From da2bf9e4d033db98743f33c925f39a0686c6628a Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Feb 11 2022 14:18:22 +0000 Subject: import systemd-239-58.el8 --- diff --git a/.systemd.metadata b/.systemd.metadata index 8ab9fd3..a883c33 100644 --- a/.systemd.metadata +++ b/.systemd.metadata @@ -1 +1 @@ -249634e3d6b3532f15465719f0437ce04c3eb377 SOURCES/systemd-239.tar.gz +8803baa484cbe36680463c8c5e6febeff074b8e7 SOURCES/systemd-239.tar.gz diff --git a/SOURCES/0702-udev-net_id-introduce-naming-scheme-for-RHEL-8.5.patch b/SOURCES/0702-udev-net_id-introduce-naming-scheme-for-RHEL-8.5.patch new file mode 100644 index 0000000..822fafc --- /dev/null +++ b/SOURCES/0702-udev-net_id-introduce-naming-scheme-for-RHEL-8.5.patch @@ -0,0 +1,50 @@ +From d45e0cc7a64648dc3ad082b512ff488537d3ebef Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Wed, 12 Jan 2022 15:35:19 +0100 +Subject: [PATCH] udev/net_id: introduce naming scheme for RHEL-8.5 + +RHEL-only + +Related: #2039797 +--- + man/systemd.net-naming-scheme.xml | 6 ++++++ + src/udev/udev-builtin-net_id.c | 2 ++ + 2 files changed, 8 insertions(+) + +diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml +index 10e71dcb15..be969bc8d0 100644 +--- a/man/systemd.net-naming-scheme.xml ++++ b/man/systemd.net-naming-scheme.xml +@@ -301,6 +301,12 @@ + avoid possible naming conflict. + + ++ ++ rhel-8.5 ++ ++ Same as naming scheme rhel-8.4. ++ ++ + Note that latest may be used to denote the latest scheme known (to this + particular version of systemd. + +diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c +index 7c153f0aef..81139e666b 100644 +--- a/src/udev/udev-builtin-net_id.c ++++ b/src/udev/udev-builtin-net_id.c +@@ -134,6 +134,7 @@ typedef enum NamingSchemeFlags { + NAMING_RHEL_8_2 = NAMING_V239, + NAMING_RHEL_8_3 = NAMING_V239, + NAMING_RHEL_8_4 = NAMING_V239|NAMING_BRIDGE_NO_SLOT, ++ NAMING_RHEL_8_5 = NAMING_RHEL_8_4, + + _NAMING_SCHEME_FLAGS_INVALID = -1, + } NamingSchemeFlags; +@@ -151,6 +152,7 @@ static const NamingScheme naming_schemes[] = { + { "rhel-8.2", NAMING_RHEL_8_2 }, + { "rhel-8.3", NAMING_RHEL_8_3 }, + { "rhel-8.4", NAMING_RHEL_8_4 }, ++ { "rhel-8.5", NAMING_RHEL_8_5 }, + /* … add more schemes here, as the logic to name devices is updated … */ + }; + diff --git a/SOURCES/0703-udev-net_id-remove-extraneous-bracket.patch b/SOURCES/0703-udev-net_id-remove-extraneous-bracket.patch new file mode 100644 index 0000000..6c3efb8 --- /dev/null +++ b/SOURCES/0703-udev-net_id-remove-extraneous-bracket.patch @@ -0,0 +1,25 @@ +From a967622c58e1ae76bb7e22e83389295c77d560df Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Wed, 12 Jan 2022 15:35:54 +0100 +Subject: [PATCH] udev/net_id: remove extraneous bracket + +RHEL-only + +Related: #2039797 +--- + man/systemd.net-naming-scheme.xml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml +index be969bc8d0..a65da5c6c1 100644 +--- a/man/systemd.net-naming-scheme.xml ++++ b/man/systemd.net-naming-scheme.xml +@@ -307,7 +307,7 @@ + Same as naming scheme rhel-8.4. + + +- Note that latest may be used to denote the latest scheme known (to this ++ Note that latest may be used to denote the latest scheme known to this + particular version of systemd. + + diff --git a/SOURCES/0704-udev-net_id-introduce-naming-scheme-for-RHEL-8.6.patch b/SOURCES/0704-udev-net_id-introduce-naming-scheme-for-RHEL-8.6.patch new file mode 100644 index 0000000..a5f712f --- /dev/null +++ b/SOURCES/0704-udev-net_id-introduce-naming-scheme-for-RHEL-8.6.patch @@ -0,0 +1,50 @@ +From 7ee6542c64103205d6520c1165894b3b6a40f2c9 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Wed, 12 Jan 2022 15:38:38 +0100 +Subject: [PATCH] udev/net_id: introduce naming scheme for RHEL-8.6 + +RHEL-only + +Related: #2039797 +--- + man/systemd.net-naming-scheme.xml | 6 ++++++ + src/udev/udev-builtin-net_id.c | 2 ++ + 2 files changed, 8 insertions(+) + +diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml +index a65da5c6c1..fe1aa4b654 100644 +--- a/man/systemd.net-naming-scheme.xml ++++ b/man/systemd.net-naming-scheme.xml +@@ -307,6 +307,12 @@ + Same as naming scheme rhel-8.4. + + ++ ++ rhel-8.6 ++ ++ Same as naming scheme rhel-8.4. ++ ++ + Note that latest may be used to denote the latest scheme known to this + particular version of systemd. + +diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c +index 81139e666b..eafcbb64c5 100644 +--- a/src/udev/udev-builtin-net_id.c ++++ b/src/udev/udev-builtin-net_id.c +@@ -135,6 +135,7 @@ typedef enum NamingSchemeFlags { + NAMING_RHEL_8_3 = NAMING_V239, + NAMING_RHEL_8_4 = NAMING_V239|NAMING_BRIDGE_NO_SLOT, + NAMING_RHEL_8_5 = NAMING_RHEL_8_4, ++ NAMING_RHEL_8_6 = NAMING_RHEL_8_4, + + _NAMING_SCHEME_FLAGS_INVALID = -1, + } NamingSchemeFlags; +@@ -153,6 +154,7 @@ static const NamingScheme naming_schemes[] = { + { "rhel-8.3", NAMING_RHEL_8_3 }, + { "rhel-8.4", NAMING_RHEL_8_4 }, + { "rhel-8.5", NAMING_RHEL_8_5 }, ++ { "rhel-8.6", NAMING_RHEL_8_6 }, + /* … add more schemes here, as the logic to name devices is updated … */ + }; + diff --git a/SOURCES/0705-define-newly-needed-constants.patch b/SOURCES/0705-define-newly-needed-constants.patch new file mode 100644 index 0000000..9281b84 --- /dev/null +++ b/SOURCES/0705-define-newly-needed-constants.patch @@ -0,0 +1,60 @@ +From 08c1e6e304108e8bc8beca126f50888be7575bd0 Mon Sep 17 00:00:00 2001 +From: David Tardon +Date: Thu, 26 Nov 2020 16:29:10 +0100 +Subject: [PATCH] define newly needed constants + +Related: #2005008 +--- + src/basic/missing.h | 23 +++++++++++++++++++++-- + 1 file changed, 21 insertions(+), 2 deletions(-) + +diff --git a/src/basic/missing.h b/src/basic/missing.h +index 14ad3d4914..b9376617fc 100644 +--- a/src/basic/missing.h ++++ b/src/basic/missing.h +@@ -747,10 +747,13 @@ struct input_mask { + #define IFLA_NUM_RX_QUEUES 32 + #define IFLA_CARRIER 33 + #define IFLA_PHYS_PORT_ID 34 +-#define __IFLA_MAX 35 ++#endif ++ ++#define IFLA_PROP_LIST 52 ++#define IFLA_ALT_IFNAME 53 ++#define __IFLA_MAX 53 + + #define IFLA_MAX (__IFLA_MAX - 1) +-#endif + + #if !HAVE_IFLA_BOND_AD_INFO + #define IFLA_BOND_UNSPEC 0 +@@ -1045,6 +1048,18 @@ struct input_mask { + #define RTA_EXPIRES 23 + #endif + ++#ifndef RTM_NEWLINKPROP ++#define RTM_NEWLINKPROP 108 ++#endif ++ ++#ifndef RTM_DELLINKPROP ++#define RTM_DELLINKPROP 109 ++#endif ++ ++#ifndef RTM_GETLINKPROP ++#define RTM_GETLINKPROP 110 ++#endif ++ + #ifndef IPV6_UNICAST_IF + #define IPV6_UNICAST_IF 76 + #endif +@@ -1057,6 +1072,10 @@ struct input_mask { + #define IPV4_MIN_MTU 68 + #endif + ++#ifndef ALTIFNAMSIZ ++#define ALTIFNAMSIZ 128 ++#endif ++ + #ifndef IFF_MULTI_QUEUE + #define IFF_MULTI_QUEUE 0x100 + #endif diff --git a/SOURCES/0706-sd-netlink-support-IFLA_PROP_LIST-and-IFLA_ALT_IFNAM.patch b/SOURCES/0706-sd-netlink-support-IFLA_PROP_LIST-and-IFLA_ALT_IFNAM.patch new file mode 100644 index 0000000..6b0e46b --- /dev/null +++ b/SOURCES/0706-sd-netlink-support-IFLA_PROP_LIST-and-IFLA_ALT_IFNAM.patch @@ -0,0 +1,95 @@ +From 32e39fd249737c77248c32d064021426a2ec7a52 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 15 Dec 2019 20:57:51 +0900 +Subject: [PATCH] sd-netlink: support IFLA_PROP_LIST and IFLA_ALT_IFNAME + attributes + +(cherry picked from commit ffeb16f5d832b1c65b8c8a1dd9bdd028bd76fc72) + +Related: #2005008 +--- + src/libsystemd/sd-netlink/netlink-message.c | 2 +- + src/libsystemd/sd-netlink/netlink-types.c | 13 +++++++++++++ + src/libsystemd/sd-netlink/netlink-util.h | 4 +++- + src/libsystemd/sd-netlink/rtnl-message.c | 2 ++ + 4 files changed, 19 insertions(+), 2 deletions(-) + +diff --git a/src/libsystemd/sd-netlink/netlink-message.c b/src/libsystemd/sd-netlink/netlink-message.c +index 23907c8224..db9101c163 100644 +--- a/src/libsystemd/sd-netlink/netlink-message.c ++++ b/src/libsystemd/sd-netlink/netlink-message.c +@@ -89,7 +89,7 @@ int sd_netlink_message_request_dump(sd_netlink_message *m, int dump) { + assert_return(m, -EINVAL); + assert_return(m->hdr, -EINVAL); + +- assert_return(IN_SET(m->hdr->nlmsg_type, RTM_GETLINK, RTM_GETADDR, RTM_GETROUTE, RTM_GETNEIGH, RTM_GETRULE, RTM_GETADDRLABEL), -EINVAL); ++ assert_return(IN_SET(m->hdr->nlmsg_type, RTM_GETLINK, RTM_GETLINKPROP, RTM_GETADDR, RTM_GETROUTE, RTM_GETNEIGH, RTM_GETRULE, RTM_GETADDRLABEL), -EINVAL); + + SET_FLAG(m->hdr->nlmsg_flags, NLM_F_DUMP, dump); + +diff --git a/src/libsystemd/sd-netlink/netlink-types.c b/src/libsystemd/sd-netlink/netlink-types.c +index c93fe9cb4c..47d9c7f1c4 100644 +--- a/src/libsystemd/sd-netlink/netlink-types.c ++++ b/src/libsystemd/sd-netlink/netlink-types.c +@@ -451,6 +451,15 @@ static const NLTypeSystem rtnl_af_spec_type_system = { + .types = rtnl_af_spec_types, + }; + ++static const NLType rtnl_prop_list_types[] = { ++ [IFLA_ALT_IFNAME] = { .type = NETLINK_TYPE_STRING, .size = ALTIFNAMSIZ - 1 }, ++}; ++ ++static const NLTypeSystem rtnl_prop_list_type_system = { ++ .count = ELEMENTSOF(rtnl_prop_list_types), ++ .types = rtnl_prop_list_types, ++}; ++ + static const NLType rtnl_link_types[] = { + [IFLA_ADDRESS] = { .type = NETLINK_TYPE_ETHER_ADDR }, + [IFLA_BROADCAST] = { .type = NETLINK_TYPE_ETHER_ADDR }, +@@ -501,6 +510,7 @@ static const NLType rtnl_link_types[] = { + /* + [IFLA_PHYS_PORT_ID] = { .type = NETLINK_TYPE_BINARY, .len = MAX_PHYS_PORT_ID_LEN }, + */ ++ [IFLA_PROP_LIST] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_prop_list_type_system }, + }; + + static const NLTypeSystem rtnl_link_type_system = { +@@ -643,6 +653,9 @@ static const NLType rtnl_types[] = { + [RTM_DELLINK] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, + [RTM_GETLINK] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, + [RTM_SETLINK] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, ++ [RTM_NEWLINKPROP] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, ++ [RTM_DELLINKPROP] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, ++ [RTM_GETLINKPROP] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_link_type_system, .size = sizeof(struct ifinfomsg) }, + [RTM_NEWADDR] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, + [RTM_DELADDR] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, + [RTM_GETADDR] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_address_type_system, .size = sizeof(struct ifaddrmsg) }, +diff --git a/src/libsystemd/sd-netlink/netlink-util.h b/src/libsystemd/sd-netlink/netlink-util.h +index 7c35a2cfa7..882a616310 100644 +--- a/src/libsystemd/sd-netlink/netlink-util.h ++++ b/src/libsystemd/sd-netlink/netlink-util.h +@@ -19,7 +19,9 @@ static inline bool rtnl_message_type_is_route(uint16_t type) { + } + + static inline bool rtnl_message_type_is_link(uint16_t type) { +- return IN_SET(type, RTM_NEWLINK, RTM_SETLINK, RTM_GETLINK, RTM_DELLINK); ++ return IN_SET(type, ++ RTM_NEWLINK, RTM_SETLINK, RTM_GETLINK, RTM_DELLINK, ++ RTM_NEWLINKPROP, RTM_DELLINKPROP, RTM_GETLINKPROP); + } + + static inline bool rtnl_message_type_is_addr(uint16_t type) { +diff --git a/src/libsystemd/sd-netlink/rtnl-message.c b/src/libsystemd/sd-netlink/rtnl-message.c +index 4416e1720c..369c402986 100644 +--- a/src/libsystemd/sd-netlink/rtnl-message.c ++++ b/src/libsystemd/sd-netlink/rtnl-message.c +@@ -449,6 +449,8 @@ int sd_rtnl_message_new_link(sd_netlink *rtnl, sd_netlink_message **ret, + + if (nlmsg_type == RTM_NEWLINK) + (*ret)->hdr->nlmsg_flags |= NLM_F_CREATE | NLM_F_EXCL; ++ else if (nlmsg_type == RTM_NEWLINK) ++ (*ret)->hdr->nlmsg_flags |= NLM_F_EXCL | NLM_F_CREATE | NLM_F_APPEND; + + ifi = NLMSG_DATA((*ret)->hdr); + diff --git a/SOURCES/0707-sd-netlink-introduce-sd_netlink_message_read_strv.patch b/SOURCES/0707-sd-netlink-introduce-sd_netlink_message_read_strv.patch new file mode 100644 index 0000000..ecf264c --- /dev/null +++ b/SOURCES/0707-sd-netlink-introduce-sd_netlink_message_read_strv.patch @@ -0,0 +1,106 @@ +From cd3b4c5345a3500f190941454fff03fc143c6f2e Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 15 Dec 2019 21:32:25 +0900 +Subject: [PATCH] sd-netlink: introduce sd_netlink_message_read_strv() + +The combination of sd_netlink_message_enter_container() and +sd_netlink_message_read_string() only reads the last element if the attribute is +duplicated, such a situation easily happens for IFLA_ALT_IFNAME. +The function introduced here reads all matched attributes. + +(cherry picked from commit 8f3c1859669230c2c8458675f41de13e369b47e7) + +Related: #2005008 +--- + src/libsystemd/sd-netlink/netlink-message.c | 58 +++++++++++++++++++++ + src/systemd/sd-netlink.h | 1 + + 2 files changed, 59 insertions(+) + +diff --git a/src/libsystemd/sd-netlink/netlink-message.c b/src/libsystemd/sd-netlink/netlink-message.c +index db9101c163..5723e1d21c 100644 +--- a/src/libsystemd/sd-netlink/netlink-message.c ++++ b/src/libsystemd/sd-netlink/netlink-message.c +@@ -14,6 +14,7 @@ + #include "netlink-util.h" + #include "refcnt.h" + #include "socket-util.h" ++#include "strv.h" + #include "util.h" + + #define GET_CONTAINER(m, i) ((i) < (m)->n_containers ? (struct rtattr*)((uint8_t*)(m)->hdr + (m)->containers[i].offset) : NULL) +@@ -754,6 +755,63 @@ int sd_netlink_message_read_in6_addr(sd_netlink_message *m, unsigned short type, + return 0; + } + ++int sd_netlink_message_read_strv(sd_netlink_message *m, unsigned short container_type, unsigned short type_id, char ***ret) { ++ _cleanup_strv_free_ char **s = NULL; ++ const NLTypeSystem *type_system; ++ const NLType *nl_type; ++ struct rtattr *rta; ++ void *container; ++ unsigned short rt_len; ++ int r; ++ ++ assert_return(m, -EINVAL); ++ assert_return(m->n_containers < RTNL_CONTAINER_DEPTH, -EINVAL); ++ ++ r = type_system_get_type(m->containers[m->n_containers].type_system, ++ &nl_type, ++ container_type); ++ if (r < 0) ++ return r; ++ ++ if (type_get_type(nl_type) != NETLINK_TYPE_NESTED) ++ return -EINVAL; ++ ++ r = type_system_get_type_system(m->containers[m->n_containers].type_system, ++ &type_system, ++ container_type); ++ if (r < 0) ++ return r; ++ ++ r = type_system_get_type(type_system, &nl_type, type_id); ++ if (r < 0) ++ return r; ++ ++ if (type_get_type(nl_type) != NETLINK_TYPE_STRING) ++ return -EINVAL; ++ ++ r = netlink_message_read_internal(m, container_type, &container, NULL); ++ if (r < 0) ++ return r; ++ ++ rt_len = (unsigned short) r; ++ rta = container; ++ ++ for (; RTA_OK(rta, rt_len); rta = RTA_NEXT(rta, rt_len)) { ++ unsigned short type; ++ ++ type = RTA_TYPE(rta); ++ if (type != type_id) ++ continue; ++ ++ r = strv_extend(&s, RTA_DATA(rta)); ++ if (r < 0) ++ return r; ++ } ++ ++ *ret = TAKE_PTR(s); ++ return 0; ++} ++ + static int netlink_container_parse(sd_netlink_message *m, + struct netlink_container *container, + int count, +diff --git a/src/systemd/sd-netlink.h b/src/systemd/sd-netlink.h +index 51f0fa16b4..1f5c093f11 100644 +--- a/src/systemd/sd-netlink.h ++++ b/src/systemd/sd-netlink.h +@@ -82,6 +82,7 @@ int sd_netlink_message_open_container_union(sd_netlink_message *m, unsigned shor + int sd_netlink_message_close_container(sd_netlink_message *m); + + int sd_netlink_message_read_string(sd_netlink_message *m, unsigned short type, const char **data); ++int sd_netlink_message_read_strv(sd_netlink_message *m, unsigned short container_type, unsigned short type_id, char ***ret); + int sd_netlink_message_read_u8(sd_netlink_message *m, unsigned short type, uint8_t *data); + int sd_netlink_message_read_u16(sd_netlink_message *m, unsigned short type, uint16_t *data); + int sd_netlink_message_read_u32(sd_netlink_message *m, unsigned short type, uint32_t *data); diff --git a/SOURCES/0708-sd-netlink-introduce-sd_netlink_message_append_strv.patch b/SOURCES/0708-sd-netlink-introduce-sd_netlink_message_append_strv.patch new file mode 100644 index 0000000..2f66c13 --- /dev/null +++ b/SOURCES/0708-sd-netlink-introduce-sd_netlink_message_append_strv.patch @@ -0,0 +1,65 @@ +From bbfebb42c9023e36fb66f0e3b0bad132ab2fba55 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 15 Dec 2019 21:47:21 +0900 +Subject: [PATCH] sd-netlink: introduce sd_netlink_message_append_strv() + +(cherry picked from commit 6d725977c4f98a8f5effc33f44aa646cc2b6a0b7) + +Related: #2005008 +--- + src/libsystemd/sd-netlink/netlink-message.c | 29 +++++++++++++++++++++ + src/systemd/sd-netlink.h | 1 + + 2 files changed, 30 insertions(+) + +diff --git a/src/libsystemd/sd-netlink/netlink-message.c b/src/libsystemd/sd-netlink/netlink-message.c +index 5723e1d21c..55d6510b63 100644 +--- a/src/libsystemd/sd-netlink/netlink-message.c ++++ b/src/libsystemd/sd-netlink/netlink-message.c +@@ -259,6 +259,35 @@ int sd_netlink_message_append_string(sd_netlink_message *m, unsigned short type, + return 0; + } + ++int sd_netlink_message_append_strv(sd_netlink_message *m, unsigned short type, char * const *data) { ++ size_t length, size; ++ char * const *p; ++ int r; ++ ++ assert_return(m, -EINVAL); ++ assert_return(!m->sealed, -EPERM); ++ assert_return(data, -EINVAL); ++ ++ r = message_attribute_has_type(m, &size, type, NETLINK_TYPE_STRING); ++ if (r < 0) ++ return r; ++ ++ STRV_FOREACH(p, data) { ++ if (size) { ++ length = strnlen(*p, size+1); ++ if (length > size) ++ return -EINVAL; ++ } else ++ length = strlen(*p); ++ ++ r = add_rtattr(m, type, *p, length + 1); ++ if (r < 0) ++ return r; ++ } ++ ++ return 0; ++} ++ + int sd_netlink_message_append_flag(sd_netlink_message *m, unsigned short type) { + size_t size; + int r; +diff --git a/src/systemd/sd-netlink.h b/src/systemd/sd-netlink.h +index 1f5c093f11..5a05cd4485 100644 +--- a/src/systemd/sd-netlink.h ++++ b/src/systemd/sd-netlink.h +@@ -67,6 +67,7 @@ int sd_netlink_attach_event(sd_netlink *nl, sd_event *e, int64_t priority); + int sd_netlink_detach_event(sd_netlink *nl); + + int sd_netlink_message_append_string(sd_netlink_message *m, unsigned short type, const char *data); ++int sd_netlink_message_append_strv(sd_netlink_message *m, unsigned short type, char * const *data); + int sd_netlink_message_append_flag(sd_netlink_message *m, unsigned short type); + int sd_netlink_message_append_u8(sd_netlink_message *m, unsigned short type, uint8_t data); + int sd_netlink_message_append_u16(sd_netlink_message *m, unsigned short type, uint16_t data); diff --git a/SOURCES/0709-test-add-a-test-for-sd_netlink_message_-append-read-.patch b/SOURCES/0709-test-add-a-test-for-sd_netlink_message_-append-read-.patch new file mode 100644 index 0000000..082a4e3 --- /dev/null +++ b/SOURCES/0709-test-add-a-test-for-sd_netlink_message_-append-read-.patch @@ -0,0 +1,71 @@ +From 58d0d77ddda4c02943d1f03e4c142aec9c4930f5 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 15 Dec 2019 21:48:12 +0900 +Subject: [PATCH] test: add a test for sd_netlink_message_{append,read}_strv() + +(cherry picked from commit d08d92d5ee508a80e35d6b95b962bd09527fb5f2) + +Related: #2005008 +--- + src/libsystemd/sd-netlink/test-netlink.c | 33 ++++++++++++++++++++++++ + 1 file changed, 33 insertions(+) + +diff --git a/src/libsystemd/sd-netlink/test-netlink.c b/src/libsystemd/sd-netlink/test-netlink.c +index 03773fb936..8ee6551385 100644 +--- a/src/libsystemd/sd-netlink/test-netlink.c ++++ b/src/libsystemd/sd-netlink/test-netlink.c +@@ -10,7 +10,9 @@ + #include "missing.h" + #include "netlink-util.h" + #include "socket-util.h" ++#include "stdio-util.h" + #include "string-util.h" ++#include "strv.h" + #include "util.h" + + static void test_message_link_bridge(sd_netlink *rtnl) { +@@ -357,6 +359,36 @@ static void test_message(sd_netlink *rtnl) { + assert_se(sd_netlink_message_get_errno(m) == -ETIMEDOUT); + } + ++static void test_strv(sd_netlink *rtnl) { ++ _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *m = NULL; ++ _cleanup_strv_free_ char **names_in = NULL, **names_out; ++ const char *p; ++ ++ assert_se(sd_rtnl_message_new_link(rtnl, &m, RTM_NEWLINKPROP, 1) >= 0); ++ ++ for (unsigned i = 0; i < 10; i++) { ++ char name[STRLEN("hoge") + DECIMAL_STR_MAX(uint32_t)]; ++ ++ xsprintf(name, "hoge%" PRIu32, i + 1000); ++ assert_se(strv_extend(&names_in, name) >= 0); ++ } ++ ++ assert_se(sd_netlink_message_open_container(m, IFLA_PROP_LIST) >= 0); ++ assert_se(sd_netlink_message_append_strv(m, IFLA_ALT_IFNAME, names_in) >= 0); ++ assert_se(sd_netlink_message_close_container(m) >= 0); ++ ++ rtnl_message_seal(m); ++ assert_se(sd_netlink_message_rewind(m) >= 0); ++ ++ assert_se(sd_netlink_message_read_strv(m, IFLA_PROP_LIST, IFLA_ALT_IFNAME, &names_out) >= 0); ++ assert_se(strv_equal(names_in, names_out)); ++ ++ assert_se(sd_netlink_message_enter_container(m, IFLA_PROP_LIST) >= 0); ++ assert_se(sd_netlink_message_read_string(m, IFLA_ALT_IFNAME, &p) >= 0); ++ assert_se(streq(p, "hoge1009")); ++ assert_se(sd_netlink_message_exit_container(m) >= 0); ++} ++ + int main(void) { + sd_netlink *rtnl; + sd_netlink_message *m; +@@ -377,6 +409,7 @@ int main(void) { + test_message(rtnl); + + test_container(rtnl); ++ test_strv(rtnl); + + if_loopback = (int) if_nametoindex("lo"); + assert_se(if_loopback > 0); diff --git a/SOURCES/0710-util-introduce-ifname_valid_full.patch b/SOURCES/0710-util-introduce-ifname_valid_full.patch new file mode 100644 index 0000000..c04c995 --- /dev/null +++ b/SOURCES/0710-util-introduce-ifname_valid_full.patch @@ -0,0 +1,79 @@ +From 1b12b8e9c0f6f230e12ca13bd70f27ef0a2fcfdd Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 15 Dec 2019 23:01:54 +0900 +Subject: [PATCH] util: introduce ifname_valid_full() + +(cherry picked from commit 4252696aec9ec038ff312a164e25f039da25126f) + +Related: #2005008 +--- + src/basic/socket-util.c | 12 +++++++++--- + src/basic/socket-util.h | 5 ++++- + src/test/test-socket-util.c | 1 + + 3 files changed, 14 insertions(+), 4 deletions(-) + +diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c +index 053bcba670..7f8066123b 100644 +--- a/src/basic/socket-util.c ++++ b/src/basic/socket-util.c +@@ -13,6 +13,7 @@ + #include + #include + #include ++#include + + #include "alloc-util.h" + #include "fd-util.h" +@@ -868,7 +869,7 @@ static const char* const ip_tos_table[] = { + + DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos, int, 0xff); + +-bool ifname_valid(const char *p) { ++bool ifname_valid_full(const char *p, bool alternative) { + bool numeric = true; + + /* Checks whether a network interface name is valid. This is inspired by dev_valid_name() in the kernel sources +@@ -878,8 +879,13 @@ bool ifname_valid(const char *p) { + if (isempty(p)) + return false; + +- if (strlen(p) >= IFNAMSIZ) +- return false; ++ if (alternative) { ++ if (strlen(p) >= ALTIFNAMSIZ) ++ return false; ++ } else { ++ if (strlen(p) >= IFNAMSIZ) ++ return false; ++ } + + if (dot_or_dot_dot(p)) + return false; +diff --git a/src/basic/socket-util.h b/src/basic/socket-util.h +index c7c9ad34d6..30baba6c03 100644 +--- a/src/basic/socket-util.h ++++ b/src/basic/socket-util.h +@@ -123,7 +123,10 @@ int fd_inc_rcvbuf(int fd, size_t n); + int ip_tos_to_string_alloc(int i, char **s); + int ip_tos_from_string(const char *s); + +-bool ifname_valid(const char *p); ++bool ifname_valid_full(const char *p, bool alternative); ++static inline bool ifname_valid(const char *p) { ++ return ifname_valid_full(p, false); ++} + bool address_label_valid(const char *p); + + int getpeercred(int fd, struct ucred *ucred); +diff --git a/src/test/test-socket-util.c b/src/test/test-socket-util.c +index 19c5395b92..c545622c09 100644 +--- a/src/test/test-socket-util.c ++++ b/src/test/test-socket-util.c +@@ -39,6 +39,7 @@ static void test_ifname_valid(void) { + + assert(ifname_valid("xxxxxxxxxxxxxxx")); + assert(!ifname_valid("xxxxxxxxxxxxxxxx")); ++ assert(ifname_valid_full("xxxxxxxxxxxxxxxx", true)); + } + + static void test_socket_address_parse(void) { diff --git a/SOURCES/0711-rename-function.patch b/SOURCES/0711-rename-function.patch new file mode 100644 index 0000000..f256c15 --- /dev/null +++ b/SOURCES/0711-rename-function.patch @@ -0,0 +1,69 @@ +From 3275093305c1305d163f26cb4e4d614a87f8ff43 Mon Sep 17 00:00:00 2001 +From: David Tardon +Date: Fri, 27 Nov 2020 10:25:12 +0100 +Subject: [PATCH] rename function + +This happened upstream in commit +54a8423788ec3cc6240959ab9f5cdac40baf047a, but I don't want to backport +the whole commit... + +Related: #2005008 +--- + src/libsystemd-network/network-internal.c | 2 +- + src/libsystemd-network/network-internal.h | 2 +- + src/network/networkd-network-gperf.gperf | 2 +- + src/udev/net/link-config-gperf.gperf | 2 +- + 4 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c +index 0849b44ee2..629e858def 100644 +--- a/src/libsystemd-network/network-internal.c ++++ b/src/libsystemd-network/network-internal.c +@@ -183,7 +183,7 @@ int config_parse_net_condition(const char *unit, + return 0; + } + +-int config_parse_ifnames( ++int config_parse_match_ifnames( + const char *unit, + const char *filename, + unsigned line, +diff --git a/src/libsystemd-network/network-internal.h b/src/libsystemd-network/network-internal.h +index 883f34b95c..9074758bbb 100644 +--- a/src/libsystemd-network/network-internal.h ++++ b/src/libsystemd-network/network-internal.h +@@ -34,7 +34,7 @@ bool net_match_config(Set *match_mac, + CONFIG_PARSER_PROTOTYPE(config_parse_net_condition); + CONFIG_PARSER_PROTOTYPE(config_parse_hwaddr); + CONFIG_PARSER_PROTOTYPE(config_parse_hwaddrs); +-CONFIG_PARSER_PROTOTYPE(config_parse_ifnames); ++CONFIG_PARSER_PROTOTYPE(config_parse_match_ifnames); + CONFIG_PARSER_PROTOTYPE(config_parse_ifalias); + CONFIG_PARSER_PROTOTYPE(config_parse_iaid); + CONFIG_PARSER_PROTOTYPE(config_parse_bridge_port_priority); +diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf +index 6ad5257f79..c4a2eccdc2 100644 +--- a/src/network/networkd-network-gperf.gperf ++++ b/src/network/networkd-network-gperf.gperf +@@ -24,7 +24,7 @@ Match.MACAddress, config_parse_hwaddrs, + Match.Path, config_parse_strv, 0, offsetof(Network, match_path) + Match.Driver, config_parse_strv, 0, offsetof(Network, match_driver) + Match.Type, config_parse_strv, 0, offsetof(Network, match_type) +-Match.Name, config_parse_ifnames, 0, offsetof(Network, match_name) ++Match.Name, config_parse_match_ifnames, 0, offsetof(Network, match_name) + Match.Host, config_parse_net_condition, CONDITION_HOST, offsetof(Network, match_host) + Match.Virtualization, config_parse_net_condition, CONDITION_VIRTUALIZATION, offsetof(Network, match_virt) + Match.KernelCommandLine, config_parse_net_condition, CONDITION_KERNEL_COMMAND_LINE, offsetof(Network, match_kernel_cmdline) +diff --git a/src/udev/net/link-config-gperf.gperf b/src/udev/net/link-config-gperf.gperf +index 5640fa0513..b37836d852 100644 +--- a/src/udev/net/link-config-gperf.gperf ++++ b/src/udev/net/link-config-gperf.gperf +@@ -20,7 +20,7 @@ struct ConfigPerfItem; + %includes + %% + Match.MACAddress, config_parse_hwaddrs, 0, offsetof(link_config, match_mac) +-Match.OriginalName, config_parse_ifnames, 0, offsetof(link_config, match_name) ++Match.OriginalName, config_parse_match_ifnames, 0, offsetof(link_config, match_name) + Match.Path, config_parse_strv, 0, offsetof(link_config, match_path) + Match.Driver, config_parse_strv, 0, offsetof(link_config, match_driver) + Match.Type, config_parse_strv, 0, offsetof(link_config, match_type) diff --git a/SOURCES/0712-udev-support-AlternativeName-setting-in-.link-file.patch b/SOURCES/0712-udev-support-AlternativeName-setting-in-.link-file.patch new file mode 100644 index 0000000..d4fe837 --- /dev/null +++ b/SOURCES/0712-udev-support-AlternativeName-setting-in-.link-file.patch @@ -0,0 +1,238 @@ +From a29790ac578540ccb4264367603aba9bc41d1bf7 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 15 Dec 2019 23:21:18 +0900 +Subject: [PATCH] udev: support AlternativeName= setting in .link file + +(cherry picked from commit a5053a158b43c5ddee90f4915b9fc603e0191d6d) + +Related: #2005008 +--- + man/systemd.link.xml | 8 ++++ + src/libsystemd/sd-netlink/netlink-util.c | 40 ++++++++++++++++ + src/libsystemd/sd-netlink/netlink-util.h | 1 + + src/shared/conf-parser.c | 60 ++++++++++++++++++++++++ + src/shared/conf-parser.h | 1 + + src/udev/net/link-config-gperf.gperf | 1 + + src/udev/net/link-config.c | 5 ++ + src/udev/net/link-config.h | 1 + + 8 files changed, 117 insertions(+) + +diff --git a/man/systemd.link.xml b/man/systemd.link.xml +index 32657308d0..0b0d83349d 100644 +--- a/man/systemd.link.xml ++++ b/man/systemd.link.xml +@@ -343,6 +343,14 @@ + + + ++ ++ AlternativeName= ++ ++ The alternative interface name to use. This option can be specified multiple times. ++ If the empty string is assigned to this option, the list is reset, and all prior assignments ++ have no effect. ++ ++ + + MTUBytes= + +diff --git a/src/libsystemd/sd-netlink/netlink-util.c b/src/libsystemd/sd-netlink/netlink-util.c +index 3928dfbabf..c1c306f121 100644 +--- a/src/libsystemd/sd-netlink/netlink-util.c ++++ b/src/libsystemd/sd-netlink/netlink-util.c +@@ -4,6 +4,7 @@ + + #include "netlink-internal.h" + #include "netlink-util.h" ++#include "strv.h" + + int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL; +@@ -80,6 +81,45 @@ int rtnl_set_link_properties(sd_netlink **rtnl, int ifindex, const char *alias, + return 0; + } + ++int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const *alternative_names) { ++ _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL; ++ int r; ++ ++ assert(rtnl); ++ assert(ifindex > 0); ++ ++ if (strv_isempty(alternative_names)) ++ return 0; ++ ++ if (!*rtnl) { ++ r = sd_netlink_open(rtnl); ++ if (r < 0) ++ return r; ++ } ++ ++ r = sd_rtnl_message_new_link(*rtnl, &message, RTM_NEWLINKPROP, ifindex); ++ if (r < 0) ++ return r; ++ ++ r = sd_netlink_message_open_container(message, IFLA_PROP_LIST); ++ if (r < 0) ++ return r; ++ ++ r = sd_netlink_message_append_strv(message, IFLA_ALT_IFNAME, alternative_names); ++ if (r < 0) ++ return r; ++ ++ r = sd_netlink_message_close_container(message); ++ if (r < 0) ++ return r; ++ ++ r = sd_netlink_call(*rtnl, message, 0, NULL); ++ if (r < 0) ++ return r; ++ ++ return 0; ++} ++ + int rtnl_message_new_synthetic_error(sd_netlink *rtnl, int error, uint32_t serial, sd_netlink_message **ret) { + struct nlmsgerr *err; + int r; +diff --git a/src/libsystemd/sd-netlink/netlink-util.h b/src/libsystemd/sd-netlink/netlink-util.h +index 882a616310..92de19c092 100644 +--- a/src/libsystemd/sd-netlink/netlink-util.h ++++ b/src/libsystemd/sd-netlink/netlink-util.h +@@ -38,6 +38,7 @@ static inline bool rtnl_message_type_is_routing_policy_rule(uint16_t type) { + + int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name); + int rtnl_set_link_properties(sd_netlink **rtnl, int ifindex, const char *alias, const struct ether_addr *mac, uint32_t mtu); ++int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const *alternative_names); + + int rtnl_log_parse_error(int r); + int rtnl_log_create_error(int r); +diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c +index 246b7431e4..1f40f00c72 100644 +--- a/src/shared/conf-parser.c ++++ b/src/shared/conf-parser.c +@@ -970,6 +970,66 @@ int config_parse_ifname( + return 0; + } + ++int config_parse_ifnames( ++ const char *unit, ++ const char *filename, ++ unsigned line, ++ const char *section, ++ unsigned section_line, ++ const char *lvalue, ++ int ltype, ++ const char *rvalue, ++ void *data, ++ void *userdata) { ++ ++ _cleanup_strv_free_ char **names = NULL; ++ char ***s = data; ++ const char *p; ++ int r; ++ ++ assert(filename); ++ assert(lvalue); ++ assert(rvalue); ++ assert(data); ++ ++ if (isempty(rvalue)) { ++ *s = strv_free(*s); ++ return 0; ++ } ++ ++ p = rvalue; ++ for (;;) { ++ _cleanup_free_ char *word = NULL; ++ ++ r = extract_first_word(&p, &word, NULL, 0); ++ if (r < 0) { ++ log_syntax(unit, LOG_ERR, filename, line, r, ++ "Failed to extract interface name, ignoring assignment: %s", ++ rvalue); ++ return 0; ++ } ++ if (r == 0) ++ break; ++ ++ if (!ifname_valid_full(word, ltype)) { ++ log_syntax(unit, LOG_ERR, filename, line, 0, ++ "Interface name is not valid or too long, ignoring assignment: %s", ++ word); ++ continue; ++ } ++ ++ r = strv_consume(&names, TAKE_PTR(word)); ++ if (r < 0) ++ return log_oom(); ++ } ++ ++ r = strv_extend_strv(s, names, true); ++ if (r < 0) ++ return log_oom(); ++ ++ return 0; ++} ++ + int config_parse_ip_port( + const char *unit, + const char *filename, +diff --git a/src/shared/conf-parser.h b/src/shared/conf-parser.h +index a0a5c89c27..375b2e5a74 100644 +--- a/src/shared/conf-parser.h ++++ b/src/shared/conf-parser.h +@@ -137,6 +137,7 @@ CONFIG_PARSER_PROTOTYPE(config_parse_signal); + CONFIG_PARSER_PROTOTYPE(config_parse_personality); + CONFIG_PARSER_PROTOTYPE(config_parse_permille); + CONFIG_PARSER_PROTOTYPE(config_parse_ifname); ++CONFIG_PARSER_PROTOTYPE(config_parse_ifnames); + CONFIG_PARSER_PROTOTYPE(config_parse_ip_port); + CONFIG_PARSER_PROTOTYPE(config_parse_join_controllers); + CONFIG_PARSER_PROTOTYPE(config_parse_mtu); +diff --git a/src/udev/net/link-config-gperf.gperf b/src/udev/net/link-config-gperf.gperf +index b37836d852..913c754145 100644 +--- a/src/udev/net/link-config-gperf.gperf ++++ b/src/udev/net/link-config-gperf.gperf +@@ -34,6 +34,7 @@ Link.MACAddressPolicy, config_parse_mac_policy, 0, + Link.MACAddress, config_parse_hwaddr, 0, offsetof(link_config, mac) + Link.NamePolicy, config_parse_name_policy, 0, offsetof(link_config, name_policy) + Link.Name, config_parse_ifname, 0, offsetof(link_config, name) ++Link.AlternativeName, config_parse_ifnames, 1, offsetof(link_config, alternative_names) + Link.Alias, config_parse_ifalias, 0, offsetof(link_config, alias) + Link.MTUBytes, config_parse_mtu, AF_UNSPEC, offsetof(link_config, mtu) + Link.BitsPerSecond, config_parse_si_size, 0, offsetof(link_config, speed) +diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c +index 5113586457..d07a1a1874 100644 +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -67,6 +67,7 @@ static void link_config_free(link_config *link) { + free(link->mac); + free(link->name_policy); + free(link->name); ++ strv_free(link->alternative_names); + free(link->alias); + + free(link); +@@ -468,6 +469,10 @@ int link_config_apply(link_config_ctx *ctx, link_config *config, + if (r < 0) + return log_warning_errno(r, "Could not set Alias=, MACAddress= or MTU= on %s: %m", old_name); + ++ r = rtnl_set_link_alternative_names(&ctx->rtnl, ifindex, config->alternative_names); ++ if (r < 0) ++ return log_warning_errno(r, "Could not set AlternativeName= on %s: %m", old_name); ++ + *name = new_name; + + return 0; +diff --git a/src/udev/net/link-config.h b/src/udev/net/link-config.h +index 4798bb101c..93d5fdce59 100644 +--- a/src/udev/net/link-config.h ++++ b/src/udev/net/link-config.h +@@ -50,6 +50,7 @@ struct link_config { + MACPolicy mac_policy; + NamePolicy *name_policy; + char *name; ++ char **alternative_names; + char *alias; + uint32_t mtu; + size_t speed; diff --git a/SOURCES/0713-network-make-Name-in-Match-support-alternative-names.patch b/SOURCES/0713-network-make-Name-in-Match-support-alternative-names.patch new file mode 100644 index 0000000..2783da9 --- /dev/null +++ b/SOURCES/0713-network-make-Name-in-Match-support-alternative-names.patch @@ -0,0 +1,143 @@ +From 0c178bf442aebcd2b42f10a0e4d2382a15505bb6 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 15 Dec 2019 22:46:19 +0900 +Subject: [PATCH] network: make Name= in [Match] support alternative names of + interfaces + +(cherry picked from commit 572b21d96cabd5860b0670e98440b6cb99a4b749 +src/network bits have been left out.) + +Related: #2005008 +--- + man/systemd.network.xml | 7 +++---- + src/libsystemd-network/network-internal.c | 20 ++++++++++++++++++-- + src/libsystemd-network/network-internal.h | 3 ++- + src/network/netdev/netdev.c | 2 +- + src/network/networkd-network.c | 2 +- + src/udev/net/link-config.c | 3 ++- + 6 files changed, 27 insertions(+), 10 deletions(-) + +diff --git a/man/systemd.network.xml b/man/systemd.network.xml +index fc8e0aea68..8300540096 100644 +--- a/man/systemd.network.xml ++++ b/man/systemd.network.xml +@@ -133,10 +133,9 @@ + + Name= + +- A whitespace-separated list of shell-style globs +- matching the device name, as exposed by the udev property +- INTERFACE. If the list is prefixed +- with a "!", the test is inverted. ++ A whitespace-separated list of shell-style globs matching the device name, as exposed ++ by the udev property INTERFACE, or device's alternative names. If the ++ list is prefixed with a "!", the test is inverted. + + + +diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c +index 629e858def..a935709cd0 100644 +--- a/src/libsystemd-network/network-internal.c ++++ b/src/libsystemd-network/network-internal.c +@@ -92,6 +92,18 @@ static bool net_condition_test_strv(char * const *raw_patterns, + return string && strv_fnmatch(raw_patterns, string, 0); + } + ++static bool net_condition_test_ifname(char * const *patterns, const char *ifname, char * const *alternative_names) { ++ if (net_condition_test_strv(patterns, ifname)) ++ return true; ++ ++ char * const *p; ++ STRV_FOREACH(p, alternative_names) ++ if (net_condition_test_strv(patterns, *p)) ++ return true; ++ ++ return false; ++} ++ + bool net_match_config(Set *match_mac, + char * const *match_paths, + char * const *match_drivers, +@@ -107,7 +119,8 @@ bool net_match_config(Set *match_mac, + const char *dev_parent_driver, + const char *dev_driver, + const char *dev_type, +- const char *dev_name) { ++ const char *dev_name, ++ char * const *alternative_names) { + + if (match_host && condition_test(match_host) <= 0) + return false; +@@ -124,6 +137,9 @@ bool net_match_config(Set *match_mac, + if (match_arch && condition_test(match_arch) <= 0) + return false; + ++ if (!net_condition_test_ifname(match_names, dev_name, alternative_names)) ++ return false; ++ + if (match_mac && dev_mac && !set_contains(match_mac, dev_mac)) + return false; + +@@ -214,7 +230,7 @@ int config_parse_match_ifnames( + if (r == 0) + break; + +- if (!ifname_valid(word)) { ++ if (!ifname_valid_full(word, ltype)) { + log_syntax(unit, LOG_ERR, filename, line, 0, "Interface name is not valid or too long, ignoring assignment: %s", rvalue); + return 0; + } +diff --git a/src/libsystemd-network/network-internal.h b/src/libsystemd-network/network-internal.h +index 9074758bbb..e1d098f3fe 100644 +--- a/src/libsystemd-network/network-internal.h ++++ b/src/libsystemd-network/network-internal.h +@@ -29,7 +29,8 @@ bool net_match_config(Set *match_mac, + const char *dev_parent_driver, + const char *dev_driver, + const char *dev_type, +- const char *dev_name); ++ const char *dev_name, ++ char * const *alternative_names); + + CONFIG_PARSER_PROTOTYPE(config_parse_net_condition); + CONFIG_PARSER_PROTOTYPE(config_parse_hwaddr); +diff --git a/src/network/netdev/netdev.c b/src/network/netdev/netdev.c +index 82ce88402f..e97cc07028 100644 +--- a/src/network/netdev/netdev.c ++++ b/src/network/netdev/netdev.c +@@ -640,7 +640,7 @@ static int netdev_load_one(Manager *manager, const char *filename) { + netdev_raw->match_host, netdev_raw->match_virt, + netdev_raw->match_kernel_cmdline, netdev_raw->match_kernel_version, + netdev_raw->match_arch, +- NULL, NULL, NULL, NULL, NULL, NULL) <= 0) ++ NULL, NULL, NULL, NULL, NULL, NULL, NULL) <= 0) + return 0; + + if (netdev_raw->kind == _NETDEV_KIND_INVALID) { +diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c +index 429aac5e6c..7637d135a4 100644 +--- a/src/network/networkd-network.c ++++ b/src/network/networkd-network.c +@@ -479,7 +479,7 @@ int network_get(Manager *manager, struct udev_device *device, + network->match_virt, network->match_kernel_cmdline, + network->match_kernel_version, network->match_arch, + address, path, parent_driver, driver, +- devtype, ifname)) { ++ devtype, ifname, NULL)) { + if (network->match_name && device) { + const char *attr; + uint8_t name_assign_type = NET_NAME_UNKNOWN; +diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c +index d07a1a1874..e5052f8f29 100644 +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -238,7 +238,8 @@ int link_config_get(link_config_ctx *ctx, struct udev_device *device, + udev_device_get_driver(udev_device_get_parent(device)), + udev_device_get_property_value(device, "ID_NET_DRIVER"), + udev_device_get_devtype(device), +- udev_device_get_sysname(device))) { ++ udev_device_get_sysname(device), ++ NULL)) { + if (link->match_name) { + unsigned char name_assign_type = NET_NAME_UNKNOWN; + diff --git a/SOURCES/0714-udev-extend-the-length-of-ID_NET_NAME_XXX-to-ALTIFNA.patch b/SOURCES/0714-udev-extend-the-length-of-ID_NET_NAME_XXX-to-ALTIFNA.patch new file mode 100644 index 0000000..191049a --- /dev/null +++ b/SOURCES/0714-udev-extend-the-length-of-ID_NET_NAME_XXX-to-ALTIFNA.patch @@ -0,0 +1,170 @@ +From 9f59dca3868b1e934a2aac2d811c55ab33cca0eb Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 17 Dec 2019 11:01:35 +0900 +Subject: [PATCH] udev: extend the length of ID_NET_NAME_XXX= to ALTIFNAMSIZ + +(cherry picked from commit 78f8849f84ca0939796edb840e878a9d2e124a4d) + +Related: #2005008 +--- + src/udev/net/link-config.c | 5 ++++- + src/udev/udev-builtin-net_id.c | 33 +++++++++++++++++---------------- + src/udev/udev-event.c | 4 ++-- + 3 files changed, 23 insertions(+), 19 deletions(-) + +diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c +index e5052f8f29..4de8ee7d7e 100644 +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -19,6 +19,7 @@ + #include "path-util.h" + #include "proc-cmdline.h" + #include "random-util.h" ++#include "socket-util.h" + #include "stat-util.h" + #include "string-table.h" + #include "string-util.h" +@@ -405,7 +406,7 @@ int link_config_apply(link_config_ctx *ctx, link_config *config, + NamePolicy *policy; + + for (policy = config->name_policy; +- !new_name && *policy != _NAMEPOLICY_INVALID; policy++) { ++ *policy != _NAMEPOLICY_INVALID; policy++) { + switch (*policy) { + case NAMEPOLICY_KERNEL: + respect_predictable = true; +@@ -428,6 +429,8 @@ int link_config_apply(link_config_ctx *ctx, link_config *config, + default: + break; + } ++ if (ifname_valid(new_name)) ++ break; + } + } + +diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c +index eafcbb64c5..386d74ca5e 100644 +--- a/src/udev/udev-builtin-net_id.c ++++ b/src/udev/udev-builtin-net_id.c +@@ -90,6 +90,7 @@ + #include + #include + #include ++#include + #include + + #include "dirent-util.h" +@@ -176,21 +177,21 @@ struct netnames { + bool mac_valid; + + struct udev_device *pcidev; +- char pci_slot[IFNAMSIZ]; +- char pci_path[IFNAMSIZ]; +- char pci_onboard[IFNAMSIZ]; ++ char pci_slot[ALTIFNAMSIZ]; ++ char pci_path[ALTIFNAMSIZ]; ++ char pci_onboard[ALTIFNAMSIZ]; + const char *pci_onboard_label; + +- char usb_ports[IFNAMSIZ]; +- char bcma_core[IFNAMSIZ]; +- char ccw_busid[IFNAMSIZ]; +- char vio_slot[IFNAMSIZ]; +- char platform_path[IFNAMSIZ]; ++ char usb_ports[ALTIFNAMSIZ]; ++ char bcma_core[ALTIFNAMSIZ]; ++ char ccw_busid[ALTIFNAMSIZ]; ++ char vio_slot[ALTIFNAMSIZ]; ++ char platform_path[ALTIFNAMSIZ]; + }; + + struct virtfn_info { + struct udev_device *physfn_pcidev; +- char suffix[IFNAMSIZ]; ++ char suffix[ALTIFNAMSIZ]; + }; + + static const NamingScheme* naming_scheme_from_name(const char *name) { +@@ -887,7 +888,7 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool + + err = names_mac(dev, &names); + if (err >= 0 && names.mac_valid) { +- char str[IFNAMSIZ]; ++ char str[ALTIFNAMSIZ]; + + xsprintf(str, "%sx%02x%02x%02x%02x%02x%02x", prefix, + names.mac[0], names.mac[1], names.mac[2], +@@ -900,7 +901,7 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool + /* get path names for Linux on System z network devices */ + err = names_ccw(dev, &names); + if (err >= 0 && names.type == NET_CCW) { +- char str[IFNAMSIZ]; ++ char str[ALTIFNAMSIZ]; + + if (snprintf_ok(str, sizeof str, "%s%s", prefix, names.ccw_busid)) + udev_builtin_add_property(dev, test, "ID_NET_NAME_PATH", str); +@@ -910,7 +911,7 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool + /* get ibmveth/ibmvnic slot-based names. */ + err = names_vio(dev, &names); + if (err >= 0 && names.type == NET_VIO) { +- char str[IFNAMSIZ]; ++ char str[ALTIFNAMSIZ]; + + if (snprintf_ok(str, sizeof str, "%s%s", prefix, names.vio_slot)) + udev_builtin_add_property(dev, test, "ID_NET_NAME_SLOT", str); +@@ -920,7 +921,7 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool + /* get ACPI path names for ARM64 platform devices */ + err = names_platform(dev, &names, test); + if (err >= 0 && names.type == NET_PLATFORM) { +- char str[IFNAMSIZ]; ++ char str[ALTIFNAMSIZ]; + + if (snprintf_ok(str, sizeof str, "%s%s", prefix, names.platform_path)) + udev_builtin_add_property(dev, test, "ID_NET_NAME_PATH", str); +@@ -934,7 +935,7 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool + + /* plain PCI device */ + if (names.type == NET_PCI) { +- char str[IFNAMSIZ]; ++ char str[ALTIFNAMSIZ]; + + if (names.pci_onboard[0] && + snprintf_ok(str, sizeof str, "%s%s", prefix, names.pci_onboard)) +@@ -957,7 +958,7 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool + /* USB device */ + err = names_usb(dev, &names); + if (err >= 0 && names.type == NET_USB) { +- char str[IFNAMSIZ]; ++ char str[ALTIFNAMSIZ]; + + if (names.pci_path[0] && + snprintf_ok(str, sizeof str, "%s%s%s", prefix, names.pci_path, names.usb_ports)) +@@ -972,7 +973,7 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool + /* Broadcom bus */ + err = names_bcma(dev, &names); + if (err >= 0 && names.type == NET_BCMA) { +- char str[IFNAMSIZ]; ++ char str[ALTIFNAMSIZ]; + + if (names.pci_path[0] && + snprintf_ok(str, sizeof str, "%s%s%s", prefix, names.pci_path, names.bcma_core)) +diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c +index fd8406d959..19b100d4f8 100644 +--- a/src/udev/udev-event.c ++++ b/src/udev/udev-event.c +@@ -816,13 +816,13 @@ out: + + static int rename_netif(struct udev_event *event) { + struct udev_device *dev = event->dev; +- char name[IFNAMSIZ]; ++ char name[ALTIFNAMSIZ]; + const char *oldname; + int r; + + oldname = udev_device_get_sysname(dev); + +- strscpy(name, IFNAMSIZ, event->name); ++ strscpy(name, ALTIFNAMSIZ, event->name); + + r = rtnl_set_link_name(&event->rtnl, udev_device_get_ifindex(dev), name); + if (r < 0) diff --git a/SOURCES/0715-udev-do-not-fail-if-kernel-does-not-support-alternat.patch b/SOURCES/0715-udev-do-not-fail-if-kernel-does-not-support-alternat.patch new file mode 100644 index 0000000..29abb68 --- /dev/null +++ b/SOURCES/0715-udev-do-not-fail-if-kernel-does-not-support-alternat.patch @@ -0,0 +1,43 @@ +From f0b11f5042489c85d5016eceff06647bb49d486a Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 17 Dec 2019 15:32:22 +0900 +Subject: [PATCH] udev: do not fail if kernel does not support alternative + names + +(cherry picked from commit bb181dd4a664ca8e82a8f7194261fd6531e861d8) + +Related: #2005008 +--- + man/systemd.link.xml | 3 ++- + src/udev/net/link-config.c | 4 +++- + 2 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/man/systemd.link.xml b/man/systemd.link.xml +index 0b0d83349d..c8ebb751ee 100644 +--- a/man/systemd.link.xml ++++ b/man/systemd.link.xml +@@ -348,7 +348,8 @@ + + The alternative interface name to use. This option can be specified multiple times. + If the empty string is assigned to this option, the list is reset, and all prior assignments +- have no effect. ++ have no effect. If the kernel does not support the alternative names, then this setting will ++ be ignored. + + + +diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c +index 4de8ee7d7e..8e88c8e5c4 100644 +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -474,7 +474,9 @@ int link_config_apply(link_config_ctx *ctx, link_config *config, + return log_warning_errno(r, "Could not set Alias=, MACAddress= or MTU= on %s: %m", old_name); + + r = rtnl_set_link_alternative_names(&ctx->rtnl, ifindex, config->alternative_names); +- if (r < 0) ++ if (r == -EOPNOTSUPP) ++ log_debug_errno(r, "Could not set AlternativeName= on %s, ignoring: %m", old_name); ++ else if (r < 0) + return log_warning_errno(r, "Could not set AlternativeName= on %s: %m", old_name); + + *name = new_name; diff --git a/SOURCES/0716-udev-introduce-AlternativeNamesPolicy-setting.patch b/SOURCES/0716-udev-introduce-AlternativeNamesPolicy-setting.patch new file mode 100644 index 0000000..4b9087f --- /dev/null +++ b/SOURCES/0716-udev-introduce-AlternativeNamesPolicy-setting.patch @@ -0,0 +1,169 @@ +From 2faf160d0b8122e0dca603a441db68dc38c1bab6 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 16 Dec 2019 23:44:42 +0900 +Subject: [PATCH] udev: introduce AlternativeNamesPolicy= setting + +(cherry picked from commit ef1d2c07f9567dfea8a4e012d8779a4ded2d9ae6) + +Related: #2005008 +--- + man/systemd.link.xml | 11 +++++ + src/udev/net/link-config-gperf.gperf | 1 + + src/udev/net/link-config.c | 62 ++++++++++++++++++++++++++-- + src/udev/net/link-config.h | 5 +++ + 4 files changed, 76 insertions(+), 3 deletions(-) + +diff --git a/man/systemd.link.xml b/man/systemd.link.xml +index c8ebb751ee..13dcce0879 100644 +--- a/man/systemd.link.xml ++++ b/man/systemd.link.xml +@@ -343,6 +343,17 @@ + + + ++ ++ AlternativeNamesPolicy= ++ ++ A space-separated list of policies by which the interface's alternative names ++ should be set. Each of the policies may fail, and all successful policies are used. The ++ available policies are database, onboard, ++ slot, path, and mac. If the ++ kernel does not support the alternative names, then this setting will be ignored. ++ ++ ++ + + AlternativeName= + +diff --git a/src/udev/net/link-config-gperf.gperf b/src/udev/net/link-config-gperf.gperf +index 913c754145..df8404e7b8 100644 +--- a/src/udev/net/link-config-gperf.gperf ++++ b/src/udev/net/link-config-gperf.gperf +@@ -35,6 +35,7 @@ Link.MACAddress, config_parse_hwaddr, 0, + Link.NamePolicy, config_parse_name_policy, 0, offsetof(link_config, name_policy) + Link.Name, config_parse_ifname, 0, offsetof(link_config, name) + Link.AlternativeName, config_parse_ifnames, 1, offsetof(link_config, alternative_names) ++Link.AlternativeNamesPolicy, config_parse_alternative_names_policy, 0, offsetof(link_config, alternative_names_policy) + Link.Alias, config_parse_ifalias, 0, offsetof(link_config, alias) + Link.MTUBytes, config_parse_mtu, AF_UNSPEC, offsetof(link_config, mtu) + Link.BitsPerSecond, config_parse_si_size, 0, offsetof(link_config, speed) +diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c +index 8e88c8e5c4..6ceb4c698e 100644 +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -69,6 +69,7 @@ static void link_config_free(link_config *link) { + free(link->name_policy); + free(link->name); + strv_free(link->alternative_names); ++ free(link->alternative_names_policy); + free(link->alias); + + free(link); +@@ -349,6 +350,7 @@ static int get_mac(struct udev_device *device, bool want_random, + + int link_config_apply(link_config_ctx *ctx, link_config *config, + struct udev_device *device, const char **name) { ++ _cleanup_strv_free_ char **altnames = NULL; + bool respect_predictable = false; + struct ether_addr generated_mac; + struct ether_addr *mac = NULL; +@@ -473,11 +475,52 @@ int link_config_apply(link_config_ctx *ctx, link_config *config, + if (r < 0) + return log_warning_errno(r, "Could not set Alias=, MACAddress= or MTU= on %s: %m", old_name); + +- r = rtnl_set_link_alternative_names(&ctx->rtnl, ifindex, config->alternative_names); ++ if (config->alternative_names) { ++ altnames = strv_copy(config->alternative_names); ++ if (!altnames) ++ return log_oom(); ++ } ++ ++ if (config->alternative_names_policy) ++ for (NamePolicy *p = config->alternative_names_policy; *p != _NAMEPOLICY_INVALID; p++) { ++ const char *n; ++ ++ switch (*p) { ++ case NAMEPOLICY_DATABASE: ++ n = udev_device_get_property_value(device, "ID_NET_NAME_FROM_DATABASE"); ++ break; ++ case NAMEPOLICY_ONBOARD: ++ n = udev_device_get_property_value(device, "ID_NET_NAME_ONBOARD"); ++ break; ++ case NAMEPOLICY_SLOT: ++ n = udev_device_get_property_value(device, "ID_NET_NAME_SLOT"); ++ break; ++ case NAMEPOLICY_PATH: ++ n = udev_device_get_property_value(device, "ID_NET_NAME_PATH"); ++ break; ++ case NAMEPOLICY_MAC: ++ n = udev_device_get_property_value(device, "ID_NET_NAME_MAC"); ++ break; ++ default: ++ assert_not_reached("invalid policy"); ++ } ++ if (!isempty(n)) { ++ r = strv_extend(&altnames, n); ++ if (r < 0) ++ return log_oom(); ++ } ++ } ++ ++ if (new_name) ++ strv_remove(altnames, new_name); ++ strv_remove(altnames, old_name); ++ strv_uniq(altnames); ++ ++ r = rtnl_set_link_alternative_names(&ctx->rtnl, ifindex, altnames); + if (r == -EOPNOTSUPP) +- log_debug_errno(r, "Could not set AlternativeName= on %s, ignoring: %m", old_name); ++ log_debug_errno(r, "Could not set AlternativeName= or apply AlternativeNamesPolicy= on %s, ignoring: %m", old_name); + else if (r < 0) +- return log_warning_errno(r, "Could not set AlternativeName= on %s: %m", old_name); ++ return log_warning_errno(r, "Could not set AlternativeName= or apply AlternativeNamesPolicy= on %s: %m", old_name); + + *name = new_name; + +@@ -524,3 +567,16 @@ DEFINE_STRING_TABLE_LOOKUP(name_policy, NamePolicy); + DEFINE_CONFIG_PARSE_ENUMV(config_parse_name_policy, name_policy, NamePolicy, + _NAMEPOLICY_INVALID, + "Failed to parse interface name policy"); ++ ++static const char* const alternative_names_policy_table[_NAMEPOLICY_MAX] = { ++ [NAMEPOLICY_DATABASE] = "database", ++ [NAMEPOLICY_ONBOARD] = "onboard", ++ [NAMEPOLICY_SLOT] = "slot", ++ [NAMEPOLICY_PATH] = "path", ++ [NAMEPOLICY_MAC] = "mac", ++}; ++ ++DEFINE_STRING_TABLE_LOOKUP(alternative_names_policy, NamePolicy); ++DEFINE_CONFIG_PARSE_ENUMV(config_parse_alternative_names_policy, alternative_names_policy, NamePolicy, ++ _NAMEPOLICY_INVALID, ++ "Failed to parse alternative names policy"); +diff --git a/src/udev/net/link-config.h b/src/udev/net/link-config.h +index 93d5fdce59..634bd2ec54 100644 +--- a/src/udev/net/link-config.h ++++ b/src/udev/net/link-config.h +@@ -49,6 +49,7 @@ struct link_config { + struct ether_addr *mac; + MACPolicy mac_policy; + NamePolicy *name_policy; ++ NamePolicy *alternative_names_policy; + char *name; + char **alternative_names; + char *alias; +@@ -78,6 +79,9 @@ int link_get_driver(link_config_ctx *ctx, struct udev_device *device, char **ret + const char *name_policy_to_string(NamePolicy p) _const_; + NamePolicy name_policy_from_string(const char *p) _pure_; + ++const char *alternative_names_policy_to_string(NamePolicy p) _const_; ++NamePolicy alternative_names_policy_from_string(const char *p) _pure_; ++ + const char *mac_policy_to_string(MACPolicy p) _const_; + MACPolicy mac_policy_from_string(const char *p) _pure_; + +@@ -86,3 +90,4 @@ const struct ConfigPerfItem* link_config_gperf_lookup(const char *key, GPERF_LEN + + int config_parse_mac_policy(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); + int config_parse_name_policy(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); ++int config_parse_alternative_names_policy(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); diff --git a/SOURCES/0717-network-set-AlternativeNamesPolicy-in-99-default.lin.patch b/SOURCES/0717-network-set-AlternativeNamesPolicy-in-99-default.lin.patch new file mode 100644 index 0000000..9f4a216 --- /dev/null +++ b/SOURCES/0717-network-set-AlternativeNamesPolicy-in-99-default.lin.patch @@ -0,0 +1,22 @@ +From 9a224b9480d218b782ac7bbacb3732672d0dad3f Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 17 Dec 2019 00:30:38 +0900 +Subject: [PATCH] network: set AlternativeNamesPolicy= in 99-default.link + +(cherry picked from commit 49f5cbe92484a6661bccc0ae6c547bc5767c83bf) + +Related: #2005008 +--- + network/99-default.link | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/network/99-default.link b/network/99-default.link +index 561bf329e4..58c0b74a7c 100644 +--- a/network/99-default.link ++++ b/network/99-default.link +@@ -9,4 +9,5 @@ + + [Link] + NamePolicy=kernel database onboard slot path ++AlternativeNamesPolicy=database onboard slot path + MACAddressPolicy=persistent diff --git a/SOURCES/0718-random-util-call-initialize_srand-after-fork.patch b/SOURCES/0718-random-util-call-initialize_srand-after-fork.patch new file mode 100644 index 0000000..f82e976 --- /dev/null +++ b/SOURCES/0718-random-util-call-initialize_srand-after-fork.patch @@ -0,0 +1,59 @@ +From 58cdc09af08e065c85b2f8834ee9848c010f5afe Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 16 Dec 2019 19:47:48 +0900 +Subject: [PATCH] random-util: call initialize_srand() after fork() + +(cherry picked from commit a0f11d1d11a546f791855ec9c47c2ff830e6a5aa) + +Related: #2005008 +--- + src/basic/random-util.c | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/src/basic/random-util.c b/src/basic/random-util.c +index 91481559db..801f6ad131 100644 +--- a/src/basic/random-util.c ++++ b/src/basic/random-util.c +@@ -4,6 +4,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -26,6 +27,8 @@ + #include "random-util.h" + #include "time-util.h" + ++static bool srand_called = false; ++ + int acquire_random_bytes(void *p, size_t n, bool high_quality_required) { + static int have_syscall = -1; + +@@ -81,8 +84,12 @@ int acquire_random_bytes(void *p, size_t n, bool high_quality_required) { + return loop_read_exact(fd, (uint8_t*) p + already_done, n - already_done, true); + } + ++static void clear_srand_initialization(void) { ++ srand_called = false; ++} ++ + void initialize_srand(void) { +- static bool srand_called = false; ++ static bool pthread_atfork_registered = false; + unsigned x; + #if HAVE_SYS_AUXV_H + void *auxv; +@@ -109,6 +116,11 @@ void initialize_srand(void) { + + srand(x); + srand_called = true; ++ ++ if (!pthread_atfork_registered) { ++ (void) pthread_atfork(NULL, NULL, clear_srand_initialization); ++ pthread_atfork_registered = true; ++ } + } + + /* INT_MAX gives us only 31 bits, so use 24 out of that. */ diff --git a/SOURCES/0719-sd-netlink-introduce-rtnl_resolve_link_alternative_n.patch b/SOURCES/0719-sd-netlink-introduce-rtnl_resolve_link_alternative_n.patch new file mode 100644 index 0000000..4c80d63 --- /dev/null +++ b/SOURCES/0719-sd-netlink-introduce-rtnl_resolve_link_alternative_n.patch @@ -0,0 +1,78 @@ +From bb7c49cc95e9de877fafc5c2be06932bc21aa762 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 17 Dec 2019 18:28:36 +0900 +Subject: [PATCH] sd-netlink: introduce rtnl_resolve_link_alternative_names() + +(cherry picked from commit b04c5e51da7a61d41d564e73a1e92bd8b29b0223) + +Related: #2005008 +--- + src/libsystemd/sd-netlink/netlink-types.c | 1 + + src/libsystemd/sd-netlink/netlink-util.c | 29 +++++++++++++++++++++++ + src/libsystemd/sd-netlink/netlink-util.h | 1 + + 3 files changed, 31 insertions(+) + +diff --git a/src/libsystemd/sd-netlink/netlink-types.c b/src/libsystemd/sd-netlink/netlink-types.c +index 47d9c7f1c4..e118a0aa30 100644 +--- a/src/libsystemd/sd-netlink/netlink-types.c ++++ b/src/libsystemd/sd-netlink/netlink-types.c +@@ -511,6 +511,7 @@ static const NLType rtnl_link_types[] = { + [IFLA_PHYS_PORT_ID] = { .type = NETLINK_TYPE_BINARY, .len = MAX_PHYS_PORT_ID_LEN }, + */ + [IFLA_PROP_LIST] = { .type = NETLINK_TYPE_NESTED, .type_system = &rtnl_prop_list_type_system }, ++ [IFLA_ALT_IFNAME] = { .type = NETLINK_TYPE_STRING, .size = ALTIFNAMSIZ - 1 }, + }; + + static const NLTypeSystem rtnl_link_type_system = { +diff --git a/src/libsystemd/sd-netlink/netlink-util.c b/src/libsystemd/sd-netlink/netlink-util.c +index c1c306f121..62fc71a3d8 100644 +--- a/src/libsystemd/sd-netlink/netlink-util.c ++++ b/src/libsystemd/sd-netlink/netlink-util.c +@@ -120,6 +120,35 @@ int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const + return 0; + } + ++int rtnl_resolve_link_alternative_name(sd_netlink **rtnl, const char *name, int *ret) { ++ _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL, *reply = NULL; ++ int r; ++ ++ assert(rtnl); ++ assert(name); ++ assert(ret); ++ ++ if (!*rtnl) { ++ r = sd_netlink_open(rtnl); ++ if (r < 0) ++ return r; ++ } ++ ++ r = sd_rtnl_message_new_link(*rtnl, &message, RTM_GETLINK, 0); ++ if (r < 0) ++ return r; ++ ++ r = sd_netlink_message_append_string(message, IFLA_ALT_IFNAME, name); ++ if (r < 0) ++ return r; ++ ++ r = sd_netlink_call(*rtnl, message, 0, &reply); ++ if (r < 0) ++ return r; ++ ++ return sd_rtnl_message_link_get_ifindex(reply, ret); ++} ++ + int rtnl_message_new_synthetic_error(sd_netlink *rtnl, int error, uint32_t serial, sd_netlink_message **ret) { + struct nlmsgerr *err; + int r; +diff --git a/src/libsystemd/sd-netlink/netlink-util.h b/src/libsystemd/sd-netlink/netlink-util.h +index 92de19c092..ea98439fad 100644 +--- a/src/libsystemd/sd-netlink/netlink-util.h ++++ b/src/libsystemd/sd-netlink/netlink-util.h +@@ -39,6 +39,7 @@ static inline bool rtnl_message_type_is_routing_policy_rule(uint16_t type) { + int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name); + int rtnl_set_link_properties(sd_netlink **rtnl, int ifindex, const char *alias, const struct ether_addr *mac, uint32_t mtu); + int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const *alternative_names); ++int rtnl_resolve_link_alternative_name(sd_netlink **rtnl, const char *name, int *ret); + + int rtnl_log_parse_error(int r); + int rtnl_log_create_error(int r); diff --git a/SOURCES/0720-udev-sort-alternative-names.patch b/SOURCES/0720-udev-sort-alternative-names.patch new file mode 100644 index 0000000..e3f0f94 --- /dev/null +++ b/SOURCES/0720-udev-sort-alternative-names.patch @@ -0,0 +1,27 @@ +From f5d149095f95704fe7660069a493c0329ddbb5aa Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 17 Dec 2019 20:41:21 +0900 +Subject: [PATCH] udev: sort alternative names + +Kernel preserves the order of alternative names. So, for user +visibility, let's sort the alternative names. + +(cherry picked from commit 4d016e965b13883cccc963a34a1299a0c4f900ca) + +Related: #2005008 +--- + src/udev/net/link-config.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c +index 6ceb4c698e..8bd374d352 100644 +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -515,6 +515,7 @@ int link_config_apply(link_config_ctx *ctx, link_config *config, + strv_remove(altnames, new_name); + strv_remove(altnames, old_name); + strv_uniq(altnames); ++ strv_sort(altnames); + + r = rtnl_set_link_alternative_names(&ctx->rtnl, ifindex, altnames); + if (r == -EOPNOTSUPP) diff --git a/SOURCES/0721-netlink-introduce-rtnl_get-delete_link_alternative_n.patch b/SOURCES/0721-netlink-introduce-rtnl_get-delete_link_alternative_n.patch new file mode 100644 index 0000000..0cc78fc --- /dev/null +++ b/SOURCES/0721-netlink-introduce-rtnl_get-delete_link_alternative_n.patch @@ -0,0 +1,102 @@ +From c6b2c2fb577d20879b5b4c610c4c29bac259beab Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Fri, 17 Jul 2020 21:29:13 +0900 +Subject: [PATCH] netlink: introduce rtnl_get/delete_link_alternative_names() + +(cherry picked from commit 14982526145de84201c7e3b4fc6be6aa5e9a08f7) + +Related: #2005008 +--- + src/libsystemd/sd-netlink/netlink-util.c | 45 ++++++++++++++++++++++-- + src/libsystemd/sd-netlink/netlink-util.h | 2 ++ + 2 files changed, 45 insertions(+), 2 deletions(-) + +diff --git a/src/libsystemd/sd-netlink/netlink-util.c b/src/libsystemd/sd-netlink/netlink-util.c +index 62fc71a3d8..7f09261981 100644 +--- a/src/libsystemd/sd-netlink/netlink-util.c ++++ b/src/libsystemd/sd-netlink/netlink-util.c +@@ -81,12 +81,45 @@ int rtnl_set_link_properties(sd_netlink **rtnl, int ifindex, const char *alias, + return 0; + } + +-int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const *alternative_names) { ++int rtnl_get_link_alternative_names(sd_netlink **rtnl, int ifindex, char ***ret) { ++ _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL, *reply = NULL; ++ _cleanup_strv_free_ char **names = NULL; ++ int r; ++ ++ assert(rtnl); ++ assert(ifindex > 0); ++ assert(ret); ++ ++ if (!*rtnl) { ++ r = sd_netlink_open(rtnl); ++ if (r < 0) ++ return r; ++ } ++ ++ r = sd_rtnl_message_new_link(*rtnl, &message, RTM_GETLINK, ifindex); ++ if (r < 0) ++ return r; ++ ++ r = sd_netlink_call(*rtnl, message, 0, &reply); ++ if (r < 0) ++ return r; ++ ++ r = sd_netlink_message_read_strv(reply, IFLA_PROP_LIST, IFLA_ALT_IFNAME, &names); ++ if (r < 0 && r != -ENODATA) ++ return r; ++ ++ *ret = TAKE_PTR(names); ++ ++ return 0; ++} ++ ++static int rtnl_update_link_alternative_names(sd_netlink **rtnl, uint16_t nlmsg_type, int ifindex, char * const *alternative_names) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL; + int r; + + assert(rtnl); + assert(ifindex > 0); ++ assert(IN_SET(nlmsg_type, RTM_NEWLINKPROP, RTM_DELLINKPROP)); + + if (strv_isempty(alternative_names)) + return 0; +@@ -97,7 +130,7 @@ int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const + return r; + } + +- r = sd_rtnl_message_new_link(*rtnl, &message, RTM_NEWLINKPROP, ifindex); ++ r = sd_rtnl_message_new_link(*rtnl, &message, nlmsg_type, ifindex); + if (r < 0) + return r; + +@@ -120,6 +153,14 @@ int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const + return 0; + } + ++int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const *alternative_names) { ++ return rtnl_update_link_alternative_names(rtnl, RTM_NEWLINKPROP, ifindex, alternative_names); ++} ++ ++int rtnl_delete_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const *alternative_names) { ++ return rtnl_update_link_alternative_names(rtnl, RTM_DELLINKPROP, ifindex, alternative_names); ++} ++ + int rtnl_resolve_link_alternative_name(sd_netlink **rtnl, const char *name, int *ret) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL, *reply = NULL; + int r; +diff --git a/src/libsystemd/sd-netlink/netlink-util.h b/src/libsystemd/sd-netlink/netlink-util.h +index ea98439fad..4fc31aa274 100644 +--- a/src/libsystemd/sd-netlink/netlink-util.h ++++ b/src/libsystemd/sd-netlink/netlink-util.h +@@ -38,7 +38,9 @@ static inline bool rtnl_message_type_is_routing_policy_rule(uint16_t type) { + + int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name); + int rtnl_set_link_properties(sd_netlink **rtnl, int ifindex, const char *alias, const struct ether_addr *mac, uint32_t mtu); ++int rtnl_get_link_alternative_names(sd_netlink **rtnl, int ifindex, char ***ret); + int rtnl_set_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const *alternative_names); ++int rtnl_delete_link_alternative_names(sd_netlink **rtnl, int ifindex, char * const *alternative_names); + int rtnl_resolve_link_alternative_name(sd_netlink **rtnl, const char *name, int *ret); + + int rtnl_log_parse_error(int r); diff --git a/SOURCES/0722-netlink-do-not-fail-when-new-interface-name-is-alrea.patch b/SOURCES/0722-netlink-do-not-fail-when-new-interface-name-is-alrea.patch new file mode 100644 index 0000000..2774ac2 --- /dev/null +++ b/SOURCES/0722-netlink-do-not-fail-when-new-interface-name-is-alrea.patch @@ -0,0 +1,81 @@ +From 73ff88cdb6bd1991d75323c6c364bcc9bce7efda Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Fri, 17 Jul 2020 21:31:24 +0900 +Subject: [PATCH] netlink: do not fail when new interface name is already used + as an alternative name + +When renaming a network interface, the new name may be used as an +alternative name. In that case, let's swap the current name and the +alternative name. That is, first drop the new name from the list of +alternative names, then rename the interface, finally set the old name +as an alternative name. + +(cherry picked from commit 434a34838034347f45fb9a47df55b1a36e5addfd) + +Related: #2005008 +--- + src/libsystemd/sd-netlink/netlink-util.c | 30 +++++++++++++++++++++--- + 1 file changed, 27 insertions(+), 3 deletions(-) + +diff --git a/src/libsystemd/sd-netlink/netlink-util.c b/src/libsystemd/sd-netlink/netlink-util.c +index 7f09261981..4e42ef9e26 100644 +--- a/src/libsystemd/sd-netlink/netlink-util.c ++++ b/src/libsystemd/sd-netlink/netlink-util.c +@@ -1,23 +1,40 @@ + /* SPDX-License-Identifier: LGPL-2.1+ */ + ++#include ++ + #include "sd-netlink.h" + + #include "netlink-internal.h" + #include "netlink-util.h" ++#include "socket-util.h" ++#include "string-util.h" + #include "strv.h" + + int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) { + _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *message = NULL; ++ _cleanup_strv_free_ char **alternative_names = NULL; ++ char old_name[IF_NAMESIZE + 1] = {}; + int r; + + assert(rtnl); + assert(ifindex > 0); + assert(name); + +- if (!*rtnl) { +- r = sd_netlink_open(rtnl); ++ if (!ifname_valid(name)) ++ return -EINVAL; ++ ++ r = rtnl_get_link_alternative_names(rtnl, ifindex, &alternative_names); ++ if (r < 0) ++ log_debug_errno(r, "Failed to get alternative names on network interface %i, ignoring: %m", ++ ifindex); ++ ++ if (strv_contains(alternative_names, name)) { ++ r = rtnl_delete_link_alternative_names(rtnl, ifindex, STRV_MAKE(name)); + if (r < 0) +- return r; ++ return log_debug_errno(r, "Failed to remove '%s' from alternative names on network interface %i: %m", ++ name, ifindex); ++ ++ if_indextoname(ifindex, old_name); + } + + r = sd_rtnl_message_new_link(*rtnl, &message, RTM_SETLINK, ifindex); +@@ -32,6 +49,13 @@ int rtnl_set_link_name(sd_netlink **rtnl, int ifindex, const char *name) { + if (r < 0) + return r; + ++ if (!isempty(old_name)) { ++ r = rtnl_set_link_alternative_names(rtnl, ifindex, STRV_MAKE(old_name)); ++ if (r < 0) ++ log_debug_errno(r, "Failed to set '%s' as an alternative name on network interface %i, ignoring: %m", ++ old_name, ifindex); ++ } ++ + return 0; + } + diff --git a/SOURCES/0723-udev-do-not-try-to-reassign-alternative-names.patch b/SOURCES/0723-udev-do-not-try-to-reassign-alternative-names.patch new file mode 100644 index 0000000..f707a3d --- /dev/null +++ b/SOURCES/0723-udev-do-not-try-to-reassign-alternative-names.patch @@ -0,0 +1,46 @@ +From aec8473f69877c353b9e788b2a7329e290ae14f9 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Fri, 17 Jul 2020 21:36:05 +0900 +Subject: [PATCH] udev: do not try to reassign alternative names + +Setting alternative names may fail if some of them are already assigned. + +(cherry picked from commit 97fdae33dfe8e7e0a4e5230564f6cdebc4450eec) + +Related: #2005008 +--- + src/udev/net/link-config.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c +index 8bd374d352..5220f247f0 100644 +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -350,7 +350,7 @@ static int get_mac(struct udev_device *device, bool want_random, + + int link_config_apply(link_config_ctx *ctx, link_config *config, + struct udev_device *device, const char **name) { +- _cleanup_strv_free_ char **altnames = NULL; ++ _cleanup_strv_free_ char **altnames = NULL, **current_altnames = NULL; + bool respect_predictable = false; + struct ether_addr generated_mac; + struct ether_addr *mac = NULL; +@@ -514,9 +514,17 @@ int link_config_apply(link_config_ctx *ctx, link_config *config, + if (new_name) + strv_remove(altnames, new_name); + strv_remove(altnames, old_name); ++ ++ r = rtnl_get_link_alternative_names(&ctx->rtnl, ifindex, ¤t_altnames); ++ if (r < 0) ++ log_debug_errno(r, "Failed to get alternative names on %s, ignoring: %m", old_name); ++ ++ char **p; ++ STRV_FOREACH(p, current_altnames) ++ strv_remove(altnames, *p); ++ + strv_uniq(altnames); + strv_sort(altnames); +- + r = rtnl_set_link_alternative_names(&ctx->rtnl, ifindex, altnames); + if (r == -EOPNOTSUPP) + log_debug_errno(r, "Could not set AlternativeName= or apply AlternativeNamesPolicy= on %s, ignoring: %m", old_name); diff --git a/SOURCES/0724-Do-not-fail-if-the-same-alt.-name-is-set-again.patch b/SOURCES/0724-Do-not-fail-if-the-same-alt.-name-is-set-again.patch new file mode 100644 index 0000000..46d537c --- /dev/null +++ b/SOURCES/0724-Do-not-fail-if-the-same-alt.-name-is-set-again.patch @@ -0,0 +1,27 @@ +From 270e3f46d1fe474eb3b4cd6789520b36a740ef32 Mon Sep 17 00:00:00 2001 +From: David Tardon +Date: Wed, 8 Dec 2021 09:49:24 +0100 +Subject: [PATCH] Do not fail if the same alt. name is set again + +This is a workaround for a kernel bug. + +RHEL-only + +Related: #2005008 +--- + src/udev/net/link-config.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udev/net/link-config.c b/src/udev/net/link-config.c +index 5220f247f0..9046c5bd2a 100644 +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -526,7 +526,7 @@ int link_config_apply(link_config_ctx *ctx, link_config *config, + strv_uniq(altnames); + strv_sort(altnames); + r = rtnl_set_link_alternative_names(&ctx->rtnl, ifindex, altnames); +- if (r == -EOPNOTSUPP) ++ if (IN_SET(r, -EOPNOTSUPP, -EEXIST)) + log_debug_errno(r, "Could not set AlternativeName= or apply AlternativeNamesPolicy= on %s, ignoring: %m", old_name); + else if (r < 0) + return log_warning_errno(r, "Could not set AlternativeName= or apply AlternativeNamesPolicy= on %s: %m", old_name); diff --git a/SOURCES/0725-mount-do-not-update-exec-deps-on-mountinfo-changes.patch b/SOURCES/0725-mount-do-not-update-exec-deps-on-mountinfo-changes.patch new file mode 100644 index 0000000..6a68caf --- /dev/null +++ b/SOURCES/0725-mount-do-not-update-exec-deps-on-mountinfo-changes.patch @@ -0,0 +1,87 @@ +From 21e4d155ac04bf3b999834cd42e4773ae01bf3b3 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 15 Nov 2019 14:00:54 +0100 +Subject: [PATCH] mount: do not update exec deps on mountinfo changes + +Fixes: #13978 +(cherry picked from commit bf7eedbf8f8c83d9e775c80275f98f506ec963c6) + +Related: #2008825 +--- + src/core/mount.c | 42 ++++++++++++++++++++++++++++-------------- + 1 file changed, 28 insertions(+), 14 deletions(-) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 4e0a4f238a..73c0531158 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -535,6 +535,32 @@ static int mount_verify(Mount *m) { + return 0; + } + ++static int mount_add_non_exec_dependencies(Mount *m) { ++ int r; ++ assert(m); ++ ++ /* Adds in all dependencies directly responsible for ordering the mount, as opposed to dependencies ++ * resulting from the ExecContext and such. */ ++ ++ r = mount_add_device_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ r = mount_add_mount_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ r = mount_add_quota_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ r = mount_add_default_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ return 0; ++} ++ + static int mount_add_extras(Mount *m) { + Unit *u = UNIT(m); + int r; +@@ -558,18 +584,6 @@ static int mount_add_extras(Mount *m) { + return r; + } + +- r = mount_add_device_dependencies(m); +- if (r < 0) +- return r; +- +- r = mount_add_mount_dependencies(m); +- if (r < 0) +- return r; +- +- r = mount_add_quota_dependencies(m); +- if (r < 0) +- return r; +- + r = unit_patch_contexts(u); + if (r < 0) + return r; +@@ -582,7 +596,7 @@ static int mount_add_extras(Mount *m) { + if (r < 0) + return r; + +- r = mount_add_default_dependencies(m); ++ r = mount_add_non_exec_dependencies(m); + if (r < 0) + return r; + +@@ -1526,7 +1540,7 @@ static int mount_setup_existing_unit( + } + + if (load_extras) +- return mount_add_extras(MOUNT(u)); ++ return mount_add_non_exec_dependencies(MOUNT(u)); + + return 0; + } diff --git a/SOURCES/0726-core-mount-add-implicit-unit-dependencies-even-if-wh.patch b/SOURCES/0726-core-mount-add-implicit-unit-dependencies-even-if-wh.patch new file mode 100644 index 0000000..538c899 --- /dev/null +++ b/SOURCES/0726-core-mount-add-implicit-unit-dependencies-even-if-wh.patch @@ -0,0 +1,46 @@ +From 1fb992c50f7fc6a5c399e302ba79097d36a0cedf Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 29 Aug 2021 21:20:43 +0900 +Subject: [PATCH] core/mount: add implicit unit dependencies even if when mount + unit is generated from /proc/self/mountinfo + +Hopefully fixes #20566. + +(cherry picked from commit aebff2e7ce209fc2d75b894a3ae8b80f6f36ec11) + +Resolves: #2008825 +--- + src/core/mount.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 73c0531158..9547cb9b29 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1437,6 +1437,7 @@ static int mount_setup_new_unit( + MountSetupFlags *flags) { + + MountParameters *p; ++ int r; + + assert(u); + assert(flags); +@@ -1458,7 +1459,6 @@ static int mount_setup_new_unit( + + if (!mount_is_extrinsic(MOUNT(u))) { + const char *target; +- int r; + + target = mount_is_network(p) ? SPECIAL_REMOTE_FS_TARGET : SPECIAL_LOCAL_FS_TARGET; + r = unit_add_dependency_by_name(u, UNIT_BEFORE, target, NULL, true, UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT); +@@ -1470,6 +1470,10 @@ static int mount_setup_new_unit( + return r; + } + ++ r = mount_add_non_exec_dependencies(MOUNT(u)); ++ if (r < 0) ++ return r; ++ + unit_add_to_load_queue(u); + flags->is_mounted = true; + flags->just_mounted = true; diff --git a/SOURCES/0727-core-fix-unfortunate-typo-in-unit_is_unneeded.patch b/SOURCES/0727-core-fix-unfortunate-typo-in-unit_is_unneeded.patch new file mode 100644 index 0000000..bea7482 --- /dev/null +++ b/SOURCES/0727-core-fix-unfortunate-typo-in-unit_is_unneeded.patch @@ -0,0 +1,27 @@ +From 7b9b641a7721f013fb12ab4e2a03423b5ede08c6 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 9 Oct 2018 22:23:14 +0200 +Subject: [PATCH] core: fix unfortunate typo in unit_is_unneeded() + +Follow-up for a3c1168ac293f16d9343d248795bb4c246aaff4a. + +(cherry picked from commit 93d4cb09d56e670b0c203dd6ec6939e391a0df59) + +Resolves: #2040147 +--- + src/core/unit.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/core/unit.c b/src/core/unit.c +index 4de218feac..e2c61ce866 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -1956,7 +1956,7 @@ bool unit_is_unneeded(Unit *u) { + * restart, then don't clean this one up. */ + + HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]], i) { +- if (u->job) ++ if (other->job) + return false; + + if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) diff --git a/SOURCES/0728-core-make-destructive-transaction-error-a-bit-more-u.patch b/SOURCES/0728-core-make-destructive-transaction-error-a-bit-more-u.patch new file mode 100644 index 0000000..6694a5d --- /dev/null +++ b/SOURCES/0728-core-make-destructive-transaction-error-a-bit-more-u.patch @@ -0,0 +1,27 @@ +From 8cb38e1557b81740f49dff43a297aef7bd676424 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 9 Oct 2018 22:22:52 +0200 +Subject: [PATCH] core: make destructive transaction error a bit more useful + +(cherry picked from commit cf99f8eacf1c864b19a6a02edea78c43f3185cb7) + +Related: #2040147 +--- + src/core/transaction.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/core/transaction.c b/src/core/transaction.c +index cdaaff4f55..ee5b39fef4 100644 +--- a/src/core/transaction.c ++++ b/src/core/transaction.c +@@ -526,7 +526,9 @@ static int transaction_is_destructive(Transaction *tr, JobMode mode, sd_bus_erro + if (j->unit->job && (mode == JOB_FAIL || j->unit->job->irreversible) && + job_type_is_conflicting(j->unit->job->type, j->type)) + return sd_bus_error_setf(e, BUS_ERROR_TRANSACTION_IS_DESTRUCTIVE, +- "Transaction is destructive."); ++ "Transaction for %s/%s is destructive (%s has '%s' job queued, but '%s' is included in transaction).", ++ tr->anchor_job->unit->id, job_type_to_string(tr->anchor_job->type), ++ j->unit->id, job_type_to_string(j->unit->job->type), job_type_to_string(j->type)); + } + + return 0; diff --git a/SOURCES/0729-tmpfiles-use-a-entry-in-hashmap-as-ItemArray-in-read.patch b/SOURCES/0729-tmpfiles-use-a-entry-in-hashmap-as-ItemArray-in-read.patch new file mode 100644 index 0000000..0e22dbb --- /dev/null +++ b/SOURCES/0729-tmpfiles-use-a-entry-in-hashmap-as-ItemArray-in-read.patch @@ -0,0 +1,89 @@ +From 81b967279f6e23474b1e7a0ea9b4ecf9405f87bb Mon Sep 17 00:00:00 2001 +From: Masahiro Matsuya +Date: Wed, 31 Mar 2021 11:44:24 +0900 +Subject: [PATCH] tmpfiles: use a entry in hashmap as ItemArray in + read_config_file() + +[zjs: squash commits and use size_t as appropriate. + +Bug seems to have been introduced in 811a15877825da9e53f9a2a8603da34589af6bbb. +Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1944468.] + +(cherry picked from commit bec890e3cd6dac249cb12ce9430fdb78b6cf546b) + +Resolves: #1944468 +--- + src/tmpfiles/tmpfiles.c | 47 +++++++++++++++++++++++------------------ + 1 file changed, 26 insertions(+), 21 deletions(-) + +diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c +index 927de35f32..1aeeed0d2e 100644 +--- a/src/tmpfiles/tmpfiles.c ++++ b/src/tmpfiles/tmpfiles.c +@@ -2646,7 +2646,7 @@ static int read_config_file(char **config_dirs, const char *fn, bool ignore_enoe + char line[LINE_MAX]; + Iterator iterator; + unsigned v = 0; +- Item *i; ++ ItemArray *ia; + int r = 0; + + assert(fn); +@@ -2692,32 +2692,37 @@ static int read_config_file(char **config_dirs, const char *fn, bool ignore_enoe + } + + /* we have to determine age parameter for each entry of type X */ +- ORDERED_HASHMAP_FOREACH(i, globs, iterator) { +- Iterator iter; +- Item *j, *candidate_item = NULL; ++ ORDERED_HASHMAP_FOREACH(ia, globs, iterator) ++ for (size_t ni = 0; ni < ia->count; ni++) { ++ Iterator iter; ++ ItemArray *ja; ++ Item *i = ia->items + ni, *candidate_item = NULL; + +- if (i->type != IGNORE_DIRECTORY_PATH) +- continue; +- +- ORDERED_HASHMAP_FOREACH(j, items, iter) { +- if (!IN_SET(j->type, CREATE_DIRECTORY, TRUNCATE_DIRECTORY, CREATE_SUBVOLUME, CREATE_SUBVOLUME_INHERIT_QUOTA, CREATE_SUBVOLUME_NEW_QUOTA)) ++ if (i->type != IGNORE_DIRECTORY_PATH) + continue; + +- if (path_equal(j->path, i->path)) { +- candidate_item = j; +- break; +- } ++ ORDERED_HASHMAP_FOREACH(ja, items, iter) ++ for (size_t nj = 0; nj < ja->count; nj++) { ++ Item *j = ja->items + nj; + +- if ((!candidate_item && path_startswith(i->path, j->path)) || +- (candidate_item && path_startswith(j->path, candidate_item->path) && (fnmatch(i->path, j->path, FNM_PATHNAME | FNM_PERIOD) == 0))) +- candidate_item = j; +- } ++ if (!IN_SET(j->type, CREATE_DIRECTORY, TRUNCATE_DIRECTORY, CREATE_SUBVOLUME, CREATE_SUBVOLUME_INHERIT_QUOTA, CREATE_SUBVOLUME_NEW_QUOTA)) ++ continue; + +- if (candidate_item && candidate_item->age_set) { +- i->age = candidate_item->age; +- i->age_set = true; ++ if (path_equal(j->path, i->path)) { ++ candidate_item = j; ++ break; ++ } ++ ++ if ((!candidate_item && path_startswith(i->path, j->path)) || ++ (candidate_item && path_startswith(j->path, candidate_item->path) && (fnmatch(i->path, j->path, FNM_PATHNAME | FNM_PERIOD) == 0))) ++ candidate_item = j; ++ } ++ ++ if (candidate_item && candidate_item->age_set) { ++ i->age = candidate_item->age; ++ i->age_set = true; ++ } + } +- } + + if (ferror(f)) { + log_error_errno(errno, "Failed to read from file %s: %m", fn); diff --git a/SOURCES/0730-tmpfiles-rework-condition-check.patch b/SOURCES/0730-tmpfiles-rework-condition-check.patch new file mode 100644 index 0000000..03611e4 --- /dev/null +++ b/SOURCES/0730-tmpfiles-rework-condition-check.patch @@ -0,0 +1,45 @@ +From 520ff5394187a0d6cb0cb40251f6e8e997ccdd0e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 7 Apr 2021 17:54:49 +0200 +Subject: [PATCH] tmpfiles: rework condition check + +(!a && b) || (a && c) is replaced by (a ? c : b). + +path_startswith() != NULL is need to avoid type warning. + +(cherry picked from commit 875e7b25d84a111755dab79241c9e64e44836910) + +Related: #1944468 +--- + src/tmpfiles/tmpfiles.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c +index 1aeeed0d2e..50fada99dd 100644 +--- a/src/tmpfiles/tmpfiles.c ++++ b/src/tmpfiles/tmpfiles.c +@@ -2705,7 +2705,11 @@ static int read_config_file(char **config_dirs, const char *fn, bool ignore_enoe + for (size_t nj = 0; nj < ja->count; nj++) { + Item *j = ja->items + nj; + +- if (!IN_SET(j->type, CREATE_DIRECTORY, TRUNCATE_DIRECTORY, CREATE_SUBVOLUME, CREATE_SUBVOLUME_INHERIT_QUOTA, CREATE_SUBVOLUME_NEW_QUOTA)) ++ if (!IN_SET(j->type, CREATE_DIRECTORY, ++ TRUNCATE_DIRECTORY, ++ CREATE_SUBVOLUME, ++ CREATE_SUBVOLUME_INHERIT_QUOTA, ++ CREATE_SUBVOLUME_NEW_QUOTA)) + continue; + + if (path_equal(j->path, i->path)) { +@@ -2713,8 +2717,9 @@ static int read_config_file(char **config_dirs, const char *fn, bool ignore_enoe + break; + } + +- if ((!candidate_item && path_startswith(i->path, j->path)) || +- (candidate_item && path_startswith(j->path, candidate_item->path) && (fnmatch(i->path, j->path, FNM_PATHNAME | FNM_PERIOD) == 0))) ++ if (candidate_item ++ ? (path_startswith(j->path, candidate_item->path) && fnmatch(i->path, j->path, FNM_PATHNAME | FNM_PERIOD) == 0) ++ : path_startswith(i->path, j->path) != NULL) + candidate_item = j; + } + diff --git a/SOURCES/0731-TEST-22-TMPFILES-add-reproducer-for-bug-with-X.patch b/SOURCES/0731-TEST-22-TMPFILES-add-reproducer-for-bug-with-X.patch new file mode 100644 index 0000000..8234fed --- /dev/null +++ b/SOURCES/0731-TEST-22-TMPFILES-add-reproducer-for-bug-with-X.patch @@ -0,0 +1,160 @@ +From 4871d0807e4add56258633d3c3452b0ee5cc8f99 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 7 Apr 2021 22:35:19 +0200 +Subject: [PATCH] TEST-22-TMPFILES: add reproducer for bug with X + +(cherry picked from commit 1672be86021b5ae8e80d095409a4fffcba7cbb75) + +Related: #1944468 +--- + test/TEST-22-TMPFILES/test-11.sh | 141 +++++++++++++++++++++++++++++++ + 1 file changed, 141 insertions(+) + create mode 100755 test/TEST-22-TMPFILES/test-11.sh + +diff --git a/test/TEST-22-TMPFILES/test-11.sh b/test/TEST-22-TMPFILES/test-11.sh +new file mode 100755 +index 0000000000..21ef210cd1 +--- /dev/null ++++ b/test/TEST-22-TMPFILES/test-11.sh +@@ -0,0 +1,141 @@ ++#! /bin/bash ++ ++set -e ++set -x ++ ++rm -fr /tmp/x ++mkdir /tmp/x ++ ++# ++# 'x' ++# ++mkdir -p /tmp/x/{1,2} ++touch /tmp/x/1/{x1,x2} /tmp/x/2/{y1,y2} /tmp/x/{z1,z2} ++ ++systemd-tmpfiles --clean - < +Date: Wed, 22 Apr 2020 21:52:22 +0200 +Subject: [PATCH] core: make sure we don't get confused when setting TERM for a + tty fd + +Fixes: #15344 +(cherry picked from commit e8cf09b2a2ad0d48e5493050d54251d5f512d9b6) + +Resolves: #2045307 +--- + src/core/execute.c | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/src/core/execute.c b/src/core/execute.c +index d528d08830..a104294966 100644 +--- a/src/core/execute.c ++++ b/src/core/execute.c +@@ -1709,12 +1709,13 @@ static int build_environment( + + tty_path = exec_context_tty_path(c); + +- /* If we are forked off PID 1 and we are supposed to operate on /dev/console, then let's try to inherit +- * the $TERM set for PID 1. This is useful for containers so that the $TERM the container manager +- * passes to PID 1 ends up all the way in the console login shown. */ ++ /* If we are forked off PID 1 and we are supposed to operate on /dev/console, then let's try ++ * to inherit the $TERM set for PID 1. This is useful for containers so that the $TERM the ++ * container manager passes to PID 1 ends up all the way in the console login shown. */ + +- if (path_equal(tty_path, "/dev/console") && getppid() == 1) ++ if (path_equal_ptr(tty_path, "/dev/console") && getppid() == 1) + term = getenv("TERM"); ++ + if (!term) + term = default_term_for_tty(tty_path); + diff --git a/SOURCES/0733-hash-funcs-introduce-macro-to-create-typesafe-hash_o.patch b/SOURCES/0733-hash-funcs-introduce-macro-to-create-typesafe-hash_o.patch new file mode 100644 index 0000000..15bee3e --- /dev/null +++ b/SOURCES/0733-hash-funcs-introduce-macro-to-create-typesafe-hash_o.patch @@ -0,0 +1,37 @@ +From cfa7b3d0a1900b725e5489dfec2c39abb8569c29 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 28 Nov 2018 14:10:04 +0900 +Subject: [PATCH] hash-funcs: introduce macro to create typesafe hash_ops + +(cherry picked from commit d1005d1c0050d3dc3a24c054bac4c4916073cbba) + +Resolves: #2037807 +--- + src/basic/hash-funcs.h | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + +diff --git a/src/basic/hash-funcs.h b/src/basic/hash-funcs.h +index 5e5989f021..2ff687e5f9 100644 +--- a/src/basic/hash-funcs.h ++++ b/src/basic/hash-funcs.h +@@ -13,6 +13,20 @@ struct hash_ops { + compare_func_t compare; + }; + ++#define _DEFINE_HASH_OPS(uq, name, type, hash_func, compare_func, scope) \ ++ _unused_ static void (* UNIQ_T(static_hash_wrapper, uq))(const type *, struct siphash *) = hash_func; \ ++ _unused_ static int (* UNIQ_T(static_compare_wrapper, uq))(const type *, const type *) = compare_func; \ ++ scope const struct hash_ops name = { \ ++ .hash = (hash_func_t) hash_func, \ ++ .compare = (compare_func_t) compare_func, \ ++ } ++ ++#define DEFINE_HASH_OPS(name, type, hash_func, compare_func) \ ++ _DEFINE_HASH_OPS(UNIQ, name, type, hash_func, compare_func,) ++ ++#define DEFINE_PRIVATE_HASH_OPS(name, type, hash_func, compare_func) \ ++ _DEFINE_HASH_OPS(UNIQ, name, type, hash_func, compare_func, static) ++ + void string_hash_func(const void *p, struct siphash *state); + int string_compare_func(const void *a, const void *b) _pure_; + extern const struct hash_ops string_hash_ops; diff --git a/SOURCES/0734-hash-func-add-destructors-for-key-and-value.patch b/SOURCES/0734-hash-func-add-destructors-for-key-and-value.patch new file mode 100644 index 0000000..c2d90a4 --- /dev/null +++ b/SOURCES/0734-hash-func-add-destructors-for-key-and-value.patch @@ -0,0 +1,369 @@ +From 3bee193141bdf3106732a2c925ffaf5ce48f0ecb Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 27 Nov 2018 22:25:40 +0900 +Subject: [PATCH] hash-func: add destructors for key and value + +If they are set, then they are called in hashmap_clear() or +hashmap_free(). + +(cherry picked from commit 59a5cda7b904cd7ef9853bda15b498bbc0577524) + +Resolves: #2037807 +--- + src/basic/hash-funcs.h | 54 ++++++++++++++++++++++++++--- + src/basic/hashmap.c | 76 +++++++++++------------------------------ + src/basic/hashmap.h | 50 ++++++++++++++++++--------- + src/basic/ordered-set.h | 6 ++-- + src/basic/set.h | 10 +++--- + 5 files changed, 109 insertions(+), 87 deletions(-) + +diff --git a/src/basic/hash-funcs.h b/src/basic/hash-funcs.h +index 2ff687e5f9..2d3125d0f9 100644 +--- a/src/basic/hash-funcs.h ++++ b/src/basic/hash-funcs.h +@@ -1,7 +1,7 @@ + /* SPDX-License-Identifier: LGPL-2.1+ */ + #pragma once + +- ++#include "alloc-util.h" + #include "macro.h" + #include "siphash24.h" + +@@ -11,21 +11,67 @@ typedef int (*compare_func_t)(const void *a, const void *b); + struct hash_ops { + hash_func_t hash; + compare_func_t compare; ++ free_func_t free_key; ++ free_func_t free_value; + }; + +-#define _DEFINE_HASH_OPS(uq, name, type, hash_func, compare_func, scope) \ ++#define _DEFINE_HASH_OPS(uq, name, type, hash_func, compare_func, free_key_func, free_value_func, scope) \ + _unused_ static void (* UNIQ_T(static_hash_wrapper, uq))(const type *, struct siphash *) = hash_func; \ + _unused_ static int (* UNIQ_T(static_compare_wrapper, uq))(const type *, const type *) = compare_func; \ + scope const struct hash_ops name = { \ + .hash = (hash_func_t) hash_func, \ + .compare = (compare_func_t) compare_func, \ ++ .free_key = free_key_func, \ ++ .free_value = free_value_func, \ ++ } ++ ++#define _DEFINE_FREE_FUNC(uq, type, wrapper_name, func) \ ++ /* Type-safe free function */ \ ++ static void UNIQ_T(wrapper_name, uq)(void *a) { \ ++ type *_a = a; \ ++ func(_a); \ + } + ++#define _DEFINE_HASH_OPS_WITH_KEY_DESTRUCTOR(uq, name, type, hash_func, compare_func, free_func, scope) \ ++ _DEFINE_FREE_FUNC(uq, type, static_free_wrapper, free_func); \ ++ _DEFINE_HASH_OPS(uq, name, type, hash_func, compare_func, \ ++ UNIQ_T(static_free_wrapper, uq), NULL, scope) ++ ++#define _DEFINE_HASH_OPS_WITH_VALUE_DESTRUCTOR(uq, name, type, hash_func, compare_func, type_value, free_func, scope) \ ++ _DEFINE_FREE_FUNC(uq, type_value, static_free_wrapper, free_func); \ ++ _DEFINE_HASH_OPS(uq, name, type, hash_func, compare_func, \ ++ NULL, UNIQ_T(static_free_wrapper, uq), scope) ++ ++#define _DEFINE_HASH_OPS_FULL(uq, name, type, hash_func, compare_func, free_key_func, type_value, free_value_func, scope) \ ++ _DEFINE_FREE_FUNC(uq, type, static_free_key_wrapper, free_key_func); \ ++ _DEFINE_FREE_FUNC(uq, type_value, static_free_value_wrapper, free_value_func); \ ++ _DEFINE_HASH_OPS(uq, name, type, hash_func, compare_func, \ ++ UNIQ_T(static_free_key_wrapper, uq), \ ++ UNIQ_T(static_free_value_wrapper, uq), scope) ++ + #define DEFINE_HASH_OPS(name, type, hash_func, compare_func) \ +- _DEFINE_HASH_OPS(UNIQ, name, type, hash_func, compare_func,) ++ _DEFINE_HASH_OPS(UNIQ, name, type, hash_func, compare_func, NULL, NULL,) + + #define DEFINE_PRIVATE_HASH_OPS(name, type, hash_func, compare_func) \ +- _DEFINE_HASH_OPS(UNIQ, name, type, hash_func, compare_func, static) ++ _DEFINE_HASH_OPS(UNIQ, name, type, hash_func, compare_func, NULL, NULL, static) ++ ++#define DEFINE_HASH_OPS_WITH_KEY_DESTRUCTOR(name, type, hash_func, compare_func, free_func) \ ++ _DEFINE_HASH_OPS_WITH_KEY_DESTRUCTOR(UNIQ, name, type, hash_func, compare_func, free_func,) ++ ++#define DEFINE_PRIVATE_HASH_OPS_WITH_KEY_DESTRUCTOR(name, type, hash_func, compare_func, free_func) \ ++ _DEFINE_HASH_OPS_WITH_KEY_DESTRUCTOR(UNIQ, name, type, hash_func, compare_func, free_func, static) ++ ++#define DEFINE_HASH_OPS_WITH_VALUE_DESTRUCTOR(name, type, hash_func, compare_func, value_type, free_func) \ ++ _DEFINE_HASH_OPS_WITH_VALUE_DESTRUCTOR(UNIQ, name, type, hash_func, compare_func, value_type, free_func,) ++ ++#define DEFINE_PRIVATE_HASH_OPS_WITH_VALUE_DESTRUCTOR(name, type, hash_func, compare_func, value_type, free_func) \ ++ _DEFINE_HASH_OPS_WITH_VALUE_DESTRUCTOR(UNIQ, name, type, hash_func, compare_func, value_type, free_func, static) ++ ++#define DEFINE_HASH_OPS_FULL(name, type, hash_func, compare_func, free_key_func, value_type, free_value_func) \ ++ _DEFINE_HASH_OPS_FULL(UNIQ, name, type, hash_func, compare_func, free_key_func, value_type, free_value_func,) ++ ++#define DEFINE_PRIVATE_HASH_OPS_FULL(name, type, hash_func, compare_func, free_key_func, value_type, free_value_func) \ ++ _DEFINE_HASH_OPS_FULL(UNIQ, name, type, hash_func, compare_func, free_key_func, value_type, free_value_func, static) + + void string_hash_func(const void *p, struct siphash *state); + int string_compare_func(const void *a, const void *b) _pure_; +diff --git a/src/basic/hashmap.c b/src/basic/hashmap.c +index 69a7d70b04..7c508086f0 100644 +--- a/src/basic/hashmap.c ++++ b/src/basic/hashmap.c +@@ -863,47 +863,38 @@ static void hashmap_free_no_clear(HashmapBase *h) { + free(h); + } + +-HashmapBase *internal_hashmap_free(HashmapBase *h) { +- +- /* Free the hashmap, but nothing in it */ +- ++HashmapBase *internal_hashmap_free(HashmapBase *h, free_func_t default_free_key, free_func_t default_free_value) { + if (h) { +- internal_hashmap_clear(h); ++ internal_hashmap_clear(h, default_free_key, default_free_value); + hashmap_free_no_clear(h); + } + + return NULL; + } + +-HashmapBase *internal_hashmap_free_free(HashmapBase *h) { ++void internal_hashmap_clear(HashmapBase *h, free_func_t default_free_key, free_func_t default_free_value) { ++ free_func_t free_key, free_value; ++ if (!h) ++ return; + +- /* Free the hashmap and all data objects in it, but not the +- * keys */ ++ free_key = h->hash_ops->free_key ?: default_free_key; ++ free_value = h->hash_ops->free_value ?: default_free_value; + +- if (h) { +- internal_hashmap_clear_free(h); +- hashmap_free_no_clear(h); +- } +- +- return NULL; +-} ++ if (free_key || free_value) { ++ unsigned idx; + +-Hashmap *hashmap_free_free_free(Hashmap *h) { ++ for (idx = skip_free_buckets(h, 0); idx != IDX_NIL; ++ idx = skip_free_buckets(h, idx + 1)) { ++ struct hashmap_base_entry *e = bucket_at(h, idx); + +- /* Free the hashmap and all data and key objects in it */ ++ if (free_key) ++ free_key((void *) e->key); + +- if (h) { +- hashmap_clear_free_free(h); +- hashmap_free_no_clear(HASHMAP_BASE(h)); ++ if (free_value) ++ free_value(entry_value(h, e)); ++ } + } + +- return NULL; +-} +- +-void internal_hashmap_clear(HashmapBase *h) { +- if (!h) +- return; +- + if (h->has_indirect) { + free(h->indirect.storage); + h->has_indirect = false; +@@ -920,35 +911,6 @@ void internal_hashmap_clear(HashmapBase *h) { + base_set_dirty(h); + } + +-void internal_hashmap_clear_free(HashmapBase *h) { +- unsigned idx; +- +- if (!h) +- return; +- +- for (idx = skip_free_buckets(h, 0); idx != IDX_NIL; +- idx = skip_free_buckets(h, idx + 1)) +- free(entry_value(h, bucket_at(h, idx))); +- +- internal_hashmap_clear(h); +-} +- +-void hashmap_clear_free_free(Hashmap *h) { +- unsigned idx; +- +- if (!h) +- return; +- +- for (idx = skip_free_buckets(HASHMAP_BASE(h), 0); idx != IDX_NIL; +- idx = skip_free_buckets(HASHMAP_BASE(h), idx + 1)) { +- struct plain_hashmap_entry *e = plain_bucket_at(h, idx); +- free((void*)e->b.key); +- free(e->value); +- } +- +- internal_hashmap_clear(HASHMAP_BASE(h)); +-} +- + static int resize_buckets(HashmapBase *h, unsigned entries_add); + + /* +@@ -1771,7 +1733,7 @@ HashmapBase *internal_hashmap_copy(HashmapBase *h) { + } + + if (r < 0) { +- internal_hashmap_free(copy); ++ internal_hashmap_free(copy, false, false); + return NULL; + } + +diff --git a/src/basic/hashmap.h b/src/basic/hashmap.h +index 5c70c102d7..9e4772b497 100644 +--- a/src/basic/hashmap.h ++++ b/src/basic/hashmap.h +@@ -23,6 +23,8 @@ + + #define HASH_KEY_SIZE 16 + ++typedef void* (*hashmap_destroy_t)(void *p); ++ + /* The base type for all hashmap and set types. Many functions in the + * implementation take (HashmapBase*) parameters and are run-time polymorphic, + * though the API is not meant to be polymorphic (do not call functions +@@ -88,25 +90,33 @@ OrderedHashmap *internal_ordered_hashmap_new(const struct hash_ops *hash_ops HA + #define hashmap_new(ops) internal_hashmap_new(ops HASHMAP_DEBUG_SRC_ARGS) + #define ordered_hashmap_new(ops) internal_ordered_hashmap_new(ops HASHMAP_DEBUG_SRC_ARGS) + +-HashmapBase *internal_hashmap_free(HashmapBase *h); ++HashmapBase *internal_hashmap_free(HashmapBase *h, free_func_t default_free_key, free_func_t default_free_value); + static inline Hashmap *hashmap_free(Hashmap *h) { +- return (void*)internal_hashmap_free(HASHMAP_BASE(h)); ++ return (void*) internal_hashmap_free(HASHMAP_BASE(h), NULL, NULL); + } + static inline OrderedHashmap *ordered_hashmap_free(OrderedHashmap *h) { +- return (void*)internal_hashmap_free(HASHMAP_BASE(h)); ++ return (void*) internal_hashmap_free(HASHMAP_BASE(h), NULL, NULL); + } + +-HashmapBase *internal_hashmap_free_free(HashmapBase *h); + static inline Hashmap *hashmap_free_free(Hashmap *h) { +- return (void*)internal_hashmap_free_free(HASHMAP_BASE(h)); ++ return (void*) internal_hashmap_free(HASHMAP_BASE(h), NULL, free); + } + static inline OrderedHashmap *ordered_hashmap_free_free(OrderedHashmap *h) { +- return (void*)internal_hashmap_free_free(HASHMAP_BASE(h)); ++ return (void*) internal_hashmap_free(HASHMAP_BASE(h), NULL, free); + } + +-Hashmap *hashmap_free_free_free(Hashmap *h); ++static inline Hashmap *hashmap_free_free_key(Hashmap *h) { ++ return (void*) internal_hashmap_free(HASHMAP_BASE(h), free, NULL); ++} ++static inline OrderedHashmap *ordered_hashmap_free_free_key(OrderedHashmap *h) { ++ return (void*) internal_hashmap_free(HASHMAP_BASE(h), free, NULL); ++} ++ ++static inline Hashmap *hashmap_free_free_free(Hashmap *h) { ++ return (void*) internal_hashmap_free(HASHMAP_BASE(h), free, free); ++} + static inline OrderedHashmap *ordered_hashmap_free_free_free(OrderedHashmap *h) { +- return (void*)hashmap_free_free_free(PLAIN_HASHMAP(h)); ++ return (void*) internal_hashmap_free(HASHMAP_BASE(h), free, free); + } + + IteratedCache *iterated_cache_free(IteratedCache *cache); +@@ -259,25 +269,33 @@ static inline bool ordered_hashmap_iterate(OrderedHashmap *h, Iterator *i, void + return internal_hashmap_iterate(HASHMAP_BASE(h), i, value, key); + } + +-void internal_hashmap_clear(HashmapBase *h); ++void internal_hashmap_clear(HashmapBase *h, free_func_t default_free_key, free_func_t default_free_value); + static inline void hashmap_clear(Hashmap *h) { +- internal_hashmap_clear(HASHMAP_BASE(h)); ++ internal_hashmap_clear(HASHMAP_BASE(h), NULL, NULL); + } + static inline void ordered_hashmap_clear(OrderedHashmap *h) { +- internal_hashmap_clear(HASHMAP_BASE(h)); ++ internal_hashmap_clear(HASHMAP_BASE(h), NULL, NULL); + } + +-void internal_hashmap_clear_free(HashmapBase *h); + static inline void hashmap_clear_free(Hashmap *h) { +- internal_hashmap_clear_free(HASHMAP_BASE(h)); ++ internal_hashmap_clear(HASHMAP_BASE(h), NULL, free); + } + static inline void ordered_hashmap_clear_free(OrderedHashmap *h) { +- internal_hashmap_clear_free(HASHMAP_BASE(h)); ++ internal_hashmap_clear(HASHMAP_BASE(h), NULL, free); + } + +-void hashmap_clear_free_free(Hashmap *h); ++static inline void hashmap_clear_free_key(Hashmap *h) { ++ internal_hashmap_clear(HASHMAP_BASE(h), free, NULL); ++} ++static inline void ordered_hashmap_clear_free_key(OrderedHashmap *h) { ++ internal_hashmap_clear(HASHMAP_BASE(h), free, NULL); ++} ++ ++static inline void hashmap_clear_free_free(Hashmap *h) { ++ internal_hashmap_clear(HASHMAP_BASE(h), free, free); ++} + static inline void ordered_hashmap_clear_free_free(OrderedHashmap *h) { +- hashmap_clear_free_free(PLAIN_HASHMAP(h)); ++ internal_hashmap_clear(HASHMAP_BASE(h), free, free); + } + + /* +diff --git a/src/basic/ordered-set.h b/src/basic/ordered-set.h +index e7c054d8e4..7cbb71819b 100644 +--- a/src/basic/ordered-set.h ++++ b/src/basic/ordered-set.h +@@ -21,13 +21,11 @@ static inline int ordered_set_ensure_allocated(OrderedSet **s, const struct hash + } + + static inline OrderedSet* ordered_set_free(OrderedSet *s) { +- ordered_hashmap_free((OrderedHashmap*) s); +- return NULL; ++ return (OrderedSet*) ordered_hashmap_free((OrderedHashmap*) s); + } + + static inline OrderedSet* ordered_set_free_free(OrderedSet *s) { +- ordered_hashmap_free_free((OrderedHashmap*) s); +- return NULL; ++ return (OrderedSet*) ordered_hashmap_free_free((OrderedHashmap*) s); + } + + static inline int ordered_set_put(OrderedSet *s, void *p) { +diff --git a/src/basic/set.h b/src/basic/set.h +index 664713810d..8e12670a6e 100644 +--- a/src/basic/set.h ++++ b/src/basic/set.h +@@ -9,13 +9,11 @@ Set *internal_set_new(const struct hash_ops *hash_ops HASHMAP_DEBUG_PARAMS); + #define set_new(ops) internal_set_new(ops HASHMAP_DEBUG_SRC_ARGS) + + static inline Set *set_free(Set *s) { +- internal_hashmap_free(HASHMAP_BASE(s)); +- return NULL; ++ return (Set*) internal_hashmap_free(HASHMAP_BASE(s), NULL, NULL); + } + + static inline Set *set_free_free(Set *s) { +- internal_hashmap_free_free(HASHMAP_BASE(s)); +- return NULL; ++ return (Set*) internal_hashmap_free(HASHMAP_BASE(s), free, NULL); + } + + /* no set_free_free_free */ +@@ -76,11 +74,11 @@ static inline unsigned set_buckets(Set *s) { + bool set_iterate(Set *s, Iterator *i, void **value); + + static inline void set_clear(Set *s) { +- internal_hashmap_clear(HASHMAP_BASE(s)); ++ internal_hashmap_clear(HASHMAP_BASE(s), NULL, NULL); + } + + static inline void set_clear_free(Set *s) { +- internal_hashmap_clear_free(HASHMAP_BASE(s)); ++ internal_hashmap_clear(HASHMAP_BASE(s), free, NULL); + } + + /* no set_clear_free_free */ diff --git a/SOURCES/0735-util-define-free_func_t.patch b/SOURCES/0735-util-define-free_func_t.patch new file mode 100644 index 0000000..c32c645 --- /dev/null +++ b/SOURCES/0735-util-define-free_func_t.patch @@ -0,0 +1,25 @@ +From 8d596fa931a32e517323379dde6a73ee2a72506c Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 27 Nov 2018 16:33:28 +0900 +Subject: [PATCH] util: define free_func_t + +(cherry picked from commit e30f9c972b789152d67ff34fd3bda294d20d1f51) + +Resolves: #2037807 +--- + src/basic/alloc-util.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/basic/alloc-util.h b/src/basic/alloc-util.h +index ebe42889ea..f8294da68f 100644 +--- a/src/basic/alloc-util.h ++++ b/src/basic/alloc-util.h +@@ -8,6 +8,8 @@ + + #include "macro.h" + ++typedef void (*free_func_t)(void *p); ++ + #define new(t, n) ((t*) malloc_multiply(sizeof(t), (n))) + + #define new0(t, n) ((t*) calloc((n), sizeof(t))) diff --git a/SOURCES/0736-hash-funcs-make-basic-hash_ops-typesafe.patch b/SOURCES/0736-hash-funcs-make-basic-hash_ops-typesafe.patch new file mode 100644 index 0000000..76d5aee --- /dev/null +++ b/SOURCES/0736-hash-funcs-make-basic-hash_ops-typesafe.patch @@ -0,0 +1,145 @@ +From 9d8948b3f8d37c4667a50f57ab2e357b1aeb4019 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 2 Dec 2018 07:46:33 +0100 +Subject: [PATCH] hash-funcs: make basic hash_ops typesafe + +(cherry picked from commit 25073e5012cdb4de13d815197815c33194ff7dc9) + +Resolves: #2037807 +--- + src/basic/hash-funcs.c | 49 +++++++++++------------------------------- + src/basic/hash-funcs.h | 16 +++++++------- + 2 files changed, 21 insertions(+), 44 deletions(-) + +diff --git a/src/basic/hash-funcs.c b/src/basic/hash-funcs.c +index db48437be7..0617536ea5 100644 +--- a/src/basic/hash-funcs.c ++++ b/src/basic/hash-funcs.c +@@ -5,21 +5,13 @@ + #include "hash-funcs.h" + #include "path-util.h" + +-void string_hash_func(const void *p, struct siphash *state) { ++void string_hash_func(const char *p, struct siphash *state) { + siphash24_compress(p, strlen(p) + 1, state); + } + +-int string_compare_func(const void *a, const void *b) { +- return strcmp(a, b); +-} +- +-const struct hash_ops string_hash_ops = { +- .hash = string_hash_func, +- .compare = string_compare_func +-}; ++DEFINE_HASH_OPS(string_hash_ops, char, string_hash_func, string_compare_func); + +-void path_hash_func(const void *p, struct siphash *state) { +- const char *q = p; ++void path_hash_func(const char *q, struct siphash *state) { + size_t n; + + assert(q); +@@ -57,14 +49,11 @@ void path_hash_func(const void *p, struct siphash *state) { + } + } + +-int path_compare_func(const void *a, const void *b) { ++int path_compare_func(const char *a, const char *b) { + return path_compare(a, b); + } + +-const struct hash_ops path_hash_ops = { +- .hash = path_hash_func, +- .compare = path_compare_func +-}; ++DEFINE_HASH_OPS(path_hash_ops, char, path_hash_func, path_compare_func); + + void trivial_hash_func(const void *p, struct siphash *state) { + siphash24_compress(&p, sizeof(p), state); +@@ -79,36 +68,24 @@ const struct hash_ops trivial_hash_ops = { + .compare = trivial_compare_func + }; + +-void uint64_hash_func(const void *p, struct siphash *state) { ++void uint64_hash_func(const uint64_t *p, struct siphash *state) { + siphash24_compress(p, sizeof(uint64_t), state); + } + +-int uint64_compare_func(const void *_a, const void *_b) { +- uint64_t a, b; +- a = *(const uint64_t*) _a; +- b = *(const uint64_t*) _b; +- return a < b ? -1 : (a > b ? 1 : 0); ++int uint64_compare_func(const uint64_t *a, const uint64_t *b) { ++ return CMP(*a, *b); + } + +-const struct hash_ops uint64_hash_ops = { +- .hash = uint64_hash_func, +- .compare = uint64_compare_func +-}; ++DEFINE_HASH_OPS(uint64_hash_ops, uint64_t, uint64_hash_func, uint64_compare_func); + + #if SIZEOF_DEV_T != 8 +-void devt_hash_func(const void *p, struct siphash *state) { ++void devt_hash_func(const dev_t *p, struct siphash *state) { + siphash24_compress(p, sizeof(dev_t), state); + } + +-int devt_compare_func(const void *_a, const void *_b) { +- dev_t a, b; +- a = *(const dev_t*) _a; +- b = *(const dev_t*) _b; +- return a < b ? -1 : (a > b ? 1 : 0); ++int devt_compare_func(const dev_t *a, const dev_t *b) { ++ return CMP(*a, *b); + } + +-const struct hash_ops devt_hash_ops = { +- .hash = devt_hash_func, +- .compare = devt_compare_func +-}; ++DEFINE_HASH_OPS(devt_hash_ops, dev_t, devt_hash_func, devt_compare_func); + #endif +diff --git a/src/basic/hash-funcs.h b/src/basic/hash-funcs.h +index 2d3125d0f9..3d2ae4b55e 100644 +--- a/src/basic/hash-funcs.h ++++ b/src/basic/hash-funcs.h +@@ -73,12 +73,12 @@ struct hash_ops { + #define DEFINE_PRIVATE_HASH_OPS_FULL(name, type, hash_func, compare_func, free_key_func, value_type, free_value_func) \ + _DEFINE_HASH_OPS_FULL(UNIQ, name, type, hash_func, compare_func, free_key_func, value_type, free_value_func, static) + +-void string_hash_func(const void *p, struct siphash *state); +-int string_compare_func(const void *a, const void *b) _pure_; ++void string_hash_func(const char *p, struct siphash *state); ++#define string_compare_func strcmp + extern const struct hash_ops string_hash_ops; + +-void path_hash_func(const void *p, struct siphash *state); +-int path_compare_func(const void *a, const void *b) _pure_; ++void path_hash_func(const char *p, struct siphash *state); ++int path_compare_func(const char *a, const char *b) _pure_; + extern const struct hash_ops path_hash_ops; + + /* This will compare the passed pointers directly, and will not dereference them. This is hence not useful for strings +@@ -89,15 +89,15 @@ extern const struct hash_ops trivial_hash_ops; + + /* 32bit values we can always just embed in the pointer itself, but in order to support 32bit archs we need store 64bit + * values indirectly, since they don't fit in a pointer. */ +-void uint64_hash_func(const void *p, struct siphash *state); +-int uint64_compare_func(const void *a, const void *b) _pure_; ++void uint64_hash_func(const uint64_t *p, struct siphash *state); ++int uint64_compare_func(const uint64_t *a, const uint64_t *b) _pure_; + extern const struct hash_ops uint64_hash_ops; + + /* On some archs dev_t is 32bit, and on others 64bit. And sometimes it's 64bit on 32bit archs, and sometimes 32bit on + * 64bit archs. Yuck! */ + #if SIZEOF_DEV_T != 8 +-void devt_hash_func(const void *p, struct siphash *state) _pure_; +-int devt_compare_func(const void *a, const void *b) _pure_; ++void devt_hash_func(const dev_t *p, struct siphash *state) _pure_; ++int devt_compare_func(const dev_t *a, const dev_t *b) _pure_; + extern const struct hash_ops devt_hash_ops; + #else + #define devt_hash_func uint64_hash_func diff --git a/SOURCES/0737-test-add-tests-for-destructors-of-hashmap-or-set.patch b/SOURCES/0737-test-add-tests-for-destructors-of-hashmap-or-set.patch new file mode 100644 index 0000000..b7ecb42 --- /dev/null +++ b/SOURCES/0737-test-add-tests-for-destructors-of-hashmap-or-set.patch @@ -0,0 +1,105 @@ +From dcb475e97a48cddacab3ab5178fb351c702cdfb8 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 25 Nov 2018 21:54:44 +0900 +Subject: [PATCH] test: add tests for destructors of hashmap or set + +(cherry picked from commit 98233ee5e031cf39f5be73651a1f05c52927116b) + +Resolves: #2037807 +--- + src/test/test-hashmap-plain.c | 38 +++++++++++++++++++++++++++++++++++ + src/test/test-set.c | 19 ++++++++++++++++++ + 2 files changed, 57 insertions(+) + +diff --git a/src/test/test-hashmap-plain.c b/src/test/test-hashmap-plain.c +index b695d4ee35..a34de067fc 100644 +--- a/src/test/test-hashmap-plain.c ++++ b/src/test/test-hashmap-plain.c +@@ -867,6 +867,43 @@ static void test_hashmap_clear_free_free(void) { + + hashmap_clear_free_free(m); + assert_se(hashmap_isempty(m)); ++ ++ assert_se(hashmap_put(m, strdup("key 1"), strdup("value 1")) == 1); ++ assert_se(hashmap_put(m, strdup("key 2"), strdup("value 2")) == 1); ++ assert_se(hashmap_put(m, strdup("key 3"), strdup("value 3")) == 1); ++ ++ hashmap_clear_free_free(m); ++ assert_se(hashmap_isempty(m)); ++} ++ ++DEFINE_PRIVATE_HASH_OPS_WITH_KEY_DESTRUCTOR(test_hash_ops_key, char, string_hash_func, string_compare_func, free); ++DEFINE_PRIVATE_HASH_OPS_FULL(test_hash_ops_full, char, string_hash_func, string_compare_func, free, char, free); ++ ++static void test_hashmap_clear_free_with_destructor(void) { ++ _cleanup_hashmap_free_ Hashmap *m = NULL; ++ ++ log_info("%s", __func__); ++ ++ m = hashmap_new(&test_hash_ops_key); ++ assert_se(m); ++ ++ assert_se(hashmap_put(m, strdup("key 1"), NULL) == 1); ++ assert_se(hashmap_put(m, strdup("key 2"), NULL) == 1); ++ assert_se(hashmap_put(m, strdup("key 3"), NULL) == 1); ++ ++ hashmap_clear_free(m); ++ assert_se(hashmap_isempty(m)); ++ m = hashmap_free(m); ++ ++ m = hashmap_new(&test_hash_ops_full); ++ assert_se(m); ++ ++ assert_se(hashmap_put(m, strdup("key 1"), strdup("value 1")) == 1); ++ assert_se(hashmap_put(m, strdup("key 2"), strdup("value 2")) == 1); ++ assert_se(hashmap_put(m, strdup("key 3"), strdup("value 3")) == 1); ++ ++ hashmap_clear_free(m); ++ assert_se(hashmap_isempty(m)); + } + + static void test_hashmap_reserve(void) { +@@ -924,5 +961,6 @@ void test_hashmap_funcs(void) { + test_hashmap_steal_first_key(); + test_hashmap_steal_first(); + test_hashmap_clear_free_free(); ++ test_hashmap_clear_free_with_destructor(); + test_hashmap_reserve(); + } +diff --git a/src/test/test-set.c b/src/test/test-set.c +index 6307403e4c..340edeb65f 100644 +--- a/src/test/test-set.c ++++ b/src/test/test-set.c +@@ -45,6 +45,24 @@ static void test_set_free_with_destructor(void) { + assert_se(items[3].seen == 0); + } + ++DEFINE_PRIVATE_HASH_OPS_WITH_VALUE_DESTRUCTOR(item_hash_ops, void, trivial_hash_func, trivial_compare_func, Item, item_seen); ++ ++static void test_set_free_with_hash_ops(void) { ++ Set *m; ++ struct Item items[4] = {}; ++ unsigned i; ++ ++ assert_se(m = set_new(&item_hash_ops)); ++ for (i = 0; i < ELEMENTSOF(items) - 1; i++) ++ assert_se(set_put(m, items + i) == 1); ++ ++ m = set_free(m); ++ assert_se(items[0].seen == 1); ++ assert_se(items[1].seen == 1); ++ assert_se(items[2].seen == 1); ++ assert_se(items[3].seen == 0); ++} ++ + static void test_set_put(void) { + _cleanup_set_free_ Set *m = NULL; + +@@ -64,6 +82,7 @@ static void test_set_put(void) { + int main(int argc, const char *argv[]) { + test_set_steal_first(); + test_set_free_with_destructor(); ++ test_set_free_with_hash_ops(); + test_set_put(); + + return 0; diff --git a/SOURCES/0738-man-document-the-new-sysctl.d-prefix.patch b/SOURCES/0738-man-document-the-new-sysctl.d-prefix.patch new file mode 100644 index 0000000..d80ae9a --- /dev/null +++ b/SOURCES/0738-man-document-the-new-sysctl.d-prefix.patch @@ -0,0 +1,27 @@ +From b1b5f4625bda683871e8120d2c7b4a59b3ad3951 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 26 Jul 2019 09:24:11 +0200 +Subject: [PATCH] man: document the new sysctl.d/ - prefix + +(cherry picked from commit e08be64937293e3aa8adb08048497520d58445c6) + +Related: #2037807 +--- + man/sysctl.d.xml | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/man/sysctl.d.xml b/man/sysctl.d.xml +index 7c8fde0dba..61820f2c4b 100644 +--- a/man/sysctl.d.xml ++++ b/man/sysctl.d.xml +@@ -60,6 +60,10 @@ + /proc/sys/net/ipv4/conf/enp3s0.200/forwarding. + + ++ If a variable assignment is prefixed with a single - character, any attempts to ++ set it that fail will be ignored (though are logged). Moreover, any access permission errors, and ++ attempts to write variables not defined on the local system are ignored (and logged) too. ++ + The settings configured with sysctl.d + files will be applied early on boot. The network + interface-specific options will also be applied individually for diff --git a/SOURCES/0739-sysctl-if-options-are-prefixed-with-ignore-write-err.patch b/SOURCES/0739-sysctl-if-options-are-prefixed-with-ignore-write-err.patch new file mode 100644 index 0000000..a71c655 --- /dev/null +++ b/SOURCES/0739-sysctl-if-options-are-prefixed-with-ignore-write-err.patch @@ -0,0 +1,196 @@ +From 516fc73142e803a7a6cbd126c338e1c3c73d6843 Mon Sep 17 00:00:00 2001 +From: Jan Macku +Date: Fri, 21 Jan 2022 12:10:45 +0100 +Subject: [PATCH] sysctl: if options are prefixed with "-" ignore write errors + +(cherry picked from commit dec02d6e1993d420a0a94c7fec294605df55e88e) + +Resolves: #2037807 +--- + src/sysctl/sysctl.c | 115 ++++++++++++++++++++++++++++++-------------- + 1 file changed, 80 insertions(+), 35 deletions(-) + +diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c +index 0151f7dabe..7b0528877c 100644 +--- a/src/sysctl/sysctl.c ++++ b/src/sysctl/sysctl.c +@@ -26,25 +26,71 @@ static char **arg_prefixes = NULL; + static bool arg_cat_config = false; + static bool arg_no_pager = false; + ++typedef struct Option { ++ char *key; ++ char *value; ++ bool ignore_failure; ++} Option; ++ ++static Option *option_free(Option *o) { ++ if (!o) ++ return NULL; ++ ++ free(o->key); ++ free(o->value); ++ ++ return mfree(o); ++} ++ ++DEFINE_TRIVIAL_CLEANUP_FUNC(Option*, option_free); ++DEFINE_HASH_OPS_WITH_VALUE_DESTRUCTOR(option_hash_ops, char, string_hash_func, string_compare_func, Option, option_free); ++ ++static Option *option_new( ++ const char *key, ++ const char *value, ++ bool ignore_failure) { ++ ++ _cleanup_(option_freep) Option *o = NULL; ++ ++ assert(key); ++ assert(value); ++ ++ o = new(Option, 1); ++ if (!o) ++ return NULL; ++ ++ *o = (Option) { ++ .key = strdup(key), ++ .value = strdup(value), ++ .ignore_failure = ignore_failure, ++ }; ++ ++ if (!o->key || !o->value) ++ return NULL; ++ ++ return TAKE_PTR(o); ++} ++ + static int apply_all(OrderedHashmap *sysctl_options) { +- char *property, *value; ++ Option *option; + Iterator i; + int r = 0; + +- ORDERED_HASHMAP_FOREACH_KEY(value, property, sysctl_options, i) { ++ ORDERED_HASHMAP_FOREACH(option, sysctl_options, i) { + int k; + +- k = sysctl_write(property, value); ++ k = sysctl_write(option->key, option->value); + if (k < 0) { +- /* If the sysctl is not available in the kernel or we are running with reduced privileges and +- * cannot write it, then log about the issue at LOG_NOTICE level, and proceed without +- * failing. (EROFS is treated as a permission problem here, since that's how container managers +- * usually protected their sysctls.) In all other cases log an error and make the tool fail. */ +- +- if (IN_SET(k, -EPERM, -EACCES, -EROFS, -ENOENT)) +- log_notice_errno(k, "Couldn't write '%s' to '%s', ignoring: %m", value, property); ++ /* If the sysctl is not available in the kernel or we are running with reduced ++ * privileges and cannot write it, then log about the issue at LOG_NOTICE level, and ++ * proceed without failing. (EROFS is treated as a permission problem here, since ++ * that's how container managers usually protected their sysctls.) In all other cases ++ * log an error and make the tool fail. */ ++ ++ if (IN_SET(k, -EPERM, -EACCES, -EROFS, -ENOENT) || option->ignore_failure) ++ log_notice_errno(k, "Couldn't write '%s' to '%s', ignoring: %m", option->value, option->key); + else { +- log_error_errno(k, "Couldn't write '%s' to '%s': %m", value, property); ++ log_error_errno(k, "Couldn't write '%s' to '%s': %m", option->value, option->key); + if (r == 0) + r = k; + } +@@ -90,9 +136,11 @@ static int parse_file(OrderedHashmap *sysctl_options, const char *path, bool ign + + log_debug("Parsing %s", path); + for (;;) { +- char *p, *value, *new_value, *property, *existing; ++ _cleanup_(option_freep) Option *new_option = NULL; + _cleanup_free_ char *l = NULL; +- void *v; ++ bool ignore_failure; ++ Option *existing; ++ char *p, *value; + int k; + + k = read_line(f, LONG_LINE_MAX, &l); +@@ -122,39 +170,37 @@ static int parse_file(OrderedHashmap *sysctl_options, const char *path, bool ign + *value = 0; + value++; + +- p = sysctl_normalize(strstrip(p)); ++ p = strstrip(p); ++ ignore_failure = p[0] == '-'; ++ if (ignore_failure) ++ p++; ++ ++ p = sysctl_normalize(p); + value = strstrip(value); + + if (!test_prefix(p)) + continue; + +- existing = ordered_hashmap_get2(sysctl_options, p, &v); ++ existing = ordered_hashmap_get(sysctl_options, p); + if (existing) { +- if (streq(value, existing)) ++ if (streq(value, existing->value)) { ++ existing->ignore_failure = existing->ignore_failure || ignore_failure; + continue; ++ } + + log_debug("Overwriting earlier assignment of %s at '%s:%u'.", p, path, c); +- free(ordered_hashmap_remove(sysctl_options, p)); +- free(v); ++ option_free(ordered_hashmap_remove(sysctl_options, p)); + } + +- property = strdup(p); +- if (!property) ++ new_option = option_new(p, value, ignore_failure); ++ if (!new_option) + return log_oom(); + +- new_value = strdup(value); +- if (!new_value) { +- free(property); +- return log_oom(); +- } ++ k = ordered_hashmap_put(sysctl_options, new_option->key, new_option); ++ if (k < 0) ++ return log_error_errno(k, "Failed to add sysctl variable %s to hashmap: %m", p); + +- k = ordered_hashmap_put(sysctl_options, property, new_value); +- if (k < 0) { +- log_error_errno(k, "Failed to add sysctl variable %s to hashmap: %m", property); +- free(property); +- free(new_value); +- return k; +- } ++ TAKE_PTR(new_option); + } + + return r; +@@ -251,7 +297,7 @@ static int parse_argv(int argc, char *argv[]) { + } + + int main(int argc, char *argv[]) { +- OrderedHashmap *sysctl_options = NULL; ++ _cleanup_(ordered_hashmap_freep) OrderedHashmap *sysctl_options = NULL; + int r = 0, k; + + r = parse_argv(argc, argv); +@@ -264,7 +310,7 @@ int main(int argc, char *argv[]) { + + umask(0022); + +- sysctl_options = ordered_hashmap_new(&path_hash_ops); ++ sysctl_options = ordered_hashmap_new(&option_hash_ops); + if (!sysctl_options) { + r = log_oom(); + goto finish; +@@ -311,7 +357,6 @@ int main(int argc, char *argv[]) { + finish: + pager_close(); + +- ordered_hashmap_free_free_free(sysctl_options); + strv_free(arg_prefixes); + + return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; diff --git a/SOURCES/0740-sysctl-fix-segfault.patch b/SOURCES/0740-sysctl-fix-segfault.patch new file mode 100644 index 0000000..6c5ec3d --- /dev/null +++ b/SOURCES/0740-sysctl-fix-segfault.patch @@ -0,0 +1,27 @@ +From b30c37b500cbe0587656d5092a95fa695772cd0e Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Thu, 6 Feb 2020 19:13:11 +0900 +Subject: [PATCH] sysctl: fix segfault + +Fixes #14801. + +(cherry picked from commit db99904bc8482efe556bb010a8b203a3e60ee37f) + +Resolves: #2037807 +--- + src/sysctl/sysctl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c +index 7b0528877c..4c85d6887f 100644 +--- a/src/sysctl/sysctl.c ++++ b/src/sysctl/sysctl.c +@@ -183,7 +183,7 @@ static int parse_file(OrderedHashmap *sysctl_options, const char *path, bool ign + + existing = ordered_hashmap_get(sysctl_options, p); + if (existing) { +- if (streq(value, existing->value)) { ++ if (streq_ptr(value, existing->value)) { + existing->ignore_failure = existing->ignore_failure || ignore_failure; + continue; + } diff --git a/SOURCES/0741-ci-drop-CentOS-8-CI.patch b/SOURCES/0741-ci-drop-CentOS-8-CI.patch new file mode 100644 index 0000000..cce92a8 --- /dev/null +++ b/SOURCES/0741-ci-drop-CentOS-8-CI.patch @@ -0,0 +1,26 @@ +From 2347478a64329b2777ae0838be51c8b017a84960 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Tue, 8 Feb 2022 11:24:20 +0100 +Subject: [PATCH] ci: drop CentOS 8 CI + +since it went EOL and we should use only Stream 8 from now on. + +rhel-only +Related: #2017033 +--- + .github/workflows/unit_tests.yml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml +index b363118be8..87b162fa71 100644 +--- a/.github/workflows/unit_tests.yml ++++ b/.github/workflows/unit_tests.yml +@@ -10,7 +10,7 @@ jobs: + strategy: + fail-fast: false + matrix: +- image: [centos8, stream8] ++ image: [stream8] + phase: [GCC, GCC_ASAN] + env: + CONT_NAME: "systemd-centos8-ci" diff --git a/SOURCES/0742-test-adapt-to-the-new-capsh-format.patch b/SOURCES/0742-test-adapt-to-the-new-capsh-format.patch new file mode 100644 index 0000000..aa43697 --- /dev/null +++ b/SOURCES/0742-test-adapt-to-the-new-capsh-format.patch @@ -0,0 +1,108 @@ +From 9070c6d48645b948d996f9c26bc590c07d46ca1f Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Tue, 4 Feb 2020 13:49:01 +0100 +Subject: [PATCH] test: adapt to the new capsh format + +Since libcap v2.29 the format of cap_to_text() has been changed which +makes certain `test-execute` subtest fail. Let's remove the offending +part of the output (dropped capabilities) to make it compatible with +both the old and the new libcap. + +(cherry picked from commit 9569e385036c05c0bf9fbccdbf3d131161398e2e) + +Related: #2017033 +--- + test/test-execute/exec-capabilityboundingset-invert.service | 3 ++- + .../exec-privatedevices-no-capability-mknod.service | 3 ++- + .../exec-privatedevices-no-capability-sys-rawio.service | 3 ++- + .../exec-privatedevices-yes-capability-mknod.service | 3 ++- + .../exec-privatedevices-yes-capability-sys-rawio.service | 3 ++- + .../exec-protectkernelmodules-no-capabilities.service | 3 ++- + .../exec-protectkernelmodules-yes-capabilities.service | 3 ++- + 7 files changed, 14 insertions(+), 7 deletions(-) + +diff --git a/test/test-execute/exec-capabilityboundingset-invert.service b/test/test-execute/exec-capabilityboundingset-invert.service +index 1abe390601..5f37427603 100644 +--- a/test/test-execute/exec-capabilityboundingset-invert.service ++++ b/test/test-execute/exec-capabilityboundingset-invert.service +@@ -2,6 +2,7 @@ + Description=Test for CapabilityBoundingSet + + [Service] +-ExecStart=/bin/sh -x -c '! capsh --print | grep "^Bounding set .*cap_chown"' ++# sed: remove dropped capabilities (cap_xxx-[epi]) from the output ++ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep "^Bounding set .*cap_chown"' + Type=oneshot + CapabilityBoundingSet=~CAP_CHOWN +diff --git a/test/test-execute/exec-privatedevices-no-capability-mknod.service b/test/test-execute/exec-privatedevices-no-capability-mknod.service +index 6d39469da8..4d61d9ffaa 100644 +--- a/test/test-execute/exec-privatedevices-no-capability-mknod.service ++++ b/test/test-execute/exec-privatedevices-no-capability-mknod.service +@@ -3,5 +3,6 @@ Description=Test CAP_MKNOD capability for PrivateDevices=no + + [Service] + PrivateDevices=no +-ExecStart=/bin/sh -x -c 'capsh --print | grep cap_mknod' ++# sed: remove dropped capabilities (cap_xxx-[epi]) from the output ++ExecStart=/bin/sh -x -c 'capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_mknod' + Type=oneshot +diff --git a/test/test-execute/exec-privatedevices-no-capability-sys-rawio.service b/test/test-execute/exec-privatedevices-no-capability-sys-rawio.service +index e7f529c44c..f7f7a16736 100644 +--- a/test/test-execute/exec-privatedevices-no-capability-sys-rawio.service ++++ b/test/test-execute/exec-privatedevices-no-capability-sys-rawio.service +@@ -3,5 +3,6 @@ Description=Test CAP_SYS_RAWIO capability for PrivateDevices=no + + [Service] + PrivateDevices=no +-ExecStart=/bin/sh -x -c 'capsh --print | grep cap_sys_rawio' ++# sed: remove dropped capabilities (cap_xxx-[epi]) from the output ++ExecStart=/bin/sh -x -c 'capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_rawio' + Type=oneshot +diff --git a/test/test-execute/exec-privatedevices-yes-capability-mknod.service b/test/test-execute/exec-privatedevices-yes-capability-mknod.service +index fb1fc2875a..5bcace0845 100644 +--- a/test/test-execute/exec-privatedevices-yes-capability-mknod.service ++++ b/test/test-execute/exec-privatedevices-yes-capability-mknod.service +@@ -3,5 +3,6 @@ Description=Test CAP_MKNOD capability for PrivateDevices=yes + + [Service] + PrivateDevices=yes +-ExecStart=/bin/sh -x -c '! capsh --print | grep cap_mknod' ++# sed: remove dropped capabilities (cap_xxx-[epi]) from the output ++ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_mknod' + Type=oneshot +diff --git a/test/test-execute/exec-privatedevices-yes-capability-sys-rawio.service b/test/test-execute/exec-privatedevices-yes-capability-sys-rawio.service +index cebc493a7a..a246f950c1 100644 +--- a/test/test-execute/exec-privatedevices-yes-capability-sys-rawio.service ++++ b/test/test-execute/exec-privatedevices-yes-capability-sys-rawio.service +@@ -3,5 +3,6 @@ Description=Test CAP_SYS_RAWIO capability for PrivateDevices=yes + + [Service] + PrivateDevices=yes +-ExecStart=/bin/sh -x -c '! capsh --print | grep cap_sys_rawio' ++# sed: remove dropped capabilities (cap_xxx-[epi]) from the output ++ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_rawio' + Type=oneshot +diff --git a/test/test-execute/exec-protectkernelmodules-no-capabilities.service b/test/test-execute/exec-protectkernelmodules-no-capabilities.service +index b2f2cd6b8a..8d7e2b52d4 100644 +--- a/test/test-execute/exec-protectkernelmodules-no-capabilities.service ++++ b/test/test-execute/exec-protectkernelmodules-no-capabilities.service +@@ -3,5 +3,6 @@ Description=Test CAP_SYS_MODULE ProtectKernelModules=no + + [Service] + ProtectKernelModules=no +-ExecStart=/bin/sh -x -c 'capsh --print | grep cap_sys_module' ++# sed: remove dropped capabilities (cap_xxx-[epi]) from the output ++ExecStart=/bin/sh -x -c 'capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_module' + Type=oneshot +diff --git a/test/test-execute/exec-protectkernelmodules-yes-capabilities.service b/test/test-execute/exec-protectkernelmodules-yes-capabilities.service +index 84bf39be56..fe2ae208dd 100644 +--- a/test/test-execute/exec-protectkernelmodules-yes-capabilities.service ++++ b/test/test-execute/exec-protectkernelmodules-yes-capabilities.service +@@ -3,5 +3,6 @@ Description=Test CAP_SYS_MODULE for ProtectKernelModules=yes + + [Service] + ProtectKernelModules=yes +-ExecStart=/bin/sh -x -c '! capsh --print | grep cap_sys_module' ++# sed: remove dropped capabilities (cap_xxx-[epi]) from the output ++ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_module' + Type=oneshot diff --git a/SOURCES/0743-test-ignore-IAB-capabilities-in-test-execute.patch b/SOURCES/0743-test-ignore-IAB-capabilities-in-test-execute.patch new file mode 100644 index 0000000..36ebc93 --- /dev/null +++ b/SOURCES/0743-test-ignore-IAB-capabilities-in-test-execute.patch @@ -0,0 +1,129 @@ +From 68c487956659bb0bc3e04be4c8f0687d46d23248 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Mon, 9 Mar 2020 11:00:58 +0100 +Subject: [PATCH] test: ignore IAB capabilities in `test-execute` + +libcap v2.33 introduces a new capability set called IAB[0] which is shown +in the output of `capsh --print` and interferes with the test checks. Let's +drop the IAB set from the output, for now, to mitigate this. + +This could be (and probably should be) replaced in the future by the +newly introduced testing options[1][2] in libcap v2.32, namely: + --has-p=xxx + --has-i=xxx + --has-a=xxx + +but this needs to wait until the respective libcap version gets a wider +adoption. Until then, let's stick with the relatively ugly sed. + +Fixes: #15046 + +[0] https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=943b011b5e53624eb9cab4e96c1985326e077cdd +[1] https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=588d0439cb6495b03f0ab9f213f0b6b339e7d4b7 +[2] https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=e7709bbc1c4712f2ddfc6e6f42892928a8a03782 + +(cherry picked from commit e9cdcbed77971da3cb0b98b3eb91081142c91eb7) + +Related: #2017033 +--- + test/test-execute/exec-capabilityboundingset-invert.service | 4 ++-- + .../exec-privatedevices-no-capability-mknod.service | 4 ++-- + .../exec-privatedevices-no-capability-sys-rawio.service | 4 ++-- + .../exec-privatedevices-yes-capability-mknod.service | 4 ++-- + .../exec-privatedevices-yes-capability-sys-rawio.service | 4 ++-- + .../exec-protectkernelmodules-no-capabilities.service | 4 ++-- + .../exec-protectkernelmodules-yes-capabilities.service | 4 ++-- + 7 files changed, 14 insertions(+), 14 deletions(-) + +diff --git a/test/test-execute/exec-capabilityboundingset-invert.service b/test/test-execute/exec-capabilityboundingset-invert.service +index 5f37427603..4486f6c25d 100644 +--- a/test/test-execute/exec-capabilityboundingset-invert.service ++++ b/test/test-execute/exec-capabilityboundingset-invert.service +@@ -2,7 +2,7 @@ + Description=Test for CapabilityBoundingSet + + [Service] +-# sed: remove dropped capabilities (cap_xxx-[epi]) from the output +-ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep "^Bounding set .*cap_chown"' ++# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output ++ExecStart=/bin/sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep "^Bounding set .*cap_chown"' + Type=oneshot + CapabilityBoundingSet=~CAP_CHOWN +diff --git a/test/test-execute/exec-privatedevices-no-capability-mknod.service b/test/test-execute/exec-privatedevices-no-capability-mknod.service +index 4d61d9ffaa..8f135be0b5 100644 +--- a/test/test-execute/exec-privatedevices-no-capability-mknod.service ++++ b/test/test-execute/exec-privatedevices-no-capability-mknod.service +@@ -3,6 +3,6 @@ Description=Test CAP_MKNOD capability for PrivateDevices=no + + [Service] + PrivateDevices=no +-# sed: remove dropped capabilities (cap_xxx-[epi]) from the output +-ExecStart=/bin/sh -x -c 'capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_mknod' ++# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output ++ExecStart=/bin/sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_mknod' + Type=oneshot +diff --git a/test/test-execute/exec-privatedevices-no-capability-sys-rawio.service b/test/test-execute/exec-privatedevices-no-capability-sys-rawio.service +index f7f7a16736..30ce549254 100644 +--- a/test/test-execute/exec-privatedevices-no-capability-sys-rawio.service ++++ b/test/test-execute/exec-privatedevices-no-capability-sys-rawio.service +@@ -3,6 +3,6 @@ Description=Test CAP_SYS_RAWIO capability for PrivateDevices=no + + [Service] + PrivateDevices=no +-# sed: remove dropped capabilities (cap_xxx-[epi]) from the output +-ExecStart=/bin/sh -x -c 'capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_rawio' ++# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output ++ExecStart=/bin/sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_rawio' + Type=oneshot +diff --git a/test/test-execute/exec-privatedevices-yes-capability-mknod.service b/test/test-execute/exec-privatedevices-yes-capability-mknod.service +index 5bcace0845..b98cfb5c7e 100644 +--- a/test/test-execute/exec-privatedevices-yes-capability-mknod.service ++++ b/test/test-execute/exec-privatedevices-yes-capability-mknod.service +@@ -3,6 +3,6 @@ Description=Test CAP_MKNOD capability for PrivateDevices=yes + + [Service] + PrivateDevices=yes +-# sed: remove dropped capabilities (cap_xxx-[epi]) from the output +-ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_mknod' ++# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output ++ExecStart=/bin/sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_mknod' + Type=oneshot +diff --git a/test/test-execute/exec-privatedevices-yes-capability-sys-rawio.service b/test/test-execute/exec-privatedevices-yes-capability-sys-rawio.service +index a246f950c1..5b0c0700f2 100644 +--- a/test/test-execute/exec-privatedevices-yes-capability-sys-rawio.service ++++ b/test/test-execute/exec-privatedevices-yes-capability-sys-rawio.service +@@ -3,6 +3,6 @@ Description=Test CAP_SYS_RAWIO capability for PrivateDevices=yes + + [Service] + PrivateDevices=yes +-# sed: remove dropped capabilities (cap_xxx-[epi]) from the output +-ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_rawio' ++# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output ++ExecStart=/bin/sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_rawio' + Type=oneshot +diff --git a/test/test-execute/exec-protectkernelmodules-no-capabilities.service b/test/test-execute/exec-protectkernelmodules-no-capabilities.service +index 8d7e2b52d4..1b73656305 100644 +--- a/test/test-execute/exec-protectkernelmodules-no-capabilities.service ++++ b/test/test-execute/exec-protectkernelmodules-no-capabilities.service +@@ -3,6 +3,6 @@ Description=Test CAP_SYS_MODULE ProtectKernelModules=no + + [Service] + ProtectKernelModules=no +-# sed: remove dropped capabilities (cap_xxx-[epi]) from the output +-ExecStart=/bin/sh -x -c 'capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_module' ++# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output ++ExecStart=/bin/sh -x -c 'capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_module' + Type=oneshot +diff --git a/test/test-execute/exec-protectkernelmodules-yes-capabilities.service b/test/test-execute/exec-protectkernelmodules-yes-capabilities.service +index fe2ae208dd..e43e72733c 100644 +--- a/test/test-execute/exec-protectkernelmodules-yes-capabilities.service ++++ b/test/test-execute/exec-protectkernelmodules-yes-capabilities.service +@@ -3,6 +3,6 @@ Description=Test CAP_SYS_MODULE for ProtectKernelModules=yes + + [Service] + ProtectKernelModules=yes +-# sed: remove dropped capabilities (cap_xxx-[epi]) from the output +-ExecStart=/bin/sh -x -c '! capsh --print | sed -r "s/[^ ]+?\-[epi]+//g" | grep cap_sys_module' ++# sed: remove dropped (cap_xxx-[epi]) and IAB capabilities from the output ++ExecStart=/bin/sh -x -c '! capsh --print | sed -re "s/[^ ]+?\-[epi]+//g" -e '/IAB/d' | grep cap_sys_module' + Type=oneshot diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec index 0bbbbe2..4aee86b 100644 --- a/SPECS/systemd.spec +++ b/SPECS/systemd.spec @@ -13,7 +13,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 239 -Release: 56%{?dist} +Release: 58%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -751,6 +751,48 @@ Patch0698: 0698-unit-add-jobs-that-were-skipped-because-of-ratelimit.patch Patch0699: 0699-Revert-Revert-sysctl-Enable-ping-8-inside-rootless-P.patch Patch0700: 0700-sysctl-prefix-ping-port-range-setting-with-a-dash.patch Patch0701: 0701-mount-don-t-propagate-errors-from-mount_setup_unit-f.patch +Patch0702: 0702-udev-net_id-introduce-naming-scheme-for-RHEL-8.5.patch +Patch0703: 0703-udev-net_id-remove-extraneous-bracket.patch +Patch0704: 0704-udev-net_id-introduce-naming-scheme-for-RHEL-8.6.patch +Patch0705: 0705-define-newly-needed-constants.patch +Patch0706: 0706-sd-netlink-support-IFLA_PROP_LIST-and-IFLA_ALT_IFNAM.patch +Patch0707: 0707-sd-netlink-introduce-sd_netlink_message_read_strv.patch +Patch0708: 0708-sd-netlink-introduce-sd_netlink_message_append_strv.patch +Patch0709: 0709-test-add-a-test-for-sd_netlink_message_-append-read-.patch +Patch0710: 0710-util-introduce-ifname_valid_full.patch +Patch0711: 0711-rename-function.patch +Patch0712: 0712-udev-support-AlternativeName-setting-in-.link-file.patch +Patch0713: 0713-network-make-Name-in-Match-support-alternative-names.patch +Patch0714: 0714-udev-extend-the-length-of-ID_NET_NAME_XXX-to-ALTIFNA.patch +Patch0715: 0715-udev-do-not-fail-if-kernel-does-not-support-alternat.patch +Patch0716: 0716-udev-introduce-AlternativeNamesPolicy-setting.patch +Patch0717: 0717-network-set-AlternativeNamesPolicy-in-99-default.lin.patch +Patch0718: 0718-random-util-call-initialize_srand-after-fork.patch +Patch0719: 0719-sd-netlink-introduce-rtnl_resolve_link_alternative_n.patch +Patch0720: 0720-udev-sort-alternative-names.patch +Patch0721: 0721-netlink-introduce-rtnl_get-delete_link_alternative_n.patch +Patch0722: 0722-netlink-do-not-fail-when-new-interface-name-is-alrea.patch +Patch0723: 0723-udev-do-not-try-to-reassign-alternative-names.patch +Patch0724: 0724-Do-not-fail-if-the-same-alt.-name-is-set-again.patch +Patch0725: 0725-mount-do-not-update-exec-deps-on-mountinfo-changes.patch +Patch0726: 0726-core-mount-add-implicit-unit-dependencies-even-if-wh.patch +Patch0727: 0727-core-fix-unfortunate-typo-in-unit_is_unneeded.patch +Patch0728: 0728-core-make-destructive-transaction-error-a-bit-more-u.patch +Patch0729: 0729-tmpfiles-use-a-entry-in-hashmap-as-ItemArray-in-read.patch +Patch0730: 0730-tmpfiles-rework-condition-check.patch +Patch0731: 0731-TEST-22-TMPFILES-add-reproducer-for-bug-with-X.patch +Patch0732: 0732-core-make-sure-we-don-t-get-confused-when-setting-TE.patch +Patch0733: 0733-hash-funcs-introduce-macro-to-create-typesafe-hash_o.patch +Patch0734: 0734-hash-func-add-destructors-for-key-and-value.patch +Patch0735: 0735-util-define-free_func_t.patch +Patch0736: 0736-hash-funcs-make-basic-hash_ops-typesafe.patch +Patch0737: 0737-test-add-tests-for-destructors-of-hashmap-or-set.patch +Patch0738: 0738-man-document-the-new-sysctl.d-prefix.patch +Patch0739: 0739-sysctl-if-options-are-prefixed-with-ignore-write-err.patch +Patch0740: 0740-sysctl-fix-segfault.patch +Patch0741: 0741-ci-drop-CentOS-8-CI.patch +Patch0742: 0742-test-adapt-to-the-new-capsh-format.patch +Patch0743: 0743-test-ignore-IAB-capabilities-in-test-execute.patch %ifarch %{ix86} x86_64 aarch64 @@ -1381,6 +1423,52 @@ fi %files tests -f .file-list-tests %changelog +* Tue Feb 08 2022 systemd maintenance team - 239-58 +- ci: drop CentOS 8 CI (#2017033) +- test: adapt to the new capsh format (#2017033) +- test: ignore IAB capabilities in `test-execute` (#2017033) + +* Mon Feb 07 2022 systemd maintenance team - 239-57 +- udev/net_id: introduce naming scheme for RHEL-8.5 (#2039797) +- udev/net_id: remove extraneous bracket (#2039797) +- udev/net_id: introduce naming scheme for RHEL-8.6 (#2039797) +- define newly needed constants (#2005008) +- sd-netlink: support IFLA_PROP_LIST and IFLA_ALT_IFNAME attributes (#2005008) +- sd-netlink: introduce sd_netlink_message_read_strv() (#2005008) +- sd-netlink: introduce sd_netlink_message_append_strv() (#2005008) +- test: add a test for sd_netlink_message_{append,read}_strv() (#2005008) +- util: introduce ifname_valid_full() (#2005008) +- rename function (#2005008) +- udev: support AlternativeName= setting in .link file (#2005008) +- network: make Name= in [Match] support alternative names of interfaces (#2005008) +- udev: extend the length of ID_NET_NAME_XXX= to ALTIFNAMSIZ (#2005008) +- udev: do not fail if kernel does not support alternative names (#2005008) +- udev: introduce AlternativeNamesPolicy= setting (#2005008) +- network: set AlternativeNamesPolicy= in 99-default.link (#2005008) +- random-util: call initialize_srand() after fork() (#2005008) +- sd-netlink: introduce rtnl_resolve_link_alternative_names() (#2005008) +- udev: sort alternative names (#2005008) +- netlink: introduce rtnl_get/delete_link_alternative_names() (#2005008) +- netlink: do not fail when new interface name is already used as an alternative name (#2005008) +- udev: do not try to reassign alternative names (#2005008) +- Do not fail if the same alt. name is set again (#2005008) +- mount: do not update exec deps on mountinfo changes (#2008825) +- core/mount: add implicit unit dependencies even if when mount unit is generated from /proc/self/mountinfo (#2008825) +- core: fix unfortunate typo in unit_is_unneeded() (#2040147) +- core: make destructive transaction error a bit more useful (#2040147) +- tmpfiles: use a entry in hashmap as ItemArray in read_config_file() (#1944468) +- tmpfiles: rework condition check (#1944468) +- TEST-22-TMPFILES: add reproducer for bug with X (#1944468) +- core: make sure we don't get confused when setting TERM for a tty fd (#2045307) +- hash-funcs: introduce macro to create typesafe hash_ops (#2037807) +- hash-func: add destructors for key and value (#2037807) +- util: define free_func_t (#2037807) +- hash-funcs: make basic hash_ops typesafe (#2037807) +- test: add tests for destructors of hashmap or set (#2037807) +- man: document the new sysctl.d/ - prefix (#2037807) +- sysctl: if options are prefixed with "-" ignore write errors (#2037807) +- sysctl: fix segfault (#2037807) + * Tue Jan 25 2022 systemd maintenance team - 239-56 - Take ghost ownership of /var/log/lastlog (#1798685)