diff --git a/9cc6a94790eecfc808335b759355a4005d66f6e3.patch b/9cc6a94790eecfc808335b759355a4005d66f6e3.patch new file mode 100644 index 0000000..e709085 --- /dev/null +++ b/9cc6a94790eecfc808335b759355a4005d66f6e3.patch @@ -0,0 +1,102 @@ +From 9cc6a94790eecfc808335b759355a4005d66f6e3 Mon Sep 17 00:00:00 2001 +From: "Jonathan G. Underwood" +Date: Tue, 22 Dec 2020 20:04:52 +0000 +Subject: [PATCH] cryptsetup: add support for workqueue options + +This commit adds support for disabling the read and write +workqueues with the new crypttab options no-read-workqueue +and no-write-workqueue. These correspond to the cryptsetup +options --perf-no_read_workqueue and --perf-no_write_workqueue +respectively. +--- + man/crypttab.xml | 19 +++++++++++++++++++ + src/cryptsetup/cryptsetup.c | 12 ++++++++++++ + src/shared/cryptsetup-util.h | 8 ++++++++ + 3 files changed, 39 insertions(+) + +diff --git a/man/crypttab.xml b/man/crypttab.xml +index 2062a5b8e70..72fe2e692da 100644 +--- a/man/crypttab.xml ++++ b/man/crypttab.xml +@@ -342,6 +342,25 @@ + + + ++ ++ ++ ++ Bypass dm-crypt internal workqueue and process read requests synchronously. The ++ default is to queue these requests and process them asynchronously. ++ ++ This requires kernel 5.9 or newer. ++ ++ ++ ++ ++ ++ Bypass dm-crypt internal workqueue and process write requests synchronously. The ++ default is to queue these requests and process them asynchronously. ++ ++ This requires kernel 5.9 or newer. ++ ++ ++ + + + +diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c +index 7b21a7457a1..65cbd1aec83 100644 +--- a/src/cryptsetup/cryptsetup.c ++++ b/src/cryptsetup/cryptsetup.c +@@ -60,6 +60,8 @@ static bool arg_verify = false; + static bool arg_discards = false; + static bool arg_same_cpu_crypt = false; + static bool arg_submit_from_crypt_cpus = false; ++static bool arg_no_read_workqueue = false; ++static bool arg_no_write_workqueue = false; + static bool arg_tcrypt_hidden = false; + static bool arg_tcrypt_system = false; + static bool arg_tcrypt_veracrypt = false; +@@ -236,6 +238,10 @@ static int parse_one_option(const char *option) { + arg_same_cpu_crypt = true; + else if (streq(option, "submit-from-crypt-cpus")) + arg_submit_from_crypt_cpus = true; ++ else if (streq(option, "no-read-workqueue")) ++ arg_no_read_workqueue = true; ++ else if (streq(option, "no-write-workqueue")) ++ arg_no_write_workqueue = true; + else if (streq(option, "luks")) + arg_type = ANY_LUKS; + /* since cryptsetup 2.3.0 (Feb 2020) */ +@@ -1352,6 +1358,12 @@ static uint32_t determine_flags(void) { + if (arg_submit_from_crypt_cpus) + flags |= CRYPT_ACTIVATE_SUBMIT_FROM_CRYPT_CPUS; + ++ if (arg_no_read_workqueue) ++ flags |= CRYPT_ACTIVATE_NO_READ_WORKQUEUE; ++ ++ if (arg_no_write_workqueue) ++ flags |= CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE; ++ + #ifdef CRYPT_ACTIVATE_SERIALIZE_MEMORY_HARD_PBKDF + /* Try to decrease the risk of OOM event if memory hard key derivation function is in use */ + /* https://gitlab.com/cryptsetup/cryptsetup/issues/446/ */ +diff --git a/src/shared/cryptsetup-util.h b/src/shared/cryptsetup-util.h +index fa2d2f65f3c..afac5cd46bd 100644 +--- a/src/shared/cryptsetup-util.h ++++ b/src/shared/cryptsetup-util.h +@@ -7,6 +7,14 @@ + #if HAVE_LIBCRYPTSETUP + #include + ++/* These next two are defined in libcryptsetup.h from cryptsetup version 2.3.4 forwards. */ ++#ifndef CRYPT_ACTIVATE_NO_READ_WORKQUEUE ++#define CRYPT_ACTIVATE_NO_READ_WORKQUEUE (1 << 24) ++#endif ++#ifndef CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE ++#define CRYPT_ACTIVATE_NO_WRITE_WORKQUEUE (1 << 25) ++#endif ++ + extern int (*sym_crypt_activate_by_passphrase)(struct crypt_device *cd, const char *name, int keyslot, const char *passphrase, size_t passphrase_size, uint32_t flags); + #if HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY + extern int (*sym_crypt_activate_by_signed_key)(struct crypt_device *cd, const char *name, const char *volume_key, size_t volume_key_size, const char *signature, size_t signature_size, uint32_t flags); diff --git a/rpminspect.yaml b/rpminspect.yaml new file mode 100644 index 0000000..174fbd2 --- /dev/null +++ b/rpminspect.yaml @@ -0,0 +1,13 @@ + # Disable badfuncs check that has tons of false positives. +badfuncs: + exclude_path: .* + +# don't report changed content of compiled files +# that is expected with every update +changedfiles: + exclude_path: .* + +# completely disabled inspections: +inspections: + # we know about our patches, no need to report anything + patches: off diff --git a/sources b/sources index c9283b6..96b40ab 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (systemd-247.2.tar.gz) = 220739bedb7ccbb35d9d2ff441a52e0615fbe80da5141f7e0420d469f4d66d3604ea72ce70c3deaa2afa5a32b3c7eec4340738337c96891b471e23ed43cd6a82 +SHA512 (systemd-247.3.tar.gz) = 0b12f6b9b02d86ee2f4198dd5f96a6267652fdc4867517e10a214a59b63c996fd14aeb2f47a97806718cdda52d1705a3b2359e4ae5e5d8d52d61ad05e7941d1e diff --git a/systemd.spec b/systemd.spec index 9c5a7eb..ea5f69d 100644 --- a/systemd.spec +++ b/systemd.spec @@ -20,7 +20,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd -Version: 247.2 +Version: 247.3 Release: 1%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ @@ -68,14 +68,14 @@ i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done| GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[67]* hwdb/parse_hwdb.py > hwdb.patch %endif +# Backports of patches from upstream (0000–0499) + +# Downstream-only patches (5000–9999) # https://bugzilla.redhat.com/show_bug.cgi?id=1738828 -Patch0001: use-bfq-scheduler.patch +Patch0500: use-bfq-scheduler.patch -Patch0003: 0001-test-path-util-do-not-fail-if-the-fd_is_mount_point-.patch -Patch0004: 0001-test-path-util-ignore-test-failure.patch -Patch0005: 0001-test-login-skip-consistency-checks-when-logind-is-no.patch - -Patch0009: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch +# https://github.com/systemd/systemd/pull/17050 +Patch0501: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 @@ -154,7 +154,7 @@ Requires: dbus >= 1.9.18 Requires: %{name}-pam = %{version}-%{release} Requires: %{name}-rpm-macros = %{version}-%{release} Requires: %{name}-libs = %{version}-%{release} -Recommends: %{name}-networkd = %{version}-%{release} +%{?fedora:Recommends: %{name}-networkd = %{version}-%{release}} Recommends: diffutils Requires: util-linux Recommends: libxkbcommon%{?_isa} @@ -453,6 +453,10 @@ CONFIGURE_OPTS=( -Doomd=true ) +%if %{without lto} +%global _lto_cflags %nil +%endif + %meson "${CONFIGURE_OPTS[@]}" %meson_build @@ -813,15 +817,11 @@ getent group systemd-journal-remote &>/dev/null || groupadd -r systemd-journal-r getent passwd systemd-journal-remote &>/dev/null || useradd -r -l -g systemd-journal-remote -d %{_localstatedir}/log/journal/remote -s /sbin/nologin -c "Journal Remote" systemd-journal-remote &>/dev/null || : %post journal-remote -%systemd_post systemd-journal-gatewayd.socket systemd-journal-gatewayd.service -%systemd_post systemd-journal-remote.socket systemd-journal-remote.service -%systemd_post systemd-journal-upload.service +%systemd_post systemd-journal-gatewayd.socket systemd-journal-gatewayd.service systemd-journal-remote.socket systemd-journal-remote.service systemd-journal-upload.service %firewalld_reload %preun journal-remote -%systemd_preun systemd-journal-gatewayd.socket systemd-journal-gatewayd.service -%systemd_preun systemd-journal-remote.socket systemd-journal-remote.service -%systemd_preun systemd-journal-upload.service +%systemd_preun systemd-journal-gatewayd.socket systemd-journal-gatewayd.service systemd-journal-remote.socket systemd-journal-remote.service systemd-journal-upload.service if [ $1 -eq 1 ] ; then if [ -f %{_localstatedir}/lib/systemd/journal-upload/state -a ! -L %{_localstatedir}/lib/systemd/journal-upload ] ; then mkdir -p %{_localstatedir}/lib/private/systemd/journal-upload @@ -831,9 +831,7 @@ if [ $1 -eq 1 ] ; then fi %postun journal-remote -%systemd_postun_with_restart systemd-journal-gatewayd.service -%systemd_postun_with_restart systemd-journal-remote.service -%systemd_postun_with_restart systemd-journal-upload.service +%systemd_postun_with_restart systemd-journal-gatewayd.service systemd-journal-remote.service systemd-journal-upload.service %firewalld_reload %pre networkd @@ -893,6 +891,21 @@ getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-net %files standalone-sysusers -f .file-list-standalone-sysusers %changelog +* Tue Feb 2 2021 Zbigniew Jędrzejewski-Szmek - 247.3-1 +- Minor stable release +- Fixes #1895937, #1813219, #1903106. + +* Wed Jan 27 2021 Fedora Release Engineering +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Jan 13 2021 Zbigniew Jędrzejewski-Szmek - 247.2-2 +- Fix bfq patch again (#1813219) + +* Wed Dec 23 2020 Jonathan Underwood - 247.2-2 +- Add patch to enable crypttab to support disabling of luks read and + write workqueues (corresponding to + https://github.com/systemd/systemd/pull/18062/). + * Wed Dec 16 2020 Zbigniew Jędrzejewski-Szmek - 247.2-1 - Minor stable release - Fixes #1908071. diff --git a/use-bfq-scheduler.patch b/use-bfq-scheduler.patch index be3905f..d0e6762 100644 --- a/use-bfq-scheduler.patch +++ b/use-bfq-scheduler.patch @@ -20,11 +20,12 @@ new file mode 100644 index 0000000000..480b941761 --- /dev/null +++ b/rules.d/60-block-scheduler.rules -@@ -0,0 +1,5 @@ +@@ -0,0 +1,6 @@ +# do not edit this file, it will be overwritten on update + +ACTION=="add", SUBSYSTEM=="block", \ + KERNEL=="mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|sd*[!0-9]|sr*", \ ++ ENV{DEVTYPE}=="disk", \ + ATTR{queue/scheduler}="bfq" diff --git a/rules.d/meson.build b/rules.d/meson.build index ca4445d774..38d6aa6970 100644