From 622973b19c42f11a44367d02fadb48c9e2c1c8f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 29 Apr 2025 14:47:59 +0200 Subject: [PATCH 1/5] coredump: restore compatibility with older patterns This was broken in f45b8015513d38ee5f7cc361db9c5b88c9aae704. Unfortunately the review does not talk about backward compatibility at all. There are two places where it matters: - During upgrades, the replacement of kernel.core_pattern is asynchronous. For example, during rpm upgrades, it would be updated a post-transaction file trigger. In other scenarios, the update might only happen after reboot. We have a potentially long window where the old pattern is in place. We need to capture coredumps during upgrades too. - With --backtrace. The interface of --backtrace, in hindsight, is not great. But there are users of --backtrace which were written to use a specific set of arguments, and we can't just break compatiblity. One example is systemd-coredump-python, but there are also reports of users using --backtrace to generate coredump logs. Thus, we require the original set of args, and will use the additional args if found. A test is added to verify that --backtrace works with and without the optional args. (cherry picked from commit ded0aac389e647d35bce7ec4a48e718d77c0435b) (cherry picked from commit f9b8b75c11bba9b63096904be98cc529c304eb97) (cherry picked from commit 385a33b043406ad79a7207f3906c3b15192a3333) (cherry picked from commit c6f79626b6d175c6a5b62b8c5d957a83eb882301) --- src/coredump/coredump.c | 21 ++++++++++++++------- test/units/testsuite-74.coredump.sh | 18 +++++++++++------- 2 files changed, 25 insertions(+), 14 deletions(-) diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c index 117b84f9f36..0054ae5031c 100644 --- a/src/coredump/coredump.c +++ b/src/coredump/coredump.c @@ -93,8 +93,12 @@ enum { META_ARGV_SIGNAL, /* %s: number of signal causing dump */ META_ARGV_TIMESTAMP, /* %t: time of dump, expressed as seconds since the Epoch (we expand this to μs granularity) */ META_ARGV_RLIMIT, /* %c: core file size soft resource limit */ - META_ARGV_HOSTNAME, /* %h: hostname */ + _META_ARGV_REQUIRED, + /* The fields below were added to kernel/core_pattern at later points, so they might be missing. */ + META_ARGV_HOSTNAME = _META_ARGV_REQUIRED, /* %h: hostname */ _META_ARGV_MAX, + /* If new fields are added, they should be added here, to maintain compatibility + * with callers which don't know about the new fields. */ /* The following indexes are cached for a couple of special fields we use (and * thereby need to be retrieved quickly) for naming coredump files, and attaching @@ -105,7 +109,7 @@ enum { _META_MANDATORY_MAX, /* The rest are similar to the previous ones except that we won't fail if one of - * them is missing. */ + * them is missing in a message sent over the socket. */ META_EXE = _META_MANDATORY_MAX, META_UNIT, @@ -1220,14 +1224,17 @@ static int gather_pid_metadata_from_argv( char *t; /* We gather all metadata that were passed via argv[] into an array of iovecs that - * we'll forward to the socket unit */ + * we'll forward to the socket unit. + * + * We require at least _META_ARGV_REQUIRED args, but will accept more. + * We know how to parse _META_ARGV_MAX args. The rest will be ignored. */ - if (argc < _META_ARGV_MAX) + if (argc < _META_ARGV_REQUIRED) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), - "Not enough arguments passed by the kernel (%i, expected %i).", - argc, _META_ARGV_MAX); + "Not enough arguments passed by the kernel (%i, expected between %i and %i).", + argc, _META_ARGV_REQUIRED, _META_ARGV_MAX); - for (int i = 0; i < _META_ARGV_MAX; i++) { + for (int i = 0; i < MIN(argc, _META_ARGV_MAX); i++) { t = argv[i]; diff --git a/test/units/testsuite-74.coredump.sh b/test/units/testsuite-74.coredump.sh index d30fd737172..6a89cbf208d 100755 --- a/test/units/testsuite-74.coredump.sh +++ b/test/units/testsuite-74.coredump.sh @@ -156,14 +156,18 @@ rm -f /tmp/core.{output,redirected} (! "${UNPRIV_CMD[@]}" coredumpctl dump "$CORE_TEST_BIN" >/dev/null) # --backtrace mode -# Pass one of the existing journal coredump records to systemd-coredump and -# use our PID as the source to make matching the coredump later easier -# systemd-coredump args: PID UID GID SIGNUM TIMESTAMP CORE_SOFT_RLIMIT HOSTNAME +# Pass one of the existing journal coredump records to systemd-coredump. +# Use our PID as the source to be able to create a PIDFD and to make matching easier. +# systemd-coredump args: PID UID GID SIGNUM TIMESTAMP CORE_SOFT_RLIMIT [HOSTNAME] journalctl -b -n 1 --output=export --output-fields=MESSAGE,COREDUMP COREDUMP_EXE="/usr/bin/test-dump" | - /usr/lib/systemd/systemd-coredump --backtrace $$ 0 0 6 1679509994 12345 mymachine -# Wait a bit for the coredump to get processed -timeout 30 bash -c "while [[ \$(coredumpctl list -q --no-legend $$ | wc -l) -eq 0 ]]; do sleep 1; done" -coredumpctl info "$$" + /usr/lib/systemd/systemd-coredump --backtrace $$ 0 0 6 1679509900 12345 +journalctl -b -n 1 --output=export --output-fields=MESSAGE,COREDUMP COREDUMP_EXE="/usr/bin/test-dump" | + /usr/lib/systemd/systemd-coredump --backtrace $$ 0 0 6 1679509901 12345 mymachine +# Wait a bit for the coredumps to get processed +timeout 30 bash -c "while [[ \$(coredumpctl list -q --no-legend $$ | wc -l) -lt 2 ]]; do sleep 1; done" +coredumpctl info $$ +coredumpctl info COREDUMP_TIMESTAMP=1679509900000000 +coredumpctl info COREDUMP_TIMESTAMP=1679509901000000 coredumpctl info COREDUMP_HOSTNAME="mymachine" # This used to cause a stack overflow From 2eac3c27abe5a148453aeb993f7e3a14c79f9ebb Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Fri, 9 May 2025 16:33:12 +0900 Subject: [PATCH 2/5] TEST-73-LOCALE: skip lv keymap and friends The following failure should be in libxkbcommon and/or sanitizer. There is nothing we can do here. Let's skip it. ``` TEST-73-LOCALE.sh[3733]: + assert_rc 0 localectl set-keymap lv TEST-73-LOCALE.sh[6699]: + set +ex TEST-73-LOCALE.sh[6700]: Failed to set keymap: Remote peer disconnected TEST-73-LOCALE.sh[6703]: FAIL: expected: '0' actual: '1' TEST-73-LOCALE.sh[157]: + rm -f /etc/dbus-1/system.d/systemd-localed-read-only.conf [FAILED] Failed to start TEST-73-LOCALE.service - TEST-73-LOCALE. ``` ``` ==3719==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7fa51f161000 at pc 0x7fa521250be4 bp 0x7ffe49130a80 sp 0x7ffe49130240 READ of size 19126 at 0x7fa51f161000 thread T0 #0 0x7fa521250be3 in strndup (/usr/lib/clang/20/lib/x86_64-redhat-linux-gnu/libclang_rt.asan.so+0x50be3) (BuildId: aa6231e817f72469c44a6c6cee9f0694a87db7fb) #1 0x7fa51f128325 (/lib64/libxkbcommon.so.0+0x1c325) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #2 0x7fa51f121952 (/lib64/libxkbcommon.so.0+0x15952) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #3 0x7fa51f123d3a (/lib64/libxkbcommon.so.0+0x17d3a) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #4 0x7fa51f117c86 (/lib64/libxkbcommon.so.0+0xbc86) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #5 0x7fa51f12548f (/lib64/libxkbcommon.so.0+0x1948f) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #6 0x7fa51f125c9e (/lib64/libxkbcommon.so.0+0x19c9e) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #7 0x7fa51f126a59 (/lib64/libxkbcommon.so.0+0x1aa59) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #8 0x7fa51f12cec6 (/lib64/libxkbcommon.so.0+0x20ec6) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #9 0x7fa51f12e3c2 (/lib64/libxkbcommon.so.0+0x223c2) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #10 0x7fa51f12a4e5 in xkb_keymap_new_from_names (/lib64/libxkbcommon.so.0+0x1e4e5) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #11 0x5574dd63f864 in verify_xkb_rmlvo /usr/src/debug/systemd/src/locale/xkbcommon-util.c:69:14 (snip) ``` (cherry picked from commit 18609909d93a4d17e962b47e51fffe38845e99f5) (cherry picked from commit 5d7d60b8dd01282adbe89084b479a51aaff4cf47) (cherry picked from commit 0c27a6f4b40d0e888cd93aa6120e379c88b8e0c4) (cherry picked from commit 630ed0c464dc90519a3dff945ddf7f63f4a51633) --- test/units/testsuite-73.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/test/units/testsuite-73.sh b/test/units/testsuite-73.sh index 2e11ce2c511..f78295ba93a 100755 --- a/test/units/testsuite-73.sh +++ b/test/units/testsuite-73.sh @@ -240,6 +240,10 @@ testcase_vc_keymap() { for i in $(localectl list-keymaps); do # set VC keymap + + # Skip lv keymap and friends, otherwise the sanitizer detects heap-buffer-overflow in libxkbcommon. + [[ "$i" =~ ^lv ]] && continue + assert_rc 0 localectl set-keymap "$i" output=$(localectl) From 85b9cc1cb5b73c6cb98abc997f23f9d803f49f28 Mon Sep 17 00:00:00 2001 From: TheHillBright <150074496+TheHillBright@users.noreply.github.com> Date: Wed, 21 May 2025 18:38:12 +0800 Subject: [PATCH 3/5] journald: clarify doc for usage-related values cap (#37528) The old description makes users wrongly assume that the cap of 4G applied, even when the user specifies a value that will result in higher than 4G. This commit avoids this misunderstanding. (cherry picked from commit 33084145315029775748a89da836465783d65bb3) (cherry picked from commit 137d765b2d01dc93a0ec182654ddf4b9b4114bcf) (cherry picked from commit a7490f121fbecf34d2201d40c238073e1263009c) (cherry picked from commit ceb2d2e3c4d38c284869718db2c33bd227589c1f) --- man/journald.conf.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/man/journald.conf.xml b/man/journald.conf.xml index a8f7f038200..6f5224b174f 100644 --- a/man/journald.conf.xml +++ b/man/journald.conf.xml @@ -260,7 +260,7 @@ and use the smaller of the two values. The first pair defaults to 10% and the second to 15% of - the size of the respective file system, but each value is + the size of the respective file system, but each of the calculated default values is capped to 4G. If the file system is nearly full and either SystemKeepFree= or RuntimeKeepFree= are violated when From 07ecbd728c19be03fdcb61cff6e8fe8a1599c446 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 23 May 2025 12:15:45 +0200 Subject: [PATCH 4/5] homed: generate proper error if we cannot create mountpoint for homedir Let's make this easier to debug. (When this failed for me due to disk full it took me a bit to figure out what was going on.) (cherry picked from commit 5b759bf5fd3a915a5b4756590caff7faf43a9693) (cherry picked from commit 8158c87c36d5725818a2a9cda4270b8839553f86) (cherry picked from commit 6d33cf046a2064dd11ca9a1ee6d8f2d2356f4f10) (cherry picked from commit 756d41dac616e72e45a2b19b24305277c5efbd1f) --- src/home/homework-mount.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/home/homework-mount.c b/src/home/homework-mount.c index 28f09b939fe..97e26b9d7e0 100644 --- a/src/home/homework-mount.c +++ b/src/home/homework-mount.c @@ -142,7 +142,9 @@ int home_move_mount(const char *mount_suffix, const char *target) { } else d = HOME_RUNTIME_WORK_DIR; - (void) mkdir_p(target, 0700); + r = mkdir_p(target, 0700); + if (r < 0) + return log_error_errno(r, "Failed to create directory '%s': %m", target); r = mount_nofollow_verbose(LOG_ERR, d, target, NULL, MS_BIND, NULL); if (r < 0) From 6acddd350bca71e35f1a59eb5311560b24f14eb7 Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Tue, 27 May 2025 14:56:32 +0100 Subject: [PATCH 5/5] test: fix test_qdisc_tbf regex with iproute2 v6.15 iproute2 v6.15 fixed some rounding errors in the reported stats: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=d947f365602b30657d1b797e7464000d0ab88d5a so the current regex doesn't work anymore. Fix it to check for both old and new values. systemd-networkd-tests.py[523]: FAIL: test_qdisc_tbf (__main__.NetworkdTCTests.test_qdisc_tbf) systemd-networkd-tests.py[523]: ---------------------------------------------------------------------- systemd-networkd-tests.py[523]: Traceback (most recent call last): systemd-networkd-tests.py[523]: File "/usr/lib/systemd/tests/testdata/test-network/systemd-networkd-tests.py", line 5402, in test_qdisc_tbf systemd-networkd-tests.py[523]: self.assertRegex(output, 'rate 1Gbit burst 5000b peakrate 100Gbit minburst 987500b lat 70(.0)?ms') systemd-networkd-tests.py[523]: ~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ systemd-networkd-tests.py[523]: AssertionError: Regex didn't match: 'rate 1Gbit burst 5000b peakrate 100Gbit minburst 987500b lat 70(.0)?ms' not found in 'qdisc tbf 35: root refcnt 2 rate 1Gbit burst 5000b peakrate 100Gbit minburst 999200b lat 70ms \nqdisc pfifo 37: parent 35: limit 100000p' (cherry picked from commit f9a85b74903f5588d08f54ea7d9b53edc639b824) (cherry picked from commit 6e67969b10d111177f72a53f9f7158bf9f14d2a3) (cherry picked from commit 587f84aad9628733d31a9be0ce78f43ba3e1c3d6) (cherry picked from commit 3d68612d164fc524415560eaf44e626b1458bc0b) --- test/test-network/systemd-networkd-tests.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py index f3a79b1f1fc..4199cc0170d 100755 --- a/test/test-network/systemd-networkd-tests.py +++ b/test/test-network/systemd-networkd-tests.py @@ -3954,7 +3954,7 @@ def test_qdisc_tbf(self): output = check_output('tc qdisc show dev dummy98') print(output) self.assertRegex(output, 'qdisc tbf 35: root') - self.assertRegex(output, 'rate 1Gbit burst 5000b peakrate 100Gbit minburst 987500b lat 70(.0)?ms') + self.assertRegex(output, 'rate 1Gbit burst 5000b peakrate 100Gbit minburst (987500b|999200b) lat 70(.0)?ms') @expectedFailureIfModuleIsNotAvailable('sch_teql') def test_qdisc_teql(self):