[systemd-devel] confirm
confirm 502b8688fb19af59d0659c7f3c86da28cfaf7713 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] make systemd service takes cpu exclusively
Hi, everybody, As we all know that currently systemd puts all the services into a run_queue, and lets them run together as possible as it can. However, this mechanism also brings in a problem, which means all the services will contend for CPU, and systemd is unable to make sure one service has priority ONE and only itself takes the CPU when this service is starting. For example, if we want to make sure a.service runs firstly , and all the other services runs after a.service is finished. So, does anybody know if systemd has this kind of mechanism? If not, can we create a way to do this and add this feature into systemd? Or is this idea possible? I think this is very usefull under some situations. Thanks~ ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] make systemd service takes cpu exclusively
Hi On Mon, Nov 17, 2014 at 9:40 AM, Cao, XinX xinx@intel.com wrote: Hi, everybody, As we all know that currently systemd puts all the services into a run_queue, and lets them run together as possible as it can. However, this mechanism also brings in a problem, which means all the services will contend for CPU, and systemd is unable to make sure one service has priority ONE and only itself takes the CPU when this service is starting. For example, if we want to make sure a.service runs firstly , and all the other services runs after a.service is finished. So, does anybody know if systemd has this kind of mechanism? If not, can we create a way to do this and add this feature into systemd? Or is this idea possible? I think this is very usefull under some situations. You could use explicit ordering (see Before= and After=) to make your unit run almost exclusively. But this will cause a significant bottle-neck during boot and is not recommended at all. The question really is _why_ you want that unit to be run before anything else. If you only want to prioritize one unit, have a look at man systemd.resource-control. It provides a huge set of options to configure your units. You have quite fine control over CPU shares etc. Specifically the StartupCPUShares= option might be of interest to you. Thanks David ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] make systemd service takes cpu exclusively
Hi XinX On Mon, Nov 17, 2014 at 9:40 AM, Cao, XinX xinx@intel.com wrote: Hi, everybody, As we all know that currently systemd puts all the services into a run_queue, and lets them run together as possible as it can. However, this mechanism also brings in a problem, which means all the services will contend for CPU, and systemd is unable to make sure one service has priority ONE and only itself takes the CPU when this service is starting. What exactly is the problem when they all want to get the CPU? For example, if we want to make sure a.service runs firstly , and all the other services runs after a.service is finished. So, does anybody know if systemd has this kind of mechanism? If not, can we create a way to do this and add this feature into systemd? Or is this idea possible? I think this is very usefull under some situations. It really depends on your use case and what you consider with a.service runs first. If you only want to start the service first, then you can always add After=a.service directive to other services that are starting at the same time. But this is pretty static information. You have to do this for every time you change your priority service. You could also prioritize a service by changing their StartupCPUShares= but this is not truly stopping other services from being scheduled in. Maybe they get the minimum CPU, but they still do. Lennart has recently considered to change the startup queue to prioritized startup queue where a prioritized service will be forked off before other services - http://lists.freedesktop.org/archives/systemd-devel/2014-October/024315.html. Umut Thanks~ ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/3] log: 1237557 Unchecked return value from library
Hi
On Tue, Nov 11, 2014 at 9:06 AM, Susant Sahani sus...@redhat.com wrote:
fix 1237557 Unchecked return value from library
---
src/shared/log.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shared/log.c b/src/shared/log.c
index 1c589ac..e7237ba 100644
--- a/src/shared/log.c
+++ b/src/shared/log.c
@@ -122,7 +122,7 @@ static int create_log_socket(int type) {
timeval_store(tv, 10 * USEC_PER_MSEC);
else
timeval_store(tv, 10 * USEC_PER_SEC);
-setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, tv, sizeof(tv));
+(void) setsockopt(fd, SOL_SOCKET, SO_SNDTIMEO, tv, sizeof(tv));
I don't think we use spaces after casts, but not entirely sure..
Applied!
Thanks
David
return fd;
}
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/3] resolved: fix CID 1237549 Unchecked return value
Hi
On Tue, Nov 11, 2014 at 9:06 AM, Susant Sahani sus...@redhat.com wrote:
---
Applied!
Thanks
David
src/resolve/resolved-dns-scope.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/resolve/resolved-dns-scope.c
b/src/resolve/resolved-dns-scope.c
index 1664b13..25e0d9e 100644
--- a/src/resolve/resolved-dns-scope.c
+++ b/src/resolve/resolved-dns-scope.c
@@ -386,7 +386,7 @@ int dns_scope_llmnr_membership(DnsScope *s, bool b) {
* one. This is necessary on some devices, such as
* veth. */
if (b)
-setsockopt(fd, IPPROTO_IP, IP_DROP_MEMBERSHIP,
mreqn, sizeof(mreqn));
+(void) setsockopt(fd, IPPROTO_IP,
IP_DROP_MEMBERSHIP, mreqn, sizeof(mreqn));
if (setsockopt(fd, IPPROTO_IP, b ? IP_ADD_MEMBERSHIP :
IP_DROP_MEMBERSHIP, mreqn, sizeof(mreqn)) 0)
return -errno;
@@ -402,7 +402,7 @@ int dns_scope_llmnr_membership(DnsScope *s, bool b) {
return fd;
if (b)
-setsockopt(fd, IPPROTO_IPV6, IPV6_DROP_MEMBERSHIP,
mreq, sizeof(mreq));
+(void) setsockopt(fd, IPPROTO_IPV6,
IPV6_DROP_MEMBERSHIP, mreq, sizeof(mreq));
if (setsockopt(fd, IPPROTO_IPV6, b ? IPV6_ADD_MEMBERSHIP :
IPV6_DROP_MEMBERSHIP, mreq, sizeof(mreq)) 0)
return -errno;
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [k]dbus: api, match replace and test extending
On Mon, 17.11.14 00:23, Rui Miguel Silva (rmf...@gmail.com) wrote: Hi, I have some questions regarding kdbus/dbus, maybe some could assist: 1\ api: when it is exported explicity bloom as filter implementation dont you think that: - exporting through api an internal implementation, maybe it is not a good idea What do you mean by that? Note that the parameters of the bloom filter are communicated via HELLO ioctl when you connect. This allows us to alter the parameters later on should that be necessary. Also, there's a feature negotiation scheme as well as filter versioning available which allows us to change the filtering scheme evenutally should this be necessary, without having to update all clients at once. We hence carefully made sure that we have a variety of soft ways how we can still alter the filtering scheme later on, after the first release. That said, we also carefully selected the initial parameters we will use by default. For example, the hash function we use is SipHash, which is actually overkill for what we need (it's cryptographic which is a property we don't need), and we defined a set of seeds that are substantially more than we will need with the initial bloom filter parameters. - technical debt, if in the future the filter mechanism is change by other than bloom. so bloom maybe just be replaced with only generic filter could make more sense? What do you mean by only generic filter? 2\ match_replace: it is not clear to me from the docs what should be the behaviour when using the KDBUS_MATCH_REPLACE flag and the match with the given cookie does not exist. In the implementation it is obvious that it will add as a new match. but it is a feature or bug? This is a feature. It's about atomic replace really. 3\ testing: it is of any interess to provide more test code and cases at kdbus level? or do not want to increase the testing scenario? We are always interested in more test cases. In both sd-bus on the systemd side, as well as in the kdbus/kernel repository! Hope this is useful! Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 3/3] bus-socket: fix CID 996290 Unchecked return value
Hi
On Tue, Nov 11, 2014 at 9:06 AM, Susant Sahani sus...@redhat.com wrote:
---
src/libsystemd/sd-bus/bus-socket.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Applied!
Thanks
David
diff --git a/src/libsystemd/sd-bus/bus-socket.c
b/src/libsystemd/sd-bus/bus-socket.c
index d124d9a..662bf1c 100644
--- a/src/libsystemd/sd-bus/bus-socket.c
+++ b/src/libsystemd/sd-bus/bus-socket.c
@@ -610,10 +610,10 @@ void bus_socket_setup(sd_bus *b) {
/* Enable SO_PASSCRED + SO_PASSEC. We try this on any
* socket, just in case. */
enable = !b-bus_client;
-setsockopt(b-input_fd, SOL_SOCKET, SO_PASSCRED, enable,
sizeof(enable));
+(void) setsockopt(b-input_fd, SOL_SOCKET, SO_PASSCRED, enable,
sizeof(enable));
enable = !b-bus_client (b-attach_flags KDBUS_ATTACH_SECLABEL);
-setsockopt(b-input_fd, SOL_SOCKET, SO_PASSSEC, enable,
sizeof(enable));
+(void) setsockopt(b-input_fd, SOL_SOCKET, SO_PASSSEC, enable,
sizeof(enable));
/* Increase the buffers to 8 MB */
fd_inc_rcvbuf(b-input_fd, SNDBUF_SIZE);
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/2] namespace:Unchecked return value from library
Hi
On Tue, Nov 11, 2014 at 11:33 AM, Susant Sahani sus...@redhat.com wrote:
fix:
CID 1237553 (#1 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#3 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#4 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#5 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#6 of 6): Unchecked return value from library
(CHECKED_RETURN)
---
src/core/namespace.c | 44 +---
1 file changed, 37 insertions(+), 7 deletions(-)
diff --git a/src/core/namespace.c b/src/core/namespace.c
index 4bc288d..94a8088 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -157,14 +157,24 @@ static int mount_dev(BindMount *m) {
return -errno;
dev = strappenda(temporary_mount, /dev);
-mkdir(dev, 0755);
+r = mkdir(dev, 0755);
+if (r 0) {
+r = -errno;
+goto fail;
+}
+
if (mount(tmpfs, dev, tmpfs, MS_NOSUID|MS_STRICTATIME,
mode=755) 0) {
r = -errno;
goto fail;
}
devpts = strappenda(temporary_mount, /dev/pts);
-mkdir(devpts, 0755);
+r = mkdir(devpts, 0755);
+if (r 0) {
+r = -errno;
+goto fail;
+}
+
if (mount(/dev/pts, devpts, NULL, MS_BIND, NULL) 0) {
r = -errno;
goto fail;
@@ -174,7 +184,7 @@ static int mount_dev(BindMount *m) {
symlink(pts/ptmx, devptmx);
devshm = strappenda(temporary_mount, /dev/shm);
-mkdir(devshm, 01777);
+r = mkdir(devshm, 01777);
This lacks error handling.
r = mount(/dev/shm, devshm, NULL, MS_BIND, NULL);
if (r 0) {
r = -errno;
@@ -182,15 +192,30 @@ static int mount_dev(BindMount *m) {
}
devmqueue = strappenda(temporary_mount, /dev/mqueue);
-mkdir(devmqueue, 0755);
+r = mkdir(devmqueue, 0755);
+if (r 0) {
+r = -errno;
+goto fail;
+}
+
mount(/dev/mqueue, devmqueue, NULL, MS_BIND, NULL);
devkdbus = strappenda(temporary_mount, /dev/kdbus);
-mkdir(devkdbus, 0755);
+r = mkdir(devkdbus, 0755);
+if (r 0) {
+r = -errno;
+goto fail;
+}
+
mount(/dev/kdbus, devkdbus, NULL, MS_BIND, NULL);
devhugepages = strappenda(temporary_mount, /dev/hugepages);
-mkdir(devhugepages, 0755);
+r = mkdir(devhugepages, 0755);
+if (r 0) {
+r = -errno;
+goto fail;
+}
+
mount(/dev/hugepages, devhugepages, NULL, MS_BIND, NULL);
devlog = strappenda(temporary_mount, /dev/log);
@@ -289,7 +314,12 @@ static int mount_kdbus(BindMount *m) {
}
root = strappenda(temporary_mount, /kdbus);
-mkdir(root, 0755);
+r = mkdir(root, 0755);
+if (r 0) {
+r = -errno;
+goto fail;
+}
+
I also wonder whether we should check errno != EEXIST. Haven't
looked at it in detail, yet.
Thanks
David
if (mount(tmpfs, root, tmpfs, MS_NOSUID|MS_STRICTATIME,
mode=777) 0) {
r = -errno;
goto fail;
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
Hi
On Tue, Nov 11, 2014 at 11:33 AM, Susant Sahani sus...@redhat.com wrote:
Unchecked return value from library
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..c4cd387 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,7 +376,9 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+r = mkfifo(p, 0600);
+if (r 0)
+return -errno;
What if that fifo already exists? Like if tty-ask-password-agent
crashes and is restarted? Maybe fix both calls, mkdir_parents_label()
and mkfifo(), to ignore the return value via (void).
Or am I missing something?
Thanks
David
fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (fd 0)
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
Hi
On Mon, Nov 17, 2014 at 11:20 AM, Susant Sahani sus...@redhat.com wrote:
On 11/17/2014 03:39 PM, David Herrmann wrote:
Hi
Hi David,
On Tue, Nov 11, 2014 at 11:33 AM, Susant Sahani sus...@redhat.com wrote:
Unchecked return value from library
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..c4cd387 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,7 +376,9 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+r = mkfifo(p, 0600);
+if (r 0)
+return -errno;
What if that fifo already exists? Like if tty-ask-password-agent
crashes and is restarted? Maybe fix both calls, mkdir_parents_label()
and mkfifo(), to ignore the return value via (void).
yes I forgot that Thanks . In this case I guess
r = mkfifo(p, 0600);
if (r 0) {
if(errno != EEXIST)
return -errno;
}
would be better.
Maybe just use if (r 0 errno != EEXIST)
Thanks
David
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/2] namespace:Unchecked return value from library
On 11/17/2014 03:35 PM, David Herrmann wrote:
Hi
Hi,
On Tue, Nov 11, 2014 at 11:33 AM, Susant Sahani sus...@redhat.com wrote:
fix:
CID 1237553 (#1 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#3 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#4 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#5 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#6 of 6): Unchecked return value from library
(CHECKED_RETURN)
@@ -289,7 +314,12 @@ static int mount_kdbus(BindMount *m) {
}
root = strappenda(temporary_mount, /kdbus);
-mkdir(root, 0755);
+r = mkdir(root, 0755);
+if (r 0) {
+r = -errno;
+goto fail;
+}
+
I also wonder whether we should check errno != EEXIST. Haven't
looked at it in detail, yet.
yes it's better. I'll modify it.
Susant
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 1/2] namespace:Unchecked return value from library
fix:
CID 1237553 (#1 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#3 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#4 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#5 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#6 of 6): Unchecked return value from library
(CHECKED_RETURN)
---
src/core/namespace.c | 48 ++--
1 file changed, 42 insertions(+), 6 deletions(-)
diff --git a/src/core/namespace.c b/src/core/namespace.c
index eb7f2ad..db99e88 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -157,14 +157,26 @@ static int mount_dev(BindMount *m) {
return -errno;
dev = strappenda(temporary_mount, /dev);
-mkdir(dev, 0755);
+
+r = mkdir(dev, 0755);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
if (mount(tmpfs, dev, tmpfs, MS_NOSUID|MS_STRICTATIME, mode=755)
0) {
r = -errno;
goto fail;
}
devpts = strappenda(temporary_mount, /dev/pts);
-mkdir(devpts, 0755);
+
+r = mkdir(devpts, 0755);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
if (mount(/dev/pts, devpts, NULL, MS_BIND, NULL) 0) {
r = -errno;
goto fail;
@@ -174,7 +186,13 @@ static int mount_dev(BindMount *m) {
symlink(pts/ptmx, devptmx);
devshm = strappenda(temporary_mount, /dev/shm);
-mkdir(devshm, 01777);
+
+r = mkdir(devshm, 01777);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
r = mount(/dev/shm, devshm, NULL, MS_BIND, NULL);
if (r 0) {
r = -errno;
@@ -182,11 +200,23 @@ static int mount_dev(BindMount *m) {
}
devmqueue = strappenda(temporary_mount, /dev/mqueue);
-mkdir(devmqueue, 0755);
+
+r = mkdir(devmqueue, 0755);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
mount(/dev/mqueue, devmqueue, NULL, MS_BIND, NULL);
devhugepages = strappenda(temporary_mount, /dev/hugepages);
-mkdir(devhugepages, 0755);
+
+r = mkdir(devhugepages, 0755);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
mount(/dev/hugepages, devhugepages, NULL, MS_BIND, NULL);
devlog = strappenda(temporary_mount, /dev/log);
@@ -282,7 +312,13 @@ static int mount_kdbus(BindMount *m) {
}
root = strappenda(temporary_mount, /kdbus);
-mkdir(root, 0755);
+
+r = mkdir(root, 0755);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
if (mount(tmpfs, root, tmpfs, MS_NOSUID|MS_STRICTATIME,
mode=777) 0) {
r = -errno;
goto fail;
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/2] namespace:Unchecked return value from library
Hi
On Mon, Nov 17, 2014 at 11:37 AM, Susant Sahani sus...@redhat.com wrote:
fix:
CID 1237553 (#1 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#3 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#4 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#5 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#6 of 6): Unchecked return value from library
(CHECKED_RETURN)
---
Looking into mount_dev() more closely, I noticed this is probably not
needed at all. I mean, we create a temporary directory and then mount
everything in there. See mkdtemp(). If mkdir() fails, then mount()
will fail too. No-one else can mess with us as they need to be root to
do anything bad to our temp-dir (and if they're root, we're screwed
anyway).
So I guess we can just ignore all the errors. I'd be fine with
pre-fixing them with (void), or dropping EEXIST again (sorry!) and
doing normal error-checking.
Thanks
David
src/core/namespace.c | 48 ++--
1 file changed, 42 insertions(+), 6 deletions(-)
diff --git a/src/core/namespace.c b/src/core/namespace.c
index eb7f2ad..db99e88 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -157,14 +157,26 @@ static int mount_dev(BindMount *m) {
return -errno;
dev = strappenda(temporary_mount, /dev);
-mkdir(dev, 0755);
+
+r = mkdir(dev, 0755);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
if (mount(tmpfs, dev, tmpfs, MS_NOSUID|MS_STRICTATIME,
mode=755) 0) {
r = -errno;
goto fail;
}
devpts = strappenda(temporary_mount, /dev/pts);
-mkdir(devpts, 0755);
+
+r = mkdir(devpts, 0755);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
if (mount(/dev/pts, devpts, NULL, MS_BIND, NULL) 0) {
r = -errno;
goto fail;
@@ -174,7 +186,13 @@ static int mount_dev(BindMount *m) {
symlink(pts/ptmx, devptmx);
devshm = strappenda(temporary_mount, /dev/shm);
-mkdir(devshm, 01777);
+
+r = mkdir(devshm, 01777);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
r = mount(/dev/shm, devshm, NULL, MS_BIND, NULL);
if (r 0) {
r = -errno;
@@ -182,11 +200,23 @@ static int mount_dev(BindMount *m) {
}
devmqueue = strappenda(temporary_mount, /dev/mqueue);
-mkdir(devmqueue, 0755);
+
+r = mkdir(devmqueue, 0755);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
mount(/dev/mqueue, devmqueue, NULL, MS_BIND, NULL);
devhugepages = strappenda(temporary_mount, /dev/hugepages);
-mkdir(devhugepages, 0755);
+
+r = mkdir(devhugepages, 0755);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
mount(/dev/hugepages, devhugepages, NULL, MS_BIND, NULL);
devlog = strappenda(temporary_mount, /dev/log);
@@ -282,7 +312,13 @@ static int mount_kdbus(BindMount *m) {
}
root = strappenda(temporary_mount, /kdbus);
-mkdir(root, 0755);
+
+r = mkdir(root, 0755);
+if (r 0 errno != EEXIST) {
+r = -errno;
+goto fail;
+}
+
if (mount(tmpfs, root, tmpfs, MS_NOSUID|MS_STRICTATIME,
mode=777) 0) {
r = -errno;
goto fail;
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 1/2] namespace:Unchecked return value from library
fix:
CID 1237553 (#1 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#3 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#4 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#5 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#6 of 6): Unchecked return value from library
(CHECKED_RETURN)
---
src/core/namespace.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/core/namespace.c b/src/core/namespace.c
index eb7f2ad..a202545 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -157,14 +157,14 @@ static int mount_dev(BindMount *m) {
return -errno;
dev = strappenda(temporary_mount, /dev);
-mkdir(dev, 0755);
+(void)mkdir(dev, 0755);
if (mount(tmpfs, dev, tmpfs, MS_NOSUID|MS_STRICTATIME, mode=755)
0) {
r = -errno;
goto fail;
}
devpts = strappenda(temporary_mount, /dev/pts);
-mkdir(devpts, 0755);
+(void)mkdir(devpts, 0755);
if (mount(/dev/pts, devpts, NULL, MS_BIND, NULL) 0) {
r = -errno;
goto fail;
@@ -174,7 +174,7 @@ static int mount_dev(BindMount *m) {
symlink(pts/ptmx, devptmx);
devshm = strappenda(temporary_mount, /dev/shm);
-mkdir(devshm, 01777);
+(void)mkdir(devshm, 01777);
r = mount(/dev/shm, devshm, NULL, MS_BIND, NULL);
if (r 0) {
r = -errno;
@@ -182,11 +182,11 @@ static int mount_dev(BindMount *m) {
}
devmqueue = strappenda(temporary_mount, /dev/mqueue);
-mkdir(devmqueue, 0755);
+(void)mkdir(devmqueue, 0755);
mount(/dev/mqueue, devmqueue, NULL, MS_BIND, NULL);
devhugepages = strappenda(temporary_mount, /dev/hugepages);
-mkdir(devhugepages, 0755);
+(void)mkdir(devhugepages, 0755);
mount(/dev/hugepages, devhugepages, NULL, MS_BIND, NULL);
devlog = strappenda(temporary_mount, /dev/log);
@@ -282,7 +282,7 @@ static int mount_kdbus(BindMount *m) {
}
root = strappenda(temporary_mount, /kdbus);
-mkdir(root, 0755);
+(void)mkdir(root, 0755);
if (mount(tmpfs, root, tmpfs, MS_NOSUID|MS_STRICTATIME,
mode=777) 0) {
r = -errno;
goto fail;
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (fd 0)
return -errno;
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/2] namespace:Unchecked return value from library
Hi
On Mon, Nov 17, 2014 at 11:58 AM, Susant Sahani sus...@redhat.com wrote:
fix:
CID 1237553 (#1 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#3 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#4 of 6): Unchecked return value from library
(CHECKED_RETURN)
CID 1237553 (#5 of 6): Unchecked return value from library
(CHECKED_RETURN
CID 1237553 (#6 of 6): Unchecked return value from library
(CHECKED_RETURN)
---
src/core/namespace.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
Applied!
Thanks
David
diff --git a/src/core/namespace.c b/src/core/namespace.c
index eb7f2ad..a202545 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -157,14 +157,14 @@ static int mount_dev(BindMount *m) {
return -errno;
dev = strappenda(temporary_mount, /dev);
-mkdir(dev, 0755);
+(void)mkdir(dev, 0755);
if (mount(tmpfs, dev, tmpfs, MS_NOSUID|MS_STRICTATIME,
mode=755) 0) {
r = -errno;
goto fail;
}
devpts = strappenda(temporary_mount, /dev/pts);
-mkdir(devpts, 0755);
+(void)mkdir(devpts, 0755);
if (mount(/dev/pts, devpts, NULL, MS_BIND, NULL) 0) {
r = -errno;
goto fail;
@@ -174,7 +174,7 @@ static int mount_dev(BindMount *m) {
symlink(pts/ptmx, devptmx);
devshm = strappenda(temporary_mount, /dev/shm);
-mkdir(devshm, 01777);
+(void)mkdir(devshm, 01777);
r = mount(/dev/shm, devshm, NULL, MS_BIND, NULL);
if (r 0) {
r = -errno;
@@ -182,11 +182,11 @@ static int mount_dev(BindMount *m) {
}
devmqueue = strappenda(temporary_mount, /dev/mqueue);
-mkdir(devmqueue, 0755);
+(void)mkdir(devmqueue, 0755);
mount(/dev/mqueue, devmqueue, NULL, MS_BIND, NULL);
devhugepages = strappenda(temporary_mount, /dev/hugepages);
-mkdir(devhugepages, 0755);
+(void)mkdir(devhugepages, 0755);
mount(/dev/hugepages, devhugepages, NULL, MS_BIND, NULL);
devlog = strappenda(temporary_mount, /dev/log);
@@ -282,7 +282,7 @@ static int mount_kdbus(BindMount *m) {
}
root = strappenda(temporary_mount, /kdbus);
-mkdir(root, 0755);
+(void)mkdir(root, 0755);
if (mount(tmpfs, root, tmpfs, MS_NOSUID|MS_STRICTATIME,
mode=777) 0) {
r = -errno;
goto fail;
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [k]dbus: api, match replace and test extending
On Mon, Nov 17, 2014 at 11:00:52AM +0100, Lennart Poettering wrote: On Mon, 17.11.14 00:23, Rui Miguel Silva (rmf...@gmail.com) wrote: Hi, I have some questions regarding kdbus/dbus, maybe some could assist: 1\ api: when it is exported explicity bloom as filter implementation dont you think that: - exporting through api an internal implementation, maybe it is not a good idea What do you mean by that? Note that the parameters of the bloom filter are communicated via HELLO ioctl when you connect. This allows us to alter the parameters later on should that be necessary. Also, there's a feature negotiation scheme as well as filter versioning available which allows us to change the filtering scheme evenutally should this be necessary, without having to update all clients at once. We hence carefully made sure that we have a variety of soft ways how we can still alter the filtering scheme later on, after the first release. That said, we also carefully selected the initial parameters we will use by default. For example, the hash function we use is SipHash, which is actually overkill for what we need (it's cryptographic which is a property we don't need), and we defined a set of seeds that are substantially more than we will need with the initial bloom filter parameters. Yes, that is understood and it is a wise decision. - technical debt, if in the future the filter mechanism is change by other than bloom. so bloom maybe just be replaced with only generic filter could make more sense? What do you mean by only generic filter? Maybe I did not explain myself well, what I mean is: Imagine that ahead we find that instead of bloom filtering mechanism, for example, cuckoo filters are more eficient. The api have the filter structs called struct kdbus_bloom_filter, my suggestion was to just change that to struct kdbus_filter (and no attach to filter specific implementation). Since they are very generic (generation and a data field) and for the kdbus it is just a check between a mask and a filter. 2\ match_replace: it is not clear to me from the docs what should be the behaviour when using the KDBUS_MATCH_REPLACE flag and the match with the given cookie does not exist. In the implementation it is obvious that it will add as a new match. but it is a feature or bug? This is a feature. It's about atomic replace really. thanks. 3\ testing: it is of any interess to provide more test code and cases at kdbus level? or do not want to increase the testing scenario? We are always interested in more test cases. In both sd-bus on the systemd side, as well as in the kdbus/kernel repository! will try to contribute. Cheers, Rui Hope this is useful! Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Shutdown problems
Nikolaus Rath wrote on 16/11/14 16:54: No one able to help at all? Please be patient. You've only left it a couple days since your last reply and only one of those days was a weekday. People will likely reply soon enough. I would however recommend you disable things like plymouth and remove the splash and quiet keywords from the kernel command line to see more debugging. Col -- Colin Guthrie gmane(at)colin.guthr.ie http://colin.guthr.ie/ Day Job: Tribalogic Limited http://www.tribalogic.net/ Open Source: Mageia Contributor http://www.mageia.org/ PulseAudio Hacker http://www.pulseaudio.org/ Trac Hacker http://trac.edgewall.org/ ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] set rr scheduler failed with cpushares
Hello, I'd made two different services. One has *CPUSchedulingPolicy=rr* and the others has *CPUShares=*. # cat foo.service [Unit] Description=foo has CPUSchedulingPolicy= [Service] RemainAfterExit=yes ExecStart=/bin/true CPUSchedulingPolicy=rr # cat bar.service [Unit] Description=bar has CPUShares= [Service] RemainAfterExit=yes ExecStart=/usr/bin/hello.sh CPUShares=100 foo.service is activated well if bar.service is not activated. # systemctl start foo.service; systemctl status foo.service bar.service foo.service - foo has CPUSchedulingPolicy= Loaded: loaded (/usr/lib/systemd/system/foo.service; static) Active: active (exited) since Mon 2014-11-17 23:32:44 KST; 5s ago Process: 2702 ExecStart=/bin/true (code=exited, status=0/SUCCESS) Main PID: 2702 (code=exited, status=0/SUCCESS) bar.service - bar has CPUShares= Loaded: loaded (/usr/lib/systemd/system/bar.service; static) Active: inactive (dead) But if bar.service(what has CPUShares=) then foo.service failed on sched_setscheduler(). EPERM was returned. # systemctl start bar.service; systemctl restart foo.service; systemctl status foo.service bar.service foo.service - foo has CPUSchedulingPolicy= Loaded: loaded (/usr/lib/systemd/system/foo.service; static) Active: active (exited) (Result: exit-code) since Mon 2014-11-17 23:34:48 KST; 75ms ago Process: 3222 ExecStart=/bin/true (code=exited, status=214/SETSCHEDULER) Main PID: 3222 (code=exited, status=214/SETSCHEDULER) Nov 17 23:34:48 KIRAN systemd[1]: Started foo has CPUSchedulingPolicy=. Nov 17 23:34:48 KIRAN systemd[1]: foo.service: main process exited, code=ex...ER bar.service - bar has CPUShares= Loaded: loaded (/usr/lib/systemd/system/bar.service; static) Active: active (running) since Mon 2014-11-17 23:34:48 KST; 296ms ago Main PID: 3218 (hello.sh) CGroup: /system.slice/bar.service ├─3218 /bin/bash /usr/bin/hello.sh └─3221 sleep 1 Could anyone help me? Thanks, WaLyong ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] networkd: route - allow routes without a gateway
For IPv6, the kernel returns EINVAL if a route is added with the
RTA_GATEWAY attribute set to in6addr_any (::). A route without a
gateway is useful in some situations, such as layer 3 tunneling
(sit, gre, etc.).
This patch prevents the RTA_GATEWAY attribute from being added
when route.in_addr is ip6addr_any (::).
---
src/network/networkd-route.c | 32 ++--
1 file changed, 18 insertions(+), 14 deletions(-)
diff --git a/src/network/networkd-route.c b/src/network/networkd-route.c
index 10d8cd9..82c9e00 100644
--- a/src/network/networkd-route.c
+++ b/src/network/networkd-route.c
@@ -118,13 +118,15 @@ int route_drop(Route *route, Link *link,
return r;
}
-if (route-family == AF_INET)
-r = sd_rtnl_message_append_in_addr(req, RTA_GATEWAY,
route-in_addr.in);
-else if (route-family == AF_INET6)
-r = sd_rtnl_message_append_in6_addr(req, RTA_GATEWAY,
route-in_addr.in6);
-if (r 0) {
-log_error(Could not append RTA_GATEWAY attribute:
%s, strerror(-r));
-return r;
+if (!in_addr_is_null(route-family, route-in_addr)) {
+if (route-family == AF_INET)
+r = sd_rtnl_message_append_in_addr(req,
RTA_GATEWAY, route-in_addr.in);
+else if (route-family == AF_INET6)
+r = sd_rtnl_message_append_in6_addr(req,
RTA_GATEWAY, route-in_addr.in6);
+if (r 0) {
+log_error(Could not append RTA_GATEWAY
attribute: %s, strerror(-r));
+return r;
+}
}
if (route-dst_prefixlen) {
@@ -203,13 +205,15 @@ int route_configure(Route *route, Link *link,
return r;
}
-if (route-family == AF_INET)
-r = sd_rtnl_message_append_in_addr(req, RTA_GATEWAY,
route-in_addr.in);
-else if (route-family == AF_INET6)
-r = sd_rtnl_message_append_in6_addr(req, RTA_GATEWAY,
route-in_addr.in6);
-if (r 0) {
-log_error(Could not append RTA_GATEWAY attribute:
%s, strerror(-r));
-return r;
+if (!in_addr_is_null(route-family, route-in_addr)) {
+if (route-family == AF_INET)
+r = sd_rtnl_message_append_in_addr(req,
RTA_GATEWAY, route-in_addr.in);
+else if (route-family == AF_INET6)
+r = sd_rtnl_message_append_in6_addr(req,
RTA_GATEWAY, route-in_addr.in6);
+if (r 0) {
+log_error(Could not append RTA_GATEWAY
attribute: %s, strerror(-r));
+return r;
+}
}
if (route-dst_prefixlen) {
--
2.1.3
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want to
do that, but don't think it's anything other than that...
thanks,
greg k-h
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
On 11/17/2014 10:26 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want to
do that, but don't think it's anything other than that...
Yes my intention is to for coverity only Any way next line 'open'
handling the error case .
Susant
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
On Mon, Nov 17, 2014 at 10:36:53PM +0530, Susant Sahani wrote:
On 11/17/2014 10:26 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want to
do that, but don't think it's anything other than that...
Yes my intention is to for coverity only Any way next line 'open' handling
the error case .
I'm sorry, but I don't understand this sentance at all, can you rephrase
it?
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
On 11/17/2014 10:39 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 10:36:53PM +0530, Susant Sahani wrote:
On 11/17/2014 10:26 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want to
do that, but don't think it's anything other than that...
Yes my intention is to for coverity only Any way next line 'open' handling
the error case .
I'm sorry, but I don't understand this sentance at all, can you rephrase
it?
Sorry let me rephrase it. This patch only for coverity . The next like
of mkfifo is open .
(void)mkfifo(p, 0600);
fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (fd 0)
return -errno;
and open is handling the failure.
Susant
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
On 11/17/2014 10:39 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 10:36:53PM +0530, Susant Sahani wrote:
On 11/17/2014 10:26 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want to
do that, but don't think it's anything other than that...
Yes my intention is to for coverity only Any way next line 'open' handling
the error case .
I'm sorry, but I don't understand this sentance at all, can you rephrase
it?
Sorry let me rephrase it. This patch only for coverity . The next line
of code mkfifo is open .
(void)mkfifo(p, 0600);
fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (fd 0)
return -errno;
and open is handling the failure.
Susant
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
On Mon, Nov 17, 2014 at 10:44:14PM +0530, Susant Sahani wrote:
On 11/17/2014 10:39 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 10:36:53PM +0530, Susant Sahani wrote:
On 11/17/2014 10:26 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want to
do that, but don't think it's anything other than that...
Yes my intention is to for coverity only Any way next line 'open' handling
the error case .
I'm sorry, but I don't understand this sentance at all, can you rephrase
it?
Sorry let me rephrase it. This patch only for coverity . The next like of
mkfifo is open .
(void)mkfifo(p, 0600);
fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (fd 0)
return -errno;
and open is handling the failure.
Then coverity should be fixed, don't paper over stupid bugs in tools for
no reason.
thanks,
greg k-h
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
2014-11-17 18:31 GMT+01:00 Greg KH gre...@linuxfoundation.org:
On Mon, Nov 17, 2014 at 10:44:14PM +0530, Susant Sahani wrote:
On 11/17/2014 10:39 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 10:36:53PM +0530, Susant Sahani wrote:
On 11/17/2014 10:26 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want to
do that, but don't think it's anything other than that...
Yes my intention is to for coverity only Any way next line 'open' handling
the error case .
I'm sorry, but I don't understand this sentance at all, can you rephrase
it?
Sorry let me rephrase it. This patch only for coverity . The next like of
mkfifo is open .
(void)mkfifo(p, 0600);
fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (fd 0)
return -errno;
and open is handling the failure.
Then coverity should be fixed, don't paper over stupid bugs in tools for
no reason.
I disagree.
Coverity can not infer this in any possible way. How can coverity
infer that we do not care about the return value of mkfifo ?
It really depends of the semantic here. In this case Susant is
documenting the fact that he does not care about the return value of
mkfifo because he thinks that it is already handled by open. In
another program one can just forgot to check the return value of
mkfifo and doing an open after, but maybe in this program checking the
return value of mkfifo is important.
thanks,
greg k-h
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
On Mon, Nov 17, 2014 at 06:47:33PM +0100, Ronny Chevalier wrote:
2014-11-17 18:31 GMT+01:00 Greg KH gre...@linuxfoundation.org:
On Mon, Nov 17, 2014 at 10:44:14PM +0530, Susant Sahani wrote:
On 11/17/2014 10:39 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 10:36:53PM +0530, Susant Sahani wrote:
On 11/17/2014 10:26 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want to
do that, but don't think it's anything other than that...
Yes my intention is to for coverity only Any way next line 'open'
handling
the error case .
I'm sorry, but I don't understand this sentance at all, can you rephrase
it?
Sorry let me rephrase it. This patch only for coverity . The next like of
mkfifo is open .
(void)mkfifo(p, 0600);
fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (fd 0)
return -errno;
and open is handling the failure.
Then coverity should be fixed, don't paper over stupid bugs in tools for
no reason.
I disagree.
Coverity can not infer this in any possible way. How can coverity
infer that we do not care about the return value of mkfifo ?
It really depends of the semantic here.
Coverity is a semantic checker, why can't it be changed to determine
if mkfifo() is followed by open() and an error check, that it is safe
code? It does this for lots of other common patterns.
greg k-h
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemd-resolved: Concerns raised about cache handling
On the oss-security mailing list, Sebastian Kramer raised some concerns about the DNS implementation in systemd-resolved: http://www.openwall.com/lists/oss-security/2014/11/12/5 I share his concerns, particularly those about caching data not directly pertaining to a response (and they were the reason why I asked about cache dumping because it's so much easier to show this with this debugging aid). I don't consider this so much a security vulnerability, but an interoperability failure in the making (because there are networks where broken recursive resolvers do not filter out incorrect or misleading data). So I'm more worried about accidents than attacks. Some of the other recommendations in RFC 5452 are also relevant to caching stubs. (Sadly, the RFC is incomplete, there is little public documentation on how to actually write interoperable DNS resolvers.) For example, I'm not sure if it is necessary to implement elaborate CNAME processing, or just cache everything in the answer section with the expected RR type, irrespective of the owner name of the resource records, and under the minimum TTL of the entire answer section. Even if you follow CNAME chains, you should only the initial name (QNAME) as a cache lookup key, adding the entire CNAME chain still can lead to cache poisoning. -- Florian Weimer / Red Hat Product Security ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
On 11/18/2014 12:06 AM, Greg KH wrote:
On Mon, Nov 17, 2014 at 06:47:33PM +0100, Ronny Chevalier wrote:
2014-11-17 18:31 GMT+01:00 Greg KH gre...@linuxfoundation.org:
On Mon, Nov 17, 2014 at 10:44:14PM +0530, Susant Sahani wrote:
On 11/17/2014 10:39 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 10:36:53PM +0530, Susant Sahani wrote:
On 11/17/2014 10:26 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want to
do that, but don't think it's anything other than that...
Yes my intention is to for coverity only Any way next line 'open' handling
the error case .
I'm sorry, but I don't understand this sentance at all, can you rephrase
it?
Sorry let me rephrase it. This patch only for coverity . The next like of
mkfifo is open .
(void)mkfifo(p, 0600);
fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (fd 0)
return -errno;
and open is handling the failure.
Then coverity should be fixed, don't paper over stupid bugs in tools for
no reason.
I disagree.
Coverity can not infer this in any possible way. How can coverity
infer that we do not care about the return value of mkfifo ?
It really depends of the semantic here.
Coverity is a semantic checker, why can't it be changed to determine
if mkfifo() is followed by open() and an error check, that it is safe
code? It does this for lots of other common patterns.
For now mkfifo/mkdir/ioctl coverity is not that smart or is it ? From
the behaviour of coverity It looks for single statement in these
scenario . The mkfifo could be one function then this fifo can be used
some other function like open or read/write. There are several scenario
would be like this .
Susant
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
2014-11-17 19:36 GMT+01:00 Greg KH gre...@linuxfoundation.org:
On Mon, Nov 17, 2014 at 06:47:33PM +0100, Ronny Chevalier wrote:
2014-11-17 18:31 GMT+01:00 Greg KH gre...@linuxfoundation.org:
On Mon, Nov 17, 2014 at 10:44:14PM +0530, Susant Sahani wrote:
On 11/17/2014 10:39 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 10:36:53PM +0530, Susant Sahani wrote:
On 11/17/2014 10:26 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want
to
do that, but don't think it's anything other than that...
Yes my intention is to for coverity only Any way next line 'open'
handling
the error case .
I'm sorry, but I don't understand this sentance at all, can you rephrase
it?
Sorry let me rephrase it. This patch only for coverity . The next like of
mkfifo is open .
(void)mkfifo(p, 0600);
fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (fd 0)
return -errno;
and open is handling the failure.
Then coverity should be fixed, don't paper over stupid bugs in tools for
no reason.
I disagree.
Coverity can not infer this in any possible way. How can coverity
infer that we do not care about the return value of mkfifo ?
It really depends of the semantic here.
Coverity is a semantic checker, why can't it be changed to determine
if mkfifo() is followed by open() and an error check, that it is safe
code? It does this for lots of other common patterns.
For me I see this as a warning, for some cases it is safe and there is
no problem like this one so we can document the code for us and tools
like Coverity, but it can be a mistake and maybe it should have been
checked. So Coverity assumes the worst case by warning us, and I don't
see the problem.
greg k-h
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
On Tue, Nov 18, 2014 at 12:21:29AM +0530, Susant Sahani wrote:
On 11/18/2014 12:06 AM, Greg KH wrote:
On Mon, Nov 17, 2014 at 06:47:33PM +0100, Ronny Chevalier wrote:
2014-11-17 18:31 GMT+01:00 Greg KH gre...@linuxfoundation.org:
On Mon, Nov 17, 2014 at 10:44:14PM +0530, Susant Sahani wrote:
On 11/17/2014 10:39 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 10:36:53PM +0530, Susant Sahani wrote:
On 11/17/2014 10:26 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want
to
do that, but don't think it's anything other than that...
Yes my intention is to for coverity only Any way next line 'open'
handling
the error case .
I'm sorry, but I don't understand this sentance at all, can you rephrase
it?
Sorry let me rephrase it. This patch only for coverity . The next like of
mkfifo is open .
(void)mkfifo(p, 0600);
fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (fd 0)
return -errno;
and open is handling the failure.
Then coverity should be fixed, don't paper over stupid bugs in tools for
no reason.
I disagree.
Coverity can not infer this in any possible way. How can coverity
infer that we do not care about the return value of mkfifo ?
It really depends of the semantic here.
Coverity is a semantic checker, why can't it be changed to determine
if mkfifo() is followed by open() and an error check, that it is safe
code? It does this for lots of other common patterns.
For now mkfifo/mkdir/ioctl coverity is not that smart or is it ?
Talk to the coverity people. Given that it is a closed source tool,
that costs money, I am very loath to do anything to make it better,
and I really don't like it forcing programs to work around its
deficiencies.
greg k-h
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] tty-ask-password-agent: fix CID 996261
On Mon, Nov 17, 2014 at 7:54 PM, Greg KH gre...@linuxfoundation.org wrote:
On Tue, Nov 18, 2014 at 12:21:29AM +0530, Susant Sahani wrote:
On 11/18/2014 12:06 AM, Greg KH wrote:
On Mon, Nov 17, 2014 at 06:47:33PM +0100, Ronny Chevalier wrote:
2014-11-17 18:31 GMT+01:00 Greg KH gre...@linuxfoundation.org:
On Mon, Nov 17, 2014 at 10:44:14PM +0530, Susant Sahani wrote:
On 11/17/2014 10:39 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 10:36:53PM +0530, Susant Sahani wrote:
On 11/17/2014 10:26 PM, Greg KH wrote:
On Mon, Nov 17, 2014 at 04:28:58PM +0530, Susant Sahani wrote:
---
src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c
b/src/tty-ask-password-agent/tty-ask-password-agent.c
index e6dc84b..1fc792b 100644
--- a/src/tty-ask-password-agent/tty-ask-password-agent.c
+++ b/src/tty-ask-password-agent/tty-ask-password-agent.c
@@ -376,8 +376,8 @@ static int wall_tty_block(void) {
return -ENOMEM;
mkdir_parents_label(p, 0700);
-mkfifo(p, 0600);
+(void)mkfifo(p, 0600);
You really aren't fixing anything in these patches, just merely
papering over the Coverity issues. Which is fine, if you really want
to
do that, but don't think it's anything other than that...
Yes my intention is to for coverity only Any way next line 'open'
handling
the error case .
I'm sorry, but I don't understand this sentance at all, can you rephrase
it?
Sorry let me rephrase it. This patch only for coverity . The next like of
mkfifo is open .
(void)mkfifo(p, 0600);
fd = open(p, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (fd 0)
return -errno;
and open is handling the failure.
Then coverity should be fixed, don't paper over stupid bugs in tools for
no reason.
I disagree.
Coverity can not infer this in any possible way. How can coverity
infer that we do not care about the return value of mkfifo ?
It really depends of the semantic here.
Coverity is a semantic checker, why can't it be changed to determine
if mkfifo() is followed by open() and an error check, that it is safe
code? It does this for lots of other common patterns.
For now mkfifo/mkdir/ioctl coverity is not that smart or is it ?
Talk to the coverity people. Given that it is a closed source tool,
that costs money, I am very loath to do anything to make it better,
and I really don't like it forcing programs to work around its
deficiencies.
greg k-h
What coverity is complaining about in this CID is this:
Unchecked return value from library. Calling mkfifo() without
checking return value. This library function may fail and return an
error code.
We can choose to either make it explicit that we don't care about the
return value with this patch, or we can just mark the issue as
intentional in coverity to make it go away. The (void) is a bit ugly
imo but it does show that ignoring the return was a conscious
decision. A matter of taste I guess.
- Thomas
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Systemd-networkd DHCP Server DNS integration?
Hi, I'm building a router and have been experimenting with DHCPServer=yes for the LAN side of things. It's been working well. I ask if there is any integration between the networkd DHCP server and systemd-resolved? When the server hands out an address does it register a hosts entry for the client's hostname with resolved? Thanks, Will ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] Stop crashing on empty TXT
TXT records should have at least one character, so enforce this.
Previously parser SIGSEGV'd on -txt.strings being NULL.
---
src/resolve/resolved-dns-packet.c | 4
1 file changed, 4 insertions(+)
diff --git a/src/resolve/resolved-dns-packet.c
b/src/resolve/resolved-dns-packet.c
index e5d07b3..b02b9dd 100644
--- a/src/resolve/resolved-dns-packet.c
+++ b/src/resolve/resolved-dns-packet.c
@@ -1109,6 +1109,10 @@ int dns_packet_read_rr(DnsPacket *p, DnsResourceRecord
**ret, size_t *start) {
case DNS_TYPE_TXT: {
char *s;
+if (!rdlength) {
+r = -EBADMSG;
+goto fail;
+}
while (p-rindex offset + rdlength) {
r = dns_packet_read_string(p, s, NULL);
if (r 0)
--
2.1.2
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] Fix redirection loops in compressed RR
Loops in RR compression were only detected for the first entry.
Multiple redirections should be allowed, each one checking for an
infinite loop on its own starting point.
---
src/resolve/resolved-dns-packet.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/resolve/resolved-dns-packet.c
b/src/resolve/resolved-dns-packet.c
index e5d07b3..2e549b0 100644
--- a/src/resolve/resolved-dns-packet.c
+++ b/src/resolve/resolved-dns-packet.c
@@ -873,6 +873,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret,
for (;;) {
uint8_t c, d;
+size_t compression_start = p-rindex;
r = dns_packet_read_uint8(p, c, NULL);
if (r 0)
@@ -916,7 +917,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret,
goto fail;
ptr = (uint16_t) (c ~0xc0) 8 | (uint16_t) d;
-if (ptr DNS_PACKET_HEADER_SIZE || ptr =
saved_rindex) {
+if (ptr DNS_PACKET_HEADER_SIZE || ptr =
compression_start) {
r = -EBADMSG;
goto fail;
}
--
2.1.2
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 1/2] Fix redirection loops in compressed RR
Loops in RR compression were only detected for the first entry.
Multiple redirections should be allowed, each one checking for an
infinite loop on its own starting point.
Also update the pointer on each redirection to avoid longer loops of
labels and redirections, in names like:
(start) [len=1] A, [ptr to start]
---
src/resolve/resolved-dns-packet.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/resolve/resolved-dns-packet.c
b/src/resolve/resolved-dns-packet.c
index e5d07b3..96eaaf2 100644
--- a/src/resolve/resolved-dns-packet.c
+++ b/src/resolve/resolved-dns-packet.c
@@ -860,7 +860,7 @@ fail:
int dns_packet_read_name(DnsPacket *p, char **_ret,
bool allow_compression, size_t *start) {
-size_t saved_rindex, after_rindex = 0;
+size_t saved_rindex, after_rindex = 0, earliest_compression_pointer;
_cleanup_free_ char *ret = NULL;
size_t n = 0, allocated = 0;
bool first = true;
@@ -870,6 +870,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret,
assert(_ret);
saved_rindex = p-rindex;
+earliest_compression_pointer = p-rindex;
for (;;) {
uint8_t c, d;
@@ -916,7 +917,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret,
goto fail;
ptr = (uint16_t) (c ~0xc0) 8 | (uint16_t) d;
-if (ptr DNS_PACKET_HEADER_SIZE || ptr =
saved_rindex) {
+if (ptr DNS_PACKET_HEADER_SIZE || ptr =
earliest_compression_pointer) {
r = -EBADMSG;
goto fail;
}
@@ -924,6 +925,7 @@ int dns_packet_read_name(DnsPacket *p, char **_ret,
if (after_rindex == 0)
after_rindex = p-rindex;
+earliest_compression_pointer = ptr;
p-rindex = ptr;
} else
goto fail;
--
2.1.2
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] Set error code on failure
Set the error code in case of incorrect name. This prevents continuing
and failing an assert(name) later on.
---
src/resolve/resolved-dns-packet.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/resolve/resolved-dns-packet.c
b/src/resolve/resolved-dns-packet.c
index 7f76285..3948f96 100644
--- a/src/resolve/resolved-dns-packet.c
+++ b/src/resolve/resolved-dns-packet.c
@@ -927,8 +927,10 @@ int dns_packet_read_name(DnsPacket *p, char **_ret,
earliest_compression_pointer = ptr;
p-rindex = ptr;
-} else
+} else {
+r = -EBADMSG;
goto fail;
+}
}
if (!GREEDY_REALLOC(ret, allocated, n + 1)) {
--
2.1.2
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] make systemd service takes cpu exclusively
Hi, Umut David, My project needs the Graphical desktop to display on monitor as fast as possible, but I found lots of unrelated services( such as sound, network, ... ) are competing CPU even they are explicitly After graphical service. And this competion delays the startup of graphical desktop process. So, my opinion is to make graphical related programs runs first and the other unrelated services only starts after graphical program finished startup. I will check StartupCPUShares= this item and I hope it's helpful for me. Thanks -Original Message- From: Umut Tezduyar Lindskog [mailto:u...@tezduyar.com] Sent: Monday, November 17, 2014 17:51 To: Cao, XinX Cc: systemd-devel@lists.freedesktop.org Subject: Re: [systemd-devel] make systemd service takes cpu exclusively Hi XinX On Mon, Nov 17, 2014 at 9:40 AM, Cao, XinX xinx@intel.com wrote: Hi, everybody, As we all know that currently systemd puts all the services into a run_queue, and lets them run together as possible as it can. However, this mechanism also brings in a problem, which means all the services will contend for CPU, and systemd is unable to make sure one service has priority ONE and only itself takes the CPU when this service is starting. What exactly is the problem when they all want to get the CPU? For example, if we want to make sure a.service runs firstly , and all the other services runs after a.service is finished. So, does anybody know if systemd has this kind of mechanism? If not, can we create a way to do this and add this feature into systemd? Or is this idea possible? I think this is very usefull under some situations. It really depends on your use case and what you consider with a.service runs first. If you only want to start the service first, then you can always add After=a.service directive to other services that are starting at the same time. But this is pretty static information. You have to do this for every time you change your priority service. You could also prioritize a service by changing their StartupCPUShares= but this is not truly stopping other services from being scheduled in. Maybe they get the minimum CPU, but they still do. Lennart has recently considered to change the startup queue to prioritized startup queue where a prioritized service will be forked off before other services - http://lists.freedesktop.org/archives/systemd-devel/2014-October/024315.html. Umut Thanks~ ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
