parent
9bb5664db2
commit
fd8050e7e5
@ -1 +1 @@
|
||||
SOURCES/systemd-250.tar.gz
|
||||
SOURCES/systemd-252.tar.gz
|
||||
|
@ -1 +1 @@
|
||||
3b9db821b29a577d004c8823f4ff7a054c81a39c SOURCES/systemd-250.tar.gz
|
||||
7c961dc6e8bb950825b85129f59dc80f4536cabb SOURCES/systemd-252.tar.gz
|
||||
|
@ -0,0 +1,78 @@
|
||||
From 87bf366c97be1c811c4bfdf80b48d6c3e35da76a Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Tue, 25 Oct 2022 19:55:08 +0200
|
||||
Subject: [PATCH] macro: Simply case macros for IN_SET
|
||||
|
||||
The CASE param would normally provide the operation for the compiler to
|
||||
do in this macro magic. But in this case CASE_F_1 was hardcoding the
|
||||
operation, making the parameter moot.
|
||||
This just removes the somewhat pointless parameter instead of fixing
|
||||
the one case. These macros are used for IN_SET case labels only and
|
||||
not named generically anyways.
|
||||
|
||||
(cherry picked from commit 790f4dda74d7ecdb4e57101a37cc9f2f9236bef6)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
src/fundamental/macro-fundamental.h | 43 ++++++++++++++---------------
|
||||
1 file changed, 21 insertions(+), 22 deletions(-)
|
||||
|
||||
diff --git a/src/fundamental/macro-fundamental.h b/src/fundamental/macro-fundamental.h
|
||||
index 2536c741c6..63f4c49e78 100644
|
||||
--- a/src/fundamental/macro-fundamental.h
|
||||
+++ b/src/fundamental/macro-fundamental.h
|
||||
@@ -251,33 +251,32 @@
|
||||
(UNIQ_T(X, xq) / UNIQ_T(Y, yq) + !!(UNIQ_T(X, xq) % UNIQ_T(Y, yq))); \
|
||||
})
|
||||
|
||||
-#define CASE_F(X) case X:
|
||||
-#define CASE_F_1(CASE, X) CASE_F(X)
|
||||
-#define CASE_F_2(CASE, X, ...) CASE(X) CASE_F_1(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_3(CASE, X, ...) CASE(X) CASE_F_2(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_4(CASE, X, ...) CASE(X) CASE_F_3(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_5(CASE, X, ...) CASE(X) CASE_F_4(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_6(CASE, X, ...) CASE(X) CASE_F_5(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_7(CASE, X, ...) CASE(X) CASE_F_6(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_8(CASE, X, ...) CASE(X) CASE_F_7(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_9(CASE, X, ...) CASE(X) CASE_F_8(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_10(CASE, X, ...) CASE(X) CASE_F_9(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_11(CASE, X, ...) CASE(X) CASE_F_10(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_12(CASE, X, ...) CASE(X) CASE_F_11(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_13(CASE, X, ...) CASE(X) CASE_F_12(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_14(CASE, X, ...) CASE(X) CASE_F_13(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_15(CASE, X, ...) CASE(X) CASE_F_14(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_16(CASE, X, ...) CASE(X) CASE_F_15(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_17(CASE, X, ...) CASE(X) CASE_F_16(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_18(CASE, X, ...) CASE(X) CASE_F_17(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_19(CASE, X, ...) CASE(X) CASE_F_18(CASE, __VA_ARGS__)
|
||||
-#define CASE_F_20(CASE, X, ...) CASE(X) CASE_F_19(CASE, __VA_ARGS__)
|
||||
+#define CASE_F_1(X) case X:
|
||||
+#define CASE_F_2(X, ...) case X: CASE_F_1( __VA_ARGS__)
|
||||
+#define CASE_F_3(X, ...) case X: CASE_F_2( __VA_ARGS__)
|
||||
+#define CASE_F_4(X, ...) case X: CASE_F_3( __VA_ARGS__)
|
||||
+#define CASE_F_5(X, ...) case X: CASE_F_4( __VA_ARGS__)
|
||||
+#define CASE_F_6(X, ...) case X: CASE_F_5( __VA_ARGS__)
|
||||
+#define CASE_F_7(X, ...) case X: CASE_F_6( __VA_ARGS__)
|
||||
+#define CASE_F_8(X, ...) case X: CASE_F_7( __VA_ARGS__)
|
||||
+#define CASE_F_9(X, ...) case X: CASE_F_8( __VA_ARGS__)
|
||||
+#define CASE_F_10(X, ...) case X: CASE_F_9( __VA_ARGS__)
|
||||
+#define CASE_F_11(X, ...) case X: CASE_F_10( __VA_ARGS__)
|
||||
+#define CASE_F_12(X, ...) case X: CASE_F_11( __VA_ARGS__)
|
||||
+#define CASE_F_13(X, ...) case X: CASE_F_12( __VA_ARGS__)
|
||||
+#define CASE_F_14(X, ...) case X: CASE_F_13( __VA_ARGS__)
|
||||
+#define CASE_F_15(X, ...) case X: CASE_F_14( __VA_ARGS__)
|
||||
+#define CASE_F_16(X, ...) case X: CASE_F_15( __VA_ARGS__)
|
||||
+#define CASE_F_17(X, ...) case X: CASE_F_16( __VA_ARGS__)
|
||||
+#define CASE_F_18(X, ...) case X: CASE_F_17( __VA_ARGS__)
|
||||
+#define CASE_F_19(X, ...) case X: CASE_F_18( __VA_ARGS__)
|
||||
+#define CASE_F_20(X, ...) case X: CASE_F_19( __VA_ARGS__)
|
||||
|
||||
#define GET_CASE_F(_1,_2,_3,_4,_5,_6,_7,_8,_9,_10,_11,_12,_13,_14,_15,_16,_17,_18,_19,_20,NAME,...) NAME
|
||||
#define FOR_EACH_MAKE_CASE(...) \
|
||||
GET_CASE_F(__VA_ARGS__,CASE_F_20,CASE_F_19,CASE_F_18,CASE_F_17,CASE_F_16,CASE_F_15,CASE_F_14,CASE_F_13,CASE_F_12,CASE_F_11, \
|
||||
CASE_F_10,CASE_F_9,CASE_F_8,CASE_F_7,CASE_F_6,CASE_F_5,CASE_F_4,CASE_F_3,CASE_F_2,CASE_F_1) \
|
||||
- (CASE_F,__VA_ARGS__)
|
||||
+ (__VA_ARGS__)
|
||||
|
||||
#define IN_SET(x, ...) \
|
||||
({ \
|
@ -0,0 +1,25 @@
|
||||
From 0c372e24bb30c25beccd76c071baca22258e71c9 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Wed, 26 Oct 2022 03:28:08 +0900
|
||||
Subject: [PATCH] macro: fix indentation
|
||||
|
||||
(cherry picked from commit e967926b092d8635b3da28fc4ca492009e32228f)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
src/fundamental/macro-fundamental.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/fundamental/macro-fundamental.h b/src/fundamental/macro-fundamental.h
|
||||
index 63f4c49e78..faab16ab31 100644
|
||||
--- a/src/fundamental/macro-fundamental.h
|
||||
+++ b/src/fundamental/macro-fundamental.h
|
||||
@@ -290,7 +290,7 @@
|
||||
switch (x) { \
|
||||
FOR_EACH_MAKE_CASE(__VA_ARGS__) \
|
||||
_found = true; \
|
||||
- break; \
|
||||
+ break; \
|
||||
default: \
|
||||
break; \
|
||||
} \
|
@ -0,0 +1,61 @@
|
||||
From 5ac8c56f111f2875467422c851a05891c0ec7d1b Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Mon, 31 Oct 2022 12:11:59 +0100
|
||||
Subject: [PATCH] test: add a couple of sanity tests for journalctl
|
||||
|
||||
(cherry picked from commit ca46781c5ffa3aaa7a8fb6f09976357d003c4aae)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/units/testsuite-04.sh | 38 ++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 38 insertions(+)
|
||||
|
||||
diff --git a/test/units/testsuite-04.sh b/test/units/testsuite-04.sh
|
||||
index b5468cbea4..fdc3273fea 100755
|
||||
--- a/test/units/testsuite-04.sh
|
||||
+++ b/test/units/testsuite-04.sh
|
||||
@@ -119,6 +119,44 @@ systemctl start silent-success
|
||||
journalctl --sync
|
||||
[[ -z "$(journalctl -b -q -u silent-success.service)" ]]
|
||||
|
||||
+# Exercise the matching machinery
|
||||
+SYSTEMD_LOG_LEVEL=debug journalctl -b -n 1 /dev/null /dev/zero /dev/null /dev/null /dev/null
|
||||
+journalctl -b -n 1 /bin/true /bin/false
|
||||
+journalctl -b -n 1 /bin/true + /bin/false
|
||||
+journalctl -b -n 1 -r --unit "systemd*"
|
||||
+
|
||||
+systemd-run --user -M "testuser@.host" /bin/echo hello
|
||||
+journalctl --sync
|
||||
+journalctl -b -n 1 -r --user-unit "*"
|
||||
+
|
||||
+(! journalctl -b /dev/lets-hope-this-doesnt-exist)
|
||||
+(! journalctl -b /dev/null /dev/zero /dev/this-also-shouldnt-exist)
|
||||
+(! journalctl -b --unit "this-unit-should-not-exist*")
|
||||
+
|
||||
+# Facilities & priorities
|
||||
+journalctl --facility help
|
||||
+journalctl --facility kern -n 1
|
||||
+journalctl --facility syslog --priority 0..3 -n 1
|
||||
+journalctl --facility syslog --priority 3..0 -n 1
|
||||
+journalctl --facility user --priority 0..0 -n 1
|
||||
+journalctl --facility daemon --priority warning -n 1
|
||||
+journalctl --facility daemon --priority warning..info -n 1
|
||||
+journalctl --facility daemon --priority notice..crit -n 1
|
||||
+journalctl --facility daemon --priority 5..crit -n 1
|
||||
+
|
||||
+(! journalctl --facility hopefully-an-unknown-facility)
|
||||
+(! journalctl --priority hello-world)
|
||||
+(! journalctl --priority 0..128)
|
||||
+(! journalctl --priority 0..systemd)
|
||||
+
|
||||
+# Other options
|
||||
+journalctl --disk-usage
|
||||
+journalctl --dmesg -n 1
|
||||
+journalctl --fields
|
||||
+journalctl --list-boots
|
||||
+journalctl --update-catalog
|
||||
+journalctl --list-catalog
|
||||
+
|
||||
# Add new tests before here, the journald restarts below
|
||||
# may make tests flappy.
|
||||
|
@ -0,0 +1,25 @@
|
||||
From b1a2687cf5b419d6928d024f26aabe1de8ff7727 Mon Sep 17 00:00:00 2001
|
||||
From: Luca Boccassi <bluca@debian.org>
|
||||
Date: Mon, 31 Oct 2022 21:17:47 +0000
|
||||
Subject: [PATCH] man: fix typo found by Lintian
|
||||
|
||||
(cherry picked from commit 84033dd40588dbf4f57a746c141fe7d111247a93)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
man/loader.conf.xml | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/man/loader.conf.xml b/man/loader.conf.xml
|
||||
index 3ee42cdb73..7f173aec61 100644
|
||||
--- a/man/loader.conf.xml
|
||||
+++ b/man/loader.conf.xml
|
||||
@@ -236,7 +236,7 @@
|
||||
|
||||
<para>The different sets of variables can be set up under <filename>/loader/keys/<replaceable>NAME</replaceable></filename>
|
||||
where <replaceable>NAME</replaceable> is the name that is going to be used as the name of the entry.
|
||||
- This allows to ship multiple sets of Secure Boot variables and choose which one to enroll at runtime.</para>
|
||||
+ This allows one to ship multiple sets of Secure Boot variables and choose which one to enroll at runtime.</para>
|
||||
|
||||
<para>Supported secure boot variables are one database for authorized images, one key exchange key (KEK)
|
||||
and one platform key (PK). For more information, refer to the <ulink url="https://uefi.org/specifications">UEFI specification</ulink>,
|
@ -0,0 +1,19 @@
|
||||
From 3d2fc0517d43ff2c5c6fc03ebb68ef9429be5fd4 Mon Sep 17 00:00:00 2001
|
||||
From: Luca Boccassi <bluca@debian.org>
|
||||
Date: Mon, 31 Oct 2022 21:18:53 +0000
|
||||
Subject: [PATCH] test: add +x to assert.sh
|
||||
|
||||
The script has a shebang and .sh extension, so make it executable
|
||||
|
||||
W: systemd-tests: script-not-executable [usr/lib/systemd/tests/testdata/units/assert.sh]
|
||||
(cherry picked from commit fb4f7271d9f75a44756b110706cdb53b82f407ce)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/units/assert.sh | 0
|
||||
1 file changed, 0 insertions(+), 0 deletions(-)
|
||||
mode change 100644 => 100755 test/units/assert.sh
|
||||
|
||||
diff --git a/test/units/assert.sh b/test/units/assert.sh
|
||||
old mode 100644
|
||||
new mode 100755
|
@ -0,0 +1,25 @@
|
||||
From a2cb8467652ca36bd5420dc685d5e6b76014c3e1 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Tue, 1 Nov 2022 13:10:20 +0900
|
||||
Subject: [PATCH] parse_hwdb: allow negative value for EVDEV_ABS_ properties
|
||||
|
||||
(cherry picked from commit f0b75cda5a3eac3fe953fd1a429a39e077387997)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
hwdb.d/parse_hwdb.py | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/hwdb.d/parse_hwdb.py b/hwdb.d/parse_hwdb.py
|
||||
index c0dde75650..5a1ae5a6a0 100755
|
||||
--- a/hwdb.d/parse_hwdb.py
|
||||
+++ b/hwdb.d/parse_hwdb.py
|
||||
@@ -202,7 +202,7 @@ def property_grammar():
|
||||
]
|
||||
abs_props = [Regex(r'EVDEV_ABS_[0-9a-f]{2}')('NAME')
|
||||
- Suppress('=') -
|
||||
- Word(nums + ':')('VALUE')
|
||||
+ Word('-' + nums + ':')('VALUE')
|
||||
]
|
||||
|
||||
grammar = Or(fixed_props + kbd_props + abs_props) + EOL
|
@ -0,0 +1,24 @@
|
||||
From 07aa3fcbb7b4e4cca7b2e9be6e038ab92bfc5fdc Mon Sep 17 00:00:00 2001
|
||||
From: Youfu Zhang <1315097+zhangyoufu@users.noreply.github.com>
|
||||
Date: Tue, 1 Nov 2022 13:18:25 +0800
|
||||
Subject: [PATCH] resolved: fix typo in feature level table
|
||||
|
||||
(cherry picked from commit 2ab0042854934827e61076c6e42c7381fdf78fdf)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
src/resolve/resolved-dns-server.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/resolve/resolved-dns-server.c b/src/resolve/resolved-dns-server.c
|
||||
index 9b74a8d6d8..04a4f53ed0 100644
|
||||
--- a/src/resolve/resolved-dns-server.c
|
||||
+++ b/src/resolve/resolved-dns-server.c
|
||||
@@ -1087,6 +1087,6 @@ static const char* const dns_server_feature_level_table[_DNS_SERVER_FEATURE_LEVE
|
||||
[DNS_SERVER_FEATURE_LEVEL_EDNS0] = "UDP+EDNS0",
|
||||
[DNS_SERVER_FEATURE_LEVEL_TLS_PLAIN] = "TLS+EDNS0",
|
||||
[DNS_SERVER_FEATURE_LEVEL_DO] = "UDP+EDNS0+DO",
|
||||
- [DNS_SERVER_FEATURE_LEVEL_TLS_DO] = "TLS+EDNS0+D0",
|
||||
+ [DNS_SERVER_FEATURE_LEVEL_TLS_DO] = "TLS+EDNS0+DO",
|
||||
};
|
||||
DEFINE_STRING_TABLE_LOOKUP(dns_server_feature_level, DnsServerFeatureLevel);
|
@ -0,0 +1,28 @@
|
||||
From a1f18876d5f7122c9f94af9a84f1324f50dba0ed Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Tue, 1 Nov 2022 09:43:32 +0100
|
||||
Subject: [PATCH] coverage: Mark _coverage__exit as noreturn
|
||||
|
||||
../src/basic/coverage.h:15:48: warning: function '_coverage__exit' could
|
||||
be declared with attribute 'noreturn' [-Wmissing-noreturn]
|
||||
|
||||
(cherry picked from commit 0bab5534b334677652bb69fe15eaa54ce84cbe7d)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
src/basic/coverage.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/basic/coverage.h b/src/basic/coverage.h
|
||||
index 3ef02cf70e..640bddc485 100644
|
||||
--- a/src/basic/coverage.h
|
||||
+++ b/src/basic/coverage.h
|
||||
@@ -12,7 +12,7 @@
|
||||
extern void _exit(int);
|
||||
extern void __gcov_dump(void);
|
||||
|
||||
-static inline void _coverage__exit(int status) {
|
||||
+static inline _Noreturn void _coverage__exit(int status) {
|
||||
__gcov_dump();
|
||||
_exit(status);
|
||||
}
|
@ -0,0 +1,154 @@
|
||||
From 6ab61ac93e534aec1ea4d16e77c1c355c8286e64 Mon Sep 17 00:00:00 2001
|
||||
From: Daan De Meyer <daan.j.demeyer@gmail.com>
|
||||
Date: Thu, 27 Oct 2022 13:14:12 +0200
|
||||
Subject: [PATCH] namespace: Add hidepid/subset support check
|
||||
|
||||
Using fsopen()/fsconfig(), we can check if hidepid/subset are supported to
|
||||
avoid the noisy logs from the kernel if they aren't supported. This works
|
||||
on centos/redhat 8 as well since they've backported fsopen()/fsconfig().
|
||||
|
||||
(cherry picked from commit 1c265fcd5963603d338233840129ecad8d9c1420)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
meson.build | 2 ++
|
||||
src/basic/missing_syscall.h | 40 +++++++++++++++++++++++++++++++
|
||||
src/core/namespace.c | 47 ++++++++++++++++++++++++++++++++-----
|
||||
3 files changed, 83 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/meson.build b/meson.build
|
||||
index 76ad51d3fb..7750534466 100644
|
||||
--- a/meson.build
|
||||
+++ b/meson.build
|
||||
@@ -606,6 +606,8 @@ foreach ident : [
|
||||
['mount_setattr', '''#include <sys/mount.h>'''],
|
||||
['move_mount', '''#include <sys/mount.h>'''],
|
||||
['open_tree', '''#include <sys/mount.h>'''],
|
||||
+ ['fsopen', '''#include <sys/mount.h>'''],
|
||||
+ ['fsconfig', '''#include <sys/mount.h>'''],
|
||||
['getdents64', '''#include <dirent.h>'''],
|
||||
]
|
||||
|
||||
diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h
|
||||
index 793d111c55..d54e59fdf9 100644
|
||||
--- a/src/basic/missing_syscall.h
|
||||
+++ b/src/basic/missing_syscall.h
|
||||
@@ -593,6 +593,46 @@ static inline int missing_move_mount(
|
||||
|
||||
/* ======================================================================= */
|
||||
|
||||
+#if !HAVE_FSOPEN
|
||||
+
|
||||
+#ifndef FSOPEN_CLOEXEC
|
||||
+#define FSOPEN_CLOEXEC 0x00000001
|
||||
+#endif
|
||||
+
|
||||
+static inline int missing_fsopen(const char *fsname, unsigned flags) {
|
||||
+# if defined __NR_fsopen && __NR_fsopen >= 0
|
||||
+ return syscall(__NR_fsopen, fsname, flags);
|
||||
+# else
|
||||
+ errno = ENOSYS;
|
||||
+ return -1;
|
||||
+# endif
|
||||
+}
|
||||
+
|
||||
+# define fsopen missing_fsopen
|
||||
+#endif
|
||||
+
|
||||
+/* ======================================================================= */
|
||||
+
|
||||
+#if !HAVE_FSCONFIG
|
||||
+
|
||||
+#ifndef FSCONFIG_SET_STRING
|
||||
+#define FSCONFIG_SET_STRING 1 /* Set parameter, supplying a string value */
|
||||
+#endif
|
||||
+
|
||||
+static inline int missing_fsconfig(int fd, unsigned cmd, const char *key, const void *value, int aux) {
|
||||
+# if defined __NR_fsconfig && __NR_fsconfig >= 0
|
||||
+ return syscall(__NR_fsconfig, fd, cmd, key, value, aux);
|
||||
+# else
|
||||
+ errno = ENOSYS;
|
||||
+ return -1;
|
||||
+# endif
|
||||
+}
|
||||
+
|
||||
+# define fsconfig missing_fsconfig
|
||||
+#endif
|
||||
+
|
||||
+/* ======================================================================= */
|
||||
+
|
||||
#if !HAVE_GETDENTS64
|
||||
|
||||
static inline ssize_t missing_getdents64(int fd, void *buffer, size_t length) {
|
||||
diff --git a/src/core/namespace.c b/src/core/namespace.c
|
||||
index c3cced7410..852be3bdde 100644
|
||||
--- a/src/core/namespace.c
|
||||
+++ b/src/core/namespace.c
|
||||
@@ -26,6 +26,7 @@
|
||||
#include "list.h"
|
||||
#include "loop-util.h"
|
||||
#include "loopback-setup.h"
|
||||
+#include "missing_syscall.h"
|
||||
#include "mkdir-label.h"
|
||||
#include "mount-util.h"
|
||||
#include "mountpoint-util.h"
|
||||
@@ -1073,6 +1074,27 @@ static int mount_sysfs(const MountEntry *m) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
+static bool mount_option_supported(const char *fstype, const char *key, const char *value) {
|
||||
+ _cleanup_close_ int fd = -1;
|
||||
+ int r;
|
||||
+
|
||||
+ /* This function assumes support by default. Only if the fsconfig() call fails with -EINVAL/-EOPNOTSUPP
|
||||
+ * will it report that the option/value is not supported. */
|
||||
+
|
||||
+ fd = fsopen(fstype, FSOPEN_CLOEXEC);
|
||||
+ if (fd < 0) {
|
||||
+ if (errno != ENOSYS)
|
||||
+ log_debug_errno(errno, "Failed to open superblock context for '%s': %m", fstype);
|
||||
+ return true; /* If fsopen() fails for whatever reason, assume the value is supported. */
|
||||
+ }
|
||||
+
|
||||
+ r = fsconfig(fd, FSCONFIG_SET_STRING, key, value, 0);
|
||||
+ if (r < 0 && !IN_SET(errno, EINVAL, EOPNOTSUPP, ENOSYS))
|
||||
+ log_debug_errno(errno, "Failed to set '%s=%s' on '%s' superblock context: %m", key, value, fstype);
|
||||
+
|
||||
+ return r >= 0 || !IN_SET(errno, EINVAL, EOPNOTSUPP);
|
||||
+}
|
||||
+
|
||||
static int mount_procfs(const MountEntry *m, const NamespaceInfo *ns_info) {
|
||||
_cleanup_free_ char *opts = NULL;
|
||||
const char *entry_path;
|
||||
@@ -1090,12 +1112,25 @@ static int mount_procfs(const MountEntry *m, const NamespaceInfo *ns_info) {
|
||||
* per-instance, we'll exclusively use the textual value for hidepid=, since support was
|
||||
* added in the same commit: if it's supported it is thus also per-instance. */
|
||||
|
||||
- opts = strjoin("hidepid=",
|
||||
- ns_info->protect_proc == PROTECT_PROC_DEFAULT ? "off" :
|
||||
- protect_proc_to_string(ns_info->protect_proc),
|
||||
- ns_info->proc_subset == PROC_SUBSET_PID ? ",subset=pid" : "");
|
||||
- if (!opts)
|
||||
- return -ENOMEM;
|
||||
+ const char *hpv = ns_info->protect_proc == PROTECT_PROC_DEFAULT ?
|
||||
+ "off" :
|
||||
+ protect_proc_to_string(ns_info->protect_proc);
|
||||
+
|
||||
+ /* hidepid= support was added in 5.8, so we can use fsconfig()/fsopen() (which were added in
|
||||
+ * 5.2) to check if hidepid= is supported. This avoids a noisy dmesg log by the kernel when
|
||||
+ * trying to use hidepid= on systems where it isn't supported. The same applies for subset=.
|
||||
+ * fsopen()/fsconfig() was also backported on some distros which allows us to detect
|
||||
+ * hidepid=/subset= support in even more scenarios. */
|
||||
+
|
||||
+ if (mount_option_supported("proc", "hidepid", hpv)) {
|
||||
+ opts = strjoin("hidepid=", hpv);
|
||||
+ if (!opts)
|
||||
+ return -ENOMEM;
|
||||
+ }
|
||||
+
|
||||
+ if (ns_info->proc_subset == PROC_SUBSET_PID && mount_option_supported("proc", "subset", "pid"))
|
||||
+ if (!strextend_with_separator(&opts, ",", "subset=pid"))
|
||||
+ return -ENOMEM;
|
||||
}
|
||||
|
||||
entry_path = mount_entry_path(m);
|
@ -0,0 +1,75 @@
|
||||
From 07f188e9ca17345af904e6549c03b1c57d34405a Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Tue, 1 Nov 2022 09:17:58 +0100
|
||||
Subject: [PATCH] test: add a couple of sanity tests for loginctl
|
||||
|
||||
(cherry picked from commit 70e9066bc2eaf159e9cde7d95bbee99e44f3045a)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/units/testsuite-35.sh | 45 ++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 45 insertions(+)
|
||||
|
||||
diff --git a/test/units/testsuite-35.sh b/test/units/testsuite-35.sh
|
||||
index 4ef0f0c11c..85925f2471 100755
|
||||
--- a/test/units/testsuite-35.sh
|
||||
+++ b/test/units/testsuite-35.sh
|
||||
@@ -338,6 +338,50 @@ EOF
|
||||
assert_eq "$(loginctl --no-legend | awk '$3=="logind-test-user" { print $5 }')" "tty2"
|
||||
}
|
||||
|
||||
+test_sanity_check() {
|
||||
+ # Exercise basic loginctl options
|
||||
+
|
||||
+ if [[ ! -c /dev/tty2 ]]; then
|
||||
+ echo "/dev/tty2 does not exist, skipping test ${FUNCNAME[0]}."
|
||||
+ return
|
||||
+ fi
|
||||
+
|
||||
+ trap cleanup_session RETURN
|
||||
+ create_session
|
||||
+
|
||||
+ # Run most of the loginctl commands from a user session to make
|
||||
+ # the seat/session autodetection work-ish
|
||||
+ systemd-run --user --pipe --wait -M "logind-test-user@.host" bash -eux <<\EOF
|
||||
+ loginctl list-sessions
|
||||
+ loginctl session-status
|
||||
+ loginctl show-session
|
||||
+ loginctl show-session -P DelayInhibited
|
||||
+
|
||||
+ # We're not in the same session scope, so in this case we need to specify
|
||||
+ # the session ID explicitly
|
||||
+ session=$(loginctl --no-legend | awk '$3 == "logind-test-user" { print $1; exit; }')
|
||||
+ loginctl kill-session --signal=SIGCONT "$session"
|
||||
+ # FIXME(?)
|
||||
+ #loginctl kill-session --signal=SIGCONT --kill-who=leader "$session"
|
||||
+
|
||||
+ loginctl list-users
|
||||
+ loginctl user-status
|
||||
+ loginctl show-user -a
|
||||
+ loginctl show-user -P IdleAction
|
||||
+ loginctl kill-user --signal=SIGCONT ""
|
||||
+
|
||||
+ loginctl list-seats
|
||||
+ loginctl seat-status
|
||||
+ loginctl show-seat
|
||||
+ loginctl show-seat -P IdleActionUSec
|
||||
+EOF
|
||||
+
|
||||
+ # Requires root privileges
|
||||
+ loginctl lock-sessions
|
||||
+ loginctl unlock-sessions
|
||||
+ loginctl flush-devices
|
||||
+}
|
||||
+
|
||||
test_session() {
|
||||
local dev
|
||||
|
||||
@@ -537,6 +581,7 @@ test_properties
|
||||
test_started
|
||||
test_suspend_on_lid
|
||||
test_shutdown
|
||||
+test_sanity_check
|
||||
test_session
|
||||
test_lock_idle_action
|
||||
test_session_properties
|
@ -0,0 +1,48 @@
|
||||
From 66a9a36c3bcd5709c30ac1f2be998eea034a9f6d Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Tue, 1 Nov 2022 17:53:42 +0100
|
||||
Subject: [PATCH] test: rename TEST-26-SETENV to TEST-26-SYSTEMCTL
|
||||
|
||||
(cherry picked from commit c5c258ae0a4a0cfc829ed07ff96c7fab79b6ca71)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/{TEST-26-SETENV => TEST-26-SYSTEMCTL}/Makefile | 0
|
||||
test/{TEST-26-SETENV => TEST-26-SYSTEMCTL}/test.sh | 2 +-
|
||||
test/units/testsuite-26.service | 2 +-
|
||||
3 files changed, 2 insertions(+), 2 deletions(-)
|
||||
rename test/{TEST-26-SETENV => TEST-26-SYSTEMCTL}/Makefile (100%)
|
||||
rename test/{TEST-26-SETENV => TEST-26-SYSTEMCTL}/test.sh (79%)
|
||||
|
||||
diff --git a/test/TEST-26-SETENV/Makefile b/test/TEST-26-SYSTEMCTL/Makefile
|
||||
similarity index 100%
|
||||
rename from test/TEST-26-SETENV/Makefile
|
||||
rename to test/TEST-26-SYSTEMCTL/Makefile
|
||||
diff --git a/test/TEST-26-SETENV/test.sh b/test/TEST-26-SYSTEMCTL/test.sh
|
||||
similarity index 79%
|
||||
rename from test/TEST-26-SETENV/test.sh
|
||||
rename to test/TEST-26-SYSTEMCTL/test.sh
|
||||
index b38e37bfce..64accf850f 100755
|
||||
--- a/test/TEST-26-SETENV/test.sh
|
||||
+++ b/test/TEST-26-SYSTEMCTL/test.sh
|
||||
@@ -2,7 +2,7 @@
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
set -e
|
||||
|
||||
-TEST_DESCRIPTION="test setenv"
|
||||
+TEST_DESCRIPTION="systemctl-related tests"
|
||||
|
||||
# shellcheck source=test/test-functions
|
||||
. "${TEST_BASE_DIR:?}/test-functions"
|
||||
diff --git a/test/units/testsuite-26.service b/test/units/testsuite-26.service
|
||||
index aa553b61a6..d8fdaffb06 100644
|
||||
--- a/test/units/testsuite-26.service
|
||||
+++ b/test/units/testsuite-26.service
|
||||
@@ -1,6 +1,6 @@
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
[Unit]
|
||||
-Description=TEST-26-SETENV
|
||||
+Description=TEST-26-SYSTEMCTL
|
||||
|
||||
[Service]
|
||||
ExecStartPre=rm -f /failed /testok
|
@ -0,0 +1,251 @@
|
||||
From 680d2b33d3b2a0bed17c2c1594690155bdb910bb Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Tue, 1 Nov 2022 20:47:37 +0100
|
||||
Subject: [PATCH] test: add a couple of sanity tests for systemctl
|
||||
|
||||
(cherry picked from commit d16684fe13e1d56e55df19b57b6c01b9a9303086)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/units/testsuite-26.sh | 209 +++++++++++++++++++++++++++++++++++--
|
||||
1 file changed, 202 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/test/units/testsuite-26.sh b/test/units/testsuite-26.sh
|
||||
index ad08415317..b83f85917b 100755
|
||||
--- a/test/units/testsuite-26.sh
|
||||
+++ b/test/units/testsuite-26.sh
|
||||
@@ -3,32 +3,227 @@
|
||||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
+at_exit() {
|
||||
+ if [[ -v UNIT_NAME && -e "/usr/lib/systemd/system/$UNIT_NAME" ]]; then
|
||||
+ rm -fv "/usr/lib/systemd/system/$UNIT_NAME"
|
||||
+ fi
|
||||
+}
|
||||
+
|
||||
+trap at_exit EXIT
|
||||
+
|
||||
+# Create a simple unit file for testing
|
||||
+# Note: the service file is created under /usr on purpose to test
|
||||
+# the 'revert' verb as well
|
||||
+UNIT_NAME="systemctl-test-$RANDOM.service"
|
||||
+cat >"/usr/lib/systemd/system/$UNIT_NAME" <<\EOF
|
||||
+[Unit]
|
||||
+Description=systemctl test
|
||||
+
|
||||
+[Service]
|
||||
+ExecStart=sleep infinity
|
||||
+ExecReload=true
|
||||
+
|
||||
+# For systemctl clean
|
||||
+CacheDirectory=%n
|
||||
+ConfigurationDirectory=%n
|
||||
+LogsDirectory=%n
|
||||
+RuntimeDirectory=%n
|
||||
+StateDirectory=%n
|
||||
+
|
||||
+[Install]
|
||||
+WantedBy=multi-user.target
|
||||
+EOF
|
||||
+
|
||||
+# Configure the preset setting for the unit file
|
||||
+mkdir /run/systemd/system-preset/
|
||||
+echo "disable $UNIT_NAME" >/run/systemd/system-preset/99-systemd-test.preset
|
||||
+
|
||||
+systemctl daemon-reload
|
||||
+
|
||||
+# Argument help
|
||||
+systemctl --state help
|
||||
+systemctl --signal help
|
||||
+systemctl --type help
|
||||
+
|
||||
+# list-dependencies
|
||||
+systemctl list-dependencies systemd-journald
|
||||
+systemctl list-dependencies --after systemd-journald
|
||||
+systemctl list-dependencies --before systemd-journald
|
||||
+systemctl list-dependencies --after --reverse systemd-journald
|
||||
+systemctl list-dependencies --before --reverse systemd-journald
|
||||
+systemctl list-dependencies --plain systemd-journald
|
||||
+
|
||||
+# list-* verbs
|
||||
+systemctl list-units
|
||||
+systemctl list-units --recursive
|
||||
+systemctl list-units --type=socket
|
||||
+systemctl list-units --type=service,timer
|
||||
+systemctl list-units --legend=yes -a "systemd-*"
|
||||
+systemctl list-units --state=active
|
||||
+systemctl list-units --with-dependencies systemd-journald.service
|
||||
+systemctl list-units --with-dependencies --after systemd-journald.service
|
||||
+systemctl list-units --with-dependencies --before --reverse systemd-journald.service
|
||||
+systemctl list-sockets
|
||||
+systemctl list-sockets --legend=no -a "*journal*"
|
||||
+systemctl list-sockets --show-types
|
||||
+systemctl list-sockets --state=listening
|
||||
+systemctl list-timers -a -l
|
||||
+systemctl list-unit-files
|
||||
+systemctl list-unit-files "*journal*"
|
||||
+systemctl list-jobs
|
||||
+systemctl list-jobs --after
|
||||
+systemctl list-jobs --before
|
||||
+systemctl list-jobs --after --before
|
||||
+systemctl list-jobs "*"
|
||||
+
|
||||
+# Basic service management
|
||||
+systemctl start --show-transaction "$UNIT_NAME"
|
||||
+systemctl status -n 5 "$UNIT_NAME"
|
||||
+systemctl is-active "$UNIT_NAME"
|
||||
+systemctl reload -T "$UNIT_NAME"
|
||||
+systemctl restart -T "$UNIT_NAME"
|
||||
+systemctl try-restart --show-transaction "$UNIT_NAME"
|
||||
+systemctl try-reload-or-restart --show-transaction "$UNIT_NAME"
|
||||
+systemctl kill "$UNIT_NAME"
|
||||
+(! systemctl is-active "$UNIT_NAME")
|
||||
+systemctl restart "$UNIT_NAME"
|
||||
+systemctl is-active "$UNIT_NAME"
|
||||
+systemctl restart "$UNIT_NAME"
|
||||
+systemctl stop "$UNIT_NAME"
|
||||
+(! systemctl is-active "$UNIT_NAME")
|
||||
+
|
||||
+# enable/disable/preset
|
||||
+(! systemctl is-enabled "$UNIT_NAME")
|
||||
+systemctl enable "$UNIT_NAME"
|
||||
+systemctl is-enabled -l "$UNIT_NAME"
|
||||
+# We created a preset file for this unit above with a "disable" policy
|
||||
+systemctl preset "$UNIT_NAME"
|
||||
+(! systemctl is-enabled "$UNIT_NAME")
|
||||
+systemctl reenable "$UNIT_NAME"
|
||||
+systemctl is-enabled "$UNIT_NAME"
|
||||
+systemctl preset --preset-mode=enable-only "$UNIT_NAME"
|
||||
+systemctl is-enabled "$UNIT_NAME"
|
||||
+systemctl preset --preset-mode=disable-only "$UNIT_NAME"
|
||||
+(! systemctl is-enabled "$UNIT_NAME")
|
||||
+systemctl enable --runtime "$UNIT_NAME"
|
||||
+[[ -e "/run/systemd/system/multi-user.target.wants/$UNIT_NAME" ]]
|
||||
+systemctl is-enabled "$UNIT_NAME"
|
||||
+systemctl disable "$UNIT_NAME"
|
||||
+# The unit should be still enabled, as we didn't use the --runtime switch
|
||||
+systemctl is-enabled "$UNIT_NAME"
|
||||
+systemctl disable --runtime "$UNIT_NAME"
|
||||
+(! systemctl is-enabled "$UNIT_NAME")
|
||||
+
|
||||
+# mask/unmask/revert
|
||||
+systemctl disable "$UNIT_NAME"
|
||||
+[[ "$(systemctl is-enabled "$UNIT_NAME")" == disabled ]]
|
||||
+systemctl mask "$UNIT_NAME"
|
||||
+[[ "$(systemctl is-enabled "$UNIT_NAME")" == masked ]]
|
||||
+systemctl unmask "$UNIT_NAME"
|
||||
+[[ "$(systemctl is-enabled "$UNIT_NAME")" == disabled ]]
|
||||
+systemctl mask "$UNIT_NAME"
|
||||
+[[ "$(systemctl is-enabled "$UNIT_NAME")" == masked ]]
|
||||
+systemctl revert "$UNIT_NAME"
|
||||
+[[ "$(systemctl is-enabled "$UNIT_NAME")" == disabled ]]
|
||||
+systemctl mask --runtime "$UNIT_NAME"
|
||||
+[[ "$(systemctl is-enabled "$UNIT_NAME")" == masked-runtime ]]
|
||||
+# This should be a no-op without the --runtime switch
|
||||
+systemctl unmask "$UNIT_NAME"
|
||||
+[[ "$(systemctl is-enabled "$UNIT_NAME")" == masked-runtime ]]
|
||||
+systemctl unmask --runtime "$UNIT_NAME"
|
||||
+[[ "$(systemctl is-enabled "$UNIT_NAME")" == disabled ]]
|
||||
+
|
||||
+# add-wants/add-requires
|
||||
+(! systemctl show -P Wants "$UNIT_NAME" | grep "systemd-journald.service")
|
||||
+systemctl add-wants "$UNIT_NAME" "systemd-journald.service"
|
||||
+systemctl show -P Wants "$UNIT_NAME" | grep "systemd-journald.service"
|
||||
+(! systemctl show -P Requires "$UNIT_NAME" | grep "systemd-journald.service")
|
||||
+systemctl add-requires "$UNIT_NAME" "systemd-journald.service"
|
||||
+systemctl show -P Requires "$UNIT_NAME" | grep "systemd-journald.service"
|
||||
+
|
||||
+# set-property
|
||||
+systemctl set-property "$UNIT_NAME" IPAccounting=yes MemoryMax=1234567
|
||||
+systemctl cat "$UNIT_NAME"
|
||||
+# These properties should be saved to a persistent storage
|
||||
+grep -r "IPAccounting=yes" "/etc/systemd/system.control/${UNIT_NAME}.d/"
|
||||
+grep -r "MemoryMax=1234567" "/etc/systemd/system.control/${UNIT_NAME}.d"
|
||||
+systemctl revert "$UNIT_NAME"
|
||||
+(! grep -r "IPAccounting=" "/etc/systemd/system.control/${UNIT_NAME}.d/")
|
||||
+(! grep -r "MemoryMax=" "/etc/systemd/system.control/${UNIT_NAME}.d/")
|
||||
+# Same stuff, but with --runtime, which should use /run
|
||||
+systemctl set-property --runtime "$UNIT_NAME" CPUAccounting=no CPUQuota=10%
|
||||
+systemctl cat "$UNIT_NAME"
|
||||
+grep -r "CPUAccounting=no" "/run/systemd/system.control/${UNIT_NAME}.d/"
|
||||
+grep -r "CPUQuota=10%" "/run/systemd/system.control/${UNIT_NAME}.d/"
|
||||
+systemctl revert "$UNIT_NAME"
|
||||
+(! grep -r "CPUAccounting=" "/run/systemd/system.control/${UNIT_NAME}.d/")
|
||||
+(! grep -r "CPUQuota=" "/run/systemd/system.control/${UNIT_NAME}.d/")
|
||||
+
|
||||
+# Failed-unit related tests
|
||||
+systemd-run --unit "failed.service" /bin/false
|
||||
+systemctl is-failed failed.service
|
||||
+systemctl --state=failed | grep failed.service
|
||||
+systemctl --failed | grep failed.service
|
||||
+systemctl reset-failed "fail*.service"
|
||||
+(! systemctl is-failed failed.service)
|
||||
+
|
||||
+# clean
|
||||
+systemctl restart "$UNIT_NAME"
|
||||
+systemctl stop "$UNIT_NAME"
|
||||
+# Check if the directories from *Directory= directives exist
|
||||
+# (except RuntimeDirectory= in /run, which is removed when the unit is stopped)
|
||||
+for path in /var/lib /var/cache /var/log /etc; do
|
||||
+ [[ -e "$path/$UNIT_NAME" ]]
|
||||
+done
|
||||
+# Run the cleanup
|
||||
+for what in "" configuration state cache logs runtime all; do
|
||||
+ systemctl clean ${what:+--what="$what"} "$UNIT_NAME"
|
||||
+done
|
||||
+# All respective directories should be removed
|
||||
+for path in /run /var/lib /var/cache /var/log /etc; do
|
||||
+ [[ ! -e "$path/$UNIT_NAME" ]]
|
||||
+done
|
||||
+
|
||||
+# --timestamp
|
||||
+for value in pretty us µs utc us+utc µs+utc; do
|
||||
+ systemctl show -P KernelTimestamp --timestamp="$value"
|
||||
+done
|
||||
+
|
||||
+# Aux verbs & assorted checks
|
||||
+systemctl is-active "*-journald.service"
|
||||
+systemctl cat "*journal*"
|
||||
+systemctl cat "$UNIT_NAME"
|
||||
+systemctl help "$UNIT_NAME"
|
||||
+
|
||||
+# show/set-environment
|
||||
# Make sure PATH is set
|
||||
systemctl show-environment | grep -q '^PATH='
|
||||
-
|
||||
# Let's add an entry and override a built-in one
|
||||
systemctl set-environment PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/testaddition FOO=BAR
|
||||
-
|
||||
# Check that both are set
|
||||
systemctl show-environment | grep -q '^PATH=.*testaddition$'
|
||||
systemctl show-environment | grep -q '^FOO=BAR$'
|
||||
-
|
||||
systemctl daemon-reload
|
||||
-
|
||||
# Check again after the reload
|
||||
systemctl show-environment | grep -q '^PATH=.*testaddition$'
|
||||
systemctl show-environment | grep -q '^FOO=BAR$'
|
||||
-
|
||||
# Check that JSON output is supported
|
||||
systemctl show-environment --output=json | grep -q '^{.*"FOO":"BAR".*}$'
|
||||
-
|
||||
# Drop both
|
||||
systemctl unset-environment FOO PATH
|
||||
-
|
||||
# Check that one is gone and the other reverted to the built-in
|
||||
systemctl show-environment | grep '^FOO=$' && exit 1
|
||||
systemctl show-environment | grep '^PATH=.*testaddition$' && exit 1
|
||||
systemctl show-environment | grep -q '^PATH='
|
||||
+# Check import-environment
|
||||
+export IMPORT_THIS=hello
|
||||
+export IMPORT_THIS_TOO=world
|
||||
+systemctl import-environment IMPORT_THIS IMPORT_THIS_TOO
|
||||
+systemctl show-environment | grep "^IMPORT_THIS=$IMPORT_THIS"
|
||||
+systemctl show-environment | grep "^IMPORT_THIS_TOO=$IMPORT_THIS_TOO"
|
||||
+systemctl unset-environment IMPORT_THIS IMPORT_THIS_TOO
|
||||
+(! systemctl show-environment | grep "^IMPORT_THIS=")
|
||||
+(! systemctl show-environment | grep "^IMPORT_THIS_TOO=")
|
||||
|
||||
echo OK >/testok
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,49 @@
|
||||
From a9424191821c8c967edd7dd92a19d02ff5bbca87 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Wed, 2 Nov 2022 07:06:46 +0900
|
||||
Subject: [PATCH] core: fix memleak in GetUnitFileLinks method
|
||||
|
||||
(cherry picked from commit a12ba535fa677e642c7ba19e81062ed6e9365ceb)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
src/core/dbus-manager.c | 16 +++++++++++-----
|
||||
1 file changed, 11 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
|
||||
index 919aa58cde..88f098ec86 100644
|
||||
--- a/src/core/dbus-manager.c
|
||||
+++ b/src/core/dbus-manager.c
|
||||
@@ -2647,21 +2647,27 @@ static int method_get_unit_file_links(sd_bus_message *message, void *userdata, s
|
||||
(runtime ? UNIT_FILE_RUNTIME : 0);
|
||||
|
||||
r = unit_file_disable(LOOKUP_SCOPE_SYSTEM, flags, NULL, p, &changes, &n_changes);
|
||||
- if (r < 0)
|
||||
- return log_error_errno(r, "Failed to get file links for %s: %m", name);
|
||||
+ if (r < 0) {
|
||||
+ log_error_errno(r, "Failed to get file links for %s: %m", name);
|
||||
+ goto finish;
|
||||
+ }
|
||||
|
||||
for (i = 0; i < n_changes; i++)
|
||||
if (changes[i].type == INSTALL_CHANGE_UNLINK) {
|
||||
r = sd_bus_message_append(reply, "s", changes[i].path);
|
||||
if (r < 0)
|
||||
- return r;
|
||||
+ goto finish;
|
||||
}
|
||||
|
||||
r = sd_bus_message_close_container(reply);
|
||||
if (r < 0)
|
||||
- return r;
|
||||
+ goto finish;
|
||||
|
||||
- return sd_bus_send(NULL, reply, NULL);
|
||||
+ r = sd_bus_send(NULL, reply, NULL);
|
||||
+
|
||||
+finish:
|
||||
+ install_changes_free(changes, n_changes);
|
||||
+ return r;
|
||||
}
|
||||
|
||||
static int method_get_job_waiting(sd_bus_message *message, void *userdata, sd_bus_error *error) {
|
@ -0,0 +1,42 @@
|
||||
From ada95dd4f4c0014815a2c3162de6297107569b05 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Wed, 2 Nov 2022 11:48:23 +0100
|
||||
Subject: [PATCH] man: use the correct 'Markers' property name for marking
|
||||
units
|
||||
|
||||
Follow-up to c9615f7352 and 70666e28a1.
|
||||
|
||||
(cherry picked from commit 1ca1bb03dec9ae3e8d734bd40eeb60210ffd7a0a)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
man/org.freedesktop.systemd1.xml | 2 +-
|
||||
man/systemctl.xml | 2 +-
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml
|
||||
index cbd552bd99..5e08b35234 100644
|
||||
--- a/man/org.freedesktop.systemd1.xml
|
||||
+++ b/man/org.freedesktop.systemd1.xml
|
||||
@@ -1250,7 +1250,7 @@ node /org/freedesktop/systemd1 {
|
||||
"ReloadOrRestart" flavors attempt a reload if the unit supports it and use a restart otherwise.</para>
|
||||
|
||||
<para><function>EnqueueMarkedJobs()</function> creates reload/restart jobs for units which have been
|
||||
- appropriately marked, see <varname>Marks</varname> property above. This is equivalent to calling
|
||||
+ appropriately marked, see <varname>Markers</varname> property above. This is equivalent to calling
|
||||
<function>TryRestartUnit()</function> or <function>ReloadOrTryRestartUnit()</function> for the marked
|
||||
units.</para>
|
||||
|
||||
diff --git a/man/systemctl.xml b/man/systemctl.xml
|
||||
index 4d4f6c3992..997925892d 100644
|
||||
--- a/man/systemctl.xml
|
||||
+++ b/man/systemctl.xml
|
||||
@@ -2386,7 +2386,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
|
||||
<listitem><para>Only allowed with <command>reload-or-restart</command>. Enqueues restart jobs for all
|
||||
units that have the <literal>needs-restart</literal> mark, and reload jobs for units that have the
|
||||
<literal>needs-reload</literal> mark. When a unit marked for reload does not support reload, restart
|
||||
- will be queued. Those properties can be set using <command>set-property Marks</command>.</para>
|
||||
+ will be queued. Those properties can be set using <command>set-property Markers=…</command>.</para>
|
||||
|
||||
<para>Unless <option>--no-block</option> is used, <command>systemctl</command> will wait for the
|
||||
queued jobs to finish.</para></listitem>
|
@ -0,0 +1,115 @@
|
||||
From cce2e337e37524df5ff81e758dbcfa91bf8b696a Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Wed, 2 Nov 2022 11:44:00 +0100
|
||||
Subject: [PATCH] test: further extend systemctl's sanity coverage
|
||||
|
||||
Also, fix a race condition introduced by d16684fe13:
|
||||
```
|
||||
[ 16.904218] H testsuite-26.sh[394]: + systemd-run --unit failed.service /bin/false
|
||||
[ 16.964783] H systemd[845]: failed.service: Executing: /bin/false
|
||||
[ 16.965062] H systemd[1]: Started failed.service.
|
||||
[ 16.965462] H testsuite-26.sh[844]: Running as unit: failed.service
|
||||
[ 16.966390] H testsuite-26.sh[394]: + systemctl is-failed failed.service
|
||||
[ 16.977970] H testsuite-26.sh[846]: active
|
||||
[ 16.978403] H systemd[1]: failed.service: Main process exited, code=exited, status=1/FAILURE
|
||||
[ 16.978478] H systemd[1]: failed.service: Failed with result 'exit-code'.
|
||||
```
|
||||
|
||||
(cherry picked from commit 23f3a6f5ff864fd26063c6c35fdaa6d85de566c7)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/units/testsuite-26.sh | 61 +++++++++++++++++++++++++++++++++++++-
|
||||
1 file changed, 60 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/test/units/testsuite-26.sh b/test/units/testsuite-26.sh
|
||||
index b83f85917b..7c7a12b1ae 100755
|
||||
--- a/test/units/testsuite-26.sh
|
||||
+++ b/test/units/testsuite-26.sh
|
||||
@@ -58,6 +58,9 @@ systemctl list-units
|
||||
systemctl list-units --recursive
|
||||
systemctl list-units --type=socket
|
||||
systemctl list-units --type=service,timer
|
||||
+# Compat: --type= allows load states for compatibility reasons
|
||||
+systemctl list-units --type=loaded
|
||||
+systemctl list-units --type=loaded,socket
|
||||
systemctl list-units --legend=yes -a "systemd-*"
|
||||
systemctl list-units --state=active
|
||||
systemctl list-units --with-dependencies systemd-journald.service
|
||||
@@ -160,7 +163,7 @@ systemctl revert "$UNIT_NAME"
|
||||
(! grep -r "CPUQuota=" "/run/systemd/system.control/${UNIT_NAME}.d/")
|
||||
|
||||
# Failed-unit related tests
|
||||
-systemd-run --unit "failed.service" /bin/false
|
||||
+(! systemd-run --wait --unit "failed.service" /bin/false)
|
||||
systemctl is-failed failed.service
|
||||
systemctl --state=failed | grep failed.service
|
||||
systemctl --failed | grep failed.service
|
||||
@@ -189,11 +192,67 @@ for value in pretty us µs utc us+utc µs+utc; do
|
||||
systemctl show -P KernelTimestamp --timestamp="$value"
|
||||
done
|
||||
|
||||
+# set-default/get-default
|
||||
+target="$(systemctl get-default)"
|
||||
+systemctl set-default emergency.target
|
||||
+[[ "$(systemctl get-default)" == emergency.target ]]
|
||||
+systemctl set-default "$target"
|
||||
+[[ "$(systemctl get-default)" == "$target" ]]
|
||||
+
|
||||
+# show/status
|
||||
+systemctl show --property ""
|
||||
+# Pick a heavily sandboxed unit for the best effect on coverage
|
||||
+systemctl show systemd-logind.service
|
||||
+systemctl status
|
||||
+# Ignore the exit code in this case, as it might try to load non-existing units
|
||||
+systemctl status -a >/dev/null || :
|
||||
+systemctl status -a --state active,running,plugged >/dev/null
|
||||
+systemctl status "systemd-*.timer"
|
||||
+systemctl status "systemd-journald*.socket"
|
||||
+systemctl status "sys-devices-*-ttyS0.device"
|
||||
+systemctl status -- -.mount
|
||||
+
|
||||
+# --marked
|
||||
+systemctl restart "$UNIT_NAME"
|
||||
+systemctl set-property "$UNIT_NAME" Markers=needs-restart
|
||||
+systemctl show -P Markers "$UNIT_NAME" | grep needs-restart
|
||||
+systemctl reload-or-restart --marked
|
||||
+(! systemctl show -P Markers "$UNIT_NAME" | grep needs-restart)
|
||||
+
|
||||
+# --dry-run with destructive verbs
|
||||
+# kexec is skipped intentionally, as it requires a bit more involved setup
|
||||
+VERBS=(
|
||||
+ default
|
||||
+ emergency
|
||||
+ exit
|
||||
+ halt
|
||||
+ hibernate
|
||||
+ hybrid-sleep
|
||||
+ poweroff
|
||||
+ reboot
|
||||
+ rescue
|
||||
+ suspend
|
||||
+ suspend-then-hibernate
|
||||
+)
|
||||
+
|
||||
+for verb in "${VERBS[@]}"; do
|
||||
+ systemctl --dry-run "$verb"
|
||||
+
|
||||
+ if [[ "$verb" =~ (halt|poweroff|reboot) ]]; then
|
||||
+ systemctl --dry-run --message "Hello world" "$verb"
|
||||
+ systemctl --dry-run --no-wall "$verb"
|
||||
+ systemctl --dry-run -f "$verb"
|
||||
+ systemctl --dry-run -ff "$verb"
|
||||
+ fi
|
||||
+done
|
||||
+
|
||||
# Aux verbs & assorted checks
|
||||
systemctl is-active "*-journald.service"
|
||||
systemctl cat "*journal*"
|
||||
systemctl cat "$UNIT_NAME"
|
||||
systemctl help "$UNIT_NAME"
|
||||
+systemctl service-watchdogs
|
||||
+systemctl service-watchdogs "$(systemctl service-watchdogs)"
|
||||
|
||||
# show/set-environment
|
||||
# Make sure PATH is set
|
@ -0,0 +1,131 @@
|
||||
From d68d785ba0e3ecd59a2678fe00fbd7b1bde90622 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Wed, 2 Nov 2022 17:51:51 +0100
|
||||
Subject: [PATCH] test: add a sanity coverage for systemd-analyze verbs
|
||||
|
||||
(cherry picked from commit 6c83054c0133eb53245e479d71589dceff76cf74)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/units/testsuite-65.sh | 108 +++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 108 insertions(+)
|
||||
|
||||
diff --git a/test/units/testsuite-65.sh b/test/units/testsuite-65.sh
|
||||
index 64ce629f3b..ece6b8734e 100755
|
||||
--- a/test/units/testsuite-65.sh
|
||||
+++ b/test/units/testsuite-65.sh
|
||||
@@ -9,6 +9,114 @@ set -eux
|
||||
systemd-analyze log-level debug
|
||||
export SYSTEMD_LOG_LEVEL=debug
|
||||
|
||||
+# Sanity checks
|
||||
+#
|
||||
+# We can't really test time, blame, critical-chain and plot verbs here, as
|
||||
+# the testsuite service is a part of the boot transaction, so let's assume
|
||||
+# they fail
|
||||
+systemd-analyze || :
|
||||
+systemd-analyze time || :
|
||||
+systemd-analyze blame || :
|
||||
+systemd-analyze critical-chain || :
|
||||
+systemd-analyze plot >/dev/null || :
|
||||
+# dot
|
||||
+systemd-analyze dot >/dev/null
|
||||
+systemd-analyze dot systemd-journald.service >/dev/null
|
||||
+systemd-analyze dot systemd-journald.service systemd-logind.service >/dev/null
|
||||
+systemd-analyze dot --from-pattern="*" --from-pattern="*.service" systemd-journald.service >/dev/null
|
||||
+systemd-analyze dot --to-pattern="*" --to-pattern="*.service" systemd-journald.service >/dev/null
|
||||
+systemd-analyze dot --from-pattern="*.service" --to-pattern="*.service" systemd-journald.service >/dev/null
|
||||
+systemd-analyze dot --order systemd-journald.service systemd-logind.service >/dev/null
|
||||
+systemd-analyze dot --require systemd-journald.service systemd-logind.service >/dev/null
|
||||
+systemd-analyze dot "systemd-*.service" >/dev/null
|
||||
+(! systemd-analyze dot systemd-journald.service systemd-logind.service "*" bbb ccc)
|
||||
+# dump
|
||||
+systemd-analyze dump >/dev/null
|
||||
+systemd-analyze dump "*" >/dev/null
|
||||
+systemd-analyze dump "*.socket" >/dev/null
|
||||
+systemd-analyze dump systemd-journald.service >/dev/null
|
||||
+(! systemd-analyze dump "")
|
||||
+# unit-paths
|
||||
+systemd-analyze unit-paths
|
||||
+systemd-analyze unit-paths --user
|
||||
+systemd-analyze unit-paths --global
|
||||
+# exist-status
|
||||
+systemd-analyze exit-status
|
||||
+systemd-analyze exit-status STDOUT BPF
|
||||
+systemd-analyze exit-status 0 1 {63..65}
|
||||
+(! systemd-analyze exit-status STDOUT BPF "hello*")
|
||||
+# capability
|
||||
+systemd-analyze capability
|
||||
+systemd-analyze capability cap_chown CAP_KILL
|
||||
+systemd-analyze capability 0 1 {30..32}
|
||||
+(! systemd-analyze capability cap_chown CAP_KILL "hello*")
|
||||
+# condition
|
||||
+mkdir -p /run/systemd/system
|
||||
+UNIT_NAME="analyze-condition-$RANDOM.service"
|
||||
+cat >"/run/systemd/system/$UNIT_NAME" <<EOF
|
||||
+[Unit]
|
||||
+AssertPathExists=/etc/os-release
|
||||
+AssertEnvironment=!FOOBAR
|
||||
+ConditionKernelVersion=>1.0
|
||||
+ConditionPathExists=/etc/os-release
|
||||
+
|
||||
+[Service]
|
||||
+ExecStart=/bin/true
|
||||
+EOF
|
||||
+systemctl daemon-reload
|
||||
+systemd-analyze condition --unit="$UNIT_NAME"
|
||||
+systemd-analyze condition 'ConditionKernelVersion = ! <4.0' \
|
||||
+ 'ConditionKernelVersion = >=3.1' \
|
||||
+ 'ConditionACPower=|false' \
|
||||
+ 'ConditionArchitecture=|!arm' \
|
||||
+ 'AssertPathExists=/etc/os-release'
|
||||
+(! systemd-analyze condition 'ConditionArchitecture=|!arm' 'AssertXYZ=foo')
|
||||
+(! systemd-analyze condition 'ConditionKernelVersion=<1.0')
|
||||
+(! systemd-analyze condition 'AssertKernelVersion=<1.0')
|
||||
+# syscall-filter
|
||||
+systemd-analyze syscall-filter >/dev/null
|
||||
+systemd-analyze syscall-filter @chown @sync
|
||||
+systemd-analyze syscall-filter @sync @sync @sync
|
||||
+(! systemd-analyze syscall-filter @chown @sync @foobar)
|
||||
+# filesystems (requires libbpf support)
|
||||
+if systemctl --version | grep "+BPF_FRAMEWORK"; then
|
||||
+ systemd-analyze filesystems >/dev/null
|
||||
+ systemd-analyze filesystems @basic-api
|
||||
+ systemd-analyze filesystems @basic-api @basic-api @basic-api
|
||||
+ (! systemd-analyze filesystems @basic-api @basic-api @foobar @basic-api)
|
||||
+fi
|
||||
+# calendar
|
||||
+systemd-analyze calendar '*-2-29 0:0:0'
|
||||
+systemd-analyze calendar --iterations=5 '*-2-29 0:0:0'
|
||||
+systemd-analyze calendar '*-* *:*:*'
|
||||
+systemd-analyze calendar --iterations=5 '*-* *:*:*'
|
||||
+systemd-analyze calendar --iterations=50 '*-* *:*:*'
|
||||
+systemd-analyze calendar --iterations=0 '*-* *:*:*'
|
||||
+systemd-analyze calendar --base-time=yesterday --iterations=5 '*-* *:*:*'
|
||||
+(! systemd-analyze calendar --iterations=0 '*-* 99:*:*')
|
||||
+(! systemd-analyze calendar --base-time=never '*-* *:*:*')
|
||||
+(! systemd-analyze calendar 1)
|
||||
+(! systemd-analyze calendar "")
|
||||
+# timestamp
|
||||
+systemd-analyze timestamp now
|
||||
+systemd-analyze timestamp -- -1
|
||||
+systemd-analyze timestamp yesterday now tomorrow
|
||||
+(! systemd-analyze timestamp yesterday never tomorrow)
|
||||
+(! systemd-analyze timestamp 1)
|
||||
+(! systemd-analyze timestamp "")
|
||||
+# timespan
|
||||
+systemd-analyze timespan 1
|
||||
+systemd-analyze timespan 1s 300s '1year 0.000001s'
|
||||
+(! systemd-analyze timespan 1s 300s aaaaaa '1year 0.000001s')
|
||||
+(! systemd-analyze timespan -- -1)
|
||||
+(! systemd-analyze timespan "")
|
||||
+# cat-config
|
||||
+systemd-analyze cat-config systemd/system.conf >/dev/null
|
||||
+systemd-analyze cat-config /etc/systemd/system.conf >/dev/null
|
||||
+systemd-analyze cat-config systemd/system.conf systemd/journald.conf >/dev/null
|
||||
+systemd-analyze cat-config systemd/system.conf foo/bar systemd/journald.conf >/dev/null
|
||||
+systemd-analyze cat-config foo/bar
|
||||
+
|
||||
mkdir -p /tmp/img/usr/lib/systemd/system/
|
||||
mkdir -p /tmp/img/opt/
|
||||
|
@ -0,0 +1,37 @@
|
||||
From 080747ee6685b9c5877073c5120375e7a04d8216 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Thu, 3 Nov 2022 09:39:36 +0900
|
||||
Subject: [PATCH] udev: first set properties based on usb subsystem
|
||||
|
||||
After 479da1107a0d4e2f7ef5cd938512b87a0e45f180, the usb_id builtin
|
||||
command does not set ID_SERIAL if ID_BUS is already set.
|
||||
Before the commit, all properties set based on pci bus were overwritten
|
||||
by the usb_id, hence now it is sufficient setting them only when ID_BUS is
|
||||
not set yet.
|
||||
|
||||
Fixes #25238.
|
||||
|
||||
(cherry picked from commit 01e704eba982fbc1517287cd261d229ff8e0a779)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
rules.d/60-serial.rules | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/rules.d/60-serial.rules b/rules.d/60-serial.rules
|
||||
index f303e27fd5..c133f26109 100644
|
||||
--- a/rules.d/60-serial.rules
|
||||
+++ b/rules.d/60-serial.rules
|
||||
@@ -3,9 +3,10 @@
|
||||
ACTION=="remove", GOTO="serial_end"
|
||||
SUBSYSTEM!="tty", GOTO="serial_end"
|
||||
|
||||
-SUBSYSTEMS=="pci", ENV{ID_BUS}="pci", ENV{ID_VENDOR_ID}="$attr{vendor}", ENV{ID_MODEL_ID}="$attr{device}"
|
||||
-SUBSYSTEMS=="pci", IMPORT{builtin}="hwdb --subsystem=pci"
|
||||
SUBSYSTEMS=="usb", IMPORT{builtin}="usb_id", IMPORT{builtin}="hwdb --subsystem=usb"
|
||||
+SUBSYSTEMS=="pci", ENV{ID_BUS}=="", ENV{ID_BUS}="pci", \
|
||||
+ ENV{ID_VENDOR_ID}="$attr{vendor}", ENV{ID_MODEL_ID}="$attr{device}", \
|
||||
+ IMPORT{builtin}="hwdb --subsystem=pci"
|
||||
|
||||
# /dev/serial/by-path/, /dev/serial/by-id/ for USB devices
|
||||
KERNEL!="ttyUSB[0-9]*|ttyACM[0-9]*", GOTO="serial_end"
|
@ -0,0 +1,30 @@
|
||||
From 35ec16bfef92d072edacad892fc138b3595ee69b Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Thu, 3 Nov 2022 09:43:14 +0900
|
||||
Subject: [PATCH] udev: drop redundant call of usb_id and assignment of
|
||||
ID_USB_INTERFACE_NUM
|
||||
|
||||
The usb_id builtin command is already called in the above, and the
|
||||
command sets the ID_USB_INTERFACE_NUM property.
|
||||
|
||||
(cherry picked from commit b2e53f5a0f12db65c88404477fedee5c57d201ba)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
rules.d/60-serial.rules | 2 --
|
||||
1 file changed, 2 deletions(-)
|
||||
|
||||
diff --git a/rules.d/60-serial.rules b/rules.d/60-serial.rules
|
||||
index c133f26109..2c1488e930 100644
|
||||
--- a/rules.d/60-serial.rules
|
||||
+++ b/rules.d/60-serial.rules
|
||||
@@ -17,9 +17,7 @@ IMPORT{builtin}="path_id"
|
||||
ENV{ID_PATH}=="?*", ENV{.ID_PORT}=="", SYMLINK+="serial/by-path/$env{ID_PATH}"
|
||||
ENV{ID_PATH}=="?*", ENV{.ID_PORT}=="?*", SYMLINK+="serial/by-path/$env{ID_PATH}-port$env{.ID_PORT}"
|
||||
|
||||
-IMPORT{builtin}="usb_id"
|
||||
ENV{ID_SERIAL}=="", GOTO="serial_end"
|
||||
-SUBSYSTEMS=="usb", ENV{ID_USB_INTERFACE_NUM}="$attr{bInterfaceNumber}"
|
||||
ENV{ID_USB_INTERFACE_NUM}=="", GOTO="serial_end"
|
||||
ENV{.ID_PORT}=="", SYMLINK+="serial/by-id/$env{ID_BUS}-$env{ID_SERIAL}-if$env{ID_USB_INTERFACE_NUM}"
|
||||
ENV{.ID_PORT}=="?*", SYMLINK+="serial/by-id/$env{ID_BUS}-$env{ID_SERIAL}-if$env{ID_USB_INTERFACE_NUM}-port$env{.ID_PORT}"
|
@ -1,27 +0,0 @@
|
||||
From 402595e7b0668b8fe44b5b00b1dd45ba9cc42b82 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Thu, 4 Nov 2021 12:31:32 +0100
|
||||
Subject: [PATCH] ci: use C9S chroots in Packit
|
||||
|
||||
rhel-only
|
||||
Related: #2017035
|
||||
---
|
||||
.packit.yml | 5 ++---
|
||||
1 file changed, 2 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/.packit.yml b/.packit.yml
|
||||
index 3461bccbc5..ce8782aae2 100644
|
||||
--- a/.packit.yml
|
||||
+++ b/.packit.yml
|
||||
@@ -37,9 +37,8 @@ jobs:
|
||||
trigger: pull_request
|
||||
metadata:
|
||||
targets:
|
||||
- # FIXME: change to CentOS 9 once it's available
|
||||
- - fedora-34-x86_64
|
||||
- - fedora-34-aarch64
|
||||
+ - centos-stream-9-x86_64
|
||||
+ - centos-stream-9-aarch64
|
||||
|
||||
# TODO: can't use TFT yet due to https://pagure.io/fedora-ci/general/issue/184
|
||||
# Run tests (via testing farm)
|
@ -0,0 +1,26 @@
|
||||
From 03bb31bbb875e20da7ae37eb44e98d244823e0e7 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Thu, 3 Nov 2022 09:52:23 +0900
|
||||
Subject: [PATCH] udev: add safe guard for setting by-id symlink
|
||||
|
||||
The ID_BUS property is necessary for creating by-id symlinks.
|
||||
|
||||
(cherry picked from commit 5286da064c97d2ac934cb301066aaa8605a3c8f9)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
rules.d/60-serial.rules | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/rules.d/60-serial.rules b/rules.d/60-serial.rules
|
||||
index 2c1488e930..a0e66323a9 100644
|
||||
--- a/rules.d/60-serial.rules
|
||||
+++ b/rules.d/60-serial.rules
|
||||
@@ -17,6 +17,7 @@ IMPORT{builtin}="path_id"
|
||||
ENV{ID_PATH}=="?*", ENV{.ID_PORT}=="", SYMLINK+="serial/by-path/$env{ID_PATH}"
|
||||
ENV{ID_PATH}=="?*", ENV{.ID_PORT}=="?*", SYMLINK+="serial/by-path/$env{ID_PATH}-port$env{.ID_PORT}"
|
||||
|
||||
+ENV{ID_BUS}=="", GOTO="serial_end"
|
||||
ENV{ID_SERIAL}=="", GOTO="serial_end"
|
||||
ENV{ID_USB_INTERFACE_NUM}=="", GOTO="serial_end"
|
||||
ENV{.ID_PORT}=="", SYMLINK+="serial/by-id/$env{ID_BUS}-$env{ID_SERIAL}-if$env{ID_USB_INTERFACE_NUM}"
|
@ -0,0 +1,45 @@
|
||||
From 266baa71dbb336d9c2eb1e4e7db3983477cc6ce0 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Thu, 3 Nov 2022 10:59:38 +0100
|
||||
Subject: [PATCH] test: cover legacy/deprecated systemd-analyze verbs
|
||||
|
||||
They're no longer documented since 26e1e97345 but still work.
|
||||
|
||||
(cherry picked from commit 926d95cd4c209b8c292829511542b11d7c43e662)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/units/testsuite-65.sh | 13 ++++++++++++-
|
||||
1 file changed, 12 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/test/units/testsuite-65.sh b/test/units/testsuite-65.sh
|
||||
index ece6b8734e..89406a108e 100755
|
||||
--- a/test/units/testsuite-65.sh
|
||||
+++ b/test/units/testsuite-65.sh
|
||||
@@ -6,7 +6,7 @@ set -eux
|
||||
# shellcheck source=test/units/assert.sh
|
||||
. "$(dirname "$0")"/assert.sh
|
||||
|
||||
-systemd-analyze log-level debug
|
||||
+systemctl log-level debug
|
||||
export SYSTEMD_LOG_LEVEL=debug
|
||||
|
||||
# Sanity checks
|
||||
@@ -19,6 +19,17 @@ systemd-analyze time || :
|
||||
systemd-analyze blame || :
|
||||
systemd-analyze critical-chain || :
|
||||
systemd-analyze plot >/dev/null || :
|
||||
+# legacy/deprecated options (moved to systemctl, but still usable from analyze)
|
||||
+systemd-analyze log-level
|
||||
+systemd-analyze log-level "$(systemctl log-level)"
|
||||
+systemd-analyze get-log-level
|
||||
+systemd-analyze set-log-level "$(systemctl log-level)"
|
||||
+systemd-analyze log-target
|
||||
+systemd-analyze log-target "$(systemctl log-target)"
|
||||
+systemd-analyze get-log-target
|
||||
+systemd-analyze set-log-target "$(systemctl log-target)"
|
||||
+systemd-analyze service-watchdogs
|
||||
+systemd-analyze service-watchdogs "$(systemctl service-watchdogs)"
|
||||
# dot
|
||||
systemd-analyze dot >/dev/null
|
||||
systemd-analyze dot systemd-journald.service >/dev/null
|
@ -1,136 +0,0 @@
|
||||
From 68199fe69a2c46e498bc7e9528d54922deecc553 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Mon, 14 Sep 2020 17:58:03 +0200
|
||||
Subject: [PATCH] test-mountpointutil-util: do not assert in test_mnt_id()
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1803070
|
||||
|
||||
I *think* this a kernel bug: the mnt_id as listed in /proc/self/mountinfo is different
|
||||
than the one we get from /proc/self/fdinfo/. This only matters when both statx and
|
||||
name_to_handle_at are unavailable and we hit the fallback path that goes through fdinfo:
|
||||
|
||||
(gdb) !uname -r
|
||||
5.6.19-200.fc31.ppc64le
|
||||
|
||||
(gdb) !cat /proc/self/mountinfo
|
||||
697 664 253:0 /var/lib/mock/fedora-31-ppc64le/root / rw,relatime shared:298 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota
|
||||
698 697 253:0 /var/cache/mock/fedora-31-ppc64le/yum_cache /var/cache/yum rw,relatime shared:299 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota
|
||||
699 697 253:0 /var/cache/mock/fedora-31-ppc64le/dnf_cache /var/cache/dnf rw,relatime shared:300 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota
|
||||
700 697 0:32 /mock-selinux-plugin.7me9bfpi /proc/filesystems rw,nosuid,nodev shared:301 master:18 - tmpfs tmpfs rw,seclabel <==========================================================
|
||||
701 697 0:41 / /sys ro,nosuid,nodev,noexec,relatime shared:302 - sysfs sysfs ro,seclabel
|
||||
702 701 0:21 / /sys/fs/selinux ro,nosuid,nodev,noexec,relatime shared:306 master:8 - selinuxfs selinuxfs rw
|
||||
703 697 0:42 / /dev rw,nosuid shared:303 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
704 703 0:43 / /dev/shm rw,nosuid,nodev shared:304 - tmpfs tmpfs rw,seclabel
|
||||
705 703 0:45 / /dev/pts rw,nosuid,noexec,relatime shared:307 - devpts devpts rw,seclabel,gid=5,mode=620,ptmxmode=666
|
||||
706 703 0:6 /btrfs-control /dev/btrfs-control rw,nosuid shared:308 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
707 703 0:6 /loop-control /dev/loop-control rw,nosuid shared:309 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
708 703 0:6 /loop0 /dev/loop0 rw,nosuid shared:310 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
709 703 0:6 /loop1 /dev/loop1 rw,nosuid shared:311 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
710 703 0:6 /loop10 /dev/loop10 rw,nosuid shared:312 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
711 703 0:6 /loop11 /dev/loop11 rw,nosuid shared:313 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
712 703 0:6 /loop2 /dev/loop2 rw,nosuid shared:314 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
713 703 0:6 /loop3 /dev/loop3 rw,nosuid shared:315 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
714 703 0:6 /loop4 /dev/loop4 rw,nosuid shared:316 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
715 703 0:6 /loop5 /dev/loop5 rw,nosuid shared:317 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
716 703 0:6 /loop6 /dev/loop6 rw,nosuid shared:318 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
717 703 0:6 /loop7 /dev/loop7 rw,nosuid shared:319 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
718 703 0:6 /loop8 /dev/loop8 rw,nosuid shared:320 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
719 703 0:6 /loop9 /dev/loop9 rw,nosuid shared:321 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755
|
||||
720 697 0:44 / /run rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
721 720 0:25 /systemd/nspawn/propagate/9cc8a155d0244558b273f773d2b92142 /run/systemd/nspawn/incoming ro master:12 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
722 697 0:32 /mock-resolv.dvml91hp /etc/resolv.conf rw,nosuid,nodev shared:322 master:18 - tmpfs tmpfs rw,seclabel
|
||||
725 697 0:47 / /proc rw,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
603 725 0:47 /sys /proc/sys ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
604 725 0:44 /systemd/inaccessible/reg /proc/kallsyms ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
605 725 0:44 /systemd/inaccessible/reg /proc/kcore ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
606 725 0:44 /systemd/inaccessible/reg /proc/keys ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
607 725 0:44 /systemd/inaccessible/reg /proc/sysrq-trigger ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
608 725 0:44 /systemd/inaccessible/reg /proc/timer_list ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
609 725 0:47 /bus /proc/bus ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
610 725 0:47 /fs /proc/fs ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
611 725 0:47 /irq /proc/irq ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
612 725 0:47 /scsi /proc/scsi ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw
|
||||
613 703 0:46 / /dev/mqueue rw,nosuid,nodev,noexec,relatime shared:324 - mqueue mqueue rw,seclabel
|
||||
614 701 0:26 / /sys/fs/cgroup rw,nosuid,nodev,noexec,relatime shared:325 - cgroup2 cgroup rw,seclabel,nsdelegate
|
||||
615 603 0:44 /.#proc-sys-kernel-random-boot-id4fbdce67af46d1c2//deleted /proc/sys/kernel/random/boot_id ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
616 725 0:44 /.#proc-sys-kernel-random-boot-id4fbdce67af46d1c2//deleted /proc/sys/kernel/random/boot_id rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
617 725 0:44 /.#proc-kmsg5b7a8bcfe6717139//deleted /proc/kmsg rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755
|
||||
|
||||
The test process does
|
||||
name_to_handle_at("/proc/filesystems") which returns -EOPNOTSUPP, and then
|
||||
openat(AT_FDCWD, "/proc/filesystems") which returns 4, and then
|
||||
read(open("/proc/self/fdinfo/4", ...)) which gives
|
||||
"pos:\t0\nflags:\t012100000\nmnt_id:\t725\n"
|
||||
|
||||
and the "725" is clearly inconsistent with "700" in /proc/self/mountinfo.
|
||||
|
||||
We could either drop the fallback path (and fail name_to_handle_at() is not
|
||||
avaliable) or ignore the error in the test. Not sure what is better. I think
|
||||
this issue only occurs sometimes and with older kernels, so probably continuing
|
||||
with the current flaky implementation is better than ripping out the fallback.
|
||||
|
||||
Another strace:
|
||||
writev(2</dev/pts/0>, [{iov_base="mnt ids of /proc/sys is 603", iov_len=27}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/sys is 603
|
||||
) = 28
|
||||
name_to_handle_at(AT_FDCWD, "/", {handle_bytes=128 => 12, handle_type=129, f_handle=0x52748401000000008b93e20d}, [697], 0) = 0
|
||||
writev(2</dev/pts/0>, [{iov_base="mnt ids of / is 697", iov_len=19}, {iov_base="\n", iov_len=1}], 2mnt ids of / is 697
|
||||
) = 20
|
||||
name_to_handle_at(AT_FDCWD, "/proc/kcore", {handle_bytes=128 => 12, handle_type=1, f_handle=0x92ddcfcd2e802d0100000000}, [605], 0) = 0
|
||||
writev(2</dev/pts/0>, [{iov_base="mnt ids of /proc/kcore is 605", iov_len=29}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/kcore is 605
|
||||
) = 30
|
||||
name_to_handle_at(AT_FDCWD, "/dev", {handle_bytes=128 => 12, handle_type=1, f_handle=0x8ae269160c802d0100000000}, [703], 0) = 0
|
||||
writev(2</dev/pts/0>, [{iov_base="mnt ids of /dev is 703", iov_len=22}, {iov_base="\n", iov_len=1}], 2mnt ids of /dev is 703
|
||||
) = 23
|
||||
name_to_handle_at(AT_FDCWD, "/proc/filesystems", {handle_bytes=128}, 0x7fffe36ddb84, 0) = -1 EOPNOTSUPP (Operation not supported)
|
||||
openat(AT_FDCWD, "/proc/filesystems", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|O_PATH) = 4</proc/filesystems>
|
||||
openat(AT_FDCWD, "/proc/self/fdinfo/4", O_RDONLY|O_CLOEXEC) = 5</proc/20/fdinfo/4>
|
||||
fstat(5</proc/20/fdinfo/4>, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0
|
||||
fstat(5</proc/20/fdinfo/4>, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0
|
||||
read(5</proc/20/fdinfo/4>, "pos:\t0\nflags:\t012100000\nmnt_id:\t725\n", 2048) = 36
|
||||
read(5</proc/20/fdinfo/4>, "", 1024) = 0
|
||||
close(5</proc/20/fdinfo/4>) = 0
|
||||
close(4</proc/filesystems>) = 0
|
||||
writev(2</dev/pts/0>, [{iov_base="mnt ids of /proc/filesystems are 700, 725", iov_len=41}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/filesystems are 700, 725
|
||||
) = 42
|
||||
writev(2</dev/pts/0>, [{iov_base="the other path for mnt id 725 is /proc", iov_len=38}, {iov_base="\n", iov_len=1}], 2the other path for mnt id 725 is /proc
|
||||
) = 39
|
||||
writev(2</dev/pts/0>, [{iov_base="Assertion 'path_equal(p, t)' failed at src/test/test-mountpoint-util.c:94, function test_mnt_id(). Aborting.", iov_len=108}, {iov_base="\n", iov_len=1}], 2Assertion 'path_equal(p, t)' failed at src/test/test-mountpoint-util.c:94, function test_mnt_id(). Aborting.
|
||||
) = 109
|
||||
rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
|
||||
rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], [], 8) = 0
|
||||
getpid() = 20
|
||||
gettid() = 20
|
||||
tgkill(20, 20, SIGABRT) = 0
|
||||
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
|
||||
|
||||
RHEL notes: af918c4 should mitigate this issue, but in some build
|
||||
systems (Copr, brew, etc.) we don't have enough privileges to create a
|
||||
new mount namespace
|
||||
|
||||
Cherry-picked manually from https://github.com/systemd/systemd/pull/17050.
|
||||
|
||||
rhel-only
|
||||
Related: #2017035
|
||||
---
|
||||
src/test/test-mountpoint-util.c | 8 ++++++--
|
||||
1 file changed, 6 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/test/test-mountpoint-util.c b/src/test/test-mountpoint-util.c
|
||||
index d11edf502a..9515d8cf7b 100644
|
||||
--- a/src/test/test-mountpoint-util.c
|
||||
+++ b/src/test/test-mountpoint-util.c
|
||||
@@ -101,8 +101,12 @@ TEST(mnt_id) {
|
||||
/* The ids don't match? If so, then there are two mounts on the same path, let's check if
|
||||
* that's really the case */
|
||||
char *t = hashmap_get(h, INT_TO_PTR(mnt_id2));
|
||||
- log_debug("the other path for mnt id %i is %s\n", mnt_id2, t);
|
||||
- assert_se(path_equal(p, t));
|
||||
+ log_debug("Path for mnt id %i from /proc/self/mountinfo is %s\n", mnt_id2, t);
|
||||
+
|
||||
+ if (!path_equal(p, t))
|
||||
+ /* Apparent kernel bug in /proc/self/fdinfo */
|
||||
+ log_warning("Bad mount id given for %s: %d, should be %d",
|
||||
+ p, mnt_id2, mnt_id);
|
||||
}
|
||||
}
|
||||
|
@ -0,0 +1,56 @@
|
||||
From 37614533602981aa3757cd3e847f184fdae1432e Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Thu, 3 Nov 2022 11:33:13 +0100
|
||||
Subject: [PATCH] test: cover a couple of previously missed analyze code paths
|
||||
|
||||
(cherry picked from commit 8b1879bcd0ed1168f5ad35a3dd0e213a31a2ee42)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/units/testsuite-65.sh | 11 +++++++++++
|
||||
1 file changed, 11 insertions(+)
|
||||
|
||||
diff --git a/test/units/testsuite-65.sh b/test/units/testsuite-65.sh
|
||||
index 89406a108e..1f34308b44 100755
|
||||
--- a/test/units/testsuite-65.sh
|
||||
+++ b/test/units/testsuite-65.sh
|
||||
@@ -45,8 +45,16 @@ systemd-analyze dot "systemd-*.service" >/dev/null
|
||||
systemd-analyze dump >/dev/null
|
||||
systemd-analyze dump "*" >/dev/null
|
||||
systemd-analyze dump "*.socket" >/dev/null
|
||||
+systemd-analyze dump "*.socket" "*.service" aaaaaaa ... >/dev/null
|
||||
systemd-analyze dump systemd-journald.service >/dev/null
|
||||
(! systemd-analyze dump "")
|
||||
+# unit-files
|
||||
+systemd-analyze unit-files >/dev/null
|
||||
+systemd-analyze unit-files systemd-journald.service >/dev/null
|
||||
+systemd-analyze unit-files "*" >/dev/null
|
||||
+systemd-analyze unit-files "*" aaaaaa "*.service" "*.target" >/dev/null
|
||||
+systemd-analyze unit-files --user >/dev/null
|
||||
+systemd-analyze unit-files --user "*" aaaaaa "*.service" "*.target" >/dev/null
|
||||
# unit-paths
|
||||
systemd-analyze unit-paths
|
||||
systemd-analyze unit-paths --user
|
||||
@@ -103,6 +111,7 @@ systemd-analyze calendar '*-* *:*:*'
|
||||
systemd-analyze calendar --iterations=5 '*-* *:*:*'
|
||||
systemd-analyze calendar --iterations=50 '*-* *:*:*'
|
||||
systemd-analyze calendar --iterations=0 '*-* *:*:*'
|
||||
+systemd-analyze calendar --iterations=5 '01-01-22 01:00:00'
|
||||
systemd-analyze calendar --base-time=yesterday --iterations=5 '*-* *:*:*'
|
||||
(! systemd-analyze calendar --iterations=0 '*-* 99:*:*')
|
||||
(! systemd-analyze calendar --base-time=never '*-* *:*:*')
|
||||
@@ -114,12 +123,14 @@ systemd-analyze timestamp -- -1
|
||||
systemd-analyze timestamp yesterday now tomorrow
|
||||
(! systemd-analyze timestamp yesterday never tomorrow)
|
||||
(! systemd-analyze timestamp 1)
|
||||
+(! systemd-analyze timestamp '*-2-29 0:0:0')
|
||||
(! systemd-analyze timestamp "")
|
||||
# timespan
|
||||
systemd-analyze timespan 1
|
||||
systemd-analyze timespan 1s 300s '1year 0.000001s'
|
||||
(! systemd-analyze timespan 1s 300s aaaaaa '1year 0.000001s')
|
||||
(! systemd-analyze timespan -- -1)
|
||||
+(! systemd-analyze timespan '*-2-29 0:0:0')
|
||||
(! systemd-analyze timespan "")
|
||||
# cat-config
|
||||
systemd-analyze cat-config systemd/system.conf >/dev/null
|
@ -1,39 +0,0 @@
|
||||
From 324d99159e1e64d78a580073626f5b645f1c3639 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Mon, 31 Jan 2022 14:19:09 +0100
|
||||
Subject: [PATCH] test: copy portable profiles into the image if they don't
|
||||
exist there
|
||||
|
||||
If we're built with `-Dportable=false`, the portable profiles won't get
|
||||
installed into the image. Since we need only the profile files and
|
||||
nothing else, let's copy them into the image explicitly in such case.
|
||||
|
||||
(cherry picked from commit 6f73ef8b30803ac1be1b2607aec1a89d778caa9a)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
test/test-functions | 11 +++++++++++
|
||||
1 file changed, 11 insertions(+)
|
||||
|
||||
diff --git a/test/test-functions b/test/test-functions
|
||||
index 218d0e6888..35d8f074a9 100644
|
||||
--- a/test/test-functions
|
||||
+++ b/test/test-functions
|
||||
@@ -1151,6 +1151,17 @@ install_systemd() {
|
||||
mkdir -p "$initdir/etc/systemd/system/service.d/"
|
||||
echo -e "[Service]\nProtectSystem=no\nProtectHome=no\n" >"$initdir/etc/systemd/system/service.d/gcov-override.conf"
|
||||
fi
|
||||
+
|
||||
+ # If we're built with -Dportabled=false, tests with systemd-analyze
|
||||
+ # --profile will fail. Since we need just the profile (text) files, let's
|
||||
+ # copy them into the image if they don't exist there.
|
||||
+ local portable_dir="${initdir:?}${ROOTLIBDIR:?}/portable"
|
||||
+ if [[ ! -d "$portable_dir/profile/strict" ]]; then
|
||||
+ dinfo "Couldn't find portable profiles in the test image"
|
||||
+ dinfo "Copying them directly from the source tree"
|
||||
+ mkdir -p "$portable_dir"
|
||||
+ cp -frv "${SOURCE_DIR:?}/src/portable/profile" "$portable_dir"
|
||||
+ fi
|
||||
}
|
||||
|
||||
get_ldpath() {
|
@ -0,0 +1,371 @@
|
||||
From e0d51a65a8bbe8c86af4bb843a5f9ac7d590fa01 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Thu, 3 Nov 2022 13:13:03 +0100
|
||||
Subject: [PATCH] test: introduce sanity coverage for auxiliary utils
|
||||
|
||||
(cherry picked from commit d1020334fd15e0cffe68cb4d7e862a36253cc481)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/TEST-74-AUX-UTILS/Makefile | 1 +
|
||||
test/TEST-74-AUX-UTILS/test.sh | 10 ++
|
||||
test/units/testsuite-74.cgls.sh | 26 +++++
|
||||
test/units/testsuite-74.cgtop.sh | 32 ++++++
|
||||
test/units/testsuite-74.delta.sh | 59 +++++++++++
|
||||
test/units/testsuite-74.firstboot.sh | 145 +++++++++++++++++++++++++++
|
||||
test/units/testsuite-74.service | 8 ++
|
||||
test/units/testsuite-74.sh | 14 +++
|
||||
8 files changed, 295 insertions(+)
|
||||
create mode 120000 test/TEST-74-AUX-UTILS/Makefile
|
||||
create mode 100755 test/TEST-74-AUX-UTILS/test.sh
|
||||
create mode 100755 test/units/testsuite-74.cgls.sh
|
||||
create mode 100755 test/units/testsuite-74.cgtop.sh
|
||||
create mode 100755 test/units/testsuite-74.delta.sh
|
||||
create mode 100755 test/units/testsuite-74.firstboot.sh
|
||||
create mode 100644 test/units/testsuite-74.service
|
||||
create mode 100755 test/units/testsuite-74.sh
|
||||
|
||||
diff --git a/test/TEST-74-AUX-UTILS/Makefile b/test/TEST-74-AUX-UTILS/Makefile
|
||||
new file mode 120000
|
||||
index 0000000000..e9f93b1104
|
||||
--- /dev/null
|
||||
+++ b/test/TEST-74-AUX-UTILS/Makefile
|
||||
@@ -0,0 +1 @@
|
||||
+../TEST-01-BASIC/Makefile
|
||||
\ No newline at end of file
|
||||
diff --git a/test/TEST-74-AUX-UTILS/test.sh b/test/TEST-74-AUX-UTILS/test.sh
|
||||
new file mode 100755
|
||||
index 0000000000..f422c89141
|
||||
--- /dev/null
|
||||
+++ b/test/TEST-74-AUX-UTILS/test.sh
|
||||
@@ -0,0 +1,10 @@
|
||||
+#!/usr/bin/env bash
|
||||
+# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
+set -e
|
||||
+
|
||||
+TEST_DESCRIPTION="Tests for auxiliary utilities"
|
||||
+
|
||||
+# shellcheck source=test/test-functions
|
||||
+. "${TEST_BASE_DIR:?}/test-functions"
|
||||
+
|
||||
+do_test "$@"
|
||||
diff --git a/test/units/testsuite-74.cgls.sh b/test/units/testsuite-74.cgls.sh
|
||||
new file mode 100755
|
||||
index 0000000000..120570c9cc
|
||||
--- /dev/null
|
||||
+++ b/test/units/testsuite-74.cgls.sh
|
||||
@@ -0,0 +1,26 @@
|
||||
+#!/usr/bin/env bash
|
||||
+# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
+set -eux
|
||||
+set -o pipefail
|
||||
+
|
||||
+systemd-cgls
|
||||
+systemd-cgls --all --full
|
||||
+systemd-cgls -k
|
||||
+systemd-cgls --xattr=yes
|
||||
+systemd-cgls --xattr=no
|
||||
+systemd-cgls --cgroup-id=yes
|
||||
+systemd-cgls --cgroup-id=no
|
||||
+
|
||||
+systemd-cgls /system.slice/systemd-journald.service
|
||||
+systemd-cgls /system.slice/systemd-journald.service /init.scope
|
||||
+systemd-cgls /sys/fs/cgroup/system.slice/systemd-journald.service /init.scope
|
||||
+(cd /sys/fs/cgroup/init.scope && systemd-cgls)
|
||||
+systemd-cgls --unit=systemd-journald.service
|
||||
+# There's most likely no user session running, so we need to create one
|
||||
+systemd-run --user --wait --pipe -M testuser@.host systemd-cgls --user-unit=app.slice
|
||||
+
|
||||
+(! systemd-cgls /foo/bar)
|
||||
+(! systemd-cgls --unit=hello.world)
|
||||
+(! systemd-cgls --user-unit=hello.world)
|
||||
+(! systemd-cgls --xattr=foo)
|
||||
+(! systemd-cgls --cgroup-id=foo)
|
||||
diff --git a/test/units/testsuite-74.cgtop.sh b/test/units/testsuite-74.cgtop.sh
|
||||
new file mode 100755
|
||||
index 0000000000..8141ec1b1f
|
||||
--- /dev/null
|
||||
+++ b/test/units/testsuite-74.cgtop.sh
|
||||
@@ -0,0 +1,32 @@
|
||||
+#!/usr/bin/env bash
|
||||
+# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
+set -eux
|
||||
+set -o pipefail
|
||||
+
|
||||
+# Without tty attached cgtop should default to --iterations=1
|
||||
+systemd-cgtop
|
||||
+systemd-cgtop --iterations=1
|
||||
+# Same as --iterations=1
|
||||
+systemd-cgtop -1
|
||||
+systemd-cgtop --delay=1ms
|
||||
+systemd-cgtop --raw
|
||||
+systemd-cgtop --batch
|
||||
+systemd-cgtop --cpu=percentage
|
||||
+systemd-cgtop --cpu=time
|
||||
+systemd-cgtop -P
|
||||
+systemd-cgtop -k
|
||||
+# FIXME: https://github.com/systemd/systemd/issues/25248
|
||||
+#systemd-cgtop --recursive=no
|
||||
+systemd-cgtop --depth=0
|
||||
+systemd-cgtop --depth=100
|
||||
+
|
||||
+for order in path tasks cpu memory io; do
|
||||
+ systemd-cgtop --order="$order"
|
||||
+done
|
||||
+systemd-cgtop -p -t -c -m -i
|
||||
+
|
||||
+(! systemd-cgtop --cpu=foo)
|
||||
+(! systemd-cgtop --order=foo)
|
||||
+(! systemd-cgtop --depth=-1)
|
||||
+(! systemd-cgtop --recursive=foo)
|
||||
+(! systemd-cgtop --delay=1foo)
|
||||
diff --git a/test/units/testsuite-74.delta.sh b/test/units/testsuite-74.delta.sh
|
||||
new file mode 100755
|
||||
index 0000000000..a0e1cb52dd
|
||||
--- /dev/null
|
||||
+++ b/test/units/testsuite-74.delta.sh
|
||||
@@ -0,0 +1,59 @@
|
||||
+#!/usr/bin/env bash
|
||||
+# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
+set -eux
|
||||
+set -o pipefail
|
||||
+
|
||||
+at_exit() {
|
||||
+ rm -rfv /{run,etc}/systemd/system/delta-test*
|
||||
+}
|
||||
+
|
||||
+trap at_exit EXIT
|
||||
+
|
||||
+# Create a couple of supporting units with overrides
|
||||
+#
|
||||
+# Extended unit
|
||||
+cat >"/run/systemd/system/delta-test-unit-extended.service" <<EOF
|
||||
+[Service]
|
||||
+ExecStart=/bin/true
|
||||
+EOF
|
||||
+mkdir -p "/run/systemd/system/delta-test-unit-extended.service.d"
|
||||
+cat >"/run/systemd/system/delta-test-unit-extended.service.d/override.conf" <<EOF
|
||||
+[Unit]
|
||||
+Description=Foo Bar
|
||||
+[Service]
|
||||
+ExecStartPre=/bin/true
|
||||
+EOF
|
||||
+# Masked unit
|
||||
+cp -fv /run/systemd/system/delta-test-unit-extended.service /run/systemd/system/delta-test-unit-masked.service
|
||||
+systemctl mask delta-test-unit-masked.service
|
||||
+# Overridden unit
|
||||
+cp -fv /run/systemd/system/delta-test-unit-extended.service /run/systemd/system/delta-test-unit-overridden.service
|
||||
+cp -fv /run/systemd/system/delta-test-unit-overridden.service /etc/systemd/system/delta-test-unit-overridden.service
|
||||
+echo "ExecStartPost=/bin/true" >>/etc/systemd/system/delta-test-unit-overridden.service
|
||||
+# Overridden but equivalent unit
|
||||
+ln -srfv /run/systemd/system/delta-test-unit-extended.service /run/systemd/system/delta-test-unit-equivalent.service
|
||||
+ln -sfv /run/systemd/system/delta-test-unit-extended.service /etc/systemd/system/delta-test-unit-equivalent.service
|
||||
+# Redirected unit
|
||||
+ln -srfv /run/systemd/system/delta-test-unit-extended.service /run/systemd/system/delta-test-unit-redirected.service
|
||||
+ln -sfv /run/systemd/system/delta-test-unit-overidden.service /etc/systemd/system/delta-test-unit-extended.service
|
||||
+
|
||||
+systemctl daemon-reload
|
||||
+
|
||||
+systemd-delta
|
||||
+systemd-delta /run
|
||||
+systemd-delta systemd/system
|
||||
+systemd-delta /run systemd/system /run
|
||||
+systemd-delta /run foo/bar hello/world systemd/system /run
|
||||
+systemd-delta foo/bar
|
||||
+systemd-delta --diff=true
|
||||
+systemd-delta --diff=false
|
||||
+
|
||||
+for type in masked equivalent redirected overridden extended unchanged; do
|
||||
+ systemd-delta --type="$type"
|
||||
+ systemd-delta --type="$type" /run
|
||||
+done
|
||||
+systemd-delta --type=equivalent,redirected
|
||||
+
|
||||
+(! systemd-delta --diff=foo)
|
||||
+(! systemd-delta --type=foo)
|
||||
+(! systemd-delta --type=equivalent,redirected,foo)
|
||||
diff --git a/test/units/testsuite-74.firstboot.sh b/test/units/testsuite-74.firstboot.sh
|
||||
new file mode 100755
|
||||
index 0000000000..02f9f5cd7a
|
||||
--- /dev/null
|
||||
+++ b/test/units/testsuite-74.firstboot.sh
|
||||
@@ -0,0 +1,145 @@
|
||||
+#!/usr/bin/env bash
|
||||
+# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
+set -eux
|
||||
+set -o pipefail
|
||||
+
|
||||
+if ! command -v systemd-firstboot >/dev/null; then
|
||||
+ echo "systemd-firstboot not found, skipping the test"
|
||||
+ exit 0
|
||||
+fi
|
||||
+
|
||||
+at_exit() {
|
||||
+ if [[ -v ROOT && -n "$ROOT" ]]; then
|
||||
+ ls -lR "$ROOT"
|
||||
+ rm -fr "$ROOT"
|
||||
+ fi
|
||||
+}
|
||||
+
|
||||
+trap at_exit EXIT
|
||||
+
|
||||
+# Generated via `mkpasswd -m sha-512 -S foobarsalt password1`
|
||||
+# shellcheck disable=SC2016
|
||||
+ROOT_HASHED_PASSWORD1='$6$foobarsalt$YbwdaATX6IsFxvWbY3QcZj2gB31R/LFRFrjlFrJtTTqFtSfn4dfOAg/km2k4Sl.a2g7LOYDo31wMTaEsCo9j41'
|
||||
+# Generated via `mkpasswd -m sha-512 -S foobarsalt password2`
|
||||
+# shellcheck disable=SC2016
|
||||
+ROOT_HASHED_PASSWORD2='$6$foobarsalt$q.P2932zYMLbKnjFwIxPI8y3iuxeuJ2BgE372LcZMMnj3Gcg/9mJg2LPKUl.ha0TG/.fRNNnRQcLfzM0SNot3.'
|
||||
+
|
||||
+# Create a minimal root so we don't modify the testbed
|
||||
+ROOT=test-root
|
||||
+mkdir -p "$ROOT/bin"
|
||||
+# Dummy shell for --root-shell=
|
||||
+touch "$ROOT/bin/fooshell" "$ROOT/bin/barshell"
|
||||
+
|
||||
+systemd-firstboot --root="$ROOT" --locale=foo
|
||||
+grep -q "LANG=foo" "$ROOT/etc/locale.conf"
|
||||
+rm -fv "$ROOT/etc/locale.conf"
|
||||
+# FIXME: https://github.com/systemd/systemd/issues/25249
|
||||
+#systemd-firstboot --root="$ROOT" --locale-messages=foo
|
||||
+#grep -q "LC_MESSAGES=foo" "$ROOT/etc/locale.conf"
|
||||
+#rm -fv "$ROOT/etc/locale.conf"
|
||||
+systemd-firstboot --root="$ROOT" --locale=foo --locale-messages=bar
|
||||
+grep -q "LANG=foo" "$ROOT/etc/locale.conf"
|
||||
+grep -q "LC_MESSAGES=bar" "$ROOT/etc/locale.conf"
|
||||
+
|
||||
+systemd-firstboot --root="$ROOT" --keymap=foo
|
||||
+grep -q "KEYMAP=foo" "$ROOT/etc/vconsole.conf"
|
||||
+
|
||||
+systemd-firstboot --root="$ROOT" --timezone=Europe/Berlin
|
||||
+readlink "$ROOT/etc/localtime" | grep -q "Europe/Berlin"
|
||||
+
|
||||
+systemd-firstboot --root="$ROOT" --hostname "foobar"
|
||||
+grep -q "foobar" "$ROOT/etc/hostname"
|
||||
+
|
||||
+systemd-firstboot --root="$ROOT" --machine-id=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
|
||||
+grep -q "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" "$ROOT/etc/machine-id"
|
||||
+
|
||||
+rm -fv "$ROOT/etc/passwd" "$ROOT/etc/shadow"
|
||||
+systemd-firstboot --root="$ROOT" --root-password=foo
|
||||
+grep -q "^root:x:0:0:" "$ROOT/etc/passwd"
|
||||
+grep -q "^root:" "$ROOT/etc/shadow"
|
||||
+rm -fv "$ROOT/etc/passwd" "$ROOT/etc/shadow"
|
||||
+echo "foo" >root.passwd
|
||||
+systemd-firstboot --root="$ROOT" --root-password-file=root.passwd
|
||||
+grep -q "^root:x:0:0:" "$ROOT/etc/passwd"
|
||||
+grep -q "^root:" "$ROOT/etc/shadow"
|
||||
+rm -fv "$ROOT/etc/passwd" "$ROOT/etc/shadow" root.passwd
|
||||
+# Set the shell together with the password, as firstboot won't touch
|
||||
+# /etc/passwd if it already exists
|
||||
+systemd-firstboot --root="$ROOT" --root-password-hashed="$ROOT_HASHED_PASSWORD1" --root-shell=/bin/fooshell
|
||||
+grep -q "^root:x:0:0:.*:/bin/fooshell$" "$ROOT/etc/passwd"
|
||||
+grep -q "^root:$ROOT_HASHED_PASSWORD1:" "$ROOT/etc/shadow"
|
||||
+
|
||||
+systemd-firstboot --root="$ROOT" --kernel-command-line="foo.bar=42"
|
||||
+grep -q "foo.bar=42" "$ROOT/etc/kernel/cmdline"
|
||||
+
|
||||
+# Configs should not get overwritten if they exist unless --force is used
|
||||
+systemd-firstboot --root="$ROOT" \
|
||||
+ --locale=locale-overwrite \
|
||||
+ --locale-messages=messages-overwrite \
|
||||
+ --keymap=keymap-overwrite \
|
||||
+ --timezone=CET \
|
||||
+ --hostname=hostname-overwrite \
|
||||
+ --machine-id=bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb \
|
||||
+ --root-password-hashed="$ROOT_HASHED_PASSWORD2" \
|
||||
+ --root-shell=/bin/barshell \
|
||||
+ --kernel-command-line="hello.world=0"
|
||||
+grep -q "LANG=foo" "$ROOT/etc/locale.conf"
|
||||
+grep -q "LC_MESSAGES=bar" "$ROOT/etc/locale.conf"
|
||||
+grep -q "KEYMAP=foo" "$ROOT/etc/vconsole.conf"
|
||||
+readlink "$ROOT/etc/localtime" | grep -q "Europe/Berlin$"
|
||||
+grep -q "foobar" "$ROOT/etc/hostname"
|
||||
+grep -q "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" "$ROOT/etc/machine-id"
|
||||
+grep -q "^root:x:0:0:.*:/bin/fooshell$" "$ROOT/etc/passwd"
|
||||
+grep -q "^root:$ROOT_HASHED_PASSWORD1:" "$ROOT/etc/shadow"
|
||||
+grep -q "foo.bar=42" "$ROOT/etc/kernel/cmdline"
|
||||
+
|
||||
+# The same thing, but now with --force
|
||||
+systemd-firstboot --root="$ROOT" --force \
|
||||
+ --locale=locale-overwrite \
|
||||
+ --locale-messages=messages-overwrite \
|
||||
+ --keymap=keymap-overwrite \
|
||||
+ --timezone=CET \
|
||||
+ --hostname=hostname-overwrite \
|
||||
+ --machine-id=bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb \
|
||||
+ --root-password-hashed="$ROOT_HASHED_PASSWORD2" \
|
||||
+ --root-shell=/bin/barshell \
|
||||
+ --kernel-command-line="hello.world=0"
|
||||
+grep -q "LANG=locale-overwrite" "$ROOT/etc/locale.conf"
|
||||
+grep -q "LC_MESSAGES=messages-overwrite" "$ROOT/etc/locale.conf"
|
||||
+grep -q "KEYMAP=keymap-overwrite" "$ROOT/etc/vconsole.conf"
|
||||
+readlink "$ROOT/etc/localtime" | grep -q "/CET$"
|
||||
+grep -q "hostname-overwrite" "$ROOT/etc/hostname"
|
||||
+grep -q "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" "$ROOT/etc/machine-id"
|
||||
+grep -q "^root:x:0:0:.*:/bin/barshell$" "$ROOT/etc/passwd"
|
||||
+grep -q "^root:$ROOT_HASHED_PASSWORD2:" "$ROOT/etc/shadow"
|
||||
+grep -q "hello.world=0" "$ROOT/etc/kernel/cmdline"
|
||||
+
|
||||
+# --copy-* options
|
||||
+rm -fr "$ROOT"
|
||||
+mkdir "$ROOT"
|
||||
+# Copy everything at once (--copy)
|
||||
+systemd-firstboot --root="$ROOT" --copy
|
||||
+diff /etc/locale.conf "$ROOT/etc/locale.conf"
|
||||
+diff <(awk -F: '/^root/ { print $7; }' /etc/passwd) <(awk -F: '/^root/ { print $7; }' "$ROOT/etc/passwd")
|
||||
+diff <(awk -F: '/^root/ { print $2; }' /etc/shadow) <(awk -F: '/^root/ { print $2; }' "$ROOT/etc/shadow")
|
||||
+[[ -e /etc/vconsole.conf ]] && diff /etc/vconsole.conf "$ROOT/etc/vconsole.conf"
|
||||
+[[ -e /etc/localtime ]] && diff <(readlink /etc/localtime) <(readlink "$ROOT/etc/localtime")
|
||||
+rm -fr "$ROOT"
|
||||
+mkdir "$ROOT"
|
||||
+# Copy everything at once, but now by using separate switches
|
||||
+systemd-firstboot --root="$ROOT" --copy-locale --copy-keymap --copy-timezone --copy-root-password --copy-root-shell
|
||||
+diff /etc/locale.conf "$ROOT/etc/locale.conf"
|
||||
+diff <(awk -F: '/^root/ { print $7; }' /etc/passwd) <(awk -F: '/^root/ { print $7; }' "$ROOT/etc/passwd")
|
||||
+diff <(awk -F: '/^root/ { print $2; }' /etc/shadow) <(awk -F: '/^root/ { print $2; }' "$ROOT/etc/shadow")
|
||||
+[[ -e /etc/vconsole.conf ]] && diff /etc/vconsole.conf "$ROOT/etc/vconsole.conf"
|
||||
+[[ -e /etc/localtime ]] && diff <(readlink /etc/localtime) <(readlink "$ROOT/etc/localtime")
|
||||
+
|
||||
+# Assorted tests
|
||||
+rm -fr "$ROOT"
|
||||
+mkdir "$ROOT"
|
||||
+
|
||||
+systemd-firstboot --root="$ROOT" --setup-machine-id
|
||||
+grep -E "[a-z0-9]{32}" "$ROOT/etc/machine-id"
|
||||
+
|
||||
+systemd-firstboot --root="$ROOT" --delete-root-password
|
||||
+diff <(echo) <(awk -F: '/^root/ { print $2; }' "$ROOT/etc/shadow")
|
||||
diff --git a/test/units/testsuite-74.service b/test/units/testsuite-74.service
|
||||
new file mode 100644
|
||||
index 0000000000..f782132a92
|
||||
--- /dev/null
|
||||
+++ b/test/units/testsuite-74.service
|
||||
@@ -0,0 +1,8 @@
|
||||
+# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
+[Unit]
|
||||
+Description=TEST-74-AUX-UTILS
|
||||
+
|
||||
+[Service]
|
||||
+ExecStartPre=rm -f /failed /testok
|
||||
+ExecStart=/usr/lib/systemd/tests/testdata/units/%N.sh
|
||||
+Type=oneshot
|
||||
diff --git a/test/units/testsuite-74.sh b/test/units/testsuite-74.sh
|
||||
new file mode 100755
|
||||
index 0000000000..13c767e490
|
||||
--- /dev/null
|
||||
+++ b/test/units/testsuite-74.sh
|
||||
@@ -0,0 +1,14 @@
|
||||
+#!/usr/bin/env bash
|
||||
+# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
+set -eux
|
||||
+set -o pipefail
|
||||
+
|
||||
+: >/failed
|
||||
+
|
||||
+for script in "${0%.sh}".*.sh; do
|
||||
+ echo "Running $script"
|
||||
+ "./$script"
|
||||
+done
|
||||
+
|
||||
+touch /testok
|
||||
+rm /failed
|
@ -0,0 +1,56 @@
|
||||
From 1ef6ffdf0923095752665c7ff6062514dfa6c6bf Mon Sep 17 00:00:00 2001
|
||||
From: Luca Boccassi <bluca@debian.org>
|
||||
Date: Fri, 4 Nov 2022 00:01:16 +0000
|
||||
Subject: [PATCH] firstboot: fix segfault when --locale-messages= is passed
|
||||
without --locale=
|
||||
|
||||
\#0 __strcmp_evex () at ../sysdeps/x86_64/multiarch/strcmp-evex.S:295
|
||||
No locals.
|
||||
\#1 0x0000557444eb172b in process_locale () at ../src/firstboot/firstboot.c:342
|
||||
etc_localeconf = 0x7ffd40217b80 "/root/root/etc/locale.conf"
|
||||
locales = {0x0, 0x0, 0x0}
|
||||
i = 0
|
||||
r = <optimized out>
|
||||
__PRETTY_FUNCTION__ = "process_locale"
|
||||
__func__ = "process_locale"
|
||||
\#2 0x0000557444eaff93 in run (argv=0x7ffd40217d98, argc=3) at ../src/firstboot/firstboot.c:1401
|
||||
loop_device = 0x0
|
||||
unlink_dir = 0x0
|
||||
r = <optimized out>
|
||||
loop_device = <optimized out>
|
||||
unlink_dir = <optimized out>
|
||||
r = <optimized out>
|
||||
__func__ = <optimized out>
|
||||
__PRETTY_FUNCTION__ = <optimized out>
|
||||
enabled = <optimized out>
|
||||
_error = <optimized out>
|
||||
_level = <optimized out>
|
||||
_e = <optimized out>
|
||||
_level = <optimized out>
|
||||
_e = <optimized out>
|
||||
\#3 main (argc=3, argv=0x7ffd40217d98) at ../src/firstboot/firstboot.c:1432
|
||||
r = <optimized out>
|
||||
__PRETTY_FUNCTION__ = "main"
|
||||
|
||||
Fixes https://github.com/systemd/systemd/issues/25249
|
||||
|
||||
(cherry picked from commit 4c4a73ce068ef16cfe7ad07c7c3386ac1dbc58fe)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
src/firstboot/firstboot.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c
|
||||
index 065ee896cd..63db78b52d 100644
|
||||
--- a/src/firstboot/firstboot.c
|
||||
+++ b/src/firstboot/firstboot.c
|
||||
@@ -339,7 +339,7 @@ static int process_locale(void) {
|
||||
|
||||
if (!isempty(arg_locale))
|
||||
locales[i++] = strjoina("LANG=", arg_locale);
|
||||
- if (!isempty(arg_locale_messages) && !streq(arg_locale_messages, arg_locale))
|
||||
+ if (!isempty(arg_locale_messages) && !streq_ptr(arg_locale_messages, arg_locale))
|
||||
locales[i++] = strjoina("LC_MESSAGES=", arg_locale_messages);
|
||||
|
||||
if (i == 0)
|
@ -1,43 +0,0 @@
|
||||
From 16908e1ec833d857cb418712c382c6f604426b36 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Tue, 1 Feb 2022 20:18:29 +0100
|
||||
Subject: [PATCH] test: introduce `get_cgroup_hierarchy() helper
|
||||
|
||||
which returns the host's cgroup hierarchy (unified, hybrid, or legacy).
|
||||
|
||||
(cherry picked from commit f723740871bd3eb89d16a526a1ff77c04bb3787a)
|
||||
|
||||
Related: #2047768
|
||||
---
|
||||
test/test-functions | 18 ++++++++++++++++++
|
||||
1 file changed, 18 insertions(+)
|
||||
|
||||
diff --git a/test/test-functions b/test/test-functions
|
||||
index 35d8f074a9..4827b6bedf 100644
|
||||
--- a/test/test-functions
|
||||
+++ b/test/test-functions
|
||||
@@ -1996,6 +1996,24 @@ import_initdir() {
|
||||
export initdir
|
||||
}
|
||||
|
||||
+get_cgroup_hierarchy() {
|
||||
+ case "$(stat -c '%T' -f /sys/fs/cgroup)" in
|
||||
+ cgroup2fs)
|
||||
+ echo "unified"
|
||||
+ ;;
|
||||
+ tmpfs)
|
||||
+ if [[ -d /sys/fs/cgroup/unified && "$(stat -c '%T' -f /sys/fs/cgroup/unified)" == cgroup2fs ]]; then
|
||||
+ echo "hybrid"
|
||||
+ else
|
||||
+ echo "legacy"
|
||||
+ fi
|
||||
+ ;;
|
||||
+ *)
|
||||
+ dfatal "Failed to determine host's cgroup hierarchy"
|
||||
+ exit 1
|
||||
+ esac
|
||||
+}
|
||||
+
|
||||
## @brief Converts numeric logging level to the first letter of level name.
|
||||
#
|
||||
# @param lvl Numeric logging level in range from 1 to 6.
|
@ -1,30 +0,0 @@
|
||||
From 523e72e97d7c945114b54b726eaab0d379fb35fb Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Tue, 1 Feb 2022 20:25:00 +0100
|
||||
Subject: [PATCH] test: require unified cgroup hierarchy for TEST-56
|
||||
|
||||
since cgroup empty notifications are unreliable in legacy cgroups.
|
||||
|
||||
See: systemd/systemd#22320
|
||||
Complements: systemd/systemd#22344
|
||||
(cherry picked from commit e2620820188428de7086f5e8ac41305177f70954)
|
||||
|
||||
Related: #2047768
|
||||
---
|
||||
test/TEST-56-EXIT-TYPE/test.sh | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/test/TEST-56-EXIT-TYPE/test.sh b/test/TEST-56-EXIT-TYPE/test.sh
|
||||
index 0f84dca1ba..37475e817e 100755
|
||||
--- a/test/TEST-56-EXIT-TYPE/test.sh
|
||||
+++ b/test/TEST-56-EXIT-TYPE/test.sh
|
||||
@@ -6,4 +6,9 @@ TEST_DESCRIPTION="test ExitType=cgroup"
|
||||
# shellcheck source=test/test-functions
|
||||
. "${TEST_BASE_DIR:?}/test-functions"
|
||||
|
||||
+if [[ "$(get_cgroup_hierarchy)" != unified ]]; then
|
||||
+ echo "This test requires unified cgroup hierarchy, skipping..."
|
||||
+ exit 0
|
||||
+fi
|
||||
+
|
||||
do_test "$@"
|
@ -0,0 +1,76 @@
|
||||
From 1d41d2789bb67f5909d6974d2fd916e462a0a5cf Mon Sep 17 00:00:00 2001
|
||||
From: Franck Bui <fbui@suse.com>
|
||||
Date: Fri, 4 Nov 2022 12:24:10 +0100
|
||||
Subject: [PATCH] tests: make test-execute pass on openSUSE
|
||||
|
||||
In my understanding user group "3" (aka "sys") is kept for historical reasons
|
||||
but not really useful these days. That's probably explained why this group
|
||||
isn't defined on openSUSE.
|
||||
|
||||
Hence let's drop reference to this user group, this shouldn't lessen the
|
||||
revelance of the test since SupplementaryGroups= is still tested with 2 other
|
||||
groups.
|
||||
|
||||
(cherry picked from commit d723b0467d7b8c5c772086d5352442f3fca4368d)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/test-execute/exec-dynamicuser-supplementarygroups.service | 3 +--
|
||||
...plementarygroups-multiple-groups-default-group-user.service | 3 +--
|
||||
.../exec-supplementarygroups-multiple-groups-withgid.service | 3 +--
|
||||
.../exec-supplementarygroups-multiple-groups-withuid.service | 3 +--
|
||||
4 files changed, 4 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/test/test-execute/exec-dynamicuser-supplementarygroups.service b/test/test-execute/exec-dynamicuser-supplementarygroups.service
|
||||
index fb0b57bc00..53ba0ec7cb 100644
|
||||
--- a/test/test-execute/exec-dynamicuser-supplementarygroups.service
|
||||
+++ b/test/test-execute/exec-dynamicuser-supplementarygroups.service
|
||||
@@ -5,7 +5,6 @@ Description=Test DynamicUser with SupplementaryGroups=
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "2" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "3" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
Type=oneshot
|
||||
DynamicUser=yes
|
||||
-SupplementaryGroups=1 2 3
|
||||
+SupplementaryGroups=1 2
|
||||
diff --git a/test/test-execute/exec-supplementarygroups-multiple-groups-default-group-user.service b/test/test-execute/exec-supplementarygroups-multiple-groups-default-group-user.service
|
||||
index 362e539287..4cb0326320 100644
|
||||
--- a/test/test-execute/exec-supplementarygroups-multiple-groups-default-group-user.service
|
||||
+++ b/test/test-execute/exec-supplementarygroups-multiple-groups-default-group-user.service
|
||||
@@ -6,7 +6,6 @@ Description=Test for Supplementary Group with multiple groups without Group and
|
||||
ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "%G" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "2" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "3" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -g)" = "%G" && test "$$(id -u)" = "%U"'
|
||||
Type=oneshot
|
||||
-SupplementaryGroups=1 2 3
|
||||
+SupplementaryGroups=1 2
|
||||
diff --git a/test/test-execute/exec-supplementarygroups-multiple-groups-withgid.service b/test/test-execute/exec-supplementarygroups-multiple-groups-withgid.service
|
||||
index ff3fdc8142..e11743d754 100644
|
||||
--- a/test/test-execute/exec-supplementarygroups-multiple-groups-withgid.service
|
||||
+++ b/test/test-execute/exec-supplementarygroups-multiple-groups-withgid.service
|
||||
@@ -5,8 +5,7 @@ Description=Test for Supplementary Group with multiple groups and Group=1
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "2" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "3" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "%U"'
|
||||
Type=oneshot
|
||||
Group=1
|
||||
-SupplementaryGroups=1 2 3
|
||||
+SupplementaryGroups=1 2
|
||||
diff --git a/test/test-execute/exec-supplementarygroups-multiple-groups-withuid.service b/test/test-execute/exec-supplementarygroups-multiple-groups-withuid.service
|
||||
index f35ff84765..3efbbfb0f9 100644
|
||||
--- a/test/test-execute/exec-supplementarygroups-multiple-groups-withuid.service
|
||||
+++ b/test/test-execute/exec-supplementarygroups-multiple-groups-withuid.service
|
||||
@@ -5,7 +5,6 @@ Description=Test for Supplementary Group with multiple groups and Uid=1
|
||||
[Service]
|
||||
ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "2" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "3" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
Type=oneshot
|
||||
User=1
|
||||
-SupplementaryGroups=1 2 3
|
||||
+SupplementaryGroups=1 2
|
@ -0,0 +1,150 @@
|
||||
From 5685a8b01abf34ec5da7c43a99ede6e3bb7394eb Mon Sep 17 00:00:00 2001
|
||||
From: Franck Bui <fbui@suse.com>
|
||||
Date: Fri, 4 Nov 2022 12:50:04 +0100
|
||||
Subject: [PATCH] tests: minor simplification in test-execute
|
||||
|
||||
No functional change.
|
||||
|
||||
(cherry picked from commit 09415aef940f4a471da7cb899b9a66f1504d7c77)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
...xec-dynamicuser-fixeduser-one-supplementarygroup.service | 2 +-
|
||||
test/test-execute/exec-dynamicuser-fixeduser.service | 2 +-
|
||||
.../exec-dynamicuser-supplementarygroups.service | 4 ++--
|
||||
...mentarygroups-multiple-groups-default-group-user.service | 6 +++---
|
||||
...exec-supplementarygroups-multiple-groups-withgid.service | 4 ++--
|
||||
...exec-supplementarygroups-multiple-groups-withuid.service | 4 ++--
|
||||
.../exec-supplementarygroups-single-group-user.service | 2 +-
|
||||
.../exec-supplementarygroups-single-group.service | 2 +-
|
||||
test/test-execute/exec-supplementarygroups.service | 4 ++--
|
||||
9 files changed, 15 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/test/test-execute/exec-dynamicuser-fixeduser-one-supplementarygroup.service b/test/test-execute/exec-dynamicuser-fixeduser-one-supplementarygroup.service
|
||||
index 0c2a218be0..bbb1af5fb3 100644
|
||||
--- a/test/test-execute/exec-dynamicuser-fixeduser-one-supplementarygroup.service
|
||||
+++ b/test/test-execute/exec-dynamicuser-fixeduser-one-supplementarygroup.service
|
||||
@@ -3,7 +3,7 @@
|
||||
Description=Test DynamicUser with User= and SupplementaryGroups=
|
||||
|
||||
[Service]
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
|
||||
Type=oneshot
|
||||
User=1
|
||||
diff --git a/test/test-execute/exec-dynamicuser-fixeduser.service b/test/test-execute/exec-dynamicuser-fixeduser.service
|
||||
index 061bbd2b93..c5828c2a93 100644
|
||||
--- a/test/test-execute/exec-dynamicuser-fixeduser.service
|
||||
+++ b/test/test-execute/exec-dynamicuser-fixeduser.service
|
||||
@@ -3,7 +3,7 @@
|
||||
Description=Test DynamicUser with User=
|
||||
|
||||
[Service]
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
|
||||
Type=oneshot
|
||||
User=1
|
||||
diff --git a/test/test-execute/exec-dynamicuser-supplementarygroups.service b/test/test-execute/exec-dynamicuser-supplementarygroups.service
|
||||
index 53ba0ec7cb..d601af272e 100644
|
||||
--- a/test/test-execute/exec-dynamicuser-supplementarygroups.service
|
||||
+++ b/test/test-execute/exec-dynamicuser-supplementarygroups.service
|
||||
@@ -3,8 +3,8 @@
|
||||
Description=Test DynamicUser with SupplementaryGroups=
|
||||
|
||||
[Service]
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "2" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
|
||||
Type=oneshot
|
||||
DynamicUser=yes
|
||||
SupplementaryGroups=1 2
|
||||
diff --git a/test/test-execute/exec-supplementarygroups-multiple-groups-default-group-user.service b/test/test-execute/exec-supplementarygroups-multiple-groups-default-group-user.service
|
||||
index 4cb0326320..0ecc34441c 100644
|
||||
--- a/test/test-execute/exec-supplementarygroups-multiple-groups-default-group-user.service
|
||||
+++ b/test/test-execute/exec-supplementarygroups-multiple-groups-default-group-user.service
|
||||
@@ -3,9 +3,9 @@
|
||||
Description=Test for Supplementary Group with multiple groups without Group and User
|
||||
|
||||
[Service]
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "%G" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "2" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "%G" && exit 0; done; exit 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -g)" = "%G" && test "$$(id -u)" = "%U"'
|
||||
Type=oneshot
|
||||
SupplementaryGroups=1 2
|
||||
diff --git a/test/test-execute/exec-supplementarygroups-multiple-groups-withgid.service b/test/test-execute/exec-supplementarygroups-multiple-groups-withgid.service
|
||||
index e11743d754..cd1021bbdf 100644
|
||||
--- a/test/test-execute/exec-supplementarygroups-multiple-groups-withgid.service
|
||||
+++ b/test/test-execute/exec-supplementarygroups-multiple-groups-withgid.service
|
||||
@@ -3,8 +3,8 @@
|
||||
Description=Test for Supplementary Group with multiple groups and Group=1
|
||||
|
||||
[Service]
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "2" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "%U"'
|
||||
Type=oneshot
|
||||
Group=1
|
||||
diff --git a/test/test-execute/exec-supplementarygroups-multiple-groups-withuid.service b/test/test-execute/exec-supplementarygroups-multiple-groups-withuid.service
|
||||
index 3efbbfb0f9..7913a2c2ed 100644
|
||||
--- a/test/test-execute/exec-supplementarygroups-multiple-groups-withuid.service
|
||||
+++ b/test/test-execute/exec-supplementarygroups-multiple-groups-withuid.service
|
||||
@@ -3,8 +3,8 @@
|
||||
Description=Test for Supplementary Group with multiple groups and Uid=1
|
||||
|
||||
[Service]
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "2" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "2" && exit 0; done; exit 1'
|
||||
Type=oneshot
|
||||
User=1
|
||||
SupplementaryGroups=1 2
|
||||
diff --git a/test/test-execute/exec-supplementarygroups-single-group-user.service b/test/test-execute/exec-supplementarygroups-single-group-user.service
|
||||
index aae71d0a30..ee4017e74e 100644
|
||||
--- a/test/test-execute/exec-supplementarygroups-single-group-user.service
|
||||
+++ b/test/test-execute/exec-supplementarygroups-single-group-user.service
|
||||
@@ -3,7 +3,7 @@
|
||||
Description=Test for Supplementary Group with only one group and uid 1
|
||||
|
||||
[Service]
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "1"'
|
||||
Type=oneshot
|
||||
User=1
|
||||
diff --git a/test/test-execute/exec-supplementarygroups-single-group.service b/test/test-execute/exec-supplementarygroups-single-group.service
|
||||
index c870774382..62275201cc 100644
|
||||
--- a/test/test-execute/exec-supplementarygroups-single-group.service
|
||||
+++ b/test/test-execute/exec-supplementarygroups-single-group.service
|
||||
@@ -3,7 +3,7 @@
|
||||
Description=Test for Supplementary Group with only one group
|
||||
|
||||
[Service]
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
ExecStart=/bin/sh -x -c 'test "$$(id -g)" = "1" && test "$$(id -u)" = "0"'
|
||||
Type=oneshot
|
||||
Group=1
|
||||
diff --git a/test/test-execute/exec-supplementarygroups.service b/test/test-execute/exec-supplementarygroups.service
|
||||
index 75601eab57..03406c3ee8 100644
|
||||
--- a/test/test-execute/exec-supplementarygroups.service
|
||||
+++ b/test/test-execute/exec-supplementarygroups.service
|
||||
@@ -3,7 +3,7 @@
|
||||
Description=Test for Supplementary Group
|
||||
|
||||
[Service]
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "%G" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
-ExecStart=/bin/sh -x -c 'HAVE=0; for g in $$(id -G); do test "$$g" = "1" && HAVE=1; done; test "$$HAVE" -eq 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "%G" && exit 0; done; exit 1'
|
||||
+ExecStart=/bin/sh -x -c 'for g in $$(id -G); do test "$$g" = "1" && exit 0; done; exit 1'
|
||||
Type=oneshot
|
||||
SupplementaryGroups=1
|
@ -1,671 +0,0 @@
|
||||
From 845417e653b42b8f3928c68955bd6416f2fa4509 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Tue, 1 Feb 2022 12:06:59 +0100
|
||||
Subject: [PATCH] tests: rework test macros to not take code as parameters
|
||||
|
||||
C macros are nasty. We use them, but we try to be conservative with
|
||||
them. In particular passing literal, complex code blocks as argument is
|
||||
icky, because of "," handling of C, and also because it's quite a
|
||||
challange for most code highlighters and similar. Hence, let's avoid
|
||||
that. Using macros for genreating functions is OK but if so, the
|
||||
parameters should be simple words, not full code blocks.
|
||||
|
||||
hence, rework DEFINE_CUSTOM_TEST_MAIN() to take a function name instead
|
||||
of code block as argument.
|
||||
|
||||
As side-effect this also fixes a bunch of cases where we might end up
|
||||
returning a negative value from main().
|
||||
|
||||
Some uses of DEFINE_CUSTOM_TEST_MAIN() inserted local variables into the
|
||||
main() functions, these are replaced by static variables, and their
|
||||
destructors by the static destructor logic.
|
||||
|
||||
This doesn't fix any bugs or so, it's just supposed to make the code
|
||||
easier to work with and improve it easthetically.
|
||||
|
||||
Or in other words: let's use macros where it really makes sense, but
|
||||
let's not go overboard with it.
|
||||
|
||||
(And yes, FOREACH_DIRENT() is another one of those macros that take
|
||||
code, and I dislike that too and regret I ever added that.)
|
||||
|
||||
(cherry picked from commit 99839c7ebd4b83a5b0d5982d669cfe10d1252e1f)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/shared/tests.h | 25 +++++++++++++-----
|
||||
src/test/test-barrier.c | 46 +++++++++++++++++----------------
|
||||
src/test/test-cgroup-setup.c | 15 ++++++-----
|
||||
src/test/test-chown-rec.c | 15 ++++++-----
|
||||
src/test/test-format-table.c | 14 +++++-----
|
||||
src/test/test-fs-util.c | 7 ++++-
|
||||
src/test/test-hashmap.c | 16 +++++++++---
|
||||
src/test/test-install-root.c | 14 +++++++---
|
||||
src/test/test-load-fragment.c | 21 ++++++++-------
|
||||
src/test/test-mountpoint-util.c | 30 +++++++++++----------
|
||||
src/test/test-namespace.c | 15 ++++++-----
|
||||
src/test/test-proc-cmdline.c | 15 ++++++-----
|
||||
src/test/test-process-util.c | 7 ++++-
|
||||
src/test/test-sd-hwdb.c | 21 ++++++++-------
|
||||
src/test/test-serialize.c | 16 ++++++------
|
||||
src/test/test-sleep.c | 15 ++++++-----
|
||||
src/test/test-stat-util.c | 7 ++++-
|
||||
src/test/test-time-util.c | 6 +++--
|
||||
src/test/test-unit-file.c | 7 ++++-
|
||||
src/test/test-unit-name.c | 21 ++++++++-------
|
||||
src/test/test-unit-serialize.c | 21 ++++++++-------
|
||||
src/test/test-utf8.c | 7 ++++-
|
||||
22 files changed, 215 insertions(+), 146 deletions(-)
|
||||
|
||||
diff --git a/src/shared/tests.h b/src/shared/tests.h
|
||||
index 3b93aab498..59448f38f6 100644
|
||||
--- a/src/shared/tests.h
|
||||
+++ b/src/shared/tests.h
|
||||
@@ -6,6 +6,7 @@
|
||||
#include "sd-daemon.h"
|
||||
|
||||
#include "macro.h"
|
||||
+#include "static-destruct.h"
|
||||
#include "util.h"
|
||||
|
||||
static inline bool manager_errno_skip_test(int r) {
|
||||
@@ -109,15 +110,27 @@ static inline int run_test_table(void) {
|
||||
return r;
|
||||
}
|
||||
|
||||
+static inline int test_nop(void) {
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
#define DEFINE_CUSTOM_TEST_MAIN(log_level, intro, outro) \
|
||||
int main(int argc, char *argv[]) { \
|
||||
- int _r = EXIT_SUCCESS; \
|
||||
+ int _r, _q; \
|
||||
test_setup_logging(log_level); \
|
||||
save_argc_argv(argc, argv); \
|
||||
- intro; \
|
||||
- _r = run_test_table(); \
|
||||
- outro; \
|
||||
- return _r; \
|
||||
+ _r = intro(); \
|
||||
+ if (_r == EXIT_SUCCESS) \
|
||||
+ _r = run_test_table(); \
|
||||
+ _q = outro(); \
|
||||
+ static_destruct(); \
|
||||
+ if (_r < 0) \
|
||||
+ return EXIT_FAILURE; \
|
||||
+ if (_r != EXIT_SUCCESS) \
|
||||
+ return _r; \
|
||||
+ if (_q < 0) \
|
||||
+ return EXIT_FAILURE; \
|
||||
+ return _q; \
|
||||
}
|
||||
|
||||
-#define DEFINE_TEST_MAIN(log_level) DEFINE_CUSTOM_TEST_MAIN(log_level, , )
|
||||
+#define DEFINE_TEST_MAIN(log_level) DEFINE_CUSTOM_TEST_MAIN(log_level, test_nop, test_nop)
|
||||
diff --git a/src/test/test-barrier.c b/src/test/test-barrier.c
|
||||
index 8998282afb..b87538806a 100644
|
||||
--- a/src/test/test-barrier.c
|
||||
+++ b/src/test/test-barrier.c
|
||||
@@ -421,25 +421,27 @@ TEST_BARRIER(barrier_pending_exit,
|
||||
}),
|
||||
TEST_BARRIER_WAIT_SUCCESS(pid2));
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_INFO,
|
||||
- ({
|
||||
- if (!slow_tests_enabled())
|
||||
- return log_tests_skipped("slow tests are disabled");
|
||||
-
|
||||
- /*
|
||||
- * This test uses real-time alarms and sleeps to test for CPU races
|
||||
- * explicitly. This is highly fragile if your system is under load. We
|
||||
- * already increased the BASE_TIME value to make the tests more robust,
|
||||
- * but that just makes the test take significantly longer. Given the recent
|
||||
- * issues when running the test in a virtualized environments, limit it
|
||||
- * to bare metal machines only, to minimize false-positives in CIs.
|
||||
- */
|
||||
- int v = detect_virtualization();
|
||||
- if (IN_SET(v, -EPERM, -EACCES))
|
||||
- return log_tests_skipped("Cannot detect virtualization");
|
||||
-
|
||||
- if (v != VIRTUALIZATION_NONE)
|
||||
- return log_tests_skipped("This test requires a baremetal machine");
|
||||
- }),
|
||||
- /* no outro */);
|
||||
+
|
||||
+static int intro(void) {
|
||||
+ if (!slow_tests_enabled())
|
||||
+ return log_tests_skipped("slow tests are disabled");
|
||||
+
|
||||
+ /*
|
||||
+ * This test uses real-time alarms and sleeps to test for CPU races explicitly. This is highly
|
||||
+ * fragile if your system is under load. We already increased the BASE_TIME value to make the tests
|
||||
+ * more robust, but that just makes the test take significantly longer. Given the recent issues when
|
||||
+ * running the test in a virtualized environments, limit it to bare metal machines only, to minimize
|
||||
+ * false-positives in CIs.
|
||||
+ */
|
||||
+
|
||||
+ int v = detect_virtualization();
|
||||
+ if (IN_SET(v, -EPERM, -EACCES))
|
||||
+ return log_tests_skipped("Cannot detect virtualization");
|
||||
+
|
||||
+ if (v != VIRTUALIZATION_NONE)
|
||||
+ return log_tests_skipped("This test requires a baremetal machine");
|
||||
+
|
||||
+ return EXIT_SUCCESS;
|
||||
+ }
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-cgroup-setup.c b/src/test/test-cgroup-setup.c
|
||||
index 018992f96d..6f93647685 100644
|
||||
--- a/src/test/test-cgroup-setup.c
|
||||
+++ b/src/test/test-cgroup-setup.c
|
||||
@@ -64,10 +64,11 @@ TEST(is_wanted) {
|
||||
test_is_wanted_print_one(false);
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_DEBUG,
|
||||
- ({
|
||||
- if (access("/proc/cmdline", R_OK) < 0 && ERRNO_IS_PRIVILEGE(errno))
|
||||
- return log_tests_skipped("can't read /proc/cmdline");
|
||||
- }),
|
||||
- /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ if (access("/proc/cmdline", R_OK) < 0 && ERRNO_IS_PRIVILEGE(errno))
|
||||
+ return log_tests_skipped("can't read /proc/cmdline");
|
||||
+
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
diff --git a/src/test/test-chown-rec.c b/src/test/test-chown-rec.c
|
||||
index 53d44566d5..691cfe767f 100644
|
||||
--- a/src/test/test-chown-rec.c
|
||||
+++ b/src/test/test-chown-rec.c
|
||||
@@ -149,10 +149,11 @@ TEST(chown_recursive) {
|
||||
assert_se(!has_xattr(p));
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_DEBUG,
|
||||
- ({
|
||||
- if (geteuid() != 0)
|
||||
- return log_tests_skipped("not running as root");
|
||||
- }),
|
||||
- /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ if (geteuid() != 0)
|
||||
+ return log_tests_skipped("not running as root");
|
||||
+
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
diff --git a/src/test/test-format-table.c b/src/test/test-format-table.c
|
||||
index a3b29ca337..7515a74c12 100644
|
||||
--- a/src/test/test-format-table.c
|
||||
+++ b/src/test/test-format-table.c
|
||||
@@ -529,10 +529,10 @@ TEST(table) {
|
||||
"5min 5min \n"));
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_INFO,
|
||||
- ({
|
||||
- assert_se(setenv("SYSTEMD_COLORS", "0", 1) >= 0);
|
||||
- assert_se(setenv("COLUMNS", "40", 1) >= 0);
|
||||
- }),
|
||||
- /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ assert_se(setenv("SYSTEMD_COLORS", "0", 1) >= 0);
|
||||
+ assert_se(setenv("COLUMNS", "40", 1) >= 0);
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c
|
||||
index 0e0d91d04e..da5a16b4bc 100644
|
||||
--- a/src/test/test-fs-util.c
|
||||
+++ b/src/test/test-fs-util.c
|
||||
@@ -968,4 +968,9 @@ TEST(open_mkdir_at) {
|
||||
assert_se(subsubdir_fd >= 0);
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, arg_test_dir = argv[1], /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ arg_test_dir = saved_argv[1];
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-hashmap.c b/src/test/test-hashmap.c
|
||||
index cba0c33a8a..4dc155d818 100644
|
||||
--- a/src/test/test-hashmap.c
|
||||
+++ b/src/test/test-hashmap.c
|
||||
@@ -158,7 +158,15 @@ TEST(hashmap_put_strdup_null) {
|
||||
/* This variable allows us to assert that the tests from different compilation units were actually run. */
|
||||
int n_extern_tests_run = 0;
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_INFO,
|
||||
- assert_se(n_extern_tests_run == 0),
|
||||
- assert_se(n_extern_tests_run == 2)); /* Ensure hashmap and ordered_hashmap were tested. */
|
||||
+static int intro(void) {
|
||||
+ assert_se(n_extern_tests_run == 0);
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+static int outro(void) {
|
||||
+ /* Ensure hashmap and ordered_hashmap were tested. */
|
||||
+ assert_se(n_extern_tests_run == 2);
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, outro);
|
||||
diff --git a/src/test/test-install-root.c b/src/test/test-install-root.c
|
||||
index ba715e6d7e..f540a832bd 100644
|
||||
--- a/src/test/test-install-root.c
|
||||
+++ b/src/test/test-install-root.c
|
||||
@@ -11,8 +11,11 @@
|
||||
#include "special.h"
|
||||
#include "string-util.h"
|
||||
#include "tests.h"
|
||||
+#include "tmpfile-util.h"
|
||||
|
||||
-static char root[] = "/tmp/rootXXXXXX";
|
||||
+static char *root = NULL;
|
||||
+
|
||||
+STATIC_DESTRUCTOR_REGISTER(root, rm_rf_physical_and_freep);
|
||||
|
||||
TEST(basic_mask_and_enable) {
|
||||
const char *p;
|
||||
@@ -1239,10 +1242,10 @@ TEST(verify_alias) {
|
||||
verify_one(&di_inst_template, "goo.target.conf/plain.service", -EXDEV, NULL);
|
||||
}
|
||||
|
||||
-static void setup_root(void) {
|
||||
+static int intro(void) {
|
||||
const char *p;
|
||||
|
||||
- assert_se(mkdtemp(root));
|
||||
+ assert_se(mkdtemp_malloc("/tmp/rootXXXXXX", &root) >= 0);
|
||||
|
||||
p = strjoina(root, "/usr/lib/systemd/system/");
|
||||
assert_se(mkdir_p(p, 0755) >= 0);
|
||||
@@ -1264,6 +1267,9 @@ static void setup_root(void) {
|
||||
|
||||
p = strjoina(root, "/usr/lib/systemd/system/graphical.target");
|
||||
assert_se(write_string_file(p, "# pretty much empty", WRITE_STRING_FILE_CREATE) >= 0);
|
||||
+
|
||||
+ return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, setup_root(), assert_se(rm_rf(root, REMOVE_ROOT|REMOVE_PHYSICAL) >= 0));
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-load-fragment.c b/src/test/test-load-fragment.c
|
||||
index e878979a89..2e105df56a 100644
|
||||
--- a/src/test/test-load-fragment.c
|
||||
+++ b/src/test/test-load-fragment.c
|
||||
@@ -30,6 +30,10 @@
|
||||
/* Nontrivial value serves as a placeholder to check that parsing function (didn't) change it */
|
||||
#define CGROUP_LIMIT_DUMMY 3
|
||||
|
||||
+static char *runtime_dir = NULL;
|
||||
+
|
||||
+STATIC_DESTRUCTOR_REGISTER(runtime_dir, rm_rf_physical_and_freep);
|
||||
+
|
||||
TEST_RET(unit_file_get_set) {
|
||||
int r;
|
||||
Hashmap *h;
|
||||
@@ -894,15 +898,12 @@ TEST(unit_is_recursive_template_dependency) {
|
||||
assert_se(unit_is_likely_recursive_template_dependency(u, "foobar@foobar@123.mount", "foobar@%n.mount") == 0);
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_INFO,
|
||||
+static int intro(void) {
|
||||
+ if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
|
||||
+ return log_tests_skipped("cgroupfs not available");
|
||||
|
||||
- _cleanup_(rm_rf_physical_and_freep) char *runtime_dir = NULL;
|
||||
- ({
|
||||
- if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
|
||||
- return log_tests_skipped("cgroupfs not available");
|
||||
-
|
||||
- assert_se(runtime_dir = setup_fake_runtime_dir());
|
||||
- }),
|
||||
+ assert_se(runtime_dir = setup_fake_runtime_dir());
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
|
||||
- /* no outro */);
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-mountpoint-util.c b/src/test/test-mountpoint-util.c
|
||||
index 9515d8cf7b..102d2850bf 100644
|
||||
--- a/src/test/test-mountpoint-util.c
|
||||
+++ b/src/test/test-mountpoint-util.c
|
||||
@@ -298,17 +298,19 @@ TEST(fd_is_mount_point) {
|
||||
assert_se(IN_SET(fd_is_mount_point(fd, "root/", 0), -ENOENT, 0));
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_DEBUG,
|
||||
- ({
|
||||
- /* let's move into our own mount namespace with all propagation from the host turned off, so
|
||||
- * that /proc/self/mountinfo is static and constant for the whole time our test runs. */
|
||||
- if (unshare(CLONE_NEWNS) < 0) {
|
||||
- if (!ERRNO_IS_PRIVILEGE(errno))
|
||||
- return log_error_errno(errno, "Failed to detach mount namespace: %m");
|
||||
-
|
||||
- log_notice("Lacking privilege to create separate mount namespace, proceeding in originating mount namespace.");
|
||||
- } else
|
||||
- assert_se(mount(NULL, "/", NULL, MS_PRIVATE | MS_REC, NULL) >= 0);
|
||||
- }),
|
||||
- /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ /* let's move into our own mount namespace with all propagation from the host turned off, so
|
||||
+ * that /proc/self/mountinfo is static and constant for the whole time our test runs. */
|
||||
+
|
||||
+ if (unshare(CLONE_NEWNS) < 0) {
|
||||
+ if (!ERRNO_IS_PRIVILEGE(errno))
|
||||
+ return log_error_errno(errno, "Failed to detach mount namespace: %m");
|
||||
+
|
||||
+ log_notice("Lacking privilege to create separate mount namespace, proceeding in originating mount namespace.");
|
||||
+ } else
|
||||
+ assert_se(mount(NULL, "/", NULL, MS_PRIVATE | MS_REC, NULL) >= 0);
|
||||
+
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
diff --git a/src/test/test-namespace.c b/src/test/test-namespace.c
|
||||
index 8df5533d6e..f9e34f3bfa 100644
|
||||
--- a/src/test/test-namespace.c
|
||||
+++ b/src/test/test-namespace.c
|
||||
@@ -220,10 +220,11 @@ TEST(protect_kernel_logs) {
|
||||
assert_se(wait_for_terminate_and_check("ns-kernellogs", pid, WAIT_LOG) == EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_INFO,
|
||||
- ({
|
||||
- if (!have_namespaces())
|
||||
- return log_tests_skipped("Don't have namespace support");
|
||||
- }),
|
||||
- /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ if (!have_namespaces())
|
||||
+ return log_tests_skipped("Don't have namespace support");
|
||||
+
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-proc-cmdline.c b/src/test/test-proc-cmdline.c
|
||||
index 1c8c9b80b7..064b4d838f 100644
|
||||
--- a/src/test/test-proc-cmdline.c
|
||||
+++ b/src/test/test-proc-cmdline.c
|
||||
@@ -247,10 +247,11 @@ TEST(proc_cmdline_key_startswith) {
|
||||
assert_se(!proc_cmdline_key_startswith("foo-bar", "foo_xx"));
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_INFO,
|
||||
- ({
|
||||
- if (access("/proc/cmdline", R_OK) < 0 && ERRNO_IS_PRIVILEGE(errno))
|
||||
- return log_tests_skipped("can't read /proc/cmdline");
|
||||
- }),
|
||||
- /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ if (access("/proc/cmdline", R_OK) < 0 && ERRNO_IS_PRIVILEGE(errno))
|
||||
+ return log_tests_skipped("can't read /proc/cmdline");
|
||||
+
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-process-util.c b/src/test/test-process-util.c
|
||||
index 06a640b1cc..8661934929 100644
|
||||
--- a/src/test/test-process-util.c
|
||||
+++ b/src/test/test-process-util.c
|
||||
@@ -895,4 +895,9 @@ TEST(set_oom_score_adjust) {
|
||||
assert_se(b == a);
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, log_show_color(true), /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ log_show_color(true);
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-sd-hwdb.c b/src/test/test-sd-hwdb.c
|
||||
index 7961c17c4a..88992a6c2b 100644
|
||||
--- a/src/test/test-sd-hwdb.c
|
||||
+++ b/src/test/test-sd-hwdb.c
|
||||
@@ -52,12 +52,15 @@ TEST(basic_enumerate) {
|
||||
assert_se(len1 == len2);
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_DEBUG,
|
||||
- ({
|
||||
- _cleanup_(sd_hwdb_unrefp) sd_hwdb *hwdb = NULL;
|
||||
- int r = sd_hwdb_new(&hwdb);
|
||||
- if (r == -ENOENT || ERRNO_IS_PRIVILEGE(r))
|
||||
- return log_tests_skipped_errno(r, "cannot open hwdb");
|
||||
- }),
|
||||
- /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ _cleanup_(sd_hwdb_unrefp) sd_hwdb *hwdb = NULL;
|
||||
+ int r;
|
||||
+
|
||||
+ r = sd_hwdb_new(&hwdb);
|
||||
+ if (r == -ENOENT || ERRNO_IS_PRIVILEGE(r))
|
||||
+ return log_tests_skipped_errno(r, "cannot open hwdb");
|
||||
+
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
diff --git a/src/test/test-serialize.c b/src/test/test-serialize.c
|
||||
index fb04b3e7fa..9aeb6c5920 100644
|
||||
--- a/src/test/test-serialize.c
|
||||
+++ b/src/test/test-serialize.c
|
||||
@@ -10,7 +10,7 @@
|
||||
#include "tests.h"
|
||||
#include "tmpfile-util.h"
|
||||
|
||||
-char long_string[LONG_LINE_MAX+1];
|
||||
+static char long_string[LONG_LINE_MAX+1];
|
||||
|
||||
TEST(serialize_item) {
|
||||
_cleanup_(unlink_tempfilep) char fn[] = "/tmp/test-serialize.XXXXXX";
|
||||
@@ -189,10 +189,10 @@ TEST(serialize_environment) {
|
||||
assert_se(strv_equal(env, env2));
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_INFO,
|
||||
- ({
|
||||
- memset(long_string, 'x', sizeof(long_string)-1);
|
||||
- char_array_0(long_string);
|
||||
- }),
|
||||
- /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ memset(long_string, 'x', sizeof(long_string)-1);
|
||||
+ char_array_0(long_string);
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-sleep.c b/src/test/test-sleep.c
|
||||
index 183ad4f7b7..f56e7e0167 100644
|
||||
--- a/src/test/test-sleep.c
|
||||
+++ b/src/test/test-sleep.c
|
||||
@@ -118,10 +118,11 @@ TEST(sleep) {
|
||||
log_info("Suspend-then-Hibernate configured and possible: %s", r >= 0 ? yes_no(r) : strerror_safe(r));
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_DEBUG,
|
||||
- ({
|
||||
- if (getuid() != 0)
|
||||
- log_warning("This program is unlikely to work for unprivileged users");
|
||||
- }),
|
||||
- /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ if (getuid() != 0)
|
||||
+ log_warning("This program is unlikely to work for unprivileged users");
|
||||
+
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
diff --git a/src/test/test-stat-util.c b/src/test/test-stat-util.c
|
||||
index 0f7b3ca3ce..2965ee679f 100644
|
||||
--- a/src/test/test-stat-util.c
|
||||
+++ b/src/test/test-stat-util.c
|
||||
@@ -236,4 +236,9 @@ TEST(dir_is_empty) {
|
||||
assert_se(dir_is_empty_at(AT_FDCWD, empty_dir) > 0);
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, log_show_color(true), /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ log_show_color(true);
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-time-util.c b/src/test/test-time-util.c
|
||||
index 4d0131827e..f21d8b7794 100644
|
||||
--- a/src/test/test-time-util.c
|
||||
+++ b/src/test/test-time-util.c
|
||||
@@ -588,7 +588,7 @@ TEST(map_clock_usec) {
|
||||
}
|
||||
}
|
||||
|
||||
-static void setup_test(void) {
|
||||
+static int intro(void) {
|
||||
log_info("realtime=" USEC_FMT "\n"
|
||||
"monotonic=" USEC_FMT "\n"
|
||||
"boottime=" USEC_FMT "\n",
|
||||
@@ -603,6 +603,8 @@ static void setup_test(void) {
|
||||
uintmax_t x = TIME_T_MAX;
|
||||
x++;
|
||||
assert_se((time_t) x < 0);
|
||||
+
|
||||
+ return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, setup_test(), /* no outro */);
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-unit-file.c b/src/test/test-unit-file.c
|
||||
index 0f8c25c218..6c9f245c7e 100644
|
||||
--- a/src/test/test-unit-file.c
|
||||
+++ b/src/test/test-unit-file.c
|
||||
@@ -102,4 +102,9 @@ TEST(runlevel_to_target) {
|
||||
assert_se(streq_ptr(runlevel_to_target("rd.rescue"), SPECIAL_RESCUE_TARGET));
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, log_show_color(true), /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ log_show_color(true);
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
diff --git a/src/test/test-unit-name.c b/src/test/test-unit-name.c
|
||||
index 6bde9e090d..1f65407e5f 100644
|
||||
--- a/src/test/test-unit-name.c
|
||||
+++ b/src/test/test-unit-name.c
|
||||
@@ -23,6 +23,10 @@
|
||||
#include "user-util.h"
|
||||
#include "util.h"
|
||||
|
||||
+static char *runtime_dir = NULL;
|
||||
+
|
||||
+STATIC_DESTRUCTOR_REGISTER(runtime_dir, rm_rf_physical_and_freep);
|
||||
+
|
||||
static void test_unit_name_is_valid_one(const char *name, UnitNameFlags flags, bool expected) {
|
||||
log_info("%s ( %s%s%s ): %s",
|
||||
name,
|
||||
@@ -844,15 +848,12 @@ TEST(unit_name_prefix_equal) {
|
||||
assert_se(!unit_name_prefix_equal("a", "a"));
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_INFO,
|
||||
+static int intro(void) {
|
||||
+ if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
|
||||
+ return log_tests_skipped("cgroupfs not available");
|
||||
|
||||
- _cleanup_(rm_rf_physical_and_freep) char *runtime_dir = NULL;
|
||||
- ({
|
||||
- if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
|
||||
- return log_tests_skipped("cgroupfs not available");
|
||||
-
|
||||
- assert_se(runtime_dir = setup_fake_runtime_dir());
|
||||
- }),
|
||||
+ assert_se(runtime_dir = setup_fake_runtime_dir());
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
|
||||
- /* no outro */);
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
diff --git a/src/test/test-unit-serialize.c b/src/test/test-unit-serialize.c
|
||||
index 899fdc000c..5d39176db2 100644
|
||||
--- a/src/test/test-unit-serialize.c
|
||||
+++ b/src/test/test-unit-serialize.c
|
||||
@@ -4,6 +4,10 @@
|
||||
#include "service.h"
|
||||
#include "tests.h"
|
||||
|
||||
+static char *runtime_dir = NULL;
|
||||
+
|
||||
+STATIC_DESTRUCTOR_REGISTER(runtime_dir, rm_rf_physical_and_freep);
|
||||
+
|
||||
#define EXEC_START_ABSOLUTE \
|
||||
"ExecStart 0 /bin/sh \"sh\" \"-e\" \"-x\" \"-c\" \"systemctl --state=failed --no-legend --no-pager >/failed ; systemctl daemon-reload ; echo OK >/testok\""
|
||||
#define EXEC_START_RELATIVE \
|
||||
@@ -48,15 +52,12 @@ TEST(deserialize_exec_command) {
|
||||
test_deserialize_exec_command_one(m, "control-command", "ExecWhat 11 /a/b c d e", -EINVAL);
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(
|
||||
- LOG_DEBUG,
|
||||
+static int intro(void) {
|
||||
+ if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
|
||||
+ return log_tests_skipped("cgroupfs not available");
|
||||
|
||||
- _cleanup_(rm_rf_physical_and_freep) char *runtime_dir = NULL;
|
||||
- ({
|
||||
- if (enter_cgroup_subroot(NULL) == -ENOMEDIUM)
|
||||
- return log_tests_skipped("cgroupfs not available");
|
||||
-
|
||||
- assert_se(runtime_dir = setup_fake_runtime_dir());
|
||||
- }),
|
||||
+ assert_se(runtime_dir = setup_fake_runtime_dir());
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
|
||||
- /* no outro */);
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
diff --git a/src/test/test-utf8.c b/src/test/test-utf8.c
|
||||
index a21fcd6fd2..1b31d1f852 100644
|
||||
--- a/src/test/test-utf8.c
|
||||
+++ b/src/test/test-utf8.c
|
||||
@@ -231,4 +231,9 @@ TEST(utf8_to_utf16) {
|
||||
}
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, log_show_color(true), /* no outro */);
|
||||
+static int intro(void) {
|
||||
+ log_show_color(true);
|
||||
+ return EXIT_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
@ -1,300 +0,0 @@
|
||||
From 0be677fb6663ab6bfd02eae6ad32e7f031cfde0f Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Wed, 2 Feb 2022 11:06:41 +0900
|
||||
Subject: [PATCH] test: allow to set NULL to intro or outro
|
||||
|
||||
Addresses https://github.com/systemd/systemd/pull/22338#discussion_r796741033.
|
||||
|
||||
(cherry picked from commit e85fdacc8ad7d91f140a135aaa3fd5372d3fa47c)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/shared/tests.h | 45 +++++++++++++++++----------------
|
||||
src/test/test-barrier.c | 2 +-
|
||||
src/test/test-cgroup-setup.c | 2 +-
|
||||
src/test/test-chown-rec.c | 2 +-
|
||||
src/test/test-format-table.c | 2 +-
|
||||
src/test/test-fs-util.c | 2 +-
|
||||
src/test/test-hashmap.c | 2 +-
|
||||
src/test/test-install-root.c | 2 +-
|
||||
src/test/test-load-fragment.c | 2 +-
|
||||
src/test/test-mountpoint-util.c | 2 +-
|
||||
src/test/test-namespace.c | 2 +-
|
||||
src/test/test-proc-cmdline.c | 2 +-
|
||||
src/test/test-process-util.c | 2 +-
|
||||
src/test/test-sd-hwdb.c | 2 +-
|
||||
src/test/test-serialize.c | 2 +-
|
||||
src/test/test-sleep.c | 2 +-
|
||||
src/test/test-stat-util.c | 2 +-
|
||||
src/test/test-time-util.c | 2 +-
|
||||
src/test/test-unit-file.c | 2 +-
|
||||
src/test/test-unit-name.c | 2 +-
|
||||
src/test/test-unit-serialize.c | 2 +-
|
||||
src/test/test-utf8.c | 2 +-
|
||||
22 files changed, 44 insertions(+), 43 deletions(-)
|
||||
|
||||
diff --git a/src/shared/tests.h b/src/shared/tests.h
|
||||
index 59448f38f6..ef6acd368e 100644
|
||||
--- a/src/shared/tests.h
|
||||
+++ b/src/shared/tests.h
|
||||
@@ -110,27 +110,28 @@ static inline int run_test_table(void) {
|
||||
return r;
|
||||
}
|
||||
|
||||
-static inline int test_nop(void) {
|
||||
- return EXIT_SUCCESS;
|
||||
-}
|
||||
-
|
||||
-#define DEFINE_CUSTOM_TEST_MAIN(log_level, intro, outro) \
|
||||
- int main(int argc, char *argv[]) { \
|
||||
- int _r, _q; \
|
||||
- test_setup_logging(log_level); \
|
||||
- save_argc_argv(argc, argv); \
|
||||
- _r = intro(); \
|
||||
- if (_r == EXIT_SUCCESS) \
|
||||
- _r = run_test_table(); \
|
||||
- _q = outro(); \
|
||||
- static_destruct(); \
|
||||
- if (_r < 0) \
|
||||
- return EXIT_FAILURE; \
|
||||
- if (_r != EXIT_SUCCESS) \
|
||||
- return _r; \
|
||||
- if (_q < 0) \
|
||||
- return EXIT_FAILURE; \
|
||||
- return _q; \
|
||||
+#define DEFINE_TEST_MAIN_FULL(log_level, intro, outro) \
|
||||
+ int main(int argc, char *argv[]) { \
|
||||
+ int (*_intro)(void) = intro; \
|
||||
+ int (*_outro)(void) = outro; \
|
||||
+ int _r, _q; \
|
||||
+ test_setup_logging(log_level); \
|
||||
+ save_argc_argv(argc, argv); \
|
||||
+ _r = _intro ? _intro() : EXIT_SUCCESS; \
|
||||
+ if (_r == EXIT_SUCCESS) \
|
||||
+ _r = run_test_table(); \
|
||||
+ _q = _outro ? _outro() : EXIT_SUCCESS; \
|
||||
+ static_destruct(); \
|
||||
+ if (_r < 0) \
|
||||
+ return EXIT_FAILURE; \
|
||||
+ if (_r != EXIT_SUCCESS) \
|
||||
+ return _r; \
|
||||
+ if (_q < 0) \
|
||||
+ return EXIT_FAILURE; \
|
||||
+ return _q; \
|
||||
}
|
||||
|
||||
-#define DEFINE_TEST_MAIN(log_level) DEFINE_CUSTOM_TEST_MAIN(log_level, test_nop, test_nop)
|
||||
+#define DEFINE_TEST_MAIN_WITH_INTRO(log_level, intro) \
|
||||
+ DEFINE_TEST_MAIN_FULL(log_level, intro, NULL)
|
||||
+#define DEFINE_TEST_MAIN(log_level) \
|
||||
+ DEFINE_TEST_MAIN_FULL(log_level, NULL, NULL)
|
||||
diff --git a/src/test/test-barrier.c b/src/test/test-barrier.c
|
||||
index b87538806a..bbd7e2bddb 100644
|
||||
--- a/src/test/test-barrier.c
|
||||
+++ b/src/test/test-barrier.c
|
||||
@@ -444,4 +444,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-cgroup-setup.c b/src/test/test-cgroup-setup.c
|
||||
index 6f93647685..c377ff0a00 100644
|
||||
--- a/src/test/test-cgroup-setup.c
|
||||
+++ b/src/test/test-cgroup-setup.c
|
||||
@@ -71,4 +71,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
|
||||
diff --git a/src/test/test-chown-rec.c b/src/test/test-chown-rec.c
|
||||
index 691cfe767f..97711f58b0 100644
|
||||
--- a/src/test/test-chown-rec.c
|
||||
+++ b/src/test/test-chown-rec.c
|
||||
@@ -156,4 +156,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
|
||||
diff --git a/src/test/test-format-table.c b/src/test/test-format-table.c
|
||||
index 7515a74c12..1b4963d928 100644
|
||||
--- a/src/test/test-format-table.c
|
||||
+++ b/src/test/test-format-table.c
|
||||
@@ -535,4 +535,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c
|
||||
index da5a16b4bc..602ce75f98 100644
|
||||
--- a/src/test/test-fs-util.c
|
||||
+++ b/src/test/test-fs-util.c
|
||||
@@ -973,4 +973,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-hashmap.c b/src/test/test-hashmap.c
|
||||
index 4dc155d818..dbf762cc0b 100644
|
||||
--- a/src/test/test-hashmap.c
|
||||
+++ b/src/test/test-hashmap.c
|
||||
@@ -169,4 +169,4 @@ static int outro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, outro);
|
||||
+DEFINE_TEST_MAIN_FULL(LOG_INFO, intro, outro);
|
||||
diff --git a/src/test/test-install-root.c b/src/test/test-install-root.c
|
||||
index f540a832bd..f718689c3a 100644
|
||||
--- a/src/test/test-install-root.c
|
||||
+++ b/src/test/test-install-root.c
|
||||
@@ -1272,4 +1272,4 @@ static int intro(void) {
|
||||
}
|
||||
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-load-fragment.c b/src/test/test-load-fragment.c
|
||||
index 2e105df56a..1bd68c7e0a 100644
|
||||
--- a/src/test/test-load-fragment.c
|
||||
+++ b/src/test/test-load-fragment.c
|
||||
@@ -906,4 +906,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-mountpoint-util.c b/src/test/test-mountpoint-util.c
|
||||
index 102d2850bf..4d140c42b6 100644
|
||||
--- a/src/test/test-mountpoint-util.c
|
||||
+++ b/src/test/test-mountpoint-util.c
|
||||
@@ -313,4 +313,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
|
||||
diff --git a/src/test/test-namespace.c b/src/test/test-namespace.c
|
||||
index f9e34f3bfa..7a634adca9 100644
|
||||
--- a/src/test/test-namespace.c
|
||||
+++ b/src/test/test-namespace.c
|
||||
@@ -227,4 +227,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-proc-cmdline.c b/src/test/test-proc-cmdline.c
|
||||
index 064b4d838f..1f43bb3eb0 100644
|
||||
--- a/src/test/test-proc-cmdline.c
|
||||
+++ b/src/test/test-proc-cmdline.c
|
||||
@@ -254,4 +254,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-process-util.c b/src/test/test-process-util.c
|
||||
index 8661934929..7a8adad50c 100644
|
||||
--- a/src/test/test-process-util.c
|
||||
+++ b/src/test/test-process-util.c
|
||||
@@ -900,4 +900,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-sd-hwdb.c b/src/test/test-sd-hwdb.c
|
||||
index 88992a6c2b..4251e2a809 100644
|
||||
--- a/src/test/test-sd-hwdb.c
|
||||
+++ b/src/test/test-sd-hwdb.c
|
||||
@@ -63,4 +63,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
|
||||
diff --git a/src/test/test-serialize.c b/src/test/test-serialize.c
|
||||
index 9aeb6c5920..bcf2e843b0 100644
|
||||
--- a/src/test/test-serialize.c
|
||||
+++ b/src/test/test-serialize.c
|
||||
@@ -195,4 +195,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-sleep.c b/src/test/test-sleep.c
|
||||
index f56e7e0167..5aebcdd935 100644
|
||||
--- a/src/test/test-sleep.c
|
||||
+++ b/src/test/test-sleep.c
|
||||
@@ -125,4 +125,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
|
||||
diff --git a/src/test/test-stat-util.c b/src/test/test-stat-util.c
|
||||
index 2965ee679f..7f633ab259 100644
|
||||
--- a/src/test/test-stat-util.c
|
||||
+++ b/src/test/test-stat-util.c
|
||||
@@ -241,4 +241,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-time-util.c b/src/test/test-time-util.c
|
||||
index f21d8b7794..554693834b 100644
|
||||
--- a/src/test/test-time-util.c
|
||||
+++ b/src/test/test-time-util.c
|
||||
@@ -607,4 +607,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-unit-file.c b/src/test/test-unit-file.c
|
||||
index 6c9f245c7e..cc08a4ae4b 100644
|
||||
--- a/src/test/test-unit-file.c
|
||||
+++ b/src/test/test-unit-file.c
|
||||
@@ -107,4 +107,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
|
||||
diff --git a/src/test/test-unit-name.c b/src/test/test-unit-name.c
|
||||
index 1f65407e5f..8cd0e0b4a1 100644
|
||||
--- a/src/test/test-unit-name.c
|
||||
+++ b/src/test/test-unit-name.c
|
||||
@@ -856,4 +856,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
||||
diff --git a/src/test/test-unit-serialize.c b/src/test/test-unit-serialize.c
|
||||
index 5d39176db2..3ef15f3b1e 100644
|
||||
--- a/src/test/test-unit-serialize.c
|
||||
+++ b/src/test/test-unit-serialize.c
|
||||
@@ -60,4 +60,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_DEBUG, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_DEBUG, intro);
|
||||
diff --git a/src/test/test-utf8.c b/src/test/test-utf8.c
|
||||
index 1b31d1f852..7337b81227 100644
|
||||
--- a/src/test/test-utf8.c
|
||||
+++ b/src/test/test-utf8.c
|
||||
@@ -236,4 +236,4 @@ static int intro(void) {
|
||||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
-DEFINE_CUSTOM_TEST_MAIN(LOG_INFO, intro, test_nop);
|
||||
+DEFINE_TEST_MAIN_WITH_INTRO(LOG_INFO, intro);
|
@ -0,0 +1,29 @@
|
||||
From 6d8f91ab2f7db862d95d0565bad3aaf4279c00bc Mon Sep 17 00:00:00 2001
|
||||
From: Luca Boccassi <bluca@debian.org>
|
||||
Date: Thu, 3 Nov 2022 20:10:57 +0000
|
||||
Subject: [PATCH] tmpfiles.d: do not fail if provision.conf fails
|
||||
|
||||
On a read-only filesystem creating /root/.ssh might fail, but that's ok.
|
||||
Do not fail the run, as this is only needed to add the credential, which
|
||||
is a separate step.
|
||||
|
||||
(cherry picked from commit e0fc9be37e4d15e2c322eb8281692c2639dac023)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
tmpfiles.d/provision.conf | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/tmpfiles.d/provision.conf b/tmpfiles.d/provision.conf
|
||||
index 3c56f42d58..093104aaaf 100644
|
||||
--- a/tmpfiles.d/provision.conf
|
||||
+++ b/tmpfiles.d/provision.conf
|
||||
@@ -17,6 +17,6 @@ f^ /etc/issue.d/50-provision.conf - - - - login.issue
|
||||
f^ /etc/hosts - - - - network.hosts
|
||||
|
||||
# Provision SSH key for root
|
||||
-d /root :0700 root :root -
|
||||
-d /root/.ssh :0700 root :root -
|
||||
+d- /root :0700 root :root -
|
||||
+d- /root/.ssh :0700 root :root -
|
||||
f^ /root/.ssh/authorized_keys :0600 root :root - ssh.authorized_keys.root
|
@ -0,0 +1,31 @@
|
||||
From d3b559f5e561750e6c50449b2ca84b40abeb492d Mon Sep 17 00:00:00 2001
|
||||
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
|
||||
Date: Fri, 4 Nov 2022 09:57:24 +0100
|
||||
Subject: [PATCH] kernel-install/90-loaderentry: do not add multiple
|
||||
systemd.machine_id options
|
||||
|
||||
Do not unconditionally add a new systemd.machine_id command line option, first
|
||||
check if it already exists with the expected value.
|
||||
|
||||
Fixes #25203
|
||||
|
||||
(cherry picked from commit 981502c5cc9ce32c3f77ff74aad87cd6f0da3b16)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
src/kernel-install/90-loaderentry.install | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
|
||||
index 743af33aa9..ea75e1b0d8 100755
|
||||
--- a/src/kernel-install/90-loaderentry.install
|
||||
+++ b/src/kernel-install/90-loaderentry.install
|
||||
@@ -85,7 +85,7 @@ BOOT_OPTIONS="${BOOT_OPTIONS% }"
|
||||
# command line with the machine ID we use, so that the machine ID remains
|
||||
# stable, even during factory reset, in the initrd (where the system's machine
|
||||
# ID is not directly accessible yet), and if the root file system is volatile.
|
||||
-if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ]; then
|
||||
+if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ] && ! echo "$BOOT_OPTIONS" | grep -q "systemd.machine_id=$MACHINE_ID"; then
|
||||
BOOT_OPTIONS="$BOOT_OPTIONS systemd.machine_id=$MACHINE_ID"
|
||||
fi
|
||||
|
@ -0,0 +1,120 @@
|
||||
From 1b7dfe48d6d66cad5d0368b8e8b387a4d9586ccd Mon Sep 17 00:00:00 2001
|
||||
From: Daan De Meyer <daan.j.demeyer@gmail.com>
|
||||
Date: Thu, 27 Oct 2022 11:12:10 +0200
|
||||
Subject: [PATCH] condition: Check that subsystem is enabled in
|
||||
ConditionSecurity=tpm2
|
||||
|
||||
Instead of succeeding when either the firmware reports a TPM device
|
||||
or we find a TPM device, let's check that the firmware reports a TPM
|
||||
device and the TPM subsystem is enabled in the kernel.
|
||||
|
||||
To check whether the subsystem enabled, we check if the relevant
|
||||
subdirectory in /sys exists at all.
|
||||
|
||||
(cherry picked from commit 300bba79c22e4be1effe2faad0e59ac725d396a1)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
man/systemd-creds.xml | 4 ++--
|
||||
src/creds/creds.c | 6 ++++--
|
||||
src/shared/condition.c | 9 ++++-----
|
||||
src/shared/tpm2-util.c | 6 +++++-
|
||||
src/shared/tpm2-util.h | 11 ++++++-----
|
||||
5 files changed, 21 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/man/systemd-creds.xml b/man/systemd-creds.xml
|
||||
index 1e5632e63d..003fbcd463 100644
|
||||
--- a/man/systemd-creds.xml
|
||||
+++ b/man/systemd-creds.xml
|
||||
@@ -175,8 +175,8 @@
|
||||
by the OS kernel drivers and by userspace (i.e. systemd) this prints <literal>yes</literal> and exits
|
||||
with exit status zero. If no such device is discovered/supported/used, prints
|
||||
<literal>no</literal>. Otherwise prints <literal>partial</literal>. In either of these two cases
|
||||
- exits with non-zero exit status. It also shows three lines indicating separately whether drivers,
|
||||
- firmware and the system discovered/support/use TPM2.</para>
|
||||
+ exits with non-zero exit status. It also shows four lines indicating separately whether firmware,
|
||||
+ drivers, the system and the kernel discovered/support/use TPM2.</para>
|
||||
|
||||
<para>Combine with <option>--quiet</option> to suppress the output.</para></listitem>
|
||||
</varlistentry>
|
||||
diff --git a/src/creds/creds.c b/src/creds/creds.c
|
||||
index 5586fd776a..a755a52c34 100644
|
||||
--- a/src/creds/creds.c
|
||||
+++ b/src/creds/creds.c
|
||||
@@ -637,10 +637,12 @@ static int verb_has_tpm2(int argc, char **argv, void *userdata) {
|
||||
|
||||
printf("%sfirmware\n"
|
||||
"%sdriver\n"
|
||||
- "%ssystem\n",
|
||||
+ "%ssystem\n"
|
||||
+ "%ssubsystem\n",
|
||||
plus_minus(s & TPM2_SUPPORT_FIRMWARE),
|
||||
plus_minus(s & TPM2_SUPPORT_DRIVER),
|
||||
- plus_minus(s & TPM2_SUPPORT_SYSTEM));
|
||||
+ plus_minus(s & TPM2_SUPPORT_SYSTEM),
|
||||
+ plus_minus(s & TPM2_SUPPORT_SUBSYSTEM));
|
||||
}
|
||||
|
||||
/* Return inverted bit flags. So that TPM2_SUPPORT_FULL becomes EXIT_SUCCESS and the other values
|
||||
diff --git a/src/shared/condition.c b/src/shared/condition.c
|
||||
index 310ffcbdc6..a23d6a3e45 100644
|
||||
--- a/src/shared/condition.c
|
||||
+++ b/src/shared/condition.c
|
||||
@@ -664,14 +664,13 @@ static int condition_test_ac_power(Condition *c, char **env) {
|
||||
}
|
||||
|
||||
static int has_tpm2(void) {
|
||||
- /* Checks whether the system has at least one TPM2 resource manager device, i.e. at least one "tpmrm"
|
||||
- * class device. Alternatively, we are also happy if the firmware reports support (this is to cover
|
||||
- * for cases where we simply haven't loaded the driver for it yet, i.e. during early boot where we
|
||||
- * very likely want to use this condition check).
|
||||
+ /* Checks whether the kernel has the TPM subsystem enabled and the firmware reports support. Note
|
||||
+ * we don't check for actual TPM devices, since we might not have loaded the driver for it yet, i.e.
|
||||
+ * during early boot where we very likely want to use this condition check).
|
||||
*
|
||||
* Note that we don't check if we ourselves are built with TPM2 support here! */
|
||||
|
||||
- return (tpm2_support() & (TPM2_SUPPORT_DRIVER|TPM2_SUPPORT_FIRMWARE)) != 0;
|
||||
+ return FLAGS_SET(tpm2_support(), TPM2_SUPPORT_SUBSYSTEM|TPM2_SUPPORT_FIRMWARE);
|
||||
}
|
||||
|
||||
static int condition_test_security(Condition *c, char **env) {
|
||||
diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
|
||||
index 13e92c4144..65e8d48347 100644
|
||||
--- a/src/shared/tpm2-util.c
|
||||
+++ b/src/shared/tpm2-util.c
|
||||
@@ -2189,7 +2189,11 @@ Tpm2Support tpm2_support(void) {
|
||||
if (r != -ENOENT)
|
||||
log_debug_errno(r, "Unable to test whether /sys/class/tpmrm/ exists and is populated, assuming it is not: %m");
|
||||
} else if (r == 0) /* populated! */
|
||||
- support |= TPM2_SUPPORT_DRIVER;
|
||||
+ support |= TPM2_SUPPORT_SUBSYSTEM|TPM2_SUPPORT_DRIVER;
|
||||
+ else
|
||||
+ /* If the directory exists but is empty, we know the subsystem is enabled but no
|
||||
+ * driver has been loaded yet. */
|
||||
+ support |= TPM2_SUPPORT_SUBSYSTEM;
|
||||
}
|
||||
|
||||
if (efi_has_tpm2())
|
||||
diff --git a/src/shared/tpm2-util.h b/src/shared/tpm2-util.h
|
||||
index 048c28d6ca..c240335ae6 100644
|
||||
--- a/src/shared/tpm2-util.h
|
||||
+++ b/src/shared/tpm2-util.h
|
||||
@@ -137,11 +137,12 @@ typedef struct {
|
||||
typedef enum Tpm2Support {
|
||||
/* NOTE! The systemd-creds tool returns these flags 1:1 as exit status. Hence these flags are pretty
|
||||
* much ABI! Hence, be extra careful when changing/extending these definitions. */
|
||||
- TPM2_SUPPORT_NONE = 0, /* no support */
|
||||
- TPM2_SUPPORT_FIRMWARE = 1 << 0, /* firmware reports TPM2 was used */
|
||||
- TPM2_SUPPORT_DRIVER = 1 << 1, /* the kernel has a driver loaded for it */
|
||||
- TPM2_SUPPORT_SYSTEM = 1 << 2, /* we support it ourselves */
|
||||
- TPM2_SUPPORT_FULL = TPM2_SUPPORT_FIRMWARE|TPM2_SUPPORT_DRIVER|TPM2_SUPPORT_SYSTEM,
|
||||
+ TPM2_SUPPORT_NONE = 0, /* no support */
|
||||
+ TPM2_SUPPORT_FIRMWARE = 1 << 0, /* firmware reports TPM2 was used */
|
||||
+ TPM2_SUPPORT_DRIVER = 1 << 1, /* the kernel has a driver loaded for it */
|
||||
+ TPM2_SUPPORT_SYSTEM = 1 << 2, /* we support it ourselves */
|
||||
+ TPM2_SUPPORT_SUBSYSTEM = 1 << 3, /* the kernel has the tpm subsystem enabled */
|
||||
+ TPM2_SUPPORT_FULL = TPM2_SUPPORT_FIRMWARE|TPM2_SUPPORT_DRIVER|TPM2_SUPPORT_SYSTEM|TPM2_SUPPORT_SUBSYSTEM,
|
||||
} Tpm2Support;
|
||||
|
||||
Tpm2Support tpm2_support(void);
|
@ -0,0 +1,52 @@
|
||||
From f0839034c9910529f368e60262b5653afad58f63 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Mon, 7 Nov 2022 16:39:12 +0100
|
||||
Subject: [PATCH] semaphore: remove the Semaphore repositories recursively
|
||||
|
||||
The list of disabled repositories was recently converted from a single
|
||||
file into a directory with separate repository files, so let's adjust
|
||||
the setup script accordingly.
|
||||
|
||||
```
|
||||
$ ls -lR /etc/apt/sources.list.d/
|
||||
/etc/apt/sources.list.d/:
|
||||
total 36
|
||||
-rw-r--r-- 1 root root 76 Nov 3 10:28 azure-cli.list
|
||||
-rw-r--r-- 1 root root 72 Nov 3 10:22 bazel.list
|
||||
drwxr-xr-x 2 root root 4096 Nov 3 10:31 disabled
|
||||
-rw-r--r-- 1 root root 113 Nov 3 10:13 docker-source.list
|
||||
-rw-r--r-- 1 root root 367 Nov 3 10:28 github_git-lfs.list
|
||||
-rw-r--r-- 1 root root 111 Nov 3 10:25 google-chrome-source.list
|
||||
-rw-r--r-- 1 root root 64 Nov 3 10:14 google-cloud-sdk.list
|
||||
-rw-r--r-- 1 root root 54 Nov 3 10:23 helm-stable-debian.list
|
||||
-rw-r--r-- 1 root root 89 Nov 3 10:29 yarn-source.list
|
||||
|
||||
/etc/apt/sources.list.d/disabled:
|
||||
total 20
|
||||
-rw-r--r-- 1 root root 100 Nov 3 10:23 devel_kubic_libcontainers_stable.list
|
||||
-rw-r--r-- 1 root root 103 Nov 3 10:27 git.list
|
||||
-rw-r--r-- 1 root root 105 Nov 3 10:22 gradle.list
|
||||
-rw-r--r-- 1 root root 118 Nov 3 10:13 pypy.list
|
||||
-rw-r--r-- 1 root root 104 Nov 3 10:13 python.list
|
||||
```
|
||||
|
||||
(cherry picked from commit 610eb3f8260ecbb161db5186a5e27417f3110a68)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
.semaphore/semaphore-runner.sh | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/.semaphore/semaphore-runner.sh b/.semaphore/semaphore-runner.sh
|
||||
index 98fd7b4411..b0d32bd136 100755
|
||||
--- a/.semaphore/semaphore-runner.sh
|
||||
+++ b/.semaphore/semaphore-runner.sh
|
||||
@@ -55,7 +55,7 @@ for phase in "${PHASES[@]}"; do
|
||||
case "$phase" in
|
||||
SETUP)
|
||||
# remove semaphore repos, some of them don't work and cause error messages
|
||||
- sudo rm -f /etc/apt/sources.list.d/*
|
||||
+ sudo rm -rf /etc/apt/sources.list.d/*
|
||||
|
||||
# enable backports for latest LXC
|
||||
echo "deb http://archive.ubuntu.com/ubuntu $UBUNTU_RELEASE-backports main restricted universe multiverse" | sudo tee -a /etc/apt/sources.list.d/backports.list
|
@ -0,0 +1,29 @@
|
||||
From c440081c968c93d527d441f4d106e0acad9540eb Mon Sep 17 00:00:00 2001
|
||||
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
|
||||
Date: Mon, 7 Nov 2022 15:25:25 +0100
|
||||
Subject: [PATCH] kernel-install/90-loaderentry: do not override an existing
|
||||
systemd.machine_id
|
||||
|
||||
If the systemd.machine_id command line option is already set, do not override
|
||||
it.
|
||||
|
||||
(cherry picked from commit 802d9219aa19d759113dd6cd1e91b2bb661fe9ba)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
src/kernel-install/90-loaderentry.install | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
|
||||
index ea75e1b0d8..41a05534b9 100755
|
||||
--- a/src/kernel-install/90-loaderentry.install
|
||||
+++ b/src/kernel-install/90-loaderentry.install
|
||||
@@ -85,7 +85,7 @@ BOOT_OPTIONS="${BOOT_OPTIONS% }"
|
||||
# command line with the machine ID we use, so that the machine ID remains
|
||||
# stable, even during factory reset, in the initrd (where the system's machine
|
||||
# ID is not directly accessible yet), and if the root file system is volatile.
|
||||
-if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ] && ! echo "$BOOT_OPTIONS" | grep -q "systemd.machine_id=$MACHINE_ID"; then
|
||||
+if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ] && ! echo "$BOOT_OPTIONS" | grep -q "systemd.machine_id="; then
|
||||
BOOT_OPTIONS="$BOOT_OPTIONS systemd.machine_id=$MACHINE_ID"
|
||||
fi
|
||||
|
@ -1,34 +0,0 @@
|
||||
From be021c2328550a9d5b987cb206eda5df90b45acd Mon Sep 17 00:00:00 2001
|
||||
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||
Date: Sun, 26 Dec 2021 01:11:00 +0000
|
||||
Subject: [PATCH] ci: replace apt-key with signed-by
|
||||
|
||||
to limit the scope of the key to apt.llvm.org only.
|
||||
|
||||
This is mostly inspired by https://blog.cloudflare.com/dont-use-apt-key/
|
||||
|
||||
(cherry picked from commit bfa6bd1be098adc4710e1819b9cd34d65b3855da)
|
||||
|
||||
Related: #2013213
|
||||
---
|
||||
.github/workflows/build_test.sh | 7 ++++---
|
||||
1 file changed, 4 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh
|
||||
index 5b18784461..549e59b2c9 100755
|
||||
--- a/.github/workflows/build_test.sh
|
||||
+++ b/.github/workflows/build_test.sh
|
||||
@@ -80,9 +80,10 @@ if [[ "$COMPILER" == clang ]]; then
|
||||
# llvm package if available in such cases to avoid that.
|
||||
if ! apt show --quiet "llvm-$COMPILER_VERSION" &>/dev/null; then
|
||||
# Latest LLVM stack deb packages provided by https://apt.llvm.org/
|
||||
- # Following snippet was borrowed from https://apt.llvm.org/llvm.sh
|
||||
- wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add -
|
||||
- add-apt-repository -y "deb http://apt.llvm.org/$RELEASE/ llvm-toolchain-$RELEASE-$COMPILER_VERSION main"
|
||||
+ # Following snippet was partly borrowed from https://apt.llvm.org/llvm.sh
|
||||
+ wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --yes --dearmor --output /usr/share/keyrings/apt-llvm-org.gpg
|
||||
+ printf "deb [signed-by=/usr/share/keyrings/apt-llvm-org.gpg] http://apt.llvm.org/%s/ llvm-toolchain-%s-%s main\n" \
|
||||
+ "$RELEASE" "$RELEASE" "$COMPILER_VERSION" >/etc/apt/sources.list.d/llvm-toolchain.list
|
||||
PACKAGES+=("clang-$COMPILER_VERSION" "lldb-$COMPILER_VERSION" "lld-$COMPILER_VERSION" "clangd-$COMPILER_VERSION")
|
||||
fi
|
||||
elif [[ "$COMPILER" == gcc ]]; then
|
@ -0,0 +1,28 @@
|
||||
From d1abf107c5b4c661886001de996bf03587bb35c1 Mon Sep 17 00:00:00 2001
|
||||
From: Luca Boccassi <bluca@debian.org>
|
||||
Date: Mon, 7 Nov 2022 16:28:33 +0000
|
||||
Subject: [PATCH] kernel-install: skip 50-depmod if depmod is not available
|
||||
|
||||
Images might be built without any kernel module, and without
|
||||
installing depmod as it is not needed. Skip it.
|
||||
|
||||
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023607
|
||||
(cherry picked from commit cda4d00dfcbcd075cef95341f8a466f0c4ee8e1d)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
src/kernel-install/50-depmod.install | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
|
||||
index d4b991cfd6..43bd87c7ed 100755
|
||||
--- a/src/kernel-install/50-depmod.install
|
||||
+++ b/src/kernel-install/50-depmod.install
|
||||
@@ -26,6 +26,7 @@ KERNEL_VERSION="${2:?}"
|
||||
case "$COMMAND" in
|
||||
add)
|
||||
[ -d "/lib/modules/$KERNEL_VERSION/kernel" ] || exit 0
|
||||
+ command -v depmod >/dev/null || exit 0
|
||||
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+depmod -a $KERNEL_VERSION"
|
||||
exec depmod -a "$KERNEL_VERSION"
|
||||
;;
|
@ -1,54 +0,0 @@
|
||||
From b9b1f92cdc74beb8487c87aa2b5c2806e100d1aa Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Tue, 22 Feb 2022 14:43:40 +0100
|
||||
Subject: [PATCH] ci: fix clang-13 installation
|
||||
|
||||
For some reason Ubuntu Focal repositories now have `llvm-13` virtual
|
||||
package which can't be installed, but successfully fools our check,
|
||||
resulting in no clang/llvm being installed...
|
||||
|
||||
```
|
||||
$ apt show llvm-13
|
||||
Package: llvm-13
|
||||
State: not a real package (virtual)
|
||||
N: Can't select candidate version from package llvm-13 as it has no candidate
|
||||
N: Can't select versions from package 'llvm-13' as it is purely virtual
|
||||
N: No packages found
|
||||
|
||||
$ apt install --dry-run llvm-13
|
||||
Reading package lists... Done
|
||||
Building dependency tree
|
||||
Reading state information... Done
|
||||
Package llvm-13 is not available, but is referred to by another package.
|
||||
This may mean that the package is missing, has been obsoleted, or
|
||||
is only available from another source
|
||||
|
||||
E: Package 'llvm-13' has no installation candidate
|
||||
```
|
||||
|
||||
(cherry picked from commit b491d74064f9d5e17a71b38b014434237169a077)
|
||||
|
||||
Related: #2013213
|
||||
---
|
||||
.github/workflows/build_test.sh | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh
|
||||
index 549e59b2c9..5a173a18d5 100755
|
||||
--- a/.github/workflows/build_test.sh
|
||||
+++ b/.github/workflows/build_test.sh
|
||||
@@ -78,12 +78,12 @@ if [[ "$COMPILER" == clang ]]; then
|
||||
# ATTOW llvm-11 got into focal-updates, which conflicts with llvm-11
|
||||
# provided by the apt.llvm.org repositories. Let's use the system
|
||||
# llvm package if available in such cases to avoid that.
|
||||
- if ! apt show --quiet "llvm-$COMPILER_VERSION" &>/dev/null; then
|
||||
+ if ! apt install --dry-run "llvm-$COMPILER_VERSION" >/dev/null; then
|
||||
# Latest LLVM stack deb packages provided by https://apt.llvm.org/
|
||||
# Following snippet was partly borrowed from https://apt.llvm.org/llvm.sh
|
||||
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --yes --dearmor --output /usr/share/keyrings/apt-llvm-org.gpg
|
||||
printf "deb [signed-by=/usr/share/keyrings/apt-llvm-org.gpg] http://apt.llvm.org/%s/ llvm-toolchain-%s-%s main\n" \
|
||||
- "$RELEASE" "$RELEASE" "$COMPILER_VERSION" >/etc/apt/sources.list.d/llvm-toolchain.list
|
||||
+ "$RELEASE" "$RELEASE" "$COMPILER_VERSION" >/etc/apt/sources.list.d/llvm-toolchain.list
|
||||
PACKAGES+=("clang-$COMPILER_VERSION" "lldb-$COMPILER_VERSION" "lld-$COMPILER_VERSION" "clangd-$COMPILER_VERSION")
|
||||
fi
|
||||
elif [[ "$COMPILER" == gcc ]]; then
|
@ -0,0 +1,38 @@
|
||||
From 04cdbacc26c7e38d3bd684235b51c79ab64b6026 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Tue, 8 Nov 2022 11:07:02 +0100
|
||||
Subject: [PATCH] man: add note that network-generator is not a generator
|
||||
|
||||
Also fix indentation.
|
||||
|
||||
(cherry picked from commit 2fa6574e835566c2aa5cbf4167ecee316f71bf98)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
man/systemd-network-generator.service.xml | 11 +++++++++--
|
||||
1 file changed, 9 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/man/systemd-network-generator.service.xml b/man/systemd-network-generator.service.xml
|
||||
index 6b7e2564d4..2ddeadfc54 100644
|
||||
--- a/man/systemd-network-generator.service.xml
|
||||
+++ b/man/systemd-network-generator.service.xml
|
||||
@@ -41,10 +41,17 @@
|
||||
</para>
|
||||
|
||||
<para>Files are generated in <filename>/run/systemd/network/</filename>.</para>
|
||||
+
|
||||
+ <para>Note: despite the name, this generator executes as a normal systemd service and is
|
||||
+ <emphasis>not</emphasis> an implementation of the
|
||||
+ <citerefentry><refentrytitle>systemd.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>
|
||||
+ concept.</para>
|
||||
</refsect1>
|
||||
|
||||
- <refsect1><title>Kernel command line options</title>
|
||||
- <para>This tool understands the following options:</para>
|
||||
+ <refsect1>
|
||||
+ <title>Kernel command line options</title>
|
||||
+
|
||||
+ <para>This tool understands the following options:</para>
|
||||
|
||||
<variablelist class='kernel-commandline-options'>
|
||||
<varlistentry>
|
@ -1,240 +0,0 @@
|
||||
From 29cda567564d548cce5867c9d054ebb6cefcdca0 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Thu, 3 Mar 2022 20:30:43 +0100
|
||||
Subject: [PATCH] test: check systemd RPM macros
|
||||
|
||||
Make sure our RPM macros work as intended. Based on the original PR
|
||||
(#16464) by Mikhail Novosyolov.
|
||||
|
||||
Co-authored-by: Mikhail Novosyolov <m.novosyolov@rosalinux.ru>
|
||||
(cherry picked from commit 55c09511e13c6a57ffe64bef4a9d0a00f34d37d9)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
.github/workflows/unit_tests.sh | 1 +
|
||||
.semaphore/semaphore-runner.sh | 2 +-
|
||||
test/meson.build | 16 ++++
|
||||
test/test-rpm-macros.sh | 162 ++++++++++++++++++++++++++++++++
|
||||
4 files changed, 180 insertions(+), 1 deletion(-)
|
||||
create mode 100755 test/test-rpm-macros.sh
|
||||
|
||||
diff --git a/.github/workflows/unit_tests.sh b/.github/workflows/unit_tests.sh
|
||||
index 9c7beb6d19..f41b070e57 100755
|
||||
--- a/.github/workflows/unit_tests.sh
|
||||
+++ b/.github/workflows/unit_tests.sh
|
||||
@@ -20,6 +20,7 @@ ADDITIONAL_DEPS=(
|
||||
perl
|
||||
python3-libevdev
|
||||
python3-pyparsing
|
||||
+ rpm
|
||||
zstd
|
||||
)
|
||||
|
||||
diff --git a/.semaphore/semaphore-runner.sh b/.semaphore/semaphore-runner.sh
|
||||
index d02b449e0e..6ccf271a82 100755
|
||||
--- a/.semaphore/semaphore-runner.sh
|
||||
+++ b/.semaphore/semaphore-runner.sh
|
||||
@@ -42,7 +42,7 @@ apt-get -q --allow-releaseinfo-change update
|
||||
apt-get -y dist-upgrade
|
||||
apt-get install -y eatmydata
|
||||
# The following four are needed as long as these deps are not covered by Debian's own packaging
|
||||
-apt-get install -y fdisk tree libfdisk-dev libp11-kit-dev libssl-dev libpwquality-dev
|
||||
+apt-get install -y fdisk tree libfdisk-dev libp11-kit-dev libssl-dev libpwquality-dev rpm
|
||||
apt-get purge --auto-remove -y unattended-upgrades
|
||||
systemctl unmask systemd-networkd
|
||||
systemctl enable systemd-networkd
|
||||
diff --git a/test/meson.build b/test/meson.build
|
||||
index 8de1043e17..04ae9ebc78 100644
|
||||
--- a/test/meson.build
|
||||
+++ b/test/meson.build
|
||||
@@ -163,6 +163,22 @@ endif
|
||||
|
||||
############################################################
|
||||
|
||||
+rpm = find_program('rpm', required : false)
|
||||
+rpmspec = find_program('rpmspec', required : false)
|
||||
+test_rpm_macros = find_program('test-rpm-macros.sh')
|
||||
+
|
||||
+if rpm.found() and rpmspec.found()
|
||||
+ if want_tests != 'false'
|
||||
+ test('test-rpm-macros',
|
||||
+ test_rpm_macros,
|
||||
+ args : [project_build_root])
|
||||
+ endif
|
||||
+else
|
||||
+ message('Skipping test-rpm-macros since rpm and/or rpmspec are not available')
|
||||
+endif
|
||||
+
|
||||
+############################################################
|
||||
+
|
||||
if want_tests != 'false' and dmi_arches.contains(host_machine.cpu_family())
|
||||
udev_dmi_memory_id_test = find_program('udev-dmi-memory-id-test.sh')
|
||||
|
||||
diff --git a/test/test-rpm-macros.sh b/test/test-rpm-macros.sh
|
||||
new file mode 100755
|
||||
index 0000000000..5843b72346
|
||||
--- /dev/null
|
||||
+++ b/test/test-rpm-macros.sh
|
||||
@@ -0,0 +1,162 @@
|
||||
+#!/usr/bin/env bash
|
||||
+# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
+# This test makes some basic checks that RPM macros work correctly.
|
||||
+# RPM is a simple C program available on different Linux distros, not only RPM-based ones,
|
||||
+# and even BSD systems, so it must not be a problem to require it.
|
||||
+# rpmspec utility is required (so this test will work with RPM 4 but won't work with RPM 5).
|
||||
+set -eu
|
||||
+
|
||||
+BUILD_DIR="${1:?Missing argument: build directory}"
|
||||
+RPM_MACROS_FILE="${BUILD_DIR:?}/src/rpm/macros.systemd"
|
||||
+
|
||||
+if ! command -v rpm >/dev/null || ! command -v rpmspec >/dev/null; then
|
||||
+ echo >&2 "Missing necessary utilities (rpm, rpmspec), can't continue"
|
||||
+ exit 1
|
||||
+fi
|
||||
+
|
||||
+if [[ ! -f "${RPM_MACROS_FILE:?}" ]]; then
|
||||
+ echo "RPM macros file not found in $RPM_MACROS_FILE!"
|
||||
+ exit 1
|
||||
+fi
|
||||
+
|
||||
+at_exit() {
|
||||
+ if [[ -v WORK_DIR && -d "$WORK_DIR" ]]; then
|
||||
+ rm -frv "$WORK_DIR"
|
||||
+ fi
|
||||
+}
|
||||
+
|
||||
+trap at_exit EXIT
|
||||
+
|
||||
+WORK_DIR="$(mktemp -d)"
|
||||
+RPM_SPEC="$(mktemp "$WORK_DIR/systemd-test-rpm-macros-XXX.spec")"
|
||||
+TEMP_LOG="$(mktemp "$WORK_DIR/out-XXX.log")"
|
||||
+
|
||||
+die() {
|
||||
+ echo >&2 "${1:?}"
|
||||
+ exit 1
|
||||
+}
|
||||
+
|
||||
+mk_mini_spec() {
|
||||
+ cat >"${RPM_SPEC:?}" <<EOF
|
||||
+%{load:$RPM_MACROS_FILE}
|
||||
+Summary: Test systemd RPM macros
|
||||
+Name: systemd-test-rpm-macros
|
||||
+License: LGPLv2+ and MIT and GPLv2+
|
||||
+Version: 1
|
||||
+Release: 1
|
||||
+%description
|
||||
+%{summary}
|
||||
+END_OF_INITIAL_SPEC
|
||||
+EOF
|
||||
+}
|
||||
+
|
||||
+echo "=== Test basic loadability ==="
|
||||
+mk_mini_spec
|
||||
+# ensure its loadability (macros will be just loaded and not used for now)
|
||||
+# also check that rpm supports %load
|
||||
+rpmspec --parse "$RPM_SPEC"
|
||||
+
|
||||
+echo "=== Test %systemd_requires ==="
|
||||
+mk_mini_spec
|
||||
+# The idea of tests is the following:
|
||||
+# - make a minimal spec file
|
||||
+# - add macros into its %description section
|
||||
+# - use rpmspec(8) to print spec file with expanded macros
|
||||
+# - check that macros have been expanded as required.
|
||||
+echo "%systemd_requires" >>"$RPM_SPEC"
|
||||
+: >"$TEMP_LOG"
|
||||
+rpmspec --parse "$RPM_SPEC" | tee "$TEMP_LOG"
|
||||
+for i in post preun postun; do
|
||||
+ echo "== Requires($i) =="
|
||||
+ grep "^Requires($i): systemd$" "$TEMP_LOG"
|
||||
+done
|
||||
+
|
||||
+echo "=== Test %systemd_ordering ==="
|
||||
+mk_mini_spec
|
||||
+echo "%systemd_ordering" >>"$RPM_SPEC"
|
||||
+: >"$TEMP_LOG"
|
||||
+rpmspec --parse "$RPM_SPEC" | tee "$TEMP_LOG"
|
||||
+for i in post preun postun; do
|
||||
+ echo "== OrderWithRequires($i) =="
|
||||
+ grep "^OrderWithRequires($i): systemd$" "$TEMP_LOG"
|
||||
+done
|
||||
+
|
||||
+echo "=== Test macros requiring an argument without specifying such argument ==="
|
||||
+for i in \
|
||||
+ systemd_post \
|
||||
+ systemd_preun \
|
||||
+ systemd_postun \
|
||||
+ systemd_postun_with_restart \
|
||||
+ systemd_user_preun \
|
||||
+ systemd_user_postun \
|
||||
+ systemd_user_postun_with_restart \
|
||||
+ tmpfiles_create \
|
||||
+ tmpfiles_create_package \
|
||||
+ sysusers_create \
|
||||
+ sysusers_create_package
|
||||
+do
|
||||
+ echo "== Macro: $i =="
|
||||
+ mk_mini_spec
|
||||
+ echo "%${i}" >>"$RPM_SPEC"
|
||||
+ if rpmspec --parse "$RPM_SPEC"; then
|
||||
+ die "Unexpected pass with macro $i (no arguments)"
|
||||
+ fi
|
||||
+done
|
||||
+
|
||||
+echo "=== Test macros requiring two arguments ==="
|
||||
+for i in \
|
||||
+ tmpfiles_create_package \
|
||||
+ sysusers_create_package
|
||||
+do
|
||||
+ echo "== Macro: $i =="
|
||||
+ # Test with an incorrect number of arguments (0, 1, 3)
|
||||
+ for args in "" "arg1" "arg1 arg2 arg3"; do
|
||||
+ mk_mini_spec
|
||||
+ echo "%${i} $args" >>"$RPM_SPEC"
|
||||
+ if rpmspec --parse "$RPM_SPEC"; then
|
||||
+ die "Unexpected pass with macro $i (arguments: $args)"
|
||||
+ fi
|
||||
+ done
|
||||
+
|
||||
+ # Test with the correct number of arguments (2)
|
||||
+ mk_mini_spec
|
||||
+ echo "%${i} arg1 arg2" >>"$RPM_SPEC"
|
||||
+ if ! rpmspec --parse "$RPM_SPEC"; then
|
||||
+ die "Unexpected fail with macro $i (arguments: $args)"
|
||||
+ fi
|
||||
+done
|
||||
+
|
||||
+
|
||||
+# Test that:
|
||||
+# - *_create_package macros do work correctly
|
||||
+# - shell syntax is correct (https://github.com/systemd/systemd/commit/93406fd37)
|
||||
+# - RPM macros, loaded from macros.in, are actually expanded
|
||||
+echo "=== Test %*_create_package macros ==="
|
||||
+for i in sysusers tmpfiles; do
|
||||
+ echo "== Macro: ${i}_create_package =="
|
||||
+
|
||||
+ PKG_DATA_FILE="$(mktemp "$WORK_DIR/pkg-data-XXX")"
|
||||
+ EXP_OUT="$(mktemp "$WORK_DIR/exp-out-XXX.log")"
|
||||
+ CONF_DIR="$(pkg-config --variable="${i}dir" systemd)"
|
||||
+ EXTRA_ARGS=()
|
||||
+
|
||||
+ if [[ "$i" == tmpfiles ]]; then
|
||||
+ EXTRA_ARGS+=("--create")
|
||||
+ fi
|
||||
+
|
||||
+ echo "TEST_DATA" >"$PKG_DATA_FILE"
|
||||
+ mk_mini_spec
|
||||
+ echo "%${i}_create_package TEST_NAME ${PKG_DATA_FILE}" >>"$RPM_SPEC"
|
||||
+
|
||||
+ cat >"$EXP_OUT" <<EOF
|
||||
+systemd-$i --replace=$CONF_DIR/TEST_NAME.conf ${EXTRA_ARGS[*]:+${EXTRA_ARGS[@]} }- <<SYSTEMD_INLINE_EOF || :
|
||||
+TEST_DATA
|
||||
+SYSTEMD_INLINE_EOF
|
||||
+EOF
|
||||
+
|
||||
+ : >"$TEMP_LOG"
|
||||
+ rpmspec --parse "$RPM_SPEC" | tee "$TEMP_LOG"
|
||||
+ diff "$EXP_OUT" <(grep -A1 -B1 '^TEST_DATA$' "$TEMP_LOG")
|
||||
+
|
||||
+ rm -f "$PKG_DATA_FILE"
|
||||
+done
|
@ -0,0 +1,64 @@
|
||||
From 054da791c98fba7e11079e94c9b9fe0b1ca4e8d4 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
|
||||
Date: Fri, 4 Nov 2022 15:48:50 +0100
|
||||
Subject: [PATCH] test: fstab-generator: adjust PATH for fsck
|
||||
|
||||
fsck(8) is located in /usr/sib/ on Debian sid:
|
||||
|
||||
stdout:
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-01-dev-nfs.input
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-02-dhcp.input
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-03-dhcp6.input
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-04-nfs.input
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-05-nfs4.input
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-06-ipv4.input
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-07-ipv6.input
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-08-implicit-nfs.input
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-09-cifs.input
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-10-iscsi.input
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-11-live.input
|
||||
*** Running /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-12-dev-sdx.input
|
||||
--- /dev/fd/63 2022-11-04 15:39:13.131532174 +0100
|
||||
+++ /dev/fd/62 2022-11-04 15:39:13.131532174 +0100
|
||||
@@ -6,3 +6,4 @@
|
||||
initrd-usr-fs.target.requires
|
||||
initrd-usr-fs.target.requires/sysroot.mount
|
||||
sysroot.mount
|
||||
+systemd-fsck-root.service
|
||||
**** Unexpected output for /home/christian/Coding/workspaces/systemd/test/testdata/test-fstab-generator/test-12-dev-sdx.input
|
||||
stderr:
|
||||
Skipping root directory handling, as root on NFS was requested.
|
||||
Skipping root directory handling, as root on NFS was requested.
|
||||
Skipping root directory handling, as root on NFS was requested.
|
||||
Skipping root directory handling, as root on NFS was requested.
|
||||
Skipping root directory handling, as root on NFS was requested.
|
||||
Skipping root directory handling, as root on NFS was requested.
|
||||
Skipping root directory handling, as root on NFS was requested.
|
||||
Skipping root directory handling, as root on NFS was requested.
|
||||
Skipping root directory handling, as root on CIFS was requested.
|
||||
Skipping root directory handling, as root on iSCSI was requested.
|
||||
Skipping root directory handling, as root on live image was requested.
|
||||
Found entry what=/dev/sdx1 where=/sysroot type=n/a opts=ro
|
||||
Checking was requested for /dev/sdx1, but the fsck command does not exist.
|
||||
|
||||
(cherry picked from commit a45efc9e4b574a85176610496f2ac7ae769364bb)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/test-fstab-generator.sh | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/test/test-fstab-generator.sh b/test/test-fstab-generator.sh
|
||||
index 0c977645e3..7c060dfac7 100755
|
||||
--- a/test/test-fstab-generator.sh
|
||||
+++ b/test/test-fstab-generator.sh
|
||||
@@ -14,6 +14,9 @@ fi
|
||||
|
||||
src="$(dirname "$0")/testdata/test-fstab-generator"
|
||||
|
||||
+# fsck(8) is located in /usr/sbin on Debian
|
||||
+PATH=$PATH:/usr/sbin
|
||||
+
|
||||
for f in "$src"/test-*.input; do
|
||||
echo "*** Running $f"
|
||||
|
@ -0,0 +1,30 @@
|
||||
From ba5d26d85d0c4250b10a46a5c9cd3a3e1f0ce43b Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
|
||||
Date: Fri, 4 Nov 2022 19:36:31 +0100
|
||||
Subject: [PATCH] loop-util: open lock fd read-only
|
||||
|
||||
flock(2) works with file descriptors opened with O_RDONLY.
|
||||
|
||||
This affects SELinux systems where access to block devices is quite
|
||||
restricted to avoid bypasses on filesystem objects.
|
||||
|
||||
(cherry picked from commit 3e6b7d2626de9c0faf8b34b2629e8d6d8fa85a7d)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
src/shared/loop-util.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/shared/loop-util.c b/src/shared/loop-util.c
|
||||
index 731ce29112..fb7e80b1b5 100644
|
||||
--- a/src/shared/loop-util.c
|
||||
+++ b/src/shared/loop-util.c
|
||||
@@ -77,7 +77,7 @@ static int open_lock_fd(int primary_fd, int operation) {
|
||||
assert(primary_fd >= 0);
|
||||
assert(IN_SET(operation & ~LOCK_NB, LOCK_SH, LOCK_EX));
|
||||
|
||||
- lock_fd = fd_reopen(primary_fd, O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
|
||||
+ lock_fd = fd_reopen(primary_fd, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
|
||||
if (lock_fd < 0)
|
||||
return lock_fd;
|
||||
|
@ -1,161 +0,0 @@
|
||||
From 7cc55d22394b8583b637e7e4b8baa00eb8f0dc49 Mon Sep 17 00:00:00 2001
|
||||
From: Luca Boccassi <luca.boccassi@microsoft.com>
|
||||
Date: Wed, 12 Jan 2022 22:38:22 +0000
|
||||
Subject: [PATCH] test: do not assume x86-64 arch in TEST-58-REPART
|
||||
|
||||
(cherry picked from commit 8e65d93e85f06e3f28b0b7a6e33b041ddf119917)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
test/units/testsuite-58.sh | 76 ++++++++++++++++++++++++++++++++------
|
||||
1 file changed, 65 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/test/units/testsuite-58.sh b/test/units/testsuite-58.sh
|
||||
index 78c25051a2..4b3c984c84 100755
|
||||
--- a/test/units/testsuite-58.sh
|
||||
+++ b/test/units/testsuite-58.sh
|
||||
@@ -11,6 +11,60 @@ fi
|
||||
export SYSTEMD_LOG_LEVEL=debug
|
||||
export PAGER=cat
|
||||
|
||||
+machine="$(uname -m)"
|
||||
+if [ "${machine}" = "x86_64" ]; then
|
||||
+ root_guid=4f68bce3-e8cd-4db1-96e7-fbcaf984b709
|
||||
+ root_uuid=60F33797-1D71-4DCB-AA6F-20564F036CD0
|
||||
+ usr_guid=8484680c-9521-48c6-9c11-b0720656f69e
|
||||
+ usr_uuid=7E3369DD-D653-4513-ADF5-B993A9F20C16
|
||||
+ architecture="x86-64"
|
||||
+elif [ "${machine}" = "i386" ] || [ "${machine}" = "i686" ] || [ "${machine}" = "x86" ]; then
|
||||
+ root_guid=44479540-f297-41b2-9af7-d131d5f0458a
|
||||
+ root_uuid=02b4253f-29a4-404e-8972-1669d3b03c87
|
||||
+ usr_guid=75250d76-8cc6-458e-bd66-bd47cc81a812
|
||||
+ usr_uuid=7b42ffb0-b0e1-4395-b20b-c78f4a571648
|
||||
+ architecture="x86"
|
||||
+elif [ "${machine}" = "aarch64" ] || [ "${machine}" = "aarch64_be" ] || [ "${machine}" = "armv8b" ] || [ "${machine}" = "armv8l" ]; then
|
||||
+ root_guid=b921b045-1df0-41c3-af44-4c6f280d3fae
|
||||
+ root_uuid=055d0227-53a6-4033-85c3-9a5973eff483
|
||||
+ usr_guid=b0e01050-ee5f-4390-949a-9101b17104e9
|
||||
+ usr_uuid=fce3c75e-d6a4-44c0-87f0-4c105183fb1f
|
||||
+ architecture="arm64"
|
||||
+elif [ "${machine}" = "arm" ]; then
|
||||
+ root_guid=69dad710-2ce4-4e3c-b16c-21a1d49abed3
|
||||
+ root_uuid=567da89e-8de2-4499-8d10-18f212dff034
|
||||
+ usr_guid=7d0359a3-02b3-4f0a-865c-654403e70625
|
||||
+ usr_uuid=71e93dc2-5073-42cb-8a84-a354e64d8966
|
||||
+ architecture="arm"
|
||||
+elif [ "${machine}" = "loongarch64" ]; then
|
||||
+ root_guid=77055800-792c-4f94-b39a-98c91b762bb6
|
||||
+ root_uuid=d8efc2d2-0133-41e4-bdcb-3b9f4cfddde8
|
||||
+ usr_guid=e611c702-575c-4cbe-9a46-434fa0bf7e3f
|
||||
+ usr_uuid=031ffa75-00bb-49b6-a70d-911d2d82a5b7
|
||||
+ architecture="loongarch64"
|
||||
+elif [ "${machine}" = "ia64" ]; then
|
||||
+ root_guid=993d8d3d-f80e-4225-855a-9daf8ed7ea97
|
||||
+ root_uuid=dcf33449-0896-4ea9-bc24-7d58aeef522d
|
||||
+ usr_guid=4301d2a6-4e3b-4b2a-bb94-9e0b2c4225ea
|
||||
+ usr_uuid=bc2bcce7-80d6-449a-85cc-637424ce5241
|
||||
+ architecture="ia64"
|
||||
+elif [ "${machine}" = "s390x" ]; then
|
||||
+ root_guid=5eead9a9-fe09-4a1e-a1d7-520d00531306
|
||||
+ root_uuid=7ebe0c85-e27e-48ec-b164-f4807606232e
|
||||
+ usr_guid=8a4f5770-50aa-4ed3-874a-99b710db6fea
|
||||
+ usr_uuid=51171d30-35cf-4a49-b8b5-9478b9b796a5
|
||||
+ architecture="s390x"
|
||||
+elif [ "${machine}" = "ppc64le" ]; then
|
||||
+ root_guid=c31c45e6-3f39-412e-80fb-4809c4980599
|
||||
+ root_uuid=061e67a1-092f-482f-8150-b525d50d6654
|
||||
+ usr_guid=15bb03af-77e7-4d4a-b12b-c0d084f7491c
|
||||
+ usr_uuid=c0d0823b-8040-4c7c-a629-026248e297fb
|
||||
+ architecture="ppc64-le"
|
||||
+else
|
||||
+ echo "Unexpected uname -m: ${machine} in testsuite-58.sh, please fix me"
|
||||
+ exit 1
|
||||
+fi
|
||||
+
|
||||
rm -f /var/tmp/testsuite-58.img /var/tmp/testsuite-58.2.img /tmp/testsuite-58.dump
|
||||
mkdir -p /tmp/testsuite-58-defs/
|
||||
|
||||
@@ -25,7 +79,7 @@ EOF
|
||||
|
||||
cat >/tmp/testsuite-58-defs/usr.conf <<EOF
|
||||
[Partition]
|
||||
-Type=usr
|
||||
+Type=usr-${architecture}
|
||||
SizeMinBytes=10M
|
||||
Format=ext4
|
||||
ReadOnly=yes
|
||||
@@ -33,7 +87,7 @@ EOF
|
||||
|
||||
cat >/tmp/testsuite-58-defs/root.conf <<EOF
|
||||
[Partition]
|
||||
-Type=root
|
||||
+Type=root-${architecture}
|
||||
SizeMinBytes=10M
|
||||
Format=ext4
|
||||
MakeDirectories=/usr /efi
|
||||
@@ -47,9 +101,9 @@ systemd-repart --definitions=/tmp/testsuite-58-defs/ \
|
||||
|
||||
sfdisk --dump /var/tmp/testsuite-58.img | tee /tmp/testsuite-58.dump
|
||||
|
||||
-grep -qxF '/var/tmp/testsuite-58.img1 : start= 2048, size= 20480, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=39107B09-615D-48FB-BA37-C663885FCE67, name="esp"' /tmp/testsuite-58.dump
|
||||
-grep -qxF '/var/tmp/testsuite-58.img2 : start= 22528, size= 20480, type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709, uuid=60F33797-1D71-4DCB-AA6F-20564F036CD0, name="root-x86-64", attrs="GUID:59"' /tmp/testsuite-58.dump
|
||||
-grep -qxF '/var/tmp/testsuite-58.img3 : start= 43008, size= 20480, type=8484680C-9521-48C6-9C11-B0720656F69E, uuid=7E3369DD-D653-4513-ADF5-B993A9F20C16, name="usr-x86-64", attrs="GUID:60"' /tmp/testsuite-58.dump
|
||||
+grep -qixF "/var/tmp/testsuite-58.img1 : start= 2048, size= 20480, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=39107B09-615D-48FB-BA37-C663885FCE67, name=\"esp\"" /tmp/testsuite-58.dump
|
||||
+grep -qixF "/var/tmp/testsuite-58.img2 : start= 22528, size= 20480, type=${root_guid}, uuid=${root_uuid}, name=\"root-${architecture}\", attrs=\"GUID:59\"" /tmp/testsuite-58.dump
|
||||
+grep -qixF "/var/tmp/testsuite-58.img3 : start= 43008, size= 20480, type=${usr_guid}, uuid=${usr_uuid}, name=\"usr-${architecture}\", attrs=\"GUID:60\"" /tmp/testsuite-58.dump
|
||||
|
||||
# Second part, duplicate it with CopyBlocks=auto
|
||||
|
||||
@@ -61,14 +115,14 @@ EOF
|
||||
|
||||
cat >/tmp/testsuite-58-defs/usr.conf <<EOF
|
||||
[Partition]
|
||||
-Type=usr
|
||||
+Type=usr-${architecture}
|
||||
ReadOnly=yes
|
||||
CopyBlocks=auto
|
||||
EOF
|
||||
|
||||
cat >/tmp/testsuite-58-defs/root.conf <<EOF
|
||||
[Partition]
|
||||
-Type=root
|
||||
+Type=root-${architecture}
|
||||
CopyBlocks=auto
|
||||
EOF
|
||||
|
||||
@@ -91,7 +145,7 @@ mkdir -p /tmp/testsuite-58.3-defs/
|
||||
|
||||
cat >/tmp/testsuite-58.3-defs/root.conf <<EOF
|
||||
[Partition]
|
||||
-Type=root
|
||||
+Type=root-${architecture}
|
||||
EOF
|
||||
|
||||
truncate -s 10g /var/tmp/testsuite-58.3.img
|
||||
@@ -111,7 +165,7 @@ sfdisk --dump /var/tmp/testsuite-58.3.img | tee /tmp/testsuite-58.3.dump
|
||||
|
||||
grep -qF '/var/tmp/testsuite-58.3.img1 : start= 2048, size= 69044,' /tmp/testsuite-58.3.dump
|
||||
grep -qF '/var/tmp/testsuite-58.3.img2 : start= 71092, size= 3591848,' /tmp/testsuite-58.3.dump
|
||||
-grep -qxF '/var/tmp/testsuite-58.3.img3 : start= 3662944, size= 17308536, type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709, uuid=60F33797-1D71-4DCB-AA6F-20564F036CD0, name="root-x86-64", attrs="GUID:59"' /tmp/testsuite-58.3.dump
|
||||
+grep -qixF "/var/tmp/testsuite-58.3.img3 : start= 3662944, size= 17308536, type=${root_guid}, uuid=${root_uuid}, name=\"root-${architecture}\", attrs=\"GUID:59\"" /tmp/testsuite-58.3.dump
|
||||
|
||||
rm /var/tmp/testsuite-58.3.img /tmp/testsuite-58.3.dump
|
||||
rm -r /tmp/testsuite-58.3-defs/
|
||||
@@ -120,7 +174,7 @@ rm -r /tmp/testsuite-58.3-defs/
|
||||
mkdir -p /tmp/testsuite-58-issue-21817-defs/
|
||||
truncate -s 100m /tmp/testsuite-58-issue-21817.img
|
||||
LOOP=$(losetup -P --show -f /tmp/testsuite-58-issue-21817.img)
|
||||
-printf 'size=50M,type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709\n,\n' | sfdisk -X gpt /tmp/testsuite-58-issue-21817.img
|
||||
+printf 'size=50M,type=%s\n,\n' "${root_guid}" | sfdisk -X gpt /tmp/testsuite-58-issue-21817.img
|
||||
cat >/tmp/testsuite-58-issue-21817-defs/test.conf <<EOF
|
||||
[Partition]
|
||||
Type=root
|
||||
@@ -129,7 +183,7 @@ systemd-repart --pretty=yes --definitions /tmp/testsuite-58-issue-21817-defs/ "$
|
||||
sfdisk --dump "$LOOP" | tee /tmp/testsuite-58-issue-21817.dump
|
||||
losetup -d "$LOOP"
|
||||
|
||||
-grep -qF 'p1 : start= 2048, size= 102400, type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709,' /tmp/testsuite-58-issue-21817.dump
|
||||
+grep -qiF "p1 : start= 2048, size= 102400, type=${root_guid}," /tmp/testsuite-58-issue-21817.dump
|
||||
grep -qF 'p2 : start= 104448, size= 100319,' /tmp/testsuite-58-issue-21817.dump
|
||||
|
||||
rm /tmp/testsuite-58-issue-21817.img /tmp/testsuite-58-issue-21817.dump
|
@ -0,0 +1,30 @@
|
||||
From ca92c2e035d5702f23f9a8d1cd705425b5605822 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Mon, 7 Nov 2022 11:55:29 +0100
|
||||
Subject: [PATCH] test: don't ignore non-existent paths in inst_recursive()
|
||||
|
||||
The process substitution in the while loop hides errors raised by the
|
||||
find utility, which might (and did), in turn, hide errors in test setup.
|
||||
|
||||
(cherry picked from commit eb5d7730e1b3b1bddecb80be37e5a4c938183f61)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/test-functions | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/test/test-functions b/test/test-functions
|
||||
index 16d9da637b..80ce383e64 100644
|
||||
--- a/test/test-functions
|
||||
+++ b/test/test-functions
|
||||
@@ -2773,6 +2773,10 @@ inst_recursive() {
|
||||
local p item
|
||||
|
||||
for p in "$@"; do
|
||||
+ # Make sure the source exists, as the process substitution below
|
||||
+ # suppresses errors
|
||||
+ stat "$p" >/dev/null || return 1
|
||||
+
|
||||
while read -r item; do
|
||||
if [[ -d "$item" ]]; then
|
||||
inst_dir "$item"
|
@ -1,68 +0,0 @@
|
||||
From 9a98a3b83e9e974d8d1cdc31e2286a862cc548be Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Mon, 7 Feb 2022 14:35:40 +0100
|
||||
Subject: [PATCH] tests: add repart tests for block devices with 1024, 2048,
|
||||
4096 byte sector sizes
|
||||
|
||||
let's make sure repart works with 4K drives and exotic sector sizes.
|
||||
|
||||
(cherry picked from commit 2cd341afb96486bd4afcdba23f02a27631c5b8db)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
test/units/testsuite-58.sh | 42 ++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 42 insertions(+)
|
||||
|
||||
diff --git a/test/units/testsuite-58.sh b/test/units/testsuite-58.sh
|
||||
index 4b3c984c84..7aed965fb4 100755
|
||||
--- a/test/units/testsuite-58.sh
|
||||
+++ b/test/units/testsuite-58.sh
|
||||
@@ -189,6 +189,48 @@ grep -qF 'p2 : start= 104448, size= 100319,' /tmp/testsuite-58-issue-2
|
||||
rm /tmp/testsuite-58-issue-21817.img /tmp/testsuite-58-issue-21817.dump
|
||||
rm -r /tmp/testsuite-58-issue-21817-defs/
|
||||
|
||||
+testsector()
|
||||
+{
|
||||
+ echo "Running sector test with sector size $1..."
|
||||
+
|
||||
+ mkdir -p /tmp/testsuite-58-sector
|
||||
+ cat > /tmp/testsuite-58-sector/a.conf <<EOF
|
||||
+[Partition]
|
||||
+Type=root
|
||||
+SizeMaxBytes=15M
|
||||
+SizeMinBytes=15M
|
||||
+EOF
|
||||
+ cat > /tmp/testsuite-58-sector/b.conf <<EOF
|
||||
+[Partition]
|
||||
+Type=linux-generic
|
||||
+Weight=250
|
||||
+EOF
|
||||
+
|
||||
+ cat > /tmp/testsuite-58-sector/c.conf <<EOF
|
||||
+[Partition]
|
||||
+Type=linux-generic
|
||||
+Weight=750
|
||||
+EOF
|
||||
+
|
||||
+ truncate -s 100m "/tmp/testsuite-58-sector-$1.img"
|
||||
+ LOOP=$(losetup -b "$1" -P --show -f "/tmp/testsuite-58-sector-$1.img" )
|
||||
+ systemd-repart --pretty=yes --definitions=/tmp/testsuite-58-sector/ --seed=750b6cd5c4ae4012a15e7be3c29e6a47 --empty=require --dry-run=no "$LOOP"
|
||||
+ rm -rf /tmp/testsuite-58-sector
|
||||
+ sfdisk --verify "$LOOP"
|
||||
+ sfdisk --dump "$LOOP"
|
||||
+ losetup -d "$LOOP"
|
||||
+
|
||||
+ rm "/tmp/testsuite-58-sector-$1.img"
|
||||
+}
|
||||
+
|
||||
+# Valid block sizes on the Linux block layer are >= 512 and <= PAGE_SIZE, and
|
||||
+# must be powers of 2. Which leaves exactly four different ones to test on
|
||||
+# typical hardware
|
||||
+testsector 512
|
||||
+testsector 1024
|
||||
+testsector 2048
|
||||
+testsector 4096
|
||||
+
|
||||
echo OK >/testok
|
||||
|
||||
exit 0
|
@ -1,31 +0,0 @@
|
||||
From c16ff9acad53e741ee121a21bd2ba5dfce1f459e Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Fri, 25 Feb 2022 15:09:07 +0100
|
||||
Subject: [PATCH] test: accept both unpadded and padded partition sizes
|
||||
|
||||
Since util-linux/util-linux@921c7da55ec78350e4067b3fd6b7de6f299106ee
|
||||
libfdisk aligns the last partition (on GPT) for optimal I/O. Let's
|
||||
account for that.
|
||||
|
||||
Fixes: #22606
|
||||
(cherry picked from commit d490188b8f6da658d8086dd53b7db95735e5cca1)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
test/units/testsuite-58.sh | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/test/units/testsuite-58.sh b/test/units/testsuite-58.sh
|
||||
index 7aed965fb4..f1b690a71f 100755
|
||||
--- a/test/units/testsuite-58.sh
|
||||
+++ b/test/units/testsuite-58.sh
|
||||
@@ -184,7 +184,8 @@ sfdisk --dump "$LOOP" | tee /tmp/testsuite-58-issue-21817.dump
|
||||
losetup -d "$LOOP"
|
||||
|
||||
grep -qiF "p1 : start= 2048, size= 102400, type=${root_guid}," /tmp/testsuite-58-issue-21817.dump
|
||||
-grep -qF 'p2 : start= 104448, size= 100319,' /tmp/testsuite-58-issue-21817.dump
|
||||
+# Accept both unpadded (pre-v2.38 util-linux) and padded (v2.38+ util-linux) sizes
|
||||
+grep -qE "p2 : start= 104448, size= (100319| 98304)," /tmp/testsuite-58-issue-21817.dump
|
||||
|
||||
rm /tmp/testsuite-58-issue-21817.img /tmp/testsuite-58-issue-21817.dump
|
||||
rm -r /tmp/testsuite-58-issue-21817-defs/
|
@ -0,0 +1,46 @@
|
||||
From ea8b80cdc0dfd0ad92301a0e421df4d3110fe09c Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Mon, 7 Nov 2022 11:57:59 +0100
|
||||
Subject: [PATCH] test: fix locale installation when locale-gen is used
|
||||
|
||||
locale-gen might merge all compiled locales into a simple archive, so we
|
||||
need to install it as well if necessary.
|
||||
|
||||
(cherry picked from commit 0c416ea01bc14adff10f4fc5415a36bd2d48f604)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/test-functions | 19 ++++++++++++-------
|
||||
1 file changed, 12 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/test/test-functions b/test/test-functions
|
||||
index 80ce383e64..45ca472916 100644
|
||||
--- a/test/test-functions
|
||||
+++ b/test/test-functions
|
||||
@@ -1988,14 +1988,19 @@ install_locales() {
|
||||
inst /usr/share/i18n/SUPPORTED || :
|
||||
inst_recursive /usr/share/i18n/charmaps
|
||||
inst_recursive /usr/share/i18n/locales
|
||||
- inst_recursive /usr/share/locale/en
|
||||
- inst_recursive /usr/share/locale/en_*
|
||||
+ inst_recursive /usr/share/locale/en*
|
||||
+ inst_recursive /usr/share/locale/de*
|
||||
+ image_install /usr/share/locale/locale.alias
|
||||
+ # locale-gen might either generate each locale separately or merge them
|
||||
+ # into a single archive
|
||||
+ if ! (inst_recursive /usr/lib/locale/C.*8 /usr/lib/locale/en_*8 ||
|
||||
+ image_install /usr/lib/locale/locale-archive); then
|
||||
+ dfatal "Failed to install required locales"
|
||||
+ exit 1
|
||||
+ fi
|
||||
+ else
|
||||
+ inst_recursive /usr/lib/locale/C.*8 /usr/lib/locale/en_*8
|
||||
fi
|
||||
-
|
||||
- inst_recursive /usr/lib/locale/C.utf8
|
||||
- inst_recursive /usr/lib/locale/C.UTF-8
|
||||
- inst_recursive /usr/lib/locale/en_*.utf8
|
||||
- inst_recursive /usr/lib/locale/en_*.UTF-8
|
||||
}
|
||||
|
||||
# shellcheck disable=SC2120
|
@ -0,0 +1,71 @@
|
||||
From bec9d65390249d4e88f5095e751283645a2a4c08 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Mon, 7 Nov 2022 12:07:27 +0100
|
||||
Subject: [PATCH] test: fix keymaps installation on Arch
|
||||
|
||||
Where the keymaps live under /usr/share/kbd/keymaps/.
|
||||
|
||||
(cherry picked from commit 1edad89399e7cbee230878589ac618103c157ec7)
|
||||
|
||||
Related #2138081
|
||||
---
|
||||
test/test-functions | 25 +++++++++++++------------
|
||||
1 file changed, 13 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/test/test-functions b/test/test-functions
|
||||
index 45ca472916..194cd682bb 100644
|
||||
--- a/test/test-functions
|
||||
+++ b/test/test-functions
|
||||
@@ -2007,7 +2007,8 @@ install_locales() {
|
||||
install_keymaps() {
|
||||
local i p
|
||||
local -a prefix=(
|
||||
- "/usr"
|
||||
+ "/usr/lib"
|
||||
+ "/usr/share"
|
||||
)
|
||||
|
||||
dinfo "Install console keymaps"
|
||||
@@ -2016,7 +2017,7 @@ install_keymaps() {
|
||||
&& [[ "$(meson configure "${BUILD_DIR:?}" | grep 'split-usr' | awk '{ print $2 }')" == "true" ]] \
|
||||
|| [[ ! -L /lib ]]; then
|
||||
prefix+=(
|
||||
- ""
|
||||
+ "/lib"
|
||||
)
|
||||
fi
|
||||
|
||||
@@ -2025,12 +2026,12 @@ install_keymaps() {
|
||||
# The first three paths may be deprecated.
|
||||
# It seems now the last three paths are used by many distributions.
|
||||
for i in \
|
||||
- "$p"/lib/kbd/keymaps/include/* \
|
||||
- "$p"/lib/kbd/keymaps/i386/include/* \
|
||||
- "$p"/lib/kbd/keymaps/i386/qwerty/us.* \
|
||||
- "$p"/lib/kbd/keymaps/legacy/include/* \
|
||||
- "$p"/lib/kbd/keymaps/legacy/i386/qwerty/us.* \
|
||||
- "$p"/lib/kbd/keymaps/xkb/us*; do
|
||||
+ "$p"/kbd/keymaps/include/* \
|
||||
+ "$p"/kbd/keymaps/i386/include/* \
|
||||
+ "$p"/kbd/keymaps/i386/qwerty/us.* \
|
||||
+ "$p"/kbd/keymaps/legacy/include/* \
|
||||
+ "$p"/kbd/keymaps/legacy/i386/qwerty/us.* \
|
||||
+ "$p"/kbd/keymaps/xkb/us*; do
|
||||
[[ -f "$i" ]] || continue
|
||||
inst "$i"
|
||||
done
|
||||
@@ -2039,10 +2040,10 @@ install_keymaps() {
|
||||
# When it takes any argument, then install more keymaps.
|
||||
for p in "${prefix[@]}"; do
|
||||
for i in \
|
||||
- "$p"/lib/kbd/keymaps/include/* \
|
||||
- "$p"/lib/kbd/keymaps/i386/*/* \
|
||||
- "$p"/lib/kbd/keymaps/legacy/i386/*/* \
|
||||
- "$p"/lib/kbd/keymaps/xkb/*; do
|
||||
+ "$p"/kbd/keymaps/include/* \
|
||||
+ "$p"/kbd/keymaps/i386/*/* \
|
||||
+ "$p"/kbd/keymaps/legacy/i386/*/* \
|
||||
+ "$p"/kbd/keymaps/xkb/*; do
|
||||
[[ -f "$i" ]] || continue
|
||||
inst "$i"
|
||||
done
|
@ -1,41 +0,0 @@
|
||||
From fcaf368341c85285017f77333543656e1382975e Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Wed, 9 Feb 2022 22:35:03 +0100
|
||||
Subject: [PATCH] test: lvm 2.03.15 dropped the static autoactivation
|
||||
|
||||
so install the respective generator only if we're running with older
|
||||
lvm versions.
|
||||
|
||||
See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=ee8fb0310c53ed003a43b324c99cdfd891dd1a7c
|
||||
(cherry picked from commit d10d562bd4b9f93130fb2b23f2b0d0d4126ea7d4)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
test/test-functions | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/test/test-functions b/test/test-functions
|
||||
index 4827b6bedf..dcc893733c 100644
|
||||
--- a/test/test-functions
|
||||
+++ b/test/test-functions
|
||||
@@ -973,16 +973,19 @@ install_lvm() {
|
||||
image_install lvm
|
||||
image_install "${ROOTLIBDIR:?}"/system/lvm2-lvmpolld.{service,socket}
|
||||
image_install "${ROOTLIBDIR:?}"/system/{blk-availability,lvm2-monitor}.service
|
||||
- image_install "${ROOTLIBDIR:?}"/system-generators/lvm2-activation-generator
|
||||
image_install -o "/lib/tmpfiles.d/lvm2.conf"
|
||||
if get_bool "$LOOKS_LIKE_DEBIAN"; then
|
||||
inst_rules 56-lvm.rules 69-lvm-metad.rules
|
||||
else
|
||||
# Support the new udev autoactivation introduced in lvm 2.03.14
|
||||
# https://sourceware.org/git/?p=lvm2.git;a=commit;h=67722b312390cdab29c076c912e14bd739c5c0f6
|
||||
+ # Static autoactivation (via lvm2-activation-generator) was dropped
|
||||
+ # in lvm 2.03.15
|
||||
+ # https://sourceware.org/git/?p=lvm2.git;a=commit;h=ee8fb0310c53ed003a43b324c99cdfd891dd1a7c
|
||||
if [[ -f /lib/udev/rules.d/69-dm-lvm.rules ]]; then
|
||||
inst_rules 11-dm-lvm.rules 69-dm-lvm.rules
|
||||
else
|
||||
+ image_install "${ROOTLIBDIR:?}"/system-generators/lvm2-activation-generator
|
||||
image_install "${ROOTLIBDIR:?}"/system/lvm2-pvscan@.service
|
||||
inst_rules 11-dm-lvm.rules 69-dm-lvm-metad.rules
|
||||
fi
|
@ -1,39 +0,0 @@
|
||||
From 494045e03c7e1b81ac4dcea7d4bf776e2bc50c77 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Thu, 10 Feb 2022 12:29:53 +0100
|
||||
Subject: [PATCH] test: accept GC'ed units in newer LVM
|
||||
|
||||
Since lvm 2.03.15 the transient units are started without `-r`, thus
|
||||
disappearing once they finish and breaking the test (which expects them
|
||||
to remain loaded after finishing). Let's accept `LoadState=not-found` as
|
||||
a valid result as well to fix this.
|
||||
|
||||
Follow-up to: d10d562bd4b9f93130fb2b23f2b0d0d4126ea7d4
|
||||
See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=fbd8b0cf43dc67f51f86f060dce748f446985855
|
||||
|
||||
(cherry picked from commit b034f02c628057c30a2136289a1b388a6fb9a737)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
test/units/testsuite-64.sh | 8 ++++++++
|
||||
1 file changed, 8 insertions(+)
|
||||
|
||||
diff --git a/test/units/testsuite-64.sh b/test/units/testsuite-64.sh
|
||||
index f75382d90a..dc8b263b10 100755
|
||||
--- a/test/units/testsuite-64.sh
|
||||
+++ b/test/units/testsuite-64.sh
|
||||
@@ -96,6 +96,14 @@ helper_wait_for_lvm_activate() {
|
||||
if [[ "$(systemctl show -P SubState "$lvm_activate_svc")" == exited ]]; then
|
||||
return 0
|
||||
fi
|
||||
+ else
|
||||
+ # Since lvm 2.03.15 the lvm-activate transient unit no longer remains
|
||||
+ # after finishing, so we have to treat non-existent units as a success
|
||||
+ # as well
|
||||
+ # See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=fbd8b0cf43dc67f51f86f060dce748f446985855
|
||||
+ if [[ "$(systemctl show -P LoadState "$lvm_activate_svc")" == not-found ]]; then
|
||||
+ return 0
|
||||
+ fi
|
||||
fi
|
||||
|
||||
sleep .5
|
@ -0,0 +1,19 @@
|
||||
From d9328ee5e53d1901af9396ae3e0b2dd05f731781 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Mon, 14 Nov 2022 09:25:37 +0100
|
||||
Subject: [PATCH] Create CNAME
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
docs/CNAME | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
create mode 100644 docs/CNAME
|
||||
|
||||
diff --git a/docs/CNAME b/docs/CNAME
|
||||
new file mode 100644
|
||||
index 0000000000..cdcf4d9a52
|
||||
--- /dev/null
|
||||
+++ b/docs/CNAME
|
||||
@@ -0,0 +1 @@
|
||||
+systemd.io
|
||||
\ No newline at end of file
|
@ -1,127 +0,0 @@
|
||||
From 3ed5b365c5134cb18da8aed397c7c4551af25715 Mon Sep 17 00:00:00 2001
|
||||
From: Daan De Meyer <daan.j.demeyer@gmail.com>
|
||||
Date: Tue, 1 Mar 2022 17:04:13 +0000
|
||||
Subject: [PATCH] shared: Add more dlopen() tests
|
||||
|
||||
Add dlopen_dw(), dlopen_elf() and dlopen_pcre2() to the dlopen test.
|
||||
To enable adding dlopen_pcre2(), we move pcre2-dlopen.h/c from
|
||||
src/journal to src/shared.
|
||||
|
||||
(cherry picked from commit ee48779e05831a0ec5e1ba5e7ed5fe92aaca1d9e)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/journal/meson.build | 2 --
|
||||
src/shared/elf-util.c | 4 ++--
|
||||
src/shared/elf-util.h | 3 +++
|
||||
src/shared/meson.build | 2 ++
|
||||
src/{journal => shared}/pcre2-dlopen.c | 0
|
||||
src/{journal => shared}/pcre2-dlopen.h | 0
|
||||
src/test/test-dlopen-so.c | 11 +++++++++++
|
||||
7 files changed, 18 insertions(+), 4 deletions(-)
|
||||
rename src/{journal => shared}/pcre2-dlopen.c (100%)
|
||||
rename src/{journal => shared}/pcre2-dlopen.h (100%)
|
||||
|
||||
diff --git a/src/journal/meson.build b/src/journal/meson.build
|
||||
index eb66bfd584..270592f2ac 100644
|
||||
--- a/src/journal/meson.build
|
||||
+++ b/src/journal/meson.build
|
||||
@@ -49,8 +49,6 @@ systemd_cat_sources = files('cat.c')
|
||||
|
||||
journalctl_sources = files('''
|
||||
journalctl.c
|
||||
- pcre2-dlopen.c
|
||||
- pcre2-dlopen.h
|
||||
'''.split())
|
||||
|
||||
if install_sysconfdir_samples
|
||||
diff --git a/src/shared/elf-util.c b/src/shared/elf-util.c
|
||||
index 4d93e7eaba..6d9fcfbbf2 100644
|
||||
--- a/src/shared/elf-util.c
|
||||
+++ b/src/shared/elf-util.c
|
||||
@@ -80,7 +80,7 @@ unsigned int (*sym_elf_version)(unsigned int);
|
||||
GElf_Phdr *(*sym_gelf_getphdr)(Elf *, int, GElf_Phdr *);
|
||||
size_t (*sym_gelf_getnote)(Elf_Data *, size_t, GElf_Nhdr *, size_t *, size_t *);
|
||||
|
||||
-static int dlopen_dw(void) {
|
||||
+int dlopen_dw(void) {
|
||||
int r;
|
||||
|
||||
r = dlopen_many_sym_or_warn(
|
||||
@@ -123,7 +123,7 @@ static int dlopen_dw(void) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
-static int dlopen_elf(void) {
|
||||
+int dlopen_elf(void) {
|
||||
int r;
|
||||
|
||||
r = dlopen_many_sym_or_warn(
|
||||
diff --git a/src/shared/elf-util.h b/src/shared/elf-util.h
|
||||
index cf3d9be128..b28e64cea6 100644
|
||||
--- a/src/shared/elf-util.h
|
||||
+++ b/src/shared/elf-util.h
|
||||
@@ -4,6 +4,9 @@
|
||||
#include "json.h"
|
||||
|
||||
#if HAVE_ELFUTILS
|
||||
+int dlopen_dw(void);
|
||||
+int dlopen_elf(void);
|
||||
+
|
||||
/* Parse an ELF object in a forked process, so that errors while iterating over
|
||||
* untrusted and potentially malicious data do not propagate to the main caller's process.
|
||||
* If fork_disable_dump, the child process will not dump core if it crashes. */
|
||||
diff --git a/src/shared/meson.build b/src/shared/meson.build
|
||||
index 5dc58a863d..006310a917 100644
|
||||
--- a/src/shared/meson.build
|
||||
+++ b/src/shared/meson.build
|
||||
@@ -241,6 +241,8 @@ shared_sources = files('''
|
||||
parse-argument.h
|
||||
parse-socket-bind-item.c
|
||||
parse-socket-bind-item.h
|
||||
+ pcre2-dlopen.c
|
||||
+ pcre2-dlopen.h
|
||||
pe-header.h
|
||||
pkcs11-util.c
|
||||
pkcs11-util.h
|
||||
diff --git a/src/journal/pcre2-dlopen.c b/src/shared/pcre2-dlopen.c
|
||||
similarity index 100%
|
||||
rename from src/journal/pcre2-dlopen.c
|
||||
rename to src/shared/pcre2-dlopen.c
|
||||
diff --git a/src/journal/pcre2-dlopen.h b/src/shared/pcre2-dlopen.h
|
||||
similarity index 100%
|
||||
rename from src/journal/pcre2-dlopen.h
|
||||
rename to src/shared/pcre2-dlopen.h
|
||||
diff --git a/src/test/test-dlopen-so.c b/src/test/test-dlopen-so.c
|
||||
index ea2ef31b1f..002f666ed8 100644
|
||||
--- a/src/test/test-dlopen-so.c
|
||||
+++ b/src/test/test-dlopen-so.c
|
||||
@@ -5,10 +5,12 @@
|
||||
|
||||
#include "bpf-dlopen.h"
|
||||
#include "cryptsetup-util.h"
|
||||
+#include "elf-util.h"
|
||||
#include "idn-util.h"
|
||||
#include "libfido2-util.h"
|
||||
#include "macro.h"
|
||||
#include "main-func.h"
|
||||
+#include "pcre2-dlopen.h"
|
||||
#include "pwquality-util.h"
|
||||
#include "qrcode-util.h"
|
||||
#include "tests.h"
|
||||
@@ -49,6 +51,15 @@ static int run(int argc, char **argv) {
|
||||
assert_se(dlopen_bpf() >= 0);
|
||||
#endif
|
||||
|
||||
+#if HAVE_ELFUTILS
|
||||
+ assert_se(dlopen_dw() >= 0);
|
||||
+ assert_se(dlopen_elf() >= 0);
|
||||
+#endif
|
||||
+
|
||||
+#if HAVE_PCRE2
|
||||
+ assert_se(dlopen_pcre2() >= 0);
|
||||
+#endif
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
@ -1,36 +0,0 @@
|
||||
From b07519fd5241eacfdb735917eca4ccbf441b5a8a Mon Sep 17 00:00:00 2001
|
||||
From: Daan De Meyer <daan.j.demeyer@gmail.com>
|
||||
Date: Tue, 22 Feb 2022 11:06:00 +0000
|
||||
Subject: [PATCH] systemctl: Show how long a service ran for after it exited in
|
||||
status output
|
||||
|
||||
(cherry picked from commit 0802f62efc1d1c67d5be67223b529c93536cf2ed)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/systemctl/systemctl-show.c | 12 ++++++++++++
|
||||
1 file changed, 12 insertions(+)
|
||||
|
||||
diff --git a/src/systemctl/systemctl-show.c b/src/systemctl/systemctl-show.c
|
||||
index 37c898f313..9b23471990 100644
|
||||
--- a/src/systemctl/systemctl-show.c
|
||||
+++ b/src/systemctl/systemctl-show.c
|
||||
@@ -433,6 +433,18 @@ static void print_status_info(
|
||||
FORMAT_TIMESTAMP_STYLE(until_timestamp, arg_timestamp_style),
|
||||
FORMAT_TIMESTAMP_RELATIVE(until_timestamp));
|
||||
}
|
||||
+
|
||||
+ if (!endswith(i->id, ".target") &&
|
||||
+ STRPTR_IN_SET(i->active_state, "inactive", "failed") &&
|
||||
+ timestamp_is_set(i->active_enter_timestamp) &&
|
||||
+ timestamp_is_set(i->active_exit_timestamp) &&
|
||||
+ i->active_exit_timestamp >= i->active_enter_timestamp) {
|
||||
+
|
||||
+ usec_t duration;
|
||||
+
|
||||
+ duration = i->active_exit_timestamp - i->active_enter_timestamp;
|
||||
+ printf(" Duration: %s\n", FORMAT_TIMESPAN(duration, MSEC_PER_SEC));
|
||||
+ }
|
||||
} else
|
||||
printf("\n");
|
||||
|
@ -0,0 +1,46 @@
|
||||
From 31f0c1b06bfd90d52009b59b9a4bf26c297790a7 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Mon, 14 Nov 2022 17:26:49 +0100
|
||||
Subject: [PATCH] tpm2-util: force default TCTI to be "device" with parameter
|
||||
"/dev/tpmrm0"
|
||||
|
||||
Apparently some distros default to tss-abmrd. Let's bypass that and
|
||||
always go to the kernel resource manager.
|
||||
|
||||
abmrd cannot really work for us, since we want to access the TPM already
|
||||
in earliest boot i.e. in environments the abmrd service is not available
|
||||
in.
|
||||
|
||||
Fixes: #25352
|
||||
(cherry picked from commit 34906680afe60d724ea435b79b9b830a4bf2e7e9)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/shared/tpm2-util.c | 13 ++++++++++++-
|
||||
1 file changed, 12 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
|
||||
index 65e8d48347..9d73316146 100644
|
||||
--- a/src/shared/tpm2-util.c
|
||||
+++ b/src/shared/tpm2-util.c
|
||||
@@ -152,8 +152,19 @@ int tpm2_context_init(const char *device, struct tpm2_context *ret) {
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "TPM2 support not installed: %m");
|
||||
|
||||
- if (!device)
|
||||
+ if (!device) {
|
||||
device = secure_getenv("SYSTEMD_TPM2_DEVICE");
|
||||
+ if (device)
|
||||
+ /* Setting the env var to an empty string forces tpm2-tss' own device picking
|
||||
+ * logic to be used. */
|
||||
+ device = empty_to_null(device);
|
||||
+ else
|
||||
+ /* If nothing was specified explicitly, we'll use a hardcoded default: the "device" tcti
|
||||
+ * driver and the "/dev/tpmrm0" device. We do this since on some distributions the tpm2-abrmd
|
||||
+ * might be used and we really don't want that, since it is a system service and that creates
|
||||
+ * various ordering issues/deadlocks during early boot. */
|
||||
+ device = "device:/dev/tpmrm0";
|
||||
+ }
|
||||
|
||||
if (device) {
|
||||
const char *param, *driver, *fn;
|
@ -1,130 +0,0 @@
|
||||
From 5f59cc1593eaa251161061fe9a4ac4afb1592e6e Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Mon, 21 Feb 2022 13:08:20 +0100
|
||||
Subject: [PATCH] time-util: introduce TIMESTAMP_UNIX
|
||||
|
||||
Allow formatting timestamps as number of seconds since the Epoch for easier
|
||||
machine parsing.
|
||||
|
||||
Fixes: #22567
|
||||
|
||||
```
|
||||
$ systemctl show systemd-journald | grep Timestamp
|
||||
WatchdogTimestampMonotonic=0
|
||||
ExecMainStartTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
ExecMainStartTimestampMonotonic=13030408
|
||||
ExecMainExitTimestampMonotonic=0
|
||||
StateChangeTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
StateChangeTimestampMonotonic=13049273
|
||||
InactiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
InactiveExitTimestampMonotonic=13030430
|
||||
ActiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
ActiveEnterTimestampMonotonic=13049273
|
||||
ActiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
ActiveExitTimestampMonotonic=12997236
|
||||
InactiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
InactiveEnterTimestampMonotonic=13028890
|
||||
ConditionTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
ConditionTimestampMonotonic=13029539
|
||||
AssertTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
AssertTimestampMonotonic=13029540
|
||||
|
||||
$ systemctl show --timestamp=unix systemd-journald | grep Timestamp
|
||||
WatchdogTimestampMonotonic=0
|
||||
ExecMainStartTimestamp=@1639232757
|
||||
ExecMainStartTimestampMonotonic=13030408
|
||||
ExecMainExitTimestampMonotonic=0
|
||||
StateChangeTimestamp=@1639232757
|
||||
StateChangeTimestampMonotonic=13049273
|
||||
InactiveExitTimestamp=@1639232757
|
||||
InactiveExitTimestampMonotonic=13030430
|
||||
ActiveEnterTimestamp=@1639232757
|
||||
ActiveEnterTimestampMonotonic=13049273
|
||||
ActiveExitTimestamp=@1639232757
|
||||
ActiveExitTimestampMonotonic=12997236
|
||||
InactiveEnterTimestamp=@1639232757
|
||||
InactiveEnterTimestampMonotonic=13028890
|
||||
ConditionTimestamp=@1639232757
|
||||
ConditionTimestampMonotonic=13029539
|
||||
AssertTimestamp=@1639232757
|
||||
AssertTimestampMonotonic=13029540
|
||||
```
|
||||
|
||||
(cherry picked from commit ed4a5b434517eeebc508379476cf112704e7981c)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/basic/time-util.c | 11 +++++++++++
|
||||
src/basic/time-util.h | 1 +
|
||||
src/test/test-time-util.c | 5 +++++
|
||||
3 files changed, 17 insertions(+)
|
||||
|
||||
diff --git a/src/basic/time-util.c b/src/basic/time-util.c
|
||||
index b659d6905d..c0841af8f3 100644
|
||||
--- a/src/basic/time-util.c
|
||||
+++ b/src/basic/time-util.c
|
||||
@@ -320,11 +320,13 @@ char *format_timestamp_style(
|
||||
time_t sec;
|
||||
size_t n;
|
||||
bool utc = false, us = false;
|
||||
+ int r;
|
||||
|
||||
assert(buf);
|
||||
|
||||
switch (style) {
|
||||
case TIMESTAMP_PRETTY:
|
||||
+ case TIMESTAMP_UNIX:
|
||||
break;
|
||||
case TIMESTAMP_US:
|
||||
us = true;
|
||||
@@ -350,6 +352,14 @@ char *format_timestamp_style(
|
||||
if (t <= 0 || t == USEC_INFINITY)
|
||||
return NULL; /* Timestamp is unset */
|
||||
|
||||
+ if (style == TIMESTAMP_UNIX) {
|
||||
+ r = snprintf(buf, l, "@" USEC_FMT, t / USEC_PER_SEC); /* round down µs → s */
|
||||
+ if (r < 0 || (size_t) r >= l)
|
||||
+ return NULL; /* Doesn't fit */
|
||||
+
|
||||
+ return buf;
|
||||
+ }
|
||||
+
|
||||
/* Let's not format times with years > 9999 */
|
||||
if (t > USEC_TIMESTAMP_FORMATTABLE_MAX) {
|
||||
assert(l >= STRLEN("--- XXXX-XX-XX XX:XX:XX") + 1);
|
||||
@@ -1632,6 +1642,7 @@ static const char* const timestamp_style_table[_TIMESTAMP_STYLE_MAX] = {
|
||||
[TIMESTAMP_US] = "us",
|
||||
[TIMESTAMP_UTC] = "utc",
|
||||
[TIMESTAMP_US_UTC] = "us+utc",
|
||||
+ [TIMESTAMP_UNIX] = "unix",
|
||||
};
|
||||
|
||||
/* Use the macro for enum → string to allow for aliases */
|
||||
diff --git a/src/basic/time-util.h b/src/basic/time-util.h
|
||||
index 895af88299..01a72026e3 100644
|
||||
--- a/src/basic/time-util.h
|
||||
+++ b/src/basic/time-util.h
|
||||
@@ -34,6 +34,7 @@ typedef enum TimestampStyle {
|
||||
TIMESTAMP_US,
|
||||
TIMESTAMP_UTC,
|
||||
TIMESTAMP_US_UTC,
|
||||
+ TIMESTAMP_UNIX,
|
||||
_TIMESTAMP_STYLE_MAX,
|
||||
_TIMESTAMP_STYLE_INVALID = -EINVAL,
|
||||
} TimestampStyle;
|
||||
diff --git a/src/test/test-time-util.c b/src/test/test-time-util.c
|
||||
index 554693834b..799d271a44 100644
|
||||
--- a/src/test/test-time-util.c
|
||||
+++ b/src/test/test-time-util.c
|
||||
@@ -325,6 +325,11 @@ TEST(format_timestamp) {
|
||||
assert_se(parse_timestamp(buf, &y) >= 0);
|
||||
assert_se(x / USEC_PER_SEC == y / USEC_PER_SEC);
|
||||
|
||||
+ assert_se(format_timestamp_style(buf, sizeof(buf), x, TIMESTAMP_UNIX));
|
||||
+ log_debug("%s", buf);
|
||||
+ assert_se(parse_timestamp(buf, &y) >= 0);
|
||||
+ assert_se(x / USEC_PER_SEC == y / USEC_PER_SEC);
|
||||
+
|
||||
assert_se(format_timestamp_style(buf, sizeof(buf), x, TIMESTAMP_UTC));
|
||||
log_debug("%s", buf);
|
||||
assert_se(parse_timestamp(buf, &y) >= 0);
|
@ -0,0 +1,52 @@
|
||||
From 5b20ba25259da453a2aac5e65978a11bc2d048ed Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Tue, 15 Nov 2022 23:01:04 +0100
|
||||
Subject: [PATCH] tpm2: add some extra validation of device string before using
|
||||
it
|
||||
|
||||
Let's add some extra validation before constructing and using the .so
|
||||
name to load. This isn't really security sensitive, given that we
|
||||
used secure_getenv() to get the device string (and it thus should have
|
||||
been come from a trusted source) but let's better be safe than sorry.
|
||||
|
||||
(cherry picked from commit 50a085143fa8f5dd6b6b3cef8a6ea2ec7c53ed0d)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/shared/tpm2-util.c | 16 ++++++++++++++--
|
||||
1 file changed, 14 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
|
||||
index 9d73316146..4d0df944a9 100644
|
||||
--- a/src/shared/tpm2-util.c
|
||||
+++ b/src/shared/tpm2-util.c
|
||||
@@ -174,15 +174,27 @@ int tpm2_context_init(const char *device, struct tpm2_context *ret) {
|
||||
|
||||
param = strchr(device, ':');
|
||||
if (param) {
|
||||
+ /* Syntax #1: Pair of driver string and arbitrary parameter */
|
||||
driver = strndupa_safe(device, param - device);
|
||||
+ if (isempty(driver))
|
||||
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "TPM2 driver name is empty, refusing.");
|
||||
+
|
||||
param++;
|
||||
- } else {
|
||||
+ } else if (path_is_absolute(device) && path_is_valid(device)) {
|
||||
+ /* Syntax #2: TPM device node */
|
||||
driver = "device";
|
||||
param = device;
|
||||
- }
|
||||
+ } else
|
||||
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid TPM2 driver string, refusing.");
|
||||
+
|
||||
+ log_debug("Using TPM2 TCTI driver '%s' with device '%s'.", driver, param);
|
||||
|
||||
fn = strjoina("libtss2-tcti-", driver, ".so.0");
|
||||
|
||||
+ /* Better safe than sorry, let's refuse strings that cannot possibly be valid driver early, before going to disk. */
|
||||
+ if (!filename_is_valid(fn))
|
||||
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "TPM2 driver name '%s' not valid, refusing.", driver);
|
||||
+
|
||||
dl = dlopen(fn, RTLD_NOW);
|
||||
if (!dl)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE), "Failed to load %s: %s", fn, dlerror());
|
@ -0,0 +1,25 @@
|
||||
From 2fdb15b3053d20282d7f3c20a7a4d2bd96d9a39b Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Sun, 13 Nov 2022 16:14:17 +0100
|
||||
Subject: [PATCH] boot: Fix error message
|
||||
|
||||
(cherry picked from commit 6ee4aa22140dd8d51b1a18882eb4220629b8dd8f)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/boot/efi/boot.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c
|
||||
index 4150b16ecf..84f4cc11a3 100644
|
||||
--- a/src/boot/efi/boot.c
|
||||
+++ b/src/boot/efi/boot.c
|
||||
@@ -2678,7 +2678,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
|
||||
|
||||
err = device_path_to_str(loaded_image->FilePath, &loaded_image_path);
|
||||
if (err != EFI_SUCCESS)
|
||||
- return log_error_status_stall(err, L"Error getting loaded image path: %m");
|
||||
+ return log_error_status_stall(err, L"Error getting loaded image path: %r", err);
|
||||
|
||||
export_variables(loaded_image, loaded_image_path, init_usec);
|
||||
|
@ -1,49 +0,0 @@
|
||||
From 17dfcbd7fe332e7559e168520a57b0241d688485 Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Mon, 21 Feb 2022 13:14:18 +0100
|
||||
Subject: [PATCH] systemctl,man: update docs for `--timestamp=`
|
||||
|
||||
(cherry picked from commit b58b4a9f379748fec667fb60606de945eaafadbe)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
man/systemctl.xml | 7 +++++++
|
||||
src/systemctl/systemctl.c | 7 ++-----
|
||||
2 files changed, 9 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/man/systemctl.xml b/man/systemctl.xml
|
||||
index 3b3d709ab3..f28579e05d 100644
|
||||
--- a/man/systemctl.xml
|
||||
+++ b/man/systemctl.xml
|
||||
@@ -2305,6 +2305,13 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
|
||||
+ <variablelist>
|
||||
+ <varlistentry>
|
||||
+ <term><option>unix</option></term>
|
||||
+ <listitem><para><literal>@seconds-since-the-epoch</literal></para></listitem>
|
||||
+ </varlistentry>
|
||||
+ </variablelist>
|
||||
+
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>us</option></term>
|
||||
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
|
||||
index 9031e685ea..0489796a75 100644
|
||||
--- a/src/systemctl/systemctl.c
|
||||
+++ b/src/systemctl/systemctl.c
|
||||
@@ -296,11 +296,8 @@ static int systemctl_help(void) {
|
||||
" --boot-loader-entry=NAME\n"
|
||||
" Boot into a specific boot loader entry on next boot\n"
|
||||
" --plain Print unit dependencies as a list instead of a tree\n"
|
||||
- " --timestamp=FORMAT Change format of printed timestamps.\n"
|
||||
- " 'pretty' (default): 'Day YYYY-MM-DD HH:MM:SS TZ\n"
|
||||
- " 'us': 'Day YYYY-MM-DD HH:MM:SS.UUUUUU TZ\n"
|
||||
- " 'utc': 'Day YYYY-MM-DD HH:MM:SS UTC\n"
|
||||
- " 'us+utc': 'Day YYYY-MM-DD HH:MM:SS.UUUUUU UTC\n"
|
||||
+ " --timestamp=FORMAT Change format of printed timestamps (pretty, unix,\n"
|
||||
+ " us, utc, us+utc)\n"
|
||||
" --read-only Create read-only bind mount\n"
|
||||
" --mkdir Create directory before mounting, if missing\n"
|
||||
" --marked Restart/reload previously marked units\n"
|
@ -0,0 +1,25 @@
|
||||
From 58a3aaaad640bee3cca79a644422489e184b49c1 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Mon, 14 Nov 2022 14:18:26 +0100
|
||||
Subject: [PATCH] boot: Fix memory leak
|
||||
|
||||
(cherry picked from commit b7b327f856b3782f28be561d612d66ff406c7789)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/boot/efi/boot.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c
|
||||
index 84f4cc11a3..17d4ec2d09 100644
|
||||
--- a/src/boot/efi/boot.c
|
||||
+++ b/src/boot/efi/boot.c
|
||||
@@ -2650,7 +2650,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
|
||||
EFI_LOADED_IMAGE_PROTOCOL *loaded_image;
|
||||
_cleanup_(file_closep) EFI_FILE *root_dir = NULL;
|
||||
_cleanup_(config_free) Config config = {};
|
||||
- char16_t *loaded_image_path;
|
||||
+ _cleanup_free_ char16_t *loaded_image_path = NULL;
|
||||
EFI_STATUS err;
|
||||
uint64_t init_usec;
|
||||
bool menu = false;
|
@ -1,69 +0,0 @@
|
||||
From ab458e74eccf14550711ca024e9176fba7993abc Mon Sep 17 00:00:00 2001
|
||||
From: Frantisek Sumsal <frantisek@sumsal.cz>
|
||||
Date: Fri, 18 Feb 2022 23:09:18 +0100
|
||||
Subject: [PATCH] systemctl: make `--timestamp=` affect the `show` verb as well
|
||||
|
||||
Currently the `--timestamp=` option has no effect on timestamps shown by
|
||||
`systemctl show`, let's fix that.
|
||||
|
||||
Spotted in #22567.
|
||||
|
||||
Before:
|
||||
```
|
||||
$ systemctl show --timestamp=us+utc systemd-journald | grep Timestamp=
|
||||
ExecMainStartTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
StateChangeTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
InactiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
ActiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
ActiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
InactiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
ConditionTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
AssertTimestamp=Sat 2021-12-11 15:25:57 CET
|
||||
```
|
||||
|
||||
After:
|
||||
```
|
||||
$ systemctl show --timestamp=us+utc systemd-journald | grep Timestamp=
|
||||
ExecMainStartTimestamp=Sat 2021-12-11 14:25:57.177848 UTC
|
||||
StateChangeTimestamp=Sat 2021-12-11 14:25:57.196714 UTC
|
||||
InactiveExitTimestamp=Sat 2021-12-11 14:25:57.177871 UTC
|
||||
ActiveEnterTimestamp=Sat 2021-12-11 14:25:57.196714 UTC
|
||||
ActiveExitTimestamp=Sat 2021-12-11 14:25:57.144677 UTC
|
||||
InactiveEnterTimestamp=Sat 2021-12-11 14:25:57.176331 UTC
|
||||
ConditionTimestamp=Sat 2021-12-11 14:25:57.176980 UTC
|
||||
AssertTimestamp=Sat 2021-12-11 14:25:57.176980 UTC
|
||||
|
||||
```
|
||||
|
||||
(cherry picked from commit a59e5c625da5a6e0c46e493d55f2f4212e9457ca)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/systemctl/systemctl-show.c | 14 ++++++++++++++
|
||||
1 file changed, 14 insertions(+)
|
||||
|
||||
diff --git a/src/systemctl/systemctl-show.c b/src/systemctl/systemctl-show.c
|
||||
index 9b23471990..7a6655da74 100644
|
||||
--- a/src/systemctl/systemctl-show.c
|
||||
+++ b/src/systemctl/systemctl-show.c
|
||||
@@ -1001,6 +1001,20 @@ static int print_property(const char *name, const char *expected_value, sd_bus_m
|
||||
}
|
||||
break;
|
||||
|
||||
+ case SD_BUS_TYPE_UINT64:
|
||||
+ if (endswith(name, "Timestamp")) {
|
||||
+ uint64_t timestamp;
|
||||
+
|
||||
+ r = sd_bus_message_read_basic(m, bus_type, ×tamp);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+
|
||||
+ bus_print_property_value(name, expected_value, flags, FORMAT_TIMESTAMP_STYLE(timestamp, arg_timestamp_style));
|
||||
+
|
||||
+ return 1;
|
||||
+ }
|
||||
+ break;
|
||||
+
|
||||
case SD_BUS_TYPE_STRUCT:
|
||||
|
||||
if (contents[0] == SD_BUS_TYPE_UINT32 && streq(name, "Job")) {
|
@ -0,0 +1,88 @@
|
||||
From 8cbb38625364640f390b2df2cda44ff3877fb16d Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Mon, 14 Nov 2022 14:37:13 +0100
|
||||
Subject: [PATCH] boot: Do not require a loaded image path
|
||||
|
||||
If the device path to text protocol is not available (looking angrily at
|
||||
Apple) we would fail to boot because we cannot get the loaded image
|
||||
path. As this is only used for cosmetic purposes, we can just silently
|
||||
continue.
|
||||
|
||||
Fixes: #25363
|
||||
(cherry picked from commit af7ef648cddeb96da525de2410565d166f75cc96)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/boot/efi/boot.c | 13 +++----------
|
||||
1 file changed, 3 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c
|
||||
index 17d4ec2d09..b490a1d972 100644
|
||||
--- a/src/boot/efi/boot.c
|
||||
+++ b/src/boot/efi/boot.c
|
||||
@@ -471,7 +471,6 @@ static void print_status(Config *config, char16_t *loaded_image_path) {
|
||||
_cleanup_free_ char16_t *device_part_uuid = NULL;
|
||||
|
||||
assert(config);
|
||||
- assert(loaded_image_path);
|
||||
|
||||
clear_screen(COLOR_NORMAL);
|
||||
console_query_mode(&x_max, &y_max);
|
||||
@@ -619,7 +618,6 @@ static bool menu_run(
|
||||
|
||||
assert(config);
|
||||
assert(chosen_entry);
|
||||
- assert(loaded_image_path);
|
||||
|
||||
EFI_STATUS err;
|
||||
UINTN visible_max = 0;
|
||||
@@ -1478,7 +1476,7 @@ static void config_entry_add_type1(
|
||||
entry->loader = xstra_to_path(value);
|
||||
|
||||
/* do not add an entry for ourselves */
|
||||
- if (loaded_image_path && strcaseeq16(entry->loader, loaded_image_path)) {
|
||||
+ if (strcaseeq16(entry->loader, loaded_image_path)) {
|
||||
entry->type = LOADER_UNDEFINED;
|
||||
break;
|
||||
}
|
||||
@@ -1908,12 +1906,11 @@ static ConfigEntry *config_entry_add_loader_auto(
|
||||
assert(root_dir);
|
||||
assert(id);
|
||||
assert(title);
|
||||
- assert(loader || loaded_image_path);
|
||||
|
||||
if (!config->auto_entries)
|
||||
return NULL;
|
||||
|
||||
- if (loaded_image_path) {
|
||||
+ if (!loader) {
|
||||
loader = L"\\EFI\\BOOT\\BOOT" EFI_MACHINE_TYPE_NAME ".efi";
|
||||
|
||||
/* We are trying to add the default EFI loader here,
|
||||
@@ -2562,7 +2559,6 @@ static void export_variables(
|
||||
char16_t uuid[37];
|
||||
|
||||
assert(loaded_image);
|
||||
- assert(loaded_image_path);
|
||||
|
||||
efivar_set_time_usec(LOADER_GUID, L"LoaderTimeInitUSec", init_usec);
|
||||
efivar_set(LOADER_GUID, L"LoaderInfo", L"systemd-boot " GIT_VERSION, 0);
|
||||
@@ -2591,7 +2587,6 @@ static void config_load_all_entries(
|
||||
|
||||
assert(config);
|
||||
assert(loaded_image);
|
||||
- assert(loaded_image_path);
|
||||
assert(root_dir);
|
||||
|
||||
config_load_defaults(config, root_dir);
|
||||
@@ -2676,9 +2671,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
|
||||
if (err != EFI_SUCCESS)
|
||||
return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err);
|
||||
|
||||
- err = device_path_to_str(loaded_image->FilePath, &loaded_image_path);
|
||||
- if (err != EFI_SUCCESS)
|
||||
- return log_error_status_stall(err, L"Error getting loaded image path: %r", err);
|
||||
+ (void) device_path_to_str(loaded_image->FilePath, &loaded_image_path);
|
||||
|
||||
export_variables(loaded_image, loaded_image_path, init_usec);
|
||||
|
@ -1,39 +0,0 @@
|
||||
From fdd32f48af7993305f65989162dedd75a929966a Mon Sep 17 00:00:00 2001
|
||||
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||
Date: Tue, 15 Feb 2022 01:13:10 +0000
|
||||
Subject: [PATCH] tests: allow running all the services with SYSTEMD_LOG_LEVEL
|
||||
|
||||
It should make it easier to figure out what exactly services do there.
|
||||
For example, with SYSTEMD_LOG_LEVEL=debug userdbd (v249) prints
|
||||
```
|
||||
varlink-5: New incoming message: {"method":"io.systemd.UserDatabase.GetUserRecord","parameters":{}}
|
||||
```
|
||||
before it crashes and systemd-resolved prints
|
||||
```
|
||||
varlink-21: New incoming message: {"method":"io.systemd.Resolve.ResolveAddress","parameters":{"address":[127,0,0,1],"flags":0,"ifindex":1000000,"family":0}}
|
||||
```
|
||||
and those messages are helpful (especially when scripts causing them
|
||||
aren't clever enough to keep track of random stuff they send to systemd
|
||||
:-))
|
||||
|
||||
(cherry picked from commit bf6ef6b6a9156e5f52ee69ce0c529a246f103e54)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
test/test-functions | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/test/test-functions b/test/test-functions
|
||||
index dcc893733c..a299f5ff1f 100644
|
||||
--- a/test/test-functions
|
||||
+++ b/test/test-functions
|
||||
@@ -1142,6 +1142,9 @@ install_systemd() {
|
||||
|
||||
# enable debug logging in PID1
|
||||
echo LogLevel=debug >>"$initdir/etc/systemd/system.conf"
|
||||
+ if [[ -n "$TEST_SYSTEMD_LOG_LEVEL" ]]; then
|
||||
+ echo DefaultEnvironment=SYSTEMD_LOG_LEVEL="$TEST_SYSTEMD_LOG_LEVEL" >>"$initdir/etc/systemd/system.conf"
|
||||
+ fi
|
||||
# store coredumps in journal
|
||||
echo Storage=journal >>"$initdir/etc/systemd/coredump.conf"
|
||||
# Propagate SYSTEMD_UNIT_PATH to user systemd managers
|
@ -0,0 +1,75 @@
|
||||
From 806165285b822436023df84ca0a3e5b28a3099d6 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Mon, 14 Nov 2022 15:24:32 +0100
|
||||
Subject: [PATCH] boot: Manually convert filepaths if needed
|
||||
|
||||
The conversion of a filepath device path to text is needed for the stub
|
||||
loader to find credential files.
|
||||
|
||||
(cherry picked from commit 679007044fbbcf82c66cf20b99f2f5086b7df6b4)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/boot/efi/util.c | 40 ++++++++++++++++++++++++++++++++++++----
|
||||
1 file changed, 36 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/boot/efi/util.c b/src/boot/efi/util.c
|
||||
index 5547d288de..57436dbf0c 100644
|
||||
--- a/src/boot/efi/util.c
|
||||
+++ b/src/boot/efi/util.c
|
||||
@@ -772,19 +772,51 @@ EFI_STATUS make_file_device_path(EFI_HANDLE device, const char16_t *file, EFI_DE
|
||||
EFI_STATUS device_path_to_str(const EFI_DEVICE_PATH *dp, char16_t **ret) {
|
||||
EFI_DEVICE_PATH_TO_TEXT_PROTOCOL *dp_to_text;
|
||||
EFI_STATUS err;
|
||||
+ _cleanup_free_ char16_t *str = NULL;
|
||||
|
||||
assert(dp);
|
||||
assert(ret);
|
||||
|
||||
err = BS->LocateProtocol(&(EFI_GUID) EFI_DEVICE_PATH_TO_TEXT_PROTOCOL_GUID, NULL, (void **) &dp_to_text);
|
||||
- if (err != EFI_SUCCESS)
|
||||
- return err;
|
||||
+ if (err != EFI_SUCCESS) {
|
||||
+ /* If the device path to text protocol is not available we can still do a best-effort attempt
|
||||
+ * to convert it ourselves if we are given filepath-only device path. */
|
||||
+
|
||||
+ size_t size = 0;
|
||||
+ for (const EFI_DEVICE_PATH *node = dp; !IsDevicePathEnd(node);
|
||||
+ node = NextDevicePathNode(node)) {
|
||||
+
|
||||
+ if (DevicePathType(node) != MEDIA_DEVICE_PATH ||
|
||||
+ DevicePathSubType(node) != MEDIA_FILEPATH_DP)
|
||||
+ return err;
|
||||
+
|
||||
+ size_t path_size = DevicePathNodeLength(node);
|
||||
+ if (path_size <= offsetof(FILEPATH_DEVICE_PATH, PathName) || path_size % sizeof(char16_t))
|
||||
+ return EFI_INVALID_PARAMETER;
|
||||
+ path_size -= offsetof(FILEPATH_DEVICE_PATH, PathName);
|
||||
+
|
||||
+ _cleanup_free_ char16_t *old = str;
|
||||
+ str = xmalloc(size + path_size);
|
||||
+ if (old) {
|
||||
+ memcpy(str, old, size);
|
||||
+ str[size / sizeof(char16_t) - 1] = '\\';
|
||||
+ }
|
||||
+
|
||||
+ memcpy(str + (size / sizeof(char16_t)),
|
||||
+ ((uint8_t *) node) + offsetof(FILEPATH_DEVICE_PATH, PathName),
|
||||
+ path_size);
|
||||
+ size += path_size;
|
||||
+ }
|
||||
+
|
||||
+ *ret = TAKE_PTR(str);
|
||||
+ return EFI_SUCCESS;
|
||||
+ }
|
||||
|
||||
- char16_t *str = dp_to_text->ConvertDevicePathToText(dp, false, false);
|
||||
+ str = dp_to_text->ConvertDevicePathToText(dp, false, false);
|
||||
if (!str)
|
||||
return EFI_OUT_OF_RESOURCES;
|
||||
|
||||
- *ret = str;
|
||||
+ *ret = TAKE_PTR(str);
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
@ -1,46 +0,0 @@
|
||||
From 19d3bf238c41c756b391fc7e66e5217cde42a896 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Tue, 8 Feb 2022 11:52:17 +0100
|
||||
Subject: [PATCH] coredump: raise the coredump save size on 64bit systems to
|
||||
32G (and lower it to 1G on 32bit systems)
|
||||
|
||||
Apparently 2G is too low for various real-life systems. But raising it
|
||||
universally above 2^32 sounds wrong to me, since that makes no sense on
|
||||
32bit systems, that we still support.
|
||||
|
||||
Hence, let's raise the limit to 32G on 64bit systems, and *lower* it to
|
||||
1G on 32bit systems.
|
||||
|
||||
32G is 4 orders of magnitude higher then the old settings. Let's hope
|
||||
that's enough for now. Should this not be enough we can raise it
|
||||
further.
|
||||
|
||||
Fixes: #22076
|
||||
(cherry picked from commit e677041e7a6988f73de802db6e49d962d432944b)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/coredump/coredump.c | 10 ++++++++--
|
||||
1 file changed, 8 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
|
||||
index 6a6e9765d4..fd156370b2 100644
|
||||
--- a/src/coredump/coredump.c
|
||||
+++ b/src/coredump/coredump.c
|
||||
@@ -48,8 +48,14 @@
|
||||
#include "uid-alloc-range.h"
|
||||
#include "user-util.h"
|
||||
|
||||
-/* The maximum size up to which we process coredumps */
|
||||
-#define PROCESS_SIZE_MAX ((uint64_t) (2LLU*1024LLU*1024LLU*1024LLU))
|
||||
+/* The maximum size up to which we process coredumps. We use 1G on 32bit systems, and 32G on 64bit systems */
|
||||
+#if __SIZEOF_POINTER__ == 4
|
||||
+#define PROCESS_SIZE_MAX ((uint64_t) (1LLU*1024LLU*1024LLU*1024LLU))
|
||||
+#elif __SIZEOF_POINTER__ == 8
|
||||
+#define PROCESS_SIZE_MAX ((uint64_t) (32LLU*1024LLU*1024LLU*1024LLU))
|
||||
+#else
|
||||
+#error "Unexpected pointer size"
|
||||
+#endif
|
||||
|
||||
/* The maximum size up to which we leave the coredump around on disk */
|
||||
#define EXTERNAL_SIZE_MAX PROCESS_SIZE_MAX
|
@ -0,0 +1,433 @@
|
||||
From 519625977d19b7842d9b2ded8be12ed0aecbaefc Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Tue, 15 Nov 2022 18:22:38 +0100
|
||||
Subject: [PATCH] boot: Rework security arch override
|
||||
|
||||
This simplifies the caller interface for security arch overrides by only
|
||||
having to pass a validator and an optional context.
|
||||
|
||||
(cherry picked from commit 5489c13bae119dc5f6e65be8d7f241aa7d54c023)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/boot/efi/linux.c | 61 ++++++++-------------
|
||||
src/boot/efi/secure-boot.c | 105 +++++++++++++++++++++++++++++--------
|
||||
src/boot/efi/secure-boot.h | 28 +++-------
|
||||
src/boot/efi/shim.c | 104 +++++++++++-------------------------
|
||||
4 files changed, 146 insertions(+), 152 deletions(-)
|
||||
|
||||
diff --git a/src/boot/efi/linux.c b/src/boot/efi/linux.c
|
||||
index 75b9507709..dd7eb48c8c 100644
|
||||
--- a/src/boot/efi/linux.c
|
||||
+++ b/src/boot/efi/linux.c
|
||||
@@ -20,35 +20,26 @@
|
||||
#define STUB_PAYLOAD_GUID \
|
||||
{ 0x55c5d1f8, 0x04cd, 0x46b5, { 0x8a, 0x20, 0xe5, 0x6c, 0xbb, 0x30, 0x52, 0xd0 } }
|
||||
|
||||
-static EFIAPI EFI_STATUS security_hook(
|
||||
- const SecurityOverride *this, uint32_t authentication_status, const EFI_DEVICE_PATH *file) {
|
||||
+typedef struct {
|
||||
+ const void *addr;
|
||||
+ size_t len;
|
||||
+ const EFI_DEVICE_PATH *device_path;
|
||||
+} ValidationContext;
|
||||
|
||||
- assert(this);
|
||||
- assert(this->hook == security_hook);
|
||||
+static bool validate_payload(
|
||||
+ const void *ctx, const EFI_DEVICE_PATH *device_path, const void *file_buffer, size_t file_size) {
|
||||
|
||||
- if (file == this->payload_device_path)
|
||||
- return EFI_SUCCESS;
|
||||
+ const ValidationContext *payload = ASSERT_PTR(ctx);
|
||||
|
||||
- return this->original_security->FileAuthenticationState(
|
||||
- this->original_security, authentication_status, file);
|
||||
-}
|
||||
-
|
||||
-static EFIAPI EFI_STATUS security2_hook(
|
||||
- const SecurityOverride *this,
|
||||
- const EFI_DEVICE_PATH *device_path,
|
||||
- void *file_buffer,
|
||||
- size_t file_size,
|
||||
- BOOLEAN boot_policy) {
|
||||
-
|
||||
- assert(this);
|
||||
- assert(this->hook == security2_hook);
|
||||
+ if (device_path != payload->device_path)
|
||||
+ return false;
|
||||
|
||||
- if (file_buffer == this->payload && file_size == this->payload_len &&
|
||||
- device_path == this->payload_device_path)
|
||||
- return EFI_SUCCESS;
|
||||
+ /* Security arch (1) protocol does not provide a file buffer. Instead we are supposed to fetch the payload
|
||||
+ * ourselves, which is not needed as we already have everything in memory and the device paths match. */
|
||||
+ if (file_buffer && (file_buffer != payload->addr || file_size != payload->len))
|
||||
+ return false;
|
||||
|
||||
- return this->original_security2->FileAuthentication(
|
||||
- this->original_security2, device_path, file_buffer, file_size, boot_policy);
|
||||
+ return true;
|
||||
}
|
||||
|
||||
static EFI_STATUS load_image(EFI_HANDLE parent, const void *source, size_t len, EFI_HANDLE *ret_image) {
|
||||
@@ -79,19 +70,13 @@ static EFI_STATUS load_image(EFI_HANDLE parent, const void *source, size_t len,
|
||||
|
||||
/* We want to support unsigned kernel images as payload, which is safe to do under secure boot
|
||||
* because it is embedded in this stub loader (and since it is already running it must be trusted). */
|
||||
- SecurityOverride security_override = {
|
||||
- .hook = security_hook,
|
||||
- .payload = source,
|
||||
- .payload_len = len,
|
||||
- .payload_device_path = &payload_device_path.payload.Header,
|
||||
- }, security2_override = {
|
||||
- .hook = security2_hook,
|
||||
- .payload = source,
|
||||
- .payload_len = len,
|
||||
- .payload_device_path = &payload_device_path.payload.Header,
|
||||
- };
|
||||
-
|
||||
- install_security_override(&security_override, &security2_override);
|
||||
+ install_security_override(
|
||||
+ validate_payload,
|
||||
+ &(ValidationContext) {
|
||||
+ .addr = source,
|
||||
+ .len = len,
|
||||
+ .device_path = &payload_device_path.payload.Header,
|
||||
+ });
|
||||
|
||||
EFI_STATUS ret = BS->LoadImage(
|
||||
/*BootPolicy=*/false,
|
||||
@@ -101,7 +86,7 @@ static EFI_STATUS load_image(EFI_HANDLE parent, const void *source, size_t len,
|
||||
len,
|
||||
ret_image);
|
||||
|
||||
- uninstall_security_override(&security_override, &security2_override);
|
||||
+ uninstall_security_override();
|
||||
|
||||
return ret;
|
||||
}
|
||||
diff --git a/src/boot/efi/secure-boot.c b/src/boot/efi/secure-boot.c
|
||||
index 171b2c96b3..0e615c55e0 100644
|
||||
--- a/src/boot/efi/secure-boot.c
|
||||
+++ b/src/boot/efi/secure-boot.c
|
||||
@@ -127,10 +127,60 @@ out_deallocate:
|
||||
return err;
|
||||
}
|
||||
|
||||
-static EFI_STATUS install_security_override_one(EFI_GUID guid, SecurityOverride *override) {
|
||||
+static struct SecurityOverride {
|
||||
+ /* Our own security arch instances that we register onto original_handle, thereby replacing the
|
||||
+ * firmware provided instances. */
|
||||
+ EFI_SECURITY_ARCH_PROTOCOL override;
|
||||
+ EFI_SECURITY2_ARCH_PROTOCOL override2;
|
||||
+
|
||||
+ /* These are saved so we can uninstall our own instance later. */
|
||||
+ EFI_HANDLE original_handle, original_handle2;
|
||||
+ EFI_SECURITY_ARCH_PROTOCOL *original_security;
|
||||
+ EFI_SECURITY2_ARCH_PROTOCOL *original_security2;
|
||||
+
|
||||
+ security_validator_t validator;
|
||||
+ const void *validator_ctx;
|
||||
+} security_override;
|
||||
+
|
||||
+static EFIAPI EFI_STATUS security_hook(
|
||||
+ const EFI_SECURITY_ARCH_PROTOCOL *this,
|
||||
+ uint32_t authentication_status,
|
||||
+ const EFI_DEVICE_PATH *file) {
|
||||
+
|
||||
+ assert(security_override.validator);
|
||||
+ assert(security_override.original_security);
|
||||
+
|
||||
+ if (security_override.validator(security_override.validator_ctx, file, NULL, 0))
|
||||
+ return EFI_SUCCESS;
|
||||
+
|
||||
+ return security_override.original_security->FileAuthenticationState(
|
||||
+ security_override.original_security, authentication_status, file);
|
||||
+}
|
||||
+
|
||||
+static EFIAPI EFI_STATUS security2_hook(
|
||||
+ const EFI_SECURITY2_ARCH_PROTOCOL *this,
|
||||
+ const EFI_DEVICE_PATH *device_path,
|
||||
+ void *file_buffer,
|
||||
+ size_t file_size,
|
||||
+ BOOLEAN boot_policy) {
|
||||
+
|
||||
+ assert(security_override.validator);
|
||||
+ assert(security_override.original_security2);
|
||||
+
|
||||
+ if (security_override.validator(security_override.validator_ctx, device_path, file_buffer, file_size))
|
||||
+ return EFI_SUCCESS;
|
||||
+
|
||||
+ return security_override.original_security2->FileAuthentication(
|
||||
+ security_override.original_security2, device_path, file_buffer, file_size, boot_policy);
|
||||
+}
|
||||
+
|
||||
+static EFI_STATUS install_security_override_one(
|
||||
+ EFI_GUID guid, void *override, EFI_HANDLE *ret_original_handle, void **ret_original_security) {
|
||||
EFI_STATUS err;
|
||||
|
||||
assert(override);
|
||||
+ assert(ret_original_handle);
|
||||
+ assert(ret_original_security);
|
||||
|
||||
_cleanup_free_ EFI_HANDLE *handles = NULL;
|
||||
size_t n_handles = 0;
|
||||
@@ -152,8 +202,8 @@ static EFI_STATUS install_security_override_one(EFI_GUID guid, SecurityOverride
|
||||
if (err != EFI_SUCCESS)
|
||||
return log_error_status_stall(err, u"Error overriding security arch protocol: %r", err);
|
||||
|
||||
- override->original = security;
|
||||
- override->original_handle = handles[0];
|
||||
+ *ret_original_security = security;
|
||||
+ *ret_original_handle = handles[0];
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
@@ -161,35 +211,46 @@ static EFI_STATUS install_security_override_one(EFI_GUID guid, SecurityOverride
|
||||
* Specification) with the provided override instances. If not running in secure boot or the protocols are
|
||||
* not available nothing happens. The override instances are provided with the necessary info to undo this
|
||||
* in uninstall_security_override(). */
|
||||
-void install_security_override(SecurityOverride *override, SecurityOverride *override2) {
|
||||
- assert(override);
|
||||
- assert(override2);
|
||||
+void install_security_override(security_validator_t validator, const void *validator_ctx) {
|
||||
+ assert(validator);
|
||||
|
||||
if (!secure_boot_enabled())
|
||||
return;
|
||||
|
||||
- (void) install_security_override_one((EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID, override);
|
||||
- (void) install_security_override_one((EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID, override2);
|
||||
-}
|
||||
+ security_override = (struct SecurityOverride) {
|
||||
+ { .FileAuthenticationState = security_hook, },
|
||||
+ { .FileAuthentication = security2_hook, },
|
||||
+ .validator = validator,
|
||||
+ .validator_ctx = validator_ctx,
|
||||
+ };
|
||||
|
||||
-void uninstall_security_override(SecurityOverride *override, SecurityOverride *override2) {
|
||||
- assert(override);
|
||||
- assert(override2);
|
||||
+ (void) install_security_override_one(
|
||||
+ (EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID,
|
||||
+ &security_override.override,
|
||||
+ &security_override.original_handle,
|
||||
+ (void **) &security_override.original_security);
|
||||
+ (void) install_security_override_one(
|
||||
+ (EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID,
|
||||
+ &security_override.override2,
|
||||
+ &security_override.original_handle2,
|
||||
+ (void **) &security_override.original_security2);
|
||||
+}
|
||||
|
||||
+void uninstall_security_override(void) {
|
||||
/* We use assert_se here to guarantee the system is not in a weird state in the unlikely case of an
|
||||
* error restoring the original protocols. */
|
||||
|
||||
- if (override->original_handle)
|
||||
+ if (security_override.original_handle)
|
||||
assert_se(BS->ReinstallProtocolInterface(
|
||||
- override->original_handle,
|
||||
- &(EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID,
|
||||
- override,
|
||||
- override->original) == EFI_SUCCESS);
|
||||
+ security_override.original_handle,
|
||||
+ &(EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID,
|
||||
+ &security_override.override,
|
||||
+ security_override.original_security) == EFI_SUCCESS);
|
||||
|
||||
- if (override2->original_handle)
|
||||
+ if (security_override.original_handle2)
|
||||
assert_se(BS->ReinstallProtocolInterface(
|
||||
- override2->original_handle,
|
||||
- &(EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID,
|
||||
- override2,
|
||||
- override2->original) == EFI_SUCCESS);
|
||||
+ security_override.original_handle2,
|
||||
+ &(EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID,
|
||||
+ &security_override.override2,
|
||||
+ security_override.original_security2) == EFI_SUCCESS);
|
||||
}
|
||||
diff --git a/src/boot/efi/secure-boot.h b/src/boot/efi/secure-boot.h
|
||||
index 91b6770edb..e98de81c2a 100644
|
||||
--- a/src/boot/efi/secure-boot.h
|
||||
+++ b/src/boot/efi/secure-boot.h
|
||||
@@ -17,23 +17,11 @@ SecureBootMode secure_boot_mode(void);
|
||||
|
||||
EFI_STATUS secure_boot_enroll_at(EFI_FILE *root_dir, const char16_t *path);
|
||||
|
||||
-typedef struct {
|
||||
- void *hook;
|
||||
-
|
||||
- /* End of EFI_SECURITY_ARCH(2)_PROTOCOL. The rest is our own protocol instance data. */
|
||||
-
|
||||
- EFI_HANDLE original_handle;
|
||||
- union {
|
||||
- void *original;
|
||||
- EFI_SECURITY_ARCH_PROTOCOL *original_security;
|
||||
- EFI_SECURITY2_ARCH_PROTOCOL *original_security2;
|
||||
- };
|
||||
-
|
||||
- /* Used by the stub to identify the embedded image. */
|
||||
- const void *payload;
|
||||
- size_t payload_len;
|
||||
- const EFI_DEVICE_PATH *payload_device_path;
|
||||
-} SecurityOverride;
|
||||
-
|
||||
-void install_security_override(SecurityOverride *override, SecurityOverride *override2);
|
||||
-void uninstall_security_override(SecurityOverride *override, SecurityOverride *override2);
|
||||
+typedef bool (*security_validator_t)(
|
||||
+ const void *ctx,
|
||||
+ const EFI_DEVICE_PATH *device_path,
|
||||
+ const void *file_buffer,
|
||||
+ size_t file_size);
|
||||
+
|
||||
+void install_security_override(security_validator_t validator, const void *validator_ctx);
|
||||
+void uninstall_security_override(void);
|
||||
diff --git a/src/boot/efi/shim.c b/src/boot/efi/shim.c
|
||||
index 3ae058cb84..ac224336bc 100644
|
||||
--- a/src/boot/efi/shim.c
|
||||
+++ b/src/boot/efi/shim.c
|
||||
@@ -23,7 +23,7 @@
|
||||
#endif
|
||||
|
||||
struct ShimLock {
|
||||
- EFI_STATUS __sysv_abi__ (*shim_verify) (void *buffer, uint32_t size);
|
||||
+ EFI_STATUS __sysv_abi__ (*shim_verify) (const void *buffer, uint32_t size);
|
||||
|
||||
/* context is actually a struct for the PE header, but it isn't needed so void is sufficient just do define the interface
|
||||
* see shim.c/shim.h and PeHeader.h in the github shim repo */
|
||||
@@ -41,79 +41,45 @@ bool shim_loaded(void) {
|
||||
return BS->LocateProtocol((EFI_GUID*) SHIM_LOCK_GUID, NULL, (void**) &shim_lock) == EFI_SUCCESS;
|
||||
}
|
||||
|
||||
-static bool shim_validate(void *data, uint32_t size) {
|
||||
- struct ShimLock *shim_lock;
|
||||
-
|
||||
- if (!data)
|
||||
- return false;
|
||||
-
|
||||
- if (BS->LocateProtocol((EFI_GUID*) SHIM_LOCK_GUID, NULL, (void**) &shim_lock) != EFI_SUCCESS)
|
||||
- return false;
|
||||
-
|
||||
- if (!shim_lock)
|
||||
- return false;
|
||||
-
|
||||
- return shim_lock->shim_verify(data, size) == EFI_SUCCESS;
|
||||
-}
|
||||
-
|
||||
-static EFIAPI EFI_STATUS security2_hook(
|
||||
- const SecurityOverride *this,
|
||||
- const EFI_DEVICE_PATH *device_path,
|
||||
- void *file_buffer,
|
||||
- UINTN file_size,
|
||||
- BOOLEAN boot_policy) {
|
||||
-
|
||||
- assert(this);
|
||||
- assert(this->hook == security2_hook);
|
||||
-
|
||||
- if (shim_validate(file_buffer, file_size))
|
||||
- return EFI_SUCCESS;
|
||||
-
|
||||
- return this->original_security2->FileAuthentication(
|
||||
- this->original_security2, device_path, file_buffer, file_size, boot_policy);
|
||||
-}
|
||||
-
|
||||
-static EFIAPI EFI_STATUS security_hook(
|
||||
- const SecurityOverride *this,
|
||||
- uint32_t authentication_status,
|
||||
- const EFI_DEVICE_PATH *device_path) {
|
||||
+static bool shim_validate(
|
||||
+ const void *ctx, const EFI_DEVICE_PATH *device_path, const void *file_buffer, size_t file_size) {
|
||||
|
||||
EFI_STATUS err;
|
||||
+ _cleanup_free_ char *file_buffer_owned = NULL;
|
||||
|
||||
- assert(this);
|
||||
- assert(this->hook == security_hook);
|
||||
+ if (!file_buffer) {
|
||||
+ if (!device_path)
|
||||
+ return false;
|
||||
|
||||
- if (!device_path)
|
||||
- return this->original_security->FileAuthenticationState(
|
||||
- this->original_security, authentication_status, device_path);
|
||||
+ EFI_HANDLE device_handle;
|
||||
+ EFI_DEVICE_PATH *file_dp = (EFI_DEVICE_PATH *) device_path;
|
||||
+ err = BS->LocateDevicePath(&FileSystemProtocol, &file_dp, &device_handle);
|
||||
+ if (err != EFI_SUCCESS)
|
||||
+ return false;
|
||||
|
||||
- EFI_HANDLE device_handle;
|
||||
- EFI_DEVICE_PATH *dp = (EFI_DEVICE_PATH *) device_path;
|
||||
- err = BS->LocateDevicePath(&FileSystemProtocol, &dp, &device_handle);
|
||||
- if (err != EFI_SUCCESS)
|
||||
- return err;
|
||||
+ _cleanup_(file_closep) EFI_FILE *root = NULL;
|
||||
+ err = open_volume(device_handle, &root);
|
||||
+ if (err != EFI_SUCCESS)
|
||||
+ return false;
|
||||
|
||||
- _cleanup_(file_closep) EFI_FILE *root = NULL;
|
||||
- err = open_volume(device_handle, &root);
|
||||
- if (err != EFI_SUCCESS)
|
||||
- return err;
|
||||
+ _cleanup_free_ char16_t *dp_str = NULL;
|
||||
+ err = device_path_to_str(file_dp, &dp_str);
|
||||
+ if (err != EFI_SUCCESS)
|
||||
+ return false;
|
||||
|
||||
- _cleanup_free_ char16_t *dp_str = NULL;
|
||||
- err = device_path_to_str(dp, &dp_str);
|
||||
- if (err != EFI_SUCCESS)
|
||||
- return err;
|
||||
+ err = file_read(root, dp_str, 0, 0, &file_buffer_owned, &file_size);
|
||||
+ if (err != EFI_SUCCESS)
|
||||
+ return false;
|
||||
|
||||
- char *file_buffer;
|
||||
- size_t file_size;
|
||||
- err = file_read(root, dp_str, 0, 0, &file_buffer, &file_size);
|
||||
- if (err != EFI_SUCCESS)
|
||||
- return err;
|
||||
+ file_buffer = file_buffer_owned;
|
||||
+ }
|
||||
|
||||
- if (shim_validate(file_buffer, file_size))
|
||||
- return EFI_SUCCESS;
|
||||
+ struct ShimLock *shim_lock;
|
||||
+ err = BS->LocateProtocol((EFI_GUID *) SHIM_LOCK_GUID, NULL, (void **) &shim_lock);
|
||||
+ if (err != EFI_SUCCESS)
|
||||
+ return false;
|
||||
|
||||
- return this->original_security->FileAuthenticationState(
|
||||
- this->original_security, authentication_status, device_path);
|
||||
+ return shim_lock->shim_verify(file_buffer, file_size) == EFI_SUCCESS;
|
||||
}
|
||||
|
||||
EFI_STATUS shim_load_image(EFI_HANDLE parent, const EFI_DEVICE_PATH *device_path, EFI_HANDLE *ret_image) {
|
||||
@@ -122,20 +88,14 @@ EFI_STATUS shim_load_image(EFI_HANDLE parent, const EFI_DEVICE_PATH *device_path
|
||||
|
||||
bool have_shim = shim_loaded();
|
||||
|
||||
- SecurityOverride security_override = {
|
||||
- .hook = security_hook,
|
||||
- }, security2_override = {
|
||||
- .hook = security2_hook,
|
||||
- };
|
||||
-
|
||||
if (have_shim)
|
||||
- install_security_override(&security_override, &security2_override);
|
||||
+ install_security_override(shim_validate, NULL);
|
||||
|
||||
EFI_STATUS ret = BS->LoadImage(
|
||||
/*BootPolicy=*/false, parent, (EFI_DEVICE_PATH *) device_path, NULL, 0, ret_image);
|
||||
|
||||
if (have_shim)
|
||||
- uninstall_security_override(&security_override, &security2_override);
|
||||
+ uninstall_security_override();
|
||||
|
||||
return ret;
|
||||
}
|
@ -1,644 +0,0 @@
|
||||
From 389cc9af2087aa5369ac6bf0124d14877d541966 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 4 Feb 2022 17:39:44 +0100
|
||||
Subject: [PATCH] repart: fix sector size handling
|
||||
|
||||
This queries the sector size from libfdisk instead of assuming 512, and
|
||||
uses that when converting from bytes to the offset/size values libfdisk
|
||||
expects.
|
||||
|
||||
This is an alternative to Tom Yan's #21823, but prefers using libfdisk's
|
||||
own ideas of the sector size instead of going directly to the backing
|
||||
device via ioctls. (libfdisk can after all also operate on regular
|
||||
files, where the sector size concept doesn't necessarily apply the same
|
||||
way.)
|
||||
|
||||
This also makes the "grain" variable, i.e. how we'll align the
|
||||
partitions. Previously this was hardcoded to 4K, and that still will be
|
||||
the minimum grain we use, but should the sector size be larger than that
|
||||
we'll use the next multiple of the sector size instead.
|
||||
|
||||
(cherry picked from commit 994b303123ebe6a140bf3e56c66aa66119ae7d95)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/partition/repart.c | 212 +++++++++++++++++++++++++----------------
|
||||
1 file changed, 132 insertions(+), 80 deletions(-)
|
||||
|
||||
diff --git a/src/partition/repart.c b/src/partition/repart.c
|
||||
index d08f47f2c4..0862a37a8d 100644
|
||||
--- a/src/partition/repart.c
|
||||
+++ b/src/partition/repart.c
|
||||
@@ -195,6 +195,8 @@ struct Context {
|
||||
uint64_t start, end, total;
|
||||
|
||||
struct fdisk_context *fdisk_context;
|
||||
+ uint64_t sector_size;
|
||||
+ uint64_t grain_size;
|
||||
|
||||
sd_id128_t seed;
|
||||
};
|
||||
@@ -407,9 +409,12 @@ static bool context_drop_one_priority(Context *context) {
|
||||
return true;
|
||||
}
|
||||
|
||||
-static uint64_t partition_min_size(const Partition *p) {
|
||||
+static uint64_t partition_min_size(Context *context, const Partition *p) {
|
||||
uint64_t sz;
|
||||
|
||||
+ assert(context);
|
||||
+ assert(p);
|
||||
+
|
||||
/* Calculate the disk space we really need at minimum for this partition. If the partition already
|
||||
* exists the current size is what we really need. If it doesn't exist yet refuse to allocate less
|
||||
* than 4K.
|
||||
@@ -428,50 +433,60 @@ static uint64_t partition_min_size(const Partition *p) {
|
||||
uint64_t d = 0;
|
||||
|
||||
if (p->encrypt != ENCRYPT_OFF)
|
||||
- d += round_up_size(LUKS2_METADATA_SIZE, 4096);
|
||||
+ d += round_up_size(LUKS2_METADATA_SIZE, context->grain_size);
|
||||
|
||||
if (p->copy_blocks_size != UINT64_MAX)
|
||||
- d += round_up_size(p->copy_blocks_size, 4096);
|
||||
+ d += round_up_size(p->copy_blocks_size, context->grain_size);
|
||||
else if (p->format || p->encrypt != ENCRYPT_OFF) {
|
||||
uint64_t f;
|
||||
|
||||
/* If we shall synthesize a file system, take minimal fs size into account (assumed to be 4K if not known) */
|
||||
- f = p->format ? minimal_size_by_fs_name(p->format) : UINT64_MAX;
|
||||
- d += f == UINT64_MAX ? 4096 : f;
|
||||
+ f = p->format ? round_up_size(minimal_size_by_fs_name(p->format), context->grain_size) : UINT64_MAX;
|
||||
+ d += f == UINT64_MAX ? context->grain_size : f;
|
||||
}
|
||||
|
||||
if (d > sz)
|
||||
sz = d;
|
||||
}
|
||||
|
||||
- return MAX(p->size_min != UINT64_MAX ? p->size_min : DEFAULT_MIN_SIZE, sz);
|
||||
+ return MAX(round_up_size(p->size_min != UINT64_MAX ? p->size_min : DEFAULT_MIN_SIZE, context->grain_size), sz);
|
||||
}
|
||||
|
||||
-static uint64_t partition_max_size(const Partition *p) {
|
||||
+static uint64_t partition_max_size(const Context *context, const Partition *p) {
|
||||
+ uint64_t sm;
|
||||
+
|
||||
/* Calculate how large the partition may become at max. This is generally the configured maximum
|
||||
* size, except when it already exists and is larger than that. In that case it's the existing size,
|
||||
* since we never want to shrink partitions. */
|
||||
|
||||
+ assert(context);
|
||||
+ assert(p);
|
||||
+
|
||||
if (PARTITION_IS_FOREIGN(p)) {
|
||||
/* Don't allow changing size of partitions not managed by us */
|
||||
assert(p->current_size != UINT64_MAX);
|
||||
return p->current_size;
|
||||
}
|
||||
|
||||
+ sm = round_down_size(p->size_max, context->grain_size);
|
||||
+
|
||||
if (p->current_size != UINT64_MAX)
|
||||
- return MAX(p->current_size, p->size_max);
|
||||
+ return MAX(p->current_size, sm);
|
||||
|
||||
- return p->size_max;
|
||||
+ return sm;
|
||||
}
|
||||
|
||||
-static uint64_t partition_min_size_with_padding(const Partition *p) {
|
||||
+static uint64_t partition_min_size_with_padding(Context *context, const Partition *p) {
|
||||
uint64_t sz;
|
||||
|
||||
/* Calculate the disk space we need for this partition plus any free space coming after it. This
|
||||
* takes user configured padding into account as well as any additional whitespace needed to align
|
||||
* the next partition to 4K again. */
|
||||
|
||||
- sz = partition_min_size(p);
|
||||
+ assert(context);
|
||||
+ assert(p);
|
||||
+
|
||||
+ sz = partition_min_size(context, p);
|
||||
|
||||
if (p->padding_min != UINT64_MAX)
|
||||
sz += p->padding_min;
|
||||
@@ -479,11 +494,11 @@ static uint64_t partition_min_size_with_padding(const Partition *p) {
|
||||
if (PARTITION_EXISTS(p)) {
|
||||
/* If the partition wasn't aligned, add extra space so that any we might add will be aligned */
|
||||
assert(p->offset != UINT64_MAX);
|
||||
- return round_up_size(p->offset + sz, 4096) - p->offset;
|
||||
+ return round_up_size(p->offset + sz, context->grain_size) - p->offset;
|
||||
}
|
||||
|
||||
/* If this is a new partition we'll place it aligned, hence we just need to round up the required size here */
|
||||
- return round_up_size(sz, 4096);
|
||||
+ return round_up_size(sz, context->grain_size);
|
||||
}
|
||||
|
||||
static uint64_t free_area_available(const FreeArea *a) {
|
||||
@@ -495,9 +510,12 @@ static uint64_t free_area_available(const FreeArea *a) {
|
||||
return a->size - a->allocated;
|
||||
}
|
||||
|
||||
-static uint64_t free_area_available_for_new_partitions(const FreeArea *a) {
|
||||
+static uint64_t free_area_available_for_new_partitions(Context *context, const FreeArea *a) {
|
||||
uint64_t avail;
|
||||
|
||||
+ assert(context);
|
||||
+ assert(a);
|
||||
+
|
||||
/* Similar to free_area_available(), but takes into account that the required size and padding of the
|
||||
* preceding partition is honoured. */
|
||||
|
||||
@@ -505,16 +523,16 @@ static uint64_t free_area_available_for_new_partitions(const FreeArea *a) {
|
||||
if (a->after) {
|
||||
uint64_t need, space_end, new_end;
|
||||
|
||||
- need = partition_min_size_with_padding(a->after);
|
||||
+ need = partition_min_size_with_padding(context, a->after);
|
||||
|
||||
assert(a->after->offset != UINT64_MAX);
|
||||
assert(a->after->current_size != UINT64_MAX);
|
||||
|
||||
/* Calculate where the free area ends, based on the offset of the partition preceding it */
|
||||
- space_end = round_up_size(a->after->offset + a->after->current_size, 4096) + avail;
|
||||
+ space_end = round_up_size(a->after->offset + a->after->current_size, context->grain_size) + avail;
|
||||
|
||||
/* Calculate where the partition would end when we give it as much as it needs */
|
||||
- new_end = round_up_size(a->after->offset + need, 4096);
|
||||
+ new_end = round_up_size(a->after->offset + need, context->grain_size);
|
||||
|
||||
/* Calculate saturated difference of the two: that's how much we have free for other partitions */
|
||||
return LESS_BY(space_end, new_end);
|
||||
@@ -523,15 +541,18 @@ static uint64_t free_area_available_for_new_partitions(const FreeArea *a) {
|
||||
return avail;
|
||||
}
|
||||
|
||||
-static int free_area_compare(FreeArea *const *a, FreeArea *const*b) {
|
||||
- return CMP(free_area_available_for_new_partitions(*a),
|
||||
- free_area_available_for_new_partitions(*b));
|
||||
+static int free_area_compare(FreeArea *const *a, FreeArea *const*b, Context *context) {
|
||||
+ assert(context);
|
||||
+
|
||||
+ return CMP(free_area_available_for_new_partitions(context, *a),
|
||||
+ free_area_available_for_new_partitions(context, *b));
|
||||
}
|
||||
|
||||
-static uint64_t charge_size(uint64_t total, uint64_t amount) {
|
||||
+static uint64_t charge_size(Context *context, uint64_t total, uint64_t amount) {
|
||||
+ assert(context);
|
||||
/* Subtract the specified amount from total, rounding up to multiple of 4K if there's room */
|
||||
assert(amount <= total);
|
||||
- return LESS_BY(total, round_up_size(amount, 4096));
|
||||
+ return LESS_BY(total, round_up_size(amount, context->grain_size));
|
||||
}
|
||||
|
||||
static uint64_t charge_weight(uint64_t total, uint64_t amount) {
|
||||
@@ -545,14 +566,14 @@ static bool context_allocate_partitions(Context *context, uint64_t *ret_largest_
|
||||
assert(context);
|
||||
|
||||
/* Sort free areas by size, putting smallest first */
|
||||
- typesafe_qsort(context->free_areas, context->n_free_areas, free_area_compare);
|
||||
+ typesafe_qsort_r(context->free_areas, context->n_free_areas, free_area_compare, context);
|
||||
|
||||
/* In any case return size of the largest free area (i.e. not the size of all free areas
|
||||
* combined!) */
|
||||
if (ret_largest_free_area)
|
||||
*ret_largest_free_area =
|
||||
context->n_free_areas == 0 ? 0 :
|
||||
- free_area_available_for_new_partitions(context->free_areas[context->n_free_areas-1]);
|
||||
+ free_area_available_for_new_partitions(context, context->free_areas[context->n_free_areas-1]);
|
||||
|
||||
/* A simple first-fit algorithm. We return true if we can fit the partitions in, otherwise false. */
|
||||
LIST_FOREACH(partitions, p, context->partitions) {
|
||||
@@ -565,13 +586,13 @@ static bool context_allocate_partitions(Context *context, uint64_t *ret_largest_
|
||||
continue;
|
||||
|
||||
/* How much do we need to fit? */
|
||||
- required = partition_min_size_with_padding(p);
|
||||
- assert(required % 4096 == 0);
|
||||
+ required = partition_min_size_with_padding(context, p);
|
||||
+ assert(required % context->grain_size == 0);
|
||||
|
||||
for (size_t i = 0; i < context->n_free_areas; i++) {
|
||||
a = context->free_areas[i];
|
||||
|
||||
- if (free_area_available_for_new_partitions(a) >= required) {
|
||||
+ if (free_area_available_for_new_partitions(context, a) >= required) {
|
||||
fits = true;
|
||||
break;
|
||||
}
|
||||
@@ -683,8 +704,8 @@ static int context_grow_partitions_phase(
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
- rsz = partition_min_size(p);
|
||||
- xsz = partition_max_size(p);
|
||||
+ rsz = partition_min_size(context, p);
|
||||
+ xsz = partition_max_size(context, p);
|
||||
|
||||
if (phase == PHASE_OVERCHARGE && rsz > share) {
|
||||
/* This partition needs more than its calculated share. Let's assign
|
||||
@@ -712,13 +733,13 @@ static int context_grow_partitions_phase(
|
||||
/* Never change of foreign partitions (i.e. those we don't manage) */
|
||||
p->new_size = p->current_size;
|
||||
else
|
||||
- p->new_size = MAX(round_down_size(share, 4096), rsz);
|
||||
+ p->new_size = MAX(round_down_size(share, context->grain_size), rsz);
|
||||
|
||||
charge = true;
|
||||
}
|
||||
|
||||
if (charge) {
|
||||
- *span = charge_size(*span, p->new_size);
|
||||
+ *span = charge_size(context, *span, p->new_size);
|
||||
*weight_sum = charge_weight(*weight_sum, p->weight);
|
||||
}
|
||||
|
||||
@@ -742,7 +763,7 @@ static int context_grow_partitions_phase(
|
||||
charge = try_again = true;
|
||||
} else if (phase == PHASE_DISTRIBUTE) {
|
||||
|
||||
- p->new_padding = round_down_size(share, 4096);
|
||||
+ p->new_padding = round_down_size(share, context->grain_size);
|
||||
if (p->padding_min != UINT64_MAX && p->new_padding < p->padding_min)
|
||||
p->new_padding = p->padding_min;
|
||||
|
||||
@@ -750,7 +771,7 @@ static int context_grow_partitions_phase(
|
||||
}
|
||||
|
||||
if (charge) {
|
||||
- *span = charge_size(*span, p->new_padding);
|
||||
+ *span = charge_size(context, *span, p->new_padding);
|
||||
*weight_sum = charge_weight(*weight_sum, p->padding_weight);
|
||||
}
|
||||
|
||||
@@ -779,7 +800,7 @@ static int context_grow_partitions_on_free_area(Context *context, FreeArea *a) {
|
||||
assert(a->after->offset != UINT64_MAX);
|
||||
assert(a->after->current_size != UINT64_MAX);
|
||||
|
||||
- span += round_up_size(a->after->offset + a->after->current_size, 4096) - a->after->offset;
|
||||
+ span += round_up_size(a->after->offset + a->after->current_size, context->grain_size) - a->after->offset;
|
||||
}
|
||||
|
||||
for (GrowPartitionPhase phase = 0; phase < _GROW_PARTITION_PHASE_MAX;) {
|
||||
@@ -799,13 +820,13 @@ static int context_grow_partitions_on_free_area(Context *context, FreeArea *a) {
|
||||
assert(a->after->new_size != UINT64_MAX);
|
||||
|
||||
/* Calculate new size and align (but ensure this doesn't shrink the size) */
|
||||
- m = MAX(a->after->new_size, round_down_size(a->after->new_size + span, 4096));
|
||||
+ m = MAX(a->after->new_size, round_down_size(a->after->new_size + span, context->grain_size));
|
||||
|
||||
- xsz = partition_max_size(a->after);
|
||||
+ xsz = partition_max_size(context, a->after);
|
||||
if (xsz != UINT64_MAX && m > xsz)
|
||||
m = xsz;
|
||||
|
||||
- span = charge_size(span, m - a->after->new_size);
|
||||
+ span = charge_size(context, span, m - a->after->new_size);
|
||||
a->after->new_size = m;
|
||||
}
|
||||
|
||||
@@ -824,13 +845,13 @@ static int context_grow_partitions_on_free_area(Context *context, FreeArea *a) {
|
||||
continue;
|
||||
|
||||
assert(p->new_size != UINT64_MAX);
|
||||
- m = MAX(p->new_size, round_down_size(p->new_size + span, 4096));
|
||||
+ m = MAX(p->new_size, round_down_size(p->new_size + span, context->grain_size));
|
||||
|
||||
- xsz = partition_max_size(p);
|
||||
+ xsz = partition_max_size(context, p);
|
||||
if (xsz != UINT64_MAX && m > xsz)
|
||||
m = xsz;
|
||||
|
||||
- span = charge_size(span, m - p->new_size);
|
||||
+ span = charge_size(context, span, m - p->new_size);
|
||||
p->new_size = m;
|
||||
|
||||
if (span == 0)
|
||||
@@ -910,7 +931,7 @@ static void context_place_partitions(Context *context) {
|
||||
} else
|
||||
start = context->start;
|
||||
|
||||
- start = round_up_size(start, 4096);
|
||||
+ start = round_up_size(start, context->grain_size);
|
||||
left = a->size;
|
||||
|
||||
LIST_FOREACH(partitions, p, context->partitions) {
|
||||
@@ -1422,6 +1443,8 @@ static int determine_current_padding(
|
||||
struct fdisk_context *c,
|
||||
struct fdisk_table *t,
|
||||
struct fdisk_partition *p,
|
||||
+ uint64_t secsz,
|
||||
+ uint64_t grainsz,
|
||||
uint64_t *ret) {
|
||||
|
||||
size_t n_partitions;
|
||||
@@ -1435,8 +1458,8 @@ static int determine_current_padding(
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Partition has no end!");
|
||||
|
||||
offset = fdisk_partition_get_end(p);
|
||||
- assert(offset < UINT64_MAX / 512);
|
||||
- offset *= 512;
|
||||
+ assert(offset < UINT64_MAX / secsz);
|
||||
+ offset *= secsz;
|
||||
|
||||
n_partitions = fdisk_table_get_nents(t);
|
||||
for (size_t i = 0; i < n_partitions; i++) {
|
||||
@@ -1454,8 +1477,8 @@ static int determine_current_padding(
|
||||
continue;
|
||||
|
||||
start = fdisk_partition_get_start(q);
|
||||
- assert(start < UINT64_MAX / 512);
|
||||
- start *= 512;
|
||||
+ assert(start < UINT64_MAX / secsz);
|
||||
+ start *= secsz;
|
||||
|
||||
if (start >= offset && (next == UINT64_MAX || next > start))
|
||||
next = start;
|
||||
@@ -1467,16 +1490,16 @@ static int determine_current_padding(
|
||||
assert(next < UINT64_MAX);
|
||||
next++; /* The last LBA is one sector before the end */
|
||||
|
||||
- assert(next < UINT64_MAX / 512);
|
||||
- next *= 512;
|
||||
+ assert(next < UINT64_MAX / secsz);
|
||||
+ next *= secsz;
|
||||
|
||||
if (offset > next)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Partition end beyond disk end.");
|
||||
}
|
||||
|
||||
assert(next >= offset);
|
||||
- offset = round_up_size(offset, 4096);
|
||||
- next = round_down_size(next, 4096);
|
||||
+ offset = round_up_size(offset, grainsz);
|
||||
+ next = round_down_size(next, grainsz);
|
||||
|
||||
*ret = LESS_BY(next, offset); /* Saturated subtraction, rounding might have fucked things up */
|
||||
return 0;
|
||||
@@ -1549,6 +1572,8 @@ static int context_load_partition_table(
|
||||
bool from_scratch = false;
|
||||
sd_id128_t disk_uuid;
|
||||
size_t n_partitions;
|
||||
+ unsigned long secsz;
|
||||
+ uint64_t grainsz;
|
||||
int r;
|
||||
|
||||
assert(context);
|
||||
@@ -1583,8 +1608,12 @@ static int context_load_partition_table(
|
||||
if (r < 0)
|
||||
return log_error_errno(errno, "Failed to stat block device '%s': %m", node);
|
||||
|
||||
- if (S_ISREG(st.st_mode) && st.st_size == 0)
|
||||
+ if (S_ISREG(st.st_mode) && st.st_size == 0) {
|
||||
+ /* User the fallback values if we have no better idea */
|
||||
+ context->sector_size = 512;
|
||||
+ context->grain_size = 4096;
|
||||
return /* from_scratch = */ true;
|
||||
+ }
|
||||
|
||||
r = -EINVAL;
|
||||
}
|
||||
@@ -1602,6 +1631,23 @@ static int context_load_partition_table(
|
||||
if (flock(fdisk_get_devfd(c), arg_dry_run ? LOCK_SH : LOCK_EX) < 0)
|
||||
return log_error_errno(errno, "Failed to lock block device: %m");
|
||||
|
||||
+ /* The offsets/sizes libfdisk returns to us will be in multiple of the sector size of the
|
||||
+ * device. This is typically 512, and sometimes 4096. Let's query libfdisk once for it, and then use
|
||||
+ * it for all our needs. Note that the values we use ourselves always are in bytes though, thus mean
|
||||
+ * the same thing universally. Also note that regardless what kind of sector size is in use we'll
|
||||
+ * place partitions at multiples of 4K. */
|
||||
+ secsz = fdisk_get_sector_size(c);
|
||||
+
|
||||
+ /* Insist on a power of two, and that it's a multiple of 512, i.e. the traditional sector size. */
|
||||
+ if (secsz < 512 || secsz != 1UL << log2u64(secsz))
|
||||
+ return log_error_errno(errno, "Sector size %lu is not a power of two larger than 512? Refusing.", secsz);
|
||||
+
|
||||
+ /* Use at least 4K, and ensure it's a multiple of the sector size, regardless if that is smaller or
|
||||
+ * larger */
|
||||
+ grainsz = secsz < 4096 ? 4096 : secsz;
|
||||
+
|
||||
+ log_debug("Sector size of device is %lu bytes. Using grain size of %" PRIu64 ".", secsz, grainsz);
|
||||
+
|
||||
switch (arg_empty) {
|
||||
|
||||
case EMPTY_REFUSE:
|
||||
@@ -1732,12 +1778,12 @@ static int context_load_partition_table(
|
||||
}
|
||||
|
||||
sz = fdisk_partition_get_size(p);
|
||||
- assert_se(sz <= UINT64_MAX/512);
|
||||
- sz *= 512;
|
||||
+ assert_se(sz <= UINT64_MAX/secsz);
|
||||
+ sz *= secsz;
|
||||
|
||||
start = fdisk_partition_get_start(p);
|
||||
- assert_se(start <= UINT64_MAX/512);
|
||||
- start *= 512;
|
||||
+ assert_se(start <= UINT64_MAX/secsz);
|
||||
+ start *= secsz;
|
||||
|
||||
partno = fdisk_partition_get_partno(p);
|
||||
|
||||
@@ -1762,7 +1808,7 @@ static int context_load_partition_table(
|
||||
pp->current_partition = p;
|
||||
fdisk_ref_partition(p);
|
||||
|
||||
- r = determine_current_padding(c, t, p, &pp->current_padding);
|
||||
+ r = determine_current_padding(c, t, p, secsz, grainsz, &pp->current_padding);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
@@ -1795,7 +1841,7 @@ static int context_load_partition_table(
|
||||
np->current_partition = p;
|
||||
fdisk_ref_partition(p);
|
||||
|
||||
- r = determine_current_padding(c, t, p, &np->current_padding);
|
||||
+ r = determine_current_padding(c, t, p, secsz, grainsz, &np->current_padding);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
@@ -1812,26 +1858,26 @@ static int context_load_partition_table(
|
||||
|
||||
add_initial_free_area:
|
||||
nsectors = fdisk_get_nsectors(c);
|
||||
- assert(nsectors <= UINT64_MAX/512);
|
||||
- nsectors *= 512;
|
||||
+ assert(nsectors <= UINT64_MAX/secsz);
|
||||
+ nsectors *= secsz;
|
||||
|
||||
first_lba = fdisk_get_first_lba(c);
|
||||
- assert(first_lba <= UINT64_MAX/512);
|
||||
- first_lba *= 512;
|
||||
+ assert(first_lba <= UINT64_MAX/secsz);
|
||||
+ first_lba *= secsz;
|
||||
|
||||
last_lba = fdisk_get_last_lba(c);
|
||||
assert(last_lba < UINT64_MAX);
|
||||
last_lba++;
|
||||
- assert(last_lba <= UINT64_MAX/512);
|
||||
- last_lba *= 512;
|
||||
+ assert(last_lba <= UINT64_MAX/secsz);
|
||||
+ last_lba *= secsz;
|
||||
|
||||
assert(last_lba >= first_lba);
|
||||
|
||||
if (left_boundary == UINT64_MAX) {
|
||||
/* No partitions at all? Then the whole disk is up for grabs. */
|
||||
|
||||
- first_lba = round_up_size(first_lba, 4096);
|
||||
- last_lba = round_down_size(last_lba, 4096);
|
||||
+ first_lba = round_up_size(first_lba, grainsz);
|
||||
+ last_lba = round_down_size(last_lba, grainsz);
|
||||
|
||||
if (last_lba > first_lba) {
|
||||
r = context_add_free_area(context, last_lba - first_lba, NULL);
|
||||
@@ -1842,9 +1888,9 @@ add_initial_free_area:
|
||||
/* Add space left of first partition */
|
||||
assert(left_boundary >= first_lba);
|
||||
|
||||
- first_lba = round_up_size(first_lba, 4096);
|
||||
- left_boundary = round_down_size(left_boundary, 4096);
|
||||
- last_lba = round_down_size(last_lba, 4096);
|
||||
+ first_lba = round_up_size(first_lba, grainsz);
|
||||
+ left_boundary = round_down_size(left_boundary, grainsz);
|
||||
+ last_lba = round_down_size(last_lba, grainsz);
|
||||
|
||||
if (left_boundary > first_lba) {
|
||||
r = context_add_free_area(context, left_boundary - first_lba, NULL);
|
||||
@@ -1856,6 +1902,8 @@ add_initial_free_area:
|
||||
context->start = first_lba;
|
||||
context->end = last_lba;
|
||||
context->total = nsectors;
|
||||
+ context->sector_size = secsz;
|
||||
+ context->grain_size = grainsz;
|
||||
context->fdisk_context = TAKE_PTR(c);
|
||||
|
||||
return from_scratch;
|
||||
@@ -2360,7 +2408,7 @@ static int context_discard_range(
|
||||
if (S_ISBLK(st.st_mode)) {
|
||||
uint64_t range[2], end;
|
||||
|
||||
- range[0] = round_up_size(offset, 512);
|
||||
+ range[0] = round_up_size(offset, context->sector_size);
|
||||
|
||||
if (offset > UINT64_MAX - size)
|
||||
return -ERANGE;
|
||||
@@ -2369,7 +2417,7 @@ static int context_discard_range(
|
||||
if (end <= range[0])
|
||||
return 0;
|
||||
|
||||
- range[1] = round_down_size(end - range[0], 512);
|
||||
+ range[1] = round_down_size(end - range[0], context->sector_size);
|
||||
if (range[1] <= 0)
|
||||
return 0;
|
||||
|
||||
@@ -2519,6 +2567,7 @@ static int context_wipe_and_discard(Context *context, bool from_scratch) {
|
||||
}
|
||||
|
||||
static int partition_encrypt(
|
||||
+ Context *context,
|
||||
Partition *p,
|
||||
const char *node,
|
||||
struct crypt_device **ret_cd,
|
||||
@@ -2532,6 +2581,7 @@ static int partition_encrypt(
|
||||
sd_id128_t uuid;
|
||||
int r;
|
||||
|
||||
+ assert(context);
|
||||
assert(p);
|
||||
assert(p->encrypt != ENCRYPT_OFF);
|
||||
|
||||
@@ -2579,7 +2629,7 @@ static int partition_encrypt(
|
||||
volume_key_size,
|
||||
&(struct crypt_params_luks2) {
|
||||
.label = strempty(p->new_label),
|
||||
- .sector_size = 512U,
|
||||
+ .sector_size = context->sector_size,
|
||||
});
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to LUKS2 format future partition: %m");
|
||||
@@ -2735,7 +2785,7 @@ static int context_copy_blocks(Context *context) {
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to lock loopback device: %m");
|
||||
|
||||
- r = partition_encrypt(p, d->node, &cd, &encrypted, &encrypted_dev_fd);
|
||||
+ r = partition_encrypt(context, p, d->node, &cd, &encrypted, &encrypted_dev_fd);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to encrypt device: %m");
|
||||
|
||||
@@ -2988,7 +3038,7 @@ static int context_mkfs(Context *context) {
|
||||
return log_error_errno(r, "Failed to lock loopback device: %m");
|
||||
|
||||
if (p->encrypt != ENCRYPT_OFF) {
|
||||
- r = partition_encrypt(p, d->node, &cd, &encrypted, &encrypted_dev_fd);
|
||||
+ r = partition_encrypt(context, p, d->node, &cd, &encrypted, &encrypted_dev_fd);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to encrypt device: %m");
|
||||
|
||||
@@ -3307,13 +3357,13 @@ static int context_mangle_partitions(Context *context) {
|
||||
|
||||
if (p->new_size != p->current_size) {
|
||||
assert(p->new_size >= p->current_size);
|
||||
- assert(p->new_size % 512 == 0);
|
||||
+ assert(p->new_size % context->sector_size == 0);
|
||||
|
||||
r = fdisk_partition_size_explicit(p->current_partition, true);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to enable explicit sizing: %m");
|
||||
|
||||
- r = fdisk_partition_set_size(p->current_partition, p->new_size / 512);
|
||||
+ r = fdisk_partition_set_size(p->current_partition, p->new_size / context->sector_size);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to grow partition: %m");
|
||||
|
||||
@@ -3353,8 +3403,8 @@ static int context_mangle_partitions(Context *context) {
|
||||
_cleanup_(fdisk_unref_parttypep) struct fdisk_parttype *t = NULL;
|
||||
|
||||
assert(!p->new_partition);
|
||||
- assert(p->offset % 512 == 0);
|
||||
- assert(p->new_size % 512 == 0);
|
||||
+ assert(p->offset % context->sector_size == 0);
|
||||
+ assert(p->new_size % context->sector_size == 0);
|
||||
assert(!sd_id128_is_null(p->new_uuid));
|
||||
assert(p->new_label);
|
||||
|
||||
@@ -3378,11 +3428,11 @@ static int context_mangle_partitions(Context *context) {
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to enable explicit sizing: %m");
|
||||
|
||||
- r = fdisk_partition_set_start(q, p->offset / 512);
|
||||
+ r = fdisk_partition_set_start(q, p->offset / context->sector_size);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to position partition: %m");
|
||||
|
||||
- r = fdisk_partition_set_size(q, p->new_size / 512);
|
||||
+ r = fdisk_partition_set_size(q, p->new_size / context->sector_size);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to grow partition: %m");
|
||||
|
||||
@@ -4746,18 +4796,20 @@ done:
|
||||
}
|
||||
|
||||
static int determine_auto_size(Context *c) {
|
||||
- uint64_t sum = round_up_size(GPT_METADATA_SIZE, 4096);
|
||||
+ uint64_t sum;
|
||||
Partition *p;
|
||||
|
||||
assert_se(c);
|
||||
|
||||
+ sum = round_up_size(GPT_METADATA_SIZE, 4096);
|
||||
+
|
||||
LIST_FOREACH(partitions, p, c->partitions) {
|
||||
uint64_t m;
|
||||
|
||||
if (p->dropped)
|
||||
continue;
|
||||
|
||||
- m = partition_min_size_with_padding(p);
|
||||
+ m = partition_min_size_with_padding(c, p);
|
||||
if (m > UINT64_MAX - sum)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EOVERFLOW), "Image would grow too large, refusing.");
|
||||
|
@ -0,0 +1,185 @@
|
||||
From 8d0b70887a09b9d4a8b669620579d3b6780f0755 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Tue, 15 Nov 2022 18:53:02 +0100
|
||||
Subject: [PATCH] boot: Replace firmware security hooks directly
|
||||
|
||||
For some firmware, replacing their own security arch instance with our
|
||||
override using ReinstallProtocolInterface() is not enough as they will
|
||||
not use it. This commit goes back to how this was done before by
|
||||
directly modifying the security protocols.
|
||||
|
||||
Fixes: #25336
|
||||
(cherry picked from commit 967a868563996e928f1fade5bcafc82a7219742b)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/boot/efi/secure-boot.c | 119 +++++++++++++------------------------
|
||||
1 file changed, 40 insertions(+), 79 deletions(-)
|
||||
|
||||
diff --git a/src/boot/efi/secure-boot.c b/src/boot/efi/secure-boot.c
|
||||
index 0e615c55e0..65457bf423 100644
|
||||
--- a/src/boot/efi/secure-boot.c
|
||||
+++ b/src/boot/efi/secure-boot.c
|
||||
@@ -128,15 +128,10 @@ out_deallocate:
|
||||
}
|
||||
|
||||
static struct SecurityOverride {
|
||||
- /* Our own security arch instances that we register onto original_handle, thereby replacing the
|
||||
- * firmware provided instances. */
|
||||
- EFI_SECURITY_ARCH_PROTOCOL override;
|
||||
- EFI_SECURITY2_ARCH_PROTOCOL override2;
|
||||
-
|
||||
- /* These are saved so we can uninstall our own instance later. */
|
||||
- EFI_HANDLE original_handle, original_handle2;
|
||||
- EFI_SECURITY_ARCH_PROTOCOL *original_security;
|
||||
- EFI_SECURITY2_ARCH_PROTOCOL *original_security2;
|
||||
+ EFI_SECURITY_ARCH_PROTOCOL *security;
|
||||
+ EFI_SECURITY2_ARCH_PROTOCOL *security2;
|
||||
+ EFI_SECURITY_FILE_AUTHENTICATION_STATE original_hook;
|
||||
+ EFI_SECURITY2_FILE_AUTHENTICATION original_hook2;
|
||||
|
||||
security_validator_t validator;
|
||||
const void *validator_ctx;
|
||||
@@ -148,13 +143,13 @@ static EFIAPI EFI_STATUS security_hook(
|
||||
const EFI_DEVICE_PATH *file) {
|
||||
|
||||
assert(security_override.validator);
|
||||
- assert(security_override.original_security);
|
||||
+ assert(security_override.security);
|
||||
+ assert(security_override.original_hook);
|
||||
|
||||
if (security_override.validator(security_override.validator_ctx, file, NULL, 0))
|
||||
return EFI_SUCCESS;
|
||||
|
||||
- return security_override.original_security->FileAuthenticationState(
|
||||
- security_override.original_security, authentication_status, file);
|
||||
+ return security_override.original_hook(security_override.security, authentication_status, file);
|
||||
}
|
||||
|
||||
static EFIAPI EFI_STATUS security2_hook(
|
||||
@@ -165,92 +160,58 @@ static EFIAPI EFI_STATUS security2_hook(
|
||||
BOOLEAN boot_policy) {
|
||||
|
||||
assert(security_override.validator);
|
||||
- assert(security_override.original_security2);
|
||||
+ assert(security_override.security2);
|
||||
+ assert(security_override.original_hook2);
|
||||
|
||||
if (security_override.validator(security_override.validator_ctx, device_path, file_buffer, file_size))
|
||||
return EFI_SUCCESS;
|
||||
|
||||
- return security_override.original_security2->FileAuthentication(
|
||||
- security_override.original_security2, device_path, file_buffer, file_size, boot_policy);
|
||||
+ return security_override.original_hook2(
|
||||
+ security_override.security2, device_path, file_buffer, file_size, boot_policy);
|
||||
}
|
||||
|
||||
-static EFI_STATUS install_security_override_one(
|
||||
- EFI_GUID guid, void *override, EFI_HANDLE *ret_original_handle, void **ret_original_security) {
|
||||
+/* This replaces the platform provided security arch protocols hooks (defined in the UEFI Platform
|
||||
+ * Initialization Specification) with our own that uses the given validator to decide if a image is to be
|
||||
+ * trusted. If not running in secure boot or the protocols are not available nothing happens. The override
|
||||
+ * must be removed with uninstall_security_override() after LoadImage() has been called.
|
||||
+ *
|
||||
+ * This is a hack as we do not own the security protocol instances and modifying them is not an official part
|
||||
+ * of their spec. But there is little else we can do to circumvent secure boot short of implementing our own
|
||||
+ * PE loader. We could replace the firmware instances with our own instance using
|
||||
+ * ReinstallProtocolInterface(), but some firmware will still use the old ones. */
|
||||
+void install_security_override(security_validator_t validator, const void *validator_ctx) {
|
||||
EFI_STATUS err;
|
||||
|
||||
- assert(override);
|
||||
- assert(ret_original_handle);
|
||||
- assert(ret_original_security);
|
||||
-
|
||||
- _cleanup_free_ EFI_HANDLE *handles = NULL;
|
||||
- size_t n_handles = 0;
|
||||
-
|
||||
- err = BS->LocateHandleBuffer(ByProtocol, &guid, NULL, &n_handles, &handles);
|
||||
- if (err != EFI_SUCCESS)
|
||||
- /* No security arch protocol around? */
|
||||
- return err;
|
||||
-
|
||||
- /* There should only ever be one security arch protocol instance, but let's be paranoid here. */
|
||||
- assert(n_handles == 1);
|
||||
-
|
||||
- void *security = NULL;
|
||||
- err = BS->LocateProtocol(&guid, NULL, &security);
|
||||
- if (err != EFI_SUCCESS)
|
||||
- return log_error_status_stall(err, u"Error getting security arch protocol: %r", err);
|
||||
-
|
||||
- err = BS->ReinstallProtocolInterface(handles[0], &guid, security, override);
|
||||
- if (err != EFI_SUCCESS)
|
||||
- return log_error_status_stall(err, u"Error overriding security arch protocol: %r", err);
|
||||
-
|
||||
- *ret_original_security = security;
|
||||
- *ret_original_handle = handles[0];
|
||||
- return EFI_SUCCESS;
|
||||
-}
|
||||
-
|
||||
-/* This replaces the platform provided security arch protocols (defined in the UEFI Platform Initialization
|
||||
- * Specification) with the provided override instances. If not running in secure boot or the protocols are
|
||||
- * not available nothing happens. The override instances are provided with the necessary info to undo this
|
||||
- * in uninstall_security_override(). */
|
||||
-void install_security_override(security_validator_t validator, const void *validator_ctx) {
|
||||
assert(validator);
|
||||
|
||||
if (!secure_boot_enabled())
|
||||
return;
|
||||
|
||||
security_override = (struct SecurityOverride) {
|
||||
- { .FileAuthenticationState = security_hook, },
|
||||
- { .FileAuthentication = security2_hook, },
|
||||
.validator = validator,
|
||||
.validator_ctx = validator_ctx,
|
||||
};
|
||||
|
||||
- (void) install_security_override_one(
|
||||
- (EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID,
|
||||
- &security_override.override,
|
||||
- &security_override.original_handle,
|
||||
- (void **) &security_override.original_security);
|
||||
- (void) install_security_override_one(
|
||||
- (EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID,
|
||||
- &security_override.override2,
|
||||
- &security_override.original_handle2,
|
||||
- (void **) &security_override.original_security2);
|
||||
+ EFI_SECURITY_ARCH_PROTOCOL *security = NULL;
|
||||
+ err = BS->LocateProtocol(&(EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID, NULL, (void **) &security);
|
||||
+ if (err == EFI_SUCCESS) {
|
||||
+ security_override.security = security;
|
||||
+ security_override.original_hook = security->FileAuthenticationState;
|
||||
+ security->FileAuthenticationState = security_hook;
|
||||
+ }
|
||||
+
|
||||
+ EFI_SECURITY2_ARCH_PROTOCOL *security2 = NULL;
|
||||
+ err = BS->LocateProtocol(&(EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID, NULL, (void **) &security2);
|
||||
+ if (err == EFI_SUCCESS) {
|
||||
+ security_override.security2 = security2;
|
||||
+ security_override.original_hook2 = security2->FileAuthentication;
|
||||
+ security2->FileAuthentication = security2_hook;
|
||||
+ }
|
||||
}
|
||||
|
||||
void uninstall_security_override(void) {
|
||||
- /* We use assert_se here to guarantee the system is not in a weird state in the unlikely case of an
|
||||
- * error restoring the original protocols. */
|
||||
-
|
||||
- if (security_override.original_handle)
|
||||
- assert_se(BS->ReinstallProtocolInterface(
|
||||
- security_override.original_handle,
|
||||
- &(EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID,
|
||||
- &security_override.override,
|
||||
- security_override.original_security) == EFI_SUCCESS);
|
||||
-
|
||||
- if (security_override.original_handle2)
|
||||
- assert_se(BS->ReinstallProtocolInterface(
|
||||
- security_override.original_handle2,
|
||||
- &(EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID,
|
||||
- &security_override.override2,
|
||||
- security_override.original_security2) == EFI_SUCCESS);
|
||||
+ if (security_override.original_hook)
|
||||
+ security_override.security->FileAuthenticationState = security_override.original_hook;
|
||||
+ if (security_override.original_hook2)
|
||||
+ security_override.security2->FileAuthentication = security_override.original_hook2;
|
||||
}
|
@ -1,36 +0,0 @@
|
||||
From 77cde7d38bf8cd3438a867a6330c314f4580e43b Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Wed, 2 Feb 2022 14:20:48 +0900
|
||||
Subject: [PATCH] mkdir: allow to create directory whose path contains symlink
|
||||
|
||||
Fixes a regression caused by 3008a6f21c1c42efe852d69798a2fdd63fe657ec.
|
||||
|
||||
Before the commit, when `mkdir_parents_internal()` is called from `mkdir_p()`,
|
||||
it uses `_mkdir()` as `flag` is zero. But after the commit, `mkdir_safe_internal()`
|
||||
is always used. Hence, if the path contains a symlink, it fails with -ENOTDIR.
|
||||
|
||||
To fix the issue, this makes `mkdir_p()` calls `mkdir_parents_internal()` with
|
||||
MKDIR_FOLLOW_SYMLINK flag.
|
||||
|
||||
Fixes #22334.
|
||||
|
||||
(cherry picked from commit 5117059ee9f84ed2fd37801ec0b90473db475422)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/basic/mkdir.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c
|
||||
index 6e2b94d024..88782ab0d4 100644
|
||||
--- a/src/basic/mkdir.c
|
||||
+++ b/src/basic/mkdir.c
|
||||
@@ -162,7 +162,7 @@ int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t ui
|
||||
|
||||
assert(_mkdirat != mkdirat);
|
||||
|
||||
- r = mkdir_parents_internal(prefix, path, mode, uid, gid, flags, _mkdirat);
|
||||
+ r = mkdir_parents_internal(prefix, path, mode, uid, gid, flags | MKDIR_FOLLOW_SYMLINK, _mkdirat);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -1,26 +0,0 @@
|
||||
From 848b8dde6fe096b317abf0b4996f21c8fe6a39ce Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Wed, 2 Feb 2022 15:06:27 +0900
|
||||
Subject: [PATCH] mkdir: CHASE_NONEXISTENT cannot used in
|
||||
chase_symlinks_and_stat()
|
||||
|
||||
(cherry picked from commit e22916e61d1fdb7b46918b605ebf783d9017f9d8)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/basic/mkdir.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c
|
||||
index 88782ab0d4..51a0d74e87 100644
|
||||
--- a/src/basic/mkdir.c
|
||||
+++ b/src/basic/mkdir.c
|
||||
@@ -42,7 +42,7 @@ int mkdir_safe_internal(
|
||||
if ((flags & MKDIR_FOLLOW_SYMLINK) && S_ISLNK(st.st_mode)) {
|
||||
_cleanup_free_ char *p = NULL;
|
||||
|
||||
- r = chase_symlinks_and_stat(path, NULL, CHASE_NONEXISTENT, &p, &st, NULL);
|
||||
+ r = chase_symlinks_and_stat(path, NULL, 0, &p, &st, NULL);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0)
|
@ -0,0 +1,31 @@
|
||||
From a43bf9f897002744610a9ea5ce7bdc91c3e3dc83 Mon Sep 17 00:00:00 2001
|
||||
From: Khem Raj <raj.khem@gmail.com>
|
||||
Date: Tue, 8 Nov 2022 12:21:35 -0800
|
||||
Subject: [PATCH] networkd-ipv4acd.c: Use net/if.h for getting IFF_LOOPBACK
|
||||
definition
|
||||
|
||||
This helps in avoiding compiling errors on musl. Definition of
|
||||
IFF_LOOPBACK is the reason for including linux/if_arp.h, this however
|
||||
could be obtained from net/if.h glibc header equally and makes it
|
||||
portable as well.
|
||||
|
||||
(cherry picked from commit 239e4a42a69c31e55e58618d800e0d68c68931d3)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/network/networkd-ipv4acd.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/network/networkd-ipv4acd.c b/src/network/networkd-ipv4acd.c
|
||||
index 4127657ebd..877dee00ec 100644
|
||||
--- a/src/network/networkd-ipv4acd.c
|
||||
+++ b/src/network/networkd-ipv4acd.c
|
||||
@@ -1,6 +1,7 @@
|
||||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
|
||||
-#include <linux/if_arp.h>
|
||||
+#include <net/if.h> /* IFF_LOOPBACK */
|
||||
+#include <net/if_arp.h> /* ARPHRD_ETHER */
|
||||
|
||||
#include "sd-dhcp-client.h"
|
||||
#include "sd-ipv4acd.h"
|
@ -0,0 +1,111 @@
|
||||
From 94f9a80db599dcc298f3058e5cf2bb60c4972228 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 24 Nov 2022 13:58:39 +0100
|
||||
Subject: [PATCH] Revert "initrd: extend SYSTEMD_IN_INITRD to accept non-ramfs
|
||||
rootfs"
|
||||
|
||||
This reverts commit 1f22621ba33f8089d2ae5fbcaf8b3970dd68aaf0.
|
||||
|
||||
This is a replacement for b1fd5cd4eda02a323db93d7daa97f5138f89677d. See that
|
||||
commit for details.
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
docs/ENVIRONMENT.md | 10 +++-------
|
||||
src/basic/util.c | 47 ++++++++-------------------------------------
|
||||
2 files changed, 11 insertions(+), 46 deletions(-)
|
||||
|
||||
diff --git a/docs/ENVIRONMENT.md b/docs/ENVIRONMENT.md
|
||||
index a840dd0c90..ab3add6031 100644
|
||||
--- a/docs/ENVIRONMENT.md
|
||||
+++ b/docs/ENVIRONMENT.md
|
||||
@@ -73,13 +73,9 @@ All tools:
|
||||
(relevant in particular for the system manager and `systemd-hostnamed`).
|
||||
Must be a valid hostname (either a single label or a FQDN).
|
||||
|
||||
-* `$SYSTEMD_IN_INITRD=[auto|lenient|0|1]` — if set, specifies initrd detection
|
||||
- method. Defaults to `auto`. Behavior is defined as follows:
|
||||
- `auto`: Checks if `/etc/initrd-release` exists, and a temporary fs is mounted
|
||||
- on `/`. If both conditions meet, then it's in initrd.
|
||||
- `lenient`: Similar to `auto`, but the rootfs check is skipped.
|
||||
- `0|1`: Simply overrides initrd detection. This is useful for debugging and
|
||||
- testing initrd-only programs in the main system.
|
||||
+* `$SYSTEMD_IN_INITRD` — takes a boolean. If set, overrides initrd detection.
|
||||
+ This is useful for debugging and testing initrd-only programs in the main
|
||||
+ system.
|
||||
|
||||
* `$SYSTEMD_BUS_TIMEOUT=SECS` — specifies the maximum time to wait for method call
|
||||
completion. If no time unit is specified, assumes seconds. The usual other units
|
||||
diff --git a/src/basic/util.c b/src/basic/util.c
|
||||
index d7ef382737..981f917fab 100644
|
||||
--- a/src/basic/util.c
|
||||
+++ b/src/basic/util.c
|
||||
@@ -52,13 +52,11 @@ int prot_from_flags(int flags) {
|
||||
|
||||
bool in_initrd(void) {
|
||||
int r;
|
||||
- const char *e;
|
||||
- bool lenient = false;
|
||||
|
||||
if (saved_in_initrd >= 0)
|
||||
return saved_in_initrd;
|
||||
|
||||
- /* We have two checks here:
|
||||
+ /* We make two checks here:
|
||||
*
|
||||
* 1. the flag file /etc/initrd-release must exist
|
||||
* 2. the root file system must be a memory file system
|
||||
@@ -66,46 +64,17 @@ bool in_initrd(void) {
|
||||
* The second check is extra paranoia, since misdetecting an
|
||||
* initrd can have bad consequences due the initrd
|
||||
* emptying when transititioning to the main systemd.
|
||||
- *
|
||||
- * If env var $SYSTEMD_IN_INITRD is not set or set to "auto",
|
||||
- * both checks are used. If it's set to "lenient", only check
|
||||
- * 1 is used. If set to a boolean value, then the boolean
|
||||
- * value is returned.
|
||||
*/
|
||||
|
||||
- e = secure_getenv("SYSTEMD_IN_INITRD");
|
||||
- if (e) {
|
||||
- if (streq(e, "lenient"))
|
||||
- lenient = true;
|
||||
- else if (!streq(e, "auto")) {
|
||||
- r = parse_boolean(e);
|
||||
- if (r >= 0) {
|
||||
- saved_in_initrd = r > 0;
|
||||
- return saved_in_initrd;
|
||||
- }
|
||||
- log_debug_errno(r, "Failed to parse $SYSTEMD_IN_INITRD, ignoring: %m");
|
||||
- }
|
||||
- }
|
||||
-
|
||||
- if (!lenient) {
|
||||
- r = path_is_temporary_fs("/");
|
||||
- if (r < 0)
|
||||
- log_debug_errno(r, "Couldn't determine if / is a temporary file system: %m");
|
||||
+ r = getenv_bool_secure("SYSTEMD_IN_INITRD");
|
||||
+ if (r < 0 && r != -ENXIO)
|
||||
+ log_debug_errno(r, "Failed to parse $SYSTEMD_IN_INITRD, ignoring: %m");
|
||||
|
||||
+ if (r >= 0)
|
||||
saved_in_initrd = r > 0;
|
||||
- }
|
||||
-
|
||||
- r = access("/etc/initrd-release", F_OK);
|
||||
- if (r >= 0) {
|
||||
- if (saved_in_initrd == 0)
|
||||
- log_debug("/etc/initrd-release exists, but it's not an initrd.");
|
||||
- else
|
||||
- saved_in_initrd = 1;
|
||||
- } else {
|
||||
- if (errno != ENOENT)
|
||||
- log_debug_errno(errno, "Failed to test if /etc/initrd-release exists: %m");
|
||||
- saved_in_initrd = 0;
|
||||
- }
|
||||
+ else
|
||||
+ saved_in_initrd = access("/etc/initrd-release", F_OK) >= 0 &&
|
||||
+ path_is_temporary_fs("/") > 0;
|
||||
|
||||
return saved_in_initrd;
|
||||
}
|
@ -1,137 +0,0 @@
|
||||
From 9cfc2fd3c58609252b3fd203af95bec1aab1b832 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 23 Dec 2021 12:55:40 +0100
|
||||
Subject: [PATCH] meson: move efi file lists closer to where they are used
|
||||
|
||||
The goal is to have the detection of features and paths done first, and
|
||||
then the build target constructions second.
|
||||
|
||||
(cherry picked from commit 65dcf9f9a0d877de0dc53558547462a7f1750c78)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/boot/efi/meson.build | 104 +++++++++++++++++++--------------------
|
||||
1 file changed, 51 insertions(+), 53 deletions(-)
|
||||
|
||||
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
|
||||
index e10e51cf4e..1125c64ea3 100644
|
||||
--- a/src/boot/efi/meson.build
|
||||
+++ b/src/boot/efi/meson.build
|
||||
@@ -99,59 +99,6 @@ if efi_lds == ''
|
||||
subdir_done()
|
||||
endif
|
||||
|
||||
-efi_headers = files('''
|
||||
- bcd.h
|
||||
- console.h
|
||||
- cpio.h
|
||||
- devicetree.h
|
||||
- disk.h
|
||||
- drivers.h
|
||||
- graphics.h
|
||||
- linux.h
|
||||
- measure.h
|
||||
- missing_efi.h
|
||||
- pe.h
|
||||
- random-seed.h
|
||||
- shim.h
|
||||
- splash.h
|
||||
- util.h
|
||||
- xbootldr.h
|
||||
-'''.split())
|
||||
-
|
||||
-common_sources = '''
|
||||
- assert.c
|
||||
- devicetree.c
|
||||
- disk.c
|
||||
- graphics.c
|
||||
- measure.c
|
||||
- pe.c
|
||||
- secure-boot.c
|
||||
- util.c
|
||||
-'''.split()
|
||||
-
|
||||
-systemd_boot_sources = '''
|
||||
- bcd.c
|
||||
- boot.c
|
||||
- console.c
|
||||
- drivers.c
|
||||
- random-seed.c
|
||||
- shim.c
|
||||
- xbootldr.c
|
||||
-'''.split()
|
||||
-
|
||||
-stub_sources = '''
|
||||
- cpio.c
|
||||
- initrd.c
|
||||
- splash.c
|
||||
- stub.c
|
||||
-'''.split()
|
||||
-
|
||||
-if efi_arch[1] in ['ia32', 'x86_64']
|
||||
- stub_sources += 'linux_x86.c'
|
||||
-else
|
||||
- stub_sources += 'linux.c'
|
||||
-endif
|
||||
-
|
||||
conf.set10('HAVE_GNU_EFI', true)
|
||||
conf.set_quoted('EFI_MACHINE_TYPE_NAME', efi_arch[0])
|
||||
|
||||
@@ -332,6 +279,57 @@ if efi_cc_version.contains('clang') and efi_cc_version.split('.')[0].split(' ')[
|
||||
efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument']
|
||||
endif
|
||||
|
||||
+############################################################
|
||||
+
|
||||
+efi_headers = files(
|
||||
+ 'bcd.h',
|
||||
+ 'console.h',
|
||||
+ 'cpio.h',
|
||||
+ 'devicetree.h',
|
||||
+ 'disk.h',
|
||||
+ 'drivers.h',
|
||||
+ 'graphics.h',
|
||||
+ 'linux.h',
|
||||
+ 'measure.h',
|
||||
+ 'missing_efi.h',
|
||||
+ 'pe.h',
|
||||
+ 'random-seed.h',
|
||||
+ 'shim.h',
|
||||
+ 'splash.h',
|
||||
+ 'util.h',
|
||||
+ 'xbootldr.h')
|
||||
+
|
||||
+common_sources = [
|
||||
+ 'assert.c',
|
||||
+ 'devicetree.c',
|
||||
+ 'disk.c',
|
||||
+ 'graphics.c',
|
||||
+ 'measure.c',
|
||||
+ 'pe.c',
|
||||
+ 'secure-boot.c',
|
||||
+ 'util.c']
|
||||
+
|
||||
+systemd_boot_sources = [
|
||||
+ 'bcd.c',
|
||||
+ 'boot.c',
|
||||
+ 'console.c',
|
||||
+ 'drivers.c',
|
||||
+ 'random-seed.c',
|
||||
+ 'shim.c',
|
||||
+ 'xbootldr.c']
|
||||
+
|
||||
+stub_sources = [
|
||||
+ 'cpio.c',
|
||||
+ 'initrd.c',
|
||||
+ 'splash.c',
|
||||
+ 'stub.c']
|
||||
+
|
||||
+if efi_arch[1] in ['ia32', 'x86_64']
|
||||
+ stub_sources += 'linux_x86.c'
|
||||
+else
|
||||
+ stub_sources += 'linux.c'
|
||||
+endif
|
||||
+
|
||||
systemd_boot_objects = []
|
||||
stub_objects = []
|
||||
foreach file : fundamental_source_paths + common_sources + systemd_boot_sources + stub_sources
|
@ -1,77 +0,0 @@
|
||||
From a6c93d3200c0fd0eeee3a725b428cee94108cf48 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 23 Dec 2021 13:05:01 +0100
|
||||
Subject: [PATCH] meson: move efi summary() section to src/boot/efi
|
||||
|
||||
This way we can add the entries more naturally in the same place where
|
||||
they are defined.
|
||||
|
||||
(cherry picked from commit 3f871f120520aa2d11218735b0741bacc0309b4d)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
meson.build | 16 ++++------------
|
||||
src/boot/efi/meson.build | 9 +++++++++
|
||||
2 files changed, 13 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/meson.build b/meson.build
|
||||
index e07875a054..f040eeab99 100644
|
||||
--- a/meson.build
|
||||
+++ b/meson.build
|
||||
@@ -43,6 +43,10 @@ endif
|
||||
skip_deps = want_ossfuzz or want_libfuzzer
|
||||
fuzzer_build = want_ossfuzz or want_libfuzzer
|
||||
|
||||
+# Create a title-less summary section early, so it ends up first in the output.
|
||||
+# More items are added later after they have been detected.
|
||||
+summary({'build mode' : get_option('mode')})
|
||||
+
|
||||
#####################################################################
|
||||
|
||||
# Try to install the git pre-commit hook
|
||||
@@ -3902,7 +3906,6 @@ alt_time_epoch = run_command('date', '-Is', '-u', '-d', '@@0@'.format(time_epoch
|
||||
check : true).stdout().strip()
|
||||
|
||||
summary({
|
||||
- 'build mode' : get_option('mode'),
|
||||
'split /usr' : split_usr,
|
||||
'split bin-sbin' : split_bin,
|
||||
'prefix directory' : prefixdir,
|
||||
@@ -3960,17 +3963,6 @@ summary({
|
||||
# CPPFLAGS: ${OUR_CPPFLAGS} ${CPPFLAGS}
|
||||
# LDFLAGS: ${OUR_LDFLAGS} ${LDFLAGS}
|
||||
|
||||
-if conf.get('ENABLE_EFI') == 1 and conf.get('HAVE_GNU_EFI') == 1
|
||||
- summary({
|
||||
- 'EFI machine type' : efi_arch[0],
|
||||
- 'EFI CC' : '@0@'.format(' '.join(efi_cc)),
|
||||
- 'EFI LD' : efi_ld,
|
||||
- 'EFI lds' : efi_lds,
|
||||
- 'EFI crt0' : efi_crt0,
|
||||
- 'EFI include directory' : efi_incdir},
|
||||
- section : 'Extensible Firmware Interface')
|
||||
-endif
|
||||
-
|
||||
found = []
|
||||
missing = []
|
||||
|
||||
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
|
||||
index 1125c64ea3..dd318079fc 100644
|
||||
--- a/src/boot/efi/meson.build
|
||||
+++ b/src/boot/efi/meson.build
|
||||
@@ -279,6 +279,15 @@ if efi_cc_version.contains('clang') and efi_cc_version.split('.')[0].split(' ')[
|
||||
efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument']
|
||||
endif
|
||||
|
||||
+summary({
|
||||
+ 'EFI machine type' : efi_arch[0],
|
||||
+ 'EFI CC' : '@0@'.format(' '.join(efi_cc)),
|
||||
+ 'EFI LD' : efi_ld,
|
||||
+ 'EFI lds' : efi_lds,
|
||||
+ 'EFI crt0' : efi_crt0,
|
||||
+ 'EFI include directory' : efi_incdir},
|
||||
+ section : 'Extensible Firmware Interface')
|
||||
+
|
||||
############################################################
|
||||
|
||||
efi_headers = files(
|
@ -0,0 +1,124 @@
|
||||
From 7b6a09c47f1fee035c4b42840fabf65edce12aa8 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Mon, 7 Nov 2022 12:40:20 +0100
|
||||
Subject: [PATCH] pid1: skip cleanup if root is not tmpfs/ramfs
|
||||
|
||||
in_initrd() was really doing two things: checking if we're in the initrd, and
|
||||
also verifying that the initrd is set up correctly. But this second check is
|
||||
complicated, in particular it would return false for overlayfs, even with an
|
||||
upper tmpfs layer. It also doesn't support the use case of having an initial
|
||||
initrd with tmpfs, and then transitioning into an intermediate initrd that is
|
||||
e.g. a DDI, i.e. a filesystem possibly with verity arranged as a disk image.
|
||||
|
||||
We don't need to check if we're in initrd in every program. Instead, concerns
|
||||
are separated:
|
||||
- in_initrd() just does a simple check for /etc/initrd-release.
|
||||
- When doing cleanup, pid1 checks if it's on a tmpfs before starting to wipe
|
||||
the old root. The only case where we want to remove the old root is when
|
||||
we're on a plain tempory filesystem. With an overlay, we'd be creating
|
||||
whiteout files, which is not very useful. (*)
|
||||
|
||||
This should resolve https://bugzilla.redhat.com/show_bug.cgi?id=2137631
|
||||
which is caused by systemd refusing to treat the system as an initrd because
|
||||
overlayfs is used.
|
||||
|
||||
(*) I think the idea of keeping the initrd fs around for shutdown is outdated.
|
||||
We should just have a completely separate exitrd that is unpacked when we want
|
||||
to shut down. This way, we don't waste memory at runtime, and we also don't
|
||||
transition to a potentially older version of systemd. But we don't have support
|
||||
for this yet.
|
||||
|
||||
This replaces 0fef5b0f0bd9ded1ae7bcb3e4e4b2893e36c51a6.
|
||||
|
||||
(cherry picked from commit a940f507fbe1c81d6787dc0b7ce232c39818eec9)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/basic/util.c | 19 ++++++++-----------
|
||||
src/shared/switch-root.c | 22 ++++++++++++----------
|
||||
2 files changed, 20 insertions(+), 21 deletions(-)
|
||||
|
||||
diff --git a/src/basic/util.c b/src/basic/util.c
|
||||
index 981f917fab..e6aaa2dc9b 100644
|
||||
--- a/src/basic/util.c
|
||||
+++ b/src/basic/util.c
|
||||
@@ -56,14 +56,8 @@ bool in_initrd(void) {
|
||||
if (saved_in_initrd >= 0)
|
||||
return saved_in_initrd;
|
||||
|
||||
- /* We make two checks here:
|
||||
- *
|
||||
- * 1. the flag file /etc/initrd-release must exist
|
||||
- * 2. the root file system must be a memory file system
|
||||
- *
|
||||
- * The second check is extra paranoia, since misdetecting an
|
||||
- * initrd can have bad consequences due the initrd
|
||||
- * emptying when transititioning to the main systemd.
|
||||
+ /* If /etc/initrd-release exists, we're in an initrd.
|
||||
+ * This can be overridden by setting SYSTEMD_IN_INITRD=0|1.
|
||||
*/
|
||||
|
||||
r = getenv_bool_secure("SYSTEMD_IN_INITRD");
|
||||
@@ -72,9 +66,12 @@ bool in_initrd(void) {
|
||||
|
||||
if (r >= 0)
|
||||
saved_in_initrd = r > 0;
|
||||
- else
|
||||
- saved_in_initrd = access("/etc/initrd-release", F_OK) >= 0 &&
|
||||
- path_is_temporary_fs("/") > 0;
|
||||
+ else {
|
||||
+ r = access("/etc/initrd-release", F_OK);
|
||||
+ if (r < 0 && errno != ENOENT)
|
||||
+ log_debug_errno(r, "Failed to check if /etc/initrd-release exists, assuming it does not: %m");
|
||||
+ saved_in_initrd = r >= 0;
|
||||
+ }
|
||||
|
||||
return saved_in_initrd;
|
||||
}
|
||||
diff --git a/src/shared/switch-root.c b/src/shared/switch-root.c
|
||||
index 1a444841fa..4cad3551a6 100644
|
||||
--- a/src/shared/switch-root.c
|
||||
+++ b/src/shared/switch-root.c
|
||||
@@ -32,7 +32,6 @@ int switch_root(const char *new_root,
|
||||
|
||||
_cleanup_free_ char *resolved_old_root_after = NULL;
|
||||
_cleanup_close_ int old_root_fd = -1;
|
||||
- bool old_root_remove;
|
||||
int r;
|
||||
|
||||
assert(new_root);
|
||||
@@ -42,12 +41,16 @@ int switch_root(const char *new_root,
|
||||
return 0;
|
||||
|
||||
/* Check if we shall remove the contents of the old root */
|
||||
- old_root_remove = in_initrd();
|
||||
- if (old_root_remove) {
|
||||
- old_root_fd = open("/", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_NOCTTY|O_DIRECTORY);
|
||||
- if (old_root_fd < 0)
|
||||
- return log_error_errno(errno, "Failed to open root directory: %m");
|
||||
- }
|
||||
+ old_root_fd = open("/", O_RDONLY | O_CLOEXEC | O_DIRECTORY);
|
||||
+ if (old_root_fd < 0)
|
||||
+ return log_error_errno(errno, "Failed to open root directory: %m");
|
||||
+ r = fd_is_temporary_fs(old_root_fd);
|
||||
+ if (r < 0)
|
||||
+ return log_error_errno(r, "Failed to stat root directory: %m");
|
||||
+ if (r > 0)
|
||||
+ log_debug("Root directory is on tmpfs, will do cleanup later.");
|
||||
+ else
|
||||
+ old_root_fd = safe_close(old_root_fd);
|
||||
|
||||
/* Determine where we shall place the old root after the transition */
|
||||
r = chase_symlinks(old_root_after, new_root, CHASE_PREFIX_ROOT|CHASE_NONEXISTENT, &resolved_old_root_after, NULL);
|
||||
@@ -117,9 +120,8 @@ int switch_root(const char *new_root,
|
||||
struct stat rb;
|
||||
|
||||
if (fstat(old_root_fd, &rb) < 0)
|
||||
- log_warning_errno(errno, "Failed to stat old root directory, leaving: %m");
|
||||
- else
|
||||
- (void) rm_rf_children(TAKE_FD(old_root_fd), 0, &rb); /* takes possession of the dir fd, even on failure */
|
||||
+ return log_error_errno(errno, "Failed to stat old root directory: %m");
|
||||
+ (void) rm_rf_children(TAKE_FD(old_root_fd), 0, &rb); /* takes possession of the dir fd, even on failure */
|
||||
}
|
||||
|
||||
return 0;
|
@ -0,0 +1,106 @@
|
||||
From 2ac7d7a818788110342a99978680485fbe27cc25 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Fri, 11 Nov 2022 13:54:03 +0900
|
||||
Subject: [PATCH] ac-power: check battery existence and status
|
||||
|
||||
If a battery is not present or its status is not discharging, then
|
||||
the battery should not be used as a power source.
|
||||
Let's count batteries currently discharging.
|
||||
|
||||
Fixes #25316.
|
||||
|
||||
(cherry picked from commit 1c03f7f4ba419aa65997e90accc0d935ae1cfbc5)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/shared/udev-util.c | 58 ++++++++++++++++++++++++++++++++----------
|
||||
1 file changed, 44 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/src/shared/udev-util.c b/src/shared/udev-util.c
|
||||
index aac02cd61b..7d95353452 100644
|
||||
--- a/src/shared/udev-util.c
|
||||
+++ b/src/shared/udev-util.c
|
||||
@@ -642,9 +642,46 @@ static int device_is_power_sink(sd_device *device) {
|
||||
return found_sink || !found_source;
|
||||
}
|
||||
|
||||
+static bool battery_is_discharging(sd_device *d) {
|
||||
+ const char *val;
|
||||
+ int r;
|
||||
+
|
||||
+ assert(d);
|
||||
+
|
||||
+ r = sd_device_get_sysattr_value(d, "scope", &val);
|
||||
+ if (r < 0) {
|
||||
+ if (r != -ENOENT)
|
||||
+ log_device_debug_errno(d, r, "Failed to read 'scope' sysfs attribute, ignoring: %m");
|
||||
+ } else if (streq(val, "Device")) {
|
||||
+ log_device_debug(d, "The power supply is a device battery, ignoring device.");
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ r = device_get_sysattr_bool(d, "present");
|
||||
+ if (r < 0)
|
||||
+ log_device_debug_errno(d, r, "Failed to read 'present' sysfs attribute, assuming the battery is present: %m");
|
||||
+ else if (r == 0) {
|
||||
+ log_device_debug(d, "The battery is not present, ignoring the power supply.");
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ /* Possible values: "Unknown", "Charging", "Discharging", "Not charging", "Full" */
|
||||
+ r = sd_device_get_sysattr_value(d, "status", &val);
|
||||
+ if (r < 0) {
|
||||
+ log_device_debug_errno(d, r, "Failed to read 'status' sysfs attribute, assuming the battery is discharging: %m");
|
||||
+ return true;
|
||||
+ }
|
||||
+ if (!streq(val, "Discharging")) {
|
||||
+ log_device_debug(d, "The battery status is '%s', assuming the battery is not used as a power source of this machine.", val);
|
||||
+ return false;
|
||||
+ }
|
||||
+
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
int on_ac_power(void) {
|
||||
_cleanup_(sd_device_enumerator_unrefp) sd_device_enumerator *e = NULL;
|
||||
- bool found_ac_online = false, found_battery = false;
|
||||
+ bool found_ac_online = false, found_discharging_battery = false;
|
||||
sd_device *d;
|
||||
int r;
|
||||
|
||||
@@ -686,17 +723,10 @@ int on_ac_power(void) {
|
||||
}
|
||||
|
||||
if (streq(val, "Battery")) {
|
||||
- r = sd_device_get_sysattr_value(d, "scope", &val);
|
||||
- if (r < 0) {
|
||||
- if (r != -ENOENT)
|
||||
- log_device_debug_errno(d, r, "Failed to read 'scope' sysfs attribute, ignoring: %m");
|
||||
- } else if (streq(val, "Device")) {
|
||||
- log_device_debug(d, "The power supply is a device battery, ignoring device.");
|
||||
- continue;
|
||||
+ if (battery_is_discharging(d)) {
|
||||
+ found_discharging_battery = true;
|
||||
+ log_device_debug(d, "The power supply is a battery and currently discharging.");
|
||||
}
|
||||
-
|
||||
- found_battery = true;
|
||||
- log_device_debug(d, "The power supply is battery.");
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -713,11 +743,11 @@ int on_ac_power(void) {
|
||||
if (found_ac_online) {
|
||||
log_debug("Found at least one online non-battery power supply, system is running on AC.");
|
||||
return true;
|
||||
- } else if (found_battery) {
|
||||
- log_debug("Found battery and no online power sources, assuming system is running from battery.");
|
||||
+ } else if (found_discharging_battery) {
|
||||
+ log_debug("Found at least one discharging battery and no online power sources, assuming system is running from battery.");
|
||||
return false;
|
||||
} else {
|
||||
- log_debug("No power supply reported online and no battery, assuming system is running on AC.");
|
||||
+ log_debug("No power supply reported online and no discharging battery found, assuming system is running on AC.");
|
||||
return true;
|
||||
}
|
||||
}
|
@ -1,53 +0,0 @@
|
||||
From 340f8e02cf4db0e6b3733bfcc14630b3ce8181a5 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 23 Dec 2021 13:19:42 +0100
|
||||
Subject: [PATCH] meson: report SBAT settings
|
||||
|
||||
(cherry picked from commit e4e44a0107645891e82a538100a7590eb59a516c)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/boot/efi/meson.build | 14 +++++++++++++-
|
||||
1 file changed, 13 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
|
||||
index dd318079fc..e628068596 100644
|
||||
--- a/src/boot/efi/meson.build
|
||||
+++ b/src/boot/efi/meson.build
|
||||
@@ -130,7 +130,6 @@ elif get_option('sbat-distro') != ''
|
||||
if (value == '' or value == 'auto') and not meson.is_cross_build()
|
||||
cmd = 'if [ -e /etc/os-release ]; then . /etc/os-release; else . /usr/lib/os-release; fi; echo $@0@'.format(sbatvar[1])
|
||||
value = run_command(sh, '-c', cmd).stdout().strip()
|
||||
- message('@0@ (from @1@): @2@'.format(sbatvar[0], sbatvar[1], value))
|
||||
endif
|
||||
if value == ''
|
||||
error('Required @0@ option not set and autodetection failed'.format(sbatvar[0]))
|
||||
@@ -147,8 +146,11 @@ elif get_option('sbat-distro') != ''
|
||||
pkgver = get_option('sbat-distro-version')
|
||||
if pkgver == ''
|
||||
efi_conf.set('SBAT_DISTRO_VERSION', 'GIT_VERSION')
|
||||
+ # This is determined during build, not configuration, so we can't display it yet.
|
||||
+ sbat_distro_version_display = '(git version)'
|
||||
else
|
||||
efi_conf.set_quoted('SBAT_DISTRO_VERSION', pkgver)
|
||||
+ sbat_distro_version_display = pkgver
|
||||
endif
|
||||
endif
|
||||
|
||||
@@ -288,6 +290,16 @@ summary({
|
||||
'EFI include directory' : efi_incdir},
|
||||
section : 'Extensible Firmware Interface')
|
||||
|
||||
+if efi_conf.get('SBAT_DISTRO', '') != ''
|
||||
+ summary({
|
||||
+ 'SBAT distro': efi_conf.get('SBAT_DISTRO'),
|
||||
+ 'SBAT distro generation': efi_conf.get('SBAT_DISTRO_GENERATION'),
|
||||
+ 'SBAT distro version': sbat_distro_version_display,
|
||||
+ 'SBAT distro summary': efi_conf.get('SBAT_DISTRO_SUMMARY'),
|
||||
+ 'SBAT distro URL': efi_conf.get('SBAT_DISTRO_URL')},
|
||||
+ section : 'Extensible Firmware Interface')
|
||||
+endif
|
||||
+
|
||||
############################################################
|
||||
|
||||
efi_headers = files(
|
@ -1,79 +0,0 @@
|
||||
From 2d3b47dcd5a4b356c481f89c483db3eb308fcab9 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Tue, 28 Dec 2021 13:10:39 +0100
|
||||
Subject: [PATCH] boot: Build BCD parser only on arches supported by Windows
|
||||
|
||||
(cherry picked from commit 77fcf28cb88b302453b4c991a6571cb37f10634d)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/boot/efi/boot.c | 2 ++
|
||||
src/boot/efi/meson.build | 21 ++++++++++++---------
|
||||
2 files changed, 14 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c
|
||||
index 0286914b8b..83358406f2 100644
|
||||
--- a/src/boot/efi/boot.c
|
||||
+++ b/src/boot/efi/boot.c
|
||||
@@ -1941,6 +1941,7 @@ static void config_entry_add_osx(Config *config) {
|
||||
}
|
||||
|
||||
static void config_entry_add_windows(Config *config, EFI_HANDLE *device, EFI_FILE *root_dir) {
|
||||
+#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
|
||||
_cleanup_freepool_ CHAR8 *bcd = NULL;
|
||||
CHAR16 *title = NULL;
|
||||
EFI_STATUS err;
|
||||
@@ -1961,6 +1962,7 @@ static void config_entry_add_windows(Config *config, EFI_HANDLE *device, EFI_FIL
|
||||
config_entry_add_loader_auto(config, device, root_dir, NULL,
|
||||
L"auto-windows", 'w', title ?: L"Windows Boot Manager",
|
||||
L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi");
|
||||
+#endif
|
||||
}
|
||||
|
||||
static void config_entry_add_linux(
|
||||
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
|
||||
index e628068596..6a0c8da9ba 100644
|
||||
--- a/src/boot/efi/meson.build
|
||||
+++ b/src/boot/efi/meson.build
|
||||
@@ -331,7 +331,6 @@ common_sources = [
|
||||
'util.c']
|
||||
|
||||
systemd_boot_sources = [
|
||||
- 'bcd.c',
|
||||
'boot.c',
|
||||
'console.c',
|
||||
'drivers.c',
|
||||
@@ -351,6 +350,18 @@ else
|
||||
stub_sources += 'linux.c'
|
||||
endif
|
||||
|
||||
+# BCD parser only makes sense on arches that Windows supports.
|
||||
+if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
|
||||
+ systemd_boot_sources += 'bcd.c'
|
||||
+ tests += [
|
||||
+ [['src/boot/efi/test-bcd.c'],
|
||||
+ [],
|
||||
+ [libzstd],
|
||||
+ [],
|
||||
+ 'HAVE_ZSTD'],
|
||||
+ ]
|
||||
+endif
|
||||
+
|
||||
systemd_boot_objects = []
|
||||
stub_objects = []
|
||||
foreach file : fundamental_source_paths + common_sources + systemd_boot_sources + stub_sources
|
||||
@@ -408,14 +419,6 @@ endforeach
|
||||
|
||||
############################################################
|
||||
|
||||
-tests += [
|
||||
- [['src/boot/efi/test-bcd.c'],
|
||||
- [],
|
||||
- [libzstd],
|
||||
- [],
|
||||
- 'HAVE_ZSTD'],
|
||||
-]
|
||||
-
|
||||
test_efi_disk_img = custom_target(
|
||||
'test-efi-disk.img',
|
||||
input : [efi_stubs[0][0], efi_stubs[1][1]],
|
@ -0,0 +1,34 @@
|
||||
From c2317e2a2be2dd39266b82712ec9569a86f7fde3 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Sun, 13 Nov 2022 21:10:56 +0900
|
||||
Subject: [PATCH] systemctl: do not show unit properties with --all
|
||||
|
||||
Fixes a bug introduced by a6e334649d4bdff0c6f664e98666b2223aa21a8b.
|
||||
|
||||
Fixes #25343.
|
||||
|
||||
(cherry picked from commit 0b51a1c8c4c77f98a8c234cd2c7a7849329be027)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/systemctl/systemctl-show.c | 7 ++++---
|
||||
1 file changed, 4 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/systemctl/systemctl-show.c b/src/systemctl/systemctl-show.c
|
||||
index 8d3db98c0a..24c7d564b8 100644
|
||||
--- a/src/systemctl/systemctl-show.c
|
||||
+++ b/src/systemctl/systemctl-show.c
|
||||
@@ -2207,9 +2207,10 @@ int verb_show(int argc, char *argv[], void *userdata) {
|
||||
|
||||
if (!arg_states && !arg_types) {
|
||||
if (show_mode == SYSTEMCTL_SHOW_PROPERTIES)
|
||||
- r = show_one(bus, "/org/freedesktop/systemd1", NULL, show_mode, &new_line, &ellipsized);
|
||||
- else
|
||||
- r = show_system_status(bus);
|
||||
+ /* systemctl show --all → show properties of the manager */
|
||||
+ return show_one(bus, "/org/freedesktop/systemd1", NULL, show_mode, &new_line, &ellipsized);
|
||||
+
|
||||
+ r = show_system_status(bus);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
@ -0,0 +1,46 @@
|
||||
From abbfdf2aa3e17a84d0f4075f125e670defaf7296 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Marcus=20Sch=C3=A4fer?= <marcus.schaefer@gmail.com>
|
||||
Date: Wed, 16 Nov 2022 00:17:19 +0100
|
||||
Subject: [PATCH] Fix reading /etc/machine-id in kernel-install (#25388)
|
||||
|
||||
* Fix reading /etc/machine-id in kernel-install
|
||||
|
||||
The kernel-install script has code to read the contents of
|
||||
/etc/machine-id into the MACHINE_ID variable. Depending
|
||||
on the variable content kernel-install either logs the
|
||||
value or creates a new machine id via 'systemd-id128 new'.
|
||||
In that logic there is one issue. If the file /etc/machine-id
|
||||
exists but is empty, the script tries to call read on an
|
||||
empty file which return with an exit code != 0. As the
|
||||
script code also uses 'set -e', kernel-install will exit at
|
||||
this point which is unexpected.
|
||||
|
||||
The condition of an empty /etc/machine-id file exists for
|
||||
example when building OS images, which should initialize the
|
||||
system id on first boot but not staticly inside of the image.
|
||||
afaik an empty /etc/machine-id is also a common approach
|
||||
to make systemd indicate that it should create a new system
|
||||
id. Because of this, the commit makes sure the reading of
|
||||
/etc/machine-id does not fail in any case such that the
|
||||
handling of the MACHINE_ID variable takes place.
|
||||
|
||||
(cherry picked from commit 883e7cbfc0dba6c81338e7924419b5cbb0cba0b2)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/kernel-install/kernel-install.in | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/kernel-install/kernel-install.in b/src/kernel-install/kernel-install.in
|
||||
index 22eb4d2be1..bba22f8a20 100755
|
||||
--- a/src/kernel-install/kernel-install.in
|
||||
+++ b/src/kernel-install/kernel-install.in
|
||||
@@ -158,7 +158,7 @@ if [ -z "$MACHINE_ID" ] && [ -f /etc/machine-info ]; then
|
||||
[ -n "$MACHINE_ID" ] && \
|
||||
log_verbose "machine-id $MACHINE_ID acquired from /etc/machine-info"
|
||||
fi
|
||||
-if [ -z "$MACHINE_ID" ] && [ -f /etc/machine-id ]; then
|
||||
+if [ -z "$MACHINE_ID" ] && [ -s /etc/machine-id ]; then
|
||||
read -r MACHINE_ID </etc/machine-id
|
||||
[ -n "$MACHINE_ID" ] && \
|
||||
log_verbose "machine-id $MACHINE_ID acquired from /etc/machine-id"
|
@ -1,96 +0,0 @@
|
||||
From 38afe3074812ab355bc20a36d41871f1b4f4386b Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Wed, 29 Dec 2021 15:02:04 +0100
|
||||
Subject: [PATCH] meson: Remove efi-cc option
|
||||
|
||||
Changing the efi compiler this way doesn't really work. The gnu-efi
|
||||
header checks as well as supported compiler flag checks use the
|
||||
regular cc that meson detects. Changing the compiler this way will
|
||||
end up with bad compiler flags. For the very same reason, this does
|
||||
not work with a cross-compiler without going through proper meson
|
||||
cross-compilation steps either.
|
||||
|
||||
The proper way to build systemd-boot with a different compiler is to
|
||||
use a different build folder and then just use the proper ninja build
|
||||
target to only build the bootloader/stub.
|
||||
|
||||
(cherry picked from commit 52adf0e91ef00d21a2e83f7669d0823667ce6b6c)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
meson_options.txt | 2 --
|
||||
src/boot/efi/meson.build | 14 ++++----------
|
||||
2 files changed, 4 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/meson_options.txt b/meson_options.txt
|
||||
index 401f0933d7..62cdeb4201 100644
|
||||
--- a/meson_options.txt
|
||||
+++ b/meson_options.txt
|
||||
@@ -414,8 +414,6 @@ option('dbus', type : 'combo', choices : ['auto', 'true', 'false'],
|
||||
|
||||
option('gnu-efi', type : 'combo', choices : ['auto', 'true', 'false'],
|
||||
description : 'gnu-efi support for sd-boot')
|
||||
-option('efi-cc', type : 'array',
|
||||
- description : 'the compiler to use for EFI modules')
|
||||
# Note that LLD does not support PE/COFF relocations
|
||||
# https://lists.llvm.org/pipermail/llvm-dev/2021-March/149234.html
|
||||
option('efi-ld', type : 'combo', choices : ['auto', 'bfd', 'gold'],
|
||||
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
|
||||
index 6a0c8da9ba..11e6bf2dd0 100644
|
||||
--- a/src/boot/efi/meson.build
|
||||
+++ b/src/boot/efi/meson.build
|
||||
@@ -44,10 +44,6 @@ if not cc.has_header_symbol('efi.h', 'EFI_IMAGE_MACHINE_X64',
|
||||
endif
|
||||
|
||||
objcopy = find_program('objcopy')
|
||||
-efi_cc = get_option('efi-cc')
|
||||
-if efi_cc.length() == 0
|
||||
- efi_cc = cc.cmd_array()
|
||||
-endif
|
||||
|
||||
efi_ld = get_option('efi-ld')
|
||||
if efi_ld == 'auto'
|
||||
@@ -62,7 +58,7 @@ efi_libdir = ''
|
||||
foreach dir : [get_option('efi-libdir'),
|
||||
'/usr/lib/gnuefi' / efi_arch[0],
|
||||
run_command('realpath', '-e',
|
||||
- '/usr/lib' / run_command(efi_cc, '-print-multi-os-directory').stdout().strip()).stdout().strip()]
|
||||
+ '/usr/lib' / run_command(cc.cmd_array(), '-print-multi-os-directory').stdout().strip()).stdout().strip()]
|
||||
if dir != '' and fs.is_dir(dir)
|
||||
efi_libdir = dir
|
||||
break
|
||||
@@ -275,15 +271,13 @@ if run_command('grep', '-q', '__CTOR_LIST__', efi_lds).returncode() == 0
|
||||
]
|
||||
endif
|
||||
|
||||
-efi_cc_version = run_command(efi_cc, '--version').stdout().split('\n')[0]
|
||||
-if efi_cc_version.contains('clang') and efi_cc_version.split('.')[0].split(' ')[-1].to_int() <= 10
|
||||
+if cc.get_id() == 'clang' and cc.version().split('.')[0].to_int() <= 10
|
||||
# clang <= 10 doesn't pass -T to the linker and then even complains about it being unused
|
||||
efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument']
|
||||
endif
|
||||
|
||||
summary({
|
||||
'EFI machine type' : efi_arch[0],
|
||||
- 'EFI CC' : '@0@'.format(' '.join(efi_cc)),
|
||||
'EFI LD' : efi_ld,
|
||||
'EFI lds' : efi_lds,
|
||||
'EFI crt0' : efi_crt0,
|
||||
@@ -368,7 +362,7 @@ foreach file : fundamental_source_paths + common_sources + systemd_boot_sources
|
||||
o_file = custom_target(file.split('/')[-1] + '.o',
|
||||
input : file,
|
||||
output : file.split('/')[-1] + '.o',
|
||||
- command : [efi_cc, '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags],
|
||||
+ command : [cc.cmd_array(), '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags],
|
||||
depend_files : efi_headers + fundamental_headers)
|
||||
if (fundamental_source_paths + common_sources + systemd_boot_sources).contains(file)
|
||||
systemd_boot_objects += o_file
|
||||
@@ -389,7 +383,7 @@ foreach tuple : [['systemd_boot.so', systemd_boot_efi_name, systemd_boot_objects
|
||||
tuple[0],
|
||||
input : tuple[2],
|
||||
output : tuple[0],
|
||||
- command : [efi_cc, '-o', '@OUTPUT@', efi_ldflags, efi_cflags, tuple[2], '-lefi', '-lgnuefi', '-lgcc'],
|
||||
+ command : [cc.cmd_array(), '-o', '@OUTPUT@', efi_ldflags, efi_cflags, tuple[2], '-lefi', '-lgnuefi', '-lgcc'],
|
||||
install : tuple[3],
|
||||
install_dir : bootlibdir)
|
||||
|
@ -0,0 +1,83 @@
|
||||
From 29c414e616f39e06d585ce6ecf25bb226963d0bc Mon Sep 17 00:00:00 2001
|
||||
From: Daan De Meyer <daan.j.demeyer@gmail.com>
|
||||
Date: Mon, 14 Nov 2022 12:45:47 +0100
|
||||
Subject: [PATCH] Revert "journal: Make sd_journal_previous/next() return 0 at
|
||||
HEAD/TAIL"
|
||||
|
||||
This commit broke backwards compatibility so let's revert it until
|
||||
we find a better solution.
|
||||
|
||||
This reverts commit 977ad21b5b8f6323515297bd8995dcaaca0905df.
|
||||
|
||||
(cherry picked from commit 1db6dbb1dcdacfd7d2b4c84562fc6e77bc8c43a5)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/journal/test-journal-interleaving.c | 4 ----
|
||||
src/libsystemd/sd-journal/sd-journal.c | 8 ++++----
|
||||
2 files changed, 4 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/src/journal/test-journal-interleaving.c b/src/journal/test-journal-interleaving.c
|
||||
index 378bf162ca..b3ae4b8143 100644
|
||||
--- a/src/journal/test-journal-interleaving.c
|
||||
+++ b/src/journal/test-journal-interleaving.c
|
||||
@@ -158,7 +158,6 @@ static void test_skip_one(void (*setup)(void)) {
|
||||
*/
|
||||
assert_ret(sd_journal_open_directory(&j, t, 0));
|
||||
assert_ret(sd_journal_seek_head(j));
|
||||
- assert_ret(sd_journal_previous(j) == 0);
|
||||
assert_ret(sd_journal_next(j));
|
||||
test_check_numbers_down(j, 4);
|
||||
sd_journal_close(j);
|
||||
@@ -167,7 +166,6 @@ static void test_skip_one(void (*setup)(void)) {
|
||||
*/
|
||||
assert_ret(sd_journal_open_directory(&j, t, 0));
|
||||
assert_ret(sd_journal_seek_tail(j));
|
||||
- assert_ret(sd_journal_next(j) == 0);
|
||||
assert_ret(sd_journal_previous(j));
|
||||
test_check_numbers_up(j, 4);
|
||||
sd_journal_close(j);
|
||||
@@ -176,7 +174,6 @@ static void test_skip_one(void (*setup)(void)) {
|
||||
*/
|
||||
assert_ret(sd_journal_open_directory(&j, t, 0));
|
||||
assert_ret(sd_journal_seek_tail(j));
|
||||
- assert_ret(sd_journal_next(j) == 0);
|
||||
assert_ret(r = sd_journal_previous_skip(j, 4));
|
||||
assert_se(r == 4);
|
||||
test_check_numbers_down(j, 4);
|
||||
@@ -186,7 +183,6 @@ static void test_skip_one(void (*setup)(void)) {
|
||||
*/
|
||||
assert_ret(sd_journal_open_directory(&j, t, 0));
|
||||
assert_ret(sd_journal_seek_head(j));
|
||||
- assert_ret(sd_journal_previous(j) == 0);
|
||||
assert_ret(r = sd_journal_next_skip(j, 4));
|
||||
assert_se(r == 4);
|
||||
test_check_numbers_up(j, 4);
|
||||
diff --git a/src/libsystemd/sd-journal/sd-journal.c b/src/libsystemd/sd-journal/sd-journal.c
|
||||
index 53c0b2a01e..1e4d128f05 100644
|
||||
--- a/src/libsystemd/sd-journal/sd-journal.c
|
||||
+++ b/src/libsystemd/sd-journal/sd-journal.c
|
||||
@@ -606,9 +606,9 @@ static int find_location_for_match(
|
||||
/* FIXME: missing: find by monotonic */
|
||||
|
||||
if (j->current_location.type == LOCATION_HEAD)
|
||||
- return direction == DIRECTION_DOWN ? journal_file_next_entry_for_data(f, d, DIRECTION_DOWN, ret, offset) : 0;
|
||||
+ return journal_file_next_entry_for_data(f, d, DIRECTION_DOWN, ret, offset);
|
||||
if (j->current_location.type == LOCATION_TAIL)
|
||||
- return direction == DIRECTION_UP ? journal_file_next_entry_for_data(f, d, DIRECTION_UP, ret, offset) : 0;
|
||||
+ return journal_file_next_entry_for_data(f, d, DIRECTION_UP, ret, offset);
|
||||
if (j->current_location.seqnum_set && sd_id128_equal(j->current_location.seqnum_id, f->header->seqnum_id))
|
||||
return journal_file_move_to_entry_by_seqnum_for_data(f, d, j->current_location.seqnum, direction, ret, offset);
|
||||
if (j->current_location.monotonic_set) {
|
||||
@@ -701,9 +701,9 @@ static int find_location_with_matches(
|
||||
/* No matches is simple */
|
||||
|
||||
if (j->current_location.type == LOCATION_HEAD)
|
||||
- return direction == DIRECTION_DOWN ? journal_file_next_entry(f, 0, DIRECTION_DOWN, ret, offset) : 0;
|
||||
+ return journal_file_next_entry(f, 0, DIRECTION_DOWN, ret, offset);
|
||||
if (j->current_location.type == LOCATION_TAIL)
|
||||
- return direction == DIRECTION_UP ? journal_file_next_entry(f, 0, DIRECTION_UP, ret, offset) : 0;
|
||||
+ return journal_file_next_entry(f, 0, DIRECTION_UP, ret, offset);
|
||||
if (j->current_location.seqnum_set && sd_id128_equal(j->current_location.seqnum_id, f->header->seqnum_id))
|
||||
return journal_file_move_to_entry_by_seqnum(f, j->current_location.seqnum, direction, ret, offset);
|
||||
if (j->current_location.monotonic_set) {
|
@ -1,25 +0,0 @@
|
||||
From b077524848816638fc7d0cf3e65c062da095626f Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Wed, 29 Dec 2021 15:13:35 +0100
|
||||
Subject: [PATCH] meson: Get objcopy location from compiler
|
||||
|
||||
(cherry picked from commit 2f2b07226751827303a88f3a301f2d834f3fb97b)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/boot/efi/meson.build | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
|
||||
index 11e6bf2dd0..144fbb0f43 100644
|
||||
--- a/src/boot/efi/meson.build
|
||||
+++ b/src/boot/efi/meson.build
|
||||
@@ -43,7 +43,7 @@ if not cc.has_header_symbol('efi.h', 'EFI_IMAGE_MACHINE_X64',
|
||||
subdir_done()
|
||||
endif
|
||||
|
||||
-objcopy = find_program('objcopy')
|
||||
+objcopy = run_command(cc.cmd_array(), '-print-prog-name=objcopy', check: true).stdout().strip()
|
||||
|
||||
efi_ld = get_option('efi-ld')
|
||||
if efi_ld == 'auto'
|
@ -0,0 +1,29 @@
|
||||
From f740d67fd0ed36bc3318d724ccb1fdfca2f04125 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Sun, 4 Sep 2022 00:22:23 +0200
|
||||
Subject: [PATCH] boot: Correctly handle @saved default patterns
|
||||
|
||||
(cherry picked from commit 7941f11acb67c4f8ec857a791a51f3148af67b32)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/shared/bootspec.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/src/shared/bootspec.c b/src/shared/bootspec.c
|
||||
index 6a34b10c04..d3cfb41a12 100644
|
||||
--- a/src/shared/bootspec.c
|
||||
+++ b/src/shared/bootspec.c
|
||||
@@ -994,6 +994,12 @@ static int boot_config_find(const BootConfig *config, const char *id) {
|
||||
if (!id)
|
||||
return -1;
|
||||
|
||||
+ if (id[0] == '@') {
|
||||
+ if (!strcaseeq(id, "@saved"))
|
||||
+ return -1;
|
||||
+ id = config->entry_selected;
|
||||
+ }
|
||||
+
|
||||
for (size_t i = 0; i < config->n_entries; i++)
|
||||
if (fnmatch(id, config->entries[i].id, FNM_CASEFOLD) == 0)
|
||||
return i;
|
@ -1,123 +0,0 @@
|
||||
From 3088f292855f4a525271906a5652985f01c5d7b2 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Fri, 7 Jan 2022 21:55:50 +0100
|
||||
Subject: [PATCH] meson: Use files() for source lists for boot and fundamental
|
||||
|
||||
This fixes build reproducibility as otherwise the full path
|
||||
of the source files ends up in the output binary.
|
||||
|
||||
(cherry picked from commit b3c5a7074cd434bc02c4b560afe933d3df24759e)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/boot/efi/meson.build | 29 +++++++++++++++++------------
|
||||
src/fundamental/meson.build | 22 +++++++++-------------
|
||||
2 files changed, 26 insertions(+), 25 deletions(-)
|
||||
|
||||
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
|
||||
index 144fbb0f43..4cc43dc00c 100644
|
||||
--- a/src/boot/efi/meson.build
|
||||
+++ b/src/boot/efi/meson.build
|
||||
@@ -312,9 +312,10 @@ efi_headers = files(
|
||||
'shim.h',
|
||||
'splash.h',
|
||||
'util.h',
|
||||
- 'xbootldr.h')
|
||||
+ 'xbootldr.h',
|
||||
+)
|
||||
|
||||
-common_sources = [
|
||||
+common_sources = files(
|
||||
'assert.c',
|
||||
'devicetree.c',
|
||||
'disk.c',
|
||||
@@ -322,31 +323,34 @@ common_sources = [
|
||||
'measure.c',
|
||||
'pe.c',
|
||||
'secure-boot.c',
|
||||
- 'util.c']
|
||||
+ 'util.c',
|
||||
+)
|
||||
|
||||
-systemd_boot_sources = [
|
||||
+systemd_boot_sources = files(
|
||||
'boot.c',
|
||||
'console.c',
|
||||
'drivers.c',
|
||||
'random-seed.c',
|
||||
'shim.c',
|
||||
- 'xbootldr.c']
|
||||
+ 'xbootldr.c',
|
||||
+)
|
||||
|
||||
-stub_sources = [
|
||||
+stub_sources = files(
|
||||
'cpio.c',
|
||||
'initrd.c',
|
||||
'splash.c',
|
||||
- 'stub.c']
|
||||
+ 'stub.c',
|
||||
+)
|
||||
|
||||
if efi_arch[1] in ['ia32', 'x86_64']
|
||||
- stub_sources += 'linux_x86.c'
|
||||
+ stub_sources += files('linux_x86.c')
|
||||
else
|
||||
- stub_sources += 'linux.c'
|
||||
+ stub_sources += files('linux.c')
|
||||
endif
|
||||
|
||||
# BCD parser only makes sense on arches that Windows supports.
|
||||
if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
|
||||
- systemd_boot_sources += 'bcd.c'
|
||||
+ systemd_boot_sources += files('bcd.c')
|
||||
tests += [
|
||||
[['src/boot/efi/test-bcd.c'],
|
||||
[],
|
||||
@@ -359,9 +363,10 @@ endif
|
||||
systemd_boot_objects = []
|
||||
stub_objects = []
|
||||
foreach file : fundamental_source_paths + common_sources + systemd_boot_sources + stub_sources
|
||||
- o_file = custom_target(file.split('/')[-1] + '.o',
|
||||
+ # FIXME: replace ''.format(file) with fs.name(file) when meson_version requirement is >= 0.59.0
|
||||
+ o_file = custom_target('@0@.o'.format(file).split('/')[-1],
|
||||
input : file,
|
||||
- output : file.split('/')[-1] + '.o',
|
||||
+ output : '@0@.o'.format(file).split('/')[-1],
|
||||
command : [cc.cmd_array(), '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags],
|
||||
depend_files : efi_headers + fundamental_headers)
|
||||
if (fundamental_source_paths + common_sources + systemd_boot_sources).contains(file)
|
||||
diff --git a/src/fundamental/meson.build b/src/fundamental/meson.build
|
||||
index 287f0fe36a..f927788c3a 100644
|
||||
--- a/src/fundamental/meson.build
|
||||
+++ b/src/fundamental/meson.build
|
||||
@@ -8,20 +8,16 @@ fundamental_headers = files(
|
||||
'macro-fundamental.h',
|
||||
'sha256.h',
|
||||
'string-util-fundamental.h',
|
||||
- 'types-fundamental.h')
|
||||
-
|
||||
-sources = '''
|
||||
- bootspec-fundamental.c
|
||||
- efivars-fundamental.c
|
||||
- string-util-fundamental.c
|
||||
- sha256.c
|
||||
-'''.split()
|
||||
+ 'types-fundamental.h',
|
||||
+)
|
||||
|
||||
# for sd-boot
|
||||
-fundamental_source_paths = []
|
||||
-foreach source : sources
|
||||
- fundamental_source_paths += meson.current_source_dir() / source
|
||||
-endforeach
|
||||
+fundamental_source_paths = files(
|
||||
+ 'bootspec-fundamental.c',
|
||||
+ 'efivars-fundamental.c',
|
||||
+ 'sha256.c',
|
||||
+ 'string-util-fundamental.c',
|
||||
+)
|
||||
|
||||
# for libbasic
|
||||
-fundamental_sources = files(sources) + fundamental_headers
|
||||
+fundamental_sources = fundamental_source_paths + fundamental_headers
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,82 @@
|
||||
From fda254c954d6a543e1977edc1d283c915ee43adc Mon Sep 17 00:00:00 2001
|
||||
From: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
Date: Tue, 15 Nov 2022 14:57:23 +0100
|
||||
Subject: [PATCH] shared/tpm2-util: Fix "Error: Esys invalid ESAPI handle
|
||||
(40000001)" warning
|
||||
|
||||
systemd-cryptenroll complains (but succeeds!) upon binding to a signed PCR
|
||||
policy:
|
||||
|
||||
$ systemd-cryptenroll --unlock-key-file=/tmp/passphrase --tpm2-device=auto
|
||||
--tpm2-public-key=... --tpm2-signature=..." /tmp/tmp.img
|
||||
|
||||
ERROR:esys:src/tss2-esys/esys_iutil.c:394:iesys_handle_to_tpm_handle() Error: Esys invalid ESAPI handle (40000001).
|
||||
WARNING:esys:src/tss2-esys/esys_iutil.c:415:iesys_is_platform_handle() Convert handle from TPM2_RH to ESYS_TR, got: 0x40000001
|
||||
ERROR:esys:src/tss2-esys/esys_iutil.c:394:iesys_handle_to_tpm_handle() Error: Esys invalid ESAPI handle (40000001).
|
||||
WARNING:esys:src/tss2-esys/esys_iutil.c:415:iesys_is_platform_handle() Convert handle from TPM2_RH to ESYS_TR, got: 0x4000000
|
||||
New TPM2 token enrolled as key slot 1.
|
||||
|
||||
The problem seems to be that Esys_LoadExternal() function from tpm2-tss
|
||||
expects a 'ESYS_TR_RH*' constant specifying the requested hierarchy and not
|
||||
a 'TPM2_RH_*' one (see Esys_LoadExternal() -> Esys_LoadExternal_Async() ->
|
||||
iesys_handle_to_tpm_handle() call chain).
|
||||
|
||||
It all works because Esys_LoadExternal_Async() falls back to using the
|
||||
supplied values when iesys_handle_to_tpm_handle() fails:
|
||||
|
||||
r = iesys_handle_to_tpm_handle(hierarchy, &tpm_hierarchy);
|
||||
if (r != TSS2_RC_SUCCESS) {
|
||||
...
|
||||
tpm_hierarchy = hierarchy;
|
||||
}
|
||||
|
||||
Note, TPM2_RH_OWNER was used on purpose to support older tpm2-tss versions
|
||||
(pre https://github.com/tpm2-software/tpm2-tss/pull/1531), use meson magic
|
||||
to preserve compatibility.
|
||||
|
||||
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
|
||||
(cherry picked from commit 155c51293d5bf37f54c65fd0a66ea29e6eedd580)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
meson.build | 3 +++
|
||||
src/shared/tpm2-util.c | 6 ++++++
|
||||
2 files changed, 9 insertions(+)
|
||||
|
||||
diff --git a/meson.build b/meson.build
|
||||
index 7750534466..015849af49 100644
|
||||
--- a/meson.build
|
||||
+++ b/meson.build
|
||||
@@ -1474,11 +1474,14 @@ if want_tpm2 != 'false' and not skip_deps
|
||||
tpm2 = dependency('tss2-esys tss2-rc tss2-mu',
|
||||
required : want_tpm2 == 'true')
|
||||
have = tpm2.found()
|
||||
+ have_esys3 = tpm2.version().version_compare('>= 3.0.0')
|
||||
else
|
||||
have = false
|
||||
+ have_esys3 = false
|
||||
tpm2 = []
|
||||
endif
|
||||
conf.set10('HAVE_TPM2', have)
|
||||
+conf.set10('HAVE_TSS2_ESYS3', have_esys3)
|
||||
|
||||
want_elfutils = get_option('elfutils')
|
||||
if want_elfutils != 'false' and not skip_deps
|
||||
diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
|
||||
index 4d0df944a9..8171b3e9e9 100644
|
||||
--- a/src/shared/tpm2-util.c
|
||||
+++ b/src/shared/tpm2-util.c
|
||||
@@ -1117,7 +1117,13 @@ static int tpm2_make_policy_session(
|
||||
ESYS_TR_NONE,
|
||||
NULL,
|
||||
&pubkey_tpm2,
|
||||
+#if HAVE_TSS2_ESYS3
|
||||
+ /* tpm2-tss >= 3.0.0 requires a ESYS_TR_RH_* constant specifying the requested
|
||||
+ * hierarchy, older versions need TPM2_RH_* instead. */
|
||||
+ ESYS_TR_RH_OWNER,
|
||||
+#else
|
||||
TPM2_RH_OWNER,
|
||||
+#endif
|
||||
&pubkey_handle);
|
||||
if (rc != TSS2_RC_SUCCESS) {
|
||||
r = log_error_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
|
@ -0,0 +1,31 @@
|
||||
From 89adb54468aff192fccc9dce793e24d98b26d994 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Marcus=20Sch=C3=A4fer?= <marcus.schaefer@gmail.com>
|
||||
Date: Wed, 16 Nov 2022 16:25:08 +0100
|
||||
Subject: [PATCH] Handle MACHINE_ID=uninitialized
|
||||
|
||||
systemd supports /etc/machine-id to be set to: uninitialized
|
||||
In this case the expectation is that systemd creates a new
|
||||
machine ID and replaces the value 'uninitialized' with the
|
||||
effective machine id. In the scope of kernel-install we
|
||||
should also enforce the creation of a new machine id in this
|
||||
condition
|
||||
|
||||
(cherry picked from commit 305dd91adfde332e7e5c1b2470edb32774f9a032)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/kernel-install/kernel-install.in | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/kernel-install/kernel-install.in b/src/kernel-install/kernel-install.in
|
||||
index bba22f8a20..fa2c0d5276 100755
|
||||
--- a/src/kernel-install/kernel-install.in
|
||||
+++ b/src/kernel-install/kernel-install.in
|
||||
@@ -160,6 +160,7 @@ if [ -z "$MACHINE_ID" ] && [ -f /etc/machine-info ]; then
|
||||
fi
|
||||
if [ -z "$MACHINE_ID" ] && [ -s /etc/machine-id ]; then
|
||||
read -r MACHINE_ID </etc/machine-id
|
||||
+ [ "$MACHINE_ID" = "uninitialized" ] && unset MACHINE_ID
|
||||
[ -n "$MACHINE_ID" ] && \
|
||||
log_verbose "machine-id $MACHINE_ID acquired from /etc/machine-id"
|
||||
fi
|
@ -1,95 +0,0 @@
|
||||
From f06002981d2bd2a582d2252f7d509205bcc2a9ed Mon Sep 17 00:00:00 2001
|
||||
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||
Date: Sun, 26 Dec 2021 23:26:56 +0000
|
||||
Subject: [PATCH] tests: add fuzz-bcd
|
||||
|
||||
(cherry picked from commit 4b65fc8725fa169bf870eb022d7b346796977c21)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
src/boot/efi/fuzz-bcd.c | 26 ++++++++++++++++++++++++++
|
||||
src/boot/efi/meson.build | 3 +++
|
||||
tools/oss-fuzz.sh | 16 ++++++++++++++++
|
||||
3 files changed, 45 insertions(+)
|
||||
create mode 100644 src/boot/efi/fuzz-bcd.c
|
||||
|
||||
diff --git a/src/boot/efi/fuzz-bcd.c b/src/boot/efi/fuzz-bcd.c
|
||||
new file mode 100644
|
||||
index 0000000000..e5ed6638a4
|
||||
--- /dev/null
|
||||
+++ b/src/boot/efi/fuzz-bcd.c
|
||||
@@ -0,0 +1,26 @@
|
||||
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
+
|
||||
+#include "alloc-util.h"
|
||||
+#include "fd-util.h"
|
||||
+#include "fuzz.h"
|
||||
+#include "utf8.h"
|
||||
+
|
||||
+#include "bcd.c"
|
||||
+
|
||||
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
|
||||
+ _cleanup_free_ void *p = NULL;
|
||||
+
|
||||
+ /* This limit was borrowed from src/boot/efi/boot.c */
|
||||
+ if (size > 100*1024)
|
||||
+ return 0;
|
||||
+
|
||||
+ if (!getenv("SYSTEMD_LOG_LEVEL"))
|
||||
+ log_set_max_level(LOG_CRIT);
|
||||
+
|
||||
+ p = memdup(data, size);
|
||||
+ assert_se(p);
|
||||
+
|
||||
+ char16_t *title = get_bcd_title(p, size);
|
||||
+ assert_se(!title || char16_strlen(title) >= 0);
|
||||
+ return 0;
|
||||
+}
|
||||
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
|
||||
index 16b34f0ac2..229771026d 100644
|
||||
--- a/src/boot/efi/meson.build
|
||||
+++ b/src/boot/efi/meson.build
|
||||
@@ -358,6 +358,9 @@ if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
|
||||
[],
|
||||
'HAVE_ZSTD'],
|
||||
]
|
||||
+ fuzzers += [
|
||||
+ [['src/boot/efi/fuzz-bcd.c']],
|
||||
+ ]
|
||||
endif
|
||||
|
||||
systemd_boot_objects = []
|
||||
diff --git a/tools/oss-fuzz.sh b/tools/oss-fuzz.sh
|
||||
index 8a19da665e..ae57fc25d5 100755
|
||||
--- a/tools/oss-fuzz.sh
|
||||
+++ b/tools/oss-fuzz.sh
|
||||
@@ -36,6 +36,13 @@ else
|
||||
apt-get install -y gperf m4 gettext python3-pip \
|
||||
libcap-dev libmount-dev libkmod-dev \
|
||||
pkg-config wget python3-jinja2
|
||||
+
|
||||
+ # gnu-efi is installed here to enable -Dgnu-efi behind which fuzz-bcd
|
||||
+ # is hidden. It isn't linked against efi. It doesn't
|
||||
+ # even include "efi.h" because "bcd.c" can work in "unit test" mode
|
||||
+ # where it isn't necessary.
|
||||
+ apt-get install -y gnu-efi zstd
|
||||
+
|
||||
pip3 install -r .github/workflows/requirements.txt --require-hashes
|
||||
|
||||
# https://github.com/google/oss-fuzz/issues/6868
|
||||
@@ -56,6 +63,15 @@ fi
|
||||
|
||||
ninja -v -C "$build" fuzzers
|
||||
|
||||
+# Compressed BCD files are kept in test/test-bcd so let's unpack them
|
||||
+# and put them all in the seed corpus.
|
||||
+bcd=$(mktemp -d)
|
||||
+for i in test/test-bcd/*.zst; do
|
||||
+ unzstd "$i" -o "$bcd/$(basename "${i%.zst}")";
|
||||
+done
|
||||
+zip -jqr "$OUT/fuzz-bcd_seed_corpus.zip" "$bcd"
|
||||
+rm -rf "$bcd"
|
||||
+
|
||||
# The seed corpus is a separate flat archive for each fuzzer,
|
||||
# with a fixed name ${fuzzer}_seed_corpus.zip.
|
||||
for d in "$(dirname "$0")/../test/fuzz/fuzz-"*; do
|
@ -0,0 +1,26 @@
|
||||
From c64c705d9496faba81c8a2326a23f87470ffa692 Mon Sep 17 00:00:00 2001
|
||||
From: Li kunyu <kunyu@nfschina.com>
|
||||
Date: Fri, 18 Nov 2022 06:03:41 +0000
|
||||
Subject: [PATCH] fuzz: fuzz-compress: fix copy-and-paste error: buf -> buf2
|
||||
(#25431)
|
||||
|
||||
(cherry picked from commit f54f6d88b1235487eb7f0c634c488edc7813579a)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/fuzz/fuzz-compress.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/fuzz/fuzz-compress.c b/src/fuzz/fuzz-compress.c
|
||||
index 712ab3ffa9..10956cc548 100644
|
||||
--- a/src/fuzz/fuzz-compress.c
|
||||
+++ b/src/fuzz/fuzz-compress.c
|
||||
@@ -55,7 +55,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
|
||||
|
||||
size_t sw_alloc = MAX(h->sw_alloc, 1u);
|
||||
buf2 = malloc(sw_alloc);
|
||||
- if (!buf) {
|
||||
+ if (!buf2) {
|
||||
log_oom();
|
||||
return 0;
|
||||
}
|
@ -1,335 +0,0 @@
|
||||
From a21bc03df9504c7a9b0c8e0e894d94f226a7a038 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Tue, 11 Jan 2022 10:47:01 +0100
|
||||
Subject: [PATCH] meson: Use files() for fuzzers
|
||||
|
||||
Not having to provide the full path in the source tree is much
|
||||
nicer and the produced lists can also be used anywhere in the source
|
||||
tree.
|
||||
|
||||
(cherry picked from commit bbec46c817951225f1e535d3df95b82a114e502a)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
meson.build | 3 ++-
|
||||
src/boot/efi/meson.build | 2 +-
|
||||
src/core/meson.build | 2 +-
|
||||
src/fuzz/meson.build | 20 ++++++++++----------
|
||||
src/journal-remote/meson.build | 2 +-
|
||||
src/journal/meson.build | 24 ++++++++++++------------
|
||||
src/libsystemd-network/meson.build | 8 ++++----
|
||||
src/libsystemd/meson.build | 4 ++--
|
||||
src/network/meson.build | 4 ++--
|
||||
src/nspawn/meson.build | 4 ++--
|
||||
src/resolve/meson.build | 2 +-
|
||||
src/systemctl/meson.build | 7 ++++---
|
||||
src/udev/meson.build | 11 +++++------
|
||||
src/xdg-autostart-generator/meson.build | 6 +++---
|
||||
14 files changed, 50 insertions(+), 49 deletions(-)
|
||||
|
||||
diff --git a/meson.build b/meson.build
|
||||
index 35ba29aecf..fdf02b8110 100644
|
||||
--- a/meson.build
|
||||
+++ b/meson.build
|
||||
@@ -3677,7 +3677,8 @@ foreach tuple : fuzzers
|
||||
sources += 'src/fuzz/fuzz-main.c'
|
||||
endif
|
||||
|
||||
- name = sources[0].split('/')[-1].split('.')[0]
|
||||
+ # FIXME: Use fs.stem() with meson >= 0.54.0
|
||||
+ name = '@0@'.format(sources[0]).split('/')[-1].split('.')[0]
|
||||
|
||||
exe = executable(
|
||||
name,
|
||||
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
|
||||
index 229771026d..3e948281f2 100644
|
||||
--- a/src/boot/efi/meson.build
|
||||
+++ b/src/boot/efi/meson.build
|
||||
@@ -359,7 +359,7 @@ if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
|
||||
'HAVE_ZSTD'],
|
||||
]
|
||||
fuzzers += [
|
||||
- [['src/boot/efi/fuzz-bcd.c']],
|
||||
+ [files('fuzz-bcd.c')],
|
||||
]
|
||||
endif
|
||||
|
||||
diff --git a/src/core/meson.build b/src/core/meson.build
|
||||
index d229d46779..97ac431763 100644
|
||||
--- a/src/core/meson.build
|
||||
+++ b/src/core/meson.build
|
||||
@@ -228,7 +228,7 @@ endif
|
||||
############################################################
|
||||
|
||||
fuzzers += [
|
||||
- [['src/core/fuzz-unit-file.c'],
|
||||
+ [files('fuzz-unit-file.c'),
|
||||
[libcore,
|
||||
libshared],
|
||||
[libmount]],
|
||||
diff --git a/src/fuzz/meson.build b/src/fuzz/meson.build
|
||||
index 1ed1dd8251..d987f32b08 100644
|
||||
--- a/src/fuzz/meson.build
|
||||
+++ b/src/fuzz/meson.build
|
||||
@@ -1,23 +1,23 @@
|
||||
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||||
|
||||
fuzzers += [
|
||||
- [['src/fuzz/fuzz-catalog.c']],
|
||||
+ [files('fuzz-catalog.c')],
|
||||
|
||||
- [['src/fuzz/fuzz-json.c']],
|
||||
+ [files('fuzz-json.c')],
|
||||
|
||||
- [['src/fuzz/fuzz-varlink.c']],
|
||||
+ [files('fuzz-varlink.c')],
|
||||
|
||||
- [['src/fuzz/fuzz-udev-database.c']],
|
||||
+ [files('fuzz-udev-database.c')],
|
||||
|
||||
- [['src/fuzz/fuzz-compress.c']],
|
||||
+ [files('fuzz-compress.c')],
|
||||
|
||||
- [['src/fuzz/fuzz-bus-label.c']],
|
||||
+ [files('fuzz-bus-label.c')],
|
||||
|
||||
- [['src/fuzz/fuzz-env-file.c']],
|
||||
+ [files('fuzz-env-file.c')],
|
||||
|
||||
- [['src/fuzz/fuzz-hostname-setup.c']],
|
||||
+ [files('fuzz-hostname-setup.c')],
|
||||
|
||||
- [['src/fuzz/fuzz-calendarspec.c']],
|
||||
+ [files('fuzz-calendarspec.c')],
|
||||
|
||||
- [['src/fuzz/fuzz-time-util.c']],
|
||||
+ [files('fuzz-time-util.c')],
|
||||
]
|
||||
diff --git a/src/journal-remote/meson.build b/src/journal-remote/meson.build
|
||||
index 168d0ed6a3..1f3e0878ae 100644
|
||||
--- a/src/journal-remote/meson.build
|
||||
+++ b/src/journal-remote/meson.build
|
||||
@@ -76,7 +76,7 @@ endif
|
||||
############################################################
|
||||
|
||||
fuzzers += [
|
||||
- [['src/journal-remote/fuzz-journal-remote.c'],
|
||||
+ [files('fuzz-journal-remote.c'),
|
||||
[libsystemd_journal_remote,
|
||||
libshared],
|
||||
[],
|
||||
diff --git a/src/journal/meson.build b/src/journal/meson.build
|
||||
index b9a63d5e2f..21c4d2561c 100644
|
||||
--- a/src/journal/meson.build
|
||||
+++ b/src/journal/meson.build
|
||||
@@ -116,38 +116,38 @@ tests += [
|
||||
]
|
||||
|
||||
fuzzers += [
|
||||
- [['src/journal/fuzz-journald-audit.c',
|
||||
- 'src/journal/fuzz-journald.c'],
|
||||
+ [files('fuzz-journald-audit.c',
|
||||
+ 'fuzz-journald.c'),
|
||||
[libjournal_core,
|
||||
libshared],
|
||||
[libselinux]],
|
||||
|
||||
- [['src/journal/fuzz-journald-kmsg.c',
|
||||
- 'src/journal/fuzz-journald.c'],
|
||||
+ [files('fuzz-journald-kmsg.c',
|
||||
+ 'fuzz-journald.c'),
|
||||
[libjournal_core,
|
||||
libshared],
|
||||
[libselinux]],
|
||||
|
||||
- [['src/journal/fuzz-journald-native.c',
|
||||
- 'src/journal/fuzz-journald.c'],
|
||||
+ [files('fuzz-journald-native.c',
|
||||
+ 'fuzz-journald.c'),
|
||||
[libjournal_core,
|
||||
libshared],
|
||||
[libselinux]],
|
||||
|
||||
- [['src/journal/fuzz-journald-native-fd.c',
|
||||
- 'src/journal/fuzz-journald.c'],
|
||||
+ [files('fuzz-journald-native-fd.c',
|
||||
+ 'fuzz-journald.c'),
|
||||
[libjournal_core,
|
||||
libshared],
|
||||
[libselinux]],
|
||||
|
||||
- [['src/journal/fuzz-journald-stream.c',
|
||||
- 'src/journal/fuzz-journald.c'],
|
||||
+ [files('fuzz-journald-stream.c',
|
||||
+ 'fuzz-journald.c'),
|
||||
[libjournal_core,
|
||||
libshared],
|
||||
[libselinux]],
|
||||
|
||||
- [['src/journal/fuzz-journald-syslog.c',
|
||||
- 'src/journal/fuzz-journald.c'],
|
||||
+ [files('fuzz-journald-syslog.c',
|
||||
+ 'fuzz-journald.c'),
|
||||
[libjournal_core,
|
||||
libshared],
|
||||
[libselinux]],
|
||||
diff --git a/src/libsystemd-network/meson.build b/src/libsystemd-network/meson.build
|
||||
index 3923df48ea..6be409d8ad 100644
|
||||
--- a/src/libsystemd-network/meson.build
|
||||
+++ b/src/libsystemd-network/meson.build
|
||||
@@ -105,19 +105,19 @@ tests += [
|
||||
]
|
||||
|
||||
fuzzers += [
|
||||
- [['src/libsystemd-network/fuzz-dhcp6-client.c'],
|
||||
+ [files('fuzz-dhcp6-client.c'),
|
||||
[libshared,
|
||||
libsystemd_network]],
|
||||
|
||||
- [['src/libsystemd-network/fuzz-dhcp-server.c'],
|
||||
+ [files('fuzz-dhcp-server.c'),
|
||||
[libsystemd_network,
|
||||
libshared]],
|
||||
|
||||
- [['src/libsystemd-network/fuzz-lldp-rx.c'],
|
||||
+ [files('fuzz-lldp-rx.c'),
|
||||
[libshared,
|
||||
libsystemd_network]],
|
||||
|
||||
- [['src/libsystemd-network/fuzz-ndisc-rs.c'],
|
||||
+ [files('fuzz-ndisc-rs.c'),
|
||||
[libshared,
|
||||
libsystemd_network]],
|
||||
]
|
||||
diff --git a/src/libsystemd/meson.build b/src/libsystemd/meson.build
|
||||
index 42746e560f..2e5255d479 100644
|
||||
--- a/src/libsystemd/meson.build
|
||||
+++ b/src/libsystemd/meson.build
|
||||
@@ -316,7 +316,7 @@ endif
|
||||
############################################################
|
||||
|
||||
fuzzers += [
|
||||
- [['src/libsystemd/sd-bus/fuzz-bus-message.c']],
|
||||
+ [files('sd-bus/fuzz-bus-message.c')],
|
||||
|
||||
- [['src/libsystemd/sd-bus/fuzz-bus-match.c']],
|
||||
+ [files('sd-bus/fuzz-bus-match.c')],
|
||||
]
|
||||
diff --git a/src/network/meson.build b/src/network/meson.build
|
||||
index a598701e4f..23743233fa 100644
|
||||
--- a/src/network/meson.build
|
||||
+++ b/src/network/meson.build
|
||||
@@ -261,14 +261,14 @@ if conf.get('ENABLE_NETWORKD') == 1
|
||||
endif
|
||||
|
||||
fuzzers += [
|
||||
- [['src/network/fuzz-netdev-parser.c'],
|
||||
+ [files('fuzz-netdev-parser.c'),
|
||||
[libnetworkd_core,
|
||||
libsystemd_network,
|
||||
networkd_link_with],
|
||||
[threads],
|
||||
network_includes],
|
||||
|
||||
- [['src/network/fuzz-network-parser.c'],
|
||||
+ [files('fuzz-network-parser.c'),
|
||||
[libnetworkd_core,
|
||||
libsystemd_network,
|
||||
networkd_link_with],
|
||||
diff --git a/src/nspawn/meson.build b/src/nspawn/meson.build
|
||||
index 3c1a9c6182..2934672e9a 100644
|
||||
--- a/src/nspawn/meson.build
|
||||
+++ b/src/nspawn/meson.build
|
||||
@@ -66,12 +66,12 @@ tests += [
|
||||
]
|
||||
|
||||
fuzzers += [
|
||||
- [['src/nspawn/fuzz-nspawn-settings.c'],
|
||||
+ [files('fuzz-nspawn-settings.c'),
|
||||
[libshared,
|
||||
libnspawn_core],
|
||||
[libseccomp]],
|
||||
|
||||
- [['src/nspawn/fuzz-nspawn-oci.c'],
|
||||
+ [files('fuzz-nspawn-oci.c'),
|
||||
[libshared,
|
||||
libnspawn_core],
|
||||
[libseccomp]],
|
||||
diff --git a/src/resolve/meson.build b/src/resolve/meson.build
|
||||
index 4de50c3d8e..1fee993d0a 100644
|
||||
--- a/src/resolve/meson.build
|
||||
+++ b/src/resolve/meson.build
|
||||
@@ -216,7 +216,7 @@ tests += [
|
||||
]
|
||||
|
||||
fuzzers += [
|
||||
- [['src/resolve/fuzz-dns-packet.c'],
|
||||
+ [files('fuzz-dns-packet.c'),
|
||||
[libsystemd_resolve_core,
|
||||
libshared],
|
||||
[lib_openssl_or_gcrypt,
|
||||
diff --git a/src/systemctl/meson.build b/src/systemctl/meson.build
|
||||
index 38bf33d49a..f0d405bb58 100644
|
||||
--- a/src/systemctl/meson.build
|
||||
+++ b/src/systemctl/meson.build
|
||||
@@ -83,7 +83,8 @@ else
|
||||
endif
|
||||
|
||||
fuzzers += [
|
||||
- [['src/systemctl/fuzz-systemctl-parse-argv.c',
|
||||
- systemctl_sources],
|
||||
+ [files('fuzz-systemctl-parse-argv.c') +
|
||||
+ systemctl_sources,
|
||||
systemctl_link_with,
|
||||
- [], [], ['-DFUZZ_SYSTEMCTL_PARSE_ARGV']]]
|
||||
+ [], [], ['-DFUZZ_SYSTEMCTL_PARSE_ARGV']]
|
||||
+]
|
||||
diff --git a/src/udev/meson.build b/src/udev/meson.build
|
||||
index 57fbf8c8fc..9fd0bcdd0e 100644
|
||||
--- a/src/udev/meson.build
|
||||
+++ b/src/udev/meson.build
|
||||
@@ -174,24 +174,23 @@ if install_sysconfdir
|
||||
endif
|
||||
|
||||
fuzzers += [
|
||||
- [['src/udev/net/fuzz-link-parser.c',
|
||||
- 'src/fuzz/fuzz.h'],
|
||||
+ [files('net/fuzz-link-parser.c'),
|
||||
[libudevd_core,
|
||||
libshared],
|
||||
[threads,
|
||||
libacl],
|
||||
udev_includes],
|
||||
|
||||
- [['src/udev/fuzz-udev-rules.c'],
|
||||
+ [files('fuzz-udev-rules.c'),
|
||||
[libudevd_core,
|
||||
libshared],
|
||||
[threads,
|
||||
libacl]],
|
||||
|
||||
- [['src/udev/fuzz-udev-rule-parse-value.c']],
|
||||
+ [files('fuzz-udev-rule-parse-value.c')],
|
||||
|
||||
- [['src/udev/fido_id/fuzz-fido-id-desc.c',
|
||||
- 'src/udev/fido_id/fido_id_desc.c']],
|
||||
+ [files('fido_id/fuzz-fido-id-desc.c',
|
||||
+ 'fido_id/fido_id_desc.c')],
|
||||
]
|
||||
|
||||
tests += [
|
||||
diff --git a/src/xdg-autostart-generator/meson.build b/src/xdg-autostart-generator/meson.build
|
||||
index 6418f57c40..cdce66b6fc 100644
|
||||
--- a/src/xdg-autostart-generator/meson.build
|
||||
+++ b/src/xdg-autostart-generator/meson.build
|
||||
@@ -12,7 +12,7 @@ tests += [
|
||||
]
|
||||
|
||||
fuzzers += [
|
||||
- [['src/xdg-autostart-generator/fuzz-xdg-desktop.c',
|
||||
- 'src/xdg-autostart-generator/xdg-autostart-service.c',
|
||||
- 'src/xdg-autostart-generator/xdg-autostart-service.h']],
|
||||
+ [files('fuzz-xdg-desktop.c',
|
||||
+ 'xdg-autostart-service.c',
|
||||
+ 'xdg-autostart-service.h')],
|
||||
]
|
@ -0,0 +1,25 @@
|
||||
From 944fa2afca2bd6bd4d1d5aecd265fd4756ee44e2 Mon Sep 17 00:00:00 2001
|
||||
From: Li kunyu <kunyu@nfschina.com>
|
||||
Date: Fri, 18 Nov 2022 16:10:24 +0900
|
||||
Subject: [PATCH] boot/measure: fix oom check
|
||||
|
||||
(cherry picked from commit fc0cc6db1ecbaa16513125d3fd1a7d11e391a8ee)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/boot/measure.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/boot/measure.c b/src/boot/measure.c
|
||||
index 4f16acedf0..0bbd386449 100644
|
||||
--- a/src/boot/measure.c
|
||||
+++ b/src/boot/measure.c
|
||||
@@ -897,7 +897,7 @@ static int verb_sign(int argc, char *argv[], void *userdata) {
|
||||
}
|
||||
|
||||
_cleanup_free_ void *sig = malloc(ss);
|
||||
- if (!ss) {
|
||||
+ if (!sig) {
|
||||
r = log_oom();
|
||||
goto finish;
|
||||
}
|
@ -1,137 +0,0 @@
|
||||
From 5a35f08026cad007f460170fe6a3e43bd51f60f9 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Tue, 11 Jan 2022 10:56:22 +0100
|
||||
Subject: [PATCH] meson: Add check argument to remaining run_command() calls
|
||||
|
||||
(cherry picked from commit 68a06b3cdfe35ff08092e139033edb4a5189a439)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
man/meson.build | 2 +-
|
||||
src/basic/meson.build | 2 +-
|
||||
src/boot/efi/meson.build | 11 +++++++----
|
||||
src/test/meson.build | 2 +-
|
||||
test/fuzz/meson.build | 7 ++++---
|
||||
test/meson.build | 8 +++++---
|
||||
6 files changed, 19 insertions(+), 13 deletions(-)
|
||||
|
||||
diff --git a/man/meson.build b/man/meson.build
|
||||
index a06a601767..710b4ca008 100644
|
||||
--- a/man/meson.build
|
||||
+++ b/man/meson.build
|
||||
@@ -105,7 +105,7 @@ endforeach
|
||||
|
||||
############################################################
|
||||
|
||||
-have_lxml = run_command(xml_helper_py).returncode() == 0
|
||||
+have_lxml = run_command(xml_helper_py, check: false).returncode() == 0
|
||||
if not have_lxml
|
||||
message('python-lxml not available, not making man page indices')
|
||||
endif
|
||||
diff --git a/src/basic/meson.build b/src/basic/meson.build
|
||||
index 229ac97c69..5a9e13d741 100644
|
||||
--- a/src/basic/meson.build
|
||||
+++ b/src/basic/meson.build
|
||||
@@ -384,7 +384,7 @@ filesystem_includes = ['linux/magic.h',
|
||||
'linux/gfs2_ondisk.h']
|
||||
|
||||
check_filesystems = find_program('check-filesystems.sh')
|
||||
-r = run_command([check_filesystems, cpp, 'filesystems-gperf.gperf'] + filesystem_includes)
|
||||
+r = run_command([check_filesystems, cpp, 'filesystems-gperf.gperf'] + filesystem_includes, check: false)
|
||||
if r.returncode() != 0
|
||||
error('found unknown filesystem(s) defined in kernel headers:\n\n' + r.stdout())
|
||||
r.stdout()
|
||||
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
|
||||
index 3e948281f2..fad92f09a1 100644
|
||||
--- a/src/boot/efi/meson.build
|
||||
+++ b/src/boot/efi/meson.build
|
||||
@@ -57,8 +57,11 @@ endif
|
||||
efi_libdir = ''
|
||||
foreach dir : [get_option('efi-libdir'),
|
||||
'/usr/lib/gnuefi' / efi_arch[0],
|
||||
- run_command('realpath', '-e',
|
||||
- '/usr/lib' / run_command(cc.cmd_array(), '-print-multi-os-directory').stdout().strip()).stdout().strip()]
|
||||
+ run_command(
|
||||
+ 'realpath', '-e',
|
||||
+ '/usr/lib' / run_command(cc.cmd_array(), '-print-multi-os-directory', check: false).stdout().strip(),
|
||||
+ check: false
|
||||
+ ).stdout().strip()]
|
||||
if dir != '' and fs.is_dir(dir)
|
||||
efi_libdir = dir
|
||||
break
|
||||
@@ -125,7 +128,7 @@ elif get_option('sbat-distro') != ''
|
||||
value = get_option(sbatvar[0])
|
||||
if (value == '' or value == 'auto') and not meson.is_cross_build()
|
||||
cmd = 'if [ -e /etc/os-release ]; then . /etc/os-release; else . /usr/lib/os-release; fi; echo $@0@'.format(sbatvar[1])
|
||||
- value = run_command(sh, '-c', cmd).stdout().strip()
|
||||
+ value = run_command(sh, '-c', cmd, check: true).stdout().strip()
|
||||
endif
|
||||
if value == ''
|
||||
error('Required @0@ option not set and autodetection failed'.format(sbatvar[0]))
|
||||
@@ -254,7 +257,7 @@ if efi_arch[1] == 'arm'
|
||||
efi_ldflags += ['-Wl,--no-warn-mismatch']
|
||||
endif
|
||||
|
||||
-if run_command('grep', '-q', '__CTOR_LIST__', efi_lds).returncode() == 0
|
||||
+if run_command('grep', '-q', '__CTOR_LIST__', efi_lds, check: false).returncode() == 0
|
||||
# fedora has a patched gnu-efi that adds support for ELF constructors.
|
||||
# If ld is called by gcc something about these symbols breaks, resulting
|
||||
# in sd-boot freezing when gnu-efi runs the constructors. Force defining
|
||||
diff --git a/src/test/meson.build b/src/test/meson.build
|
||||
index 9e224d69ce..75f78e2e1a 100644
|
||||
--- a/src/test/meson.build
|
||||
+++ b/src/test/meson.build
|
||||
@@ -11,7 +11,7 @@ test_hashmap_ordered_c = custom_target(
|
||||
|
||||
test_include_dir = include_directories('.')
|
||||
|
||||
-path = run_command(sh, '-c', 'echo "$PATH"').stdout().strip()
|
||||
+path = run_command(sh, '-c', 'echo "$PATH"', check: true).stdout().strip()
|
||||
test_env = environment()
|
||||
test_env.set('SYSTEMD_LANGUAGE_FALLBACK_MAP', language_fallback_map)
|
||||
test_env.set('PATH', project_build_root + ':' + path)
|
||||
diff --git a/test/fuzz/meson.build b/test/fuzz/meson.build
|
||||
index 30e26b09cf..b4766de3eb 100644
|
||||
--- a/test/fuzz/meson.build
|
||||
+++ b/test/fuzz/meson.build
|
||||
@@ -13,12 +13,13 @@ sanitize_address_undefined = custom_target(
|
||||
|
||||
sanitizers = [['address,undefined', sanitize_address_undefined]]
|
||||
|
||||
-if git.found()
|
||||
+if git.found() and fs.exists(project_source_root / '.git')
|
||||
out = run_command(env, '-u', 'GIT_WORK_TREE',
|
||||
git, '--git-dir=@0@/.git'.format(project_source_root),
|
||||
- 'ls-files', ':/test/fuzz/*/*')
|
||||
+ 'ls-files', ':/test/fuzz/*/*',
|
||||
+ check: true)
|
||||
else
|
||||
- out = run_command(sh, '-c', 'ls @0@/test/fuzz/*/*'.format(project_source_root))
|
||||
+ out = run_command(sh, '-c', 'ls @0@/test/fuzz/*/*'.format(project_source_root), check: true)
|
||||
endif
|
||||
|
||||
fuzz_regression_tests = []
|
||||
diff --git a/test/meson.build b/test/meson.build
|
||||
index 04ae9ebc78..baf94703ea 100644
|
||||
--- a/test/meson.build
|
||||
+++ b/test/meson.build
|
||||
@@ -182,14 +182,16 @@ endif
|
||||
if want_tests != 'false' and dmi_arches.contains(host_machine.cpu_family())
|
||||
udev_dmi_memory_id_test = find_program('udev-dmi-memory-id-test.sh')
|
||||
|
||||
- if git.found()
|
||||
+ if git.found() and fs.exists(project_source_root / '.git')
|
||||
out = run_command(
|
||||
env, '-u', 'GIT_WORK_TREE',
|
||||
git, '--git-dir=@0@/.git'.format(project_source_root),
|
||||
- 'ls-files', ':/test/dmidecode-dumps/*.bin')
|
||||
+ 'ls-files', ':/test/dmidecode-dumps/*.bin',
|
||||
+ check: true)
|
||||
else
|
||||
out = run_command(
|
||||
- sh, '-c', 'ls @0@/test/dmidecode-dumps/*.bin'.format(project_source_root))
|
||||
+ sh, '-c', 'ls @0@/test/dmidecode-dumps/*.bin'.format(project_source_root),
|
||||
+ check: true)
|
||||
endif
|
||||
|
||||
foreach p : out.stdout().split()
|
@ -1,43 +0,0 @@
|
||||
From 5de4b00e4150080e68064fa1de003039a0901468 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Janssen <medhefgo@web.de>
|
||||
Date: Tue, 11 Jan 2022 11:27:27 +0100
|
||||
Subject: [PATCH] meson: Use echo to list files
|
||||
|
||||
No need to invoke ls when we are just interested in file names.
|
||||
Also, the cd to source root makes the output identical to
|
||||
"git ls-files" (relative instead of absolute paths).
|
||||
|
||||
(cherry picked from commit 3a469802f4d7b0a59fe1644cb53d34aee4e56bab)
|
||||
|
||||
Related: #2017035
|
||||
---
|
||||
test/fuzz/meson.build | 2 +-
|
||||
test/meson.build | 2 +-
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/test/fuzz/meson.build b/test/fuzz/meson.build
|
||||
index b4766de3eb..39730a615c 100644
|
||||
--- a/test/fuzz/meson.build
|
||||
+++ b/test/fuzz/meson.build
|
||||
@@ -19,7 +19,7 @@ if git.found() and fs.exists(project_source_root / '.git')
|
||||
'ls-files', ':/test/fuzz/*/*',
|
||||
check: true)
|
||||
else
|
||||
- out = run_command(sh, '-c', 'ls @0@/test/fuzz/*/*'.format(project_source_root), check: true)
|
||||
+ out = run_command(sh, '-c', 'cd "@0@"; echo test/fuzz/*/*'.format(project_source_root), check: true)
|
||||
endif
|
||||
|
||||
fuzz_regression_tests = []
|
||||
diff --git a/test/meson.build b/test/meson.build
|
||||
index baf94703ea..c5d8d6917b 100644
|
||||
--- a/test/meson.build
|
||||
+++ b/test/meson.build
|
||||
@@ -190,7 +190,7 @@ if want_tests != 'false' and dmi_arches.contains(host_machine.cpu_family())
|
||||
check: true)
|
||||
else
|
||||
out = run_command(
|
||||
- sh, '-c', 'ls @0@/test/dmidecode-dumps/*.bin'.format(project_source_root),
|
||||
+ sh, '-c', 'cd "@0@"; echo test/dmidecode-dumps/*.bin'.format(project_source_root),
|
||||
check: true)
|
||||
endif
|
||||
|
@ -0,0 +1,57 @@
|
||||
From b2d259a82329e37b0f369e9951f19a067cb8bfb4 Mon Sep 17 00:00:00 2001
|
||||
From: Sam James <sam@gentoo.org>
|
||||
Date: Fri, 18 Nov 2022 07:18:18 +0000
|
||||
Subject: [PATCH] nspawn: allow sched_rr_get_interval_time64 through seccomp
|
||||
filter
|
||||
|
||||
We only allow a selected subset of syscalls from nspawn containers
|
||||
and don't list any time64 variants (needed for 32-bit arches when
|
||||
built using TIME_BITS=64, which is relatively new).
|
||||
|
||||
We allow sched_rr_get_interval which cpython's test suite makes
|
||||
use of, but we don't allow sched_rr_get_interval_time64.
|
||||
|
||||
The test failures when run in an arm32 nspawn container on an arm64 host
|
||||
were as follows:
|
||||
```
|
||||
======================================================================
|
||||
ERROR: test_sched_rr_get_interval (test.test_posix.PosixTester.test_sched_rr_get_interval)
|
||||
----------------------------------------------------------------------
|
||||
Traceback (most recent call last):
|
||||
File "/var/tmp/portage/dev-lang/python-3.11.0_p1/work/Python-3.11.0/Lib/test/test_posix.py", line 1180, in test_sched_rr_get_interval
|
||||
interval = posix.sched_rr_get_interval(0)
|
||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||
PermissionError: [Errno 1] Operation not permitted
|
||||
```
|
||||
|
||||
Then strace showed:
|
||||
```
|
||||
sched_rr_get_interval_time64(0, 0xffbbd4a0) = -1 EPERM (Operation not permitted)
|
||||
```
|
||||
|
||||
This appears to be the only time64 syscall that isn't already included one of
|
||||
the sets listed in nspawn-seccomp.c that has a non-time64 variant. Checked
|
||||
over each of the time64 syscalls known to systemd and verified that none
|
||||
of the others had a non-time64-variant whitelisted in nspawn other than
|
||||
sched_rr_get_interval.
|
||||
|
||||
Bug: https://bugs.gentoo.org/880131
|
||||
(cherry picked from commit b9e7f22c2d80930cad36ae53e66e42a2996dca4a)
|
||||
|
||||
Related: #2138081
|
||||
---
|
||||
src/nspawn/nspawn-seccomp.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/nspawn/nspawn-seccomp.c b/src/nspawn/nspawn-seccomp.c
|
||||
index 77f4c2ac88..27044fadd2 100644
|
||||
--- a/src/nspawn/nspawn-seccomp.c
|
||||
+++ b/src/nspawn/nspawn-seccomp.c
|
||||
@@ -88,6 +88,7 @@ static int add_syscall_filters(
|
||||
{ 0, "sched_getparam" },
|
||||
{ 0, "sched_getscheduler" },
|
||||
{ 0, "sched_rr_get_interval" },
|
||||
+ { 0, "sched_rr_get_interval_time64" },
|
||||
{ 0, "sched_yield" },
|
||||
{ 0, "seccomp" },
|
||||
{ 0, "sendfile" },
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue