Daan De Meyer [Thu, 15 May 2025 13:09:27 +0000 (15:09 +0200)]
meson: Rework clang-tidy integration to be done via unit tests
Instead of using run-clang-tidy.py with its own scheduling, let's
just gather a list of source files ourselves and then use that to
add a unit test for each source file that runs clang-tidy on the
source file.
We also add a bit of logic to run clang-tidy on most header files
as well for extra coverage. This uncovered various header files that
were not standalone so this commit also includes fixes to make sure
the clang-tidy tests are all green.
We can also use this in a later commit to run clang-include-cleaner
on each source file in the same way.
Daan De Meyer [Thu, 15 May 2025 12:07:59 +0000 (14:07 +0200)]
tree-wide: Ensure source file names are unique
Let's ensure all of our source file names are unique without having
to take the directory into account.
This allows us to create meson targets or unit tests identified by the
the name of the source file they operate on without having to include
the full path of the source file in the target or test name to avoid
conflicts.
Daan De Meyer [Thu, 15 May 2025 12:52:48 +0000 (14:52 +0200)]
meson: Build fuzz executables by default if fuzz-tests option is enabled
fuzz-tests is enabled by default now but we still don't build the fuzz
executables by default. Let's change that so that we always make sure these
still compile when we make changes.
Daan De Meyer [Mon, 19 May 2025 15:41:18 +0000 (17:41 +0200)]
meson: Make sure fuzz-journal-remote is built in oss-fuzz
oss-fuzz builds with --auto-features=disabled, yet we have to make
sure all fuzzers are still built when --auto-features=disabled, so
let's always build systemd-journal-remote even if it is disabled so
that we can use its objects to build fuzz-journal-remote. Instead,
when remote=disabled, we make sure we don't installed
systemd-journal-remote.
Daan De Meyer [Thu, 15 May 2025 12:16:57 +0000 (14:16 +0200)]
meson: Extract more objects instead of compiling multiple times
Also, let's deflatten the lists of sources in preparation for the
next commit at the same time.
In systemctl, we split out systemctl-main.c to make sure the definition
of main() is in a separate object which allows us to extract the systemctl.c
object and link it in the fuzzer target without getting a multiple definition
error when linking.
Daan De Meyer [Mon, 19 May 2025 12:49:43 +0000 (14:49 +0200)]
sd-varlink: Expose sd_varlink_idl_parse()
We're planning to do code generation based on the systemd varlink
APIs. To simplify this, let's expose the IDL parser, so we can use
it to do code generation instead of having to write our own IDL
parser.
unit_gc_sweep() might try to add the unit to gc queue again.
While that becomes no-op as Unit.in_gc_queue is not cleared
yet, it induces minor inconsistency of states.
Yu Watanabe [Tue, 13 May 2025 17:56:21 +0000 (02:56 +0900)]
units: kill only udev services and keep udev sockets on switching root
This also makes initrd-cleanup.service explicitly start
initrd-switch-root.service with replace-irreversibly mode, to avoid
systemd-udevd.service being triggered by kernel events and the start
job of initrd-switch-root.service being cancelled.
Those static functions were written to support optional output params, but they
are only ever called with the output param set, and it doesn't make sense to
ever call them without the output param. Since those are internal functions,
drop this unused complexity.
C automatically casts a signed int to unsigned in binary operation with an
unsigned int. Thus that suffix is not useful. Also surrounding code doesn't use
it.
src/boot: assume that intmax_t is the biggest integer
Same as in 81d7934882ae13c64d9b08d365a0baa011cb2fbb, intmax_t by definition is
the widest int. Strictly speaking, the check whether
sizeof(intmax_t) == sizeof(long long)
in the code below is redundant, but I think it's nicer to keep it for symmetry
with the other cases.
Requested in
https://github.com/systemd/systemd/pull/37442#pullrequestreview-2840906908.
Accept=yes has very valid usecases (i.e. for sporadically invoked
services) and strong benefits (i.e. better security because connections
can be sandboxed nicely, isolating them). Let's hence reword things and
stop claiming that Accept=yes was a legacy thing, because it really
isn't.
While message IDs are about more than catalog entries (they make
messages recognizable), I think it makes sense to document at least all
those messages that indicate problems with catalog entries, in an
attempt to be helpful to users.
Let's always make sure the temporary file returned by fopen_tmpfile()
and friends is removed on failure (via _cleanup_). Conversely, make sure
that once the file is renamed into its final place, we no longer try to
remove the temporary file (since it's not going to exist anymore).
The original rules file have some rules for a device that is now
deprecated and so, are not part of this change. AFAIU, 'plugdev' is also
a thing of the past and we now use 'uaccess' which should be given to
all ID_SOFTWARE_RADIO devices. So yeah, hopefully what I have here is
equivalent to the orginal .rules.
The request for this was done here:
https://github.com/analogdevicesinc/plutosdr-fw/issues/101
Luca Boccassi [Thu, 15 May 2025 11:09:03 +0000 (12:09 +0100)]
Update hwdb (#37470)
Update hwdb, even though we are pretty far from a release in order to:
- incrementally test upstream additions to hwdb
- allow backports to stable branches
Tommy Unger [Sat, 19 Apr 2025 01:57:26 +0000 (18:57 -0700)]
test: write file from systemd service in transient unit
This integration test demonstrates that a containerized systemd instance can
write to a bind mounted file observable to the host. Specifically, the bash
script uses systemd-run to start a systemd instance as a transient unit
container. This systemd-run command bind mounts a directory the container will
share with the host, and runs an internal service which creates and writes to a
file from the container's view of this directory. When finished writing, the
service runs the exit target, terminating the internal systemd instance, and
ending the lifetime of the container.
The script waits for the container to finish running, then verifies that the
expected file contents were written on the host side of the filesystem mount.
This test employs a workaround, creating an unmasked procfs mount on the host
which enables the privileged guest to create its own mounts internally. This
may indicate a systemd bug, as the privileged container should not rely on
the existence of an unmasked procfs on the host in order to mount its own
filesystems internally.
As usual, it seems to be mostly additions and corrections.
The last update was in 0d740f4bc0f03b773264ef75eaf1233ffc89c5b2, Dec 10th. I
think it's reasonable to update the hwdb more often. In particular, I want to
push an update to the stable branches, but it should be updated in 'main'
first.
core: name socket unit instances after the socket cookie
On linux sockets have a really good, unique identifier, the SO_COOKIE,
which is used by sockdiag and BPF and elsewhere. Let's expose this more
prominently in the service name of per-connection services invoked via
Accept=yes sockets.
This is really nice, because together with our $SO_COOKIE env var we can
now match up services, process execution contexts, and "ss" outputs, BPF
rules, and more.
Mike Yuan [Mon, 14 Apr 2025 12:07:59 +0000 (14:07 +0200)]
core: always enable CPU accounting
Our baseline is v5.4 and cgroup v2 is enforced now,
which means CPU accounting is cheap everywhere without
requiring any controller, hence just remove the directive.
Daan De Meyer [Wed, 14 May 2025 21:23:31 +0000 (23:23 +0200)]
userns-restrict: Move HAVE_VMLINUX check into functions
Let's do these checks like we try to do them elsewhere, in the
function, not outside. This avoids having to declare the function
arguments twice and keeps the logic for each function together
instead of spread out across the file.
Daan De Meyer [Wed, 14 May 2025 19:41:43 +0000 (21:41 +0200)]
networkd-util: Avoid call to endswith()
Instead of recalculating the length of the string again after
reading it, let's make sd_netlink_message_read_string() return the
length of the string that we then use to check if the last character
is a dot or not.
This allows us to get rid of the string-util.h include in #37344.
Luca Boccassi [Wed, 14 May 2025 19:02:34 +0000 (20:02 +0100)]
test: fix assertion failure with CONFIG_UNIX_DIAG disabled
On OBS the build VM is heavily locked down, with network
disabled in various ways in the custom kernel, to isolate the
build, including disabling CONFIG_UNIX_DIAG.
[ 456s] /* test_af_unix_get_qlen */
[ 456s] src/test/test-socket-netlink.c:393: Assertion failed: Expected "af_unix_get_qlen(unix_fd, &q)" to succeed, but got error: No such file or directory
[ 454s] /* test_sock_diag_unix */
[ 454s] src/libsystemd/sd-netlink/test-netlink.c:727: Assertion failed: Expected "sd_netlink_call(nl, message, 0, &reply)" to succeed, but got error: No such file or directory
Daan De Meyer [Wed, 14 May 2025 16:46:58 +0000 (18:46 +0200)]
capability-util: Ignore unknown capabilities instead of aborting
capability_quintet_mangle() can be called with capability sets
containing unknown capabilities. Let's not crash when this is the
case but instead ignore the unknown capabilities.
projects / thirdparty / systemd.git / log
