| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Done using linkchecker as usual.
|
| |
|
|
| |
Fixes #26376.
|
| | |
|
| |
|
|
|
|
|
| |
If the device access policy is restricted, add implicitly access to the TPM
if at least one encrypted credential needs to be loaded.
Fixes https://github.com/systemd/systemd/issues/26042
|
| |
|
|
|
|
|
|
| |
If it was not requested to use a tpm2 signature file when enrolling, do
not fallback to the default /run/systemd/tpm2-pcr-signature.json as it
likely will be unrelated if it exists.
Fixes https://github.com/systemd/systemd/issues/25435
|
| |
|
|
|
| |
This ensures that cg_kill_items returns the correct value to let the
manager know that a process was killed.
|
| |\
| |
| | |
udev: set worker process name
|
| | |
| |
| |
| | |
No functional changes, just refactoring.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This effectively reverts commit ff86c92e3043f71fc801cf687600a480ee8f6778,
and re-apply 49f3ee7e74c714f55aab395c080b1099fc17f7fd.
The change was dropped due to the process name was not correctly logged,
but the issue was fixed by dd15e4cb57129b915e01495e113696bfe0b70214.
Let's set the child process name again.
|
| | | |
|
| |\ \
| | |
| | | |
logs-show: rename "ts" paramater/variable to "display_ts"
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When displaying log data we deal with two kind of timestamps: the one we
use for display (typically the source timestamp if available), and the
one we use internally (typically the reception timestamp of journald).
The user-facing output modes generally use the display timestamp, the
ones intended for further processing (i.e. json + export outputs) do
not, and directly query the timestamps of the entry, ignoring the
source. This gets a bit confusing, since it's not always clear why we
use which timestamp where. Let's address that by renaming the generic
"ts" parameter/variable to "display_ts" to emphasize that the stored
timestamp are "corrected" timestamps for display only.
No real code change, just some renaming.
|
| |\ \
| | |
| | | |
journal: print nicer log message when limit of open journal files during display is hit
|
| | | | |
|
| | |/
| |
| |
| | |
See: #20921
|
| |\ \
| | |
| | | |
resolve: adjust message for NXDOMAIN lookup result
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, we reported:
nx.example.org: resolve call failed: 'nx.example.org' not found
But the call did succeed, and in fact all communication with the upstream
servers was successful, and we got an authoritative negative answer.
So instead of saying that the call fail, just say that the host doesn't exist:
nx.example.org: Name 'nx.example.org' not found
I wanted to keep the prefix of "<name>: ", to keep the output uniform. But
it'd look a bit strange to say "<name>: <name> not found", so I added "Name "
to make the output more readable. (Another option would be to not display
the error string received from resolved, but that seems risky: even if right
now resolved uses just one message format, it could start doing something else
in the future, so it's better to display the error as received.)
Fixes #26233.
|
| | |/
| |
| |
| |
| |
| | |
This result is identical after cpp is done, so we don't save anything
by not having the usual macros. And with the usual macros it's easier to
grep and code-crossreferencing works better.
|
| | | |
|
| |\ \
| |/
|/| |
ci: Fix automatic removing of labels when PR is closed
|
| | |
| |
| |
| |
| |
| |
| | |
`github.event.issue.pull_request` is an object, not a boolean.
This is the root cause of why the step that is supposed to remove labels
is always skipped. Having this condition in place is not necessary since
the workflow is run on the `pull_request_target` event.
|
| |/ |
|
| |\
| |
| | |
argv-util: also update short invocation name
|
| | |
| |
| |
| |
| |
| | |
Our logging uses program_invocation_short_name. Without this patch,
logs from forked client may become broken; spuriously truncated or
the short invocation name is not completely shown in the log.
|
| | | |
|
| |\ \
| | |
| | | |
Log errno fix
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
[2/3] Compiling C object systemd-repart.p/src_partition_repart.c.o
../src/partition/repart.c: In function ‘context_open_copy_block_paths’:
../src/partition/repart.c:5194:41: warning: ‘devno’ may be used uninitialized [-Wmaybe-uninitialized]
5194 | source_fd = r = device_open_from_devnum(S_IFBLK, devno, O_RDONLY|O_CLOEXEC|O_NONBLOCK, &opened);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../src/partition/repart.c:5188:31: note: ‘devno’ was declared here
5188 | dev_t devno;
| ^~~~~
This is with gcc-13.0.1-0.2.fc38.x86_64, -O2. I'm pretty sure the code
is correct. I also tried adding some asserts where errno is used for the return
value, but that didn't help. I think resolve_copy_blocks_auto() is just too long
for gcc to understand.
|
| | |/ |
|
| |\ \
| | |
| | | |
Enable new compiler diagnostics for invalid array accesses
|
| | | |
| | |
| | |
| | |
| | |
| | | |
This will warn if fake flexible arrays are re-introduced. I'm not using
-Werror=… because we may still get warnings when compiling against old kernel
headers. We can crank this up to error later.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
-fstrict-flex-arrays means that the compiler doesn't have to assume that any
trailing array is a flex array. I.e. unless the array is declared without a
specified size, only indices in the declared range are valid.
-Warray-bounds turns on the warnings about out-of-bounds array accesses.
-Warray-bounds=2 does some more warnings, with higher false positive rate. But
it doesn't seem to yield any false positives in our codebase, so enable it.
clang supports -Warray-bounds, but not -Warray-bounds=2.
gcc supports both.
gcc-13 supports -fstrict-flex-arrays.
See https://people.kernel.org/kees/bounded-flexible-arrays-in-c for a long
discussion of use in the kernel.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
I tried to use DECLARE_FLEX_ARRAY like the kernel does, but it does not work
for anonymous structs (they cannot be declared inline), so an open-coded
version is used.
|
| | | |
| | |
| | |
| | | |
The kernel still hasn't fixed this in kernel-headers-6.2.0-0.rc6.git0.1.fc38.x86_64.
|
| | | | |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The kernel was updated to not use fake flex arrays with zero size.
Updating should allow -fstrict-flex-arrays to be used.
Headers pulled from kernel-headers-6.2.0-0.rc6.git0.1.fc38.x86_64.
Note that this is not a straighforward copy: our files have local modifications
(listed in README) that need to be preserved.
|
| |\ \
| | |
| | | |
Drop whitespace after shell redirection operators
|
| | | | |
|
| | | | |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
(The one case that is left unchanged is '< <(subcommand)'.)
This way, the style with no gap was already dominant. This way, the reader
immediately knows that ' < ' is a comparison operator and ' << ' is a shift.
In a few cases, replace custom EOF replacement by just EOF. There is no point
in using someting like "_EOL" unless "EOF" appears in the text.
|
| | | |
|
| |/ |
|
| |
|
|
| |
Also adjust text wrapping in a few spots.
|
| | |
|
| |
|
|
|
|
| |
This commit adds hwdb entry for MOTU 896 mk3 Hybrid.
Reference: https://lore.kernel.org/alsa-devel/63DF98FE.2060604@gmx.de/
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to the limitation of `GITHUB_TOKEN` when running workflows from forks,
it's required to split the `development_freeze` workflow in two.
* First workflow will run on the `pull_request` trigger and save the PR
number in the artifact. This workflow is running with read-only permissions
on `GITHUB_TOKEN`.
* Second workflow will get triggered on `workflow_run`. It will be run
directly in the `systemd/systemd` context and can get permission to be
able to create comments on PR.
GITHUB_TOKEN limitations:
* https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
GitHub Security Labs Article - How to correctly and safely overcome GITHUB_TOKEN limitations:
* https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
|
| | |
|
| | |
|
| | |
|
| |\
| |
| | |
Update hwdb for rc2
|
