Merge remote-tracking branch 'systemd/systemd'#1
Merged
taskset merged 668 commits intotaskset:masterfrom Feb 7, 2020
Merged
Conversation
SendHostname= appears twice in the list of variables ignored by Anonymize=.
The compatibility issue in meson v0.53 has been fixed in v0.53.1, which is already available through pip, so let's remove the pin for meson introduced before. Reverts: 5147936
Fixes #14657.
Also, Q creates directories (same as v), so update the example accordingly.
``` ninja -C build ninja: Entering directory `build' [29/101] Generating systemd_boot.so with a custom command. FAILED: src/boot/efi/systemd_boot.so /usr/bin/ld -o src/boot/efi/systemd_boot.so -T /usr/lib64/gnuefi/elf_x64_efi.lds -shared -Bsymbolic -nostdlib -znocombreloc -L /usr/lib64 /usr/lib64/gnuefi/crt0-efi-x64.o src/boot/efi/disk.c.o src/boot/efi/graphics.c.o src/boot/efi/measure.c.o src/boot/efi/pe.c.o src/boot/efi/util.c.o src/boot/efi/boot.c.o src/boot/efi/console.c.o src/boot/efi/crc32.c.o src/boot/efi/random-seed.c.o src/boot/efi/sha256.c.o src/boot/efi/shim.c.o -lefi -lgnuefi /usr/lib/gcc/x86_64-redhat-linux/10/libgcc.a /usr/bin/ld: src/boot/efi/graphics.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/pe.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/util.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/boot.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/console.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/random-seed.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here /usr/bin/ld: src/boot/efi/shim.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: multiple definition of `loader_guid'; src/boot/efi/disk.c.o:/home/sus/tt/systemd/build/../src/boot/efi/util.h:58: first defined here [31/101] Generating stub.c.o with a custom command. ninja: build stopped: subcommand failed. make: *** [Makefile:2: all] Error 1 ```
Protect clock
There's a race condition in the sysuser test where it may try to read entries from the journal before they are available. Fix it by adding a `journalctl --sync` call. BugLink: https://bugs.launchpad.net/bugs/1776654
The following commit adds 'sector-size' line to the output of sfdisk command: util-linux/util-linux@e56ca06 Fixes #14664.
network: accept NUL character in SendOption=
networkd uses khash, and khash requires AF_ALG.
boot: parse random-seed-mode
add polkit hookup for VT switching in logind
network: fix reconfigure
Fixes #14786. I think it is enough if we provide the link to SPI which sports a prominent paypal link too.
Follow-up for 6374862.
network: Allow to specify multiple IPv6Token for SLAAC
Inside format_bytes, we return NULL if the value is UINT64_MAX. This
makes some kind of sense where this has some other semantic meaning than
being a value, but in this case the value is both a.) not the default
(so we definitely want to display it), and b.) means "infinity" (or
"max" in cgroup terminology).
This patch adds a small wrapper around format_bytes that can be used for
these cases, to avoid the following situation:
[root@tangsanjiao ~]# cat /sys/fs/cgroup/workload.slice/memory.low
max
[root@tangsanjiao ~]# systemctl show workload.slice -p MemoryLow
MemoryLow=infinity
[root@tangsanjiao ~]# systemctl status workload.slice | grep low:
Memory: 14.9G (low: (null))
After the patch:
[root@tangsanjiao ~]# systemctl status workload.slice | grep low:
Memory: 15.1G (low: infinity)
See c80a9a3, target units can't fail. I guess we need to figure out some replacement functionality, but at least let's avoid the warning from systemd for now.
…we've setup inotify watch Fixes #14695
This commit fixes a minor typo: "setttings" -> "settings".
If we check length of 'a', we must do the same for 'b'.
… bind-mounting Let systemd create the dummy file where a device node will be mounted on with the default label for the parent directory (e.g. /tmp/namespace-dev-yTMwAe/dev/). Fixes: #13762
Consider aliases in /usr when disabling units
test-ask-password-api would crash if ^D was pressed. If think the callers generally expect a non-empty strv as reply. Let's return an error if we have nothing to return. Also modernize test-ask-password-api a bit.
For #8495: it is arguably useful to not show the length of the password in public spaces. It is possible to press TAB or BS to cancel the asterisks, but this is not very discoverable. Let's make it discoverable by showing a message (in gray). The message is "erased" after the first character is entered.
Fixes #14801.
ask-password: give a hint to cancel echo
Fixes CID#1417440 and CID#1417438.
Follow-up for ca58d00. I messed up the "ing" suffix in the regex when doing the initial patch.
../src/core/selinux-access.c: In function ‘mac_selinux_generic_access_check’:
../src/basic/log.h:223:27: error: ‘%s’ directive argument is null [-Werror=format-overflow=]
../src/core/selinux-access.c:235:85: note: format string is defined here
235 | log_warning_errno(errno, "SELinux getcon_raw failed (tclass=%s perm=%s): %m", tclass, permission);
| ^~
I wonder why nobody ever noticed this.
Fixes #14691 (other issues listed in that ticket have already been fixed).
Instead of setting the bus error structure and then freeing it, let's only set it if used. If we will ignore the selinux denial, say ", ignore" to make this clear. Also, use _cleanup_ to avoid gotos.
Rename follow-up and gcc warning fix
Enables autosuspend for the following:
- Microchip (Composite HID + CDC)
- i915
- proc_thermal
- xchi_hdc
- snd_hda
- pcieport
- lpc_ich
- iosf_mbi_pci
- Realtek RTL8822C BT
9e48626 added some new syscalls to the filter lists. However, on systems that do not yet support the new calls, running systemd-run with the filter set results in error: ``` $ sudo systemd-run -t -r -p "SystemCallFilter=~@mount" /bin/true Failed to start transient service unit: Invalid argument ``` Having the same properties in a unit file will start the service without issue. This is because the load-fragment code will parse the syscall filters in permissive mode: https://github.com/systemd/systemd/blob/master/src/core/load-fragment.c#L2909 whereas the dbus-execute equivalent of the code does not. Since the permissive mode appears to be the right setting to support older kernels/libseccomp, this will update the dbus-execute parsing to also be permissive.
taskset
pushed a commit
that referenced
this pull request
Sep 5, 2020
"Linux" conflicts /efi/Linux when /efi is the install location. /efi/Linux is already reserved for unified kernel images so we can't use it for type #1 images. Instead, we use "Default".
taskset
added a commit
that referenced
this pull request
Sep 15, 2020
The stack is as follows:
(gdb) bt
#0 0x00007f644f19e8c7 in kill () from /lib64/libc.so.6
#1 0x00005556566edcdd in crash (sig=6) at src/core/main.c:206
#2 <signal handler called>
#3 0x00007f644f19e5f7 in raise () from /lib64/libc.so.6
systemd#4 0x00007f644f19fce8 in abort () from /lib64/libc.so.6
systemd#5 0x0000555656756882 in log_assert_failed (text=text@entry=0x5556567fc545 "dev_autofs_fd >= 0",
file=file@entry=0x5556567fc3b4 "src/core/automount.c", line=line@entry=370,
func=func@entry=0x5556567fd0b4 <__PRETTY_FUNCTION__.17397> "open_ioctl_fd") at src/shared/log.c:754
systemd#6 0x00005556567b064a in open_ioctl_fd (dev_autofs_fd=-1, where=<optimized out>, devid=<optimized out>) at src/core/automount.c:370
systemd#7 0x00005556567b10f6 in automount_send_ready (a=a@entry=0x555656b79110, tokens=0x555656c8b560, status=status@entry=0)
at src/core/automount.c:469
systemd#8 0x00005556567b360e in automount_update_mount (a=0x555656b79110, old_state=old_state@entry=MOUNT_DEAD, state=state@entry=MOUNT_MOUNTED)
at src/core/automount.c:509
systemd#9 0x00005556567ac9e8 in mount_notify_automount (state=MOUNT_MOUNTED, old_state=MOUNT_DEAD, m=0x555656b77000) at src/core/mount.c:588
systemd#10 mount_set_state (m=m@entry=0x555656b77000, state=MOUNT_MOUNTED) at src/core/mount.c:619
systemd#11 0x00005556567ad068 in mount_coldplug (u=0x555656b77000, deferred_work=<optimized out>) at src/core/mount.c:671
systemd#12 0x000055565679c589 in unit_coldplug (u=0x555656b77000, deferred_work=deferred_work@entry=0x555656d3e070) at src/core/unit.c:2886
systemd#13 0x00005556566f031e in manager_coldplug (m=m@entry=0x555656ac5980) at src/core/manager.c:1125
systemd#14 0x00005556566f4a7a in manager_startup (m=0x555656ac5980, serialization=0x555656ac5230, fds=<optimized out>) at src/core/manager.c:1288
systemd#15 0x00005556566ea4e3 in main (argc=4, argv=0x7ffe78ac9848) at src/core/main.c:1798
(gdb) frame 7
at src/core/automount.c:469
469 ioctl_fd = open_ioctl_fd(UNIT(a)->manager->dev_autofs_fd, a->where, a->dev_id);
(gdb) p *a
$1 = {meta = {manager = 0x555656ac5980, type = UNIT_AUTOMOUNT, load_state = UNIT_LOADED, merged_into = 0x0,
id = 0x555656b29ce0 "proc-sys-fs-binfmt_misc.automount", instance = 0x0, names = 0x555656b79450, dependencies = {0x555656b78500, 0x0, 0x0,
0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x555656b794f0, 0x0, 0x0, 0x0, 0x0, 0x555656b76980, 0x555656b784c0, 0x0, 0x555656b76710, 0x0, 0x0, 0x0, 0x0,
0x555656b769f0, 0x555656b79530}, requires_mounts_for = 0x555656b76750,
description = 0x555656b76eb0 "Arbitrary Executable File Formats File System Automount Point", documentation = 0x555656b76960,
fragment_path = 0x555656b6e540 "/usr/lib/systemd/system/proc-sys-fs-binfmt_misc.automount", source_path = 0x0, dropin_paths = 0x0,
fragment_mtime = 1595213181000000, source_mtime = 0, dropin_mtime = 0, job = 0x0, nop_job = 0x0, job_timeout = 0,
job_timeout_action = EMERGENCY_ACTION_NONE, job_timeout_reboot_arg = 0x0, refs_by_target = 0x0, conditions = 0x555656b769c0, asserts = 0x0,
condition_timestamp = {realtime = 1591608832758220, monotonic = 70060990954163}, assert_timestamp = {realtime = 1591608832758232,
monotonic = 70060990954175}, inactive_exit_timestamp = {realtime = 1591608832758666, monotonic = 70060990954609}, active_enter_timestamp = {
realtime = 1591608832758666, monotonic = 70060990954609}, active_exit_timestamp = {realtime = 1591608832758141,
monotonic = 70060990954084}, inactive_enter_timestamp = {realtime = 1591608832758141, monotonic = 70060990954084}, slice = {source = 0x0,
target = 0x0, refs_by_target_next = 0x0, refs_by_target_prev = 0x0}, units_by_type_next = 0x0, units_by_type_prev = 0x0,
has_requires_mounts_for_next = 0x0, has_requires_mounts_for_prev = 0x0, load_queue_next = 0x0, load_queue_prev = 0x0, dbus_queue_next = 0x0,
dbus_queue_prev = 0x0, cleanup_queue_next = 0x0, cleanup_queue_prev = 0x0, gc_queue_next = 0x555656b78840, gc_queue_prev = 0x555656b796c0,
cgroup_queue_next = 0x0, cgroup_queue_prev = 0x0, target_deps_queue_next = 0x0, target_deps_queue_prev = 0x0, pids = 0x0, sigchldgen = 0,
gc_marker = 0, auto_stop_ratelimit = {interval = 10000000, begin = 0, burst = 16, num = 0}, deserialized_job = -1, load_error = 0,
unit_file_state = _UNIT_FILE_STATE_INVALID, unit_file_preset = -1, cgroup_path = 0x0, cgroup_realized_mask = 0, cgroup_subtree_mask = 0,
cgroup_members_mask = 0, on_failure_job_mode = JOB_REPLACE, stop_when_unneeded = false, default_dependencies = false,
refuse_manual_start = false, refuse_manual_stop = false, allow_isolate = false, ignore_on_isolate = true, ignore_on_snapshot = false,
condition_result = true, assert_result = true, transient = false, in_load_queue = false, in_dbus_queue = false, in_cleanup_queue = false,
in_gc_queue = true, in_cgroup_queue = false, in_target_deps_queue = false, sent_dbus_new_signal = true, no_gc = false, in_audit = false,
cgroup_realized = false, cgroup_members_mask_valid = true, cgroup_subtree_mask_valid = true}, state = AUTOMOUNT_DEAD,
deserialized_state = AUTOMOUNT_RUNNING, where = 0x555656b76fd0 "/proc/sys/fs/binfmt_misc", timeout_idle_usec = 0, pipe_fd = 24,
pipe_event_source = 0x0, directory_mode = 493, dev_id = 1048609, tokens = 0x555656c8b560, expire_tokens = 0x0, expire_event_source = 0x0,
result = AUTOMOUNT_SUCCESS}
Fix it by processing manager->dev_autofs_fd before calling open_ioctl_fd.
taskset
pushed a commit
that referenced
this pull request
Nov 6, 2020
This lets the libc/xcrypt allocate as much storage area as it needs. Should fix systemd#16965: testsuite-46.sh[74]: ==74==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7f3e972e1080 at pc 0x7f3e9be8deed bp 0x7ffce4f28530 sp 0x7ffce4f27ce0 testsuite-46.sh[74]: WRITE of size 131232 at 0x7f3e972e1080 thread T0 testsuite-46.sh[74]: #0 0x7f3e9be8deec (/usr/lib/clang/10.0.1/lib/linux/libclang_rt.asan-x86_64.so+0x9feec) testsuite-46.sh[74]: #1 0x559cd05a6412 in user_record_make_hashed_password /systemd-meson-build/../build/src/home/user-record-util.c:818:21 testsuite-46.sh[74]: #2 0x559cd058fb03 in create_home /systemd-meson-build/../build/src/home/homectl.c:1112:29 testsuite-46.sh[74]: #3 0x7f3e9b5b3058 in dispatch_verb /systemd-meson-build/../build/src/shared/verbs.c:103:24 testsuite-46.sh[74]: systemd#4 0x559cd058c101 in run /systemd-meson-build/../build/src/home/homectl.c:3325:16 testsuite-46.sh[74]: systemd#5 0x559cd058c00a in main /systemd-meson-build/../build/src/home/homectl.c:3328:1 testsuite-46.sh[74]: systemd#6 0x7f3e9a88b151 in __libc_start_main (/usr/lib/libc.so.6+0x28151) testsuite-46.sh[74]: systemd#7 0x559cd0583e7d in _start (/usr/bin/homectl+0x24e7d) testsuite-46.sh[74]: Address 0x7f3e972e1080 is located in stack of thread T0 at offset 32896 in frame testsuite-46.sh[74]: #0 0x559cd05a60df in user_record_make_hashed_password /systemd-meson-build/../build/src/home/user-record-util.c:789 testsuite-46.sh[74]: This frame has 6 object(s): testsuite-46.sh[74]: [32, 40) 'priv' (line 790) testsuite-46.sh[74]: [64, 72) 'np' (line 791) testsuite-46.sh[74]: [96, 104) 'salt' (line 809) testsuite-46.sh[74]: [128, 32896) 'cd' (line 810) testsuite-46.sh[74]: [33152, 33168) '.compoundliteral' <== Memory access at offset 32896 partially underflows this variable testsuite-46.sh[74]: [33184, 33192) 'new_array' (line 832) <== Memory access at offset 32896 partially underflows this variable testsuite-46.sh[74]: HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork testsuite-46.sh[74]: (longjmp and C++ exceptions *are* supported) testsuite-46.sh[74]: SUMMARY: AddressSanitizer: stack-buffer-overflow (/usr/lib/clang/10.0.1/lib/linux/libclang_rt.asan-x86_64.so+0x9feec) It seems 'struct crypt_data' is 32896 bytes, but libclang_rt wants more, at least 33168?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.