Benjamin Berg [Fri, 8 Mar 2019 16:42:23 +0000 (17:42 +0100)]
hwdb: Fix airplane mode triggering when resuming HP Spectre x360 13
On these devices the key randomly fires during/after suspend/resume
triggering spurious airplane mode changes. The scancode simply needs to
be ignored.
Yu Watanabe [Tue, 12 Mar 2019 02:35:23 +0000 (11:35 +0900)]
network: automatically pick an address on link when L2TP.Local= is not specified
This makes L2TP.Local= support an empty string, 'auto', 'static', and
'dynamic'. When one of the values are specified, a local address is
automatically picked from the local interface of the tunnel.
Frantisek Sumsal [Wed, 13 Mar 2019 09:07:44 +0000 (10:07 +0100)]
test: avoid double-fsck'ing of the rootfs on Arch
Since systemd 206 the combination of systemd and mkinitcpio
causes, under certain conditions, the rootfs to be double fsck'd.
Symptoms:
```
:: performing fsck on '/dev/sda1'
systemd: clean, 3523/125488 files, 141738/501760 blocks
********************** WARNING **********************
* *
* The root device is not configured to be mounted *
* read-write! It may be fsck'd again later. *
* *
*****************************************************
<snip>
[ OK ] Started File System Check on Root Device
```
This occurs when neither 'ro' or 'rw', or only 'ro' is present
on the kernel command line. The solution is to mount the roofs
as read-write on the kernel command line, so systemd knows to not fsck
it again.
Adam Jackson [Tue, 12 Mar 2019 19:22:13 +0000 (20:22 +0100)]
login: mark nomodeset fb devices as master-of-seat
When 'nomodeset' is specified, there's no DRM driver to take over from
efifb. This means no device will be marked as a seat master, so gdm will
never find a sufficiently active seat to start on.
I'm not aware of an especially good way to detect this through a proper
kernel API, so check for the word 'nomodeset' on the command line and
allow fbdev devices to be seat masters if found.
For https://bugzilla.redhat.com/show_bug.cgi?id=1683197.
Yu Watanabe [Tue, 5 Mar 2019 05:41:56 +0000 (14:41 +0900)]
network: introduce 'degraded-carrier' operstate to order all states
Previously, 'degraded' state is ambiguous for bonding or bridge master:
1. one or more slave interfaces does not have carrier,
2. no link local address is assigned to the master,
3. combination of the above two.
This makes the above case 1 and 3 are in the new 'degraded-carrier'
state, and makes 'degraded' state as all slaves are active but no
link local address on master.
Yu Watanabe [Fri, 1 Mar 2019 04:27:47 +0000 (13:27 +0900)]
network: drop sections contain invalid settings in network_verify()
If e.g., an [Address] section has an invalid setting, then
previously assigned settings in the section is freed, and
only later settings are stored. That may cause partially broken
section stored in Network object.
This makes if an invalid setting is found, then set 'invalid' flag
instead of freeing it. And invalid sections are dropped later by
network_verify().
Yu Watanabe [Tue, 5 Mar 2019 01:51:57 +0000 (10:51 +0900)]
network: add IPv4LL route right after .network file is parsed
Previously, the route is added when the .network config is assigned
to a Link. So, if multiple links match the .network file, the route
entry becomes duplicated in the corresponding Network object.
Yu Watanabe [Fri, 28 Dec 2018 07:11:52 +0000 (16:11 +0900)]
core/namespace: introduce new mount mode READWRITE_IMPLICIT
ProtectSystem=strict or ProtectKernelTunable=yes create implicit
read-write mounts, but they are not overridable by TemporaryFileSystem=.
This makes such implicit read-write mounts use the new mount mode.
So, they can be override by TemproraryFileSystem= now.
A typical usecase is that ProtectSystem=strict and ProtectHome=tmpfs.
fuzz: limit the maximum size of test inputs for a few parsers
We have a few cases or reported issues which are about a timeout to parse
the input in 25 s. In all cases, the input is a few hundred kb. We don't really
care if the config parsers are super efficent, so let's set a limit on the input
size to avoid triggering such issues. The parsers often contain quadratic
algorithms. This is OK, because the numbers of elements are almost always very
small in real use. Rewriting the code to use more complicated data structures
to speed this up would not only complicate the code, but also pessimize behaviour
for the overwhelmingly common case of small samples. Note that in all those
cases, the input data is trusted. We care about memory correctness, and not
not so much about efficiency.
The size checks are done twice: using options for libfuzzer, and using an
internal check for afl. Those should be changed together. I didn't use a define,
because there is no easy mechanism to share the define between the two files.
This is almost the same as 0e636bf51a. I looked through the code,
and I don't see any more instances of this pattern, so hopefully this
will be the last one.
boot: avoid 32-bit calculation for a 64-bit lvalue
Coverity CID#1399116:
> Potentially overflowing expression
> gpt_header_buffer.gpt_header.SizeOfPartitionEntry * gpt_header_buffer.gpt_header.NumberOfPartitionEntries
> with type unsigned int (32 bits, unsigned) is evaluated using 32-bit
> arithmetic, and then used in a context that expects an expression of type
> UINTN (64 bits, unsigned).
Let's import the ALIGN_TO macro to sd-boot and use it to avoid the issue.