Skip to content
Snippets Groups Projects
Commit 90554b7c authored by importbot's avatar importbot
Browse files

import systemd-257-7.el10

parent 350fccf8
No related branches found
No related tags found
No related merge requests found
Showing
with 704 additions and 0 deletions
From 9fac3149c4384af4dfd4af796120a89611cf48f5 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Sat, 25 Jan 2025 01:21:30 +0000
Subject: [PATCH] mkosi: add loongarch64 to Debian's list of EFI arches
(cherry picked from commit 5ff144515e8b4d8faeb77461b9a62acb0ff1c0a5)
---
mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf | 1 +
1 file changed, 1 insertion(+)
diff --git a/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf
index 781670a775..c808ddd9cf 100644
--- a/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf
+++ b/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/efi.conf
@@ -8,6 +8,7 @@ Architecture=|arm
Architecture=|arm64
Architecture=|riscv32
Architecture=|riscv64
+Architecture=|loongarch64
[Content]
Packages=
From 52b5a79982e3dec63532f9145f12f0d2c212cef6 Mon Sep 17 00:00:00 2001
From: Adam Williamson <awilliam@redhat.com>
Date: Fri, 10 Jan 2025 13:01:47 -0800
Subject: [PATCH] kbd-model-map: add a georgian mapping
https://github.com/legionus/kbd/pull/127 adds a Georgian mapping
to kbd. console-setup already has one. Let's support it here, so
it's used for Georgian installs on distros that use this table.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
(cherry picked from commit f89d4c5f108ffbd29d0cc963ed7202bb9b0f778a)
---
src/locale/kbd-model-map | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/locale/kbd-model-map b/src/locale/kbd-model-map
index 279d1a36d8..612f6d749a 100644
--- a/src/locale/kbd-model-map
+++ b/src/locale/kbd-model-map
@@ -70,3 +70,4 @@ khmer kh,us pc105 - terminate:ctrl_alt_bksp
es-dvorak es microsoftpro dvorak terminate:ctrl_alt_bksp
lv lv pc105 apostrophe terminate:ctrl_alt_bksp
lv-tilde lv pc105 tilde terminate:ctrl_alt_bksp
+ge ge,us pc105 - terminate:ctrl_alt_bksp
From b6b287854aa622083ec25e19e2fac26bd332e693 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Mon, 27 Jan 2025 20:30:16 +0000
Subject: [PATCH] core: add trigger to path unit debug log
Useful for debugging, given it's already logging and the trigger
is known, add it
(cherry picked from commit 6566b4306a65bc7af6ade0cb6887217212925202)
---
src/core/path.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/path.c b/src/core/path.c
index e0dc93aabd..c9ea31a74e 100644
--- a/src/core/path.c
+++ b/src/core/path.c
@@ -591,7 +591,7 @@ static void path_enter_waiting(Path *p, bool initial, bool from_trigger_notify)
}
if (path_check_good(p, initial, from_trigger_notify, &trigger_path)) {
- log_unit_debug(UNIT(p), "Got triggered.");
+ log_unit_debug(UNIT(p), "Got triggered by '%s'.", trigger_path);
path_enter_running(p, trigger_path);
return;
}
@@ -608,7 +608,7 @@ static void path_enter_waiting(Path *p, bool initial, bool from_trigger_notify)
* recheck */
if (path_check_good(p, false, from_trigger_notify, &trigger_path)) {
- log_unit_debug(UNIT(p), "Got triggered.");
+ log_unit_debug(UNIT(p), "Got triggered by '%s'.", trigger_path);
path_enter_running(p, trigger_path);
return;
}
From 91577ec207633cc1bbdae2cca2658bf032314f8e Mon Sep 17 00:00:00 2001
From: Nick Rosbrook <enr0n@ubuntu.com>
Date: Wed, 23 Oct 2024 16:31:00 -0400
Subject: [PATCH] test: cleanup after testcase_12_resolvectl2
(cherry picked from commit 266cfdfc77a0eee6d4df60d9795f381ced8a1e65)
---
test/units/TEST-75-RESOLVED.sh | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/test/units/TEST-75-RESOLVED.sh b/test/units/TEST-75-RESOLVED.sh
index fd07fd898a..25ab02a938 100755
--- a/test/units/TEST-75-RESOLVED.sh
+++ b/test/units/TEST-75-RESOLVED.sh
@@ -936,6 +936,15 @@ testcase_11_nft() {
# Test resolvectl show-server-state
testcase_12_resolvectl2() {
+ # Cleanup
+ # shellcheck disable=SC2317
+ cleanup() {
+ rm -f /run/systemd/resolved.conf.d/reload.conf
+ systemctl reload systemd-resolved.service
+ }
+
+ trap cleanup RETURN
+
run resolvectl show-server-state
grep -qF "10.0.0.1" "$RUN_OUT"
grep -qF "Interface" "$RUN_OUT"
From 6ad1efb288c33c8531a815831f3b8d245df884a1 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Sun, 26 Jan 2025 20:06:36 +0000
Subject: [PATCH] test: install stub package for test-ukify unit test
(cherry picked from commit 78ce88e2656aedee8b38b36edcf1e074b90ff53a)
---
.github/workflows/unit_tests.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/.github/workflows/unit_tests.sh b/.github/workflows/unit_tests.sh
index 4433d847ce..168bcc55c3 100755
--- a/.github/workflows/unit_tests.sh
+++ b/.github/workflows/unit_tests.sh
@@ -24,6 +24,7 @@ ADDITIONAL_DEPS=(
python3-pyparsing
python3-pytest
rpm
+ systemd-boot-efi
zstd
)
From 1ccfd9a55775e5d4f717d5b59040ee1679c16996 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Sun, 26 Jan 2025 19:50:22 +0000
Subject: [PATCH] test: use local stub if available in test-ukify
It might not be available on a CI system in the system
path, so use the local one if it was built
(cherry picked from commit bcca98c6326b2766d6b769661b15e292c12cf8ac)
---
src/ukify/test/test_ukify.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/ukify/test/test_ukify.py b/src/ukify/test/test_ukify.py
index 3ed21fc0ac..6c427623ea 100755
--- a/src/ukify/test/test_ukify.py
+++ b/src/ukify/test/test_ukify.py
@@ -59,6 +59,8 @@ except ValueError:
slow_tests = True
arg_tools = ['--tools', build_root] if build_root else []
+if build_root and pathlib.Path(f"{build_root}/linux{ukify.guess_efi_arch()}.efi.stub").exists():
+ arg_tools += ['--stub', f"{build_root}/linux{ukify.guess_efi_arch()}.efi.stub"]
def systemd_measure():
opts = ukify.create_parser().parse_args(arg_tools)
@@ -654,7 +656,7 @@ def test_inspect(kernel_initrd, tmp_path, capsys):
f'--os-release={osrel_arg}',
f'--uname={uname_arg}',
f'--output={output}',
- ]
+ ] + arg_tools
if slow_tests:
args += [
f'--secureboot-certificate={cert.name}',
From 534b837ba8c796f61743f99e147be5769603ae13 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Sun, 26 Jan 2025 17:35:06 +0000
Subject: [PATCH] test: support slow test-ukify on Debian/Ubuntu
Kernels are installed in /boot/ so find them there too
(cherry picked from commit 25a253084a16dcc077592ff85d62f69fa940d1de)
---
src/ukify/test/test_ukify.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/ukify/test/test_ukify.py b/src/ukify/test/test_ukify.py
index 6c427623ea..61d465fca1 100755
--- a/src/ukify/test/test_ukify.py
+++ b/src/ukify/test/test_ukify.py
@@ -408,6 +408,8 @@ def test_help_error(capsys):
@pytest.fixture(scope='session')
def kernel_initrd():
items = sorted(glob.glob('/lib/modules/*/vmlinuz'))
+ if not items:
+ items = sorted(glob.glob('/boot/vmlinuz*'))
if not items:
return None
From e5bf5f0d6101acb818e76083c9b48ecf6e9e015e Mon Sep 17 00:00:00 2001
From: AndreFerreiraMsc <mestreandreferreira@proton.me>
Date: Tue, 28 Jan 2025 14:11:58 +0100
Subject: [PATCH] man: Update nss-myhostname.xml to reflect files
(cherry picked from commit 3e1d7b6aae5f5b24610620db810a5730dcc9a6a6)
---
man/nss-myhostname.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/man/nss-myhostname.xml b/man/nss-myhostname.xml
index 200c9220b9..653d8e49d4 100644
--- a/man/nss-myhostname.xml
+++ b/man/nss-myhostname.xml
@@ -74,7 +74,7 @@
<para>To activate the NSS modules, add <literal>myhostname</literal> to the line starting with
<literal>hosts:</literal> in <filename>/etc/nsswitch.conf</filename>.</para>
- <para>It is recommended to place <literal>myhostname</literal> after <literal>file</literal> and before <literal>dns</literal>.
+ <para>It is recommended to place <literal>myhostname</literal> after <literal>files</literal> and before <literal>dns</literal>.
This resolves well-known hostnames like <literal>localhost</literal>
and the machine hostnames locally. It is consistent with the behaviour
of <command>nss-resolve</command>, and still allows overriding via
From d07300405f955af8e94d4aee7d921ef05ee07fa2 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 29 Jan 2025 14:43:06 +0100
Subject: [PATCH] ukify: Fix two typing issues
(cherry picked from commit 2d6ae4319ccecdde7a87d12cb439a892afdec943)
---
src/ukify/ukify.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/ukify/ukify.py b/src/ukify/ukify.py
index 4919076098..141dd24ccb 100755
--- a/src/ukify/ukify.py
+++ b/src/ukify/ukify.py
@@ -1442,7 +1442,7 @@ def inspect_section(
data = section.get_data(length=size)
digest = sha256(data).hexdigest()
- struct = {
+ struct: dict[str, Union[int, str]] = {
'size': size,
'sha256': digest,
}
@@ -1461,7 +1461,7 @@ def inspect_section(
if opts.json == 'off':
print(f'{name}:\n size: {size} bytes\n sha256: {digest}')
if ttype == 'text':
- text = textwrap.indent(struct['text'].rstrip(), ' ' * 4)
+ text = textwrap.indent(cast(str, struct['text']).rstrip(), ' ' * 4)
print(f' text:\n{text}')
return name, struct
From a485c928ee9872c8ce7ddbb8e9ba6f33f9ef23cc Mon Sep 17 00:00:00 2001
From: "Alex Xu (Hello71)" <alex_y_xu@yahoo.ca>
Date: Tue, 28 Jan 2025 17:17:01 -0500
Subject: [PATCH] meson: generate keyboard-keys-list from local input.h
otherwise it will use the system input.h which will fail to build if
newer than the bundled version
Fixes: 0a73c8e7b8 ("linux: import input.h and friends")
(cherry picked from commit bc996fd1ba7bce7be4cbae0d0d5ba7c35e8c3f50)
---
src/udev/generate-keyboard-keys-list.sh | 2 +-
src/udev/meson.build | 3 ++-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/udev/generate-keyboard-keys-list.sh b/src/udev/generate-keyboard-keys-list.sh
index ead3113342..4cac507322 100755
--- a/src/udev/generate-keyboard-keys-list.sh
+++ b/src/udev/generate-keyboard-keys-list.sh
@@ -3,7 +3,7 @@
set -eu
set -o pipefail
-${1:?} -dM -include linux/input.h - </dev/null | awk '
+${1:?} -dM -include "${2:?}" - </dev/null | awk '
/\<(KEY_(MAX|MIN_INTERESTING))|(BTN_(MISC|MOUSE|JOYSTICK|GAMEPAD|DIGI|WHEEL|TRIGGER_HAPPY))\>/ { next }
/^#define[ \t]+(KEY|BTN)_[^ ]+[ \t]+[0-9BK]/ { print $2 }
'
diff --git a/src/udev/meson.build b/src/udev/meson.build
index 3535551e74..921dfac39c 100644
--- a/src/udev/meson.build
+++ b/src/udev/meson.build
@@ -57,8 +57,9 @@ endif
generate_keyboard_keys_list = find_program('generate-keyboard-keys-list.sh')
keyboard_keys_list_txt = custom_target(
'keyboard-keys-list.txt',
+ input : files('../basic/linux/input.h'),
output : 'keyboard-keys-list.txt',
- command : [generate_keyboard_keys_list, cpp],
+ command : [generate_keyboard_keys_list, cpp, '@INPUT@'],
capture : true)
generate_keyboard_keys_gperf = find_program('generate-keyboard-keys-gperf.sh')
From f1c2574578e655a15367875548d4f3b8312fe1f6 Mon Sep 17 00:00:00 2001
From: Devilish Spirits <devilishspirits@gmail.com>
Date: Wed, 29 Jan 2025 21:54:27 +0100
Subject: [PATCH] Fix inversion of timesyncd_usec/epoch_usec variables in
clock-warp.c
In clock_apply_epoch() function, the /usr/lib/clock-epoch timestamp was set to timesyncd_usec instead of epoch_usec and vice-versa which produced a misleading log message about the clock source systemd used for early clock sanitization. This trivial commit fix the mistake.
(cherry picked from commit 164295eb6dcc0271d7de030809732c23eeccf9f0)
---
src/core/clock-warp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/clock-warp.c b/src/core/clock-warp.c
index 49d57afa9a..ceaf4b3926 100644
--- a/src/core/clock-warp.c
+++ b/src/core/clock-warp.c
@@ -27,13 +27,13 @@ void clock_apply_epoch(bool allow_backwards) {
r = RET_NERRNO(stat(TIMESYNCD_CLOCK_FILE, &st));
if (r >= 0)
- epoch_usec = timespec_load(&st.st_mtim);
+ timesyncd_usec = timespec_load(&st.st_mtim);
else if (r != -ENOENT)
log_warning_errno(r, "Could not stat %s, ignoring: %m", TIMESYNCD_CLOCK_FILE);
r = RET_NERRNO(stat(EPOCH_CLOCK_FILE, &st));
if (r >= 0)
- timesyncd_usec = timespec_load(&st.st_mtim);
+ epoch_usec = timespec_load(&st.st_mtim);
else if (r != -ENOENT)
log_warning_errno(r, "Could not stat %s, ignoring: %m", EPOCH_CLOCK_FILE);
From e9105d34986ffda1d6d713c2f4a93454e639556e Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Thu, 30 Jan 2025 01:51:05 +0000
Subject: [PATCH] pe: do not warn about .initrd addons
We now support them, so stop warning about them.
(cherry picked from commit f6928e6b5d59fd6b0dc34d338be1cd427c1d97d5)
---
src/shared/pe-binary.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/shared/pe-binary.c b/src/shared/pe-binary.c
index c50aad18f3..173c5adf90 100644
--- a/src/shared/pe-binary.c
+++ b/src/shared/pe-binary.c
@@ -272,10 +272,11 @@ bool pe_is_addon(const PeHeader *pe_header, const IMAGE_SECTION_HEADER *sections
if (le16toh(pe_header->optional.Subsystem) != IMAGE_SUBSYSTEM_EFI_APPLICATION)
return false;
- /* Add-ons do not have a Linux kernel, but do have either .cmdline or .dtb (currently) */
+ /* Add-ons do not have a Linux kernel, but do have one of .cmdline, .dtb, .initrd or .ucode (currently) */
return !pe_header_find_section(pe_header, sections, ".linux") &&
(pe_header_find_section(pe_header, sections, ".cmdline") ||
pe_header_find_section(pe_header, sections, ".dtb") ||
+ pe_header_find_section(pe_header, sections, ".initrd") ||
pe_header_find_section(pe_header, sections, ".ucode"));
}
From 6936658daf139c5d4114a44116905fb469e5a1e2 Mon Sep 17 00:00:00 2001
From: Andrew Sayers <andrew-github.com@pileofstuff.org>
Date: Wed, 29 Jan 2025 11:03:00 +0000
Subject: [PATCH] Fix tense in SD_MESSAGE_SHUTDOWN_STR
This is printed by bus_manager_log_shutdown() in logind-dbus.c,
near the start of the shutdown process.
Clarify that events *will* happen, long after this message is sent.
(cherry picked from commit 6c45c5a57cac1dd0c35a879bf46d4a42e03e74e1)
---
catalog/systemd.catalog.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/catalog/systemd.catalog.in b/catalog/systemd.catalog.in
index eab4afd0cd..f3ca748862 100644
--- a/catalog/systemd.catalog.in
+++ b/catalog/systemd.catalog.in
@@ -189,7 +189,7 @@ Defined-By: systemd
Support: %SUPPORT_URL%
System shutdown has been initiated. The shutdown has now begun and
-all system services are terminated and all file systems unmounted.
+all system services will be terminated and all file systems will be unmounted.
-- c14aaf76ec284a5fa1f105f88dfb061c
Subject: System factory reset initiated
From 4a861abc1fbad6883ae21747016d822d205068e6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 30 Jan 2025 15:25:38 +0100
Subject: [PATCH] firstboot: fix crash when hostname question is skipped
(cherry picked from commit b66a4c157e9754528eec16c235265b4ce94d31e8)
---
src/firstboot/firstboot.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c
index 9be62b8df3..a389eeae10 100644
--- a/src/firstboot/firstboot.c
+++ b/src/firstboot/firstboot.c
@@ -634,7 +634,9 @@ static int prompt_hostname(int rfd) {
if (r < 0)
return r;
- hostname_cleanup(arg_hostname);
+ if (arg_hostname)
+ hostname_cleanup(arg_hostname);
+
return 0;
}
From d42315d9c67e919f9403b9c2284bef9c9a8c2f3a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 1 Feb 2025 09:54:27 +0000
Subject: [PATCH] build(deps): bump coverallsapp/github-action from 2.3.4 to
2.3.6
Bumps [coverallsapp/github-action](https://github.com/coverallsapp/github-action) from 2.3.4 to 2.3.6.
- [Release notes](https://github.com/coverallsapp/github-action/releases)
- [Commits](https://github.com/coverallsapp/github-action/compare/cfd0633edbd2411b532b808ba7a8b5e04f76d2c8...648a8eb78e6d50909eff900e4ec85cab4524a45b)
---
updated-dependencies:
- dependency-name: coverallsapp/github-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit f82660222063c09522440efa3fa8e02c97dab1d5)
---
.github/workflows/coverage.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
index 78e6e05b2c..6503059ef4 100644
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@@ -142,7 +142,7 @@ jobs:
run: sudo mkosi sandbox lcov --ignore-errors inconsistent,inconsistent --list build/test/coverage/everything.coverage-info
- name: Coveralls
- uses: coverallsapp/github-action@cfd0633edbd2411b532b808ba7a8b5e04f76d2c8
+ uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b
if: github.repository == 'systemd/systemd' || github.repository == 'systemd/systemd-stable'
with:
file: build/test/coverage/everything.coverage-info
From c2c6101d26cef32bd9f7bf58d29bd79e38f64d9f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 1 Feb 2025 09:54:20 +0000
Subject: [PATCH] build(deps): bump softprops/action-gh-release from 2.1.0 to
2.2.1
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.1.0 to 2.2.1.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](https://github.com/softprops/action-gh-release/compare/01570a1f39cb168c169c802c3bceb9e93fb10974...c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda)
---
updated-dependencies:
- dependency-name: softprops/action-gh-release
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 30948201331e3c029c5557de23b57a37901c2eb4)
---
.github/workflows/make_release.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/make_release.yml b/.github/workflows/make_release.yml
index f8b82ae9bd..aa7491161a 100644
--- a/.github/workflows/make_release.yml
+++ b/.github/workflows/make_release.yml
@@ -18,7 +18,7 @@ jobs:
steps:
- name: Release
- uses: softprops/action-gh-release@01570a1f39cb168c169c802c3bceb9e93fb10974
+ uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda
with:
prerelease: ${{ contains(github.ref_name, '-rc') }}
draft: ${{ github.repository == 'systemd/systemd' }}
From b3e9de25f2cae33a451c1f7e981437e1f7fb2e56 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 1 Feb 2025 09:54:18 +0000
Subject: [PATCH] build(deps): bump super-linter/super-linter from 7.1.0 to
7.2.1
Bumps [super-linter/super-linter](https://github.com/super-linter/super-linter) from 7.1.0 to 7.2.1.
- [Release notes](https://github.com/super-linter/super-linter/releases)
- [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md)
- [Commits](https://github.com/super-linter/super-linter/compare/b92721f792f381cedc002ecdbb9847a15ece5bb8...85f7611e0f7b53c8573cca84aa0ed4344f6f6a4d)
---
updated-dependencies:
- dependency-name: super-linter/super-linter
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 6e513fa489b1b0e94fc9d7f35290d5f56dd0f306)
---
.github/workflows/linter.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml
index d9f6a37680..0a07dadccb 100644
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@@ -29,7 +29,7 @@ jobs:
fetch-depth: 0
- name: Lint Code Base
- uses: super-linter/super-linter/slim@b92721f792f381cedc002ecdbb9847a15ece5bb8
+ uses: super-linter/super-linter/slim@85f7611e0f7b53c8573cca84aa0ed4344f6f6a4d
env:
DEFAULT_BRANCH: main
MULTI_STATUS: false
From 950d964ee5ba32f022ccd2e8ca09c91fb0cd3e76 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Mon, 3 Feb 2025 16:17:00 +0100
Subject: [PATCH] homectl: Fix empty checks
(cherry picked from commit 4ba3530d67d88c708c36840fbaed9935ae81faa9)
---
src/home/homectl.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/home/homectl.c b/src/home/homectl.c
index b3aacbcbcf..2163469a50 100644
--- a/src/home/homectl.c
+++ b/src/home/homectl.c
@@ -2553,7 +2553,7 @@ static int create_interactively(void) {
continue;
};
- if (available) {
+ if (!strv_isempty(available)) {
r = safe_atou(s, &u);
if (r >= 0) {
if (u <= 0 || u > strv_length(available)) {
@@ -2591,7 +2591,7 @@ static int create_interactively(void) {
return log_oom();
}
- if (groups) {
+ if (!strv_isempty(groups)) {
strv_sort_uniq(groups);
r = sd_json_variant_set_field_strv(&arg_identity_extra, "memberOf", groups);
@@ -2630,7 +2630,7 @@ static int create_interactively(void) {
log_notice("Specified shell '%s' is not installed, try another one.", shell);
}
- if (shell) {
+ if (!isempty(shell)) {
log_info("Selected %s as the shell for user %s", shell, username);
r = sd_json_variant_set_field_string(&arg_identity_extra, "shell", shell);
From a99729aba8c707f09bd96ed742bcab2f11790fb7 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 4 Feb 2025 09:24:26 +0100
Subject: [PATCH] ukify/measure: Revert changes to use SizeOfImage from Linux
PE binary
With 19812661f1f65ebe777d1626b5abf6475faababc, we make sure at runtime
in the stub itself that SizeOfImage from the Linux EFISTUB PE binary is
taken into account, so there's no need to take this into account in ukify
itself. By reverting the ukify change, we again ensure that Misc_VirtualSize
reflects the actual size of the Linux EFISTUB PE binary in the .linux section
which lots of tooling depends on. It also makes sure we don't measure a bunch
of extra zeroes in the stub which should fix systemd-pcrlock measurements as
well.
This effectively reverts 2188c759f97e40b97ebe3e94e82239f36b525b10 and
0005411352f9bda0d9887c37b9e75a2bce6c1133.
Fixes #35851
(cherry picked from commit 38801c91292fde004bec0974ed5602984701e03b)
---
src/measure/measure.c | 32 --------------------------------
src/ukify/ukify.py | 16 ++--------------
2 files changed, 2 insertions(+), 46 deletions(-)
diff --git a/src/measure/measure.c b/src/measure/measure.c
index e583444e0b..2057ce2a0e 100644
--- a/src/measure/measure.c
+++ b/src/measure/measure.c
@@ -544,38 +544,6 @@ static int measure_kernel(PcrState *pcr_states, size_t n) {
m += sz;
}
- if (c == UNIFIED_SECTION_LINUX) {
- _cleanup_free_ PeHeader *pe_header = NULL;
-
- r = pe_load_headers(fd, /*ret_dos_header=*/ NULL, &pe_header);
- if (r < 0)
- log_warning_errno(r, "Failed to parse kernel image file '%s', ignoring: %m", arg_sections[c]);
- else if (m < pe_header->optional.SizeOfImage) {
- memzero(buffer, BUFFER_SIZE);
-
- /* Our EFI stub measures VirtualSize bytes of the .linux section into PCR 11.
- * Notably, VirtualSize can be larger than the section's size on disk. In
- * that case the extra space is initialized with zeros, so the stub ends up
- * measuring a bunch of zeros. To accommodate this, we have to measure the
- * same number of zeros here. We opt to measure extra zeros here instead of
- * modifying the stub to only measure the number of bytes on disk as we want
- * newer ukify + systemd-measure to work with older versions of the stub and
- * as of 6.12 the kernel image's VirtualSize won't be larger than its size on
- * disk anymore (see https://github.com/systemd/systemd/issues/34578#issuecomment-2382459515).
- */
-
- while (m < pe_header->optional.SizeOfImage) {
- uint64_t sz = MIN(BUFFER_SIZE, pe_header->optional.SizeOfImage - m);
-
- for (size_t i = 0; i < n; i++)
- if (EVP_DigestUpdate(mdctx[i], buffer, sz) != 1)
- return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Failed to run digest.");
-
- m += sz;
- }
- }
- }
-
fd = safe_close(fd);
if (m == 0) /* We skip over empty files, the stub does so too */
diff --git a/src/ukify/ukify.py b/src/ukify/ukify.py
index 141dd24ccb..7a9f63e1d4 100755
--- a/src/ukify/ukify.py
+++ b/src/ukify/ukify.py
@@ -388,7 +388,6 @@ class Section:
tmpfile: Optional[IO[Any]] = None
measure: bool = False
output_mode: Optional[str] = None
- virtual_size: Optional[int] = None
@classmethod
def create(cls, name: str, contents: Union[str, bytes, Path, None], **kwargs: Any) -> 'Section':
@@ -918,10 +917,7 @@ def pe_add_sections(uki: UKI, output: str) -> None:
new_section.set_file_offset(offset)
new_section.Name = section.name.encode()
- if section.virtual_size is not None:
- new_section.Misc_VirtualSize = section.virtual_size
- else:
- new_section.Misc_VirtualSize = len(data)
+ new_section.Misc_VirtualSize = len(data)
# Non-stripped stubs might still have an unaligned symbol table at the end, making their size
# unaligned, so we make sure to explicitly pad the pointer to new sections to an aligned offset.
new_section.PointerToRawData = round_up(len(pe.__data__), pe.OPTIONAL_HEADER.FileAlignment)
@@ -1166,6 +1162,7 @@ def make_uki(opts: UkifyConfig) -> None:
('.uname', opts.uname, True),
('.splash', opts.splash, True),
('.pcrpkey', pcrpkey, True),
+ ('.linux', linux, True),
('.initrd', initrd, True),
('.ucode', opts.microcode, True),
] # fmt: skip
@@ -1182,15 +1179,6 @@ def make_uki(opts: UkifyConfig) -> None:
for section in opts.sections:
uki.add_section(section)
- if linux is not None:
- try:
- virtual_size = pefile.PE(linux, fast_load=True).OPTIONAL_HEADER.SizeOfImage
- except pefile.PEFormatError:
- print(f'{linux} is not a valid PE file, not using SizeOfImage.')
- virtual_size = None
-
- uki.add_section(Section.create('.linux', linux, measure=True, virtual_size=virtual_size))
-
# Don't add a sbat section to profile PE binaries.
if opts.join_profiles or not opts.profile:
if linux is not None:
From 7358b67ad1e2eb865bd5628ff6c20a13439ff3d0 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 4 Feb 2025 11:42:42 +0100
Subject: [PATCH] sysupdate: Update example mode to 644 instead of 444
The UKI file has to be writable to be able to do boot counting in
the UEFI firmware which involves renaming the file by writing to
the file metadata which requires the file to be writable in the FAT
filesystem.
Fixes #36170
(cherry picked from commit 0e470e1cc32776f7b57f57640193d6dd0df97a5b)
---
man/sysupdate.d.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/man/sysupdate.d.xml b/man/sysupdate.d.xml
index bec423705c..5f108dacb1 100644
--- a/man/sysupdate.d.xml
+++ b/man/sysupdate.d.xml
@@ -977,7 +977,7 @@ PathRelativeTo=boot
MatchPattern=foobarOS_@v+@l-@d.efi \
foobarOS_@v+@l.efi \
foobarOS_@v.efi
-Mode=0444
+Mode=0644
TriesLeft=3
TriesDone=0
InstancesMax=2</programlisting></para>
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment