Simon McVittie [Fri, 10 Jun 2011 17:08:11 +0000 (18:08 +0100)]
Consistently use atomic operations for all access to DBusConnection refcount
Trying to mix atomic operations with locked non-atomic operations is
broken: the atomic ops aren't necessarily atomic with respect to the
locked non-atomic ops, and the non-atomic ops aren't protected by the
lock because the atomic ops can change the refcount behind their back.
In theory we could use the connection lock if atomic ops aren't supported
(making a per-connection lock cheaper than the global lock used to
implement atomic ops) *and* our mutexes are recursive (making it safe
against deadlocks)... but life's too short.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=38005 Tested-by: Will Manley <freedesktop williammanley net> Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
Simon McVittie [Tue, 7 Jun 2011 13:01:39 +0000 (14:01 +0100)]
bus: use ln -fs to enable dbus in systemd, not $(LN_S)
Using $(LN_S) is inappropriate because it could in theory mean either
ln -s, ln or cp -p depending on autoconf checks.
Not using -f breaks reinstallation directly from source (DESTDIR unset),
because the symlinks will already exist.
Because systemd isn't currently portable to non-Linux, let alone
non-SUS-compliant systems, it seems safe to assume that ln -fs behaves
as specified by SUS if systemd was found.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=37870 Reviewed-by: Colin Walters <walters@verbum.org>
Simon McVittie [Mon, 6 Jun 2011 08:59:37 +0000 (09:59 +0100)]
Remove support for -Wl,--gc-sections altogether
Packagers should only enable this flag if they have confirmed that it
actually works on their toolchain (it's the sort of rarely used feature
that frequently regresses on obscure architectures/OSs without anyone
noticing), and also confirmed that it is actually a significant size win
for their configuration.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=33466 Reviewed-by: Colin Walters <walters@verbum.org>
Simon McVittie [Tue, 15 Mar 2011 15:42:56 +0000 (15:42 +0000)]
process_config_first_time_only: initialize syslog as intended.
On Linux, we previously called openlog() (with different options!) while
initializing SELinux; leave SELinux messages as LOG_USER|LOG_INFO in case
anyone was relying on that, but let the rest of our log messages come
out as LOG_DAEMON.
Also enable LOG_PERROR (copy syslog messages to stderr) unconditionally;
we can make this an autoconf check if anyone's pet Unix doesn't have
LOG_PERROR.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=35358 Reviewed-by: Colin Walters <walters@verbum.org>
Simon McVittie [Fri, 25 Feb 2011 12:49:54 +0000 (12:49 +0000)]
Check for X even if X11 autolaunching is disabled
DBUS_ENABLE_X11_AUTOLAUNCH obviously requires DBUS_BUILD_X11. However,
the converse is not true.
If DBUS_BUILD_X11 is defined, dbus-launch will be able to connect to
the X server to determine when the session ends; most distributors will
want this, but it can be disabled with the standard Autoconf option
--without-x.
If DBUS_ENABLE_X11_AUTOLAUNCH is *also* defined, dbus-launch and libdbus
will be willing to perform autolaunch. Again, most distributors will want
this, but it can be disabled with --disable-x11-autolaunch.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=19997 Reviewed-by: Colin Walters <walters@verbum.org>
Simon McVittie [Mon, 9 May 2011 17:49:54 +0000 (18:49 +0100)]
When checking for __sync_sub_and_fetch, don't underquote, to shut up recent autoconf
Without the correct number of levels of quoting, autoconf mistakenly
believes we didn't use AC_LANG_SOURCE where required. (In fact,
AC_LANG_PROGRAM calls AC_LANG_SOURCE.)
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=19681 Reviewed-by: Colin Walters <walters@verbum.org>
Doing a malloc and a hex-encoding pass just to produce a _dbus_verbose
message (i.e. a message that, in practice, nobody will see) seems like
overkill, and this block had incorrect error handling (not checking the
result of _dbus_string_init) which upsets static analysis tools.
Simon McVittie [Wed, 26 Jan 2011 18:38:01 +0000 (18:38 +0000)]
dbus_connection_dispatch: remove dead code
There's no way pending can be non-NULL here; if it was, we'd have jumped
straight past this block (getting filters from the connection), because
replies to pending calls don't go through filters.
Simon McVittie [Tue, 22 Feb 2011 13:42:46 +0000 (13:42 +0000)]
DBusNonceFile: don't always fail when use_subdir=TRUE, i.e. on Unix
In shell-like pseudocode, the desired result is:
if $use_subdir
dir = $tmpdir/dbus_nonce-$random
path = $dir/nonce
mkdir $dir
write file at $path
else
dir = $user_owned_place
path = $dir/dbus_nonce-$random
write file at $path
However, /nonce was accidentally appended to $dir instead of $path,
resulting in an attempt to mkdir /tmp/dbus_nonce-XXXX/nonce when
dbus_nonce-XXXX hadn't been created yet.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=34569 Tested-by: David Zeuthen <davidz@redhat.com> Reviewed-by: David Zeuthen <davidz@redhat.com>
Will Thompson [Fri, 12 Feb 2010 19:19:05 +0000 (19:19 +0000)]
minotaur: bail if asked to monitor >1 bus
A coworker was just tripped up by `dbus-monitor --session --system` only
monitoring the system bus. This patch would have saved him reproducing a
tricky bug several times!
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=26548 Reviewed-by: Colin Walters <walters@verbum.org> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
machine-id: fall back to reading /etc/machine-id if D-Bus machine ID is not available
Newer systemd-based systems support a global machine ID with the same
metrics as the D-Bus machine ID, but more powerful semantics (for
example on ro media) in /etc/machine-id.
If the D-Bus machine ID cannot be read, fall back to the systemd machine
ID.
This is a first step towards allowing D-Bus to be started up during
early boot where /var is not available.
[plus a whitespace fix -smcv]
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by: Colin Walters <walters@verbum.org>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=35228
Simon McVittie [Mon, 21 Feb 2011 16:23:24 +0000 (16:23 +0000)]
Don't force use of -fPIE for the dbus-daemon if apparently supported
It's a minor security benefit, but not automatically beneficial (it
enables ASLR, but breaks prelinking, some buggy toolchains, and some gdb
versions). Distributions who know their infrastructure works well can
enable it just as easily via
./configure CFLAGS="-fPIE" LDFLAGS="-pie"
without extra support from us, and that's a generic solution applicable to
many packages.
Similarly, don't force libdbus and libdbus-internal to be PIC: libtool
knows better than we do whether that's necessary/beneficial on a
particular platform.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=16621
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=27215
Bug-NB: NB#171940 Reviewed-by: Colin Walters <walters@verbum.org>
Simon McVittie [Tue, 22 Mar 2011 12:11:27 +0000 (12:11 +0000)]
Install dbus-daemon and dbus-daemon-launch-helper in the conventional way
Also remove some pointless indirection (extra_tests etc.), don't install
the unused directory $(libexecdir)/dbus-1 (we actually install the
launch helper directly into $(libexecdir)), and allow dbus_daemondir to be
set on Windows rather than forcing dbus-daemon to be installed to
$(bindir) there.
dbus_daemon_execdir has to contain "exec" so that the dbus-daemon will be
installed by "make install-exec" and not "make install-data".
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=14512 Reviewed-by: Colin Walters <walters@verbum.org>
Simon McVittie [Mon, 11 Apr 2011 11:04:19 +0000 (12:04 +0100)]
When uploading docs, use rsync -p to set permissions
It turns out that rsync --chmod means "pretend the source files had
already had this chmod operation applied to them", and not "chmod the
destination files" like you'd expect.
As a result, the -p (--perms) option is also needed, so that rsync will
"preserve" the modified permissions. Otherwise, the docs will not be
group-writeable as intended, and only the person who made the previous
upload will be able to upload them next time.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=36130 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
Colin Walters [Mon, 28 Mar 2011 17:21:35 +0000 (13:21 -0400)]
activation: Strip out code to compare by Exec=
In commit: 075945f6 (John (J5) Palmieri 2005-07-14 20:44:15 +0000
some code was added to compare services by Exec key. The changelog is
not pariticularly informative as to why this was added. But while
debugging other code, we noticed this.
Comparing by Exec key is not in the specification, and triggered a
problem where while converting services to use systemd for activation,
a change was made to use Exec=/bin/false and simply rely on systemd
to activate.
While I think it was broken for the service files to be changed
to Exec=/bin/false, we shouldn't be doing something here that's
not in the spec either.
Reviewed-by: Will Thompson <will.thompson@collabora.co.uk> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=35750
UnknownInterface, UnknownObject, UnknownProperty and PropertyReadOnly,
as discussed on the ML.
The first two are already used by various bindings, such as the Qt and
Java binding, but have never been made official.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=34527 Reviewed-by: David Zeuthen <davidz@redhat.com> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Thu, 3 Mar 2011 17:35:14 +0000 (17:35 +0000)]
Make dbus_type_is_valid into public API
This is just as useful for bindings as dbus_signature_validate, and I
think it's a good design principle to say that anything checked in a
_dbus_return_if_fail should be something the caller could check
for themselves.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=20496 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
As far as I can tell, we've never accepted out-of-range booleans and
canonicalized them, ever since this was first committed in 2004. If sent,
they'd be considered to be invalid by recipients, so they're unambiguously
an error.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=35182 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
Simon McVittie [Thu, 3 Mar 2011 16:51:56 +0000 (16:51 +0000)]
dbus_type_is_basic etc.: it is an error to pass in bad typecodes
Previously, the comments said "this function will crash", but that's not
strictly true (checks can be disabled or made non-fatal). Their behaviour
is undefined if you do that, though.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=20496 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk>
Simon McVittie [Tue, 8 Mar 2011 13:32:06 +0000 (13:32 +0000)]
Require specific user action to compile without 64-bit support
The D-Bus type system isn't implementable without 64-bit support, although
for historical reasons we have some sort of semi-working support for
platforms with no 64-bit integers. Let's find out whether any
practically relevant platform still lacks these types...
(GLib appears to have required 64-bit integer types since 2001.)
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=35114 Reviewed-by: Lennart Poettering <lennart@poettering.net>
Andre Heinecke [Mon, 7 Mar 2011 10:43:23 +0000 (11:43 +0100)]
Do not use the name ELEMENT_TYPE
On Windows Systems ELEMENT_TYPE is already defined
in Winioctl.h this header is included indirectly
in dbus-sysdeps.h. By avoiding the use of the Name
ELEMENT_TYPE it is ensured that config-parser-common.h
can be included together with dbus-sysdeps.h
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Simon McVittie [Wed, 16 Feb 2011 17:44:48 +0000 (17:44 +0000)]
dbus_message_iter_append_basic: check string-like arguments for validity
Strings: UTF-8 with no embedded NULs, by adding a new internal function,
_dbus_check_is_valid_utf8
Object paths, signatures: the obvious syntactic checks
This moves some of the burden of validation to the sender.
When sending <http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-demo.txt>
10240 times with up to 1024 parallel calls pending, on a single-core ARM
Linux device, I found that user CPU time in dbus-spam increased by up to 80%
as a result of the validation. However, when sending messages to dbus-daemon,
overall throughput only reduced by 15%, and when sending messages to an echo
service, overall throughput actually improved by around 14% (presumably
because making the sender CPU-bound influenced kernel scheduling).
Simon McVittie [Thu, 24 Feb 2011 18:57:05 +0000 (18:57 +0000)]
Allow X11 autolaunch to be disabled even if the headers/libraries are there
In an embedded system where the D-Bus session is a core part of the
environment, like Maemo, accidentally auto-launching a second session bus
(for instance for a concurrent ssh session) is a bad idea - it can lead
to a "split brain" situation where half the applications in the GUI are
using a different bus. In these controlled environments, it'd be useful
to prevent autolaunch from ever happening.
(As a side benefit, the changes to configure.in also mean that packagers
can explicitly --enable-x11-autolaunch, to make sure that failure to find
X will make compilation fail cleanly.)
Simon McVittie [Thu, 24 Feb 2011 17:17:22 +0000 (17:17 +0000)]
Give XDG_DATA_HOME priority over XDG_DATA_DIRS for servicedirs
According to the XDG Base Directory Specification, “the base directory
defined by $XDG_DATA_HOME is considered more important than any of the
base directories defined by $XDG_DATA_DIRS.” This makes it easier to
override a system service file as a normal user.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=34496 Signed-off-by: Anders Kaseorg <andersk@mit.edu> Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
projects / thirdparty / dbus.git / log
