Shawn Landden [Wed, 11 Mar 2015 04:01:47 +0000 (21:01 -0700)]
udev-ctrl: fix strict aliasing issues
it is ironic that
"The only purpose of this structure is to cast the structure pointer
passed in addr in order to avoid compiler warnings. See EXAMPLE below."
from bind(2)
Will Woods [Fri, 13 Mar 2015 21:24:46 +0000 (17:24 -0400)]
selinux: fix SEGV during switch-root if SELinux policy loaded
If you've got SELinux policy loaded, label_hnd is your labeling handle.
When systemd is shutting down, we free that handle via mac_selinux_finish().
But: switch_root() calls mkdir_p_label(), which tries to look up a label
using that freed handle, and so we get a bunch of garbage and eventually
SEGV in libselinux.
(This doesn't happen in the switch-root from initramfs to real root because
there's no SELinux policy loaded in initramfs, so label_hnd is NULL and we
never attempt any lookups.)
So: make sure that mac_selinux_finish() actually sets label_hnd to NULL, so
nobody tries to use it after it becomes invalid.
Coverity was complaining that CMSG_NXTHDR is used without
checking the return value. In this case it cannot fail, but
it is a good excuse to simplify the function a bit.
/dev/pts/ptmx is as important as /dev/pts, so error out if that
fails. Others seem less important, since the namespace is usable
without them, so ignore failures.
Tom Gundersen [Fri, 13 Mar 2015 15:12:57 +0000 (16:12 +0100)]
sd-rtnl: improve detection of broadcast messages
Do not rely on nl_pid == 0, but check the groups instead. We currently avoid using
nl_pid == 0 for unicast anyway, so this should be redundant, but let's try to be
correct.
David Herrmann [Fri, 13 Mar 2015 12:55:54 +0000 (13:55 +0100)]
bus: stop using EDEADLOCK
The error code is called EDEADLK, stop using legacy names like EDEADLOCK.
Note that _some_ weird architectures define them differently (namely, mips
and sparc), but on all sane architectures they're exactly the same. So
stay with the widely used code, which is EDEADLK.
journal-remote buffers input, and then parses it handling one journal entry at a time.
It was possible for useful data to be left in the buffer after some entries were
processesed. But all data would be already read from the fd, so there would be
no reason for the event loop to call the handler again. After some new data came in,
the handler would be called again, and would then process the "old" data in the buffer.
Fix this by enabling a handler wherever we process input data and do not exhaust data
from the input buffer (i.e. when EAGAIN was not encountered). The handler runs until
we encounter EAGAIN.
Looping over the input data is done in this roundabout way to allow the event loop
to dispatch other events in the meanwhile. If the loop was inside the handler, a
source which produced data fast enough could completely monopolize the process.
Richard Maw [Thu, 12 Mar 2015 18:14:58 +0000 (18:14 +0000)]
networkd: Begin with serial number 1 for netlink requests
"Notifications are of informal nature and no reply is expected, therefore the
sequence number is typically set to 0."[1]
If networkd is started soon after recent netlink activity, then there
will be messages with sequence number 0 in the buffer.
The first thing networkd does is to request a dump of all the links. If
it uses sequence number 0 for this, then it may confuse the dump request's
response with that of a notification.
This will result in it failing to properly enumerate all the links,
but more importantly, when it comes to enumerate all the addresses, it
will still have the link dump in progress, so the address enumeration
will fail with -EBUSY.
Kay Sievers [Thu, 12 Mar 2015 14:03:30 +0000 (15:03 +0100)]
rules: storage - relace blacklist with explicit whitelist
Newly added kernel drivers repeatedly pass our blacklist and
cause trouble for the devices, because they do not expect to
be examined by udev's default rules which include blkid.
This turns the blacklist into a whitelist. Device type which
need support for additional symlinks need to be added to the
whitelist now.
Note, that the by-id, by-path symlinks are only intended for
hotpluggable devices. There is no reason for exotic, or for
statically configured devices to provide them.
Tom Gundersen [Wed, 11 Mar 2015 14:41:32 +0000 (15:41 +0100)]
udevd: improve handling of failed worker
The information in the db is stale, so it does not make sense to
expose it any longer. Also, don't drop the kernel event, but simply
pass it on to userspace without ammending it.
Tom Gundersen [Fri, 6 Mar 2015 17:22:35 +0000 (18:22 +0100)]
udevd: event - make db loading lazy in REMOVE event handling
We were explicitly eagerly loading the db, then deletenig the backing file and then processing the
rules/symlinks. Instead we delete the backnig db file as the last step and let the db loading be
lazy as everywhere else.
This may save us a bit of work in casese where the db is not needed, but more importantly it hides
some implementation details of libudev-device form udevd.
David Herrmann [Wed, 11 Mar 2015 15:35:21 +0000 (16:35 +0100)]
core: fix cgroups-agent match for kdbus
On kdbus, we get cgroups-agent messages via the system bus, not the
private systemd socket. Therefore, we must install the match properly or
we will never receive cgroup notifications.
David Herrmann [Wed, 11 Mar 2015 15:32:47 +0000 (16:32 +0100)]
core: rewind message before forwarding it
Forwarding messages that are not rewinded will drop data. Fix this for
cgroups-agent messages that we might remarshal before forwarding to the
system bus.
David Herrmann [Wed, 11 Mar 2015 15:30:59 +0000 (16:30 +0100)]
bus: remarshal kdbus messages received from the kernel
If we receive an sd_bus_message from the kernel, m->kdbus will contain
additional items that cannot be used when sending a message. Therefore,
always remarshal the message if it is used again.
David Herrmann [Wed, 11 Mar 2015 12:53:21 +0000 (13:53 +0100)]
bus-proxy: complain only once about queue overflows
If the local peer does not dispatch its incoming queue, the bus-proxy will
slowly fill its outgoing queue. Once its full, it will continously
complain that it cannot forward its messages.
As it turns out, pulseaudio does have an idle background dbus connection
that is not integrated into any mainloop (and given that gdbus and
libdbus1 both support background shared connections, PA is probably not
the only example), therefore, the bus-proxy will loudly complain if it
cannot forward NameOwnerChanged events once the queue is full.
This commit makes the proxy track queue-state and complain only once the
queue runs full, not if it is already full.
A PA bug-report (and patch) has been filed, and other applications should
be fixed similarly. Hence, lets keep the error message, instead of
dropping it. It's unused resources we really want to get rid of, so
silencing the message does not really help (which is actually what
dbus-daemon does).
David Herrmann [Tue, 16 Dec 2014 16:30:46 +0000 (17:30 +0100)]
terminal/sysview: introduce SETTLE events
This introduces a new SYSVIEW_EVENT_SETTLE notification that is sent after
initial scanning via sysview is done. This is very handy to let the
application raise warnings in case requested resources are not found
during startup.
The SETTLE event is sent after systemd-logind and udev enumerations are
done. This event does in no way guarantee that a given resource is
available. All it does is notify the application that scanning is done!
You must not react to SETTLE if you don't have external synchronization
with the resource you're waiting for.
The main use-case for SETTLE is to run applications _inside_ of logind
sessions and startup sysview. You really want to make sure that the own
session you're running in was found during enumeration. If not, something
is seriously wrong.
David Herrmann [Tue, 16 Dec 2014 15:14:48 +0000 (16:14 +0100)]
console: fix error-code inversion
The error-code propagated via sysview is always negative. Avoid
multiplying by -1 before returning it. Otherwise, we will return >0
instead of <0, which will not be detected as error by sysview-core.
Harald Hoyer [Fri, 20 Feb 2015 12:25:42 +0000 (13:25 +0100)]
path-util: fix path_is_mount_point() for symlinks
path_is_mount_point() compares the mount_id of a directory and the
mount_id of the parent directory. When following symlinks, the function
to get the parent directory does not take the symlink into account.
/bin -> /usr/bin with /usr being a mountpoint:
mount_id of /bin with AT_SYMLINK_FOLLOW != mount_id of /
Lukasz Skalski [Tue, 10 Mar 2015 15:09:02 +0000 (16:09 +0100)]
bus-proxy: add support for "GetConnectionCredentials" method
GetConnectionCredentials method was added to dbus-1 specification
more than one year ago. This method should return "[...] as many
credentials as possible for the process connected to the server",
but at this moment only "UnixUserID", "LinuxSecurityLabel" and
"ProcessID" are defined by the specification. We should add support
for next credentials after extending dbus-1 spec.
Didier Roche [Tue, 10 Mar 2015 09:18:00 +0000 (10:18 +0100)]
fsckd: clean up log messages
Avoid double logs printing. Not that we don't return
manager_update_global_progress() to the handler callback as if the console or
plymouth isn't available momentarily, we still desire to handle future
fd progress events if those are available again (like cancellation, reports…)