NEWS: last rites

loop-device: implicitly sync device on detach
Apparently, if IO is still in flight at the moment we invoke LOOP_CLR_FD it is likely simply dropped (probably because yanking physical storage, such as a USB stick would drop it too). Let's protect ourselves against that and always sync explicitly before we invoke it.
2020-07-30 21:02:36 +02:00 · 2020-07-30 20:56:13 +02:00 · 2020-07-30 20:47:41 +02:00 · 2020-07-30 18:55:50 +02:00 · 2020-07-30 18:48:35 +02:00 · 2020-07-30 15:15:11 +02:00
10 changed files with 81 additions and 79 deletions
--- a/78
+++ b/78
@ -114,7 +114,7 @@ CHANGES WITH 246:
        * tmpfs mounts automatically created by systemd (/tmp, /run, /dev/shm,
          and others) now have a size and inode limits applied (50% of RAM for
-          /tmp, 10% of RAM for /dev/shm, etc.)
+          /tmp and /dev/shm, 10% of RAM for other mounts, etc.)
        * nss-mymachines lost support for resolution of users and groups, and
          now only does resolution of hostnames. This functionality is now
@ -564,45 +564,45 @@ CHANGES WITH 246:
          distribution-specific defaults in .mkosi/ based on your preference.
        Contributions from: 24bisquitz, Adam Nielsen, Alan Perry, Alexander
-        Malafeev, Alin Popa, Alvin Šipraga, Amos Bird, Andreas Rammhold,
+        Malafeev, Amitanand.Chikorde, Alin Popa, Alvin Šipraga, Amos Bird,
-        AndreRH, Andrew Doran, Anita Zhang, Ankit Jain, antznin, Arnaud
+        Andreas Rammhold, AndreRH, Andrew Doran, Anita Zhang, Ankit Jain,
-        Ferraris, Arthur Moraes do Lago, Arusekk, Balaji Punnuru, Balint
+        antznin, Arnaud Ferraris, Arthur Moraes do Lago, Arusekk, Balaji
-        Reczey, Bastien Nocera, bemarek, Benjamin Berg, Benjamin Dahlhoff,
+        Punnuru, Balint Reczey, Bastien Nocera, bemarek, Benjamin Berg,
-        Benjamin Robin, Chris Down, Chris Kerr, Christian Göttsche, Christian
+        Benjamin Dahlhoff, Benjamin Robin, Chris Down, Chris Kerr, Christian
-        Hesse, Christian Oder, Ciprian Hacman, Clinton Roy, codicodi, Corey
+        Göttsche, Christian Hesse, Christian Oder, Ciprian Hacman, Clinton Roy,
-        Hinshaw, Daan De Meyer, Dana Olson, Dan Callaghan, Daniel Fullmer,
+        codicodi, Corey Hinshaw, Daan De Meyer, Dana Olson, Dan Callaghan,
-        Daniel Rusek, Dan Streetman, Dave Reisner, David Edmundson, David Wood,
+        Daniel Fullmer, Daniel Rusek, Dan Streetman, Dave Reisner, David
-        Denis Pronin, Diego Escalante Urrelo, Dimitri John Ledkov,
+        Edmundson, David Wood, Denis Pronin, Diego Escalante Urrelo, Dimitri
-        dolphrundgren, duguxy, Einsler Lee, Elisei Roca, Emmanuel Garette, Eric
+        John Ledkov, dolphrundgren, duguxy, Einsler Lee, Elisei Roca, Emmanuel
-        Anderson, Eric DeVolder, Evgeny Vereshchagin, ExtinctFire, fangxiuning,
+        Garette, Eric Anderson, Eric DeVolder, Evgeny Vereshchagin,
-        Ferran Pallarès Roca, Filipe Brandenburger, Filippo Falezza, Finn,
+        ExtinctFire, fangxiuning, Ferran Pallarès Roca, Filipe Brandenburger,
-        Florian Klink, Florian Mayer, Franck Bui, Frantisek Sumsal, gaurav,
+        Filippo Falezza, Finn, Florian Klink, Florian Mayer, Franck Bui,
-        Georg Müller, Gergely Polonkai, Giedrius Statkevičius, Gigadoc2,
+        Frantisek Sumsal, gaurav, Georg Müller, Gergely Polonkai, Giedrius
-        gogogogi, gzjsgdsb, Hans de Goede, Haochen Tong, ianhi, ignapk, Jakov
+        Statkevičius, Gigadoc2, gogogogi, Gaurav Singh, gzjsgdsb, Hans de
-        Smolic, James T. Lee, Jan Janssen, Jan Klötzke, Jan Palus, Jay Burger,
+        Goede, Haochen Tong, ianhi, ignapk, Jakov Smolic, James T. Lee, Jan
-        Jeremy Cline, Jérémy Rosen, Jian-Hong Pan, Jiri Slaby, Joel Shapiro,
+        Janssen, Jan Klötzke, Jan Palus, Jay Burger, Jeremy Cline, Jérémy
-        Joerg Behrmann, Jörg Thalheim, Jouke Witteveen, Kai-Heng Feng, Kenny
+        Rosen, Jian-Hong Pan, Jiri Slaby, Joel Shapiro, Joerg Behrmann, Jörg
-        Levinsen, Kevin Kuehler, Kumar Kartikeya Dwivedi, layderv, laydervus,
+        Thalheim, Jouke Witteveen, Kai-Heng Feng, Kenny Levinsen, Kevin
-        Lénaïc Huard, Lennart Poettering, Lidong Zhong, Luca Boccassi, Luca
+        Kuehler, Kumar Kartikeya Dwivedi, layderv, laydervus, Lénaïc Huard,
-        BRUNO, Lucas Werkmeister, Lukas Klingsbo, Lukáš Nykrýn, Łukasz
+        Lennart Poettering, Lidong Zhong, Luca Boccassi, Luca BRUNO, Lucas
-        Stelmach, Maciej S. Szmigiero, MadMcCrow, Marc-André Lureau, Marcel
+        Werkmeister, Lukas Klingsbo, Lukáš Nykrýn, Łukasz Stelmach, Maciej
-        Holtmann, Marc Kleine-Budde, Martin Hundebøll, Matthew Leeds, Matt
+        S. Szmigiero, MadMcCrow, Marc-André Lureau, Marcel Holtmann, Marc
-        Ranostay, Maxim Fomin, MaxVerevkin, Michael Biebl, Michael Chapman,
+        Kleine-Budde, Martin Hundebøll, Matthew Leeds, Matt Ranostay, Maxim
-        Michael Gubbels, Michael Marley, Michał Bartoszkiewicz, Michal Koutný,
+        Fomin, MaxVerevkin, Michael Biebl, Michael Chapman, Michael Gubbels,
-        Michal Sekletár, Mike Gilbert, Mike Kazantsev, Mikhail Novosyolov, ml,
+        Michael Marley, Michał Bartoszkiewicz, Michal Koutný, Michal Sekletár,
-        Motiejus Jakštys, nabijaczleweli, nerdopolis, Niccolò Maggioni, Niklas
+        Mike Gilbert, Mike Kazantsev, Mikhail Novosyolov, ml, Motiejus Jakštys,
-        Hambüchen, Norbert Lange, Paul Cercueil, pelzvieh, Peter Hutterer,
+        nabijaczleweli, nerdopolis, Niccolò Maggioni, Niklas Hambüchen, Norbert
-        Piero La Terza, Pieter Lexis, Piotr Drąg, Rafael Fontenelle, Richard
+        Lange, Paul Cercueil, pelzvieh, Peter Hutterer, Piero La Terza, Pieter
-        Petri, Ronan Pigott, Ross Lagerwall, Rubens Figueiredo, satmandu,
+        Lexis, Piotr Drąg, Rafael Fontenelle, Richard Petri, Ronan Pigott, Ross
-        Sean-StarLabs, Sebastian Jennen, sterlinghughes, Surhud More, Susant
+        Lagerwall, Rubens Figueiredo, satmandu, Sean-StarLabs, Sebastian
-        Sahani, szb512, Thomas Haller, Tobias Hunger, Tom, Tomáš Pospíšek,
+        Jennen, sterlinghughes, Surhud More, Susant Sahani, szb512, Thomas
-        Tomer Shechner, Tom Hughes, Topi Miettinen, Tudor Roman, Uwe
+        Haller, Tobias Hunger, Tom, Tomáš Pospíšek, Tomer Shechner, Tom Hughes,
-        Kleine-König, Valery0xff, Vito Caputo, Vladimir Panteleev, Vladyslav
+        Topi Miettinen, Tudor Roman, Uwe Kleine-König, Valery0xff, Vito Caputo,
-        Tronko, Wen Yang, Yegor Vialov, Yigal Korman, Yi Gao, YmrDtnJu, Yuri
+        Vladimir Panteleev, Vladyslav Tronko, Wen Yang, Yegor Vialov, Yigal
-        Chornoivan, Yu Watanabe, Zbigniew Jędrzejewski-Szmek, Zhu Li, Дамјан
+        Korman, Yi Gao, YmrDtnJu, Yuri Chornoivan, Yu Watanabe, Zbigniew
-        Георгиевски, наб
+        Jędrzejewski-Szmek, Zhu Li, Дамјан Георгиевски, наб
-        – Warsaw, 2020-07-24
+        – Warsaw, 2020-07-30
 CHANGES WITH 245:
--- a/src/core/mount-setup.c
+++ b/src/core/mount-setup.c
@ -72,10 +72,10 @@ static const MountPoint mount_table[] = {
 #if ENABLE_SMACK
        { "smackfs",     "/sys/fs/smackfs",           "smackfs",    "smackfsdef=*",                            MS_NOSUID|MS_NOEXEC|MS_NODEV,
          mac_smack_use, MNT_FATAL                  },
-        { "tmpfs",       "/dev/shm",                  "tmpfs",      "mode=1777,smackfsroot=*" TMPFS_LIMITS_DEV_SHM, MS_NOSUID|MS_NODEV|MS_STRICTATIME,
+        { "tmpfs",       "/dev/shm",                  "tmpfs",      "mode=1777,smackfsroot=*",                 MS_NOSUID|MS_NODEV|MS_STRICTATIME,
          mac_smack_use, MNT_FATAL                  },
 #endif
-        { "tmpfs",       "/dev/shm",                  "tmpfs",      "mode=1777" TMPFS_LIMITS_DEV_SHM,               MS_NOSUID|MS_NODEV|MS_STRICTATIME,
+        { "tmpfs",       "/dev/shm",                  "tmpfs",      "mode=1777",                               MS_NOSUID|MS_NODEV|MS_STRICTATIME,
          NULL,          MNT_FATAL|MNT_IN_CONTAINER },
        { "devpts",      "/dev/pts",                  "devpts",     "mode=620,gid=" STRINGIFY(TTY_GID),        MS_NOSUID|MS_NOEXEC,
          NULL,          MNT_IN_CONTAINER           },
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@ -326,23 +326,21 @@ static int append_bind_mounts(MountEntry **p, const BindMount *binds, size_t n)
 }
 static int append_tmpfs_mounts(MountEntry **p, const TemporaryFileSystem *tmpfs, size_t n) {
        size_t i;
        int r;
        assert(p);
-        for (i = 0; i < n; i++) {
+        for (size_t i = 0; i < n; i++) {
                const TemporaryFileSystem *t = tmpfs + i;
                _cleanup_free_ char *o = NULL, *str = NULL;
                unsigned long flags;
                bool ro = false;
                int r;
                if (!path_is_absolute(t->path))
                        return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
                                               "Path is not absolute: %s",
                                               t->path);
-                str = strjoin("mode=0755" TMPFS_LIMITS_TEMPORARY_FS ",", t->options);
+                str = strjoin("mode=0755" NESTED_TMPFS_LIMITS ",", t->options);
                if (!str)
                        return -ENOMEM;
--- a/src/nspawn/nspawn-mount.c
+++ b/src/nspawn/nspawn-mount.c
@ -549,7 +549,7 @@ int mount_all(const char *dest,
                  MOUNT_IN_USERNS|MOUNT_MKDIR },
                /* Then we list outer child mounts (i.e. mounts applied *before* entering user namespacing) */
-                { "tmpfs",                  "/tmp",                         "tmpfs", "mode=1777" TMPFS_LIMITS_TMP,     MS_NOSUID|MS_NODEV|MS_STRICTATIME,
+                { "tmpfs",                  "/tmp",                         "tmpfs", "mode=1777" NESTED_TMPFS_LIMITS,  MS_NOSUID|MS_NODEV|MS_STRICTATIME,
                  MOUNT_FATAL|MOUNT_APPLY_TMPFS_TMP|MOUNT_MKDIR },
                { "tmpfs",                  "/sys",                         "tmpfs", "mode=555" TMPFS_LIMITS_SYS,      MS_NOSUID|MS_NOEXEC|MS_NODEV,
                  MOUNT_FATAL|MOUNT_APPLY_APIVFS_NETNS|MOUNT_MKDIR },
@ -559,7 +559,7 @@ int mount_all(const char *dest,
                  MOUNT_FATAL|MOUNT_MKDIR },                          /* skipped if above was mounted */
                { "tmpfs",                  "/dev",                         "tmpfs", "mode=755" TMPFS_LIMITS_DEV,      MS_NOSUID|MS_STRICTATIME,
                  MOUNT_FATAL|MOUNT_MKDIR },
-                { "tmpfs",                  "/dev/shm",                     "tmpfs", "mode=1777" TMPFS_LIMITS_DEV_SHM, MS_NOSUID|MS_NODEV|MS_STRICTATIME,
+                { "tmpfs",                  "/dev/shm",                     "tmpfs", "mode=1777" NESTED_TMPFS_LIMITS,  MS_NOSUID|MS_NODEV|MS_STRICTATIME,
                  MOUNT_FATAL|MOUNT_MKDIR },
                { "tmpfs",                  "/run",                         "tmpfs", "mode=755" TMPFS_LIMITS_RUN,      MS_NOSUID|MS_NODEV|MS_STRICTATIME,
                  MOUNT_FATAL|MOUNT_MKDIR },
--- a/src/shared/loop-util.c
+++ b/src/shared/loop-util.c
@ -191,6 +191,10 @@ LoopDevice* loop_device_unref(LoopDevice *d) {
                return NULL;
        if (d->fd >= 0) {
                /* Implicitly sync the device, since otherwise in-flight blocks might not get written */
                if (fsync(d->fd) < 0)
                        log_debug_errno(errno, "Failed to sync loop block device, ignoring: %m");
                if (d->nr >= 0 && !d->relinquished) {
                        if (ioctl(d->fd, LOOP_CLR_FD) < 0)
                                log_debug_errno(errno, "Failed to clear loop device: %m");
@ -216,7 +220,7 @@ LoopDevice* loop_device_unref(LoopDevice *d) {
                                        log_warning_errno(errno, "Failed to remove device %s: %m", strna(d->node));
                                        break;
                                }
-                                usleep(50 * USEC_PER_MSEC);
+                                (void) usleep(50 * USEC_PER_MSEC);
                        }
        }
--- a/src/shared/mount-util.h
+++ b/src/shared/mount-util.h
@ -21,13 +21,11 @@
 * PID1 because 16MB of free space is required. */
 #define TMPFS_LIMITS_RUN             ",size=20%,nr_inodes=800k"
-/* The limit used for various tmpfs mounts, but not /tmp itself.
+/* The limit used for various nested tmpfs mounts, in paricular for guests started by systemd-nspawn.
 * 10% of RAM (using 16GB of RAM as a baseline) translates to 400k inodes (assuming 4k each) and 25%
 * translates to 1M inodes.
- * /tmp is configured through a .mount unit file. */
+ * (On the host, /tmp is configured through a .mount unit file.) */
-#define TMPFS_LIMITS_TMP             ",size=10%,nr_inodes=400k"
+#define NESTED_TMPFS_LIMITS          ",size=10%,nr_inodes=400k"
 #define TMPFS_LIMITS_DEV_SHM         TMPFS_LIMITS_TMP
 #define TMPFS_LIMITS_TEMPORARY_FS    TMPFS_LIMITS_TMP
 /* More space for volatile root and /var */
 #define TMPFS_LIMITS_VAR             ",size=25%,nr_inodes=1m"
--- a/src/timedate/timedatectl.c
+++ b/src/timedate/timedatectl.c
@ -409,7 +409,7 @@ static int print_ntp_status_info(NTPStatusInfo *i) {
        if (r < 0)
                return table_log_add_error(r);
-        r = table_add_cell_stringf(table, NULL, "%s (%s)", i->server_address, i->server_name);
+        r = table_add_cell_stringf(table, NULL, "%s (%s)", strna(i->server_address), strna(i->server_name));
        if (r < 0)
                return table_log_add_error(r);
--- a/src/timesync/timesyncd-manager.c
+++ b/src/timesync/timesyncd-manager.c
@ -137,11 +137,10 @@ static int manager_send_request(Manager *m) {
        }
        /* re-arm timer with increasing timeout, in case the packets never arrive back */
-        if (m->retry_interval > 0) {
+        if (m->retry_interval == 0)
-                if (m->retry_interval < m->poll_interval_max_usec)
+                m->retry_interval = NTP_RETRY_INTERVAL_MIN_USEC;
-                        m->retry_interval *= 2;
+        else
-        } else
+                m->retry_interval = MIN(m->retry_interval * 4/3, NTP_RETRY_INTERVAL_MAX_USEC);
                m->retry_interval = m->poll_interval_min_usec;
        r = manager_arm_timer(m, m->retry_interval);
        if (r < 0)
--- a/src/timesync/timesyncd-manager.h
+++ b/src/timesync/timesyncd-manager.h
@ -24,6 +24,9 @@ typedef struct Manager Manager;
 #define NTP_POLL_INTERVAL_MIN_USEC      (32 * USEC_PER_SEC)
 #define NTP_POLL_INTERVAL_MAX_USEC      (2048 * USEC_PER_SEC)
 #define NTP_RETRY_INTERVAL_MIN_USEC     (15 * USEC_PER_SEC)
 #define NTP_RETRY_INTERVAL_MAX_USEC     (6 * 60 * USEC_PER_SEC) /* 6 minutes */
 struct Manager {
        sd_bus *bus;
        sd_event *event;
--- a/src/udev/udevadm-info.c
+++ b/src/udev/udevadm-info.c
@ -100,7 +100,7 @@ static int print_all_attributes(sd_device *device, bool is_parent) {
                /* skip nonprintable attributes */
                len = strlen(value);
-                while (len > 0 && isprint(value[len-1]))
+                while (len > 0 && isprint((unsigned char) value[len-1]))
                        len--;
                if (len > 0)
                        continue;
Author	SHA1	Message	Date
Zbigniew Jędrzejewski-Szmek	ae366f3acb	NEWS: last rites	2020-07-30 21:02:36 +02:00
Lennart Poettering	cae1e8fb88	loop-device: implicitly sync device on detach Apparently, if IO is still in flight at the moment we invoke LOOP_CLR_FD it is likely simply dropped (probably because yanking physical storage, such as a USB stick would drop it too). Let's protect ourselves against that and always sync explicitly before we invoke it.	2020-07-30 20:56:13 +02:00
Zbigniew Jędrzejewski-Szmek	3660da17b0	Merge pull request #16624 from keszybz/timesync-retry-interval Make timesyncd retry interval grow more slowly	2020-07-30 20:47:41 +02:00
Amitanand.Chikorde	e7e954243a	udev: fix codesonar warnings Fixed below systemd codesonar warning. isprint() is invoked here with an argument of signed type char, but only has defined behavior for int arguments that are either representable as unsigned char or equal to the value of macro EOF(-1). As per codesonar report, in a number of libc implementations, isprint() function implemented using lookup tables (arrays): passing in a negative value can result in a read underrun.	2020-07-30 18:55:50 +02:00
Zbigniew Jędrzejewski-Szmek	b67ec8e5b2	pid1: stop limiting size of /dev/shm The explicit limit is dropped, which means that we return to the kernel default of 50% of RAM. See `362a55fc14` for a discussion why that is not as much as it seems. It turns out various applications need more space in /dev/shm and we would break them by imposing a low limit. While at it, rename the define and use a single macro for various tmpfs mounts. We don't really care what the purpose of the given tmpfs is, so it seems reasonable to use a single macro. This effectively reverts part of `7d85383edb`. Fixes #16617.	2020-07-30 18:48:35 +02:00
Zbigniew Jędrzejewski-Szmek	5919bd3df3	timesync: increase retry interval more slowly The new retry intervals are [15, 20, 26, 34, 45, 60, 80, 106, 141, 188, 250, 333, 360, ...]. This should allow graceful response if a transient network failure is encountered. Growth is exponential, but with a small power and capped to a non-too-large value so that we resynchronize within a few minutes after network is restored. I made the minimum 15 s to make sure that we never send packets more often than that. Fixes #16492.	2020-07-30 15:15:11 +02:00
Yu Watanabe	94ec163ad2	timedatectl: do not show (null) if the address of NTP server is not resolved	2020-07-17 03:10:42 +09:00