analyze: show ungrouped syscalls separately (#17343)

This updates the "systemd-analyze syscall-filter" command to show a
special section of syscalls that are included in @known but in no other
group. Typically this should show syscalls we either should add to any
of the existing groups or where we unsure were they best fit in.

Right now, it mostly shows arch-specific compat syscalls, we probably
should move "@obsolete". This patch doesn't add thta however.
This commit is contained in:
Lennart Poettering 2020-10-14 10:31:59 +02:00 committed by GitHub
parent 5fad3913e2
commit a748b122be
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 28 additions and 7 deletions

4
TODO
View File

@ -29,10 +29,6 @@ Features:
* Add service setting to run a service within the specified VRF. i.e. do the
equivalent of "ip vrf exec".
* systemd-analyze syscall-filter should show a list of syscalls listed in
@known but not in other groups (at least at debug level), since they are
candidates to be added to them.
* export action of device object on sd-device, so that monitor becomes useful
* add root=tmpfs that mounts a tmpfs to /sysroot (to be used in combination

View File

@ -1685,7 +1685,7 @@ static int load_kernel_syscalls(Set **ret) {
return 0;
}
static void kernel_syscalls_remove(Set *s, const SyscallFilterSet *set) {
static void syscall_set_remove(Set *s, const SyscallFilterSet *set) {
const char *syscall;
NULSTR_FOREACH(syscall, set->value) {
@ -1716,9 +1716,14 @@ static int dump_syscall_filters(int argc, char *argv[], void *userdata) {
(void) pager_open(arg_pager_flags);
if (strv_isempty(strv_skip(argv, 1))) {
_cleanup_set_free_ Set *kernel = NULL;
_cleanup_set_free_ Set *kernel = NULL, *known = NULL;
const char *sys;
int i, k;
NULSTR_FOREACH(sys, syscall_filter_sets[SYSCALL_FILTER_SET_KNOWN].value)
if (set_put_strdup(&known, sys) < 0)
return log_oom();
k = load_kernel_syscalls(&kernel);
for (i = 0; i < _SYSCALL_FILTER_SET_MAX; i++) {
@ -1727,10 +1732,30 @@ static int dump_syscall_filters(int argc, char *argv[], void *userdata) {
puts("");
dump_syscall_filter(set);
kernel_syscalls_remove(kernel, set);
syscall_set_remove(kernel, set);
if (i != SYSCALL_FILTER_SET_KNOWN)
syscall_set_remove(known, set);
first = false;
}
if (!set_isempty(known)) {
_cleanup_free_ char **l = NULL;
char **syscall;
printf("\n"
"# %sUngrouped System Calls%s (known but not included in any of the groups except @known):\n",
ansi_highlight(), ansi_normal());
l = set_get_strv(known);
if (!l)
return log_oom();
strv_sort(l);
STRV_FOREACH(syscall, l)
printf("# %s\n", *syscall);
}
if (k < 0) {
fputc('\n', stdout);
fflush(stdout);