summaryrefslogtreecommitdiffstats
path: root/src/basic
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 10:23:34 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 10:23:34 +0000
commit35962ed6b09ac995d663aeb7ab0287743cecc24c (patch)
tree24a36570c53b15b3bd6e955054f8c4846db0e262 /src/basic
parentAdding debian version 252.22-1~deb12u1. (diff)
downloadsystemd-35962ed6b09ac995d663aeb7ab0287743cecc24c.tar.xz
systemd-35962ed6b09ac995d663aeb7ab0287743cecc24c.zip
Merging upstream version 252.23.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/basic')
-rw-r--r--src/basic/architecture.c2
-rw-r--r--src/basic/cgroup-util.h5
-rw-r--r--src/basic/fd-util.c4
-rw-r--r--src/basic/fs-util.c8
-rw-r--r--src/basic/missing_syscall.h19
-rw-r--r--src/basic/missing_syscall_def.h102
-rw-r--r--src/basic/missing_syscalls.py3
-rw-r--r--src/basic/string-util.c12
-rw-r--r--src/basic/string-util.h5
-rw-r--r--src/basic/strv.h12
-rw-r--r--src/basic/user-util.c2
-rw-r--r--src/basic/virt.c13
12 files changed, 130 insertions, 57 deletions
diff --git a/src/basic/architecture.c b/src/basic/architecture.c
index 773ee3c..488367c 100644
--- a/src/basic/architecture.c
+++ b/src/basic/architecture.c
@@ -70,7 +70,7 @@ Architecture uname_architecture(void) {
{ "parisc64", ARCHITECTURE_PARISC64 },
{ "parisc", ARCHITECTURE_PARISC },
-#elif defined(__loongarch64)
+#elif defined(__loongarch_lp64)
{ "loongarch64", ARCHITECTURE_LOONGARCH64 },
#elif defined(__m68k__)
diff --git a/src/basic/cgroup-util.h b/src/basic/cgroup-util.h
index df6d5b7..1904e84 100644
--- a/src/basic/cgroup-util.h
+++ b/src/basic/cgroup-util.h
@@ -66,10 +66,13 @@ typedef enum CGroupMask {
/* All real cgroup v2 controllers */
CGROUP_MASK_V2 = CGROUP_MASK_CPU|CGROUP_MASK_CPUSET|CGROUP_MASK_IO|CGROUP_MASK_MEMORY|CGROUP_MASK_PIDS,
+ /* All controllers we want to delegate in case of Delegate=yes. Which are prety much the v2 controllers only, as delegation on v1 is not safe, and bpf stuff isn't a real controller */
+ CGROUP_MASK_DELEGATE = CGROUP_MASK_V2,
+
/* All cgroup v2 BPF pseudo-controllers */
CGROUP_MASK_BPF = CGROUP_MASK_BPF_FIREWALL|CGROUP_MASK_BPF_DEVICES|CGROUP_MASK_BPF_FOREIGN|CGROUP_MASK_BPF_SOCKET_BIND|CGROUP_MASK_BPF_RESTRICT_NETWORK_INTERFACES,
- _CGROUP_MASK_ALL = CGROUP_CONTROLLER_TO_MASK(_CGROUP_CONTROLLER_MAX) - 1
+ _CGROUP_MASK_ALL = CGROUP_CONTROLLER_TO_MASK(_CGROUP_CONTROLLER_MAX) - 1,
} CGroupMask;
static inline CGroupMask CGROUP_MASK_EXTEND_JOINED(CGroupMask mask) {
diff --git a/src/basic/fd-util.c b/src/basic/fd-util.c
index 66bb756..ad7bd63 100644
--- a/src/basic/fd-util.c
+++ b/src/basic/fd-util.c
@@ -284,7 +284,7 @@ static int close_all_fds_special_case(const int except[], size_t n_except) {
case 0:
/* Close everything. Yay! */
- if (close_range(3, -1, 0) >= 0)
+ if (close_range(3, INT_MAX, 0) >= 0)
return 1;
if (ERRNO_IS_NOT_SUPPORTED(errno) || ERRNO_IS_PRIVILEGE(errno)) {
@@ -395,7 +395,7 @@ int close_all_fds(const int except[], size_t n_except) {
if (sorted[n_sorted-1] >= INT_MAX) /* Dont let the addition below overflow */
return 0;
- if (close_range(sorted[n_sorted-1] + 1, -1, 0) >= 0)
+ if (close_range(sorted[n_sorted-1] + 1, INT_MAX, 0) >= 0)
return 0;
if (!ERRNO_IS_NOT_SUPPORTED(errno) && !ERRNO_IS_PRIVILEGE(errno))
diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c
index 6b757bd..d71c07c 100644
--- a/src/basic/fs-util.c
+++ b/src/basic/fs-util.c
@@ -118,7 +118,11 @@ int rename_noreplace(int olddirfd, const char *oldpath, int newdirfd, const char
int readlinkat_malloc(int fd, const char *p, char **ret) {
size_t l = PATH_MAX;
- assert(p);
+ assert(fd >= 0 || fd == AT_FDCWD);
+
+ if (fd < 0 && isempty(p))
+ return -EISDIR; /* In this case, the fd points to the current working directory, and is
+ * definitely not a symlink. Let's return earlier. */
for (;;) {
_cleanup_free_ char *c = NULL;
@@ -128,7 +132,7 @@ int readlinkat_malloc(int fd, const char *p, char **ret) {
if (!c)
return -ENOMEM;
- n = readlinkat(fd, p, c, l);
+ n = readlinkat(fd, strempty(p), c, l);
if (n < 0)
return -errno;
diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h
index d54e59f..47c5177 100644
--- a/src/basic/missing_syscall.h
+++ b/src/basic/missing_syscall.h
@@ -383,23 +383,14 @@ static inline int missing_execveat(int dirfd, const char *pathname,
/* ======================================================================= */
#if !HAVE_CLOSE_RANGE
-static inline int missing_close_range(int first_fd, int end_fd, unsigned flags) {
+static inline int missing_close_range(unsigned first_fd, unsigned end_fd, unsigned flags) {
# ifdef __NR_close_range
/* Kernel-side the syscall expects fds as unsigned integers (just like close() actually), while
- * userspace exclusively uses signed integers for fds. We don't know just yet how glibc is going to
- * wrap this syscall, but let's assume it's going to be similar to what they do for close(),
- * i.e. make the same unsigned → signed type change from the raw kernel syscall compared to the
- * userspace wrapper. There's only one caveat for this: unlike for close() there's the special
- * UINT_MAX fd value for the 'end_fd' argument. Let's safely map that to -1 here. And let's refuse
- * any other negative values. */
- if ((first_fd < 0) || (end_fd < 0 && end_fd != -1)) {
- errno = -EBADF;
- return -1;
- }
-
+ * userspace exclusively uses signed integers for fds. glibc chose to expose it 1:1 however, hence we
+ * do so here too, even if we end up passing signed fds to it most of the time. */
return syscall(__NR_close_range,
- (unsigned) first_fd,
- end_fd == -1 ? UINT_MAX : (unsigned) end_fd, /* Of course, the compiler should figure out that this is the identity mapping IRL */
+ first_fd,
+ end_fd,
flags);
# else
errno = ENOSYS;
diff --git a/src/basic/missing_syscall_def.h b/src/basic/missing_syscall_def.h
index 67cae70..8906f40 100644
--- a/src/basic/missing_syscall_def.h
+++ b/src/basic/missing_syscall_def.h
@@ -14,7 +14,7 @@
# elif defined(__arm__)
# elif defined(__i386__)
# elif defined(__ia64__)
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# elif defined(__m68k__)
# elif defined(_MIPS_SIM)
# if _MIPS_SIM == _MIPS_SIM_ABI32
@@ -55,7 +55,7 @@
# define systemd_NR_bpf 357
# elif defined(__ia64__)
# define systemd_NR_bpf 1341
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_bpf 280
# elif defined(__m68k__)
# define systemd_NR_bpf 354
@@ -123,7 +123,7 @@ assert_cc(__NR_bpf == systemd_NR_bpf);
# define systemd_NR_close_range 436
# elif defined(__ia64__)
# define systemd_NR_close_range 1460
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_close_range 436
# elif defined(__m68k__)
# define systemd_NR_close_range 436
@@ -191,7 +191,7 @@ assert_cc(__NR_close_range == systemd_NR_close_range);
# define systemd_NR_copy_file_range 377
# elif defined(__ia64__)
# define systemd_NR_copy_file_range 1347
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_copy_file_range 285
# elif defined(__m68k__)
# define systemd_NR_copy_file_range 376
@@ -314,6 +314,74 @@ assert_cc(__NR_epoll_pwait2 == systemd_NR_epoll_pwait2);
# endif
#endif
+#ifndef __IGNORE_fchmodat2
+# if defined(__aarch64__)
+# define systemd_NR_fchmodat2 452
+# elif defined(__alpha__)
+# define systemd_NR_fchmodat2 562
+# elif defined(__arc__) || defined(__tilegx__)
+# define systemd_NR_fchmodat2 452
+# elif defined(__arm__)
+# define systemd_NR_fchmodat2 452
+# elif defined(__i386__)
+# define systemd_NR_fchmodat2 452
+# elif defined(__ia64__)
+# define systemd_NR_fchmodat2 1476
+# elif defined(__loongarch_lp64)
+# define systemd_NR_fchmodat2 452
+# elif defined(__m68k__)
+# define systemd_NR_fchmodat2 452
+# elif defined(_MIPS_SIM)
+# if _MIPS_SIM == _MIPS_SIM_ABI32
+# define systemd_NR_fchmodat2 4452
+# elif _MIPS_SIM == _MIPS_SIM_NABI32
+# define systemd_NR_fchmodat2 6452
+# elif _MIPS_SIM == _MIPS_SIM_ABI64
+# define systemd_NR_fchmodat2 5452
+# else
+# error "Unknown MIPS ABI"
+# endif
+# elif defined(__hppa__)
+# define systemd_NR_fchmodat2 452
+# elif defined(__powerpc__)
+# define systemd_NR_fchmodat2 452
+# elif defined(__riscv)
+# if __riscv_xlen == 32
+# define systemd_NR_fchmodat2 452
+# elif __riscv_xlen == 64
+# define systemd_NR_fchmodat2 452
+# else
+# error "Unknown RISC-V ABI"
+# endif
+# elif defined(__s390__)
+# define systemd_NR_fchmodat2 452
+# elif defined(__sparc__)
+# define systemd_NR_fchmodat2 452
+# elif defined(__x86_64__)
+# if defined(__ILP32__)
+# define systemd_NR_fchmodat2 (452 | /* __X32_SYSCALL_BIT */ 0x40000000)
+# else
+# define systemd_NR_fchmodat2 452
+# endif
+# elif !defined(missing_arch_template)
+# warning "fchmodat2() syscall number is unknown for your architecture"
+# endif
+
+/* may be an (invalid) negative number due to libseccomp, see PR 13319 */
+# if defined __NR_fchmodat2 && __NR_fchmodat2 >= 0
+# if defined systemd_NR_fchmodat2
+assert_cc(__NR_fchmodat2 == systemd_NR_fchmodat2);
+# endif
+# else
+# if defined __NR_fchmodat2
+# undef __NR_fchmodat2
+# endif
+# if defined systemd_NR_fchmodat2 && systemd_NR_fchmodat2 >= 0
+# define __NR_fchmodat2 systemd_NR_fchmodat2
+# endif
+# endif
+#endif
+
#ifndef __IGNORE_getrandom
# if defined(__aarch64__)
# define systemd_NR_getrandom 278
@@ -327,7 +395,7 @@ assert_cc(__NR_epoll_pwait2 == systemd_NR_epoll_pwait2);
# define systemd_NR_getrandom 355
# elif defined(__ia64__)
# define systemd_NR_getrandom 1339
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_getrandom 278
# elif defined(__m68k__)
# define systemd_NR_getrandom 352
@@ -395,7 +463,7 @@ assert_cc(__NR_getrandom == systemd_NR_getrandom);
# define systemd_NR_memfd_create 356
# elif defined(__ia64__)
# define systemd_NR_memfd_create 1340
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_memfd_create 279
# elif defined(__m68k__)
# define systemd_NR_memfd_create 353
@@ -463,7 +531,7 @@ assert_cc(__NR_memfd_create == systemd_NR_memfd_create);
# define systemd_NR_mount_setattr 442
# elif defined(__ia64__)
# define systemd_NR_mount_setattr 1466
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_mount_setattr 442
# elif defined(__m68k__)
# define systemd_NR_mount_setattr 442
@@ -531,7 +599,7 @@ assert_cc(__NR_mount_setattr == systemd_NR_mount_setattr);
# define systemd_NR_move_mount 429
# elif defined(__ia64__)
# define systemd_NR_move_mount 1453
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_move_mount 429
# elif defined(__m68k__)
# define systemd_NR_move_mount 429
@@ -599,7 +667,7 @@ assert_cc(__NR_move_mount == systemd_NR_move_mount);
# define systemd_NR_name_to_handle_at 341
# elif defined(__ia64__)
# define systemd_NR_name_to_handle_at 1326
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_name_to_handle_at 264
# elif defined(__m68k__)
# define systemd_NR_name_to_handle_at 340
@@ -667,7 +735,7 @@ assert_cc(__NR_name_to_handle_at == systemd_NR_name_to_handle_at);
# define systemd_NR_open_tree 428
# elif defined(__ia64__)
# define systemd_NR_open_tree 1452
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_open_tree 428
# elif defined(__m68k__)
# define systemd_NR_open_tree 428
@@ -735,7 +803,7 @@ assert_cc(__NR_open_tree == systemd_NR_open_tree);
# define systemd_NR_openat2 437
# elif defined(__ia64__)
# define systemd_NR_openat2 1461
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_openat2 437
# elif defined(__m68k__)
# define systemd_NR_openat2 437
@@ -803,7 +871,7 @@ assert_cc(__NR_openat2 == systemd_NR_openat2);
# define systemd_NR_pidfd_open 434
# elif defined(__ia64__)
# define systemd_NR_pidfd_open 1458
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_pidfd_open 434
# elif defined(__m68k__)
# define systemd_NR_pidfd_open 434
@@ -871,7 +939,7 @@ assert_cc(__NR_pidfd_open == systemd_NR_pidfd_open);
# define systemd_NR_pidfd_send_signal 424
# elif defined(__ia64__)
# define systemd_NR_pidfd_send_signal 1448
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_pidfd_send_signal 424
# elif defined(__m68k__)
# define systemd_NR_pidfd_send_signal 424
@@ -939,7 +1007,7 @@ assert_cc(__NR_pidfd_send_signal == systemd_NR_pidfd_send_signal);
# define systemd_NR_pkey_mprotect 380
# elif defined(__ia64__)
# define systemd_NR_pkey_mprotect 1354
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_pkey_mprotect 288
# elif defined(__m68k__)
# define systemd_NR_pkey_mprotect 381
@@ -1007,7 +1075,7 @@ assert_cc(__NR_pkey_mprotect == systemd_NR_pkey_mprotect);
# define systemd_NR_renameat2 353
# elif defined(__ia64__)
# define systemd_NR_renameat2 1338
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_renameat2 276
# elif defined(__m68k__)
# define systemd_NR_renameat2 351
@@ -1075,7 +1143,7 @@ assert_cc(__NR_renameat2 == systemd_NR_renameat2);
# define systemd_NR_setns 346
# elif defined(__ia64__)
# define systemd_NR_setns 1330
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_setns 268
# elif defined(__m68k__)
# define systemd_NR_setns 344
@@ -1143,7 +1211,7 @@ assert_cc(__NR_setns == systemd_NR_setns);
# define systemd_NR_statx 383
# elif defined(__ia64__)
# define systemd_NR_statx 1350
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_statx 291
# elif defined(__m68k__)
# define systemd_NR_statx 379
diff --git a/src/basic/missing_syscalls.py b/src/basic/missing_syscalls.py
index 642d4d9..4b61c1c 100644
--- a/src/basic/missing_syscalls.py
+++ b/src/basic/missing_syscalls.py
@@ -10,6 +10,7 @@ SYSCALLS = [
'close_range',
'copy_file_range',
'epoll_pwait2',
+ 'fchmodat2',
'getrandom',
'memfd_create',
'mount_setattr',
@@ -60,7 +61,7 @@ DEF_TEMPLATE_B = '''\
# define systemd_NR_{syscall} {nr_i386}
# elif defined(__ia64__)
# define systemd_NR_{syscall} {nr_ia64}
-# elif defined(__loongarch64)
+# elif defined(__loongarch_lp64)
# define systemd_NR_{syscall} {nr_loongarch64}
# elif defined(__m68k__)
# define systemd_NR_{syscall} {nr_m68k}
diff --git a/src/basic/string-util.c b/src/basic/string-util.c
index 17d35fe..8a806e9 100644
--- a/src/basic/string-util.c
+++ b/src/basic/string-util.c
@@ -1202,3 +1202,15 @@ size_t strspn_from_end(const char *str, const char *accept) {
return n;
}
+
+char *startswith_strv(const char *string, char **strv) {
+ char *found = NULL;
+
+ STRV_FOREACH(i, strv) {
+ found = startswith(string, *i);
+ if (found)
+ break;
+ }
+
+ return found;
+}
diff --git a/src/basic/string-util.h b/src/basic/string-util.h
index 913a96f..6edfaef 100644
--- a/src/basic/string-util.h
+++ b/src/basic/string-util.h
@@ -243,3 +243,8 @@ bool streq_skip_trailing_chars(const char *s1, const char *s2, const char *ok);
char *string_replace_char(char *str, char old_char, char new_char);
size_t strspn_from_end(const char *str, const char *accept);
+
+char *startswith_strv(const char *string, char **strv);
+
+#define STARTSWITH_SET(p, ...) \
+ startswith_strv(p, STRV_MAKE(__VA_ARGS__))
diff --git a/src/basic/strv.h b/src/basic/strv.h
index bda8cbf..8857c47 100644
--- a/src/basic/strv.h
+++ b/src/basic/strv.h
@@ -206,18 +206,6 @@ void strv_print(char * const *l);
_x && strv_contains_case(STRV_MAKE(__VA_ARGS__), _x); \
})
-#define STARTSWITH_SET(p, ...) \
- ({ \
- const char *_p = (p); \
- char *_found = NULL; \
- STRV_FOREACH(_i, STRV_MAKE(__VA_ARGS__)) { \
- _found = startswith(_p, *_i); \
- if (_found) \
- break; \
- } \
- _found; \
- })
-
#define ENDSWITH_SET(p, ...) \
({ \
const char *_p = (p); \
diff --git a/src/basic/user-util.c b/src/basic/user-util.c
index 519e788..8823e73 100644
--- a/src/basic/user-util.c
+++ b/src/basic/user-util.c
@@ -313,7 +313,7 @@ int get_user_creds(
if (shell) {
if (FLAGS_SET(flags, USER_CREDS_CLEAN) &&
(isempty(p->pw_shell) ||
- !path_is_valid(p->pw_dir) ||
+ !path_is_valid(p->pw_shell) ||
!path_is_absolute(p->pw_shell) ||
is_nologin_shell(p->pw_shell)))
*shell = NULL;
diff --git a/src/basic/virt.c b/src/basic/virt.c
index c2ed8d0..6ea1854 100644
--- a/src/basic/virt.c
+++ b/src/basic/virt.c
@@ -97,7 +97,7 @@ static Virtualization detect_vm_cpuid(void) {
}
static Virtualization detect_vm_device_tree(void) {
-#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) || defined(__powerpc64__)
+#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) || defined(__powerpc64__) || defined(__riscv)
_cleanup_free_ char *hvtype = NULL;
int r;
@@ -154,7 +154,7 @@ static Virtualization detect_vm_device_tree(void) {
#endif
}
-#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch64)
+#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch_lp64) || defined(__riscv)
static Virtualization detect_vm_dmi_vendor(void) {
static const char* const dmi_vendors[] = {
"/sys/class/dmi/id/product_name", /* Test this before sys_vendor to detect KVM over QEMU */
@@ -245,10 +245,10 @@ static int detect_vm_smbios(void) {
log_debug("DMI BIOS Extension table does not indicate virtualization.");
return SMBIOS_VM_BIT_UNSET;
}
-#endif /* defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch64) */
+#endif /* defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch_lp64) */
static Virtualization detect_vm_dmi(void) {
-#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch64)
+#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch_lp64)
int r;
r = detect_vm_dmi_vendor();
@@ -454,7 +454,7 @@ Virtualization detect_vm(void) {
/* We have to use the correct order here:
*
- * → First, try to detect Oracle Virtualbox, Amazon EC2 Nitro, and Parallels, even if they use KVM,
+ * → First, try to detect Oracle Virtualbox, Amazon EC2 Nitro, Parallels, and Google Compute Engine, even if they use KVM,
* as well as Xen even if it cloaks as Microsoft Hyper-V. Attempt to detect uml at this stage also
* since it runs as a user-process nested inside other VMs. Also check for Xen now, because Xen PV
* mode does not override CPUID when nested inside another hypervisor.
@@ -469,7 +469,8 @@ Virtualization detect_vm(void) {
VIRTUALIZATION_ORACLE,
VIRTUALIZATION_XEN,
VIRTUALIZATION_AMAZON,
- VIRTUALIZATION_PARALLELS)) {
+ VIRTUALIZATION_PARALLELS,
+ VIRTUALIZATION_GOOGLE)) {
v = dmi;
goto finish;
}