diff --git a/SOURCES/0018-Really-don-t-enable-systemd-journald-audit.socket.patch b/SOURCES/0018-Really-don-t-enable-systemd-journald-audit.socket.patch new file mode 100644 index 0000000..1cb31e0 --- /dev/null +++ b/SOURCES/0018-Really-don-t-enable-systemd-journald-audit.socket.patch @@ -0,0 +1,25 @@ +From bdea01b16bedae5fdba3e9a12a864087cfb4b040 Mon Sep 17 00:00:00 2001 +From: David Tardon +Date: Wed, 25 Aug 2021 16:03:04 +0200 +Subject: [PATCH] Really don't enable systemd-journald-audit.socket + +RHEL-only + +Resolves: #1973856 +--- + units/systemd-journald.service.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in +index d981273b07..f190dff5fb 100644 +--- a/units/systemd-journald.service.in ++++ b/units/systemd-journald.service.in +@@ -33,7 +33,7 @@ RestrictRealtime=yes + RestrictSUIDSGID=yes + RuntimeDirectory=systemd/journal + RuntimeDirectoryPreserve=yes +-Sockets=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-audit.socket ++Sockets=systemd-journald.socket systemd-journald-dev-log.socket + StandardOutput=null + SystemCallArchitectures=native + SystemCallErrorNumber=EPERM diff --git a/SOURCES/0018-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch b/SOURCES/0018-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch deleted file mode 100644 index 648a5b6..0000000 --- a/SOURCES/0018-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 7cea77bd5712260277e451d34908f01f14c467c4 Mon Sep 17 00:00:00 2001 -From: Michal Sekletar -Date: Mon, 30 Aug 2021 18:38:09 +0200 -Subject: [PATCH] boot: don't build bootctl when -Dgnu-efi=false is set - -(cherry picked from commit fbe3a414e1d8f7b05dccf3d24d4fa475eb9c6bc9) - -Resolves: #1972223 ---- - meson.build | 8 +++++--- - shell-completion/bash/meson.build | 2 +- - shell-completion/zsh/meson.build | 2 +- - units/meson.build | 2 +- - 4 files changed, 8 insertions(+), 6 deletions(-) - -diff --git a/meson.build b/meson.build -index 738879eb21..d28f04607a 100644 ---- a/meson.build -+++ b/meson.build -@@ -1608,6 +1608,10 @@ else - endif - conf.set10('ENABLE_EFI', have) - -+subdir('src/fundamental') -+subdir('src/boot/efi') -+conf.set10('HAVE_GNU_EFI', have_gnu_efi) -+ - ############################################################ - - build_bpf_skel_py = find_program('tools/build-bpf-skel.py') -@@ -1660,7 +1664,6 @@ includes = [libsystemd_includes, include_directories('src/shared')] - - subdir('po') - subdir('catalog') --subdir('src/fundamental') - subdir('src/basic') - subdir('src/libsystemd') - subdir('src/shared') -@@ -1751,7 +1754,6 @@ subdir('src/journal') - subdir('src/libsystemd-network') - - subdir('src/analyze') --subdir('src/boot/efi') - subdir('src/busctl') - subdir('src/coredump') - subdir('src/cryptenroll') -@@ -2145,7 +2147,7 @@ if conf.get('HAVE_PAM') == 1 - install_dir : rootlibexecdir) - endif - --if conf.get('ENABLE_EFI') == 1 and conf.get('HAVE_BLKID') == 1 -+if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1 - public_programs += executable( - 'bootctl', - 'src/boot/bootctl.c', -diff --git a/shell-completion/bash/meson.build b/shell-completion/bash/meson.build -index c26b413d92..bfdd2b01f0 100644 ---- a/shell-completion/bash/meson.build -+++ b/shell-completion/bash/meson.build -@@ -33,7 +33,7 @@ items = [['busctl', ''], - ['systemd-run', ''], - ['udevadm', ''], - ['kernel-install', ''], -- ['bootctl', 'ENABLE_EFI'], -+ ['bootctl', 'HAVE_GNU_EFI'], - ['coredumpctl', 'ENABLE_COREDUMP'], - ['homectl', 'ENABLE_HOMED'], - ['hostnamectl', 'ENABLE_HOSTNAMED'], -diff --git a/shell-completion/zsh/meson.build b/shell-completion/zsh/meson.build -index f5f9b0f993..3a92f303b8 100644 ---- a/shell-completion/zsh/meson.build -+++ b/shell-completion/zsh/meson.build -@@ -28,7 +28,7 @@ items = [['_busctl', ''], - ['_sd_outputmodes', ''], - ['_sd_unit_files', ''], - ['_sd_machines', ''], -- ['_bootctl', 'ENABLE_EFI'], -+ ['_bootctl', 'HAVE_GNU_EFI'], - ['_coredumpctl', 'ENABLE_COREDUMP'], - ['_hostnamectl', 'ENABLE_HOSTNAMED'], - ['_localectl', 'ENABLE_LOCALED'], -diff --git a/units/meson.build b/units/meson.build -index 68be8d0108..27a2b60137 100644 ---- a/units/meson.build -+++ b/units/meson.build -@@ -102,7 +102,7 @@ units = [ - ['systemd-ask-password-wall.path', '', - 'multi-user.target.wants/'], - ['systemd-ask-password-wall.service', ''], -- ['systemd-boot-system-token.service', 'ENABLE_EFI', -+ ['systemd-boot-system-token.service', 'HAVE_GNU_EFI', - 'sysinit.target.wants/'], - ['systemd-coredump.socket', 'ENABLE_COREDUMP', - 'sockets.target.wants/'], diff --git a/SOURCES/0019-rules-add-elevator-kernel-command-line-parameter.patch b/SOURCES/0019-rules-add-elevator-kernel-command-line-parameter.patch index 0f0f7a7..aef4cd1 100644 --- a/SOURCES/0019-rules-add-elevator-kernel-command-line-parameter.patch +++ b/SOURCES/0019-rules-add-elevator-kernel-command-line-parameter.patch @@ -1,4 +1,4 @@ -From 7938e1e61c57441798d81124fd67b2e9bdd5e525 Mon Sep 17 00:00:00 2001 +From f583f3db3533bb2b3db1646d6afa74613fca46a6 Mon Sep 17 00:00:00 2001 From: Lukas Nykryn Date: Tue, 12 Feb 2019 16:58:16 +0100 Subject: [PATCH] rules: add elevator= kernel command line parameter @@ -8,7 +8,7 @@ it for rhel8 via udev rule. RHEL-only -Resolves: #1998190 +Resolves: #2003002 --- rules.d/40-elevator.rules | 20 ++++++++++++++++++++ rules.d/meson.build | 1 + diff --git a/SOURCES/0020-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch b/SOURCES/0020-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch new file mode 100644 index 0000000..5f5581f --- /dev/null +++ b/SOURCES/0020-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch @@ -0,0 +1,94 @@ +From 9c67a1570d89ff462cb51f4b2a6d2ed0af8e2e9c Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Mon, 30 Aug 2021 18:38:09 +0200 +Subject: [PATCH] boot: don't build bootctl when -Dgnu-efi=false is set + +(cherry picked from commit fbe3a414e1d8f7b05dccf3d24d4fa475eb9c6bc9) + +Resolves: #2003130 +--- + meson.build | 8 +++++--- + shell-completion/bash/meson.build | 2 +- + shell-completion/zsh/meson.build | 2 +- + units/meson.build | 2 +- + 4 files changed, 8 insertions(+), 6 deletions(-) + +diff --git a/meson.build b/meson.build +index 738879eb21..d28f04607a 100644 +--- a/meson.build ++++ b/meson.build +@@ -1608,6 +1608,10 @@ else + endif + conf.set10('ENABLE_EFI', have) + ++subdir('src/fundamental') ++subdir('src/boot/efi') ++conf.set10('HAVE_GNU_EFI', have_gnu_efi) ++ + ############################################################ + + build_bpf_skel_py = find_program('tools/build-bpf-skel.py') +@@ -1660,7 +1664,6 @@ includes = [libsystemd_includes, include_directories('src/shared')] + + subdir('po') + subdir('catalog') +-subdir('src/fundamental') + subdir('src/basic') + subdir('src/libsystemd') + subdir('src/shared') +@@ -1751,7 +1754,6 @@ subdir('src/journal') + subdir('src/libsystemd-network') + + subdir('src/analyze') +-subdir('src/boot/efi') + subdir('src/busctl') + subdir('src/coredump') + subdir('src/cryptenroll') +@@ -2145,7 +2147,7 @@ if conf.get('HAVE_PAM') == 1 + install_dir : rootlibexecdir) + endif + +-if conf.get('ENABLE_EFI') == 1 and conf.get('HAVE_BLKID') == 1 ++if conf.get('HAVE_BLKID') == 1 and conf.get('HAVE_GNU_EFI') == 1 + public_programs += executable( + 'bootctl', + 'src/boot/bootctl.c', +diff --git a/shell-completion/bash/meson.build b/shell-completion/bash/meson.build +index c26b413d92..bfdd2b01f0 100644 +--- a/shell-completion/bash/meson.build ++++ b/shell-completion/bash/meson.build +@@ -33,7 +33,7 @@ items = [['busctl', ''], + ['systemd-run', ''], + ['udevadm', ''], + ['kernel-install', ''], +- ['bootctl', 'ENABLE_EFI'], ++ ['bootctl', 'HAVE_GNU_EFI'], + ['coredumpctl', 'ENABLE_COREDUMP'], + ['homectl', 'ENABLE_HOMED'], + ['hostnamectl', 'ENABLE_HOSTNAMED'], +diff --git a/shell-completion/zsh/meson.build b/shell-completion/zsh/meson.build +index f5f9b0f993..3a92f303b8 100644 +--- a/shell-completion/zsh/meson.build ++++ b/shell-completion/zsh/meson.build +@@ -28,7 +28,7 @@ items = [['_busctl', ''], + ['_sd_outputmodes', ''], + ['_sd_unit_files', ''], + ['_sd_machines', ''], +- ['_bootctl', 'ENABLE_EFI'], ++ ['_bootctl', 'HAVE_GNU_EFI'], + ['_coredumpctl', 'ENABLE_COREDUMP'], + ['_hostnamectl', 'ENABLE_HOSTNAMED'], + ['_localectl', 'ENABLE_LOCALED'], +diff --git a/units/meson.build b/units/meson.build +index 68be8d0108..27a2b60137 100644 +--- a/units/meson.build ++++ b/units/meson.build +@@ -102,7 +102,7 @@ units = [ + ['systemd-ask-password-wall.path', '', + 'multi-user.target.wants/'], + ['systemd-ask-password-wall.service', ''], +- ['systemd-boot-system-token.service', 'ENABLE_EFI', ++ ['systemd-boot-system-token.service', 'HAVE_GNU_EFI', + 'sysinit.target.wants/'], + ['systemd-coredump.socket', 'ENABLE_COREDUMP', + 'sockets.target.wants/'], diff --git a/SOURCES/0020-sd-device-introduce-device_has_devlink.patch b/SOURCES/0020-sd-device-introduce-device_has_devlink.patch deleted file mode 100644 index 62c593d..0000000 --- a/SOURCES/0020-sd-device-introduce-device_has_devlink.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 76aebe6fec5894b05114fdf1e8aee54139bef69e Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Wed, 1 Sep 2021 09:22:15 +0900 -Subject: [PATCH] sd-device: introduce device_has_devlink() - -(cherry picked from commit b881ce16b9ccae4c3089c82e2ea1781cd9773a4f) - -Related: #1977994 ---- - src/libsystemd/sd-device/device-private.h | 1 + - src/libsystemd/sd-device/sd-device.c | 7 +++++++ - 2 files changed, 8 insertions(+) - -diff --git a/src/libsystemd/sd-device/device-private.h b/src/libsystemd/sd-device/device-private.h -index fe268d7f2f..9bb5eff208 100644 ---- a/src/libsystemd/sd-device/device-private.h -+++ b/src/libsystemd/sd-device/device-private.h -@@ -32,6 +32,7 @@ void device_set_db_persist(sd_device *device); - void device_set_devlink_priority(sd_device *device, int priority); - int device_ensure_usec_initialized(sd_device *device, sd_device *device_old); - int device_add_devlink(sd_device *device, const char *devlink); -+bool device_has_devlink(sd_device *device, const char *devlink); - int device_add_property(sd_device *device, const char *property, const char *value); - int device_add_tag(sd_device *device, const char *tag, bool both); - void device_remove_tag(sd_device *device, const char *tag); -diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c -index 388128bf33..8a9e4a33a1 100644 ---- a/src/libsystemd/sd-device/sd-device.c -+++ b/src/libsystemd/sd-device/sd-device.c -@@ -1193,6 +1193,13 @@ int device_add_devlink(sd_device *device, const char *devlink) { - return 0; - } - -+bool device_has_devlink(sd_device *device, const char *devlink) { -+ assert(device); -+ assert(devlink); -+ -+ return set_contains(device->devlinks, devlink); -+} -+ - static int device_add_property_internal_from_string(sd_device *device, const char *str) { - _cleanup_free_ char *key = NULL; - char *value; diff --git a/SOURCES/0021-udev-node-split-out-permission-handling-from-udev_no.patch b/SOURCES/0021-udev-node-split-out-permission-handling-from-udev_no.patch deleted file mode 100644 index 58d087c..0000000 --- a/SOURCES/0021-udev-node-split-out-permission-handling-from-udev_no.patch +++ /dev/null @@ -1,305 +0,0 @@ -From acf81f97412be44d60be03a0a2e3ca62f4a5146b Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Wed, 1 Sep 2021 09:24:15 +0900 -Subject: [PATCH] udev-node: split out permission handling from udev_node_add() - -And then merge udev_node_add() and udev_node_update_old_links(). - -(cherry picked from commit 2f48561e0db3cd63f65e9311b4d69282b4ac605d) - -Related: #1977994 ---- - src/udev/udev-event.c | 9 +- - src/udev/udev-node.c | 204 +++++++++++++++++++----------------------- - src/udev/udev-node.h | 12 ++- - 3 files changed, 106 insertions(+), 119 deletions(-) - -diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c -index b28089be71..8b9f8aecfe 100644 ---- a/src/udev/udev-event.c -+++ b/src/udev/udev-event.c -@@ -895,9 +895,6 @@ static int update_devnode(UdevEvent *event) { - if (r < 0) - return log_device_error_errno(dev, r, "Failed to get devnum: %m"); - -- /* remove/update possible left-over symlinks from old database entry */ -- (void) udev_node_update_old_links(dev, event->dev_db_clone); -- - if (!uid_is_valid(event->uid)) { - r = device_get_devnode_uid(dev, &event->uid); - if (r < 0 && r != -ENOENT) -@@ -921,7 +918,11 @@ static int update_devnode(UdevEvent *event) { - - bool apply_mac = device_for_action(dev, SD_DEVICE_ADD); - -- return udev_node_add(dev, apply_mac, event->mode, event->uid, event->gid, event->seclabel_list); -+ r = udev_node_apply_permissions(dev, apply_mac, event->mode, event->uid, event->gid, event->seclabel_list); -+ if (r < 0) -+ return log_device_error_errno(dev, r, "Failed to apply devnode permissions: %m"); -+ -+ return udev_node_update(dev, event->dev_db_clone); - } - - static int event_execute_rules_on_remove( -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 9e52906571..7cc9ee3670 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -356,45 +356,117 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { - return i < LINK_UPDATE_MAX_RETRIES ? 0 : -ELOOP; - } - --int udev_node_update_old_links(sd_device *dev, sd_device *dev_old) { -- const char *name; -+static int device_get_devpath_by_devnum(sd_device *dev, char **ret) { -+ const char *subsystem; -+ dev_t devnum; -+ int r; -+ -+ assert(dev); -+ assert(ret); -+ -+ r = sd_device_get_subsystem(dev, &subsystem); -+ if (r < 0) -+ return r; -+ -+ r = sd_device_get_devnum(dev, &devnum); -+ if (r < 0) -+ return r; -+ -+ return device_path_make_major_minor(streq(subsystem, "block") ? S_IFBLK : S_IFCHR, devnum, ret); -+} -+ -+int udev_node_update(sd_device *dev, sd_device *dev_old) { -+ _cleanup_free_ char *filename = NULL; -+ const char *devnode, *devlink; - int r; - - assert(dev); - assert(dev_old); - -- /* update possible left-over symlinks */ -- FOREACH_DEVICE_DEVLINK(dev_old, name) { -- const char *name_current; -- bool found = false; -+ r = sd_device_get_devname(dev, &devnode); -+ if (r < 0) -+ return log_device_debug_errno(dev, r, "Failed to get devnode: %m"); - -- /* check if old link name still belongs to this device */ -- FOREACH_DEVICE_DEVLINK(dev, name_current) -- if (streq(name, name_current)) { -- found = true; -- break; -- } -+ if (DEBUG_LOGGING) { -+ const char *id = NULL; - -- if (found) -+ (void) device_get_device_id(dev, &id); -+ log_device_debug(dev, "Handling device node '%s', devnum=%s", devnode, strna(id)); -+ } -+ -+ /* update possible left-over symlinks */ -+ FOREACH_DEVICE_DEVLINK(dev_old, devlink) { -+ /* check if old link name still belongs to this device */ -+ if (device_has_devlink(dev, devlink)) - continue; - - log_device_debug(dev, -- "Updating old device symlink '%s', which is no longer belonging to this device.", -- name); -+ "Removing/updating old device symlink '%s', which is no longer belonging to this device.", -+ devlink); - -- r = link_update(dev, name, false); -+ r = link_update(dev, devlink, /* add = */ false); - if (r < 0) - log_device_warning_errno(dev, r, -- "Failed to update device symlink '%s', ignoring: %m", -- name); -+ "Failed to remove/update device symlink '%s', ignoring: %m", -+ devlink); - } - -+ /* create/update symlinks, add symlinks to name index */ -+ FOREACH_DEVICE_DEVLINK(dev, devlink) { -+ r = link_update(dev, devlink, /* add = */ true); -+ if (r < 0) -+ log_device_warning_errno(dev, r, -+ "Failed to create/update device symlink '%s', ignoring: %m", -+ devlink); -+ } -+ -+ r = device_get_devpath_by_devnum(dev, &filename); -+ if (r < 0) -+ return log_device_debug_errno(dev, r, "Failed to get device path: %m"); -+ -+ /* always add /dev/{block,char}/$major:$minor */ -+ r = node_symlink(dev, devnode, filename); -+ if (r < 0) -+ return log_device_warning_errno(dev, r, "Failed to create device symlink '%s': %m", filename); -+ -+ return 0; -+} -+ -+int udev_node_remove(sd_device *dev) { -+ _cleanup_free_ char *filename = NULL; -+ const char *devlink; -+ int r; -+ -+ assert(dev); -+ -+ /* remove/update symlinks, remove symlinks from name index */ -+ FOREACH_DEVICE_DEVLINK(dev, devlink) { -+ r = link_update(dev, devlink, /* add = */ false); -+ if (r < 0) -+ log_device_warning_errno(dev, r, -+ "Failed to remove/update device symlink '%s', ignoring: %m", -+ devlink); -+ } -+ -+ r = device_get_devpath_by_devnum(dev, &filename); -+ if (r < 0) -+ return log_device_debug_errno(dev, r, "Failed to get device path: %m"); -+ -+ /* remove /dev/{block,char}/$major:$minor */ -+ if (unlink(filename) < 0 && errno != ENOENT) -+ return log_device_debug_errno(dev, errno, "Failed to remove '%s': %m", filename); -+ - return 0; - } - --static int node_permissions_apply(sd_device *dev, bool apply_mac, -- mode_t mode, uid_t uid, gid_t gid, -- OrderedHashmap *seclabel_list) { -+int udev_node_apply_permissions( -+ sd_device *dev, -+ bool apply_mac, -+ mode_t mode, -+ uid_t uid, -+ gid_t gid, -+ OrderedHashmap *seclabel_list) { -+ - const char *devnode, *subsystem, *id = NULL; - bool apply_mode, apply_uid, apply_gid; - _cleanup_close_ int node_fd = -1; -@@ -511,95 +583,5 @@ static int node_permissions_apply(sd_device *dev, bool apply_mac, - if (r < 0) - log_device_debug_errno(dev, r, "Failed to adjust timestamp of node %s: %m", devnode); - -- return r; --} -- --static int xsprintf_dev_num_path_from_sd_device(sd_device *dev, char **ret) { -- const char *subsystem; -- dev_t devnum; -- int r; -- -- assert(ret); -- -- r = sd_device_get_subsystem(dev, &subsystem); -- if (r < 0) -- return r; -- -- r = sd_device_get_devnum(dev, &devnum); -- if (r < 0) -- return r; -- -- return device_path_make_major_minor(streq(subsystem, "block") ? S_IFBLK : S_IFCHR, devnum, ret); --} -- --int udev_node_add(sd_device *dev, bool apply, -- mode_t mode, uid_t uid, gid_t gid, -- OrderedHashmap *seclabel_list) { -- const char *devnode, *devlink; -- _cleanup_free_ char *filename = NULL; -- int r; -- -- assert(dev); -- -- r = sd_device_get_devname(dev, &devnode); -- if (r < 0) -- return log_device_debug_errno(dev, r, "Failed to get devnode: %m"); -- -- if (DEBUG_LOGGING) { -- const char *id = NULL; -- -- (void) device_get_device_id(dev, &id); -- log_device_debug(dev, "Handling device node '%s', devnum=%s", devnode, strna(id)); -- } -- -- r = node_permissions_apply(dev, apply, mode, uid, gid, seclabel_list); -- if (r < 0) -- return r; -- -- /* create/update symlinks, add symlinks to name index */ -- FOREACH_DEVICE_DEVLINK(dev, devlink) { -- r = link_update(dev, devlink, true); -- if (r < 0) -- log_device_warning_errno(dev, r, -- "Failed to update device symlink '%s', ignoring: %m", -- devlink); -- } -- -- r = xsprintf_dev_num_path_from_sd_device(dev, &filename); -- if (r < 0) -- return log_device_debug_errno(dev, r, "Failed to get device path: %m"); -- -- /* always add /dev/{block,char}/$major:$minor */ -- r = node_symlink(dev, devnode, filename); -- if (r < 0) -- return log_device_warning_errno(dev, r, "Failed to create device symlink '%s': %m", filename); -- -- return 0; --} -- --int udev_node_remove(sd_device *dev) { -- _cleanup_free_ char *filename = NULL; -- const char *devlink; -- int r; -- -- assert(dev); -- -- /* remove/update symlinks, remove symlinks from name index */ -- FOREACH_DEVICE_DEVLINK(dev, devlink) { -- r = link_update(dev, devlink, false); -- if (r < 0) -- log_device_warning_errno(dev, r, -- "Failed to update device symlink '%s', ignoring: %m", -- devlink); -- } -- -- r = xsprintf_dev_num_path_from_sd_device(dev, &filename); -- if (r < 0) -- return log_device_debug_errno(dev, r, "Failed to get device path: %m"); -- -- /* remove /dev/{block,char}/$major:$minor */ -- if (unlink(filename) < 0 && errno != ENOENT) -- return log_device_debug_errno(dev, errno, "Failed to remove '%s': %m", filename); -- - return 0; - } -diff --git a/src/udev/udev-node.h b/src/udev/udev-node.h -index 2349f9c471..a34af77146 100644 ---- a/src/udev/udev-node.h -+++ b/src/udev/udev-node.h -@@ -8,10 +8,14 @@ - - #include "hashmap.h" - --int udev_node_add(sd_device *dev, bool apply, -- mode_t mode, uid_t uid, gid_t gid, -- OrderedHashmap *seclabel_list); -+int udev_node_apply_permissions( -+ sd_device *dev, -+ bool apply_mac, -+ mode_t mode, -+ uid_t uid, -+ gid_t gid, -+ OrderedHashmap *seclabel_list); - int udev_node_remove(sd_device *dev); --int udev_node_update_old_links(sd_device *dev, sd_device *dev_old); -+int udev_node_update(sd_device *dev, sd_device *dev_old); - - size_t udev_node_escape_path(const char *src, char *dest, size_t size); diff --git a/SOURCES/0021-unit-install-the-systemd-bless-boot.service-only-if-.patch b/SOURCES/0021-unit-install-the-systemd-bless-boot.service-only-if-.patch new file mode 100644 index 0000000..681d599 --- /dev/null +++ b/SOURCES/0021-unit-install-the-systemd-bless-boot.service-only-if-.patch @@ -0,0 +1,28 @@ +From 8f08b876d44d96b3f255ac5275a1daa3ccf9a801 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Tue, 21 Sep 2021 22:47:42 +0200 +Subject: [PATCH] unit: install the systemd-bless-boot.service only if we have + gnu-efi + +Follow-up to #20591. + +(cherry picked from commit 220261ef940a126588b20a1765a2501811473839) + +Related: #2003130 +--- + units/meson.build | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/units/meson.build b/units/meson.build +index 27a2b60137..e06d883cd2 100644 +--- a/units/meson.build ++++ b/units/meson.build +@@ -179,7 +179,7 @@ in_units = [ + ['systemd-backlight@.service', 'ENABLE_BACKLIGHT'], + ['systemd-binfmt.service', 'ENABLE_BINFMT', + 'sysinit.target.wants/'], +- ['systemd-bless-boot.service', 'ENABLE_EFI HAVE_BLKID'], ++ ['systemd-bless-boot.service', 'HAVE_GNU_EFI HAVE_BLKID'], + ['systemd-boot-check-no-failures.service', ''], + ['systemd-coredump@.service', 'ENABLE_COREDUMP'], + ['systemd-pstore.service', 'ENABLE_PSTORE'], diff --git a/SOURCES/0022-udev-node-stack-directory-must-exist-when-adding-dev.patch b/SOURCES/0022-udev-node-stack-directory-must-exist-when-adding-dev.patch deleted file mode 100644 index ca8894d..0000000 --- a/SOURCES/0022-udev-node-stack-directory-must-exist-when-adding-dev.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 18d2fb228bc155fc357262ec2dc5713318bab453 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Wed, 1 Sep 2021 04:14:42 +0900 -Subject: [PATCH] udev-node: stack directory must exist when adding device node - symlink - -(cherry picked from commit 46070dbf26435ba0def099121f46a6253f3f19b6) - -Related: #1977994 ---- - src/udev/udev-node.c | 11 ++++++----- - 1 file changed, 6 insertions(+), 5 deletions(-) - -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 7cc9ee3670..4496a2bd9b 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -161,12 +161,13 @@ static int link_find_prioritized(sd_device *dev, bool add, const char *stackdir, - - dir = opendir(stackdir); - if (!dir) { -- if (errno == ENOENT) { -- *ret = TAKE_PTR(target); -- return !!*ret; -- } -+ if (add) /* The stack directory must exist. */ -+ return -errno; -+ if (errno != ENOENT) -+ return -errno; - -- return -errno; -+ *ret = NULL; -+ return 0; - } - - r = device_get_device_id(dev, &id); diff --git a/SOURCES/0022-units-don-t-enable-tmp.mount-statically-in-local-fs..patch b/SOURCES/0022-units-don-t-enable-tmp.mount-statically-in-local-fs..patch new file mode 100644 index 0000000..65ee29b --- /dev/null +++ b/SOURCES/0022-units-don-t-enable-tmp.mount-statically-in-local-fs..patch @@ -0,0 +1,26 @@ +From ab1ecca56e5a1cc5ad120958b1bb94c7854f3795 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Wed, 22 Sep 2021 14:38:00 +0200 +Subject: [PATCH] units: don't enable tmp.mount statically in local-fs.target + +RHEL-only + +Related: #2000927 +--- + units/meson.build | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/units/meson.build b/units/meson.build +index e06d883cd2..40487d123e 100644 +--- a/units/meson.build ++++ b/units/meson.build +@@ -154,8 +154,7 @@ units = [ + ['time-set.target', ''], + ['time-sync.target', ''], + ['timers.target', ''], +- ['tmp.mount', '', +- 'local-fs.target.wants/'], ++ ['tmp.mount', ''], + ['umount.target', ''], + ['usb-gadget.target', ''], + ['user.slice', ''], diff --git a/SOURCES/0023-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch b/SOURCES/0023-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch new file mode 100644 index 0000000..c67bb3a --- /dev/null +++ b/SOURCES/0023-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch @@ -0,0 +1,59 @@ +From 50a744391dbb1130d38b44700ae7e6649fcc9ffb Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Wed, 1 Aug 2018 13:19:39 +0200 +Subject: [PATCH] pid1: bump DefaultTasksMax to 80% of the kernel pid.max value + +This should be hopefully high enough even for the very big deployments. + +RHEL-only + +Resolves: #2003031 +--- + man/systemd-system.conf.xml | 4 ++-- + src/core/main.c | 2 +- + src/core/system.conf.in | 2 +- + 3 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml +index c11dd46143..72c8db5890 100644 +--- a/man/systemd-system.conf.xml ++++ b/man/systemd-system.conf.xml +@@ -389,10 +389,10 @@ + Configure the default value for the per-unit TasksMax= setting. See + systemd.resource-control5 + for details. This setting applies to all unit types that support resource control settings, with the exception +- of slice units. Defaults to 15% of the minimum of kernel.pid_max=, kernel.threads-max= ++ of slice units. Defaults to 80% of the minimum of kernel.pid_max=, kernel.threads-max= + and root cgroup pids.max. + Kernel has a default value for kernel.pid_max= and an algorithm of counting in case of more than 32 cores. +- For example with the default kernel.pid_max=, DefaultTasksMax= defaults to 4915, ++ For example with the default kernel.pid_max=, DefaultTasksMax= defaults to 26214, + but might be greater in other systems or smaller in OS containers. + + +diff --git a/src/core/main.c b/src/core/main.c +index da6c50a1c4..f4fe7517fd 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -92,7 +92,7 @@ + #include + #endif + +-#define DEFAULT_TASKS_MAX ((TasksMax) { 15U, 100U }) /* 15% */ ++#define DEFAULT_TASKS_MAX ((TasksMax) { 80U, 100U }) /* 80% */ + + static enum { + ACTION_RUN, +diff --git a/src/core/system.conf.in b/src/core/system.conf.in +index e88280bd0a..f2c75fcd32 100644 +--- a/src/core/system.conf.in ++++ b/src/core/system.conf.in +@@ -54,7 +54,7 @@ + #DefaultBlockIOAccounting=no + #DefaultMemoryAccounting={{ 'yes' if MEMORY_ACCOUNTING_DEFAULT else 'no' }} + #DefaultTasksAccounting=yes +-#DefaultTasksMax=15% ++#DefaultTasksMax=80% + #DefaultLimitCPU= + #DefaultLimitFSIZE= + #DefaultLimitDATA= diff --git a/SOURCES/0023-udev-node-save-information-about-device-node-and-pri.patch b/SOURCES/0023-udev-node-save-information-about-device-node-and-pri.patch deleted file mode 100644 index dcac706..0000000 --- a/SOURCES/0023-udev-node-save-information-about-device-node-and-pri.patch +++ /dev/null @@ -1,250 +0,0 @@ -From 9c68b5675ffd11f2a3f9123446b54c2d0eea4682 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Wed, 1 Sep 2021 04:16:21 +0900 -Subject: [PATCH] udev-node: save information about device node and priority in - symlink - -Previously, we only store device IDs in /run/udev/links, and when -creating/removing device node symlink, we create sd_device object -corresponds to the IDs and read device node and priority from the -object. That requires parsing uevent and udev database files. - -This makes link_find_prioritized() get the most prioritzed device node -without parsing the files. - -(cherry picked from commit 377a83f0d80376456d9be203796f66f543a8b943) - -Related: #1977994 ---- - src/udev/udev-node.c | 172 ++++++++++++++++++++++++++++++------------- - 1 file changed, 121 insertions(+), 51 deletions(-) - -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 4496a2bd9b..5d6aae0bd4 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -18,6 +18,7 @@ - #include "fs-util.h" - #include "hexdecoct.h" - #include "mkdir.h" -+#include "parse-util.h" - #include "path-util.h" - #include "selinux-util.h" - #include "smack-util.h" -@@ -28,9 +29,9 @@ - #include "udev-node.h" - #include "user-util.h" - --#define CREATE_LINK_MAX_RETRIES 128 --#define LINK_UPDATE_MAX_RETRIES 128 --#define TOUCH_FILE_MAX_RETRIES 128 -+#define CREATE_LINK_MAX_RETRIES 128 -+#define LINK_UPDATE_MAX_RETRIES 128 -+#define CREATE_STACK_LINK_MAX_RETRIES 128 - #define UDEV_NODE_HASH_KEY SD_ID128_MAKE(b9,6a,f1,ce,40,31,44,1a,9e,19,ec,8b,ae,f3,e3,2f) - - static int create_symlink(const char *target, const char *slink) { -@@ -175,39 +176,67 @@ static int link_find_prioritized(sd_device *dev, bool add, const char *stackdir, - return r; - - FOREACH_DIRENT_ALL(dent, dir, break) { -- _cleanup_(sd_device_unrefp) sd_device *dev_db = NULL; -- const char *devnode; -- int db_prio = 0; -+ _cleanup_free_ char *path = NULL, *buf = NULL; -+ int tmp_prio; - -- if (dent->d_name[0] == '\0') -- break; - if (dent->d_name[0] == '.') - continue; - -- log_device_debug(dev, "Found '%s' claiming '%s'", dent->d_name, stackdir); -- -- /* did we find ourself? */ -+ /* skip ourself */ - if (streq(dent->d_name, id)) - continue; - -- if (sd_device_new_from_device_id(&dev_db, dent->d_name) < 0) -- continue; -+ path = path_join(stackdir, dent->d_name); -+ if (!path) -+ return -ENOMEM; - -- if (sd_device_get_devname(dev_db, &devnode) < 0) -- continue; -+ if (readlink_malloc(path, &buf) >= 0) { -+ char *devnode; - -- if (device_get_devlink_priority(dev_db, &db_prio) < 0) -- continue; -+ /* New format. The devnode and priority can be obtained from symlink. */ - -- if (target && db_prio <= priority) -- continue; -+ devnode = strchr(buf, ':'); -+ if (!devnode || devnode == buf) -+ continue; - -- log_device_debug(dev_db, "Device claims priority %i for '%s'", db_prio, stackdir); -+ *(devnode++) = '\0'; -+ if (!path_startswith(devnode, "/dev")) -+ continue; - -- r = free_and_strdup(&target, devnode); -- if (r < 0) -- return r; -- priority = db_prio; -+ if (safe_atoi(buf, &tmp_prio) < 0) -+ continue; -+ -+ if (target && tmp_prio <= priority) -+ continue; -+ -+ r = free_and_strdup(&target, devnode); -+ if (r < 0) -+ return r; -+ } else { -+ _cleanup_(sd_device_unrefp) sd_device *tmp_dev = NULL; -+ const char *devnode; -+ -+ /* Old format. The devnode and priority must be obtained from uevent and -+ * udev database files. */ -+ -+ if (sd_device_new_from_device_id(&tmp_dev, dent->d_name) < 0) -+ continue; -+ -+ if (device_get_devlink_priority(tmp_dev, &tmp_prio) < 0) -+ continue; -+ -+ if (target && tmp_prio <= priority) -+ continue; -+ -+ if (sd_device_get_devname(tmp_dev, &devnode) < 0) -+ continue; -+ -+ r = free_and_strdup(&target, devnode); -+ if (r < 0) -+ return r; -+ } -+ -+ priority = tmp_prio; - } - - *ret = TAKE_PTR(target); -@@ -256,10 +285,72 @@ toolong: - return size - 1; - } - -+static int update_stack_directory(sd_device *dev, const char *dirname, bool add) { -+ _cleanup_free_ char *filename = NULL, *data = NULL, *buf = NULL; -+ const char *devname, *id; -+ int priority, r; -+ -+ assert(dev); -+ assert(dirname); -+ -+ r = device_get_device_id(dev, &id); -+ if (r < 0) -+ return log_device_debug_errno(dev, r, "Failed to get device id: %m"); -+ -+ filename = path_join(dirname, id); -+ if (!filename) -+ return log_oom_debug(); -+ -+ if (!add) { -+ if (unlink(filename) < 0 && errno != ENOENT) -+ log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); -+ -+ (void) rmdir(dirname); -+ return 0; -+ } -+ -+ r = sd_device_get_devname(dev, &devname); -+ if (r < 0) -+ return log_device_debug_errno(dev, r, "Failed to get device node: %m"); -+ -+ r = device_get_devlink_priority(dev, &priority); -+ if (r < 0) -+ return log_device_debug_errno(dev, r, "Failed to get priority of device node symlink: %m"); -+ -+ if (asprintf(&data, "%i:%s", priority, devname) < 0) -+ return log_oom_debug(); -+ -+ if (readlink_malloc(filename, &buf) >= 0 && streq(buf, data)) -+ return 0; -+ -+ if (unlink(filename) < 0 && errno != ENOENT) -+ log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); -+ -+ for (unsigned j = 0; j < CREATE_STACK_LINK_MAX_RETRIES; j++) { -+ /* This may fail with -ENOENT when the parent directory is removed during -+ * creating the file by another udevd worker. */ -+ r = mkdir_p(dirname, 0755); -+ if (r == -ENOENT) -+ continue; -+ if (r < 0) -+ return log_device_debug_errno(dev, r, "Failed to create directory %s: %m", dirname); -+ -+ if (symlink(data, filename) < 0) { -+ if (errno == ENOENT) -+ continue; -+ return log_device_debug_errno(dev, errno, "Failed to create symbolic link %s: %m", filename); -+ } -+ -+ return 0; -+ } -+ -+ return log_device_debug_errno(dev, SYNTHETIC_ERRNO(ELOOP), "Failed to create symbolic link %s: %m", filename); -+} -+ - /* manage "stack of names" with possibly specified device priorities */ - static int link_update(sd_device *dev, const char *slink_in, bool add) { -- _cleanup_free_ char *slink = NULL, *filename = NULL, *dirname = NULL; -- const char *slink_name, *id; -+ _cleanup_free_ char *slink = NULL, *dirname = NULL; -+ const char *slink_name; - char name_enc[NAME_MAX+1]; - int i, r, retries; - -@@ -279,35 +370,14 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { - return log_device_debug_errno(dev, SYNTHETIC_ERRNO(EINVAL), - "Invalid symbolic link of device node: %s", slink); - -- r = device_get_device_id(dev, &id); -- if (r < 0) -- return log_device_debug_errno(dev, r, "Failed to get device id: %m"); -- - (void) udev_node_escape_path(slink_name, name_enc, sizeof(name_enc)); -- dirname = path_join("/run/udev/links/", name_enc); -+ dirname = path_join("/run/udev/links", name_enc); - if (!dirname) - return log_oom_debug(); - -- filename = path_join(dirname, id); -- if (!filename) -- return log_oom_debug(); -- -- if (!add) { -- if (unlink(filename) < 0 && errno != ENOENT) -- log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); -- -- (void) rmdir(dirname); -- } else { -- for (unsigned j = 0; j < TOUCH_FILE_MAX_RETRIES; j++) { -- /* This may fail with -ENOENT when the parent directory is removed during -- * creating the file by another udevd worker. */ -- r = touch_file(filename, /* parents= */ true, USEC_INFINITY, UID_INVALID, GID_INVALID, 0444); -- if (r != -ENOENT) -- break; -- } -- if (r < 0) -- return log_device_debug_errno(dev, r, "Failed to create %s: %m", filename); -- } -+ r = update_stack_directory(dev, dirname, add); -+ if (r < 0) -+ return r; - - /* If the database entry is not written yet we will just do one iteration and possibly wrong symlink - * will be fixed in the second invocation. */ diff --git a/SOURCES/0024-sd-device-introduce-device_has_devlink.patch b/SOURCES/0024-sd-device-introduce-device_has_devlink.patch new file mode 100644 index 0000000..c6fce49 --- /dev/null +++ b/SOURCES/0024-sd-device-introduce-device_has_devlink.patch @@ -0,0 +1,43 @@ +From 9c46b3e584fbb7be0a9e93471d30f2885bd194c9 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 1 Sep 2021 09:22:15 +0900 +Subject: [PATCH] sd-device: introduce device_has_devlink() + +(cherry picked from commit b881ce16b9ccae4c3089c82e2ea1781cd9773a4f) + +Related: #2005024 +--- + src/libsystemd/sd-device/device-private.h | 1 + + src/libsystemd/sd-device/sd-device.c | 7 +++++++ + 2 files changed, 8 insertions(+) + +diff --git a/src/libsystemd/sd-device/device-private.h b/src/libsystemd/sd-device/device-private.h +index fe268d7f2f..9bb5eff208 100644 +--- a/src/libsystemd/sd-device/device-private.h ++++ b/src/libsystemd/sd-device/device-private.h +@@ -32,6 +32,7 @@ void device_set_db_persist(sd_device *device); + void device_set_devlink_priority(sd_device *device, int priority); + int device_ensure_usec_initialized(sd_device *device, sd_device *device_old); + int device_add_devlink(sd_device *device, const char *devlink); ++bool device_has_devlink(sd_device *device, const char *devlink); + int device_add_property(sd_device *device, const char *property, const char *value); + int device_add_tag(sd_device *device, const char *tag, bool both); + void device_remove_tag(sd_device *device, const char *tag); +diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c +index 388128bf33..8a9e4a33a1 100644 +--- a/src/libsystemd/sd-device/sd-device.c ++++ b/src/libsystemd/sd-device/sd-device.c +@@ -1193,6 +1193,13 @@ int device_add_devlink(sd_device *device, const char *devlink) { + return 0; + } + ++bool device_has_devlink(sd_device *device, const char *devlink) { ++ assert(device); ++ assert(devlink); ++ ++ return set_contains(device->devlinks, devlink); ++} ++ + static int device_add_property_internal_from_string(sd_device *device, const char *str) { + _cleanup_free_ char *key = NULL; + char *value; diff --git a/SOURCES/0024-udev-node-always-update-timestamp-of-stack-directory.patch b/SOURCES/0024-udev-node-always-update-timestamp-of-stack-directory.patch deleted file mode 100644 index fb3c52e..0000000 --- a/SOURCES/0024-udev-node-always-update-timestamp-of-stack-directory.patch +++ /dev/null @@ -1,146 +0,0 @@ -From 16a6007cc8881ef19cc97de676d3b2b36b2def82 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Wed, 1 Sep 2021 12:57:40 +0900 -Subject: [PATCH] udev-node: always update timestamp of stack directory - -Please see the comments in the code. - -(cherry picked from commit 6df797f75fa08bb1a9e657001229bd47903e6174) - -Related: #1977994 ---- - src/udev/udev-node.c | 90 ++++++++++++++++++++++++++++++++++++++++++-- - 1 file changed, 87 insertions(+), 3 deletions(-) - -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 5d6aae0bd4..0de848da19 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -32,6 +32,7 @@ - #define CREATE_LINK_MAX_RETRIES 128 - #define LINK_UPDATE_MAX_RETRIES 128 - #define CREATE_STACK_LINK_MAX_RETRIES 128 -+#define UPDATE_TIMESTAMP_MAX_RETRIES 128 - #define UDEV_NODE_HASH_KEY SD_ID128_MAKE(b9,6a,f1,ce,40,31,44,1a,9e,19,ec,8b,ae,f3,e3,2f) - - static int create_symlink(const char *target, const char *slink) { -@@ -285,9 +286,60 @@ toolong: - return size - 1; - } - -+static int update_timestamp(sd_device *dev, const char *path, struct stat *prev) { -+ assert(path); -+ assert(prev); -+ -+ /* Even if a symlink in the stack directory is created/removed, the mtime of the directory may -+ * not be changed. Why? Let's consider the following situation. For simplicity, let's assume -+ * there exist three udev workers (A, B, and C) and all of them calls link_update() for the -+ * same devlink simultaneously. -+ * -+ * 1. B creates/removes a symlink in the stack directory. -+ * 2. A calls the first stat() in the loop of link_update(). -+ * 3. A calls link_find_prioritized(). -+ * 4. C creates/removes another symlink in the stack directory, so the result of the step 3 is outdated. -+ * 5. B and C finish link_update(). -+ * 6. A creates/removes devlink according to the outdated result in the step 3. -+ * 7. A calls the second stat() in the loop of link_update(). -+ * -+ * If these 7 steps are processed in this order within a short time period that kernel's timer -+ * does not increase, then even if the contents in the stack directory is changed, the results -+ * of two stat() called by A shows the same timestamp, and A cannot detect the change. -+ * -+ * By calling this function after creating/removing symlinks in the stack directory, the -+ * timestamp of the stack directory is always increased at least in the above step 5, so A can -+ * detect the update. */ -+ -+ if ((prev->st_mode & S_IFMT) == 0) -+ return 0; /* Does not exist, or previous stat() failed. */ -+ -+ for (unsigned i = 0; i < UPDATE_TIMESTAMP_MAX_RETRIES; i++) { -+ struct stat st; -+ -+ if (stat(path, &st) < 0) -+ return -errno; -+ -+ if (!stat_inode_unmodified(prev, &st)) -+ return 0; -+ -+ log_device_debug(dev, -+ "%s is modified, but its timestamp is not changed, " -+ "updating timestamp after 10ms.", -+ path); -+ -+ (void) usleep(10 * USEC_PER_MSEC); -+ if (utimensat(AT_FDCWD, path, NULL, 0) < 0) -+ return -errno; -+ } -+ -+ return -ELOOP; -+} -+ - static int update_stack_directory(sd_device *dev, const char *dirname, bool add) { - _cleanup_free_ char *filename = NULL, *data = NULL, *buf = NULL; - const char *devname, *id; -+ struct stat st = {}; - int priority, r; - - assert(dev); -@@ -302,10 +354,31 @@ static int update_stack_directory(sd_device *dev, const char *dirname, bool add) - return log_oom_debug(); - - if (!add) { -- if (unlink(filename) < 0 && errno != ENOENT) -- log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); -+ bool unlink_failed = false; -+ -+ if (stat(dirname, &st) < 0) { -+ if (errno == ENOENT) -+ return 0; /* The stack directory is already removed. That's OK. */ -+ log_device_debug_errno(dev, errno, "Failed to stat %s, ignoring: %m", dirname); -+ } -+ -+ if (unlink(filename) < 0) { -+ unlink_failed = true; -+ if (errno != ENOENT) -+ log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); -+ } -+ -+ if (rmdir(dirname) >= 0 || errno == ENOENT) -+ return 0; -+ -+ if (unlink_failed) -+ return 0; /* If we failed to remove the symlink, there is almost nothing we can do. */ -+ -+ /* The symlink was removed. Check if the timestamp of directory is changed. */ -+ r = update_timestamp(dev, dirname, &st); -+ if (r < 0 && r != -ENOENT) -+ return log_device_debug_errno(dev, r, "Failed to update timestamp of %s: %m", dirname); - -- (void) rmdir(dirname); - return 0; - } - -@@ -335,12 +408,23 @@ static int update_stack_directory(sd_device *dev, const char *dirname, bool add) - if (r < 0) - return log_device_debug_errno(dev, r, "Failed to create directory %s: %m", dirname); - -+ if (stat(dirname, &st) < 0) { -+ if (errno == ENOENT) -+ continue; -+ return log_device_debug_errno(dev, errno, "Failed to stat %s: %m", dirname); -+ } -+ - if (symlink(data, filename) < 0) { - if (errno == ENOENT) - continue; - return log_device_debug_errno(dev, errno, "Failed to create symbolic link %s: %m", filename); - } - -+ /* The symlink was created. Check if the timestamp of directory is changed. */ -+ r = update_timestamp(dev, dirname, &st); -+ if (r < 0) -+ return log_device_debug_errno(dev, r, "Failed to update timestamp of %s: %m", dirname); -+ - return 0; - } - diff --git a/SOURCES/0025-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch b/SOURCES/0025-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch deleted file mode 100644 index d4bcdc1..0000000 --- a/SOURCES/0025-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 18936c8ee21fabb2036b1849a4bb7f5b64bee897 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Thu, 2 Sep 2021 06:58:59 +0900 -Subject: [PATCH] udev-node: assume no new claim to a symlink if - /run/udev/links is not updated - -During creating a symlink to a device node, if another device node which -requests the same symlink is added/removed, `stat_inode_unmodified()` -should always detects that. We do not need to continue the loop -unconditionally. - -(cherry picked from commit 8f27311eb2aec2411d1fb7d62e6c9d75d21ae8df) - -Related: #1977994 ---- - src/udev/udev-node.c | 5 ----- - 1 file changed, 5 deletions(-) - -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 0de848da19..1a34ea8128 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -491,11 +491,6 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { - r = node_symlink(dev, target, slink); - if (r < 0) - return r; -- if (r == 1) -- /* We have replaced already existing symlink, possibly there is some other device trying -- * to claim the same symlink. Let's do one more iteration to give us a chance to fix -- * the error if other device actually claims the symlink with higher priority. */ -- continue; - - /* Skip the second stat() if the first failed, stat_inode_unmodified() would return false regardless. */ - if ((st1.st_mode & S_IFMT) != 0) { diff --git a/SOURCES/0025-udev-node-split-out-permission-handling-from-udev_no.patch b/SOURCES/0025-udev-node-split-out-permission-handling-from-udev_no.patch new file mode 100644 index 0000000..cddb90d --- /dev/null +++ b/SOURCES/0025-udev-node-split-out-permission-handling-from-udev_no.patch @@ -0,0 +1,305 @@ +From a4fba2d79634d660ed2014e18cb85eea090b6413 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 1 Sep 2021 09:24:15 +0900 +Subject: [PATCH] udev-node: split out permission handling from udev_node_add() + +And then merge udev_node_add() and udev_node_update_old_links(). + +(cherry picked from commit 2f48561e0db3cd63f65e9311b4d69282b4ac605d) + +Related: #2005024 +--- + src/udev/udev-event.c | 9 +- + src/udev/udev-node.c | 204 +++++++++++++++++++----------------------- + src/udev/udev-node.h | 12 ++- + 3 files changed, 106 insertions(+), 119 deletions(-) + +diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c +index b28089be71..8b9f8aecfe 100644 +--- a/src/udev/udev-event.c ++++ b/src/udev/udev-event.c +@@ -895,9 +895,6 @@ static int update_devnode(UdevEvent *event) { + if (r < 0) + return log_device_error_errno(dev, r, "Failed to get devnum: %m"); + +- /* remove/update possible left-over symlinks from old database entry */ +- (void) udev_node_update_old_links(dev, event->dev_db_clone); +- + if (!uid_is_valid(event->uid)) { + r = device_get_devnode_uid(dev, &event->uid); + if (r < 0 && r != -ENOENT) +@@ -921,7 +918,11 @@ static int update_devnode(UdevEvent *event) { + + bool apply_mac = device_for_action(dev, SD_DEVICE_ADD); + +- return udev_node_add(dev, apply_mac, event->mode, event->uid, event->gid, event->seclabel_list); ++ r = udev_node_apply_permissions(dev, apply_mac, event->mode, event->uid, event->gid, event->seclabel_list); ++ if (r < 0) ++ return log_device_error_errno(dev, r, "Failed to apply devnode permissions: %m"); ++ ++ return udev_node_update(dev, event->dev_db_clone); + } + + static int event_execute_rules_on_remove( +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index 9e52906571..7cc9ee3670 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -356,45 +356,117 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { + return i < LINK_UPDATE_MAX_RETRIES ? 0 : -ELOOP; + } + +-int udev_node_update_old_links(sd_device *dev, sd_device *dev_old) { +- const char *name; ++static int device_get_devpath_by_devnum(sd_device *dev, char **ret) { ++ const char *subsystem; ++ dev_t devnum; ++ int r; ++ ++ assert(dev); ++ assert(ret); ++ ++ r = sd_device_get_subsystem(dev, &subsystem); ++ if (r < 0) ++ return r; ++ ++ r = sd_device_get_devnum(dev, &devnum); ++ if (r < 0) ++ return r; ++ ++ return device_path_make_major_minor(streq(subsystem, "block") ? S_IFBLK : S_IFCHR, devnum, ret); ++} ++ ++int udev_node_update(sd_device *dev, sd_device *dev_old) { ++ _cleanup_free_ char *filename = NULL; ++ const char *devnode, *devlink; + int r; + + assert(dev); + assert(dev_old); + +- /* update possible left-over symlinks */ +- FOREACH_DEVICE_DEVLINK(dev_old, name) { +- const char *name_current; +- bool found = false; ++ r = sd_device_get_devname(dev, &devnode); ++ if (r < 0) ++ return log_device_debug_errno(dev, r, "Failed to get devnode: %m"); + +- /* check if old link name still belongs to this device */ +- FOREACH_DEVICE_DEVLINK(dev, name_current) +- if (streq(name, name_current)) { +- found = true; +- break; +- } ++ if (DEBUG_LOGGING) { ++ const char *id = NULL; + +- if (found) ++ (void) device_get_device_id(dev, &id); ++ log_device_debug(dev, "Handling device node '%s', devnum=%s", devnode, strna(id)); ++ } ++ ++ /* update possible left-over symlinks */ ++ FOREACH_DEVICE_DEVLINK(dev_old, devlink) { ++ /* check if old link name still belongs to this device */ ++ if (device_has_devlink(dev, devlink)) + continue; + + log_device_debug(dev, +- "Updating old device symlink '%s', which is no longer belonging to this device.", +- name); ++ "Removing/updating old device symlink '%s', which is no longer belonging to this device.", ++ devlink); + +- r = link_update(dev, name, false); ++ r = link_update(dev, devlink, /* add = */ false); + if (r < 0) + log_device_warning_errno(dev, r, +- "Failed to update device symlink '%s', ignoring: %m", +- name); ++ "Failed to remove/update device symlink '%s', ignoring: %m", ++ devlink); + } + ++ /* create/update symlinks, add symlinks to name index */ ++ FOREACH_DEVICE_DEVLINK(dev, devlink) { ++ r = link_update(dev, devlink, /* add = */ true); ++ if (r < 0) ++ log_device_warning_errno(dev, r, ++ "Failed to create/update device symlink '%s', ignoring: %m", ++ devlink); ++ } ++ ++ r = device_get_devpath_by_devnum(dev, &filename); ++ if (r < 0) ++ return log_device_debug_errno(dev, r, "Failed to get device path: %m"); ++ ++ /* always add /dev/{block,char}/$major:$minor */ ++ r = node_symlink(dev, devnode, filename); ++ if (r < 0) ++ return log_device_warning_errno(dev, r, "Failed to create device symlink '%s': %m", filename); ++ ++ return 0; ++} ++ ++int udev_node_remove(sd_device *dev) { ++ _cleanup_free_ char *filename = NULL; ++ const char *devlink; ++ int r; ++ ++ assert(dev); ++ ++ /* remove/update symlinks, remove symlinks from name index */ ++ FOREACH_DEVICE_DEVLINK(dev, devlink) { ++ r = link_update(dev, devlink, /* add = */ false); ++ if (r < 0) ++ log_device_warning_errno(dev, r, ++ "Failed to remove/update device symlink '%s', ignoring: %m", ++ devlink); ++ } ++ ++ r = device_get_devpath_by_devnum(dev, &filename); ++ if (r < 0) ++ return log_device_debug_errno(dev, r, "Failed to get device path: %m"); ++ ++ /* remove /dev/{block,char}/$major:$minor */ ++ if (unlink(filename) < 0 && errno != ENOENT) ++ return log_device_debug_errno(dev, errno, "Failed to remove '%s': %m", filename); ++ + return 0; + } + +-static int node_permissions_apply(sd_device *dev, bool apply_mac, +- mode_t mode, uid_t uid, gid_t gid, +- OrderedHashmap *seclabel_list) { ++int udev_node_apply_permissions( ++ sd_device *dev, ++ bool apply_mac, ++ mode_t mode, ++ uid_t uid, ++ gid_t gid, ++ OrderedHashmap *seclabel_list) { ++ + const char *devnode, *subsystem, *id = NULL; + bool apply_mode, apply_uid, apply_gid; + _cleanup_close_ int node_fd = -1; +@@ -511,95 +583,5 @@ static int node_permissions_apply(sd_device *dev, bool apply_mac, + if (r < 0) + log_device_debug_errno(dev, r, "Failed to adjust timestamp of node %s: %m", devnode); + +- return r; +-} +- +-static int xsprintf_dev_num_path_from_sd_device(sd_device *dev, char **ret) { +- const char *subsystem; +- dev_t devnum; +- int r; +- +- assert(ret); +- +- r = sd_device_get_subsystem(dev, &subsystem); +- if (r < 0) +- return r; +- +- r = sd_device_get_devnum(dev, &devnum); +- if (r < 0) +- return r; +- +- return device_path_make_major_minor(streq(subsystem, "block") ? S_IFBLK : S_IFCHR, devnum, ret); +-} +- +-int udev_node_add(sd_device *dev, bool apply, +- mode_t mode, uid_t uid, gid_t gid, +- OrderedHashmap *seclabel_list) { +- const char *devnode, *devlink; +- _cleanup_free_ char *filename = NULL; +- int r; +- +- assert(dev); +- +- r = sd_device_get_devname(dev, &devnode); +- if (r < 0) +- return log_device_debug_errno(dev, r, "Failed to get devnode: %m"); +- +- if (DEBUG_LOGGING) { +- const char *id = NULL; +- +- (void) device_get_device_id(dev, &id); +- log_device_debug(dev, "Handling device node '%s', devnum=%s", devnode, strna(id)); +- } +- +- r = node_permissions_apply(dev, apply, mode, uid, gid, seclabel_list); +- if (r < 0) +- return r; +- +- /* create/update symlinks, add symlinks to name index */ +- FOREACH_DEVICE_DEVLINK(dev, devlink) { +- r = link_update(dev, devlink, true); +- if (r < 0) +- log_device_warning_errno(dev, r, +- "Failed to update device symlink '%s', ignoring: %m", +- devlink); +- } +- +- r = xsprintf_dev_num_path_from_sd_device(dev, &filename); +- if (r < 0) +- return log_device_debug_errno(dev, r, "Failed to get device path: %m"); +- +- /* always add /dev/{block,char}/$major:$minor */ +- r = node_symlink(dev, devnode, filename); +- if (r < 0) +- return log_device_warning_errno(dev, r, "Failed to create device symlink '%s': %m", filename); +- +- return 0; +-} +- +-int udev_node_remove(sd_device *dev) { +- _cleanup_free_ char *filename = NULL; +- const char *devlink; +- int r; +- +- assert(dev); +- +- /* remove/update symlinks, remove symlinks from name index */ +- FOREACH_DEVICE_DEVLINK(dev, devlink) { +- r = link_update(dev, devlink, false); +- if (r < 0) +- log_device_warning_errno(dev, r, +- "Failed to update device symlink '%s', ignoring: %m", +- devlink); +- } +- +- r = xsprintf_dev_num_path_from_sd_device(dev, &filename); +- if (r < 0) +- return log_device_debug_errno(dev, r, "Failed to get device path: %m"); +- +- /* remove /dev/{block,char}/$major:$minor */ +- if (unlink(filename) < 0 && errno != ENOENT) +- return log_device_debug_errno(dev, errno, "Failed to remove '%s': %m", filename); +- + return 0; + } +diff --git a/src/udev/udev-node.h b/src/udev/udev-node.h +index 2349f9c471..a34af77146 100644 +--- a/src/udev/udev-node.h ++++ b/src/udev/udev-node.h +@@ -8,10 +8,14 @@ + + #include "hashmap.h" + +-int udev_node_add(sd_device *dev, bool apply, +- mode_t mode, uid_t uid, gid_t gid, +- OrderedHashmap *seclabel_list); ++int udev_node_apply_permissions( ++ sd_device *dev, ++ bool apply_mac, ++ mode_t mode, ++ uid_t uid, ++ gid_t gid, ++ OrderedHashmap *seclabel_list); + int udev_node_remove(sd_device *dev); +-int udev_node_update_old_links(sd_device *dev, sd_device *dev_old); ++int udev_node_update(sd_device *dev, sd_device *dev_old); + + size_t udev_node_escape_path(const char *src, char *dest, size_t size); diff --git a/SOURCES/0026-udev-node-always-atomically-create-symlink-to-device.patch b/SOURCES/0026-udev-node-always-atomically-create-symlink-to-device.patch deleted file mode 100644 index b86e5e4..0000000 --- a/SOURCES/0026-udev-node-always-atomically-create-symlink-to-device.patch +++ /dev/null @@ -1,92 +0,0 @@ -From 323f687e53737ccf7687482c31690374da90d8e7 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Wed, 1 Sep 2021 02:20:33 +0900 -Subject: [PATCH] udev-node: always atomically create symlink to device node - -By the previous commit, it is not necessary to distinguish if the devlink -already exists. Also, I cannot find any significant advantages of the -previous complecated logic, that is, first try to create directly, and then -fallback to atomically creation. Moreover, such logic increases the chance -of conflicts between multiple udev workers. - -This makes devlinks always created atomically. Hopefully, this reduces the -conflicts between the workers. - -(cherry picked from commit 242d39ebc1391f4734f6e63ff13764de92bc5f70) - -Related: #1977994 ---- - src/udev/udev-node.c | 42 +++++++++--------------------------------- - 1 file changed, 9 insertions(+), 33 deletions(-) - -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 1a34ea8128..46c04fe00b 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -71,6 +71,13 @@ static int node_symlink(sd_device *dev, const char *node, const char *slink) { - assert(node); - assert(slink); - -+ if (lstat(slink, &stats) >= 0) { -+ if (!S_ISLNK(stats.st_mode)) -+ return log_device_debug_errno(dev, SYNTHETIC_ERRNO(EEXIST), -+ "Conflicting inode '%s' found, link to '%s' will not be created.", slink, node); -+ } else if (errno != ENOENT) -+ return log_device_debug_errno(dev, errno, "Failed to lstat() '%s': %m", slink); -+ - r = path_extract_directory(slink, &slink_dirname); - if (r < 0) - return log_device_debug_errno(dev, r, "Failed to get parent directory of '%s': %m", slink); -@@ -80,41 +87,11 @@ static int node_symlink(sd_device *dev, const char *node, const char *slink) { - if (r < 0) - return log_device_debug_errno(dev, r, "Failed to get relative path from '%s' to '%s': %m", slink, node); - -- if (lstat(slink, &stats) >= 0) { -- _cleanup_free_ char *buf = NULL; -- -- if (!S_ISLNK(stats.st_mode)) -- return log_device_debug_errno(dev, SYNTHETIC_ERRNO(EEXIST), -- "Conflicting inode '%s' found, link to '%s' will not be created.", slink, node); -- -- if (readlink_malloc(slink, &buf) >= 0 && -- path_equal(target, buf)) { -- /* preserve link with correct target, do not replace node of other device */ -- log_device_debug(dev, "Preserve already existing symlink '%s' to '%s'", slink, target); -- -- (void) label_fix(slink, LABEL_IGNORE_ENOENT); -- (void) utimensat(AT_FDCWD, slink, NULL, AT_SYMLINK_NOFOLLOW); -- -- return 0; -- } -- } else if (errno == ENOENT) { -- log_device_debug(dev, "Creating symlink '%s' to '%s'", slink, target); -- -- r = create_symlink(target, slink); -- if (r >= 0) -- return 0; -- -- log_device_debug_errno(dev, r, "Failed to create symlink '%s' to '%s', trying to replace '%s': %m", slink, target, slink); -- } else -- return log_device_debug_errno(dev, errno, "Failed to lstat() '%s': %m", slink); -- -- log_device_debug(dev, "Atomically replace '%s'", slink); -- - r = device_get_device_id(dev, &id); - if (r < 0) - return log_device_debug_errno(dev, r, "Failed to get device id: %m"); -- slink_tmp = strjoina(slink, ".tmp-", id); - -+ slink_tmp = strjoina(slink, ".tmp-", id); - (void) unlink(slink_tmp); - - r = create_symlink(target, slink_tmp); -@@ -127,8 +104,7 @@ static int node_symlink(sd_device *dev, const char *node, const char *slink) { - return r; - } - -- /* Tell caller that we replaced already existing symlink. */ -- return 1; -+ return 0; - } - - static int link_find_prioritized(sd_device *dev, bool add, const char *stackdir, char **ret) { diff --git a/SOURCES/0026-udev-node-stack-directory-must-exist-when-adding-dev.patch b/SOURCES/0026-udev-node-stack-directory-must-exist-when-adding-dev.patch new file mode 100644 index 0000000..fa456bf --- /dev/null +++ b/SOURCES/0026-udev-node-stack-directory-must-exist-when-adding-dev.patch @@ -0,0 +1,36 @@ +From 506dc32b2428936d67e9cf1a034d6b63dbc1cbb0 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 1 Sep 2021 04:14:42 +0900 +Subject: [PATCH] udev-node: stack directory must exist when adding device node + symlink + +(cherry picked from commit 46070dbf26435ba0def099121f46a6253f3f19b6) + +Related: #2005024 +--- + src/udev/udev-node.c | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index 7cc9ee3670..4496a2bd9b 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -161,12 +161,13 @@ static int link_find_prioritized(sd_device *dev, bool add, const char *stackdir, + + dir = opendir(stackdir); + if (!dir) { +- if (errno == ENOENT) { +- *ret = TAKE_PTR(target); +- return !!*ret; +- } ++ if (add) /* The stack directory must exist. */ ++ return -errno; ++ if (errno != ENOENT) ++ return -errno; + +- return -errno; ++ *ret = NULL; ++ return 0; + } + + r = device_get_device_id(dev, &id); diff --git a/SOURCES/0027-udev-node-check-stack-directory-change-even-if-devli.patch b/SOURCES/0027-udev-node-check-stack-directory-change-even-if-devli.patch deleted file mode 100644 index f5cec3b..0000000 --- a/SOURCES/0027-udev-node-check-stack-directory-change-even-if-devli.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 6ecd6fdcc27f374debcce47366c2862967f99463 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Wed, 1 Sep 2021 09:44:26 +0900 -Subject: [PATCH] udev-node: check stack directory change even if devlink is - removed - -Otherwise, when multiple device additions and removals occur -simultaneously, symlink to unexisting devnode may be created. - -Hopefully fixes #19946. - -(cherry picked from commit 1cd4e325693007b3628f1a27297f0ab7114b24b8) - -Related: #1977994 ---- - src/udev/udev-node.c | 15 ++++++--------- - 1 file changed, 6 insertions(+), 9 deletions(-) - -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 46c04fe00b..28e6e8df94 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -468,15 +468,12 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { - if (r < 0) - return r; - -- /* Skip the second stat() if the first failed, stat_inode_unmodified() would return false regardless. */ -- if ((st1.st_mode & S_IFMT) != 0) { -- r = stat(dirname, &st2); -- if (r < 0 && errno != ENOENT) -- return log_device_debug_errno(dev, errno, "Failed to stat %s: %m", dirname); -- -- if (stat_inode_unmodified(&st1, &st2)) -- break; -- } -+ if (stat(dirname, &st2) < 0 && errno != ENOENT) -+ return log_device_debug_errno(dev, errno, "Failed to stat %s: %m", dirname); -+ -+ if (((st1.st_mode & S_IFMT) == 0 && (st2.st_mode & S_IFMT) == 0) || -+ stat_inode_unmodified(&st1, &st2)) -+ return 0; - } - - return i < LINK_UPDATE_MAX_RETRIES ? 0 : -ELOOP; diff --git a/SOURCES/0027-udev-node-save-information-about-device-node-and-pri.patch b/SOURCES/0027-udev-node-save-information-about-device-node-and-pri.patch new file mode 100644 index 0000000..efd691c --- /dev/null +++ b/SOURCES/0027-udev-node-save-information-about-device-node-and-pri.patch @@ -0,0 +1,250 @@ +From 065209fc7a53d6f296f7fffd261f0a92fddc4485 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 1 Sep 2021 04:16:21 +0900 +Subject: [PATCH] udev-node: save information about device node and priority in + symlink + +Previously, we only store device IDs in /run/udev/links, and when +creating/removing device node symlink, we create sd_device object +corresponds to the IDs and read device node and priority from the +object. That requires parsing uevent and udev database files. + +This makes link_find_prioritized() get the most prioritzed device node +without parsing the files. + +(cherry picked from commit 377a83f0d80376456d9be203796f66f543a8b943) + +Related: #2005024 +--- + src/udev/udev-node.c | 172 ++++++++++++++++++++++++++++++------------- + 1 file changed, 121 insertions(+), 51 deletions(-) + +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index 4496a2bd9b..5d6aae0bd4 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -18,6 +18,7 @@ + #include "fs-util.h" + #include "hexdecoct.h" + #include "mkdir.h" ++#include "parse-util.h" + #include "path-util.h" + #include "selinux-util.h" + #include "smack-util.h" +@@ -28,9 +29,9 @@ + #include "udev-node.h" + #include "user-util.h" + +-#define CREATE_LINK_MAX_RETRIES 128 +-#define LINK_UPDATE_MAX_RETRIES 128 +-#define TOUCH_FILE_MAX_RETRIES 128 ++#define CREATE_LINK_MAX_RETRIES 128 ++#define LINK_UPDATE_MAX_RETRIES 128 ++#define CREATE_STACK_LINK_MAX_RETRIES 128 + #define UDEV_NODE_HASH_KEY SD_ID128_MAKE(b9,6a,f1,ce,40,31,44,1a,9e,19,ec,8b,ae,f3,e3,2f) + + static int create_symlink(const char *target, const char *slink) { +@@ -175,39 +176,67 @@ static int link_find_prioritized(sd_device *dev, bool add, const char *stackdir, + return r; + + FOREACH_DIRENT_ALL(dent, dir, break) { +- _cleanup_(sd_device_unrefp) sd_device *dev_db = NULL; +- const char *devnode; +- int db_prio = 0; ++ _cleanup_free_ char *path = NULL, *buf = NULL; ++ int tmp_prio; + +- if (dent->d_name[0] == '\0') +- break; + if (dent->d_name[0] == '.') + continue; + +- log_device_debug(dev, "Found '%s' claiming '%s'", dent->d_name, stackdir); +- +- /* did we find ourself? */ ++ /* skip ourself */ + if (streq(dent->d_name, id)) + continue; + +- if (sd_device_new_from_device_id(&dev_db, dent->d_name) < 0) +- continue; ++ path = path_join(stackdir, dent->d_name); ++ if (!path) ++ return -ENOMEM; + +- if (sd_device_get_devname(dev_db, &devnode) < 0) +- continue; ++ if (readlink_malloc(path, &buf) >= 0) { ++ char *devnode; + +- if (device_get_devlink_priority(dev_db, &db_prio) < 0) +- continue; ++ /* New format. The devnode and priority can be obtained from symlink. */ + +- if (target && db_prio <= priority) +- continue; ++ devnode = strchr(buf, ':'); ++ if (!devnode || devnode == buf) ++ continue; + +- log_device_debug(dev_db, "Device claims priority %i for '%s'", db_prio, stackdir); ++ *(devnode++) = '\0'; ++ if (!path_startswith(devnode, "/dev")) ++ continue; + +- r = free_and_strdup(&target, devnode); +- if (r < 0) +- return r; +- priority = db_prio; ++ if (safe_atoi(buf, &tmp_prio) < 0) ++ continue; ++ ++ if (target && tmp_prio <= priority) ++ continue; ++ ++ r = free_and_strdup(&target, devnode); ++ if (r < 0) ++ return r; ++ } else { ++ _cleanup_(sd_device_unrefp) sd_device *tmp_dev = NULL; ++ const char *devnode; ++ ++ /* Old format. The devnode and priority must be obtained from uevent and ++ * udev database files. */ ++ ++ if (sd_device_new_from_device_id(&tmp_dev, dent->d_name) < 0) ++ continue; ++ ++ if (device_get_devlink_priority(tmp_dev, &tmp_prio) < 0) ++ continue; ++ ++ if (target && tmp_prio <= priority) ++ continue; ++ ++ if (sd_device_get_devname(tmp_dev, &devnode) < 0) ++ continue; ++ ++ r = free_and_strdup(&target, devnode); ++ if (r < 0) ++ return r; ++ } ++ ++ priority = tmp_prio; + } + + *ret = TAKE_PTR(target); +@@ -256,10 +285,72 @@ toolong: + return size - 1; + } + ++static int update_stack_directory(sd_device *dev, const char *dirname, bool add) { ++ _cleanup_free_ char *filename = NULL, *data = NULL, *buf = NULL; ++ const char *devname, *id; ++ int priority, r; ++ ++ assert(dev); ++ assert(dirname); ++ ++ r = device_get_device_id(dev, &id); ++ if (r < 0) ++ return log_device_debug_errno(dev, r, "Failed to get device id: %m"); ++ ++ filename = path_join(dirname, id); ++ if (!filename) ++ return log_oom_debug(); ++ ++ if (!add) { ++ if (unlink(filename) < 0 && errno != ENOENT) ++ log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); ++ ++ (void) rmdir(dirname); ++ return 0; ++ } ++ ++ r = sd_device_get_devname(dev, &devname); ++ if (r < 0) ++ return log_device_debug_errno(dev, r, "Failed to get device node: %m"); ++ ++ r = device_get_devlink_priority(dev, &priority); ++ if (r < 0) ++ return log_device_debug_errno(dev, r, "Failed to get priority of device node symlink: %m"); ++ ++ if (asprintf(&data, "%i:%s", priority, devname) < 0) ++ return log_oom_debug(); ++ ++ if (readlink_malloc(filename, &buf) >= 0 && streq(buf, data)) ++ return 0; ++ ++ if (unlink(filename) < 0 && errno != ENOENT) ++ log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); ++ ++ for (unsigned j = 0; j < CREATE_STACK_LINK_MAX_RETRIES; j++) { ++ /* This may fail with -ENOENT when the parent directory is removed during ++ * creating the file by another udevd worker. */ ++ r = mkdir_p(dirname, 0755); ++ if (r == -ENOENT) ++ continue; ++ if (r < 0) ++ return log_device_debug_errno(dev, r, "Failed to create directory %s: %m", dirname); ++ ++ if (symlink(data, filename) < 0) { ++ if (errno == ENOENT) ++ continue; ++ return log_device_debug_errno(dev, errno, "Failed to create symbolic link %s: %m", filename); ++ } ++ ++ return 0; ++ } ++ ++ return log_device_debug_errno(dev, SYNTHETIC_ERRNO(ELOOP), "Failed to create symbolic link %s: %m", filename); ++} ++ + /* manage "stack of names" with possibly specified device priorities */ + static int link_update(sd_device *dev, const char *slink_in, bool add) { +- _cleanup_free_ char *slink = NULL, *filename = NULL, *dirname = NULL; +- const char *slink_name, *id; ++ _cleanup_free_ char *slink = NULL, *dirname = NULL; ++ const char *slink_name; + char name_enc[NAME_MAX+1]; + int i, r, retries; + +@@ -279,35 +370,14 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { + return log_device_debug_errno(dev, SYNTHETIC_ERRNO(EINVAL), + "Invalid symbolic link of device node: %s", slink); + +- r = device_get_device_id(dev, &id); +- if (r < 0) +- return log_device_debug_errno(dev, r, "Failed to get device id: %m"); +- + (void) udev_node_escape_path(slink_name, name_enc, sizeof(name_enc)); +- dirname = path_join("/run/udev/links/", name_enc); ++ dirname = path_join("/run/udev/links", name_enc); + if (!dirname) + return log_oom_debug(); + +- filename = path_join(dirname, id); +- if (!filename) +- return log_oom_debug(); +- +- if (!add) { +- if (unlink(filename) < 0 && errno != ENOENT) +- log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); +- +- (void) rmdir(dirname); +- } else { +- for (unsigned j = 0; j < TOUCH_FILE_MAX_RETRIES; j++) { +- /* This may fail with -ENOENT when the parent directory is removed during +- * creating the file by another udevd worker. */ +- r = touch_file(filename, /* parents= */ true, USEC_INFINITY, UID_INVALID, GID_INVALID, 0444); +- if (r != -ENOENT) +- break; +- } +- if (r < 0) +- return log_device_debug_errno(dev, r, "Failed to create %s: %m", filename); +- } ++ r = update_stack_directory(dev, dirname, add); ++ if (r < 0) ++ return r; + + /* If the database entry is not written yet we will just do one iteration and possibly wrong symlink + * will be fixed in the second invocation. */ diff --git a/SOURCES/0028-udev-node-always-update-timestamp-of-stack-directory.patch b/SOURCES/0028-udev-node-always-update-timestamp-of-stack-directory.patch new file mode 100644 index 0000000..58110ee --- /dev/null +++ b/SOURCES/0028-udev-node-always-update-timestamp-of-stack-directory.patch @@ -0,0 +1,146 @@ +From a13bd62f6cb8332864ed3566fdf51eedfe240043 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 1 Sep 2021 12:57:40 +0900 +Subject: [PATCH] udev-node: always update timestamp of stack directory + +Please see the comments in the code. + +(cherry picked from commit 6df797f75fa08bb1a9e657001229bd47903e6174) + +Related: #2005024 +--- + src/udev/udev-node.c | 90 ++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 87 insertions(+), 3 deletions(-) + +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index 5d6aae0bd4..0de848da19 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -32,6 +32,7 @@ + #define CREATE_LINK_MAX_RETRIES 128 + #define LINK_UPDATE_MAX_RETRIES 128 + #define CREATE_STACK_LINK_MAX_RETRIES 128 ++#define UPDATE_TIMESTAMP_MAX_RETRIES 128 + #define UDEV_NODE_HASH_KEY SD_ID128_MAKE(b9,6a,f1,ce,40,31,44,1a,9e,19,ec,8b,ae,f3,e3,2f) + + static int create_symlink(const char *target, const char *slink) { +@@ -285,9 +286,60 @@ toolong: + return size - 1; + } + ++static int update_timestamp(sd_device *dev, const char *path, struct stat *prev) { ++ assert(path); ++ assert(prev); ++ ++ /* Even if a symlink in the stack directory is created/removed, the mtime of the directory may ++ * not be changed. Why? Let's consider the following situation. For simplicity, let's assume ++ * there exist three udev workers (A, B, and C) and all of them calls link_update() for the ++ * same devlink simultaneously. ++ * ++ * 1. B creates/removes a symlink in the stack directory. ++ * 2. A calls the first stat() in the loop of link_update(). ++ * 3. A calls link_find_prioritized(). ++ * 4. C creates/removes another symlink in the stack directory, so the result of the step 3 is outdated. ++ * 5. B and C finish link_update(). ++ * 6. A creates/removes devlink according to the outdated result in the step 3. ++ * 7. A calls the second stat() in the loop of link_update(). ++ * ++ * If these 7 steps are processed in this order within a short time period that kernel's timer ++ * does not increase, then even if the contents in the stack directory is changed, the results ++ * of two stat() called by A shows the same timestamp, and A cannot detect the change. ++ * ++ * By calling this function after creating/removing symlinks in the stack directory, the ++ * timestamp of the stack directory is always increased at least in the above step 5, so A can ++ * detect the update. */ ++ ++ if ((prev->st_mode & S_IFMT) == 0) ++ return 0; /* Does not exist, or previous stat() failed. */ ++ ++ for (unsigned i = 0; i < UPDATE_TIMESTAMP_MAX_RETRIES; i++) { ++ struct stat st; ++ ++ if (stat(path, &st) < 0) ++ return -errno; ++ ++ if (!stat_inode_unmodified(prev, &st)) ++ return 0; ++ ++ log_device_debug(dev, ++ "%s is modified, but its timestamp is not changed, " ++ "updating timestamp after 10ms.", ++ path); ++ ++ (void) usleep(10 * USEC_PER_MSEC); ++ if (utimensat(AT_FDCWD, path, NULL, 0) < 0) ++ return -errno; ++ } ++ ++ return -ELOOP; ++} ++ + static int update_stack_directory(sd_device *dev, const char *dirname, bool add) { + _cleanup_free_ char *filename = NULL, *data = NULL, *buf = NULL; + const char *devname, *id; ++ struct stat st = {}; + int priority, r; + + assert(dev); +@@ -302,10 +354,31 @@ static int update_stack_directory(sd_device *dev, const char *dirname, bool add) + return log_oom_debug(); + + if (!add) { +- if (unlink(filename) < 0 && errno != ENOENT) +- log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); ++ bool unlink_failed = false; ++ ++ if (stat(dirname, &st) < 0) { ++ if (errno == ENOENT) ++ return 0; /* The stack directory is already removed. That's OK. */ ++ log_device_debug_errno(dev, errno, "Failed to stat %s, ignoring: %m", dirname); ++ } ++ ++ if (unlink(filename) < 0) { ++ unlink_failed = true; ++ if (errno != ENOENT) ++ log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); ++ } ++ ++ if (rmdir(dirname) >= 0 || errno == ENOENT) ++ return 0; ++ ++ if (unlink_failed) ++ return 0; /* If we failed to remove the symlink, there is almost nothing we can do. */ ++ ++ /* The symlink was removed. Check if the timestamp of directory is changed. */ ++ r = update_timestamp(dev, dirname, &st); ++ if (r < 0 && r != -ENOENT) ++ return log_device_debug_errno(dev, r, "Failed to update timestamp of %s: %m", dirname); + +- (void) rmdir(dirname); + return 0; + } + +@@ -335,12 +408,23 @@ static int update_stack_directory(sd_device *dev, const char *dirname, bool add) + if (r < 0) + return log_device_debug_errno(dev, r, "Failed to create directory %s: %m", dirname); + ++ if (stat(dirname, &st) < 0) { ++ if (errno == ENOENT) ++ continue; ++ return log_device_debug_errno(dev, errno, "Failed to stat %s: %m", dirname); ++ } ++ + if (symlink(data, filename) < 0) { + if (errno == ENOENT) + continue; + return log_device_debug_errno(dev, errno, "Failed to create symbolic link %s: %m", filename); + } + ++ /* The symlink was created. Check if the timestamp of directory is changed. */ ++ r = update_timestamp(dev, dirname, &st); ++ if (r < 0) ++ return log_device_debug_errno(dev, r, "Failed to update timestamp of %s: %m", dirname); ++ + return 0; + } + diff --git a/SOURCES/0028-udev-node-shorten-code-a-bit-and-update-log-message.patch b/SOURCES/0028-udev-node-shorten-code-a-bit-and-update-log-message.patch deleted file mode 100644 index b160155..0000000 --- a/SOURCES/0028-udev-node-shorten-code-a-bit-and-update-log-message.patch +++ /dev/null @@ -1,32 +0,0 @@ -From a075830244f699703a88a492413d931eaeb23a65 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Thu, 2 Sep 2021 08:23:35 +0900 -Subject: [PATCH] udev-node: shorten code a bit and update log message - -(cherry picked from commit 8424da2de88ceeed7be8544fb69221f0b0ea84ea) - -Related: #1977994 ---- - src/udev/udev-node.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 28e6e8df94..2e7df899e4 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -447,13 +447,12 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { - _cleanup_free_ char *target = NULL; - struct stat st1 = {}, st2 = {}; - -- r = stat(dirname, &st1); -- if (r < 0 && errno != ENOENT) -+ if (stat(dirname, &st1) < 0 && errno != ENOENT) - return log_device_debug_errno(dev, errno, "Failed to stat %s: %m", dirname); - - r = link_find_prioritized(dev, add, dirname, &target); - if (r < 0) -- return log_device_debug_errno(dev, r, "Failed to determine highest priority for symlink '%s': %m", slink); -+ return log_device_debug_errno(dev, r, "Failed to determine device node with the highest priority for '%s': %m", slink); - if (r == 0) { - log_device_debug(dev, "No reference left for '%s', removing", slink); - diff --git a/SOURCES/0029-udev-node-add-random-delay-on-conflict-in-updating-d.patch b/SOURCES/0029-udev-node-add-random-delay-on-conflict-in-updating-d.patch deleted file mode 100644 index 3e78627..0000000 --- a/SOURCES/0029-udev-node-add-random-delay-on-conflict-in-updating-d.patch +++ /dev/null @@ -1,59 +0,0 @@ -From c484f91a87679fb26342408f20e7bdddf316f5a0 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Wed, 1 Sep 2021 04:34:48 +0900 -Subject: [PATCH] udev-node: add random delay on conflict in updating device - node symlink - -To make multiple workers not update the same device node symlink -simultaneously. - -(cherry picked from commit 0063fa23a1384dd4385d03b568dc629916b7e72a) - -Related: #1977994 ---- - src/udev/udev-node.c | 12 ++++++++++++ - 1 file changed, 12 insertions(+) - -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 2e7df899e4..675e6ce313 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -20,12 +20,14 @@ - #include "mkdir.h" - #include "parse-util.h" - #include "path-util.h" -+#include "random-util.h" - #include "selinux-util.h" - #include "smack-util.h" - #include "stat-util.h" - #include "stdio-util.h" - #include "string-util.h" - #include "strxcpyx.h" -+#include "time-util.h" - #include "udev-node.h" - #include "user-util.h" - -@@ -33,6 +35,8 @@ - #define LINK_UPDATE_MAX_RETRIES 128 - #define CREATE_STACK_LINK_MAX_RETRIES 128 - #define UPDATE_TIMESTAMP_MAX_RETRIES 128 -+#define MAX_RANDOM_DELAY (250 * USEC_PER_MSEC) -+#define MIN_RANDOM_DELAY ( 50 * USEC_PER_MSEC) - #define UDEV_NODE_HASH_KEY SD_ID128_MAKE(b9,6a,f1,ce,40,31,44,1a,9e,19,ec,8b,ae,f3,e3,2f) - - static int create_symlink(const char *target, const char *slink) { -@@ -447,6 +451,14 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { - _cleanup_free_ char *target = NULL; - struct stat st1 = {}, st2 = {}; - -+ if (i > 0) { -+ usec_t delay = MIN_RANDOM_DELAY + random_u64_range(MAX_RANDOM_DELAY - MIN_RANDOM_DELAY); -+ -+ log_device_debug(dev, "Directory %s was updated, retrying to update devlink %s after %s.", -+ dirname, slink, FORMAT_TIMESPAN(delay, USEC_PER_MSEC)); -+ (void) usleep(delay); -+ } -+ - if (stat(dirname, &st1) < 0 && errno != ENOENT) - return log_device_debug_errno(dev, errno, "Failed to stat %s: %m", dirname); - diff --git a/SOURCES/0029-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch b/SOURCES/0029-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch new file mode 100644 index 0000000..360bfa1 --- /dev/null +++ b/SOURCES/0029-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch @@ -0,0 +1,34 @@ +From cf49a46c165619a0480d361a0afebb89e998f61c Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Thu, 2 Sep 2021 06:58:59 +0900 +Subject: [PATCH] udev-node: assume no new claim to a symlink if + /run/udev/links is not updated + +During creating a symlink to a device node, if another device node which +requests the same symlink is added/removed, `stat_inode_unmodified()` +should always detects that. We do not need to continue the loop +unconditionally. + +(cherry picked from commit 8f27311eb2aec2411d1fb7d62e6c9d75d21ae8df) + +Related: #2005024 +--- + src/udev/udev-node.c | 5 ----- + 1 file changed, 5 deletions(-) + +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index 0de848da19..1a34ea8128 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -491,11 +491,6 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { + r = node_symlink(dev, target, slink); + if (r < 0) + return r; +- if (r == 1) +- /* We have replaced already existing symlink, possibly there is some other device trying +- * to claim the same symlink. Let's do one more iteration to give us a chance to fix +- * the error if other device actually claims the symlink with higher priority. */ +- continue; + + /* Skip the second stat() if the first failed, stat_inode_unmodified() would return false regardless. */ + if ((st1.st_mode & S_IFMT) != 0) { diff --git a/SOURCES/0030-udev-node-always-atomically-create-symlink-to-device.patch b/SOURCES/0030-udev-node-always-atomically-create-symlink-to-device.patch new file mode 100644 index 0000000..e6c01fd --- /dev/null +++ b/SOURCES/0030-udev-node-always-atomically-create-symlink-to-device.patch @@ -0,0 +1,92 @@ +From 1561b9e2c9ea779ab611f52fd8b4eef616896e09 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 1 Sep 2021 02:20:33 +0900 +Subject: [PATCH] udev-node: always atomically create symlink to device node + +By the previous commit, it is not necessary to distinguish if the devlink +already exists. Also, I cannot find any significant advantages of the +previous complecated logic, that is, first try to create directly, and then +fallback to atomically creation. Moreover, such logic increases the chance +of conflicts between multiple udev workers. + +This makes devlinks always created atomically. Hopefully, this reduces the +conflicts between the workers. + +(cherry picked from commit 242d39ebc1391f4734f6e63ff13764de92bc5f70) + +Related: #2005024 +--- + src/udev/udev-node.c | 42 +++++++++--------------------------------- + 1 file changed, 9 insertions(+), 33 deletions(-) + +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index 1a34ea8128..46c04fe00b 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -71,6 +71,13 @@ static int node_symlink(sd_device *dev, const char *node, const char *slink) { + assert(node); + assert(slink); + ++ if (lstat(slink, &stats) >= 0) { ++ if (!S_ISLNK(stats.st_mode)) ++ return log_device_debug_errno(dev, SYNTHETIC_ERRNO(EEXIST), ++ "Conflicting inode '%s' found, link to '%s' will not be created.", slink, node); ++ } else if (errno != ENOENT) ++ return log_device_debug_errno(dev, errno, "Failed to lstat() '%s': %m", slink); ++ + r = path_extract_directory(slink, &slink_dirname); + if (r < 0) + return log_device_debug_errno(dev, r, "Failed to get parent directory of '%s': %m", slink); +@@ -80,41 +87,11 @@ static int node_symlink(sd_device *dev, const char *node, const char *slink) { + if (r < 0) + return log_device_debug_errno(dev, r, "Failed to get relative path from '%s' to '%s': %m", slink, node); + +- if (lstat(slink, &stats) >= 0) { +- _cleanup_free_ char *buf = NULL; +- +- if (!S_ISLNK(stats.st_mode)) +- return log_device_debug_errno(dev, SYNTHETIC_ERRNO(EEXIST), +- "Conflicting inode '%s' found, link to '%s' will not be created.", slink, node); +- +- if (readlink_malloc(slink, &buf) >= 0 && +- path_equal(target, buf)) { +- /* preserve link with correct target, do not replace node of other device */ +- log_device_debug(dev, "Preserve already existing symlink '%s' to '%s'", slink, target); +- +- (void) label_fix(slink, LABEL_IGNORE_ENOENT); +- (void) utimensat(AT_FDCWD, slink, NULL, AT_SYMLINK_NOFOLLOW); +- +- return 0; +- } +- } else if (errno == ENOENT) { +- log_device_debug(dev, "Creating symlink '%s' to '%s'", slink, target); +- +- r = create_symlink(target, slink); +- if (r >= 0) +- return 0; +- +- log_device_debug_errno(dev, r, "Failed to create symlink '%s' to '%s', trying to replace '%s': %m", slink, target, slink); +- } else +- return log_device_debug_errno(dev, errno, "Failed to lstat() '%s': %m", slink); +- +- log_device_debug(dev, "Atomically replace '%s'", slink); +- + r = device_get_device_id(dev, &id); + if (r < 0) + return log_device_debug_errno(dev, r, "Failed to get device id: %m"); +- slink_tmp = strjoina(slink, ".tmp-", id); + ++ slink_tmp = strjoina(slink, ".tmp-", id); + (void) unlink(slink_tmp); + + r = create_symlink(target, slink_tmp); +@@ -127,8 +104,7 @@ static int node_symlink(sd_device *dev, const char *node, const char *slink) { + return r; + } + +- /* Tell caller that we replaced already existing symlink. */ +- return 1; ++ return 0; + } + + static int link_find_prioritized(sd_device *dev, bool add, const char *stackdir, char **ret) { diff --git a/SOURCES/0030-udev-node-drop-redundant-trial-of-devlink-creation.patch b/SOURCES/0030-udev-node-drop-redundant-trial-of-devlink-creation.patch deleted file mode 100644 index d2c37cb..0000000 --- a/SOURCES/0030-udev-node-drop-redundant-trial-of-devlink-creation.patch +++ /dev/null @@ -1,80 +0,0 @@ -From 458a6cd748ee5555b6957888b69d475ac3f619c6 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Wed, 1 Sep 2021 09:29:42 +0900 -Subject: [PATCH] udev-node: drop redundant trial of devlink creation - -Previously, the devlink was created based on the priority saved in udev -database. So, we needed to reevaluate devlinks after database is saved. - -But now the priority is stored in the symlink under /run/udev/links, and -the loop of devlink creation is controlled with the timestamp of the -directory. So, the double evaluation is not necessary anymore. - -(cherry picked from commit 7920d0a135fb6a08aa0bfc31e9d0a3f589fe7a1f) - -Related: #1977994 ---- - src/udev/udev-event.c | 5 +---- - src/udev/udev-node.c | 12 ++++-------- - 2 files changed, 5 insertions(+), 12 deletions(-) - -diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c -index 8b9f8aecfe..c77f55c67e 100644 ---- a/src/udev/udev-event.c -+++ b/src/udev/udev-event.c -@@ -1060,10 +1060,7 @@ int udev_event_execute_rules( - - device_set_is_initialized(dev); - -- /* Yes, we run update_devnode() twice, because in the first invocation, that is before update of udev database, -- * it could happen that two contenders are replacing each other's symlink. Hence we run it again to make sure -- * symlinks point to devices that claim them with the highest priority. */ -- return update_devnode(event); -+ return 0; - } - - void udev_event_execute_run(UdevEvent *event, usec_t timeout_usec, int timeout_signal) { -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 675e6ce313..bb551d86b0 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -416,7 +416,7 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { - _cleanup_free_ char *slink = NULL, *dirname = NULL; - const char *slink_name; - char name_enc[NAME_MAX+1]; -- int i, r, retries; -+ int r; - - assert(dev); - assert(slink_in); -@@ -443,11 +443,7 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { - if (r < 0) - return r; - -- /* If the database entry is not written yet we will just do one iteration and possibly wrong symlink -- * will be fixed in the second invocation. */ -- retries = sd_device_get_is_initialized(dev) > 0 ? LINK_UPDATE_MAX_RETRIES : 1; -- -- for (i = 0; i < retries; i++) { -+ for (unsigned i = 0; i < LINK_UPDATE_MAX_RETRIES; i++) { - _cleanup_free_ char *target = NULL; - struct stat st1 = {}, st2 = {}; - -@@ -472,7 +468,7 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { - log_device_debug_errno(dev, errno, "Failed to remove '%s', ignoring: %m", slink); - - (void) rmdir_parents(slink, "/dev"); -- break; -+ return 0; - } - - r = node_symlink(dev, target, slink); -@@ -487,7 +483,7 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { - return 0; - } - -- return i < LINK_UPDATE_MAX_RETRIES ? 0 : -ELOOP; -+ return -ELOOP; - } - - static int device_get_devpath_by_devnum(sd_device *dev, char **ret) { diff --git a/SOURCES/0031-udev-node-check-stack-directory-change-even-if-devli.patch b/SOURCES/0031-udev-node-check-stack-directory-change-even-if-devli.patch new file mode 100644 index 0000000..0d20cea --- /dev/null +++ b/SOURCES/0031-udev-node-check-stack-directory-change-even-if-devli.patch @@ -0,0 +1,44 @@ +From a3389b23db9b9ab1ad11f181f036be35aade8c31 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 1 Sep 2021 09:44:26 +0900 +Subject: [PATCH] udev-node: check stack directory change even if devlink is + removed + +Otherwise, when multiple device additions and removals occur +simultaneously, symlink to unexisting devnode may be created. + +Hopefully fixes #19946. + +(cherry picked from commit 1cd4e325693007b3628f1a27297f0ab7114b24b8) + +Related: #2005024 +--- + src/udev/udev-node.c | 15 ++++++--------- + 1 file changed, 6 insertions(+), 9 deletions(-) + +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index 46c04fe00b..28e6e8df94 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -468,15 +468,12 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { + if (r < 0) + return r; + +- /* Skip the second stat() if the first failed, stat_inode_unmodified() would return false regardless. */ +- if ((st1.st_mode & S_IFMT) != 0) { +- r = stat(dirname, &st2); +- if (r < 0 && errno != ENOENT) +- return log_device_debug_errno(dev, errno, "Failed to stat %s: %m", dirname); +- +- if (stat_inode_unmodified(&st1, &st2)) +- break; +- } ++ if (stat(dirname, &st2) < 0 && errno != ENOENT) ++ return log_device_debug_errno(dev, errno, "Failed to stat %s: %m", dirname); ++ ++ if (((st1.st_mode & S_IFMT) == 0 && (st2.st_mode & S_IFMT) == 0) || ++ stat_inode_unmodified(&st1, &st2)) ++ return 0; + } + + return i < LINK_UPDATE_MAX_RETRIES ? 0 : -ELOOP; diff --git a/SOURCES/0031-udev-node-simplify-the-example-of-race.patch b/SOURCES/0031-udev-node-simplify-the-example-of-race.patch deleted file mode 100644 index dbdab4c..0000000 --- a/SOURCES/0031-udev-node-simplify-the-example-of-race.patch +++ /dev/null @@ -1,36 +0,0 @@ -From a5a14281160881fbb39d80a2572a18ecadbeedd5 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Sun, 12 Sep 2021 16:05:51 +0900 -Subject: [PATCH] udev-node: simplify the example of race - -(cherry picked from commit 3df566a66723490914ef3bae0ca8046044b70dce) - -Related: #1977994 ---- - src/udev/udev-node.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index bb551d86b0..61cb9a449b 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -272,14 +272,14 @@ static int update_timestamp(sd_device *dev, const char *path, struct stat *prev) - - /* Even if a symlink in the stack directory is created/removed, the mtime of the directory may - * not be changed. Why? Let's consider the following situation. For simplicity, let's assume -- * there exist three udev workers (A, B, and C) and all of them calls link_update() for the -- * same devlink simultaneously. -+ * there exist two udev workers (A and B) and all of them calls link_update() for the same -+ * devlink simultaneously. - * -- * 1. B creates/removes a symlink in the stack directory. -+ * 1. A creates/removes a symlink in the stack directory. - * 2. A calls the first stat() in the loop of link_update(). - * 3. A calls link_find_prioritized(). -- * 4. C creates/removes another symlink in the stack directory, so the result of the step 3 is outdated. -- * 5. B and C finish link_update(). -+ * 4. B creates/removes another symlink in the stack directory, so the result of the step 3 is outdated. -+ * 5. B finishes link_update(). - * 6. A creates/removes devlink according to the outdated result in the step 3. - * 7. A calls the second stat() in the loop of link_update(). - * diff --git a/SOURCES/0032-udev-node-do-not-ignore-unexpected-errors-on-removin.patch b/SOURCES/0032-udev-node-do-not-ignore-unexpected-errors-on-removin.patch deleted file mode 100644 index 5167506..0000000 --- a/SOURCES/0032-udev-node-do-not-ignore-unexpected-errors-on-removin.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 735971d9bffeccc0c17311a29909bdf5d693f806 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Sun, 12 Sep 2021 16:14:27 +0900 -Subject: [PATCH] udev-node: do not ignore unexpected errors on removing - symlink in stack directory - -Only acceptable error here is -ENOENT. - -(cherry picked from commit 0706cdf4ec92d6bd40391da0e81a30d9bf851663) - -Related: #1977994 ---- - src/udev/udev-node.c | 23 ++++++++++++++--------- - 1 file changed, 14 insertions(+), 9 deletions(-) - -diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 61cb9a449b..e1fb387cb9 100644 ---- a/src/udev/udev-node.c -+++ b/src/udev/udev-node.c -@@ -334,25 +334,30 @@ static int update_stack_directory(sd_device *dev, const char *dirname, bool add) - return log_oom_debug(); - - if (!add) { -- bool unlink_failed = false; -+ int unlink_error = 0, stat_error = 0; - - if (stat(dirname, &st) < 0) { - if (errno == ENOENT) - return 0; /* The stack directory is already removed. That's OK. */ -- log_device_debug_errno(dev, errno, "Failed to stat %s, ignoring: %m", dirname); -+ stat_error = -errno; - } - -- if (unlink(filename) < 0) { -- unlink_failed = true; -- if (errno != ENOENT) -- log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); -- } -+ if (unlink(filename) < 0) -+ unlink_error = -errno; - - if (rmdir(dirname) >= 0 || errno == ENOENT) - return 0; - -- if (unlink_failed) -- return 0; /* If we failed to remove the symlink, there is almost nothing we can do. */ -+ if (unlink_error < 0) { -+ if (unlink_error == -ENOENT) -+ return 0; -+ -+ /* If we failed to remove the symlink, then there is almost nothing we can do. */ -+ return log_device_debug_errno(dev, unlink_error, "Failed to remove %s: %m", filename); -+ } -+ -+ if (stat_error < 0) -+ return log_device_debug_errno(dev, stat_error, "Failed to stat %s: %m", dirname); - - /* The symlink was removed. Check if the timestamp of directory is changed. */ - r = update_timestamp(dev, dirname, &st); diff --git a/SOURCES/0032-udev-node-shorten-code-a-bit-and-update-log-message.patch b/SOURCES/0032-udev-node-shorten-code-a-bit-and-update-log-message.patch new file mode 100644 index 0000000..c199706 --- /dev/null +++ b/SOURCES/0032-udev-node-shorten-code-a-bit-and-update-log-message.patch @@ -0,0 +1,32 @@ +From 52938c3ed27ebaadce97060ad8ebdcb351403d90 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Thu, 2 Sep 2021 08:23:35 +0900 +Subject: [PATCH] udev-node: shorten code a bit and update log message + +(cherry picked from commit 8424da2de88ceeed7be8544fb69221f0b0ea84ea) + +Related: #2005024 +--- + src/udev/udev-node.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index 28e6e8df94..2e7df899e4 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -447,13 +447,12 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { + _cleanup_free_ char *target = NULL; + struct stat st1 = {}, st2 = {}; + +- r = stat(dirname, &st1); +- if (r < 0 && errno != ENOENT) ++ if (stat(dirname, &st1) < 0 && errno != ENOENT) + return log_device_debug_errno(dev, errno, "Failed to stat %s: %m", dirname); + + r = link_find_prioritized(dev, add, dirname, &target); + if (r < 0) +- return log_device_debug_errno(dev, r, "Failed to determine highest priority for symlink '%s': %m", slink); ++ return log_device_debug_errno(dev, r, "Failed to determine device node with the highest priority for '%s': %m", slink); + if (r == 0) { + log_device_debug(dev, "No reference left for '%s', removing", slink); + diff --git a/SOURCES/0033-basic-time-util-introduce-FORMAT_TIMESPAN.patch b/SOURCES/0033-basic-time-util-introduce-FORMAT_TIMESPAN.patch deleted file mode 100644 index 4f7fcc8..0000000 --- a/SOURCES/0033-basic-time-util-introduce-FORMAT_TIMESPAN.patch +++ /dev/null @@ -1,25 +0,0 @@ -From e1f53e60bdc368c81beba8b6173047ec8149f8e9 Mon Sep 17 00:00:00 2001 -From: Michal Sekletar -Date: Tue, 21 Sep 2021 09:28:29 +0200 -Subject: [PATCH] basic/time-util: introduce FORMAT_TIMESPAN - -This is cherry-pick of the relevant part from the tree-wide change in -5291f26d4a6. - -Related: #1977994 ---- - src/basic/time-util.h | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/basic/time-util.h b/src/basic/time-util.h -index 2bd947d6a8..8254913930 100644 ---- a/src/basic/time-util.h -+++ b/src/basic/time-util.h -@@ -67,6 +67,7 @@ typedef enum TimestampStyle { - #define FORMAT_TIMESTAMP_WIDTH 28U /* when outputting, assume this width */ - #define FORMAT_TIMESTAMP_RELATIVE_MAX 256U - #define FORMAT_TIMESPAN_MAX 64U -+#define FORMAT_TIMESPAN(t, accuracy) format_timespan((char[FORMAT_TIMESPAN_MAX]){}, FORMAT_TIMESPAN_MAX, t, accuracy) - - #define TIME_T_MAX (time_t)((UINTMAX_C(1) << ((sizeof(time_t) << 3) - 1)) - 1) - diff --git a/SOURCES/0033-udev-node-add-random-delay-on-conflict-in-updating-d.patch b/SOURCES/0033-udev-node-add-random-delay-on-conflict-in-updating-d.patch new file mode 100644 index 0000000..001ba0b --- /dev/null +++ b/SOURCES/0033-udev-node-add-random-delay-on-conflict-in-updating-d.patch @@ -0,0 +1,59 @@ +From 75275ae07233e213fe03a1a33870efe10dbb2b39 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 1 Sep 2021 04:34:48 +0900 +Subject: [PATCH] udev-node: add random delay on conflict in updating device + node symlink + +To make multiple workers not update the same device node symlink +simultaneously. + +(cherry picked from commit 0063fa23a1384dd4385d03b568dc629916b7e72a) + +Related: #2005024 +--- + src/udev/udev-node.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index 2e7df899e4..675e6ce313 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -20,12 +20,14 @@ + #include "mkdir.h" + #include "parse-util.h" + #include "path-util.h" ++#include "random-util.h" + #include "selinux-util.h" + #include "smack-util.h" + #include "stat-util.h" + #include "stdio-util.h" + #include "string-util.h" + #include "strxcpyx.h" ++#include "time-util.h" + #include "udev-node.h" + #include "user-util.h" + +@@ -33,6 +35,8 @@ + #define LINK_UPDATE_MAX_RETRIES 128 + #define CREATE_STACK_LINK_MAX_RETRIES 128 + #define UPDATE_TIMESTAMP_MAX_RETRIES 128 ++#define MAX_RANDOM_DELAY (250 * USEC_PER_MSEC) ++#define MIN_RANDOM_DELAY ( 50 * USEC_PER_MSEC) + #define UDEV_NODE_HASH_KEY SD_ID128_MAKE(b9,6a,f1,ce,40,31,44,1a,9e,19,ec,8b,ae,f3,e3,2f) + + static int create_symlink(const char *target, const char *slink) { +@@ -447,6 +451,14 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { + _cleanup_free_ char *target = NULL; + struct stat st1 = {}, st2 = {}; + ++ if (i > 0) { ++ usec_t delay = MIN_RANDOM_DELAY + random_u64_range(MAX_RANDOM_DELAY - MIN_RANDOM_DELAY); ++ ++ log_device_debug(dev, "Directory %s was updated, retrying to update devlink %s after %s.", ++ dirname, slink, FORMAT_TIMESPAN(delay, USEC_PER_MSEC)); ++ (void) usleep(delay); ++ } ++ + if (stat(dirname, &st1) < 0 && errno != ENOENT) + return log_device_debug_errno(dev, errno, "Failed to stat %s: %m", dirname); + diff --git a/SOURCES/0034-udev-node-drop-redundant-trial-of-devlink-creation.patch b/SOURCES/0034-udev-node-drop-redundant-trial-of-devlink-creation.patch new file mode 100644 index 0000000..4bc11ac --- /dev/null +++ b/SOURCES/0034-udev-node-drop-redundant-trial-of-devlink-creation.patch @@ -0,0 +1,80 @@ +From c715be5f677ab61704ffe358716cf700d662b82d Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 1 Sep 2021 09:29:42 +0900 +Subject: [PATCH] udev-node: drop redundant trial of devlink creation + +Previously, the devlink was created based on the priority saved in udev +database. So, we needed to reevaluate devlinks after database is saved. + +But now the priority is stored in the symlink under /run/udev/links, and +the loop of devlink creation is controlled with the timestamp of the +directory. So, the double evaluation is not necessary anymore. + +(cherry picked from commit 7920d0a135fb6a08aa0bfc31e9d0a3f589fe7a1f) + +Related: #2005024 +--- + src/udev/udev-event.c | 5 +---- + src/udev/udev-node.c | 12 ++++-------- + 2 files changed, 5 insertions(+), 12 deletions(-) + +diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c +index 8b9f8aecfe..c77f55c67e 100644 +--- a/src/udev/udev-event.c ++++ b/src/udev/udev-event.c +@@ -1060,10 +1060,7 @@ int udev_event_execute_rules( + + device_set_is_initialized(dev); + +- /* Yes, we run update_devnode() twice, because in the first invocation, that is before update of udev database, +- * it could happen that two contenders are replacing each other's symlink. Hence we run it again to make sure +- * symlinks point to devices that claim them with the highest priority. */ +- return update_devnode(event); ++ return 0; + } + + void udev_event_execute_run(UdevEvent *event, usec_t timeout_usec, int timeout_signal) { +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index 675e6ce313..bb551d86b0 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -416,7 +416,7 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { + _cleanup_free_ char *slink = NULL, *dirname = NULL; + const char *slink_name; + char name_enc[NAME_MAX+1]; +- int i, r, retries; ++ int r; + + assert(dev); + assert(slink_in); +@@ -443,11 +443,7 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { + if (r < 0) + return r; + +- /* If the database entry is not written yet we will just do one iteration and possibly wrong symlink +- * will be fixed in the second invocation. */ +- retries = sd_device_get_is_initialized(dev) > 0 ? LINK_UPDATE_MAX_RETRIES : 1; +- +- for (i = 0; i < retries; i++) { ++ for (unsigned i = 0; i < LINK_UPDATE_MAX_RETRIES; i++) { + _cleanup_free_ char *target = NULL; + struct stat st1 = {}, st2 = {}; + +@@ -472,7 +468,7 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { + log_device_debug_errno(dev, errno, "Failed to remove '%s', ignoring: %m", slink); + + (void) rmdir_parents(slink, "/dev"); +- break; ++ return 0; + } + + r = node_symlink(dev, target, slink); +@@ -487,7 +483,7 @@ static int link_update(sd_device *dev, const char *slink_in, bool add) { + return 0; + } + +- return i < LINK_UPDATE_MAX_RETRIES ? 0 : -ELOOP; ++ return -ELOOP; + } + + static int device_get_devpath_by_devnum(sd_device *dev, char **ret) { diff --git a/SOURCES/0034-unit-install-the-systemd-bless-boot.service-only-if-.patch b/SOURCES/0034-unit-install-the-systemd-bless-boot.service-only-if-.patch deleted file mode 100644 index 089cd8c..0000000 --- a/SOURCES/0034-unit-install-the-systemd-bless-boot.service-only-if-.patch +++ /dev/null @@ -1,28 +0,0 @@ -From aef14d77e157fd0748ef664c83e55fd3880ea787 Mon Sep 17 00:00:00 2001 -From: Frantisek Sumsal -Date: Tue, 21 Sep 2021 22:47:42 +0200 -Subject: [PATCH] unit: install the systemd-bless-boot.service only if we have - gnu-efi - -Follow-up to #20591. - -(cherry picked from commit 220261ef940a126588b20a1765a2501811473839) - -Related: #1972223 ---- - units/meson.build | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/units/meson.build b/units/meson.build -index 27a2b60137..e06d883cd2 100644 ---- a/units/meson.build -+++ b/units/meson.build -@@ -179,7 +179,7 @@ in_units = [ - ['systemd-backlight@.service', 'ENABLE_BACKLIGHT'], - ['systemd-binfmt.service', 'ENABLE_BINFMT', - 'sysinit.target.wants/'], -- ['systemd-bless-boot.service', 'ENABLE_EFI HAVE_BLKID'], -+ ['systemd-bless-boot.service', 'HAVE_GNU_EFI HAVE_BLKID'], - ['systemd-boot-check-no-failures.service', ''], - ['systemd-coredump@.service', 'ENABLE_COREDUMP'], - ['systemd-pstore.service', 'ENABLE_PSTORE'], diff --git a/SOURCES/0035-udev-node-simplify-the-example-of-race.patch b/SOURCES/0035-udev-node-simplify-the-example-of-race.patch new file mode 100644 index 0000000..09e509e --- /dev/null +++ b/SOURCES/0035-udev-node-simplify-the-example-of-race.patch @@ -0,0 +1,36 @@ +From 13293ddc7822025cb9f785262655f928634395f6 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 12 Sep 2021 16:05:51 +0900 +Subject: [PATCH] udev-node: simplify the example of race + +(cherry picked from commit 3df566a66723490914ef3bae0ca8046044b70dce) + +Related: #2005024 +--- + src/udev/udev-node.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index bb551d86b0..61cb9a449b 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -272,14 +272,14 @@ static int update_timestamp(sd_device *dev, const char *path, struct stat *prev) + + /* Even if a symlink in the stack directory is created/removed, the mtime of the directory may + * not be changed. Why? Let's consider the following situation. For simplicity, let's assume +- * there exist three udev workers (A, B, and C) and all of them calls link_update() for the +- * same devlink simultaneously. ++ * there exist two udev workers (A and B) and all of them calls link_update() for the same ++ * devlink simultaneously. + * +- * 1. B creates/removes a symlink in the stack directory. ++ * 1. A creates/removes a symlink in the stack directory. + * 2. A calls the first stat() in the loop of link_update(). + * 3. A calls link_find_prioritized(). +- * 4. C creates/removes another symlink in the stack directory, so the result of the step 3 is outdated. +- * 5. B and C finish link_update(). ++ * 4. B creates/removes another symlink in the stack directory, so the result of the step 3 is outdated. ++ * 5. B finishes link_update(). + * 6. A creates/removes devlink according to the outdated result in the step 3. + * 7. A calls the second stat() in the loop of link_update(). + * diff --git a/SOURCES/0035-units-don-t-enable-tmp.mount-statically-in-local-fs..patch b/SOURCES/0035-units-don-t-enable-tmp.mount-statically-in-local-fs..patch deleted file mode 100644 index ee76475..0000000 --- a/SOURCES/0035-units-don-t-enable-tmp.mount-statically-in-local-fs..patch +++ /dev/null @@ -1,26 +0,0 @@ -From 532a10738745716620ef6af5813bc9c81c235f07 Mon Sep 17 00:00:00 2001 -From: Michal Sekletar -Date: Wed, 22 Sep 2021 14:38:00 +0200 -Subject: [PATCH] units: don't enable tmp.mount statically in local-fs.target - -RHEL-only - -Related: #1959826 ---- - units/meson.build | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/units/meson.build b/units/meson.build -index e06d883cd2..40487d123e 100644 ---- a/units/meson.build -+++ b/units/meson.build -@@ -154,8 +154,7 @@ units = [ - ['time-set.target', ''], - ['time-sync.target', ''], - ['timers.target', ''], -- ['tmp.mount', '', -- 'local-fs.target.wants/'], -+ ['tmp.mount', ''], - ['umount.target', ''], - ['usb-gadget.target', ''], - ['user.slice', ''], diff --git a/SOURCES/0036-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch b/SOURCES/0036-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch deleted file mode 100644 index 06b0fe7..0000000 --- a/SOURCES/0036-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 9ac22ee1e9d1ae32ff2d824e5a0e763a18b36d7e Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Wed, 1 Aug 2018 13:19:39 +0200 -Subject: [PATCH] pid1: bump DefaultTasksMax to 80% of the kernel pid.max value - -This should be hopefully high enough even for the very big deployments. - -RHEL-only - -Resolves: #1997200 ---- - man/systemd-system.conf.xml | 4 ++-- - src/core/main.c | 2 +- - src/core/system.conf.in | 2 +- - 3 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml -index c11dd46143..72c8db5890 100644 ---- a/man/systemd-system.conf.xml -+++ b/man/systemd-system.conf.xml -@@ -389,10 +389,10 @@ - Configure the default value for the per-unit TasksMax= setting. See - systemd.resource-control5 - for details. This setting applies to all unit types that support resource control settings, with the exception -- of slice units. Defaults to 15% of the minimum of kernel.pid_max=, kernel.threads-max= -+ of slice units. Defaults to 80% of the minimum of kernel.pid_max=, kernel.threads-max= - and root cgroup pids.max. - Kernel has a default value for kernel.pid_max= and an algorithm of counting in case of more than 32 cores. -- For example with the default kernel.pid_max=, DefaultTasksMax= defaults to 4915, -+ For example with the default kernel.pid_max=, DefaultTasksMax= defaults to 26214, - but might be greater in other systems or smaller in OS containers. - - -diff --git a/src/core/main.c b/src/core/main.c -index da6c50a1c4..f4fe7517fd 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -92,7 +92,7 @@ - #include - #endif - --#define DEFAULT_TASKS_MAX ((TasksMax) { 15U, 100U }) /* 15% */ -+#define DEFAULT_TASKS_MAX ((TasksMax) { 80U, 100U }) /* 80% */ - - static enum { - ACTION_RUN, -diff --git a/src/core/system.conf.in b/src/core/system.conf.in -index e88280bd0a..f2c75fcd32 100644 ---- a/src/core/system.conf.in -+++ b/src/core/system.conf.in -@@ -54,7 +54,7 @@ - #DefaultBlockIOAccounting=no - #DefaultMemoryAccounting={{ 'yes' if MEMORY_ACCOUNTING_DEFAULT else 'no' }} - #DefaultTasksAccounting=yes --#DefaultTasksMax=15% -+#DefaultTasksMax=80% - #DefaultLimitCPU= - #DefaultLimitFSIZE= - #DefaultLimitDATA= diff --git a/SOURCES/0036-udev-node-do-not-ignore-unexpected-errors-on-removin.patch b/SOURCES/0036-udev-node-do-not-ignore-unexpected-errors-on-removin.patch new file mode 100644 index 0000000..f8adbfe --- /dev/null +++ b/SOURCES/0036-udev-node-do-not-ignore-unexpected-errors-on-removin.patch @@ -0,0 +1,59 @@ +From 969b05b3f1dc644e821756205450b06a30c79d7f Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 12 Sep 2021 16:14:27 +0900 +Subject: [PATCH] udev-node: do not ignore unexpected errors on removing + symlink in stack directory + +Only acceptable error here is -ENOENT. + +(cherry picked from commit 0706cdf4ec92d6bd40391da0e81a30d9bf851663) + +Related: #2005024 +--- + src/udev/udev-node.c | 23 ++++++++++++++--------- + 1 file changed, 14 insertions(+), 9 deletions(-) + +diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c +index 61cb9a449b..e1fb387cb9 100644 +--- a/src/udev/udev-node.c ++++ b/src/udev/udev-node.c +@@ -334,25 +334,30 @@ static int update_stack_directory(sd_device *dev, const char *dirname, bool add) + return log_oom_debug(); + + if (!add) { +- bool unlink_failed = false; ++ int unlink_error = 0, stat_error = 0; + + if (stat(dirname, &st) < 0) { + if (errno == ENOENT) + return 0; /* The stack directory is already removed. That's OK. */ +- log_device_debug_errno(dev, errno, "Failed to stat %s, ignoring: %m", dirname); ++ stat_error = -errno; + } + +- if (unlink(filename) < 0) { +- unlink_failed = true; +- if (errno != ENOENT) +- log_device_debug_errno(dev, errno, "Failed to remove %s, ignoring: %m", filename); +- } ++ if (unlink(filename) < 0) ++ unlink_error = -errno; + + if (rmdir(dirname) >= 0 || errno == ENOENT) + return 0; + +- if (unlink_failed) +- return 0; /* If we failed to remove the symlink, there is almost nothing we can do. */ ++ if (unlink_error < 0) { ++ if (unlink_error == -ENOENT) ++ return 0; ++ ++ /* If we failed to remove the symlink, then there is almost nothing we can do. */ ++ return log_device_debug_errno(dev, unlink_error, "Failed to remove %s: %m", filename); ++ } ++ ++ if (stat_error < 0) ++ return log_device_debug_errno(dev, stat_error, "Failed to stat %s: %m", dirname); + + /* The symlink was removed. Check if the timestamp of directory is changed. */ + r = update_timestamp(dev, dirname, &st); diff --git a/SOURCES/0037-basic-time-util-introduce-FORMAT_TIMESPAN.patch b/SOURCES/0037-basic-time-util-introduce-FORMAT_TIMESPAN.patch new file mode 100644 index 0000000..07ae245 --- /dev/null +++ b/SOURCES/0037-basic-time-util-introduce-FORMAT_TIMESPAN.patch @@ -0,0 +1,25 @@ +From 1cbcfc6f69e50d309698b6aa16a48b7f282913f5 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Tue, 21 Sep 2021 09:28:29 +0200 +Subject: [PATCH] basic/time-util: introduce FORMAT_TIMESPAN + +This is cherry-pick of the relevant part from the tree-wide change in +5291f26d4a6. + +Related: #2005024 +--- + src/basic/time-util.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/basic/time-util.h b/src/basic/time-util.h +index 2bd947d6a8..8254913930 100644 +--- a/src/basic/time-util.h ++++ b/src/basic/time-util.h +@@ -67,6 +67,7 @@ typedef enum TimestampStyle { + #define FORMAT_TIMESTAMP_WIDTH 28U /* when outputting, assume this width */ + #define FORMAT_TIMESTAMP_RELATIVE_MAX 256U + #define FORMAT_TIMESPAN_MAX 64U ++#define FORMAT_TIMESPAN(t, accuracy) format_timespan((char[FORMAT_TIMESPAN_MAX]){}, FORMAT_TIMESPAN_MAX, t, accuracy) + + #define TIME_T_MAX (time_t)((UINTMAX_C(1) << ((sizeof(time_t) << 3) - 1)) - 1) + diff --git a/SOURCES/0037-udev-net-setup-link-change-the-default-MACAddressPol.patch b/SOURCES/0037-udev-net-setup-link-change-the-default-MACAddressPol.patch deleted file mode 100644 index b031481..0000000 --- a/SOURCES/0037-udev-net-setup-link-change-the-default-MACAddressPol.patch +++ /dev/null @@ -1,40 +0,0 @@ -From ac965c0ae8c9ffa7d606bce9ffa3052fccbac0ce Mon Sep 17 00:00:00 2001 -From: Michal Sekletar -Date: Tue, 21 Sep 2021 15:01:19 +0200 -Subject: [PATCH] udev/net-setup-link: change the default MACAddressPolicy to - "none" - -While stable MAC address for interface types that don't have the -address provided by HW could be useful it also breaks LACP based bonds. -Let's err on the side of caution and don't change the MAC address from -udev. - -Resolves: #1921094 ---- - man/systemd.link.xml | 2 +- - test/fuzz/fuzz-link-parser/99-default.link | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/man/systemd.link.xml b/man/systemd.link.xml -index 1093e2e0b8..095d8b4873 100644 ---- a/man/systemd.link.xml -+++ b/man/systemd.link.xml -@@ -816,7 +816,7 @@ - - [Link] - NamePolicy=kernel database onboard slot path --MACAddressPolicy=persistent -+MACAddressPolicy=none - - - -diff --git a/test/fuzz/fuzz-link-parser/99-default.link b/test/fuzz/fuzz-link-parser/99-default.link -index feb5b1fbb0..3d755898b4 100644 ---- a/test/fuzz/fuzz-link-parser/99-default.link -+++ b/test/fuzz/fuzz-link-parser/99-default.link -@@ -9,4 +9,4 @@ - - [Link] - NamePolicy=keep kernel database onboard slot path --MACAddressPolicy=persistent -+MACAddressPolicy=none diff --git a/SOURCES/0038-udev-net-setup-link-change-the-default-MACAddressPol.patch b/SOURCES/0038-udev-net-setup-link-change-the-default-MACAddressPol.patch new file mode 100644 index 0000000..26a6979 --- /dev/null +++ b/SOURCES/0038-udev-net-setup-link-change-the-default-MACAddressPol.patch @@ -0,0 +1,51 @@ +From 59bad0f7db6d56c359816bc048341b38b824e460 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Tue, 21 Sep 2021 15:01:19 +0200 +Subject: [PATCH] udev/net-setup-link: change the default MACAddressPolicy to + "none" + +While stable MAC address for interface types that don't have the +address provided by HW could be useful it also breaks LACP based bonds. +Let's err on the side of caution and don't change the MAC address from +udev. + +Resolves: #2009237 +--- + man/systemd.link.xml | 2 +- + network/99-default.link | 2 +- + test/fuzz/fuzz-link-parser/99-default.link | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/man/systemd.link.xml b/man/systemd.link.xml +index 1093e2e0b8..095d8b4873 100644 +--- a/man/systemd.link.xml ++++ b/man/systemd.link.xml +@@ -816,7 +816,7 @@ + + [Link] + NamePolicy=kernel database onboard slot path +-MACAddressPolicy=persistent ++MACAddressPolicy=none + + + +diff --git a/network/99-default.link b/network/99-default.link +index bca660ac28..31aee37e75 100644 +--- a/network/99-default.link ++++ b/network/99-default.link +@@ -13,4 +13,4 @@ OriginalName=* + [Link] + NamePolicy=keep kernel database onboard slot path + AlternativeNamesPolicy=database onboard slot path +-MACAddressPolicy=persistent ++MACAddressPolicy=none +diff --git a/test/fuzz/fuzz-link-parser/99-default.link b/test/fuzz/fuzz-link-parser/99-default.link +index feb5b1fbb0..3d755898b4 100644 +--- a/test/fuzz/fuzz-link-parser/99-default.link ++++ b/test/fuzz/fuzz-link-parser/99-default.link +@@ -9,4 +9,4 @@ + + [Link] + NamePolicy=keep kernel database onboard slot path +-MACAddressPolicy=persistent ++MACAddressPolicy=none diff --git a/SOURCES/0038-udev-net-setup-link-really-change-the-default-MACAdd.patch b/SOURCES/0038-udev-net-setup-link-really-change-the-default-MACAdd.patch deleted file mode 100644 index bb7c122..0000000 --- a/SOURCES/0038-udev-net-setup-link-really-change-the-default-MACAdd.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 19ab86202b9c4366ea5bd5ac820301f0ab6d1f95 Mon Sep 17 00:00:00 2001 -From: Michal Sekletar -Date: Fri, 1 Oct 2021 11:46:23 +0200 -Subject: [PATCH] udev/net-setup-link: *really* change the default - MACAddressPolicy to "none" - -Fix the oversight and change the policy in the link file, i.e. the -place where it actually matters. - -Related: #1921094 ---- - network/99-default.link | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/network/99-default.link b/network/99-default.link -index bca660ac28..31aee37e75 100644 ---- a/network/99-default.link -+++ b/network/99-default.link -@@ -13,4 +13,4 @@ OriginalName=* - [Link] - NamePolicy=keep kernel database onboard slot path - AlternativeNamesPolicy=database onboard slot path --MACAddressPolicy=persistent -+MACAddressPolicy=none diff --git a/SOURCES/0039-set-core-ulimit-to-0-like-on-RHEL-7.patch b/SOURCES/0039-set-core-ulimit-to-0-like-on-RHEL-7.patch new file mode 100644 index 0000000..8c4c308 --- /dev/null +++ b/SOURCES/0039-set-core-ulimit-to-0-like-on-RHEL-7.patch @@ -0,0 +1,25 @@ +From 2edaafdfacc14088d7b6f04eec578bd048057103 Mon Sep 17 00:00:00 2001 +From: David Tardon +Date: Mon, 25 Jan 2021 16:19:56 +0100 +Subject: [PATCH] set core ulimit to 0 like on RHEL-7 + +RHEL-only + +Resolves: #1998509 +--- + src/core/system.conf.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/core/system.conf.in b/src/core/system.conf.in +index f2c75fcd32..c290b14b8b 100644 +--- a/src/core/system.conf.in ++++ b/src/core/system.conf.in +@@ -59,7 +59,7 @@ + #DefaultLimitFSIZE= + #DefaultLimitDATA= + #DefaultLimitSTACK= +-#DefaultLimitCORE= ++DefaultLimitCORE=0:infinity + #DefaultLimitRSS= + #DefaultLimitNOFILE=1024:{{HIGH_RLIMIT_NOFILE}} + #DefaultLimitAS= diff --git a/SOURCES/0040-test-don-t-install-test-network-generator-conversion.patch b/SOURCES/0040-test-don-t-install-test-network-generator-conversion.patch new file mode 100644 index 0000000..953145b --- /dev/null +++ b/SOURCES/0040-test-don-t-install-test-network-generator-conversion.patch @@ -0,0 +1,60 @@ +From 8efa0b5f989d977eca51617a314ec4fdc32fb3d1 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 20 Oct 2021 19:43:34 +0200 +Subject: [PATCH] test: don't install test-network-generator-conversion.sh w/o + networkd + +otherwise TEST-02 will fail: + +``` +=== Failed test log === +--- test-network-generator-conversion.sh begin --- ++ [[ -n '' ]] ++ [[ -x /usr/lib/systemd/systemd-network-generator ]] ++ [[ -x /lib/systemd/systemd-network-generator ]] ++ exit 1 +--- test-network-generator-conversion.sh end --- +``` + +Before: +``` +$ meson build -Dnetworkd=false -Dinstall-tests=true +$ ninja -C build +$ DESTDIR=$PWD/test-install ninja -C build install +$ find test-install/ -name test-network-generator-conversion.sh +test-install/usr/lib/systemd/tests/test-network-generator-conversion.sh +``` + +After: +``` +$ find test-install/ -name test-network-generator-conversion.sh + +``` + +(cherry picked from commit 140557021ad1a3946319fff1a87831eb02d6a1a0) + +Related: #2017035 +--- + test/meson.build | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/test/meson.build b/test/meson.build +index 47c7f4d49a..27b37a9ae7 100644 +--- a/test/meson.build ++++ b/test/meson.build +@@ -98,9 +98,12 @@ if install_tests + install_data('run-unit-tests.py', + install_mode : 'rwxr-xr-x', + install_dir : testsdir) +- install_data('test-network-generator-conversion.sh', +- install_mode : 'rwxr-xr-x', +- install_dir : testsdir) ++ ++ if conf.get('ENABLE_NETWORKD') == 1 ++ install_data('test-network-generator-conversion.sh', ++ install_mode : 'rwxr-xr-x', ++ install_dir : testsdir) ++ endif + endif + + ############################################################ diff --git a/SOURCES/0041-meson.build-change-operator-combining-bools-from-to-.patch b/SOURCES/0041-meson.build-change-operator-combining-bools-from-to-.patch new file mode 100644 index 0000000..aa7e374 --- /dev/null +++ b/SOURCES/0041-meson.build-change-operator-combining-bools-from-to-.patch @@ -0,0 +1,32 @@ +From 7d7562db194f6b521d93ef370176922d0ac68331 Mon Sep 17 00:00:00 2001 +From: Dan Streetman +Date: Fri, 3 Sep 2021 12:43:33 -0400 +Subject: [PATCH] meson.build: change operator combining bools from + to and + +upstream meson stopped allowing combining boolean with the plus +operator, and now requires using the logical and operator + +reference: +https://github.com/mesonbuild/meson/commit/43302d3296baff6aeaf8e03f5d701b0402e37a6c + +Fixes: #20632 +(cherry picked from commit c29537f39e4f413a6cbfe9669fa121bdd6d8b36f) + +Related: #2017035 +--- + meson.build | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/meson.build b/meson.build +index d28f04607a..f21ec5bb94 100644 +--- a/meson.build ++++ b/meson.build +@@ -35,7 +35,7 @@ conf.set10('BUILD_MODE_DEVELOPER', get_option('mode') == 'developer', + + want_ossfuzz = get_option('oss-fuzz') + want_libfuzzer = get_option('llvm-fuzz') +-if want_ossfuzz + want_libfuzzer > 1 ++if want_ossfuzz and want_libfuzzer + error('only one of oss-fuzz or llvm-fuzz can be specified') + endif + diff --git a/SOURCES/0042-openssl-util-use-EVP-API-to-get-RSA-bits.patch b/SOURCES/0042-openssl-util-use-EVP-API-to-get-RSA-bits.patch new file mode 100644 index 0000000..76d7d54 --- /dev/null +++ b/SOURCES/0042-openssl-util-use-EVP-API-to-get-RSA-bits.patch @@ -0,0 +1,37 @@ +From 387ba3f36092f2072ee6a05abeac27deaca177bd Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 29 Sep 2021 15:03:44 +0200 +Subject: [PATCH] openssl-util: use EVP API to get RSA bits + +(cherry picked from commit 7f12adc3000c08a370f74bd16c654506c8a99e92) + +Resolves: #2016042 +--- + src/shared/openssl-util.c | 7 +------ + 1 file changed, 1 insertion(+), 6 deletions(-) + +diff --git a/src/shared/openssl-util.c b/src/shared/openssl-util.c +index bb47ae5e87..bd728e6c7c 100644 +--- a/src/shared/openssl-util.c ++++ b/src/shared/openssl-util.c +@@ -46,7 +46,6 @@ int rsa_pkey_to_suitable_key_size( + size_t *ret_suitable_key_size) { + + size_t suitable_key_size; +- const RSA *rsa; + int bits; + + assert_se(pkey); +@@ -58,11 +57,7 @@ int rsa_pkey_to_suitable_key_size( + if (EVP_PKEY_base_id(pkey) != EVP_PKEY_RSA) + return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG), "X.509 certificate does not refer to RSA key."); + +- rsa = EVP_PKEY_get0_RSA(pkey); +- if (!rsa) +- return log_debug_errno(SYNTHETIC_ERRNO(EIO), "Failed to acquire RSA public key from X.509 certificate."); +- +- bits = RSA_bits(rsa); ++ bits = EVP_PKEY_bits(pkey); + log_debug("Bits in RSA key: %i", bits); + + /* We use PKCS#1 padding for the RSA cleartext, hence let's leave some extra space for it, hence only diff --git a/SOURCES/0043-procfs-util-fix-confusion-wrt.-quantity-limit-and-ma.patch b/SOURCES/0043-procfs-util-fix-confusion-wrt.-quantity-limit-and-ma.patch new file mode 100644 index 0000000..048eb49 --- /dev/null +++ b/SOURCES/0043-procfs-util-fix-confusion-wrt.-quantity-limit-and-ma.patch @@ -0,0 +1,315 @@ +From 862ded47343a782d70f7d4421a6a2e4e33684e5e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 2 Nov 2021 18:18:21 +0100 +Subject: [PATCH] procfs-util: fix confusion wrt. quantity limit and maximum + value +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From packit/rawhide-arm64 logs: +Assertion 'limit >= INT_MAX || get_process_ppid(limit+1, NULL) == -ESRCH' failed at src/test/test-process-util.c:855, function test_get_process_ppid(). Aborting. +―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――― + +The kernel has a few different limits. In particular kernel.threads-max can be +set to some lower value, and kernel.pid_max can be set to a higher value. This +is nice because it reduces PID reuse, even if the number of threads that is +allowed is limited. But the tests assumed that we cannot have a thread with +PID above MIN(kernel.threads-max, kernel.pid_max-1), which is not valid. + +So let's rework the whole thing: let's expose the helpers to read +kernel.threads-max and kernel.pid_max, and print what they return in tests. +procfs_tasks_get_limit() was something that is only used in tests, and wasn't +very well defined, so let's drop it. + +Fixes #21193. + +(cherry picked from commit c3dead53d50e334f2d072a2248256983d6dc9f8c) + +Related: #2017035 +--- + src/basic/limits-util.c | 50 ++++++++++++++++++++++++---------- + src/basic/procfs-util.c | 53 +++++++++--------------------------- + src/basic/procfs-util.h | 4 ++- + src/test/test-process-util.c | 10 +++++-- + src/test/test-procfs-util.c | 34 ++++++++++++++++------- + 5 files changed, 84 insertions(+), 67 deletions(-) + +diff --git a/src/basic/limits-util.c b/src/basic/limits-util.c +index 9f8e26d46a..435a2a0efe 100644 +--- a/src/basic/limits-util.c ++++ b/src/basic/limits-util.c +@@ -109,35 +109,57 @@ uint64_t physical_memory_scale(uint64_t v, uint64_t max) { + } + + uint64_t system_tasks_max(void) { +- uint64_t a = TASKS_MAX, b = TASKS_MAX; ++ uint64_t a = TASKS_MAX, b = TASKS_MAX, c = TASKS_MAX; + _cleanup_free_ char *root = NULL; + int r; + +- /* Determine the maximum number of tasks that may run on this system. We check three sources to determine this +- * limit: ++ /* Determine the maximum number of tasks that may run on this system. We check three sources to ++ * determine this limit: + * +- * a) the maximum tasks value the kernel allows on this architecture +- * b) the cgroups pids_max attribute for the system +- * c) the kernel's configured maximum PID value ++ * a) kernel.threads-max sysctl: the maximum number of tasks (threads) the kernel allows. + * +- * And then pick the smallest of the three */ ++ * This puts a direct limit on the number of concurrent tasks. ++ * ++ * b) kernel.pid_max sysctl: the maximum PID value. ++ * ++ * This limits the numeric range PIDs can take, and thus indirectly also limits the number of ++ * concurrent threads. It's primarily a compatibility concept: some crappy old code used a signed ++ * 16bit type for PIDs, hence the kernel provides a way to ensure the PIDs never go beyond ++ * INT16_MAX by default. ++ * ++ * Also note the weird definition: PIDs assigned will be kept below this value, which means ++ * the number of tasks that can be created is one lower, as PID 0 is not a valid process ID. ++ * ++ * c) pids.max on the root cgroup: the kernel's configured maximum number of tasks. ++ * ++ * and then pick the smallest of the three. ++ * ++ * By default pid_max is set to much lower values than threads-max, hence the limit people come into ++ * contact with first, as it's the lowest boundary they need to bump when they want higher number of ++ * processes. ++ */ ++ ++ r = procfs_get_threads_max(&a); ++ if (r < 0) ++ log_debug_errno(r, "Failed to read kernel.threads-max, ignoring: %m"); + +- r = procfs_tasks_get_limit(&a); ++ r = procfs_get_pid_max(&b); + if (r < 0) +- log_debug_errno(r, "Failed to read maximum number of tasks from /proc, ignoring: %m"); ++ log_debug_errno(r, "Failed to read kernel.pid_max, ignoring: %m"); ++ else if (b > 0) ++ /* Subtract one from pid_max, since PID 0 is not a valid PID */ ++ b--; + + r = cg_get_root_path(&root); + if (r < 0) + log_debug_errno(r, "Failed to determine cgroup root path, ignoring: %m"); + else { +- r = cg_get_attribute_as_uint64("pids", root, "pids.max", &b); ++ r = cg_get_attribute_as_uint64("pids", root, "pids.max", &c); + if (r < 0) +- log_debug_errno(r, "Failed to read pids.max attribute of cgroup root, ignoring: %m"); ++ log_debug_errno(r, "Failed to read pids.max attribute of root cgroup, ignoring: %m"); + } + +- return MIN3(TASKS_MAX, +- a <= 0 ? TASKS_MAX : a, +- b <= 0 ? TASKS_MAX : b); ++ return MIN3(a, b, c); + } + + uint64_t system_tasks_max_scale(uint64_t v, uint64_t max) { +diff --git a/src/basic/procfs-util.c b/src/basic/procfs-util.c +index 9234ccaf85..a29e776a3a 100644 +--- a/src/basic/procfs-util.c ++++ b/src/basic/procfs-util.c +@@ -12,54 +12,34 @@ + #include "stdio-util.h" + #include "string-util.h" + +-int procfs_tasks_get_limit(uint64_t *ret) { ++int procfs_get_pid_max(uint64_t *ret) { + _cleanup_free_ char *value = NULL; +- uint64_t pid_max, threads_max; + int r; + + assert(ret); + +- /* So there are two sysctl files that control the system limit of processes: +- * +- * 1. kernel.threads-max: this is probably the sysctl that makes more sense, as it directly puts a limit on +- * concurrent tasks. +- * +- * 2. kernel.pid_max: this limits the numeric range PIDs can take, and thus indirectly also limits the number +- * of concurrent threads. AFAICS it's primarily a compatibility concept: some crappy old code used a signed +- * 16bit type for PIDs, hence the kernel provides a way to ensure the PIDs never go beyond INT16_MAX by +- * default. +- * +- * By default #2 is set to much lower values than #1, hence the limit people come into contact with first, as +- * it's the lowest boundary they need to bump when they want higher number of processes. +- * +- * Also note the weird definition of #2: PIDs assigned will be kept below this value, which means the number of +- * tasks that can be created is one lower, as PID 0 is not a valid process ID. */ +- + r = read_one_line_file("/proc/sys/kernel/pid_max", &value); + if (r < 0) + return r; + +- r = safe_atou64(value, &pid_max); +- if (r < 0) +- return r; ++ return safe_atou64(value, ret); ++} + +- value = mfree(value); +- r = read_one_line_file("/proc/sys/kernel/threads-max", &value); +- if (r < 0) +- return r; ++int procfs_get_threads_max(uint64_t *ret) { ++ _cleanup_free_ char *value = NULL; ++ int r; + +- r = safe_atou64(value, &threads_max); ++ assert(ret); ++ ++ r = read_one_line_file("/proc/sys/kernel/threads-max", &value); + if (r < 0) + return r; + +- /* Subtract one from pid_max, since PID 0 is not a valid PID */ +- *ret = MIN(pid_max-1, threads_max); +- return 0; ++ return safe_atou64(value, ret); + } + + int procfs_tasks_set_limit(uint64_t limit) { + char buffer[DECIMAL_STR_MAX(uint64_t)+1]; +- _cleanup_free_ char *value = NULL; + uint64_t pid_max; + int r; + +@@ -74,10 +54,7 @@ int procfs_tasks_set_limit(uint64_t limit) { + * set it to the maximum. */ + limit = CLAMP(limit, 20U, TASKS_MAX); + +- r = read_one_line_file("/proc/sys/kernel/pid_max", &value); +- if (r < 0) +- return r; +- r = safe_atou64(value, &pid_max); ++ r = procfs_get_pid_max(&pid_max); + if (r < 0) + return r; + +@@ -98,14 +75,10 @@ int procfs_tasks_set_limit(uint64_t limit) { + /* Hmm, we couldn't write this? If so, maybe it was already set properly? In that case let's not + * generate an error */ + +- value = mfree(value); +- if (read_one_line_file("/proc/sys/kernel/threads-max", &value) < 0) +- return r; /* return original error */ +- +- if (safe_atou64(value, &threads_max) < 0) ++ if (procfs_get_threads_max(&threads_max) < 0) + return r; /* return original error */ + +- if (MIN(pid_max-1, threads_max) != limit) ++ if (MIN(pid_max - 1, threads_max) != limit) + return r; /* return original error */ + + /* Yay! Value set already matches what we were trying to set, hence consider this a success. */ +diff --git a/src/basic/procfs-util.h b/src/basic/procfs-util.h +index 61fa71d479..eb8c7738b1 100644 +--- a/src/basic/procfs-util.h ++++ b/src/basic/procfs-util.h +@@ -5,7 +5,9 @@ + + #include "time-util.h" + +-int procfs_tasks_get_limit(uint64_t *ret); ++int procfs_get_pid_max(uint64_t *ret); ++int procfs_get_threads_max(uint64_t *ret); ++ + int procfs_tasks_set_limit(uint64_t limit); + int procfs_tasks_get_current(uint64_t *ret); + +diff --git a/src/test/test-process-util.c b/src/test/test-process-util.c +index 8c76392ae9..d89ce6e2db 100644 +--- a/src/test/test-process-util.c ++++ b/src/test/test-process-util.c +@@ -850,8 +850,14 @@ static void test_get_process_ppid(void) { + assert_se(get_process_ppid(1, NULL) == -EADDRNOTAVAIL); + + /* the process with the PID above the global limit definitely doesn't exist. Verify that */ +- assert_se(procfs_tasks_get_limit(&limit) >= 0); +- assert_se(limit >= INT_MAX || get_process_ppid(limit+1, NULL) == -ESRCH); ++ assert_se(procfs_get_pid_max(&limit) >= 0); ++ log_debug("kernel.pid_max = %"PRIu64, limit); ++ ++ if (limit < INT_MAX) { ++ r = get_process_ppid(limit + 1, NULL); ++ log_debug_errno(r, "get_process_limit(%"PRIu64") → %d/%m", limit + 1, r); ++ assert(r == -ESRCH); ++ } + + for (pid_t pid = 0;;) { + _cleanup_free_ char *c1 = NULL, *c2 = NULL; +diff --git a/src/test/test-procfs-util.c b/src/test/test-procfs-util.c +index b2679e30fb..876ef40dfd 100644 +--- a/src/test/test-procfs-util.c ++++ b/src/test/test-procfs-util.c +@@ -6,12 +6,13 @@ + #include "format-util.h" + #include "log.h" + #include "procfs-util.h" ++#include "process-util.h" + #include "tests.h" + + int main(int argc, char *argv[]) { + char buf[CONST_MAX(FORMAT_TIMESPAN_MAX, FORMAT_BYTES_MAX)]; + nsec_t nsec; +- uint64_t v; ++ uint64_t v, w; + int r; + + log_parse_environment(); +@@ -26,26 +27,39 @@ int main(int argc, char *argv[]) { + assert_se(procfs_tasks_get_current(&v) >= 0); + log_info("Current number of tasks: %" PRIu64, v); + +- r = procfs_tasks_get_limit(&v); +- if (r == -ENOENT || ERRNO_IS_PRIVILEGE(r)) +- return log_tests_skipped("can't read /proc/sys/kernel/pid_max"); ++ v = TASKS_MAX; ++ r = procfs_get_pid_max(&v); ++ assert(r >= 0 || r == -ENOENT || ERRNO_IS_PRIVILEGE(r)); ++ log_info("kernel.pid_max: %"PRIu64, v); ++ ++ w = TASKS_MAX; ++ r = procfs_get_threads_max(&w); ++ assert(r >= 0 || r == -ENOENT || ERRNO_IS_PRIVILEGE(r)); ++ log_info("kernel.threads-max: %"PRIu64, w); ++ ++ v = MIN(v - (v > 0), w); + + assert_se(r >= 0); + log_info("Limit of tasks: %" PRIu64, v); + assert_se(v > 0); +- assert_se(procfs_tasks_set_limit(v) >= 0); ++ r = procfs_tasks_set_limit(v); ++ if (r == -ENOENT || ERRNO_IS_PRIVILEGE(r)) ++ return log_tests_skipped("can't set task limits"); ++ assert(r >= 0); + + if (v > 100) { +- uint64_t w; ++ log_info("Reducing limit by one to %"PRIu64"…", v-1); ++ + r = procfs_tasks_set_limit(v-1); +- assert_se(IN_SET(r, 0, -EPERM, -EACCES, -EROFS)); ++ log_info_errno(r, "procfs_tasks_set_limit: %m"); ++ assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r)); + +- assert_se(procfs_tasks_get_limit(&w) >= 0); +- assert_se((r == 0 && w == v - 1) || (r < 0 && w == v)); ++ assert_se(procfs_get_threads_max(&w) >= 0); ++ assert_se(r >= 0 ? w == v - 1 : w == v); + + assert_se(procfs_tasks_set_limit(v) >= 0); + +- assert_se(procfs_tasks_get_limit(&w) >= 0); ++ assert_se(procfs_get_threads_max(&w) >= 0); + assert_se(v == w); + } + diff --git a/SOURCES/0044-test-process-util-also-add-EROFS-to-the-list-of-good.patch b/SOURCES/0044-test-process-util-also-add-EROFS-to-the-list-of-good.patch new file mode 100644 index 0000000..ae93bc0 --- /dev/null +++ b/SOURCES/0044-test-process-util-also-add-EROFS-to-the-list-of-good.patch @@ -0,0 +1,31 @@ +From e43e8caf2f2699de7da1f072bcc7c25e125313e4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 3 Nov 2021 09:39:16 +0100 +Subject: [PATCH] test-process-util: also add EROFS to the list of "good" + errors + +It is only added in the one place where we actually try to set the +setting to a new value. Before we were testing if we can set to it the +existing value, which was a noop. We could still get a permission error, +but this is the first place where we would propagate EROFS. + +(cherry picked from commit 6434a83d01d96e9f9a17ed9ce1f04a7d64859950) + +Related: #2017035 +--- + src/test/test-procfs-util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/test/test-procfs-util.c b/src/test/test-procfs-util.c +index 876ef40dfd..f19a41475d 100644 +--- a/src/test/test-procfs-util.c ++++ b/src/test/test-procfs-util.c +@@ -52,7 +52,7 @@ int main(int argc, char *argv[]) { + + r = procfs_tasks_set_limit(v-1); + log_info_errno(r, "procfs_tasks_set_limit: %m"); +- assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r)); ++ assert_se(r >= 0 || ERRNO_IS_PRIVILEGE(r) || r == -EROFS); + + assert_se(procfs_get_threads_max(&w) >= 0); + assert_se(r >= 0 ? w == v - 1 : w == v); diff --git a/SOURCES/0045-ci-use-C9S-chroots-in-Packit.patch b/SOURCES/0045-ci-use-C9S-chroots-in-Packit.patch new file mode 100644 index 0000000..8b3991a --- /dev/null +++ b/SOURCES/0045-ci-use-C9S-chroots-in-Packit.patch @@ -0,0 +1,27 @@ +From 5c8d698f3905c860eff17b84a32bb7acfb98d931 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Thu, 4 Nov 2021 12:31:32 +0100 +Subject: [PATCH] ci: use C9S chroots in Packit + +rhel-only +Related: #2017035 +--- + .packit.yml | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/.packit.yml b/.packit.yml +index 3461bccbc5..ce8782aae2 100644 +--- a/.packit.yml ++++ b/.packit.yml +@@ -37,9 +37,8 @@ jobs: + trigger: pull_request + metadata: + targets: +- # FIXME: change to CentOS 9 once it's available +- - fedora-34-x86_64 +- - fedora-34-aarch64 ++ - centos-stream-9-x86_64 ++ - centos-stream-9-aarch64 + + # TODO: can't use TFT yet due to https://pagure.io/fedora-ci/general/issue/184 + # Run tests (via testing farm) diff --git a/SOURCES/0046-test-mountpointutil-util-do-not-assert-in-test_mnt_i.patch b/SOURCES/0046-test-mountpointutil-util-do-not-assert-in-test_mnt_i.patch new file mode 100644 index 0000000..1fa73eb --- /dev/null +++ b/SOURCES/0046-test-mountpointutil-util-do-not-assert-in-test_mnt_i.patch @@ -0,0 +1,136 @@ +From 5a86b79c5f79215a17f6617ae925dc76b25396a6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Mon, 14 Sep 2020 17:58:03 +0200 +Subject: [PATCH] test-mountpointutil-util: do not assert in test_mnt_id() + +https://bugzilla.redhat.com/show_bug.cgi?id=1803070 + +I *think* this a kernel bug: the mnt_id as listed in /proc/self/mountinfo is different +than the one we get from /proc/self/fdinfo/. This only matters when both statx and +name_to_handle_at are unavailable and we hit the fallback path that goes through fdinfo: + +(gdb) !uname -r +5.6.19-200.fc31.ppc64le + +(gdb) !cat /proc/self/mountinfo +697 664 253:0 /var/lib/mock/fedora-31-ppc64le/root / rw,relatime shared:298 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota +698 697 253:0 /var/cache/mock/fedora-31-ppc64le/yum_cache /var/cache/yum rw,relatime shared:299 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota +699 697 253:0 /var/cache/mock/fedora-31-ppc64le/dnf_cache /var/cache/dnf rw,relatime shared:300 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota +700 697 0:32 /mock-selinux-plugin.7me9bfpi /proc/filesystems rw,nosuid,nodev shared:301 master:18 - tmpfs tmpfs rw,seclabel <========================================================== +701 697 0:41 / /sys ro,nosuid,nodev,noexec,relatime shared:302 - sysfs sysfs ro,seclabel +702 701 0:21 / /sys/fs/selinux ro,nosuid,nodev,noexec,relatime shared:306 master:8 - selinuxfs selinuxfs rw +703 697 0:42 / /dev rw,nosuid shared:303 - tmpfs tmpfs rw,seclabel,mode=755 +704 703 0:43 / /dev/shm rw,nosuid,nodev shared:304 - tmpfs tmpfs rw,seclabel +705 703 0:45 / /dev/pts rw,nosuid,noexec,relatime shared:307 - devpts devpts rw,seclabel,gid=5,mode=620,ptmxmode=666 +706 703 0:6 /btrfs-control /dev/btrfs-control rw,nosuid shared:308 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +707 703 0:6 /loop-control /dev/loop-control rw,nosuid shared:309 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +708 703 0:6 /loop0 /dev/loop0 rw,nosuid shared:310 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +709 703 0:6 /loop1 /dev/loop1 rw,nosuid shared:311 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +710 703 0:6 /loop10 /dev/loop10 rw,nosuid shared:312 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +711 703 0:6 /loop11 /dev/loop11 rw,nosuid shared:313 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +712 703 0:6 /loop2 /dev/loop2 rw,nosuid shared:314 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +713 703 0:6 /loop3 /dev/loop3 rw,nosuid shared:315 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +714 703 0:6 /loop4 /dev/loop4 rw,nosuid shared:316 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +715 703 0:6 /loop5 /dev/loop5 rw,nosuid shared:317 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +716 703 0:6 /loop6 /dev/loop6 rw,nosuid shared:318 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +717 703 0:6 /loop7 /dev/loop7 rw,nosuid shared:319 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +718 703 0:6 /loop8 /dev/loop8 rw,nosuid shared:320 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +719 703 0:6 /loop9 /dev/loop9 rw,nosuid shared:321 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 +720 697 0:44 / /run rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755 +721 720 0:25 /systemd/nspawn/propagate/9cc8a155d0244558b273f773d2b92142 /run/systemd/nspawn/incoming ro master:12 - tmpfs tmpfs rw,seclabel,mode=755 +722 697 0:32 /mock-resolv.dvml91hp /etc/resolv.conf rw,nosuid,nodev shared:322 master:18 - tmpfs tmpfs rw,seclabel +725 697 0:47 / /proc rw,nosuid,nodev,noexec,relatime shared:323 - proc proc rw +603 725 0:47 /sys /proc/sys ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw +604 725 0:44 /systemd/inaccessible/reg /proc/kallsyms ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 +605 725 0:44 /systemd/inaccessible/reg /proc/kcore ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 +606 725 0:44 /systemd/inaccessible/reg /proc/keys ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 +607 725 0:44 /systemd/inaccessible/reg /proc/sysrq-trigger ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 +608 725 0:44 /systemd/inaccessible/reg /proc/timer_list ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 +609 725 0:47 /bus /proc/bus ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw +610 725 0:47 /fs /proc/fs ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw +611 725 0:47 /irq /proc/irq ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw +612 725 0:47 /scsi /proc/scsi ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw +613 703 0:46 / /dev/mqueue rw,nosuid,nodev,noexec,relatime shared:324 - mqueue mqueue rw,seclabel +614 701 0:26 / /sys/fs/cgroup rw,nosuid,nodev,noexec,relatime shared:325 - cgroup2 cgroup rw,seclabel,nsdelegate +615 603 0:44 /.#proc-sys-kernel-random-boot-id4fbdce67af46d1c2//deleted /proc/sys/kernel/random/boot_id ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 +616 725 0:44 /.#proc-sys-kernel-random-boot-id4fbdce67af46d1c2//deleted /proc/sys/kernel/random/boot_id rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755 +617 725 0:44 /.#proc-kmsg5b7a8bcfe6717139//deleted /proc/kmsg rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755 + +The test process does +name_to_handle_at("/proc/filesystems") which returns -EOPNOTSUPP, and then +openat(AT_FDCWD, "/proc/filesystems") which returns 4, and then +read(open("/proc/self/fdinfo/4", ...)) which gives +"pos:\t0\nflags:\t012100000\nmnt_id:\t725\n" + +and the "725" is clearly inconsistent with "700" in /proc/self/mountinfo. + +We could either drop the fallback path (and fail name_to_handle_at() is not +avaliable) or ignore the error in the test. Not sure what is better. I think +this issue only occurs sometimes and with older kernels, so probably continuing +with the current flaky implementation is better than ripping out the fallback. + +Another strace: +writev(2, [{iov_base="mnt ids of /proc/sys is 603", iov_len=27}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/sys is 603 +) = 28 +name_to_handle_at(AT_FDCWD, "/", {handle_bytes=128 => 12, handle_type=129, f_handle=0x52748401000000008b93e20d}, [697], 0) = 0 +writev(2, [{iov_base="mnt ids of / is 697", iov_len=19}, {iov_base="\n", iov_len=1}], 2mnt ids of / is 697 +) = 20 +name_to_handle_at(AT_FDCWD, "/proc/kcore", {handle_bytes=128 => 12, handle_type=1, f_handle=0x92ddcfcd2e802d0100000000}, [605], 0) = 0 +writev(2, [{iov_base="mnt ids of /proc/kcore is 605", iov_len=29}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/kcore is 605 +) = 30 +name_to_handle_at(AT_FDCWD, "/dev", {handle_bytes=128 => 12, handle_type=1, f_handle=0x8ae269160c802d0100000000}, [703], 0) = 0 +writev(2, [{iov_base="mnt ids of /dev is 703", iov_len=22}, {iov_base="\n", iov_len=1}], 2mnt ids of /dev is 703 +) = 23 +name_to_handle_at(AT_FDCWD, "/proc/filesystems", {handle_bytes=128}, 0x7fffe36ddb84, 0) = -1 EOPNOTSUPP (Operation not supported) +openat(AT_FDCWD, "/proc/filesystems", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|O_PATH) = 4 +openat(AT_FDCWD, "/proc/self/fdinfo/4", O_RDONLY|O_CLOEXEC) = 5 +fstat(5, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0 +fstat(5, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0 +read(5, "pos:\t0\nflags:\t012100000\nmnt_id:\t725\n", 2048) = 36 +read(5, "", 1024) = 0 +close(5) = 0 +close(4) = 0 +writev(2, [{iov_base="mnt ids of /proc/filesystems are 700, 725", iov_len=41}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/filesystems are 700, 725 +) = 42 +writev(2, [{iov_base="the other path for mnt id 725 is /proc", iov_len=38}, {iov_base="\n", iov_len=1}], 2the other path for mnt id 725 is /proc +) = 39 +writev(2, [{iov_base="Assertion 'path_equal(p, t)' failed at src/test/test-mountpoint-util.c:94, function test_mnt_id(). Aborting.", iov_len=108}, {iov_base="\n", iov_len=1}], 2Assertion 'path_equal(p, t)' failed at src/test/test-mountpoint-util.c:94, function test_mnt_id(). Aborting. +) = 109 +rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0 +rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], [], 8) = 0 +getpid() = 20 +gettid() = 20 +tgkill(20, 20, SIGABRT) = 0 +rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 + +RHEL notes: af918c4 should mitigate this issue, but in some build +systems (Copr, brew, etc.) we don't have enough privileges to create a +new mount namespace + +Cherry-picked manually from https://github.com/systemd/systemd/pull/17050. + +rhel-only +Related: #2017035 +--- + src/test/test-mountpoint-util.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/test/test-mountpoint-util.c b/src/test/test-mountpoint-util.c +index 983e1842d6..66d476d06d 100644 +--- a/src/test/test-mountpoint-util.c ++++ b/src/test/test-mountpoint-util.c +@@ -91,8 +91,12 @@ static void test_mnt_id(void) { + /* The ids don't match? If so, then there are two mounts on the same path, let's check if + * that's really the case */ + char *t = hashmap_get(h, INT_TO_PTR(mnt_id2)); +- log_debug("the other path for mnt id %i is %s\n", mnt_id2, t); +- assert_se(path_equal(p, t)); ++ log_debug("Path for mnt id %i from /proc/self/mountinfo is %s\n", mnt_id2, t); ++ ++ if (!path_equal(p, t)) ++ /* Apparent kernel bug in /proc/self/fdinfo */ ++ log_warning("Bad mount id given for %s: %d, should be %d", ++ p, mnt_id2, mnt_id); + } + } + diff --git a/SOURCES/0047-core-mount-add-implicit-unit-dependencies-even-if-wh.patch b/SOURCES/0047-core-mount-add-implicit-unit-dependencies-even-if-wh.patch new file mode 100644 index 0000000..7b1650d --- /dev/null +++ b/SOURCES/0047-core-mount-add-implicit-unit-dependencies-even-if-wh.patch @@ -0,0 +1,30 @@ +From ea4ebf86d25fb9c489d1cf1ca42371b7e2e782aa Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 29 Aug 2021 21:20:43 +0900 +Subject: [PATCH] core/mount: add implicit unit dependencies even if when mount + unit is generated from /proc/self/mountinfo + +Hopefully fixes #20566. + +(cherry picked from commit aebff2e7ce209fc2d75b894a3ae8b80f6f36ec11) + +Resolves: #2019468 +--- + src/core/mount.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 1fd3102ad3..f2c85e0e5d 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1582,6 +1582,10 @@ static int mount_setup_new_unit( + if (r < 0) + return r; + ++ r = mount_add_non_exec_dependencies(MOUNT(u)); ++ if (r < 0) ++ return r; ++ + /* This unit was generated because /proc/self/mountinfo reported it. Remember this, so that by the time we load + * the unit file for it (and thus add in extra deps right after) we know what source to attributes the deps + * to. */ diff --git a/SOURCES/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch b/SOURCES/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch deleted file mode 100644 index 84497ad..0000000 --- a/SOURCES/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch +++ /dev/null @@ -1,129 +0,0 @@ -From f58b96d3e8d1cb0dd3666bc74fa673918b586612 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Mon, 14 Sep 2020 17:58:03 +0200 -Subject: [PATCH] test-mountpointutil-util: do not assert in test_mnt_id() - -https://bugzilla.redhat.com/show_bug.cgi?id=1803070 - -I *think* this a kernel bug: the mnt_id as listed in /proc/self/mountinfo is different -than the one we get from /proc/self/fdinfo/. This only matters when both statx and -name_to_handle_at are unavailable and we hit the fallback path that goes through fdinfo: - -(gdb) !uname -r -5.6.19-200.fc31.ppc64le - -(gdb) !cat /proc/self/mountinfo -697 664 253:0 /var/lib/mock/fedora-31-ppc64le/root / rw,relatime shared:298 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota -698 697 253:0 /var/cache/mock/fedora-31-ppc64le/yum_cache /var/cache/yum rw,relatime shared:299 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota -699 697 253:0 /var/cache/mock/fedora-31-ppc64le/dnf_cache /var/cache/dnf rw,relatime shared:300 master:1 - xfs /dev/mapper/fedora_rh--power--vm14-root rw,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota -700 697 0:32 /mock-selinux-plugin.7me9bfpi /proc/filesystems rw,nosuid,nodev shared:301 master:18 - tmpfs tmpfs rw,seclabel <========================================================== -701 697 0:41 / /sys ro,nosuid,nodev,noexec,relatime shared:302 - sysfs sysfs ro,seclabel -702 701 0:21 / /sys/fs/selinux ro,nosuid,nodev,noexec,relatime shared:306 master:8 - selinuxfs selinuxfs rw -703 697 0:42 / /dev rw,nosuid shared:303 - tmpfs tmpfs rw,seclabel,mode=755 -704 703 0:43 / /dev/shm rw,nosuid,nodev shared:304 - tmpfs tmpfs rw,seclabel -705 703 0:45 / /dev/pts rw,nosuid,noexec,relatime shared:307 - devpts devpts rw,seclabel,gid=5,mode=620,ptmxmode=666 -706 703 0:6 /btrfs-control /dev/btrfs-control rw,nosuid shared:308 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -707 703 0:6 /loop-control /dev/loop-control rw,nosuid shared:309 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -708 703 0:6 /loop0 /dev/loop0 rw,nosuid shared:310 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -709 703 0:6 /loop1 /dev/loop1 rw,nosuid shared:311 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -710 703 0:6 /loop10 /dev/loop10 rw,nosuid shared:312 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -711 703 0:6 /loop11 /dev/loop11 rw,nosuid shared:313 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -712 703 0:6 /loop2 /dev/loop2 rw,nosuid shared:314 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -713 703 0:6 /loop3 /dev/loop3 rw,nosuid shared:315 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -714 703 0:6 /loop4 /dev/loop4 rw,nosuid shared:316 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -715 703 0:6 /loop5 /dev/loop5 rw,nosuid shared:317 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -716 703 0:6 /loop6 /dev/loop6 rw,nosuid shared:318 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -717 703 0:6 /loop7 /dev/loop7 rw,nosuid shared:319 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -718 703 0:6 /loop8 /dev/loop8 rw,nosuid shared:320 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -719 703 0:6 /loop9 /dev/loop9 rw,nosuid shared:321 master:9 - devtmpfs devtmpfs rw,seclabel,size=4107840k,nr_inodes=64185,mode=755 -720 697 0:44 / /run rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755 -721 720 0:25 /systemd/nspawn/propagate/9cc8a155d0244558b273f773d2b92142 /run/systemd/nspawn/incoming ro master:12 - tmpfs tmpfs rw,seclabel,mode=755 -722 697 0:32 /mock-resolv.dvml91hp /etc/resolv.conf rw,nosuid,nodev shared:322 master:18 - tmpfs tmpfs rw,seclabel -725 697 0:47 / /proc rw,nosuid,nodev,noexec,relatime shared:323 - proc proc rw -603 725 0:47 /sys /proc/sys ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw -604 725 0:44 /systemd/inaccessible/reg /proc/kallsyms ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 -605 725 0:44 /systemd/inaccessible/reg /proc/kcore ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 -606 725 0:44 /systemd/inaccessible/reg /proc/keys ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 -607 725 0:44 /systemd/inaccessible/reg /proc/sysrq-trigger ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 -608 725 0:44 /systemd/inaccessible/reg /proc/timer_list ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 -609 725 0:47 /bus /proc/bus ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw -610 725 0:47 /fs /proc/fs ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw -611 725 0:47 /irq /proc/irq ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw -612 725 0:47 /scsi /proc/scsi ro,nosuid,nodev,noexec,relatime shared:323 - proc proc rw -613 703 0:46 / /dev/mqueue rw,nosuid,nodev,noexec,relatime shared:324 - mqueue mqueue rw,seclabel -614 701 0:26 / /sys/fs/cgroup rw,nosuid,nodev,noexec,relatime shared:325 - cgroup2 cgroup rw,seclabel,nsdelegate -615 603 0:44 /.#proc-sys-kernel-random-boot-id4fbdce67af46d1c2//deleted /proc/sys/kernel/random/boot_id ro,nosuid,nodev,noexec shared:305 - tmpfs tmpfs rw,seclabel,mode=755 -616 725 0:44 /.#proc-sys-kernel-random-boot-id4fbdce67af46d1c2//deleted /proc/sys/kernel/random/boot_id rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755 -617 725 0:44 /.#proc-kmsg5b7a8bcfe6717139//deleted /proc/kmsg rw,nosuid,nodev shared:305 - tmpfs tmpfs rw,seclabel,mode=755 - -The test process does -name_to_handle_at("/proc/filesystems") which returns -EOPNOTSUPP, and then -openat(AT_FDCWD, "/proc/filesystems") which returns 4, and then -read(open("/proc/self/fdinfo/4", ...)) which gives -"pos:\t0\nflags:\t012100000\nmnt_id:\t725\n" - -and the "725" is clearly inconsistent with "700" in /proc/self/mountinfo. - -We could either drop the fallback path (and fail name_to_handle_at() is not -avaliable) or ignore the error in the test. Not sure what is better. I think -this issue only occurs sometimes and with older kernels, so probably continuing -with the current flaky implementation is better than ripping out the fallback. - -Another strace: -writev(2, [{iov_base="mnt ids of /proc/sys is 603", iov_len=27}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/sys is 603 -) = 28 -name_to_handle_at(AT_FDCWD, "/", {handle_bytes=128 => 12, handle_type=129, f_handle=0x52748401000000008b93e20d}, [697], 0) = 0 -writev(2, [{iov_base="mnt ids of / is 697", iov_len=19}, {iov_base="\n", iov_len=1}], 2mnt ids of / is 697 -) = 20 -name_to_handle_at(AT_FDCWD, "/proc/kcore", {handle_bytes=128 => 12, handle_type=1, f_handle=0x92ddcfcd2e802d0100000000}, [605], 0) = 0 -writev(2, [{iov_base="mnt ids of /proc/kcore is 605", iov_len=29}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/kcore is 605 -) = 30 -name_to_handle_at(AT_FDCWD, "/dev", {handle_bytes=128 => 12, handle_type=1, f_handle=0x8ae269160c802d0100000000}, [703], 0) = 0 -writev(2, [{iov_base="mnt ids of /dev is 703", iov_len=22}, {iov_base="\n", iov_len=1}], 2mnt ids of /dev is 703 -) = 23 -name_to_handle_at(AT_FDCWD, "/proc/filesystems", {handle_bytes=128}, 0x7fffe36ddb84, 0) = -1 EOPNOTSUPP (Operation not supported) -openat(AT_FDCWD, "/proc/filesystems", O_RDONLY|O_NOFOLLOW|O_CLOEXEC|O_PATH) = 4 -openat(AT_FDCWD, "/proc/self/fdinfo/4", O_RDONLY|O_CLOEXEC) = 5 -fstat(5, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0 -fstat(5, {st_mode=S_IFREG|0400, st_size=0, ...}) = 0 -read(5, "pos:\t0\nflags:\t012100000\nmnt_id:\t725\n", 2048) = 36 -read(5, "", 1024) = 0 -close(5) = 0 -close(4) = 0 -writev(2, [{iov_base="mnt ids of /proc/filesystems are 700, 725", iov_len=41}, {iov_base="\n", iov_len=1}], 2mnt ids of /proc/filesystems are 700, 725 -) = 42 -writev(2, [{iov_base="the other path for mnt id 725 is /proc", iov_len=38}, {iov_base="\n", iov_len=1}], 2the other path for mnt id 725 is /proc -) = 39 -writev(2, [{iov_base="Assertion 'path_equal(p, t)' failed at src/test/test-mountpoint-util.c:94, function test_mnt_id(). Aborting.", iov_len=108}, {iov_base="\n", iov_len=1}], 2Assertion 'path_equal(p, t)' failed at src/test/test-mountpoint-util.c:94, function test_mnt_id(). Aborting. -) = 109 -rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0 -rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], [], 8) = 0 -getpid() = 20 -gettid() = 20 -tgkill(20, 20, SIGABRT) = 0 -rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 ---- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=20, si_uid=0} --- -+++ killed by SIGABRT (core dumped) +++ ---- - src/test/test-mountpoint-util.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/src/test/test-mountpoint-util.c b/src/test/test-mountpoint-util.c -index 30b00ae4d8b..ffe5144b04a 100644 ---- a/src/test/test-mountpoint-util.c -+++ b/src/test/test-mountpoint-util.c -@@ -89,8 +89,12 @@ static void test_mnt_id(void) { - /* The ids don't match? If so, then there are two mounts on the same path, let's check if - * that's really the case */ - char *t = hashmap_get(h, INT_TO_PTR(mnt_id2)); -- log_debug("the other path for mnt id %i is %s\n", mnt_id2, t); -- assert_se(path_equal(p, t)); -+ log_debug("Path for mnt id %i from /proc/self/mountinfo is %s\n", mnt_id2, t); -+ -+ if (!path_equal(p, t)) -+ /* Apparent kernel bug in /proc/self/fdinfo */ -+ log_warning("Bad mount id given for %s: %d, should be %d", -+ p, mnt_id2, mnt_id); - } - } - diff --git a/SOURCES/rc.local b/SOURCES/rc.local new file mode 100644 index 0000000..4666070 --- /dev/null +++ b/SOURCES/rc.local @@ -0,0 +1,14 @@ +#!/bin/bash +# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES +# +# It is highly advisable to create own systemd services or udev rules +# to run scripts during boot instead of using this file. +# +# In contrast to previous versions due to parallel execution during boot +# this script will NOT be run after all other services. +# +# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure +# that this script will be executed during boot. + +touch /var/lock/subsys/local + diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec index e328be9..811d033 100644 --- a/SPECS/systemd.spec +++ b/SPECS/systemd.spec @@ -21,7 +21,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd Version: 249 -Release: 7%{?dist} +Release: 9%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -63,6 +63,7 @@ Source21: macros.sysusers Source22: sysusers.attr Source23: sysusers.prov Source24: sysusers.generate-pre.sh +Source25: rc.local %if 0 GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v235..v235-stable @@ -94,31 +95,38 @@ Patch0014: 0014-random-util-increase-random-seed-size-to-1024.patch Patch0015: 0015-journal-don-t-enable-systemd-journald-audit.socket-b.patch Patch0016: 0016-journald.conf-don-t-touch-current-audit-settings.patch Patch0017: 0017-Revert-udev-remove-WAIT_FOR-key.patch -Patch0018: 0018-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch +Patch0018: 0018-Really-don-t-enable-systemd-journald-audit.socket.patch Patch0019: 0019-rules-add-elevator-kernel-command-line-parameter.patch -Patch0020: 0020-sd-device-introduce-device_has_devlink.patch -Patch0021: 0021-udev-node-split-out-permission-handling-from-udev_no.patch -Patch0022: 0022-udev-node-stack-directory-must-exist-when-adding-dev.patch -Patch0023: 0023-udev-node-save-information-about-device-node-and-pri.patch -Patch0024: 0024-udev-node-always-update-timestamp-of-stack-directory.patch -Patch0025: 0025-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch -Patch0026: 0026-udev-node-always-atomically-create-symlink-to-device.patch -Patch0027: 0027-udev-node-check-stack-directory-change-even-if-devli.patch -Patch0028: 0028-udev-node-shorten-code-a-bit-and-update-log-message.patch -Patch0029: 0029-udev-node-add-random-delay-on-conflict-in-updating-d.patch -Patch0030: 0030-udev-node-drop-redundant-trial-of-devlink-creation.patch -Patch0031: 0031-udev-node-simplify-the-example-of-race.patch -Patch0032: 0032-udev-node-do-not-ignore-unexpected-errors-on-removin.patch -Patch0033: 0033-basic-time-util-introduce-FORMAT_TIMESPAN.patch -Patch0034: 0034-unit-install-the-systemd-bless-boot.service-only-if-.patch -Patch0035: 0035-units-don-t-enable-tmp.mount-statically-in-local-fs..patch -Patch0036: 0036-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch -Patch0037: 0037-udev-net-setup-link-change-the-default-MACAddressPol.patch -Patch0038: 0038-udev-net-setup-link-really-change-the-default-MACAdd.patch +Patch0020: 0020-boot-don-t-build-bootctl-when-Dgnu-efi-false-is-set.patch +Patch0021: 0021-unit-install-the-systemd-bless-boot.service-only-if-.patch +Patch0022: 0022-units-don-t-enable-tmp.mount-statically-in-local-fs..patch +Patch0023: 0023-pid1-bump-DefaultTasksMax-to-80-of-the-kernel-pid.ma.patch +Patch0024: 0024-sd-device-introduce-device_has_devlink.patch +Patch0025: 0025-udev-node-split-out-permission-handling-from-udev_no.patch +Patch0026: 0026-udev-node-stack-directory-must-exist-when-adding-dev.patch +Patch0027: 0027-udev-node-save-information-about-device-node-and-pri.patch +Patch0028: 0028-udev-node-always-update-timestamp-of-stack-directory.patch +Patch0029: 0029-udev-node-assume-no-new-claim-to-a-symlink-if-run-ud.patch +Patch0030: 0030-udev-node-always-atomically-create-symlink-to-device.patch +Patch0031: 0031-udev-node-check-stack-directory-change-even-if-devli.patch +Patch0032: 0032-udev-node-shorten-code-a-bit-and-update-log-message.patch +Patch0033: 0033-udev-node-add-random-delay-on-conflict-in-updating-d.patch +Patch0034: 0034-udev-node-drop-redundant-trial-of-devlink-creation.patch +Patch0035: 0035-udev-node-simplify-the-example-of-race.patch +Patch0036: 0036-udev-node-do-not-ignore-unexpected-errors-on-removin.patch +Patch0037: 0037-basic-time-util-introduce-FORMAT_TIMESPAN.patch +Patch0038: 0038-udev-net-setup-link-change-the-default-MACAddressPol.patch +Patch0039: 0039-set-core-ulimit-to-0-like-on-RHEL-7.patch +Patch0040: 0040-test-don-t-install-test-network-generator-conversion.patch +Patch0041: 0041-meson.build-change-operator-combining-bools-from-to-.patch +Patch0042: 0042-openssl-util-use-EVP-API-to-get-RSA-bits.patch +Patch0043: 0043-procfs-util-fix-confusion-wrt.-quantity-limit-and-ma.patch +Patch0044: 0044-test-process-util-also-add-EROFS-to-the-list-of-good.patch +Patch0045: 0045-ci-use-C9S-chroots-in-Packit.patch +Patch0046: 0046-test-mountpointutil-util-do-not-assert-in-test_mnt_i.patch +Patch0047: 0047-core-mount-add-implicit-unit-dependencies-even-if-wh.patch # Downstream-only patches (9000–9999) -# https://github.com/systemd/systemd/pull/17050 -Patch9001: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch BuildRequires: gcc BuildRequires: gcc-c++ @@ -363,6 +371,7 @@ MulticastDNS resolver and responder. Summary: A userspace out-of-memory (OOM) killer Requires: %{name}%{?_isa} = %{version}-%{release} License: LGPLv2+ +Provides: %{name}-oomd-defaults = %{version}-%{release} %description oomd systemd-oomd is a system service that uses cgroups-v2 and pressure stall @@ -461,7 +470,7 @@ CONFIGURE_OPTS=( %endif -Db_ndebug=false -Dman=true - -Dversion-tag=%{version}-%{release} + -Dversion-tag=v%{version}-%{release} %if 0%{?fedora} -Dfallback-hostname=fedora %else @@ -558,6 +567,11 @@ touch %{buildroot}%{_sysconfdir}/udev/hwdb.bin touch %{buildroot}%{_localstatedir}/lib/systemd/random-seed touch %{buildroot}%{_localstatedir}/lib/private/systemd/journal-upload/state +# Install rc.local +mkdir -p %{buildroot}%{_sysconfdir}/rc.d/ +install -m 0644 %{SOURCE25} %{buildroot}%{_sysconfdir}/rc.d/rc.local +ln -s rc.d/rc.local %{buildroot}%{_sysconfdir}/rc.local + # Install yum protection fragment install -Dm0644 %{SOURCE4} %{buildroot}/etc/dnf/protected.d/systemd.conf @@ -616,6 +630,8 @@ python3 %{SOURCE2} %buildroot </dev/null || useradd -r -l -g systemd-oom -d / -s /s %files standalone-sysusers -f .file-list-standalone-sysusers %changelog -* Fri Oct 01 2021 systemd maintenance team - 249-7 -- spec: make sure version string starts with version number (#1921094) - -* Fri Oct 01 2021 systemd maintenance team - 249-6 -- udev/net-setup-link: *really* change the default MACAddressPolicy to "none" (#1921094) -- spec: Use -Dgnu-efi=false instead of -Defi=false (#1972223) - -* Thu Sep 30 2021 systemd maintenance team - 249-5 -- boot: don't build bootctl when -Dgnu-efi=false is set (#1972223) -- rules: add elevator= kernel command line parameter (#1998190) -- sd-device: introduce device_has_devlink() (#1977994) -- udev-node: split out permission handling from udev_node_add() (#1977994) -- udev-node: stack directory must exist when adding device node symlink (#1977994) -- udev-node: save information about device node and priority in symlink (#1977994) -- udev-node: always update timestamp of stack directory (#1977994) -- udev-node: assume no new claim to a symlink if /run/udev/links is not updated (#1977994) -- udev-node: always atomically create symlink to device node (#1977994) -- udev-node: check stack directory change even if devlink is removed (#1977994) -- udev-node: shorten code a bit and update log message (#1977994) -- udev-node: add random delay on conflict in updating device node symlink (#1977994) -- udev-node: drop redundant trial of devlink creation (#1977994) -- udev-node: simplify the example of race (#1977994) -- udev-node: do not ignore unexpected errors on removing symlink in stack directory (#1977994) -- basic/time-util: introduce FORMAT_TIMESPAN (#1977994) -- unit: install the systemd-bless-boot.service only if we have gnu-efi (#1972223) -- units: don't enable tmp.mount statically in local-fs.target (#1959826) -- pid1: bump DefaultTasksMax to 80% of the kernel pid.max value (#1997200) -- udev/net-setup-link: change the default MACAddressPolicy to "none" (#1921094) +* Thu Nov 18 2021 systemd maintenance team - 249-9 +- test: don't install test-network-generator-conversion.sh w/o networkd (#2017035) +- meson.build: change operator combining bools from + to and (#2017035) +- openssl-util: use EVP API to get RSA bits (#2016042) +- procfs-util: fix confusion wrt. quantity limit and maximum value (#2017035) +- test-process-util: also add EROFS to the list of "good" errors (#2017035) +- ci: use C9S chroots in Packit (#2017035) +- test-mountpointutil-util: do not assert in test_mnt_id() (#2017035) +- core/mount: add implicit unit dependencies even if when mount unit is generated from /proc/self/mountinfo (#2019468) +- Drop Patch9001 - https://github.com/systemd/systemd/pull/17050 - Replaced by Patch0046 + +* Tue Oct 12 2021 systemd maintenance team - 249-8 +- Really don't enable systemd-journald-audit.socket (#1973856) +- rules: add elevator= kernel command line parameter (#2003002) +- boot: don't build bootctl when -Dgnu-efi=false is set (#2003130) +- unit: install the systemd-bless-boot.service only if we have gnu-efi (#2003130) +- units: don't enable tmp.mount statically in local-fs.target (#2000927) +- pid1: bump DefaultTasksMax to 80% of the kernel pid.max value (#2003031) +- sd-device: introduce device_has_devlink() (#2005024) +- udev-node: split out permission handling from udev_node_add() (#2005024) +- udev-node: stack directory must exist when adding device node symlink (#2005024) +- udev-node: save information about device node and priority in symlink (#2005024) +- udev-node: always update timestamp of stack directory (#2005024) +- udev-node: assume no new claim to a symlink if /run/udev/links is not updated (#2005024) +- udev-node: always atomically create symlink to device node (#2005024) +- udev-node: check stack directory change even if devlink is removed (#2005024) +- udev-node: shorten code a bit and update log message (#2005024) +- udev-node: add random delay on conflict in updating device node symlink (#2005024) +- udev-node: drop redundant trial of devlink creation (#2005024) +- udev-node: simplify the example of race (#2005024) +- udev-node: do not ignore unexpected errors on removing symlink in stack directory (#2005024) +- basic/time-util: introduce FORMAT_TIMESPAN (#2005024) +- udev/net-setup-link: change the default MACAddressPolicy to "none" (#2009237) +- set core ulimit to 0 like on RHEL-7 (#1998509) * Fri Aug 20 2021 systemd maintenance team - 249-4 - Revert "udev: remove WAIT_FOR key" (#1982666)