qemu/util
Eric Blake 7ade2b186d systemd: Also clear LISTEN_FDNAMES during systemd socket activation
Some time after systemd documented LISTEN_PID and LISTEN_FDS for
socket activation, they later added LISTEN_FDNAMES; now documented at:
https://www.freedesktop.org/software/systemd/man/sd_listen_fds.html

In particular, look at the implementation of sd_listen_fds_with_names():
https://github.com/systemd/systemd/blob/main/src/libsystemd/sd-daemon/sd-daemon.c

If we ever pass LISTEN_PID=xxx and LISTEN_FDS=n to a child process,
but leave LISTEN_FDNAMES=... unchanged as inherited from our parent
process, then our child process using sd_listen_fds_with_names() might
see a mismatch in the number of names (unexpected -EINVAL failure), or
even if the number of names matches the values of those names may be
unexpected (with even less predictable results).

Usually, this is not an issue - the point of LISTEN_PID is to tell
systemd socket activation to ignore all other LISTEN_* if they were
not directed to this particular pid.  But if we end up consuming a
socket directed to this qemu process, and later decide to spawn a
child process that also needs systemd socket activation, we must
ensure we are not leaking any stale systemd variables through to that
child.  The easiest way to do this is to wipe ALL LISTEN_* variables
at the time we consume a socket, even if we do not yet care about a
LISTEN_FDNAMES passed in from the parent process.

See also https://lists.freedesktop.org/archives/systemd-devel/2023-March/048920.html

Thanks: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20230324153349.1123774-1-eblake@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2023-05-03 14:00:08 -05:00
..
aio-posix.c aio: make aio_set_fd_poll() static to aio-posix.c 2023-03-13 15:23:37 +04:00
aio-posix.h aio-posix: fix spurious ->poll_ready() callbacks in main loop 2022-03-17 11:23:18 +00:00
aio-wait.c aio_wait_kick: add missing memory barrier 2022-06-24 17:07:06 +02:00
aio-win32.c win32: avoid mixing SOCKET and file descriptor space 2023-03-13 15:39:31 +04:00
aiocb.c
async-teardown.c Fix non-first inclusions of qemu/osdep.h 2023-02-08 07:28:05 +01:00
async.c async: avoid use-after-free on re-entrancy guard 2023-05-02 10:03:26 +02:00
atomic64.c osdep: Move memalign-related functions to their own header 2022-03-07 13:16:49 +00:00
base64.c nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
bitmap.c migration: Use non-atomic ops for clear log bitmap 2022-11-21 11:58:10 +01:00
bitops.c replace TABs with spaces 2023-03-20 12:43:50 +01:00
block-helpers.c block: move logical block size check function to a common utility function 2020-10-23 13:42:16 +01:00
block-helpers.h block: move logical block size check function to a common utility function 2020-10-23 13:42:16 +01:00
buffer.c nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
bufferiszero.c include/qemu/cpuid: Introduce xgetbv_low 2023-03-05 13:44:07 -08:00
cacheflush.c util/cacheflush: fix cache on windows-arm64 2023-02-21 08:53:03 -10:00
compatfd.c util: replace pipe()+cloexec with g_unix_open_pipe() 2022-05-03 15:18:14 +04:00
coroutine-sigaltstack.c Remove qemu-common.h include from most units 2022-04-06 14:31:55 +02:00
coroutine-ucontext.c coroutine-ucontext: use QEMU_DEFINE_STATIC_CO_TLS() 2022-05-04 15:55:23 +02:00
coroutine-win32.c coroutine-win32: use QEMU_DEFINE_STATIC_CO_TLS() 2022-05-04 15:55:23 +02:00
crc32c.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
crc-ccitt.c util: Add CRC16 (CCITT) calculation routines 2021-01-24 20:10:54 +01:00
cutils.c util: remove support for hex numbers with a scaling suffix 2023-01-06 00:51:02 +01:00
dbus.c util: add dbus helper unit 2020-01-06 18:41:32 +04:00
drm.c util/drm: make portable by avoiding struct dirent d_type 2020-07-13 14:36:10 +01:00
envlist.c replace TABs with spaces 2023-03-20 12:43:50 +01:00
error-report.c util/error: add G_GNUC_PRINTF for various functions 2023-01-11 10:44:34 +01:00
error.c util/error: Fix use-after-free errors reported by Coverity 2023-04-06 12:38:42 -04:00
event_notifier-posix.c Replace qemu_pipe() with g_unix_open_pipe() 2022-05-03 15:17:56 +04:00
event_notifier-win32.c Remove qemu-common.h include from most units 2022-04-06 14:31:55 +02:00
fdmon-epoll.c aio-posix: fix race between epoll upgrade and aio_set_fd_handler() 2023-03-27 15:12:17 +02:00
fdmon-io_uring.c aio-posix: fix build failure io_uring 2.2 2022-03-17 11:23:18 +00:00
fdmon-poll.c fdmon-poll: reset npfd when upgrading to fdmon-epoll 2020-09-23 13:45:52 +01:00
fifo8.c utils/fifo8: change fatal errors from abort() to assert() 2021-02-07 20:38:20 +00:00
filemonitor-inotify.c nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
filemonitor-stub.c nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
getauxval.c util/getauxval: Porting to FreeBSD getauxval feature 2020-06-26 06:45:29 -04:00
guest-random.c replay: Extract core API to 'exec/replay-core.h' 2023-02-27 22:29:01 +01:00
hbitmap.c hbitmap: fix hbitmap_status() return value for first dirty bit case 2023-02-17 14:34:24 +01:00
hexdump.c include: move C/util-related declarations to cutils.h 2022-04-06 14:31:43 +02:00
host-utils.c host-utils: Implemented signed 256-by-128 division 2022-06-20 08:38:58 -03:00
id.c net: Use id_generate() in the network subsystem, too 2021-03-09 21:47:45 +01:00
int128.c include/qemu/int128: Use Int128 structure for TCI 2023-02-04 06:19:42 -10:00
interval-tree.c util: Add interval-tree.c 2022-12-20 17:09:41 -08:00
iov.c util: make do_send_recv work with partial send/recv 2022-10-12 19:22:01 +04:00
iova-tree.c util: accept iova_tree_remove_parameter by value 2022-09-02 10:22:39 +08:00
keyval.c include: add qemu/keyval.h 2022-04-21 17:03:51 +04:00
lockcnt.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
log.c log: Remove unneeded new line 2023-03-08 00:37:48 +01:00
main-loop.c async: Add an optional reentrancy guard to the BH API 2023-04-28 11:31:07 +02:00
memalign.c osdep: Move memalign-related functions to their own header 2022-03-07 13:16:49 +00:00
memfd.c linux-user: add memfd_create 2019-09-11 08:46:17 +02:00
meson.build util: import GTree as QTree 2023-03-28 15:23:10 -07:00
mmap-alloc.c util/mmap-alloc: qemu_fd_getfs() 2023-04-24 11:29:00 +02:00
module.c module: add Error arguments to module_load and module_load_qom 2022-11-06 09:48:50 +01:00
notify.c xen / notify: introduce a new XenWatchList abstraction 2019-09-24 12:18:47 +01:00
nvdimm-utils.c Clean up includes 2020-12-10 17:16:44 +01:00
osdep.c error handling: Use RETRY_ON_EINTR() macro where applicable 2023-01-09 13:50:47 +01:00
oslib-posix.c util: drop qemu_fork() 2023-03-13 15:23:37 +04:00
oslib-win32.c win32: add qemu_close_socket_osfhandle() 2023-03-21 11:16:03 +04:00
path.c util/path: Do not cache all filenames at startup 2019-06-24 22:19:30 +02:00
qdist.c
qemu-co-shared-resource.c co-shared-resource: protect with a mutex 2021-06-25 14:24:24 +03:00
qemu-co-timeout.c util: add qemu-co-timeout 2022-06-29 10:56:12 +03:00
qemu-config.c error: Drop superfluous #include "qapi/qmp/qerror.h" 2023-02-23 13:56:14 +01:00
qemu-coroutine-io.c Remove qemu-common.h include from most units 2022-04-06 14:31:55 +02:00
qemu-coroutine-lock.c qemu-coroutine-lock: add smp_mb__after_rmw() 2023-03-07 12:39:53 +01:00
qemu-coroutine-sleep.c coroutine: Clean up superfluous inclusion of qemu/coroutine.h 2023-01-19 10:18:28 +01:00
qemu-coroutine.c qemu-coroutine: remove qatomic_mb_read() 2023-04-20 11:17:35 +02:00
qemu-option.c qemu-option: Allow deleting opts during qemu_opts_foreach() 2021-10-15 16:11:22 +02:00
qemu-print.c monitor: Use getter/setter functions for cur_mon 2020-10-09 07:08:19 +02:00
qemu-progress.c include: move progress API to qemu-progress.h 2022-04-06 14:31:43 +02:00
qemu-sockets.c win32: replace closesocket() with close() wrapper 2023-03-13 15:39:31 +04:00
qemu-thread-common.h Clean up includes 2018-12-20 10:29:08 +01:00
qemu-thread-posix.c qemu-thread-posix: cleanup, fix, document QemuEvent 2023-03-07 12:38:40 +01:00
qemu-thread-win32.c qemu-thread-win32: cleanup, fix, document QemuEvent 2023-03-07 12:38:40 +01:00
qemu-timer-common.c semihosting: Implement SYS_ELAPSED and SYS_TICKFREQ 2021-01-18 10:05:06 +00:00
qemu-timer.c qemu-timer: Skip empty timer lists before locking in qemu_clock_deadline_ns_all 2022-06-21 09:24:34 -07:00
qht.c util/qht: use striped locks under TSAN 2023-02-02 11:48:20 +00:00
qsp.c qemu/atomic: Add aligned_{int64,uint64}_t types 2021-07-21 07:45:38 -10:00
qtree.c tcg: use QTree instead of GTree 2023-03-28 15:23:10 -07:00
range.c Don't talk about the LGPL if the file is licensed under the GPL 2019-01-30 10:51:20 +01:00
rcu.c rcu: use coroutine TLS macros 2022-03-04 18:14:40 +01:00
readline.c readline: Extract readline_add_completion_of() from monitor 2023-02-04 07:56:54 +01:00
selfmap.c util/selfmap: Discard mapping on error 2021-07-26 07:06:49 -10:00
stats64.c stat64: Add stat64_set() operation 2023-04-27 16:39:43 +02:00
sys_membarrier.c
systemd.c systemd: Also clear LISTEN_FDNAMES during systemd socket activation 2023-05-03 14:00:08 -05:00
thread-context.c qapi: Use returned bool to check for failure (again) 2022-12-14 16:19:35 +01:00
thread-pool.c thread-pool: avoid passing the pool parameter every time 2023-04-25 13:17:28 +02:00
throttle.c Remove superfluous timer_del() calls 2021-01-08 15:13:38 +00:00
timed-average.c
trace-events async: Add an optional reentrancy guard to the BH API 2023-04-28 11:31:07 +02:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
transactions.c transactions: Invoke clean() after everything else 2021-11-16 09:43:44 +01:00
unicode.c json: Reject invalid UTF-8 sequences 2018-08-24 20:26:37 +02:00
uri.c Updated the FSF address to <https://www.gnu.org/licenses/> 2023-02-27 09:15:39 +01:00
userfaultfd.c util/userfaultfd: Support /dev/userfaultfd 2023-02-11 16:51:09 +01:00
uuid.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
vfio-helpers.c error handling: Use RETRY_ON_EINTR() macro where applicable 2023-01-09 13:50:47 +01:00
vhost-user-server.c block/export: only acquire AioContext once for vhost_user_server_stop() 2023-03-27 13:46:30 +02:00
yank.c yank: Remove dependency on qiochannel 2021-04-01 15:27:44 +04:00