several fixes for os image handling #32907
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
util-lib
tests
please-review
YHNdnzj
reviewed
May 17, 2024
src/shared/discover-image.c
Outdated
| return -EOPNOTSUPP; | ||
|
|
||
| if (fd < 0) { | ||
| fd = open(i->path, O_CLOEXEC|O_NOCTTY|O_DIRECTORY); |
There was a problem hiding this comment.
O_NOCTTY seems unnecessary when O_DIRECTORY is specified?
There was a problem hiding this comment.
O_NOCTTY is actually not necessary, but also used in image_make(). Let's keep the flag at least now for consistency.
| return -EROFS; | ||
|
|
||
| if (i->type != IMAGE_SUBVOLUME) | ||
| return -EOPNOTSUPP; |
There was a problem hiding this comment.
(We usually return -ENOTTY for inappropriate fstype and such?)
There was a problem hiding this comment.
Hmm, in discover-image.c EOPNOTSUPP is used consistently, hence please ignore.
There was a problem hiding this comment.
Yeah. Let's fix that later consistently in another PR if necessary.
YHNdnzj
reviewed
May 17, 2024
yuwata
force-pushed
the
image-fix
branch
2 times, most recently
from
1c233f2
to
10adb30
Compare
YHNdnzj
added
machine
good-to-merge/with-minor-suggestions
and removed
please-review
|
@YHNdnzj Thank you for the review.
Upgrading the green label. |
yuwata
added
good-to-merge/waiting-for-ci 👍
bluca
reviewed
May 19, 2024
| @@ -132,13 +132,11 @@ machinectl show-image clone1 | |||
| machinectl rename clone1 clone2 | |||
| (! machinectl show-image clone1) | |||
| machinectl show-image clone2 | |||
| if lsattr -d /var/lib/machines >/dev/null; then | |||
There was a problem hiding this comment.
This was added explicitly to avoid this error:
So please drop this commit
There was a problem hiding this comment.
I have no idea why calling lsattr prevents such error. But OK, the change is dropped now.
There was a problem hiding this comment.
The test mounts tmpfs on /var/log/machines to not pollute the base image, and on older kernels you can't do chattr() on tmpfs, so lsattr is used here to check if it's supported:
# lsattr -d /tmp/foo/
lsattr: Inappropriate ioctl for device While reading flags on /tmp/foo/
There was a problem hiding this comment.
It would probably be good to have that as a comment in the script
bluca
added
good-to-merge/with-minor-suggestions
and removed
good-to-merge/waiting-for-ci 👍
Otherwise, ReadOnly DBus property in org.freedesktop.machine1.Image or org.freedesktop.portable1.Image will not be updated by MarkReadOnly DBus method.
Same as the previous commit, but for SetLimit DBus method vs Limit property and friends.
Preparation for the next commit. No functional change.
…he main interface is called Previously, Image objects were only cached when reading properties or methods in the org.freedesktop.machine1.Image interface are called. This makes that, when a method in the main interface (org.freedesktop.machine1) for an image is called, also acquire the Image object from the cache, and if not cached, create Image object and put into the cache, like we do for org.freedesktop.machine1.Image. Otherwise, if some properties of an image are updated by methods in the main interface, e.g. MarkImageReadOnly(), the changes do not applied to the cached Image object, and subsequent read of proerties through the interface for the image, e.g. ReadOnly property, may provide outdated values. Follow-up for 1ddb263. Fixes systemd#32888.
Fixes a bug introduced by 1ddb263. Note, this requires the previous two commits, and cannot backport without them. Note, before the previous commit, the use-after-free could be triggered only by Rename() DBus method, and could not by RenameImage(), as we did not cache Image object when RenameImage() method is called. And machinectl always uses RenameImage(). Hence, the issue could be triggered only when Rename() DBus method is explicitly called by e.g. busctl. With the previous commit, the Image object passed to the function is always cached. Hence, the issue could be triggered even with machinectl command, and this fix is important.
yuwata
added
good-to-merge/waiting-for-ci 👍
github-actions
bot
removed
the
good-to-merge/waiting-for-ci 👍
mrc0mmand
added a commit
to mrc0mmand/systemd
that referenced
this pull request
May 21, 2024
bluca
pushed a commit
to bluca/systemd-stable
that referenced
this pull request
May 26, 2024
Addresses: systemd/systemd#32907 (comment) (cherry picked from commit d3c14f7)
bluca
pushed a commit
to bluca/systemd-stable
that referenced
this pull request
May 26, 2024
Addresses: systemd/systemd#32907 (comment) (cherry picked from commit d3c14f7)
keszybz
pushed a commit
to systemd/systemd-stable
that referenced
this pull request
May 27, 2024
Addresses: systemd/systemd#32907 (comment) (cherry picked from commit d3c14f7)
bluca
pushed a commit
to bluca/systemd-stable
that referenced
this pull request
May 27, 2024
Addresses: systemd/systemd#32907 (comment) (cherry picked from commit d3c14f7) (cherry picked from commit 71ac20d)
bluca
pushed a commit
to bluca/systemd-stable
that referenced
this pull request
May 27, 2024
Addresses: systemd/systemd#32907 (comment) (cherry picked from commit d3c14f7) (cherry picked from commit 71ac20d)
bluca
pushed a commit
to bluca/systemd-stable
that referenced
this pull request
May 27, 2024
Addresses: systemd/systemd#32907 (comment) (cherry picked from commit d3c14f7) (cherry picked from commit 71ac20d)
bluca
pushed a commit
to systemd/systemd-stable
that referenced
this pull request
May 27, 2024
Addresses: systemd/systemd#32907 (comment) (cherry picked from commit d3c14f7) (cherry picked from commit 71ac20d)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #32888.