powerel9
/
systemd
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

update systemd 250 

Signed-off-by: Toshaan Bharvani <toshaan@powerel.org>
master
Toshaan Bharvani 1 year ago
parent
6b286fa912
commit
e9b916bf27
346 changed files with 90271 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 29
      SOURCES/0034-Revert-kernel-install-also-remove-modules.builtin.al.patch
  2. 240
      SOURCES/0034-test-check-systemd-RPM-macros.patch
  3. 29
      SOURCES/0035-Revert-kernel-install-prefer-boot-over-boot-efi-for-.patch
  4. 161
      SOURCES/0035-test-do-not-assume-x86-64-arch-in-TEST-58-REPART.patch
  5. 60
      SOURCES/0036-kernel-install-50-depmod-port-to-bin-sh.patch
  6. 68
      SOURCES/0036-tests-add-repart-tests-for-block-devices-with-1024-2.patch
  7. 181
      SOURCES/0037-kernel-install-90-loaderentry-port-to-bin-sh.patch
  8. 31
      SOURCES/0037-test-accept-both-unpadded-and-padded-partition-sizes.patch
  9. 82
      SOURCES/0038-kernel-install-fix-shellcheck.patch
  10. 41
      SOURCES/0038-test-lvm-2.03.15-dropped-the-static-autoactivation.patch
  11. 205
      SOURCES/0039-kernel-install-port-to-bin-sh.patch
  12. 39
      SOURCES/0039-test-accept-GC-ed-units-in-newer-LVM.patch
  13. 51
      SOURCES/0040-kernel-install-90-loaderentry-error-out-on-nonexiste.patch
  14. 127
      SOURCES/0040-shared-Add-more-dlopen-tests.patch
  15. 68
      SOURCES/0041-kernel-install-don-t-pull-out-KERNEL_IMAGE.patch
  16. 36
      SOURCES/0041-systemctl-Show-how-long-a-service-ran-for-after-it-e.patch
  17. 32
      SOURCES/0042-kernel-install-prefer-boot-over-boot-efi-for-BOOT_RO.patch
  18. 130
      SOURCES/0042-time-util-introduce-TIMESTAMP_UNIX.patch
  19. 26
      SOURCES/0043-kernel-install-also-remove-modules.builtin.alias.bin.patch
  20. 49
      SOURCES/0043-systemctl-man-update-docs-for-timestamp.patch
  21. 77
      SOURCES/0044-kernel-install-add-new-variable-KERNEL_INSTALL_INITR.patch
  22. 69
      SOURCES/0044-systemctl-make-timestamp-affect-the-show-verb-as-wel.patch
  23. 32
      SOURCES/0045-kernel-install-k-i-already-creates-ENTRY_DIR_ABS-no-.patch
  24. 39
      SOURCES/0045-tests-allow-running-all-the-services-with-SYSTEMD_LO.patch
  25. 46
      SOURCES/0046-coredump-raise-the-coredump-save-size-on-64bit-syste.patch
  26. 118
      SOURCES/0046-kernel-install-prefix-errors-with-Error-exit-immedia.patch
  27. 108
      SOURCES/0047-kernel-install-add-KERNEL_INSTALL_STAGING_AREA-direc.patch
  28. 644
      SOURCES/0047-repart-fix-sector-size-handling.patch
  29. 25
      SOURCES/0048-kernel-install-add-missing-log-line.patch
  30. 36
      SOURCES/0048-mkdir-allow-to-create-directory-whose-path-contains-.patch
  31. 83
      SOURCES/0049-kernel-install-don-t-try-to-persist-used-machine-ID-.patch
  32. 26
      SOURCES/0049-mkdir-CHASE_NONEXISTENT-cannot-used-in-chase_symlink.patch
  33. 136
      SOURCES/0050-kernel-install-add-a-new-ENTRY_TOKEN-variable-for-na.patch
  34. 137
      SOURCES/0050-meson-move-efi-file-lists-closer-to-where-they-are-u.patch
  35. 59
      SOURCES/0051-kernel-install-only-generate-systemd.boot_id-in-kern.patch
  36. 77
      SOURCES/0051-meson-move-efi-summary-section-to-src-boot-efi.patch
  37. 75
      SOURCES/0052-kernel-install-search-harder-for-kernel-image-initrd.patch
  38. 53
      SOURCES/0052-meson-report-SBAT-settings.patch
  39. 79
      SOURCES/0053-boot-Build-BCD-parser-only-on-arches-supported-by-Wi.patch
  40. 68
      SOURCES/0053-kernel-install-add-new-inspect-verb-showing-paths-an.patch
  41. 276
      SOURCES/0054-bus-Use-OrderedSet-for-introspection.patch
  42. 96
      SOURCES/0054-meson-Remove-efi-cc-option.patch
  43. 25
      SOURCES/0055-meson-Get-objcopy-location-from-compiler.patch
  44. 109
      SOURCES/0055-udev-net_id-avoid-slot-based-names-only-for-single-f.patch
  45. 123
      SOURCES/0056-meson-Use-files-for-source-lists-for-boot-and-fundam.patch
  46. 68
      SOURCES/0056-shutdown-get-only-active-md-arrays.patch
  47. 1483
      SOURCES/0057-meson-Use-files-for-tests.patch
  48. 41
      SOURCES/0057-test-lvm-2.03.15-dropped-the-static-autoactivation.patch
  49. 35
      SOURCES/0058-ci-limit-which-env-variables-we-pass-through-sudo.patch
  50. 95
      SOURCES/0058-tests-add-fuzz-bcd.patch
  51. 335
      SOURCES/0059-meson-Use-files-for-fuzzers.patch
  52. 27
      SOURCES/0059-shared-Fix-memory-leak-in-bus_append_execute_propert.patch
  53. 137
      SOURCES/0060-meson-Add-check-argument-to-remaining-run_command-ca.patch
  54. 43
      SOURCES/0061-meson-Use-echo-to-list-files.patch
  55. 63
      SOURCES/0062-test-add-a-test-for-mkdir_p.patch
  56. 32
      SOURCES/0063-util-another-set-of-CVE-2021-4034-assert-s.patch
  57. 69
      SOURCES/0064-basic-update-CIFS-magic.patch
  58. 27
      SOURCES/0065-shared-be-extra-paranoid-and-check-if-argc-0.patch
  59. 27
      SOURCES/0066-core-check-if-argc-0-and-argv-0-is-set.patch
  60. 43
      SOURCES/0067-core-check-argc-argv-uncoditionally.patch
  61. 48
      SOURCES/0068-test-temporary-workaround-for-21819.patch
  62. 52
      SOURCES/0069-test-don-t-leak-local-variable-to-outer-scopes.patch
  63. 208
      SOURCES/0070-tree-wide-don-t-use-strjoina-on-getenv-values.patch
  64. 83
      SOURCES/0071-man-clarify-Environmentfile-format.patch
  65. 88
      SOURCES/0072-test-load-fragment-add-a-basic-test-for-config_parse.patch
  66. 119
      SOURCES/0073-core-execute-use-_cleanup_-in-exec_context_load_envi.patch
  67. 118
      SOURCES/0074-test-env-file-add-tests-for-quoting-in-env-files.patch
  68. 275
      SOURCES/0075-core-shorten-long-unit-names-that-are-based-on-paths.patch
  69. 42
      SOURCES/0076-tests-add-test-case-for-long-unit-names.patch
  70. 37
      SOURCES/0077-tests-reflect-that-we-can-now-handle-devices-with-ve.patch
  71. 63
      SOURCES/0078-test-extend-the-hashed-unit-names-coverage-a-bit.patch
  72. 29
      SOURCES/0079-Revert-kernel-install-also-remove-modules.builtin.al.patch
  73. 29
      SOURCES/0080-Revert-kernel-install-prefer-boot-over-boot-efi-for-.patch
  74. 60
      SOURCES/0081-kernel-install-50-depmod-port-to-bin-sh.patch
  75. 181
      SOURCES/0082-kernel-install-90-loaderentry-port-to-bin-sh.patch
  76. 82
      SOURCES/0083-kernel-install-fix-shellcheck.patch
  77. 205
      SOURCES/0084-kernel-install-port-to-bin-sh.patch
  78. 51
      SOURCES/0085-kernel-install-90-loaderentry-error-out-on-nonexiste.patch
  79. 68
      SOURCES/0086-kernel-install-don-t-pull-out-KERNEL_IMAGE.patch
  80. 32
      SOURCES/0087-kernel-install-prefer-boot-over-boot-efi-for-BOOT_RO.patch
  81. 26
      SOURCES/0088-kernel-install-also-remove-modules.builtin.alias.bin.patch
  82. 77
      SOURCES/0089-kernel-install-add-new-variable-KERNEL_INSTALL_INITR.patch
  83. 32
      SOURCES/0090-kernel-install-k-i-already-creates-ENTRY_DIR_ABS-no-.patch
  84. 118
      SOURCES/0091-kernel-install-prefix-errors-with-Error-exit-immedia.patch
  85. 108
      SOURCES/0092-kernel-install-add-KERNEL_INSTALL_STAGING_AREA-direc.patch
  86. 25
      SOURCES/0093-kernel-install-add-missing-log-line.patch
  87. 83
      SOURCES/0094-kernel-install-don-t-try-to-persist-used-machine-ID-.patch
  88. 136
      SOURCES/0095-kernel-install-add-a-new-ENTRY_TOKEN-variable-for-na.patch
  89. 59
      SOURCES/0096-kernel-install-only-generate-systemd.boot_id-in-kern.patch
  90. 75
      SOURCES/0097-kernel-install-search-harder-for-kernel-image-initrd.patch
  91. 68
      SOURCES/0098-kernel-install-add-new-inspect-verb-showing-paths-an.patch
  92. 97
      SOURCES/0099-ci-Mergify-configuration-update.patch
  93. 34
      SOURCES/0100-ci-Mergify-fix-copy-paste-bug.patch
  94. 26
      SOURCES/0101-shared-Fix-memory-leak-in-bus_append_execute_propert.patch
  95. 187
      SOURCES/0102-fuzz-no-longer-skip-empty-files.patch
  96. 276
      SOURCES/0103-networkctl-open-the-bus-just-once.patch
  97. 55
      SOURCES/0104-json-align-table.patch
  98. 60
      SOURCES/0105-fuzz-json-optionally-allow-logging-and-output.patch
  99. 435
      SOURCES/0106-shared-json-reduce-scope-of-variables.patch
  100. 97
      SOURCES/0107-fuzz-json-also-do-sorting-and-normalizing-and-other-.patch
  101. Some files were not shown because too many files have changed in this diff Show More

29
SOURCES/0034-Revert-kernel-install-also-remove-modules.builtin.al.patch
Unescape View File

@ -0,0 +1,29 @@ @@ -0,0 +1,29 @@
From c8e786f039efec9e509b839ab8b82237d9344398 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 17 Mar 2022 12:35:35 +0100
Subject: [PATCH] Revert "kernel-install: also remove
modules.builtin.alias.bin"

This reverts commit fdcb1bf67371615f12c4b11283f2bd6a25bda019.

Related: #2065061

[msekleta: this revert is done in order to make backporting easier,
patch will be reapplied later.]
---
src/kernel-install/50-depmod.install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index fd00c43632..2fd959865f 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -36,7 +36,7 @@ case "$COMMAND" in
remove)
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "Removing /lib/modules/${KERNEL_VERSION}/modules.dep and associated files"
- exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin{,.alias}.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
+ exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
;;
*)
exit 0

240
SOURCES/0034-test-check-systemd-RPM-macros.patch
Unescape View File

@ -0,0 +1,240 @@ @@ -0,0 +1,240 @@
From 29cda567564d548cce5867c9d054ebb6cefcdca0 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 3 Mar 2022 20:30:43 +0100
Subject: [PATCH] test: check systemd RPM macros

Make sure our RPM macros work as intended. Based on the original PR
(#16464) by Mikhail Novosyolov.

Co-authored-by: Mikhail Novosyolov <m.novosyolov@rosalinux.ru>
(cherry picked from commit 55c09511e13c6a57ffe64bef4a9d0a00f34d37d9)

Related: #2017035
---
.github/workflows/unit_tests.sh | 1 +
.semaphore/semaphore-runner.sh | 2 +-
test/meson.build | 16 ++++
test/test-rpm-macros.sh | 162 ++++++++++++++++++++++++++++++++
4 files changed, 180 insertions(+), 1 deletion(-)
create mode 100755 test/test-rpm-macros.sh

diff --git a/.github/workflows/unit_tests.sh b/.github/workflows/unit_tests.sh
index 9c7beb6d19..f41b070e57 100755
--- a/.github/workflows/unit_tests.sh
+++ b/.github/workflows/unit_tests.sh
@@ -20,6 +20,7 @@ ADDITIONAL_DEPS=(
perl
python3-libevdev
python3-pyparsing
+ rpm
zstd
)
diff --git a/.semaphore/semaphore-runner.sh b/.semaphore/semaphore-runner.sh
index d02b449e0e..6ccf271a82 100755
--- a/.semaphore/semaphore-runner.sh
+++ b/.semaphore/semaphore-runner.sh
@@ -42,7 +42,7 @@ apt-get -q --allow-releaseinfo-change update
apt-get -y dist-upgrade
apt-get install -y eatmydata
# The following four are needed as long as these deps are not covered by Debian's own packaging
-apt-get install -y fdisk tree libfdisk-dev libp11-kit-dev libssl-dev libpwquality-dev
+apt-get install -y fdisk tree libfdisk-dev libp11-kit-dev libssl-dev libpwquality-dev rpm
apt-get purge --auto-remove -y unattended-upgrades
systemctl unmask systemd-networkd
systemctl enable systemd-networkd
diff --git a/test/meson.build b/test/meson.build
index 8de1043e17..04ae9ebc78 100644
--- a/test/meson.build
+++ b/test/meson.build
@@ -163,6 +163,22 @@ endif
############################################################
+rpm = find_program('rpm', required : false)
+rpmspec = find_program('rpmspec', required : false)
+test_rpm_macros = find_program('test-rpm-macros.sh')
+
+if rpm.found() and rpmspec.found()
+ if want_tests != 'false'
+ test('test-rpm-macros',
+ test_rpm_macros,
+ args : [project_build_root])
+ endif
+else
+ message('Skipping test-rpm-macros since rpm and/or rpmspec are not available')
+endif
+
+############################################################
+
if want_tests != 'false' and dmi_arches.contains(host_machine.cpu_family())
udev_dmi_memory_id_test = find_program('udev-dmi-memory-id-test.sh')
diff --git a/test/test-rpm-macros.sh b/test/test-rpm-macros.sh
new file mode 100755
index 0000000000..5843b72346
--- /dev/null
+++ b/test/test-rpm-macros.sh
@@ -0,0 +1,162 @@
+#!/usr/bin/env bash
+# SPDX-License-Identifier: LGPL-2.1-or-later
+# This test makes some basic checks that RPM macros work correctly.
+# RPM is a simple C program available on different Linux distros, not only RPM-based ones,
+# and even BSD systems, so it must not be a problem to require it.
+# rpmspec utility is required (so this test will work with RPM 4 but won't work with RPM 5).
+set -eu
+
+BUILD_DIR="${1:?Missing argument: build directory}"
+RPM_MACROS_FILE="${BUILD_DIR:?}/src/rpm/macros.systemd"
+
+if ! command -v rpm >/dev/null || ! command -v rpmspec >/dev/null; then
+ echo >&2 "Missing necessary utilities (rpm, rpmspec), can't continue"
+ exit 1
+fi
+
+if [[ ! -f "${RPM_MACROS_FILE:?}" ]]; then
+ echo "RPM macros file not found in $RPM_MACROS_FILE!"
+ exit 1
+fi
+
+at_exit() {
+ if [[ -v WORK_DIR && -d "$WORK_DIR" ]]; then
+ rm -frv "$WORK_DIR"
+ fi
+}
+
+trap at_exit EXIT
+
+WORK_DIR="$(mktemp -d)"
+RPM_SPEC="$(mktemp "$WORK_DIR/systemd-test-rpm-macros-XXX.spec")"
+TEMP_LOG="$(mktemp "$WORK_DIR/out-XXX.log")"
+
+die() {
+ echo >&2 "${1:?}"
+ exit 1
+}
+
+mk_mini_spec() {
+ cat >"${RPM_SPEC:?}" <<EOF
+%{load:$RPM_MACROS_FILE}
+Summary: Test systemd RPM macros
+Name: systemd-test-rpm-macros
+License: LGPLv2+ and MIT and GPLv2+
+Version: 1
+Release: 1
+%description
+%{summary}
+END_OF_INITIAL_SPEC
+EOF
+}
+
+echo "=== Test basic loadability ==="
+mk_mini_spec
+# ensure its loadability (macros will be just loaded and not used for now)
+# also check that rpm supports %load
+rpmspec --parse "$RPM_SPEC"
+
+echo "=== Test %systemd_requires ==="
+mk_mini_spec
+# The idea of tests is the following:
+# - make a minimal spec file
+# - add macros into its %description section
+# - use rpmspec(8) to print spec file with expanded macros
+# - check that macros have been expanded as required.
+echo "%systemd_requires" >>"$RPM_SPEC"
+: >"$TEMP_LOG"
+rpmspec --parse "$RPM_SPEC" | tee "$TEMP_LOG"
+for i in post preun postun; do
+ echo "== Requires($i) =="
+ grep "^Requires($i): systemd$" "$TEMP_LOG"
+done
+
+echo "=== Test %systemd_ordering ==="
+mk_mini_spec
+echo "%systemd_ordering" >>"$RPM_SPEC"
+: >"$TEMP_LOG"
+rpmspec --parse "$RPM_SPEC" | tee "$TEMP_LOG"
+for i in post preun postun; do
+ echo "== OrderWithRequires($i) =="
+ grep "^OrderWithRequires($i): systemd$" "$TEMP_LOG"
+done
+
+echo "=== Test macros requiring an argument without specifying such argument ==="
+for i in \
+ systemd_post \
+ systemd_preun \
+ systemd_postun \
+ systemd_postun_with_restart \
+ systemd_user_preun \
+ systemd_user_postun \
+ systemd_user_postun_with_restart \
+ tmpfiles_create \
+ tmpfiles_create_package \
+ sysusers_create \
+ sysusers_create_package
+do
+ echo "== Macro: $i =="
+ mk_mini_spec
+ echo "%${i}" >>"$RPM_SPEC"
+ if rpmspec --parse "$RPM_SPEC"; then
+ die "Unexpected pass with macro $i (no arguments)"
+ fi
+done
+
+echo "=== Test macros requiring two arguments ==="
+for i in \
+ tmpfiles_create_package \
+ sysusers_create_package
+do
+ echo "== Macro: $i =="
+ # Test with an incorrect number of arguments (0, 1, 3)
+ for args in "" "arg1" "arg1 arg2 arg3"; do
+ mk_mini_spec
+ echo "%${i} $args" >>"$RPM_SPEC"
+ if rpmspec --parse "$RPM_SPEC"; then
+ die "Unexpected pass with macro $i (arguments: $args)"
+ fi
+ done
+
+ # Test with the correct number of arguments (2)
+ mk_mini_spec
+ echo "%${i} arg1 arg2" >>"$RPM_SPEC"
+ if ! rpmspec --parse "$RPM_SPEC"; then
+ die "Unexpected fail with macro $i (arguments: $args)"
+ fi
+done
+
+
+# Test that:
+# - *_create_package macros do work correctly
+# - shell syntax is correct (https://github.com/systemd/systemd/commit/93406fd37)
+# - RPM macros, loaded from macros.in, are actually expanded
+echo "=== Test %*_create_package macros ==="
+for i in sysusers tmpfiles; do
+ echo "== Macro: ${i}_create_package =="
+
+ PKG_DATA_FILE="$(mktemp "$WORK_DIR/pkg-data-XXX")"
+ EXP_OUT="$(mktemp "$WORK_DIR/exp-out-XXX.log")"
+ CONF_DIR="$(pkg-config --variable="${i}dir" systemd)"
+ EXTRA_ARGS=()
+
+ if [[ "$i" == tmpfiles ]]; then
+ EXTRA_ARGS+=("--create")
+ fi
+
+ echo "TEST_DATA" >"$PKG_DATA_FILE"
+ mk_mini_spec
+ echo "%${i}_create_package TEST_NAME ${PKG_DATA_FILE}" >>"$RPM_SPEC"
+
+ cat >"$EXP_OUT" <<EOF
+systemd-$i --replace=$CONF_DIR/TEST_NAME.conf ${EXTRA_ARGS[*]:+${EXTRA_ARGS[@]} }- <<SYSTEMD_INLINE_EOF || :
+TEST_DATA
+SYSTEMD_INLINE_EOF
+EOF
+
+ : >"$TEMP_LOG"
+ rpmspec --parse "$RPM_SPEC" | tee "$TEMP_LOG"
+ diff "$EXP_OUT" <(grep -A1 -B1 '^TEST_DATA$' "$TEMP_LOG")
+
+ rm -f "$PKG_DATA_FILE"
+done

29
SOURCES/0035-Revert-kernel-install-prefer-boot-over-boot-efi-for-.patch
Unescape View File

@ -0,0 +1,29 @@ @@ -0,0 +1,29 @@
From 5c9bf430dfa9ad75fedf342a4a2be88fa31cd309 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 17 Mar 2022 12:37:57 +0100
Subject: [PATCH] Revert "kernel-install: prefer /boot over /boot/efi for
$BOOT_ROOT"

This reverts commit d0e98b7a1211412dccfcf4dcd2cc0772ac70b304.

Related: #2065061

[msekleta: this revert is done in order to make backporting easier,
patch will be reapplied later.]
---
src/kernel-install/kernel-install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index d85852532b..b358b03b2f 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -108,7 +108,7 @@ fi
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
- for pref in "/efi" "/boot" "/boot/efi" ; do
+ for pref in "/efi" "/boot/efi" "/boot"; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
break 2

161
SOURCES/0035-test-do-not-assume-x86-64-arch-in-TEST-58-REPART.patch
Unescape View File

@ -0,0 +1,161 @@ @@ -0,0 +1,161 @@
From 7cc55d22394b8583b637e7e4b8baa00eb8f0dc49 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Wed, 12 Jan 2022 22:38:22 +0000
Subject: [PATCH] test: do not assume x86-64 arch in TEST-58-REPART

(cherry picked from commit 8e65d93e85f06e3f28b0b7a6e33b041ddf119917)

Related: #2017035
---
test/units/testsuite-58.sh | 76 ++++++++++++++++++++++++++++++++------
1 file changed, 65 insertions(+), 11 deletions(-)

diff --git a/test/units/testsuite-58.sh b/test/units/testsuite-58.sh
index 78c25051a2..4b3c984c84 100755
--- a/test/units/testsuite-58.sh
+++ b/test/units/testsuite-58.sh
@@ -11,6 +11,60 @@ fi
export SYSTEMD_LOG_LEVEL=debug
export PAGER=cat
+machine="$(uname -m)"
+if [ "${machine}" = "x86_64" ]; then
+ root_guid=4f68bce3-e8cd-4db1-96e7-fbcaf984b709
+ root_uuid=60F33797-1D71-4DCB-AA6F-20564F036CD0
+ usr_guid=8484680c-9521-48c6-9c11-b0720656f69e
+ usr_uuid=7E3369DD-D653-4513-ADF5-B993A9F20C16
+ architecture="x86-64"
+elif [ "${machine}" = "i386" ] || [ "${machine}" = "i686" ] || [ "${machine}" = "x86" ]; then
+ root_guid=44479540-f297-41b2-9af7-d131d5f0458a
+ root_uuid=02b4253f-29a4-404e-8972-1669d3b03c87
+ usr_guid=75250d76-8cc6-458e-bd66-bd47cc81a812
+ usr_uuid=7b42ffb0-b0e1-4395-b20b-c78f4a571648
+ architecture="x86"
+elif [ "${machine}" = "aarch64" ] || [ "${machine}" = "aarch64_be" ] || [ "${machine}" = "armv8b" ] || [ "${machine}" = "armv8l" ]; then
+ root_guid=b921b045-1df0-41c3-af44-4c6f280d3fae
+ root_uuid=055d0227-53a6-4033-85c3-9a5973eff483
+ usr_guid=b0e01050-ee5f-4390-949a-9101b17104e9
+ usr_uuid=fce3c75e-d6a4-44c0-87f0-4c105183fb1f
+ architecture="arm64"
+elif [ "${machine}" = "arm" ]; then
+ root_guid=69dad710-2ce4-4e3c-b16c-21a1d49abed3
+ root_uuid=567da89e-8de2-4499-8d10-18f212dff034
+ usr_guid=7d0359a3-02b3-4f0a-865c-654403e70625
+ usr_uuid=71e93dc2-5073-42cb-8a84-a354e64d8966
+ architecture="arm"
+elif [ "${machine}" = "loongarch64" ]; then
+ root_guid=77055800-792c-4f94-b39a-98c91b762bb6
+ root_uuid=d8efc2d2-0133-41e4-bdcb-3b9f4cfddde8
+ usr_guid=e611c702-575c-4cbe-9a46-434fa0bf7e3f
+ usr_uuid=031ffa75-00bb-49b6-a70d-911d2d82a5b7
+ architecture="loongarch64"
+elif [ "${machine}" = "ia64" ]; then
+ root_guid=993d8d3d-f80e-4225-855a-9daf8ed7ea97
+ root_uuid=dcf33449-0896-4ea9-bc24-7d58aeef522d
+ usr_guid=4301d2a6-4e3b-4b2a-bb94-9e0b2c4225ea
+ usr_uuid=bc2bcce7-80d6-449a-85cc-637424ce5241
+ architecture="ia64"
+elif [ "${machine}" = "s390x" ]; then
+ root_guid=5eead9a9-fe09-4a1e-a1d7-520d00531306
+ root_uuid=7ebe0c85-e27e-48ec-b164-f4807606232e
+ usr_guid=8a4f5770-50aa-4ed3-874a-99b710db6fea
+ usr_uuid=51171d30-35cf-4a49-b8b5-9478b9b796a5
+ architecture="s390x"
+elif [ "${machine}" = "ppc64le" ]; then
+ root_guid=c31c45e6-3f39-412e-80fb-4809c4980599
+ root_uuid=061e67a1-092f-482f-8150-b525d50d6654
+ usr_guid=15bb03af-77e7-4d4a-b12b-c0d084f7491c
+ usr_uuid=c0d0823b-8040-4c7c-a629-026248e297fb
+ architecture="ppc64-le"
+else
+ echo "Unexpected uname -m: ${machine} in testsuite-58.sh, please fix me"
+ exit 1
+fi
+
rm -f /var/tmp/testsuite-58.img /var/tmp/testsuite-58.2.img /tmp/testsuite-58.dump
mkdir -p /tmp/testsuite-58-defs/
@@ -25,7 +79,7 @@ EOF
cat >/tmp/testsuite-58-defs/usr.conf <<EOF
[Partition]
-Type=usr
+Type=usr-${architecture}
SizeMinBytes=10M
Format=ext4
ReadOnly=yes
@@ -33,7 +87,7 @@ EOF
cat >/tmp/testsuite-58-defs/root.conf <<EOF
[Partition]
-Type=root
+Type=root-${architecture}
SizeMinBytes=10M
Format=ext4
MakeDirectories=/usr /efi
@@ -47,9 +101,9 @@ systemd-repart --definitions=/tmp/testsuite-58-defs/ \
sfdisk --dump /var/tmp/testsuite-58.img | tee /tmp/testsuite-58.dump
-grep -qxF '/var/tmp/testsuite-58.img1 : start= 2048, size= 20480, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=39107B09-615D-48FB-BA37-C663885FCE67, name="esp"' /tmp/testsuite-58.dump
-grep -qxF '/var/tmp/testsuite-58.img2 : start= 22528, size= 20480, type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709, uuid=60F33797-1D71-4DCB-AA6F-20564F036CD0, name="root-x86-64", attrs="GUID:59"' /tmp/testsuite-58.dump
-grep -qxF '/var/tmp/testsuite-58.img3 : start= 43008, size= 20480, type=8484680C-9521-48C6-9C11-B0720656F69E, uuid=7E3369DD-D653-4513-ADF5-B993A9F20C16, name="usr-x86-64", attrs="GUID:60"' /tmp/testsuite-58.dump
+grep -qixF "/var/tmp/testsuite-58.img1 : start= 2048, size= 20480, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=39107B09-615D-48FB-BA37-C663885FCE67, name=\"esp\"" /tmp/testsuite-58.dump
+grep -qixF "/var/tmp/testsuite-58.img2 : start= 22528, size= 20480, type=${root_guid}, uuid=${root_uuid}, name=\"root-${architecture}\", attrs=\"GUID:59\"" /tmp/testsuite-58.dump
+grep -qixF "/var/tmp/testsuite-58.img3 : start= 43008, size= 20480, type=${usr_guid}, uuid=${usr_uuid}, name=\"usr-${architecture}\", attrs=\"GUID:60\"" /tmp/testsuite-58.dump
# Second part, duplicate it with CopyBlocks=auto
@@ -61,14 +115,14 @@ EOF
cat >/tmp/testsuite-58-defs/usr.conf <<EOF
[Partition]
-Type=usr
+Type=usr-${architecture}
ReadOnly=yes
CopyBlocks=auto
EOF
cat >/tmp/testsuite-58-defs/root.conf <<EOF
[Partition]
-Type=root
+Type=root-${architecture}
CopyBlocks=auto
EOF
@@ -91,7 +145,7 @@ mkdir -p /tmp/testsuite-58.3-defs/
cat >/tmp/testsuite-58.3-defs/root.conf <<EOF
[Partition]
-Type=root
+Type=root-${architecture}
EOF
truncate -s 10g /var/tmp/testsuite-58.3.img
@@ -111,7 +165,7 @@ sfdisk --dump /var/tmp/testsuite-58.3.img | tee /tmp/testsuite-58.3.dump
grep -qF '/var/tmp/testsuite-58.3.img1 : start= 2048, size= 69044,' /tmp/testsuite-58.3.dump
grep -qF '/var/tmp/testsuite-58.3.img2 : start= 71092, size= 3591848,' /tmp/testsuite-58.3.dump
-grep -qxF '/var/tmp/testsuite-58.3.img3 : start= 3662944, size= 17308536, type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709, uuid=60F33797-1D71-4DCB-AA6F-20564F036CD0, name="root-x86-64", attrs="GUID:59"' /tmp/testsuite-58.3.dump
+grep -qixF "/var/tmp/testsuite-58.3.img3 : start= 3662944, size= 17308536, type=${root_guid}, uuid=${root_uuid}, name=\"root-${architecture}\", attrs=\"GUID:59\"" /tmp/testsuite-58.3.dump
rm /var/tmp/testsuite-58.3.img /tmp/testsuite-58.3.dump
rm -r /tmp/testsuite-58.3-defs/
@@ -120,7 +174,7 @@ rm -r /tmp/testsuite-58.3-defs/
mkdir -p /tmp/testsuite-58-issue-21817-defs/
truncate -s 100m /tmp/testsuite-58-issue-21817.img
LOOP=$(losetup -P --show -f /tmp/testsuite-58-issue-21817.img)
-printf 'size=50M,type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709\n,\n' | sfdisk -X gpt /tmp/testsuite-58-issue-21817.img
+printf 'size=50M,type=%s\n,\n' "${root_guid}" | sfdisk -X gpt /tmp/testsuite-58-issue-21817.img
cat >/tmp/testsuite-58-issue-21817-defs/test.conf <<EOF
[Partition]
Type=root
@@ -129,7 +183,7 @@ systemd-repart --pretty=yes --definitions /tmp/testsuite-58-issue-21817-defs/ "$
sfdisk --dump "$LOOP" | tee /tmp/testsuite-58-issue-21817.dump
losetup -d "$LOOP"
-grep -qF 'p1 : start= 2048, size= 102400, type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709,' /tmp/testsuite-58-issue-21817.dump
+grep -qiF "p1 : start= 2048, size= 102400, type=${root_guid}," /tmp/testsuite-58-issue-21817.dump
grep -qF 'p2 : start= 104448, size= 100319,' /tmp/testsuite-58-issue-21817.dump
rm /tmp/testsuite-58-issue-21817.img /tmp/testsuite-58-issue-21817.dump

60
SOURCES/0036-kernel-install-50-depmod-port-to-bin-sh.patch
Unescape View File

@ -0,0 +1,60 @@ @@ -0,0 +1,60 @@
From 323059e195652d602142dd9930983b438cd1c4d1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:35:17 +0100
Subject: [PATCH] kernel-install: 50-depmod: port to /bin/sh

(cherry picked from commit b3ceb3d9fff69b33b8665a0137f5177f72c45cc0)

Related: #2065061
---
src/kernel-install/50-depmod.install | 28 +++++++++++++++-------------
1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index 2fd959865f..aa1f6b8e0e 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -20,23 +20,25 @@
COMMAND="$1"
KERNEL_VERSION="$2"
-ENTRY_DIR_ABS="$3"
-KERNEL_IMAGE="$4"
-INITRD_OPTIONS_START="5"
-
-[[ $KERNEL_VERSION ]] || exit 1
case "$COMMAND" in
add)
- [[ -d "/lib/modules/${KERNEL_VERSION}/kernel" ]] || exit 0
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Running depmod -a ${KERNEL_VERSION}"
- exec depmod -a "${KERNEL_VERSION}"
+ [ -d "/lib/modules/$KERNEL_VERSION/kernel" ] || exit 0
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+depmod -a $KERNEL_VERSION"
+ exec depmod -a "$KERNEL_VERSION"
;;
remove)
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Removing /lib/modules/${KERNEL_VERSION}/modules.dep and associated files"
- exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Removing /lib/modules/$KERNEL_VERSION/modules.dep and associated files"
+ exec rm -f \
+ "/lib/modules/$KERNEL_VERSION/modules.alias" \
+ "/lib/modules/$KERNEL_VERSION/modules.alias.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.builtin.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.dep" \
+ "/lib/modules/$KERNEL_VERSION/modules.dep.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.devname" \
+ "/lib/modules/$KERNEL_VERSION/modules.softdep" \
+ "/lib/modules/$KERNEL_VERSION/modules.symbols" \
+ "/lib/modules/$KERNEL_VERSION/modules.symbols.bin"
;;
*)
exit 0

68
SOURCES/0036-tests-add-repart-tests-for-block-devices-with-1024-2.patch
Unescape View File

@ -0,0 +1,68 @@ @@ -0,0 +1,68 @@
From 9a98a3b83e9e974d8d1cdc31e2286a862cc548be Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 7 Feb 2022 14:35:40 +0100
Subject: [PATCH] tests: add repart tests for block devices with 1024, 2048,
4096 byte sector sizes

let's make sure repart works with 4K drives and exotic sector sizes.

(cherry picked from commit 2cd341afb96486bd4afcdba23f02a27631c5b8db)

Related: #2017035
---
test/units/testsuite-58.sh | 42 ++++++++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)

diff --git a/test/units/testsuite-58.sh b/test/units/testsuite-58.sh
index 4b3c984c84..7aed965fb4 100755
--- a/test/units/testsuite-58.sh
+++ b/test/units/testsuite-58.sh
@@ -189,6 +189,48 @@ grep -qF 'p2 : start= 104448, size= 100319,' /tmp/testsuite-58-issue-2
rm /tmp/testsuite-58-issue-21817.img /tmp/testsuite-58-issue-21817.dump
rm -r /tmp/testsuite-58-issue-21817-defs/
+testsector()
+{
+ echo "Running sector test with sector size $1..."
+
+ mkdir -p /tmp/testsuite-58-sector
+ cat > /tmp/testsuite-58-sector/a.conf <<EOF
+[Partition]
+Type=root
+SizeMaxBytes=15M
+SizeMinBytes=15M
+EOF
+ cat > /tmp/testsuite-58-sector/b.conf <<EOF
+[Partition]
+Type=linux-generic
+Weight=250
+EOF
+
+ cat > /tmp/testsuite-58-sector/c.conf <<EOF
+[Partition]
+Type=linux-generic
+Weight=750
+EOF
+
+ truncate -s 100m "/tmp/testsuite-58-sector-$1.img"
+ LOOP=$(losetup -b "$1" -P --show -f "/tmp/testsuite-58-sector-$1.img" )
+ systemd-repart --pretty=yes --definitions=/tmp/testsuite-58-sector/ --seed=750b6cd5c4ae4012a15e7be3c29e6a47 --empty=require --dry-run=no "$LOOP"
+ rm -rf /tmp/testsuite-58-sector
+ sfdisk --verify "$LOOP"
+ sfdisk --dump "$LOOP"
+ losetup -d "$LOOP"
+
+ rm "/tmp/testsuite-58-sector-$1.img"
+}
+
+# Valid block sizes on the Linux block layer are >= 512 and <= PAGE_SIZE, and
+# must be powers of 2. Which leaves exactly four different ones to test on
+# typical hardware
+testsector 512
+testsector 1024
+testsector 2048
+testsector 4096
+
echo OK >/testok
exit 0

181
SOURCES/0037-kernel-install-90-loaderentry-port-to-bin-sh.patch
Unescape View File

@ -0,0 +1,181 @@ @@ -0,0 +1,181 @@
From 96310f2157e896a82de6df260926ac1ec66f65ea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:35:33 +0100
Subject: [PATCH] kernel-install: 90-loaderentry: port to /bin/sh

Also, forward the rm -f exit code on removal instead of swallowing it

(cherry picked from commit 662f45e3ea9f6e933234b81bec532d584bda6ead)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 110 +++++++++-------------
1 file changed, 45 insertions(+), 65 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 044eced3f0..35324e69a9 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -22,68 +22,53 @@ COMMAND="$1"
KERNEL_VERSION="$2"
ENTRY_DIR_ABS="$3"
KERNEL_IMAGE="$4"
-INITRD_OPTIONS_START="5"
+INITRD_OPTIONS_SHIFT=4
-if ! [[ $KERNEL_INSTALL_MACHINE_ID ]]; then
- exit 0
-fi
-
-if [ "$KERNEL_INSTALL_LAYOUT" != "bls" ]; then
- exit 0
-fi
+[ "$KERNEL_INSTALL_LAYOUT" = "bls" ] || exit 0
MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
BOOT_ROOT="$KERNEL_INSTALL_BOOT_ROOT"
BOOT_MNT="$(stat -c %m "$BOOT_ROOT")"
-if [[ "$BOOT_MNT" == '/' ]]; then
+if [ "$BOOT_MNT" = '/' ]; then
ENTRY_DIR="$ENTRY_DIR_ABS"
else
ENTRY_DIR="${ENTRY_DIR_ABS#$BOOT_MNT}"
fi
-if [[ $COMMAND == remove ]]; then
- rm -f "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf"
- rm -f "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
- exit 0
-fi
-
-if ! [[ $COMMAND == add ]]; then
- exit 1
-fi
-
-if ! [[ $KERNEL_IMAGE ]]; then
- exit 1
-fi
+case "$COMMAND" in
+ remove)
+ exec rm -f \
+ "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
+ "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
+ ;;
+ add)
+ ;;
+ *)
+ exit 1
+ ;;
+esac
-if [[ -f /etc/os-release ]]; then
+if [ -r /etc/os-release ]; then
. /etc/os-release
-elif [[ -f /usr/lib/os-release ]]; then
+elif [ -r /usr/lib/os-release ]; then
. /usr/lib/os-release
fi
-if ! [[ $PRETTY_NAME ]]; then
- PRETTY_NAME="Linux $KERNEL_VERSION"
-fi
+[ -n "$PRETTY_NAME" ] || PRETTY_NAME="Linux $KERNEL_VERSION"
-if [[ -f /etc/kernel/cmdline ]]; then
- read -r -d '' -a BOOT_OPTIONS < /etc/kernel/cmdline
-elif [[ -f /usr/lib/kernel/cmdline ]]; then
- read -r -d '' -a BOOT_OPTIONS < /usr/lib/kernel/cmdline
+if [ -r /etc/kernel/cmdline ]; then
+ BOOT_OPTIONS="$(tr -s "$IFS" ' ' </etc/kernel/cmdline)"
+elif [ -r /usr/lib/kernel/cmdline ]; then
+ BOOT_OPTIONS="$(tr -s "$IFS" ' ' </usr/lib/kernel/cmdline)"
else
- declare -a BOOT_OPTIONS
-
- read -r -d '' -a line < /proc/cmdline
- for i in "${line[@]}"; do
- [[ "${i#initrd=*}" != "$i" ]] && continue
- [[ "${i#BOOT_IMAGE=*}" != "$i" ]] && continue
- BOOT_OPTIONS+=("$i")
- done
+ BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
+BOOT_OPTIONS="${BOOT_OPTIONS% }"
-if [[ -f /etc/kernel/tries ]]; then
+if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
- if ! [[ "$TRIES" =~ ^[0-9]+$ ]] ; then
+ if ! echo "$TRIES" | grep -q '^[0-9][0-9]*$'; then
echo "/etc/kernel/tries does not contain an integer." >&2
exit 1
fi
@@ -106,43 +91,38 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
exit 1
}
-INITRD_OPTIONS=( "${@:${INITRD_OPTIONS_START}}" )
-
-for initrd in "${INITRD_OPTIONS[@]}"; do
- if [[ -f "${initrd}" ]]; then
- initrd_basename="$(basename ${initrd})"
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Installing $ENTRY_DIR_ABS/${initrd_basename}"
- install -g root -o root -m 0644 "${initrd}" "$ENTRY_DIR_ABS/${initrd_basename}" || {
- echo "Could not copy '${initrd}' to '$ENTRY_DIR_ABS/${initrd_basename}'." >&2
- exit 1
- }
- fi
-done
+shift "$INITRD_OPTIONS_SHIFT"
+for initrd; do
+ [ -f "$initrd" ] || continue
-# If no initrd option is supplied, fall back to "initrd" which is
-# the name used by dracut when generating it in its kernel-install hook
-[[ ${#INITRD_OPTIONS[@]} == 0 ]] && INITRD_OPTIONS=( initrd )
+ initrd_basename="${initrd##*/}"
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
+ install -g root -o root -m 0644 "$initrd" "$ENTRY_DIR_ABS/$initrd_basename" || {
+ echo "Could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
+ exit 1
+ }
+done
mkdir -p "${LOADER_ENTRY%/*}" || {
echo "Could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
exit 1
}
-[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Creating $LOADER_ENTRY"
+# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
+[ $# -eq 0 ] && set -- "initrd"
+
+[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Creating $LOADER_ENTRY"
{
echo "title $PRETTY_NAME"
echo "version $KERNEL_VERSION"
echo "machine-id $MACHINE_ID"
- echo "options ${BOOT_OPTIONS[*]}"
+ echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
- for initrd in "${INITRD_OPTIONS[@]}"; do
- [[ -f $ENTRY_DIR_ABS/$(basename ${initrd}) ]] && \
- echo "initrd $ENTRY_DIR/$(basename ${initrd})"
+ for initrd; do
+ [ -f "$ENTRY_DIR_ABS/${initrd##*/}" ] && echo "initrd $ENTRY_DIR/${initrd##*/}"
done
:
-} > "$LOADER_ENTRY" || {
+} >"$LOADER_ENTRY" || {
echo "Could not create loader entry '$LOADER_ENTRY'." >&2
exit 1
}

31
SOURCES/0037-test-accept-both-unpadded-and-padded-partition-sizes.patch
Unescape View File

@ -0,0 +1,31 @@ @@ -0,0 +1,31 @@
From c16ff9acad53e741ee121a21bd2ba5dfce1f459e Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 25 Feb 2022 15:09:07 +0100
Subject: [PATCH] test: accept both unpadded and padded partition sizes

Since util-linux/util-linux@921c7da55ec78350e4067b3fd6b7de6f299106ee
libfdisk aligns the last partition (on GPT) for optimal I/O. Let's
account for that.

Fixes: #22606
(cherry picked from commit d490188b8f6da658d8086dd53b7db95735e5cca1)

Related: #2017035
---
test/units/testsuite-58.sh | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/test/units/testsuite-58.sh b/test/units/testsuite-58.sh
index 7aed965fb4..f1b690a71f 100755
--- a/test/units/testsuite-58.sh
+++ b/test/units/testsuite-58.sh
@@ -184,7 +184,8 @@ sfdisk --dump "$LOOP" | tee /tmp/testsuite-58-issue-21817.dump
losetup -d "$LOOP"
grep -qiF "p1 : start= 2048, size= 102400, type=${root_guid}," /tmp/testsuite-58-issue-21817.dump
-grep -qF 'p2 : start= 104448, size= 100319,' /tmp/testsuite-58-issue-21817.dump
+# Accept both unpadded (pre-v2.38 util-linux) and padded (v2.38+ util-linux) sizes
+grep -qE "p2 : start= 104448, size= (100319| 98304)," /tmp/testsuite-58-issue-21817.dump
rm /tmp/testsuite-58-issue-21817.img /tmp/testsuite-58-issue-21817.dump
rm -r /tmp/testsuite-58-issue-21817-defs/

82
SOURCES/0038-kernel-install-fix-shellcheck.patch
Unescape View File

@ -0,0 +1,82 @@ @@ -0,0 +1,82 @@
From d778dd4a03f7bd45108fdebcc75dff5e886c30b2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:37:53 +0100
Subject: [PATCH] kernel-install: fix shellcheck

(cherry picked from commit 0bb1cb1fce5ebf307501dec1679e37f0c0157be9)

Related: #2065061
---
src/kernel-install/kernel-install | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index b358b03b2f..f6da0cf7a8 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -26,8 +26,8 @@ usage()
echo " $0 [OPTIONS...] add KERNEL-VERSION KERNEL-IMAGE [INITRD-FILE ...]"
echo " $0 [OPTIONS...] remove KERNEL-VERSION"
echo "Options:"
- echo " -h,--help Print this help"
- echo " -v,--verbose Increase verbosity"
+ echo " -h, --help Print this help"
+ echo " -v, --verbose Increase verbosity"
}
dropindirs_sort()
@@ -58,15 +58,15 @@ dropindirs_sort()
export LC_COLLATE=C
-for i in "$@"; do
- if [ "$i" == "--help" -o "$i" == "-h" ]; then
+for i; do
+ if [ "$i" = "--help" ] || [ "$i" = "-h" ]; then
usage
exit 0
fi
done
KERNEL_INSTALL_VERBOSE=0
-if [ "$1" == "--verbose" -o "$1" == "-v" ]; then
+if [ "$1" = "--verbose" ] || [ "$1" = "-v" ]; then
shift
KERNEL_INSTALL_VERBOSE=1
fi
@@ -185,13 +185,13 @@ case $COMMAND in
for f in "${PLUGINS[@]}"; do
if [[ -x $f ]]; then
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[@]}"
+ echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[*]}"
"$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "${INITRD_OPTIONS[@]}"
x=$?
- if [[ $x == $SKIP_REMAINING ]]; then
+ if [ $x -eq "$SKIP_REMAINING" ]; then
break
fi
- ((ret+=$x))
+ ((ret+=x))
fi
done
;;
@@ -203,10 +203,10 @@ case $COMMAND in
echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
"$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
x=$?
- if [[ $x == $SKIP_REMAINING ]]; then
+ if [ $x -eq "$SKIP_REMAINING" ]; then
break
fi
- ((ret+=$x))
+ ((ret+=x))
fi
done
@@ -222,4 +222,4 @@ case $COMMAND in
;;
esac
-exit $ret
+exit "$ret"

41
SOURCES/0038-test-lvm-2.03.15-dropped-the-static-autoactivation.patch
Unescape View File

@ -0,0 +1,41 @@ @@ -0,0 +1,41 @@
From fcaf368341c85285017f77333543656e1382975e Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 9 Feb 2022 22:35:03 +0100
Subject: [PATCH] test: lvm 2.03.15 dropped the static autoactivation

so install the respective generator only if we're running with older
lvm versions.

See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=ee8fb0310c53ed003a43b324c99cdfd891dd1a7c
(cherry picked from commit d10d562bd4b9f93130fb2b23f2b0d0d4126ea7d4)

Related: #2017035
---
test/test-functions | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/test/test-functions b/test/test-functions
index 4827b6bedf..dcc893733c 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -973,16 +973,19 @@ install_lvm() {
image_install lvm
image_install "${ROOTLIBDIR:?}"/system/lvm2-lvmpolld.{service,socket}
image_install "${ROOTLIBDIR:?}"/system/{blk-availability,lvm2-monitor}.service
- image_install "${ROOTLIBDIR:?}"/system-generators/lvm2-activation-generator
image_install -o "/lib/tmpfiles.d/lvm2.conf"
if get_bool "$LOOKS_LIKE_DEBIAN"; then
inst_rules 56-lvm.rules 69-lvm-metad.rules
else
# Support the new udev autoactivation introduced in lvm 2.03.14
# https://sourceware.org/git/?p=lvm2.git;a=commit;h=67722b312390cdab29c076c912e14bd739c5c0f6
+ # Static autoactivation (via lvm2-activation-generator) was dropped
+ # in lvm 2.03.15
+ # https://sourceware.org/git/?p=lvm2.git;a=commit;h=ee8fb0310c53ed003a43b324c99cdfd891dd1a7c
if [[ -f /lib/udev/rules.d/69-dm-lvm.rules ]]; then
inst_rules 11-dm-lvm.rules 69-dm-lvm.rules
else
+ image_install "${ROOTLIBDIR:?}"/system-generators/lvm2-activation-generator
image_install "${ROOTLIBDIR:?}"/system/lvm2-pvscan@.service
inst_rules 11-dm-lvm.rules 69-dm-lvm-metad.rules
fi

205
SOURCES/0039-kernel-install-port-to-bin-sh.patch
Unescape View File

@ -0,0 +1,205 @@ @@ -0,0 +1,205 @@
From b60234140cbceaa579b889d03b863953ca53b3e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 15:06:06 +0100
Subject: [PATCH] kernel-install: port to /bin/sh

(cherry picked from commit 76b1274a5cb54acaa4a0f0c2e570d751f9067c06)

Related: #2065061
---
src/kernel-install/kernel-install | 109 ++++++++++++------------------
1 file changed, 43 insertions(+), 66 deletions(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index f6da0cf7a8..2e8f382d5f 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -18,7 +18,7 @@
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
-SKIP_REMAINING=77
+skip_remaining=77
usage()
{
@@ -32,24 +32,17 @@ usage()
dropindirs_sort()
{
- local suffix=$1; shift
- local -a files
- local f d i
-
- readarray -t files <<<"$(
- for d in "$@"; do
- for i in "$d/"*"$suffix"; do
- if [[ -e "$i" ]]; then
- echo "${i##*/}"
- fi
- done
- done | sort -Vu
- )"
-
- for f in "${files[@]}"; do
- for d in "$@"; do
- if [[ -e "$d/$f" ]]; then
- echo "$d/$f"
+ suffix="$1"
+ shift
+
+ for d; do
+ for i in "$d/"*"$suffix"; do
+ [ -e "$i" ] && echo "${i##*/}"
+ done
+ done | sort -Vu | while read -r f; do
+ for d; do
+ if [ -e "$d/$f" ]; then
+ [ -x "$d/$f" ] && echo "$d/$f"
continue 2
fi
done
@@ -65,27 +58,25 @@ for i; do
fi
done
-KERNEL_INSTALL_VERBOSE=0
+export KERNEL_INSTALL_VERBOSE=0
if [ "$1" = "--verbose" ] || [ "$1" = "-v" ]; then
shift
KERNEL_INSTALL_VERBOSE=1
fi
-export KERNEL_INSTALL_VERBOSE
-if [[ "${0##*/}" == 'installkernel' ]]; then
- COMMAND='add'
- # make install doesn't pass any parameter wrt initrd handling
- INITRD_OPTIONS=()
+if [ "${0##*/}" = "installkernel" ]; then
+ COMMAND=add
+ # make install doesn't pass any initrds
else
COMMAND="$1"
- shift
- INITRD_OPTIONS=( "${@:3}" )
+ [ $# -ge 1 ] && shift
fi
KERNEL_VERSION="$1"
KERNEL_IMAGE="$2"
+[ $# -ge 2 ] && shift 2
-if [[ ! $COMMAND ]] || [[ ! $KERNEL_VERSION ]]; then
+if [ -z "$COMMAND" ] || [ -z "$KERNEL_VERSION" ]; then
echo "Not enough arguments" >&2
exit 1
fi
@@ -99,12 +90,11 @@ fi
# Prefer to use an existing machine ID from /etc/machine-info or /etc/machine-id. If we're using the machine
# ID /etc/machine-id, try to persist it in /etc/machine-info. If no machine ID is found, try to generate
# a new machine ID in /etc/machine-info. If that fails, use "Default".
-
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-info ] && source /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
-[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
+[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
[ -z "$MACHINE_ID" ] && NEW_MACHINE_ID="$(systemd-id128 new)" && echo "KERNEL_INSTALL_MACHINE_ID=$NEW_MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-info ] && source /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
@@ -125,11 +115,6 @@ done
[ -z "$BOOT_ROOT" ] && BOOT_ROOT="/boot"
-ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
-
-export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
-export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
-
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.
if [ -d "$BOOT_ROOT/$MACHINE_ID" ]; then
@@ -152,21 +137,23 @@ MAKE_ENTRY_DIR_ABS=$?
ret=0
-readarray -t PLUGINS <<<"$(
+PLUGINS="$(
dropindirs_sort ".install" \
"/etc/kernel/install.d" \
"/usr/lib/kernel/install.d"
)"
+IFS="
+"
-case $COMMAND in
+case "$COMMAND" in
add)
- if [[ ! "$KERNEL_IMAGE" ]]; then
+ if [ -z "$KERNEL_IMAGE" ]; then
echo "Command 'add' requires an argument" >&2
exit 1
fi
- if [[ ! -f "$KERNEL_IMAGE" ]]; then
- echo "Kernel image argument ${KERNEL_IMAGE} not a file" >&2
+ if ! [ -f "$KERNEL_IMAGE" ]; then
+ echo "Kernel image argument $KERNEL_IMAGE not a file" >&2
exit 1
fi
@@ -182,32 +169,22 @@ case $COMMAND in
fi
fi
- for f in "${PLUGINS[@]}"; do
- if [[ -x $f ]]; then
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[*]}"
- "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "${INITRD_OPTIONS[@]}"
- x=$?
- if [ $x -eq "$SKIP_REMAINING" ]; then
- break
- fi
- ((ret+=x))
- fi
+ for f in $PLUGINS; do
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE $*"
+ "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "$@"
+ err=$?
+ [ $err -eq $skip_remaining ] && break
+ ret=$(( ret + err ))
done
;;
remove)
- for f in "${PLUGINS[@]}"; do
- if [[ -x $f ]]; then
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
- "$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
- x=$?
- if [ $x -eq "$SKIP_REMAINING" ]; then
- break
- fi
- ((ret+=x))
- fi
+ for f in $PLUGINS; do
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
+ "$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
+ err=$?
+ [ $err -eq $skip_remaining ] && break
+ ret=$(( ret + err ))
done
if [ "$MAKE_ENTRY_DIR_ABS" -eq 0 ]; then

39
SOURCES/0039-test-accept-GC-ed-units-in-newer-LVM.patch
Unescape View File

@ -0,0 +1,39 @@ @@ -0,0 +1,39 @@
From 494045e03c7e1b81ac4dcea7d4bf776e2bc50c77 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 10 Feb 2022 12:29:53 +0100
Subject: [PATCH] test: accept GC'ed units in newer LVM

Since lvm 2.03.15 the transient units are started without `-r`, thus
disappearing once they finish and breaking the test (which expects them
to remain loaded after finishing). Let's accept `LoadState=not-found` as
a valid result as well to fix this.

Follow-up to: d10d562bd4b9f93130fb2b23f2b0d0d4126ea7d4
See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=fbd8b0cf43dc67f51f86f060dce748f446985855

(cherry picked from commit b034f02c628057c30a2136289a1b388a6fb9a737)

Related: #2017035
---
test/units/testsuite-64.sh | 8 ++++++++
1 file changed, 8 insertions(+)

diff --git a/test/units/testsuite-64.sh b/test/units/testsuite-64.sh
index f75382d90a..dc8b263b10 100755
--- a/test/units/testsuite-64.sh
+++ b/test/units/testsuite-64.sh
@@ -96,6 +96,14 @@ helper_wait_for_lvm_activate() {
if [[ "$(systemctl show -P SubState "$lvm_activate_svc")" == exited ]]; then
return 0
fi
+ else
+ # Since lvm 2.03.15 the lvm-activate transient unit no longer remains
+ # after finishing, so we have to treat non-existent units as a success
+ # as well
+ # See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=fbd8b0cf43dc67f51f86f060dce748f446985855
+ if [[ "$(systemctl show -P LoadState "$lvm_activate_svc")" == not-found ]]; then
+ return 0
+ fi
fi
sleep .5

51
SOURCES/0040-kernel-install-90-loaderentry-error-out-on-nonexiste.patch
Unescape View File

@ -0,0 +1,51 @@ @@ -0,0 +1,51 @@
From 6b47726b54a3bf71e0f7ba35bbfe915c7a64a7d1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Fri, 17 Dec 2021 19:51:12 +0100
Subject: [PATCH] kernel-install: 90-loaderentry: error out on nonexistent
initrds instead of swallowing them quietly

(cherry picked from commit 742561efbe938c45936f2e4f5d81b3ff6b352882)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 35324e69a9..e588e72bf9 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -93,7 +93,10 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
shift "$INITRD_OPTIONS_SHIFT"
for initrd; do
- [ -f "$initrd" ] || continue
+ [ -f "$initrd" ] || {
+ echo "Initrd '$initrd' not a file." >&2
+ exit 1
+ }
initrd_basename="${initrd##*/}"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
@@ -108,9 +111,6 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
exit 1
}
-# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
-[ $# -eq 0 ] && set -- "initrd"
-
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Creating $LOADER_ENTRY"
{
echo "title $PRETTY_NAME"
@@ -119,8 +119,10 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
for initrd; do
- [ -f "$ENTRY_DIR_ABS/${initrd##*/}" ] && echo "initrd $ENTRY_DIR/${initrd##*/}"
+ echo "initrd $ENTRY_DIR/${initrd##*/}"
done
+ # Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
+ [ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
echo "Could not create loader entry '$LOADER_ENTRY'." >&2

127
SOURCES/0040-shared-Add-more-dlopen-tests.patch
Unescape View File

@ -0,0 +1,127 @@ @@ -0,0 +1,127 @@
From 3ed5b365c5134cb18da8aed397c7c4551af25715 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 1 Mar 2022 17:04:13 +0000
Subject: [PATCH] shared: Add more dlopen() tests

Add dlopen_dw(), dlopen_elf() and dlopen_pcre2() to the dlopen test.
To enable adding dlopen_pcre2(), we move pcre2-dlopen.h/c from
src/journal to src/shared.

(cherry picked from commit ee48779e05831a0ec5e1ba5e7ed5fe92aaca1d9e)

Related: #2017035
---
src/journal/meson.build | 2 --
src/shared/elf-util.c | 4 ++--
src/shared/elf-util.h | 3 +++
src/shared/meson.build | 2 ++
src/{journal => shared}/pcre2-dlopen.c | 0
src/{journal => shared}/pcre2-dlopen.h | 0
src/test/test-dlopen-so.c | 11 +++++++++++
7 files changed, 18 insertions(+), 4 deletions(-)
rename src/{journal => shared}/pcre2-dlopen.c (100%)
rename src/{journal => shared}/pcre2-dlopen.h (100%)

diff --git a/src/journal/meson.build b/src/journal/meson.build
index eb66bfd584..270592f2ac 100644
--- a/src/journal/meson.build
+++ b/src/journal/meson.build
@@ -49,8 +49,6 @@ systemd_cat_sources = files('cat.c')
journalctl_sources = files('''
journalctl.c
- pcre2-dlopen.c
- pcre2-dlopen.h
'''.split())
if install_sysconfdir_samples
diff --git a/src/shared/elf-util.c b/src/shared/elf-util.c
index 4d93e7eaba..6d9fcfbbf2 100644
--- a/src/shared/elf-util.c
+++ b/src/shared/elf-util.c
@@ -80,7 +80,7 @@ unsigned int (*sym_elf_version)(unsigned int);
GElf_Phdr *(*sym_gelf_getphdr)(Elf *, int, GElf_Phdr *);
size_t (*sym_gelf_getnote)(Elf_Data *, size_t, GElf_Nhdr *, size_t *, size_t *);
-static int dlopen_dw(void) {
+int dlopen_dw(void) {
int r;
r = dlopen_many_sym_or_warn(
@@ -123,7 +123,7 @@ static int dlopen_dw(void) {
return 1;
}
-static int dlopen_elf(void) {
+int dlopen_elf(void) {
int r;
r = dlopen_many_sym_or_warn(
diff --git a/src/shared/elf-util.h b/src/shared/elf-util.h
index cf3d9be128..b28e64cea6 100644
--- a/src/shared/elf-util.h
+++ b/src/shared/elf-util.h
@@ -4,6 +4,9 @@
#include "json.h"
#if HAVE_ELFUTILS
+int dlopen_dw(void);
+int dlopen_elf(void);
+
/* Parse an ELF object in a forked process, so that errors while iterating over
* untrusted and potentially malicious data do not propagate to the main caller's process.
* If fork_disable_dump, the child process will not dump core if it crashes. */
diff --git a/src/shared/meson.build b/src/shared/meson.build
index 5dc58a863d..006310a917 100644
--- a/src/shared/meson.build
+++ b/src/shared/meson.build
@@ -241,6 +241,8 @@ shared_sources = files('''
parse-argument.h
parse-socket-bind-item.c
parse-socket-bind-item.h
+ pcre2-dlopen.c
+ pcre2-dlopen.h
pe-header.h
pkcs11-util.c
pkcs11-util.h
diff --git a/src/journal/pcre2-dlopen.c b/src/shared/pcre2-dlopen.c
similarity index 100%
rename from src/journal/pcre2-dlopen.c
rename to src/shared/pcre2-dlopen.c
diff --git a/src/journal/pcre2-dlopen.h b/src/shared/pcre2-dlopen.h
similarity index 100%
rename from src/journal/pcre2-dlopen.h
rename to src/shared/pcre2-dlopen.h
diff --git a/src/test/test-dlopen-so.c b/src/test/test-dlopen-so.c
index ea2ef31b1f..002f666ed8 100644
--- a/src/test/test-dlopen-so.c
+++ b/src/test/test-dlopen-so.c
@@ -5,10 +5,12 @@
#include "bpf-dlopen.h"
#include "cryptsetup-util.h"
+#include "elf-util.h"
#include "idn-util.h"
#include "libfido2-util.h"
#include "macro.h"
#include "main-func.h"
+#include "pcre2-dlopen.h"
#include "pwquality-util.h"
#include "qrcode-util.h"
#include "tests.h"
@@ -49,6 +51,15 @@ static int run(int argc, char **argv) {
assert_se(dlopen_bpf() >= 0);
#endif
+#if HAVE_ELFUTILS
+ assert_se(dlopen_dw() >= 0);
+ assert_se(dlopen_elf() >= 0);
+#endif
+
+#if HAVE_PCRE2
+ assert_se(dlopen_pcre2() >= 0);
+#endif
+
return 0;
}

68
SOURCES/0041-kernel-install-don-t-pull-out-KERNEL_IMAGE.patch
Unescape View File

@ -0,0 +1,68 @@ @@ -0,0 +1,68 @@
From 92a81ce8d96ea924310262663d86d4ed9c727490 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Mon, 20 Dec 2021 14:57:39 +0100
Subject: [PATCH] kernel-install: don't pull out KERNEL_IMAGE

It's part of the pack directly passed to scripts on add and ignored on
remove

(cherry picked from commit af319a4b14bd05cd4c8460487f2c6d7a31b35640)

Related: #2065061
---
src/kernel-install/kernel-install | 21 ++++++++++-----------
1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 2e8f382d5f..097d6557f2 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -72,15 +72,14 @@ else
[ $# -ge 1 ] && shift
fi
-KERNEL_VERSION="$1"
-KERNEL_IMAGE="$2"
-[ $# -ge 2 ] && shift 2
-
-if [ -z "$COMMAND" ] || [ -z "$KERNEL_VERSION" ]; then
+if [ $# -lt 1 ]; then
echo "Not enough arguments" >&2
exit 1
fi
+KERNEL_VERSION="$1"
+shift
+
if [ -r "/etc/kernel/install.conf" ]; then
. /etc/kernel/install.conf
elif [ -r "/usr/lib/kernel/install.conf" ]; then
@@ -147,13 +146,13 @@ IFS="
case "$COMMAND" in
add)
- if [ -z "$KERNEL_IMAGE" ]; then
- echo "Command 'add' requires an argument" >&2
+ if [ $# -lt 1 ]; then
+ echo "Command 'add' requires a kernel image" >&2
exit 1
fi
- if ! [ -f "$KERNEL_IMAGE" ]; then
- echo "Kernel image argument $KERNEL_IMAGE not a file" >&2
+ if ! [ -f "$1" ]; then
+ echo "Kernel image argument $1 not a file" >&2
exit 1
fi
@@ -170,8 +169,8 @@ case "$COMMAND" in
fi
for f in $PLUGINS; do
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE $*"
- "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "$@"
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $*"
+ "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$@"
err=$?
[ $err -eq $skip_remaining ] && break
ret=$(( ret + err ))

36
SOURCES/0041-systemctl-Show-how-long-a-service-ran-for-after-it-e.patch
Unescape View File

@ -0,0 +1,36 @@ @@ -0,0 +1,36 @@
From b07519fd5241eacfdb735917eca4ccbf441b5a8a Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 22 Feb 2022 11:06:00 +0000
Subject: [PATCH] systemctl: Show how long a service ran for after it exited in
status output

(cherry picked from commit 0802f62efc1d1c67d5be67223b529c93536cf2ed)

Related: #2017035
---
src/systemctl/systemctl-show.c | 12 ++++++++++++
1 file changed, 12 insertions(+)

diff --git a/src/systemctl/systemctl-show.c b/src/systemctl/systemctl-show.c
index 37c898f313..9b23471990 100644
--- a/src/systemctl/systemctl-show.c
+++ b/src/systemctl/systemctl-show.c
@@ -433,6 +433,18 @@ static void print_status_info(
FORMAT_TIMESTAMP_STYLE(until_timestamp, arg_timestamp_style),
FORMAT_TIMESTAMP_RELATIVE(until_timestamp));
}
+
+ if (!endswith(i->id, ".target") &&
+ STRPTR_IN_SET(i->active_state, "inactive", "failed") &&
+ timestamp_is_set(i->active_enter_timestamp) &&
+ timestamp_is_set(i->active_exit_timestamp) &&
+ i->active_exit_timestamp >= i->active_enter_timestamp) {
+
+ usec_t duration;
+
+ duration = i->active_exit_timestamp - i->active_enter_timestamp;
+ printf(" Duration: %s\n", FORMAT_TIMESPAN(duration, MSEC_PER_SEC));
+ }
} else
printf("\n");

32
SOURCES/0042-kernel-install-prefer-boot-over-boot-efi-for-BOOT_RO.patch
Unescape View File

@ -0,0 +1,32 @@ @@ -0,0 +1,32 @@
From 9e3e7a50f92ee2f315a22f412f33f60d1f100e5a Mon Sep 17 00:00:00 2001
From: Adam Williamson <awilliam@redhat.com>
Date: Wed, 5 Jan 2022 14:07:14 -0800
Subject: [PATCH] kernel-install: prefer /boot over /boot/efi for $BOOT_ROOT

This restores the preference order from before 9e82a74. The code
previous to that change 'preferred' /boot over /boot/efi; that
commit changed it to check /boot/efi before checking /boot.
Changing this precedence could (and did, for me) have unexpected
effects - it seems safer to leave it how it was.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
(cherry picked from commit a5307e173bf86d695fe85b8e15e91126e8618a14)

Related: #2065061
---
src/kernel-install/kernel-install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 097d6557f2..e56483ef96 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -97,7 +97,7 @@ fi
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
- for pref in "/efi" "/boot/efi" "/boot"; do
+ for pref in "/efi" "/boot" "/boot/efi" ; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
break 2

130
SOURCES/0042-time-util-introduce-TIMESTAMP_UNIX.patch
Unescape View File

@ -0,0 +1,130 @@ @@ -0,0 +1,130 @@
From 5f59cc1593eaa251161061fe9a4ac4afb1592e6e Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Mon, 21 Feb 2022 13:08:20 +0100
Subject: [PATCH] time-util: introduce TIMESTAMP_UNIX

Allow formatting timestamps as number of seconds since the Epoch for easier
machine parsing.

Fixes: #22567

```
$ systemctl show systemd-journald | grep Timestamp
WatchdogTimestampMonotonic=0
ExecMainStartTimestamp=Sat 2021-12-11 15:25:57 CET
ExecMainStartTimestampMonotonic=13030408
ExecMainExitTimestampMonotonic=0
StateChangeTimestamp=Sat 2021-12-11 15:25:57 CET
StateChangeTimestampMonotonic=13049273
InactiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
InactiveExitTimestampMonotonic=13030430
ActiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
ActiveEnterTimestampMonotonic=13049273
ActiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
ActiveExitTimestampMonotonic=12997236
InactiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
InactiveEnterTimestampMonotonic=13028890
ConditionTimestamp=Sat 2021-12-11 15:25:57 CET
ConditionTimestampMonotonic=13029539
AssertTimestamp=Sat 2021-12-11 15:25:57 CET
AssertTimestampMonotonic=13029540

$ systemctl show --timestamp=unix systemd-journald | grep Timestamp
WatchdogTimestampMonotonic=0
ExecMainStartTimestamp=@1639232757
ExecMainStartTimestampMonotonic=13030408
ExecMainExitTimestampMonotonic=0
StateChangeTimestamp=@1639232757
StateChangeTimestampMonotonic=13049273
InactiveExitTimestamp=@1639232757
InactiveExitTimestampMonotonic=13030430
ActiveEnterTimestamp=@1639232757
ActiveEnterTimestampMonotonic=13049273
ActiveExitTimestamp=@1639232757
ActiveExitTimestampMonotonic=12997236
InactiveEnterTimestamp=@1639232757
InactiveEnterTimestampMonotonic=13028890
ConditionTimestamp=@1639232757
ConditionTimestampMonotonic=13029539
AssertTimestamp=@1639232757
AssertTimestampMonotonic=13029540
```

(cherry picked from commit ed4a5b434517eeebc508379476cf112704e7981c)

Related: #2017035
---
src/basic/time-util.c | 11 +++++++++++
src/basic/time-util.h | 1 +
src/test/test-time-util.c | 5 +++++
3 files changed, 17 insertions(+)

diff --git a/src/basic/time-util.c b/src/basic/time-util.c
index b659d6905d..c0841af8f3 100644
--- a/src/basic/time-util.c
+++ b/src/basic/time-util.c
@@ -320,11 +320,13 @@ char *format_timestamp_style(
time_t sec;
size_t n;
bool utc = false, us = false;
+ int r;
assert(buf);
switch (style) {
case TIMESTAMP_PRETTY:
+ case TIMESTAMP_UNIX:
break;
case TIMESTAMP_US:
us = true;
@@ -350,6 +352,14 @@ char *format_timestamp_style(
if (t <= 0 || t == USEC_INFINITY)
return NULL; /* Timestamp is unset */
+ if (style == TIMESTAMP_UNIX) {
+ r = snprintf(buf, l, "@" USEC_FMT, t / USEC_PER_SEC); /* round down µs → s */
+ if (r < 0 || (size_t) r >= l)
+ return NULL; /* Doesn't fit */
+
+ return buf;
+ }
+
/* Let's not format times with years > 9999 */
if (t > USEC_TIMESTAMP_FORMATTABLE_MAX) {
assert(l >= STRLEN("--- XXXX-XX-XX XX:XX:XX") + 1);
@@ -1632,6 +1642,7 @@ static const char* const timestamp_style_table[_TIMESTAMP_STYLE_MAX] = {
[TIMESTAMP_US] = "us",
[TIMESTAMP_UTC] = "utc",
[TIMESTAMP_US_UTC] = "us+utc",
+ [TIMESTAMP_UNIX] = "unix",
};
/* Use the macro for enum → string to allow for aliases */
diff --git a/src/basic/time-util.h b/src/basic/time-util.h
index 895af88299..01a72026e3 100644
--- a/src/basic/time-util.h
+++ b/src/basic/time-util.h
@@ -34,6 +34,7 @@ typedef enum TimestampStyle {
TIMESTAMP_US,
TIMESTAMP_UTC,
TIMESTAMP_US_UTC,
+ TIMESTAMP_UNIX,
_TIMESTAMP_STYLE_MAX,
_TIMESTAMP_STYLE_INVALID = -EINVAL,
} TimestampStyle;
diff --git a/src/test/test-time-util.c b/src/test/test-time-util.c
index 554693834b..799d271a44 100644
--- a/src/test/test-time-util.c
+++ b/src/test/test-time-util.c
@@ -325,6 +325,11 @@ TEST(format_timestamp) {
assert_se(parse_timestamp(buf, &y) >= 0);
assert_se(x / USEC_PER_SEC == y / USEC_PER_SEC);
+ assert_se(format_timestamp_style(buf, sizeof(buf), x, TIMESTAMP_UNIX));
+ log_debug("%s", buf);
+ assert_se(parse_timestamp(buf, &y) >= 0);
+ assert_se(x / USEC_PER_SEC == y / USEC_PER_SEC);
+
assert_se(format_timestamp_style(buf, sizeof(buf), x, TIMESTAMP_UTC));
log_debug("%s", buf);
assert_se(parse_timestamp(buf, &y) >= 0);

26
SOURCES/0043-kernel-install-also-remove-modules.builtin.alias.bin.patch
Unescape View File

@ -0,0 +1,26 @@ @@ -0,0 +1,26 @@
From e84e60f9fac9d6bae3dd91698c556faf4dec2ca9 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sat, 15 Jan 2022 03:37:40 +0900
Subject: [PATCH] kernel-install: also remove modules.builtin.alias.bin

Fixes RHBZ#2016630.

(cherry picked from commit 06006691b5c56b6123044179d934b3ed81c237ca)

Related: #2065061
---
src/kernel-install/50-depmod.install | 1 +
1 file changed, 1 insertion(+)

diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index aa1f6b8e0e..be414f39d1 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -33,6 +33,7 @@ case "$COMMAND" in
"/lib/modules/$KERNEL_VERSION/modules.alias" \
"/lib/modules/$KERNEL_VERSION/modules.alias.bin" \
"/lib/modules/$KERNEL_VERSION/modules.builtin.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.builtin.alias.bin" \
"/lib/modules/$KERNEL_VERSION/modules.dep" \
"/lib/modules/$KERNEL_VERSION/modules.dep.bin" \
"/lib/modules/$KERNEL_VERSION/modules.devname" \

49
SOURCES/0043-systemctl-man-update-docs-for-timestamp.patch
Unescape View File

@ -0,0 +1,49 @@ @@ -0,0 +1,49 @@
From 17dfcbd7fe332e7559e168520a57b0241d688485 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Mon, 21 Feb 2022 13:14:18 +0100
Subject: [PATCH] systemctl,man: update docs for `--timestamp=`

(cherry picked from commit b58b4a9f379748fec667fb60606de945eaafadbe)

Related: #2017035
---
man/systemctl.xml | 7 +++++++
src/systemctl/systemctl.c | 7 ++-----
2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/man/systemctl.xml b/man/systemctl.xml
index 3b3d709ab3..f28579e05d 100644
--- a/man/systemctl.xml
+++ b/man/systemctl.xml
@@ -2305,6 +2305,13 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
</varlistentry>
</variablelist>
+ <variablelist>
+ <varlistentry>
+ <term><option>unix</option></term>
+ <listitem><para><literal>@seconds-since-the-epoch</literal></para></listitem>
+ </varlistentry>
+ </variablelist>
+
<variablelist>
<varlistentry>
<term><option>us</option></term>
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
index 9031e685ea..0489796a75 100644
--- a/src/systemctl/systemctl.c
+++ b/src/systemctl/systemctl.c
@@ -296,11 +296,8 @@ static int systemctl_help(void) {
" --boot-loader-entry=NAME\n"
" Boot into a specific boot loader entry on next boot\n"
" --plain Print unit dependencies as a list instead of a tree\n"
- " --timestamp=FORMAT Change format of printed timestamps.\n"
- " 'pretty' (default): 'Day YYYY-MM-DD HH:MM:SS TZ\n"
- " 'us': 'Day YYYY-MM-DD HH:MM:SS.UUUUUU TZ\n"
- " 'utc': 'Day YYYY-MM-DD HH:MM:SS UTC\n"
- " 'us+utc': 'Day YYYY-MM-DD HH:MM:SS.UUUUUU UTC\n"
+ " --timestamp=FORMAT Change format of printed timestamps (pretty, unix,\n"
+ " us, utc, us+utc)\n"
" --read-only Create read-only bind mount\n"
" --mkdir Create directory before mounting, if missing\n"
" --marked Restart/reload previously marked units\n"

77
SOURCES/0044-kernel-install-add-new-variable-KERNEL_INSTALL_INITR.patch
Unescape View File

@ -0,0 +1,77 @@ @@ -0,0 +1,77 @@
From 57ff5d23530c509773d183dfbfe06e2cad2acb42 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 18 Jan 2022 17:40:13 +0100
Subject: [PATCH] kernel-install: add new variable
$KERNEL_INSTALL_INITRD_GENERATOR

The idea is that when not set, we do whatever we did in the past. But
with a new setting of initrd_generator=mkosi-initrd, mkosi-initrd will
generate an initrd.

(cherry picked from commit 5c1b257faf87cb4f93aee8866f45a8cb98230af9)

Related: #2065061
---
man/kernel-install.xml | 6 +++++-
src/kernel-install/install.conf | 1 +
src/kernel-install/kernel-install | 5 ++++-
3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/man/kernel-install.xml b/man/kernel-install.xml
index 83255bb932..bb76074d2e 100644
--- a/man/kernel-install.xml
+++ b/man/kernel-install.xml
@@ -171,11 +171,15 @@
<para><varname>KERNEL_INSTALL_BOOT_ROOT=</varname> is set for the plugins to the root directory (mount point, usually) of the hierarchy
where boot-loader entries, kernel images, and associated resources should be placed. Can be overridden by setting <varname>BOOT_ROOT=</varname>.</para>
- <para><varname>KERNEL_INSTALL_LAYOUT=bls|other|...</varname> specifies the installation layout.
+ <para><varname>KERNEL_INSTALL_LAYOUT=bls|other|...</varname> is set for the plugins to specify the installation layout.
Defaults to <option>bls</option> if <filename>$BOOT/<replaceable>MACHINE-ID</replaceable></filename> exists, or <option>other</option> otherwise.
Additional layout names may be defined by convention. If a plugin uses a special layout,
it's encouraged to declare its own layout name and configure <varname>layout=</varname> in <filename>install.conf</filename> upon initial installation.</para>
+ <para><varname>KERNEL_INSTALL_INITRD_GENERATOR=...</varname> is set for plugins to select the initrd generator.
+ This should be configured as <varname>initrd_generator=</varname> in <filename>install.conf</filename>.
+ </para>
+
<variablelist>
<varlistentry>
<term>bls</term>
diff --git a/src/kernel-install/install.conf b/src/kernel-install/install.conf
index e4802e6fae..43b6e7d792 100644
--- a/src/kernel-install/install.conf
+++ b/src/kernel-install/install.conf
@@ -8,3 +8,4 @@
# See kernel-install(8) for details.
#layout=bls|other|...
+#initrd_generator=dracut|...
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index e56483ef96..fe457c1070 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -80,6 +80,9 @@ fi
KERNEL_VERSION="$1"
shift
+layout=
+initrd_generator=
+
if [ -r "/etc/kernel/install.conf" ]; then
. /etc/kernel/install.conf
elif [ -r "/usr/lib/kernel/install.conf" ]; then
@@ -123,12 +126,12 @@ if [ -z "$layout" ]; then
fi
fi
-
ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
+export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
[ "$layout" = "bls" ]
MAKE_ENTRY_DIR_ABS=$?

69
SOURCES/0044-systemctl-make-timestamp-affect-the-show-verb-as-wel.patch
Unescape View File

@ -0,0 +1,69 @@ @@ -0,0 +1,69 @@
From ab458e74eccf14550711ca024e9176fba7993abc Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 18 Feb 2022 23:09:18 +0100
Subject: [PATCH] systemctl: make `--timestamp=` affect the `show` verb as well

Currently the `--timestamp=` option has no effect on timestamps shown by
`systemctl show`, let's fix that.

Spotted in #22567.

Before:
```
$ systemctl show --timestamp=us+utc systemd-journald | grep Timestamp=
ExecMainStartTimestamp=Sat 2021-12-11 15:25:57 CET
StateChangeTimestamp=Sat 2021-12-11 15:25:57 CET
InactiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
ActiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
ActiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
InactiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
ConditionTimestamp=Sat 2021-12-11 15:25:57 CET
AssertTimestamp=Sat 2021-12-11 15:25:57 CET
```

After:
```
$ systemctl show --timestamp=us+utc systemd-journald | grep Timestamp=
ExecMainStartTimestamp=Sat 2021-12-11 14:25:57.177848 UTC
StateChangeTimestamp=Sat 2021-12-11 14:25:57.196714 UTC
InactiveExitTimestamp=Sat 2021-12-11 14:25:57.177871 UTC
ActiveEnterTimestamp=Sat 2021-12-11 14:25:57.196714 UTC
ActiveExitTimestamp=Sat 2021-12-11 14:25:57.144677 UTC
InactiveEnterTimestamp=Sat 2021-12-11 14:25:57.176331 UTC
ConditionTimestamp=Sat 2021-12-11 14:25:57.176980 UTC
AssertTimestamp=Sat 2021-12-11 14:25:57.176980 UTC

```

(cherry picked from commit a59e5c625da5a6e0c46e493d55f2f4212e9457ca)

Related: #2017035
---
src/systemctl/systemctl-show.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)

diff --git a/src/systemctl/systemctl-show.c b/src/systemctl/systemctl-show.c
index 9b23471990..7a6655da74 100644
--- a/src/systemctl/systemctl-show.c
+++ b/src/systemctl/systemctl-show.c
@@ -1001,6 +1001,20 @@ static int print_property(const char *name, const char *expected_value, sd_bus_m
}
break;
+ case SD_BUS_TYPE_UINT64:
+ if (endswith(name, "Timestamp")) {
+ uint64_t timestamp;
+
+ r = sd_bus_message_read_basic(m, bus_type, &timestamp);
+ if (r < 0)
+ return r;
+
+ bus_print_property_value(name, expected_value, flags, FORMAT_TIMESTAMP_STYLE(timestamp, arg_timestamp_style));
+
+ return 1;
+ }
+ break;
+
case SD_BUS_TYPE_STRUCT:
if (contents[0] == SD_BUS_TYPE_UINT32 && streq(name, "Job")) {

32
SOURCES/0045-kernel-install-k-i-already-creates-ENTRY_DIR_ABS-no-.patch
Unescape View File

@ -0,0 +1,32 @@ @@ -0,0 +1,32 @@
From a9dadfb00f799b15af9e1f994b22d0b8165f78a5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:10:37 +0100
Subject: [PATCH] kernel-install: k-i already creates $ENTRY_DIR_ABS, no need
to do it again

(cherry picked from commit a520d5dddb991cd713392d4de0e342e312547a2e)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index e588e72bf9..7b768457c1 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -78,12 +78,8 @@ else
fi
if ! [ -d "$ENTRY_DIR_ABS" ]; then
- if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then
- echo "+mkdir -v -p $ENTRY_DIR_ABS"
- mkdir -v -p "$ENTRY_DIR_ABS"
- else
- mkdir -p "$ENTRY_DIR_ABS"
- fi
+ echo "Error: entry directory '$ENTRY_DIR_ABS' does not exist" >&2
+ exit 1
fi
install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {

39
SOURCES/0045-tests-allow-running-all-the-services-with-SYSTEMD_LO.patch
Unescape View File

@ -0,0 +1,39 @@ @@ -0,0 +1,39 @@
From fdd32f48af7993305f65989162dedd75a929966a Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Tue, 15 Feb 2022 01:13:10 +0000
Subject: [PATCH] tests: allow running all the services with SYSTEMD_LOG_LEVEL

It should make it easier to figure out what exactly services do there.
For example, with SYSTEMD_LOG_LEVEL=debug userdbd (v249) prints
```
varlink-5: New incoming message: {"method":"io.systemd.UserDatabase.GetUserRecord","parameters":{}}
```
before it crashes and systemd-resolved prints
```
varlink-21: New incoming message: {"method":"io.systemd.Resolve.ResolveAddress","parameters":{"address":[127,0,0,1],"flags":0,"ifindex":1000000,"family":0}}
```
and those messages are helpful (especially when scripts causing them
aren't clever enough to keep track of random stuff they send to systemd
:-))

(cherry picked from commit bf6ef6b6a9156e5f52ee69ce0c529a246f103e54)

Related: #2017035
---
test/test-functions | 3 +++
1 file changed, 3 insertions(+)

diff --git a/test/test-functions b/test/test-functions
index dcc893733c..a299f5ff1f 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -1142,6 +1142,9 @@ install_systemd() {
# enable debug logging in PID1
echo LogLevel=debug >>"$initdir/etc/systemd/system.conf"
+ if [[ -n "$TEST_SYSTEMD_LOG_LEVEL" ]]; then
+ echo DefaultEnvironment=SYSTEMD_LOG_LEVEL="$TEST_SYSTEMD_LOG_LEVEL" >>"$initdir/etc/systemd/system.conf"
+ fi
# store coredumps in journal
echo Storage=journal >>"$initdir/etc/systemd/coredump.conf"
# Propagate SYSTEMD_UNIT_PATH to user systemd managers

46
SOURCES/0046-coredump-raise-the-coredump-save-size-on-64bit-syste.patch
Unescape View File

@ -0,0 +1,46 @@ @@ -0,0 +1,46 @@
From 19d3bf238c41c756b391fc7e66e5217cde42a896 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 8 Feb 2022 11:52:17 +0100
Subject: [PATCH] coredump: raise the coredump save size on 64bit systems to
32G (and lower it to 1G on 32bit systems)

Apparently 2G is too low for various real-life systems. But raising it
universally above 2^32 sounds wrong to me, since that makes no sense on
32bit systems, that we still support.

Hence, let's raise the limit to 32G on 64bit systems, and *lower* it to
1G on 32bit systems.

32G is 4 orders of magnitude higher then the old settings. Let's hope
that's enough for now. Should this not be enough we can raise it
further.

Fixes: #22076
(cherry picked from commit e677041e7a6988f73de802db6e49d962d432944b)

Related: #2017035
---
src/coredump/coredump.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index 6a6e9765d4..fd156370b2 100644
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -48,8 +48,14 @@
#include "uid-alloc-range.h"
#include "user-util.h"
-/* The maximum size up to which we process coredumps */
-#define PROCESS_SIZE_MAX ((uint64_t) (2LLU*1024LLU*1024LLU*1024LLU))
+/* The maximum size up to which we process coredumps. We use 1G on 32bit systems, and 32G on 64bit systems */
+#if __SIZEOF_POINTER__ == 4
+#define PROCESS_SIZE_MAX ((uint64_t) (1LLU*1024LLU*1024LLU*1024LLU))
+#elif __SIZEOF_POINTER__ == 8
+#define PROCESS_SIZE_MAX ((uint64_t) (32LLU*1024LLU*1024LLU*1024LLU))
+#else
+#error "Unexpected pointer size"
+#endif
/* The maximum size up to which we leave the coredump around on disk */
#define EXTERNAL_SIZE_MAX PROCESS_SIZE_MAX

118
SOURCES/0046-kernel-install-prefix-errors-with-Error-exit-immedia.patch
Unescape View File

@ -0,0 +1,118 @@ @@ -0,0 +1,118 @@
From 007b832500a0a7438999a5dade3e3c49ba07099c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:15:16 +0100
Subject: [PATCH] kernel-install: prefix errors with "Error:", exit immediately
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

kernel-install would continue after errors… We don't want this, as it
makes the results totally unpredicatable. If we didn't install the kernel
or didn't do some important part of the setup, let's just return an error
and let the user deal with it.

When looking at output, the error was often hard to distinguish, esp.
with -v. Add "Error:" everywhere to make the output easier to parse.

(cherry picked from commit 680cec6b4ddb356d7dd087b197718712cb5c1662)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 10 +++++-----
src/kernel-install/kernel-install | 12 ++++++------
2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 7b768457c1..6a396910cb 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -83,27 +83,27 @@ if ! [ -d "$ENTRY_DIR_ABS" ]; then
fi
install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
- echo "Could not copy '$KERNEL_IMAGE' to '$ENTRY_DIR_ABS/linux'." >&2
+ echo "Error: could not copy '$KERNEL_IMAGE' to '$ENTRY_DIR_ABS/linux'." >&2
exit 1
}
shift "$INITRD_OPTIONS_SHIFT"
for initrd; do
[ -f "$initrd" ] || {
- echo "Initrd '$initrd' not a file." >&2
+ echo "Error: initrd '$initrd' not a file." >&2
exit 1
}
initrd_basename="${initrd##*/}"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
install -g root -o root -m 0644 "$initrd" "$ENTRY_DIR_ABS/$initrd_basename" || {
- echo "Could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
+ echo "Error: could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
exit 1
}
done
mkdir -p "${LOADER_ENTRY%/*}" || {
- echo "Could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
+ echo "Error: could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
exit 1
}
@@ -121,7 +121,7 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
[ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
- echo "Could not create loader entry '$LOADER_ENTRY'." >&2
+ echo "Error: could not create loader entry '$LOADER_ENTRY'." >&2
exit 1
}
exit 0
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index fe457c1070..a73a205d79 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -73,7 +73,7 @@ else
fi
if [ $# -lt 1 ]; then
- echo "Not enough arguments" >&2
+ echo "Error: not enough arguments" >&2
exit 1
fi
@@ -150,12 +150,12 @@ IFS="
case "$COMMAND" in
add)
if [ $# -lt 1 ]; then
- echo "Command 'add' requires a kernel image" >&2
+ echo "Error: command 'add' requires a kernel image" >&2
exit 1
fi
if ! [ -f "$1" ]; then
- echo "Kernel image argument $1 not a file" >&2
+ echo "Error: kernel image argument $1 not a file" >&2
exit 1
fi
@@ -165,9 +165,9 @@ case "$COMMAND" in
# to serve as the indication to use or to not use the BLS
if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then
echo "+mkdir -v -p $ENTRY_DIR_ABS"
- mkdir -v -p "$ENTRY_DIR_ABS"
+ mkdir -v -p "$ENTRY_DIR_ABS" || exit 1
else
- mkdir -p "$ENTRY_DIR_ABS"
+ mkdir -p "$ENTRY_DIR_ABS" || exit 1
fi
fi
@@ -196,7 +196,7 @@ case "$COMMAND" in
;;
*)
- echo "Unknown command '$COMMAND'" >&2
+ echo "Error: unknown command '$COMMAND'" >&2
exit 1
;;
esac

108
SOURCES/0047-kernel-install-add-KERNEL_INSTALL_STAGING_AREA-direc.patch
Unescape View File

@ -0,0 +1,108 @@ @@ -0,0 +1,108 @@
From f91f3437fcf193f2c13657a20f93e91a2f9663cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:20:22 +0100
Subject: [PATCH] kernel-install: add "$KERNEL_INSTALL_STAGING_AREA" directory

The general approach of kernel-install was that each plugin would drop in some
files into the entry directory. But this doesn't scale well, because if we have
multiple initrd generators, or multiple initrds, each generator would need to
recreate the logic to put the generated files in the right place.

Also, effective cleanup is impossible if anything goes wrong on the way, so we
could end up with unused files in $BOOT.

So let's invert the process: plugins drop files into $KERNEL_INSTALL_STAGING_AREA,
and at the end 90-loaderentry.install DTRT with those files.

This allow new plugins like 50-mkosi-initrd.install to be significantly simpler.

(cherry picked from commit 367165a4069ac0c04882a05a8a80f6afb1e42760)

Related: #2065061
---
man/kernel-install.xml | 4 ++++
src/kernel-install/90-loaderentry.install | 13 ++++++++++---
src/kernel-install/kernel-install | 10 ++++++++++
3 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/man/kernel-install.xml b/man/kernel-install.xml
index bb76074d2e..685617863e 100644
--- a/man/kernel-install.xml
+++ b/man/kernel-install.xml
@@ -180,6 +180,10 @@
This should be configured as <varname>initrd_generator=</varname> in <filename>install.conf</filename>.
</para>
+ <para><varname>KERNEL_INSTALL_STAGING_AREA=...</varname> is set for plugins to a path to a directory.
+ Plugins may drop files in that directory, and they will be installed as part of the loader entry, based
+ on the file name and extension.</para>
+
<variablelist>
<varlistentry>
<term>bls</term>
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 6a396910cb..0888c260e2 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -18,6 +18,8 @@
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
+shopt -s nullglob
+
COMMAND="$1"
KERNEL_VERSION="$2"
ENTRY_DIR_ABS="$3"
@@ -88,7 +90,8 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
}
shift "$INITRD_OPTIONS_SHIFT"
-for initrd; do
+# All files listed as arguments, and staged files called "initrd*" are installed as initrds.
+for initrd in "$@" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
[ -f "$initrd" ] || {
echo "Error: initrd '$initrd' not a file." >&2
exit 1
@@ -114,11 +117,15 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
echo "machine-id $MACHINE_ID"
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
- for initrd; do
+
+ have_initrd=
+ for initrd in "${@}" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
echo "initrd $ENTRY_DIR/${initrd##*/}"
+ have_initrd=yes
done
+
# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
- [ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
+ [ -z "$have_initrd" ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
echo "Error: could not create loader entry '$LOADER_ENTRY'." >&2
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index a73a205d79..8cfef3208d 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -128,10 +128,20 @@ fi
ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
+# Provide a directory where to store generated initrds
+cleanup() {
+ [ -n "$KERNEL_INSTALL_STAGING_AREA" ] && rm -rf "$KERNEL_INSTALL_STAGING_AREA"
+}
+
+trap cleanup EXIT
+
+KERNEL_INSTALL_STAGING_AREA="$(mktemp -d -t -p /tmp kernel-install.staging.XXXXXXX)"
+
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
+export KERNEL_INSTALL_STAGING_AREA
[ "$layout" = "bls" ]
MAKE_ENTRY_DIR_ABS=$?

644
SOURCES/0047-repart-fix-sector-size-handling.patch
Unescape View File

@ -0,0 +1,644 @@ @@ -0,0 +1,644 @@
From 389cc9af2087aa5369ac6bf0124d14877d541966 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 4 Feb 2022 17:39:44 +0100
Subject: [PATCH] repart: fix sector size handling

This queries the sector size from libfdisk instead of assuming 512, and
uses that when converting from bytes to the offset/size values libfdisk
expects.

This is an alternative to Tom Yan's #21823, but prefers using libfdisk's
own ideas of the sector size instead of going directly to the backing
device via ioctls. (libfdisk can after all also operate on regular
files, where the sector size concept doesn't necessarily apply the same
way.)

This also makes the "grain" variable, i.e. how we'll align the
partitions. Previously this was hardcoded to 4K, and that still will be
the minimum grain we use, but should the sector size be larger than that
we'll use the next multiple of the sector size instead.

(cherry picked from commit 994b303123ebe6a140bf3e56c66aa66119ae7d95)

Related: #2017035
---
src/partition/repart.c | 212 +++++++++++++++++++++++++----------------
1 file changed, 132 insertions(+), 80 deletions(-)

diff --git a/src/partition/repart.c b/src/partition/repart.c
index d08f47f2c4..0862a37a8d 100644
--- a/src/partition/repart.c
+++ b/src/partition/repart.c
@@ -195,6 +195,8 @@ struct Context {
uint64_t start, end, total;
struct fdisk_context *fdisk_context;
+ uint64_t sector_size;
+ uint64_t grain_size;
sd_id128_t seed;
};
@@ -407,9 +409,12 @@ static bool context_drop_one_priority(Context *context) {
return true;
}
-static uint64_t partition_min_size(const Partition *p) {
+static uint64_t partition_min_size(Context *context, const Partition *p) {
uint64_t sz;
+ assert(context);
+ assert(p);
+
/* Calculate the disk space we really need at minimum for this partition. If the partition already
* exists the current size is what we really need. If it doesn't exist yet refuse to allocate less
* than 4K.
@@ -428,50 +433,60 @@ static uint64_t partition_min_size(const Partition *p) {
uint64_t d = 0;
if (p->encrypt != ENCRYPT_OFF)
- d += round_up_size(LUKS2_METADATA_SIZE, 4096);
+ d += round_up_size(LUKS2_METADATA_SIZE, context->grain_size);
if (p->copy_blocks_size != UINT64_MAX)
- d += round_up_size(p->copy_blocks_size, 4096);
+ d += round_up_size(p->copy_blocks_size, context->grain_size);
else if (p->format || p->encrypt != ENCRYPT_OFF) {
uint64_t f;
/* If we shall synthesize a file system, take minimal fs size into account (assumed to be 4K if not known) */
- f = p->format ? minimal_size_by_fs_name(p->format) : UINT64_MAX;
- d += f == UINT64_MAX ? 4096 : f;
+ f = p->format ? round_up_size(minimal_size_by_fs_name(p->format), context->grain_size) : UINT64_MAX;
+ d += f == UINT64_MAX ? context->grain_size : f;
}
if (d > sz)
sz = d;
}
- return MAX(p->size_min != UINT64_MAX ? p->size_min : DEFAULT_MIN_SIZE, sz);
+ return MAX(round_up_size(p->size_min != UINT64_MAX ? p->size_min : DEFAULT_MIN_SIZE, context->grain_size), sz);
}
-static uint64_t partition_max_size(const Partition *p) {
+static uint64_t partition_max_size(const Context *context, const Partition *p) {
+ uint64_t sm;
+
/* Calculate how large the partition may become at max. This is generally the configured maximum
* size, except when it already exists and is larger than that. In that case it's the existing size,
* since we never want to shrink partitions. */
+ assert(context);
+ assert(p);
+
if (PARTITION_IS_FOREIGN(p)) {
/* Don't allow changing size of partitions not managed by us */
assert(p->current_size != UINT64_MAX);
return p->current_size;
}
+ sm = round_down_size(p->size_max, context->grain_size);
+
if (p->current_size != UINT64_MAX)
- return MAX(p->current_size, p->size_max);
+ return MAX(p->current_size, sm);
- return p->size_max;
+ return sm;
}
-static uint64_t partition_min_size_with_padding(const Partition *p) {
+static uint64_t partition_min_size_with_padding(Context *context, const Partition *p) {
uint64_t sz;
/* Calculate the disk space we need for this partition plus any free space coming after it. This
* takes user configured padding into account as well as any additional whitespace needed to align
* the next partition to 4K again. */
- sz = partition_min_size(p);
+ assert(context);
+ assert(p);
+
+ sz = partition_min_size(context, p);
if (p->padding_min != UINT64_MAX)
sz += p->padding_min;
@@ -479,11 +494,11 @@ static uint64_t partition_min_size_with_padding(const Partition *p) {
if (PARTITION_EXISTS(p)) {
/* If the partition wasn't aligned, add extra space so that any we might add will be aligned */
assert(p->offset != UINT64_MAX);
- return round_up_size(p->offset + sz, 4096) - p->offset;
+ return round_up_size(p->offset + sz, context->grain_size) - p->offset;
}
/* If this is a new partition we'll place it aligned, hence we just need to round up the required size here */
- return round_up_size(sz, 4096);
+ return round_up_size(sz, context->grain_size);
}
static uint64_t free_area_available(const FreeArea *a) {
@@ -495,9 +510,12 @@ static uint64_t free_area_available(const FreeArea *a) {
return a->size - a->allocated;
}
-static uint64_t free_area_available_for_new_partitions(const FreeArea *a) {
+static uint64_t free_area_available_for_new_partitions(Context *context, const FreeArea *a) {
uint64_t avail;
+ assert(context);
+ assert(a);
+
/* Similar to free_area_available(), but takes into account that the required size and padding of the
* preceding partition is honoured. */
@@ -505,16 +523,16 @@ static uint64_t free_area_available_for_new_partitions(const FreeArea *a) {
if (a->after) {
uint64_t need, space_end, new_end;
- need = partition_min_size_with_padding(a->after);
+ need = partition_min_size_with_padding(context, a->after);
assert(a->after->offset != UINT64_MAX);
assert(a->after->current_size != UINT64_MAX);
/* Calculate where the free area ends, based on the offset of the partition preceding it */
- space_end = round_up_size(a->after->offset + a->after->current_size, 4096) + avail;
+ space_end = round_up_size(a->after->offset + a->after->current_size, context->grain_size) + avail;
/* Calculate where the partition would end when we give it as much as it needs */
- new_end = round_up_size(a->after->offset + need, 4096);
+ new_end = round_up_size(a->after->offset + need, context->grain_size);
/* Calculate saturated difference of the two: that's how much we have free for other partitions */
return LESS_BY(space_end, new_end);
@@ -523,15 +541,18 @@ static uint64_t free_area_available_for_new_partitions(const FreeArea *a) {
return avail;
}
-static int free_area_compare(FreeArea *const *a, FreeArea *const*b) {
- return CMP(free_area_available_for_new_partitions(*a),
- free_area_available_for_new_partitions(*b));
+static int free_area_compare(FreeArea *const *a, FreeArea *const*b, Context *context) {
+ assert(context);
+
+ return CMP(free_area_available_for_new_partitions(context, *a),
+ free_area_available_for_new_partitions(context, *b));
}
-static uint64_t charge_size(uint64_t total, uint64_t amount) {
+static uint64_t charge_size(Context *context, uint64_t total, uint64_t amount) {
+ assert(context);
/* Subtract the specified amount from total, rounding up to multiple of 4K if there's room */
assert(amount <= total);
- return LESS_BY(total, round_up_size(amount, 4096));
+ return LESS_BY(total, round_up_size(amount, context->grain_size));
}
static uint64_t charge_weight(uint64_t total, uint64_t amount) {
@@ -545,14 +566,14 @@ static bool context_allocate_partitions(Context *context, uint64_t *ret_largest_
assert(context);
/* Sort free areas by size, putting smallest first */
- typesafe_qsort(context->free_areas, context->n_free_areas, free_area_compare);
+ typesafe_qsort_r(context->free_areas, context->n_free_areas, free_area_compare, context);
/* In any case return size of the largest free area (i.e. not the size of all free areas
* combined!) */
if (ret_largest_free_area)
*ret_largest_free_area =
context->n_free_areas == 0 ? 0 :
- free_area_available_for_new_partitions(context->free_areas[context->n_free_areas-1]);
+ free_area_available_for_new_partitions(context, context->free_areas[context->n_free_areas-1]);
/* A simple first-fit algorithm. We return true if we can fit the partitions in, otherwise false. */
LIST_FOREACH(partitions, p, context->partitions) {
@@ -565,13 +586,13 @@ static bool context_allocate_partitions(Context *context, uint64_t *ret_largest_
continue;
/* How much do we need to fit? */
- required = partition_min_size_with_padding(p);
- assert(required % 4096 == 0);
+ required = partition_min_size_with_padding(context, p);
+ assert(required % context->grain_size == 0);
for (size_t i = 0; i < context->n_free_areas; i++) {
a = context->free_areas[i];
- if (free_area_available_for_new_partitions(a) >= required) {
+ if (free_area_available_for_new_partitions(context, a) >= required) {
fits = true;
break;
}
@@ -683,8 +704,8 @@ static int context_grow_partitions_phase(
if (r < 0)
return r;
- rsz = partition_min_size(p);
- xsz = partition_max_size(p);
+ rsz = partition_min_size(context, p);
+ xsz = partition_max_size(context, p);
if (phase == PHASE_OVERCHARGE && rsz > share) {
/* This partition needs more than its calculated share. Let's assign
@@ -712,13 +733,13 @@ static int context_grow_partitions_phase(
/* Never change of foreign partitions (i.e. those we don't manage) */
p->new_size = p->current_size;
else
- p->new_size = MAX(round_down_size(share, 4096), rsz);
+ p->new_size = MAX(round_down_size(share, context->grain_size), rsz);
charge = true;
}
if (charge) {
- *span = charge_size(*span, p->new_size);
+ *span = charge_size(context, *span, p->new_size);
*weight_sum = charge_weight(*weight_sum, p->weight);
}
@@ -742,7 +763,7 @@ static int context_grow_partitions_phase(
charge = try_again = true;
} else if (phase == PHASE_DISTRIBUTE) {
- p->new_padding = round_down_size(share, 4096);
+ p->new_padding = round_down_size(share, context->grain_size);
if (p->padding_min != UINT64_MAX && p->new_padding < p->padding_min)
p->new_padding = p->padding_min;
@@ -750,7 +771,7 @@ static int context_grow_partitions_phase(
}
if (charge) {
- *span = charge_size(*span, p->new_padding);
+ *span = charge_size(context, *span, p->new_padding);
*weight_sum = charge_weight(*weight_sum, p->padding_weight);
}
@@ -779,7 +800,7 @@ static int context_grow_partitions_on_free_area(Context *context, FreeArea *a) {
assert(a->after->offset != UINT64_MAX);
assert(a->after->current_size != UINT64_MAX);
- span += round_up_size(a->after->offset + a->after->current_size, 4096) - a->after->offset;
+ span += round_up_size(a->after->offset + a->after->current_size, context->grain_size) - a->after->offset;
}
for (GrowPartitionPhase phase = 0; phase < _GROW_PARTITION_PHASE_MAX;) {
@@ -799,13 +820,13 @@ static int context_grow_partitions_on_free_area(Context *context, FreeArea *a) {
assert(a->after->new_size != UINT64_MAX);
/* Calculate new size and align (but ensure this doesn't shrink the size) */
- m = MAX(a->after->new_size, round_down_size(a->after->new_size + span, 4096));
+ m = MAX(a->after->new_size, round_down_size(a->after->new_size + span, context->grain_size));
- xsz = partition_max_size(a->after);
+ xsz = partition_max_size(context, a->after);
if (xsz != UINT64_MAX && m > xsz)
m = xsz;
- span = charge_size(span, m - a->after->new_size);
+ span = charge_size(context, span, m - a->after->new_size);
a->after->new_size = m;
}
@@ -824,13 +845,13 @@ static int context_grow_partitions_on_free_area(Context *context, FreeArea *a) {
continue;
assert(p->new_size != UINT64_MAX);
- m = MAX(p->new_size, round_down_size(p->new_size + span, 4096));
+ m = MAX(p->new_size, round_down_size(p->new_size + span, context->grain_size));
- xsz = partition_max_size(p);
+ xsz = partition_max_size(context, p);
if (xsz != UINT64_MAX && m > xsz)
m = xsz;
- span = charge_size(span, m - p->new_size);
+ span = charge_size(context, span, m - p->new_size);
p->new_size = m;
if (span == 0)
@@ -910,7 +931,7 @@ static void context_place_partitions(Context *context) {
} else
start = context->start;
- start = round_up_size(start, 4096);
+ start = round_up_size(start, context->grain_size);
left = a->size;
LIST_FOREACH(partitions, p, context->partitions) {
@@ -1422,6 +1443,8 @@ static int determine_current_padding(
struct fdisk_context *c,
struct fdisk_table *t,
struct fdisk_partition *p,
+ uint64_t secsz,
+ uint64_t grainsz,
uint64_t *ret) {
size_t n_partitions;
@@ -1435,8 +1458,8 @@ static int determine_current_padding(
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Partition has no end!");
offset = fdisk_partition_get_end(p);
- assert(offset < UINT64_MAX / 512);
- offset *= 512;
+ assert(offset < UINT64_MAX / secsz);
+ offset *= secsz;
n_partitions = fdisk_table_get_nents(t);
for (size_t i = 0; i < n_partitions; i++) {
@@ -1454,8 +1477,8 @@ static int determine_current_padding(
continue;
start = fdisk_partition_get_start(q);
- assert(start < UINT64_MAX / 512);
- start *= 512;
+ assert(start < UINT64_MAX / secsz);
+ start *= secsz;
if (start >= offset && (next == UINT64_MAX || next > start))
next = start;
@@ -1467,16 +1490,16 @@ static int determine_current_padding(
assert(next < UINT64_MAX);
next++; /* The last LBA is one sector before the end */
- assert(next < UINT64_MAX / 512);
- next *= 512;
+ assert(next < UINT64_MAX / secsz);
+ next *= secsz;
if (offset > next)
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Partition end beyond disk end.");
}
assert(next >= offset);
- offset = round_up_size(offset, 4096);
- next = round_down_size(next, 4096);
+ offset = round_up_size(offset, grainsz);
+ next = round_down_size(next, grainsz);
*ret = LESS_BY(next, offset); /* Saturated subtraction, rounding might have fucked things up */
return 0;
@@ -1549,6 +1572,8 @@ static int context_load_partition_table(
bool from_scratch = false;
sd_id128_t disk_uuid;
size_t n_partitions;
+ unsigned long secsz;
+ uint64_t grainsz;
int r;
assert(context);
@@ -1583,8 +1608,12 @@ static int context_load_partition_table(
if (r < 0)
return log_error_errno(errno, "Failed to stat block device '%s': %m", node);
- if (S_ISREG(st.st_mode) && st.st_size == 0)
+ if (S_ISREG(st.st_mode) && st.st_size == 0) {
+ /* User the fallback values if we have no better idea */
+ context->sector_size = 512;
+ context->grain_size = 4096;
return /* from_scratch = */ true;
+ }
r = -EINVAL;
}
@@ -1602,6 +1631,23 @@ static int context_load_partition_table(
if (flock(fdisk_get_devfd(c), arg_dry_run ? LOCK_SH : LOCK_EX) < 0)
return log_error_errno(errno, "Failed to lock block device: %m");
+ /* The offsets/sizes libfdisk returns to us will be in multiple of the sector size of the
+ * device. This is typically 512, and sometimes 4096. Let's query libfdisk once for it, and then use
+ * it for all our needs. Note that the values we use ourselves always are in bytes though, thus mean
+ * the same thing universally. Also note that regardless what kind of sector size is in use we'll
+ * place partitions at multiples of 4K. */
+ secsz = fdisk_get_sector_size(c);
+
+ /* Insist on a power of two, and that it's a multiple of 512, i.e. the traditional sector size. */
+ if (secsz < 512 || secsz != 1UL << log2u64(secsz))
+ return log_error_errno(errno, "Sector size %lu is not a power of two larger than 512? Refusing.", secsz);
+
+ /* Use at least 4K, and ensure it's a multiple of the sector size, regardless if that is smaller or
+ * larger */
+ grainsz = secsz < 4096 ? 4096 : secsz;
+
+ log_debug("Sector size of device is %lu bytes. Using grain size of %" PRIu64 ".", secsz, grainsz);
+
switch (arg_empty) {
case EMPTY_REFUSE:
@@ -1732,12 +1778,12 @@ static int context_load_partition_table(
}
sz = fdisk_partition_get_size(p);
- assert_se(sz <= UINT64_MAX/512);
- sz *= 512;
+ assert_se(sz <= UINT64_MAX/secsz);
+ sz *= secsz;
start = fdisk_partition_get_start(p);
- assert_se(start <= UINT64_MAX/512);
- start *= 512;
+ assert_se(start <= UINT64_MAX/secsz);
+ start *= secsz;
partno = fdisk_partition_get_partno(p);
@@ -1762,7 +1808,7 @@ static int context_load_partition_table(
pp->current_partition = p;
fdisk_ref_partition(p);
- r = determine_current_padding(c, t, p, &pp->current_padding);
+ r = determine_current_padding(c, t, p, secsz, grainsz, &pp->current_padding);
if (r < 0)
return r;
@@ -1795,7 +1841,7 @@ static int context_load_partition_table(
np->current_partition = p;
fdisk_ref_partition(p);
- r = determine_current_padding(c, t, p, &np->current_padding);
+ r = determine_current_padding(c, t, p, secsz, grainsz, &np->current_padding);
if (r < 0)
return r;
@@ -1812,26 +1858,26 @@ static int context_load_partition_table(
add_initial_free_area:
nsectors = fdisk_get_nsectors(c);
- assert(nsectors <= UINT64_MAX/512);
- nsectors *= 512;
+ assert(nsectors <= UINT64_MAX/secsz);
+ nsectors *= secsz;
first_lba = fdisk_get_first_lba(c);
- assert(first_lba <= UINT64_MAX/512);
- first_lba *= 512;
+ assert(first_lba <= UINT64_MAX/secsz);
+ first_lba *= secsz;
last_lba = fdisk_get_last_lba(c);
assert(last_lba < UINT64_MAX);
last_lba++;
- assert(last_lba <= UINT64_MAX/512);
- last_lba *= 512;
+ assert(last_lba <= UINT64_MAX/secsz);
+ last_lba *= secsz;
assert(last_lba >= first_lba);
if (left_boundary == UINT64_MAX) {
/* No partitions at all? Then the whole disk is up for grabs. */
- first_lba = round_up_size(first_lba, 4096);
- last_lba = round_down_size(last_lba, 4096);
+ first_lba = round_up_size(first_lba, grainsz);
+ last_lba = round_down_size(last_lba, grainsz);
if (last_lba > first_lba) {
r = context_add_free_area(context, last_lba - first_lba, NULL);
@@ -1842,9 +1888,9 @@ add_initial_free_area:
/* Add space left of first partition */
assert(left_boundary >= first_lba);
- first_lba = round_up_size(first_lba, 4096);
- left_boundary = round_down_size(left_boundary, 4096);
- last_lba = round_down_size(last_lba, 4096);
+ first_lba = round_up_size(first_lba, grainsz);
+ left_boundary = round_down_size(left_boundary, grainsz);
+ last_lba = round_down_size(last_lba, grainsz);
if (left_boundary > first_lba) {
r = context_add_free_area(context, left_boundary - first_lba, NULL);
@@ -1856,6 +1902,8 @@ add_initial_free_area:
context->start = first_lba;
context->end = last_lba;
context->total = nsectors;
+ context->sector_size = secsz;
+ context->grain_size = grainsz;
context->fdisk_context = TAKE_PTR(c);
return from_scratch;
@@ -2360,7 +2408,7 @@ static int context_discard_range(
if (S_ISBLK(st.st_mode)) {
uint64_t range[2], end;
- range[0] = round_up_size(offset, 512);
+ range[0] = round_up_size(offset, context->sector_size);
if (offset > UINT64_MAX - size)
return -ERANGE;
@@ -2369,7 +2417,7 @@ static int context_discard_range(
if (end <= range[0])
return 0;
- range[1] = round_down_size(end - range[0], 512);
+ range[1] = round_down_size(end - range[0], context->sector_size);
if (range[1] <= 0)
return 0;
@@ -2519,6 +2567,7 @@ static int context_wipe_and_discard(Context *context, bool from_scratch) {
}
static int partition_encrypt(
+ Context *context,
Partition *p,
const char *node,
struct crypt_device **ret_cd,
@@ -2532,6 +2581,7 @@ static int partition_encrypt(
sd_id128_t uuid;
int r;
+ assert(context);
assert(p);
assert(p->encrypt != ENCRYPT_OFF);
@@ -2579,7 +2629,7 @@ static int partition_encrypt(
volume_key_size,
&(struct crypt_params_luks2) {
.label = strempty(p->new_label),
- .sector_size = 512U,
+ .sector_size = context->sector_size,
});
if (r < 0)
return log_error_errno(r, "Failed to LUKS2 format future partition: %m");
@@ -2735,7 +2785,7 @@ static int context_copy_blocks(Context *context) {
if (r < 0)
return log_error_errno(r, "Failed to lock loopback device: %m");
- r = partition_encrypt(p, d->node, &cd, &encrypted, &encrypted_dev_fd);
+ r = partition_encrypt(context, p, d->node, &cd, &encrypted, &encrypted_dev_fd);
if (r < 0)
return log_error_errno(r, "Failed to encrypt device: %m");
@@ -2988,7 +3038,7 @@ static int context_mkfs(Context *context) {
return log_error_errno(r, "Failed to lock loopback device: %m");
if (p->encrypt != ENCRYPT_OFF) {
- r = partition_encrypt(p, d->node, &cd, &encrypted, &encrypted_dev_fd);
+ r = partition_encrypt(context, p, d->node, &cd, &encrypted, &encrypted_dev_fd);
if (r < 0)
return log_error_errno(r, "Failed to encrypt device: %m");
@@ -3307,13 +3357,13 @@ static int context_mangle_partitions(Context *context) {
if (p->new_size != p->current_size) {
assert(p->new_size >= p->current_size);
- assert(p->new_size % 512 == 0);
+ assert(p->new_size % context->sector_size == 0);
r = fdisk_partition_size_explicit(p->current_partition, true);
if (r < 0)
return log_error_errno(r, "Failed to enable explicit sizing: %m");
- r = fdisk_partition_set_size(p->current_partition, p->new_size / 512);
+ r = fdisk_partition_set_size(p->current_partition, p->new_size / context->sector_size);
if (r < 0)
return log_error_errno(r, "Failed to grow partition: %m");
@@ -3353,8 +3403,8 @@ static int context_mangle_partitions(Context *context) {
_cleanup_(fdisk_unref_parttypep) struct fdisk_parttype *t = NULL;
assert(!p->new_partition);
- assert(p->offset % 512 == 0);
- assert(p->new_size % 512 == 0);
+ assert(p->offset % context->sector_size == 0);
+ assert(p->new_size % context->sector_size == 0);
assert(!sd_id128_is_null(p->new_uuid));
assert(p->new_label);
@@ -3378,11 +3428,11 @@ static int context_mangle_partitions(Context *context) {
if (r < 0)
return log_error_errno(r, "Failed to enable explicit sizing: %m");
- r = fdisk_partition_set_start(q, p->offset / 512);
+ r = fdisk_partition_set_start(q, p->offset / context->sector_size);
if (r < 0)
return log_error_errno(r, "Failed to position partition: %m");
- r = fdisk_partition_set_size(q, p->new_size / 512);
+ r = fdisk_partition_set_size(q, p->new_size / context->sector_size);
if (r < 0)
return log_error_errno(r, "Failed to grow partition: %m");
@@ -4746,18 +4796,20 @@ done:
}
static int determine_auto_size(Context *c) {
- uint64_t sum = round_up_size(GPT_METADATA_SIZE, 4096);
+ uint64_t sum;
Partition *p;
assert_se(c);
+ sum = round_up_size(GPT_METADATA_SIZE, 4096);
+
LIST_FOREACH(partitions, p, c->partitions) {
uint64_t m;
if (p->dropped)
continue;
- m = partition_min_size_with_padding(p);
+ m = partition_min_size_with_padding(c, p);
if (m > UINT64_MAX - sum)
return log_error_errno(SYNTHETIC_ERRNO(EOVERFLOW), "Image would grow too large, refusing.");

25
SOURCES/0048-kernel-install-add-missing-log-line.patch
Unescape View File

@ -0,0 +1,25 @@ @@ -0,0 +1,25 @@
From 356f770adca34191fd5d49b89c526b7375314a2c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 14:03:24 +0100
Subject: [PATCH] kernel-install: add missing log line

(cherry picked from commit 29f604131b2c0b82dca7d6ffaa5e6bc6a253620d)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 2 ++
1 file changed, 2 insertions(+)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 0888c260e2..3edefdefb4 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -40,6 +40,8 @@ fi
case "$COMMAND" in
remove)
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
+ echo "Removing $BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION*.conf"
exec rm -f \
"$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
"$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"

36
SOURCES/0048-mkdir-allow-to-create-directory-whose-path-contains-.patch
Unescape View File

@ -0,0 +1,36 @@ @@ -0,0 +1,36 @@
From 77cde7d38bf8cd3438a867a6330c314f4580e43b Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 2 Feb 2022 14:20:48 +0900
Subject: [PATCH] mkdir: allow to create directory whose path contains symlink

Fixes a regression caused by 3008a6f21c1c42efe852d69798a2fdd63fe657ec.

Before the commit, when `mkdir_parents_internal()` is called from `mkdir_p()`,
it uses `_mkdir()` as `flag` is zero. But after the commit, `mkdir_safe_internal()`
is always used. Hence, if the path contains a symlink, it fails with -ENOTDIR.

To fix the issue, this makes `mkdir_p()` calls `mkdir_parents_internal()` with
MKDIR_FOLLOW_SYMLINK flag.

Fixes #22334.

(cherry picked from commit 5117059ee9f84ed2fd37801ec0b90473db475422)

Related: #2017035
---
src/basic/mkdir.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c
index 6e2b94d024..88782ab0d4 100644
--- a/src/basic/mkdir.c
+++ b/src/basic/mkdir.c
@@ -162,7 +162,7 @@ int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t ui
assert(_mkdirat != mkdirat);
- r = mkdir_parents_internal(prefix, path, mode, uid, gid, flags, _mkdirat);
+ r = mkdir_parents_internal(prefix, path, mode, uid, gid, flags | MKDIR_FOLLOW_SYMLINK, _mkdirat);
if (r < 0)
return r;

83
SOURCES/0049-kernel-install-don-t-try-to-persist-used-machine-ID-.patch
Unescape View File

@ -0,0 +1,83 @@ @@ -0,0 +1,83 @@
From c5ec0be7b693e3ac05ea8438ca4ca2e9591db171 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 13:59:36 +0100
Subject: [PATCH] kernel-install: don't try to persist used machine ID locally

This reworks the how machine ID used by the boot loader spec snippet
generation logic. Instead of persisting it automatically to /etc/ we'll
append it via systemd.machined_id= to the kernel command line, and thus
persist it in the generated boot loader spec snippets instead. This has
nice benefits:

1. We do not collide with read-only root
2. The machine ID remains stable across factory reset, so that we can
safely recognize the path in $BOOT we drop our kernel images in
again, i.e. kernel updates will work correctly and safely across
kernel factory resets.
3. Previously regular systems had different machine IDs while in
initrd and after booting into the host system. With this change
they will now have the same.

This then drops implicit persisting of KERNEL_INSTALL_MACHINE_ID, as its
unnecessary then. The field is still honoured though, for compat
reasons.

This also drops the "Default" fallback previously used, as it actually
is without effect, the randomized ID generation already took precedence
in all cases. This means $MACHNE_ID/KERNEL_INSTALL_MACHINE_ID are now
guaranteed to look like a proper machine ID, which is useful for us,
given you need it that way to be able to pass it to the
systemd.machine_id= kernel command line option.

(cherry picked from commit 11ce3ea2f2219ab9c0700bcf7f8ed4312d80e937)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 6 +++++-
src/kernel-install/kernel-install | 16 +++++++---------
2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 3edefdefb4..046771169c 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -68,7 +68,11 @@ elif [ -r /usr/lib/kernel/cmdline ]; then
else
BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
-BOOT_OPTIONS="${BOOT_OPTIONS% }"
+
+# Suffix with the machine ID we use, so that the machine ID remains stable,
+# even during factory reset, in the initrd (where the system's machine ID is
+# not directly accessible yet), and if the root file system is volatile.
+BOOT_OPTIONS="${BOOT_OPTIONS% } systemd.machine_id=$MACHINE_ID"
if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 8cfef3208d..e94aa79bc6 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -89,15 +89,13 @@ elif [ -r "/usr/lib/kernel/install.conf" ]; then
. /usr/lib/kernel/install.conf
fi
-# Prefer to use an existing machine ID from /etc/machine-info or /etc/machine-id. If we're using the machine
-# ID /etc/machine-id, try to persist it in /etc/machine-info. If no machine ID is found, try to generate
-# a new machine ID in /etc/machine-info. If that fails, use "Default".
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
-[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && NEW_MACHINE_ID="$(systemd-id128 new)" && echo "KERNEL_INSTALL_MACHINE_ID=$NEW_MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
+# If /etc/machine-id is initialized we'll use it, otherwise we'll use a freshly
+# generated one. If the user configured an explicit machine ID to use in
+# /etc/machine-info to use for our purpose, we'll use that instead (for
+# compatibility).
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
+[ -z "$MACHINE_ID" ] && MACHINE_ID="$(systemd-id128 new)"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
for pref in "/efi" "/boot" "/boot/efi" ; do

26
SOURCES/0049-mkdir-CHASE_NONEXISTENT-cannot-used-in-chase_symlink.patch
Unescape View File

@ -0,0 +1,26 @@ @@ -0,0 +1,26 @@
From 848b8dde6fe096b317abf0b4996f21c8fe6a39ce Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 2 Feb 2022 15:06:27 +0900
Subject: [PATCH] mkdir: CHASE_NONEXISTENT cannot used in
chase_symlinks_and_stat()

(cherry picked from commit e22916e61d1fdb7b46918b605ebf783d9017f9d8)

Related: #2017035
---
src/basic/mkdir.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c
index 88782ab0d4..51a0d74e87 100644
--- a/src/basic/mkdir.c
+++ b/src/basic/mkdir.c
@@ -42,7 +42,7 @@ int mkdir_safe_internal(
if ((flags & MKDIR_FOLLOW_SYMLINK) && S_ISLNK(st.st_mode)) {
_cleanup_free_ char *p = NULL;
- r = chase_symlinks_and_stat(path, NULL, CHASE_NONEXISTENT, &p, &st, NULL);
+ r = chase_symlinks_and_stat(path, NULL, 0, &p, &st, NULL);
if (r < 0)
return r;
if (r == 0)

136
SOURCES/0050-kernel-install-add-a-new-ENTRY_TOKEN-variable-for-na.patch
Unescape View File

@ -0,0 +1,136 @@ @@ -0,0 +1,136 @@
From c68126eeb93cac03b3a674ab47604e8381a4e5e2 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 14:29:19 +0100
Subject: [PATCH] kernel-install: add a new $ENTRY_TOKEN variable for naming
boot entries
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This cleans up naming of boot loader spec boot entries a bit (i.e. the
naming of the .conf snippet files, and the directory in $BOOT where the
kernel images and initrds are placed), and isolates it from the actual machine
ID concept.

Previously there was a sinlge concept for both things, because typically
the entries are just named after the machine ID. However one could also
use a different identifier, i.e. not a 128bit ID in which cases issues
pop up everywhere. For example, the "machine-id" field in the generated
snippets would not be a machine ID anymore, and the newly added
systemd.machine_id= kernel parameter would possibly get passed invalid
data.

Hence clean this up:

$MACHINE_ID → always a valid 128bit ID.

$ENTRY_TOKEN → usually the $MACHINE_ID but can be any other string too.
This is used to name the directory to put kernels/initrds in. It's also
used for naming the *.conf snippets that implement the Boot Loader Type
1 spec.

(cherry picked from commit 3907044ffa568aedf076d0f9807489ec78f87502)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 11 ++++++-----
src/kernel-install/kernel-install | 21 +++++++++++++++++----
2 files changed, 23 insertions(+), 9 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 046771169c..46261a2c11 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -29,6 +29,7 @@ INITRD_OPTIONS_SHIFT=4
[ "$KERNEL_INSTALL_LAYOUT" = "bls" ] || exit 0
MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+ENTRY_TOKEN="$KERNEL_INSTALL_ENTRY_TOKEN"
BOOT_ROOT="$KERNEL_INSTALL_BOOT_ROOT"
BOOT_MNT="$(stat -c %m "$BOOT_ROOT")"
@@ -41,10 +42,10 @@ fi
case "$COMMAND" in
remove)
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Removing $BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION*.conf"
+ echo "Removing $BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION*.conf"
exec rm -f \
- "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
- "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
+ "$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION.conf" \
+ "$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION+"*".conf"
;;
add)
;;
@@ -80,9 +81,9 @@ if [ -r /etc/kernel/tries ]; then
echo "/etc/kernel/tries does not contain an integer." >&2
exit 1
fi
- LOADER_ENTRY="$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+$TRIES.conf"
+ LOADER_ENTRY="$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION+$TRIES.conf"
else
- LOADER_ENTRY="$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf"
+ LOADER_ENTRY="$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION.conf"
fi
if ! [ -d "$ENTRY_DIR_ABS" ]; then
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index e94aa79bc6..75a31c62d4 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -97,7 +97,19 @@ fi
[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
[ -z "$MACHINE_ID" ] && MACHINE_ID="$(systemd-id128 new)"
-[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
+# Now that we determined the machine ID to use, let's determine the "token" for
+# the boot loader entry to generate. We use that for naming the directory below
+# $BOOT where we want to place the kernel/initrd and related resources, as well
+# for naming the .conf boot loader spec entry. Typically this is just the
+# machine ID, but it can be anything else, too, if we are told so.
+[ -z "$ENTRY_TOKEN" ] && [ -r /etc/kernel/entry-token ] && read -r ENTRY_TOKEN </etc/kernel/entry-token
+[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
+
+# NB: The $MACHINE_ID is guaranteed to be a valid machine ID, but
+# $ENTRY_TOKEN can be any string that fits into a VFAT filename, though
+# typically is just the machine ID.
+
+[ -z "$BOOT_ROOT" ] && for suff in "$ENTRY_TOKEN" "loader/entries"; do
for pref in "/efi" "/boot" "/boot/efi" ; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
@@ -117,14 +129,14 @@ done
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.
- if [ -d "$BOOT_ROOT/$MACHINE_ID" ]; then
+ if [ -d "$BOOT_ROOT/$ENTRY_TOKEN" ]; then
layout="bls"
else
layout="other"
fi
fi
-ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
+ENTRY_DIR_ABS="$BOOT_ROOT/$ENTRY_TOKEN/$KERNEL_VERSION"
# Provide a directory where to store generated initrds
cleanup() {
@@ -136,6 +148,7 @@ trap cleanup EXIT
KERNEL_INSTALL_STAGING_AREA="$(mktemp -d -t -p /tmp kernel-install.staging.XXXXXXX)"
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
+export KERNEL_INSTALL_ENTRY_TOKEN="$ENTRY_TOKEN"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
@@ -168,7 +181,7 @@ case "$COMMAND" in
fi
if [ "$MAKE_ENTRY_DIR_ABS" -eq 0 ]; then
- # Compatibility with earlier versions that used the presence of $BOOT_ROOT/$MACHINE_ID
+ # Compatibility with earlier versions that used the presence of $BOOT_ROOT/$ENTRY_TOKEN
# to signal to 00-entry-directory to create $ENTRY_DIR_ABS
# to serve as the indication to use or to not use the BLS
if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then

137
SOURCES/0050-meson-move-efi-file-lists-closer-to-where-they-are-u.patch
Unescape View File

@ -0,0 +1,137 @@ @@ -0,0 +1,137 @@
From 9cfc2fd3c58609252b3fd203af95bec1aab1b832 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 23 Dec 2021 12:55:40 +0100
Subject: [PATCH] meson: move efi file lists closer to where they are used

The goal is to have the detection of features and paths done first, and
then the build target constructions second.

(cherry picked from commit 65dcf9f9a0d877de0dc53558547462a7f1750c78)

Related: #2017035
---
src/boot/efi/meson.build | 104 +++++++++++++++++++--------------------
1 file changed, 51 insertions(+), 53 deletions(-)

diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index e10e51cf4e..1125c64ea3 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -99,59 +99,6 @@ if efi_lds == ''
subdir_done()
endif
-efi_headers = files('''
- bcd.h
- console.h
- cpio.h
- devicetree.h
- disk.h
- drivers.h
- graphics.h
- linux.h
- measure.h
- missing_efi.h
- pe.h
- random-seed.h
- shim.h
- splash.h
- util.h
- xbootldr.h
-'''.split())
-
-common_sources = '''
- assert.c
- devicetree.c
- disk.c
- graphics.c
- measure.c
- pe.c
- secure-boot.c
- util.c
-'''.split()
-
-systemd_boot_sources = '''
- bcd.c
- boot.c
- console.c
- drivers.c
- random-seed.c
- shim.c
- xbootldr.c
-'''.split()
-
-stub_sources = '''
- cpio.c
- initrd.c
- splash.c
- stub.c
-'''.split()
-
-if efi_arch[1] in ['ia32', 'x86_64']
- stub_sources += 'linux_x86.c'
-else
- stub_sources += 'linux.c'
-endif
-
conf.set10('HAVE_GNU_EFI', true)
conf.set_quoted('EFI_MACHINE_TYPE_NAME', efi_arch[0])
@@ -332,6 +279,57 @@ if efi_cc_version.contains('clang') and efi_cc_version.split('.')[0].split(' ')[
efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument']
endif
+############################################################
+
+efi_headers = files(
+ 'bcd.h',
+ 'console.h',
+ 'cpio.h',
+ 'devicetree.h',
+ 'disk.h',
+ 'drivers.h',
+ 'graphics.h',
+ 'linux.h',
+ 'measure.h',
+ 'missing_efi.h',
+ 'pe.h',
+ 'random-seed.h',
+ 'shim.h',
+ 'splash.h',
+ 'util.h',
+ 'xbootldr.h')
+
+common_sources = [
+ 'assert.c',
+ 'devicetree.c',
+ 'disk.c',
+ 'graphics.c',
+ 'measure.c',
+ 'pe.c',
+ 'secure-boot.c',
+ 'util.c']
+
+systemd_boot_sources = [
+ 'bcd.c',
+ 'boot.c',
+ 'console.c',
+ 'drivers.c',
+ 'random-seed.c',
+ 'shim.c',
+ 'xbootldr.c']
+
+stub_sources = [
+ 'cpio.c',
+ 'initrd.c',
+ 'splash.c',
+ 'stub.c']
+
+if efi_arch[1] in ['ia32', 'x86_64']
+ stub_sources += 'linux_x86.c'
+else
+ stub_sources += 'linux.c'
+endif
+
systemd_boot_objects = []
stub_objects = []
foreach file : fundamental_source_paths + common_sources + systemd_boot_sources + stub_sources

59
SOURCES/0051-kernel-install-only-generate-systemd.boot_id-in-kern.patch
Unescape View File

@ -0,0 +1,59 @@ @@ -0,0 +1,59 @@
From 9ef3458dd6356d19a58b3a909a5976295a62a4d0 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 14:44:48 +0100
Subject: [PATCH] kernel-install: only generate systemd.boot_id= in kernel
command line if used for naming the boot loader spec files/dirs

Now that we can distinguish the naming of the boot loader spec
dirs/files and the machine ID let's tweak the logic for suffixing the
kernel cmdline with systemd.boot_id=: let's only do that when we
actually need the boot ID for naming these dirs/files. If we don't,
let's not bother.

This should be beneficial for "golden" images that shall not carry any
machine IDs at all, i.e acquire their identity only once the final
userspace is actually reached.

(cherry picked from commit 953b61004c37948dcd897265b56c1613bc73b9f9)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 46261a2c11..c1d69aa824 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -70,10 +70,15 @@ else
BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
-# Suffix with the machine ID we use, so that the machine ID remains stable,
-# even during factory reset, in the initrd (where the system's machine ID is
-# not directly accessible yet), and if the root file system is volatile.
-BOOT_OPTIONS="${BOOT_OPTIONS% } systemd.machine_id=$MACHINE_ID"
+BOOT_OPTIONS="${BOOT_OPTIONS% }"
+
+# If the boot entries are named after the machine ID, then suffix the kernel
+# command line with the machine ID we use, so that the machine ID remains
+# stable, even during factory reset, in the initrd (where the system's machine
+# ID is not directly accessible yet), and if the root file system is volatile.
+if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ]; then
+ BOOT_OPTIONS="$BOOT_OPTIONS systemd.machine_id=$MACHINE_ID"
+fi
if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
@@ -121,7 +126,10 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
{
echo "title $PRETTY_NAME"
echo "version $KERNEL_VERSION"
- echo "machine-id $MACHINE_ID"
+ if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ]; then
+ # See similar logic above for the systemd.machine_id= kernel command line option
+ echo "machine-id $MACHINE_ID"
+ fi
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"

77
SOURCES/0051-meson-move-efi-summary-section-to-src-boot-efi.patch
Unescape View File

@ -0,0 +1,77 @@ @@ -0,0 +1,77 @@
From a6c93d3200c0fd0eeee3a725b428cee94108cf48 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 23 Dec 2021 13:05:01 +0100
Subject: [PATCH] meson: move efi summary() section to src/boot/efi

This way we can add the entries more naturally in the same place where
they are defined.

(cherry picked from commit 3f871f120520aa2d11218735b0741bacc0309b4d)

Related: #2017035
---
meson.build | 16 ++++------------
src/boot/efi/meson.build | 9 +++++++++
2 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/meson.build b/meson.build
index e07875a054..f040eeab99 100644
--- a/meson.build
+++ b/meson.build
@@ -43,6 +43,10 @@ endif
skip_deps = want_ossfuzz or want_libfuzzer
fuzzer_build = want_ossfuzz or want_libfuzzer
+# Create a title-less summary section early, so it ends up first in the output.
+# More items are added later after they have been detected.
+summary({'build mode' : get_option('mode')})
+
#####################################################################
# Try to install the git pre-commit hook
@@ -3902,7 +3906,6 @@ alt_time_epoch = run_command('date', '-Is', '-u', '-d', '@@0@'.format(time_epoch
check : true).stdout().strip()
summary({
- 'build mode' : get_option('mode'),
'split /usr' : split_usr,
'split bin-sbin' : split_bin,
'prefix directory' : prefixdir,
@@ -3960,17 +3963,6 @@ summary({
# CPPFLAGS: ${OUR_CPPFLAGS} ${CPPFLAGS}
# LDFLAGS: ${OUR_LDFLAGS} ${LDFLAGS}
-if conf.get('ENABLE_EFI') == 1 and conf.get('HAVE_GNU_EFI') == 1
- summary({
- 'EFI machine type' : efi_arch[0],
- 'EFI CC' : '@0@'.format(' '.join(efi_cc)),
- 'EFI LD' : efi_ld,
- 'EFI lds' : efi_lds,
- 'EFI crt0' : efi_crt0,
- 'EFI include directory' : efi_incdir},
- section : 'Extensible Firmware Interface')
-endif
-
found = []
missing = []
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 1125c64ea3..dd318079fc 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -279,6 +279,15 @@ if efi_cc_version.contains('clang') and efi_cc_version.split('.')[0].split(' ')[
efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument']
endif
+summary({
+ 'EFI machine type' : efi_arch[0],
+ 'EFI CC' : '@0@'.format(' '.join(efi_cc)),
+ 'EFI LD' : efi_ld,
+ 'EFI lds' : efi_lds,
+ 'EFI crt0' : efi_crt0,
+ 'EFI include directory' : efi_incdir},
+ section : 'Extensible Firmware Interface')
+
############################################################
efi_headers = files(

75
SOURCES/0052-kernel-install-search-harder-for-kernel-image-initrd.patch
Unescape View File

@ -0,0 +1,75 @@ @@ -0,0 +1,75 @@
From d044a59e1098c3497e76c3ebdef88036378e6c26 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 10 Feb 2022 14:27:22 +0100
Subject: [PATCH] kernel-install: search harder for kernel image/initrd drop-in
dir

If not explicitly configured, let's search a bit harder for the
ENTRY_TOKEN, and let's try the machine ID, the IMAGE_ID and ID fields of
/etc/os-release and finally "Default", all below potential $XBOOTLDR.

(cherry picked from commit 6637cf9db67237857279262d93ee0e39023c5b85)

Related: #2065061
---
src/kernel-install/kernel-install | 27 ++++++++++++++++++++++++---
1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 75a31c62d4..c42c40592a 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -103,29 +103,50 @@ fi
# for naming the .conf boot loader spec entry. Typically this is just the
# machine ID, but it can be anything else, too, if we are told so.
[ -z "$ENTRY_TOKEN" ] && [ -r /etc/kernel/entry-token ] && read -r ENTRY_TOKEN </etc/kernel/entry-token
-[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
+if [ -z "$ENTRY_TOKEN" ]; then
+ # If not configured explicitly, then use a few candidates: the machine ID,
+ # the IMAGE_ID= and ID= fields from /etc/os-release and finally the fixed
+ # string "Default"
+ ENTRY_TOKEN_SEARCH="$MACHINE_ID"
+ [ -r /etc/os-release ] && . /etc/os-release
+ [ -n "$IMAGE_ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $IMAGE_ID"
+ [ -n "$ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $ID"
+ ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH Default"
+else
+ ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN"
+fi
# NB: The $MACHINE_ID is guaranteed to be a valid machine ID, but
# $ENTRY_TOKEN can be any string that fits into a VFAT filename, though
# typically is just the machine ID.
-[ -z "$BOOT_ROOT" ] && for suff in "$ENTRY_TOKEN" "loader/entries"; do
- for pref in "/efi" "/boot" "/boot/efi" ; do
+[ -z "$BOOT_ROOT" ] && for suff in $ENTRY_TOKEN_SEARCH; do
+ for pref in "/efi" "/boot" "/boot/efi"; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
+ ENTRY_TOKEN="$suff"
break 2
fi
done
done
+[ -z "$BOOT_ROOT" ] && for pref in "/efi" "/boot" "/boot/efi"; do
+ if [ -d "$pref/loader/entries" ]; then
+ BOOT_ROOT="$pref"
+ break
+ fi
+done
+
[ -z "$BOOT_ROOT" ] && for pref in "/efi" "/boot/efi"; do
if mountpoint -q "$pref"; then
BOOT_ROOT="$pref"
break
fi
done
+
[ -z "$BOOT_ROOT" ] && BOOT_ROOT="/boot"
+[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.

53
SOURCES/0052-meson-report-SBAT-settings.patch
Unescape View File

@ -0,0 +1,53 @@ @@ -0,0 +1,53 @@
From 340f8e02cf4db0e6b3733bfcc14630b3ce8181a5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 23 Dec 2021 13:19:42 +0100
Subject: [PATCH] meson: report SBAT settings

(cherry picked from commit e4e44a0107645891e82a538100a7590eb59a516c)

Related: #2017035
---
src/boot/efi/meson.build | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index dd318079fc..e628068596 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -130,7 +130,6 @@ elif get_option('sbat-distro') != ''
if (value == '' or value == 'auto') and not meson.is_cross_build()
cmd = 'if [ -e /etc/os-release ]; then . /etc/os-release; else . /usr/lib/os-release; fi; echo $@0@'.format(sbatvar[1])
value = run_command(sh, '-c', cmd).stdout().strip()
- message('@0@ (from @1@): @2@'.format(sbatvar[0], sbatvar[1], value))
endif
if value == ''
error('Required @0@ option not set and autodetection failed'.format(sbatvar[0]))
@@ -147,8 +146,11 @@ elif get_option('sbat-distro') != ''
pkgver = get_option('sbat-distro-version')
if pkgver == ''
efi_conf.set('SBAT_DISTRO_VERSION', 'GIT_VERSION')
+ # This is determined during build, not configuration, so we can't display it yet.
+ sbat_distro_version_display = '(git version)'
else
efi_conf.set_quoted('SBAT_DISTRO_VERSION', pkgver)
+ sbat_distro_version_display = pkgver
endif
endif
@@ -288,6 +290,16 @@ summary({
'EFI include directory' : efi_incdir},
section : 'Extensible Firmware Interface')
+if efi_conf.get('SBAT_DISTRO', '') != ''
+ summary({
+ 'SBAT distro': efi_conf.get('SBAT_DISTRO'),
+ 'SBAT distro generation': efi_conf.get('SBAT_DISTRO_GENERATION'),
+ 'SBAT distro version': sbat_distro_version_display,
+ 'SBAT distro summary': efi_conf.get('SBAT_DISTRO_SUMMARY'),
+ 'SBAT distro URL': efi_conf.get('SBAT_DISTRO_URL')},
+ section : 'Extensible Firmware Interface')
+endif
+
############################################################
efi_headers = files(

79
SOURCES/0053-boot-Build-BCD-parser-only-on-arches-supported-by-Wi.patch
Unescape View File

@ -0,0 +1,79 @@ @@ -0,0 +1,79 @@
From 2d3b47dcd5a4b356c481f89c483db3eb308fcab9 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Tue, 28 Dec 2021 13:10:39 +0100
Subject: [PATCH] boot: Build BCD parser only on arches supported by Windows

(cherry picked from commit 77fcf28cb88b302453b4c991a6571cb37f10634d)

Related: #2017035
---
src/boot/efi/boot.c | 2 ++
src/boot/efi/meson.build | 21 ++++++++++++---------
2 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c
index 0286914b8b..83358406f2 100644
--- a/src/boot/efi/boot.c
+++ b/src/boot/efi/boot.c
@@ -1941,6 +1941,7 @@ static void config_entry_add_osx(Config *config) {
}
static void config_entry_add_windows(Config *config, EFI_HANDLE *device, EFI_FILE *root_dir) {
+#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
_cleanup_freepool_ CHAR8 *bcd = NULL;
CHAR16 *title = NULL;
EFI_STATUS err;
@@ -1961,6 +1962,7 @@ static void config_entry_add_windows(Config *config, EFI_HANDLE *device, EFI_FIL
config_entry_add_loader_auto(config, device, root_dir, NULL,
L"auto-windows", 'w', title ?: L"Windows Boot Manager",
L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi");
+#endif
}
static void config_entry_add_linux(
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index e628068596..6a0c8da9ba 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -331,7 +331,6 @@ common_sources = [
'util.c']
systemd_boot_sources = [
- 'bcd.c',
'boot.c',
'console.c',
'drivers.c',
@@ -351,6 +350,18 @@ else
stub_sources += 'linux.c'
endif
+# BCD parser only makes sense on arches that Windows supports.
+if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
+ systemd_boot_sources += 'bcd.c'
+ tests += [
+ [['src/boot/efi/test-bcd.c'],
+ [],
+ [libzstd],
+ [],
+ 'HAVE_ZSTD'],
+ ]
+endif
+
systemd_boot_objects = []
stub_objects = []
foreach file : fundamental_source_paths + common_sources + systemd_boot_sources + stub_sources
@@ -408,14 +419,6 @@ endforeach
############################################################
-tests += [
- [['src/boot/efi/test-bcd.c'],
- [],
- [libzstd],
- [],
- 'HAVE_ZSTD'],
-]
-
test_efi_disk_img = custom_target(
'test-efi-disk.img',
input : [efi_stubs[0][0], efi_stubs[1][1]],

68
SOURCES/0053-kernel-install-add-new-inspect-verb-showing-paths-an.patch
Unescape View File

@ -0,0 +1,68 @@ @@ -0,0 +1,68 @@
From ac730b1b14b29b4c9cfa4fb904da7ef508170327 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 10 Feb 2022 14:37:37 +0100
Subject: [PATCH] kernel-install: add new "inspect" verb, showing paths and
parameters we discovered

(cherry picked from commit c73cf4184441d3cc37a5e2195938f07420ec38b7)

Related: #2065061
---
src/kernel-install/kernel-install | 29 +++++++++++++++++++++++------
1 file changed, 23 insertions(+), 6 deletions(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index c42c40592a..b8099bd12c 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -25,6 +25,7 @@ usage()
echo "Usage:"
echo " $0 [OPTIONS...] add KERNEL-VERSION KERNEL-IMAGE [INITRD-FILE ...]"
echo " $0 [OPTIONS...] remove KERNEL-VERSION"
+ echo " $0 [OPTIONS...] inspect"
echo "Options:"
echo " -h, --help Print this help"
echo " -v, --verbose Increase verbosity"
@@ -72,13 +73,17 @@ else
[ $# -ge 1 ] && shift
fi
-if [ $# -lt 1 ]; then
- echo "Error: not enough arguments" >&2
- exit 1
-fi
+if [ "$COMMAND" = "inspect" ]; then
+ KERNEL_VERSION=""
+else
+ if [ $# -lt 1 ]; then
+ echo "Error: not enough arguments" >&2
+ exit 1
+ fi
-KERNEL_VERSION="$1"
-shift
+ KERNEL_VERSION="$1"
+ shift
+fi
layout=
initrd_generator=
@@ -237,6 +242,18 @@ case "$COMMAND" in
fi
;;
+ inspect)
+ echo "KERNEL_INSTALL_MACHINE_ID: $KERNEL_INSTALL_MACHINE_ID"
+ echo "KERNEL_INSTALL_ENTRY_TOKEN: $KERNEL_INSTALL_ENTRY_TOKEN"
+ echo "KERNEL_INSTALL_BOOT_ROOT: $KERNEL_INSTALL_BOOT_ROOT"
+ echo "KERNEL_INSTALL_LAYOUT: $KERNEL_INSTALL_LAYOUT"
+ echo "KERNEL_INSTALL_INITRD_GENERATOR: $KERNEL_INSTALL_INITRD_GENERATOR"
+ echo "ENTRY_DIR_ABS: $KERNEL_INSTALL_BOOT_ROOT/$ENTRY_TOKEN/\$KERNEL_VERSION"
+
+ # Assert that ENTRY_DIR_ABS actually matches what we are printing here
+ [ "${ENTRY_DIR_ABS%/*}" = "$KERNEL_INSTALL_BOOT_ROOT/$ENTRY_TOKEN" ] || { echo "Assertion didn't pass." >&2; exit 1; }
+
+ ;;
*)
echo "Error: unknown command '$COMMAND'" >&2
exit 1

276
SOURCES/0054-bus-Use-OrderedSet-for-introspection.patch
Unescape View File

@ -0,0 +1,276 @@ @@ -0,0 +1,276 @@
From a62fe26e02c9852a59d84d3834fdbb39d7568f28 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Wed, 19 Jan 2022 10:15:36 +0100
Subject: [PATCH] bus: Use OrderedSet for introspection

Otherwise, the generated xml files are not reproducible.

(cherry picked from commit acac88340ace3cd631126eebb6d0390cd54e8231)

Resolves: #2066325
---
src/libsystemd/sd-bus/bus-introspect.c | 4 +--
src/libsystemd/sd-bus/bus-introspect.h | 4 +--
src/libsystemd/sd-bus/bus-objects.c | 45 +++++++++++++-------------
src/shared/bus-object.c | 4 +--
4 files changed, 28 insertions(+), 29 deletions(-)

diff --git a/src/libsystemd/sd-bus/bus-introspect.c b/src/libsystemd/sd-bus/bus-introspect.c
index b9ef6af631..eed0dae82f 100644
--- a/src/libsystemd/sd-bus/bus-introspect.c
+++ b/src/libsystemd/sd-bus/bus-introspect.c
@@ -110,7 +110,7 @@ static int set_interface_name(struct introspect *intro, const char *interface_na
return free_and_strdup(&intro->interface_name, interface_name);
}
-int introspect_write_child_nodes(struct introspect *i, Set *s, const char *prefix) {
+int introspect_write_child_nodes(struct introspect *i, OrderedSet *s, const char *prefix) {
char *node;
assert(i);
@@ -118,7 +118,7 @@ int introspect_write_child_nodes(struct introspect *i, Set *s, const char *prefi
assert_se(set_interface_name(i, NULL) >= 0);
- while ((node = set_steal_first(s))) {
+ while ((node = ordered_set_steal_first(s))) {
const char *e;
e = object_path_startswith(node, prefix);
diff --git a/src/libsystemd/sd-bus/bus-introspect.h b/src/libsystemd/sd-bus/bus-introspect.h
index 34f32a4cf9..19e3ef09e2 100644
--- a/src/libsystemd/sd-bus/bus-introspect.h
+++ b/src/libsystemd/sd-bus/bus-introspect.h
@@ -5,7 +5,7 @@
#include "sd-bus.h"
-#include "set.h"
+#include "ordered-set.h"
struct introspect {
FILE *f;
@@ -17,7 +17,7 @@ struct introspect {
int introspect_begin(struct introspect *i, bool trusted);
int introspect_write_default_interfaces(struct introspect *i, bool object_manager);
-int introspect_write_child_nodes(struct introspect *i, Set *s, const char *prefix);
+int introspect_write_child_nodes(struct introspect *i, OrderedSet *s, const char *prefix);
int introspect_write_interface(
struct introspect *i,
const char *interface_name,
diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c
index bf69539062..40158a7326 100644
--- a/src/libsystemd/sd-bus/bus-objects.c
+++ b/src/libsystemd/sd-bus/bus-objects.c
@@ -9,7 +9,6 @@
#include "bus-slot.h"
#include "bus-type.h"
#include "missing_capability.h"
-#include "set.h"
#include "string-util.h"
#include "strv.h"
@@ -99,7 +98,7 @@ static int add_enumerated_to_set(
sd_bus *bus,
const char *prefix,
struct node_enumerator *first,
- Set *s,
+ OrderedSet *s,
sd_bus_error *error) {
struct node_enumerator *c;
@@ -146,7 +145,7 @@ static int add_enumerated_to_set(
continue;
}
- r = set_consume(s, *k);
+ r = ordered_set_consume(s, *k);
if (r == -EEXIST)
r = 0;
}
@@ -171,7 +170,7 @@ static int add_subtree_to_set(
const char *prefix,
struct node *n,
unsigned flags,
- Set *s,
+ OrderedSet *s,
sd_bus_error *error) {
struct node *i;
@@ -198,7 +197,7 @@ static int add_subtree_to_set(
if (!t)
return -ENOMEM;
- r = set_consume(s, t);
+ r = ordered_set_consume(s, t);
if (r < 0 && r != -EEXIST)
return r;
@@ -220,10 +219,10 @@ static int get_child_nodes(
const char *prefix,
struct node *n,
unsigned flags,
- Set **_s,
+ OrderedSet **_s,
sd_bus_error *error) {
- Set *s = NULL;
+ OrderedSet *s = NULL;
int r;
assert(bus);
@@ -231,13 +230,13 @@ static int get_child_nodes(
assert(n);
assert(_s);
- s = set_new(&string_hash_ops);
+ s = ordered_set_new(&string_hash_ops);
if (!s)
return -ENOMEM;
r = add_subtree_to_set(bus, prefix, n, flags, s, error);
if (r < 0) {
- set_free_free(s);
+ ordered_set_free_free(s);
return r;
}
@@ -937,7 +936,7 @@ int introspect_path(
char **ret,
sd_bus_error *error) {
- _cleanup_set_free_free_ Set *s = NULL;
+ _cleanup_ordered_set_free_ OrderedSet *s = NULL;
_cleanup_(introspect_free) struct introspect intro = {};
struct node_vtable *c;
bool empty;
@@ -963,7 +962,7 @@ int introspect_path(
if (r < 0)
return r;
- empty = set_isempty(s);
+ empty = ordered_set_isempty(s);
LIST_FOREACH(vtables, c, n->vtables) {
if (require_fallback && !c->is_fallback)
@@ -1233,7 +1232,7 @@ static int process_get_managed_objects(
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- _cleanup_set_free_free_ Set *s = NULL;
+ _cleanup_ordered_set_free_free_ OrderedSet *s = NULL;
char *path;
int r;
@@ -1263,7 +1262,7 @@ static int process_get_managed_objects(
if (r < 0)
return r;
- SET_FOREACH(path, s) {
+ ORDERED_SET_FOREACH(path, s) {
r = object_manager_serialize_path_and_fallbacks(bus, reply, path, &error);
if (r < 0)
return bus_maybe_reply_error(m, r, &error);
@@ -2352,7 +2351,7 @@ _public_ int sd_bus_emit_properties_changed(
static int object_added_append_all_prefix(
sd_bus *bus,
sd_bus_message *m,
- Set *s,
+ OrderedSet *s,
const char *prefix,
const char *path,
bool require_fallback) {
@@ -2392,10 +2391,10 @@ static int object_added_append_all_prefix(
* skip it on any of its parents. The child vtables
* always fully override any conflicting vtables of
* any parent node. */
- if (set_get(s, c->interface))
+ if (ordered_set_get(s, c->interface))
continue;
- r = set_put(s, c->interface);
+ r = ordered_set_put(s, c->interface);
if (r < 0)
return r;
@@ -2441,7 +2440,7 @@ static int object_added_append_all_prefix(
}
static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *path) {
- _cleanup_set_free_ Set *s = NULL;
+ _cleanup_ordered_set_free_ OrderedSet *s = NULL;
_cleanup_free_ char *prefix = NULL;
size_t pl;
int r;
@@ -2465,7 +2464,7 @@ static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *p
* a parent that were overwritten by a child.
*/
- s = set_new(&string_hash_ops);
+ s = ordered_set_new(&string_hash_ops);
if (!s)
return -ENOMEM;
@@ -2572,7 +2571,7 @@ _public_ int sd_bus_emit_object_added(sd_bus *bus, const char *path) {
static int object_removed_append_all_prefix(
sd_bus *bus,
sd_bus_message *m,
- Set *s,
+ OrderedSet *s,
const char *prefix,
const char *path,
bool require_fallback) {
@@ -2605,7 +2604,7 @@ static int object_removed_append_all_prefix(
* skip it on any of its parents. The child vtables
* always fully override any conflicting vtables of
* any parent node. */
- if (set_get(s, c->interface))
+ if (ordered_set_get(s, c->interface))
continue;
r = node_vtable_get_userdata(bus, path, c, &u, &error);
@@ -2616,7 +2615,7 @@ static int object_removed_append_all_prefix(
if (r == 0)
continue;
- r = set_put(s, c->interface);
+ r = ordered_set_put(s, c->interface);
if (r < 0)
return r;
@@ -2631,7 +2630,7 @@ static int object_removed_append_all_prefix(
}
static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char *path) {
- _cleanup_set_free_ Set *s = NULL;
+ _cleanup_ordered_set_free_ OrderedSet *s = NULL;
_cleanup_free_ char *prefix = NULL;
size_t pl;
int r;
@@ -2642,7 +2641,7 @@ static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char
/* see sd_bus_emit_object_added() for details */
- s = set_new(&string_hash_ops);
+ s = ordered_set_new(&string_hash_ops);
if (!s)
return -ENOMEM;
diff --git a/src/shared/bus-object.c b/src/shared/bus-object.c
index f2e53913fb..4ed5215e3d 100644
--- a/src/shared/bus-object.c
+++ b/src/shared/bus-object.c
@@ -156,10 +156,10 @@ int bus_introspect_implementations(
if (impl != main_impl)
bus_introspect_implementation(&intro, impl);
- _cleanup_set_free_ Set *nodes = NULL;
+ _cleanup_ordered_set_free_ OrderedSet *nodes = NULL;
for (size_t i = 0; impl->children && impl->children[i]; i++) {
- r = set_put_strdup(&nodes, impl->children[i]->path);
+ r = ordered_set_put_strdup(&nodes, impl->children[i]->path);
if (r < 0)
return log_oom();
}

96
SOURCES/0054-meson-Remove-efi-cc-option.patch
Unescape View File

@ -0,0 +1,96 @@ @@ -0,0 +1,96 @@
From 38afe3074812ab355bc20a36d41871f1b4f4386b Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Wed, 29 Dec 2021 15:02:04 +0100
Subject: [PATCH] meson: Remove efi-cc option

Changing the efi compiler this way doesn't really work. The gnu-efi
header checks as well as supported compiler flag checks use the
regular cc that meson detects. Changing the compiler this way will
end up with bad compiler flags. For the very same reason, this does
not work with a cross-compiler without going through proper meson
cross-compilation steps either.

The proper way to build systemd-boot with a different compiler is to
use a different build folder and then just use the proper ninja build
target to only build the bootloader/stub.

(cherry picked from commit 52adf0e91ef00d21a2e83f7669d0823667ce6b6c)

Related: #2017035
---
meson_options.txt | 2 --
src/boot/efi/meson.build | 14 ++++----------
2 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/meson_options.txt b/meson_options.txt
index 401f0933d7..62cdeb4201 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -414,8 +414,6 @@ option('dbus', type : 'combo', choices : ['auto', 'true', 'false'],
option('gnu-efi', type : 'combo', choices : ['auto', 'true', 'false'],
description : 'gnu-efi support for sd-boot')
-option('efi-cc', type : 'array',
- description : 'the compiler to use for EFI modules')
# Note that LLD does not support PE/COFF relocations
# https://lists.llvm.org/pipermail/llvm-dev/2021-March/149234.html
option('efi-ld', type : 'combo', choices : ['auto', 'bfd', 'gold'],
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 6a0c8da9ba..11e6bf2dd0 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -44,10 +44,6 @@ if not cc.has_header_symbol('efi.h', 'EFI_IMAGE_MACHINE_X64',
endif
objcopy = find_program('objcopy')
-efi_cc = get_option('efi-cc')
-if efi_cc.length() == 0
- efi_cc = cc.cmd_array()
-endif
efi_ld = get_option('efi-ld')
if efi_ld == 'auto'
@@ -62,7 +58,7 @@ efi_libdir = ''
foreach dir : [get_option('efi-libdir'),
'/usr/lib/gnuefi' / efi_arch[0],
run_command('realpath', '-e',
- '/usr/lib' / run_command(efi_cc, '-print-multi-os-directory').stdout().strip()).stdout().strip()]
+ '/usr/lib' / run_command(cc.cmd_array(), '-print-multi-os-directory').stdout().strip()).stdout().strip()]
if dir != '' and fs.is_dir(dir)
efi_libdir = dir
break
@@ -275,15 +271,13 @@ if run_command('grep', '-q', '__CTOR_LIST__', efi_lds).returncode() == 0
]
endif
-efi_cc_version = run_command(efi_cc, '--version').stdout().split('\n')[0]
-if efi_cc_version.contains('clang') and efi_cc_version.split('.')[0].split(' ')[-1].to_int() <= 10
+if cc.get_id() == 'clang' and cc.version().split('.')[0].to_int() <= 10
# clang <= 10 doesn't pass -T to the linker and then even complains about it being unused
efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument']
endif
summary({
'EFI machine type' : efi_arch[0],
- 'EFI CC' : '@0@'.format(' '.join(efi_cc)),
'EFI LD' : efi_ld,
'EFI lds' : efi_lds,
'EFI crt0' : efi_crt0,
@@ -368,7 +362,7 @@ foreach file : fundamental_source_paths + common_sources + systemd_boot_sources
o_file = custom_target(file.split('/')[-1] + '.o',
input : file,
output : file.split('/')[-1] + '.o',
- command : [efi_cc, '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags],
+ command : [cc.cmd_array(), '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags],
depend_files : efi_headers + fundamental_headers)
if (fundamental_source_paths + common_sources + systemd_boot_sources).contains(file)
systemd_boot_objects += o_file
@@ -389,7 +383,7 @@ foreach tuple : [['systemd_boot.so', systemd_boot_efi_name, systemd_boot_objects
tuple[0],
input : tuple[2],
output : tuple[0],
- command : [efi_cc, '-o', '@OUTPUT@', efi_ldflags, efi_cflags, tuple[2], '-lefi', '-lgnuefi', '-lgcc'],
+ command : [cc.cmd_array(), '-o', '@OUTPUT@', efi_ldflags, efi_cflags, tuple[2], '-lefi', '-lgnuefi', '-lgcc'],
install : tuple[3],
install_dir : bootlibdir)

25
SOURCES/0055-meson-Get-objcopy-location-from-compiler.patch
Unescape View File

@ -0,0 +1,25 @@ @@ -0,0 +1,25 @@
From b077524848816638fc7d0cf3e65c062da095626f Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Wed, 29 Dec 2021 15:13:35 +0100
Subject: [PATCH] meson: Get objcopy location from compiler

(cherry picked from commit 2f2b07226751827303a88f3a301f2d834f3fb97b)

Related: #2017035
---
src/boot/efi/meson.build | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 11e6bf2dd0..144fbb0f43 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -43,7 +43,7 @@ if not cc.has_header_symbol('efi.h', 'EFI_IMAGE_MACHINE_X64',
subdir_done()
endif
-objcopy = find_program('objcopy')
+objcopy = run_command(cc.cmd_array(), '-print-prog-name=objcopy', check: true).stdout().strip()
efi_ld = get_option('efi-ld')
if efi_ld == 'auto'

109
SOURCES/0055-udev-net_id-avoid-slot-based-names-only-for-single-f.patch
Unescape View File

@ -0,0 +1,109 @@ @@ -0,0 +1,109 @@
From aacd9b79ecd97007bad3706234ccc1b2ae84ca11 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 23 Mar 2022 17:34:12 +0100
Subject: [PATCH] udev/net_id: avoid slot based names only for single function
devices

If we have two or more devices that share the same slot but they are
also multifunction then it is OK to use the slot information even if it
is the same for all of them. Name conflict will be avoided because we
will append function number and form names like, ens1f1, ens1f2...

(cherry picked from commit 66425daf2c68793adf24a48a26d58add8662e83f)

Resolves: #2070097
---
man/systemd.net-naming-scheme.xml | 7 ++++++-
src/shared/netif-naming-scheme.h | 31 ++++++++++++++++---------------
src/udev/udev-builtin-net_id.c | 11 +++++++++--
3 files changed, 31 insertions(+), 18 deletions(-)

diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml
index 942ef572ff..73d08b681d 100644
--- a/man/systemd.net-naming-scheme.xml
+++ b/man/systemd.net-naming-scheme.xml
@@ -406,7 +406,12 @@
<varlistentry>
<term><constant>rhel-9.0</constant></term>
- <listitem><para>Same as naming scheme <constant>v250</constant>.</para>
+ <listitem><para>Since version <constant>v247</constant> we no longer set
+ <varname>ID_NET_NAME_SLOT</varname> if we detect that a PCI device associated with a slot is a PCI
+ bridge as that would create naming conflict when there are more child devices on that bridge. Now,
+ this is relaxed and we will use slot information to generate the name based on it but only if
+ the PCI device has multiple functions. This is safe because distinct function number is a part of
+ the device name for multifunction devices.</para>
</listitem>
</varlistentry>
diff --git a/src/shared/netif-naming-scheme.h b/src/shared/netif-naming-scheme.h
index f765db6ef2..5c86cb4545 100644
--- a/src/shared/netif-naming-scheme.h
+++ b/src/shared/netif-naming-scheme.h
@@ -22,20 +22,21 @@
* OS versions, but not fully stabilize them. */
typedef enum NamingSchemeFlags {
/* First, the individual features */
- NAMING_SR_IOV_V = 1 << 0, /* Use "v" suffix for SR-IOV, see 609948c7043a */
- NAMING_NPAR_ARI = 1 << 1, /* Use NPAR "ARI", see 6bc04997b6ea */
- NAMING_INFINIBAND = 1 << 2, /* Use "ib" prefix for infiniband, see 938d30aa98df */
- NAMING_ZERO_ACPI_INDEX = 1 << 3, /* Use zero acpi_index field, see d81186ef4f6a */
- NAMING_ALLOW_RERENAMES = 1 << 4, /* Allow re-renaming of devices, see #9006 */
- NAMING_STABLE_VIRTUAL_MACS = 1 << 5, /* Use device name to generate MAC, see 6d3646406560 */
- NAMING_NETDEVSIM = 1 << 6, /* Generate names for netdevsim devices, see eaa9d507d855 */
- NAMING_LABEL_NOPREFIX = 1 << 7, /* Don't prepend ID_NET_LABEL_ONBOARD with interface type prefix */
- NAMING_NSPAWN_LONG_HASH = 1 << 8, /* Shorten nspawn interfaces by including 24bit hash, instead of simple truncation */
- NAMING_BRIDGE_NO_SLOT = 1 << 9, /* Don't use PCI hotplug slot information if the corresponding device is a PCI bridge */
- NAMING_SLOT_FUNCTION_ID = 1 << 10, /* Use function_id if present to identify PCI hotplug slots */
- NAMING_16BIT_INDEX = 1 << 11, /* Allow full 16-bit for the onboard index */
- NAMING_REPLACE_STRICTLY = 1 << 12, /* Use udev_replace_ifname() for NAME= rule */
- NAMING_XEN_VIF = 1 << 13, /* GEnerate names for Xen netfront devices */
+ NAMING_SR_IOV_V = 1 << 0, /* Use "v" suffix for SR-IOV, see 609948c7043a */
+ NAMING_NPAR_ARI = 1 << 1, /* Use NPAR "ARI", see 6bc04997b6ea */
+ NAMING_INFINIBAND = 1 << 2, /* Use "ib" prefix for infiniband, see 938d30aa98df */
+ NAMING_ZERO_ACPI_INDEX = 1 << 3, /* Use zero acpi_index field, see d81186ef4f6a */
+ NAMING_ALLOW_RERENAMES = 1 << 4, /* Allow re-renaming of devices, see #9006 */
+ NAMING_STABLE_VIRTUAL_MACS = 1 << 5, /* Use device name to generate MAC, see 6d3646406560 */
+ NAMING_NETDEVSIM = 1 << 6, /* Generate names for netdevsim devices, see eaa9d507d855 */
+ NAMING_LABEL_NOPREFIX = 1 << 7, /* Don't prepend ID_NET_LABEL_ONBOARD with interface type prefix */
+ NAMING_NSPAWN_LONG_HASH = 1 << 8, /* Shorten nspawn interfaces by including 24bit hash, instead of simple truncation */
+ NAMING_BRIDGE_NO_SLOT = 1 << 9, /* Don't use PCI hotplug slot information if the corresponding device is a PCI bridge */
+ NAMING_SLOT_FUNCTION_ID = 1 << 10, /* Use function_id if present to identify PCI hotplug slots */
+ NAMING_16BIT_INDEX = 1 << 11, /* Allow full 16-bit for the onboard index */
+ NAMING_REPLACE_STRICTLY = 1 << 12, /* Use udev_replace_ifname() for NAME= rule */
+ NAMING_XEN_VIF = 1 << 13, /* Generate names for Xen netfront devices */
+ NAMING_BRIDGE_MULTIFUNCTION_SLOT = 1 << 14, /* Use PCI hotplug slot information associated with bridge, but only if PCI device is multifunction */
/* And now the masks that combine the features above */
NAMING_V238 = 0,
@@ -47,7 +48,7 @@ typedef enum NamingSchemeFlags {
NAMING_V247 = NAMING_V245 | NAMING_BRIDGE_NO_SLOT,
NAMING_V249 = NAMING_V247 | NAMING_SLOT_FUNCTION_ID | NAMING_16BIT_INDEX | NAMING_REPLACE_STRICTLY,
NAMING_V250 = NAMING_V249 | NAMING_XEN_VIF,
- NAMING_RHEL_9_0 = NAMING_V250,
+ NAMING_RHEL_9_0 = NAMING_V250 | NAMING_BRIDGE_MULTIFUNCTION_SLOT,
EXTRA_NET_NAMING_SCHEMES
diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c
index 65e003eb15..673ed7a7ca 100644
--- a/src/udev/udev-builtin-net_id.c
+++ b/src/udev/udev-builtin-net_id.c
@@ -451,8 +451,15 @@ static int dev_pci_slot(sd_device *dev, const LinkInfo *info, NetNames *names) {
* devices that will try to claim the same index and that would create name
* collision. */
if (naming_scheme_has(NAMING_BRIDGE_NO_SLOT) && is_pci_bridge(hotplug_slot_dev)) {
- log_device_debug(dev, "Not using slot information because the PCI device is a bridge.");
- return 0;
+ if (naming_scheme_has(NAMING_BRIDGE_MULTIFUNCTION_SLOT) && !is_pci_multifunction(names->pcidev)) {
+ log_device_debug(dev, "Not using slot information because the PCI device associated with the hotplug slot is a bridge and the PCI device has single function.");
+ return 0;
+ }
+
+ if (!naming_scheme_has(NAMING_BRIDGE_MULTIFUNCTION_SLOT)) {
+ log_device_debug(dev, "Not using slot information because the PCI device is a bridge.");
+ return 0;
+ }
}
break;

123
SOURCES/0056-meson-Use-files-for-source-lists-for-boot-and-fundam.patch
Unescape View File

@ -0,0 +1,123 @@ @@ -0,0 +1,123 @@
From 3088f292855f4a525271906a5652985f01c5d7b2 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Fri, 7 Jan 2022 21:55:50 +0100
Subject: [PATCH] meson: Use files() for source lists for boot and fundamental

This fixes build reproducibility as otherwise the full path
of the source files ends up in the output binary.

(cherry picked from commit b3c5a7074cd434bc02c4b560afe933d3df24759e)

Related: #2017035
---
src/boot/efi/meson.build | 29 +++++++++++++++++------------
src/fundamental/meson.build | 22 +++++++++-------------
2 files changed, 26 insertions(+), 25 deletions(-)

diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 144fbb0f43..4cc43dc00c 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -312,9 +312,10 @@ efi_headers = files(
'shim.h',
'splash.h',
'util.h',
- 'xbootldr.h')
+ 'xbootldr.h',
+)
-common_sources = [
+common_sources = files(
'assert.c',
'devicetree.c',
'disk.c',
@@ -322,31 +323,34 @@ common_sources = [
'measure.c',
'pe.c',
'secure-boot.c',
- 'util.c']
+ 'util.c',
+)
-systemd_boot_sources = [
+systemd_boot_sources = files(
'boot.c',
'console.c',
'drivers.c',
'random-seed.c',
'shim.c',
- 'xbootldr.c']
+ 'xbootldr.c',
+)
-stub_sources = [
+stub_sources = files(
'cpio.c',
'initrd.c',
'splash.c',
- 'stub.c']
+ 'stub.c',
+)
if efi_arch[1] in ['ia32', 'x86_64']
- stub_sources += 'linux_x86.c'
+ stub_sources += files('linux_x86.c')
else
- stub_sources += 'linux.c'
+ stub_sources += files('linux.c')
endif
# BCD parser only makes sense on arches that Windows supports.
if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
- systemd_boot_sources += 'bcd.c'
+ systemd_boot_sources += files('bcd.c')
tests += [
[['src/boot/efi/test-bcd.c'],
[],
@@ -359,9 +363,10 @@ endif
systemd_boot_objects = []
stub_objects = []
foreach file : fundamental_source_paths + common_sources + systemd_boot_sources + stub_sources
- o_file = custom_target(file.split('/')[-1] + '.o',
+ # FIXME: replace ''.format(file) with fs.name(file) when meson_version requirement is >= 0.59.0
+ o_file = custom_target('@0@.o'.format(file).split('/')[-1],
input : file,
- output : file.split('/')[-1] + '.o',
+ output : '@0@.o'.format(file).split('/')[-1],
command : [cc.cmd_array(), '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags],
depend_files : efi_headers + fundamental_headers)
if (fundamental_source_paths + common_sources + systemd_boot_sources).contains(file)
diff --git a/src/fundamental/meson.build b/src/fundamental/meson.build
index 287f0fe36a..f927788c3a 100644
--- a/src/fundamental/meson.build
+++ b/src/fundamental/meson.build
@@ -8,20 +8,16 @@ fundamental_headers = files(
'macro-fundamental.h',
'sha256.h',
'string-util-fundamental.h',
- 'types-fundamental.h')
-
-sources = '''
- bootspec-fundamental.c
- efivars-fundamental.c
- string-util-fundamental.c
- sha256.c
-'''.split()
+ 'types-fundamental.h',
+)
# for sd-boot
-fundamental_source_paths = []
-foreach source : sources
- fundamental_source_paths += meson.current_source_dir() / source
-endforeach
+fundamental_source_paths = files(
+ 'bootspec-fundamental.c',
+ 'efivars-fundamental.c',
+ 'sha256.c',
+ 'string-util-fundamental.c',
+)
# for libbasic
-fundamental_sources = files(sources) + fundamental_headers
+fundamental_sources = fundamental_source_paths + fundamental_headers

68
SOURCES/0056-shutdown-get-only-active-md-arrays.patch
Unescape View File

@ -0,0 +1,68 @@ @@ -0,0 +1,68 @@
From 375a8c43cc683af6cc6c8c4be50e100ba0fa0b58 Mon Sep 17 00:00:00 2001
From: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
Date: Tue, 29 Mar 2022 12:49:54 +0200
Subject: [PATCH] shutdown: get only active md arrays.

Current md_list_get() implementation filters all block devices, started from
"md*". This is ambiguous because list could contain:
- partitions created upon md device (mdXpY)
- external metadata container- specific type of md array.

For partitions there is no issue, because they aren't handle STOP_ARRAY
ioctl sent later. It generates misleading errors only.

Second case is more problematic because containers are not locked in kernel.
They are stopped even if container member array is active. For that reason
reboot or shutdown flow could be blocked because metadata manager cannot be
restarted after switch root on shutdown.

Add filters to remove partitions and containers from md_list. Partitions
can be excluded by DEVTYPE. Containers are determined by MD_LEVEL
property, we are excluding all with "container" value.

Signed-off-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
(cherry picked from commit 3a3b022d2cc112803ea7b9beea98bbcad110368a)

Resolves: #2087677
---
src/shutdown/umount.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c
index f5a2cb20c1..6b08d9de74 100644
--- a/src/shutdown/umount.c
+++ b/src/shutdown/umount.c
@@ -352,9 +352,14 @@ static int md_list_get(MountPoint **head) {
if (r < 0)
return r;
+ /* Filter out partitions. */
+ r = sd_device_enumerator_add_match_property(e, "DEVTYPE", "disk");
+ if (r < 0)
+ return r;
+
FOREACH_DEVICE(e, d) {
_cleanup_free_ char *p = NULL;
- const char *dn;
+ const char *dn, *md_level;
MountPoint *m;
dev_t devnum;
@@ -362,6 +367,17 @@ static int md_list_get(MountPoint **head) {
sd_device_get_devname(d, &dn) < 0)
continue;
+ r = sd_device_get_property_value(d, "MD_LEVEL", &md_level);
+ if (r < 0) {
+ log_warning_errno(r, "Failed to get MD_LEVEL property for %s, ignoring: %m", dn);
+ continue;
+ }
+
+ /* MD "containers" are a special type of MD devices, used for external metadata.
+ * Since it doesn't provide RAID functionality in itself we don't need to stop it. */
+ if (streq(md_level, "container"))
+ continue;
+
p = strdup(dn);
if (!p)
return -ENOMEM;

1483
SOURCES/0057-meson-Use-files-for-tests.patch
View File

File diff suppressed because it is too large Load Diff

41
SOURCES/0057-test-lvm-2.03.15-dropped-the-static-autoactivation.patch
Unescape View File

@ -0,0 +1,41 @@ @@ -0,0 +1,41 @@
From abf906d35843be10a9321a43062c8f9e411ccc1b Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 9 Feb 2022 22:35:03 +0100
Subject: [PATCH] test: lvm 2.03.15 dropped the static autoactivation

so install the respective generator only if we're running with older
lvm versions.

See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=ee8fb0310c53ed003a43b324c99cdfd891dd1a7c
(cherry picked from commit d10d562bd4b9f93130fb2b23f2b0d0d4126ea7d4)

Related: #2087677
---
test/test-functions | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/test/test-functions b/test/test-functions
index 4827b6bedf..dcc893733c 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -973,16 +973,19 @@ install_lvm() {
image_install lvm
image_install "${ROOTLIBDIR:?}"/system/lvm2-lvmpolld.{service,socket}
image_install "${ROOTLIBDIR:?}"/system/{blk-availability,lvm2-monitor}.service
- image_install "${ROOTLIBDIR:?}"/system-generators/lvm2-activation-generator
image_install -o "/lib/tmpfiles.d/lvm2.conf"
if get_bool "$LOOKS_LIKE_DEBIAN"; then
inst_rules 56-lvm.rules 69-lvm-metad.rules
else
# Support the new udev autoactivation introduced in lvm 2.03.14
# https://sourceware.org/git/?p=lvm2.git;a=commit;h=67722b312390cdab29c076c912e14bd739c5c0f6
+ # Static autoactivation (via lvm2-activation-generator) was dropped
+ # in lvm 2.03.15
+ # https://sourceware.org/git/?p=lvm2.git;a=commit;h=ee8fb0310c53ed003a43b324c99cdfd891dd1a7c
if [[ -f /lib/udev/rules.d/69-dm-lvm.rules ]]; then
inst_rules 11-dm-lvm.rules 69-dm-lvm.rules
else
+ image_install "${ROOTLIBDIR:?}"/system-generators/lvm2-activation-generator
image_install "${ROOTLIBDIR:?}"/system/lvm2-pvscan@.service
inst_rules 11-dm-lvm.rules 69-dm-lvm-metad.rules
fi

35
SOURCES/0058-ci-limit-which-env-variables-we-pass-through-sudo.patch
Unescape View File

@ -0,0 +1,35 @@ @@ -0,0 +1,35 @@
From b91a67f2fdd11710c67b4a965bcbecce2833c8d5 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 13 Jul 2022 11:12:36 +0200
Subject: [PATCH] ci: limit which env variables we pass through `sudo`

to work around #23987.

(cherry picked from commit d46e7c7cfd6c286a38298c067f16ac784c2a26f0)

Related: #2087677
---
.github/workflows/unit_tests.yml | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml
index 2afde5d59d..58b7b7cdb2 100644
--- a/.github/workflows/unit_tests.yml
+++ b/.github/workflows/unit_tests.yml
@@ -28,8 +28,14 @@ jobs:
- name: Repository checkout
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- name: Install build dependencies
- run: sudo -E .github/workflows/unit_tests.sh SETUP
+ run: |
+ # Drop XDG_* stuff from /etc/environment, so we don't get the user
+ # XDG_* variables when running under sudo
+ sudo sed -i '/^XDG_/d' /etc/environment
+ # Pass only specific env variables through sudo, to avoid having
+ # the already existing XDG_* stuff on the "other side"
+ sudo --preserve-env=CRYPTOLIB,GITHUB_ACTIONS,CI .github/workflows/unit_tests.sh SETUP
- name: Build & test (${{ matrix.run_phase }}-${{ matrix.cryptolib }})
- run: sudo -E .github/workflows/unit_tests.sh RUN_${{ matrix.run_phase }}
+ run: sudo --preserve-env=CRYPTOLIB,GITHUB_ACTIONS,CI .github/workflows/unit_tests.sh RUN_${{ matrix.run_phase }}
env:
CRYPTOLIB: ${{ matrix.cryptolib }}

95
SOURCES/0058-tests-add-fuzz-bcd.patch
Unescape View File

@ -0,0 +1,95 @@ @@ -0,0 +1,95 @@
From f06002981d2bd2a582d2252f7d509205bcc2a9ed Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Sun, 26 Dec 2021 23:26:56 +0000
Subject: [PATCH] tests: add fuzz-bcd

(cherry picked from commit 4b65fc8725fa169bf870eb022d7b346796977c21)

Related: #2017035
---
src/boot/efi/fuzz-bcd.c | 26 ++++++++++++++++++++++++++
src/boot/efi/meson.build | 3 +++
tools/oss-fuzz.sh | 16 ++++++++++++++++
3 files changed, 45 insertions(+)
create mode 100644 src/boot/efi/fuzz-bcd.c

diff --git a/src/boot/efi/fuzz-bcd.c b/src/boot/efi/fuzz-bcd.c
new file mode 100644
index 0000000000..e5ed6638a4
--- /dev/null
+++ b/src/boot/efi/fuzz-bcd.c
@@ -0,0 +1,26 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "alloc-util.h"
+#include "fd-util.h"
+#include "fuzz.h"
+#include "utf8.h"
+
+#include "bcd.c"
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+ _cleanup_free_ void *p = NULL;
+
+ /* This limit was borrowed from src/boot/efi/boot.c */
+ if (size > 100*1024)
+ return 0;
+
+ if (!getenv("SYSTEMD_LOG_LEVEL"))
+ log_set_max_level(LOG_CRIT);
+
+ p = memdup(data, size);
+ assert_se(p);
+
+ char16_t *title = get_bcd_title(p, size);
+ assert_se(!title || char16_strlen(title) >= 0);
+ return 0;
+}
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 16b34f0ac2..229771026d 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -358,6 +358,9 @@ if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
[],
'HAVE_ZSTD'],
]
+ fuzzers += [
+ [['src/boot/efi/fuzz-bcd.c']],
+ ]
endif
systemd_boot_objects = []
diff --git a/tools/oss-fuzz.sh b/tools/oss-fuzz.sh
index 8a19da665e..ae57fc25d5 100755
--- a/tools/oss-fuzz.sh
+++ b/tools/oss-fuzz.sh
@@ -36,6 +36,13 @@ else
apt-get install -y gperf m4 gettext python3-pip \
libcap-dev libmount-dev libkmod-dev \
pkg-config wget python3-jinja2
+
+ # gnu-efi is installed here to enable -Dgnu-efi behind which fuzz-bcd
+ # is hidden. It isn't linked against efi. It doesn't
+ # even include "efi.h" because "bcd.c" can work in "unit test" mode
+ # where it isn't necessary.
+ apt-get install -y gnu-efi zstd
+
pip3 install -r .github/workflows/requirements.txt --require-hashes
# https://github.com/google/oss-fuzz/issues/6868
@@ -56,6 +63,15 @@ fi
ninja -v -C "$build" fuzzers
+# Compressed BCD files are kept in test/test-bcd so let's unpack them
+# and put them all in the seed corpus.
+bcd=$(mktemp -d)
+for i in test/test-bcd/*.zst; do
+ unzstd "$i" -o "$bcd/$(basename "${i%.zst}")";
+done
+zip -jqr "$OUT/fuzz-bcd_seed_corpus.zip" "$bcd"
+rm -rf "$bcd"
+
# The seed corpus is a separate flat archive for each fuzzer,
# with a fixed name ${fuzzer}_seed_corpus.zip.
for d in "$(dirname "$0")/../test/fuzz/fuzz-"*; do

335
SOURCES/0059-meson-Use-files-for-fuzzers.patch
Unescape View File

@ -0,0 +1,335 @@ @@ -0,0 +1,335 @@
From a21bc03df9504c7a9b0c8e0e894d94f226a7a038 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Tue, 11 Jan 2022 10:47:01 +0100
Subject: [PATCH] meson: Use files() for fuzzers

Not having to provide the full path in the source tree is much
nicer and the produced lists can also be used anywhere in the source
tree.

(cherry picked from commit bbec46c817951225f1e535d3df95b82a114e502a)

Related: #2017035
---
meson.build | 3 ++-
src/boot/efi/meson.build | 2 +-
src/core/meson.build | 2 +-
src/fuzz/meson.build | 20 ++++++++++----------
src/journal-remote/meson.build | 2 +-
src/journal/meson.build | 24 ++++++++++++------------
src/libsystemd-network/meson.build | 8 ++++----
src/libsystemd/meson.build | 4 ++--
src/network/meson.build | 4 ++--
src/nspawn/meson.build | 4 ++--
src/resolve/meson.build | 2 +-
src/systemctl/meson.build | 7 ++++---
src/udev/meson.build | 11 +++++------
src/xdg-autostart-generator/meson.build | 6 +++---
14 files changed, 50 insertions(+), 49 deletions(-)

diff --git a/meson.build b/meson.build
index 35ba29aecf..fdf02b8110 100644
--- a/meson.build
+++ b/meson.build
@@ -3677,7 +3677,8 @@ foreach tuple : fuzzers
sources += 'src/fuzz/fuzz-main.c'
endif
- name = sources[0].split('/')[-1].split('.')[0]
+ # FIXME: Use fs.stem() with meson >= 0.54.0
+ name = '@0@'.format(sources[0]).split('/')[-1].split('.')[0]
exe = executable(
name,
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 229771026d..3e948281f2 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -359,7 +359,7 @@ if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
'HAVE_ZSTD'],
]
fuzzers += [
- [['src/boot/efi/fuzz-bcd.c']],
+ [files('fuzz-bcd.c')],
]
endif
diff --git a/src/core/meson.build b/src/core/meson.build
index d229d46779..97ac431763 100644
--- a/src/core/meson.build
+++ b/src/core/meson.build
@@ -228,7 +228,7 @@ endif
############################################################
fuzzers += [
- [['src/core/fuzz-unit-file.c'],
+ [files('fuzz-unit-file.c'),
[libcore,
libshared],
[libmount]],
diff --git a/src/fuzz/meson.build b/src/fuzz/meson.build
index 1ed1dd8251..d987f32b08 100644
--- a/src/fuzz/meson.build
+++ b/src/fuzz/meson.build
@@ -1,23 +1,23 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
fuzzers += [
- [['src/fuzz/fuzz-catalog.c']],
+ [files('fuzz-catalog.c')],
- [['src/fuzz/fuzz-json.c']],
+ [files('fuzz-json.c')],
- [['src/fuzz/fuzz-varlink.c']],
+ [files('fuzz-varlink.c')],
- [['src/fuzz/fuzz-udev-database.c']],
+ [files('fuzz-udev-database.c')],
- [['src/fuzz/fuzz-compress.c']],
+ [files('fuzz-compress.c')],
- [['src/fuzz/fuzz-bus-label.c']],
+ [files('fuzz-bus-label.c')],
- [['src/fuzz/fuzz-env-file.c']],
+ [files('fuzz-env-file.c')],
- [['src/fuzz/fuzz-hostname-setup.c']],
+ [files('fuzz-hostname-setup.c')],
- [['src/fuzz/fuzz-calendarspec.c']],
+ [files('fuzz-calendarspec.c')],
- [['src/fuzz/fuzz-time-util.c']],
+ [files('fuzz-time-util.c')],
]
diff --git a/src/journal-remote/meson.build b/src/journal-remote/meson.build
index 168d0ed6a3..1f3e0878ae 100644
--- a/src/journal-remote/meson.build
+++ b/src/journal-remote/meson.build
@@ -76,7 +76,7 @@ endif
############################################################
fuzzers += [
- [['src/journal-remote/fuzz-journal-remote.c'],
+ [files('fuzz-journal-remote.c'),
[libsystemd_journal_remote,
libshared],
[],
diff --git a/src/journal/meson.build b/src/journal/meson.build
index b9a63d5e2f..21c4d2561c 100644
--- a/src/journal/meson.build
+++ b/src/journal/meson.build
@@ -116,38 +116,38 @@ tests += [
]
fuzzers += [
- [['src/journal/fuzz-journald-audit.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-audit.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
- [['src/journal/fuzz-journald-kmsg.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-kmsg.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
- [['src/journal/fuzz-journald-native.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-native.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
- [['src/journal/fuzz-journald-native-fd.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-native-fd.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
- [['src/journal/fuzz-journald-stream.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-stream.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
- [['src/journal/fuzz-journald-syslog.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-syslog.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
diff --git a/src/libsystemd-network/meson.build b/src/libsystemd-network/meson.build
index 3923df48ea..6be409d8ad 100644
--- a/src/libsystemd-network/meson.build
+++ b/src/libsystemd-network/meson.build
@@ -105,19 +105,19 @@ tests += [
]
fuzzers += [
- [['src/libsystemd-network/fuzz-dhcp6-client.c'],
+ [files('fuzz-dhcp6-client.c'),
[libshared,
libsystemd_network]],
- [['src/libsystemd-network/fuzz-dhcp-server.c'],
+ [files('fuzz-dhcp-server.c'),
[libsystemd_network,
libshared]],
- [['src/libsystemd-network/fuzz-lldp-rx.c'],
+ [files('fuzz-lldp-rx.c'),
[libshared,
libsystemd_network]],
- [['src/libsystemd-network/fuzz-ndisc-rs.c'],
+ [files('fuzz-ndisc-rs.c'),
[libshared,
libsystemd_network]],
]
diff --git a/src/libsystemd/meson.build b/src/libsystemd/meson.build
index 42746e560f..2e5255d479 100644
--- a/src/libsystemd/meson.build
+++ b/src/libsystemd/meson.build
@@ -316,7 +316,7 @@ endif
############################################################
fuzzers += [
- [['src/libsystemd/sd-bus/fuzz-bus-message.c']],
+ [files('sd-bus/fuzz-bus-message.c')],
- [['src/libsystemd/sd-bus/fuzz-bus-match.c']],
+ [files('sd-bus/fuzz-bus-match.c')],
]
diff --git a/src/network/meson.build b/src/network/meson.build
index a598701e4f..23743233fa 100644
--- a/src/network/meson.build
+++ b/src/network/meson.build
@@ -261,14 +261,14 @@ if conf.get('ENABLE_NETWORKD') == 1
endif
fuzzers += [
- [['src/network/fuzz-netdev-parser.c'],
+ [files('fuzz-netdev-parser.c'),
[libnetworkd_core,
libsystemd_network,
networkd_link_with],
[threads],
network_includes],
- [['src/network/fuzz-network-parser.c'],
+ [files('fuzz-network-parser.c'),
[libnetworkd_core,
libsystemd_network,
networkd_link_with],
diff --git a/src/nspawn/meson.build b/src/nspawn/meson.build
index 3c1a9c6182..2934672e9a 100644
--- a/src/nspawn/meson.build
+++ b/src/nspawn/meson.build
@@ -66,12 +66,12 @@ tests += [
]
fuzzers += [
- [['src/nspawn/fuzz-nspawn-settings.c'],
+ [files('fuzz-nspawn-settings.c'),
[libshared,
libnspawn_core],
[libseccomp]],
- [['src/nspawn/fuzz-nspawn-oci.c'],
+ [files('fuzz-nspawn-oci.c'),
[libshared,
libnspawn_core],
[libseccomp]],
diff --git a/src/resolve/meson.build b/src/resolve/meson.build
index 4de50c3d8e..1fee993d0a 100644
--- a/src/resolve/meson.build
+++ b/src/resolve/meson.build
@@ -216,7 +216,7 @@ tests += [
]
fuzzers += [
- [['src/resolve/fuzz-dns-packet.c'],
+ [files('fuzz-dns-packet.c'),
[libsystemd_resolve_core,
libshared],
[lib_openssl_or_gcrypt,
diff --git a/src/systemctl/meson.build b/src/systemctl/meson.build
index 38bf33d49a..f0d405bb58 100644
--- a/src/systemctl/meson.build
+++ b/src/systemctl/meson.build
@@ -83,7 +83,8 @@ else
endif
fuzzers += [
- [['src/systemctl/fuzz-systemctl-parse-argv.c',
- systemctl_sources],
+ [files('fuzz-systemctl-parse-argv.c') +
+ systemctl_sources,
systemctl_link_with,
- [], [], ['-DFUZZ_SYSTEMCTL_PARSE_ARGV']]]
+ [], [], ['-DFUZZ_SYSTEMCTL_PARSE_ARGV']]
+]
diff --git a/src/udev/meson.build b/src/udev/meson.build
index 57fbf8c8fc..9fd0bcdd0e 100644
--- a/src/udev/meson.build
+++ b/src/udev/meson.build
@@ -174,24 +174,23 @@ if install_sysconfdir
endif
fuzzers += [
- [['src/udev/net/fuzz-link-parser.c',
- 'src/fuzz/fuzz.h'],
+ [files('net/fuzz-link-parser.c'),
[libudevd_core,
libshared],
[threads,
libacl],
udev_includes],
- [['src/udev/fuzz-udev-rules.c'],
+ [files('fuzz-udev-rules.c'),
[libudevd_core,
libshared],
[threads,
libacl]],
- [['src/udev/fuzz-udev-rule-parse-value.c']],
+ [files('fuzz-udev-rule-parse-value.c')],
- [['src/udev/fido_id/fuzz-fido-id-desc.c',
- 'src/udev/fido_id/fido_id_desc.c']],
+ [files('fido_id/fuzz-fido-id-desc.c',
+ 'fido_id/fido_id_desc.c')],
]
tests += [
diff --git a/src/xdg-autostart-generator/meson.build b/src/xdg-autostart-generator/meson.build
index 6418f57c40..cdce66b6fc 100644
--- a/src/xdg-autostart-generator/meson.build
+++ b/src/xdg-autostart-generator/meson.build
@@ -12,7 +12,7 @@ tests += [
]
fuzzers += [
- [['src/xdg-autostart-generator/fuzz-xdg-desktop.c',
- 'src/xdg-autostart-generator/xdg-autostart-service.c',
- 'src/xdg-autostart-generator/xdg-autostart-service.h']],
+ [files('fuzz-xdg-desktop.c',
+ 'xdg-autostart-service.c',
+ 'xdg-autostart-service.h')],
]

27
SOURCES/0059-shared-Fix-memory-leak-in-bus_append_execute_propert.patch
Unescape View File

@ -0,0 +1,27 @@ @@ -0,0 +1,27 @@
From 98d9cc40b6c159af8b44c9b54c2bf1af56c43a3c Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Mon, 9 May 2022 09:50:32 +0200
Subject: [PATCH] shared: Fix memory leak in bus_append_execute_property()

Fixes #23317

(cherry picked from commit 2aaf6d407e8541985a15b7106abf6fbdfed0766a)

Related: #2087677
---
src/shared/bus-unit-util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
index dcce530c99..ef134bcee4 100644
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
@@ -1952,7 +1952,7 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
path_simplify(source);
if (isempty(destination)) {
- r = strv_extend(&sources, TAKE_PTR(source));
+ r = strv_consume(&sources, TAKE_PTR(source));
if (r < 0)
return bus_log_create_error(r);
} else {

137
SOURCES/0060-meson-Add-check-argument-to-remaining-run_command-ca.patch
Unescape View File

@ -0,0 +1,137 @@ @@ -0,0 +1,137 @@
From 5a35f08026cad007f460170fe6a3e43bd51f60f9 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Tue, 11 Jan 2022 10:56:22 +0100
Subject: [PATCH] meson: Add check argument to remaining run_command() calls

(cherry picked from commit 68a06b3cdfe35ff08092e139033edb4a5189a439)

Related: #2017035
---
man/meson.build | 2 +-
src/basic/meson.build | 2 +-
src/boot/efi/meson.build | 11 +++++++----
src/test/meson.build | 2 +-
test/fuzz/meson.build | 7 ++++---
test/meson.build | 8 +++++---
6 files changed, 19 insertions(+), 13 deletions(-)

diff --git a/man/meson.build b/man/meson.build
index a06a601767..710b4ca008 100644
--- a/man/meson.build
+++ b/man/meson.build
@@ -105,7 +105,7 @@ endforeach
############################################################
-have_lxml = run_command(xml_helper_py).returncode() == 0
+have_lxml = run_command(xml_helper_py, check: false).returncode() == 0
if not have_lxml
message('python-lxml not available, not making man page indices')
endif
diff --git a/src/basic/meson.build b/src/basic/meson.build
index 229ac97c69..5a9e13d741 100644
--- a/src/basic/meson.build
+++ b/src/basic/meson.build
@@ -384,7 +384,7 @@ filesystem_includes = ['linux/magic.h',
'linux/gfs2_ondisk.h']
check_filesystems = find_program('check-filesystems.sh')
-r = run_command([check_filesystems, cpp, 'filesystems-gperf.gperf'] + filesystem_includes)
+r = run_command([check_filesystems, cpp, 'filesystems-gperf.gperf'] + filesystem_includes, check: false)
if r.returncode() != 0
error('found unknown filesystem(s) defined in kernel headers:\n\n' + r.stdout())
r.stdout()
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 3e948281f2..fad92f09a1 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -57,8 +57,11 @@ endif
efi_libdir = ''
foreach dir : [get_option('efi-libdir'),
'/usr/lib/gnuefi' / efi_arch[0],
- run_command('realpath', '-e',
- '/usr/lib' / run_command(cc.cmd_array(), '-print-multi-os-directory').stdout().strip()).stdout().strip()]
+ run_command(
+ 'realpath', '-e',
+ '/usr/lib' / run_command(cc.cmd_array(), '-print-multi-os-directory', check: false).stdout().strip(),
+ check: false
+ ).stdout().strip()]
if dir != '' and fs.is_dir(dir)
efi_libdir = dir
break
@@ -125,7 +128,7 @@ elif get_option('sbat-distro') != ''
value = get_option(sbatvar[0])
if (value == '' or value == 'auto') and not meson.is_cross_build()
cmd = 'if [ -e /etc/os-release ]; then . /etc/os-release; else . /usr/lib/os-release; fi; echo $@0@'.format(sbatvar[1])
- value = run_command(sh, '-c', cmd).stdout().strip()
+ value = run_command(sh, '-c', cmd, check: true).stdout().strip()
endif
if value == ''
error('Required @0@ option not set and autodetection failed'.format(sbatvar[0]))
@@ -254,7 +257,7 @@ if efi_arch[1] == 'arm'
efi_ldflags += ['-Wl,--no-warn-mismatch']
endif
-if run_command('grep', '-q', '__CTOR_LIST__', efi_lds).returncode() == 0
+if run_command('grep', '-q', '__CTOR_LIST__', efi_lds, check: false).returncode() == 0
# fedora has a patched gnu-efi that adds support for ELF constructors.
# If ld is called by gcc something about these symbols breaks, resulting
# in sd-boot freezing when gnu-efi runs the constructors. Force defining
diff --git a/src/test/meson.build b/src/test/meson.build
index 9e224d69ce..75f78e2e1a 100644
--- a/src/test/meson.build
+++ b/src/test/meson.build
@@ -11,7 +11,7 @@ test_hashmap_ordered_c = custom_target(
test_include_dir = include_directories('.')
-path = run_command(sh, '-c', 'echo "$PATH"').stdout().strip()
+path = run_command(sh, '-c', 'echo "$PATH"', check: true).stdout().strip()
test_env = environment()
test_env.set('SYSTEMD_LANGUAGE_FALLBACK_MAP', language_fallback_map)
test_env.set('PATH', project_build_root + ':' + path)
diff --git a/test/fuzz/meson.build b/test/fuzz/meson.build
index 30e26b09cf..b4766de3eb 100644
--- a/test/fuzz/meson.build
+++ b/test/fuzz/meson.build
@@ -13,12 +13,13 @@ sanitize_address_undefined = custom_target(
sanitizers = [['address,undefined', sanitize_address_undefined]]
-if git.found()
+if git.found() and fs.exists(project_source_root / '.git')
out = run_command(env, '-u', 'GIT_WORK_TREE',
git, '--git-dir=@0@/.git'.format(project_source_root),
- 'ls-files', ':/test/fuzz/*/*')
+ 'ls-files', ':/test/fuzz/*/*',
+ check: true)
else
- out = run_command(sh, '-c', 'ls @0@/test/fuzz/*/*'.format(project_source_root))
+ out = run_command(sh, '-c', 'ls @0@/test/fuzz/*/*'.format(project_source_root), check: true)
endif
fuzz_regression_tests = []
diff --git a/test/meson.build b/test/meson.build
index 04ae9ebc78..baf94703ea 100644
--- a/test/meson.build
+++ b/test/meson.build
@@ -182,14 +182,16 @@ endif
if want_tests != 'false' and dmi_arches.contains(host_machine.cpu_family())
udev_dmi_memory_id_test = find_program('udev-dmi-memory-id-test.sh')
- if git.found()
+ if git.found() and fs.exists(project_source_root / '.git')
out = run_command(
env, '-u', 'GIT_WORK_TREE',
git, '--git-dir=@0@/.git'.format(project_source_root),
- 'ls-files', ':/test/dmidecode-dumps/*.bin')
+ 'ls-files', ':/test/dmidecode-dumps/*.bin',
+ check: true)
else
out = run_command(
- sh, '-c', 'ls @0@/test/dmidecode-dumps/*.bin'.format(project_source_root))
+ sh, '-c', 'ls @0@/test/dmidecode-dumps/*.bin'.format(project_source_root),
+ check: true)
endif
foreach p : out.stdout().split()

43
SOURCES/0061-meson-Use-echo-to-list-files.patch
Unescape View File

@ -0,0 +1,43 @@ @@ -0,0 +1,43 @@
From 5de4b00e4150080e68064fa1de003039a0901468 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Tue, 11 Jan 2022 11:27:27 +0100
Subject: [PATCH] meson: Use echo to list files

No need to invoke ls when we are just interested in file names.
Also, the cd to source root makes the output identical to
"git ls-files" (relative instead of absolute paths).

(cherry picked from commit 3a469802f4d7b0a59fe1644cb53d34aee4e56bab)

Related: #2017035
---
test/fuzz/meson.build | 2 +-
test/meson.build | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/fuzz/meson.build b/test/fuzz/meson.build
index b4766de3eb..39730a615c 100644
--- a/test/fuzz/meson.build
+++ b/test/fuzz/meson.build
@@ -19,7 +19,7 @@ if git.found() and fs.exists(project_source_root / '.git')
'ls-files', ':/test/fuzz/*/*',
check: true)
else
- out = run_command(sh, '-c', 'ls @0@/test/fuzz/*/*'.format(project_source_root), check: true)
+ out = run_command(sh, '-c', 'cd "@0@"; echo test/fuzz/*/*'.format(project_source_root), check: true)
endif
fuzz_regression_tests = []
diff --git a/test/meson.build b/test/meson.build
index baf94703ea..c5d8d6917b 100644
--- a/test/meson.build
+++ b/test/meson.build
@@ -190,7 +190,7 @@ if want_tests != 'false' and dmi_arches.contains(host_machine.cpu_family())
check: true)
else
out = run_command(
- sh, '-c', 'ls @0@/test/dmidecode-dumps/*.bin'.format(project_source_root),
+ sh, '-c', 'cd "@0@"; echo test/dmidecode-dumps/*.bin'.format(project_source_root),
check: true)
endif

63
SOURCES/0062-test-add-a-test-for-mkdir_p.patch
Unescape View File

@ -0,0 +1,63 @@ @@ -0,0 +1,63 @@
From 010c5dc6b7f18eba37f3df015b3e36b4f28bd559 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 2 Feb 2022 15:08:18 +0900
Subject: [PATCH] test: add a test for mkdir_p()

(cherry picked from commit 6f6b017b9bc69df3f3e308c36c95597002ce6e29)

Related: #2017035
---
src/test/meson.build | 2 ++
src/test/test-mkdir.c | 30 ++++++++++++++++++++++++++++++
2 files changed, 32 insertions(+)
create mode 100644 src/test/test-mkdir.c

diff --git a/src/test/meson.build b/src/test/meson.build
index 75f78e2e1a..14b7939b1f 100644
--- a/src/test/meson.build
+++ b/src/test/meson.build
@@ -193,6 +193,8 @@ tests += [
[files('test-macro.c')],
+ [files('test-mkdir.c')],
+
[files('test-json.c')],
[files('test-modhex.c')],
diff --git a/src/test/test-mkdir.c b/src/test/test-mkdir.c
new file mode 100644
index 0000000000..c715d5f096
--- /dev/null
+++ b/src/test/test-mkdir.c
@@ -0,0 +1,30 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <unistd.h>
+
+#include "mkdir.h"
+#include "path-util.h"
+#include "rm-rf.h"
+#include "tests.h"
+#include "tmpfile-util.h"
+
+TEST(mkdir_p) {
+ _cleanup_(rm_rf_physical_and_freep) char *tmp = NULL;
+ _cleanup_free_ char *p = NULL;
+
+ assert_se(mkdtemp_malloc("/tmp/test-mkdir-XXXXXX", &tmp) >= 0);
+
+ assert_se(p = path_join(tmp, "run"));
+ assert_se(mkdir_p(p, 0755) >= 0);
+
+ p = mfree(p);
+ assert_se(p = path_join(tmp, "var/run"));
+ assert_se(mkdir_parents(p, 0755) >= 0);
+ assert_se(symlink("../run", p) >= 0);
+
+ p = mfree(p);
+ assert_se(p = path_join(tmp, "var/run/hoge/foo/baz"));
+ assert_se(mkdir_p(p, 0755) >= 0);
+}
+
+DEFINE_TEST_MAIN(LOG_DEBUG);

32
SOURCES/0063-util-another-set-of-CVE-2021-4034-assert-s.patch
Unescape View File

@ -0,0 +1,32 @@ @@ -0,0 +1,32 @@
From c134e85526f160ad4392edb333caadc5e425957d Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 1 Feb 2022 12:06:21 +0100
Subject: [PATCH] util: another set of CVE-2021-4034 assert()s

It's a good idea that we validate argc/argv when we are supposed to
store them away.

(cherry picked from commit 007e03b284e8ffc0b92edb2122cd9d2d16f049ef)

Related: #2017035
---
src/basic/util.h | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/src/basic/util.h b/src/basic/util.h
index 94804f28e3..68ae3b51e0 100644
--- a/src/basic/util.h
+++ b/src/basic/util.h
@@ -9,6 +9,12 @@ extern int saved_argc;
extern char **saved_argv;
static inline void save_argc_argv(int argc, char **argv) {
+
+ /* Protect against CVE-2021-4034 style attacks */
+ assert_se(argc > 0);
+ assert_se(argv);
+ assert_se(argv[0]);
+
saved_argc = argc;
saved_argv = argv;
}

69
SOURCES/0064-basic-update-CIFS-magic.patch
Unescape View File

@ -0,0 +1,69 @@ @@ -0,0 +1,69 @@
From 75b23fa0a4916a228b2b66e73044378931862a49 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Sun, 30 Jan 2022 23:40:05 +0100
Subject: [PATCH] basic: update CIFS magic

Kernel commit dea2903719283c156b53741126228c4a1b40440f exposed (and
renamed) CIFS_MAGIC_NUMBER as CIFS_SUPER_MAGIC along with
SMB2_SUPER_MAGIC.

This fixes the following build fail on current Fedora Rawhide:
```
../src/basic/meson.build:389:8: ERROR: Problem encountered: found unknown filesystem(s) defined in kernel headers:

Filesystem found in kernel header but not in filesystems-gperf.gperf: CIFS_SUPER_MAGIC
Filesystem found in kernel header but not in filesystems-gperf.gperf: SMB2_SUPER_MAGIC
```

(cherry picked from commit bbe53713455be38c0a587626439fd171f28c77fc)

Related: #2017035
---
src/basic/filesystems-gperf.gperf | 4 ++--
src/basic/missing_magic.h | 11 ++++++++---
2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/basic/filesystems-gperf.gperf b/src/basic/filesystems-gperf.gperf
index 08c8c44510..e8c5357f91 100644
--- a/src/basic/filesystems-gperf.gperf
+++ b/src/basic/filesystems-gperf.gperf
@@ -40,7 +40,7 @@ ceph, {CEPH_SUPER_MAGIC}
cgroup2, {CGROUP2_SUPER_MAGIC}
# note that the cgroupfs magic got reassigned from cpuset
cgroup, {CGROUP_SUPER_MAGIC}
-cifs, {CIFS_MAGIC_NUMBER}
+cifs, {CIFS_SUPER_MAGIC, SMB2_SUPER_MAGIC}
coda, {CODA_SUPER_MAGIC}
configfs, {CONFIGFS_MAGIC}
cramfs, {CRAMFS_MAGIC}
@@ -109,7 +109,7 @@ selinuxfs, {SELINUX_MAGIC}
shiftfs, {SHIFTFS_MAGIC}
smackfs, {SMACK_MAGIC}
# smb3 is an alias for cifs
-smb3, {CIFS_MAGIC_NUMBER}
+smb3, {CIFS_SUPER_MAGIC}
# smbfs was removed from the kernel in 2010, the magic remains
smbfs, {SMB_SUPER_MAGIC}
sockfs, {SOCKFS_MAGIC}
diff --git a/src/basic/missing_magic.h b/src/basic/missing_magic.h
index 7d9320bb6d..c104fcfba3 100644
--- a/src/basic/missing_magic.h
+++ b/src/basic/missing_magic.h
@@ -38,9 +38,14 @@
#define XFS_SB_MAGIC 0x58465342
#endif
-/* Not exposed yet. Defined at fs/cifs/cifsglob.h */
-#ifndef CIFS_MAGIC_NUMBER
-#define CIFS_MAGIC_NUMBER 0xFF534D42
+/* dea2903719283c156b53741126228c4a1b40440f (5.17) */
+#ifndef CIFS_SUPER_MAGIC
+#define CIFS_SUPER_MAGIC 0xFF534D42
+#endif
+
+/* dea2903719283c156b53741126228c4a1b40440f (5.17) */
+#ifndef SMB2_SUPER_MAGIC
+#define SMB2_SUPER_MAGIC 0xFE534D42
#endif
/* 257f871993474e2bde6c497b54022c362cf398e1 (4.5) */

27
SOURCES/0065-shared-be-extra-paranoid-and-check-if-argc-0.patch
Unescape View File

@ -0,0 +1,27 @@ @@ -0,0 +1,27 @@
From 83845c85669084c4cd69fa8bfe60c57d36bb8713 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 28 Jan 2022 21:44:32 +0100
Subject: [PATCH] shared: be extra paranoid and check if argc > 0

and also if argv[0] is non-empty as a precaution for issues similar to
CVE-2021-4034.

(cherry picked from commit 1637e757070a61b12b26a2a4ef547330562dc77f)

Related: #2017035
---
src/shared/main-func.h | 1 +
1 file changed, 1 insertion(+)

diff --git a/src/shared/main-func.h b/src/shared/main-func.h
index 05cdffeec0..09103bace9 100644
--- a/src/shared/main-func.h
+++ b/src/shared/main-func.h
@@ -15,6 +15,7 @@
#define _DEFINE_MAIN_FUNCTION(intro, impl, ret) \
int main(int argc, char *argv[]) { \
int r; \
+ assert(argc > 0 && !isempty(argv[0])); \
save_argc_argv(argc, argv); \
intro; \
r = impl; \

27
SOURCES/0066-core-check-if-argc-0-and-argv-0-is-set.patch
Unescape View File

@ -0,0 +1,27 @@ @@ -0,0 +1,27 @@
From efe174ec51b9242101868e83f12cc1186fe1b71b Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 30 Jan 2022 17:54:55 +0900
Subject: [PATCH] core: check if argc > 0 and argv[0] is set

Follow-up for 1637e757070a61b12b26a2a4ef547330562dc77f.

(cherry picked from commit cf3095ac2bbdba3db0d8f7fa7afcee8b8c136201)

Related: #2017035
---
src/core/main.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/src/core/main.c b/src/core/main.c
index 7ea848ebeb..f315a44a08 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -2726,6 +2726,8 @@ int main(int argc, char *argv[]) {
Manager *m = NULL;
FDSet *fds = NULL;
+ assert(argc > 0 && !isempty(argv[0]));
+
/* SysV compatibility: redirect init → telinit */
redirect_telinit(argc, argv);

43
SOURCES/0067-core-check-argc-argv-uncoditionally.patch
Unescape View File

@ -0,0 +1,43 @@ @@ -0,0 +1,43 @@
From 43622b6eed32aece624a293167a6d705c08b8d03 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Sun, 30 Jan 2022 15:49:27 +0100
Subject: [PATCH] core: check argc/argv uncoditionally

as `assert()` might be dropped with `-DNDEBUG`.

Follow-up to cf3095a and 1637e75.

(cherry picked from commit 61b9769bda465f4832080e2a7a8285d247121d70)

Related: #2017035
---
src/core/main.c | 2 +-
src/shared/main-func.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/core/main.c b/src/core/main.c
index f315a44a08..cb3131c12a 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -2726,7 +2726,7 @@ int main(int argc, char *argv[]) {
Manager *m = NULL;
FDSet *fds = NULL;
- assert(argc > 0 && !isempty(argv[0]));
+ assert_se(argc > 0 && !isempty(argv[0]));
/* SysV compatibility: redirect init → telinit */
redirect_telinit(argc, argv);
diff --git a/src/shared/main-func.h b/src/shared/main-func.h
index 09103bace9..81a5c1813c 100644
--- a/src/shared/main-func.h
+++ b/src/shared/main-func.h
@@ -15,7 +15,7 @@
#define _DEFINE_MAIN_FUNCTION(intro, impl, ret) \
int main(int argc, char *argv[]) { \
int r; \
- assert(argc > 0 && !isempty(argv[0])); \
+ assert_se(argc > 0 && !isempty(argv[0])); \
save_argc_argv(argc, argv); \
intro; \
r = impl; \

48
SOURCES/0068-test-temporary-workaround-for-21819.patch
Unescape View File

@ -0,0 +1,48 @@ @@ -0,0 +1,48 @@
From d924e5c3014a65e059fd414b90893d320e1784bd Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 27 Jan 2022 22:51:15 +0100
Subject: [PATCH] test: temporary workaround for #21819

Since the TEST-64-UDEV-STORAGE fails are quite frequent now and the root
cause is yet to be discovered, let's add a kludge that attempts to retry
the test up to two more times in case it fails, so we don't
unnecessarily disturb CIs while the issue is being investigated.

Revert this commit once #21819 is sorted out.

(cherry picked from commit 95e35511bbdb7810c00c2e4a6cbda5b187192f74)

Related: #2017035
---
test/TEST-64-UDEV-STORAGE/test.sh | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/test/TEST-64-UDEV-STORAGE/test.sh b/test/TEST-64-UDEV-STORAGE/test.sh
index 0f26eaafeb..f784e65984 100755
--- a/test/TEST-64-UDEV-STORAGE/test.sh
+++ b/test/TEST-64-UDEV-STORAGE/test.sh
@@ -119,7 +119,6 @@ test_run() {
# Execute each currently defined function starting with "testcase_"
for testcase in "${TESTCASES[@]}"; do
- _image_cleanup
echo "------ $testcase: BEGIN ------"
# Note for my future frustrated self: `fun && xxx` (as well as ||, if, while,
# until, etc.) _DISABLES_ the `set -e` behavior in _ALL_ nested function
@@ -130,8 +129,14 @@ test_run() {
# So, be careful when adding clean up snippets in the testcase_*() functions -
# if the `test_run_one()` function isn't the last command, you have propagate
# the exit code correctly (e.g. `test_run_one() || return $?`, see below).
- ec=0
- "$testcase" "$test_id" || ec=$?
+
+ # FIXME: temporary workaround for intermittent fails in certain tests
+ # See: https://github.com/systemd/systemd/issues/21819
+ for ((_i = 0; _i < 3; _i++)); do
+ _image_cleanup
+ ec=0
+ "$testcase" "$test_id" && break || ec=$?
+ done
case $ec in
0)
passed+=("$testcase")

52
SOURCES/0069-test-don-t-leak-local-variable-to-outer-scopes.patch
Unescape View File

@ -0,0 +1,52 @@ @@ -0,0 +1,52 @@
From fe4bd1d397af0fef644c401ca5a94e4c82316b4c Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 27 Jan 2022 22:50:58 +0100
Subject: [PATCH] test: don't leak local variable to outer scopes

(cherry picked from commit 888d0bc074c6d11593d28c6a876787ae864604ea)

Related: #2017035
---
test/TEST-64-UDEV-STORAGE/test.sh | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/test/TEST-64-UDEV-STORAGE/test.sh b/test/TEST-64-UDEV-STORAGE/test.sh
index f784e65984..c360c8b661 100755
--- a/test/TEST-64-UDEV-STORAGE/test.sh
+++ b/test/TEST-64-UDEV-STORAGE/test.sh
@@ -171,6 +171,7 @@ testcase_megasas2_basic() {
return 77
fi
+ local i
local qemu_opts=(
"-device megasas-gen2,id=scsi0"
"-device megasas-gen2,id=scsi1"
@@ -197,6 +198,9 @@ testcase_nvme_basic() {
return 77
fi
+ local i
+ local qemu_opts=()
+
for i in {0..27}; do
qemu_opts+=(
"-device nvme,drive=nvme$i,serial=deadbeef$i,num_queues=8"
@@ -220,7 +224,7 @@ testcase_virtio_scsi_identically_named_partitions() {
# and attach them to a virtio-scsi controller
local qemu_opts=("-device virtio-scsi-pci,id=scsi0,num_queues=4")
local diskpath="${TESTDIR:?}/namedpart0.img"
- local lodev qemu_timeout
+ local i lodev qemu_timeout
dd if=/dev/zero of="$diskpath" bs=1M count=18
lodev="$(losetup --show -f -P "$diskpath")"
@@ -330,7 +334,7 @@ testcase_lvm_basic() {
fi
local qemu_opts=("-device ahci,id=ahci0")
- local diskpath
+ local diskpath i
# Attach 4 SATA disks to the VM (and set their model and serial fields
# to something predictable, so we can refer to them later)

208
SOURCES/0070-tree-wide-don-t-use-strjoina-on-getenv-values.patch
Unescape View File

@ -0,0 +1,208 @@ @@ -0,0 +1,208 @@
From 03bf37877f1c7045724cba12d69e93c8c411646e Mon Sep 17 00:00:00 2001
From: Anita Zhang <the.anitazha@gmail.com>
Date: Wed, 26 Jan 2022 10:53:40 -0800
Subject: [PATCH] tree-wide: don't use strjoina() on getenv() values

Avoid doing stack allocations on environment variables.

(cherry picked from commit 1d3b68f6e1538b6a86cbe3650d8b81df2877ef42)

Related: #2017035
---
src/basic/path-lookup.c | 8 ++++++--
src/core/dbus.c | 8 ++++++--
src/home/homed-home.c | 10 +++++++---
src/home/homed-manager.c | 26 ++++++++++++++++++--------
src/run/run.c | 7 +++++--
src/shared/pager.c | 9 +++++++--
6 files changed, 49 insertions(+), 19 deletions(-)

diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c
index 6fb8c40e7a..921a30cef7 100644
--- a/src/basic/path-lookup.c
+++ b/src/basic/path-lookup.c
@@ -238,7 +238,7 @@ static int acquire_generator_dirs(
char **generator_early,
char **generator_late) {
- _cleanup_free_ char *x = NULL, *y = NULL, *z = NULL;
+ _cleanup_free_ char *x = NULL, *y = NULL, *z = NULL, *p = NULL;
const char *prefix;
assert(generator);
@@ -261,7 +261,11 @@ static int acquire_generator_dirs(
if (!e)
return -ENXIO;
- prefix = strjoina(e, "/systemd");
+ p = path_join(e, "/systemd");
+ if (!p)
+ return -ENOMEM;
+
+ prefix = p;
}
x = path_join(prefix, "generator");
diff --git a/src/core/dbus.c b/src/core/dbus.c
index 2c5bda58f9..073675ceef 100644
--- a/src/core/dbus.c
+++ b/src/core/dbus.c
@@ -925,14 +925,18 @@ int bus_init_private(Manager *m) {
r = sockaddr_un_set_path(&sa.un, "/run/systemd/private");
} else {
- const char *e, *joined;
+ _cleanup_free_ char *joined = NULL;
+ const char *e;
e = secure_getenv("XDG_RUNTIME_DIR");
if (!e)
return log_error_errno(SYNTHETIC_ERRNO(EHOSTDOWN),
"XDG_RUNTIME_DIR is not set, refusing.");
- joined = strjoina(e, "/systemd/private");
+ joined = path_join(e, "/systemd/private");
+ if (!joined)
+ return log_oom();
+
r = sockaddr_un_set_path(&sa.un, joined);
}
if (r < 0)
diff --git a/src/home/homed-home.c b/src/home/homed-home.c
index 470c7f07f6..1340cf30d3 100644
--- a/src/home/homed-home.c
+++ b/src/home/homed-home.c
@@ -1185,14 +1185,18 @@ static int home_start_work(Home *h, const char *verb, UserRecord *hr, UserRecord
if (r < 0)
return r;
if (r == 0) {
+ _cleanup_free_ char *joined = NULL;
const char *homework, *suffix, *unix_path;
/* Child */
suffix = getenv("SYSTEMD_HOME_DEBUG_SUFFIX");
- if (suffix)
- unix_path = strjoina("/run/systemd/home/notify.", suffix);
- else
+ if (suffix) {
+ joined = strjoin("/run/systemd/home/notify.", suffix);
+ if (!joined)
+ return log_oom();
+ unix_path = joined;
+ } else
unix_path = "/run/systemd/home/notify";
if (setenv("NOTIFY_SOCKET", unix_path, 1) < 0) {
diff --git a/src/home/homed-manager.c b/src/home/homed-manager.c
index 6c178b8a0e..c1ec555cac 100644
--- a/src/home/homed-manager.c
+++ b/src/home/homed-manager.c
@@ -936,6 +936,7 @@ int manager_enumerate_images(Manager *m) {
}
static int manager_connect_bus(Manager *m) {
+ _cleanup_free_ char *b = NULL;
const char *suffix, *busname;
int r;
@@ -955,9 +956,12 @@ static int manager_connect_bus(Manager *m) {
return r;
suffix = getenv("SYSTEMD_HOME_DEBUG_SUFFIX");
- if (suffix)
- busname = strjoina("org.freedesktop.home1.", suffix);
- else
+ if (suffix) {
+ b = strjoin("org.freedesktop.home1.", suffix);
+ if (!b)
+ return log_oom();
+ busname = b;
+ } else
busname = "org.freedesktop.home1";
r = sd_bus_request_name_async(m->bus, NULL, busname, 0, NULL, NULL);
@@ -974,6 +978,7 @@ static int manager_connect_bus(Manager *m) {
}
static int manager_bind_varlink(Manager *m) {
+ _cleanup_free_ char *p = NULL;
const char *suffix, *socket_path;
int r;
@@ -999,9 +1004,12 @@ static int manager_bind_varlink(Manager *m) {
/* To make things easier to debug, when working from a homed managed home directory, let's optionally
* use a different varlink socket name */
suffix = getenv("SYSTEMD_HOME_DEBUG_SUFFIX");
- if (suffix)
- socket_path = strjoina("/run/systemd/userdb/io.systemd.Home.", suffix);
- else
+ if (suffix) {
+ p = strjoin("/run/systemd/userdb/io.systemd.Home.", suffix);
+ if (!p)
+ return log_oom();
+ socket_path = p;
+ } else
socket_path = "/run/systemd/userdb/io.systemd.Home";
r = varlink_server_listen_address(m->varlink_server, socket_path, 0666);
@@ -1159,9 +1167,11 @@ static int manager_listen_notify(Manager *m) {
suffix = getenv("SYSTEMD_HOME_DEBUG_SUFFIX");
if (suffix) {
- const char *unix_path;
+ _cleanup_free_ char *unix_path = NULL;
- unix_path = strjoina("/run/systemd/home/notify.", suffix);
+ unix_path = strjoin("/run/systemd/home/notify.", suffix);
+ if (!unix_path)
+ return log_oom();
r = sockaddr_un_set_path(&sa.un, unix_path);
if (r < 0)
return log_error_errno(r, "Socket path %s does not fit in sockaddr_un: %m", unix_path);
diff --git a/src/run/run.c b/src/run/run.c
index ff24373847..e75b027542 100644
--- a/src/run/run.c
+++ b/src/run/run.c
@@ -794,9 +794,12 @@ static int transient_service_set_properties(sd_bus_message *m, const char *pty_p
e = getenv("TERM");
if (e) {
- char *n;
+ _cleanup_free_ char *n = NULL;
+
+ n = strjoin("TERM=", e);
+ if (!n)
+ return log_oom();
- n = strjoina("TERM=", e);
r = sd_bus_message_append(m,
"(sv)",
"Environment", "as", 1, n);
diff --git a/src/shared/pager.c b/src/shared/pager.c
index f75ef62d2d..9426d3ef98 100644
--- a/src/shared/pager.c
+++ b/src/shared/pager.c
@@ -86,6 +86,7 @@ static int no_quit_on_interrupt(int exe_name_fd, const char *less_opts) {
void pager_open(PagerFlags flags) {
_cleanup_close_pair_ int fd[2] = { -1, -1 }, exe_name_pipe[2] = { -1, -1 };
_cleanup_strv_free_ char **pager_args = NULL;
+ _cleanup_free_ char *l = NULL;
const char *pager, *less_opts;
int r;
@@ -131,8 +132,12 @@ void pager_open(PagerFlags flags) {
less_opts = getenv("SYSTEMD_LESS");
if (!less_opts)
less_opts = "FRSXMK";
- if (flags & PAGER_JUMP_TO_END)
- less_opts = strjoina(less_opts, " +G");
+ if (flags & PAGER_JUMP_TO_END) {
+ l = strjoin(less_opts, " +G");
+ if (!l)
+ return (void) log_oom();
+ less_opts = l;
+ }
/* We set SIGINT as PR_DEATHSIG signal here, to match the "K" parameter we set in $LESS, which enables SIGINT behaviour. */
r = safe_fork("(pager)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGINT|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pager_pid);

83
SOURCES/0071-man-clarify-Environmentfile-format.patch
Unescape View File

@ -0,0 +1,83 @@ @@ -0,0 +1,83 @@
From 05ea18897aeafa1f2d47c5eae6c43bdd6ff71b9d Mon Sep 17 00:00:00 2001
From: Yonathan Randolph <yonathan@gmail.com>
Date: Sun, 26 Dec 2021 17:12:00 -0800
Subject: [PATCH] man: clarify Environmentfile format

Remove incorrect claim that C escapes (such as \t and \n) are recognized and that control characters are disallowed. Specify the allowed characters and escapes with single quotes, with double quotes, and without quotes.

(cherry picked from commit 4bbcde8498eb59557ebddd7830efb47c0297ff4b)

Related: #2017035
---
man/systemd.exec.xml | 51 ++++++++++++++++++++++++++++----------------
1 file changed, 33 insertions(+), 18 deletions(-)

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index cd21d5b28d..69858d5e59 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -2485,18 +2485,39 @@ SystemCallErrorNumber=EPERM</programlisting>
<varlistentry>
<term><varname>EnvironmentFile=</varname></term>
- <listitem><para>Similar to <varname>Environment=</varname> but reads the environment variables from a text
- file. The text file should contain new-line-separated variable assignments. Empty lines, lines without an
- <literal>=</literal> separator, or lines starting with ; or # will be ignored, which may be used for
- commenting. A line ending with a backslash will be concatenated with the following one, allowing multiline
- variable definitions. The parser strips leading and trailing whitespace from the values of assignments, unless
- you use double quotes (").</para>
-
- <para><ulink url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C escapes</ulink>
- are supported, but not
- <ulink url="https://en.wikipedia.org/wiki/Control_character#In_ASCII">most control characters</ulink>.
- <literal>\t</literal> and <literal>\n</literal> can be used to insert tabs and newlines within
- <varname>EnvironmentFile=</varname>.</para>
+ <listitem><para>Similar to <varname>Environment=</varname> but reads the environment variables from a text file.
+ The text file should contain newline-separated variable assignments. Empty lines, lines without an
+ <literal>=</literal> separator, or lines starting with <literal>;</literal> or <literal>#</literal> will be
+ ignored, which may be used for commenting. The file must be UTF-8 encoded. Valid characters are <ulink
+ url="https://www.unicode.org/glossary/#unicode_scalar_value">unicode scalar values</ulink> other than <ulink
+ url="https://www.unicode.org/glossary/#noncharacter">noncharacters</ulink>, U+0000 NUL, and U+FEFF <ulink
+ url="https://www.unicode.org/glossary/#byte_order_mark">byte order mark</ulink>. Control codes other than NUL
+ are allowed.</para>
+
+ <para>In the file, an unquoted value after the <literal>=</literal> is parsed with the same backslash-escape
+ rules as <ulink
+ url="https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_02_01">unquoted
+ text</ulink> in a POSIX shell, but unlike in a shell, interior whitespace is preserved and quotes after the
+ first non-whitespace character are preserved. Leading and trailing whitespace (space, tab, carriage return) is
+ discarded, but interior whitespace within the line is preserved verbatim. A line ending with a backslash will be
+ continued to the following one, with the newline itself discarded. A backslash
+ <literal>\</literal> followed by any character other than newline will preserve the following character, so that
+ <literal>\\</literal> will become the value <literal>\</literal>.</para>
+
+ <para>In the file, a <literal>'</literal>-quoted value after the <literal>=</literal> can span multiple lines
+ and contain any character verbatim other than single quote, like <ulink
+ url="https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_02_02">single-quoted
+ text</ulink> in a POSIX shell. No backslash-escape sequences are recognized. Leading and trailing whitespace
+ outside of the single quotes is discarded.</para>
+
+ <para>In the file, a <literal>"</literal>-quoted value after the <literal>=</literal> can span multiple lines,
+ and the same escape sequences are recognized as in <ulink
+ url="https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_02_03">double-quoted
+ text</ulink> of a POSIX shell. Backslash (<literal>\</literal>) followed by any of <literal>"\`$</literal> will
+ preserve that character. A backslash followed by newline is a line continuation, and the newline itself is
+ discarded. A backslash followed by any other character is ignored; both the backslash and the following
+ character are preserved verbatim. Leading and trailing whitespace outside of the double quotes is
+ discarded.</para>
<para>The argument passed should be an absolute filename or wildcard expression, optionally prefixed with
<literal>-</literal>, which indicates that if the file does not exist, it will not be read and no error or
@@ -2529,12 +2550,6 @@ SystemCallErrorNumber=EPERM</programlisting>
<para>Variables set for invoked processes due to this setting are subject to being overridden by those
configured with <varname>Environment=</varname> or <varname>EnvironmentFile=</varname>.</para>
- <para><ulink url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C escapes</ulink>
- are supported, but not
- <ulink url="https://en.wikipedia.org/wiki/Control_character#In_ASCII">most control characters</ulink>.
- <literal>\t</literal> and <literal>\n</literal> can be used to insert tabs and newlines within
- <varname>EnvironmentFile=</varname>.</para>
-
<para>Example:
<programlisting>PassEnvironment=VAR1 VAR2 VAR3</programlisting>
passes three variables <literal>VAR1</literal>,

88
SOURCES/0072-test-load-fragment-add-a-basic-test-for-config_parse.patch
Unescape View File

@ -0,0 +1,88 @@ @@ -0,0 +1,88 @@
From 01df4d485c8a6f3493a83a2a61572e9f2bccb649 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 09:39:55 +0100
Subject: [PATCH] test-load-fragment: add a basic test for
config_parse_unit_env_file()

(cherry picked from commit 3ef86964ed151aa2464701eef46d665adfd70895)

Related: #2017035
---
src/test/test-load-fragment.c | 64 +++++++++++++++++++++++++++++++++++
1 file changed, 64 insertions(+)

diff --git a/src/test/test-load-fragment.c b/src/test/test-load-fragment.c
index 1bd68c7e0a..fbe4744333 100644
--- a/src/test/test-load-fragment.c
+++ b/src/test/test-load-fragment.c
@@ -773,6 +773,70 @@ TEST(config_parse_pass_environ) {
assert_se(streq(passenv[0], "normal_name"));
}
+TEST(config_parse_unit_env_file) {
+ /* int config_parse_unit_env_file(
+ const char *unit,
+ const char *filename,
+ unsigned line,
+ const char *section,
+ unsigned section_line,
+ const char *lvalue,
+ int ltype,
+ const char *rvalue,
+ void *data,
+ void *userdata) */
+
+ _cleanup_(manager_freep) Manager *m = NULL;
+ Unit *u;
+ _cleanup_strv_free_ char **files = NULL;
+ int r;
+
+ r = manager_new(UNIT_FILE_USER, MANAGER_TEST_RUN_MINIMAL, &m);
+ if (manager_errno_skip_test(r)) {
+ log_notice_errno(r, "Skipping test: manager_new: %m");
+ return;
+ }
+
+ assert_se(r >= 0);
+ assert_se(manager_startup(m, NULL, NULL, NULL) >= 0);
+
+ assert_se(u = unit_new(m, sizeof(Service)));
+ assert_se(unit_add_name(u, "foobar.service") == 0);
+
+ r = config_parse_unit_env_file(u->id, "fake", 1, "section", 1,
+ "EnvironmentFile", 0, "not-absolute",
+ &files, u);
+ assert_se(r == 0);
+ assert_se(strv_length(files) == 0);
+
+ r = config_parse_unit_env_file(u->id, "fake", 1, "section", 1,
+ "EnvironmentFile", 0, "/absolute1",
+ &files, u);
+ assert_se(r == 0);
+ assert_se(strv_length(files) == 1);
+
+ r = config_parse_unit_env_file(u->id, "fake", 1, "section", 1,
+ "EnvironmentFile", 0, "/absolute2",
+ &files, u);
+ assert_se(r == 0);
+ assert_se(strv_length(files) == 2);
+ assert_se(streq(files[0], "/absolute1"));
+ assert_se(streq(files[1], "/absolute2"));
+
+ r = config_parse_unit_env_file(u->id, "fake", 1, "section", 1,
+ "EnvironmentFile", 0, "",
+ &files, u);
+ assert_se(r == 0);
+ assert_se(strv_isempty(files));
+
+ r = config_parse_unit_env_file(u->id, "fake", 1, "section", 1,
+ "EnvironmentFile", 0, "/path/%n.conf",
+ &files, u);
+ assert_se(r == 0);
+ assert_se(strv_length(files) == 1);
+ assert_se(streq(files[0], "/path/foobar.service.conf"));
+}
+
TEST(unit_dump_config_items) {
unit_dump_config_items(stdout);
}

119
SOURCES/0073-core-execute-use-_cleanup_-in-exec_context_load_envi.patch
Unescape View File

@ -0,0 +1,119 @@ @@ -0,0 +1,119 @@
From 65aca6d552b69af81fe9588720194e0b86a160fb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 09:51:19 +0100
Subject: [PATCH] core/execute: use _cleanup_ in
exec_context_load_environment()

Also rename variables.

(cherry picked from commit 398a5009169fdc0c4eb147692c0cd929b9fe4c84)

Related: #2017035
---
src/core/execute.c | 51 +++++++++++++++++++---------------------------
1 file changed, 21 insertions(+), 30 deletions(-)

diff --git a/src/core/execute.c b/src/core/execute.c
index 16f346f339..2ab65e9cfe 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -5363,20 +5363,18 @@ static int exec_context_named_iofds(
return targets == 0 ? 0 : -ENOENT;
}
-static int exec_context_load_environment(const Unit *unit, const ExecContext *c, char ***l) {
- char **i, **r = NULL;
+static int exec_context_load_environment(const Unit *unit, const ExecContext *c, char ***ret) {
+ _cleanup_strv_free_ char **v = NULL;
+ char **i;
+ int r;
assert(c);
- assert(l);
+ assert(ret);
STRV_FOREACH(i, c->environment_files) {
- char *fn;
- int k;
- bool ignore = false;
- char **p;
_cleanup_globfree_ glob_t pglob = {};
-
- fn = *i;
+ bool ignore = false;
+ char *fn = *i;
if (fn[0] == '-') {
ignore = true;
@@ -5386,33 +5384,30 @@ static int exec_context_load_environment(const Unit *unit, const ExecContext *c,
if (!path_is_absolute(fn)) {
if (ignore)
continue;
-
- strv_free(r);
return -EINVAL;
}
/* Filename supports globbing, take all matching files */
- k = safe_glob(fn, 0, &pglob);
- if (k < 0) {
+ r = safe_glob(fn, 0, &pglob);
+ if (r < 0) {
if (ignore)
continue;
-
- strv_free(r);
- return k;
+ return r;
}
/* When we don't match anything, -ENOENT should be returned */
assert(pglob.gl_pathc > 0);
for (unsigned n = 0; n < pglob.gl_pathc; n++) {
- k = load_env_file(NULL, pglob.gl_pathv[n], &p);
- if (k < 0) {
+ _cleanup_strv_free_ char **p = NULL;
+
+ r = load_env_file(NULL, pglob.gl_pathv[n], &p);
+ if (r < 0) {
if (ignore)
continue;
-
- strv_free(r);
- return k;
+ return r;
}
+
/* Log invalid environment variables with filename */
if (p) {
InvalidEnvInfo info = {
@@ -5423,23 +5418,19 @@ static int exec_context_load_environment(const Unit *unit, const ExecContext *c,
p = strv_env_clean_with_callback(p, invalid_env, &info);
}
- if (!r)
- r = p;
+ if (!v)
+ v = TAKE_PTR(p);
else {
- char **m;
-
- m = strv_env_merge(r, p);
- strv_free(r);
- strv_free(p);
+ char **m = strv_env_merge(v, p);
if (!m)
return -ENOMEM;
- r = m;
+ strv_free_and_replace(v, m);
}
}
}
- *l = r;
+ *ret = TAKE_PTR(v);
return 0;
}

118
SOURCES/0074-test-env-file-add-tests-for-quoting-in-env-files.patch
Unescape View File

@ -0,0 +1,118 @@ @@ -0,0 +1,118 @@
From 402854a52a0a659fd914279eae17b4e065a9c294 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 10:15:50 +0100
Subject: [PATCH] test-env-file: add tests for quoting in env files

(cherry picked from commit e9e982a29d52834375e5fb553cecb45bc905cf91)

Related: #2017035
---
src/test/test-env-file.c | 68 +++++++++++++++++++++++++++++-----------
1 file changed, 50 insertions(+), 18 deletions(-)

diff --git a/src/test/test-env-file.c b/src/test/test-env-file.c
index 6cc2455c1f..7b132447bf 100644
--- a/src/test/test-env-file.c
+++ b/src/test/test-env-file.c
@@ -13,11 +13,11 @@
"a=a\n" \
"b=b\\\n" \
"c\n" \
- "d=d\\\n" \
- "e\\\n" \
- "f\n" \
+ "d= d\\\n" \
+ "e \\\n" \
+ "f \n" \
"g=g\\ \n" \
- "h=h\n" \
+ "h= ąęół\\ śćńźżµ \n" \
"i=i\\"
#define env_file_2 \
@@ -26,22 +26,34 @@
#define env_file_3 \
"#SPAMD_ARGS=\"-d --socketpath=/var/lib/bulwark/spamd \\\n" \
"#--nouser-config \\\n" \
- "normal=line"
-
-#define env_file_4 \
- "# Generated\n" \
- "\n" \
- "HWMON_MODULES=\"coretemp f71882fg\"\n" \
- "\n" \
- "# For compatibility reasons\n" \
- "\n" \
- "MODULE_0=coretemp\n" \
- "MODULE_1=f71882fg"
+ "normal=line \\\n" \
+ ";normal=ignored \\\n" \
+ "normal_ignored \\\n" \
+ "normal ignored \\\n"
+
+#define env_file_4 \
+ "# Generated\n" \
+ "\n" \
+ "HWMON_MODULES=\"coretemp f71882fg\"\n" \
+ "\n" \
+ "# For compatibility reasons\n" \
+ "\n" \
+ "MODULE_0=coretemp\n" \
+ "MODULE_1=f71882fg"
#define env_file_5 \
- "a=\n" \
+ "a=\n" \
"b="
+#define env_file_6 \
+ "a=\\ \\n \\t \\x \\y \\' \n" \
+ "b= \\$' \n" \
+ "c= ' \\n\\t\\$\\`\\\\\n" \
+ "' \n" \
+ "d= \" \\n\\t\\$\\`\\\\\n" \
+ "\" \n"
+
+
TEST(load_env_file_1) {
_cleanup_strv_free_ char **data = NULL;
int r;
@@ -57,9 +69,9 @@ TEST(load_env_file_1) {
assert_se(r == 0);
assert_se(streq(data[0], "a=a"));
assert_se(streq(data[1], "b=bc"));
- assert_se(streq(data[2], "d=def"));
+ assert_se(streq(data[2], "d=de f"));
assert_se(streq(data[3], "g=g "));
- assert_se(streq(data[4], "h=h"));
+ assert_se(streq(data[4], "h=ąęół śćńźżµ"));
assert_se(streq(data[5], "i=i"));
assert_se(data[6] == NULL);
}
@@ -133,6 +145,26 @@ TEST(load_env_file_5) {
assert_se(data[2] == NULL);
}
+TEST(load_env_file_6) {
+ _cleanup_strv_free_ char **data = NULL;
+ int r;
+
+ _cleanup_(unlink_tempfilep) char name[] = "/tmp/test-load-env-file.XXXXXX";
+ _cleanup_close_ int fd;
+
+ fd = mkostemp_safe(name);
+ assert_se(fd >= 0);
+ assert_se(write(fd, env_file_6, strlen(env_file_6)) == strlen(env_file_6));
+
+ r = load_env_file(NULL, name, &data);
+ assert_se(r == 0);
+ assert_se(streq(data[0], "a= n t x y '"));
+ assert_se(streq(data[1], "b=$'"));
+ assert_se(streq(data[2], "c= \\n\\t\\$\\`\\\\\n"));
+ assert_se(streq(data[3], "d= \\n\\t$`\\\n"));
+ assert_se(data[4] == NULL);
+}
+
TEST(write_and_load_env_file) {
const char *v;

275
SOURCES/0075-core-shorten-long-unit-names-that-are-based-on-paths.patch
Unescape View File

@ -0,0 +1,275 @@ @@ -0,0 +1,275 @@
From 4bc17b038971160f94321c7be9cd924b256d9ef8 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Tue, 15 Mar 2022 19:02:05 +0100
Subject: [PATCH] core: shorten long unit names that are based on paths and
append path hash at the end

Fixes #18077

(cherry picked from commit 1d0727e76fd5e9a07cc9991ec9a10ea1d78a99c7)

Resolves: #2083493
---
src/basic/string-util.h | 23 ++++++-----
src/basic/unit-name.c | 86 ++++++++++++++++++++++++++++++++++++++-
src/basic/unit-name.h | 3 ++
src/core/mount.c | 3 ++
src/test/test-unit-name.c | 26 ++++++++++--
5 files changed, 125 insertions(+), 16 deletions(-)

diff --git a/src/basic/string-util.h b/src/basic/string-util.h
index a1d88fbb95..ffb69e69cc 100644
--- a/src/basic/string-util.h
+++ b/src/basic/string-util.h
@@ -10,17 +10,18 @@
#include "string-util-fundamental.h"
/* What is interpreted as whitespace? */
-#define WHITESPACE " \t\n\r"
-#define NEWLINE "\n\r"
-#define QUOTES "\"\'"
-#define COMMENTS "#;"
-#define GLOB_CHARS "*?["
-#define DIGITS "0123456789"
-#define LOWERCASE_LETTERS "abcdefghijklmnopqrstuvwxyz"
-#define UPPERCASE_LETTERS "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-#define LETTERS LOWERCASE_LETTERS UPPERCASE_LETTERS
-#define ALPHANUMERICAL LETTERS DIGITS
-#define HEXDIGITS DIGITS "abcdefABCDEF"
+#define WHITESPACE " \t\n\r"
+#define NEWLINE "\n\r"
+#define QUOTES "\"\'"
+#define COMMENTS "#;"
+#define GLOB_CHARS "*?["
+#define DIGITS "0123456789"
+#define LOWERCASE_LETTERS "abcdefghijklmnopqrstuvwxyz"
+#define UPPERCASE_LETTERS "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+#define LETTERS LOWERCASE_LETTERS UPPERCASE_LETTERS
+#define ALPHANUMERICAL LETTERS DIGITS
+#define HEXDIGITS DIGITS "abcdefABCDEF"
+#define LOWERCASE_HEXDIGITS DIGITS "abcdef"
static inline char* strstr_ptr(const char *haystack, const char *needle) {
if (!haystack || !needle)
diff --git a/src/basic/unit-name.c b/src/basic/unit-name.c
index 671e30a53f..6cba8ba140 100644
--- a/src/basic/unit-name.c
+++ b/src/basic/unit-name.c
@@ -5,12 +5,17 @@
#include <stdint.h>
#include <stdlib.h>
+#include "sd-id128.h"
+
#include "alloc-util.h"
#include "glob-util.h"
#include "hexdecoct.h"
#include "memory-util.h"
#include "path-util.h"
+#include "random-util.h"
+#include "sparse-endian.h"
#include "special.h"
+#include "stdio-util.h"
#include "string-util.h"
#include "strv.h"
#include "unit-name.h"
@@ -31,6 +36,9 @@
VALID_CHARS_WITH_AT \
"[]!-*?"
+#define LONG_UNIT_NAME_HASH_KEY SD_ID128_MAKE(ec,f2,37,fb,58,32,4a,32,84,9f,06,9b,0d,21,eb,9a)
+#define UNIT_NAME_HASH_LENGTH_CHARS 16
+
bool unit_name_is_valid(const char *n, UnitNameFlags flags) {
const char *e, *i, *at;
@@ -507,6 +515,68 @@ int unit_name_template(const char *f, char **ret) {
return 0;
}
+bool unit_name_is_hashed(const char *name) {
+ char *s;
+
+ if (!unit_name_is_valid(name, UNIT_NAME_PLAIN))
+ return false;
+
+ assert_se(s = strrchr(name, '.'));
+
+ if (s - name < UNIT_NAME_HASH_LENGTH_CHARS + 1)
+ return false;
+
+ s -= UNIT_NAME_HASH_LENGTH_CHARS;
+ if (s[-1] != '_')
+ return false;
+
+ for (size_t i = 0; i < UNIT_NAME_HASH_LENGTH_CHARS; i++)
+ if (!strchr(LOWERCASE_HEXDIGITS, s[i]))
+ return false;
+
+ return true;
+}
+
+int unit_name_hash_long(const char *name, char **ret) {
+ _cleanup_free_ char *n = NULL, *hash = NULL;
+ char *suffix;
+ le64_t h;
+ size_t len;
+
+ if (strlen(name) < UNIT_NAME_MAX)
+ return -EMSGSIZE;
+
+ suffix = strrchr(name, '.');
+ if (!suffix)
+ return -EINVAL;
+
+ if (unit_type_from_string(suffix+1) < 0)
+ return -EINVAL;
+
+ h = htole64(siphash24_string(name, LONG_UNIT_NAME_HASH_KEY.bytes));
+
+ hash = hexmem(&h, sizeof(h));
+ if (!hash)
+ return -ENOMEM;
+
+ assert_se(strlen(hash) == UNIT_NAME_HASH_LENGTH_CHARS);
+
+ len = UNIT_NAME_MAX - 1 - strlen(suffix+1) - UNIT_NAME_HASH_LENGTH_CHARS - 2;
+ assert(len > 0 && len < UNIT_NAME_MAX);
+
+ n = strndup(name, len);
+ if (!n)
+ return -ENOMEM;
+
+ if (!strextend(&n, "_", hash, suffix))
+ return -ENOMEM;
+ assert_se(unit_name_is_valid(n, UNIT_NAME_PLAIN));
+
+ *ret = TAKE_PTR(n);
+
+ return 0;
+}
+
int unit_name_from_path(const char *path, const char *suffix, char **ret) {
_cleanup_free_ char *p = NULL, *s = NULL;
int r;
@@ -526,8 +596,17 @@ int unit_name_from_path(const char *path, const char *suffix, char **ret) {
if (!s)
return -ENOMEM;
- if (strlen(s) >= UNIT_NAME_MAX) /* Return a slightly more descriptive error for this specific condition */
- return -ENAMETOOLONG;
+ if (strlen(s) >= UNIT_NAME_MAX) {
+ _cleanup_free_ char *n = NULL;
+
+ log_debug("Unit name \"%s\" too long, falling back to hashed unit name.", s);
+
+ r = unit_name_hash_long(s, &n);
+ if (r < 0)
+ return r;
+
+ free_and_replace(s, n);
+ }
/* Refuse if this for some other reason didn't result in a valid name */
if (!unit_name_is_valid(s, UNIT_NAME_PLAIN))
@@ -581,6 +660,9 @@ int unit_name_to_path(const char *name, char **ret) {
if (r < 0)
return r;
+ if (unit_name_is_hashed(name))
+ return -ENAMETOOLONG;
+
return unit_name_path_unescape(prefix, ret);
}
diff --git a/src/basic/unit-name.h b/src/basic/unit-name.h
index b62b3e034e..eaa701e9f6 100644
--- a/src/basic/unit-name.h
+++ b/src/basic/unit-name.h
@@ -44,6 +44,9 @@ int unit_name_replace_instance(const char *f, const char *i, char **ret);
int unit_name_template(const char *f, char **ret);
+int unit_name_hash_long(const char *name, char **ret);
+bool unit_name_is_hashed(const char *name);
+
int unit_name_from_path(const char *path, const char *suffix, char **ret);
int unit_name_from_path_instance(const char *prefix, const char *path, const char *suffix, char **ret);
int unit_name_to_path(const char *name, char **ret);
diff --git a/src/core/mount.c b/src/core/mount.c
index 4d407ca4e5..d63884e47e 100644
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -622,6 +622,9 @@ static int mount_add_extras(Mount *m) {
if (!m->where) {
r = unit_name_to_path(u->id, &m->where);
+ if (r == -ENAMETOOLONG)
+ log_unit_error_errno(u, r, "Failed to derive mount point path from unit name, because unit name is hashed. "
+ "Set \"Where=\" in the unit file explicitly.");
if (r < 0)
return r;
}
diff --git a/src/test/test-unit-name.c b/src/test/test-unit-name.c
index 8cd0e0b4a1..b6137333aa 100644
--- a/src/test/test-unit-name.c
+++ b/src/test/test-unit-name.c
@@ -106,6 +106,7 @@ TEST(unit_name_replace_instance) {
static void test_unit_name_from_path_one(const char *path, const char *suffix, const char *expected, int ret) {
_cleanup_free_ char *t = NULL;
+ int r;
assert_se(unit_name_from_path(path, suffix, &t) == ret);
puts(strna(t));
@@ -113,12 +114,31 @@ static void test_unit_name_from_path_one(const char *path, const char *suffix, c
if (t) {
_cleanup_free_ char *k = NULL;
- assert_se(unit_name_to_path(t, &k) == 0);
+
+ /* We don't support converting hashed unit names back to paths */
+ r = unit_name_to_path(t, &k);
+ if (r == -ENAMETOOLONG)
+ return;
+ assert(r == 0);
+
puts(strna(k));
assert_se(path_equal(k, empty_to_root(path)));
}
}
+TEST(unit_name_is_hashed) {
+ assert_se(!unit_name_is_hashed(""));
+ assert_se(!unit_name_is_hashed("foo@bar.service"));
+ assert_se(!unit_name_is_hashed("foo@.service"));
+ assert_se(unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736d9ed33c2ec55.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736D9ED33C2EC55.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!7736d9ed33c2ec55.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736d9gd33c2ec55.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_2103e1466b87f7f7@waldo.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_2103e1466b87f7f7@.mount"));
+}
+
TEST(unit_name_from_path) {
test_unit_name_from_path_one("/waldo", ".mount", "waldo.mount", 0);
test_unit_name_from_path_one("/waldo/quuix", ".mount", "waldo-quuix.mount", 0);
@@ -128,7 +148,8 @@ TEST(unit_name_from_path) {
test_unit_name_from_path_one("///", ".mount", "-.mount", 0);
test_unit_name_from_path_one("/foo/../bar", ".mount", NULL, -EINVAL);
test_unit_name_from_path_one("/foo/./bar", ".mount", "foo-bar.mount", 0);
- test_unit_name_from_path_one("/waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", ".mount", NULL, -ENAMETOOLONG);
+ test_unit_name_from_path_one("/waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", ".mount",
+ "waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736d9ed33c2ec55.mount", 0);
}
static void test_unit_name_from_path_instance_one(const char *pattern, const char *path, const char *suffix, const char *expected, int ret) {
@@ -156,7 +177,6 @@ TEST(unit_name_from_path_instance) {
test_unit_name_from_path_instance_one("waldo", "..", ".mount", NULL, -EINVAL);
test_unit_name_from_path_instance_one("waldo", "/foo", ".waldi", NULL, -EINVAL);
test_unit_name_from_path_instance_one("wa--ldo", "/--", ".mount", "wa--ldo@\\x2d\\x2d.mount", 0);
- test_unit_name_from_path_instance_one("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "/waldo", ".mount", NULL, -ENAMETOOLONG);
}
static void test_unit_name_to_path_one(const char *unit, const char *path, int ret) {

42
SOURCES/0076-tests-add-test-case-for-long-unit-names.patch
Unescape View File

@ -0,0 +1,42 @@ @@ -0,0 +1,42 @@
From 1121def1f02c847df894611e171a1025f859fb3d Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 23 Mar 2022 13:35:44 +0100
Subject: [PATCH] tests: add test case for long unit names

(cherry picked from commit 2ef0101e0b2813e8c99fc8f137dbaa763ca16057)

Related: #2083493
---
test/units/testsuite-60.sh | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)

diff --git a/test/units/testsuite-60.sh b/test/units/testsuite-60.sh
index eb174f00ed..239d7b0d4c 100755
--- a/test/units/testsuite-60.sh
+++ b/test/units/testsuite-60.sh
@@ -8,6 +8,25 @@ systemd-analyze log-target journal
NUM_DIRS=20
+# make sure we can handle mounts at very long paths such that mount unit name must be hashed to fall within our unit name limit
+LONGPATH="$(printf "/$(printf "x%0.s" {1..255})%0.s" {1..7})"
+LONGMNT="$(systemd-escape --suffix=mount --path "$LONGPATH")"
+TS="$(date '+%H:%M:%S')"
+
+mkdir -p "$LONGPATH"
+mount -t tmpfs tmpfs "$LONGPATH"
+systemctl daemon-reload
+
+# check that unit is active(mounted)
+systemctl --no-pager show -p SubState --value "$LONGPATH" | grep -q mounted
+
+# check that relevant part of journal doesn't contain any errors related to unit
+[ "$(journalctl -b --since="$TS" --priority=err | grep -c "$LONGMNT")" = "0" ]
+
+# check that we can successfully stop the mount unit
+systemctl stop "$LONGPATH"
+rm -rf "$LONGPATH"
+
# mount/unmount enough times to trigger the /proc/self/mountinfo parsing rate limiting
for ((i = 0; i < NUM_DIRS; i++)); do

37
SOURCES/0077-tests-reflect-that-we-can-now-handle-devices-with-ve.patch
Unescape View File

@ -0,0 +1,37 @@ @@ -0,0 +1,37 @@
From 87e45d9c58c74ae7ba46f99a3f0e2db39cf345ff Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 24 Mar 2022 19:24:16 +0100
Subject: [PATCH] tests: reflect that we can now handle devices with very long
sysfs paths

(cherry picked from commit b26f4f0028e27b6ad46ef9af56aac7571caa3a25)

Related: #2083493
---
test/units/testsuite-64.sh | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/test/units/testsuite-64.sh b/test/units/testsuite-64.sh
index dc8b263b10..218b2ee8d1 100755
--- a/test/units/testsuite-64.sh
+++ b/test/units/testsuite-64.sh
@@ -674,6 +674,7 @@ testcase_long_sysfs_path() {
echo "UUID=deadbeef-dead-dead-beef-222222222222 $mpoint ext4 defaults 0 0" >>/etc/fstab
systemctl daemon-reload
mount "$mpoint"
+ systemctl status "$mpoint"
test -e "$mpoint/test"
umount "$mpoint"
@@ -684,9 +685,9 @@ testcase_long_sysfs_path() {
udevadm settle
logfile="$(mktemp)"
- journalctl -b -q --no-pager -o short-monotonic -p info --grep "Device path.*vda.?' too long to fit into unit name"
+ [[ "$(journalctl -b -q --no-pager -o short-monotonic -p info --grep "Device path.*vda.?' too long to fit into unit name" | wc -l)" -eq 0 ]]
# Make sure we don't unnecessarily spam the log
- journalctl -b -q --no-pager -o short-monotonic -p info --grep "/sys/devices/.+/vda[0-9]?" _PID=1 + UNIT=systemd-udevd.service | tee "$logfile"
+ { journalctl -b -q --no-pager -o short-monotonic -p info --grep "/sys/devices/.+/vda[0-9]?" _PID=1 + UNIT=systemd-udevd.service || :;} | tee "$logfile"
[[ "$(wc -l <"$logfile")" -lt 10 ]]
: >/etc/fstab

63
SOURCES/0078-test-extend-the-hashed-unit-names-coverage-a-bit.patch
Unescape View File

@ -0,0 +1,63 @@ @@ -0,0 +1,63 @@
From c9fe9526f07ad24d29842fa853ee458b68660896 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 22 Apr 2022 18:03:14 +0200
Subject: [PATCH] test: extend the "hashed" unit names coverage a bit

Follow-up to #22759.

(cherry picked from commit 98f8c316389177169c6599e67010ebb1789a6b26)

Related: #2083493
---
test/units/testsuite-64.sh | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/test/units/testsuite-64.sh b/test/units/testsuite-64.sh
index 218b2ee8d1..5f9aeee261 100755
--- a/test/units/testsuite-64.sh
+++ b/test/units/testsuite-64.sh
@@ -646,7 +646,7 @@ testcase_iscsi_lvm() {
}
testcase_long_sysfs_path() {
- local link logfile mpoint
+ local cursor link logfile mpoint
local expected_symlinks=(
"/dev/disk/by-label/data_vol"
"/dev/disk/by-label/swap_vol"
@@ -657,6 +657,12 @@ testcase_long_sysfs_path() {
"/dev/disk/by-uuid/deadbeef-dead-dead-beef-222222222222"
)
+ # Create a cursor file to skip messages generated by udevd in initrd, as it
+ # might not be the same up-to-date version as we currently run (hence generating
+ # messages we check for later and making the test fail)
+ cursor="$(mktemp)"
+ journalctl --cursor-file="${cursor:?}" -n0 -q
+
# Make sure the test device is connected and show its "wonderful" path
stat /sys/block/vda
readlink -f /sys/block/vda/dev
@@ -685,13 +691,20 @@ testcase_long_sysfs_path() {
udevadm settle
logfile="$(mktemp)"
- [[ "$(journalctl -b -q --no-pager -o short-monotonic -p info --grep "Device path.*vda.?' too long to fit into unit name" | wc -l)" -eq 0 ]]
+ # Check state of affairs after https://github.com/systemd/systemd/pull/22759
+ # Note: can't use `--cursor-file` here, since we don't want to update the cursor
+ # after using it
+ [[ "$(journalctl --after-cursor="$(<"$cursor")" -q --no-pager -o short-monotonic -p info --grep "Device path.*vda.?' too long to fit into unit name" | wc -l)" -eq 0 ]]
+ [[ "$(journalctl --after-cursor="$(<"$cursor")" -q --no-pager -o short-monotonic --grep "Unit name .*vda.?\.device\" too long, falling back to hashed unit name" | wc -l)" -gt 0 ]]
+ # Check if the respective "hashed" units exist and are active (plugged)
+ systemctl status --no-pager "$(readlink -f /sys/block/vda/vda1)"
+ systemctl status --no-pager "$(readlink -f /sys/block/vda/vda2)"
# Make sure we don't unnecessarily spam the log
{ journalctl -b -q --no-pager -o short-monotonic -p info --grep "/sys/devices/.+/vda[0-9]?" _PID=1 + UNIT=systemd-udevd.service || :;} | tee "$logfile"
[[ "$(wc -l <"$logfile")" -lt 10 ]]
: >/etc/fstab
- rm -fr "${logfile:?}" "${mpoint:?}"
+ rm -fr "${cursor:?}" "${logfile:?}" "${mpoint:?}"
}
: >/failed

29
SOURCES/0079-Revert-kernel-install-also-remove-modules.builtin.al.patch
Unescape View File

@ -0,0 +1,29 @@ @@ -0,0 +1,29 @@
From 17f516c0714e05d3dea7f168304286658aead870 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 17 Mar 2022 12:35:35 +0100
Subject: [PATCH] Revert "kernel-install: also remove
modules.builtin.alias.bin"

This reverts commit fdcb1bf67371615f12c4b11283f2bd6a25bda019.

Related: #2065061

[msekleta: this revert is done in order to make backporting easier,
patch will be reapplied later.]
---
src/kernel-install/50-depmod.install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index fd00c43632..2fd959865f 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -36,7 +36,7 @@ case "$COMMAND" in
remove)
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "Removing /lib/modules/${KERNEL_VERSION}/modules.dep and associated files"
- exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin{,.alias}.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
+ exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
;;
*)
exit 0

29
SOURCES/0080-Revert-kernel-install-prefer-boot-over-boot-efi-for-.patch
Unescape View File

@ -0,0 +1,29 @@ @@ -0,0 +1,29 @@
From 3fae5c22831288c075e371e67ecc91968ab60d63 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 17 Mar 2022 12:37:57 +0100
Subject: [PATCH] Revert "kernel-install: prefer /boot over /boot/efi for
$BOOT_ROOT"

This reverts commit d0e98b7a1211412dccfcf4dcd2cc0772ac70b304.

Related: #2065061

[msekleta: this revert is done in order to make backporting easier,
patch will be reapplied later.]
---
src/kernel-install/kernel-install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index d85852532b..b358b03b2f 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -108,7 +108,7 @@ fi
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
- for pref in "/efi" "/boot" "/boot/efi" ; do
+ for pref in "/efi" "/boot/efi" "/boot"; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
break 2

60
SOURCES/0081-kernel-install-50-depmod-port-to-bin-sh.patch
Unescape View File

@ -0,0 +1,60 @@ @@ -0,0 +1,60 @@
From d90268728f268f4e5291d29bc2b899137cd7ddf5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:35:17 +0100
Subject: [PATCH] kernel-install: 50-depmod: port to /bin/sh

(cherry picked from commit b3ceb3d9fff69b33b8665a0137f5177f72c45cc0)

Related: #2065061
---
src/kernel-install/50-depmod.install | 28 +++++++++++++++-------------
1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index 2fd959865f..aa1f6b8e0e 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -20,23 +20,25 @@
COMMAND="$1"
KERNEL_VERSION="$2"
-ENTRY_DIR_ABS="$3"
-KERNEL_IMAGE="$4"
-INITRD_OPTIONS_START="5"
-
-[[ $KERNEL_VERSION ]] || exit 1
case "$COMMAND" in
add)
- [[ -d "/lib/modules/${KERNEL_VERSION}/kernel" ]] || exit 0
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Running depmod -a ${KERNEL_VERSION}"
- exec depmod -a "${KERNEL_VERSION}"
+ [ -d "/lib/modules/$KERNEL_VERSION/kernel" ] || exit 0
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+depmod -a $KERNEL_VERSION"
+ exec depmod -a "$KERNEL_VERSION"
;;
remove)
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Removing /lib/modules/${KERNEL_VERSION}/modules.dep and associated files"
- exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Removing /lib/modules/$KERNEL_VERSION/modules.dep and associated files"
+ exec rm -f \
+ "/lib/modules/$KERNEL_VERSION/modules.alias" \
+ "/lib/modules/$KERNEL_VERSION/modules.alias.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.builtin.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.dep" \
+ "/lib/modules/$KERNEL_VERSION/modules.dep.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.devname" \
+ "/lib/modules/$KERNEL_VERSION/modules.softdep" \
+ "/lib/modules/$KERNEL_VERSION/modules.symbols" \
+ "/lib/modules/$KERNEL_VERSION/modules.symbols.bin"
;;
*)
exit 0

181
SOURCES/0082-kernel-install-90-loaderentry-port-to-bin-sh.patch
Unescape View File

@ -0,0 +1,181 @@ @@ -0,0 +1,181 @@
From 7b05dc8184e1a459d0a073dfe569560681525980 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:35:33 +0100
Subject: [PATCH] kernel-install: 90-loaderentry: port to /bin/sh

Also, forward the rm -f exit code on removal instead of swallowing it

(cherry picked from commit 662f45e3ea9f6e933234b81bec532d584bda6ead)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 110 +++++++++-------------
1 file changed, 45 insertions(+), 65 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 044eced3f0..35324e69a9 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -22,68 +22,53 @@ COMMAND="$1"
KERNEL_VERSION="$2"
ENTRY_DIR_ABS="$3"
KERNEL_IMAGE="$4"
-INITRD_OPTIONS_START="5"
+INITRD_OPTIONS_SHIFT=4
-if ! [[ $KERNEL_INSTALL_MACHINE_ID ]]; then
- exit 0
-fi
-
-if [ "$KERNEL_INSTALL_LAYOUT" != "bls" ]; then
- exit 0
-fi
+[ "$KERNEL_INSTALL_LAYOUT" = "bls" ] || exit 0
MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
BOOT_ROOT="$KERNEL_INSTALL_BOOT_ROOT"
BOOT_MNT="$(stat -c %m "$BOOT_ROOT")"
-if [[ "$BOOT_MNT" == '/' ]]; then
+if [ "$BOOT_MNT" = '/' ]; then
ENTRY_DIR="$ENTRY_DIR_ABS"
else
ENTRY_DIR="${ENTRY_DIR_ABS#$BOOT_MNT}"
fi
-if [[ $COMMAND == remove ]]; then
- rm -f "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf"
- rm -f "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
- exit 0
-fi
-
-if ! [[ $COMMAND == add ]]; then
- exit 1
-fi
-
-if ! [[ $KERNEL_IMAGE ]]; then
- exit 1
-fi
+case "$COMMAND" in
+ remove)
+ exec rm -f \
+ "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
+ "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
+ ;;
+ add)
+ ;;
+ *)
+ exit 1
+ ;;
+esac
-if [[ -f /etc/os-release ]]; then
+if [ -r /etc/os-release ]; then
. /etc/os-release
-elif [[ -f /usr/lib/os-release ]]; then
+elif [ -r /usr/lib/os-release ]; then
. /usr/lib/os-release
fi
-if ! [[ $PRETTY_NAME ]]; then
- PRETTY_NAME="Linux $KERNEL_VERSION"
-fi
+[ -n "$PRETTY_NAME" ] || PRETTY_NAME="Linux $KERNEL_VERSION"
-if [[ -f /etc/kernel/cmdline ]]; then
- read -r -d '' -a BOOT_OPTIONS < /etc/kernel/cmdline
-elif [[ -f /usr/lib/kernel/cmdline ]]; then
- read -r -d '' -a BOOT_OPTIONS < /usr/lib/kernel/cmdline
+if [ -r /etc/kernel/cmdline ]; then
+ BOOT_OPTIONS="$(tr -s "$IFS" ' ' </etc/kernel/cmdline)"
+elif [ -r /usr/lib/kernel/cmdline ]; then
+ BOOT_OPTIONS="$(tr -s "$IFS" ' ' </usr/lib/kernel/cmdline)"
else
- declare -a BOOT_OPTIONS
-
- read -r -d '' -a line < /proc/cmdline
- for i in "${line[@]}"; do
- [[ "${i#initrd=*}" != "$i" ]] && continue
- [[ "${i#BOOT_IMAGE=*}" != "$i" ]] && continue
- BOOT_OPTIONS+=("$i")
- done
+ BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
+BOOT_OPTIONS="${BOOT_OPTIONS% }"
-if [[ -f /etc/kernel/tries ]]; then
+if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
- if ! [[ "$TRIES" =~ ^[0-9]+$ ]] ; then
+ if ! echo "$TRIES" | grep -q '^[0-9][0-9]*$'; then
echo "/etc/kernel/tries does not contain an integer." >&2
exit 1
fi
@@ -106,43 +91,38 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
exit 1
}
-INITRD_OPTIONS=( "${@:${INITRD_OPTIONS_START}}" )
-
-for initrd in "${INITRD_OPTIONS[@]}"; do
- if [[ -f "${initrd}" ]]; then
- initrd_basename="$(basename ${initrd})"
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Installing $ENTRY_DIR_ABS/${initrd_basename}"
- install -g root -o root -m 0644 "${initrd}" "$ENTRY_DIR_ABS/${initrd_basename}" || {
- echo "Could not copy '${initrd}' to '$ENTRY_DIR_ABS/${initrd_basename}'." >&2
- exit 1
- }
- fi
-done
+shift "$INITRD_OPTIONS_SHIFT"
+for initrd; do
+ [ -f "$initrd" ] || continue
-# If no initrd option is supplied, fall back to "initrd" which is
-# the name used by dracut when generating it in its kernel-install hook
-[[ ${#INITRD_OPTIONS[@]} == 0 ]] && INITRD_OPTIONS=( initrd )
+ initrd_basename="${initrd##*/}"
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
+ install -g root -o root -m 0644 "$initrd" "$ENTRY_DIR_ABS/$initrd_basename" || {
+ echo "Could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
+ exit 1
+ }
+done
mkdir -p "${LOADER_ENTRY%/*}" || {
echo "Could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
exit 1
}
-[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Creating $LOADER_ENTRY"
+# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
+[ $# -eq 0 ] && set -- "initrd"
+
+[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Creating $LOADER_ENTRY"
{
echo "title $PRETTY_NAME"
echo "version $KERNEL_VERSION"
echo "machine-id $MACHINE_ID"
- echo "options ${BOOT_OPTIONS[*]}"
+ echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
- for initrd in "${INITRD_OPTIONS[@]}"; do
- [[ -f $ENTRY_DIR_ABS/$(basename ${initrd}) ]] && \
- echo "initrd $ENTRY_DIR/$(basename ${initrd})"
+ for initrd; do
+ [ -f "$ENTRY_DIR_ABS/${initrd##*/}" ] && echo "initrd $ENTRY_DIR/${initrd##*/}"
done
:
-} > "$LOADER_ENTRY" || {
+} >"$LOADER_ENTRY" || {
echo "Could not create loader entry '$LOADER_ENTRY'." >&2
exit 1
}

82
SOURCES/0083-kernel-install-fix-shellcheck.patch
Unescape View File

@ -0,0 +1,82 @@ @@ -0,0 +1,82 @@
From 52f6eedb3bb4dc7a57fea6a8991b9058dedc8edc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:37:53 +0100
Subject: [PATCH] kernel-install: fix shellcheck

(cherry picked from commit 0bb1cb1fce5ebf307501dec1679e37f0c0157be9)

Related: #2065061
---
src/kernel-install/kernel-install | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index b358b03b2f..f6da0cf7a8 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -26,8 +26,8 @@ usage()
echo " $0 [OPTIONS...] add KERNEL-VERSION KERNEL-IMAGE [INITRD-FILE ...]"
echo " $0 [OPTIONS...] remove KERNEL-VERSION"
echo "Options:"
- echo " -h,--help Print this help"
- echo " -v,--verbose Increase verbosity"
+ echo " -h, --help Print this help"
+ echo " -v, --verbose Increase verbosity"
}
dropindirs_sort()
@@ -58,15 +58,15 @@ dropindirs_sort()
export LC_COLLATE=C
-for i in "$@"; do
- if [ "$i" == "--help" -o "$i" == "-h" ]; then
+for i; do
+ if [ "$i" = "--help" ] || [ "$i" = "-h" ]; then
usage
exit 0
fi
done
KERNEL_INSTALL_VERBOSE=0
-if [ "$1" == "--verbose" -o "$1" == "-v" ]; then
+if [ "$1" = "--verbose" ] || [ "$1" = "-v" ]; then
shift
KERNEL_INSTALL_VERBOSE=1
fi
@@ -185,13 +185,13 @@ case $COMMAND in
for f in "${PLUGINS[@]}"; do
if [[ -x $f ]]; then
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[@]}"
+ echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[*]}"
"$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "${INITRD_OPTIONS[@]}"
x=$?
- if [[ $x == $SKIP_REMAINING ]]; then
+ if [ $x -eq "$SKIP_REMAINING" ]; then
break
fi
- ((ret+=$x))
+ ((ret+=x))
fi
done
;;
@@ -203,10 +203,10 @@ case $COMMAND in
echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
"$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
x=$?
- if [[ $x == $SKIP_REMAINING ]]; then
+ if [ $x -eq "$SKIP_REMAINING" ]; then
break
fi
- ((ret+=$x))
+ ((ret+=x))
fi
done
@@ -222,4 +222,4 @@ case $COMMAND in
;;
esac
-exit $ret
+exit "$ret"

205
SOURCES/0084-kernel-install-port-to-bin-sh.patch
Unescape View File

@ -0,0 +1,205 @@ @@ -0,0 +1,205 @@
From 1f9eec4ab2a8a2213fec66194c537086e8242a0d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 15:06:06 +0100
Subject: [PATCH] kernel-install: port to /bin/sh

(cherry picked from commit 76b1274a5cb54acaa4a0f0c2e570d751f9067c06)

Related: #2065061
---
src/kernel-install/kernel-install | 109 ++++++++++++------------------
1 file changed, 43 insertions(+), 66 deletions(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index f6da0cf7a8..2e8f382d5f 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -18,7 +18,7 @@
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
-SKIP_REMAINING=77
+skip_remaining=77
usage()
{
@@ -32,24 +32,17 @@ usage()
dropindirs_sort()
{
- local suffix=$1; shift
- local -a files
- local f d i
-
- readarray -t files <<<"$(
- for d in "$@"; do
- for i in "$d/"*"$suffix"; do
- if [[ -e "$i" ]]; then
- echo "${i##*/}"
- fi
- done
- done | sort -Vu
- )"
-
- for f in "${files[@]}"; do
- for d in "$@"; do
- if [[ -e "$d/$f" ]]; then
- echo "$d/$f"
+ suffix="$1"
+ shift
+
+ for d; do
+ for i in "$d/"*"$suffix"; do
+ [ -e "$i" ] && echo "${i##*/}"
+ done
+ done | sort -Vu | while read -r f; do
+ for d; do
+ if [ -e "$d/$f" ]; then
+ [ -x "$d/$f" ] && echo "$d/$f"
continue 2
fi
done
@@ -65,27 +58,25 @@ for i; do
fi
done
-KERNEL_INSTALL_VERBOSE=0
+export KERNEL_INSTALL_VERBOSE=0
if [ "$1" = "--verbose" ] || [ "$1" = "-v" ]; then
shift
KERNEL_INSTALL_VERBOSE=1
fi
-export KERNEL_INSTALL_VERBOSE
-if [[ "${0##*/}" == 'installkernel' ]]; then
- COMMAND='add'
- # make install doesn't pass any parameter wrt initrd handling
- INITRD_OPTIONS=()
+if [ "${0##*/}" = "installkernel" ]; then
+ COMMAND=add
+ # make install doesn't pass any initrds
else
COMMAND="$1"
- shift
- INITRD_OPTIONS=( "${@:3}" )
+ [ $# -ge 1 ] && shift
fi
KERNEL_VERSION="$1"
KERNEL_IMAGE="$2"
+[ $# -ge 2 ] && shift 2
-if [[ ! $COMMAND ]] || [[ ! $KERNEL_VERSION ]]; then
+if [ -z "$COMMAND" ] || [ -z "$KERNEL_VERSION" ]; then
echo "Not enough arguments" >&2
exit 1
fi
@@ -99,12 +90,11 @@ fi
# Prefer to use an existing machine ID from /etc/machine-info or /etc/machine-id. If we're using the machine
# ID /etc/machine-id, try to persist it in /etc/machine-info. If no machine ID is found, try to generate
# a new machine ID in /etc/machine-info. If that fails, use "Default".
-
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-info ] && source /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
-[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
+[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
[ -z "$MACHINE_ID" ] && NEW_MACHINE_ID="$(systemd-id128 new)" && echo "KERNEL_INSTALL_MACHINE_ID=$NEW_MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-info ] && source /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
@@ -125,11 +115,6 @@ done
[ -z "$BOOT_ROOT" ] && BOOT_ROOT="/boot"
-ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
-
-export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
-export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
-
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.
if [ -d "$BOOT_ROOT/$MACHINE_ID" ]; then
@@ -152,21 +137,23 @@ MAKE_ENTRY_DIR_ABS=$?
ret=0
-readarray -t PLUGINS <<<"$(
+PLUGINS="$(
dropindirs_sort ".install" \
"/etc/kernel/install.d" \
"/usr/lib/kernel/install.d"
)"
+IFS="
+"
-case $COMMAND in
+case "$COMMAND" in
add)
- if [[ ! "$KERNEL_IMAGE" ]]; then
+ if [ -z "$KERNEL_IMAGE" ]; then
echo "Command 'add' requires an argument" >&2
exit 1
fi
- if [[ ! -f "$KERNEL_IMAGE" ]]; then
- echo "Kernel image argument ${KERNEL_IMAGE} not a file" >&2
+ if ! [ -f "$KERNEL_IMAGE" ]; then
+ echo "Kernel image argument $KERNEL_IMAGE not a file" >&2
exit 1
fi
@@ -182,32 +169,22 @@ case $COMMAND in
fi
fi
- for f in "${PLUGINS[@]}"; do
- if [[ -x $f ]]; then
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[*]}"
- "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "${INITRD_OPTIONS[@]}"
- x=$?
- if [ $x -eq "$SKIP_REMAINING" ]; then
- break
- fi
- ((ret+=x))
- fi
+ for f in $PLUGINS; do
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE $*"
+ "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "$@"
+ err=$?
+ [ $err -eq $skip_remaining ] && break
+ ret=$(( ret + err ))
done
;;
remove)
- for f in "${PLUGINS[@]}"; do
- if [[ -x $f ]]; then
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
- "$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
- x=$?
- if [ $x -eq "$SKIP_REMAINING" ]; then
- break
- fi
- ((ret+=x))
- fi
+ for f in $PLUGINS; do
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
+ "$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
+ err=$?
+ [ $err -eq $skip_remaining ] && break
+ ret=$(( ret + err ))
done
if [ "$MAKE_ENTRY_DIR_ABS" -eq 0 ]; then

51
SOURCES/0085-kernel-install-90-loaderentry-error-out-on-nonexiste.patch
Unescape View File

@ -0,0 +1,51 @@ @@ -0,0 +1,51 @@
From bc1c914ebdec526151964c1aa3c2aeea0d4e2680 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Fri, 17 Dec 2021 19:51:12 +0100
Subject: [PATCH] kernel-install: 90-loaderentry: error out on nonexistent
initrds instead of swallowing them quietly

(cherry picked from commit 742561efbe938c45936f2e4f5d81b3ff6b352882)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 35324e69a9..e588e72bf9 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -93,7 +93,10 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
shift "$INITRD_OPTIONS_SHIFT"
for initrd; do
- [ -f "$initrd" ] || continue
+ [ -f "$initrd" ] || {
+ echo "Initrd '$initrd' not a file." >&2
+ exit 1
+ }
initrd_basename="${initrd##*/}"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
@@ -108,9 +111,6 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
exit 1
}
-# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
-[ $# -eq 0 ] && set -- "initrd"
-
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Creating $LOADER_ENTRY"
{
echo "title $PRETTY_NAME"
@@ -119,8 +119,10 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
for initrd; do
- [ -f "$ENTRY_DIR_ABS/${initrd##*/}" ] && echo "initrd $ENTRY_DIR/${initrd##*/}"
+ echo "initrd $ENTRY_DIR/${initrd##*/}"
done
+ # Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
+ [ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
echo "Could not create loader entry '$LOADER_ENTRY'." >&2

68
SOURCES/0086-kernel-install-don-t-pull-out-KERNEL_IMAGE.patch
Unescape View File

@ -0,0 +1,68 @@ @@ -0,0 +1,68 @@
From 8a52c3a1797084956ddcd2acfb65a4023a4f0655 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Mon, 20 Dec 2021 14:57:39 +0100
Subject: [PATCH] kernel-install: don't pull out KERNEL_IMAGE

It's part of the pack directly passed to scripts on add and ignored on
remove

(cherry picked from commit af319a4b14bd05cd4c8460487f2c6d7a31b35640)

Related: #2065061
---
src/kernel-install/kernel-install | 21 ++++++++++-----------
1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 2e8f382d5f..097d6557f2 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -72,15 +72,14 @@ else
[ $# -ge 1 ] && shift
fi
-KERNEL_VERSION="$1"
-KERNEL_IMAGE="$2"
-[ $# -ge 2 ] && shift 2
-
-if [ -z "$COMMAND" ] || [ -z "$KERNEL_VERSION" ]; then
+if [ $# -lt 1 ]; then
echo "Not enough arguments" >&2
exit 1
fi
+KERNEL_VERSION="$1"
+shift
+
if [ -r "/etc/kernel/install.conf" ]; then
. /etc/kernel/install.conf
elif [ -r "/usr/lib/kernel/install.conf" ]; then
@@ -147,13 +146,13 @@ IFS="
case "$COMMAND" in
add)
- if [ -z "$KERNEL_IMAGE" ]; then
- echo "Command 'add' requires an argument" >&2
+ if [ $# -lt 1 ]; then
+ echo "Command 'add' requires a kernel image" >&2
exit 1
fi
- if ! [ -f "$KERNEL_IMAGE" ]; then
- echo "Kernel image argument $KERNEL_IMAGE not a file" >&2
+ if ! [ -f "$1" ]; then
+ echo "Kernel image argument $1 not a file" >&2
exit 1
fi
@@ -170,8 +169,8 @@ case "$COMMAND" in
fi
for f in $PLUGINS; do
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE $*"
- "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "$@"
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $*"
+ "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$@"
err=$?
[ $err -eq $skip_remaining ] && break
ret=$(( ret + err ))

32
SOURCES/0087-kernel-install-prefer-boot-over-boot-efi-for-BOOT_RO.patch
Unescape View File

@ -0,0 +1,32 @@ @@ -0,0 +1,32 @@
From 8bcb1df836fccb5ddb6fb071b022bfd490f94e11 Mon Sep 17 00:00:00 2001
From: Adam Williamson <awilliam@redhat.com>
Date: Wed, 5 Jan 2022 14:07:14 -0800
Subject: [PATCH] kernel-install: prefer /boot over /boot/efi for $BOOT_ROOT

This restores the preference order from before 9e82a74. The code
previous to that change 'preferred' /boot over /boot/efi; that
commit changed it to check /boot/efi before checking /boot.
Changing this precedence could (and did, for me) have unexpected
effects - it seems safer to leave it how it was.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
(cherry picked from commit a5307e173bf86d695fe85b8e15e91126e8618a14)

Related: #2065061
---
src/kernel-install/kernel-install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 097d6557f2..e56483ef96 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -97,7 +97,7 @@ fi
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
- for pref in "/efi" "/boot/efi" "/boot"; do
+ for pref in "/efi" "/boot" "/boot/efi" ; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
break 2

26
SOURCES/0088-kernel-install-also-remove-modules.builtin.alias.bin.patch
Unescape View File

@ -0,0 +1,26 @@ @@ -0,0 +1,26 @@
From 491f0e55e1f1095b1d52d45e5753d5f1ea621231 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sat, 15 Jan 2022 03:37:40 +0900
Subject: [PATCH] kernel-install: also remove modules.builtin.alias.bin

Fixes RHBZ#2016630.

(cherry picked from commit 06006691b5c56b6123044179d934b3ed81c237ca)

Related: #2065061
---
src/kernel-install/50-depmod.install | 1 +
1 file changed, 1 insertion(+)

diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index aa1f6b8e0e..be414f39d1 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -33,6 +33,7 @@ case "$COMMAND" in
"/lib/modules/$KERNEL_VERSION/modules.alias" \
"/lib/modules/$KERNEL_VERSION/modules.alias.bin" \
"/lib/modules/$KERNEL_VERSION/modules.builtin.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.builtin.alias.bin" \
"/lib/modules/$KERNEL_VERSION/modules.dep" \
"/lib/modules/$KERNEL_VERSION/modules.dep.bin" \
"/lib/modules/$KERNEL_VERSION/modules.devname" \

77
SOURCES/0089-kernel-install-add-new-variable-KERNEL_INSTALL_INITR.patch
Unescape View File

@ -0,0 +1,77 @@ @@ -0,0 +1,77 @@
From 931ae9749924a396a78044f8b1536085ff574ae6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 18 Jan 2022 17:40:13 +0100
Subject: [PATCH] kernel-install: add new variable
$KERNEL_INSTALL_INITRD_GENERATOR

The idea is that when not set, we do whatever we did in the past. But
with a new setting of initrd_generator=mkosi-initrd, mkosi-initrd will
generate an initrd.

(cherry picked from commit 5c1b257faf87cb4f93aee8866f45a8cb98230af9)

Related: #2065061
---
man/kernel-install.xml | 6 +++++-
src/kernel-install/install.conf | 1 +
src/kernel-install/kernel-install | 5 ++++-
3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/man/kernel-install.xml b/man/kernel-install.xml
index 83255bb932..bb76074d2e 100644
--- a/man/kernel-install.xml
+++ b/man/kernel-install.xml
@@ -171,11 +171,15 @@
<para><varname>KERNEL_INSTALL_BOOT_ROOT=</varname> is set for the plugins to the root directory (mount point, usually) of the hierarchy
where boot-loader entries, kernel images, and associated resources should be placed. Can be overridden by setting <varname>BOOT_ROOT=</varname>.</para>
- <para><varname>KERNEL_INSTALL_LAYOUT=bls|other|...</varname> specifies the installation layout.
+ <para><varname>KERNEL_INSTALL_LAYOUT=bls|other|...</varname> is set for the plugins to specify the installation layout.
Defaults to <option>bls</option> if <filename>$BOOT/<replaceable>MACHINE-ID</replaceable></filename> exists, or <option>other</option> otherwise.
Additional layout names may be defined by convention. If a plugin uses a special layout,
it's encouraged to declare its own layout name and configure <varname>layout=</varname> in <filename>install.conf</filename> upon initial installation.</para>
+ <para><varname>KERNEL_INSTALL_INITRD_GENERATOR=...</varname> is set for plugins to select the initrd generator.
+ This should be configured as <varname>initrd_generator=</varname> in <filename>install.conf</filename>.
+ </para>
+
<variablelist>
<varlistentry>
<term>bls</term>
diff --git a/src/kernel-install/install.conf b/src/kernel-install/install.conf
index e4802e6fae..43b6e7d792 100644
--- a/src/kernel-install/install.conf
+++ b/src/kernel-install/install.conf
@@ -8,3 +8,4 @@
# See kernel-install(8) for details.
#layout=bls|other|...
+#initrd_generator=dracut|...
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index e56483ef96..fe457c1070 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -80,6 +80,9 @@ fi
KERNEL_VERSION="$1"
shift
+layout=
+initrd_generator=
+
if [ -r "/etc/kernel/install.conf" ]; then
. /etc/kernel/install.conf
elif [ -r "/usr/lib/kernel/install.conf" ]; then
@@ -123,12 +126,12 @@ if [ -z "$layout" ]; then
fi
fi
-
ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
+export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
[ "$layout" = "bls" ]
MAKE_ENTRY_DIR_ABS=$?

32
SOURCES/0090-kernel-install-k-i-already-creates-ENTRY_DIR_ABS-no-.patch
Unescape View File

@ -0,0 +1,32 @@ @@ -0,0 +1,32 @@
From 27b017353a06a22d42dc8bbabbaf602200730719 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:10:37 +0100
Subject: [PATCH] kernel-install: k-i already creates $ENTRY_DIR_ABS, no need
to do it again

(cherry picked from commit a520d5dddb991cd713392d4de0e342e312547a2e)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index e588e72bf9..7b768457c1 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -78,12 +78,8 @@ else
fi
if ! [ -d "$ENTRY_DIR_ABS" ]; then
- if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then
- echo "+mkdir -v -p $ENTRY_DIR_ABS"
- mkdir -v -p "$ENTRY_DIR_ABS"
- else
- mkdir -p "$ENTRY_DIR_ABS"
- fi
+ echo "Error: entry directory '$ENTRY_DIR_ABS' does not exist" >&2
+ exit 1
fi
install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {

118
SOURCES/0091-kernel-install-prefix-errors-with-Error-exit-immedia.patch
Unescape View File

@ -0,0 +1,118 @@ @@ -0,0 +1,118 @@
From 7e5ff353f8b35352f6c36233841754154b4f453b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:15:16 +0100
Subject: [PATCH] kernel-install: prefix errors with "Error:", exit immediately
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

kernel-install would continue after errors… We don't want this, as it
makes the results totally unpredicatable. If we didn't install the kernel
or didn't do some important part of the setup, let's just return an error
and let the user deal with it.

When looking at output, the error was often hard to distinguish, esp.
with -v. Add "Error:" everywhere to make the output easier to parse.

(cherry picked from commit 680cec6b4ddb356d7dd087b197718712cb5c1662)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 10 +++++-----
src/kernel-install/kernel-install | 12 ++++++------
2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 7b768457c1..6a396910cb 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -83,27 +83,27 @@ if ! [ -d "$ENTRY_DIR_ABS" ]; then
fi
install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
- echo "Could not copy '$KERNEL_IMAGE' to '$ENTRY_DIR_ABS/linux'." >&2
+ echo "Error: could not copy '$KERNEL_IMAGE' to '$ENTRY_DIR_ABS/linux'." >&2
exit 1
}
shift "$INITRD_OPTIONS_SHIFT"
for initrd; do
[ -f "$initrd" ] || {
- echo "Initrd '$initrd' not a file." >&2
+ echo "Error: initrd '$initrd' not a file." >&2
exit 1
}
initrd_basename="${initrd##*/}"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
install -g root -o root -m 0644 "$initrd" "$ENTRY_DIR_ABS/$initrd_basename" || {
- echo "Could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
+ echo "Error: could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
exit 1
}
done
mkdir -p "${LOADER_ENTRY%/*}" || {
- echo "Could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
+ echo "Error: could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
exit 1
}
@@ -121,7 +121,7 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
[ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
- echo "Could not create loader entry '$LOADER_ENTRY'." >&2
+ echo "Error: could not create loader entry '$LOADER_ENTRY'." >&2
exit 1
}
exit 0
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index fe457c1070..a73a205d79 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -73,7 +73,7 @@ else
fi
if [ $# -lt 1 ]; then
- echo "Not enough arguments" >&2
+ echo "Error: not enough arguments" >&2
exit 1
fi
@@ -150,12 +150,12 @@ IFS="
case "$COMMAND" in
add)
if [ $# -lt 1 ]; then
- echo "Command 'add' requires a kernel image" >&2
+ echo "Error: command 'add' requires a kernel image" >&2
exit 1
fi
if ! [ -f "$1" ]; then
- echo "Kernel image argument $1 not a file" >&2
+ echo "Error: kernel image argument $1 not a file" >&2
exit 1
fi
@@ -165,9 +165,9 @@ case "$COMMAND" in
# to serve as the indication to use or to not use the BLS
if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then
echo "+mkdir -v -p $ENTRY_DIR_ABS"
- mkdir -v -p "$ENTRY_DIR_ABS"
+ mkdir -v -p "$ENTRY_DIR_ABS" || exit 1
else
- mkdir -p "$ENTRY_DIR_ABS"
+ mkdir -p "$ENTRY_DIR_ABS" || exit 1
fi
fi
@@ -196,7 +196,7 @@ case "$COMMAND" in
;;
*)
- echo "Unknown command '$COMMAND'" >&2
+ echo "Error: unknown command '$COMMAND'" >&2
exit 1
;;
esac

108
SOURCES/0092-kernel-install-add-KERNEL_INSTALL_STAGING_AREA-direc.patch
Unescape View File

@ -0,0 +1,108 @@ @@ -0,0 +1,108 @@
From 0f4ea4aee6e404dfbd6e3c4bbfb4f805e4e257f6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:20:22 +0100
Subject: [PATCH] kernel-install: add "$KERNEL_INSTALL_STAGING_AREA" directory

The general approach of kernel-install was that each plugin would drop in some
files into the entry directory. But this doesn't scale well, because if we have
multiple initrd generators, or multiple initrds, each generator would need to
recreate the logic to put the generated files in the right place.

Also, effective cleanup is impossible if anything goes wrong on the way, so we
could end up with unused files in $BOOT.

So let's invert the process: plugins drop files into $KERNEL_INSTALL_STAGING_AREA,
and at the end 90-loaderentry.install DTRT with those files.

This allow new plugins like 50-mkosi-initrd.install to be significantly simpler.

(cherry picked from commit 367165a4069ac0c04882a05a8a80f6afb1e42760)

Related: #2065061
---
man/kernel-install.xml | 4 ++++
src/kernel-install/90-loaderentry.install | 13 ++++++++++---
src/kernel-install/kernel-install | 10 ++++++++++
3 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/man/kernel-install.xml b/man/kernel-install.xml
index bb76074d2e..685617863e 100644
--- a/man/kernel-install.xml
+++ b/man/kernel-install.xml
@@ -180,6 +180,10 @@
This should be configured as <varname>initrd_generator=</varname> in <filename>install.conf</filename>.
</para>
+ <para><varname>KERNEL_INSTALL_STAGING_AREA=...</varname> is set for plugins to a path to a directory.
+ Plugins may drop files in that directory, and they will be installed as part of the loader entry, based
+ on the file name and extension.</para>
+
<variablelist>
<varlistentry>
<term>bls</term>
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 6a396910cb..0888c260e2 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -18,6 +18,8 @@
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
+shopt -s nullglob
+
COMMAND="$1"
KERNEL_VERSION="$2"
ENTRY_DIR_ABS="$3"
@@ -88,7 +90,8 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
}
shift "$INITRD_OPTIONS_SHIFT"
-for initrd; do
+# All files listed as arguments, and staged files called "initrd*" are installed as initrds.
+for initrd in "$@" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
[ -f "$initrd" ] || {
echo "Error: initrd '$initrd' not a file." >&2
exit 1
@@ -114,11 +117,15 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
echo "machine-id $MACHINE_ID"
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
- for initrd; do
+
+ have_initrd=
+ for initrd in "${@}" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
echo "initrd $ENTRY_DIR/${initrd##*/}"
+ have_initrd=yes
done
+
# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
- [ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
+ [ -z "$have_initrd" ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
echo "Error: could not create loader entry '$LOADER_ENTRY'." >&2
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index a73a205d79..8cfef3208d 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -128,10 +128,20 @@ fi
ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
+# Provide a directory where to store generated initrds
+cleanup() {
+ [ -n "$KERNEL_INSTALL_STAGING_AREA" ] && rm -rf "$KERNEL_INSTALL_STAGING_AREA"
+}
+
+trap cleanup EXIT
+
+KERNEL_INSTALL_STAGING_AREA="$(mktemp -d -t -p /tmp kernel-install.staging.XXXXXXX)"
+
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
+export KERNEL_INSTALL_STAGING_AREA
[ "$layout" = "bls" ]
MAKE_ENTRY_DIR_ABS=$?

25
SOURCES/0093-kernel-install-add-missing-log-line.patch
Unescape View File

@ -0,0 +1,25 @@ @@ -0,0 +1,25 @@
From 9f36dbd7cb7ca1f2e77ea6c1a3129988f346b287 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 14:03:24 +0100
Subject: [PATCH] kernel-install: add missing log line

(cherry picked from commit 29f604131b2c0b82dca7d6ffaa5e6bc6a253620d)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 2 ++
1 file changed, 2 insertions(+)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 0888c260e2..3edefdefb4 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -40,6 +40,8 @@ fi
case "$COMMAND" in
remove)
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
+ echo "Removing $BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION*.conf"
exec rm -f \
"$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
"$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"

83
SOURCES/0094-kernel-install-don-t-try-to-persist-used-machine-ID-.patch
Unescape View File

@ -0,0 +1,83 @@ @@ -0,0 +1,83 @@
From 7738d7793bc83421536f9962c794633006613725 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 13:59:36 +0100
Subject: [PATCH] kernel-install: don't try to persist used machine ID locally

This reworks the how machine ID used by the boot loader spec snippet
generation logic. Instead of persisting it automatically to /etc/ we'll
append it via systemd.machined_id= to the kernel command line, and thus
persist it in the generated boot loader spec snippets instead. This has
nice benefits:

1. We do not collide with read-only root
2. The machine ID remains stable across factory reset, so that we can
safely recognize the path in $BOOT we drop our kernel images in
again, i.e. kernel updates will work correctly and safely across
kernel factory resets.
3. Previously regular systems had different machine IDs while in
initrd and after booting into the host system. With this change
they will now have the same.

This then drops implicit persisting of KERNEL_INSTALL_MACHINE_ID, as its
unnecessary then. The field is still honoured though, for compat
reasons.

This also drops the "Default" fallback previously used, as it actually
is without effect, the randomized ID generation already took precedence
in all cases. This means $MACHNE_ID/KERNEL_INSTALL_MACHINE_ID are now
guaranteed to look like a proper machine ID, which is useful for us,
given you need it that way to be able to pass it to the
systemd.machine_id= kernel command line option.

(cherry picked from commit 11ce3ea2f2219ab9c0700bcf7f8ed4312d80e937)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 6 +++++-
src/kernel-install/kernel-install | 16 +++++++---------
2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 3edefdefb4..046771169c 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -68,7 +68,11 @@ elif [ -r /usr/lib/kernel/cmdline ]; then
else
BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
-BOOT_OPTIONS="${BOOT_OPTIONS% }"
+
+# Suffix with the machine ID we use, so that the machine ID remains stable,
+# even during factory reset, in the initrd (where the system's machine ID is
+# not directly accessible yet), and if the root file system is volatile.
+BOOT_OPTIONS="${BOOT_OPTIONS% } systemd.machine_id=$MACHINE_ID"
if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 8cfef3208d..e94aa79bc6 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -89,15 +89,13 @@ elif [ -r "/usr/lib/kernel/install.conf" ]; then
. /usr/lib/kernel/install.conf
fi
-# Prefer to use an existing machine ID from /etc/machine-info or /etc/machine-id. If we're using the machine
-# ID /etc/machine-id, try to persist it in /etc/machine-info. If no machine ID is found, try to generate
-# a new machine ID in /etc/machine-info. If that fails, use "Default".
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
-[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && NEW_MACHINE_ID="$(systemd-id128 new)" && echo "KERNEL_INSTALL_MACHINE_ID=$NEW_MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
+# If /etc/machine-id is initialized we'll use it, otherwise we'll use a freshly
+# generated one. If the user configured an explicit machine ID to use in
+# /etc/machine-info to use for our purpose, we'll use that instead (for
+# compatibility).
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
+[ -z "$MACHINE_ID" ] && MACHINE_ID="$(systemd-id128 new)"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
for pref in "/efi" "/boot" "/boot/efi" ; do

136
SOURCES/0095-kernel-install-add-a-new-ENTRY_TOKEN-variable-for-na.patch
Unescape View File

@ -0,0 +1,136 @@ @@ -0,0 +1,136 @@
From 455b9b9dd4d462db7482f67d8e730b25e75b1505 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 14:29:19 +0100
Subject: [PATCH] kernel-install: add a new $ENTRY_TOKEN variable for naming
boot entries
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This cleans up naming of boot loader spec boot entries a bit (i.e. the
naming of the .conf snippet files, and the directory in $BOOT where the
kernel images and initrds are placed), and isolates it from the actual machine
ID concept.

Previously there was a sinlge concept for both things, because typically
the entries are just named after the machine ID. However one could also
use a different identifier, i.e. not a 128bit ID in which cases issues
pop up everywhere. For example, the "machine-id" field in the generated
snippets would not be a machine ID anymore, and the newly added
systemd.machine_id= kernel parameter would possibly get passed invalid
data.

Hence clean this up:

$MACHINE_ID → always a valid 128bit ID.

$ENTRY_TOKEN → usually the $MACHINE_ID but can be any other string too.
This is used to name the directory to put kernels/initrds in. It's also
used for naming the *.conf snippets that implement the Boot Loader Type
1 spec.

(cherry picked from commit 3907044ffa568aedf076d0f9807489ec78f87502)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 11 ++++++-----
src/kernel-install/kernel-install | 21 +++++++++++++++++----
2 files changed, 23 insertions(+), 9 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 046771169c..46261a2c11 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -29,6 +29,7 @@ INITRD_OPTIONS_SHIFT=4
[ "$KERNEL_INSTALL_LAYOUT" = "bls" ] || exit 0
MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+ENTRY_TOKEN="$KERNEL_INSTALL_ENTRY_TOKEN"
BOOT_ROOT="$KERNEL_INSTALL_BOOT_ROOT"
BOOT_MNT="$(stat -c %m "$BOOT_ROOT")"
@@ -41,10 +42,10 @@ fi
case "$COMMAND" in
remove)
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Removing $BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION*.conf"
+ echo "Removing $BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION*.conf"
exec rm -f \
- "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
- "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
+ "$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION.conf" \
+ "$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION+"*".conf"
;;
add)
;;
@@ -80,9 +81,9 @@ if [ -r /etc/kernel/tries ]; then
echo "/etc/kernel/tries does not contain an integer." >&2
exit 1
fi
- LOADER_ENTRY="$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+$TRIES.conf"
+ LOADER_ENTRY="$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION+$TRIES.conf"
else
- LOADER_ENTRY="$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf"
+ LOADER_ENTRY="$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION.conf"
fi
if ! [ -d "$ENTRY_DIR_ABS" ]; then
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index e94aa79bc6..75a31c62d4 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -97,7 +97,19 @@ fi
[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
[ -z "$MACHINE_ID" ] && MACHINE_ID="$(systemd-id128 new)"
-[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
+# Now that we determined the machine ID to use, let's determine the "token" for
+# the boot loader entry to generate. We use that for naming the directory below
+# $BOOT where we want to place the kernel/initrd and related resources, as well
+# for naming the .conf boot loader spec entry. Typically this is just the
+# machine ID, but it can be anything else, too, if we are told so.
+[ -z "$ENTRY_TOKEN" ] && [ -r /etc/kernel/entry-token ] && read -r ENTRY_TOKEN </etc/kernel/entry-token
+[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
+
+# NB: The $MACHINE_ID is guaranteed to be a valid machine ID, but
+# $ENTRY_TOKEN can be any string that fits into a VFAT filename, though
+# typically is just the machine ID.
+
+[ -z "$BOOT_ROOT" ] && for suff in "$ENTRY_TOKEN" "loader/entries"; do
for pref in "/efi" "/boot" "/boot/efi" ; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
@@ -117,14 +129,14 @@ done
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.
- if [ -d "$BOOT_ROOT/$MACHINE_ID" ]; then
+ if [ -d "$BOOT_ROOT/$ENTRY_TOKEN" ]; then
layout="bls"
else
layout="other"
fi
fi
-ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
+ENTRY_DIR_ABS="$BOOT_ROOT/$ENTRY_TOKEN/$KERNEL_VERSION"
# Provide a directory where to store generated initrds
cleanup() {
@@ -136,6 +148,7 @@ trap cleanup EXIT
KERNEL_INSTALL_STAGING_AREA="$(mktemp -d -t -p /tmp kernel-install.staging.XXXXXXX)"
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
+export KERNEL_INSTALL_ENTRY_TOKEN="$ENTRY_TOKEN"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
@@ -168,7 +181,7 @@ case "$COMMAND" in
fi
if [ "$MAKE_ENTRY_DIR_ABS" -eq 0 ]; then
- # Compatibility with earlier versions that used the presence of $BOOT_ROOT/$MACHINE_ID
+ # Compatibility with earlier versions that used the presence of $BOOT_ROOT/$ENTRY_TOKEN
# to signal to 00-entry-directory to create $ENTRY_DIR_ABS
# to serve as the indication to use or to not use the BLS
if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then

59
SOURCES/0096-kernel-install-only-generate-systemd.boot_id-in-kern.patch
Unescape View File

@ -0,0 +1,59 @@ @@ -0,0 +1,59 @@
From 5eb855bddaf8270e7274132ded0e36325d8ffbbe Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 14:44:48 +0100
Subject: [PATCH] kernel-install: only generate systemd.boot_id= in kernel
command line if used for naming the boot loader spec files/dirs

Now that we can distinguish the naming of the boot loader spec
dirs/files and the machine ID let's tweak the logic for suffixing the
kernel cmdline with systemd.boot_id=: let's only do that when we
actually need the boot ID for naming these dirs/files. If we don't,
let's not bother.

This should be beneficial for "golden" images that shall not carry any
machine IDs at all, i.e acquire their identity only once the final
userspace is actually reached.

(cherry picked from commit 953b61004c37948dcd897265b56c1613bc73b9f9)

Related: #2065061
---
src/kernel-install/90-loaderentry.install | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 46261a2c11..c1d69aa824 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -70,10 +70,15 @@ else
BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
-# Suffix with the machine ID we use, so that the machine ID remains stable,
-# even during factory reset, in the initrd (where the system's machine ID is
-# not directly accessible yet), and if the root file system is volatile.
-BOOT_OPTIONS="${BOOT_OPTIONS% } systemd.machine_id=$MACHINE_ID"
+BOOT_OPTIONS="${BOOT_OPTIONS% }"
+
+# If the boot entries are named after the machine ID, then suffix the kernel
+# command line with the machine ID we use, so that the machine ID remains
+# stable, even during factory reset, in the initrd (where the system's machine
+# ID is not directly accessible yet), and if the root file system is volatile.
+if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ]; then
+ BOOT_OPTIONS="$BOOT_OPTIONS systemd.machine_id=$MACHINE_ID"
+fi
if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
@@ -121,7 +126,10 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
{
echo "title $PRETTY_NAME"
echo "version $KERNEL_VERSION"
- echo "machine-id $MACHINE_ID"
+ if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ]; then
+ # See similar logic above for the systemd.machine_id= kernel command line option
+ echo "machine-id $MACHINE_ID"
+ fi
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"

75
SOURCES/0097-kernel-install-search-harder-for-kernel-image-initrd.patch
Unescape View File

@ -0,0 +1,75 @@ @@ -0,0 +1,75 @@
From a774b3d6c43863b632f211aa21e61cb48e2ee736 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 10 Feb 2022 14:27:22 +0100
Subject: [PATCH] kernel-install: search harder for kernel image/initrd drop-in
dir

If not explicitly configured, let's search a bit harder for the
ENTRY_TOKEN, and let's try the machine ID, the IMAGE_ID and ID fields of
/etc/os-release and finally "Default", all below potential $XBOOTLDR.

(cherry picked from commit 6637cf9db67237857279262d93ee0e39023c5b85)

Related: #2065061
---
src/kernel-install/kernel-install | 27 ++++++++++++++++++++++++---
1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 75a31c62d4..c42c40592a 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -103,29 +103,50 @@ fi
# for naming the .conf boot loader spec entry. Typically this is just the
# machine ID, but it can be anything else, too, if we are told so.
[ -z "$ENTRY_TOKEN" ] && [ -r /etc/kernel/entry-token ] && read -r ENTRY_TOKEN </etc/kernel/entry-token
-[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
+if [ -z "$ENTRY_TOKEN" ]; then
+ # If not configured explicitly, then use a few candidates: the machine ID,
+ # the IMAGE_ID= and ID= fields from /etc/os-release and finally the fixed
+ # string "Default"
+ ENTRY_TOKEN_SEARCH="$MACHINE_ID"
+ [ -r /etc/os-release ] && . /etc/os-release
+ [ -n "$IMAGE_ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $IMAGE_ID"
+ [ -n "$ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $ID"
+ ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH Default"
+else
+ ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN"
+fi
# NB: The $MACHINE_ID is guaranteed to be a valid machine ID, but
# $ENTRY_TOKEN can be any string that fits into a VFAT filename, though
# typically is just the machine ID.
-[ -z "$BOOT_ROOT" ] && for suff in "$ENTRY_TOKEN" "loader/entries"; do
- for pref in "/efi" "/boot" "/boot/efi" ; do
+[ -z "$BOOT_ROOT" ] && for suff in $ENTRY_TOKEN_SEARCH; do
+ for pref in "/efi" "/boot" "/boot/efi"; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
+ ENTRY_TOKEN="$suff"
break 2
fi
done
done
+[ -z "$BOOT_ROOT" ] && for pref in "/efi" "/boot" "/boot/efi"; do
+ if [ -d "$pref/loader/entries" ]; then
+ BOOT_ROOT="$pref"
+ break
+ fi
+done
+
[ -z "$BOOT_ROOT" ] && for pref in "/efi" "/boot/efi"; do
if mountpoint -q "$pref"; then
BOOT_ROOT="$pref"
break
fi
done
+
[ -z "$BOOT_ROOT" ] && BOOT_ROOT="/boot"
+[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.

68
SOURCES/0098-kernel-install-add-new-inspect-verb-showing-paths-an.patch
Unescape View File

@ -0,0 +1,68 @@ @@ -0,0 +1,68 @@
From 8742d040aa5ef5e784c903d0c3efacba7d69ade2 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 10 Feb 2022 14:37:37 +0100
Subject: [PATCH] kernel-install: add new "inspect" verb, showing paths and
parameters we discovered

(cherry picked from commit c73cf4184441d3cc37a5e2195938f07420ec38b7)

Related: #2065061
---
src/kernel-install/kernel-install | 29 +++++++++++++++++++++++------
1 file changed, 23 insertions(+), 6 deletions(-)

diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index c42c40592a..b8099bd12c 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -25,6 +25,7 @@ usage()
echo "Usage:"
echo " $0 [OPTIONS...] add KERNEL-VERSION KERNEL-IMAGE [INITRD-FILE ...]"
echo " $0 [OPTIONS...] remove KERNEL-VERSION"
+ echo " $0 [OPTIONS...] inspect"
echo "Options:"
echo " -h, --help Print this help"
echo " -v, --verbose Increase verbosity"
@@ -72,13 +73,17 @@ else
[ $# -ge 1 ] && shift
fi
-if [ $# -lt 1 ]; then
- echo "Error: not enough arguments" >&2
- exit 1
-fi
+if [ "$COMMAND" = "inspect" ]; then
+ KERNEL_VERSION=""
+else
+ if [ $# -lt 1 ]; then
+ echo "Error: not enough arguments" >&2
+ exit 1
+ fi
-KERNEL_VERSION="$1"
-shift
+ KERNEL_VERSION="$1"
+ shift
+fi
layout=
initrd_generator=
@@ -237,6 +242,18 @@ case "$COMMAND" in
fi
;;
+ inspect)
+ echo "KERNEL_INSTALL_MACHINE_ID: $KERNEL_INSTALL_MACHINE_ID"
+ echo "KERNEL_INSTALL_ENTRY_TOKEN: $KERNEL_INSTALL_ENTRY_TOKEN"
+ echo "KERNEL_INSTALL_BOOT_ROOT: $KERNEL_INSTALL_BOOT_ROOT"
+ echo "KERNEL_INSTALL_LAYOUT: $KERNEL_INSTALL_LAYOUT"
+ echo "KERNEL_INSTALL_INITRD_GENERATOR: $KERNEL_INSTALL_INITRD_GENERATOR"
+ echo "ENTRY_DIR_ABS: $KERNEL_INSTALL_BOOT_ROOT/$ENTRY_TOKEN/\$KERNEL_VERSION"
+
+ # Assert that ENTRY_DIR_ABS actually matches what we are printing here
+ [ "${ENTRY_DIR_ABS%/*}" = "$KERNEL_INSTALL_BOOT_ROOT/$ENTRY_TOKEN" ] || { echo "Assertion didn't pass." >&2; exit 1; }
+
+ ;;
*)
echo "Error: unknown command '$COMMAND'" >&2
exit 1

97
SOURCES/0099-ci-Mergify-configuration-update.patch
Unescape View File

@ -0,0 +1,97 @@ @@ -0,0 +1,97 @@
From caf80cd558222a08687e8db95e3e1fcad0d69946 Mon Sep 17 00:00:00 2001
From: Jan Macku <jamacku@redhat.com>
Date: Mon, 30 May 2022 15:19:16 +0200
Subject: [PATCH] ci(Mergify): configuration update

Add rules for `needs-ci` label management

RHEL-only

Related: #2087652
---
.mergify.yml | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 76 insertions(+)
create mode 100644 .mergify.yml

diff --git a/.mergify.yml b/.mergify.yml
new file mode 100644
index 0000000000..c06e0fb1be
--- /dev/null
+++ b/.mergify.yml
@@ -0,0 +1,76 @@
+# doc: https://docs.mergify.com
+---
+
+pull_request_rules:
+ - name: Add `needs-ci` label on CI fail
+ conditions:
+ - or:
+ # Build test
+ - -check-success=build (gcc, 10, bfd)
+ - -check-success=build (gcc, 11, gold)
+ - -check-success=build (clang, 11, bfd)
+ - -check-success=build (clang, 12, gold)
+ - -check-success=build (clang, 13, lld)
+ # Unit tests
+ - -check-success=build (GCC, auto)
+ - -check-success=build (GCC_ASAN_UBSAN, auto)
+ - -check-success=build (CLANG, auto)
+ - -check-success=build (CLANG_ASAN_UBSAN, auto)
+ - -check-success=build (GCC, openssl)
+ - -check-success=build (CLANG, gcrypt)
+ # CentOS CI
+ - -check-success=CentOS CI (CentOS Stream 9)
+ - -check-success=CentOS CI (CentOS Stream 9 + sanitizers)
+ # LGTM
+ - and:
+ - "-check-success=LGTM analysis: JavaScript"
+ - "-check-neutral=LGTM analysis: JavaScript"
+ - and:
+ - "-check-success=LGTM analysis: Python"
+ - "-check-neutral=LGTM analysis: Python"
+ - and:
+ - "-check-success=LGTM analysis: C/C++"
+ - "-check-neutral=LGTM analysis: Python"
+ # Packit
+ - -check-success=rpm-build:centos-stream-9-aarch64
+ - -check-success=rpm-build:centos-stream-9-x86_64
+ actions:
+ label:
+ add:
+ - needs-ci
+
+ - name: Remove `needs-ci` label on CI success
+ conditions:
+ # Build test
+ - check-success=build (gcc, 10, bfd)
+ - check-success=build (gcc, 11, gold)
+ - check-success=build (clang, 11, bfd)
+ - check-success=build (clang, 12, gold)
+ - check-success=build (clang, 13, lld)
+ # Unit tests
+ - check-success=build (GCC, auto)
+ - check-success=build (GCC_ASAN_UBSAN, auto)
+ - check-success=build (CLANG, auto)
+ - check-success=build (CLANG_ASAN_UBSAN, auto)
+ - check-success=build (GCC, openssl)
+ - check-success=build (CLANG, gcrypt)
+ # CentOS CI
+ - check-success=CentOS CI (CentOS Stream 9)
+ - check-success=CentOS CI (CentOS Stream 9 + sanitizers)
+ # LGTM
+ - or:
+ - "check-success=LGTM analysis: JavaScript"
+ - "check-neutral=LGTM analysis: JavaScript"
+ - or:
+ - "check-success=LGTM analysis: Python"
+ - "check-neutral=LGTM analysis: Python"
+ - or:
+ - "check-success=LGTM analysis: C/C++"
+ - "check-neutral=LGTM analysis: Python"
+ # Packit
+ - check-success=rpm-build:centos-stream-9-aarch64
+ - check-success=rpm-build:centos-stream-9-x86_64
+ actions:
+ label:
+ remove:
+ - needs-ci

34
SOURCES/0100-ci-Mergify-fix-copy-paste-bug.patch
Unescape View File

@ -0,0 +1,34 @@ @@ -0,0 +1,34 @@
From 14b8f663049a902aac962f9a522595df9db6b6bc Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Mon, 6 Jun 2022 15:39:22 +0200
Subject: [PATCH] ci(Mergify): fix copy&paste bug

RHEL-only

Related: #2087652
---
.mergify.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.mergify.yml b/.mergify.yml
index c06e0fb1be..b7852b201c 100644
--- a/.mergify.yml
+++ b/.mergify.yml
@@ -30,7 +30,7 @@ pull_request_rules:
- "-check-neutral=LGTM analysis: Python"
- and:
- "-check-success=LGTM analysis: C/C++"
- - "-check-neutral=LGTM analysis: Python"
+ - "-check-neutral=LGTM analysis: C/C++"
# Packit
- -check-success=rpm-build:centos-stream-9-aarch64
- -check-success=rpm-build:centos-stream-9-x86_64
@@ -66,7 +66,7 @@ pull_request_rules:
- "check-neutral=LGTM analysis: Python"
- or:
- "check-success=LGTM analysis: C/C++"
- - "check-neutral=LGTM analysis: Python"
+ - "check-neutral=LGTM analysis: C/C++"
# Packit
- check-success=rpm-build:centos-stream-9-aarch64
- check-success=rpm-build:centos-stream-9-x86_64

26
SOURCES/0101-shared-Fix-memory-leak-in-bus_append_execute_propert.patch
Unescape View File

@ -0,0 +1,26 @@ @@ -0,0 +1,26 @@
From 18b0bc42dc097af6147324deef100c41dedfa755 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Mon, 9 May 2022 09:50:32 +0200
Subject: [PATCH] shared: Fix memory leak in bus_append_execute_property()

Fixes #23317

(cherry picked from commit 2aaf6d407e8541985a15b7106abf6fbdfed0766a)
Related: #2087652
---
src/shared/bus-unit-util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
index dcce530c99..ef134bcee4 100644
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
@@ -1952,7 +1952,7 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
path_simplify(source);
if (isempty(destination)) {
- r = strv_extend(&sources, TAKE_PTR(source));
+ r = strv_consume(&sources, TAKE_PTR(source));
if (r < 0)
return bus_log_create_error(r);
} else {

187
SOURCES/0102-fuzz-no-longer-skip-empty-files.patch
Unescape View File

@ -0,0 +1,187 @@ @@ -0,0 +1,187 @@
From 0235f9ea3d221aba513f4b6215418bf554e02791 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Mon, 3 Jan 2022 12:31:07 +0000
Subject: [PATCH] fuzz: no longer skip empty files

Empty files and empty strings seem to have triggered various
issues in the past so it seems they shouldn't be ignore by the
fuzzers just because fmemopen can't handle them.

Prompted by https://github.com/systemd/systemd/pull/21939#issuecomment-1003113669

(cherry picked from commit 5df66d7d68006615abb4c4d3b1ebad545af4dd72)
Related: #2087652
---
src/core/fuzz-unit-file.c | 6 +-----
src/fuzz/fuzz-env-file.c | 5 ++---
src/fuzz/fuzz-hostname-setup.c | 6 +-----
src/fuzz/fuzz-json.c | 6 +-----
src/fuzz/fuzz.h | 9 +++++++++
src/nspawn/fuzz-nspawn-oci.c | 6 +-----
src/nspawn/fuzz-nspawn-settings.c | 6 +-----
7 files changed, 16 insertions(+), 28 deletions(-)

diff --git a/src/core/fuzz-unit-file.c b/src/core/fuzz-unit-file.c
index aef29f4cf7..780dd3988d 100644
--- a/src/core/fuzz-unit-file.c
+++ b/src/core/fuzz-unit-file.c
@@ -2,7 +2,6 @@
#include "conf-parser.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fuzz.h"
#include "install.h"
#include "load-fragment.h"
@@ -22,10 +21,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
const char *name;
long offset;
- if (size == 0)
- return 0;
-
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
if (read_line(f, LINE_MAX, &p) < 0)
diff --git a/src/fuzz/fuzz-env-file.c b/src/fuzz/fuzz-env-file.c
index e0dac260b0..3b3e625608 100644
--- a/src/fuzz/fuzz-env-file.c
+++ b/src/fuzz/fuzz-env-file.c
@@ -4,7 +4,6 @@
#include "alloc-util.h"
#include "env-file.h"
-#include "fileio.h"
#include "fd-util.h"
#include "fuzz.h"
#include "strv.h"
@@ -13,10 +12,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_fclose_ FILE *f = NULL;
_cleanup_strv_free_ char **rl = NULL, **rlp = NULL;
- if (size == 0 || size > 65535)
+ if (size > 65535)
return 0;
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
/* We don't want to fill the logs with messages about parse errors.
diff --git a/src/fuzz/fuzz-hostname-setup.c b/src/fuzz/fuzz-hostname-setup.c
index b8d36da54a..d7c23eef12 100644
--- a/src/fuzz/fuzz-hostname-setup.c
+++ b/src/fuzz/fuzz-hostname-setup.c
@@ -2,7 +2,6 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fuzz.h"
#include "hostname-setup.h"
@@ -10,10 +9,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_fclose_ FILE *f = NULL;
_cleanup_free_ char *ret = NULL;
- if (size == 0)
- return 0;
-
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
/* We don't want to fill the logs with messages about parse errors.
diff --git a/src/fuzz/fuzz-json.c b/src/fuzz/fuzz-json.c
index f9a0e818c4..ad7460c6fd 100644
--- a/src/fuzz/fuzz-json.c
+++ b/src/fuzz/fuzz-json.c
@@ -1,7 +1,6 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "alloc-util.h"
-#include "fileio.h"
#include "fd-util.h"
#include "fuzz.h"
#include "json.h"
@@ -12,10 +11,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_fclose_ FILE *f = NULL, *g = NULL;
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
- if (size == 0)
- return 0;
-
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
if (json_parse_file(f, NULL, 0, &v, NULL, NULL) < 0)
diff --git a/src/fuzz/fuzz.h b/src/fuzz/fuzz.h
index 579b0eed73..d7cbb0bb16 100644
--- a/src/fuzz/fuzz.h
+++ b/src/fuzz/fuzz.h
@@ -4,5 +4,14 @@
#include <stddef.h>
#include <stdint.h>
+#include "fileio.h"
+
/* The entry point into the fuzzer */
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static inline FILE* data_to_file(const uint8_t *data, size_t size) {
+ if (size == 0)
+ return fopen("/dev/null", "re");
+ else
+ return fmemopen_unlocked((char*) data, size, "re");
+}
diff --git a/src/nspawn/fuzz-nspawn-oci.c b/src/nspawn/fuzz-nspawn-oci.c
index cfebf65c00..91f2a81dfc 100644
--- a/src/nspawn/fuzz-nspawn-oci.c
+++ b/src/nspawn/fuzz-nspawn-oci.c
@@ -2,7 +2,6 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fuzz.h"
#include "nspawn-oci.h"
@@ -10,10 +9,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_fclose_ FILE *f = NULL;
_cleanup_(settings_freep) Settings *s = NULL;
- if (size == 0)
- return 0;
-
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
/* We don't want to fill the logs with messages about parse errors.
diff --git a/src/nspawn/fuzz-nspawn-settings.c b/src/nspawn/fuzz-nspawn-settings.c
index bd98ed26e8..6b91e1506e 100644
--- a/src/nspawn/fuzz-nspawn-settings.c
+++ b/src/nspawn/fuzz-nspawn-settings.c
@@ -2,7 +2,6 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fuzz.h"
#include "nspawn-settings.h"
@@ -10,10 +9,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_fclose_ FILE *f = NULL;
_cleanup_(settings_freep) Settings *s = NULL;
- if (size == 0)
- return 0;
-
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
/* We don't want to fill the logs with messages about parse errors.

276
SOURCES/0103-networkctl-open-the-bus-just-once.patch
Unescape View File

@ -0,0 +1,276 @@ @@ -0,0 +1,276 @@
From 3852f94de9582dc1acb44844579873cd0e2f3162 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 11 Jan 2022 15:12:42 +0100
Subject: [PATCH] networkctl: open the bus just once

We'd connect to the bus twice: the first time to check networkd namespace,
and then the second time to do the deed we were asked to do. It's nicer
to open the bus just once, for efficience and also to avoid the open call
in all functions.

An ASSERT_PTR helper is added:
- sd_bus *bus = userdata;
...
- assert(bus);
+ sd_bus *bus = ASSERT_PTR(userdata);
...

It can be used in other place too, but I'm leaving that for a later
refactoring.

(cherry picked from commit d821e40ca96d2b14216f7a18e4512364bfb83628)
Related: #2087652
---
src/fundamental/macro-fundamental.h | 8 ++++
src/network/networkctl.c | 74 ++++++++++-------------------
2 files changed, 33 insertions(+), 49 deletions(-)

diff --git a/src/fundamental/macro-fundamental.h b/src/fundamental/macro-fundamental.h
index f87839d47b..d597c743bb 100644
--- a/src/fundamental/macro-fundamental.h
+++ b/src/fundamental/macro-fundamental.h
@@ -66,6 +66,14 @@
#define free(a) FreePool(a)
#endif
+/* This passes the argument through after (if asserts are enabled) checking that it is not null. */
+#define ASSERT_PTR(expr) \
+ ({ \
+ typeof(expr) _expr_ = (expr); \
+ assert(_expr_); \
+ _expr_; \
+ })
+
#if defined(static_assert)
#define assert_cc(expr) \
static_assert(expr, #expr)
diff --git a/src/network/networkctl.c b/src/network/networkctl.c
index 68dd4b185c..c35f851bdb 100644
--- a/src/network/networkctl.c
+++ b/src/network/networkctl.c
@@ -79,17 +79,12 @@ static bool arg_full = false;
static unsigned arg_lines = 10;
static JsonFormatFlags arg_json_format_flags = JSON_FORMAT_OFF;
-static int get_description(JsonVariant **ret) {
+static int get_description(sd_bus *bus, JsonVariant **ret) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
const char *text = NULL;
int r;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
r = bus_call_method(bus, bus_network_mgr, "Describe", &error, &reply, NULL);
if (r < 0)
return log_error_errno(r, "Failed to get description: %s", bus_error_message(&error, r));
@@ -105,11 +100,11 @@ static int get_description(JsonVariant **ret) {
return 0;
}
-static int dump_manager_description(void) {
+static int dump_manager_description(sd_bus *bus) {
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
int r;
- r = get_description(&v);
+ r = get_description(bus, &v);
if (r < 0)
return r;
@@ -117,14 +112,14 @@ static int dump_manager_description(void) {
return 0;
}
-static int dump_link_description(char **patterns) {
+static int dump_link_description(sd_bus *bus, char **patterns) {
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
_cleanup_free_ bool *matched_patterns = NULL;
JsonVariant *i;
size_t c = 0;
int r;
- r = get_description(&v);
+ r = get_description(bus, &v);
if (r < 0)
return r;
@@ -790,6 +785,7 @@ static int acquire_link_info(sd_bus *bus, sd_netlink *rtnl, char **patterns, Lin
}
static int list_links(int argc, char *argv[], void *userdata) {
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
_cleanup_(link_info_array_freep) LinkInfo *links = NULL;
_cleanup_(table_unrefp) Table *table = NULL;
@@ -798,9 +794,9 @@ static int list_links(int argc, char *argv[], void *userdata) {
if (arg_json_format_flags != JSON_FORMAT_OFF) {
if (arg_all || argc <= 1)
- return dump_manager_description();
+ return dump_manager_description(bus);
else
- return dump_link_description(strv_skip(argv, 1));
+ return dump_link_description(bus, strv_skip(argv, 1));
}
r = sd_netlink_open(&rtnl);
@@ -2383,7 +2379,7 @@ static int system_status(sd_netlink *rtnl, sd_hwdb *hwdb) {
}
static int link_status(int argc, char *argv[], void *userdata) {
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
_cleanup_(sd_hwdb_unrefp) sd_hwdb *hwdb = NULL;
_cleanup_(link_info_array_freep) LinkInfo *links = NULL;
@@ -2391,17 +2387,13 @@ static int link_status(int argc, char *argv[], void *userdata) {
if (arg_json_format_flags != JSON_FORMAT_OFF) {
if (arg_all || argc <= 1)
- return dump_manager_description();
+ return dump_manager_description(bus);
else
- return dump_link_description(strv_skip(argv, 1));
+ return dump_link_description(bus, strv_skip(argv, 1));
}
pager_open(arg_pager_flags);
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
r = sd_netlink_open(&rtnl);
if (r < 0)
return log_error_errno(r, "Failed to connect to netlink: %m");
@@ -2738,14 +2730,10 @@ static int link_renew_one(sd_bus *bus, int index, const char *name) {
}
static int link_renew(int argc, char *argv[], void *userdata) {
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
int index, k = 0, r;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
for (int i = 1; i < argc; i++) {
index = rtnl_resolve_interface_or_warn(&rtnl, argv[i]);
if (index < 0)
@@ -2772,14 +2760,10 @@ static int link_force_renew_one(sd_bus *bus, int index, const char *name) {
}
static int link_force_renew(int argc, char *argv[], void *userdata) {
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
int k = 0, r;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
for (int i = 1; i < argc; i++) {
int index = rtnl_resolve_interface_or_warn(&rtnl, argv[i]);
if (index < 0)
@@ -2794,14 +2778,10 @@ static int link_force_renew(int argc, char *argv[], void *userdata) {
}
static int verb_reload(int argc, char *argv[], void *userdata) {
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
int r;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
r = bus_call_method(bus, bus_network_mgr, "Reload", &error, NULL, NULL);
if (r < 0)
return log_error_errno(r, "Failed to reload network settings: %m");
@@ -2810,17 +2790,13 @@ static int verb_reload(int argc, char *argv[], void *userdata) {
}
static int verb_reconfigure(int argc, char *argv[], void *userdata) {
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
_cleanup_set_free_ Set *indexes = NULL;
int index, r;
void *p;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
indexes = set_new(NULL);
if (!indexes)
return log_oom();
@@ -2968,7 +2944,7 @@ static int parse_argv(int argc, char *argv[]) {
return 1;
}
-static int networkctl_main(int argc, char *argv[]) {
+static int networkctl_main(sd_bus *bus, int argc, char *argv[]) {
static const Verb verbs[] = {
{ "list", VERB_ANY, VERB_ANY, VERB_DEFAULT, list_links },
{ "status", VERB_ANY, VERB_ANY, 0, link_status },
@@ -2984,20 +2960,15 @@ static int networkctl_main(int argc, char *argv[]) {
{}
};
- return dispatch_verb(argc, argv, verbs, NULL);
+ return dispatch_verb(argc, argv, verbs, bus);
}
-static int check_netns_match(void) {
+static int check_netns_match(sd_bus *bus) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
struct stat st;
uint64_t id;
int r;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
r = sd_bus_get_property_trivial(
bus,
"org.freedesktop.network1",
@@ -3035,6 +3006,7 @@ static void warn_networkd_missing(void) {
}
static int run(int argc, char* argv[]) {
+ _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
int r;
log_setup();
@@ -3043,13 +3015,17 @@ static int run(int argc, char* argv[]) {
if (r <= 0)
return r;
- r = check_netns_match();
+ r = sd_bus_open_system(&bus);
+ if (r < 0)
+ return log_error_errno(r, "Failed to connect system bus: %m");
+
+ r = check_netns_match(bus);
if (r < 0)
return r;
warn_networkd_missing();
- return networkctl_main(argc, argv);
+ return networkctl_main(bus, argc, argv);
}
DEFINE_MAIN_FUNCTION(run);

55
SOURCES/0104-json-align-table.patch
Unescape View File

@ -0,0 +1,55 @@ @@ -0,0 +1,55 @@
From ee588179205de7c1584bd45bd22ec59028f11405 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 10:24:36 +0200
Subject: [PATCH] json: align table

(cherry picked from commit 9674b089cfb1f75653579e83735e049ddcbbed7e)
Related: #2087652
---
src/shared/json.c | 18 ++++++++----------
1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/src/shared/json.c b/src/shared/json.c
index dff95eda26..6375b87a0b 100644
--- a/src/shared/json.c
+++ b/src/shared/json.c
@@ -4754,7 +4754,6 @@ bool json_variant_is_sorted(JsonVariant *v) {
}
int json_variant_unbase64(JsonVariant *v, void **ret, size_t *ret_size) {
-
if (!json_variant_is_string(v))
return -EINVAL;
@@ -4762,7 +4761,6 @@ int json_variant_unbase64(JsonVariant *v, void **ret, size_t *ret_size) {
}
int json_variant_unhex(JsonVariant *v, void **ret, size_t *ret_size) {
-
if (!json_variant_is_string(v))
return -EINVAL;
@@ -4770,15 +4768,15 @@ int json_variant_unhex(JsonVariant *v, void **ret, size_t *ret_size) {
}
static const char* const json_variant_type_table[_JSON_VARIANT_TYPE_MAX] = {
- [JSON_VARIANT_STRING] = "string",
- [JSON_VARIANT_INTEGER] = "integer",
+ [JSON_VARIANT_STRING] = "string",
+ [JSON_VARIANT_INTEGER] = "integer",
[JSON_VARIANT_UNSIGNED] = "unsigned",
- [JSON_VARIANT_REAL] = "real",
- [JSON_VARIANT_NUMBER] = "number",
- [JSON_VARIANT_BOOLEAN] = "boolean",
- [JSON_VARIANT_ARRAY] = "array",
- [JSON_VARIANT_OBJECT] = "object",
- [JSON_VARIANT_NULL] = "null",
+ [JSON_VARIANT_REAL] = "real",
+ [JSON_VARIANT_NUMBER] = "number",
+ [JSON_VARIANT_BOOLEAN] = "boolean",
+ [JSON_VARIANT_ARRAY] = "array",
+ [JSON_VARIANT_OBJECT] = "object",
+ [JSON_VARIANT_NULL] = "null",
};
DEFINE_STRING_TABLE_LOOKUP(json_variant_type, JsonVariantType);

60
SOURCES/0105-fuzz-json-optionally-allow-logging-and-output.patch
Unescape View File

@ -0,0 +1,60 @@ @@ -0,0 +1,60 @@
From 3087505025b78b80951ab3a5f496eb255f1a9a21 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 10:41:36 +0200
Subject: [PATCH] fuzz-json: optionally allow logging and output
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Similarly to other fuzzers… this makes development easier.

(cherry picked from commit 9ad955ce40e244a52984c68ae2a6b151d918b4a8)
Related: #2087652
---
src/fuzz/fuzz-json.c | 19 ++++++++++++++-----
1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/src/fuzz/fuzz-json.c b/src/fuzz/fuzz-json.c
index ad7460c6fd..648a6d441d 100644
--- a/src/fuzz/fuzz-json.c
+++ b/src/fuzz/fuzz-json.c
@@ -1,6 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "alloc-util.h"
+#include "env-util.h"
#include "fd-util.h"
#include "fuzz.h"
#include "json.h"
@@ -10,18 +11,26 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
size_t out_size;
_cleanup_fclose_ FILE *f = NULL, *g = NULL;
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
+ int r;
+
+ /* Disable most logging if not running standalone */
+ if (!getenv("SYSTEMD_LOG_LEVEL"))
+ log_set_max_level(LOG_CRIT);
f = data_to_file(data, size);
assert_se(f);
- if (json_parse_file(f, NULL, 0, &v, NULL, NULL) < 0)
+ r = json_parse_file(f, NULL, 0, &v, NULL, NULL);
+ if (r < 0) {
+ log_debug_errno(r, "failed to parse input: %m");
return 0;
+ }
- g = open_memstream_unlocked(&out, &out_size);
- assert_se(g);
+ if (getenv_bool("SYSTEMD_FUZZ_OUTPUT") <= 0)
+ assert_se(g = open_memstream_unlocked(&out, &out_size));
- json_variant_dump(v, 0, g, NULL);
- json_variant_dump(v, JSON_FORMAT_PRETTY|JSON_FORMAT_COLOR|JSON_FORMAT_SOURCE, g, NULL);
+ json_variant_dump(v, 0, g ?: stdout, NULL);
+ json_variant_dump(v, JSON_FORMAT_PRETTY|JSON_FORMAT_COLOR|JSON_FORMAT_SOURCE, g ?: stdout, NULL);
return 0;
}

435
SOURCES/0106-shared-json-reduce-scope-of-variables.patch
Unescape View File

@ -0,0 +1,435 @@ @@ -0,0 +1,435 @@
From 272d6e85877bb436709ed54c02d3b68101e0438d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 11:01:32 +0200
Subject: [PATCH] shared/json: reduce scope of variables

(cherry picked from commit a4669764f7329d1e8a3d364db519500355cea5f0)
Related: #2087652
---
src/shared/json.c | 133 +++++++++++++++++++---------------------------
1 file changed, 54 insertions(+), 79 deletions(-)

diff --git a/src/shared/json.c b/src/shared/json.c
index 6375b87a0b..d35874f8e3 100644
--- a/src/shared/json.c
+++ b/src/shared/json.c
@@ -574,9 +574,6 @@ int json_variant_new_array(JsonVariant **ret, JsonVariant **array, size_t n) {
}
int json_variant_new_array_bytes(JsonVariant **ret, const void *p, size_t n) {
- JsonVariant *v;
- size_t i;
-
assert_return(ret, -EINVAL);
if (n == 0) {
*ret = JSON_VARIANT_MAGIC_EMPTY_ARRAY;
@@ -584,7 +581,7 @@ int json_variant_new_array_bytes(JsonVariant **ret, const void *p, size_t n) {
}
assert_return(p, -EINVAL);
- v = new(JsonVariant, n + 1);
+ JsonVariant *v = new(JsonVariant, n + 1);
if (!v)
return -ENOMEM;
@@ -595,7 +592,7 @@ int json_variant_new_array_bytes(JsonVariant **ret, const void *p, size_t n) {
.depth = 1,
};
- for (i = 0; i < n; i++) {
+ for (size_t i = 0; i < n; i++) {
JsonVariant *w = v + 1 + i;
*w = (JsonVariant) {
@@ -790,12 +787,9 @@ static void json_variant_free_inner(JsonVariant *v, bool force_sensitive) {
return;
}
- if (IN_SET(v->type, JSON_VARIANT_ARRAY, JSON_VARIANT_OBJECT)) {
- size_t i;
-
- for (i = 0; i < v->n_elements; i++)
+ if (IN_SET(v->type, JSON_VARIANT_ARRAY, JSON_VARIANT_OBJECT))
+ for (size_t i = 0; i < v->n_elements; i++)
json_variant_free_inner(v + 1 + i, sensitive);
- }
if (sensitive)
explicit_bzero_safe(v, json_variant_size(v));
@@ -839,11 +833,9 @@ JsonVariant *json_variant_unref(JsonVariant *v) {
}
void json_variant_unref_many(JsonVariant **array, size_t n) {
- size_t i;
-
assert(array || n == 0);
- for (i = 0; i < n; i++)
+ for (size_t i = 0; i < n; i++)
json_variant_unref(array[i]);
}
@@ -1218,8 +1210,6 @@ mismatch:
}
JsonVariant *json_variant_by_key_full(JsonVariant *v, const char *key, JsonVariant **ret_key) {
- size_t i;
-
if (!v)
goto not_found;
if (!key)
@@ -1241,6 +1231,7 @@ JsonVariant *json_variant_by_key_full(JsonVariant *v, const char *key, JsonVaria
while (b > a) {
JsonVariant *p;
const char *f;
+ size_t i;
int c;
i = (a + b) / 2;
@@ -1264,7 +1255,7 @@ JsonVariant *json_variant_by_key_full(JsonVariant *v, const char *key, JsonVaria
}
/* The variant is not sorted, hence search for the field linearly */
- for (i = 0; i < v->n_elements; i += 2) {
+ for (size_t i = 0; i < v->n_elements; i += 2) {
JsonVariant *p;
p = json_variant_dereference(v + 1 + i);
@@ -1335,34 +1326,28 @@ bool json_variant_equal(JsonVariant *a, JsonVariant *b) {
return true;
case JSON_VARIANT_ARRAY: {
- size_t i, n;
-
- n = json_variant_elements(a);
+ size_t n = json_variant_elements(a);
if (n != json_variant_elements(b))
return false;
- for (i = 0; i < n; i++) {
+ for (size_t i = 0; i < n; i++)
if (!json_variant_equal(json_variant_by_index(a, i), json_variant_by_index(b, i)))
return false;
- }
return true;
}
case JSON_VARIANT_OBJECT: {
- size_t i, n;
-
- n = json_variant_elements(a);
+ size_t n = json_variant_elements(a);
if (n != json_variant_elements(b))
return false;
/* Iterate through all keys in 'a' */
- for (i = 0; i < n; i += 2) {
+ for (size_t i = 0; i < n; i += 2) {
bool found = false;
- size_t j;
/* Match them against all keys in 'b' */
- for (j = 0; j < n; j += 2) {
+ for (size_t j = 0; j < n; j += 2) {
JsonVariant *key_b;
key_b = json_variant_by_index(b, j);
@@ -1470,16 +1455,14 @@ static int print_source(FILE *f, JsonVariant *v, JsonFormatFlags flags, bool whi
DECIMAL_STR_MAX(unsigned) -1;
if (whitespace) {
- size_t i, n;
-
- n = 1 + (v->source ? strlen(v->source->name) : 0) +
- ((v->source && (v->line > 0 || v->column > 0)) ? 1 : 0) +
- (v->line > 0 ? w : 0) +
- (((v->source || v->line > 0) && v->column > 0) ? 1 : 0) +
- (v->column > 0 ? k : 0) +
- 2;
-
- for (i = 0; i < n; i++)
+ size_t n = 1 + (v->source ? strlen(v->source->name) : 0) +
+ ((v->source && (v->line > 0 || v->column > 0)) ? 1 : 0) +
+ (v->line > 0 ? w : 0) +
+ (((v->source || v->line > 0) && v->column > 0) ? 1 : 0) +
+ (v->column > 0 ? k : 0) +
+ 2;
+
+ for (size_t i = 0; i < n; i++)
fputc(' ', f);
} else {
fputc('[', f);
@@ -1631,10 +1614,7 @@ static int json_format(FILE *f, JsonVariant *v, JsonFormatFlags flags, const cha
break;
case JSON_VARIANT_ARRAY: {
- size_t i, n;
-
- n = json_variant_elements(v);
-
+ size_t n = json_variant_elements(v);
if (n == 0)
fputs("[]", f);
else {
@@ -1653,7 +1633,7 @@ static int json_format(FILE *f, JsonVariant *v, JsonFormatFlags flags, const cha
fputc('[', f);
}
- for (i = 0; i < n; i++) {
+ for (size_t i = 0; i < n; i++) {
JsonVariant *e;
assert_se(e = json_variant_by_index(v, i));
@@ -1687,10 +1667,7 @@ static int json_format(FILE *f, JsonVariant *v, JsonFormatFlags flags, const cha
}
case JSON_VARIANT_OBJECT: {
- size_t i, n;
-
- n = json_variant_elements(v);
-
+ size_t n = json_variant_elements(v);
if (n == 0)
fputs("{}", f);
else {
@@ -1709,7 +1686,7 @@ static int json_format(FILE *f, JsonVariant *v, JsonFormatFlags flags, const cha
fputc('{', f);
}
- for (i = 0; i < n; i += 2) {
+ for (size_t i = 0; i < n; i += 2) {
JsonVariant *e;
e = json_variant_by_index(v, i);
@@ -1826,7 +1803,7 @@ void json_variant_dump(JsonVariant *v, JsonFormatFlags flags, FILE *f, const cha
int json_variant_filter(JsonVariant **v, char **to_remove) {
_cleanup_(json_variant_unrefp) JsonVariant *w = NULL;
_cleanup_free_ JsonVariant **array = NULL;
- size_t i, n = 0, k = 0;
+ size_t n = 0, k = 0;
int r;
assert(v);
@@ -1839,7 +1816,7 @@ int json_variant_filter(JsonVariant **v, char **to_remove) {
if (strv_isempty(to_remove))
return 0;
- for (i = 0; i < json_variant_elements(*v); i += 2) {
+ for (size_t i = 0; i < json_variant_elements(*v); i += 2) {
JsonVariant *p;
p = json_variant_by_index(*v, i);
@@ -1881,7 +1858,7 @@ int json_variant_filter(JsonVariant **v, char **to_remove) {
int json_variant_set_field(JsonVariant **v, const char *field, JsonVariant *value) {
_cleanup_(json_variant_unrefp) JsonVariant *field_variant = NULL, *w = NULL;
_cleanup_free_ JsonVariant **array = NULL;
- size_t i, k = 0;
+ size_t k = 0;
int r;
assert(v);
@@ -1896,7 +1873,7 @@ int json_variant_set_field(JsonVariant **v, const char *field, JsonVariant *valu
if (!json_variant_is_object(*v))
return -EINVAL;
- for (i = 0; i < json_variant_elements(*v); i += 2) {
+ for (size_t i = 0; i < json_variant_elements(*v); i += 2) {
JsonVariant *p;
p = json_variant_by_index(*v, i);
@@ -2007,7 +1984,7 @@ int json_variant_set_field_strv(JsonVariant **v, const char *field, char **l) {
int json_variant_merge(JsonVariant **v, JsonVariant *m) {
_cleanup_(json_variant_unrefp) JsonVariant *w = NULL;
_cleanup_free_ JsonVariant **array = NULL;
- size_t v_elements, m_elements, i, k;
+ size_t v_elements, m_elements, k;
bool v_blank, m_blank;
int r;
@@ -2040,7 +2017,7 @@ int json_variant_merge(JsonVariant **v, JsonVariant *m) {
return -ENOMEM;
k = 0;
- for (i = 0; i < v_elements; i += 2) {
+ for (size_t i = 0; i < v_elements; i += 2) {
JsonVariant *u;
u = json_variant_by_index(*v, i);
@@ -2054,7 +2031,7 @@ int json_variant_merge(JsonVariant **v, JsonVariant *m) {
array[k++] = json_variant_by_index(*v, i + 1);
}
- for (i = 0; i < m_elements; i++)
+ for (size_t i = 0; i < m_elements; i++)
array[k++] = json_variant_by_index(m, i);
r = json_variant_new_object(&w, array, k);
@@ -2089,19 +2066,17 @@ int json_variant_append_array(JsonVariant **v, JsonVariant *element) {
if (blank)
r = json_variant_new_array(&nv, (JsonVariant*[]) { element }, 1);
else {
- _cleanup_free_ JsonVariant **array = NULL;
- size_t i;
-
- array = new(JsonVariant*, json_variant_elements(*v) + 1);
+ _cleanup_free_ JsonVariant **array = new(JsonVariant*, json_variant_elements(*v) + 1);
if (!array)
return -ENOMEM;
- for (i = 0; i < json_variant_elements(*v); i++)
+ size_t size = json_variant_elements(*v);
+ for (size_t i = 0; i < size; i++)
array[i] = json_variant_by_index(*v, i);
- array[i] = element;
+ array[size] = element;
- r = json_variant_new_array(&nv, array, i + 1);
+ r = json_variant_new_array(&nv, array, size + 1);
}
if (r < 0)
return r;
@@ -2116,7 +2091,6 @@ int json_variant_append_array(JsonVariant **v, JsonVariant *element) {
int json_variant_strv(JsonVariant *v, char ***ret) {
char **l = NULL;
- size_t n, i;
bool sensitive;
int r;
@@ -2136,12 +2110,12 @@ int json_variant_strv(JsonVariant *v, char ***ret) {
sensitive = v->sensitive;
- n = json_variant_elements(v);
+ size_t n = json_variant_elements(v);
l = new(char*, n+1);
if (!l)
return -ENOMEM;
- for (i = 0; i < n; i++) {
+ for (size_t i = 0; i < n; i++) {
JsonVariant *e;
assert_se(e = json_variant_by_index(v, i));
@@ -2160,7 +2134,7 @@ int json_variant_strv(JsonVariant *v, char ***ret) {
}
}
- l[i] = NULL;
+ l[n] = NULL;
*ret = TAKE_PTR(l);
return 0;
@@ -2847,7 +2821,7 @@ static int json_parse_internal(
unsigned *column,
bool continue_end) {
- size_t n_stack = 1, i;
+ size_t n_stack = 1;
unsigned line_buffer = 0, column_buffer = 0;
void *tokenizer_state = NULL;
JsonStack *stack = NULL;
@@ -3186,7 +3160,7 @@ done:
r = 0;
finish:
- for (i = 0; i < n_stack; i++)
+ for (size_t i = 0; i < n_stack; i++)
json_stack_release(stack + i);
free(stack);
@@ -3229,7 +3203,7 @@ int json_parse_file_at(FILE *f, int dir_fd, const char *path, JsonParseFlags fla
int json_buildv(JsonVariant **ret, va_list ap) {
JsonStack *stack = NULL;
- size_t n_stack = 1, i;
+ size_t n_stack = 1;
int r;
assert_return(ret, -EINVAL);
@@ -4147,7 +4121,7 @@ done:
r = 0;
finish:
- for (i = 0; i < n_stack; i++)
+ for (size_t i = 0; i < n_stack; i++)
json_stack_release(stack + i);
free(stack);
@@ -4231,8 +4205,7 @@ int json_log_internal(
}
int json_dispatch(JsonVariant *v, const JsonDispatch table[], JsonDispatchCallback bad, JsonDispatchFlags flags, void *userdata) {
- const JsonDispatch *p;
- size_t i, n, m;
+ size_t m;
int r, done = 0;
bool *found;
@@ -4245,14 +4218,16 @@ int json_dispatch(JsonVariant *v, const JsonDispatch table[], JsonDispatchCallba
return -EINVAL;
}
- for (p = table, m = 0; p->name; p++)
+ m = 0;
+ for (const JsonDispatch *p = table; p->name; p++)
m++;
found = newa0(bool, m);
- n = json_variant_elements(v);
- for (i = 0; i < n; i += 2) {
+ size_t n = json_variant_elements(v);
+ for (size_t i = 0; i < n; i += 2) {
JsonVariant *key, *value;
+ const JsonDispatch *p;
assert_se(key = json_variant_by_index(v, i));
assert_se(value = json_variant_by_index(v, i+1));
@@ -4326,7 +4301,7 @@ int json_dispatch(JsonVariant *v, const JsonDispatch table[], JsonDispatchCallba
}
}
- for (p = table; p->name; p++) {
+ for (const JsonDispatch *p = table; p->name; p++) {
JsonDispatchFlags merged_flags = p->flags | flags;
if ((merged_flags & JSON_MANDATORY) && !found[p-table]) {
@@ -4621,7 +4596,7 @@ static int json_cmp_strings(const void *x, const void *y) {
int json_variant_sort(JsonVariant **v) {
_cleanup_free_ JsonVariant **a = NULL;
JsonVariant *n = NULL;
- size_t i, m;
+ size_t m;
int r;
assert(v);
@@ -4639,7 +4614,7 @@ int json_variant_sort(JsonVariant **v) {
if (!a)
return -ENOMEM;
- for (i = 0; i < m; i++)
+ for (size_t i = 0; i < m; i++)
a[i] = json_variant_by_index(*v, i);
qsort(a, m/2, sizeof(JsonVariant*)*2, json_cmp_strings);
@@ -4662,7 +4637,7 @@ int json_variant_sort(JsonVariant **v) {
int json_variant_normalize(JsonVariant **v) {
_cleanup_free_ JsonVariant **a = NULL;
JsonVariant *n = NULL;
- size_t i, j, m;
+ size_t i, m;
int r;
assert(v);
@@ -4714,7 +4689,7 @@ int json_variant_normalize(JsonVariant **v) {
r = 1;
finish:
- for (j = 0; j < i; j++)
+ for (size_t j = 0; j < i; j++)
json_variant_unref(a[j]);
return r;

97
SOURCES/0107-fuzz-json-also-do-sorting-and-normalizing-and-other-.patch
Unescape View File

@ -0,0 +1,97 @@ @@ -0,0 +1,97 @@
From 495eb07a2d8aa7f19b775b4508466fecb1b3ce50 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 11:07:06 +0200
Subject: [PATCH] fuzz-json: also do sorting and normalizing and other easy
calls

(cherry picked from commit a2c5735dd80e19d2d525f9be322395530096cbe2)
Related: #2087652
---
src/fuzz/fuzz-json.c | 75 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 75 insertions(+)

diff --git a/src/fuzz/fuzz-json.c b/src/fuzz/fuzz-json.c
index 648a6d441d..995a0265ba 100644
--- a/src/fuzz/fuzz-json.c
+++ b/src/fuzz/fuzz-json.c
@@ -32,5 +32,80 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
json_variant_dump(v, 0, g ?: stdout, NULL);
json_variant_dump(v, JSON_FORMAT_PRETTY|JSON_FORMAT_COLOR|JSON_FORMAT_SOURCE, g ?: stdout, NULL);
+ bool sorted = json_variant_is_sorted(v);
+ log_debug("json_variant_is_sorted: %s", yes_no(sorted));
+
+ r = json_variant_sort(&v);
+ log_debug_errno(r, "json_variant_sort: %d/%m", r);
+
+ sorted = json_variant_is_sorted(v);
+ log_debug("json_variant_is_sorted: %s", yes_no(sorted));
+ assert_se(r < 0 || sorted);
+
+ bool normalized = json_variant_is_normalized(v);
+ log_debug("json_variant_is_normalized: %s", yes_no(normalized));
+
+ r = json_variant_normalize(&v);
+ log_debug_errno(r, "json_variant_normalize: %d/%m", r);
+
+ normalized = json_variant_is_normalized(v);
+ log_debug("json_variant_is_normalized: %s", yes_no(normalized));
+ assert_se(r < 0 || normalized);
+
+ double real = json_variant_real(v);
+ log_debug("json_variant_real: %lf", real);
+
+ bool negative = json_variant_is_negative(v);
+ log_debug("json_variant_is_negative: %s", yes_no(negative));
+
+ bool blank = json_variant_is_blank_object(v);
+ log_debug("json_variant_is_blank_object: %s", yes_no(blank));
+
+ blank = json_variant_is_blank_array(v);
+ log_debug("json_variant_is_blank_array: %s", yes_no(blank));
+
+ size_t elements = json_variant_elements(v);
+ log_debug("json_variant_elements: %zu", elements);
+
+ for (size_t i = 0; i <= elements + 2; i++)
+ (void) json_variant_by_index(v, i);
+
+ assert_se(json_variant_equal(v, v));
+ assert_se(!json_variant_equal(v, NULL));
+ assert_se(!json_variant_equal(NULL, v));
+
+ bool sensitive = json_variant_is_sensitive(v);
+ log_debug("json_variant_is_sensitive: %s", yes_no(sensitive));
+
+ json_variant_sensitive(v);
+
+ sensitive = json_variant_is_sensitive(v);
+ log_debug("json_variant_is_sensitive: %s", yes_no(sensitive));
+
+ const char *source;
+ unsigned line, column;
+ assert_se(json_variant_get_source(v, &source, &line, &column) == 0);
+ log_debug("json_variant_get_source: %s:%u:%u", source ?: "-", line, column);
+
+ r = json_variant_set_field_string(&v, "a", "string-a");
+ log_debug_errno(r, "json_set_field_string: %d/%m", r);
+
+ r = json_variant_set_field_integer(&v, "b", -12345);
+ log_debug_errno(r, "json_set_field_integer: %d/%m", r);
+
+ r = json_variant_set_field_unsigned(&v, "c", 12345);
+ log_debug_errno(r, "json_set_field_unsigned: %d/%m", r);
+
+ r = json_variant_set_field_boolean(&v, "d", false);
+ log_debug_errno(r, "json_set_field_boolean: %d/%m", r);
+
+ r = json_variant_set_field_strv(&v, "e", STRV_MAKE("e-1", "e-2", "e-3"));
+ log_debug_errno(r, "json_set_field_strv: %d/%m", r);
+
+ r = json_variant_filter(&v, STRV_MAKE("a", "b", "c", "d", "e"));
+ log_debug_errno(r, "json_variant_filter: %d/%m", r);
+
+ // TODO: json_variant_merge(&v, …);
+ // TODO: json_variant_append_array(&v, …);
return 0;
}

Some files were not shown because too many files have changed in this diff Show More

Write Preview
Loading…
Cancel
Save