to be dispatched must be followed by a call to sd_event_wait(),
which will return 0 if it timed out without event sources being ready to
be processed, a negative value on error and a positive value otherwise.
sd_event_wait() may only be called following a successful call to
sd_event_prepare() indicating that no event sources are ready to be dispatched.
If sd_event_wait() indicates that some events sources are ready to be
dispatched, it must be followed by a call to sd_event_dispatch(). This
is the only time sd_event_dispatch() may be called.
core: add support for a configurable system-wide start-up timeout
When this system-wide start-up timeout is hit we execute one of the
failure actions already implemented for services that fail.
This should not only be useful on embedded devices, but also on laptops
which have the power-button reachable when the lid is closed. This
devices, when in a backpack might get powered on by accident due to the
easily reachable power button. We want to make sure that the system
turns itself off if it starts up due this after a while.
When the system manages to fully start-up logind will suspend the
machine by default if the lid is closed. However, in some cases we don't
even get as far as logind, and the boot hangs much earlier, for example
because we ask for a LUKS password that nobody ever enters.
Yeah, this is a real-life problem on my Yoga 13, which has one of those
easily accessible power buttons, even if the device is closed.