qemu-e2k/util
Eric Blake 7ade2b186d systemd: Also clear LISTEN_FDNAMES during systemd socket activation
Some time after systemd documented LISTEN_PID and LISTEN_FDS for
socket activation, they later added LISTEN_FDNAMES; now documented at:
https://www.freedesktop.org/software/systemd/man/sd_listen_fds.html

In particular, look at the implementation of sd_listen_fds_with_names():
https://github.com/systemd/systemd/blob/main/src/libsystemd/sd-daemon/sd-daemon.c

If we ever pass LISTEN_PID=xxx and LISTEN_FDS=n to a child process,
but leave LISTEN_FDNAMES=... unchanged as inherited from our parent
process, then our child process using sd_listen_fds_with_names() might
see a mismatch in the number of names (unexpected -EINVAL failure), or
even if the number of names matches the values of those names may be
unexpected (with even less predictable results).

Usually, this is not an issue - the point of LISTEN_PID is to tell
systemd socket activation to ignore all other LISTEN_* if they were
not directed to this particular pid.  But if we end up consuming a
socket directed to this qemu process, and later decide to spawn a
child process that also needs systemd socket activation, we must
ensure we are not leaking any stale systemd variables through to that
child.  The easiest way to do this is to wipe ALL LISTEN_* variables
at the time we consume a socket, even if we do not yet care about a
LISTEN_FDNAMES passed in from the parent process.

See also https://lists.freedesktop.org/archives/systemd-devel/2023-March/048920.html

Thanks: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20230324153349.1123774-1-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2023-05-03 14:00:08 -05:00
..
aio-posix.c aio: make aio_set_fd_poll() static to aio-posix.c 2023-03-13 15:23:37 +04:00
aio-posix.h
aio-wait.c aio_wait_kick: add missing memory barrier 2022-06-24 17:07:06 +02:00
aio-win32.c win32: avoid mixing SOCKET and file descriptor space 2023-03-13 15:39:31 +04:00
aiocb.c
async-teardown.c Fix non-first inclusions of qemu/osdep.h 2023-02-08 07:28:05 +01:00
async.c async: avoid use-after-free on re-entrancy guard 2023-05-02 10:03:26 +02:00
atomic64.c
base64.c
bitmap.c migration: Use non-atomic ops for clear log bitmap 2022-11-21 11:58:10 +01:00
bitops.c replace TABs with spaces 2023-03-20 12:43:50 +01:00
block-helpers.c
block-helpers.h
buffer.c
bufferiszero.c include/qemu/cpuid: Introduce xgetbv_low 2023-03-05 13:44:07 -08:00
cacheflush.c util/cacheflush: fix cache on windows-arm64 2023-02-21 08:53:03 -10:00
compatfd.c util: replace pipe()+cloexec with g_unix_open_pipe() 2022-05-03 15:18:14 +04:00
coroutine-sigaltstack.c
coroutine-ucontext.c coroutine-ucontext: use QEMU_DEFINE_STATIC_CO_TLS() 2022-05-04 15:55:23 +02:00
coroutine-win32.c coroutine-win32: use QEMU_DEFINE_STATIC_CO_TLS() 2022-05-04 15:55:23 +02:00
crc32c.c
crc-ccitt.c
cutils.c util: remove support for hex numbers with a scaling suffix 2023-01-06 00:51:02 +01:00
dbus.c
drm.c
envlist.c replace TABs with spaces 2023-03-20 12:43:50 +01:00
error-report.c util/error: add G_GNUC_PRINTF for various functions 2023-01-11 10:44:34 +01:00
error.c util/error: Fix use-after-free errors reported by Coverity 2023-04-06 12:38:42 -04:00
event_notifier-posix.c Replace qemu_pipe() with g_unix_open_pipe() 2022-05-03 15:17:56 +04:00
event_notifier-win32.c
fdmon-epoll.c aio-posix: fix race between epoll upgrade and aio_set_fd_handler() 2023-03-27 15:12:17 +02:00
fdmon-io_uring.c
fdmon-poll.c
fifo8.c
filemonitor-inotify.c
filemonitor-stub.c
getauxval.c
guest-random.c replay: Extract core API to 'exec/replay-core.h' 2023-02-27 22:29:01 +01:00
hbitmap.c hbitmap: fix hbitmap_status() return value for first dirty bit case 2023-02-17 14:34:24 +01:00
hexdump.c
host-utils.c host-utils: Implemented signed 256-by-128 division 2022-06-20 08:38:58 -03:00
id.c
int128.c include/qemu/int128: Use Int128 structure for TCI 2023-02-04 06:19:42 -10:00
interval-tree.c util: Add interval-tree.c 2022-12-20 17:09:41 -08:00
iov.c util: make do_send_recv work with partial send/recv 2022-10-12 19:22:01 +04:00
iova-tree.c util: accept iova_tree_remove_parameter by value 2022-09-02 10:22:39 +08:00
keyval.c
lockcnt.c
log.c log: Remove unneeded new line 2023-03-08 00:37:48 +01:00
main-loop.c async: Add an optional reentrancy guard to the BH API 2023-04-28 11:31:07 +02:00
memalign.c
memfd.c
meson.build util: import GTree as QTree 2023-03-28 15:23:10 -07:00
mmap-alloc.c util/mmap-alloc: qemu_fd_getfs() 2023-04-24 11:29:00 +02:00
module.c module: add Error arguments to module_load and module_load_qom 2022-11-06 09:48:50 +01:00
notify.c
nvdimm-utils.c
osdep.c error handling: Use RETRY_ON_EINTR() macro where applicable 2023-01-09 13:50:47 +01:00
oslib-posix.c util: drop qemu_fork() 2023-03-13 15:23:37 +04:00
oslib-win32.c win32: add qemu_close_socket_osfhandle() 2023-03-21 11:16:03 +04:00
path.c
qdist.c
qemu-co-shared-resource.c
qemu-co-timeout.c util: add qemu-co-timeout 2022-06-29 10:56:12 +03:00
qemu-config.c error: Drop superfluous #include "qapi/qmp/qerror.h" 2023-02-23 13:56:14 +01:00
qemu-coroutine-io.c
qemu-coroutine-lock.c qemu-coroutine-lock: add smp_mb__after_rmw() 2023-03-07 12:39:53 +01:00
qemu-coroutine-sleep.c coroutine: Clean up superfluous inclusion of qemu/coroutine.h 2023-01-19 10:18:28 +01:00
qemu-coroutine.c qemu-coroutine: remove qatomic_mb_read() 2023-04-20 11:17:35 +02:00
qemu-option.c
qemu-print.c
qemu-progress.c
qemu-sockets.c win32: replace closesocket() with close() wrapper 2023-03-13 15:39:31 +04:00
qemu-thread-common.h
qemu-thread-posix.c qemu-thread-posix: cleanup, fix, document QemuEvent 2023-03-07 12:38:40 +01:00
qemu-thread-win32.c qemu-thread-win32: cleanup, fix, document QemuEvent 2023-03-07 12:38:40 +01:00
qemu-timer-common.c
qemu-timer.c qemu-timer: Skip empty timer lists before locking in qemu_clock_deadline_ns_all 2022-06-21 09:24:34 -07:00
qht.c util/qht: use striped locks under TSAN 2023-02-02 11:48:20 +00:00
qsp.c
qtree.c tcg: use QTree instead of GTree 2023-03-28 15:23:10 -07:00
range.c
rcu.c
readline.c readline: Extract readline_add_completion_of() from monitor 2023-02-04 07:56:54 +01:00
selfmap.c
stats64.c stat64: Add stat64_set() operation 2023-04-27 16:39:43 +02:00
sys_membarrier.c
systemd.c systemd: Also clear LISTEN_FDNAMES during systemd socket activation 2023-05-03 14:00:08 -05:00
thread-context.c qapi: Use returned bool to check for failure (again) 2022-12-14 16:19:35 +01:00
thread-pool.c thread-pool: avoid passing the pool parameter every time 2023-04-25 13:17:28 +02:00
throttle.c
timed-average.c
trace-events async: Add an optional reentrancy guard to the BH API 2023-04-28 11:31:07 +02:00
trace.h
transactions.c
unicode.c
uri.c Updated the FSF address to <https://www.gnu.org/licenses/> 2023-02-27 09:15:39 +01:00
userfaultfd.c util/userfaultfd: Support /dev/userfaultfd 2023-02-11 16:51:09 +01:00
uuid.c
vfio-helpers.c error handling: Use RETRY_ON_EINTR() macro where applicable 2023-01-09 13:50:47 +01:00
vhost-user-server.c block/export: only acquire AioContext once for vhost_user_server_stop() 2023-03-27 13:46:30 +02:00
yank.c