summaryrefslogtreecommitdiff
path: root/src/shared
AgeCommit message (Collapse)Author
2013-10-13Never call qsort on potentially NULL arraysZbigniew Jędrzejewski-Szmek
This extends 62678ded 'efi: never call qsort on potentially NULL arrays' to all other places where qsort is used and it is not obvious that the count is non-zero.
2013-10-13unicode: treat cute symbol block as fullwidthZbigniew Jędrzejewski-Szmek
UNICODE standards only talk about fullwidth characters for East Asian scripts. But it seems that all those symbols are fullwidth too.
2013-10-13util, utf8: make ellipsize take multi-byte characters into accountShawn Landden
rename old versions to ascii_* Do not take into account zerowidth characters, but do consider double-wide characters. Import needed utf8 helper code from glib. v3: rebase ontop of utf8 restructuring work [zj: tweak the algorithm a bit, move new code to separate file]
2013-10-11smack: minimize ifdef use, and move all labeling to smack-util.cKay Sievers
2013-10-11macro: add new assert_return() macro for early parameter checking in functionsLennart Poettering
For the library functions we expose we currently repeatedly use checks like the following: if (!value_is_ok(parameter1)) return -EINVAL; if (!value_is_ok(parameter2)) return -EINVAL; And so on. Let's turn this into a macro: assert_return(value_is_ok(parameter1), -EINVAL); assert_return(value_is_ok(paramater2), -EINVAL); This makes our code a bit shorter and simpler, and also allows us to add a _unlikely_() around the check.
2013-10-10event: add timer accuracy/coalescing logicLennart Poettering
In order to improve energy consumption we should minimize our wake-ups when handling timers. Hence, for each timer take an accuracy value and schedule the actual wake-up time somewhere between the specified time and the specified timer plus the accuracy. The specified time of timer event sources hence becomes the time the handler is called the *earliest*, and the specified time plus the accuracy the time by which it is called the *latest*, leaving the library the freedom to schedule the wake-up somewhere inbetween. If the accuracy is specified as 0 the default of 250ms will be used. When scheduling timeouts we will now try to elapse them at the same point within each second, across the entire system. We do this by using a fixed perturbation value keyed off the boot id. If this point within a second is not in the acceptable range, we try again with a fixed time within each 250ms time step. If that doesn't work either, we wake up at the last possible time.
2013-10-10security: missing header inclusionsLennart Poettering
2013-10-10security: rework selinux, smack, ima, apparmor detection logicLennart Poettering
Always cache the results, and bypass low-level security calls when the respective subsystem is not enabled.
2013-10-10bus: add minimal event loop APILennart Poettering
So far we tried to use epoll directly wherever we needed an event loop. However, that has various shortcomings, such as the inability to handle larger amounts of timers (since each timerfd costs one fd, which is a very limited resource, usually bounded to 1024), and inability to do priorisation between multiple queued events. Let's add a minimal event loop API around epoll that is suitable for implementation of our own daemons and maybe one day can become public API for those who desire it. This loop is part of libsystemd-bus, but may be used independently of it.
2013-10-10do not accept "garbage" from acpi firmware performance data (FPDT)Kay Sievers
00000000 46 42 50 54 38 00 00 00 02 00 30 02 00 00 00 00 |FBPT8.....0.....| 00000010 23 45 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |#E..............| 00000020 f5 6a 51 00 00 00 00 00 00 00 00 00 00 00 00 00 |.jQ.............| 00000030 00 00 00 00 00 00 00 00 70 74 61 6c 58 00 00 00 |........ptalX...|
2013-10-09Smack: Test if smack is enabled before mountingAuke Kok
Since on most systems with xattr systemd will compile with Smack support enabled, we still attempt to mount various fs's with Smack-only options. Before mounting any of these Smack-related filesystems with Smack specific mount options, check if Smack is functionally active on the running kernel. If Smack is really enabled in the kernel, all these Smack mounts are now *fatal*, as they should be. We no longer mount smackfs if systemd was compiled without Smack support. This makes it easier to make smackfs mount failures a critical error when Smack is enabled. We no longer mount these filesystems with their Smack specific options inside containers. There these filesystems will be mounted with there non-mount smack options for now.
2013-10-09udev: add SECLABEL{selinux}= supportKay Sievers
2013-10-06shared/util: fix off-by-one error in tag_to_udev_nodeDave Reisner
Triggered false negatives when encoding a string which needed every character to be escaped, e.g. "LABEL=/".
2013-10-05utf8: fix utf8_is_printableZbigniew Jędrzejewski-Szmek
2013-10-03Introduce _cleanup_endmntent_Zbigniew Jędrzejewski-Szmek
2013-10-02nspawn: always copy /etc/resolv.conf rather than bind mountLennart Poettering
We were already creating the file if it was missing, and this way containers can reconfigure the file without running into problems. This also makes resolv.conf handling more alike to handling of /etc/localtime, which is also not a bind mount.
2013-10-02mkdir: pass a proper function pointer to mkdir_safe_internalLennart Poettering
2013-10-02strv: don't access potentially NULL string arraysLennart Poettering
2013-10-02efi: never call qsort on potentially NULL arraysLennart Poettering
2013-10-02acpi: make sure we never free an uninitialized pointerLennart Poettering
2013-10-02acpi-fptd: fix memory leak in acpi_get_boot_usecLukas Nykryn
2013-10-02cgroup: there's no point in labelling cgroupfs dirs, so let's not do thatsystemd/v208Lennart Poettering
This allows us to get rid of the dep on libsystemd-label for cgroup management. https://bugs.freedesktop.org/show_bug.cgi?id=69966
2013-10-01hashmap: randomize hash functions a bitLennart Poettering
2013-10-01util.c: ignore pollfd.revent for loop_read/loop_writeChen Jie
Let read()/write() report any error/EOF.
2013-10-01hashmap: size hashmap bucket array dynamicallyLennart Poettering
Instead of fixing the hashmap bucket array to 127 entries dynamically size it, starting with a smaller one of 31. As soon as a fill level of 75% is reached, quadruple the size, and so on. This should siginficantly optimize the lookup time in large tables (from O(n) back to O(1)), and save memory on smaller tables (which most are).
2013-10-01local: fix memory leak when putting together locale settingsLennart Poettering
Also, we need to use proper strv_env_xyz() calls when putting together the environment array, since otherwise settings won't be properly overriden. And let's get rid of strv_appendf(), is overkill and there was only one user.
2013-10-01logs-show.c: show all messages for a sliceZbigniew Jędrzejewski-Szmek
2013-09-29Fix buffer overrun when enumerating filesZbigniew Jędrzejewski-Szmek
https://bugs.freedesktop.org/show_bug.cgi?id=69887 Based-on-a-patch-by: Hans Petter Jansson <hpj@copyleft.no>
2013-09-26core: rework how we match mount units against each otherLennart Poettering
Previously to automatically create dependencies between mount units we matched every mount unit agains all others resulting in O(n^2) complexity. On setups with large amounts of mount units this might make things slow. This change replaces the matching code to use a hashtable that is keyed by a path prefix, and points to a set of units that require that path to be around. When a new mount unit is installed it is hence sufficient to simply look up this set of units via its own file system paths to know which units to order after itself. This patch also changes all unit types to only create automatic mount dependencies via the RequiresMountsFor= logic, and this is exposed to the outside to make things more transparent. With this change we still have some O(n) complexities in place when handling mounts, but that's currently unavoidable due to kernel APIs, and still substantially better than O(n^2) as before. https://bugs.freedesktop.org/show_bug.cgi?id=69740
2013-09-26unit-name: when escaping a path consider the empty path identical to the ↵Lennart Poettering
root dir
2013-09-26util: properly handle the root dir in PATH_FOREACH_PREFIXLennart Poettering
Also add PATH_FOREACH_PREFIX_MORE which includes the specified dir itself in the iteration
2013-09-26cgroup: when referencing cgroup controller trees allow omission of the pathLennart Poettering
2013-09-25util: add macro for iterating through all prefixes of a pathLennart Poettering
Syntactic sugar in a macro PATH_FOREACH_PREFIX.
2013-09-25cgroup: if we do a cgroup operation then do something on all supported ↵Lennart Poettering
controllers Previously we did operations like attach, trim or migrate only on the controllers that were enabled for a specific unit. With this changes we will now do them for all supproted controllers, and fall back to all possible prefix paths if the specified paths do not exist. This fixes issues if a controller is being disabled for a unit where it was previously enabled, and makes sure that all processes stay as "far down" the tree as groups exist.
2013-09-24support acpi firmware performance data (FPDT)Kay Sievers
Prefer firmware-provided performance data over loader-exported ones; if ACPI data is available, always use it, otherwise try to read the loader data. The firmware-provided variables start at the time the first EFI image is executed and end when the operating system exits the boot services; the (loader) time calculated in systemd-analyze increases.
2013-09-24shared: device-nodes - add include guardKay Sievers
2013-09-19Add more tests and fix capability loggingZbigniew Jędrzejewski-Szmek
2013-09-19device-nodes: move device node specific code to own fileDave Reisner
In the process, rename udev_encode_string which is poorly named for what it does. It deals specifically with encoding names that udev creates and has its own rules: utf8 is valid but some ascii is not (e.g. path separators), and everything else is simply escaped. Rename it to encode_devnode_name.
2013-09-19shared/utf8: merge implementations, remove cruftDave Reisner
This unifies the utf8 handling code which was previously duplicated in udev and systemd.
2013-09-18Spelling fix from later revision of committed patch from Shawn Landden ↵David Strauss
<shawn@churchofgit.com>.
2013-09-18Fix capability logging when effective caps are 0Zbigniew Jędrzejewski-Szmek
Shawn Landen> Doesn't this also skip the last '0' when it is all '0's? You need to keep the last one.
2013-09-18polkit: Avoid race condition in scraping /procColin Walters
If a calling process execve()s a setuid program, it can appear to be uid 0. Since we're receiving requests over DBus, avoid this by simply passing system-bus-name as a subject.
2013-09-18logs-show.c: fix enum type in function declarationZbigniew Jędrzejewski-Szmek
2013-09-17util: restore get_process_capeff behaviourZbigniew Jędrzejewski-Szmek
69ab8088 unified parsing of status files and removed the logic of skipping extra '0's when getting the effective capabilities. Restore that logic, so that the same capabilities are always mapped to the same strings in the journal.
2013-09-17logind: introduce session-devicesDavid Herrmann
A session-device is a device that is bound to a seat and used by a session-controller to run the session. This currently includes DRM, fbdev and evdev devices. A session-device can be created via RequestDevice() on the dbus API of the session. You can drop it via ReleaseDevice() again. Once the session is destroyed or you drop control of the session, all session-devices are automatically destroyed. Session devices follow the session "active" state. A device can be active/running or inactive/paused. Whenever a session is not the active session, no session-device of it can be active. That is, if a session is not in foreground, all session-devices are paused. Whenever a session becomes active, all devices are resumed/activated by logind. If it fails, a device may stay paused. With every session-device you request, you also get a file-descriptor back. logind keeps a copy of this fd and uses kernel specific calls to pause/resume the file-descriptors. For example, a DRM fd is muted by logind as long as a given session is not active. Hence, the fd of the application is also muted. Once the session gets active, logind unmutes the fd and the application will get DRM access again. This, however, requires kernel support. DRM devices provide DRM-Master for synchronization, evdev devices have EVIOCREVOKE (pending on linux-input-ML). fbdev devices do not provide such synchronization methods (and never will). Note that for evdev devices, we call EVIOCREVOKE once a session gets inactive. However, this cannot be undone (the fd is still valid but mostly unusable). So we reopen a new fd once the session is activated and send it together with the ResumeDevice() signal. With this infrastructure in place, compositors can now run without CAP_SYS_ADMIN (that is, without being root). They use RequestControl() to acquire a session and listen for devices via udev_monitor. For every device they want to open, they call RequestDevice() on logind. This returns a fd which they can use now. They no longer have to open the devices themselves or call any privileged ioctls. This is all done by logind. Session-switches are still bound to VTs. Hence, compositors will get notified via the usual VT mechanisms and can cleanup their state. Once the VT switch is acknowledged as usual, logind will get notified via sysfs and pause the old-session's devices and resume the devices of the new session. To allow using this infrastructure with systems without VTs, we provide notification signals. logind sends PauseDevice("force") dbus signals to the current session controller for every device that it pauses. And it sends ResumeDevice signals for every device that it resumes. For seats with VTs this is sent _after_ the VT switch is acknowledged. Because the compositor already acknowledged that it cleaned-up all devices. However, for seats without VTs, this is used to notify the active compositor that the session is about to be deactivated. That is, logind sends PauseDevice("force") for each active device and then performs the session-switch. The session-switch changes the "Active" property of the session which can be monitored by the compositor. The new session is activated and the ResumeDevice events are sent. For seats without VTs, this is a forced session-switch. As this is not backwards-compatible (xserver actually crashes, weston drops the related devices, ..) we also provide an acknowledged session-switch. Note that this is never used for sessions with VTs. You use the acknowledged VT-switch on these seats. An acknowledged session switch sends PauseDevice("pause") instead of PauseDevice("force") to the active session. It schedules a short timeout and waits for the session to acknowledge each of them with PauseDeviceComplete(). Once all are acknowledged, or the session ran out of time, a PauseDevice("force") is sent for all remaining active devices and the session switch is performed. Note that this is only partially implemented, yet, as we don't allow multi-session without VTs, yet. A follow up commit will hook it up and implemented the acknowledgements+timeout. The implementation is quite simple. We use major/minor exclusively to identify devices on the bus. On RequestDevice() we retrieve the udev_device from the major/minor and search for an existing "Device" object. If no exists, we create it. This guarantees us that we are notified whenever the device changes seats or is removed. We create a new SessionDevice object and link it to the related Session and Device. Session->devices is a hashtable to lookup SessionDevice objects via major/minor. Device->session_devices is a linked list so we can release all linked session-devices once a device vanishes. Now we only have to hook this up in seat_set_active() so we correctly change device states during session-switches. As mentioned earlier, these are forced state-changes as VTs are currently used exclusively for multi-session implementations. Everything else are hooks to release all session-devices once the controller changes or a session is closed or removed.
2013-09-17Use first partition in /proc/swaps for hibernation testZbigniew Jędrzejewski-Szmek
It seems that the kernel uses the first configured partition for hibernation. If it is too full, hibernation will fail. Test that directly.
2013-09-17Use udev_encode_string in fstab_node_to_udev_nodeDave Reisner
Resolves a longstanding bug which caused this function to wrongly handle (escape) valid utf8 characters.
2013-09-17move utf8 functions from libudev-private.h to utf8.hDave Reisner
There's now some more obvious overlap amongst the two utf8 validation functions, but no more than there already was previously. This also adds some menial tests for anyone who wants to do more merging of these two in the future.
2013-09-17specifier: rework specifier calls to return proper error messageLennart Poettering
Previously the specifier calls could only indicate OOM by returning NULL. With this change they will return negative errno-style error codes like everything else.
2013-09-16Verify validity of session name when received from outsideZbigniew Jędrzejewski-Szmek
Only ASCII letters and digits are allowed.