summaryrefslogtreecommitdiffstats
path: root/src/basic
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-09-16 18:27:56 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-09-16 18:27:56 +0000
commit26fde72265073b26498ce55596c0eda1bc3113b4 (patch)
tree580247f9ae59f3bb05e3b9ee52eb4fe51b63887b /src/basic
parentAdding upstream version 256.5. (diff)
downloadsystemd-upstream.tar.xz
systemd-upstream.zip
Adding upstream version 256.6.upstream/256.6upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/basic')
-rw-r--r--src/basic/audit-util.c2
-rw-r--r--src/basic/missing_loop.h4
-rw-r--r--src/basic/process-util.c26
-rw-r--r--src/basic/virt.c7
4 files changed, 33 insertions, 6 deletions
diff --git a/src/basic/audit-util.c b/src/basic/audit-util.c
index bf96e08..7f86f84 100644
--- a/src/basic/audit-util.c
+++ b/src/basic/audit-util.c
@@ -99,7 +99,7 @@ static int try_audit_request(int fd) {
n = recvmsg_safe(fd, &mh, 0);
if (n < 0)
- return -errno;
+ return n;
if (n != NLMSG_LENGTH(sizeof(struct nlmsgerr)))
return -EIO;
diff --git a/src/basic/missing_loop.h b/src/basic/missing_loop.h
index b88501d..f83a14c 100644
--- a/src/basic/missing_loop.h
+++ b/src/basic/missing_loop.h
@@ -29,3 +29,7 @@ assert_cc(LOOP_SET_DIRECT_IO == 0x4C08);
#ifndef LOOP_SET_STATUS_SETTABLE_FLAGS
# define LOOP_SET_STATUS_SETTABLE_FLAGS (LO_FLAGS_AUTOCLEAR | LO_FLAGS_PARTSCAN)
#endif
+
+#ifndef LOOP_SET_BLOCK_SIZE
+# define LOOP_SET_BLOCK_SIZE 0x4C09
+#endif
diff --git a/src/basic/process-util.c b/src/basic/process-util.c
index c9d968d..de5a146 100644
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -2066,9 +2066,10 @@ int posix_spawn_wrapper(
_unused_ _cleanup_(posix_spawnattr_destroyp) posix_spawnattr_t *attr_destructor = &attr;
#if HAVE_PIDFD_SPAWN
+ static bool setcgroup_supported = true;
_cleanup_close_ int cgroup_fd = -EBADF;
- if (cgroup) {
+ if (cgroup && setcgroup_supported) {
_cleanup_free_ char *resolved_cgroup = NULL;
r = cg_get_path_and_check(
@@ -2102,6 +2103,19 @@ int posix_spawn_wrapper(
_cleanup_close_ int pidfd = -EBADF;
r = pidfd_spawn(&pidfd, path, NULL, &attr, argv, envp);
+ if (r == E2BIG && FLAGS_SET(flags, POSIX_SPAWN_SETCGROUP)) {
+ /* Some kernels (e.g., 5.4) support clone3 but they do not support CLONE_INTO_CGROUP.
+ * Retry pidfd_spawn() after removing the flag. */
+ flags &= ~POSIX_SPAWN_SETCGROUP;
+ r = posix_spawnattr_setflags(&attr, flags);
+ if (r != 0)
+ return -r;
+ r = pidfd_spawn(&pidfd, path, NULL, &attr, argv, envp);
+ /* if pidfd_spawn was successful after removing SPAWN_CGROUP,
+ * mark setcgroup_supported as false so that we do not retry every time */
+ if (r == 0)
+ setcgroup_supported = false;
+ }
if (r == 0) {
r = pidref_set_pidfd_consume(ret_pidref, TAKE_FD(pidfd));
if (r < 0)
@@ -2120,10 +2134,12 @@ int posix_spawn_wrapper(
/* Compiled on a newer host, or seccomp&friends blocking clone3()? Fallback, but need to change the
* flags to remove the cgroup one, which is what redirects to clone3() */
- flags &= ~POSIX_SPAWN_SETCGROUP;
- r = posix_spawnattr_setflags(&attr, flags);
- if (r != 0)
- return -r;
+ if (FLAGS_SET(flags, POSIX_SPAWN_SETCGROUP)) {
+ flags &= ~POSIX_SPAWN_SETCGROUP;
+ r = posix_spawnattr_setflags(&attr, flags);
+ if (r != 0)
+ return -r;
+ }
#endif
pid_t pid;
diff --git a/src/basic/virt.c b/src/basic/virt.c
index 0970350..2cb3a08 100644
--- a/src/basic/virt.c
+++ b/src/basic/virt.c
@@ -896,6 +896,13 @@ int running_in_chroot(void) {
* mount /proc, so all other programs can assume that if /proc is *not* available, we're in some
* chroot. */
+ r = getenv_bool("SYSTEMD_IN_CHROOT");
+ if (r >= 0)
+ return r > 0;
+ if (r != -ENXIO)
+ log_debug_errno(r, "Failed to parse $SYSTEMD_IN_CHROOT, ignoring: %m");
+
+ /* Deprecated but kept for backwards compatibility. */
if (getenv_bool("SYSTEMD_IGNORE_CHROOT") > 0)
return 0;