| Age | Commit message (Collapse) | Author |
|---|
|
I'm assuming that it's fine if a _const_ or _pure_ function
calls assert. It is assumed that the assert won't trigger,
and even if it does, it can only trigger on the first call
with a given set of parameters, and we don't care if the
compiler moves the order of calls.
|
|
Also, always accept both our simple hexdump syntax and UUID syntax.
|
|
This adds some syntactic sugar with a macro RUN_WITH_LOCALE() that reset
the thread-specific locale temporarily.
|
|
|
|
This reverts commit 4826f0b7b5c0aefa08b8cc7ef64d69027f84da2c.
Because statfs.t_type can be int on some architecures, we have to cast
the const magic to the type, otherwise the compiler warns about
signed/unsigned comparison, because the magic can be 32 bit unsigned.
statfs(2) man page is also wrong on some systems, because
f_type is not __SWORD_TYPE on some architecures.
The following program:
int main(int argc, char**argv)
{
struct statfs s;
statfs(argv[1], &s);
printf("sizeof(f_type) = %d\n", sizeof(s.f_type));
printf("sizeof(__SWORD_TYPE) = %d\n", sizeof(__SWORD_TYPE));
printf("sizeof(long) = %d\n", sizeof(long));
printf("sizeof(int) = %d\n", sizeof(int));
if (sizeof(s.f_type) == sizeof(int)) {
printf("f_type = 0x%x\n", s.f_type);
} else {
printf("f_type = 0x%lx\n", s.f_type);
}
return 0;
}
executed on s390x gives for a btrfs:
sizeof(f_type) = 4
sizeof(__SWORD_TYPE) = 8
sizeof(long) = 8
sizeof(int) = 4
f_type = 0x9123683e
|
|
This reverts commit a858b64dddf79177e12ed30f5e8c47a1471c8bfe.
This reverts commit aea275c43194b6ac519ef907b62c5c995050fde0.
This reverts commit fc6e6d245ee3989c222a2a8cc82a33475f9922f3.
This reverts commit c4073a27c555aeceac87a3b02a83141cde641a1e.
This reverts commit cddf148028f525be8176e7f1cbbf4f862bd287f6.
This reverts commit 8c68a70170b31f93c287f29fd06c6c17edaf19ad.
The constants are now casted to __SWORD_TYPE, which should resolve the
compiler warnings about signed vs unsigned.
After talking to Kay, we concluded:
This should be fixed in the kernel, not worked around in userspace tools.
Architectures cannot use int and expect magic constants lager than INT_MAX
to work correctly. The kernel header needs to be fixed.
Even coreutils cannot handle it:
#define RAMFS_MAGIC 0x858458f6
# stat -f -c%t /
ffffffff858458f6
#define BTRFS_SUPER_MAGIC 0x9123683E
# stat -f -c%t /mnt
ffffffff9123683e
Although I found the perfect working macro to fix the thing :)
__extension__ ({ \
bool _ret = false; \
switch(f) { case c: _ret=true; }; \
( _ret ); \
})
|
|
http://lists.freedesktop.org/archives/systemd-devel/2013-April/010510.html
|
|
|
|
On some architectures (like s390x) the kernel has the type int for
f_type, but long in userspace.
Assigning the 32 bit magic constants from linux/magic.h to the 31 bit
signed f_type in the kernel, causes f_type to be negative for some
constants.
glibc extends the int to long for those architecures in 64 bit mode, so
the negative int becomes a negative long, which cannot be simply
compared to the original magic constant, because the compiler would
automatically cast the constant to long.
To workaround this issue, we also compare to the (int)MAGIC value in a
macro. Of course, we could do #ifdef with the architecure, but it has to
be maintained, and the magic constants are 32 bit anyway.
Someday, when the int is unsigned or long for all architectures, we can
remove this macro again. Until then, keep it as simple as it can be.
|
|
Instead of making a type up, just use __SWORD_TYPE, after reading
statfs(2).
Too bad, this does not fix s390x because __SWORD_TYPE is (long int) and
the kernel uses (int) to fill in the field!!!!!!
|
|
|
|
statfs.f_type is signed but the filesystem magics are unsigned.
Casting the magics to signed will not make the signed.
Problem seen on big-endian 64bit s390x with __fsword_t 8 bytes.
Casting statfs.f_type to unsigned on the other hand will get us what we
need.
https://bugzilla.redhat.com/show_bug.cgi?id=953217
|
|
|
|
There's now a generic _cleanup_ macro with an argument. The macros for
specific types are now defined using this macro, and in the header files
where they belong.
All cleanup handlers are now inline functions.
|
|
|
|
If systemd-vconsole-setup was started with LANG=C (no locale.conf), then
it would set the console to non-unicode, which is not what we want.
|
|
Make sure we compare errno against positive error codes.
The ones in hwclock.c and install.c can have an impact, the
rest are unlikely to be hit or in code that isn't widely
used.
Also check that errno > 0, to help gcc know that we are
returning a negative error code.
|
|
|
|
Avoid memory allocations to construct the path for files in the
procfs. The procfs paths are way shorter than the PATH_MAX so we
can use snprintf on a string located on the stack. This shows up
as a win on x86 using the benchmark program below.
$ make libsystemd-shared.la; gcc -O2 -Isrc/systemd/ -Isrc/ \
-o simple-perf-test simple-perf-test.c \
.libs/libsystemd-shared.a -lrt
#include "shared/util.h"
void test_once(void) {
pid_t pid = getpid();
char *tmp = NULL;
get_process_comm(pid, &tmp);
free(tmp);
tmp = NULL;
get_process_cmdline(pid, 0, 1, &tmp);
free(tmp);
is_kernel_thread(pid);
tmp = NULL;
get_process_exe(pid, &tmp);
free(tmp);
}
int main(int argc, char **argv)
{
int i;
for (i = 0; i < 50000; ++i)
test_once();
}
|
|
Fixes a memleak in error path in exec_context_load_environment.
|
|
Before, we would initialize many fields twice: first
by filling the structure with zeros, and then a second
time with the real values. We can let the compiler do
the job for us, avoiding one copy.
A downside of this patch is that text gets slightly
bigger. This is because all zero() calls are effectively
inlined:
$ size build/.libs/systemd
text data bss dec hex filename
before 897737 107300 2560 1007597 f5fed build/.libs/systemd
after 897873 107300 2560 1007733 f6075 build/.libs/systemd
… actually less than 1‰.
A few asserts that the parameter is not null had to be removed. I
don't think this changes much, because first, it is quite unlikely
for the assert to fail, and second, an immediate SEGV is almost as
good as an assert.
|
|
different umask
|
|
formatting of a numeric type
|
|
|
|
code in src/shared/macro.h only defined MAX/MIN in case
they were not defined previously. however the MAX/MIN
macros implemented in glibc are not of the "safe" kind but defined
as:
define MIN(a,b) (((a)<(b))?(a):(b))
define MAX(a,b) (((a)>(b))?(a):(b))
Avoid nasty side effects by using our own versions instead.
Also fix the warnings derived from this change.
[zj: - modify MAX3 macro to fix warning about _a shadowing _a,
- do bootchart/svg.c too,
- remove unused MIN3.]
|
|
Use _cleanup_ and wrap lines to ~80 chars and such.
|
|
This includes code to parse and split up match strings which will also
be useful to calculate bloom filter masks when the time comes.
|
|
|
|
gcc thinks that errno might be negative, and functions could return
something positive on error (-errno). Should not matter in practice,
but makes an -O4 build much quieter.
|
|
In order to write tests for the catalog functions, they
are made non-static and start taking a 'database' parameter,
which is the name of a file with the preprocessed catalog
entries.
This makes it possible to make test-catalog part of the
normal test suite, since it now only operates on files
in /tmp.
Some more tests are added.
|
|
[zj: modified to not to try to rmdir() dir we haven't created.]
|
|
The rules governing %s where just too complicated. First of
all, looking at $SHELL is dangerous. For systemd --system,
it usually wouldn't be set. But it could be set if the admin
first started a debug shell, let's say /sbin/sash, and then
launched systemd from it. This shouldn't influence how daemons
are started later on, so is better ignored. Similar reasoning
holds for session mode. Some shells set $SHELL, while other
set it only when it wasn't set previously (e.g. zsh). This
results in fragility that is better avoided by ignoring $SHELL
totally.
With $SHELL out of the way, simplify things by saying that
%s==/bin/sh for root, and the configured shell otherwise.
get_shell() is the only caller, so it can be inlined.
Fixes one issue seen with 'make check'.
|
|
|
|
gcc does not know that errno cannot be negative, and warns
about unitialized variables later on. Kill the warnings by
returning -errno only after checking that errno is positive.
|
|
No longer allow dots at the beginning or end of host names, Or double
dots.
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1152187/comments/14
|
|
/var/log/journal
If we notice that we unprivileged and not in any of the groups which
have access to /var/log/journal, print a nice message about which groups
do.
This checks and prints all groups that are in the default ACL for
/var/log/journal, which is not necessarily correct for all journal
files, but pretty close.
|
|
|
|
|
|
|
|
Currently, PrivateTmp=yes means that the service cannot see the /tmp
shared by rest of the system and is isolated from other services using
PrivateTmp, but users can access and modify /tmp as seen by the
service.
Move the private /tmp and /var/tmp directories into a 0077-mode
directory. This way unpriviledged users on the system cannot see (or
modify) /tmp as seen by the service.
|
|
All Execs within the service, will get mounted the same
/tmp and /var/tmp directories, if service is configured with
PrivateTmp=yes. Temporary directories are cleaned up by service
itself in addition to systemd-tmpfiles. Directory which is mounted
as inaccessible is created at runtime in /run/systemd.
|
|
Commit 984a2be4 failed to adjust this caller of status_printf().
|
|
|
|
|
|
This follows the suggestions from:
http://lists.freedesktop.org/archives/systemd-devel/2013-March/009363.html
|
|
|
|
Ephemeral status lines do not end with a newline and they expect to be
overwritten by the next printed status line.
|
|
|
|
Also split out some fileio functions to fileio.c and provide a SELinux
aware pendant in fileio-label.c
see https://bugzilla.redhat.com/show_bug.cgi?id=881577
|
|
order in the efivars fs is probably not useful
This also introduces a new FOREACH_DIRENT macro and makes use of it.
|
