From 6000a280a9a704f90670381f7bc135d673fe8c74 Mon Sep 17 00:00:00 2001 From: anolis-bot Date: Thu, 27 Oct 2022 18:16:55 +0800 Subject: [PATCH 1/5] update to systemd-239-58.el8_6.8 Signed-off-by: anolis-bot --- ...n-checks-for-building-valid-unit-nam.patch | 181 ++++++++++++ ...g-unit-names-that-are-based-on-paths.patch | 275 ++++++++++++++++++ ...d-test-for-triggering-mount-rate-lim.patch | 162 +++++++++++ ...ts-add-test-case-for-long-unit-names.patch | 42 +++ ...agate-condition-failed-state-to-trig.patch | 255 ++++++++++++++++ ...eck-unit-start-rate-limiting-earlier.patch | 137 +++++++++ ...ore-Add-trigger-limit-for-path-units.patch | 127 ++++++++ ...tream-while-calling-callbacks-for-it.patch | 9 +- ...arguments-to-the-end-of-main-s-finis.patch | 49 ++++ ...ull-reference-case-in-load_from_path.patch | 34 --- ...-t-pass-null-directive-argument-to-s.patch | 25 -- ...roduce-EXIT_EXCEPTION-mapping-to-255.patch | 52 ---- ...e-PID-1-in-containers-exit-with-non-.patch | 51 ---- ...t-go-into-freeze-when-systemd-crashd.patch | 103 ------- ...ge-the-system-mount-propagation-to-s.patch | 62 ---- ...-definition-of-CGROUP_CONTROLLER_TO_.patch | 26 -- ...only-siblings-that-got-realized-once.patch | 46 --- ...g-item-to-support-setting-the-value-.patch | 120 -------- ...9-systemd-anolis-support-loongarch64.patch | 56 ---- ...x-coredump-when-compiled-under-GCC10.patch | 56 ---- 10011-hwdb-add-Iluvatar-CoreX.patch | 44 --- 10012-seccomp-add-loongarch-support.patch | 79 ----- systemd.spec | 52 ++-- 23 files changed, 1251 insertions(+), 792 deletions(-) create mode 100644 0762-unit-name-tighten-checks-for-building-valid-unit-nam.patch create mode 100644 0763-core-shorten-long-unit-names-that-are-based-on-paths.patch create mode 100644 0764-test-add-extended-test-for-triggering-mount-rate-lim.patch create mode 100644 0765-tests-add-test-case-for-long-unit-names.patch create mode 100644 0766-Revert-core-Propagate-condition-failed-state-to-trig.patch create mode 100644 0767-core-Check-unit-start-rate-limiting-earlier.patch create mode 100644 0768-core-Add-trigger-limit-for-path-units.patch rename 9000-resolved-pin-stream-while-calling-callbacks-for-it.patch => 0769-resolved-pin-stream-while-calling-callbacks-for-it.patch (87%) create mode 100644 0770-core-move-reset_arguments-to-the-end-of-main-s-finis.patch delete mode 100644 10000-core-fix-a-null-reference-case-in-load_from_path.patch delete mode 100644 10001-sysctl-Don-t-pass-null-directive-argument-to-s.patch delete mode 100644 10002-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch delete mode 100644 10003-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch delete mode 100644 10004-Do-not-go-into-freeze-when-systemd-crashd.patch delete mode 100644 10005-mount-setup-change-the-system-mount-propagation-to-s.patch delete mode 100644 10006-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch delete mode 100644 10007-cgroup-update-only-siblings-that-got-realized-once.patch delete mode 100644 10008-core-add-a-config-item-to-support-setting-the-value-.patch delete mode 100644 10009-systemd-anolis-support-loongarch64.patch delete mode 100644 10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch delete mode 100644 10011-hwdb-add-Iluvatar-CoreX.patch delete mode 100644 10012-seccomp-add-loongarch-support.patch diff --git a/0762-unit-name-tighten-checks-for-building-valid-unit-nam.patch b/0762-unit-name-tighten-checks-for-building-valid-unit-nam.patch new file mode 100644 index 0000000..41dfb89 --- /dev/null +++ b/0762-unit-name-tighten-checks-for-building-valid-unit-nam.patch @@ -0,0 +1,181 @@ +From d4caf8718db1d2dddf7f87cbc192cff401ebcf59 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Mon, 25 May 2020 00:34:58 +0200 +Subject: [PATCH] unit-name: tighten checks for building valid unit names + +Let's be more thorough that whenever we build a unit name based on +parameters, that the result is actually a valid user name. If it isn't +fail early. + +This should allows us to catch various issues earlier, in particular +when we synthesize mount units from /proc/self/mountinfo: instead of +actually attempting to allocate a mount unit we will fail much earlier +when we build the name to synthesize the unit under. Failing early is a +good thing generally. + +(cherry picked from commit ab19db01ae1826efb3cbdf6dcb6a14412f8844d4) + +Related: #2094712 +--- + src/basic/unit-name.c | 61 ++++++++++++++++++++++++++++++------------- + 1 file changed, 43 insertions(+), 18 deletions(-) + +diff --git a/src/basic/unit-name.c b/src/basic/unit-name.c +index 614eb8649b..f9b3fafd4d 100644 +--- a/src/basic/unit-name.c ++++ b/src/basic/unit-name.c +@@ -207,8 +207,9 @@ UnitType unit_name_to_type(const char *n) { + } + + int unit_name_change_suffix(const char *n, const char *suffix, char **ret) { +- char *e, *s; ++ _cleanup_free_ char *s = NULL; + size_t a, b; ++ char *e; + + assert(n); + assert(suffix); +@@ -230,8 +231,12 @@ int unit_name_change_suffix(const char *n, const char *suffix, char **ret) { + return -ENOMEM; + + strcpy(mempcpy(s, n, a), suffix); +- *ret = s; + ++ /* Make sure the name is still valid (i.e. didn't grow too large due to longer suffix) */ ++ if (!unit_name_is_valid(s, UNIT_NAME_ANY)) ++ return -EINVAL; ++ ++ *ret = TAKE_PTR(s); + return 0; + } + +@@ -253,8 +258,8 @@ int unit_name_build(const char *prefix, const char *instance, const char *suffix + } + + int unit_name_build_from_type(const char *prefix, const char *instance, UnitType type, char **ret) { ++ _cleanup_free_ char *s = NULL; + const char *ut; +- char *s; + + assert(prefix); + assert(type >= 0); +@@ -264,19 +269,23 @@ int unit_name_build_from_type(const char *prefix, const char *instance, UnitType + if (!unit_prefix_is_valid(prefix)) + return -EINVAL; + +- if (instance && !unit_instance_is_valid(instance)) +- return -EINVAL; +- + ut = unit_type_to_string(type); + +- if (!instance) +- s = strjoin(prefix, ".", ut); +- else ++ if (instance) { ++ if (!unit_instance_is_valid(instance)) ++ return -EINVAL; ++ + s = strjoin(prefix, "@", instance, ".", ut); ++ } else ++ s = strjoin(prefix, ".", ut); + if (!s) + return -ENOMEM; + +- *ret = s; ++ /* Verify that this didn't grow too large (or otherwise is invalid) */ ++ if (!unit_name_is_valid(s, instance ? UNIT_NAME_INSTANCE : UNIT_NAME_PLAIN)) ++ return -EINVAL; ++ ++ *ret = TAKE_PTR(s); + return 0; + } + +@@ -445,8 +454,8 @@ int unit_name_path_unescape(const char *f, char **ret) { + } + + int unit_name_replace_instance(const char *f, const char *i, char **ret) { ++ _cleanup_free_ char *s = NULL; + const char *p, *e; +- char *s; + size_t a, b; + + assert(f); +@@ -470,7 +479,11 @@ int unit_name_replace_instance(const char *f, const char *i, char **ret) { + + strcpy(mempcpy(mempcpy(s, f, a + 1), i, b), e); + +- *ret = s; ++ /* Make sure the resulting name still is valid, i.e. didn't grow too large */ ++ if (!unit_name_is_valid(s, UNIT_NAME_INSTANCE)) ++ return -EINVAL; ++ ++ *ret = TAKE_PTR(s); + return 0; + } + +@@ -501,8 +514,7 @@ int unit_name_template(const char *f, char **ret) { + } + + int unit_name_from_path(const char *path, const char *suffix, char **ret) { +- _cleanup_free_ char *p = NULL; +- char *s = NULL; ++ _cleanup_free_ char *p = NULL, *s = NULL; + int r; + + assert(path); +@@ -520,7 +532,11 @@ int unit_name_from_path(const char *path, const char *suffix, char **ret) { + if (!s) + return -ENOMEM; + +- *ret = s; ++ /* Refuse this if this got too long or for some other reason didn't result in a valid name */ ++ if (!unit_name_is_valid(s, UNIT_NAME_PLAIN)) ++ return -EINVAL; ++ ++ *ret = TAKE_PTR(s); + return 0; + } + +@@ -548,6 +564,10 @@ int unit_name_from_path_instance(const char *prefix, const char *path, const cha + if (!s) + return -ENOMEM; + ++ /* Refuse this if this got too long or for some other reason didn't result in a valid name */ ++ if (!unit_name_is_valid(s, UNIT_NAME_INSTANCE)) ++ return -EINVAL; ++ + *ret = s; + return 0; + } +@@ -601,7 +621,7 @@ static bool do_escape_mangle(const char *f, bool allow_globs, char *t) { + * If @allow_globs, globs characters are preserved. Otherwise, they are escaped. + */ + int unit_name_mangle_with_suffix(const char *name, UnitNameMangle flags, const char *suffix, char **ret) { +- char *s; ++ _cleanup_free_ char *s = NULL; + int r; + bool mangled; + +@@ -656,7 +676,12 @@ int unit_name_mangle_with_suffix(const char *name, UnitNameMangle flags, const c + if ((!(flags & UNIT_NAME_MANGLE_GLOB) || !string_is_glob(s)) && unit_name_to_type(s) < 0) + strcat(s, suffix); + +- *ret = s; ++ /* Make sure mangling didn't grow this too large (but don't do this check if globbing is allowed, ++ * since globs generally do not qualify as valid unit names) */ ++ if (!FLAGS_SET(flags, UNIT_NAME_MANGLE_GLOB) && !unit_name_is_valid(s, UNIT_NAME_ANY)) ++ return -EINVAL; ++ ++ *ret = TAKE_PTR(s); + return 1; + + good: +@@ -664,7 +689,7 @@ good: + if (!s) + return -ENOMEM; + +- *ret = s; ++ *ret = TAKE_PTR(s); + return 0; + } + diff --git a/0763-core-shorten-long-unit-names-that-are-based-on-paths.patch b/0763-core-shorten-long-unit-names-that-are-based-on-paths.patch new file mode 100644 index 0000000..f1ad62f --- /dev/null +++ b/0763-core-shorten-long-unit-names-that-are-based-on-paths.patch @@ -0,0 +1,275 @@ +From b2cfcb1f3801ae007698fce9139b39cefdfd66e1 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Tue, 15 Mar 2022 19:02:05 +0100 +Subject: [PATCH] core: shorten long unit names that are based on paths and + append path hash at the end + +Fixes #18077 + +(cherry picked from commit 1d0727e76fd5e9a07cc9991ec9a10ea1d78a99c7) + +Resolves: #2094712 +--- + src/basic/string-util.h | 23 +++++----- + src/basic/unit-name.c | 88 ++++++++++++++++++++++++++++++++++++++- + src/basic/unit-name.h | 3 ++ + src/core/mount.c | 3 ++ + src/test/test-unit-name.c | 25 ++++++++++- + 5 files changed, 129 insertions(+), 13 deletions(-) + +diff --git a/src/basic/string-util.h b/src/basic/string-util.h +index 742b566932..0d406ff64a 100644 +--- a/src/basic/string-util.h ++++ b/src/basic/string-util.h +@@ -9,17 +9,18 @@ + #include "macro.h" + + /* What is interpreted as whitespace? */ +-#define WHITESPACE " \t\n\r" +-#define NEWLINE "\n\r" +-#define QUOTES "\"\'" +-#define COMMENTS "#;" +-#define GLOB_CHARS "*?[" +-#define DIGITS "0123456789" +-#define LOWERCASE_LETTERS "abcdefghijklmnopqrstuvwxyz" +-#define UPPERCASE_LETTERS "ABCDEFGHIJKLMNOPQRSTUVWXYZ" +-#define LETTERS LOWERCASE_LETTERS UPPERCASE_LETTERS +-#define ALPHANUMERICAL LETTERS DIGITS +-#define HEXDIGITS DIGITS "abcdefABCDEF" ++#define WHITESPACE " \t\n\r" ++#define NEWLINE "\n\r" ++#define QUOTES "\"\'" ++#define COMMENTS "#;" ++#define GLOB_CHARS "*?[" ++#define DIGITS "0123456789" ++#define LOWERCASE_LETTERS "abcdefghijklmnopqrstuvwxyz" ++#define UPPERCASE_LETTERS "ABCDEFGHIJKLMNOPQRSTUVWXYZ" ++#define LETTERS LOWERCASE_LETTERS UPPERCASE_LETTERS ++#define ALPHANUMERICAL LETTERS DIGITS ++#define HEXDIGITS DIGITS "abcdefABCDEF" ++#define LOWERCASE_HEXDIGITS DIGITS "abcdef" + + #define streq(a,b) (strcmp((a),(b)) == 0) + #define strneq(a, b, n) (strncmp((a), (b), (n)) == 0) +diff --git a/src/basic/unit-name.c b/src/basic/unit-name.c +index f9b3fafd4d..65ed979e39 100644 +--- a/src/basic/unit-name.c ++++ b/src/basic/unit-name.c +@@ -6,11 +6,17 @@ + #include + #include + ++#include "sd-id128.h" ++ + #include "alloc-util.h" + #include "glob-util.h" + #include "hexdecoct.h" + #include "path-util.h" ++#include "random-util.h" ++#include "siphash24.h" ++#include "sparse-endian.h" + #include "special.h" ++#include "stdio-util.h" + #include "string-util.h" + #include "strv.h" + #include "unit-name.h" +@@ -31,6 +37,9 @@ + VALID_CHARS_WITH_AT \ + "[]!-*?" + ++#define LONG_UNIT_NAME_HASH_KEY SD_ID128_MAKE(ec,f2,37,fb,58,32,4a,32,84,9f,06,9b,0d,21,eb,9a) ++#define UNIT_NAME_HASH_LENGTH_CHARS 16 ++ + bool unit_name_is_valid(const char *n, UnitNameFlags flags) { + const char *e, *i, *at; + +@@ -513,6 +522,68 @@ int unit_name_template(const char *f, char **ret) { + return 0; + } + ++bool unit_name_is_hashed(const char *name) { ++ char *s; ++ ++ if (!unit_name_is_valid(name, UNIT_NAME_PLAIN)) ++ return false; ++ ++ assert_se(s = strrchr(name, '.')); ++ ++ if (s - name < UNIT_NAME_HASH_LENGTH_CHARS + 1) ++ return false; ++ ++ s -= UNIT_NAME_HASH_LENGTH_CHARS; ++ if (s[-1] != '_') ++ return false; ++ ++ for (size_t i = 0; i < UNIT_NAME_HASH_LENGTH_CHARS; i++) ++ if (!strchr(LOWERCASE_HEXDIGITS, s[i])) ++ return false; ++ ++ return true; ++} ++ ++int unit_name_hash_long(const char *name, char **ret) { ++ _cleanup_free_ char *n = NULL, *hash = NULL; ++ char *suffix; ++ le64_t h; ++ size_t len; ++ ++ if (strlen(name) < UNIT_NAME_MAX) ++ return -EMSGSIZE; ++ ++ suffix = strrchr(name, '.'); ++ if (!suffix) ++ return -EINVAL; ++ ++ if (unit_type_from_string(suffix+1) < 0) ++ return -EINVAL; ++ ++ h = htole64(siphash24(name, strlen(name) + 1, LONG_UNIT_NAME_HASH_KEY.bytes)); ++ ++ hash = hexmem(&h, sizeof(h)); ++ if (!hash) ++ return -ENOMEM; ++ ++ assert_se(strlen(hash) == UNIT_NAME_HASH_LENGTH_CHARS); ++ ++ len = UNIT_NAME_MAX - 1 - strlen(suffix+1) - UNIT_NAME_HASH_LENGTH_CHARS - 2; ++ assert(len > 0 && len < UNIT_NAME_MAX); ++ ++ n = strndup(name, len); ++ if (!n) ++ return -ENOMEM; ++ ++ if (!strextend(&n, "_", hash, suffix, NULL)) ++ return -ENOMEM; ++ assert_se(unit_name_is_valid(n, UNIT_NAME_PLAIN)); ++ ++ *ret = TAKE_PTR(n); ++ ++ return 0; ++} ++ + int unit_name_from_path(const char *path, const char *suffix, char **ret) { + _cleanup_free_ char *p = NULL, *s = NULL; + int r; +@@ -532,7 +603,19 @@ int unit_name_from_path(const char *path, const char *suffix, char **ret) { + if (!s) + return -ENOMEM; + +- /* Refuse this if this got too long or for some other reason didn't result in a valid name */ ++ if (strlen(s) >= UNIT_NAME_MAX) { ++ _cleanup_free_ char *n = NULL; ++ ++ log_debug("Unit name \"%s\" too long, falling back to hashed unit name.", s); ++ ++ r = unit_name_hash_long(s, &n); ++ if (r < 0) ++ return r; ++ ++ free_and_replace(s, n); ++ } ++ ++ /* Refuse if this for some other reason didn't result in a valid name */ + if (!unit_name_is_valid(s, UNIT_NAME_PLAIN)) + return -EINVAL; + +@@ -582,6 +665,9 @@ int unit_name_to_path(const char *name, char **ret) { + if (r < 0) + return r; + ++ if (unit_name_is_hashed(name)) ++ return -ENAMETOOLONG; ++ + return unit_name_path_unescape(prefix, ret); + } + +diff --git a/src/basic/unit-name.h b/src/basic/unit-name.h +index 61abcd585b..602295af8f 100644 +--- a/src/basic/unit-name.h ++++ b/src/basic/unit-name.h +@@ -45,6 +45,9 @@ int unit_name_replace_instance(const char *f, const char *i, char **ret); + + int unit_name_template(const char *f, char **ret); + ++int unit_name_hash_long(const char *name, char **ret); ++bool unit_name_is_hashed(const char *name); ++ + int unit_name_from_path(const char *path, const char *suffix, char **ret); + int unit_name_from_path_instance(const char *prefix, const char *path, const char *suffix, char **ret); + int unit_name_to_path(const char *name, char **ret); +diff --git a/src/core/mount.c b/src/core/mount.c +index d37b5731f8..e69ecb7ce3 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -572,6 +572,9 @@ static int mount_add_extras(Mount *m) { + + if (!m->where) { + r = unit_name_to_path(u->id, &m->where); ++ if (r == -ENAMETOOLONG) ++ log_unit_error_errno(u, r, "Failed to derive mount point path from unit name, because unit name is hashed. " ++ "Set \"Where=\" in the unit file explicitly."); + if (r < 0) + return r; + } +diff --git a/src/test/test-unit-name.c b/src/test/test-unit-name.c +index 2b00ef8cb7..35cfaafd30 100644 +--- a/src/test/test-unit-name.c ++++ b/src/test/test-unit-name.c +@@ -82,6 +82,7 @@ static void test_unit_name_replace_instance(void) { + + static void test_unit_name_from_path_one(const char *path, const char *suffix, const char *expected, int ret) { + _cleanup_free_ char *t = NULL; ++ int r; + + assert_se(unit_name_from_path(path, suffix, &t) == ret); + puts(strna(t)); +@@ -89,12 +90,31 @@ static void test_unit_name_from_path_one(const char *path, const char *suffix, c + + if (t) { + _cleanup_free_ char *k = NULL; +- assert_se(unit_name_to_path(t, &k) == 0); ++ ++ /* We don't support converting hashed unit names back to paths */ ++ r = unit_name_to_path(t, &k); ++ if (r == -ENAMETOOLONG) ++ return; ++ assert(r == 0); ++ + puts(strna(k)); + assert_se(path_equal(k, empty_to_root(path))); + } + } + ++static void test_unit_name_is_hashed(void) { ++ assert_se(!unit_name_is_hashed("")); ++ assert_se(!unit_name_is_hashed("foo@bar.service")); ++ assert_se(!unit_name_is_hashed("foo@.service")); ++ assert_se(unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736d9ed33c2ec55.mount")); ++ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736D9ED33C2EC55.mount")); ++ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!7736d9ed33c2ec55.mount")); ++ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736d9gd33c2ec55.mount")); ++ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_.mount")); ++ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_2103e1466b87f7f7@waldo.mount")); ++ assert_se(!unit_name_is_hashed("waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_2103e1466b87f7f7@.mount")); ++} ++ + static void test_unit_name_from_path(void) { + puts("-------------------------------------------------"); + test_unit_name_from_path_one("/waldo", ".mount", "waldo.mount", 0); +@@ -105,6 +125,8 @@ static void test_unit_name_from_path(void) { + test_unit_name_from_path_one("///", ".mount", "-.mount", 0); + test_unit_name_from_path_one("/foo/../bar", ".mount", NULL, -EINVAL); + test_unit_name_from_path_one("/foo/./bar", ".mount", NULL, -EINVAL); ++ test_unit_name_from_path_one("/waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", ".mount", ++ "waldoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa_7736d9ed33c2ec55.mount", 0); + } + + static void test_unit_name_from_path_instance_one(const char *pattern, const char *path, const char *suffix, const char *expected, int ret) { +@@ -824,6 +846,7 @@ int main(int argc, char* argv[]) { + + test_unit_name_is_valid(); + test_unit_name_replace_instance(); ++ test_unit_name_is_hashed(); + test_unit_name_from_path(); + test_unit_name_from_path_instance(); + test_unit_name_mangle(); diff --git a/0764-test-add-extended-test-for-triggering-mount-rate-lim.patch b/0764-test-add-extended-test-for-triggering-mount-rate-lim.patch new file mode 100644 index 0000000..684e346 --- /dev/null +++ b/0764-test-add-extended-test-for-triggering-mount-rate-lim.patch @@ -0,0 +1,162 @@ +From 294efa52d47be083704da51b148c685d347be4ac Mon Sep 17 00:00:00 2001 +From: Anita Zhang +Date: Tue, 8 Jun 2021 00:04:35 -0700 +Subject: [PATCH] test: add extended test for triggering mount rate limit + +It's hard to trigger the failure to exit the rate limit state in +isolation as it needs multiple event sources in order to show that it +gets stuck in the queue. Hence why this is an extended test. + +(cherry picked from commit 0c81900965a72b29eb76e0737ed899b925ee75b6) + +Related: #2094712 +--- + test/TEST-60-MOUNT-RATELIMIT/Makefile | 1 + + test/TEST-60-MOUNT-RATELIMIT/test.sh | 48 +++++++++++++++ + test/TEST-60-MOUNT-RATELIMIT/testsuite.sh | 73 +++++++++++++++++++++++ + 3 files changed, 122 insertions(+) + create mode 120000 test/TEST-60-MOUNT-RATELIMIT/Makefile + create mode 100755 test/TEST-60-MOUNT-RATELIMIT/test.sh + create mode 100755 test/TEST-60-MOUNT-RATELIMIT/testsuite.sh + +diff --git a/test/TEST-60-MOUNT-RATELIMIT/Makefile b/test/TEST-60-MOUNT-RATELIMIT/Makefile +new file mode 120000 +index 0000000000..e9f93b1104 +--- /dev/null ++++ b/test/TEST-60-MOUNT-RATELIMIT/Makefile +@@ -0,0 +1 @@ ++../TEST-01-BASIC/Makefile +\ No newline at end of file +diff --git a/test/TEST-60-MOUNT-RATELIMIT/test.sh b/test/TEST-60-MOUNT-RATELIMIT/test.sh +new file mode 100755 +index 0000000000..e3c9288546 +--- /dev/null ++++ b/test/TEST-60-MOUNT-RATELIMIT/test.sh +@@ -0,0 +1,48 @@ ++#!/usr/bin/env bash ++set -e ++TEST_DESCRIPTION="Test that mount/unmount storms can enter/exit rate limit state and will not leak units" ++ ++. $TEST_BASE_DIR/test-functions ++ ++test_setup() { ++ create_empty_image ++ mkdir -p $TESTDIR/root ++ mount ${LOOPDEV}p1 $TESTDIR/root ++ ++ ( ++ LOG_LEVEL=5 ++ eval $(udevadm info --export --query=env --name=${LOOPDEV}p2) ++ ++ setup_basic_environment ++ ++ # mask some services that we do not want to run in these tests ++ ln -fs /dev/null $initdir/etc/systemd/system/systemd-hwdb-update.service ++ ln -fs /dev/null $initdir/etc/systemd/system/systemd-journal-catalog-update.service ++ ln -fs /dev/null $initdir/etc/systemd/system/systemd-networkd.service ++ ln -fs /dev/null $initdir/etc/systemd/system/systemd-networkd.socket ++ ln -fs /dev/null $initdir/etc/systemd/system/systemd-resolved.service ++ ln -fs /dev/null $initdir/etc/systemd/system/systemd-machined.service ++ ++ # setup the testsuite service ++ cat >$initdir/etc/systemd/system/testsuite.service </testok ++ ++exit 0 diff --git a/0765-tests-add-test-case-for-long-unit-names.patch b/0765-tests-add-test-case-for-long-unit-names.patch new file mode 100644 index 0000000..a6c458a --- /dev/null +++ b/0765-tests-add-test-case-for-long-unit-names.patch @@ -0,0 +1,42 @@ +From 7363f240c0bb9032c0c615934d5fe4d1eaa56077 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Wed, 23 Mar 2022 13:35:44 +0100 +Subject: [PATCH] tests: add test case for long unit names + +(cherry picked from commit 2ef0101e0b2813e8c99fc8f137dbaa763ca16057) + +Related: #2094712 +--- + test/TEST-60-MOUNT-RATELIMIT/testsuite.sh | 19 +++++++++++++++++++ + 1 file changed, 19 insertions(+) + +diff --git a/test/TEST-60-MOUNT-RATELIMIT/testsuite.sh b/test/TEST-60-MOUNT-RATELIMIT/testsuite.sh +index 8158754667..6211050faf 100755 +--- a/test/TEST-60-MOUNT-RATELIMIT/testsuite.sh ++++ b/test/TEST-60-MOUNT-RATELIMIT/testsuite.sh +@@ -7,6 +7,25 @@ systemd-analyze log-target journal + + NUM_DIRS=20 + ++# make sure we can handle mounts at very long paths such that mount unit name must be hashed to fall within our unit name limit ++LONGPATH="$(printf "/$(printf "x%0.s" {1..255})%0.s" {1..7})" ++LONGMNT="$(systemd-escape --suffix=mount --path "$LONGPATH")" ++TS="$(date '+%H:%M:%S')" ++ ++mkdir -p "$LONGPATH" ++mount -t tmpfs tmpfs "$LONGPATH" ++systemctl daemon-reload ++ ++# check that unit is active(mounted) ++systemctl --no-pager show -p SubState --value "$LONGPATH" | grep -q mounted ++ ++# check that relevant part of journal doesn't contain any errors related to unit ++[ "$(journalctl -b --since="$TS" --priority=err | grep -c "$LONGMNT")" = "0" ] ++ ++# check that we can successfully stop the mount unit ++systemctl stop "$LONGPATH" ++rm -rf "$LONGPATH" ++ + # mount/unmount enough times to trigger the /proc/self/mountinfo parsing rate limiting + + for ((i = 0; i < NUM_DIRS; i++)); do diff --git a/0766-Revert-core-Propagate-condition-failed-state-to-trig.patch b/0766-Revert-core-Propagate-condition-failed-state-to-trig.patch new file mode 100644 index 0000000..40b8971 --- /dev/null +++ b/0766-Revert-core-Propagate-condition-failed-state-to-trig.patch @@ -0,0 +1,255 @@ +From eef171ea21cf4b77f62269aabfd8bf0fdd92b7bf Mon Sep 17 00:00:00 2001 +From: Daan De Meyer +Date: Fri, 17 Dec 2021 19:39:29 +0100 +Subject: [PATCH] Revert "core: Propagate condition failed state to triggering + units." + +This reverts commit 12ab94a1e4961a39c32efb60b71866ab588d3ea2. + +(cherry picked from commit 40f41f34d4af15d0147b5b2525f0b87ff62eae9a) + +Related: #2123801 +--- + src/core/automount.c | 14 ++++---------- + src/core/automount.h | 1 - + src/core/path.c | 16 +++++----------- + src/core/path.h | 1 - + src/core/socket.c | 28 +++++++++------------------- + src/core/socket.h | 1 - + src/core/timer.c | 12 +++--------- + src/core/timer.h | 1 - + src/core/unit.c | 10 ---------- + src/core/unit.h | 2 -- + 10 files changed, 21 insertions(+), 65 deletions(-) + +diff --git a/src/core/automount.c b/src/core/automount.c +index bac3b2fab7..c1c513d4a5 100644 +--- a/src/core/automount.c ++++ b/src/core/automount.c +@@ -776,11 +776,6 @@ static void automount_enter_running(Automount *a) { + goto fail; + } + +- if (unit_has_failed_condition_or_assert(trigger)) { +- automount_enter_dead(a, AUTOMOUNT_FAILURE_MOUNT_CONDITION_FAILED); +- return; +- } +- + r = manager_add_job(UNIT(a)->manager, JOB_START, trigger, JOB_REPLACE, NULL, &error, NULL); + if (r < 0) { + log_unit_warning(UNIT(a), "Failed to queue mount startup job: %s", bus_error_message(&error, r)); +@@ -1092,11 +1087,10 @@ static int automount_can_start(Unit *u) { + } + + static const char* const automount_result_table[_AUTOMOUNT_RESULT_MAX] = { +- [AUTOMOUNT_SUCCESS] = "success", +- [AUTOMOUNT_FAILURE_RESOURCES] = "resources", +- [AUTOMOUNT_FAILURE_START_LIMIT_HIT] = "start-limit-hit", +- [AUTOMOUNT_FAILURE_MOUNT_START_LIMIT_HIT] = "mount-start-limit-hit", +- [AUTOMOUNT_FAILURE_MOUNT_CONDITION_FAILED] = "mount-condition-failed", ++ [AUTOMOUNT_SUCCESS] = "success", ++ [AUTOMOUNT_FAILURE_RESOURCES] = "resources", ++ [AUTOMOUNT_FAILURE_START_LIMIT_HIT] = "start-limit-hit", ++ [AUTOMOUNT_FAILURE_MOUNT_START_LIMIT_HIT] = "mount-start-limit-hit", + }; + + DEFINE_STRING_TABLE_LOOKUP(automount_result, AutomountResult); +diff --git a/src/core/automount.h b/src/core/automount.h +index a7417d195c..21dd1c0774 100644 +--- a/src/core/automount.h ++++ b/src/core/automount.h +@@ -10,7 +10,6 @@ typedef enum AutomountResult { + AUTOMOUNT_FAILURE_RESOURCES, + AUTOMOUNT_FAILURE_START_LIMIT_HIT, + AUTOMOUNT_FAILURE_MOUNT_START_LIMIT_HIT, +- AUTOMOUNT_FAILURE_MOUNT_CONDITION_FAILED, + _AUTOMOUNT_RESULT_MAX, + _AUTOMOUNT_RESULT_INVALID = -1 + } AutomountResult; +diff --git a/src/core/path.c b/src/core/path.c +index bf7e1bf3c2..c2facf0b16 100644 +--- a/src/core/path.c ++++ b/src/core/path.c +@@ -453,7 +453,7 @@ static void path_enter_dead(Path *p, PathResult f) { + else + unit_log_failure(UNIT(p), path_result_to_string(p->result)); + +- path_set_state(p, p->result == PATH_SUCCESS ? PATH_DEAD : PATH_FAILED); ++ path_set_state(p, p->result != PATH_SUCCESS ? PATH_FAILED : PATH_DEAD); + } + + static void path_enter_running(Path *p) { +@@ -711,11 +711,6 @@ static void path_trigger_notify(Unit *u, Unit *other) { + return; + } + +- if (unit_has_failed_condition_or_assert(other)) { +- path_enter_dead(p, PATH_FAILURE_UNIT_CONDITION_FAILED); +- return; +- } +- + /* Don't propagate anything if there's still a job queued */ + if (other->job) + return; +@@ -768,11 +763,10 @@ static const char* const path_type_table[_PATH_TYPE_MAX] = { + DEFINE_STRING_TABLE_LOOKUP(path_type, PathType); + + static const char* const path_result_table[_PATH_RESULT_MAX] = { +- [PATH_SUCCESS] = "success", +- [PATH_FAILURE_RESOURCES] = "resources", +- [PATH_FAILURE_START_LIMIT_HIT] = "start-limit-hit", +- [PATH_FAILURE_UNIT_START_LIMIT_HIT] = "unit-start-limit-hit", +- [PATH_FAILURE_UNIT_CONDITION_FAILED] = "unit-condition-failed", ++ [PATH_SUCCESS] = "success", ++ [PATH_FAILURE_RESOURCES] = "resources", ++ [PATH_FAILURE_START_LIMIT_HIT] = "start-limit-hit", ++ [PATH_FAILURE_UNIT_START_LIMIT_HIT] = "unit-start-limit-hit", + }; + + DEFINE_STRING_TABLE_LOOKUP(path_result, PathResult); +diff --git a/src/core/path.h b/src/core/path.h +index 0ad6bd12c6..8a69f06c13 100644 +--- a/src/core/path.h ++++ b/src/core/path.h +@@ -46,7 +46,6 @@ typedef enum PathResult { + PATH_FAILURE_RESOURCES, + PATH_FAILURE_START_LIMIT_HIT, + PATH_FAILURE_UNIT_START_LIMIT_HIT, +- PATH_FAILURE_UNIT_CONDITION_FAILED, + _PATH_RESULT_MAX, + _PATH_RESULT_INVALID = -1 + } PathResult; +diff --git a/src/core/socket.c b/src/core/socket.c +index 6f9a0f7575..74c1cc70cb 100644 +--- a/src/core/socket.c ++++ b/src/core/socket.c +@@ -2272,15 +2272,6 @@ static void socket_enter_running(Socket *s, int cfd) { + goto refuse; + } + +- if (UNIT_ISSET(s->service) && cfd < 0) { +- Unit *service = UNIT_DEREF(s->service); +- +- if (unit_has_failed_condition_or_assert(service)) { +- socket_enter_dead(s, SOCKET_FAILURE_SERVICE_CONDITION_FAILED); +- return; +- } +- } +- + if (cfd < 0) { + bool pending = false; + Unit *other; +@@ -3296,16 +3287,15 @@ static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = { + DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand); + + static const char* const socket_result_table[_SOCKET_RESULT_MAX] = { +- [SOCKET_SUCCESS] = "success", +- [SOCKET_FAILURE_RESOURCES] = "resources", +- [SOCKET_FAILURE_TIMEOUT] = "timeout", +- [SOCKET_FAILURE_EXIT_CODE] = "exit-code", +- [SOCKET_FAILURE_SIGNAL] = "signal", +- [SOCKET_FAILURE_CORE_DUMP] = "core-dump", +- [SOCKET_FAILURE_START_LIMIT_HIT] = "start-limit-hit", +- [SOCKET_FAILURE_TRIGGER_LIMIT_HIT] = "trigger-limit-hit", +- [SOCKET_FAILURE_SERVICE_START_LIMIT_HIT] = "service-start-limit-hit", +- [SOCKET_FAILURE_SERVICE_CONDITION_FAILED] = "service-condition-failed", ++ [SOCKET_SUCCESS] = "success", ++ [SOCKET_FAILURE_RESOURCES] = "resources", ++ [SOCKET_FAILURE_TIMEOUT] = "timeout", ++ [SOCKET_FAILURE_EXIT_CODE] = "exit-code", ++ [SOCKET_FAILURE_SIGNAL] = "signal", ++ [SOCKET_FAILURE_CORE_DUMP] = "core-dump", ++ [SOCKET_FAILURE_START_LIMIT_HIT] = "start-limit-hit", ++ [SOCKET_FAILURE_TRIGGER_LIMIT_HIT] = "trigger-limit-hit", ++ [SOCKET_FAILURE_SERVICE_START_LIMIT_HIT] = "service-start-limit-hit" + }; + + DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult); +diff --git a/src/core/socket.h b/src/core/socket.h +index b171b94316..2409dbf2a0 100644 +--- a/src/core/socket.h ++++ b/src/core/socket.h +@@ -39,7 +39,6 @@ typedef enum SocketResult { + SOCKET_FAILURE_START_LIMIT_HIT, + SOCKET_FAILURE_TRIGGER_LIMIT_HIT, + SOCKET_FAILURE_SERVICE_START_LIMIT_HIT, +- SOCKET_FAILURE_SERVICE_CONDITION_FAILED, + _SOCKET_RESULT_MAX, + _SOCKET_RESULT_INVALID = -1 + } SocketResult; +diff --git a/src/core/timer.c b/src/core/timer.c +index 3c8d89771d..990f05fee4 100644 +--- a/src/core/timer.c ++++ b/src/core/timer.c +@@ -567,11 +567,6 @@ static void timer_enter_running(Timer *t) { + return; + } + +- if (unit_has_failed_condition_or_assert(trigger)) { +- timer_enter_dead(t, TIMER_FAILURE_UNIT_CONDITION_FAILED); +- return; +- } +- + r = manager_add_job(UNIT(t)->manager, JOB_START, trigger, JOB_REPLACE, NULL, &error, NULL); + if (r < 0) + goto fail; +@@ -855,10 +850,9 @@ static const char* const timer_base_table[_TIMER_BASE_MAX] = { + DEFINE_STRING_TABLE_LOOKUP(timer_base, TimerBase); + + static const char* const timer_result_table[_TIMER_RESULT_MAX] = { +- [TIMER_SUCCESS] = "success", +- [TIMER_FAILURE_RESOURCES] = "resources", +- [TIMER_FAILURE_START_LIMIT_HIT] = "start-limit-hit", +- [TIMER_FAILURE_UNIT_CONDITION_FAILED] = "unit-condition-failed", ++ [TIMER_SUCCESS] = "success", ++ [TIMER_FAILURE_RESOURCES] = "resources", ++ [TIMER_FAILURE_START_LIMIT_HIT] = "start-limit-hit", + }; + + DEFINE_STRING_TABLE_LOOKUP(timer_result, TimerResult); +diff --git a/src/core/timer.h b/src/core/timer.h +index d23e19d622..833aadb0b8 100644 +--- a/src/core/timer.h ++++ b/src/core/timer.h +@@ -32,7 +32,6 @@ typedef enum TimerResult { + TIMER_SUCCESS, + TIMER_FAILURE_RESOURCES, + TIMER_FAILURE_START_LIMIT_HIT, +- TIMER_FAILURE_UNIT_CONDITION_FAILED, + _TIMER_RESULT_MAX, + _TIMER_RESULT_INVALID = -1 + } TimerResult; +diff --git a/src/core/unit.c b/src/core/unit.c +index 0810bf5a58..dfe0c243ef 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -5661,16 +5661,6 @@ int unit_thaw_vtable_common(Unit *u) { + return unit_cgroup_freezer_action(u, FREEZER_THAW); + } + +-bool unit_has_failed_condition_or_assert(Unit *u) { +- if (dual_timestamp_is_set(&u->condition_timestamp) && !u->condition_result) +- return true; +- +- if (dual_timestamp_is_set(&u->assert_timestamp) && !u->assert_result) +- return true; +- +- return false; +-} +- + static const char* const collect_mode_table[_COLLECT_MODE_MAX] = { + [COLLECT_INACTIVE] = "inactive", + [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed", +diff --git a/src/core/unit.h b/src/core/unit.h +index a924bd2e83..b8b914711f 100644 +--- a/src/core/unit.h ++++ b/src/core/unit.h +@@ -847,8 +847,6 @@ void unit_thawed(Unit *u); + int unit_freeze_vtable_common(Unit *u); + int unit_thaw_vtable_common(Unit *u); + +-bool unit_has_failed_condition_or_assert(Unit *u); +- + /* Macros which append UNIT= or USER_UNIT= to the message */ + + #define log_unit_full(unit, level, error, ...) \ diff --git a/0767-core-Check-unit-start-rate-limiting-earlier.patch b/0767-core-Check-unit-start-rate-limiting-earlier.patch new file mode 100644 index 0000000..b575710 --- /dev/null +++ b/0767-core-Check-unit-start-rate-limiting-earlier.patch @@ -0,0 +1,137 @@ +From 6ec2c387cd4fe081e6a5561b5c7e66ec0555c353 Mon Sep 17 00:00:00 2001 +From: Daan De Meyer +Date: Tue, 24 Aug 2021 16:46:47 +0100 +Subject: [PATCH] core: Check unit start rate limiting earlier + +[dtardon: This adds the test that's been left out by commit +471eda89a25a3ceac91a2d05e39a54aae78038ed] + +(cherry picked from commit 9727f2427ff6b2e1f4ab927cc57ad8e888f04e95) + +Related: #2123801 +--- + test/TEST-10-ISSUE-2467/test.sh | 3 ++ + test/TEST-63-ISSUE-17433/Makefile | 1 + + test/TEST-63-ISSUE-17433/test.sh | 42 ++++++++++++++++++++++ + test/TEST-63-ISSUE-17433/test63.path | 2 ++ + test/TEST-63-ISSUE-17433/test63.service | 5 +++ + test/TEST-63-ISSUE-17433/testsuite.service | 17 +++++++++ + 6 files changed, 70 insertions(+) + create mode 120000 test/TEST-63-ISSUE-17433/Makefile + create mode 100755 test/TEST-63-ISSUE-17433/test.sh + create mode 100644 test/TEST-63-ISSUE-17433/test63.path + create mode 100644 test/TEST-63-ISSUE-17433/test63.service + create mode 100644 test/TEST-63-ISSUE-17433/testsuite.service + +diff --git a/test/TEST-10-ISSUE-2467/test.sh b/test/TEST-10-ISSUE-2467/test.sh +index 0e61236686..a839ef79de 100755 +--- a/test/TEST-10-ISSUE-2467/test.sh ++++ b/test/TEST-10-ISSUE-2467/test.sh +@@ -42,6 +42,9 @@ EOF + [Unit] + Requires=test.socket + ConditionPathExistsGlob=/tmp/nonexistent ++# Make sure we hit the socket trigger limit in the test and not the service start limit. ++StartLimitInterval=1000 ++StartLimitBurst=1000 + + [Service] + ExecStart=/bin/true +diff --git a/test/TEST-63-ISSUE-17433/Makefile b/test/TEST-63-ISSUE-17433/Makefile +new file mode 120000 +index 0000000000..e9f93b1104 +--- /dev/null ++++ b/test/TEST-63-ISSUE-17433/Makefile +@@ -0,0 +1 @@ ++../TEST-01-BASIC/Makefile +\ No newline at end of file +diff --git a/test/TEST-63-ISSUE-17433/test.sh b/test/TEST-63-ISSUE-17433/test.sh +new file mode 100755 +index 0000000000..406a1e214c +--- /dev/null ++++ b/test/TEST-63-ISSUE-17433/test.sh +@@ -0,0 +1,42 @@ ++#!/usr/bin/env bash ++set -e ++ ++TEST_DESCRIPTION="https://github.com/systemd/systemd/issues/17433" ++ ++# shellcheck source=test/test-functions ++. "${TEST_BASE_DIR:?}/test-functions" ++ ++test_setup() { ++ create_empty_image ++ mkdir -p $TESTDIR/root ++ mount ${LOOPDEV}p1 $TESTDIR/root ++ ++ # Create what will eventually be our root filesystem onto an overlay ++ ( ++ LOG_LEVEL=5 ++ eval $(udevadm info --export --query=env --name=${LOOPDEV}p2) ++ ++ setup_basic_environment ++ ++ # setup the testsuite service ++ cp testsuite.service $initdir/etc/systemd/system/testsuite.service ++ ++ cp test63.path $initdir/etc/systemd/system/test63.path ++ cp test63.service $initdir/etc/systemd/system/test63.service ++ ++ setup_testsuite ++ ) || return 1 ++ setup_nspawn_root ++ ++ # mask some services that we do not want to run in these tests ++ ln -s /dev/null $initdir/etc/systemd/system/systemd-hwdb-update.service ++ ln -s /dev/null $initdir/etc/systemd/system/systemd-journal-catalog-update.service ++ ln -s /dev/null $initdir/etc/systemd/system/systemd-networkd.service ++ ln -s /dev/null $initdir/etc/systemd/system/systemd-networkd.socket ++ ln -s /dev/null $initdir/etc/systemd/system/systemd-resolved.service ++ ++ ddebug "umount $TESTDIR/root" ++ umount $TESTDIR/root ++} ++ ++do_test "$@" +diff --git a/test/TEST-63-ISSUE-17433/test63.path b/test/TEST-63-ISSUE-17433/test63.path +new file mode 100644 +index 0000000000..a6573bda0a +--- /dev/null ++++ b/test/TEST-63-ISSUE-17433/test63.path +@@ -0,0 +1,2 @@ ++[Path] ++PathExists=/tmp/test63 +diff --git a/test/TEST-63-ISSUE-17433/test63.service b/test/TEST-63-ISSUE-17433/test63.service +new file mode 100644 +index 0000000000..c83801874d +--- /dev/null ++++ b/test/TEST-63-ISSUE-17433/test63.service +@@ -0,0 +1,5 @@ ++[Unit] ++ConditionPathExists=!/tmp/nonexistent ++ ++[Service] ++ExecStart=true +diff --git a/test/TEST-63-ISSUE-17433/testsuite.service b/test/TEST-63-ISSUE-17433/testsuite.service +new file mode 100644 +index 0000000000..d3ca5b002b +--- /dev/null ++++ b/test/TEST-63-ISSUE-17433/testsuite.service +@@ -0,0 +1,17 @@ ++[Unit] ++Description=TEST-63-ISSUE-17433 ++ ++[Service] ++ExecStartPre=rm -f /failed /testok ++Type=oneshot ++ExecStart=rm -f /tmp/nonexistent ++ExecStart=systemctl start test63.path ++ExecStart=touch /tmp/test63 ++# Make sure systemd has sufficient time to hit the start limit for test63.service. ++ExecStart=sleep 2 ++ExecStart=sh -x -c 'test "$(systemctl show test63.service --value -p ActiveState)" = failed' ++ExecStart=sh -x -c 'test "$(systemctl show test63.service --value -p Result)" = start-limit-hit' ++# FIXME: The path remains active, which it should not ++# ExecStart=sh -x -c 'test "$(systemctl show test63.path --value -p ActiveState)" = failed' ++# ExecStart=sh -x -c 'test "$(systemctl show test63.path --value -p Result)" = unit-start-limit-hit' ++ExecStart=sh -x -c 'echo OK >/testok' diff --git a/0768-core-Add-trigger-limit-for-path-units.patch b/0768-core-Add-trigger-limit-for-path-units.patch new file mode 100644 index 0000000..7307dfe --- /dev/null +++ b/0768-core-Add-trigger-limit-for-path-units.patch @@ -0,0 +1,127 @@ +From d61bd956e599dd747490d36ff793b63fb6a9fedc Mon Sep 17 00:00:00 2001 +From: Daan De Meyer +Date: Fri, 17 Dec 2021 20:01:31 +0100 +Subject: [PATCH] core: Add trigger limit for path units + +When conditions fail on a service unit, a path unit can cause +PID 1 to busy loop as it keeps trying to activate the service unit. +To avoid this from happening, add a trigger limit to the path unit, +identical to the trigger limit we have for socket units. + +Initially, let's start with a high limit and not make it configurable. +If needed, we can add properties to configure the rate limit similar +to the ones we have for socket units. + +(cherry picked from commit aaae822b37aa3ca39aebb516fdc6bef36d730c25) + +Resolves: #2123801 +--- + src/core/path.c | 10 ++++++++++ + src/core/path.h | 3 +++ + test/TEST-63-ISSUE-17433/test63.service | 2 +- + test/TEST-63-ISSUE-17433/testsuite.service | 21 +++++++++++++++++---- + 4 files changed, 31 insertions(+), 5 deletions(-) + +diff --git a/src/core/path.c b/src/core/path.c +index c2facf0b16..b899bde0de 100644 +--- a/src/core/path.c ++++ b/src/core/path.c +@@ -238,6 +238,9 @@ static void path_init(Unit *u) { + assert(u->load_state == UNIT_STUB); + + p->directory_mode = 0755; ++ ++ p->trigger_limit.interval = 2 * USEC_PER_SEC; ++ p->trigger_limit.burst = 200; + } + + void path_free_specs(Path *p) { +@@ -467,6 +470,12 @@ static void path_enter_running(Path *p) { + if (unit_stop_pending(UNIT(p))) + return; + ++ if (!ratelimit_below(&p->trigger_limit)) { ++ log_unit_warning(UNIT(p), "Trigger limit hit, refusing further activation."); ++ path_enter_dead(p, PATH_FAILURE_TRIGGER_LIMIT_HIT); ++ return; ++ } ++ + trigger = UNIT_TRIGGER(UNIT(p)); + if (!trigger) { + log_unit_error(UNIT(p), "Unit to trigger vanished."); +@@ -767,6 +776,7 @@ static const char* const path_result_table[_PATH_RESULT_MAX] = { + [PATH_FAILURE_RESOURCES] = "resources", + [PATH_FAILURE_START_LIMIT_HIT] = "start-limit-hit", + [PATH_FAILURE_UNIT_START_LIMIT_HIT] = "unit-start-limit-hit", ++ [PATH_FAILURE_TRIGGER_LIMIT_HIT] = "trigger-limit-hit", + }; + + DEFINE_STRING_TABLE_LOOKUP(path_result, PathResult); +diff --git a/src/core/path.h b/src/core/path.h +index 8a69f06c13..12fd13fbe3 100644 +--- a/src/core/path.h ++++ b/src/core/path.h +@@ -46,6 +46,7 @@ typedef enum PathResult { + PATH_FAILURE_RESOURCES, + PATH_FAILURE_START_LIMIT_HIT, + PATH_FAILURE_UNIT_START_LIMIT_HIT, ++ PATH_FAILURE_TRIGGER_LIMIT_HIT, + _PATH_RESULT_MAX, + _PATH_RESULT_INVALID = -1 + } PathResult; +@@ -63,6 +64,8 @@ struct Path { + mode_t directory_mode; + + PathResult result; ++ ++ RateLimit trigger_limit; + }; + + void path_free_specs(Path *p); +diff --git a/test/TEST-63-ISSUE-17433/test63.service b/test/TEST-63-ISSUE-17433/test63.service +index c83801874d..6292434c5c 100644 +--- a/test/TEST-63-ISSUE-17433/test63.service ++++ b/test/TEST-63-ISSUE-17433/test63.service +@@ -1,5 +1,5 @@ + [Unit] +-ConditionPathExists=!/tmp/nonexistent ++ConditionPathExists=/tmp/nonexistent + + [Service] + ExecStart=true +diff --git a/test/TEST-63-ISSUE-17433/testsuite.service b/test/TEST-63-ISSUE-17433/testsuite.service +index d3ca5b002b..39f9643890 100644 +--- a/test/TEST-63-ISSUE-17433/testsuite.service ++++ b/test/TEST-63-ISSUE-17433/testsuite.service +@@ -4,14 +4,27 @@ Description=TEST-63-ISSUE-17433 + [Service] + ExecStartPre=rm -f /failed /testok + Type=oneshot ++ ++# Test that a path unit continuously triggering a service that fails condition checks eventually fails with ++# the trigger-limit-hit error. + ExecStart=rm -f /tmp/nonexistent + ExecStart=systemctl start test63.path + ExecStart=touch /tmp/test63 +-# Make sure systemd has sufficient time to hit the start limit for test63.service. ++# Make sure systemd has sufficient time to hit the trigger limit for test63.path. + ExecStart=sleep 2 +-ExecStart=sh -x -c 'test "$(systemctl show test63.service --value -p ActiveState)" = failed' +-ExecStart=sh -x -c 'test "$(systemctl show test63.service --value -p Result)" = start-limit-hit' ++ExecStart=sh -x -c 'test "$(systemctl show test63.service --value -p ActiveState)" = inactive' ++ExecStart=sh -x -c 'test "$(systemctl show test63.service --value -p Result)" = success' + # FIXME: The path remains active, which it should not + # ExecStart=sh -x -c 'test "$(systemctl show test63.path --value -p ActiveState)" = failed' +-# ExecStart=sh -x -c 'test "$(systemctl show test63.path --value -p Result)" = unit-start-limit-hit' ++# ExecStart=sh -x -c 'test "$(systemctl show test63.path --value -p Result)" = trigger-limit-hit' ++ ++# Test that starting the service manually doesn't affect the path unit. ++ExecStart=rm -f /tmp/test63 ++ExecStart=systemctl reset-failed ++ExecStart=systemctl start test63.path ++ExecStart=systemctl start test63.service ++ExecStart=sh -x -c 'test "$(systemctl show test63.service --value -p ActiveState)" = inactive' ++ExecStart=sh -x -c 'test "$(systemctl show test63.service --value -p Result)" = success' ++ExecStart=sh -x -c 'test "$(systemctl show test63.path --value -p ActiveState)" = active' ++ExecStart=sh -x -c 'test "$(systemctl show test63.path --value -p Result)" = success' + ExecStart=sh -x -c 'echo OK >/testok' diff --git a/9000-resolved-pin-stream-while-calling-callbacks-for-it.patch b/0769-resolved-pin-stream-while-calling-callbacks-for-it.patch similarity index 87% rename from 9000-resolved-pin-stream-while-calling-callbacks-for-it.patch rename to 0769-resolved-pin-stream-while-calling-callbacks-for-it.patch index 9b82d08..9bf0eb6 100644 --- a/9000-resolved-pin-stream-while-calling-callbacks-for-it.patch +++ b/0769-resolved-pin-stream-while-calling-callbacks-for-it.patch @@ -1,4 +1,4 @@ -From a4f08c798cabd5c43f2578a9e2b048fa1ad4a52c Mon Sep 17 00:00:00 2001 +From b92fae31236301ba1fcca604c68bb4e908318c49 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 4 Dec 2018 22:13:39 +0100 Subject: [PATCH] resolved: pin stream while calling callbacks for it @@ -16,7 +16,7 @@ Resolves: #2110548 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/resolve/resolved-dns-stream.c b/src/resolve/resolved-dns-stream.c -index 066daef96e..2d0162483a 100644 +index 555e200a23..ca0313d1d7 100644 --- a/src/resolve/resolved-dns-stream.c +++ b/src/resolve/resolved-dns-stream.c @@ -42,6 +42,8 @@ static int dns_stream_update_io(DnsStream *s) { @@ -28,7 +28,7 @@ index 066daef96e..2d0162483a 100644 assert(s); #if ENABLE_DNS_OVER_TLS -@@ -315,7 +317,7 @@ static int on_stream_timeout(sd_event_source *es, usec_t usec, void *userdata) { +@@ -316,7 +318,7 @@ static int on_stream_timeout(sd_event_source *es, usec_t usec, void *userdata) { } static int on_stream_io(sd_event_source *es, int fd, uint32_t revents, void *userdata) { @@ -37,6 +37,3 @@ index 066daef96e..2d0162483a 100644 int r; assert(s); --- -2.37.1 - diff --git a/0770-core-move-reset_arguments-to-the-end-of-main-s-finis.patch b/0770-core-move-reset_arguments-to-the-end-of-main-s-finis.patch new file mode 100644 index 0000000..e61aa01 --- /dev/null +++ b/0770-core-move-reset_arguments-to-the-end-of-main-s-finis.patch @@ -0,0 +1,49 @@ +From 34aeec27c86917e7284ea562f62e46384d5da5ba Mon Sep 17 00:00:00 2001 +From: Anita Zhang +Date: Thu, 17 Sep 2020 01:49:17 -0700 +Subject: [PATCH] core: move reset_arguments() to the end of main's finish + +Fixes #16991 + +fb39af4ce42d7ef9af63009f271f404038703704 replaced `free_arguments()` with +`reset_arguments()`, which frees arg_* variables as before, but also resets all +of them to the default values. `reset_arguments()` was positioned +in such a way that it overrode some arg_* values still in use at shutdown. + +To avoid further unintentional resets, I moved `reset_arguments()` +right before the return, when nothing else will be using the arg_* variables. + +(cherry picked from commit 7d9eea2bd3d4f83668c7a78754d201b226acbf1e) + +Resolves: #2127171 +--- + src/core/main.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/core/main.c b/src/core/main.c +index d897155644..a4cdb28884 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -2622,7 +2622,6 @@ finish: + m = manager_free(m); + } + +- reset_arguments(); + mac_selinux_finish(); + + if (reexecute) +@@ -2647,6 +2646,7 @@ finish: + * in become_shutdown() so normally we cannot free them yet. */ + watchdog_free_device(); + arg_watchdog_device = mfree(arg_watchdog_device); ++ reset_arguments(); + return retval; + } + #endif +@@ -2668,5 +2668,6 @@ finish: + freeze_or_reboot(); + } + ++ reset_arguments(); + return retval; + } diff --git a/10000-core-fix-a-null-reference-case-in-load_from_path.patch b/10000-core-fix-a-null-reference-case-in-load_from_path.patch deleted file mode 100644 index e15690c..0000000 --- a/10000-core-fix-a-null-reference-case-in-load_from_path.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 11e4aae398f9d26c7c4e54bfa6621f80a3ed2100 Mon Sep 17 00:00:00 2001 -From: Wen Yang -Date: Tue, 19 Apr 2022 11:04:47 +0800 -Subject: [PATCH] fix a null reference case in load_from_path() - ---- - src/core/load-fragment.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c -index c0b1fd4..f59a040 100644 ---- a/src/core/load-fragment.c -+++ b/src/core/load-fragment.c -@@ -4477,7 +4477,6 @@ static int load_from_path(Unit *u, const char *path) { - r = open_follow(&filename, &f, symlink_names, &id); - if (r >= 0) - break; -- filename = mfree(filename); - - /* ENOENT means that the file is missing or is a dangling symlink. - * ENOTDIR means that one of paths we expect to be is a directory -@@ -4486,7 +4485,8 @@ static int load_from_path(Unit *u, const char *path) { - */ - if (r == -EACCES) - log_debug_errno(r, "Cannot access \"%s\": %m", filename); -- else if (!IN_SET(r, -ENOENT, -ENOTDIR)) -+ filename = mfree(filename); -+ if (!IN_SET(r, -ENOENT, -ENOTDIR)) - return r; - - /* Empty the symlink names for the next run */ --- -2.27.0 - diff --git a/10001-sysctl-Don-t-pass-null-directive-argument-to-s.patch b/10001-sysctl-Don-t-pass-null-directive-argument-to-s.patch deleted file mode 100644 index ec09ee4..0000000 --- a/10001-sysctl-Don-t-pass-null-directive-argument-to-s.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 1b3f7805ed7c193e17cb5bad4f4f19c2f72f3d08 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Tue, 19 Apr 2022 11:16:42 +0800 -Subject: [PATCH] sysctl: Don't pass null directive argument to '%s' - ---- - src/sysctl/sysctl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c -index 4c85d68..e756eff 100644 ---- a/src/sysctl/sysctl.c -+++ b/src/sysctl/sysctl.c -@@ -160,7 +160,7 @@ static int parse_file(OrderedHashmap *sysctl_options, const char *path, bool ign - - value = strchr(p, '='); - if (!value) { -- log_error("Line is not an assignment at '%s:%u': %s", path, c, value); -+ log_error("Line is not an assignment at '%s:%u': %s", path, c, p); - - if (r == 0) - r = -EINVAL; --- -2.27.0 - diff --git a/10002-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch b/10002-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch deleted file mode 100644 index 66539a0..0000000 --- a/10002-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch +++ /dev/null @@ -1,52 +0,0 @@ -From f7940c9cdf872d7504aca9637e9fd14328b2b726 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Tue, 19 Apr 2022 11:26:10 +0800 -Subject: [PATCH] exit-status: introduce EXIT_EXCEPTION mapping to 255 - ---- - src/basic/exit-status.c | 9 ++++++--- - src/basic/exit-status.h | 1 + - 2 files changed, 7 insertions(+), 3 deletions(-) - -diff --git a/src/basic/exit-status.c b/src/basic/exit-status.c -index 0a7a53b..8b67d44 100644 ---- a/src/basic/exit-status.c -+++ b/src/basic/exit-status.c -@@ -19,9 +19,9 @@ const char* exit_status_to_string(int status, ExitStatusLevel level) { - * 79…199 │ (Currently unmapped) - * 200…241 │ systemd's private error codes (might be extended to 254 in future development) - * 242…254 │ (Currently unmapped, but see above) -- * 255 │ (We should probably stay away from that one, it's frequently used by applications to indicate an -- * │ exit reason that cannot really be expressed in a single exit status value — such as a propagated -- * │ signal or such) -+ * 255 │ EXIT_EXCEPTION (We use this to propagate exit-by-signal events. It's frequently used by others apps (like bash) -+ * │ to indicate exit reason that cannot really be expressed in a single exit status value — such as a propagated -+ * │ signal or such, and we follow that logic here.) - */ - - switch (status) { /* We always cover the ISO C ones */ -@@ -158,6 +158,9 @@ const char* exit_status_to_string(int status, ExitStatusLevel level) { - - case EXIT_NUMA_POLICY: - return "NUMA_POLICY"; -+ -+ case EXIT_EXCEPTION: -+ return "EXCEPTION"; - } - } - -diff --git a/src/basic/exit-status.h b/src/basic/exit-status.h -index dc284aa..e923247 100644 ---- a/src/basic/exit-status.h -+++ b/src/basic/exit-status.h -@@ -70,6 +70,7 @@ enum { - EXIT_LOGS_DIRECTORY, /* 240 */ - EXIT_CONFIGURATION_DIRECTORY, - EXIT_NUMA_POLICY, -+ EXIT_EXCEPTION = 255, /* Whenever we want to propagate an abnormal/signal exit, in line with bash */ - }; - - typedef enum ExitStatusLevel { --- -2.27.0 - diff --git a/10003-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch b/10003-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch deleted file mode 100644 index 7abfb96..0000000 --- a/10003-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch +++ /dev/null @@ -1,51 +0,0 @@ -From dffb92b5520a4b539f0466d4161fcaacc6ba5ba8 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Tue, 19 Apr 2022 11:34:27 +0800 -Subject: [PATCH] main: don't freeze PID 1 in containers, exit with - ---- - src/core/main.c | 14 ++++++++++---- - 1 file changed, 10 insertions(+), 4 deletions(-) - -diff --git a/src/core/main.c b/src/core/main.c -index d897155..0aec5d1 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -139,7 +139,13 @@ static NUMAPolicy arg_numa_policy; - static int parse_configuration(const struct rlimit *saved_rlimit_nofile, - const struct rlimit *saved_rlimit_memlock); - --_noreturn_ static void freeze_or_reboot(void) { -+_noreturn_ static void freeze_or_exit_or_reboot(void) { -+ /* If we are running in a contianer, let's prefer exiting, after all we can propagate an exit code to the -+ * container manager, and thus inform it that something went wrong. */ -+ if (detect_container() > 0) { -+ log_emergency("Exiting PID 1..."); -+ exit(EXIT_EXCEPTION); -+ } - - if (arg_crash_reboot) { - log_notice("Rebooting in 10s..."); -@@ -247,7 +253,7 @@ _noreturn_ static void crash(int sig) { - } - } - -- freeze_or_reboot(); -+ freeze_or_exit_or_reboot(); - } - - static void install_crash_handler(void) { -@@ -2664,8 +2670,8 @@ finish: - if (error_message) - manager_status_printf(NULL, STATUS_TYPE_EMERGENCY, - ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL, -- "%s, freezing.", error_message); -- freeze_or_reboot(); -+ "%s.", error_message); -+ freeze_or_exit_or_reboot(); - } - - return retval; --- -2.27.0 - diff --git a/10004-Do-not-go-into-freeze-when-systemd-crashd.patch b/10004-Do-not-go-into-freeze-when-systemd-crashd.patch deleted file mode 100644 index 1cb12cc..0000000 --- a/10004-Do-not-go-into-freeze-when-systemd-crashd.patch +++ /dev/null @@ -1,103 +0,0 @@ -From 64072aab92ff6489a2e460a9bdd1cfefa587264b Mon Sep 17 00:00:00 2001 -From: Yuanhong Peng -Date: Tue, 19 Apr 2022 13:36:09 +0800 -Subject: [PATCH] Do not go into freeze when systemd crashd - ---- - src/core/main.c | 41 ++++++++++++++++++++++++++++++++++++++++- - 1 file changed, 40 insertions(+), 1 deletion(-) - -diff --git a/src/core/main.c b/src/core/main.c -index 0aec5d1..db91151 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -3,6 +3,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -10,6 +11,7 @@ - #include - #include - #include -+#include - #include - #if HAVE_SECCOMP - #include -@@ -135,10 +137,41 @@ static sd_id128_t arg_machine_id; - static EmergencyAction arg_cad_burst_action; - static CPUSet arg_cpu_affinity; - static NUMAPolicy arg_numa_policy; -+static bool reexec_jmp_can = false; -+static bool reexec_jmp_inited = false; -+static sigjmp_buf reexec_jmp_buf; - - static int parse_configuration(const struct rlimit *saved_rlimit_nofile, - const struct rlimit *saved_rlimit_memlock); - -+static void reexec_handler(int sig) { -+ reexec_jmp_can = true; -+} -+ -+_noreturn_ static void freeze_wait_upgrade(void) { -+ struct sigaction sa; -+ sigset_t ss; -+ -+ sigemptyset(&ss); -+ sigaddset(&ss, SIGTERM); -+ sigprocmask(SIG_UNBLOCK, &ss, NULL); -+ -+ sa.sa_handler = reexec_handler; -+ sa.sa_flags = SA_RESTART; -+ sigaction(SIGTERM, &sa, NULL); -+ -+ log_error("freeze_wait_upgrade: %d\n", reexec_jmp_inited); -+ reexec_jmp_can = false; -+ while(1) { -+ usleep(10000); -+ if (reexec_jmp_inited && reexec_jmp_can) { -+ log_error("goto manager_reexecute.\n"); -+ siglongjmp(reexec_jmp_buf, 1); -+ } -+ waitpid(-1, NULL, WNOHANG); -+ } -+} -+ - _noreturn_ static void freeze_or_exit_or_reboot(void) { - /* If we are running in a contianer, let's prefer exiting, after all we can propagate an exit code to the - * container manager, and thus inform it that something went wrong. */ -@@ -157,7 +190,8 @@ _noreturn_ static void freeze_or_exit_or_reboot(void) { - } - - log_emergency("Freezing execution."); -- freeze(); -+ freeze_wait_upgrade(); -+ - } - - _noreturn_ static void crash(int sig) { -@@ -1667,6 +1701,10 @@ static int invoke_main_loop( - assert(ret_switch_root_init); - assert(ret_error_message); - -+ reexec_jmp_inited = true; -+ if (sigsetjmp(reexec_jmp_buf, 1)) -+ goto manager_reexecute; -+ - for (;;) { - r = manager_loop(m); - if (r < 0) { -@@ -1709,6 +1747,7 @@ static int invoke_main_loop( - - case MANAGER_REEXECUTE: - -+manager_reexecute: - r = prepare_reexecute(m, &arg_serialization, ret_fds, false); - if (r < 0) { - *ret_error_message = "Failed to prepare for reexecution"; --- -2.27.0 - diff --git a/10005-mount-setup-change-the-system-mount-propagation-to-s.patch b/10005-mount-setup-change-the-system-mount-propagation-to-s.patch deleted file mode 100644 index fa95141..0000000 --- a/10005-mount-setup-change-the-system-mount-propagation-to-s.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 0c7f29561634f9374c0d9042304f4d4caa4242f0 Mon Sep 17 00:00:00 2001 -From: Wen Yang -Date: Tue, 19 Apr 2022 13:50:04 +0800 -Subject: [PATCH] mount-setup: change the system mount propagation to - ---- - src/core/main.c | 2 +- - src/core/mount-setup.c | 4 ++-- - src/core/mount-setup.h | 2 +- - 3 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/core/main.c b/src/core/main.c -index db91151..81dae1c 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -2519,7 +2519,7 @@ int main(int argc, char *argv[]) { - if (!skip_setup) - kmod_setup(); - -- r = mount_setup(loaded_policy); -+ r = mount_setup(loaded_policy, skip_setup); - if (r < 0) { - error_message = "Failed to mount API filesystems"; - goto finish; -diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c -index a659458..9f9f953 100644 ---- a/src/core/mount-setup.c -+++ b/src/core/mount-setup.c -@@ -400,7 +400,7 @@ static int relabel_cgroup_filesystems(void) { - } - #endif - --int mount_setup(bool loaded_policy) { -+int mount_setup(bool loaded_policy, bool leave_propagation) { - int r = 0; - - r = mount_points_setup(ELEMENTSOF(mount_table), loaded_policy); -@@ -444,7 +444,7 @@ int mount_setup(bool loaded_policy) { - * needed. Note that we set this only when we are invoked directly by the kernel. If we are invoked by a - * container manager we assume the container manager knows what it is doing (for example, because it set up - * some directories with different propagation modes). */ -- if (detect_container() <= 0) -+ if (detect_container() <= 0 && !leave_propagation) - if (mount(NULL, "/", NULL, MS_REC|MS_SHARED, NULL) < 0) - log_warning_errno(errno, "Failed to set up the root directory for shared mount propagation: %m"); - -diff --git a/src/core/mount-setup.h b/src/core/mount-setup.h -index 43cd890..7a011b2 100644 ---- a/src/core/mount-setup.h -+++ b/src/core/mount-setup.h -@@ -4,7 +4,7 @@ - #include - - int mount_setup_early(void); --int mount_setup(bool loaded_policy); -+int mount_setup(bool loaded_policy, bool leave_propagation); - - int mount_cgroup_controllers(char ***join_controllers); - --- -2.27.0 - diff --git a/10006-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch b/10006-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch deleted file mode 100644 index 9a5fa6e..0000000 --- a/10006-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch +++ /dev/null @@ -1,26 +0,0 @@ -From d449667a6a545a46647911838731e8e46a5a39ed Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Tue, 19 Apr 2022 13:56:39 +0800 -Subject: [PATCH] cgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() - unsigned - ---- - src/basic/cgroup-util.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/basic/cgroup-util.h b/src/basic/cgroup-util.h -index 1210b38..76659c3 100644 ---- a/src/basic/cgroup-util.h -+++ b/src/basic/cgroup-util.h -@@ -31,7 +31,7 @@ typedef enum CGroupController { - _CGROUP_CONTROLLER_INVALID = -1, - } CGroupController; - --#define CGROUP_CONTROLLER_TO_MASK(c) (1 << (c)) -+#define CGROUP_CONTROLLER_TO_MASK(c) (1U << (c)) - - /* A bit mask of well known cgroup controllers */ - typedef enum CGroupMask { --- -2.27.0 - diff --git a/10007-cgroup-update-only-siblings-that-got-realized-once.patch b/10007-cgroup-update-only-siblings-that-got-realized-once.patch deleted file mode 100644 index 068f21c..0000000 --- a/10007-cgroup-update-only-siblings-that-got-realized-once.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 841539281bed5187d2f773097eefb0bb3c5057ec Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Tue, 19 Apr 2022 14:03:12 +0800 -Subject: [PATCH] cgroup: update only siblings that got realized once - ---- - src/core/cgroup.c | 16 +++++++++++++++- - 1 file changed, 15 insertions(+), 1 deletion(-) - -diff --git a/src/core/cgroup.c b/src/core/cgroup.c -index f02cc31..e0e0a98 100644 ---- a/src/core/cgroup.c -+++ b/src/core/cgroup.c -@@ -1980,7 +1980,16 @@ static void unit_add_siblings_to_cgroup_realize_queue(Unit *u) { - Unit *slice; - - /* This adds the siblings of the specified unit and the siblings of all parent units to the cgroup -- * queue. (But neither the specified unit itself nor the parents.) */ -+ * queue. (But neither the specified unit itself nor the parents.) -+ * -+ * Propagation of realization "side-ways" (i.e. towards siblings) is in relevant on cgroup-v1 where -+ * scheduling become very weird if two units that own processes reside in the same slice, but one is -+ * realized in the "cpu" hierarchy and once is not (for example because one has CPUWeight= set and -+ * the other does not), because that means processes need to be scheduled against groups. Let's avoid -+ * this asymmetry by always ensuring that units below a slice that are realized at all are hence -+ * always realized in *all* their hierarchies, and it is sufficient for a unit's sibling to be -+ * realized for a unit to be realized too. */ -+ - - while ((slice = UNIT_DEREF(u->slice))) { - Iterator i; -@@ -1996,6 +2005,11 @@ static void unit_add_siblings_to_cgroup_realize_queue(Unit *u) { - if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(m))) - continue; - -+ /* We only enqueue siblings if they were realized once at least, in the main -+ * hierarchy. */ -+ if (!m->cgroup_realized) -+ continue; -+ - /* If the unit doesn't need any new controllers and has current ones realized, it - * doesn't need any changes. */ - if (unit_has_mask_realized(m, --- -2.27.0 - diff --git a/10008-core-add-a-config-item-to-support-setting-the-value-.patch b/10008-core-add-a-config-item-to-support-setting-the-value-.patch deleted file mode 100644 index 272d61b..0000000 --- a/10008-core-add-a-config-item-to-support-setting-the-value-.patch +++ /dev/null @@ -1,120 +0,0 @@ -From f21d63650318791f29f56dc26f23acb5b53620a6 Mon Sep 17 00:00:00 2001 -From:Yuanhong Peng -Date: Tue, 19 Apr 2022 14:13:49 +0800 -Subject: [PATCH] core: add a config item to support setting the value - ---- - src/core/main.c | 69 +++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 69 insertions(+) - -diff --git a/src/core/main.c b/src/core/main.c -index 81dae1c..0712423 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -140,6 +140,7 @@ static NUMAPolicy arg_numa_policy; - static bool reexec_jmp_can = false; - static bool reexec_jmp_inited = false; - static sigjmp_buf reexec_jmp_buf; -+static bool arg_default_cpuset_clone_children = false; - - static int parse_configuration(const struct rlimit *saved_rlimit_nofile, - const struct rlimit *saved_rlimit_memlock); -@@ -527,6 +528,14 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat - return 0; - - parse_path_argument_and_warn(value, false, &arg_watchdog_device); -+ -+ } else if (proc_cmdline_key_streq(key, "systemd.cpuset_clone_children") && value) { -+ -+ r = parse_boolean(value); -+ if (r < 0) -+ log_warning("Failed to parse cpuset_clone_children switch %s. Ignoring.", value); -+ else -+ arg_default_cpuset_clone_children = r; - - } else if (streq(key, "quiet") && !value) { - -@@ -756,6 +765,7 @@ static int parse_config_file(void) { - { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting }, - { "Manager", "DefaultTasksMax", config_parse_tasks_max, 0, &arg_default_tasks_max }, - { "Manager", "CtrlAltDelBurstAction", config_parse_emergency_action, 0, &arg_cad_burst_action }, -+ { "Manager", "DefaultCPUSetCloneChildren",config_parse_bool, 0, &arg_default_cpuset_clone_children }, - {} - }; - -@@ -1872,6 +1882,64 @@ static void log_execution_mode(bool *ret_first_boot) { - } - } - -+static bool is_use_triple_cgroup(void) { -+ const char * path ="/sys/fs/cgroup/cpuset"; -+ _cleanup_strv_free_ char **l = NULL; -+ char buf[128] = {0}; -+ int r; -+ -+ r = is_symlink(path); -+ if (r <= 0) -+ return false; -+ -+ r = readlink(path, buf, sizeof(buf)); -+ if (r < 0 || (unsigned int)r >= sizeof(buf)) -+ return false; -+ -+ buf[r] = '\0'; -+ l = strv_split(buf, ","); -+ if (!l) -+ return false; -+ -+ strv_sort(l); -+ if (strv_length(l) != 3) -+ return false; -+ -+ if (streq(l[0],"cpu") && streq(l[1], "cpuacct") && -+ streq(l[2], "cpuset")) { -+ log_debug(PACKAGE_STRING " use_triple_cgroup: %s", buf); -+ return true; -+ } -+ return false; -+} -+ -+static int ali_handle_cpuset_clone_children(void) -+{ -+ const char *file = "/sys/fs/cgroup/cpuset/cgroup.clone_children"; -+ _cleanup_free_ char *buf = NULL; -+ int r; -+ -+ r = read_one_line_file(file, &buf); -+ if (r < 0) { -+ log_warning_errno(r, "Cannot read %s: %m", file); -+ return r; -+ } -+ -+ if (streq(buf, "1") && arg_default_cpuset_clone_children) -+ return 0; -+ -+ if (streq(buf, "0") && (!arg_default_cpuset_clone_children)) -+ return 0; -+ -+ if (!is_use_triple_cgroup()) -+ return 0; -+ -+ r = write_string_file(file, one_zero(arg_default_cpuset_clone_children), 0); -+ log_info(PACKAGE_STRING " set %s to %s, ret=%d", file, one_zero(arg_default_cpuset_clone_children), r); -+ return r; -+} -+ -+ - static int initialize_runtime( - bool skip_setup, - struct rlimit *saved_rlimit_nofile, -@@ -1906,6 +1974,7 @@ static int initialize_runtime( - return r; - } - -+ ali_handle_cpuset_clone_children(); - status_welcome(); - hostname_setup(); - machine_id_setup(NULL, arg_machine_id, NULL); --- -2.27.0 - diff --git a/10009-systemd-anolis-support-loongarch64.patch b/10009-systemd-anolis-support-loongarch64.patch deleted file mode 100644 index b76c8e0..0000000 --- a/10009-systemd-anolis-support-loongarch64.patch +++ /dev/null @@ -1,56 +0,0 @@ -From c8b7c2b34bd451cd9d5904fc215ad14893008a03 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Tue, 19 Apr 2022 14:25:05 +0800 -Subject: [PATCH] support loongarch64 for systemd - ---- - src/basic/architecture.c | 3 +++ - src/basic/architecture.h | 4 ++++ - 2 files changed, 7 insertions(+) - -diff --git a/src/basic/architecture.c b/src/basic/architecture.c -index 85837b5..96bbf97 100644 ---- a/src/basic/architecture.c -+++ b/src/basic/architecture.c -@@ -118,6 +118,8 @@ int uname_architecture(void) { - #elif defined(__arc__) - { "arc", ARCHITECTURE_ARC }, - { "arceb", ARCHITECTURE_ARC_BE }, -+#elif defined(__loongarch64) -+ { "loongarch64", ARCHITECTURE_LOONGARCH64 }, - #else - #error "Please register your architecture here!" - #endif -@@ -173,6 +175,7 @@ static const char *const architecture_table[_ARCHITECTURE_MAX] = { - [ARCHITECTURE_RISCV64] = "riscv64", - [ARCHITECTURE_ARC] = "arc", - [ARCHITECTURE_ARC_BE] = "arc-be", -+ [ARCHITECTURE_LOONGARCH64] = "loongarch64", - }; - - DEFINE_STRING_TABLE_LOOKUP(architecture, int); -diff --git a/src/basic/architecture.h b/src/basic/architecture.h -index 443e890..22e9108 100644 ---- a/src/basic/architecture.h -+++ b/src/basic/architecture.h -@@ -44,6 +44,7 @@ enum { - ARCHITECTURE_RISCV64, - ARCHITECTURE_ARC, - ARCHITECTURE_ARC_BE, -+ ARCHITECTURE_LOONGARCH64, - _ARCHITECTURE_MAX, - _ARCHITECTURE_INVALID = -1 - }; -@@ -229,6 +230,9 @@ int uname_architecture(void); - # define native_architecture() ARCHITECTURE_ARC - # define LIB_ARCH_TUPLE "arc-linux" - # endif -+#elif defined(__loongarch64) -+# define native_architecture() ARCHITECTURE_LOONGARCH64 -+# define LIB_ARCH_TUPLE "loongarch64-linux-gnu" - #else - # error "Please register your architecture here!" - #endif --- -2.27.0 - diff --git a/10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch b/10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch deleted file mode 100644 index d4054b4..0000000 --- a/10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 5209a26aa917aa54b09ee18394ad46ee601e77be Mon Sep 17 00:00:00 2001 -From: Yuanhong Peng -Date: Tue, 17 May 2022 21:34:34 +0800 -Subject: [PATCH] test-catalog: Fix coredump when compiled under GCC10 - -According to the documentation: -https://gcc.gnu.org/gcc-9/porting_to.html#complit: - -The `catalog_dirs` produced by STRV_MAKE(..) marco relies on -the extended lifetime feature which is fixed by GCC9. - -Signed-off-by: Yuanhong Peng ---- - src/journal/test-catalog.c | 12 ++++++++---- - 1 file changed, 8 insertions(+), 4 deletions(-) - -diff --git a/src/journal/test-catalog.c b/src/journal/test-catalog.c -index 0c4da29..2ce92af 100644 ---- a/src/journal/test-catalog.c -+++ b/src/journal/test-catalog.c -@@ -201,7 +201,8 @@ static void test_catalog_file_lang(void) { - - int main(int argc, char *argv[]) { - _cleanup_(unlink_tempfilep) char database[] = "/tmp/test-catalog.XXXXXX"; -- _cleanup_free_ char *text = NULL, *catalog_dir = NULL; -+ _cleanup_free_ char *text = NULL; -+ char *catalog_dir = CATALOG_DIR; - int r; - - setlocale(LC_ALL, "de_DE.UTF-8"); -@@ -214,10 +215,9 @@ int main(int argc, char *argv[]) { - * If it is not, e.g. installed by systemd-tests package, then use installed catalogs. */ - if (test_is_running_from_builddir(NULL)) { - assert_se(catalog_dir = path_join(NULL, ABS_BUILD_DIR, "catalog")); -- catalog_dirs = STRV_MAKE(catalog_dir); -- } else -- catalog_dirs = STRV_MAKE(CATALOG_DIR); -+ } - -+ catalog_dirs = STRV_MAKE(catalog_dir); - assert_se(access(catalog_dirs[0], F_OK) >= 0); - log_notice("Using catalog directory '%s'", catalog_dirs[0]); - -@@ -242,5 +242,9 @@ int main(int argc, char *argv[]) { - assert_se(catalog_get(database, SD_MESSAGE_COREDUMP, &text) >= 0); - printf(">>>%s<<<\n", text); - -+ /* Only in this case, catalog_dir is malloced */ -+ if (test_is_running_from_builddir(NULL)) -+ free(catalog_dir); -+ - return 0; - } --- -2.27.0 - diff --git a/10011-hwdb-add-Iluvatar-CoreX.patch b/10011-hwdb-add-Iluvatar-CoreX.patch deleted file mode 100644 index e08657c..0000000 --- a/10011-hwdb-add-Iluvatar-CoreX.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 28e47526dce925e6f32cf79825d38fd10e1f442a Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Tue, 26 Jul 2022 22:01:58 +0800 -Subject: [PATCH] hwdb: add Iluvatar CoreX - -Signed-off-by: rpm-build ---- - hwdb/20-pci-vendor-model.hwdb | 6 ++++++ - hwdb/pci.ids | 2 ++ - 2 files changed, 8 insertions(+) - -diff --git a/hwdb/20-pci-vendor-model.hwdb b/hwdb/20-pci-vendor-model.hwdb -index 0020046..78926f8 100644 ---- a/hwdb/20-pci-vendor-model.hwdb -+++ b/hwdb/20-pci-vendor-model.hwdb -@@ -71141,6 +71141,12 @@ pci:v00001EEC* - pci:v00001EFB* - ID_VENDOR_FROM_DATABASE=Flexxon Pte Ltd - -+pci:v00001E3E* -+ ID_VENDOR_FROM_DATABASE=Iluvatar CoreX -+ -+pci:v00001E3Ed00000001* -+ ID_MODEL_FROM_DATABASE=Iluvatar BI-V100 -+ - pci:v00001FC0* - ID_VENDOR_FROM_DATABASE=Ascom (Finland) Oy - -diff --git a/hwdb/pci.ids b/hwdb/pci.ids -index 40ee143..d6661c7 100644 ---- a/hwdb/pci.ids -+++ b/hwdb/pci.ids -@@ -21543,6 +21543,8 @@ - 0003 alst4x - 1dfc JSC NT-COM - 1181 TDM 8 Port E1/T1/J1 Adapter -+1e3e Iluvatar CoreX -+ 0001 Iluvatar BI-V100 - # nee Tumsan Oy - 1fc0 Ascom (Finland) Oy - 0300 E2200 Dual E1/Rawpipe Card --- -2.27.0 - diff --git a/10012-seccomp-add-loongarch-support.patch b/10012-seccomp-add-loongarch-support.patch deleted file mode 100644 index 69b1b90..0000000 --- a/10012-seccomp-add-loongarch-support.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 1894533699f7e01c80e896c5d022275777344492 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Thu, 22 Sep 2022 10:33:54 +0800 -Subject: [PATCH] seccomp: add loongarch support - ---- - src/shared/seccomp-util.c | 21 +++++++++++++++++++++ - 1 file changed, 21 insertions(+) - -diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c -index c57c409..63a875c 100644 ---- a/src/shared/seccomp-util.c -+++ b/src/shared/seccomp-util.c -@@ -42,6 +42,8 @@ const uint32_t seccomp_local_archs[] = { - SCMP_ARCH_AARCH64, /* native */ - #elif defined(__arm__) - SCMP_ARCH_ARM, -+#elif defined(__loongarch__) -+ SCMP_ARCH_LOONGARCH64, - #elif defined(__mips__) && __BYTE_ORDER == __BIG_ENDIAN && _MIPS_SIM == _MIPS_SIM_ABI32 - SCMP_ARCH_MIPSEL, - SCMP_ARCH_MIPS, /* native */ -@@ -136,6 +138,10 @@ const char* seccomp_arch_to_string(uint32_t c) { - return "s390"; - case SCMP_ARCH_S390X: - return "s390x"; -+#if defined(__loongarch__) -+ case SCMP_ARCH_LOONGARCH64: -+ return "loongarch64"; -+#endif - default: - return NULL; - } -@@ -181,6 +187,10 @@ int seccomp_arch_from_string(const char *n, uint32_t *ret) { - *ret = SCMP_ARCH_S390; - else if (streq(n, "s390x")) - *ret = SCMP_ARCH_S390X; -+#if defined(__loongarch__) -+ else if (streq(n, "loongarch64")) -+ *ret = SCMP_ARCH_LOONGARCH64; -+#endif - else - return -EINVAL; - -@@ -1209,6 +1219,11 @@ int seccomp_protect_sysctl(void) { - if (IN_SET(arch, SCMP_ARCH_X32, SCMP_ARCH_AARCH64)) - /* No _sysctl syscall */ - continue; -+#if defined(__loongarch__) -+ if (IN_SET(arch, SCMP_ARCH_LOONGARCH64)) -+ /* No _sysctl syscall */ -+ continue; -+#endif - - r = seccomp_init_for_arch(&seccomp, arch, SCMP_ACT_ALLOW); - if (r < 0) -@@ -1267,6 +1282,9 @@ int seccomp_restrict_address_families(Set *address_families, bool whitelist) { - case SCMP_ARCH_PPC: - case SCMP_ARCH_PPC64: - case SCMP_ARCH_PPC64LE: -+#if defined(__loongarch__) -+ case SCMP_ARCH_LOONGARCH64: -+#endif - default: - /* These we either know we don't support (i.e. are the ones that do use socketcall()), or we - * don't know */ -@@ -1543,6 +1561,9 @@ int seccomp_memory_deny_write_execute(void) { - case SCMP_ARCH_X86_64: - case SCMP_ARCH_X32: - case SCMP_ARCH_AARCH64: -+#if defined(__loongarch__) -+ case SCMP_ARCH_LOONGARCH64: -+#endif - filter_syscall = SCMP_SYS(mmap); /* amd64, x32, and arm64 have only mmap */ - shmat_syscall = SCMP_SYS(shmat); - break; --- -2.27.0 - diff --git a/systemd.spec b/systemd.spec index faaf51a..2027214 100644 --- a/systemd.spec +++ b/systemd.spec @@ -1,4 +1,3 @@ -%define anolis_release .0.4 #global gitcommit 10e465b5321bd53c1fc59ffab27e724535c6bc0f %{?gitcommit:%global gitcommitshort %(c=%{gitcommit}; echo ${c:0:7})} @@ -14,7 +13,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 239 -Release: 58%{anolis_release}%{?dist}.7 +Release: 58%{?dist}.8 # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -812,21 +811,16 @@ Patch0758: 0758-sd-event-don-t-invalidate-source-type-on-disconnect.patch Patch0759: 0759-test-procfs-util-skip-test-on-certain-errors.patch Patch0760: 0760-Try-stopping-MD-RAID-devices-in-shutdown-too.patch Patch0761: 0761-shutdown-get-only-active-md-arrays.patch +Patch0762: 0762-unit-name-tighten-checks-for-building-valid-unit-nam.patch +Patch0763: 0763-core-shorten-long-unit-names-that-are-based-on-paths.patch +Patch0764: 0764-test-add-extended-test-for-triggering-mount-rate-lim.patch +Patch0765: 0765-tests-add-test-case-for-long-unit-names.patch +Patch0766: 0766-Revert-core-Propagate-condition-failed-state-to-trig.patch +Patch0767: 0767-core-Check-unit-start-rate-limiting-earlier.patch +Patch0768: 0768-core-Add-trigger-limit-for-path-units.patch +Patch0769: 0769-resolved-pin-stream-while-calling-callbacks-for-it.patch +Patch0770: 0770-core-move-reset_arguments-to-the-end-of-main-s-finis.patch -Patch9000: 9000-resolved-pin-stream-while-calling-callbacks-for-it.patch -Patch10000: 10000-core-fix-a-null-reference-case-in-load_from_path.patch -Patch10001: 10001-sysctl-Don-t-pass-null-directive-argument-to-s.patch -Patch10002: 10002-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch -Patch10003: 10003-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch -Patch10004: 10004-Do-not-go-into-freeze-when-systemd-crashd.patch -Patch10005: 10005-mount-setup-change-the-system-mount-propagation-to-s.patch -Patch10006: 10006-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch -Patch10007: 10007-cgroup-update-only-siblings-that-got-realized-once.patch -Patch10008: 10008-core-add-a-config-item-to-support-setting-the-value-.patch -Patch10009: 10009-systemd-anolis-support-loongarch64.patch -Patch10010: 10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch -Patch10011: 10011-hwdb-add-Iluvatar-CoreX.patch -Patch10012: 10012-seccomp-add-loongarch-support.patch %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 @@ -1456,22 +1450,16 @@ fi %files tests -f .file-list-tests %changelog -* Thu Sep 22 2022 Liwei Ge - 239-58.0.4.7 -- seccomp: add loongarch64 support - -* Wed Sep 14 2022 Yuanhong Peng - 239-58.0.3.7 -- core: fix a null reference case in load_from_path() -- sysctl: Don't pass null directive argument to '%s' -- exit-status: introduce EXIT_EXCEPTION mapping to 255 -- main: don't freeze PID 1 in containers, exit with non-zero instead -- Do not go into freeze when systemd crashd -- mount-setup: change the system mount propagation to shared by default only at bootup -- cgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() unsigned -- cgroup: update only siblings that got realized once -- core: add a config item to support setting the value of cpuset.clone_children when systemd is starting -- support loongarch for systemd -- test-catalog: Fix coredump when compiled under GCC10 -- add Iluvatar CoreX pci id(Liwei Ge) +* Wed Sep 21 2022 systemd maintenance team - 239-58.8 +- unit-name: tighten checks for building valid unit names (#2094712) +- core: shorten long unit names that are based on paths and append path hash at the end (#2094712) +- test: add extended test for triggering mount rate limit (#2094712) +- tests: add test case for long unit names (#2094712) +- Revert "core: Propagate condition failed state to triggering units." (#2123801) +- core: Check unit start rate limiting earlier (#2123801) +- core: Add trigger limit for path units (#2123801) +- resolved: pin stream while calling callbacks for it (#2110548) +- core: move reset_arguments() to the end of main's finish (#2127171) * Thu Aug 25 2022 systemd maintenance team - 239-58.7 - sd-event: don't invalidate source type on disconnect (#2116892) -- Gitee From 50303cce8bc917cd1caacf1cf6b7c608b21c66cf Mon Sep 17 00:00:00 2001 From: pangqing Date: Tue, 19 Apr 2022 15:08:32 +0800 Subject: [PATCH 2/5] Add optimized patches Signed-off-by: Yuanhong Peng --- ...ull-reference-case-in-load_from_path.patch | 34 +++++ ...-t-pass-null-directive-argument-to-s.patch | 25 ++++ ...roduce-EXIT_EXCEPTION-mapping-to-255.patch | 52 ++++++++ ...e-PID-1-in-containers-exit-with-non-.patch | 52 ++++++++ ...t-go-into-freeze-when-systemd-crashd.patch | 103 +++++++++++++++ ...ge-the-system-mount-propagation-to-s.patch | 62 +++++++++ ...-definition-of-CGROUP_CONTROLLER_TO_.patch | 26 ++++ ...only-siblings-that-got-realized-once.patch | 46 +++++++ ...g-item-to-support-setting-the-value-.patch | 120 ++++++++++++++++++ ...9-systemd-anolis-support-loongarch64.patch | 56 ++++++++ systemd.spec | 25 +++- 11 files changed, 600 insertions(+), 1 deletion(-) create mode 100644 10000-core-fix-a-null-reference-case-in-load_from_path.patch create mode 100644 10001-sysctl-Don-t-pass-null-directive-argument-to-s.patch create mode 100644 10002-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch create mode 100644 10003-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch create mode 100644 10004-Do-not-go-into-freeze-when-systemd-crashd.patch create mode 100644 10005-mount-setup-change-the-system-mount-propagation-to-s.patch create mode 100644 10006-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch create mode 100644 10007-cgroup-update-only-siblings-that-got-realized-once.patch create mode 100644 10008-core-add-a-config-item-to-support-setting-the-value-.patch create mode 100644 10009-systemd-anolis-support-loongarch64.patch diff --git a/10000-core-fix-a-null-reference-case-in-load_from_path.patch b/10000-core-fix-a-null-reference-case-in-load_from_path.patch new file mode 100644 index 0000000..e15690c --- /dev/null +++ b/10000-core-fix-a-null-reference-case-in-load_from_path.patch @@ -0,0 +1,34 @@ +From 11e4aae398f9d26c7c4e54bfa6621f80a3ed2100 Mon Sep 17 00:00:00 2001 +From: Wen Yang +Date: Tue, 19 Apr 2022 11:04:47 +0800 +Subject: [PATCH] fix a null reference case in load_from_path() + +--- + src/core/load-fragment.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c +index c0b1fd4..f59a040 100644 +--- a/src/core/load-fragment.c ++++ b/src/core/load-fragment.c +@@ -4477,7 +4477,6 @@ static int load_from_path(Unit *u, const char *path) { + r = open_follow(&filename, &f, symlink_names, &id); + if (r >= 0) + break; +- filename = mfree(filename); + + /* ENOENT means that the file is missing or is a dangling symlink. + * ENOTDIR means that one of paths we expect to be is a directory +@@ -4486,7 +4485,8 @@ static int load_from_path(Unit *u, const char *path) { + */ + if (r == -EACCES) + log_debug_errno(r, "Cannot access \"%s\": %m", filename); +- else if (!IN_SET(r, -ENOENT, -ENOTDIR)) ++ filename = mfree(filename); ++ if (!IN_SET(r, -ENOENT, -ENOTDIR)) + return r; + + /* Empty the symlink names for the next run */ +-- +2.27.0 + diff --git a/10001-sysctl-Don-t-pass-null-directive-argument-to-s.patch b/10001-sysctl-Don-t-pass-null-directive-argument-to-s.patch new file mode 100644 index 0000000..ec09ee4 --- /dev/null +++ b/10001-sysctl-Don-t-pass-null-directive-argument-to-s.patch @@ -0,0 +1,25 @@ +From 1b3f7805ed7c193e17cb5bad4f4f19c2f72f3d08 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Tue, 19 Apr 2022 11:16:42 +0800 +Subject: [PATCH] sysctl: Don't pass null directive argument to '%s' + +--- + src/sysctl/sysctl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c +index 4c85d68..e756eff 100644 +--- a/src/sysctl/sysctl.c ++++ b/src/sysctl/sysctl.c +@@ -160,7 +160,7 @@ static int parse_file(OrderedHashmap *sysctl_options, const char *path, bool ign + + value = strchr(p, '='); + if (!value) { +- log_error("Line is not an assignment at '%s:%u': %s", path, c, value); ++ log_error("Line is not an assignment at '%s:%u': %s", path, c, p); + + if (r == 0) + r = -EINVAL; +-- +2.27.0 + diff --git a/10002-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch b/10002-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch new file mode 100644 index 0000000..66539a0 --- /dev/null +++ b/10002-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch @@ -0,0 +1,52 @@ +From f7940c9cdf872d7504aca9637e9fd14328b2b726 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 19 Apr 2022 11:26:10 +0800 +Subject: [PATCH] exit-status: introduce EXIT_EXCEPTION mapping to 255 + +--- + src/basic/exit-status.c | 9 ++++++--- + src/basic/exit-status.h | 1 + + 2 files changed, 7 insertions(+), 3 deletions(-) + +diff --git a/src/basic/exit-status.c b/src/basic/exit-status.c +index 0a7a53b..8b67d44 100644 +--- a/src/basic/exit-status.c ++++ b/src/basic/exit-status.c +@@ -19,9 +19,9 @@ const char* exit_status_to_string(int status, ExitStatusLevel level) { + * 79…199 │ (Currently unmapped) + * 200…241 │ systemd's private error codes (might be extended to 254 in future development) + * 242…254 │ (Currently unmapped, but see above) +- * 255 │ (We should probably stay away from that one, it's frequently used by applications to indicate an +- * │ exit reason that cannot really be expressed in a single exit status value — such as a propagated +- * │ signal or such) ++ * 255 │ EXIT_EXCEPTION (We use this to propagate exit-by-signal events. It's frequently used by others apps (like bash) ++ * │ to indicate exit reason that cannot really be expressed in a single exit status value — such as a propagated ++ * │ signal or such, and we follow that logic here.) + */ + + switch (status) { /* We always cover the ISO C ones */ +@@ -158,6 +158,9 @@ const char* exit_status_to_string(int status, ExitStatusLevel level) { + + case EXIT_NUMA_POLICY: + return "NUMA_POLICY"; ++ ++ case EXIT_EXCEPTION: ++ return "EXCEPTION"; + } + } + +diff --git a/src/basic/exit-status.h b/src/basic/exit-status.h +index dc284aa..e923247 100644 +--- a/src/basic/exit-status.h ++++ b/src/basic/exit-status.h +@@ -70,6 +70,7 @@ enum { + EXIT_LOGS_DIRECTORY, /* 240 */ + EXIT_CONFIGURATION_DIRECTORY, + EXIT_NUMA_POLICY, ++ EXIT_EXCEPTION = 255, /* Whenever we want to propagate an abnormal/signal exit, in line with bash */ + }; + + typedef enum ExitStatusLevel { +-- +2.27.0 + diff --git a/10003-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch b/10003-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch new file mode 100644 index 0000000..026fc66 --- /dev/null +++ b/10003-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch @@ -0,0 +1,52 @@ +From dffb92b5520a4b539f0466d4161fcaacc6ba5ba8 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 19 Apr 2022 11:34:27 +0800 +Subject: [PATCH] main: don't freeze PID 1 in containers, exit with + +--- + src/core/main.c | 14 ++++++++++---- + 1 file changed, 10 insertions(+), 4 deletions(-) + +diff --git a/src/core/main.c b/src/core/main.c +index d897155..0aec5d1 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -139,7 +139,13 @@ static NUMAPolicy arg_numa_policy; + static int parse_configuration(const struct rlimit *saved_rlimit_nofile, + const struct rlimit *saved_rlimit_memlock); + +-_noreturn_ static void freeze_or_reboot(void) { ++_noreturn_ static void freeze_or_exit_or_reboot(void) { ++ /* If we are running in a contianer, let's prefer exiting, after all we can propagate an exit code to the ++ * container manager, and thus inform it that something went wrong. */ ++ if (detect_container() > 0) { ++ log_emergency("Exiting PID 1..."); ++ exit(EXIT_EXCEPTION); ++ } + + if (arg_crash_reboot) { + log_notice("Rebooting in 10s..."); +@@ -247,7 +253,7 @@ _noreturn_ static void crash(int sig) { + } + } + +- freeze_or_reboot(); ++ freeze_or_exit_or_reboot(); + } + + static void install_crash_handler(void) { +@@ -2664,9 +2670,9 @@ finish: + if (error_message) + manager_status_printf(NULL, STATUS_TYPE_EMERGENCY, + ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL, +- "%s, freezing.", error_message); +- freeze_or_reboot(); ++ "%s.", error_message); ++ freeze_or_exit_or_reboot(); + } + + reset_arguments(); + return retval; +-- +2.27.0 + diff --git a/10004-Do-not-go-into-freeze-when-systemd-crashd.patch b/10004-Do-not-go-into-freeze-when-systemd-crashd.patch new file mode 100644 index 0000000..1cb12cc --- /dev/null +++ b/10004-Do-not-go-into-freeze-when-systemd-crashd.patch @@ -0,0 +1,103 @@ +From 64072aab92ff6489a2e460a9bdd1cfefa587264b Mon Sep 17 00:00:00 2001 +From: Yuanhong Peng +Date: Tue, 19 Apr 2022 13:36:09 +0800 +Subject: [PATCH] Do not go into freeze when systemd crashd + +--- + src/core/main.c | 41 ++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 40 insertions(+), 1 deletion(-) + +diff --git a/src/core/main.c b/src/core/main.c +index 0aec5d1..db91151 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -3,6 +3,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -10,6 +11,7 @@ + #include + #include + #include ++#include + #include + #if HAVE_SECCOMP + #include +@@ -135,10 +137,41 @@ static sd_id128_t arg_machine_id; + static EmergencyAction arg_cad_burst_action; + static CPUSet arg_cpu_affinity; + static NUMAPolicy arg_numa_policy; ++static bool reexec_jmp_can = false; ++static bool reexec_jmp_inited = false; ++static sigjmp_buf reexec_jmp_buf; + + static int parse_configuration(const struct rlimit *saved_rlimit_nofile, + const struct rlimit *saved_rlimit_memlock); + ++static void reexec_handler(int sig) { ++ reexec_jmp_can = true; ++} ++ ++_noreturn_ static void freeze_wait_upgrade(void) { ++ struct sigaction sa; ++ sigset_t ss; ++ ++ sigemptyset(&ss); ++ sigaddset(&ss, SIGTERM); ++ sigprocmask(SIG_UNBLOCK, &ss, NULL); ++ ++ sa.sa_handler = reexec_handler; ++ sa.sa_flags = SA_RESTART; ++ sigaction(SIGTERM, &sa, NULL); ++ ++ log_error("freeze_wait_upgrade: %d\n", reexec_jmp_inited); ++ reexec_jmp_can = false; ++ while(1) { ++ usleep(10000); ++ if (reexec_jmp_inited && reexec_jmp_can) { ++ log_error("goto manager_reexecute.\n"); ++ siglongjmp(reexec_jmp_buf, 1); ++ } ++ waitpid(-1, NULL, WNOHANG); ++ } ++} ++ + _noreturn_ static void freeze_or_exit_or_reboot(void) { + /* If we are running in a contianer, let's prefer exiting, after all we can propagate an exit code to the + * container manager, and thus inform it that something went wrong. */ +@@ -157,7 +190,8 @@ _noreturn_ static void freeze_or_exit_or_reboot(void) { + } + + log_emergency("Freezing execution."); +- freeze(); ++ freeze_wait_upgrade(); ++ + } + + _noreturn_ static void crash(int sig) { +@@ -1667,6 +1701,10 @@ static int invoke_main_loop( + assert(ret_switch_root_init); + assert(ret_error_message); + ++ reexec_jmp_inited = true; ++ if (sigsetjmp(reexec_jmp_buf, 1)) ++ goto manager_reexecute; ++ + for (;;) { + r = manager_loop(m); + if (r < 0) { +@@ -1709,6 +1747,7 @@ static int invoke_main_loop( + + case MANAGER_REEXECUTE: + ++manager_reexecute: + r = prepare_reexecute(m, &arg_serialization, ret_fds, false); + if (r < 0) { + *ret_error_message = "Failed to prepare for reexecution"; +-- +2.27.0 + diff --git a/10005-mount-setup-change-the-system-mount-propagation-to-s.patch b/10005-mount-setup-change-the-system-mount-propagation-to-s.patch new file mode 100644 index 0000000..fa95141 --- /dev/null +++ b/10005-mount-setup-change-the-system-mount-propagation-to-s.patch @@ -0,0 +1,62 @@ +From 0c7f29561634f9374c0d9042304f4d4caa4242f0 Mon Sep 17 00:00:00 2001 +From: Wen Yang +Date: Tue, 19 Apr 2022 13:50:04 +0800 +Subject: [PATCH] mount-setup: change the system mount propagation to + +--- + src/core/main.c | 2 +- + src/core/mount-setup.c | 4 ++-- + src/core/mount-setup.h | 2 +- + 3 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/core/main.c b/src/core/main.c +index db91151..81dae1c 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -2519,7 +2519,7 @@ int main(int argc, char *argv[]) { + if (!skip_setup) + kmod_setup(); + +- r = mount_setup(loaded_policy); ++ r = mount_setup(loaded_policy, skip_setup); + if (r < 0) { + error_message = "Failed to mount API filesystems"; + goto finish; +diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c +index a659458..9f9f953 100644 +--- a/src/core/mount-setup.c ++++ b/src/core/mount-setup.c +@@ -400,7 +400,7 @@ static int relabel_cgroup_filesystems(void) { + } + #endif + +-int mount_setup(bool loaded_policy) { ++int mount_setup(bool loaded_policy, bool leave_propagation) { + int r = 0; + + r = mount_points_setup(ELEMENTSOF(mount_table), loaded_policy); +@@ -444,7 +444,7 @@ int mount_setup(bool loaded_policy) { + * needed. Note that we set this only when we are invoked directly by the kernel. If we are invoked by a + * container manager we assume the container manager knows what it is doing (for example, because it set up + * some directories with different propagation modes). */ +- if (detect_container() <= 0) ++ if (detect_container() <= 0 && !leave_propagation) + if (mount(NULL, "/", NULL, MS_REC|MS_SHARED, NULL) < 0) + log_warning_errno(errno, "Failed to set up the root directory for shared mount propagation: %m"); + +diff --git a/src/core/mount-setup.h b/src/core/mount-setup.h +index 43cd890..7a011b2 100644 +--- a/src/core/mount-setup.h ++++ b/src/core/mount-setup.h +@@ -4,7 +4,7 @@ + #include + + int mount_setup_early(void); +-int mount_setup(bool loaded_policy); ++int mount_setup(bool loaded_policy, bool leave_propagation); + + int mount_cgroup_controllers(char ***join_controllers); + +-- +2.27.0 + diff --git a/10006-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch b/10006-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch new file mode 100644 index 0000000..9a5fa6e --- /dev/null +++ b/10006-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch @@ -0,0 +1,26 @@ +From d449667a6a545a46647911838731e8e46a5a39ed Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 19 Apr 2022 13:56:39 +0800 +Subject: [PATCH] cgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() + unsigned + +--- + src/basic/cgroup-util.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/cgroup-util.h b/src/basic/cgroup-util.h +index 1210b38..76659c3 100644 +--- a/src/basic/cgroup-util.h ++++ b/src/basic/cgroup-util.h +@@ -31,7 +31,7 @@ typedef enum CGroupController { + _CGROUP_CONTROLLER_INVALID = -1, + } CGroupController; + +-#define CGROUP_CONTROLLER_TO_MASK(c) (1 << (c)) ++#define CGROUP_CONTROLLER_TO_MASK(c) (1U << (c)) + + /* A bit mask of well known cgroup controllers */ + typedef enum CGroupMask { +-- +2.27.0 + diff --git a/10007-cgroup-update-only-siblings-that-got-realized-once.patch b/10007-cgroup-update-only-siblings-that-got-realized-once.patch new file mode 100644 index 0000000..068f21c --- /dev/null +++ b/10007-cgroup-update-only-siblings-that-got-realized-once.patch @@ -0,0 +1,46 @@ +From 841539281bed5187d2f773097eefb0bb3c5057ec Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 19 Apr 2022 14:03:12 +0800 +Subject: [PATCH] cgroup: update only siblings that got realized once + +--- + src/core/cgroup.c | 16 +++++++++++++++- + 1 file changed, 15 insertions(+), 1 deletion(-) + +diff --git a/src/core/cgroup.c b/src/core/cgroup.c +index f02cc31..e0e0a98 100644 +--- a/src/core/cgroup.c ++++ b/src/core/cgroup.c +@@ -1980,7 +1980,16 @@ static void unit_add_siblings_to_cgroup_realize_queue(Unit *u) { + Unit *slice; + + /* This adds the siblings of the specified unit and the siblings of all parent units to the cgroup +- * queue. (But neither the specified unit itself nor the parents.) */ ++ * queue. (But neither the specified unit itself nor the parents.) ++ * ++ * Propagation of realization "side-ways" (i.e. towards siblings) is in relevant on cgroup-v1 where ++ * scheduling become very weird if two units that own processes reside in the same slice, but one is ++ * realized in the "cpu" hierarchy and once is not (for example because one has CPUWeight= set and ++ * the other does not), because that means processes need to be scheduled against groups. Let's avoid ++ * this asymmetry by always ensuring that units below a slice that are realized at all are hence ++ * always realized in *all* their hierarchies, and it is sufficient for a unit's sibling to be ++ * realized for a unit to be realized too. */ ++ + + while ((slice = UNIT_DEREF(u->slice))) { + Iterator i; +@@ -1996,6 +2005,11 @@ static void unit_add_siblings_to_cgroup_realize_queue(Unit *u) { + if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(m))) + continue; + ++ /* We only enqueue siblings if they were realized once at least, in the main ++ * hierarchy. */ ++ if (!m->cgroup_realized) ++ continue; ++ + /* If the unit doesn't need any new controllers and has current ones realized, it + * doesn't need any changes. */ + if (unit_has_mask_realized(m, +-- +2.27.0 + diff --git a/10008-core-add-a-config-item-to-support-setting-the-value-.patch b/10008-core-add-a-config-item-to-support-setting-the-value-.patch new file mode 100644 index 0000000..272d61b --- /dev/null +++ b/10008-core-add-a-config-item-to-support-setting-the-value-.patch @@ -0,0 +1,120 @@ +From f21d63650318791f29f56dc26f23acb5b53620a6 Mon Sep 17 00:00:00 2001 +From:Yuanhong Peng +Date: Tue, 19 Apr 2022 14:13:49 +0800 +Subject: [PATCH] core: add a config item to support setting the value + +--- + src/core/main.c | 69 +++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 69 insertions(+) + +diff --git a/src/core/main.c b/src/core/main.c +index 81dae1c..0712423 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -140,6 +140,7 @@ static NUMAPolicy arg_numa_policy; + static bool reexec_jmp_can = false; + static bool reexec_jmp_inited = false; + static sigjmp_buf reexec_jmp_buf; ++static bool arg_default_cpuset_clone_children = false; + + static int parse_configuration(const struct rlimit *saved_rlimit_nofile, + const struct rlimit *saved_rlimit_memlock); +@@ -527,6 +528,14 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat + return 0; + + parse_path_argument_and_warn(value, false, &arg_watchdog_device); ++ ++ } else if (proc_cmdline_key_streq(key, "systemd.cpuset_clone_children") && value) { ++ ++ r = parse_boolean(value); ++ if (r < 0) ++ log_warning("Failed to parse cpuset_clone_children switch %s. Ignoring.", value); ++ else ++ arg_default_cpuset_clone_children = r; + + } else if (streq(key, "quiet") && !value) { + +@@ -756,6 +765,7 @@ static int parse_config_file(void) { + { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting }, + { "Manager", "DefaultTasksMax", config_parse_tasks_max, 0, &arg_default_tasks_max }, + { "Manager", "CtrlAltDelBurstAction", config_parse_emergency_action, 0, &arg_cad_burst_action }, ++ { "Manager", "DefaultCPUSetCloneChildren",config_parse_bool, 0, &arg_default_cpuset_clone_children }, + {} + }; + +@@ -1872,6 +1882,64 @@ static void log_execution_mode(bool *ret_first_boot) { + } + } + ++static bool is_use_triple_cgroup(void) { ++ const char * path ="/sys/fs/cgroup/cpuset"; ++ _cleanup_strv_free_ char **l = NULL; ++ char buf[128] = {0}; ++ int r; ++ ++ r = is_symlink(path); ++ if (r <= 0) ++ return false; ++ ++ r = readlink(path, buf, sizeof(buf)); ++ if (r < 0 || (unsigned int)r >= sizeof(buf)) ++ return false; ++ ++ buf[r] = '\0'; ++ l = strv_split(buf, ","); ++ if (!l) ++ return false; ++ ++ strv_sort(l); ++ if (strv_length(l) != 3) ++ return false; ++ ++ if (streq(l[0],"cpu") && streq(l[1], "cpuacct") && ++ streq(l[2], "cpuset")) { ++ log_debug(PACKAGE_STRING " use_triple_cgroup: %s", buf); ++ return true; ++ } ++ return false; ++} ++ ++static int ali_handle_cpuset_clone_children(void) ++{ ++ const char *file = "/sys/fs/cgroup/cpuset/cgroup.clone_children"; ++ _cleanup_free_ char *buf = NULL; ++ int r; ++ ++ r = read_one_line_file(file, &buf); ++ if (r < 0) { ++ log_warning_errno(r, "Cannot read %s: %m", file); ++ return r; ++ } ++ ++ if (streq(buf, "1") && arg_default_cpuset_clone_children) ++ return 0; ++ ++ if (streq(buf, "0") && (!arg_default_cpuset_clone_children)) ++ return 0; ++ ++ if (!is_use_triple_cgroup()) ++ return 0; ++ ++ r = write_string_file(file, one_zero(arg_default_cpuset_clone_children), 0); ++ log_info(PACKAGE_STRING " set %s to %s, ret=%d", file, one_zero(arg_default_cpuset_clone_children), r); ++ return r; ++} ++ ++ + static int initialize_runtime( + bool skip_setup, + struct rlimit *saved_rlimit_nofile, +@@ -1906,6 +1974,7 @@ static int initialize_runtime( + return r; + } + ++ ali_handle_cpuset_clone_children(); + status_welcome(); + hostname_setup(); + machine_id_setup(NULL, arg_machine_id, NULL); +-- +2.27.0 + diff --git a/10009-systemd-anolis-support-loongarch64.patch b/10009-systemd-anolis-support-loongarch64.patch new file mode 100644 index 0000000..b76c8e0 --- /dev/null +++ b/10009-systemd-anolis-support-loongarch64.patch @@ -0,0 +1,56 @@ +From c8b7c2b34bd451cd9d5904fc215ad14893008a03 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 19 Apr 2022 14:25:05 +0800 +Subject: [PATCH] support loongarch64 for systemd + +--- + src/basic/architecture.c | 3 +++ + src/basic/architecture.h | 4 ++++ + 2 files changed, 7 insertions(+) + +diff --git a/src/basic/architecture.c b/src/basic/architecture.c +index 85837b5..96bbf97 100644 +--- a/src/basic/architecture.c ++++ b/src/basic/architecture.c +@@ -118,6 +118,8 @@ int uname_architecture(void) { + #elif defined(__arc__) + { "arc", ARCHITECTURE_ARC }, + { "arceb", ARCHITECTURE_ARC_BE }, ++#elif defined(__loongarch64) ++ { "loongarch64", ARCHITECTURE_LOONGARCH64 }, + #else + #error "Please register your architecture here!" + #endif +@@ -173,6 +175,7 @@ static const char *const architecture_table[_ARCHITECTURE_MAX] = { + [ARCHITECTURE_RISCV64] = "riscv64", + [ARCHITECTURE_ARC] = "arc", + [ARCHITECTURE_ARC_BE] = "arc-be", ++ [ARCHITECTURE_LOONGARCH64] = "loongarch64", + }; + + DEFINE_STRING_TABLE_LOOKUP(architecture, int); +diff --git a/src/basic/architecture.h b/src/basic/architecture.h +index 443e890..22e9108 100644 +--- a/src/basic/architecture.h ++++ b/src/basic/architecture.h +@@ -44,6 +44,7 @@ enum { + ARCHITECTURE_RISCV64, + ARCHITECTURE_ARC, + ARCHITECTURE_ARC_BE, ++ ARCHITECTURE_LOONGARCH64, + _ARCHITECTURE_MAX, + _ARCHITECTURE_INVALID = -1 + }; +@@ -229,6 +230,9 @@ int uname_architecture(void); + # define native_architecture() ARCHITECTURE_ARC + # define LIB_ARCH_TUPLE "arc-linux" + # endif ++#elif defined(__loongarch64) ++# define native_architecture() ARCHITECTURE_LOONGARCH64 ++# define LIB_ARCH_TUPLE "loongarch64-linux-gnu" + #else + # error "Please register your architecture here!" + #endif +-- +2.27.0 + diff --git a/systemd.spec b/systemd.spec index 2027214..5ef0131 100644 --- a/systemd.spec +++ b/systemd.spec @@ -1,3 +1,4 @@ +%define anolis_release .0.3 #global gitcommit 10e465b5321bd53c1fc59ffab27e724535c6bc0f %{?gitcommit:%global gitcommitshort %(c=%{gitcommit}; echo ${c:0:7})} @@ -13,7 +14,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 239 -Release: 58%{?dist}.8 +Release: 58%{anolis_release}%{?dist}.8 # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -821,6 +822,16 @@ Patch0768: 0768-core-Add-trigger-limit-for-path-units.patch Patch0769: 0769-resolved-pin-stream-while-calling-callbacks-for-it.patch Patch0770: 0770-core-move-reset_arguments-to-the-end-of-main-s-finis.patch +Patch10000: 10000-core-fix-a-null-reference-case-in-load_from_path.patch +Patch10001: 10001-sysctl-Don-t-pass-null-directive-argument-to-s.patch +Patch10002: 10002-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch +Patch10003: 10003-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch +Patch10004: 10004-Do-not-go-into-freeze-when-systemd-crashd.patch +Patch10005: 10005-mount-setup-change-the-system-mount-propagation-to-s.patch +Patch10006: 10006-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch +Patch10007: 10007-cgroup-update-only-siblings-that-got-realized-once.patch +Patch10008: 10008-core-add-a-config-item-to-support-setting-the-value-.patch +Patch10009: 10009-systemd-anolis-support-loongarch64.patch %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 @@ -1450,6 +1461,18 @@ fi %files tests -f .file-list-tests %changelog +* Wed Nov 02 2022 Yuanhong Peng - 239-58.0.3.8 +- core: fix a null reference case in load_from_path() +- sysctl: Don't pass null directive argument to '%s' +- exit-status: introduce EXIT_EXCEPTION mapping to 255 +- main: don't freeze PID 1 in containers, exit with non-zero instead +- Do not go into freeze when systemd crashd +- mount-setup: change the system mount propagation to shared by default only at bootup +- cgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() unsigned +- cgroup: update only siblings that got realized once +- core: add a config item to support setting the value of cpuset.clone_children when systemd is starting +- support loongarch for systemd + * Wed Sep 21 2022 systemd maintenance team - 239-58.8 - unit-name: tighten checks for building valid unit names (#2094712) - core: shorten long unit names that are based on paths and append path hash at the end (#2094712) -- Gitee From 129130a73a256d506349ee3f088b1997d236c732 Mon Sep 17 00:00:00 2001 From: Yuanhong Peng Date: Wed, 18 May 2022 10:24:07 +0800 Subject: [PATCH 3/5] test-catalog: Fix coredump when compiled under GCC10 Signed-off-by: Yuanhong Peng --- ...x-coredump-when-compiled-under-GCC10.patch | 56 +++++++++++++++++++ systemd.spec | 2 + 2 files changed, 58 insertions(+) create mode 100644 10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch diff --git a/10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch b/10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch new file mode 100644 index 0000000..d4054b4 --- /dev/null +++ b/10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch @@ -0,0 +1,56 @@ +From 5209a26aa917aa54b09ee18394ad46ee601e77be Mon Sep 17 00:00:00 2001 +From: Yuanhong Peng +Date: Tue, 17 May 2022 21:34:34 +0800 +Subject: [PATCH] test-catalog: Fix coredump when compiled under GCC10 + +According to the documentation: +https://gcc.gnu.org/gcc-9/porting_to.html#complit: + +The `catalog_dirs` produced by STRV_MAKE(..) marco relies on +the extended lifetime feature which is fixed by GCC9. + +Signed-off-by: Yuanhong Peng +--- + src/journal/test-catalog.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/src/journal/test-catalog.c b/src/journal/test-catalog.c +index 0c4da29..2ce92af 100644 +--- a/src/journal/test-catalog.c ++++ b/src/journal/test-catalog.c +@@ -201,7 +201,8 @@ static void test_catalog_file_lang(void) { + + int main(int argc, char *argv[]) { + _cleanup_(unlink_tempfilep) char database[] = "/tmp/test-catalog.XXXXXX"; +- _cleanup_free_ char *text = NULL, *catalog_dir = NULL; ++ _cleanup_free_ char *text = NULL; ++ char *catalog_dir = CATALOG_DIR; + int r; + + setlocale(LC_ALL, "de_DE.UTF-8"); +@@ -214,10 +215,9 @@ int main(int argc, char *argv[]) { + * If it is not, e.g. installed by systemd-tests package, then use installed catalogs. */ + if (test_is_running_from_builddir(NULL)) { + assert_se(catalog_dir = path_join(NULL, ABS_BUILD_DIR, "catalog")); +- catalog_dirs = STRV_MAKE(catalog_dir); +- } else +- catalog_dirs = STRV_MAKE(CATALOG_DIR); ++ } + ++ catalog_dirs = STRV_MAKE(catalog_dir); + assert_se(access(catalog_dirs[0], F_OK) >= 0); + log_notice("Using catalog directory '%s'", catalog_dirs[0]); + +@@ -242,5 +242,9 @@ int main(int argc, char *argv[]) { + assert_se(catalog_get(database, SD_MESSAGE_COREDUMP, &text) >= 0); + printf(">>>%s<<<\n", text); + ++ /* Only in this case, catalog_dir is malloced */ ++ if (test_is_running_from_builddir(NULL)) ++ free(catalog_dir); ++ + return 0; + } +-- +2.27.0 + diff --git a/systemd.spec b/systemd.spec index 5ef0131..3883ddd 100644 --- a/systemd.spec +++ b/systemd.spec @@ -832,6 +832,7 @@ Patch10006: 10006-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch Patch10007: 10007-cgroup-update-only-siblings-that-got-realized-once.patch Patch10008: 10008-core-add-a-config-item-to-support-setting-the-value-.patch Patch10009: 10009-systemd-anolis-support-loongarch64.patch +Patch10010: 10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 @@ -1472,6 +1473,7 @@ fi - cgroup: update only siblings that got realized once - core: add a config item to support setting the value of cpuset.clone_children when systemd is starting - support loongarch for systemd +- test-catalog: Fix coredump when compiled under GCC10 * Wed Sep 21 2022 systemd maintenance team - 239-58.8 - unit-name: tighten checks for building valid unit names (#2094712) -- Gitee From f85c377ada8e6c0d1db9ed3abddce09519d90f7d Mon Sep 17 00:00:00 2001 From: Liwei Ge Date: Tue, 26 Jul 2022 22:05:44 +0800 Subject: [PATCH 4/5] hwdb: add Iluvatar CoreX https://bugzilla.openanolis.cn/show_bug.cgi?id=1740 Signed-off-by: Liwei Ge --- 10011-hwdb-add-Iluvatar-CoreX.patch | 44 +++++++++++++++++++++++++++++ systemd.spec | 2 ++ 2 files changed, 46 insertions(+) create mode 100644 10011-hwdb-add-Iluvatar-CoreX.patch diff --git a/10011-hwdb-add-Iluvatar-CoreX.patch b/10011-hwdb-add-Iluvatar-CoreX.patch new file mode 100644 index 0000000..e08657c --- /dev/null +++ b/10011-hwdb-add-Iluvatar-CoreX.patch @@ -0,0 +1,44 @@ +From 28e47526dce925e6f32cf79825d38fd10e1f442a Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 26 Jul 2022 22:01:58 +0800 +Subject: [PATCH] hwdb: add Iluvatar CoreX + +Signed-off-by: rpm-build +--- + hwdb/20-pci-vendor-model.hwdb | 6 ++++++ + hwdb/pci.ids | 2 ++ + 2 files changed, 8 insertions(+) + +diff --git a/hwdb/20-pci-vendor-model.hwdb b/hwdb/20-pci-vendor-model.hwdb +index 0020046..78926f8 100644 +--- a/hwdb/20-pci-vendor-model.hwdb ++++ b/hwdb/20-pci-vendor-model.hwdb +@@ -71141,6 +71141,12 @@ pci:v00001EEC* + pci:v00001EFB* + ID_VENDOR_FROM_DATABASE=Flexxon Pte Ltd + ++pci:v00001E3E* ++ ID_VENDOR_FROM_DATABASE=Iluvatar CoreX ++ ++pci:v00001E3Ed00000001* ++ ID_MODEL_FROM_DATABASE=Iluvatar BI-V100 ++ + pci:v00001FC0* + ID_VENDOR_FROM_DATABASE=Ascom (Finland) Oy + +diff --git a/hwdb/pci.ids b/hwdb/pci.ids +index 40ee143..d6661c7 100644 +--- a/hwdb/pci.ids ++++ b/hwdb/pci.ids +@@ -21543,6 +21543,8 @@ + 0003 alst4x + 1dfc JSC NT-COM + 1181 TDM 8 Port E1/T1/J1 Adapter ++1e3e Iluvatar CoreX ++ 0001 Iluvatar BI-V100 + # nee Tumsan Oy + 1fc0 Ascom (Finland) Oy + 0300 E2200 Dual E1/Rawpipe Card +-- +2.27.0 + diff --git a/systemd.spec b/systemd.spec index 3883ddd..24763e5 100644 --- a/systemd.spec +++ b/systemd.spec @@ -833,6 +833,7 @@ Patch10007: 10007-cgroup-update-only-siblings-that-got-realized-once.patch Patch10008: 10008-core-add-a-config-item-to-support-setting-the-value-.patch Patch10009: 10009-systemd-anolis-support-loongarch64.patch Patch10010: 10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch +Patch10011: 10011-hwdb-add-Iluvatar-CoreX.patch %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 @@ -1474,6 +1475,7 @@ fi - core: add a config item to support setting the value of cpuset.clone_children when systemd is starting - support loongarch for systemd - test-catalog: Fix coredump when compiled under GCC10 +- add Iluvatar CoreX pci id(Liwei Ge) * Wed Sep 21 2022 systemd maintenance team - 239-58.8 - unit-name: tighten checks for building valid unit names (#2094712) -- Gitee From e0a4922f408a54a73dd55f199431111c64e62cd3 Mon Sep 17 00:00:00 2001 From: Liwei Ge Date: Thu, 22 Sep 2022 10:38:05 +0800 Subject: [PATCH 5/5] seccomp: add loongarch support --- 10012-seccomp-add-loongarch-support.patch | 79 +++++++++++++++++++++++ systemd.spec | 8 ++- 2 files changed, 84 insertions(+), 3 deletions(-) create mode 100644 10012-seccomp-add-loongarch-support.patch diff --git a/10012-seccomp-add-loongarch-support.patch b/10012-seccomp-add-loongarch-support.patch new file mode 100644 index 0000000..69b1b90 --- /dev/null +++ b/10012-seccomp-add-loongarch-support.patch @@ -0,0 +1,79 @@ +From 1894533699f7e01c80e896c5d022275777344492 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Thu, 22 Sep 2022 10:33:54 +0800 +Subject: [PATCH] seccomp: add loongarch support + +--- + src/shared/seccomp-util.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c +index c57c409..63a875c 100644 +--- a/src/shared/seccomp-util.c ++++ b/src/shared/seccomp-util.c +@@ -42,6 +42,8 @@ const uint32_t seccomp_local_archs[] = { + SCMP_ARCH_AARCH64, /* native */ + #elif defined(__arm__) + SCMP_ARCH_ARM, ++#elif defined(__loongarch__) ++ SCMP_ARCH_LOONGARCH64, + #elif defined(__mips__) && __BYTE_ORDER == __BIG_ENDIAN && _MIPS_SIM == _MIPS_SIM_ABI32 + SCMP_ARCH_MIPSEL, + SCMP_ARCH_MIPS, /* native */ +@@ -136,6 +138,10 @@ const char* seccomp_arch_to_string(uint32_t c) { + return "s390"; + case SCMP_ARCH_S390X: + return "s390x"; ++#if defined(__loongarch__) ++ case SCMP_ARCH_LOONGARCH64: ++ return "loongarch64"; ++#endif + default: + return NULL; + } +@@ -181,6 +187,10 @@ int seccomp_arch_from_string(const char *n, uint32_t *ret) { + *ret = SCMP_ARCH_S390; + else if (streq(n, "s390x")) + *ret = SCMP_ARCH_S390X; ++#if defined(__loongarch__) ++ else if (streq(n, "loongarch64")) ++ *ret = SCMP_ARCH_LOONGARCH64; ++#endif + else + return -EINVAL; + +@@ -1209,6 +1219,11 @@ int seccomp_protect_sysctl(void) { + if (IN_SET(arch, SCMP_ARCH_X32, SCMP_ARCH_AARCH64)) + /* No _sysctl syscall */ + continue; ++#if defined(__loongarch__) ++ if (IN_SET(arch, SCMP_ARCH_LOONGARCH64)) ++ /* No _sysctl syscall */ ++ continue; ++#endif + + r = seccomp_init_for_arch(&seccomp, arch, SCMP_ACT_ALLOW); + if (r < 0) +@@ -1267,6 +1282,9 @@ int seccomp_restrict_address_families(Set *address_families, bool whitelist) { + case SCMP_ARCH_PPC: + case SCMP_ARCH_PPC64: + case SCMP_ARCH_PPC64LE: ++#if defined(__loongarch__) ++ case SCMP_ARCH_LOONGARCH64: ++#endif + default: + /* These we either know we don't support (i.e. are the ones that do use socketcall()), or we + * don't know */ +@@ -1543,6 +1561,9 @@ int seccomp_memory_deny_write_execute(void) { + case SCMP_ARCH_X86_64: + case SCMP_ARCH_X32: + case SCMP_ARCH_AARCH64: ++#if defined(__loongarch__) ++ case SCMP_ARCH_LOONGARCH64: ++#endif + filter_syscall = SCMP_SYS(mmap); /* amd64, x32, and arm64 have only mmap */ + shmat_syscall = SCMP_SYS(shmat); + break; +-- +2.27.0 + diff --git a/systemd.spec b/systemd.spec index 24763e5..d13e7fe 100644 --- a/systemd.spec +++ b/systemd.spec @@ -1,4 +1,4 @@ -%define anolis_release .0.3 +%define anolis_release .0.4 #global gitcommit 10e465b5321bd53c1fc59ffab27e724535c6bc0f %{?gitcommit:%global gitcommitshort %(c=%{gitcommit}; echo ${c:0:7})} @@ -834,6 +834,7 @@ Patch10008: 10008-core-add-a-config-item-to-support-setting-the-value-.patch Patch10009: 10009-systemd-anolis-support-loongarch64.patch Patch10010: 10010-test-catalog-Fix-coredump-when-compiled-under-GCC10.patch Patch10011: 10011-hwdb-add-Iluvatar-CoreX.patch +Patch10012: 10012-seccomp-add-loongarch-support.patch %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 @@ -1463,7 +1464,7 @@ fi %files tests -f .file-list-tests %changelog -* Wed Nov 02 2022 Yuanhong Peng - 239-58.0.3.8 +* Wed Nov 02 2022 Yuanhong Peng - 239-58.0.4.8 - core: fix a null reference case in load_from_path() - sysctl: Don't pass null directive argument to '%s' - exit-status: introduce EXIT_EXCEPTION mapping to 255 @@ -1475,7 +1476,8 @@ fi - core: add a config item to support setting the value of cpuset.clone_children when systemd is starting - support loongarch for systemd - test-catalog: Fix coredump when compiled under GCC10 -- add Iluvatar CoreX pci id(Liwei Ge) +- add Iluvatar CoreX pci id (Liwei Ge) +- seccomp: add loongarch64 support (Liwei Ge) * Wed Sep 21 2022 systemd maintenance team - 239-58.8 - unit-name: tighten checks for building valid unit names (#2094712) -- Gitee