David Herrmann [Fri, 19 Sep 2014 12:48:54 +0000 (14:48 +0200)]
terminal: add systemd-modeset debugging tool
The systemd-modeset tool is meant to debug grdev issues. It simply
displays morphing colors on any found display. This is pretty handy to
look for tearing in the backends and debug hotplug issues.
Note that this tool requires systemd-logind to be compiled from git
(there're important fixes that haven't been released, yet).
David Herrmann [Fri, 19 Sep 2014 12:13:06 +0000 (14:13 +0200)]
terminal: add grdev DRM backend
The grdev-drm backend manages DRM cards for grdev. Any DRM card with
DUMB_BUFFER support can be used. So far, our policy is to configure all
available connectors, but keep pipes inactive as long as users don't
enable the displays on top.
We hard-code double-buffering so far, but can easily support
single-buffering or n-buffering. We also require XRGB8888 as format as
this is required to be supported by all DRM drivers and it is what VTs
use. This allows us to switch from VTs to grdev via page-flips instead of
deep modesets.
There is still a lot room for improvements in this backend, but it works
smoothly so far so more enhanced features can be added later.
David Herrmann [Fri, 19 Sep 2014 12:05:52 +0000 (14:05 +0200)]
terminal: add graphics interface
The grdev layer provides graphics-device access via the
libsystemd-terminal library. It will be used by all terminal helpers to
actually access display hardware.
Like idev, the grdev layer is built around session objects. On each
session object you add/remove graphics devices as they appear and vanish.
Any device type can be supported via specific card-backends. The exported
grdev API hides any device details.
Graphics devices are represented by "cards". Those are hidden in the
session and any pipe-configuration is automatically applied. Out of those,
we configure displays which are then exported to the API user. Displays
are meant as lowest hardware entity available outside of grdev. The
underlying pipe configuration is fully hidden and not accessible from the
outside. The grdev tiling layer allows almost arbitrary setups out of
multiple pipes, but so far we only use a small subset of this. More will
follow.
A grdev-display is meant to represent real connected displays/monitors.
The upper level screen arrangements are user policy and not controlled by
grdev. Applications are free to apply any policy they want.
David Herrmann [Fri, 19 Sep 2014 11:26:39 +0000 (13:26 +0200)]
login: pause devices before acknowledging VT switches
If a session controller does not need synchronous VT switches, we allow
them to pass VT control to logind, which acknowledges all VT switches
unconditionally. This works fine with all sessions using the dbus API,
but causes out-of-sync device use if we switch to legacy sessions that
are notified via VT signals. Those are processed before logind notices
the session-switch via sysfs. Therefore, leaving the old session still
active for a short amount of time.
This, in fact, may cause the legacy session to prepare graphics devices
before the old session was deactivated, and thus, maybe causing the old
session to interfer with graphics device usage.
Fix this by releasing devices immediately before acknowledging VT
switches. This way, sessions without VT handlers are required to support
async session switching (which they do in that case, anyway).
Michal Sekletar [Thu, 24 Jul 2014 08:40:28 +0000 (10:40 +0200)]
socket: introduce SELinuxContextFromNet option
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_mls_label derived from xinetd.
David Herrmann [Thu, 18 Sep 2014 22:23:42 +0000 (00:23 +0200)]
pty: include linux/ioctl.h for TIOCSIG
TIOCSIG is linux specific, so include the linux ioctl header to make sure
it's defined. We currently rely on some rather non-obvious recursive
includes. Make sure its always defined regardless of the system headers.
When compiling we see this curl warning popping up:
src/journal-remote/journal-upload.c:194:17: warning: call to
‘_curl_easy_setopt_err_error_buffer’ declared with attribute
warning: curl_easy_setopt expects a char buffer of CURL_ERROR_SIZE
as argument for this option [enabled by default]
This patch removes the warning (which occurs twice).
Michael Marineau [Mon, 15 Sep 2014 21:07:39 +0000 (14:07 -0700)]
man: use the escape for "-" in example instead of space.
This sentence can be misread to mean that "\x20" is the escape code for
"-" which is the only character explicitly mentioned. This lead to at
least one user loosing hair over why a mount unit for "/foo/bar-baz"
didn't work. The example escape is arbitrary so lets prevent hair loss.
Robert Milasan [Sat, 13 Sep 2014 13:18:37 +0000 (15:18 +0200)]
udev: fix path for database names on 'change' event
If a device does not have a major/minor number attached, we use different
database names than if it does. On "change" events, we didn't copy the
devnum over, therefore, we used different paths than on 'add' or 'remove'
events (where devnum was properly copied).
Fix this by always copying the devnum into the udev-device.
David Herrmann [Wed, 17 Sep 2014 08:32:49 +0000 (10:32 +0200)]
bus: fix error leak in bus_node_exists()
If we call into user callbacks, we must always propagate possible errors.
Fix bus_node_exists() to do that and adjust the callers (which already
partially propagated the error).
Also speed up that function by first checking for registered enumerators
and/or object-managers.
David Herrmann [Wed, 17 Sep 2014 07:28:09 +0000 (09:28 +0200)]
bus: never respond to GetManagedObjects() on sub-paths
The dbus-spec clearly specifies that GetManagedObjects() should only work
on the root-path of an object-tree. But on that path, it works regardless
whether there are any objects available or not.
We could, technically, define all sub-paths as a root-path of its own
sub-tree. However, if we do that, we enter undefined territory:
Imagine only a fallback vtable is registered. We want
GetManagedObjects() to *NOT* fail with UNKNOWN_METHOD if it is called
on a valid sub-tree of the fallback. On the other hand, we don't want
it to work on arbitrary sub-tree. Something like:
/path/to/fallback/foobar/foobar/foobar/invalid/foobar
should not work.
However, there is no way to know which paths on a fallback are valid
without looking at there registered objects. If no objects are
registered, we have no way to figure it out.
Therefore, we now try to follow the dbus spec by only returning valid data
on registered root-paths. We treat each path as root which was registered
an object-manager on via add_object_manager(). So applications can now
directly control which paths to place an object-manager on.
We also fix the introspection to not return object-manager interfaces on
non-root paths.
Also fixes some dead-code paths initially reported by Philippe De Swert.
David Herrmann [Wed, 17 Sep 2014 07:06:49 +0000 (09:06 +0200)]
sysctl: make --prefix allow all kinds of sysctl paths
Currently, we save arguments passed as --prefix directly and compare them
later to absolute sysctl file-system paths. That is, you are required to
specify arguments to --prefix with leading /proc/sys/. This is kinda
uselesss. Furthermore, we replace dots by slashes in the name, which makes
it impossible to match on specific sysfs paths that have dots in their
name (like netdev names). The intention of this argument is clear, but it
never worked as expected.
This patch modifies --prefix to accept any kind of sysctl paths. It
supports paths prefixed with /proc/sys for compatibility (but drops the
erroneous dot->slash conversion), but instead applies normalize_sysctl()
which turns any name or path into a proper path. It then appends
/proc/sys/ so we can properly use it in matches.
Thanks to Jan Synacek <jsynacek@redhat.com> for catching this!
David Herrmann [Tue, 16 Sep 2014 21:00:26 +0000 (23:00 +0200)]
terminal: remove dead code checking O_WRONLY
We only reject evdev FDs that are O_WRONLY as they're currently pretty
useless. The following check for O_WRONLY is thus never excercised so drop
it.
Thanks to Thomas Andersen (via coverity)!
sd-bus: sd_bus_message_get_errno should only return positive errno
sd_bus_message_get_errno can currently return either a number of
different poitive errno values (from bus-error-mapping), or a negative
EINVAL if passed null as parameter.
The check for null parameter was introduced in 40ca29a1370379d43e44c0ed425eecc7218dcbca
at the same as the function was renamed from bus_message_to_errno and
made public API. Before becoming public the function used to return
only negative values.
It is weird to have a function return both positive and negative errno
and it generally looks like a mistake. The function is guarded by the
--enable-kdbus flags so I wonder if we still have time to fix it up?
It does not have any documentation yet. However, except for a few details
it is just a convenient way to call sd_bus_error_get_errno which is documented
to return only positive errno.
This patch makes it return only positive errno and fixes up the two
calls to the function that tried to cope with both positive and negative
values.
Coverity warned that we have already dereferenced ps->sample before
null-checking it. I suspect that's not really the issue and that
the check is checking the wrong variable.
Likely the oom-check should be on the just allocated ps->sample->next.
libsystemd-network: avoid double-free in error case
Don't manually free 'n' in error path as it's already tagged
_cleanup_free_ and will be freed once it goes out of scope,
leading to double-free in this case.
Tom Gundersen [Mon, 15 Sep 2014 10:04:29 +0000 (12:04 +0200)]
udev: apply permissions to static nodes before signallying READY
Processes expecting static nodes to have the right permissions may order themselves after systemd-udevd.service,
make sure that actually guarantees what is expected.
Tom Gundersen [Fri, 12 Sep 2014 14:17:00 +0000 (16:17 +0200)]
udev: drop duplicate logging
Once upon a time logging during early boot was unreliable, so extra logging messages were
sent by udev to stderr. That is no longer a concern, so drop all fprintf() calls from udved.
These are the only two places where this glibc-specific
header is included. However none of the definitions in it
seem to be used, so just remove the includes.
Michal Schmidt [Sun, 10 Aug 2014 21:35:27 +0000 (23:35 +0200)]
hashmap: minor hashmap_replace optimization
When hashmap_replace detects no such key exists yet, it calls hashmap_put that
performs the same check again. Avoid that by splitting the core of hashmap_put
into a separate function.
Michal Schmidt [Tue, 12 Aug 2014 23:00:18 +0000 (01:00 +0200)]
hashmap: introduce hash_ops to make struct Hashmap smaller
It is redundant to store 'hash' and 'compare' function pointers in
struct Hashmap separately. The functions always comprise a pair.
Store a single pointer to struct hash_ops instead.
systemd keeps hundreds of hashmaps, so this saves a little bit of
memory.
Michal Schmidt [Fri, 15 Aug 2014 14:33:03 +0000 (16:33 +0200)]
build: colorize gcc only if on tty
Rather than forcing gcc to always produce colorized error messages
whether on tty or not, enable automatic colorization by ensuring
GCC_COLORS is set to a non-empty string.
Doing it this way removes the need for workarounds in ~/.emacs or
~/.vimrc for "M-x compile" or ":make", respectively, to work.
core: smack-setup: Actually allow for succesfully loading CIPSO policy
The line under the last switch statement *loaded_policy = true;
would never be executed. As all switch cases return 0. Thus the
policy would never be marked as loaded.
David Herrmann [Thu, 11 Sep 2014 15:37:30 +0000 (17:37 +0200)]
test: fix mem-leak in fdopen() test
We must free FILE* after function return to not leak resources. Note that
this also closes our fd as fdopen() takes ownership of it.
Reported by Philippe De Swert (via coverity).
Actually unref the buscreds when we are not going to return a
pointer to them. As when bus_creds_add_more fails we immediately
return the error code otherwise and leak the new buscreds.
Found with coverity. Fixes: CID#1237761
projects / thirdparty / systemd.git / log
