From 57b9bd38d3d1d3578d625fee3f7cce4c4111d728 Mon Sep 17 00:00:00 2001
From: Jan Macku <jamacku@redhat.com>
Date: Wed, 17 Jul 2024 12:36:56 +0200
Subject: [PATCH] systemd-252-39

Resolves: RHEL-30372,RHEL-33436,RHEL-44630,RHEL-36276
---
 ...eme-disable-NAMING_BRIDGE_MULTIFUNCT.patch | 71 +++++++++++++++++++
 ...eme-make-actually-possible-to-use-rh.patch | 29 ++++++++
 ...ne-generator_open_unit_file-and-gene.patch | 70 ++++++++++++++++++
 ...add-support-for-rhel-only-parameters.patch | 55 ++++++++++++++
 systemd.spec                                  | 16 ++++-
 5 files changed, 239 insertions(+), 2 deletions(-)
 create mode 100644 0818-netif-naming-scheme-disable-NAMING_BRIDGE_MULTIFUNCT.patch
 create mode 100644 0819-netif-naming-scheme-make-actually-possible-to-use-rh.patch
 create mode 100644 0820-generator-uninline-generator_open_unit_file-and-gene.patch
 create mode 100644 0821-ci-add-support-for-rhel-only-parameters.patch

diff --git a/0818-netif-naming-scheme-disable-NAMING_BRIDGE_MULTIFUNCT.patch b/0818-netif-naming-scheme-disable-NAMING_BRIDGE_MULTIFUNCT.patch
new file mode 100644
index 0000000..5bfd877
--- /dev/null
+++ b/0818-netif-naming-scheme-disable-NAMING_BRIDGE_MULTIFUNCT.patch
@@ -0,0 +1,71 @@
+From 753e1b1c9b255d528eb8b2a2af072a83eb85d784 Mon Sep 17 00:00:00 2001
+From: Yu Watanabe <watanabe.yu+github@gmail.com>
+Date: Thu, 24 Aug 2023 00:01:19 +0900
+Subject: [PATCH] netif-naming-scheme: disable NAMING_BRIDGE_MULTIFUNCTION_SLOT
+
+This effectively reverts 66425daf2c68793adf24a48a26d58add8662e83f.
+
+The commit assumes that if the network interface has multifunctions,
+then the function fields of the pci devices under the same PCI bridge
+device are unique.
+But it seems not, at least on some setups. See issue #28929.
+Let's revert the change, and always refuse to set slot base naming if
+a PCI bridge is detected.
+
+Fixes #28929.
+
+(cherry picked from commit af7417ac7b07bc01232982bf46e9d72e69e7f820)
+
+Resolves: RHEL-44630
+---
+ man/systemd.net-naming-scheme.xml | 14 ++++++++++++++
+ src/shared/netif-naming-scheme.h  |  4 +++-
+ 2 files changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml
+index a5903c6d04..83293e5636 100644
+--- a/man/systemd.net-naming-scheme.xml
++++ b/man/systemd.net-naming-scheme.xml
+@@ -499,6 +499,20 @@
+ 
+            <listitem><para>Same as naming scheme <constant>rhel-9.3</constant>.</para></listitem>
+         </varlistentry>
++
++        <varlistentry>
++            <term><constant>rhel-9.5</constant></term>
++
++          <listitem><para>Never generate a slot name when a PCI bridge is detected.</para>
++
++          <para>Since version <constant>"rhel-9.0"</constant>, we have generated slot-based names
++          for PCI multifunction devices, because we assumed that it is enough to use function numbers
++          to distinguish between devices. However, name conflict can occur if these devices are not
++          children of the same PCI bridge, e.g. there are multiple PCI bridges in the same slot.
++          </para>
++          </listitem>
++        </varlistentry>
++
+       </variablelist>
+ 
+     <para>By default <constant>rhel-9.0</constant> is used.</para>
+diff --git a/src/shared/netif-naming-scheme.h b/src/shared/netif-naming-scheme.h
+index 5f49157aaa..5bc071f8db 100644
+--- a/src/shared/netif-naming-scheme.h
++++ b/src/shared/netif-naming-scheme.h
+@@ -38,7 +38,8 @@ typedef enum NamingSchemeFlags {
+         NAMING_16BIT_INDEX               = 1 << 11, /* Allow full 16-bit for the onboard index */
+         NAMING_REPLACE_STRICTLY          = 1 << 12, /* Use udev_replace_ifname() for NAME= rule */
+         NAMING_XEN_VIF                   = 1 << 13, /* Generate names for Xen netfront devices */
+-        NAMING_BRIDGE_MULTIFUNCTION_SLOT = 1 << 14, /* Use PCI hotplug slot information associated with bridge, but only if PCI device is multifunction */
++        NAMING_BRIDGE_MULTIFUNCTION_SLOT = 1 << 14, /* Use PCI hotplug slot information associated with bridge, but only if PCI device is multifunction.
++                                                     * This is disabled since rhel-9.5, as it seems not to work at least for some setups. See upstream issue #28929. */
+         NAMING_DEVICETREE_ALIASES        = 1 << 15, /* Generate names from devicetree aliases */
+         NAMING_SR_IOV_R                  = 1 << 17, /* Use "r" suffix for SR-IOV VF representors */
+ 
+@@ -72,6 +73,7 @@ typedef enum NamingSchemeFlags {
+         NAMING_RHEL_9_2 = NAMING_RHEL_9_0,
+         NAMING_RHEL_9_3 = NAMING_RHEL_9_0 | NAMING_SR_IOV_R,
+         NAMING_RHEL_9_4 = NAMING_RHEL_9_3,
++        NAMING_RHEL_9_5 = NAMING_RHEL_9_4 & ~NAMING_BRIDGE_MULTIFUNCTION_SLOT,
+ 
+         EXTRA_NET_NAMING_SCHEMES
+ 
diff --git a/0819-netif-naming-scheme-make-actually-possible-to-use-rh.patch b/0819-netif-naming-scheme-make-actually-possible-to-use-rh.patch
new file mode 100644
index 0000000..003f67e
--- /dev/null
+++ b/0819-netif-naming-scheme-make-actually-possible-to-use-rh.patch
@@ -0,0 +1,29 @@
+From d7dcbf9726607734dffdf01f853b423400f4849d Mon Sep 17 00:00:00 2001
+From: Lukas Nykryn <lnykryn@redhat.com>
+Date: Wed, 3 Jul 2024 16:57:02 +0200
+Subject: [PATCH] netif-naming-scheme: make actually possible to use rhel-9.5
+ scheme
+
+In 753e1b1c9b255d528eb8b2a2af072a83eb85d784 we forgot to update the
+netif-naming-scheme.c file to allow people to actually use the new
+rhel-9.5 scheme.
+
+RHEL-only
+
+Resolves: RHEL-44630
+---
+ src/shared/netif-naming-scheme.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/shared/netif-naming-scheme.c b/src/shared/netif-naming-scheme.c
+index 536ed44b21..9f0c783300 100644
+--- a/src/shared/netif-naming-scheme.c
++++ b/src/shared/netif-naming-scheme.c
+@@ -44,6 +44,7 @@ static const NamingScheme naming_schemes[] = {
+         { "rhel-9.2", NAMING_RHEL_9_2 },
+         { "rhel-9.3", NAMING_RHEL_9_3 },
+         { "rhel-9.4", NAMING_RHEL_9_4 },
++        { "rhel-9.5", NAMING_RHEL_9_5 },
+         /* … add more schemes here, as the logic to name devices is updated … */
+ 
+         EXTRA_NET_NAMING_MAP
diff --git a/0820-generator-uninline-generator_open_unit_file-and-gene.patch b/0820-generator-uninline-generator_open_unit_file-and-gene.patch
new file mode 100644
index 0000000..c7f8274
--- /dev/null
+++ b/0820-generator-uninline-generator_open_unit_file-and-gene.patch
@@ -0,0 +1,70 @@
+From 52aaecf1e0eab132be1fd5f9267f8697e3d2bd42 Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Tue, 16 Jul 2024 18:19:45 +0200
+Subject: [PATCH] generator: "uninline" generator_open_unit_file and
+ generator_add_symlink
+
+Inlining of these functions changed ABI of libsystemd-shared which
+causes issue on update when generators packaged in systemd-udev
+subpackage fail to execute because of ABI change. systemd and the
+library are already updated while systemd-udev subpackage is not and
+hence old generators can't be started when systemd is reexecuting
+due to internal library incompatibility.
+
+rhel-only: bugfix
+
+Resolves: RHEL-33436
+---
+ src/shared/generator.c |  8 ++++++++
+ src/shared/generator.h | 10 ++--------
+ 2 files changed, 10 insertions(+), 8 deletions(-)
+
+diff --git a/src/shared/generator.c b/src/shared/generator.c
+index 29de8ada6b..a688ba446c 100644
+--- a/src/shared/generator.c
++++ b/src/shared/generator.c
+@@ -75,6 +75,10 @@ int generator_open_unit_file_full(
+         return 0;
+ }
+ 
++int generator_open_unit_file(const char *dest, const char *source, const char *name, FILE **ret_file) {
++        return generator_open_unit_file_full(dest, source, name, ret_file, NULL);
++}
++
+ int generator_add_symlink_full(
+                 const char *dir,
+                 const char *dst,
+@@ -125,6 +129,10 @@ int generator_add_symlink_full(
+         return 0;
+ }
+ 
++int generator_add_symlink(const char *dir, const char *dst, const char *dep_type, const char *src) {
++        return generator_add_symlink_full(dir, dst, dep_type, src, NULL);
++}
++
+ static int generator_add_ordering(
+                 const char *dir,
+                 const char *src,
+diff --git a/src/shared/generator.h b/src/shared/generator.h
+index d97d6edc67..47feb496cf 100644
+--- a/src/shared/generator.h
++++ b/src/shared/generator.h
+@@ -7,16 +7,10 @@
+ #include "main-func.h"
+ 
+ int generator_open_unit_file_full(const char *dest, const char *source, const char *name, FILE **ret_file, char **ret_temp_path);
+-
+-static inline int generator_open_unit_file(const char *dest, const char *source, const char *name, FILE **ret_file) {
+-        return generator_open_unit_file_full(dest, source, name, ret_file, NULL);
+-}
++int generator_open_unit_file(const char *dest, const char *source, const char *name, FILE **ret_file);
+ 
+ int generator_add_symlink_full(const char *dir, const char *dst, const char *dep_type, const char *src, const char *instance);
+-
+-static inline int generator_add_symlink(const char *dir, const char *dst, const char *dep_type, const char *src) {
+-        return generator_add_symlink_full(dir, dst, dep_type, src, NULL);
+-}
++int generator_add_symlink(const char *dir, const char *dst, const char *dep_type, const char *src);
+ 
+ int generator_write_fsck_deps(
+         FILE *f,
diff --git a/0821-ci-add-support-for-rhel-only-parameters.patch b/0821-ci-add-support-for-rhel-only-parameters.patch
new file mode 100644
index 0000000..f38a5c0
--- /dev/null
+++ b/0821-ci-add-support-for-rhel-only-parameters.patch
@@ -0,0 +1,55 @@
+From 319c5612f69314b71c15862a0e0da249e61eeb89 Mon Sep 17 00:00:00 2001
+From: Jan Macku <jamacku@redhat.com>
+Date: Wed, 17 Jul 2024 10:11:29 +0200
+Subject: [PATCH] ci: add support for rhel-only parameters
+
+rhel-only: ci
+
+Related: RHEL-30372
+---
+ .github/advanced-commit-linter.yml |  4 ++--
+ CONTRIBUTING.md                    | 12 ++++++++++--
+ 2 files changed, 12 insertions(+), 4 deletions(-)
+
+diff --git a/.github/advanced-commit-linter.yml b/.github/advanced-commit-linter.yml
+index 86f0e911f2..5693ae298d 100644
+--- a/.github/advanced-commit-linter.yml
++++ b/.github/advanced-commit-linter.yml
+@@ -4,8 +4,8 @@ policy:
+       - github: systemd/systemd
+     exception:
+       note:
+-        - rhel-only
+-        - RHEL-only
++        - 'rhel-only: (feature|bugfix|policy|doc|workaround|ci|test|other)'
++        - 'RHEL-only: (feature|bugfix|policy|doc|workaround|ci|test|other)'
+   tracker:
+     - keyword:
+         - 'Resolves: #?'
+diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
+index bd17067be2..ce2d10d0c9 100644
+--- a/CONTRIBUTING.md
++++ b/CONTRIBUTING.md
+@@ -33,12 +33,20 @@ Every Pull Request has to comply with the following rules:
+ ### Upstream reference
+ 
+ When doing a back-port of an upstream commit, always use `cherry-pick -x <sha>`. Consider proposing a change upstream first when an upstream commit doesn't exist.
+-If the change isn't upstream relevant or accepted by upstream, mark the commit with the `rhel-only` string.
++If the change isn't upstream relevant or accepted by upstream, mark the commit with the `rhel-only: <parameter>` string, where a `<parameter>` is:
++
++- `feature` - for feature-related commits (cross-version)
++- `bugfix` - for bugfix-related commits (cross-version)
++- `doc` - for documentation-related commits (usually version-specific)
++- `workaround` - for workaround-related commits (usually version-specific)
++- `ci` - for CI-related commits (version-specific)
++- `test` - for test-related commits (version-specific)
++- `other` - for commits that do not fit into any of the above categories (version-specific)
+ 
+ ```md
+ doc: Fix TYPO
+ 
+-rhel-only
++rhel-only: doc
+ 
+ Resolves: RHEL-678
+ ```
diff --git a/systemd.spec b/systemd.spec
index a5d20a8..16eb3a0 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -25,7 +25,7 @@
 Name:           systemd
 Url:            https://systemd.io
 Version:        252
-Release:        38%{?dist}
+Release:        39%{?dist}
 # For a breakdown of the licensing, see README
 License:        LGPLv2+ and MIT and GPLv2+
 Summary:        System and Service Manager
@@ -906,6 +906,10 @@ Patch0814: 0814-tools-explicitly-specify-setup-subcommand.patch
 Patch0815: 0815-fuzz-pass-Dc_args-Dcpp_args-to-fuzzer-targets.patch
 Patch0816: 0816-fuzz-don-t-panic-without-a-C-compiler.patch
 Patch0817: 0817-meson-use-ternary-op-for-brevity.patch
+Patch0818: 0818-netif-naming-scheme-disable-NAMING_BRIDGE_MULTIFUNCT.patch
+Patch0819: 0819-netif-naming-scheme-make-actually-possible-to-use-rh.patch
+Patch0820: 0820-generator-uninline-generator_open_unit_file-and-gene.patch
+Patch0821: 0821-ci-add-support-for-rhel-only-parameters.patch
 
 # Downstream-only patches (9000–9999)
 
@@ -975,6 +979,7 @@ BuildRequires:  git-core
 BuildRequires:  gnu-efi gnu-efi-devel
 %endif
 BuildRequires:  selinux-policy-devel
+BuildRequires:  libfido2-devel
 
 Requires(post): coreutils
 Requires(post): sed
@@ -1305,7 +1310,7 @@ CONFIGURE_OPTS=(
         -Dlibidn2=true
         -Dlibiptc=false
         -Dlibcurl=true
-        -Dlibfido2=false
+        -Dlibfido2=true
         -Defi=true
         -Dgnu-efi=%[%{?have_gnu_efi}?"true":"false"]
         -Dtpm=true
@@ -1786,6 +1791,13 @@ systemd-hwdb update &>/dev/null || :
 %{_prefix}/lib/dracut/modules.d/70rhel-net-naming-sysattrs/*
 
 %changelog
+* Wed Jul 17 2024 systemd maintenance team <systemd-maint@redhat.com> - 252-39
+- enable FIDO2 support (RHEL-36276)
+- netif-naming-scheme: disable NAMING_BRIDGE_MULTIFUNCTION_SLOT (RHEL-44630)
+- netif-naming-scheme: make actually possible to use rhel-9.5 scheme (RHEL-44630)
+- generator: "uninline" generator_open_unit_file and generator_add_symlink (RHEL-33436)
+- ci: add support for rhel-only parameters (RHEL-30372)
+
 * Wed Jun 19 2024 systemd maintenance team <systemd-maint@redhat.com> - 252-38
 - tools: fix the file name that "meson setup" generates (RHEL-30372)
 - tools: explicitly specify "setup" subcommand (RHEL-30372)