diff options
Diffstat (limited to 'src/basic')
-rw-r--r-- | src/basic/architecture.c | 2 | ||||
-rw-r--r-- | src/basic/cgroup-util.h | 5 | ||||
-rw-r--r-- | src/basic/fd-util.c | 4 | ||||
-rw-r--r-- | src/basic/fs-util.c | 8 | ||||
-rw-r--r-- | src/basic/missing_syscall.h | 19 | ||||
-rw-r--r-- | src/basic/missing_syscall_def.h | 102 | ||||
-rw-r--r-- | src/basic/missing_syscalls.py | 3 | ||||
-rw-r--r-- | src/basic/string-util.c | 12 | ||||
-rw-r--r-- | src/basic/string-util.h | 5 | ||||
-rw-r--r-- | src/basic/strv.h | 12 | ||||
-rw-r--r-- | src/basic/user-util.c | 2 | ||||
-rw-r--r-- | src/basic/virt.c | 13 |
12 files changed, 130 insertions, 57 deletions
diff --git a/src/basic/architecture.c b/src/basic/architecture.c index 773ee3c..488367c 100644 --- a/src/basic/architecture.c +++ b/src/basic/architecture.c @@ -70,7 +70,7 @@ Architecture uname_architecture(void) { { "parisc64", ARCHITECTURE_PARISC64 }, { "parisc", ARCHITECTURE_PARISC }, -#elif defined(__loongarch64) +#elif defined(__loongarch_lp64) { "loongarch64", ARCHITECTURE_LOONGARCH64 }, #elif defined(__m68k__) diff --git a/src/basic/cgroup-util.h b/src/basic/cgroup-util.h index df6d5b7..1904e84 100644 --- a/src/basic/cgroup-util.h +++ b/src/basic/cgroup-util.h @@ -66,10 +66,13 @@ typedef enum CGroupMask { /* All real cgroup v2 controllers */ CGROUP_MASK_V2 = CGROUP_MASK_CPU|CGROUP_MASK_CPUSET|CGROUP_MASK_IO|CGROUP_MASK_MEMORY|CGROUP_MASK_PIDS, + /* All controllers we want to delegate in case of Delegate=yes. Which are prety much the v2 controllers only, as delegation on v1 is not safe, and bpf stuff isn't a real controller */ + CGROUP_MASK_DELEGATE = CGROUP_MASK_V2, + /* All cgroup v2 BPF pseudo-controllers */ CGROUP_MASK_BPF = CGROUP_MASK_BPF_FIREWALL|CGROUP_MASK_BPF_DEVICES|CGROUP_MASK_BPF_FOREIGN|CGROUP_MASK_BPF_SOCKET_BIND|CGROUP_MASK_BPF_RESTRICT_NETWORK_INTERFACES, - _CGROUP_MASK_ALL = CGROUP_CONTROLLER_TO_MASK(_CGROUP_CONTROLLER_MAX) - 1 + _CGROUP_MASK_ALL = CGROUP_CONTROLLER_TO_MASK(_CGROUP_CONTROLLER_MAX) - 1, } CGroupMask; static inline CGroupMask CGROUP_MASK_EXTEND_JOINED(CGroupMask mask) { diff --git a/src/basic/fd-util.c b/src/basic/fd-util.c index 66bb756..ad7bd63 100644 --- a/src/basic/fd-util.c +++ b/src/basic/fd-util.c @@ -284,7 +284,7 @@ static int close_all_fds_special_case(const int except[], size_t n_except) { case 0: /* Close everything. Yay! */ - if (close_range(3, -1, 0) >= 0) + if (close_range(3, INT_MAX, 0) >= 0) return 1; if (ERRNO_IS_NOT_SUPPORTED(errno) || ERRNO_IS_PRIVILEGE(errno)) { @@ -395,7 +395,7 @@ int close_all_fds(const int except[], size_t n_except) { if (sorted[n_sorted-1] >= INT_MAX) /* Dont let the addition below overflow */ return 0; - if (close_range(sorted[n_sorted-1] + 1, -1, 0) >= 0) + if (close_range(sorted[n_sorted-1] + 1, INT_MAX, 0) >= 0) return 0; if (!ERRNO_IS_NOT_SUPPORTED(errno) && !ERRNO_IS_PRIVILEGE(errno)) diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c index 6b757bd..d71c07c 100644 --- a/src/basic/fs-util.c +++ b/src/basic/fs-util.c @@ -118,7 +118,11 @@ int rename_noreplace(int olddirfd, const char *oldpath, int newdirfd, const char int readlinkat_malloc(int fd, const char *p, char **ret) { size_t l = PATH_MAX; - assert(p); + assert(fd >= 0 || fd == AT_FDCWD); + + if (fd < 0 && isempty(p)) + return -EISDIR; /* In this case, the fd points to the current working directory, and is + * definitely not a symlink. Let's return earlier. */ for (;;) { _cleanup_free_ char *c = NULL; @@ -128,7 +132,7 @@ int readlinkat_malloc(int fd, const char *p, char **ret) { if (!c) return -ENOMEM; - n = readlinkat(fd, p, c, l); + n = readlinkat(fd, strempty(p), c, l); if (n < 0) return -errno; diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h index d54e59f..47c5177 100644 --- a/src/basic/missing_syscall.h +++ b/src/basic/missing_syscall.h @@ -383,23 +383,14 @@ static inline int missing_execveat(int dirfd, const char *pathname, /* ======================================================================= */ #if !HAVE_CLOSE_RANGE -static inline int missing_close_range(int first_fd, int end_fd, unsigned flags) { +static inline int missing_close_range(unsigned first_fd, unsigned end_fd, unsigned flags) { # ifdef __NR_close_range /* Kernel-side the syscall expects fds as unsigned integers (just like close() actually), while - * userspace exclusively uses signed integers for fds. We don't know just yet how glibc is going to - * wrap this syscall, but let's assume it's going to be similar to what they do for close(), - * i.e. make the same unsigned → signed type change from the raw kernel syscall compared to the - * userspace wrapper. There's only one caveat for this: unlike for close() there's the special - * UINT_MAX fd value for the 'end_fd' argument. Let's safely map that to -1 here. And let's refuse - * any other negative values. */ - if ((first_fd < 0) || (end_fd < 0 && end_fd != -1)) { - errno = -EBADF; - return -1; - } - + * userspace exclusively uses signed integers for fds. glibc chose to expose it 1:1 however, hence we + * do so here too, even if we end up passing signed fds to it most of the time. */ return syscall(__NR_close_range, - (unsigned) first_fd, - end_fd == -1 ? UINT_MAX : (unsigned) end_fd, /* Of course, the compiler should figure out that this is the identity mapping IRL */ + first_fd, + end_fd, flags); # else errno = ENOSYS; diff --git a/src/basic/missing_syscall_def.h b/src/basic/missing_syscall_def.h index 67cae70..8906f40 100644 --- a/src/basic/missing_syscall_def.h +++ b/src/basic/missing_syscall_def.h @@ -14,7 +14,7 @@ # elif defined(__arm__) # elif defined(__i386__) # elif defined(__ia64__) -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # elif defined(__m68k__) # elif defined(_MIPS_SIM) # if _MIPS_SIM == _MIPS_SIM_ABI32 @@ -55,7 +55,7 @@ # define systemd_NR_bpf 357 # elif defined(__ia64__) # define systemd_NR_bpf 1341 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_bpf 280 # elif defined(__m68k__) # define systemd_NR_bpf 354 @@ -123,7 +123,7 @@ assert_cc(__NR_bpf == systemd_NR_bpf); # define systemd_NR_close_range 436 # elif defined(__ia64__) # define systemd_NR_close_range 1460 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_close_range 436 # elif defined(__m68k__) # define systemd_NR_close_range 436 @@ -191,7 +191,7 @@ assert_cc(__NR_close_range == systemd_NR_close_range); # define systemd_NR_copy_file_range 377 # elif defined(__ia64__) # define systemd_NR_copy_file_range 1347 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_copy_file_range 285 # elif defined(__m68k__) # define systemd_NR_copy_file_range 376 @@ -314,6 +314,74 @@ assert_cc(__NR_epoll_pwait2 == systemd_NR_epoll_pwait2); # endif #endif +#ifndef __IGNORE_fchmodat2 +# if defined(__aarch64__) +# define systemd_NR_fchmodat2 452 +# elif defined(__alpha__) +# define systemd_NR_fchmodat2 562 +# elif defined(__arc__) || defined(__tilegx__) +# define systemd_NR_fchmodat2 452 +# elif defined(__arm__) +# define systemd_NR_fchmodat2 452 +# elif defined(__i386__) +# define systemd_NR_fchmodat2 452 +# elif defined(__ia64__) +# define systemd_NR_fchmodat2 1476 +# elif defined(__loongarch_lp64) +# define systemd_NR_fchmodat2 452 +# elif defined(__m68k__) +# define systemd_NR_fchmodat2 452 +# elif defined(_MIPS_SIM) +# if _MIPS_SIM == _MIPS_SIM_ABI32 +# define systemd_NR_fchmodat2 4452 +# elif _MIPS_SIM == _MIPS_SIM_NABI32 +# define systemd_NR_fchmodat2 6452 +# elif _MIPS_SIM == _MIPS_SIM_ABI64 +# define systemd_NR_fchmodat2 5452 +# else +# error "Unknown MIPS ABI" +# endif +# elif defined(__hppa__) +# define systemd_NR_fchmodat2 452 +# elif defined(__powerpc__) +# define systemd_NR_fchmodat2 452 +# elif defined(__riscv) +# if __riscv_xlen == 32 +# define systemd_NR_fchmodat2 452 +# elif __riscv_xlen == 64 +# define systemd_NR_fchmodat2 452 +# else +# error "Unknown RISC-V ABI" +# endif +# elif defined(__s390__) +# define systemd_NR_fchmodat2 452 +# elif defined(__sparc__) +# define systemd_NR_fchmodat2 452 +# elif defined(__x86_64__) +# if defined(__ILP32__) +# define systemd_NR_fchmodat2 (452 | /* __X32_SYSCALL_BIT */ 0x40000000) +# else +# define systemd_NR_fchmodat2 452 +# endif +# elif !defined(missing_arch_template) +# warning "fchmodat2() syscall number is unknown for your architecture" +# endif + +/* may be an (invalid) negative number due to libseccomp, see PR 13319 */ +# if defined __NR_fchmodat2 && __NR_fchmodat2 >= 0 +# if defined systemd_NR_fchmodat2 +assert_cc(__NR_fchmodat2 == systemd_NR_fchmodat2); +# endif +# else +# if defined __NR_fchmodat2 +# undef __NR_fchmodat2 +# endif +# if defined systemd_NR_fchmodat2 && systemd_NR_fchmodat2 >= 0 +# define __NR_fchmodat2 systemd_NR_fchmodat2 +# endif +# endif +#endif + #ifndef __IGNORE_getrandom # if defined(__aarch64__) # define systemd_NR_getrandom 278 @@ -327,7 +395,7 @@ assert_cc(__NR_epoll_pwait2 == systemd_NR_epoll_pwait2); # define systemd_NR_getrandom 355 # elif defined(__ia64__) # define systemd_NR_getrandom 1339 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_getrandom 278 # elif defined(__m68k__) # define systemd_NR_getrandom 352 @@ -395,7 +463,7 @@ assert_cc(__NR_getrandom == systemd_NR_getrandom); # define systemd_NR_memfd_create 356 # elif defined(__ia64__) # define systemd_NR_memfd_create 1340 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_memfd_create 279 # elif defined(__m68k__) # define systemd_NR_memfd_create 353 @@ -463,7 +531,7 @@ assert_cc(__NR_memfd_create == systemd_NR_memfd_create); # define systemd_NR_mount_setattr 442 # elif defined(__ia64__) # define systemd_NR_mount_setattr 1466 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_mount_setattr 442 # elif defined(__m68k__) # define systemd_NR_mount_setattr 442 @@ -531,7 +599,7 @@ assert_cc(__NR_mount_setattr == systemd_NR_mount_setattr); # define systemd_NR_move_mount 429 # elif defined(__ia64__) # define systemd_NR_move_mount 1453 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_move_mount 429 # elif defined(__m68k__) # define systemd_NR_move_mount 429 @@ -599,7 +667,7 @@ assert_cc(__NR_move_mount == systemd_NR_move_mount); # define systemd_NR_name_to_handle_at 341 # elif defined(__ia64__) # define systemd_NR_name_to_handle_at 1326 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_name_to_handle_at 264 # elif defined(__m68k__) # define systemd_NR_name_to_handle_at 340 @@ -667,7 +735,7 @@ assert_cc(__NR_name_to_handle_at == systemd_NR_name_to_handle_at); # define systemd_NR_open_tree 428 # elif defined(__ia64__) # define systemd_NR_open_tree 1452 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_open_tree 428 # elif defined(__m68k__) # define systemd_NR_open_tree 428 @@ -735,7 +803,7 @@ assert_cc(__NR_open_tree == systemd_NR_open_tree); # define systemd_NR_openat2 437 # elif defined(__ia64__) # define systemd_NR_openat2 1461 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_openat2 437 # elif defined(__m68k__) # define systemd_NR_openat2 437 @@ -803,7 +871,7 @@ assert_cc(__NR_openat2 == systemd_NR_openat2); # define systemd_NR_pidfd_open 434 # elif defined(__ia64__) # define systemd_NR_pidfd_open 1458 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_pidfd_open 434 # elif defined(__m68k__) # define systemd_NR_pidfd_open 434 @@ -871,7 +939,7 @@ assert_cc(__NR_pidfd_open == systemd_NR_pidfd_open); # define systemd_NR_pidfd_send_signal 424 # elif defined(__ia64__) # define systemd_NR_pidfd_send_signal 1448 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_pidfd_send_signal 424 # elif defined(__m68k__) # define systemd_NR_pidfd_send_signal 424 @@ -939,7 +1007,7 @@ assert_cc(__NR_pidfd_send_signal == systemd_NR_pidfd_send_signal); # define systemd_NR_pkey_mprotect 380 # elif defined(__ia64__) # define systemd_NR_pkey_mprotect 1354 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_pkey_mprotect 288 # elif defined(__m68k__) # define systemd_NR_pkey_mprotect 381 @@ -1007,7 +1075,7 @@ assert_cc(__NR_pkey_mprotect == systemd_NR_pkey_mprotect); # define systemd_NR_renameat2 353 # elif defined(__ia64__) # define systemd_NR_renameat2 1338 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_renameat2 276 # elif defined(__m68k__) # define systemd_NR_renameat2 351 @@ -1075,7 +1143,7 @@ assert_cc(__NR_renameat2 == systemd_NR_renameat2); # define systemd_NR_setns 346 # elif defined(__ia64__) # define systemd_NR_setns 1330 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_setns 268 # elif defined(__m68k__) # define systemd_NR_setns 344 @@ -1143,7 +1211,7 @@ assert_cc(__NR_setns == systemd_NR_setns); # define systemd_NR_statx 383 # elif defined(__ia64__) # define systemd_NR_statx 1350 -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_statx 291 # elif defined(__m68k__) # define systemd_NR_statx 379 diff --git a/src/basic/missing_syscalls.py b/src/basic/missing_syscalls.py index 642d4d9..4b61c1c 100644 --- a/src/basic/missing_syscalls.py +++ b/src/basic/missing_syscalls.py @@ -10,6 +10,7 @@ SYSCALLS = [ 'close_range', 'copy_file_range', 'epoll_pwait2', + 'fchmodat2', 'getrandom', 'memfd_create', 'mount_setattr', @@ -60,7 +61,7 @@ DEF_TEMPLATE_B = '''\ # define systemd_NR_{syscall} {nr_i386} # elif defined(__ia64__) # define systemd_NR_{syscall} {nr_ia64} -# elif defined(__loongarch64) +# elif defined(__loongarch_lp64) # define systemd_NR_{syscall} {nr_loongarch64} # elif defined(__m68k__) # define systemd_NR_{syscall} {nr_m68k} diff --git a/src/basic/string-util.c b/src/basic/string-util.c index 17d35fe..8a806e9 100644 --- a/src/basic/string-util.c +++ b/src/basic/string-util.c @@ -1202,3 +1202,15 @@ size_t strspn_from_end(const char *str, const char *accept) { return n; } + +char *startswith_strv(const char *string, char **strv) { + char *found = NULL; + + STRV_FOREACH(i, strv) { + found = startswith(string, *i); + if (found) + break; + } + + return found; +} diff --git a/src/basic/string-util.h b/src/basic/string-util.h index 913a96f..6edfaef 100644 --- a/src/basic/string-util.h +++ b/src/basic/string-util.h @@ -243,3 +243,8 @@ bool streq_skip_trailing_chars(const char *s1, const char *s2, const char *ok); char *string_replace_char(char *str, char old_char, char new_char); size_t strspn_from_end(const char *str, const char *accept); + +char *startswith_strv(const char *string, char **strv); + +#define STARTSWITH_SET(p, ...) \ + startswith_strv(p, STRV_MAKE(__VA_ARGS__)) diff --git a/src/basic/strv.h b/src/basic/strv.h index bda8cbf..8857c47 100644 --- a/src/basic/strv.h +++ b/src/basic/strv.h @@ -206,18 +206,6 @@ void strv_print(char * const *l); _x && strv_contains_case(STRV_MAKE(__VA_ARGS__), _x); \ }) -#define STARTSWITH_SET(p, ...) \ - ({ \ - const char *_p = (p); \ - char *_found = NULL; \ - STRV_FOREACH(_i, STRV_MAKE(__VA_ARGS__)) { \ - _found = startswith(_p, *_i); \ - if (_found) \ - break; \ - } \ - _found; \ - }) - #define ENDSWITH_SET(p, ...) \ ({ \ const char *_p = (p); \ diff --git a/src/basic/user-util.c b/src/basic/user-util.c index 519e788..8823e73 100644 --- a/src/basic/user-util.c +++ b/src/basic/user-util.c @@ -313,7 +313,7 @@ int get_user_creds( if (shell) { if (FLAGS_SET(flags, USER_CREDS_CLEAN) && (isempty(p->pw_shell) || - !path_is_valid(p->pw_dir) || + !path_is_valid(p->pw_shell) || !path_is_absolute(p->pw_shell) || is_nologin_shell(p->pw_shell))) *shell = NULL; diff --git a/src/basic/virt.c b/src/basic/virt.c index c2ed8d0..6ea1854 100644 --- a/src/basic/virt.c +++ b/src/basic/virt.c @@ -97,7 +97,7 @@ static Virtualization detect_vm_cpuid(void) { } static Virtualization detect_vm_device_tree(void) { -#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) || defined(__powerpc64__) +#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) || defined(__powerpc64__) || defined(__riscv) _cleanup_free_ char *hvtype = NULL; int r; @@ -154,7 +154,7 @@ static Virtualization detect_vm_device_tree(void) { #endif } -#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch64) +#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch_lp64) || defined(__riscv) static Virtualization detect_vm_dmi_vendor(void) { static const char* const dmi_vendors[] = { "/sys/class/dmi/id/product_name", /* Test this before sys_vendor to detect KVM over QEMU */ @@ -245,10 +245,10 @@ static int detect_vm_smbios(void) { log_debug("DMI BIOS Extension table does not indicate virtualization."); return SMBIOS_VM_BIT_UNSET; } -#endif /* defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch64) */ +#endif /* defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch_lp64) */ static Virtualization detect_vm_dmi(void) { -#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch64) +#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__loongarch_lp64) int r; r = detect_vm_dmi_vendor(); @@ -454,7 +454,7 @@ Virtualization detect_vm(void) { /* We have to use the correct order here: * - * → First, try to detect Oracle Virtualbox, Amazon EC2 Nitro, and Parallels, even if they use KVM, + * → First, try to detect Oracle Virtualbox, Amazon EC2 Nitro, Parallels, and Google Compute Engine, even if they use KVM, * as well as Xen even if it cloaks as Microsoft Hyper-V. Attempt to detect uml at this stage also * since it runs as a user-process nested inside other VMs. Also check for Xen now, because Xen PV * mode does not override CPUID when nested inside another hypervisor. @@ -469,7 +469,8 @@ Virtualization detect_vm(void) { VIRTUALIZATION_ORACLE, VIRTUALIZATION_XEN, VIRTUALIZATION_AMAZON, - VIRTUALIZATION_PARALLELS)) { + VIRTUALIZATION_PARALLELS, + VIRTUALIZATION_GOOGLE)) { v = dmi; goto finish; } |