Mike Yuan [Sat, 23 Mar 2024 11:55:27 +0000 (19:55 +0800)]
core/socket: clean up socket peer handling a bit
Currently, SocketPeer object acquired through
socket_acquire_peer() are referenced twice
in socket_enter_running and service_set_socket_fd,
and the reference taken by former gets dropped
through _cleanup_. This is a bit confusing.
Let's just pass ownership instead.
Adrian Vovk [Thu, 21 Mar 2024 17:51:16 +0000 (13:51 -0400)]
homed: Ensure closed FD is handled before bus req
Before this fix, the following sequence of events was possible:
1. A client holding a Ref() FD closes their FD
2. kernel sends notification that all clients closed their FDs
3. Another client obtains its own Ref() FD from homed
4. homed handles the notification that all clients have closed their
Ref() FDs. Thus it loses track of the fact that the session is
actually still being held open by the client from step 3
This change makes sure that homed won't respond to bus messages (and
thus won't open more Ref() FDs) until it has handled all notifications
about the existing FDs being closed.
This causes a problem for us, because we try to map the .got to .rodata,
and the subsequent .data to .data, and round down the VMA to the nearest
page, which causes the PE sections to overlap.
https://github.com/llvm/llvm-project/pull/66042 adds .relro_padding to make
sure that the RELRO segment is properly write protected and allocated. For our
binaries, the .got section is empty, so we can skip it safely, and the
.relro_padding section is not useful once .got has been dropped.
We don't expect .got sections, but they are apparently inserted on i386 and
aarch64 builds. Emit a warning until we figure out why they are there.
Daan De Meyer [Wed, 20 Mar 2024 08:34:46 +0000 (09:34 +0100)]
log: Add per target log levels
For CI in mkosi, I want to configure systemd to log at debug level
to the journal, but not to the console. While we already have max
level settings for journald's forwarding settings, not every log line
goes to the journal, specifically during early boot and when units
are connected directly to the console (think systemd-firstboot), so
let's extend the log level options we already have to allow specifying
a comma separated list of values and lets allow prefixing values with
the log target they apply to to make this possible.
Gerd Hoffmann [Tue, 19 Mar 2024 13:49:51 +0000 (14:49 +0100)]
sd-boot: add support for support enrolling dbx
usage:
(1) get latest revocation list for your architecture
from https://uefi.org/revocationlistfile
(2) copy the file to $ESP/loader/keys/$name/dbx.auth
Luca Boccassi [Wed, 20 Mar 2024 12:55:02 +0000 (12:55 +0000)]
test: delete private images on clean-again
Private images are not reused, they are unique to tests, so delete them
as they take a lot of disk space, and we are starting to run in /var/tmp
space issues on the Ubuntu CI
If one of the cursor option is specified, we first seek to the cursor position.
So, the current position may be out of the time range specified by --until,
and we need to verify the timestamp of the current position.
sd-device: use strdup_to() and rename output param
device_open_from_devnum() returns two things: the devname via
an output param, and the fd via the return value. Rename the param
to signal that it's not the only return channel.
I didn't know that this helper existed… It is very similar to strdup_to_full(),
but all callers can actually be replaced by strdup_to(), which has more fitting
semantics.
basic/socket-util: use strdup_to() in sockaddr_pretty()
The function was written to support ret==NULL, but the only caller always
passes ret, and sockaddr_pretty() also requires ret to be set, so that
half-implemented code wasn't very useful.
basic/fileio: use strdup_to_full() in read_stripped_line()
The return value of read_stripped_line() is changed. Before we'd return the
number of characters read, but that number was not meaningful after we called
strstrip(). So just return 0 if nothing was read (EOF), and 1 if something was
read (not EOF). All the callers were only checking for <0 or ==0.
It's a bit ugly to have both strdup_to() and strdup_to_full(). I initially
started with one variant, but then in some functions we want the additional
info, while in many other places, having 1 instead of 0 causes the return
value of whole chains of functions to be changed. It *probably* wouldn't cause
any difference, but there is at least of bunch of tests that would need to be
updated, so in the end it seems to have the two variants.
The output param is first to match free_and_strdup() and other similar
functions.
Jan Macku [Wed, 20 Mar 2024 11:37:18 +0000 (12:37 +0100)]
ci(freezer): update `devel-freezer` GHA to `v1.1.0`
The new version of `devel-freezer` GitHub Action adds support for milestones, labels, and more. Now, when the `rc` tag is published, it won't post a development freeze comment on PRs included in the next milestone.
This commit also sets a delay of the 20s for PR validation to give some time for updating labels and milestones on submitted PRs.
basic/missing_*.h: add asserts that the values are as expected
It's great that we provide fallback values, but if we got one of those wrong,
it could be a long time before anyone noticed. So let's add asserts that the
our internal defines actually match the official ones, when the latter are
available.
I did not add '#include "macro.h"' to missing_{audit,capability}, because
those are processed by an awk script that would need additional include
directories and could be confused by the additional lines. We don't include
those headers standalone anyway, so this is not necessary anyway.
projects / thirdparty / systemd.git / log
