packages/systemd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!326 sync systemd-stable-249 patches from systemd community

Browse Source 
From: @wangyuhang27 
Reviewed-by: @licunlong 
Signed-off-by: @licunlong
This commit is contained in:
openeuler-ci-bot 2022-10-11 02:38:25 +00:00 committed by Gitee
commit fc0b45bb7e
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
365 changed files with 26460 additions and 333 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
backport-Add-meson-option-to-disable-urlify.patch
View File

@ -5,6 +5,9 @@ Subject: [PATCH] Add meson option to disable urlify.
Useful for systems that don't use a version of less with hyperlink
support.
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/e5d86ebed5624ef62342c820a5868b1075deb300
---
meson.build | 1 +
meson_options.txt | 2 ++

46
backport-Bump-the-max-number-of-inodes-for-dev-to-128k.patch Normal file
View File

@ -0,0 +1,46 @@
From b1bb976219e4c63d4b8099a2820fedbedf0aa8a5 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Fri, 3 Dec 2021 11:23:36 +0100
Subject: [PATCH] Bump the max number of inodes for /dev to 128k
Follow-up for 7d85383edbab73274dc81cc888d884bb01070bc2.
Apparently the previous limit set on the max number of inodes for /dev was too
small as a system with 4096 LUNs attached can consume up to 95k inodes for
symlinks:
# /bin/df -i
Filesystem Inodes IUsed IFree IUse% Mounted on
devtmpfs 49274377 95075 49179302 1% /dev
Hence this patch bumps the limit from 64k to 128k although the new limit is
still pretty arbitrary (that said, not sure if it really makes sense to put
such absolute limit number).
(cherry picked from commit 4c733d3046942984c5f73b40c3af39cc218c103f)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/b1bb976219e4c63d4b8099a2820fedbedf0aa8a5
---
src/shared/mount-util.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/shared/mount-util.h b/src/shared/mount-util.h
index 36501c2c4a..c5bd881070 100644
--- a/src/shared/mount-util.h
+++ b/src/shared/mount-util.h
@@ -11,9 +11,9 @@
#include "errno-util.h"
#include "macro.h"
-/* 4MB for contents of regular files, 64k inodes for directories, symbolic links and device specials, using
+/* 4MB for contents of regular files, 128k inodes for directories, symbolic links and device specials, using
* large storage array systems as a baseline */
-#define TMPFS_LIMITS_DEV ",size=4m,nr_inodes=64k"
+#define TMPFS_LIMITS_DEV ",size=4m,nr_inodes=128k"
/* Very little, if any use expected */
#define TMPFS_LIMITS_EMPTY_OR_ALMOST ",size=4m,nr_inodes=1k"
--
2.33.0

4
backport-Bump-the-max-number-of-inodes-for-dev-to-a-million.patch
View File

@ -17,10 +17,10 @@ index 3622170297..ce73aebd4b 100644
#include "errno-util.h"
#include "macro.h"
-/* 4MB for contents of regular files, 64k inodes for directories, symbolic links and device specials, using
-/* 4MB for contents of regular files, 128k inodes for directories, symbolic links and device specials, using
+/* 4MB for contents of regular files, 1m inodes for directories, symbolic links and device nodes, using
* large storage array systems as a baseline */
-#define TMPFS_LIMITS_DEV ",size=4m,nr_inodes=64k"
-#define TMPFS_LIMITS_DEV ",size=4m,nr_inodes=128k"
+#define TMPFS_LIMITS_DEV ",size=4m,nr_inodes=1m"
/* Very little, if any use expected */

7
backport-Bump-the-max-number-of-inodes-for-tmp-to-a-million-t.patch
View File

@ -1,7 +1,7 @@
From cac372a80177fb622806270eb0d810e4c6ad0c84 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 9 Dec 2021 10:20:46 +0100
Subject: [PATCH 2/2] Bump the max number of inodes for /tmp to a million too
Subject: [PATCH] Bump the max number of inodes for /tmp to a million too
Fixes #21626. (The bug report talks about /run, but the issue is actually with
/tmp.) People use /tmp for various things that fit in memory, e.g. unpacking
@ -14,15 +14,12 @@ diff --git a/units/tmp.mount b/units/tmp.mount
index 516bd1621c..4e1bb8de24 100644
--- a/units/tmp.mount
+++ b/units/tmp.mount
@@ -22,7 +22,7 @@ After=swap.target
@@ -22,4 +22,4 @@ After=swap.target
What=tmpfs
Where=/tmp
Type=tmpfs
-Options=mode=1777,strictatime,nosuid,nodev,size=50%,nr_inodes=400k
+Options=mode=1777,strictatime,nosuid,nodev,size=50%,nr_inodes=1m
# Make 'systemctl enable tmp.mount' work:
[Install]
--
2.27.0

7
backport-CVE-2021-3997-rm-rf-optionally-fsync-after-removing-directory-tree.patch
View File

@ -1,9 +1,12 @@
From 2426beacca09d84091759be45b25c88116302184 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 5 Oct 2021 10:32:56 +0200
Subject: [PATCH 2/6] rm-rf: optionally fsync() after removing directory tree
Subject: [PATCH] rm-rf: optionally fsync() after removing directory tree
(cherry picked from commit bdfe7ada0d4d66e6d6e65f2822acbb1ec230f9c2)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/2426beacca09d84091759be45b25c88116302184
---
src/shared/rm-rf.c | 3 +++
src/shared/rm-rf.h | 1 +
@ -36,5 +39,5 @@ index 577a2795e0..24fd9a2aa2 100644
int unlinkat_harder(int dfd, const char *filename, int unlink_flags, RemoveFlags remove_flags);
--
2.27.0
2.33.0

9
backport-CVE-2021-3997-rm-rf-refactor-rm_rf_children-split-out-body-of-dire.patch
View File

@ -1,14 +1,17 @@
From ca4a0e7d41f0b2a1fe2f99dbc3763187c16cf7ab Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 26 Jan 2021 16:30:06 +0100
Subject: [PATCH 1/6] rm-rf: refactor rm_rf_children(), split out body of
directory iteration loop
Subject: [PATCH] rm-rf: refactor rm_rf_children(), split out body of directory
iteration loop
This splits out rm_rf_children_inner() as body of the loop. We can use
that to implement rm_rf_child() for deleting one specific entry in a
directory.
(cherry picked from commit 1f0fb7d544711248cba34615e43c5a76bc902d74)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/ca4a0e7d41f0b2a1fe2f99dbc3763187c16cf7ab
---
src/shared/rm-rf.c | 223 ++++++++++++++++++++++++++-------------------
src/shared/rm-rf.h | 3 +-
@ -317,5 +320,5 @@ index 40f0894c96..577a2795e0 100644
/* Useful for usage with _cleanup_(), destroys a directory and frees the pointer */
--
2.27.0
2.33.0

9
backport-CVE-2021-3997-shared-rm-rf-loop-over-nested-directories-instead-of.patch
View File

@ -1,8 +1,8 @@
From 6a28f8b55904c818b25e4db2e1511faac79fd471 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 30 Nov 2021 22:29:05 +0100
Subject: [PATCH 6/6] shared/rm-rf: loop over nested directories instead of
instead of recursing
Subject: [PATCH] shared/rm-rf: loop over nested directories instead of instead
of recursing
To remove directory structures, we need to remove the innermost items first,
and then recursively remove higher-level directories. We would recursively
@ -24,6 +24,9 @@ Mauro Matteo Cascella and Riccardo Schirone from Red Hat handled the disclosure.
(cherry picked from commit 5b1cf7a9be37e20133c0208005274ce4a5b5c6a1)
(cherry picked from commit 911516e1614e435755814ada5fc6064fa107a105)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/6a28f8b55904c818b25e4db2e1511faac79fd471
---
src/shared/rm-rf.c | 161 +++++++++++++++++++++++++++++++--------------
1 file changed, 113 insertions(+), 48 deletions(-)
@ -269,5 +272,5 @@ index 1bd2431d8a..954686ffc9 100644
+ return rm_rf_inner_child(fd, name, -1, flags, NULL, true);
}
--
2.27.0
2.33.0

7
backport-CVE-2021-3997-shared-rm_rf-refactor-rm_rf-to-shorten-code-a-bit.patch
View File

@ -1,10 +1,13 @@
From 811b137d6137cc3e8932599e6ef9254ba43ff5eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 23 Nov 2021 16:56:42 +0100
Subject: [PATCH 5/6] shared/rm_rf: refactor rm_rf() to shorten code a bit
Subject: [PATCH] shared/rm_rf: refactor rm_rf() to shorten code a bit
(cherry picked from commit 84ced330020c0bae57bd4628f1f44eec91304e69)
(cherry picked from commit 664529efa9431edc043126013ea54e6c399ae2d3)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/811b137d6137cc3e8932599e6ef9254ba43ff5eb
---
src/shared/rm-rf.c | 54 +++++++++++++++++++++-------------------------
1 file changed, 24 insertions(+), 30 deletions(-)
@ -96,5 +99,5 @@ index 7362954116..1bd2431d8a 100644
int rm_rf_child(int fd, const char *name, RemoveFlags flags) {
--
2.27.0
2.33.0

9
backport-CVE-2021-3997-shared-rm_rf-refactor-rm_rf_children_inner-to-shorte.patch
View File

@ -1,11 +1,14 @@
From 89395b63f04f1acc0db533c32637ea20379f97c0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 23 Nov 2021 15:55:45 +0100
Subject: [PATCH 4/6] shared/rm_rf: refactor rm_rf_children_inner() to shorten
code a bit
Subject: [PATCH] shared/rm_rf: refactor rm_rf_children_inner() to shorten code
a bit
(cherry picked from commit 3bac86abfa1b1720180840ffb9d06b3d54841c11)
(cherry picked from commit 47741ff9eae6311a03e4d3d837128191826a4a3a)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/89395b63f04f1acc0db533c32637ea20379f97c0
---
src/shared/rm-rf.c | 27 +++++++++------------------
1 file changed, 9 insertions(+), 18 deletions(-)
@ -64,5 +67,5 @@ index 19f37e0f19..7362954116 100644
int rm_rf_children(
--
2.27.0
2.33.0

7
backport-CVE-2021-3997-tmpfiles-st-may-have-been-used-uninitialized.patch
View File

@ -1,9 +1,12 @@
From 7563de501246dccf5a9ea229933481aa1e7bd5c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 23 Nov 2021 15:05:58 +0100
Subject: [PATCH 3/6] tmpfiles: 'st' may have been used uninitialized
Subject: [PATCH] tmpfiles: 'st' may have been used uninitialized
(cherry picked from commit 160dadc0350c77d612aa9d5569f57d9bc84c3dca)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/7563de501246dccf5a9ea229933481aa1e7bd5c9
---
src/shared/rm-rf.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
@ -24,5 +27,5 @@ index 5ef7c662dd..19f37e0f19 100644
r = fstatat_harder(fd, fname, &st, AT_SYMLINK_NOFOLLOW, flags);
if (r < 0)
--
2.27.0
2.33.0

131
backport-Change-gendered-terms-to-be-gender-neutral-21325.patch Normal file
View File

@ -0,0 +1,131 @@
From 3ba07929636e1a55c71767e40e23bf639b7a8db5 Mon Sep 17 00:00:00 2001
From: Emily Gonyer <emilyyrose@gmail.com>
Date: Fri, 12 Nov 2021 10:09:56 -0500
Subject: [PATCH] Change gendered terms to be gender-neutral (#21325)
Some typos are also fixed.
(cherry picked from commit be7148ebed5d73c4a76bc6089ebe2e82d8fa33e0)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/3ba07929636e1a55c71767e40e23bf639b7a8db5
---
docs/CODING_STYLE.md | 2 +-
docs/PREDICTABLE_INTERFACE_NAMES.md | 2 +-
man/sd_bus_add_object.xml | 2 +-
src/core/manager.h | 2 +-
src/hostname/hostnamectl.c | 2 +-
src/libsystemd/sd-bus/bus-socket.c | 4 ++--
src/libsystemd/sd-bus/sd-bus.c | 2 +-
src/udev/dmi_memory_id/dmi_memory_id.c | 2 +-
8 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/docs/CODING_STYLE.md b/docs/CODING_STYLE.md
index 54150e1ee7..05fbb2ac9e 100644
--- a/docs/CODING_STYLE.md
+++ b/docs/CODING_STYLE.md
@@ -287,7 +287,7 @@ layout: default
with a more brutal `assert()`. We are more forgiving to public users than for
ourselves! Note that `assert()` and `assert_return()` really only should be
used for detecting programming errors, not for runtime errors. `assert()` and
- `assert_return()` by usage of `_likely_()` inform the compiler that he should
+ `assert_return()` by usage of `_likely_()` inform the compiler that it should
not expect these checks to fail, and they inform fellow programmers about the
expected validity and range of parameters.
diff --git a/docs/PREDICTABLE_INTERFACE_NAMES.md b/docs/PREDICTABLE_INTERFACE_NAMES.md
index 07529e7a70..890bd3935c 100644
--- a/docs/PREDICTABLE_INTERFACE_NAMES.md
+++ b/docs/PREDICTABLE_INTERFACE_NAMES.md
@@ -53,7 +53,7 @@ With this new scheme you now get:
* The same on all distributions that adopted systemd/udev
* It's easy to opt out of the scheme (see below)
-Does this have any drawbacks? Yes, it does. Previously it was practically guaranteed that hosts equipped with a single ethernet card only had a single `eth0` interface. With this new scheme in place, an administrator now has to check first what the local interface name is before he can invoke commands on it where previously he had a good chance that `eth0` was the right name.
+Does this have any drawbacks? Yes, it does. Previously it was practically guaranteed that hosts equipped with a single ethernet card only had a single `eth0` interface. With this new scheme in place, an administrator now has to check first what the local interface name is before they can invoke commands on it, where previously they had a good chance that `eth0` was the right name.
## I don't like this, how do I disable this?
diff --git a/man/sd_bus_add_object.xml b/man/sd_bus_add_object.xml
index 31a3344bbd..54683e4f11 100644
--- a/man/sd_bus_add_object.xml
+++ b/man/sd_bus_add_object.xml
@@ -508,7 +508,7 @@
<varlistentry>
<term><constant>SD_BUS_VTABLE_METHOD_NO_REPLY</constant></term>
- <listitem><para>Mark his vtable entry as a method that will not return a reply using the
+ <listitem><para>Mark this vtable entry as a method that will not return a reply using the
<constant>org.freedesktop.DBus.Method.NoReply</constant> annotation in introspection data.
</para></listitem>
</varlistentry>
diff --git a/src/core/manager.h b/src/core/manager.h
index b3e7c68e6d..14a80b396e 100644
--- a/src/core/manager.h
+++ b/src/core/manager.h
@@ -195,7 +195,7 @@ struct Manager {
sd_event *event;
- /* This maps PIDs we care about to units that are interested in. We allow multiple units to he interested in
+ /* This maps PIDs we care about to units that are interested in. We allow multiple units to be interested in
* the same PID and multiple PIDs to be relevant to the same unit. Since in most cases only a single unit will
* be interested in the same PID we use a somewhat special encoding here: the first unit interested in a PID is
* stored directly in the hashmap, keyed by the PID unmodified. If there are other units interested too they'll
diff --git a/src/hostname/hostnamectl.c b/src/hostname/hostnamectl.c
index 283038c7cb..2eca5feaca 100644
--- a/src/hostname/hostnamectl.c
+++ b/src/hostname/hostnamectl.c
@@ -442,7 +442,7 @@ static int set_hostname(int argc, char **argv, void *userdata) {
* dot if there is one. If it was not valid, then it will be made fully valid by truncating, dropping
* multiple dots, and dropping weird chars. Note that we clean the name up only if we also are
* supposed to set the pretty name. If the pretty name is not being set we assume the user knows what
- * he does and pass the name as-is. */
+ * they are doing and pass the name as-is. */
h = strdup(hostname);
if (!h)
return log_oom();
diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c
index 378774fe8b..09eb49c37f 100644
--- a/src/libsystemd/sd-bus/bus-socket.c
+++ b/src/libsystemd/sd-bus/bus-socket.c
@@ -300,8 +300,8 @@ static int verify_external_token(sd_bus *b, const char *p, size_t l) {
uid_t u;
int r;
- /* We don't do any real authentication here. Instead, we if
- * the owner of this bus wanted authentication he should have
+ /* We don't do any real authentication here. Instead, if
+ * the owner of this bus wanted authentication they should have
* checked SO_PEERCRED before even creating the bus object. */
if (!b->anonymous_auth && !b->ucred_valid)
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index 79c24fe703..ab8d4e4a60 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -3274,7 +3274,7 @@ static int bus_poll(sd_bus *bus, bool need_more, uint64_t timeout_usec) {
return e;
if (need_more)
- /* The caller really needs some more data, he doesn't
+ /* The caller really needs some more data, they don't
* care about what's already read, or any timeouts
* except its own. */
e |= POLLIN;
diff --git a/src/udev/dmi_memory_id/dmi_memory_id.c b/src/udev/dmi_memory_id/dmi_memory_id.c
index 64eba0d314..00e46f8b9e 100644
--- a/src/udev/dmi_memory_id/dmi_memory_id.c
+++ b/src/udev/dmi_memory_id/dmi_memory_id.c
@@ -539,7 +539,7 @@ static void dmi_table_decode(const uint8_t *buf, size_t len, uint16_t num) {
/* If a short entry is found (less than 4 bytes), not only it
* is invalid, but we cannot reliably locate the next entry.
- * Better stop at this point, and let the user know his/her
+ * Better stop at this point, and let the user know their
* table is broken. */
if (h.length < 4)
break;
--
2.33.0

35
backport-Don-t-open-var-journals-in-volatile-mode-when-runtim.patch Normal file
View File

@ -0,0 +1,35 @@
From 00e7f0994a39852ab1adabfb7e19ff2634e916a0 Mon Sep 17 00:00:00 2001
From: Milo Turner <mturner@starry.com>
Date: Fri, 13 Aug 2021 10:28:58 -0400
Subject: [PATCH] Don't open /var journals in volatile mode when
runtime_journal==NULL
(cherry picked from commit d64441b669932ab97fbbfc71cb143045f690039e)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/00e7f0994a39852ab1adabfb7e19ff2634e916a0
---
src/journal/journald-server.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 30f04f5383..a0695ec519 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -415,6 +415,13 @@ static JournalFile* find_journal(Server *s, uid_t uid) {
if (s->runtime_journal)
return s->runtime_journal;
+ /* If we are not in persistent mode, then we need return NULL immediately rather than opening a
+ * persistent journal of any sort.
+ *
+ * Fixes https://github.com/systemd/systemd/issues/20390 */
+ if (!IN_SET(s->storage, STORAGE_AUTO, STORAGE_PERSISTENT))
+ return NULL;
+
if (uid_for_system_journal(uid))
return s->system_journal;
--
2.33.0

227
backport-Drop-bundled-copy-of-linux-if_arp.h.patch Normal file
View File

@ -0,0 +1,227 @@
From f27585b58a308454bf3409a77c8b1dd12fc64816 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 15 Sep 2021 16:33:05 +0200
Subject: [PATCH] Drop bundled copy of linux/if_arp.h
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
As far as I can see, we use this to get a list of ARPHRD_* defines (used in
particular for Type= in .link files). If we drop our copy, and build against
old kernel headers, the user will have a shorter list of types available. This
seems OK, and I don't think it's worth carrying our own version of this file
just to have newest possible entries.
7c5b9952c4f6e2b72f90edbe439982528b7cf223 recently updated this file, but we'd
have to update it every time the kernel adds new entries. But if we look at
the failure carefully:
src/basic/arphrd-from-name.gperf:65:16: error: ARPHRD_MCTP undeclared (first use in this function); did you mean ARPHRD_FCPP?
65 | MCTP, ARPHRD_MCTP
| ^~
| ARPHRD_FCPP
we see that the list we were generating was from the system headers, so it was
only as good as the system headers anyway, without the newer entries in our
bundled copy, if there were any. So let's make things simpler by always using
system headers.
And if somebody wants to fix things so that we always have the newest list,
then we should just generate and store the converted list, not the full header.
(cherry picked from commit e7f46ee3ae1cc66a94b293957721d68dc09d7449)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/f27585b58a308454bf3409a77c8b1dd12fc64816
---
src/basic/linux/if_arp.h | 165 ---------------------------------------
src/basic/meson.build | 1 -
2 files changed, 166 deletions(-)
delete mode 100644 src/basic/linux/if_arp.h
diff --git a/src/basic/linux/if_arp.h b/src/basic/linux/if_arp.h
deleted file mode 100644
index 4783af9fe5..0000000000
--- a/src/basic/linux/if_arp.h
+++ /dev/null
@@ -1,165 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note */
-/*
- * INET An implementation of the TCP/IP protocol suite for the LINUX
- * operating system. INET is implemented using the BSD Socket
- * interface as the means of communication with the user level.
- *
- * Global definitions for the ARP (RFC 826) protocol.
- *
- * Version: @(#)if_arp.h 1.0.1 04/16/93
- *
- * Authors: Original taken from Berkeley UNIX 4.3, (c) UCB 1986-1988
- * Portions taken from the KA9Q/NOS (v2.00m PA0GRI) source.
- * Ross Biro
- * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
- * Florian La Roche,
- * Jonathan Layes <layes@loran.com>
- * Arnaldo Carvalho de Melo <acme@conectiva.com.br> ARPHRD_HWX25
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version
- * 2 of the License, or (at your option) any later version.
- */
-#ifndef _UAPI_LINUX_IF_ARP_H
-#define _UAPI_LINUX_IF_ARP_H
-
-#include <linux/netdevice.h>
-
-/* ARP protocol HARDWARE identifiers. */
-#define ARPHRD_NETROM 0 /* from KA9Q: NET/ROM pseudo */
-#define ARPHRD_ETHER 1 /* Ethernet 10Mbps */
-#define ARPHRD_EETHER 2 /* Experimental Ethernet */
-#define ARPHRD_AX25 3 /* AX.25 Level 2 */
-#define ARPHRD_PRONET 4 /* PROnet token ring */
-#define ARPHRD_CHAOS 5 /* Chaosnet */
-#define ARPHRD_IEEE802 6 /* IEEE 802.2 Ethernet/TR/TB */
-#define ARPHRD_ARCNET 7 /* ARCnet */
-#define ARPHRD_APPLETLK 8 /* APPLEtalk */
-#define ARPHRD_DLCI 15 /* Frame Relay DLCI */
-#define ARPHRD_ATM 19 /* ATM */
-#define ARPHRD_METRICOM 23 /* Metricom STRIP (new IANA id) */
-#define ARPHRD_IEEE1394 24 /* IEEE 1394 IPv4 - RFC 2734 */
-#define ARPHRD_EUI64 27 /* EUI-64 */
-#define ARPHRD_INFINIBAND 32 /* InfiniBand */
-
-/* Dummy types for non ARP hardware */
-#define ARPHRD_SLIP 256
-#define ARPHRD_CSLIP 257
-#define ARPHRD_SLIP6 258
-#define ARPHRD_CSLIP6 259
-#define ARPHRD_RSRVD 260 /* Notional KISS type */
-#define ARPHRD_ADAPT 264
-#define ARPHRD_ROSE 270
-#define ARPHRD_X25 271 /* CCITT X.25 */
-#define ARPHRD_HWX25 272 /* Boards with X.25 in firmware */
-#define ARPHRD_CAN 280 /* Controller Area Network */
-#define ARPHRD_MCTP 290
-#define ARPHRD_PPP 512
-#define ARPHRD_CISCO 513 /* Cisco HDLC */
-#define ARPHRD_HDLC ARPHRD_CISCO
-#define ARPHRD_LAPB 516 /* LAPB */
-#define ARPHRD_DDCMP 517 /* Digital's DDCMP protocol */
-#define ARPHRD_RAWHDLC 518 /* Raw HDLC */
-#define ARPHRD_RAWIP 519 /* Raw IP */
-
-#define ARPHRD_TUNNEL 768 /* IPIP tunnel */
-#define ARPHRD_TUNNEL6 769 /* IP6IP6 tunnel */
-#define ARPHRD_FRAD 770 /* Frame Relay Access Device */
-#define ARPHRD_SKIP 771 /* SKIP vif */
-#define ARPHRD_LOOPBACK 772 /* Loopback device */
-#define ARPHRD_LOCALTLK 773 /* Localtalk device */
-#define ARPHRD_FDDI 774 /* Fiber Distributed Data Interface */
-#define ARPHRD_BIF 775 /* AP1000 BIF */
-#define ARPHRD_SIT 776 /* sit0 device - IPv6-in-IPv4 */
-#define ARPHRD_IPDDP 777 /* IP over DDP tunneller */
-#define ARPHRD_IPGRE 778 /* GRE over IP */
-#define ARPHRD_PIMREG 779 /* PIMSM register interface */
-#define ARPHRD_HIPPI 780 /* High Performance Parallel Interface */
-#define ARPHRD_ASH 781 /* Nexus 64Mbps Ash */
-#define ARPHRD_ECONET 782 /* Acorn Econet */
-#define ARPHRD_IRDA 783 /* Linux-IrDA */
-/* ARP works differently on different FC media .. so */
-#define ARPHRD_FCPP 784 /* Point to point fibrechannel */
-#define ARPHRD_FCAL 785 /* Fibrechannel arbitrated loop */
-#define ARPHRD_FCPL 786 /* Fibrechannel public loop */
-#define ARPHRD_FCFABRIC 787 /* Fibrechannel fabric */
- /* 787->799 reserved for fibrechannel media types */
-#define ARPHRD_IEEE802_TR 800 /* Magic type ident for TR */
-#define ARPHRD_IEEE80211 801 /* IEEE 802.11 */
-#define ARPHRD_IEEE80211_PRISM 802 /* IEEE 802.11 + Prism2 header */
-#define ARPHRD_IEEE80211_RADIOTAP 803 /* IEEE 802.11 + radiotap header */
-#define ARPHRD_IEEE802154 804
-#define ARPHRD_IEEE802154_MONITOR 805 /* IEEE 802.15.4 network monitor */
-
-#define ARPHRD_PHONET 820 /* PhoNet media type */
-#define ARPHRD_PHONET_PIPE 821 /* PhoNet pipe header */
-#define ARPHRD_CAIF 822 /* CAIF media type */
-#define ARPHRD_IP6GRE 823 /* GRE over IPv6 */
-#define ARPHRD_NETLINK 824 /* Netlink header */
-#define ARPHRD_6LOWPAN 825 /* IPv6 over LoWPAN */
-#define ARPHRD_VSOCKMON 826 /* Vsock monitor header */
-
-#define ARPHRD_VOID 0xFFFF /* Void type, nothing is known */
-#define ARPHRD_NONE 0xFFFE /* zero header length */
-
-/* ARP protocol opcodes. */
-#define ARPOP_REQUEST 1 /* ARP request */
-#define ARPOP_REPLY 2 /* ARP reply */
-#define ARPOP_RREQUEST 3 /* RARP request */
-#define ARPOP_RREPLY 4 /* RARP reply */
-#define ARPOP_InREQUEST 8 /* InARP request */
-#define ARPOP_InREPLY 9 /* InARP reply */
-#define ARPOP_NAK 10 /* (ATM)ARP NAK */
-
-
-/* ARP ioctl request. */
-struct arpreq {
- struct sockaddr arp_pa; /* protocol address */
- struct sockaddr arp_ha; /* hardware address */
- int arp_flags; /* flags */
- struct sockaddr arp_netmask; /* netmask (only for proxy arps) */
- char arp_dev[IFNAMSIZ];
-};
-
-struct arpreq_old {
- struct sockaddr arp_pa; /* protocol address */
- struct sockaddr arp_ha; /* hardware address */
- int arp_flags; /* flags */
- struct sockaddr arp_netmask; /* netmask (only for proxy arps) */
-};
-
-/* ARP Flag values. */
-#define ATF_COM 0x02 /* completed entry (ha valid) */
-#define ATF_PERM 0x04 /* permanent entry */
-#define ATF_PUBL 0x08 /* publish entry */
-#define ATF_USETRAILERS 0x10 /* has requested trailers */
-#define ATF_NETMASK 0x20 /* want to use a netmask (only
- for proxy entries) */
-#define ATF_DONTPUB 0x40 /* don't answer this addresses */
-
-/*
- * This structure defines an ethernet arp header.
- */
-
-struct arphdr {
- __be16 ar_hrd; /* format of hardware address */
- __be16 ar_pro; /* format of protocol address */
- unsigned char ar_hln; /* length of hardware address */
- unsigned char ar_pln; /* length of protocol address */
- __be16 ar_op; /* ARP opcode (command) */
-
-#if 0
- /*
- * Ethernet looks like this : This bit is variable sized however...
- */
- unsigned char ar_sha[ETH_ALEN]; /* sender hardware address */
- unsigned char ar_sip[4]; /* sender IP address */
- unsigned char ar_tha[ETH_ALEN]; /* target hardware address */
- unsigned char ar_tip[4]; /* target IP address */
-#endif
-
-};
-
-
-#endif /* _UAPI_LINUX_IF_ARP_H */
diff --git a/src/basic/meson.build b/src/basic/meson.build
index 9b016ce5e8..452b965db3 100644
--- a/src/basic/meson.build
+++ b/src/basic/meson.build
@@ -88,7 +88,6 @@ basic_sources = files('''
linux/hdlc/ioctl.h
linux/if.h
linux/if_addr.h
- linux/if_arp.h
linux/if_bonding.h
linux/if_bridge.h
linux/if_ether.h
--
2.33.0

29
backport-Fix-another-crash-due-to-missing-NHDR.patch Normal file
View File

@ -0,0 +1,29 @@
From 60630b5e812ce103e9625bcc87778165374a455e Mon Sep 17 00:00:00 2001
From: Kevin Orr <kevinorr54@gmail.com>
Date: Thu, 26 Aug 2021 17:04:53 -0400
Subject: [PATCH] Fix another crash due to missing NHDR
(cherry picked from commit a3a5446b7675696f43c2d8a2a0b898d72228a53d)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/60630b5e812ce103e9625bcc87778165374a455e
---
src/coredump/stacktrace.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/coredump/stacktrace.c b/src/coredump/stacktrace.c
index e46b324cdf..f855a370ff 100644
--- a/src/coredump/stacktrace.c
+++ b/src/coredump/stacktrace.c
@@ -299,6 +299,8 @@ static int module_callback(Dwfl_Module *mod, void **userdata, const char *name,
program_header->p_offset,
program_header->p_filesz,
ELF_T_NHDR);
+ if (!data)
+ continue;
Elf *memelf = elf_memory(data->d_buf, data->d_size);
if (!memelf)
--
2.33.0

33
backport-Fix-error-building-repart-with-no-libcryptsetup-2073.patch Normal file
View File

@ -0,0 +1,33 @@
From d3dfc9afa2297e2e15019adf974da8fb0ab7270c Mon Sep 17 00:00:00 2001
From: Marcus Harrison <marcus@harrisonland.co.uk>
Date: Wed, 15 Sep 2021 03:55:07 +0200
Subject: [PATCH] Fix error building repart with no libcryptsetup (#20739)
(cherry picked from commit 2709d02906dd3ab5ecc2b3e19e2846b1714a7e5a)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/d3dfc9afa2297e2e15019adf974da8fb0ab7270c
---
src/partition/repart.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/partition/repart.c b/src/partition/repart.c
index 589acaa49d..851c68cc4b 100644
--- a/src/partition/repart.c
+++ b/src/partition/repart.c
@@ -206,7 +206,12 @@ static const char *encrypt_mode_table[_ENCRYPT_MODE_MAX] = {
[ENCRYPT_KEY_FILE_TPM2] = "key-file+tpm2",
};
+#if HAVE_LIBCRYPTSETUP
DEFINE_PRIVATE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(encrypt_mode, EncryptMode, ENCRYPT_KEY_FILE);
+#else
+DEFINE_PRIVATE_STRING_TABLE_LOOKUP_FROM_STRING_WITH_BOOLEAN(encrypt_mode, EncryptMode, ENCRYPT_KEY_FILE);
+#endif
+
static uint64_t round_down_size(uint64_t v, uint64_t p) {
return (v / p) * p;
--
2.33.0

33
backport-Fix-the-Failed-to-open-random-seed-.-message.patch Normal file
View File

@ -0,0 +1,33 @@
From c1b4ee2e0fd28a0c802a3694107613e1689d1c96 Mon Sep 17 00:00:00 2001
From: longpanda <59477474+ventoy@users.noreply.github.com>
Date: Thu, 5 Aug 2021 09:31:44 +0800
Subject: [PATCH] Fix the "Failed to open random seed ..." message.
When boot ArchLinux from Ventoy, it always print `Failed to open random seed file: write protected.`
As Ventoy emulate the ISO file as a read-only CDROM, I didn't test with a real physical CDROM drive, but maybe it also has such problem.
As we use `EFI_FILE_MODE_WRITE` to open the `loader\random-seed` file, so I think it's better to check the result with both `EFI_WRITE_PROTECTED` and `EFI_NOT_FOUND`.
(cherry picked from commit 2846007ecfb1fc84005b942167d394294c707d7b)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/c1b4ee2e0fd28a0c802a3694107613e1689d1c96
---
src/boot/efi/random-seed.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/boot/efi/random-seed.c b/src/boot/efi/random-seed.c
index ff364695f3..3e179851b0 100644
--- a/src/boot/efi/random-seed.c
+++ b/src/boot/efi/random-seed.c
@@ -245,7 +245,7 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) {
err = uefi_call_wrapper(root_dir->Open, 5, root_dir, &handle, (CHAR16*) L"\\loader\\random-seed", EFI_FILE_MODE_READ|EFI_FILE_MODE_WRITE, 0ULL);
if (EFI_ERROR(err)) {
- if (err != EFI_NOT_FOUND)
+ if (err != EFI_NOT_FOUND && err != EFI_WRITE_PROTECTED)
Print(L"Failed to open random seed file: %r\n", err);
return err;
}
--
2.33.0

55
backport-Get-rid-of-dangling-setutxent.patch Normal file
View File

@ -0,0 +1,55 @@
From 540389a690b1d6cb00620d8ad6f54077a90e15f8 Mon Sep 17 00:00:00 2001
From: MertsA <mertsa@fb.com>
Date: Tue, 10 Aug 2021 20:54:50 -0700
Subject: [PATCH] Get rid of dangling setutxent()
utmp_wall() and utmp_put_dead_process() called setutxent() directly instead of the stub in utmp-wtmp.h and never called endutxent(). This would leave /run/utmp left open by PID 1 or journald. This can be reproduced by e.g. lsof /run/utmp and systemd-cat -p 0 echo test. For utmp_put_dead_process() it would only leave it open if it returned early before calling write_utmp_wtmp()
(cherry picked from commit bbd239f67a683fe63ee3698896fa503ff25031ed)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/540389a690b1d6cb00620d8ad6f54077a90e15f8
---
src/shared/utmp-wtmp.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/shared/utmp-wtmp.c b/src/shared/utmp-wtmp.c
index 3eeee24693..784aad2943 100644
--- a/src/shared/utmp-wtmp.c
+++ b/src/shared/utmp-wtmp.c
@@ -215,13 +215,14 @@ int utmp_put_init_process(const char *id, pid_t pid, pid_t sid, const char *line
}
int utmp_put_dead_process(const char *id, pid_t pid, int code, int status) {
+ _cleanup_(utxent_cleanup) bool utmpx = false;
struct utmpx lookup = {
.ut_type = INIT_PROCESS /* looks for DEAD_PROCESS, LOGIN_PROCESS, USER_PROCESS, too */
}, store, store_wtmp, *found;
assert(id);
- setutxent();
+ utmpx = utxent_start();
/* Copy the whole string if it fits, or just the suffix without the terminating NUL. */
copy_suffix(store.ut_id, sizeof(store.ut_id), id);
@@ -339,6 +340,7 @@ int utmp_wall(
bool (*match_tty)(const char *tty, void *userdata),
void *userdata) {
+ _cleanup_(utxent_cleanup) bool utmpx = false;
_cleanup_free_ char *text = NULL, *hn = NULL, *un = NULL, *stdin_tty = NULL;
char date[FORMAT_TIMESTAMP_MAX];
struct utmpx *u;
@@ -368,7 +370,7 @@ int utmp_wall(
message) < 0)
return -ENOMEM;
- setutxent();
+ utmpx = utxent_start();
r = 0;
--
2.33.0

61
backport-Respect-install_sysconfdir.patch Normal file
View File

@ -0,0 +1,61 @@
From 0062322638aa36df8190326a6afd38780fb7a271 Mon Sep 17 00:00:00 2001
From: Kai Wohlfahrt <kai.wohlfahrt@gmail.com>
Date: Tue, 14 Sep 2021 00:32:52 +0100
Subject: [PATCH] Respect install_sysconfdir
This was lost e11a25cadbe and c900d89faa0 while adding jinja2
templating. Breaks builds on NixOS.
(cherry picked from commit 679de141122ca30388bba6d132f8c0dddcdddd15)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/0062322638aa36df8190326a6afd38780fb7a271
---
src/core/meson.build | 2 +-
src/login/meson.build | 8 +++++---
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/core/meson.build b/src/core/meson.build
index c66538eab1..367c085027 100644
--- a/src/core/meson.build
+++ b/src/core/meson.build
@@ -193,7 +193,7 @@ foreach item : in_files
output: file,
command : [meson_render_jinja2, config_h, '@INPUT@'],
capture : true,
- install : (dir == pkgsysconfdir and install_sysconfdir_samples) or (dir != pkgsysconfdir and dir != 'no'),
+ install : (dir == pkgsysconfdir) ? install_sysconfdir_samples : (dir != 'no'),
install_dir : dir)
endforeach
diff --git a/src/login/meson.build b/src/login/meson.build
index b637adc9a2..da704d238f 100644
--- a/src/login/meson.build
+++ b/src/login/meson.build
@@ -71,18 +71,20 @@ in_files = [
['70-uaccess.rules', udevrulesdir, enable_logind and conf.get('HAVE_ACL') == 1],
['71-seat.rules', udevrulesdir, enable_logind],
['73-seat-late.rules', udevrulesdir, enable_logind],
- ['systemd-user', pamconfdir, enable_logind and pamconfdir != 'no']]
+ ['systemd-user', pamconfdir, enable_logind]]
foreach tuple : in_files
file = tuple[0]
+ dir = tuple[1]
+ install = (dir == pkgsysconfdir) ? install_sysconfdir_samples : (dir != 'no')
custom_target(
file,
input : file + '.in',
output: file,
command : [meson_render_jinja2, config_h, '@INPUT@'],
capture : true,
- install : tuple[2],
- install_dir : tuple[1])
+ install : tuple[2] and install,
+ install_dir : dir)
endforeach
if enable_logind
--
2.33.0

35
backport-Revert-sysctl.d-switch-net.ipv4.conf.all.rp_filter-f.patch Normal file
View File

@ -0,0 +1,35 @@
From 47b256d63ac092137fe44e27560a14ee4aa5b7c8 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Fri, 8 Feb 2019 10:54:34 +0100
Subject: Revert "sysctl.d: switch net.ipv4.conf.all.rp_filter
from 1 to 2"
Conflict:according def94437934 and 5d4fc0e665a, modify default.rp_filter
and *.rp_filter
Reference:https://github.com/systemd/systemd/commit/230450d4e4f1f5fc9fa4295ed9185eea5b6ea16e
This reverts commit 75c9af80cf3529c76988451e63f98010c86f48f1.
Resolves: #1653824
---
sysctl.d/50-default.conf | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sysctl.d/50-default.conf b/sysctl.d/50-default.conf
index 1b76b9d..2717a4d 100644
--- a/sysctl.d/50-default.conf
+++ b/sysctl.d/50-default.conf
@@ -26,8 +26,8 @@ kernel.core_uses_pid = 1
kernel.core_uses_pid = 1
# Source route verification
-net.ipv4.conf.default.rp_filter = 2
-net.ipv4.conf.*.rp_filter = 2
+net.ipv4.conf.default.rp_filter = 1
+net.ipv4.conf.*.rp_filter = 1
-net.ipv4.conf.all.rp_filter
# Do not accept source routing
--
2.23.0

35
backport-Use-correct-fcntl.h-include.patch Normal file
View File

@ -0,0 +1,35 @@
From 3450d8dc8ddb582816c6c481b6a9b7378706ab3b Mon Sep 17 00:00:00 2001
From: David Seifert <soap@gentoo.org>
Date: Mon, 2 Aug 2021 12:41:38 +0200
Subject: [PATCH] Use correct `<fcntl.h>` include
* `<sys/fcntl.h>` is not specified in POSIX
(cherry picked from commit f8d54f7810aeea5ff27a5db03e1aab7ea54c8268)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/3450d8dc8ddb582816c6c481b6a9b7378706ab3b
---
src/basic/fileio.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/basic/fileio.h b/src/basic/fileio.h
index c28b17fef5..9bd2037f5b 100644
--- a/src/basic/fileio.h
+++ b/src/basic/fileio.h
@@ -2,11 +2,11 @@
#pragma once
#include <dirent.h>
+#include <fcntl.h>
#include <stdbool.h>
#include <stddef.h>
#include <stdio.h>
#include <sys/stat.h>
-#include <sys/fcntl.h>
#include <sys/types.h>
#include "macro.h"
--
2.33.0

43
backport-Use-correct-poll.h-include.patch Normal file
View File

@ -0,0 +1,43 @@
From fba9fd963bb3b5fafdb123788b3fabe6ed0830c9 Mon Sep 17 00:00:00 2001
From: David Seifert <soap@gentoo.org>
Date: Mon, 2 Aug 2021 16:09:10 +0200
Subject: [PATCH] Use correct `<poll.h>` include
* `<sys/poll.h>` is not specified in POSIX
(cherry picked from commit 2b6c0bb2a341c95223ce672249e43c743b03d78c)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/fba9fd963bb3b5fafdb123788b3fabe6ed0830c9
---
src/shared/nscd-flush.c | 2 +-
src/shared/varlink.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/shared/nscd-flush.c b/src/shared/nscd-flush.c
index dfc47c4234..19e16d9345 100644
--- a/src/shared/nscd-flush.c
+++ b/src/shared/nscd-flush.c
@@ -1,5 +1,5 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
-#include <sys/poll.h>
+#include <poll.h>
#include "fd-util.h"
#include "io-util.h"
diff --git a/src/shared/varlink.c b/src/shared/varlink.c
index 6b0b343ae9..8da568e208 100644
--- a/src/shared/varlink.c
+++ b/src/shared/varlink.c
@@ -1,7 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include <malloc.h>
-#include <sys/poll.h>
+#include <poll.h>
#include "alloc-util.h"
#include "errno-util.h"
--
2.33.0

91
backport-analyze-fix-printing-config-when-there-is-no-main-co.patch Normal file
View File

@ -0,0 +1,91 @@
From 8621f957b6e3a7eed1c5965d332ad1c4c594f26e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sat, 20 Nov 2021 11:42:31 +0100
Subject: [PATCH] analyze: fix printing config when there is no main config
file
Since 8b8024f1c231c166f5c450905c8fd91d11704ae7 and the follow-up commits, the
main config file may be located in /usr or in other paths. But the code in
analyze.c was still assuming that it must be in /etc. Things mostly worked for
our own config files because we usually install a comments-only file in /etc,
but was not correct in the general case.
This fixes in particular 'systemd-analyze cat-config systemd/zram-generator.conf'.
In Fedora we distribute a config file in zram-generator-defaults.rpm that is in
/usr/lib, and 'cat-config' would refuse to show it because
/etc/systemd/zram-generator.conf does not exist.
The main config file is optional, but let's print an informative message
because this is a slightly unusual case.
The file paths that we printed were missing the root prefix.
(cherry picked from commit 0895e87348e5fc02f50498cad5922eb3eb172323)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/8621f957b6e3a7eed1c5965d332ad1c4c594f26e
---
src/shared/pretty-print.c | 43 ++++++++++++++++++++++++++-------------
1 file changed, 29 insertions(+), 14 deletions(-)
diff --git a/src/shared/pretty-print.c b/src/shared/pretty-print.c
index 137ba77b3a..97baeda401 100644
--- a/src/shared/pretty-print.c
+++ b/src/shared/pretty-print.c
@@ -300,24 +300,39 @@ int conf_files_cat(const char *root, const char *name) {
return log_error_errno(r, "Failed to build directory list: %m");
}
- r = conf_files_list_strv(&files, extension, root, 0, (const char* const*) dirs);
- if (r < 0)
- return log_error_errno(r, "Failed to query file list: %m");
+ if (DEBUG_LOGGING) {
+ log_debug("Looking for configuration in:");
+ if (!is_collection)
+ STRV_FOREACH(prefix, prefixes)
+ log_debug(" %s%s%s", strempty(root), *prefix, name);
+ STRV_FOREACH(t, dirs)
+ log_debug(" %s%s/*%s", strempty(root), *t, extension);
+ }
+
+ /* First locate the main config file, if any */
if (!is_collection) {
- path = path_join(root, "/etc", name);
+ STRV_FOREACH(prefix, prefixes) {
+ path = path_join(root, *prefix, name);
+ if (!path)
+ return log_oom();
+ if (access(path, F_OK) == 0)
+ break;
+ path = mfree(path);
+ }
+
if (!path)
- return log_oom();
+ printf("%s# Main configuration file %s not found%s\n",
+ ansi_highlight_magenta(),
+ name,
+ ansi_normal());
}
- if (DEBUG_LOGGING) {
- log_debug("Looking for configuration in:");
- if (path)
- log_debug(" %s", path);
- STRV_FOREACH(t, dirs)
- log_debug(" %s/*%s", *t, extension);
- }
+ /* Then locate the drop-ins, if any */
+ r = conf_files_list_strv(&files, extension, root, 0, (const char* const*) dirs);
+ if (r < 0)
+ return log_error_errno(r, "Failed to query file list: %m");
- /* show */
- return cat_files(path, files, CAT_FLAGS_MAIN_FILE_OPTIONAL);
+ /* Show */
+ return cat_files(path, files, 0);
}
--
2.33.0

43
backport-backlight-ignore-error-if-the-backlight-device-is-al.patch Normal file
View File

@ -0,0 +1,43 @@
From a69c240157e2ca066130c12bb061e0065f2c2425 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 5 Jan 2022 18:26:46 +0900
Subject: [PATCH] backlight: ignore error if the backlight device is already
removed
Fixes #21997.
(cherry picked from commit f0f65087834198d4dabf8b389ddc34223400aab7)
(cherry picked from commit b4c57e1b1c249f28f13a86637d8854c920bcf26d)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/a69c240157e2ca066130c12bb061e0065f2c2425
---
src/backlight/backlight.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/src/backlight/backlight.c b/src/backlight/backlight.c
index 7c0970a60c..5aeee0de47 100644
--- a/src/backlight/backlight.c
+++ b/src/backlight/backlight.c
@@ -395,8 +395,16 @@ static int run(int argc, char *argv[]) {
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Not a backlight or LED device: '%s:%s'", ss, sysname);
r = sd_device_new_from_subsystem_sysname(&device, ss, sysname);
- if (r < 0)
- return log_error_errno(r, "Failed to get backlight or LED device '%s:%s': %m", ss, sysname);
+ if (r < 0) {
+ bool ignore = r == -ENODEV;
+
+ /* Some drivers, e.g. for AMD GPU, removes acpi backlight device soon after it is added.
+ * See issue #21997. */
+ log_full_errno(ignore ? LOG_DEBUG : LOG_ERR, r,
+ "Failed to get backlight or LED device '%s:%s'%s: %m",
+ ss, sysname, ignore ? ", ignoring" : "");
+ return ignore ? 0 : r;
+ }
/* If max_brightness is 0, then there is no actual backlight device. This happens on desktops
* with Asus mainboards that load the eeepc-wmi module. */
--
2.33.0

53
backport-basic-env-util-correctly-parse-extended-vars-after-n.patch Normal file
View File

@ -0,0 +1,53 @@
From 74583cad5a3bf4051b879b8b1ac53934027ef485 Mon Sep 17 00:00:00 2001
From: Andrew Soutar <andrew@andrewsoutar.com>
Date: Tue, 5 Oct 2021 22:55:27 -0400
Subject: [PATCH] basic/env-util: correctly parse extended vars after
non-extended vars (#20941)
(cherry picked from commit 5ef97a712236f0ddddec52665c0aea7d4e6d3c13)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/74583cad5a3bf4051b879b8b1ac53934027ef485
---
src/basic/env-util.c | 1 +
src/test/test-env-util.c | 5 ++++-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/basic/env-util.c b/src/basic/env-util.c
index 81b1e3f10e..1ca445dab4 100644
--- a/src/basic/env-util.c
+++ b/src/basic/env-util.c
@@ -577,6 +577,7 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) {
word = e+1;
state = WORD;
+ nest--;
} else if (*e == ':') {
if (flags & REPLACE_ENV_ALLOW_EXTENDED) {
len = e - word - 2;
diff --git a/src/test/test-env-util.c b/src/test/test-env-util.c
index ed4580e4af..3d5951c46e 100644
--- a/src/test/test-env-util.c
+++ b/src/test/test-env-util.c
@@ -198,7 +198,7 @@ static void test_replace_env2(bool extended) {
"BAR=bar",
NULL
};
- _cleanup_free_ char *t = NULL, *s = NULL, *q = NULL, *r = NULL, *p = NULL, *x = NULL;
+ _cleanup_free_ char *t = NULL, *s = NULL, *q = NULL, *r = NULL, *p = NULL, *x = NULL, *y = NULL;
unsigned flags = REPLACE_ENV_ALLOW_EXTENDED*extended;
t = replace_env("FOO=${FOO:-${BAR}}", (char**) env, flags);
@@ -218,6 +218,9 @@ static void test_replace_env2(bool extended) {
x = replace_env("XXX=${XXX:+${BAR}post}", (char**) env, flags);
assert_se(streq(x, extended ? "XXX=" : "XXX=${XXX:+barpost}"));
+
+ y = replace_env("FOO=${FOO}between${BAR:-baz}", (char**) env, flags);
+ assert_se(streq(y, extended ? "FOO=foobetweenbar" : "FOO=foobetween${BAR:-baz}"));
}
static void test_replace_env_argv(void) {
--
2.33.0

105
backport-basic-escape-add-helper-for-quoting-command-lines.patch Normal file
View File

@ -0,0 +1,105 @@
From 17d1b0d2dd109c5e413d8ef1eb5835344f9314b9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 7 Jul 2021 16:27:51 +0200
Subject: [PATCH] basic/escape: add helper for quoting command lines
(cherry picked from commit eeb91d29b0279d6bf8a3f1c4da54c9e9c0881a19)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/17d1b0d2dd109c5e413d8ef1eb5835344f9314b9
---
src/basic/escape.c | 21 +++++++++++++++++++++
src/basic/escape.h | 1 +
src/test/test-escape.c | 24 ++++++++++++++++++++++++
3 files changed, 46 insertions(+)
diff --git a/src/basic/escape.c b/src/basic/escape.c
index 2a3a0e31a1..fcade5a1b4 100644
--- a/src/basic/escape.c
+++ b/src/basic/escape.c
@@ -8,6 +8,7 @@
#include "escape.h"
#include "hexdecoct.h"
#include "macro.h"
+#include "strv.h"
#include "utf8.h"
int cescape_char(char c, char *buf) {
@@ -542,3 +543,23 @@ char* shell_maybe_quote(const char *s, ShellEscapeFlags flags) {
return str_realloc(buf);
}
+
+char* quote_command_line(char **argv) {
+ _cleanup_free_ char *result = NULL;
+
+ assert(argv);
+
+ char **a;
+ STRV_FOREACH(a, argv) {
+ _cleanup_free_ char *t = NULL;
+
+ t = shell_maybe_quote(*a, SHELL_ESCAPE_EMPTY);
+ if (!t)
+ return NULL;
+
+ if (!strextend_with_separator(&result, " ", t))
+ return NULL;
+ }
+
+ return TAKE_PTR(result);
+}
diff --git a/src/basic/escape.h b/src/basic/escape.h
index 907b572bd4..e9d48d227a 100644
--- a/src/basic/escape.h
+++ b/src/basic/escape.h
@@ -68,3 +68,4 @@ char* escape_non_printable_full(const char *str, size_t console_width, XEscapeFl
char* shell_escape(const char *s, const char *bad);
char* shell_maybe_quote(const char *s, ShellEscapeFlags flags);
+char* quote_command_line(char **argv);
diff --git a/src/test/test-escape.c b/src/test/test-escape.c
index 991b135a33..8bda9cdc8d 100644
--- a/src/test/test-escape.c
+++ b/src/test/test-escape.c
@@ -192,6 +192,29 @@ static void test_shell_maybe_quote(void) {
test_shell_maybe_quote_one("głąb\002\003rząd", SHELL_ESCAPE_POSIX, "$'głąb\\002\\003rząd'");
}
+static void test_quote_command_line_one(char **argv, const char *expected) {
+ _cleanup_free_ char *s;
+
+ assert_se(s = quote_command_line(argv));
+ log_info("%s", s);
+ assert_se(streq(s, expected));
+}
+
+static void test_quote_command_line(void) {
+ log_info("/* %s */", __func__);
+
+ test_quote_command_line_one(STRV_MAKE("true", "true"),
+ "true true");
+ test_quote_command_line_one(STRV_MAKE("true", "with a space"),
+ "true \"with a space\"");
+ test_quote_command_line_one(STRV_MAKE("true", "with a 'quote'"),
+ "true \"with a 'quote'\"");
+ test_quote_command_line_one(STRV_MAKE("true", "with a \"quote\""),
+ "true \"with a \\\"quote\\\"\"");
+ test_quote_command_line_one(STRV_MAKE("true", "$dollar"),
+ "true \"\\$dollar\"");
+}
+
int main(int argc, char *argv[]) {
test_setup_logging(LOG_DEBUG);
@@ -202,6 +225,7 @@ int main(int argc, char *argv[]) {
test_cunescape();
test_shell_escape();
test_shell_maybe_quote();
+ test_quote_command_line();
return 0;
}
--
2.33.0

32
backport-basic-linux-Sync-if_arp.h-with-Linux-5.14.patch Normal file
View File

@ -0,0 +1,32 @@
From 6674c65c74dcf52b6887e76642683b593d86cb69 Mon Sep 17 00:00:00 2001
From: Chris Packham <chris.packham@alliedtelesis.co.nz>
Date: Fri, 10 Sep 2021 09:51:36 +1200
Subject: [PATCH] basic/linux: Sync if_arp.h with Linux 5.14
ARPHRD_MCTP was added in 5.14. Sync if_arp.h to pick up the definition
Fixes #20694
(cherry picked from commit 7c5b9952c4f6e2b72f90edbe439982528b7cf223)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/6674c65c74dcf52b6887e76642683b593d86cb69
---
src/basic/linux/if_arp.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/basic/linux/if_arp.h b/src/basic/linux/if_arp.h
index c3cc5a9e5e..4783af9fe5 100644
--- a/src/basic/linux/if_arp.h
+++ b/src/basic/linux/if_arp.h
@@ -54,6 +54,7 @@
#define ARPHRD_X25 271 /* CCITT X.25 */
#define ARPHRD_HWX25 272 /* Boards with X.25 in firmware */
#define ARPHRD_CAN 280 /* Controller Area Network */
+#define ARPHRD_MCTP 290
#define ARPHRD_PPP 512
#define ARPHRD_CISCO 513 /* Cisco HDLC */
#define ARPHRD_HDLC ARPHRD_CISCO
--
2.33.0

48
backport-basic-log-allow-errno-values-higher-than-255.patch Normal file
View File

@ -0,0 +1,48 @@
From fb824c90e5a83218e4252a2c21c7f365d0167458 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 3 Jan 2022 17:53:29 +0100
Subject: [PATCH] basic/log: allow errno values higher than 255
When the support for "synthetic errno" was added, we started truncating
the errno value to just the least significant byte. This is generally OK,
because errno values are defined up to ~130.
The docs don't really say what the maximum value is. But at least in principle
higher values could be added in the future. So let's stop truncating
the values needlessly.
The kernel (or libbpf?) have an error where they return 524 as an errno
value (https://bugzilla.redhat.com/show_bug.cgi?id=2036145). We would
confusingly truncate this to 12 (ENOMEM). It seems much nicer to let
strerror() give us "Unknown error 524" rather than to print the bogus
message about ENOMEM.
(cherry picked from commit 5f74fcd41cb1a1b26c23e0f2ab405ae9cf6bcc93)
(cherry picked from commit cd686fe4c719bfb894bd24d673c51f19cea64643)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/fb824c90e5a83218e4252a2c21c7f365d0167458
---
src/basic/log.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/basic/log.h b/src/basic/log.h
index 738c181070..8bfae8e0e5 100644
--- a/src/basic/log.h
+++ b/src/basic/log.h
@@ -27,10 +27,10 @@ typedef enum LogTarget{
_LOG_TARGET_INVALID = -EINVAL,
} LogTarget;
-/* Note to readers: << and >> have lower precedence than & and | */
+/* Note to readers: << and >> have lower precedence (are evaluated earlier) than & and | */
#define SYNTHETIC_ERRNO(num) (1 << 30 | (num))
#define IS_SYNTHETIC_ERRNO(val) ((val) >> 30 & 1)
-#define ERRNO_VALUE(val) (abs(val) & 255)
+#define ERRNO_VALUE(val) (abs(val) & ~(1 << 30))
const char *log_target_to_string(LogTarget target) _const_;
LogTarget log_target_from_string(const char *s) _pure_;
--
2.33.0

76
backport-basic-mac_-selinux-smack-_apply_fd-does-not-work-whe.patch Normal file
View File

@ -0,0 +1,76 @@
From fdb86800e854d5079c13d3a4597f73617db991f6 Mon Sep 17 00:00:00 2001
From: Donald Chan <hoiho@amazon.com>
Date: Fri, 28 Jan 2022 22:53:46 +0000
Subject: [PATCH] basic: mac_[selinux,smack]_apply_fd does not work when
applying labels
Commit a7fdc6c introduced a regression where file descriptors are opened
using O_PATH option. mac_smack_apply_fd() calls fsetxattr() and would fail
with a -EBADF (Bad file descriptor) error.
Use FORMAT_PROC_FD_PATH(fd) to convert the fd back into a full path and
call setxattr() or setfilecon() instead.
Signed-off-by: Donald Chan <hoiho@amazon.com>
(cherry picked from commit a718364e9d9242cc2111c9860f2ab5bb9bb26db9)
(cherry picked from commit 9f596964f6e403b089450dc083724b48fb4b4bb1)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/fdb86800e854d5079c13d3a4597f73617db991f6
---
src/shared/selinux-util.c | 6 +++++-
src/shared/smack-util.c | 7 +++++--
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/src/shared/selinux-util.c b/src/shared/selinux-util.c
index 03cee76f64..832c29435d 100644
--- a/src/shared/selinux-util.c
+++ b/src/shared/selinux-util.c
@@ -344,12 +344,16 @@ int mac_selinux_apply_fd(int fd, const char *path, const char *label) {
assert(fd >= 0);
#if HAVE_SELINUX
+ char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1];
+
if (!mac_selinux_use())
return 0;
assert(label);
- if (fsetfilecon(fd, label) < 0)
+ xsprintf(procfs_path, "/proc/self/fd/%i", fd);
+
+ if (setfilecon(procfs_path, label) < 0)
return log_enforcing_errno(errno, "Failed to set SELinux security context %s on path %s: %m", label, strna(path));
#endif
return 0;
diff --git a/src/shared/smack-util.c b/src/shared/smack-util.c
index 3362ee3924..8d88a7b49a 100644
--- a/src/shared/smack-util.c
+++ b/src/shared/smack-util.c
@@ -86,6 +86,7 @@ int mac_smack_apply(const char *path, SmackAttr attr, const char *label) {
}
int mac_smack_apply_fd(int fd, SmackAttr attr, const char *label) {
+ char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1];
int r;
assert(fd >= 0);
@@ -94,10 +95,12 @@ int mac_smack_apply_fd(int fd, SmackAttr attr, const char *label) {
if (!mac_smack_use())
return 0;
+ xsprintf(procfs_path, "/proc/self/fd/%i", fd);
+
if (label)
- r = fsetxattr(fd, smack_attr_to_string(attr), label, strlen(label), 0);
+ r = setxattr(procfs_path, smack_attr_to_string(attr), label, strlen(label), 0);
else
- r = fremovexattr(fd, smack_attr_to_string(attr));
+ r = removexattr(procfs_path, smack_attr_to_string(attr));
if (r < 0)
return -errno;
--
2.33.0

28
backport-basic-mountpoint-util-detect-erofs-as-a-read-only-FS.patch Normal file
View File

@ -0,0 +1,28 @@
From 74af5a3696cd3747fa814a21eb1b3d7cae3dea56 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Thu, 4 Nov 2021 20:29:43 +0000
Subject: [PATCH] basic/mountpoint-util: detect erofs as a read-only FS
(cherry picked from commit fac2c3e97d80fb356eb50abb429bdb5ed36afcf1)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/74af5a3696cd3747fa814a21eb1b3d7cae3dea56
---
src/basic/mountpoint-util.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/basic/mountpoint-util.c b/src/basic/mountpoint-util.c
index e7a5a99551..7e57d9a226 100644
--- a/src/basic/mountpoint-util.c
+++ b/src/basic/mountpoint-util.c
@@ -424,6 +424,7 @@ bool fstype_is_ro(const char *fstype) {
return STR_IN_SET(fstype,
"DM_verity_hash",
"iso9660",
+ "erofs",
"squashfs");
}
--
2.33.0

32
backport-basic-unit-file-don-t-filter-out-names-starting-with.patch Normal file
View File

@ -0,0 +1,32 @@
From d21bfe5c06688a5b6aa0a0b4eae0b05bc45475fb Mon Sep 17 00:00:00 2001
From: Anita Zhang <the.anitazha@gmail.com>
Date: Tue, 28 Sep 2021 23:52:39 -0700
Subject: [PATCH] basic/unit-file: don't filter out names starting with dot
Fixes #20859
Reverts 3796bdc55d6ba499d1049f749072218879e619a7
(cherry picked from commit 14bb72953458caace048b55ead7ea06a592b864f)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/d21bfe5c06688a5b6aa0a0b4eae0b05bc45475fb
---
src/basic/unit-file.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/basic/unit-file.c b/src/basic/unit-file.c
index 884a0674a9..0d58b1c4fe 100644
--- a/src/basic/unit-file.c
+++ b/src/basic/unit-file.c
@@ -284,7 +284,7 @@ int unit_file_build_name_map(
continue;
}
- FOREACH_DIRENT(de, d, log_warning_errno(errno, "Failed to read \"%s\", ignoring: %m", *dir)) {
+ FOREACH_DIRENT_ALL(de, d, log_warning_errno(errno, "Failed to read \"%s\", ignoring: %m", *dir)) {
char *filename;
_cleanup_free_ char *_filename_free = NULL, *simplified = NULL;
const char *suffix, *dst = NULL;
--
2.33.0

32
backport-binfmt-fix-exit-value.patch Normal file
View File

@ -0,0 +1,32 @@
From d4406e94a32d423d8a73deb7757fb09890afe2c4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 10 Nov 2021 13:58:32 +0100
Subject: [PATCH] binfmt: fix exit value
Positive values are mapped to 0 by DEFINE_MAIN_FUNCTION(), so e.g.
systemd-binfmt --foobar would "succeed".
(cherry picked from commit 52707598d5c0dbbc8a967e4874b0b08ee2486772)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/d4406e94a32d423d8a73deb7757fb09890afe2c4
---
src/binfmt/binfmt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/binfmt/binfmt.c b/src/binfmt/binfmt.c
index 29530bb691..981218f52f 100644
--- a/src/binfmt/binfmt.c
+++ b/src/binfmt/binfmt.c
@@ -189,7 +189,7 @@ static int run(int argc, char *argv[]) {
r = parse_argv(argc, argv);
if (r <= 0)
- return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
+ return r;
log_setup();
--
2.33.0

68
backport-boot-timestamps-Discard-firmware-init-time-when-runn.patch Normal file
View File

@ -0,0 +1,68 @@
From 9ee300a0b6429b7af73f40edfb2330cbbd7828f3 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Sun, 9 Jan 2022 14:22:15 +0100
Subject: [PATCH] boot-timestamps: Discard firmware init time when running in a
VM
Fixes: #22060
(cherry picked from commit f699bd81e8e18da2d2fc11e7fb7dce95f8bb3f9e)
(cherry picked from commit 3c5c13f82c760c7067bb189484e1f672ff6713f6)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/9ee300a0b6429b7af73f40edfb2330cbbd7828f3
---
src/shared/boot-timestamps.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/src/shared/boot-timestamps.c b/src/shared/boot-timestamps.c
index 8786e89c0e..e00b37aa32 100644
--- a/src/shared/boot-timestamps.c
+++ b/src/shared/boot-timestamps.c
@@ -5,11 +5,13 @@
#include "efi-loader.h"
#include "macro.h"
#include "time-util.h"
+#include "virt.h"
int boot_timestamps(const dual_timestamp *n, dual_timestamp *firmware, dual_timestamp *loader) {
usec_t x = 0, y = 0, a;
int r;
dual_timestamp _n;
+ bool use_firmware = true;
assert(firmware);
assert(loader);
@@ -24,6 +26,10 @@ int boot_timestamps(const dual_timestamp *n, dual_timestamp *firmware, dual_time
r = efi_loader_get_boot_usec(&x, &y);
if (r < 0)
return r;
+
+ /* If we are running in a VM, the init timestamp would
+ * be equivalent to the host uptime. */
+ use_firmware = detect_vm() <= 0;
}
/* Let's convert this to timestamps where the firmware
@@ -33,12 +39,14 @@ int boot_timestamps(const dual_timestamp *n, dual_timestamp *firmware, dual_time
* the monotonic timestamps here as negative of the actual
* value. */
- firmware->monotonic = y;
- loader->monotonic = y - x;
-
- a = n->monotonic + firmware->monotonic;
- firmware->realtime = n->realtime > a ? n->realtime - a : 0;
+ if (use_firmware) {
+ firmware->monotonic = y;
+ a = n->monotonic + firmware->monotonic;
+ firmware->realtime = n->realtime > a ? n->realtime - a : 0;
+ } else
+ firmware->monotonic = firmware->realtime = 0;
+ loader->monotonic = y - x;
a = n->monotonic + loader->monotonic;
loader->realtime = n->realtime > a ? n->realtime - a : 0;
--
2.33.0

45
backport-bootctl-Fix-update-not-adding-EFI-entry-if-Boot-IDs-.patch Normal file
View File

@ -0,0 +1,45 @@
From 0028a3eb976dfa7209433dfa3a24b785f05fd352 Mon Sep 17 00:00:00 2001
From: Anssi Hannula <anssi.hannula@bitwise.fi>
Date: Thu, 23 Sep 2021 12:08:05 +0300
Subject: [PATCH] bootctl: Fix update not adding EFI entry if Boot IDs are
non-consecutive
"bootctl update" tries to add sd-boot to the EFI boot loader list if it
is not already there. To do so, it uses find_slot() which finds the
proper BootXXXX slot ID to use and also returns 1 if an existing sd-boot
entry was found at this ID or 0 if it is a new unused ID. In "update"
case install_variables() only writes the entry in case 0 (no existing
entry).
However, find_slot() erroneously returns 1 if it finds a gap in the Boot
IDs (i.e. when not resorting to max(ids) + 1). This causes
"bootctl update" to not add a missing systemd-boot boot entry if the
existing BootXXXX entry IDs are not consecutive.
Fix that by returning 0 in find_slot() when an empty gap ID is selected
to make it match the behavior when selecting an empty non-gap ID.
(cherry picked from commit 26d54e1263dcb58daa6578595cc6ab1037315593)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/0028a3eb976dfa7209433dfa3a24b785f05fd352
---
src/boot/bootctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/boot/bootctl.c b/src/boot/bootctl.c
index fa8c600321..bd96812246 100644
--- a/src/boot/bootctl.c
+++ b/src/boot/bootctl.c
@@ -711,7 +711,7 @@ static int find_slot(sd_id128_t uuid, const char *path, uint16_t *id) {
for (i = 0; i < n; i++)
if (i != options[i]) {
*id = i;
- return 1;
+ return 0;
}
/* use the next one */
--
2.33.0

57
backport-bus-util-retrieve-bus-error-from-message.patch Normal file
View File

@ -0,0 +1,57 @@
From 443f25f3cd34ce504a4850373babcde5d572335f Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 30 Jan 2022 05:36:56 +0900
Subject: [PATCH] bus-util: retrieve bus error from message
The error in argument is not input, but used for output.
(cherry picked from commit 853b94863cf26d084454edd63ce987cc7ab0505a)
(cherry picked from commit b9e144629bdb7c3d4535fb0a0ad8639140a25034)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/443f25f3cd34ce504a4850373babcde5d572335f
---
src/shared/bus-wait-for-units.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/src/shared/bus-wait-for-units.c b/src/shared/bus-wait-for-units.c
index 29620e0d1b..c867f1cbfd 100644
--- a/src/shared/bus-wait-for-units.c
+++ b/src/shared/bus-wait-for-units.c
@@ -1,5 +1,6 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#include "bus-error.h"
#include "bus-map-properties.h"
#include "bus-wait-for-units.h"
#include "hashmap.h"
@@ -288,19 +289,22 @@ static int on_properties_changed(sd_bus_message *m, void *userdata, sd_bus_error
return 0;
}
-static int on_get_all_properties(sd_bus_message *m, void *userdata, sd_bus_error *error) {
+static int on_get_all_properties(sd_bus_message *m, void *userdata, sd_bus_error *ret_error) {
WaitForItem *item = userdata;
+ const sd_bus_error *e;
int r;
assert(item);
- if (sd_bus_error_is_set(error)) {
+ e = sd_bus_message_get_error(m);
+ if (e) {
BusWaitForUnits *d = item->parent;
d->has_failed = true;
- log_debug_errno(sd_bus_error_get_errno(error), "GetAll() failed for %s: %s",
- item->bus_path, error->message);
+ r = sd_bus_error_get_errno(e);
+ log_debug_errno(r, "GetAll() failed for %s: %s",
+ item->bus_path, bus_error_message(e, r));
call_unit_callback_and_wait(d, item, false);
bus_wait_for_units_check_ready(d);
--
2.33.0

82
backport-calendarspec-fix-possibly-skips-next-elapse.patch Normal file
View File

@ -0,0 +1,82 @@
From bce3b46aaf8c7ad7ff7eeaafbf4b321ffdad9c07 Mon Sep 17 00:00:00 2001
From: Gibeom Gwon <gb.gwon@stackframe.dev>
Date: Sun, 6 Mar 2022 09:45:38 +0900
Subject: [PATCH] calendarspec: fix possibly skips next elapse
If the time unit changes after adding the repetition value, the
timer may skip the next elapse. This patch reset sub time units
to minimum value when upper unit is changed.
Fixes #22665.
(cherry picked from commit 1e582ede3b04d12aae11fc5378a446a392054f1c)
(cherry picked from commit 8d4c0d2383e72f30753bf33f206387bc03879ff8)
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/bce3b46aaf8c7ad7ff7eeaafbf4b321ffdad9c07
---
src/shared/calendarspec.c | 27 ++++++++++++++++++++-------
src/test/test-calendarspec.c | 2 ++
2 files changed, 22 insertions(+), 7 deletions(-)
diff --git a/src/shared/calendarspec.c b/src/shared/calendarspec.c
index bf24d8d5bb..238766c96a 100644
--- a/src/shared/calendarspec.c
+++ b/src/shared/calendarspec.c
@@ -1180,6 +1180,7 @@ static int find_matching_component(
static int tm_within_bounds(struct tm *tm, bool utc) {
struct tm t;
+ int cmp;
assert(tm);
/*
@@ -1194,13 +1195,25 @@ static int tm_within_bounds(struct tm *tm, bool utc) {
if (mktime_or_timegm(&t, utc) < 0)
return negative_errno();
- /* Did any normalization take place? If so, it was out of bounds before */
- int cmp = CMP(t.tm_year, tm->tm_year) ?:
- CMP(t.tm_mon, tm->tm_mon) ?:
- CMP(t.tm_mday, tm->tm_mday) ?:
- CMP(t.tm_hour, tm->tm_hour) ?:
- CMP(t.tm_min, tm->tm_min) ?:
- CMP(t.tm_sec, tm->tm_sec);
+ /*
+ * Did any normalization take place? If so, it was out of bounds before.
+ * Normalization could skip next elapse, e.g. result of normalizing 3-33
+ * is 4-2. This skips 4-1. So reset the sub time unit if upper unit was
+ * out of bounds. Normalization has occurred implies find_matching_component() > 0,
+ * other sub time units are already reset in find_next().
+ */
+ if ((cmp = CMP(t.tm_year, tm->tm_year)) != 0)
+ t.tm_mon = 0;
+ else if ((cmp = CMP(t.tm_mon, tm->tm_mon)) != 0)
+ t.tm_mday = 1;
+ else if ((cmp = CMP(t.tm_mday, tm->tm_mday)) != 0)
+ t.tm_hour = 0;
+ else if ((cmp = CMP(t.tm_hour, tm->tm_hour)) != 0)
+ t.tm_min = 0;
+ else if ((cmp = CMP(t.tm_min, tm->tm_min)) != 0)
+ t.tm_sec = 0;
+ else
+ cmp = CMP(t.tm_sec, tm->tm_sec);
if (cmp < 0)
return -EDEADLK; /* Refuse to go backward */
diff --git a/src/test/test-calendarspec.c b/src/test/test-calendarspec.c
index 4f1d0f64d5..bc5e56a238 100644
--- a/src/test/test-calendarspec.c
+++ b/src/test/test-calendarspec.c
@@ -201,6 +201,8 @@ int main(int argc, char* argv[]) {
test_next("2016-02~01 UTC", "", 12345, 1456704000000000);
test_next("Mon 2017-05~01..07 UTC", "", 12345, 1496016000000000);
test_next("Mon 2017-05~07/1 UTC", "", 12345, 1496016000000000);
+ test_next("*-*-01/5 04:00:00 UTC", "", 1646010000000000, 1646107200000000);
+ test_next("*-01/7-01 04:00:00 UTC", "", 1664607600000000, 1672545600000000);
test_next("2017-08-06 9,11,13,15,17:00 UTC", "", 1502029800000000, 1502031600000000);
test_next("2017-08-06 9..17/2:00 UTC", "", 1502029800000000, 1502031600000000);
test_next("2016-12-* 3..21/6:00 UTC", "", 1482613200000001, 1482634800000000);
--
2.33.0

84
backport-cgroup-do-catchup-for-unit-cgroup-inotify-watch-file.patch Normal file
View File

@ -0,0 +1,84 @@
From 52ab3b8f534eafeed86908ad38f4cd0f169e23ff Mon Sep 17 00:00:00 2001
From: Dan Streetman <ddstreet@canonical.com>
Date: Sun, 11 Jul 2021 16:59:27 -0400
Subject: [PATCH] cgroup: do 'catchup' for unit cgroup inotify watch files
While reexec/reload, we drop the inotify watch on cgroup file(s), so
we need to re-check them in case they changed and we missed the event.
Fixes: #20198
(cherry picked from commit 869f52f21831b611160c4937bef822ca94c802ba)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/52ab3b8f534eafeed86908ad38f4cd0f169e23ff
---
src/core/cgroup.c | 18 ++++++++++++++++++
src/core/cgroup.h | 2 ++
src/core/unit.c | 2 ++
3 files changed, 22 insertions(+)
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index 3a6f768c60..5c07aa71d1 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -3039,6 +3039,9 @@ static int unit_check_cgroup_events(Unit *u) {
assert(u);
+ if (!u->cgroup_path)
+ return 0;
+
r = cg_get_keyed_attribute_graceful(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
STRV_MAKE("populated", "frozen"), values);
if (r < 0)
@@ -3871,6 +3874,21 @@ void unit_invalidate_cgroup_bpf(Unit *u) {
}
}
+void unit_cgroup_catchup(Unit *u) {
+ assert(u);
+
+ if (!UNIT_HAS_CGROUP_CONTEXT(u))
+ return;
+
+ /* We dropped the inotify watch during reexec/reload, so we need to
+ * check these as they may have changed.
+ * Note that (currently) the kernel doesn't actually update cgroup
+ * file modification times, so we can't just serialize and then check
+ * the mtime for file(s) we are interested in. */
+ (void) unit_check_cgroup_events(u);
+ unit_add_to_cgroup_oom_queue(u);
+}
+
bool unit_cgroup_delegate(Unit *u) {
CGroupContext *c;
diff --git a/src/core/cgroup.h b/src/core/cgroup.h
index ea929368cb..3f8cad899d 100644
--- a/src/core/cgroup.h
+++ b/src/core/cgroup.h
@@ -313,6 +313,8 @@ void manager_invalidate_startup_units(Manager *m);
const char* cgroup_device_policy_to_string(CGroupDevicePolicy i) _const_;
CGroupDevicePolicy cgroup_device_policy_from_string(const char *s) _pure_;
+void unit_cgroup_catchup(Unit *u);
+
bool unit_cgroup_delegate(Unit *u);
int compare_job_priority(const void *a, const void *b);
diff --git a/src/core/unit.c b/src/core/unit.c
index 47966bcf0d..7e3bd7505e 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -3616,6 +3616,8 @@ void unit_catchup(Unit *u) {
if (UNIT_VTABLE(u)->catchup)
UNIT_VTABLE(u)->catchup(u);
+
+ unit_cgroup_catchup(u);
}
static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
--
2.33.0

45
backport-cgroup-don-t-emit-BPF-firewall-warning-when-manager-.patch Normal file
View File

@ -0,0 +1,45 @@
From f4472e406eaa1087534066d09a4b7f2fd1de2a06 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Tue, 30 Nov 2021 23:49:33 +0000
Subject: [PATCH] cgroup: don't emit BPF firewall warning when manager is in
test mode
Support for BPF might not have been checked, since it's not necessary
in test mode (eg: running offline analysis of units). This causes an
assert:
Assertion '(_error) != 0' failed at src/core/bpf-firewall.c:914, function emit_bpf_firewall_warning(). Aborting.
Export SYSTEMD_LOG_LEVEl=debug in TEST-65-ANALYZE is enough to trigger
this assert while doing an offline analysis of a unit that has some
firewall/network restrictions set.
Skip the warning if the manager is in test mode.
(cherry picked from commit a42232a18c5716f69efc67c779dd2ef6c4b9d6c2)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/f4472e406eaa1087534066d09a4b7f2fd1de2a06
---
src/core/bpf-firewall.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/core/bpf-firewall.c b/src/core/bpf-firewall.c
index 4a92052925..c4989a3ea6 100644
--- a/src/core/bpf-firewall.c
+++ b/src/core/bpf-firewall.c
@@ -911,7 +911,10 @@ int bpf_firewall_supported(void) {
void emit_bpf_firewall_warning(Unit *u) {
static bool warned = false;
- if (!warned) {
+ assert(u);
+ assert(u->manager);
+
+ if (!warned && !MANAGER_IS_TEST_RUN(u->manager)) {
bool quiet = bpf_firewall_unsupported_reason == -EPERM && detect_container() > 0;
log_unit_full_errno(u, quiet ? LOG_DEBUG : LOG_WARNING, bpf_firewall_unsupported_reason,
--
2.33.0

54
backport-change-indicator-used-for-later-versions-of-VirtualB.patch Normal file
View File

@ -0,0 +1,54 @@
From 7459b7f4a63de87a6e76e9187893c65291b7931f Mon Sep 17 00:00:00 2001
From: Greg Zuro <gregzuro@users.noreply.github.com>
Date: Tue, 26 Oct 2021 21:02:37 -0700
Subject: [PATCH] change indicator used for later versions of VirtualBox
(#21127)
Detection of VirtualBox is accomplished in the existing code by *either* `innotek GmbH`
or `Oracle Corporation` existing in any of:
- /sys/class/dmi/id/product_name
- /sys/class/dmi/id/sys_vendor
- /sys/class/dmi/id/board_vendor
- /sys/class/dmi/id/bios_vendor
With Oracle's physical servers, both `/sys/class/dmi/id/sys_vendor` and
`/sys/class/dmi/id/board_vendor` contain `Oracle Corporation`, so those
servers are detected as `oracle` (VirtualBox).
VirtualBox has the following values in the latest versions:
- /sys/class/dmi/id/product_name: `VirtualBox`
- /sys/class/dmi/id/sys_vendor: `innotek GmbH`
- /sys/class/dmi/id/board_vendor: `Oracle Corporation`
- /sys/class/dmi/id/bios_vendor: `innotek GmbH`
Presumably the existing check for `innotek GmbH` is meant to detect
older versions of VirtualBox, while changing the second checked value
from `Oracle Corporation` to `VirtualBox` will reliably detect later and future
versions.
(cherry picked from commit cfee6b955154c30be31ffcf0e3b7b89374a52fff)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/7459b7f4a63de87a6e76e9187893c65291b7931f
---
src/basic/virt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/basic/virt.c b/src/basic/virt.c
index 0243b2d2a8..cc123a286f 100644
--- a/src/basic/virt.c
+++ b/src/basic/virt.c
@@ -159,7 +159,7 @@ static int detect_vm_dmi_vendor(void) {
{ "VMware", VIRTUALIZATION_VMWARE }, /* https://kb.vmware.com/s/article/1009458 */
{ "VMW", VIRTUALIZATION_VMWARE },
{ "innotek GmbH", VIRTUALIZATION_ORACLE },
- { "Oracle Corporation", VIRTUALIZATION_ORACLE },
+ { "VirtualBox", VIRTUALIZATION_ORACLE },
{ "Xen", VIRTUALIZATION_XEN },
{ "Bochs", VIRTUALIZATION_BOCHS },
{ "Parallels", VIRTUALIZATION_PARALLELS },
--
2.33.0

79
backport-ci-cancel-previous-jobs-on-ref-update.patch Normal file
View File

@ -0,0 +1,79 @@
From 47b12629b47d9dfc857874a1b680f60ffc0af0bd Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 10 Nov 2021 16:45:12 +0100
Subject: [PATCH] ci: cancel previous jobs on ref update
Let's save the environment (and reduce the number of jobs in GH Actions
queues) by cancelling old jobs on a ref update (force push).
See: https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions#concurrency
(cherry picked from commit 3884837610168e6fb69fc2d5709f6c017a30beb9)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/47b12629b47d9dfc857874a1b680f60ffc0af0bd
---
.github/workflows/build_test.yml | 3 +++
.github/workflows/cifuzz.yml | 3 +++
.github/workflows/mkosi.yml | 3 +++
.github/workflows/unit_tests.yml | 3 +++
4 files changed, 12 insertions(+)
diff --git a/.github/workflows/build_test.yml b/.github/workflows/build_test.yml
index 486016abc1..fa86236c2a 100644
--- a/.github/workflows/build_test.yml
+++ b/.github/workflows/build_test.yml
@@ -14,6 +14,9 @@ on:
jobs:
build:
runs-on: ubuntu-20.04
+ concurrency:
+ group: ${{ github.workflow }}-${{ matrix.env.COMPILER }}-${{ matrix.env.COMPILER_VERSION }}-${{ github.ref }}
+ cancel-in-progress: true
strategy:
fail-fast: false
matrix:
diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
index 5296dc7069..df1fb15ace 100644
--- a/.github/workflows/cifuzz.yml
+++ b/.github/workflows/cifuzz.yml
@@ -19,6 +19,9 @@ jobs:
Fuzzing:
runs-on: ubuntu-latest
if: github.repository == 'systemd/systemd'
+ concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+ cancel-in-progress: true
strategy:
fail-fast: false
matrix:
diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml
index babdf7ae6e..f67fd23b1c 100644
--- a/.github/workflows/mkosi.yml
+++ b/.github/workflows/mkosi.yml
@@ -13,6 +13,9 @@ on:
jobs:
ci:
runs-on: ubuntu-20.04
+ concurrency:
+ group: ${{ github.workflow }}-${{ matrix.distro }}-${{ github.ref }}
+ cancel-in-progress: true
strategy:
fail-fast: false
matrix:
diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml
index ca1e6e0c30..aaf8fcad3d 100644
--- a/.github/workflows/unit_tests.yml
+++ b/.github/workflows/unit_tests.yml
@@ -10,6 +10,9 @@ on:
jobs:
build:
runs-on: ubuntu-20.04
+ concurrency:
+ group: ${{ github.workflow }}-${{ matrix.run_phase }}-${{ github.ref }}
+ cancel-in-progress: true
strategy:
fail-fast: false
matrix:
--
2.33.0

59
backport-ci-fix-clang-13-installation.patch Normal file
View File

@ -0,0 +1,59 @@
From eaa74c30212d62f546692731ec3cef498f3edb08 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 22 Feb 2022 14:43:40 +0100
Subject: [PATCH] ci: fix clang-13 installation
For some reason Ubuntu Focal repositories now have `llvm-13` virtual
package which can't be installed, but successfully fools our check,
resulting in no clang/llvm being installed...
```
$ apt show llvm-13
Package: llvm-13
State: not a real package (virtual)
N: Can't select candidate version from package llvm-13 as it has no candidate
N: Can't select versions from package 'llvm-13' as it is purely virtual
N: No packages found
$ apt install --dry-run llvm-13
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package llvm-13 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package 'llvm-13' has no installation candidate
```
(cherry picked from commit b491d74064f9d5e17a71b38b014434237169a077)
(cherry picked from commit fa6e263273905cfc9e4528e8175ace3d19d881e3)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/eaa74c30212d62f546692731ec3cef498f3edb08
---
.github/workflows/build_test.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh
index db38554d97..1200fa23f3 100755
--- a/.github/workflows/build_test.sh
+++ b/.github/workflows/build_test.sh
@@ -75,12 +75,12 @@ if [[ "$COMPILER" == clang ]]; then
# ATTOW llvm-11 got into focal-updates, which conflicts with llvm-11
# provided by the apt.llvm.org repositories. Let's use the system
# llvm package if available in such cases to avoid that.
- if ! apt show --quiet "llvm-$COMPILER_VERSION" &>/dev/null; then
+ if ! apt install --dry-run "llvm-$COMPILER_VERSION" >/dev/null; then
# Latest LLVM stack deb packages provided by https://apt.llvm.org/
# Following snippet was partly borrowed from https://apt.llvm.org/llvm.sh
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --yes --dearmor --output /usr/share/keyrings/apt-llvm-org.gpg
printf "deb [signed-by=/usr/share/keyrings/apt-llvm-org.gpg] http://apt.llvm.org/%s/ llvm-toolchain-%s-%s main\n" \
- "$RELEASE" "$RELEASE" "$COMPILER_VERSION" >/etc/apt/sources.list.d/llvm-toolchain.list
+ "$RELEASE" "$RELEASE" "$COMPILER_VERSION" >/etc/apt/sources.list.d/llvm-toolchain.list
PACKAGES+=("clang-$COMPILER_VERSION" "lldb-$COMPILER_VERSION" "lld-$COMPILER_VERSION" "clangd-$COMPILER_VERSION")
fi
elif [[ "$COMPILER" == gcc ]]; then
--
2.33.0

82
backport-ci-fix-indentation.patch Normal file
View File

@ -0,0 +1,82 @@
From 6db77b2c9f31c8246ec920a189fe44873111566f Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 10 Nov 2021 16:42:07 +0100
Subject: [PATCH] ci: fix indentation
(cherry picked from commit 46573ee1319ee8ae5b292a0a737740eca1a68184)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/6db77b2c9f31c8246ec920a189fe44873111566f
---
.github/workflows/cifuzz.yml | 58 ++++++++++++++++++------------------
1 file changed, 29 insertions(+), 29 deletions(-)
diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
index 14d81a67ff..5296dc7069 100644
--- a/.github/workflows/cifuzz.yml
+++ b/.github/workflows/cifuzz.yml
@@ -16,32 +16,32 @@ on:
branches:
- main
jobs:
- Fuzzing:
- runs-on: ubuntu-latest
- if: github.repository == 'systemd/systemd'
- strategy:
- fail-fast: false
- matrix:
- sanitizer: [address, undefined, memory]
- steps:
- - name: Build Fuzzers (${{ matrix.sanitizer }})
- id: build
- uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
- with:
- oss-fuzz-project-name: 'systemd'
- dry-run: false
- allowed-broken-targets-percentage: 0
- sanitizer: ${{ matrix.sanitizer }}
- - name: Run Fuzzers (${{ matrix.sanitizer }})
- uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
- with:
- oss-fuzz-project-name: 'systemd'
- fuzz-seconds: 600
- dry-run: false
- sanitizer: ${{ matrix.sanitizer }}
- - name: Upload Crash
- uses: actions/upload-artifact@v1
- if: failure() && steps.build.outcome == 'success'
- with:
- name: ${{ matrix.sanitizer }}-artifacts
- path: ./out/artifacts
+ Fuzzing:
+ runs-on: ubuntu-latest
+ if: github.repository == 'systemd/systemd'
+ strategy:
+ fail-fast: false
+ matrix:
+ sanitizer: [address, undefined, memory]
+ steps:
+ - name: Build Fuzzers (${{ matrix.sanitizer }})
+ id: build
+ uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
+ with:
+ oss-fuzz-project-name: 'systemd'
+ dry-run: false
+ allowed-broken-targets-percentage: 0
+ sanitizer: ${{ matrix.sanitizer }}
+ - name: Run Fuzzers (${{ matrix.sanitizer }})
+ uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
+ with:
+ oss-fuzz-project-name: 'systemd'
+ fuzz-seconds: 600
+ dry-run: false
+ sanitizer: ${{ matrix.sanitizer }}
+ - name: Upload Crash
+ uses: actions/upload-artifact@v1
+ if: failure() && steps.build.outcome == 'success'
+ with:
+ name: ${{ matrix.sanitizer }}-artifacts
+ path: ./out/artifacts
--
2.33.0

32
backport-ci-pin-the-debian-systemd-repo-to-a-specific-revisio.patch Normal file
View File

@ -0,0 +1,32 @@
From cdc1cd4eb3f86f3100d6d04b1b5d12a2d87b8704 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Sun, 14 Nov 2021 12:28:21 +0100
Subject: [PATCH] ci: pin the debian systemd repo to a specific revision
to work around missing systemd/systemd#20056 in pre-v250 stable
branches.
v249-stable-only
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/cdc1cd4eb3f86f3100d6d04b1b5d12a2d87b8704
---
.semaphore/semaphore.yml | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/.semaphore/semaphore.yml b/.semaphore/semaphore.yml
index 06f162007e..7fc38a553d 100644
--- a/.semaphore/semaphore.yml
+++ b/.semaphore/semaphore.yml
@@ -25,3 +25,8 @@ blocks:
- checkout --use-cache
- .semaphore/semaphore-runner.sh SETUP
- .semaphore/semaphore-runner.sh RUN
+ env_vars:
+ # Pin the debian systemd repo to a specific revision, to work around
+ # missing systemd/systemd#20056 in pre-v250 stable branches
+ - name: BRANCH
+ value: e138f8573a14f8f094bd6c9582bc26ed62c1347f
--
2.33.0

39
backport-ci-replace-apt-key-with-signed-by.patch Normal file
View File

@ -0,0 +1,39 @@
From 84230ae4e3a10fccfb4750b832d2c70fe56df128 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Sun, 26 Dec 2021 01:11:00 +0000
Subject: [PATCH] ci: replace apt-key with signed-by
to limit the scope of the key to apt.llvm.org only.
This is mostly inspired by https://blog.cloudflare.com/dont-use-apt-key/
(cherry picked from commit bfa6bd1be098adc4710e1819b9cd34d65b3855da)
(cherry picked from commit c92297a20c13b7e15b0026b1f36ebe99d86cfce8)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/84230ae4e3a10fccfb4750b832d2c70fe56df128
---
.github/workflows/build_test.sh | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh
index 10fa1ea9b0..db38554d97 100755
--- a/.github/workflows/build_test.sh
+++ b/.github/workflows/build_test.sh
@@ -77,9 +77,10 @@ if [[ "$COMPILER" == clang ]]; then
# llvm package if available in such cases to avoid that.
if ! apt show --quiet "llvm-$COMPILER_VERSION" &>/dev/null; then
# Latest LLVM stack deb packages provided by https://apt.llvm.org/
- # Following snippet was borrowed from https://apt.llvm.org/llvm.sh
- wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add -
- add-apt-repository -y "deb http://apt.llvm.org/$RELEASE/ llvm-toolchain-$RELEASE-$COMPILER_VERSION main"
+ # Following snippet was partly borrowed from https://apt.llvm.org/llvm.sh
+ wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --yes --dearmor --output /usr/share/keyrings/apt-llvm-org.gpg
+ printf "deb [signed-by=/usr/share/keyrings/apt-llvm-org.gpg] http://apt.llvm.org/%s/ llvm-toolchain-%s-%s main\n" \
+ "$RELEASE" "$RELEASE" "$COMPILER_VERSION" >/etc/apt/sources.list.d/llvm-toolchain.list
PACKAGES+=("clang-$COMPILER_VERSION" "lldb-$COMPILER_VERSION" "lld-$COMPILER_VERSION" "clangd-$COMPILER_VERSION")
fi
elif [[ "$COMPILER" == gcc ]]; then
--
2.33.0

49
backport-ci-run-the-unit_tests-and-mkosi-jobs-on-stable-branc.patch Normal file
View File

@ -0,0 +1,49 @@
From 9d08ba9b3fa7542037e0522c10d63517366afda6 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 12 Nov 2021 17:37:15 +0100
Subject: [PATCH] ci: run the unit_tests and mkosi jobs on stable branches as
well
To provide more coverage for the systemd-stable repo.
See: https://github.com/systemd/systemd-stable/issues/24
(cherry picked from commit c76a83858996148fea36d1018b4707ce5334363b)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/9d08ba9b3fa7542037e0522c10d63517366afda6
---
.github/workflows/mkosi.yml | 2 ++
.github/workflows/unit_tests.yml | 1 +
2 files changed, 3 insertions(+)
diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml
index f67fd23b1c..489eb01880 100644
--- a/.github/workflows/mkosi.yml
+++ b/.github/workflows/mkosi.yml
@@ -6,9 +6,11 @@ on:
push:
branches:
- main
+ - v[0-9]+-stable
pull_request:
branches:
- main
+ - v[0-9]+-stable
jobs:
ci:
diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml
index aaf8fcad3d..4a19a6a1c8 100644
--- a/.github/workflows/unit_tests.yml
+++ b/.github/workflows/unit_tests.yml
@@ -6,6 +6,7 @@ on:
pull_request:
branches:
- main
+ - v[0-9]+-stable
jobs:
build:
--
2.33.0

33
backport-ci-take-CIFuzz-s-matrix-into-consideration.patch Normal file
View File

@ -0,0 +1,33 @@
From 428d4988d2bc68e189481f7b46ffd1f84090aadd Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 10 Nov 2021 20:15:41 +0100
Subject: [PATCH] ci: take CIFuzz's matrix into consideration
Otherwise the jobs will try to cancel each other out.
Follow-up to 3884837610168e6fb69fc2d5709f6c017a30beb9.
(cherry picked from commit 8b212f3596d03f8e1025cd151d17f9a82433844a)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/428d4988d2bc68e189481f7b46ffd1f84090aadd
---
.github/workflows/cifuzz.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
index df1fb15ace..8ab2a4cf55 100644
--- a/.github/workflows/cifuzz.yml
+++ b/.github/workflows/cifuzz.yml
@@ -20,7 +20,7 @@ jobs:
runs-on: ubuntu-latest
if: github.repository == 'systemd/systemd'
concurrency:
- group: ${{ github.workflow }}-${{ github.ref }}
+ group: ${{ github.workflow }}-${{ matrix.sanitizer }}-${{ github.ref }}
cancel-in-progress: true
strategy:
fail-fast: false
--
2.33.0

47
backport-ci-use-the-system-llvm-11-package-on-Focal.patch Normal file
View File

@ -0,0 +1,47 @@
From 441c959460217ba81591ada9185bed2665cdc994 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Mon, 11 Oct 2021 21:12:42 +0200
Subject: [PATCH] ci: use the system llvm-11 package on Focal
ATTOW llvm-11 got into focal-updates, which conflicts with llvm-11
provided by the apt.llvm.org repositories. Let's use the system
llvm package if available in such cases to avoid that.
(cherry picked from commit 1c71302f70c7d0712d49b5214f5f29b4d6a2c73e)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/441c959460217ba81591ada9185bed2665cdc994
---
.github/workflows/build_test.sh | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh
index bdcb71ba9c..10fa1ea9b0 100755
--- a/.github/workflows/build_test.sh
+++ b/.github/workflows/build_test.sh
@@ -71,11 +71,17 @@ if [[ "$COMPILER" == clang ]]; then
CC="clang-$COMPILER_VERSION"
CXX="clang++-$COMPILER_VERSION"
AR="llvm-ar-$COMPILER_VERSION"
- # Latest LLVM stack deb packages provided by https://apt.llvm.org/
- # Following snippet was borrowed from https://apt.llvm.org/llvm.sh
- wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add -
- add-apt-repository -y "deb http://apt.llvm.org/$RELEASE/ llvm-toolchain-$RELEASE-$COMPILER_VERSION main"
- PACKAGES+=(clang-$COMPILER_VERSION lldb-$COMPILER_VERSION lld-$COMPILER_VERSION clangd-$COMPILER_VERSION)
+
+ # ATTOW llvm-11 got into focal-updates, which conflicts with llvm-11
+ # provided by the apt.llvm.org repositories. Let's use the system
+ # llvm package if available in such cases to avoid that.
+ if ! apt show --quiet "llvm-$COMPILER_VERSION" &>/dev/null; then
+ # Latest LLVM stack deb packages provided by https://apt.llvm.org/
+ # Following snippet was borrowed from https://apt.llvm.org/llvm.sh
+ wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add -
+ add-apt-repository -y "deb http://apt.llvm.org/$RELEASE/ llvm-toolchain-$RELEASE-$COMPILER_VERSION main"
+ PACKAGES+=("clang-$COMPILER_VERSION" "lldb-$COMPILER_VERSION" "lld-$COMPILER_VERSION" "clangd-$COMPILER_VERSION")
+ fi
elif [[ "$COMPILER" == gcc ]]; then
CC="gcc-$COMPILER_VERSION"
CXX="g++-$COMPILER_VERSION"
--
2.33.0

34
backport-clang-format-we-actually-typically-use-16ch-continua.patch Normal file
View File

@ -0,0 +1,34 @@
From 8282cc686bedb0cf3702ea4ac2856b39ae351ef3 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 22 Feb 2022 16:51:58 +0100
Subject: [PATCH] clang-format: we actually typically use 16ch continuation
indentation
We use 8 for blocks, and 16 for continuation in most cases afaics, hence
say so in .clang-format too
(cherry picked from commit 92148fb77766767fdb6ad6e52747317dae2aae85)
(cherry picked from commit 4a90c12f4f09f23e071e649422754f04eda6d273)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/8282cc686bedb0cf3702ea4ac2856b39ae351ef3
---
.clang-format | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.clang-format b/.clang-format
index 651249c701..c94866fcd5 100644
--- a/.clang-format
+++ b/.clang-format
@@ -46,7 +46,7 @@ ColumnLimit: 109
CompactNamespaces: true
ConstructorInitializerAllOnOneLineOrOnePerLine: true
ConstructorInitializerIndentWidth: 8
-ContinuationIndentWidth: 8
+ContinuationIndentWidth: 16
Cpp11BracedListStyle: false
ForEachMacros:
- BITMAP_FOREACH
--
2.33.0

66
backport-core-Make-sure-cgroup_oom_queue-is-flushed-on-manage.patch Normal file
View File

@ -0,0 +1,66 @@
From 59894983693d36c6017ad995864b5541d7132563 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20Koutn=C3=BD?= <mkoutny@suse.com>
Date: Wed, 4 Aug 2021 18:59:35 +0200
Subject: [PATCH] core: Make sure cgroup_oom_queue is flushed on manager exit
The unit queues are not serialized/deserialized (they are recreated
after reexec/reload instead). The destroyed units are not removed from
the cgroup_oom_queue. That means the queue may contain possibly invalid
pointers to released units.
Fix this by removing the units from cgroup_oom_queue as we do for
others. When at it, sync assert checks with currently existing queues
and put them in order in the manager cleanup code.
(cherry picked from commit 13e721036bf4ba15eb255d8f0a14800f969ac0d7)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/59894983693d36c6017ad995864b5541d7132563
---
src/core/manager.c | 4 ++++
src/core/unit.c | 7 +++++--
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 8884437347..34891a8754 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1410,6 +1410,10 @@ static void manager_clear_jobs_and_units(Manager *m) {
assert(!m->cleanup_queue);
assert(!m->gc_unit_queue);
assert(!m->gc_job_queue);
+ assert(!m->cgroup_realize_queue);
+ assert(!m->cgroup_empty_queue);
+ assert(!m->cgroup_oom_queue);
+ assert(!m->target_deps_queue);
assert(!m->stop_when_unneeded_queue);
assert(!m->start_when_upheld_queue);
assert(!m->stop_when_bound_queue);
diff --git a/src/core/unit.c b/src/core/unit.c
index 7e3bd7505e..e469beb534 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -733,6 +733,9 @@ Unit* unit_free(Unit *u) {
if (u->in_dbus_queue)
LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
+ if (u->in_cleanup_queue)
+ LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
+
if (u->in_gc_queue)
LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
@@ -742,8 +745,8 @@ Unit* unit_free(Unit *u) {
if (u->in_cgroup_empty_queue)
LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
- if (u->in_cleanup_queue)
- LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
+ if (u->in_cgroup_oom_queue)
+ LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u);
if (u->in_target_deps_queue)
LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
--
2.33.0

36
backport-core-Parse-log-environment-settings-again-after-appl.patch Normal file
View File

@ -0,0 +1,36 @@
From b246b5370e95756e9597d8ec967ae030b442e73f Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 7 Sep 2021 16:13:56 +0100
Subject: [PATCH] core: Parse log environment settings again after applying
manager environment
Currently, SYSTEMD_LOG_LEVEL set in the ManagerEnvironment property in system.conf
or user.conf doesn't affect the manager's logging level. Parsing the logging environment
variables again after pushing the manager environment into the process environment
block makes sure any new environment changes also get taken into account for logging.
(cherry picked from commit a4303b4096d9a75acd09c5b897ed3d20c9bca6de)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/b246b5370e95756e9597d8ec967ae030b442e73f
---
src/core/main.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/core/main.c b/src/core/main.c
index b32a19a1d8..c64c73883e 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -2454,6 +2454,9 @@ static int parse_configuration(const struct rlimit *saved_rlimit_nofile,
/* Push variables into the manager environment block */
setenv_manager_environment();
+ /* Parse log environment variables again to take into account any new environment variables. */
+ log_parse_environment();
+
return 0;
}
--
2.33.0

45
backport-core-Remove-circular-include.patch Normal file
View File

@ -0,0 +1,45 @@
From a203879ae5914fa1a676dbd480a7ad41ca0d8e40 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 24 Aug 2021 16:19:03 +0100
Subject: [PATCH] core: Remove circular include
service.h includes socket.h and socket.h includes service.h. Move
service.h include from socket.h to socket.c to remove the circular
dependency.
(cherry picked from commit a243128d1fcfc378df9fce1b4997148a17ef23a5)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/a203879ae5914fa1a676dbd480a7ad41ca0d8e40
---
src/core/socket.c | 1 +
src/core/socket.h | 1 -
2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/socket.c b/src/core/socket.c
index 8144780bf8..f362a5baa8 100644
--- a/src/core/socket.c
+++ b/src/core/socket.c
@@ -34,6 +34,7 @@
#include "process-util.h"
#include "selinux-util.h"
#include "serialize.h"
+#include "service.h"
#include "signal-util.h"
#include "smack-util.h"
#include "socket.h"
diff --git a/src/core/socket.h b/src/core/socket.h
index a65195f2aa..6813bdcf8c 100644
--- a/src/core/socket.h
+++ b/src/core/socket.h
@@ -5,7 +5,6 @@ typedef struct Socket Socket;
typedef struct SocketPeer SocketPeer;
#include "mount.h"
-#include "service.h"
#include "socket-util.h"
#include "unit.h"
--
2.33.0

48
backport-core-bpf-firewall-make-bpf_firewall_supported-always.patch Normal file
View File

@ -0,0 +1,48 @@
From 27028ef0f0bc128d14f41e233ad256687fd7e379 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 1 Dec 2021 21:07:22 +0900
Subject: [PATCH] core/bpf-firewall: make bpf_firewall_supported() always set
unsupported reason when BPF_FIREWALL_UNSUPPORTED is returned
Otherwise, log_unit_full_errno() in emit_bpf_firewall_warning() will
trigger an assertion.
(cherry picked from commit 8751bb6f5e89562d438566c374b9c3a1059c9211)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/27028ef0f0bc128d14f41e233ad256687fd7e379
---
src/core/bpf-firewall.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/core/bpf-firewall.c b/src/core/bpf-firewall.c
index 9317edeb4c..4a92052925 100644
--- a/src/core/bpf-firewall.c
+++ b/src/core/bpf-firewall.c
@@ -869,7 +869,10 @@ int bpf_firewall_supported(void) {
/* YAY! */
} else {
- log_debug("Wut? Kernel accepted our invalid BPF_PROG_DETACH call? Something is weird, assuming BPF firewalling is broken and hence not supported.");
+ bpf_firewall_unsupported_reason =
+ log_debug_errno(SYNTHETIC_ERRNO(EBADE),
+ "Wut? Kernel accepted our invalid BPF_PROG_DETACH call? "
+ "Something is weird, assuming BPF firewalling is broken and hence not supported.");
return supported = BPF_FIREWALL_UNSUPPORTED;
}
@@ -897,7 +900,10 @@ int bpf_firewall_supported(void) {
return supported = BPF_FIREWALL_SUPPORTED;
} else {
- log_debug("Wut? Kernel accepted our invalid BPF_PROG_ATTACH+BPF_F_ALLOW_MULTI call? Something is weird, assuming BPF firewalling is broken and hence not supported.");
+ bpf_firewall_unsupported_reason =
+ log_debug_errno(SYNTHETIC_ERRNO(EBADE),
+ "Wut? Kernel accepted our invalid BPF_PROG_ATTACH+BPF_F_ALLOW_MULTI call? "
+ "Something is weird, assuming BPF firewalling is broken and hence not supported.");
return supported = BPF_FIREWALL_UNSUPPORTED;
}
}
--
2.33.0

16
backport-core-cgroup-fix-error-handling-of-cg_remove_xattr.patch
View File

@ -1,17 +1,21 @@
From 0cddb53c85588fbfb8043f622895c7bd15819198 Mon Sep 17 00:00:00 2001
From 7e79bfce0674c58068d2a125ed666986544e790f Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 5 Aug 2021 03:13:48 +0900
Subject: [PATCH 1/2] core/cgroup: fix error handling of cg_remove_xattr()
Subject: [PATCH] core/cgroup: fix error handling of cg_remove_xattr()
(cherry picked from commit 0cddb53c85588fbfb8043f622895c7bd15819198)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/7e79bfce0674c58068d2a125ed666986544e790f
---
src/core/cgroup.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index e5fd6672bb..83bd97327d 100644
index 2cbb789978..eab0929dc5 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -717,13 +717,13 @@ void cgroup_oomd_xattr_apply(Unit *u, const char *cgroup_path) {
@@ -724,13 +724,13 @@ void cgroup_oomd_xattr_apply(Unit *u, const char *cgroup_path) {
if (c->moom_preference != MANAGED_OOM_PREFERENCE_AVOID) {
r = cg_remove_xattr(SYSTEMD_CGROUP_CONTROLLER, cgroup_path, "user.oomd_avoid");
@ -27,7 +31,7 @@ index e5fd6672bb..83bd97327d 100644
log_unit_debug_errno(u, r, "Failed to remove oomd_omit flag on control group %s, ignoring: %m", cgroup_path);
}
}
@@ -755,7 +755,7 @@ static void cgroup_xattr_apply(Unit *u) {
@@ -762,7 +762,7 @@ static void cgroup_xattr_apply(Unit *u) {
log_unit_debug_errno(u, r, "Failed to set delegate flag on control group %s, ignoring: %m", u->cgroup_path);
} else {
r = cg_remove_xattr(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "trusted.delegate");
@ -37,5 +41,5 @@ index e5fd6672bb..83bd97327d 100644
}
--
2.27.0
2.33.0

119
backport-core-cgroup-set-bfq.weight-first-and-fixes-blkio.wei.patch Normal file
View File

@ -0,0 +1,119 @@
From 55af1d4ce32a32ebd3106cbdf1ef8b6cda55175f Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 25 Aug 2021 01:28:47 +0900
Subject: [PATCH] core/cgroup: set bfq.weight first, and fixes blkio.weight
value
Fixes issues introduced by 29eb0eefd14afc9a2424781a28b376db47c3c570.
This also fixes the value sets to blkio.weight, that is, "default" is dropped.
Moreover, This also changes the logic for mapping weight -> bfq.weight,
to always matches the min, max, and default values.
Fixes #20519 and #21187.
(cherry picked from commit 17283ce7b6035775f125585d1b228226942daf4b)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/55af1d4ce32a32ebd3106cbdf1ef8b6cda55175f
---
src/core/cgroup.c | 55 +++++++++++++++++++++++++++++++++++++----------
1 file changed, 44 insertions(+), 11 deletions(-)
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index 79e10ca3c0..8b5b403ae8 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -37,6 +37,12 @@
#define CGROUP_CPU_QUOTA_DEFAULT_PERIOD_USEC ((usec_t) 100 * USEC_PER_MSEC)
+/* Special values for the bfq.weight attribute */
+#define CGROUP_BFQ_WEIGHT_INVALID UINT64_MAX
+#define CGROUP_BFQ_WEIGHT_MIN UINT64_C(1)
+#define CGROUP_BFQ_WEIGHT_MAX UINT64_C(1000)
+#define CGROUP_BFQ_WEIGHT_DEFAULT UINT64_C(100)
+
/* Returns the log level to use when cgroup attribute writes fail. When an attribute is missing or we have access
* problems we downgrade to LOG_DEBUG. This is supposed to be nice to container managers and kernels which want to mask
* out specific attributes from us. */
@@ -1194,21 +1200,48 @@ static int cgroup_apply_devices(Unit *u) {
return r;
}
-static void set_io_weight(Unit *u, const char *controller, uint64_t weight) {
- char buf[8+DECIMAL_STR_MAX(uint64_t)+1];
- const char *p;
+static void set_io_weight(Unit *u, uint64_t weight) {
+ char buf[STRLEN("default \n")+DECIMAL_STR_MAX(uint64_t)];
+ uint64_t bfq_weight;
+
+ assert(u);
+
+ /* FIXME: drop this when distro kernels properly support BFQ through "io.weight"
+ * See also: https://github.com/systemd/systemd/pull/13335 and
+ * https://github.com/torvalds/linux/commit/65752aef0a407e1ef17ec78a7fc31ba4e0b360f9.
+ * The range is 1..1000 apparently, and the default is 100. */
+ if (weight <= CGROUP_WEIGHT_DEFAULT)
+ bfq_weight = CGROUP_BFQ_WEIGHT_DEFAULT - (CGROUP_WEIGHT_DEFAULT - weight) * (CGROUP_BFQ_WEIGHT_DEFAULT - CGROUP_BFQ_WEIGHT_MIN) / (CGROUP_WEIGHT_DEFAULT - CGROUP_WEIGHT_MIN);
+ else
+ bfq_weight = CGROUP_BFQ_WEIGHT_DEFAULT + (weight - CGROUP_WEIGHT_DEFAULT) * (CGROUP_BFQ_WEIGHT_MAX - CGROUP_BFQ_WEIGHT_DEFAULT) / (CGROUP_WEIGHT_MAX - CGROUP_WEIGHT_DEFAULT);
+
+ xsprintf(buf, "%" PRIu64 "\n", bfq_weight);
+ (void) set_attribute_and_warn(u, "io", "io.bfq.weight", buf);
- p = strjoina(controller, ".weight");
xsprintf(buf, "default %" PRIu64 "\n", weight);
- (void) set_attribute_and_warn(u, controller, p, buf);
+ (void) set_attribute_and_warn(u, "io", "io.weight", buf);
+}
+
+static void set_blkio_weight(Unit *u, uint64_t weight) {
+ char buf[STRLEN("\n")+DECIMAL_STR_MAX(uint64_t)];
+ uint64_t bfq_weight;
+
+ assert(u);
/* FIXME: drop this when distro kernels properly support BFQ through "io.weight"
* See also: https://github.com/systemd/systemd/pull/13335 and
* https://github.com/torvalds/linux/commit/65752aef0a407e1ef17ec78a7fc31ba4e0b360f9.
- * The range is 1..1000 apparently. */
- p = strjoina(controller, ".bfq.weight");
- xsprintf(buf, "%" PRIu64 "\n", (weight + 9) / 10);
- (void) set_attribute_and_warn(u, controller, p, buf);
+ * The range is 1..1000 apparently, and the default is 100. */
+ if (weight <= CGROUP_BLKIO_WEIGHT_DEFAULT)
+ bfq_weight = CGROUP_BFQ_WEIGHT_DEFAULT - (CGROUP_BLKIO_WEIGHT_DEFAULT - weight) * (CGROUP_BFQ_WEIGHT_DEFAULT - CGROUP_BFQ_WEIGHT_MIN) / (CGROUP_BLKIO_WEIGHT_DEFAULT - CGROUP_BLKIO_WEIGHT_MIN);
+ else
+ bfq_weight = CGROUP_BFQ_WEIGHT_DEFAULT + (weight - CGROUP_BLKIO_WEIGHT_DEFAULT) * (CGROUP_BFQ_WEIGHT_MAX - CGROUP_BFQ_WEIGHT_DEFAULT) / (CGROUP_BLKIO_WEIGHT_MAX - CGROUP_BLKIO_WEIGHT_DEFAULT);
+
+ xsprintf(buf, "%" PRIu64 "\n", bfq_weight);
+ (void) set_attribute_and_warn(u, "blkio", "blkio.bfq.weight", buf);
+
+ xsprintf(buf, "%" PRIu64 "\n", weight);
+ (void) set_attribute_and_warn(u, "blkio", "blkio.weight", buf);
}
static void cgroup_apply_bpf_foreign_program(Unit *u) {
@@ -1322,7 +1355,7 @@ static void cgroup_context_apply(
} else
weight = CGROUP_WEIGHT_DEFAULT;
- set_io_weight(u, "io", weight);
+ set_io_weight(u, weight);
if (has_io) {
CGroupIODeviceLatency *latency;
@@ -1392,7 +1425,7 @@ static void cgroup_context_apply(
else
weight = CGROUP_BLKIO_WEIGHT_DEFAULT;
- set_io_weight(u, "blkio", weight);
+ set_blkio_weight(u, weight);
if (has_io) {
CGroupIODeviceWeight *w;
--
2.33.0

82
backport-core-cgroup-use-helper-macro-for-bfq-conversion.patch Normal file
View File

@ -0,0 +1,82 @@
From d98169555c07668d999ac8ad62718da0ae9eec0f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 10 Nov 2021 11:37:15 +0100
Subject: [PATCH] core/cgroup: use helper macro for bfq conversion
As suggested in https://github.com/systemd/systemd/pull/20522#discussion_r696699984.
(cherry picked from commit 311822ac28c99e2fb0e25286bdb72c9188314a66)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/d98169555c07668d999ac8ad62718da0ae9eec0f
---
src/core/cgroup.c | 34 ++++++++++++++++------------------
1 file changed, 16 insertions(+), 18 deletions(-)
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index 8b5b403ae8..6e4780f2f6 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -1200,9 +1200,21 @@ static int cgroup_apply_devices(Unit *u) {
return r;
}
+/* Convert the normal io.weight value to io.bfq.weight */
+#define BFQ_WEIGHT(weight) \
+ (weight <= CGROUP_WEIGHT_DEFAULT ? \
+ CGROUP_BFQ_WEIGHT_DEFAULT - (CGROUP_WEIGHT_DEFAULT - weight) * (CGROUP_BFQ_WEIGHT_DEFAULT - CGROUP_BFQ_WEIGHT_MIN) / (CGROUP_WEIGHT_DEFAULT - CGROUP_WEIGHT_MIN) : \
+ CGROUP_BFQ_WEIGHT_DEFAULT + (weight - CGROUP_WEIGHT_DEFAULT) * (CGROUP_BFQ_WEIGHT_MAX - CGROUP_BFQ_WEIGHT_DEFAULT) / (CGROUP_WEIGHT_MAX - CGROUP_WEIGHT_DEFAULT))
+
+assert_cc(BFQ_WEIGHT(1) == 1);
+assert_cc(BFQ_WEIGHT(50) == 50);
+assert_cc(BFQ_WEIGHT(100) == 100);
+assert_cc(BFQ_WEIGHT(500) == 136);
+assert_cc(BFQ_WEIGHT(5000) == 545);
+assert_cc(BFQ_WEIGHT(10000) == 1000);
+
static void set_io_weight(Unit *u, uint64_t weight) {
char buf[STRLEN("default \n")+DECIMAL_STR_MAX(uint64_t)];
- uint64_t bfq_weight;
assert(u);
@@ -1210,12 +1222,7 @@ static void set_io_weight(Unit *u, uint64_t weight) {
* See also: https://github.com/systemd/systemd/pull/13335 and
* https://github.com/torvalds/linux/commit/65752aef0a407e1ef17ec78a7fc31ba4e0b360f9.
* The range is 1..1000 apparently, and the default is 100. */
- if (weight <= CGROUP_WEIGHT_DEFAULT)
- bfq_weight = CGROUP_BFQ_WEIGHT_DEFAULT - (CGROUP_WEIGHT_DEFAULT - weight) * (CGROUP_BFQ_WEIGHT_DEFAULT - CGROUP_BFQ_WEIGHT_MIN) / (CGROUP_WEIGHT_DEFAULT - CGROUP_WEIGHT_MIN);
- else
- bfq_weight = CGROUP_BFQ_WEIGHT_DEFAULT + (weight - CGROUP_WEIGHT_DEFAULT) * (CGROUP_BFQ_WEIGHT_MAX - CGROUP_BFQ_WEIGHT_DEFAULT) / (CGROUP_WEIGHT_MAX - CGROUP_WEIGHT_DEFAULT);
-
- xsprintf(buf, "%" PRIu64 "\n", bfq_weight);
+ xsprintf(buf, "%" PRIu64 "\n", BFQ_WEIGHT(weight));
(void) set_attribute_and_warn(u, "io", "io.bfq.weight", buf);
xsprintf(buf, "default %" PRIu64 "\n", weight);
@@ -1224,20 +1231,11 @@ static void set_io_weight(Unit *u, uint64_t weight) {
static void set_blkio_weight(Unit *u, uint64_t weight) {
char buf[STRLEN("\n")+DECIMAL_STR_MAX(uint64_t)];
- uint64_t bfq_weight;
assert(u);
- /* FIXME: drop this when distro kernels properly support BFQ through "io.weight"
- * See also: https://github.com/systemd/systemd/pull/13335 and
- * https://github.com/torvalds/linux/commit/65752aef0a407e1ef17ec78a7fc31ba4e0b360f9.
- * The range is 1..1000 apparently, and the default is 100. */
- if (weight <= CGROUP_BLKIO_WEIGHT_DEFAULT)
- bfq_weight = CGROUP_BFQ_WEIGHT_DEFAULT - (CGROUP_BLKIO_WEIGHT_DEFAULT - weight) * (CGROUP_BFQ_WEIGHT_DEFAULT - CGROUP_BFQ_WEIGHT_MIN) / (CGROUP_BLKIO_WEIGHT_DEFAULT - CGROUP_BLKIO_WEIGHT_MIN);
- else
- bfq_weight = CGROUP_BFQ_WEIGHT_DEFAULT + (weight - CGROUP_BLKIO_WEIGHT_DEFAULT) * (CGROUP_BFQ_WEIGHT_MAX - CGROUP_BFQ_WEIGHT_DEFAULT) / (CGROUP_BLKIO_WEIGHT_MAX - CGROUP_BLKIO_WEIGHT_DEFAULT);
-
- xsprintf(buf, "%" PRIu64 "\n", bfq_weight);
+ /* FIXME: see comment in set_io_weight(). */
+ xsprintf(buf, "%" PRIu64 "\n", BFQ_WEIGHT(weight));
(void) set_attribute_and_warn(u, "blkio", "blkio.bfq.weight", buf);
xsprintf(buf, "%" PRIu64 "\n", weight);
--
2.33.0

148
backport-core-check-size-before-mmap.patch Normal file
View File

@ -0,0 +1,148 @@
From d7ff7e3b6e2bd9eee809880d3632b293097e22e7 Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Wed, 2 Mar 2022 22:03:26 +0100
Subject: [PATCH] core: check size before mmap
The data type off_t can be 64 on 32 bit systems if they have large
file support. Since mmap expects a size_t with 32 bits as second
argument truncation could occur. At worst these huge files could
lead to mmaps smaller than the previous check for small files.
This in turn shouldn't have a lot of impact because mmap allocates
at page size boundaries. This also made the PAGE_ALIGN call in
open_mmap unneeded. In fact it was neither in sync with other mmap
calls nor with its own munmap counterpart in error path.
If such large files are encountered, which is very unlikely in these
code paths, treat them with the same error as if they are too small.
(cherry picked from commit 1a823cdeb9faea3849843e0b3dae0fbdd607e8b7)
(cherry picked from commit 6b37adf4a16c8f7e917dfd9f19dab259cda878b2)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/d7ff7e3b6e2bd9eee809880d3632b293097e22e7
---
src/basic/fileio.h | 6 ++++++
src/basic/locale-util.c | 4 ++++
src/boot/bootctl.c | 2 +-
src/libsystemd/sd-hwdb/sd-hwdb.c | 4 ++++
src/libsystemd/sd-journal/catalog.c | 4 ++--
src/libsystemd/sd-journal/compress.c | 4 ++++
6 files changed, 21 insertions(+), 3 deletions(-)
diff --git a/src/basic/fileio.h b/src/basic/fileio.h
index 9bd2037f5b..ee356ddb02 100644
--- a/src/basic/fileio.h
+++ b/src/basic/fileio.h
@@ -112,6 +112,12 @@ typedef enum ReadLineFlags {
int read_line_full(FILE *f, size_t limit, ReadLineFlags flags, char **ret);
+static inline bool file_offset_beyond_memory_size(off_t x) {
+ if (x < 0) /* off_t is signed, filter that out */
+ return false;
+ return (uint64_t) x > (uint64_t) SIZE_MAX;
+}
+
static inline int read_line(FILE *f, size_t limit, char **ret) {
return read_line_full(f, limit, 0, ret);
}
diff --git a/src/basic/locale-util.c b/src/basic/locale-util.c
index fd6b01cfaa..b181646abe 100644
--- a/src/basic/locale-util.c
+++ b/src/basic/locale-util.c
@@ -15,6 +15,7 @@
#include "dirent-util.h"
#include "env-util.h"
#include "fd-util.h"
+#include "fileio.h"
#include "hashmap.h"
#include "locale-util.h"
#include "path-util.h"
@@ -113,6 +114,9 @@ static int add_locales_from_archive(Set *locales) {
if (st.st_size < (off_t) sizeof(struct locarhead))
return -EBADMSG;
+ if (file_offset_beyond_memory_size(st.st_size))
+ return -EFBIG;
+
p = mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
if (p == MAP_FAILED)
return -errno;
diff --git a/src/boot/bootctl.c b/src/boot/bootctl.c
index bd96812246..d6eb6d00a5 100644
--- a/src/boot/bootctl.c
+++ b/src/boot/bootctl.c
@@ -145,7 +145,7 @@ static int get_file_version(int fd, char **v) {
if (r < 0)
return log_error_errno(r, "EFI binary is not a regular file: %m");
- if (st.st_size < 27) {
+ if (st.st_size < 27 || file_offset_beyond_memory_size(st.st_size)) {
*v = NULL;
return 0;
}
diff --git a/src/libsystemd/sd-hwdb/sd-hwdb.c b/src/libsystemd/sd-hwdb/sd-hwdb.c
index 53601765fe..748cf26934 100644
--- a/src/libsystemd/sd-hwdb/sd-hwdb.c
+++ b/src/libsystemd/sd-hwdb/sd-hwdb.c
@@ -15,6 +15,7 @@
#include "alloc-util.h"
#include "fd-util.h"
+#include "fileio.h"
#include "hashmap.h"
#include "hwdb-internal.h"
#include "nulstr-util.h"
@@ -312,6 +313,9 @@ _public_ int sd_hwdb_new(sd_hwdb **ret) {
if (hwdb->st.st_size < (off_t) offsetof(struct trie_header_f, strings_len) + 8)
return log_debug_errno(SYNTHETIC_ERRNO(EIO),
"File %s is too short: %m", hwdb_bin_path);
+ if (file_offset_beyond_memory_size(hwdb->st.st_size))
+ return log_debug_errno(SYNTHETIC_ERRNO(EFBIG),
+ "File %s is too long: %m", hwdb_bin_path);
hwdb->map = mmap(0, hwdb->st.st_size, PROT_READ, MAP_SHARED, fileno(hwdb->f), 0);
if (hwdb->map == MAP_FAILED)
diff --git a/src/libsystemd/sd-journal/catalog.c b/src/libsystemd/sd-journal/catalog.c
index ce8d47ccc3..f2ad1a2039 100644
--- a/src/libsystemd/sd-journal/catalog.c
+++ b/src/libsystemd/sd-journal/catalog.c
@@ -524,10 +524,10 @@ static int open_mmap(const char *database, int *_fd, struct stat *_st, void **_p
if (fstat(fd, &st) < 0)
return -errno;
- if (st.st_size < (off_t) sizeof(CatalogHeader))
+ if (st.st_size < (off_t) sizeof(CatalogHeader) || file_offset_beyond_memory_size(st.st_size))
return -EINVAL;
- p = mmap(NULL, PAGE_ALIGN(st.st_size), PROT_READ, MAP_SHARED, fd, 0);
+ p = mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
if (p == MAP_FAILED)
return -errno;
diff --git a/src/libsystemd/sd-journal/compress.c b/src/libsystemd/sd-journal/compress.c
index 837abab76c..cb2e82667f 100644
--- a/src/libsystemd/sd-journal/compress.c
+++ b/src/libsystemd/sd-journal/compress.c
@@ -25,6 +25,7 @@
#include "alloc-util.h"
#include "compress.h"
#include "fd-util.h"
+#include "fileio.h"
#include "io-util.h"
#include "journal-def.h"
#include "macro.h"
@@ -807,6 +808,9 @@ int decompress_stream_lz4(int in, int out, uint64_t max_bytes) {
if (fstat(in, &st) < 0)
return log_debug_errno(errno, "fstat() failed: %m");
+ if (file_offset_beyond_memory_size(st.st_size))
+ return -EFBIG;
+
buf = malloc(LZ4_BUFSIZE);
if (!buf)
return -ENOMEM;
--
2.33.0

69
backport-core-command-argument-can-be-longer-than-PATH_MAX.patch Normal file
View File

@ -0,0 +1,69 @@
From a8a4d9a65902b8bfb15395479451070e9644560a Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Tue, 5 Apr 2022 21:47:46 +0900
Subject: [PATCH] core: command argument can be longer than PATH_MAX
Fixes a bug introduced by 065364920281e1cf59cab989e17aff21790505c4.
Fixes #22957.
(cherry picked from commit 58dd4999dcc81a0ed92fbd78bce3592c3e3afe9e)
(cherry picked from commit 9727b9ee7b90afb8fa0e6328dcb6c34b1522d4fd)
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/a8a4d9a65902b8bfb15395479451070e9644560a
---
src/core/load-fragment.c | 2 +-
src/test/test-load-fragment.c | 16 ++++++++++++++++
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index 399a759ad0..cd07f3e60d 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -849,7 +849,7 @@ int config_parse_exec(
if (r < 0)
return ignore ? 0 : -ENOEXEC;
- r = unit_path_printf(u, word, &resolved);
+ r = unit_full_printf(u, word, &resolved);
if (r < 0) {
log_syntax(unit, ignore ? LOG_WARNING : LOG_ERR, filename, line, r,
"Failed to resolve unit specifiers in %s%s: %m",
diff --git a/src/test/test-load-fragment.c b/src/test/test-load-fragment.c
index b41a8abf7b..1a0a0579b2 100644
--- a/src/test/test-load-fragment.c
+++ b/src/test/test-load-fragment.c
@@ -10,6 +10,7 @@
#include "capability-util.h"
#include "conf-parser.h"
#include "fd-util.h"
+#include "fileio.h"
#include "format-util.h"
#include "fs-util.h"
#include "hashmap.h"
@@ -412,6 +413,21 @@ static void test_config_parse_exec(void) {
assert_se(r == 0);
assert_se(c1->command_next == NULL);
+ log_info("/* long arg */"); /* See issue #22957. */
+
+ char x[LONG_LINE_MAX-100], *y;
+ y = mempcpy(x, "/bin/echo ", STRLEN("/bin/echo "));
+ memset(y, 'x', sizeof(x) - STRLEN("/bin/echo ") - 1);
+ x[sizeof(x) - 1] = '\0';
+
+ r = config_parse_exec(NULL, "fake", 5, "section", 1,
+ "LValue", 0, x,
+ &c, u);
+ assert_se(r >= 0);
+ c1 = c1->command_next;
+ check_execcommand(c1,
+ "/bin/echo", NULL, y, NULL, false);
+
log_info("/* empty argument, reset */");
r = config_parse_exec(NULL, "fake", 4, "section", 1,
"LValue", 0, "",
--
2.33.0

33
backport-core-don-t-fail-on-EEXIST-when-creating-mount-point.patch Normal file
View File

@ -0,0 +1,33 @@
From 37e8b3a312e64886c6fb1401c741dee7c8c102f4 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Fri, 28 Jan 2022 22:56:10 +0000
Subject: [PATCH] core: don't fail on EEXIST when creating mount point
systemd[1016]: Failed to mount /tmp/app1 (type n/a) on /run/systemd/unit-extensions/1 (MS_BIND ): No such file or directory
systemd[1016]: Failed to create destination mount point node '/run/systemd/unit-extensions/1': File exists
(cherry picked from commit 9d6d4c305ab8d65aab7f546450d7331f760b7259)
(cherry picked from commit ae8bc570a81e1286eb5b59a77ef179a500b95f9d)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/37e8b3a312e64886c6fb1401c741dee7c8c102f4
---
src/core/namespace.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/namespace.c b/src/core/namespace.c
index a6c6963bb7..19942d912f 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -1380,7 +1380,7 @@ static int apply_one_mount(
(void) mkdir_parents(mount_entry_path(m), 0755);
q = make_mount_point_inode_from_path(what, mount_entry_path(m), 0755);
- if (q < 0)
+ if (q < 0 && q != -EEXIST)
log_error_errno(q, "Failed to create destination mount point node '%s': %m",
mount_entry_path(m));
else
--
2.33.0

19
backport-core-fix-SIGABRT-on-empty-exec-command-argv.patch
View File

@ -1,7 +1,7 @@
From 29500cf8c47e6eb0518d171d62aa8213020c9152 Mon Sep 17 00:00:00 2001
From 7a58bf7aac8b2c812ee0531b0cc426e0067edd35 Mon Sep 17 00:00:00 2001
From: Henri Chain <henri.chain@enioka.com>
Date: Tue, 5 Oct 2021 13:10:31 +0200
Subject: [PATCH 1/2] core: fix SIGABRT on empty exec command argv
Subject: [PATCH] core: fix SIGABRT on empty exec command argv
This verifies that the argv part of any exec_command parameters that
are sent through dbus is not empty at deserialization time.
@ -11,6 +11,11 @@ checks if all exec_commands are correctly populated, after the service
has been loaded, whether through dbus or otherwise.
Fixes #20933.
(cherry picked from commit 29500cf8c47e6eb0518d171d62aa8213020c9152)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/7a58bf7aac8b2c812ee0531b0cc426e0067edd35
---
src/core/dbus-execute.c | 4 ++++
src/core/service.c | 10 ++++++++++
@ -18,10 +23,10 @@ Fixes #20933.
3 files changed, 45 insertions(+)
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
index 488de1242a..5665656b7b 100644
index 50daef6702..902e074bd2 100644
--- a/src/core/dbus-execute.c
+++ b/src/core/dbus-execute.c
@@ -1423,6 +1423,10 @@ int bus_set_transient_exec_command(
@@ -1421,6 +1421,10 @@ int bus_set_transient_exec_command(
if (r < 0)
return r;
@ -33,10 +38,10 @@ index 488de1242a..5665656b7b 100644
if (r < 0)
return r;
diff --git a/src/core/service.c b/src/core/service.c
index 9299813d45..4c75819a8f 100644
index b7cfc04c84..e061d488c7 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -564,6 +564,16 @@ static int service_verify(Service *s) {
@@ -548,6 +548,16 @@ static int service_verify(Service *s) {
assert(s);
assert(UNIT(s)->load_state == UNIT_LOADED);
@ -96,5 +101,5 @@ index 4ef7c878a8..5488447a87 100755
echo OK >/testok
--
2.27.0
2.33.0

10
backport-core-fix-free-undefined-pointer-when-strdup-failed-i.patch
View File

@ -1,15 +1,19 @@
From 1509274359979079e3e61899ce12fc8b0f0958d9 Mon Sep 17 00:00:00 2001
From b5162039b2309b78a9c1feb6cc1355988e02b6c3 Mon Sep 17 00:00:00 2001
From: xujing <17826839720@163.com>
Date: Wed, 8 Sep 2021 14:26:20 +0800
Subject: [PATCH] core: fix free undefined pointer when strdup failed in the
first loop
(cherry picked from commit 1509274359979079e3e61899ce12fc8b0f0958d9)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/b5162039b2309b78a9c1feb6cc1355988e02b6c3
---
src/core/load-fragment.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index 92815b1dbaea..1c8159a23550 100644
index 8fb3c378ee..399a759ad0 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -800,7 +800,7 @@ int config_parse_exec(
@ -30,4 +34,6 @@ index 92815b1dbaea..1c8159a23550 100644
return log_oom();
w = strdup(";");
--
2.33.0

30
backport-core-ignore-failure-on-setting-smack-process-label-w.patch Normal file
View File

@ -0,0 +1,30 @@
From 4e057fc39be6ce27afcf0371ebcb7e224a7eeb2d Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 1 Nov 2021 13:48:32 +0900
Subject: [PATCH] core: ignore failure on setting smack process label when
allowed
(cherry picked from commit 29ff62473b119c0e1d3467148eddcdccc2c9b732)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/4e057fc39be6ce27afcf0371ebcb7e224a7eeb2d
---
src/core/execute.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index e324db87cc..2f2de4d9cf 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -4408,7 +4408,7 @@ static int exec_child(
* process. This is the latest place before dropping capabilities. Other MAC context are set later. */
if (use_smack) {
r = setup_smack(context, executable_fd);
- if (r < 0) {
+ if (r < 0 && !context->smack_process_label_ignore) {
*exit_status = EXIT_SMACK_PROCESS_LABEL;
return log_unit_error_errno(unit, r, "Failed to set SMACK process label: %m");
}
--
2.33.0

34
backport-core-mount-add-implicit-unit-dependencies-even-if-wh.patch Normal file
View File

@ -0,0 +1,34 @@
From 1bb8af46d1181a407cbc858025b85392f3af7812 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 29 Aug 2021 21:20:43 +0900
Subject: [PATCH] core/mount: add implicit unit dependencies even if when mount
unit is generated from /proc/self/mountinfo
Hopefully fixes #20566.
(cherry picked from commit aebff2e7ce209fc2d75b894a3ae8b80f6f36ec11)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/1bb8af46d1181a407cbc858025b85392f3af7812
---
src/core/mount.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/core/mount.c b/src/core/mount.c
index cde4b52731..9bec190cb6 100644
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -1576,6 +1576,10 @@ static int mount_setup_new_unit(
if (r < 0)
return r;
+ r = mount_add_non_exec_dependencies(MOUNT(u));
+ if (r < 0)
+ return r;
+
/* This unit was generated because /proc/self/mountinfo reported it. Remember this, so that by the time we load
* the unit file for it (and thus add in extra deps right after) we know what source to attributes the deps
* to. */
--
2.33.0

35
backport-core-mount-fail-early-if-directory-cannot-be-created.patch Normal file
View File

@ -0,0 +1,35 @@
From 22239a861897fcd7c4d16f728c4bb40d84793961 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 2 Feb 2022 14:05:45 +0900
Subject: [PATCH] core/mount: fail early if directory cannot be created
Prompted by #22334.
(cherry picked from commit e4de58c8231e47509ffeb3aa47620ca42f22d7f6)
(cherry picked from commit 1d7e0b68048ba0760f8fdf6a26c7a5017ac38569)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/22239a861897fcd7c4d16f728c4bb40d84793961
---
src/core/mount.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/core/mount.c b/src/core/mount.c
index af39db214b..673eec32b8 100644
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -1035,8 +1035,10 @@ static void mount_enter_mounting(Mount *m) {
r = mkdir_p_label(p->what, m->directory_mode);
/* mkdir_p_label() can return -EEXIST if the target path exists and is not a directory - which is
* totally OK, in case the user wants us to overmount a non-directory inode. */
- if (r < 0 && r != -EEXIST)
+ if (r < 0 && r != -EEXIST) {
log_unit_error_errno(UNIT(m), r, "Failed to make bind mount source '%s': %m", p->what);
+ goto fail;
+ }
}
if (p) {
--
2.33.0

53
backport-core-namespace-allow-using-ProtectSubset-pid-and-Pro.patch Normal file
View File

@ -0,0 +1,53 @@
From eeb50421761e3ac562e96c47fb5f0f6ed622cfe1 Mon Sep 17 00:00:00 2001
From: Christian Brauner <brauner@kernel.org>
Date: Fri, 21 Jan 2022 13:08:19 +0100
Subject: [PATCH] core/namespace: allow using ProtectSubset=pid and
ProtectHostname=true together
If a service requests both ProtectSubset=pid and ProtectHostname=true
then it will currently fail to start. The ProcSubset=pid option
instructs systemd to mount procfs for the service with subset=pid which
hides all entries other than /proc/<pid>. Consequently trying to
interact with the two files /proc/sys/kernel/{hostname,domainname}
covered by ProtectHostname=true will fail.
Fix this by only performing this check when ProtectSubset=pid is not
requested. Essentially ProtectSubset=pid implies/provides
ProtectHostname=true.
(cherry picked from commit 1361f015773e3b4d74e382edf1565f3315a3396b)
(cherry picked from commit a727941affa7821592d503c8a5033c92d615f64c)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/eeb50421761e3ac562e96c47fb5f0f6ed622cfe1
---
src/core/namespace.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/core/namespace.c b/src/core/namespace.c
index e3aebe8b5e..5961b14f98 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -2115,14 +2115,19 @@ int setup_namespace(
goto finish;
}
+ /* Note, if proc is mounted with subset=pid then neither of the
+ * two paths will exist, i.e. they are implicitly protected by
+ * the mount option. */
if (ns_info->protect_hostname) {
*(m++) = (MountEntry) {
.path_const = "/proc/sys/kernel/hostname",
.mode = READONLY,
+ .ignore = ignore_protect_proc,
};
*(m++) = (MountEntry) {
.path_const = "/proc/sys/kernel/domainname",
.mode = READONLY,
+ .ignore = ignore_protect_proc,
};
}
--
2.33.0

65
backport-core-namespace-s-normalize_mounts-drop_unused_mounts.patch Normal file
View File

@ -0,0 +1,65 @@
From 2540b0e3e0aa3e9bc4eef39723aa869f235923dd Mon Sep 17 00:00:00 2001
From: Christian Brauner <brauner@kernel.org>
Date: Mon, 24 Jan 2022 10:12:57 +0100
Subject: [PATCH] core/namespace: s/normalize_mounts()/drop_unused_mounts()
Rename the normalize_mounts() helper to drop_unused_mounts. All the
helpers called in there get rid of mounts that are unused for a variety
of reasons. And whereas the helpers are aptly prefixed with "drop" the
overall helper isn't and instead uses "normalize".
Make it more obvious what the helper actually does by renaming it from
normalize_mounts() to drop_unused_mounts(). Readers of code calling this
helper will immediately see that it will get rid of unused mounts.
Link: https://github.com/systemd/systemd/issues/22206
(cherry picked from commit fbf90c0d5cadc5d1e95485f770f45a7d4cd39daa)
(cherry picked from commit 09936a7ec92c859b3c4c9520ecd49c2909a8b35c)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/2540b0e3e0aa3e9bc4eef39723aa869f235923dd
---
src/core/namespace.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/src/core/namespace.c b/src/core/namespace.c
index 5961b14f98..a6c6963bb7 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -1578,7 +1578,14 @@ static size_t namespace_calculate_mounts(
ns_info->private_ipc; /* /dev/mqueue */
}
-static void normalize_mounts(const char *root_directory, MountEntry *mounts, size_t *n_mounts) {
+/* Walk all mount entries and dropping any unused mounts. This affects all
+ * mounts:
+ * - that are implicitly protected by a path that has been rendered inaccessible
+ * - whose immediate parent requests the same protection mode as the mount itself
+ * - that are outside of the relevant root directory
+ * - which are duplicates
+ */
+static void drop_unused_mounts(const char *root_directory, MountEntry *mounts, size_t *n_mounts) {
assert(root_directory);
assert(n_mounts);
assert(mounts || *n_mounts == 0);
@@ -1659,7 +1666,7 @@ static int apply_mounts(
if (!again)
break;
- normalize_mounts(root, mounts, n_mounts);
+ drop_unused_mounts(root, mounts, n_mounts);
}
/* Create a deny list we can pass to bind_mount_recursive() */
@@ -2208,7 +2215,7 @@ int setup_namespace(
if (r < 0)
goto finish;
- normalize_mounts(root, mounts, &n_mounts);
+ drop_unused_mounts(root, mounts, &n_mounts);
}
/* All above is just preparation, figuring out what to do. Let's now actually start doing something. */
--
2.33.0

125
backport-core-normalize-r-variable-handling-in-unit_attach_pi.patch Normal file
View File

@ -0,0 +1,125 @@
From 84ec6a0043f7a447157753fb12e991ebce6e14b7 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 27 Oct 2021 23:08:58 +0200
Subject: [PATCH] core: normalize 'r' variable handling in
unit_attach_pids_to_cgroup() a bit
The 'r' variable is our "go-to" variable for error return codes, all
across our codebase. In unit_attach_pids_to_cgroup() it was so far used
in a strange way for most of the function: instead of directly storing
the error codes of functions we call we'd store it in a local variable
'q' instead, and propagate it to 'r' only in some cases finally we'd
return the ultimate result of 'r'.
Let's normalize this a bit: let's always store error return values in
'r', and then use 'ret' as the variable to sometimes propagate errors
to, and then return that.
This also allows us to get rid of one local variable.
No actual codeflow changes, just some renaming of variables that allows
us to remove one.
(cherry picked from commit db4229d12f48663400802171b336c7cadbbe04ef)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/84ec6a0043f7a447157753fb12e991ebce6e14b7
---
src/core/cgroup.c | 38 +++++++++++++++++++-------------------
1 file changed, 19 insertions(+), 19 deletions(-)
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index 5c07aa71d1..1551d57e90 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -2137,7 +2137,7 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
CGroupMask delegated_mask;
const char *p;
void *pidp;
- int r, q;
+ int ret, r;
assert(u);
@@ -2164,16 +2164,16 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
delegated_mask = unit_get_delegate_mask(u);
- r = 0;
+ ret = 0;
SET_FOREACH(pidp, pids) {
pid_t pid = PTR_TO_PID(pidp);
/* First, attach the PID to the main cgroup hierarchy */
- q = cg_attach(SYSTEMD_CGROUP_CONTROLLER, p, pid);
- if (q < 0) {
- bool again = MANAGER_IS_USER(u->manager) && ERRNO_IS_PRIVILEGE(q);
+ r = cg_attach(SYSTEMD_CGROUP_CONTROLLER, p, pid);
+ if (r < 0) {
+ bool again = MANAGER_IS_USER(u->manager) && ERRNO_IS_PRIVILEGE(r);
- log_unit_full_errno(u, again ? LOG_DEBUG : LOG_INFO, q,
+ log_unit_full_errno(u, again ? LOG_DEBUG : LOG_INFO, r,
"Couldn't move process "PID_FMT" to%s requested cgroup '%s': %m",
pid, again ? " directly" : "", empty_to_root(p));
@@ -2192,16 +2192,16 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
continue; /* When the bus thing worked via the bus we are fully done for this PID. */
}
- if (r >= 0)
- r = q; /* Remember first error */
+ if (ret >= 0)
+ ret = r; /* Remember first error */
continue;
}
- q = cg_all_unified();
- if (q < 0)
- return q;
- if (q > 0)
+ r = cg_all_unified();
+ if (r < 0)
+ return r;
+ if (r > 0)
continue;
/* In the legacy hierarchy, attach the process to the request cgroup if possible, and if not to the
@@ -2216,11 +2216,11 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
/* If this controller is delegated and realized, honour the caller's request for the cgroup suffix. */
if (delegated_mask & u->cgroup_realized_mask & bit) {
- q = cg_attach(cgroup_controller_to_string(c), p, pid);
- if (q >= 0)
+ r = cg_attach(cgroup_controller_to_string(c), p, pid);
+ if (r >= 0)
continue; /* Success! */
- log_unit_debug_errno(u, q, "Failed to attach PID " PID_FMT " to requested cgroup %s in controller %s, falling back to unit's cgroup: %m",
+ log_unit_debug_errno(u, r, "Failed to attach PID " PID_FMT " to requested cgroup %s in controller %s, falling back to unit's cgroup: %m",
pid, empty_to_root(p), cgroup_controller_to_string(c));
}
@@ -2231,14 +2231,14 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
if (!realized)
continue; /* Not even realized in the root slice? Then let's not bother */
- q = cg_attach(cgroup_controller_to_string(c), realized, pid);
- if (q < 0)
- log_unit_debug_errno(u, q, "Failed to attach PID " PID_FMT " to realized cgroup %s in controller %s, ignoring: %m",
+ r = cg_attach(cgroup_controller_to_string(c), realized, pid);
+ if (r < 0)
+ log_unit_debug_errno(u, r, "Failed to attach PID " PID_FMT " to realized cgroup %s in controller %s, ignoring: %m",
pid, realized, cgroup_controller_to_string(c));
}
}
- return r;
+ return ret;
}
static bool unit_has_mask_realized(
--
2.33.0

54
backport-core-really-skip-automatic-restart-when-a-JOB_STOP-j.patch Normal file
View File

@ -0,0 +1,54 @@
From b17f9c7c8db6959227cebf1b30ed1698d024382e Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Fri, 18 Feb 2022 10:06:24 +0100
Subject: [PATCH] core: really skip automatic restart when a JOB_STOP job is
pending
It's not clear why we rescheduled a service auto restart while a stop job for
the unit was pending. The comment claims that the unit shouldn't be restarted
but the code did reschedule an auto restart meanwhile.
In practice that was rarely an issue because the service waited for the next
auto restart to be rescheduled, letting the queued stop job to be proceed and
service_stop() to be called preventing the next restart to complete.
However when RestartSec=0, the timer expired right away making PID1 to
reschedule the unit again, making the timer expired right away... and so
on. This busy loop prevented PID1 to handle any queued jobs (and hence giving
no chance to the start rate limiting to trigger), which made the busy loop last
forever.
This patch breaks this loop by skipping the reschedule of the unit auto restart
and hence not depending on the value of u->restart_usec anymore.
Fixes: #13667
(cherry picked from commit c972880640ee19e89ce9265d8eae1b3aae190332)
(cherry picked from commit 2198c08d0786c5cec1b39283831969b2cc1adf40)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/b17f9c7c8db6959227cebf1b30ed1698d024382e
---
src/core/service.c | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/src/core/service.c b/src/core/service.c
index a480edc439..21bf3dc28c 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -2267,12 +2267,7 @@ static void service_enter_restart(Service *s) {
if (unit_has_job_type(UNIT(s), JOB_STOP)) {
/* Don't restart things if we are going down anyway */
- log_unit_info(UNIT(s), "Stop job pending for unit, delaying automatic restart.");
-
- r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->restart_usec));
- if (r < 0)
- goto fail;
-
+ log_unit_info(UNIT(s), "Stop job pending for unit, skipping automatic restart.");
return;
}
--
2.33.0

34
backport-core-refuse-to-mount-ExtensionImages-if-the-base-lay.patch Normal file
View File

@ -0,0 +1,34 @@
From af8d87d6bc8506629f1e73599ccdc4b8f8eaa6c8 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Wed, 19 Jan 2022 00:08:57 +0000
Subject: [PATCH] core: refuse to mount ExtensionImages if the base layer
doesn't at least have ID in os-release
We can't match an extension if we don't at least have an ID,
so refuse to continue
(cherry picked from commit 78ab2b5064a0f87579ce5430f9cb83bba0db069a)
(cherry picked from commit 179bd47f04c538ed1f2c1de2cf2c18f17b027a51)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/af8d87d6bc8506629f1e73599ccdc4b8f8eaa6c8
---
src/core/namespace.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/core/namespace.c b/src/core/namespace.c
index b933d46cf6..e3aebe8b5e 100644
--- a/src/core/namespace.c
+++ b/src/core/namespace.c
@@ -1151,6 +1151,8 @@ static int mount_image(const MountEntry *m, const char *root_directory) {
NULL);
if (r < 0)
return log_debug_errno(r, "Failed to acquire 'os-release' data of OS tree '%s': %m", empty_to_root(root_directory));
+ if (isempty(host_os_release_id))
+ return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "'ID' field not found or empty in 'os-release' data of OS tree '%s': %m", empty_to_root(root_directory));
}
r = verity_dissect_and_mount(
--
2.33.0

34
backport-core-respect-install_sysconfdir_samples-in-meson-fil.patch Normal file
View File

@ -0,0 +1,34 @@
From d36785b19b10ec04ae7b87cdb402de4126e17bca Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Mon, 26 Jul 2021 16:57:43 +0200
Subject: [PATCH] core: respect install_sysconfdir_samples in meson file
The refactoring done in e11a25cadbe caused the configuration files to be
installed into the pkgsysconfdir regardless of the state of the
install_sysconfdir_samples boolean that indicates whether or not the
sample files should be installed.
(cherry picked from commit cfd760b6a77808d0b9451ed618a23b6259fe525f)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/d36785b19b10ec04ae7b87cdb402de4126e17bca
---
src/core/meson.build | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/meson.build b/src/core/meson.build
index f0d2c6f642..c66538eab1 100644
--- a/src/core/meson.build
+++ b/src/core/meson.build
@@ -193,7 +193,7 @@ foreach item : in_files
output: file,
command : [meson_render_jinja2, config_h, '@INPUT@'],
capture : true,
- install : dir != 'no',
+ install : (dir == pkgsysconfdir and install_sysconfdir_samples) or (dir != pkgsysconfdir and dir != 'no'),
install_dir : dir)
endforeach
--
2.33.0

14
backport-core-service-also-check-path-in-exec-commands.patch
View File

@ -1,17 +1,21 @@
From 8688a389cabdff61efe187bb85cc1776de03c460 Mon Sep 17 00:00:00 2001
From b3978cf401306a793c7531299a5e9b3c63e53a27 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 6 Oct 2021 00:19:41 +0900
Subject: [PATCH 2/2] core/service: also check path in exec commands
Subject: [PATCH] core/service: also check path in exec commands
(cherry picked from commit 8688a389cabdff61efe187bb85cc1776de03c460)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/b3978cf401306a793c7531299a5e9b3c63e53a27
---
src/core/service.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/core/service.c b/src/core/service.c
index 4c75819a8f..54d8d0c760 100644
index e061d488c7..701c145565 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -567,11 +567,17 @@ static int service_verify(Service *s) {
@@ -551,11 +551,17 @@ static int service_verify(Service *s) {
for (ServiceExecCommand c = 0; c < _SERVICE_EXEC_COMMAND_MAX; c++) {
ExecCommand *command;
@ -31,5 +35,5 @@ index 4c75819a8f..54d8d0c760 100644
if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP] &&
--
2.27.0
2.33.0

36
backport-core-unit-use-bus_error_message-at-one-more-place.patch Normal file
View File

@ -0,0 +1,36 @@
From aa25320dbbc2b239d9f551cffac39263814a3dfa Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 30 Jan 2022 05:38:01 +0900
Subject: [PATCH] core/unit: use bus_error_message() at one more place
(cherry picked from commit 33322185554799b08e94aca036dd109aaee52408)
(cherry picked from commit 81e59411161078f4f90d80e2e111755adc16db33)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/aa25320dbbc2b239d9f551cffac39263814a3dfa
---
src/core/unit.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/core/unit.c b/src/core/unit.c
index dfe200ee20..0e8a01966a 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -3422,8 +3422,12 @@ static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bu
e = sd_bus_message_get_error(message);
if (e) {
- if (!sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner"))
- log_unit_error(u, "Unexpected error response from GetNameOwner(): %s", e->message);
+ if (!sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner")) {
+ r = sd_bus_error_get_errno(e);
+ log_unit_error_errno(u, r,
+ "Unexpected error response from GetNameOwner(): %s",
+ bus_error_message(e, r));
+ }
new_owner = NULL;
} else {
--
2.33.0

35
backport-core-use-correct-level-for-CPU-time-log-message.patch Normal file
View File

@ -0,0 +1,35 @@
From 034a23c640c74856df76b3af5fdc4af5cb48256b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Mon, 6 Dec 2021 16:57:42 +0100
Subject: [PATCH] core: use correct level for CPU time log message
raise_level() takes the info condition as second argument and the notice
one as third. For the consumed CPU time these conditions are swapped.
Fixes: 37109b856aeb ("pid1: use LOG_DEBUG/INFO/NOTICE for unit resource consumption message")
(cherry picked from commit ef6bb4dd3e3bb9c210c310026b4d827a46acc762)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/034a23c640c74856df76b3af5fdc4af5cb48256b
---
src/core/unit.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/unit.c b/src/core/unit.c
index c792bd8e82..dfe200ee20 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -2296,8 +2296,8 @@ static int unit_log_resources(Unit *u) {
message_parts[n_message_parts++] = t;
log_level = raise_level(log_level,
- nsec > NOTICEWORTHY_CPU_NSEC,
- nsec > MENTIONWORTHY_CPU_NSEC);
+ nsec > MENTIONWORTHY_CPU_NSEC,
+ nsec > NOTICEWORTHY_CPU_NSEC);
}
for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
--
2.33.0

133
backport-core-use-the-new-quoting-helper.patch Normal file
View File

@ -0,0 +1,133 @@
From 284781bcb00be27737b52ffb974b66b7d5e990d5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 7 Jul 2021 16:28:19 +0200
Subject: [PATCH] core: use the new quoting helper
(cherry picked from commit 8a62620ebe23945021075df7e1b0759102c286ae)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/284781bcb00be27737b52ffb974b66b7d5e990d5
---
src/core/execute.c | 64 ++++++++++------------------------------------
1 file changed, 13 insertions(+), 51 deletions(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index e24775c150..28efe5c36f 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -51,6 +51,7 @@
#include "env-file.h"
#include "env-util.h"
#include "errno-list.h"
+#include "escape.h"
#include "execute.h"
#include "exit-status.h"
#include "fd-util.h"
@@ -3596,8 +3597,6 @@ static int compile_suggested_paths(const ExecContext *c, const ExecParameters *p
return 0;
}
-static char *exec_command_line(char **argv);
-
static int exec_parameters_get_cgroup_path(const ExecParameters *params, char **ret) {
bool using_subcgroup;
char *p;
@@ -3800,7 +3799,7 @@ static int exec_child(
const char *vc = params->confirm_spawn;
_cleanup_free_ char *cmdline = NULL;
- cmdline = exec_command_line(command->argv);
+ cmdline = quote_command_line(command->argv);
if (!cmdline) {
*exit_status = EXIT_MEMORY;
return log_oom();
@@ -4650,12 +4649,15 @@ static int exec_child(
if (DEBUG_LOGGING) {
_cleanup_free_ char *line = NULL;
- line = exec_command_line(final_argv);
- if (line)
- log_unit_struct(unit, LOG_DEBUG,
- "EXECUTABLE=%s", executable,
- LOG_UNIT_MESSAGE(unit, "Executing: %s", line),
- LOG_UNIT_INVOCATION_ID(unit));
+ line = quote_command_line(final_argv);
+ if (!line) {
+ *exit_status = EXIT_MEMORY;
+ return log_oom();
+ }
+
+ log_unit_struct(unit, LOG_DEBUG,
+ "EXECUTABLE=%s", executable,
+ LOG_UNIT_MESSAGE(unit, "Executing: %s", line));
}
if (exec_fd >= 0) {
@@ -4739,7 +4741,7 @@ int exec_spawn(Unit *unit,
if (r < 0)
return log_unit_error_errno(unit, r, "Failed to load environment files: %m");
- line = exec_command_line(command->argv);
+ line = quote_command_line(command->argv);
if (!line)
return log_oom();
@@ -5954,46 +5956,6 @@ void exec_status_dump(const ExecStatus *s, FILE *f, const char *prefix) {
prefix, s->status);
}
-static char *exec_command_line(char **argv) {
- size_t k;
- char *n, *p, **a;
- bool first = true;
-
- assert(argv);
-
- k = 1;
- STRV_FOREACH(a, argv)
- k += strlen(*a)+3;
-
- n = new(char, k);
- if (!n)
- return NULL;
-
- p = n;
- STRV_FOREACH(a, argv) {
-
- if (!first)
- *(p++) = ' ';
- else
- first = false;
-
- if (strpbrk(*a, WHITESPACE)) {
- *(p++) = '\'';
- p = stpcpy(p, *a);
- *(p++) = '\'';
- } else
- p = stpcpy(p, *a);
-
- }
-
- *p = 0;
-
- /* FIXME: this doesn't really handle arguments that have
- * spaces and ticks in them */
-
- return n;
-}
-
static void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix) {
_cleanup_free_ char *cmd = NULL;
const char *prefix2;
@@ -6004,7 +5966,7 @@ static void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix) {
prefix = strempty(prefix);
prefix2 = strjoina(prefix, "\t");
- cmd = exec_command_line(c->argv);
+ cmd = quote_command_line(c->argv);
fprintf(f,
"%sCommand Line: %s\n",
prefix, cmd ? cmd : strerror_safe(ENOMEM));
--
2.33.0

48
backport-core-wrap-cgroup-path-with-empty_to_root-in-log-mess.patch
View File

@ -1,13 +1,17 @@
From 6178e2f88956e1900f445908ed053865cc22e879 Mon Sep 17 00:00:00 2001
From 24a40953d3d6ad8b1429d19da2f66399ae3f7e0b Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 5 Aug 2021 03:14:41 +0900
Subject: [PATCH 2/2] core: wrap cgroup path with empty_to_root() in log
messages
Subject: [PATCH] core: wrap cgroup path with empty_to_root() in log messages
This fixes e.g. the following log message:
---
systemd[1]: -.slice: Failed to migrate controller cgroups from , ignoring: Read-only file system
---
(cherry picked from commit 6178e2f88956e1900f445908ed053865cc22e879)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/24a40953d3d6ad8b1429d19da2f66399ae3f7e0b
---
src/core/bpf-devices.c | 3 ++-
src/core/cgroup.c | 46 +++++++++++++++++++++---------------------
@ -36,7 +40,7 @@ index 8a345a4498..4daa7f76b0 100644
finish:
/* Unref the old BPF program (which will implicitly detach it) right before attaching the new program. */
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index 83bd97327d..da821465da 100644
index eab0929dc5..3a6f768c60 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -84,7 +84,7 @@ static int set_attribute_and_warn(Unit *u, const char *controller, const char *a
@ -48,7 +52,7 @@ index 83bd97327d..da821465da 100644
return r;
}
@@ -706,25 +706,25 @@ void cgroup_oomd_xattr_apply(Unit *u, const char *cgroup_path) {
@@ -713,25 +713,25 @@ void cgroup_oomd_xattr_apply(Unit *u, const char *cgroup_path) {
if (c->moom_preference == MANAGED_OOM_PREFERENCE_OMIT) {
r = cg_set_xattr(SYSTEMD_CGROUP_CONTROLLER, cgroup_path, "user.oomd_omit", "1", 1, 0);
if (r < 0)
@ -78,7 +82,7 @@ index 83bd97327d..da821465da 100644
}
}
@@ -743,7 +743,7 @@ static void cgroup_xattr_apply(Unit *u) {
@@ -750,7 +750,7 @@ static void cgroup_xattr_apply(Unit *u) {
sd_id128_to_string(u->invocation_id, ids), 32,
0);
if (r < 0)
@ -87,7 +91,7 @@ index 83bd97327d..da821465da 100644
}
if (unit_cgroup_delegate(u)) {
@@ -752,11 +752,11 @@ static void cgroup_xattr_apply(Unit *u) {
@@ -759,11 +759,11 @@ static void cgroup_xattr_apply(Unit *u) {
"1", 1,
0);
if (r < 0)
@ -101,7 +105,7 @@ index 83bd97327d..da821465da 100644
}
cgroup_oomd_xattr_apply(u, u->cgroup_path);
@@ -1913,12 +1913,12 @@ int unit_watch_cgroup(Unit *u) {
@@ -1921,12 +1921,12 @@ int unit_watch_cgroup(Unit *u) {
* is not an error */
return 0;
@ -116,7 +120,7 @@ index 83bd97327d..da821465da 100644
return 0;
}
@@ -1976,12 +1976,12 @@ int unit_watch_cgroup_memory(Unit *u) {
@@ -1984,12 +1984,12 @@ int unit_watch_cgroup_memory(Unit *u) {
* is not an error */
return 0;
@ -131,7 +135,7 @@ index 83bd97327d..da821465da 100644
return 0;
}
@@ -2004,9 +2004,9 @@ int unit_pick_cgroup_path(Unit *u) {
@@ -2012,9 +2012,9 @@ int unit_pick_cgroup_path(Unit *u) {
r = unit_set_cgroup_path(u, path);
if (r == -EEXIST)
@ -143,7 +147,7 @@ index 83bd97327d..da821465da 100644
return 0;
}
@@ -2034,7 +2034,7 @@ static int unit_update_cgroup(
@@ -2042,7 +2042,7 @@ static int unit_update_cgroup(
/* First, create our own group */
r = cg_create_everywhere(u->manager->cgroup_supported, target_mask, u->cgroup_path);
if (r < 0)
@ -152,7 +156,7 @@ index 83bd97327d..da821465da 100644
created = r;
/* Start watching it */
@@ -2050,7 +2050,7 @@ static int unit_update_cgroup(
@@ -2058,7 +2058,7 @@ static int unit_update_cgroup(
/* Enable all controllers we need */
r = cg_enable_everywhere(u->manager->cgroup_supported, enable_mask, u->cgroup_path, &result_mask);
if (r < 0)
@ -161,7 +165,7 @@ index 83bd97327d..da821465da 100644
/* Remember what's actually enabled now */
u->cgroup_enabled_mask = result_mask;
@@ -2072,12 +2072,12 @@ static int unit_update_cgroup(
@@ -2080,12 +2080,12 @@ static int unit_update_cgroup(
if (cg_all_unified() == 0) {
r = cg_migrate_v1_controllers(u->manager->cgroup_supported, migrate_mask, u->cgroup_path, migrate_callback, u);
if (r < 0)
@ -176,7 +180,7 @@ index 83bd97327d..da821465da 100644
}
/* Set attributes */
@@ -2167,7 +2167,7 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
@@ -2175,7 +2175,7 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
log_unit_full_errno(u, again ? LOG_DEBUG : LOG_INFO, q,
"Couldn't move process "PID_FMT" to%s requested cgroup '%s': %m",
@ -185,7 +189,7 @@ index 83bd97327d..da821465da 100644
if (again) {
int z;
@@ -2179,7 +2179,7 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
@@ -2187,7 +2187,7 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
z = unit_attach_pid_to_cgroup_via_bus(u, pid, suffix_path);
if (z < 0)
@ -194,7 +198,7 @@ index 83bd97327d..da821465da 100644
else
continue; /* When the bus thing worked via the bus we are fully done for this PID. */
}
@@ -2213,7 +2213,7 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
@@ -2221,7 +2221,7 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
continue; /* Success! */
log_unit_debug_errno(u, q, "Failed to attach PID " PID_FMT " to requested cgroup %s in controller %s, falling back to unit's cgroup: %m",
@ -203,7 +207,7 @@ index 83bd97327d..da821465da 100644
}
/* So this controller is either not delegate or realized, or something else weird happened. In
@@ -2648,7 +2648,7 @@ void unit_prune_cgroup(Unit *u) {
@@ -2656,7 +2656,7 @@ void unit_prune_cgroup(Unit *u) {
* the containing slice is stopped. So even if we failed now, this unit shouldn't assume
* that the cgroup is still realized the next time it is started. Do not return early
* on error, continue cleanup. */
@ -212,7 +216,7 @@ index 83bd97327d..da821465da 100644
if (is_root_slice)
return;
@@ -2861,7 +2861,7 @@ void unit_add_to_cgroup_empty_queue(Unit *u) {
@@ -2869,7 +2869,7 @@ void unit_add_to_cgroup_empty_queue(Unit *u) {
r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
if (r < 0) {
@ -222,7 +226,7 @@ index 83bd97327d..da821465da 100644
}
if (r == 0)
diff --git a/src/core/unit.c b/src/core/unit.c
index 6273926013..8ce94ccb75 100644
index 30afd5a776..47966bcf0d 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -427,7 +427,7 @@ bool unit_may_gc(Unit *u) {
@ -234,7 +238,7 @@ index 6273926013..8ce94ccb75 100644
if (r <= 0)
return false;
}
@@ -4548,7 +4548,7 @@ int unit_kill_context(
@@ -4553,7 +4553,7 @@ int unit_kill_context(
log_func, u);
if (r < 0) {
if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
@ -243,7 +247,7 @@ index 6273926013..8ce94ccb75 100644
} else if (r > 0) {
@@ -5006,7 +5006,7 @@ int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
@@ -5011,7 +5011,7 @@ int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
if (u->cgroup_path) {
r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
if (r < 0) {
@ -253,5 +257,5 @@ index 6273926013..8ce94ccb75 100644
}
}
--
2.27.0
2.33.0

36
backport-coredump-Don-t-log-an-error-if-D-Bus-isn-t-running.patch Normal file
View File

@ -0,0 +1,36 @@
From 6745eaa6308b835e2c5e68d49e9bece29fd37fa2 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 6 Oct 2021 13:20:36 +0100
Subject: [PATCH] coredump: Don't log an error if D-Bus isn't running
coredumpctl could be used in a chroot where D-Bus isn't running. If
that's the case, we shouldn't consider it an error if we can't connect
to the D-Bus daemon so let's reduce the severity of the error we log
when we can't connect to D-Bus because the socket doesn't exist.
(cherry picked from commit 414bd2e786f9912f51b82e5fe4a1126179a5652a)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/6745eaa6308b835e2c5e68d49e9bece29fd37fa2
---
src/coredump/coredumpctl.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/coredump/coredumpctl.c b/src/coredump/coredumpctl.c
index def3650bb4..3d44e51e32 100644
--- a/src/coredump/coredumpctl.c
+++ b/src/coredump/coredumpctl.c
@@ -1186,6 +1186,10 @@ static int check_units_active(void) {
return false;
r = sd_bus_default_system(&bus);
+ if (r == -ENOENT) {
+ log_debug("D-Bus is not running, skipping active unit check");
+ return 0;
+ }
if (r < 0)
return log_error_errno(r, "Failed to acquire bus: %m");
--
2.33.0

34
backport-coredump-fix-filename-in-journal-when-not-compressed.patch Normal file
View File

@ -0,0 +1,34 @@
From 01cf580c235ac4725051e6101ce5bcef1b97cc48 Mon Sep 17 00:00:00 2001
From: xdavidwu <xdavidwuph@gmail.com>
Date: Fri, 5 Nov 2021 22:37:06 +0800
Subject: [PATCH] coredump: fix filename in journal when not compressed
Since 587f2a5e564cf434c2e0a653f52b8f73e86092d8, filename for
not-compressed coredump is missing from save_external_coredump, making
it write COREDUMP_FILENAME= (empty) in journal, making `coredumpctl`
report it missing but it is actually saved.
This fixes it.
(cherry picked from commit 0cfb0971f0fcd345cae76f6837d9801b6cbde407)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/01cf580c235ac4725051e6101ce5bcef1b97cc48
---
src/coredump/coredump.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index 444b9ec374..1e34c4b5be 100644
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -525,6 +525,7 @@ static int save_external_coredump(
if (lseek(fd, 0, SEEK_SET) == (off_t) -1)
return log_error_errno(errno, "Failed to seek on coredump %s: %m", fn);
+ *ret_filename = TAKE_PTR(fn);
*ret_data_fd = TAKE_FD(fd);
*ret_size = (uint64_t) st.st_size;
*ret_truncated = truncated;
--
2.33.0

55
backport-coredump-stacktrace.c-avoid-crash-on-binaries-withou.patch Normal file
View File

@ -0,0 +1,55 @@
From 765c366274db3ff841da237769f2b20a4ec3a045 Mon Sep 17 00:00:00 2001
From: Sergei Trofimovich <slyfox@gentoo.org>
Date: Sat, 31 Jul 2021 13:07:54 +0100
Subject: [PATCH] coredump/stacktrace.c: avoid crash on binaries without NHDR
Observed as a crash on binaries built with gcc-master:
```
3 0x00005573b8841d6a in parse_package_metadata (name=name@entry=0x5573b901a620 "/a", id_json=0x0,
elf=0x5573b9028730, c=c@entry=0x7fffc688f790) at ../systemd-stable-249.2/src/coredump/stacktrace.c:157
4 0x00005573b884209e in module_callback (mod=0x7fffc688f6c0, userdata=<optimized out>,
name=0x5573b901a620 "/a", start=<optimized out>, arg=0x7fffc688f790)
at ../systemd-stable-249.2/src/coredump/stacktrace.c:306
5 0x00007f56d60dcbd5 in dwfl_getmodules (dwfl=0x5573b901fda0,
callback=callback@entry=0x5573b8841eb0 <module_callback>, arg=arg@entry=0x7fffc688f790, offset=offset@entry=0)
at ../../elfutils-0.185/libdwfl/dwfl_getmodules.c:86
6 0x00005573b884231b in parse_core (ret_package_metadata=0x7fffc688f848, ret=0x7fffc688f850,
executable=0x7fffc688f790 "\200\332\001\271sU", fd=21) at ../systemd-stable-249.2/src/coredump/stacktrace.c:366
7 coredump_parse_core (fd=fd@entry=6, executable=0x7fffc688f790 "\200\332\001\271sU", ret=ret@entry=0x7fffc688f850,
ret_package_metadata=ret_package_metadata@entry=0x7fffc688f848)
at ../systemd-stable-249.2/src/coredump/stacktrace.c:406
8 0x00005573b883f897 in submit_coredump (context=context@entry=0x7fffc688fa10, iovw=iovw@entry=0x7fffc688f990,
input_fd=input_fd@entry=5) at ../systemd-stable-249.2/src/coredump/coredump.c:827
9 0x00005573b883d339 in process_socket (fd=3) at ../systemd-stable-249.2/src/coredump/coredump.c:1041
10 run (argv=<optimized out>, argc=-964101648) at ../systemd-stable-249.2/src/coredump/coredump.c:1416
11 main (argc=-964101648, argv=<optimized out>) at ../systemd-stable-249.2/src/coredump/coredump.c:1422
```
Happens only on enabled elfutils symbolizer.
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
(cherry picked from commit 1da3eef262078905ec14c707eeab655a17ae8bd2)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/765c366274db3ff841da237769f2b20a4ec3a045
---
src/coredump/stacktrace.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/coredump/stacktrace.c b/src/coredump/stacktrace.c
index 0edb1b40a7..e46b324cdf 100644
--- a/src/coredump/stacktrace.c
+++ b/src/coredump/stacktrace.c
@@ -153,6 +153,8 @@ static int parse_package_metadata(const char *name, JsonVariant *id_json, Elf *e
program_header->p_offset,
program_header->p_filesz,
ELF_T_NHDR);
+ if (!data)
+ continue;
while (note_offset < data->d_size &&
(note_offset = gelf_getnote(data, note_offset, &note_header, &name_offset, &desc_offset)) > 0) {
--
2.33.0

37
backport-coredumpctl-stop-truncating-information-about-coredu.patch Normal file
View File

@ -0,0 +1,37 @@
From 473627e1c9fcdf8f819ced2bb79cb7e9ff598b0c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 12 Oct 2021 19:46:25 +0200
Subject: [PATCH] coredumpctl: stop truncating information about coredump
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
With the changes to limit that print 'Found module …' over and over, we were
hitting the journal field message limit, effectively truncating the info output.
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1998488.
(cherry picked from commit 384c6207669eb0d92aa0043dbc01957c6c7ff41e)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/473627e1c9fcdf8f819ced2bb79cb7e9ff598b0c
---
src/coredump/coredumpctl.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/coredump/coredumpctl.c b/src/coredump/coredumpctl.c
index 3d44e51e32..7eba8330d7 100644
--- a/src/coredump/coredumpctl.c
+++ b/src/coredump/coredumpctl.c
@@ -555,6 +555,8 @@ static int print_info(FILE *file, sd_journal *j, bool need_space) {
assert(file);
assert(j);
+ (void) sd_journal_set_data_threshold(j, 0);
+
SD_JOURNAL_FOREACH_DATA(j, d, l) {
RETRIEVE(d, l, "MESSAGE_ID", mid);
RETRIEVE(d, l, "COREDUMP_PID", pid);
--
2.33.0

995
backport-creds-util-switch-to-OpenSSL-3.0-APIs.patch Normal file
View File

@ -0,0 +1,995 @@
From 5f4862e5e1cd2a7ef302947b8634f7980e8d6275 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 29 Sep 2021 09:47:08 +0200
Subject: [PATCH] creds-util: switch to OpenSSL 3.0 APIs
Let's switch from the low-level SHA256 APIs to EVP APIs. The former are
deprecated on OpenSSL 3.0, the latter are supported both by old
OpenSSL and by OpenSSL 3.0, hence are the better choice.
Fixes: #20775
(cherry picked from commit 18f568b8e64b48f6aee204cc6384b4796cd27eb0)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/5f4862e5e1cd2a7ef302947b8634f7980e8d6275
---
src/shared/creds-util.c | 954 ++++++++++++++++++++++++++++++++++++++
src/shared/openssl-util.h | 1 +
2 files changed, 955 insertions(+)
create mode 100644 src/shared/creds-util.c
diff --git a/src/shared/creds-util.c b/src/shared/creds-util.c
new file mode 100644
index 0000000000..b764198b76
--- /dev/null
+++ b/src/shared/creds-util.c
@@ -0,0 +1,954 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <sys/file.h>
+
+#if HAVE_OPENSSL
+#include <openssl/err.h>
+#endif
+
+#include "sd-id128.h"
+
+#include "blockdev-util.h"
+#include "chattr-util.h"
+#include "creds-util.h"
+#include "env-util.h"
+#include "fd-util.h"
+#include "fileio.h"
+#include "fs-util.h"
+#include "io-util.h"
+#include "memory-util.h"
+#include "mkdir.h"
+#include "openssl-util.h"
+#include "path-util.h"
+#include "random-util.h"
+#include "sparse-endian.h"
+#include "stat-util.h"
+#include "tpm2-util.h"
+#include "virt.h"
+
+bool credential_name_valid(const char *s) {
+ /* We want that credential names are both valid in filenames (since that's our primary way to pass
+ * them around) and as fdnames (which is how we might want to pass them around eventually) */
+ return filename_is_valid(s) && fdname_is_valid(s);
+}
+
+int get_credentials_dir(const char **ret) {
+ const char *e;
+
+ assert(ret);
+
+ e = secure_getenv("CREDENTIALS_DIRECTORY");
+ if (!e)
+ return -ENXIO;
+
+ if (!path_is_absolute(e) || !path_is_normalized(e))
+ return -EINVAL;
+
+ *ret = e;
+ return 0;
+}
+
+int read_credential(const char *name, void **ret, size_t *ret_size) {
+ _cleanup_free_ char *fn = NULL;
+ const char *d;
+ int r;
+
+ assert(ret);
+
+ if (!credential_name_valid(name))
+ return -EINVAL;
+
+ r = get_credentials_dir(&d);
+ if (r < 0)
+ return r;
+
+ fn = path_join(d, name);
+ if (!fn)
+ return -ENOMEM;
+
+ return read_full_file_full(
+ AT_FDCWD, fn,
+ UINT64_MAX, SIZE_MAX,
+ READ_FULL_FILE_SECURE,
+ NULL,
+ (char**) ret, ret_size);
+}
+
+#if HAVE_OPENSSL
+
+#define CREDENTIAL_HOST_SECRET_SIZE 4096
+
+static const sd_id128_t credential_app_id =
+ SD_ID128_MAKE(d3,ac,ec,ba,0d,ad,4c,df,b8,c9,38,15,28,93,6c,58);
+
+struct credential_host_secret_format {
+ /* The hashed machine ID of the machine this belongs to. Why? We want to ensure that each machine
+ * gets its own secret, even if people forget to flush out this secret file. Hence we bind it to the
+ * machine ID, for which there's hopefully a better chance it will be flushed out. We use a hashed
+ * machine ID instead of the literal one, because it's trivial to, and it might be a good idea not
+ * being able to directly associate a secret key file with a host. */
+ sd_id128_t machine_id;
+
+ /* The actual secret key */
+ uint8_t data[CREDENTIAL_HOST_SECRET_SIZE];
+} _packed_;
+
+static int make_credential_host_secret(
+ int dfd,
+ const sd_id128_t machine_id,
+ const char *fn,
+ void **ret_data,
+ size_t *ret_size) {
+
+ struct credential_host_secret_format buf;
+ _cleanup_free_ char *t = NULL;
+ _cleanup_close_ int fd = -1;
+ int r;
+
+ assert(dfd >= 0);
+ assert(fn);
+
+ fd = openat(dfd, ".", O_CLOEXEC|O_WRONLY|O_TMPFILE, 0400);
+ if (fd < 0) {
+ log_debug_errno(errno, "Failed to create temporary credential file with O_TMPFILE, proceeding without: %m");
+
+ if (asprintf(&t, "credential.secret.%016" PRIx64, random_u64()) < 0)
+ return -ENOMEM;
+
+ fd = openat(dfd, t, O_CLOEXEC|O_WRONLY|O_CREAT|O_EXCL|O_NOFOLLOW, 0400);
+ if (fd < 0)
+ return -errno;
+ }
+
+ r = chattr_secret(fd, 0);
+ if (r < 0)
+ log_debug_errno(r, "Failed to set file attributes for secrets file, ignoring: %m");
+
+ buf = (struct credential_host_secret_format) {
+ .machine_id = machine_id,
+ };
+
+ r = genuine_random_bytes(buf.data, sizeof(buf.data), RANDOM_BLOCK);
+ if (r < 0)
+ goto finish;
+
+ r = loop_write(fd, &buf, sizeof(buf), false);
+ if (r < 0)
+ goto finish;
+
+ if (fsync(fd) < 0) {
+ r = -errno;
+ goto finish;
+ }
+
+ if (t) {
+ r = rename_noreplace(dfd, t, dfd, fn);
+ if (r < 0)
+ goto finish;
+
+ t = mfree(t);
+ } else if (linkat(fd, "", dfd, fn, AT_EMPTY_PATH) < 0) {
+ r = -errno;
+ goto finish;
+ }
+
+ if (fsync(dfd) < 0) {
+ r = -errno;
+ goto finish;
+ }
+
+ if (ret_data) {
+ void *copy;
+
+ copy = memdup(buf.data, sizeof(buf.data));
+ if (!copy) {
+ r = -ENOMEM;
+ goto finish;
+ }
+
+ *ret_data = copy;
+ }
+
+ if (ret_size)
+ *ret_size = sizeof(buf.data);
+
+ r = 0;
+
+finish:
+ if (t && unlinkat(dfd, t, 0) < 0)
+ log_debug_errno(errno, "Failed to remove temporary credential key: %m");
+
+ explicit_bzero_safe(&buf, sizeof(buf));
+ return r;
+}
+
+int get_credential_host_secret(CredentialSecretFlags flags, void **ret, size_t *ret_size) {
+ _cleanup_free_ char *efn = NULL, *ep = NULL;
+ _cleanup_close_ int dfd = -1;
+ sd_id128_t machine_id;
+ const char *e, *fn, *p;
+ int r;
+
+ r = sd_id128_get_machine_app_specific(credential_app_id, &machine_id);
+ if (r < 0)
+ return r;
+
+ e = secure_getenv("SYSTEMD_CREDENTIAL_SECRET");
+ if (e) {
+ if (!path_is_normalized(e))
+ return -EINVAL;
+ if (!path_is_absolute(e))
+ return -EINVAL;
+
+ r = path_extract_directory(e, &ep);
+ if (r < 0)
+ return r;
+
+ r = path_extract_filename(e, &efn);
+ if (r < 0)
+ return r;
+
+ p = ep;
+ fn = efn;
+ } else {
+ p = "/var/lib/systemd";
+ fn = "credential.secret";
+ }
+
+ (void) mkdir_p(p, 0755);
+ dfd = open(p, O_CLOEXEC|O_DIRECTORY|O_RDONLY);
+ if (dfd < 0)
+ return -errno;
+
+ if (FLAGS_SET(flags, CREDENTIAL_SECRET_FAIL_ON_TEMPORARY_FS)) {
+ r = fd_is_temporary_fs(dfd);
+ if (r < 0)
+ return r;
+ if (r > 0)
+ return -ENOMEDIUM;
+ }
+
+ for (unsigned attempt = 0;; attempt++) {
+ _cleanup_(erase_and_freep) struct credential_host_secret_format *f = NULL;
+ _cleanup_close_ int fd = -1;
+ size_t l = 0;
+ ssize_t n = 0;
+ struct stat st;
+
+ if (attempt >= 3) /* Somebody is playing games with us */
+ return -EIO;
+
+ fd = openat(dfd, fn, O_CLOEXEC|O_RDONLY|O_NOCTTY|O_NOFOLLOW);
+ if (fd < 0) {
+ if (errno != ENOENT || !FLAGS_SET(flags, CREDENTIAL_SECRET_GENERATE))
+ return -errno;
+
+ r = make_credential_host_secret(dfd, machine_id, fn, ret, ret_size);
+ if (r == -EEXIST) {
+ log_debug_errno(r, "Credential secret was created while we were creating it. Trying to read new secret.");
+ continue;
+ }
+ if (r < 0)
+ return r;
+
+ return 0;
+ }
+
+ if (fstat(fd, &st) < 0)
+ return -errno;
+
+ r = stat_verify_regular(&st);
+ if (r < 0)
+ return r;
+ if (st.st_nlink == 0) /* Deleted by now, try again */
+ continue;
+ if (st.st_nlink > 1)
+ return -EPERM; /* Our deletion check won't work if hardlinked somewhere else */
+ if ((st.st_mode & 07777) != 0400) /* Don't use file if not 0400 access mode */
+ return -EPERM;
+ if (st.st_size > 16*1024*1024)
+ return -E2BIG;
+ l = st.st_size;
+ if (l < offsetof(struct credential_host_secret_format, data) + 1)
+ return -EINVAL;
+
+ f = malloc(l+1);
+ if (!f)
+ return -ENOMEM;
+
+ n = read(fd, f, l+1);
+ if (n < 0)
+ return -errno;
+ if ((size_t) n != l) /* What? The size changed? */
+ return -EIO;
+
+ if (sd_id128_equal(machine_id, f->machine_id)) {
+ size_t sz;
+
+ if (FLAGS_SET(flags, CREDENTIAL_SECRET_WARN_NOT_ENCRYPTED)) {
+ r = fd_is_encrypted(fd);
+ if (r < 0)
+ log_debug_errno(r, "Failed to determine if credential secret file '%s/%s' is encrypted.", p, fn);
+ else if (r == 0)
+ log_warning("Credential secret file '%s/%s' is not located on encrypted media, using anyway.", p, fn);
+ }
+
+ sz = l - offsetof(struct credential_host_secret_format, data);
+ assert(sz > 0);
+
+ if (ret) {
+ void *copy;
+
+ assert(sz <= sizeof(f->data)); /* Ensure we don't read past f->data bounds */
+
+ copy = memdup(f->data, sz);
+ if (!copy)
+ return -ENOMEM;
+
+ *ret = copy;
+ }
+
+ if (ret_size)
+ *ret_size = sz;
+
+ return 0;
+ }
+
+ /* Hmm, this secret is from somewhere else. Let's delete the file. Let's first acquire a lock
+ * to ensure we are the only ones accessing the file while we delete it. */
+
+ if (flock(fd, LOCK_EX) < 0)
+ return -errno;
+
+ /* Before we delete it check that the file is still linked into the file system */
+ if (fstat(fd, &st) < 0)
+ return -errno;
+ if (st.st_nlink == 0) /* Already deleted by now? */
+ continue;
+ if (st.st_nlink != 1) /* Safety check, someone is playing games with us */
+ return -EPERM;
+
+ if (unlinkat(dfd, fn, 0) < 0)
+ return -errno;
+
+ /* And now try again */
+ }
+}
+
+/* Construction is like this:
+ *
+ * A symmetric encryption key is derived from:
+ *
+ * 1. Either the "host" key (a key stored in /var/lib/credential.secret)
+ *
+ * 2. A key generated by letting the TPM2 calculate an HMAC hash of some nonce we pass to it, keyed
+ * by a key derived from its internal seed key.
+ *
+ * 3. The concatenation of the above.
+ *
+ * The above is hashed with SHA256 which is then used as encryption key for AES256-GCM. The encrypted
+ * credential is a short (unencrypted) header describing which of the three keys to use, the IV to use for
+ * AES256-GCM and some more meta information (sizes of certain objects) that is strictly speaking redundant,
+ * but kinda nice to have since we can have a more generic parser. If the TPM2 key is used this is followed
+ * by another (unencrypted) header, with information about the TPM2 policy used (specifically: the PCR mask
+ * to bind against, and a hash of the resulting policy — the latter being redundant, but speeding up things a
+ * bit, since we can more quickly refuse PCR state), followed by a sealed/exported TPM2 HMAC key. This is
+ * then followed by the encrypted data, which begins with a metadata header (which contains validity
+ * timestamps as well as the credential name), followed by the actual credential payload. The file ends in
+ * the AES256-GCM tag. To make things simple, the AES256-GCM AAD covers the main and the TPM2 header in
+ * full. This means the whole file is either protected by AAD, or is ciphertext, or is the tag. No
+ * unprotected data is included.
+ */
+
+struct _packed_ encrypted_credential_header {
+ sd_id128_t id;
+ le32_t key_size;
+ le32_t block_size;
+ le32_t iv_size;
+ le32_t tag_size;
+ uint8_t iv[];
+ /* Followed by NUL bytes until next 8 byte boundary */
+};
+
+struct _packed_ tpm2_credential_header {
+ le64_t pcr_mask; /* Note that the spec for PC Clients only mandates 24 PCRs, and that's what systems
+ * generally have. But keep the door open for more. */
+ le16_t pcr_bank; /* For now, either TPM2_ALG_SHA256 or TPM2_ALG_SHA1 */
+ le16_t primary_alg; /* Primary key algorithm (either TPM2_ALG_RSA or TPM2_ALG_ECC for now) */
+ le32_t blob_size;
+ le32_t policy_hash_size;
+ uint8_t policy_hash_and_blob[];
+ /* Followed by NUL bytes until next 8 byte boundary */
+};
+
+struct _packed_ metadata_credential_header {
+ le64_t timestamp;
+ le64_t not_after;
+ le32_t name_size;
+ char name[];
+ /* Followed by NUL bytes until next 8 byte boundary */
+};
+
+/* Some generic limit for parts of the encrypted credential for which we don't know the right size ahead of
+ * time, but where we are really sure it won't be larger than this. Should be larger than any possible IV,
+ * padding, tag size and so on. This is purely used for early filtering out of invalid sizes. */
+#define CREDENTIAL_FIELD_SIZE_MAX (16U*1024U)
+
+static int sha256_hash_host_and_tpm2_key(
+ const void *host_key,
+ size_t host_key_size,
+ const void *tpm2_key,
+ size_t tpm2_key_size,
+ uint8_t ret[static SHA256_DIGEST_LENGTH]) {
+
+ _cleanup_(EVP_MD_CTX_freep) EVP_MD_CTX *md = NULL;
+ unsigned l;
+
+ assert(host_key_size == 0 || host_key);
+ assert(tpm2_key_size == 0 || tpm2_key);
+ assert(ret);
+
+ /* Combines the host key and the TPM2 HMAC hash into a SHA256 hash value we'll use as symmetric encryption key. */
+
+ md = EVP_MD_CTX_new();
+ if (!md)
+ return log_oom();
+
+ if (EVP_DigestInit_ex(md, EVP_sha256(), NULL) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to initial SHA256 context.");
+
+ if (host_key && EVP_DigestUpdate(md, host_key, host_key_size) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to hash host key.");
+
+ if (tpm2_key && EVP_DigestUpdate(md, tpm2_key, tpm2_key_size) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to hash TPM2 key.");
+
+ assert(EVP_MD_CTX_size(md) == SHA256_DIGEST_LENGTH);
+
+ if (EVP_DigestFinal_ex(md, ret, &l) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to finalize SHA256 hash.");
+
+ assert(l == SHA256_DIGEST_LENGTH);
+ return 0;
+}
+
+int encrypt_credential_and_warn(
+ sd_id128_t with_key,
+ const char *name,
+ usec_t timestamp,
+ usec_t not_after,
+ const char *tpm2_device,
+ uint32_t tpm2_pcr_mask,
+ const void *input,
+ size_t input_size,
+ void **ret,
+ size_t *ret_size) {
+
+ _cleanup_(EVP_CIPHER_CTX_freep) EVP_CIPHER_CTX *context = NULL;
+ _cleanup_(erase_and_freep) void *host_key = NULL, *tpm2_key = NULL;
+ size_t host_key_size = 0, tpm2_key_size = 0, tpm2_blob_size = 0, tpm2_policy_hash_size = 0, output_size, p, ml;
+ _cleanup_free_ void *tpm2_blob = NULL, *tpm2_policy_hash = NULL, *iv = NULL, *output = NULL;
+ _cleanup_free_ struct metadata_credential_header *m = NULL;
+ uint16_t tpm2_pcr_bank = 0, tpm2_primary_alg = 0;
+ struct encrypted_credential_header *h;
+ int ksz, bsz, ivsz, tsz, added, r;
+ uint8_t md[SHA256_DIGEST_LENGTH];
+ const EVP_CIPHER *cc;
+#if HAVE_TPM2
+ bool try_tpm2 = false;
+#endif
+ sd_id128_t id;
+
+ assert(input || input_size == 0);
+ assert(ret);
+ assert(ret_size);
+
+ if (name && !credential_name_valid(name))
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid credential name: %s", name);
+
+ if (not_after != USEC_INFINITY && timestamp != USEC_INFINITY && not_after < timestamp)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Credential is invalidated before it is valid (" USEC_FMT " < " USEC_FMT ").", not_after, timestamp);
+
+ if (DEBUG_LOGGING) {
+ char buf[FORMAT_TIMESTAMP_MAX];
+
+ if (name)
+ log_debug("Including credential name '%s' in encrypted credential.", name);
+ if (timestamp != USEC_INFINITY)
+ log_debug("Including timestamp '%s' in encrypted credential.", format_timestamp(buf, sizeof(buf), timestamp));
+ if (not_after != USEC_INFINITY)
+ log_debug("Including not-after timestamp '%s' in encrypted credential.", format_timestamp(buf, sizeof(buf), not_after));
+ }
+
+ if (sd_id128_is_null(with_key) ||
+ sd_id128_in_set(with_key, CRED_AES256_GCM_BY_HOST, CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC)) {
+
+ r = get_credential_host_secret(
+ CREDENTIAL_SECRET_GENERATE|
+ CREDENTIAL_SECRET_WARN_NOT_ENCRYPTED|
+ (sd_id128_is_null(with_key) ? CREDENTIAL_SECRET_FAIL_ON_TEMPORARY_FS : 0),
+ &host_key,
+ &host_key_size);
+ if (r == -ENOMEDIUM && sd_id128_is_null(with_key))
+ log_debug_errno(r, "Credential host secret location on temporary file system, not using.");
+ else if (r < 0)
+ return log_error_errno(r, "Failed to determine local credential host secret: %m");
+ }
+
+#if HAVE_TPM2
+ if (sd_id128_is_null(with_key)) {
+ /* If automatic mode is selected and we are running in a container, let's not try TPM2. OTOH
+ * if user picks TPM2 explicitly, let's always honour the request and try. */
+
+ r = detect_container();
+ if (r < 0)
+ log_debug_errno(r, "Failed to determine whether we are running in a container, ignoring: %m");
+ else if (r > 0)
+ log_debug("Running in container, not attempting to use TPM2.");
+
+ try_tpm2 = r <= 0;
+ }
+
+ if (try_tpm2 ||
+ sd_id128_in_set(with_key, CRED_AES256_GCM_BY_TPM2_HMAC, CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC)) {
+
+ r = tpm2_seal(tpm2_device,
+ tpm2_pcr_mask,
+ &tpm2_key,
+ &tpm2_key_size,
+ &tpm2_blob,
+ &tpm2_blob_size,
+ &tpm2_policy_hash,
+ &tpm2_policy_hash_size,
+ &tpm2_pcr_bank,
+ &tpm2_primary_alg);
+ if (r < 0) {
+ if (!sd_id128_is_null(with_key))
+ return r;
+
+ log_debug_errno(r, "TPM2 sealing didn't work, not using: %m");
+ }
+
+ assert(tpm2_blob_size <= CREDENTIAL_FIELD_SIZE_MAX);
+ assert(tpm2_policy_hash_size <= CREDENTIAL_FIELD_SIZE_MAX);
+ }
+#endif
+
+ if (sd_id128_is_null(with_key)) {
+ /* Let's settle the key type in auto mode now. */
+
+ if (host_key && tpm2_key)
+ id = CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC;
+ else if (tpm2_key)
+ id = CRED_AES256_GCM_BY_TPM2_HMAC;
+ else if (host_key)
+ id = CRED_AES256_GCM_BY_HOST;
+ else
+ return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+ "TPM2 not available and host key located on temporary file system, no encryption key available.");
+ } else
+ id = with_key;
+
+ /* Let's now take the host key and the TPM2 key and hash it together, to use as encryption key for the data */
+ r = sha256_hash_host_and_tpm2_key(host_key, host_key_size, tpm2_key, tpm2_key_size, md);
+ if (r < 0)
+ return r;
+
+ assert_se(cc = EVP_aes_256_gcm());
+
+ ksz = EVP_CIPHER_key_length(cc);
+ assert(ksz == sizeof(md));
+
+ bsz = EVP_CIPHER_block_size(cc);
+ assert(bsz > 0);
+ assert((size_t) bsz <= CREDENTIAL_FIELD_SIZE_MAX);
+
+ ivsz = EVP_CIPHER_iv_length(cc);
+ if (ivsz > 0) {
+ assert((size_t) ivsz <= CREDENTIAL_FIELD_SIZE_MAX);
+
+ iv = malloc(ivsz);
+ if (!iv)
+ return log_oom();
+
+ r = genuine_random_bytes(iv, ivsz, RANDOM_BLOCK);
+ if (r < 0)
+ return log_error_errno(r, "Failed to acquired randomized IV: %m");
+ }
+
+ tsz = 16; /* FIXME: On OpenSSL 3 there is EVP_CIPHER_CTX_get_tag_length(), until then let's hardcode this */
+
+ context = EVP_CIPHER_CTX_new();
+ if (!context)
+ return log_error_errno(SYNTHETIC_ERRNO(ENOMEM), "Failed to allocate encryption object: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ if (EVP_EncryptInit_ex(context, cc, NULL, md, iv) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to initialize encryption context: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ /* Just an upper estimate */
+ output_size =
+ ALIGN8(offsetof(struct encrypted_credential_header, iv) + ivsz) +
+ ALIGN8(tpm2_key ? offsetof(struct tpm2_credential_header, policy_hash_and_blob) + tpm2_blob_size + tpm2_policy_hash_size : 0) +
+ ALIGN8(offsetof(struct metadata_credential_header, name) + strlen_ptr(name)) +
+ input_size + 2U * (size_t) bsz +
+ tsz;
+
+ output = malloc0(output_size);
+ if (!output)
+ return log_oom();
+
+ h = (struct encrypted_credential_header*) output;
+ h->id = id;
+ h->block_size = htole32(bsz);
+ h->key_size = htole32(ksz);
+ h->tag_size = htole32(tsz);
+ h->iv_size = htole32(ivsz);
+ memcpy(h->iv, iv, ivsz);
+
+ p = ALIGN8(offsetof(struct encrypted_credential_header, iv) + ivsz);
+
+ if (tpm2_key) {
+ struct tpm2_credential_header *t;
+
+ t = (struct tpm2_credential_header*) ((uint8_t*) output + p);
+ t->pcr_mask = htole64(tpm2_pcr_mask);
+ t->pcr_bank = htole16(tpm2_pcr_bank);
+ t->primary_alg = htole16(tpm2_primary_alg);
+ t->blob_size = htole32(tpm2_blob_size);
+ t->policy_hash_size = htole32(tpm2_policy_hash_size);
+ memcpy(t->policy_hash_and_blob, tpm2_blob, tpm2_blob_size);
+ memcpy(t->policy_hash_and_blob + tpm2_blob_size, tpm2_policy_hash, tpm2_policy_hash_size);
+
+ p += ALIGN8(offsetof(struct tpm2_credential_header, policy_hash_and_blob) + tpm2_blob_size + tpm2_policy_hash_size);
+ }
+
+ /* Pass the encrypted + TPM2 header as AAD */
+ if (EVP_EncryptUpdate(context, NULL, &added, output, p) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to write AAD data: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ /* Now construct the metadata header */
+ ml = strlen_ptr(name);
+ m = malloc0(ALIGN8(offsetof(struct metadata_credential_header, name) + ml));
+ if (!m)
+ return log_oom();
+
+ m->timestamp = htole64(timestamp);
+ m->not_after = htole64(not_after);
+ m->name_size = htole32(ml);
+ memcpy_safe(m->name, name, ml);
+
+ /* And encrypt the metadata header */
+ if (EVP_EncryptUpdate(context, (uint8_t*) output + p, &added, (const unsigned char*) m, ALIGN8(offsetof(struct metadata_credential_header, name) + ml)) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to encrypt metadata header: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ assert(added >= 0);
+ assert((size_t) added <= output_size - p);
+ p += added;
+
+ /* Then encrypt the plaintext */
+ if (EVP_EncryptUpdate(context, (uint8_t*) output + p, &added, input, input_size) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to encrypt data: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ assert(added >= 0);
+ assert((size_t) added <= output_size - p);
+ p += added;
+
+ /* Finalize */
+ if (EVP_EncryptFinal_ex(context, (uint8_t*) output + p, &added) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to finalize data encryption: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ assert(added >= 0);
+ assert((size_t) added <= output_size - p);
+ p += added;
+
+ assert(p <= output_size - tsz);
+
+ /* Append tag */
+ if (EVP_CIPHER_CTX_ctrl(context, EVP_CTRL_GCM_GET_TAG, tsz, (uint8_t*) output + p) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to get tag: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ p += tsz;
+ assert(p <= output_size);
+
+ if (DEBUG_LOGGING && input_size > 0) {
+ size_t base64_size;
+
+ base64_size = DIV_ROUND_UP(p * 4, 3); /* Include base64 size increase in debug output */
+ assert(base64_size >= input_size);
+ log_debug("Input of %zu bytes grew to output of %zu bytes (+%2zu%%).", input_size, base64_size, base64_size * 100 / input_size - 100);
+ }
+
+ *ret = TAKE_PTR(output);
+ *ret_size = p;
+
+ return 0;
+}
+
+int decrypt_credential_and_warn(
+ const char *validate_name,
+ usec_t validate_timestamp,
+ const char *tpm2_device,
+ const void *input,
+ size_t input_size,
+ void **ret,
+ size_t *ret_size) {
+
+ _cleanup_(erase_and_freep) void *host_key = NULL, *tpm2_key = NULL, *plaintext = NULL;
+ _cleanup_(EVP_CIPHER_CTX_freep) EVP_CIPHER_CTX *context = NULL;
+ size_t host_key_size = 0, tpm2_key_size = 0, plaintext_size, p, hs;
+ struct encrypted_credential_header *h;
+ struct metadata_credential_header *m;
+ uint8_t md[SHA256_DIGEST_LENGTH];
+ bool with_tpm2, with_host_key;
+ const EVP_CIPHER *cc;
+ int r, added;
+
+ assert(input || input_size == 0);
+ assert(ret);
+ assert(ret_size);
+
+ h = (struct encrypted_credential_header*) input;
+
+ /* The ID must fit in, for the current and all future formats */
+ if (input_size < sizeof(h->id))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Encrypted file too short.");
+
+ with_host_key = sd_id128_in_set(h->id, CRED_AES256_GCM_BY_HOST, CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC);
+ with_tpm2 = sd_id128_in_set(h->id, CRED_AES256_GCM_BY_TPM2_HMAC, CRED_AES256_GCM_BY_HOST_AND_TPM2_HMAC);
+
+ if (!with_host_key && !with_tpm2)
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Unknown encryption format, or corrupted data: %m");
+
+ /* Now we know the minimum header size */
+ if (input_size < offsetof(struct encrypted_credential_header, iv))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Encrypted file too short.");
+
+ /* Verify some basic header values */
+ if (le32toh(h->key_size) != sizeof(md))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Unexpected key size in header.");
+ if (le32toh(h->block_size) <= 0 || le32toh(h->block_size) > CREDENTIAL_FIELD_SIZE_MAX)
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Unexpected block size in header.");
+ if (le32toh(h->iv_size) > CREDENTIAL_FIELD_SIZE_MAX)
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "IV size too large.");
+ if (le32toh(h->tag_size) != 16) /* FIXME: On OpenSSL 3, let's verify via EVP_CIPHER_CTX_get_tag_length() */
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Unexpected tag size in header.");
+
+ /* Ensure we have space for the full header now (we don't know the size of the name hence this is a
+ * lower limit only) */
+ if (input_size <
+ ALIGN8(offsetof(struct encrypted_credential_header, iv) + le32toh(h->iv_size)) +
+ ALIGN8((with_tpm2 ? offsetof(struct tpm2_credential_header, policy_hash_and_blob) : 0)) +
+ ALIGN8(offsetof(struct metadata_credential_header, name)) +
+ le32toh(h->tag_size))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Encrypted file too short.");
+
+ p = ALIGN8(offsetof(struct encrypted_credential_header, iv) + le32toh(h->iv_size));
+
+ if (with_tpm2) {
+#if HAVE_TPM2
+ struct tpm2_credential_header* t = (struct tpm2_credential_header*) ((uint8_t*) input + p);
+
+ if (le64toh(t->pcr_mask) >= (UINT64_C(1) << TPM2_PCRS_MAX))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "TPM2 PCR mask out of range.");
+ if (!tpm2_pcr_bank_to_string(le16toh(t->pcr_bank)))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "TPM2 PCR bank invalid or not supported");
+ if (!tpm2_primary_alg_to_string(le16toh(t->primary_alg)))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "TPM2 primary key algorithm invalid or not supported.");
+ if (le32toh(t->blob_size) > CREDENTIAL_FIELD_SIZE_MAX)
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Unexpected TPM2 blob size.");
+ if (le32toh(t->policy_hash_size) > CREDENTIAL_FIELD_SIZE_MAX)
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Unexpected TPM2 policy hash size.");
+
+ /* Ensure we have space for the full TPM2 header now (still don't know the name, and its size
+ * though, hence still just a lower limit test only) */
+ if (input_size <
+ ALIGN8(offsetof(struct encrypted_credential_header, iv) + le32toh(h->iv_size)) +
+ ALIGN8(offsetof(struct tpm2_credential_header, policy_hash_and_blob) + le32toh(t->blob_size) + le32toh(t->policy_hash_size)) +
+ ALIGN8(offsetof(struct metadata_credential_header, name)) +
+ le32toh(h->tag_size))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Encrypted file too short.");
+
+ r = tpm2_unseal(tpm2_device,
+ le64toh(t->pcr_mask),
+ le16toh(t->pcr_bank),
+ le16toh(t->primary_alg),
+ t->policy_hash_and_blob,
+ le32toh(t->blob_size),
+ t->policy_hash_and_blob + le32toh(t->blob_size),
+ le32toh(t->policy_hash_size),
+ &tpm2_key,
+ &tpm2_key_size);
+ if (r < 0)
+ return r;
+
+ p += ALIGN8(offsetof(struct tpm2_credential_header, policy_hash_and_blob) +
+ le32toh(t->blob_size) +
+ le32toh(t->policy_hash_size));
+#else
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Credential requires TPM2 support, but TPM2 support not available.");
+#endif
+ }
+
+ if (with_host_key) {
+ r = get_credential_host_secret(
+ 0,
+ &host_key,
+ &host_key_size);
+ if (r < 0)
+ return log_error_errno(r, "Failed to determine local credential key: %m");
+ }
+
+ sha256_hash_host_and_tpm2_key(host_key, host_key_size, tpm2_key, tpm2_key_size, md);
+
+ assert_se(cc = EVP_aes_256_gcm());
+
+ /* Make sure cipher expectations match the header */
+ if (EVP_CIPHER_key_length(cc) != (int) le32toh(h->key_size))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Unexpected key size in header.");
+ if (EVP_CIPHER_block_size(cc) != (int) le32toh(h->block_size))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Unexpected block size in header.");
+
+ context = EVP_CIPHER_CTX_new();
+ if (!context)
+ return log_error_errno(SYNTHETIC_ERRNO(ENOMEM), "Failed to allocate decryption object: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ if (EVP_DecryptInit_ex(context, cc, NULL, NULL, NULL) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to initialize decryption context: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ if (EVP_CIPHER_CTX_ctrl(context, EVP_CTRL_GCM_SET_IVLEN, le32toh(h->iv_size), NULL) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to set IV size on decryption context: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ if (EVP_DecryptInit_ex(context, NULL, NULL, md, h->iv) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to set IV and key: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ if (EVP_DecryptUpdate(context, NULL, &added, input, p) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to write AAD data: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ plaintext = malloc(input_size - p - le32toh(h->tag_size));
+ if (!plaintext)
+ return -ENOMEM;
+
+ if (EVP_DecryptUpdate(
+ context,
+ plaintext,
+ &added,
+ (uint8_t*) input + p,
+ input_size - p - le32toh(h->tag_size)) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to decrypt data: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ assert(added >= 0);
+ assert((size_t) added <= input_size - p - le32toh(h->tag_size));
+ plaintext_size = added;
+
+ if (EVP_CIPHER_CTX_ctrl(context, EVP_CTRL_GCM_SET_TAG, le32toh(h->tag_size), (uint8_t*) input + input_size - le32toh(h->tag_size)) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to set tag: %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ if (EVP_DecryptFinal_ex(context, (uint8_t*) plaintext + plaintext_size, &added) != 1)
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Decryption failed (incorrect key?): %s",
+ ERR_error_string(ERR_get_error(), NULL));
+
+ plaintext_size += added;
+
+ if (plaintext_size < ALIGN8(offsetof(struct metadata_credential_header, name)))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Metadata header incomplete.");
+
+ m = plaintext;
+
+ if (le64toh(m->timestamp) != USEC_INFINITY &&
+ le64toh(m->not_after) != USEC_INFINITY &&
+ le64toh(m->timestamp) >= le64toh(m->not_after))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Timestamps of credential are not in order, refusing.");
+
+ if (le32toh(m->name_size) > CREDENTIAL_NAME_MAX)
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Embedded credential name too long, refusing.");
+
+ hs = ALIGN8(offsetof(struct metadata_credential_header, name) + le32toh(m->name_size));
+ if (plaintext_size < hs)
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Metadata header incomplete.");
+
+ if (le32toh(m->name_size) > 0) {
+ _cleanup_free_ char *embedded_name = NULL;
+
+ if (memchr(m->name, 0, le32toh(m->name_size)))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Embedded credential name contains NUL byte, refusing.");
+
+ embedded_name = memdup_suffix0(m->name, le32toh(m->name_size));
+ if (!embedded_name)
+ return log_oom();
+
+ if (!credential_name_valid(embedded_name))
+ return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Embedded credential name is not valid, refusing.");
+
+ if (validate_name && !streq(embedded_name, validate_name)) {
+
+ r = getenv_bool_secure("SYSTEMD_CREDENTIAL_VALIDATE_NAME");
+ if (r < 0 && r != -ENXIO)
+ log_debug_errno(r, "Failed to parse $SYSTEMD_CREDENTIAL_VALIDATE_NAME: %m");
+ if (r != 0)
+ return log_error_errno(SYNTHETIC_ERRNO(EREMOTE), "Embedded credential name '%s' does not match filename '%s', refusing.", embedded_name, validate_name);
+
+ log_debug("Embedded credential name '%s' does not match expected name '%s', but configured to use credential anyway.", embedded_name, validate_name);
+ }
+ }
+
+ if (validate_timestamp != USEC_INFINITY) {
+ if (le64toh(m->timestamp) != USEC_INFINITY && le64toh(m->timestamp) > validate_timestamp)
+ log_debug("Credential timestamp is from the future, assuming clock skew.");
+
+ if (le64toh(m->not_after) != USEC_INFINITY && le64toh(m->not_after) < validate_timestamp) {
+
+ r = getenv_bool_secure("SYSTEMD_CREDENTIAL_VALIDATE_NOT_AFTER");
+ if (r < 0 && r != -ENXIO)
+ log_debug_errno(r, "Failed to parse $SYSTEMD_CREDENTIAL_VALIDATE_NOT_AFTER: %m");
+ if (r != 0)
+ return log_error_errno(SYNTHETIC_ERRNO(ESTALE), "Credential's time passed, refusing to use.");
+
+ log_debug("Credential not-after timestamp has passed, but configured to use credential anyway.");
+ }
+ }
+
+ if (ret) {
+ char *without_metadata;
+
+ without_metadata = memdup((uint8_t*) plaintext + hs, plaintext_size - hs);
+ if (!without_metadata)
+ return log_oom();
+
+ *ret = without_metadata;
+ }
+
+ if (ret_size)
+ *ret_size = plaintext_size - hs;
+
+ return 0;
+}
+
+#else
+
+int get_credential_host_secret(CredentialSecretFlags flags, void **ret, size_t *ret_size) {
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Support for encrypted credentials not available.");
+}
+
+int encrypt_credential_and_warn(sd_id128_t with_key, const char *name, usec_t timestamp, usec_t not_after, const char *tpm2_device, uint32_t tpm2_pcr_mask, const void *input, size_t input_size, void **ret, size_t *ret_size) {
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Support for encrypted credentials not available.");
+}
+
+int decrypt_credential_and_warn(const char *validate_name, usec_t validate_timestamp, const char *tpm2_device, const void *input, size_t input_size, void **ret, size_t *ret_size) {
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Support for encrypted credentials not available.");
+}
+
+#endif
diff --git a/src/shared/openssl-util.h b/src/shared/openssl-util.h
index e6c2bd9310..ce8207414f 100644
--- a/src/shared/openssl-util.h
+++ b/src/shared/openssl-util.h
@@ -11,6 +11,7 @@ DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509*, X509_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(X509_NAME*, X509_NAME_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_PKEY_CTX*, EVP_PKEY_CTX_free, NULL);
DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_CIPHER_CTX*, EVP_CIPHER_CTX_free, NULL);
+DEFINE_TRIVIAL_CLEANUP_FUNC_FULL(EVP_MD_CTX*, EVP_MD_CTX_free, NULL);
int rsa_encrypt_bytes(EVP_PKEY *pkey, const void *decrypted_key, size_t decrypted_key_size, void **ret_encrypt_key, size_t *ret_encrypt_key_size);
--
2.33.0

40
backport-cryptenroll-fix-wrong-error-messages.patch Normal file
View File

@ -0,0 +1,40 @@
From a9149ef71dbfafd964b4e509690418be602c6eb6 Mon Sep 17 00:00:00 2001
From: Gibeom Gwon <gb.gwon@stackframe.dev>
Date: Fri, 3 Dec 2021 15:10:50 +0900
Subject: [PATCH] cryptenroll: fix wrong error messages
PKCS#11 -> FIDO2 in cryptenroll-fido2.c
(cherry picked from commit 4b9aa29bc9ded35147f9fa77f77e13c3c6fa7fcf)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/a9149ef71dbfafd964b4e509690418be602c6eb6
---
src/cryptenroll/cryptenroll-fido2.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/cryptenroll/cryptenroll-fido2.c b/src/cryptenroll/cryptenroll-fido2.c
index fbf76ee586..9e1d94bd16 100644
--- a/src/cryptenroll/cryptenroll-fido2.c
+++ b/src/cryptenroll/cryptenroll-fido2.c
@@ -67,7 +67,7 @@ int enroll_fido2(
base64_encoded,
strlen(base64_encoded));
if (keyslot < 0)
- return log_error_errno(keyslot, "Failed to add new PKCS#11 key to %s: %m", node);
+ return log_error_errno(keyslot, "Failed to add new FIDO2 key to %s: %m", node);
if (asprintf(&keyslot_as_string, "%i", keyslot) < 0)
return log_oom();
@@ -83,7 +83,7 @@ int enroll_fido2(
JSON_BUILD_PAIR("fido2-up-required", JSON_BUILD_BOOLEAN(FLAGS_SET(lock_with, FIDO2ENROLL_UP))),
JSON_BUILD_PAIR("fido2-uv-required", JSON_BUILD_BOOLEAN(FLAGS_SET(lock_with, FIDO2ENROLL_UV)))));
if (r < 0)
- return log_error_errno(r, "Failed to prepare PKCS#11 JSON token object: %m");
+ return log_error_errno(r, "Failed to prepare FIDO2 JSON token object: %m");
r = cryptsetup_add_token_json(cd, v);
if (r < 0)
--
2.33.0

143
backport-dbus-wait-for-jobs-add-extra_args-to-bus_wait_for_jo.patch Normal file
View File

@ -0,0 +1,143 @@
From 84188acc6fe4a2f04c91c2c4d7b20a3166caa63b Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Thu, 30 Dec 2021 00:53:29 +0000
Subject: [PATCH] dbus-wait-for-jobs: add extra_args to bus_wait_for_jobs_one()
And pass it through to bus_wait_for_jobs()
(cherry picked from commit 86980de64bf8c03505eec729808f52f3b3042998)
(cherry picked from commit 0c4fe2e3dcde8225006a36cff643c112bd6c6523)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/84188acc6fe4a2f04c91c2c4d7b20a3166caa63b
---
src/mount/mount-tool.c | 6 +++---
src/nspawn/nspawn-register.c | 2 +-
src/run/run.c | 6 +++---
src/shared/bus-wait-for-jobs.c | 4 ++--
src/shared/bus-wait-for-jobs.h | 2 +-
src/shared/tests.c | 2 +-
6 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/src/mount/mount-tool.c b/src/mount/mount-tool.c
index 70b4c5a765..9659355c33 100644
--- a/src/mount/mount-tool.c
+++ b/src/mount/mount-tool.c
@@ -600,7 +600,7 @@ static int start_transient_mount(
if (r < 0)
return bus_log_parse_error(r);
- r = bus_wait_for_jobs_one(w, object, arg_quiet);
+ r = bus_wait_for_jobs_one(w, object, arg_quiet, NULL);
if (r < 0)
return r;
}
@@ -709,7 +709,7 @@ static int start_transient_automount(
if (r < 0)
return bus_log_parse_error(r);
- r = bus_wait_for_jobs_one(w, object, arg_quiet);
+ r = bus_wait_for_jobs_one(w, object, arg_quiet, NULL);
if (r < 0)
return r;
}
@@ -875,7 +875,7 @@ static int stop_mount(
if (r < 0)
return bus_log_parse_error(r);
- r = bus_wait_for_jobs_one(w, object, arg_quiet);
+ r = bus_wait_for_jobs_one(w, object, arg_quiet, NULL);
if (r < 0)
return r;
}
diff --git a/src/nspawn/nspawn-register.c b/src/nspawn/nspawn-register.c
index 2e6c12b3b7..c78bead4a4 100644
--- a/src/nspawn/nspawn-register.c
+++ b/src/nspawn/nspawn-register.c
@@ -313,7 +313,7 @@ int allocate_scope(
if (r < 0)
return bus_log_parse_error(r);
- r = bus_wait_for_jobs_one(w, object, false);
+ r = bus_wait_for_jobs_one(w, object, false, NULL);
if (r < 0)
return r;
diff --git a/src/run/run.c b/src/run/run.c
index 1c83e36e4e..9a7e1efaca 100644
--- a/src/run/run.c
+++ b/src/run/run.c
@@ -1228,7 +1228,7 @@ static int start_transient_service(
if (r < 0)
return bus_log_parse_error(r);
- r = bus_wait_for_jobs_one(w, object, arg_quiet);
+ r = bus_wait_for_jobs_one(w, object, arg_quiet, NULL);
if (r < 0)
return r;
}
@@ -1473,7 +1473,7 @@ static int start_transient_scope(sd_bus *bus) {
if (r < 0)
return bus_log_parse_error(r);
- r = bus_wait_for_jobs_one(w, object, arg_quiet);
+ r = bus_wait_for_jobs_one(w, object, arg_quiet, NULL);
if (r < 0)
return r;
@@ -1693,7 +1693,7 @@ static int start_transient_trigger(
if (r < 0)
return bus_log_parse_error(r);
- r = bus_wait_for_jobs_one(w, object, arg_quiet);
+ r = bus_wait_for_jobs_one(w, object, arg_quiet, NULL);
if (r < 0)
return r;
diff --git a/src/shared/bus-wait-for-jobs.c b/src/shared/bus-wait-for-jobs.c
index e4a3ab9a95..0cd47d5787 100644
--- a/src/shared/bus-wait-for-jobs.c
+++ b/src/shared/bus-wait-for-jobs.c
@@ -323,12 +323,12 @@ int bus_wait_for_jobs_add(BusWaitForJobs *d, const char *path) {
return set_put_strdup(&d->jobs, path);
}
-int bus_wait_for_jobs_one(BusWaitForJobs *d, const char *path, bool quiet) {
+int bus_wait_for_jobs_one(BusWaitForJobs *d, const char *path, bool quiet, const char* const* extra_args) {
int r;
r = bus_wait_for_jobs_add(d, path);
if (r < 0)
return log_oom();
- return bus_wait_for_jobs(d, quiet, NULL);
+ return bus_wait_for_jobs(d, quiet, extra_args);
}
diff --git a/src/shared/bus-wait-for-jobs.h b/src/shared/bus-wait-for-jobs.h
index 68c9d604ad..5acf8b9241 100644
--- a/src/shared/bus-wait-for-jobs.h
+++ b/src/shared/bus-wait-for-jobs.h
@@ -11,6 +11,6 @@ int bus_wait_for_jobs_new(sd_bus *bus, BusWaitForJobs **ret);
BusWaitForJobs* bus_wait_for_jobs_free(BusWaitForJobs *d);
int bus_wait_for_jobs_add(BusWaitForJobs *d, const char *path);
int bus_wait_for_jobs(BusWaitForJobs *d, bool quiet, const char* const* extra_args);
-int bus_wait_for_jobs_one(BusWaitForJobs *d, const char *path, bool quiet);
+int bus_wait_for_jobs_one(BusWaitForJobs *d, const char *path, bool quiet, const char* const* extra_args);
DEFINE_TRIVIAL_CLEANUP_FUNC(BusWaitForJobs*, bus_wait_for_jobs_free);
diff --git a/src/shared/tests.c b/src/shared/tests.c
index ab7d799029..6d35bc6a8d 100644
--- a/src/shared/tests.c
+++ b/src/shared/tests.c
@@ -247,7 +247,7 @@ static int allocate_scope(void) {
if (r < 0)
return bus_log_parse_error(r);
- r = bus_wait_for_jobs_one(w, object, false);
+ r = bus_wait_for_jobs_one(w, object, false, NULL);
if (r < 0)
return r;
--
2.33.0

146
backport-devnode-acl-use-_cleanup_-to-free-acl_t.patch Normal file
View File

@ -0,0 +1,146 @@
From 541ada330879dd928b33b55f1fc437ec1bbd349f Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Thu, 3 Mar 2022 15:58:24 +0100
Subject: [PATCH] devnode-acl: use _cleanup_ to free acl_t
(cherry picked from commit 203ea2c8f158288fea56c5be980715b2b7e002fe)
(cherry picked from commit 543c73300e3b9298e5316555bf4df6ff7dfc210f)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/541ada330879dd928b33b55f1fc437ec1bbd349f
---
src/shared/devnode-acl.c | 73 ++++++++++++++--------------------------
1 file changed, 25 insertions(+), 48 deletions(-)
diff --git a/src/shared/devnode-acl.c b/src/shared/devnode-acl.c
index 07e29e1019..394422b164 100644
--- a/src/shared/devnode-acl.c
+++ b/src/shared/devnode-acl.c
@@ -52,8 +52,8 @@ int devnode_acl(const char *path,
bool del, uid_t old_uid,
bool add, uid_t new_uid) {
- acl_t acl;
- int r = 0;
+ _cleanup_(acl_freep) acl_t acl = NULL;
+ int r;
bool changed = false;
assert(path);
@@ -66,7 +66,7 @@ int devnode_acl(const char *path,
r = flush_acl(acl);
if (r < 0)
- goto finish;
+ return r;
if (r > 0)
changed = true;
@@ -75,13 +75,11 @@ int devnode_acl(const char *path,
r = acl_find_uid(acl, old_uid, &entry);
if (r < 0)
- goto finish;
+ return r;
if (r > 0) {
- if (acl_delete_entry(acl, entry) < 0) {
- r = -errno;
- goto finish;
- }
+ if (acl_delete_entry(acl, entry) < 0)
+ return -errno;
changed = true;
}
@@ -94,68 +92,47 @@ int devnode_acl(const char *path,
r = acl_find_uid(acl, new_uid, &entry);
if (r < 0)
- goto finish;
+ return r;
if (r == 0) {
- if (acl_create_entry(&acl, &entry) < 0) {
- r = -errno;
- goto finish;
- }
+ if (acl_create_entry(&acl, &entry) < 0)
+ return -errno;
if (acl_set_tag_type(entry, ACL_USER) < 0 ||
- acl_set_qualifier(entry, &new_uid) < 0) {
- r = -errno;
- goto finish;
- }
+ acl_set_qualifier(entry, &new_uid) < 0)
+ return -errno;
}
- if (acl_get_permset(entry, &permset) < 0) {
- r = -errno;
- goto finish;
- }
+ if (acl_get_permset(entry, &permset) < 0)
+ return -errno;
rd = acl_get_perm(permset, ACL_READ);
- if (rd < 0) {
- r = -errno;
- goto finish;
- }
+ if (rd < 0)
+ return -errno;
wt = acl_get_perm(permset, ACL_WRITE);
- if (wt < 0) {
- r = -errno;
- goto finish;
- }
+ if (wt < 0)
+ return -errno;
if (!rd || !wt) {
- if (acl_add_perm(permset, ACL_READ|ACL_WRITE) < 0) {
- r = -errno;
- goto finish;
- }
+ if (acl_add_perm(permset, ACL_READ|ACL_WRITE) < 0)
+ return -errno;
changed = true;
}
}
if (!changed)
- goto finish;
-
- if (acl_calc_mask(&acl) < 0) {
- r = -errno;
- goto finish;
- }
-
- if (acl_set_file(path, ACL_TYPE_ACCESS, acl) < 0) {
- r = -errno;
- goto finish;
- }
+ return 0;
- r = 0;
+ if (acl_calc_mask(&acl) < 0)
+ return -errno;
-finish:
- acl_free(acl);
+ if (acl_set_file(path, ACL_TYPE_ACCESS, acl) < 0)
+ return -errno;
- return r;
+ return 0;
}
int devnode_acl_all(const char *seat,
--
2.33.0

31
backport-dhcp-fix-assertion-failure.patch Normal file
View File

@ -0,0 +1,31 @@
From d59f045a9341f33df161a83a0a5428e137381206 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 8 Dec 2021 05:47:11 +0900
Subject: [PATCH] dhcp: fix assertion failure
Fixes #21671.
(cherry picked from commit 990d0aa98023140d1efc897c3dcd5e0599a60203)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/d59f045a9341f33df161a83a0a5428e137381206
---
src/libsystemd-network/sd-dhcp-lease.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c
index 095a4ee683..9a0d7f6fea 100644
--- a/src/libsystemd-network/sd-dhcp-lease.c
+++ b/src/libsystemd-network/sd-dhcp-lease.c
@@ -691,7 +691,7 @@ int dhcp_lease_parse_options(uint8_t code, uint8_t len, const void *option, void
}
if (!timezone_is_valid(tz, LOG_DEBUG)) {
- log_debug_errno(r, "Timezone is not valid, ignoring: %m");
+ log_debug("Timezone is not valid, ignoring.");
return 0;
}
--
2.33.0

30
backport-discover-image-mount-as-read-only-when-extracting-me.patch Normal file
View File

@ -0,0 +1,30 @@
From 783b787a3aecbd2c9d6908546f89c9690728aa79 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Thu, 22 Jul 2021 22:21:10 +0100
Subject: [PATCH] discover-image: mount as read-only when extracting metadata
We don't need to modify the image, and the loopback device is already set to read-only.
(cherry picked from commit f6f4ec7951f429e8a470f8912cbeacde8fa1206e)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/783b787a3aecbd2c9d6908546f89c9690728aa79
---
src/shared/discover-image.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/shared/discover-image.c b/src/shared/discover-image.c
index 5c833afc78..521264ec29 100644
--- a/src/shared/discover-image.c
+++ b/src/shared/discover-image.c
@@ -1208,6 +1208,7 @@ int image_read_metadata(Image *i) {
DISSECT_IMAGE_GENERIC_ROOT |
DISSECT_IMAGE_REQUIRE_ROOT |
DISSECT_IMAGE_RELAX_VAR_CHECK |
+ DISSECT_IMAGE_READ_ONLY |
DISSECT_IMAGE_USR_NO_ROOT,
&m);
if (r < 0)
--
2.33.0

29
backport-discover-image-pass-the-right-fd-to-fd_getcrtime.patch Normal file
View File

@ -0,0 +1,29 @@
From 64b025686f36ae4385811be6f81d5f7d94da3437 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 18 Aug 2021 22:41:08 +0200
Subject: [PATCH] discover-image: pass the right fd to fd_getcrtime()
(cherry picked from commit 12a7f04a2b9135a4751dba71e2f688525d7c93e7)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/64b025686f36ae4385811be6f81d5f7d94da3437
---
src/shared/discover-image.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shared/discover-image.c b/src/shared/discover-image.c
index 521264ec29..5f8bf43776 100644
--- a/src/shared/discover-image.c
+++ b/src/shared/discover-image.c
@@ -305,7 +305,7 @@ static int image_make(
}
/* Get directory creation time (not available everywhere, but that's OK */
- (void) fd_getcrtime(dfd, &crtime);
+ (void) fd_getcrtime(fd, &crtime);
/* If the IMMUTABLE bit is set, we consider the directory read-only. Since the ioctl is not
* supported everywhere we ignore failures. */
--
2.33.0

126
backport-dissect-image-add-extension-specific-validation-flag.patch Normal file
View File

@ -0,0 +1,126 @@
From 1d1b529d7781c7ac28fd6130eeda76bf2d70fe79 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Wed, 18 Aug 2021 16:08:14 +0100
Subject: [PATCH] dissect-image: add extension-specific validation flag
Allows callers to specify which image type they are looking for
(cherry picked from commit 9ccb531a5f99a7f399f352e79079188957f5a170)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/1d1b529d7781c7ac28fd6130eeda76bf2d70fe79
---
src/portable/portable.c | 9 ++++++++-
src/shared/dissect-image.c | 26 +++++++++++++++++++-------
src/shared/dissect-image.h | 23 ++++++++++++-----------
3 files changed, 39 insertions(+), 19 deletions(-)
diff --git a/src/portable/portable.c b/src/portable/portable.c
index 4cf5fb4f0a..5ecbeec2de 100644
--- a/src/portable/portable.c
+++ b/src/portable/portable.c
@@ -424,9 +424,16 @@ static int portable_extract_by_path(
if (r < 0)
return r;
if (r == 0) {
+ DissectImageFlags flags = DISSECT_IMAGE_READ_ONLY;
+
seq[0] = safe_close(seq[0]);
- r = dissected_image_mount(m, tmpdir, UID_INVALID, UID_INVALID, DISSECT_IMAGE_READ_ONLY);
+ if (!extract_os_release)
+ flags |= DISSECT_IMAGE_VALIDATE_OS_EXT;
+ else
+ flags |= DISSECT_IMAGE_VALIDATE_OS;
+
+ r = dissected_image_mount(m, tmpdir, UID_INVALID, UID_INVALID, flags);
if (r < 0) {
log_debug_errno(r, "Failed to mount dissected image: %m");
goto child_finish;
diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index 9b30c86a53..3a24f5041f 100644
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -1725,17 +1725,28 @@ int dissected_image_mount(
if (r < 0)
return r;
- if (flags & DISSECT_IMAGE_VALIDATE_OS) {
- r = path_is_os_tree(where);
- if (r < 0)
- return r;
- if (r == 0) {
+ if ((flags & (DISSECT_IMAGE_VALIDATE_OS|DISSECT_IMAGE_VALIDATE_OS_EXT)) != 0) {
+ /* If either one of the validation flags are set, ensure that the image qualifies
+ * as one or the other (or both). */
+ bool ok = false;
+
+ if (FLAGS_SET(flags, DISSECT_IMAGE_VALIDATE_OS)) {
+ r = path_is_os_tree(where);
+ if (r < 0)
+ return r;
+ if (r > 0)
+ ok = true;
+ }
+ if (!ok && FLAGS_SET(flags, DISSECT_IMAGE_VALIDATE_OS_EXT)) {
r = path_is_extension_tree(where, m->image_name);
if (r < 0)
return r;
- if (r == 0)
- return -EMEDIUMTYPE;
+ if (r > 0)
+ ok = true;
}
+
+ if (!ok)
+ return -ENOMEDIUM;
}
}
@@ -2617,6 +2628,7 @@ int dissected_image_acquire_metadata(DissectedImage *m) {
DISSECT_IMAGE_READ_ONLY|
DISSECT_IMAGE_MOUNT_ROOT_ONLY|
DISSECT_IMAGE_VALIDATE_OS|
+ DISSECT_IMAGE_VALIDATE_OS_EXT|
DISSECT_IMAGE_USR_NO_ROOT);
if (r < 0) {
/* Let parent know the error */
diff --git a/src/shared/dissect-image.h b/src/shared/dissect-image.h
index 1ce14e915e..9db2719afb 100644
--- a/src/shared/dissect-image.h
+++ b/src/shared/dissect-image.h
@@ -100,19 +100,20 @@ typedef enum DissectImageFlags {
DISSECT_IMAGE_MOUNT_ROOT_ONLY = 1 << 6, /* Mount only the root and /usr partitions */
DISSECT_IMAGE_MOUNT_NON_ROOT_ONLY = 1 << 7, /* Mount only the non-root and non-/usr partitions */
DISSECT_IMAGE_VALIDATE_OS = 1 << 8, /* Refuse mounting images that aren't identifiable as OS images */
- DISSECT_IMAGE_NO_UDEV = 1 << 9, /* Don't wait for udev initializing things */
- DISSECT_IMAGE_RELAX_VAR_CHECK = 1 << 10, /* Don't insist that the UUID of /var is hashed from /etc/machine-id */
- DISSECT_IMAGE_FSCK = 1 << 11, /* File system check the partition before mounting (no effect when combined with DISSECT_IMAGE_READ_ONLY) */
- DISSECT_IMAGE_NO_PARTITION_TABLE = 1 << 12, /* Only recognize single file system images */
- DISSECT_IMAGE_VERITY_SHARE = 1 << 13, /* When activating a verity device, reuse existing one if already open */
- DISSECT_IMAGE_MKDIR = 1 << 14, /* Make top-level directory to mount right before mounting, if missing */
- DISSECT_IMAGE_USR_NO_ROOT = 1 << 15, /* If no root fs is in the image, but /usr is, then allow this (so that we can mount the rootfs as tmpfs or so */
- DISSECT_IMAGE_REQUIRE_ROOT = 1 << 16, /* Don't accept disks without root partition (or at least /usr partition if DISSECT_IMAGE_USR_NO_ROOT is set) */
- DISSECT_IMAGE_MOUNT_READ_ONLY = 1 << 17, /* Make mounts read-only */
+ DISSECT_IMAGE_VALIDATE_OS_EXT = 1 << 9, /* Refuse mounting images that aren't identifiable as OS extension images */
+ DISSECT_IMAGE_NO_UDEV = 1 << 10, /* Don't wait for udev initializing things */
+ DISSECT_IMAGE_RELAX_VAR_CHECK = 1 << 11, /* Don't insist that the UUID of /var is hashed from /etc/machine-id */
+ DISSECT_IMAGE_FSCK = 1 << 12, /* File system check the partition before mounting (no effect when combined with DISSECT_IMAGE_READ_ONLY) */
+ DISSECT_IMAGE_NO_PARTITION_TABLE = 1 << 13, /* Only recognize single file system images */
+ DISSECT_IMAGE_VERITY_SHARE = 1 << 14, /* When activating a verity device, reuse existing one if already open */
+ DISSECT_IMAGE_MKDIR = 1 << 15, /* Make top-level directory to mount right before mounting, if missing */
+ DISSECT_IMAGE_USR_NO_ROOT = 1 << 16, /* If no root fs is in the image, but /usr is, then allow this (so that we can mount the rootfs as tmpfs or so */
+ DISSECT_IMAGE_REQUIRE_ROOT = 1 << 17, /* Don't accept disks without root partition (or at least /usr partition if DISSECT_IMAGE_USR_NO_ROOT is set) */
+ DISSECT_IMAGE_MOUNT_READ_ONLY = 1 << 18, /* Make mounts read-only */
DISSECT_IMAGE_READ_ONLY = DISSECT_IMAGE_DEVICE_READ_ONLY |
DISSECT_IMAGE_MOUNT_READ_ONLY,
- DISSECT_IMAGE_GROWFS = 1 << 18, /* Grow file systems in partitions marked for that to the size of the partitions after mount */
- DISSECT_IMAGE_MOUNT_IDMAPPED = 1 << 19, /* Mount mounts with kernel 5.12-style userns ID mapping, if file system type doesn't support uid=/gid= */
+ DISSECT_IMAGE_GROWFS = 1 << 19, /* Grow file systems in partitions marked for that to the size of the partitions after mount */
+ DISSECT_IMAGE_MOUNT_IDMAPPED = 1 << 20, /* Mount mounts with kernel 5.12-style userns ID mapping, if file system type doesn't support uid=/gid= */
} DissectImageFlags;
struct DissectedImage {
--
2.33.0

42
backport-dissect-image-validate-extension-release-even-if-the.patch Normal file
View File

@ -0,0 +1,42 @@
From 4b14a6aafe45270b50b4a0b75d0cce11a9ac738d Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Wed, 19 Jan 2022 00:01:48 +0000
Subject: [PATCH] dissect-image: validate extension-release even if the host
has only ID in os-release
A rolling distro won't set VERSION_ID or SYSEXT_LEVEL in os-release,
which means we skip validation of ExtensionImages.
Validate even with just an ID, the lower level helper already
recognizes and accepts this use case.
Fixes https://github.com/systemd/systemd/issues/22146
(cherry picked from commit 37361f46d571ad0b71ef99dec6a9b76edbab38bb)
(cherry picked from commit 0dab9e5f057380322755e90ee4d35716d5bf6232)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/4b14a6aafe45270b50b4a0b75d0cce11a9ac738d
---
src/shared/dissect-image.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c
index 714baa8572..9b30c86a53 100644
--- a/src/shared/dissect-image.c
+++ b/src/shared/dissect-image.c
@@ -3015,9 +3015,9 @@ int verity_dissect_and_mount(
/* If we got os-release values from the caller, then we need to match them with the image's
* extension-release.d/ content. Return -EINVAL if there's any mismatch.
* First, check the distro ID. If that matches, then check the new SYSEXT_LEVEL value if
- * available, or else fallback to VERSION_ID. */
- if (required_host_os_release_id &&
- (required_host_os_release_version_id || required_host_os_release_sysext_level)) {
+ * available, or else fallback to VERSION_ID. If neither is present (eg: rolling release),
+ * then a simple match on the ID will be performed. */
+ if (required_host_os_release_id) {
_cleanup_strv_free_ char **extension_release = NULL;
r = load_extension_release_pairs(dest, dissected_image->image_name, &extension_release);
--
2.33.0

32
backport-dns-domain-re-introduce-dns_name_is_empty.patch Normal file
View File

@ -0,0 +1,32 @@
From 435a9af906c02d8024811311b012c9d7a2400009 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Mon, 24 Jan 2022 06:06:55 +0900
Subject: [PATCH] dns-domain: re-introduce dns_name_is_empty()
(cherry picked from commit 7bdf41983044268b4bc2f9d34462db7f89ba284a)
(cherry picked from commit df08c12062dfd9903edec371598412a47a3055e0)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/435a9af906c02d8024811311b012c9d7a2400009
---
src/shared/dns-domain.h | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/shared/dns-domain.h b/src/shared/dns-domain.h
index c25fcaacc2..24bf00bd58 100644
--- a/src/shared/dns-domain.h
+++ b/src/shared/dns-domain.h
@@ -60,6 +60,10 @@ static inline int dns_name_is_valid_ldh(const char *s) {
return 1;
}
+static inline bool dns_name_is_empty(const char *s) {
+ return isempty(s) || streq(s, ".");
+}
+
void dns_name_hash_func(const char *s, struct siphash *state);
int dns_name_compare_func(const char *a, const char *b);
extern const struct hash_ops dns_name_hash_ops;
--
2.33.0

37
backport-docs-SYSTEMD_NSS_BYPASS_BUS-is-not-honoured-anymore-.patch Normal file
View File

@ -0,0 +1,37 @@
From a7cfaa555379f19ab229c024027a74a5d22991d6 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 17 Feb 2022 14:47:34 +0100
Subject: [PATCH] docs: $SYSTEMD_NSS_BYPASS_BUS is not honoured anymore, don't
document it
It was removed back in 1684c56f40f020e685e70b3d1785d596ff16f892
Follow-up for: 1684c56f40f020e685e70b3d1785d596ff16f892
(cherry picked from commit cec16155e3dab4f123ba073223477a4ef2cf10f9)
(cherry picked from commit 4ec9aec4b695e1f0a26dc9cd55719c2f91ebdd6a)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/a7cfaa555379f19ab229c024027a74a5d22991d6
---
docs/ENVIRONMENT.md | 4 ----
1 file changed, 4 deletions(-)
diff --git a/docs/ENVIRONMENT.md b/docs/ENVIRONMENT.md
index 2cec3bdc16..efb360f0a4 100644
--- a/docs/ENVIRONMENT.md
+++ b/docs/ENVIRONMENT.md
@@ -208,10 +208,6 @@ All tools:
user/group records for dynamically registered service users (i.e. users
registered through `DynamicUser=1`).
-* `$SYSTEMD_NSS_BYPASS_BUS=1` — if set, `nss-systemd` won't use D-Bus to do
- dynamic user lookups. This is primarily useful to make `nss-systemd` work
- safely from within `dbus-daemon`.
-
`systemd-timedated`:
* `$SYSTEMD_TIMEDATED_NTP_SERVICES=…` — colon-separated list of unit names of
--
2.33.0

97
backport-docs-improve-wording-when-mentioning-the-acronym-ESP.patch Normal file
View File

@ -0,0 +1,97 @@
From 6822cfa5f066fcbf79ded85419d59a97decc67b9 Mon Sep 17 00:00:00 2001
From: nl6720 <nl6720@gmail.com>
Date: Fri, 9 Jul 2021 12:56:54 +0300
Subject: [PATCH] docs: improve wording when mentioning the acronym "ESP"
"ESP" is "EFI system partition", so "ESP partition" is redundant.
(cherry picked from commit 250db1bf02b9fd73f2e0604acddbc20937c67d19)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/6822cfa5f066fcbf79ded85419d59a97decc67b9
---
docs/BOOT_LOADER_INTERFACE.md | 8 ++++----
docs/BOOT_LOADER_SPECIFICATION.md | 4 ++--
man/systemd-boot.xml | 4 ++--
src/boot/bootctl.c | 2 +-
src/systemctl/systemctl-start-special.c | 2 +-
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/docs/BOOT_LOADER_INTERFACE.md b/docs/BOOT_LOADER_INTERFACE.md
index be3b6e401d..e9155117b9 100644
--- a/docs/BOOT_LOADER_INTERFACE.md
+++ b/docs/BOOT_LOADER_INTERFACE.md
@@ -76,10 +76,10 @@ variables. All EFI variables use the vendor UUID
* `1 << 6` → The boot loader supports passing a random seed to the OS.
* The EFI variable `LoaderRandomSeed` contains a binary random seed if set. It
- is set by the boot loader to pass an entropy seed read from the ESP partition
- to the OS. The system manager then credits this seed to the kernel's entropy
- pool. It is the responsibility of the boot loader to ensure the quality and
- integrity of the random seed.
+ is set by the boot loader to pass an entropy seed read from the ESP to the OS.
+ The system manager then credits this seed to the kernel's entropy pool. It is
+ the responsibility of the boot loader to ensure the quality and integrity of
+ the random seed.
* The EFI variable `LoaderSystemToken` contains binary random data,
persistently set by the OS installer. Boot loaders that support passing
diff --git a/docs/BOOT_LOADER_SPECIFICATION.md b/docs/BOOT_LOADER_SPECIFICATION.md
index b87246ede1..7b5b19700a 100644
--- a/docs/BOOT_LOADER_SPECIFICATION.md
+++ b/docs/BOOT_LOADER_SPECIFICATION.md
@@ -61,8 +61,8 @@ Everything described below is located on a placeholder file system `$BOOT`. The
* On disks with GPT (GUID Partition Table)
* If the OS is installed on a disk with GPT, and an Extended Boot Loader Partition or XBOOTLDR partition for short, i.e. a partition with GPT type GUID of `bc13c2ff-59e6-4262-a352-b275fd6f7172`, already exists, it should be used as `$BOOT`.
* Otherwise, if the OS is installed on a disk with GPT, and an EFI System Partition or ESP for short, i.e. a partition with GPT type UID of `c12a7328-f81f-11d2-ba4b-00a0c93ec93b`) already exists and is large enough (let's say 250MB) and otherwise qualifies, it should be used as `$BOOT`.
- * Otherwise, if the OS is installed on a disk with GPT, and if the ESP partition already exists but is too small, a new suitably sized (let's say 500MB) XBOOTLDR partition shall be created and used as `$BOOT`.
- * Otherwise, if the OS is installed on a disk with GPT, and no ESP partition exists yet, a new suitably sized (let's say 500MB) ESP should be created and used as `$BOOT`.
+ * Otherwise, if the OS is installed on a disk with GPT, and if the ESP already exists but is too small, a new suitably sized (let's say 500MB) XBOOTLDR partition shall be created and used as `$BOOT`.
+ * Otherwise, if the OS is installed on a disk with GPT, and no ESP exists yet, a new suitably sized (let's say 500MB) ESP should be created and used as `$BOOT`.
This placeholder file system shall be determined during _installation time_, and an fstab entry may be created. It should be mounted to either `/boot/` or `/efi/`. Additional locations like `/boot/efi/`, with `/boot/` being a separate file system, might be supported by implementations. This is not recommended because the mounting of `$BOOT` is then dependent on and requires the mounting of the intermediate file system.
diff --git a/man/systemd-boot.xml b/man/systemd-boot.xml
index 139f79fa6b..2135d9eb36 100644
--- a/man/systemd-boot.xml
+++ b/man/systemd-boot.xml
@@ -73,8 +73,8 @@
<citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
details.</para></listitem>
- <listitem><para>An EFI variable set by the boot loader informs the OS about the ESP partition used
- during boot. This is then used to automatically mount the correct ESP partition to
+ <listitem><para>An EFI variable set by the boot loader informs the OS about the EFI System Partition used
+ during boot. This is then used to automatically mount the correct EFI System Partition to
<filename>/efi/</filename> or <filename>/boot/</filename> during OS runtime. See
<citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
for details.</para></listitem>
diff --git a/src/boot/bootctl.c b/src/boot/bootctl.c
index df8b0542c9..fa8c600321 100644
--- a/src/boot/bootctl.c
+++ b/src/boot/bootctl.c
@@ -1337,7 +1337,7 @@ static int verb_status(int argc, char *argv[], void *userdata) {
sd_id128_t bootloader_esp_uuid;
bool have_bootloader_esp_uuid = efi_loader_get_device_part_uuid(&bootloader_esp_uuid) >= 0;
- print_yes_no_line(false, have_bootloader_esp_uuid, "Boot loader sets ESP partition information");
+ print_yes_no_line(false, have_bootloader_esp_uuid, "Boot loader sets ESP information");
if (have_bootloader_esp_uuid && !sd_id128_equal(esp_uuid, bootloader_esp_uuid))
printf("WARNING: The boot loader reports a different ESP UUID than detected!\n");
diff --git a/src/systemctl/systemctl-start-special.c b/src/systemctl/systemctl-start-special.c
index 3edb65be61..56068d25f5 100644
--- a/src/systemctl/systemctl-start-special.c
+++ b/src/systemctl/systemctl-start-special.c
@@ -36,7 +36,7 @@ static int load_kexec_kernel(void) {
return log_error_errno(r,
"No kexec kernel loaded and autodetection failed.\n%s",
is_efi_boot()
- ? "Cannot automatically load kernel: ESP partition mount point not found."
+ ? "Cannot automatically load kernel: ESP mount point not found."
: "Automatic loading works only on systems booted with EFI.");
if (r < 0)
return r;
--
2.33.0

40
backport-docs-portablectl-is-in-bin.patch Normal file
View File

@ -0,0 +1,40 @@
From b4221cca108f46f58cc15d83a298714b4de0bebf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 7 Sep 2021 18:43:58 +0200
Subject: [PATCH] docs: portablectl is in bin/
Follow-up for 80f39b81f3876ed3816061f1093db991f72269ec.
(cherry picked from commit a00ff6717b98580136d46cde0e8f9543e60c8f76)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/b4221cca108f46f58cc15d83a298714b4de0bebf
---
docs/PORTABLE_SERVICES.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/docs/PORTABLE_SERVICES.md b/docs/PORTABLE_SERVICES.md
index d9171c7b65..ec4a50373c 100644
--- a/docs/PORTABLE_SERVICES.md
+++ b/docs/PORTABLE_SERVICES.md
@@ -86,7 +86,7 @@ If you have a portable service image, maybe in a raw disk image called
`foobar_0.7.23.raw`, then attaching the services to the host is as easy as:
```
-# /usr/lib/systemd/portablectl attach foobar_0.7.23.raw
+# portablectl attach foobar_0.7.23.raw
```
This command does the following:
@@ -268,7 +268,7 @@ include template units such as `foobar@.service`, so that instantiation is as
simple as:
```
-# /usr/lib/systemd/portablectl attach foobar_0.7.23.raw
+# portablectl attach foobar_0.7.23.raw
# systemctl enable --now foobar@instancea.service
# systemctl enable --now foobar@instanceb.service
--
2.33.0

52
backport-ether-addr-util-make-hw_addr_to_string-return-valid-.patch Normal file
View File

@ -0,0 +1,52 @@
From 798baafc027d829bdf6fc41163e6d12085a2c620 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 15 Sep 2021 22:59:52 +0900
Subject: [PATCH] ether-addr-util: make hw_addr_to_string() return valid string
even if hardware address is null
Previously, when the length of the hardware address is zero, then the
buffer was not nul-terminated.
This also replaces sprintf() with hexchar().
(cherry picked from commit 914ac555cd40f9c09e655a737214bfb7de21b8d9)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/798baafc027d829bdf6fc41163e6d12085a2c620
---
src/basic/ether-addr-util.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/basic/ether-addr-util.c b/src/basic/ether-addr-util.c
index e660ac2c6f..dc5b5b833d 100644
--- a/src/basic/ether-addr-util.c
+++ b/src/basic/ether-addr-util.c
@@ -7,6 +7,7 @@
#include <sys/types.h>
#include "ether-addr-util.h"
+#include "hexdecoct.h"
#include "macro.h"
#include "string-util.h"
@@ -15,12 +16,13 @@ char* hw_addr_to_string(const struct hw_addr_data *addr, char buffer[HW_ADDR_TO_
assert(buffer);
assert(addr->length <= HW_ADDR_MAX_SIZE);
- for (size_t i = 0; i < addr->length; i++) {
- sprintf(&buffer[3*i], "%02"PRIx8, addr->bytes[i]);
- if (i < addr->length - 1)
- buffer[3*i + 2] = ':';
+ for (size_t i = 0, j = 0; i < addr->length; i++) {
+ buffer[j++] = hexchar(addr->bytes[i] >> 4);
+ buffer[j++] = hexchar(addr->bytes[i] & 0x0f);
+ buffer[j++] = ':';
}
+ buffer[addr->length > 0 ? addr->length * 3 - 1 : 0] = '\0';
return buffer;
}
--
2.33.0

30
backport-execute-document-that-the-env-param-is-input-and-out.patch Normal file
View File

@ -0,0 +1,30 @@
From 5c8437361d54bd6c04d613619f71c161df32024f Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 1 Feb 2022 13:50:28 +0100
Subject: [PATCH] execute: document that the 'env' param is input *and* output
(cherry picked from commit 421bb42d1b366c00392ef5bbab6a67412295b6dc)
(cherry picked from commit c4357f31da66b1917d3612d02c28adb300d4b0c6)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/5c8437361d54bd6c04d613619f71c161df32024f
---
src/core/execute.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index 1129905b61..e24775c150 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -1152,7 +1152,7 @@ static int setup_pam(
uid_t uid,
gid_t gid,
const char *tty,
- char ***env,
+ char ***env, /* updated on success */
const int fds[], size_t n_fds) {
#if HAVE_PAM
--
2.33.0

107
backport-execute-line-break-comments-a-bit-less-aggressively.patch Normal file
View File

@ -0,0 +1,107 @@
From ee7db04c13f5b46ad2437762caa7b4c239780de5 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 1 Feb 2022 13:50:13 +0100
Subject: [PATCH] execute: line break comments a bit less aggressively
(cherry picked from commit cafc5ca147cb05b90bd731661d8594c299601f79)
(cherry picked from commit 14567dc93d5c498bfaadd28478f59952f6da320c)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/ee7db04c13f5b46ad2437762caa7b4c239780de5
---
src/core/execute.c | 41 +++++++++++++++++------------------------
1 file changed, 17 insertions(+), 24 deletions(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index b6c54493d3..1129905b61 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -1238,8 +1238,7 @@ static int setup_pam(
goto fail;
}
- /* Block SIGTERM, so that we know that it won't get lost in
- * the child */
+ /* Block SIGTERM, so that we know that it won't get lost in the child */
assert_se(sigprocmask_many(SIG_BLOCK, &old_ss, SIGTERM, -1) >= 0);
@@ -1251,18 +1250,16 @@ static int setup_pam(
if (r == 0) {
int sig, ret = EXIT_PAM;
- /* The child's job is to reset the PAM session on
- * termination */
+ /* The child's job is to reset the PAM session on termination */
barrier_set_role(&barrier, BARRIER_CHILD);
/* Make sure we don't keep open the passed fds in this child. We assume that otherwise only
* those fds are open here that have been opened by PAM. */
(void) close_many(fds, n_fds);
- /* Drop privileges - we don't need any to pam_close_session
- * and this will make PR_SET_PDEATHSIG work in most cases.
- * If this fails, ignore the error - but expect sd-pam threads
- * to fail to exit normally */
+ /* Drop privileges - we don't need any to pam_close_session and this will make
+ * PR_SET_PDEATHSIG work in most cases. If this fails, ignore the error - but expect sd-pam
+ * threads to fail to exit normally */
r = maybe_setgroups(0, NULL);
if (r < 0)
@@ -1274,20 +1271,16 @@ static int setup_pam(
(void) ignore_signals(SIGPIPE);
- /* Wait until our parent died. This will only work if
- * the above setresuid() succeeds, otherwise the kernel
- * will not allow unprivileged parents kill their privileged
- * children this way. We rely on the control groups kill logic
- * to do the rest for us. */
+ /* Wait until our parent died. This will only work if the above setresuid() succeeds,
+ * otherwise the kernel will not allow unprivileged parents kill their privileged children
+ * this way. We rely on the control groups kill logic to do the rest for us. */
if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
goto child_finish;
- /* Tell the parent that our setup is done. This is especially
- * important regarding dropping privileges. Otherwise, unit
- * setup might race against our setresuid(2) call.
+ /* Tell the parent that our setup is done. This is especially important regarding dropping
+ * privileges. Otherwise, unit setup might race against our setresuid(2) call.
*
- * If the parent aborted, we'll detect this below, hence ignore
- * return failure here. */
+ * If the parent aborted, we'll detect this below, hence ignore return failure here. */
(void) barrier_place(&barrier);
/* Check if our parent process might already have died? */
@@ -1332,19 +1325,19 @@ static int setup_pam(
barrier_set_role(&barrier, BARRIER_PARENT);
- /* If the child was forked off successfully it will do all the
- * cleanups, so forget about the handle here. */
+ /* If the child was forked off successfully it will do all the cleanups, so forget about the handle
+ * here. */
handle = NULL;
/* Unblock SIGTERM again in the parent */
assert_se(sigprocmask(SIG_SETMASK, &old_ss, NULL) >= 0);
- /* We close the log explicitly here, since the PAM modules
- * might have opened it, but we don't want this fd around. */
+ /* We close the log explicitly here, since the PAM modules might have opened it, but we don't want
+ * this fd around. */
closelog();
- /* Synchronously wait for the child to initialize. We don't care for
- * errors as we cannot recover. However, warn loudly if it happens. */
+ /* Synchronously wait for the child to initialize. We don't care for errors as we cannot
+ * recover. However, warn loudly if it happens. */
if (!barrier_place_and_sync(&barrier))
log_error("PAM initialization failed");
--
2.33.0

45
backport-execute-respect-selinux_context_ignore.patch Normal file
View File

@ -0,0 +1,45 @@
From 38d0d41e0fc5d559cff5a1bcf46482aec9d6f5ef Mon Sep 17 00:00:00 2001
From: Topi Miettinen <toiwoton@gmail.com>
Date: Sat, 30 Oct 2021 19:58:41 +0300
Subject: [PATCH] execute: respect selinux_context_ignore
When `SELinuxContext=` parameter is prefixed with `-`, the documentation states
that any errors determining or changing context should be ignored, but this
doesn't actually happen and the service may fail with `229/SELINUX_CONTEXT`.
Fix by adding checks to `context->selinux_context_ignore`.
Closes: #21057
(cherry picked from commit 2ad2925de5f258d128ec8cdb07f10f3c52fa4fcf)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/38d0d41e0fc5d559cff5a1bcf46482aec9d6f5ef
---
src/core/execute.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index 6ff757ff04..e324db87cc 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -4361,7 +4361,7 @@ static int exec_child(
if (fd >= 0) {
r = mac_selinux_get_child_mls_label(fd, executable, context->selinux_context, &mac_selinux_context_net);
- if (r < 0) {
+ if (r < 0 && !context->selinux_context_ignore) {
*exit_status = EXIT_SELINUX_CONTEXT;
return log_unit_error_errno(unit, r, "Failed to determine SELinux context: %m");
}
@@ -4495,7 +4495,7 @@ static int exec_child(
if (exec_context) {
r = setexeccon(exec_context);
- if (r < 0) {
+ if (r < 0 && !context->selinux_context_ignore) {
*exit_status = EXIT_SELINUX_CONTEXT;
return log_unit_error_errno(unit, r, "Failed to change SELinux context to %s: %m", exec_context);
}
--
2.33.0

44
backport-execute-use-_cleanup_-logic-where-appropriate.patch Normal file
View File

@ -0,0 +1,44 @@
From 1fa6abd4ae2445b08e3c3fc3d4eade1e833f43da Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 1 Feb 2022 13:49:56 +0100
Subject: [PATCH] execute: use _cleanup_ logic where appropriate
(cherry picked from commit 46e5bbab5895b7137b03453dee08bd1c89c710e9)
(cherry picked from commit 9b2954b79435eaf54be208acdce8026b83bdc249)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/1fa6abd4ae2445b08e3c3fc3d4eade1e833f43da
---
src/core/execute.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index 04c0513453..b6c54493d3 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -1163,10 +1163,11 @@ static int setup_pam(
};
_cleanup_(barrier_destroy) Barrier barrier = BARRIER_NULL;
+ _cleanup_strv_free_ char **e = NULL;
pam_handle_t *handle = NULL;
sigset_t old_ss;
int pam_code = PAM_SUCCESS, r;
- char **nv, **e = NULL;
+ char **nv;
bool close_session = false;
pid_t pam_pid = 0, parent_pid;
int flags = 0;
@@ -1363,9 +1364,7 @@ fail:
(void) pam_end(handle, pam_code | flags);
}
- strv_free(e);
closelog();
-
return r;
#else
return 0;
--
2.33.0

66
backport-explicitly-close-FIDO2-devices.patch Normal file
View File

@ -0,0 +1,66 @@
From d6e4920b10c3da1665cb44f4686893b865003d12 Mon Sep 17 00:00:00 2001
From: pedro martelletto <pedro@yubico.com>
Date: Wed, 8 Sep 2021 10:42:56 +0200
Subject: [PATCH] explicitly close FIDO2 devices
FIDO2 device access is serialised by libfido2 using flock().
Therefore, make sure to close a FIDO2 device once we are done
with it, or we risk opening it again at a later point and
deadlocking. Fixes #20664.
(cherry picked from commit b6aa89b0a399992c8ea762e6ec4f30cff90618f2)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/d6e4920b10c3da1665cb44f4686893b865003d12
---
src/shared/libfido2-util.c | 2 ++
src/shared/libfido2-util.h | 5 ++++-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/shared/libfido2-util.c b/src/shared/libfido2-util.c
index 12c644dcfc..6d18178b68 100644
--- a/src/shared/libfido2-util.c
+++ b/src/shared/libfido2-util.c
@@ -58,6 +58,7 @@ bool (*sym_fido_dev_is_fido2)(const fido_dev_t *) = NULL;
int (*sym_fido_dev_make_cred)(fido_dev_t *, fido_cred_t *, const char *) = NULL;
fido_dev_t* (*sym_fido_dev_new)(void) = NULL;
int (*sym_fido_dev_open)(fido_dev_t *, const char *) = NULL;
+int (*sym_fido_dev_close)(fido_dev_t *) = NULL;
const char* (*sym_fido_strerr)(int) = NULL;
int dlopen_libfido2(void) {
@@ -106,6 +107,7 @@ int dlopen_libfido2(void) {
DLSYM_ARG(fido_dev_make_cred),
DLSYM_ARG(fido_dev_new),
DLSYM_ARG(fido_dev_open),
+ DLSYM_ARG(fido_dev_close),
DLSYM_ARG(fido_strerr));
}
diff --git a/src/shared/libfido2-util.h b/src/shared/libfido2-util.h
index 5640cca5e3..4ebf8ab775 100644
--- a/src/shared/libfido2-util.h
+++ b/src/shared/libfido2-util.h
@@ -60,6 +60,7 @@ extern bool (*sym_fido_dev_is_fido2)(const fido_dev_t *);
extern int (*sym_fido_dev_make_cred)(fido_dev_t *, fido_cred_t *, const char *);
extern fido_dev_t* (*sym_fido_dev_new)(void);
extern int (*sym_fido_dev_open)(fido_dev_t *, const char *);
+extern int (*sym_fido_dev_close)(fido_dev_t *);
extern const char* (*sym_fido_strerr)(int);
int dlopen_libfido2(void);
@@ -75,8 +76,10 @@ static inline void fido_assert_free_wrapper(fido_assert_t **p) {
}
static inline void fido_dev_free_wrapper(fido_dev_t **p) {
- if (*p)
+ if (*p) {
+ sym_fido_dev_close(*p);
sym_fido_dev_free(p);
+ }
}
static inline void fido_cred_free_wrapper(fido_cred_t **p) {
--
2.33.0

44
backport-fileio-fix-truncated-read-handling-in-read_virtual_f.patch Normal file
View File

@ -0,0 +1,44 @@
From c9e0daf821b3e1e6504ca4c4e3a8b73513e28fa7 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 16 Sep 2021 12:20:09 +0200
Subject: [PATCH] fileio: fix truncated read handling in read_virtual_file()
We mishandled the case where the size we read from the file actually
matched the maximum size fully. In that case we cannot really make a
determination whether the file was fully read or only partially. In that
case let's do another loop, so that we operate with a buffer, and
we can detect the EOF (which will be signalled to us via a short read).
(cherry picked from commit 00bd9a4a82ed57bc0c7f158da4564fc1eab808b4)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/c9e0daf821b3e1e6504ca4c4e3a8b73513e28fa7
---
src/basic/fileio.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index 1046e5b9b4..6c8ebe63e0 100644
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -470,9 +470,14 @@ int read_virtual_file(const char *filename, size_t max_size, char **ret_contents
if (n <= size)
break;
- /* If a maximum size is specified and we already read as much, no need to try again */
- if (max_size != SIZE_MAX && n >= max_size) {
- n = max_size;
+ /* If a maximum size is specified and we already read more we know the file is larger, and
+ * can handle this as truncation case. Note that if the size of what we read equals the
+ * maximum size then this doesn't mean truncation, the file might or might not end on that
+ * byte. We need to rerun the loop in that case, with a larger buffer size, so that we read
+ * at least one more byte to be able to distinguish EOF from truncation. */
+ if (max_size != SIZE_MAX && n > max_size) {
+ n = size; /* Make sure we never use more than what we sized the buffer for (so that
+ * we have one free byte in it for the trailing NUL we add below).*/
truncated = true;
break;
}
--
2.33.0

71
backport-fileio-lower-maximum-virtual-file-buffer-size-by-one.patch Normal file
View File

@ -0,0 +1,71 @@
From feb68f6aad36930f0b0c6c70164287c5bc46b64c Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 14 Sep 2021 23:03:37 +0200
Subject: [PATCH] fileio: lower maximum virtual file buffer size by one byte
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When reading virtual files (i.e. procfs, sysfs, …) we currently put a
limit of 4M-1 on that. We have to pick something, and we have to read
these files in a single read() (since the kernel generally doesn't
support continuation read()s for them). 4M-1 is actually the maximum
size the kernel allows for reads from files in /proc/sys/, all larger
reads will result in an ENOMEM error (which is really weird, but the
kernel does what the kernel does). Hence 4M-1 sounds like a smart
choice.
However, we made one mistake here: in order to be able to detect EOFs
properly we actually read one byte more than we actually intend to
return: if that extra byte can be read, then we know the file is
actually larger than our limit and we can generate an EFBIG error from
that. However, if it cannot be read then we know EOF was hit, and we are
good. So ultimately after all we issued a single 4M read, which the
kernel then responds with ENOMEM to. And that means read_virtual_file()
actually doesn't work properly right now on /proc/sys/. Let's fix that.
The fix is simple, lower the limit of the the buffer we intend to return
by one, i.e. 4M-2. That way, the read() we'll issue is exactly as large
as the limit the kernel allows, and we still get safely detect EOF from
it.
(cherry picked from commit 7ab7547a40d456d34120b2f44b26385ac1338ebd)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/feb68f6aad36930f0b0c6c70164287c5bc46b64c
---
src/basic/fileio.c | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index 99a44fdea2..ba0ca98d72 100644
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -30,14 +30,16 @@
/* The maximum size of the file we'll read in one go in read_full_file() (64M). */
#define READ_FULL_BYTES_MAX (64U*1024U*1024U - 1U)
-/* The maximum size of virtual files we'll read in one go in read_virtual_file() (4M). Note that this limit
- * is different (and much lower) than the READ_FULL_BYTES_MAX limit. This reflects the fact that we use
- * different strategies for reading virtual and regular files: virtual files are generally size constrained:
- * there we allocate the full buffer size in advance. Regular files OTOH can be much larger, and here we grow
- * the allocations exponentially in a loop. In glibc large allocations are immediately backed by mmap()
- * making them relatively slow (measurably so). Thus, when allocating the full buffer in advance the large
- * limit is a problem. When allocating piecemeal it's not. Hence pick two distinct limits. */
-#define READ_VIRTUAL_BYTES_MAX (4U*1024U*1024U - 1U)
+/* The maximum size of virtual files (i.e. procfs, sysfs, and other virtual "API" files) we'll read in one go
+ * in read_virtual_file(). Note that this limit is different (and much lower) than the READ_FULL_BYTES_MAX
+ * limit. This reflects the fact that we use different strategies for reading virtual and regular files:
+ * virtual files we generally have to read in a single read() syscall since the kernel doesn't support
+ * continuation read()s for them. Thankfully they are somewhat size constrained. Thus we can allocate the
+ * full potential buffer in advance. Regular files OTOH can be much larger, and there we grow the allocations
+ * exponentially in a loop. We use a size limit of 4M-2 because 4M-1 is the maximum buffer that /proc/sys/
+ * allows us to read() (larger reads will fail with ENOMEM), and we want to read one extra byte so that we
+ * can detect EOFs. */
+#define READ_VIRTUAL_BYTES_MAX (4U*1024U*1024U - 2U)
int fopen_unlocked(const char *path, const char *options, FILE **ret) {
assert(ret);
--
2.33.0

32
backport-fileio-set-O_NOCTTY-when-reading-virtual-files.patch Normal file
View File

@ -0,0 +1,32 @@
From ca6c93956879e368e40bbf5a742fcb1689712d81 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 14 Sep 2021 23:11:55 +0200
Subject: [PATCH] fileio: set O_NOCTTY when reading virtual files
Better be safe than sorry, maybe someone points this call to a TTY one
day, and we'd rather not make it our controlling TTY in that case.
(cherry picked from commit be991d7678c35aa037ef79672c0c70781eebed9c)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/ca6c93956879e368e40bbf5a742fcb1689712d81
---
src/basic/fileio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index ba0ca98d72..39abf985eb 100644
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -395,7 +395,7 @@ int read_virtual_file(const char *filename, size_t max_size, char **ret_contents
* contents* may be returned. (Though the read is still done using one syscall.) Returns 0 on
* partial success, 1 if untruncated contents were read. */
- fd = open(filename, O_RDONLY|O_CLOEXEC);
+ fd = open(filename, O_RDONLY|O_NOCTTY|O_CLOEXEC);
if (fd < 0)
return -errno;
--
2.33.0

46
backport-fileio-start-with-4k-buffer-for-procfs.patch Normal file
View File

@ -0,0 +1,46 @@
From b3f5d2f4044751a4a741e033a9bc621ede573cb2 Mon Sep 17 00:00:00 2001
From: Anita Zhang <the.anitazha@gmail.com>
Date: Tue, 14 Sep 2021 16:33:10 -0700
Subject: [PATCH] fileio: start with 4k buffer for procfs
There's a very gradual increase of anonymous memory in systemd-journald that
blames to 2ac67221bb6270f0fbe7cbd0076653832cd49de2.
systemd-journald makes many calls to read /proc/PID/cmdline and
/proc/PID/status, both of which tend to be well under 4K. However the
combination of allocating 4M read buffers, then using `realloc()` to
shrink the buffer in `read_virtual_file()` appears to be creating
fragmentation in the heap (when combined with the other allocations
systemd-journald is doing).
To help mitigate this, try reading /proc with a 4K buffer as
`read_virtual_file()` did before 2ac67221bb6270f0fbe7cbd0076653832cd49de2.
If it isn't big enough then try again with the larger buffers.
(cherry picked from commit 5aaa55d841249f057fd69e50cf12a52e9781a6ce)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/b3f5d2f4044751a4a741e033a9bc621ede573cb2
---
src/basic/fileio.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index 39abf985eb..1046e5b9b4 100644
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -433,6 +433,11 @@ int read_virtual_file(const char *filename, size_t max_size, char **ret_contents
}
n_retries--;
+ } else if (n_retries > 1) {
+ /* Files in /proc are generally smaller than the page size so let's start with a page size
+ * buffer from malloc and only use the max buffer on the final try. */
+ size = MIN3(page_size() - 1, READ_VIRTUAL_BYTES_MAX, max_size);
+ n_retries = 1;
} else {
size = MIN(READ_VIRTUAL_BYTES_MAX, max_size);
n_retries = 0;
--
2.33.0

Some files were not shown because too many files have changed in this diff Show More