meson_version : '>= 0.60.0',
)
-libsystemd_version = '0.38.0'
-libudev_version = '1.7.8'
+libsystemd_version = '0.39.0'
+libudev_version = '1.7.9'
conf = configuration_data()
conf.set_quoted('PROJECT_URL', 'https://systemd.io/')
#####################################################################
# Try to install the git pre-commit hook
-add_git_hook_sh = find_program('tools/add-git-hook.sh', required : false)
-if add_git_hook_sh.found()
- git_hook = run_command(add_git_hook_sh, check : false)
+git_setup_sh = find_program('tools/git-setup.sh', required : false)
+if git_setup_sh.found()
+ git_hook = run_command(git_setup_sh, check : false)
if git_hook.returncode() == 0
message(git_hook.stdout().strip())
endif
sshdconfdir = sysconfdir / 'ssh/sshd_config.d'
endif
+sshdprivsepdir = get_option('sshdprivsepdir')
+conf.set10('CREATE_SSHDPRIVSEPDIR', sshdprivsepdir != 'no' and not sshdprivsepdir.startswith('/usr/'))
+conf.set('SSHDPRIVSEPDIR', sshdprivsepdir, description : 'SSH privilege separation directory')
+
libcryptsetup_plugins_dir = get_option('libcryptsetup-plugins-dir')
if libcryptsetup_plugins_dir == ''
libcryptsetup_plugins_dir = libdir / 'cryptsetup'
conf.set_quoted('SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH', bindir / 'systemd-tty-ask-password-agent')
conf.set_quoted('SYSTEMD_UPDATE_HELPER_PATH', libexecdir / 'systemd-update-helper')
conf.set_quoted('SYSTEMD_USERWORK_PATH', libexecdir / 'systemd-userwork')
+conf.set_quoted('SYSTEMD_MOUNTWORK_PATH', libexecdir / 'systemd-mountwork')
+conf.set_quoted('SYSTEMD_NSRESOURCEWORK_PATH', libexecdir / 'systemd-nsresourcework')
conf.set_quoted('SYSTEMD_VERITYSETUP_PATH', libexecdir / 'systemd-veritysetup')
conf.set_quoted('SYSTEM_CONFIG_UNIT_DIR', pkgsysconfdir / 'system')
conf.set_quoted('SYSTEM_DATA_UNIT_DIR', systemunitdir)
want_tests = get_option('tests')
slow_tests = want_tests != 'false' and get_option('slow-tests')
fuzz_tests = want_tests != 'false' and get_option('fuzz-tests')
+integration_tests = want_tests != 'false' and get_option('integration-tests')
install_tests = want_tests != 'false' and get_option('install-tests')
if add_languages('cpp', native : false, required : fuzzer_build)
error('POSIX caps headers not found')
endif
foreach header : ['crypt.h',
+ 'linux/ioprio.h',
'linux/memfd.h',
+ 'linux/time_types.h',
'linux/vm_sockets.h',
'sys/auxv.h',
+ 'sys/sdt.h',
'threads.h',
'valgrind/memcheck.h',
'valgrind/valgrind.h',
- 'linux/time_types.h',
- 'sys/sdt.h',
]
conf.set10('HAVE_' + header.underscorify().to_upper(),
bpf_compiler = get_option('bpf-compiler')
libbpf = dependency('libbpf',
required : bpf_framework,
- version : bpf_compiler == 'gcc' ? '>= 1.0.0' : '>= 0.1.0')
+ version : bpf_compiler == 'gcc' ? '>= 1.4.0' : '>= 0.1.0')
conf.set10('HAVE_LIBBPF', libbpf.found())
if not libbpf.found()
version : '>= 15',
required : get_option('kmod'))
conf.set10('HAVE_KMOD', libkmod.found())
+libkmod_cflags = libkmod.partial_dependency(includes: true, compile_args: true)
libxenctrl = dependency('xencontrol',
version : '>= 4.9',
'crypt_reencrypt_init_by_passphrase',
'crypt_reencrypt',
'crypt_set_data_offset',
- 'crypt_set_keyring_to_link']
+ 'crypt_set_keyring_to_link',
+ 'crypt_resume_by_volume_key']
have_ident = have and cc.has_function(
ident,
prefix : '#include <libcryptsetup.h>',
# link to neither of the libs if one is not found
libgcrypt = []
libgpg_error = []
+ libgcrypt_cflags = []
+else
+ libgcrypt_cflags = libgcrypt.partial_dependency(includes: true, compile_args: true)
endif
conf.set10('HAVE_GCRYPT', have)
have = get_option('homed').require(
conf.get('HAVE_OPENSSL') == 1 and
conf.get('HAVE_LIBFDISK') == 1 and
- conf.get('HAVE_LIBCRYPTSETUP') == 1,
+ conf.get('HAVE_LIBCRYPTSETUP') == 1 and
+ conf.get('HAVE_CRYPT_RESUME_BY_VOLUME_KEY') == 1,
error_message : 'openssl, fdisk and libcryptsetup required').allowed()
conf.set10('ENABLE_HOMED', have)
feature = get_option('vmspawn').disable_auto_if(conf.get('BUILD_MODE_DEVELOPER') == 0)
conf.set10('ENABLE_VMSPAWN', feature.allowed())
+conf.set10('DEFAULT_MOUNTFSD_TRUSTED_DIRECTORIES', get_option('default-mountfsd-trusted-directories'))
+
foreach term : ['analyze',
'backlight',
'binfmt',
'localed',
'logind',
'machined',
+ 'mountfsd',
'networkd',
'nscd',
+ 'nsresourced',
'nss-myhostname',
'nss-systemd',
'oomd',
bpf_gcc_flags = [
'-std=gnu11',
'-fno-stack-protector',
+ '-fno-ssa-phiopt',
'-O2',
- '-mkernel=5.2',
'-mcpu=v3',
'-mco-re',
'-gbtf',
'-c',
]
+ # If c_args contains these flags copy them along with the values, in order to avoid breaking
+ # reproducible builds and other functionality
+ propagate_cflags = [
+ '-ffile-prefix-map=',
+ '-fdebug-prefix-map=',
+ '-fmacro-prefix-map=',
+ ]
+
+ foreach opt : c_args
+ foreach flag : propagate_cflags
+ if opt.startswith(flag)
+ bpf_clang_flags += [opt]
+ bpf_gcc_flags += [opt]
+ break
+ endif
+ endforeach
+ endforeach
+
# Generate defines that are appropriate to tell the compiler what architecture
# we're compiling for. By default we just map meson's cpu_family to __<cpu_family>__.
# This dictionary contains the exceptions where this doesn't work.
'riscv32' : ['-D__riscv', '-D__riscv_xlen=32'],
'riscv64' : ['-D__riscv', '-D__riscv_xlen=64'],
'x86' : ['-D__i386__'],
+ 's390x' : ['-D__s390__', '-D__s390x__'],
# For arm, assume hardware fp is available.
'arm' : ['-D__arm__', '-D__ARM_PCS_VFP'],
bpf_o_unstripped_cmd += ['-I.']
- if not meson.is_cross_build() and bpf_compiler == 'clang'
+ if not meson.is_cross_build()
target_triplet_cmd = run_command('gcc', '-dumpmachine', check: false)
if target_triplet_cmd.returncode() == 0
target_triplet = target_triplet_cmd.stdout().strip()
#####################################################################
+check_efi_alignment_py = find_program('tools/check-efi-alignment.py')
+
+#####################################################################
+
+use_provided_vmlinux_h = false
+use_generated_vmlinux_h = false
+provided_vmlinux_h_path = get_option('vmlinux-h-path')
+
+# For the more complex BPF programs we really want a vmlinux.h (which is arch
+# specific, but only somewhat bound to kernel version). Ideally the kernel
+# development headers would ship that, but right now they don't. Hence address
+# this in two ways:
+#
+# 1. Provide a vmlinux.h at build time
+# 2. Generate the file on the fly where possible (which requires /sys/ to be mounted)
+#
+# We generally prefer the former (to support reproducible builds), but will
+# fallback to the latter.
+
+if conf.get('BPF_FRAMEWORK') == 1
+ enable_vmlinux_h = get_option('vmlinux-h')
+
+ if enable_vmlinux_h == 'auto'
+ if provided_vmlinux_h_path != ''
+ use_provided_vmlinux_h = true
+ elif fs.exists('/sys/kernel/btf/vmlinux') and \
+ bpftool.found() and \
+ (host_machine.cpu_family() == build_machine.cpu_family()) and \
+ host_machine.cpu_family() in ['x86_64', 'aarch64']
+
+ # We will only generate a vmlinux.h from the running
+ # kernel if the host and build machine are of the same
+ # family. Also for now we focus on x86_64 and aarch64,
+ # since other archs don't seem to be ready yet.
+
+ use_generated_vmlinux_h = true
+ endif
+ elif enable_vmlinux_h == 'provided'
+ use_provided_vmlinux_h = true
+ elif enable_vmlinux_h == 'generated'
+ if not fs.exists('/sys/kernel/btf/vmlinux')
+ error('BTF data from kernel not available (/sys/kernel/btf/vmlinux missing), cannot generate vmlinux.h, but was asked to.')
+ endif
+ if not bpftool.found()
+ error('bpftool not available, cannot generate vmlinux.h, but was asked to.')
+ endif
+ use_generated_vmlinux_h = true
+ endif
+endif
+
+if use_provided_vmlinux_h
+ if not fs.exists(provided_vmlinux_h_path)
+ error('Path to provided vmlinux.h does not exist.')
+ endif
+ vmlinux_h_dependency = []
+ bpf_o_unstripped_cmd += ['-I' + fs.parent(provided_vmlinux_h_path)]
+ message('Using provided @0@'.format(provided_vmlinux_h_path))
+elif use_generated_vmlinux_h
+ vmlinux_h_dependency = custom_target(
+ 'vmlinux.h',
+ output: 'vmlinux.h',
+ command : [ bpftool, 'btf', 'dump', 'file', '/sys/kernel/btf/vmlinux', 'format', 'c' ],
+ capture : true)
+
+ bpf_o_unstripped_cmd += ['-I' + fs.parent(vmlinux_h_dependency.full_path())]
+ message('Using generated @0@'.format(vmlinux_h_dependency.full_path()))
+else
+ message('Using neither provided nor generated vmlinux.h, some features will not be available.')
+endif
+
+conf.set10('HAVE_VMLINUX_H', use_provided_vmlinux_h or use_generated_vmlinux_h)
+
+#####################################################################
+
check_version_history_py = find_program('tools/check-version-history.py')
elf2efi_py = find_program('tools/elf2efi.py')
export_dbus_interfaces_py = find_program('tools/dbus_exporter.py')
conf.set_quoted('VERSION_TAG', version_tag)
vcs_tag = get_option('vcs-tag')
-if vcs_tag and fs.is_dir(project_source_root / '.git')
- version_h = vcs_tag(
- input : 'src/version/version.h.in',
- output : 'version.h',
- fallback : '',
- command : ['sh', '-c', 'echo "-g$(git -C . describe --abbrev=7 --match="" --always --dirty=^)"'],
- )
-else
- version_h = configure_file(
- input : 'src/version/version.h.in',
- output : 'version.h',
- configuration : configuration_data({'VCS_TAG' : ''}),
- )
-endif
+command = ['sh', '-c',
+ vcs_tag and fs.exists(project_source_root / '.git') ?
+ 'echo "-g$(git -C . describe --abbrev=7 --match="" --always --dirty=^)"' : ':']
+version_h = vcs_tag(
+ input : 'src/version/version.h.in',
+ output : 'version.h',
+ fallback : '',
+ command : command,
+)
shared_lib_tag = get_option('shared-lib-tag')
if shared_lib_tag == ''
userspace_c_args += ['-include', 'config.h']
-jinja2_cmdline = [meson_render_jinja2, config_h, version_h]
+jinja2_cmdline = [meson_render_jinja2, config_h]
userspace = declare_dependency(
compile_args : userspace_c_args,
include_directories : libsystemd_includes,
link_args : ['-shared',
'-Wl,--version-script=' + libsystemd_sym_path],
- link_with : [libbasic,
- libbasic_gcrypt],
+ link_with : [libbasic],
link_whole : [libsystemd_static],
dependencies : [librt,
threads,
'systemd',
libsystemd_sources,
basic_sources,
- basic_gcrypt_sources,
fundamental_sources,
include_directories : libsystemd_includes,
build_by_default : static_libsystemd != 'false',
dependencies : [libblkid,
libcap,
libdl,
- libgcrypt,
+ libgcrypt_cflags,
liblz4_cflags,
libmount,
libopenssl,
subdir('src/login')
subdir('src/machine')
subdir('src/machine-id-setup')
+subdir('src/mountfsd')
subdir('src/modules-load')
subdir('src/mount')
subdir('src/network')
subdir('src/notify')
subdir('src/nspawn')
+subdir('src/nsresourced')
subdir('src/nss-myhostname')
subdir('src/nss-mymachines')
subdir('src/nss-resolve')
#####################################################################
+mkosi = find_program('mkosi', required : false)
+if integration_tests and not mkosi.found()
+ error('Could not find mkosi which is required to run the integration tests')
+endif
+
+mkosi_depends = public_programs
+
+foreach executable : ['systemd-journal-remote', 'systemd-measure']
+ if executable in executables_by_name
+ mkosi_depends += [executables_by_name[executable]]
+ endif
+endforeach
+
+if mkosi.found()
+ custom_target('mkosi',
+ build_always_stale : true,
+ build_by_default: false,
+ console : true,
+ output : '.',
+ command : [
+ 'mkosi',
+ '--directory', meson.current_source_dir(),
+ '--output-dir', meson.current_build_dir() / 'mkosi.output',
+ '--cache-dir', meson.current_build_dir() / 'mkosi.cache',
+ '--build-dir', meson.current_build_dir() / 'mkosi.builddir',
+ '--force',
+ '--debug',
+ 'build',
+ ],
+ depends : mkosi_depends,
+ )
+endif
+
+############################################################
+
subdir('rules.d')
subdir('test')
'PAM modules directory' : pamlibdir,
'PAM configuration directory' : pamconfdir,
'ssh server configuration directory' : sshdconfdir,
+ 'ssh server privilege separation directory' : sshdprivsepdir,
'ssh client configuration directory' : sshconfdir,
'libcryptsetup plugins directory' : libcryptsetup_plugins_dir,
'RPM macros directory' : rpmmacrosdir,
projects / thirdparty / systemd.git / blobdiff