diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/basic/selinux-util.c | 10 | ||||
| -rw-r--r-- | src/basic/util.h | 3 | ||||
| -rw-r--r-- | src/basic/virt.c | 6 | ||||
| -rw-r--r-- | src/core/main.c | 31 | ||||
| -rw-r--r-- | src/core/selinux-access.c | 4 |
5 files changed, 29 insertions, 25 deletions
diff --git a/src/basic/selinux-util.c b/src/basic/selinux-util.c index 7c58985cd2..a39a0f775a 100644 --- a/src/basic/selinux-util.c +++ b/src/basic/selinux-util.c @@ -199,11 +199,11 @@ int mac_selinux_get_create_label_from_exe(const char *exe, char **label) { if (!mac_selinux_use()) return -EOPNOTSUPP; - r = getcon(&mycon); + r = getcon_raw(&mycon); if (r < 0) return -errno; - r = getfilecon(exe, &fcon); + r = getfilecon_raw(exe, &fcon); if (r < 0) return -errno; @@ -225,7 +225,7 @@ int mac_selinux_get_our_label(char **label) { if (!mac_selinux_use()) return -EOPNOTSUPP; - r = getcon(label); + r = getcon_raw(label); if (r < 0) return -errno; #endif @@ -249,7 +249,7 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char * if (!mac_selinux_use()) return -EOPNOTSUPP; - r = getcon(&mycon); + r = getcon_raw(&mycon); if (r < 0) return -errno; @@ -260,7 +260,7 @@ int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char * if (!exec_label) { /* If there is no context set for next exec let's use context of target executable */ - r = getfilecon(exe, &fcon); + r = getfilecon_raw(exe, &fcon); if (r < 0) return -errno; } diff --git a/src/basic/util.h b/src/basic/util.h index 1484ef58e5..ff7a00e928 100644 --- a/src/basic/util.h +++ b/src/basic/util.h @@ -363,6 +363,9 @@ int fd_is_temporary_fs(int fd); int pipe_eof(int fd); +DEFINE_TRIVIAL_CLEANUP_FUNC(cpu_set_t*, CPU_FREE); +#define _cleanup_cpu_free_ _cleanup_(CPU_FREEp) + cpu_set_t* cpu_set_malloc(unsigned *ncpus); #define xsprintf(buf, fmt, ...) assert_se((size_t) snprintf(buf, ELEMENTSOF(buf), fmt, __VA_ARGS__) < ELEMENTSOF(buf)) diff --git a/src/basic/virt.c b/src/basic/virt.c index a8d26716a1..4a4bebd528 100644 --- a/src/basic/virt.c +++ b/src/basic/virt.c @@ -156,7 +156,8 @@ static int detect_vm_dmi(const char **_id) { "VMW\0" "vmware\0" "innotek GmbH\0" "oracle\0" "Xen\0" "xen\0" - "Bochs\0" "bochs\0"; + "Bochs\0" "bochs\0" + "Parallels\0" "parallels\0"; unsigned i; for (i = 0; i < ELEMENTSOF(dmi_vendors); i++) { @@ -244,8 +245,9 @@ int detect_vm(const char **id) { r = detect_vm_dmi(&_id); /* kvm with and without Virtualbox */ + /* Parallels exports KVMKVMKVM leaf */ if (streq_ptr(_id_cpuid, "kvm")) { - if (r > 0 && streq(_id, "oracle")) + if (r > 0 && (streq(_id, "oracle") || streq(_id, "parallels"))) goto finish; _id = _id_cpuid; diff --git a/src/core/main.c b/src/core/main.c index 2736b272dc..4cd2b08c38 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -433,25 +433,28 @@ static int config_parse_cpu_affinity2( void *data, void *userdata) { - const char *word, *state; - size_t l; - cpu_set_t *c = NULL; + const char *whole_rvalue = rvalue; + _cleanup_cpu_free_ cpu_set_t *c = NULL; unsigned ncpus = 0; assert(filename); assert(lvalue); assert(rvalue); - FOREACH_WORD_QUOTED(word, l, rvalue, state) { - char *t; - int r; + for (;;) { + _cleanup_free_ char *word = NULL; unsigned cpu; + int r; - if (!(t = strndup(word, l))) - return log_oom(); + r = extract_first_word(&rvalue, &word, WHITESPACE, EXTRACT_QUOTES); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue); + return r; + } + if (r == 0) + break; - r = safe_atou(t, &cpu); - free(t); + r = safe_atou(word, &cpu); if (!c) if (!(c = cpu_set_malloc(&ncpus))) @@ -460,23 +463,19 @@ static int config_parse_cpu_affinity2( if (r < 0 || cpu >= ncpus) { log_syntax(unit, LOG_ERR, filename, line, -r, "Failed to parse CPU affinity '%s'", rvalue); - CPU_FREE(c); return -EBADMSG; } CPU_SET_S(cpu, CPU_ALLOC_SIZE(ncpus), c); } - if (!isempty(state)) + if (!isempty(rvalue)) log_syntax(unit, LOG_ERR, filename, line, EINVAL, "Trailing garbage, ignoring."); - if (c) { + if (c) if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0) log_warning("Failed to set CPU affinity: %m"); - CPU_FREE(c); - } - return 0; } diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c index f920c2e2cd..40ca0c6166 100644 --- a/src/core/selinux-access.c +++ b/src/core/selinux-access.c @@ -246,7 +246,7 @@ int mac_selinux_generic_access_check( if (path) { /* Get the file context of the unit file */ - r = getfilecon(path, &fcon); + r = getfilecon_raw(path, &fcon); if (r < 0) { r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get file context on %s.", path); goto finish; @@ -254,7 +254,7 @@ int mac_selinux_generic_access_check( tclass = "service"; } else { - r = getcon(&fcon); + r = getcon_raw(&fcon); if (r < 0) { r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context."); goto finish; |