#include <limits.h>
#include <langinfo.h>
#include <locale.h>
+#include <sys/personality.h>
#include <libgen.h>
#undef basename
return s;
}
+int get_process_state(pid_t pid) {
+ const char *p;
+ char state;
+ int r;
+ _cleanup_free_ char *line = NULL;
+
+ assert(pid >= 0);
+
+ p = procfs_file_alloca(pid, "stat");
+ r = read_one_line_file(p, &line);
+ if (r < 0)
+ return r;
+
+ p = strrchr(line, ')');
+ if (!p)
+ return -EIO;
+
+ p++;
+
+ if (sscanf(p, " %c", &state) != 1)
+ return -EIO;
+
+ return (unsigned char) state;
+}
+
int get_process_comm(pid_t pid, char **name) {
const char *p;
int r;
return strnappend(s, suffix, suffix ? strlen(suffix) : 0);
}
-int readlink_malloc(const char *p, char **r) {
+int readlink_malloc(const char *p, char **ret) {
size_t l = 100;
+ int r;
assert(p);
- assert(r);
+ assert(ret);
for (;;) {
char *c;
ssize_t n;
- if (!(c = new(char, l)))
+ c = new(char, l);
+ if (!c)
return -ENOMEM;
- if ((n = readlink(p, c, l-1)) < 0) {
- int ret = -errno;
+ n = readlink(p, c, l-1);
+ if (n < 0) {
+ r = -errno;
free(c);
- return ret;
+ return r;
}
if ((size_t) n < l-1) {
c[n] = 0;
- *r = c;
+ *ret = c;
return 0;
}
}
ssize_t loop_read(int fd, void *buf, size_t nbytes, bool do_poll) {
- uint8_t *p;
+ uint8_t *p = buf;
ssize_t n = 0;
assert(fd >= 0);
assert(buf);
- p = buf;
-
while (nbytes > 0) {
ssize_t k;
- if ((k = read(fd, p, nbytes)) <= 0) {
-
- if (k < 0 && errno == EINTR)
- continue;
-
- if (k < 0 && errno == EAGAIN && do_poll) {
- struct pollfd pollfd = {
- .fd = fd,
- .events = POLLIN,
- };
-
- if (poll(&pollfd, 1, -1) < 0) {
- if (errno == EINTR)
- continue;
+ k = read(fd, p, nbytes);
+ if (k < 0 && errno == EINTR)
+ continue;
- return n > 0 ? n : -errno;
- }
+ if (k < 0 && errno == EAGAIN && do_poll) {
- /* We knowingly ignore the revents value here,
- * and expect that any error/EOF is reported
- * via read()/write()
- */
+ /* We knowingly ignore any return value here,
+ * and expect that any error/EOF is reported
+ * via read() */
- continue;
- }
+ fd_wait_for_event(fd, POLLIN, (usec_t) -1);
+ continue;
+ }
+ if (k <= 0)
return n > 0 ? n : (k < 0 ? -errno : 0);
- }
p += k;
nbytes -= k;
}
ssize_t loop_write(int fd, const void *buf, size_t nbytes, bool do_poll) {
- const uint8_t *p;
+ const uint8_t *p = buf;
ssize_t n = 0;
assert(fd >= 0);
assert(buf);
- p = buf;
-
while (nbytes > 0) {
ssize_t k;
k = write(fd, p, nbytes);
- if (k <= 0) {
-
- if (k < 0 && errno == EINTR)
- continue;
-
- if (k < 0 && errno == EAGAIN && do_poll) {
- struct pollfd pollfd = {
- .fd = fd,
- .events = POLLOUT,
- };
-
- if (poll(&pollfd, 1, -1) < 0) {
- if (errno == EINTR)
- continue;
+ if (k < 0 && errno == EINTR)
+ continue;
- return n > 0 ? n : -errno;
- }
+ if (k < 0 && errno == EAGAIN && do_poll) {
- /* We knowingly ignore the revents value here,
- * and expect that any error/EOF is reported
- * via read()/write()
- */
+ /* We knowingly ignore any return value here,
+ * and expect that any error/EOF is reported
+ * via write() */
- continue;
- }
+ fd_wait_for_event(fd, POLLOUT, (usec_t) -1);
+ continue;
+ }
+ if (k <= 0)
return n > 0 ? n : (k < 0 ? -errno : 0);
- }
p += k;
nbytes -= k;
return dir;
}
-void random_bytes(void *p, size_t n) {
- static bool srand_called = false;
+int dev_urandom(void *p, size_t n) {
_cleanup_close_ int fd;
ssize_t k;
- uint8_t *q;
fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC|O_NOCTTY);
if (fd < 0)
- goto fallback;
+ return errno == ENOENT ? -ENOSYS : -errno;
k = loop_read(fd, p, n, true);
- if (k < 0 || (size_t) k != n)
- goto fallback;
+ if (k < 0)
+ return (int) k;
+ if ((size_t) k != n)
+ return -EIO;
+
+ return 0;
+}
- return;
+void random_bytes(void *p, size_t n) {
+ static bool srand_called = false;
+ uint8_t *q;
+ int r;
+
+ r = dev_urandom(p, n);
+ if (r >= 0)
+ return;
-fallback:
+ /* If some idiot made /dev/urandom unavailable to us, he'll
+ * get a PRNG instead. */
if (!srand_called) {
+ unsigned x = 0;
#ifdef HAVE_SYS_AUXV_H
/* The kernel provides us with a bit of entropy in
auxv = (void*) getauxval(AT_RANDOM);
if (auxv)
- srand(*(unsigned*) auxv);
- else
+ x ^= *(unsigned*) auxv;
#endif
- srand(time(NULL) + gettid());
+ x ^= (unsigned) now(CLOCK_REALTIME);
+ x ^= (unsigned) gettid();
+
+ srand(x);
srand_called = true;
}
- /* If some idiot made /dev/urandom unavailable to us, he'll
- * get a PRNG instead. */
for (q = p; q < (uint8_t*) p + n; q ++)
*q = rand();
}
if (!saved_argv[i])
break;
- memset(saved_argv[i], 0, strlen(saved_argv[i]));
+ memzero(saved_argv[i], strlen(saved_argv[i]));
}
}
}
}
int get_ctty(pid_t pid, dev_t *_devnr, char **r) {
- int k;
- char fn[sizeof("/dev/char/")-1 + 2*DECIMAL_STR_MAX(unsigned) + 1 + 1], *s, *b, *p;
+ char fn[sizeof("/dev/char/")-1 + 2*DECIMAL_STR_MAX(unsigned) + 1 + 1], *b = NULL;
+ _cleanup_free_ char *s = NULL;
+ const char *p;
dev_t devnr;
+ int k;
assert(r);
/* This is an ugly hack */
if (major(devnr) == 136) {
- if (asprintf(&b, "pts/%lu", (unsigned long) minor(devnr)) < 0)
- return -ENOMEM;
-
- *r = b;
- if (_devnr)
- *_devnr = devnr;
-
- return 0;
+ asprintf(&b, "pts/%lu", (unsigned long) minor(devnr));
+ goto finish;
}
/* Probably something like the ptys which have no
* vaguely useful. */
b = strdup(fn + 5);
- if (!b)
- return -ENOMEM;
-
- *r = b;
- if (_devnr)
- *_devnr = devnr;
-
- return 0;
+ goto finish;
}
if (startswith(s, "/dev/"))
p = s;
b = strdup(p);
- free(s);
+finish:
if (!b)
return -ENOMEM;
return r;
}
-int status_welcome(void) {
- _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
- int r;
-
- r = parse_env_file("/etc/os-release", NEWLINE,
- "PRETTY_NAME", &pretty_name,
- "ANSI_COLOR", &ansi_color,
- NULL);
-
- if (r < 0 && r != -ENOENT)
- log_warning("Failed to read /etc/os-release: %s", strerror(-r));
-
- return status_printf(NULL, false, false,
- "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
- isempty(ansi_color) ? "1" : ansi_color,
- isempty(pretty_name) ? "Linux" : pretty_name);
-}
-
char *replace_env(const char *format, char **env) {
enum {
WORD,
}
int pipe_eof(int fd) {
- int r;
struct pollfd pollfd = {
.fd = fd,
.events = POLLIN|POLLHUP,
};
+ int r;
+
r = poll(&pollfd, 1, 0);
if (r < 0)
return -errno;
t[k] = '.';
stpcpy(stpcpy(t+k+1, fn), "XXXXXX");
- fd = mkostemp(t, O_WRONLY|O_CLOEXEC);
+ fd = mkostemp_safe(t, O_WRONLY|O_CLOEXEC);
if (fd < 0) {
free(t);
return -errno;
assert(mode);
assert(_f);
- if (!path_strv_canonicalize_uniq(search))
+ if (!path_strv_canonicalize_absolute_uniq(search, NULL))
return -ENOMEM;
STRV_FOREACH(i, search) {
return NULL;
if (*allocated > prev)
- memset(&q[prev], 0, *allocated - prev);
+ memzero(&q[prev], *allocated - prev);
return q;
}
return true;
}
-void parse_user_at_host(char *arg, char **user, char **host) {
- assert(arg);
- assert(user);
- assert(host);
-
- *host = strchr(arg, '@');
- if (*host == NULL)
- *host = arg;
- else {
- *host[0]++ = '\0';
- *user = arg;
- }
-}
-
int split_pair(const char *s, const char *sep, char **l, char **r) {
char *x, *a, *b;
int r;
if (detect_container(NULL) > 0) {
- char *buf, *p;
+ char *buf = NULL, *p;
size_t sz = 0;
r = read_full_file("/proc/1/cmdline", &buf, &sz);
return 1;
}
+int parse_proc_cmdline(int (*parse_word)(const char *word)) {
+ _cleanup_free_ char *line = NULL;
+ char *w, *state;
+ size_t l;
+ int r;
+
+ r = proc_cmdline(&line);
+ if (r < 0)
+ log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
+ if (r <= 0)
+ return 0;
+
+ FOREACH_WORD_QUOTED(w, l, line, state) {
+ _cleanup_free_ char *word;
+
+ word = strndup(w, l);
+ if (!word)
+ return log_oom();
+
+ r = parse_word(word);
+ if (r < 0) {
+ log_error("Failed on cmdline argument %s: %s", word, strerror(-r));
+ return r;
+ }
+ }
+
+ return 0;
+}
+
int container_get_leader(const char *machine, pid_t *pid) {
_cleanup_free_ char *s = NULL, *class = NULL;
const char *p;
return 0;
}
-bool pid_valid(pid_t pid) {
+bool pid_is_unwaited(pid_t pid) {
+ /* Checks whether a PID is still valid at all, including a zombie */
+
if (pid <= 0)
return false;
return errno != ESRCH;
}
+bool pid_is_alive(pid_t pid) {
+ int r;
+
+ /* Checks whether a PID is still valid and not a zombie */
+
+ if (pid <= 0)
+ return false;
+
+ r = get_process_state(pid);
+ if (r == -ENOENT || r == 'Z')
+ return false;
+
+ return true;
+}
+
int getpeercred(int fd, struct ucred *ucred) {
socklen_t n = sizeof(struct ucred);
struct ucred u;
*ret = s;
return 0;
}
+
+/* This is much like like mkostemp() but is subject to umask(). */
+int mkostemp_safe(char *pattern, int flags) {
+ _cleanup_umask_ mode_t u;
+ int fd;
+
+ assert(pattern);
+
+ u = umask(077);
+
+ fd = mkostemp(pattern, flags);
+ if (fd < 0)
+ return -errno;
+
+ return fd;
+}
+
+int open_tmpfile(const char *path, int flags) {
+ char *p;
+ int fd;
+
+ assert(path);
+
+#ifdef O_TMPFILE
+ /* Try O_TMPFILE first, if it is supported */
+ fd = open(path, flags|O_TMPFILE, S_IRUSR|S_IWUSR);
+ if (fd >= 0)
+ return fd;
+#endif
+
+ /* Fall back to unguessable name + unlinking */
+ p = strappenda(path, "/systemd-tmp-XXXXXX");
+
+ fd = mkostemp_safe(p, flags);
+ if (fd < 0)
+ return fd;
+
+ unlink(p);
+ return fd;
+}
+
+int fd_warn_permissions(const char *path, int fd) {
+ struct stat st;
+
+ if (fstat(fd, &st) < 0)
+ return -errno;
+
+ if (st.st_mode & 0111)
+ log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path);
+
+ if (st.st_mode & 0002)
+ log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path);
+
+ if (getpid() == 1 && (st.st_mode & 0044) != 0044)
+ log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path);
+
+ return 0;
+}
+
+unsigned long personality_from_string(const char *p) {
+
+ /* Parse a personality specifier. We introduce our own
+ * identifiers that indicate specific ABIs, rather than just
+ * hints regarding the register size, since we want to keep
+ * things open for multiple locally supported ABIs for the
+ * same register size. We try to reuse the ABI identifiers
+ * used by libseccomp. */
+
+#if defined(__x86_64__)
+
+ if (streq(p, "x86"))
+ return PER_LINUX32;
+
+ if (streq(p, "x86-64"))
+ return PER_LINUX;
+
+#elif defined(__i386__)
+
+ if (streq(p, "x86"))
+ return PER_LINUX;
+#endif
+
+ /* personality(7) documents that 0xffffffffUL is used for
+ * querying the current personality, hence let's use that here
+ * as error indicator. */
+ return 0xffffffffUL;
+}
+
+const char* personality_to_string(unsigned long p) {
+
+#if defined(__x86_64__)
+
+ if (p == PER_LINUX32)
+ return "x86";
+
+ if (p == PER_LINUX)
+ return "x86-64";
+
+#elif defined(__i386__)
+
+ if (p == PER_LINUX)
+ return "x86";
+#endif
+
+ return NULL;
+}