From c988ef4cf435ffa50dc9d10d9b0e55d5685ac7b1 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 11:28:26 +0100 Subject: [PATCH 01/16] coccinelle: rework how we run the Coccinelle transformations Turns out that the original way we did things was quite broken, as it skipped a _lot_ of code. This was because we just threw everything into one pile and tried to spatch it, but this made Coccinelle sad, like when man page examples redefined some of our macros, causing typedef conflicts. For example, with a minimal reproducer that defines a cleanup macro in two source files, Coccinelle has no issues when spatch-ing each one separately: $ spatch --verbose-parsing --sp-file zz-drop-braces.cocci main.c init_defs_builtins: /usr/lib64/coccinelle/standard.h HANDLING: main.c SPECIAL NAMES: adding _cleanup_ as a attribute with arguments SPECIAL NAMES: adding _cleanup_free_ as a attribute $ spatch --verbose-parsing --sp-file zz-drop-braces.cocci logcontrol-example.c init_defs_builtins: /usr/lib64/coccinelle/standard.h HANDLING: logcontrol-example.c SPECIAL NAMES: adding _cleanup_ as a attribute with arguments But when you try to spatch both of them at once, Coccinelle starts complaining and skipping the "bad" code: $ spatch --verbose-parsing --sp-file zz-drop-braces.cocci main.c logcontrol-example.c init_defs_builtins: /usr/lib64/coccinelle/standard.h HANDLING: main.c logcontrol-example.c SPECIAL NAMES: adding _cleanup_ as a attribute with arguments SPECIAL NAMES: adding _cleanup_free_ as a attribute remapping: _cleanup_ to an ident in macro name ERROR-RECOV: found sync end of #define, line 44 parsing pass2: try again ERROR-RECOV: found sync end of #define, line 44 parse error = File "logcontrol-example.c", line 44, column 21, charpos = 1719 around = '__attribute__', whole content = #define _cleanup_(f) __attribute__((cleanup(f))) badcount: 2 bad: #include bad: BAD:!!!!! #define _cleanup_(f) __attribute__((cleanup(f))) This was, unfortunately, hidden as it is visible only with --verbose-parsing (or --parse-error-msg). Another issue was how we handled includes. The original way of throwing them into the pile of source files doesn't really work, leading up to similar issues as above. The better way is to let Coccinelle properly resolve all includes by telling it where to find our own include files (basically the same thing we already do during compilation). After fixing all this, Coccinelle now has a chance to process much more of our code (there are still some issues in more complex macros, but that requires further investigation). However, there's a huge downside from all of this - doing a _proper_ code analysis is surprisingly time and resource heavy; meaning that processing just one Coccinelle rule now takes 15 - 30 minutes. To make this slightly less painful, Coccinelle supports caching the generated ASTs, which actually helps a lot - it gets the runtime of one rule from 15 - 30 minutes down to ~1 minute. It, of course, has its own downside - the cache is _really_ big (ATTOW the cache takes ~15 GiB). However, even with the aggressive AST caching you're still looking at ~1 hour for one full Coccinelle run, which is a bit annoying, but I guess that's the price of doing things _properly_ (but I'll definitely look into ways of further optimizing this). --- coccinelle/run-coccinelle.sh | 51 +++++++++++++++++++++++++++++++++--- 1 file changed, 47 insertions(+), 4 deletions(-) diff --git a/coccinelle/run-coccinelle.sh b/coccinelle/run-coccinelle.sh index cd951790b9d..bb72a493f08 100755 --- a/coccinelle/run-coccinelle.sh +++ b/coccinelle/run-coccinelle.sh @@ -2,6 +2,14 @@ # SPDX-License-Identifier: LGPL-2.1-or-later set -e +# FIXME: +# - Coccinelle doesn't like our TEST() macros, which then causes name conflicts; i.e. Cocci can't process +# that TEST(xsetxattr) yields test_xsetxattr() and uses just xsetxattr() in this case, which then conflicts +# with the tested xsetxattr() function, leading up to the whole test case getting skipped due to +# conflicting typedefs +# - something keeps pulling in src/boot/efi/*.h stuff, even though it's excluded +# - Coccinelle has issues with some of our more complex macros + # Exclude following paths from the Coccinelle transformations EXCLUDED_PATHS=( "src/boot/efi/*" @@ -10,13 +18,17 @@ EXCLUDED_PATHS=( # Symlinked to test-bus-vtable-cc.cc, which causes issues with the IN_SET macro "src/libsystemd/sd-bus/test-bus-vtable.c" "src/libsystemd/sd-journal/lookup3.c" + # Ignore man examples, as they redefine some macros we use internally, which makes Coccinelle complain + # and ignore code that tries to use the redefined stuff + "man/*" ) TOP_DIR="$(git rev-parse --show-toplevel)" +CACHE_DIR="$(dirname "$0")/.coccinelle-cache" ARGS=() # Create an array from files tracked by git... -mapfile -t FILES < <(git ls-files ':/*.[ch]') +mapfile -t FILES < <(git ls-files ':/*.c') # ...and filter everything that matches patterns from EXCLUDED_PATHS for excl in "${EXCLUDED_PATHS[@]}"; do # shellcheck disable=SC2206 @@ -37,12 +49,43 @@ fi [[ ${#@} -ne 0 ]] && SCRIPTS=("$@") || SCRIPTS=("$TOP_DIR"/coccinelle/*.cocci) +mkdir -p "$CACHE_DIR" +echo "--x-- Using Coccinelle cache directory: $CACHE_DIR" +echo "--x--" +echo "--x-- Note: running spatch for the first time without populated cache takes" +echo "--x-- a _long_ time (15-30 minutes). Also, the cache is quite large" +echo "--x-- (~15 GiB), so make sure you have enough free space." +echo + for script in "${SCRIPTS[@]}"; do echo "--x-- Processing $script --x--" TMPFILE="$(mktemp)" echo "+ spatch --sp-file $script ${ARGS[*]} ..." - parallel --halt now,fail=1 --keep-order --noswap --max-args=20 \ - spatch --macro-file="$TOP_DIR/coccinelle/macros.h" --smpl-spacing --sp-file "$script" "${ARGS[@]}" ::: "${FILES[@]}" \ - 2>"$TMPFILE" || cat "$TMPFILE" + # A couple of notes: + # + # 1) Limit this to 10 files at once, as processing the ASTs is _very_ memory hungry - e.g. with 20 files + # at once one spatch process can take around 2.5 GiB of RAM, which can easily eat up all available RAM + # when paired together with parallel + # + # 2) Make sure spatch can find our includes via -I , similarly as we do when compiling stuff + # + # 3) Make sure to include includes from includes (--recursive-includes), but use them only to get type + # definitions (--include-headers-for-types) - otherwise we'd start formating them as well, which might be + # unwanted, especially for includes we fetch verbatim from third-parties + # + # 4) Use cache, since generating the full AST is _very_ expensive, i.e. the uncached run takes 15 - 30 + # minutes (for one rule(!)), vs 30 - 90 seconds when the cache is populated. One major downside of the + # cache is that it's quite big - ATTOW the cache takes around 15 GiB, but the performance boost is + # definitely worth it + parallel --halt now,fail=1 --keep-order --noswap --max-args=10 \ + spatch --cache-prefix "$CACHE_DIR" \ + -I src \ + --recursive-includes \ + --include-headers-for-types \ + --smpl-spacing \ + --sp-file "$script" \ + "${ARGS[@]}" ::: "${FILES[@]}" \ + 2>"$TMPFILE" || cat "$TMPFILE" + rm -f "$TMPFILE" echo -e "--x-- Processed $script --x--\n" done From 6688db4194a83954f03ab952891aca5c483e63a3 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 11:43:02 +0100 Subject: [PATCH 02/16] coccinelle: fix the log-json rule As it generated very questionable results. --- coccinelle/log-json.cocci | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/coccinelle/log-json.cocci b/coccinelle/log-json.cocci index d184e565845..c941706c641 100644 --- a/coccinelle/log-json.cocci +++ b/coccinelle/log-json.cocci @@ -3,7 +3,6 @@ expression e, v, flags; expression list args; @@ -+ return - json_log(v, flags, 0, args); -+ json_log(v, flags, SYNTHETIC_ERRNO(e), args); - return -e; ++ return json_log(v, flags, SYNTHETIC_ERRNO(e), args); From fcd2db31c03e717d9f3b66f52af06ce60de46add Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 11:43:27 +0100 Subject: [PATCH 03/16] coccinelle: properly drop braces around single-statement if()s --- coccinelle/zz-drop-braces.cocci | 25 +++++-------------------- 1 file changed, 5 insertions(+), 20 deletions(-) diff --git a/coccinelle/zz-drop-braces.cocci b/coccinelle/zz-drop-braces.cocci index 8c3be01c1f7..7a3382c9a7b 100644 --- a/coccinelle/zz-drop-braces.cocci +++ b/coccinelle/zz-drop-braces.cocci @@ -1,28 +1,13 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ @@ position p : script:python() { p[0].file != "src/journal/lookup3.c" }; -identifier id; -expression e; +expression e,e1; @@ -if (...) -- { +- if (e) { ++ if (e) ( - id@p(...); + e1@p; | - e@p; -) -- } - -@@ -position p : script:python() { p[0].file != "src/journal/lookup3.c" }; -identifier id; -expression e; -@@ -if (...) -- { -( - return id@p(...); -| - return e@p; + return e1@p; ) - } From 0a6a59650e63ce98c025023de5b39ba98c5aa822 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 11:46:28 +0100 Subject: [PATCH 04/16] tree-wide: drop !! casts to booleans --- src/libsystemd/sd-bus/bus-message.c | 2 +- src/libsystemd/sd-bus/bus-socket.c | 2 +- src/libsystemd/sd-bus/sd-bus.c | 20 ++++++++++---------- src/libsystemd/sd-event/sd-event.c | 2 +- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c index ff0228081fe..5ac90223ffd 100644 --- a/src/libsystemd/sd-bus/bus-message.c +++ b/src/libsystemd/sd-bus/bus-message.c @@ -627,7 +627,7 @@ static int message_new_reply( return r; } - t->dont_send = !!(call->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED); + t->dont_send = FLAGS_SET(call->header->flags, BUS_MESSAGE_NO_REPLY_EXPECTED); t->enforced_reply_signature = call->enforced_reply_signature; /* let's copy the sensitive flag over. Let's do that as a safety precaution to keep a transaction diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c index 3c59d0d6152..718709f0b24 100644 --- a/src/libsystemd/sd-bus/bus-socket.c +++ b/src/libsystemd/sd-bus/bus-socket.c @@ -217,7 +217,7 @@ static int bus_socket_auth_verify_client(sd_bus *b) { /* And possibly check the third line, too */ if (b->accept_fd) { l = lines[i++]; - b->can_fds = !!memory_startswith(l, lines[i] - l, "AGREE_UNIX_FD"); + b->can_fds = memory_startswith(l, lines[i] - l, "AGREE_UNIX_FD"); } assert(i == n); diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c index 4a0259f8bbd..f036a49c644 100644 --- a/src/libsystemd/sd-bus/sd-bus.c +++ b/src/libsystemd/sd-bus/sd-bus.c @@ -321,7 +321,7 @@ _public_ int sd_bus_set_bus_client(sd_bus *bus, int b) { assert_return(!bus->patch_sender, -EPERM); assert_return(!bus_origin_changed(bus), -ECHILD); - bus->bus_client = !!b; + bus->bus_client = b; return 0; } @@ -331,7 +331,7 @@ _public_ int sd_bus_set_monitor(sd_bus *bus, int b) { assert_return(bus->state == BUS_UNSET, -EPERM); assert_return(!bus_origin_changed(bus), -ECHILD); - bus->is_monitor = !!b; + bus->is_monitor = b; return 0; } @@ -341,7 +341,7 @@ _public_ int sd_bus_negotiate_fds(sd_bus *bus, int b) { assert_return(bus->state == BUS_UNSET, -EPERM); assert_return(!bus_origin_changed(bus), -ECHILD); - bus->accept_fd = !!b; + bus->accept_fd = b; return 0; } @@ -353,7 +353,7 @@ _public_ int sd_bus_negotiate_timestamp(sd_bus *bus, int b) { /* This is not actually supported by any of our transports these days, but we do honour it for synthetic * replies, and maybe one day classic D-Bus learns this too */ - bus->attach_timestamp = !!b; + bus->attach_timestamp = b; return 0; } @@ -380,7 +380,7 @@ _public_ int sd_bus_set_server(sd_bus *bus, int b, sd_id128_t server_id) { assert_return(bus->state == BUS_UNSET, -EPERM); assert_return(!bus_origin_changed(bus), -ECHILD); - bus->is_server = !!b; + bus->is_server = b; bus->server_id = server_id; return 0; } @@ -391,7 +391,7 @@ _public_ int sd_bus_set_anonymous(sd_bus *bus, int b) { assert_return(bus->state == BUS_UNSET, -EPERM); assert_return(!bus_origin_changed(bus), -ECHILD); - bus->anonymous_auth = !!b; + bus->anonymous_auth = b; return 0; } @@ -401,7 +401,7 @@ _public_ int sd_bus_set_trusted(sd_bus *bus, int b) { assert_return(bus->state == BUS_UNSET, -EPERM); assert_return(!bus_origin_changed(bus), -ECHILD); - bus->trusted = !!b; + bus->trusted = b; return 0; } @@ -419,7 +419,7 @@ _public_ int sd_bus_set_allow_interactive_authorization(sd_bus *bus, int b) { assert_return(bus = bus_resolve(bus), -ENOPKG); assert_return(!bus_origin_changed(bus), -ECHILD); - bus->allow_interactive_authorization = !!b; + bus->allow_interactive_authorization = b; return 0; } @@ -437,7 +437,7 @@ _public_ int sd_bus_set_watch_bind(sd_bus *bus, int b) { assert_return(bus->state == BUS_UNSET, -EPERM); assert_return(!bus_origin_changed(bus), -ECHILD); - bus->watch_bind = !!b; + bus->watch_bind = b; return 0; } @@ -455,7 +455,7 @@ _public_ int sd_bus_set_connected_signal(sd_bus *bus, int b) { assert_return(bus->state == BUS_UNSET, -EPERM); assert_return(!bus_origin_changed(bus), -ECHILD); - bus->connected_signal = !!b; + bus->connected_signal = b; return 0; } diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c index 288798a0dcc..f18276c3f00 100644 --- a/src/libsystemd/sd-event/sd-event.c +++ b/src/libsystemd/sd-event/sd-event.c @@ -5038,7 +5038,7 @@ _public_ int sd_event_set_watchdog(sd_event *e, int b) { } } - e->watchdog = !!b; + e->watchdog = b; return e->watchdog; fail: From f51aec74c9b1de5936b39ce728fc9d756759a60e Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 11:52:39 +0100 Subject: [PATCH 05/16] tree-wide: shorten a couple of ternary expressions --- src/journal-remote/journal-gatewayd.c | 2 +- src/shared/tpm2-util.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/journal-remote/journal-gatewayd.c b/src/journal-remote/journal-gatewayd.c index ad1c46ac6ca..d88436018c7 100644 --- a/src/journal-remote/journal-gatewayd.c +++ b/src/journal-remote/journal-gatewayd.c @@ -879,7 +879,7 @@ static int request_handler_machine( SD_ID128_FORMAT_VAL(bid), hostname_cleanup(hostname), os_release_pretty_name(pretty_name, os_name), - v ? v : "bare", + v ?: "bare", usage, cutoff_from, cutoff_to); diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c index 5e07b88a895..f0fa8704376 100644 --- a/src/shared/tpm2-util.c +++ b/src/shared/tpm2-util.c @@ -2059,7 +2059,7 @@ int tpm2_create_primary( session ? session->esys_handle : ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE, - sensitive ? sensitive : &(TPM2B_SENSITIVE_CREATE) {}, + sensitive ?: &(TPM2B_SENSITIVE_CREATE) {}, template, /* outsideInfo= */ NULL, &(TPML_PCR_SELECTION) {}, From 4b68f7082924e2aeadd3632c7d0da9d615f09d85 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 12:14:20 +0100 Subject: [PATCH 06/16] network: ENOTSUP -> EOPNOTSUPP --- src/network/networkd-ndisc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c index ab9eeb13a5d..5faefc6fc6e 100644 --- a/src/network/networkd-ndisc.c +++ b/src/network/networkd-ndisc.c @@ -608,7 +608,7 @@ static int ndisc_router_process_route(Link *link, sd_ndisc_router *rt) { } r = sd_ndisc_router_route_get_preference(rt, &preference); - if (r == -ENOTSUP) { + if (r == -EOPNOTSUPP) { log_link_debug_errno(link, r, "Received route prefix with unsupported preference, ignoring: %m"); return 0; } From 6f7936cf57dfeeaa4af479d480037ca58424d43d Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 12:18:02 +0100 Subject: [PATCH 07/16] killall: fix errno check --- src/shared/killall.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shared/killall.c b/src/shared/killall.c index 330b4c3272d..917b7732665 100644 --- a/src/shared/killall.c +++ b/src/shared/killall.c @@ -257,7 +257,7 @@ static int killall(int sig, Set *pids, bool send_sighup) { r = pidref_kill(&pidref, sig); if (r < 0) { - if (errno != -ESRCH) + if (r != -ESRCH) log_warning_errno(errno, "Could not kill " PID_FMT ", ignoring: %m", pidref.pid); } else { n_killed++; From cd1c510f0cba86607532ded3540c22b733b3c064 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 12:40:06 +0100 Subject: [PATCH 08/16] test: use ERRNO_IS_NEG_NOT_SUPPORTED() in one more place --- src/test/test-uid-range.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/test-uid-range.c b/src/test/test-uid-range.c index 186f6ee29c8..aabbd2425cc 100644 --- a/src/test/test-uid-range.c +++ b/src/test/test-uid-range.c @@ -99,7 +99,7 @@ TEST(load_userns) { int r; r = uid_range_load_userns(&p, NULL); - if (r < 0 && ERRNO_IS_NOT_SUPPORTED(r)) + if (ERRNO_IS_NEG_NOT_SUPPORTED(r)) return; assert_se(r >= 0); From dd1b1dae7eff21580ee2a85bee70cc7c5b5e0470 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 12:46:27 +0100 Subject: [PATCH 09/16] test: use FLAGS_SET() in one more place --- src/test/test-acl-util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/test-acl-util.c b/src/test/test-acl-util.c index eb9678a7d94..331faf1e4b3 100644 --- a/src/test/test-acl-util.c +++ b/src/test/test-acl-util.c @@ -82,7 +82,7 @@ TEST(fd_acl_make_read_only) { (void) fd_add_uid_acl_permission(fd, 1, ACL_READ|ACL_WRITE|ACL_EXECUTE); assert_se(fstat(fd, &st) >= 0); - assert_se((st.st_mode & 0200) == 0200); + assert_se(FLAGS_SET(st.st_mode, 0200)); cmd = strjoina("getfacl -p ", fn); assert_se(system(cmd) == 0); From c490b6ddc24205ff9d50d9e9da361d9b1866dbfc Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 12:54:35 +0100 Subject: [PATCH 10/16] tree-wide: use IOVEC_MAKE() in a couple more places --- src/partition/repart.c | 3 +-- src/shared/tpm2-util.c | 5 +---- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/src/partition/repart.c b/src/partition/repart.c index 1e9284e2e2e..95cae94a8e0 100644 --- a/src/partition/repart.c +++ b/src/partition/repart.c @@ -4172,8 +4172,7 @@ static int sign_verity_roothash( return log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to convert PKCS7 signature to DER: %s", ERR_error_string(ERR_get_error(), NULL)); - ret_signature->iov_base = TAKE_PTR(sig); - ret_signature->iov_len = sigsz; + *ret_signature = IOVEC_MAKE(TAKE_PTR(sig), sigsz); return 0; #else diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c index f0fa8704376..ffcddc13d48 100644 --- a/src/shared/tpm2-util.c +++ b/src/shared/tpm2-util.c @@ -5891,10 +5891,7 @@ int tpm2_unseal_data( "Failed to unseal data: %s", sym_Tss2_RC_Decode(rc)); _cleanup_(iovec_done) struct iovec d = {}; - d = (struct iovec) { - .iov_base = memdup(unsealed->buffer, unsealed->size), - .iov_len = unsealed->size, - }; + d = IOVEC_MAKE(memdup(unsealed->buffer, unsealed->size), unsealed->size); explicit_bzero_safe(unsealed->buffer, unsealed->size); From 34e2897f5140e23cbe2844de56d0990f04325fa6 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 12:57:22 +0100 Subject: [PATCH 11/16] nspawn: log & return in a single statement --- src/nspawn/nspawn-oci.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/nspawn/nspawn-oci.c b/src/nspawn/nspawn-oci.c index 8f1ac7ccadd..7b73315376f 100644 --- a/src/nspawn/nspawn-oci.c +++ b/src/nspawn/nspawn-oci.c @@ -1837,10 +1837,8 @@ static int oci_seccomp_syscalls(const char *name, JsonVariant *v, JsonDispatchFl if (r < 0) return r; - if (strv_isempty(rule.names)) { - json_log(e, flags, 0, "System call name list is empty."); - return -EINVAL; - } + if (strv_isempty(rule.names)) + return json_log(e, flags, SYNTHETIC_ERRNO(EINVAL), "System call name list is empty."); STRV_FOREACH(i, rule.names) { int nr; From 78bc04cf121f8affa6edd40d5fe388a467f3819c Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 13:13:17 +0100 Subject: [PATCH 12/16] tree-wide: use strndupa_safe() in a couple more cases --- src/core/dbus-execute.c | 2 +- src/udev/udev-builtin-path_id.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index 2c6dce0a088..1830d697848 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -1311,7 +1311,7 @@ int bus_set_transient_exec_command( int r; /* Drop Ex from the written setting. E.g. ExecStart=, not ExecStartEx=. */ - const char *written_name = is_ex_prop ? strndupa(name, strlen(name) - 2) : name; + const char *written_name = is_ex_prop ? strndupa_safe(name, strlen(name) - 2) : name; r = sd_bus_message_enter_container(message, 'a', is_ex_prop ? "(sasas)" : "(sasb)"); if (r < 0) diff --git a/src/udev/udev-builtin-path_id.c b/src/udev/udev-builtin-path_id.c index 467c9a6ad39..f1370e60608 100644 --- a/src/udev/udev-builtin-path_id.c +++ b/src/udev/udev-builtin-path_id.c @@ -632,7 +632,7 @@ static int find_real_nvme_parent(sd_device *dev, sd_device **ret) { return -ENXIO; end += strspn(end, DIGITS); - sysname = strndupa(sysname, end - sysname); + sysname = strndupa_safe(sysname, end - sysname); r = sd_device_new_from_subsystem_sysname(&nvme, "nvme", sysname); if (r < 0) From 50f605bfe60c5e8a43a2d7284d7b66de339f2291 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 13:27:27 +0100 Subject: [PATCH 13/16] network: use timestamp_is_set() in one more place --- src/network/networkd-route.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/network/networkd-route.c b/src/network/networkd-route.c index c0189ae899a..30295e6bb6e 100644 --- a/src/network/networkd-route.c +++ b/src/network/networkd-route.c @@ -2869,7 +2869,7 @@ int config_parse_route_tcp_rto( return 0; } - if (IN_SET(usec, 0, USEC_INFINITY) || + if (!timestamp_is_set(usec) || DIV_ROUND_UP(usec, USEC_PER_MSEC) > UINT32_MAX) { log_syntax(unit, LOG_WARNING, filename, line, 0, "Route TCP retransmission timeout (RTO) must be in the range 0…%"PRIu32"ms, ignoring assignment: %s", UINT32_MAX, rvalue); From f2d0e2e5f5519e88ef146cb1e1d19f6e2634a029 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 13:32:16 +0100 Subject: [PATCH 14/16] sd-bus: drop unnecessary braces --- src/libsystemd/sd-bus/test-bus-objects.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/libsystemd/sd-bus/test-bus-objects.c b/src/libsystemd/sd-bus/test-bus-objects.c index ccdd0d50b7c..2847ba84f5b 100644 --- a/src/libsystemd/sd-bus/test-bus-objects.c +++ b/src/libsystemd/sd-bus/test-bus-objects.c @@ -494,10 +494,9 @@ static int client(struct context *c) { } assert_se(sd_bus_message_exit_container(reply) >= 0); - if (streq(path, "/value/a")) { + if (streq(path, "/value/a")) /* ObjectManager must be here */ assert_se(found_object_manager_interface); - } } else assert_se(sd_bus_message_skip(reply, "a{sa{sv}}") >= 0); From 0b3c27089685b9c886394cd085593a1d75f3cc30 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 18:12:59 +0100 Subject: [PATCH 15/16] modules-load: simplify OOM check --- src/modules-load/modules-load.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/modules-load/modules-load.c b/src/modules-load/modules-load.c index efca2379eac..da7e3d89005 100644 --- a/src/modules-load/modules-load.c +++ b/src/modules-load/modules-load.c @@ -172,10 +172,8 @@ static int run(int argc, char *argv[]) { log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m"); ctx = kmod_new(NULL, NULL); - if (!ctx) { - log_error("Failed to allocate memory for kmod."); - return -ENOMEM; - } + if (!ctx) + return log_oom(); kmod_load_resources(ctx); kmod_set_log_fn(ctx, systemd_kmod_log, NULL); From 8451e720d89838ea322ccc628b4fb0505fc48eb0 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Mon, 25 Dec 2023 19:51:43 +0100 Subject: [PATCH 16/16] systemctl: use SYNTHETIC_ERRNO() --- src/systemctl/systemctl-edit.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/src/systemctl/systemctl-edit.c b/src/systemctl/systemctl-edit.c index a6bb5e52892..c851c8546ef 100644 --- a/src/systemctl/systemctl-edit.c +++ b/src/systemctl/systemctl-edit.c @@ -247,13 +247,12 @@ static int find_paths_to_edit( return r; /* Already logged by unit_find_paths() */ if (!path) { - if (!arg_force) { - log_info("Run 'systemctl edit%s --force --full %s' to create a new unit.", - arg_runtime_scope == RUNTIME_SCOPE_GLOBAL ? " --global" : - arg_runtime_scope == RUNTIME_SCOPE_USER ? " --user" : "", - *name); - return -ENOENT; - } + if (!arg_force) + return log_info_errno(SYNTHETIC_ERRNO(ENOENT), + "Run 'systemctl edit%s --force --full %s' to create a new unit.", + arg_runtime_scope == RUNTIME_SCOPE_GLOBAL ? " --global" : + arg_runtime_scope == RUNTIME_SCOPE_USER ? " --user" : "", + *name); /* Create a new unit from scratch */ r = unit_file_create_new(