Ubuntu
systemd package

Merge ~enr0n/ubuntu/+source/systemd:ubuntu-lunar-next into ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-lunar

  1. Git
  2. lp:~enr0n/ubuntu/+source/systemd
  3. ubuntu-lunar-next
  4. Merge into ubuntu-lunar
Proposed by Nick Rosbrook
Status: Merged
Approved by: Lukas Märdian
Approved revision: e6a635d5dc87ed271d30e6bec1edd03d29525b0c
Merged at revision: e6a635d5dc87ed271d30e6bec1edd03d29525b0c
Proposed branch: ~enr0n/ubuntu/+source/systemd:ubuntu-lunar-next
Merge into: ~ubuntu-core-dev/ubuntu/+source/systemd:ubuntu-lunar
Diff against target: 5254 lines (+1754/-807)
121 files modified
.packit.yml (+5/-0)
debian/changelog (+105/-0)
debian/control (+4/-15)
debian/patches/Deny-list-TEST-74-AUX-UTILS-on-s390x.patch (+16/-0)
debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch (+3/-3)
debian/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch (+2/-0)
debian/patches/debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch (+1/-1)
debian/patches/lp2002445-sd-netlink-add-a-test-for-rtnl_set_link_name.patch (+72/-0)
debian/patches/lp2002445-sd-netlink-do-not-swap-old-name-and-alternative-name.patch (+62/-0)
debian/patches/lp2002445-sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch (+64/-0)
debian/patches/lp2002445-test-network-add-a-test-for-renaming-device-to-current-al.patch (+48/-0)
debian/patches/lp2002445-udev-attempt-device-rename-even-if-interface-is-up.patch (+63/-0)
debian/patches/lp2002445-udev-net-allow-new-link-name-as-an-altname-before-renamin.patch (+34/-0)
debian/patches/p11kit-switch-to-dlopen.patch (+3/-3)
debian/patches/series (+7/-3)
debian/rules (+1/-0)
debian/tests/boot-and-services (+2/-2)
debian/tests/control (+13/-8)
dev/null (+0/-323)
man/org.freedesktop.systemd1.xml (+6/-0)
man/systemd.mount.xml (+3/-1)
man/systemd.scope.xml (+2/-0)
man/systemd.service.xml (+9/-11)
src/basic/alloc-util.c (+4/-0)
src/basic/alloc-util.h (+29/-10)
src/basic/cgroup-util.c (+1/-1)
src/basic/hashmap.c (+1/-1)
src/basic/linux/README (+1/-0)
src/basic/linux/btrfs.h (+50/-12)
src/basic/linux/btrfs_tree.h (+240/-1)
src/basic/linux/genetlink.h (+3/-2)
src/basic/linux/if_bridge.h (+21/-0)
src/basic/linux/if_ether.h (+2/-0)
src/basic/linux/if_link.h (+16/-0)
src/basic/linux/if_macsec.h (+2/-0)
src/basic/linux/if_tun.h (+5/-1)
src/basic/linux/in.h (+9/-14)
src/basic/linux/l2tp.h (+0/-2)
src/basic/linux/netfilter/nf_tables.h (+29/-0)
src/basic/linux/netlink.h (+24/-7)
src/basic/linux/nl80211.h (+128/-7)
src/basic/linux/pkt_sched.h (+11/-0)
src/basic/linux/rtnetlink.h (+1/-1)
src/basic/linux/stddef.h (+46/-0)
src/basic/linux/update.sh (+1/-1)
src/basic/virt.c (+1/-1)
src/boot/efi/boot.c (+5/-2)
src/boot/efi/console.c (+0/-16)
src/boot/efi/cpio.c (+1/-1)
src/boot/efi/meson.build (+11/-2)
src/boot/efi/missing_efi.h (+0/-19)
src/boot/efi/secure-boot.c (+1/-1)
src/boot/efi/util.c (+5/-3)
src/busctl/busctl.c (+19/-2)
src/core/cgroup.c (+1/-1)
src/core/cgroup.h (+1/-0)
src/core/dbus-scope.c (+6/-0)
src/core/execute.c (+17/-0)
src/core/execute.h (+1/-0)
src/core/import-creds.c (+7/-0)
src/core/load-fragment-gperf.gperf.in (+1/-0)
src/core/mount.c (+18/-3)
src/core/scope.c (+20/-3)
src/core/scope.h (+2/-0)
src/core/slice.c (+3/-0)
src/core/swap.c (+1/-1)
src/core/unit.c (+1/-0)
src/cryptsetup/cryptsetup-fido2.c (+72/-57)
src/cryptsetup/cryptsetup-fido2.h (+24/-16)
src/cryptsetup/cryptsetup.c (+27/-42)
src/fundamental/macro-fundamental.h (+1/-0)
src/gpt-auto-generator/gpt-auto-generator.c (+5/-5)
src/import/curl-util.c (+4/-0)
src/import/pull-job.c (+5/-5)
src/journal-remote/microhttpd-util.h (+2/-2)
src/kernel-install/50-depmod.install (+2/-0)
src/libsystemd-network/sd-dhcp-client.c (+18/-20)
src/libsystemd-network/sd-dhcp-lease.c (+4/-4)
src/libsystemd-network/test-ndisc-ra.c (+6/-14)
src/libsystemd-network/test-ndisc-rs.c (+8/-13)
src/libsystemd/sd-device/test-sd-device.c (+8/-7)
src/libsystemd/sd-event/sd-event.c (+6/-1)
src/locale/localed.c (+8/-12)
src/login/logind-dbus.c (+6/-0)
src/network/netdev/l2tp-tunnel.c (+5/-5)
src/network/networkd-address.c (+5/-1)
src/network/networkd-ndisc.c (+11/-10)
src/network/networkd-route.c (+5/-1)
src/nspawn/nspawn-patch-uid.c (+3/-1)
src/partition/growfs.c (+6/-1)
src/resolve/resolvectl.c (+3/-3)
src/resolve/resolved-dns-scope.c (+2/-1)
src/resolve/resolved-dns-search-domain.c (+1/-1)
src/resolve/resolved-dns-server.h (+2/-2)
src/resolve/resolved-varlink.c (+2/-2)
src/shared/bootspec.c (+5/-3)
src/shared/bus-unit-util.c (+3/-0)
src/shared/creds-util.c (+16/-20)
src/shared/generator.c (+10/-1)
src/shared/install.c (+8/-3)
src/shared/install.h (+2/-2)
src/shared/mount-setup.c (+2/-0)
src/shared/sleep-config.c (+15/-17)
src/sleep/sleep.c (+6/-2)
src/test/test-execute.c (+3/-0)
src/test/test-unit-name.c (+3/-1)
src/tmpfiles/tmpfiles.c (+5/-2)
test/TEST-55-OOMD/test.sh (+6/-0)
test/fuzz/fuzz-unit-file/directives.scope (+1/-0)
test/test-functions (+16/-0)
test/test-network/conf/23-bond199.network (+0/-3)
test/test-network/systemd-networkd-tests.py (+19/-3)
test/test-shutdown.py (+1/-1)
test/units/testsuite-26.sh (+1/-1)
test/units/testsuite-55.sh (+3/-0)
test/units/testsuite-64.sh (+6/-5)
test/units/testsuite-65.sh (+10/-0)
test/units/testsuite-73.sh (+14/-3)
test/units/testsuite-74.firstboot.sh (+54/-15)
test/units/testsuite-75.sh (+22/-13)
units/systemd-userdbd.service.in (+1/-1)
Reviewer Review Type Date Requested Status
Lukas Märdian Approve
Review via email: mp+437150@code.launchpad.net

Description of the change

Merge 252.5-2 from Debian unstable, and cherry-pick udev NIC renaming patches for bug 2002445.

PPA build: https://launchpad.net/~enr0n/+archive/ubuntu/systemd/+packages?field.name_filter=systemd&field.status_filter=published&field.series_filter=

autopkgtest:

systemd 252.5-2ubuntu1~ppa2 (ppc64el) -- Pass: https://autopkgtest.staging.ubuntu.com/results/autopkgtest-lunar-enr0n-systemd/lunar/ppc64el/s/systemd/20230209_190022_7d72f@/log.gz
systemd 252.5-2ubuntu1~ppa2 (s390x) -- Fail: https://autopkgtest.staging.ubuntu.com/results/autopkgtest-lunar-enr0n-systemd/lunar/s390x/s/systemd/20230209_201045_7d72f@/log.gz
systemd 252.5-2ubuntu1~ppa2 (amd64) -- Pass: https://autopkgtest.staging.ubuntu.com/results/autopkgtest-lunar-enr0n-systemd/lunar/amd64/s/systemd/20230209_203135_7d72f@/log.gz
systemd 252.5-2ubuntu1~ppa2 (arm64) -- Pass: https://autopkgtest.staging.ubuntu.com/results/autopkgtest-lunar-enr0n-systemd/lunar/arm64/s/systemd/20230210_060852_7d72f@/log.gz

It looks like armhf wasn't triggered on staging, but the previous PPA build passed for armhf:

systemd 252.5-2ubuntu1~ppa1 (armhf) -- Pass: https://autopkgtest.ubuntu.com/results/autopkgtest-lunar-enr0n-systemd/lunar/armhf/s/systemd/20230206_220736_e68eb@/log.gz

I think the s390x failure is flaky. I could not reproduce it in Canonistack, it passed just fine. Also, a previous run on arm64 failed with the same thing, but then passed the next run.

To post a comment you must log in.
Revision history for this message
Nick Rosbrook (enr0n) wrote (last edit ):

We tried the s390x test again in staging, and it still failed: https://autopkgtest.staging.ubuntu.com/results/autopkgtest-lunar-enr0n-systemd/lunar/s390x/s/systemd/20230210_182915_66bf1@/log.gz.

I will try again on Canonistack, but if I can't reproduce it maybe we should skip this test on s390x for now.

Revision history for this message
Lukas Märdian (slyon) wrote :

Thank you for preparing another upload, Nick!

I verified it matches upstream v252.5 and the cherry-picked patches match upstream, too. Kudos for dropping the (unused) systemd-fsckd autopkgtest in Debian!

* d/rules: The "-Dstatus-unit-format-default=combined" flag seems to be a change in behavior (for people parsing the log files...). It seems to be a sensible change, but maybe we should document it somewhere, especially how people could roll it back at runtime, by using a "[Manager] StatusUnitFormat=description" configuration (https://fedoraproject.org/wiki/Changes/Unit_Names_in_Systemd_Messages)

* I'm a bit concerned about the TEST-74-AUX-UTILS. It seems to be a real regression, as that one passed in previous build on s390x. It was touched in "252.4-2" and we should check what/why was done there. The test does not run on Debian at all, so they might have missed this regression:

upstream SKIP Test restriction "isolation-machine" requires testbed capability "isolation-machine"

Let's see what you find from your Canonistack investigation. It passes on non-s390x... But I think the very least we should do is open a bug report with Debian and/or upstream about this failure, before skipping it on s390x.

Other than those remarks this LGTM.

Revision history for this message
Nick Rosbrook (enr0n) wrote :

Lukas and I discussed offline, and decided to skip TEST-74-AUX-UTILS on s390x for now. The test passes just fine on Canonistack s390x, so we think it may be a temporary infrastructure issue.

As for the other comment, I will make sure to mention this change in the Lunar Lobster release notes.

Revision history for this message
Lukas Märdian (slyon) wrote :

Thank you! +1

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/.packit.yml b/.packit.yml
index 1b49ddf..a226252 100644
--- a/.packit.yml
+++ b/.packit.yml
@@ -29,6 +29,11 @@ actions:
29 # cases (see [0]), we can't use -Dc_args=/-Dcpp_args= here because of the29 # cases (see [0]), we can't use -Dc_args=/-Dcpp_args= here because of the
30 # RPM hardening macros, that use $CFLAGS/$CPPFLAGS (see [1]).30 # RPM hardening macros, that use $CFLAGS/$CPPFLAGS (see [1]).
31 #31 #
32 # Remove ukify/new standalone handling, added in 253
33 - "sed -i '/ukify/d' .packit_rpm/split-files.py"
34 - "sed -i '/%files ukify/d' .packit_rpm/systemd.spec"
35 - "sed -i '/%files standalone-repart/d' .packit_rpm/systemd.spec"
36 - "sed -i '/%files standalone-shutdown/d' .packit_rpm/systemd.spec"
32 # [0] https://github.com/mesonbuild/meson/issues/736037 # [0] https://github.com/mesonbuild/meson/issues/7360
33 # [1] https://github.com/systemd/systemd/pull/18908#issuecomment-79225011038 # [1] https://github.com/systemd/systemd/pull/18908#issuecomment-792250110
34 - 'sed -i "/^CONFIGURE_OPTS=(/a--werror" .packit_rpm/systemd.spec'39 - 'sed -i "/^CONFIGURE_OPTS=(/a--werror" .packit_rpm/systemd.spec'
diff --git a/debian/changelog b/debian/changelog
index 8852311..2821604 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,108 @@
1systemd (252.5-2ubuntu1) lunar; urgency=medium
2
3 * Merge 252.5-2 from Debian unstable
4 - Drop test-handle-Debian-s-etc-default-locale-in-testsuite-74.f.patch.
5 Applied upstream: https://github.com/systemd/systemd/commit/9b42646b22
6 File: debian/patches/test-handle-Debian-s-etc-default-locale-in-testsuite-74.f.patch
7 https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=1b0789416172ec60d8086fe2b458b5396bb7e857
8 - Drop test-make-sure-mount-point-exists-in-testsuite-64.sh.patch.
9 Applied upstream: https://github.com/systemd/systemd/commit/07e4787106
10 File: debian/patches/test-make-sure-mount-point-exists-in-testsuite-64.sh.patch
11 https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=f97b2d5ae1a1f35668c4648f1c7fc715a588de50
12 - Drop test-remove-no-longer-needed-quirk-for-set-locale-on-Debi.patch.
13 Fixed upstream: https://github.com/systemd/systemd-stable/commit/1c325f6d7f
14 File: debian/patches/test-remove-no-longer-needed-quirk-for-set-locale-on-Debi.patch
15 https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5f85226d61393c08d7ea51c2f28db7fd4c79bcc6
16 * udev: avoid NIC renaming race with kernel (LP: #2002445)
17 Files:
18 - debian/patches/lp2002445-sd-netlink-add-a-test-for-rtnl_set_link_name.patch
19 - debian/patches/lp2002445-sd-netlink-do-not-swap-old-name-and-alternative-name.patch
20 - debian/patches/lp2002445-sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch
21 - debian/patches/lp2002445-test-network-add-a-test-for-renaming-device-to-current-al.patch
22 - debian/patches/lp2002445-udev-attempt-device-rename-even-if-interface-is-up.patch
23 - debian/patches/lp2002445-udev-net-allow-new-link-name-as-an-altname-before-renamin.patch
24 https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=58d29c2b376f03c44ed5a719877c95b332018cdc
25 * Deny-list TEST-74-AUX-UTILS on s390x.
26 Since this currently is only known to fail on the autopkgtest
27 infrastructure, we believe this is a temporary issue.
28 File: debian/patches/Deny-list-TEST-74-AUX-UTILS-on-s390x.patch
29 https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a3a059d86e2fe3a104419ae2afcab557171f9809
30
31 -- Nick Rosbrook <nick.rosbrook@canonical.com> Tue, 14 Feb 2023 11:52:31 -0500
32
33systemd (252.5-2) unstable; urgency=medium
34
35 * Fix boot-and-services autopkgtest.
36
37 -- Luca Boccassi <bluca@debian.org> Mon, 30 Jan 2023 01:03:48 +0000
38
39systemd (252.5-1) unstable; urgency=medium
40
41 [ Nick Rosbrook ]
42 * debian/tests: remove systemd-fsckd autopkgtest. This test never runs
43 in Debian autopkgtest because of missing machine isolation
44 requirements, and it nevers runs in Ubuntu because: SKIP: root file
45 system is being checked by initramfs already Since the test is not
46 providing any good feedback, and generally has not been maintained,
47 let's just remove it.
48
49 [ Luca Boccassi ]
50 * New upstream version 252.5
51 * Drop patches merged in v252.5
52 * Refresh patches
53 * Set default status format to 'combined': show both unit name and
54 description in logs/boot messages
55
56 -- Luca Boccassi <bluca@debian.org> Sun, 29 Jan 2023 19:39:28 +0000
57
58systemd (252.4-2) unstable; urgency=medium
59
60 [ Michael Biebl ]
61 * Refresh patches
62 * Tweak description of systemd and systemd-sysv package.
63 Remove redundancy and de-emphasize sysvinit.
64 * autopkgtest: add psmsic to upstream suite.
65 Needed for the killall binary.
66 See https://github.com/systemd/systemd/pull/24569
67 * autopkgtest: add xkb-data, locales and locales-all to upstream suite.
68 Use locales-all so all necessary locales can be installed into the test
69 image without having to generate them on-the-fly.
70 See https://github.com/systemd/systemd/pull/23709
71 * autopkgtest: prefer knot-dnssecutils over knot-dnsutils for upstream
72 suite.
73 The kzonecheck utility required by TEST-75-RESOLVED was split out from
74 knot-dnsutils into knot-dnssecutils so update the test dependencies
75 accordingly. Keep knot-dnsutils as alternative dependency to make
76 backports easier.
77 * Cherry-pick upstream fixes for TEST-74-AUX-UTILS
78 * Cherry-pick upstream fix for TEST-73-LOCALE
79 * Skip firstboot --prompt-keymap check in TEST-74-AUX-UTILS.
80 This test requires compatible keymaps from kbd which are not available
81 in Debian.
82
83 [ Luca Boccassi ]
84 * autopkgtest: add netlabel-tools to networkd-test.py suite.
85 The netlabelctl tool is needed to test the NetLabel integration.
86 See https://github.com/systemd/systemd/pull/23888
87 * autopkgtest: add bsdutils to upstream suite.
88 The logger utility is now used in TEST-04-JOURNAL.
89 See https://github.com/systemd/systemd/pull/23086
90 * autopkgtest: add knot, knot-dnsutils, bind9-dnsutils, bind9-host to
91 upstream suite.
92 Needed by TEST-75-RESOLVED.
93 See https://github.com/systemd/systemd/pull/23104
94 * autopkgtest: add jq to upstream suite.
95 Needed by TEST-58-REPART.
96 See https://github.com/systemd/systemd/pull/24572
97 * autopkgtest: add mtools to upstream suite.
98 Needed by TEST-58-REPART.
99 See https://github.com/systemd/systemd/pull/24944
100 * autopkgtest: add erofs-utils to upstream suite.
101 Needed by TEST-58-REPART.
102 See https://github.com/systemd/systemd/pull/25686
103
104 -- Michael Biebl <biebl@debian.org> Wed, 25 Jan 2023 09:17:24 +0100
105
1systemd (252.4-1ubuntu1) lunar; urgency=medium106systemd (252.4-1ubuntu1) lunar; urgency=medium
2107
3 * Drop oomd-fix-unreachable-test-case-in-test-oomd-util.patch.108 * Drop oomd-fix-unreachable-test-case-in-test-oomd-util.patch.
diff --git a/debian/control b/debian/control
index 812a8c5..c84c218 100644
--- a/debian/control
+++ b/debian/control
@@ -118,9 +118,6 @@ Description: system and service manager
118 Linux control groups, maintains mount and automount points and implements an118 Linux control groups, maintains mount and automount points and implements an
119 elaborate transactional dependency-based service control logic.119 elaborate transactional dependency-based service control logic.
120 .120 .
121 systemd is compatible with SysV and LSB init scripts and can work as a
122 drop-in replacement for sysvinit.
123 .
124 Installing the systemd package will not switch your init system unless you121 Installing the systemd package will not switch your init system unless you
125 boot with init=/lib/systemd/systemd or install systemd-sysv in addition.122 boot with init=/lib/systemd/systemd or install systemd-sysv in addition.
126123
@@ -137,19 +134,11 @@ Depends: systemd (= ${binary:Version}),
137 ${misc:Depends}134 ${misc:Depends}
138Recommends: libpam-systemd,135Recommends: libpam-systemd,
139 libnss-systemd136 libnss-systemd
140Description: system and service manager - SysV links137Description: system and service manager - SysV compatibility symlinks
141 systemd is a system and service manager for Linux. It provides aggressive138 This package provides manual pages and compatibility symlinks needed for
142 parallelization capabilities, uses socket and D-Bus activation for starting139 systemd to replace sysvinit.
143 services, offers on-demand starting of daemons, keeps track of processes using
144 Linux control groups, maintains mount and automount points and implements an
145 elaborate transactional dependency-based service control logic.
146 .
147 systemd is compatible with SysV and LSB init scripts and can work as a
148 drop-in replacement for sysvinit.
149 .140 .
150 This package provides the manual pages and links needed for systemd141 Installing systemd-sysv will overwrite /sbin/init with a symlink to systemd.
151 to replace sysvinit. Installing systemd-sysv will overwrite /sbin/init with a
152 link to systemd.
153142
154Package: systemd-container143Package: systemd-container
155Build-Profiles: <!stage1>144Build-Profiles: <!stage1>
diff --git a/debian/patches/Deny-list-TEST-74-AUX-UTILS-on-s390x.patch b/debian/patches/Deny-list-TEST-74-AUX-UTILS-on-s390x.patch
156new file mode 100644145new file mode 100644
index 0000000..f230a88
--- /dev/null
+++ b/debian/patches/Deny-list-TEST-74-AUX-UTILS-on-s390x.patch
@@ -0,0 +1,16 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Tue, 14 Feb 2023 11:43:42 -0500
3Subject: Deny-list TEST-74-AUX-UTILS on s390x
4
5---
6 test/TEST-74-AUX-UTILS/deny-list-upstream-ci-s390x | 1 +
7 1 file changed, 1 insertion(+)
8 create mode 100644 test/TEST-74-AUX-UTILS/deny-list-upstream-ci-s390x
9
10diff --git a/test/TEST-74-AUX-UTILS/deny-list-upstream-ci-s390x b/test/TEST-74-AUX-UTILS/deny-list-upstream-ci-s390x
11new file mode 100644
12index 0000000..b7bd53b
13--- /dev/null
14+++ b/test/TEST-74-AUX-UTILS/deny-list-upstream-ci-s390x
15@@ -0,0 +1 @@
16+# Currently failing on autopkgtest infra, but appears to be a temporary issue.
diff --git a/debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch b/debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch
index 29b6fa8..7f02cc3 100644
--- a/debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch
+++ b/debian/patches/debian/Downgrade-a-couple-of-warnings-to-debug.patch
@@ -51,10 +51,10 @@ index 3c5df6c..24eff86 100644
51 "Please update package to include a native systemd unit file, in order to make it more safe and robust.", fpath);51 "Please update package to include a native systemd unit file, in order to make it more safe and robust.", fpath);
52 52
53diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c53diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
54index 18bb757..1f60913 10064454index 3501ccf..d8423dd 100644
55--- a/src/tmpfiles/tmpfiles.c55--- a/src/tmpfiles/tmpfiles.c
56+++ b/src/tmpfiles/tmpfiles.c56+++ b/src/tmpfiles/tmpfiles.c
57@@ -2987,6 +2987,7 @@ static int specifier_expansion_from_arg(const Specifier *specifier_table, Item *57@@ -2990,6 +2990,7 @@ static int specifier_expansion_from_arg(const Specifier *specifier_table, Item *
58 static int patch_var_run(const char *fname, unsigned line, char **path) {58 static int patch_var_run(const char *fname, unsigned line, char **path) {
59 const char *k;59 const char *k;
60 char *n;60 char *n;
@@ -62,7 +62,7 @@ index 18bb757..1f60913 100644
62 62
63 assert(path);63 assert(path);
64 assert(*path);64 assert(*path);
65@@ -3012,7 +3013,8 @@ static int patch_var_run(const char *fname, unsigned line, char **path) {65@@ -3015,7 +3016,8 @@ static int patch_var_run(const char *fname, unsigned line, char **path) {
66 /* Also log about this briefly. We do so at LOG_NOTICE level, as we fixed up the situation automatically, hence66 /* Also log about this briefly. We do so at LOG_NOTICE level, as we fixed up the situation automatically, hence
67 * there's no immediate need for action by the user. However, in the interest of making things less confusing67 * there's no immediate need for action by the user. However, in the interest of making things less confusing
68 * to the user, let's still inform the user that these snippets should really be updated. */68 * to the user, let's still inform the user that these snippets should really be updated. */
diff --git a/debian/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch b/debian/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch
index 6f4d2ac..4ab8117 100644
--- a/debian/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch
+++ b/debian/patches/debian/Make-run-lock-tmpfs-an-API-fs.patch
@@ -15,6 +15,8 @@ Closes: #751392
15 tmpfiles.d/legacy.conf.in | 1 -15 tmpfiles.d/legacy.conf.in | 1 -
16 2 files changed, 2 insertions(+), 1 deletion(-)16 2 files changed, 2 insertions(+), 1 deletion(-)
1717
18diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c
19index 6882b62..c54e632 100644
18--- a/src/shared/mount-setup.c20--- a/src/shared/mount-setup.c
19+++ b/src/shared/mount-setup.c21+++ b/src/shared/mount-setup.c
20@@ -86,6 +86,8 @@22@@ -86,6 +86,8 @@
diff --git a/debian/patches/debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch b/debian/patches/debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch
index 0410005..deafad8 100644
--- a/debian/patches/debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch
+++ b/debian/patches/debian/Revert-core-one-step-back-again-for-nspawn-we-actual.patch
@@ -14,7 +14,7 @@ Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1141137
14 1 file changed, 1 insertion(+), 10 deletions(-)14 1 file changed, 1 insertion(+), 10 deletions(-)
1515
16diff --git a/src/core/unit.c b/src/core/unit.c16diff --git a/src/core/unit.c b/src/core/unit.c
17index bed5544..48d76f2 10064417index 3ac56c1..3b73c7c 100644
18--- a/src/core/unit.c18--- a/src/core/unit.c
19+++ b/src/core/unit.c19+++ b/src/core/unit.c
20@@ -4615,16 +4615,7 @@ int unit_kill_context(20@@ -4615,16 +4615,7 @@ int unit_kill_context(
diff --git a/debian/patches/lp2002445-sd-netlink-add-a-test-for-rtnl_set_link_name.patch b/debian/patches/lp2002445-sd-netlink-add-a-test-for-rtnl_set_link_name.patch
21new file mode 10064421new file mode 100644
index 0000000..8d9f0b3
--- /dev/null
+++ b/debian/patches/lp2002445-sd-netlink-add-a-test-for-rtnl_set_link_name.patch
@@ -0,0 +1,72 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Tue, 22 Nov 2022 17:01:47 -0500
3Subject: sd-netlink: add a test for rtnl_set_link_name()
4
5Origin: upstream, https://github.com/systemd/systemd/commit/b338a8bb40
6Bug-Ubuntu: https://launchpad.net/bugs/2002445
7
8Add a test that verifies a deleted alternative name is restored on error
9in rtnl_set_link_name().
10---
11 src/libsystemd/sd-netlink/test-netlink.c | 27 +++++++++++++++++++++++++++
12 1 file changed, 27 insertions(+)
13
14diff --git a/src/libsystemd/sd-netlink/test-netlink.c b/src/libsystemd/sd-netlink/test-netlink.c
15index 3f74ecc..2d93f9e 100644
16--- a/src/libsystemd/sd-netlink/test-netlink.c
17+++ b/src/libsystemd/sd-netlink/test-netlink.c
18@@ -8,6 +8,7 @@
19 #include <linux/if_macsec.h>
20 #include <linux/l2tp.h>
21 #include <linux/nl80211.h>
22+#include <unistd.h>
23
24 #include "sd-netlink.h"
25
26@@ -16,6 +17,7 @@
27 #include "macro.h"
28 #include "netlink-genl.h"
29 #include "netlink-internal.h"
30+#include "netlink-util.h"
31 #include "socket-util.h"
32 #include "stdio-util.h"
33 #include "string-util.h"
34@@ -667,6 +669,30 @@ static void test_genl(void) {
35 }
36 }
37
38+static void test_rtnl_set_link_name(sd_netlink *rtnl, int ifindex) {
39+ _cleanup_strv_free_ char **alternative_names = NULL;
40+ int r;
41+
42+ log_debug("/* %s */", __func__);
43+
44+ if (geteuid() != 0)
45+ return (void) log_tests_skipped("not root");
46+
47+ /* Test that the new name (which is currently an alternative name) is
48+ * restored as an alternative name on error. Create an error by using
49+ * an invalid device name, namely one that exceeds IFNAMSIZ
50+ * (alternative names can exceed IFNAMSIZ, but not regular names). */
51+ r = rtnl_set_link_alternative_names(&rtnl, ifindex, STRV_MAKE("testlongalternativename"));
52+ if (r == -EPERM)
53+ return (void) log_tests_skipped("missing required capabilities");
54+
55+ assert_se(r >= 0);
56+ assert_se(rtnl_set_link_name(&rtnl, ifindex, "testlongalternativename") == -EINVAL);
57+ assert_se(rtnl_get_link_alternative_names(&rtnl, ifindex, &alternative_names) >= 0);
58+ assert_se(strv_contains(alternative_names, "testlongalternativename"));
59+ assert_se(rtnl_delete_link_alternative_names(&rtnl, ifindex, STRV_MAKE("testlongalternativename")) >= 0);
60+}
61+
62 int main(void) {
63 sd_netlink *rtnl;
64 sd_netlink_message *m;
65@@ -698,6 +724,7 @@ int main(void) {
66 test_pipe(if_loopback);
67 test_event_loop(if_loopback);
68 test_link_configure(rtnl, if_loopback);
69+ test_rtnl_set_link_name(rtnl, if_loopback);
70
71 test_get_addresses(rtnl);
72 test_message_link_bridge(rtnl);
diff --git a/debian/patches/lp2002445-sd-netlink-do-not-swap-old-name-and-alternative-name.patch b/debian/patches/lp2002445-sd-netlink-do-not-swap-old-name-and-alternative-name.patch
0new file mode 10064473new file mode 100644
index 0000000..2388bf2
--- /dev/null
+++ b/debian/patches/lp2002445-sd-netlink-do-not-swap-old-name-and-alternative-name.patch
@@ -0,0 +1,62 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Fri, 2 Dec 2022 15:26:18 -0500
3Subject: sd-netlink: do not swap old name and alternative name
4
5Origin: upstream, https://github.com/systemd/systemd/commit/080afbb57c
6Bug-Ubuntu: https://launchpad.net/bugs/2002445
7
8Commit 434a348380 ("netlink: do not fail when new interface name is
9already used as an alternative name") added logic to set the old
10interface name as an alternative name, but only when the new name is
11currently an alternative name. This is not the desired outcome in most
12cases, and the important part of this commit was to delete the new name
13from the list of alternative names if necessary.
14---
15 src/libsystemd/sd-netlink/netlink-util.c | 13 -------------
16 1 file changed, 13 deletions(-)
17
18diff --git a/src/libsystemd/sd-netlink/netlink-util.c b/src/libsystemd/sd-netlink/netlink-util.c
19index 12cdc99..6b4c25f 100644
20--- a/src/libsystemd/sd-netlink/netlink-util.c
21+++ b/src/libsystemd/sd-netlink/netlink-util.c
22@@ -3,7 +3,6 @@
23 #include "sd-netlink.h"
24
25 #include "fd-util.h"
26-#include "format-util.h"
27 #include "io-util.h"
28 #include "memory-util.h"
29 #include "netlink-internal.h"
30@@ -15,7 +14,6 @@
31 int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) {
32 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL;
33 _cleanup_strv_free_ char **alternative_names = NULL;
34- char old_name[IF_NAMESIZE] = {};
35 int r;
36
37 assert(rtnl);
38@@ -35,10 +33,6 @@ int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) {
39 if (r < 0)
40 return log_debug_errno(r, "Failed to remove '%s' from alternative names on network interface %i: %m",
41 name, ifindex);
42-
43- r = format_ifname(ifindex, old_name);
44- if (r < 0)
45- return log_debug_errno(r, "Failed to get current name of network interface %i: %m", ifindex);
46 }
47
48 r = sd_rtnl_message_new_link(*rtnl, &message, RTM_SETLINK, ifindex);
49@@ -53,13 +47,6 @@ int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) {
50 if (r < 0)
51 return r;
52
53- if (!isempty(old_name)) {
54- r = rtnl_set_link_alternative_names(rtnl, ifindex, STRV_MAKE(old_name));
55- if (r < 0)
56- log_debug_errno(r, "Failed to set '%s' as an alternative name on network interface %i, ignoring: %m",
57- old_name, ifindex);
58- }
59-
60 return 0;
61 }
62
diff --git a/debian/patches/lp2002445-sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch b/debian/patches/lp2002445-sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch
0new file mode 10064463new file mode 100644
index 0000000..07ca306
--- /dev/null
+++ b/debian/patches/lp2002445-sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch
@@ -0,0 +1,64 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Wed, 2 Nov 2022 05:36:14 -0400
3Subject: sd-netlink: restore altname on error in rtnl_set_link_name
4
5Origin: upstream, https://github.com/systemd/systemd/commit/4d600667f8
6Bug-Ubuntu: https://launchpad.net/bugs/2002445
7
8If a current alternative name is to be used to rename a network
9interface, the alternative name must be removed first. If interface
10renaming fails, restore the alternative name that was deleted if
11necessary.
12---
13 src/libsystemd/sd-netlink/netlink-util.c | 19 ++++++++++++++++---
14 1 file changed, 16 insertions(+), 3 deletions(-)
15
16diff --git a/src/libsystemd/sd-netlink/netlink-util.c b/src/libsystemd/sd-netlink/netlink-util.c
17index 6b4c25f..cfcf257 100644
18--- a/src/libsystemd/sd-netlink/netlink-util.c
19+++ b/src/libsystemd/sd-netlink/netlink-util.c
20@@ -14,6 +14,7 @@
21 int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) {
22 _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL;
23 _cleanup_strv_free_ char **alternative_names = NULL;
24+ bool altname_deleted = false;
25 int r;
26
27 assert(rtnl);
28@@ -33,21 +34,33 @@ int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) {
29 if (r < 0)
30 return log_debug_errno(r, "Failed to remove '%s' from alternative names on network interface %i: %m",
31 name, ifindex);
32+
33+ altname_deleted = true;
34 }
35
36 r = sd_rtnl_message_new_link(*rtnl, &message, RTM_SETLINK, ifindex);
37 if (r < 0)
38- return r;
39+ goto fail;
40
41 r = sd_netlink_message_append_string(message, IFLA_IFNAME, name);
42 if (r < 0)
43- return r;
44+ goto fail;
45
46 r = sd_netlink_call(*rtnl, message, 0, NULL);
47 if (r < 0)
48- return r;
49+ goto fail;
50
51 return 0;
52+
53+fail:
54+ if (altname_deleted) {
55+ int q = rtnl_set_link_alternative_names(rtnl, ifindex, STRV_MAKE(name));
56+ if (q < 0)
57+ log_debug_errno(q, "Failed to restore '%s' as an alternative name on network interface %i, ignoring: %m",
58+ name, ifindex);
59+ }
60+
61+ return r;
62 }
63
64 int rtnl_set_link_properties(
diff --git a/debian/patches/lp2002445-test-network-add-a-test-for-renaming-device-to-current-al.patch b/debian/patches/lp2002445-test-network-add-a-test-for-renaming-device-to-current-al.patch
0new file mode 10064465new file mode 100644
index 0000000..bea8407
--- /dev/null
+++ b/debian/patches/lp2002445-test-network-add-a-test-for-renaming-device-to-current-al.patch
@@ -0,0 +1,48 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Wed, 7 Dec 2022 12:28:28 -0500
3Subject: test-network: add a test for renaming device to current altname
4
5Origin: upstream, https://github.com/systemd/systemd/commit/f68f644a16
6Bug-Ubuntu: https://launchpad.net/bugs/2002445
7
8---
9 test/test-network/conf/12-dummy-rename-to-altname.link | 7 +++++++
10 test/test-network/systemd-networkd-tests.py | 11 +++++++++++
11 2 files changed, 18 insertions(+)
12 create mode 100644 test/test-network/conf/12-dummy-rename-to-altname.link
13
14diff --git a/test/test-network/conf/12-dummy-rename-to-altname.link b/test/test-network/conf/12-dummy-rename-to-altname.link
15new file mode 100644
16index 0000000..bef4bf3
17--- /dev/null
18+++ b/test/test-network/conf/12-dummy-rename-to-altname.link
19@@ -0,0 +1,7 @@
20+# SPDX-License-Identifier: LGPL-2.1-or-later
21+[Match]
22+OriginalName=dummy98
23+
24+[Link]
25+Name=dummyalt
26+AlternativeName=dummyalt hogehogehogehogehogehoge
27diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py
28index 5a731f5..a04f302 100755
29--- a/test/test-network/systemd-networkd-tests.py
30+++ b/test/test-network/systemd-networkd-tests.py
31@@ -936,6 +936,17 @@ class NetworkctlTests(unittest.TestCase, Utilities):
32 output = check_output(*networkctl_cmd, '-n', '0', 'status', 'dummy98', env=env)
33 self.assertRegex(output, 'hogehogehogehogehogehoge')
34
35+ @expectedFailureIfAlternativeNameIsNotAvailable()
36+ def test_rename_to_altname(self):
37+ copy_network_unit('26-netdev-link-local-addressing-yes.network',
38+ '12-dummy.netdev', '12-dummy-rename-to-altname.link')
39+ start_networkd()
40+ self.wait_online(['dummyalt:degraded'])
41+
42+ output = check_output(*networkctl_cmd, '-n', '0', 'status', 'dummyalt', env=env)
43+ self.assertIn('hogehogehogehogehogehoge', output)
44+ self.assertNotIn('dummy98', output)
45+
46 def test_reconfigure(self):
47 copy_network_unit('25-address-static.network', '12-dummy.netdev')
48 start_networkd()
diff --git a/debian/patches/lp2002445-udev-attempt-device-rename-even-if-interface-is-up.patch b/debian/patches/lp2002445-udev-attempt-device-rename-even-if-interface-is-up.patch
0new file mode 10064449new file mode 100644
index 0000000..4e0240e
--- /dev/null
+++ b/debian/patches/lp2002445-udev-attempt-device-rename-even-if-interface-is-up.patch
@@ -0,0 +1,63 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Fri, 2 Dec 2022 15:35:25 -0500
3Subject: udev: attempt device rename even if interface is up
4
5Origin: upstream, https://github.com/systemd/systemd/commit/53584e7b61
6Bug-Ubuntu: https://launchpad.net/bugs/2002445
7
8Currently rename_netif() will not attempt to rename a device if it is
9already up, because the kernel will return -EBUSY unless live renaming
10is allowed on the device. This restriction will be removed in a future
11kernel version [1].
12
13To cover both cases, always attempt to rename the interface and return 0
14if we get -EBUSY.
15
16[1] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=bd039b5ea2a9
17---
18 src/udev/udev-event.c | 18 ++++++------------
19 1 file changed, 6 insertions(+), 12 deletions(-)
20
21diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c
22index b3d92d5..08d69cf 100644
23--- a/src/udev/udev-event.c
24+++ b/src/udev/udev-event.c
25@@ -862,7 +862,6 @@ int udev_event_spawn(
26 static int rename_netif(UdevEvent *event) {
27 const char *oldname;
28 sd_device *dev;
29- unsigned flags;
30 int ifindex, r;
31
32 assert(event);
33@@ -896,17 +895,7 @@ static int rename_netif(UdevEvent *event) {
34 return 0;
35 }
36
37- r = rtnl_get_link_info(&event->rtnl, ifindex, NULL, &flags, NULL, NULL, NULL);
38- if (r < 0)
39- return log_device_warning_errno(dev, r, "Failed to get link flags: %m");
40-
41- if (FLAGS_SET(flags, IFF_UP)) {
42- log_device_info(dev, "Network interface '%s' is already up, refusing to rename to '%s'.",
43- oldname, event->name);
44- return 0;
45- }
46-
47- /* Set ID_RENAMING boolean property here, and drop it in the corresponding move uevent later. */
48+ /* Set ID_RENAMING boolean property here. It will be dropped when the corresponding move uevent is processed. */
49 r = device_add_property(dev, "ID_RENAMING", "1");
50 if (r < 0)
51 return log_device_warning_errno(dev, r, "Failed to add 'ID_RENAMING' property: %m");
52@@ -927,6 +916,11 @@ static int rename_netif(UdevEvent *event) {
53 return log_device_debug_errno(event->dev_db_clone, r, "Failed to update database under /run/udev/data/: %m");
54
55 r = rtnl_set_link_name(&event->rtnl, ifindex, event->name);
56+ if (r == -EBUSY) {
57+ log_device_info(dev, "Network interface '%s' is already up, cannot rename to '%s'.",
58+ oldname, event->name);
59+ return 0;
60+ }
61 if (r < 0)
62 return log_device_error_errno(dev, r, "Failed to rename network interface %i from '%s' to '%s': %m",
63 ifindex, oldname, event->name);
diff --git a/debian/patches/lp2002445-udev-net-allow-new-link-name-as-an-altname-before-renamin.patch b/debian/patches/lp2002445-udev-net-allow-new-link-name-as-an-altname-before-renamin.patch
0new file mode 10064464new file mode 100644
index 0000000..0b78d7f
--- /dev/null
+++ b/debian/patches/lp2002445-udev-net-allow-new-link-name-as-an-altname-before-renamin.patch
@@ -0,0 +1,34 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Wed, 2 Nov 2022 11:05:01 -0400
3Subject: udev/net: allow new link name as an altname before renaming happens
4
5Origin: upstream, https://github.com/systemd/systemd/commit/d0b31efc1a
6Bug-Ubuntu: https://launchpad.net/bugs/2002445
7
8When configuring a link's alternative names, the link's new name to-be
9is not allowed to be included because interface renaming will fail if
10the new name is already present as an alternative name. However,
11rtnl_set_link_name will delete the conflicting alternative name before
12renaming the device, if necessary.
13
14Allow the new link name to be set as an alternative name before the
15device is renamed. This means that if the rename is later skipped (i.e.
16because the link is already up), then the name can at least still be
17present as an alternative name.
18---
19 src/udev/net/link-config.c | 2 --
20 1 file changed, 2 deletions(-)
21
22diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c
23index e408725..5d28526 100644
24--- a/src/udev/net/link-config.c
25+++ b/src/udev/net/link-config.c
26@@ -841,8 +841,6 @@ static int link_apply_alternative_names(Link *link, sd_netlink **rtnl) {
27 }
28 }
29
30- if (link->new_name)
31- strv_remove(altnames, link->new_name);
32 strv_remove(altnames, link->ifname);
33
34 r = rtnl_get_link_alternative_names(rtnl, link->ifindex, &current_altnames);
diff --git a/debian/patches/p11kit-switch-to-dlopen.patch b/debian/patches/p11kit-switch-to-dlopen.patch
index 0cdb8c3..d9fd919 100644
--- a/debian/patches/p11kit-switch-to-dlopen.patch
+++ b/debian/patches/p11kit-switch-to-dlopen.patch
@@ -718,10 +718,10 @@ index 85dbb81..55728c2 100644
718 }718 }
719 719
720diff --git a/test/test-functions b/test/test-functions720diff --git a/test/test-functions b/test/test-functions
721index 5613215..7f0ab56 100644721index ae0a993..be3b686 100644
722--- a/test/test-functions722--- a/test/test-functions
723+++ b/test/test-functions723+++ b/test/test-functions
724@@ -1275,7 +1275,7 @@ install_missing_libraries() {724@@ -1276,7 +1276,7 @@ install_missing_libraries() {
725 local lib path725 local lib path
726 # A number of dependencies is now optional via dlopen, so the install726 # A number of dependencies is now optional via dlopen, so the install
727 # script will not pick them up, since it looks at linkage.727 # script will not pick them up, since it looks at linkage.
@@ -730,7 +730,7 @@ index 5613215..7f0ab56 100644
730 ddebug "Searching for $lib via pkg-config"730 ddebug "Searching for $lib via pkg-config"
731 if pkg-config --exists "$lib"; then731 if pkg-config --exists "$lib"; then
732 path="$(pkg-config --variable=libdir "$lib")"732 path="$(pkg-config --variable=libdir "$lib")"
733@@ -1287,6 +1287,10 @@ install_missing_libraries() {733@@ -1288,6 +1288,10 @@ install_missing_libraries() {
734 if ! [[ ${lib} =~ ^lib ]]; then734 if ! [[ ${lib} =~ ^lib ]]; then
735 lib="lib${lib}"735 lib="lib${lib}"
736 fi736 fi
diff --git a/debian/patches/series b/debian/patches/series
index 663fefb..654d909 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -37,9 +37,6 @@ debian/UBUNTU-Don-t-override-Ubuntu-s-default-sysctl-values-LP-1962038.patch
37test-increase-QEMU_MEM-for-some-tests.patch37test-increase-QEMU_MEM-for-some-tests.patch
38lp1981042-core-firstboot-workaround-timezone-issues-caused-by-Ubunt.patch38lp1981042-core-firstboot-workaround-timezone-issues-caused-by-Ubunt.patch
39test-denylist-TEST-29-PORTABLE-again.patch39test-denylist-TEST-29-PORTABLE-again.patch
40test-remove-no-longer-needed-quirk-for-set-locale-on-Debi.patch
41test-make-sure-mount-point-exists-in-testsuite-64.sh.patch
42test-handle-Debian-s-etc-default-locale-in-testsuite-74.f.patch
43test-skip-some-tests-when-machine-id-is-not-initialized.patch40test-skip-some-tests-when-machine-id-is-not-initialized.patch
44lp1999275-stat-util-introduce-fd_is_read_only_fs.patch41lp1999275-stat-util-introduce-fd_is_read_only_fs.patch
45lp1999275-binfmt-util-split-out-binfmt_mounted.patch42lp1999275-binfmt-util-split-out-binfmt_mounted.patch
@@ -47,3 +44,10 @@ lp1999275-binfmt-util-also-check-if-binfmt-is-mounted-in-read-write.patch
47lp1999275-binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch44lp1999275-binfmt-check-if-binfmt-is-mounted-before-applying-rules.patch
48lp1999275-unit-check-more-specific-path-to-be-written-by-systemd-bi.patch45lp1999275-unit-check-more-specific-path-to-be-written-by-systemd-bi.patch
49debian/Skip-flaky-test_resolved_domain_restricted_dns-in-network.patch46debian/Skip-flaky-test_resolved_domain_restricted_dns-in-network.patch
47lp2002445-udev-net-allow-new-link-name-as-an-altname-before-renamin.patch
48lp2002445-sd-netlink-do-not-swap-old-name-and-alternative-name.patch
49lp2002445-sd-netlink-restore-altname-on-error-in-rtnl_set_link_name.patch
50lp2002445-udev-attempt-device-rename-even-if-interface-is-up.patch
51lp2002445-sd-netlink-add-a-test-for-rtnl_set_link_name.patch
52lp2002445-test-network-add-a-test-for-renaming-device-to-current-al.patch
53Deny-list-TEST-74-AUX-UTILS-on-s390x.patch
diff --git a/debian/patches/test-handle-Debian-s-etc-default-locale-in-testsuite-74.f.patch b/debian/patches/test-handle-Debian-s-etc-default-locale-in-testsuite-74.f.patch
50deleted file mode 10064454deleted file mode 100644
index e192136..0000000
--- a/debian/patches/test-handle-Debian-s-etc-default-locale-in-testsuite-74.f.patch
+++ /dev/null
@@ -1,107 +0,0 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Tue, 22 Nov 2022 12:50:33 -0500
3Subject: test: handle Debian's /etc/default/locale in
4 testsuite-74.firstboot.sh
5
6Origin: upstream, https://github.com/systemd/systemd/commit/bb59fdc1e3a7119f3680d309147020fce9bf67b5
7
8This handles a Debian-specific quirk where /etc/default/locale is used
9instead of /etc/locale.conf. There is currently special handling for
10this in testsuite-73.sh, so the quirk should be handled here too for
11consistency.
12
13This patch was modified to apply to v251.1.
14---
15 test/units/testsuite-74.firstboot.sh | 40 ++++++++++++++++--------------------
16 1 file changed, 18 insertions(+), 22 deletions(-)
17
18diff --git a/test/units/testsuite-74.firstboot.sh b/test/units/testsuite-74.firstboot.sh
19index 02f9f5c..1bcc3da 100755
20--- a/test/units/testsuite-74.firstboot.sh
21+++ b/test/units/testsuite-74.firstboot.sh
22@@ -24,6 +24,12 @@ ROOT_HASHED_PASSWORD1='$6$foobarsalt$YbwdaATX6IsFxvWbY3QcZj2gB31R/LFRFrjlFrJtTTq
23 # shellcheck disable=SC2016
24 ROOT_HASHED_PASSWORD2='$6$foobarsalt$q.P2932zYMLbKnjFwIxPI8y3iuxeuJ2BgE372LcZMMnj3Gcg/9mJg2LPKUl.ha0TG/.fRNNnRQcLfzM0SNot3.'
25
26+# Debian and Ubuntu use /etc/default/locale instead of /etc/locale.conf. Make
27+# sure we use the appropriate path for locale configuration.
28+LOCALE_PATH="/etc/locale.conf"
29+[ -e "$LOCALE_PATH" ] || LOCALE_PATH="/etc/default/locale"
30+[ -e "$LOCALE_PATH" ] || systemd-firstboot --locale=C.UTF-8
31+
32 # Create a minimal root so we don't modify the testbed
33 ROOT=test-root
34 mkdir -p "$ROOT/bin"
35@@ -31,15 +37,15 @@ mkdir -p "$ROOT/bin"
36 touch "$ROOT/bin/fooshell" "$ROOT/bin/barshell"
37
38 systemd-firstboot --root="$ROOT" --locale=foo
39-grep -q "LANG=foo" "$ROOT/etc/locale.conf"
40-rm -fv "$ROOT/etc/locale.conf"
41+grep -q "LANG=foo" "$ROOT$LOCALE_PATH"
42+rm -fv "$ROOT$LOCALE_PATH"
43 # FIXME: https://github.com/systemd/systemd/issues/25249
44 #systemd-firstboot --root="$ROOT" --locale-messages=foo
45-#grep -q "LC_MESSAGES=foo" "$ROOT/etc/locale.conf"
46-#rm -fv "$ROOT/etc/locale.conf"
47+#grep -q "LC_MESSAGES=foo" "$ROOT$LOCALE_PATH"
48+#rm -fv "$ROOT$LOCALE_PATH"
49 systemd-firstboot --root="$ROOT" --locale=foo --locale-messages=bar
50-grep -q "LANG=foo" "$ROOT/etc/locale.conf"
51-grep -q "LC_MESSAGES=bar" "$ROOT/etc/locale.conf"
52+grep -q "LANG=foo" "$ROOT$LOCALE_PATH"
53+grep -q "LC_MESSAGES=bar" "$ROOT$LOCALE_PATH"
54
55 systemd-firstboot --root="$ROOT" --keymap=foo
56 grep -q "KEYMAP=foo" "$ROOT/etc/vconsole.conf"
57@@ -83,8 +89,8 @@ systemd-firstboot --root="$ROOT" \
58 --root-password-hashed="$ROOT_HASHED_PASSWORD2" \
59 --root-shell=/bin/barshell \
60 --kernel-command-line="hello.world=0"
61-grep -q "LANG=foo" "$ROOT/etc/locale.conf"
62-grep -q "LC_MESSAGES=bar" "$ROOT/etc/locale.conf"
63+grep -q "LANG=foo" "$ROOT$LOCALE_PATH"
64+grep -q "LC_MESSAGES=bar" "$ROOT$LOCALE_PATH"
65 grep -q "KEYMAP=foo" "$ROOT/etc/vconsole.conf"
66 readlink "$ROOT/etc/localtime" | grep -q "Europe/Berlin$"
67 grep -q "foobar" "$ROOT/etc/hostname"
68@@ -104,8 +110,8 @@ systemd-firstboot --root="$ROOT" --force \
69 --root-password-hashed="$ROOT_HASHED_PASSWORD2" \
70 --root-shell=/bin/barshell \
71 --kernel-command-line="hello.world=0"
72-grep -q "LANG=locale-overwrite" "$ROOT/etc/locale.conf"
73-grep -q "LC_MESSAGES=messages-overwrite" "$ROOT/etc/locale.conf"
74+grep -q "LANG=locale-overwrite" "$ROOT$LOCALE_PATH"
75+grep -q "LC_MESSAGES=messages-overwrite" "$ROOT$LOCALE_PATH"
76 grep -q "KEYMAP=keymap-overwrite" "$ROOT/etc/vconsole.conf"
77 readlink "$ROOT/etc/localtime" | grep -q "/CET$"
78 grep -q "hostname-overwrite" "$ROOT/etc/hostname"
79@@ -119,7 +125,7 @@ rm -fr "$ROOT"
80 mkdir "$ROOT"
81 # Copy everything at once (--copy)
82 systemd-firstboot --root="$ROOT" --copy
83-diff /etc/locale.conf "$ROOT/etc/locale.conf"
84+diff $LOCALE_PATH "$ROOT$LOCALE_PATH"
85 diff <(awk -F: '/^root/ { print $7; }' /etc/passwd) <(awk -F: '/^root/ { print $7; }' "$ROOT/etc/passwd")
86 diff <(awk -F: '/^root/ { print $2; }' /etc/shadow) <(awk -F: '/^root/ { print $2; }' "$ROOT/etc/shadow")
87 [[ -e /etc/vconsole.conf ]] && diff /etc/vconsole.conf "$ROOT/etc/vconsole.conf"
88@@ -128,18 +134,8 @@ rm -fr "$ROOT"
89 mkdir "$ROOT"
90 # Copy everything at once, but now by using separate switches
91 systemd-firstboot --root="$ROOT" --copy-locale --copy-keymap --copy-timezone --copy-root-password --copy-root-shell
92-diff /etc/locale.conf "$ROOT/etc/locale.conf"
93+diff $LOCALE_PATH "$ROOT$LOCALE_PATH"
94 diff <(awk -F: '/^root/ { print $7; }' /etc/passwd) <(awk -F: '/^root/ { print $7; }' "$ROOT/etc/passwd")
95 diff <(awk -F: '/^root/ { print $2; }' /etc/shadow) <(awk -F: '/^root/ { print $2; }' "$ROOT/etc/shadow")
96 [[ -e /etc/vconsole.conf ]] && diff /etc/vconsole.conf "$ROOT/etc/vconsole.conf"
97 [[ -e /etc/localtime ]] && diff <(readlink /etc/localtime) <(readlink "$ROOT/etc/localtime")
98-
99-# Assorted tests
100-rm -fr "$ROOT"
101-mkdir "$ROOT"
102-
103-systemd-firstboot --root="$ROOT" --setup-machine-id
104-grep -E "[a-z0-9]{32}" "$ROOT/etc/machine-id"
105-
106-systemd-firstboot --root="$ROOT" --delete-root-password
107-diff <(echo) <(awk -F: '/^root/ { print $2; }' "$ROOT/etc/shadow")
diff --git a/debian/patches/test-make-sure-mount-point-exists-in-testsuite-64.sh.patch b/debian/patches/test-make-sure-mount-point-exists-in-testsuite-64.sh.patch
108deleted file mode 1006440deleted file mode 100644
index ab71bce..0000000
--- a/debian/patches/test-make-sure-mount-point-exists-in-testsuite-64.sh.patch
+++ /dev/null
@@ -1,22 +0,0 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Tue, 22 Nov 2022 12:43:51 -0500
3Subject: test: make sure mount point exists in testsuite-64.sh
4
5Origin: upstream, https://github.com/systemd/systemd/commit/84e5b9225d12f8a1a7d414ef01f97fcd6881c14f
6
7---
8 test/units/testsuite-64.sh | 1 +
9 1 file changed, 1 insertion(+)
10
11diff --git a/test/units/testsuite-64.sh b/test/units/testsuite-64.sh
12index 7673036..8e46533 100755
13--- a/test/units/testsuite-64.sh
14+++ b/test/units/testsuite-64.sh
15@@ -243,6 +243,7 @@ EOF
16 echo "${FUNCNAME[0]}: test failover"
17 local device expected link mpoint part
18 local -a devices
19+ mkdir -p /mnt
20 mpoint="$(mktemp -d /mnt/mpathXXX)"
21 wwid="deaddeadbeef0000"
22 path="/dev/disk/by-id/wwn-0x$wwid"
diff --git a/debian/patches/test-remove-no-longer-needed-quirk-for-set-locale-on-Debi.patch b/debian/patches/test-remove-no-longer-needed-quirk-for-set-locale-on-Debi.patch
23deleted file mode 1006440deleted file mode 100644
index 0adbd1f..0000000
--- a/debian/patches/test-remove-no-longer-needed-quirk-for-set-locale-on-Debi.patch
+++ /dev/null
@@ -1,23 +0,0 @@
1From: Nick Rosbrook <nick.rosbrook@canonical.com>
2Date: Thu, 17 Nov 2022 11:29:03 -0500
3Subject: test: remove no-longer-needed quirk for set-locale on Debian/Ubuntu
4
5---
6 test/units/testsuite-73.sh | 4 +---
7 1 file changed, 1 insertion(+), 3 deletions(-)
8
9diff --git a/test/units/testsuite-73.sh b/test/units/testsuite-73.sh
10index f9e2dce..1e493c0 100755
11--- a/test/units/testsuite-73.sh
12+++ b/test/units/testsuite-73.sh
13@@ -118,9 +118,7 @@ LC_CTYPE=$i"
14
15 assert_rc 0 localectl set-locale "$i"
16 if [[ -f /etc/default/locale ]]; then
17- # Debian/Ubuntu patch is buggy, and LC_CTYPE= still exists.
18- assert_eq "$(cat /etc/default/locale)" "LANG=$i
19-LC_CTYPE=$i"
20+ assert_eq "$(cat /etc/default/locale)" "LANG=$i"
21 else
22 assert_eq "$(cat /etc/locale.conf)" "LANG=$i"
23 fi
diff --git a/debian/rules b/debian/rules
index 73ef33f..ce2c49f 100755
--- a/debian/rules
+++ b/debian/rules
@@ -100,6 +100,7 @@ CONFFLAGS = \
100 -Dnss-resolve=true \100 -Dnss-resolve=true \
101 -Dnss-systemd=true \101 -Dnss-systemd=true \
102 -Dresolve=true \102 -Dresolve=true \
103 -Dstatus-unit-format-default=combined \
103 -Dstandalone-binaries=true104 -Dstandalone-binaries=true
104105
105ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES)))106ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES)))
diff --git a/debian/tests/boot-and-services b/debian/tests/boot-and-services
index 4c2d7a8..fc0eb9b 100755
--- a/debian/tests/boot-and-services
+++ b/debian/tests/boot-and-services
@@ -119,7 +119,7 @@ class ServicesTest(unittest.TestCase):
119 # has kernel messages119 # has kernel messages
120 self.assertRegex(log, 'kernel:.*')120 self.assertRegex(log, 'kernel:.*')
121 # has init messages121 # has init messages
122 self.assertRegex(log, 'systemd.*Reached target Graphical Interface')122 self.assertRegex(log, 'systemd.*Reached target(?: graphical.target -)? Graphical Interface')
123 # has other services123 # has other services
124 self.assertRegex(log, 'NetworkManager.*:')124 self.assertRegex(log, 'NetworkManager.*:')
125125
@@ -199,7 +199,7 @@ class JournalTest(unittest.TestCase):
199 # has kernel messages199 # has kernel messages
200 self.assertRegex(out, b'kernel:.*')200 self.assertRegex(out, b'kernel:.*')
201 # has init messages201 # has init messages
202 self.assertRegex(out, b'systemd.*Reached target Graphical Interface')202 self.assertRegex(out, b'systemd.*Reached target(?: graphical.target -)? Graphical Interface')
203 # has other services203 # has other services
204 self.assertRegex(out, b'NetworkManager.*:.*starting')204 self.assertRegex(out, b'NetworkManager.*:.*starting')
205205
diff --git a/debian/tests/control b/debian/tests/control
index 34a3a05..0e0a97c 100644
--- a/debian/tests/control
+++ b/debian/tests/control
@@ -48,6 +48,7 @@ Depends: systemd,
48 cryptsetup-bin,48 cryptsetup-bin,
49 systemd-sysv,49 systemd-sysv,
50 polkitd | policykit-1,50 polkitd | policykit-1,
51 netlabel-tools,
51 dnsmasq-base52 dnsmasq-base
52Restrictions: needs-root, isolation-container, breaks-testbed53Restrictions: needs-root, isolation-container, breaks-testbed
5354
@@ -182,6 +183,8 @@ Depends: systemd-tests,
182 squashfs-tools,183 squashfs-tools,
183 vim-tiny,184 vim-tiny,
184 dosfstools,185 dosfstools,
186 mtools,
187 erofs-utils,
185 libdw-dev,188 libdw-dev,
186 libelf-dev,189 libelf-dev,
187 dbus-user-session,190 dbus-user-session,
@@ -195,6 +198,16 @@ Depends: systemd-tests,
195 tpm2-tools,198 tpm2-tools,
196 libgcc-s1,199 libgcc-s1,
197 openssl,200 openssl,
201 bsdutils,
202 knot,
203 knot-dnssecutils | knot-dnsutils,
204 bind9-dnsutils,
205 bind9-host,
206 jq,
207 psmisc,
208 xkb-data,
209 locales,
210 locales-all,
198Restrictions: needs-root, allow-stderr, isolation-machine211Restrictions: needs-root, allow-stderr, isolation-machine
199212
200Tests: boot-smoke213Tests: boot-smoke
@@ -205,11 +218,3 @@ Depends: systemd-sysv,
205 systemd,218 systemd,
206 udev,219 udev,
207Restrictions: needs-root, isolation-container, allow-stderr, breaks-testbed220Restrictions: needs-root, isolation-container, allow-stderr, breaks-testbed
208
209# NOUPSTREAM: Do not run these tests for upstream builds
210
211Tests: systemd-fsckd
212Depends: systemd-sysv,
213 python3,
214 plymouth
215Restrictions: needs-root, isolation-machine, breaks-testbed, skippable, flaky
diff --git a/debian/tests/fsck b/debian/tests/fsck
216deleted file mode 100755221deleted file mode 100755
index 77b50d7..0000000
--- a/debian/tests/fsck
+++ /dev/null
@@ -1,27 +0,0 @@
1#!/bin/bash
2fd=0
3
4OPTIND=1
5while getopts "C:aTlM" opt; do
6 case "$opt" in
7 C)
8 fd=$OPTARG
9 ;;
10 \?);;
11 esac
12done
13
14shift "$((OPTIND-1))"
15device=$1
16
17echo "Running fake fsck on $device"
18
19declare -a maxpass=(30 5 2 30 60)
20
21for pass in {1..5}; do
22 maxprogress=${maxpass[$((pass-1))]}
23 for (( current=0; current<=${maxprogress}; current++)); do
24 echo "$pass $current $maxprogress $device">&$fd
25 sleep 0.1
26 done
27done
diff --git a/debian/tests/systemd-fsckd b/debian/tests/systemd-fsckd
28deleted file mode 1007550deleted file mode 100755
index 7f5e535..0000000
--- a/debian/tests/systemd-fsckd
+++ /dev/null
@@ -1,323 +0,0 @@
1#!/usr/bin/python3
2# autopkgtest check: Ensure that systemd-fsckd can report progress and cancel
3# (C) 2015 Canonical Ltd.
4# Author: Didier Roche <didrocks@ubuntu.com>
5
6import fileinput
7import inspect
8import os
9import platform
10import re
11import shutil
12import stat
13import subprocess
14import sys
15import time
16import unittest
17
18from contextlib import suppress
19from pathlib import Path
20
21SYSTEMD_FSCK_ROOT_DROPIN_PATH = '/etc/systemd/system/systemd-fsck-root.service.d/autopkgtest.conf'
22SYSTEMD_FSCK_ROOT_DROPIN_CONTENT = '''
23[Unit]
24ConditionPathIsReadWrite=
25ConditionPathExists=
26
27[Install]
28WantedBy=local-fs.target
29'''
30
31KILL_SERVICE_PATH = '/etc/systemd/system/kill@.service'
32KILL_SERVICE_CONTENT = '''
33[Unit]
34DefaultDependencies=no
35StartLimitInterval=0
36Before=systemd-fsckd.service
37
38[Service]
39RestartSec=1
40Restart=on-failure
41ExecStart=/bin/sh -c "/bin/sleep 5; /usr/bin/pkill -x %i"
42
43[Install]
44WantedBy=systemd-fsckd.service
45'''
46
47DEFAULT_SYSTEM_RUNNING_TIMEOUT = 600
48DEFAULT_SYSTEMD_FSCKD_TIMEOUT = 600
49
50FSCK_PATH = '/sbin/fsck'
51FSCK_BACKUP_PATH = '/sbin/fsck.backup'
52
53RE_SPLASH_QUIET = r'\b\s*(splash|quiet)\b'
54
55
56def tests_setup():
57 # enable persistent journal
58 Path('/var/log/journal').mkdir(parents=True, exist_ok=True)
59 subprocess.run('systemctl -q restart systemd-journald'.split())
60 Path(SYSTEMD_FSCK_ROOT_DROPIN_PATH).parent.mkdir(parents=True, exist_ok=True)
61 Path(SYSTEMD_FSCK_ROOT_DROPIN_PATH).write_text(SYSTEMD_FSCK_ROOT_DROPIN_CONTENT)
62 Path(KILL_SERVICE_PATH).parent.mkdir(parents=True, exist_ok=True)
63 Path(KILL_SERVICE_PATH).write_text(KILL_SERVICE_CONTENT)
64 subprocess.run('systemctl -q daemon-reload'.split())
65 subprocess.run('systemctl -q enable systemd-fsck-root'.split())
66 Path(FSCK_PATH).rename(FSCK_BACKUP_PATH)
67 Path(FSCK_PATH).write_text(Path(__file__).with_name('fsck').read_text())
68 Path(FSCK_PATH).chmod(0o755)
69
70def tests_teardown():
71 Path('/etc/systemd/system/local-fs.target.wants/systemd-fsck-root.service').unlink()
72 subprocess.run('systemctl -q disable systemd-fsck-root'.split())
73 Path(SYSTEMD_FSCK_ROOT_DROPIN_PATH).unlink()
74 Path(KILL_SERVICE_PATH).unlink()
75 subprocess.run('systemctl -q daemon-reload'.split())
76 Path(FSCK_BACKUP_PATH).replace(FSCK_PATH)
77
78def is_system_running():
79 running = subprocess.run('systemctl is-system-running'.split(),
80 encoding='utf-8',
81 stdout=subprocess.PIPE).stdout.strip()
82 return running in ['running', 'degraded']
83
84def is_unit_active(unit):
85 return subprocess.run(f'systemctl -q is-active {unit}'.split()).returncode == 0
86
87def has_unit_failed(unit):
88 '''check if this unit failed at least once, this boot'''
89 journal = subprocess.run(f'journalctl -b -u {unit}'.split(),
90 encoding='utf-8',
91 stdout=subprocess.PIPE).stdout.strip()
92 return f'{unit}.service: Failed' in journal
93
94def has_unit_started(unit):
95 return subprocess.run(f'systemctl show --value -p ExecMainStartTimestampMonotonic {unit}'.split(),
96 encoding='utf-8',
97 stdout=subprocess.PIPE).stdout.strip() != '0'
98
99def get_unit_exec_status(unit):
100 return subprocess.run(f'systemctl show --value -p ExecMainStatus {unit}'.split(),
101 encoding='utf-8',
102 stdout=subprocess.PIPE).stdout.strip()
103
104class FsckdTest(unittest.TestCase):
105 '''Check that we run, report and can cancel fsck'''
106 def __init__(self, test_name, after_reboot):
107 super().__init__(test_name)
108 self._test_name = test_name
109 self._after_reboot = after_reboot
110
111 def setUp(self):
112 super().setUp()
113 if self._after_reboot:
114 self.wait_system_running()
115 self.wait_systemd_fsckd()
116 else:
117 configure_plymouth()
118
119 def tearDown(self):
120 super().tearDown()
121
122 def enable_kill_service(self, proc):
123 subprocess.run(f'systemctl -q enable kill@{proc}'.split())
124
125 def disable_kill_service(self, proc):
126 subprocess.run(f'systemctl -q disable kill@{proc}'.split())
127
128 def wait_system_running(self, timeout=DEFAULT_SYSTEM_RUNNING_TIMEOUT):
129 end = time.monotonic() + timeout
130 while time.monotonic() <= end:
131 if is_system_running():
132 return
133 time.sleep(1)
134 self.fail('timeout waiting for system running')
135
136 def wait_systemd_fsckd(self, timeout=DEFAULT_SYSTEMD_FSCKD_TIMEOUT):
137 end = time.monotonic() + timeout
138 while time.monotonic() <= end:
139 if not is_unit_active('systemd-fsckd'):
140 return
141 time.sleep(1)
142 self.fail('timeout waiting for systemd-fsckd to finish')
143
144 def check_systemd_fsckd(self):
145 unit = 'systemd-fsckd'
146 self.assertUnitStarted(unit)
147 self.assertUnitNotActive(unit)
148 self.assertSystemdFsckdNotFailed()
149
150 def check_systemd_fsck_root(self):
151 unit = 'systemd-fsck-root'
152 self.assertUnitStarted(unit)
153 self.assertUnitActive(unit)
154 self.assertUnitNotFailed(unit)
155
156 def check_plymouth_start(self):
157 unit = 'plymouth-start'
158 self.assertUnitStarted(unit)
159 # stays active in 20.10 and later
160 self.assertUnitActive(unit)
161 self.assertUnitNotFailed(unit)
162
163 def test_systemd_fsckd_run(self):
164 '''Ensure we can boot after a fsck was processed'''
165 if not self._after_reboot:
166 self.reboot()
167 else:
168 self.check_systemd_fsckd()
169 self.check_systemd_fsck_root()
170 self.check_plymouth_start()
171
172 def test_systemd_fsckd_run_without_plymouth(self):
173 '''Ensure we can boot without plymouth after a fsck was processed'''
174 if not self._after_reboot:
175 configure_plymouth(enable=False)
176 self.reboot()
177 else:
178 self.check_systemd_fsckd()
179 self.check_systemd_fsck_root()
180 self.assertUnitNeverStarted('plymouth-start')
181
182 def test_fsck_failure(self):
183 '''Ensure that a failing fsck doesn't prevent fsckd to stop'''
184 if not self._after_reboot:
185 self.enable_kill_service('fsck')
186 self.reboot()
187 else:
188 self.check_systemd_fsckd()
189 self.assertUnitFailed('systemd-fsck-root')
190 self.check_plymouth_start()
191 self.disable_kill_service('fsck')
192
193 def test_systemd_fsck_failure(self):
194 '''Ensure that a failing systemd-fsck doesn't prevent fsckd to stop'''
195 if not self._after_reboot:
196 self.enable_kill_service('systemd-fsck')
197 self.reboot()
198 else:
199 self.check_systemd_fsckd()
200 self.assertUnitFailed('systemd-fsck-root')
201 self.check_plymouth_start()
202 self.disable_kill_service('systemd-fsck')
203
204 def test_systemd_fsckd_failure(self):
205 '''Ensure that a failing systemd-fsckd doesn't prevent system to boot'''
206 if not self._after_reboot:
207 self.enable_kill_service('systemd-fsckd')
208 self.reboot()
209 else:
210 self.assertSystemdFsckdFailed()
211 self.assertUnitFailed('systemd-fsck-root')
212 self.check_plymouth_start()
213 self.disable_kill_service('systemd-fsckd')
214
215 def assertUnitActive(self, unit):
216 self.assertTrue(is_unit_active(unit))
217
218 def assertUnitNotActive(self, unit):
219 self.assertFalse(is_unit_active(unit))
220
221 def assertUnitFailed(self, unit):
222 self.assertTrue(has_unit_failed(unit))
223
224 def assertUnitNotFailed(self, unit):
225 self.assertFalse(has_unit_failed(unit))
226
227 def assertUnitStarted(self, unit):
228 self.assertTrue(has_unit_started(unit))
229
230 def assertUnitNeverStarted(self, unit):
231 self.assertFalse(has_unit_started(unit))
232
233 def assertSystemdFsckdFailed(self):
234 self.assertNotEqual(get_unit_exec_status('systemd-fsckd'), '0')
235
236 def assertSystemdFsckdNotFailed(self):
237 self.assertEqual(get_unit_exec_status('systemd-fsckd'), '0')
238
239 def reboot(self):
240 '''Reboot the system with the current test marker'''
241 subprocess.run(f'/tmp/autopkgtest-reboot {self._test_name}'.split())
242
243
244def configure_plymouth_grub(enable=True):
245 grubcfg = Path('/etc/default/grub')
246 grubcfgdir = Path('/etc/default/grub.d')
247 grubcfgdir.mkdir(parents=True, exist_ok=True)
248 mygrubcfg = grubcfgdir.joinpath('99-autopkgtest.cfg')
249 if enable:
250 content = 'GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT splash quiet"'
251 mygrubcfg.write_text(content)
252 else:
253 mygrubcfg.unlink()
254 for f in [grubcfg] + list(grubcfgdir.glob('*.cfg')):
255 content = f.read_text()
256 if re.search(RE_SPLASH_QUIET, content):
257 f.write_text(re.sub(RE_SPLASH_QUIET, ' ', content))
258 subprocess.run(['update-grub'], stderr=subprocess.DEVNULL, check=True)
259
260def configure_plymouth_zipl(enable=True):
261 ziplcfg = Path('/etc/zipl.conf')
262 content = re.sub(RE_SPLASH_QUIET, ' ', ziplcfg.read_text())
263 if enable:
264 content = re.sub(r'(?m)^(parameters.*[^\'"])(\s*[\'"]?)$', r'\1 splash quiet\2', content)
265 ziplcfg.write_text(content)
266 subprocess.run(['zipl'], stderr=subprocess.DEVNULL, check=True)
267
268def configure_plymouth(enable=True):
269 if platform.processor() == 's390x':
270 configure_plymouth_zipl(enable)
271 else:
272 configure_plymouth_grub(enable)
273
274def getAllTests(unitTestClass):
275 '''get all test names in predictable sorted order from unitTestClass'''
276 return sorted([test[0] for test in inspect.getmembers(unitTestClass, predicate=inspect.isfunction)
277 if test[0].startswith('test_')])
278
279
280# AUTOPKGTEST_REBOOT_MARK contains the test name to pursue after reboot
281# (to check results and states after reboot, mostly).
282# we append the previous global return code (0 or 1) to it.
283# Example: AUTOPKGTEST_REBOOT_MARK=test_foo:0
284if __name__ == '__main__':
285 if os.path.exists('/run/initramfs/fsck-root'):
286 print('SKIP: root file system is being checked by initramfs already')
287 sys.exit(77)
288
289 if platform.processor() == 'aarch64':
290 print('SKIP: cannot reboot properly on arm64, see https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1748280')
291 sys.exit(77)
292
293 all_tests = getAllTests(FsckdTest)
294 current_test = os.getenv('AUTOPKGTEST_REBOOT_MARK')
295
296 if not current_test:
297 tests_setup()
298 after_reboot = False
299 current_test = all_tests[0]
300 else:
301 after_reboot = True
302
303 # loop on remaining tests to run
304 try:
305 remaining_tests = all_tests[all_tests.index(current_test):]
306 except ValueError:
307 print(f'Invalid value for AUTOPKGTEST_REBOOT_MARK, {current_test} is not a valid test name')
308 sys.exit(2)
309
310 # run all remaining tests
311 for test_name in remaining_tests:
312 suite = unittest.TestSuite()
313 suite.addTest(FsckdTest(test_name, after_reboot))
314 result = unittest.TextTestRunner(stream=sys.stdout, verbosity=2).run(suite)
315 if len(result.failures) != 0 or len(result.errors) != 0:
316 j = os.path.join(os.getenv('AUTOPKGTEST_ARTIFACTS'), 'systemd-fsckd-journal.txt')
317 with open(j, 'w') as f:
318 subprocess.run('journalctl -a --no-pager'.split(), encoding='utf-8', stdout=f)
319 sys.exit(1)
320 after_reboot = False
321
322 tests_teardown()
323 sys.exit(0)
diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml
index 5e08b35..7dbf98d 100644
--- a/man/org.freedesktop.systemd1.xml
+++ b/man/org.freedesktop.systemd1.xml
@@ -10139,6 +10139,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope {
10139 readonly t RuntimeMaxUSec = ...;10139 readonly t RuntimeMaxUSec = ...;
10140 @org.freedesktop.DBus.Property.EmitsChangedSignal("const")10140 @org.freedesktop.DBus.Property.EmitsChangedSignal("const")
10141 readonly t RuntimeRandomizedExtraUSec = ...;10141 readonly t RuntimeRandomizedExtraUSec = ...;
10142 @org.freedesktop.DBus.Property.EmitsChangedSignal("const")
10143 readonly s OOMPolicy = '...';
10142 @org.freedesktop.DBus.Property.EmitsChangedSignal("false")10144 @org.freedesktop.DBus.Property.EmitsChangedSignal("false")
10143 readonly s Slice = '...';10145 readonly s Slice = '...';
10144 @org.freedesktop.DBus.Property.EmitsChangedSignal("false")10146 @org.freedesktop.DBus.Property.EmitsChangedSignal("false")
@@ -10313,6 +10315,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope {
1031310315
10314 <!--property RuntimeRandomizedExtraUSec is not documented!-->10316 <!--property RuntimeRandomizedExtraUSec is not documented!-->
1031510317
10318 <!--property OOMPolicy is not documented!-->
10319
10316 <!--property Slice is not documented!-->10320 <!--property Slice is not documented!-->
1031710321
10318 <!--property ControlGroupId is not documented!-->10322 <!--property ControlGroupId is not documented!-->
@@ -10495,6 +10499,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope {
1049510499
10496 <variablelist class="dbus-property" generated="True" extra-ref="RuntimeRandomizedExtraUSec"/>10500 <variablelist class="dbus-property" generated="True" extra-ref="RuntimeRandomizedExtraUSec"/>
1049710501
10502 <variablelist class="dbus-property" generated="True" extra-ref="OOMPolicy"/>
10503
10498 <variablelist class="dbus-property" generated="True" extra-ref="Slice"/>10504 <variablelist class="dbus-property" generated="True" extra-ref="Slice"/>
1049910505
10500 <variablelist class="dbus-property" generated="True" extra-ref="ControlGroup"/>10506 <variablelist class="dbus-property" generated="True" extra-ref="ControlGroup"/>
diff --git a/man/systemd.mount.xml b/man/systemd.mount.xml
index 773ca04..da6ade8 100644
--- a/man/systemd.mount.xml
+++ b/man/systemd.mount.xml
@@ -476,7 +476,9 @@
476 <term><varname>Where=</varname></term>476 <term><varname>Where=</varname></term>
477 <listitem><para>Takes an absolute path of a file or directory for the mount point; in particular, the477 <listitem><para>Takes an absolute path of a file or directory for the mount point; in particular, the
478 destination cannot be a symbolic link. If the mount point does not exist at the time of mounting, it478 destination cannot be a symbolic link. If the mount point does not exist at the time of mounting, it
479 is created as directory. This string must be reflected in the unit filename. (See above.) This option479 is created as either a directory or a file. The former is the usual case; the latter is done only if this mount
480 is a bind mount and the source (<varname>What=</varname>) is not a directory.
481 This string must be reflected in the unit filename. (See above.) This option
480 is mandatory.</para></listitem>482 is mandatory.</para></listitem>
481 </varlistentry>483 </varlistentry>
482484
diff --git a/man/systemd.scope.xml b/man/systemd.scope.xml
index 17d2700..95969bf 100644
--- a/man/systemd.scope.xml
+++ b/man/systemd.scope.xml
@@ -105,6 +105,8 @@
105 of scope units are the following:</para>105 of scope units are the following:</para>
106106
107 <variablelist class='unit-directives'>107 <variablelist class='unit-directives'>
108 <xi:include href="systemd.service.xml" xpointer="oom-policy" />
109
108 <varlistentry>110 <varlistentry>
109 <term><varname>RuntimeMaxSec=</varname></term>111 <term><varname>RuntimeMaxSec=</varname></term>
110112
diff --git a/man/systemd.service.xml b/man/systemd.service.xml
index 8d8dd77..6d3537b 100644
--- a/man/systemd.service.xml
+++ b/man/systemd.service.xml
@@ -1120,7 +1120,7 @@
1120 above.</para></listitem>1120 above.</para></listitem>
1121 </varlistentry>1121 </varlistentry>
11221122
1123 <varlistentry>1123 <varlistentry id='oom-policy'>
1124 <term><varname>OOMPolicy=</varname></term>1124 <term><varname>OOMPolicy=</varname></term>
11251125
1126 <listitem><para>Configure the out-of-memory (OOM) kernel killer policy. Note that the userspace OOM1126 <listitem><para>Configure the out-of-memory (OOM) kernel killer policy. Note that the userspace OOM
@@ -1133,17 +1133,16 @@
1133 for itself, it might decide to kill a running process in order to free up memory and reduce memory1133 for itself, it might decide to kill a running process in order to free up memory and reduce memory
1134 pressure. This setting takes one of <constant>continue</constant>, <constant>stop</constant> or1134 pressure. This setting takes one of <constant>continue</constant>, <constant>stop</constant> or
1135 <constant>kill</constant>. If set to <constant>continue</constant> and a process of the service is1135 <constant>kill</constant>. If set to <constant>continue</constant> and a process of the service is
1136 killed by the kernel's OOM killer this is logged but the service continues running. If set to1136 killed by the OOM killer, this is logged but the unit continues running. If set to
1137 <constant>stop</constant> the event is logged but the service is terminated cleanly by the service1137 <constant>stop</constant> the event is logged but the unit is terminated cleanly by the service
1138 manager. If set to <constant>kill</constant> and one of the service's processes is killed by the OOM1138 manager. If set to <constant>kill</constant> and one of the unit's processes is killed by the OOM
1139 killer the kernel is instructed to kill all remaining processes of the service too, by setting the1139 killer the kernel is instructed to kill all remaining processes of the unit too, by setting the
1140 <filename>memory.oom.group</filename> attribute to <constant>1</constant>; also see <ulink1140 <filename>memory.oom.group</filename> attribute to <constant>1</constant>; also see <ulink
1141 url="https://docs.kernel.org/admin-guide/cgroup-v2.html">kernel documentation</ulink>.1141 url="https://docs.kernel.org/admin-guide/cgroup-v2.html">kernel documentation</ulink>.</para>
1142 </para>
11431142
1144 <para>Defaults to the setting <varname>DefaultOOMPolicy=</varname> in1143 <para>Defaults to the setting <varname>DefaultOOMPolicy=</varname> in
1145 <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>1144 <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
1146 is set to, except for services where <varname>Delegate=</varname> is turned on, where it defaults to1145 is set to, except for units where <varname>Delegate=</varname> is turned on, where it defaults to
1147 <constant>continue</constant>.</para>1146 <constant>continue</constant>.</para>
11481147
1149 <para>Use the <varname>OOMScoreAdjust=</varname> setting to configure whether processes of the unit1148 <para>Use the <varname>OOMScoreAdjust=</varname> setting to configure whether processes of the unit
@@ -1153,10 +1152,9 @@
1153 details.</para>1152 details.</para>
11541153
1155 <para>This setting also applies to <command>systemd-oomd</command>. Similarly to the kernel OOM1154 <para>This setting also applies to <command>systemd-oomd</command>. Similarly to the kernel OOM
1156 kills, this setting determines the state of the service after <command>systemd-oomd</command> kills a1155 kills, this setting determines the state of the unit after <command>systemd-oomd</command> kills a
1157 cgroup associated with the service.</para></listitem>1156 cgroup associated with it.</para></listitem>
1158 </varlistentry>1157 </varlistentry>
1159
1160 </variablelist>1158 </variablelist>
11611159
1162 <para id='shared-unit-options'>Check1160 <para id='shared-unit-options'>Check
diff --git a/src/basic/alloc-util.c b/src/basic/alloc-util.c
index b030f45..6063943 100644
--- a/src/basic/alloc-util.c
+++ b/src/basic/alloc-util.c
@@ -102,3 +102,7 @@ void* greedy_realloc0(
102102
103 return q;103 return q;
104}104}
105
106void *expand_to_usable(void *ptr, size_t newsize _unused_) {
107 return ptr;
108}
diff --git a/src/basic/alloc-util.h b/src/basic/alloc-util.h
index b38db7d..bf783b1 100644
--- a/src/basic/alloc-util.h
+++ b/src/basic/alloc-util.h
@@ -2,6 +2,7 @@
2#pragma once2#pragma once
33
4#include <alloca.h>4#include <alloca.h>
5#include <malloc.h>
5#include <stddef.h>6#include <stddef.h>
6#include <stdlib.h>7#include <stdlib.h>
7#include <string.h>8#include <string.h>
@@ -184,17 +185,35 @@ void* greedy_realloc0(void **p, size_t need, size_t size);
184# define msan_unpoison(r, s)185# define msan_unpoison(r, s)
185#endif186#endif
186187
187/* This returns the number of usable bytes in a malloc()ed region as per malloc_usable_size(), in a way that188/* Dummy allocator to tell the compiler that the new size of p is newsize. The implementation returns the
188 * is compatible with _FORTIFY_SOURCES. If _FORTIFY_SOURCES is used many memory operations will take the189 * pointer as is; the only reason for its existence is as a conduit for the _alloc_ attribute. This must not
189 * object size as returned by __builtin_object_size() into account. Hence, let's return the smaller size of190 * be inlined (hence a non-static function with _noinline_ because LTO otherwise tries to inline it) because
190 * malloc_usable_size() and __builtin_object_size() here, so that we definitely operate in safe territory by191 * gcc then loses the attributes on the function.
191 * both the compiler's and libc's standards. Note that __builtin_object_size() evaluates to SIZE_MAX if the192 * See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96503 */
192 * size cannot be determined, hence the MIN() expression should be safe with dynamically sized memory,193void *expand_to_usable(void *p, size_t newsize) _alloc_(2) _returns_nonnull_ _noinline_;
193 * too. Moreover, when NULL is passed malloc_usable_size() is documented to return zero, and194
194 * __builtin_object_size() returns SIZE_MAX too, hence we also return a sensible value of 0 in this corner195static inline size_t malloc_sizeof_safe(void **xp) {
195 * case. */196 if (_unlikely_(!xp || !*xp))
197 return 0;
198
199 size_t sz = malloc_usable_size(*xp);
200 *xp = expand_to_usable(*xp, sz);
201 /* GCC doesn't see the _returns_nonnull_ when built with ubsan, so yet another hint to make it doubly
202 * clear that expand_to_usable won't return NULL.
203 * See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79265 */
204 if (!*xp)
205 assert_not_reached();
206 return sz;
207}
208
209/* This returns the number of usable bytes in a malloc()ed region as per malloc_usable_size(), which may
210 * return a value larger than the size that was actually allocated. Access to that additional memory is
211 * discouraged because it violates the C standard; a compiler cannot see that this as valid. To help the
212 * compiler out, the MALLOC_SIZEOF_SAFE macro 'allocates' the usable size using a dummy allocator function
213 * expand_to_usable. There is a possibility of malloc_usable_size() returning different values during the
214 * lifetime of an object, which may cause problems, but the glibc allocator does not do that at the moment. */
196#define MALLOC_SIZEOF_SAFE(x) \215#define MALLOC_SIZEOF_SAFE(x) \
197 MIN(malloc_usable_size(x), __builtin_object_size(x, 0))216 malloc_sizeof_safe((void**) &__builtin_choose_expr(__builtin_constant_p(x), (void*) { NULL }, (x)))
198217
199/* Inspired by ELEMENTSOF() but operates on malloc()'ed memory areas: typesafely returns the number of items218/* Inspired by ELEMENTSOF() but operates on malloc()'ed memory areas: typesafely returns the number of items
200 * that fit into the specified memory block */219 * that fit into the specified memory block */
diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c
index b03cc70..17c0170 100644
--- a/src/basic/cgroup-util.c
+++ b/src/basic/cgroup-util.c
@@ -1238,7 +1238,7 @@ static const char *skip_session(const char *p) {
1238 * here. */1238 * here. */
12391239
1240 if (!session_id_valid(buf))1240 if (!session_id_valid(buf))
1241 return false;1241 return NULL;
12421242
1243 p += n;1243 p += n;
1244 p += strspn(p, "/");1244 p += strspn(p, "/");
diff --git a/src/basic/hashmap.c b/src/basic/hashmap.c
index f68cd36..6a14ea9 100644
--- a/src/basic/hashmap.c
+++ b/src/basic/hashmap.c
@@ -1751,7 +1751,7 @@ HashmapBase* _hashmap_copy(HashmapBase *h HASHMAP_DEBUG_PARAMS) {
1751 }1751 }
17521752
1753 if (r < 0)1753 if (r < 0)
1754 return _hashmap_free(copy, false, false);1754 return _hashmap_free(copy, NULL, NULL);
17551755
1756 return copy;1756 return copy;
1757}1757}
diff --git a/src/basic/linux/README b/src/basic/linux/README
index 2bb70fd..1abc945 100644
--- a/src/basic/linux/README
+++ b/src/basic/linux/README
@@ -4,3 +4,4 @@ The files in this directory are copied from current kernel master
4modifications are applied:4modifications are applied:
5- btrfs.h: drop '__user' attributes5- btrfs.h: drop '__user' attributes
6- if.h: drop '#include <linux/compiler.h>' and '__user' attributes6- if.h: drop '#include <linux/compiler.h>' and '__user' attributes
7- stddef.h: drop '#include <linux/compiler_types.h>'
diff --git a/src/basic/linux/btrfs.h b/src/basic/linux/btrfs.h
index 6a0442b..0a53bdc 100644
--- a/src/basic/linux/btrfs.h
+++ b/src/basic/linux/btrfs.h
@@ -19,8 +19,14 @@
1919
20#ifndef _UAPI_LINUX_BTRFS_H20#ifndef _UAPI_LINUX_BTRFS_H
21#define _UAPI_LINUX_BTRFS_H21#define _UAPI_LINUX_BTRFS_H
22
23#ifdef __cplusplus
24extern "C" {
25#endif
26
22#include <linux/types.h>27#include <linux/types.h>
23#include <linux/ioctl.h>28#include <linux/ioctl.h>
29#include <linux/fs.h>
2430
25#define BTRFS_IOCTL_MAGIC 0x9431#define BTRFS_IOCTL_MAGIC 0x94
26#define BTRFS_VOL_NAME_MAX 25532#define BTRFS_VOL_NAME_MAX 255
@@ -93,7 +99,7 @@ struct btrfs_qgroup_inherit {
93 __u64 num_ref_copies;99 __u64 num_ref_copies;
94 __u64 num_excl_copies;100 __u64 num_excl_copies;
95 struct btrfs_qgroup_limit lim;101 struct btrfs_qgroup_limit lim;
96 __u64 qgroups[0];102 __u64 qgroups[];
97};103};
98104
99struct btrfs_ioctl_qgroup_limit_args {105struct btrfs_ioctl_qgroup_limit_args {
@@ -290,6 +296,12 @@ struct btrfs_ioctl_fs_info_args {
290#define BTRFS_FEATURE_COMPAT_RO_FREE_SPACE_TREE_VALID (1ULL << 1)296#define BTRFS_FEATURE_COMPAT_RO_FREE_SPACE_TREE_VALID (1ULL << 1)
291#define BTRFS_FEATURE_COMPAT_RO_VERITY (1ULL << 2)297#define BTRFS_FEATURE_COMPAT_RO_VERITY (1ULL << 2)
292298
299/*
300 * Put all block group items into a dedicated block group tree, greatly
301 * reducing mount time for large filesystem due to better locality.
302 */
303#define BTRFS_FEATURE_COMPAT_RO_BLOCK_GROUP_TREE (1ULL << 3)
304
293#define BTRFS_FEATURE_INCOMPAT_MIXED_BACKREF (1ULL << 0)305#define BTRFS_FEATURE_INCOMPAT_MIXED_BACKREF (1ULL << 0)
294#define BTRFS_FEATURE_INCOMPAT_DEFAULT_SUBVOL (1ULL << 1)306#define BTRFS_FEATURE_INCOMPAT_DEFAULT_SUBVOL (1ULL << 1)
295#define BTRFS_FEATURE_INCOMPAT_MIXED_GROUPS (1ULL << 2)307#define BTRFS_FEATURE_INCOMPAT_MIXED_GROUPS (1ULL << 2)
@@ -327,6 +339,12 @@ struct btrfs_ioctl_feature_flags {
327 */339 */
328struct btrfs_balance_args {340struct btrfs_balance_args {
329 __u64 profiles;341 __u64 profiles;
342
343 /*
344 * usage filter
345 * BTRFS_BALANCE_ARGS_USAGE with a single value means '0..N'
346 * BTRFS_BALANCE_ARGS_USAGE_RANGE - range syntax, min..max
347 */
330 union {348 union {
331 __u64 usage;349 __u64 usage;
332 struct {350 struct {
@@ -543,7 +561,7 @@ struct btrfs_ioctl_search_header {
543 __u64 offset;561 __u64 offset;
544 __u32 type;562 __u32 type;
545 __u32 len;563 __u32 len;
546};564} __attribute__ ((__may_alias__));
547565
548#define BTRFS_SEARCH_ARGS_BUFSIZE (4096 - sizeof(struct btrfs_ioctl_search_key))566#define BTRFS_SEARCH_ARGS_BUFSIZE (4096 - sizeof(struct btrfs_ioctl_search_key))
549/*567/*
@@ -556,18 +574,23 @@ struct btrfs_ioctl_search_args {
556 char buf[BTRFS_SEARCH_ARGS_BUFSIZE];574 char buf[BTRFS_SEARCH_ARGS_BUFSIZE];
557};575};
558576
577/*
578 * Extended version of TREE_SEARCH ioctl that can return more than 4k of bytes.
579 * The allocated size of the buffer is set in buf_size.
580 */
559struct btrfs_ioctl_search_args_v2 {581struct btrfs_ioctl_search_args_v2 {
560 struct btrfs_ioctl_search_key key; /* in/out - search parameters */582 struct btrfs_ioctl_search_key key; /* in/out - search parameters */
561 __u64 buf_size; /* in - size of buffer583 __u64 buf_size; /* in - size of buffer
562 * out - on EOVERFLOW: needed size584 * out - on EOVERFLOW: needed size
563 * to store item */585 * to store item */
564 __u64 buf[0]; /* out - found items */586 __u64 buf[]; /* out - found items */
565};587};
566588
589/* With a @src_length of zero, the range from @src_offset->EOF is cloned! */
567struct btrfs_ioctl_clone_range_args {590struct btrfs_ioctl_clone_range_args {
568 __s64 src_fd;591 __s64 src_fd;
569 __u64 src_offset, src_length;592 __u64 src_offset, src_length;
570 __u64 dest_offset;593 __u64 dest_offset;
571};594};
572595
573/*596/*
@@ -632,7 +655,7 @@ struct btrfs_ioctl_same_args {
632 __u16 dest_count; /* in - total elements in info array */655 __u16 dest_count; /* in - total elements in info array */
633 __u16 reserved1;656 __u16 reserved1;
634 __u32 reserved2;657 __u32 reserved2;
635 struct btrfs_ioctl_same_extent_info info[0];658 struct btrfs_ioctl_same_extent_info info[];
636};659};
637660
638struct btrfs_ioctl_space_info {661struct btrfs_ioctl_space_info {
@@ -644,7 +667,7 @@ struct btrfs_ioctl_space_info {
644struct btrfs_ioctl_space_args {667struct btrfs_ioctl_space_args {
645 __u64 space_slots;668 __u64 space_slots;
646 __u64 total_spaces;669 __u64 total_spaces;
647 struct btrfs_ioctl_space_info spaces[0];670 struct btrfs_ioctl_space_info spaces[];
648};671};
649672
650struct btrfs_data_container {673struct btrfs_data_container {
@@ -652,7 +675,7 @@ struct btrfs_data_container {
652 __u32 bytes_missing; /* out -- additional bytes needed for result */675 __u32 bytes_missing; /* out -- additional bytes needed for result */
653 __u32 elem_cnt; /* out */676 __u32 elem_cnt; /* out */
654 __u32 elem_missed; /* out */677 __u32 elem_missed; /* out */
655 __u64 val[0]; /* out */678 __u64 val[]; /* out */
656};679};
657680
658struct btrfs_ioctl_ino_path_args {681struct btrfs_ioctl_ino_path_args {
@@ -671,8 +694,11 @@ struct btrfs_ioctl_logical_ino_args {
671 /* struct btrfs_data_container *inodes; out */694 /* struct btrfs_data_container *inodes; out */
672 __u64 inodes;695 __u64 inodes;
673};696};
674/* Return every ref to the extent, not just those containing logical block.697
675 * Requires logical == extent bytenr. */698/*
699 * Return every ref to the extent, not just those containing logical block.
700 * Requires logical == extent bytenr.
701 */
676#define BTRFS_LOGICAL_INO_ARGS_IGNORE_OFFSET (1ULL << 0)702#define BTRFS_LOGICAL_INO_ARGS_IGNORE_OFFSET (1ULL << 0)
677703
678enum btrfs_dev_stat_values {704enum btrfs_dev_stat_values {
@@ -777,11 +803,19 @@ struct btrfs_ioctl_received_subvol_args {
777 */803 */
778#define BTRFS_SEND_FLAG_VERSION 0x8804#define BTRFS_SEND_FLAG_VERSION 0x8
779805
806/*
807 * Send compressed data using the ENCODED_WRITE command instead of decompressing
808 * the data and sending it with the WRITE command. This requires protocol
809 * version >= 2.
810 */
811#define BTRFS_SEND_FLAG_COMPRESSED 0x10
812
780#define BTRFS_SEND_FLAG_MASK \813#define BTRFS_SEND_FLAG_MASK \
781 (BTRFS_SEND_FLAG_NO_FILE_DATA | \814 (BTRFS_SEND_FLAG_NO_FILE_DATA | \
782 BTRFS_SEND_FLAG_OMIT_STREAM_HEADER | \815 BTRFS_SEND_FLAG_OMIT_STREAM_HEADER | \
783 BTRFS_SEND_FLAG_OMIT_END_CMD | \816 BTRFS_SEND_FLAG_OMIT_END_CMD | \
784 BTRFS_SEND_FLAG_VERSION)817 BTRFS_SEND_FLAG_VERSION | \
818 BTRFS_SEND_FLAG_COMPRESSED)
785819
786struct btrfs_ioctl_send_args {820struct btrfs_ioctl_send_args {
787 __s64 send_fd; /* in */821 __s64 send_fd; /* in */
@@ -1130,4 +1164,8 @@ enum btrfs_err_code {
1130#define BTRFS_IOC_ENCODED_WRITE _IOW(BTRFS_IOCTL_MAGIC, 64, \1164#define BTRFS_IOC_ENCODED_WRITE _IOW(BTRFS_IOCTL_MAGIC, 64, \
1131 struct btrfs_ioctl_encoded_io_args)1165 struct btrfs_ioctl_encoded_io_args)
11321166
1167#ifdef __cplusplus
1168}
1169#endif
1170
1133#endif /* _UAPI_LINUX_BTRFS_H */1171#endif /* _UAPI_LINUX_BTRFS_H */
diff --git a/src/basic/linux/btrfs_tree.h b/src/basic/linux/btrfs_tree.h
index d411715..ab38d0f 100644
--- a/src/basic/linux/btrfs_tree.h
+++ b/src/basic/linux/btrfs_tree.h
@@ -10,6 +10,23 @@
10#include <stddef.h>10#include <stddef.h>
11#endif11#endif
1212
13/* ASCII for _BHRfS_M, no terminating nul */
14#define BTRFS_MAGIC 0x4D5F53665248425FULL
15
16#define BTRFS_MAX_LEVEL 8
17
18/*
19 * We can actually store much bigger names, but lets not confuse the rest of
20 * linux.
21 */
22#define BTRFS_NAME_LEN 255
23
24/*
25 * Theoretical limit is larger, but we keep this down to a sane value. That
26 * should limit greatly the possibility of collisions on inode ref items.
27 */
28#define BTRFS_LINK_MAX 65535U
29
13/*30/*
14 * This header contains the structure definitions and constants used31 * This header contains the structure definitions and constants used
15 * by file system objects that can be retrieved using32 * by file system objects that can be retrieved using
@@ -359,6 +376,50 @@ enum btrfs_csum_type {
359#define BTRFS_FT_SYMLINK 7376#define BTRFS_FT_SYMLINK 7
360#define BTRFS_FT_XATTR 8377#define BTRFS_FT_XATTR 8
361#define BTRFS_FT_MAX 9378#define BTRFS_FT_MAX 9
379/* Directory contains encrypted data */
380#define BTRFS_FT_ENCRYPTED 0x80
381
382static inline __u8 btrfs_dir_flags_to_ftype(__u8 flags)
383{
384 return flags & ~BTRFS_FT_ENCRYPTED;
385}
386
387/*
388 * Inode flags
389 */
390#define BTRFS_INODE_NODATASUM (1U << 0)
391#define BTRFS_INODE_NODATACOW (1U << 1)
392#define BTRFS_INODE_READONLY (1U << 2)
393#define BTRFS_INODE_NOCOMPRESS (1U << 3)
394#define BTRFS_INODE_PREALLOC (1U << 4)
395#define BTRFS_INODE_SYNC (1U << 5)
396#define BTRFS_INODE_IMMUTABLE (1U << 6)
397#define BTRFS_INODE_APPEND (1U << 7)
398#define BTRFS_INODE_NODUMP (1U << 8)
399#define BTRFS_INODE_NOATIME (1U << 9)
400#define BTRFS_INODE_DIRSYNC (1U << 10)
401#define BTRFS_INODE_COMPRESS (1U << 11)
402
403#define BTRFS_INODE_ROOT_ITEM_INIT (1U << 31)
404
405#define BTRFS_INODE_FLAG_MASK \
406 (BTRFS_INODE_NODATASUM | \
407 BTRFS_INODE_NODATACOW | \
408 BTRFS_INODE_READONLY | \
409 BTRFS_INODE_NOCOMPRESS | \
410 BTRFS_INODE_PREALLOC | \
411 BTRFS_INODE_SYNC | \
412 BTRFS_INODE_IMMUTABLE | \
413 BTRFS_INODE_APPEND | \
414 BTRFS_INODE_NODUMP | \
415 BTRFS_INODE_NOATIME | \
416 BTRFS_INODE_DIRSYNC | \
417 BTRFS_INODE_COMPRESS | \
418 BTRFS_INODE_ROOT_ITEM_INIT)
419
420#define BTRFS_INODE_RO_VERITY (1U << 0)
421
422#define BTRFS_INODE_RO_FLAG_MASK (BTRFS_INODE_RO_VERITY)
362423
363/*424/*
364 * The key defines the order in the tree, and so it also defines (optimal)425 * The key defines the order in the tree, and so it also defines (optimal)
@@ -389,6 +450,109 @@ struct btrfs_key {
389 __u64 offset;450 __u64 offset;
390} __attribute__ ((__packed__));451} __attribute__ ((__packed__));
391452
453/*
454 * Every tree block (leaf or node) starts with this header.
455 */
456struct btrfs_header {
457 /* These first four must match the super block */
458 __u8 csum[BTRFS_CSUM_SIZE];
459 /* FS specific uuid */
460 __u8 fsid[BTRFS_FSID_SIZE];
461 /* Which block this node is supposed to live in */
462 __le64 bytenr;
463 __le64 flags;
464
465 /* Allowed to be different from the super from here on down */
466 __u8 chunk_tree_uuid[BTRFS_UUID_SIZE];
467 __le64 generation;
468 __le64 owner;
469 __le32 nritems;
470 __u8 level;
471} __attribute__ ((__packed__));
472
473/*
474 * This is a very generous portion of the super block, giving us room to
475 * translate 14 chunks with 3 stripes each.
476 */
477#define BTRFS_SYSTEM_CHUNK_ARRAY_SIZE 2048
478
479/*
480 * Just in case we somehow lose the roots and are not able to mount, we store
481 * an array of the roots from previous transactions in the super.
482 */
483#define BTRFS_NUM_BACKUP_ROOTS 4
484struct btrfs_root_backup {
485 __le64 tree_root;
486 __le64 tree_root_gen;
487
488 __le64 chunk_root;
489 __le64 chunk_root_gen;
490
491 __le64 extent_root;
492 __le64 extent_root_gen;
493
494 __le64 fs_root;
495 __le64 fs_root_gen;
496
497 __le64 dev_root;
498 __le64 dev_root_gen;
499
500 __le64 csum_root;
501 __le64 csum_root_gen;
502
503 __le64 total_bytes;
504 __le64 bytes_used;
505 __le64 num_devices;
506 /* future */
507 __le64 unused_64[4];
508
509 __u8 tree_root_level;
510 __u8 chunk_root_level;
511 __u8 extent_root_level;
512 __u8 fs_root_level;
513 __u8 dev_root_level;
514 __u8 csum_root_level;
515 /* future and to align */
516 __u8 unused_8[10];
517} __attribute__ ((__packed__));
518
519/*
520 * A leaf is full of items. offset and size tell us where to find the item in
521 * the leaf (relative to the start of the data area)
522 */
523struct btrfs_item {
524 struct btrfs_disk_key key;
525 __le32 offset;
526 __le32 size;
527} __attribute__ ((__packed__));
528
529/*
530 * Leaves have an item area and a data area:
531 * [item0, item1....itemN] [free space] [dataN...data1, data0]
532 *
533 * The data is separate from the items to get the keys closer together during
534 * searches.
535 */
536struct btrfs_leaf {
537 struct btrfs_header header;
538 struct btrfs_item items[];
539} __attribute__ ((__packed__));
540
541/*
542 * All non-leaf blocks are nodes, they hold only keys and pointers to other
543 * blocks.
544 */
545struct btrfs_key_ptr {
546 struct btrfs_disk_key key;
547 __le64 blockptr;
548 __le64 generation;
549} __attribute__ ((__packed__));
550
551struct btrfs_node {
552 struct btrfs_header header;
553 struct btrfs_key_ptr ptrs[];
554} __attribute__ ((__packed__));
555
392struct btrfs_dev_item {556struct btrfs_dev_item {
393 /* the internal btrfs device id */557 /* the internal btrfs device id */
394 __le64 devid;558 __le64 devid;
@@ -472,6 +636,69 @@ struct btrfs_chunk {
472 /* additional stripes go here */636 /* additional stripes go here */
473} __attribute__ ((__packed__));637} __attribute__ ((__packed__));
474638
639/*
640 * The super block basically lists the main trees of the FS.
641 */
642struct btrfs_super_block {
643 /* The first 4 fields must match struct btrfs_header */
644 __u8 csum[BTRFS_CSUM_SIZE];
645 /* FS specific UUID, visible to user */
646 __u8 fsid[BTRFS_FSID_SIZE];
647 /* This block number */
648 __le64 bytenr;
649 __le64 flags;
650
651 /* Allowed to be different from the btrfs_header from here own down */
652 __le64 magic;
653 __le64 generation;
654 __le64 root;
655 __le64 chunk_root;
656 __le64 log_root;
657
658 /*
659 * This member has never been utilized since the very beginning, thus
660 * it's always 0 regardless of kernel version. We always use
661 * generation + 1 to read log tree root. So here we mark it deprecated.
662 */
663 __le64 __unused_log_root_transid;
664 __le64 total_bytes;
665 __le64 bytes_used;
666 __le64 root_dir_objectid;
667 __le64 num_devices;
668 __le32 sectorsize;
669 __le32 nodesize;
670 __le32 __unused_leafsize;
671 __le32 stripesize;
672 __le32 sys_chunk_array_size;
673 __le64 chunk_root_generation;
674 __le64 compat_flags;
675 __le64 compat_ro_flags;
676 __le64 incompat_flags;
677 __le16 csum_type;
678 __u8 root_level;
679 __u8 chunk_root_level;
680 __u8 log_root_level;
681 struct btrfs_dev_item dev_item;
682
683 char label[BTRFS_LABEL_SIZE];
684
685 __le64 cache_generation;
686 __le64 uuid_tree_generation;
687
688 /* The UUID written into btree blocks */
689 __u8 metadata_uuid[BTRFS_FSID_SIZE];
690
691 __u64 nr_global_roots;
692
693 /* Future expansion */
694 __le64 reserved[27];
695 __u8 sys_chunk_array[BTRFS_SYSTEM_CHUNK_ARRAY_SIZE];
696 struct btrfs_root_backup super_roots[BTRFS_NUM_BACKUP_ROOTS];
697
698 /* Padded to 4096 bytes */
699 __u8 padding[565];
700} __attribute__ ((__packed__));
701
475#define BTRFS_FREE_SPACE_EXTENT 1702#define BTRFS_FREE_SPACE_EXTENT 1
476#define BTRFS_FREE_SPACE_BITMAP 2703#define BTRFS_FREE_SPACE_BITMAP 2
477704
@@ -526,6 +753,14 @@ struct btrfs_extent_item_v0 {
526/* use full backrefs for extent pointers in the block */753/* use full backrefs for extent pointers in the block */
527#define BTRFS_BLOCK_FLAG_FULL_BACKREF (1ULL << 8)754#define BTRFS_BLOCK_FLAG_FULL_BACKREF (1ULL << 8)
528755
756#define BTRFS_BACKREF_REV_MAX 256
757#define BTRFS_BACKREF_REV_SHIFT 56
758#define BTRFS_BACKREF_REV_MASK (((u64)BTRFS_BACKREF_REV_MAX - 1) << \
759 BTRFS_BACKREF_REV_SHIFT)
760
761#define BTRFS_OLD_BACKREF_REV 0
762#define BTRFS_MIXED_BACKREF_REV 1
763
529/*764/*
530 * this flag is only used internally by scrub and may be changed at any time765 * this flag is only used internally by scrub and may be changed at any time
531 * it is only declared here to avoid collisions766 * it is only declared here to avoid collisions
@@ -575,7 +810,7 @@ struct btrfs_inode_extref {
575 __le64 parent_objectid;810 __le64 parent_objectid;
576 __le64 index;811 __le64 index;
577 __le16 name_len;812 __le16 name_len;
578 __u8 name[0];813 __u8 name[];
579 /* name goes here */814 /* name goes here */
580} __attribute__ ((__packed__));815} __attribute__ ((__packed__));
581816
@@ -965,6 +1200,10 @@ static inline __u16 btrfs_qgroup_level(__u64 qgroupid)
965 */1200 */
966#define BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT (1ULL << 2)1201#define BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT (1ULL << 2)
9671202
1203#define BTRFS_QGROUP_STATUS_FLAGS_MASK (BTRFS_QGROUP_STATUS_FLAG_ON | \
1204 BTRFS_QGROUP_STATUS_FLAG_RESCAN | \
1205 BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT)
1206
968#define BTRFS_QGROUP_STATUS_VERSION 11207#define BTRFS_QGROUP_STATUS_VERSION 1
9691208
970struct btrfs_qgroup_status_item {1209struct btrfs_qgroup_status_item {
diff --git a/src/basic/linux/genetlink.h b/src/basic/linux/genetlink.h
index d83f214..ddba3ca 100644
--- a/src/basic/linux/genetlink.h
+++ b/src/basic/linux/genetlink.h
@@ -87,6 +87,8 @@ enum {
87 __CTRL_ATTR_MCAST_GRP_MAX,87 __CTRL_ATTR_MCAST_GRP_MAX,
88};88};
8989
90#define CTRL_ATTR_MCAST_GRP_MAX (__CTRL_ATTR_MCAST_GRP_MAX - 1)
91
90enum {92enum {
91 CTRL_ATTR_POLICY_UNSPEC,93 CTRL_ATTR_POLICY_UNSPEC,
92 CTRL_ATTR_POLICY_DO,94 CTRL_ATTR_POLICY_DO,
@@ -96,7 +98,6 @@ enum {
96 CTRL_ATTR_POLICY_DUMP_MAX = __CTRL_ATTR_POLICY_DUMP_MAX - 198 CTRL_ATTR_POLICY_DUMP_MAX = __CTRL_ATTR_POLICY_DUMP_MAX - 1
97};99};
98100
99#define CTRL_ATTR_MCAST_GRP_MAX (__CTRL_ATTR_MCAST_GRP_MAX - 1)101#define CTRL_ATTR_POLICY_MAX (__CTRL_ATTR_POLICY_DUMP_MAX - 1)
100
101102
102#endif /* _UAPI__LINUX_GENERIC_NETLINK_H */103#endif /* _UAPI__LINUX_GENERIC_NETLINK_H */
diff --git a/src/basic/linux/if_bridge.h b/src/basic/linux/if_bridge.h
index a86a7e7..d9de241 100644
--- a/src/basic/linux/if_bridge.h
+++ b/src/basic/linux/if_bridge.h
@@ -723,10 +723,31 @@ enum {
723enum {723enum {
724 MDBE_ATTR_UNSPEC,724 MDBE_ATTR_UNSPEC,
725 MDBE_ATTR_SOURCE,725 MDBE_ATTR_SOURCE,
726 MDBE_ATTR_SRC_LIST,
727 MDBE_ATTR_GROUP_MODE,
728 MDBE_ATTR_RTPROT,
726 __MDBE_ATTR_MAX,729 __MDBE_ATTR_MAX,
727};730};
728#define MDBE_ATTR_MAX (__MDBE_ATTR_MAX - 1)731#define MDBE_ATTR_MAX (__MDBE_ATTR_MAX - 1)
729732
733/* per mdb entry source */
734enum {
735 MDBE_SRC_LIST_UNSPEC,
736 MDBE_SRC_LIST_ENTRY,
737 __MDBE_SRC_LIST_MAX,
738};
739#define MDBE_SRC_LIST_MAX (__MDBE_SRC_LIST_MAX - 1)
740
741/* per mdb entry per source attributes
742 * these are embedded in MDBE_SRC_LIST_ENTRY
743 */
744enum {
745 MDBE_SRCATTR_UNSPEC,
746 MDBE_SRCATTR_ADDRESS,
747 __MDBE_SRCATTR_MAX,
748};
749#define MDBE_SRCATTR_MAX (__MDBE_SRCATTR_MAX - 1)
750
730/* Embedded inside LINK_XSTATS_TYPE_BRIDGE */751/* Embedded inside LINK_XSTATS_TYPE_BRIDGE */
731enum {752enum {
732 BRIDGE_XSTATS_UNSPEC,753 BRIDGE_XSTATS_UNSPEC,
diff --git a/src/basic/linux/if_ether.h b/src/basic/linux/if_ether.h
index 1d0bccc..69e0457 100644
--- a/src/basic/linux/if_ether.h
+++ b/src/basic/linux/if_ether.h
@@ -116,6 +116,7 @@
116#define ETH_P_QINQ3 0x9300 /* deprecated QinQ VLAN [ NOT AN OFFICIALLY REGISTERED ID ] */116#define ETH_P_QINQ3 0x9300 /* deprecated QinQ VLAN [ NOT AN OFFICIALLY REGISTERED ID ] */
117#define ETH_P_EDSA 0xDADA /* Ethertype DSA [ NOT AN OFFICIALLY REGISTERED ID ] */117#define ETH_P_EDSA 0xDADA /* Ethertype DSA [ NOT AN OFFICIALLY REGISTERED ID ] */
118#define ETH_P_DSA_8021Q 0xDADB /* Fake VLAN Header for DSA [ NOT AN OFFICIALLY REGISTERED ID ] */118#define ETH_P_DSA_8021Q 0xDADB /* Fake VLAN Header for DSA [ NOT AN OFFICIALLY REGISTERED ID ] */
119#define ETH_P_DSA_A5PSW 0xE001 /* A5PSW Tag Value [ NOT AN OFFICIALLY REGISTERED ID ] */
119#define ETH_P_IFE 0xED3E /* ForCES inter-FE LFB type */120#define ETH_P_IFE 0xED3E /* ForCES inter-FE LFB type */
120#define ETH_P_AF_IUCV 0xFBFB /* IBM af_iucv [ NOT AN OFFICIALLY REGISTERED ID ] */121#define ETH_P_AF_IUCV 0xFBFB /* IBM af_iucv [ NOT AN OFFICIALLY REGISTERED ID ] */
121122
@@ -137,6 +138,7 @@
137#define ETH_P_LOCALTALK 0x0009 /* Localtalk pseudo type */138#define ETH_P_LOCALTALK 0x0009 /* Localtalk pseudo type */
138#define ETH_P_CAN 0x000C /* CAN: Controller Area Network */139#define ETH_P_CAN 0x000C /* CAN: Controller Area Network */
139#define ETH_P_CANFD 0x000D /* CANFD: CAN flexible data rate*/140#define ETH_P_CANFD 0x000D /* CANFD: CAN flexible data rate*/
141#define ETH_P_CANXL 0x000E /* CANXL: eXtended frame Length */
140#define ETH_P_PPPTALK 0x0010 /* Dummy type for Atalk over PPP*/142#define ETH_P_PPPTALK 0x0010 /* Dummy type for Atalk over PPP*/
141#define ETH_P_TR_802_2 0x0011 /* 802.2 frames */143#define ETH_P_TR_802_2 0x0011 /* 802.2 frames */
142#define ETH_P_MOBITEX 0x0015 /* Mobitex (kaz@cafe.net) */144#define ETH_P_MOBITEX 0x0015 /* Mobitex (kaz@cafe.net) */
diff --git a/src/basic/linux/if_link.h b/src/basic/linux/if_link.h
index 5f58dcf..1021a7e 100644
--- a/src/basic/linux/if_link.h
+++ b/src/basic/linux/if_link.h
@@ -370,6 +370,9 @@ enum {
370 IFLA_GRO_MAX_SIZE,370 IFLA_GRO_MAX_SIZE,
371 IFLA_TSO_MAX_SIZE,371 IFLA_TSO_MAX_SIZE,
372 IFLA_TSO_MAX_SEGS,372 IFLA_TSO_MAX_SEGS,
373 IFLA_ALLMULTI, /* Allmulti count: > 0 means acts ALLMULTI */
374
375 IFLA_DEVLINK_PORT,
373376
374 __IFLA_MAX377 __IFLA_MAX
375};378};
@@ -560,6 +563,7 @@ enum {
560 IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT,563 IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT,
561 IFLA_BRPORT_MCAST_EHT_HOSTS_CNT,564 IFLA_BRPORT_MCAST_EHT_HOSTS_CNT,
562 IFLA_BRPORT_LOCKED,565 IFLA_BRPORT_LOCKED,
566 IFLA_BRPORT_MAB,
563 __IFLA_BRPORT_MAX567 __IFLA_BRPORT_MAX
564};568};
565#define IFLA_BRPORT_MAX (__IFLA_BRPORT_MAX - 1)569#define IFLA_BRPORT_MAX (__IFLA_BRPORT_MAX - 1)
@@ -694,6 +698,7 @@ enum {
694 IFLA_XFRM_UNSPEC,698 IFLA_XFRM_UNSPEC,
695 IFLA_XFRM_LINK,699 IFLA_XFRM_LINK,
696 IFLA_XFRM_IF_ID,700 IFLA_XFRM_IF_ID,
701 IFLA_XFRM_COLLECT_METADATA,
697 __IFLA_XFRM_MAX702 __IFLA_XFRM_MAX
698};703};
699704
@@ -963,6 +968,7 @@ enum {
963 IFLA_BOND_SLAVE_AD_AGGREGATOR_ID,968 IFLA_BOND_SLAVE_AD_AGGREGATOR_ID,
964 IFLA_BOND_SLAVE_AD_ACTOR_OPER_PORT_STATE,969 IFLA_BOND_SLAVE_AD_ACTOR_OPER_PORT_STATE,
965 IFLA_BOND_SLAVE_AD_PARTNER_OPER_PORT_STATE,970 IFLA_BOND_SLAVE_AD_PARTNER_OPER_PORT_STATE,
971 IFLA_BOND_SLAVE_PRIO,
966 __IFLA_BOND_SLAVE_MAX,972 __IFLA_BOND_SLAVE_MAX,
967};973};
968974
@@ -1373,4 +1379,14 @@ enum {
13731379
1374#define IFLA_MCTP_MAX (__IFLA_MCTP_MAX - 1)1380#define IFLA_MCTP_MAX (__IFLA_MCTP_MAX - 1)
13751381
1382/* DSA section */
1383
1384enum {
1385 IFLA_DSA_UNSPEC,
1386 IFLA_DSA_MASTER,
1387 __IFLA_DSA_MAX,
1388};
1389
1390#define IFLA_DSA_MAX (__IFLA_DSA_MAX - 1)
1391
1376#endif /* _UAPI_LINUX_IF_LINK_H */1392#endif /* _UAPI_LINUX_IF_LINK_H */
diff --git a/src/basic/linux/if_macsec.h b/src/basic/linux/if_macsec.h
index 3af2aa0..d5b6d1f 100644
--- a/src/basic/linux/if_macsec.h
+++ b/src/basic/linux/if_macsec.h
@@ -22,6 +22,8 @@
2222
23#define MACSEC_KEYID_LEN 1623#define MACSEC_KEYID_LEN 16
2424
25#define MACSEC_SALT_LEN 12
26
25/* cipher IDs as per IEEE802.1AE-2018 (Table 14-1) */27/* cipher IDs as per IEEE802.1AE-2018 (Table 14-1) */
26#define MACSEC_CIPHER_ID_GCM_AES_128 0x0080C20001000001ULL28#define MACSEC_CIPHER_ID_GCM_AES_128 0x0080C20001000001ULL
27#define MACSEC_CIPHER_ID_GCM_AES_256 0x0080C20001000002ULL29#define MACSEC_CIPHER_ID_GCM_AES_256 0x0080C20001000002ULL
diff --git a/src/basic/linux/if_tun.h b/src/basic/linux/if_tun.h
index 454ae31..287cdc8 100644
--- a/src/basic/linux/if_tun.h
+++ b/src/basic/linux/if_tun.h
@@ -67,6 +67,8 @@
67#define IFF_TAP 0x000267#define IFF_TAP 0x0002
68#define IFF_NAPI 0x001068#define IFF_NAPI 0x0010
69#define IFF_NAPI_FRAGS 0x002069#define IFF_NAPI_FRAGS 0x0020
70/* Used in TUNSETIFF to bring up tun/tap without carrier */
71#define IFF_NO_CARRIER 0x0040
70#define IFF_NO_PI 0x100072#define IFF_NO_PI 0x1000
71/* This flag has no real effect */73/* This flag has no real effect */
72#define IFF_ONE_QUEUE 0x200074#define IFF_ONE_QUEUE 0x2000
@@ -88,6 +90,8 @@
88#define TUN_F_TSO6 0x04 /* I can handle TSO for IPv6 packets */90#define TUN_F_TSO6 0x04 /* I can handle TSO for IPv6 packets */
89#define TUN_F_TSO_ECN 0x08 /* I can handle TSO with ECN bits. */91#define TUN_F_TSO_ECN 0x08 /* I can handle TSO with ECN bits. */
90#define TUN_F_UFO 0x10 /* I can handle UFO packets */92#define TUN_F_UFO 0x10 /* I can handle UFO packets */
93#define TUN_F_USO4 0x20 /* I can handle USO for IPv4 packets */
94#define TUN_F_USO6 0x40 /* I can handle USO for IPv6 packets */
9195
92/* Protocol info prepended to the packets (when IFF_NO_PI is not set) */96/* Protocol info prepended to the packets (when IFF_NO_PI is not set) */
93#define TUN_PKT_STRIP 0x000197#define TUN_PKT_STRIP 0x0001
@@ -108,7 +112,7 @@ struct tun_pi {
108struct tun_filter {112struct tun_filter {
109 __u16 flags; /* TUN_FLT_ flags see above */113 __u16 flags; /* TUN_FLT_ flags see above */
110 __u16 count; /* Number of addresses */114 __u16 count; /* Number of addresses */
111 __u8 addr[0][ETH_ALEN];115 __u8 addr[][ETH_ALEN];
112};116};
113117
114#endif /* _UAPI__IF_TUN_H */118#endif /* _UAPI__IF_TUN_H */
diff --git a/src/basic/linux/in.h b/src/basic/linux/in.h
index 1416822..07a4cb1 100644
--- a/src/basic/linux/in.h
+++ b/src/basic/linux/in.h
@@ -20,6 +20,7 @@
20#define _UAPI_LINUX_IN_H20#define _UAPI_LINUX_IN_H
2121
22#include <linux/types.h>22#include <linux/types.h>
23#include <linux/stddef.h>
23#include <linux/libc-compat.h>24#include <linux/libc-compat.h>
24#include <linux/socket.h>25#include <linux/socket.h>
2526
@@ -68,6 +69,8 @@ enum {
68#define IPPROTO_PIM IPPROTO_PIM69#define IPPROTO_PIM IPPROTO_PIM
69 IPPROTO_COMP = 108, /* Compression Header Protocol */70 IPPROTO_COMP = 108, /* Compression Header Protocol */
70#define IPPROTO_COMP IPPROTO_COMP71#define IPPROTO_COMP IPPROTO_COMP
72 IPPROTO_L2TP = 115, /* Layer 2 Tunnelling Protocol */
73#define IPPROTO_L2TP IPPROTO_L2TP
71 IPPROTO_SCTP = 132, /* Stream Control Transport Protocol */74 IPPROTO_SCTP = 132, /* Stream Control Transport Protocol */
72#define IPPROTO_SCTP IPPROTO_SCTP75#define IPPROTO_SCTP IPPROTO_SCTP
73 IPPROTO_UDPLITE = 136, /* UDP-Lite (RFC 3828) */76 IPPROTO_UDPLITE = 136, /* UDP-Lite (RFC 3828) */
@@ -188,21 +191,13 @@ struct ip_mreq_source {
188};191};
189192
190struct ip_msfilter {193struct ip_msfilter {
194 __be32 imsf_multiaddr;
195 __be32 imsf_interface;
196 __u32 imsf_fmode;
197 __u32 imsf_numsrc;
191 union {198 union {
192 struct {199 __be32 imsf_slist[1];
193 __be32 imsf_multiaddr_aux;200 __DECLARE_FLEX_ARRAY(__be32, imsf_slist_flex);
194 __be32 imsf_interface_aux;
195 __u32 imsf_fmode_aux;
196 __u32 imsf_numsrc_aux;
197 __be32 imsf_slist[1];
198 };
199 struct {
200 __be32 imsf_multiaddr;
201 __be32 imsf_interface;
202 __u32 imsf_fmode;
203 __u32 imsf_numsrc;
204 __be32 imsf_slist_flex[];
205 };
206 };201 };
207};202};
208203
diff --git a/src/basic/linux/l2tp.h b/src/basic/linux/l2tp.h
index bab8c97..7d81c3e 100644
--- a/src/basic/linux/l2tp.h
+++ b/src/basic/linux/l2tp.h
@@ -13,8 +13,6 @@
13#include <linux/in.h>13#include <linux/in.h>
14#include <linux/in6.h>14#include <linux/in6.h>
1515
16#define IPPROTO_L2TP 115
17
18/**16/**
19 * struct sockaddr_l2tpip - the sockaddr structure for L2TP-over-IP sockets17 * struct sockaddr_l2tpip - the sockaddr structure for L2TP-over-IP sockets
20 * @l2tp_family: address family number AF_L2TPIP.18 * @l2tp_family: address family number AF_L2TPIP.
diff --git a/src/basic/linux/netfilter/nf_tables.h b/src/basic/linux/netfilter/nf_tables.h
index 466fd3f..cfa844d 100644
--- a/src/basic/linux/netfilter/nf_tables.h
+++ b/src/basic/linux/netfilter/nf_tables.h
@@ -97,6 +97,7 @@ enum nft_verdicts {
97 * @NFT_MSG_NEWFLOWTABLE: add new flow table (enum nft_flowtable_attributes)97 * @NFT_MSG_NEWFLOWTABLE: add new flow table (enum nft_flowtable_attributes)
98 * @NFT_MSG_GETFLOWTABLE: get flow table (enum nft_flowtable_attributes)98 * @NFT_MSG_GETFLOWTABLE: get flow table (enum nft_flowtable_attributes)
99 * @NFT_MSG_DELFLOWTABLE: delete flow table (enum nft_flowtable_attributes)99 * @NFT_MSG_DELFLOWTABLE: delete flow table (enum nft_flowtable_attributes)
100 * @NFT_MSG_GETRULE_RESET: get rules and reset stateful expressions (enum nft_obj_attributes)
100 */101 */
101enum nf_tables_msg_types {102enum nf_tables_msg_types {
102 NFT_MSG_NEWTABLE,103 NFT_MSG_NEWTABLE,
@@ -124,6 +125,7 @@ enum nf_tables_msg_types {
124 NFT_MSG_NEWFLOWTABLE,125 NFT_MSG_NEWFLOWTABLE,
125 NFT_MSG_GETFLOWTABLE,126 NFT_MSG_GETFLOWTABLE,
126 NFT_MSG_DELFLOWTABLE,127 NFT_MSG_DELFLOWTABLE,
128 NFT_MSG_GETRULE_RESET,
127 NFT_MSG_MAX,129 NFT_MSG_MAX,
128};130};
129131
@@ -760,6 +762,7 @@ enum nft_payload_bases {
760 NFT_PAYLOAD_NETWORK_HEADER,762 NFT_PAYLOAD_NETWORK_HEADER,
761 NFT_PAYLOAD_TRANSPORT_HEADER,763 NFT_PAYLOAD_TRANSPORT_HEADER,
762 NFT_PAYLOAD_INNER_HEADER,764 NFT_PAYLOAD_INNER_HEADER,
765 NFT_PAYLOAD_TUN_HEADER,
763};766};
764767
765/**768/**
@@ -779,6 +782,32 @@ enum nft_payload_csum_flags {
779 NFT_PAYLOAD_L4CSUM_PSEUDOHDR = (1 << 0),782 NFT_PAYLOAD_L4CSUM_PSEUDOHDR = (1 << 0),
780};783};
781784
785enum nft_inner_type {
786 NFT_INNER_UNSPEC = 0,
787 NFT_INNER_VXLAN,
788 NFT_INNER_GENEVE,
789};
790
791enum nft_inner_flags {
792 NFT_INNER_HDRSIZE = (1 << 0),
793 NFT_INNER_LL = (1 << 1),
794 NFT_INNER_NH = (1 << 2),
795 NFT_INNER_TH = (1 << 3),
796};
797#define NFT_INNER_MASK (NFT_INNER_HDRSIZE | NFT_INNER_LL | \
798 NFT_INNER_NH | NFT_INNER_TH)
799
800enum nft_inner_attributes {
801 NFTA_INNER_UNSPEC,
802 NFTA_INNER_NUM,
803 NFTA_INNER_TYPE,
804 NFTA_INNER_FLAGS,
805 NFTA_INNER_HDRSIZE,
806 NFTA_INNER_EXPR,
807 __NFTA_INNER_MAX
808};
809#define NFTA_INNER_MAX (__NFTA_INNER_MAX - 1)
810
782/**811/**
783 * enum nft_payload_attributes - nf_tables payload expression netlink attributes812 * enum nft_payload_attributes - nf_tables payload expression netlink attributes
784 *813 *
diff --git a/src/basic/linux/netlink.h b/src/basic/linux/netlink.h
index 855dffb..e2ae82e 100644
--- a/src/basic/linux/netlink.h
+++ b/src/basic/linux/netlink.h
@@ -20,7 +20,7 @@
20#define NETLINK_CONNECTOR 1120#define NETLINK_CONNECTOR 11
21#define NETLINK_NETFILTER 12 /* netfilter subsystem */21#define NETLINK_NETFILTER 12 /* netfilter subsystem */
22#define NETLINK_IP6_FW 1322#define NETLINK_IP6_FW 13
23#define NETLINK_DNRTMSG 14 /* DECnet routing messages */23#define NETLINK_DNRTMSG 14 /* DECnet routing messages (obsolete) */
24#define NETLINK_KOBJECT_UEVENT 15 /* Kernel messages to userspace */24#define NETLINK_KOBJECT_UEVENT 15 /* Kernel messages to userspace */
25#define NETLINK_GENERIC 1625#define NETLINK_GENERIC 16
26/* leave room for NETLINK_DM (DM Events) */26/* leave room for NETLINK_DM (DM Events) */
@@ -41,12 +41,20 @@ struct sockaddr_nl {
41 __u32 nl_groups; /* multicast groups mask */41 __u32 nl_groups; /* multicast groups mask */
42};42};
4343
44/**
45 * struct nlmsghdr - fixed format metadata header of Netlink messages
46 * @nlmsg_len: Length of message including header
47 * @nlmsg_type: Message content type
48 * @nlmsg_flags: Additional flags
49 * @nlmsg_seq: Sequence number
50 * @nlmsg_pid: Sending process port ID
51 */
44struct nlmsghdr {52struct nlmsghdr {
45 __u32 nlmsg_len; /* Length of message including header */53 __u32 nlmsg_len;
46 __u16 nlmsg_type; /* Message content */54 __u16 nlmsg_type;
47 __u16 nlmsg_flags; /* Additional flags */55 __u16 nlmsg_flags;
48 __u32 nlmsg_seq; /* Sequence number */56 __u32 nlmsg_seq;
49 __u32 nlmsg_pid; /* Sending process port ID */57 __u32 nlmsg_pid;
50};58};
5159
52/* Flags values */60/* Flags values */
@@ -54,7 +62,7 @@ struct nlmsghdr {
54#define NLM_F_REQUEST 0x01 /* It is request message. */62#define NLM_F_REQUEST 0x01 /* It is request message. */
55#define NLM_F_MULTI 0x02 /* Multipart message, terminated by NLMSG_DONE */63#define NLM_F_MULTI 0x02 /* Multipart message, terminated by NLMSG_DONE */
56#define NLM_F_ACK 0x04 /* Reply with ack, with zero or error code */64#define NLM_F_ACK 0x04 /* Reply with ack, with zero or error code */
57#define NLM_F_ECHO 0x08 /* Echo this request */65#define NLM_F_ECHO 0x08 /* Receive resulting notifications */
58#define NLM_F_DUMP_INTR 0x10 /* Dump was inconsistent due to sequence change */66#define NLM_F_DUMP_INTR 0x10 /* Dump was inconsistent due to sequence change */
59#define NLM_F_DUMP_FILTERED 0x20 /* Dump was filtered as requested */67#define NLM_F_DUMP_FILTERED 0x20 /* Dump was filtered as requested */
6068
@@ -132,6 +140,10 @@ struct nlmsgerr {
132 * be used - in the success case - to identify a created140 * be used - in the success case - to identify a created
133 * object or operation or similar (binary)141 * object or operation or similar (binary)
134 * @NLMSGERR_ATTR_POLICY: policy for a rejected attribute142 * @NLMSGERR_ATTR_POLICY: policy for a rejected attribute
143 * @NLMSGERR_ATTR_MISS_TYPE: type of a missing required attribute,
144 * %NLMSGERR_ATTR_MISS_NEST will not be present if the attribute was
145 * missing at the message level
146 * @NLMSGERR_ATTR_MISS_NEST: offset of the nest where attribute was missing
135 * @__NLMSGERR_ATTR_MAX: number of attributes147 * @__NLMSGERR_ATTR_MAX: number of attributes
136 * @NLMSGERR_ATTR_MAX: highest attribute number148 * @NLMSGERR_ATTR_MAX: highest attribute number
137 */149 */
@@ -141,6 +153,8 @@ enum nlmsgerr_attrs {
141 NLMSGERR_ATTR_OFFS,153 NLMSGERR_ATTR_OFFS,
142 NLMSGERR_ATTR_COOKIE,154 NLMSGERR_ATTR_COOKIE,
143 NLMSGERR_ATTR_POLICY,155 NLMSGERR_ATTR_POLICY,
156 NLMSGERR_ATTR_MISS_TYPE,
157 NLMSGERR_ATTR_MISS_NEST,
144158
145 __NLMSGERR_ATTR_MAX,159 __NLMSGERR_ATTR_MAX,
146 NLMSGERR_ATTR_MAX = __NLMSGERR_ATTR_MAX - 1160 NLMSGERR_ATTR_MAX = __NLMSGERR_ATTR_MAX - 1
@@ -337,6 +351,9 @@ enum netlink_attribute_type {
337 * bitfield32 type (U32)351 * bitfield32 type (U32)
338 * @NL_POLICY_TYPE_ATTR_MASK: mask of valid bits for unsigned integers (U64)352 * @NL_POLICY_TYPE_ATTR_MASK: mask of valid bits for unsigned integers (U64)
339 * @NL_POLICY_TYPE_ATTR_PAD: pad attribute for 64-bit alignment353 * @NL_POLICY_TYPE_ATTR_PAD: pad attribute for 64-bit alignment
354 *
355 * @__NL_POLICY_TYPE_ATTR_MAX: number of attributes
356 * @NL_POLICY_TYPE_ATTR_MAX: highest attribute number
340 */357 */
341enum netlink_policy_type_attr {358enum netlink_policy_type_attr {
342 NL_POLICY_TYPE_ATTR_UNSPEC,359 NL_POLICY_TYPE_ATTR_UNSPEC,
diff --git a/src/basic/linux/nl80211.h b/src/basic/linux/nl80211.h
index d9490e3..c14a91b 100644
--- a/src/basic/linux/nl80211.h
+++ b/src/basic/linux/nl80211.h
@@ -324,6 +324,17 @@
324 */324 */
325325
326/**326/**
327 * DOC: Multi-Link Operation
328 *
329 * In Multi-Link Operation, a connection between to MLDs utilizes multiple
330 * links. To use this in nl80211, various commands and responses now need
331 * to or will include the new %NL80211_ATTR_MLO_LINKS attribute.
332 * Additionally, various commands that need to operate on a specific link
333 * now need to be given the %NL80211_ATTR_MLO_LINK_ID attribute, e.g. to
334 * use %NL80211_CMD_START_AP or similar functions.
335 */
336
337/**
327 * enum nl80211_commands - supported nl80211 commands338 * enum nl80211_commands - supported nl80211 commands
328 *339 *
329 * @NL80211_CMD_UNSPEC: unspecified command to catch errors340 * @NL80211_CMD_UNSPEC: unspecified command to catch errors
@@ -366,14 +377,22 @@
366 * the non-transmitting interfaces are deleted as well.377 * the non-transmitting interfaces are deleted as well.
367 *378 *
368 * @NL80211_CMD_GET_KEY: Get sequence counter information for a key specified379 * @NL80211_CMD_GET_KEY: Get sequence counter information for a key specified
369 * by %NL80211_ATTR_KEY_IDX and/or %NL80211_ATTR_MAC.380 * by %NL80211_ATTR_KEY_IDX and/or %NL80211_ATTR_MAC. %NL80211_ATTR_MAC
381 * represents peer's MLD address for MLO pairwise key. For MLO group key,
382 * the link is identified by %NL80211_ATTR_MLO_LINK_ID.
370 * @NL80211_CMD_SET_KEY: Set key attributes %NL80211_ATTR_KEY_DEFAULT,383 * @NL80211_CMD_SET_KEY: Set key attributes %NL80211_ATTR_KEY_DEFAULT,
371 * %NL80211_ATTR_KEY_DEFAULT_MGMT, or %NL80211_ATTR_KEY_THRESHOLD.384 * %NL80211_ATTR_KEY_DEFAULT_MGMT, or %NL80211_ATTR_KEY_THRESHOLD.
385 * For MLO connection, the link to set default key is identified by
386 * %NL80211_ATTR_MLO_LINK_ID.
372 * @NL80211_CMD_NEW_KEY: add a key with given %NL80211_ATTR_KEY_DATA,387 * @NL80211_CMD_NEW_KEY: add a key with given %NL80211_ATTR_KEY_DATA,
373 * %NL80211_ATTR_KEY_IDX, %NL80211_ATTR_MAC, %NL80211_ATTR_KEY_CIPHER,388 * %NL80211_ATTR_KEY_IDX, %NL80211_ATTR_MAC, %NL80211_ATTR_KEY_CIPHER,
374 * and %NL80211_ATTR_KEY_SEQ attributes.389 * and %NL80211_ATTR_KEY_SEQ attributes. %NL80211_ATTR_MAC represents
390 * peer's MLD address for MLO pairwise key. The link to add MLO
391 * group key is identified by %NL80211_ATTR_MLO_LINK_ID.
375 * @NL80211_CMD_DEL_KEY: delete a key identified by %NL80211_ATTR_KEY_IDX392 * @NL80211_CMD_DEL_KEY: delete a key identified by %NL80211_ATTR_KEY_IDX
376 * or %NL80211_ATTR_MAC.393 * or %NL80211_ATTR_MAC. %NL80211_ATTR_MAC represents peer's MLD address
394 * for MLO pairwise key. The link to delete group key is identified by
395 * %NL80211_ATTR_MLO_LINK_ID.
377 *396 *
378 * @NL80211_CMD_GET_BEACON: (not used)397 * @NL80211_CMD_GET_BEACON: (not used)
379 * @NL80211_CMD_SET_BEACON: change the beacon on an access point interface398 * @NL80211_CMD_SET_BEACON: change the beacon on an access point interface
@@ -753,6 +772,13 @@
753 * %NL80211_ATTR_CSA_C_OFFSETS_TX is an array of offsets to CSA772 * %NL80211_ATTR_CSA_C_OFFSETS_TX is an array of offsets to CSA
754 * counters which will be updated to the current value. This attribute773 * counters which will be updated to the current value. This attribute
755 * is used during CSA period.774 * is used during CSA period.
775 * For TX on an MLD, the frequency can be omitted and the link ID be
776 * specified, or if transmitting to a known peer MLD (with MLD addresses
777 * in the frame) both can be omitted and the link will be selected by
778 * lower layers.
779 * For RX notification, %NL80211_ATTR_RX_HW_TIMESTAMP may be included to
780 * indicate the frame RX timestamp and %NL80211_ATTR_TX_HW_TIMESTAMP may
781 * be included to indicate the ack TX timestamp.
756 * @NL80211_CMD_FRAME_WAIT_CANCEL: When an off-channel TX was requested, this782 * @NL80211_CMD_FRAME_WAIT_CANCEL: When an off-channel TX was requested, this
757 * command may be used with the corresponding cookie to cancel the wait783 * command may be used with the corresponding cookie to cancel the wait
758 * time if it is known that it is no longer necessary. This command is784 * time if it is known that it is no longer necessary. This command is
@@ -763,7 +789,9 @@
763 * transmitted with %NL80211_CMD_FRAME. %NL80211_ATTR_COOKIE identifies789 * transmitted with %NL80211_CMD_FRAME. %NL80211_ATTR_COOKIE identifies
764 * the TX command and %NL80211_ATTR_FRAME includes the contents of the790 * the TX command and %NL80211_ATTR_FRAME includes the contents of the
765 * frame. %NL80211_ATTR_ACK flag is included if the recipient acknowledged791 * frame. %NL80211_ATTR_ACK flag is included if the recipient acknowledged
766 * the frame.792 * the frame. %NL80211_ATTR_TX_HW_TIMESTAMP may be included to indicate the
793 * tx timestamp and %NL80211_ATTR_RX_HW_TIMESTAMP may be included to
794 * indicate the ack RX timestamp.
767 * @NL80211_CMD_ACTION_TX_STATUS: Alias for @NL80211_CMD_FRAME_TX_STATUS for795 * @NL80211_CMD_ACTION_TX_STATUS: Alias for @NL80211_CMD_FRAME_TX_STATUS for
768 * backward compatibility.796 * backward compatibility.
769 *797 *
@@ -1108,6 +1136,12 @@
1108 * has been received. %NL80211_ATTR_FRAME is used to specify the1136 * has been received. %NL80211_ATTR_FRAME is used to specify the
1109 * frame contents. The frame is the raw EAPoL data, without ethernet or1137 * frame contents. The frame is the raw EAPoL data, without ethernet or
1110 * 802.11 headers.1138 * 802.11 headers.
1139 * For an MLD transmitter, the %NL80211_ATTR_MLO_LINK_ID may be given and
1140 * its effect will depend on the destination: If the destination is known
1141 * to be an MLD, this will be used as a hint to select the link to transmit
1142 * the frame on. If the destination is not an MLD, this will select both
1143 * the link to transmit on and the source address will be set to the link
1144 * address of that link.
1111 * When used as an event indication %NL80211_ATTR_CONTROL_PORT_ETHERTYPE,1145 * When used as an event indication %NL80211_ATTR_CONTROL_PORT_ETHERTYPE,
1112 * %NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT and %NL80211_ATTR_MAC are added1146 * %NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT and %NL80211_ATTR_MAC are added
1113 * indicating the protocol type of the received frame; whether the frame1147 * indicating the protocol type of the received frame; whether the frame
@@ -1237,6 +1271,16 @@
1237 * to describe the BSSID address of the AP and %NL80211_ATTR_TIMEOUT to1271 * to describe the BSSID address of the AP and %NL80211_ATTR_TIMEOUT to
1238 * specify the timeout value.1272 * specify the timeout value.
1239 *1273 *
1274 * @NL80211_CMD_ADD_LINK: Add a new link to an interface. The
1275 * %NL80211_ATTR_MLO_LINK_ID attribute is used for the new link.
1276 * @NL80211_CMD_REMOVE_LINK: Remove a link from an interface. This may come
1277 * without %NL80211_ATTR_MLO_LINK_ID as an easy way to remove all links
1278 * in preparation for e.g. roaming to a regular (non-MLO) AP.
1279 *
1280 * @NL80211_CMD_ADD_LINK_STA: Add a link to an MLD station
1281 * @NL80211_CMD_MODIFY_LINK_STA: Modify a link of an MLD station
1282 * @NL80211_CMD_REMOVE_LINK_STA: Remove a link of an MLD station
1283 *
1240 * @NL80211_CMD_MAX: highest used command number1284 * @NL80211_CMD_MAX: highest used command number
1241 * @__NL80211_CMD_AFTER_LAST: internal use1285 * @__NL80211_CMD_AFTER_LAST: internal use
1242 */1286 */
@@ -1481,6 +1525,13 @@ enum nl80211_commands {
14811525
1482 NL80211_CMD_ASSOC_COMEBACK,1526 NL80211_CMD_ASSOC_COMEBACK,
14831527
1528 NL80211_CMD_ADD_LINK,
1529 NL80211_CMD_REMOVE_LINK,
1530
1531 NL80211_CMD_ADD_LINK_STA,
1532 NL80211_CMD_MODIFY_LINK_STA,
1533 NL80211_CMD_REMOVE_LINK_STA,
1534
1484 /* add new commands above here */1535 /* add new commands above here */
14851536
1486 /* used to define NL80211_CMD_MAX below */1537 /* used to define NL80211_CMD_MAX below */
@@ -2340,8 +2391,10 @@ enum nl80211_commands {
2340 *2391 *
2341 * @NL80211_ATTR_IFTYPE_EXT_CAPA: Nested attribute of the following attributes:2392 * @NL80211_ATTR_IFTYPE_EXT_CAPA: Nested attribute of the following attributes:
2342 * %NL80211_ATTR_IFTYPE, %NL80211_ATTR_EXT_CAPA,2393 * %NL80211_ATTR_IFTYPE, %NL80211_ATTR_EXT_CAPA,
2343 * %NL80211_ATTR_EXT_CAPA_MASK, to specify the extended capabilities per2394 * %NL80211_ATTR_EXT_CAPA_MASK, to specify the extended capabilities and
2344 * interface type.2395 * other interface-type specific capabilities per interface type. For MLO,
2396 * %NL80211_ATTR_EML_CAPABILITY and %NL80211_ATTR_MLD_CAPA_AND_OPS are
2397 * present.
2345 *2398 *
2346 * @NL80211_ATTR_MU_MIMO_GROUP_DATA: array of 24 bytes that defines a MU-MIMO2399 * @NL80211_ATTR_MU_MIMO_GROUP_DATA: array of 24 bytes that defines a MU-MIMO
2347 * groupID for monitor mode.2400 * groupID for monitor mode.
@@ -2663,6 +2716,41 @@ enum nl80211_commands {
2663 * association request when used with NL80211_CMD_NEW_STATION). Can be set2716 * association request when used with NL80211_CMD_NEW_STATION). Can be set
2664 * only if %NL80211_STA_FLAG_WME is set.2717 * only if %NL80211_STA_FLAG_WME is set.
2665 *2718 *
2719 * @NL80211_ATTR_MLO_LINK_ID: A (u8) link ID for use with MLO, to be used with
2720 * various commands that need a link ID to operate.
2721 * @NL80211_ATTR_MLO_LINKS: A nested array of links, each containing some
2722 * per-link information and a link ID.
2723 * @NL80211_ATTR_MLD_ADDR: An MLD address, used with various commands such as
2724 * authenticate/associate.
2725 *
2726 * @NL80211_ATTR_MLO_SUPPORT: Flag attribute to indicate user space supports MLO
2727 * connection. Used with %NL80211_CMD_CONNECT. If this attribute is not
2728 * included in NL80211_CMD_CONNECT drivers must not perform MLO connection.
2729 *
2730 * @NL80211_ATTR_MAX_NUM_AKM_SUITES: U16 attribute. Indicates maximum number of
2731 * AKM suites allowed for %NL80211_CMD_CONNECT, %NL80211_CMD_ASSOCIATE and
2732 * %NL80211_CMD_START_AP in %NL80211_CMD_GET_WIPHY response. If this
2733 * attribute is not present userspace shall consider maximum number of AKM
2734 * suites allowed as %NL80211_MAX_NR_AKM_SUITES which is the legacy maximum
2735 * number prior to the introduction of this attribute.
2736 *
2737 * @NL80211_ATTR_EML_CAPABILITY: EML Capability information (u16)
2738 * @NL80211_ATTR_MLD_CAPA_AND_OPS: MLD Capabilities and Operations (u16)
2739 *
2740 * @NL80211_ATTR_TX_HW_TIMESTAMP: Hardware timestamp for TX operation in
2741 * nanoseconds (u64). This is the device clock timestamp so it will
2742 * probably reset when the device is stopped or the firmware is reset.
2743 * When used with %NL80211_CMD_FRAME_TX_STATUS, indicates the frame TX
2744 * timestamp. When used with %NL80211_CMD_FRAME RX notification, indicates
2745 * the ack TX timestamp.
2746 * @NL80211_ATTR_RX_HW_TIMESTAMP: Hardware timestamp for RX operation in
2747 * nanoseconds (u64). This is the device clock timestamp so it will
2748 * probably reset when the device is stopped or the firmware is reset.
2749 * When used with %NL80211_CMD_FRAME_TX_STATUS, indicates the ack RX
2750 * timestamp. When used with %NL80211_CMD_FRAME RX notification, indicates
2751 * the incoming frame RX timestamp.
2752 * @NL80211_ATTR_TD_BITMAP: Transition Disable bitmap, for subsequent
2753 * (re)associations.
2666 * @NUM_NL80211_ATTR: total number of nl80211_attrs available2754 * @NUM_NL80211_ATTR: total number of nl80211_attrs available
2667 * @NL80211_ATTR_MAX: highest attribute number currently defined2755 * @NL80211_ATTR_MAX: highest attribute number currently defined
2668 * @__NL80211_ATTR_AFTER_LAST: internal use2756 * @__NL80211_ATTR_AFTER_LAST: internal use
@@ -3177,6 +3265,21 @@ enum nl80211_attrs {
31773265
3178 NL80211_ATTR_DISABLE_EHT,3266 NL80211_ATTR_DISABLE_EHT,
31793267
3268 NL80211_ATTR_MLO_LINKS,
3269 NL80211_ATTR_MLO_LINK_ID,
3270 NL80211_ATTR_MLD_ADDR,
3271
3272 NL80211_ATTR_MLO_SUPPORT,
3273
3274 NL80211_ATTR_MAX_NUM_AKM_SUITES,
3275
3276 NL80211_ATTR_EML_CAPABILITY,
3277 NL80211_ATTR_MLD_CAPA_AND_OPS,
3278
3279 NL80211_ATTR_TX_HW_TIMESTAMP,
3280 NL80211_ATTR_RX_HW_TIMESTAMP,
3281 NL80211_ATTR_TD_BITMAP,
3282
3180 /* add attributes here, update the policy in nl80211.c */3283 /* add attributes here, update the policy in nl80211.c */
31813284
3182 __NL80211_ATTR_AFTER_LAST,3285 __NL80211_ATTR_AFTER_LAST,
@@ -3231,6 +3334,11 @@ enum nl80211_attrs {
3231#define NL80211_HE_MIN_CAPABILITY_LEN 163334#define NL80211_HE_MIN_CAPABILITY_LEN 16
3232#define NL80211_HE_MAX_CAPABILITY_LEN 543335#define NL80211_HE_MAX_CAPABILITY_LEN 54
3233#define NL80211_MAX_NR_CIPHER_SUITES 53336#define NL80211_MAX_NR_CIPHER_SUITES 5
3337
3338/*
3339 * NL80211_MAX_NR_AKM_SUITES is obsolete when %NL80211_ATTR_MAX_NUM_AKM_SUITES
3340 * present in %NL80211_CMD_GET_WIPHY response.
3341 */
3234#define NL80211_MAX_NR_AKM_SUITES 23342#define NL80211_MAX_NR_AKM_SUITES 2
3235#define NL80211_EHT_MIN_CAPABILITY_LEN 133343#define NL80211_EHT_MIN_CAPABILITY_LEN 13
3236#define NL80211_EHT_MAX_CAPABILITY_LEN 513344#define NL80211_EHT_MAX_CAPABILITY_LEN 51
@@ -4853,6 +4961,8 @@ enum nl80211_bss_scan_width {
4853 * Contains a nested array of signal strength attributes (u8, dBm),4961 * Contains a nested array of signal strength attributes (u8, dBm),
4854 * using the nesting index as the antenna number.4962 * using the nesting index as the antenna number.
4855 * @NL80211_BSS_FREQUENCY_OFFSET: frequency offset in KHz4963 * @NL80211_BSS_FREQUENCY_OFFSET: frequency offset in KHz
4964 * @NL80211_BSS_MLO_LINK_ID: MLO link ID of the BSS (u8).
4965 * @NL80211_BSS_MLD_ADDR: MLD address of this BSS if connected to it.
4856 * @__NL80211_BSS_AFTER_LAST: internal4966 * @__NL80211_BSS_AFTER_LAST: internal
4857 * @NL80211_BSS_MAX: highest BSS attribute4967 * @NL80211_BSS_MAX: highest BSS attribute
4858 */4968 */
@@ -4878,6 +4988,8 @@ enum nl80211_bss {
4878 NL80211_BSS_PARENT_BSSID,4988 NL80211_BSS_PARENT_BSSID,
4879 NL80211_BSS_CHAIN_SIGNAL,4989 NL80211_BSS_CHAIN_SIGNAL,
4880 NL80211_BSS_FREQUENCY_OFFSET,4990 NL80211_BSS_FREQUENCY_OFFSET,
4991 NL80211_BSS_MLO_LINK_ID,
4992 NL80211_BSS_MLD_ADDR,
48814993
4882 /* keep last */4994 /* keep last */
4883 __NL80211_BSS_AFTER_LAST,4995 __NL80211_BSS_AFTER_LAST,
@@ -5874,7 +5986,7 @@ enum nl80211_ap_sme_features {
5874 * @NL80211_FEATURE_INACTIVITY_TIMER: This driver takes care of freeing up5986 * @NL80211_FEATURE_INACTIVITY_TIMER: This driver takes care of freeing up
5875 * the connected inactive stations in AP mode.5987 * the connected inactive stations in AP mode.
5876 * @NL80211_FEATURE_CELL_BASE_REG_HINTS: This driver has been tested5988 * @NL80211_FEATURE_CELL_BASE_REG_HINTS: This driver has been tested
5877 * to work properly to suppport receiving regulatory hints from5989 * to work properly to support receiving regulatory hints from
5878 * cellular base stations.5990 * cellular base stations.
5879 * @NL80211_FEATURE_P2P_DEVICE_NEEDS_CHANNEL: (no longer available, only5991 * @NL80211_FEATURE_P2P_DEVICE_NEEDS_CHANNEL: (no longer available, only
5880 * here to reserve the value for API/ABI compatibility)5992 * here to reserve the value for API/ABI compatibility)
@@ -6174,6 +6286,14 @@ enum nl80211_feature_flags {
6174 * @NL80211_EXT_FEATURE_RADAR_BACKGROUND: Device supports background radar/CAC6286 * @NL80211_EXT_FEATURE_RADAR_BACKGROUND: Device supports background radar/CAC
6175 * detection.6287 * detection.
6176 *6288 *
6289 * @NL80211_EXT_FEATURE_POWERED_ADDR_CHANGE: Device can perform a MAC address
6290 * change without having to bring the underlying network device down
6291 * first. For example, in station mode this can be used to vary the
6292 * origin MAC address prior to a connection to a new AP for privacy
6293 * or other reasons. Note that certain driver specific restrictions
6294 * might apply, e.g. no scans in progress, no offchannel operations
6295 * in progress, and no active connections.
6296 *
6177 * @NUM_NL80211_EXT_FEATURES: number of extended features.6297 * @NUM_NL80211_EXT_FEATURES: number of extended features.
6178 * @MAX_NL80211_EXT_FEATURES: highest extended feature index.6298 * @MAX_NL80211_EXT_FEATURES: highest extended feature index.
6179 */6299 */
@@ -6241,6 +6361,7 @@ enum nl80211_ext_feature_index {
6241 NL80211_EXT_FEATURE_BSS_COLOR,6361 NL80211_EXT_FEATURE_BSS_COLOR,
6242 NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD,6362 NL80211_EXT_FEATURE_FILS_CRYPTO_OFFLOAD,
6243 NL80211_EXT_FEATURE_RADAR_BACKGROUND,6363 NL80211_EXT_FEATURE_RADAR_BACKGROUND,
6364 NL80211_EXT_FEATURE_POWERED_ADDR_CHANGE,
62446365
6245 /* add new features before the definition below */6366 /* add new features before the definition below */
6246 NUM_NL80211_EXT_FEATURES,6367 NUM_NL80211_EXT_FEATURES,
diff --git a/src/basic/linux/pkt_sched.h b/src/basic/linux/pkt_sched.h
index f292b46..000eec1 100644
--- a/src/basic/linux/pkt_sched.h
+++ b/src/basic/linux/pkt_sched.h
@@ -1233,6 +1233,16 @@ enum {
1233#define TCA_TAPRIO_ATTR_FLAG_FULL_OFFLOAD _BITUL(1)1233#define TCA_TAPRIO_ATTR_FLAG_FULL_OFFLOAD _BITUL(1)
12341234
1235enum {1235enum {
1236 TCA_TAPRIO_TC_ENTRY_UNSPEC,
1237 TCA_TAPRIO_TC_ENTRY_INDEX, /* u32 */
1238 TCA_TAPRIO_TC_ENTRY_MAX_SDU, /* u32 */
1239
1240 /* add new constants above here */
1241 __TCA_TAPRIO_TC_ENTRY_CNT,
1242 TCA_TAPRIO_TC_ENTRY_MAX = (__TCA_TAPRIO_TC_ENTRY_CNT - 1)
1243};
1244
1245enum {
1236 TCA_TAPRIO_ATTR_UNSPEC,1246 TCA_TAPRIO_ATTR_UNSPEC,
1237 TCA_TAPRIO_ATTR_PRIOMAP, /* struct tc_mqprio_qopt */1247 TCA_TAPRIO_ATTR_PRIOMAP, /* struct tc_mqprio_qopt */
1238 TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST, /* nested of entry */1248 TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST, /* nested of entry */
@@ -1245,6 +1255,7 @@ enum {
1245 TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME_EXTENSION, /* s64 */1255 TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME_EXTENSION, /* s64 */
1246 TCA_TAPRIO_ATTR_FLAGS, /* u32 */1256 TCA_TAPRIO_ATTR_FLAGS, /* u32 */
1247 TCA_TAPRIO_ATTR_TXTIME_DELAY, /* u32 */1257 TCA_TAPRIO_ATTR_TXTIME_DELAY, /* u32 */
1258 TCA_TAPRIO_ATTR_TC_ENTRY, /* nest */
1248 __TCA_TAPRIO_ATTR_MAX,1259 __TCA_TAPRIO_ATTR_MAX,
1249};1260};
12501261
diff --git a/src/basic/linux/rtnetlink.h b/src/basic/linux/rtnetlink.h
index 83849a3..eb2747d 100644
--- a/src/basic/linux/rtnetlink.h
+++ b/src/basic/linux/rtnetlink.h
@@ -440,7 +440,7 @@ struct rtnexthop {
440/* RTA_VIA */440/* RTA_VIA */
441struct rtvia {441struct rtvia {
442 __kernel_sa_family_t rtvia_family;442 __kernel_sa_family_t rtvia_family;
443 __u8 rtvia_addr[0];443 __u8 rtvia_addr[];
444};444};
445445
446/* RTM_CACHEINFO */446/* RTM_CACHEINFO */
diff --git a/src/basic/linux/stddef.h b/src/basic/linux/stddef.h
447new file mode 100644447new file mode 100644
index 0000000..1a73963
--- /dev/null
+++ b/src/basic/linux/stddef.h
@@ -0,0 +1,46 @@
1/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
2#ifndef _UAPI_LINUX_STDDEF_H
3#define _UAPI_LINUX_STDDEF_H
4
5
6#ifndef __always_inline
7#define __always_inline inline
8#endif
9
10/**
11 * __struct_group() - Create a mirrored named and anonyomous struct
12 *
13 * @TAG: The tag name for the named sub-struct (usually empty)
14 * @NAME: The identifier name of the mirrored sub-struct
15 * @ATTRS: Any struct attributes (usually empty)
16 * @MEMBERS: The member declarations for the mirrored structs
17 *
18 * Used to create an anonymous union of two structs with identical layout
19 * and size: one anonymous and one named. The former's members can be used
20 * normally without sub-struct naming, and the latter can be used to
21 * reason about the start, end, and size of the group of struct members.
22 * The named struct can also be explicitly tagged for layer reuse, as well
23 * as both having struct attributes appended.
24 */
25#define __struct_group(TAG, NAME, ATTRS, MEMBERS...) \
26 union { \
27 struct { MEMBERS } ATTRS; \
28 struct TAG { MEMBERS } ATTRS NAME; \
29 }
30
31/**
32 * __DECLARE_FLEX_ARRAY() - Declare a flexible array usable in a union
33 *
34 * @TYPE: The type of each flexible array element
35 * @NAME: The name of the flexible array member
36 *
37 * In order to have a flexible array member in a union or alone in a
38 * struct, it needs to be wrapped in an anonymous struct with at least 1
39 * named member, but that member can be empty.
40 */
41#define __DECLARE_FLEX_ARRAY(TYPE, NAME) \
42 struct { \
43 struct { } __empty_ ## NAME; \
44 TYPE NAME[]; \
45 }
46#endif
diff --git a/src/basic/linux/update.sh b/src/basic/linux/update.sh
index 72e133d..6aff039 100755
--- a/src/basic/linux/update.sh
+++ b/src/basic/linux/update.sh
@@ -6,5 +6,5 @@ set -o pipefail
6for i in *.h */*.h; do6for i in *.h */*.h; do
7 curl --fail "https://raw.githubusercontent.com/torvalds/linux/master/include/uapi/linux/$i" -o "$i"7 curl --fail "https://raw.githubusercontent.com/torvalds/linux/master/include/uapi/linux/$i" -o "$i"
88
9 sed -i -e 's/__user //g' -e '/^#include <linux\/compiler.h>/ d' "$i"9 sed -r -i -e 's/__user //g' -e '/^#include <linux\/compiler(_types)?.h>/ d' "$i"
10done10done
diff --git a/src/basic/virt.c b/src/basic/virt.c
index f800bba..c6914d5 100644
--- a/src/basic/virt.c
+++ b/src/basic/virt.c
@@ -778,7 +778,7 @@ translate_name:
778 /* Some images hardcode container=oci, but OCI is not a specific container manager.778 /* Some images hardcode container=oci, but OCI is not a specific container manager.
779 * Try to detect one based on well-known files. */779 * Try to detect one based on well-known files. */
780 v = detect_container_files();780 v = detect_container_files();
781 if (v != VIRTUALIZATION_NONE)781 if (v == VIRTUALIZATION_NONE)
782 v = VIRTUALIZATION_CONTAINER_OTHER;782 v = VIRTUALIZATION_CONTAINER_OTHER;
783 goto finish;783 goto finish;
784 }784 }
diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c
index 25a0215..1f4a7db 100644
--- a/src/boot/efi/boot.c
+++ b/src/boot/efi/boot.c
@@ -1573,7 +1573,7 @@ static EFI_STATUS efivar_get_timeout(const char16_t *var, uint32_t *ret_value) {
15731573
1574static void config_load_defaults(Config *config, EFI_FILE *root_dir) {1574static void config_load_defaults(Config *config, EFI_FILE *root_dir) {
1575 _cleanup_free_ char *content = NULL;1575 _cleanup_free_ char *content = NULL;
1576 UINTN value;1576 UINTN value = 0; /* avoid false maybe-uninitialized warning */
1577 EFI_STATUS err;1577 EFI_STATUS err;
15781578
1579 assert(root_dir);1579 assert(root_dir);
@@ -2257,7 +2257,7 @@ static void config_load_xbootldr(
2257 EFI_HANDLE *device) {2257 EFI_HANDLE *device) {
22582258
2259 _cleanup_(file_closep) EFI_FILE *root_dir = NULL;2259 _cleanup_(file_closep) EFI_FILE *root_dir = NULL;
2260 EFI_HANDLE new_device;2260 EFI_HANDLE new_device = NULL; /* avoid false maybe-uninitialized warning */
2261 EFI_STATUS err;2261 EFI_STATUS err;
22622262
2263 assert(config);2263 assert(config);
@@ -2319,6 +2319,9 @@ static EFI_STATUS initrd_prepare(
2319 if (err != EFI_SUCCESS)2319 if (err != EFI_SUCCESS)
2320 return err;2320 return err;
23212321
2322 if (info->FileSize == 0) /* Automatically skip over empty files */
2323 continue;
2324
2322 UINTN new_size, read_size = info->FileSize;2325 UINTN new_size, read_size = info->FileSize;
2323 if (__builtin_add_overflow(size, read_size, &new_size))2326 if (__builtin_add_overflow(size, read_size, &new_size))
2324 return EFI_OUT_OF_RESOURCES;2327 return EFI_OUT_OF_RESOURCES;
diff --git a/src/boot/efi/console.c b/src/boot/efi/console.c
index cd980fd..14c0008 100644
--- a/src/boot/efi/console.c
+++ b/src/boot/efi/console.c
@@ -12,20 +12,6 @@
12#define VERTICAL_MAX_OK 108012#define VERTICAL_MAX_OK 1080
13#define VIEWPORT_RATIO 1013#define VIEWPORT_RATIO 10
1414
15static EFI_STATUS console_connect(void) {
16 EFI_BOOT_MANAGER_POLICY_PROTOCOL *boot_policy;
17 EFI_STATUS err;
18
19 /* This should make console devices appear/fully initialize on fastboot firmware. */
20
21 err = BS->LocateProtocol(
22 &(EFI_GUID) EFI_BOOT_MANAGER_POLICY_PROTOCOL_GUID, NULL, (void **) &boot_policy);
23 if (err != EFI_SUCCESS)
24 return err;
25
26 return boot_policy->ConnectDeviceClass(boot_policy, &(EFI_GUID) EFI_BOOT_MANAGER_POLICY_CONSOLE_GUID);
27}
28
29static inline void event_closep(EFI_EVENT *event) {15static inline void event_closep(EFI_EVENT *event) {
30 if (!*event)16 if (!*event)
31 return;17 return;
@@ -61,8 +47,6 @@ EFI_STATUS console_key_read(uint64_t *key, uint64_t timeout_usec) {
61 assert(key);47 assert(key);
6248
63 if (!checked) {49 if (!checked) {
64 console_connect();
65
66 /* Get the *first* TextInputEx device.*/50 /* Get the *first* TextInputEx device.*/
67 err = BS->LocateProtocol(&SimpleTextInputExProtocol, NULL, (void **) &extraInEx);51 err = BS->LocateProtocol(&SimpleTextInputExProtocol, NULL, (void **) &extraInEx);
68 if (err != EFI_SUCCESS || BS->CheckEvent(extraInEx->WaitForKeyEx) == EFI_INVALID_PARAMETER)52 if (err != EFI_SUCCESS || BS->CheckEvent(extraInEx->WaitForKeyEx) == EFI_INVALID_PARAMETER)
diff --git a/src/boot/efi/cpio.c b/src/boot/efi/cpio.c
index 76e2cd7..79b5d43 100644
--- a/src/boot/efi/cpio.c
+++ b/src/boot/efi/cpio.c
@@ -468,7 +468,7 @@ EFI_STATUS pack_cpio(
468468
469 for (UINTN i = 0; i < n_items; i++) {469 for (UINTN i = 0; i < n_items; i++) {
470 _cleanup_free_ char *content = NULL;470 _cleanup_free_ char *content = NULL;
471 UINTN contentsize;471 UINTN contentsize = 0; /* avoid false maybe-uninitialized warning */
472472
473 err = file_read(extra_dir, items[i], 0, 0, &content, &contentsize);473 err = file_read(extra_dir, items[i], 0, 0, &content, &contentsize);
474 if (err != EFI_SUCCESS) {474 if (err != EFI_SUCCESS) {
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 0de4399..fa61c3e 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -55,6 +55,7 @@ if not cc.has_header_symbol('efi.h', 'EFI_IMAGE_MACHINE_X64',
55endif55endif
5656
57objcopy = run_command(cc.cmd_array(), '-print-prog-name=objcopy', check: true).stdout().strip()57objcopy = run_command(cc.cmd_array(), '-print-prog-name=objcopy', check: true).stdout().strip()
58objcopy_2_38 = find_program('objcopy', version: '>=2.38', required: false)
5859
59efi_ld = get_option('efi-ld')60efi_ld = get_option('efi-ld')
60if efi_ld == 'auto'61if efi_ld == 'auto'
@@ -283,9 +284,17 @@ foreach arg : ['-Wl,--no-warn-execstack',
283 endif284 endif
284endforeach285endforeach
285286
286if efi_arch[1] in ['aarch64', 'arm', 'riscv64']287# If using objcopy, crt0 must not include the PE/COFF header
288if run_command('grep', '-q', 'coff_header', efi_crt0, check: false).returncode() == 0
289 coff_header_in_crt0 = true
290else
291 coff_header_in_crt0 = false
292endif
293
294if efi_arch[1] in ['arm', 'riscv64'] or (efi_arch[1] == 'aarch64' and (not objcopy_2_38.found() or coff_header_in_crt0))
287 efi_ldflags += ['-shared']295 efi_ldflags += ['-shared']
288 # Aarch64, ARM32 and 64bit RISC-V don't have an EFI capable objcopy.296 # ARM32 and 64bit RISC-V don't have an EFI capable objcopy.
297 # Older objcopy doesn't support Aarch64 either.
289 # Use 'binary' instead, and add required symbols manually.298 # Use 'binary' instead, and add required symbols manually.
290 efi_ldflags += ['-Wl,--defsym=EFI_SUBSYSTEM=0xa']299 efi_ldflags += ['-Wl,--defsym=EFI_SUBSYSTEM=0xa']
291 efi_format = ['-O', 'binary']300 efi_format = ['-O', 'binary']
diff --git a/src/boot/efi/missing_efi.h b/src/boot/efi/missing_efi.h
index b446e03..250c84c 100644
--- a/src/boot/efi/missing_efi.h
+++ b/src/boot/efi/missing_efi.h
@@ -398,22 +398,3 @@ typedef struct {
398 void *StdErr;398 void *StdErr;
399} EFI_SHELL_PARAMETERS_PROTOCOL;399} EFI_SHELL_PARAMETERS_PROTOCOL;
400#endif400#endif
401
402#ifndef EFI_BOOT_MANAGER_POLICY_PROTOCOL_GUID
403#define EFI_BOOT_MANAGER_POLICY_PROTOCOL_GUID \
404 { 0xFEDF8E0C, 0xE147, 0x11E3, { 0x99, 0x03, 0xB8, 0xE8, 0x56, 0x2C, 0xBA, 0xFA } }
405#define EFI_BOOT_MANAGER_POLICY_CONSOLE_GUID \
406 { 0xCAB0E94C, 0xE15F, 0x11E3, { 0x91, 0x8D, 0xB8, 0xE8, 0x56, 0x2C, 0xBA, 0xFA } }
407
408typedef struct EFI_BOOT_MANAGER_POLICY_PROTOCOL EFI_BOOT_MANAGER_POLICY_PROTOCOL;
409struct EFI_BOOT_MANAGER_POLICY_PROTOCOL {
410 UINT64 Revision;
411 EFI_STATUS (EFIAPI *ConnectDevicePath)(
412 EFI_BOOT_MANAGER_POLICY_PROTOCOL *This,
413 EFI_DEVICE_PATH *DevicePath,
414 BOOLEAN Recursive);
415 EFI_STATUS (EFIAPI *ConnectDeviceClass)(
416 EFI_BOOT_MANAGER_POLICY_PROTOCOL *This,
417 EFI_GUID *Class);
418};
419#endif
diff --git a/src/boot/efi/secure-boot.c b/src/boot/efi/secure-boot.c
index 65457bf..6212868 100644
--- a/src/boot/efi/secure-boot.c
+++ b/src/boot/efi/secure-boot.c
@@ -6,7 +6,7 @@
6#include "util.h"6#include "util.h"
77
8bool secure_boot_enabled(void) {8bool secure_boot_enabled(void) {
9 bool secure;9 bool secure = false; /* avoid false maybe-uninitialized warning */
10 EFI_STATUS err;10 EFI_STATUS err;
1111
12 err = efivar_get_boolean_u8(EFI_GLOBAL_GUID, L"SecureBoot", &secure);12 err = efivar_get_boolean_u8(EFI_GLOBAL_GUID, L"SecureBoot", &secure);
diff --git a/src/boot/efi/util.c b/src/boot/efi/util.c
index f9aeeb4..51e483e 100644
--- a/src/boot/efi/util.c
+++ b/src/boot/efi/util.c
@@ -309,9 +309,11 @@ EFI_STATUS file_read(EFI_FILE *dir, const char16_t *name, UINTN off, UINTN size,
309 UINTN extra = size % sizeof(char16_t) + sizeof(char16_t);309 UINTN extra = size % sizeof(char16_t) + sizeof(char16_t);
310310
311 buf = xmalloc(size + extra);311 buf = xmalloc(size + extra);
312 err = handle->Read(handle, &size, buf);312 if (size > 0) {
313 if (err != EFI_SUCCESS)313 err = handle->Read(handle, &size, buf);
314 return err;314 if (err != EFI_SUCCESS)
315 return err;
316 }
315317
316 /* Note that handle->Read() changes size to reflect the actually bytes read. */318 /* Note that handle->Read() changes size to reflect the actually bytes read. */
317 memset(buf + size, 0, extra);319 memset(buf + size, 0, extra);
diff --git a/src/busctl/busctl.c b/src/busctl/busctl.c
index f57a5d6..cc2d0e3 100644
--- a/src/busctl/busctl.c
+++ b/src/busctl/busctl.c
@@ -1022,10 +1022,11 @@ static int introspect(int argc, char **argv, void *userdata) {
10221022
1023 for (;;) {1023 for (;;) {
1024 Member *z;1024 Member *z;
1025 _cleanup_free_ char *buf = NULL;1025 _cleanup_free_ char *buf = NULL, *signature = NULL;
1026 _cleanup_fclose_ FILE *mf = NULL;1026 _cleanup_fclose_ FILE *mf = NULL;
1027 size_t sz = 0;1027 size_t sz = 0;
1028 const char *name;1028 const char *name, *contents;
1029 char type;
10291030
1030 r = sd_bus_message_enter_container(reply, 'e', "sv");1031 r = sd_bus_message_enter_container(reply, 'e', "sv");
1031 if (r < 0)1032 if (r < 0)
@@ -1042,6 +1043,21 @@ static int introspect(int argc, char **argv, void *userdata) {
1042 if (r < 0)1043 if (r < 0)
1043 return bus_log_parse_error(r);1044 return bus_log_parse_error(r);
10441045
1046 r = sd_bus_message_peek_type(reply, &type, &contents);
1047 if (r <= 0)
1048 return bus_log_parse_error(r == 0 ? EINVAL : r);
1049
1050 if (type == SD_BUS_TYPE_STRUCT_BEGIN)
1051 signature = strjoin(CHAR_TO_STR(SD_BUS_TYPE_STRUCT_BEGIN), contents, CHAR_TO_STR(SD_BUS_TYPE_STRUCT_END));
1052 else if (type == SD_BUS_TYPE_DICT_ENTRY_BEGIN)
1053 signature = strjoin(CHAR_TO_STR(SD_BUS_TYPE_DICT_ENTRY_BEGIN), contents, CHAR_TO_STR(SD_BUS_TYPE_DICT_ENTRY_END));
1054 else if (contents)
1055 signature = strjoin(CHAR_TO_STR(type), contents);
1056 else
1057 signature = strdup(CHAR_TO_STR(type));
1058 if (!signature)
1059 return log_oom();
1060
1045 mf = open_memstream_unlocked(&buf, &sz);1061 mf = open_memstream_unlocked(&buf, &sz);
1046 if (!mf)1062 if (!mf)
1047 return log_oom();1063 return log_oom();
@@ -1055,6 +1071,7 @@ static int introspect(int argc, char **argv, void *userdata) {
1055 z = set_get(members, &((Member) {1071 z = set_get(members, &((Member) {
1056 .type = "property",1072 .type = "property",
1057 .interface = m->interface,1073 .interface = m->interface,
1074 .signature = signature,
1058 .name = (char*) name }));1075 .name = (char*) name }));
1059 if (z)1076 if (z)
1060 free_and_replace(z->value, buf);1077 free_and_replace(z->value, buf);
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index 4c0a821..ba26066 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -2471,7 +2471,7 @@ static bool unit_has_mask_enables_realized(
2471 ((u->cgroup_enabled_mask | enable_mask) & CGROUP_MASK_V2) == (u->cgroup_enabled_mask & CGROUP_MASK_V2);2471 ((u->cgroup_enabled_mask | enable_mask) & CGROUP_MASK_V2) == (u->cgroup_enabled_mask & CGROUP_MASK_V2);
2472}2472}
24732473
2474static void unit_add_to_cgroup_realize_queue(Unit *u) {2474void unit_add_to_cgroup_realize_queue(Unit *u) {
2475 assert(u);2475 assert(u);
24762476
2477 if (u->in_cgroup_realize_queue)2477 if (u->in_cgroup_realize_queue)
diff --git a/src/core/cgroup.h b/src/core/cgroup.h
index 4413eea..49fbd4f 100644
--- a/src/core/cgroup.h
+++ b/src/core/cgroup.h
@@ -262,6 +262,7 @@ int unit_realize_cgroup(Unit *u);
262void unit_prune_cgroup(Unit *u);262void unit_prune_cgroup(Unit *u);
263int unit_watch_cgroup(Unit *u);263int unit_watch_cgroup(Unit *u);
264int unit_watch_cgroup_memory(Unit *u);264int unit_watch_cgroup_memory(Unit *u);
265void unit_add_to_cgroup_realize_queue(Unit *u);
265266
266void unit_release_cgroup(Unit *u);267void unit_release_cgroup(Unit *u);
267/* Releases the cgroup only if it is recursively empty.268/* Releases the cgroup only if it is recursively empty.
diff --git a/src/core/dbus-scope.c b/src/core/dbus-scope.c
index 7d2ceb0..7b07bb8 100644
--- a/src/core/dbus-scope.c
+++ b/src/core/dbus-scope.c
@@ -5,6 +5,7 @@
5#include "bus-get-properties.h"5#include "bus-get-properties.h"
6#include "dbus-cgroup.h"6#include "dbus-cgroup.h"
7#include "dbus-kill.h"7#include "dbus-kill.h"
8#include "dbus-manager.h"
8#include "dbus-scope.h"9#include "dbus-scope.h"
9#include "dbus-unit.h"10#include "dbus-unit.h"
10#include "dbus-util.h"11#include "dbus-util.h"
@@ -39,6 +40,7 @@ int bus_scope_method_abandon(sd_bus_message *message, void *userdata, sd_bus_err
39}40}
4041
41static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, scope_result, ScopeResult);42static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, scope_result, ScopeResult);
43static BUS_DEFINE_SET_TRANSIENT_PARSE(oom_policy, OOMPolicy, oom_policy_from_string);
4244
43const sd_bus_vtable bus_scope_vtable[] = {45const sd_bus_vtable bus_scope_vtable[] = {
44 SD_BUS_VTABLE_START(0),46 SD_BUS_VTABLE_START(0),
@@ -47,6 +49,7 @@ const sd_bus_vtable bus_scope_vtable[] = {
47 SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Scope, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),49 SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Scope, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
48 SD_BUS_PROPERTY("RuntimeMaxUSec", "t", bus_property_get_usec, offsetof(Scope, runtime_max_usec), SD_BUS_VTABLE_PROPERTY_CONST),50 SD_BUS_PROPERTY("RuntimeMaxUSec", "t", bus_property_get_usec, offsetof(Scope, runtime_max_usec), SD_BUS_VTABLE_PROPERTY_CONST),
49 SD_BUS_PROPERTY("RuntimeRandomizedExtraUSec", "t", bus_property_get_usec, offsetof(Scope, runtime_rand_extra_usec), SD_BUS_VTABLE_PROPERTY_CONST),51 SD_BUS_PROPERTY("RuntimeRandomizedExtraUSec", "t", bus_property_get_usec, offsetof(Scope, runtime_rand_extra_usec), SD_BUS_VTABLE_PROPERTY_CONST),
52 SD_BUS_PROPERTY("OOMPolicy", "s", bus_property_get_oom_policy, offsetof(Scope, oom_policy), SD_BUS_VTABLE_PROPERTY_CONST),
50 SD_BUS_SIGNAL("RequestStop", NULL, 0),53 SD_BUS_SIGNAL("RequestStop", NULL, 0),
51 SD_BUS_METHOD("Abandon", NULL, NULL, bus_scope_method_abandon, SD_BUS_VTABLE_UNPRIVILEGED),54 SD_BUS_METHOD("Abandon", NULL, NULL, bus_scope_method_abandon, SD_BUS_VTABLE_UNPRIVILEGED),
52 SD_BUS_VTABLE_END55 SD_BUS_VTABLE_END
@@ -77,6 +80,9 @@ static int bus_scope_set_transient_property(
77 if (streq(name, "RuntimeRandomizedExtraUSec"))80 if (streq(name, "RuntimeRandomizedExtraUSec"))
78 return bus_set_transient_usec(u, name, &s->runtime_rand_extra_usec, message, flags, error);81 return bus_set_transient_usec(u, name, &s->runtime_rand_extra_usec, message, flags, error);
7982
83 if (streq(name, "OOMPolicy"))
84 return bus_set_transient_oom_policy(u, name, &s->oom_policy, message, flags, error);
85
80 if (streq(name, "PIDs")) {86 if (streq(name, "PIDs")) {
81 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;87 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
82 unsigned n = 0;88 unsigned n = 0;
diff --git a/src/core/execute.c b/src/core/execute.c
index 6c3fbc2..13222dd 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -5479,6 +5479,23 @@ int exec_context_destroy_credentials(const ExecContext *c, const char *runtime_p
5479 return 0;5479 return 0;
5480}5480}
54815481
5482int exec_context_destroy_mount_ns_dir(Unit *u) {
5483 _cleanup_free_ char *p = NULL;
5484
5485 if (!u || !MANAGER_IS_SYSTEM(u->manager))
5486 return 0;
5487
5488 p = path_join("/run/systemd/propagate/", u->id);
5489 if (!p)
5490 return -ENOMEM;
5491
5492 /* This is only filled transiently (see mount_in_namespace()), should be empty or even non-existent*/
5493 if (rmdir(p) < 0 && errno != ENOENT)
5494 log_unit_debug_errno(u, errno, "Unable to remove propagation dir '%s', ignoring: %m", p);
5495
5496 return 0;
5497}
5498
5482static void exec_command_done(ExecCommand *c) {5499static void exec_command_done(ExecCommand *c) {
5483 assert(c);5500 assert(c);
54845501
diff --git a/src/core/execute.h b/src/core/execute.h
index a2cf228..4c54422 100644
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -453,6 +453,7 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix);
453453
454int exec_context_destroy_runtime_directory(const ExecContext *c, const char *runtime_root);454int exec_context_destroy_runtime_directory(const ExecContext *c, const char *runtime_root);
455int exec_context_destroy_credentials(const ExecContext *c, const char *runtime_root, const char *unit);455int exec_context_destroy_credentials(const ExecContext *c, const char *runtime_root, const char *unit);
456int exec_context_destroy_mount_ns_dir(Unit *u);
456457
457const char* exec_context_fdname(const ExecContext *c, int fd_index);458const char* exec_context_fdname(const ExecContext *c, int fd_index);
458459
diff --git a/src/core/import-creds.c b/src/core/import-creds.c
index 4685e43..dab7d36 100644
--- a/src/core/import-creds.c
+++ b/src/core/import-creds.c
@@ -19,6 +19,7 @@
19#include "proc-cmdline.h"19#include "proc-cmdline.h"
20#include "recurse-dir.h"20#include "recurse-dir.h"
21#include "strv.h"21#include "strv.h"
22#include "virt.h"
2223
23/* This imports credentials passed in from environments higher up (VM manager, boot loader, …) and rearranges24/* This imports credentials passed in from environments higher up (VM manager, boot loader, …) and rearranges
24 * them so that later code can access them using our regular credential protocol25 * them so that later code can access them using our regular credential protocol
@@ -369,6 +370,9 @@ static int import_credentials_qemu(ImportCredentialContext *c) {
369370
370 assert(c);371 assert(c);
371372
373 if (detect_container() > 0) /* don't access /sys/ in a container */
374 return 0;
375
372 source_dir_fd = open(QEMU_FWCFG_PATH, O_RDONLY|O_DIRECTORY|O_CLOEXEC);376 source_dir_fd = open(QEMU_FWCFG_PATH, O_RDONLY|O_DIRECTORY|O_CLOEXEC);
373 if (source_dir_fd < 0) {377 if (source_dir_fd < 0) {
374 if (errno == ENOENT) {378 if (errno == ENOENT) {
@@ -560,6 +564,9 @@ static int import_credentials_smbios(ImportCredentialContext *c) {
560564
561 /* Parses DMI OEM strings fields (SMBIOS type 11), as settable with qemu's -smbios type=11,value=… switch. */565 /* Parses DMI OEM strings fields (SMBIOS type 11), as settable with qemu's -smbios type=11,value=… switch. */
562566
567 if (detect_container() > 0) /* don't access /sys/ in a container */
568 return 0;
569
563 for (unsigned i = 0;; i++) {570 for (unsigned i = 0;; i++) {
564 struct dmi_field_header {571 struct dmi_field_header {
565 uint8_t type;572 uint8_t type;
diff --git a/src/core/load-fragment-gperf.gperf.in b/src/core/load-fragment-gperf.gperf.in
index 7675b7b..81a5971 100644
--- a/src/core/load-fragment-gperf.gperf.in
+++ b/src/core/load-fragment-gperf.gperf.in
@@ -555,6 +555,7 @@ Path.TriggerLimitBurst, config_parse_unsigned,
555Scope.RuntimeMaxSec, config_parse_sec, 0, offsetof(Scope, runtime_max_usec)555Scope.RuntimeMaxSec, config_parse_sec, 0, offsetof(Scope, runtime_max_usec)
556Scope.RuntimeRandomizedExtraSec, config_parse_sec, 0, offsetof(Scope, runtime_rand_extra_usec)556Scope.RuntimeRandomizedExtraSec, config_parse_sec, 0, offsetof(Scope, runtime_rand_extra_usec)
557Scope.TimeoutStopSec, config_parse_sec, 0, offsetof(Scope, timeout_stop_usec)557Scope.TimeoutStopSec, config_parse_sec, 0, offsetof(Scope, timeout_stop_usec)
558Scope.OOMPolicy, config_parse_oom_policy, 0, offsetof(Scope, oom_policy)
558{# The [Install] section is ignored here #}559{# The [Install] section is ignored here #}
559Install.Alias, NULL, 0, 0560Install.Alias, NULL, 0, 0
560Install.WantedBy, NULL, 0, 0561Install.WantedBy, NULL, 0, 0
diff --git a/src/core/mount.c b/src/core/mount.c
index dea7cd9..283426b 100644
--- a/src/core/mount.c
+++ b/src/core/mount.c
@@ -13,6 +13,7 @@
13#include "device.h"13#include "device.h"
14#include "exit-status.h"14#include "exit-status.h"
15#include "format-util.h"15#include "format-util.h"
16#include "fs-util.h"
16#include "fstab-util.h"17#include "fstab-util.h"
17#include "libmount-util.h"18#include "libmount-util.h"
18#include "log.h"19#include "log.h"
@@ -26,6 +27,7 @@
26#include "process-util.h"27#include "process-util.h"
27#include "serialize.h"28#include "serialize.h"
28#include "special.h"29#include "special.h"
30#include "stat-util.h"
29#include "string-table.h"31#include "string-table.h"
30#include "string-util.h"32#include "string-util.h"
31#include "strv.h"33#include "strv.h"
@@ -1073,6 +1075,7 @@ fail:
1073static void mount_enter_mounting(Mount *m) {1075static void mount_enter_mounting(Mount *m) {
1074 int r;1076 int r;
1075 MountParameters *p;1077 MountParameters *p;
1078 bool source_is_dir = true;
10761079
1077 assert(m);1080 assert(m);
10781081
@@ -1080,16 +1083,28 @@ static void mount_enter_mounting(Mount *m) {
1080 if (r < 0)1083 if (r < 0)
1081 goto fail;1084 goto fail;
10821085
1083 (void) mkdir_p_label(m->where, m->directory_mode);1086 p = get_mount_parameters_fragment(m);
1087 if (p && mount_is_bind(p)) {
1088 r = is_dir(p->what, /* follow = */ true);
1089 if (r < 0 && r != -ENOENT)
1090 log_unit_info_errno(UNIT(m), r, "Failed to determine type of bind mount source '%s', ignoring: %m", p->what);
1091 else if (r == 0)
1092 source_is_dir = false;
1093 }
10841094
1085 unit_warn_if_dir_nonempty(UNIT(m), m->where);1095 if (source_is_dir)
1096 (void) mkdir_p_label(m->where, m->directory_mode);
1097 else
1098 (void) touch_file(m->where, /* parents = */ true, USEC_INFINITY, UID_INVALID, GID_INVALID, MODE_INVALID);
1099
1100 if (source_is_dir)
1101 unit_warn_if_dir_nonempty(UNIT(m), m->where);
1086 unit_warn_leftover_processes(UNIT(m), unit_log_leftover_process_start);1102 unit_warn_leftover_processes(UNIT(m), unit_log_leftover_process_start);
10871103
1088 m->control_command_id = MOUNT_EXEC_MOUNT;1104 m->control_command_id = MOUNT_EXEC_MOUNT;
1089 m->control_command = m->exec_command + MOUNT_EXEC_MOUNT;1105 m->control_command = m->exec_command + MOUNT_EXEC_MOUNT;
10901106
1091 /* Create the source directory for bind-mounts if needed */1107 /* Create the source directory for bind-mounts if needed */
1092 p = get_mount_parameters_fragment(m);
1093 if (p && mount_is_bind(p)) {1108 if (p && mount_is_bind(p)) {
1094 r = mkdir_p_label(p->what, m->directory_mode);1109 r = mkdir_p_label(p->what, m->directory_mode);
1095 /* mkdir_p_label() can return -EEXIST if the target path exists and is not a directory - which is1110 /* mkdir_p_label() can return -EEXIST if the target path exists and is not a directory - which is
diff --git a/src/core/scope.c b/src/core/scope.c
index 54a6cc6..914d1cc 100644
--- a/src/core/scope.c
+++ b/src/core/scope.c
@@ -43,6 +43,7 @@ static void scope_init(Unit *u) {
43 s->timeout_stop_usec = u->manager->default_timeout_stop_usec;43 s->timeout_stop_usec = u->manager->default_timeout_stop_usec;
44 u->ignore_on_isolate = true;44 u->ignore_on_isolate = true;
45 s->user = s->group = NULL;45 s->user = s->group = NULL;
46 s->oom_policy = _OOM_POLICY_INVALID;
46}47}
4748
48static void scope_done(Unit *u) {49static void scope_done(Unit *u) {
@@ -194,6 +195,11 @@ static int scope_add_extras(Scope *s) {
194 if (r < 0)195 if (r < 0)
195 return r;196 return r;
196197
198 if (s->oom_policy < 0)
199 s->oom_policy = s->cgroup_context.delegate ? OOM_CONTINUE : UNIT(s)->manager->default_oom_policy;
200
201 s->cgroup_context.memory_oom_group = s->oom_policy == OOM_KILL;
202
197 return scope_add_default_dependencies(s);203 return scope_add_default_dependencies(s);
198}204}
199205
@@ -286,11 +292,13 @@ static void scope_dump(Unit *u, FILE *f, const char *prefix) {
286 "%sScope State: %s\n"292 "%sScope State: %s\n"
287 "%sResult: %s\n"293 "%sResult: %s\n"
288 "%sRuntimeMaxSec: %s\n"294 "%sRuntimeMaxSec: %s\n"
289 "%sRuntimeRandomizedExtraSec: %s\n",295 "%sRuntimeRandomizedExtraSec: %s\n"
296 "%sOOMPolicy: %s\n",
290 prefix, scope_state_to_string(s->state),297 prefix, scope_state_to_string(s->state),
291 prefix, scope_result_to_string(s->result),298 prefix, scope_result_to_string(s->result),
292 prefix, FORMAT_TIMESPAN(s->runtime_max_usec, USEC_PER_SEC),299 prefix, FORMAT_TIMESPAN(s->runtime_max_usec, USEC_PER_SEC),
293 prefix, FORMAT_TIMESPAN(s->runtime_rand_extra_usec, USEC_PER_SEC));300 prefix, FORMAT_TIMESPAN(s->runtime_rand_extra_usec, USEC_PER_SEC),
301 prefix, oom_policy_to_string(s->oom_policy));
294302
295 cgroup_context_dump(UNIT(s), f, prefix);303 cgroup_context_dump(UNIT(s), f, prefix);
296 kill_context_dump(&s->kill_context, f, prefix);304 kill_context_dump(&s->kill_context, f, prefix);
@@ -635,11 +643,16 @@ static void scope_notify_cgroup_oom_event(Unit *u, bool managed_oom) {
635 else643 else
636 log_unit_debug(u, "Process of control group was killed by the OOM killer.");644 log_unit_debug(u, "Process of control group was killed by the OOM killer.");
637645
638 /* This will probably need to be modified when scope units get an oom-policy */646 if (s->oom_policy == OOM_CONTINUE)
647 return;
648
639 switch (s->state) {649 switch (s->state) {
640650
641 case SCOPE_START_CHOWN:651 case SCOPE_START_CHOWN:
642 case SCOPE_RUNNING:652 case SCOPE_RUNNING:
653 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_OOM_KILL);
654 break;
655
643 case SCOPE_STOP_SIGTERM:656 case SCOPE_STOP_SIGTERM:
644 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_OOM_KILL);657 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_OOM_KILL);
645 break;658 break;
@@ -776,6 +789,10 @@ static void scope_enumerate_perpetual(Manager *m) {
776789
777 unit_add_to_load_queue(u);790 unit_add_to_load_queue(u);
778 unit_add_to_dbus_queue(u);791 unit_add_to_dbus_queue(u);
792 /* Enqueue an explicit cgroup realization here. Unlike other cgroups this one already exists and is
793 * populated (by us, after all!) already, even when we are not in a reload cycle. Hence we cannot
794 * apply the settings at creation time anymore, but let's at least apply them asynchronously. */
795 unit_add_to_cgroup_realize_queue(u);
779}796}
780797
781static const char* const scope_result_table[_SCOPE_RESULT_MAX] = {798static const char* const scope_result_table[_SCOPE_RESULT_MAX] = {
diff --git a/src/core/scope.h b/src/core/scope.h
index 6a228f1..c9574a3 100644
--- a/src/core/scope.h
+++ b/src/core/scope.h
@@ -38,6 +38,8 @@ struct Scope {
3838
39 char *user;39 char *user;
40 char *group;40 char *group;
41
42 OOMPolicy oom_policy;
41};43};
4244
43extern const UnitVTable scope_vtable;45extern const UnitVTable scope_vtable;
diff --git a/src/core/slice.c b/src/core/slice.c
index c453aa0..4824a30 100644
--- a/src/core/slice.c
+++ b/src/core/slice.c
@@ -381,6 +381,9 @@ static int slice_freezer_action(Unit *s, FreezerAction action) {
381 }381 }
382382
383 UNIT_FOREACH_DEPENDENCY(member, s, UNIT_ATOM_SLICE_OF) {383 UNIT_FOREACH_DEPENDENCY(member, s, UNIT_ATOM_SLICE_OF) {
384 if (!member->cgroup_realized)
385 continue;
386
384 if (action == FREEZER_FREEZE)387 if (action == FREEZER_FREEZE)
385 r = UNIT_VTABLE(member)->freeze(member);388 r = UNIT_VTABLE(member)->freeze(member);
386 else389 else
diff --git a/src/core/swap.c b/src/core/swap.c
index 2196793..5c83c47 100644
--- a/src/core/swap.c
+++ b/src/core/swap.c
@@ -827,7 +827,7 @@ static void swap_enter_activating(Swap *s) {
827 }827 }
828 }828 }
829829
830 r = exec_command_set(s->control_command, "/sbin/swapon", NULL);830 r = exec_command_set(s->control_command, "/sbin/swapon", "--fixpgsz", NULL);
831 if (r < 0)831 if (r < 0)
832 goto fail;832 goto fail;
833833
diff --git a/src/core/unit.c b/src/core/unit.c
index bed5544..3ac56c1 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -5732,6 +5732,7 @@ void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
5732 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);5732 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
57335733
5734 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);5734 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
5735 exec_context_destroy_mount_ns_dir(u);
5735}5736}
57365737
5737int unit_clean(Unit *u, ExecCleanMask mask) {5738int unit_clean(Unit *u, ExecCleanMask mask) {
diff --git a/src/cryptsetup/cryptsetup-fido2.c b/src/cryptsetup/cryptsetup-fido2.c
index 74053b8..a3bdedb 100644
--- a/src/cryptsetup/cryptsetup-fido2.c
+++ b/src/cryptsetup/cryptsetup-fido2.c
@@ -38,6 +38,10 @@ int acquire_fido2_key(
38 size_t salt_size;38 size_t salt_size;
39 int r;39 int r;
4040
41 if ((required & (FIDO2ENROLL_PIN | FIDO2ENROLL_UP | FIDO2ENROLL_UV)) && headless)
42 return log_error_errno(SYNTHETIC_ERRNO(ENOPKG),
43 "Local verification is required to unlock this volume, but the 'headless' parameter was set.");
44
41 ask_password_flags |= ASK_PASSWORD_PUSH_CACHE | ASK_PASSWORD_ACCEPT_CACHED;45 ask_password_flags |= ASK_PASSWORD_PUSH_CACHE | ASK_PASSWORD_ACCEPT_CACHED;
4246
43 assert(cid);47 assert(cid);
@@ -76,28 +80,6 @@ int acquire_fido2_key(
76 }80 }
7781
78 for (;;) {82 for (;;) {
79 if (!FLAGS_SET(required, FIDO2ENROLL_PIN) || pins) {
80 r = fido2_use_hmac_hash(
81 device,
82 rp_id ?: "io.systemd.cryptsetup",
83 salt, salt_size,
84 cid, cid_size,
85 pins,
86 required,
87 ret_decrypted_key,
88 ret_decrypted_key_size);
89 if (!IN_SET(r,
90 -ENOANO, /* needs pin */
91 -ENOLCK)) /* pin incorrect */
92 return r;
93
94 device_exists = true; /* that a PIN is needed/wasn't correct means that we managed to
95 * talk to a device */
96 }
97
98 if (headless)
99 return log_error_errno(SYNTHETIC_ERRNO(ENOPKG), "PIN querying disabled via 'headless' option. Use the '$PIN' environment variable.");
100
101 if (!device_exists) {83 if (!device_exists) {
102 /* Before we inquire for the PIN we'll need, if we never talked to the device, check84 /* Before we inquire for the PIN we'll need, if we never talked to the device, check
103 * if the device actually is plugged in. Otherwise we'll ask for the PIN already when85 * if the device actually is plugged in. Otherwise we'll ask for the PIN already when
@@ -112,6 +94,30 @@ int acquire_fido2_key(
112 device_exists = true; /* now we know for sure, a device exists, no need to ask again */94 device_exists = true; /* now we know for sure, a device exists, no need to ask again */
113 }95 }
11496
97 /* Always make an attempt before asking for PIN.
98 * fido2_use_hmac_hash() will perform a pre-flight check for whether the credential for
99 * can be found on one of the connected devices. This way, we can avoid prompting the user
100 * for a PIN when we are sure that no device can be used. */
101 r = fido2_use_hmac_hash(
102 device,
103 rp_id ?: "io.systemd.cryptsetup",
104 salt, salt_size,
105 cid, cid_size,
106 pins,
107 required,
108 ret_decrypted_key,
109 ret_decrypted_key_size);
110 if (!IN_SET(r,
111 -ENOANO, /* needs pin */
112 -ENOLCK)) /* pin incorrect */
113 return r;
114
115 device_exists = true; /* that a PIN is needed/wasn't correct means that we managed to
116 * talk to a device */
117
118 if (headless)
119 return log_error_errno(SYNTHETIC_ERRNO(ENOPKG), "PIN querying disabled via 'headless' option. Use the '$PIN' environment variable.");
120
115 pins = strv_free_erase(pins);121 pins = strv_free_erase(pins);
116 r = ask_password_auto("Please enter security token PIN:", "drive-harddisk", NULL, "fido2-pin", "cryptsetup.fido2-pin", until, ask_password_flags, &pins);122 r = ask_password_auto("Please enter security token PIN:", "drive-harddisk", NULL, "fido2-pin", "cryptsetup.fido2-pin", until, ask_password_flags, &pins);
117 if (r < 0)123 if (r < 0)
@@ -121,35 +127,38 @@ int acquire_fido2_key(
121 }127 }
122}128}
123129
124int find_fido2_auto_data(130int acquire_fido2_key_auto(
125 struct crypt_device *cd,131 struct crypt_device *cd,
126 char **ret_rp_id,132 const char *name,
127 void **ret_salt,133 const char *friendly_name,
128 size_t *ret_salt_size,134 const char *fido2_device,
129 void **ret_cid,135 const char *key_file,
130 size_t *ret_cid_size,136 size_t key_file_size,
131 int *ret_keyslot,137 uint64_t key_file_offset,
132 Fido2EnrollFlags *ret_required) {138 usec_t until,
133139 bool headless,
134 _cleanup_free_ void *cid = NULL, *salt = NULL;140 void **ret_decrypted_key,
135 size_t cid_size = 0, salt_size = 0;141 size_t *ret_decrypted_key_size,
136 _cleanup_free_ char *rp = NULL;142 AskPasswordFlags ask_password_flags) {
137 int r, keyslot = -1;143
144 _cleanup_free_ void *cid = NULL;
145 size_t cid_size = 0;
146 int r, ret = -ENOENT;
138 Fido2EnrollFlags required = 0;147 Fido2EnrollFlags required = 0;
139148
140 assert(cd);149 assert(cd);
141 assert(ret_salt);150 assert(name);
142 assert(ret_salt_size);151 assert(ret_decrypted_key);
143 assert(ret_cid);152 assert(ret_decrypted_key_size);
144 assert(ret_cid_size);
145 assert(ret_keyslot);
146 assert(ret_required);
147153
148 /* Loads FIDO2 metadata from LUKS2 JSON token headers. */154 /* Loads FIDO2 metadata from LUKS2 JSON token headers. */
149155
150 for (int token = 0; token < sym_crypt_token_max(CRYPT_LUKS2); token ++) {156 for (int token = 0; token < sym_crypt_token_max(CRYPT_LUKS2); token ++) {
151 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;157 _cleanup_(json_variant_unrefp) JsonVariant *v = NULL;
152 JsonVariant *w;158 JsonVariant *w;
159 _cleanup_free_ void *salt = NULL;
160 _cleanup_free_ char *rp = NULL;
161 size_t salt_size = 0;
153 int ks;162 int ks;
154163
155 r = cryptsetup_get_token_as_json(cd, token, "systemd-fido2", &v);164 r = cryptsetup_get_token_as_json(cd, token, "systemd-fido2", &v);
@@ -166,13 +175,6 @@ int find_fido2_auto_data(
166 continue;175 continue;
167 }176 }
168177
169 if (cid)
170 return log_error_errno(SYNTHETIC_ERRNO(ENOTUNIQ),
171 "Multiple FIDO2 tokens enrolled, cannot automatically determine token.");
172
173 assert(keyslot < 0);
174 keyslot = ks;
175
176 w = json_variant_by_key(v, "fido2-credential");178 w = json_variant_by_key(v, "fido2-credential");
177 if (!w || !json_variant_is_string(w))179 if (!w || !json_variant_is_string(w))
178 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),180 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
@@ -243,20 +245,33 @@ int find_fido2_auto_data(
243 SET_FLAG(required, FIDO2ENROLL_UV, json_variant_boolean(w));245 SET_FLAG(required, FIDO2ENROLL_UV, json_variant_boolean(w));
244 } else246 } else
245 required |= FIDO2ENROLL_UV_OMIT; /* compat with 248 */247 required |= FIDO2ENROLL_UV_OMIT; /* compat with 248 */
248
249 ret = acquire_fido2_key(
250 name,
251 friendly_name,
252 fido2_device,
253 rp,
254 cid, cid_size,
255 key_file, key_file_size, key_file_offset,
256 salt, salt_size,
257 until,
258 headless,
259 required,
260 ret_decrypted_key, ret_decrypted_key_size,
261 ask_password_flags);
262 if (ret == 0)
263 break;
246 }264 }
247265
248 if (!cid)266 if (!cid)
249 return log_error_errno(SYNTHETIC_ERRNO(ENXIO),267 return log_error_errno(SYNTHETIC_ERRNO(ENXIO),
250 "No valid FIDO2 token data found.");268 "No valid FIDO2 token data found.");
251269
252 log_info("Automatically discovered security FIDO2 token unlocks volume.");270 if (ret == -EAGAIN) /* fido2 device does not exist, or UV is blocked; caller will prompt for retry */
271 return log_debug_errno(ret, "FIDO2 token does not exist, or UV is blocked.");
272 if (ret < 0)
273 return log_error_errno(ret, "Failed to unlock LUKS volume with FIDO2 token: %m");
253274
254 *ret_rp_id = TAKE_PTR(rp);275 log_info("Unlocked volume via automatically discovered security FIDO2 token.");
255 *ret_cid = TAKE_PTR(cid);276 return ret;
256 *ret_cid_size = cid_size;
257 *ret_salt = TAKE_PTR(salt);
258 *ret_salt_size = salt_size;
259 *ret_keyslot = keyslot;
260 *ret_required = required;
261 return 0;
262}277}
diff --git a/src/cryptsetup/cryptsetup-fido2.h b/src/cryptsetup/cryptsetup-fido2.h
index 204f1e0..371bf21 100644
--- a/src/cryptsetup/cryptsetup-fido2.h
+++ b/src/cryptsetup/cryptsetup-fido2.h
@@ -29,15 +29,19 @@ int acquire_fido2_key(
29 size_t *ret_decrypted_key_size,29 size_t *ret_decrypted_key_size,
30 AskPasswordFlags ask_password_flags);30 AskPasswordFlags ask_password_flags);
3131
32int find_fido2_auto_data(32int acquire_fido2_key_auto(
33 struct crypt_device *cd,33 struct crypt_device *cd,
34 char **ret_rp_id,34 const char *name,
35 void **ret_salt,35 const char *friendly_name,
36 size_t *ret_salt_size,36 const char *fido2_device,
37 void **ret_cid,37 const char *key_file,
38 size_t *ret_cid_size,38 size_t key_file_size,
39 int *ret_keyslot,39 uint64_t key_file_offset,
40 Fido2EnrollFlags *ret_required);40 usec_t until,
41 bool headless,
42 void **ret_decrypted_key,
43 size_t *ret_decrypted_key_size,
44 AskPasswordFlags ask_password_flags);
4145
42#else46#else
4347
@@ -64,15 +68,19 @@ static inline int acquire_fido2_key(
64 "FIDO2 token support not available.");68 "FIDO2 token support not available.");
65}69}
6670
67static inline int find_fido2_auto_data(71static inline int acquire_fido2_key_auto(
68 struct crypt_device *cd,72 struct crypt_device *cd,
69 char **ret_rp_id,73 const char *name,
70 void **ret_salt,74 const char *friendly_name,
71 size_t *ret_salt_size,75 const char *fido2_device,
72 void **ret_cid,76 const char *key_file,
73 size_t *ret_cid_size,77 size_t key_file_size,
74 int *ret_keyslot,78 uint64_t key_file_offset,
75 Fido2EnrollFlags *ret_required) {79 usec_t until,
80 bool headless,
81 void **ret_decrypted_key,
82 size_t *ret_decrypted_key_size,
83 AskPasswordFlags ask_password_flags) {
7684
77 return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),85 return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
78 "FIDO2 token support not available.");86 "FIDO2 token support not available.");
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index 7aa36b4..a8cfc6d 100644
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -1061,9 +1061,8 @@ static int attach_luks_or_plain_or_bitlk_by_fido2(
1061 _cleanup_(sd_device_monitor_unrefp) sd_device_monitor *monitor = NULL;1061 _cleanup_(sd_device_monitor_unrefp) sd_device_monitor *monitor = NULL;
1062 _cleanup_(erase_and_freep) void *decrypted_key = NULL;1062 _cleanup_(erase_and_freep) void *decrypted_key = NULL;
1063 _cleanup_(sd_event_unrefp) sd_event *event = NULL;1063 _cleanup_(sd_event_unrefp) sd_event *event = NULL;
1064 _cleanup_free_ void *discovered_salt = NULL, *discovered_cid = NULL;1064 size_t decrypted_key_size, cid_size = 0;
1065 size_t discovered_salt_size, discovered_cid_size, decrypted_key_size, cid_size = 0;1065 _cleanup_free_ char *friendly = NULL;
1066 _cleanup_free_ char *friendly = NULL, *discovered_rp_id = NULL;
1067 int keyslot = arg_key_slot, r;1066 int keyslot = arg_key_slot, r;
1068 const char *rp_id = NULL;1067 const char *rp_id = NULL;
1069 const void *cid = NULL;1068 const void *cid = NULL;
@@ -1088,32 +1087,6 @@ static int attach_luks_or_plain_or_bitlk_by_fido2(
1088 * use PIN + UP when needed, and do not configure UV at all. Eventually, we should make this1087 * use PIN + UP when needed, and do not configure UV at all. Eventually, we should make this
1089 * explicitly configurable. */1088 * explicitly configurable. */
1090 required = FIDO2ENROLL_PIN_IF_NEEDED | FIDO2ENROLL_UP_IF_NEEDED | FIDO2ENROLL_UV_OMIT;1089 required = FIDO2ENROLL_PIN_IF_NEEDED | FIDO2ENROLL_UP_IF_NEEDED | FIDO2ENROLL_UV_OMIT;
1091 } else if (!use_libcryptsetup_plugin) {
1092 r = find_fido2_auto_data(
1093 cd,
1094 &discovered_rp_id,
1095 &discovered_salt,
1096 &discovered_salt_size,
1097 &discovered_cid,
1098 &discovered_cid_size,
1099 &keyslot,
1100 &required);
1101
1102 if (IN_SET(r, -ENOTUNIQ, -ENXIO))
1103 return log_debug_errno(SYNTHETIC_ERRNO(EAGAIN),
1104 "Automatic FIDO2 metadata discovery was not possible because missing or not unique, falling back to traditional unlocking.");
1105 if (r < 0)
1106 return r;
1107
1108 if ((required & (FIDO2ENROLL_PIN | FIDO2ENROLL_UP | FIDO2ENROLL_UV)) && arg_headless)
1109 return log_error_errno(SYNTHETIC_ERRNO(ENOPKG),
1110 "Local verification is required to unlock this volume, but the 'headless' parameter was set.");
1111
1112 rp_id = discovered_rp_id;
1113 key_data = discovered_salt;
1114 key_data_size = discovered_salt_size;
1115 cid = discovered_cid;
1116 cid_size = discovered_cid_size;
1117 }1090 }
11181091
1119 friendly = friendly_disk_name(crypt_get_device_name(cd), name);1092 friendly = friendly_disk_name(crypt_get_device_name(cd), name);
@@ -1128,19 +1101,31 @@ static int attach_luks_or_plain_or_bitlk_by_fido2(
1128 "Automatic FIDO2 metadata discovery was not possible because missing or not unique, falling back to traditional unlocking.");1101 "Automatic FIDO2 metadata discovery was not possible because missing or not unique, falling back to traditional unlocking.");
11291102
1130 } else {1103 } else {
1131 r = acquire_fido2_key(1104 if (cid)
1132 name,1105 r = acquire_fido2_key(
1133 friendly,1106 name,
1134 arg_fido2_device,1107 friendly,
1135 rp_id,1108 arg_fido2_device,
1136 cid, cid_size,1109 rp_id,
1137 key_file, arg_keyfile_size, arg_keyfile_offset,1110 cid, cid_size,
1138 key_data, key_data_size,1111 key_file, arg_keyfile_size, arg_keyfile_offset,
1139 until,1112 key_data, key_data_size,
1140 arg_headless,1113 until,
1141 required,1114 arg_headless,
1142 &decrypted_key, &decrypted_key_size,1115 required,
1143 arg_ask_password_flags);1116 &decrypted_key, &decrypted_key_size,
1117 arg_ask_password_flags);
1118 else
1119 r = acquire_fido2_key_auto(
1120 cd,
1121 name,
1122 friendly,
1123 arg_fido2_device,
1124 key_file, arg_keyfile_size, arg_keyfile_offset,
1125 until,
1126 arg_headless,
1127 &decrypted_key, &decrypted_key_size,
1128 arg_ask_password_flags);
1144 if (r >= 0)1129 if (r >= 0)
1145 break;1130 break;
1146 }1131 }
diff --git a/src/fundamental/macro-fundamental.h b/src/fundamental/macro-fundamental.h
index c11a5b1..e73174a 100644
--- a/src/fundamental/macro-fundamental.h
+++ b/src/fundamental/macro-fundamental.h
@@ -20,6 +20,7 @@
20#define _hidden_ __attribute__((__visibility__("hidden")))20#define _hidden_ __attribute__((__visibility__("hidden")))
21#define _likely_(x) (__builtin_expect(!!(x), 1))21#define _likely_(x) (__builtin_expect(!!(x), 1))
22#define _malloc_ __attribute__((__malloc__))22#define _malloc_ __attribute__((__malloc__))
23#define _noinline_ __attribute__((noinline))
23#define _noreturn_ _Noreturn24#define _noreturn_ _Noreturn
24#define _packed_ __attribute__((__packed__))25#define _packed_ __attribute__((__packed__))
25#define _printf_(a, b) __attribute__((__format__(printf, a, b)))26#define _printf_(a, b) __attribute__((__format__(printf, a, b)))
diff --git a/src/gpt-auto-generator/gpt-auto-generator.c b/src/gpt-auto-generator/gpt-auto-generator.c
index 143faa0..30639b3 100644
--- a/src/gpt-auto-generator/gpt-auto-generator.c
+++ b/src/gpt-auto-generator/gpt-auto-generator.c
@@ -414,14 +414,14 @@ static int add_automount(
414static const char *esp_or_xbootldr_options(const DissectedPartition *p) {414static const char *esp_or_xbootldr_options(const DissectedPartition *p) {
415 assert(p);415 assert(p);
416416
417 /* if we probed vfat or have no idea about the file system then assume these file systems are vfat417 /* Discoveried ESP and XBOOTLDR partition are always hardened with "noexec,nosuid,nodev".
418 * and thus understand "umask=0077". If we detected something else then don't specify any options and418 * If we probed vfat or have no idea about the file system then assume these file systems are vfat
419 * use kernel defaults. */419 * and thus understand "umask=0077". */
420420
421 if (!p->fstype || streq(p->fstype, "vfat"))421 if (!p->fstype || streq(p->fstype, "vfat"))
422 return "umask=0077";422 return "umask=0077,noexec,nosuid,nodev";
423423
424 return NULL;424 return "noexec,nosuid,nodev";
425}425}
426426
427static int add_partition_xbootldr(DissectedPartition *p) {427static int add_partition_xbootldr(DissectedPartition *p) {
diff --git a/src/import/curl-util.c b/src/import/curl-util.c
index c124c98..94f718d 100644
--- a/src/import/curl-util.c
+++ b/src/import/curl-util.c
@@ -252,7 +252,11 @@ int curl_glue_make(CURL **ret, const char *url, void *userdata) {
252 if (curl_easy_setopt(c, CURLOPT_LOW_SPEED_LIMIT, 30L) != CURLE_OK)252 if (curl_easy_setopt(c, CURLOPT_LOW_SPEED_LIMIT, 30L) != CURLE_OK)
253 return -EIO;253 return -EIO;
254254
255#if LIBCURL_VERSION_NUM >= 0x075500 /* libcurl 7.85.0 */
256 if (curl_easy_setopt(c, CURLOPT_PROTOCOLS_STR, "HTTP,HTTPS,FILE") != CURLE_OK)
257#else
255 if (curl_easy_setopt(c, CURLOPT_PROTOCOLS, CURLPROTO_HTTP|CURLPROTO_HTTPS|CURLPROTO_FILE) != CURLE_OK)258 if (curl_easy_setopt(c, CURLOPT_PROTOCOLS, CURLPROTO_HTTP|CURLPROTO_HTTPS|CURLPROTO_FILE) != CURLE_OK)
259#endif
256 return -EIO;260 return -EIO;
257261
258 *ret = TAKE_PTR(c);262 *ret = TAKE_PTR(c);
diff --git a/src/import/pull-job.c b/src/import/pull-job.c
index 1e105bc..d4d07a0 100644
--- a/src/import/pull-job.c
+++ b/src/import/pull-job.c
@@ -124,8 +124,8 @@ static int pull_job_restart(PullJob *j, const char *new_url) {
124124
125void pull_job_curl_on_finished(CurlGlue *g, CURL *curl, CURLcode result) {125void pull_job_curl_on_finished(CurlGlue *g, CURL *curl, CURLcode result) {
126 PullJob *j = NULL;126 PullJob *j = NULL;
127 char *scheme = NULL;
127 CURLcode code;128 CURLcode code;
128 long protocol;
129 int r;129 int r;
130130
131 if (curl_easy_getinfo(curl, CURLINFO_PRIVATE, (char **)&j) != CURLE_OK)131 if (curl_easy_getinfo(curl, CURLINFO_PRIVATE, (char **)&j) != CURLE_OK)
@@ -139,13 +139,13 @@ void pull_job_curl_on_finished(CurlGlue *g, CURL *curl, CURLcode result) {
139 goto finish;139 goto finish;
140 }140 }
141141
142 code = curl_easy_getinfo(curl, CURLINFO_PROTOCOL, &protocol);142 code = curl_easy_getinfo(curl, CURLINFO_SCHEME, &scheme);
143 if (code != CURLE_OK) {143 if (code != CURLE_OK || !scheme) {
144 r = log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to retrieve response code: %s", curl_easy_strerror(code));144 r = log_error_errno(SYNTHETIC_ERRNO(EIO), "Failed to retrieve URL scheme.");
145 goto finish;145 goto finish;
146 }146 }
147147
148 if (IN_SET(protocol, CURLPROTO_HTTP, CURLPROTO_HTTPS)) {148 if (STRCASE_IN_SET(scheme, "HTTP", "HTTPS")) {
149 long status;149 long status;
150150
151 code = curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &status);151 code = curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &status);
diff --git a/src/journal-remote/microhttpd-util.h b/src/journal-remote/microhttpd-util.h
index 7e7d1b5..df18335 100644
--- a/src/journal-remote/microhttpd-util.h
+++ b/src/journal-remote/microhttpd-util.h
@@ -64,11 +64,11 @@ void microhttpd_logger(void *arg, const char *fmt, va_list ap) _printf_(2, 0);
6464
65int mhd_respondf(struct MHD_Connection *connection,65int mhd_respondf(struct MHD_Connection *connection,
66 int error,66 int error,
67 unsigned code,67 enum MHD_RequestTerminationCode code,
68 const char *format, ...) _printf_(4,5);68 const char *format, ...) _printf_(4,5);
6969
70int mhd_respond(struct MHD_Connection *connection,70int mhd_respond(struct MHD_Connection *connection,
71 unsigned code,71 enum MHD_RequestTerminationCode code,
72 const char *message);72 const char *message);
7373
74int mhd_respond_oom(struct MHD_Connection *connection);74int mhd_respond_oom(struct MHD_Connection *connection);
diff --git a/src/kernel-install/50-depmod.install b/src/kernel-install/50-depmod.install
index 43bd87c..88f858f 100755
--- a/src/kernel-install/50-depmod.install
+++ b/src/kernel-install/50-depmod.install
@@ -23,6 +23,8 @@ set -e
23COMMAND="${1:?}"23COMMAND="${1:?}"
24KERNEL_VERSION="${2:?}"24KERNEL_VERSION="${2:?}"
2525
26[ -w "/lib/modules" ] || exit 0
27
26case "$COMMAND" in28case "$COMMAND" in
27 add)29 add)
28 [ -d "/lib/modules/$KERNEL_VERSION/kernel" ] || exit 030 [ -d "/lib/modules/$KERNEL_VERSION/kernel" ] || exit 0
diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
index a106f7f..b755c12 100644
--- a/src/libsystemd-network/sd-dhcp-client.c
+++ b/src/libsystemd-network/sd-dhcp-client.c
@@ -188,35 +188,33 @@ int sd_dhcp_client_id_to_string(const void *data, size_t len, char **ret) {
188 r = asprintf(&t, "DATA");188 r = asprintf(&t, "DATA");
189 break;189 break;
190 case 1:190 case 1:
191 if (len != sizeof_field(sd_dhcp_client_id, eth))191 if (len == sizeof_field(sd_dhcp_client_id, eth))
192 return -EINVAL;192 r = asprintf(&t, "%02x:%02x:%02x:%02x:%02x:%02x",
193193 client_id->eth.haddr[0],
194 r = asprintf(&t, "%02x:%02x:%02x:%02x:%02x:%02x",194 client_id->eth.haddr[1],
195 client_id->eth.haddr[0],195 client_id->eth.haddr[2],
196 client_id->eth.haddr[1],196 client_id->eth.haddr[3],
197 client_id->eth.haddr[2],197 client_id->eth.haddr[4],
198 client_id->eth.haddr[3],198 client_id->eth.haddr[5]);
199 client_id->eth.haddr[4],199 else
200 client_id->eth.haddr[5]);200 r = asprintf(&t, "ETHER");
201 break;201 break;
202 case 2 ... 254:202 case 2 ... 254:
203 r = asprintf(&t, "ARP/LL");203 r = asprintf(&t, "ARP/LL");
204 break;204 break;
205 case 255:205 case 255:
206 if (len < 6)206 if (len < sizeof(uint32_t))
207 return -EINVAL;207 r = asprintf(&t, "IAID/DUID");
208208 else {
209 uint32_t iaid = be32toh(client_id->ns.iaid);209 uint32_t iaid = be32toh(client_id->ns.iaid);
210 uint16_t duid_type = be16toh(client_id->ns.duid.type);210 /* TODO: check and stringify DUID */
211 if (dhcp_validate_duid_len(duid_type, len - 6, true) < 0)211 r = asprintf(&t, "IAID:0x%x/DUID", iaid);
212 return -EINVAL;212 }
213
214 r = asprintf(&t, "IAID:0x%x/DUID", iaid);
215 break;213 break;
216 }214 }
217
218 if (r < 0)215 if (r < 0)
219 return -ENOMEM;216 return -ENOMEM;
217
220 *ret = TAKE_PTR(t);218 *ret = TAKE_PTR(t);
221 return 0;219 return 0;
222}220}
diff --git a/src/libsystemd-network/sd-dhcp-lease.c b/src/libsystemd-network/sd-dhcp-lease.c
index d9db35f..b14ad57 100644
--- a/src/libsystemd-network/sd-dhcp-lease.c
+++ b/src/libsystemd-network/sd-dhcp-lease.c
@@ -995,7 +995,7 @@ int dhcp_lease_save(sd_dhcp_lease *lease, const char *lease_file) {
995 r = sd_dhcp_lease_get_router(lease, &addresses);995 r = sd_dhcp_lease_get_router(lease, &addresses);
996 if (r > 0) {996 if (r > 0) {
997 fputs("ROUTER=", f);997 fputs("ROUTER=", f);
998 serialize_in_addrs(f, addresses, r, false, NULL);998 serialize_in_addrs(f, addresses, r, NULL, NULL);
999 fputc('\n', f);999 fputc('\n', f);
1000 }1000 }
10011001
@@ -1030,21 +1030,21 @@ int dhcp_lease_save(sd_dhcp_lease *lease, const char *lease_file) {
1030 r = sd_dhcp_lease_get_dns(lease, &addresses);1030 r = sd_dhcp_lease_get_dns(lease, &addresses);
1031 if (r > 0) {1031 if (r > 0) {
1032 fputs("DNS=", f);1032 fputs("DNS=", f);
1033 serialize_in_addrs(f, addresses, r, false, NULL);1033 serialize_in_addrs(f, addresses, r, NULL, NULL);
1034 fputc('\n', f);1034 fputc('\n', f);
1035 }1035 }
10361036
1037 r = sd_dhcp_lease_get_ntp(lease, &addresses);1037 r = sd_dhcp_lease_get_ntp(lease, &addresses);
1038 if (r > 0) {1038 if (r > 0) {
1039 fputs("NTP=", f);1039 fputs("NTP=", f);
1040 serialize_in_addrs(f, addresses, r, false, NULL);1040 serialize_in_addrs(f, addresses, r, NULL, NULL);
1041 fputc('\n', f);1041 fputc('\n', f);
1042 }1042 }
10431043
1044 r = sd_dhcp_lease_get_sip(lease, &addresses);1044 r = sd_dhcp_lease_get_sip(lease, &addresses);
1045 if (r > 0) {1045 if (r > 0) {
1046 fputs("SIP=", f);1046 fputs("SIP=", f);
1047 serialize_in_addrs(f, addresses, r, false, NULL);1047 serialize_in_addrs(f, addresses, r, NULL, NULL);
1048 fputc('\n', f);1048 fputc('\n', f);
1049 }1049 }
10501050
diff --git a/src/libsystemd-network/test-ndisc-ra.c b/src/libsystemd-network/test-ndisc-ra.c
index 001df4d..bd8c0fd 100644
--- a/src/libsystemd-network/test-ndisc-ra.c
+++ b/src/libsystemd-network/test-ndisc-ra.c
@@ -53,7 +53,6 @@ static uint8_t advertisement[] = {
5353
54static bool test_stopped;54static bool test_stopped;
55static int test_fd[2];55static int test_fd[2];
56static sd_event_source *recv_router_advertisement;
57static struct {56static struct {
58 struct in6_addr address;57 struct in6_addr address;
59 unsigned char prefixlen;58 unsigned char prefixlen;
@@ -281,9 +280,9 @@ static int radv_recv(sd_event_source *s, int fd, uint32_t revents, void *userdat
281}280}
282281
283TEST(ra) {282TEST(ra) {
284 sd_event *e;283 _cleanup_(sd_event_unrefp) sd_event *e = NULL;
285 sd_radv *ra;284 _cleanup_(sd_event_source_unrefp) sd_event_source *recv_router_advertisement = NULL;
286 unsigned i;285 _cleanup_(sd_radv_unrefp) sd_radv *ra = NULL;
287286
288 assert_se(socketpair(AF_UNIX, SOCK_SEQPACKET | SOCK_CLOEXEC | SOCK_NONBLOCK, 0, test_fd) >= 0);287 assert_se(socketpair(AF_UNIX, SOCK_SEQPACKET | SOCK_CLOEXEC | SOCK_NONBLOCK, 0, test_fd) >= 0);
289288
@@ -303,7 +302,7 @@ TEST(ra) {
303 assert_se(sd_radv_set_rdnss(ra, 60, &test_rdnss, 1) >= 0);302 assert_se(sd_radv_set_rdnss(ra, 60, &test_rdnss, 1) >= 0);
304 assert_se(sd_radv_set_dnssl(ra, 60, (char **)test_dnssl) >= 0);303 assert_se(sd_radv_set_dnssl(ra, 60, (char **)test_dnssl) >= 0);
305304
306 for (i = 0; i < ELEMENTSOF(prefix); i++) {305 for (unsigned i = 0; i < ELEMENTSOF(prefix); i++) {
307 sd_radv_prefix *p;306 sd_radv_prefix *p;
308307
309 printf("Test prefix %u\n", i);308 printf("Test prefix %u\n", i);
@@ -324,8 +323,8 @@ TEST(ra) {
324 assert_se(!p);323 assert_se(!p);
325 }324 }
326325
327 assert_se(sd_event_add_io(e, &recv_router_advertisement, test_fd[0],326 assert_se(sd_event_add_io(e, &recv_router_advertisement, test_fd[0], EPOLLIN, radv_recv, ra) >= 0);
328 EPOLLIN, radv_recv, ra) >= 0);327 assert_se(sd_event_source_set_io_fd_own(recv_router_advertisement, true) >= 0);
329328
330 assert_se(sd_event_add_time_relative(e, NULL, CLOCK_BOOTTIME,329 assert_se(sd_event_add_time_relative(e, NULL, CLOCK_BOOTTIME,
331 2 * USEC_PER_SEC, 0,330 2 * USEC_PER_SEC, 0,
@@ -334,13 +333,6 @@ TEST(ra) {
334 assert_se(sd_radv_start(ra) >= 0);333 assert_se(sd_radv_start(ra) >= 0);
335334
336 assert_se(sd_event_loop(e) >= 0);335 assert_se(sd_event_loop(e) >= 0);
337
338 ra = sd_radv_unref(ra);
339 assert_se(!ra);
340
341 close(test_fd[0]);
342
343 sd_event_unref(e);
344}336}
345337
346DEFINE_TEST_MAIN(LOG_DEBUG);338DEFINE_TEST_MAIN(LOG_DEBUG);
diff --git a/src/libsystemd-network/test-ndisc-rs.c b/src/libsystemd-network/test-ndisc-rs.c
index 3c679f6..e501b64 100644
--- a/src/libsystemd-network/test-ndisc-rs.c
+++ b/src/libsystemd-network/test-ndisc-rs.c
@@ -10,6 +10,7 @@
10#include "sd-ndisc.h"10#include "sd-ndisc.h"
1111
12#include "alloc-util.h"12#include "alloc-util.h"
13#include "fd-util.h"
13#include "hexdecoct.h"14#include "hexdecoct.h"
14#include "icmp6-util.h"15#include "icmp6-util.h"
15#include "socket-util.h"16#include "socket-util.h"
@@ -255,8 +256,8 @@ static void test_callback(sd_ndisc *nd, sd_ndisc_event_t event, sd_ndisc_router
255}256}
256257
257TEST(rs) {258TEST(rs) {
258 sd_event *e;259 _cleanup_(sd_event_unrefp) sd_event *e = NULL;
259 sd_ndisc *nd;260 _cleanup_(sd_ndisc_unrefp) sd_ndisc *nd = NULL;
260261
261 send_ra_function = send_ra;262 send_ra_function = send_ra;
262263
@@ -279,17 +280,13 @@ TEST(rs) {
279 assert_se(sd_ndisc_start(nd) >= 0);280 assert_se(sd_ndisc_start(nd) >= 0);
280 assert_se(sd_ndisc_start(nd) >= 0);281 assert_se(sd_ndisc_start(nd) >= 0);
281 assert_se(sd_ndisc_stop(nd) >= 0);282 assert_se(sd_ndisc_stop(nd) >= 0);
283 test_fd[1] = safe_close(test_fd[1]);
282284
283 assert_se(sd_ndisc_start(nd) >= 0);285 assert_se(sd_ndisc_start(nd) >= 0);
284286
285 assert_se(sd_event_loop(e) >= 0);287 assert_se(sd_event_loop(e) >= 0);
286288
287 nd = sd_ndisc_unref(nd);289 test_fd[1] = safe_close(test_fd[1]);
288 assert_se(!nd);
289
290 close(test_fd[1]);
291
292 sd_event_unref(e);
293}290}
294291
295static int test_timeout_value(uint8_t flags) {292static int test_timeout_value(uint8_t flags) {
@@ -342,8 +339,8 @@ static int test_timeout_value(uint8_t flags) {
342}339}
343340
344TEST(timeout) {341TEST(timeout) {
345 sd_event *e;342 _cleanup_(sd_event_unrefp) sd_event *e = NULL;
346 sd_ndisc *nd;343 _cleanup_(sd_ndisc_unrefp) sd_ndisc *nd = NULL;
347344
348 send_ra_function = test_timeout_value;345 send_ra_function = test_timeout_value;
349346
@@ -367,9 +364,7 @@ TEST(timeout) {
367364
368 assert_se(sd_event_loop(e) >= 0);365 assert_se(sd_event_loop(e) >= 0);
369366
370 nd = sd_ndisc_unref(nd);367 test_fd[1] = safe_close(test_fd[1]);
371
372 sd_event_unref(e);
373}368}
374369
375DEFINE_TEST_MAIN(LOG_DEBUG);370DEFINE_TEST_MAIN(LOG_DEBUG);
diff --git a/src/libsystemd/sd-device/test-sd-device.c b/src/libsystemd/sd-device/test-sd-device.c
index 4ab8b38..ff4209e 100644
--- a/src/libsystemd/sd-device/test-sd-device.c
+++ b/src/libsystemd/sd-device/test-sd-device.c
@@ -180,15 +180,16 @@ static void test_sd_device_one(sd_device *d) {
180 } else180 } else
181 assert_se(r == -ENOENT);181 assert_se(r == -ENOENT);
182182
183 r = sd_device_get_sysattr_value(d, "name_assign_type", &val);183 r = sd_device_get_sysattr_value(d, "nsid", NULL);
184 assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r) || IN_SET(r, -ENOENT, -EINVAL));184 if (r >= 0) {
185
186 if (r > 0) {
187 unsigned x;185 unsigned x;
188186
189 assert_se(device_get_sysattr_unsigned(d, "name_assign_type", NULL) >= 0);187 assert_se(device_get_sysattr_unsigned(d, "nsid", NULL) >= 0);
190 assert_se(device_get_sysattr_unsigned(d, "name_assign_type", &x) >= 0);188 r = device_get_sysattr_unsigned(d, "nsid", &x);
191 }189 assert_se(r >= 0);
190 assert_se((x > 0) == (r > 0));
191 } else
192 assert_se(ERRNO_IS_PRIVILEGE(r) || IN_SET(r, -ENOENT, -EINVAL));
192}193}
193194
194TEST(sd_device_enumerator_devices) {195TEST(sd_device_enumerator_devices) {
diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c
index 778070a..4a4cc3a 100644
--- a/src/libsystemd/sd-event/sd-event.c
+++ b/src/libsystemd/sd-event/sd-event.c
@@ -658,7 +658,9 @@ static int event_make_signal_data(
658 ss_copy = d->sigset;658 ss_copy = d->sigset;
659 assert_se(sigaddset(&ss_copy, sig) >= 0);659 assert_se(sigaddset(&ss_copy, sig) >= 0);
660660
661 r = signalfd(d->fd, &ss_copy, SFD_NONBLOCK|SFD_CLOEXEC);661 r = signalfd(d->fd >= 0 ? d->fd : -1, /* the first arg must be -1 or a valid signalfd */
662 &ss_copy,
663 SFD_NONBLOCK|SFD_CLOEXEC);
662 if (r < 0) {664 if (r < 0) {
663 r = -errno;665 r = -errno;
664 goto fail;666 goto fail;
@@ -2723,6 +2725,9 @@ _public_ int sd_event_source_set_time_relative(sd_event_source *s, uint64_t usec
2723 assert_return(s, -EINVAL);2725 assert_return(s, -EINVAL);
2724 assert_return(EVENT_SOURCE_IS_TIME(s->type), -EDOM);2726 assert_return(EVENT_SOURCE_IS_TIME(s->type), -EDOM);
27252727
2728 if (usec == USEC_INFINITY)
2729 return sd_event_source_set_time(s, USEC_INFINITY);
2730
2726 r = sd_event_now(s->event, event_source_type_to_clock(s->type), &t);2731 r = sd_event_now(s->event, event_source_type_to_clock(s->type), &t);
2727 if (r < 0)2732 if (r < 0)
2728 return r;2733 return r;
diff --git a/src/locale/localed.c b/src/locale/localed.c
index 7aa47f1..8b1f0de 100644
--- a/src/locale/localed.c
+++ b/src/locale/localed.c
@@ -32,7 +32,7 @@
32#include "strv.h"32#include "strv.h"
33#include "user-util.h"33#include "user-util.h"
3434
35static int locale_update_system_manager(sd_bus *bus, char **l_set, char **l_unset) {35static int reload_system_manager(sd_bus *bus) {
36 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;36 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
37 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;37 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
38 int r;38 int r;
@@ -43,21 +43,13 @@ static int locale_update_system_manager(sd_bus *bus, char **l_set, char **l_unse
43 "org.freedesktop.systemd1",43 "org.freedesktop.systemd1",
44 "/org/freedesktop/systemd1",44 "/org/freedesktop/systemd1",
45 "org.freedesktop.systemd1.Manager",45 "org.freedesktop.systemd1.Manager",
46 "UnsetAndSetEnvironment");46 "Reload");
47 if (r < 0)
48 return bus_log_create_error(r);
49
50 r = sd_bus_message_append_strv(m, l_unset);
51 if (r < 0)
52 return bus_log_create_error(r);
53
54 r = sd_bus_message_append_strv(m, l_set);
55 if (r < 0)47 if (r < 0)
56 return bus_log_create_error(r);48 return bus_log_create_error(r);
5749
58 r = sd_bus_call(bus, m, 0, &error, NULL);50 r = sd_bus_call(bus, m, 0, &error, NULL);
59 if (r < 0)51 if (r < 0)
60 return log_error_errno(r, "Failed to update the manager environment: %s", bus_error_message(&error, r));52 return log_error_errno(r, "Failed to reload system manager: %s", bus_error_message(&error, r));
6153
62 return 0;54 return 0;
63}55}
@@ -393,7 +385,11 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er
393 return sd_bus_error_set_errnof(error, r, "Failed to set locale: %m");385 return sd_bus_error_set_errnof(error, r, "Failed to set locale: %m");
394 }386 }
395387
396 (void) locale_update_system_manager(sd_bus_message_get_bus(m), l_set, l_unset);388 /* Since we just updated the locale configuration file, ask the system manager to read it again to
389 * update its default locale settings. It's important to not use UnsetAndSetEnvironment or a similar
390 * method because in this case unsetting variables means restoring them to PID1 default values, which
391 * may be outdated, since locale.conf has just changed and PID1 hasn't read it */
392 (void) reload_system_manager(sd_bus_message_get_bus(m));
397393
398 if (!strv_isempty(l_set)) {394 if (!strv_isempty(l_set)) {
399 _cleanup_free_ char *line = NULL;395 _cleanup_free_ char *line = NULL;
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
index 86a5dec..2ab26b9 100644
--- a/src/login/logind-dbus.c
+++ b/src/login/logind-dbus.c
@@ -3970,6 +3970,12 @@ int manager_start_scope(
3970 if (r < 0)3970 if (r < 0)
3971 return r;3971 return r;
39723972
3973 /* For login session scopes, if a process is OOM killed by the kernel, *don't* terminate the rest of
3974 the scope */
3975 r = sd_bus_message_append(m, "(sv)", "OOMPolicy", "s", "continue");
3976 if (r < 0)
3977 return r;
3978
3973 /* disable TasksMax= for the session scope, rely on the slice setting for it */3979 /* disable TasksMax= for the session scope, rely on the slice setting for it */
3974 r = sd_bus_message_append(m, "(sv)", "TasksMax", "t", UINT64_MAX);3980 r = sd_bus_message_append(m, "(sv)", "TasksMax", "t", UINT64_MAX);
3975 if (r < 0)3981 if (r < 0)
diff --git a/src/network/netdev/l2tp-tunnel.c b/src/network/netdev/l2tp-tunnel.c
index 2bce0fc..fd2783e 100644
--- a/src/network/netdev/l2tp-tunnel.c
+++ b/src/network/netdev/l2tp-tunnel.c
@@ -522,7 +522,7 @@ int config_parse_l2tp_tunnel_local_address(
522 return log_oom();522 return log_oom();
523 }523 }
524524
525 type = l2tp_local_address_type_from_string(rvalue);525 type = l2tp_local_address_type_from_string(addr_or_type);
526 if (type >= 0) {526 if (type >= 0) {
527 free_and_replace(t->local_ifname, ifname);527 free_and_replace(t->local_ifname, ifname);
528 t->local_address_type = type;528 t->local_address_type = type;
@@ -535,15 +535,15 @@ int config_parse_l2tp_tunnel_local_address(
535 return 0;535 return 0;
536 }536 }
537537
538 r = in_addr_from_string_auto(rvalue, &f, &a);538 r = in_addr_from_string_auto(addr_or_type, &f, &a);
539 if (r < 0) {539 if (r < 0) {
540 log_syntax(unit, LOG_WARNING, filename, line, r,540 log_syntax(unit, LOG_WARNING, filename, line, r,
541 "Invalid L2TP Tunnel local address specified, ignoring assignment: %s", rvalue);541 "Invalid L2TP Tunnel local address \"%s\" specified, ignoring assignment: %s", addr_or_type, rvalue);
542 return 0;542 return 0;
543 }543 }
544544
545 if (in_addr_is_null(f, &a)) {545 if (in_addr_is_null(f, &a)) {
546 log_syntax(unit, LOG_WARNING, filename, line, r,546 log_syntax(unit, LOG_WARNING, filename, line, 0,
547 "L2TP Tunnel local address cannot be null, ignoring assignment: %s", rvalue);547 "L2TP Tunnel local address cannot be null, ignoring assignment: %s", rvalue);
548 return 0;548 return 0;
549 }549 }
@@ -599,7 +599,7 @@ int config_parse_l2tp_tunnel_remote_address(
599 }599 }
600600
601 if (in_addr_is_null(f, &a)) {601 if (in_addr_is_null(f, &a)) {
602 log_syntax(unit, LOG_WARNING, filename, line, r,602 log_syntax(unit, LOG_WARNING, filename, line, 0,
603 "L2TP Tunnel remote address cannot be null, ignoring assignment: %s", rvalue);603 "L2TP Tunnel remote address cannot be null, ignoring assignment: %s", rvalue);
604 return 0;604 return 0;
605 }605 }
diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c
index b614f6b..08b5bd8 100644
--- a/src/network/networkd-address.c
+++ b/src/network/networkd-address.c
@@ -1230,9 +1230,13 @@ int link_request_address(
12301230
1231 (void) address_get(link, address, &existing);1231 (void) address_get(link, address, &existing);
12321232
1233 if (address->lifetime_valid_usec == 0)1233 if (address->lifetime_valid_usec == 0) {
1234 if (consume_object)
1235 address_free(address);
1236
1234 /* The requested address is outdated. Let's remove it. */1237 /* The requested address is outdated. Let's remove it. */
1235 return address_remove_and_drop(existing);1238 return address_remove_and_drop(existing);
1239 }
12361240
1237 if (!existing) {1241 if (!existing) {
1238 _cleanup_(address_freep) Address *tmp = NULL;1242 _cleanup_(address_freep) Address *tmp = NULL;
diff --git a/src/network/networkd-ndisc.c b/src/network/networkd-ndisc.c
index a1402d7..5fb5d96 100644
--- a/src/network/networkd-ndisc.c
+++ b/src/network/networkd-ndisc.c
@@ -794,31 +794,24 @@ static int ndisc_router_process_options(Link *link, sd_ndisc_router *rt) {
794 return log_link_error_errno(link, r, "Failed to get RA option type: %m");794 return log_link_error_errno(link, r, "Failed to get RA option type: %m");
795795
796 switch (type) {796 switch (type) {
797
798 case SD_NDISC_OPTION_PREFIX_INFORMATION:797 case SD_NDISC_OPTION_PREFIX_INFORMATION:
799 r = ndisc_router_process_prefix(link, rt);798 r = ndisc_router_process_prefix(link, rt);
800 if (r < 0)
801 return r;
802 break;799 break;
803800
804 case SD_NDISC_OPTION_ROUTE_INFORMATION:801 case SD_NDISC_OPTION_ROUTE_INFORMATION:
805 r = ndisc_router_process_route(link, rt);802 r = ndisc_router_process_route(link, rt);
806 if (r < 0)
807 return r;
808 break;803 break;
809804
810 case SD_NDISC_OPTION_RDNSS:805 case SD_NDISC_OPTION_RDNSS:
811 r = ndisc_router_process_rdnss(link, rt);806 r = ndisc_router_process_rdnss(link, rt);
812 if (r < 0)
813 return r;
814 break;807 break;
815808
816 case SD_NDISC_OPTION_DNSSL:809 case SD_NDISC_OPTION_DNSSL:
817 r = ndisc_router_process_dnssl(link, rt);810 r = ndisc_router_process_dnssl(link, rt);
818 if (r < 0)
819 return r;
820 break;811 break;
821 }812 }
813 if (r < 0 && r != -EBADMSG)
814 return r;
822 }815 }
823}816}
824817
@@ -1001,6 +994,10 @@ static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) {
1001 assert(rt);994 assert(rt);
1002995
1003 r = sd_ndisc_router_get_address(rt, &router);996 r = sd_ndisc_router_get_address(rt, &router);
997 if (r == -ENODATA) {
998 log_link_debug(link, "Received RA without router address, ignoring.");
999 return 0;
1000 }
1004 if (r < 0)1001 if (r < 0)
1005 return log_link_error_errno(link, r, "Failed to get router address from RA: %m");1002 return log_link_error_errno(link, r, "Failed to get router address from RA: %m");
10061003
@@ -1015,6 +1012,10 @@ static int ndisc_router_handler(Link *link, sd_ndisc_router *rt) {
1015 }1012 }
10161013
1017 r = sd_ndisc_router_get_timestamp(rt, CLOCK_BOOTTIME, &timestamp_usec);1014 r = sd_ndisc_router_get_timestamp(rt, CLOCK_BOOTTIME, &timestamp_usec);
1015 if (r == -ENODATA) {
1016 log_link_debug(link, "Received RA without timestamp, ignoring.");
1017 return 0;
1018 }
1018 if (r < 0)1019 if (r < 0)
1019 return r;1020 return r;
10201021
@@ -1061,7 +1062,7 @@ static void ndisc_handler(sd_ndisc *nd, sd_ndisc_event_t event, sd_ndisc_router
10611062
1062 case SD_NDISC_EVENT_ROUTER:1063 case SD_NDISC_EVENT_ROUTER:
1063 r = ndisc_router_handler(link, rt);1064 r = ndisc_router_handler(link, rt);
1064 if (r < 0) {1065 if (r < 0 && r != -EBADMSG) {
1065 link_enter_failed(link);1066 link_enter_failed(link);
1066 return;1067 return;
1067 }1068 }
diff --git a/src/network/networkd-route.c b/src/network/networkd-route.c
index d1f3bab..5214a8a 100644
--- a/src/network/networkd-route.c
+++ b/src/network/networkd-route.c
@@ -1437,9 +1437,13 @@ int link_request_route(
14371437
1438 (void) route_get(link->manager, link, route, &existing);1438 (void) route_get(link->manager, link, route, &existing);
14391439
1440 if (route->lifetime_usec == 0)1440 if (route->lifetime_usec == 0) {
1441 if (consume_object)
1442 route_free(route);
1443
1441 /* The requested route is outdated. Let's remove it. */1444 /* The requested route is outdated. Let's remove it. */
1442 return route_remove_and_drop(existing);1445 return route_remove_and_drop(existing);
1446 }
14431447
1444 if (!existing) {1448 if (!existing) {
1445 _cleanup_(route_freep) Route *tmp = NULL;1449 _cleanup_(route_freep) Route *tmp = NULL;
diff --git a/src/nspawn/nspawn-patch-uid.c b/src/nspawn/nspawn-patch-uid.c
index 1535d19..75fa931 100644
--- a/src/nspawn/nspawn-patch-uid.c
+++ b/src/nspawn/nspawn-patch-uid.c
@@ -181,7 +181,9 @@ static int patch_acls(int fd, const char *name, const struct stat *st, uid_t shi
181181
182 if (S_ISDIR(st->st_mode)) {182 if (S_ISDIR(st->st_mode)) {
183 acl_free(acl);183 acl_free(acl);
184 acl_free(shifted);184
185 if (shifted)
186 acl_free(shifted);
185187
186 acl = shifted = NULL;188 acl = shifted = NULL;
187189
diff --git a/src/partition/growfs.c b/src/partition/growfs.c
index 8a04071..6280a24 100644
--- a/src/partition/growfs.c
+++ b/src/partition/growfs.c
@@ -3,12 +3,17 @@
3#include <errno.h>3#include <errno.h>
4#include <fcntl.h>4#include <fcntl.h>
5#include <getopt.h>5#include <getopt.h>
6#include <linux/btrfs.h>
7#include <linux/magic.h>6#include <linux/magic.h>
8#include <sys/ioctl.h>7#include <sys/ioctl.h>
9#include <sys/mount.h>8#include <sys/mount.h>
10#include <sys/types.h>9#include <sys/types.h>
11#include <sys/vfs.h>10#include <sys/vfs.h>
11/* This needs to be included after sys/mount.h, as since [0] linux/btrfs.h
12 * includes linux/fs.h causing build errors
13 * See: https://github.com/systemd/systemd/issues/8507
14 * [0] https://github.com/torvalds/linux/commit/a28135303a669917002f569aecebd5758263e4aa
15 */
16#include <linux/btrfs.h>
1217
13#include "sd-device.h"18#include "sd-device.h"
1419
diff --git a/src/resolve/resolvectl.c b/src/resolve/resolvectl.c
index b07761a..2d1caf7 100644
--- a/src/resolve/resolvectl.c
+++ b/src/resolve/resolvectl.c
@@ -1933,15 +1933,15 @@ static int status_global(sd_bus *bus, StatusMode mode, bool *empty_line) {
1933 return table_log_add_error(r);1933 return table_log_add_error(r);
1934 }1934 }
19351935
1936 r = dump_list(table, "DNS Servers:", global_info.dns_ex ?: global_info.dns);1936 r = dump_list(table, "DNS Servers", global_info.dns_ex ?: global_info.dns);
1937 if (r < 0)1937 if (r < 0)
1938 return r;1938 return r;
19391939
1940 r = dump_list(table, "Fallback DNS Servers:", global_info.fallback_dns_ex ?: global_info.fallback_dns);1940 r = dump_list(table, "Fallback DNS Servers", global_info.fallback_dns_ex ?: global_info.fallback_dns);
1941 if (r < 0)1941 if (r < 0)
1942 return r;1942 return r;
19431943
1944 r = dump_list(table, "DNS Domain:", global_info.domains);1944 r = dump_list(table, "DNS Domain", global_info.domains);
1945 if (r < 0)1945 if (r < 0)
1946 return r;1946 return r;
19471947
diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c
index 4f74449..88830fb 100644
--- a/src/resolve/resolved-dns-scope.c
+++ b/src/resolve/resolved-dns-scope.c
@@ -474,7 +474,8 @@ static int dns_scope_socket(
474 * host result in EHOSTUNREACH, since Linux won't send the packets out of the specified474 * host result in EHOSTUNREACH, since Linux won't send the packets out of the specified
475 * interface, but delivers them directly to the local socket. */475 * interface, but delivers them directly to the local socket. */
476 if (s->link &&476 if (s->link &&
477 !manager_find_link_address(s->manager, sa.sa.sa_family, sockaddr_in_addr(&sa.sa))) {477 !manager_find_link_address(s->manager, sa.sa.sa_family, sockaddr_in_addr(&sa.sa)) &&
478 in_addr_is_localhost(sa.sa.sa_family, sockaddr_in_addr(&sa.sa)) == 0) {
478 r = socket_bind_to_ifindex(fd, ifindex);479 r = socket_bind_to_ifindex(fd, ifindex);
479 if (r < 0)480 if (r < 0)
480 return r;481 return r;
diff --git a/src/resolve/resolved-dns-search-domain.c b/src/resolve/resolved-dns-search-domain.c
index bcbb275..647c0bd 100644
--- a/src/resolve/resolved-dns-search-domain.c
+++ b/src/resolve/resolved-dns-search-domain.c
@@ -52,7 +52,7 @@ int dns_search_domain_new(
52 l->n_search_domains++;52 l->n_search_domains++;
53 break;53 break;
5454
55 case DNS_SERVER_SYSTEM:55 case DNS_SEARCH_DOMAIN_SYSTEM:
56 LIST_APPEND(domains, m->search_domains, d);56 LIST_APPEND(domains, m->search_domains, d);
57 m->n_search_domains++;57 m->n_search_domains++;
58 break;58 break;
diff --git a/src/resolve/resolved-dns-server.h b/src/resolve/resolved-dns-server.h
index be9efb0..f939b53 100644
--- a/src/resolve/resolved-dns-server.h
+++ b/src/resolve/resolved-dns-server.h
@@ -44,8 +44,8 @@ typedef enum DnsServerFeatureLevel {
44#define DNS_SERVER_FEATURE_LEVEL_IS_DNSSEC(x) ((x) >= DNS_SERVER_FEATURE_LEVEL_DO)44#define DNS_SERVER_FEATURE_LEVEL_IS_DNSSEC(x) ((x) >= DNS_SERVER_FEATURE_LEVEL_DO)
45#define DNS_SERVER_FEATURE_LEVEL_IS_UDP(x) IN_SET(x, DNS_SERVER_FEATURE_LEVEL_UDP, DNS_SERVER_FEATURE_LEVEL_EDNS0, DNS_SERVER_FEATURE_LEVEL_DO)45#define DNS_SERVER_FEATURE_LEVEL_IS_UDP(x) IN_SET(x, DNS_SERVER_FEATURE_LEVEL_UDP, DNS_SERVER_FEATURE_LEVEL_EDNS0, DNS_SERVER_FEATURE_LEVEL_DO)
4646
47const char* dns_server_feature_level_to_string(int i) _const_;47const char* dns_server_feature_level_to_string(DnsServerFeatureLevel i) _const_;
48int dns_server_feature_level_from_string(const char *s) _pure_;48DnsServerFeatureLevel dns_server_feature_level_from_string(const char *s) _pure_;
4949
50struct DnsServer {50struct DnsServer {
51 Manager *manager;51 Manager *manager;
diff --git a/src/resolve/resolved-varlink.c b/src/resolve/resolved-varlink.c
index 8ba5eb9..f878d9e 100644
--- a/src/resolve/resolved-varlink.c
+++ b/src/resolve/resolved-varlink.c
@@ -243,7 +243,7 @@ static void vl_method_resolve_hostname_complete(DnsQuery *query) {
243 JSON_BUILD_PAIR("flags", JSON_BUILD_INTEGER(dns_query_reply_flags_make(q)))));243 JSON_BUILD_PAIR("flags", JSON_BUILD_INTEGER(dns_query_reply_flags_make(q)))));
244finish:244finish:
245 if (r < 0) {245 if (r < 0) {
246 log_error_errno(r, "Failed to send hostname reply: %m");246 log_full_errno(ERRNO_IS_DISCONNECT(r) ? LOG_DEBUG : LOG_ERR, r, "Failed to send hostname reply: %m");
247 r = varlink_error_errno(q->varlink_request, r);247 r = varlink_error_errno(q->varlink_request, r);
248 }248 }
249}249}
@@ -462,7 +462,7 @@ static void vl_method_resolve_address_complete(DnsQuery *query) {
462 JSON_BUILD_PAIR("flags", JSON_BUILD_INTEGER(dns_query_reply_flags_make(q)))));462 JSON_BUILD_PAIR("flags", JSON_BUILD_INTEGER(dns_query_reply_flags_make(q)))));
463finish:463finish:
464 if (r < 0) {464 if (r < 0) {
465 log_error_errno(r, "Failed to send address reply: %m");465 log_full_errno(ERRNO_IS_DISCONNECT(r) ? LOG_DEBUG : LOG_ERR, r, "Failed to send address reply: %m");
466 r = varlink_error_errno(q->varlink_request, r);466 r = varlink_error_errno(q->varlink_request, r);
467 }467 }
468}468}
diff --git a/src/shared/bootspec.c b/src/shared/bootspec.c
index 14bcbf6..ceb7012 100644
--- a/src/shared/bootspec.c
+++ b/src/shared/bootspec.c
@@ -740,9 +740,11 @@ static int boot_entry_load_unified(
740 if (!tmp.title)740 if (!tmp.title)
741 return log_oom();741 return log_oom();
742742
743 tmp.sort_key = strdup(good_sort_key);743 if (good_sort_key) {
744 if (!tmp.sort_key)744 tmp.sort_key = strdup(good_sort_key);
745 return log_oom();745 if (!tmp.sort_key)
746 return log_oom();
747 }
746748
747 if (good_version) {749 if (good_version) {
748 tmp.version = strdup(good_version);750 tmp.version = strdup(good_version);
diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
index b850a28..922011e 100644
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
@@ -2142,6 +2142,9 @@ static int bus_append_scope_property(sd_bus_message *m, const char *field, const
2142 if (STR_IN_SET(field, "User", "Group"))2142 if (STR_IN_SET(field, "User", "Group"))
2143 return bus_append_string(m, field, eq);2143 return bus_append_string(m, field, eq);
21442144
2145 if (streq(field, "OOMPolicy"))
2146 return bus_append_string(m, field, eq);
2147
2145 return 0;2148 return 0;
2146}2149}
21472150
diff --git a/src/shared/creds-util.c b/src/shared/creds-util.c
index ecf90e2..eab0ca1 100644
--- a/src/shared/creds-util.c
+++ b/src/shared/creds-util.c
@@ -9,6 +9,7 @@
9#include "sd-id128.h"9#include "sd-id128.h"
1010
11#include "blockdev-util.h"11#include "blockdev-util.h"
12#include "capability-util.h"
12#include "chattr-util.h"13#include "chattr-util.h"
13#include "creds-util.h"14#include "creds-util.h"
14#include "def.h"15#include "def.h"
@@ -173,10 +174,15 @@ static int make_credential_host_secret(
173 assert(dfd >= 0);174 assert(dfd >= 0);
174 assert(fn);175 assert(fn);
175176
176 fd = openat(dfd, ".", O_CLOEXEC|O_WRONLY|O_TMPFILE, 0400);177 /* For non-root users creating a temporary file using the openat(2) over "." will fail later, in the
178 * linkat(2) step at the end. The reason is that linkat(2) requires the CAP_DAC_READ_SEARCH
179 * capability when it uses the AT_EMPTY_PATH flag. */
180 if (have_effective_cap(CAP_DAC_READ_SEARCH) > 0) {
181 fd = openat(dfd, ".", O_CLOEXEC|O_WRONLY|O_TMPFILE, 0400);
182 if (fd < 0)
183 log_debug_errno(errno, "Failed to create temporary credential file with O_TMPFILE, proceeding without: %m");
184 }
177 if (fd < 0) {185 if (fd < 0) {
178 log_debug_errno(errno, "Failed to create temporary credential file with O_TMPFILE, proceeding without: %m");
179
180 if (asprintf(&t, "credential.secret.%016" PRIx64, random_u64()) < 0)186 if (asprintf(&t, "credential.secret.%016" PRIx64, random_u64()) < 0)
181 return -ENOMEM;187 return -ENOMEM;
182188
@@ -602,24 +608,14 @@ int encrypt_credential_and_warn(
602608
603#if HAVE_TPM2609#if HAVE_TPM2
604 bool try_tpm2;610 bool try_tpm2;
605 if (sd_id128_equal(with_key, _CRED_AUTO)) {611 if (sd_id128_in_set(with_key, _CRED_AUTO, _CRED_AUTO_INITRD)) {
606 /* If automatic mode is selected and we are running in a container, let's not try TPM2. OTOH612 /* If automatic mode is selected lets see if a TPM2 it is present. If we are running in a
607 * if user picks TPM2 explicitly, let's always honour the request and try. */613 * container tpm2_support will detect this, and will return a different flag combination of
608614 * TPM2_SUPPORT_FULL, effectively skipping the use of TPM2 when inside one. */
609 r = detect_container();
610 if (r < 0)
611 log_debug_errno(r, "Failed to determine whether we are running in a container, ignoring: %m");
612 else if (r > 0)
613 log_debug("Running in container, not attempting to use TPM2.");
614
615 try_tpm2 = r <= 0;
616 } else if (sd_id128_equal(with_key, _CRED_AUTO_INITRD)) {
617 /* If automatic mode for initrds is selected, we'll use the TPM2 key if the firmware does it,
618 * otherwise we'll use a fixed key */
619615
620 try_tpm2 = efi_has_tpm2();616 try_tpm2 = tpm2_support() == TPM2_SUPPORT_FULL;
621 if (!try_tpm2)617 if (!try_tpm2)
622 log_debug("Firmware lacks TPM2 support, not attempting to use TPM2.");618 log_debug("System lacks TPM2 support or running in a container, not attempting to use TPM2.");
623 } else619 } else
624 try_tpm2 = sd_id128_in_set(with_key,620 try_tpm2 = sd_id128_in_set(with_key,
625 CRED_AES256_GCM_BY_TPM2_HMAC,621 CRED_AES256_GCM_BY_TPM2_HMAC,
@@ -660,7 +656,7 @@ int encrypt_credential_and_warn(
660 &tpm2_primary_alg);656 &tpm2_primary_alg);
661 if (r < 0) {657 if (r < 0) {
662 if (sd_id128_equal(with_key, _CRED_AUTO_INITRD))658 if (sd_id128_equal(with_key, _CRED_AUTO_INITRD))
663 log_warning("Firmware reported a TPM2 being present and used, but we didn't manage to talk to it. Credential will be refused if SecureBoot is enabled.");659 log_warning("TPM2 present and used, but we didn't manage to talk to it. Credential will be refused if SecureBoot is enabled.");
664 else if (!sd_id128_equal(with_key, _CRED_AUTO))660 else if (!sd_id128_equal(with_key, _CRED_AUTO))
665 return r;661 return r;
666662
diff --git a/src/shared/generator.c b/src/shared/generator.c
index 5d019f4..85a6316 100644
--- a/src/shared/generator.c
+++ b/src/shared/generator.c
@@ -467,6 +467,14 @@ int generator_hook_up_mkfs(
467467
468 log_debug("Creating %s", unit_file);468 log_debug("Creating %s", unit_file);
469469
470 const char *fsck_unit;
471 if (in_initrd() && path_equal(where, "/sysroot"))
472 fsck_unit = SPECIAL_FSCK_ROOT_SERVICE;
473 else if (in_initrd() && path_equal(where, "/sysusr/usr"))
474 fsck_unit = SPECIAL_FSCK_USR_SERVICE;
475 else
476 fsck_unit = "systemd-fsck@%i.service";
477
470 escaped = cescape(node);478 escaped = cescape(node);
471 if (!escaped)479 if (!escaped)
472 return log_oom();480 return log_oom();
@@ -492,7 +500,7 @@ int generator_hook_up_mkfs(
492 "After=%%i.device\n"500 "After=%%i.device\n"
493 /* fsck might or might not be used, so let's be safe and order501 /* fsck might or might not be used, so let's be safe and order
494 * ourselves before both systemd-fsck@.service and the mount unit. */502 * ourselves before both systemd-fsck@.service and the mount unit. */
495 "Before=shutdown.target systemd-fsck@%%i.service %s\n"503 "Before=shutdown.target %s %s\n"
496 "\n"504 "\n"
497 "[Service]\n"505 "[Service]\n"
498 "Type=oneshot\n"506 "Type=oneshot\n"
@@ -500,6 +508,7 @@ int generator_hook_up_mkfs(
500 "ExecStart="SYSTEMD_MAKEFS_PATH " %s %s\n"508 "ExecStart="SYSTEMD_MAKEFS_PATH " %s %s\n"
501 "TimeoutSec=0\n",509 "TimeoutSec=0\n",
502 program_invocation_short_name,510 program_invocation_short_name,
511 fsck_unit,
503 where_unit,512 where_unit,
504 type,513 type,
505 escaped);514 escaped);
diff --git a/src/shared/install.c b/src/shared/install.c
index 834a1c5..2c030b8 100644
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -284,6 +284,9 @@ InstallChangeType install_changes_add(
284 assert(!changes == !n_changes);284 assert(!changes == !n_changes);
285 assert(INSTALL_CHANGE_TYPE_VALID(type));285 assert(INSTALL_CHANGE_TYPE_VALID(type));
286286
287 /* Message formatting requires <path> to be set. */
288 assert(path);
289
287 /* Register a change or error. Note that the return value may be the error290 /* Register a change or error. Note that the return value may be the error
288 * that was passed in, or -ENOMEM generated internally. */291 * that was passed in, or -ENOMEM generated internally. */
289292
@@ -339,7 +342,9 @@ void install_changes_dump(int r, const char *verb, const InstallChange *changes,
339 assert(verb || r >= 0);342 assert(verb || r >= 0);
340343
341 for (size_t i = 0; i < n_changes; i++) {344 for (size_t i = 0; i < n_changes; i++) {
342 assert(verb || changes[i].type >= 0);345 if (changes[i].type < 0)
346 assert(verb);
347 assert(changes[i].path);
343348
344 /* When making changes here, make sure to also change install_error() in dbus-manager.c. */349 /* When making changes here, make sure to also change install_error() in dbus-manager.c. */
345350
@@ -376,7 +381,7 @@ void install_changes_dump(int r, const char *verb, const InstallChange *changes,
376 break;381 break;
377 case INSTALL_CHANGE_AUXILIARY_FAILED:382 case INSTALL_CHANGE_AUXILIARY_FAILED:
378 if (!quiet)383 if (!quiet)
379 log_warning("Failed to enable auxiliary unit %s, ignoring.", changes[i].source);384 log_warning("Failed to enable auxiliary unit %s, ignoring.", changes[i].path);
380 break;385 break;
381 case -EEXIST:386 case -EEXIST:
382 if (changes[i].source)387 if (changes[i].source)
@@ -2126,7 +2131,7 @@ static int install_context_apply(
2126 q = install_info_traverse(ctx, lp, i, flags, NULL);2131 q = install_info_traverse(ctx, lp, i, flags, NULL);
2127 if (q < 0) {2132 if (q < 0) {
2128 if (i->auxiliary) {2133 if (i->auxiliary) {
2129 q = install_changes_add(changes, n_changes, INSTALL_CHANGE_AUXILIARY_FAILED, NULL, i->name);2134 q = install_changes_add(changes, n_changes, INSTALL_CHANGE_AUXILIARY_FAILED, i->name, NULL);
2130 if (q < 0)2135 if (q < 0)
2131 return q;2136 return q;
2132 continue;2137 continue;
diff --git a/src/shared/install.h b/src/shared/install.h
index 9bb412b..0abc738 100644
--- a/src/shared/install.h
+++ b/src/shared/install.h
@@ -197,7 +197,7 @@ int unit_file_exists(LookupScope scope, const LookupPaths *paths, const char *na
197int unit_file_get_list(LookupScope scope, const char *root_dir, Hashmap *h, char **states, char **patterns);197int unit_file_get_list(LookupScope scope, const char *root_dir, Hashmap *h, char **states, char **patterns);
198Hashmap* unit_file_list_free(Hashmap *h);198Hashmap* unit_file_list_free(Hashmap *h);
199199
200InstallChangeType install_changes_add(InstallChange **changes, size_t *n_changes, int type, const char *path, const char *source);200InstallChangeType install_changes_add(InstallChange **changes, size_t *n_changes, InstallChangeType type, const char *path, const char *source);
201void install_changes_free(InstallChange *changes, size_t n_changes);201void install_changes_free(InstallChange *changes, size_t n_changes);
202void install_changes_dump(int r, const char *verb, const InstallChange *changes, size_t n_changes, bool quiet);202void install_changes_dump(int r, const char *verb, const InstallChange *changes, size_t n_changes, bool quiet);
203203
@@ -224,7 +224,7 @@ UnitFileState unit_file_state_from_string(const char *s) _pure_;
224/* from_string conversion is unreliable because of the overlap between -EPERM and -1 for error. */224/* from_string conversion is unreliable because of the overlap between -EPERM and -1 for error. */
225225
226const char *install_change_type_to_string(InstallChangeType t) _const_;226const char *install_change_type_to_string(InstallChangeType t) _const_;
227int install_change_type_from_string(const char *s) _pure_;227InstallChangeType install_change_type_from_string(const char *s) _pure_;
228228
229const char *unit_file_preset_mode_to_string(UnitFilePresetMode m) _const_;229const char *unit_file_preset_mode_to_string(UnitFilePresetMode m) _const_;
230UnitFilePresetMode unit_file_preset_mode_from_string(const char *s) _pure_;230UnitFilePresetMode unit_file_preset_mode_from_string(const char *s) _pure_;
diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c
index 975c027..6882b62 100644
--- a/src/shared/mount-setup.c
+++ b/src/shared/mount-setup.c
@@ -102,8 +102,10 @@ static const MountPoint mount_table[] = {
102 cg_is_legacy_wanted, MNT_IN_CONTAINER },102 cg_is_legacy_wanted, MNT_IN_CONTAINER },
103 { "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd", MS_NOSUID|MS_NOEXEC|MS_NODEV,103 { "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd", MS_NOSUID|MS_NOEXEC|MS_NODEV,
104 cg_is_legacy_wanted, MNT_FATAL|MNT_IN_CONTAINER },104 cg_is_legacy_wanted, MNT_FATAL|MNT_IN_CONTAINER },
105#if ENABLE_PSTORE
105 { "pstore", "/sys/fs/pstore", "pstore", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,106 { "pstore", "/sys/fs/pstore", "pstore", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
106 NULL, MNT_NONE },107 NULL, MNT_NONE },
108#endif
107#if ENABLE_EFI109#if ENABLE_EFI
108 { "efivarfs", "/sys/firmware/efi/efivars", "efivarfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,110 { "efivarfs", "/sys/firmware/efi/efivars", "efivarfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
109 is_efi_boot, MNT_NONE },111 is_efi_boot, MNT_NONE },
diff --git a/src/shared/sleep-config.c b/src/shared/sleep-config.c
index efc066c..1632132 100644
--- a/src/shared/sleep-config.c
+++ b/src/shared/sleep-config.c
@@ -116,7 +116,7 @@ int parse_sleep_config(SleepConfig **ret_sleep_config) {
116 if (sc->hibernate_delay_sec == 0)116 if (sc->hibernate_delay_sec == 0)
117 sc->hibernate_delay_sec = 2 * USEC_PER_HOUR;117 sc->hibernate_delay_sec = 2 * USEC_PER_HOUR;
118118
119 /* ensure values set for all required fields */119 /* Ensure values set for all required fields */
120 if (!sc->states[SLEEP_SUSPEND] || !sc->modes[SLEEP_HIBERNATE]120 if (!sc->states[SLEEP_SUSPEND] || !sc->modes[SLEEP_HIBERNATE]
121 || !sc->states[SLEEP_HIBERNATE] || !sc->modes[SLEEP_HYBRID_SLEEP] || !sc->states[SLEEP_HYBRID_SLEEP])121 || !sc->states[SLEEP_HIBERNATE] || !sc->modes[SLEEP_HYBRID_SLEEP] || !sc->states[SLEEP_HYBRID_SLEEP])
122 return log_oom();122 return log_oom();
@@ -172,11 +172,11 @@ static int read_battery_capacity_percentage(sd_device *dev) {
172172
173 r = sd_device_get_property_value(dev, "POWER_SUPPLY_CAPACITY", &power_supply_capacity);173 r = sd_device_get_property_value(dev, "POWER_SUPPLY_CAPACITY", &power_supply_capacity);
174 if (r < 0)174 if (r < 0)
175 return log_device_debug_errno(dev, r, "Failed to read battery capacity: %m");175 return log_device_debug_errno(dev, r, "Failed to get property POWER_SUPPLY_CAPACITY: %m");
176176
177 r = safe_atoi(power_supply_capacity, &battery_capacity);177 r = safe_atoi(power_supply_capacity, &battery_capacity);
178 if (r < 0)178 if (r < 0)
179 return log_device_debug_errno(dev, r, "Failed to parse battery capacity: %m");179 return log_device_debug_errno(dev, r, "Failed to parse property POWER_SUPPLY_CAPACITY: %m");
180180
181 if (battery_capacity < 0 || battery_capacity > 100)181 if (battery_capacity < 0 || battery_capacity > 100)
182 return log_device_debug_errno(dev, SYNTHETIC_ERRNO(ERANGE), "Invalid battery capacity");182 return log_device_debug_errno(dev, SYNTHETIC_ERRNO(ERANGE), "Invalid battery capacity");
@@ -184,14 +184,14 @@ static int read_battery_capacity_percentage(sd_device *dev) {
184 return battery_capacity;184 return battery_capacity;
185}185}
186186
187/* If battery percentage capacity is less than equal to 5% return success */187/* If battery percentage capacity is <= 5%, return success */
188int battery_is_low(void) {188int battery_is_low(void) {
189 _cleanup_(sd_device_enumerator_unrefp) sd_device_enumerator *e = NULL;189 _cleanup_(sd_device_enumerator_unrefp) sd_device_enumerator *e = NULL;
190 sd_device *dev;190 sd_device *dev;
191 int r;191 int r;
192192
193 /* We have not used battery capacity_level since value is set to full193 /* We have not used battery capacity_level since value is set to full
194 * or Normal in case acpi is not working properly. In case of no battery194 * or Normal in case ACPI is not working properly. In case of no battery
195 * 0 will be returned and system will be suspended for 1st cycle then hibernated */195 * 0 will be returned and system will be suspended for 1st cycle then hibernated */
196196
197 r = battery_enumerator_new(&e);197 r = battery_enumerator_new(&e);
@@ -234,14 +234,12 @@ int fetch_batteries_capacity_by_name(Hashmap **ret) {
234 int battery_capacity;234 int battery_capacity;
235235
236 battery_capacity = r = read_battery_capacity_percentage(dev);236 battery_capacity = r = read_battery_capacity_percentage(dev);
237 if (r < 0) {237 if (r < 0)
238 log_device_debug_errno(dev, r, "Failed to get battery capacity, ignoring: %m");
239 continue;238 continue;
240 }
241239
242 r = sd_device_get_property_value(dev, "POWER_SUPPLY_NAME", &battery_name);240 r = sd_device_get_property_value(dev, "POWER_SUPPLY_NAME", &battery_name);
243 if (r < 0) {241 if (r < 0) {
244 log_device_debug_errno(dev, r, "Failed to read battery name, ignoring: %m");242 log_device_debug_errno(dev, r, "Failed to get POWER_SUPPLY_NAME property, ignoring: %m");
245 continue;243 continue;
246 }244 }
247245
@@ -272,11 +270,11 @@ static int get_battery_identifier(sd_device *dev, const char *property, struct s
272270
273 r = sd_device_get_property_value(dev, property, &x);271 r = sd_device_get_property_value(dev, property, &x);
274 if (r == -ENOENT)272 if (r == -ENOENT)
275 log_device_debug_errno(dev, r, "battery device property %s is unavailable, ignoring: %m", property);273 log_device_debug_errno(dev, r, "Battery device property %s is unavailable, ignoring: %m", property);
276 else if (r < 0)274 else if (r < 0)
277 return log_device_debug_errno(dev, r, "Failed to read battery device property %s: %m", property);275 return log_device_debug_errno(dev, r, "Failed to get battery device property %s: %m", property);
278 else if (isempty(x))276 else if (isempty(x))
279 log_device_debug(dev, "battery device property '%s' is null.", property);277 log_device_debug(dev, "Battery device property '%s' is empty.", property);
280 else278 else
281 siphash24_compress_string(x, state);279 siphash24_compress_string(x, state);
282280
@@ -319,7 +317,7 @@ static int get_system_battery_identifier_hash(sd_device *dev, uint64_t *ret) {
319 return 0;317 return 0;
320}318}
321319
322/* battery percentage discharge rate per hour is in range 1-199 then return success */320/* Return success if battery percentage discharge rate per hour is in the range 1–199 */
323static bool battery_discharge_rate_is_valid(int battery_discharge_rate) {321static bool battery_discharge_rate_is_valid(int battery_discharge_rate) {
324 return battery_discharge_rate > 0 && battery_discharge_rate < 200;322 return battery_discharge_rate > 0 && battery_discharge_rate < 200;
325}323}
@@ -470,7 +468,7 @@ int estimate_battery_discharge_rate_per_hour(
470 return 0;468 return 0;
471}469}
472470
473/* calculate the suspend interval for each battery and then return the sum of it */471/* Calculate the suspend interval for each battery and then return their sum */
474int get_total_suspend_interval(Hashmap *last_capacity, usec_t *ret) {472int get_total_suspend_interval(Hashmap *last_capacity, usec_t *ret) {
475 _cleanup_(sd_device_enumerator_unrefp) sd_device_enumerator *e = NULL;473 _cleanup_(sd_device_enumerator_unrefp) sd_device_enumerator *e = NULL;
476 usec_t total_suspend_interval = 0;474 usec_t total_suspend_interval = 0;
@@ -495,7 +493,7 @@ int get_total_suspend_interval(Hashmap *last_capacity, usec_t *ret) {
495 continue;493 continue;
496 }494 }
497495
498 battery_last_capacity = PTR_TO_CAPACITY(hashmap_get(last_capacity, battery_name));496 battery_last_capacity = get_capacity_by_name(last_capacity, battery_name);
499 if (battery_last_capacity <= 0)497 if (battery_last_capacity <= 0)
500 continue;498 continue;
501499
@@ -516,8 +514,8 @@ int get_total_suspend_interval(Hashmap *last_capacity, usec_t *ret) {
516514
517 total_suspend_interval = usec_add(total_suspend_interval, suspend_interval);515 total_suspend_interval = usec_add(total_suspend_interval, suspend_interval);
518 }516 }
519 /* The previous discharge rate is stored in per hour basis so converted to minutes.517 /* Previous discharge rate is stored in per hour basis converted to usec.
520 * Subtracted 30 minutes from the result to keep a buffer of 30 minutes before battery gets critical */518 * Subtract 30 minutes from the result to keep a buffer of 30 minutes before battery gets critical */
521 total_suspend_interval = usec_sub_unsigned(total_suspend_interval, 30 * USEC_PER_MINUTE);519 total_suspend_interval = usec_sub_unsigned(total_suspend_interval, 30 * USEC_PER_MINUTE);
522 if (total_suspend_interval == 0)520 if (total_suspend_interval == 0)
523 return -ENOENT;521 return -ENOENT;
diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c
index 30ba5d2..84fd5d3 100644
--- a/src/sleep/sleep.c
+++ b/src/sleep/sleep.c
@@ -267,12 +267,12 @@ static int execute(
267}267}
268268
269static int custom_timer_suspend(const SleepConfig *sleep_config) {269static int custom_timer_suspend(const SleepConfig *sleep_config) {
270 _cleanup_hashmap_free_ Hashmap *last_capacity = NULL, *current_capacity = NULL;
271 int r;270 int r;
272271
273 assert(sleep_config);272 assert(sleep_config);
274273
275 while (battery_is_low() == 0) {274 while (battery_is_low() == 0) {
275 _cleanup_hashmap_free_ Hashmap *last_capacity = NULL, *current_capacity = NULL;
276 _cleanup_close_ int tfd = -1;276 _cleanup_close_ int tfd = -1;
277 struct itimerspec ts = {};277 struct itimerspec ts = {};
278 usec_t suspend_interval = sleep_config->hibernate_delay_sec, before_timestamp = 0, after_timestamp = 0, total_suspend_interval;278 usec_t suspend_interval = sleep_config->hibernate_delay_sec, before_timestamp = 0, after_timestamp = 0, total_suspend_interval;
@@ -327,7 +327,8 @@ static int custom_timer_suspend(const SleepConfig *sleep_config) {
327 }327 }
328328
329 after_timestamp = now(CLOCK_BOOTTIME);329 after_timestamp = now(CLOCK_BOOTTIME);
330 log_debug("Attempting to estimate battery discharge rate after wakeup from %s sleep", FORMAT_TIMESPAN(after_timestamp - before_timestamp, USEC_PER_HOUR));330 log_debug("Attempting to estimate battery discharge rate after wakeup from %s sleep",
331 FORMAT_TIMESPAN(after_timestamp - before_timestamp, USEC_PER_HOUR));
331332
332 if (after_timestamp != before_timestamp) {333 if (after_timestamp != before_timestamp) {
333 r = estimate_battery_discharge_rate_per_hour(last_capacity, current_capacity, before_timestamp, after_timestamp);334 r = estimate_battery_discharge_rate_per_hour(last_capacity, current_capacity, before_timestamp, after_timestamp);
@@ -366,6 +367,9 @@ static int freeze_thaw_user_slice(const char **method) {
366 if (r < 0)367 if (r < 0)
367 return log_debug_errno(r, "Failed to open connection to systemd: %m");368 return log_debug_errno(r, "Failed to open connection to systemd: %m");
368369
370 /* Wait for 1.5 seconds at maximum for freeze operation */
371 (void) sd_bus_set_method_call_timeout(bus, 1500 * USEC_PER_MSEC);
372
369 r = bus_call_method(bus, bus_systemd_mgr, *method, &error, NULL, "s", SPECIAL_USER_SLICE);373 r = bus_call_method(bus, bus_systemd_mgr, *method, &error, NULL, "s", SPECIAL_USER_SLICE);
370 if (r < 0)374 if (r < 0)
371 return log_debug_errno(r, "Failed to execute operation: %s", bus_error_message(&error, r));375 return log_debug_errno(r, "Failed to execute operation: %s", bus_error_message(&error, r));
diff --git a/src/test/test-execute.c b/src/test/test-execute.c
index 0283cae..ce3489d 100644
--- a/src/test/test-execute.c
+++ b/src/test/test-execute.c
@@ -1228,6 +1228,9 @@ int main(int argc, char *argv[]) {
1228 if (r == -ENOMEDIUM)1228 if (r == -ENOMEDIUM)
1229 return log_tests_skipped("cgroupfs not available");1229 return log_tests_skipped("cgroupfs not available");
12301230
1231 if (path_is_read_only_fs("/sys") > 0)
1232 return log_tests_skipped("/sys is mounted read-only");
1233
1231 _cleanup_free_ char *unit_dir = NULL, *unit_paths = NULL;1234 _cleanup_free_ char *unit_dir = NULL, *unit_paths = NULL;
1232 assert_se(get_testdata_dir("test-execute/", &unit_dir) >= 0);1235 assert_se(get_testdata_dir("test-execute/", &unit_dir) >= 0);
1233 assert_se(runtime_dir = setup_fake_runtime_dir());1236 assert_se(runtime_dir = setup_fake_runtime_dir());
diff --git a/src/test/test-unit-name.c b/src/test/test-unit-name.c
index 43fdb15..eec4831 100644
--- a/src/test/test-unit-name.c
+++ b/src/test/test-unit-name.c
@@ -241,11 +241,13 @@ TEST_RET(unit_printf, .sd_booted = true) {
241 *user, *group, *uid, *gid, *home, *shell,241 *user, *group, *uid, *gid, *home, *shell,
242 *tmp_dir, *var_tmp_dir;242 *tmp_dir, *var_tmp_dir;
243 _cleanup_(manager_freep) Manager *m = NULL;243 _cleanup_(manager_freep) Manager *m = NULL;
244 _cleanup_close_ int fd = -EBADF;
244 Unit *u;245 Unit *u;
245 int r;246 int r;
246247
247 _cleanup_(unlink_tempfilep) char filename[] = "/tmp/test-unit_printf.XXXXXX";248 _cleanup_(unlink_tempfilep) char filename[] = "/tmp/test-unit_printf.XXXXXX";
248 assert_se(mkostemp_safe(filename) >= 0);249 fd = mkostemp_safe(filename);
250 assert_se(fd >= 0);
249251
250 /* Using the specifier functions is admittedly a bit circular, but we don't want to reimplement the252 /* Using the specifier functions is admittedly a bit circular, but we don't want to reimplement the
251 * logic a second time. We're at least testing that the hookup works. */253 * logic a second time. We're at least testing that the hookup works. */
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index 18bb757..3501ccf 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -2849,8 +2849,11 @@ static void item_free_contents(Item *i) {
2849 strv_free(i->xattrs);2849 strv_free(i->xattrs);
28502850
2851#if HAVE_ACL2851#if HAVE_ACL
2852 acl_free(i->acl_access);2852 if (i->acl_access)
2853 acl_free(i->acl_default);2853 acl_free(i->acl_access);
2854
2855 if (i->acl_default)
2856 acl_free(i->acl_default);
2854#endif2857#endif
2855}2858}
28562859
diff --git a/test/TEST-55-OOMD/test.sh b/test/TEST-55-OOMD/test.sh
index 4dc4142..4032896 100755
--- a/test/TEST-55-OOMD/test.sh
+++ b/test/TEST-55-OOMD/test.sh
@@ -17,6 +17,12 @@ test_append_files() {
17 cat >>"${initdir:?}/etc/fstab" <<EOF17 cat >>"${initdir:?}/etc/fstab" <<EOF
18UUID=$(blkid -o value -s UUID "${LOOPDEV}p2") none swap defaults 0 018UUID=$(blkid -o value -s UUID "${LOOPDEV}p2") none swap defaults 0 0
19EOF19EOF
20
21 mkdir -p "${initdir:?}/etc/systemd/system/init.scope.d/"
22 cat >>"${initdir:?}/etc/systemd/system/init.scope.d/test-55-oomd.conf" <<EOF
23[Scope]
24MemoryHigh=10G
25EOF
20 )26 )
21}27}
2228
diff --git a/test/fuzz/fuzz-unit-file/directives.scope b/test/fuzz/fuzz-unit-file/directives.scope
index 4552d0b..2285587 100644
--- a/test/fuzz/fuzz-unit-file/directives.scope
+++ b/test/fuzz/fuzz-unit-file/directives.scope
@@ -47,6 +47,7 @@ MemoryMax=
47MemoryMin=47MemoryMin=
48MemorySwapMax=48MemorySwapMax=
49NetClass=49NetClass=
50OOMPolicy=
50RestartKillSignal=51RestartKillSignal=
51RestrictNetworkInterfaces=52RestrictNetworkInterfaces=
52RuntimeMaxSec=53RuntimeMaxSec=
diff --git a/test/test-functions b/test/test-functions
index 5613215..ae0a993 100644
--- a/test/test-functions
+++ b/test/test-functions
@@ -158,6 +158,7 @@ BASICTOOLS=(
158 cat158 cat
159 chmod159 chmod
160 chown160 chown
161 chroot
161 cmp162 cmp
162 cryptsetup163 cryptsetup
163 cut164 cut
@@ -1908,6 +1909,21 @@ install_dbus() {
1908 </policy>1909 </policy>
1909</busconfig>1910</busconfig>
1910EOF1911EOF
1912
1913 # If we run without KVM, bump the service start timeout
1914 if ! get_bool "$QEMU_KVM"; then
1915 cat >"$initdir/etc/dbus-1/system.d/service.timeout.conf" <<EOF
1916<?xml version="1.0"?>
1917<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
1918 "https://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
1919<busconfig>
1920 <limit name="service_start_timeout">60000</limit>
1921</busconfig>
1922EOF
1923 # Bump the client-side timeout in sd-bus as well
1924 mkdir -p "$initdir/etc/systemd/system.conf.d"
1925 echo -e '[Manager]\nDefaultEnvironment=SYSTEMD_BUS_TIMEOUT=60' >"$initdir/etc/systemd/system.conf.d/bus-timeout.conf"
1926 fi
1911}1927}
19121928
1913install_user_dbus() {1929install_user_dbus() {
diff --git a/test/test-network/conf/23-bond199.network b/test/test-network/conf/23-bond199.network
index 6a1f9a1..9f4879f 100644
--- a/test/test-network/conf/23-bond199.network
+++ b/test/test-network/conf/23-bond199.network
@@ -4,6 +4,3 @@ Name=bond199
44
5[Network]5[Network]
6IPv6AcceptRA=no6IPv6AcceptRA=no
7
8[Link]
9MACAddress=00:11:22:33:44:55
diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py
index 693ddfa..5a731f5 100755
--- a/test/test-network/systemd-networkd-tests.py
+++ b/test/test-network/systemd-networkd-tests.py
@@ -1063,6 +1063,10 @@ class NetworkctlTests(unittest.TestCase, Utilities):
1063 self.assertRegex(output, r'Link File: (/usr)?/lib/systemd/network/99-default.link')1063 self.assertRegex(output, r'Link File: (/usr)?/lib/systemd/network/99-default.link')
1064 self.assertRegex(output, r'Network File: /run/systemd/network/11-dummy.network')1064 self.assertRegex(output, r'Network File: /run/systemd/network/11-dummy.network')
10651065
1066 # This test may be run on the system that has older udevd than 70f32a260b5ebb68c19ecadf5d69b3844896ba55 (v249).
1067 # In that case, the udev DB for the loopback network interface may already have ID_NET_LINK_FILE property.
1068 # Let's reprocess the interface and drop the property.
1069 check_output(*udevadm_cmd, 'trigger', '--settle', '--action=add', '/sys/class/net/lo')
1066 output = check_output(*networkctl_cmd, '-n', '0', 'status', 'lo', env=env)1070 output = check_output(*networkctl_cmd, '-n', '0', 'status', 'lo', env=env)
1067 print(output)1071 print(output)
1068 self.assertRegex(output, r'Link File: n/a')1072 self.assertRegex(output, r'Link File: n/a')
@@ -3799,7 +3803,7 @@ class NetworkdBondTests(unittest.TestCase, Utilities):
37993803
3800 output = check_output('ip -d link show bond199')3804 output = check_output('ip -d link show bond199')
3801 print(output)3805 print(output)
3802 self.assertRegex(output, 'active_slave dummy98')3806 self.assertIn('active_slave dummy98', output)
38033807
3804 def test_bond_primary_slave(self):3808 def test_bond_primary_slave(self):
3805 copy_network_unit('23-primary-slave.network', '23-bond199.network', '25-bond-active-backup-slave.netdev', '12-dummy.netdev')3809 copy_network_unit('23-primary-slave.network', '23-bond199.network', '25-bond-active-backup-slave.netdev', '12-dummy.netdev')
@@ -3808,8 +3812,20 @@ class NetworkdBondTests(unittest.TestCase, Utilities):
38083812
3809 output = check_output('ip -d link show bond199')3813 output = check_output('ip -d link show bond199')
3810 print(output)3814 print(output)
3811 self.assertRegex(output, 'primary dummy98')3815 self.assertIn('primary dummy98', output)
3812 self.assertIn('link/ether 00:11:22:33:44:55', output)3816
3817 # for issue #25627
3818 mkdir_p(os.path.join(network_unit_dir, '23-bond199.network.d'))
3819 for mac in ['00:11:22:33:44:55', '00:11:22:33:44:56']:
3820 with open(os.path.join(network_unit_dir, '23-bond199.network.d/mac.conf'), mode='w', encoding='utf-8') as f:
3821 f.write(f'[Link]\nMACAddress={mac}\n')
3822
3823 networkctl_reload()
3824 self.wait_online(['dummy98:enslaved', 'bond199:degraded'])
3825
3826 output = check_output('ip -d link show bond199')
3827 print(output)
3828 self.assertIn(f'link/ether {mac}', output)
38133829
3814 def test_bond_operstate(self):3830 def test_bond_operstate(self):
3815 copy_network_unit('25-bond.netdev', '11-dummy.netdev', '12-dummy.netdev',3831 copy_network_unit('25-bond.netdev', '11-dummy.netdev', '12-dummy.netdev',
diff --git a/test/test-shutdown.py b/test/test-shutdown.py
index e181f97..13e18ec 100755
--- a/test/test-shutdown.py
+++ b/test/test-shutdown.py
@@ -17,7 +17,7 @@ def run(args):
17 logger.info("spawning test")17 logger.info("spawning test")
18 console = pexpect.spawn(args.command, args.arg, env={18 console = pexpect.spawn(args.command, args.arg, env={
19 "TERM": "linux",19 "TERM": "linux",
20 }, encoding='utf-8', timeout=30)20 }, encoding='utf-8', timeout=60)
2121
22 if args.verbose:22 if args.verbose:
23 console.logfile = sys.stdout23 console.logfile = sys.stdout
diff --git a/test/units/testsuite-26.sh b/test/units/testsuite-26.sh
index a8e7a5a..37ae606 100755
--- a/test/units/testsuite-26.sh
+++ b/test/units/testsuite-26.sh
@@ -294,7 +294,7 @@ systemctl unset-environment IMPORT_THIS IMPORT_THIS_TOO
294294
295# test for sysv-generator (issue #24990)295# test for sysv-generator (issue #24990)
296if [[ -x /usr/lib/systemd/system-generators/systemd-sysv-generator ]]; then296if [[ -x /usr/lib/systemd/system-generators/systemd-sysv-generator ]]; then
297297 mkdir -p /etc/init.d
298 # invalid dependency298 # invalid dependency
299 cat >/etc/init.d/issue-24990 <<\EOF299 cat >/etc/init.d/issue-24990 <<\EOF
300#!/bin/bash300#!/bin/bash
diff --git a/test/units/testsuite-55.sh b/test/units/testsuite-55.sh
index 8fa1d01..0887eac 100755
--- a/test/units/testsuite-55.sh
+++ b/test/units/testsuite-55.sh
@@ -5,6 +5,9 @@ set -o pipefail
55
6systemd-analyze log-level debug6systemd-analyze log-level debug
77
8# Ensure that the init.scope.d drop-in is applied on boot
9test "$(cat /sys/fs/cgroup/init.scope/memory.high)" != "max"
10
8# Loose checks to ensure the environment has the necessary features for systemd-oomd11# Loose checks to ensure the environment has the necessary features for systemd-oomd
9[[ -e /proc/pressure ]] || echo "no PSI" >>/skipped12[[ -e /proc/pressure ]] || echo "no PSI" >>/skipped
10cgroup_type="$(stat -fc %T /sys/fs/cgroup/)"13cgroup_type="$(stat -fc %T /sys/fs/cgroup/)"
diff --git a/test/units/testsuite-64.sh b/test/units/testsuite-64.sh
index 7673036..c4406f3 100755
--- a/test/units/testsuite-64.sh
+++ b/test/units/testsuite-64.sh
@@ -192,7 +192,7 @@ testcase_nvme_subsystem() {
192testcase_virtio_scsi_identically_named_partitions() {192testcase_virtio_scsi_identically_named_partitions() {
193 local num193 local num
194194
195 if [[ -n "${ASAN_OPTIONS:-}" ]] || [[ "$(systemd-detect-virt -v)" == "qemu" ]]; then195 if [[ -v ASAN_OPTIONS || "$(systemd-detect-virt -v)" == "qemu" ]]; then
196 num=$((4 * 4))196 num=$((4 * 4))
197 else197 else
198 num=$((16 * 8))198 num=$((16 * 8))
@@ -243,6 +243,7 @@ EOF
243 echo "${FUNCNAME[0]}: test failover"243 echo "${FUNCNAME[0]}: test failover"
244 local device expected link mpoint part244 local device expected link mpoint part
245 local -a devices245 local -a devices
246 mkdir -p /mnt
246 mpoint="$(mktemp -d /mnt/mpathXXX)"247 mpoint="$(mktemp -d /mnt/mpathXXX)"
247 wwid="deaddeadbeef0000"248 wwid="deaddeadbeef0000"
248 path="/dev/disk/by-id/wwn-0x$wwid"249 path="/dev/disk/by-id/wwn-0x$wwid"
@@ -305,7 +306,7 @@ testcase_simultaneous_events() {
305 local -a devices symlinks306 local -a devices symlinks
306 local -A running307 local -A running
307308
308 if [[ -n "${ASAN_OPTIONS:-}" ]] || [[ "$(systemd-detect-virt -v)" == "qemu" ]]; then309 if [[ -v ASAN_OPTIONS || "$(systemd-detect-virt -v)" == "qemu" ]]; then
309 num_part=2310 num_part=2
310 iterations=10311 iterations=10
311 timeout=240312 timeout=240
@@ -400,7 +401,7 @@ testcase_lvm_basic() {
400 /dev/disk/by-id/ata-foobar_deadbeeflvm{0..3}401 /dev/disk/by-id/ata-foobar_deadbeeflvm{0..3}
401 )402 )
402403
403 if [[ -n "${ASAN_OPTIONS:-}" ]] || [[ "$(systemd-detect-virt -v)" == "qemu" ]]; then404 if [[ -v ASAN_OPTIONS || "$(systemd-detect-virt -v)" == "qemu" ]]; then
404 timeout=180405 timeout=180
405 else406 else
406 timeout=30407 timeout=30
@@ -453,7 +454,7 @@ testcase_lvm_basic() {
453 helper_check_device_units454 helper_check_device_units
454455
455 # Same as above, but now with more "stress"456 # Same as above, but now with more "stress"
456 if [[ -n "${ASAN_OPTIONS:-}" ]] || [[ "$(systemd-detect-virt -v)" == "qemu" ]]; then457 if [[ -v ASAN_OPTIONS || "$(systemd-detect-virt -v)" == "qemu" ]]; then
457 iterations=10458 iterations=10
458 else459 else
459 iterations=50460 iterations=50
@@ -478,7 +479,7 @@ testcase_lvm_basic() {
478 helper_check_device_units479 helper_check_device_units
479480
480 # Create & remove LVs in a loop, i.e. with more "stress"481 # Create & remove LVs in a loop, i.e. with more "stress"
481 if [[ -n "${ASAN_OPTIONS:-}" ]]; then482 if [[ -v ASAN_OPTIONS ]]; then
482 iterations=8483 iterations=8
483 partitions=16484 partitions=16
484 elif [[ "$(systemd-detect-virt -v)" == "qemu" ]]; then485 elif [[ "$(systemd-detect-virt -v)" == "qemu" ]]; then
diff --git a/test/units/testsuite-65.sh b/test/units/testsuite-65.sh
index 1f34308..ebe1f57 100755
--- a/test/units/testsuite-65.sh
+++ b/test/units/testsuite-65.sh
@@ -139,6 +139,16 @@ systemd-analyze cat-config systemd/system.conf systemd/journald.conf >/dev/null
139systemd-analyze cat-config systemd/system.conf foo/bar systemd/journald.conf >/dev/null139systemd-analyze cat-config systemd/system.conf foo/bar systemd/journald.conf >/dev/null
140systemd-analyze cat-config foo/bar140systemd-analyze cat-config foo/bar
141141
142if [[ ! -v ASAN_OPTIONS ]]; then
143 # check that systemd-analyze cat-config paths work in a chroot
144 mkdir -p /tmp/root
145 mount --bind / /tmp/root
146 systemd-analyze cat-config systemd/system-preset >/tmp/out1
147 chroot /tmp/root systemd-analyze cat-config systemd/system-preset >/tmp/out2
148 diff /tmp/out{1,2}
149fi
150
151# verify
142mkdir -p /tmp/img/usr/lib/systemd/system/152mkdir -p /tmp/img/usr/lib/systemd/system/
143mkdir -p /tmp/img/opt/153mkdir -p /tmp/img/opt/
144154
diff --git a/test/units/testsuite-73.sh b/test/units/testsuite-73.sh
index f9e2dce..4eae0f6 100755
--- a/test/units/testsuite-73.sh
+++ b/test/units/testsuite-73.sh
@@ -92,6 +92,19 @@ test_locale() {
92 return92 return
93 fi93 fi
9494
95 # start with a known default environment and make sure to also give a
96 # default value to LC_CTYPE= since we're about to also set/unset it. We
97 # also reload PID1 configuration to make sure that PID1 environment itself
98 # is updated as it's not always been the case.
99 assert_rc 0 localectl set-locale "LANG=en_US.UTF-8" "LC_CTYPE=C"
The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches