systemd-252-14
Resolves: #2176918,#2180120
This commit is contained in:
parent
6cce65c41b
commit
2a07d74ee6
172
0227-systemd-Support-OOMPolicy-in-scope-units.patch
Normal file
172
0227-systemd-Support-OOMPolicy-in-scope-units.patch
Normal file
@ -0,0 +1,172 @@
|
|||||||
|
From 97e7419df4912abc62ca379afbb6721b008fbf87 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Mark Laws <mdl@60hz.org>
|
||||||
|
Date: Mon, 14 Nov 2022 21:48:09 +0900
|
||||||
|
Subject: [PATCH] systemd: Support OOMPolicy in scope units
|
||||||
|
|
||||||
|
Closes #25376.
|
||||||
|
|
||||||
|
(cherry picked from commit 5fa098357e0ea9f05b00ed5b04a36ef9f64037db)
|
||||||
|
|
||||||
|
Resolves: #2176918
|
||||||
|
---
|
||||||
|
man/org.freedesktop.systemd1.xml | 6 ++++++
|
||||||
|
src/core/dbus-scope.c | 6 ++++++
|
||||||
|
src/core/scope.c | 19 ++++++++++++++++---
|
||||||
|
src/core/scope.h | 2 ++
|
||||||
|
src/shared/bus-unit-util.c | 3 +++
|
||||||
|
5 files changed, 33 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml
|
||||||
|
index c2f70870c7..40510c43eb 100644
|
||||||
|
--- a/man/org.freedesktop.systemd1.xml
|
||||||
|
+++ b/man/org.freedesktop.systemd1.xml
|
||||||
|
@@ -10150,6 +10150,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope {
|
||||||
|
readonly t RuntimeMaxUSec = ...;
|
||||||
|
@org.freedesktop.DBus.Property.EmitsChangedSignal("const")
|
||||||
|
readonly t RuntimeRandomizedExtraUSec = ...;
|
||||||
|
+ @org.freedesktop.DBus.Property.EmitsChangedSignal("const")
|
||||||
|
+ readonly s OOMPolicy = '...';
|
||||||
|
@org.freedesktop.DBus.Property.EmitsChangedSignal("false")
|
||||||
|
readonly s Slice = '...';
|
||||||
|
@org.freedesktop.DBus.Property.EmitsChangedSignal("false")
|
||||||
|
@@ -10324,6 +10326,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope {
|
||||||
|
|
||||||
|
<!--property RuntimeRandomizedExtraUSec is not documented!-->
|
||||||
|
|
||||||
|
+ <!--property OOMPolicy is not documented!-->
|
||||||
|
+
|
||||||
|
<!--property Slice is not documented!-->
|
||||||
|
|
||||||
|
<!--property ControlGroupId is not documented!-->
|
||||||
|
@@ -10506,6 +10510,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope {
|
||||||
|
|
||||||
|
<variablelist class="dbus-property" generated="True" extra-ref="RuntimeRandomizedExtraUSec"/>
|
||||||
|
|
||||||
|
+ <variablelist class="dbus-property" generated="True" extra-ref="OOMPolicy"/>
|
||||||
|
+
|
||||||
|
<variablelist class="dbus-property" generated="True" extra-ref="Slice"/>
|
||||||
|
|
||||||
|
<variablelist class="dbus-property" generated="True" extra-ref="ControlGroup"/>
|
||||||
|
diff --git a/src/core/dbus-scope.c b/src/core/dbus-scope.c
|
||||||
|
index 7d2ceb0765..7b07bb8bb9 100644
|
||||||
|
--- a/src/core/dbus-scope.c
|
||||||
|
+++ b/src/core/dbus-scope.c
|
||||||
|
@@ -5,6 +5,7 @@
|
||||||
|
#include "bus-get-properties.h"
|
||||||
|
#include "dbus-cgroup.h"
|
||||||
|
#include "dbus-kill.h"
|
||||||
|
+#include "dbus-manager.h"
|
||||||
|
#include "dbus-scope.h"
|
||||||
|
#include "dbus-unit.h"
|
||||||
|
#include "dbus-util.h"
|
||||||
|
@@ -39,6 +40,7 @@ int bus_scope_method_abandon(sd_bus_message *message, void *userdata, sd_bus_err
|
||||||
|
}
|
||||||
|
|
||||||
|
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, scope_result, ScopeResult);
|
||||||
|
+static BUS_DEFINE_SET_TRANSIENT_PARSE(oom_policy, OOMPolicy, oom_policy_from_string);
|
||||||
|
|
||||||
|
const sd_bus_vtable bus_scope_vtable[] = {
|
||||||
|
SD_BUS_VTABLE_START(0),
|
||||||
|
@@ -47,6 +49,7 @@ const sd_bus_vtable bus_scope_vtable[] = {
|
||||||
|
SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Scope, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
|
||||||
|
SD_BUS_PROPERTY("RuntimeMaxUSec", "t", bus_property_get_usec, offsetof(Scope, runtime_max_usec), SD_BUS_VTABLE_PROPERTY_CONST),
|
||||||
|
SD_BUS_PROPERTY("RuntimeRandomizedExtraUSec", "t", bus_property_get_usec, offsetof(Scope, runtime_rand_extra_usec), SD_BUS_VTABLE_PROPERTY_CONST),
|
||||||
|
+ SD_BUS_PROPERTY("OOMPolicy", "s", bus_property_get_oom_policy, offsetof(Scope, oom_policy), SD_BUS_VTABLE_PROPERTY_CONST),
|
||||||
|
SD_BUS_SIGNAL("RequestStop", NULL, 0),
|
||||||
|
SD_BUS_METHOD("Abandon", NULL, NULL, bus_scope_method_abandon, SD_BUS_VTABLE_UNPRIVILEGED),
|
||||||
|
SD_BUS_VTABLE_END
|
||||||
|
@@ -77,6 +80,9 @@ static int bus_scope_set_transient_property(
|
||||||
|
if (streq(name, "RuntimeRandomizedExtraUSec"))
|
||||||
|
return bus_set_transient_usec(u, name, &s->runtime_rand_extra_usec, message, flags, error);
|
||||||
|
|
||||||
|
+ if (streq(name, "OOMPolicy"))
|
||||||
|
+ return bus_set_transient_oom_policy(u, name, &s->oom_policy, message, flags, error);
|
||||||
|
+
|
||||||
|
if (streq(name, "PIDs")) {
|
||||||
|
_cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
|
||||||
|
unsigned n = 0;
|
||||||
|
diff --git a/src/core/scope.c b/src/core/scope.c
|
||||||
|
index 54a6cc63e4..e2fc4cc995 100644
|
||||||
|
--- a/src/core/scope.c
|
||||||
|
+++ b/src/core/scope.c
|
||||||
|
@@ -43,6 +43,7 @@ static void scope_init(Unit *u) {
|
||||||
|
s->timeout_stop_usec = u->manager->default_timeout_stop_usec;
|
||||||
|
u->ignore_on_isolate = true;
|
||||||
|
s->user = s->group = NULL;
|
||||||
|
+ s->oom_policy = _OOM_POLICY_INVALID;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void scope_done(Unit *u) {
|
||||||
|
@@ -194,6 +195,11 @@ static int scope_add_extras(Scope *s) {
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
+ if (s->oom_policy < 0)
|
||||||
|
+ s->oom_policy = s->cgroup_context.delegate ? OOM_CONTINUE : UNIT(s)->manager->default_oom_policy;
|
||||||
|
+
|
||||||
|
+ s->cgroup_context.memory_oom_group = s->oom_policy == OOM_KILL;
|
||||||
|
+
|
||||||
|
return scope_add_default_dependencies(s);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -286,11 +292,13 @@ static void scope_dump(Unit *u, FILE *f, const char *prefix) {
|
||||||
|
"%sScope State: %s\n"
|
||||||
|
"%sResult: %s\n"
|
||||||
|
"%sRuntimeMaxSec: %s\n"
|
||||||
|
- "%sRuntimeRandomizedExtraSec: %s\n",
|
||||||
|
+ "%sRuntimeRandomizedExtraSec: %s\n"
|
||||||
|
+ "%sOOMPolicy: %s\n",
|
||||||
|
prefix, scope_state_to_string(s->state),
|
||||||
|
prefix, scope_result_to_string(s->result),
|
||||||
|
prefix, FORMAT_TIMESPAN(s->runtime_max_usec, USEC_PER_SEC),
|
||||||
|
- prefix, FORMAT_TIMESPAN(s->runtime_rand_extra_usec, USEC_PER_SEC));
|
||||||
|
+ prefix, FORMAT_TIMESPAN(s->runtime_rand_extra_usec, USEC_PER_SEC),
|
||||||
|
+ prefix, oom_policy_to_string(s->oom_policy));
|
||||||
|
|
||||||
|
cgroup_context_dump(UNIT(s), f, prefix);
|
||||||
|
kill_context_dump(&s->kill_context, f, prefix);
|
||||||
|
@@ -635,11 +643,16 @@ static void scope_notify_cgroup_oom_event(Unit *u, bool managed_oom) {
|
||||||
|
else
|
||||||
|
log_unit_debug(u, "Process of control group was killed by the OOM killer.");
|
||||||
|
|
||||||
|
- /* This will probably need to be modified when scope units get an oom-policy */
|
||||||
|
+ if (s->oom_policy == OOM_CONTINUE)
|
||||||
|
+ return;
|
||||||
|
+
|
||||||
|
switch (s->state) {
|
||||||
|
|
||||||
|
case SCOPE_START_CHOWN:
|
||||||
|
case SCOPE_RUNNING:
|
||||||
|
+ scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_OOM_KILL);
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
case SCOPE_STOP_SIGTERM:
|
||||||
|
scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_OOM_KILL);
|
||||||
|
break;
|
||||||
|
diff --git a/src/core/scope.h b/src/core/scope.h
|
||||||
|
index 6a228f1177..c9574a32c2 100644
|
||||||
|
--- a/src/core/scope.h
|
||||||
|
+++ b/src/core/scope.h
|
||||||
|
@@ -38,6 +38,8 @@ struct Scope {
|
||||||
|
|
||||||
|
char *user;
|
||||||
|
char *group;
|
||||||
|
+
|
||||||
|
+ OOMPolicy oom_policy;
|
||||||
|
};
|
||||||
|
|
||||||
|
extern const UnitVTable scope_vtable;
|
||||||
|
diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
|
||||||
|
index b850a28e85..922011eccd 100644
|
||||||
|
--- a/src/shared/bus-unit-util.c
|
||||||
|
+++ b/src/shared/bus-unit-util.c
|
||||||
|
@@ -2142,6 +2142,9 @@ static int bus_append_scope_property(sd_bus_message *m, const char *field, const
|
||||||
|
if (STR_IN_SET(field, "User", "Group"))
|
||||||
|
return bus_append_string(m, field, eq);
|
||||||
|
|
||||||
|
+ if (streq(field, "OOMPolicy"))
|
||||||
|
+ return bus_append_string(m, field, eq);
|
||||||
|
+
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,33 @@
|
|||||||
|
From 60f4b73b48b7e9d3f734ecdf63fa5ba9ab3c2338 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Mark Laws <mdl@60hz.org>
|
||||||
|
Date: Thu, 24 Nov 2022 14:56:29 +0900
|
||||||
|
Subject: [PATCH] systemd: Default to OOMPolicy=continue for login session
|
||||||
|
scopes
|
||||||
|
|
||||||
|
If the kernel OOM kills a process under a login session scope, we don't want to
|
||||||
|
kill the user's other processes for no good reason.
|
||||||
|
|
||||||
|
(cherry picked from commit 98b6c94b577205d31b019286c2a84cc9af244ea0)
|
||||||
|
|
||||||
|
Resolves: #2176918
|
||||||
|
---
|
||||||
|
src/login/logind-dbus.c | 6 ++++++
|
||||||
|
1 file changed, 6 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
|
||||||
|
index 86a5decf3f..2ab26b9c6d 100644
|
||||||
|
--- a/src/login/logind-dbus.c
|
||||||
|
+++ b/src/login/logind-dbus.c
|
||||||
|
@@ -3970,6 +3970,12 @@ int manager_start_scope(
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
+ /* For login session scopes, if a process is OOM killed by the kernel, *don't* terminate the rest of
|
||||||
|
+ the scope */
|
||||||
|
+ r = sd_bus_message_append(m, "(sv)", "OOMPolicy", "s", "continue");
|
||||||
|
+ if (r < 0)
|
||||||
|
+ return r;
|
||||||
|
+
|
||||||
|
/* disable TasksMax= for the session scope, rely on the slice setting for it */
|
||||||
|
r = sd_bus_message_append(m, "(sv)", "TasksMax", "t", UINT64_MAX);
|
||||||
|
if (r < 0)
|
48
0229-man-rework-description-of-OOMPolicy-a-bit.patch
Normal file
48
0229-man-rework-description-of-OOMPolicy-a-bit.patch
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
From 1e066581a0bdfe5848dfc701e84e5d7d431699f5 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||||
|
Date: Tue, 13 Dec 2022 15:25:55 +0100
|
||||||
|
Subject: [PATCH] man: rework description of OOMPolicy= a bit
|
||||||
|
|
||||||
|
One had to read to the very end of the long description to notice that
|
||||||
|
the setting is actually primarily intended for oomd. So let's mention oomd
|
||||||
|
right at the beginning.
|
||||||
|
|
||||||
|
(cherry picked from commit 100d37d4f3111a97f51e37b51eea9243cb037b61)
|
||||||
|
|
||||||
|
Resolves: #2176918
|
||||||
|
---
|
||||||
|
man/systemd.service.xml | 19 ++++++++++---------
|
||||||
|
1 file changed, 10 insertions(+), 9 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/man/systemd.service.xml b/man/systemd.service.xml
|
||||||
|
index 8d8dd77689..cae520ceab 100644
|
||||||
|
--- a/man/systemd.service.xml
|
||||||
|
+++ b/man/systemd.service.xml
|
||||||
|
@@ -1123,17 +1123,18 @@
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>OOMPolicy=</varname></term>
|
||||||
|
|
||||||
|
- <listitem><para>Configure the out-of-memory (OOM) kernel killer policy. Note that the userspace OOM
|
||||||
|
+ <listitem><para>Configure the out-of-memory (OOM) killing policy for the kernel and the userspace OOM
|
||||||
|
killer
|
||||||
|
- <citerefentry><refentrytitle>systemd-oomd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
|
||||||
|
- is a more flexible solution that aims to prevent out-of-memory situations for the userspace, not just
|
||||||
|
- the kernel.</para>
|
||||||
|
-
|
||||||
|
- <para>On Linux, when memory becomes scarce to the point that the kernel has trouble allocating memory
|
||||||
|
- for itself, it might decide to kill a running process in order to free up memory and reduce memory
|
||||||
|
- pressure. This setting takes one of <constant>continue</constant>, <constant>stop</constant> or
|
||||||
|
+ <citerefentry><refentrytitle>systemd-oomd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
|
||||||
|
+ On Linux, when memory becomes scarce to the point that the kernel has trouble allocating memory for
|
||||||
|
+ itself, it might decide to kill a running process in order to free up memory and reduce memory
|
||||||
|
+ pressure. Note that <filename>systemd-oomd.service</filename> is a more flexible solution that aims
|
||||||
|
+ to prevent out-of-memory situations for the userspace too, not just the kernel, by attempting to
|
||||||
|
+ terminate services earlier, before the kernel would have to act.</para>
|
||||||
|
+
|
||||||
|
+ <para>This setting takes one of <constant>continue</constant>, <constant>stop</constant> or
|
||||||
|
<constant>kill</constant>. If set to <constant>continue</constant> and a process of the service is
|
||||||
|
- killed by the kernel's OOM killer this is logged but the service continues running. If set to
|
||||||
|
+ killed by the OOM killer, this is logged but the service continues running. If set to
|
||||||
|
<constant>stop</constant> the event is logged but the service is terminated cleanly by the service
|
||||||
|
manager. If set to <constant>kill</constant> and one of the service's processes is killed by the OOM
|
||||||
|
killer the kernel is instructed to kill all remaining processes of the service too, by setting the
|
@ -0,0 +1,93 @@
|
|||||||
|
From 53464ce69ec5202b9abfb35ddbd58c61e2e0ba18 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||||
|
Date: Tue, 13 Dec 2022 15:26:58 +0100
|
||||||
|
Subject: [PATCH] core,man: add missing integration of OOMPolicy= in scopes
|
||||||
|
|
||||||
|
Fixup for 5fa098357e0ea9f05b00ed5b04a36ef9f64037db.
|
||||||
|
|
||||||
|
(cherry picked from commit d5a1657d5a78e9a101fa91e60921bed54ec162b8)
|
||||||
|
|
||||||
|
Resolves: #2176918
|
||||||
|
---
|
||||||
|
man/systemd.scope.xml | 2 ++
|
||||||
|
man/systemd.service.xml | 22 ++++++++++------------
|
||||||
|
src/core/load-fragment-gperf.gperf.in | 1 +
|
||||||
|
3 files changed, 13 insertions(+), 12 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/man/systemd.scope.xml b/man/systemd.scope.xml
|
||||||
|
index 17d2700069..95969bf097 100644
|
||||||
|
--- a/man/systemd.scope.xml
|
||||||
|
+++ b/man/systemd.scope.xml
|
||||||
|
@@ -105,6 +105,8 @@
|
||||||
|
of scope units are the following:</para>
|
||||||
|
|
||||||
|
<variablelist class='unit-directives'>
|
||||||
|
+ <xi:include href="systemd.service.xml" xpointer="oom-policy" />
|
||||||
|
+
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>RuntimeMaxSec=</varname></term>
|
||||||
|
|
||||||
|
diff --git a/man/systemd.service.xml b/man/systemd.service.xml
|
||||||
|
index cae520ceab..1c9e59f722 100644
|
||||||
|
--- a/man/systemd.service.xml
|
||||||
|
+++ b/man/systemd.service.xml
|
||||||
|
@@ -1120,7 +1120,7 @@
|
||||||
|
above.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
- <varlistentry>
|
||||||
|
+ <varlistentry id='oom-policy'>
|
||||||
|
<term><varname>OOMPolicy=</varname></term>
|
||||||
|
|
||||||
|
<listitem><para>Configure the out-of-memory (OOM) killing policy for the kernel and the userspace OOM
|
||||||
|
@@ -1133,18 +1133,17 @@
|
||||||
|
terminate services earlier, before the kernel would have to act.</para>
|
||||||
|
|
||||||
|
<para>This setting takes one of <constant>continue</constant>, <constant>stop</constant> or
|
||||||
|
- <constant>kill</constant>. If set to <constant>continue</constant> and a process of the service is
|
||||||
|
- killed by the OOM killer, this is logged but the service continues running. If set to
|
||||||
|
- <constant>stop</constant> the event is logged but the service is terminated cleanly by the service
|
||||||
|
- manager. If set to <constant>kill</constant> and one of the service's processes is killed by the OOM
|
||||||
|
- killer the kernel is instructed to kill all remaining processes of the service too, by setting the
|
||||||
|
+ <constant>kill</constant>. If set to <constant>continue</constant> and a process in the unit is
|
||||||
|
+ killed by the OOM killer, this is logged but the unit continues running. If set to
|
||||||
|
+ <constant>stop</constant> the event is logged but the unit is terminated cleanly by the service
|
||||||
|
+ manager. If set to <constant>kill</constant> and one of the unit's processes is killed by the OOM
|
||||||
|
+ killer the kernel is instructed to kill all remaining processes of the unit too, by setting the
|
||||||
|
<filename>memory.oom.group</filename> attribute to <constant>1</constant>; also see <ulink
|
||||||
|
- url="https://docs.kernel.org/admin-guide/cgroup-v2.html">kernel documentation</ulink>.
|
||||||
|
- </para>
|
||||||
|
+ url="https://docs.kernel.org/admin-guide/cgroup-v2.html">kernel documentation</ulink>.</para>
|
||||||
|
|
||||||
|
<para>Defaults to the setting <varname>DefaultOOMPolicy=</varname> in
|
||||||
|
<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||||
|
- is set to, except for services where <varname>Delegate=</varname> is turned on, where it defaults to
|
||||||
|
+ is set to, except for units where <varname>Delegate=</varname> is turned on, where it defaults to
|
||||||
|
<constant>continue</constant>.</para>
|
||||||
|
|
||||||
|
<para>Use the <varname>OOMScoreAdjust=</varname> setting to configure whether processes of the unit
|
||||||
|
@@ -1154,10 +1153,9 @@
|
||||||
|
details.</para>
|
||||||
|
|
||||||
|
<para>This setting also applies to <command>systemd-oomd</command>. Similarly to the kernel OOM
|
||||||
|
- kills, this setting determines the state of the service after <command>systemd-oomd</command> kills a
|
||||||
|
- cgroup associated with the service.</para></listitem>
|
||||||
|
+ kills, this setting determines the state of the unit after <command>systemd-oomd</command> kills a
|
||||||
|
+ cgroup associated with it.</para></listitem>
|
||||||
|
</varlistentry>
|
||||||
|
-
|
||||||
|
</variablelist>
|
||||||
|
|
||||||
|
<para id='shared-unit-options'>Check
|
||||||
|
diff --git a/src/core/load-fragment-gperf.gperf.in b/src/core/load-fragment-gperf.gperf.in
|
||||||
|
index 7675b7bb2e..81a5971339 100644
|
||||||
|
--- a/src/core/load-fragment-gperf.gperf.in
|
||||||
|
+++ b/src/core/load-fragment-gperf.gperf.in
|
||||||
|
@@ -555,6 +555,7 @@ Path.TriggerLimitBurst, config_parse_unsigned,
|
||||||
|
Scope.RuntimeMaxSec, config_parse_sec, 0, offsetof(Scope, runtime_max_usec)
|
||||||
|
Scope.RuntimeRandomizedExtraSec, config_parse_sec, 0, offsetof(Scope, runtime_rand_extra_usec)
|
||||||
|
Scope.TimeoutStopSec, config_parse_sec, 0, offsetof(Scope, timeout_stop_usec)
|
||||||
|
+Scope.OOMPolicy, config_parse_oom_policy, 0, offsetof(Scope, oom_policy)
|
||||||
|
{# The [Install] section is ignored here #}
|
||||||
|
Install.Alias, NULL, 0, 0
|
||||||
|
Install.WantedBy, NULL, 0, 0
|
161
0231-meson-Store-fuzz-tests-in-structured-way.patch
Normal file
161
0231-meson-Store-fuzz-tests-in-structured-way.patch
Normal file
@ -0,0 +1,161 @@
|
|||||||
|
From d2bab1cb6c0d7242dbaca55d507f886f7ec0fa6c Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Michal=20Koutn=C3=BD?= <mkoutny@suse.com>
|
||||||
|
Date: Thu, 6 Oct 2022 19:06:08 +0200
|
||||||
|
Subject: [PATCH] meson: Store fuzz tests in structured way
|
||||||
|
|
||||||
|
Put fuzzer tests into dictionary that maps `fuzzer->list of inputs`
|
||||||
|
instead of the flat list.
|
||||||
|
This is just refactoring with no intentional .
|
||||||
|
|
||||||
|
(cherry picked from commit 7db5761ddaa53eba197b5abc485e3290f47c661f)
|
||||||
|
|
||||||
|
Related: #2176918
|
||||||
|
---
|
||||||
|
meson.build | 69 ++++++++++++++++++-------------------------
|
||||||
|
test/fuzz/meson.build | 22 ++++++++++----
|
||||||
|
2 files changed, 45 insertions(+), 46 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/meson.build b/meson.build
|
||||||
|
index 35704947e3..dc7388cfe3 100644
|
||||||
|
--- a/meson.build
|
||||||
|
+++ b/meson.build
|
||||||
|
@@ -4013,19 +4013,14 @@ foreach tuple : fuzzers
|
||||||
|
build_by_default : fuzzer_build)
|
||||||
|
fuzzer_exes += exe
|
||||||
|
|
||||||
|
- if want_tests != 'false'
|
||||||
|
+ if want_tests != 'false' and name in fuzz_regression_tests
|
||||||
|
# Run the fuzz regression tests without any sanitizers enabled.
|
||||||
|
# Additional invocations with sanitizers may be added below.
|
||||||
|
- foreach p : fuzz_regression_tests
|
||||||
|
- b = p.split('/')[-2]
|
||||||
|
- c = p.split('/')[-1]
|
||||||
|
-
|
||||||
|
- if b == name
|
||||||
|
- test('@0@_@1@'.format(b, c),
|
||||||
|
- exe,
|
||||||
|
- suite : 'fuzzers',
|
||||||
|
- args : [project_source_root / p])
|
||||||
|
- endif
|
||||||
|
+ foreach fuzz_in : fuzz_regression_tests[name]
|
||||||
|
+ test('@0@_@1@'.format(name, fuzz_in),
|
||||||
|
+ exe,
|
||||||
|
+ suite : 'fuzzers',
|
||||||
|
+ args : [project_source_root / fuzz_testsdir / name / fuzz_in])
|
||||||
|
endforeach
|
||||||
|
endif
|
||||||
|
endforeach
|
||||||
|
@@ -4128,45 +4123,39 @@ endif
|
||||||
|
############################################################
|
||||||
|
|
||||||
|
# Enable tests for all supported sanitizers
|
||||||
|
-foreach tuple : sanitizers
|
||||||
|
+foreach tuple : fuzz_sanitizers
|
||||||
|
sanitizer = tuple[0]
|
||||||
|
build = tuple[1]
|
||||||
|
|
||||||
|
if cc.has_link_argument('-fsanitize=@0@'.format(sanitizer))
|
||||||
|
- prev = ''
|
||||||
|
- foreach p : fuzz_regression_tests
|
||||||
|
- b = p.split('/')[-2]
|
||||||
|
- c = p.split('/')[-1]
|
||||||
|
-
|
||||||
|
- name = '@0@:@1@'.format(b, sanitizer)
|
||||||
|
-
|
||||||
|
- if name != prev
|
||||||
|
- if want_tests == 'false'
|
||||||
|
- message('Not compiling @0@ because tests is set to false'.format(name))
|
||||||
|
- elif fuzz_tests
|
||||||
|
- exe = custom_target(
|
||||||
|
- name,
|
||||||
|
- output : name,
|
||||||
|
- depends : build,
|
||||||
|
- command : [ln, '-fs',
|
||||||
|
- build.full_path() / b,
|
||||||
|
- '@OUTPUT@'],
|
||||||
|
- build_by_default : true)
|
||||||
|
- else
|
||||||
|
- message('Not compiling @0@ because fuzz-tests is set to false'.format(name))
|
||||||
|
- endif
|
||||||
|
+ foreach fuzzer, fuzz_ins : fuzz_regression_tests
|
||||||
|
+ name = '@0@:@1@'.format(fuzzer, sanitizer)
|
||||||
|
+ if want_tests == 'false'
|
||||||
|
+ message('Not compiling @0@ because tests is set to false'.format(name))
|
||||||
|
+ continue
|
||||||
|
endif
|
||||||
|
- prev = name
|
||||||
|
-
|
||||||
|
- if fuzz_tests
|
||||||
|
- test('@0@_@1@_@2@'.format(b, c, sanitizer),
|
||||||
|
+ if not fuzz_tests
|
||||||
|
+ message('Not compiling @0@ because fuzz-tests is set to false'.format(name))
|
||||||
|
+ continue
|
||||||
|
+ endif
|
||||||
|
+ exe = custom_target(
|
||||||
|
+ name,
|
||||||
|
+ output : name,
|
||||||
|
+ depends : build,
|
||||||
|
+ command : [ln, '-fs',
|
||||||
|
+ build.full_path() / fuzzer,
|
||||||
|
+ '@OUTPUT@'],
|
||||||
|
+ build_by_default : true)
|
||||||
|
+
|
||||||
|
+ foreach fuzz_in : fuzz_ins
|
||||||
|
+ test('@0@_@1@_@2@'.format(fuzzer, fuzz_in, sanitizer),
|
||||||
|
env,
|
||||||
|
suite : 'fuzz+san',
|
||||||
|
env : ['UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1'],
|
||||||
|
timeout : 60,
|
||||||
|
args : [exe.full_path(),
|
||||||
|
- project_source_root / p])
|
||||||
|
- endif
|
||||||
|
+ project_source_root / fuzz_testsdir / fuzzer / fuzz_in])
|
||||||
|
+ endforeach
|
||||||
|
endforeach
|
||||||
|
endif
|
||||||
|
endforeach
|
||||||
|
diff --git a/test/fuzz/meson.build b/test/fuzz/meson.build
|
||||||
|
index 80362d4154..82738fd1b7 100644
|
||||||
|
--- a/test/fuzz/meson.build
|
||||||
|
+++ b/test/fuzz/meson.build
|
||||||
|
@@ -16,24 +16,34 @@ sanitize_address_undefined = custom_target(
|
||||||
|
' '.join(cc.cmd_array()),
|
||||||
|
cxx_cmd])
|
||||||
|
|
||||||
|
-sanitizers = [['address,undefined', sanitize_address_undefined]]
|
||||||
|
+fuzz_sanitizers = [['address,undefined', sanitize_address_undefined]]
|
||||||
|
+fuzz_testsdir = 'test/fuzz'
|
||||||
|
|
||||||
|
if git.found() and fs.exists(project_source_root / '.git')
|
||||||
|
out = run_command(env, '-u', 'GIT_WORK_TREE',
|
||||||
|
git, '--git-dir=@0@/.git'.format(project_source_root),
|
||||||
|
- 'ls-files', ':/test/fuzz/*/*',
|
||||||
|
+ 'ls-files', ':/@0@/*/*'.format(fuzz_testsdir),
|
||||||
|
check: true)
|
||||||
|
else
|
||||||
|
- out = run_command(sh, '-c', 'cd "@0@"; echo test/fuzz/*/*'.format(project_source_root), check: true)
|
||||||
|
+ out = run_command(sh, '-c', 'cd "@0@"; echo @1@/*/*'.format(project_source_root, fuzz_testsdir), check: true)
|
||||||
|
endif
|
||||||
|
|
||||||
|
-fuzz_regression_tests = []
|
||||||
|
+fuzz_regression_tests = {}
|
||||||
|
foreach p : out.stdout().split()
|
||||||
|
# Remove the last entry which is ''.
|
||||||
|
#
|
||||||
|
# Also, backslashes get mangled, so skip test. See
|
||||||
|
# https://github.com/mesonbuild/meson/issues/1564.
|
||||||
|
- if not p.contains('\\')
|
||||||
|
- fuzz_regression_tests += p
|
||||||
|
+ if p.contains('\\')
|
||||||
|
+ continue
|
||||||
|
endif
|
||||||
|
+ fuzzer = p.split('/')[-2]
|
||||||
|
+ fuzz_in = p.split('/')[-1]
|
||||||
|
+ if fuzzer not in fuzz_regression_tests
|
||||||
|
+ fuzz_regression_tests += {fuzzer: []}
|
||||||
|
+ endif
|
||||||
|
+ # Meson parser provision for: fuzz_regression_tests[fuzzer] += [fuzz_in]
|
||||||
|
+ l = fuzz_regression_tests[fuzzer]
|
||||||
|
+ l += [fuzz_in]
|
||||||
|
+ fuzz_regression_tests += {fuzzer: l}
|
||||||
|
endforeach
|
2560
0232-meson-Generate-fuzzer-inputs-with-directives.patch
Normal file
2560
0232-meson-Generate-fuzzer-inputs-with-directives.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,35 @@
|
|||||||
|
From a810aef1f95727ec3e044441bf02e0261b2e09ec Mon Sep 17 00:00:00 2001
|
||||||
|
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||||
|
Date: Sat, 7 Jan 2023 10:27:05 +0100
|
||||||
|
Subject: [PATCH] oss-fuzz: include generated corpora in the final zip file
|
||||||
|
|
||||||
|
Since the files with generated directives are now automatically
|
||||||
|
generated during build, they're now under the respective build directory
|
||||||
|
which the current oss-fuzz CI script didn't account for.
|
||||||
|
|
||||||
|
Follow-up to: #24958
|
||||||
|
Fixes: #25859
|
||||||
|
|
||||||
|
(cherry picked from commit bef8d18b3f9776fdb28fc9a4820f9ce9418422f9)
|
||||||
|
|
||||||
|
Related: #2176918
|
||||||
|
---
|
||||||
|
tools/oss-fuzz.sh | 5 ++++-
|
||||||
|
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/tools/oss-fuzz.sh b/tools/oss-fuzz.sh
|
||||||
|
index 793411ed84..7e9312b833 100755
|
||||||
|
--- a/tools/oss-fuzz.sh
|
||||||
|
+++ b/tools/oss-fuzz.sh
|
||||||
|
@@ -97,7 +97,10 @@ rm -rf "$hosts"
|
||||||
|
# The seed corpus is a separate flat archive for each fuzzer,
|
||||||
|
# with a fixed name ${fuzzer}_seed_corpus.zip.
|
||||||
|
for d in test/fuzz/fuzz-*; do
|
||||||
|
- zip -jqr "$OUT/$(basename "$d")_seed_corpus.zip" "$d"
|
||||||
|
+ fuzzer="$(basename "$d")"
|
||||||
|
+ # Include the build-generated corpora if any as well
|
||||||
|
+ readarray -t generated < <(find "$build/test/fuzz" -maxdepth 1 -name "${fuzzer}*" -type f)
|
||||||
|
+ zip -jqr "$OUT/${fuzzer}_seed_corpus.zip" "$d" "${generated[@]}"
|
||||||
|
done
|
||||||
|
|
||||||
|
# get fuzz-dns-packet corpus
|
@ -0,0 +1,38 @@
|
|||||||
|
From 25223b64f043d9b78d1f70ee7e4a2a3b7a579a84 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jan Macku <jamacku@redhat.com>
|
||||||
|
Date: Fri, 17 Mar 2023 14:00:15 +0100
|
||||||
|
Subject: [PATCH] unit: In cgroupv1, gracefully terminate delegated scopes
|
||||||
|
again
|
||||||
|
|
||||||
|
Instantly killing delegated scopes is just not viable for our
|
||||||
|
needs in OCP 4.13 in cgroupv1 mode. We will accept the possibility
|
||||||
|
of timeouts instead.
|
||||||
|
|
||||||
|
Co-authored-by: Colin Walters <walters@verbum.org>
|
||||||
|
|
||||||
|
rhel-only
|
||||||
|
|
||||||
|
Resolves: #2180120
|
||||||
|
---
|
||||||
|
src/core/unit.c | 7 ++++++-
|
||||||
|
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/core/unit.c b/src/core/unit.c
|
||||||
|
index c319e99d71..0d1a590a3f 100644
|
||||||
|
--- a/src/core/unit.c
|
||||||
|
+++ b/src/core/unit.c
|
||||||
|
@@ -4616,8 +4616,13 @@ int unit_kill_context(
|
||||||
|
* however should not exist in non-delegated units. On the unified hierarchy that's different,
|
||||||
|
* there we get proper events. Hence rely on them. */
|
||||||
|
|
||||||
|
+ /* (RHEL9): we patch out a check for delegation here that exists upstream
|
||||||
|
+ * and accept a possible delayed shutdown due to races in favor of
|
||||||
|
+ * not just insta-killing the processes.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
|
||||||
|
- (detect_container() == 0 && !unit_cgroup_delegate(u)))
|
||||||
|
+ (detect_container() == 0))
|
||||||
|
wait_for_exit = true;
|
||||||
|
|
||||||
|
if (send_sighup) {
|
20
systemd.spec
20
systemd.spec
@ -21,7 +21,7 @@
|
|||||||
Name: systemd
|
Name: systemd
|
||||||
Url: https://systemd.io
|
Url: https://systemd.io
|
||||||
Version: 252
|
Version: 252
|
||||||
Release: 8%{?dist}
|
Release: 14%{?dist}
|
||||||
# For a breakdown of the licensing, see README
|
# For a breakdown of the licensing, see README
|
||||||
License: LGPLv2+ and MIT and GPLv2+
|
License: LGPLv2+ and MIT and GPLv2+
|
||||||
Summary: System and Service Manager
|
Summary: System and Service Manager
|
||||||
@ -304,6 +304,14 @@ Patch0223: 0223-test-add-coverage-for-26467.patch
|
|||||||
Patch0224: 0224-test-add-coverage-for-24177.patch
|
Patch0224: 0224-test-add-coverage-for-24177.patch
|
||||||
Patch0225: 0225-logind-session-make-stopping-of-idle-session-visible.patch
|
Patch0225: 0225-logind-session-make-stopping-of-idle-session-visible.patch
|
||||||
Patch0226: 0226-journal-file-Fix-return-value-in-bump_entry_array.patch
|
Patch0226: 0226-journal-file-Fix-return-value-in-bump_entry_array.patch
|
||||||
|
Patch0227: 0227-systemd-Support-OOMPolicy-in-scope-units.patch
|
||||||
|
Patch0228: 0228-systemd-Default-to-OOMPolicy-continue-for-login-sess.patch
|
||||||
|
Patch0229: 0229-man-rework-description-of-OOMPolicy-a-bit.patch
|
||||||
|
Patch0230: 0230-core-man-add-missing-integration-of-OOMPolicy-in-sco.patch
|
||||||
|
Patch0231: 0231-meson-Store-fuzz-tests-in-structured-way.patch
|
||||||
|
Patch0232: 0232-meson-Generate-fuzzer-inputs-with-directives.patch
|
||||||
|
Patch0233: 0233-oss-fuzz-include-generated-corpora-in-the-final-zip-.patch
|
||||||
|
Patch0234: 0234-unit-In-cgroupv1-gracefully-terminate-delegated-scop.patch
|
||||||
|
|
||||||
# Downstream-only patches (9000–9999)
|
# Downstream-only patches (9000–9999)
|
||||||
|
|
||||||
@ -1125,6 +1133,16 @@ getent passwd systemd-oom &>/dev/null || useradd -r -l -g systemd-oom -d / -s /s
|
|||||||
%files standalone-sysusers -f .file-list-standalone-sysusers
|
%files standalone-sysusers -f .file-list-standalone-sysusers
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Mar 21 2023 systemd maintenance team <systemd-maint@redhat.com> - 252-14
|
||||||
|
- systemd: Support OOMPolicy in scope units (#2176918)
|
||||||
|
- systemd: Default to OOMPolicy=continue for login session scopes (#2176918)
|
||||||
|
- man: rework description of OOMPolicy= a bit (#2176918)
|
||||||
|
- core,man: add missing integration of OOMPolicy= in scopes (#2176918)
|
||||||
|
- meson: Store fuzz tests in structured way (#2176918)
|
||||||
|
- meson: Generate fuzzer inputs with directives (#2176918)
|
||||||
|
- oss-fuzz: include generated corpora in the final zip file (#2176918)
|
||||||
|
- unit: In cgroupv1, gracefully terminate delegated scopes again (#2180120)
|
||||||
|
|
||||||
* Mon Feb 27 2023 systemd maintenance team <systemd-maint@redhat.com> - 252-8
|
* Mon Feb 27 2023 systemd maintenance team <systemd-maint@redhat.com> - 252-8
|
||||||
- journal-file: Fix return value in bump_entry_array() (#2173682)
|
- journal-file: Fix return value in bump_entry_array() (#2173682)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user