Age | Commit message (Collapse) | Author |
|
|
|
For the library functions we expose we currently repeatedly use checks
like the following:
if (!value_is_ok(parameter1))
return -EINVAL;
if (!value_is_ok(parameter2))
return -EINVAL;
And so on. Let's turn this into a macro:
assert_return(value_is_ok(parameter1), -EINVAL);
assert_return(value_is_ok(paramater2), -EINVAL);
This makes our code a bit shorter and simpler, and also allows us to add
a _unlikely_() around the check.
|
|
In order to improve energy consumption we should minimize our wake-ups
when handling timers. Hence, for each timer take an accuracy value and
schedule the actual wake-up time somewhere between the specified time
and the specified timer plus the accuracy.
The specified time of timer event sources hence becomes the time the
handler is called the *earliest*, and the specified time plus the accuracy
the time by which it is called the *latest*, leaving the library the
freedom to schedule the wake-up somewhere inbetween.
If the accuracy is specified as 0 the default of 250ms will be used.
When scheduling timeouts we will now try to elapse them at the same
point within each second, across the entire system. We do this by using
a fixed perturbation value keyed off the boot id. If this point within a
second is not in the acceptable range, we try again with a fixed time
within each 250ms time step. If that doesn't work either, we wake up at
the last possible time.
|
|
|
|
Always cache the results, and bypass low-level security calls when the
respective subsystem is not enabled.
|
|
So far we tried to use epoll directly wherever we needed an event loop.
However, that has various shortcomings, such as the inability to handle
larger amounts of timers (since each timerfd costs one fd, which is a
very limited resource, usually bounded to 1024), and inability to do
priorisation between multiple queued events.
Let's add a minimal event loop API around epoll that is suitable for
implementation of our own daemons and maybe one day can become public
API for those who desire it.
This loop is part of libsystemd-bus, but may be used independently of
it.
|
|
00000000 46 42 50 54 38 00 00 00 02 00 30 02 00 00 00 00 |FBPT8.....0.....|
00000010 23 45 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |#E..............|
00000020 f5 6a 51 00 00 00 00 00 00 00 00 00 00 00 00 00 |.jQ.............|
00000030 00 00 00 00 00 00 00 00 70 74 61 6c 58 00 00 00 |........ptalX...|
|
|
Since on most systems with xattr systemd will compile with Smack
support enabled, we still attempt to mount various fs's with
Smack-only options.
Before mounting any of these Smack-related filesystems with
Smack specific mount options, check if Smack is functionally
active on the running kernel.
If Smack is really enabled in the kernel, all these Smack mounts
are now *fatal*, as they should be.
We no longer mount smackfs if systemd was compiled without
Smack support. This makes it easier to make smackfs mount
failures a critical error when Smack is enabled.
We no longer mount these filesystems with their Smack specific
options inside containers. There these filesystems will be
mounted with there non-mount smack options for now.
|
|
|
|
Triggered false negatives when encoding a string which needed every
character to be escaped, e.g. "LABEL=/".
|
|
|
|
|
|
We were already creating the file if it was missing, and this way
containers can reconfigure the file without running into problems.
This also makes resolv.conf handling more alike to handling of
/etc/localtime, which is also not a bind mount.
|
|
|
|
|
|
|
|
|
|
|
|
This allows us to get rid of the dep on libsystemd-label for cgroup
management.
https://bugs.freedesktop.org/show_bug.cgi?id=69966
|
|
|
|
Let read()/write() report any error/EOF.
|
|
Instead of fixing the hashmap bucket array to 127 entries dynamically
size it, starting with a smaller one of 31. As soon as a fill level of
75% is reached, quadruple the size, and so on.
This should siginficantly optimize the lookup time in large tables
(from O(n) back to O(1)), and save memory on smaller tables (which most
are).
|
|
Also, we need to use proper strv_env_xyz() calls when putting together
the environment array, since otherwise settings won't be properly
overriden.
And let's get rid of strv_appendf(), is overkill and there was only one
user.
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=69887
Based-on-a-patch-by: Hans Petter Jansson <hpj@copyleft.no>
|
|
Previously to automatically create dependencies between mount units we
matched every mount unit agains all others resulting in O(n^2)
complexity. On setups with large amounts of mount units this might make
things slow.
This change replaces the matching code to use a hashtable that is keyed
by a path prefix, and points to a set of units that require that path to
be around. When a new mount unit is installed it is hence sufficient to
simply look up this set of units via its own file system paths to know
which units to order after itself.
This patch also changes all unit types to only create automatic mount
dependencies via the RequiresMountsFor= logic, and this is exposed to
the outside to make things more transparent.
With this change we still have some O(n) complexities in place when
handling mounts, but that's currently unavoidable due to kernel APIs,
and still substantially better than O(n^2) as before.
https://bugs.freedesktop.org/show_bug.cgi?id=69740
|
|
root dir
|
|
Also add PATH_FOREACH_PREFIX_MORE which includes the specified dir
itself in the iteration
|
|
|
|
Syntactic sugar in a macro PATH_FOREACH_PREFIX.
|
|
controllers
Previously we did operations like attach, trim or migrate only on the
controllers that were enabled for a specific unit. With this changes we
will now do them for all supproted controllers, and fall back to all
possible prefix paths if the specified paths do not exist.
This fixes issues if a controller is being disabled for a unit where it
was previously enabled, and makes sure that all processes stay as "far
down" the tree as groups exist.
|
|
Prefer firmware-provided performance data over loader-exported ones; if
ACPI data is available, always use it, otherwise try to read the loader
data.
The firmware-provided variables start at the time the first EFI image
is executed and end when the operating system exits the boot services;
the (loader) time calculated in systemd-analyze increases.
|
|
|
|
|
|
In the process, rename udev_encode_string which is poorly named for what
it does. It deals specifically with encoding names that udev creates and
has its own rules: utf8 is valid but some ascii is not (e.g. path
separators), and everything else is simply escaped. Rename it to
encode_devnode_name.
|
|
This unifies the utf8 handling code which was previously duplicated in
udev and systemd.
|
|
<shawn@churchofgit.com>.
|
|
Shawn Landen> Doesn't this also skip the last '0' when it is all '0's?
You need to keep the last one.
|
|
If a calling process execve()s a setuid program, it can appear to be
uid 0. Since we're receiving requests over DBus, avoid this by simply
passing system-bus-name as a subject.
|
|
|
|
69ab8088 unified parsing of status files and removed the logic of
skipping extra '0's when getting the effective capabilities. Restore
that logic, so that the same capabilities are always mapped to the
same strings in the journal.
|
|
A session-device is a device that is bound to a seat and used by a
session-controller to run the session. This currently includes DRM, fbdev
and evdev devices. A session-device can be created via RequestDevice() on
the dbus API of the session. You can drop it via ReleaseDevice() again.
Once the session is destroyed or you drop control of the session, all
session-devices are automatically destroyed.
Session devices follow the session "active" state. A device can be
active/running or inactive/paused. Whenever a session is not the active
session, no session-device of it can be active. That is, if a session is
not in foreground, all session-devices are paused.
Whenever a session becomes active, all devices are resumed/activated by
logind. If it fails, a device may stay paused.
With every session-device you request, you also get a file-descriptor
back. logind keeps a copy of this fd and uses kernel specific calls to
pause/resume the file-descriptors. For example, a DRM fd is muted
by logind as long as a given session is not active. Hence, the fd of the
application is also muted. Once the session gets active, logind unmutes
the fd and the application will get DRM access again.
This, however, requires kernel support. DRM devices provide DRM-Master for
synchronization, evdev devices have EVIOCREVOKE (pending on
linux-input-ML). fbdev devices do not provide such synchronization methods
(and never will).
Note that for evdev devices, we call EVIOCREVOKE once a session gets
inactive. However, this cannot be undone (the fd is still valid but mostly
unusable). So we reopen a new fd once the session is activated and send it
together with the ResumeDevice() signal.
With this infrastructure in place, compositors can now run without
CAP_SYS_ADMIN (that is, without being root). They use RequestControl() to
acquire a session and listen for devices via udev_monitor. For every
device they want to open, they call RequestDevice() on logind. This
returns a fd which they can use now. They no longer have to open the
devices themselves or call any privileged ioctls. This is all done by
logind.
Session-switches are still bound to VTs. Hence, compositors will get
notified via the usual VT mechanisms and can cleanup their state. Once the
VT switch is acknowledged as usual, logind will get notified via sysfs and
pause the old-session's devices and resume the devices of the new session.
To allow using this infrastructure with systems without VTs, we provide
notification signals. logind sends PauseDevice("force") dbus signals to
the current session controller for every device that it pauses. And it
sends ResumeDevice signals for every device that it resumes. For
seats with VTs this is sent _after_ the VT switch is acknowledged. Because
the compositor already acknowledged that it cleaned-up all devices.
However, for seats without VTs, this is used to notify the active
compositor that the session is about to be deactivated. That is, logind
sends PauseDevice("force") for each active device and then performs the
session-switch. The session-switch changes the "Active" property of the
session which can be monitored by the compositor. The new session is
activated and the ResumeDevice events are sent.
For seats without VTs, this is a forced session-switch. As this is not
backwards-compatible (xserver actually crashes, weston drops the related
devices, ..) we also provide an acknowledged session-switch. Note that
this is never used for sessions with VTs. You use the acknowledged
VT-switch on these seats.
An acknowledged session switch sends PauseDevice("pause") instead of
PauseDevice("force") to the active session. It schedules a short timeout
and waits for the session to acknowledge each of them with
PauseDeviceComplete(). Once all are acknowledged, or the session ran out
of time, a PauseDevice("force") is sent for all remaining active devices
and the session switch is performed.
Note that this is only partially implemented, yet, as we don't allow
multi-session without VTs, yet. A follow up commit will hook it up and
implemented the acknowledgements+timeout.
The implementation is quite simple. We use major/minor exclusively to
identify devices on the bus. On RequestDevice() we retrieve the
udev_device from the major/minor and search for an existing "Device"
object. If no exists, we create it. This guarantees us that we are
notified whenever the device changes seats or is removed.
We create a new SessionDevice object and link it to the related Session
and Device. Session->devices is a hashtable to lookup SessionDevice
objects via major/minor. Device->session_devices is a linked list so we
can release all linked session-devices once a device vanishes.
Now we only have to hook this up in seat_set_active() so we correctly
change device states during session-switches. As mentioned earlier, these
are forced state-changes as VTs are currently used exclusively for
multi-session implementations.
Everything else are hooks to release all session-devices once the
controller changes or a session is closed or removed.
|
|
It seems that the kernel uses the first configured partition
for hibernation. If it is too full, hibernation will fail. Test
that directly.
|
|
Resolves a longstanding bug which caused this function to wrongly
handle (escape) valid utf8 characters.
|
|
There's now some more obvious overlap amongst the two utf8 validation
functions, but no more than there already was previously.
This also adds some menial tests for anyone who wants to do more
merging of these two in the future.
|
|
Previously the specifier calls could only indicate OOM by returning
NULL. With this change they will return negative errno-style error codes
like everything else.
|
|
Only ASCII letters and digits are allowed.
|
|
Travis tests are failing, probably because /proc/meminfo is not available
in the test environment. The same might be true in some virtualized systems,
so just treat missing /proc/meminfo as a sign that hibernation is not
possible.
|
|
Condition that is checked is taken from upower:
active(anon) < free swap * 0.98
This is really stupid, because the kernel knows the situation better,
e.g. there could be two swap files, and then hibernation would be
impossible despite passing this check, or the kernel could start
supporting compressed swap and/or compressed hibernation images, and
then this this check would be too stringent. Nevertheless, until
we have something better, this should at least return a true negative
if there's no swap.
Logging of capabilities in the journal is changed to not strip leading
zeros. I consider this more readable anyway.
http://cgit.freedesktop.org/upower/tree/src/up-daemon.c#n613
https://bugzilla.redhat.com/show_bug.cgi?id=1007059
|
|
Fixup for ac4c8d6da8b5e.
|