Age | Commit message (Collapse) | Author |
|
Make sure the returned data fits the datatype we requested. Otherwise return -EIO.
Also fix a broken test that this exposed.
|
|
If a message type occurs repeatedly let the last one win.
Also, don't skip type == MAX.
Based on patch from: Susant Sahani <susant@redhat.com>
|
|
If you allocate a message with bus==NULL and then unref the main bus,
it will free your message underneath and your program will go boom!
To fix that, we really need to figure out what the semantics for
self-references (m->bus) should be and when/where/what accesses are
actually allowed.
Same is true for the pseudo-thread-safety we employ..
|
|
In sd_bus_unref() we check for self-reference loops and destruct our
queues in case we're the only reference holders. However, we do _not_
modify our own ref-count, thus effectively causing the
message-destructions to enter with the same reference count as we did.
The only reason this doesn't cause an endless recursion (or trigger
assert(m->n_ref > 0) in sd_bus_message_unref()) is the fact that we
decrease queue-counters _before_ calling _unref(). That's not obvious at
all, so add a big fat note in bus_reset_queues() to everyone touching that
code.
|
|
Like sd-bus, sd-rtnl can have self-references through queued messages. In
particular, each queued message has the following self-ref loop:
rtnl->wqueue[i]->rtnl == rtnl
Same is true for "rqueue".
When sd_rtnl_unref() gets called, we must therefore make sure we correctly
consider each self-reference when deciding to destroy the object. For each
queued message, there _might_ be one ref. However, rtnl-messages can be
created _without_ a bus-reference, therefore we need to verify the
actually required ref-count.
Once we know exactly how many self-refs exist, and we verified none of the
queued messages has external references, we can destruct the object.
We must immediately drop our own reference, then flush all queues and
destroy the bus object. Otherwise, each sd_rtnl_message_unref() call would
recurse into the same destruction logic as they enter with the same
rtnl-refcnt.
Note: We really should verify _all_ queued messages have m->rtnl set to
the bus they're queued on. If that's given, we can change:
if (REFCNT_GET(rtnl->n_ref) <= refs)
to
if (REFCNT_GET(rtnl->n_ref) == refs)
and thus avoid recalculating the required refs for each message we
remove from the queue during destruction.
|
|
A terminated connection is a runtime error and not a developer mistake,
hence don't use assert_return() to check for it.
|
|
|
|
|
|
|
|
Add a new config 'Activating' directive which denotes whether a busname
is actually registered on the bus. It defaults to 'yes'.
If set to 'no', the .busname unit only uploads policy, which will remain
active as long as the unit is running.
|
|
messages queued for it
This way we can be sure that the service the messages are ultimately
intended for finds all fields it might need.
|
|
|
|
negotiate it, refuse to take it
This makes sure we don't mishandle if developers specificy a different
AcceptFileDescriptors= setting in .busname units then they set for the
bus connection in the activated program.
|
|
AcceptFD= defaults to true, thus making sure that by default fd passing
is enabled for all activatable names. Since for normal bus connections
fd passing is enabled too by default this makes sure fd passing works
correctly regardless whether a service is already activated or not.
Making this configurable on both busname units and in bus connections is
messy, but unavoidable since busnames are established and may queue
messages before the connection feature negotiation is done by the
service eventually activated. Conversely, feature negotiation on bus
connections takes place before the connection acquires its names.
Of course, this means developers really should make sure to keep the
settings in .busname units in sync with what they later intend to
negotiate.
|
|
|
|
safe_close() automatically becomes a NOP when a negative fd is passed,
and returns -1 unconditionally. This makes it easy to write lines like
this:
fd = safe_close(fd);
Which will close an fd if it is open, and reset the fd variable
correctly.
By making use of this new scheme we can drop a > 200 lines of code that
was required to test for non-negative fds or to reset the closed fd
variable afterwards.
|
|
After all, it is ultimately linked to libsystems.so anyway, thus belongs
there and shares very little with the rest of logind, hence let's move
this away.
|
|
peers
This is supposed to be an extension of SO_PEERCRED and SO_PEERSEC,
except for cgroup information.
|
|
|
|
addition to the host
|
|
GCC optimizes strlen("string constant") to a constant, even with -O0.
Thus, replace patterns like sizeof("string constant")-1 with
strlen("string constant") where possible, for clarity. In particular,
for expressions intended to add up the lengths of components going into
a string, this often makes it clearer that the expression counts the
trailing '\0' exactly once, by putting the +1 for the '\0' at the end of
the expression, rather than hidden in a sizeof in the middle of the
expression.
|
|
Otherwise the sequence number of a broadcast may match the sequence number of a
pending unicast message and cause confusion.
|
|
Use RTM_SETLINK to update an existing link.
|
|
It's kinda pointless to include a unix fd header field in messages if it
carries the value 0, but let's do this anyway...
|
|
own callback
|
|
cookie hash table access
This broke hashtable lookups for the message cookies on s390x, which is
a 64bit BE machine where accessing 32bit values as 64bit and vice versa
will explode.
Also, while we are at it, be a bit more careful when dealing with the
64bit cookies we expose and the 32bit serial numbers dbus uses in its
payload.
Problem identified by Fridrich Strba.
|
|
|
|
|
|
sd_bus_path_{encode,decode}()
The new calls work similarly, but enforce a that a common, fixed bus
path prefix is used.
This follows discussions with Simon McVittie on IRC that it should be a
good idea to make sure that people don't use the escaping applied here
too wildly as anything other than the last label of a bus path.
|
|
|
|
For large values of item->size, the 'part' pointer can wrap around,
which results in an illegal pointer, but currently passes the for-loop
condition.
|
|
|
|
Activator connections may upload policy when registering to the bus.
This patch contains code to translate between BusNamePolicy objects and
the kdbus specific items.
|
|
Bring kdbus.h in sync with recent policy related changes. Most notably,
KDBUS_MAKE_POLICY_OPEN is now gone. The rest doesn't matter for systemd
at this point, as the policy functionality was not yet used.
|
|
This patch introduces reading ethernet address and IPV4/IPv6
as well which is based on table based look up.
[tomegun: rename read_ether() to read_ether_addr() to match the append function.]
|
|
|
|
With the new sd_rtnl_message_read_string(), there is no longer a need for
rtnl_message_get_ifname().
|
|
This patch introduces new netlink attribute parsing logic
which is table based lookup and sd_rtnl_message_read_*
methods for reading attributes. By doing this user does not
have to loop for the attribute values . Only providing the
attribute type it gets the attribute values which is optimized
and sd_rtnl_message_read_* methods are simplified.
|
|
We need a separate container_enter() function, which will be part of a largerg
API change. For now, just fix message_read().
|
|
|
|
|
|
for the unit that is created
The code for parsing these properties is shared with "systemctl
set-property", which means all the resource control settings are
immediately available.
|
|
This mirrors set_consume and makes the common use a bit nicer.
|
|
Implements IPv4LL with respect to RFC 3927
(http://tools.ietf.org/rfc/rfc3927.txt) and integrates it
with networkd. Majority of the IPv4LL state machine is
taken from avahi (http://avahi.org/) project's autoip.
IPv4LL can be enabled by IPv4LL=yes under [Network]
section of .network file.
IPv4LL works independent of DHCP but if DHCP lease is
aquired, then LL address will be dropped.
[tomegun: removed a trailing newline and a compiler warning]
|
|
|
|
This is primarily useful for services that need to track clients which
reference certain objects they maintain, or which explicitly want to
subscribe to certain events. Something like this is done in a large
number of services, and not trivial to do. Hence, let's unify this at
one place.
This also ports over PID 1 to use this to ensure that subscriptions to
job and manager events are correctly tracked. As a side-effect this
makes sure we properly serialize and restore the track list across
daemon reexec/reload, which didn't work correctly before.
This also simplifies how we distribute messages to broadcast to the
direct busses: we only track subscriptions for the API bus and
implicitly assume that all direct busses are subscribed. This should be
a pretty OK simplification since clients connected via direct bus
connections are shortlived anyway.
|
|
|
|
This partially reverts 41a55c46ab8fb4ef6727434227071321fc762cce
Some specifications we want to stay compatibility actually document
/var/run, not /run, and we should stay compatible with that. In order to
make sure our D-Bus implementation works on any system, regardless if
running systemd or not, we should always use /var/run which is the
only path mandated by the D-Bus spec.
Similar, glibc hardcodes the utmp location to /var/run, and this is
exposed in _UTMP_PATH in limits.h, hence let's stay in sync with this
public API, too.
We simply do not support systems where /var/run is not a symlink → /run.
Hence both are equivalent. Staying compatible with upstream
specifications hence weighs more than cleaning up superficial
appearance.
|
|
/run was already used almost everywhere, fix the remaining places
for consistency.
|
|
container
|