hwclock: do not seal the kernel's time-warp call from inside the initrd

[elogind.git] / src / core / dbus-execute.c

diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
index ef55ef12b977f9df2c7552cf918d6fa13645c52a..e815cb58e4817a23bb01bd2362be25b1f40b9945 100644 (file)
--- a/src/core/dbus-execute.c
+++ b/src/core/dbus-execute.c
@@ -28,8 +28,7 @@
 #include "ioprio.h"
 #include "strv.h"
 #include "dbus-common.h"
-
-DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_execute_append_kill_mode, kill_mode, KillMode);
+#include "syscall-list.h"
 
 DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_execute_append_input, exec_input, ExecInput);
 DEFINE_BUS_PROPERTY_APPEND_ENUM(bus_execute_append_output, exec_output, ExecOutput);
@@ -83,14 +82,6 @@ int bus_execute_append_oom_score_adjust(DBusMessageIter *i, const char *property
                 if (read_one_line_file("/proc/self/oom_score_adj", &t) >= 0) {
                         safe_atoi(t, &n);
                         free(t);
-                } else if (read_one_line_file("/proc/self/oom_adj", &t) >= 0) {
-                        safe_atoi(t, &n);
-                        free(t);
-
-                        if (n == OOM_ADJUST_MAX)
-                                n = OOM_SCORE_ADJ_MAX;
-                        else
-                                n = (n * OOM_SCORE_ADJ_MAX) / -OOM_DISABLE;
                 }
         }
 
@@ -216,7 +207,7 @@ int bus_execute_append_timer_slack_nsec(DBusMessageIter *i, const char *property
         assert(property);
         assert(c);
 
-        if (c->timer_slack_nsec_set)
+        if (c->timer_slack_nsec != (nsec_t) -1)
                 u = (uint64_t) c->timer_slack_nsec;
         else
                 u = (uint64_t) prctl(PR_GET_TIMERSLACK);
@@ -356,6 +347,32 @@ int bus_execute_append_command(DBusMessageIter *i, const char *property, void *d
         return 0;
 }
 
+int bus_execute_append_syscall_filter(DBusMessageIter *i, const char *property, void *data) {
+        ExecContext *c = data;
+        dbus_bool_t b;
+        DBusMessageIter sub;
+
+        assert(i);
+        assert(property);
+        assert(c);
+
+        if (!dbus_message_iter_open_container(i, DBUS_TYPE_ARRAY, "u", &sub))
+                return -ENOMEM;
+
+        if (c->syscall_filter)
+                b = dbus_message_iter_append_fixed_array(&sub, DBUS_TYPE_UINT32, &c->syscall_filter, (syscall_max() + 31) >> 4);
+        else
+                b = dbus_message_iter_append_fixed_array(&sub, DBUS_TYPE_UINT32, &c->syscall_filter, 0);
+
+        if (!b)
+                return -ENOMEM;
+
+        if (!dbus_message_iter_close_container(i, &sub))
+                return -ENOMEM;
+
+        return 0;
+}
+
 const BusProperty bus_exec_context_properties[] = {
         { "Environment",              bus_property_append_strv,             "as", offsetof(ExecContext, environment),            true },
         { "EnvironmentFiles",         bus_execute_append_env_files,      "a(sb)", offsetof(ExecContext, environment_files),      true },
@@ -412,11 +429,11 @@ const BusProperty bus_exec_context_properties[] = {
         { "PrivateTmp",               bus_property_append_bool,              "b", offsetof(ExecContext, private_tmp)                  },
         { "PrivateNetwork",           bus_property_append_bool,              "b", offsetof(ExecContext, private_network)              },
         { "SameProcessGroup",         bus_property_append_bool,              "b", offsetof(ExecContext, same_pgrp)                    },
-        { "KillMode",                 bus_execute_append_kill_mode,          "s", offsetof(ExecContext, kill_mode)                    },
-        { "KillSignal",               bus_property_append_int,               "i", offsetof(ExecContext, kill_signal)                  },
         { "UtmpIdentifier",           bus_property_append_string,            "s", offsetof(ExecContext, utmp_id),                true },
         { "ControlGroupModify",       bus_property_append_bool,              "b", offsetof(ExecContext, control_group_modify)         },
         { "ControlGroupPersistent",   bus_property_append_tristate_false,    "b", offsetof(ExecContext, control_group_persistent)     },
-        { "IgnoreSIGPIPE",            bus_property_append_bool,              "b", offsetof(ExecContext, ignore_sigpipe          )     },
+        { "IgnoreSIGPIPE",            bus_property_append_bool,              "b", offsetof(ExecContext, ignore_sigpipe)               },
+        { "NoNewPrivileges",          bus_property_append_bool,              "b", offsetof(ExecContext, no_new_privileges)            },
+        { "SystemCallFilter",         bus_execute_append_syscall_filter,    "au", 0                                                   },
         { NULL, }
 };