From 7410caa868e751c1e484bcb3d817805b63cb823d Mon Sep 17 00:00:00 2001 From: h30032433 Date: Wed, 6 Dec 2023 16:33:09 +0800 Subject: [PATCH] sync community patches --- ...me-in-hibernate-resume-generator-s-d.patch | 29 ++ ...g-StatusUnitFormat-from-config-files.patch | 53 +++ ...akage-of-ordering-dependencies-by-sy.patch | 138 ++++++++ ...urious-triggering-of-PathExists-on-r.patch | 67 ++++ ...-serialize-the-previous_exists-state.patch | 133 ++++++++ ...-generator-wait-infinitely-for-the-r.patch | 85 +++++ ...-not-drop-all-prefixes-when-a-prefix.patch | 113 +++++++ ...twork-udev-use-uint64_t-for-bit-rate.patch | 316 ++++++++++++++++++ ...-nspawn-fix-handling-of-console-help.patch | 86 +++++ backport-pstore-fix-use-after-free.patch | 35 ++ ...ore-rework-memory-handling-for-dmesg.patch | 134 ++++++++ ...ator-do-not-return-error-when-a-devi.patch | 43 +++ ...running-default-event-loops-in-any-o.patch | 44 +++ ...ix-error-codes-returned-by-install_c.patch | 28 ++ ...-condition-fix-group-check-condition.patch | 28 ++ ...til-also-use-32bit-hack-on-EOVERFLOW.patch | 30 ++ ...ith-systems-where-userspace-has-64bi.patch | 53 +++ backport-udev-also-logs-file-permission.patch | 27 ++ ...append-newline-when-write-attributes.patch | 32 ++ ...t-use-exact-match-of-file-permission.patch | 30 ++ ...ev-fix-error-code-in-the-log-message.patch | 28 ++ ...eak-caused-by-wrong-cleanup-function.patch | 28 ++ ...ENT-when-chmod_and_chown-device-node.patch | 27 ++ ...vadm-ignore-EROFS-and-return-earlier.patch | 35 ++ ...missing-initialization-of-descriptor.patch | 26 ++ ...e-error-message-during-exporting-dat.patch | 43 +++ ...r-do-not-propagate-EACCES-and-ENODEV.patch | 37 ++ backport-udevadm-use-usec_add.patch | 38 +++ ...-worker-in-manager_kill_workers-when.patch | 30 +- ...don-t-use-monitor-after-manager_exit.patch | 42 +++ ...t-for-workers-to-finish-when-exiting.patch | 110 ++++++ ...d-AF_ALG-to-systemd-networkd.service.patch | 28 ++ backport-verify-fix-segmentation-fault.patch | 60 ++++ systemd.spec | 71 +++- 34 files changed, 2092 insertions(+), 15 deletions(-) create mode 100644 backport-Fix-generator-name-in-hibernate-resume-generator-s-d.patch create mode 100644 backport-core-Fix-setting-StatusUnitFormat-from-config-files.patch create mode 100644 backport-core-job-fix-breakage-of-ordering-dependencies-by-sy.patch create mode 100644 backport-core-path-fix-spurious-triggering-of-PathExists-on-r.patch create mode 100755 backport-core-path-serialize-the-previous_exists-state.patch create mode 100644 backport-hibernate-resume-generator-wait-infinitely-for-the-r.patch create mode 100644 backport-network-ndisc-do-not-drop-all-prefixes-when-a-prefix.patch create mode 100644 backport-network-udev-use-uint64_t-for-bit-rate.patch create mode 100644 backport-nspawn-fix-handling-of-console-help.patch create mode 100644 backport-pstore-fix-use-after-free.patch create mode 100644 backport-pstore-rework-memory-handling-for-dmesg.patch create mode 100644 backport-sd-device-enumerator-do-not-return-error-when-a-devi.patch create mode 100644 backport-sd-event-refuse-running-default-event-loops-in-any-o.patch create mode 100644 backport-shared-install-fix-error-codes-returned-by-install_c.patch create mode 100644 backport-test-condition-fix-group-check-condition.patch create mode 100644 backport-time-util-also-use-32bit-hack-on-EOVERFLOW.patch create mode 100644 backport-time-util-deal-with-systems-where-userspace-has-64bi.patch create mode 100644 backport-udev-also-logs-file-permission.patch create mode 100644 backport-udev-do-not-append-newline-when-write-attributes.patch create mode 100644 backport-udev-do-not-use-exact-match-of-file-permission.patch create mode 100644 backport-udev-fix-error-code-in-the-log-message.patch create mode 100644 backport-udev-fix-memleak-caused-by-wrong-cleanup-function.patch create mode 100644 backport-udev-ignore-ENOENT-when-chmod_and_chown-device-node.patch create mode 100644 backport-udevadm-ignore-EROFS-and-return-earlier.patch create mode 100644 backport-udevadm-missing-initialization-of-descriptor.patch create mode 100644 backport-udevadm-show-more-error-message-during-exporting-dat.patch create mode 100644 backport-udevadm-trigger-do-not-propagate-EACCES-and-ENODEV.patch create mode 100644 backport-udevadm-use-usec_add.patch create mode 100644 backport-udevd-don-t-use-monitor-after-manager_exit.patch create mode 100644 backport-udevd-wait-for-workers-to-finish-when-exiting.patch create mode 100644 backport-unit-add-AF_ALG-to-systemd-networkd.service.patch create mode 100644 backport-verify-fix-segmentation-fault.patch diff --git a/backport-Fix-generator-name-in-hibernate-resume-generator-s-d.patch b/backport-Fix-generator-name-in-hibernate-resume-generator-s-d.patch new file mode 100644 index 0000000..1ad3e5b --- /dev/null +++ b/backport-Fix-generator-name-in-hibernate-resume-generator-s-d.patch @@ -0,0 +1,29 @@ +From 90198bcbea9288b452843f19c445a8c49a7ee9ba Mon Sep 17 00:00:00 2001 +From: nabijaczleweli +Date: Mon, 3 Feb 2020 19:31:57 +0100 +Subject: [PATCH 1595/1760] Fix generator name in hibernate-resume-generator's + drop-in + +Introduced in ff757c9d294153a26a9dd2d9817d1985656f3002 +Reference: https://github.com/systemd/systemd/commit/90198bcbea9288b452843f19c445a8c49a7ee9ba +Conflict: NA +--- + src/hibernate-resume/hibernate-resume-generator.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/hibernate-resume/hibernate-resume-generator.c b/src/hibernate-resume/hibernate-resume-generator.c +index 5e40933..95af8ef 100644 +--- a/src/hibernate-resume/hibernate-resume-generator.c ++++ b/src/hibernate-resume/hibernate-resume-generator.c +@@ -93,7 +93,7 @@ static int process_resume(void) { + return log_error_errno(r, "Failed to generate unit name: %m"); + + r = write_drop_in(arg_dest, device_unit, 40, "device-timeout", +- "# Automatically generated by systemd-cryptsetup-generator\n\n" ++ "# Automatically generated by systemd-hibernate-resume-generator\n\n" + "[Unit]\nJobTimeoutSec=0"); + if (r < 0) + log_warning_errno(r, "Failed to write device timeout drop-in: %m"); +-- +1.8.3.1 + diff --git a/backport-core-Fix-setting-StatusUnitFormat-from-config-files.patch b/backport-core-Fix-setting-StatusUnitFormat-from-config-files.patch new file mode 100644 index 0000000..7251373 --- /dev/null +++ b/backport-core-Fix-setting-StatusUnitFormat-from-config-files.patch @@ -0,0 +1,53 @@ +From 6327aa9f6c5701e44541e685c6bf44d3a8c40f50 Mon Sep 17 00:00:00 2001 +From: Maciej Stanczew +Date: Mon, 16 Sep 2019 02:09:35 +0200 +Subject: [PATCH 0139/1760] core: Fix setting StatusUnitFormat from config + files + +Reference: https://github.com/systemd/systemd/commit/6327aa9f6c5701e44541e685c6bf44d3a8c40f50 +Conflict: NA +--- + src/core/load-fragment.c | 1 + + src/core/load-fragment.h | 1 + + src/core/main.c | 1 - + 3 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c +index a7951a5..56cad2f 100644 +--- a/src/core/load-fragment.c ++++ b/src/core/load-fragment.c +@@ -133,6 +133,7 @@ DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight, cg_weight_parse, uint64_t, "Inva + DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares, cg_cpu_shares_parse, uint64_t, "Invalid CPU shares"); + DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags, mount_propagation_flags_from_string, unsigned long, "Failed to parse mount flag"); + DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_numa_policy, mpol, int, -1, "Invalid NUMA policy type"); ++DEFINE_CONFIG_PARSE_ENUM(config_parse_status_unit_format, status_unit_format, StatusUnitFormat, "Failed to parse status unit format"); + + int config_parse_unit_deps( + const char *unit, +diff --git a/src/core/load-fragment.h b/src/core/load-fragment.h +index 664643f..1183987 100644 +--- a/src/core/load-fragment.h ++++ b/src/core/load-fragment.h +@@ -117,6 +117,7 @@ CONFIG_PARSER_PROTOTYPE(config_parse_numa_mask); + CONFIG_PARSER_PROTOTYPE(config_parse_ip_filter_bpf_progs); + CONFIG_PARSER_PROTOTYPE(config_parse_cpu_affinity2); + CONFIG_PARSER_PROTOTYPE(config_parse_show_status); ++CONFIG_PARSER_PROTOTYPE(config_parse_status_unit_format); + CONFIG_PARSER_PROTOTYPE(config_parse_output_restricted); + CONFIG_PARSER_PROTOTYPE(config_parse_crash_chvt); + CONFIG_PARSER_PROTOTYPE(config_parse_timeout_abort); +diff --git a/src/core/main.c b/src/core/main.c +index bcce717..4633184 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -538,7 +538,6 @@ DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level"); + DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target"); + DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" ); + DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location"); +-DEFINE_SETTER(config_parse_status_unit_format, status_unit_format_from_string, "value"); + + static int parse_config_file(void) { + +-- +1.8.3.1 + diff --git a/backport-core-job-fix-breakage-of-ordering-dependencies-by-sy.patch b/backport-core-job-fix-breakage-of-ordering-dependencies-by-sy.patch new file mode 100644 index 0000000..8f1bc87 --- /dev/null +++ b/backport-core-job-fix-breakage-of-ordering-dependencies-by-sy.patch @@ -0,0 +1,138 @@ +From d1559793df555212271e490a4a72f55826caf5b4 Mon Sep 17 00:00:00 2001 +From: HATAYAMA Daisuke +Date: Mon, 28 Oct 2019 19:35:24 +0900 +Subject: [PATCH] core, job: fix breakage of ordering dependencies by systemctl + reload command + +Currently, systemctl reload command breaks ordering dependencies if it's +executed when its target service unit is in activating state. + +For example, prepare A.service, B.service and C.target as follows: + + # systemctl cat A.service B.service C.target + # /etc/systemd/system/A.service + [Unit] + Description=A + + [Service] + Type=oneshot + ExecStart=/usr/bin/echo A1 + ExecStart=/usr/bin/sleep 60 + ExecStart=/usr/bin/echo A2 + ExecReload=/usr/bin/echo A reloaded + RemainAfterExit=yes + + # /etc/systemd/system/B.service + [Unit] + Description=B + After=A.service + + [Service] + Type=oneshot + ExecStart=/usr/bin/echo B + RemainAfterExit=yes + + # /etc/systemd/system/C.target + [Unit] + Description=C + Wants=A.service B.service + +Start them. + + # systemctl daemon-reload + # systemctl start C.target + +Then, we have: + + # LANG=C journalctl --no-pager -u A.service -u B.service -u C.target -b + -- Logs begin at Mon 2019-09-09 00:25:06 EDT, end at Thu 2019-10-24 22:28:47 EDT. -- + Oct 24 22:27:47 localhost.localdomain systemd[1]: Starting A... + Oct 24 22:27:47 localhost.localdomain systemd[1]: A.service: Child 967 belongs to A.service. + Oct 24 22:27:47 localhost.localdomain systemd[1]: A.service: Main process exited, code=exited, status=0/SUCCESS + Oct 24 22:27:47 localhost.localdomain systemd[1]: A.service: Running next main command for state start. + Oct 24 22:27:47 localhost.localdomain systemd[1]: A.service: Passing 0 fds to service + Oct 24 22:27:47 localhost.localdomain systemd[1]: A.service: About to execute: /usr/bin/sleep 60 + Oct 24 22:27:47 localhost.localdomain systemd[1]: A.service: Forked /usr/bin/sleep as 968 + Oct 24 22:27:47 localhost.localdomain systemd[968]: A.service: Executing: /usr/bin/sleep 60 + Oct 24 22:27:52 localhost.localdomain systemd[1]: A.service: Trying to enqueue job A.service/reload/replace + Oct 24 22:27:52 localhost.localdomain systemd[1]: A.service: Merged into running job, re-running: A.service/reload as 1288 + Oct 24 22:27:52 localhost.localdomain systemd[1]: A.service: Enqueued job A.service/reload as 1288 + Oct 24 22:27:52 localhost.localdomain systemd[1]: A.service: Unit cannot be reloaded because it is inactive. + Oct 24 22:27:52 localhost.localdomain systemd[1]: A.service: Job 1288 A.service/reload finished, result=invalid + Oct 24 22:27:52 localhost.localdomain systemd[1]: B.service: Passing 0 fds to service + Oct 24 22:27:52 localhost.localdomain systemd[1]: B.service: About to execute: /usr/bin/echo B + Oct 24 22:27:52 localhost.localdomain systemd[1]: B.service: Forked /usr/bin/echo as 970 + Oct 24 22:27:52 localhost.localdomain systemd[970]: B.service: Executing: /usr/bin/echo B + Oct 24 22:27:52 localhost.localdomain systemd[1]: B.service: Failed to send unit change signal for B.service: Connection reset by peer + Oct 24 22:27:52 localhost.localdomain systemd[1]: B.service: Changed dead -> start + Oct 24 22:27:52 localhost.localdomain systemd[1]: Starting B... + Oct 24 22:27:52 localhost.localdomain echo[970]: B + Oct 24 22:27:52 localhost.localdomain systemd[1]: B.service: Child 970 belongs to B.service. + Oct 24 22:27:52 localhost.localdomain systemd[1]: B.service: Main process exited, code=exited, status=0/SUCCESS + Oct 24 22:27:52 localhost.localdomain systemd[1]: B.service: Changed start -> exited + Oct 24 22:27:52 localhost.localdomain systemd[1]: B.service: Job 1371 B.service/start finished, result=done + Oct 24 22:27:52 localhost.localdomain systemd[1]: Started B. + Oct 24 22:27:52 localhost.localdomain systemd[1]: C.target: Job 1287 C.target/start finished, result=done + Oct 24 22:27:52 localhost.localdomain systemd[1]: Reached target C. + Oct 24 22:27:52 localhost.localdomain systemd[1]: C.target: Failed to send unit change signal for C.target: Connection reset by peer + Oct 24 22:28:47 localhost.localdomain systemd[1]: A.service: Child 968 belongs to A.service. + Oct 24 22:28:47 localhost.localdomain systemd[1]: A.service: Main process exited, code=exited, status=0/SUCCESS + Oct 24 22:28:47 localhost.localdomain systemd[1]: A.service: Running next main command for state start. + Oct 24 22:28:47 localhost.localdomain systemd[1]: A.service: Passing 0 fds to service + Oct 24 22:28:47 localhost.localdomain systemd[1]: A.service: About to execute: /usr/bin/echo A2 + Oct 24 22:28:47 localhost.localdomain systemd[1]: A.service: Forked /usr/bin/echo as 972 + Oct 24 22:28:47 localhost.localdomain systemd[972]: A.service: Executing: /usr/bin/echo A2 + Oct 24 22:28:47 localhost.localdomain echo[972]: A2 + Oct 24 22:28:47 localhost.localdomain systemd[1]: A.service: Child 972 belongs to A.service. + Oct 24 22:28:47 localhost.localdomain systemd[1]: A.service: Main process exited, code=exited, status=0/SUCCESS + Oct 24 22:28:47 localhost.localdomain systemd[1]: A.service: Changed start -> exited + +The issue occurs not only in reload command, i.e.: + + - reload + - try-restart + - reload-or-restart + - reload-or-try-restart commands + +The cause of this issue is that job_type_collapse() doesn't take care of the +activating state. + +Fixes: #10464 +Reference: https://github.com/systemd/systemd/commit/d1559793df555212271e490a4a72f55826caf5b4 +Conflict: NA +--- + src/core/job.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/core/job.c b/src/core/job.c +index 9537366eb9..c5c0651304 100644 +--- a/src/core/job.c ++++ b/src/core/job.c +@@ -418,21 +418,21 @@ JobType job_type_collapse(JobType t, Unit *u) { + + case JOB_TRY_RESTART: + s = unit_active_state(u); +- if (UNIT_IS_INACTIVE_OR_DEACTIVATING(s)) ++ if (!UNIT_IS_ACTIVE_OR_RELOADING(s)) + return JOB_NOP; + + return JOB_RESTART; + + case JOB_TRY_RELOAD: + s = unit_active_state(u); +- if (UNIT_IS_INACTIVE_OR_DEACTIVATING(s)) ++ if (!UNIT_IS_ACTIVE_OR_RELOADING(s)) + return JOB_NOP; + + return JOB_RELOAD; + + case JOB_RELOAD_OR_START: + s = unit_active_state(u); +- if (UNIT_IS_INACTIVE_OR_DEACTIVATING(s)) ++ if (!UNIT_IS_ACTIVE_OR_RELOADING(s)) + return JOB_START; + + return JOB_RELOAD; +-- +2.23.0 + diff --git a/backport-core-path-fix-spurious-triggering-of-PathExists-on-r.patch b/backport-core-path-fix-spurious-triggering-of-PathExists-on-r.patch new file mode 100644 index 0000000..fa8966a --- /dev/null +++ b/backport-core-path-fix-spurious-triggering-of-PathExists-on-r.patch @@ -0,0 +1,67 @@ +From d7cf8c24d4ef6ed4c9d711ee82ba57a529baad34 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Mon, 18 Nov 2019 14:20:05 +0100 +Subject: [PATCH 0644/1760] core/path: fix spurious triggering of PathExists= + on restart/reload + +Our handling of the condition was inconsistent. Normally, we'd only fire when +the file was created (or removed and subsequently created again). But on restarts, +we'd do a "recheck" from path_coldplug(), and if the file existed, we'd +always trigger. Daemon restarts and reloads should not be observeable, in +the sense that they should not trigger units which were already triggered and +would not be started again under normal circumstances. + +Note that the mechanism for checks is racy: we get a notification from inotify, +and by the time we check, the file could have been created and removed again, +or removed and created again. It would be better if we inotify would give as +an unambiguous signal that the file was created, but it doesn't: IN_DELETE_SELF +triggers on inode removal, not directory entry, so we need to include IN_ATTRIB, +which obviously triggers on other conditions. + +Fixes #12801. +Reference: https://github.com/systemd/systemd/commit/d7cf8c24d4ef6ed4c9d711ee82ba57a529baad34 +Conflict: NA +--- + src/core/path.c | 11 +++++------ + 1 file changed, 5 insertions(+), 6 deletions(-) + +diff --git a/src/core/path.c b/src/core/path.c +index ed3a013..1491a07 100644 +--- a/src/core/path.c ++++ b/src/core/path.c +@@ -175,12 +175,14 @@ int path_spec_fd_event(PathSpec *s, uint32_t revents) { + } + + static bool path_spec_check_good(PathSpec *s, bool initial) { +- bool good = false; ++ bool b, good = false; + + switch (s->type) { + + case PATH_EXISTS: +- good = access(s->path, F_OK) >= 0; ++ b = access(s->path, F_OK) >= 0; ++ good = b && !s->previous_exists; ++ s->previous_exists = b; + break; + + case PATH_EXISTS_GLOB: +@@ -196,14 +198,11 @@ static bool path_spec_check_good(PathSpec *s, bool initial) { + } + + case PATH_CHANGED: +- case PATH_MODIFIED: { +- bool b; +- ++ case PATH_MODIFIED: + b = access(s->path, F_OK) >= 0; + good = !initial && b != s->previous_exists; + s->previous_exists = b; + break; +- } + + default: + ; +-- +1.8.3.1 + diff --git a/backport-core-path-serialize-the-previous_exists-state.patch b/backport-core-path-serialize-the-previous_exists-state.patch new file mode 100755 index 0000000..02d537a --- /dev/null +++ b/backport-core-path-serialize-the-previous_exists-state.patch @@ -0,0 +1,133 @@ +From 7a16cd4b05cc3e975d90aee72ed9d77ada22a093 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Mon, 18 Nov 2019 14:13:05 +0100 +Subject: [PATCH 0643/1760] core/path: serialize the previous_exists state + +Without that we are prone to generate spurious events after daemon +reload/restart. +Reference: https://github.com/systemd/systemd/commit/7a16cd4b05cc3e975d90aee72ed9d77ada22a093 +Conflict: NA +--- + src/core/path.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++---- + 1 file changed, 51 insertions(+), 4 deletions(-) + +diff --git a/src/core/path.c b/src/core/path.c +index dff551f..ed3a013 100644 +--- a/src/core/path.c ++++ b/src/core/path.c +@@ -9,12 +9,14 @@ + #include "bus-util.h" + #include "dbus-path.h" + #include "dbus-unit.h" ++#include "escape.h" + #include "fd-util.h" + #include "fs-util.h" + #include "glob-util.h" + #include "macro.h" + #include "mkdir.h" + #include "path.h" ++#include "path-util.h" + #include "serialize.h" + #include "special.h" + #include "stat-util.h" +@@ -27,19 +29,18 @@ static const UnitActiveState state_translation_table[_PATH_STATE_MAX] = { + [PATH_DEAD] = UNIT_INACTIVE, + [PATH_WAITING] = UNIT_ACTIVE, + [PATH_RUNNING] = UNIT_ACTIVE, +- [PATH_FAILED] = UNIT_FAILED ++ [PATH_FAILED] = UNIT_FAILED, + }; + + static int path_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata); + + int path_spec_watch(PathSpec *s, sd_event_io_handler_t handler) { +- + static const int flags_table[_PATH_TYPE_MAX] = { + [PATH_EXISTS] = IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB, + [PATH_EXISTS_GLOB] = IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB, + [PATH_CHANGED] = IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB|IN_CLOSE_WRITE|IN_CREATE|IN_DELETE|IN_MOVED_FROM|IN_MOVED_TO, + [PATH_MODIFIED] = IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB|IN_CLOSE_WRITE|IN_CREATE|IN_DELETE|IN_MOVED_FROM|IN_MOVED_TO|IN_MODIFY, +- [PATH_DIRECTORY_NOT_EMPTY] = IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB|IN_CREATE|IN_MOVED_TO ++ [PATH_DIRECTORY_NOT_EMPTY] = IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB|IN_CREATE|IN_MOVED_TO, + }; + + bool exists = false; +@@ -601,6 +602,7 @@ static int path_stop(Unit *u) { + + static int path_serialize(Unit *u, FILE *f, FDSet *fds) { + Path *p = PATH(u); ++ PathSpec *s; + + assert(u); + assert(f); +@@ -609,6 +611,19 @@ static int path_serialize(Unit *u, FILE *f, FDSet *fds) { + (void) serialize_item(f, "state", path_state_to_string(p->state)); + (void) serialize_item(f, "result", path_result_to_string(p->result)); + ++ LIST_FOREACH(spec, s, p->specs) { ++ _cleanup_free_ char *escaped = NULL; ++ ++ escaped = cescape(s->path); ++ if (!escaped) ++ return log_oom(); ++ ++ (void) serialize_item_format(f, "path-spec", "%s %i %s", ++ path_type_to_string(s->type), ++ s->previous_exists, ++ s->path); ++ } ++ + return 0; + } + +@@ -638,6 +653,38 @@ static int path_deserialize_item(Unit *u, const char *key, const char *value, FD + else if (f != PATH_SUCCESS) + p->result = f; + ++ } else if (streq(key, "path-spec")) { ++ int previous_exists, skip = 0, r; ++ _cleanup_free_ char *type_str = NULL; ++ ++ if (sscanf(value, "%ms %i %n", &type_str, &previous_exists, &skip) < 2) ++ log_unit_debug(u, "Failed to parse path-spec value: %s", value); ++ else { ++ _cleanup_free_ char *unescaped = NULL; ++ PathType type; ++ PathSpec *s; ++ ++ type = path_type_from_string(type_str); ++ if (type < 0) { ++ log_unit_warning(u, "Unknown path type \"%s\", ignoring.", type_str); ++ return 0; ++ } ++ ++ r = cunescape(value+skip, 0, &unescaped); ++ if (r < 0) { ++ log_unit_warning_errno(u, r, "Failed to unescape serialize path: %m"); ++ return 0; ++ } ++ ++ LIST_FOREACH(spec, s, p->specs) ++ if (s->type == type && ++ path_equal(s->path, unescaped)) { ++ ++ s->previous_exists = previous_exists; ++ break; ++ } ++ } ++ + } else + log_unit_debug(u, "Unknown serialization key: %s", key); + +@@ -670,7 +717,7 @@ static int path_dispatch_io(sd_event_source *source, int fd, uint32_t revents, v + if (!IN_SET(p->state, PATH_WAITING, PATH_RUNNING)) + return 0; + +- /* log_debug("inotify wakeup on %s.", u->id); */ ++ /* log_debug("inotify wakeup on %s.", UNIT(p)->id); */ + + LIST_FOREACH(spec, s, p->specs) + if (path_spec_owns_inotify_fd(s, fd)) +-- +1.8.3.1 + diff --git a/backport-hibernate-resume-generator-wait-infinitely-for-the-r.patch b/backport-hibernate-resume-generator-wait-infinitely-for-the-r.patch new file mode 100644 index 0000000..b0a155b --- /dev/null +++ b/backport-hibernate-resume-generator-wait-infinitely-for-the-r.patch @@ -0,0 +1,85 @@ +From ff757c9d294153a26a9dd2d9817d1985656f3002 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 3 Dec 2019 17:04:26 +0100 +Subject: [PATCH 0845/1760] hibernate-resume-generator: wait "infinitely" for + the resume device + +This makes changes similar to the parent commit, but for hibernate-resume-generator. +If resume= is specified on the kernel command line, we'll set JobRunningTimeoutSec=0 +for the device. This matches what we do for the root device. + +In practice, other timeouts will take effect. For example dracut tries (and +fails :[ ) to start dracut-emergency.service after some time. + +Fixes #7242, https://bugzilla.redhat.com/show_bug.cgi?id=1705522. +Reference: https://github.com/systemd/systemd/commit/ff757c9d294153a26a9dd2d9817d1985656f3002 +Conflict: NA +--- + src/hibernate-resume/hibernate-resume-generator.c | 28 +++++++++++++++-------- + 1 file changed, 19 insertions(+), 9 deletions(-) + +diff --git a/src/hibernate-resume/hibernate-resume-generator.c b/src/hibernate-resume/hibernate-resume-generator.c +index 3f49f56..5e40933 100644 +--- a/src/hibernate-resume/hibernate-resume-generator.c ++++ b/src/hibernate-resume/hibernate-resume-generator.c +@@ -5,6 +5,7 @@ + #include + + #include "alloc-util.h" ++#include "dropin.h" + #include "fstab-util.h" + #include "generator.h" + #include "log.h" +@@ -68,18 +69,18 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat + } + + static int process_resume(void) { +- _cleanup_free_ char *name = NULL, *lnk = NULL; +- const char *opts; ++ _cleanup_free_ char *service_unit = NULL, *device_unit = NULL, *lnk = NULL; + int r; + + if (!arg_resume_device) + return 0; + +- r = unit_name_from_path_instance("systemd-hibernate-resume", arg_resume_device, ".service", &name); ++ r = unit_name_from_path_instance("systemd-hibernate-resume", arg_resume_device, ".service", ++ &service_unit); + if (r < 0) + return log_error_errno(r, "Failed to generate unit name: %m"); + +- lnk = strjoin(arg_dest, "/" SPECIAL_SYSINIT_TARGET ".wants/", name); ++ lnk = strjoin(arg_dest, "/" SPECIAL_SYSINIT_TARGET ".wants/", service_unit); + if (!lnk) + return log_oom(); + +@@ -87,12 +88,21 @@ static int process_resume(void) { + if (symlink(SYSTEM_DATA_UNIT_PATH "/systemd-hibernate-resume@.service", lnk) < 0) + return log_error_errno(errno, "Failed to create symlink %s: %m", lnk); + +- if (arg_resume_options) +- opts = arg_resume_options; +- else +- opts = arg_root_options; ++ r = unit_name_from_path(arg_resume_device, ".device", &device_unit); ++ if (r < 0) ++ return log_error_errno(r, "Failed to generate unit name: %m"); ++ ++ r = write_drop_in(arg_dest, device_unit, 40, "device-timeout", ++ "# Automatically generated by systemd-cryptsetup-generator\n\n" ++ "[Unit]\nJobTimeoutSec=0"); ++ if (r < 0) ++ log_warning_errno(r, "Failed to write device timeout drop-in: %m"); + +- r = generator_write_timeouts(arg_dest, arg_resume_device, arg_resume_device, opts, NULL); ++ r = generator_write_timeouts(arg_dest, ++ arg_resume_device, ++ arg_resume_device, ++ arg_resume_options ?: arg_root_options, ++ NULL); + if (r < 0) + return r; + +-- +1.8.3.1 + diff --git a/backport-network-ndisc-do-not-drop-all-prefixes-when-a-prefix.patch b/backport-network-ndisc-do-not-drop-all-prefixes-when-a-prefix.patch new file mode 100644 index 0000000..e63259a --- /dev/null +++ b/backport-network-ndisc-do-not-drop-all-prefixes-when-a-prefix.patch @@ -0,0 +1,113 @@ +From 55d3fdcf5e9f6ceb9fc1a5f93120305f20abf690 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 14 Oct 2019 02:00:47 +0900 +Subject: [PATCH] network: ndisc: do not drop all prefixes when a prefix + matches a blacklist + +Fixes #13767. +Reference: https://github.com/systemd/systemd/commit/55d3fdcf5e9f6ceb9fc1a5f93120305f20abf690 +Conflict: NA +--- + src/network/networkd-ndisc.c | 63 +++++++++++------------------------- + 1 file changed, 19 insertions(+), 44 deletions(-) + +diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c +index 49ef022e32..402d1acd4b 100644 +--- a/src/network/networkd-ndisc.c ++++ b/src/network/networkd-ndisc.c +@@ -546,6 +546,7 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) { + int r; + + assert(link); ++ assert(link->network); + assert(rt); + + r = sd_ndisc_router_option_rewind(rt); +@@ -564,8 +565,24 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) { + switch (type) { + + case SD_NDISC_OPTION_PREFIX_INFORMATION: { ++ union in_addr_union a; + uint8_t flags; + ++ r = sd_ndisc_router_prefix_get_address(rt, &a.in6); ++ if (r < 0) ++ return log_link_error_errno(link, r, "Failed to get prefix address: %m"); ++ ++ if (set_contains(link->network->ndisc_black_listed_prefix, &a.in6)) { ++ if (DEBUG_LOGGING) { ++ _cleanup_free_ char *b = NULL; ++ ++ (void) in_addr_to_string(AF_INET6, &a, &b); ++ log_link_debug(link, "Prefix '%s' is black listed, ignoring", strna(b)); ++ } ++ ++ break; ++ } ++ + r = sd_ndisc_router_prefix_get_flags(rt, &flags); + if (r < 0) + return log_link_warning_errno(link, r, "Failed to get RA prefix flags: %m"); +@@ -602,46 +619,6 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) { + return 0; + } + +-static int ndisc_prefix_is_black_listed(Link *link, sd_ndisc_router *rt) { +- int r; +- +- assert(link); +- assert(link->network); +- assert(rt); +- +- for (r = sd_ndisc_router_option_rewind(rt); ; r = sd_ndisc_router_option_next(rt)) { +- union in_addr_union a; +- uint8_t type; +- +- if (r < 0) +- return log_link_warning_errno(link, r, "Failed to iterate through options: %m"); +- if (r == 0) /* EOF */ +- return false; +- +- r = sd_ndisc_router_option_get_type(rt, &type); +- if (r < 0) +- return log_link_warning_errno(link, r, "Failed to get RA option type: %m"); +- +- if (type != SD_NDISC_OPTION_PREFIX_INFORMATION) +- continue; +- +- r = sd_ndisc_router_prefix_get_address(rt, &a.in6); +- if (r < 0) +- return log_link_error_errno(link, r, "Failed to get prefix address: %m"); +- +- if (set_contains(link->network->ndisc_black_listed_prefix, &a.in6)) { +- if (DEBUG_LOGGING) { +- _cleanup_free_ char *b = NULL; +- +- (void) in_addr_to_string(AF_INET6, &a, &b); +- log_link_debug(link, "Prefix '%s' is black listed, ignoring", strna(b)); +- } +- +- return true; +- } +- } +-} +- + static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) { + uint64_t flags; + int r; +@@ -666,10 +643,8 @@ static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) { + } + } + +- if (ndisc_prefix_is_black_listed(link, rt) == 0) { +- (void) ndisc_router_process_default(link, rt); +- (void) ndisc_router_process_options(link, rt); +- } ++ (void) ndisc_router_process_default(link, rt); ++ (void) ndisc_router_process_options(link, rt); + + return r; + } +-- +2.23.0 + diff --git a/backport-network-udev-use-uint64_t-for-bit-rate.patch b/backport-network-udev-use-uint64_t-for-bit-rate.patch new file mode 100644 index 0000000..d452af5 --- /dev/null +++ b/backport-network-udev-use-uint64_t-for-bit-rate.patch @@ -0,0 +1,316 @@ +From 502991215726347b2b3b0dfcee29c66e4038c888 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 21 Jan 2020 20:06:40 +0900 +Subject: [PATCH 1413/1760] network,udev: use uint64_t for bit rate + +Fixes #14620. + +This patch has been modified to fit current code. The related files of +this modification, reasons, and urls. +src/network/networkctl.c + systemd use table_set_width(table, 0) if --full is specified. systemd defined table_log_add_error(). + https://github.com/systemd/systemd/pull/14538/commits/bd17fa8cd870bc403e698fafa5ac0bd6dc4af901 +src/shared/ethtool-util.c + Rename *fd to *ethtool_fd when refactoring. + https://github.com/systemd/systemd/pull/14523/commits/64be35ab02c6f9c70355bd1ace9ffbc4c3fa901f +src/shared/ethtool-util.h + Rename *fd to *ethtool_fd when refactoring. + https://github.com/systemd/systemd/pull/14523/commits/64be35ab02c6f9c70355bd1ace9ffbc4c3fa901f +src/udev/net/link-config-gperf.gperf + udev introduce AlternativeNamesPolicy= setting. the table's width is was changed. + https://github.com/systemd/systemd/pull/14360/commits/ef1d2c07f9567dfea8a4e012d8779a4ded2d9ae6 +src/udev/net/link-config.c + network, udev: support permanent mac address. + https://github.com/systemd/systemd/pull/14448/commits/4bb7cc828706348de3efce7368c14fc994cebb20 +src/udev/net/link-config.h + network, udev: add altname support. + https://github.com/systemd/systemd/pull/14350/commits/a5053a158b43c5ddee90f4915b9fc603e0191d6d +Reference: https://github.com/systemd/systemd/commit/502991215726347b2b3b0dfcee29c66e4038c888 +Conflict: NA +--- + src/core/load-fragment.c | 2 +- + src/network/networkctl.c | 4 +-- + src/network/networkd-can.c | 2 +- + src/network/networkd-network-gperf.gperf | 2 +- + src/network/networkd-network.h | 2 +- + src/shared/conf-parser.c | 10 +++----- + src/shared/conf-parser.h | 2 +- + src/shared/ethtool-util.c | 4 +-- + src/shared/ethtool-util.h | 4 +-- + src/test/test-conf-parser.c | 32 ++++++++++++------------ + src/udev/net/link-config-gperf.gperf | 2 +- + src/udev/net/link-config.c | 3 --- + src/udev/net/link-config.h | 2 +- + 13 files changed, 32 insertions(+), 39 deletions(-) + +diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c +index 6c24ed3..617613b 100644 +--- a/src/core/load-fragment.c ++++ b/src/core/load-fragment.c +@@ -4895,7 +4895,7 @@ void unit_dump_config_items(FILE *f) { + { config_parse_unsigned, "UNSIGNED" }, + { config_parse_iec_size, "SIZE" }, + { config_parse_iec_uint64, "SIZE" }, +- { config_parse_si_size, "SIZE" }, ++ { config_parse_si_uint64, "SIZE" }, + { config_parse_bool, "BOOLEAN" }, + { config_parse_string, "STRING" }, + { config_parse_path, "PATH" }, +diff --git a/src/network/networkctl.c b/src/network/networkctl.c +index 3100a2e..93227b4 100644 +--- a/src/network/networkctl.c ++++ b/src/network/networkctl.c +@@ -155,7 +155,7 @@ typedef struct LinkInfo { + + /* ethtool info */ + int autonegotiation; +- size_t speed; ++ uint64_t speed; + Duplex duplex; + NetDevPort port; + +@@ -1275,7 +1275,7 @@ static int link_status_one( + r = table_add_many(table, + TABLE_EMPTY, + TABLE_STRING, "Speed:", +- TABLE_BPS, (uint64_t) info->speed); ++ TABLE_BPS, info->speed); + if (r < 0) + return r; + } +diff --git a/src/network/networkd-can.c b/src/network/networkd-can.c +index 5755df5..c3ad430 100644 +--- a/src/network/networkd-can.c ++++ b/src/network/networkd-can.c +@@ -101,7 +101,7 @@ static int link_set_can(Link *link) { + }; + + if (link->network->can_bitrate > UINT32_MAX) { +- log_link_error(link, "bitrate (%zu) too big.", link->network->can_bitrate); ++ log_link_error(link, "bitrate (%" PRIu64 ") too big.", link->network->can_bitrate); + return -ERANGE; + } + +diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf +index 43163a3..e54c9b8 100644 +--- a/src/network/networkd-network-gperf.gperf ++++ b/src/network/networkd-network-gperf.gperf +@@ -225,7 +225,7 @@ IPv6Prefix.ValidLifetimeSec, config_parse_prefix_lifetime, + IPv6Prefix.PreferredLifetimeSec, config_parse_prefix_lifetime, 0, 0 + IPv6RoutePrefix.Route, config_parse_route_prefix, 0, 0 + IPv6RoutePrefix.LifetimeSec, config_parse_route_prefix_lifetime, 0, 0 +-CAN.BitRate, config_parse_si_size, 0, offsetof(Network, can_bitrate) ++CAN.BitRate, config_parse_si_uint64, 0, offsetof(Network, can_bitrate) + CAN.SamplePoint, config_parse_permille, 0, offsetof(Network, can_sample_point) + CAN.RestartSec, config_parse_sec, 0, offsetof(Network, can_restart_us) + CAN.TripleSampling, config_parse_tristate, 0, offsetof(Network, can_triple_sampling) +diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h +index 486b8c3..84f691e 100644 +--- a/src/network/networkd-network.h ++++ b/src/network/networkd-network.h +@@ -166,7 +166,7 @@ struct Network { + uint32_t br_untagged_bitmap[BRIDGE_VLAN_BITMAP_LEN]; + + /* CAN support */ +- size_t can_bitrate; ++ uint64_t can_bitrate; + unsigned can_sample_point; + usec_t can_restart_us; + int can_triple_sampling; +diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c +index 4079208..7b8a286 100644 +--- a/src/shared/conf-parser.c ++++ b/src/shared/conf-parser.c +@@ -545,7 +545,7 @@ int config_parse_iec_size(const char* unit, + return 0; + } + +-int config_parse_si_size( ++int config_parse_si_uint64( + const char* unit, + const char *filename, + unsigned line, +@@ -557,8 +557,7 @@ int config_parse_si_size( + void *data, + void *userdata) { + +- size_t *sz = data; +- uint64_t v; ++ uint64_t *sz = data; + int r; + + assert(filename); +@@ -566,15 +565,12 @@ int config_parse_si_size( + assert(rvalue); + assert(data); + +- r = parse_size(rvalue, 1000, &v); +- if (r >= 0 && (uint64_t) (size_t) v != v) +- r = -ERANGE; ++ r = parse_size(rvalue, 1000, sz); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse size value '%s', ignoring: %m", rvalue); + return 0; + } + +- *sz = (size_t) v; + return 0; + } + +diff --git a/src/shared/conf-parser.h b/src/shared/conf-parser.h +index 04c68b1..1a83e22 100644 +--- a/src/shared/conf-parser.h ++++ b/src/shared/conf-parser.h +@@ -119,7 +119,7 @@ CONFIG_PARSER_PROTOTYPE(config_parse_uint32); + CONFIG_PARSER_PROTOTYPE(config_parse_uint64); + CONFIG_PARSER_PROTOTYPE(config_parse_double); + CONFIG_PARSER_PROTOTYPE(config_parse_iec_size); +-CONFIG_PARSER_PROTOTYPE(config_parse_si_size); ++CONFIG_PARSER_PROTOTYPE(config_parse_si_uint64); + CONFIG_PARSER_PROTOTYPE(config_parse_iec_uint64); + CONFIG_PARSER_PROTOTYPE(config_parse_bool); + CONFIG_PARSER_PROTOTYPE(config_parse_tristate); +diff --git a/src/shared/ethtool-util.c b/src/shared/ethtool-util.c +index b0961df..38d68b0 100644 +--- a/src/shared/ethtool-util.c ++++ b/src/shared/ethtool-util.c +@@ -176,7 +176,7 @@ int ethtool_get_driver(int *fd, const char *ifname, char **ret) { + } + + int ethtool_get_link_info(int *fd, const char *ifname, +- int *ret_autonegotiation, size_t *ret_speed, ++ int *ret_autonegotiation, uint64_t *ret_speed, + Duplex *ret_duplex, NetDevPort *ret_port) { + struct ethtool_cmd ecmd = { + .cmd = ETHTOOL_GSET, +@@ -645,7 +645,7 @@ int ethtool_set_glinksettings( + const char *ifname, + int autonegotiation, + uint32_t advertise[static N_ADVERTISE], +- size_t speed, ++ uint64_t speed, + Duplex duplex, + NetDevPort port) { + _cleanup_free_ struct ethtool_link_usettings *u = NULL; +diff --git a/src/shared/ethtool-util.h b/src/shared/ethtool-util.h +index 8b32b24..4ea08d1 100644 +--- a/src/shared/ethtool-util.h ++++ b/src/shared/ethtool-util.h +@@ -81,14 +81,14 @@ typedef struct netdev_channels { + + int ethtool_get_driver(int *fd, const char *ifname, char **ret); + int ethtool_get_link_info(int *fd, const char *ifname, +- int *ret_autonegotiation, size_t *ret_speed, ++ int *ret_autonegotiation, uint64_t *ret_speed, + Duplex *ret_duplex, NetDevPort *ret_port); + int ethtool_set_speed(int *fd, const char *ifname, unsigned speed, Duplex duplex); + int ethtool_set_wol(int *fd, const char *ifname, WakeOnLan wol); + int ethtool_set_features(int *fd, const char *ifname, int *features); + int ethtool_set_glinksettings(int *fd, const char *ifname, + int autonegotiation, uint32_t advertise[static N_ADVERTISE], +- size_t speed, Duplex duplex, NetDevPort port); ++ uint64_t speed, Duplex duplex, NetDevPort port); + int ethtool_set_channels(int *fd, const char *ifname, netdev_channels *channels); + + const char *duplex_to_string(Duplex d) _const_; +diff --git a/src/test/test-conf-parser.c b/src/test/test-conf-parser.c +index 597265e..ecb4ef2 100644 +--- a/src/test/test-conf-parser.c ++++ b/src/test/test-conf-parser.c +@@ -38,11 +38,11 @@ static void test_config_parse_iec_size_one(const char *rvalue, size_t expected) + assert_se(expected == iec_size); + } + +-static void test_config_parse_si_size_one(const char *rvalue, size_t expected) { +- size_t si_size = 0; ++static void test_config_parse_si_uint64_one(const char *rvalue, uint64_t expected) { ++ uint64_t si_uint64 = 0; + +- assert_se(config_parse_si_size("unit", "filename", 1, "section", 1, "lvalue", 0, rvalue, &si_size, NULL) >= 0); +- assert_se(expected == si_size); ++ assert_se(config_parse_si_uint64("unit", "filename", 1, "section", 1, "lvalue", 0, rvalue, &si_uint64, NULL) >= 0); ++ assert_se(expected == si_uint64); + } + + static void test_config_parse_int_one(const char *rvalue, int expected) { +@@ -125,17 +125,17 @@ static void test_config_parse_iec_size(void) { + test_config_parse_iec_size_one("garbage", 0); + } + +-static void test_config_parse_si_size(void) { +- test_config_parse_si_size_one("1024", 1024); +- test_config_parse_si_size_one("2K", 2000); +- test_config_parse_si_size_one("10M", 10 * 1000 * 1000); +- test_config_parse_si_size_one("1G", 1 * 1000 * 1000 * 1000); +- test_config_parse_si_size_one("0G", 0); +- test_config_parse_si_size_one("0", 0); +- +- test_config_parse_si_size_one("-982", 0); +- test_config_parse_si_size_one("49874444198739873000000G", 0); +- test_config_parse_si_size_one("garbage", 0); ++static void test_config_parse_si_uint64(void) { ++ test_config_parse_si_uint64_one("1024", 1024); ++ test_config_parse_si_uint64_one("2K", 2000); ++ test_config_parse_si_uint64_one("10M", 10 * 1000 * 1000); ++ test_config_parse_si_uint64_one("1G", 1 * 1000 * 1000 * 1000); ++ test_config_parse_si_uint64_one("0G", 0); ++ test_config_parse_si_uint64_one("0", 0); ++ ++ test_config_parse_si_uint64_one("-982", 0); ++ test_config_parse_si_uint64_one("49874444198739873000000G", 0); ++ test_config_parse_si_uint64_one("garbage", 0); + } + + static void test_config_parse_int(void) { +@@ -379,7 +379,7 @@ int main(int argc, char **argv) { + test_config_parse_log_level(); + test_config_parse_log_facility(); + test_config_parse_iec_size(); +- test_config_parse_si_size(); ++ test_config_parse_si_uint64(); + test_config_parse_int(); + test_config_parse_unsigned(); + test_config_parse_strv(); +diff --git a/src/udev/net/link-config-gperf.gperf b/src/udev/net/link-config-gperf.gperf +index a3d7dec..eb2d565 100644 +--- a/src/udev/net/link-config-gperf.gperf ++++ b/src/udev/net/link-config-gperf.gperf +@@ -37,7 +37,7 @@ Link.NamePolicy, config_parse_name_policy, 0, + Link.Name, config_parse_ifname, 0, offsetof(link_config, name) + Link.Alias, config_parse_ifalias, 0, offsetof(link_config, alias) + Link.MTUBytes, config_parse_mtu, AF_UNSPEC, offsetof(link_config, mtu) +-Link.BitsPerSecond, config_parse_si_size, 0, offsetof(link_config, speed) ++Link.BitsPerSecond, config_parse_si_uint64, 0, offsetof(link_config, speed) + Link.Duplex, config_parse_duplex, 0, offsetof(link_config, duplex) + Link.AutoNegotiation, config_parse_tristate, 0, offsetof(link_config, autonegotiation) + Link.WakeOnLan, config_parse_wol, 0, offsetof(link_config, wol) +diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c +index d44af64..6a414db 100644 +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -157,9 +157,6 @@ int link_load_one(link_config_ctx *ctx, const char *filename) { + if (r < 0) + return r; + +- if (link->speed > UINT_MAX) +- return -ERANGE; +- + if (set_isempty(link->match_mac) && strv_isempty(link->match_path) && + strv_isempty(link->match_driver) && strv_isempty(link->match_type) && + strv_isempty(link->match_name) && strv_isempty(link->match_property) && !link->conditions) +diff --git a/src/udev/net/link-config.h b/src/udev/net/link-config.h +index cd99cd5..26666ad 100644 +--- a/src/udev/net/link-config.h ++++ b/src/udev/net/link-config.h +@@ -50,7 +50,7 @@ struct link_config { + char *name; + char *alias; + uint32_t mtu; +- size_t speed; ++ uint64_t speed; + Duplex duplex; + int autonegotiation; + uint32_t advertise[N_ADVERTISE]; +-- +2.23.0 + diff --git a/backport-nspawn-fix-handling-of-console-help.patch b/backport-nspawn-fix-handling-of-console-help.patch new file mode 100644 index 0000000..cf35ffe --- /dev/null +++ b/backport-nspawn-fix-handling-of-console-help.patch @@ -0,0 +1,86 @@ +From dce66ffedbd4e72c2a1a35a55dc26c0e1029e8e3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 23 Oct 2019 09:20:46 +0200 +Subject: [PATCH] nspawn: fix handling of --console=help + +We shouldn't continue to run the container after printing help. +Reference: https://github.com/systemd/systemd/commit/dce66ffedbd4e72c2a1a35a55dc26c0e1029e8e3 +Conflict: NA +--- + src/nspawn/nspawn.c | 49 +++++++++++++++++++++++++++------------------ + 1 file changed, 30 insertions(+), 19 deletions(-) + +diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c +index 0cd960157c..40a7de981a 100644 +--- a/src/nspawn/nspawn.c ++++ b/src/nspawn/nspawn.c +@@ -261,6 +261,30 @@ STATIC_DESTRUCTOR_REGISTER(arg_seccomp, seccomp_releasep); + STATIC_DESTRUCTOR_REGISTER(arg_cpu_set, cpu_set_reset); + STATIC_DESTRUCTOR_REGISTER(arg_sysctl, strv_freep); + ++static int handle_arg_console(const char *arg) { ++ if (streq(arg, "help")) { ++ puts("interactive\n" ++ "read-only\n" ++ "passive\n" ++ "pipe"); ++ return 0; ++ } ++ ++ if (streq(arg, "interactive")) ++ arg_console_mode = CONSOLE_INTERACTIVE; ++ else if (streq(arg, "read-only")) ++ arg_console_mode = CONSOLE_READ_ONLY; ++ else if (streq(arg, "passive")) ++ arg_console_mode = CONSOLE_PASSIVE; ++ else if (streq(arg, "pipe")) ++ arg_console_mode = CONSOLE_PIPE; ++ else ++ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Unknown console mode: %s", optarg); ++ ++ arg_settings_mask |= SETTING_CONSOLE_MODE; ++ return 1; ++} ++ + static int help(void) { + _cleanup_free_ char *link = NULL; + int r; +@@ -1389,29 +1413,16 @@ static int parse_argv(int argc, char *argv[]) { + break; + + case ARG_CONSOLE: +- if (streq(optarg, "interactive")) +- arg_console_mode = CONSOLE_INTERACTIVE; +- else if (streq(optarg, "read-only")) +- arg_console_mode = CONSOLE_READ_ONLY; +- else if (streq(optarg, "passive")) +- arg_console_mode = CONSOLE_PASSIVE; +- else if (streq(optarg, "pipe")) +- arg_console_mode = CONSOLE_PIPE; +- else if (streq(optarg, "help")) +- puts("interactive\n" +- "read-only\n" +- "passive\n" +- "pipe"); +- else +- return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Unknown console mode: %s", optarg); +- +- arg_settings_mask |= SETTING_CONSOLE_MODE; ++ r = handle_arg_console(optarg); ++ if (r <= 0) ++ return r; + break; + + case 'P': + case ARG_PIPE: +- arg_console_mode = CONSOLE_PIPE; +- arg_settings_mask |= SETTING_CONSOLE_MODE; ++ r = handle_arg_console("pipe"); ++ if (r <= 0) ++ return r; + break; + + case ARG_NO_PAGER: +-- +2.23.0 + diff --git a/backport-pstore-fix-use-after-free.patch b/backport-pstore-fix-use-after-free.patch new file mode 100644 index 0000000..e5094af --- /dev/null +++ b/backport-pstore-fix-use-after-free.patch @@ -0,0 +1,35 @@ +From 1e19f5ac0d680a63eccae7ef1fc6ce225dca0bbf Mon Sep 17 00:00:00 2001 +From: Michael Olbrich +Date: Fri, 6 Sep 2019 15:04:01 +0200 +Subject: [PATCH 0082/1760] pstore: fix use after free + +The memory is still needed in the sd_journal_sendv() after the 'if' block. +Reference: https://github.com/systemd/systemd/commit/1e19f5ac0d680a63eccae7ef1fc6ce225dca0bbf +Conflict: NA +--- + src/pstore/pstore.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/pstore/pstore.c b/src/pstore/pstore.c +index c760b3e..8ffe523 100644 +--- a/src/pstore/pstore.c ++++ b/src/pstore/pstore.c +@@ -117,6 +117,7 @@ static int compare_pstore_entries(const void *_a, const void *_b) { + + static int move_file(PStoreEntry *pe, const char *subdir) { + _cleanup_free_ char *ifd_path = NULL, *ofd_path = NULL; ++ _cleanup_free_ void *field = NULL; + const char *suffix, *message; + struct iovec iovec[2]; + int n_iovec = 0, r; +@@ -138,7 +139,6 @@ static int move_file(PStoreEntry *pe, const char *subdir) { + iovec[n_iovec++] = IOVEC_MAKE_STRING(message); + + if (pe->content_size > 0) { +- _cleanup_free_ void *field = NULL; + size_t field_size; + + field_size = strlen("FILE=") + pe->content_size; +-- +1.8.3.1 + diff --git a/backport-pstore-rework-memory-handling-for-dmesg.patch b/backport-pstore-rework-memory-handling-for-dmesg.patch new file mode 100644 index 0000000..df447bb --- /dev/null +++ b/backport-pstore-rework-memory-handling-for-dmesg.patch @@ -0,0 +1,134 @@ +From 8198c3e42b0614b6bd1db6f38813b842c8577304 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Fri, 4 Oct 2019 16:17:27 +0200 +Subject: [PATCH] pstore: rework memory handling for dmesg + +Semmle Security Reports report: +> The problem occurs on the way realloc is being used. When a size +> bigger than the chunk that wants to be reallocated is passed, realloc +> try to malloc a bigger size, however in the case that malloc fails +> (for example, by forcing a big allocation) realloc will return NULL. +> +> According to the man page: +> "The realloc() function returns a pointer to the newly allocated +> memory, which is suitably aligned for any built-in type and may be +> different from ptr, or NULL if the request fails. If size was +> equal to 0, either NULL or a pointer suitable to be passed to free() +> is returned. If realloc() fails, the original block is left +> untouched; it is not freed or moved." +> +> The problem occurs when the memory ptr passed to the first argument of +> realloc is the same as the one used for the result, for example in +> this case: +> +> dmesg = realloc(dmesg, dmesg_size + strlen(pe->dirent.d_name) + +> strlen(":\n") + pe->content_size + 1); +> +> https://lgtm.com/projects/g/systemd/systemd/snapshot/f8bcb81955f9e93a4787627e28f43fffb2a84836/files/src/pstore/pstore.c?sort=name&dir=A +> SC&mode=heatmap#L300 +> +> If the malloc inside that realloc fails, then the original memory +> chunk will never be free but since realloc will return NULL, the +> pointer to that memory chunk will be lost and a memory leak will +> occur. +> +> In case you are curious, this is the query we used to find this problem: +> https://lgtm.com/query/8650323308193591473/ + +Let's use a more standard pattern: allocate memory using greedy_realloc, and +instead of freeing it when we wrote out a chunk, let's just move the cursor +back to the beginning and reuse the memory we allocated previously. + +If we fail to allocate the memory for dmesg contents, don't write the dmesg +entry, but let's still process the files to move them out of pstore. +Reference: https://github.com/systemd/systemd/commit/8198c3e42b0614b6bd1db6f38813b842c8577304 +Conflict: NA +--- + src/pstore/pstore.c | 43 ++++++++++++++++++++++++++----------------- + 1 file changed, 26 insertions(+), 17 deletions(-) + +diff --git a/src/pstore/pstore.c b/src/pstore/pstore.c +index 9861758700..e4618aac0e 100644 +--- a/src/pstore/pstore.c ++++ b/src/pstore/pstore.c +@@ -179,9 +179,11 @@ static int write_dmesg(const char *dmesg, size_t size, const char *id) { + ssize_t wr; + int r; + +- if (isempty(dmesg) || size == 0) ++ if (size == 0) + return 0; + ++ assert(dmesg); ++ + ofd_path = path_join(arg_archivedir, id, "dmesg.txt"); + if (!ofd_path) + return log_oom(); +@@ -205,7 +207,8 @@ static int write_dmesg(const char *dmesg, size_t size, const char *id) { + static void process_dmesg_files(PStoreList *list) { + /* Move files, reconstruct dmesg.txt */ + _cleanup_free_ char *dmesg = NULL, *dmesg_id = NULL; +- size_t dmesg_size = 0; ++ size_t dmesg_size = 0, dmesg_allocated = 0; ++ bool dmesg_bad = false; + PStoreEntry *pe; + + /* Handle each dmesg file: files processed in reverse +@@ -282,33 +285,39 @@ static void process_dmesg_files(PStoreList *list) { + /* Now move file from pstore to archive storage */ + move_file(pe, pe_id); + ++ if (dmesg_bad) ++ continue; ++ + /* If the current record id is NOT the same as the + * previous record id, then start a new dmesg.txt file */ +- if (!pe_id || !dmesg_id || !streq(pe_id, dmesg_id)) { ++ if (!streq_ptr(pe_id, dmesg_id)) { + /* Encountered a new dmesg group, close out old one, open new one */ +- if (dmesg) { +- (void) write_dmesg(dmesg, dmesg_size, dmesg_id); +- dmesg = mfree(dmesg); +- dmesg_size = 0; +- } ++ (void) write_dmesg(dmesg, dmesg_size, dmesg_id); ++ dmesg_size = 0; + + /* now point dmesg_id to storage of pe_id */ + free_and_replace(dmesg_id, pe_id); + } + +- /* Reconstruction of dmesg is done as a useful courtesy, do not log errors */ +- dmesg = realloc(dmesg, dmesg_size + strlen(pe->dirent.d_name) + strlen(":\n") + pe->content_size + 1); +- if (dmesg) { +- dmesg_size += sprintf(&dmesg[dmesg_size], "%s:\n", pe->dirent.d_name); +- if (pe->content) { +- memcpy(&dmesg[dmesg_size], pe->content, pe->content_size); +- dmesg_size += pe->content_size; +- } ++ /* Reconstruction of dmesg is done as a useful courtesy: do not fail, but don't write garbled ++ * output either. */ ++ size_t needed = strlen(pe->dirent.d_name) + strlen(":\n") + pe->content_size + 1; ++ if (!GREEDY_REALLOC(dmesg, dmesg_allocated, dmesg_size + needed)) { ++ log_warning_errno(ENOMEM, "Failed to write dmesg file: %m"); ++ dmesg_bad = true; ++ continue; ++ } ++ ++ dmesg_size += sprintf(dmesg + dmesg_size, "%s:\n", pe->dirent.d_name); ++ if (pe->content) { ++ memcpy(dmesg + dmesg_size, pe->content, pe->content_size); ++ dmesg_size += pe->content_size; + } + + pe_id = mfree(pe_id); + } +- if (dmesg) ++ ++ if (!dmesg_bad) + (void) write_dmesg(dmesg, dmesg_size, dmesg_id); + } + +-- +2.23.0 + diff --git a/backport-sd-device-enumerator-do-not-return-error-when-a-devi.patch b/backport-sd-device-enumerator-do-not-return-error-when-a-devi.patch new file mode 100644 index 0000000..35b5944 --- /dev/null +++ b/backport-sd-device-enumerator-do-not-return-error-when-a-devi.patch @@ -0,0 +1,43 @@ +From 3126d64e5f04cd39033f8c5055e80440b8680d86 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 5 Nov 2019 23:02:31 +0900 +Subject: [PATCH] sd-device-enumerator: do not return error when a device is + removed + +Fixes #13814. +Reference: https://github.com/systemd/systemd/commit/3126d64e5f04cd39033f8c5055e80440b8680d86 +Conflict: NA +--- + src/libsystemd/sd-device/device-enumerator.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/src/libsystemd/sd-device/device-enumerator.c b/src/libsystemd/sd-device/device-enumerator.c +index 5b54641213..a1932f41f9 100644 +--- a/src/libsystemd/sd-device/device-enumerator.c ++++ b/src/libsystemd/sd-device/device-enumerator.c +@@ -506,7 +506,10 @@ static int enumerator_scan_dir_and_add_devices(sd_device_enumerator *enumerator, + + initialized = sd_device_get_is_initialized(device); + if (initialized < 0) { +- r = initialized; ++ if (initialized != -ENOENT) ++ /* this is necessarily racey, so ignore missing devices */ ++ r = initialized; ++ + continue; + } + +@@ -639,7 +642,9 @@ static int enumerator_scan_devices_tag(sd_device_enumerator *enumerator, const c + + k = sd_device_get_subsystem(device, &subsystem); + if (k < 0) { +- r = k; ++ if (k != -ENOENT) ++ /* this is necessarily racy, so ignore missing devices */ ++ r = k; + continue; + } + +-- +2.23.0 + diff --git a/backport-sd-event-refuse-running-default-event-loops-in-any-o.patch b/backport-sd-event-refuse-running-default-event-loops-in-any-o.patch new file mode 100644 index 0000000..d50f533 --- /dev/null +++ b/backport-sd-event-refuse-running-default-event-loops-in-any-o.patch @@ -0,0 +1,44 @@ +From e544601536ac13a288d7476f4400c7b0f22b7ea1 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 30 Oct 2019 20:26:50 +0100 +Subject: [PATCH 0869/1760] sd-event: refuse running default event loops in any + other thread than the one they are default for + +Reference: https://github.com/systemd/systemd/commit/e544601536ac13a288d7476f4400c7b0f22b7ea1 +Conflict: NA +--- + TODO | 1 - + src/libsystemd/sd-event/sd-event.c | 5 +++++ + 2 files changed, 5 insertions(+), 1 deletion(-) + +diff --git a/TODO b/TODO +index 88fd9d7..07f65ec 100644 +--- a/TODO ++++ b/TODO +@@ -701,7 +701,6 @@ Features: + - allow multiple signal handlers per signal? + - document chaining of signal handler for SIGCHLD and child handlers + - define more intervals where we will shift wakeup intervals around in, 1h, 6h, 24h, ... +- - generate a failure of a default event loop is executed out-of-thread + + * investigate endianness issues of UUID vs. GUID + +diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c +index 8d4a20e..4940345 100644 +--- a/src/libsystemd/sd-event/sd-event.c ++++ b/src/libsystemd/sd-event/sd-event.c +@@ -3422,6 +3422,11 @@ _public_ int sd_event_prepare(sd_event *e) { + assert_return(e->state != SD_EVENT_FINISHED, -ESTALE); + assert_return(e->state == SD_EVENT_INITIAL, -EBUSY); + ++ /* Let's check that if we are a default event loop we are executed in the correct thread. We only do ++ * this check here once, since gettid() is typically not cached, and thus want to minimize ++ * syscalls */ ++ assert_return(!e->default_event_ptr || e->tid == gettid(), -EREMOTEIO); ++ + if (e->exit_requested) + goto pending; + +-- +1.8.3.1 + diff --git a/backport-shared-install-fix-error-codes-returned-by-install_c.patch b/backport-shared-install-fix-error-codes-returned-by-install_c.patch new file mode 100644 index 0000000..b77f567 --- /dev/null +++ b/backport-shared-install-fix-error-codes-returned-by-install_c.patch @@ -0,0 +1,28 @@ +From 56a4ce2417ff74f82a48e3a5c6e36edad8d4bc6c Mon Sep 17 00:00:00 2001 +From: Franck Bui +Date: Tue, 24 Sep 2019 18:33:54 +0200 +Subject: [PATCH] shared/install: fix error codes returned by + install_context_apply() + +Reference: https://github.com/systemd/systemd/commit/56a4ce2417ff74f82a48e3a5c6e36edad8d4bc6c +Conflict: NA +--- + src/shared/install.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/shared/install.c b/src/shared/install.c +index 8f9cf4a2f4..0724dd96ee 100644 +--- a/src/shared/install.c ++++ b/src/shared/install.c +@@ -1897,7 +1897,7 @@ static int install_context_apply( + + q = install_info_traverse(scope, c, paths, i, flags, NULL); + if (q < 0) { +- unit_file_changes_add(changes, n_changes, r, i->name, NULL); ++ unit_file_changes_add(changes, n_changes, q, i->name, NULL); + return q; + } + +-- +2.23.0 + diff --git a/backport-test-condition-fix-group-check-condition.patch b/backport-test-condition-fix-group-check-condition.patch new file mode 100644 index 0000000..fcc8bf3 --- /dev/null +++ b/backport-test-condition-fix-group-check-condition.patch @@ -0,0 +1,28 @@ +From 98cd752a285c0fba84b8d98f3ba255ed4d11c881 Mon Sep 17 00:00:00 2001 +From: Felipe Sateler +Date: Mon, 23 Dec 2019 22:04:44 -0300 +Subject: [PATCH 1095/1760] test-condition: fix group check condition + +We were checking the uid, whereas we should have checked the gid +Reference: https://github.com/systemd/systemd/commit/98cd752a285c0fba84b8d98f3ba255ed4d11c881 +Conflict: NA +--- + src/test/test-condition.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/test/test-condition.c b/src/test/test-condition.c +index fce9232..28b5b78 100644 +--- a/src/test/test-condition.c ++++ b/src/test/test-condition.c +@@ -689,7 +689,7 @@ static void test_condition_test_group(void) { + condition_free(condition); + free(gid); + +- groupname = (char*)(geteuid() == 0 ? NOBODY_GROUP_NAME : "root"); ++ groupname = (char*)(getegid() == 0 ? NOBODY_GROUP_NAME : "root"); + condition = condition_new(CONDITION_GROUP, groupname, false, false); + assert_se(condition); + r = condition_test(condition); +-- +1.8.3.1 + diff --git a/backport-time-util-also-use-32bit-hack-on-EOVERFLOW.patch b/backport-time-util-also-use-32bit-hack-on-EOVERFLOW.patch new file mode 100644 index 0000000..dc87c81 --- /dev/null +++ b/backport-time-util-also-use-32bit-hack-on-EOVERFLOW.patch @@ -0,0 +1,30 @@ +From 9e7c8f64cfda101496f56f5546097221e8ad5d6a Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 18 Dec 2019 14:57:11 +0100 +Subject: [PATCH 1064/1760] time-util: also use 32bit hack on EOVERFLOW + +As per +https://github.com/systemd/systemd/issues/14362#issuecomment-566722686 +let's also prepare for EOVERFLOW. +Reference: https://github.com/systemd/systemd/commit/9e7c8f64cfda101496f56f5546097221e8ad5d6a +Conflict: NA +--- + src/basic/time-util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/time-util.c b/src/basic/time-util.c +index 753f8d5..105584e 100644 +--- a/src/basic/time-util.c ++++ b/src/basic/time-util.c +@@ -1514,7 +1514,7 @@ int time_change_fd(void) { + * See: https://github.com/systemd/systemd/issues/14362 */ + + #if SIZEOF_TIME_T == 8 && ULONG_MAX < UINT64_MAX +- if (ERRNO_IS_NOT_SUPPORTED(errno)) { ++ if (ERRNO_IS_NOT_SUPPORTED(errno) || errno == EOVERFLOW) { + static const struct itimerspec its32 = { + .it_value.tv_sec = INT32_MAX, + }; +-- +1.8.3.1 + diff --git a/backport-time-util-deal-with-systems-where-userspace-has-64bi.patch b/backport-time-util-deal-with-systems-where-userspace-has-64bi.patch new file mode 100644 index 0000000..cef7513 --- /dev/null +++ b/backport-time-util-deal-with-systems-where-userspace-has-64bi.patch @@ -0,0 +1,53 @@ +From 601f91bec5646a9c6fbd4f1ec5f1b4ae28d3a770 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 17 Dec 2019 11:22:17 +0100 +Subject: [PATCH] time-util: deal with systems where userspace has 64bit time_t + but kernel does not + +Fixes: #14362 +Reference: https://github.com/systemd/systemd/commit/601f91bec5646a9c6fbd4f1ec5f1b4ae28d3a770 +Conflict: NA +--- + src/basic/time-util.c | 27 ++++++++++++++++++++++++--- + 1 file changed, 24 insertions(+), 3 deletions(-) + +diff --git a/src/basic/time-util.c b/src/basic/time-util.c +index bfe2c60da1..753f8d5174 100644 +--- a/src/basic/time-util.c ++++ b/src/basic/time-util.c +@@ -1500,8 +1500,29 @@ int time_change_fd(void) { + if (fd < 0) + return -errno; + +- if (timerfd_settime(fd, TFD_TIMER_ABSTIME|TFD_TIMER_CANCEL_ON_SET, &its, NULL) < 0) +- return -errno; ++ if (timerfd_settime(fd, TFD_TIMER_ABSTIME|TFD_TIMER_CANCEL_ON_SET, &its, NULL) >= 0) ++ return TAKE_FD(fd); ++ ++ /* So apparently there are systems where time_t is 64bit, but the kernel actually doesn't support ++ * 64bit time_t. In that case configuring a timer to TIME_T_MAX will fail with EOPNOTSUPP or a ++ * similar error. If that's the case let's try with INT32_MAX instead, maybe that works. It's a bit ++ * of a black magic thing though, but what can we do? ++ * ++ * We don't want this code on x86-64, hence let's conditionalize this for systems with 64bit time_t ++ * but where "long" is shorter than 64bit, i.e. 32bit archs. ++ * ++ * See: https://github.com/systemd/systemd/issues/14362 */ ++ ++#if SIZEOF_TIME_T == 8 && ULONG_MAX < UINT64_MAX ++ if (ERRNO_IS_NOT_SUPPORTED(errno)) { ++ static const struct itimerspec its32 = { ++ .it_value.tv_sec = INT32_MAX, ++ }; ++ ++ if (timerfd_settime(fd, TFD_TIMER_ABSTIME|TFD_TIMER_CANCEL_ON_SET, &its32, NULL) >= 0) ++ return TAKE_FD(fd); ++ } ++#endif + +- return TAKE_FD(fd); ++ return -errno; + } +-- +2.23.0 + diff --git a/backport-udev-also-logs-file-permission.patch b/backport-udev-also-logs-file-permission.patch new file mode 100644 index 0000000..4a47219 --- /dev/null +++ b/backport-udev-also-logs-file-permission.patch @@ -0,0 +1,27 @@ +From 20eef7c55cfdd83f953c6a332aaad0caba4fb60f Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 9 Sep 2019 01:29:27 +0900 +Subject: [PATCH 0087/1760] udev: also logs file permission + +Reference: https://github.com/systemd/systemd/commit/20eef7c55cfdd83f953c6a332aaad0caba4fb60f +Conflict: NA +--- + src/udev/udev-rules.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c +index 21f84b2..8631a26 100644 +--- a/src/udev/udev-rules.c ++++ b/src/udev/udev-rules.c +@@ -2304,7 +2304,7 @@ static int apply_static_dev_perms(const char *devnode, uid_t uid, gid_t gid, mod + return log_error_errno(errno, "Failed to chown '%s' %u %u: %m", + device_node, uid, gid); + else +- log_debug("chown '%s' %u:%u", device_node, uid, gid); ++ log_debug("chown '%s' %u:%u with mode %#o", device_node, uid, gid, mode); + + (void) utimensat(AT_FDCWD, device_node, NULL, 0); + return 0; +-- +1.8.3.1 + diff --git a/backport-udev-do-not-append-newline-when-write-attributes.patch b/backport-udev-do-not-append-newline-when-write-attributes.patch new file mode 100644 index 0000000..80898ab --- /dev/null +++ b/backport-udev-do-not-append-newline-when-write-attributes.patch @@ -0,0 +1,32 @@ +From a566ed2c82d81cc6416fe0da0a14f6d5fe5d83b4 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 10 Nov 2019 14:42:55 +0900 +Subject: [PATCH 0570/1760] udev: do not append newline when write attributes + +Before 25de7aa7b90c23d33ea50ada1e50c5834a414237, the content is written +by `fprintf()` without new line. So WRITE_STRING_FILE_AVOID_NEWLINE flag +is necessary. + +Fixes #13985. +Reference: https://github.com/systemd/systemd/commit/a566ed2c82d81cc6416fe0da0a14f6d5fe5d83b4 +Conflict: NA +--- + src/udev/udev-rules.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c +index ab54067..b820072 100644 +--- a/src/udev/udev-rules.c ++++ b/src/udev/udev-rules.c +@@ -2102,7 +2102,7 @@ static int udev_rule_apply_token_to_event( + (void) udev_event_apply_format(event, token->value, value, sizeof(value), false); + + log_rule_debug(dev, rules, "ATTR '%s' writing '%s'", buf, value); +- r = write_string_file(buf, value, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER); ++ r = write_string_file(buf, value, WRITE_STRING_FILE_VERIFY_ON_FAILURE | WRITE_STRING_FILE_DISABLE_BUFFER | WRITE_STRING_FILE_AVOID_NEWLINE); + if (r < 0) + log_rule_error_errno(dev, rules, r, "Failed to write ATTR{%s}, ignoring: %m", buf); + break; +-- +1.8.3.1 + diff --git a/backport-udev-do-not-use-exact-match-of-file-permission.patch b/backport-udev-do-not-use-exact-match-of-file-permission.patch new file mode 100644 index 0000000..3824848 --- /dev/null +++ b/backport-udev-do-not-use-exact-match-of-file-permission.patch @@ -0,0 +1,30 @@ +From 7a182f10343796eab92a8256e347c11b4be78ea7 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 7 Jan 2020 19:22:59 +0900 +Subject: [PATCH 1154/1760] udev: do not use exact match of file permission + +This partially reverts 25de7aa7b90c23d33ea50ada1e50c5834a414237. + +Fixes #14473. +Reference: https://github.com/systemd/systemd/commit/7a182f10343796eab92a8256e347c11b4be78ea7 +Conflict: NA +--- + src/udev/udev-rules.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c +index 6168b33..b9b350d 100644 +--- a/src/udev/udev-rules.c ++++ b/src/udev/udev-rules.c +@@ -1654,7 +1654,7 @@ static int udev_rule_apply_token_to_event( + if (mode == MODE_INVALID) + return token->op == OP_MATCH; + +- match = (((statbuf.st_mode ^ mode) & 07777) == 0); ++ match = (statbuf.st_mode & mode) > 0; + return token->op == (match ? OP_MATCH : OP_NOMATCH); + } + case TK_M_PROGRAM: { +-- +1.8.3.1 + diff --git a/backport-udev-fix-error-code-in-the-log-message.patch b/backport-udev-fix-error-code-in-the-log-message.patch new file mode 100644 index 0000000..cb06bd8 --- /dev/null +++ b/backport-udev-fix-error-code-in-the-log-message.patch @@ -0,0 +1,28 @@ +From ffdc9c891f00f79aa7df3ac25ad141db74686fbe Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 12 Nov 2019 14:58:19 +0900 +Subject: [PATCH 0565/1760] udev: fix error code in the log message + +Reference: https://github.com/systemd/systemd/commit/ffdc9c891f00f79aa7df3ac25ad141db74686fbe +Conflict: NA +--- + src/udev/udev-rules.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c +index 92eb136..5dbf2e1 100644 +--- a/src/udev/udev-rules.c ++++ b/src/udev/udev-rules.c +@@ -2336,8 +2336,7 @@ static int apply_static_dev_perms(const char *devnode, uid_t uid, gid_t gid, mod + if (r == -ENOENT) + return 0; + if (r < 0) +- return log_error_errno(errno, "Failed to chown '%s' %u %u: %m", +- device_node, uid, gid); ++ return log_error_errno(r, "Failed to chown '%s' %u %u: %m", device_node, uid, gid); + else + log_debug("chown '%s' %u:%u with mode %#o", device_node, uid, gid, mode); + +-- +1.8.3.1 + diff --git a/backport-udev-fix-memleak-caused-by-wrong-cleanup-function.patch b/backport-udev-fix-memleak-caused-by-wrong-cleanup-function.patch new file mode 100644 index 0000000..422ce3b --- /dev/null +++ b/backport-udev-fix-memleak-caused-by-wrong-cleanup-function.patch @@ -0,0 +1,28 @@ +From f4f6f2c7400b1a525d7c0c57b12f76f9dfdc4f0d Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 13 Oct 2019 00:35:49 +0900 +Subject: [PATCH] udev: fix memleak caused by wrong cleanup function + +Fixes #13764. +Reference: https://github.com/systemd/systemd/commit/f4f6f2c7400b1a525d7c0c57b12f76f9dfdc4f0d +Conflict: NA +--- + src/udev/udev-rules.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c +index efea16e5c5..b09caeb7f9 100644 +--- a/src/udev/udev-rules.c ++++ b/src/udev/udev-rules.c +@@ -2325,7 +2325,7 @@ static int apply_static_dev_perms(const char *devnode, uid_t uid, gid_t gid, mod + + static int udev_rule_line_apply_static_dev_perms(UdevRuleLine *rule_line) { + UdevRuleToken *token; +- _cleanup_free_ char **tags = NULL; ++ _cleanup_strv_free_ char **tags = NULL; + uid_t uid = UID_INVALID; + gid_t gid = GID_INVALID; + mode_t mode = MODE_INVALID; +-- +2.23.0 + diff --git a/backport-udev-ignore-ENOENT-when-chmod_and_chown-device-node.patch b/backport-udev-ignore-ENOENT-when-chmod_and_chown-device-node.patch new file mode 100644 index 0000000..47b47ba --- /dev/null +++ b/backport-udev-ignore-ENOENT-when-chmod_and_chown-device-node.patch @@ -0,0 +1,27 @@ +From 4b613ec212bfd06fd9d9487bd37b0791fa6dff9e Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 12 Nov 2019 14:57:48 +0900 +Subject: [PATCH] udev: ignore ENOENT when chmod_and_chown() device node + +Reference: https://github.com/systemd/systemd/commit/4b613ec212bfd06fd9d9487bd37b0791fa6dff9e +Conflict: NA +--- + src/udev/udev-rules.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c +index ab54067b3f..92eb136e69 100644 +--- a/src/udev/udev-rules.c ++++ b/src/udev/udev-rules.c +@@ -2333,6 +2333,8 @@ static int apply_static_dev_perms(const char *devnode, uid_t uid, gid_t gid, mod + gid = 0; + + r = chmod_and_chown(device_node, mode, uid, gid); ++ if (r == -ENOENT) ++ return 0; + if (r < 0) + return log_error_errno(errno, "Failed to chown '%s' %u %u: %m", + device_node, uid, gid); +-- +2.23.0 + diff --git a/backport-udevadm-ignore-EROFS-and-return-earlier.patch b/backport-udevadm-ignore-EROFS-and-return-earlier.patch new file mode 100644 index 0000000..fc50446 --- /dev/null +++ b/backport-udevadm-ignore-EROFS-and-return-earlier.patch @@ -0,0 +1,35 @@ +From dc11d2bf6602558770e61f772d925ba8dcc71233 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 18 Nov 2019 18:47:16 +0900 +Subject: [PATCH 0650/1760] udevadm: ignore EROFS and return earlier + +Fixes #14060. +Reference: https://github.com/systemd/systemd/commit/dc11d2bf6602558770e61f772d925ba8dcc71233 +Conflict: NA +--- + src/udev/udevadm-trigger.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/src/udev/udevadm-trigger.c b/src/udev/udevadm-trigger.c +index 11f2f1c..60c68b5 100644 +--- a/src/udev/udevadm-trigger.c ++++ b/src/udev/udevadm-trigger.c +@@ -45,10 +45,13 @@ static int exec_list(sd_device_enumerator *e, const char *action, Set *settle_se + + r = write_string_file(filename, action, WRITE_STRING_FILE_DISABLE_BUFFER); + if (r < 0) { +- bool ignore = IN_SET(r, -ENOENT, -EACCES, -ENODEV); ++ bool ignore = IN_SET(r, -ENOENT, -EACCES, -ENODEV, -EROFS); + + log_full_errno(ignore ? LOG_DEBUG : LOG_ERR, r, +- "Failed to write '%s' to '%s': %m", action, filename); ++ "Failed to write '%s' to '%s'%s: %m", ++ action, filename, ignore ? ", ignoring" : ""); ++ if (r == -EROFS) ++ return 0; /* Read only filesystem. Return earlier. */ + if (ret == 0 && !ignore) + ret = r; + continue; +-- +1.8.3.1 + diff --git a/backport-udevadm-missing-initialization-of-descriptor.patch b/backport-udevadm-missing-initialization-of-descriptor.patch new file mode 100644 index 0000000..488cceb --- /dev/null +++ b/backport-udevadm-missing-initialization-of-descriptor.patch @@ -0,0 +1,26 @@ +From 2f5b282aab78bd2378df428c57c5fd1cc09e9f4f Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 18 Sep 2019 00:52:07 +0900 +Subject: [PATCH] udevadm: missing initialization of descriptor + +Reference: https://github.com/systemd/systemd/commit/2f5b282aab78bd2378df428c57c5fd1cc09e9f4f +Conflict: NA +--- + src/udev/udev-ctrl.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/udev/udev-ctrl.c b/src/udev/udev-ctrl.c +index b38370883f..751e034982 100644 +--- a/src/udev/udev-ctrl.c ++++ b/src/udev/udev-ctrl.c +@@ -76,6 +76,7 @@ int udev_ctrl_new_from_fd(struct udev_ctrl **ret, int fd) { + *uctrl = (struct udev_ctrl) { + .n_ref = 1, + .sock = fd >= 0 ? fd : TAKE_FD(sock), ++ .sock_connect = -1, + .bound = fd >= 0, + }; + +-- +2.23.0 + diff --git a/backport-udevadm-show-more-error-message-during-exporting-dat.patch b/backport-udevadm-show-more-error-message-during-exporting-dat.patch new file mode 100644 index 0000000..2c7fba7 --- /dev/null +++ b/backport-udevadm-show-more-error-message-during-exporting-dat.patch @@ -0,0 +1,43 @@ +From df5a4889fe85fe6b1926736ea35e8ceec97c62f2 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Thu, 27 Feb 2020 22:27:13 +0900 +Subject: [PATCH 1715/1760] udevadm: show more error message during exporting + database + +Closes #14959. +Reference: https://github.com/systemd/systemd/commit/df5a4889fe85fe6b1926736ea35e8ceec97c62f2 +Conflict: NA +--- + src/udev/udevadm-info.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/udev/udevadm-info.c b/src/udev/udevadm-info.c +index 2d2bc00..1debdf2 100644 +--- a/src/udev/udevadm-info.c ++++ b/src/udev/udevadm-info.c +@@ -177,18 +177,18 @@ static int export_devices(void) { + + r = sd_device_enumerator_new(&e); + if (r < 0) +- return r; ++ return log_oom(); + + r = sd_device_enumerator_allow_uninitialized(e); + if (r < 0) +- return r; ++ return log_error_errno(r, "Failed to set allowing uninitialized flag: %m"); + + r = device_enumerator_scan_devices(e); + if (r < 0) +- return r; ++ return log_error_errno(r, "Failed to scan devices: %m"); + + FOREACH_DEVICE_AND_SUBSYSTEM(e, d) +- print_record(d); ++ (void) print_record(d); + + return 0; + } +-- +1.8.3.1 + diff --git a/backport-udevadm-trigger-do-not-propagate-EACCES-and-ENODEV.patch b/backport-udevadm-trigger-do-not-propagate-EACCES-and-ENODEV.patch new file mode 100644 index 0000000..3c8fba3 --- /dev/null +++ b/backport-udevadm-trigger-do-not-propagate-EACCES-and-ENODEV.patch @@ -0,0 +1,37 @@ +From 67acde4869a9505f9721e31fa5167c82445e0e12 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Thu, 26 Sep 2019 21:33:59 +0900 +Subject: [PATCH] udevadm trigger: do not propagate EACCES and ENODEV + +Inside container, writing file returns EACCESS. Moreover, some devices +return ENODEV rather than EACCES. So, let's also ignore these two +error causes. + +Closes #13652. +Reference: https://github.com/systemd/systemd/commit/67acde4869a9505f9721e31fa5167c82445e0e12 +Conflict: NA +--- + src/udev/udevadm-trigger.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/udev/udevadm-trigger.c b/src/udev/udevadm-trigger.c +index 77d95e513f..11f2f1c985 100644 +--- a/src/udev/udevadm-trigger.c ++++ b/src/udev/udevadm-trigger.c +@@ -45,9 +45,11 @@ static int exec_list(sd_device_enumerator *e, const char *action, Set *settle_se + + r = write_string_file(filename, action, WRITE_STRING_FILE_DISABLE_BUFFER); + if (r < 0) { +- log_full_errno(r == -ENOENT ? LOG_DEBUG : LOG_ERR, r, ++ bool ignore = IN_SET(r, -ENOENT, -EACCES, -ENODEV); ++ ++ log_full_errno(ignore ? LOG_DEBUG : LOG_ERR, r, + "Failed to write '%s' to '%s': %m", action, filename); +- if (ret == 0 && r != -ENOENT) ++ if (ret == 0 && !ignore) + ret = r; + continue; + } +-- +2.23.0 + diff --git a/backport-udevadm-use-usec_add.patch b/backport-udevadm-use-usec_add.patch new file mode 100644 index 0000000..e1a3515 --- /dev/null +++ b/backport-udevadm-use-usec_add.patch @@ -0,0 +1,38 @@ +From f6e8ba816577a1a26037a8aeae23fda36d74f0ac Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 18 Sep 2019 01:28:23 +0900 +Subject: [PATCH] udevadm: use usec_add() + +Also fixes description of event source. +Reference: https://github.com/systemd/systemd/commit/f6e8ba816577a1a26037a8aeae23fda36d74f0ac +Conflict: NA +--- + src/udev/udev-ctrl.c | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +diff --git a/src/udev/udev-ctrl.c b/src/udev/udev-ctrl.c +index 751e034982..f1befc7304 100644 +--- a/src/udev/udev-ctrl.c ++++ b/src/udev/udev-ctrl.c +@@ -395,14 +395,13 @@ int udev_ctrl_wait(struct udev_ctrl *uctrl, usec_t timeout) { + (void) sd_event_source_set_description(source_io, "udev-ctrl-wait-io"); + + if (timeout != USEC_INFINITY) { +- usec_t usec; +- +- usec = now(clock_boottime_or_monotonic()) + timeout; +- r = sd_event_add_time(uctrl->event, &source_timeout, clock_boottime_or_monotonic(), usec, 0, NULL, INT_TO_PTR(-ETIMEDOUT)); ++ r = sd_event_add_time(uctrl->event, &source_timeout, clock_boottime_or_monotonic(), ++ usec_add(now(clock_boottime_or_monotonic()), timeout), ++ 0, NULL, INT_TO_PTR(-ETIMEDOUT)); + if (r < 0) + return r; + +- (void) sd_event_source_set_description(source_timeout, "udev-ctrl-wait-io"); ++ (void) sd_event_source_set_description(source_timeout, "udev-ctrl-wait-timeout"); + } + + return sd_event_loop(uctrl->event); +-- +2.23.0 + diff --git a/backport-udevd-don-t-kill-worker-in-manager_kill_workers-when.patch b/backport-udevd-don-t-kill-worker-in-manager_kill_workers-when.patch index 518e870..2a73a50 100644 --- a/backport-udevd-don-t-kill-worker-in-manager_kill_workers-when.patch +++ b/backport-udevd-don-t-kill-worker-in-manager_kill_workers-when.patch @@ -5,15 +5,19 @@ Subject: [PATCH] udevd: don't kill worker in manager_kill_workers when it's running If worker is running, kill worker may lead uevent unprocessed. + +Reference: https://github.com/systemd/systemd/commit/f257a8fc13b2a617d845132eb61aefde47921198 +Conflict: adaptation context. + --- src/udev/udevd.c | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/src/udev/udevd.c b/src/udev/udevd.c -index cb51230..215f020 100644 +index 7465a70..8e50cb5 100644 --- a/src/udev/udevd.c +++ b/src/udev/udevd.c -@@ -134,6 +134,7 @@ enum worker_state { +@@ -136,6 +136,7 @@ enum worker_state { WORKER_RUNNING, WORKER_IDLE, WORKER_KILLED, @@ -21,7 +25,7 @@ index cb51230..215f020 100644 }; struct worker { -@@ -654,7 +655,7 @@ static int event_queue_insert(Manager *manager, sd_device *dev) { +@@ -691,7 +692,7 @@ static int event_queue_insert(Manager *manager, sd_device *dev) { return 0; } @@ -30,7 +34,7 @@ index cb51230..215f020 100644 struct worker *worker; Iterator i; -@@ -664,6 +665,11 @@ static void manager_kill_workers(Manager *manager) { +@@ -701,6 +702,11 @@ static void manager_kill_workers(Manager *manager) { if (worker->state == WORKER_KILLED) continue; @@ -42,16 +46,16 @@ index cb51230..215f020 100644 worker->state = WORKER_KILLED; (void) kill(worker->pid, SIGTERM); } -@@ -810,7 +816,7 @@ static void manager_exit(Manager *manager) { +@@ -836,7 +842,7 @@ static void manager_exit(Manager *manager) { /* discard queued events and kill workers */ event_queue_cleanup(manager, EVENT_QUEUED); - manager_kill_workers(manager); + manager_kill_workers(manager, true); + } - assert_se(sd_event_now(manager->event, CLOCK_MONOTONIC, &usec) >= 0); - -@@ -829,7 +835,7 @@ static void manager_reload(Manager *manager) { + /* reload requested, HUP signal received, rules changed, builtin changed */ +@@ -848,7 +854,7 @@ static void manager_reload(Manager *manager) { "RELOADING=1\n" "STATUS=Flushing configuration..."); @@ -60,7 +64,7 @@ index cb51230..215f020 100644 manager->rules = udev_rules_free(manager->rules); udev_builtin_exit(); -@@ -844,7 +850,7 @@ static int on_kill_workers_event(sd_event_source *s, uint64_t usec, void *userda +@@ -863,7 +869,7 @@ static int on_kill_workers_event(sd_event_source *s, uint64_t usec, void *userda assert(manager); log_debug("Cleanup idle workers"); @@ -69,7 +73,7 @@ index cb51230..215f020 100644 return 1; } -@@ -966,7 +972,10 @@ static int on_worker(sd_event_source *s, int fd, uint32_t revents, void *userdat +@@ -985,7 +991,10 @@ static int on_worker(sd_event_source *s, int fd, uint32_t revents, void *userdat continue; } @@ -81,7 +85,7 @@ index cb51230..215f020 100644 worker->state = WORKER_IDLE; /* worker returned */ -@@ -1012,7 +1021,7 @@ static int on_ctrl_msg(struct udev_ctrl *uctrl, enum udev_ctrl_msg_type type, co +@@ -1031,7 +1040,7 @@ static int on_ctrl_msg(struct udev_ctrl *uctrl, enum udev_ctrl_msg_type type, co log_debug("Received udev control message (SET_LOG_LEVEL), setting log_priority=%i", value->intval); log_set_max_level_realm(LOG_REALM_UDEV, value->intval); log_set_max_level_realm(LOG_REALM_SYSTEMD, value->intval); @@ -90,7 +94,7 @@ index cb51230..215f020 100644 break; case UDEV_CTRL_STOP_EXEC_QUEUE: log_debug("Received udev control message (STOP_EXEC_QUEUE)"); -@@ -1077,7 +1086,7 @@ static int on_ctrl_msg(struct udev_ctrl *uctrl, enum udev_ctrl_msg_type type, co +@@ -1096,7 +1105,7 @@ static int on_ctrl_msg(struct udev_ctrl *uctrl, enum udev_ctrl_msg_type type, co } key = val = NULL; @@ -100,5 +104,5 @@ index cb51230..215f020 100644 } case UDEV_CTRL_SET_CHILDREN_MAX: -- -1.8.3.1 +2.23.0 diff --git a/backport-udevd-don-t-use-monitor-after-manager_exit.patch b/backport-udevd-don-t-use-monitor-after-manager_exit.patch new file mode 100644 index 0000000..aec041b --- /dev/null +++ b/backport-udevd-don-t-use-monitor-after-manager_exit.patch @@ -0,0 +1,42 @@ +From 030f4571670537c76355c5d923468c9a61aa77e9 Mon Sep 17 00:00:00 2001 +From: Martin Wilck +Date: Tue, 26 Nov 2019 18:39:09 +0100 +Subject: [PATCH 0747/1760] udevd: don't use monitor after manager_exit() + +If udevd receives an exit signal, it releases its reference on the udev +monitor in manager_exit(). If at this time a worker is hanging, and if +the event timeout for this worker expires before udevd exits, udevd +crashes in on_sigchld()->udev_monitor_send_device(), because the monitor +has already been freed. + +Fix this by testing the validity of manager->monitor in on_sigchld(). +Reference: https://github.com/systemd/systemd/commit/030f4571670537c76355c5d923468c9a61aa77e9 +Conflict: NA +--- + src/udev/udevd.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/src/udev/udevd.c b/src/udev/udevd.c +index 144a20e..7678331 100644 +--- a/src/udev/udevd.c ++++ b/src/udev/udevd.c +@@ -1311,10 +1311,12 @@ static int on_sigchld(sd_event_source *s, const struct signalfd_siginfo *si, voi + device_delete_db(worker->event->dev); + device_tag_index(worker->event->dev, NULL, false); + +- /* forward kernel event without amending it */ +- r = device_monitor_send_device(manager->monitor, NULL, worker->event->dev_kernel); +- if (r < 0) +- log_device_error_errno(worker->event->dev_kernel, r, "Failed to send back device to kernel: %m"); ++ if (manager->monitor) { ++ /* forward kernel event without amending it */ ++ r = device_monitor_send_device(manager->monitor, NULL, worker->event->dev_kernel); ++ if (r < 0) ++ log_device_error_errno(worker->event->dev_kernel, r, "Failed to send back device to kernel: %m"); ++ } + } + + worker_free(worker); +-- +1.8.3.1 + diff --git a/backport-udevd-wait-for-workers-to-finish-when-exiting.patch b/backport-udevd-wait-for-workers-to-finish-when-exiting.patch new file mode 100644 index 0000000..479375a --- /dev/null +++ b/backport-udevd-wait-for-workers-to-finish-when-exiting.patch @@ -0,0 +1,110 @@ +From bfde9421af1458e18999d787b1ab46a6a33e8bb6 Mon Sep 17 00:00:00 2001 +From: Martin Wilck +Date: Wed, 6 Nov 2019 12:24:41 +0100 +Subject: [PATCH 0573/1760] udevd: wait for workers to finish when exiting + +On some systems with lots of devices, device probing for certain drivers can +take a very long time. If systemd-udevd detects a timeout and kills the worker +running modprobe using SIGKILL, some devices will not be probed, or end up in +unusable state. The --event-timeout option can be used to modify the maximum +time spent in an uevent handler. But if systemd-udevd exits, it uses a +different timeout, hard-coded to 30s, and exits when this timeout expires, +causing all workers to be KILLed by systemd afterwards. In practice, this may +lead to workers being killed after significantly less time than specified with +the event-timeout. This is particularly significant during initrd processing: +systemd-udevd will be stopped by systemd when initrd-switch-root.target is +about to be isolated, which usually happens quickly after finding and mounting +the root FS. + +If systemd-udevd is started by PID 1 (i.e. basically always), systemd will +kill both udevd and the workers after expiry of TimeoutStopSec. This is +actually better than the built-in udevd timeout, because it's more transparent +and configurable for users. This way users can avoid the mentioned boot problem +by simply increasing StopTimeoutSec= in systemd-udevd.service. + +If udevd is not started by systemd (standalone), this is still an +improvement. udevd will kill hanging workers when the event timeout is +reached, which is configurable via the udev.event_timeout= kernel +command line parameter. Before this patch, udevd would simply exit with +workers still running, which would then become zombie processes. + +With the timeout removed, the sd_event_now() assertion in manager_exit() can be +dropped. + +NOTE: This patch is modified to fit current code. The first part (some NEWS) has +been removed, and this modification will not affect functionality. + +https://github.com/systemd/systemd/pull/13961/commits/bfde9421af1458e18999d787b1ab46a6a33e8bb6 +Reference: https://github.com/systemd/systemd/commit/bfde9421af1458e18999d787b1ab46a6a33e8bb6 +Conflict: NA +--- + NEWS | 13 +++++++++++++ + src/udev/udevd.c | 21 --------------------- + 2 files changed, 13 insertions(+), 21 deletions(-) + +diff --git a/NEWS b/NEWS +index de4f93a..aabafb9 100644 +--- a/NEWS ++++ b/NEWS +@@ -1,5 +1,18 @@ + systemd System and Service Manager + ++CHANGES WITH 244(We backported this to V243): ++ ++ * systemd-udevd: removed the 30s timeout for killing stale workers on ++ exit. systemd-udevd now waits for workers to finish. The hard-coded ++ exit timeout of 30s was too short for some large installations, where ++ driver initialization could be prematurely interrupted during initrd ++ processing if the root file system had been mounted and init was ++ preparing to switch root. If udevd is run without systemd and workers ++ are hanging while udevd receives an exit signal, udevd will now exit ++ when udev.event_timeout is reached for the last hanging worker. With ++ systemd, the exit timeout can additionally be configured using ++ TimeoutStopSec= in systemd-udevd.service. ++ + CHANGES WITH 243: + + * This release enables unprivileged programs (i.e. requiring neither +diff --git a/src/udev/udevd.c b/src/udev/udevd.c +index cb51230..0a2c8a2 100644 +--- a/src/udev/udevd.c ++++ b/src/udev/udevd.c +@@ -777,21 +777,7 @@ set_delaying_seqnum: + return true; + } + +-static int on_exit_timeout(sd_event_source *s, uint64_t usec, void *userdata) { +- Manager *manager = userdata; +- +- assert(manager); +- +- log_error("Giving up waiting for workers to finish."); +- sd_event_exit(manager->event, -ETIMEDOUT); +- +- return 1; +-} +- + static void manager_exit(Manager *manager) { +- uint64_t usec; +- int r; +- + assert(manager); + + manager->exit = true; +@@ -811,13 +797,6 @@ static void manager_exit(Manager *manager) { + /* discard queued events and kill workers */ + event_queue_cleanup(manager, EVENT_QUEUED); + manager_kill_workers(manager); +- +- assert_se(sd_event_now(manager->event, CLOCK_MONOTONIC, &usec) >= 0); +- +- r = sd_event_add_time(manager->event, NULL, CLOCK_MONOTONIC, +- usec + 30 * USEC_PER_SEC, USEC_PER_SEC, on_exit_timeout, manager); +- if (r < 0) +- return; + } + + /* reload requested, HUP signal received, rules changed, builtin changed */ +-- +2.19.1 + diff --git a/backport-unit-add-AF_ALG-to-systemd-networkd.service.patch b/backport-unit-add-AF_ALG-to-systemd-networkd.service.patch new file mode 100644 index 0000000..693b6b0 --- /dev/null +++ b/backport-unit-add-AF_ALG-to-systemd-networkd.service.patch @@ -0,0 +1,28 @@ +From 1b3cccfdacc7b36d2a541d944a6268cacfe2fcf2 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 26 Jan 2020 21:24:09 +0900 +Subject: [PATCH 1456/1760] unit: add AF_ALG to systemd-networkd.service + +networkd uses khash, and khash requires AF_ALG. +Reference: https://github.com/systemd/systemd/commit/1b3cccfdacc7b36d2a541d944a6268cacfe2fcf2 +Conflict: NA +--- + units/systemd-networkd.service.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in +index 0193166..1b69677 100644 +--- a/units/systemd-networkd.service.in ++++ b/units/systemd-networkd.service.in +@@ -33,7 +33,7 @@ ProtectKernelLogs=yes + ProtectSystem=strict + Restart=on-failure + RestartSec=0 +-RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 AF_PACKET ++RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 AF_PACKET AF_ALG + RestrictNamespaces=yes + RestrictRealtime=yes + RestrictSUIDSGID=yes +-- +1.8.3.1 + diff --git a/backport-verify-fix-segmentation-fault.patch b/backport-verify-fix-segmentation-fault.patch new file mode 100644 index 0000000..0d02ad1 --- /dev/null +++ b/backport-verify-fix-segmentation-fault.patch @@ -0,0 +1,60 @@ +From fc9de36a3b60c69a17442aabf215e2d87e697e6f Mon Sep 17 00:00:00 2001 +From: HATAYAMA Daisuke +Date: Wed, 13 Nov 2019 06:30:58 -0500 +Subject: [PATCH 0593/1760] verify: fix segmentation fault + +systemd-analyze verify command now results in segmentation fault if two +consecutive non-existent unit file names are given: + + # ./build/systemd-analyze a.service b.service + ...... + Unit a.service not found. + Unit b.service not found. + Segmentation fault (core dumped) + +The cause of this is a wrong handling of return value of +manager_load_startable_unit_or_warn() in verify_units() in failure case. + +It looks that the current logic wants to assign the first error status +throughout verify_units() into variable r and count up variable count only when +a given unit file exists. + +However, due to the wrong handling of the return value of +manager_load_startable_unit_or_warn() in verify_units(), the variable count is +unexpectedly incremented even when there is no such unit file because the +variable r already contains non-zero value in the 2nd failure, set by the 1st +failure, and then the condition k < 0 && r == 0 evaluates to false. + +This commit fixes the wrong handling of return value of +manager_load_startable_unit_or_warn() in verify_units(). +Reference: https://github.com/systemd/systemd/commit/fc9de36a3b60c69a17442aabf215e2d87e697e6f +Conflict: NA +--- + src/analyze/analyze-verify.c | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/src/analyze/analyze-verify.c b/src/analyze/analyze-verify.c +index 16b07cc..4cfbdfa 100644 +--- a/src/analyze/analyze-verify.c ++++ b/src/analyze/analyze-verify.c +@@ -271,10 +271,13 @@ int verify_units(char **filenames, UnitFileScope scope, bool check_man, bool run + } + + k = manager_load_startable_unit_or_warn(m, NULL, prepared, &units[count]); +- if (k < 0 && r == 0) +- r = k; +- else +- count++; ++ if (k < 0) { ++ if (r == 0) ++ r = k; ++ continue; ++ } ++ ++ count++; + } + + for (i = 0; i < count; i++) { +-- +1.8.3.1 + diff --git a/systemd.spec b/systemd.spec index a3e4dbb..2f62f52 100644 --- a/systemd.spec +++ b/systemd.spec @@ -16,7 +16,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd Version: 243 -Release: 63 +Release: 64 License: MIT and LGPLv2+ and GPLv2+ Summary: System and Service Manager @@ -132,7 +132,7 @@ Patch0084: 0084-journald-enforce-longer-line-length-limit-during-set.patch Patch0085: backport-execute-Fix-migration-from-DynamicUser-yes-to-no.patch Patch0086: 0086-fix-CVE-2021-33910.patch Patch0087: backport-units-restore-RemainAfterExit-yes-in-systemd-vconsol.patch -Patch0088: backport-udevd-don-t-kill-worker-in-manager_kill_workers-when.patch +#Patch0088: backport-udevd-don-t-kill-worker-in-manager_kill_workers-when.patch (moved to Patch0201) Patch0089: backport-stat-util-add-stat_inode_unmodified-helper-that-chec.patch Patch0090: backport-basic-stat-util-make-mtime-check-stricter-and-use-en.patch Patch0091: backport-udev-make-algorithm-that-selects-highest-priority-de.patch @@ -213,6 +213,39 @@ Patch0165: backport-pid1-fix-segv-triggered-by-status-query.patch Patch0166: backport-main-log-which-process-send-SIGNAL-to-PID1.patch Patch0167: backport-main-drop-get_process_cmdline-from-crash-handler.patch Patch0168: backport-conf-parser-fix-line-number-in-error-message.patch +Patch0169: backport-pstore-fix-use-after-free.patch +Patch0170: backport-udev-also-logs-file-permission.patch +Patch0171: backport-core-Fix-setting-StatusUnitFormat-from-config-files.patch +Patch0172: backport-udevadm-missing-initialization-of-descriptor.patch +Patch0173: backport-udevadm-use-usec_add.patch +Patch0174: backport-shared-install-fix-error-codes-returned-by-install_c.patch +Patch0175: backport-udevadm-trigger-do-not-propagate-EACCES-and-ENODEV.patch +Patch0176: backport-pstore-rework-memory-handling-for-dmesg.patch +Patch0177: backport-udev-fix-memleak-caused-by-wrong-cleanup-function.patch +Patch0178: backport-network-ndisc-do-not-drop-all-prefixes-when-a-prefix.patch +Patch0179: backport-nspawn-fix-handling-of-console-help.patch +Patch0180: backport-core-job-fix-breakage-of-ordering-dependencies-by-sy.patch +Patch0181: backport-sd-device-enumerator-do-not-return-error-when-a-devi.patch +Patch0182: backport-udev-ignore-ENOENT-when-chmod_and_chown-device-node.patch +Patch0183: backport-udev-fix-error-code-in-the-log-message.patch +Patch0184: backport-udev-do-not-append-newline-when-write-attributes.patch +Patch0185: backport-udevd-wait-for-workers-to-finish-when-exiting.patch +Patch0186: backport-verify-fix-segmentation-fault.patch +Patch0187: backport-core-path-serialize-the-previous_exists-state.patch +Patch0188: backport-core-path-fix-spurious-triggering-of-PathExists-on-r.patch +Patch0189: backport-udevadm-ignore-EROFS-and-return-earlier.patch +Patch0190: backport-udevd-don-t-use-monitor-after-manager_exit.patch +Patch0191: backport-hibernate-resume-generator-wait-infinitely-for-the-r.patch +Patch0192: backport-sd-event-refuse-running-default-event-loops-in-any-o.patch +Patch0193: backport-time-util-deal-with-systems-where-userspace-has-64bi.patch +Patch0194: backport-time-util-also-use-32bit-hack-on-EOVERFLOW.patch +Patch0195: backport-test-condition-fix-group-check-condition.patch +Patch0196: backport-udev-do-not-use-exact-match-of-file-permission.patch +Patch0197: backport-network-udev-use-uint64_t-for-bit-rate.patch +Patch0198: backport-unit-add-AF_ALG-to-systemd-networkd.service.patch +Patch0199: backport-Fix-generator-name-in-hibernate-resume-generator-s-d.patch +Patch0200: backport-udevadm-show-more-error-message-during-exporting-dat.patch +Patch0201: backport-udevd-don-t-kill-worker-in-manager_kill_workers-when.patch #openEuler Patch9002: 1509-fix-journal-file-descriptors-leak-problems.patch @@ -1620,6 +1653,40 @@ fi %exclude /usr/share/man/man3/* %changelog +* Wed Dec 6 2023 huyubiao - 243-64 +- add backport-pstore-fix-use-after-free.patch + backport-udev-also-logs-file-permission.patch + backport-core-Fix-setting-StatusUnitFormat-from-config-files.patch + backport-udevadm-missing-initialization-of-descriptor.patch + backport-udevadm-use-usec_add.patch + backport-shared-install-fix-error-codes-returned-by-install_c.patch + backport-udevadm-trigger-do-not-propagate-EACCES-and-ENODEV.patch + backport-pstore-rework-memory-handling-for-dmesg.patch + backport-udev-fix-memleak-caused-by-wrong-cleanup-function.patch + backport-network-ndisc-do-not-drop-all-prefixes-when-a-prefix.patch + backport-nspawn-fix-handling-of-console-help.patch + backport-core-job-fix-breakage-of-ordering-dependencies-by-sy.patch + backport-sd-device-enumerator-do-not-return-error-when-a-devi.patch + backport-udev-ignore-ENOENT-when-chmod_and_chown-device-node.patch + backport-udev-fix-error-code-in-the-log-message.patch + backport-udev-do-not-append-newline-when-write-attributes.patch + backport-udevd-wait-for-workers-to-finish-when-exiting.patch + backport-verify-fix-segmentation-fault.patch + backport-core-path-serialize-the-previous_exists-state.patch + backport-core-path-fix-spurious-triggering-of-PathExists-on-r.patch + backport-udevadm-ignore-EROFS-and-return-earlier.patch + backport-udevd-don-t-use-monitor-after-manager_exit.patch + backport-hibernate-resume-generator-wait-infinitely-for-the-r.patch + backport-sd-event-refuse-running-default-event-loops-in-any-o.patch + backport-time-util-deal-with-systems-where-userspace-has-64bi.patch + backport-time-util-also-use-32bit-hack-on-EOVERFLOW.patch + backport-test-condition-fix-group-check-condition.patch + backport-udev-do-not-use-exact-match-of-file-permission.patch + backport-network-udev-use-uint64_t-for-bit-rate.patch + backport-unit-add-AF_ALG-to-systemd-networkd.service.patch + backport-Fix-generator-name-in-hibernate-resume-generator-s-d.patch + backport-udevadm-show-more-error-message-during-exporting-dat.patch + * Tue Dec 5 2023 huyubiao - 243-63 - sync community patches: fix line number in conf_parser error message