diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/basic/selinux-util.c | 10 | ||||
| -rw-r--r-- | src/basic/util.h | 3 | ||||
| -rw-r--r-- | src/basic/virt.c | 6 | ||||
| -rw-r--r-- | src/core/main.c | 31 | ||||
| -rw-r--r-- | src/core/selinux-access.c | 4 | 
5 files changed, 29 insertions, 25 deletions
| diff --git a/src/basic/selinux-util.c b/src/basic/selinux-util.c index 7c58985cd2..a39a0f775a 100644 --- a/src/basic/selinux-util.c +++ b/src/basic/selinux-util.c @@ -199,11 +199,11 @@ int mac_selinux_get_create_label_from_exe(const char *exe, char **label) {          if (!mac_selinux_use())                  return -EOPNOTSUPP; -        r = getcon(&mycon); +        r = getcon_raw(&mycon);          if (r < 0)                  return -errno; -        r = getfilecon(exe, &fcon); +        r = getfilecon_raw(exe, &fcon);          if (r < 0)                  return -errno; @@ -225,7 +225,7 @@ int mac_selinux_get_our_label(char **label) {          if (!mac_selinux_use())                  return -EOPNOTSUPP; -        r = getcon(label); +        r = getcon_raw(label);          if (r < 0)                  return -errno;  #endif @@ -249,7 +249,7 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *          if (!mac_selinux_use())                  return -EOPNOTSUPP; -        r = getcon(&mycon); +        r = getcon_raw(&mycon);          if (r < 0)                  return -errno; @@ -260,7 +260,7 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *          if (!exec_label) {                  /* If there is no context set for next exec let's use context                     of target executable */ -                r = getfilecon(exe, &fcon); +                r = getfilecon_raw(exe, &fcon);                  if (r < 0)                          return -errno;          } diff --git a/src/basic/util.h b/src/basic/util.h index 1484ef58e5..ff7a00e928 100644 --- a/src/basic/util.h +++ b/src/basic/util.h @@ -363,6 +363,9 @@ int fd_is_temporary_fs(int fd);  int pipe_eof(int fd); +DEFINE_TRIVIAL_CLEANUP_FUNC(cpu_set_t*, CPU_FREE); +#define _cleanup_cpu_free_ _cleanup_(CPU_FREEp) +  cpu_set_t* cpu_set_malloc(unsigned *ncpus);  #define xsprintf(buf, fmt, ...) assert_se((size_t) snprintf(buf, ELEMENTSOF(buf), fmt, __VA_ARGS__) < ELEMENTSOF(buf)) diff --git a/src/basic/virt.c b/src/basic/virt.c index a8d26716a1..4a4bebd528 100644 --- a/src/basic/virt.c +++ b/src/basic/virt.c @@ -156,7 +156,8 @@ static int detect_vm_dmi(const char **_id) {                  "VMW\0"                   "vmware\0"                  "innotek GmbH\0"          "oracle\0"                  "Xen\0"                   "xen\0" -                "Bochs\0"                 "bochs\0"; +                "Bochs\0"                 "bochs\0" +                "Parallels\0"             "parallels\0";          unsigned i;          for (i = 0; i < ELEMENTSOF(dmi_vendors); i++) { @@ -244,8 +245,9 @@ int detect_vm(const char **id) {          r = detect_vm_dmi(&_id);          /* kvm with and without Virtualbox */ +        /* Parallels exports KVMKVMKVM leaf */          if (streq_ptr(_id_cpuid, "kvm")) { -                if (r > 0 && streq(_id, "oracle")) +                if (r > 0 && (streq(_id, "oracle") || streq(_id, "parallels")))                          goto finish;                  _id = _id_cpuid; diff --git a/src/core/main.c b/src/core/main.c index 2736b272dc..4cd2b08c38 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -433,25 +433,28 @@ static int config_parse_cpu_affinity2(                  void *data,                  void *userdata) { -        const char *word, *state; -        size_t l; -        cpu_set_t *c = NULL; +        const char *whole_rvalue = rvalue; +        _cleanup_cpu_free_ cpu_set_t *c = NULL;          unsigned ncpus = 0;          assert(filename);          assert(lvalue);          assert(rvalue); -        FOREACH_WORD_QUOTED(word, l, rvalue, state) { -                char *t; -                int r; +        for (;;) { +                _cleanup_free_ char *word = NULL;                  unsigned cpu; +                int r; -                if (!(t = strndup(word, l))) -                        return log_oom(); +                r = extract_first_word(&rvalue, &word, WHITESPACE, EXTRACT_QUOTES); +                if (r < 0) { +                        log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue); +                        return r; +                } +                if (r == 0) +                        break; -                r = safe_atou(t, &cpu); -                free(t); +                r = safe_atou(word, &cpu);                  if (!c)                          if (!(c = cpu_set_malloc(&ncpus))) @@ -460,23 +463,19 @@ static int config_parse_cpu_affinity2(                  if (r < 0 || cpu >= ncpus) {                          log_syntax(unit, LOG_ERR, filename, line, -r,                                     "Failed to parse CPU affinity '%s'", rvalue); -                        CPU_FREE(c);                          return -EBADMSG;                  }                  CPU_SET_S(cpu, CPU_ALLOC_SIZE(ncpus), c);          } -        if (!isempty(state)) +        if (!isempty(rvalue))                  log_syntax(unit, LOG_ERR, filename, line, EINVAL,                             "Trailing garbage, ignoring."); -        if (c) { +        if (c)                  if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)                          log_warning("Failed to set CPU affinity: %m"); -                CPU_FREE(c); -        } -          return 0;  } diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c index f920c2e2cd..40ca0c6166 100644 --- a/src/core/selinux-access.c +++ b/src/core/selinux-access.c @@ -246,7 +246,7 @@ int mac_selinux_generic_access_check(          if (path) {                  /* Get the file context of the unit file */ -                r = getfilecon(path, &fcon); +                r = getfilecon_raw(path, &fcon);                  if (r < 0) {                          r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get file context on %s.", path);                          goto finish; @@ -254,7 +254,7 @@ int mac_selinux_generic_access_check(                  tclass = "service";          } else { -                r = getcon(&fcon); +                r = getcon_raw(&fcon);                  if (r < 0) {                          r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context.");                          goto finish; | 
