Yu Watanabe [Sat, 12 Jun 2021 03:26:37 +0000 (12:26 +0900)]
network: start/stop LLDP client on carrier gained/lost
Then, link_acquire_dynamic_conf() matches link_stop_engines().
Previously, LLDP client is started on interface is up, and stopped
on both down and carrier loss.
Yu Watanabe [Sat, 12 Jun 2021 03:01:42 +0000 (12:01 +0900)]
network: reconfigure link after coming back from sleep
Previously, link was reconfigured with `link_carrier_reset()`, but it
just re-request to configure static addresses, routes, etc, and restart
engines (e.g. DHCP client).
However, after coming back from sleep, several link information may be
changed, especially the wifi access point may be different. So, we may
need to reconfigure the interface.
longpanda [Thu, 5 Aug 2021 01:31:44 +0000 (09:31 +0800)]
Fix the "Failed to open random seed ..." message.
When boot ArchLinux from Ventoy, it always print `Failed to open random seed file: write protected.`
As Ventoy emulate the ISO file as a read-only CDROM, I didn't test with a real physical CDROM drive, but maybe it also has such problem.
As we use `EFI_FILE_MODE_WRITE` to open the `loader\random-seed` file, so I think it's better to check the result with both `EFI_WRITE_PROTECTED` and `EFI_NOT_FOUND`.
test: skip a harmless ldd error when installing test libs
Skip a harmless error when running the tests on a system with a significantly
older systemd version (ldd tries to resolve the unprefixed RPATH for libsystemd.so.0,
which is in this case older than the already installed libsystemd.so.0 in $initdir).
The issue is triggered by installing test dependencies in install_missing_libraries().
Spotted on CentOS 8.
```
$ ldd /var/tmp/systemd-test.nZO11F/root/lib/systemd/tests/test-sd-device-thread
/var/tmp/systemd-test.nZO11F/root/lib/systemd/tests/test-sd-device-thread: /lib64/libsystemd.so.0: version `LIBSYSTEMD_240' not found (required by /var/tmp/systemd-test.nZO11F/root/lib/systemd/tests/test-sd-device-thread)
linux-vdso64.so.1 (0x00007fffb79d0000)
libclang_rt.asan-powerpc64le.so => /usr/lib64/clang/11.0.0/lib/linux/libclang_rt.asan-powerpc64le.so (0x00007fffb6ef0000)
libsystemd.so.0 => /lib64/libsystemd.so.0 (0x00007fffb6d20000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fffb6cd0000)
libc.so.6 => /lib64/libc.so.6 (0x00007fffb6ab0000)
test: attempt to install only kernel modules for each subsystem
When `linux-headers` is installed on Arch Linux, it stores the module
source tree in the kernel module directory, which is then picked up by
`find` and we get a lot of harmless but annoying errors:
```
...
modprobe: FATAL: Module Kconfig.iosched not found in directory /lib/modules/5.13.7-arch1-1
modprobe: FATAL: Module Kconfig not found in directory /lib/modules/5.13.7-arch1-1
modprobe: FATAL: Module Kconfig not found in directory /lib/modules/5.13.7-arch1-1
modprobe: FATAL: Module dm-mpath.h not found in directory /lib/modules/5.13.7-arch1-1
modprobe: FATAL: Module dm-bio-prison-v2.h not found in directory /lib/modules/5.13.7-arch1-1
modprobe: FATAL: Module raid0.h not found in directory /lib/modules/5.13.7-arch1-1
...
```
Let's fix this by trying to install only kernel modules (*.ko files with
an optional compression).
hwdb: ieee1394-unit-function: correct entries for eAR Master One and Terratec Aureon 7.1 FireWire
The configuration ROM of Acoustic Reality eAR Master One, Eroica, Figaro,
and Ciaccona has OUI for TerraTec Electronic GmbH in its vendor ID field.
As a result, modalias for the unit is the same as Terratec Electronic
Aureon 7.1 FireWire.
Linux FireWire subsystem adds the same modalias for units of the models.
ALSA bebob driver had duplicated entries for them and was changed at
Linux kernel v5.14 to remove the duplicated entries.
It's better to improve corresponding entries in systemd hwdb, while
it's impossible to distinguish the models by modalias and force to use
the same entry for them. As last resort, this commit selects more
popular model, Aureon 7.1 FireWire for ID_VENDOR_FROM_DATABASE and
ID_MODEL_FROM_DATABASE.
hwdb: ieee1394-unit-function: correct comment for Mackie d.2 and d.2 Pro
I had misunderstanding that BridgeCo ASIC would be used for extension
option for Mackie d.2 and OXFW971 would be used for Mackie d.2 Pro like
Mackie d.4 Pro. However, it's clear that the latter is model with
pre-installed option.
This commit fixes commit to entry for Mackie d.2. I note that the modalias
of unit of Mackie d.4 Pro is still unidentified.
hwdb: ieee1394-unit-function: correct comment for Mackie Onyx-i series
Some Mackie Onyx-i models are known to have two revisions at least, which
use different ASICS; Oxford Semiconductor FW971 and TC Applied
Technologies TCD2210. I misunderstand that Onyx 1640i had not such
revisions.
hwdb: ieee1394-unit-function: correct entries for Phonic products
Some of Phonic Firefly series and Helix Board series have the same
combination of vendor ID, model ID, specifier ID, and software
version in their configuration ROM. On the other hand, the other models
have unique combination.
ALSA bebob driver in Linux kernel v5.14 was changed in its modalias table
for the models.
udev-builtin-input_ic: simplify loop in test_key()
We would update 'found' using bit operations, but studiously ignore the actual
value and treat it as boolean. So just use a boolean variable instead. Because
there is a double loop, we would break the inner loop, but repeat the outer
loop, even though the boolean was already set. Add '&& !found' in the loop
conditions to break iteration immediately.
basic/log: use structured initialization, drop unused initialization
We had 'msghdr' and 'mh' in various places. Now 'const struct msghdr msghdr' is
used consistently. With structured init the variable is only used in the call
to sendmsg(), so let's make it a bit more descriptive.
Max Resch [Wed, 4 Aug 2021 15:23:27 +0000 (17:23 +0200)]
sd-boot: time measurements for the ARM64
This adds assembly to read the platform timer from the CP15 coprocessor
register `cntpct_el0` and the frequency from `cntfrq_el0`
units: make sure systemd-tmpfiles-{setup,clean} don't survive switch-root
Normally, these services are killed because we run isolate. But I booted into
emergency mode (because of a futher bug with us timing out improperly on the
luks password prompt), and then continuted to the host system by running
'systemctl start systemd-switch-root.service'. My error, but the results are
confusing and bad: systemd in the host sees 'systemd-tmpfiles-setup.service'
as started successfully, and doesn't restart it, so the setup for /tmp/.X11 is
not done and gdm.service fails. So while we wouldn't encounter this during
normal successful boot, I think it's good to make this more robust.
The dep is added to systemd-tmpfiles-{setup,clean}, because /tmp is not
propagated over switch-root. /dev is, so I didn't touch
systemd-tmpfiles-setup-dev.service.
Michal Koutný [Mon, 21 Jun 2021 15:18:54 +0000 (17:18 +0200)]
ci: Detect shell prompt with higher specificity
The current pattern '#' triggers on the openSUSE kernel version that is
printed early during boot when no actual prompt is ready
> [ 0.000000] Linux version 5.12.10-1-default (geeko@buildhost) (gcc (SUSE Linux) 11.1.1 20210510 [revision 23855a176609fe8dda6abaf2b21846b4517966eb], GNU ld (GNU Binutils; openSUSE Tumbleweed) 2.36.1.20210326-4) #1 SMP Fri Jun 11 05:05:06 UTC 2021 (b92eaf7)
Instead wait for pattern that: a) should have fewer false positives, b)
still be with working on distro shells:
Michal Koutný [Fri, 12 Feb 2021 17:13:59 +0000 (18:13 +0100)]
ci: Do not require network in test images
The current boot test relies on terminal login, therefore network setup
inside image is unnecessary. This opens up possibility to test images
that don't support the network setup via veth devices.
Luca Boccassi [Tue, 3 Aug 2021 14:00:40 +0000 (15:00 +0100)]
tree-wide: voidify unchecked close_nointr calls
These have ignored the return value forever. Two are public APIs so
we can't really change what they return anyway, and the other one is
a cleanup path and the existing error code is more important.
In general we almost never hit those asserts in production code, so users see
them very rarely, if ever. But either way, we just need something that users
can pass to the developers.
We have quite a few of those asserts, and some have fairly nice messages, but
many are like "WTF?" or "???" or "unexpected something". The error that is
printed includes the file location, and function name. In almost all functions
there's at most one assert, so the function name alone is enough to identify
the failure for a developer. So we don't get much extra from the message, and
we might just as well drop them.
Dropping them makes our code a tiny bit smaller, and most importantly, improves
development experience by making it easy to insert such an assert in the code
without thinking how to phrase the argument.
When copying large directory trees it should be a better idea to sync
the whole fs once when we are done instead of individually for each
file, hence add COPY_SYNCFS.
As opposed to COPY_FSYNC/COPY_FSYNC_FULL this only really applies to the
top-level directory, after completion of the whole copy.
As a safety precaution it makes sense to fsync() files after copying
them, and maybe even the directories they are contained in. Let's add a
flag for these two cases.
copy: tighten destination checks when copying files
let's make sure we only operate on regular files when copying files.
Also, make sure to copy file attributes only over if target is a regular
file (so that copying a file to /dev/null won't alter the access
mode/ownership of that device node...)
(This might not look like a big improvement, but will shortly, when we
add fsync() support to the copy logic, at which point there are more
error paths we can unify that way.)
While we are at it, tweak a clean-up path: only unlink a copied file if
we are definitely the ones who created them, i.e. if O_EXCL is set.
PR #20176 broke building of the cryptsetup token logic. This wasn't
noticed before the PR was merged, because the only CIs new enough to be
able to build the token logic (the Fedora Rawhide ones) didn't actually
run at all on the PR.
Let's add the missing hookup for the TPM2 PCR bank logic also to the
token module, to make the CI pass again.
Previously, we'd encode PCR policies strictly with the SHA256 PCR bank
set. However, as it appears not all hw implement those. Sad.
Let's add some minimal logic to auto-detect supported PCR banks: if
SHA256 is supported, use that. But if not, automatically fall back to
SHA1.
This then changes both the LUKS code, and the credentials code to
serialize the selected bank, along with the rest of the data in order to
make this robust.
This extends the LUK2 JSON metadata in a compatible way. The credentials
encryption format is modified in an incompatible way however, but given
that this is not part of any official release should be OK.
Boot loaders are software like any other, and hence muse be updated in
regular intervals. Let's add a simple (optional) service that updates
sd-boot automatically from the host if it is found installed but
out-of-date in the ESP.
Note that traditional distros probably should invoke "bootctl update"
directly from the package scripts whenver they update the sd-boot
package. This new service is primarily intended for image-based update
systems, i.e. where the rootfs or /usr are atomically updated in A/B
style and where the current boot loader should be synced into the ESP
from the currently booted image every now and then. It can also act as
safety net if the packaging scripts in classic systems are't doing the
bootctl update stuff themselves.
Since updating boot loaders mit be a tiny bit risky (even though we try
really hard to make them robust, by fsck'ing the ESP and mounting it only on
demand, by doing updates mostly as single file updates and by fsync()ing
heavily) this is an optional feature, i.e. subject to "systemctl
enable". However, since it's the right thing to do I think, it's enabled
by default via the preset logic.
Note that the updating logic is implemented gracefully: i.e. it's a NOP
if the boot loader is already new enough, or was never installed.
bootctl: tweak "bootctl update" to be a NOP when boot loader is already current and --graceful is given
Previously, the "bootctl update" logic would refrain from downrgading a
boot loader, but if the boot loader that is installed already matched
the version we could install we'd install it anyway, under the
assumption this was effectively without effect. This behaviour was handy
while developing boot loaders, since installing a modified boot loader
didn't require a version bump.
However, outside of the systems of boot loader developers I don't think
this behaviour makes much sense: we should always emphasize doing
minimal changes to the ESP, hence when an update is supposedly not
necessary, then don't do it. Only update if it really makes sense, to
minimize writes to the ESP. Updating the boot loader is a good thing
after all, but doing so redundantly is not.
Also, downgrade the message about this to LOG_NOTICE, given this
shouldn't be a reason to log.
Finally, exit cleanly in this cases (or if another boot loader is
detected)
let's share some code between import_url_last_component() and
import_url_change_last_component(), and make sure we never eat up the
hostname component of the URL when parsing out the last component.
Let's also make import_url_change_last_component() more generic so that
we can also use it for append components to paths, instead of replacing
suffixes.
util: add one more helper for generating colored check mark glyphs
This one is useful for a outputs with a slightly more "positive"
outlook, i.e. where only the checkmarks are shown but the crossmarks are
replaced by spaces.
(Usecase: a larger table with many checkmarks, where the red crossmarks
might just be too much negative noise)
Now that CONST_MAX() is a bit more foregiving, let's stick to the native
return type of sizeof() everywhere, which is size_t, instead of casting
to "unsigned", so that on the common archs we don't unnecessarily lose
the upper 32bits.
This checked for strict type compatibility so far, which mean CONST_MAX()
couldn't be used on two differently signed integers, even though
conceptually there's nothing wrong with allowing that here, as C
correctly picks the larger type in the ternary op.
hence, let's explicitly whitelist integer comparisons here, as long as
the signedness matches.
projects / thirdparty / systemd.git / log
