Yu Watanabe [Tue, 24 Oct 2023 09:13:08 +0000 (18:13 +0900)]
network: do not try to save link state file twice on boot
On enumeration, (that is, before manager_start() is called), enumerated
links may already have the dirty flag. In that case, saving the state
file in manager_start() should clear the flag.
Mike Yuan [Fri, 20 Oct 2023 16:21:20 +0000 (00:21 +0800)]
sleep-config: remove HibernateState= & HybridSleepState=, restrict
SuspendState= not to include "disk"
I don't know why these existed in the first place, but as I
justified in the comments, it's simply not sensible to allow
HibernateState= or HybridSleepState= to take values other than
'disk'. So let's just remove those options. Also, SuspendState=
should not contain 'disk'.
tpm2-util: make tpm2_marshal_blob()/tpm2_unmarshal_blob() static
These are not used outside of tpm2-util.[ch], and the way they merge
public/private key pair into one blob is kinda specific to our
implementation, hence better should be hidden away, and not used for new
code anyway.
We'll soon have a function for determining the name of an NV index,
hence let's rename the existing function for the same of a public key to
make clear it's about public keys only.
Martin Wilck [Fri, 20 Oct 2023 14:25:15 +0000 (16:25 +0200)]
units: modprobe@.service: don't unescape instance name
modprobe treats "-" and "_" interchangeably, thereby avoiding frequent
errors because some module names contain dashes and others underscores.
Because modprobe@.service unescapes the instance name, an attempt to
start "modprobe@dm-crypt.service" will run "modprobe -abq dm/crypt",
which is doomed to fail. "modprobe@dm_crypt.service" will work as
expected. Thus unescaping the instance name has surprising side effects.
Use "%i" instead.
Yu Watanabe [Thu, 19 Oct 2023 16:35:03 +0000 (01:35 +0900)]
network,dhcp: restart client with 'networkctl renew' when delayed by IPv6 only mode
This is convenient when the server supports IPv6 only mode.
Otherwise, we cannot request a new address during the client is waiting an
IPv6 connectivity. Note, the minimal timespan is 5min, and a server may
send a quite large value.
Mike Yuan [Mon, 16 Oct 2023 05:10:01 +0000 (13:10 +0800)]
hibernate-util: introduce hibernation_is_safe
After 7470b80763ac0f598ca1ef73d44763967119c18d, we refuse
to hibernate if we fail to write HibernateLocation EFI
variable and resume= is not set. Let's teach sleep_supported
to follow the practice too.
Mike Yuan [Thu, 28 Sep 2023 01:05:41 +0000 (09:05 +0800)]
hibernate-util: rework find_hibernate_location
* "HibernateLocation" struct is renamed to HibernationDevice
to avoid ambiguity with the EFI variable. Also, it no longer
takes the reference to a SwapEntry object, since it's really
unnecessary (only SwapEntry.path is used), but increases complexity.
* SwapEntry is no longer used externally.
* find_hibernate_location is split into read_swap_entries and
find_suitable_hibernation_device. The former reads all swap entries
into SwapEntries object for later use.
* Make use of btrfs_get_file_physical_offset_fd
Valentin David [Thu, 19 Oct 2023 21:13:45 +0000 (23:13 +0200)]
stub: Ignore the boot counter when looking for .extra.d directory
If `foo+3-0.efi` is booted when there are some files in `foo.efi.extra.d`,
those files are ignored. But after the boot is blessed and the system rebooted,
those file are taken into account, and the boot is different from first
boot. This behavior is a bit puzzling.
Instead we now ignore the counter and always look for the extra files in
`foo.efi.extra.d` and always boot the same way.
Malte Poll [Fri, 20 Oct 2023 12:59:41 +0000 (12:59 +0000)]
mkfs-util: set timezone to UTC when copying files into fat partition
mcopy will set the modification time of created directories to the mtime
of the source directories but converts it to the timezone of the host.
This behavior is identical to Windows / DOS:
> The FAT file system stores time values based on the local time of the computer.
Daan De Meyer [Tue, 17 Oct 2023 14:03:42 +0000 (16:03 +0200)]
mkosi: Use RuntimeTrees= to mount sources
Instead of using ExtraTrees=, let's use the new RuntimeTrees= option
to mount the full repository into the VM/container. Let's also store
the sources under /usr/src/systemd and update the gdbinit file and
vscode HACKING guide section to match the new location.
The commit assumes that if the network interface has multifunctions,
then the function fields of the pci devices under the same PCI bridge
device are unique.
But it seems not, at least on some setups. See issue #28929.
Let's revert the change, and always refuse to set slot base naming if
a PCI bridge is detected.
iovec-util: make IOVEC_INCREMENT a regular function too
Even more than with the previous commit, this is not a trivial function
and there's no reason to believe this will actually be inlined nor that
it would be beneficial.
iovec-util: make IOVEC_TOTAL_SIZE() a regular function
The function isn't necessarily fast (it's O(n)), and there's no reason
to have it defined as inline function, since it's neither fast, nor
entirely trivial.
io-util: split out "struct iovec" related calls into their own .c/.h files
This is preparation for #28891, which adds a bunch more helpers around
"struct iovec", at which point this really deserves its own .c/.h file.
The idea is that we sooner or later can consider "struct iovec" as an
entirely generic mechanism to reference some binary blob, and is the
go-to type for this purpose whenever we need one.
Luca Boccassi [Thu, 19 Oct 2023 19:53:10 +0000 (20:53 +0100)]
executor: return instead of assert on invalid command line arguments
Before the split, it made sense to assert, as checks were on setup.
But now these come from deserialization, and the fuzzer hits the
asserts, so simply return an error instead.
test-recurse-dir: work around nftw() ignoring symlinks()
We have a test where we compare the results from nftw() and our own
resurce_dit_at(). nftw() skips a dangling symlink when running under mkosi and
the test fails. I don't understand why nftw() does that, but in our code we
don't need to test and care about the details of nftw(), which we don't use,
outside of the one test, so let's just skip symlinks in the test.
Frantisek Sumsal [Thu, 19 Oct 2023 13:13:07 +0000 (15:13 +0200)]
test: skip Protect{Home,System}= tests with coverage builds
With coverage builds we disable Protect{Home,System}= via a service.d
dropin in /etc, which has, unfortunately, higher priority than our
transient systemd-run stuff. Let's just skip the affected tests in that
case instead of making the test setup even more complicated.
pid1,vconsole-setup: lock /dev/console instead of the tty device
As requested in https://github.com/systemd/systemd/pull/27867#pullrequestreview-1567161854.
/dev/console, /dev/tty0, and /dev/ttyN are "different" device nodes
that may point to a single underlying device. We want to use a single
lock so that we don't get a race if different writers are using a different
device path, so let's just always lock around /dev/console.
This effectively makes the locking less granular.
Fixup for a0043bfa51281c2374878e2a98cf2a3ee10fd92c.
Fixes https://github.com/systemd/systemd/issues/28721.
Maybe fixes https://github.com/systemd/systemd/issues/28778 and
https://github.com/systemd/systemd/issues/28634.
meson: generate proper version tag when git fails on permission errors
When building with mkosi I would get the following:
[1/477] Generating version.h with a custom command
fatal: detected dubious ownership in repository at '/work/src'
To add an exception for this directory, call:
and then the tag would be generated as 'v254-'. This is obviously some problem
with the setup, but we should handle this gracefully. Let's fall back to 'v254'
instead.
In the case where we have a repo but no tags, use --dirty=^ too, as in the case
with tags.
I tested four cases:
- normal checkout
- checkout with .git removed
- checkout with .git chowned to root
- checkout wiht all tags removed