From 64ccc2a7e2f4f1d3a37fc60c8da1d235e02e9fe5 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: May 27 2022 00:13:03 +0000 Subject: import systemd-239-59.el8 --- diff --git a/SOURCES/0744-acpi-fpdt-mark-structures-as-packed.patch b/SOURCES/0744-acpi-fpdt-mark-structures-as-packed.patch deleted file mode 100644 index da3fe56..0000000 --- a/SOURCES/0744-acpi-fpdt-mark-structures-as-packed.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 96bc9caf3216b391a1da88b92ca507fa617177f7 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Thu, 23 Apr 2020 08:49:10 +0200 -Subject: [PATCH] acpi-fpdt: mark structures as packed - -Let's make sure the alignment doesn't matter. - -(cherry picked from commit 49490c1d353bc920cbf73f4c71e9c35d2e3eb8b1) - -Related: #2084052 ---- - src/shared/acpi-fpdt.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/shared/acpi-fpdt.c b/src/shared/acpi-fpdt.c -index d565ebd43e..38c464c912 100644 ---- a/src/shared/acpi-fpdt.c -+++ b/src/shared/acpi-fpdt.c -@@ -23,7 +23,7 @@ struct acpi_table_header { - uint32_t oem_revision; - char asl_compiler_id[4]; - uint32_t asl_compiler_revision; --}; -+} _packed_; - - enum { - ACPI_FPDT_TYPE_BOOT = 0, -@@ -36,12 +36,12 @@ struct acpi_fpdt_header { - uint8_t revision; - uint8_t reserved[4]; - uint64_t ptr; --}; -+} _packed_; - - struct acpi_fpdt_boot_header { - char signature[4]; - uint32_t length; --}; -+} _packed_; - - enum { - ACPI_FPDT_S3PERF_RESUME_REC = 0, -@@ -59,7 +59,7 @@ struct acpi_fpdt_boot { - uint64_t startup_start; - uint64_t exit_services_entry; - uint64_t exit_services_exit; --}; -+} _packed; - - int acpi_get_boot_usec(usec_t *loader_start, usec_t *loader_exit) { - _cleanup_free_ char *buf = NULL; diff --git a/SOURCES/0744-core-disallow-using-.service-as-a-service-name.patch b/SOURCES/0744-core-disallow-using-.service-as-a-service-name.patch new file mode 100644 index 0000000..2e5cf37 --- /dev/null +++ b/SOURCES/0744-core-disallow-using-.service-as-a-service-name.patch @@ -0,0 +1,133 @@ +From a4e9cf5b5c5e4c4a6f05825cd9c159283a425ae2 Mon Sep 17 00:00:00 2001 +From: Anita Zhang +Date: Fri, 4 Oct 2019 16:03:04 -0700 +Subject: [PATCH] core: disallow using '-.service' as a service name + +-.service.d will become a special top level drop in so don't let it be a +usable service name (otherwise the interaction gets complicated). + +(cherry picked from commit e23d911664b4fd86eb2c24b64233cb9f23cffdd1) + +Resolves: #2051520 +--- + src/basic/special.h | 4 ++++ + src/basic/unit-name.c | 25 +++++++++++++++++++++++++ + src/basic/unit-name.h | 2 ++ + src/core/service.c | 5 +++++ + src/test/test-unit-name.c | 19 +++++++++++++++++++ + 5 files changed, 55 insertions(+) + +diff --git a/src/basic/special.h b/src/basic/special.h +index 379a3d7979..2915122929 100644 +--- a/src/basic/special.h ++++ b/src/basic/special.h +@@ -103,3 +103,7 @@ + + /* The root directory. */ + #define SPECIAL_ROOT_MOUNT "-.mount" ++ ++/* Used to apply settings to all services through drop-ins. ++ * Should not exist as an actual service. */ ++#define SPECIAL_ROOT_SERVICE "-.service" +diff --git a/src/basic/unit-name.c b/src/basic/unit-name.c +index 614eb8649b..82a666a481 100644 +--- a/src/basic/unit-name.c ++++ b/src/basic/unit-name.c +@@ -668,6 +668,31 @@ good: + return 0; + } + ++bool service_unit_name_is_valid(const char *name) { ++ _cleanup_free_ char *prefix = NULL, *s = NULL; ++ const char *e, *service_name = name; ++ ++ if (!unit_name_is_valid(name, UNIT_NAME_ANY)) ++ return false; ++ ++ e = endswith(name, ".service"); ++ if (!e) ++ return false; ++ ++ /* If it's a template or instance, get the prefix as a service name. */ ++ if (unit_name_is_valid(name, UNIT_NAME_INSTANCE|UNIT_NAME_TEMPLATE)) { ++ assert_se(unit_name_to_prefix(name, &prefix) == 0); ++ assert_se(s = strjoin(prefix, ".service")); ++ service_name = s; ++ } ++ ++ /* Reject reserved service name(s). */ ++ if (streq(service_name, SPECIAL_ROOT_SERVICE)) ++ return false; ++ ++ return true; ++} ++ + int slice_build_parent_slice(const char *slice, char **ret) { + char *s, *dash; + int r; +diff --git a/src/basic/unit-name.h b/src/basic/unit-name.h +index 61abcd585b..21729cba83 100644 +--- a/src/basic/unit-name.h ++++ b/src/basic/unit-name.h +@@ -60,6 +60,8 @@ static inline int unit_name_mangle(const char *name, UnitNameMangle flags, char + return unit_name_mangle_with_suffix(name, flags, ".service", ret); + } + ++bool service_unit_name_is_valid(const char *name); ++ + int slice_build_parent_slice(const char *slice, char **ret); + int slice_build_subslice(const char *slice, const char*name, char **subslice); + bool slice_name_is_valid(const char *name); +diff --git a/src/core/service.c b/src/core/service.c +index e8ae1a5772..b7eb10c044 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -556,6 +556,11 @@ static int service_verify(Service *s) { + } + } + ++ if (!service_unit_name_is_valid(UNIT(s)->id)) { ++ log_unit_error(UNIT(s), "Service name is invalid or reserved. Refusing."); ++ return -ENOEXEC; ++ } ++ + if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP] + && UNIT(s)->success_action == EMERGENCY_ACTION_NONE) { + /* FailureAction= only makes sense if one of the start or stop commands is specified. +diff --git a/src/test/test-unit-name.c b/src/test/test-unit-name.c +index 2b00ef8cb7..b629df5aea 100644 +--- a/src/test/test-unit-name.c ++++ b/src/test/test-unit-name.c +@@ -347,6 +347,24 @@ static void test_unit_name_build(void) { + free(t); + } + ++static void test_service_unit_name_is_valid(void) { ++ assert_se(service_unit_name_is_valid("foo.service")); ++ assert_se(service_unit_name_is_valid("foo@bar.service")); ++ assert_se(service_unit_name_is_valid("foo@bar@bar.service")); ++ assert_se(service_unit_name_is_valid("--.service")); ++ assert_se(service_unit_name_is_valid(".-.service")); ++ assert_se(service_unit_name_is_valid("-foo-bar.service")); ++ assert_se(service_unit_name_is_valid("-foo-bar-.service")); ++ assert_se(service_unit_name_is_valid("foo-bar-.service")); ++ ++ assert_se(!service_unit_name_is_valid("-.service")); ++ assert_se(!service_unit_name_is_valid("")); ++ assert_se(!service_unit_name_is_valid("foo.slice")); ++ assert_se(!service_unit_name_is_valid("@.service")); ++ assert_se(!service_unit_name_is_valid("@bar.service")); ++ assert_se(!service_unit_name_is_valid("-@.service")); ++} ++ + static void test_slice_name_is_valid(void) { + assert_se( slice_name_is_valid(SPECIAL_ROOT_SLICE)); + assert_se( slice_name_is_valid("foo.slice")); +@@ -833,6 +851,7 @@ int main(int argc, char* argv[]) { + test_unit_prefix_is_valid(); + test_unit_name_change_suffix(); + test_unit_name_build(); ++ test_service_unit_name_is_valid(); + test_slice_name_is_valid(); + test_build_subslice(); + test_build_parent_slice(); diff --git a/SOURCES/0745-core-slice-make-slice_freezer_action-return-0-if-fre.patch b/SOURCES/0745-core-slice-make-slice_freezer_action-return-0-if-fre.patch deleted file mode 100644 index 1d1fa6b..0000000 --- a/SOURCES/0745-core-slice-make-slice_freezer_action-return-0-if-fre.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 9e3aefa21a631e7f47a8121097384a8b08ae8502 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Fri, 6 May 2022 14:01:22 +0900 -Subject: [PATCH] core/slice: make slice_freezer_action() return 0 if freezing - state is unchanged - -Fixes #23278. - -(cherry picked from commit d171e72e7afa11b238ba20758384d223b0c76e39) - -Related: #2084052 ---- - src/core/slice.c | 6 +----- - src/core/unit.c | 2 ++ - 2 files changed, 3 insertions(+), 5 deletions(-) - -diff --git a/src/core/slice.c b/src/core/slice.c -index c10e830917..34f3c84bf9 100644 ---- a/src/core/slice.c -+++ b/src/core/slice.c -@@ -395,11 +395,7 @@ static int slice_freezer_action(Unit *s, FreezerAction action) { - return r; - } - -- r = unit_cgroup_freezer_action(s, action); -- if (r < 0) -- return r; -- -- return 1; -+ return unit_cgroup_freezer_action(s, action); - } - - static int slice_freeze(Unit *s) { -diff --git a/src/core/unit.c b/src/core/unit.c -index e2c61ce866..bd79578255 100644 ---- a/src/core/unit.c -+++ b/src/core/unit.c -@@ -5622,6 +5622,8 @@ static int unit_freezer_action(Unit *u, FreezerAction action) { - if (r <= 0) - return r; - -+ assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING)); -+ - return 1; - } - diff --git a/SOURCES/0745-shared-dropin-support-.service.d-top-level-drop-in-f.patch b/SOURCES/0745-shared-dropin-support-.service.d-top-level-drop-in-f.patch new file mode 100644 index 0000000..3a25ff5 --- /dev/null +++ b/SOURCES/0745-shared-dropin-support-.service.d-top-level-drop-in-f.patch @@ -0,0 +1,190 @@ +From adc0a99b18153535ef73cf1b6ce2bc64ca501c81 Mon Sep 17 00:00:00 2001 +From: Anita Zhang +Date: Fri, 4 Oct 2019 17:39:34 -0700 +Subject: [PATCH] shared/dropin: support -.service.d/ top level drop-in for + service units + +(cherry picked from commit 272467882c9c3c3d4faca5fd7a1f44c5ef2f064) + +Resolves: #2051520 +--- + man/systemd.service.xml | 13 +++++++++++++ + man/systemd.special.xml | 9 +++++++++ + man/systemd.unit.xml | 4 ++++ + src/basic/unit-name.c | 9 +++++++-- + src/core/service.c | 2 +- + src/shared/dropin.c | 29 ++++++++++++++++++++++++++--- + test/TEST-15-DROPIN/test-dropin.sh | 15 ++++++++++++++- + 7 files changed, 74 insertions(+), 7 deletions(-) + +diff --git a/man/systemd.service.xml b/man/systemd.service.xml +index 1e30a564df..4164402d0e 100644 +--- a/man/systemd.service.xml ++++ b/man/systemd.service.xml +@@ -62,6 +62,19 @@ + about the incompatibilities, see the Incompatibilities + with SysV document. ++ ++ In addition to the various drop-in behaviors described in ++ systemd.unit5, ++ services also support a top-level drop-in with -.service.d/ that allows ++ altering or adding to the settings of all services on the system. ++ The formatting and precedence of applying drop-in configurations follow what is defined in ++ systemd.unit5. ++ However, configurations in -.service.d/ have the lowest precedence compared to settings ++ in the service specific override directories. For example, for foo-bar-baz.service, ++ drop-ins in foo-bar-baz.service.d/ override the ones in ++ foo-bar-.service.d/, which override the ones foo-.service.d/, ++ which override the ones in -.service.d/. ++ + + + +diff --git a/man/systemd.special.xml b/man/systemd.special.xml +index fe6324a4a0..06798cd9e2 100644 +--- a/man/systemd.special.xml ++++ b/man/systemd.special.xml +@@ -117,6 +117,15 @@ + + + ++ ++ -.service ++ ++ This is a reserved unit name used to support top-level drop-ins for services. See ++ systemd.service5 ++ for details. ++ ++ ++ + + basic.target + +diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml +index e80c760dd6..5aa3bd1699 100644 +--- a/man/systemd.unit.xml ++++ b/man/systemd.unit.xml +@@ -190,6 +190,10 @@ + over unit files wherever located. Multiple drop-in files with different names are applied in + lexicographic order, regardless of which of the directories they reside in. + ++ Service units also support a top-level drop-in directory for modifying the settings of all service units. See ++ systemd.service5 ++ for details. ++ + + +diff --git a/src/basic/unit-name.c b/src/basic/unit-name.c +index 82a666a481..078628d6e8 100644 +--- a/src/basic/unit-name.c ++++ b/src/basic/unit-name.c +@@ -681,8 +681,13 @@ bool service_unit_name_is_valid(const char *name) { + + /* If it's a template or instance, get the prefix as a service name. */ + if (unit_name_is_valid(name, UNIT_NAME_INSTANCE|UNIT_NAME_TEMPLATE)) { +- assert_se(unit_name_to_prefix(name, &prefix) == 0); +- assert_se(s = strjoin(prefix, ".service")); ++ if (unit_name_to_prefix(name, &prefix) < 0) ++ return false; ++ ++ s = strjoin(prefix, ".service"); ++ if (!s) ++ return false; ++ + service_name = s; + } + +diff --git a/src/core/service.c b/src/core/service.c +index b7eb10c044..b3ef79228f 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -558,7 +558,7 @@ static int service_verify(Service *s) { + + if (!service_unit_name_is_valid(UNIT(s)->id)) { + log_unit_error(UNIT(s), "Service name is invalid or reserved. Refusing."); +- return -ENOEXEC; ++ return -EINVAL; + } + + if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP] +diff --git a/src/shared/dropin.c b/src/shared/dropin.c +index 357c66d800..78ca7f4452 100644 +--- a/src/shared/dropin.c ++++ b/src/shared/dropin.c +@@ -19,6 +19,7 @@ + #include "mkdir.h" + #include "path-util.h" + #include "set.h" ++#include "special.h" + #include "string-util.h" + #include "strv.h" + #include "unit-name.h" +@@ -232,15 +233,37 @@ int unit_file_find_dropin_paths( + char ***ret) { + + _cleanup_strv_free_ char **dirs = NULL; +- char *t, **p; ++ UnitType type = _UNIT_TYPE_INVALID; ++ char *name, **p; + Iterator i; + int r; + + assert(ret); + +- SET_FOREACH(t, names, i) ++ /* All the names in the unit are of the same type so just grab one. */ ++ name = (char*) set_first(names); ++ if (name) { ++ type = unit_name_to_type(name); ++ if (type < 0) ++ return log_error_errno(EINVAL, ++ "Failed to to derive unit type from unit name: %s", ++ name); ++ } ++ ++ /* Special drop in for -.service. Add this first as it's the most generic ++ * and should be able to be overridden by more specific drop-ins. */ ++ if (type == UNIT_SERVICE) ++ STRV_FOREACH(p, lookup_path) ++ (void) unit_file_find_dirs(original_root, ++ unit_path_cache, ++ *p, ++ SPECIAL_ROOT_SERVICE, ++ dir_suffix, ++ &dirs); ++ ++ SET_FOREACH(name, names, i) + STRV_FOREACH(p, lookup_path) +- (void) unit_file_find_dirs(original_root, unit_path_cache, *p, t, dir_suffix, &dirs); ++ (void) unit_file_find_dirs(original_root, unit_path_cache, *p, name, dir_suffix, &dirs); + + if (strv_isempty(dirs)) { + *ret = NULL; +diff --git a/test/TEST-15-DROPIN/test-dropin.sh b/test/TEST-15-DROPIN/test-dropin.sh +index ab0a58caea..def2e03304 100755 +--- a/test/TEST-15-DROPIN/test-dropin.sh ++++ b/test/TEST-15-DROPIN/test-dropin.sh +@@ -102,7 +102,20 @@ test_basic_dropins () { + check_ok b Wants c.service + systemctl stop a c + +- clear_services a b c ++ echo "*** test -.service.d/ top level drop-in" ++ create_services a b ++ check_ko a ExecCondition "/bin/echo a" ++ check_ko b ExecCondition "/bin/echo b" ++ mkdir -p /usr/lib/systemd/system/-.service.d ++ cat >/usr/lib/systemd/system/-.service.d/override.conf < +Date: Mon, 4 Nov 2019 18:29:55 -0800 +Subject: [PATCH] core: change top-level drop-in from -.service.d to service.d + +Discussed in #13743, the -.service semantic conflicts with the +existing root mount and slice names, making this feature not +uniformly extensible to all types. Change the name to be +.d instead. + +Updating to this format also extends the top-level dropin to +unit types. + +(cherry picked from commit 3e1db806b0c18fd6138886ce67fac2655f09caef) + +Resolves: #2051520 +--- + man/systemd.service.xml | 13 ------------- + man/systemd.special.xml | 9 --------- + man/systemd.unit.xml | 11 ++++++++--- + src/basic/special.h | 4 ---- + src/basic/unit-name.c | 30 ------------------------------ + src/basic/unit-name.h | 2 -- + src/core/service.c | 5 ----- + src/shared/dropin.c | 22 ++++++++++++---------- + src/test/test-unit-name.c | 19 ------------------- + test/TEST-15-DROPIN/test-dropin.sh | 8 ++++---- + 10 files changed, 24 insertions(+), 99 deletions(-) + +diff --git a/man/systemd.service.xml b/man/systemd.service.xml +index 4164402d0e..1e30a564df 100644 +--- a/man/systemd.service.xml ++++ b/man/systemd.service.xml +@@ -62,19 +62,6 @@ + about the incompatibilities, see the Incompatibilities + with SysV document. +- +- In addition to the various drop-in behaviors described in +- systemd.unit5, +- services also support a top-level drop-in with -.service.d/ that allows +- altering or adding to the settings of all services on the system. +- The formatting and precedence of applying drop-in configurations follow what is defined in +- systemd.unit5. +- However, configurations in -.service.d/ have the lowest precedence compared to settings +- in the service specific override directories. For example, for foo-bar-baz.service, +- drop-ins in foo-bar-baz.service.d/ override the ones in +- foo-bar-.service.d/, which override the ones foo-.service.d/, +- which override the ones in -.service.d/. +- + + + +diff --git a/man/systemd.special.xml b/man/systemd.special.xml +index 06798cd9e2..fe6324a4a0 100644 +--- a/man/systemd.special.xml ++++ b/man/systemd.special.xml +@@ -117,15 +117,6 @@ + + + +- +- -.service +- +- This is a reserved unit name used to support top-level drop-ins for services. See +- systemd.service5 +- for details. +- +- +- + + basic.target + +diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml +index 5aa3bd1699..6f213ccd56 100644 +--- a/man/systemd.unit.xml ++++ b/man/systemd.unit.xml +@@ -190,9 +190,14 @@ + over unit files wherever located. Multiple drop-in files with different names are applied in + lexicographic order, regardless of which of the directories they reside in. + +- Service units also support a top-level drop-in directory for modifying the settings of all service units. See +- systemd.service5 +- for details. ++ Units also support a top-level drop-in with type.d/, ++ where type may be e.g. service or socket, ++ that allows altering or adding to the settings of all corresponding unit files on the system. ++ The formatting and precedence of applying drop-in configurations follow what is defined above. ++ Configurations in type.d/ have the lowest precedence ++ compared to settings in the name specific override directories. So the contents of ++ foo-.service.d/10-override.conf would override ++ service.d/10-override.conf. + + +diff --git a/src/basic/special.h b/src/basic/special.h +index 2915122929..379a3d7979 100644 +--- a/src/basic/special.h ++++ b/src/basic/special.h +@@ -103,7 +103,3 @@ + + /* The root directory. */ + #define SPECIAL_ROOT_MOUNT "-.mount" +- +-/* Used to apply settings to all services through drop-ins. +- * Should not exist as an actual service. */ +-#define SPECIAL_ROOT_SERVICE "-.service" +diff --git a/src/basic/unit-name.c b/src/basic/unit-name.c +index 078628d6e8..614eb8649b 100644 +--- a/src/basic/unit-name.c ++++ b/src/basic/unit-name.c +@@ -668,36 +668,6 @@ good: + return 0; + } + +-bool service_unit_name_is_valid(const char *name) { +- _cleanup_free_ char *prefix = NULL, *s = NULL; +- const char *e, *service_name = name; +- +- if (!unit_name_is_valid(name, UNIT_NAME_ANY)) +- return false; +- +- e = endswith(name, ".service"); +- if (!e) +- return false; +- +- /* If it's a template or instance, get the prefix as a service name. */ +- if (unit_name_is_valid(name, UNIT_NAME_INSTANCE|UNIT_NAME_TEMPLATE)) { +- if (unit_name_to_prefix(name, &prefix) < 0) +- return false; +- +- s = strjoin(prefix, ".service"); +- if (!s) +- return false; +- +- service_name = s; +- } +- +- /* Reject reserved service name(s). */ +- if (streq(service_name, SPECIAL_ROOT_SERVICE)) +- return false; +- +- return true; +-} +- + int slice_build_parent_slice(const char *slice, char **ret) { + char *s, *dash; + int r; +diff --git a/src/basic/unit-name.h b/src/basic/unit-name.h +index 21729cba83..61abcd585b 100644 +--- a/src/basic/unit-name.h ++++ b/src/basic/unit-name.h +@@ -60,8 +60,6 @@ static inline int unit_name_mangle(const char *name, UnitNameMangle flags, char + return unit_name_mangle_with_suffix(name, flags, ".service", ret); + } + +-bool service_unit_name_is_valid(const char *name); +- + int slice_build_parent_slice(const char *slice, char **ret); + int slice_build_subslice(const char *slice, const char*name, char **subslice); + bool slice_name_is_valid(const char *name); +diff --git a/src/core/service.c b/src/core/service.c +index b3ef79228f..e8ae1a5772 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -556,11 +556,6 @@ static int service_verify(Service *s) { + } + } + +- if (!service_unit_name_is_valid(UNIT(s)->id)) { +- log_unit_error(UNIT(s), "Service name is invalid or reserved. Refusing."); +- return -EINVAL; +- } +- + if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP] + && UNIT(s)->success_action == EMERGENCY_ACTION_NONE) { + /* FailureAction= only makes sense if one of the start or stop commands is specified. +diff --git a/src/shared/dropin.c b/src/shared/dropin.c +index 78ca7f4452..bd2a3c0feb 100644 +--- a/src/shared/dropin.c ++++ b/src/shared/dropin.c +@@ -19,7 +19,6 @@ + #include "mkdir.h" + #include "path-util.h" + #include "set.h" +-#include "special.h" + #include "string-util.h" + #include "strv.h" + #include "unit-name.h" +@@ -170,6 +169,10 @@ static int unit_file_find_dirs( + return r; + } + ++ /* Return early for top level drop-ins. */ ++ if (unit_type_from_string(name) >= 0) ++ return 0; ++ + /* Let's see if there's a "-" prefix for this unit name. If so, let's invoke ourselves for it. This will then + * recursively do the same for all our prefixes. i.e. this means given "foo-bar-waldo.service" we'll also + * search "foo-bar-.service" and "foo-.service". +@@ -250,16 +253,15 @@ int unit_file_find_dropin_paths( + name); + } + +- /* Special drop in for -.service. Add this first as it's the most generic ++ /* Special top level drop in for ".". Add this first as it's the most generic + * and should be able to be overridden by more specific drop-ins. */ +- if (type == UNIT_SERVICE) +- STRV_FOREACH(p, lookup_path) +- (void) unit_file_find_dirs(original_root, +- unit_path_cache, +- *p, +- SPECIAL_ROOT_SERVICE, +- dir_suffix, +- &dirs); ++ STRV_FOREACH(p, lookup_path) ++ (void) unit_file_find_dirs(original_root, ++ unit_path_cache, ++ *p, ++ unit_type_to_string(type), ++ dir_suffix, ++ &dirs); + + SET_FOREACH(name, names, i) + STRV_FOREACH(p, lookup_path) +diff --git a/src/test/test-unit-name.c b/src/test/test-unit-name.c +index b629df5aea..2b00ef8cb7 100644 +--- a/src/test/test-unit-name.c ++++ b/src/test/test-unit-name.c +@@ -347,24 +347,6 @@ static void test_unit_name_build(void) { + free(t); + } + +-static void test_service_unit_name_is_valid(void) { +- assert_se(service_unit_name_is_valid("foo.service")); +- assert_se(service_unit_name_is_valid("foo@bar.service")); +- assert_se(service_unit_name_is_valid("foo@bar@bar.service")); +- assert_se(service_unit_name_is_valid("--.service")); +- assert_se(service_unit_name_is_valid(".-.service")); +- assert_se(service_unit_name_is_valid("-foo-bar.service")); +- assert_se(service_unit_name_is_valid("-foo-bar-.service")); +- assert_se(service_unit_name_is_valid("foo-bar-.service")); +- +- assert_se(!service_unit_name_is_valid("-.service")); +- assert_se(!service_unit_name_is_valid("")); +- assert_se(!service_unit_name_is_valid("foo.slice")); +- assert_se(!service_unit_name_is_valid("@.service")); +- assert_se(!service_unit_name_is_valid("@bar.service")); +- assert_se(!service_unit_name_is_valid("-@.service")); +-} +- + static void test_slice_name_is_valid(void) { + assert_se( slice_name_is_valid(SPECIAL_ROOT_SLICE)); + assert_se( slice_name_is_valid("foo.slice")); +@@ -851,7 +833,6 @@ int main(int argc, char* argv[]) { + test_unit_prefix_is_valid(); + test_unit_name_change_suffix(); + test_unit_name_build(); +- test_service_unit_name_is_valid(); + test_slice_name_is_valid(); + test_build_subslice(); + test_build_parent_slice(); +diff --git a/test/TEST-15-DROPIN/test-dropin.sh b/test/TEST-15-DROPIN/test-dropin.sh +index def2e03304..7836c6535d 100755 +--- a/test/TEST-15-DROPIN/test-dropin.sh ++++ b/test/TEST-15-DROPIN/test-dropin.sh +@@ -102,18 +102,18 @@ test_basic_dropins () { + check_ok b Wants c.service + systemctl stop a c + +- echo "*** test -.service.d/ top level drop-in" ++ echo "*** test service.d/ top level drop-in" + create_services a b + check_ko a ExecCondition "/bin/echo a" + check_ko b ExecCondition "/bin/echo b" +- mkdir -p /usr/lib/systemd/system/-.service.d +- cat >/usr/lib/systemd/system/-.service.d/override.conf </usr/lib/systemd/system/service.d/override.conf < -Date: Mon, 9 May 2022 00:56:05 +0900 -Subject: [PATCH] core/unit: fix use-after-free - -Fixes #23312. - -(cherry picked from commit 734582830b58e000a26e18807ea277c18778573c) - -Related: #2084052 ---- - src/core/unit.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/core/unit.c b/src/core/unit.c -index bd79578255..68affa2c0e 100644 ---- a/src/core/unit.c -+++ b/src/core/unit.c -@@ -580,8 +580,8 @@ void unit_free(Unit *u) { - - unit_dequeue_rewatch_pids(u); - -- sd_bus_slot_unref(u->match_bus_slot); -- sd_bus_track_unref(u->bus_track); -+ u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot); -+ u->bus_track = sd_bus_track_unref(u->bus_track); - u->deserialized_refs = strv_free(u->deserialized_refs); - u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message); - diff --git a/SOURCES/0747-sd-bus-fix-reference-counter-to-be-incremented.patch b/SOURCES/0747-sd-bus-fix-reference-counter-to-be-incremented.patch deleted file mode 100644 index dde33df..0000000 --- a/SOURCES/0747-sd-bus-fix-reference-counter-to-be-incremented.patch +++ /dev/null @@ -1,58 +0,0 @@ -From d3d0969d7c366d6bb2f66501e61cbcd11a60face Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Sun, 17 Apr 2022 07:05:07 +0900 -Subject: [PATCH] sd-bus: fix reference counter to be incremented - -Fixes #23097. - -(cherry picked from commit b21f237d996c8c18991a68e1204f060d07dc4745) - -[msekleta: This commit also contains the hunk from c2d7dd35d2 -(in sd_bus_track_remove_name). I've decided to not backport that commit -fully because of conflicts and because its was made largely irrelevant -by 7f40cb7c86] - -Related: #2084052 ---- - src/libsystemd/sd-bus/bus-track.c | 15 +++++++-------- - 1 file changed, 7 insertions(+), 8 deletions(-) - -diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c -index 16bf615f50..b1ec5ecbbb 100644 ---- a/src/libsystemd/sd-bus/bus-track.c -+++ b/src/libsystemd/sd-bus/bus-track.c -@@ -208,12 +208,12 @@ _public_ int sd_bus_track_add_name(sd_bus_track *track, const char *name) { - i = hashmap_get(track->names, name); - if (i) { - if (track->recursive) { -- unsigned k = track->n_ref + 1; -+ unsigned k = i->n_ref + 1; - -- if (k < track->n_ref) /* Check for overflow */ -+ if (k < i->n_ref) /* Check for overflow */ - return -EOVERFLOW; - -- track->n_ref = k; -+ i->n_ref = k; - } - - bus_track_remove_from_queue(track); -@@ -281,14 +281,13 @@ _public_ int sd_bus_track_remove_name(sd_bus_track *track, const char *name) { - i = hashmap_get(track->names, name); - if (!i) - return -EUNATCH; -- if (i->n_ref <= 0) -- return -EUNATCH; -- -- i->n_ref--; - -- if (i->n_ref <= 0) -+ assert(i->n_ref >=1); -+ if (i->n_ref <= 1) - return bus_track_remove_name_fully(track, name); - -+ i->n_ref--; -+ - return 1; - } - diff --git a/SOURCES/0747-shared-dropin-fix-assert-for-invalid-drop-in.patch b/SOURCES/0747-shared-dropin-fix-assert-for-invalid-drop-in.patch new file mode 100644 index 0000000..bab899e --- /dev/null +++ b/SOURCES/0747-shared-dropin-fix-assert-for-invalid-drop-in.patch @@ -0,0 +1,96 @@ +From 9e1e02a83538a865dae65454214363d306e69854 Mon Sep 17 00:00:00 2001 +From: Topi Miettinen +Date: Tue, 17 Dec 2019 15:47:37 +0200 +Subject: [PATCH] shared/dropin: fix assert for invalid drop-in + +Don't try to show top level drop-in for non-existent units or when trying to +instantiate non-instantiated units: + +$ systemctl cat nonexistent@.service +Assertion 'name' failed at src/shared/dropin.c:143, function unit_file_find_dirs(). Aborting. +$ systemctl cat systemd-journald@.service +Assertion 'name' failed at src/shared/dropin.c:143, function unit_file_find_dirs(). Aborting. + +(cherry picked from commit 7a670b1dd981c645064f69faf85b04620aadbafb) + +Resolves: #2051520 +--- + src/shared/dropin.c | 23 ++++++++++++----------- + test/TEST-15-DROPIN/test-dropin.sh | 14 ++++++++++++++ + 2 files changed, 26 insertions(+), 11 deletions(-) + +diff --git a/src/shared/dropin.c b/src/shared/dropin.c +index bd2a3c0feb..11ed4c7184 100644 +--- a/src/shared/dropin.c ++++ b/src/shared/dropin.c +@@ -236,7 +236,6 @@ int unit_file_find_dropin_paths( + char ***ret) { + + _cleanup_strv_free_ char **dirs = NULL; +- UnitType type = _UNIT_TYPE_INVALID; + char *name, **p; + Iterator i; + int r; +@@ -246,22 +245,24 @@ int unit_file_find_dropin_paths( + /* All the names in the unit are of the same type so just grab one. */ + name = (char*) set_first(names); + if (name) { ++ UnitType type = _UNIT_TYPE_INVALID; ++ + type = unit_name_to_type(name); + if (type < 0) + return log_error_errno(EINVAL, + "Failed to to derive unit type from unit name: %s", + name); +- } + +- /* Special top level drop in for ".". Add this first as it's the most generic +- * and should be able to be overridden by more specific drop-ins. */ +- STRV_FOREACH(p, lookup_path) +- (void) unit_file_find_dirs(original_root, +- unit_path_cache, +- *p, +- unit_type_to_string(type), +- dir_suffix, +- &dirs); ++ /* Special top level drop in for ".". Add this first as it's the most generic ++ * and should be able to be overridden by more specific drop-ins. */ ++ STRV_FOREACH(p, lookup_path) ++ (void) unit_file_find_dirs(original_root, ++ unit_path_cache, ++ *p, ++ unit_type_to_string(type), ++ dir_suffix, ++ &dirs); ++ } + + SET_FOREACH(name, names, i) + STRV_FOREACH(p, lookup_path) +diff --git a/test/TEST-15-DROPIN/test-dropin.sh b/test/TEST-15-DROPIN/test-dropin.sh +index 7836c6535d..5419169f7b 100755 +--- a/test/TEST-15-DROPIN/test-dropin.sh ++++ b/test/TEST-15-DROPIN/test-dropin.sh +@@ -289,9 +289,23 @@ EOF + clear_services a b + } + ++test_invalid_dropins () { ++ echo "Testing invalid dropins..." ++ # Assertion failed on earlier versions, command exits unsuccessfully on later versions ++ systemctl cat nonexistent@.service || true ++ create_services a ++ systemctl daemon-reload ++ # Assertion failed on earlier versions, command exits unsuccessfully on later versions ++ systemctl cat a@.service || true ++ systemctl stop a ++ clear_services a ++ return 0 ++} ++ + test_basic_dropins + test_template_dropins + test_alias_dropins + test_masked_dropins ++test_invalid_dropins + + touch /testok diff --git a/SOURCES/0748-sd-bus-do-not-read-unused-value.patch b/SOURCES/0748-sd-bus-do-not-read-unused-value.patch deleted file mode 100644 index c3daafc..0000000 --- a/SOURCES/0748-sd-bus-do-not-read-unused-value.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 6f8278097070d77e39d15e5f5d11e1c8b83871c2 Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Sun, 17 Apr 2022 07:25:09 +0900 -Subject: [PATCH] sd-bus: do not read unused value - -(cherry picked from commit 6a7ca27740be4229b4c9f540cd610b205ca5752c) - -Related: #2084052 ---- - src/libsystemd/sd-bus/bus-track.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c -index b1ec5ecbbb..b9965d9d64 100644 ---- a/src/libsystemd/sd-bus/bus-track.c -+++ b/src/libsystemd/sd-bus/bus-track.c -@@ -182,13 +182,13 @@ _public_ sd_bus_track* sd_bus_track_unref(sd_bus_track *track) { - - static int on_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) { - sd_bus_track *track = userdata; -- const char *name, *old, *new; -+ const char *name; - int r; - - assert(message); - assert(track); - -- r = sd_bus_message_read(message, "sss", &name, &old, &new); -+ r = sd_bus_message_read(message, "sss", &name, NULL, NULL); - if (r < 0) - return 0; - diff --git a/SOURCES/0748-udev-fix-slot-based-network-names-on-s390.patch b/SOURCES/0748-udev-fix-slot-based-network-names-on-s390.patch new file mode 100644 index 0000000..338ccc2 --- /dev/null +++ b/SOURCES/0748-udev-fix-slot-based-network-names-on-s390.patch @@ -0,0 +1,132 @@ +From 2e7f41bd0632312d00d472a73a312218a29ce65b Mon Sep 17 00:00:00 2001 +From: Viktor Mihajlovski +Date: Thu, 18 Mar 2021 11:03:34 +0100 +Subject: [PATCH] udev: fix slot based network names on s390 + +The s390 PCI driver assigns the hotplug slot name from the +function_id attribute of the PCI device using a 8 char hexadecimal +format to match the underlying firmware/hypervisor notation. + +Further, there's always a one-to-one mapping between a PCI +function and a hotplug slot, as individual functions can +hot plugged even for multi-function devices. + +As the generic matching code will always try to parse the slot +name in /sys/bus/pci/slots as a positive decimal number, either +a wrong value might be produced for ID_NET_NAME_SLOT if +the slot name consists of decimal numbers only, or none at all +if a character in the range from 'a' to 'f' is encountered. + +Additionally, the generic code assumes that two interfaces +share a hotplug slot, if they differ only in the function part +of the PCI address. E.g., for an interface with the PCI address +dddd:bb:aa.f, it will match the device to the first slot with +an address dddd:bb:aa. As more than one slot may have this address +for the s390 PCI driver, the wrong slot may be selected. + +To resolve this we're adding a new naming schema version with the +flag NAMING_SLOT_FUNCTION_ID, which enables the correct matching +of hotplug slots if the device has an attribute named function_id. +The ID_NET_NAME_SLOT property will only be produced if there's +a file /sys/bus/pci/slots/ where matches +the value of /sys/bus/pci/devices/.../function_id in 8 char +hex notation. + +Fixes #19016 +See also #19078 + +Related: #1939914 + +(cherry picked from commit a496a238e8ee66ce25ad13a3f46549b2e2e979fc) +--- + man/systemd.net-naming-scheme.xml | 10 +++++++++ + src/udev/udev-builtin-net_id.c | 34 +++++++++++++++++++++++++++++++ + 2 files changed, 44 insertions(+) + +diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml +index fe1aa4b654..e42c93eaad 100644 +--- a/man/systemd.net-naming-scheme.xml ++++ b/man/systemd.net-naming-scheme.xml +@@ -313,6 +313,16 @@ + Same as naming scheme rhel-8.4. + + ++ ++ rhel-8.7 ++ ++ PCI hotplug slot names for the s390 PCI driver are a hexadecimal representation ++ of the function_id device attribute. This attribute is now used to build the ++ ID_NET_NAME_SLOT. Before that, all slot names were parsed as decimal ++ numbers, which could either result in an incorrect value of the ID_NET_NAME_SLOT ++ property or none at all. ++ ++ + Note that latest may be used to denote the latest scheme known to this + particular version of systemd. + +diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c +index 386d74ca5e..b57227a09f 100644 +--- a/src/udev/udev-builtin-net_id.c ++++ b/src/udev/udev-builtin-net_id.c +@@ -126,6 +126,7 @@ typedef enum NamingSchemeFlags { + NAMING_SR_IOV_V = 1 << 0, /* Use "v" suffix for SR-IOV, see 609948c7043a40008b8299529c978ed8e11de8f6*/ + NAMING_NPAR_ARI = 1 << 1, /* Use NPAR "ARI", see 6bc04997b6eab35d1cb9fa73889892702c27be09 */ + NAMING_BRIDGE_NO_SLOT = 1 << 9, /* Don't use PCI hotplug slot information if the corresponding device is a PCI bridge */ ++ NAMING_SLOT_FUNCTION_ID = 1 << 10, /* Use function_id if present to identify PCI hotplug slots */ + + /* And now the masks that combine the features above */ + NAMING_V238 = 0, +@@ -137,6 +138,7 @@ typedef enum NamingSchemeFlags { + NAMING_RHEL_8_4 = NAMING_V239|NAMING_BRIDGE_NO_SLOT, + NAMING_RHEL_8_5 = NAMING_RHEL_8_4, + NAMING_RHEL_8_6 = NAMING_RHEL_8_4, ++ NAMING_RHEL_8_7 = NAMING_RHEL_8_4|NAMING_SLOT_FUNCTION_ID, + + _NAMING_SCHEME_FLAGS_INVALID = -1, + } NamingSchemeFlags; +@@ -156,6 +158,7 @@ static const NamingScheme naming_schemes[] = { + { "rhel-8.4", NAMING_RHEL_8_4 }, + { "rhel-8.5", NAMING_RHEL_8_5 }, + { "rhel-8.6", NAMING_RHEL_8_6 }, ++ { "rhel-8.7", NAMING_RHEL_8_7 }, + /* … add more schemes here, as the logic to name devices is updated … */ + }; + +@@ -477,6 +480,37 @@ static int dev_pci_slot(struct udev_device *dev, struct netnames *names) { + + hotplug_slot_dev = names->pcidev; + while (hotplug_slot_dev) { ++ if (!udev_device_get_sysname(hotplug_slot_dev)) ++ continue; ++ ++ /* The /function_id attribute is unique to the s390 PCI driver. ++ If present, we know that the slot's directory name for this device is ++ /sys/bus/pci/XXXXXXXX/ where XXXXXXXX is the fixed length 8 hexadecimal ++ character string representation of function_id. ++ Therefore we can short cut here and just check for the existence of ++ the slot directory. As this directory has to exist, we're emitting a ++ debug message for the unlikely case it's not found. ++ Note that the domain part of doesn't belong to the slot name here ++ because there's a 1-to-1 relationship between PCI function and its hotplug ++ slot. ++ */ ++ if (naming_scheme_has(NAMING_SLOT_FUNCTION_ID)) { ++ attr = udev_device_get_sysattr_value(hotplug_slot_dev, "function_id"); ++ if (attr) { ++ int function_id; ++ _cleanup_free_ char *str; ++ ++ if (safe_atoi(attr, &function_id) >= 0 && ++ asprintf(&str, "%s/%08x/", slots, function_id) >= 0 && ++ access(str, R_OK) == 0) { ++ hotplug_slot = function_id; ++ domain = 0; ++ } else ++ log_debug("No matching slot for function_id (%s).", attr); ++ break; ++ } ++ } ++ + FOREACH_DIRENT_ALL(dent, dir, break) { + int i, r; + char str[PATH_MAX]; diff --git a/SOURCES/0749-sd-bus-do-not-return-negative-errno-when-unknown-nam.patch b/SOURCES/0749-sd-bus-do-not-return-negative-errno-when-unknown-nam.patch deleted file mode 100644 index 5fb3f8c..0000000 --- a/SOURCES/0749-sd-bus-do-not-return-negative-errno-when-unknown-nam.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 3005733945670cc4a77920bb55e5cdda331cff4d Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Sun, 17 Apr 2022 07:29:24 +0900 -Subject: [PATCH] sd-bus: do not return negative errno when unknown name is - specified - -When 'recursive' is false, then sd_bus_track_remove_name() does not -return negative errno when unknown name is specified. Let's follow the -same pattern for the case that 'recursive' is true. - -(cherry picked from commit 55bfacc6c33eaf3475762e71172b2ef504be5af8) - -Related: #2084052 ---- - src/libsystemd/sd-bus/bus-track.c | 5 +---- - 1 file changed, 1 insertion(+), 4 deletions(-) - -diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c -index b9965d9d64..8893f190a1 100644 ---- a/src/libsystemd/sd-bus/bus-track.c -+++ b/src/libsystemd/sd-bus/bus-track.c -@@ -275,12 +275,9 @@ _public_ int sd_bus_track_remove_name(sd_bus_track *track, const char *name) { - if (!track) /* Treat a NULL track object as an empty track object */ - return 0; - -- if (!track->recursive) -- return bus_track_remove_name_fully(track, name); -- - i = hashmap_get(track->names, name); - if (!i) -- return -EUNATCH; -+ return 0; - - assert(i->n_ref >=1); - if (i->n_ref <= 1) diff --git a/SOURCES/0749-udev-add-missing-initialization-to-fix-freeing-inval.patch b/SOURCES/0749-udev-add-missing-initialization-to-fix-freeing-inval.patch new file mode 100644 index 0000000..234cd72 --- /dev/null +++ b/SOURCES/0749-udev-add-missing-initialization-to-fix-freeing-inval.patch @@ -0,0 +1,26 @@ +From e6def2e6be6a1cb87874cf8589ccdcb6ee3eec1e Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 7 Apr 2021 19:09:50 +0900 +Subject: [PATCH] udev: add missing initialization to fix freeing invalid + address + +Releated: #1939914 + +(cherry picked from commit b08c3fbe0e3f310b520d17be92110b4cb96a5f2c) +--- + src/udev/udev-builtin-net_id.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c +index b57227a09f..816661fb93 100644 +--- a/src/udev/udev-builtin-net_id.c ++++ b/src/udev/udev-builtin-net_id.c +@@ -498,7 +498,7 @@ static int dev_pci_slot(struct udev_device *dev, struct netnames *names) { + attr = udev_device_get_sysattr_value(hotplug_slot_dev, "function_id"); + if (attr) { + int function_id; +- _cleanup_free_ char *str; ++ _cleanup_free_ char *str = NULL; + + if (safe_atoi(attr, &function_id) >= 0 && + asprintf(&str, "%s/%08x/", slots, function_id) >= 0 && diff --git a/SOURCES/0750-sd-bus-switch-to-a-manual-overflow-check-in-sd_bus_t.patch b/SOURCES/0750-sd-bus-switch-to-a-manual-overflow-check-in-sd_bus_t.patch deleted file mode 100644 index a280a40..0000000 --- a/SOURCES/0750-sd-bus-switch-to-a-manual-overflow-check-in-sd_bus_t.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 78b5b6dbd0bb4e5644e798748d186cca88fc523d Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Wed, 20 Apr 2022 22:30:22 +0200 -Subject: [PATCH] sd-bus: switch to a manual overflow check in - sd_bus_track_add_name() - -This is generally used in a directly client controllable way, hence we -should handle ref count overflow gracefully, instead of hitting an -assert(). - -As discussed: - -https://github.com/systemd/systemd/pull/23099#discussion_r854341850 -(cherry picked from commit 7f40cb7c86b0fff3a82096a9499570bad9c19fd2) - -[msekleta: We've never switched to using track_item_ref/unref introduced -in c2d7dd35d2 hence we still had potential undefined behavior related to -overflow check and this commit fixes that.] - -Related: #2084052 ---- - src/libsystemd/sd-bus/bus-track.c | 10 +++++++--- - 1 file changed, 7 insertions(+), 3 deletions(-) - -diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c -index 8893f190a1..b818e93bec 100644 ---- a/src/libsystemd/sd-bus/bus-track.c -+++ b/src/libsystemd/sd-bus/bus-track.c -@@ -208,12 +208,16 @@ _public_ int sd_bus_track_add_name(sd_bus_track *track, const char *name) { - i = hashmap_get(track->names, name); - if (i) { - if (track->recursive) { -- unsigned k = i->n_ref + 1; -+ assert(i->n_ref > 0); - -- if (k < i->n_ref) /* Check for overflow */ -+ /* Manual oveflow check (instead of a DEFINE_TRIVIAL_REF_FUNC() helper or so), so -+ * that we can return a proper error, given this is almost always called in a -+ * directly client controllable way, and thus better should never hit an assertion -+ * here. */ -+ if (i->n_ref >= UINT_MAX) - return -EOVERFLOW; - -- i->n_ref = k; -+ i->n_ref++; - } - - bus_track_remove_from_queue(track); diff --git a/SOURCES/0750-udev-it-is-not-necessary-that-the-path-is-readable.patch b/SOURCES/0750-udev-it-is-not-necessary-that-the-path-is-readable.patch new file mode 100644 index 0000000..bc6dc29 --- /dev/null +++ b/SOURCES/0750-udev-it-is-not-necessary-that-the-path-is-readable.patch @@ -0,0 +1,25 @@ +From 100324ef0d911913e09db71e030a5ba137ac357e Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 7 Apr 2021 19:19:45 +0900 +Subject: [PATCH] udev: it is not necessary that the path is readable + +Related: #1939914 + +(cherry picked from commit 70c35e4bfd64f24c7cb3536bdf63af537e0f2971) +--- + src/udev/udev-builtin-net_id.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c +index 816661fb93..ba7638fcb8 100644 +--- a/src/udev/udev-builtin-net_id.c ++++ b/src/udev/udev-builtin-net_id.c +@@ -502,7 +502,7 @@ static int dev_pci_slot(struct udev_device *dev, struct netnames *names) { + + if (safe_atoi(attr, &function_id) >= 0 && + asprintf(&str, "%s/%08x/", slots, function_id) >= 0 && +- access(str, R_OK) == 0) { ++ access(str, F_OK) == 0) { + hotplug_slot = function_id; + domain = 0; + } else diff --git a/SOURCES/0751-udev-allow-onboard-index-up-to-65535.patch b/SOURCES/0751-udev-allow-onboard-index-up-to-65535.patch new file mode 100644 index 0000000..61c9d74 --- /dev/null +++ b/SOURCES/0751-udev-allow-onboard-index-up-to-65535.patch @@ -0,0 +1,100 @@ +From 033998c21f01e7b7d91e4aa51a358f8016f3740a Mon Sep 17 00:00:00 2001 +From: Viktor Mihajlovski +Date: Tue, 27 Apr 2021 15:25:16 +0200 +Subject: [PATCH] udev: allow onboard index up to 65535 + +The maximum allowed value of the sysfs device index entry was limited to +16383 (2^14-1) to avoid the generation of unreasonable onboard interface +names. +For s390 the index can assume a value of up to 65535 (2^16-1) which is +now allowed depending on the new naming flag NAMING_16BIT_INDEX. +Larger index values are considered unreasonable and remain to be +ignored. + +Related: #1939914 + +(cherry picked from commit 5a7eb46c0206411d380543021291b4bca0b6f59f) +--- + man/systemd.net-naming-scheme.xml | 7 ++++++- + src/udev/udev-builtin-net_id.c | 22 +++++++++++++++------- + 2 files changed, 21 insertions(+), 8 deletions(-) + +diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml +index e42c93eaad..a567483995 100644 +--- a/man/systemd.net-naming-scheme.xml ++++ b/man/systemd.net-naming-scheme.xml +@@ -320,7 +320,12 @@ + of the function_id device attribute. This attribute is now used to build the + ID_NET_NAME_SLOT. Before that, all slot names were parsed as decimal + numbers, which could either result in an incorrect value of the ID_NET_NAME_SLOT +- property or none at all. ++ property or none at all. ++ ++ Some firmware and hypervisor implementations report unreasonable high numbers for the onboard ++ index. To prevent the generation of bogus onbard interface names, index numbers greater than 16381 ++ (2^14-1) were ignored. For s390 PCI devices index values up to 65535 (2^16-1) are valid. To account ++ for that, the limit is increased to now 65535. + + + Note that latest may be used to denote the latest scheme known to this +diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c +index ba7638fcb8..df84acf27c 100644 +--- a/src/udev/udev-builtin-net_id.c ++++ b/src/udev/udev-builtin-net_id.c +@@ -104,7 +104,8 @@ + #include "udev.h" + #include "udev-util.h" + +-#define ONBOARD_INDEX_MAX (16*1024-1) ++#define ONBOARD_14BIT_INDEX_MAX ((1U << 14) - 1) ++#define ONBOARD_16BIT_INDEX_MAX ((1U << 16) - 1) + + /* So here's the deal: net_id is supposed to be an excercise in providing stable names for network devices. However, we + * also want to keep updating the naming scheme used in future versions of net_id. These two goals of course are +@@ -127,6 +128,7 @@ typedef enum NamingSchemeFlags { + NAMING_NPAR_ARI = 1 << 1, /* Use NPAR "ARI", see 6bc04997b6eab35d1cb9fa73889892702c27be09 */ + NAMING_BRIDGE_NO_SLOT = 1 << 9, /* Don't use PCI hotplug slot information if the corresponding device is a PCI bridge */ + NAMING_SLOT_FUNCTION_ID = 1 << 10, /* Use function_id if present to identify PCI hotplug slots */ ++ NAMING_16BIT_INDEX = 1 << 11, /* Allow full 16-bit for the onboard index */ + + /* And now the masks that combine the features above */ + NAMING_V238 = 0, +@@ -138,7 +140,7 @@ typedef enum NamingSchemeFlags { + NAMING_RHEL_8_4 = NAMING_V239|NAMING_BRIDGE_NO_SLOT, + NAMING_RHEL_8_5 = NAMING_RHEL_8_4, + NAMING_RHEL_8_6 = NAMING_RHEL_8_4, +- NAMING_RHEL_8_7 = NAMING_RHEL_8_4|NAMING_SLOT_FUNCTION_ID, ++ NAMING_RHEL_8_7 = NAMING_RHEL_8_4|NAMING_SLOT_FUNCTION_ID|NAMING_16BIT_INDEX, + + _NAMING_SCHEME_FLAGS_INVALID = -1, + } NamingSchemeFlags; +@@ -326,6 +328,16 @@ out_unref: + return r; + } + ++static bool is_valid_onboard_index(unsigned long idx) { ++ /* Some BIOSes report rubbish indexes that are excessively high (2^24-1 is an index VMware likes to ++ * report for example). Let's define a cut-off where we don't consider the index reliable anymore. We ++ * pick some arbitrary cut-off, which is somewhere beyond the realistic number of physical network ++ * interface a system might have. Ideally the kernel would already filter this crap for us, but it ++ * doesn't currently. The initial cut-off value (2^14-1) was too conservative for s390 PCI which ++ * allows for index values up 2^16-1 which is now enabled with the NAMING_16BIT_INDEX naming flag. */ ++ return idx <= (naming_scheme_has(NAMING_16BIT_INDEX) ? ONBOARD_16BIT_INDEX_MAX : ONBOARD_14BIT_INDEX_MAX); ++} ++ + /* retrieve on-board index number and label from firmware */ + static int dev_pci_onboard(struct udev_device *dev, struct netnames *names) { + unsigned dev_port = 0; +@@ -346,11 +358,7 @@ static int dev_pci_onboard(struct udev_device *dev, struct netnames *names) { + if (idx <= 0) + return -EINVAL; + +- /* Some BIOSes report rubbish indexes that are excessively high (2^24-1 is an index VMware likes to report for +- * example). Let's define a cut-off where we don't consider the index reliable anymore. We pick some arbitrary +- * cut-off, which is somewhere beyond the realistic number of physical network interface a system might +- * have. Ideally the kernel would already filter his crap for us, but it doesn't currently. */ +- if (idx > ONBOARD_INDEX_MAX) ++ if (!is_valid_onboard_index(idx)) + return -ENOENT; + + /* kernel provided port index for multiple ports on a single PCI function */ diff --git a/SOURCES/0752-Revert-basic-use-comma-as-separator-in-cpuset-cgroup.patch b/SOURCES/0752-Revert-basic-use-comma-as-separator-in-cpuset-cgroup.patch new file mode 100644 index 0000000..e4bfbc1 --- /dev/null +++ b/SOURCES/0752-Revert-basic-use-comma-as-separator-in-cpuset-cgroup.patch @@ -0,0 +1,98 @@ +From 1ad8be47cd41f017faa5a9ca9614cbcbe784d43b Mon Sep 17 00:00:00 2001 +From: Jacek Migacz +Date: Mon, 25 Apr 2022 21:12:40 +0200 +Subject: [PATCH] Revert "basic: use comma as separator in cpuset cgroup cpu + ranges" + +This reverts commit 9fe3b9c7165afeedcf9f31959c436bcec233bb4d. + +RHEL-only + +Resolves: #1858220 +--- + src/basic/cpu-set-util.c | 45 ---------------------------------------- + src/basic/cpu-set-util.h | 1 - + src/core/cgroup.c | 2 +- + 3 files changed, 1 insertion(+), 47 deletions(-) + +diff --git a/src/basic/cpu-set-util.c b/src/basic/cpu-set-util.c +index 1922c95864..db2e1d6c97 100644 +--- a/src/basic/cpu-set-util.c ++++ b/src/basic/cpu-set-util.c +@@ -88,51 +88,6 @@ char *cpu_set_to_range_string(const CPUSet *set) { + return TAKE_PTR(str) ?: strdup(""); + } + +-/* XXX(msekleta): this is the workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1819152, remove in 8.3 */ +-char *cpu_set_to_range_string_kernel(const CPUSet *set) { +- unsigned range_start = 0, range_end; +- _cleanup_free_ char *str = NULL; +- size_t allocated = 0, len = 0; +- bool in_range = false; +- int r; +- +- for (unsigned i = 0; i < set->allocated * 8; i++) +- if (CPU_ISSET_S(i, set->allocated, set->set)) { +- if (in_range) +- range_end++; +- else { +- range_start = range_end = i; +- in_range = true; +- } +- } else if (in_range) { +- in_range = false; +- +- if (!GREEDY_REALLOC(str, allocated, len + 2 + 2 * DECIMAL_STR_MAX(unsigned))) +- return NULL; +- +- if (range_end > range_start) +- r = sprintf(str + len, len > 0 ? ",%d-%d" : "%d-%d", range_start, range_end); +- else +- r = sprintf(str + len, len > 0 ? ",%d" : "%d", range_start); +- assert_se(r > 0); +- len += r; +- } +- +- if (in_range) { +- if (!GREEDY_REALLOC(str, allocated, len + 2 + 2 * DECIMAL_STR_MAX(int))) +- return NULL; +- +- if (range_end > range_start) +- r = sprintf(str + len, len > 0 ? ",%d-%d" : "%d-%d", range_start, range_end); +- else +- r = sprintf(str + len, len > 0 ? ",%d" : "%d", range_start); +- assert_se(r > 0); +- } +- +- return TAKE_PTR(str) ?: strdup(""); +-} +- +- + int cpu_set_realloc(CPUSet *cpu_set, unsigned ncpus) { + size_t need; + +diff --git a/src/basic/cpu-set-util.h b/src/basic/cpu-set-util.h +index 795be807af..406b08ee11 100644 +--- a/src/basic/cpu-set-util.h ++++ b/src/basic/cpu-set-util.h +@@ -27,7 +27,6 @@ int cpu_set_add_all(CPUSet *a, const CPUSet *b); + + char* cpu_set_to_string(const CPUSet *a); + char *cpu_set_to_range_string(const CPUSet *a); +-char *cpu_set_to_range_string_kernel(const CPUSet *a); + int cpu_set_realloc(CPUSet *cpu_set, unsigned ncpus); + + int parse_cpu_set_full( +diff --git a/src/core/cgroup.c b/src/core/cgroup.c +index f02cc31c6e..f89bce3d61 100644 +--- a/src/core/cgroup.c ++++ b/src/core/cgroup.c +@@ -687,7 +687,7 @@ static void cgroup_apply_unified_cpuset(Unit *u, CPUSet cpus, const char *name) + _cleanup_free_ char *buf = NULL; + int r; + +- buf = cpu_set_to_range_string_kernel(&cpus); ++ buf = cpu_set_to_range_string(&cpus); + if (!buf) + return; + diff --git a/SOURCES/0753-acpi-fpdt-mark-structures-as-packed.patch b/SOURCES/0753-acpi-fpdt-mark-structures-as-packed.patch new file mode 100644 index 0000000..075c84e --- /dev/null +++ b/SOURCES/0753-acpi-fpdt-mark-structures-as-packed.patch @@ -0,0 +1,51 @@ +From 45670b65ccc1d41a32b83217ba9a78c9eed5fc02 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Thu, 23 Apr 2020 08:49:10 +0200 +Subject: [PATCH] acpi-fpdt: mark structures as packed + +Let's make sure the alignment doesn't matter. + +(cherry picked from commit 49490c1d353bc920cbf73f4c71e9c35d2e3eb8b1) + +Related: #2047373 +--- + src/shared/acpi-fpdt.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/shared/acpi-fpdt.c b/src/shared/acpi-fpdt.c +index d565ebd43e..38c464c912 100644 +--- a/src/shared/acpi-fpdt.c ++++ b/src/shared/acpi-fpdt.c +@@ -23,7 +23,7 @@ struct acpi_table_header { + uint32_t oem_revision; + char asl_compiler_id[4]; + uint32_t asl_compiler_revision; +-}; ++} _packed_; + + enum { + ACPI_FPDT_TYPE_BOOT = 0, +@@ -36,12 +36,12 @@ struct acpi_fpdt_header { + uint8_t revision; + uint8_t reserved[4]; + uint64_t ptr; +-}; ++} _packed_; + + struct acpi_fpdt_boot_header { + char signature[4]; + uint32_t length; +-}; ++} _packed_; + + enum { + ACPI_FPDT_S3PERF_RESUME_REC = 0, +@@ -59,7 +59,7 @@ struct acpi_fpdt_boot { + uint64_t startup_start; + uint64_t exit_services_entry; + uint64_t exit_services_exit; +-}; ++} _packed; + + int acpi_get_boot_usec(usec_t *loader_start, usec_t *loader_exit) { + _cleanup_free_ char *buf = NULL; diff --git a/SOURCES/0754-core-slice-make-slice_freezer_action-return-0-if-fre.patch b/SOURCES/0754-core-slice-make-slice_freezer_action-return-0-if-fre.patch new file mode 100644 index 0000000..15e1d43 --- /dev/null +++ b/SOURCES/0754-core-slice-make-slice_freezer_action-return-0-if-fre.patch @@ -0,0 +1,46 @@ +From 1f4af2e456675c6226857ee0c8127ff4b3d1d18a Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Fri, 6 May 2022 14:01:22 +0900 +Subject: [PATCH] core/slice: make slice_freezer_action() return 0 if freezing + state is unchanged + +Fixes #23278. + +(cherry picked from commit d171e72e7afa11b238ba20758384d223b0c76e39) + +Related: #2047373 +--- + src/core/slice.c | 6 +----- + src/core/unit.c | 2 ++ + 2 files changed, 3 insertions(+), 5 deletions(-) + +diff --git a/src/core/slice.c b/src/core/slice.c +index c10e830917..34f3c84bf9 100644 +--- a/src/core/slice.c ++++ b/src/core/slice.c +@@ -395,11 +395,7 @@ static int slice_freezer_action(Unit *s, FreezerAction action) { + return r; + } + +- r = unit_cgroup_freezer_action(s, action); +- if (r < 0) +- return r; +- +- return 1; ++ return unit_cgroup_freezer_action(s, action); + } + + static int slice_freeze(Unit *s) { +diff --git a/src/core/unit.c b/src/core/unit.c +index e2c61ce866..bd79578255 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -5622,6 +5622,8 @@ static int unit_freezer_action(Unit *u, FreezerAction action) { + if (r <= 0) + return r; + ++ assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING)); ++ + return 1; + } + diff --git a/SOURCES/0755-core-unit-fix-use-after-free.patch b/SOURCES/0755-core-unit-fix-use-after-free.patch new file mode 100644 index 0000000..fbb9dd7 --- /dev/null +++ b/SOURCES/0755-core-unit-fix-use-after-free.patch @@ -0,0 +1,29 @@ +From f307c633acd12d59800a760b1c45fad8c79b6f49 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 9 May 2022 00:56:05 +0900 +Subject: [PATCH] core/unit: fix use-after-free + +Fixes #23312. + +(cherry picked from commit 734582830b58e000a26e18807ea277c18778573c) + +Related: #2047373 +--- + src/core/unit.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/core/unit.c b/src/core/unit.c +index bd79578255..68affa2c0e 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -580,8 +580,8 @@ void unit_free(Unit *u) { + + unit_dequeue_rewatch_pids(u); + +- sd_bus_slot_unref(u->match_bus_slot); +- sd_bus_track_unref(u->bus_track); ++ u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot); ++ u->bus_track = sd_bus_track_unref(u->bus_track); + u->deserialized_refs = strv_free(u->deserialized_refs); + u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message); + diff --git a/SOURCES/0756-sd-bus-fix-reference-counter-to-be-incremented.patch b/SOURCES/0756-sd-bus-fix-reference-counter-to-be-incremented.patch new file mode 100644 index 0000000..16390d0 --- /dev/null +++ b/SOURCES/0756-sd-bus-fix-reference-counter-to-be-incremented.patch @@ -0,0 +1,58 @@ +From 39e9bd0412bef0c37d487834b8be3a78e28cb804 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 17 Apr 2022 07:05:07 +0900 +Subject: [PATCH] sd-bus: fix reference counter to be incremented + +Fixes #23097. + +(cherry picked from commit b21f237d996c8c18991a68e1204f060d07dc4745) + +[msekleta: This commit also contains the hunk from c2d7dd35d2 +(in sd_bus_track_remove_name). I've decided to not backport that commit +fully because of conflicts and because its was made largely irrelevant +by 7f40cb7c86] + +Related: #2047373 +--- + src/libsystemd/sd-bus/bus-track.c | 15 +++++++-------- + 1 file changed, 7 insertions(+), 8 deletions(-) + +diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c +index 16bf615f50..b1ec5ecbbb 100644 +--- a/src/libsystemd/sd-bus/bus-track.c ++++ b/src/libsystemd/sd-bus/bus-track.c +@@ -208,12 +208,12 @@ _public_ int sd_bus_track_add_name(sd_bus_track *track, const char *name) { + i = hashmap_get(track->names, name); + if (i) { + if (track->recursive) { +- unsigned k = track->n_ref + 1; ++ unsigned k = i->n_ref + 1; + +- if (k < track->n_ref) /* Check for overflow */ ++ if (k < i->n_ref) /* Check for overflow */ + return -EOVERFLOW; + +- track->n_ref = k; ++ i->n_ref = k; + } + + bus_track_remove_from_queue(track); +@@ -281,14 +281,13 @@ _public_ int sd_bus_track_remove_name(sd_bus_track *track, const char *name) { + i = hashmap_get(track->names, name); + if (!i) + return -EUNATCH; +- if (i->n_ref <= 0) +- return -EUNATCH; +- +- i->n_ref--; + +- if (i->n_ref <= 0) ++ assert(i->n_ref >=1); ++ if (i->n_ref <= 1) + return bus_track_remove_name_fully(track, name); + ++ i->n_ref--; ++ + return 1; + } + diff --git a/SOURCES/0757-sd-bus-do-not-read-unused-value.patch b/SOURCES/0757-sd-bus-do-not-read-unused-value.patch new file mode 100644 index 0000000..18346e1 --- /dev/null +++ b/SOURCES/0757-sd-bus-do-not-read-unused-value.patch @@ -0,0 +1,32 @@ +From 480658d6c79f494e820eb3da59a1818b5b7c3c8b Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 17 Apr 2022 07:25:09 +0900 +Subject: [PATCH] sd-bus: do not read unused value + +(cherry picked from commit 6a7ca27740be4229b4c9f540cd610b205ca5752c) + +Related: #2047373 +--- + src/libsystemd/sd-bus/bus-track.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c +index b1ec5ecbbb..b9965d9d64 100644 +--- a/src/libsystemd/sd-bus/bus-track.c ++++ b/src/libsystemd/sd-bus/bus-track.c +@@ -182,13 +182,13 @@ _public_ sd_bus_track* sd_bus_track_unref(sd_bus_track *track) { + + static int on_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) { + sd_bus_track *track = userdata; +- const char *name, *old, *new; ++ const char *name; + int r; + + assert(message); + assert(track); + +- r = sd_bus_message_read(message, "sss", &name, &old, &new); ++ r = sd_bus_message_read(message, "sss", &name, NULL, NULL); + if (r < 0) + return 0; + diff --git a/SOURCES/0758-sd-bus-do-not-return-negative-errno-when-unknown-nam.patch b/SOURCES/0758-sd-bus-do-not-return-negative-errno-when-unknown-nam.patch new file mode 100644 index 0000000..9676e25 --- /dev/null +++ b/SOURCES/0758-sd-bus-do-not-return-negative-errno-when-unknown-nam.patch @@ -0,0 +1,35 @@ +From 805e13f7016f37c882069f43b5f0c0972d5fdf95 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 17 Apr 2022 07:29:24 +0900 +Subject: [PATCH] sd-bus: do not return negative errno when unknown name is + specified + +When 'recursive' is false, then sd_bus_track_remove_name() does not +return negative errno when unknown name is specified. Let's follow the +same pattern for the case that 'recursive' is true. + +(cherry picked from commit 55bfacc6c33eaf3475762e71172b2ef504be5af8) + +Related: #2047373 +--- + src/libsystemd/sd-bus/bus-track.c | 5 +---- + 1 file changed, 1 insertion(+), 4 deletions(-) + +diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c +index b9965d9d64..8893f190a1 100644 +--- a/src/libsystemd/sd-bus/bus-track.c ++++ b/src/libsystemd/sd-bus/bus-track.c +@@ -275,12 +275,9 @@ _public_ int sd_bus_track_remove_name(sd_bus_track *track, const char *name) { + if (!track) /* Treat a NULL track object as an empty track object */ + return 0; + +- if (!track->recursive) +- return bus_track_remove_name_fully(track, name); +- + i = hashmap_get(track->names, name); + if (!i) +- return -EUNATCH; ++ return 0; + + assert(i->n_ref >=1); + if (i->n_ref <= 1) diff --git a/SOURCES/0759-sd-bus-switch-to-a-manual-overflow-check-in-sd_bus_t.patch b/SOURCES/0759-sd-bus-switch-to-a-manual-overflow-check-in-sd_bus_t.patch new file mode 100644 index 0000000..13a748f --- /dev/null +++ b/SOURCES/0759-sd-bus-switch-to-a-manual-overflow-check-in-sd_bus_t.patch @@ -0,0 +1,48 @@ +From 598eecf5c1c948535ca626833bc5cea59060913f Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 20 Apr 2022 22:30:22 +0200 +Subject: [PATCH] sd-bus: switch to a manual overflow check in + sd_bus_track_add_name() + +This is generally used in a directly client controllable way, hence we +should handle ref count overflow gracefully, instead of hitting an +assert(). + +As discussed: + +https://github.com/systemd/systemd/pull/23099#discussion_r854341850 +(cherry picked from commit 7f40cb7c86b0fff3a82096a9499570bad9c19fd2) + +[msekleta: We've never switched to using track_item_ref/unref introduced +in c2d7dd35d2 hence we still had potential undefined behavior related to +overflow check and this commit fixes that.] + +Related: #2047373 +--- + src/libsystemd/sd-bus/bus-track.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/src/libsystemd/sd-bus/bus-track.c b/src/libsystemd/sd-bus/bus-track.c +index 8893f190a1..b818e93bec 100644 +--- a/src/libsystemd/sd-bus/bus-track.c ++++ b/src/libsystemd/sd-bus/bus-track.c +@@ -208,12 +208,16 @@ _public_ int sd_bus_track_add_name(sd_bus_track *track, const char *name) { + i = hashmap_get(track->names, name); + if (i) { + if (track->recursive) { +- unsigned k = i->n_ref + 1; ++ assert(i->n_ref > 0); + +- if (k < i->n_ref) /* Check for overflow */ ++ /* Manual oveflow check (instead of a DEFINE_TRIVIAL_REF_FUNC() helper or so), so ++ * that we can return a proper error, given this is almost always called in a ++ * directly client controllable way, and thus better should never hit an assertion ++ * here. */ ++ if (i->n_ref >= UINT_MAX) + return -EOVERFLOW; + +- i->n_ref = k; ++ i->n_ref++; + } + + bus_track_remove_from_queue(track); diff --git a/SOURCES/0760-resolved-let-s-preferably-route-reverse-lookups-for-.patch b/SOURCES/0760-resolved-let-s-preferably-route-reverse-lookups-for-.patch new file mode 100644 index 0000000..922db9a --- /dev/null +++ b/SOURCES/0760-resolved-let-s-preferably-route-reverse-lookups-for-.patch @@ -0,0 +1,194 @@ +From b9844d3dd9d7fdf81d475b81d06a6e9ec821f91d Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Mon, 9 Nov 2020 22:22:56 +0100 +Subject: [PATCH] resolved: let's preferably route reverse lookups for local + subnets to matching interfaces + +Let's preferably route traffic for reverse lookups to LLMNR/mDNS/DNS on +the matching interface if the IP address is in the local subnet. Also, +if looking up an IP address of our own host, let's avoid doing +LLMNR/mDNS at all. + +This is useful if "~." is a routing domain to DNS, as it means, local +reverse lookups still go to LLMNR/mDNS, too. + +(cherry picked from commit 13eb76ef06f5d50bbeb58df1744057e41ef2647e) + +Resolves #1739689 +--- + src/resolve/resolved-dns-scope.c | 85 +++++++++++++++++++++++++++++++- + src/resolve/resolved-link.c | 12 +++-- + src/resolve/resolved-link.h | 1 + + 3 files changed, 92 insertions(+), 6 deletions(-) + +diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c +index 38ea7fea0a..8b65813428 100644 +--- a/src/resolve/resolved-dns-scope.c ++++ b/src/resolve/resolved-dns-scope.c +@@ -417,6 +417,65 @@ int dns_scope_socket_tcp(DnsScope *s, int family, const union in_addr_union *add + return dns_scope_socket(s, SOCK_STREAM, family, address, server, port, ret_socket_address); + } + ++static DnsScopeMatch match_subnet_reverse_lookups( ++ DnsScope *s, ++ const char *domain, ++ bool exclude_own) { ++ ++ union in_addr_union ia; ++ LinkAddress *a; ++ int f, r; ++ ++ assert(s); ++ assert(domain); ++ ++ /* Checks whether the specified domain is a reverse address domain (i.e. in the .in-addr.arpa or ++ * .ip6.arpa area), and if so, whether the address matches any of the local subnets of the link the ++ * scope is associated with. If so, our scope should consider itself relevant for any lookup in the ++ * domain, since it apparently refers to hosts on this link's subnet. ++ * ++ * If 'exclude_own' is true this will return DNS_SCOPE_NO for any IP addresses assigned locally. This ++ * is useful for LLMNR/mDNS as we never want to look up our own hostname on LLMNR/mDNS but always use ++ * the locally synthesized one. */ ++ ++ if (!s->link) ++ return _DNS_SCOPE_INVALID; /* No link, hence no local addresses to check */ ++ ++ r = dns_name_address(domain, &f, &ia); ++ if (r < 0) ++ log_debug_errno(r, "Failed to determine whether '%s' is an address domain: %m", domain); ++ if (r <= 0) ++ return _DNS_SCOPE_INVALID; ++ ++ if (s->family != AF_UNSPEC && f != s->family) ++ return _DNS_SCOPE_INVALID; /* Don't look for IPv4 addresses on LLMNR/mDNS over IPv6 and vice versa */ ++ ++ LIST_FOREACH(addresses, a, s->link->addresses) { ++ ++ if (a->family != f) ++ continue; ++ ++ /* Equals our own address? nah, let's not use this scope. The local synthesizer will pick it up for us. */ ++ if (exclude_own && ++ in_addr_equal(f, &a->in_addr, &ia) > 0) ++ return DNS_SCOPE_NO; ++ ++ if (a->prefixlen == UCHAR_MAX) /* don't know subnet mask */ ++ continue; ++ ++ /* Check if the address is in the local subnet */ ++ r = in_addr_prefix_covers(f, &a->in_addr, a->prefixlen, &ia); ++ if (r < 0) ++ log_debug_errno(r, "Failed to determine whether link address covers lookup address '%s': %m", domain); ++ if (r > 0) ++ /* Note that we only claim zero labels match. This is so that this is at the same ++ * priority a DNS scope with "." as routing domain is. */ ++ return DNS_SCOPE_YES + 0; ++ } ++ ++ return _DNS_SCOPE_INVALID; ++} ++ + DnsScopeMatch dns_scope_good_domain(DnsScope *s, int ifindex, uint64_t flags, const char *domain) { + DnsSearchDomain *d; + +@@ -455,6 +514,7 @@ DnsScopeMatch dns_scope_good_domain(DnsScope *s, int ifindex, uint64_t flags, co + + case DNS_PROTOCOL_DNS: { + DnsServer *dns_server; ++ DnsScopeMatch m; + + /* Never route things to scopes that lack DNS servers */ + dns_server = dns_scope_get_dns_server(s); +@@ -485,10 +545,23 @@ DnsScopeMatch dns_scope_good_domain(DnsScope *s, int ifindex, uint64_t flags, co + dns_name_endswith(domain, "local") == 0) + return DNS_SCOPE_MAYBE; + ++ /* If the IP address to look up matches the local subnet, then implicity synthesizes ++ * DNS_SCOPE_YES_BASE + 0 on this interface, i.e. preferably resolve IP addresses via the DNS ++ * server belonging to this interface. */ ++ m = match_subnet_reverse_lookups(s, domain, false); ++ if (m >= 0) ++ return m; ++ + return DNS_SCOPE_NO; + } + +- case DNS_PROTOCOL_MDNS: ++ case DNS_PROTOCOL_MDNS: { ++ DnsScopeMatch m; ++ ++ m = match_subnet_reverse_lookups(s, domain, true); ++ if (m >= 0) ++ return m; ++ + if ((s->family == AF_INET && dns_name_endswith(domain, "in-addr.arpa") > 0) || + (s->family == AF_INET6 && dns_name_endswith(domain, "ip6.arpa") > 0) || + (dns_name_endswith(domain, "local") > 0 && /* only resolve names ending in .local via mDNS */ +@@ -497,8 +570,15 @@ DnsScopeMatch dns_scope_good_domain(DnsScope *s, int ifindex, uint64_t flags, co + return DNS_SCOPE_MAYBE; + + return DNS_SCOPE_NO; ++ } ++ ++ case DNS_PROTOCOL_LLMNR: { ++ DnsScopeMatch m; ++ ++ m = match_subnet_reverse_lookups(s, domain, true); ++ if (m >= 0) ++ return m; + +- case DNS_PROTOCOL_LLMNR: + if ((s->family == AF_INET && dns_name_endswith(domain, "in-addr.arpa") > 0) || + (s->family == AF_INET6 && dns_name_endswith(domain, "ip6.arpa") > 0) || + (dns_name_is_single_label(domain) && /* only resolve single label names via LLMNR */ +@@ -507,6 +587,7 @@ DnsScopeMatch dns_scope_good_domain(DnsScope *s, int ifindex, uint64_t flags, co + return DNS_SCOPE_MAYBE; + + return DNS_SCOPE_NO; ++ } + + default: + assert_not_reached("Unknown scope protocol"); +diff --git a/src/resolve/resolved-link.c b/src/resolve/resolved-link.c +index ff2be12415..c42fe5b5f4 100644 +--- a/src/resolve/resolved-link.c ++++ b/src/resolve/resolved-link.c +@@ -776,10 +776,13 @@ int link_address_new(Link *l, LinkAddress **ret, int family, const union in_addr + if (!a) + return -ENOMEM; + +- a->family = family; +- a->in_addr = *in_addr; ++ *a = (LinkAddress) { ++ .family = family, ++ .in_addr = *in_addr, ++ .link = l, ++ .prefixlen = UCHAR_MAX, ++ }; + +- a->link = l; + LIST_PREPEND(addresses, l->addresses, a); + l->n_addresses++; + +@@ -1077,7 +1080,8 @@ int link_address_update_rtnl(LinkAddress *a, sd_netlink_message *m) { + if (r < 0) + return r; + +- sd_rtnl_message_addr_get_scope(m, &a->scope); ++ (void) sd_rtnl_message_addr_get_prefixlen(m, &a->prefixlen); ++ (void) sd_rtnl_message_addr_get_scope(m, &a->scope); + + link_allocate_scopes(a->link); + link_add_rrs(a->link, false); +diff --git a/src/resolve/resolved-link.h b/src/resolve/resolved-link.h +index 063d3f35c3..8d52b10950 100644 +--- a/src/resolve/resolved-link.h ++++ b/src/resolve/resolved-link.h +@@ -24,6 +24,7 @@ struct LinkAddress { + + int family; + union in_addr_union in_addr; ++ unsigned char prefixlen; + + unsigned char flags, scope; + diff --git a/SOURCES/systemd-user b/SOURCES/systemd-user index 2725df9..8607d4f 100644 --- a/SOURCES/systemd-user +++ b/SOURCES/systemd-user @@ -2,6 +2,7 @@ # # Used by systemd --user instances. +account sufficient pam_unix.so no_pass_expiry account include system-auth session required pam_selinux.so close diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec index cd79db9..d1db3ff 100644 --- a/SPECS/systemd.spec +++ b/SPECS/systemd.spec @@ -13,7 +13,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 239 -Release: 58%{?dist}.1 +Release: 59%{?dist} # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -793,13 +793,23 @@ Patch0740: 0740-sysctl-fix-segfault.patch Patch0741: 0741-ci-drop-CentOS-8-CI.patch Patch0742: 0742-test-adapt-to-the-new-capsh-format.patch Patch0743: 0743-test-ignore-IAB-capabilities-in-test-execute.patch -Patch0744: 0744-acpi-fpdt-mark-structures-as-packed.patch -Patch0745: 0745-core-slice-make-slice_freezer_action-return-0-if-fre.patch -Patch0746: 0746-core-unit-fix-use-after-free.patch -Patch0747: 0747-sd-bus-fix-reference-counter-to-be-incremented.patch -Patch0748: 0748-sd-bus-do-not-read-unused-value.patch -Patch0749: 0749-sd-bus-do-not-return-negative-errno-when-unknown-nam.patch -Patch0750: 0750-sd-bus-switch-to-a-manual-overflow-check-in-sd_bus_t.patch +Patch0744: 0744-core-disallow-using-.service-as-a-service-name.patch +Patch0745: 0745-shared-dropin-support-.service.d-top-level-drop-in-f.patch +Patch0746: 0746-core-change-top-level-drop-in-from-.service.d-to-ser.patch +Patch0747: 0747-shared-dropin-fix-assert-for-invalid-drop-in.patch +Patch0748: 0748-udev-fix-slot-based-network-names-on-s390.patch +Patch0749: 0749-udev-add-missing-initialization-to-fix-freeing-inval.patch +Patch0750: 0750-udev-it-is-not-necessary-that-the-path-is-readable.patch +Patch0751: 0751-udev-allow-onboard-index-up-to-65535.patch +Patch0752: 0752-Revert-basic-use-comma-as-separator-in-cpuset-cgroup.patch +Patch0753: 0753-acpi-fpdt-mark-structures-as-packed.patch +Patch0754: 0754-core-slice-make-slice_freezer_action-return-0-if-fre.patch +Patch0755: 0755-core-unit-fix-use-after-free.patch +Patch0756: 0756-sd-bus-fix-reference-counter-to-be-incremented.patch +Patch0757: 0757-sd-bus-do-not-read-unused-value.patch +Patch0758: 0758-sd-bus-do-not-return-negative-errno-when-unknown-nam.patch +Patch0759: 0759-sd-bus-switch-to-a-manual-overflow-check-in-sd_bus_t.patch +Patch0760: 0760-resolved-let-s-preferably-route-reverse-lookups-for-.patch %ifarch %{ix86} x86_64 aarch64 @@ -863,6 +873,7 @@ Requires: %{name}-pam = %{version}-%{release} Requires: %{name}-libs = %{version}-%{release} Recommends: diffutils Requires: util-linux +Requires: timedatex Recommends: libxkbcommon%{?_isa} Provides: /bin/systemctl Provides: /sbin/shutdown @@ -1430,14 +1441,23 @@ fi %files tests -f .file-list-tests %changelog -* Wed May 11 2022 systemd maintenance team - 239-58.1 -- acpi-fpdt: mark structures as packed (#2084052) -- core/slice: make slice_freezer_action() return 0 if freezing state is unchanged (#2084052) -- core/unit: fix use-after-free (#2084052) -- sd-bus: fix reference counter to be incremented (#2084052) -- sd-bus: do not read unused value (#2084052) -- sd-bus: do not return negative errno when unknown name is specified (#2084052) -- sd-bus: switch to a manual overflow check in sd_bus_track_add_name() (#2084052) +* Wed May 18 2022 systemd maintenance team - 239-59 +- core: disallow using '-.service' as a service name (#2051520) +- shared/dropin: support -.service.d/ top level drop-in for service units (#2051520) +- core: change top-level drop-in from -.service.d to service.d (#2051520) +- shared/dropin: fix assert for invalid drop-in (#2051520) +- udev: fix slot based network names on s390 (#1939914) +- udev: it is not necessary that the path is readable (#1939914) +- udev: allow onboard index up to 65535 (#1939914) +- Revert "basic: use comma as separator in cpuset cgroup cpu ranges" (#1858220) +- acpi-fpdt: mark structures as packed (#2047373) +- core/slice: make slice_freezer_action() return 0 if freezing state is unchanged (#2047373) +- core/unit: fix use-after-free (#2047373) +- sd-bus: fix reference counter to be incremented (#2047373) +- sd-bus: do not read unused value (#2047373) +- sd-bus: do not return negative errno when unknown name is specified (#2047373) +- sd-bus: switch to a manual overflow check in sd_bus_track_add_name() (#2047373) +- spec: Add dependency on timedatex (#2066946) * Tue Feb 08 2022 systemd maintenance team - 239-58 - ci: drop CentOS 8 CI (#2017033)