packages/systemd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

backport patches from upstream and add patches

Browse Source 
(cherry picked from commit 7408966ed3f90de3a489251c9a5db9c0e6a884c9)
This commit is contained in:
hongjinghao 2023-03-06 14:36:20 +08:00 committed by openeuler-sync-bot
parent 9932819b4d
commit 01effbba76
8 changed files with 319 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
backport-core-mount-namespaces-Remove-auxiliary-bind-mounts.patch Normal file
View File

@ -0,0 +1,79 @@
From b7e5e6e85048c1a71632bc2d5efe57fb1bfe7472 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20Koutn=C3=BD?= <mkoutny@suse.com>
Date: Wed, 18 Jan 2023 23:20:31 +0100
Subject: [PATCH] core: mount namespaces: Remove auxiliary bind mounts
directory after unit termination
Unit that requires its own mount namespace creates a temporary directory
to implement dynamic bind mounts (org.freedesktop.systemd1.Manager.BindMountUnit).
However, this directory is never removed and they will accumulate for
each unique unit (e.g. templated units of systemd-coredump@).
Attach the auxiliary runtime directory existence to lifetime of other
"runtime" only per-unit directories.
(cherry picked from commit b9f976fb45635e09cd709dbedd0afb03d4b73c05)
(cherry picked from commit 80e8340ec49d0da3744cdf81f82202e13b0fad3b)
(cherry picked from commit fd260cb37e3441b851c7fee4825d5b6af17f66ca)
(cherry picked from commit ff542dcd1a8c2c7cdc96b9f4b9889774b9474c26)
---
src/core/execute.c | 17 +++++++++++++++++
src/core/execute.h | 1 +
src/core/unit.c | 1 +
3 files changed, 19 insertions(+)
diff --git a/src/core/execute.c b/src/core/execute.c
index 37f63a9378..6844b1d28f 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -4978,6 +4978,23 @@ int exec_context_destroy_credentials(const ExecContext *c, const char *runtime_p
return 0;
}
+int exec_context_destroy_mount_ns_dir(Unit *u) {
+ _cleanup_free_ char *p = NULL;
+
+ if (!u || !MANAGER_IS_SYSTEM(u->manager))
+ return 0;
+
+ p = path_join("/run/systemd/propagate/", u->id);
+ if (!p)
+ return -ENOMEM;
+
+ /* This is only filled transiently (see mount_in_namespace()), should be empty or even non-existent*/
+ if (rmdir(p) < 0 && errno != ENOENT)
+ log_unit_debug_errno(u, errno, "Unable to remove propagation dir '%s', ignoring: %m", p);
+
+ return 0;
+}
+
static void exec_command_done(ExecCommand *c) {
assert(c);
diff --git a/src/core/execute.h b/src/core/execute.h
index 47349a69a2..f1f0ee4186 100644
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -422,6 +422,7 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix);
int exec_context_destroy_runtime_directory(const ExecContext *c, const char *runtime_root);
int exec_context_destroy_credentials(const ExecContext *c, const char *runtime_root, const char *unit);
+int exec_context_destroy_mount_ns_dir(Unit *u);
const char* exec_context_fdname(const ExecContext *c, int fd_index);
diff --git a/src/core/unit.c b/src/core/unit.c
index 0e8a01966a..0f44ea8bcd 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -5700,6 +5700,7 @@ void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
+ exec_context_destroy_mount_ns_dir(u);
}
int unit_clean(Unit *u, ExecCleanMask mask) {
--
2.27.0

32
backport-mount-setup-don-t-need-to-mount-sys-fs-pstore-if-the.patch Normal file
View File

@ -0,0 +1,32 @@
From ccbb0b48c48f80a3121ff9d99f395b642a0090b5 Mon Sep 17 00:00:00 2001
From: jcg <jiangchuangang@huawei.com>
Date: Fri, 9 Dec 2022 20:45:39 +0800
Subject: [PATCH] mount-setup: don't need to mount /sys/fs/pstore if there is
no ENABLE_PSTORE
(cherry picked from commit 5e5fce3e918ebba5d0cbf0b64bb97f0eaeae70a3)
(cherry picked from commit 613994c10b19f02c0764aa1d5865730f3af99267)
(cherry picked from commit 46a7e30cb9f274763657d40193c2a03a02c687ab)
(cherry picked from commit 0e96d07e8c03e543816702b13db891924b485951)
---
src/shared/mount-setup.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/shared/mount-setup.c b/src/shared/mount-setup.c
index ef3527e9a7..8c7c390854 100644
--- a/src/shared/mount-setup.c
+++ b/src/shared/mount-setup.c
@@ -102,8 +102,10 @@ static const MountPoint mount_table[] = {
cg_is_legacy_wanted, MNT_IN_CONTAINER },
{ "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd", MS_NOSUID|MS_NOEXEC|MS_NODEV,
cg_is_legacy_wanted, MNT_FATAL|MNT_IN_CONTAINER },
+#if ENABLE_PSTORE
{ "pstore", "/sys/fs/pstore", "pstore", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
NULL, MNT_NONE },
+#endif
#if ENABLE_EFI
{ "efivarfs", "/sys/firmware/efi/efivars", "efivarfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
is_efi_boot, MNT_NONE },
--
2.27.0

36
backport-nspawn-guard-acl_free-with-a-NULL-check.patch Normal file
View File

@ -0,0 +1,36 @@
From 1d0921354ab975910c44ac0d646661323bca8717 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 6 Jan 2023 12:30:36 +0100
Subject: [PATCH] nspawn: guard acl_free() with a NULL check
Inspired by #25957 there's one other place where we don't guard
acl_free() calls with a NULL check.
Fix that.
(cherry picked from commit 34680637e838415204850f77c93ca6ca219abaf1)
(cherry picked from commit 4dabf90526d4573144a51bdd87c1203b25265b33)
(cherry picked from commit d8b4ac7a1783a29435cb3dfee3dfdee37c1b1ac8)
(cherry picked from commit 3a9fe8e7687ed3b2b563c6b2237d2b62a79f79e6)
---
src/nspawn/nspawn-patch-uid.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/nspawn/nspawn-patch-uid.c b/src/nspawn/nspawn-patch-uid.c
index 785332e091..321caf066b 100644
--- a/src/nspawn/nspawn-patch-uid.c
+++ b/src/nspawn/nspawn-patch-uid.c
@@ -189,7 +189,9 @@ static int patch_acls(int fd, const char *name, const struct stat *st, uid_t shi
if (S_ISDIR(st->st_mode)) {
acl_free(acl);
- acl_free(shifted);
+
+ if (shifted)
+ acl_free(shifted);
acl = shifted = NULL;
--
2.27.0

37
backport-sd-event-don-t-mistake-USEC_INFINITY-passed-in-for.patch Normal file
View File

@ -0,0 +1,37 @@
From 3aa1cf93ad9eff91e8d26fb4628ac33b620b6b28 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 6 Jan 2023 11:27:17 +0100
Subject: [PATCH] sd-event: don't mistake USEC_INFINITY passed in for overflow
Let's pass USEC_INFINITY from sd_event_source_set_time_relative() to
sd_event_source_set_time() instead of raising EOVERFLOW.
We should raise EOVERFLOW only if your addition fails, but not if the
input already is USEC_INFINITY, since it's an entirely valid operation
to have an infinite time-out, and we should support that.
(cherry picked from commit ef8591951aefccb668201f24aa481aa6cda834da)
(cherry picked from commit 9769d84fe51573b4f2d5cb8f76664e886c7daf88)
(cherry picked from commit 5fe49d0fb88b779d5096713627ce54757bff70b2)
(cherry picked from commit 33036c403225ad0c88c9e5a9058aea69ff6ed9bc)
---
src/libsystemd/sd-event/sd-event.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c
index 4ba7151050..19e7680687 100644
--- a/src/libsystemd/sd-event/sd-event.c
+++ b/src/libsystemd/sd-event/sd-event.c
@@ -2611,6 +2611,9 @@ _public_ int sd_event_source_set_time_relative(sd_event_source *s, uint64_t usec
assert_return(s, -EINVAL);
assert_return(EVENT_SOURCE_IS_TIME(s->type), -EDOM);
+ if (usec == USEC_INFINITY)
+ return sd_event_source_set_time(s, USEC_INFINITY);
+
r = sd_event_now(s->event, event_source_type_to_clock(s->type), &t);
if (r < 0)
return r;
--
2.27.0

34
backport-sd-event-never-pass-negative-errnos-as-signalfd-to.patch Normal file
View File

@ -0,0 +1,34 @@
From b369b5884d52e5fd5fde0de78323d16a969df9d5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Mon, 19 Dec 2022 14:36:08 +0100
Subject: [PATCH] sd-event: never pass negative errnos as signalfd to signalfd
We treat any negative value as "invalid fd", but signalfd only
accepts -1.
(cherry picked from commit cbff793ffb280d9d11e5d7b1dc3964276491bee8)
(cherry picked from commit 54c840ea58c578060e941f754a4fed2931483820)
(cherry picked from commit 4178457f0ec07452f856894988e5490bbc91cc36)
(cherry picked from commit 0accce1b1c5d67e4183cb67f0bbbaaf7fc50c9f6)
---
src/libsystemd/sd-event/sd-event.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c
index 20ffd38eff..4ba7151050 100644
--- a/src/libsystemd/sd-event/sd-event.c
+++ b/src/libsystemd/sd-event/sd-event.c
@@ -649,7 +649,9 @@ static int event_make_signal_data(
ss_copy = d->sigset;
assert_se(sigaddset(&ss_copy, sig) >= 0);
- r = signalfd(d->fd, &ss_copy, SFD_NONBLOCK|SFD_CLOEXEC);
+ r = signalfd(d->fd >= 0 ? d->fd : -1, /* the first arg must be -1 or a valid signalfd */
+ &ss_copy,
+ SFD_NONBLOCK|SFD_CLOEXEC);
if (r < 0) {
r = -errno;
goto fail;
--
2.27.0

33
backport-swap-tell-swapon-to-reinitialize-swap-if-needed.patch Normal file
View File

@ -0,0 +1,33 @@
From 316382fb90c7018b5309bacf66c5f18488c2a3c4 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Mon, 12 Dec 2022 16:21:30 +0100
Subject: [PATCH] swap: tell swapon to reinitialize swap if needed
If the page size of a swap space doesn't match the page size of the
currently running kernel, swapon will fail. Let's instruct it to
reinitialize the swap space instead.
(cherry picked from commit cc137d53e36da5e57b060be5e621864f572b2cac)
(cherry picked from commit a0ac79bce9255cf33b0f208b18d888f0f700133c)
(cherry picked from commit 8be5a12c7170ed7e7b4303c16573e463ef997e23)
(cherry picked from commit f8201271fdaef4e3a68efac8a21e9f195e4e4a6b)
---
src/core/swap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/swap.c b/src/core/swap.c
index 3843b19500..83e77d24ae 100644
--- a/src/core/swap.c
+++ b/src/core/swap.c
@@ -836,7 +836,7 @@ static void swap_enter_activating(Swap *s) {
}
}
- r = exec_command_set(s->control_command, "/sbin/swapon", NULL);
+ r = exec_command_set(s->control_command, "/sbin/swapon", "--fixpgsz", NULL);
if (r < 0)
goto fail;
--
2.27.0

57
backport-tmpfiles-avoid-null-free-for-acl-attributes.patch Normal file
View File

@ -0,0 +1,57 @@
From 85e06ba8753e767d9f28550bf9f6b0d2e971b296 Mon Sep 17 00:00:00 2001
From: Sam James <sam@gentoo.org>
Date: Fri, 6 Jan 2023 10:58:32 +0000
Subject: [PATCH] tmpfiles: avoid null free() for acl attributes
When built with ACL support, we might be processing a tmpfiles
entry where there's no cause for us to call parse_acls_from_arg,
then we get to the end of parse_line without having ever populated
i.{acl_access, acl_default}.
Then we pass a null pointer into acl_free().
From UBSAN w/ GCC 13.0.0_pre20230101:
```
$ systemd-tmpfiles --clean
/var/tmp/portage/sys-apps/acl-2.3.1-r1/work/acl-2.3.1/libacl/acl_free.c:44:14: runtime error: applying non-zero offset 18446744073709551608 to null pointer
#0 0x7f65d868b482 in acl_free /var/tmp/portage/sys-apps/acl-2.3.1-r1/work/acl-2.3.1/libacl/acl_free.c:44
#1 0x55fe7e592249 in item_free_contents ../systemd-9999/src/tmpfiles/tmpfiles.c:2855
#2 0x55fe7e5a347a in parse_line ../systemd-9999/src/tmpfiles/tmpfiles.c:3158
#3 0x55fe7e5a347a in read_config_file ../systemd-9999/src/tmpfiles/tmpfiles.c:3897
#4 0x55fe7e590c61 in read_config_files ../systemd-9999/src/tmpfiles/tmpfiles.c:3985
#5 0x55fe7e590c61 in run ../systemd-9999/src/tmpfiles/tmpfiles.c:4157
#6 0x55fe7e590c61 in main ../systemd-9999/src/tmpfiles/tmpfiles.c:4218
#7 0x7f65d7ebe289 (/usr/lib64/libc.so.6+0x23289)
#8 0x7f65d7ebe344 in __libc_start_main (/usr/lib64/libc.so.6+0x23344)
#9 0x55fe7e591900 in _start (/usr/bin/systemd-tmpfiles+0x11900)
```
(cherry picked from commit 9f804ab04d566ff745849e1c4ced680a0447cf76)
(cherry picked from commit a11a949c43def70ec5d3f57f561884c3f652603e)
(cherry picked from commit 455193605d22a171c0f9b599a105be9ac18f433f)
(cherry picked from commit 0e711b7c06fc8b1290adcd38b4bb8faaa49ab764)
---
src/tmpfiles/tmpfiles.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index 1bfb1cbe16..461dfe5a5f 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -2683,8 +2683,11 @@ static void item_free_contents(Item *i) {
strv_free(i->xattrs);
#if HAVE_ACL
- acl_free(i->acl_access);
- acl_free(i->acl_default);
+ if (i->acl_access)
+ acl_free(i->acl_access);
+
+ if (i->acl_default)
+ acl_free(i->acl_default);
#endif
}
--
2.27.0

12
systemd.spec
View File

@ -21,7 +21,7 @@
Name: systemd
Url: https://www.freedesktop.org/wiki/Software/systemd
Version: 249
Release: 46
Release: 47
License: MIT and LGPLv2+ and GPLv2+
Summary: System and Service Manager
@ -440,6 +440,13 @@ Patch6392: backport-mount-util-fix-error-code.patch
Patch6393: backport-analyze-add-forgotten-return-statement.patch
Patch6394: backport-shared-condition-avoid-nss-lookup-in-PID1.patch
Patch6395: backport-logind-fix-getting-property-OnExternalPower-via-D-Bu.patch
Patch6396: backport-mount-setup-don-t-need-to-mount-sys-fs-pstore-if-the.patch
Patch6397: backport-swap-tell-swapon-to-reinitialize-swap-if-needed.patch
Patch6398: backport-sd-event-never-pass-negative-errnos-as-signalfd-to.patch
Patch6399: backport-sd-event-don-t-mistake-USEC_INFINITY-passed-in-for.patch
Patch6400: backport-tmpfiles-avoid-null-free-for-acl-attributes.patch
Patch6401: backport-nspawn-guard-acl_free-with-a-NULL-check.patch
Patch6402: backport-core-mount-namespaces-Remove-auxiliary-bind-mounts.patch
Patch9001: update-rtc-with-system-clock-when-shutdown.patch
Patch9002: udev-add-actions-while-rename-netif-failed.patch
@ -1910,6 +1917,9 @@ fi
%{_libdir}/security/pam_systemd.so
%changelog
* Mon Mar 6 2023 hongjinghao <hongjinghao@huawei.com> -249-47
- backport patches from upstream and add patches
* Thu Jan 19 2023 yangmingtai <yangmingtai@huawei.com> -249-46
- delete unused patch files