diff options
| author | Luca Boccassi <bluca@debian.org> | 2023-08-16 18:18:45 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-08-16 18:18:45 +0200 |
| commit | 1c693730ef6a369d6b9431b4fb70254c6b1d1184 (patch) | |
| tree | 533f1231998029b9ccfbdcfb5d827e01e2704dad | |
| parent | journalctl: minor follow-up for --lines= (diff) | |
| parent | manager: fix error handling after failure to set up child (diff) | |
| download | systemd-1c693730ef6a369d6b9431b4fb70254c6b1d1184.tar.xz systemd-1c693730ef6a369d6b9431b4fb70254c6b1d1184.zip | |
Merge pull request #28758 from keszybz/negative-errno-macro
Use macros to reduce indentation in errno error handling
57 files changed, 615 insertions, 619 deletions
diff --git a/coccinelle/errno-wrapper.cocci b/coccinelle/errno-wrapper.cocci new file mode 100644 index 0000000000..61c8782708 --- /dev/null +++ b/coccinelle/errno-wrapper.cocci @@ -0,0 +1,46 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +@@ +expression r; +@@ +- (r < 0 && ERRNO_IS_TRANSIENT(r)) ++ ERRNO_IS_NEG_TRANSIENT(r) +@@ +expression r; +@@ +- (r < 0 && ERRNO_IS_DISCONNECT(r)) ++ ERRNO_IS_NEG_DISCONNECT(r) +@@ +expression r; +@@ +- (r < 0 && ERRNO_IS_ACCEPT_AGAIN(r)) ++ ERRNO_IS_NEG_ACCEPT_AGAIN(r) +@@ +expression r; +@@ +- (r < 0 && ERRNO_IS_RESOURCE(r)) ++ ERRNO_IS_NEG_RESOURCE(r) +@@ +expression r; +@@ +- (r < 0 && ERRNO_IS_NOT_SUPPORTED(r)) ++ ERRNO_IS_NEG_NOT_SUPPORTED(r) +@@ +expression r; +@@ +- (r < 0 && ERRNO_IS_PRIVILEGE(r)) ++ ERRNO_IS_NEG_PRIVILEGE(r) +@@ +expression r; +@@ +- (r < 0 && ERRNO_IS_DISK_SPACE(r)) ++ ERRNO_IS_NEG_DISK_SPACE(r) +@@ +expression r; +@@ +- (r < 0 && ERRNO_IS_DEVICE_ABSENT(r)) ++ ERRNO_IS_NEG_DEVICE_ABSENT(r) +@@ +expression r; +@@ +- (r < 0 && ERRNO_IS_XATTR_ABSENT(r)) ++ ERRNO_IS_NEG_XATTR_ABSENT(r) diff --git a/src/basic/errno-util.h b/src/basic/errno-util.h index f477db7852..27804e6382 100644 --- a/src/basic/errno-util.h +++ b/src/basic/errno-util.h @@ -1,6 +1,7 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ #pragma once +#include <inttypes.h> #include <stdlib.h> #include <string.h> @@ -94,12 +95,23 @@ static inline int errno_or_else(int fallback) { return -abs(fallback); } +/* abs(3) says: Trying to take the absolute value of the most negative integer is not defined. */ +#define _DEFINE_ABS_WRAPPER(name) \ + static inline bool ERRNO_IS_##name(intmax_t r) { \ + if (r == INTMAX_MIN) \ + return false; \ + return ERRNO_IS_NEG_##name(-imaxabs(r)); \ + } + +assert_cc(INT_MAX <= INTMAX_MAX); + /* For send()/recv() or read()/write(). */ -static inline bool ERRNO_IS_TRANSIENT(int r) { - return IN_SET(abs(r), - EAGAIN, - EINTR); +static inline bool ERRNO_IS_NEG_TRANSIENT(intmax_t r) { + return IN_SET(r, + -EAGAIN, + -EINTR); } +_DEFINE_ABS_WRAPPER(TRANSIENT); /* Hint #1: ENETUNREACH happens if we try to connect to "non-existing" special IP addresses, such as ::5. * @@ -108,79 +120,87 @@ static inline bool ERRNO_IS_TRANSIENT(int r) { * * Hint #3: When asynchronous connect() on TCP fails because the host never acknowledges a single packet, * kernel tells us that with ETIMEDOUT, see tcp(7). */ -static inline bool ERRNO_IS_DISCONNECT(int r) { - return IN_SET(abs(r), - ECONNABORTED, - ECONNREFUSED, - ECONNRESET, - EHOSTDOWN, - EHOSTUNREACH, - ENETDOWN, - ENETRESET, - ENETUNREACH, - ENONET, - ENOPROTOOPT, - ENOTCONN, - EPIPE, - EPROTO, - ESHUTDOWN, - ETIMEDOUT); +static inline bool ERRNO_IS_NEG_DISCONNECT(intmax_t r) { + return IN_SET(r, + -ECONNABORTED, + -ECONNREFUSED, + -ECONNRESET, + -EHOSTDOWN, + -EHOSTUNREACH, + -ENETDOWN, + -ENETRESET, + -ENETUNREACH, + -ENONET, + -ENOPROTOOPT, + -ENOTCONN, + -EPIPE, + -EPROTO, + -ESHUTDOWN, + -ETIMEDOUT); } +_DEFINE_ABS_WRAPPER(DISCONNECT); /* Transient errors we might get on accept() that we should ignore. As per error handling comment in * the accept(2) man page. */ -static inline bool ERRNO_IS_ACCEPT_AGAIN(int r) { - return ERRNO_IS_DISCONNECT(r) || - ERRNO_IS_TRANSIENT(r) || - abs(r) == EOPNOTSUPP; +static inline bool ERRNO_IS_NEG_ACCEPT_AGAIN(intmax_t r) { + return ERRNO_IS_NEG_DISCONNECT(r) || + ERRNO_IS_NEG_TRANSIENT(r) || + r == -EOPNOTSUPP; } +_DEFINE_ABS_WRAPPER(ACCEPT_AGAIN); /* Resource exhaustion, could be our fault or general system trouble */ -static inline bool ERRNO_IS_RESOURCE(int r) { - return IN_SET(abs(r), - EMFILE, - ENFILE, - ENOMEM); +static inline bool ERRNO_IS_NEG_RESOURCE(intmax_t r) { + return IN_SET(r, + -EMFILE, + -ENFILE, + -ENOMEM); } +_DEFINE_ABS_WRAPPER(RESOURCE); /* Seven different errors for "operation/system call/ioctl/socket feature not supported" */ -static inline bool ERRNO_IS_NOT_SUPPORTED(int r) { - return IN_SET(abs(r), - EOPNOTSUPP, - ENOTTY, - ENOSYS, - EAFNOSUPPORT, - EPFNOSUPPORT, - EPROTONOSUPPORT, - ESOCKTNOSUPPORT); +static inline bool ERRNO_IS_NEG_NOT_SUPPORTED(intmax_t r) { + return IN_SET(r, + -EOPNOTSUPP, + -ENOTTY, + -ENOSYS, + -EAFNOSUPPORT, + -EPFNOSUPPORT, + -EPROTONOSUPPORT, + -ESOCKTNOSUPPORT); } +_DEFINE_ABS_WRAPPER(NOT_SUPPORTED); /* Two different errors for access problems */ -static inline bool ERRNO_IS_PRIVILEGE(int r) { - return IN_SET(abs(r), - EACCES, - EPERM); +static inline bool ERRNO_IS_NEG_PRIVILEGE(intmax_t r) { + return IN_SET(r, + -EACCES, + -EPERM); } +_DEFINE_ABS_WRAPPER(PRIVILEGE); /* Three different errors for "not enough disk space" */ -static inline bool ERRNO_IS_DISK_SPACE(int r) { - return IN_SET(abs(r), - ENOSPC, - EDQUOT, - EFBIG); +static inline bool ERRNO_IS_NEG_DISK_SPACE(intmax_t r) { + return IN_SET(r, + -ENOSPC, + -EDQUOT, + -EFBIG); } +_DEFINE_ABS_WRAPPER(DISK_SPACE); /* Three different errors for "this device does not quite exist" */ -static inline bool ERRNO_IS_DEVICE_ABSENT(int r) { - return IN_SET(abs(r), - ENODEV, - ENXIO, - ENOENT); +static inline bool ERRNO_IS_NEG_DEVICE_ABSENT(intmax_t r) { + return IN_SET(r, + -ENODEV, + -ENXIO, + -ENOENT); } +_DEFINE_ABS_WRAPPER(DEVICE_ABSENT); /* Quite often we want to handle cases where the backing FS doesn't support extended attributes at all and * where it simply doesn't have the requested xattr the same way */ -static inline bool ERRNO_IS_XATTR_ABSENT(int r) { - return abs(r) == ENODATA || - ERRNO_IS_NOT_SUPPORTED(r); +static inline bool ERRNO_IS_NEG_XATTR_ABSENT(intmax_t r) { + return r == -ENODATA || + ERRNO_IS_NEG_NOT_SUPPORTED(r); } +_DEFINE_ABS_WRAPPER(XATTR_ABSENT); diff --git a/src/basic/fd-util.c b/src/basic/fd-util.c index 8640149af8..5292e41937 100644 --- a/src/basic/fd-util.c +++ b/src/basic/fd-util.c @@ -936,11 +936,10 @@ int path_is_root_at(int dir_fd, const char *path) { int mntid; r = path_get_mnt_id_at_fallback(dir_fd, "", &mntid); - if (r < 0) { - if (ERRNO_IS_NOT_SUPPORTED(r)) - return true; /* skip the mount ID check */ + if (ERRNO_IS_NEG_NOT_SUPPORTED(r)) + return true; /* skip the mount ID check */ + if (r < 0) return r; - } assert(mntid >= 0); st.nsx.stx_mnt_id = mntid; @@ -951,11 +950,10 @@ int path_is_root_at(int dir_fd, const char *path) { int mntid; r = path_get_mnt_id_at_fallback(dir_fd, "..", &mntid); - if (r < 0) { - if (ERRNO_IS_NOT_SUPPORTED(r)) - return true; /* skip the mount ID check */ + if (ERRNO_IS_NEG_NOT_SUPPORTED(r)) + return true; /* skip the mount ID check */ + if (r < 0) return r; - } assert(mntid >= 0); pst.nsx.stx_mnt_id = mntid; diff --git a/src/basic/os-util.c b/src/basic/os-util.c index 3046a40ebd..86318a8263 100644 --- a/src/basic/os-util.c +++ b/src/basic/os-util.c @@ -94,14 +94,12 @@ static int extension_release_strict_xattr_value(int extension_release_fd, const /* No xattr or cannot parse it? Then skip this. */ _cleanup_free_ char *extension_release_xattr = NULL; r = fgetxattr_malloc(extension_release_fd, "user.extension-release.strict", &extension_release_xattr); - if (r < 0) { - if (!ERRNO_IS_XATTR_ABSENT(r)) - return log_debug_errno(r, - "%s/%s: Failed to read 'user.extension-release.strict' extended attribute from file, ignoring: %m", - extension_release_dir_path, filename); - - return log_debug_errno(r, "%s/%s does not have user.extension-release.strict xattr, ignoring.", extension_release_dir_path, filename); - } + if (ERRNO_IS_NEG_XATTR_ABSENT(r)) + return log_debug_errno(r, "%s/%s does not have user.extension-release.strict xattr, ignoring.", + extension_release_dir_path, filename); + if (r < 0) + return log_debug_errno(r, "%s/%s: Failed to read 'user.extension-release.strict' extended attribute from file, ignoring: %m", + extension_release_dir_path, filename); /* Explicitly set to request strict matching? Skip it. */ r = parse_boolean(extension_release_xattr); diff --git a/src/basic/psi-util.c b/src/basic/psi-util.c index af8e278bd0..2a43b03d97 100644 --- a/src/basic/psi-util.c +++ b/src/basic/psi-util.c @@ -118,12 +118,10 @@ int is_pressure_supported(void) { FOREACH_STRING(p, "/proc/pressure/cpu", "/proc/pressure/io", "/proc/pressure/memory") { r = read_virtual_file(p, 0, NULL, NULL); - if (r < 0) { - if (r == -ENOENT || ERRNO_IS_NOT_SUPPORTED(r)) - return (cached = false); - + if (r == -ENOENT || ERRNO_IS_NEG_NOT_SUPPORTED(r)) + return (cached = false); + if (r < 0) return r; - } } return (cached = true); diff --git a/src/boot/bootctl-install.c b/src/boot/bootctl-install.c index 7e85c2f08e..ca14564a8e 100644 --- a/src/boot/bootctl-install.c +++ b/src/boot/bootctl-install.c @@ -27,12 +27,10 @@ static int load_etc_machine_id(void) { int r; r = sd_id128_get_machine(&arg_machine_id); - if (r < 0) { - if (ERRNO_IS_MACHINE_ID_UNSET(r)) /* Not set or empty */ - return 0; - + if (ERRNO_IS_NEG_MACHINE_ID_UNSET(r)) /* Not set or empty */ + return 0; + if (r < 0) return log_error_errno(r, "Failed to get machine-id: %m"); - } log_debug("Loaded machine ID %s from /etc/machine-id.", SD_ID128_TO_STRING(arg_machine_id)); return 0; diff --git a/src/boot/bootctl-status.c b/src/boot/bootctl-status.c index 65f351031d..a6520e0719 100644 --- a/src/boot/bootctl-status.c +++ b/src/boot/bootctl-status.c @@ -43,12 +43,11 @@ static int boot_config_load_and_select( _cleanup_strv_free_ char **efi_entries = NULL; r = efi_loader_get_entries(&efi_entries); - if (r < 0) { - if (r == -ENOENT || ERRNO_IS_NOT_SUPPORTED(r)) - log_debug_errno(r, "Boot loader reported no entries."); - else - log_warning_errno(r, "Failed to determine entries reported by boot loader, ignoring: %m"); - } else + if (r == -ENOENT || ERRNO_IS_NEG_NOT_SUPPORTED(r)) + log_debug_errno(r, "Boot loader reported no entries."); + else if (r < 0) + log_warning_errno(r, "Failed to determine entries reported by boot loader, ignoring: %m"); + else (void) boot_config_augment_from_loader(config, efi_entries, /* only_auto= */ false); } diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c index 074de33eea..245c5f14f1 100644 --- a/src/core/dbus-manager.c +++ b/src/core/dbus-manager.c @@ -2191,9 +2191,9 @@ static int method_enqueue_marked_jobs(sd_bus_message *message, void *userdata, s r = bus_unit_queue_job_one(message, u, JOB_TRY_RESTART, JOB_FAIL, flags, reply, error); + if (ERRNO_IS_NEG_RESOURCE(r)) + return r; if (r < 0) { - if (ERRNO_IS_RESOURCE(r)) - return r; if (ret >= 0) ret = r; sd_bus_error_free(error); diff --git a/src/core/execute.c b/src/core/execute.c index 2356e96628..95349a4fb6 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -4976,6 +4976,7 @@ static int exec_child( *exit_status = EXIT_SUCCESS; return 0; } + *exit_status = EXIT_CONFIRM; return log_unit_error_errno(unit, SYNTHETIC_ERRNO(ECANCELED), "Execution cancelled by the user"); @@ -5130,33 +5131,34 @@ static int exec_child( } if (context->oom_score_adjust_set) { - /* When we can't make this change due to EPERM, then let's silently skip over it. User namespaces - * prohibit write access to this file, and we shouldn't trip up over that. */ + /* When we can't make this change due to EPERM, then let's silently skip over it. User + * namespaces prohibit write access to this file, and we shouldn't trip up over that. */ r = set_oom_score_adjust(context->oom_score_adjust); - if (r < 0) { - if (ERRNO_IS_PRIVILEGE(r)) - log_unit_debug_errno(unit, r, "Failed to adjust OOM setting, assuming containerized execution, ignoring: %m"); - else { - *exit_status = EXIT_OOM_ADJUST; - return log_unit_error_errno(unit, r, "Failed to adjust OOM setting: %m"); - } + if (ERRNO_IS_NEG_PRIVILEGE(r)) + log_unit_debug_errno(unit, r, + "Failed to adjust OOM setting, assuming containerized execution, ignoring: %m"); + else if (r < 0) { + *exit_status = EXIT_OOM_ADJUST; + return log_unit_error_errno(unit, r, "Failed to adjust OOM setting: %m"); } } if (context->coredump_filter_set) { r = set_coredump_filter(context->coredump_filter); - if (r < 0) { - if (ERRNO_IS_PRIVILEGE(r)) - log_unit_debug_errno(unit, r, "Failed to adjust coredump_filter, ignoring: %m"); - else - return log_unit_error_errno(unit, r, "Failed to adjust coredump_filter: %m"); + if (ERRNO_IS_NEG_PRIVILEGE(r)) + log_unit_debug_errno(unit, r, "Failed to adjust coredump_filter, ignoring: %m"); + else if (r < 0) { + *exit_status = EXIT_LIMITS; + return log_unit_error_errno(unit, r, "Failed to adjust coredump_filter: %m"); } } if (context->nice_set) { r = setpriority_closest(context->nice); - if (r < 0) + if (r < 0) { + *exit_status = EXIT_NICE; return log_unit_error_errno(unit, r, "Failed to set up process scheduling priority (nice level): %m"); + } } if (context->cpu_sched_set) { @@ -5198,13 +5200,11 @@ static int exec_child( if (mpol_is_valid(numa_policy_get_type(&context->numa_policy))) { r = apply_numa_policy(&context->numa_policy); - if (r < 0) { - if (ERRNO_IS_NOT_SUPPORTED(r)) - log_unit_debug_errno(unit, r, "NUMA support not available, ignoring."); - else { - *exit_status = EXIT_NUMA_POLICY; - return log_unit_error_errno(unit, r, "Failed to set NUMA memory policy: %m"); - } + if (ERRNO_IS_NEG_NOT_SUPPORTED(r)) + log_unit_debug_errno(unit, r, "NUMA support not available, ignoring."); + else if (r < 0) { + *exit_status = EXIT_NUMA_POLICY; + return log_unit_error_errno(unit, r, "Failed to set NUMA memory policy: %m"); } } @@ -5486,14 +5486,12 @@ static int exec_child( * namespace without the ability to set up "lo". Hence gracefully skip things then. */ if (ns_type_supported(NAMESPACE_NET) && have_effective_cap(CAP_NET_ADMIN) > 0) { r = setup_shareable_ns(runtime->shared->netns_storage_socket, CLONE_NEWNET); - if (r < 0) { - if (ERRNO_IS_PRIVILEGE(r)) - log_unit_notice_errno(unit, r, - "PrivateNetwork=yes is configured, but network namespace setup not permitted, proceeding without: %m"); - else { - *exit_status = EXIT_NETWORK; - return log_unit_error_errno(unit, r, "Failed to set up network namespacing: %m"); - } + if (ERRNO_IS_NEG_PRIVILEGE(r)) + log_unit_notice_errno(unit, r, + "PrivateNetwork=yes is configured, but network namespace setup not permitted, proceeding without: %m"); + else if (r < 0) { + *exit_status = EXIT_NETWORK; + return log_unit_error_errno(unit, r, "Failed to set up network namespacing: %m"); } } else if (context->network_namespace_path) { *exit_status = EXIT_NETWORK; @@ -5603,11 +5601,11 @@ static int exec_child( LOG_UNIT_MESSAGE(unit, "Executable %s missing, skipping: %m", command->path), "EXECUTABLE=%s", command->path); + *exit_status = EXIT_SUCCESS; return 0; } *exit_status = EXIT_EXEC; - return log_unit_struct_errno(unit, LOG_INFO, r, "MESSAGE_ID=" SD_MESSAGE_SPAWN_FAILED_STR, LOG_UNIT_INVOCATION_ID(unit), @@ -6069,7 +6067,7 @@ int exec_spawn(Unit *unit, return log_unit_error_errno(unit, errno, "Failed to fork: %m"); if (pid == 0) { - int exit_status = EXIT_SUCCESS; + int exit_status; r = exec_child(unit, command, @@ -6087,9 +6085,8 @@ int exec_spawn(Unit *unit, &exit_status); if (r < 0) { - const char *status = - exit_status_to_string(exit_status, - EXIT_STATUS_LIBC | EXIT_STATUS_SYSTEMD); + const char *status = ASSERT_PTR( + exit_status_to_string(exit_status, EXIT_STATUS_LIBC | EXIT_STATUS_SYSTEMD)); log_unit_struct_errno(unit, LOG_ERR, r, "MESSAGE_ID=" SD_MESSAGE_SPAWN_FAILED_STR, @@ -6097,7 +6094,8 @@ int exec_spawn(Unit *unit, LOG_UNIT_MESSAGE(unit, "Failed at step %s spawning %s: %m", status, command->path), "EXECUTABLE=%s", command->path); - } + } else + assert(exit_status == EXIT_SUCCESS); _exit(exit_status); } diff --git a/src/core/manager.c b/src/core/manager.c index 73c5b3109a..53a1b41b0e 100644 --- a/src/core/manager.c +++ b/src/core/manager.c @@ -2620,21 +2620,20 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t } n = recvmsg_safe(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC|MSG_TRUNC); - if (n < 0) { - if (ERRNO_IS_TRANSIENT(n)) - return 0; /* Spurious wakeup, try again */ - if (n == -EXFULL) { - log_warning("Got message with truncated control data (too many fds sent?), ignoring."); - return 0; - } - /* If this is any other, real error, then let's stop processing this socket. This of course - * means we won't take notification messages anymore, but that's still better than busy - * looping around this: being woken up over and over again but being unable to actually read - * the message off the socket. */ - return log_error_errno(n, "Failed to receive notification message: %m"); + if (ERRNO_IS_NEG_TRANSIENT(n)) + return 0; /* Spurious wakeup, try again */ + if (n == -EXFULL) { + log_warning("Got message with truncated control data (too many fds sent?), ignoring."); + return 0; } + if (n < 0) + /* If this is any other, real error, then stop processing this socket. This of course means + * we won't take notification messages anymore, but that's still better than busy looping: + * being woken up over and over again, but being unable to actually read the message from the + * socket. */ + return log_error_errno(n, "Failed to receive notification message: %m"); - CMSG_FOREACH(cmsg, &msghdr) { + CMSG_FOREACH(cmsg, &msghdr) if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) { assert(!fd_array); @@ -2648,7 +2647,6 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t assert(!ucred); ucred = CMSG_TYPED_DATA(cmsg, struct ucred); } - } if (n_fds > 0) { assert(fd_array); @@ -4719,11 +4717,10 @@ static int short_uid_range(const char *path) { * i.e. from root to nobody. */ r = uid_range_load_userns(&p, path); - if (r < 0) { - if (ERRNO_IS_NOT_SUPPORTED(r)) - return false; + if (ERRNO_IS_NEG_NOT_SUPPORTED(r)) + return false; + if (r < 0) return log_debug_errno(r, "Failed to load %s: %m", path); - } return !uid_range_covers(p, 0, 65535); } diff --git a/src/cryptenroll/cryptenroll-password.c b/src/cryptenroll/cryptenroll-password.c index 9deb98f202..c35b6092c8 100644 --- a/src/cryptenroll/cryptenroll-password.c +++ b/src/cryptenroll/cryptenroll-password.c @@ -159,13 +159,11 @@ int enroll_password( } r = check_password_quality(new_password, /* old */ NULL, /* user */ NULL, &error); - if (r < 0) { - if (ERRNO_IS_NOT_SUPPORTED(r)) - log_warning("Password quality check is not supported, proceeding anyway."); - else - return log_error_errno(r, "Failed to check password quality: %m"); - } - if (r == 0) + if (ERRNO_IS_NEG_NOT_SUPPORTED(r)) + log_warning("Password quality check is not supported, proceeding anyway."); + else if (r < 0) + return log_error_errno(r, "Failed to check password quality: %m"); + else if (r == 0) log_warning("Specified password does not pass quality checks (%s), proceeding anyway.", error); keyslot = crypt_keyslot_add_by_volume_key( diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index b5aa396cde..1ce95b3d7e 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -1728,11 +1728,12 @@ static int attach_luks_or_plain_or_bitlk_by_tpm2( found_some ? "No TPM2 metadata matching the current system state found in LUKS2 header, falling back to traditional unlocking." : "No TPM2 metadata enrolled in LUKS2 header, falling back to traditional unlocking."); - if (r < 0) { - if (ERRNO_IS_NOT_SUPPORTED(r)) /* TPM2 support not compiled in? */ - return log_debug_errno(SYNTHETIC_ERRNO(EAGAIN), "TPM2 support not available, falling back to traditional unlocking."); + if (ERRNO_IS_NEG_NOT_SUPPORTED(r)) + /* TPM2 support not compiled in? */ + return log_debug_errno(SYNTHETIC_ERRNO(EAGAIN), + "TPM2 support not available, falling back to traditional unlocking."); + if (r < 0) return r; - } found_some = true; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c index 59d4dcd118..87a82df4ee 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c @@ -792,13 +792,11 @@ static int prompt_root_password(int rfd) { } r = check_password_quality(*a, /* old */ NULL, "root", &error); - if (r < 0) { - if (ERRNO_IS_NOT_SUPPORTED(r)) - log_warning("Password quality check is not supported, proceeding anyway."); - else - return log_error_errno(r, "Failed to check password quality: %m"); - } - if (r == 0) + if (ERRNO_IS_NEG_NOT_SUPPORTED(r)) + log_warning("Password quality check is not supported, proceeding anyway."); + else if (r < 0) + return log_error_errno(r, "Failed to check password quality: %m"); + else if (r == 0) log_warning("Password is weak, accepting anyway: %s", error); r = ask_password_tty(-1, msg2, NULL, 0, 0, NULL, &b); diff --git a/src/home/homework-directory.c b/src/home/homework-directory.c index 4ec5f3dde1..6870ae9891 100644 --- a/src/home/homework-directory.c +++ b/src/home/homework-directory.c @@ -285,11 +285,10 @@ int home_resize_directory( return r; r = home_update_quota_auto(h, NULL); - if (r < 0) { - if (ERRNO_IS_NOT_SUPPORTED(r)) - return -ESOCKTNOSUPPORT; /* make recognizable */ + if (ERRNO_IS_NEG_NOT_SUPPORTED(r)) + return -ESOCKTNOSUPPORT; /* make recognizable */ + if (r < 0) return r; - } r = home_store_embedded_identity(new_home, setup->root_fd, h->uid, embedded_home); if (r < 0) diff --git a/src/home/homework-luks.c b/src/home/homework-luks.c index 23a29d5811..3b3090a136 100644 --- a/src/home/homework-luks.c +++ b/src/home/homework-luks.c @@ -498,11 +498,10 @@ static int acquire_open_luks_device( return r; r = sym_crypt_init_by_name(&cd, setup->dm_name); - if (r < 0) { - if ((ERRNO_IS_DEVICE_ABSENT(r) || r == -EINVAL) && graceful) - return 0; + if ((ERRNO_IS_NEG_DEVICE_ABSENT(r) || r == -EINVAL) && graceful) + return 0; + if (r < 0) return log_error_errno(r, "Failed to initialize cryptsetup context for %s: %m", setup->dm_name); - } cryptsetup_enable_logging(cd); @@ -1639,12 +1638,11 @@ int home_deactivate_luks(UserRecord *h, HomeSetup *setup) { cryptsetup_enable_logging(setup->crypt_device); r = sym_crypt_deactivate_by_name(setup->crypt_device, setup->dm_name, 0); - if (r < 0) { - if (ERRNO_IS_DEVICE_ABSENT(r) || r == -EINVAL) - log_debug_errno(r, "LUKS device %s is already detached.", setup->dm_node); - else - return log_info_errno(r, "LUKS device %s couldn't be deactivated: %m", setup->dm_node); - } else { + if (ERRNO_IS_NEG_DEVICE_ABSENT(r) || r == -EINVAL) + log_debug_errno(r, "LUKS device %s is already detached.", setup->dm_node); + else if (r < 0) + return log_info_errno(r, "LUKS device %s couldn't be deactivated: %m", setup->dm_node); + else { log_info("LUKS device detaching completed."); we_detached = true; } @@ -2026,11 +2024,10 @@ static int wait_for_devlink(const char *path) { return log_error_errno(SYNTHETIC_ERRNO(ETIMEDOUT), "Device link %s still hasn't shown up, giving up.", path); r = fd_wait_for_event(inotify_fd, POLLIN, until - w); - if (r < 0) { - if (ERRNO_IS_TRANSIENT(r)) - continue; + if (ERRNO_IS_NEG_TRANSIENT(r)) + continue; + if (r < 0) return log_error_errno(r, "Failed to watch inotify: %m"); - } (void) flush_fd(inotify_fd); } diff --git a/src/home/homework-quota.c b/src/home/homework-quota.c index 574d1556af..9c6b55a537 100644 --- a/src/home/homework-quota.c +++ b/src/home/homework-quota.c @@ -55,32 +55,26 @@ int home_update_quota_classic(UserRecord *h, const char *path) { return log_error_errno(SYNTHETIC_ERRNO(ENODEV), "File system %s not backed by a block device.", path); r = quotactl_devnum(QCMD_FIXED(Q_GETQUOTA, USRQUOTA), devno, h->uid, &req); - if (r < 0) { - if (ERRNO_IS_NOT_SUPPORTED(r)) - return log_error_errno(r, "No UID quota support on %s.", path); - - if (r != -ESRCH) - return log_error_errno(r, "Failed to query disk quota for UID " UID_FMT ": %m", h->uid); - + if (r == -ESRCH) zero(req); - } else { + else if (ERRNO_IS_NEG_NOT_SUPPORTED(r)) + return log_error_errno(r, "No UID quota support on %s.", path); + else if (r < 0) + return log_error_errno(r, "Failed to query disk quota for UID " UID_FMT ": %m", h->uid); + else if (FLAGS_SET(req.dqb_valid, QIF_BLIMITS) && h->disk_size / QIF_DQBLKSIZE == req.dqb_bhardlimit) { /* Shortcut things if everything is set up properly already */ - if (FLAGS_SET(req.dqb_valid, QIF_BLIMITS) && h->disk_size / QIF_DQBLKSIZE == req.dqb_bhardlimit) { - log_info("Configured quota already matches the intended setting, not updating quota."); - return 0; - } + log_info("Configured quota already matches the intended setting, not updating quota."); + return 0; } req.dqb_valid = QIF_BLIMITS; req.dqb_bsoftlimit = req.dqb_bhardlimit = h->disk_size / QIF_DQBLKSIZE; r = quotactl_devnum(QCMD_FIXED(Q_SETQUOTA, USRQUOTA), devno, h->uid, &req); - if (r < 0) { - if (r == -ESRCH) - return log_error_errno(SYNTHETIC_ERRNO(ENOTTY), "UID quota not available on %s.", path); - + if (r == -ESRCH) + return log_error_errno(SYNTHETIC_ERRNO(ENOTTY), "UID quota not available on %s.", path); + if (r < 0) return log_error_errno(r, "Failed to set disk quota for UID " UID_FMT ": %m", h->uid); - } log_info("Updated per-UID quota."); diff --git a/src/journal/journald-client.c b/src/journal/journald-client.c index 5aedf4e5b6..a40568f393 100644 --- a/src/journal/journald-client.c +++ b/src/journal/journald-client.c @@ -57,13 +57,11 @@ int client_context_read_log_filter_patterns(ClientContext *c, const char *cgroup return log_debug_errno(r, "Failed to get the unit's cgroup path for %s: %m", cgroup); r = cg_get_xattr_malloc(SYSTEMD_CGROUP_CONTROLLER, unit_cgroup, "user.journald_log_filter_patterns", &xattr); - if (r < 0) { - if (!ERRNO_IS_XATTR_ABSENT(r)) - return log_debug_errno(r, "Failed to get user.journald_log_filter_patterns xattr for %s: %m", unit_cgroup); - + if (ERRNO_IS_NEG_XATTR_ABSENT(r)) { client_set_filtering_patterns(c, NULL, NULL); return 0; - } + } else if (r < 0) + return log_debug_errno(r, "Failed to get user.journald_log_filter_patterns xattr for %s: %m", unit_cgroup); xattr_end = xattr + r; @@ -79,7 +77,8 @@ int client_context_read_log_filter_patterns(ClientContext *c, const char *cgroup * before writing to xattr. */ deny_list_xattr = memchr(xattr, (char)0xff, r); if (!deny_list_xattr) - return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "Missing delimiter in cgroup user.journald_log_filter_patterns attribute: %m"); + return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), + "Missing delimiter in cgroup user.journald_log_filter_patterns attribute: %m"); r = client_parse_log_filter_nulstr(xattr, deny_list_xattr - xattr, &allow_list); if (r < 0) diff --git a/src/kernel-install/kernel-install.c b/src/kernel-install/kernel-install.c index 7de62f3ba4..abd6e2fdce 100644 --- a/src/kernel-install/kernel-install.c +++ b/src/kernel-install/kernel-install.c @@ -448,11 +448,10 @@ static int context_load_machine_id(Context *c) { assert(c); r = id128_get_machine_at(c->rfd, &c->machine_id); - if (r < 0) { - if (ERRNO_IS_MACHINE_ID_UNSET(r)) - return 0; + if (ERRNO_IS_NEG_MACHINE_ID_UNSET(r)) + return 0; + if (r < 0) return log_error_errno(r, "Failed to load machine ID from /etc/machine-id: %m"); - } log_debug("MACHINE_ID=%s set via /etc/machine-id.", SD_ID128_TO_STRING(c->machine_id)); return 1; /* loaded */ diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c index aaca8b792e..272201abfd 100644 --- a/src/libsystemd-network/sd-dhcp-client.c +++ b/src/libsystemd-network/sd-dhcp-client.c @@ -1848,10 +1848,9 @@ static int client_receive_message_udp( assert(s); buflen = next_datagram_size_fd(fd); + if (ERRNO_IS_NEG_TRANSIENT(buflen) || ERRNO_IS_NEG_DISCONNECT(buflen)) + return 0; if (buflen < 0) { - if (ERRNO_IS_TRANSIENT(buflen) || ERRNO_IS_DISCONNECT(buflen)) - return 0; - log_dhcp_client_errno(client, buflen, "Failed to determine datagram size to read, ignoring: %m"); return 0; } @@ -1941,10 +1940,9 @@ static int client_receive_message_raw( assert(s); buflen = next_datagram_size_fd(fd); + if (ERRNO_IS_NEG_TRANSIENT(buflen) || ERRNO_IS_NEG_DISCONNECT(buflen)) + return 0; if (buflen < 0) { - if (ERRNO_IS_TRANSIENT(buflen) || ERRNO_IS_DISCONNECT(buflen)) - return 0; - log_dhcp_client_errno(client, buflen, "Failed to determine datagram size to read, ignoring: %m"); return 0; } @@ -1956,10 +1954,9 @@ static int client_receive_message_raw( iov = IOVEC_MAKE(packet, buflen); len = recvmsg_safe(fd, &msg, 0); + if (ERRNO_IS_NEG_TRANSIENT(len) || ERRNO_IS_NEG_DISCONNECT(len)) + return 0; if (len < 0) { - if (ERRNO_IS_TRANSIENT(len) || ERRNO_IS_DISCONNECT(len)) - return 0; - log_dhcp_client_errno(client, len, "Could not receive message from raw socket, ignoring: %m"); return 0; } diff --git a/src/libsystemd-network/sd-dhcp-server.c b/src/libsystemd-network/sd-dhcp-server.c index 0aa500d7d2..a9bb7657d1 100644 --- a/src/libsystemd-network/sd-dhcp-server.c +++ b/src/libsystemd-network/sd-dhcp-server.c @@ -1316,10 +1316,9 @@ static int server_receive_message(sd_event_source *s, int fd, int r; datagram_size = next_datagram_size_fd(fd); + if (ERRNO_IS_NEG_TRANSIENT(datagram_size) || ERRNO_IS_NEG_DISCONNECT(datagram_size)) + return 0; if (datagram_size < 0) { - if (ERRNO_IS_TRANSIENT(datagram_size) || ERRNO_IS_DISCONNECT(datagram_size)) - return 0; - log_dhcp_server_errno(server, datagram_size, "Failed to determine datagram size to read, ignoring: %m"); return 0; } @@ -1336,10 +1335,9 @@ static int server_receive_message(sd_event_source *s, int fd, iov = IOVEC_MAKE(message, datagram_size); len = recvmsg_safe(fd, &msg, 0); + if (ERRNO_IS_NEG_TRANSIENT(len) || ERRNO_IS_NEG_DISCONNECT(len)) + return 0; if (len < 0) { - if (ERRNO_IS_TRANSIENT(len) || ERRNO_IS_DISCONNECT(len)) - return 0; - log_dhcp_server_errno(server, len, "Could not receive message, ignoring: %m"); return 0; } diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c index 9a4f3ab1bf..2f4053caad 100644 --- a/src/libsystemd-network/sd-dhcp6-client.c +++ b/src/libsystemd-network/sd-dhcp6-client.c @@ -1283,10 +1283,9 @@ static int client_receive_message( ssize_t buflen, len; buflen = next_datagram_size_fd(fd); + if (ERRNO_IS_NEG_TRANSIENT(buflen) || ERRNO_IS_NEG_DISCONNECT(buflen)) + return 0; if (buflen < 0) { - if (ERRNO_IS_TRANSIENT(buflen) || ERRNO_IS_DISCONNECT(buflen)) - return 0; - log_dhcp6_client_errno(client, buflen, "Failed to determine datagram size to read, ignoring: %m"); return 0; } @@ -1298,10 +1297,9 @@ static int client_receive_message( iov = IOVEC_MAKE(message, buflen); len = recvmsg_safe(fd, &msg, MSG_DONTWAIT); + if (ERRNO_IS_NEG_TRANSIENT(len) || ERRNO_IS_NEG_DISCONNECT(len)) + return 0; if (len < 0) { - if (ERRNO_IS_TRANSIENT(len) || ERRNO_IS_DISCONNECT(len)) - return 0; - log_dhcp6_client_errno(client, len, "Could not receive message from UDP socket, ignoring: %m"); return 0; } diff --git a/src/libsystemd-network/sd-lldp-rx.c b/src/libsystemd-network/sd-lldp-rx.c index 03e8986049..8dafa41812 100644 --- a/src/libsystemd-network/sd-lldp-rx.c +++ b/src/libsystemd-network/sd-lldp-rx.c @@ -198,10 +198,9 @@ static int lldp_rx_receive_datagram(sd_event_source *s, int fd, uint32_t revents assert(fd >= 0); space = next_datagram_size_fd(fd); + if (ERRNO_IS_NEG_TRANSIENT(space) || ERRNO_IS_NEG_DISCONNECT(space)) + return 0; if (space < 0) { - if (ERRNO_IS_TRANSIENT(space) || ERRNO_IS_DISCONNECT(space)) - return 0; - log_lldp_rx_errno(lldp_rx, space, "Failed to determine datagram size to read, ignoring: %m"); return 0; } diff --git a/src/libsystemd-network/sd-ndisc.c b/src/libsystemd-network/sd-ndisc.c index 2e446fece3..ca5365b95f 100644 --- a/src/libsystemd-network/sd-ndisc.c +++ b/src/libsystemd-network/sd-ndisc.c @@ -208,10 +208,9 @@ static int ndisc_recv(sd_event_source *s, int fd, uint32_t revents, void *userda assert(nd->event); buflen = next_datagram_size_fd(fd); + if (ERRNO_IS_NEG_TRANSIENT(buflen) || ERRNO_IS_NEG_DISCONNECT(buflen)) + return 0; if (buflen < 0) { - if (ERRNO_IS_TRANSIENT(buflen) || ERRNO_IS_DISCONNECT(buflen)) - return 0; - log_ndisc_errno(nd, buflen, "Failed to determine datagram size to read, ignoring: %m"); return 0; } @@ -221,32 +220,28 @@ static int ndisc_recv(sd_event_source *s, int fd, uint32_t revents, void *userda return -ENOMEM; r = icmp6_receive(fd, NDISC_ROUTER_RAW(rt), rt->raw_size, &rt->address, &rt->timestamp); - if (r < 0) { - if (ERRNO_IS_TRANSIENT(r) || ERRNO_IS_DISCONNECT(r)) - return 0; - + if (ERRNO_IS_NEG_TRANSIENT(r) || ERRNO_IS_NEG_DISCONNECT(r)) + return 0; + if (r < 0) switch (r) { case -EADDRNOTAVAIL: log_ndisc(nd, "Received RA from non-link-local address %s. Ignoring.", IN6_ADDR_TO_STRING(&rt->address)); - break; + return 0; case -EMULTIHOP: log_ndisc(nd, "Received RA with invalid hop limit. Ignoring."); - break; + return 0; case -EPFNOSUPPORT: log_ndisc(nd, "Received invalid source address from ICMPv6 socket. Ignoring."); - break; + return 0; default: log_ndisc_errno(nd, r, "Unexpected error while reading from ICMPv6, ignoring: %m"); - break; + return 0; } - return 0; - } - (void) event_source_disable(nd->timeout_event_source); (void) ndisc_handle_datagram(nd, rt); return 0; diff --git a/src/libsystemd-network/sd-radv.c b/src/libsystemd-network/sd-radv.c index 20458b9f97..890c146295 100644 --- a/src/libsystemd-network/sd-radv.c +++ b/src/libsystemd-network/sd-radv.c @@ -252,10 +252,9 @@ static int radv_recv(sd_event_source *s, int fd, uint32_t revents, void *userdat assert(ra->event); ssize_t buflen = next_datagram_size_fd(fd); + if (ERRNO_IS_NEG_TRANSIENT(buflen) || ERRNO_IS_NEG_DISCONNECT(buflen)) + return 0; if (buflen < 0) { - if (ERRNO_IS_TRANSIENT(buflen) || ERRNO_IS_DISCONNECT(buflen)) - return 0; - log_radv_errno(ra, buflen, "Failed to determine datagram size to read, ignoring: %m"); return 0; } @@ -265,32 +264,28 @@ static int radv_recv(sd_event_source *s, int fd, uint32_t revents, void *userdat return -ENOMEM; r = icmp6_receive(fd, buf, buflen, &src, ×tamp); - if (r < 0) { - if (ERRNO_IS_TRANSIENT(r) || ERRNO_IS_DISCONNECT(r)) - return 0; - + if (ERRNO_IS_NEG_TRANSIENT(r) || ERRNO_IS_NEG_DISCONNECT(r)) + return 0; + if (r < 0) switch (r) { case -EADDRNOTAVAIL: log_radv(ra, "Received RS from non-link-local address %s. Ignoring", IN6_ADDR_TO_STRING(&src)); - break; + return 0; case -EMULTIHOP: log_radv(ra, "Received RS with invalid hop limit. Ignoring."); - break; + return 0; case -EPFNOSUPPORT: log_radv(ra, "Received invalid source address from ICMPv6 socket. Ignoring."); - break; + return 0; default: log_radv_errno(ra, r, "Unexpected error receiving from ICMPv6 socket, ignoring: %m"); - break; + return 0; } - return 0; - } - if ((size_t) buflen < sizeof(struct nd_router_solicit)) { log_radv(ra, "Too short packet received, ignoring"); return 0; diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c index af16c64745..cfa5633f23 100644 --- a/src/libsystemd/sd-bus/bus-socket.c +++ b/src/libsystemd/sd-bus/bus-socket.c @@ -579,11 +579,10 @@ static int bus_socket_read_auth(sd_bus *b) { } else handle_cmsg = true; } - if (k < 0) { - if (ERRNO_IS_TRANSIENT(k)) - return 0; + if (ERRNO_IS_NEG_TRANSIENT(k)) + return 0; + if (k < 0) return (int) k; - } if (k == 0) { if (handle_cmsg) cmsg_close_all(&mh); /* paranoia, we shouldn't have gotten any fds on EOF */ @@ -1298,11 +1297,10 @@ int bus_socket_read_message(sd_bus *bus) { } else handle_cmsg = true; } - if (k < 0) { - if (ERRNO_IS_TRANSIENT(k)) - return 0; + if (ERRNO_IS_NEG_TRANSIENT(k)) + return 0; + if (k < 0) return (int) k; - } if (k == 0) { if (handle_cmsg) cmsg_close_all(&mh); /* On EOF we shouldn't have gotten an fd, but let's make sure */ @@ -1361,11 +1359,10 @@ int bus_socket_process_opening(sd_bus *b) { assert(b->state == BUS_OPENING); events = fd_wait_for_event(b->output_fd, POLLOUT, 0); - if (events < 0) { - if (ERRNO_IS_TRANSIENT(events)) - return 0; + if (ERRNO_IS_NEG_TRANSIENT(events)) + return 0; + if (events < 0) return events; - } if (!(events & (POLLOUT|POLLERR|POLLHUP))) return 0; diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c index a250e7b81a..ced4466aa6 100644 --- a/src/libsystemd/sd-bus/sd-bus.c +++ b/src/libsystemd/sd-bus/sd-bus.c @@ -2178,14 +2178,11 @@ _public_ int sd_bus_send(sd_bus *bus, sd_bus_message *_m, uint64_t *cookie) { size_t idx = 0; r = bus_write_message(bus, m, &idx); - if (r < 0) { - if (ERRNO_IS_DISCONNECT(r)) { - bus_enter_closing(bus); - return -ECONNRESET; - } - + if (ERRNO_IS_NEG_DISCONNECT(r)) { + bus_enter_closing(bus); + return -ECONNRESET; + } else if (r < 0) return r; - } if (idx < BUS_MESSAGE_SIZE(m)) { /* Wasn't fully written. So let's remember how @@ -2506,11 +2503,10 @@ _public_ int sd_bus_call( left = UINT64_MAX; r = bus_poll(bus, true, left); - if (r < 0) { - if (ERRNO_IS_TRANSIENT(r)) - continue; + if (ERRNO_IS_NEG_TRANSIENT(r)) + continue; + if (r < 0) goto fail; - } if (r == 0) { r = -ETIMEDOUT; goto fail; @@ -3284,13 +3280,11 @@ static int bus_process_internal(sd_bus *bus, sd_bus_message **ret) { assert_not_reached(); } - if (r < 0) { - if (ERRNO_IS_DISCONNECT(r)) { - bus_enter_closing(bus); - r = 1; - } else - return r; - } + if (ERRNO_IS_NEG_DISCONNECT(r)) { + bus_enter_closing(bus); + r = 1; + } else if (r < 0) + return r; if (ret) *ret = NULL; @@ -3388,7 +3382,7 @@ _public_ int sd_bus_wait(sd_bus *bus, uint64_t timeout_usec) { return 0; r = bus_poll(bus, false, timeout_usec); - if (r < 0 && ERRNO_IS_TRANSIENT(r)) + if (ERRNO_IS_NEG_TRANSIENT(r)) return 1; /* treat EINTR as success, but let's exit, so that the caller will call back into us soon. */ return r; @@ -3420,25 +3414,20 @@ _public_ int sd_bus_flush(sd_bus *bus) { for (;;) { r = dispatch_wqueue(bus); - if (r < 0) { - if (ERRNO_IS_DISCONNECT(r)) { - bus_enter_closing(bus); - return -ECONNRESET; - } - + if (ERRNO_IS_NEG_DISCONNECT(r)) { + bus_enter_closing(bus); + return -ECONNRESET; + } else if (r < 0) return r; - } if (bus->wqueue_size <= 0) return 0; r = bus_poll(bus, false, UINT64_MAX); - if (r < 0) { - if (ERRNO_IS_TRANSIENT(r)) - continue; - + if (ERRNO_IS_NEG_TRANSIENT(r)) + continue; + if (r < 0) return r; - } } } diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c index af39c984d0..97e2e727c0 100644 --- a/src/libsystemd/sd-device/sd-device.c +++ b/src/libsystemd/sd-device/sd-device.c @@ -758,14 +758,12 @@ int device_read_uevent_file(sd_device *device) { path = strjoina(syspath, "/uevent"); r = read_full_virtual_file(path, &uevent, &uevent_len); - if (r < 0) { + if (r == -EACCES || ERRNO_IS_NEG_DEVICE_ABSENT(r)) /* The uevent files may be write-only, the device may be already removed, or the device * may not have the uevent file. */ - if (r == -EACCES || ERRNO_IS_DEVICE_ABSENT(r)) - return 0; - + return 0; + if (r < 0) return log_device_debug_errno(device, r, "sd-device: Failed to read uevent file '%s': %m", path); - } for (size_t i = 0; i < uevent_len; i++) switch (state) { diff --git a/src/libsystemd/sd-id128/id128-util.h b/src/libsystemd/sd-id128/id128-util.h index 7bcbd8e558..bd3e201361 100644 --- a/src/libsystemd/sd-id128/id128-util.h +++ b/src/libsystemd/sd-id128/id128-util.h @@ -6,6 +6,7 @@ #include "sd-id128.h" +#include "errno-util.h" #include "hash-funcs.h" #include "macro.h" @@ -45,8 +46,9 @@ sd_id128_t id128_make_v4_uuid(sd_id128_t id); int id128_get_product(sd_id128_t *ret); /* A helper to check for the three relevant cases of "machine ID not initialized" */ -#define ERRNO_IS_MACHINE_ID_UNSET(r) \ - IN_SET(abs(r), \ - ENOENT, \ - ENOMEDIUM, \ - ENOPKG) +#define ERRNO_IS_NEG_MACHINE_ID_UNSET(r) \ + IN_SET(r, \ + -ENOENT, \ + -ENOMEDIUM, \ + -ENOPKG) +_DEFINE_ABS_WRAPPER(MACHINE_ID_UNSET); diff --git a/src/libsystemd/sd-journal/journal-file.c b/src/libsystemd/sd-journal/journal-file.c index 81858f1aa1..06ffa137d4 100644 --- a/src/libsystemd/sd-journal/journal-file.c +++ b/src/libsystemd/sd-journal/journal-file.c @@ -658,12 +658,10 @@ static int journal_file_verify_header(JournalFile *f) { int r; r = sd_id128_get_machine(&machine_id); - if (r < 0) { - if (!ERRNO_IS_MACHINE_ID_UNSET(r)) /* handle graceful if machine ID is not initialized yet */ - return r; - + if (ERRNO_IS_NEG_MACHINE_ID_UNSET(r)) /* Gracefully handle the machine ID not being initialized yet */ machine_id = SD_ID128_NULL; - } + else if (r < 0) + return r; if (!sd_id128_equal(machine_id, f->header->machine_id)) return log_debug_errno(SYNTHETIC_ERRNO(EHOSTDOWN), @@ -2508,13 +2506,12 @@ int journal_file_append_entry( } r = sd_id128_get_machine(&_machine_id); - if (r < 0) { - if (!ERRNO_IS_MACHINE_ID_UNSET(r)) - return r; - - /* If the machine ID is not initialized yet, handle gracefully */ + if (ERRNO_IS_NEG_MACHINE_ID_UNSET(r)) + /* Gracefully handle the machine ID not being initialized yet */ machine_id = NULL; - } else + else if (r < 0) + return r; + else machine_id = &_machine_id; #if HAVE_GCRYPT diff --git a/src/libsystemd/sd-netlink/netlink-socket.c b/src/libsystemd/sd-netlink/netlink-socket.c index 96162963a7..635867bb58 100644 --- a/src/libsystemd/sd-netlink/netlink-socket.c +++ b/src/libsystemd/sd-netlink/netlink-socket.c @@ -198,16 +198,14 @@ static int socket_recv_message(int fd, void *buf, size_t buf_size, uint32_t *ret assert(peek || (buf && buf_size > 0)); n = recvmsg_safe(fd, &msg, MSG_TRUNC | (peek ? MSG_PEEK : 0)); - if (n < 0) { - if (n == -ENOBUFS) - return log_debug_errno(n, "sd-netlink: kernel receive buffer overrun"); - if (ERRNO_IS_TRANSIENT(n)) { - if (ret_mcast_group) - *ret_mcast_group = 0; - return 0; - } + if (n == -ENOBUFS) + return log_debug_errno(n, "sd-netlink: kernel receive buffer overrun"); + else if (ERRNO_IS_NEG_TRANSIENT(n)) { + if (ret_mcast_group) + *ret_mcast_group = 0; + return 0; + } else if (n < 0) return (int) n; - } if (sender.nl.nl_pid != 0) { /* not from the kernel, ignore */ diff --git a/src/libsystemd/sd-netlink/sd-netlink.c b/src/libsystemd/sd-netlink/sd-netlink.c index 9d1df72381..ce0687eb57 100644 --- a/src/libsystemd/sd-netlink/sd-netlink.c +++ b/src/libsystemd/sd-netlink/sd-netlink.c @@ -434,7 +434,7 @@ int sd_netlink_wait(sd_netlink *nl, uint64_t timeout_usec) { return 0; r = netlink_poll(nl, false, timeout_usec); - if (r < 0 && ERRNO_IS_TRANSIENT(r)) /* Convert EINTR to "something happened" and give user a chance to run some code before calling back into us */ + if (ERRNO_IS_NEG_TRANSIENT(r)) /* Convert EINTR to "something happened" and give user a chance to run some code before calling back into us */ return 1; return r; } diff --git a/src/network/networkd-wiphy.c b/src/network/networkd-wiphy.c index 63874cdf98..13f2d7202e 100644 --- a/src/network/networkd-wiphy.c +++ b/src/network/networkd-wiphy.c @@ -214,11 +214,10 @@ int link_rfkilled(Link *link) { assert(link); r = link_get_wiphy(link, &w); - if (r < 0) { - if (ERRNO_IS_NOT_SUPPORTED(r) || ERRNO_IS_DEVICE_ABSENT(r)) - return false; /* Typically, non-wifi interface or running in container */ + if (ERRNO_IS_NEG_NOT_SUPPORTED(r) || ERRNO_IS_NEG_DEVICE_ABSENT(r)) + return false; /* Typically, non-wifi interface or running in container */ + if (r < 0) return log_link_debug_errno(link, r, "Could not get phy: %m"); - } return wiphy_rfkilled(w); } @@ -339,20 +338,16 @@ static int wiphy_update(Wiphy *w) { assert(w); r = wiphy_update_device(w); - if (r < 0) { - if (ERRNO_IS_DEVICE_ABSENT(r)) - log_wiphy_debug_errno(w, r, "Failed to update wiphy device, ignoring: %m"); - else - return log_wiphy_warning_errno(w, r, "Failed to update wiphy device: %m"); - } + if (ERRNO_IS_NEG_DEVICE_ABSENT(r)) + log_wiphy_debug_errno(w, r, "Failed to update wiphy device, ignoring: %m"); + else if (r < 0) + return log_wiphy_warning_errno(w, r, "Failed to update wiphy device: %m"); r = wiphy_update_rfkill(w); - if (r < 0) { - if (ERRNO_IS_DEVICE_ABSENT(r)) - log_wiphy_debug_errno(w, r, "Failed to update rfkill device, ignoring: %m"); - else - return log_wiphy_warning_errno(w, r, "Failed to update rfkill device: %m"); - } + if (ERRNO_IS_NEG_DEVICE_ABSENT(r)) + log_wiphy_debug_errno(w, r, "Failed to update rfkill device, ignoring: %m"); + else if (r < 0) + return log_wiphy_warning_errno(w, r, "Failed to update rfkill device: %m"); return 0; } diff --git a/src/nspawn/nspawn-seccomp.c b/src/nspawn/nspawn-seccomp.c index f26bcf829f..5f45f367d0 100644 --- a/src/nspawn/nspawn-seccomp.c +++ b/src/nspawn/nspawn-seccomp.c @@ -206,11 +206,11 @@ int setup_seccomp(uint64_t cap_list_retain, char **syscall_allow_list, char **sy return r; r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return log_error_errno(r, "Failed to install seccomp filter: %m"); - log_debug_errno(r, "Failed to install filter set for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return log_error_errno(r, "Failed to install seccomp filter: %m"); + if (r < 0) + log_debug_errno(r, "Failed to install filter set for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); } SECCOMP_FOREACH_LOCAL_ARCH(arch) { @@ -243,11 +243,11 @@ int setup_seccomp(uint64_t cap_list_retain, char **syscall_allow_list, char **sy } r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return log_error_errno(r, "Failed to install seccomp audit filter: %m"); - log_debug_errno(r, "Failed to install filter set for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return log_error_errno(r, "Failed to install seccomp audit filter: %m"); + if (r < 0) + log_debug_errno(r, "Failed to install filter set for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); } return 0; diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 7eac4ca0bb..e614b05c83 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -2839,16 +2839,15 @@ static int setup_machine_id(const char *directory) { * container behaves nicely). */ r = id128_get_machine(directory, &arg_uuid); - if (r < 0) { - if (!ERRNO_IS_MACHINE_ID_UNSET(r)) /* If the file is missing, empty, or uninitialized, we don't mind */ - return log_error_errno(r, "Failed to read machine ID from container image: %m"); - + if (ERRNO_IS_NEG_MACHINE_ID_UNSET(r)) { + /* If the file is missing, empty, or uninitialized, we don't mind */ if (sd_id128_is_null(arg_uuid)) { r = sd_id128_randomize(&arg_uuid); if (r < 0) return log_error_errno(r, "Failed to acquire randomized machine UUID: %m"); } - } + } else if (r < 0) + return log_error_errno(r, "Failed to read machine ID from container image: %m"); return 0; } @@ -3410,13 +3409,11 @@ static int inner_child( if (arg_seccomp) { if (is_seccomp_available()) { - r = seccomp_load(arg_seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return log_error_errno(r, "Failed to install seccomp filter: %m"); + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return log_error_errno(r, "Failed to install seccomp filter: %m"); + if (r < 0) log_debug_errno(r, "Failed to install seccomp filter: %m"); - } } } else #endif @@ -3826,20 +3823,19 @@ static int outer_child( arg_uid_shift != 0) { r = remount_idmap(directory, arg_uid_shift, arg_uid_range, UID_INVALID, REMOUNT_IDMAPPING_HOST_ROOT); - if (r < 0) { - if (r == -EINVAL || ERRNO_IS_NOT_SUPPORTED(r)) { - /* This might fail because the kernel or file system doesn't support idmapping. We - * can't really distinguish this nicely, nor do we have any guarantees about the - * error codes we see, could be EOPNOTSUPP or EINVAL. */ - if (arg_userns_ownership != USER_NAMESPACE_OWNERSHIP_AUTO) - return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), - "ID mapped mounts are apparently not available, sorry."); - - log_debug("ID mapped mounts are apparently not available on this kernel or for the selected file system, reverting to recursive chown()ing."); - arg_userns_ownership = USER_NAMESPACE_OWNERSHIP_CHOWN; - } else - return log_error_errno(r, "Failed to set up ID mapped mounts: %m"); - } else { + if (r == -EINVAL || ERRNO_IS_NEG_NOT_SUPPORTED(r)) { + /* This might fail because the kernel or file system doesn't support idmapping. We + * can't really distinguish this nicely, nor do we have any guarantees about the + * error codes we see, could be EOPNOTSUPP or EINVAL. */ + if (arg_userns_ownership != USER_NAMESPACE_OWNERSHIP_AUTO) + return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), + "ID mapped mounts are apparently not available, sorry."); + + log_debug("ID mapped mounts are apparently not available on this kernel or for the selected file system, reverting to recursive chown()ing."); + arg_userns_ownership = USER_NAMESPACE_OWNERSHIP_CHOWN; + } else if (r < 0) + return log_error_errno(r, "Failed to set up ID mapped mounts: %m"); + else { log_debug("ID mapped mounts available, making use of them."); idmap = true; } @@ -4264,15 +4260,13 @@ static int nspawn_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t r } n = recvmsg_safe(fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC); - if (n < 0) { - if (ERRNO_IS_TRANSIENT(n)) - return 0; - if (n == -EXFULL) { - log_warning("Got message with truncated control data (too many fds sent?), ignoring."); - return 0; - } + if (ERRNO_IS_NEG_TRANSIENT(n)) + return 0; + else if (n == -EXFULL) { + log_warning("Got message with truncated control data (too many fds sent?), ignoring."); + return 0; + } else if (n < 0) return log_warning_errno(n, "Couldn't read notification socket: %m"); - } cmsg_close_all(&msghdr); @@ -5414,13 +5408,11 @@ static int cant_be_in_netns(void) { return log_error_errno(errno, "Failed to allocate udev control socket: %m"); r = connect_unix_path(fd, AT_FDCWD, "/run/udev/control"); - if (r < 0) { - if (r == -ENOENT || ERRNO_IS_DISCONNECT(r)) - return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), - "Sorry, but --image= requires access to the host's /run/ hierarchy, since we need access to udev."); - + if (r == -ENOENT || ERRNO_IS_NEG_DISCONNECT(r)) + return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), + "Sorry, but --image= requires access to the host's /run/ hierarchy, since we need access to udev."); + if (r < 0) return log_error_errno(r, "Failed to connect socket to udev control socket: %m"); - } r = getpeercred(fd, &ucred); if (r < 0) diff --git a/src/resolve/resolved-dns-transaction.c b/src/resolve/resolved-dns-transaction.c index b3d69f455a..de779695d9 100644 --- a/src/resolve/resolved-dns-transaction.c +++ b/src/resolve/resolved-dns-transaction.c @@ -2099,7 +2099,7 @@ int dns_transaction_go(DnsTransaction *t) { dns_transaction_complete(t, DNS_TRANSACTION_RR_TYPE_UNSUPPORTED); return 0; } - if (t->scope->protocol == DNS_PROTOCOL_LLMNR && r < 0 && ERRNO_IS_DISCONNECT(r)) { + if (t->scope->protocol == DNS_PROTOCOL_LLMNR && ERRNO_IS_NEG_DISCONNECT(r)) { /* On LLMNR, if we cannot connect to a host via TCP when doing reverse lookups. This means we cannot * answer this request with this protocol. */ dns_transaction_complete(t, DNS_TRANSACTION_NOT_FOUND); diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c index dc8629b050..43e7b95e17 100644 --- a/src/resolve/resolved-manager.c +++ b/src/resolve/resolved-manager.c @@ -796,13 +796,10 @@ int manager_recv(Manager *m, int fd, DnsProtocol protocol, DnsPacket **ret) { iov = IOVEC_MAKE(DNS_PACKET_DATA(p), p->allocated); l = recvmsg_safe(fd, &mh, 0); - if (l < 0) { - if (ERRNO_IS_TRANSIENT(l)) - return 0; - return l; - } - if (l == 0) + if (ERRNO_IS_NEG_TRANSIENT(l)) return 0; + if (l <= 0) + return l; assert(!(mh.msg_flags & MSG_TRUNC)); @@ -914,11 +911,10 @@ static int sendmsg_loop(int fd, struct msghdr *mh, int flags) { return -errno; r = fd_wait_for_event(fd, POLLOUT, LESS_BY(end, now(CLOCK_MONOTONIC))); - if (r < 0) { - if (ERRNO_IS_TRANSIENT(r)) - continue; + if (ERRNO_IS_NEG_TRANSIENT(r)) + continue; + if (r < 0) return r; - } if (r == 0) return -ETIMEDOUT; } @@ -942,11 +938,10 @@ static int write_loop(int fd, void *message, size_t length) { return -errno; r = fd_wait_for_event(fd, POLLOUT, LESS_BY(end, now(CLOCK_MONOTONIC))); - if (r < 0) { - if (ERRNO_IS_TRANSIENT(r)) - continue; + if (ERRNO_IS_NEG_TRANSIENT(r)) + continue; + if (r < 0) return r; - } if (r == 0) return -ETIMEDOUT; } diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c index ca6ba80cbd..f4697736d9 100644 --- a/src/shared/ask-password-api.c +++ b/src/shared/ask-password-api.c @@ -158,16 +158,14 @@ static int ask_password_keyring(const char *keyname, AskPasswordFlags flags, cha return -EUNATCH; r = lookup_key(keyname, &serial); - if (r < 0) { - /* when retrieving the distinction between "kernel or container manager don't support - * or allow this" and "no matching key known" doesn't matter. Note that we propagate - * EACCESS here (even if EPERM not) since that is used if the keyring is available but - * we lack access to the key. */ - if (ERRNO_IS_NOT_SUPPORTED(r) || r == -EPERM) - return -ENOKEY; - + if (ERRNO_IS_NEG_NOT_SUPPORTED(r) || r == -EPERM) + /* When retrieving, the distinction between "kernel or container manager don't support or + * allow this" and "no matching key known" doesn't matter. Note that we propagate EACCESS + * here (even if EPERM not) since that is used if the keyring is available, but we lack + * access to the key. */ + return -ENOKEY; + if (r < 0) return r; - } return retrieve_key(serial, ret); } @@ -867,14 +865,12 @@ int ask_password_agent( }; n = recvmsg_safe(socket_fd, &msghdr, 0); - if (n < 0) { - if (ERRNO_IS_TRANSIENT(n)) - continue; - if (n == -EXFULL) { - log_debug("Got message with truncated control data, ignoring."); - continue; - } - + if (ERRNO_IS_NEG_TRANSIENT(n)) + continue; + else if (n == -EXFULL) { + log_debug("Got message with truncated control data, ignoring."); + continue; + } else if (n < 0) { r = (int) n; goto finish; } diff --git a/src/shared/barrier.c b/src/shared/barrier.c index d76a61a5db..bd5bdd7590 100644 --- a/src/shared/barrier.c +++ b/src/shared/barrier.c @@ -175,9 +175,9 @@ static bool barrier_write(Barrier *b, uint64_t buf) { return false; assert(b->me >= 0); - do { + do len = write(b->me, &buf, sizeof(buf)); - } while (len < 0 && ERRNO_IS_TRANSIENT(errno)); + while (len < 0 && ERRNO_IS_TRANSIENT(errno)); if (len != sizeof(buf)) goto error; diff --git a/src/shared/cgroup-show.c b/src/shared/cgroup-show.c index f2c3406995..d2d0339910 100644 --- a/src/shared/cgroup-show.c +++ b/src/shared/cgroup-show.c @@ -134,21 +134,23 @@ static int is_delegated(int cgfd, const char *path) { assert(cgfd >= 0 || path); - r = getxattr_malloc(cgfd < 0 ? path : FORMAT_PROC_FD_PATH(cgfd), "trusted.delegate", &b); - if (r < 0 && ERRNO_IS_XATTR_ABSENT(r)) { + const char *t = cgfd >= 0 ? FORMAT_PROC_FD_PATH(cgfd) : path; + + r = getxattr_malloc(t, "trusted.delegate", &b); + if (ERRNO_IS_NEG_XATTR_ABSENT(r)) { /* If the trusted xattr isn't set (preferred), then check the untrusted one. Under the * assumption that whoever is trusted enough to own the cgroup, is also trusted enough to * decide if it is delegated or not this should be safe. */ - r = getxattr_malloc(cgfd < 0 ? path : FORMAT_PROC_FD_PATH(cgfd), "user.delegate", &b); - if (r < 0 && ERRNO_IS_XATTR_ABSENT(r)) + r = getxattr_malloc(t, "user.delegate", &b); + if (ERRNO_IS_NEG_XATTR_ABSENT(r)) return false; } if (r < 0) - return log_debug_errno(r, "Failed to read delegate xattr, ignoring: %m"); + return log_debug_errno(r, "Failed to read delegate xattr from %s, ignoring: %m", t); r = parse_boolean(b); if (r < 0) - return log_debug_errno(r, "Failed to parse delegate xattr boolean value, ignoring: %m"); + return log_debug_errno(r, "Failed to parse delegate xattr from %s, ignoring: %m", t); return r; } diff --git a/src/shared/copy.c b/src/shared/copy.c index 04603fd20e..a2740857e9 100644 --- a/src/shared/copy.c +++ b/src/shared/copy.c @@ -844,14 +844,11 @@ static int fd_copy_fifo( r = RET_NERRNO(mkfifoat(dt, to, st->st_mode & 07777)); if (copy_flags & COPY_MAC_CREATE) mac_selinux_create_file_clear(); - if (r < 0) { - if (FLAGS_SET(copy_flags, COPY_GRACEFUL_WARN) && (ERRNO_IS_PRIVILEGE(r) || ERRNO_IS_NOT_SUPPORTED(r))) { - log_notice_errno(r, "Failed to copy fifo '%s', ignoring: %m", from); - return 0; - } - + if (FLAGS_SET(copy_flags, COPY_GRACEFUL_WARN) && (ERRNO_IS_NEG_PRIVILEGE(r) || ERRNO_IS_NEG_NOT_SUPPORTED(r))) { + log_notice_errno(r, "Failed to copy fifo '%s', ignoring: %m", from); + return 0; + } else if (r < 0) return r; - } if (fchownat(dt, to, uid_is_valid(override_uid) ? override_uid : st->st_uid, @@ -898,14 +895,11 @@ static int fd_copy_node( r = RET_NERRNO(mknodat(dt, to, st->st_mode, st->st_rdev)); if (copy_flags & COPY_MAC_CREATE) mac_selinux_create_file_clear(); - if (r < 0) { - if (FLAGS_SET(copy_flags, COPY_GRACEFUL_WARN) && (ERRNO_IS_PRIVILEGE(r) || ERRNO_IS_NOT_SUPPORTED(r))) { - log_notice_errno(r, "Failed to copy node '%s', ignoring: %m", from); - return 0; - } - + if (FLAGS_SET(copy_flags, COPY_GRACEFUL_WARN) && (ERRNO_IS_NEG_PRIVILEGE(r) || ERRNO_IS_NEG_NOT_SUPPORTED(r))) { + log_notice_errno(r, "Failed to copy node '%s', ignoring: %m", from); + return 0; + } else if (r < 0) return r; - } if (fchownat(dt, to, uid_is_valid(override_uid) ? override_uid : st->st_uid, diff --git a/src/shared/kbd-util.c b/src/shared/kbd-util.c index e6fe973471..2f2d161ca6 100644 --- a/src/shared/kbd-util.c +++ b/src/shared/kbd-util.c @@ -82,14 +82,12 @@ int get_keymaps(char ***ret) { &(struct recurse_dir_userdata) { .keymaps = keymaps, }); - if (r < 0) { - if (r == -ENOENT) - continue; - if (ERRNO_IS_RESOURCE(r)) - return log_warning_errno(r, "Failed to read keymap list from %s: %m", dir); - + if (r == -ENOENT) + continue; + if (ERRNO_IS_NEG_RESOURCE(r)) + return log_warning_errno(r, "Failed to read keymap list from %s: %m", dir); + if (r < 0) log_debug_errno(r, "Failed to read keymap list from %s, ignoring: %m", dir); - } } _cleanup_strv_free_ char **l = set_get_strv(keymaps); @@ -129,7 +127,7 @@ bool keymap_is_valid(const char *name) { } int keymap_exists(const char *name) { - int r = 0; + int r; if (!keymap_is_valid(name)) return -EINVAL; @@ -145,17 +143,13 @@ int keymap_exists(const char *name) { &(struct recurse_dir_userdata) { .keymap_name = name, }); - if (r < 0) { - if (r == -ENOENT) - continue; - if (ERRNO_IS_RESOURCE(r)) - return r; - log_debug_errno(r, "Failed to read keymap list from %s, ignoring: %m", dir); - continue; - } if (r > 0) - break; + return true; + if (ERRNO_IS_NEG_RESOURCE(r)) + return r; + if (r < 0 && r != -ENOENT) + log_debug_errno(r, "Failed to read keymap list from %s, ignoring: %m", dir); } - return r > 0; + return false; } diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c index de78de3b80..66c564aea2 100644 --- a/src/shared/seccomp-util.c +++ b/src/shared/seccomp-util.c @@ -1102,11 +1102,11 @@ int seccomp_load_syscall_filter_set(uint32_t default_action, const SyscallFilter return log_debug_errno(r, "Failed to add filter set: %m"); r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; - log_debug_errno(r, "Failed to install filter set for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) + log_debug_errno(r, "Failed to install filter set for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); } return 0; @@ -1164,12 +1164,11 @@ int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* filter } r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) log_debug_errno(r, "Failed to install system call filter for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } } return 0; @@ -1206,10 +1205,10 @@ int seccomp_parse_syscall_filter( } NULSTR_FOREACH(i, set->value) { - /* Call ourselves again, for the group to parse. Note that we downgrade logging here (i.e. take - * away the SECCOMP_PARSE_LOG flag) since any issues in the group table are our own problem, - * not a problem in user configuration data and we shouldn't pretend otherwise by complaining - * about them. */ + /* Call ourselves again, for the group to parse. Note that we downgrade logging here + * (i.e. take away the SECCOMP_PARSE_LOG flag) since any issues in the group table + * are our own problem, not a problem in user configuration data and we shouldn't + * pretend otherwise by complaining about them. */ r = seccomp_parse_syscall_filter(i, errno_num, filter, flags &~ SECCOMP_PARSE_LOG, unit, filename, line); if (r < 0) return r; @@ -1227,9 +1226,9 @@ int seccomp_parse_syscall_filter( return 0; } - /* If we previously wanted to forbid a syscall and now we want to allow it, then remove - * it from the list. The entries in allow-list with non-negative error value will be - * handled with SCMP_ACT_ERRNO() instead of the default action. */ + /* If we previously wanted to forbid a syscall and now we want to allow it, then remove it + * from the list. The entries in allow-list with non-negative error value will be handled + * with SCMP_ACT_ERRNO() instead of the default action. */ if (!FLAGS_SET(flags, SECCOMP_PARSE_INVERT) == FLAGS_SET(flags, SECCOMP_PARSE_ALLOW_LIST) || (FLAGS_SET(flags, SECCOMP_PARSE_INVERT | SECCOMP_PARSE_ALLOW_LIST) && errno_num >= 0)) { r = hashmap_put(filter, INT_TO_PTR(id + 1), INT_TO_PTR(errno_num)); @@ -1287,19 +1286,20 @@ int seccomp_restrict_namespaces(unsigned long retain) { SCMP_SYS(clone3), 0); if (r < 0) - log_debug_errno(r, "Failed to add clone3() rule for architecture %s, ignoring: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add clone3() rule for architecture %s, ignoring: %m", + seccomp_arch_to_string(arch)); if ((retain & NAMESPACE_FLAGS_ALL) == 0) - /* If every single kind of namespace shall be prohibited, then let's block the whole setns() syscall - * altogether. */ + /* If every single kind of namespace shall be prohibited, then let's block the whole + * setns() syscall altogether. */ r = seccomp_rule_add_exact( seccomp, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(setns), 0); else - /* Otherwise, block only the invocations with the appropriate flags in the loop below, but also the - * special invocation with a zero flags argument, right here. */ + /* Otherwise, block only the invocations with the appropriate flags in the loop + * below, but also the special invocation with a zero flags argument, right here. */ r = seccomp_rule_add_exact( seccomp, SCMP_ACT_ERRNO(EPERM), @@ -1307,7 +1307,8 @@ int seccomp_restrict_namespaces(unsigned long retain) { 1, SCMP_A1(SCMP_CMP_EQ, 0)); if (r < 0) { - log_debug_errno(r, "Failed to add setns() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add setns() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } @@ -1329,7 +1330,8 @@ int seccomp_restrict_namespaces(unsigned long retain) { 1, SCMP_A0(SCMP_CMP_MASKED_EQ, f, f)); if (r < 0) { - log_debug_errno(r, "Failed to add unshare() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add unshare() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); break; } @@ -1349,7 +1351,8 @@ int seccomp_restrict_namespaces(unsigned long retain) { 1, SCMP_A1(SCMP_CMP_MASKED_EQ, f, f)); if (r < 0) { - log_debug_errno(r, "Failed to add clone() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add clone() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); break; } @@ -1361,7 +1364,8 @@ int seccomp_restrict_namespaces(unsigned long retain) { 1, SCMP_A1(SCMP_CMP_MASKED_EQ, f, f)); if (r < 0) { - log_debug_errno(r, "Failed to add setns() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add setns() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); break; } } @@ -1370,11 +1374,11 @@ int seccomp_restrict_namespaces(unsigned long retain) { continue; r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; - log_debug_errno(r, "Failed to install namespace restriction rules for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) + log_debug_errno(r, "Failed to install namespace restriction rules for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); } return 0; @@ -1412,16 +1416,17 @@ int seccomp_protect_sysctl(void) { SCMP_SYS(_sysctl), 0); if (r < 0) { - log_debug_errno(r, "Failed to add _sysctl() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add _sysctl() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; - log_debug_errno(r, "Failed to install sysctl protection rules for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) + log_debug_errno(r, "Failed to install sysctl protection rules for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); } return 0; @@ -1450,11 +1455,11 @@ int seccomp_protect_syslog(void) { } r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; - log_debug_errno(r, "Failed to install syslog protection rules for architecture %s, skipping %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) + log_debug_errno(r, "Failed to install syslog protection rules for architecture %s, skipping %m", + seccomp_arch_to_string(arch)); } return 0; @@ -1550,7 +1555,8 @@ int seccomp_restrict_address_families(Set *address_families, bool allow_list) { SCMP_SYS(socket), 0); if (r < 0) { - log_debug_errno(r, "Failed to add socket() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add socket() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } @@ -1564,7 +1570,8 @@ int seccomp_restrict_address_families(Set *address_families, bool allow_list) { 1, SCMP_A0(SCMP_CMP_LT, first)); if (r < 0) { - log_debug_errno(r, "Failed to add socket() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add socket() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } @@ -1576,7 +1583,8 @@ int seccomp_restrict_address_families(Set *address_families, bool allow_list) { 1, SCMP_A0(SCMP_CMP_GT, last)); if (r < 0) { - log_debug_errno(r, "Failed to add socket() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add socket() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } @@ -1596,7 +1604,8 @@ int seccomp_restrict_address_families(Set *address_families, bool allow_list) { break; } if (r < 0) { - log_debug_errno(r, "Failed to add socket() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add socket() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } } @@ -1618,17 +1627,18 @@ int seccomp_restrict_address_families(Set *address_families, bool allow_list) { break; } if (r < 0) { - log_debug_errno(r, "Failed to add socket() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add socket() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } } r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; - log_debug_errno(r, "Failed to install socket family rules for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) + log_debug_errno(r, "Failed to install socket family rules for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); } return 0; @@ -1685,7 +1695,8 @@ int seccomp_restrict_realtime_full(int error_code) { 1, SCMP_A1(SCMP_CMP_EQ, p)); if (r < 0) { - log_debug_errno(r, "Failed to add scheduler rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add scheduler rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } } @@ -1699,16 +1710,17 @@ int seccomp_restrict_realtime_full(int error_code) { 1, SCMP_A1(SCMP_CMP_GT, max_policy)); if (r < 0) { - log_debug_errno(r, "Failed to add scheduler rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add scheduler rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; - log_debug_errno(r, "Failed to install realtime protection rules for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) + log_debug_errno(r, "Failed to install realtime protection rules for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); } return 0; @@ -1842,12 +1854,11 @@ int seccomp_memory_deny_write_execute(void) { } r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) log_debug_errno(r, "Failed to install MemoryDenyWriteExecute= rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } loaded++; } @@ -1916,11 +1927,10 @@ int seccomp_restrict_archs(Set *archs) { return r; r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) log_debug_errno(r, "Failed to restrict system call architectures, skipping: %m"); - } return 0; } @@ -2007,16 +2017,17 @@ int seccomp_lock_personality(unsigned long personality) { 1, SCMP_A0(SCMP_CMP_NE, personality)); if (r < 0) { - log_debug_errno(r, "Failed to add scheduler rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add scheduler rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; - log_debug_errno(r, "Failed to enable personality lock for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) + log_debug_errno(r, "Failed to enable personality lock for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); } return 0; @@ -2039,7 +2050,8 @@ int seccomp_protect_hostname(void) { SCMP_SYS(sethostname), 0); if (r < 0) { - log_debug_errno(r, "Failed to add sethostname() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add sethostname() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } @@ -2049,16 +2061,17 @@ int seccomp_protect_hostname(void) { SCMP_SYS(setdomainname), 0); if (r < 0) { - log_debug_errno(r, "Failed to add setdomainname() rule for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add setdomainname() rule for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); continue; } r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; - log_debug_errno(r, "Failed to apply hostname restrictions for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) + log_debug_errno(r, "Failed to apply hostname restrictions for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); } return 0; @@ -2223,21 +2236,23 @@ int seccomp_restrict_suid_sgid(void) { r = seccomp_restrict_sxid(seccomp, S_ISUID); if (r < 0) - log_debug_errno(r, "Failed to add suid rule for architecture %s, ignoring: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add suid rule for architecture %s, ignoring: %m", + seccomp_arch_to_string(arch)); k = seccomp_restrict_sxid(seccomp, S_ISGID); if (k < 0) - log_debug_errno(r, "Failed to add sgid rule for architecture %s, ignoring: %m", seccomp_arch_to_string(arch)); + log_debug_errno(r, "Failed to add sgid rule for architecture %s, ignoring: %m", + seccomp_arch_to_string(arch)); if (r < 0 && k < 0) continue; r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; - log_debug_errno(r, "Failed to apply suid/sgid restrictions for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) + log_debug_errno(r, "Failed to apply suid/sgid restrictions for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); } return 0; @@ -2379,11 +2394,11 @@ int seccomp_suppress_sync(void) { #endif r = seccomp_load(seccomp); - if (r < 0) { - if (ERRNO_IS_SECCOMP_FATAL(r)) - return r; - log_debug_errno(r, "Failed to apply sync() suppression for architecture %s, skipping: %m", seccomp_arch_to_string(arch)); - } + if (ERRNO_IS_NEG_SECCOMP_FATAL(r)) + return r; + if (r < 0) + log_debug_errno(r, "Failed to apply sync() suppression for architecture %s, skipping: %m", + seccomp_arch_to_string(arch)); } return 0; diff --git a/src/shared/seccomp-util.h b/src/shared/seccomp-util.h index 5fd135d597..9c6016449e 100644 --- a/src/shared/seccomp-util.h +++ b/src/shared/seccomp-util.h @@ -8,6 +8,7 @@ #include <stdint.h> #include "errno-list.h" +#include "errno-util.h" #include "parse-util.h" #include "set.h" #include "string-util.h" @@ -127,8 +128,14 @@ extern uint32_t seccomp_local_archs[]; /* EACCES: does not have the CAP_SYS_ADMIN or no_new_privs == 1 * ENOMEM: out of memory, failed to allocate space for a libseccomp structure, or would exceed a defined constant * EFAULT: addresses passed as args (by libseccomp) are invalid */ -#define ERRNO_IS_SECCOMP_FATAL(r) \ - IN_SET(abs(r), EPERM, EACCES, ENOMEM, EFAULT) +static inline bool ERRNO_IS_NEG_SECCOMP_FATAL(intmax_t r) { + return IN_SET(r, + -EPERM, + -EACCES, + -ENOMEM, + -EFAULT); +} +_DEFINE_ABS_WRAPPER(SECCOMP_FATAL); DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(scmp_filter_ctx, seccomp_release, NULL); diff --git a/src/shared/userdb-dropin.c b/src/shared/userdb-dropin.c index 309f33b5b5..533fd0f0d3 100644 --- a/src/shared/userdb-dropin.c +++ b/src/shared/userdb-dropin.c @@ -57,14 +57,13 @@ static int load_user( } r = json_parse_file(NULL, j, JSON_PARSE_SENSITIVE, &privileged_v, NULL, NULL); - if (r < 0) { - if (ERRNO_IS_PRIVILEGE(r)) - have_privileged = false; - else if (r == -ENOENT) - have_privileged = true; /* if the privileged file doesn't exist, we are complete */ - else - return r; - } else { + if (ERRNO_IS_NEG_PRIVILEGE(r)) + have_privileged = false; + else if (r == -ENOENT) + have_privileged = true; /* if the privileged file doesn't exist, we are complete */ + else if (r < 0) + return r; + else { r = json_variant_merge(&v, privileged_v); if (r < 0) return r; @@ -202,14 +201,13 @@ static int load_group( } r = json_parse_file(NULL, j, JSON_PARSE_SENSITIVE, &privileged_v, NULL, NULL); - if (r < 0) { - if (ERRNO_IS_PRIVILEGE(r)) - have_privileged = false; - else if (r == -ENOENT) - have_privileged = true; /* if the privileged file doesn't exist, we are complete */ - else - return r; - } else { + if (ERRNO_IS_NEG_PRIVILEGE(r)) + have_privileged = false; + else if (r == -ENOENT) + have_privileged = true; /* if the privileged file doesn't exist, we are complete */ + else if (r < 0) + return r; + else { r = json_variant_merge(&v, privileged_v); if (r < 0) return r; diff --git a/src/shared/utmp-wtmp.c b/src/shared/utmp-wtmp.c index 3a68cf8016..c79764ced0 100644 --- a/src/shared/utmp-wtmp.c +++ b/src/shared/utmp-wtmp.c @@ -313,11 +313,10 @@ static int write_to_terminal(const char *tty, const char *message) { return -ETIME; k = fd_wait_for_event(fd, POLLOUT, end - t); - if (k < 0) { - if (ERRNO_IS_TRANSIENT(k)) - continue; + if (ERRNO_IS_NEG_TRANSIENT(k)) + continue; + if (k < 0) return k; - } if (k == 0) return -ETIME; diff --git a/src/shared/varlink.c b/src/shared/varlink.c index 97f50a5ed2..41c2daf02b 100644 --- a/src/shared/varlink.c +++ b/src/shared/varlink.c @@ -1279,8 +1279,8 @@ int varlink_wait(Varlink *v, usec_t timeout) { return events; r = fd_wait_for_event(fd, events, t); - if (r < 0 && ERRNO_IS_TRANSIENT(r)) /* Treat EINTR as not a timeout, but also nothing happened, and - * the caller gets a chance to call back into us */ + if (ERRNO_IS_NEG_TRANSIENT(r)) /* Treat EINTR as not a timeout, but also nothing happened, and + * the caller gets a chance to call back into us */ return 1; if (r <= 0) return r; @@ -1368,14 +1368,11 @@ int varlink_flush(Varlink *v) { } r = fd_wait_for_event(v->fd, POLLOUT, USEC_INFINITY); - if (r < 0) { - if (ERRNO_IS_TRANSIENT(r)) - continue; - + if (ERRNO_IS_NEG_TRANSIENT(r)) + continue; + if (r < 0) return varlink_log_errno(v, r, "Poll failed on fd: %m"); - } - - assert(r != 0); + assert(r > 0); handle_revents(v, r); } diff --git a/src/stdio-bridge/stdio-bridge.c b/src/stdio-bridge/stdio-bridge.c index 12abc18524..48c29a67b4 100644 --- a/src/stdio-bridge/stdio-bridge.c +++ b/src/stdio-bridge/stdio-bridge.c @@ -195,13 +195,11 @@ static int run(int argc, char *argv[]) { continue; r = sd_bus_process(b, &m); - if (r < 0) { - /* treat 'connection reset by peer' as clean exit condition */ - if (ERRNO_IS_DISCONNECT(r)) - return 0; - + if (ERRNO_IS_NEG_DISCONNECT(r)) + /* Treat 'connection reset by peer' as clean exit condition */ + return 0; + if (r < 0) return log_error_errno(r, "Failed to process bus: %m"); - } if (m) { r = sd_bus_send(a, m, NULL); @@ -241,11 +239,8 @@ static int run(int argc, char *argv[]) { }; r = ppoll_usec(p, ELEMENTSOF(p), t); - if (r < 0) { - if (ERRNO_IS_TRANSIENT(r)) /* don't be bothered by signals, i.e. EINTR */ - continue; + if (r < 0 && !ERRNO_IS_TRANSIENT(r)) /* don't be bothered by signals, i.e. EINTR */ return log_error_errno(r, "ppoll() failed: %m"); - } } return 0; diff --git a/src/test/test-architecture.c b/src/test/test-architecture.c index 043978e9a6..8731e1c3f7 100644 --- a/src/test/test-architecture.c +++ b/src/test/test-architecture.c @@ -21,7 +21,7 @@ int main(int argc, char *argv[]) { assert_se(architecture_from_string(architecture_to_string(1)) == 1); v = detect_virtualization(); - if (v < 0 && ERRNO_IS_PRIVILEGE(v)) + if (ERRNO_IS_NEG_PRIVILEGE(v)) return log_tests_skipped("Cannot detect virtualization"); assert_se(v >= 0); diff --git a/src/test/test-barrier.c b/src/test/test-barrier.c index 0538de9949..7e8bfc0ad6 100644 --- a/src/test/test-barrier.c +++ b/src/test/test-barrier.c @@ -429,7 +429,7 @@ static int intro(void) { */ Virtualization v = detect_virtualization(); - if (v < 0 && ERRNO_IS_PRIVILEGE(v)) + if (ERRNO_IS_NEG_PRIVILEGE(v)) return log_tests_skipped("Cannot detect virtualization"); if (v != VIRTUALIZATION_NONE) diff --git a/src/test/test-blockdev-util.c b/src/test/test-blockdev-util.c index 4ccb779607..4002063a19 100644 --- a/src/test/test-blockdev-util.c +++ b/src/test/test-blockdev-util.c @@ -8,7 +8,7 @@ static void test_path_is_encrypted_one(const char *p, int expect) { int r; r = path_is_encrypted(p); - if (r == -ENOENT || (r < 0 && ERRNO_IS_PRIVILEGE(r))) + if (r == -ENOENT || ERRNO_IS_NEG_PRIVILEGE(r)) /* This might fail, if btrfs is used and we run in a container. In that case we cannot * resolve the device node paths that BTRFS_IOC_DEV_INFO returns, because the device nodes * are unlikely to exist in the container. But if we can't stat() them we cannot determine diff --git a/src/test/test-capability.c b/src/test/test-capability.c index a45e06db22..2f93fbeede 100644 --- a/src/test/test-capability.c +++ b/src/test/test-capability.c @@ -39,7 +39,7 @@ static void test_last_cap_file(void) { int r; r = read_one_line_file("/proc/sys/kernel/cap_last_cap", &content); - if (r == -ENOENT || (r < 0 && ERRNO_IS_PRIVILEGE(r))) /* kernel pre 3.2 or no access */ + if (r == -ENOENT || ERRNO_IS_NEG_PRIVILEGE(r)) /* kernel pre 3.2 or no access */ return; assert_se(r >= 0); @@ -235,7 +235,7 @@ static void test_ensure_cap_64_bit(void) { int r; r = read_one_line_file("/proc/sys/kernel/cap_last_cap", &content); - if (r == -ENOENT || (r < 0 && ERRNO_IS_PRIVILEGE(r))) /* kernel pre 3.2 or no access */ + if (r == -ENOENT || ERRNO_IS_NEG_PRIVILEGE(r)) /* kernel pre 3.2 or no access */ return; assert_se(r >= 0); diff --git a/src/test/test-condition.c b/src/test/test-condition.c index 6d57ba8da9..5505d6c8e2 100644 --- a/src/test/test-condition.c +++ b/src/test/test-condition.c @@ -251,7 +251,7 @@ TEST(condition_test_host) { int r; r = sd_id128_get_machine(&id); - if (r < 0 && ERRNO_IS_MACHINE_ID_UNSET(r)) + if (ERRNO_IS_NEG_MACHINE_ID_UNSET(r)) return (void) log_tests_skipped("/etc/machine-id missing"); assert_se(r >= 0); diff --git a/src/test/test-errno-util.c b/src/test/test-errno-util.c index 62a508c4c9..376d532281 100644 --- a/src/test/test-errno-util.c +++ b/src/test/test-errno-util.c @@ -89,4 +89,24 @@ TEST(RET_GATHER) { assert_se(y == 3); } +TEST(ERRNO_IS_TRANSIENT) { + assert_se( ERRNO_IS_NEG_TRANSIENT(-EINTR)); + assert_se(!ERRNO_IS_NEG_TRANSIENT(EINTR)); + assert_se( ERRNO_IS_TRANSIENT(-EINTR)); + assert_se( ERRNO_IS_TRANSIENT(EINTR)); + + /* Test with type wider than int */ + ssize_t r = -EAGAIN; + assert_se( ERRNO_IS_NEG_TRANSIENT(r)); + + /* On 64-bit arches, now (int) r == EAGAIN */ + r = SSIZE_MAX - EAGAIN + 1; + assert_se(!ERRNO_IS_NEG_TRANSIENT(r)); + + assert_se(!ERRNO_IS_NEG_TRANSIENT(INT_MAX)); + assert_se(!ERRNO_IS_NEG_TRANSIENT(INT_MIN)); + assert_se(!ERRNO_IS_NEG_TRANSIENT(INTMAX_MAX)); + assert_se(!ERRNO_IS_NEG_TRANSIENT(INTMAX_MIN)); +} + DEFINE_TEST_MAIN(LOG_INFO); diff --git a/src/test/test-fileio.c b/src/test/test-fileio.c index 51c8d8ee88..0eb7b07331 100644 --- a/src/test/test-fileio.c +++ b/src/test/test-fileio.c @@ -490,7 +490,7 @@ TEST(write_string_file_verify) { int r; r = read_one_line_file("/proc/version", &buf); - if (r < 0 && ERRNO_IS_PRIVILEGE(r)) + if (ERRNO_IS_NEG_PRIVILEGE(r)) return; assert_se(r >= 0); assert_se(buf2 = strjoin(buf, "\n")); diff --git a/src/test/test-mount-util.c b/src/test/test-mount-util.c index f0fc0f3e73..0898e68cb5 100644 --- a/src/test/test-mount-util.c +++ b/src/test/test-mount-util.c @@ -470,10 +470,8 @@ TEST(umount_recursive) { FORK_MOUNTNS_SLAVE, NULL); - if (r < 0 && ERRNO_IS_PRIVILEGE(r)) { - log_notice("Skipping umount_recursive() test, lacking privileges"); - return; - } + if (ERRNO_IS_NEG_PRIVILEGE(r)) + return (void) log_notice("Skipping umount_recursive() test, lacking privileges"); assert_se(r >= 0); if (r == 0) { /* child */ @@ -575,10 +573,9 @@ TEST(bind_mount_submounts) { assert_se(mkdtemp_malloc(NULL, &a) >= 0); r = mount_nofollow_verbose(LOG_INFO, "tmpfs", a, "tmpfs", 0, NULL); - if (r < 0 && ERRNO_IS_PRIVILEGE(r)) { - (void) log_tests_skipped("Skipping bind_mount_submounts() test, lacking privileges"); - return; - } + if (ERRNO_IS_NEG_PRIVILEGE(r)) + return (void) log_tests_skipped("Skipping bind_mount_submounts() test, lacking privileges"); + assert_se(r >= 0); assert_se(x = path_join(a, "foo")); diff --git a/src/test/test-procfs-util.c b/src/test/test-procfs-util.c index 5427e1bec3..644de5831c 100644 --- a/src/test/test-procfs-util.c +++ b/src/test/test-procfs-util.c @@ -28,14 +28,14 @@ int main(int argc, char *argv[]) { pid_max = TASKS_MAX; r = procfs_get_pid_max(&pid_max); - if (r == -ENOENT || (r < 0 && ERRNO_IS_PRIVILEGE(r))) + if (r == -ENOENT || ERRNO_IS_NEG_PRIVILEGE(r)) return log_tests_skipped_errno(r, "can't get pid max"); assert(r >= 0); log_info("kernel.pid_max: %"PRIu64, pid_max); threads_max = TASKS_MAX; r = procfs_get_threads_max(&threads_max); - if (r == -ENOENT || (r < 0 && ERRNO_IS_PRIVILEGE(r))) + if (r == -ENOENT || ERRNO_IS_NEG_PRIVILEGE(r)) return log_tests_skipped_errno(r, "can't get threads max"); assert(r >= 0); log_info("kernel.threads-max: %"PRIu64, threads_max); diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c index 376d3ad7d3..44302e17d1 100644 --- a/src/tmpfiles/tmpfiles.c +++ b/src/tmpfiles/tmpfiles.c @@ -1937,7 +1937,7 @@ static int create_directory_or_subvolume( } else r = 0; - if (!subvol || (r < 0 && ERRNO_IS_NOT_SUPPORTED(r))) + if (!subvol || ERRNO_IS_NEG_NOT_SUPPORTED(r)) WITH_UMASK(0000) r = mkdirat_label(pfd, bn, mode); |