| Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
We have https://github.com/systemd/particleos for testing the particle
stuff so let's drop it from the systemd repo as it's bit rotting.
|
|
This is now a valid character with the introduction of multi UKI
profiles, so update the function to allow it.
|
|
When we're reading a section from disk, use file_size to use the
size on disk instead of the size in memory.
|
|
Let's clearly indicate this is the size in memory and not the size
on disk, these two are not guaranteed to be the same.
|
|
|
|
|
|
We weren't measuring the profile section itself.
|
|
The compiler clones the u32 i variable to another register, and fails to
calculate the range of possible values, so the verification fails.
libbpf: prog 'sysctl_monitor': BPF program load failed: Permission denied
libbpf: prog 'sysctl_monitor': -- BEGIN PROG LOAD LOG --
0: R1=ctx() R10=fp0
; int sysctl_monitor(struct bpf_sysctl *ctx) { @ sysctl-monitor.bpf.c:65
0: (bf) r6 = r1 ; R1=ctx() R6_w=ctx()
; if (bpf_current_task_under_cgroup(&cgroup_map, 0)) @ sysctl-monitor.bpf.c:69
1: (18) r1 = 0xffff892a0fda9c00 ; R1_w=map_ptr(map=cgroup_map,ks=4,vs=4)
3: (b7) r2 = 0 ; R2_w=0
4: (85) call bpf_current_task_under_cgroup#37 ; R0_w=scalar()
5: (55) if r0 != 0x0 goto pc+88 ; R0_w=0
; if (!ctx->write) @ sysctl-monitor.bpf.c:73
6: (61) r1 = *(u32 *)(r6 +0) ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6_w=ctx()
7: (15) if r1 == 0x0 goto pc+86 ; R1_w=scalar(smin=umin=umin32=1,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
8: (b7) r1 = 1 ; R1_w=1
; we.version = 1; @ sysctl-monitor.bpf.c:81
9: (7b) *(u64 *)(r10 -480) = r1 ; R1_w=1 R10=fp0 fp-480_w=1
10: (b7) r8 = 0 ; R8_w=0
; we.path[0] = 0; @ sysctl-monitor.bpf.c:83
11: (73) *(u8 *)(r10 -440) = r8 ; R8_w=0 R10=fp0 fp-440=???????0
; we.newvalue[0] = 0; @ sysctl-monitor.bpf.c:86
12: (73) *(u8 *)(r10 -180) = r8 ; R8_w=0 R10=fp0 fp-184=???0????
; we.current[0] = 0; @ sysctl-monitor.bpf.c:85
13: (73) *(u8 *)(r10 -340) = r8 ; R8_w=0 R10=fp0 fp-344=???0????
; we.comm[0] = 0; @ sysctl-monitor.bpf.c:84
14: (73) *(u8 *)(r10 -456) = r8 ; R8_w=0 R10=fp0 fp-456=???????0
; we.pid = bpf_get_current_pid_tgid() >> 32; @ sysctl-monitor.bpf.c:89
15: (85) call bpf_get_current_pid_tgid#14 ; R0=scalar()
16: (77) r0 >>= 32 ; R0_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
17: (63) *(u32 *)(r10 -472) = r0 ; R0_w=scalar(id=1,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-472=????scalar(id=1,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
; we.cgroup_id = bpf_get_current_cgroup_id(); @ sysctl-monitor.bpf.c:90
18: (85) call bpf_get_current_cgroup_id#80 ; R0_w=s
libbpf: prog 'sysctl_monitor': failed to load: -13
libbpf: failed to load object 'sysctl_monitor_bpf'
libbpf: failed to load BPF skeleton 'sysctl_monitor_bpf': -13
Unable to load sysctl monitor BPF program, ignoring: Permission denied.
Change the type to u64 to fix it.
|
|
The function sorts the listed mounts, and that's kinda key, hence
reflect that in the name.
|
|
|
|
varlink method call IDL field
We define the same field at many places, let's add a macro with it, that
also contains a suitable description comment.
|
|
Teaches systemd-stub how to load additional initrds from addon files.
This is very similar to the support for .ucode sections in addon files,
but with different ordering. Initrds from addons have a chance to
overwrite files from the base initrd in the UKI.
|
|
|
|
This change makes it possible for repart to create dm-verity hash
partitions for a custom amount of protected data. When the property
`SizeMaxBytes=` is specified for a dm-verity data partition, the size
of the corresponding hash partition is set to accommodate hash data
for this maximum size, rather than the actual contents its data
sibling. However, the contained hash data continues to be generated
from said sibling.
|
|
|
|
|
|
This also makes the error message configurable, so that find_sbsign and
find_pesign can be inlined again.
|
|
This way finalize_options will not call sys.exit by itself.
|
|
|
|
|
|
The latter was deprecated for the former and is only an alias for it.
|
|
|
|
|
|
|
|
|
|
This takes the idea from #18595 and implements it based on our current
hwdb: the original PR suggested the keys 66/65 are a generic HP thing,
and not limited to specific laptops. The current specific laptop entries
do not contradict that claim.
Hence, let's move them from the specific sections matching some HP
laptops to the generic section matching all.
This uses the correct key names, which have long been fixed (which used
to be a problem our CI was tripped off by).
This is not tested, but I think fairly risk-less, and should allow us to
get rid of a really old PR.
Replaces: #18595
|
|
Exit/Reboot/Poweroff and similar operations are invasive enough that
logging about who initiated them is very useful to debug issues.
|
|
A daemon-reload is important enough to deserve logging at notice
level.
|
|
Let's log about which bus we're trying to connect to and what transport
we're using to do it.
|
|
As per: https://github.com/systemd/systemd/pull/34325
And: https://github.com/systemd/systemd/issues/34323
|
|
|
|
Follow-up for 0e551b04efb911d38b586cca1a6a462c87a2cb1b.
Similar to the previous commit, but for PrivateTmp=.
|
|
Fixes #17224
|
|
|
|
Then, make bus_verify_manage_units_async() and _full() inline.
Co-authored-by: Renjaya Raga Zenta <ragazenta@gmail.com>
|
|
|
|
In mount_load_proc_self_mountinfo(), device_found_node() is synchronously called
during the traversal of mountinfo entries. When there are a large number of
mount points, and the device types are not significantly different, this results
in excessive time consumption during device discovery, causing a performance
bottleneck. This issue is particularly prominent on servers with a large number
of cores in IDC.
This patch decouples device discovery from the mountinfo traversal process,
avoiding redundant device operations. As a result, it significantly improves
performance, especially in environments with numerous mount points.
Signed-off-by: Chen Guanqiao <chen.chenchacha@foxmail.com>
|
|
Follow-up for fa693fdc7e17618958c505af4b2f39ecd1c3363e.
The documentation says the option takes a boolean or one of the "self"
and "identity". But the parser uses private_users_from_string() which
also accepts "off". Let's drop the implicit support of "off".
|
|
|
|
Otherwise, oomctl shows 0 memory and swap usage when swap monitoring
is not enabled.
=======
$ oomctl
Dry Run: no
Swap Used Limit: 90.00%
Default Memory Pressure Limit: 60.00%
Default Memory Pressure Duration: 20s
System Context:
Memory: Used: 0B Total: 0B
Swap: Used: 0B Total: 0B
Swap Monitored CGroups:
Memory Pressure Monitored CGroups:
...
======
|
|
|
|
Just for readability.
Before:
$ build/systemctl status -n 0 systemd-networkd.service | grep Memory:
Memory: 4.7M (peak: 14.3M swap: 1M swap peak: 1.1M)
After:
$ build/systemctl status -n 0 systemd-networkd.service | grep Memory:
Memory: 4.7M (peak: 14.3M, swap: 1M, swap peak: 1.1M)
|
|
Otherwise, the log is shown even when getting properties.
Even though it is in the debug level, that's quite noisy.
[ 338.785847] TEST-55-OOMD.sh[1624]: Oct 07 16:35:15 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.786985] TEST-55-OOMD.sh[1624]: Oct 07 16:35:17 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.787412] TEST-55-OOMD.sh[1624]: Oct 07 16:35:20 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.791776] TEST-55-OOMD.sh[1624]: Oct 07 16:35:22 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.792938] TEST-55-OOMD.sh[1624]: Oct 07 16:35:24 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.793225] TEST-55-OOMD.sh[1624]: Oct 07 16:35:26 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.793424] TEST-55-OOMD.sh[1624]: Oct 07 16:35:28 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.796448] TEST-55-OOMD.sh[1624]: Oct 07 16:35:31 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.797997] TEST-55-OOMD.sh[1624]: Oct 07 16:35:33 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.799206] TEST-55-OOMD.sh[1624]: Oct 07 16:35:35 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
|
|
The method was added with migration of resources in mind (e.g. process's
allocated memory will follow it to the new scope), however, such a
resource migration is not in cgroup semantics. The method may thus have
the intended users and others could be guided to StartTransientUnit().
Since this API was advertised in a regular release, start the removal
with a deprecation message to callers.
Eventually, the goal is to remove the method to clean up DBus API and
simplify code (removal of cgroup_context_copy()).
Part of DBus docs is retained to satisfy build checks.
|
|
|
|
|
|
Catch up with the nice little toys the kernel fs developers have added
for us. Preferably, let's make use of the new F_DUPFD_QUERY fcntl() call
that checks whether two fds are just duplicates of each other
(duplicates as in dup(), not as in open() of the same inode, i.e.
whether they share a single file offset and so on).
This API is much nicer, since it is a core kernel feature, unlike the
kcmp() call we so far used, which is part of the (optional)
checkpoint/restore stuff.
F_DUPFD_QUERY is available since kernel 6.10.
|
|
It just uses F_GETFD to validate an fd. it's a bit easier to read
though, and handles the < 0 case internally.
|
|
|
