rpms
/
systemd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import systemd-250-11.el9

This commit is contained in:
CentOS Sources 2022-09-27 10:56:13 -04:00 committed by Stepan Oksanichenko
parent a1c572ba3d
commit 00bba7e413
306 changed files with 86688 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

240
SOURCES/0034-test-check-systemd-RPM-macros.patch Normal file
View File

@ -0,0 +1,240 @@
From 29cda567564d548cce5867c9d054ebb6cefcdca0 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 3 Mar 2022 20:30:43 +0100
Subject: [PATCH] test: check systemd RPM macros
Make sure our RPM macros work as intended. Based on the original PR
(#16464) by Mikhail Novosyolov.
Co-authored-by: Mikhail Novosyolov <m.novosyolov@rosalinux.ru>
(cherry picked from commit 55c09511e13c6a57ffe64bef4a9d0a00f34d37d9)
Related: #2017035
---
.github/workflows/unit_tests.sh | 1 +
.semaphore/semaphore-runner.sh | 2 +-
test/meson.build | 16 ++++
test/test-rpm-macros.sh | 162 ++++++++++++++++++++++++++++++++
4 files changed, 180 insertions(+), 1 deletion(-)
create mode 100755 test/test-rpm-macros.sh
diff --git a/.github/workflows/unit_tests.sh b/.github/workflows/unit_tests.sh
index 9c7beb6d19..f41b070e57 100755
--- a/.github/workflows/unit_tests.sh
+++ b/.github/workflows/unit_tests.sh
@@ -20,6 +20,7 @@ ADDITIONAL_DEPS=(
perl
python3-libevdev
python3-pyparsing
+ rpm
zstd
)
diff --git a/.semaphore/semaphore-runner.sh b/.semaphore/semaphore-runner.sh
index d02b449e0e..6ccf271a82 100755
--- a/.semaphore/semaphore-runner.sh
+++ b/.semaphore/semaphore-runner.sh
@@ -42,7 +42,7 @@ apt-get -q --allow-releaseinfo-change update
apt-get -y dist-upgrade
apt-get install -y eatmydata
# The following four are needed as long as these deps are not covered by Debian's own packaging
-apt-get install -y fdisk tree libfdisk-dev libp11-kit-dev libssl-dev libpwquality-dev
+apt-get install -y fdisk tree libfdisk-dev libp11-kit-dev libssl-dev libpwquality-dev rpm
apt-get purge --auto-remove -y unattended-upgrades
systemctl unmask systemd-networkd
systemctl enable systemd-networkd
diff --git a/test/meson.build b/test/meson.build
index 8de1043e17..04ae9ebc78 100644
--- a/test/meson.build
+++ b/test/meson.build
@@ -163,6 +163,22 @@ endif
############################################################
+rpm = find_program('rpm', required : false)
+rpmspec = find_program('rpmspec', required : false)
+test_rpm_macros = find_program('test-rpm-macros.sh')
+
+if rpm.found() and rpmspec.found()
+ if want_tests != 'false'
+ test('test-rpm-macros',
+ test_rpm_macros,
+ args : [project_build_root])
+ endif
+else
+ message('Skipping test-rpm-macros since rpm and/or rpmspec are not available')
+endif
+
+############################################################
+
if want_tests != 'false' and dmi_arches.contains(host_machine.cpu_family())
udev_dmi_memory_id_test = find_program('udev-dmi-memory-id-test.sh')
diff --git a/test/test-rpm-macros.sh b/test/test-rpm-macros.sh
new file mode 100755
index 0000000000..5843b72346
--- /dev/null
+++ b/test/test-rpm-macros.sh
@@ -0,0 +1,162 @@
+#!/usr/bin/env bash
+# SPDX-License-Identifier: LGPL-2.1-or-later
+# This test makes some basic checks that RPM macros work correctly.
+# RPM is a simple C program available on different Linux distros, not only RPM-based ones,
+# and even BSD systems, so it must not be a problem to require it.
+# rpmspec utility is required (so this test will work with RPM 4 but won't work with RPM 5).
+set -eu
+
+BUILD_DIR="${1:?Missing argument: build directory}"
+RPM_MACROS_FILE="${BUILD_DIR:?}/src/rpm/macros.systemd"
+
+if ! command -v rpm >/dev/null || ! command -v rpmspec >/dev/null; then
+ echo >&2 "Missing necessary utilities (rpm, rpmspec), can't continue"
+ exit 1
+fi
+
+if [[ ! -f "${RPM_MACROS_FILE:?}" ]]; then
+ echo "RPM macros file not found in $RPM_MACROS_FILE!"
+ exit 1
+fi
+
+at_exit() {
+ if [[ -v WORK_DIR && -d "$WORK_DIR" ]]; then
+ rm -frv "$WORK_DIR"
+ fi
+}
+
+trap at_exit EXIT
+
+WORK_DIR="$(mktemp -d)"
+RPM_SPEC="$(mktemp "$WORK_DIR/systemd-test-rpm-macros-XXX.spec")"
+TEMP_LOG="$(mktemp "$WORK_DIR/out-XXX.log")"
+
+die() {
+ echo >&2 "${1:?}"
+ exit 1
+}
+
+mk_mini_spec() {
+ cat >"${RPM_SPEC:?}" <<EOF
+%{load:$RPM_MACROS_FILE}
+Summary: Test systemd RPM macros
+Name: systemd-test-rpm-macros
+License: LGPLv2+ and MIT and GPLv2+
+Version: 1
+Release: 1
+%description
+%{summary}
+END_OF_INITIAL_SPEC
+EOF
+}
+
+echo "=== Test basic loadability ==="
+mk_mini_spec
+# ensure its loadability (macros will be just loaded and not used for now)
+# also check that rpm supports %load
+rpmspec --parse "$RPM_SPEC"
+
+echo "=== Test %systemd_requires ==="
+mk_mini_spec
+# The idea of tests is the following:
+# - make a minimal spec file
+# - add macros into its %description section
+# - use rpmspec(8) to print spec file with expanded macros
+# - check that macros have been expanded as required.
+echo "%systemd_requires" >>"$RPM_SPEC"
+: >"$TEMP_LOG"
+rpmspec --parse "$RPM_SPEC" | tee "$TEMP_LOG"
+for i in post preun postun; do
+ echo "== Requires($i) =="
+ grep "^Requires($i): systemd$" "$TEMP_LOG"
+done
+
+echo "=== Test %systemd_ordering ==="
+mk_mini_spec
+echo "%systemd_ordering" >>"$RPM_SPEC"
+: >"$TEMP_LOG"
+rpmspec --parse "$RPM_SPEC" | tee "$TEMP_LOG"
+for i in post preun postun; do
+ echo "== OrderWithRequires($i) =="
+ grep "^OrderWithRequires($i): systemd$" "$TEMP_LOG"
+done
+
+echo "=== Test macros requiring an argument without specifying such argument ==="
+for i in \
+ systemd_post \
+ systemd_preun \
+ systemd_postun \
+ systemd_postun_with_restart \
+ systemd_user_preun \
+ systemd_user_postun \
+ systemd_user_postun_with_restart \
+ tmpfiles_create \
+ tmpfiles_create_package \
+ sysusers_create \
+ sysusers_create_package
+do
+ echo "== Macro: $i =="
+ mk_mini_spec
+ echo "%${i}" >>"$RPM_SPEC"
+ if rpmspec --parse "$RPM_SPEC"; then
+ die "Unexpected pass with macro $i (no arguments)"
+ fi
+done
+
+echo "=== Test macros requiring two arguments ==="
+for i in \
+ tmpfiles_create_package \
+ sysusers_create_package
+do
+ echo "== Macro: $i =="
+ # Test with an incorrect number of arguments (0, 1, 3)
+ for args in "" "arg1" "arg1 arg2 arg3"; do
+ mk_mini_spec
+ echo "%${i} $args" >>"$RPM_SPEC"
+ if rpmspec --parse "$RPM_SPEC"; then
+ die "Unexpected pass with macro $i (arguments: $args)"
+ fi
+ done
+
+ # Test with the correct number of arguments (2)
+ mk_mini_spec
+ echo "%${i} arg1 arg2" >>"$RPM_SPEC"
+ if ! rpmspec --parse "$RPM_SPEC"; then
+ die "Unexpected fail with macro $i (arguments: $args)"
+ fi
+done
+
+
+# Test that:
+# - *_create_package macros do work correctly
+# - shell syntax is correct (https://github.com/systemd/systemd/commit/93406fd37)
+# - RPM macros, loaded from macros.in, are actually expanded
+echo "=== Test %*_create_package macros ==="
+for i in sysusers tmpfiles; do
+ echo "== Macro: ${i}_create_package =="
+
+ PKG_DATA_FILE="$(mktemp "$WORK_DIR/pkg-data-XXX")"
+ EXP_OUT="$(mktemp "$WORK_DIR/exp-out-XXX.log")"
+ CONF_DIR="$(pkg-config --variable="${i}dir" systemd)"
+ EXTRA_ARGS=()
+
+ if [[ "$i" == tmpfiles ]]; then
+ EXTRA_ARGS+=("--create")
+ fi
+
+ echo "TEST_DATA" >"$PKG_DATA_FILE"
+ mk_mini_spec
+ echo "%${i}_create_package TEST_NAME ${PKG_DATA_FILE}" >>"$RPM_SPEC"
+
+ cat >"$EXP_OUT" <<EOF
+systemd-$i --replace=$CONF_DIR/TEST_NAME.conf ${EXTRA_ARGS[*]:+${EXTRA_ARGS[@]} }- <<SYSTEMD_INLINE_EOF || :
+TEST_DATA
+SYSTEMD_INLINE_EOF
+EOF
+
+ : >"$TEMP_LOG"
+ rpmspec --parse "$RPM_SPEC" | tee "$TEMP_LOG"
+ diff "$EXP_OUT" <(grep -A1 -B1 '^TEST_DATA$' "$TEMP_LOG")
+
+ rm -f "$PKG_DATA_FILE"
+done

161
SOURCES/0035-test-do-not-assume-x86-64-arch-in-TEST-58-REPART.patch Normal file
View File

@ -0,0 +1,161 @@
From 7cc55d22394b8583b637e7e4b8baa00eb8f0dc49 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Wed, 12 Jan 2022 22:38:22 +0000
Subject: [PATCH] test: do not assume x86-64 arch in TEST-58-REPART
(cherry picked from commit 8e65d93e85f06e3f28b0b7a6e33b041ddf119917)
Related: #2017035
---
test/units/testsuite-58.sh | 76 ++++++++++++++++++++++++++++++++------
1 file changed, 65 insertions(+), 11 deletions(-)
diff --git a/test/units/testsuite-58.sh b/test/units/testsuite-58.sh
index 78c25051a2..4b3c984c84 100755
--- a/test/units/testsuite-58.sh
+++ b/test/units/testsuite-58.sh
@@ -11,6 +11,60 @@ fi
export SYSTEMD_LOG_LEVEL=debug
export PAGER=cat
+machine="$(uname -m)"
+if [ "${machine}" = "x86_64" ]; then
+ root_guid=4f68bce3-e8cd-4db1-96e7-fbcaf984b709
+ root_uuid=60F33797-1D71-4DCB-AA6F-20564F036CD0
+ usr_guid=8484680c-9521-48c6-9c11-b0720656f69e
+ usr_uuid=7E3369DD-D653-4513-ADF5-B993A9F20C16
+ architecture="x86-64"
+elif [ "${machine}" = "i386" ] || [ "${machine}" = "i686" ] || [ "${machine}" = "x86" ]; then
+ root_guid=44479540-f297-41b2-9af7-d131d5f0458a
+ root_uuid=02b4253f-29a4-404e-8972-1669d3b03c87
+ usr_guid=75250d76-8cc6-458e-bd66-bd47cc81a812
+ usr_uuid=7b42ffb0-b0e1-4395-b20b-c78f4a571648
+ architecture="x86"
+elif [ "${machine}" = "aarch64" ] || [ "${machine}" = "aarch64_be" ] || [ "${machine}" = "armv8b" ] || [ "${machine}" = "armv8l" ]; then
+ root_guid=b921b045-1df0-41c3-af44-4c6f280d3fae
+ root_uuid=055d0227-53a6-4033-85c3-9a5973eff483
+ usr_guid=b0e01050-ee5f-4390-949a-9101b17104e9
+ usr_uuid=fce3c75e-d6a4-44c0-87f0-4c105183fb1f
+ architecture="arm64"
+elif [ "${machine}" = "arm" ]; then
+ root_guid=69dad710-2ce4-4e3c-b16c-21a1d49abed3
+ root_uuid=567da89e-8de2-4499-8d10-18f212dff034
+ usr_guid=7d0359a3-02b3-4f0a-865c-654403e70625
+ usr_uuid=71e93dc2-5073-42cb-8a84-a354e64d8966
+ architecture="arm"
+elif [ "${machine}" = "loongarch64" ]; then
+ root_guid=77055800-792c-4f94-b39a-98c91b762bb6
+ root_uuid=d8efc2d2-0133-41e4-bdcb-3b9f4cfddde8
+ usr_guid=e611c702-575c-4cbe-9a46-434fa0bf7e3f
+ usr_uuid=031ffa75-00bb-49b6-a70d-911d2d82a5b7
+ architecture="loongarch64"
+elif [ "${machine}" = "ia64" ]; then
+ root_guid=993d8d3d-f80e-4225-855a-9daf8ed7ea97
+ root_uuid=dcf33449-0896-4ea9-bc24-7d58aeef522d
+ usr_guid=4301d2a6-4e3b-4b2a-bb94-9e0b2c4225ea
+ usr_uuid=bc2bcce7-80d6-449a-85cc-637424ce5241
+ architecture="ia64"
+elif [ "${machine}" = "s390x" ]; then
+ root_guid=5eead9a9-fe09-4a1e-a1d7-520d00531306
+ root_uuid=7ebe0c85-e27e-48ec-b164-f4807606232e
+ usr_guid=8a4f5770-50aa-4ed3-874a-99b710db6fea
+ usr_uuid=51171d30-35cf-4a49-b8b5-9478b9b796a5
+ architecture="s390x"
+elif [ "${machine}" = "ppc64le" ]; then
+ root_guid=c31c45e6-3f39-412e-80fb-4809c4980599
+ root_uuid=061e67a1-092f-482f-8150-b525d50d6654
+ usr_guid=15bb03af-77e7-4d4a-b12b-c0d084f7491c
+ usr_uuid=c0d0823b-8040-4c7c-a629-026248e297fb
+ architecture="ppc64-le"
+else
+ echo "Unexpected uname -m: ${machine} in testsuite-58.sh, please fix me"
+ exit 1
+fi
+
rm -f /var/tmp/testsuite-58.img /var/tmp/testsuite-58.2.img /tmp/testsuite-58.dump
mkdir -p /tmp/testsuite-58-defs/
@@ -25,7 +79,7 @@ EOF
cat >/tmp/testsuite-58-defs/usr.conf <<EOF
[Partition]
-Type=usr
+Type=usr-${architecture}
SizeMinBytes=10M
Format=ext4
ReadOnly=yes
@@ -33,7 +87,7 @@ EOF
cat >/tmp/testsuite-58-defs/root.conf <<EOF
[Partition]
-Type=root
+Type=root-${architecture}
SizeMinBytes=10M
Format=ext4
MakeDirectories=/usr /efi
@@ -47,9 +101,9 @@ systemd-repart --definitions=/tmp/testsuite-58-defs/ \
sfdisk --dump /var/tmp/testsuite-58.img | tee /tmp/testsuite-58.dump
-grep -qxF '/var/tmp/testsuite-58.img1 : start= 2048, size= 20480, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=39107B09-615D-48FB-BA37-C663885FCE67, name="esp"' /tmp/testsuite-58.dump
-grep -qxF '/var/tmp/testsuite-58.img2 : start= 22528, size= 20480, type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709, uuid=60F33797-1D71-4DCB-AA6F-20564F036CD0, name="root-x86-64", attrs="GUID:59"' /tmp/testsuite-58.dump
-grep -qxF '/var/tmp/testsuite-58.img3 : start= 43008, size= 20480, type=8484680C-9521-48C6-9C11-B0720656F69E, uuid=7E3369DD-D653-4513-ADF5-B993A9F20C16, name="usr-x86-64", attrs="GUID:60"' /tmp/testsuite-58.dump
+grep -qixF "/var/tmp/testsuite-58.img1 : start= 2048, size= 20480, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=39107B09-615D-48FB-BA37-C663885FCE67, name=\"esp\"" /tmp/testsuite-58.dump
+grep -qixF "/var/tmp/testsuite-58.img2 : start= 22528, size= 20480, type=${root_guid}, uuid=${root_uuid}, name=\"root-${architecture}\", attrs=\"GUID:59\"" /tmp/testsuite-58.dump
+grep -qixF "/var/tmp/testsuite-58.img3 : start= 43008, size= 20480, type=${usr_guid}, uuid=${usr_uuid}, name=\"usr-${architecture}\", attrs=\"GUID:60\"" /tmp/testsuite-58.dump
# Second part, duplicate it with CopyBlocks=auto
@@ -61,14 +115,14 @@ EOF
cat >/tmp/testsuite-58-defs/usr.conf <<EOF
[Partition]
-Type=usr
+Type=usr-${architecture}
ReadOnly=yes
CopyBlocks=auto
EOF
cat >/tmp/testsuite-58-defs/root.conf <<EOF
[Partition]
-Type=root
+Type=root-${architecture}
CopyBlocks=auto
EOF
@@ -91,7 +145,7 @@ mkdir -p /tmp/testsuite-58.3-defs/
cat >/tmp/testsuite-58.3-defs/root.conf <<EOF
[Partition]
-Type=root
+Type=root-${architecture}
EOF
truncate -s 10g /var/tmp/testsuite-58.3.img
@@ -111,7 +165,7 @@ sfdisk --dump /var/tmp/testsuite-58.3.img | tee /tmp/testsuite-58.3.dump
grep -qF '/var/tmp/testsuite-58.3.img1 : start= 2048, size= 69044,' /tmp/testsuite-58.3.dump
grep -qF '/var/tmp/testsuite-58.3.img2 : start= 71092, size= 3591848,' /tmp/testsuite-58.3.dump
-grep -qxF '/var/tmp/testsuite-58.3.img3 : start= 3662944, size= 17308536, type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709, uuid=60F33797-1D71-4DCB-AA6F-20564F036CD0, name="root-x86-64", attrs="GUID:59"' /tmp/testsuite-58.3.dump
+grep -qixF "/var/tmp/testsuite-58.3.img3 : start= 3662944, size= 17308536, type=${root_guid}, uuid=${root_uuid}, name=\"root-${architecture}\", attrs=\"GUID:59\"" /tmp/testsuite-58.3.dump
rm /var/tmp/testsuite-58.3.img /tmp/testsuite-58.3.dump
rm -r /tmp/testsuite-58.3-defs/
@@ -120,7 +174,7 @@ rm -r /tmp/testsuite-58.3-defs/
mkdir -p /tmp/testsuite-58-issue-21817-defs/
truncate -s 100m /tmp/testsuite-58-issue-21817.img
LOOP=$(losetup -P --show -f /tmp/testsuite-58-issue-21817.img)
-printf 'size=50M,type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709\n,\n' | sfdisk -X gpt /tmp/testsuite-58-issue-21817.img
+printf 'size=50M,type=%s\n,\n' "${root_guid}" | sfdisk -X gpt /tmp/testsuite-58-issue-21817.img
cat >/tmp/testsuite-58-issue-21817-defs/test.conf <<EOF
[Partition]
Type=root
@@ -129,7 +183,7 @@ systemd-repart --pretty=yes --definitions /tmp/testsuite-58-issue-21817-defs/ "$
sfdisk --dump "$LOOP" | tee /tmp/testsuite-58-issue-21817.dump
losetup -d "$LOOP"
-grep -qF 'p1 : start= 2048, size= 102400, type=4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709,' /tmp/testsuite-58-issue-21817.dump
+grep -qiF "p1 : start= 2048, size= 102400, type=${root_guid}," /tmp/testsuite-58-issue-21817.dump
grep -qF 'p2 : start= 104448, size= 100319,' /tmp/testsuite-58-issue-21817.dump
rm /tmp/testsuite-58-issue-21817.img /tmp/testsuite-58-issue-21817.dump

68
SOURCES/0036-tests-add-repart-tests-for-block-devices-with-1024-2.patch Normal file
View File

@ -0,0 +1,68 @@
From 9a98a3b83e9e974d8d1cdc31e2286a862cc548be Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 7 Feb 2022 14:35:40 +0100
Subject: [PATCH] tests: add repart tests for block devices with 1024, 2048,
4096 byte sector sizes
let's make sure repart works with 4K drives and exotic sector sizes.
(cherry picked from commit 2cd341afb96486bd4afcdba23f02a27631c5b8db)
Related: #2017035
---
test/units/testsuite-58.sh | 42 ++++++++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)
diff --git a/test/units/testsuite-58.sh b/test/units/testsuite-58.sh
index 4b3c984c84..7aed965fb4 100755
--- a/test/units/testsuite-58.sh
+++ b/test/units/testsuite-58.sh
@@ -189,6 +189,48 @@ grep -qF 'p2 : start= 104448, size= 100319,' /tmp/testsuite-58-issue-2
rm /tmp/testsuite-58-issue-21817.img /tmp/testsuite-58-issue-21817.dump
rm -r /tmp/testsuite-58-issue-21817-defs/
+testsector()
+{
+ echo "Running sector test with sector size $1..."
+
+ mkdir -p /tmp/testsuite-58-sector
+ cat > /tmp/testsuite-58-sector/a.conf <<EOF
+[Partition]
+Type=root
+SizeMaxBytes=15M
+SizeMinBytes=15M
+EOF
+ cat > /tmp/testsuite-58-sector/b.conf <<EOF
+[Partition]
+Type=linux-generic
+Weight=250
+EOF
+
+ cat > /tmp/testsuite-58-sector/c.conf <<EOF
+[Partition]
+Type=linux-generic
+Weight=750
+EOF
+
+ truncate -s 100m "/tmp/testsuite-58-sector-$1.img"
+ LOOP=$(losetup -b "$1" -P --show -f "/tmp/testsuite-58-sector-$1.img" )
+ systemd-repart --pretty=yes --definitions=/tmp/testsuite-58-sector/ --seed=750b6cd5c4ae4012a15e7be3c29e6a47 --empty=require --dry-run=no "$LOOP"
+ rm -rf /tmp/testsuite-58-sector
+ sfdisk --verify "$LOOP"
+ sfdisk --dump "$LOOP"
+ losetup -d "$LOOP"
+
+ rm "/tmp/testsuite-58-sector-$1.img"
+}
+
+# Valid block sizes on the Linux block layer are >= 512 and <= PAGE_SIZE, and
+# must be powers of 2. Which leaves exactly four different ones to test on
+# typical hardware
+testsector 512
+testsector 1024
+testsector 2048
+testsector 4096
+
echo OK >/testok
exit 0

31
SOURCES/0037-test-accept-both-unpadded-and-padded-partition-sizes.patch Normal file
View File

@ -0,0 +1,31 @@
From c16ff9acad53e741ee121a21bd2ba5dfce1f459e Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 25 Feb 2022 15:09:07 +0100
Subject: [PATCH] test: accept both unpadded and padded partition sizes
Since util-linux/util-linux@921c7da55ec78350e4067b3fd6b7de6f299106ee
libfdisk aligns the last partition (on GPT) for optimal I/O. Let's
account for that.
Fixes: #22606
(cherry picked from commit d490188b8f6da658d8086dd53b7db95735e5cca1)
Related: #2017035
---
test/units/testsuite-58.sh | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/test/units/testsuite-58.sh b/test/units/testsuite-58.sh
index 7aed965fb4..f1b690a71f 100755
--- a/test/units/testsuite-58.sh
+++ b/test/units/testsuite-58.sh
@@ -184,7 +184,8 @@ sfdisk --dump "$LOOP" | tee /tmp/testsuite-58-issue-21817.dump
losetup -d "$LOOP"
grep -qiF "p1 : start= 2048, size= 102400, type=${root_guid}," /tmp/testsuite-58-issue-21817.dump
-grep -qF 'p2 : start= 104448, size= 100319,' /tmp/testsuite-58-issue-21817.dump
+# Accept both unpadded (pre-v2.38 util-linux) and padded (v2.38+ util-linux) sizes
+grep -qE "p2 : start= 104448, size= (100319| 98304)," /tmp/testsuite-58-issue-21817.dump
rm /tmp/testsuite-58-issue-21817.img /tmp/testsuite-58-issue-21817.dump
rm -r /tmp/testsuite-58-issue-21817-defs/

41
SOURCES/0038-test-lvm-2.03.15-dropped-the-static-autoactivation.patch Normal file
View File

@ -0,0 +1,41 @@
From fcaf368341c85285017f77333543656e1382975e Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 9 Feb 2022 22:35:03 +0100
Subject: [PATCH] test: lvm 2.03.15 dropped the static autoactivation
so install the respective generator only if we're running with older
lvm versions.
See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=ee8fb0310c53ed003a43b324c99cdfd891dd1a7c
(cherry picked from commit d10d562bd4b9f93130fb2b23f2b0d0d4126ea7d4)
Related: #2017035
---
test/test-functions | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/test/test-functions b/test/test-functions
index 4827b6bedf..dcc893733c 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -973,16 +973,19 @@ install_lvm() {
image_install lvm
image_install "${ROOTLIBDIR:?}"/system/lvm2-lvmpolld.{service,socket}
image_install "${ROOTLIBDIR:?}"/system/{blk-availability,lvm2-monitor}.service
- image_install "${ROOTLIBDIR:?}"/system-generators/lvm2-activation-generator
image_install -o "/lib/tmpfiles.d/lvm2.conf"
if get_bool "$LOOKS_LIKE_DEBIAN"; then
inst_rules 56-lvm.rules 69-lvm-metad.rules
else
# Support the new udev autoactivation introduced in lvm 2.03.14
# https://sourceware.org/git/?p=lvm2.git;a=commit;h=67722b312390cdab29c076c912e14bd739c5c0f6
+ # Static autoactivation (via lvm2-activation-generator) was dropped
+ # in lvm 2.03.15
+ # https://sourceware.org/git/?p=lvm2.git;a=commit;h=ee8fb0310c53ed003a43b324c99cdfd891dd1a7c
if [[ -f /lib/udev/rules.d/69-dm-lvm.rules ]]; then
inst_rules 11-dm-lvm.rules 69-dm-lvm.rules
else
+ image_install "${ROOTLIBDIR:?}"/system-generators/lvm2-activation-generator
image_install "${ROOTLIBDIR:?}"/system/lvm2-pvscan@.service
inst_rules 11-dm-lvm.rules 69-dm-lvm-metad.rules
fi

39
SOURCES/0039-test-accept-GC-ed-units-in-newer-LVM.patch Normal file
View File

@ -0,0 +1,39 @@
From 494045e03c7e1b81ac4dcea7d4bf776e2bc50c77 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 10 Feb 2022 12:29:53 +0100
Subject: [PATCH] test: accept GC'ed units in newer LVM
Since lvm 2.03.15 the transient units are started without `-r`, thus
disappearing once they finish and breaking the test (which expects them
to remain loaded after finishing). Let's accept `LoadState=not-found` as
a valid result as well to fix this.
Follow-up to: d10d562bd4b9f93130fb2b23f2b0d0d4126ea7d4
See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=fbd8b0cf43dc67f51f86f060dce748f446985855
(cherry picked from commit b034f02c628057c30a2136289a1b388a6fb9a737)
Related: #2017035
---
test/units/testsuite-64.sh | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/test/units/testsuite-64.sh b/test/units/testsuite-64.sh
index f75382d90a..dc8b263b10 100755
--- a/test/units/testsuite-64.sh
+++ b/test/units/testsuite-64.sh
@@ -96,6 +96,14 @@ helper_wait_for_lvm_activate() {
if [[ "$(systemctl show -P SubState "$lvm_activate_svc")" == exited ]]; then
return 0
fi
+ else
+ # Since lvm 2.03.15 the lvm-activate transient unit no longer remains
+ # after finishing, so we have to treat non-existent units as a success
+ # as well
+ # See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=fbd8b0cf43dc67f51f86f060dce748f446985855
+ if [[ "$(systemctl show -P LoadState "$lvm_activate_svc")" == not-found ]]; then
+ return 0
+ fi
fi
sleep .5

127
SOURCES/0040-shared-Add-more-dlopen-tests.patch Normal file
View File

@ -0,0 +1,127 @@
From 3ed5b365c5134cb18da8aed397c7c4551af25715 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 1 Mar 2022 17:04:13 +0000
Subject: [PATCH] shared: Add more dlopen() tests
Add dlopen_dw(), dlopen_elf() and dlopen_pcre2() to the dlopen test.
To enable adding dlopen_pcre2(), we move pcre2-dlopen.h/c from
src/journal to src/shared.
(cherry picked from commit ee48779e05831a0ec5e1ba5e7ed5fe92aaca1d9e)
Related: #2017035
---
src/journal/meson.build | 2 --
src/shared/elf-util.c | 4 ++--
src/shared/elf-util.h | 3 +++
src/shared/meson.build | 2 ++
src/{journal => shared}/pcre2-dlopen.c | 0
src/{journal => shared}/pcre2-dlopen.h | 0
src/test/test-dlopen-so.c | 11 +++++++++++
7 files changed, 18 insertions(+), 4 deletions(-)
rename src/{journal => shared}/pcre2-dlopen.c (100%)
rename src/{journal => shared}/pcre2-dlopen.h (100%)
diff --git a/src/journal/meson.build b/src/journal/meson.build
index eb66bfd584..270592f2ac 100644
--- a/src/journal/meson.build
+++ b/src/journal/meson.build
@@ -49,8 +49,6 @@ systemd_cat_sources = files('cat.c')
journalctl_sources = files('''
journalctl.c
- pcre2-dlopen.c
- pcre2-dlopen.h
'''.split())
if install_sysconfdir_samples
diff --git a/src/shared/elf-util.c b/src/shared/elf-util.c
index 4d93e7eaba..6d9fcfbbf2 100644
--- a/src/shared/elf-util.c
+++ b/src/shared/elf-util.c
@@ -80,7 +80,7 @@ unsigned int (*sym_elf_version)(unsigned int);
GElf_Phdr *(*sym_gelf_getphdr)(Elf *, int, GElf_Phdr *);
size_t (*sym_gelf_getnote)(Elf_Data *, size_t, GElf_Nhdr *, size_t *, size_t *);
-static int dlopen_dw(void) {
+int dlopen_dw(void) {
int r;
r = dlopen_many_sym_or_warn(
@@ -123,7 +123,7 @@ static int dlopen_dw(void) {
return 1;
}
-static int dlopen_elf(void) {
+int dlopen_elf(void) {
int r;
r = dlopen_many_sym_or_warn(
diff --git a/src/shared/elf-util.h b/src/shared/elf-util.h
index cf3d9be128..b28e64cea6 100644
--- a/src/shared/elf-util.h
+++ b/src/shared/elf-util.h
@@ -4,6 +4,9 @@
#include "json.h"
#if HAVE_ELFUTILS
+int dlopen_dw(void);
+int dlopen_elf(void);
+
/* Parse an ELF object in a forked process, so that errors while iterating over
* untrusted and potentially malicious data do not propagate to the main caller's process.
* If fork_disable_dump, the child process will not dump core if it crashes. */
diff --git a/src/shared/meson.build b/src/shared/meson.build
index 5dc58a863d..006310a917 100644
--- a/src/shared/meson.build
+++ b/src/shared/meson.build
@@ -241,6 +241,8 @@ shared_sources = files('''
parse-argument.h
parse-socket-bind-item.c
parse-socket-bind-item.h
+ pcre2-dlopen.c
+ pcre2-dlopen.h
pe-header.h
pkcs11-util.c
pkcs11-util.h
diff --git a/src/journal/pcre2-dlopen.c b/src/shared/pcre2-dlopen.c
similarity index 100%
rename from src/journal/pcre2-dlopen.c
rename to src/shared/pcre2-dlopen.c
diff --git a/src/journal/pcre2-dlopen.h b/src/shared/pcre2-dlopen.h
similarity index 100%
rename from src/journal/pcre2-dlopen.h
rename to src/shared/pcre2-dlopen.h
diff --git a/src/test/test-dlopen-so.c b/src/test/test-dlopen-so.c
index ea2ef31b1f..002f666ed8 100644
--- a/src/test/test-dlopen-so.c
+++ b/src/test/test-dlopen-so.c
@@ -5,10 +5,12 @@
#include "bpf-dlopen.h"
#include "cryptsetup-util.h"
+#include "elf-util.h"
#include "idn-util.h"
#include "libfido2-util.h"
#include "macro.h"
#include "main-func.h"
+#include "pcre2-dlopen.h"
#include "pwquality-util.h"
#include "qrcode-util.h"
#include "tests.h"
@@ -49,6 +51,15 @@ static int run(int argc, char **argv) {
assert_se(dlopen_bpf() >= 0);
#endif
+#if HAVE_ELFUTILS
+ assert_se(dlopen_dw() >= 0);
+ assert_se(dlopen_elf() >= 0);
+#endif
+
+#if HAVE_PCRE2
+ assert_se(dlopen_pcre2() >= 0);
+#endif
+
return 0;
}

36
SOURCES/0041-systemctl-Show-how-long-a-service-ran-for-after-it-e.patch Normal file
View File

@ -0,0 +1,36 @@
From b07519fd5241eacfdb735917eca4ccbf441b5a8a Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 22 Feb 2022 11:06:00 +0000
Subject: [PATCH] systemctl: Show how long a service ran for after it exited in
status output
(cherry picked from commit 0802f62efc1d1c67d5be67223b529c93536cf2ed)
Related: #2017035
---
src/systemctl/systemctl-show.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/systemctl/systemctl-show.c b/src/systemctl/systemctl-show.c
index 37c898f313..9b23471990 100644
--- a/src/systemctl/systemctl-show.c
+++ b/src/systemctl/systemctl-show.c
@@ -433,6 +433,18 @@ static void print_status_info(
FORMAT_TIMESTAMP_STYLE(until_timestamp, arg_timestamp_style),
FORMAT_TIMESTAMP_RELATIVE(until_timestamp));
}
+
+ if (!endswith(i->id, ".target") &&
+ STRPTR_IN_SET(i->active_state, "inactive", "failed") &&
+ timestamp_is_set(i->active_enter_timestamp) &&
+ timestamp_is_set(i->active_exit_timestamp) &&
+ i->active_exit_timestamp >= i->active_enter_timestamp) {
+
+ usec_t duration;
+
+ duration = i->active_exit_timestamp - i->active_enter_timestamp;
+ printf(" Duration: %s\n", FORMAT_TIMESPAN(duration, MSEC_PER_SEC));
+ }
} else
printf("\n");

130
SOURCES/0042-time-util-introduce-TIMESTAMP_UNIX.patch Normal file
View File

@ -0,0 +1,130 @@
From 5f59cc1593eaa251161061fe9a4ac4afb1592e6e Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Mon, 21 Feb 2022 13:08:20 +0100
Subject: [PATCH] time-util: introduce TIMESTAMP_UNIX
Allow formatting timestamps as number of seconds since the Epoch for easier
machine parsing.
Fixes: #22567
```
$ systemctl show systemd-journald | grep Timestamp
WatchdogTimestampMonotonic=0
ExecMainStartTimestamp=Sat 2021-12-11 15:25:57 CET
ExecMainStartTimestampMonotonic=13030408
ExecMainExitTimestampMonotonic=0
StateChangeTimestamp=Sat 2021-12-11 15:25:57 CET
StateChangeTimestampMonotonic=13049273
InactiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
InactiveExitTimestampMonotonic=13030430
ActiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
ActiveEnterTimestampMonotonic=13049273
ActiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
ActiveExitTimestampMonotonic=12997236
InactiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
InactiveEnterTimestampMonotonic=13028890
ConditionTimestamp=Sat 2021-12-11 15:25:57 CET
ConditionTimestampMonotonic=13029539
AssertTimestamp=Sat 2021-12-11 15:25:57 CET
AssertTimestampMonotonic=13029540
$ systemctl show --timestamp=unix systemd-journald | grep Timestamp
WatchdogTimestampMonotonic=0
ExecMainStartTimestamp=@1639232757
ExecMainStartTimestampMonotonic=13030408
ExecMainExitTimestampMonotonic=0
StateChangeTimestamp=@1639232757
StateChangeTimestampMonotonic=13049273
InactiveExitTimestamp=@1639232757
InactiveExitTimestampMonotonic=13030430
ActiveEnterTimestamp=@1639232757
ActiveEnterTimestampMonotonic=13049273
ActiveExitTimestamp=@1639232757
ActiveExitTimestampMonotonic=12997236
InactiveEnterTimestamp=@1639232757
InactiveEnterTimestampMonotonic=13028890
ConditionTimestamp=@1639232757
ConditionTimestampMonotonic=13029539
AssertTimestamp=@1639232757
AssertTimestampMonotonic=13029540
```
(cherry picked from commit ed4a5b434517eeebc508379476cf112704e7981c)
Related: #2017035
---
src/basic/time-util.c | 11 +++++++++++
src/basic/time-util.h | 1 +
src/test/test-time-util.c | 5 +++++
3 files changed, 17 insertions(+)
diff --git a/src/basic/time-util.c b/src/basic/time-util.c
index b659d6905d..c0841af8f3 100644
--- a/src/basic/time-util.c
+++ b/src/basic/time-util.c
@@ -320,11 +320,13 @@ char *format_timestamp_style(
time_t sec;
size_t n;
bool utc = false, us = false;
+ int r;
assert(buf);
switch (style) {
case TIMESTAMP_PRETTY:
+ case TIMESTAMP_UNIX:
break;
case TIMESTAMP_US:
us = true;
@@ -350,6 +352,14 @@ char *format_timestamp_style(
if (t <= 0 || t == USEC_INFINITY)
return NULL; /* Timestamp is unset */
+ if (style == TIMESTAMP_UNIX) {
+ r = snprintf(buf, l, "@" USEC_FMT, t / USEC_PER_SEC); /* round down µs → s */
+ if (r < 0 || (size_t) r >= l)
+ return NULL; /* Doesn't fit */
+
+ return buf;
+ }
+
/* Let's not format times with years > 9999 */
if (t > USEC_TIMESTAMP_FORMATTABLE_MAX) {
assert(l >= STRLEN("--- XXXX-XX-XX XX:XX:XX") + 1);
@@ -1632,6 +1642,7 @@ static const char* const timestamp_style_table[_TIMESTAMP_STYLE_MAX] = {
[TIMESTAMP_US] = "us",
[TIMESTAMP_UTC] = "utc",
[TIMESTAMP_US_UTC] = "us+utc",
+ [TIMESTAMP_UNIX] = "unix",
};
/* Use the macro for enum → string to allow for aliases */
diff --git a/src/basic/time-util.h b/src/basic/time-util.h
index 895af88299..01a72026e3 100644
--- a/src/basic/time-util.h
+++ b/src/basic/time-util.h
@@ -34,6 +34,7 @@ typedef enum TimestampStyle {
TIMESTAMP_US,
TIMESTAMP_UTC,
TIMESTAMP_US_UTC,
+ TIMESTAMP_UNIX,
_TIMESTAMP_STYLE_MAX,
_TIMESTAMP_STYLE_INVALID = -EINVAL,
} TimestampStyle;
diff --git a/src/test/test-time-util.c b/src/test/test-time-util.c
index 554693834b..799d271a44 100644
--- a/src/test/test-time-util.c
+++ b/src/test/test-time-util.c
@@ -325,6 +325,11 @@ TEST(format_timestamp) {
assert_se(parse_timestamp(buf, &y) >= 0);
assert_se(x / USEC_PER_SEC == y / USEC_PER_SEC);
+ assert_se(format_timestamp_style(buf, sizeof(buf), x, TIMESTAMP_UNIX));
+ log_debug("%s", buf);
+ assert_se(parse_timestamp(buf, &y) >= 0);
+ assert_se(x / USEC_PER_SEC == y / USEC_PER_SEC);
+
assert_se(format_timestamp_style(buf, sizeof(buf), x, TIMESTAMP_UTC));
log_debug("%s", buf);
assert_se(parse_timestamp(buf, &y) >= 0);

49
SOURCES/0043-systemctl-man-update-docs-for-timestamp.patch Normal file
View File

@ -0,0 +1,49 @@
From 17dfcbd7fe332e7559e168520a57b0241d688485 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Mon, 21 Feb 2022 13:14:18 +0100
Subject: [PATCH] systemctl,man: update docs for `--timestamp=`
(cherry picked from commit b58b4a9f379748fec667fb60606de945eaafadbe)
Related: #2017035
---
man/systemctl.xml | 7 +++++++
src/systemctl/systemctl.c | 7 ++-----
2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/man/systemctl.xml b/man/systemctl.xml
index 3b3d709ab3..f28579e05d 100644
--- a/man/systemctl.xml
+++ b/man/systemctl.xml
@@ -2305,6 +2305,13 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
</varlistentry>
</variablelist>
+ <variablelist>
+ <varlistentry>
+ <term><option>unix</option></term>
+ <listitem><para><literal>@seconds-since-the-epoch</literal></para></listitem>
+ </varlistentry>
+ </variablelist>
+
<variablelist>
<varlistentry>
<term><option>us</option></term>
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
index 9031e685ea..0489796a75 100644
--- a/src/systemctl/systemctl.c
+++ b/src/systemctl/systemctl.c
@@ -296,11 +296,8 @@ static int systemctl_help(void) {
" --boot-loader-entry=NAME\n"
" Boot into a specific boot loader entry on next boot\n"
" --plain Print unit dependencies as a list instead of a tree\n"
- " --timestamp=FORMAT Change format of printed timestamps.\n"
- " 'pretty' (default): 'Day YYYY-MM-DD HH:MM:SS TZ\n"
- " 'us': 'Day YYYY-MM-DD HH:MM:SS.UUUUUU TZ\n"
- " 'utc': 'Day YYYY-MM-DD HH:MM:SS UTC\n"
- " 'us+utc': 'Day YYYY-MM-DD HH:MM:SS.UUUUUU UTC\n"
+ " --timestamp=FORMAT Change format of printed timestamps (pretty, unix,\n"
+ " us, utc, us+utc)\n"
" --read-only Create read-only bind mount\n"
" --mkdir Create directory before mounting, if missing\n"
" --marked Restart/reload previously marked units\n"

69
SOURCES/0044-systemctl-make-timestamp-affect-the-show-verb-as-wel.patch Normal file
View File

@ -0,0 +1,69 @@
From ab458e74eccf14550711ca024e9176fba7993abc Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 18 Feb 2022 23:09:18 +0100
Subject: [PATCH] systemctl: make `--timestamp=` affect the `show` verb as well
Currently the `--timestamp=` option has no effect on timestamps shown by
`systemctl show`, let's fix that.
Spotted in #22567.
Before:
```
$ systemctl show --timestamp=us+utc systemd-journald | grep Timestamp=
ExecMainStartTimestamp=Sat 2021-12-11 15:25:57 CET
StateChangeTimestamp=Sat 2021-12-11 15:25:57 CET
InactiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
ActiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
ActiveExitTimestamp=Sat 2021-12-11 15:25:57 CET
InactiveEnterTimestamp=Sat 2021-12-11 15:25:57 CET
ConditionTimestamp=Sat 2021-12-11 15:25:57 CET
AssertTimestamp=Sat 2021-12-11 15:25:57 CET
```
After:
```
$ systemctl show --timestamp=us+utc systemd-journald | grep Timestamp=
ExecMainStartTimestamp=Sat 2021-12-11 14:25:57.177848 UTC
StateChangeTimestamp=Sat 2021-12-11 14:25:57.196714 UTC
InactiveExitTimestamp=Sat 2021-12-11 14:25:57.177871 UTC
ActiveEnterTimestamp=Sat 2021-12-11 14:25:57.196714 UTC
ActiveExitTimestamp=Sat 2021-12-11 14:25:57.144677 UTC
InactiveEnterTimestamp=Sat 2021-12-11 14:25:57.176331 UTC
ConditionTimestamp=Sat 2021-12-11 14:25:57.176980 UTC
AssertTimestamp=Sat 2021-12-11 14:25:57.176980 UTC
```
(cherry picked from commit a59e5c625da5a6e0c46e493d55f2f4212e9457ca)
Related: #2017035
---
src/systemctl/systemctl-show.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/src/systemctl/systemctl-show.c b/src/systemctl/systemctl-show.c
index 9b23471990..7a6655da74 100644
--- a/src/systemctl/systemctl-show.c
+++ b/src/systemctl/systemctl-show.c
@@ -1001,6 +1001,20 @@ static int print_property(const char *name, const char *expected_value, sd_bus_m
}
break;
+ case SD_BUS_TYPE_UINT64:
+ if (endswith(name, "Timestamp")) {
+ uint64_t timestamp;
+
+ r = sd_bus_message_read_basic(m, bus_type, &timestamp);
+ if (r < 0)
+ return r;
+
+ bus_print_property_value(name, expected_value, flags, FORMAT_TIMESTAMP_STYLE(timestamp, arg_timestamp_style));
+
+ return 1;
+ }
+ break;
+
case SD_BUS_TYPE_STRUCT:
if (contents[0] == SD_BUS_TYPE_UINT32 && streq(name, "Job")) {

39
SOURCES/0045-tests-allow-running-all-the-services-with-SYSTEMD_LO.patch Normal file
View File

@ -0,0 +1,39 @@
From fdd32f48af7993305f65989162dedd75a929966a Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Tue, 15 Feb 2022 01:13:10 +0000
Subject: [PATCH] tests: allow running all the services with SYSTEMD_LOG_LEVEL
It should make it easier to figure out what exactly services do there.
For example, with SYSTEMD_LOG_LEVEL=debug userdbd (v249) prints
```
varlink-5: New incoming message: {"method":"io.systemd.UserDatabase.GetUserRecord","parameters":{}}
```
before it crashes and systemd-resolved prints
```
varlink-21: New incoming message: {"method":"io.systemd.Resolve.ResolveAddress","parameters":{"address":[127,0,0,1],"flags":0,"ifindex":1000000,"family":0}}
```
and those messages are helpful (especially when scripts causing them
aren't clever enough to keep track of random stuff they send to systemd
:-))
(cherry picked from commit bf6ef6b6a9156e5f52ee69ce0c529a246f103e54)
Related: #2017035
---
test/test-functions | 3 +++
1 file changed, 3 insertions(+)
diff --git a/test/test-functions b/test/test-functions
index dcc893733c..a299f5ff1f 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -1142,6 +1142,9 @@ install_systemd() {
# enable debug logging in PID1
echo LogLevel=debug >>"$initdir/etc/systemd/system.conf"
+ if [[ -n "$TEST_SYSTEMD_LOG_LEVEL" ]]; then
+ echo DefaultEnvironment=SYSTEMD_LOG_LEVEL="$TEST_SYSTEMD_LOG_LEVEL" >>"$initdir/etc/systemd/system.conf"
+ fi
# store coredumps in journal
echo Storage=journal >>"$initdir/etc/systemd/coredump.conf"
# Propagate SYSTEMD_UNIT_PATH to user systemd managers

46
SOURCES/0046-coredump-raise-the-coredump-save-size-on-64bit-syste.patch Normal file
View File

@ -0,0 +1,46 @@
From 19d3bf238c41c756b391fc7e66e5217cde42a896 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 8 Feb 2022 11:52:17 +0100
Subject: [PATCH] coredump: raise the coredump save size on 64bit systems to
32G (and lower it to 1G on 32bit systems)
Apparently 2G is too low for various real-life systems. But raising it
universally above 2^32 sounds wrong to me, since that makes no sense on
32bit systems, that we still support.
Hence, let's raise the limit to 32G on 64bit systems, and *lower* it to
1G on 32bit systems.
32G is 4 orders of magnitude higher then the old settings. Let's hope
that's enough for now. Should this not be enough we can raise it
further.
Fixes: #22076
(cherry picked from commit e677041e7a6988f73de802db6e49d962d432944b)
Related: #2017035
---
src/coredump/coredump.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index 6a6e9765d4..fd156370b2 100644
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -48,8 +48,14 @@
#include "uid-alloc-range.h"
#include "user-util.h"
-/* The maximum size up to which we process coredumps */
-#define PROCESS_SIZE_MAX ((uint64_t) (2LLU*1024LLU*1024LLU*1024LLU))
+/* The maximum size up to which we process coredumps. We use 1G on 32bit systems, and 32G on 64bit systems */
+#if __SIZEOF_POINTER__ == 4
+#define PROCESS_SIZE_MAX ((uint64_t) (1LLU*1024LLU*1024LLU*1024LLU))
+#elif __SIZEOF_POINTER__ == 8
+#define PROCESS_SIZE_MAX ((uint64_t) (32LLU*1024LLU*1024LLU*1024LLU))
+#else
+#error "Unexpected pointer size"
+#endif
/* The maximum size up to which we leave the coredump around on disk */
#define EXTERNAL_SIZE_MAX PROCESS_SIZE_MAX

644
SOURCES/0047-repart-fix-sector-size-handling.patch Normal file
View File

@ -0,0 +1,644 @@
From 389cc9af2087aa5369ac6bf0124d14877d541966 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 4 Feb 2022 17:39:44 +0100
Subject: [PATCH] repart: fix sector size handling
This queries the sector size from libfdisk instead of assuming 512, and
uses that when converting from bytes to the offset/size values libfdisk
expects.
This is an alternative to Tom Yan's #21823, but prefers using libfdisk's
own ideas of the sector size instead of going directly to the backing
device via ioctls. (libfdisk can after all also operate on regular
files, where the sector size concept doesn't necessarily apply the same
way.)
This also makes the "grain" variable, i.e. how we'll align the
partitions. Previously this was hardcoded to 4K, and that still will be
the minimum grain we use, but should the sector size be larger than that
we'll use the next multiple of the sector size instead.
(cherry picked from commit 994b303123ebe6a140bf3e56c66aa66119ae7d95)
Related: #2017035
---
src/partition/repart.c | 212 +++++++++++++++++++++++++----------------
1 file changed, 132 insertions(+), 80 deletions(-)
diff --git a/src/partition/repart.c b/src/partition/repart.c
index d08f47f2c4..0862a37a8d 100644
--- a/src/partition/repart.c
+++ b/src/partition/repart.c
@@ -195,6 +195,8 @@ struct Context {
uint64_t start, end, total;
struct fdisk_context *fdisk_context;
+ uint64_t sector_size;
+ uint64_t grain_size;
sd_id128_t seed;
};
@@ -407,9 +409,12 @@ static bool context_drop_one_priority(Context *context) {
return true;
}
-static uint64_t partition_min_size(const Partition *p) {
+static uint64_t partition_min_size(Context *context, const Partition *p) {
uint64_t sz;
+ assert(context);
+ assert(p);
+
/* Calculate the disk space we really need at minimum for this partition. If the partition already
* exists the current size is what we really need. If it doesn't exist yet refuse to allocate less
* than 4K.
@@ -428,50 +433,60 @@ static uint64_t partition_min_size(const Partition *p) {
uint64_t d = 0;
if (p->encrypt != ENCRYPT_OFF)
- d += round_up_size(LUKS2_METADATA_SIZE, 4096);
+ d += round_up_size(LUKS2_METADATA_SIZE, context->grain_size);
if (p->copy_blocks_size != UINT64_MAX)
- d += round_up_size(p->copy_blocks_size, 4096);
+ d += round_up_size(p->copy_blocks_size, context->grain_size);
else if (p->format || p->encrypt != ENCRYPT_OFF) {
uint64_t f;
/* If we shall synthesize a file system, take minimal fs size into account (assumed to be 4K if not known) */
- f = p->format ? minimal_size_by_fs_name(p->format) : UINT64_MAX;
- d += f == UINT64_MAX ? 4096 : f;
+ f = p->format ? round_up_size(minimal_size_by_fs_name(p->format), context->grain_size) : UINT64_MAX;
+ d += f == UINT64_MAX ? context->grain_size : f;
}
if (d > sz)
sz = d;
}
- return MAX(p->size_min != UINT64_MAX ? p->size_min : DEFAULT_MIN_SIZE, sz);
+ return MAX(round_up_size(p->size_min != UINT64_MAX ? p->size_min : DEFAULT_MIN_SIZE, context->grain_size), sz);
}
-static uint64_t partition_max_size(const Partition *p) {
+static uint64_t partition_max_size(const Context *context, const Partition *p) {
+ uint64_t sm;
+
/* Calculate how large the partition may become at max. This is generally the configured maximum
* size, except when it already exists and is larger than that. In that case it's the existing size,
* since we never want to shrink partitions. */
+ assert(context);
+ assert(p);
+
if (PARTITION_IS_FOREIGN(p)) {
/* Don't allow changing size of partitions not managed by us */
assert(p->current_size != UINT64_MAX);
return p->current_size;
}
+ sm = round_down_size(p->size_max, context->grain_size);
+
if (p->current_size != UINT64_MAX)
- return MAX(p->current_size, p->size_max);
+ return MAX(p->current_size, sm);
- return p->size_max;
+ return sm;
}
-static uint64_t partition_min_size_with_padding(const Partition *p) {
+static uint64_t partition_min_size_with_padding(Context *context, const Partition *p) {
uint64_t sz;
/* Calculate the disk space we need for this partition plus any free space coming after it. This
* takes user configured padding into account as well as any additional whitespace needed to align
* the next partition to 4K again. */
- sz = partition_min_size(p);
+ assert(context);
+ assert(p);
+
+ sz = partition_min_size(context, p);
if (p->padding_min != UINT64_MAX)
sz += p->padding_min;
@@ -479,11 +494,11 @@ static uint64_t partition_min_size_with_padding(const Partition *p) {
if (PARTITION_EXISTS(p)) {
/* If the partition wasn't aligned, add extra space so that any we might add will be aligned */
assert(p->offset != UINT64_MAX);
- return round_up_size(p->offset + sz, 4096) - p->offset;
+ return round_up_size(p->offset + sz, context->grain_size) - p->offset;
}
/* If this is a new partition we'll place it aligned, hence we just need to round up the required size here */
- return round_up_size(sz, 4096);
+ return round_up_size(sz, context->grain_size);
}
static uint64_t free_area_available(const FreeArea *a) {
@@ -495,9 +510,12 @@ static uint64_t free_area_available(const FreeArea *a) {
return a->size - a->allocated;
}
-static uint64_t free_area_available_for_new_partitions(const FreeArea *a) {
+static uint64_t free_area_available_for_new_partitions(Context *context, const FreeArea *a) {
uint64_t avail;
+ assert(context);
+ assert(a);
+
/* Similar to free_area_available(), but takes into account that the required size and padding of the
* preceding partition is honoured. */
@@ -505,16 +523,16 @@ static uint64_t free_area_available_for_new_partitions(const FreeArea *a) {
if (a->after) {
uint64_t need, space_end, new_end;
- need = partition_min_size_with_padding(a->after);
+ need = partition_min_size_with_padding(context, a->after);
assert(a->after->offset != UINT64_MAX);
assert(a->after->current_size != UINT64_MAX);
/* Calculate where the free area ends, based on the offset of the partition preceding it */
- space_end = round_up_size(a->after->offset + a->after->current_size, 4096) + avail;
+ space_end = round_up_size(a->after->offset + a->after->current_size, context->grain_size) + avail;
/* Calculate where the partition would end when we give it as much as it needs */
- new_end = round_up_size(a->after->offset + need, 4096);
+ new_end = round_up_size(a->after->offset + need, context->grain_size);
/* Calculate saturated difference of the two: that's how much we have free for other partitions */
return LESS_BY(space_end, new_end);
@@ -523,15 +541,18 @@ static uint64_t free_area_available_for_new_partitions(const FreeArea *a) {
return avail;
}
-static int free_area_compare(FreeArea *const *a, FreeArea *const*b) {
- return CMP(free_area_available_for_new_partitions(*a),
- free_area_available_for_new_partitions(*b));
+static int free_area_compare(FreeArea *const *a, FreeArea *const*b, Context *context) {
+ assert(context);
+
+ return CMP(free_area_available_for_new_partitions(context, *a),
+ free_area_available_for_new_partitions(context, *b));
}
-static uint64_t charge_size(uint64_t total, uint64_t amount) {
+static uint64_t charge_size(Context *context, uint64_t total, uint64_t amount) {
+ assert(context);
/* Subtract the specified amount from total, rounding up to multiple of 4K if there's room */
assert(amount <= total);
- return LESS_BY(total, round_up_size(amount, 4096));
+ return LESS_BY(total, round_up_size(amount, context->grain_size));
}
static uint64_t charge_weight(uint64_t total, uint64_t amount) {
@@ -545,14 +566,14 @@ static bool context_allocate_partitions(Context *context, uint64_t *ret_largest_
assert(context);
/* Sort free areas by size, putting smallest first */
- typesafe_qsort(context->free_areas, context->n_free_areas, free_area_compare);
+ typesafe_qsort_r(context->free_areas, context->n_free_areas, free_area_compare, context);
/* In any case return size of the largest free area (i.e. not the size of all free areas
* combined!) */
if (ret_largest_free_area)
*ret_largest_free_area =
context->n_free_areas == 0 ? 0 :
- free_area_available_for_new_partitions(context->free_areas[context->n_free_areas-1]);
+ free_area_available_for_new_partitions(context, context->free_areas[context->n_free_areas-1]);
/* A simple first-fit algorithm. We return true if we can fit the partitions in, otherwise false. */
LIST_FOREACH(partitions, p, context->partitions) {
@@ -565,13 +586,13 @@ static bool context_allocate_partitions(Context *context, uint64_t *ret_largest_
continue;
/* How much do we need to fit? */
- required = partition_min_size_with_padding(p);
- assert(required % 4096 == 0);
+ required = partition_min_size_with_padding(context, p);
+ assert(required % context->grain_size == 0);
for (size_t i = 0; i < context->n_free_areas; i++) {
a = context->free_areas[i];
- if (free_area_available_for_new_partitions(a) >= required) {
+ if (free_area_available_for_new_partitions(context, a) >= required) {
fits = true;
break;
}
@@ -683,8 +704,8 @@ static int context_grow_partitions_phase(
if (r < 0)
return r;
- rsz = partition_min_size(p);
- xsz = partition_max_size(p);
+ rsz = partition_min_size(context, p);
+ xsz = partition_max_size(context, p);
if (phase == PHASE_OVERCHARGE && rsz > share) {
/* This partition needs more than its calculated share. Let's assign
@@ -712,13 +733,13 @@ static int context_grow_partitions_phase(
/* Never change of foreign partitions (i.e. those we don't manage) */
p->new_size = p->current_size;
else
- p->new_size = MAX(round_down_size(share, 4096), rsz);
+ p->new_size = MAX(round_down_size(share, context->grain_size), rsz);
charge = true;
}
if (charge) {
- *span = charge_size(*span, p->new_size);
+ *span = charge_size(context, *span, p->new_size);
*weight_sum = charge_weight(*weight_sum, p->weight);
}
@@ -742,7 +763,7 @@ static int context_grow_partitions_phase(
charge = try_again = true;
} else if (phase == PHASE_DISTRIBUTE) {
- p->new_padding = round_down_size(share, 4096);
+ p->new_padding = round_down_size(share, context->grain_size);
if (p->padding_min != UINT64_MAX && p->new_padding < p->padding_min)
p->new_padding = p->padding_min;
@@ -750,7 +771,7 @@ static int context_grow_partitions_phase(
}
if (charge) {
- *span = charge_size(*span, p->new_padding);
+ *span = charge_size(context, *span, p->new_padding);
*weight_sum = charge_weight(*weight_sum, p->padding_weight);
}
@@ -779,7 +800,7 @@ static int context_grow_partitions_on_free_area(Context *context, FreeArea *a) {
assert(a->after->offset != UINT64_MAX);
assert(a->after->current_size != UINT64_MAX);
- span += round_up_size(a->after->offset + a->after->current_size, 4096) - a->after->offset;
+ span += round_up_size(a->after->offset + a->after->current_size, context->grain_size) - a->after->offset;
}
for (GrowPartitionPhase phase = 0; phase < _GROW_PARTITION_PHASE_MAX;) {
@@ -799,13 +820,13 @@ static int context_grow_partitions_on_free_area(Context *context, FreeArea *a) {
assert(a->after->new_size != UINT64_MAX);
/* Calculate new size and align (but ensure this doesn't shrink the size) */
- m = MAX(a->after->new_size, round_down_size(a->after->new_size + span, 4096));
+ m = MAX(a->after->new_size, round_down_size(a->after->new_size + span, context->grain_size));
- xsz = partition_max_size(a->after);
+ xsz = partition_max_size(context, a->after);
if (xsz != UINT64_MAX && m > xsz)
m = xsz;
- span = charge_size(span, m - a->after->new_size);
+ span = charge_size(context, span, m - a->after->new_size);
a->after->new_size = m;
}
@@ -824,13 +845,13 @@ static int context_grow_partitions_on_free_area(Context *context, FreeArea *a) {
continue;
assert(p->new_size != UINT64_MAX);
- m = MAX(p->new_size, round_down_size(p->new_size + span, 4096));
+ m = MAX(p->new_size, round_down_size(p->new_size + span, context->grain_size));
- xsz = partition_max_size(p);
+ xsz = partition_max_size(context, p);
if (xsz != UINT64_MAX && m > xsz)
m = xsz;
- span = charge_size(span, m - p->new_size);
+ span = charge_size(context, span, m - p->new_size);
p->new_size = m;
if (span == 0)
@@ -910,7 +931,7 @@ static void context_place_partitions(Context *context) {
} else
start = context->start;
- start = round_up_size(start, 4096);
+ start = round_up_size(start, context->grain_size);
left = a->size;
LIST_FOREACH(partitions, p, context->partitions) {
@@ -1422,6 +1443,8 @@ static int determine_current_padding(
struct fdisk_context *c,
struct fdisk_table *t,
struct fdisk_partition *p,
+ uint64_t secsz,
+ uint64_t grainsz,
uint64_t *ret) {
size_t n_partitions;
@@ -1435,8 +1458,8 @@ static int determine_current_padding(
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Partition has no end!");
offset = fdisk_partition_get_end(p);
- assert(offset < UINT64_MAX / 512);
- offset *= 512;
+ assert(offset < UINT64_MAX / secsz);
+ offset *= secsz;
n_partitions = fdisk_table_get_nents(t);
for (size_t i = 0; i < n_partitions; i++) {
@@ -1454,8 +1477,8 @@ static int determine_current_padding(
continue;
start = fdisk_partition_get_start(q);
- assert(start < UINT64_MAX / 512);
- start *= 512;
+ assert(start < UINT64_MAX / secsz);
+ start *= secsz;
if (start >= offset && (next == UINT64_MAX || next > start))
next = start;
@@ -1467,16 +1490,16 @@ static int determine_current_padding(
assert(next < UINT64_MAX);
next++; /* The last LBA is one sector before the end */
- assert(next < UINT64_MAX / 512);
- next *= 512;
+ assert(next < UINT64_MAX / secsz);
+ next *= secsz;
if (offset > next)
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Partition end beyond disk end.");
}
assert(next >= offset);
- offset = round_up_size(offset, 4096);
- next = round_down_size(next, 4096);
+ offset = round_up_size(offset, grainsz);
+ next = round_down_size(next, grainsz);
*ret = LESS_BY(next, offset); /* Saturated subtraction, rounding might have fucked things up */
return 0;
@@ -1549,6 +1572,8 @@ static int context_load_partition_table(
bool from_scratch = false;
sd_id128_t disk_uuid;
size_t n_partitions;
+ unsigned long secsz;
+ uint64_t grainsz;
int r;
assert(context);
@@ -1583,8 +1608,12 @@ static int context_load_partition_table(
if (r < 0)
return log_error_errno(errno, "Failed to stat block device '%s': %m", node);
- if (S_ISREG(st.st_mode) && st.st_size == 0)
+ if (S_ISREG(st.st_mode) && st.st_size == 0) {
+ /* User the fallback values if we have no better idea */
+ context->sector_size = 512;
+ context->grain_size = 4096;
return /* from_scratch = */ true;
+ }
r = -EINVAL;
}
@@ -1602,6 +1631,23 @@ static int context_load_partition_table(
if (flock(fdisk_get_devfd(c), arg_dry_run ? LOCK_SH : LOCK_EX) < 0)
return log_error_errno(errno, "Failed to lock block device: %m");
+ /* The offsets/sizes libfdisk returns to us will be in multiple of the sector size of the
+ * device. This is typically 512, and sometimes 4096. Let's query libfdisk once for it, and then use
+ * it for all our needs. Note that the values we use ourselves always are in bytes though, thus mean
+ * the same thing universally. Also note that regardless what kind of sector size is in use we'll
+ * place partitions at multiples of 4K. */
+ secsz = fdisk_get_sector_size(c);
+
+ /* Insist on a power of two, and that it's a multiple of 512, i.e. the traditional sector size. */
+ if (secsz < 512 || secsz != 1UL << log2u64(secsz))
+ return log_error_errno(errno, "Sector size %lu is not a power of two larger than 512? Refusing.", secsz);
+
+ /* Use at least 4K, and ensure it's a multiple of the sector size, regardless if that is smaller or
+ * larger */
+ grainsz = secsz < 4096 ? 4096 : secsz;
+
+ log_debug("Sector size of device is %lu bytes. Using grain size of %" PRIu64 ".", secsz, grainsz);
+
switch (arg_empty) {
case EMPTY_REFUSE:
@@ -1732,12 +1778,12 @@ static int context_load_partition_table(
}
sz = fdisk_partition_get_size(p);
- assert_se(sz <= UINT64_MAX/512);
- sz *= 512;
+ assert_se(sz <= UINT64_MAX/secsz);
+ sz *= secsz;
start = fdisk_partition_get_start(p);
- assert_se(start <= UINT64_MAX/512);
- start *= 512;
+ assert_se(start <= UINT64_MAX/secsz);
+ start *= secsz;
partno = fdisk_partition_get_partno(p);
@@ -1762,7 +1808,7 @@ static int context_load_partition_table(
pp->current_partition = p;
fdisk_ref_partition(p);
- r = determine_current_padding(c, t, p, &pp->current_padding);
+ r = determine_current_padding(c, t, p, secsz, grainsz, &pp->current_padding);
if (r < 0)
return r;
@@ -1795,7 +1841,7 @@ static int context_load_partition_table(
np->current_partition = p;
fdisk_ref_partition(p);
- r = determine_current_padding(c, t, p, &np->current_padding);
+ r = determine_current_padding(c, t, p, secsz, grainsz, &np->current_padding);
if (r < 0)
return r;
@@ -1812,26 +1858,26 @@ static int context_load_partition_table(
add_initial_free_area:
nsectors = fdisk_get_nsectors(c);
- assert(nsectors <= UINT64_MAX/512);
- nsectors *= 512;
+ assert(nsectors <= UINT64_MAX/secsz);
+ nsectors *= secsz;
first_lba = fdisk_get_first_lba(c);
- assert(first_lba <= UINT64_MAX/512);
- first_lba *= 512;
+ assert(first_lba <= UINT64_MAX/secsz);
+ first_lba *= secsz;
last_lba = fdisk_get_last_lba(c);
assert(last_lba < UINT64_MAX);
last_lba++;
- assert(last_lba <= UINT64_MAX/512);
- last_lba *= 512;
+ assert(last_lba <= UINT64_MAX/secsz);
+ last_lba *= secsz;
assert(last_lba >= first_lba);
if (left_boundary == UINT64_MAX) {
/* No partitions at all? Then the whole disk is up for grabs. */
- first_lba = round_up_size(first_lba, 4096);
- last_lba = round_down_size(last_lba, 4096);
+ first_lba = round_up_size(first_lba, grainsz);
+ last_lba = round_down_size(last_lba, grainsz);
if (last_lba > first_lba) {
r = context_add_free_area(context, last_lba - first_lba, NULL);
@@ -1842,9 +1888,9 @@ add_initial_free_area:
/* Add space left of first partition */
assert(left_boundary >= first_lba);
- first_lba = round_up_size(first_lba, 4096);
- left_boundary = round_down_size(left_boundary, 4096);
- last_lba = round_down_size(last_lba, 4096);
+ first_lba = round_up_size(first_lba, grainsz);
+ left_boundary = round_down_size(left_boundary, grainsz);
+ last_lba = round_down_size(last_lba, grainsz);
if (left_boundary > first_lba) {
r = context_add_free_area(context, left_boundary - first_lba, NULL);
@@ -1856,6 +1902,8 @@ add_initial_free_area:
context->start = first_lba;
context->end = last_lba;
context->total = nsectors;
+ context->sector_size = secsz;
+ context->grain_size = grainsz;
context->fdisk_context = TAKE_PTR(c);
return from_scratch;
@@ -2360,7 +2408,7 @@ static int context_discard_range(
if (S_ISBLK(st.st_mode)) {
uint64_t range[2], end;
- range[0] = round_up_size(offset, 512);
+ range[0] = round_up_size(offset, context->sector_size);
if (offset > UINT64_MAX - size)
return -ERANGE;
@@ -2369,7 +2417,7 @@ static int context_discard_range(
if (end <= range[0])
return 0;
- range[1] = round_down_size(end - range[0], 512);
+ range[1] = round_down_size(end - range[0], context->sector_size);
if (range[1] <= 0)
return 0;
@@ -2519,6 +2567,7 @@ static int context_wipe_and_discard(Context *context, bool from_scratch) {
}
static int partition_encrypt(
+ Context *context,
Partition *p,
const char *node,
struct crypt_device **ret_cd,
@@ -2532,6 +2581,7 @@ static int partition_encrypt(
sd_id128_t uuid;
int r;
+ assert(context);
assert(p);
assert(p->encrypt != ENCRYPT_OFF);
@@ -2579,7 +2629,7 @@ static int partition_encrypt(
volume_key_size,
&(struct crypt_params_luks2) {
.label = strempty(p->new_label),
- .sector_size = 512U,
+ .sector_size = context->sector_size,
});
if (r < 0)
return log_error_errno(r, "Failed to LUKS2 format future partition: %m");
@@ -2735,7 +2785,7 @@ static int context_copy_blocks(Context *context) {
if (r < 0)
return log_error_errno(r, "Failed to lock loopback device: %m");
- r = partition_encrypt(p, d->node, &cd, &encrypted, &encrypted_dev_fd);
+ r = partition_encrypt(context, p, d->node, &cd, &encrypted, &encrypted_dev_fd);
if (r < 0)
return log_error_errno(r, "Failed to encrypt device: %m");
@@ -2988,7 +3038,7 @@ static int context_mkfs(Context *context) {
return log_error_errno(r, "Failed to lock loopback device: %m");
if (p->encrypt != ENCRYPT_OFF) {
- r = partition_encrypt(p, d->node, &cd, &encrypted, &encrypted_dev_fd);
+ r = partition_encrypt(context, p, d->node, &cd, &encrypted, &encrypted_dev_fd);
if (r < 0)
return log_error_errno(r, "Failed to encrypt device: %m");
@@ -3307,13 +3357,13 @@ static int context_mangle_partitions(Context *context) {
if (p->new_size != p->current_size) {
assert(p->new_size >= p->current_size);
- assert(p->new_size % 512 == 0);
+ assert(p->new_size % context->sector_size == 0);
r = fdisk_partition_size_explicit(p->current_partition, true);
if (r < 0)
return log_error_errno(r, "Failed to enable explicit sizing: %m");
- r = fdisk_partition_set_size(p->current_partition, p->new_size / 512);
+ r = fdisk_partition_set_size(p->current_partition, p->new_size / context->sector_size);
if (r < 0)
return log_error_errno(r, "Failed to grow partition: %m");
@@ -3353,8 +3403,8 @@ static int context_mangle_partitions(Context *context) {
_cleanup_(fdisk_unref_parttypep) struct fdisk_parttype *t = NULL;
assert(!p->new_partition);
- assert(p->offset % 512 == 0);
- assert(p->new_size % 512 == 0);
+ assert(p->offset % context->sector_size == 0);
+ assert(p->new_size % context->sector_size == 0);
assert(!sd_id128_is_null(p->new_uuid));
assert(p->new_label);
@@ -3378,11 +3428,11 @@ static int context_mangle_partitions(Context *context) {
if (r < 0)
return log_error_errno(r, "Failed to enable explicit sizing: %m");
- r = fdisk_partition_set_start(q, p->offset / 512);
+ r = fdisk_partition_set_start(q, p->offset / context->sector_size);
if (r < 0)
return log_error_errno(r, "Failed to position partition: %m");
- r = fdisk_partition_set_size(q, p->new_size / 512);
+ r = fdisk_partition_set_size(q, p->new_size / context->sector_size);
if (r < 0)
return log_error_errno(r, "Failed to grow partition: %m");
@@ -4746,18 +4796,20 @@ done:
}
static int determine_auto_size(Context *c) {
- uint64_t sum = round_up_size(GPT_METADATA_SIZE, 4096);
+ uint64_t sum;
Partition *p;
assert_se(c);
+ sum = round_up_size(GPT_METADATA_SIZE, 4096);
+
LIST_FOREACH(partitions, p, c->partitions) {
uint64_t m;
if (p->dropped)
continue;
- m = partition_min_size_with_padding(p);
+ m = partition_min_size_with_padding(c, p);
if (m > UINT64_MAX - sum)
return log_error_errno(SYNTHETIC_ERRNO(EOVERFLOW), "Image would grow too large, refusing.");

36
SOURCES/0048-mkdir-allow-to-create-directory-whose-path-contains-.patch Normal file
View File

@ -0,0 +1,36 @@
From 77cde7d38bf8cd3438a867a6330c314f4580e43b Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 2 Feb 2022 14:20:48 +0900
Subject: [PATCH] mkdir: allow to create directory whose path contains symlink
Fixes a regression caused by 3008a6f21c1c42efe852d69798a2fdd63fe657ec.
Before the commit, when `mkdir_parents_internal()` is called from `mkdir_p()`,
it uses `_mkdir()` as `flag` is zero. But after the commit, `mkdir_safe_internal()`
is always used. Hence, if the path contains a symlink, it fails with -ENOTDIR.
To fix the issue, this makes `mkdir_p()` calls `mkdir_parents_internal()` with
MKDIR_FOLLOW_SYMLINK flag.
Fixes #22334.
(cherry picked from commit 5117059ee9f84ed2fd37801ec0b90473db475422)
Related: #2017035
---
src/basic/mkdir.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c
index 6e2b94d024..88782ab0d4 100644
--- a/src/basic/mkdir.c
+++ b/src/basic/mkdir.c
@@ -162,7 +162,7 @@ int mkdir_p_internal(const char *prefix, const char *path, mode_t mode, uid_t ui
assert(_mkdirat != mkdirat);
- r = mkdir_parents_internal(prefix, path, mode, uid, gid, flags, _mkdirat);
+ r = mkdir_parents_internal(prefix, path, mode, uid, gid, flags | MKDIR_FOLLOW_SYMLINK, _mkdirat);
if (r < 0)
return r;

26
SOURCES/0049-mkdir-CHASE_NONEXISTENT-cannot-used-in-chase_symlink.patch Normal file
View File

@ -0,0 +1,26 @@
From 848b8dde6fe096b317abf0b4996f21c8fe6a39ce Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 2 Feb 2022 15:06:27 +0900
Subject: [PATCH] mkdir: CHASE_NONEXISTENT cannot used in
chase_symlinks_and_stat()
(cherry picked from commit e22916e61d1fdb7b46918b605ebf783d9017f9d8)
Related: #2017035
---
src/basic/mkdir.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c
index 88782ab0d4..51a0d74e87 100644
--- a/src/basic/mkdir.c
+++ b/src/basic/mkdir.c
@@ -42,7 +42,7 @@ int mkdir_safe_internal(
if ((flags & MKDIR_FOLLOW_SYMLINK) && S_ISLNK(st.st_mode)) {
_cleanup_free_ char *p = NULL;
- r = chase_symlinks_and_stat(path, NULL, CHASE_NONEXISTENT, &p, &st, NULL);
+ r = chase_symlinks_and_stat(path, NULL, 0, &p, &st, NULL);
if (r < 0)
return r;
if (r == 0)

137
SOURCES/0050-meson-move-efi-file-lists-closer-to-where-they-are-u.patch Normal file
View File

@ -0,0 +1,137 @@
From 9cfc2fd3c58609252b3fd203af95bec1aab1b832 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 23 Dec 2021 12:55:40 +0100
Subject: [PATCH] meson: move efi file lists closer to where they are used
The goal is to have the detection of features and paths done first, and
then the build target constructions second.
(cherry picked from commit 65dcf9f9a0d877de0dc53558547462a7f1750c78)
Related: #2017035
---
src/boot/efi/meson.build | 104 +++++++++++++++++++--------------------
1 file changed, 51 insertions(+), 53 deletions(-)
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index e10e51cf4e..1125c64ea3 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -99,59 +99,6 @@ if efi_lds == ''
subdir_done()
endif
-efi_headers = files('''
- bcd.h
- console.h
- cpio.h
- devicetree.h
- disk.h
- drivers.h
- graphics.h
- linux.h
- measure.h
- missing_efi.h
- pe.h
- random-seed.h
- shim.h
- splash.h
- util.h
- xbootldr.h
-'''.split())
-
-common_sources = '''
- assert.c
- devicetree.c
- disk.c
- graphics.c
- measure.c
- pe.c
- secure-boot.c
- util.c
-'''.split()
-
-systemd_boot_sources = '''
- bcd.c
- boot.c
- console.c
- drivers.c
- random-seed.c
- shim.c
- xbootldr.c
-'''.split()
-
-stub_sources = '''
- cpio.c
- initrd.c
- splash.c
- stub.c
-'''.split()
-
-if efi_arch[1] in ['ia32', 'x86_64']
- stub_sources += 'linux_x86.c'
-else
- stub_sources += 'linux.c'
-endif
-
conf.set10('HAVE_GNU_EFI', true)
conf.set_quoted('EFI_MACHINE_TYPE_NAME', efi_arch[0])
@@ -332,6 +279,57 @@ if efi_cc_version.contains('clang') and efi_cc_version.split('.')[0].split(' ')[
efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument']
endif
+############################################################
+
+efi_headers = files(
+ 'bcd.h',
+ 'console.h',
+ 'cpio.h',
+ 'devicetree.h',
+ 'disk.h',
+ 'drivers.h',
+ 'graphics.h',
+ 'linux.h',
+ 'measure.h',
+ 'missing_efi.h',
+ 'pe.h',
+ 'random-seed.h',
+ 'shim.h',
+ 'splash.h',
+ 'util.h',
+ 'xbootldr.h')
+
+common_sources = [
+ 'assert.c',
+ 'devicetree.c',
+ 'disk.c',
+ 'graphics.c',
+ 'measure.c',
+ 'pe.c',
+ 'secure-boot.c',
+ 'util.c']
+
+systemd_boot_sources = [
+ 'bcd.c',
+ 'boot.c',
+ 'console.c',
+ 'drivers.c',
+ 'random-seed.c',
+ 'shim.c',
+ 'xbootldr.c']
+
+stub_sources = [
+ 'cpio.c',
+ 'initrd.c',
+ 'splash.c',
+ 'stub.c']
+
+if efi_arch[1] in ['ia32', 'x86_64']
+ stub_sources += 'linux_x86.c'
+else
+ stub_sources += 'linux.c'
+endif
+
systemd_boot_objects = []
stub_objects = []
foreach file : fundamental_source_paths + common_sources + systemd_boot_sources + stub_sources

77
SOURCES/0051-meson-move-efi-summary-section-to-src-boot-efi.patch Normal file
View File

@ -0,0 +1,77 @@
From a6c93d3200c0fd0eeee3a725b428cee94108cf48 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 23 Dec 2021 13:05:01 +0100
Subject: [PATCH] meson: move efi summary() section to src/boot/efi
This way we can add the entries more naturally in the same place where
they are defined.
(cherry picked from commit 3f871f120520aa2d11218735b0741bacc0309b4d)
Related: #2017035
---
meson.build | 16 ++++------------
src/boot/efi/meson.build | 9 +++++++++
2 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/meson.build b/meson.build
index e07875a054..f040eeab99 100644
--- a/meson.build
+++ b/meson.build
@@ -43,6 +43,10 @@ endif
skip_deps = want_ossfuzz or want_libfuzzer
fuzzer_build = want_ossfuzz or want_libfuzzer
+# Create a title-less summary section early, so it ends up first in the output.
+# More items are added later after they have been detected.
+summary({'build mode' : get_option('mode')})
+
#####################################################################
# Try to install the git pre-commit hook
@@ -3902,7 +3906,6 @@ alt_time_epoch = run_command('date', '-Is', '-u', '-d', '@@0@'.format(time_epoch
check : true).stdout().strip()
summary({
- 'build mode' : get_option('mode'),
'split /usr' : split_usr,
'split bin-sbin' : split_bin,
'prefix directory' : prefixdir,
@@ -3960,17 +3963,6 @@ summary({
# CPPFLAGS: ${OUR_CPPFLAGS} ${CPPFLAGS}
# LDFLAGS: ${OUR_LDFLAGS} ${LDFLAGS}
-if conf.get('ENABLE_EFI') == 1 and conf.get('HAVE_GNU_EFI') == 1
- summary({
- 'EFI machine type' : efi_arch[0],
- 'EFI CC' : '@0@'.format(' '.join(efi_cc)),
- 'EFI LD' : efi_ld,
- 'EFI lds' : efi_lds,
- 'EFI crt0' : efi_crt0,
- 'EFI include directory' : efi_incdir},
- section : 'Extensible Firmware Interface')
-endif
-
found = []
missing = []
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 1125c64ea3..dd318079fc 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -279,6 +279,15 @@ if efi_cc_version.contains('clang') and efi_cc_version.split('.')[0].split(' ')[
efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument']
endif
+summary({
+ 'EFI machine type' : efi_arch[0],
+ 'EFI CC' : '@0@'.format(' '.join(efi_cc)),
+ 'EFI LD' : efi_ld,
+ 'EFI lds' : efi_lds,
+ 'EFI crt0' : efi_crt0,
+ 'EFI include directory' : efi_incdir},
+ section : 'Extensible Firmware Interface')
+
############################################################
efi_headers = files(

53
SOURCES/0052-meson-report-SBAT-settings.patch Normal file
View File

@ -0,0 +1,53 @@
From 340f8e02cf4db0e6b3733bfcc14630b3ce8181a5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 23 Dec 2021 13:19:42 +0100
Subject: [PATCH] meson: report SBAT settings
(cherry picked from commit e4e44a0107645891e82a538100a7590eb59a516c)
Related: #2017035
---
src/boot/efi/meson.build | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index dd318079fc..e628068596 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -130,7 +130,6 @@ elif get_option('sbat-distro') != ''
if (value == '' or value == 'auto') and not meson.is_cross_build()
cmd = 'if [ -e /etc/os-release ]; then . /etc/os-release; else . /usr/lib/os-release; fi; echo $@0@'.format(sbatvar[1])
value = run_command(sh, '-c', cmd).stdout().strip()
- message('@0@ (from @1@): @2@'.format(sbatvar[0], sbatvar[1], value))
endif
if value == ''
error('Required @0@ option not set and autodetection failed'.format(sbatvar[0]))
@@ -147,8 +146,11 @@ elif get_option('sbat-distro') != ''
pkgver = get_option('sbat-distro-version')
if pkgver == ''
efi_conf.set('SBAT_DISTRO_VERSION', 'GIT_VERSION')
+ # This is determined during build, not configuration, so we can't display it yet.
+ sbat_distro_version_display = '(git version)'
else
efi_conf.set_quoted('SBAT_DISTRO_VERSION', pkgver)
+ sbat_distro_version_display = pkgver
endif
endif
@@ -288,6 +290,16 @@ summary({
'EFI include directory' : efi_incdir},
section : 'Extensible Firmware Interface')
+if efi_conf.get('SBAT_DISTRO', '') != ''
+ summary({
+ 'SBAT distro': efi_conf.get('SBAT_DISTRO'),
+ 'SBAT distro generation': efi_conf.get('SBAT_DISTRO_GENERATION'),
+ 'SBAT distro version': sbat_distro_version_display,
+ 'SBAT distro summary': efi_conf.get('SBAT_DISTRO_SUMMARY'),
+ 'SBAT distro URL': efi_conf.get('SBAT_DISTRO_URL')},
+ section : 'Extensible Firmware Interface')
+endif
+
############################################################
efi_headers = files(

79
SOURCES/0053-boot-Build-BCD-parser-only-on-arches-supported-by-Wi.patch Normal file
View File

@ -0,0 +1,79 @@
From 2d3b47dcd5a4b356c481f89c483db3eb308fcab9 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Tue, 28 Dec 2021 13:10:39 +0100
Subject: [PATCH] boot: Build BCD parser only on arches supported by Windows
(cherry picked from commit 77fcf28cb88b302453b4c991a6571cb37f10634d)
Related: #2017035
---
src/boot/efi/boot.c | 2 ++
src/boot/efi/meson.build | 21 ++++++++++++---------
2 files changed, 14 insertions(+), 9 deletions(-)
diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c
index 0286914b8b..83358406f2 100644
--- a/src/boot/efi/boot.c
+++ b/src/boot/efi/boot.c
@@ -1941,6 +1941,7 @@ static void config_entry_add_osx(Config *config) {
}
static void config_entry_add_windows(Config *config, EFI_HANDLE *device, EFI_FILE *root_dir) {
+#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
_cleanup_freepool_ CHAR8 *bcd = NULL;
CHAR16 *title = NULL;
EFI_STATUS err;
@@ -1961,6 +1962,7 @@ static void config_entry_add_windows(Config *config, EFI_HANDLE *device, EFI_FIL
config_entry_add_loader_auto(config, device, root_dir, NULL,
L"auto-windows", 'w', title ?: L"Windows Boot Manager",
L"\\EFI\\Microsoft\\Boot\\bootmgfw.efi");
+#endif
}
static void config_entry_add_linux(
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index e628068596..6a0c8da9ba 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -331,7 +331,6 @@ common_sources = [
'util.c']
systemd_boot_sources = [
- 'bcd.c',
'boot.c',
'console.c',
'drivers.c',
@@ -351,6 +350,18 @@ else
stub_sources += 'linux.c'
endif
+# BCD parser only makes sense on arches that Windows supports.
+if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
+ systemd_boot_sources += 'bcd.c'
+ tests += [
+ [['src/boot/efi/test-bcd.c'],
+ [],
+ [libzstd],
+ [],
+ 'HAVE_ZSTD'],
+ ]
+endif
+
systemd_boot_objects = []
stub_objects = []
foreach file : fundamental_source_paths + common_sources + systemd_boot_sources + stub_sources
@@ -408,14 +419,6 @@ endforeach
############################################################
-tests += [
- [['src/boot/efi/test-bcd.c'],
- [],
- [libzstd],
- [],
- 'HAVE_ZSTD'],
-]
-
test_efi_disk_img = custom_target(
'test-efi-disk.img',
input : [efi_stubs[0][0], efi_stubs[1][1]],

96
SOURCES/0054-meson-Remove-efi-cc-option.patch Normal file
View File

@ -0,0 +1,96 @@
From 38afe3074812ab355bc20a36d41871f1b4f4386b Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Wed, 29 Dec 2021 15:02:04 +0100
Subject: [PATCH] meson: Remove efi-cc option
Changing the efi compiler this way doesn't really work. The gnu-efi
header checks as well as supported compiler flag checks use the
regular cc that meson detects. Changing the compiler this way will
end up with bad compiler flags. For the very same reason, this does
not work with a cross-compiler without going through proper meson
cross-compilation steps either.
The proper way to build systemd-boot with a different compiler is to
use a different build folder and then just use the proper ninja build
target to only build the bootloader/stub.
(cherry picked from commit 52adf0e91ef00d21a2e83f7669d0823667ce6b6c)
Related: #2017035
---
meson_options.txt | 2 --
src/boot/efi/meson.build | 14 ++++----------
2 files changed, 4 insertions(+), 12 deletions(-)
diff --git a/meson_options.txt b/meson_options.txt
index 401f0933d7..62cdeb4201 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -414,8 +414,6 @@ option('dbus', type : 'combo', choices : ['auto', 'true', 'false'],
option('gnu-efi', type : 'combo', choices : ['auto', 'true', 'false'],
description : 'gnu-efi support for sd-boot')
-option('efi-cc', type : 'array',
- description : 'the compiler to use for EFI modules')
# Note that LLD does not support PE/COFF relocations
# https://lists.llvm.org/pipermail/llvm-dev/2021-March/149234.html
option('efi-ld', type : 'combo', choices : ['auto', 'bfd', 'gold'],
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 6a0c8da9ba..11e6bf2dd0 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -44,10 +44,6 @@ if not cc.has_header_symbol('efi.h', 'EFI_IMAGE_MACHINE_X64',
endif
objcopy = find_program('objcopy')
-efi_cc = get_option('efi-cc')
-if efi_cc.length() == 0
- efi_cc = cc.cmd_array()
-endif
efi_ld = get_option('efi-ld')
if efi_ld == 'auto'
@@ -62,7 +58,7 @@ efi_libdir = ''
foreach dir : [get_option('efi-libdir'),
'/usr/lib/gnuefi' / efi_arch[0],
run_command('realpath', '-e',
- '/usr/lib' / run_command(efi_cc, '-print-multi-os-directory').stdout().strip()).stdout().strip()]
+ '/usr/lib' / run_command(cc.cmd_array(), '-print-multi-os-directory').stdout().strip()).stdout().strip()]
if dir != '' and fs.is_dir(dir)
efi_libdir = dir
break
@@ -275,15 +271,13 @@ if run_command('grep', '-q', '__CTOR_LIST__', efi_lds).returncode() == 0
]
endif
-efi_cc_version = run_command(efi_cc, '--version').stdout().split('\n')[0]
-if efi_cc_version.contains('clang') and efi_cc_version.split('.')[0].split(' ')[-1].to_int() <= 10
+if cc.get_id() == 'clang' and cc.version().split('.')[0].to_int() <= 10
# clang <= 10 doesn't pass -T to the linker and then even complains about it being unused
efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument']
endif
summary({
'EFI machine type' : efi_arch[0],
- 'EFI CC' : '@0@'.format(' '.join(efi_cc)),
'EFI LD' : efi_ld,
'EFI lds' : efi_lds,
'EFI crt0' : efi_crt0,
@@ -368,7 +362,7 @@ foreach file : fundamental_source_paths + common_sources + systemd_boot_sources
o_file = custom_target(file.split('/')[-1] + '.o',
input : file,
output : file.split('/')[-1] + '.o',
- command : [efi_cc, '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags],
+ command : [cc.cmd_array(), '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags],
depend_files : efi_headers + fundamental_headers)
if (fundamental_source_paths + common_sources + systemd_boot_sources).contains(file)
systemd_boot_objects += o_file
@@ -389,7 +383,7 @@ foreach tuple : [['systemd_boot.so', systemd_boot_efi_name, systemd_boot_objects
tuple[0],
input : tuple[2],
output : tuple[0],
- command : [efi_cc, '-o', '@OUTPUT@', efi_ldflags, efi_cflags, tuple[2], '-lefi', '-lgnuefi', '-lgcc'],
+ command : [cc.cmd_array(), '-o', '@OUTPUT@', efi_ldflags, efi_cflags, tuple[2], '-lefi', '-lgnuefi', '-lgcc'],
install : tuple[3],
install_dir : bootlibdir)

25
SOURCES/0055-meson-Get-objcopy-location-from-compiler.patch Normal file
View File

@ -0,0 +1,25 @@
From b077524848816638fc7d0cf3e65c062da095626f Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Wed, 29 Dec 2021 15:13:35 +0100
Subject: [PATCH] meson: Get objcopy location from compiler
(cherry picked from commit 2f2b07226751827303a88f3a301f2d834f3fb97b)
Related: #2017035
---
src/boot/efi/meson.build | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 11e6bf2dd0..144fbb0f43 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -43,7 +43,7 @@ if not cc.has_header_symbol('efi.h', 'EFI_IMAGE_MACHINE_X64',
subdir_done()
endif
-objcopy = find_program('objcopy')
+objcopy = run_command(cc.cmd_array(), '-print-prog-name=objcopy', check: true).stdout().strip()
efi_ld = get_option('efi-ld')
if efi_ld == 'auto'

123
SOURCES/0056-meson-Use-files-for-source-lists-for-boot-and-fundam.patch Normal file
View File

@ -0,0 +1,123 @@
From 3088f292855f4a525271906a5652985f01c5d7b2 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Fri, 7 Jan 2022 21:55:50 +0100
Subject: [PATCH] meson: Use files() for source lists for boot and fundamental
This fixes build reproducibility as otherwise the full path
of the source files ends up in the output binary.
(cherry picked from commit b3c5a7074cd434bc02c4b560afe933d3df24759e)
Related: #2017035
---
src/boot/efi/meson.build | 29 +++++++++++++++++------------
src/fundamental/meson.build | 22 +++++++++-------------
2 files changed, 26 insertions(+), 25 deletions(-)
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 144fbb0f43..4cc43dc00c 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -312,9 +312,10 @@ efi_headers = files(
'shim.h',
'splash.h',
'util.h',
- 'xbootldr.h')
+ 'xbootldr.h',
+)
-common_sources = [
+common_sources = files(
'assert.c',
'devicetree.c',
'disk.c',
@@ -322,31 +323,34 @@ common_sources = [
'measure.c',
'pe.c',
'secure-boot.c',
- 'util.c']
+ 'util.c',
+)
-systemd_boot_sources = [
+systemd_boot_sources = files(
'boot.c',
'console.c',
'drivers.c',
'random-seed.c',
'shim.c',
- 'xbootldr.c']
+ 'xbootldr.c',
+)
-stub_sources = [
+stub_sources = files(
'cpio.c',
'initrd.c',
'splash.c',
- 'stub.c']
+ 'stub.c',
+)
if efi_arch[1] in ['ia32', 'x86_64']
- stub_sources += 'linux_x86.c'
+ stub_sources += files('linux_x86.c')
else
- stub_sources += 'linux.c'
+ stub_sources += files('linux.c')
endif
# BCD parser only makes sense on arches that Windows supports.
if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
- systemd_boot_sources += 'bcd.c'
+ systemd_boot_sources += files('bcd.c')
tests += [
[['src/boot/efi/test-bcd.c'],
[],
@@ -359,9 +363,10 @@ endif
systemd_boot_objects = []
stub_objects = []
foreach file : fundamental_source_paths + common_sources + systemd_boot_sources + stub_sources
- o_file = custom_target(file.split('/')[-1] + '.o',
+ # FIXME: replace ''.format(file) with fs.name(file) when meson_version requirement is >= 0.59.0
+ o_file = custom_target('@0@.o'.format(file).split('/')[-1],
input : file,
- output : file.split('/')[-1] + '.o',
+ output : '@0@.o'.format(file).split('/')[-1],
command : [cc.cmd_array(), '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags],
depend_files : efi_headers + fundamental_headers)
if (fundamental_source_paths + common_sources + systemd_boot_sources).contains(file)
diff --git a/src/fundamental/meson.build b/src/fundamental/meson.build
index 287f0fe36a..f927788c3a 100644
--- a/src/fundamental/meson.build
+++ b/src/fundamental/meson.build
@@ -8,20 +8,16 @@ fundamental_headers = files(
'macro-fundamental.h',
'sha256.h',
'string-util-fundamental.h',
- 'types-fundamental.h')
-
-sources = '''
- bootspec-fundamental.c
- efivars-fundamental.c
- string-util-fundamental.c
- sha256.c
-'''.split()
+ 'types-fundamental.h',
+)
# for sd-boot
-fundamental_source_paths = []
-foreach source : sources
- fundamental_source_paths += meson.current_source_dir() / source
-endforeach
+fundamental_source_paths = files(
+ 'bootspec-fundamental.c',
+ 'efivars-fundamental.c',
+ 'sha256.c',
+ 'string-util-fundamental.c',
+)
# for libbasic
-fundamental_sources = files(sources) + fundamental_headers
+fundamental_sources = fundamental_source_paths + fundamental_headers

1483
SOURCES/0057-meson-Use-files-for-tests.patch Normal file
View File

File diff suppressed because it is too large Load Diff

95
SOURCES/0058-tests-add-fuzz-bcd.patch Normal file
View File

@ -0,0 +1,95 @@
From f06002981d2bd2a582d2252f7d509205bcc2a9ed Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Sun, 26 Dec 2021 23:26:56 +0000
Subject: [PATCH] tests: add fuzz-bcd
(cherry picked from commit 4b65fc8725fa169bf870eb022d7b346796977c21)
Related: #2017035
---
src/boot/efi/fuzz-bcd.c | 26 ++++++++++++++++++++++++++
src/boot/efi/meson.build | 3 +++
tools/oss-fuzz.sh | 16 ++++++++++++++++
3 files changed, 45 insertions(+)
create mode 100644 src/boot/efi/fuzz-bcd.c
diff --git a/src/boot/efi/fuzz-bcd.c b/src/boot/efi/fuzz-bcd.c
new file mode 100644
index 0000000000..e5ed6638a4
--- /dev/null
+++ b/src/boot/efi/fuzz-bcd.c
@@ -0,0 +1,26 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "alloc-util.h"
+#include "fd-util.h"
+#include "fuzz.h"
+#include "utf8.h"
+
+#include "bcd.c"
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
+ _cleanup_free_ void *p = NULL;
+
+ /* This limit was borrowed from src/boot/efi/boot.c */
+ if (size > 100*1024)
+ return 0;
+
+ if (!getenv("SYSTEMD_LOG_LEVEL"))
+ log_set_max_level(LOG_CRIT);
+
+ p = memdup(data, size);
+ assert_se(p);
+
+ char16_t *title = get_bcd_title(p, size);
+ assert_se(!title || char16_strlen(title) >= 0);
+ return 0;
+}
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 16b34f0ac2..229771026d 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -358,6 +358,9 @@ if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
[],
'HAVE_ZSTD'],
]
+ fuzzers += [
+ [['src/boot/efi/fuzz-bcd.c']],
+ ]
endif
systemd_boot_objects = []
diff --git a/tools/oss-fuzz.sh b/tools/oss-fuzz.sh
index 8a19da665e..ae57fc25d5 100755
--- a/tools/oss-fuzz.sh
+++ b/tools/oss-fuzz.sh
@@ -36,6 +36,13 @@ else
apt-get install -y gperf m4 gettext python3-pip \
libcap-dev libmount-dev libkmod-dev \
pkg-config wget python3-jinja2
+
+ # gnu-efi is installed here to enable -Dgnu-efi behind which fuzz-bcd
+ # is hidden. It isn't linked against efi. It doesn't
+ # even include "efi.h" because "bcd.c" can work in "unit test" mode
+ # where it isn't necessary.
+ apt-get install -y gnu-efi zstd
+
pip3 install -r .github/workflows/requirements.txt --require-hashes
# https://github.com/google/oss-fuzz/issues/6868
@@ -56,6 +63,15 @@ fi
ninja -v -C "$build" fuzzers
+# Compressed BCD files are kept in test/test-bcd so let's unpack them
+# and put them all in the seed corpus.
+bcd=$(mktemp -d)
+for i in test/test-bcd/*.zst; do
+ unzstd "$i" -o "$bcd/$(basename "${i%.zst}")";
+done
+zip -jqr "$OUT/fuzz-bcd_seed_corpus.zip" "$bcd"
+rm -rf "$bcd"
+
# The seed corpus is a separate flat archive for each fuzzer,
# with a fixed name ${fuzzer}_seed_corpus.zip.
for d in "$(dirname "$0")/../test/fuzz/fuzz-"*; do

335
SOURCES/0059-meson-Use-files-for-fuzzers.patch Normal file
View File

@ -0,0 +1,335 @@
From a21bc03df9504c7a9b0c8e0e894d94f226a7a038 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Tue, 11 Jan 2022 10:47:01 +0100
Subject: [PATCH] meson: Use files() for fuzzers
Not having to provide the full path in the source tree is much
nicer and the produced lists can also be used anywhere in the source
tree.
(cherry picked from commit bbec46c817951225f1e535d3df95b82a114e502a)
Related: #2017035
---
meson.build | 3 ++-
src/boot/efi/meson.build | 2 +-
src/core/meson.build | 2 +-
src/fuzz/meson.build | 20 ++++++++++----------
src/journal-remote/meson.build | 2 +-
src/journal/meson.build | 24 ++++++++++++------------
src/libsystemd-network/meson.build | 8 ++++----
src/libsystemd/meson.build | 4 ++--
src/network/meson.build | 4 ++--
src/nspawn/meson.build | 4 ++--
src/resolve/meson.build | 2 +-
src/systemctl/meson.build | 7 ++++---
src/udev/meson.build | 11 +++++------
src/xdg-autostart-generator/meson.build | 6 +++---
14 files changed, 50 insertions(+), 49 deletions(-)
diff --git a/meson.build b/meson.build
index 35ba29aecf..fdf02b8110 100644
--- a/meson.build
+++ b/meson.build
@@ -3677,7 +3677,8 @@ foreach tuple : fuzzers
sources += 'src/fuzz/fuzz-main.c'
endif
- name = sources[0].split('/')[-1].split('.')[0]
+ # FIXME: Use fs.stem() with meson >= 0.54.0
+ name = '@0@'.format(sources[0]).split('/')[-1].split('.')[0]
exe = executable(
name,
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 229771026d..3e948281f2 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -359,7 +359,7 @@ if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
'HAVE_ZSTD'],
]
fuzzers += [
- [['src/boot/efi/fuzz-bcd.c']],
+ [files('fuzz-bcd.c')],
]
endif
diff --git a/src/core/meson.build b/src/core/meson.build
index d229d46779..97ac431763 100644
--- a/src/core/meson.build
+++ b/src/core/meson.build
@@ -228,7 +228,7 @@ endif
############################################################
fuzzers += [
- [['src/core/fuzz-unit-file.c'],
+ [files('fuzz-unit-file.c'),
[libcore,
libshared],
[libmount]],
diff --git a/src/fuzz/meson.build b/src/fuzz/meson.build
index 1ed1dd8251..d987f32b08 100644
--- a/src/fuzz/meson.build
+++ b/src/fuzz/meson.build
@@ -1,23 +1,23 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
fuzzers += [
- [['src/fuzz/fuzz-catalog.c']],
+ [files('fuzz-catalog.c')],
- [['src/fuzz/fuzz-json.c']],
+ [files('fuzz-json.c')],
- [['src/fuzz/fuzz-varlink.c']],
+ [files('fuzz-varlink.c')],
- [['src/fuzz/fuzz-udev-database.c']],
+ [files('fuzz-udev-database.c')],
- [['src/fuzz/fuzz-compress.c']],
+ [files('fuzz-compress.c')],
- [['src/fuzz/fuzz-bus-label.c']],
+ [files('fuzz-bus-label.c')],
- [['src/fuzz/fuzz-env-file.c']],
+ [files('fuzz-env-file.c')],
- [['src/fuzz/fuzz-hostname-setup.c']],
+ [files('fuzz-hostname-setup.c')],
- [['src/fuzz/fuzz-calendarspec.c']],
+ [files('fuzz-calendarspec.c')],
- [['src/fuzz/fuzz-time-util.c']],
+ [files('fuzz-time-util.c')],
]
diff --git a/src/journal-remote/meson.build b/src/journal-remote/meson.build
index 168d0ed6a3..1f3e0878ae 100644
--- a/src/journal-remote/meson.build
+++ b/src/journal-remote/meson.build
@@ -76,7 +76,7 @@ endif
############################################################
fuzzers += [
- [['src/journal-remote/fuzz-journal-remote.c'],
+ [files('fuzz-journal-remote.c'),
[libsystemd_journal_remote,
libshared],
[],
diff --git a/src/journal/meson.build b/src/journal/meson.build
index b9a63d5e2f..21c4d2561c 100644
--- a/src/journal/meson.build
+++ b/src/journal/meson.build
@@ -116,38 +116,38 @@ tests += [
]
fuzzers += [
- [['src/journal/fuzz-journald-audit.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-audit.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
- [['src/journal/fuzz-journald-kmsg.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-kmsg.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
- [['src/journal/fuzz-journald-native.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-native.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
- [['src/journal/fuzz-journald-native-fd.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-native-fd.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
- [['src/journal/fuzz-journald-stream.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-stream.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
- [['src/journal/fuzz-journald-syslog.c',
- 'src/journal/fuzz-journald.c'],
+ [files('fuzz-journald-syslog.c',
+ 'fuzz-journald.c'),
[libjournal_core,
libshared],
[libselinux]],
diff --git a/src/libsystemd-network/meson.build b/src/libsystemd-network/meson.build
index 3923df48ea..6be409d8ad 100644
--- a/src/libsystemd-network/meson.build
+++ b/src/libsystemd-network/meson.build
@@ -105,19 +105,19 @@ tests += [
]
fuzzers += [
- [['src/libsystemd-network/fuzz-dhcp6-client.c'],
+ [files('fuzz-dhcp6-client.c'),
[libshared,
libsystemd_network]],
- [['src/libsystemd-network/fuzz-dhcp-server.c'],
+ [files('fuzz-dhcp-server.c'),
[libsystemd_network,
libshared]],
- [['src/libsystemd-network/fuzz-lldp-rx.c'],
+ [files('fuzz-lldp-rx.c'),
[libshared,
libsystemd_network]],
- [['src/libsystemd-network/fuzz-ndisc-rs.c'],
+ [files('fuzz-ndisc-rs.c'),
[libshared,
libsystemd_network]],
]
diff --git a/src/libsystemd/meson.build b/src/libsystemd/meson.build
index 42746e560f..2e5255d479 100644
--- a/src/libsystemd/meson.build
+++ b/src/libsystemd/meson.build
@@ -316,7 +316,7 @@ endif
############################################################
fuzzers += [
- [['src/libsystemd/sd-bus/fuzz-bus-message.c']],
+ [files('sd-bus/fuzz-bus-message.c')],
- [['src/libsystemd/sd-bus/fuzz-bus-match.c']],
+ [files('sd-bus/fuzz-bus-match.c')],
]
diff --git a/src/network/meson.build b/src/network/meson.build
index a598701e4f..23743233fa 100644
--- a/src/network/meson.build
+++ b/src/network/meson.build
@@ -261,14 +261,14 @@ if conf.get('ENABLE_NETWORKD') == 1
endif
fuzzers += [
- [['src/network/fuzz-netdev-parser.c'],
+ [files('fuzz-netdev-parser.c'),
[libnetworkd_core,
libsystemd_network,
networkd_link_with],
[threads],
network_includes],
- [['src/network/fuzz-network-parser.c'],
+ [files('fuzz-network-parser.c'),
[libnetworkd_core,
libsystemd_network,
networkd_link_with],
diff --git a/src/nspawn/meson.build b/src/nspawn/meson.build
index 3c1a9c6182..2934672e9a 100644
--- a/src/nspawn/meson.build
+++ b/src/nspawn/meson.build
@@ -66,12 +66,12 @@ tests += [
]
fuzzers += [
- [['src/nspawn/fuzz-nspawn-settings.c'],
+ [files('fuzz-nspawn-settings.c'),
[libshared,
libnspawn_core],
[libseccomp]],
- [['src/nspawn/fuzz-nspawn-oci.c'],
+ [files('fuzz-nspawn-oci.c'),
[libshared,
libnspawn_core],
[libseccomp]],
diff --git a/src/resolve/meson.build b/src/resolve/meson.build
index 4de50c3d8e..1fee993d0a 100644
--- a/src/resolve/meson.build
+++ b/src/resolve/meson.build
@@ -216,7 +216,7 @@ tests += [
]
fuzzers += [
- [['src/resolve/fuzz-dns-packet.c'],
+ [files('fuzz-dns-packet.c'),
[libsystemd_resolve_core,
libshared],
[lib_openssl_or_gcrypt,
diff --git a/src/systemctl/meson.build b/src/systemctl/meson.build
index 38bf33d49a..f0d405bb58 100644
--- a/src/systemctl/meson.build
+++ b/src/systemctl/meson.build
@@ -83,7 +83,8 @@ else
endif
fuzzers += [
- [['src/systemctl/fuzz-systemctl-parse-argv.c',
- systemctl_sources],
+ [files('fuzz-systemctl-parse-argv.c') +
+ systemctl_sources,
systemctl_link_with,
- [], [], ['-DFUZZ_SYSTEMCTL_PARSE_ARGV']]]
+ [], [], ['-DFUZZ_SYSTEMCTL_PARSE_ARGV']]
+]
diff --git a/src/udev/meson.build b/src/udev/meson.build
index 57fbf8c8fc..9fd0bcdd0e 100644
--- a/src/udev/meson.build
+++ b/src/udev/meson.build
@@ -174,24 +174,23 @@ if install_sysconfdir
endif
fuzzers += [
- [['src/udev/net/fuzz-link-parser.c',
- 'src/fuzz/fuzz.h'],
+ [files('net/fuzz-link-parser.c'),
[libudevd_core,
libshared],
[threads,
libacl],
udev_includes],
- [['src/udev/fuzz-udev-rules.c'],
+ [files('fuzz-udev-rules.c'),
[libudevd_core,
libshared],
[threads,
libacl]],
- [['src/udev/fuzz-udev-rule-parse-value.c']],
+ [files('fuzz-udev-rule-parse-value.c')],
- [['src/udev/fido_id/fuzz-fido-id-desc.c',
- 'src/udev/fido_id/fido_id_desc.c']],
+ [files('fido_id/fuzz-fido-id-desc.c',
+ 'fido_id/fido_id_desc.c')],
]
tests += [
diff --git a/src/xdg-autostart-generator/meson.build b/src/xdg-autostart-generator/meson.build
index 6418f57c40..cdce66b6fc 100644
--- a/src/xdg-autostart-generator/meson.build
+++ b/src/xdg-autostart-generator/meson.build
@@ -12,7 +12,7 @@ tests += [
]
fuzzers += [
- [['src/xdg-autostart-generator/fuzz-xdg-desktop.c',
- 'src/xdg-autostart-generator/xdg-autostart-service.c',
- 'src/xdg-autostart-generator/xdg-autostart-service.h']],
+ [files('fuzz-xdg-desktop.c',
+ 'xdg-autostart-service.c',
+ 'xdg-autostart-service.h')],
]

137
SOURCES/0060-meson-Add-check-argument-to-remaining-run_command-ca.patch Normal file
View File

@ -0,0 +1,137 @@
From 5a35f08026cad007f460170fe6a3e43bd51f60f9 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Tue, 11 Jan 2022 10:56:22 +0100
Subject: [PATCH] meson: Add check argument to remaining run_command() calls
(cherry picked from commit 68a06b3cdfe35ff08092e139033edb4a5189a439)
Related: #2017035
---
man/meson.build | 2 +-
src/basic/meson.build | 2 +-
src/boot/efi/meson.build | 11 +++++++----
src/test/meson.build | 2 +-
test/fuzz/meson.build | 7 ++++---
test/meson.build | 8 +++++---
6 files changed, 19 insertions(+), 13 deletions(-)
diff --git a/man/meson.build b/man/meson.build
index a06a601767..710b4ca008 100644
--- a/man/meson.build
+++ b/man/meson.build
@@ -105,7 +105,7 @@ endforeach
############################################################
-have_lxml = run_command(xml_helper_py).returncode() == 0
+have_lxml = run_command(xml_helper_py, check: false).returncode() == 0
if not have_lxml
message('python-lxml not available, not making man page indices')
endif
diff --git a/src/basic/meson.build b/src/basic/meson.build
index 229ac97c69..5a9e13d741 100644
--- a/src/basic/meson.build
+++ b/src/basic/meson.build
@@ -384,7 +384,7 @@ filesystem_includes = ['linux/magic.h',
'linux/gfs2_ondisk.h']
check_filesystems = find_program('check-filesystems.sh')
-r = run_command([check_filesystems, cpp, 'filesystems-gperf.gperf'] + filesystem_includes)
+r = run_command([check_filesystems, cpp, 'filesystems-gperf.gperf'] + filesystem_includes, check: false)
if r.returncode() != 0
error('found unknown filesystem(s) defined in kernel headers:\n\n' + r.stdout())
r.stdout()
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 3e948281f2..fad92f09a1 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -57,8 +57,11 @@ endif
efi_libdir = ''
foreach dir : [get_option('efi-libdir'),
'/usr/lib/gnuefi' / efi_arch[0],
- run_command('realpath', '-e',
- '/usr/lib' / run_command(cc.cmd_array(), '-print-multi-os-directory').stdout().strip()).stdout().strip()]
+ run_command(
+ 'realpath', '-e',
+ '/usr/lib' / run_command(cc.cmd_array(), '-print-multi-os-directory', check: false).stdout().strip(),
+ check: false
+ ).stdout().strip()]
if dir != '' and fs.is_dir(dir)
efi_libdir = dir
break
@@ -125,7 +128,7 @@ elif get_option('sbat-distro') != ''
value = get_option(sbatvar[0])
if (value == '' or value == 'auto') and not meson.is_cross_build()
cmd = 'if [ -e /etc/os-release ]; then . /etc/os-release; else . /usr/lib/os-release; fi; echo $@0@'.format(sbatvar[1])
- value = run_command(sh, '-c', cmd).stdout().strip()
+ value = run_command(sh, '-c', cmd, check: true).stdout().strip()
endif
if value == ''
error('Required @0@ option not set and autodetection failed'.format(sbatvar[0]))
@@ -254,7 +257,7 @@ if efi_arch[1] == 'arm'
efi_ldflags += ['-Wl,--no-warn-mismatch']
endif
-if run_command('grep', '-q', '__CTOR_LIST__', efi_lds).returncode() == 0
+if run_command('grep', '-q', '__CTOR_LIST__', efi_lds, check: false).returncode() == 0
# fedora has a patched gnu-efi that adds support for ELF constructors.
# If ld is called by gcc something about these symbols breaks, resulting
# in sd-boot freezing when gnu-efi runs the constructors. Force defining
diff --git a/src/test/meson.build b/src/test/meson.build
index 9e224d69ce..75f78e2e1a 100644
--- a/src/test/meson.build
+++ b/src/test/meson.build
@@ -11,7 +11,7 @@ test_hashmap_ordered_c = custom_target(
test_include_dir = include_directories('.')
-path = run_command(sh, '-c', 'echo "$PATH"').stdout().strip()
+path = run_command(sh, '-c', 'echo "$PATH"', check: true).stdout().strip()
test_env = environment()
test_env.set('SYSTEMD_LANGUAGE_FALLBACK_MAP', language_fallback_map)
test_env.set('PATH', project_build_root + ':' + path)
diff --git a/test/fuzz/meson.build b/test/fuzz/meson.build
index 30e26b09cf..b4766de3eb 100644
--- a/test/fuzz/meson.build
+++ b/test/fuzz/meson.build
@@ -13,12 +13,13 @@ sanitize_address_undefined = custom_target(
sanitizers = [['address,undefined', sanitize_address_undefined]]
-if git.found()
+if git.found() and fs.exists(project_source_root / '.git')
out = run_command(env, '-u', 'GIT_WORK_TREE',
git, '--git-dir=@0@/.git'.format(project_source_root),
- 'ls-files', ':/test/fuzz/*/*')
+ 'ls-files', ':/test/fuzz/*/*',
+ check: true)
else
- out = run_command(sh, '-c', 'ls @0@/test/fuzz/*/*'.format(project_source_root))
+ out = run_command(sh, '-c', 'ls @0@/test/fuzz/*/*'.format(project_source_root), check: true)
endif
fuzz_regression_tests = []
diff --git a/test/meson.build b/test/meson.build
index 04ae9ebc78..baf94703ea 100644
--- a/test/meson.build
+++ b/test/meson.build
@@ -182,14 +182,16 @@ endif
if want_tests != 'false' and dmi_arches.contains(host_machine.cpu_family())
udev_dmi_memory_id_test = find_program('udev-dmi-memory-id-test.sh')
- if git.found()
+ if git.found() and fs.exists(project_source_root / '.git')
out = run_command(
env, '-u', 'GIT_WORK_TREE',
git, '--git-dir=@0@/.git'.format(project_source_root),
- 'ls-files', ':/test/dmidecode-dumps/*.bin')
+ 'ls-files', ':/test/dmidecode-dumps/*.bin',
+ check: true)
else
out = run_command(
- sh, '-c', 'ls @0@/test/dmidecode-dumps/*.bin'.format(project_source_root))
+ sh, '-c', 'ls @0@/test/dmidecode-dumps/*.bin'.format(project_source_root),
+ check: true)
endif
foreach p : out.stdout().split()

43
SOURCES/0061-meson-Use-echo-to-list-files.patch Normal file
View File

@ -0,0 +1,43 @@
From 5de4b00e4150080e68064fa1de003039a0901468 Mon Sep 17 00:00:00 2001
From: Jan Janssen <medhefgo@web.de>
Date: Tue, 11 Jan 2022 11:27:27 +0100
Subject: [PATCH] meson: Use echo to list files
No need to invoke ls when we are just interested in file names.
Also, the cd to source root makes the output identical to
"git ls-files" (relative instead of absolute paths).
(cherry picked from commit 3a469802f4d7b0a59fe1644cb53d34aee4e56bab)
Related: #2017035
---
test/fuzz/meson.build | 2 +-
test/meson.build | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/test/fuzz/meson.build b/test/fuzz/meson.build
index b4766de3eb..39730a615c 100644
--- a/test/fuzz/meson.build
+++ b/test/fuzz/meson.build
@@ -19,7 +19,7 @@ if git.found() and fs.exists(project_source_root / '.git')
'ls-files', ':/test/fuzz/*/*',
check: true)
else
- out = run_command(sh, '-c', 'ls @0@/test/fuzz/*/*'.format(project_source_root), check: true)
+ out = run_command(sh, '-c', 'cd "@0@"; echo test/fuzz/*/*'.format(project_source_root), check: true)
endif
fuzz_regression_tests = []
diff --git a/test/meson.build b/test/meson.build
index baf94703ea..c5d8d6917b 100644
--- a/test/meson.build
+++ b/test/meson.build
@@ -190,7 +190,7 @@ if want_tests != 'false' and dmi_arches.contains(host_machine.cpu_family())
check: true)
else
out = run_command(
- sh, '-c', 'ls @0@/test/dmidecode-dumps/*.bin'.format(project_source_root),
+ sh, '-c', 'cd "@0@"; echo test/dmidecode-dumps/*.bin'.format(project_source_root),
check: true)
endif

63
SOURCES/0062-test-add-a-test-for-mkdir_p.patch Normal file
View File

@ -0,0 +1,63 @@
From 010c5dc6b7f18eba37f3df015b3e36b4f28bd559 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 2 Feb 2022 15:08:18 +0900
Subject: [PATCH] test: add a test for mkdir_p()
(cherry picked from commit 6f6b017b9bc69df3f3e308c36c95597002ce6e29)
Related: #2017035
---
src/test/meson.build | 2 ++
src/test/test-mkdir.c | 30 ++++++++++++++++++++++++++++++
2 files changed, 32 insertions(+)
create mode 100644 src/test/test-mkdir.c
diff --git a/src/test/meson.build b/src/test/meson.build
index 75f78e2e1a..14b7939b1f 100644
--- a/src/test/meson.build
+++ b/src/test/meson.build
@@ -193,6 +193,8 @@ tests += [
[files('test-macro.c')],
+ [files('test-mkdir.c')],
+
[files('test-json.c')],
[files('test-modhex.c')],
diff --git a/src/test/test-mkdir.c b/src/test/test-mkdir.c
new file mode 100644
index 0000000000..c715d5f096
--- /dev/null
+++ b/src/test/test-mkdir.c
@@ -0,0 +1,30 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <unistd.h>
+
+#include "mkdir.h"
+#include "path-util.h"
+#include "rm-rf.h"
+#include "tests.h"
+#include "tmpfile-util.h"
+
+TEST(mkdir_p) {
+ _cleanup_(rm_rf_physical_and_freep) char *tmp = NULL;
+ _cleanup_free_ char *p = NULL;
+
+ assert_se(mkdtemp_malloc("/tmp/test-mkdir-XXXXXX", &tmp) >= 0);
+
+ assert_se(p = path_join(tmp, "run"));
+ assert_se(mkdir_p(p, 0755) >= 0);
+
+ p = mfree(p);
+ assert_se(p = path_join(tmp, "var/run"));
+ assert_se(mkdir_parents(p, 0755) >= 0);
+ assert_se(symlink("../run", p) >= 0);
+
+ p = mfree(p);
+ assert_se(p = path_join(tmp, "var/run/hoge/foo/baz"));
+ assert_se(mkdir_p(p, 0755) >= 0);
+}
+
+DEFINE_TEST_MAIN(LOG_DEBUG);

32
SOURCES/0063-util-another-set-of-CVE-2021-4034-assert-s.patch Normal file
View File

@ -0,0 +1,32 @@
From c134e85526f160ad4392edb333caadc5e425957d Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 1 Feb 2022 12:06:21 +0100
Subject: [PATCH] util: another set of CVE-2021-4034 assert()s
It's a good idea that we validate argc/argv when we are supposed to
store them away.
(cherry picked from commit 007e03b284e8ffc0b92edb2122cd9d2d16f049ef)
Related: #2017035
---
src/basic/util.h | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/basic/util.h b/src/basic/util.h
index 94804f28e3..68ae3b51e0 100644
--- a/src/basic/util.h
+++ b/src/basic/util.h
@@ -9,6 +9,12 @@ extern int saved_argc;
extern char **saved_argv;
static inline void save_argc_argv(int argc, char **argv) {
+
+ /* Protect against CVE-2021-4034 style attacks */
+ assert_se(argc > 0);
+ assert_se(argv);
+ assert_se(argv[0]);
+
saved_argc = argc;
saved_argv = argv;
}

69
SOURCES/0064-basic-update-CIFS-magic.patch Normal file
View File

@ -0,0 +1,69 @@
From 75b23fa0a4916a228b2b66e73044378931862a49 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Sun, 30 Jan 2022 23:40:05 +0100
Subject: [PATCH] basic: update CIFS magic
Kernel commit dea2903719283c156b53741126228c4a1b40440f exposed (and
renamed) CIFS_MAGIC_NUMBER as CIFS_SUPER_MAGIC along with
SMB2_SUPER_MAGIC.
This fixes the following build fail on current Fedora Rawhide:
```
../src/basic/meson.build:389:8: ERROR: Problem encountered: found unknown filesystem(s) defined in kernel headers:
Filesystem found in kernel header but not in filesystems-gperf.gperf: CIFS_SUPER_MAGIC
Filesystem found in kernel header but not in filesystems-gperf.gperf: SMB2_SUPER_MAGIC
```
(cherry picked from commit bbe53713455be38c0a587626439fd171f28c77fc)
Related: #2017035
---
src/basic/filesystems-gperf.gperf | 4 ++--
src/basic/missing_magic.h | 11 ++++++++---
2 files changed, 10 insertions(+), 5 deletions(-)
diff --git a/src/basic/filesystems-gperf.gperf b/src/basic/filesystems-gperf.gperf
index 08c8c44510..e8c5357f91 100644
--- a/src/basic/filesystems-gperf.gperf
+++ b/src/basic/filesystems-gperf.gperf
@@ -40,7 +40,7 @@ ceph, {CEPH_SUPER_MAGIC}
cgroup2, {CGROUP2_SUPER_MAGIC}
# note that the cgroupfs magic got reassigned from cpuset
cgroup, {CGROUP_SUPER_MAGIC}
-cifs, {CIFS_MAGIC_NUMBER}
+cifs, {CIFS_SUPER_MAGIC, SMB2_SUPER_MAGIC}
coda, {CODA_SUPER_MAGIC}
configfs, {CONFIGFS_MAGIC}
cramfs, {CRAMFS_MAGIC}
@@ -109,7 +109,7 @@ selinuxfs, {SELINUX_MAGIC}
shiftfs, {SHIFTFS_MAGIC}
smackfs, {SMACK_MAGIC}
# smb3 is an alias for cifs
-smb3, {CIFS_MAGIC_NUMBER}
+smb3, {CIFS_SUPER_MAGIC}
# smbfs was removed from the kernel in 2010, the magic remains
smbfs, {SMB_SUPER_MAGIC}
sockfs, {SOCKFS_MAGIC}
diff --git a/src/basic/missing_magic.h b/src/basic/missing_magic.h
index 7d9320bb6d..c104fcfba3 100644
--- a/src/basic/missing_magic.h
+++ b/src/basic/missing_magic.h
@@ -38,9 +38,14 @@
#define XFS_SB_MAGIC 0x58465342
#endif
-/* Not exposed yet. Defined at fs/cifs/cifsglob.h */
-#ifndef CIFS_MAGIC_NUMBER
-#define CIFS_MAGIC_NUMBER 0xFF534D42
+/* dea2903719283c156b53741126228c4a1b40440f (5.17) */
+#ifndef CIFS_SUPER_MAGIC
+#define CIFS_SUPER_MAGIC 0xFF534D42
+#endif
+
+/* dea2903719283c156b53741126228c4a1b40440f (5.17) */
+#ifndef SMB2_SUPER_MAGIC
+#define SMB2_SUPER_MAGIC 0xFE534D42
#endif
/* 257f871993474e2bde6c497b54022c362cf398e1 (4.5) */

27
SOURCES/0065-shared-be-extra-paranoid-and-check-if-argc-0.patch Normal file
View File

@ -0,0 +1,27 @@
From 83845c85669084c4cd69fa8bfe60c57d36bb8713 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 28 Jan 2022 21:44:32 +0100
Subject: [PATCH] shared: be extra paranoid and check if argc > 0
and also if argv[0] is non-empty as a precaution for issues similar to
CVE-2021-4034.
(cherry picked from commit 1637e757070a61b12b26a2a4ef547330562dc77f)
Related: #2017035
---
src/shared/main-func.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/shared/main-func.h b/src/shared/main-func.h
index 05cdffeec0..09103bace9 100644
--- a/src/shared/main-func.h
+++ b/src/shared/main-func.h
@@ -15,6 +15,7 @@
#define _DEFINE_MAIN_FUNCTION(intro, impl, ret) \
int main(int argc, char *argv[]) { \
int r; \
+ assert(argc > 0 && !isempty(argv[0])); \
save_argc_argv(argc, argv); \
intro; \
r = impl; \

27
SOURCES/0066-core-check-if-argc-0-and-argv-0-is-set.patch Normal file
View File

@ -0,0 +1,27 @@
From efe174ec51b9242101868e83f12cc1186fe1b71b Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 30 Jan 2022 17:54:55 +0900
Subject: [PATCH] core: check if argc > 0 and argv[0] is set
Follow-up for 1637e757070a61b12b26a2a4ef547330562dc77f.
(cherry picked from commit cf3095ac2bbdba3db0d8f7fa7afcee8b8c136201)
Related: #2017035
---
src/core/main.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/core/main.c b/src/core/main.c
index 7ea848ebeb..f315a44a08 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -2726,6 +2726,8 @@ int main(int argc, char *argv[]) {
Manager *m = NULL;
FDSet *fds = NULL;
+ assert(argc > 0 && !isempty(argv[0]));
+
/* SysV compatibility: redirect init → telinit */
redirect_telinit(argc, argv);

43
SOURCES/0067-core-check-argc-argv-uncoditionally.patch Normal file
View File

@ -0,0 +1,43 @@
From 43622b6eed32aece624a293167a6d705c08b8d03 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Sun, 30 Jan 2022 15:49:27 +0100
Subject: [PATCH] core: check argc/argv uncoditionally
as `assert()` might be dropped with `-DNDEBUG`.
Follow-up to cf3095a and 1637e75.
(cherry picked from commit 61b9769bda465f4832080e2a7a8285d247121d70)
Related: #2017035
---
src/core/main.c | 2 +-
src/shared/main-func.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/main.c b/src/core/main.c
index f315a44a08..cb3131c12a 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -2726,7 +2726,7 @@ int main(int argc, char *argv[]) {
Manager *m = NULL;
FDSet *fds = NULL;
- assert(argc > 0 && !isempty(argv[0]));
+ assert_se(argc > 0 && !isempty(argv[0]));
/* SysV compatibility: redirect init → telinit */
redirect_telinit(argc, argv);
diff --git a/src/shared/main-func.h b/src/shared/main-func.h
index 09103bace9..81a5c1813c 100644
--- a/src/shared/main-func.h
+++ b/src/shared/main-func.h
@@ -15,7 +15,7 @@
#define _DEFINE_MAIN_FUNCTION(intro, impl, ret) \
int main(int argc, char *argv[]) { \
int r; \
- assert(argc > 0 && !isempty(argv[0])); \
+ assert_se(argc > 0 && !isempty(argv[0])); \
save_argc_argv(argc, argv); \
intro; \
r = impl; \

48
SOURCES/0068-test-temporary-workaround-for-21819.patch Normal file
View File

@ -0,0 +1,48 @@
From d924e5c3014a65e059fd414b90893d320e1784bd Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 27 Jan 2022 22:51:15 +0100
Subject: [PATCH] test: temporary workaround for #21819
Since the TEST-64-UDEV-STORAGE fails are quite frequent now and the root
cause is yet to be discovered, let's add a kludge that attempts to retry
the test up to two more times in case it fails, so we don't
unnecessarily disturb CIs while the issue is being investigated.
Revert this commit once #21819 is sorted out.
(cherry picked from commit 95e35511bbdb7810c00c2e4a6cbda5b187192f74)
Related: #2017035
---
test/TEST-64-UDEV-STORAGE/test.sh | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/test/TEST-64-UDEV-STORAGE/test.sh b/test/TEST-64-UDEV-STORAGE/test.sh
index 0f26eaafeb..f784e65984 100755
--- a/test/TEST-64-UDEV-STORAGE/test.sh
+++ b/test/TEST-64-UDEV-STORAGE/test.sh
@@ -119,7 +119,6 @@ test_run() {
# Execute each currently defined function starting with "testcase_"
for testcase in "${TESTCASES[@]}"; do
- _image_cleanup
echo "------ $testcase: BEGIN ------"
# Note for my future frustrated self: `fun && xxx` (as well as ||, if, while,
# until, etc.) _DISABLES_ the `set -e` behavior in _ALL_ nested function
@@ -130,8 +129,14 @@ test_run() {
# So, be careful when adding clean up snippets in the testcase_*() functions -
# if the `test_run_one()` function isn't the last command, you have propagate
# the exit code correctly (e.g. `test_run_one() || return $?`, see below).
- ec=0
- "$testcase" "$test_id" || ec=$?
+
+ # FIXME: temporary workaround for intermittent fails in certain tests
+ # See: https://github.com/systemd/systemd/issues/21819
+ for ((_i = 0; _i < 3; _i++)); do
+ _image_cleanup
+ ec=0
+ "$testcase" "$test_id" && break || ec=$?
+ done
case $ec in
0)
passed+=("$testcase")

52
SOURCES/0069-test-don-t-leak-local-variable-to-outer-scopes.patch Normal file
View File

@ -0,0 +1,52 @@
From fe4bd1d397af0fef644c401ca5a94e4c82316b4c Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Thu, 27 Jan 2022 22:50:58 +0100
Subject: [PATCH] test: don't leak local variable to outer scopes
(cherry picked from commit 888d0bc074c6d11593d28c6a876787ae864604ea)
Related: #2017035
---
test/TEST-64-UDEV-STORAGE/test.sh | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/test/TEST-64-UDEV-STORAGE/test.sh b/test/TEST-64-UDEV-STORAGE/test.sh
index f784e65984..c360c8b661 100755
--- a/test/TEST-64-UDEV-STORAGE/test.sh
+++ b/test/TEST-64-UDEV-STORAGE/test.sh
@@ -171,6 +171,7 @@ testcase_megasas2_basic() {
return 77
fi
+ local i
local qemu_opts=(
"-device megasas-gen2,id=scsi0"
"-device megasas-gen2,id=scsi1"
@@ -197,6 +198,9 @@ testcase_nvme_basic() {
return 77
fi
+ local i
+ local qemu_opts=()
+
for i in {0..27}; do
qemu_opts+=(
"-device nvme,drive=nvme$i,serial=deadbeef$i,num_queues=8"
@@ -220,7 +224,7 @@ testcase_virtio_scsi_identically_named_partitions() {
# and attach them to a virtio-scsi controller
local qemu_opts=("-device virtio-scsi-pci,id=scsi0,num_queues=4")
local diskpath="${TESTDIR:?}/namedpart0.img"
- local lodev qemu_timeout
+ local i lodev qemu_timeout
dd if=/dev/zero of="$diskpath" bs=1M count=18
lodev="$(losetup --show -f -P "$diskpath")"
@@ -330,7 +334,7 @@ testcase_lvm_basic() {
fi
local qemu_opts=("-device ahci,id=ahci0")
- local diskpath
+ local diskpath i
# Attach 4 SATA disks to the VM (and set their model and serial fields
# to something predictable, so we can refer to them later)

208
SOURCES/0070-tree-wide-don-t-use-strjoina-on-getenv-values.patch Normal file
View File

@ -0,0 +1,208 @@
From 03bf37877f1c7045724cba12d69e93c8c411646e Mon Sep 17 00:00:00 2001
From: Anita Zhang <the.anitazha@gmail.com>
Date: Wed, 26 Jan 2022 10:53:40 -0800
Subject: [PATCH] tree-wide: don't use strjoina() on getenv() values
Avoid doing stack allocations on environment variables.
(cherry picked from commit 1d3b68f6e1538b6a86cbe3650d8b81df2877ef42)
Related: #2017035
---
src/basic/path-lookup.c | 8 ++++++--
src/core/dbus.c | 8 ++++++--
src/home/homed-home.c | 10 +++++++---
src/home/homed-manager.c | 26 ++++++++++++++++++--------
src/run/run.c | 7 +++++--
src/shared/pager.c | 9 +++++++--
6 files changed, 49 insertions(+), 19 deletions(-)
diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c
index 6fb8c40e7a..921a30cef7 100644
--- a/src/basic/path-lookup.c
+++ b/src/basic/path-lookup.c
@@ -238,7 +238,7 @@ static int acquire_generator_dirs(
char **generator_early,
char **generator_late) {
- _cleanup_free_ char *x = NULL, *y = NULL, *z = NULL;
+ _cleanup_free_ char *x = NULL, *y = NULL, *z = NULL, *p = NULL;
const char *prefix;
assert(generator);
@@ -261,7 +261,11 @@ static int acquire_generator_dirs(
if (!e)
return -ENXIO;
- prefix = strjoina(e, "/systemd");
+ p = path_join(e, "/systemd");
+ if (!p)
+ return -ENOMEM;
+
+ prefix = p;
}
x = path_join(prefix, "generator");
diff --git a/src/core/dbus.c b/src/core/dbus.c
index 2c5bda58f9..073675ceef 100644
--- a/src/core/dbus.c
+++ b/src/core/dbus.c
@@ -925,14 +925,18 @@ int bus_init_private(Manager *m) {
r = sockaddr_un_set_path(&sa.un, "/run/systemd/private");
} else {
- const char *e, *joined;
+ _cleanup_free_ char *joined = NULL;
+ const char *e;
e = secure_getenv("XDG_RUNTIME_DIR");
if (!e)
return log_error_errno(SYNTHETIC_ERRNO(EHOSTDOWN),
"XDG_RUNTIME_DIR is not set, refusing.");
- joined = strjoina(e, "/systemd/private");
+ joined = path_join(e, "/systemd/private");
+ if (!joined)
+ return log_oom();
+
r = sockaddr_un_set_path(&sa.un, joined);
}
if (r < 0)
diff --git a/src/home/homed-home.c b/src/home/homed-home.c
index 470c7f07f6..1340cf30d3 100644
--- a/src/home/homed-home.c
+++ b/src/home/homed-home.c
@@ -1185,14 +1185,18 @@ static int home_start_work(Home *h, const char *verb, UserRecord *hr, UserRecord
if (r < 0)
return r;
if (r == 0) {
+ _cleanup_free_ char *joined = NULL;
const char *homework, *suffix, *unix_path;
/* Child */
suffix = getenv("SYSTEMD_HOME_DEBUG_SUFFIX");
- if (suffix)
- unix_path = strjoina("/run/systemd/home/notify.", suffix);
- else
+ if (suffix) {
+ joined = strjoin("/run/systemd/home/notify.", suffix);
+ if (!joined)
+ return log_oom();
+ unix_path = joined;
+ } else
unix_path = "/run/systemd/home/notify";
if (setenv("NOTIFY_SOCKET", unix_path, 1) < 0) {
diff --git a/src/home/homed-manager.c b/src/home/homed-manager.c
index 6c178b8a0e..c1ec555cac 100644
--- a/src/home/homed-manager.c
+++ b/src/home/homed-manager.c
@@ -936,6 +936,7 @@ int manager_enumerate_images(Manager *m) {
}
static int manager_connect_bus(Manager *m) {
+ _cleanup_free_ char *b = NULL;
const char *suffix, *busname;
int r;
@@ -955,9 +956,12 @@ static int manager_connect_bus(Manager *m) {
return r;
suffix = getenv("SYSTEMD_HOME_DEBUG_SUFFIX");
- if (suffix)
- busname = strjoina("org.freedesktop.home1.", suffix);
- else
+ if (suffix) {
+ b = strjoin("org.freedesktop.home1.", suffix);
+ if (!b)
+ return log_oom();
+ busname = b;
+ } else
busname = "org.freedesktop.home1";
r = sd_bus_request_name_async(m->bus, NULL, busname, 0, NULL, NULL);
@@ -974,6 +978,7 @@ static int manager_connect_bus(Manager *m) {
}
static int manager_bind_varlink(Manager *m) {
+ _cleanup_free_ char *p = NULL;
const char *suffix, *socket_path;
int r;
@@ -999,9 +1004,12 @@ static int manager_bind_varlink(Manager *m) {
/* To make things easier to debug, when working from a homed managed home directory, let's optionally
* use a different varlink socket name */
suffix = getenv("SYSTEMD_HOME_DEBUG_SUFFIX");
- if (suffix)
- socket_path = strjoina("/run/systemd/userdb/io.systemd.Home.", suffix);
- else
+ if (suffix) {
+ p = strjoin("/run/systemd/userdb/io.systemd.Home.", suffix);
+ if (!p)
+ return log_oom();
+ socket_path = p;
+ } else
socket_path = "/run/systemd/userdb/io.systemd.Home";
r = varlink_server_listen_address(m->varlink_server, socket_path, 0666);
@@ -1159,9 +1167,11 @@ static int manager_listen_notify(Manager *m) {
suffix = getenv("SYSTEMD_HOME_DEBUG_SUFFIX");
if (suffix) {
- const char *unix_path;
+ _cleanup_free_ char *unix_path = NULL;
- unix_path = strjoina("/run/systemd/home/notify.", suffix);
+ unix_path = strjoin("/run/systemd/home/notify.", suffix);
+ if (!unix_path)
+ return log_oom();
r = sockaddr_un_set_path(&sa.un, unix_path);
if (r < 0)
return log_error_errno(r, "Socket path %s does not fit in sockaddr_un: %m", unix_path);
diff --git a/src/run/run.c b/src/run/run.c
index ff24373847..e75b027542 100644
--- a/src/run/run.c
+++ b/src/run/run.c
@@ -794,9 +794,12 @@ static int transient_service_set_properties(sd_bus_message *m, const char *pty_p
e = getenv("TERM");
if (e) {
- char *n;
+ _cleanup_free_ char *n = NULL;
+
+ n = strjoin("TERM=", e);
+ if (!n)
+ return log_oom();
- n = strjoina("TERM=", e);
r = sd_bus_message_append(m,
"(sv)",
"Environment", "as", 1, n);
diff --git a/src/shared/pager.c b/src/shared/pager.c
index f75ef62d2d..9426d3ef98 100644
--- a/src/shared/pager.c
+++ b/src/shared/pager.c
@@ -86,6 +86,7 @@ static int no_quit_on_interrupt(int exe_name_fd, const char *less_opts) {
void pager_open(PagerFlags flags) {
_cleanup_close_pair_ int fd[2] = { -1, -1 }, exe_name_pipe[2] = { -1, -1 };
_cleanup_strv_free_ char **pager_args = NULL;
+ _cleanup_free_ char *l = NULL;
const char *pager, *less_opts;
int r;
@@ -131,8 +132,12 @@ void pager_open(PagerFlags flags) {
less_opts = getenv("SYSTEMD_LESS");
if (!less_opts)
less_opts = "FRSXMK";
- if (flags & PAGER_JUMP_TO_END)
- less_opts = strjoina(less_opts, " +G");
+ if (flags & PAGER_JUMP_TO_END) {
+ l = strjoin(less_opts, " +G");
+ if (!l)
+ return (void) log_oom();
+ less_opts = l;
+ }
/* We set SIGINT as PR_DEATHSIG signal here, to match the "K" parameter we set in $LESS, which enables SIGINT behaviour. */
r = safe_fork("(pager)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGINT|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pager_pid);

83
SOURCES/0071-man-clarify-Environmentfile-format.patch Normal file
View File

@ -0,0 +1,83 @@
From 05ea18897aeafa1f2d47c5eae6c43bdd6ff71b9d Mon Sep 17 00:00:00 2001
From: Yonathan Randolph <yonathan@gmail.com>
Date: Sun, 26 Dec 2021 17:12:00 -0800
Subject: [PATCH] man: clarify Environmentfile format
Remove incorrect claim that C escapes (such as \t and \n) are recognized and that control characters are disallowed. Specify the allowed characters and escapes with single quotes, with double quotes, and without quotes.
(cherry picked from commit 4bbcde8498eb59557ebddd7830efb47c0297ff4b)
Related: #2017035
---
man/systemd.exec.xml | 51 ++++++++++++++++++++++++++++----------------
1 file changed, 33 insertions(+), 18 deletions(-)
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index cd21d5b28d..69858d5e59 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -2485,18 +2485,39 @@ SystemCallErrorNumber=EPERM</programlisting>
<varlistentry>
<term><varname>EnvironmentFile=</varname></term>
- <listitem><para>Similar to <varname>Environment=</varname> but reads the environment variables from a text
- file. The text file should contain new-line-separated variable assignments. Empty lines, lines without an
- <literal>=</literal> separator, or lines starting with ; or # will be ignored, which may be used for
- commenting. A line ending with a backslash will be concatenated with the following one, allowing multiline
- variable definitions. The parser strips leading and trailing whitespace from the values of assignments, unless
- you use double quotes (").</para>
-
- <para><ulink url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C escapes</ulink>
- are supported, but not
- <ulink url="https://en.wikipedia.org/wiki/Control_character#In_ASCII">most control characters</ulink>.
- <literal>\t</literal> and <literal>\n</literal> can be used to insert tabs and newlines within
- <varname>EnvironmentFile=</varname>.</para>
+ <listitem><para>Similar to <varname>Environment=</varname> but reads the environment variables from a text file.
+ The text file should contain newline-separated variable assignments. Empty lines, lines without an
+ <literal>=</literal> separator, or lines starting with <literal>;</literal> or <literal>#</literal> will be
+ ignored, which may be used for commenting. The file must be UTF-8 encoded. Valid characters are <ulink
+ url="https://www.unicode.org/glossary/#unicode_scalar_value">unicode scalar values</ulink> other than <ulink
+ url="https://www.unicode.org/glossary/#noncharacter">noncharacters</ulink>, U+0000 NUL, and U+FEFF <ulink
+ url="https://www.unicode.org/glossary/#byte_order_mark">byte order mark</ulink>. Control codes other than NUL
+ are allowed.</para>
+
+ <para>In the file, an unquoted value after the <literal>=</literal> is parsed with the same backslash-escape
+ rules as <ulink
+ url="https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_02_01">unquoted
+ text</ulink> in a POSIX shell, but unlike in a shell, interior whitespace is preserved and quotes after the
+ first non-whitespace character are preserved. Leading and trailing whitespace (space, tab, carriage return) is
+ discarded, but interior whitespace within the line is preserved verbatim. A line ending with a backslash will be
+ continued to the following one, with the newline itself discarded. A backslash
+ <literal>\</literal> followed by any character other than newline will preserve the following character, so that
+ <literal>\\</literal> will become the value <literal>\</literal>.</para>
+
+ <para>In the file, a <literal>'</literal>-quoted value after the <literal>=</literal> can span multiple lines
+ and contain any character verbatim other than single quote, like <ulink
+ url="https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_02_02">single-quoted
+ text</ulink> in a POSIX shell. No backslash-escape sequences are recognized. Leading and trailing whitespace
+ outside of the single quotes is discarded.</para>
+
+ <para>In the file, a <literal>"</literal>-quoted value after the <literal>=</literal> can span multiple lines,
+ and the same escape sequences are recognized as in <ulink
+ url="https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_02_03">double-quoted
+ text</ulink> of a POSIX shell. Backslash (<literal>\</literal>) followed by any of <literal>"\`$</literal> will
+ preserve that character. A backslash followed by newline is a line continuation, and the newline itself is
+ discarded. A backslash followed by any other character is ignored; both the backslash and the following
+ character are preserved verbatim. Leading and trailing whitespace outside of the double quotes is
+ discarded.</para>
<para>The argument passed should be an absolute filename or wildcard expression, optionally prefixed with
<literal>-</literal>, which indicates that if the file does not exist, it will not be read and no error or
@@ -2529,12 +2550,6 @@ SystemCallErrorNumber=EPERM</programlisting>
<para>Variables set for invoked processes due to this setting are subject to being overridden by those
configured with <varname>Environment=</varname> or <varname>EnvironmentFile=</varname>.</para>
- <para><ulink url="https://en.wikipedia.org/wiki/Escape_sequences_in_C#Table_of_escape_sequences">C escapes</ulink>
- are supported, but not
- <ulink url="https://en.wikipedia.org/wiki/Control_character#In_ASCII">most control characters</ulink>.
- <literal>\t</literal> and <literal>\n</literal> can be used to insert tabs and newlines within
- <varname>EnvironmentFile=</varname>.</para>
-
<para>Example:
<programlisting>PassEnvironment=VAR1 VAR2 VAR3</programlisting>
passes three variables <literal>VAR1</literal>,

88
SOURCES/0072-test-load-fragment-add-a-basic-test-for-config_parse.patch Normal file
View File

@ -0,0 +1,88 @@
From 01df4d485c8a6f3493a83a2a61572e9f2bccb649 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 09:39:55 +0100
Subject: [PATCH] test-load-fragment: add a basic test for
config_parse_unit_env_file()
(cherry picked from commit 3ef86964ed151aa2464701eef46d665adfd70895)
Related: #2017035
---
src/test/test-load-fragment.c | 64 +++++++++++++++++++++++++++++++++++
1 file changed, 64 insertions(+)
diff --git a/src/test/test-load-fragment.c b/src/test/test-load-fragment.c
index 1bd68c7e0a..fbe4744333 100644
--- a/src/test/test-load-fragment.c
+++ b/src/test/test-load-fragment.c
@@ -773,6 +773,70 @@ TEST(config_parse_pass_environ) {
assert_se(streq(passenv[0], "normal_name"));
}
+TEST(config_parse_unit_env_file) {
+ /* int config_parse_unit_env_file(
+ const char *unit,
+ const char *filename,
+ unsigned line,
+ const char *section,
+ unsigned section_line,
+ const char *lvalue,
+ int ltype,
+ const char *rvalue,
+ void *data,
+ void *userdata) */
+
+ _cleanup_(manager_freep) Manager *m = NULL;
+ Unit *u;
+ _cleanup_strv_free_ char **files = NULL;
+ int r;
+
+ r = manager_new(UNIT_FILE_USER, MANAGER_TEST_RUN_MINIMAL, &m);
+ if (manager_errno_skip_test(r)) {
+ log_notice_errno(r, "Skipping test: manager_new: %m");
+ return;
+ }
+
+ assert_se(r >= 0);
+ assert_se(manager_startup(m, NULL, NULL, NULL) >= 0);
+
+ assert_se(u = unit_new(m, sizeof(Service)));
+ assert_se(unit_add_name(u, "foobar.service") == 0);
+
+ r = config_parse_unit_env_file(u->id, "fake", 1, "section", 1,
+ "EnvironmentFile", 0, "not-absolute",
+ &files, u);
+ assert_se(r == 0);
+ assert_se(strv_length(files) == 0);
+
+ r = config_parse_unit_env_file(u->id, "fake", 1, "section", 1,
+ "EnvironmentFile", 0, "/absolute1",
+ &files, u);
+ assert_se(r == 0);
+ assert_se(strv_length(files) == 1);
+
+ r = config_parse_unit_env_file(u->id, "fake", 1, "section", 1,
+ "EnvironmentFile", 0, "/absolute2",
+ &files, u);
+ assert_se(r == 0);
+ assert_se(strv_length(files) == 2);
+ assert_se(streq(files[0], "/absolute1"));
+ assert_se(streq(files[1], "/absolute2"));
+
+ r = config_parse_unit_env_file(u->id, "fake", 1, "section", 1,
+ "EnvironmentFile", 0, "",
+ &files, u);
+ assert_se(r == 0);
+ assert_se(strv_isempty(files));
+
+ r = config_parse_unit_env_file(u->id, "fake", 1, "section", 1,
+ "EnvironmentFile", 0, "/path/%n.conf",
+ &files, u);
+ assert_se(r == 0);
+ assert_se(strv_length(files) == 1);
+ assert_se(streq(files[0], "/path/foobar.service.conf"));
+}
+
TEST(unit_dump_config_items) {
unit_dump_config_items(stdout);
}

119
SOURCES/0073-core-execute-use-_cleanup_-in-exec_context_load_envi.patch Normal file
View File

@ -0,0 +1,119 @@
From 65aca6d552b69af81fe9588720194e0b86a160fb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 09:51:19 +0100
Subject: [PATCH] core/execute: use _cleanup_ in
exec_context_load_environment()
Also rename variables.
(cherry picked from commit 398a5009169fdc0c4eb147692c0cd929b9fe4c84)
Related: #2017035
---
src/core/execute.c | 51 +++++++++++++++++++---------------------------
1 file changed, 21 insertions(+), 30 deletions(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index 16f346f339..2ab65e9cfe 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -5363,20 +5363,18 @@ static int exec_context_named_iofds(
return targets == 0 ? 0 : -ENOENT;
}
-static int exec_context_load_environment(const Unit *unit, const ExecContext *c, char ***l) {
- char **i, **r = NULL;
+static int exec_context_load_environment(const Unit *unit, const ExecContext *c, char ***ret) {
+ _cleanup_strv_free_ char **v = NULL;
+ char **i;
+ int r;
assert(c);
- assert(l);
+ assert(ret);
STRV_FOREACH(i, c->environment_files) {
- char *fn;
- int k;
- bool ignore = false;
- char **p;
_cleanup_globfree_ glob_t pglob = {};
-
- fn = *i;
+ bool ignore = false;
+ char *fn = *i;
if (fn[0] == '-') {
ignore = true;
@@ -5386,33 +5384,30 @@ static int exec_context_load_environment(const Unit *unit, const ExecContext *c,
if (!path_is_absolute(fn)) {
if (ignore)
continue;
-
- strv_free(r);
return -EINVAL;
}
/* Filename supports globbing, take all matching files */
- k = safe_glob(fn, 0, &pglob);
- if (k < 0) {
+ r = safe_glob(fn, 0, &pglob);
+ if (r < 0) {
if (ignore)
continue;
-
- strv_free(r);
- return k;
+ return r;
}
/* When we don't match anything, -ENOENT should be returned */
assert(pglob.gl_pathc > 0);
for (unsigned n = 0; n < pglob.gl_pathc; n++) {
- k = load_env_file(NULL, pglob.gl_pathv[n], &p);
- if (k < 0) {
+ _cleanup_strv_free_ char **p = NULL;
+
+ r = load_env_file(NULL, pglob.gl_pathv[n], &p);
+ if (r < 0) {
if (ignore)
continue;
-
- strv_free(r);
- return k;
+ return r;
}
+
/* Log invalid environment variables with filename */
if (p) {
InvalidEnvInfo info = {
@@ -5423,23 +5418,19 @@ static int exec_context_load_environment(const Unit *unit, const ExecContext *c,
p = strv_env_clean_with_callback(p, invalid_env, &info);
}
- if (!r)
- r = p;
+ if (!v)
+ v = TAKE_PTR(p);
else {
- char **m;
-
- m = strv_env_merge(r, p);
- strv_free(r);
- strv_free(p);
+ char **m = strv_env_merge(v, p);
if (!m)
return -ENOMEM;
- r = m;
+ strv_free_and_replace(v, m);
}
}
}
- *l = r;
+ *ret = TAKE_PTR(v);
return 0;
}

118
SOURCES/0074-test-env-file-add-tests-for-quoting-in-env-files.patch Normal file
View File

@ -0,0 +1,118 @@
From 402854a52a0a659fd914279eae17b4e065a9c294 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 10:15:50 +0100
Subject: [PATCH] test-env-file: add tests for quoting in env files
(cherry picked from commit e9e982a29d52834375e5fb553cecb45bc905cf91)
Related: #2017035
---
src/test/test-env-file.c | 68 +++++++++++++++++++++++++++++-----------
1 file changed, 50 insertions(+), 18 deletions(-)
diff --git a/src/test/test-env-file.c b/src/test/test-env-file.c
index 6cc2455c1f..7b132447bf 100644
--- a/src/test/test-env-file.c
+++ b/src/test/test-env-file.c
@@ -13,11 +13,11 @@
"a=a\n" \
"b=b\\\n" \
"c\n" \
- "d=d\\\n" \
- "e\\\n" \
- "f\n" \
+ "d= d\\\n" \
+ "e \\\n" \
+ "f \n" \
"g=g\\ \n" \
- "h=h\n" \
+ "h= ąęół\\ śćńźżµ \n" \
"i=i\\"
#define env_file_2 \
@@ -26,22 +26,34 @@
#define env_file_3 \
"#SPAMD_ARGS=\"-d --socketpath=/var/lib/bulwark/spamd \\\n" \
"#--nouser-config \\\n" \
- "normal=line"
-
-#define env_file_4 \
- "# Generated\n" \
- "\n" \
- "HWMON_MODULES=\"coretemp f71882fg\"\n" \
- "\n" \
- "# For compatibility reasons\n" \
- "\n" \
- "MODULE_0=coretemp\n" \
- "MODULE_1=f71882fg"
+ "normal=line \\\n" \
+ ";normal=ignored \\\n" \
+ "normal_ignored \\\n" \
+ "normal ignored \\\n"
+
+#define env_file_4 \
+ "# Generated\n" \
+ "\n" \
+ "HWMON_MODULES=\"coretemp f71882fg\"\n" \
+ "\n" \
+ "# For compatibility reasons\n" \
+ "\n" \
+ "MODULE_0=coretemp\n" \
+ "MODULE_1=f71882fg"
#define env_file_5 \
- "a=\n" \
+ "a=\n" \
"b="
+#define env_file_6 \
+ "a=\\ \\n \\t \\x \\y \\' \n" \
+ "b= \\$' \n" \
+ "c= ' \\n\\t\\$\\`\\\\\n" \
+ "' \n" \
+ "d= \" \\n\\t\\$\\`\\\\\n" \
+ "\" \n"
+
+
TEST(load_env_file_1) {
_cleanup_strv_free_ char **data = NULL;
int r;
@@ -57,9 +69,9 @@ TEST(load_env_file_1) {
assert_se(r == 0);
assert_se(streq(data[0], "a=a"));
assert_se(streq(data[1], "b=bc"));
- assert_se(streq(data[2], "d=def"));
+ assert_se(streq(data[2], "d=de f"));
assert_se(streq(data[3], "g=g "));
- assert_se(streq(data[4], "h=h"));
+ assert_se(streq(data[4], "h=ąęół śćńźżµ"));
assert_se(streq(data[5], "i=i"));
assert_se(data[6] == NULL);
}
@@ -133,6 +145,26 @@ TEST(load_env_file_5) {
assert_se(data[2] == NULL);
}
+TEST(load_env_file_6) {
+ _cleanup_strv_free_ char **data = NULL;
+ int r;
+
+ _cleanup_(unlink_tempfilep) char name[] = "/tmp/test-load-env-file.XXXXXX";
+ _cleanup_close_ int fd;
+
+ fd = mkostemp_safe(name);
+ assert_se(fd >= 0);
+ assert_se(write(fd, env_file_6, strlen(env_file_6)) == strlen(env_file_6));
+
+ r = load_env_file(NULL, name, &data);
+ assert_se(r == 0);
+ assert_se(streq(data[0], "a= n t x y '"));
+ assert_se(streq(data[1], "b=$'"));
+ assert_se(streq(data[2], "c= \\n\\t\\$\\`\\\\\n"));
+ assert_se(streq(data[3], "d= \\n\\t$`\\\n"));
+ assert_se(data[4] == NULL);
+}
+
TEST(write_and_load_env_file) {
const char *v;

275
SOURCES/0075-core-shorten-long-unit-names-that-are-based-on-paths.patch Normal file
View File

@ -0,0 +1,275 @@
From 4bc17b038971160f94321c7be9cd924b256d9ef8 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Tue, 15 Mar 2022 19:02:05 +0100
Subject: [PATCH] core: shorten long unit names that are based on paths and
append path hash at the end
Fixes #18077
(cherry picked from commit 1d0727e76fd5e9a07cc9991ec9a10ea1d78a99c7)
Resolves: #2083493
---
src/basic/string-util.h | 23 ++++++-----
src/basic/unit-name.c | 86 ++++++++++++++++++++++++++++++++++++++-
src/basic/unit-name.h | 3 ++
src/core/mount.c | 3 ++
src/test/test-unit-name.c | 26 ++++++++++--
5 files changed, 125 insertions(+), 16 deletions(-)
diff --git a/src/basic/string-util.h b/src/basic/string-util.h
index a1d88fbb95..ffb69e69cc 100644
--- a/src/basic/string-util.h
+++ b/src/basic/string-util.h
@@ -10,17 +10,18 @@
#include "string-util-fundamental.h"
/* What is interpreted as whitespace? */
-#define WHITESPACE " \t\n\r"
-#define NEWLINE "\n\r"
-#define QUOTES "\"\'"
-#define COMMENTS "#;"
-#define GLOB_CHARS "*?["
-#define DIGITS "0123456789"
-#define LOWERCASE_LETTERS "abcdefghijklmnopqrstuvwxyz"
-#define UPPERCASE_LETTERS "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-#define LETTERS LOWERCASE_LETTERS UPPERCASE_LETTERS
-#define ALPHANUMERICAL LETTERS DIGITS
-#define HEXDIGITS DIGITS "abcdefABCDEF"
+#define WHITESPACE " \t\n\r"
+#define NEWLINE "\n\r"
+#define QUOTES "\"\'"
+#define COMMENTS "#;"
+#define GLOB_CHARS "*?["
+#define DIGITS "0123456789"
+#define LOWERCASE_LETTERS "abcdefghijklmnopqrstuvwxyz"
+#define UPPERCASE_LETTERS "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+#define LETTERS LOWERCASE_LETTERS UPPERCASE_LETTERS
+#define ALPHANUMERICAL LETTERS DIGITS
+#define HEXDIGITS DIGITS "abcdefABCDEF"
+#define LOWERCASE_HEXDIGITS DIGITS "abcdef"
static inline char* strstr_ptr(const char *haystack, const char *needle) {
if (!haystack || !needle)
diff --git a/src/basic/unit-name.c b/src/basic/unit-name.c
index 671e30a53f..6cba8ba140 100644
--- a/src/basic/unit-name.c
+++ b/src/basic/unit-name.c
@@ -5,12 +5,17 @@
#include <stdint.h>
#include <stdlib.h>
+#include "sd-id128.h"
+
#include "alloc-util.h"
#include "glob-util.h"
#include "hexdecoct.h"
#include "memory-util.h"
#include "path-util.h"
+#include "random-util.h"
+#include "sparse-endian.h"
#include "special.h"
+#include "stdio-util.h"
#include "string-util.h"
#include "strv.h"
#include "unit-name.h"
@@ -31,6 +36,9 @@
VALID_CHARS_WITH_AT \
"[]!-*?"
+#define LONG_UNIT_NAME_HASH_KEY SD_ID128_MAKE(ec,f2,37,fb,58,32,4a,32,84,9f,06,9b,0d,21,eb,9a)
+#define UNIT_NAME_HASH_LENGTH_CHARS 16
+
bool unit_name_is_valid(const char *n, UnitNameFlags flags) {
const char *e, *i, *at;
@@ -507,6 +515,68 @@ int unit_name_template(const char *f, char **ret) {
return 0;
}
+bool unit_name_is_hashed(const char *name) {
+ char *s;
+
+ if (!unit_name_is_valid(name, UNIT_NAME_PLAIN))
+ return false;
+
+ assert_se(s = strrchr(name, '.'));
+
+ if (s - name < UNIT_NAME_HASH_LENGTH_CHARS + 1)
+ return false;
+
+ s -= UNIT_NAME_HASH_LENGTH_CHARS;
+ if (s[-1] != '_')
+ return false;
+
+ for (size_t i = 0; i < UNIT_NAME_HASH_LENGTH_CHARS; i++)
+ if (!strchr(LOWERCASE_HEXDIGITS, s[i]))
+ return false;
+
+ return true;
+}
+
+int unit_name_hash_long(const char *name, char **ret) {
+ _cleanup_free_ char *n = NULL, *hash = NULL;
+ char *suffix;
+ le64_t h;
+ size_t len;
+
+ if (strlen(name) < UNIT_NAME_MAX)
+ return -EMSGSIZE;
+
+ suffix = strrchr(name, '.');
+ if (!suffix)
+ return -EINVAL;
+
+ if (unit_type_from_string(suffix+1) < 0)
+ return -EINVAL;
+
+ h = htole64(siphash24_string(name, LONG_UNIT_NAME_HASH_KEY.bytes));
+
+ hash = hexmem(&h, sizeof(h));
+ if (!hash)
+ return -ENOMEM;
+
+ assert_se(strlen(hash) == UNIT_NAME_HASH_LENGTH_CHARS);
+
+ len = UNIT_NAME_MAX - 1 - strlen(suffix+1) - UNIT_NAME_HASH_LENGTH_CHARS - 2;
+ assert(len > 0 && len < UNIT_NAME_MAX);
+
+ n = strndup(name, len);
+ if (!n)
+ return -ENOMEM;
+
+ if (!strextend(&n, "_", hash, suffix))
+ return -ENOMEM;
+ assert_se(unit_name_is_valid(n, UNIT_NAME_PLAIN));
+
+ *ret = TAKE_PTR(n);
+
+ return 0;
+}
+
int unit_name_from_path(const char *path, const char *suffix, char **ret) {
_cleanup_free_ char *p = NULL, *s = NULL;
int r;
@@ -526,8 +596,17 @@ int unit_name_from_path(const char *path, const char *suffix, char **ret) {
if (!s)
return -ENOMEM;
- if (strlen(s) >= UNIT_NAME_MAX) /* Return a slightly more descriptive error for this specific condition */
- return -ENAMETOOLONG;
+ if (strlen(s) >= UNIT_NAME_MAX) {
+ _cleanup_free_ char *n = NULL;
+
+ log_debug("Unit name \"%s\" too long, falling back to hashed unit name.", s);
+
+ r = unit_name_hash_long(s, &n);
+ if (r < 0)
+ return r;
+
+ free_and_replace(s, n);
+ }
/* Refuse if this for some other reason didn't result in a valid name */
if (!unit_name_is_valid(s, UNIT_NAME_PLAIN))
@@ -581,6 +660,9 @@ int unit_name_to_path(const char *name, char **ret) {
if (r < 0)
return r;
+ if (unit_name_is_hashed(name))
+ return -ENAMETOOLONG;
+
return unit_name_path_unescape(prefix, ret);
}
diff --git a/src/basic/unit-name.h b/src/basic/unit-name.h
index b62b3e034e..eaa701e9f6 100644
--- a/src/basic/unit-name.h
+++ b/src/basic/unit-name.h
@@ -44,6 +44,9 @@ int unit_name_replace_instance(const char *f, const char *i, char **ret);
int unit_name_template(const char *f, char **ret);
+int unit_name_hash_long(const char *name, char **ret);
+bool unit_name_is_hashed(const char *name);
+
int unit_name_from_path(const char *path, const char *suffix, char **ret);
int unit_name_from_path_instance(const char *prefix, const char *path, const char *suffix, char **ret);
int unit_name_to_path(const char *name, char **ret);
diff --git a/src/core/mount.c b/src/core/mount.c
index 4d407ca4e5..d63884e47e 100644
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -622,6 +622,9 @@ static int mount_add_extras(Mount *m) {
if (!m->where) {
r = unit_name_to_path(u->id, &m->where);
+ if (r == -ENAMETOOLONG)
+ log_unit_error_errno(u, r, "Failed to derive mount point path from unit name, because unit name is hashed. "
+ "Set \"Where=\" in the unit file explicitly.");
if (r < 0)
return r;
}
diff --git a/src/test/test-unit-name.c b/src/test/test-unit-name.c
index 8cd0e0b4a1..b6137333aa 100644
--- a/src/test/test-unit-name.c
+++ b/src/test/test-unit-name.c
@@ -106,6 +106,7 @@ TEST(unit_name_replace_instance) {
static void test_unit_name_from_path_one(const char *path, const char *suffix, const char *expected, int ret) {
_cleanup_free_ char *t = NULL;
+ int r;
assert_se(unit_name_from_path(path, suffix, &t) == ret);
puts(strna(t));
@@ -113,12 +114,31 @@ static void test_unit_name_from_path_one(const char *path, const char *suffix, c
if (t) {
_cleanup_free_ char *k = NULL;
- assert_se(unit_name_to_path(t, &k) == 0);
+
+ /* We don't support converting hashed unit names back to paths */
+ r = unit_name_to_path(t, &k);
+ if (r == -ENAMETOOLONG)
+ return;
+ assert(r == 0);
+
puts(strna(k));
assert_se(path_equal(k, empty_to_root(path)));
}
}
+TEST(unit_name_is_hashed) {
+ assert_se(!unit_name_is_hashed(""));
+ assert_se(!unit_name_is_hashed("foo@bar.service"));
+ assert_se(!unit_name_is_hashed("foo@.service"));
+ assert_se(unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736d9ed33c2ec55.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736D9ED33C2EC55.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!7736d9ed33c2ec55.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736d9gd33c2ec55.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_2103e1466b87f7f7@waldo.mount"));
+ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_2103e1466b87f7f7@.mount"));
+}
+
TEST(unit_name_from_path) {
test_unit_name_from_path_one("/waldo", ".mount", "waldo.mount", 0);
test_unit_name_from_path_one("/waldo/quuix", ".mount", "waldo-quuix.mount", 0);
@@ -128,7 +148,8 @@ TEST(unit_name_from_path) {
test_unit_name_from_path_one("///", ".mount", "-.mount", 0);
test_unit_name_from_path_one("/foo/../bar", ".mount", NULL, -EINVAL);
test_unit_name_from_path_one("/foo/./bar", ".mount", "foo-bar.mount", 0);
- test_unit_name_from_path_one("/waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", ".mount", NULL, -ENAMETOOLONG);
+ test_unit_name_from_path_one("/waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", ".mount",
+ "waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736d9ed33c2ec55.mount", 0);
}
static void test_unit_name_from_path_instance_one(const char *pattern, const char *path, const char *suffix, const char *expected, int ret) {
@@ -156,7 +177,6 @@ TEST(unit_name_from_path_instance) {
test_unit_name_from_path_instance_one("waldo", "..", ".mount", NULL, -EINVAL);
test_unit_name_from_path_instance_one("waldo", "/foo", ".waldi", NULL, -EINVAL);
test_unit_name_from_path_instance_one("wa--ldo", "/--", ".mount", "wa--ldo@\\x2d\\x2d.mount", 0);
- test_unit_name_from_path_instance_one("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "/waldo", ".mount", NULL, -ENAMETOOLONG);
}
static void test_unit_name_to_path_one(const char *unit, const char *path, int ret) {

42
SOURCES/0076-tests-add-test-case-for-long-unit-names.patch Normal file
View File

@ -0,0 +1,42 @@
From 1121def1f02c847df894611e171a1025f859fb3d Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 23 Mar 2022 13:35:44 +0100
Subject: [PATCH] tests: add test case for long unit names
(cherry picked from commit 2ef0101e0b2813e8c99fc8f137dbaa763ca16057)
Related: #2083493
---
test/units/testsuite-60.sh | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/test/units/testsuite-60.sh b/test/units/testsuite-60.sh
index eb174f00ed..239d7b0d4c 100755
--- a/test/units/testsuite-60.sh
+++ b/test/units/testsuite-60.sh
@@ -8,6 +8,25 @@ systemd-analyze log-target journal
NUM_DIRS=20
+# make sure we can handle mounts at very long paths such that mount unit name must be hashed to fall within our unit name limit
+LONGPATH="$(printf "/$(printf "x%0.s" {1..255})%0.s" {1..7})"
+LONGMNT="$(systemd-escape --suffix=mount --path "$LONGPATH")"
+TS="$(date '+%H:%M:%S')"
+
+mkdir -p "$LONGPATH"
+mount -t tmpfs tmpfs "$LONGPATH"
+systemctl daemon-reload
+
+# check that unit is active(mounted)
+systemctl --no-pager show -p SubState --value "$LONGPATH" | grep -q mounted
+
+# check that relevant part of journal doesn't contain any errors related to unit
+[ "$(journalctl -b --since="$TS" --priority=err | grep -c "$LONGMNT")" = "0" ]
+
+# check that we can successfully stop the mount unit
+systemctl stop "$LONGPATH"
+rm -rf "$LONGPATH"
+
# mount/unmount enough times to trigger the /proc/self/mountinfo parsing rate limiting
for ((i = 0; i < NUM_DIRS; i++)); do

37
SOURCES/0077-tests-reflect-that-we-can-now-handle-devices-with-ve.patch Normal file
View File

@ -0,0 +1,37 @@
From 87e45d9c58c74ae7ba46f99a3f0e2db39cf345ff Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 24 Mar 2022 19:24:16 +0100
Subject: [PATCH] tests: reflect that we can now handle devices with very long
sysfs paths
(cherry picked from commit b26f4f0028e27b6ad46ef9af56aac7571caa3a25)
Related: #2083493
---
test/units/testsuite-64.sh | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/test/units/testsuite-64.sh b/test/units/testsuite-64.sh
index dc8b263b10..218b2ee8d1 100755
--- a/test/units/testsuite-64.sh
+++ b/test/units/testsuite-64.sh
@@ -674,6 +674,7 @@ testcase_long_sysfs_path() {
echo "UUID=deadbeef-dead-dead-beef-222222222222 $mpoint ext4 defaults 0 0" >>/etc/fstab
systemctl daemon-reload
mount "$mpoint"
+ systemctl status "$mpoint"
test -e "$mpoint/test"
umount "$mpoint"
@@ -684,9 +685,9 @@ testcase_long_sysfs_path() {
udevadm settle
logfile="$(mktemp)"
- journalctl -b -q --no-pager -o short-monotonic -p info --grep "Device path.*vda.?' too long to fit into unit name"
+ [[ "$(journalctl -b -q --no-pager -o short-monotonic -p info --grep "Device path.*vda.?' too long to fit into unit name" | wc -l)" -eq 0 ]]
# Make sure we don't unnecessarily spam the log
- journalctl -b -q --no-pager -o short-monotonic -p info --grep "/sys/devices/.+/vda[0-9]?" _PID=1 + UNIT=systemd-udevd.service | tee "$logfile"
+ { journalctl -b -q --no-pager -o short-monotonic -p info --grep "/sys/devices/.+/vda[0-9]?" _PID=1 + UNIT=systemd-udevd.service || :;} | tee "$logfile"
[[ "$(wc -l <"$logfile")" -lt 10 ]]
: >/etc/fstab

63
SOURCES/0078-test-extend-the-hashed-unit-names-coverage-a-bit.patch Normal file
View File

@ -0,0 +1,63 @@
From c9fe9526f07ad24d29842fa853ee458b68660896 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 22 Apr 2022 18:03:14 +0200
Subject: [PATCH] test: extend the "hashed" unit names coverage a bit
Follow-up to #22759.
(cherry picked from commit 98f8c316389177169c6599e67010ebb1789a6b26)
Related: #2083493
---
test/units/testsuite-64.sh | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/test/units/testsuite-64.sh b/test/units/testsuite-64.sh
index 218b2ee8d1..5f9aeee261 100755
--- a/test/units/testsuite-64.sh
+++ b/test/units/testsuite-64.sh
@@ -646,7 +646,7 @@ testcase_iscsi_lvm() {
}
testcase_long_sysfs_path() {
- local link logfile mpoint
+ local cursor link logfile mpoint
local expected_symlinks=(
"/dev/disk/by-label/data_vol"
"/dev/disk/by-label/swap_vol"
@@ -657,6 +657,12 @@ testcase_long_sysfs_path() {
"/dev/disk/by-uuid/deadbeef-dead-dead-beef-222222222222"
)
+ # Create a cursor file to skip messages generated by udevd in initrd, as it
+ # might not be the same up-to-date version as we currently run (hence generating
+ # messages we check for later and making the test fail)
+ cursor="$(mktemp)"
+ journalctl --cursor-file="${cursor:?}" -n0 -q
+
# Make sure the test device is connected and show its "wonderful" path
stat /sys/block/vda
readlink -f /sys/block/vda/dev
@@ -685,13 +691,20 @@ testcase_long_sysfs_path() {
udevadm settle
logfile="$(mktemp)"
- [[ "$(journalctl -b -q --no-pager -o short-monotonic -p info --grep "Device path.*vda.?' too long to fit into unit name" | wc -l)" -eq 0 ]]
+ # Check state of affairs after https://github.com/systemd/systemd/pull/22759
+ # Note: can't use `--cursor-file` here, since we don't want to update the cursor
+ # after using it
+ [[ "$(journalctl --after-cursor="$(<"$cursor")" -q --no-pager -o short-monotonic -p info --grep "Device path.*vda.?' too long to fit into unit name" | wc -l)" -eq 0 ]]
+ [[ "$(journalctl --after-cursor="$(<"$cursor")" -q --no-pager -o short-monotonic --grep "Unit name .*vda.?\.device\" too long, falling back to hashed unit name" | wc -l)" -gt 0 ]]
+ # Check if the respective "hashed" units exist and are active (plugged)
+ systemctl status --no-pager "$(readlink -f /sys/block/vda/vda1)"
+ systemctl status --no-pager "$(readlink -f /sys/block/vda/vda2)"
# Make sure we don't unnecessarily spam the log
{ journalctl -b -q --no-pager -o short-monotonic -p info --grep "/sys/devices/.+/vda[0-9]?" _PID=1 + UNIT=systemd-udevd.service || :;} | tee "$logfile"
[[ "$(wc -l <"$logfile")" -lt 10 ]]
: >/etc/fstab
- rm -fr "${logfile:?}" "${mpoint:?}"
+ rm -fr "${cursor:?}" "${logfile:?}" "${mpoint:?}"
}
: >/failed

29
SOURCES/0079-Revert-kernel-install-also-remove-modules.builtin.al.patch Normal file
View File

@ -0,0 +1,29 @@
From 17f516c0714e05d3dea7f168304286658aead870 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 17 Mar 2022 12:35:35 +0100
Subject: [PATCH] Revert "kernel-install: also remove
modules.builtin.alias.bin"
This reverts commit fdcb1bf67371615f12c4b11283f2bd6a25bda019.
Related: #2065061
[msekleta: this revert is done in order to make backporting easier,
patch will be reapplied later.]
---
src/kernel-install/50-depmod.install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index fd00c43632..2fd959865f 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -36,7 +36,7 @@ case "$COMMAND" in
remove)
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
echo "Removing /lib/modules/${KERNEL_VERSION}/modules.dep and associated files"
- exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin{,.alias}.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
+ exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
;;
*)
exit 0

29
SOURCES/0080-Revert-kernel-install-prefer-boot-over-boot-efi-for-.patch Normal file
View File

@ -0,0 +1,29 @@
From 3fae5c22831288c075e371e67ecc91968ab60d63 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 17 Mar 2022 12:37:57 +0100
Subject: [PATCH] Revert "kernel-install: prefer /boot over /boot/efi for
$BOOT_ROOT"
This reverts commit d0e98b7a1211412dccfcf4dcd2cc0772ac70b304.
Related: #2065061
[msekleta: this revert is done in order to make backporting easier,
patch will be reapplied later.]
---
src/kernel-install/kernel-install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index d85852532b..b358b03b2f 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -108,7 +108,7 @@ fi
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
- for pref in "/efi" "/boot" "/boot/efi" ; do
+ for pref in "/efi" "/boot/efi" "/boot"; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
break 2

60
SOURCES/0081-kernel-install-50-depmod-port-to-bin-sh.patch Normal file
View File

@ -0,0 +1,60 @@
From d90268728f268f4e5291d29bc2b899137cd7ddf5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:35:17 +0100
Subject: [PATCH] kernel-install: 50-depmod: port to /bin/sh
(cherry picked from commit b3ceb3d9fff69b33b8665a0137f5177f72c45cc0)
Related: #2065061
---
src/kernel-install/50-depmod.install | 28 +++++++++++++++-------------
1 file changed, 15 insertions(+), 13 deletions(-)
diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index 2fd959865f..aa1f6b8e0e 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -20,23 +20,25 @@
COMMAND="$1"
KERNEL_VERSION="$2"
-ENTRY_DIR_ABS="$3"
-KERNEL_IMAGE="$4"
-INITRD_OPTIONS_START="5"
-
-[[ $KERNEL_VERSION ]] || exit 1
case "$COMMAND" in
add)
- [[ -d "/lib/modules/${KERNEL_VERSION}/kernel" ]] || exit 0
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Running depmod -a ${KERNEL_VERSION}"
- exec depmod -a "${KERNEL_VERSION}"
+ [ -d "/lib/modules/$KERNEL_VERSION/kernel" ] || exit 0
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+depmod -a $KERNEL_VERSION"
+ exec depmod -a "$KERNEL_VERSION"
;;
remove)
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Removing /lib/modules/${KERNEL_VERSION}/modules.dep and associated files"
- exec rm -f /lib/modules/"${KERNEL_VERSION}"/modules.{alias{,.bin},builtin.bin,dep{,.bin},devname,softdep,symbols{,.bin}}
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Removing /lib/modules/$KERNEL_VERSION/modules.dep and associated files"
+ exec rm -f \
+ "/lib/modules/$KERNEL_VERSION/modules.alias" \
+ "/lib/modules/$KERNEL_VERSION/modules.alias.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.builtin.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.dep" \
+ "/lib/modules/$KERNEL_VERSION/modules.dep.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.devname" \
+ "/lib/modules/$KERNEL_VERSION/modules.softdep" \
+ "/lib/modules/$KERNEL_VERSION/modules.symbols" \
+ "/lib/modules/$KERNEL_VERSION/modules.symbols.bin"
;;
*)
exit 0

181
SOURCES/0082-kernel-install-90-loaderentry-port-to-bin-sh.patch Normal file
View File

@ -0,0 +1,181 @@
From 7b05dc8184e1a459d0a073dfe569560681525980 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:35:33 +0100
Subject: [PATCH] kernel-install: 90-loaderentry: port to /bin/sh
Also, forward the rm -f exit code on removal instead of swallowing it
(cherry picked from commit 662f45e3ea9f6e933234b81bec532d584bda6ead)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 110 +++++++++-------------
1 file changed, 45 insertions(+), 65 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 044eced3f0..35324e69a9 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -22,68 +22,53 @@ COMMAND="$1"
KERNEL_VERSION="$2"
ENTRY_DIR_ABS="$3"
KERNEL_IMAGE="$4"
-INITRD_OPTIONS_START="5"
+INITRD_OPTIONS_SHIFT=4
-if ! [[ $KERNEL_INSTALL_MACHINE_ID ]]; then
- exit 0
-fi
-
-if [ "$KERNEL_INSTALL_LAYOUT" != "bls" ]; then
- exit 0
-fi
+[ "$KERNEL_INSTALL_LAYOUT" = "bls" ] || exit 0
MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
BOOT_ROOT="$KERNEL_INSTALL_BOOT_ROOT"
BOOT_MNT="$(stat -c %m "$BOOT_ROOT")"
-if [[ "$BOOT_MNT" == '/' ]]; then
+if [ "$BOOT_MNT" = '/' ]; then
ENTRY_DIR="$ENTRY_DIR_ABS"
else
ENTRY_DIR="${ENTRY_DIR_ABS#$BOOT_MNT}"
fi
-if [[ $COMMAND == remove ]]; then
- rm -f "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf"
- rm -f "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
- exit 0
-fi
-
-if ! [[ $COMMAND == add ]]; then
- exit 1
-fi
-
-if ! [[ $KERNEL_IMAGE ]]; then
- exit 1
-fi
+case "$COMMAND" in
+ remove)
+ exec rm -f \
+ "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
+ "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
+ ;;
+ add)
+ ;;
+ *)
+ exit 1
+ ;;
+esac
-if [[ -f /etc/os-release ]]; then
+if [ -r /etc/os-release ]; then
. /etc/os-release
-elif [[ -f /usr/lib/os-release ]]; then
+elif [ -r /usr/lib/os-release ]; then
. /usr/lib/os-release
fi
-if ! [[ $PRETTY_NAME ]]; then
- PRETTY_NAME="Linux $KERNEL_VERSION"
-fi
+[ -n "$PRETTY_NAME" ] || PRETTY_NAME="Linux $KERNEL_VERSION"
-if [[ -f /etc/kernel/cmdline ]]; then
- read -r -d '' -a BOOT_OPTIONS < /etc/kernel/cmdline
-elif [[ -f /usr/lib/kernel/cmdline ]]; then
- read -r -d '' -a BOOT_OPTIONS < /usr/lib/kernel/cmdline
+if [ -r /etc/kernel/cmdline ]; then
+ BOOT_OPTIONS="$(tr -s "$IFS" ' ' </etc/kernel/cmdline)"
+elif [ -r /usr/lib/kernel/cmdline ]; then
+ BOOT_OPTIONS="$(tr -s "$IFS" ' ' </usr/lib/kernel/cmdline)"
else
- declare -a BOOT_OPTIONS
-
- read -r -d '' -a line < /proc/cmdline
- for i in "${line[@]}"; do
- [[ "${i#initrd=*}" != "$i" ]] && continue
- [[ "${i#BOOT_IMAGE=*}" != "$i" ]] && continue
- BOOT_OPTIONS+=("$i")
- done
+ BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
+BOOT_OPTIONS="${BOOT_OPTIONS% }"
-if [[ -f /etc/kernel/tries ]]; then
+if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
- if ! [[ "$TRIES" =~ ^[0-9]+$ ]] ; then
+ if ! echo "$TRIES" | grep -q '^[0-9][0-9]*$'; then
echo "/etc/kernel/tries does not contain an integer." >&2
exit 1
fi
@@ -106,43 +91,38 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
exit 1
}
-INITRD_OPTIONS=( "${@:${INITRD_OPTIONS_START}}" )
-
-for initrd in "${INITRD_OPTIONS[@]}"; do
- if [[ -f "${initrd}" ]]; then
- initrd_basename="$(basename ${initrd})"
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Installing $ENTRY_DIR_ABS/${initrd_basename}"
- install -g root -o root -m 0644 "${initrd}" "$ENTRY_DIR_ABS/${initrd_basename}" || {
- echo "Could not copy '${initrd}' to '$ENTRY_DIR_ABS/${initrd_basename}'." >&2
- exit 1
- }
- fi
-done
+shift "$INITRD_OPTIONS_SHIFT"
+for initrd; do
+ [ -f "$initrd" ] || continue
-# If no initrd option is supplied, fall back to "initrd" which is
-# the name used by dracut when generating it in its kernel-install hook
-[[ ${#INITRD_OPTIONS[@]} == 0 ]] && INITRD_OPTIONS=( initrd )
+ initrd_basename="${initrd##*/}"
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
+ install -g root -o root -m 0644 "$initrd" "$ENTRY_DIR_ABS/$initrd_basename" || {
+ echo "Could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
+ exit 1
+ }
+done
mkdir -p "${LOADER_ENTRY%/*}" || {
echo "Could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
exit 1
}
-[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Creating $LOADER_ENTRY"
+# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
+[ $# -eq 0 ] && set -- "initrd"
+
+[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Creating $LOADER_ENTRY"
{
echo "title $PRETTY_NAME"
echo "version $KERNEL_VERSION"
echo "machine-id $MACHINE_ID"
- echo "options ${BOOT_OPTIONS[*]}"
+ echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
- for initrd in "${INITRD_OPTIONS[@]}"; do
- [[ -f $ENTRY_DIR_ABS/$(basename ${initrd}) ]] && \
- echo "initrd $ENTRY_DIR/$(basename ${initrd})"
+ for initrd; do
+ [ -f "$ENTRY_DIR_ABS/${initrd##*/}" ] && echo "initrd $ENTRY_DIR/${initrd##*/}"
done
:
-} > "$LOADER_ENTRY" || {
+} >"$LOADER_ENTRY" || {
echo "Could not create loader entry '$LOADER_ENTRY'." >&2
exit 1
}

82
SOURCES/0083-kernel-install-fix-shellcheck.patch Normal file
View File

@ -0,0 +1,82 @@
From 52f6eedb3bb4dc7a57fea6a8991b9058dedc8edc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 14:37:53 +0100
Subject: [PATCH] kernel-install: fix shellcheck
(cherry picked from commit 0bb1cb1fce5ebf307501dec1679e37f0c0157be9)
Related: #2065061
---
src/kernel-install/kernel-install | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index b358b03b2f..f6da0cf7a8 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -26,8 +26,8 @@ usage()
echo " $0 [OPTIONS...] add KERNEL-VERSION KERNEL-IMAGE [INITRD-FILE ...]"
echo " $0 [OPTIONS...] remove KERNEL-VERSION"
echo "Options:"
- echo " -h,--help Print this help"
- echo " -v,--verbose Increase verbosity"
+ echo " -h, --help Print this help"
+ echo " -v, --verbose Increase verbosity"
}
dropindirs_sort()
@@ -58,15 +58,15 @@ dropindirs_sort()
export LC_COLLATE=C
-for i in "$@"; do
- if [ "$i" == "--help" -o "$i" == "-h" ]; then
+for i; do
+ if [ "$i" = "--help" ] || [ "$i" = "-h" ]; then
usage
exit 0
fi
done
KERNEL_INSTALL_VERBOSE=0
-if [ "$1" == "--verbose" -o "$1" == "-v" ]; then
+if [ "$1" = "--verbose" ] || [ "$1" = "-v" ]; then
shift
KERNEL_INSTALL_VERBOSE=1
fi
@@ -185,13 +185,13 @@ case $COMMAND in
for f in "${PLUGINS[@]}"; do
if [[ -x $f ]]; then
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[@]}"
+ echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[*]}"
"$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "${INITRD_OPTIONS[@]}"
x=$?
- if [[ $x == $SKIP_REMAINING ]]; then
+ if [ $x -eq "$SKIP_REMAINING" ]; then
break
fi
- ((ret+=$x))
+ ((ret+=x))
fi
done
;;
@@ -203,10 +203,10 @@ case $COMMAND in
echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
"$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
x=$?
- if [[ $x == $SKIP_REMAINING ]]; then
+ if [ $x -eq "$SKIP_REMAINING" ]; then
break
fi
- ((ret+=$x))
+ ((ret+=x))
fi
done
@@ -222,4 +222,4 @@ case $COMMAND in
;;
esac
-exit $ret
+exit "$ret"

205
SOURCES/0084-kernel-install-port-to-bin-sh.patch Normal file
View File

@ -0,0 +1,205 @@
From 1f9eec4ab2a8a2213fec66194c537086e8242a0d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Thu, 16 Dec 2021 15:06:06 +0100
Subject: [PATCH] kernel-install: port to /bin/sh
(cherry picked from commit 76b1274a5cb54acaa4a0f0c2e570d751f9067c06)
Related: #2065061
---
src/kernel-install/kernel-install | 109 ++++++++++++------------------
1 file changed, 43 insertions(+), 66 deletions(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index f6da0cf7a8..2e8f382d5f 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/sh
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
# ex: ts=8 sw=4 sts=4 et filetype=sh
# SPDX-License-Identifier: LGPL-2.1-or-later
@@ -18,7 +18,7 @@
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
-SKIP_REMAINING=77
+skip_remaining=77
usage()
{
@@ -32,24 +32,17 @@ usage()
dropindirs_sort()
{
- local suffix=$1; shift
- local -a files
- local f d i
-
- readarray -t files <<<"$(
- for d in "$@"; do
- for i in "$d/"*"$suffix"; do
- if [[ -e "$i" ]]; then
- echo "${i##*/}"
- fi
- done
- done | sort -Vu
- )"
-
- for f in "${files[@]}"; do
- for d in "$@"; do
- if [[ -e "$d/$f" ]]; then
- echo "$d/$f"
+ suffix="$1"
+ shift
+
+ for d; do
+ for i in "$d/"*"$suffix"; do
+ [ -e "$i" ] && echo "${i##*/}"
+ done
+ done | sort -Vu | while read -r f; do
+ for d; do
+ if [ -e "$d/$f" ]; then
+ [ -x "$d/$f" ] && echo "$d/$f"
continue 2
fi
done
@@ -65,27 +58,25 @@ for i; do
fi
done
-KERNEL_INSTALL_VERBOSE=0
+export KERNEL_INSTALL_VERBOSE=0
if [ "$1" = "--verbose" ] || [ "$1" = "-v" ]; then
shift
KERNEL_INSTALL_VERBOSE=1
fi
-export KERNEL_INSTALL_VERBOSE
-if [[ "${0##*/}" == 'installkernel' ]]; then
- COMMAND='add'
- # make install doesn't pass any parameter wrt initrd handling
- INITRD_OPTIONS=()
+if [ "${0##*/}" = "installkernel" ]; then
+ COMMAND=add
+ # make install doesn't pass any initrds
else
COMMAND="$1"
- shift
- INITRD_OPTIONS=( "${@:3}" )
+ [ $# -ge 1 ] && shift
fi
KERNEL_VERSION="$1"
KERNEL_IMAGE="$2"
+[ $# -ge 2 ] && shift 2
-if [[ ! $COMMAND ]] || [[ ! $KERNEL_VERSION ]]; then
+if [ -z "$COMMAND" ] || [ -z "$KERNEL_VERSION" ]; then
echo "Not enough arguments" >&2
exit 1
fi
@@ -99,12 +90,11 @@ fi
# Prefer to use an existing machine ID from /etc/machine-info or /etc/machine-id. If we're using the machine
# ID /etc/machine-id, try to persist it in /etc/machine-info. If no machine ID is found, try to generate
# a new machine ID in /etc/machine-info. If that fails, use "Default".
-
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-info ] && source /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
-[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
+[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
[ -z "$MACHINE_ID" ] && NEW_MACHINE_ID="$(systemd-id128 new)" && echo "KERNEL_INSTALL_MACHINE_ID=$NEW_MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && [ -f /etc/machine-info ] && source /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
@@ -125,11 +115,6 @@ done
[ -z "$BOOT_ROOT" ] && BOOT_ROOT="/boot"
-ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
-
-export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
-export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
-
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.
if [ -d "$BOOT_ROOT/$MACHINE_ID" ]; then
@@ -152,21 +137,23 @@ MAKE_ENTRY_DIR_ABS=$?
ret=0
-readarray -t PLUGINS <<<"$(
+PLUGINS="$(
dropindirs_sort ".install" \
"/etc/kernel/install.d" \
"/usr/lib/kernel/install.d"
)"
+IFS="
+"
-case $COMMAND in
+case "$COMMAND" in
add)
- if [[ ! "$KERNEL_IMAGE" ]]; then
+ if [ -z "$KERNEL_IMAGE" ]; then
echo "Command 'add' requires an argument" >&2
exit 1
fi
- if [[ ! -f "$KERNEL_IMAGE" ]]; then
- echo "Kernel image argument ${KERNEL_IMAGE} not a file" >&2
+ if ! [ -f "$KERNEL_IMAGE" ]; then
+ echo "Kernel image argument $KERNEL_IMAGE not a file" >&2
exit 1
fi
@@ -182,32 +169,22 @@ case $COMMAND in
fi
fi
- for f in "${PLUGINS[@]}"; do
- if [[ -x $f ]]; then
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE ${INITRD_OPTIONS[*]}"
- "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "${INITRD_OPTIONS[@]}"
- x=$?
- if [ $x -eq "$SKIP_REMAINING" ]; then
- break
- fi
- ((ret+=x))
- fi
+ for f in $PLUGINS; do
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE $*"
+ "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "$@"
+ err=$?
+ [ $err -eq $skip_remaining ] && break
+ ret=$(( ret + err ))
done
;;
remove)
- for f in "${PLUGINS[@]}"; do
- if [[ -x $f ]]; then
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
- "$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
- x=$?
- if [ $x -eq "$SKIP_REMAINING" ]; then
- break
- fi
- ((ret+=x))
- fi
+ for f in $PLUGINS; do
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f remove $KERNEL_VERSION $ENTRY_DIR_ABS"
+ "$f" remove "$KERNEL_VERSION" "$ENTRY_DIR_ABS"
+ err=$?
+ [ $err -eq $skip_remaining ] && break
+ ret=$(( ret + err ))
done
if [ "$MAKE_ENTRY_DIR_ABS" -eq 0 ]; then

51
SOURCES/0085-kernel-install-90-loaderentry-error-out-on-nonexiste.patch Normal file
View File

@ -0,0 +1,51 @@
From bc1c914ebdec526151964c1aa3c2aeea0d4e2680 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Fri, 17 Dec 2021 19:51:12 +0100
Subject: [PATCH] kernel-install: 90-loaderentry: error out on nonexistent
initrds instead of swallowing them quietly
(cherry picked from commit 742561efbe938c45936f2e4f5d81b3ff6b352882)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 35324e69a9..e588e72bf9 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -93,7 +93,10 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
shift "$INITRD_OPTIONS_SHIFT"
for initrd; do
- [ -f "$initrd" ] || continue
+ [ -f "$initrd" ] || {
+ echo "Initrd '$initrd' not a file." >&2
+ exit 1
+ }
initrd_basename="${initrd##*/}"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
@@ -108,9 +111,6 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
exit 1
}
-# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
-[ $# -eq 0 ] && set -- "initrd"
-
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Creating $LOADER_ENTRY"
{
echo "title $PRETTY_NAME"
@@ -119,8 +119,10 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
for initrd; do
- [ -f "$ENTRY_DIR_ABS/${initrd##*/}" ] && echo "initrd $ENTRY_DIR/${initrd##*/}"
+ echo "initrd $ENTRY_DIR/${initrd##*/}"
done
+ # Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
+ [ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
echo "Could not create loader entry '$LOADER_ENTRY'." >&2

68
SOURCES/0086-kernel-install-don-t-pull-out-KERNEL_IMAGE.patch Normal file
View File

@ -0,0 +1,68 @@
From 8a52c3a1797084956ddcd2acfb65a4023a4f0655 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= <nabijaczleweli@nabijaczleweli.xyz>
Date: Mon, 20 Dec 2021 14:57:39 +0100
Subject: [PATCH] kernel-install: don't pull out KERNEL_IMAGE
It's part of the pack directly passed to scripts on add and ignored on
remove
(cherry picked from commit af319a4b14bd05cd4c8460487f2c6d7a31b35640)
Related: #2065061
---
src/kernel-install/kernel-install | 21 ++++++++++-----------
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 2e8f382d5f..097d6557f2 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -72,15 +72,14 @@ else
[ $# -ge 1 ] && shift
fi
-KERNEL_VERSION="$1"
-KERNEL_IMAGE="$2"
-[ $# -ge 2 ] && shift 2
-
-if [ -z "$COMMAND" ] || [ -z "$KERNEL_VERSION" ]; then
+if [ $# -lt 1 ]; then
echo "Not enough arguments" >&2
exit 1
fi
+KERNEL_VERSION="$1"
+shift
+
if [ -r "/etc/kernel/install.conf" ]; then
. /etc/kernel/install.conf
elif [ -r "/usr/lib/kernel/install.conf" ]; then
@@ -147,13 +146,13 @@ IFS="
case "$COMMAND" in
add)
- if [ -z "$KERNEL_IMAGE" ]; then
- echo "Command 'add' requires an argument" >&2
+ if [ $# -lt 1 ]; then
+ echo "Command 'add' requires a kernel image" >&2
exit 1
fi
- if ! [ -f "$KERNEL_IMAGE" ]; then
- echo "Kernel image argument $KERNEL_IMAGE not a file" >&2
+ if ! [ -f "$1" ]; then
+ echo "Kernel image argument $1 not a file" >&2
exit 1
fi
@@ -170,8 +169,8 @@ case "$COMMAND" in
fi
for f in $PLUGINS; do
- [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $KERNEL_IMAGE $*"
- "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$KERNEL_IMAGE" "$@"
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "+$f add $KERNEL_VERSION $ENTRY_DIR_ABS $*"
+ "$f" add "$KERNEL_VERSION" "$ENTRY_DIR_ABS" "$@"
err=$?
[ $err -eq $skip_remaining ] && break
ret=$(( ret + err ))

32
SOURCES/0087-kernel-install-prefer-boot-over-boot-efi-for-BOOT_RO.patch Normal file
View File

@ -0,0 +1,32 @@
From 8bcb1df836fccb5ddb6fb071b022bfd490f94e11 Mon Sep 17 00:00:00 2001
From: Adam Williamson <awilliam@redhat.com>
Date: Wed, 5 Jan 2022 14:07:14 -0800
Subject: [PATCH] kernel-install: prefer /boot over /boot/efi for $BOOT_ROOT
This restores the preference order from before 9e82a74. The code
previous to that change 'preferred' /boot over /boot/efi; that
commit changed it to check /boot/efi before checking /boot.
Changing this precedence could (and did, for me) have unexpected
effects - it seems safer to leave it how it was.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
(cherry picked from commit a5307e173bf86d695fe85b8e15e91126e8618a14)
Related: #2065061
---
src/kernel-install/kernel-install | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 097d6557f2..e56483ef96 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -97,7 +97,7 @@ fi
[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
- for pref in "/efi" "/boot/efi" "/boot"; do
+ for pref in "/efi" "/boot" "/boot/efi" ; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
break 2

26
SOURCES/0088-kernel-install-also-remove-modules.builtin.alias.bin.patch Normal file
View File

@ -0,0 +1,26 @@
From 491f0e55e1f1095b1d52d45e5753d5f1ea621231 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sat, 15 Jan 2022 03:37:40 +0900
Subject: [PATCH] kernel-install: also remove modules.builtin.alias.bin
Fixes RHBZ#2016630.
(cherry picked from commit 06006691b5c56b6123044179d934b3ed81c237ca)
Related: #2065061
---
src/kernel-install/50-depmod.install | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index aa1f6b8e0e..be414f39d1 100644
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -33,6 +33,7 @@ case "$COMMAND" in
"/lib/modules/$KERNEL_VERSION/modules.alias" \
"/lib/modules/$KERNEL_VERSION/modules.alias.bin" \
"/lib/modules/$KERNEL_VERSION/modules.builtin.bin" \
+ "/lib/modules/$KERNEL_VERSION/modules.builtin.alias.bin" \
"/lib/modules/$KERNEL_VERSION/modules.dep" \
"/lib/modules/$KERNEL_VERSION/modules.dep.bin" \
"/lib/modules/$KERNEL_VERSION/modules.devname" \

77
SOURCES/0089-kernel-install-add-new-variable-KERNEL_INSTALL_INITR.patch Normal file
View File

@ -0,0 +1,77 @@
From 931ae9749924a396a78044f8b1536085ff574ae6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 18 Jan 2022 17:40:13 +0100
Subject: [PATCH] kernel-install: add new variable
$KERNEL_INSTALL_INITRD_GENERATOR
The idea is that when not set, we do whatever we did in the past. But
with a new setting of initrd_generator=mkosi-initrd, mkosi-initrd will
generate an initrd.
(cherry picked from commit 5c1b257faf87cb4f93aee8866f45a8cb98230af9)
Related: #2065061
---
man/kernel-install.xml | 6 +++++-
src/kernel-install/install.conf | 1 +
src/kernel-install/kernel-install | 5 ++++-
3 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/man/kernel-install.xml b/man/kernel-install.xml
index 83255bb932..bb76074d2e 100644
--- a/man/kernel-install.xml
+++ b/man/kernel-install.xml
@@ -171,11 +171,15 @@
<para><varname>KERNEL_INSTALL_BOOT_ROOT=</varname> is set for the plugins to the root directory (mount point, usually) of the hierarchy
where boot-loader entries, kernel images, and associated resources should be placed. Can be overridden by setting <varname>BOOT_ROOT=</varname>.</para>
- <para><varname>KERNEL_INSTALL_LAYOUT=bls|other|...</varname> specifies the installation layout.
+ <para><varname>KERNEL_INSTALL_LAYOUT=bls|other|...</varname> is set for the plugins to specify the installation layout.
Defaults to <option>bls</option> if <filename>$BOOT/<replaceable>MACHINE-ID</replaceable></filename> exists, or <option>other</option> otherwise.
Additional layout names may be defined by convention. If a plugin uses a special layout,
it's encouraged to declare its own layout name and configure <varname>layout=</varname> in <filename>install.conf</filename> upon initial installation.</para>
+ <para><varname>KERNEL_INSTALL_INITRD_GENERATOR=...</varname> is set for plugins to select the initrd generator.
+ This should be configured as <varname>initrd_generator=</varname> in <filename>install.conf</filename>.
+ </para>
+
<variablelist>
<varlistentry>
<term>bls</term>
diff --git a/src/kernel-install/install.conf b/src/kernel-install/install.conf
index e4802e6fae..43b6e7d792 100644
--- a/src/kernel-install/install.conf
+++ b/src/kernel-install/install.conf
@@ -8,3 +8,4 @@
# See kernel-install(8) for details.
#layout=bls|other|...
+#initrd_generator=dracut|...
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index e56483ef96..fe457c1070 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -80,6 +80,9 @@ fi
KERNEL_VERSION="$1"
shift
+layout=
+initrd_generator=
+
if [ -r "/etc/kernel/install.conf" ]; then
. /etc/kernel/install.conf
elif [ -r "/usr/lib/kernel/install.conf" ]; then
@@ -123,12 +126,12 @@ if [ -z "$layout" ]; then
fi
fi
-
ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
+export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
[ "$layout" = "bls" ]
MAKE_ENTRY_DIR_ABS=$?

32
SOURCES/0090-kernel-install-k-i-already-creates-ENTRY_DIR_ABS-no-.patch Normal file
View File

@ -0,0 +1,32 @@
From 27b017353a06a22d42dc8bbabbaf602200730719 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:10:37 +0100
Subject: [PATCH] kernel-install: k-i already creates $ENTRY_DIR_ABS, no need
to do it again
(cherry picked from commit a520d5dddb991cd713392d4de0e342e312547a2e)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index e588e72bf9..7b768457c1 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -78,12 +78,8 @@ else
fi
if ! [ -d "$ENTRY_DIR_ABS" ]; then
- if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then
- echo "+mkdir -v -p $ENTRY_DIR_ABS"
- mkdir -v -p "$ENTRY_DIR_ABS"
- else
- mkdir -p "$ENTRY_DIR_ABS"
- fi
+ echo "Error: entry directory '$ENTRY_DIR_ABS' does not exist" >&2
+ exit 1
fi
install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {

118
SOURCES/0091-kernel-install-prefix-errors-with-Error-exit-immedia.patch Normal file
View File

@ -0,0 +1,118 @@
From 7e5ff353f8b35352f6c36233841754154b4f453b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:15:16 +0100
Subject: [PATCH] kernel-install: prefix errors with "Error:", exit immediately
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
kernel-install would continue after errors… We don't want this, as it
makes the results totally unpredicatable. If we didn't install the kernel
or didn't do some important part of the setup, let's just return an error
and let the user deal with it.
When looking at output, the error was often hard to distinguish, esp.
with -v. Add "Error:" everywhere to make the output easier to parse.
(cherry picked from commit 680cec6b4ddb356d7dd087b197718712cb5c1662)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 10 +++++-----
src/kernel-install/kernel-install | 12 ++++++------
2 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 7b768457c1..6a396910cb 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -83,27 +83,27 @@ if ! [ -d "$ENTRY_DIR_ABS" ]; then
fi
install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
- echo "Could not copy '$KERNEL_IMAGE' to '$ENTRY_DIR_ABS/linux'." >&2
+ echo "Error: could not copy '$KERNEL_IMAGE' to '$ENTRY_DIR_ABS/linux'." >&2
exit 1
}
shift "$INITRD_OPTIONS_SHIFT"
for initrd; do
[ -f "$initrd" ] || {
- echo "Initrd '$initrd' not a file." >&2
+ echo "Error: initrd '$initrd' not a file." >&2
exit 1
}
initrd_basename="${initrd##*/}"
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && echo "Installing $ENTRY_DIR_ABS/$initrd_basename"
install -g root -o root -m 0644 "$initrd" "$ENTRY_DIR_ABS/$initrd_basename" || {
- echo "Could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
+ echo "Error: could not copy '$initrd' to '$ENTRY_DIR_ABS/$initrd_basename'." >&2
exit 1
}
done
mkdir -p "${LOADER_ENTRY%/*}" || {
- echo "Could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
+ echo "Error: could not create loader entry directory '${LOADER_ENTRY%/*}'." >&2
exit 1
}
@@ -121,7 +121,7 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
[ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
- echo "Could not create loader entry '$LOADER_ENTRY'." >&2
+ echo "Error: could not create loader entry '$LOADER_ENTRY'." >&2
exit 1
}
exit 0
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index fe457c1070..a73a205d79 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -73,7 +73,7 @@ else
fi
if [ $# -lt 1 ]; then
- echo "Not enough arguments" >&2
+ echo "Error: not enough arguments" >&2
exit 1
fi
@@ -150,12 +150,12 @@ IFS="
case "$COMMAND" in
add)
if [ $# -lt 1 ]; then
- echo "Command 'add' requires a kernel image" >&2
+ echo "Error: command 'add' requires a kernel image" >&2
exit 1
fi
if ! [ -f "$1" ]; then
- echo "Kernel image argument $1 not a file" >&2
+ echo "Error: kernel image argument $1 not a file" >&2
exit 1
fi
@@ -165,9 +165,9 @@ case "$COMMAND" in
# to serve as the indication to use or to not use the BLS
if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then
echo "+mkdir -v -p $ENTRY_DIR_ABS"
- mkdir -v -p "$ENTRY_DIR_ABS"
+ mkdir -v -p "$ENTRY_DIR_ABS" || exit 1
else
- mkdir -p "$ENTRY_DIR_ABS"
+ mkdir -p "$ENTRY_DIR_ABS" || exit 1
fi
fi
@@ -196,7 +196,7 @@ case "$COMMAND" in
;;
*)
- echo "Unknown command '$COMMAND'" >&2
+ echo "Error: unknown command '$COMMAND'" >&2
exit 1
;;
esac

108
SOURCES/0092-kernel-install-add-KERNEL_INSTALL_STAGING_AREA-direc.patch Normal file
View File

@ -0,0 +1,108 @@
From 0f4ea4aee6e404dfbd6e3c4bbfb4f805e4e257f6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 12:20:22 +0100
Subject: [PATCH] kernel-install: add "$KERNEL_INSTALL_STAGING_AREA" directory
The general approach of kernel-install was that each plugin would drop in some
files into the entry directory. But this doesn't scale well, because if we have
multiple initrd generators, or multiple initrds, each generator would need to
recreate the logic to put the generated files in the right place.
Also, effective cleanup is impossible if anything goes wrong on the way, so we
could end up with unused files in $BOOT.
So let's invert the process: plugins drop files into $KERNEL_INSTALL_STAGING_AREA,
and at the end 90-loaderentry.install DTRT with those files.
This allow new plugins like 50-mkosi-initrd.install to be significantly simpler.
(cherry picked from commit 367165a4069ac0c04882a05a8a80f6afb1e42760)
Related: #2065061
---
man/kernel-install.xml | 4 ++++
src/kernel-install/90-loaderentry.install | 13 ++++++++++---
src/kernel-install/kernel-install | 10 ++++++++++
3 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/man/kernel-install.xml b/man/kernel-install.xml
index bb76074d2e..685617863e 100644
--- a/man/kernel-install.xml
+++ b/man/kernel-install.xml
@@ -180,6 +180,10 @@
This should be configured as <varname>initrd_generator=</varname> in <filename>install.conf</filename>.
</para>
+ <para><varname>KERNEL_INSTALL_STAGING_AREA=...</varname> is set for plugins to a path to a directory.
+ Plugins may drop files in that directory, and they will be installed as part of the loader entry, based
+ on the file name and extension.</para>
+
<variablelist>
<varlistentry>
<term>bls</term>
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 6a396910cb..0888c260e2 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -18,6 +18,8 @@
# You should have received a copy of the GNU Lesser General Public License
# along with systemd; If not, see <http://www.gnu.org/licenses/>.
+shopt -s nullglob
+
COMMAND="$1"
KERNEL_VERSION="$2"
ENTRY_DIR_ABS="$3"
@@ -88,7 +90,8 @@ install -g root -o root -m 0644 "$KERNEL_IMAGE" "$ENTRY_DIR_ABS/linux" || {
}
shift "$INITRD_OPTIONS_SHIFT"
-for initrd; do
+# All files listed as arguments, and staged files called "initrd*" are installed as initrds.
+for initrd in "$@" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
[ -f "$initrd" ] || {
echo "Error: initrd '$initrd' not a file." >&2
exit 1
@@ -114,11 +117,15 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
echo "machine-id $MACHINE_ID"
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"
- for initrd; do
+
+ have_initrd=
+ for initrd in "${@}" "${KERNEL_INSTALL_STAGING_AREA}"/initrd*; do
echo "initrd $ENTRY_DIR/${initrd##*/}"
+ have_initrd=yes
done
+
# Try "initrd", generated by dracut in its kernel-install hook, if no initrds were supplied
- [ $# -eq 0 ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
+ [ -z "$have_initrd" ] && [ -f "$ENTRY_DIR_ABS/initrd" ] && echo "initrd $ENTRY_DIR/initrd"
:
} >"$LOADER_ENTRY" || {
echo "Error: could not create loader entry '$LOADER_ENTRY'." >&2
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index a73a205d79..8cfef3208d 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -128,10 +128,20 @@ fi
ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
+# Provide a directory where to store generated initrds
+cleanup() {
+ [ -n "$KERNEL_INSTALL_STAGING_AREA" ] && rm -rf "$KERNEL_INSTALL_STAGING_AREA"
+}
+
+trap cleanup EXIT
+
+KERNEL_INSTALL_STAGING_AREA="$(mktemp -d -t -p /tmp kernel-install.staging.XXXXXXX)"
+
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
+export KERNEL_INSTALL_STAGING_AREA
[ "$layout" = "bls" ]
MAKE_ENTRY_DIR_ABS=$?

25
SOURCES/0093-kernel-install-add-missing-log-line.patch Normal file
View File

@ -0,0 +1,25 @@
From 9f36dbd7cb7ca1f2e77ea6c1a3129988f346b287 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 19 Jan 2022 14:03:24 +0100
Subject: [PATCH] kernel-install: add missing log line
(cherry picked from commit 29f604131b2c0b82dca7d6ffaa5e6bc6a253620d)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 0888c260e2..3edefdefb4 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -40,6 +40,8 @@ fi
case "$COMMAND" in
remove)
+ [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
+ echo "Removing $BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION*.conf"
exec rm -f \
"$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
"$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"

83
SOURCES/0094-kernel-install-don-t-try-to-persist-used-machine-ID-.patch Normal file
View File

@ -0,0 +1,83 @@
From 7738d7793bc83421536f9962c794633006613725 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 13:59:36 +0100
Subject: [PATCH] kernel-install: don't try to persist used machine ID locally
This reworks the how machine ID used by the boot loader spec snippet
generation logic. Instead of persisting it automatically to /etc/ we'll
append it via systemd.machined_id= to the kernel command line, and thus
persist it in the generated boot loader spec snippets instead. This has
nice benefits:
1. We do not collide with read-only root
2. The machine ID remains stable across factory reset, so that we can
safely recognize the path in $BOOT we drop our kernel images in
again, i.e. kernel updates will work correctly and safely across
kernel factory resets.
3. Previously regular systems had different machine IDs while in
initrd and after booting into the host system. With this change
they will now have the same.
This then drops implicit persisting of KERNEL_INSTALL_MACHINE_ID, as its
unnecessary then. The field is still honoured though, for compat
reasons.
This also drops the "Default" fallback previously used, as it actually
is without effect, the randomized ID generation already took precedence
in all cases. This means $MACHNE_ID/KERNEL_INSTALL_MACHINE_ID are now
guaranteed to look like a proper machine ID, which is useful for us,
given you need it that way to be able to pass it to the
systemd.machine_id= kernel command line option.
(cherry picked from commit 11ce3ea2f2219ab9c0700bcf7f8ed4312d80e937)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 6 +++++-
src/kernel-install/kernel-install | 16 +++++++---------
2 files changed, 12 insertions(+), 10 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 3edefdefb4..046771169c 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -68,7 +68,11 @@ elif [ -r /usr/lib/kernel/cmdline ]; then
else
BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
-BOOT_OPTIONS="${BOOT_OPTIONS% }"
+
+# Suffix with the machine ID we use, so that the machine ID remains stable,
+# even during factory reset, in the initrd (where the system's machine ID is
+# not directly accessible yet), and if the root file system is volatile.
+BOOT_OPTIONS="${BOOT_OPTIONS% } systemd.machine_id=$MACHINE_ID"
if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 8cfef3208d..e94aa79bc6 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -89,15 +89,13 @@ elif [ -r "/usr/lib/kernel/install.conf" ]; then
. /usr/lib/kernel/install.conf
fi
-# Prefer to use an existing machine ID from /etc/machine-info or /etc/machine-id. If we're using the machine
-# ID /etc/machine-id, try to persist it in /etc/machine-info. If no machine ID is found, try to generate
-# a new machine ID in /etc/machine-info. If that fails, use "Default".
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
-[ -n "$MACHINE_ID" ] && [ -z "$KERNEL_INSTALL_MACHINE_ID" ] && echo "KERNEL_INSTALL_MACHINE_ID=$MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && NEW_MACHINE_ID="$(systemd-id128 new)" && echo "KERNEL_INSTALL_MACHINE_ID=$NEW_MACHINE_ID" >>/etc/machine-info
-[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
-[ -z "$MACHINE_ID" ] && MACHINE_ID="Default"
+# If /etc/machine-id is initialized we'll use it, otherwise we'll use a freshly
+# generated one. If the user configured an explicit machine ID to use in
+# /etc/machine-info to use for our purpose, we'll use that instead (for
+# compatibility).
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-info ] && . /etc/machine-info && MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
+[ -z "$MACHINE_ID" ] && MACHINE_ID="$(systemd-id128 new)"
[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
for pref in "/efi" "/boot" "/boot/efi" ; do

136
SOURCES/0095-kernel-install-add-a-new-ENTRY_TOKEN-variable-for-na.patch Normal file
View File

@ -0,0 +1,136 @@
From 455b9b9dd4d462db7482f67d8e730b25e75b1505 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 14:29:19 +0100
Subject: [PATCH] kernel-install: add a new $ENTRY_TOKEN variable for naming
boot entries
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This cleans up naming of boot loader spec boot entries a bit (i.e. the
naming of the .conf snippet files, and the directory in $BOOT where the
kernel images and initrds are placed), and isolates it from the actual machine
ID concept.
Previously there was a sinlge concept for both things, because typically
the entries are just named after the machine ID. However one could also
use a different identifier, i.e. not a 128bit ID in which cases issues
pop up everywhere. For example, the "machine-id" field in the generated
snippets would not be a machine ID anymore, and the newly added
systemd.machine_id= kernel parameter would possibly get passed invalid
data.
Hence clean this up:
$MACHINE_ID → always a valid 128bit ID.
$ENTRY_TOKEN → usually the $MACHINE_ID but can be any other string too.
This is used to name the directory to put kernels/initrds in. It's also
used for naming the *.conf snippets that implement the Boot Loader Type
1 spec.
(cherry picked from commit 3907044ffa568aedf076d0f9807489ec78f87502)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 11 ++++++-----
src/kernel-install/kernel-install | 21 +++++++++++++++++----
2 files changed, 23 insertions(+), 9 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 046771169c..46261a2c11 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -29,6 +29,7 @@ INITRD_OPTIONS_SHIFT=4
[ "$KERNEL_INSTALL_LAYOUT" = "bls" ] || exit 0
MACHINE_ID="$KERNEL_INSTALL_MACHINE_ID"
+ENTRY_TOKEN="$KERNEL_INSTALL_ENTRY_TOKEN"
BOOT_ROOT="$KERNEL_INSTALL_BOOT_ROOT"
BOOT_MNT="$(stat -c %m "$BOOT_ROOT")"
@@ -41,10 +42,10 @@ fi
case "$COMMAND" in
remove)
[ "$KERNEL_INSTALL_VERBOSE" -gt 0 ] && \
- echo "Removing $BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION*.conf"
+ echo "Removing $BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION*.conf"
exec rm -f \
- "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf" \
- "$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+"*".conf"
+ "$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION.conf" \
+ "$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION+"*".conf"
;;
add)
;;
@@ -80,9 +81,9 @@ if [ -r /etc/kernel/tries ]; then
echo "/etc/kernel/tries does not contain an integer." >&2
exit 1
fi
- LOADER_ENTRY="$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION+$TRIES.conf"
+ LOADER_ENTRY="$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION+$TRIES.conf"
else
- LOADER_ENTRY="$BOOT_ROOT/loader/entries/$MACHINE_ID-$KERNEL_VERSION.conf"
+ LOADER_ENTRY="$BOOT_ROOT/loader/entries/$ENTRY_TOKEN-$KERNEL_VERSION.conf"
fi
if ! [ -d "$ENTRY_DIR_ABS" ]; then
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index e94aa79bc6..75a31c62d4 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -97,7 +97,19 @@ fi
[ -z "$MACHINE_ID" ] && [ -r /etc/machine-id ] && read -r MACHINE_ID </etc/machine-id
[ -z "$MACHINE_ID" ] && MACHINE_ID="$(systemd-id128 new)"
-[ -z "$BOOT_ROOT" ] && for suff in "$MACHINE_ID" "loader/entries"; do
+# Now that we determined the machine ID to use, let's determine the "token" for
+# the boot loader entry to generate. We use that for naming the directory below
+# $BOOT where we want to place the kernel/initrd and related resources, as well
+# for naming the .conf boot loader spec entry. Typically this is just the
+# machine ID, but it can be anything else, too, if we are told so.
+[ -z "$ENTRY_TOKEN" ] && [ -r /etc/kernel/entry-token ] && read -r ENTRY_TOKEN </etc/kernel/entry-token
+[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
+
+# NB: The $MACHINE_ID is guaranteed to be a valid machine ID, but
+# $ENTRY_TOKEN can be any string that fits into a VFAT filename, though
+# typically is just the machine ID.
+
+[ -z "$BOOT_ROOT" ] && for suff in "$ENTRY_TOKEN" "loader/entries"; do
for pref in "/efi" "/boot" "/boot/efi" ; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
@@ -117,14 +129,14 @@ done
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.
- if [ -d "$BOOT_ROOT/$MACHINE_ID" ]; then
+ if [ -d "$BOOT_ROOT/$ENTRY_TOKEN" ]; then
layout="bls"
else
layout="other"
fi
fi
-ENTRY_DIR_ABS="$BOOT_ROOT/$MACHINE_ID/$KERNEL_VERSION"
+ENTRY_DIR_ABS="$BOOT_ROOT/$ENTRY_TOKEN/$KERNEL_VERSION"
# Provide a directory where to store generated initrds
cleanup() {
@@ -136,6 +148,7 @@ trap cleanup EXIT
KERNEL_INSTALL_STAGING_AREA="$(mktemp -d -t -p /tmp kernel-install.staging.XXXXXXX)"
export KERNEL_INSTALL_MACHINE_ID="$MACHINE_ID"
+export KERNEL_INSTALL_ENTRY_TOKEN="$ENTRY_TOKEN"
export KERNEL_INSTALL_BOOT_ROOT="$BOOT_ROOT"
export KERNEL_INSTALL_LAYOUT="$layout"
export KERNEL_INSTALL_INITRD_GENERATOR="$initrd_generator"
@@ -168,7 +181,7 @@ case "$COMMAND" in
fi
if [ "$MAKE_ENTRY_DIR_ABS" -eq 0 ]; then
- # Compatibility with earlier versions that used the presence of $BOOT_ROOT/$MACHINE_ID
+ # Compatibility with earlier versions that used the presence of $BOOT_ROOT/$ENTRY_TOKEN
# to signal to 00-entry-directory to create $ENTRY_DIR_ABS
# to serve as the indication to use or to not use the BLS
if [ "$KERNEL_INSTALL_VERBOSE" -gt 0 ]; then

59
SOURCES/0096-kernel-install-only-generate-systemd.boot_id-in-kern.patch Normal file
View File

@ -0,0 +1,59 @@
From 5eb855bddaf8270e7274132ded0e36325d8ffbbe Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 9 Feb 2022 14:44:48 +0100
Subject: [PATCH] kernel-install: only generate systemd.boot_id= in kernel
command line if used for naming the boot loader spec files/dirs
Now that we can distinguish the naming of the boot loader spec
dirs/files and the machine ID let's tweak the logic for suffixing the
kernel cmdline with systemd.boot_id=: let's only do that when we
actually need the boot ID for naming these dirs/files. If we don't,
let's not bother.
This should be beneficial for "golden" images that shall not carry any
machine IDs at all, i.e acquire their identity only once the final
userspace is actually reached.
(cherry picked from commit 953b61004c37948dcd897265b56c1613bc73b9f9)
Related: #2065061
---
src/kernel-install/90-loaderentry.install | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install
index 46261a2c11..c1d69aa824 100644
--- a/src/kernel-install/90-loaderentry.install
+++ b/src/kernel-install/90-loaderentry.install
@@ -70,10 +70,15 @@ else
BOOT_OPTIONS="$(tr -s "$IFS" '\n' </proc/cmdline | grep -ve '^BOOT_IMAGE=' -e '^initrd=' | tr '\n' ' ')"
fi
-# Suffix with the machine ID we use, so that the machine ID remains stable,
-# even during factory reset, in the initrd (where the system's machine ID is
-# not directly accessible yet), and if the root file system is volatile.
-BOOT_OPTIONS="${BOOT_OPTIONS% } systemd.machine_id=$MACHINE_ID"
+BOOT_OPTIONS="${BOOT_OPTIONS% }"
+
+# If the boot entries are named after the machine ID, then suffix the kernel
+# command line with the machine ID we use, so that the machine ID remains
+# stable, even during factory reset, in the initrd (where the system's machine
+# ID is not directly accessible yet), and if the root file system is volatile.
+if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ]; then
+ BOOT_OPTIONS="$BOOT_OPTIONS systemd.machine_id=$MACHINE_ID"
+fi
if [ -r /etc/kernel/tries ]; then
read -r TRIES </etc/kernel/tries
@@ -121,7 +126,10 @@ mkdir -p "${LOADER_ENTRY%/*}" || {
{
echo "title $PRETTY_NAME"
echo "version $KERNEL_VERSION"
- echo "machine-id $MACHINE_ID"
+ if [ "$ENTRY_TOKEN" = "$MACHINE_ID" ]; then
+ # See similar logic above for the systemd.machine_id= kernel command line option
+ echo "machine-id $MACHINE_ID"
+ fi
echo "options $BOOT_OPTIONS"
echo "linux $ENTRY_DIR/linux"

75
SOURCES/0097-kernel-install-search-harder-for-kernel-image-initrd.patch Normal file
View File

@ -0,0 +1,75 @@
From a774b3d6c43863b632f211aa21e61cb48e2ee736 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 10 Feb 2022 14:27:22 +0100
Subject: [PATCH] kernel-install: search harder for kernel image/initrd drop-in
dir
If not explicitly configured, let's search a bit harder for the
ENTRY_TOKEN, and let's try the machine ID, the IMAGE_ID and ID fields of
/etc/os-release and finally "Default", all below potential $XBOOTLDR.
(cherry picked from commit 6637cf9db67237857279262d93ee0e39023c5b85)
Related: #2065061
---
src/kernel-install/kernel-install | 27 ++++++++++++++++++++++++---
1 file changed, 24 insertions(+), 3 deletions(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index 75a31c62d4..c42c40592a 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -103,29 +103,50 @@ fi
# for naming the .conf boot loader spec entry. Typically this is just the
# machine ID, but it can be anything else, too, if we are told so.
[ -z "$ENTRY_TOKEN" ] && [ -r /etc/kernel/entry-token ] && read -r ENTRY_TOKEN </etc/kernel/entry-token
-[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
+if [ -z "$ENTRY_TOKEN" ]; then
+ # If not configured explicitly, then use a few candidates: the machine ID,
+ # the IMAGE_ID= and ID= fields from /etc/os-release and finally the fixed
+ # string "Default"
+ ENTRY_TOKEN_SEARCH="$MACHINE_ID"
+ [ -r /etc/os-release ] && . /etc/os-release
+ [ -n "$IMAGE_ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $IMAGE_ID"
+ [ -n "$ID" ] && ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH $ID"
+ ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN_SEARCH Default"
+else
+ ENTRY_TOKEN_SEARCH="$ENTRY_TOKEN"
+fi
# NB: The $MACHINE_ID is guaranteed to be a valid machine ID, but
# $ENTRY_TOKEN can be any string that fits into a VFAT filename, though
# typically is just the machine ID.
-[ -z "$BOOT_ROOT" ] && for suff in "$ENTRY_TOKEN" "loader/entries"; do
- for pref in "/efi" "/boot" "/boot/efi" ; do
+[ -z "$BOOT_ROOT" ] && for suff in $ENTRY_TOKEN_SEARCH; do
+ for pref in "/efi" "/boot" "/boot/efi"; do
if [ -d "$pref/$suff" ]; then
BOOT_ROOT="$pref"
+ ENTRY_TOKEN="$suff"
break 2
fi
done
done
+[ -z "$BOOT_ROOT" ] && for pref in "/efi" "/boot" "/boot/efi"; do
+ if [ -d "$pref/loader/entries" ]; then
+ BOOT_ROOT="$pref"
+ break
+ fi
+done
+
[ -z "$BOOT_ROOT" ] && for pref in "/efi" "/boot/efi"; do
if mountpoint -q "$pref"; then
BOOT_ROOT="$pref"
break
fi
done
+
[ -z "$BOOT_ROOT" ] && BOOT_ROOT="/boot"
+[ -z "$ENTRY_TOKEN" ] && ENTRY_TOKEN="$MACHINE_ID"
if [ -z "$layout" ]; then
# Administrative decision: if not present, some scripts generate into /boot.

68
SOURCES/0098-kernel-install-add-new-inspect-verb-showing-paths-an.patch Normal file
View File

@ -0,0 +1,68 @@
From 8742d040aa5ef5e784c903d0c3efacba7d69ade2 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 10 Feb 2022 14:37:37 +0100
Subject: [PATCH] kernel-install: add new "inspect" verb, showing paths and
parameters we discovered
(cherry picked from commit c73cf4184441d3cc37a5e2195938f07420ec38b7)
Related: #2065061
---
src/kernel-install/kernel-install | 29 +++++++++++++++++++++++------
1 file changed, 23 insertions(+), 6 deletions(-)
diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install
index c42c40592a..b8099bd12c 100755
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@@ -25,6 +25,7 @@ usage()
echo "Usage:"
echo " $0 [OPTIONS...] add KERNEL-VERSION KERNEL-IMAGE [INITRD-FILE ...]"
echo " $0 [OPTIONS...] remove KERNEL-VERSION"
+ echo " $0 [OPTIONS...] inspect"
echo "Options:"
echo " -h, --help Print this help"
echo " -v, --verbose Increase verbosity"
@@ -72,13 +73,17 @@ else
[ $# -ge 1 ] && shift
fi
-if [ $# -lt 1 ]; then
- echo "Error: not enough arguments" >&2
- exit 1
-fi
+if [ "$COMMAND" = "inspect" ]; then
+ KERNEL_VERSION=""
+else
+ if [ $# -lt 1 ]; then
+ echo "Error: not enough arguments" >&2
+ exit 1
+ fi
-KERNEL_VERSION="$1"
-shift
+ KERNEL_VERSION="$1"
+ shift
+fi
layout=
initrd_generator=
@@ -237,6 +242,18 @@ case "$COMMAND" in
fi
;;
+ inspect)
+ echo "KERNEL_INSTALL_MACHINE_ID: $KERNEL_INSTALL_MACHINE_ID"
+ echo "KERNEL_INSTALL_ENTRY_TOKEN: $KERNEL_INSTALL_ENTRY_TOKEN"
+ echo "KERNEL_INSTALL_BOOT_ROOT: $KERNEL_INSTALL_BOOT_ROOT"
+ echo "KERNEL_INSTALL_LAYOUT: $KERNEL_INSTALL_LAYOUT"
+ echo "KERNEL_INSTALL_INITRD_GENERATOR: $KERNEL_INSTALL_INITRD_GENERATOR"
+ echo "ENTRY_DIR_ABS: $KERNEL_INSTALL_BOOT_ROOT/$ENTRY_TOKEN/\$KERNEL_VERSION"
+
+ # Assert that ENTRY_DIR_ABS actually matches what we are printing here
+ [ "${ENTRY_DIR_ABS%/*}" = "$KERNEL_INSTALL_BOOT_ROOT/$ENTRY_TOKEN" ] || { echo "Assertion didn't pass." >&2; exit 1; }
+
+ ;;
*)
echo "Error: unknown command '$COMMAND'" >&2
exit 1

97
SOURCES/0099-ci-Mergify-configuration-update.patch Normal file
View File

@ -0,0 +1,97 @@
From caf80cd558222a08687e8db95e3e1fcad0d69946 Mon Sep 17 00:00:00 2001
From: Jan Macku <jamacku@redhat.com>
Date: Mon, 30 May 2022 15:19:16 +0200
Subject: [PATCH] ci(Mergify): configuration update
Add rules for `needs-ci` label management
RHEL-only
Related: #2087652
---
.mergify.yml | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 76 insertions(+)
create mode 100644 .mergify.yml
diff --git a/.mergify.yml b/.mergify.yml
new file mode 100644
index 0000000000..c06e0fb1be
--- /dev/null
+++ b/.mergify.yml
@@ -0,0 +1,76 @@
+# doc: https://docs.mergify.com
+---
+
+pull_request_rules:
+ - name: Add `needs-ci` label on CI fail
+ conditions:
+ - or:
+ # Build test
+ - -check-success=build (gcc, 10, bfd)
+ - -check-success=build (gcc, 11, gold)
+ - -check-success=build (clang, 11, bfd)
+ - -check-success=build (clang, 12, gold)
+ - -check-success=build (clang, 13, lld)
+ # Unit tests
+ - -check-success=build (GCC, auto)
+ - -check-success=build (GCC_ASAN_UBSAN, auto)
+ - -check-success=build (CLANG, auto)
+ - -check-success=build (CLANG_ASAN_UBSAN, auto)
+ - -check-success=build (GCC, openssl)
+ - -check-success=build (CLANG, gcrypt)
+ # CentOS CI
+ - -check-success=CentOS CI (CentOS Stream 9)
+ - -check-success=CentOS CI (CentOS Stream 9 + sanitizers)
+ # LGTM
+ - and:
+ - "-check-success=LGTM analysis: JavaScript"
+ - "-check-neutral=LGTM analysis: JavaScript"
+ - and:
+ - "-check-success=LGTM analysis: Python"
+ - "-check-neutral=LGTM analysis: Python"
+ - and:
+ - "-check-success=LGTM analysis: C/C++"
+ - "-check-neutral=LGTM analysis: Python"
+ # Packit
+ - -check-success=rpm-build:centos-stream-9-aarch64
+ - -check-success=rpm-build:centos-stream-9-x86_64
+ actions:
+ label:
+ add:
+ - needs-ci
+
+ - name: Remove `needs-ci` label on CI success
+ conditions:
+ # Build test
+ - check-success=build (gcc, 10, bfd)
+ - check-success=build (gcc, 11, gold)
+ - check-success=build (clang, 11, bfd)
+ - check-success=build (clang, 12, gold)
+ - check-success=build (clang, 13, lld)
+ # Unit tests
+ - check-success=build (GCC, auto)
+ - check-success=build (GCC_ASAN_UBSAN, auto)
+ - check-success=build (CLANG, auto)
+ - check-success=build (CLANG_ASAN_UBSAN, auto)
+ - check-success=build (GCC, openssl)
+ - check-success=build (CLANG, gcrypt)
+ # CentOS CI
+ - check-success=CentOS CI (CentOS Stream 9)
+ - check-success=CentOS CI (CentOS Stream 9 + sanitizers)
+ # LGTM
+ - or:
+ - "check-success=LGTM analysis: JavaScript"
+ - "check-neutral=LGTM analysis: JavaScript"
+ - or:
+ - "check-success=LGTM analysis: Python"
+ - "check-neutral=LGTM analysis: Python"
+ - or:
+ - "check-success=LGTM analysis: C/C++"
+ - "check-neutral=LGTM analysis: Python"
+ # Packit
+ - check-success=rpm-build:centos-stream-9-aarch64
+ - check-success=rpm-build:centos-stream-9-x86_64
+ actions:
+ label:
+ remove:
+ - needs-ci

34
SOURCES/0100-ci-Mergify-fix-copy-paste-bug.patch Normal file
View File

@ -0,0 +1,34 @@
From 14b8f663049a902aac962f9a522595df9db6b6bc Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Mon, 6 Jun 2022 15:39:22 +0200
Subject: [PATCH] ci(Mergify): fix copy&paste bug
RHEL-only
Related: #2087652
---
.mergify.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.mergify.yml b/.mergify.yml
index c06e0fb1be..b7852b201c 100644
--- a/.mergify.yml
+++ b/.mergify.yml
@@ -30,7 +30,7 @@ pull_request_rules:
- "-check-neutral=LGTM analysis: Python"
- and:
- "-check-success=LGTM analysis: C/C++"
- - "-check-neutral=LGTM analysis: Python"
+ - "-check-neutral=LGTM analysis: C/C++"
# Packit
- -check-success=rpm-build:centos-stream-9-aarch64
- -check-success=rpm-build:centos-stream-9-x86_64
@@ -66,7 +66,7 @@ pull_request_rules:
- "check-neutral=LGTM analysis: Python"
- or:
- "check-success=LGTM analysis: C/C++"
- - "check-neutral=LGTM analysis: Python"
+ - "check-neutral=LGTM analysis: C/C++"
# Packit
- check-success=rpm-build:centos-stream-9-aarch64
- check-success=rpm-build:centos-stream-9-x86_64

26
SOURCES/0101-shared-Fix-memory-leak-in-bus_append_execute_propert.patch Normal file
View File

@ -0,0 +1,26 @@
From 18b0bc42dc097af6147324deef100c41dedfa755 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Mon, 9 May 2022 09:50:32 +0200
Subject: [PATCH] shared: Fix memory leak in bus_append_execute_property()
Fixes #23317
(cherry picked from commit 2aaf6d407e8541985a15b7106abf6fbdfed0766a)
Related: #2087652
---
src/shared/bus-unit-util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
index dcce530c99..ef134bcee4 100644
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
@@ -1952,7 +1952,7 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
path_simplify(source);
if (isempty(destination)) {
- r = strv_extend(&sources, TAKE_PTR(source));
+ r = strv_consume(&sources, TAKE_PTR(source));
if (r < 0)
return bus_log_create_error(r);
} else {

187
SOURCES/0102-fuzz-no-longer-skip-empty-files.patch Normal file
View File

@ -0,0 +1,187 @@
From 0235f9ea3d221aba513f4b6215418bf554e02791 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Mon, 3 Jan 2022 12:31:07 +0000
Subject: [PATCH] fuzz: no longer skip empty files
Empty files and empty strings seem to have triggered various
issues in the past so it seems they shouldn't be ignore by the
fuzzers just because fmemopen can't handle them.
Prompted by https://github.com/systemd/systemd/pull/21939#issuecomment-1003113669
(cherry picked from commit 5df66d7d68006615abb4c4d3b1ebad545af4dd72)
Related: #2087652
---
src/core/fuzz-unit-file.c | 6 +-----
src/fuzz/fuzz-env-file.c | 5 ++---
src/fuzz/fuzz-hostname-setup.c | 6 +-----
src/fuzz/fuzz-json.c | 6 +-----
src/fuzz/fuzz.h | 9 +++++++++
src/nspawn/fuzz-nspawn-oci.c | 6 +-----
src/nspawn/fuzz-nspawn-settings.c | 6 +-----
7 files changed, 16 insertions(+), 28 deletions(-)
diff --git a/src/core/fuzz-unit-file.c b/src/core/fuzz-unit-file.c
index aef29f4cf7..780dd3988d 100644
--- a/src/core/fuzz-unit-file.c
+++ b/src/core/fuzz-unit-file.c
@@ -2,7 +2,6 @@
#include "conf-parser.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fuzz.h"
#include "install.h"
#include "load-fragment.h"
@@ -22,10 +21,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
const char *name;
long offset;
- if (size == 0)
- return 0;
-
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
if (read_line(f, LINE_MAX, &p) < 0)
diff --git a/src/fuzz/fuzz-env-file.c b/src/fuzz/fuzz-env-file.c
index e0dac260b0..3b3e625608 100644
--- a/src/fuzz/fuzz-env-file.c
+++ b/src/fuzz/fuzz-env-file.c
@@ -4,7 +4,6 @@
#include "alloc-util.h"
#include "env-file.h"
-#include "fileio.h"
#include "fd-util.h"
#include "fuzz.h"
#include "strv.h"
@@ -13,10 +12,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_fclose_ FILE *f = NULL;
_cleanup_strv_free_ char **rl = NULL, **rlp = NULL;
- if (size == 0 || size > 65535)
+ if (size > 65535)
return 0;
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
/* We don't want to fill the logs with messages about parse errors.
diff --git a/src/fuzz/fuzz-hostname-setup.c b/src/fuzz/fuzz-hostname-setup.c
index b8d36da54a..d7c23eef12 100644
--- a/src/fuzz/fuzz-hostname-setup.c
+++ b/src/fuzz/fuzz-hostname-setup.c
@@ -2,7 +2,6 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fuzz.h"
#include "hostname-setup.h"
@@ -10,10 +9,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_fclose_ FILE *f = NULL;
_cleanup_free_ char *ret = NULL;
- if (size == 0)
- return 0;
-
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
/* We don't want to fill the logs with messages about parse errors.
diff --git a/src/fuzz/fuzz-json.c b/src/fuzz/fuzz-json.c
index f9a0e818c4..ad7460c6fd 100644
--- a/src/fuzz/fuzz-json.c
+++ b/src/fuzz/fuzz-json.c
@@ -1,7 +1,6 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "alloc-util.h"
-#include "fileio.h"
#include "fd-util.h"
#include "fuzz.h"
#include "json.h"
@@ -12,10 +11,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_fclose_ FILE *f = NULL, *g = NULL;
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
- if (size == 0)
- return 0;
-
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
if (json_parse_file(f, NULL, 0, &v, NULL, NULL) < 0)
diff --git a/src/fuzz/fuzz.h b/src/fuzz/fuzz.h
index 579b0eed73..d7cbb0bb16 100644
--- a/src/fuzz/fuzz.h
+++ b/src/fuzz/fuzz.h
@@ -4,5 +4,14 @@
#include <stddef.h>
#include <stdint.h>
+#include "fileio.h"
+
/* The entry point into the fuzzer */
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+static inline FILE* data_to_file(const uint8_t *data, size_t size) {
+ if (size == 0)
+ return fopen("/dev/null", "re");
+ else
+ return fmemopen_unlocked((char*) data, size, "re");
+}
diff --git a/src/nspawn/fuzz-nspawn-oci.c b/src/nspawn/fuzz-nspawn-oci.c
index cfebf65c00..91f2a81dfc 100644
--- a/src/nspawn/fuzz-nspawn-oci.c
+++ b/src/nspawn/fuzz-nspawn-oci.c
@@ -2,7 +2,6 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fuzz.h"
#include "nspawn-oci.h"
@@ -10,10 +9,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_fclose_ FILE *f = NULL;
_cleanup_(settings_freep) Settings *s = NULL;
- if (size == 0)
- return 0;
-
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
/* We don't want to fill the logs with messages about parse errors.
diff --git a/src/nspawn/fuzz-nspawn-settings.c b/src/nspawn/fuzz-nspawn-settings.c
index bd98ed26e8..6b91e1506e 100644
--- a/src/nspawn/fuzz-nspawn-settings.c
+++ b/src/nspawn/fuzz-nspawn-settings.c
@@ -2,7 +2,6 @@
#include "alloc-util.h"
#include "fd-util.h"
-#include "fileio.h"
#include "fuzz.h"
#include "nspawn-settings.h"
@@ -10,10 +9,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
_cleanup_fclose_ FILE *f = NULL;
_cleanup_(settings_freep) Settings *s = NULL;
- if (size == 0)
- return 0;
-
- f = fmemopen_unlocked((char*) data, size, "re");
+ f = data_to_file(data, size);
assert_se(f);
/* We don't want to fill the logs with messages about parse errors.

276
SOURCES/0103-networkctl-open-the-bus-just-once.patch Normal file
View File

@ -0,0 +1,276 @@
From 3852f94de9582dc1acb44844579873cd0e2f3162 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 11 Jan 2022 15:12:42 +0100
Subject: [PATCH] networkctl: open the bus just once
We'd connect to the bus twice: the first time to check networkd namespace,
and then the second time to do the deed we were asked to do. It's nicer
to open the bus just once, for efficience and also to avoid the open call
in all functions.
An ASSERT_PTR helper is added:
- sd_bus *bus = userdata;
...
- assert(bus);
+ sd_bus *bus = ASSERT_PTR(userdata);
...
It can be used in other place too, but I'm leaving that for a later
refactoring.
(cherry picked from commit d821e40ca96d2b14216f7a18e4512364bfb83628)
Related: #2087652
---
src/fundamental/macro-fundamental.h | 8 ++++
src/network/networkctl.c | 74 ++++++++++-------------------
2 files changed, 33 insertions(+), 49 deletions(-)
diff --git a/src/fundamental/macro-fundamental.h b/src/fundamental/macro-fundamental.h
index f87839d47b..d597c743bb 100644
--- a/src/fundamental/macro-fundamental.h
+++ b/src/fundamental/macro-fundamental.h
@@ -66,6 +66,14 @@
#define free(a) FreePool(a)
#endif
+/* This passes the argument through after (if asserts are enabled) checking that it is not null. */
+#define ASSERT_PTR(expr) \
+ ({ \
+ typeof(expr) _expr_ = (expr); \
+ assert(_expr_); \
+ _expr_; \
+ })
+
#if defined(static_assert)
#define assert_cc(expr) \
static_assert(expr, #expr)
diff --git a/src/network/networkctl.c b/src/network/networkctl.c
index 68dd4b185c..c35f851bdb 100644
--- a/src/network/networkctl.c
+++ b/src/network/networkctl.c
@@ -79,17 +79,12 @@ static bool arg_full = false;
static unsigned arg_lines = 10;
static JsonFormatFlags arg_json_format_flags = JSON_FORMAT_OFF;
-static int get_description(JsonVariant **ret) {
+static int get_description(sd_bus *bus, JsonVariant **ret) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
const char *text = NULL;
int r;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
r = bus_call_method(bus, bus_network_mgr, "Describe", &error, &reply, NULL);
if (r < 0)
return log_error_errno(r, "Failed to get description: %s", bus_error_message(&error, r));
@@ -105,11 +100,11 @@ static int get_description(JsonVariant **ret) {
return 0;
}
-static int dump_manager_description(void) {
+static int dump_manager_description(sd_bus *bus) {
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
int r;
- r = get_description(&v);
+ r = get_description(bus, &v);
if (r < 0)
return r;
@@ -117,14 +112,14 @@ static int dump_manager_description(void) {
return 0;
}
-static int dump_link_description(char **patterns) {
+static int dump_link_description(sd_bus *bus, char **patterns) {
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
_cleanup_free_ bool *matched_patterns = NULL;
JsonVariant *i;
size_t c = 0;
int r;
- r = get_description(&v);
+ r = get_description(bus, &v);
if (r < 0)
return r;
@@ -790,6 +785,7 @@ static int acquire_link_info(sd_bus *bus, sd_netlink *rtnl, char **patterns, Lin
}
static int list_links(int argc, char *argv[], void *userdata) {
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
_cleanup_(link_info_array_freep) LinkInfo *links = NULL;
_cleanup_(table_unrefp) Table *table = NULL;
@@ -798,9 +794,9 @@ static int list_links(int argc, char *argv[], void *userdata) {
if (arg_json_format_flags != JSON_FORMAT_OFF) {
if (arg_all || argc <= 1)
- return dump_manager_description();
+ return dump_manager_description(bus);
else
- return dump_link_description(strv_skip(argv, 1));
+ return dump_link_description(bus, strv_skip(argv, 1));
}
r = sd_netlink_open(&rtnl);
@@ -2383,7 +2379,7 @@ static int system_status(sd_netlink *rtnl, sd_hwdb *hwdb) {
}
static int link_status(int argc, char *argv[], void *userdata) {
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
_cleanup_(sd_hwdb_unrefp) sd_hwdb *hwdb = NULL;
_cleanup_(link_info_array_freep) LinkInfo *links = NULL;
@@ -2391,17 +2387,13 @@ static int link_status(int argc, char *argv[], void *userdata) {
if (arg_json_format_flags != JSON_FORMAT_OFF) {
if (arg_all || argc <= 1)
- return dump_manager_description();
+ return dump_manager_description(bus);
else
- return dump_link_description(strv_skip(argv, 1));
+ return dump_link_description(bus, strv_skip(argv, 1));
}
pager_open(arg_pager_flags);
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
r = sd_netlink_open(&rtnl);
if (r < 0)
return log_error_errno(r, "Failed to connect to netlink: %m");
@@ -2738,14 +2730,10 @@ static int link_renew_one(sd_bus *bus, int index, const char *name) {
}
static int link_renew(int argc, char *argv[], void *userdata) {
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
int index, k = 0, r;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
for (int i = 1; i < argc; i++) {
index = rtnl_resolve_interface_or_warn(&rtnl, argv[i]);
if (index < 0)
@@ -2772,14 +2760,10 @@ static int link_force_renew_one(sd_bus *bus, int index, const char *name) {
}
static int link_force_renew(int argc, char *argv[], void *userdata) {
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
int k = 0, r;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
for (int i = 1; i < argc; i++) {
int index = rtnl_resolve_interface_or_warn(&rtnl, argv[i]);
if (index < 0)
@@ -2794,14 +2778,10 @@ static int link_force_renew(int argc, char *argv[], void *userdata) {
}
static int verb_reload(int argc, char *argv[], void *userdata) {
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
int r;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
r = bus_call_method(bus, bus_network_mgr, "Reload", &error, NULL, NULL);
if (r < 0)
return log_error_errno(r, "Failed to reload network settings: %m");
@@ -2810,17 +2790,13 @@ static int verb_reload(int argc, char *argv[], void *userdata) {
}
static int verb_reconfigure(int argc, char *argv[], void *userdata) {
+ sd_bus *bus = ASSERT_PTR(userdata);
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
_cleanup_set_free_ Set *indexes = NULL;
int index, r;
void *p;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
indexes = set_new(NULL);
if (!indexes)
return log_oom();
@@ -2968,7 +2944,7 @@ static int parse_argv(int argc, char *argv[]) {
return 1;
}
-static int networkctl_main(int argc, char *argv[]) {
+static int networkctl_main(sd_bus *bus, int argc, char *argv[]) {
static const Verb verbs[] = {
{ "list", VERB_ANY, VERB_ANY, VERB_DEFAULT, list_links },
{ "status", VERB_ANY, VERB_ANY, 0, link_status },
@@ -2984,20 +2960,15 @@ static int networkctl_main(int argc, char *argv[]) {
{}
};
- return dispatch_verb(argc, argv, verbs, NULL);
+ return dispatch_verb(argc, argv, verbs, bus);
}
-static int check_netns_match(void) {
+static int check_netns_match(sd_bus *bus) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
struct stat st;
uint64_t id;
int r;
- r = sd_bus_open_system(&bus);
- if (r < 0)
- return log_error_errno(r, "Failed to connect system bus: %m");
-
r = sd_bus_get_property_trivial(
bus,
"org.freedesktop.network1",
@@ -3035,6 +3006,7 @@ static void warn_networkd_missing(void) {
}
static int run(int argc, char* argv[]) {
+ _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
int r;
log_setup();
@@ -3043,13 +3015,17 @@ static int run(int argc, char* argv[]) {
if (r <= 0)
return r;
- r = check_netns_match();
+ r = sd_bus_open_system(&bus);
+ if (r < 0)
+ return log_error_errno(r, "Failed to connect system bus: %m");
+
+ r = check_netns_match(bus);
if (r < 0)
return r;
warn_networkd_missing();
- return networkctl_main(argc, argv);
+ return networkctl_main(bus, argc, argv);
}
DEFINE_MAIN_FUNCTION(run);

55
SOURCES/0104-json-align-table.patch Normal file
View File

@ -0,0 +1,55 @@
From ee588179205de7c1584bd45bd22ec59028f11405 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 10:24:36 +0200
Subject: [PATCH] json: align table
(cherry picked from commit 9674b089cfb1f75653579e83735e049ddcbbed7e)
Related: #2087652
---
src/shared/json.c | 18 ++++++++----------
1 file changed, 8 insertions(+), 10 deletions(-)
diff --git a/src/shared/json.c b/src/shared/json.c
index dff95eda26..6375b87a0b 100644
--- a/src/shared/json.c
+++ b/src/shared/json.c
@@ -4754,7 +4754,6 @@ bool json_variant_is_sorted(JsonVariant *v) {
}
int json_variant_unbase64(JsonVariant *v, void **ret, size_t *ret_size) {
-
if (!json_variant_is_string(v))
return -EINVAL;
@@ -4762,7 +4761,6 @@ int json_variant_unbase64(JsonVariant *v, void **ret, size_t *ret_size) {
}
int json_variant_unhex(JsonVariant *v, void **ret, size_t *ret_size) {
-
if (!json_variant_is_string(v))
return -EINVAL;
@@ -4770,15 +4768,15 @@ int json_variant_unhex(JsonVariant *v, void **ret, size_t *ret_size) {
}
static const char* const json_variant_type_table[_JSON_VARIANT_TYPE_MAX] = {
- [JSON_VARIANT_STRING] = "string",
- [JSON_VARIANT_INTEGER] = "integer",
+ [JSON_VARIANT_STRING] = "string",
+ [JSON_VARIANT_INTEGER] = "integer",
[JSON_VARIANT_UNSIGNED] = "unsigned",
- [JSON_VARIANT_REAL] = "real",
- [JSON_VARIANT_NUMBER] = "number",
- [JSON_VARIANT_BOOLEAN] = "boolean",
- [JSON_VARIANT_ARRAY] = "array",
- [JSON_VARIANT_OBJECT] = "object",
- [JSON_VARIANT_NULL] = "null",
+ [JSON_VARIANT_REAL] = "real",
+ [JSON_VARIANT_NUMBER] = "number",
+ [JSON_VARIANT_BOOLEAN] = "boolean",
+ [JSON_VARIANT_ARRAY] = "array",
+ [JSON_VARIANT_OBJECT] = "object",
+ [JSON_VARIANT_NULL] = "null",
};
DEFINE_STRING_TABLE_LOOKUP(json_variant_type, JsonVariantType);

60
SOURCES/0105-fuzz-json-optionally-allow-logging-and-output.patch Normal file
View File

@ -0,0 +1,60 @@
From 3087505025b78b80951ab3a5f496eb255f1a9a21 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 10:41:36 +0200
Subject: [PATCH] fuzz-json: optionally allow logging and output
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Similarly to other fuzzers… this makes development easier.
(cherry picked from commit 9ad955ce40e244a52984c68ae2a6b151d918b4a8)
Related: #2087652
---
src/fuzz/fuzz-json.c | 19 ++++++++++++++-----
1 file changed, 14 insertions(+), 5 deletions(-)
diff --git a/src/fuzz/fuzz-json.c b/src/fuzz/fuzz-json.c
index ad7460c6fd..648a6d441d 100644
--- a/src/fuzz/fuzz-json.c
+++ b/src/fuzz/fuzz-json.c
@@ -1,6 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "alloc-util.h"
+#include "env-util.h"
#include "fd-util.h"
#include "fuzz.h"
#include "json.h"
@@ -10,18 +11,26 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
size_t out_size;
_cleanup_fclose_ FILE *f = NULL, *g = NULL;
_cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
+ int r;
+
+ /* Disable most logging if not running standalone */
+ if (!getenv("SYSTEMD_LOG_LEVEL"))
+ log_set_max_level(LOG_CRIT);
f = data_to_file(data, size);
assert_se(f);
- if (json_parse_file(f, NULL, 0, &v, NULL, NULL) < 0)
+ r = json_parse_file(f, NULL, 0, &v, NULL, NULL);
+ if (r < 0) {
+ log_debug_errno(r, "failed to parse input: %m");
return 0;
+ }
- g = open_memstream_unlocked(&out, &out_size);
- assert_se(g);
+ if (getenv_bool("SYSTEMD_FUZZ_OUTPUT") <= 0)
+ assert_se(g = open_memstream_unlocked(&out, &out_size));
- json_variant_dump(v, 0, g, NULL);
- json_variant_dump(v, JSON_FORMAT_PRETTY|JSON_FORMAT_COLOR|JSON_FORMAT_SOURCE, g, NULL);
+ json_variant_dump(v, 0, g ?: stdout, NULL);
+ json_variant_dump(v, JSON_FORMAT_PRETTY|JSON_FORMAT_COLOR|JSON_FORMAT_SOURCE, g ?: stdout, NULL);
return 0;
}

435
SOURCES/0106-shared-json-reduce-scope-of-variables.patch Normal file
View File

@ -0,0 +1,435 @@
From 272d6e85877bb436709ed54c02d3b68101e0438d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 11:01:32 +0200
Subject: [PATCH] shared/json: reduce scope of variables
(cherry picked from commit a4669764f7329d1e8a3d364db519500355cea5f0)
Related: #2087652
---
src/shared/json.c | 133 +++++++++++++++++++---------------------------
1 file changed, 54 insertions(+), 79 deletions(-)
diff --git a/src/shared/json.c b/src/shared/json.c
index 6375b87a0b..d35874f8e3 100644
--- a/src/shared/json.c
+++ b/src/shared/json.c
@@ -574,9 +574,6 @@ int json_variant_new_array(JsonVariant **ret, JsonVariant **array, size_t n) {
}
int json_variant_new_array_bytes(JsonVariant **ret, const void *p, size_t n) {
- JsonVariant *v;
- size_t i;
-
assert_return(ret, -EINVAL);
if (n == 0) {
*ret = JSON_VARIANT_MAGIC_EMPTY_ARRAY;
@@ -584,7 +581,7 @@ int json_variant_new_array_bytes(JsonVariant **ret, const void *p, size_t n) {
}
assert_return(p, -EINVAL);
- v = new(JsonVariant, n + 1);
+ JsonVariant *v = new(JsonVariant, n + 1);
if (!v)
return -ENOMEM;
@@ -595,7 +592,7 @@ int json_variant_new_array_bytes(JsonVariant **ret, const void *p, size_t n) {
.depth = 1,
};
- for (i = 0; i < n; i++) {
+ for (size_t i = 0; i < n; i++) {
JsonVariant *w = v + 1 + i;
*w = (JsonVariant) {
@@ -790,12 +787,9 @@ static void json_variant_free_inner(JsonVariant *v, bool force_sensitive) {
return;
}
- if (IN_SET(v->type, JSON_VARIANT_ARRAY, JSON_VARIANT_OBJECT)) {
- size_t i;
-
- for (i = 0; i < v->n_elements; i++)
+ if (IN_SET(v->type, JSON_VARIANT_ARRAY, JSON_VARIANT_OBJECT))
+ for (size_t i = 0; i < v->n_elements; i++)
json_variant_free_inner(v + 1 + i, sensitive);
- }
if (sensitive)
explicit_bzero_safe(v, json_variant_size(v));
@@ -839,11 +833,9 @@ JsonVariant *json_variant_unref(JsonVariant *v) {
}
void json_variant_unref_many(JsonVariant **array, size_t n) {
- size_t i;
-
assert(array || n == 0);
- for (i = 0; i < n; i++)
+ for (size_t i = 0; i < n; i++)
json_variant_unref(array[i]);
}
@@ -1218,8 +1210,6 @@ mismatch:
}
JsonVariant *json_variant_by_key_full(JsonVariant *v, const char *key, JsonVariant **ret_key) {
- size_t i;
-
if (!v)
goto not_found;
if (!key)
@@ -1241,6 +1231,7 @@ JsonVariant *json_variant_by_key_full(JsonVariant *v, const char *key, JsonVaria
while (b > a) {
JsonVariant *p;
const char *f;
+ size_t i;
int c;
i = (a + b) / 2;
@@ -1264,7 +1255,7 @@ JsonVariant *json_variant_by_key_full(JsonVariant *v, const char *key, JsonVaria
}
/* The variant is not sorted, hence search for the field linearly */
- for (i = 0; i < v->n_elements; i += 2) {
+ for (size_t i = 0; i < v->n_elements; i += 2) {
JsonVariant *p;
p = json_variant_dereference(v + 1 + i);
@@ -1335,34 +1326,28 @@ bool json_variant_equal(JsonVariant *a, JsonVariant *b) {
return true;
case JSON_VARIANT_ARRAY: {
- size_t i, n;
-
- n = json_variant_elements(a);
+ size_t n = json_variant_elements(a);
if (n != json_variant_elements(b))
return false;
- for (i = 0; i < n; i++) {
+ for (size_t i = 0; i < n; i++)
if (!json_variant_equal(json_variant_by_index(a, i), json_variant_by_index(b, i)))
return false;
- }
return true;
}
case JSON_VARIANT_OBJECT: {
- size_t i, n;
-
- n = json_variant_elements(a);
+ size_t n = json_variant_elements(a);
if (n != json_variant_elements(b))
return false;
/* Iterate through all keys in 'a' */
- for (i = 0; i < n; i += 2) {
+ for (size_t i = 0; i < n; i += 2) {
bool found = false;
- size_t j;
/* Match them against all keys in 'b' */
- for (j = 0; j < n; j += 2) {
+ for (size_t j = 0; j < n; j += 2) {
JsonVariant *key_b;
key_b = json_variant_by_index(b, j);
@@ -1470,16 +1455,14 @@ static int print_source(FILE *f, JsonVariant *v, JsonFormatFlags flags, bool whi
DECIMAL_STR_MAX(unsigned) -1;
if (whitespace) {
- size_t i, n;
-
- n = 1 + (v->source ? strlen(v->source->name) : 0) +
- ((v->source && (v->line > 0 || v->column > 0)) ? 1 : 0) +
- (v->line > 0 ? w : 0) +
- (((v->source || v->line > 0) && v->column > 0) ? 1 : 0) +
- (v->column > 0 ? k : 0) +
- 2;
-
- for (i = 0; i < n; i++)
+ size_t n = 1 + (v->source ? strlen(v->source->name) : 0) +
+ ((v->source && (v->line > 0 || v->column > 0)) ? 1 : 0) +
+ (v->line > 0 ? w : 0) +
+ (((v->source || v->line > 0) && v->column > 0) ? 1 : 0) +
+ (v->column > 0 ? k : 0) +
+ 2;
+
+ for (size_t i = 0; i < n; i++)
fputc(' ', f);
} else {
fputc('[', f);
@@ -1631,10 +1614,7 @@ static int json_format(FILE *f, JsonVariant *v, JsonFormatFlags flags, const cha
break;
case JSON_VARIANT_ARRAY: {
- size_t i, n;
-
- n = json_variant_elements(v);
-
+ size_t n = json_variant_elements(v);
if (n == 0)
fputs("[]", f);
else {
@@ -1653,7 +1633,7 @@ static int json_format(FILE *f, JsonVariant *v, JsonFormatFlags flags, const cha
fputc('[', f);
}
- for (i = 0; i < n; i++) {
+ for (size_t i = 0; i < n; i++) {
JsonVariant *e;
assert_se(e = json_variant_by_index(v, i));
@@ -1687,10 +1667,7 @@ static int json_format(FILE *f, JsonVariant *v, JsonFormatFlags flags, const cha
}
case JSON_VARIANT_OBJECT: {
- size_t i, n;
-
- n = json_variant_elements(v);
-
+ size_t n = json_variant_elements(v);
if (n == 0)
fputs("{}", f);
else {
@@ -1709,7 +1686,7 @@ static int json_format(FILE *f, JsonVariant *v, JsonFormatFlags flags, const cha
fputc('{', f);
}
- for (i = 0; i < n; i += 2) {
+ for (size_t i = 0; i < n; i += 2) {
JsonVariant *e;
e = json_variant_by_index(v, i);
@@ -1826,7 +1803,7 @@ void json_variant_dump(JsonVariant *v, JsonFormatFlags flags, FILE *f, const cha
int json_variant_filter(JsonVariant **v, char **to_remove) {
_cleanup_(json_variant_unrefp) JsonVariant *w = NULL;
_cleanup_free_ JsonVariant **array = NULL;
- size_t i, n = 0, k = 0;
+ size_t n = 0, k = 0;
int r;
assert(v);
@@ -1839,7 +1816,7 @@ int json_variant_filter(JsonVariant **v, char **to_remove) {
if (strv_isempty(to_remove))
return 0;
- for (i = 0; i < json_variant_elements(*v); i += 2) {
+ for (size_t i = 0; i < json_variant_elements(*v); i += 2) {
JsonVariant *p;
p = json_variant_by_index(*v, i);
@@ -1881,7 +1858,7 @@ int json_variant_filter(JsonVariant **v, char **to_remove) {
int json_variant_set_field(JsonVariant **v, const char *field, JsonVariant *value) {
_cleanup_(json_variant_unrefp) JsonVariant *field_variant = NULL, *w = NULL;
_cleanup_free_ JsonVariant **array = NULL;
- size_t i, k = 0;
+ size_t k = 0;
int r;
assert(v);
@@ -1896,7 +1873,7 @@ int json_variant_set_field(JsonVariant **v, const char *field, JsonVariant *valu
if (!json_variant_is_object(*v))
return -EINVAL;
- for (i = 0; i < json_variant_elements(*v); i += 2) {
+ for (size_t i = 0; i < json_variant_elements(*v); i += 2) {
JsonVariant *p;
p = json_variant_by_index(*v, i);
@@ -2007,7 +1984,7 @@ int json_variant_set_field_strv(JsonVariant **v, const char *field, char **l) {
int json_variant_merge(JsonVariant **v, JsonVariant *m) {
_cleanup_(json_variant_unrefp) JsonVariant *w = NULL;
_cleanup_free_ JsonVariant **array = NULL;
- size_t v_elements, m_elements, i, k;
+ size_t v_elements, m_elements, k;
bool v_blank, m_blank;
int r;
@@ -2040,7 +2017,7 @@ int json_variant_merge(JsonVariant **v, JsonVariant *m) {
return -ENOMEM;
k = 0;
- for (i = 0; i < v_elements; i += 2) {
+ for (size_t i = 0; i < v_elements; i += 2) {
JsonVariant *u;
u = json_variant_by_index(*v, i);
@@ -2054,7 +2031,7 @@ int json_variant_merge(JsonVariant **v, JsonVariant *m) {
array[k++] = json_variant_by_index(*v, i + 1);
}
- for (i = 0; i < m_elements; i++)
+ for (size_t i = 0; i < m_elements; i++)
array[k++] = json_variant_by_index(m, i);
r = json_variant_new_object(&w, array, k);
@@ -2089,19 +2066,17 @@ int json_variant_append_array(JsonVariant **v, JsonVariant *element) {
if (blank)
r = json_variant_new_array(&nv, (JsonVariant*[]) { element }, 1);
else {
- _cleanup_free_ JsonVariant **array = NULL;
- size_t i;
-
- array = new(JsonVariant*, json_variant_elements(*v) + 1);
+ _cleanup_free_ JsonVariant **array = new(JsonVariant*, json_variant_elements(*v) + 1);
if (!array)
return -ENOMEM;
- for (i = 0; i < json_variant_elements(*v); i++)
+ size_t size = json_variant_elements(*v);
+ for (size_t i = 0; i < size; i++)
array[i] = json_variant_by_index(*v, i);
- array[i] = element;
+ array[size] = element;
- r = json_variant_new_array(&nv, array, i + 1);
+ r = json_variant_new_array(&nv, array, size + 1);
}
if (r < 0)
return r;
@@ -2116,7 +2091,6 @@ int json_variant_append_array(JsonVariant **v, JsonVariant *element) {
int json_variant_strv(JsonVariant *v, char ***ret) {
char **l = NULL;
- size_t n, i;
bool sensitive;
int r;
@@ -2136,12 +2110,12 @@ int json_variant_strv(JsonVariant *v, char ***ret) {
sensitive = v->sensitive;
- n = json_variant_elements(v);
+ size_t n = json_variant_elements(v);
l = new(char*, n+1);
if (!l)
return -ENOMEM;
- for (i = 0; i < n; i++) {
+ for (size_t i = 0; i < n; i++) {
JsonVariant *e;
assert_se(e = json_variant_by_index(v, i));
@@ -2160,7 +2134,7 @@ int json_variant_strv(JsonVariant *v, char ***ret) {
}
}
- l[i] = NULL;
+ l[n] = NULL;
*ret = TAKE_PTR(l);
return 0;
@@ -2847,7 +2821,7 @@ static int json_parse_internal(
unsigned *column,
bool continue_end) {
- size_t n_stack = 1, i;
+ size_t n_stack = 1;
unsigned line_buffer = 0, column_buffer = 0;
void *tokenizer_state = NULL;
JsonStack *stack = NULL;
@@ -3186,7 +3160,7 @@ done:
r = 0;
finish:
- for (i = 0; i < n_stack; i++)
+ for (size_t i = 0; i < n_stack; i++)
json_stack_release(stack + i);
free(stack);
@@ -3229,7 +3203,7 @@ int json_parse_file_at(FILE *f, int dir_fd, const char *path, JsonParseFlags fla
int json_buildv(JsonVariant **ret, va_list ap) {
JsonStack *stack = NULL;
- size_t n_stack = 1, i;
+ size_t n_stack = 1;
int r;
assert_return(ret, -EINVAL);
@@ -4147,7 +4121,7 @@ done:
r = 0;
finish:
- for (i = 0; i < n_stack; i++)
+ for (size_t i = 0; i < n_stack; i++)
json_stack_release(stack + i);
free(stack);
@@ -4231,8 +4205,7 @@ int json_log_internal(
}
int json_dispatch(JsonVariant *v, const JsonDispatch table[], JsonDispatchCallback bad, JsonDispatchFlags flags, void *userdata) {
- const JsonDispatch *p;
- size_t i, n, m;
+ size_t m;
int r, done = 0;
bool *found;
@@ -4245,14 +4218,16 @@ int json_dispatch(JsonVariant *v, const JsonDispatch table[], JsonDispatchCallba
return -EINVAL;
}
- for (p = table, m = 0; p->name; p++)
+ m = 0;
+ for (const JsonDispatch *p = table; p->name; p++)
m++;
found = newa0(bool, m);
- n = json_variant_elements(v);
- for (i = 0; i < n; i += 2) {
+ size_t n = json_variant_elements(v);
+ for (size_t i = 0; i < n; i += 2) {
JsonVariant *key, *value;
+ const JsonDispatch *p;
assert_se(key = json_variant_by_index(v, i));
assert_se(value = json_variant_by_index(v, i+1));
@@ -4326,7 +4301,7 @@ int json_dispatch(JsonVariant *v, const JsonDispatch table[], JsonDispatchCallba
}
}
- for (p = table; p->name; p++) {
+ for (const JsonDispatch *p = table; p->name; p++) {
JsonDispatchFlags merged_flags = p->flags | flags;
if ((merged_flags & JSON_MANDATORY) && !found[p-table]) {
@@ -4621,7 +4596,7 @@ static int json_cmp_strings(const void *x, const void *y) {
int json_variant_sort(JsonVariant **v) {
_cleanup_free_ JsonVariant **a = NULL;
JsonVariant *n = NULL;
- size_t i, m;
+ size_t m;
int r;
assert(v);
@@ -4639,7 +4614,7 @@ int json_variant_sort(JsonVariant **v) {
if (!a)
return -ENOMEM;
- for (i = 0; i < m; i++)
+ for (size_t i = 0; i < m; i++)
a[i] = json_variant_by_index(*v, i);
qsort(a, m/2, sizeof(JsonVariant*)*2, json_cmp_strings);
@@ -4662,7 +4637,7 @@ int json_variant_sort(JsonVariant **v) {
int json_variant_normalize(JsonVariant **v) {
_cleanup_free_ JsonVariant **a = NULL;
JsonVariant *n = NULL;
- size_t i, j, m;
+ size_t i, m;
int r;
assert(v);
@@ -4714,7 +4689,7 @@ int json_variant_normalize(JsonVariant **v) {
r = 1;
finish:
- for (j = 0; j < i; j++)
+ for (size_t j = 0; j < i; j++)
json_variant_unref(a[j]);
return r;

97
SOURCES/0107-fuzz-json-also-do-sorting-and-normalizing-and-other-.patch Normal file
View File

@ -0,0 +1,97 @@
From 495eb07a2d8aa7f19b775b4508466fecb1b3ce50 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 11:07:06 +0200
Subject: [PATCH] fuzz-json: also do sorting and normalizing and other easy
calls
(cherry picked from commit a2c5735dd80e19d2d525f9be322395530096cbe2)
Related: #2087652
---
src/fuzz/fuzz-json.c | 75 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 75 insertions(+)
diff --git a/src/fuzz/fuzz-json.c b/src/fuzz/fuzz-json.c
index 648a6d441d..995a0265ba 100644
--- a/src/fuzz/fuzz-json.c
+++ b/src/fuzz/fuzz-json.c
@@ -32,5 +32,80 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
json_variant_dump(v, 0, g ?: stdout, NULL);
json_variant_dump(v, JSON_FORMAT_PRETTY|JSON_FORMAT_COLOR|JSON_FORMAT_SOURCE, g ?: stdout, NULL);
+ bool sorted = json_variant_is_sorted(v);
+ log_debug("json_variant_is_sorted: %s", yes_no(sorted));
+
+ r = json_variant_sort(&v);
+ log_debug_errno(r, "json_variant_sort: %d/%m", r);
+
+ sorted = json_variant_is_sorted(v);
+ log_debug("json_variant_is_sorted: %s", yes_no(sorted));
+ assert_se(r < 0 || sorted);
+
+ bool normalized = json_variant_is_normalized(v);
+ log_debug("json_variant_is_normalized: %s", yes_no(normalized));
+
+ r = json_variant_normalize(&v);
+ log_debug_errno(r, "json_variant_normalize: %d/%m", r);
+
+ normalized = json_variant_is_normalized(v);
+ log_debug("json_variant_is_normalized: %s", yes_no(normalized));
+ assert_se(r < 0 || normalized);
+
+ double real = json_variant_real(v);
+ log_debug("json_variant_real: %lf", real);
+
+ bool negative = json_variant_is_negative(v);
+ log_debug("json_variant_is_negative: %s", yes_no(negative));
+
+ bool blank = json_variant_is_blank_object(v);
+ log_debug("json_variant_is_blank_object: %s", yes_no(blank));
+
+ blank = json_variant_is_blank_array(v);
+ log_debug("json_variant_is_blank_array: %s", yes_no(blank));
+
+ size_t elements = json_variant_elements(v);
+ log_debug("json_variant_elements: %zu", elements);
+
+ for (size_t i = 0; i <= elements + 2; i++)
+ (void) json_variant_by_index(v, i);
+
+ assert_se(json_variant_equal(v, v));
+ assert_se(!json_variant_equal(v, NULL));
+ assert_se(!json_variant_equal(NULL, v));
+
+ bool sensitive = json_variant_is_sensitive(v);
+ log_debug("json_variant_is_sensitive: %s", yes_no(sensitive));
+
+ json_variant_sensitive(v);
+
+ sensitive = json_variant_is_sensitive(v);
+ log_debug("json_variant_is_sensitive: %s", yes_no(sensitive));
+
+ const char *source;
+ unsigned line, column;
+ assert_se(json_variant_get_source(v, &source, &line, &column) == 0);
+ log_debug("json_variant_get_source: %s:%u:%u", source ?: "-", line, column);
+
+ r = json_variant_set_field_string(&v, "a", "string-a");
+ log_debug_errno(r, "json_set_field_string: %d/%m", r);
+
+ r = json_variant_set_field_integer(&v, "b", -12345);
+ log_debug_errno(r, "json_set_field_integer: %d/%m", r);
+
+ r = json_variant_set_field_unsigned(&v, "c", 12345);
+ log_debug_errno(r, "json_set_field_unsigned: %d/%m", r);
+
+ r = json_variant_set_field_boolean(&v, "d", false);
+ log_debug_errno(r, "json_set_field_boolean: %d/%m", r);
+
+ r = json_variant_set_field_strv(&v, "e", STRV_MAKE("e-1", "e-2", "e-3"));
+ log_debug_errno(r, "json_set_field_strv: %d/%m", r);
+
+ r = json_variant_filter(&v, STRV_MAKE("a", "b", "c", "d", "e"));
+ log_debug_errno(r, "json_variant_filter: %d/%m", r);
+
+ // TODO: json_variant_merge(&v, …);
+ // TODO: json_variant_append_array(&v, …);
return 0;
}

106
SOURCES/0108-shared-json-wrap-long-comments.patch Normal file
View File

@ -0,0 +1,106 @@
From eb01fd30cb625e90d5620b3ca31ca6474e1b0ac0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 13:37:35 +0200
Subject: [PATCH] shared/json: wrap long comments
(cherry picked from commit bac06497feda9eb8c485243f2e05a7f7c112616c)
Related: #2087652
---
src/shared/json.c | 35 +++++++++++++++++------------------
1 file changed, 17 insertions(+), 18 deletions(-)
diff --git a/src/shared/json.c b/src/shared/json.c
index d35874f8e3..ea1291e21b 100644
--- a/src/shared/json.c
+++ b/src/shared/json.c
@@ -273,8 +273,8 @@ static JsonVariant *json_variant_formalize(JsonVariant *v) {
static JsonVariant *json_variant_conservative_formalize(JsonVariant *v) {
- /* Much like json_variant_formalize(), but won't simplify if the variant has a source/line location attached to
- * it, in order not to lose context */
+ /* Much like json_variant_formalize(), but won't simplify if the variant has a source/line location
+ * attached to it, in order not to lose context */
if (!v)
return NULL;
@@ -546,7 +546,7 @@ int json_variant_new_array(JsonVariant **ret, JsonVariant **array, size_t n) {
for (v->n_elements = 0; v->n_elements < n; v->n_elements++) {
JsonVariant *w = v + 1 + v->n_elements,
- *c = array[v->n_elements];
+ *c = array[v->n_elements];
uint16_t d;
d = json_variant_depth(c);
@@ -690,7 +690,7 @@ int json_variant_new_object(JsonVariant **ret, JsonVariant **array, size_t n) {
for (v->n_elements = 0; v->n_elements < n; v->n_elements++) {
JsonVariant *w = v + 1 + v->n_elements,
- *c = array[v->n_elements];
+ *c = array[v->n_elements];
uint16_t d;
if ((v->n_elements & 1) == 0) {
@@ -731,7 +731,6 @@ int json_variant_new_object(JsonVariant **ret, JsonVariant **array, size_t n) {
}
static size_t json_variant_size(JsonVariant* v) {
-
if (!json_variant_is_regular(v))
return 0;
@@ -2253,8 +2252,9 @@ static int json_variant_set_source(JsonVariant **v, JsonSource *source, unsigned
assert(v);
- /* Patch in source and line/column number. Tries to do this in-place if the caller is the sole referencer of
- * the object. If not, allocates a new object, possibly a surrogate for the original one */
+ /* Patch in source and line/column number. Tries to do this in-place if the caller is the sole
+ * referencer of the object. If not, allocates a new object, possibly a surrogate for the original
+ * one */
if (!*v)
return 0;
@@ -3731,10 +3731,10 @@ int json_buildv(JsonVariant **ret, va_list ap) {
stack[n_stack++] = (JsonStack) {
.expect = EXPECT_OBJECT_KEY,
- .n_suppress = current->n_suppress != 0 ? SIZE_MAX : 0, /* if we shall suppress the
- * new object, then we should
- * also suppress all object
- * members */
+ .n_suppress = current->n_suppress != 0 ? SIZE_MAX : 0, /* If we shall suppress the
+ * new object, then we should
+ * also suppress all object
+ * members. */
};
break;
@@ -4102,9 +4102,9 @@ int json_buildv(JsonVariant **ret, va_list ap) {
current->elements[current->n_elements++] = TAKE_PTR(add_more);
}
- /* If we are supposed to suppress items, let's subtract how many items where generated from that
- * counter. Except if the counter is SIZE_MAX, i.e. we shall suppress an infinite number of elements
- * on this stack level */
+ /* If we are supposed to suppress items, let's subtract how many items where generated from
+ * that counter. Except if the counter is SIZE_MAX, i.e. we shall suppress an infinite number
+ * of elements on this stack level */
if (current->n_suppress != SIZE_MAX) {
if (current->n_suppress <= n_subtract) /* Saturated */
current->n_suppress = 0;
@@ -4696,10 +4696,9 @@ finish:
}
bool json_variant_is_normalized(JsonVariant *v) {
-
- /* For now, let's consider anything containing numbers not expressible as integers as
- * non-normalized. That's because we cannot sensibly compare them due to accuracy issues, nor even
- * store them if they are too large. */
+ /* For now, let's consider anything containing numbers not expressible as integers as non-normalized.
+ * That's because we cannot sensibly compare them due to accuracy issues, nor even store them if they
+ * are too large. */
if (json_variant_is_real(v) && !json_variant_is_integer(v) && !json_variant_is_unsigned(v))
return false;

42
SOURCES/0109-shared-json-fix-memory-leak-on-failed-normalization.patch Normal file
View File

@ -0,0 +1,42 @@
From 0c5992cdb85ac6d9d14b95e77f03797600e87667 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 14:28:36 +0200
Subject: [PATCH] shared/json: fix memory leak on failed normalization
We need to increase the counter immediately after taking the ref,
otherwise we may not unref it properly if we fail before incrementing.
(cherry picked from commit 7e4be6a5845f983a299932d4ccb2c4349cf8dd52)
Related: #2087652
---
src/shared/json.c | 5 +++--
test/fuzz/fuzz-json/leak-normalize-fail | 1 +
2 files changed, 4 insertions(+), 2 deletions(-)
create mode 100644 test/fuzz/fuzz-json/leak-normalize-fail
diff --git a/src/shared/json.c b/src/shared/json.c
index ea1291e21b..fe05657dad 100644
--- a/src/shared/json.c
+++ b/src/shared/json.c
@@ -4655,10 +4655,11 @@ int json_variant_normalize(JsonVariant **v) {
if (!a)
return -ENOMEM;
- for (i = 0; i < m; i++) {
+ for (i = 0; i < m; ) {
a[i] = json_variant_ref(json_variant_by_index(*v, i));
+ i++;
- r = json_variant_normalize(a + i);
+ r = json_variant_normalize(&a[i-1]);
if (r < 0)
goto finish;
}
diff --git a/test/fuzz/fuzz-json/leak-normalize-fail b/test/fuzz/fuzz-json/leak-normalize-fail
new file mode 100644
index 0000000000..b247ccd199
--- /dev/null
+++ b/test/fuzz/fuzz-json/leak-normalize-fail
@@ -0,0 +1 @@
+[7E73]
\ No newline at end of file

141
SOURCES/0110-shared-json-add-helper-to-ref-first-unref-second.patch Normal file
View File

@ -0,0 +1,141 @@
From fb195ccc27d1643d4152ee874144c36c0104c56d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 15:10:36 +0200
Subject: [PATCH] shared/json: add helper to ref first, unref second
This normally wouldn't happen, but if some of those places were called
with lhs and rhs being the same object, we could unref the last ref first,
and then try to take the ref again. It's easier to be safe, and with the
helper we save some lines too.
(cherry picked from commit ce913e0ec4c97651c7c1509b72fb81ee61d80c6a)
Related: #2087652
---
src/shared/json.c | 36 ++++++++++--------------------------
src/shared/json.h | 8 ++++++++
2 files changed, 18 insertions(+), 26 deletions(-)
diff --git a/src/shared/json.c b/src/shared/json.c
index fe05657dad..bb2363fd98 100644
--- a/src/shared/json.c
+++ b/src/shared/json.c
@@ -1847,9 +1847,7 @@ int json_variant_filter(JsonVariant **v, char **to_remove) {
return r;
json_variant_propagate_sensitive(*v, w);
-
- json_variant_unref(*v);
- *v = TAKE_PTR(w);
+ JSON_VARIANT_REPLACE(*v, TAKE_PTR(w));
return (int) n;
}
@@ -1918,9 +1916,7 @@ int json_variant_set_field(JsonVariant **v, const char *field, JsonVariant *valu
return r;
json_variant_propagate_sensitive(*v, w);
-
- json_variant_unref(*v);
- *v = TAKE_PTR(w);
+ JSON_VARIANT_REPLACE(*v, TAKE_PTR(w));
return 1;
}
@@ -2001,8 +1997,7 @@ int json_variant_merge(JsonVariant **v, JsonVariant *m) {
return 0; /* nothing to do */
if (v_blank) {
- json_variant_unref(*v);
- *v = json_variant_ref(m);
+ JSON_VARIANT_REPLACE(*v, json_variant_ref(m));
return 1;
}
@@ -2039,9 +2034,7 @@ int json_variant_merge(JsonVariant **v, JsonVariant *m) {
json_variant_propagate_sensitive(*v, w);
json_variant_propagate_sensitive(m, w);
-
- json_variant_unref(*v);
- *v = TAKE_PTR(w);
+ JSON_VARIANT_REPLACE(*v, TAKE_PTR(w));
return 1;
}
@@ -2081,9 +2074,7 @@ int json_variant_append_array(JsonVariant **v, JsonVariant *element) {
return r;
json_variant_propagate_sensitive(*v, nv);
-
- json_variant_unref(*v);
- *v = TAKE_PTR(nv);
+ JSON_VARIANT_REPLACE(*v, TAKE_PTR(nv));
return 0;
}
@@ -2297,8 +2288,7 @@ static int json_variant_set_source(JsonVariant **v, JsonSource *source, unsigned
w->line = line;
w->column = column;
- json_variant_unref(*v);
- *v = w;
+ JSON_VARIANT_REPLACE(*v, w);
return 1;
}
@@ -4499,14 +4489,10 @@ int json_dispatch_strv(const char *name, JsonVariant *variant, JsonDispatchFlags
}
int json_dispatch_variant(const char *name, JsonVariant *variant, JsonDispatchFlags flags, void *userdata) {
- JsonVariant **p = userdata;
-
+ JsonVariant **p = ASSERT_PTR(userdata);
assert(variant);
- assert(p);
-
- json_variant_unref(*p);
- *p = json_variant_ref(variant);
+ JSON_VARIANT_REPLACE(*p, json_variant_ref(variant));
return 0;
}
@@ -4628,8 +4614,7 @@ int json_variant_sort(JsonVariant **v) {
if (!n->sorted) /* Check if this worked. This will fail if there are multiple identical keys used. */
return -ENOTUNIQ;
- json_variant_unref(*v);
- *v = n;
+ JSON_VARIANT_REPLACE(*v, n);
return 1;
}
@@ -4684,8 +4669,7 @@ int json_variant_normalize(JsonVariant **v) {
goto finish;
}
- json_variant_unref(*v);
- *v = n;
+ JSON_VARIANT_REPLACE(*v, n);
r = 1;
diff --git a/src/shared/json.h b/src/shared/json.h
index 8760354b66..dd73c1e497 100644
--- a/src/shared/json.h
+++ b/src/shared/json.h
@@ -82,6 +82,14 @@ JsonVariant *json_variant_ref(JsonVariant *v);
JsonVariant *json_variant_unref(JsonVariant *v);
void json_variant_unref_many(JsonVariant **array, size_t n);
+#define JSON_VARIANT_REPLACE(v, q) \
+ do { \
+ typeof(v)* _v = &(v); \
+ typeof(q) _q = (q); \
+ json_variant_unref(*_v); \
+ *_v = _q; \
+ } while(0)
+
DEFINE_TRIVIAL_CLEANUP_FUNC(JsonVariant *, json_variant_unref);
const char *json_variant_string(JsonVariant *v);

28
SOURCES/0111-basic-alloc-util-remove-unnecessary-parens.patch Normal file
View File

@ -0,0 +1,28 @@
From 965a99f34a185bb3b3aa5ac0e9e5d5eb05d0fac0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 15:11:20 +0200
Subject: [PATCH] basic/alloc-util: remove unnecessary parens
Those symbols are not macros anymore, so we can drop parens.
(cherry picked from commit 96d651a22bf62e63080e489cb45e82bead11aa5d)
Related: #2087652
---
src/basic/alloc-util.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/basic/alloc-util.h b/src/basic/alloc-util.h
index 65d5175619..f57bcbdbcd 100644
--- a/src/basic/alloc-util.h
+++ b/src/basic/alloc-util.h
@@ -54,8 +54,8 @@ typedef void (*free_func_t)(void *p);
typeof(a)* _a = &(a); \
typeof(b)* _b = &(b); \
free(*_a); \
- (*_a) = (*_b); \
- (*_b) = NULL; \
+ *_a = *_b; \
+ *_b = NULL; \
0; \
})

32
SOURCES/0112-fuzz-json-also-try-self-merge-operations.patch Normal file
View File

@ -0,0 +1,32 @@
From 03795a6ae06088bc434906f3ef7222acfbdbe8cb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 9 May 2022 15:14:33 +0200
Subject: [PATCH] fuzz-json: also try self-merge operations
This might even work ;)
(cherry picked from commit dbd27c6d2830aeb7173933d1f4a9a07457e4092d)
Related: #2087652
---
src/fuzz/fuzz-json.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/fuzz/fuzz-json.c b/src/fuzz/fuzz-json.c
index 995a0265ba..c393fcf394 100644
--- a/src/fuzz/fuzz-json.c
+++ b/src/fuzz/fuzz-json.c
@@ -105,7 +105,12 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
r = json_variant_filter(&v, STRV_MAKE("a", "b", "c", "d", "e"));
log_debug_errno(r, "json_variant_filter: %d/%m", r);
- // TODO: json_variant_merge(&v, …);
- // TODO: json_variant_append_array(&v, …);
+ /* I assume we can merge v with itself… */
+ r = json_variant_merge(&v, v);
+ log_debug_errno(r, "json_variant_merge: %d/%m", r);
+
+ r = json_variant_append_array(&v, v);
+ log_debug_errno(r, "json_variant_append_array: %d/%m", r);
+
return 0;
}

43
SOURCES/0113-shared-json-fix-another-memleak-in-normalization.patch Normal file
View File

@ -0,0 +1,43 @@
From 6e0d847273e6ef6ee1011fb1c8b6689e64a94276 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 10 May 2022 09:05:43 +0200
Subject: [PATCH] shared/json: fix another memleak in normalization
(cherry picked from commit 3b6ce05537cd3544a15073f920347cabd7a39450)
Related: #2087652
---
src/shared/json.c | 4 ++--
test/fuzz/fuzz-json/leak-normalize-object | 1 +
2 files changed, 3 insertions(+), 2 deletions(-)
create mode 100644 test/fuzz/fuzz-json/leak-normalize-object
diff --git a/src/shared/json.c b/src/shared/json.c
index bb2363fd98..06ef556233 100644
--- a/src/shared/json.c
+++ b/src/shared/json.c
@@ -4621,7 +4621,7 @@ int json_variant_sort(JsonVariant **v) {
int json_variant_normalize(JsonVariant **v) {
_cleanup_free_ JsonVariant **a = NULL;
- JsonVariant *n = NULL;
+ _cleanup_(json_variant_unrefp) JsonVariant *n = NULL;
size_t i, m;
int r;
@@ -4669,7 +4669,7 @@ int json_variant_normalize(JsonVariant **v) {
goto finish;
}
- JSON_VARIANT_REPLACE(*v, n);
+ JSON_VARIANT_REPLACE(*v, TAKE_PTR(n));
r = 1;
diff --git a/test/fuzz/fuzz-json/leak-normalize-object b/test/fuzz/fuzz-json/leak-normalize-object
new file mode 100644
index 0000000000..0a8caa426c
--- /dev/null
+++ b/test/fuzz/fuzz-json/leak-normalize-object
@@ -0,0 +1 @@
+[7,7,7,7,{"":7,"":7,"^t":7,"-":7},2777,7,7,7,3]
\ No newline at end of file

43
SOURCES/0114-shared-json-fix-memleak-in-sort.patch Normal file
View File

@ -0,0 +1,43 @@
From 51bbb027e93637f5821215ebb067454ad6620190 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 10 May 2022 10:51:43 +0200
Subject: [PATCH] shared/json: fix memleak in sort
(cherry picked from commit 99b1145aae682ddd7554c7e3ac5ebf778e88f87d)
Related: #2087652
---
src/shared/json.c | 4 ++--
test/fuzz/fuzz-json/leak-sort | 1 +
2 files changed, 3 insertions(+), 2 deletions(-)
create mode 100644 test/fuzz/fuzz-json/leak-sort
diff --git a/src/shared/json.c b/src/shared/json.c
index 06ef556233..6d23bdf4f9 100644
--- a/src/shared/json.c
+++ b/src/shared/json.c
@@ -4581,7 +4581,7 @@ static int json_cmp_strings(const void *x, const void *y) {
int json_variant_sort(JsonVariant **v) {
_cleanup_free_ JsonVariant **a = NULL;
- JsonVariant *n = NULL;
+ _cleanup_(json_variant_unrefp) JsonVariant *n = NULL;
size_t m;
int r;
@@ -4614,7 +4614,7 @@ int json_variant_sort(JsonVariant **v) {
if (!n->sorted) /* Check if this worked. This will fail if there are multiple identical keys used. */
return -ENOTUNIQ;
- JSON_VARIANT_REPLACE(*v, n);
+ JSON_VARIANT_REPLACE(*v, TAKE_PTR(n));
return 1;
}
diff --git a/test/fuzz/fuzz-json/leak-sort b/test/fuzz/fuzz-json/leak-sort
new file mode 100644
index 0000000000..f8446dbdc7
--- /dev/null
+++ b/test/fuzz/fuzz-json/leak-sort
@@ -0,0 +1 @@
+{"":2,"":6,"-":7}
\ No newline at end of file

26
SOURCES/0115-execute-fix-resource-leak.patch Normal file
View File

@ -0,0 +1,26 @@
From 08b6aa9dfbe9476ad71b48edd0f4454511d9ac19 Mon Sep 17 00:00:00 2001
From: Shreenidhi Shedi <sshedi@vmware.com>
Date: Sat, 4 Jun 2022 15:24:08 +0530
Subject: [PATCH] execute: fix resource leak
CID#1431998
(cherry picked from commit 41abd7f6dfe09ccc78cdbdcdec3bdcc10be40faf)
Related: #2087652
---
src/core/execute.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index 2ab65e9cfe..8a1d070e26 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -3331,7 +3331,7 @@ static int apply_mount_namespace(
/* Symlinks for exec dirs are set up after other mounts, before they are made read-only. */
r = compile_symlinks(context, params, &symlinks);
if (r < 0)
- return r;
+ goto finalize;
needs_sandboxing = (params->flags & EXEC_APPLY_SANDBOXING) && !(command_flags & EXEC_COMMAND_FULLY_PRIVILEGED);
if (needs_sandboxing) {

31
SOURCES/0116-tests-ignore-dbus-broker-launcher.patch Normal file
View File

@ -0,0 +1,31 @@
From ae27d5b4be42cd98b3db299d161a2e3ea77eb604 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Wed, 11 May 2022 22:32:32 +0000
Subject: [PATCH] tests: ignore dbus-broker-launcher
There are memory leaks there https://github.com/bus1/dbus-broker/issues/289
and it crashes from time to time
https://github.com/matusmarhefka/dfuzzer/issues/20#issuecomment-1114097840
so let's just skip it by analogy with dbus-daemon to avoid
reports that have nothing to do with systemd itself.
It's kind of a part of https://github.com/systemd/systemd/pull/22547
(cherry picked from commit d0880faa5dda495c7c77425697b82a94b4e68bf6)
Related: #2087652
---
test/test-functions | 1 +
1 file changed, 1 insertion(+)
diff --git a/test/test-functions b/test/test-functions
index a299f5ff1f..7c37d05610 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -1328,6 +1328,7 @@ check_asan_reports() {
BEGIN {
%services_to_ignore = (
"dbus-daemon" => undef,
+ "dbus-broker-launch" => undef,
);
}
print $2 if /\s(\S*)\[(\d+)\]:\s*SUMMARY:\s+\w+Sanitizer/ && !exists $services_to_ignore{$1}'

59
SOURCES/0117-core-timer-fix-memleak.patch Normal file
View File

@ -0,0 +1,59 @@
From d35c27e44abcde252abddf369762dee8da309903 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Tue, 10 May 2022 14:09:24 +0900
Subject: [PATCH] core/timer: fix memleak
Fixes #23326.
(cherry picked from commit d3ab7b8078944db28bc621f43dd942a3c878fffb)
Related: #2087652
---
src/core/timer.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/src/core/timer.c b/src/core/timer.c
index a13b864741..0dc49dd46b 100644
--- a/src/core/timer.c
+++ b/src/core/timer.c
@@ -135,6 +135,7 @@ static int timer_add_trigger_dependencies(Timer *t) {
}
static int timer_setup_persistent(Timer *t) {
+ _cleanup_free_ char *stamp_path = NULL;
int r;
assert(t);
@@ -148,13 +149,13 @@ static int timer_setup_persistent(Timer *t) {
if (r < 0)
return r;
- t->stamp_path = strjoin("/var/lib/systemd/timers/stamp-", UNIT(t)->id);
+ stamp_path = strjoin("/var/lib/systemd/timers/stamp-", UNIT(t)->id);
} else {
const char *e;
e = getenv("XDG_DATA_HOME");
if (e)
- t->stamp_path = strjoin(e, "/systemd/timers/stamp-", UNIT(t)->id);
+ stamp_path = strjoin(e, "/systemd/timers/stamp-", UNIT(t)->id);
else {
_cleanup_free_ char *h = NULL;
@@ -163,14 +164,14 @@ static int timer_setup_persistent(Timer *t) {
if (r < 0)
return log_unit_error_errno(UNIT(t), r, "Failed to determine home directory: %m");
- t->stamp_path = strjoin(h, "/.local/share/systemd/timers/stamp-", UNIT(t)->id);
+ stamp_path = strjoin(h, "/.local/share/systemd/timers/stamp-", UNIT(t)->id);
}
}
- if (!t->stamp_path)
+ if (!stamp_path)
return log_oom();
- return 0;
+ return free_and_replace(t->stamp_path, stamp_path);
}
static uint64_t timer_get_fixed_delay_hash(Timer *t) {

44
SOURCES/0118-timedatectl-fix-a-memory-leak.patch Normal file
View File

@ -0,0 +1,44 @@
From 9c166afe17888b08d1e269cfd83a31838d601534 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Wed, 4 May 2022 11:35:19 +0000
Subject: [PATCH] timedatectl: fix a memory leak
```
timedatectl list-timezones --no-pager
...
==164329==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 8192 byte(s) in 1 object(s) allocated from:
#0 0x7fe8a74b6f8c in reallocarray (/lib64/libasan.so.6+0xaef8c)
#1 0x7fe8a63485dc in strv_push ../src/basic/strv.c:419
#2 0x7fe8a6349419 in strv_consume ../src/basic/strv.c:490
#3 0x7fe8a634958d in strv_extend ../src/basic/strv.c:542
#4 0x7fe8a643d787 in bus_message_read_strv_extend ../src/libsystemd/sd-bus/bus-message.c:5606
#5 0x7fe8a643db9d in sd_bus_message_read_strv ../src/libsystemd/sd-bus/bus-message.c:5628
#6 0x4085fb in list_timezones ../src/timedate/timedatectl.c:314
#7 0x7fe8a61ef3e1 in dispatch_verb ../src/shared/verbs.c:103
#8 0x410f91 in timedatectl_main ../src/timedate/timedatectl.c:1025
#9 0x41111c in run ../src/timedate/timedatectl.c:1043
#10 0x411242 in main ../src/timedate/timedatectl.c:1046
#11 0x7fe8a489df1f in __libc_start_call_main (/lib64/libc.so.6+0x40f1f)
```
(cherry picked from commit a2e37d52312806b1847800df2358e61276cda052)
Related: #2087652
---
src/timedate/timedatectl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/timedate/timedatectl.c b/src/timedate/timedatectl.c
index 75ca6195da..31909064cf 100644
--- a/src/timedate/timedatectl.c
+++ b/src/timedate/timedatectl.c
@@ -304,7 +304,7 @@ static int list_timezones(int argc, char **argv, void *userdata) {
sd_bus *bus = userdata;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
int r;
- char** zones;
+ _cleanup_strv_free_ char **zones = NULL;
r = bus_call_method(bus, bus_timedate, "ListTimezones", &error, &reply, NULL);
if (r < 0)

42
SOURCES/0119-test-fix-file-descriptor-leak-in-test-psi-util.patch Normal file
View File

@ -0,0 +1,42 @@
From 12274971840068b3effb7a933d62f1b5fe8009e1 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Tue, 22 Feb 2022 21:46:41 +0900
Subject: [PATCH] test: fix file descriptor leak in test-psi-util
Fixes an issue reported in #22576.
(cherry picked from commit be99883e131ef422f8278ec1d099520996a78bb0)
Related: #2087652
---
src/test/test-psi-util.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/test/test-psi-util.c b/src/test/test-psi-util.c
index ed465b807e..111671c5a9 100644
--- a/src/test/test-psi-util.c
+++ b/src/test/test-psi-util.c
@@ -1,20 +1,23 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "alloc-util.h"
+#include "fd-util.h"
#include "fileio.h"
#include "fs-util.h"
#include "parse-util.h"
#include "psi-util.h"
#include "tests.h"
+#include "tmpfile-util.h"
TEST(read_mem_pressure) {
_cleanup_(unlink_tempfilep) char path[] = "/tmp/pressurereadtestXXXXXX";
+ _cleanup_close_ int fd = -1;
ResourcePressure rp;
if (geteuid() != 0)
return (void) log_tests_skipped("not root");
- assert_se(mkstemp(path));
+ assert_se((fd = mkostemp_safe(path)) >= 0);
assert_se(read_resource_pressure("/verylikelynonexistentpath", PRESSURE_TYPE_SOME, &rp) < 0);
assert_se(read_resource_pressure(path, PRESSURE_TYPE_SOME, &rp) < 0);

36
SOURCES/0120-test-fix-file-descriptor-leak-in-test-tmpfiles.c.patch Normal file
View File

@ -0,0 +1,36 @@
From 936e8cd5aff044832c98e5a6a97c9f057f44b476 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Tue, 22 Feb 2022 21:44:58 +0900
Subject: [PATCH] test: fix file descriptor leak in test-tmpfiles.c
Also fixes a typo in assertion.
Fixes an issure reported in #22576.
(cherry picked from commit 1da5325d19dee654326e5fa2f61262e5e0a40fff)
Related: #2087652
---
src/test/test-tmpfiles.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/test/test-tmpfiles.c b/src/test/test-tmpfiles.c
index 99243eb77a..f26701767f 100644
--- a/src/test/test-tmpfiles.c
+++ b/src/test/test-tmpfiles.c
@@ -35,7 +35,7 @@ TEST(tmpfiles) {
assert_se(endswith(ans, " (deleted)"));
fd2 = mkostemp_safe(pattern);
- assert_se(fd >= 0);
+ assert_se(fd2 >= 0);
assert_se(unlink(pattern) == 0);
assert_se(asprintf(&cmd2, "ls -l /proc/"PID_FMT"/fd/%d", getpid_cached(), fd2) > 0);
@@ -47,6 +47,7 @@ TEST(tmpfiles) {
pattern = strjoina(p, "/tmpfiles-test");
assert_se(tempfn_random(pattern, NULL, &d) >= 0);
+ fd = safe_close(fd);
fd = open_tmpfile_linkable(d, O_RDWR|O_CLOEXEC, &tmp);
assert_se(fd >= 0);
assert_se(write(fd, "foobar\n", 7) == 7);

46
SOURCES/0121-test-fix-file-descriptor-leak-in-test-fs-util.patch Normal file
View File

@ -0,0 +1,46 @@
From 3ca37c58cb3ff022e029b28539fd2e3b208802fd Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Tue, 22 Feb 2022 21:42:22 +0900
Subject: [PATCH] test: fix file descriptor leak in test-fs-util
Fixes an issue reported in #22576.
(cherry picked from commit 19962747ca86a25e7102c536380bb2e9d7cfee9a)
Related: #2087652
---
src/test/test-fs-util.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c
index 602ce75f98..f53a3ebf59 100644
--- a/src/test/test-fs-util.c
+++ b/src/test/test-fs-util.c
@@ -29,10 +29,11 @@ static const char *arg_test_dir = NULL;
TEST(chase_symlinks) {
_cleanup_free_ char *result = NULL;
+ _cleanup_close_ int pfd = -1;
char *temp;
const char *top, *p, *pslash, *q, *qslash;
struct stat st;
- int r, pfd;
+ int r;
temp = strjoina(arg_test_dir ?: "/tmp", "/test-chase.XXXXXX");
assert_se(mkdtemp(temp));
@@ -318,6 +319,7 @@ TEST(chase_symlinks) {
assert_se(fstat(pfd, &st) >= 0);
assert_se(S_ISLNK(st.st_mode));
result = mfree(result);
+ pfd = safe_close(pfd);
/* s1 -> s2 -> nonexistent */
q = strjoina(temp, "/s1");
@@ -331,6 +333,7 @@ TEST(chase_symlinks) {
assert_se(fstat(pfd, &st) >= 0);
assert_se(S_ISLNK(st.st_mode));
result = mfree(result);
+ pfd = safe_close(pfd);
/* Test CHASE_STEP */

48
SOURCES/0122-test-fix-file-descriptor-leak-in-test-oomd-util.patch Normal file
View File

@ -0,0 +1,48 @@
From 9e37cb1855c8fc1667f7e404376070952c015788 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Tue, 22 Feb 2022 21:38:15 +0900
Subject: [PATCH] test: fix file descriptor leak in test-oomd-util
Fixes an issue reported in #22576.
(cherry picked from commit 282696ce52471f5e3c963b9d98dbc89fba3a1fba)
Related: #2087652
---
src/oom/test-oomd-util.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/oom/test-oomd-util.c b/src/oom/test-oomd-util.c
index 265e77c0a2..0252ceecd7 100644
--- a/src/oom/test-oomd-util.c
+++ b/src/oom/test-oomd-util.c
@@ -5,6 +5,7 @@
#include "alloc-util.h"
#include "cgroup-setup.h"
#include "cgroup-util.h"
+#include "fd-util.h"
#include "fileio.h"
#include "fs-util.h"
#include "oomd-util.h"
@@ -13,6 +14,7 @@
#include "string-util.h"
#include "strv.h"
#include "tests.h"
+#include "tmpfile-util.h"
static int fork_and_sleep(unsigned sleep_min) {
usec_t n, timeout, ts;
@@ -244,12 +246,13 @@ static void test_oomd_update_cgroup_contexts_between_hashmaps(void) {
static void test_oomd_system_context_acquire(void) {
_cleanup_(unlink_tempfilep) char path[] = "/oomdgetsysctxtestXXXXXX";
+ _cleanup_close_ int fd = -1;
OomdSystemContext ctx;
if (geteuid() != 0)
return (void) log_tests_skipped("not root");
- assert_se(mkstemp(path));
+ assert_se((fd = mkostemp_safe(path)) >= 0);
assert_se(oomd_system_context_acquire("/verylikelynonexistentpath", &ctx) == -ENOENT);

34
SOURCES/0123-test-fix-file-descriptor-leak-in-test-catalog.patch Normal file
View File

@ -0,0 +1,34 @@
From d947339b49eb7935ce282e808a7e75a6098d088a Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Tue, 22 Feb 2022 21:11:51 +0900
Subject: [PATCH] test: fix file descriptor leak in test-catalog
Fixes an issue reported in #22576.
(cherry picked from commit 62d4b3b36e9aba9e605ba042a75c374155b6e18b)
Related: #2087652
---
src/libsystemd/sd-journal/test-catalog.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/libsystemd/sd-journal/test-catalog.c b/src/libsystemd/sd-journal/test-catalog.c
index 316c3b1634..ad06221175 100644
--- a/src/libsystemd/sd-journal/test-catalog.c
+++ b/src/libsystemd/sd-journal/test-catalog.c
@@ -196,6 +196,7 @@ static void test_catalog_file_lang(void) {
int main(int argc, char *argv[]) {
_cleanup_(unlink_tempfilep) char database[] = "/tmp/test-catalog.XXXXXX";
+ _cleanup_close_ int fd = -1;
_cleanup_free_ char *text = NULL;
int r;
@@ -218,7 +219,7 @@ int main(int argc, char *argv[]) {
test_catalog_import_merge();
test_catalog_import_merge_no_body();
- assert_se(mkostemp_safe(database) >= 0);
+ assert_se((fd = mkostemp_safe(database)) >= 0);
test_catalog_update(database);

49
SOURCES/0124-test-make-masking-of-supplementary-services-configur.patch Normal file
View File

@ -0,0 +1,49 @@
From 4197469aa26e8e3e61c859341002e37bde751ada Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Wed, 16 Feb 2022 20:29:14 +0100
Subject: [PATCH] test: make masking of supplementary services configurable
(cherry picked from commit 508a7f04b345878dcd8365ff0ded5f87b18d75fa)
Related: #2087652
---
test/TEST-01-BASIC/test.sh | 1 +
test/test-functions | 6 +++---
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/test/TEST-01-BASIC/test.sh b/test/TEST-01-BASIC/test.sh
index a790cd78ac..cc6d0651c1 100755
--- a/test/TEST-01-BASIC/test.sh
+++ b/test/TEST-01-BASIC/test.sh
@@ -6,6 +6,7 @@ TEST_DESCRIPTION="Basic systemd setup"
IMAGE_NAME="basic"
RUN_IN_UNPRIVILEGED_CONTAINER=${RUN_IN_UNPRIVILEGED_CONTAINER:-yes}
TEST_REQUIRE_INSTALL_TESTS=0
+TEST_SUPPORTING_SERVICES_SHOULD_BE_MASKED=0
# shellcheck source=test/test-functions
. "${TEST_BASE_DIR:?}/test-functions"
diff --git a/test/test-functions b/test/test-functions
index 7c37d05610..44f465c914 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -40,6 +40,7 @@ IMAGE_NAME=${IMAGE_NAME:-default}
STRIP_BINARIES="${STRIP_BINARIES:-yes}"
TEST_REQUIRE_INSTALL_TESTS="${TEST_REQUIRE_INSTALL_TESTS:-1}"
TEST_PARALLELIZE="${TEST_PARALLELIZE:-0}"
+TEST_SUPPORTING_SERVICES_SHOULD_BE_MASKED="${TEST_SUPPORTING_SERVICES_SHOULD_BE_MASKED:-1}"
LOOPDEV=
# Simple wrapper to unify boolean checks.
@@ -2787,9 +2788,8 @@ test_setup() {
fi
mount_initdir
- # We want to test all services in TEST-01-BASIC, but mask them in
- # all other tests
- if [[ "${TESTID:?}" != "01" ]]; then
+
+ if get_bool "${TEST_SUPPORTING_SERVICES_SHOULD_BE_MASKED}"; then
dinfo "Masking supporting services"
mask_supporting_services
fi

186
SOURCES/0125-test-fuzz-our-dbus-interfaces-with-dfuzzer.patch Normal file
View File

@ -0,0 +1,186 @@
From 25338c37915521876c84bca196de50d73c3c17ea Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Mon, 13 Dec 2021 20:50:28 +0100
Subject: [PATCH] test: fuzz our dbus interfaces with dfuzzer
(cherry picked from commit 354b3364aa63620a0f732bb8a6fe9332a4f550e4)
Related: #2087652
---
test/TEST-21-DFUZZER/Makefile | 1 +
test/TEST-21-DFUZZER/test.sh | 24 +++++++++
test/test-functions | 1 +
test/units/testsuite-21.service | 10 ++++
test/units/testsuite-21.sh | 94 +++++++++++++++++++++++++++++++++
5 files changed, 130 insertions(+)
create mode 120000 test/TEST-21-DFUZZER/Makefile
create mode 100755 test/TEST-21-DFUZZER/test.sh
create mode 100644 test/units/testsuite-21.service
create mode 100755 test/units/testsuite-21.sh
diff --git a/test/TEST-21-DFUZZER/Makefile b/test/TEST-21-DFUZZER/Makefile
new file mode 120000
index 0000000000..e9f93b1104
--- /dev/null
+++ b/test/TEST-21-DFUZZER/Makefile
@@ -0,0 +1 @@
+../TEST-01-BASIC/Makefile
\ No newline at end of file
diff --git a/test/TEST-21-DFUZZER/test.sh b/test/TEST-21-DFUZZER/test.sh
new file mode 100755
index 0000000000..ecc04e368c
--- /dev/null
+++ b/test/TEST-21-DFUZZER/test.sh
@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+# SPDX-License-Identifier: LGPL-2.1-or-later
+set -e
+
+TEST_DESCRIPTION="Fuzz our D-Bus interfaces with dfuzzer"
+TEST_NO_NSPAWN=1
+TEST_SUPPORTING_SERVICES_SHOULD_BE_MASKED=0
+QEMU_TIMEOUT="${QEMU_TIMEOUT:-1800}"
+
+# shellcheck source=test/test-functions
+. "${TEST_BASE_DIR:?}/test-functions"
+
+command -v dfuzzer >/dev/null || exit 0
+
+test_append_files() {
+ local workspace="${1:?}"
+
+ image_install dfuzzer /etc/dfuzzer.conf
+
+ # Enable all systemd-related services, including the D-Bus ones
+ "$SYSTEMCTL" --root="${workspace:?}" preset-all
+}
+
+do_test "$@"
diff --git a/test/test-functions b/test/test-functions
index 44f465c914..079a7249e4 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -99,6 +99,7 @@ SYSTEMD_JOURNAL_REMOTE="${SYSTEMD_JOURNAL_REMOTE:-$(command -v "$BUILD_DIR/syste
SYSTEMD="${SYSTEMD:-$(command -v "$BUILD_DIR/systemd" || command -v "$ROOTLIBDIR/systemd")}"
SYSTEMD_NSPAWN="${SYSTEMD_NSPAWN:-$(command -v "$BUILD_DIR/systemd-nspawn" || command -v systemd-nspawn)}"
JOURNALCTL="${JOURNALCTL:-$(command -v "$BUILD_DIR/journalctl" || command -v journalctl)}"
+SYSTEMCTL="${SYSTEMCTL:-$(command -v "$BUILD_DIR/systemctl" || command -v systemctl)}"
TESTFILE="${BASH_SOURCE[1]}"
if [ -z "$TESTFILE" ]; then
diff --git a/test/units/testsuite-21.service b/test/units/testsuite-21.service
new file mode 100644
index 0000000000..a5f77d07b4
--- /dev/null
+++ b/test/units/testsuite-21.service
@@ -0,0 +1,10 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Fuzz our D-Bus interfaces with dfuzzer
+After=dbus.service multi-user.target
+Wants=dbus.service multi-user.target
+
+[Service]
+ExecStartPre=rm -f /failed /skipped /testok
+ExecStart=/usr/lib/systemd/tests/testdata/units/%N.sh
+Type=oneshot
diff --git a/test/units/testsuite-21.sh b/test/units/testsuite-21.sh
new file mode 100755
index 0000000000..43b5fb6f22
--- /dev/null
+++ b/test/units/testsuite-21.sh
@@ -0,0 +1,94 @@
+#!/usr/bin/env bash
+# SPDX-License-Identifier: LGPL-2.1-or-later
+set -eux
+set -o pipefail
+
+# Save the end.service state before we start fuzzing, as it might get changed
+# on the fly by one of the fuzzers
+systemctl list-jobs | grep -F 'end.service' && SHUTDOWN_AT_EXIT=1 || SHUTDOWN_AT_EXIT=0
+
+at_exit() {
+ # "Safety net" - check for any coredumps which might have not caused dfuzzer
+ # to stop & return an error (we need to do this now before truncating the
+ # journal)
+ # TODO: check fo ASan/UBSan errors
+ local found_cd=0
+ while read -r exe; do
+ coredumctl info "$exe"
+ found_cd=1
+ done < <(coredumpctl -F COREDUMP_EXE | sort -u)
+ [[ $found_cd -eq 0 ]] || exit 1
+
+ # We have to call the end.service explicitly even if it's specified on
+ # the kernel cmdline via systemd.wants=end.service, since dfuzzer calls
+ # org.freedesktop.systemd1.Manager.ClearJobs() which drops the service
+ # from the queue
+ [[ $SHUTDOWN_AT_EXIT -ne 0 ]] && systemctl start --job-mode=flush end.service
+}
+
+trap at_exit EXIT
+
+systemctl log-level info
+
+# TODO
+# * check for possibly newly introduced buses?
+BUS_LIST=(
+ org.freedesktop.home1
+ org.freedesktop.hostname1
+ org.freedesktop.import1
+ org.freedesktop.locale1
+ org.freedesktop.login1
+ org.freedesktop.machine1
+ org.freedesktop.network1
+ org.freedesktop.portable1
+ org.freedesktop.resolve1
+ org.freedesktop.systemd1
+ org.freedesktop.timedate1
+ org.freedesktop.timesync1
+)
+
+# systemd-oomd requires PSI
+if tail -n +1 /proc/pressure/{cpu,io,memory}; then
+ BUS_LIST+=(org.freedesktop.oom1)
+fi
+
+SESSION_BUS_LIST=(
+ org.freedesktop.systemd1
+)
+
+# Maximum payload size generated by dfuzzer (in bytes) - default: 50K
+PAYLOAD_MAX=50000
+# Tweak the maximum payload size if we're running under sanitizers, since
+# with larger payloads we start hitting reply timeouts
+if [[ -v ASAN_OPTIONS || -v UBSAN_OPTIONS ]]; then
+ PAYLOAD_MAX=10000 # 10K
+fi
+
+# Overmount /var/lib/machines with a size-limited tmpfs, as fuzzing
+# the org.freedesktop.machine1 stuff makes quite a mess
+mount -t tmpfs -o size=50M tmpfs /var/lib/machines
+
+# Fuzz both the system and the session buses (where applicable)
+for bus in "${BUS_LIST[@]}"; do
+ echo "Bus: $bus (system)"
+ systemd-run --pipe --wait \
+ -- dfuzzer -v -b "$PAYLOAD_MAX" -n "$bus"
+
+ # Let's reload the systemd daemon to test (de)serialization as well
+ systemctl daemon-reload
+done
+
+umount /var/lib/machines
+
+for bus in "${SESSION_BUS_LIST[@]}"; do
+ echo "Bus: $bus (session)"
+ systemd-run --machine 'testuser@.host' --user --pipe --wait \
+ -- dfuzzer -v -b "$PAYLOAD_MAX" -n "$bus"
+
+ # Let's reload the systemd user daemon to test (de)serialization as well
+ systemctl --machine 'testuser@.host' --user daemon-reload
+done
+
+echo OK >/testok
+
+exit 0

31
SOURCES/0126-test-skip-TEST-21-DFUZZER-without-ASan.patch Normal file
View File

@ -0,0 +1,31 @@
From 8f848593293b69f293734e07ec975ee76a3e6df5 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Sun, 19 Jun 2022 10:39:12 +0200
Subject: [PATCH] test: skip TEST-21-DFUZZER without ASan
as the test is quite time consuming and it yields more useful reports
when the target app is built with sanitizers.
(cherry picked from commit d768243a95c33e73afe9a7e487acf329884e03c1)
Related: #2087652
---
test/TEST-21-DFUZZER/test.sh | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/test/TEST-21-DFUZZER/test.sh b/test/TEST-21-DFUZZER/test.sh
index ecc04e368c..42e37c8a9c 100755
--- a/test/TEST-21-DFUZZER/test.sh
+++ b/test/TEST-21-DFUZZER/test.sh
@@ -12,6 +12,11 @@ QEMU_TIMEOUT="${QEMU_TIMEOUT:-1800}"
command -v dfuzzer >/dev/null || exit 0
+if ! get_bool "$IS_BUILT_WITH_ASAN"; then
+ echo "systemd is built without ASan, skipping..."
+ exit 0
+fi
+
test_append_files() {
local workspace="${1:?}"

41
SOURCES/0127-core-annotate-Reexecute-as-NoReply.patch Normal file
View File

@ -0,0 +1,41 @@
From fc6e005962167c26b9ef6cdd9e3476abeeb47313 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Mon, 9 May 2022 23:43:40 +0200
Subject: [PATCH] core: annotate Reexecute() as NoReply
So we're able to tell from the introspection data that the method
doesn't reply.
(cherry picked from commit 624f685fe8ff1a90370e02faf60d0292a8e01f26)
Related: #2087652
---
man/org.freedesktop.systemd1.xml | 1 +
src/core/dbus-manager.c | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml
index bd69a00b57..e1abb7f389 100644
--- a/man/org.freedesktop.systemd1.xml
+++ b/man/org.freedesktop.systemd1.xml
@@ -169,6 +169,7 @@ node /org/freedesktop/systemd1 {
Dump(out s output);
DumpByFileDescriptor(out h fd);
Reload();
+ @org.freedesktop.DBus.Method.NoReply("true")
Reexecute();
@org.freedesktop.systemd1.Privileged("true")
Exit();
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index 9b64a8074d..1a3098ceb1 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -3105,7 +3105,7 @@ const sd_bus_vtable bus_manager_vtable[] = {
NULL,
NULL,
method_reexecute,
- SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_VTABLE_UNPRIVILEGED|SD_BUS_VTABLE_METHOD_NO_REPLY),
SD_BUS_METHOD("Exit",
NULL,
NULL,

28
SOURCES/0128-test-always-force-a-new-image-for-dfuzzer.patch Normal file
View File

@ -0,0 +1,28 @@
From e162696827d97449e6395fc017fe6865aa6f1ad1 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 21 Jun 2022 10:01:30 +0200
Subject: [PATCH] test: always force a new image for dfuzzer
Otherwise we might end up with an image containing broken service
symlinks and other things, which break certain parts of the test.
(cherry picked from commit 5dffa6b032168305213e4fb0d72fb02363acfd65)
Related: #2087652
---
test/TEST-21-DFUZZER/test.sh | 2 ++
1 file changed, 2 insertions(+)
diff --git a/test/TEST-21-DFUZZER/test.sh b/test/TEST-21-DFUZZER/test.sh
index 42e37c8a9c..7669e4e0ad 100755
--- a/test/TEST-21-DFUZZER/test.sh
+++ b/test/TEST-21-DFUZZER/test.sh
@@ -6,6 +6,8 @@ TEST_DESCRIPTION="Fuzz our D-Bus interfaces with dfuzzer"
TEST_NO_NSPAWN=1
TEST_SUPPORTING_SERVICES_SHOULD_BE_MASKED=0
QEMU_TIMEOUT="${QEMU_TIMEOUT:-1800}"
+IMAGE_NAME=dfuzzer
+TEST_FORCE_NEWIMAGE=1
# shellcheck source=test/test-functions
. "${TEST_BASE_DIR:?}/test-functions"

38
SOURCES/0129-test-make-dfuzzer-less-verbose.patch Normal file
View File

@ -0,0 +1,38 @@
From 0e72d8a8bbed61ffa3cbf2637f1b29ade7af45be Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 21 Jun 2022 10:04:03 +0200
Subject: [PATCH] test: make dfuzzer less verbose
Otherwise it oversaturates the journal, which in some cases can't keep
up with the load of messages (due to the performance penalty caused by
sanitizers), and gets killed by a watchdog.
(cherry picked from commit d3eb4159c9577f0a9ee776d34fcec7ad913d88a5)
Related: #2087652
---
test/units/testsuite-21.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/test/units/testsuite-21.sh b/test/units/testsuite-21.sh
index 43b5fb6f22..604bf145ca 100755
--- a/test/units/testsuite-21.sh
+++ b/test/units/testsuite-21.sh
@@ -72,7 +72,7 @@ mount -t tmpfs -o size=50M tmpfs /var/lib/machines
for bus in "${BUS_LIST[@]}"; do
echo "Bus: $bus (system)"
systemd-run --pipe --wait \
- -- dfuzzer -v -b "$PAYLOAD_MAX" -n "$bus"
+ -- dfuzzer -b "$PAYLOAD_MAX" -n "$bus"
# Let's reload the systemd daemon to test (de)serialization as well
systemctl daemon-reload
@@ -83,7 +83,7 @@ umount /var/lib/machines
for bus in "${SESSION_BUS_LIST[@]}"; do
echo "Bus: $bus (session)"
systemd-run --machine 'testuser@.host' --user --pipe --wait \
- -- dfuzzer -v -b "$PAYLOAD_MAX" -n "$bus"
+ -- dfuzzer -b "$PAYLOAD_MAX" -n "$bus"
# Let's reload the systemd user daemon to test (de)serialization as well
systemctl --machine 'testuser@.host' --user daemon-reload

37
SOURCES/0130-test-drop-the-at_exit-coredump-check.patch Normal file
View File

@ -0,0 +1,37 @@
From e5291b4fb0d9adfc9da510f4acc7330d57e3e415 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 21 Jun 2022 10:13:48 +0200
Subject: [PATCH] test: drop the at_exit() coredump check
since we don't truncate the journal anymore.
(cherry picked from commit 5309b56505dfccf9111cb5fe6461047725429e79)
Related: #2087652
---
test/units/testsuite-21.sh | 12 +-----------
1 file changed, 1 insertion(+), 11 deletions(-)
diff --git a/test/units/testsuite-21.sh b/test/units/testsuite-21.sh
index 604bf145ca..053d571a90 100755
--- a/test/units/testsuite-21.sh
+++ b/test/units/testsuite-21.sh
@@ -8,17 +8,7 @@ set -o pipefail
systemctl list-jobs | grep -F 'end.service' && SHUTDOWN_AT_EXIT=1 || SHUTDOWN_AT_EXIT=0
at_exit() {
- # "Safety net" - check for any coredumps which might have not caused dfuzzer
- # to stop & return an error (we need to do this now before truncating the
- # journal)
- # TODO: check fo ASan/UBSan errors
- local found_cd=0
- while read -r exe; do
- coredumctl info "$exe"
- found_cd=1
- done < <(coredumpctl -F COREDUMP_EXE | sort -u)
- [[ $found_cd -eq 0 ]] || exit 1
-
+ set +e
# We have to call the end.service explicitly even if it's specified on
# the kernel cmdline via systemd.wants=end.service, since dfuzzer calls
# org.freedesktop.systemd1.Manager.ClearJobs() which drops the service

54
SOURCES/0131-test-make-the-shutdown-routine-a-bit-more-robust.patch Normal file
View File

@ -0,0 +1,54 @@
From a0464b064c46f9a63fd3f8d6f2d8560c7e5d32d3 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 21 Jun 2022 10:20:12 +0200
Subject: [PATCH] test: make the shutdown routine a bit more "robust"
Replace the call to the `end.service` with `systemctl poweroff`, since
it seems to cause issues no matter what `--job-mode=` is used:
```
[ 129.070993] testsuite-21.sh[380]: ++ systemctl start --job-mode=flush end.service
[ 129.154985] testsuite-21.sh[912]: Failed to start end.service: Transaction for end.service/start is destructive (sysinit.target has 'stop' job queued, but 'start' is included in transaction).
[ 129.159636] testsuite-21.sh[912]: See system logs and 'systemctl status end.service' for details.
```
Also, add a "safety net" which bypasses the manager and does the
poweroff directly, since sometimes the D-Bus call performed by
`systemctl` might timeout (as the manager might be still processing data
from the fuzzing):
```
[ 115.776778] sh[894]: + systemctl poweroff --no-block
[ 166.164242] testsuite-21.sh[893]: Failed to start transient service unit: Connection timed out
[ 166.269289] sh[894]: Call to PowerOff failed: Connection timed out
```
(cherry picked from commit 56e8ee55d58e38d47992ca6b5b6466fdb5be4781)
Related: #2087652
---
test/units/testsuite-21.sh | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/test/units/testsuite-21.sh b/test/units/testsuite-21.sh
index 053d571a90..e9bf18603a 100755
--- a/test/units/testsuite-21.sh
+++ b/test/units/testsuite-21.sh
@@ -9,11 +9,15 @@ systemctl list-jobs | grep -F 'end.service' && SHUTDOWN_AT_EXIT=1 || SHUTDOWN_AT
at_exit() {
set +e
- # We have to call the end.service explicitly even if it's specified on
+ # We have to call the end.service/poweroff explicitly even if it's specified on
# the kernel cmdline via systemd.wants=end.service, since dfuzzer calls
# org.freedesktop.systemd1.Manager.ClearJobs() which drops the service
# from the queue
- [[ $SHUTDOWN_AT_EXIT -ne 0 ]] && systemctl start --job-mode=flush end.service
+ if [[ $SHUTDOWN_AT_EXIT -ne 0 ]] && ! systemctl poweroff; then
+ # PID1 is down let's try to save the journal
+ journalctl --sync || : # journal can be down as well so let's ignore exit codes here
+ systemctl -ff poweroff # sync() and reboot(RB_POWER_OFF)
+ fi
}
trap at_exit EXIT

167
SOURCES/0132-tree-wide-drop-manually-crafted-message-for-missing-.patch Normal file
View File

@ -0,0 +1,167 @@
From 910711b21c5fe4f26ad20a4d86e1acfb2a0afbdb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 4 May 2022 08:24:06 +0200
Subject: [PATCH] tree-wide: drop manually-crafted message for missing
variables
Bash will generate a very nice message for us:
/tmp/ff.sh: line 1: SOMEVAR: parameter null or not set
Let's save some keystrokes by not replacing this with our own inferior
messages.
(cherry picked from commit d7ff52403902900b61f644f87b5222822fd4a69b)
Related: #2087652
---
test/TEST-36-NUMAPOLICY/test.sh | 2 +-
test/hwdb-test.sh | 2 +-
test/test-rpm-macros.sh | 2 +-
test/units/testsuite-15.sh | 4 ++--
test/units/testsuite-36.sh | 14 +++++++-------
test/units/testsuite-46.sh | 2 +-
tools/check-directives.sh | 4 ++--
7 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/test/TEST-36-NUMAPOLICY/test.sh b/test/TEST-36-NUMAPOLICY/test.sh
index 0eaaee9608..5f38bf1009 100755
--- a/test/TEST-36-NUMAPOLICY/test.sh
+++ b/test/TEST-36-NUMAPOLICY/test.sh
@@ -9,7 +9,7 @@ TEST_NO_NSPAWN=1
. "${TEST_BASE_DIR:?}/test-functions"
if qemu_min_version "5.2.0"; then
- QEMU_OPTIONS="-object memory-backend-ram,id=mem0,size=${QEMU_MEM:?QEMU_MEM is unset} -numa node,memdev=mem0,nodeid=0"
+ QEMU_OPTIONS="-object memory-backend-ram,id=mem0,size=${QEMU_MEM:?} -numa node,memdev=mem0,nodeid=0"
else
QEMU_OPTIONS="-numa node,nodeid=0"
fi
diff --git a/test/hwdb-test.sh b/test/hwdb-test.sh
index 0551f26a2d..29183e6829 100755
--- a/test/hwdb-test.sh
+++ b/test/hwdb-test.sh
@@ -11,7 +11,7 @@ set -e
export SYSTEMD_LOG_LEVEL=info
ROOTDIR="$(dirname "$(dirname "$(readlink -f "$0")")")"
-SYSTEMD_HWDB="${1:?missing argument}"
+SYSTEMD_HWDB="${1:?}"
if [ ! -x "$SYSTEMD_HWDB" ]; then
echo "$SYSTEMD_HWDB is not executable" >&2
diff --git a/test/test-rpm-macros.sh b/test/test-rpm-macros.sh
index 5843b72346..c7107dec3e 100755
--- a/test/test-rpm-macros.sh
+++ b/test/test-rpm-macros.sh
@@ -6,7 +6,7 @@
# rpmspec utility is required (so this test will work with RPM 4 but won't work with RPM 5).
set -eu
-BUILD_DIR="${1:?Missing argument: build directory}"
+BUILD_DIR="${1:?}"
RPM_MACROS_FILE="${BUILD_DIR:?}/src/rpm/macros.systemd"
if ! command -v rpm >/dev/null || ! command -v rpmspec >/dev/null; then
diff --git a/test/units/testsuite-15.sh b/test/units/testsuite-15.sh
index 0446e71c38..f847adac74 100755
--- a/test/units/testsuite-15.sh
+++ b/test/units/testsuite-15.sh
@@ -4,7 +4,7 @@ set -eux
set -o pipefail
_clear_service () {
- local SERVICE_NAME="${1:?_clear_service: missing argument}"
+ local SERVICE_NAME="${1:?}"
systemctl stop "$SERVICE_NAME.service" 2>/dev/null || :
rm -f /{etc,run,usr/lib}/systemd/system/"$SERVICE_NAME".service
rm -fr /{etc,run,usr/lib}/systemd/system/"$SERVICE_NAME".service.d
@@ -25,7 +25,7 @@ clear_services () {
}
create_service () {
- local SERVICE_NAME="${1:?create_service: missing argument}"
+ local SERVICE_NAME="${1:?}"
clear_services "$SERVICE_NAME"
cat >/etc/systemd/system/"$SERVICE_NAME".service <<EOF
diff --git a/test/units/testsuite-36.sh b/test/units/testsuite-36.sh
index b6c00c4845..cc4deffdbd 100755
--- a/test/units/testsuite-36.sh
+++ b/test/units/testsuite-36.sh
@@ -72,7 +72,7 @@ checkNUMA() {
writePID1NUMAPolicy() {
cat >"$confDir/numa.conf" <<EOF
[Manager]
-NUMAPolicy=${1:?missing argument: NUMAPolicy}
+NUMAPolicy=${1:?}
NUMAMask=${2:-""}
EOF
}
@@ -85,7 +85,7 @@ writeTestUnit() {
writeTestUnitNUMAPolicy() {
cat >"$testUnitNUMAConf" <<EOF
[Service]
-NUMAPolicy=${1:?missing argument: NUMAPolicy}
+NUMAPolicy=${1:?}
NUMAMask=${2:-""}
EOF
systemctl daemon-reload
@@ -106,25 +106,25 @@ pid1ReloadWithJournal() {
pid1StartUnitWithStrace() {
startStrace '-f'
- systemctl start "${1:?missing unit name}"
+ systemctl start "${1:?}"
sleep $sleepAfterStart
stopStrace
}
pid1StartUnitWithJournal() {
startJournalctl
- systemctl start "${1:?missing unit name}"
+ systemctl start "${1:?}"
sleep $sleepAfterStart
stopJournalctl
}
pid1StopUnit() {
- systemctl stop "${1:?missing unit name}"
+ systemctl stop "${1:?}"
}
systemctlCheckNUMAProperties() {
- local UNIT_NAME="${1:?missing unit name}"
- local NUMA_POLICY="${2:?missing NUMAPolicy}"
+ local UNIT_NAME="${1:?}"
+ local NUMA_POLICY="${2:?}"
local NUMA_MASK="${3:-""}"
local LOGFILE
diff --git a/test/units/testsuite-46.sh b/test/units/testsuite-46.sh
index c3e57cec95..61ee921151 100755
--- a/test/units/testsuite-46.sh
+++ b/test/units/testsuite-46.sh
@@ -15,7 +15,7 @@ inspect() {
# avoid unexpected fails. To see the full outputs of both homectl &
# userdbctl (for debugging purposes) drop the fields just before the
# comparison.
- local USERNAME="${1:?missing argument}"
+ local USERNAME="${1:?}"
homectl inspect "$USERNAME" | tee /tmp/a
userdbctl user "$USERNAME" | tee /tmp/b
diff --git a/tools/check-directives.sh b/tools/check-directives.sh
index 0661da4d3b..af846c4d73 100755
--- a/tools/check-directives.sh
+++ b/tools/check-directives.sh
@@ -3,8 +3,8 @@
set -eu
set -o pipefail
-SOURCE_ROOT="${1:?Missing argument: project source root}"
-BUILD_ROOT="${2:?Missing argument: project build root}"
+SOURCE_ROOT="${1:?}"
+BUILD_ROOT="${2:?}"
command -v gawk &>/dev/null || exit 77

56
SOURCES/0133-test-allow-overriding-QEMU_MEM-when-running-w-ASan.patch Normal file
View File

@ -0,0 +1,56 @@
From 3e31fc66a206c272e7f73581c5ca752b4439fec3 Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 21 Jun 2022 12:09:35 +0200
Subject: [PATCH] test: allow overriding $QEMU_MEM when running w/ ASan
(cherry picked from commit dc350e78fe66ae8698574202b2e30e5d650219ec)
Related: #2087652
---
test/TEST-36-NUMAPOLICY/test.sh | 2 +-
test/test-functions | 5 ++---
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/test/TEST-36-NUMAPOLICY/test.sh b/test/TEST-36-NUMAPOLICY/test.sh
index 5f38bf1009..7909b1dce3 100755
--- a/test/TEST-36-NUMAPOLICY/test.sh
+++ b/test/TEST-36-NUMAPOLICY/test.sh
@@ -9,7 +9,7 @@ TEST_NO_NSPAWN=1
. "${TEST_BASE_DIR:?}/test-functions"
if qemu_min_version "5.2.0"; then
- QEMU_OPTIONS="-object memory-backend-ram,id=mem0,size=${QEMU_MEM:?} -numa node,memdev=mem0,nodeid=0"
+ QEMU_OPTIONS="-object memory-backend-ram,id=mem0,size=${QEMU_MEM:-512M} -numa node,memdev=mem0,nodeid=0"
else
QEMU_OPTIONS="-numa node,nodeid=0"
fi
diff --git a/test/test-functions b/test/test-functions
index 079a7249e4..98efd047d7 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -30,7 +30,6 @@ TIMED_OUT= # will be 1 after run_* if *_TIMEOUT is set and test timed out
[[ "$LOOKS_LIKE_SUSE" ]] && FSTYPE="${FSTYPE:-btrfs}" || FSTYPE="${FSTYPE:-ext4}"
UNIFIED_CGROUP_HIERARCHY="${UNIFIED_CGROUP_HIERARCHY:-default}"
EFI_MOUNT="${EFI_MOUNT:-$(bootctl -x 2>/dev/null || echo /boot)}"
-QEMU_MEM="${QEMU_MEM:-512M}"
# Note that defining a different IMAGE_NAME in a test setup script will only result
# in default.img being copied and renamed. It can then be extended by defining
# a test_append_files() function. The $1 parameter will be the root directory.
@@ -255,7 +254,7 @@ if get_bool "$IS_BUILT_WITH_ASAN"; then
STRIP_BINARIES=no
SKIP_INITRD="${SKIP_INITRD:-yes}"
PATH_TO_INIT=$ROOTLIBDIR/systemd-under-asan
- QEMU_MEM="2048M"
+ QEMU_MEM="${QEMU_MEM:-2G}"
QEMU_SMP="${QEMU_SMP:-4}"
# We need to correctly distinguish between gcc's and clang's ASan DSOs.
@@ -444,7 +443,7 @@ run_qemu() {
qemu_options+=(
-smp "$QEMU_SMP"
-net none
- -m "$QEMU_MEM"
+ -m "${QEMU_MEM:-512M}"
-nographic
-kernel "$KERNEL_BIN"
-drive "format=raw,cache=unsafe,file=$image"

Some files were not shown because too many files have changed in this diff Show More