[systemd-commits] 2 commits - TODO src/shared

Lennart Poettering lennart at kemper.freedesktop.org
Tue Nov 4 09:52:55 PST 2014 

 TODO                    |    7 -------
 src/shared/memfd-util.c |    5 ++---
 2 files changed, 2 insertions(+), 10 deletions(-)

New commits:
commit db74cc0d4748f08d2c7c2e9cf82dce9ffce9c36b
Author: Lennart Poettering <lennart at poettering.net>
Date:   Tue Nov 4 18:52:31 2014 +0100

    util: when sealing memfds, also use F_SEAL_SEAL
    
    Let's be strict here, since its better to be safe than sorry.

diff --git a/src/shared/memfd-util.c b/src/shared/memfd-util.c
index 21ecf4b..6624c5e 100644
--- a/src/shared/memfd-util.c
+++ b/src/shared/memfd-util.c
@@ -101,7 +101,7 @@ int memfd_set_sealed(int fd) {
 
         assert(fd >= 0);
 
-        r = fcntl(fd, F_ADD_SEALS, F_SEAL_SHRINK | F_SEAL_GROW | F_SEAL_WRITE);
+        r = fcntl(fd, F_ADD_SEALS, F_SEAL_SHRINK | F_SEAL_GROW | F_SEAL_WRITE | F_SEAL_SEAL);
         if (r < 0)
                 return -errno;
 
@@ -117,8 +117,7 @@ int memfd_get_sealed(int fd) {
         if (r < 0)
                 return -errno;
 
-        return (r & (F_SEAL_SHRINK | F_SEAL_GROW | F_SEAL_WRITE)) ==
-                    (F_SEAL_SHRINK | F_SEAL_GROW | F_SEAL_WRITE);
+        return r == (F_SEAL_SHRINK | F_SEAL_GROW | F_SEAL_WRITE | F_SEAL_SEAL);
 }
 
 int memfd_get_size(int fd, uint64_t *sz) {

commit 936c200f6cc62f62f347b0e3cbfbf2355a44a17c
Author: Lennart Poettering <lennart at poettering.net>
Date:   Tue Nov 4 18:51:37 2014 +0100

    update TODO

diff --git a/TODO b/TODO
index b3c891e..77fc48b 100644
--- a/TODO
+++ b/TODO
@@ -496,13 +496,6 @@ Features:
 
 * update the kernel's TZ (sys_tz) when DST changes
 
-* sync down the system time to the RTC when:
-    - CLOCK_REALTIME makes jumps (the user explicitely requested a time set)
-    - DST/timezone changes && ntp is active && RTC-in-localtime (never do it without ntp)
-  This takes care of syncing ntpdate updates to the RTC, and DST updates for localtime
-  mode, it will never touch the RTC if the no reliable time source is active or the
-  user did not request anything like it.
-
 * add libsystemd-password or so to query passwords during boot using the password agent logic
 
 * If we show an error about a unit (such as not showing up) and it has no Description string, then show a description string generated form the reverse of unit_name_mangle().

More information about the systemd-commits mailing list