From d4199314ad907082c0ff51275a920fcb7024681f Mon Sep 17 00:00:00 2001 From: hongwei-qin Date: Tue, 15 Mar 2022 22:20:24 -0400 Subject: [PATCH 1/3] update to systemd-239-51.el8_5.5 Signed-off-by: hongwei-qin --- ...agate-errors-from-mount_setup_unit-f.patch | 14 +- 0670-test-make-TEST-47-less-racy.patch | 35 ++ ..._FEATURE_ADDRESS_SANITIZER-also-on-g.patch | 38 ++ ...-function-to-autodetect-CI-environme.patch | 104 +++++ ...673-strv-rework-FOREACH_STRING-macro.patch | 16 +- ...emctl-use-const-char-instead-of-char.patch | 47 ++ ...UB_ACTIONS-variable-to-the-CentOS-co.patch | 29 ++ ..._-start_limit-condition-assert-_test.patch | 179 ++++++++ ...eck-unit-start-rate-limiting-earlier.patch | 400 ++++++++++++++++++ ...ce-callback-invoked-when-event-sourc.patch | 226 ++++++++++ ...eralize-UNIT-u-test_start_limit-hook.patch | 263 ++++++++++++ ...-units-start-jobs-not-runnable-if-p-.patch | 27 ++ ...run-queue-after-ratelimit-expired-to.patch | 54 +++ ...d-a-manager_trigger_run_queue-helper.patch | 98 +++++ ...at-were-skipped-because-of-ratelimit.patch | 46 ++ ...introduce-naming-scheme-for-RHEL-8.5.patch | 50 +++ ...dev-net_id-remove-extraneous-bracket.patch | 25 ++ ...pdate-exec-deps-on-mountinfo-changes.patch | 87 ++++ ...mplicit-unit-dependencies-even-if-wh.patch | 46 ++ ...ull-reference-case-in-load_from_path.patch | 34 -- ...-t-pass-null-directive-argument-to-s.patch | 30 -- ...r-systemd-runtest.env-to-set-SYSTEMD.patch | 171 -------- ...r-systemd-runtest.env-for-SYSTEMD_CA.patch | 139 ------ ...roduce-EXIT_EXCEPTION-mapping-to-255.patch | 61 --- ...e-PID-1-in-containers-exit-with-non-.patch | 59 --- ...t-go-into-freeze-when-systemd-crashd.patch | 111 ----- ...ge-the-system-mount-propagation-to-s.patch | 77 ---- ...-definition-of-CGROUP_CONTROLLER_TO_.patch | 32 -- ...only-siblings-that-got-realized-once.patch | 67 --- ...g-item-to-support-setting-the-value-.patch | 121 ------ 1015-systemd-anolis-support-loongarch64.patch | 56 --- systemd.spec | 76 ++-- 32 files changed, 1808 insertions(+), 1010 deletions(-) rename 1011-mount-don-t-propagate-errors-from-mount_setup_unit-f.patch => 0669-mount-don-t-propagate-errors-from-mount_setup_unit-f.patch (87%) create mode 100644 0670-test-make-TEST-47-less-racy.patch create mode 100644 0671-macro-define-HAS_FEATURE_ADDRESS_SANITIZER-also-on-g.patch create mode 100644 0672-tests-add-helper-function-to-autodetect-CI-environme.patch rename 1006-strv-rework-FOREACH_STRING-macro.patch => 0673-strv-rework-FOREACH_STRING-macro.patch (86%) create mode 100644 0674-test-systemctl-use-const-char-instead-of-char.patch create mode 100644 0675-ci-pass-the-GITHUB_ACTIONS-variable-to-the-CentOS-co.patch create mode 100644 0676-core-rename-unit_-start_limit-condition-assert-_test.patch create mode 100644 0677-core-Check-unit-start-rate-limiting-earlier.patch create mode 100644 0678-sd-event-introduce-callback-invoked-when-event-sourc.patch create mode 100644 0679-core-rename-generalize-UNIT-u-test_start_limit-hook.patch create mode 100644 0680-mount-make-mount-units-start-jobs-not-runnable-if-p-.patch create mode 100644 0681-mount-retrigger-run-queue-after-ratelimit-expired-to.patch create mode 100644 0682-pid1-add-a-manager_trigger_run_queue-helper.patch create mode 100644 0683-unit-add-jobs-that-were-skipped-because-of-ratelimit.patch create mode 100644 0684-udev-net_id-introduce-naming-scheme-for-RHEL-8.5.patch create mode 100644 0685-udev-net_id-remove-extraneous-bracket.patch create mode 100644 0686-mount-do-not-update-exec-deps-on-mountinfo-changes.patch create mode 100644 0687-core-mount-add-implicit-unit-dependencies-even-if-wh.patch delete mode 100644 1002-core-fix-a-null-reference-case-in-load_from_path.patch delete mode 100644 1003-sysctl-Don-t-pass-null-directive-argument-to-s.patch delete mode 100644 1004-test-use-builddir-systemd-runtest.env-to-set-SYSTEMD.patch delete mode 100644 1005-test-use-builddir-systemd-runtest.env-for-SYSTEMD_CA.patch delete mode 100644 1007-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch delete mode 100644 1008-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch delete mode 100644 1009-Do-not-go-into-freeze-when-systemd-crashd.patch delete mode 100644 1010-mount-setup-change-the-system-mount-propagation-to-s.patch delete mode 100644 1012-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch delete mode 100644 1013-cgroup-update-only-siblings-that-got-realized-once.patch delete mode 100644 1014-core-add-a-config-item-to-support-setting-the-value-.patch delete mode 100644 1015-systemd-anolis-support-loongarch64.patch diff --git a/1011-mount-don-t-propagate-errors-from-mount_setup_unit-f.patch b/0669-mount-don-t-propagate-errors-from-mount_setup_unit-f.patch similarity index 87% rename from 1011-mount-don-t-propagate-errors-from-mount_setup_unit-f.patch rename to 0669-mount-don-t-propagate-errors-from-mount_setup_unit-f.patch index cbbec36..670c443 100644 --- a/1011-mount-don-t-propagate-errors-from-mount_setup_unit-f.patch +++ b/0669-mount-don-t-propagate-errors-from-mount_setup_unit-f.patch @@ -1,4 +1,4 @@ -From 66ccec10af5ac97fa0528a309119f98e4eff44a7 Mon Sep 17 00:00:00 2001 +From 4662575605089b38d611a911c03c60ec260fde05 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 28 Nov 2018 12:41:44 +0100 Subject: [PATCH] mount: don't propagate errors from mount_setup_unit() further @@ -10,18 +10,15 @@ further processing of mount units. Let's keep these failures local. Fixes: #10874 -cherry-picked from upstream ba0d56f5. +(cherry picked from commit ba0d56f55f2073164799be714b5bd1aad94d059a) -Conflicts: - src/core/mount.c - -Signed-off-by: Yuanhong Peng +Resolves: #2039327 --- src/core/mount.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/src/core/mount.c b/src/core/mount.c -index 7e80a0c..9b1c59b 100644 +index 7e80a0c974..9b1c59b1c3 100644 --- a/src/core/mount.c +++ b/src/core/mount.c @@ -1621,12 +1621,10 @@ static int mount_load_proc_self_mountinfo(Manager *m, bool set_flags) { @@ -52,6 +49,3 @@ index 7e80a0c..9b1c59b 100644 } static void mount_shutdown(Manager *m) { --- -2.27.0 - diff --git a/0670-test-make-TEST-47-less-racy.patch b/0670-test-make-TEST-47-less-racy.patch new file mode 100644 index 0000000..e5c9f88 --- /dev/null +++ b/0670-test-make-TEST-47-less-racy.patch @@ -0,0 +1,35 @@ +From a423abe6a3914364c36d4299c1b770fdbe376834 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 15 Dec 2021 12:15:19 +0100 +Subject: [PATCH] test: make TEST-47 less racy + +Based on: + - 2e7090e94d0c8b31d418555ab2f6a9b75318f6a4 + - e00e2e0b50bbd120290572c8d1242703fb98b34e + - 197298ff9fc930de450330095cc5b67d165d0801 + +Related: #2039327 + +(cherry picked from commit de7125dcfe6d6c8af05262ab786f9fe7cbf15113) +--- + test/TEST-47-ISSUE-14566/testsuite.sh | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/test/TEST-47-ISSUE-14566/testsuite.sh b/test/TEST-47-ISSUE-14566/testsuite.sh +index d917cf52ff..b12b50e96c 100755 +--- a/test/TEST-47-ISSUE-14566/testsuite.sh ++++ b/test/TEST-47-ISSUE-14566/testsuite.sh +@@ -6,11 +6,13 @@ systemd-analyze log-level debug + systemd-analyze log-target console + + systemctl start issue_14566_test ++sleep 4 + systemctl status issue_14566_test + + leaked_pid=$(cat /leakedtestpid) + + systemctl stop issue_14566_test ++sleep 4 + + # Leaked PID will still be around if we're buggy. + # I personally prefer to see 42. diff --git a/0671-macro-define-HAS_FEATURE_ADDRESS_SANITIZER-also-on-g.patch b/0671-macro-define-HAS_FEATURE_ADDRESS_SANITIZER-also-on-g.patch new file mode 100644 index 0000000..ed2f3d5 --- /dev/null +++ b/0671-macro-define-HAS_FEATURE_ADDRESS_SANITIZER-also-on-g.patch @@ -0,0 +1,38 @@ +From c132731b260174f5939099ceb4fccde84710c502 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Mon, 3 Dec 2018 17:30:19 +0100 +Subject: [PATCH] macro: define HAS_FEATURE_ADDRESS_SANITIZER also on gcc + +Let's make differences between compilers more minimal. + +Related: #2039327 + +(cherry picked from commit 01da36fadd365329cfd9e2c97eb419c63404b25f) +--- + src/basic/macro.h | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +diff --git a/src/basic/macro.h b/src/basic/macro.h +index 0fe6a62aa8..e87026882f 100644 +--- a/src/basic/macro.h ++++ b/src/basic/macro.h +@@ -55,6 +55,19 @@ + # endif + #endif + ++#if !defined(HAS_FEATURE_ADDRESS_SANITIZER) ++# ifdef __SANITIZE_ADDRESS__ ++# define HAS_FEATURE_ADDRESS_SANITIZER 1 ++# elif defined(__has_feature) ++# if __has_feature(address_sanitizer) ++# define HAS_FEATURE_ADDRESS_SANITIZER 1 ++# endif ++# endif ++# if !defined(HAS_FEATURE_ADDRESS_SANITIZER) ++# define HAS_FEATURE_ADDRESS_SANITIZER 0 ++# endif ++#endif ++ + /* Temporarily disable some warnings */ + #define DISABLE_WARNING_DECLARATION_AFTER_STATEMENT \ + _Pragma("GCC diagnostic push"); \ diff --git a/0672-tests-add-helper-function-to-autodetect-CI-environme.patch b/0672-tests-add-helper-function-to-autodetect-CI-environme.patch new file mode 100644 index 0000000..01d8709 --- /dev/null +++ b/0672-tests-add-helper-function-to-autodetect-CI-environme.patch @@ -0,0 +1,104 @@ +From ccdf0a116dcba01ec4d8caec0baef2910d8d9800 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Mon, 29 Nov 2021 13:00:21 +0100 +Subject: [PATCH] tests: add helper function to autodetect CI environments + +Sadly there is no standarized way to check if we're running in some +CI environment. So let's try to gather the heuristics in one helper +function. + +(cherry picked from commit 6fbbf368f5a6d181b21f448255d5a4182dc2ab3a) + +Related: #2039327 +--- + src/basic/string-util.h | 6 ++++++ + src/shared/tests.c | 42 +++++++++++++++++++++++++++++++++++++++++ + src/shared/tests.h | 3 +++ + 3 files changed, 51 insertions(+) + +diff --git a/src/basic/string-util.h b/src/basic/string-util.h +index 96a9260f93..742b566932 100644 +--- a/src/basic/string-util.h ++++ b/src/basic/string-util.h +@@ -32,6 +32,12 @@ static inline bool streq_ptr(const char *a, const char *b) { + return strcmp_ptr(a, b) == 0; + } + ++static inline char* strstr_ptr(const char *haystack, const char *needle) { ++ if (!haystack || !needle) ++ return NULL; ++ return strstr(haystack, needle); ++} ++ + static inline const char* strempty(const char *s) { + return s ?: ""; + } +diff --git a/src/shared/tests.c b/src/shared/tests.c +index 100b62b9b0..1da80d653f 100644 +--- a/src/shared/tests.c ++++ b/src/shared/tests.c +@@ -7,7 +7,9 @@ + #include + + #include "tests.h" ++#include "env-util.h" + #include "path-util.h" ++#include "strv.h" + + char* setup_fake_runtime_dir(void) { + char t[] = "/tmp/fake-xdg-runtime-XXXXXX", *p; +@@ -75,3 +77,43 @@ void test_setup_logging(int level) { + log_parse_environment(); + log_open(); + } ++ ++const char *ci_environment(void) { ++ /* We return a string because we might want to provide multiple bits of information later on: not ++ * just the general CI environment type, but also whether we're sanitizing or not, etc. The caller is ++ * expected to use strstr on the returned value. */ ++ static const char *ans = (void*) UINTPTR_MAX; ++ const char *p; ++ int r; ++ ++ if (ans != (void*) UINTPTR_MAX) ++ return ans; ++ ++ /* We allow specifying the environment with $CITYPE. Nobody uses this so far, but we are ready. */ ++ p = getenv("CITYPE"); ++ if (!isempty(p)) ++ return (ans = p); ++ ++ if (getenv_bool("TRAVIS") > 0) ++ return (ans = "travis"); ++ if (getenv_bool("SEMAPHORE") > 0) ++ return (ans = "semaphore"); ++ if (getenv_bool("GITHUB_ACTIONS") > 0) ++ return (ans = "github-actions"); ++ if (getenv("AUTOPKGTEST_ARTIFACTS") || getenv("AUTOPKGTEST_TMP")) ++ return (ans = "autopkgtest"); ++ ++ FOREACH_STRING(p, "CI", "CONTINOUS_INTEGRATION") { ++ /* Those vars are booleans according to Semaphore and Travis docs: ++ * https://docs.travis-ci.com/user/environment-variables/#default-environment-variables ++ * https://docs.semaphoreci.com/ci-cd-environment/environment-variables/#ci ++ */ ++ r = getenv_bool(p); ++ if (r > 0) ++ return (ans = "unknown"); /* Some other unknown thing */ ++ if (r == 0) ++ return (ans = NULL); ++ } ++ ++ return (ans = NULL); ++} +diff --git a/src/shared/tests.h b/src/shared/tests.h +index 3d696d02fd..4f8f349097 100644 +--- a/src/shared/tests.h ++++ b/src/shared/tests.h +@@ -5,3 +5,6 @@ char* setup_fake_runtime_dir(void); + bool test_is_running_from_builddir(char **exedir); + const char* get_testdata_dir(void); + void test_setup_logging(int level); ++ ++/* Provide a convenient way to check if we're running in CI. */ ++const char *ci_environment(void); diff --git a/1006-strv-rework-FOREACH_STRING-macro.patch b/0673-strv-rework-FOREACH_STRING-macro.patch similarity index 86% rename from 1006-strv-rework-FOREACH_STRING-macro.patch rename to 0673-strv-rework-FOREACH_STRING-macro.patch index 7d8bcf2..ca14931 100644 --- a/1006-strv-rework-FOREACH_STRING-macro.patch +++ b/0673-strv-rework-FOREACH_STRING-macro.patch @@ -1,10 +1,8 @@ -From f3ae2e70053c5145cdd9750b577f5d86077c7271 Mon Sep 17 00:00:00 2001 +From ad8b47946941e6a1f3ae778f5e8563ddf532b2ba Mon Sep 17 00:00:00 2001 From: Lennart Poettering -Date: Tue, 2 Jun 2020 02:48:29 +0000 +Date: Wed, 16 Jan 2019 00:13:38 +0100 Subject: [PATCH] strv: rework FOREACH_STRING() macro -upstream commit 66a64081f82dfad90f2f9394a477820a2e3e6510 - So it's apparently problematic that we use STRV_MAKE() (i.e. a compound initializer) outside of the {} block we use it in (and that includes outside of the ({}) block, too). Hence, let's rework the macro to not @@ -15,12 +13,17 @@ readable. Moreover, it will now complain if the iterator is a "char*" instead of a "const char*", which is good too. Fixes: #11394 +(cherry picked from commit 66a64081f82dfad90f2f9394a477820a2e3e6510) + +(cherry picked from commit 3539a72c260063713e4ecba17966ba9a768d8af9) + +Related: #2039327 --- src/basic/strv.h | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/src/basic/strv.h b/src/basic/strv.h -index c1e4c97..a09d767 100644 +index c1e4c973b6..a09d76706d 100644 --- a/src/basic/strv.h +++ b/src/basic/strv.h @@ -148,17 +148,10 @@ void strv_print(char **l); @@ -45,6 +48,3 @@ index c1e4c97..a09d767 100644 char **strv_reverse(char **l); char **strv_shell_escape(char **l, const char *bad); --- -2.18.1 - diff --git a/0674-test-systemctl-use-const-char-instead-of-char.patch b/0674-test-systemctl-use-const-char-instead-of-char.patch new file mode 100644 index 0000000..da4898d --- /dev/null +++ b/0674-test-systemctl-use-const-char-instead-of-char.patch @@ -0,0 +1,47 @@ +From 5a45664f9b5d2ba7550ed1c12550554688b70f5c Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Mon, 29 Nov 2021 13:47:24 +0100 +Subject: [PATCH] test,systemctl: use "const char*" instead of "char*" + +as iterator for FOREACH_STRING() + +The macro iterates through literal strings (i.e. constant strings), +hence it's more correct to have the iterator const too. + +Based on b2238e380e5f2fbcc129643b3fbd66f2828fd57c. + +(cherry picked from commit fdfff847313222eed3306ac605db46d8cbd23212) + +Related: #2039327 +--- + src/systemctl/systemctl.c | 3 ++- + src/test/test-execute.c | 2 +- + 2 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c +index 3dd7c1522f..b967550b97 100644 +--- a/src/systemctl/systemctl.c ++++ b/src/systemctl/systemctl.c +@@ -7011,7 +7011,8 @@ static int run_editor(char **paths) { + if (r == 0) { + const char **args; + char *editor, **editor_args = NULL; +- char **tmp_path, **original_path, *p; ++ char **tmp_path, **original_path; ++ const char *p; + size_t n_editor_args = 0, i = 1; + size_t argc; + +diff --git a/src/test/test-execute.c b/src/test/test-execute.c +index 294f8fe7dd..4d21301982 100644 +--- a/src/test/test-execute.c ++++ b/src/test/test-execute.c +@@ -146,7 +146,7 @@ invalid: + } + + static bool is_inaccessible_available(void) { +- char *p; ++ const char *p; + + FOREACH_STRING(p, + "/run/systemd/inaccessible/reg", diff --git a/0675-ci-pass-the-GITHUB_ACTIONS-variable-to-the-CentOS-co.patch b/0675-ci-pass-the-GITHUB_ACTIONS-variable-to-the-CentOS-co.patch new file mode 100644 index 0000000..6d1f06d --- /dev/null +++ b/0675-ci-pass-the-GITHUB_ACTIONS-variable-to-the-CentOS-co.patch @@ -0,0 +1,29 @@ +From d9542b919237306baee2d2396794f63da67b1314 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Mon, 29 Nov 2021 13:59:41 +0100 +Subject: [PATCH] ci: pass the $GITHUB_ACTIONS variable to the CentOS container + +so we can properly skip tests which are problematic when running in GH +Actions. + +Related: #2039327 +rhel-only + +(cherry picked from commit a8fd8d157c832ddad34a9a3e372579c58261f7fb) +--- + .github/workflows/unit_tests.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/.github/workflows/unit_tests.sh b/.github/workflows/unit_tests.sh +index 814870e7a0..c1311310fb 100755 +--- a/.github/workflows/unit_tests.sh ++++ b/.github/workflows/unit_tests.sh +@@ -131,7 +131,7 @@ for phase in "${PHASES[@]}"; do + # Pull a Docker image and start a new container + docker pull quay.io/centos/centos:$CENTOS_RELEASE + info "Starting container $CONT_NAME" +- $DOCKER_RUN -v $REPO_ROOT:/build:rw \ ++ $DOCKER_RUN -v $REPO_ROOT:/build:rw -e GITHUB_ACTIONS="$GITHUB_ACTIONS" \ + -w /build --privileged=true --name $CONT_NAME \ + -dit --net=host quay.io/centos/centos:$CENTOS_RELEASE /sbin/init + diff --git a/0676-core-rename-unit_-start_limit-condition-assert-_test.patch b/0676-core-rename-unit_-start_limit-condition-assert-_test.patch new file mode 100644 index 0000000..0913a49 --- /dev/null +++ b/0676-core-rename-unit_-start_limit-condition-assert-_test.patch @@ -0,0 +1,179 @@ +From f1f0eb4d262e91830324de3f99fa58cd154a7876 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Mon, 18 Mar 2019 12:21:27 +0100 +Subject: [PATCH] core: rename unit_{start_limit|condition|assert}_test() to + unit_test_xyz() + +Just some renaming, no change in behaviour. + +Background: I'd like to add more functions unit_test_xyz() that test +various things, hence let's streamline the naming a bit. + +(cherry picked from commit 97a3f4ee052e1b8a0ff03accfa478e352891a84f) + +Related: #2037395 +--- + src/core/automount.c | 2 +- + src/core/mount.c | 2 +- + src/core/path.c | 2 +- + src/core/service.c | 2 +- + src/core/socket.c | 2 +- + src/core/swap.c | 2 +- + src/core/timer.c | 2 +- + src/core/unit.c | 11 +++++------ + src/core/unit.h | 2 +- + 9 files changed, 13 insertions(+), 14 deletions(-) + +diff --git a/src/core/automount.c b/src/core/automount.c +index 76e70f4dac..2bc160cb07 100644 +--- a/src/core/automount.c ++++ b/src/core/automount.c +@@ -808,7 +808,7 @@ static int automount_start(Unit *u) { + return -ENOENT; + } + +- r = unit_start_limit_test(u); ++ r = unit_test_start_limit(u); + if (r < 0) { + automount_enter_dead(a, AUTOMOUNT_FAILURE_START_LIMIT_HIT); + return r; +diff --git a/src/core/mount.c b/src/core/mount.c +index 9b1c59b1c3..4cb49d845d 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1065,7 +1065,7 @@ static int mount_start(Unit *u) { + + assert(IN_SET(m->state, MOUNT_DEAD, MOUNT_FAILED)); + +- r = unit_start_limit_test(u); ++ r = unit_test_start_limit(u); + if (r < 0) { + mount_enter_dead(m, MOUNT_FAILURE_START_LIMIT_HIT); + return r; +diff --git a/src/core/path.c b/src/core/path.c +index ed40bc6c19..4bccc0396b 100644 +--- a/src/core/path.c ++++ b/src/core/path.c +@@ -565,7 +565,7 @@ static int path_start(Unit *u) { + return -ENOENT; + } + +- r = unit_start_limit_test(u); ++ r = unit_test_start_limit(u); + if (r < 0) { + path_enter_dead(p, PATH_FAILURE_START_LIMIT_HIT); + return r; +diff --git a/src/core/service.c b/src/core/service.c +index 5e3e75b5ae..01cb1a375e 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -2357,7 +2357,7 @@ static int service_start(Unit *u) { + assert(IN_SET(s->state, SERVICE_DEAD, SERVICE_FAILED)); + + /* Make sure we don't enter a busy loop of some kind. */ +- r = unit_start_limit_test(u); ++ r = unit_test_start_limit(u); + if (r < 0) { + service_enter_dead(s, SERVICE_FAILURE_START_LIMIT_HIT, false); + return r; +diff --git a/src/core/socket.c b/src/core/socket.c +index 50c32ed8f4..09491c6677 100644 +--- a/src/core/socket.c ++++ b/src/core/socket.c +@@ -2469,7 +2469,7 @@ static int socket_start(Unit *u) { + + assert(IN_SET(s->state, SOCKET_DEAD, SOCKET_FAILED)); + +- r = unit_start_limit_test(u); ++ r = unit_test_start_limit(u); + if (r < 0) { + socket_enter_dead(s, SOCKET_FAILURE_START_LIMIT_HIT); + return r; +diff --git a/src/core/swap.c b/src/core/swap.c +index a8f127f660..823699699e 100644 +--- a/src/core/swap.c ++++ b/src/core/swap.c +@@ -851,7 +851,7 @@ static int swap_start(Unit *u) { + if (UNIT(other)->job && UNIT(other)->job->state == JOB_RUNNING) + return -EAGAIN; + +- r = unit_start_limit_test(u); ++ r = unit_test_start_limit(u); + if (r < 0) { + swap_enter_dead(s, SWAP_FAILURE_START_LIMIT_HIT); + return r; +diff --git a/src/core/timer.c b/src/core/timer.c +index 1718ffc5a5..be16321296 100644 +--- a/src/core/timer.c ++++ b/src/core/timer.c +@@ -599,7 +599,7 @@ static int timer_start(Unit *u) { + return -ENOENT; + } + +- r = unit_start_limit_test(u); ++ r = unit_test_start_limit(u); + if (r < 0) { + timer_enter_dead(t, TIMER_FAILURE_START_LIMIT_HIT); + return r; +diff --git a/src/core/unit.c b/src/core/unit.c +index 152a860d08..fa94a67fdd 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -1633,7 +1633,7 @@ static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to + return triggered != 0; + } + +-static bool unit_condition_test(Unit *u) { ++static bool unit_test_condition(Unit *u) { + assert(u); + + dual_timestamp_get(&u->condition_timestamp); +@@ -1642,7 +1642,7 @@ static bool unit_condition_test(Unit *u) { + return u->condition_result; + } + +-static bool unit_assert_test(Unit *u) { ++static bool unit_test_assert(Unit *u) { + assert(u); + + dual_timestamp_get(&u->assert_timestamp); +@@ -1657,8 +1657,7 @@ void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg + REENABLE_WARNING; + } + +- +-int unit_start_limit_test(Unit *u) { ++int unit_test_start_limit(Unit *u) { + assert(u); + + if (ratelimit_below(&u->start_limit)) { +@@ -1748,14 +1747,14 @@ int unit_start(Unit *u) { + * speed up activation in case there is some hold-off time, + * but we don't want to recheck the condition in that case. */ + if (state != UNIT_ACTIVATING && +- !unit_condition_test(u)) { ++ !unit_test_condition(u)) { + log_unit_debug(u, "Starting requested but condition failed. Not starting unit."); + return -EALREADY; + } + + /* If the asserts failed, fail the entire job */ + if (state != UNIT_ACTIVATING && +- !unit_assert_test(u)) { ++ !unit_test_assert(u)) { + log_unit_notice(u, "Starting requested but asserts failed."); + return -EPROTO; + } +diff --git a/src/core/unit.h b/src/core/unit.h +index ec45b5fb48..a8bc350b66 100644 +--- a/src/core/unit.h ++++ b/src/core/unit.h +@@ -786,7 +786,7 @@ static inline bool unit_supported(Unit *u) { + void unit_warn_if_dir_nonempty(Unit *u, const char* where); + int unit_fail_if_noncanonical(Unit *u, const char* where); + +-int unit_start_limit_test(Unit *u); ++int unit_test_start_limit(Unit *u); + + void unit_unref_uid(Unit *u, bool destroy_now); + int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc); diff --git a/0677-core-Check-unit-start-rate-limiting-earlier.patch b/0677-core-Check-unit-start-rate-limiting-earlier.patch new file mode 100644 index 0000000..0f792d0 --- /dev/null +++ b/0677-core-Check-unit-start-rate-limiting-earlier.patch @@ -0,0 +1,400 @@ +From 6f3b6308bb5705fdcadec3f4cac105211bc0a3e2 Mon Sep 17 00:00:00 2001 +From: Daan De Meyer +Date: Tue, 24 Aug 2021 16:46:47 +0100 +Subject: [PATCH] core: Check unit start rate limiting earlier + +Fixes #17433. Currently, if any of the validations we do before we +check start rate limiting fail, we can still enter a busy loop as +no rate limiting gets applied. A common occurence of this scenario +is path units triggering a service that fails a condition check. + +To fix the issue, we simply move up start rate limiting checks to +be the first thing we do when starting a unit. To achieve this, +we add a new method to the unit vtable and implement it for the +relevant unit types so that we can do the start rate limit checks +earlier on. + +(cherry picked from commit 9727f2427ff6b2e1f4ab927cc57ad8e888f04e95) + +Related: #2037395 + +[msekleta: I've deleted part of the original commit that adds test for +issue #17433. This was necessary because upstream commit assumes newer +organization of the test code which we don't have in RHEL-8 tree. As +a consequence we must add explicit test for this in the internal +test-suite.] +--- + src/core/automount.c | 23 +++++++++++++++++------ + src/core/mount.c | 23 +++++++++++++++++------ + src/core/path.c | 23 +++++++++++++++++------ + src/core/service.c | 25 ++++++++++++++++++------- + src/core/socket.c | 23 +++++++++++++++++------ + src/core/swap.c | 23 +++++++++++++++++------ + src/core/timer.c | 22 ++++++++++++++++------ + src/core/unit.c | 14 ++++++++++---- + src/core/unit.h | 4 ++++ + 9 files changed, 133 insertions(+), 47 deletions(-) + +diff --git a/src/core/automount.c b/src/core/automount.c +index 2bc160cb07..5e16adabb5 100644 +--- a/src/core/automount.c ++++ b/src/core/automount.c +@@ -808,12 +808,6 @@ static int automount_start(Unit *u) { + return -ENOENT; + } + +- r = unit_test_start_limit(u); +- if (r < 0) { +- automount_enter_dead(a, AUTOMOUNT_FAILURE_START_LIMIT_HIT); +- return r; +- } +- + r = unit_acquire_invocation_id(u); + if (r < 0) + return r; +@@ -1077,6 +1071,21 @@ static bool automount_supported(void) { + return supported; + } + ++static int automount_test_start_limit(Unit *u) { ++ Automount *a = AUTOMOUNT(u); ++ int r; ++ ++ assert(a); ++ ++ r = unit_test_start_limit(u); ++ if (r < 0) { ++ automount_enter_dead(a, AUTOMOUNT_FAILURE_START_LIMIT_HIT); ++ return r; ++ } ++ ++ return 0; ++} ++ + static const char* const automount_result_table[_AUTOMOUNT_RESULT_MAX] = { + [AUTOMOUNT_SUCCESS] = "success", + [AUTOMOUNT_FAILURE_RESOURCES] = "resources", +@@ -1135,4 +1144,6 @@ const UnitVTable automount_vtable = { + [JOB_FAILED] = "Failed to unset automount %s.", + }, + }, ++ ++ .test_start_limit = automount_test_start_limit, + }; +diff --git a/src/core/mount.c b/src/core/mount.c +index 4cb49d845d..619f64d5b7 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1065,12 +1065,6 @@ static int mount_start(Unit *u) { + + assert(IN_SET(m->state, MOUNT_DEAD, MOUNT_FAILED)); + +- r = unit_test_start_limit(u); +- if (r < 0) { +- mount_enter_dead(m, MOUNT_FAILURE_START_LIMIT_HIT); +- return r; +- } +- + r = unit_acquire_invocation_id(u); + if (r < 0) + return r; +@@ -1953,6 +1947,21 @@ static int mount_control_pid(Unit *u) { + return m->control_pid; + } + ++static int mount_test_start_limit(Unit *u) { ++ Mount *m = MOUNT(u); ++ int r; ++ ++ assert(m); ++ ++ r = unit_test_start_limit(u); ++ if (r < 0) { ++ mount_enter_dead(m, MOUNT_FAILURE_START_LIMIT_HIT); ++ return r; ++ } ++ ++ return 0; ++} ++ + static const char* const mount_exec_command_table[_MOUNT_EXEC_COMMAND_MAX] = { + [MOUNT_EXEC_MOUNT] = "ExecMount", + [MOUNT_EXEC_UNMOUNT] = "ExecUnmount", +@@ -2044,4 +2053,6 @@ const UnitVTable mount_vtable = { + [JOB_TIMEOUT] = "Timed out unmounting %s.", + }, + }, ++ ++ .test_start_limit = mount_test_start_limit, + }; +diff --git a/src/core/path.c b/src/core/path.c +index 4bccc0396b..1e69a1f05f 100644 +--- a/src/core/path.c ++++ b/src/core/path.c +@@ -565,12 +565,6 @@ static int path_start(Unit *u) { + return -ENOENT; + } + +- r = unit_test_start_limit(u); +- if (r < 0) { +- path_enter_dead(p, PATH_FAILURE_START_LIMIT_HIT); +- return r; +- } +- + r = unit_acquire_invocation_id(u); + if (r < 0) + return r; +@@ -730,6 +724,21 @@ static void path_reset_failed(Unit *u) { + p->result = PATH_SUCCESS; + } + ++static int path_test_start_limit(Unit *u) { ++ Path *p = PATH(u); ++ int r; ++ ++ assert(p); ++ ++ r = unit_test_start_limit(u); ++ if (r < 0) { ++ path_enter_dead(p, PATH_FAILURE_START_LIMIT_HIT); ++ return r; ++ } ++ ++ return 0; ++} ++ + static const char* const path_type_table[_PATH_TYPE_MAX] = { + [PATH_EXISTS] = "PathExists", + [PATH_EXISTS_GLOB] = "PathExistsGlob", +@@ -782,4 +791,6 @@ const UnitVTable path_vtable = { + + .bus_vtable = bus_path_vtable, + .bus_set_property = bus_path_set_property, ++ ++ .test_start_limit = path_test_start_limit, + }; +diff --git a/src/core/service.c b/src/core/service.c +index 01cb1a375e..a21d98ab8f 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -2356,13 +2356,6 @@ static int service_start(Unit *u) { + + assert(IN_SET(s->state, SERVICE_DEAD, SERVICE_FAILED)); + +- /* Make sure we don't enter a busy loop of some kind. */ +- r = unit_test_start_limit(u); +- if (r < 0) { +- service_enter_dead(s, SERVICE_FAILURE_START_LIMIT_HIT, false); +- return r; +- } +- + r = unit_acquire_invocation_id(u); + if (r < 0) + return r; +@@ -4050,6 +4043,22 @@ static bool service_needs_console(Unit *u) { + SERVICE_FINAL_SIGKILL); + } + ++static int service_test_start_limit(Unit *u) { ++ Service *s = SERVICE(u); ++ int r; ++ ++ assert(s); ++ ++ /* Make sure we don't enter a busy loop of some kind. */ ++ r = unit_test_start_limit(u); ++ if (r < 0) { ++ service_enter_dead(s, SERVICE_FAILURE_START_LIMIT_HIT, false); ++ return r; ++ } ++ ++ return 0; ++} ++ + static const char* const service_restart_table[_SERVICE_RESTART_MAX] = { + [SERVICE_RESTART_NO] = "no", + [SERVICE_RESTART_ON_SUCCESS] = "on-success", +@@ -4191,4 +4200,6 @@ const UnitVTable service_vtable = { + [JOB_FAILED] = "Stopped (with error) %s.", + }, + }, ++ ++ .test_start_limit = service_test_start_limit, + }; +diff --git a/src/core/socket.c b/src/core/socket.c +index 09491c6677..36d2e4f823 100644 +--- a/src/core/socket.c ++++ b/src/core/socket.c +@@ -2469,12 +2469,6 @@ static int socket_start(Unit *u) { + + assert(IN_SET(s->state, SOCKET_DEAD, SOCKET_FAILED)); + +- r = unit_test_start_limit(u); +- if (r < 0) { +- socket_enter_dead(s, SOCKET_FAILURE_START_LIMIT_HIT); +- return r; +- } +- + r = unit_acquire_invocation_id(u); + if (r < 0) + return r; +@@ -3267,6 +3261,21 @@ static int socket_control_pid(Unit *u) { + return s->control_pid; + } + ++static int socket_test_start_limit(Unit *u) { ++ Socket *s = SOCKET(u); ++ int r; ++ ++ assert(s); ++ ++ r = unit_test_start_limit(u); ++ if (r < 0) { ++ socket_enter_dead(s, SOCKET_FAILURE_START_LIMIT_HIT); ++ return r; ++ } ++ ++ return 0; ++} ++ + static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = { + [SOCKET_EXEC_START_PRE] = "ExecStartPre", + [SOCKET_EXEC_START_CHOWN] = "ExecStartChown", +@@ -3359,4 +3368,6 @@ const UnitVTable socket_vtable = { + [JOB_TIMEOUT] = "Timed out stopping %s.", + }, + }, ++ ++ .test_start_limit = socket_test_start_limit, + }; +diff --git a/src/core/swap.c b/src/core/swap.c +index 823699699e..90fcd69300 100644 +--- a/src/core/swap.c ++++ b/src/core/swap.c +@@ -851,12 +851,6 @@ static int swap_start(Unit *u) { + if (UNIT(other)->job && UNIT(other)->job->state == JOB_RUNNING) + return -EAGAIN; + +- r = unit_test_start_limit(u); +- if (r < 0) { +- swap_enter_dead(s, SWAP_FAILURE_START_LIMIT_HIT); +- return r; +- } +- + r = unit_acquire_invocation_id(u); + if (r < 0) + return r; +@@ -1458,6 +1452,21 @@ static int swap_control_pid(Unit *u) { + return s->control_pid; + } + ++static int swap_test_start_limit(Unit *u) { ++ Swap *s = SWAP(u); ++ int r; ++ ++ assert(s); ++ ++ r = unit_test_start_limit(u); ++ if (r < 0) { ++ swap_enter_dead(s, SWAP_FAILURE_START_LIMIT_HIT); ++ return r; ++ } ++ ++ return 0; ++} ++ + static const char* const swap_exec_command_table[_SWAP_EXEC_COMMAND_MAX] = { + [SWAP_EXEC_ACTIVATE] = "ExecActivate", + [SWAP_EXEC_DEACTIVATE] = "ExecDeactivate", +@@ -1547,4 +1556,6 @@ const UnitVTable swap_vtable = { + [JOB_TIMEOUT] = "Timed out deactivating swap %s.", + }, + }, ++ ++ .test_start_limit = swap_test_start_limit, + }; +diff --git a/src/core/timer.c b/src/core/timer.c +index be16321296..fb9ae17990 100644 +--- a/src/core/timer.c ++++ b/src/core/timer.c +@@ -599,12 +599,6 @@ static int timer_start(Unit *u) { + return -ENOENT; + } + +- r = unit_test_start_limit(u); +- if (r < 0) { +- timer_enter_dead(t, TIMER_FAILURE_START_LIMIT_HIT); +- return r; +- } +- + r = unit_acquire_invocation_id(u); + if (r < 0) + return r; +@@ -829,6 +823,21 @@ static void timer_timezone_change(Unit *u) { + timer_enter_waiting(t, false); + } + ++static int timer_test_start_limit(Unit *u) { ++ Timer *t = TIMER(u); ++ int r; ++ ++ assert(t); ++ ++ r = unit_test_start_limit(u); ++ if (r < 0) { ++ timer_enter_dead(t, TIMER_FAILURE_START_LIMIT_HIT); ++ return r; ++ } ++ ++ return 0; ++} ++ + static const char* const timer_base_table[_TIMER_BASE_MAX] = { + [TIMER_ACTIVE] = "OnActiveSec", + [TIMER_BOOT] = "OnBootSec", +@@ -884,4 +893,5 @@ const UnitVTable timer_vtable = { + .bus_set_property = bus_timer_set_property, + + .can_transient = true, ++ .test_start_limit = timer_test_start_limit, + }; +diff --git a/src/core/unit.c b/src/core/unit.c +index fa94a67fdd..9005f79df3 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -1726,10 +1726,16 @@ int unit_start(Unit *u) { + + assert(u); + +- /* If this is already started, then this will succeed. Note +- * that this will even succeed if this unit is not startable +- * by the user. This is relied on to detect when we need to +- * wait for units and when waiting is finished. */ ++ /* Check start rate limiting early so that failure conditions don't cause us to enter a busy loop. */ ++ if (UNIT_VTABLE(u)->test_start_limit) { ++ int r = UNIT_VTABLE(u)->test_start_limit(u); ++ if (r < 0) ++ return r; ++ } ++ ++ /* If this is already started, then this will succeed. Note that this will even succeed if this unit ++ * is not startable by the user. This is relied on to detect when we need to wait for units and when ++ * waiting is finished. */ + state = unit_active_state(u); + if (UNIT_IS_ACTIVE_OR_RELOADING(state)) + return -EALREADY; +diff --git a/src/core/unit.h b/src/core/unit.h +index a8bc350b66..9e6f1bcf81 100644 +--- a/src/core/unit.h ++++ b/src/core/unit.h +@@ -567,6 +567,10 @@ typedef struct UnitVTable { + /* The bus vtable */ + const sd_bus_vtable *bus_vtable; + ++ /* If this function is set, it's invoked first as part of starting a unit to allow start rate ++ * limiting checks to occur before we do anything else. */ ++ int (*test_start_limit)(Unit *u); ++ + /* The strings to print in status messages */ + UnitStatusMessageFormats status_message_formats; + diff --git a/0678-sd-event-introduce-callback-invoked-when-event-sourc.patch b/0678-sd-event-introduce-callback-invoked-when-event-sourc.patch new file mode 100644 index 0000000..c8b8338 --- /dev/null +++ b/0678-sd-event-introduce-callback-invoked-when-event-sourc.patch @@ -0,0 +1,226 @@ +From 5f2ee8632f15a8978c522de6789777171e898671 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Mon, 4 Oct 2021 19:44:06 +0200 +Subject: [PATCH] sd-event: introduce callback invoked when event source + ratelimit expires + +(cherry picked from commit fd69f2247520b0be3190ded96d646a415edc97b7) + +Related: #2037395 +--- + src/libsystemd/libsystemd.sym | 5 +++ + src/libsystemd/sd-event/sd-event.c | 61 +++++++++++++++++++++++----- + src/libsystemd/sd-event/test-event.c | 12 ++++++ + src/systemd/sd-event.h | 1 + + 4 files changed, 68 insertions(+), 11 deletions(-) + +diff --git a/src/libsystemd/libsystemd.sym b/src/libsystemd/libsystemd.sym +index 149d2e7b82..f4a1426248 100644 +--- a/src/libsystemd/libsystemd.sym ++++ b/src/libsystemd/libsystemd.sym +@@ -579,3 +579,8 @@ global: + sd_event_source_get_ratelimit; + sd_event_source_is_ratelimited; + } LIBSYSTEMD_239; ++ ++LIBSYSTEMD_250 { ++global: ++ sd_event_source_set_ratelimit_expire_callback; ++} LIBSYSTEMD_248; +diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c +index 47cf93b3f4..0adfdd9e1a 100644 +--- a/src/libsystemd/sd-event/sd-event.c ++++ b/src/libsystemd/sd-event/sd-event.c +@@ -125,6 +125,7 @@ struct sd_event_source { + uint64_t prepare_iteration; + + sd_event_destroy_t destroy_callback; ++ sd_event_handler_t ratelimit_expire_callback; + + LIST_FIELDS(sd_event_source, sources); + +@@ -2734,7 +2735,7 @@ fail: + return r; + } + +-static int event_source_leave_ratelimit(sd_event_source *s) { ++static int event_source_leave_ratelimit(sd_event_source *s, bool run_callback) { + int r; + + assert(s); +@@ -2766,6 +2767,23 @@ static int event_source_leave_ratelimit(sd_event_source *s) { + ratelimit_reset(&s->rate_limit); + + log_debug("Event source %p (%s) left rate limit state.", s, strna(s->description)); ++ ++ if (run_callback && s->ratelimit_expire_callback) { ++ s->dispatching = true; ++ r = s->ratelimit_expire_callback(s, s->userdata); ++ s->dispatching = false; ++ ++ if (r < 0) { ++ log_debug_errno(r, "Ratelimit expiry callback of event source %s (type %s) returned error, disabling: %m", ++ strna(s->description), ++ event_source_type_to_string(s->type)); ++ ++ sd_event_source_set_enabled(s, SD_EVENT_OFF); ++ } ++ ++ return 1; ++ } ++ + return 0; + + fail: +@@ -2966,6 +2984,7 @@ static int process_timer( + struct clock_data *d) { + + sd_event_source *s; ++ bool callback_invoked = false; + int r; + + assert(e); +@@ -2981,9 +3000,11 @@ static int process_timer( + * again. */ + assert(s->ratelimited); + +- r = event_source_leave_ratelimit(s); ++ r = event_source_leave_ratelimit(s, /* run_callback */ true); + if (r < 0) + return r; ++ else if (r == 1) ++ callback_invoked = true; + + continue; + } +@@ -2998,7 +3019,7 @@ static int process_timer( + event_source_time_prioq_reshuffle(s); + } + +- return 0; ++ return callback_invoked; + } + + static int process_child(sd_event *e) { +@@ -3698,15 +3719,15 @@ _public_ int sd_event_wait(sd_event *e, uint64_t timeout) { + if (r < 0) + goto finish; + +- r = process_timer(e, e->timestamp.realtime, &e->realtime); ++ r = process_inotify(e); + if (r < 0) + goto finish; + +- r = process_timer(e, e->timestamp.boottime, &e->boottime); ++ r = process_timer(e, e->timestamp.realtime, &e->realtime); + if (r < 0) + goto finish; + +- r = process_timer(e, e->timestamp.monotonic, &e->monotonic); ++ r = process_timer(e, e->timestamp.boottime, &e->boottime); + if (r < 0) + goto finish; + +@@ -3718,16 +3739,27 @@ _public_ int sd_event_wait(sd_event *e, uint64_t timeout) { + if (r < 0) + goto finish; + ++ r = process_timer(e, e->timestamp.monotonic, &e->monotonic); ++ if (r < 0) ++ goto finish; ++ else if (r == 1) { ++ /* Ratelimit expiry callback was called. Let's postpone processing pending sources and ++ * put loop in the initial state in order to evaluate (in the next iteration) also sources ++ * there were potentially re-enabled by the callback. ++ * ++ * Wondering why we treat only this invocation of process_timer() differently? Once event ++ * source is ratelimited we essentially transform it into CLOCK_MONOTONIC timer hence ++ * ratelimit expiry callback is never called for any other timer type. */ ++ r = 0; ++ goto finish; ++ } ++ + if (e->need_process_child) { + r = process_child(e); + if (r < 0) + goto finish; + } + +- r = process_inotify(e); +- if (r < 0) +- goto finish; +- + if (event_next_pending(e)) { + e->state = SD_EVENT_PENDING; + +@@ -4054,7 +4086,7 @@ _public_ int sd_event_source_set_ratelimit(sd_event_source *s, uint64_t interval + + /* When ratelimiting is configured we'll always reset the rate limit state first and start fresh, + * non-ratelimited. */ +- r = event_source_leave_ratelimit(s); ++ r = event_source_leave_ratelimit(s, /* run_callback */ false); + if (r < 0) + return r; + +@@ -4062,6 +4094,13 @@ _public_ int sd_event_source_set_ratelimit(sd_event_source *s, uint64_t interval + return 0; + } + ++_public_ int sd_event_source_set_ratelimit_expire_callback(sd_event_source *s, sd_event_handler_t callback) { ++ assert_return(s, -EINVAL); ++ ++ s->ratelimit_expire_callback = callback; ++ return 0; ++} ++ + _public_ int sd_event_source_get_ratelimit(sd_event_source *s, uint64_t *ret_interval, unsigned *ret_burst) { + assert_return(s, -EINVAL); + +diff --git a/src/libsystemd/sd-event/test-event.c b/src/libsystemd/sd-event/test-event.c +index e3ee4cd5c3..9135b22839 100644 +--- a/src/libsystemd/sd-event/test-event.c ++++ b/src/libsystemd/sd-event/test-event.c +@@ -506,6 +506,11 @@ static int ratelimit_time_handler(sd_event_source *s, uint64_t usec, void *userd + return 0; + } + ++static int expired = -1; ++static int ratelimit_expired(sd_event_source *s, void *userdata) { ++ return ++expired; ++} ++ + static void test_ratelimit(void) { + _cleanup_close_pair_ int p[2] = {-1, -1}; + _cleanup_(sd_event_unrefp) sd_event *e = NULL; +@@ -568,12 +573,19 @@ static void test_ratelimit(void) { + + assert_se(sd_event_source_set_ratelimit(s, 1 * USEC_PER_SEC, 10) >= 0); + ++ /* Set callback that will be invoked when we leave rate limited state. */ ++ assert_se(sd_event_source_set_ratelimit_expire_callback(s, ratelimit_expired) >= 0); ++ + do { + assert_se(sd_event_run(e, UINT64_MAX) >= 0); + } while (!sd_event_source_is_ratelimited(s)); + + log_info("ratelimit_time_handler: called 10 more times, event source got ratelimited"); + assert_se(count == 20); ++ ++ /* Dispatch the event loop once more and check that ratelimit expiration callback got called */ ++ assert_se(sd_event_run(e, UINT64_MAX) >= 0); ++ assert_se(expired == 0); + } + + int main(int argc, char *argv[]) { +diff --git a/src/systemd/sd-event.h b/src/systemd/sd-event.h +index a17a9b3488..c2e9c9614d 100644 +--- a/src/systemd/sd-event.h ++++ b/src/systemd/sd-event.h +@@ -147,6 +147,7 @@ int sd_event_source_get_destroy_callback(sd_event_source *s, sd_event_destroy_t + int sd_event_source_set_ratelimit(sd_event_source *s, uint64_t interval_usec, unsigned burst); + int sd_event_source_get_ratelimit(sd_event_source *s, uint64_t *ret_interval_usec, unsigned *ret_burst); + int sd_event_source_is_ratelimited(sd_event_source *s); ++int sd_event_source_set_ratelimit_expire_callback(sd_event_source *s, sd_event_handler_t callback); + + /* Define helpers so that __attribute__((cleanup(sd_event_unrefp))) and similar may be used. */ + _SD_DEFINE_POINTER_CLEANUP_FUNC(sd_event, sd_event_unref); diff --git a/0679-core-rename-generalize-UNIT-u-test_start_limit-hook.patch b/0679-core-rename-generalize-UNIT-u-test_start_limit-hook.patch new file mode 100644 index 0000000..f3b520b --- /dev/null +++ b/0679-core-rename-generalize-UNIT-u-test_start_limit-hook.patch @@ -0,0 +1,263 @@ +From c08bb8f464ff4d27fbf762d19d28fe92955a668d Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Mon, 4 Oct 2021 17:51:52 +0200 +Subject: [PATCH] core: rename/generalize UNIT(u)->test_start_limit() hook + +Up until now the main reason why we didn't proceed with starting the +unit was exceed start limit burst. However, for unit types like mounts +the other reason could be effective ratelimit on /proc/self/mountinfo +event source. That means our mount unit state may not reflect current +kernel state. Hence, we need to attempt to re-run the start job again +after ratelimit on event source expires. + +As we will be introducing another reason than start limit let's rename +the virtual function that implements the check. + +(cherry picked from commit 705578c3b9d794097233aa66010cf67b2a444716) + +Related: #2037395 +--- + src/core/automount.c | 6 +++--- + src/core/mount.c | 6 +++--- + src/core/path.c | 6 +++--- + src/core/service.c | 6 +++--- + src/core/socket.c | 6 +++--- + src/core/swap.c | 6 +++--- + src/core/timer.c | 6 +++--- + src/core/unit.c | 6 +++--- + src/core/unit.h | 2 +- + 9 files changed, 25 insertions(+), 25 deletions(-) + +diff --git a/src/core/automount.c b/src/core/automount.c +index 5e16adabb5..f212620c8f 100644 +--- a/src/core/automount.c ++++ b/src/core/automount.c +@@ -1071,7 +1071,7 @@ static bool automount_supported(void) { + return supported; + } + +-static int automount_test_start_limit(Unit *u) { ++static int automount_can_start(Unit *u) { + Automount *a = AUTOMOUNT(u); + int r; + +@@ -1083,7 +1083,7 @@ static int automount_test_start_limit(Unit *u) { + return r; + } + +- return 0; ++ return 1; + } + + static const char* const automount_result_table[_AUTOMOUNT_RESULT_MAX] = { +@@ -1145,5 +1145,5 @@ const UnitVTable automount_vtable = { + }, + }, + +- .test_start_limit = automount_test_start_limit, ++ .can_start = automount_can_start, + }; +diff --git a/src/core/mount.c b/src/core/mount.c +index 619f64d5b7..72341fe685 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1947,7 +1947,7 @@ static int mount_control_pid(Unit *u) { + return m->control_pid; + } + +-static int mount_test_start_limit(Unit *u) { ++static int mount_can_start(Unit *u) { + Mount *m = MOUNT(u); + int r; + +@@ -1959,7 +1959,7 @@ static int mount_test_start_limit(Unit *u) { + return r; + } + +- return 0; ++ return 1; + } + + static const char* const mount_exec_command_table[_MOUNT_EXEC_COMMAND_MAX] = { +@@ -2054,5 +2054,5 @@ const UnitVTable mount_vtable = { + }, + }, + +- .test_start_limit = mount_test_start_limit, ++ .can_start = mount_can_start, + }; +diff --git a/src/core/path.c b/src/core/path.c +index 1e69a1f05f..58f490589d 100644 +--- a/src/core/path.c ++++ b/src/core/path.c +@@ -724,7 +724,7 @@ static void path_reset_failed(Unit *u) { + p->result = PATH_SUCCESS; + } + +-static int path_test_start_limit(Unit *u) { ++static int path_can_start(Unit *u) { + Path *p = PATH(u); + int r; + +@@ -736,7 +736,7 @@ static int path_test_start_limit(Unit *u) { + return r; + } + +- return 0; ++ return 1; + } + + static const char* const path_type_table[_PATH_TYPE_MAX] = { +@@ -792,5 +792,5 @@ const UnitVTable path_vtable = { + .bus_vtable = bus_path_vtable, + .bus_set_property = bus_path_set_property, + +- .test_start_limit = path_test_start_limit, ++ .can_start = path_can_start, + }; +diff --git a/src/core/service.c b/src/core/service.c +index a21d98ab8f..2b7e85d3eb 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -4043,7 +4043,7 @@ static bool service_needs_console(Unit *u) { + SERVICE_FINAL_SIGKILL); + } + +-static int service_test_start_limit(Unit *u) { ++static int service_can_start(Unit *u) { + Service *s = SERVICE(u); + int r; + +@@ -4056,7 +4056,7 @@ static int service_test_start_limit(Unit *u) { + return r; + } + +- return 0; ++ return 1; + } + + static const char* const service_restart_table[_SERVICE_RESTART_MAX] = { +@@ -4201,5 +4201,5 @@ const UnitVTable service_vtable = { + }, + }, + +- .test_start_limit = service_test_start_limit, ++ .can_start = service_can_start, + }; +diff --git a/src/core/socket.c b/src/core/socket.c +index 36d2e4f823..3589300e68 100644 +--- a/src/core/socket.c ++++ b/src/core/socket.c +@@ -3261,7 +3261,7 @@ static int socket_control_pid(Unit *u) { + return s->control_pid; + } + +-static int socket_test_start_limit(Unit *u) { ++static int socket_can_start(Unit *u) { + Socket *s = SOCKET(u); + int r; + +@@ -3273,7 +3273,7 @@ static int socket_test_start_limit(Unit *u) { + return r; + } + +- return 0; ++ return 1; + } + + static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = { +@@ -3369,5 +3369,5 @@ const UnitVTable socket_vtable = { + }, + }, + +- .test_start_limit = socket_test_start_limit, ++ .can_start = socket_can_start, + }; +diff --git a/src/core/swap.c b/src/core/swap.c +index 90fcd69300..498c5a6d69 100644 +--- a/src/core/swap.c ++++ b/src/core/swap.c +@@ -1452,7 +1452,7 @@ static int swap_control_pid(Unit *u) { + return s->control_pid; + } + +-static int swap_test_start_limit(Unit *u) { ++static int swap_can_start(Unit *u) { + Swap *s = SWAP(u); + int r; + +@@ -1464,7 +1464,7 @@ static int swap_test_start_limit(Unit *u) { + return r; + } + +- return 0; ++ return 1; + } + + static const char* const swap_exec_command_table[_SWAP_EXEC_COMMAND_MAX] = { +@@ -1557,5 +1557,5 @@ const UnitVTable swap_vtable = { + }, + }, + +- .test_start_limit = swap_test_start_limit, ++ .can_start = swap_can_start, + }; +diff --git a/src/core/timer.c b/src/core/timer.c +index fb9ae17990..684180bf99 100644 +--- a/src/core/timer.c ++++ b/src/core/timer.c +@@ -823,7 +823,7 @@ static void timer_timezone_change(Unit *u) { + timer_enter_waiting(t, false); + } + +-static int timer_test_start_limit(Unit *u) { ++static int timer_can_start(Unit *u) { + Timer *t = TIMER(u); + int r; + +@@ -835,7 +835,7 @@ static int timer_test_start_limit(Unit *u) { + return r; + } + +- return 0; ++ return 1; + } + + static const char* const timer_base_table[_TIMER_BASE_MAX] = { +@@ -893,5 +893,5 @@ const UnitVTable timer_vtable = { + .bus_set_property = bus_timer_set_property, + + .can_transient = true, +- .test_start_limit = timer_test_start_limit, ++ .can_start = timer_can_start, + }; +diff --git a/src/core/unit.c b/src/core/unit.c +index 9005f79df3..bd0a6bb7cc 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -1726,9 +1726,9 @@ int unit_start(Unit *u) { + + assert(u); + +- /* Check start rate limiting early so that failure conditions don't cause us to enter a busy loop. */ +- if (UNIT_VTABLE(u)->test_start_limit) { +- int r = UNIT_VTABLE(u)->test_start_limit(u); ++ /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */ ++ if (UNIT_VTABLE(u)->can_start) { ++ int r = UNIT_VTABLE(u)->can_start(u); + if (r < 0) + return r; + } +diff --git a/src/core/unit.h b/src/core/unit.h +index 9e6f1bcf81..0cd259411f 100644 +--- a/src/core/unit.h ++++ b/src/core/unit.h +@@ -569,7 +569,7 @@ typedef struct UnitVTable { + + /* If this function is set, it's invoked first as part of starting a unit to allow start rate + * limiting checks to occur before we do anything else. */ +- int (*test_start_limit)(Unit *u); ++ int (*can_start)(Unit *u); + + /* The strings to print in status messages */ + UnitStatusMessageFormats status_message_formats; diff --git a/0680-mount-make-mount-units-start-jobs-not-runnable-if-p-.patch b/0680-mount-make-mount-units-start-jobs-not-runnable-if-p-.patch new file mode 100644 index 0000000..7d21e32 --- /dev/null +++ b/0680-mount-make-mount-units-start-jobs-not-runnable-if-p-.patch @@ -0,0 +1,27 @@ +From faaac88f0686066e0b930952f12010f6d93fd6cf Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Mon, 4 Oct 2021 19:41:34 +0200 +Subject: [PATCH] mount: make mount units start jobs not runnable if + /p/s/mountinfo ratelimit is in effect + +(cherry picked from commit a7c93dfe91e88a5a561341c523a45c7f8d71a588) + +Related: #2037395 +--- + src/core/mount.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 72341fe685..dbac1b7cb1 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1953,6 +1953,9 @@ static int mount_can_start(Unit *u) { + + assert(m); + ++ if (sd_event_source_is_ratelimited(u->manager->mount_event_source)) ++ return -EAGAIN; ++ + r = unit_test_start_limit(u); + if (r < 0) { + mount_enter_dead(m, MOUNT_FAILURE_START_LIMIT_HIT); diff --git a/0681-mount-retrigger-run-queue-after-ratelimit-expired-to.patch b/0681-mount-retrigger-run-queue-after-ratelimit-expired-to.patch new file mode 100644 index 0000000..6887e73 --- /dev/null +++ b/0681-mount-retrigger-run-queue-after-ratelimit-expired-to.patch @@ -0,0 +1,54 @@ +From 0b28134258e40b2fc054326175317db65c23bcd6 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Mon, 4 Oct 2021 20:31:49 +0200 +Subject: [PATCH] mount: retrigger run queue after ratelimit expired to run + delayed mount start jobs + +Fixes #20329 + +(cherry picked from commit edc027b4f1cfaa49e8ecdde763eb8c623402d464) + +Related: #2037395 +--- + src/core/mount.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/src/core/mount.c b/src/core/mount.c +index dbac1b7cb1..c05779343c 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1706,6 +1706,21 @@ static bool mount_is_mounted(Mount *m) { + return UNIT(m)->perpetual || m->is_mounted; + } + ++static int mount_on_ratelimit_expire(sd_event_source *s, void *userdata) { ++ Manager *m = userdata; ++ int r; ++ ++ assert(m); ++ ++ /* By entering ratelimited state we made all mount start jobs not runnable, now rate limit is over so let's ++ * make sure we dispatch them in the next iteration. */ ++ r = sd_event_source_set_enabled(m->run_queue_event_source, SD_EVENT_ONESHOT); ++ if (r < 0) ++ log_debug_errno(r, "Failed to enable run queue event source, ignoring: %m"); ++ ++ return 0; ++} ++ + static void mount_enumerate(Manager *m) { + int r; + +@@ -1759,6 +1774,12 @@ static void mount_enumerate(Manager *m) { + goto fail; + } + ++ r = sd_event_source_set_ratelimit_expire_callback(m->mount_event_source, mount_on_ratelimit_expire); ++ if (r < 0) { ++ log_error_errno(r, "Failed to enable rate limit for mount events: %m"); ++ goto fail; ++ } ++ + (void) sd_event_source_set_description(m->mount_event_source, "mount-monitor-dispatch"); + } + diff --git a/0682-pid1-add-a-manager_trigger_run_queue-helper.patch b/0682-pid1-add-a-manager_trigger_run_queue-helper.patch new file mode 100644 index 0000000..2c12d00 --- /dev/null +++ b/0682-pid1-add-a-manager_trigger_run_queue-helper.patch @@ -0,0 +1,98 @@ +From 567c8855016ee5e7641d6c5f1ed84badd9fae10d Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 12 Nov 2021 09:43:07 +0100 +Subject: [PATCH] pid1: add a manager_trigger_run_queue() helper + +We have two different places where we re-trigger the run queue now. +let's unify it under a common function, that is part of the Manager +code. + +Follow-up for #20953 + +(cherry picked from commit b0c4b2824693fe6a27ea9439ec7a6328a0e23704) + +Related: #2037395 +--- + src/core/job.c | 5 ++--- + src/core/manager.c | 12 ++++++++++++ + src/core/manager.h | 2 ++ + src/core/mount.c | 9 +++------ + 4 files changed, 19 insertions(+), 9 deletions(-) + +diff --git a/src/core/job.c b/src/core/job.c +index 870ec0a387..cc6e1ee65a 100644 +--- a/src/core/job.c ++++ b/src/core/job.c +@@ -1137,11 +1137,10 @@ void job_add_to_run_queue(Job *j) { + if (j->in_run_queue) + return; + +- if (!j->manager->run_queue) +- sd_event_source_set_enabled(j->manager->run_queue_event_source, SD_EVENT_ONESHOT); +- + LIST_PREPEND(run_queue, j->manager->run_queue, j); + j->in_run_queue = true; ++ ++ manager_trigger_run_queue(j->manager); + } + + void job_add_to_dbus_queue(Job *j) { +diff --git a/src/core/manager.c b/src/core/manager.c +index 3c44ad3dbc..ae6ce35d99 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -2120,6 +2120,18 @@ static int manager_dispatch_run_queue(sd_event_source *source, void *userdata) { + return 1; + } + ++void manager_trigger_run_queue(Manager *m) { ++ int r; ++ ++ assert(m); ++ ++ r = sd_event_source_set_enabled( ++ m->run_queue_event_source, ++ m->run_queue ? SD_EVENT_ONESHOT: SD_EVENT_OFF); ++ if (r < 0) ++ log_warning_errno(r, "Failed to enable job run queue event source, ignoring: %m"); ++} ++ + static unsigned manager_dispatch_dbus_queue(Manager *m) { + unsigned n = 0, budget; + Unit *u; +diff --git a/src/core/manager.h b/src/core/manager.h +index c4b8e80093..7b572c8dfd 100644 +--- a/src/core/manager.h ++++ b/src/core/manager.h +@@ -416,6 +416,8 @@ unsigned manager_dispatch_load_queue(Manager *m); + int manager_environment_add(Manager *m, char **minus, char **plus); + int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit); + ++void manager_trigger_run_queue(Manager *m); ++ + int manager_loop(Manager *m); + + int manager_open_serialization(Manager *m, FILE **_f); +diff --git a/src/core/mount.c b/src/core/mount.c +index c05779343c..9ff7c71edd 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1708,15 +1708,12 @@ static bool mount_is_mounted(Mount *m) { + + static int mount_on_ratelimit_expire(sd_event_source *s, void *userdata) { + Manager *m = userdata; +- int r; + + assert(m); + +- /* By entering ratelimited state we made all mount start jobs not runnable, now rate limit is over so let's +- * make sure we dispatch them in the next iteration. */ +- r = sd_event_source_set_enabled(m->run_queue_event_source, SD_EVENT_ONESHOT); +- if (r < 0) +- log_debug_errno(r, "Failed to enable run queue event source, ignoring: %m"); ++ /* By entering ratelimited state we made all mount start jobs not runnable, now rate limit is over so ++ * let's make sure we dispatch them in the next iteration. */ ++ manager_trigger_run_queue(m); + + return 0; + } diff --git a/0683-unit-add-jobs-that-were-skipped-because-of-ratelimit.patch b/0683-unit-add-jobs-that-were-skipped-because-of-ratelimit.patch new file mode 100644 index 0000000..af625ce --- /dev/null +++ b/0683-unit-add-jobs-that-were-skipped-because-of-ratelimit.patch @@ -0,0 +1,46 @@ +From a9a25019ea307741d7d42178ac0f47a2320f8e94 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Thu, 25 Nov 2021 18:28:25 +0100 +Subject: [PATCH] unit: add jobs that were skipped because of ratelimit back to + run_queue + +Assumption in edc027b was that job we first skipped because of active +ratelimit is still in run_queue. Hence we trigger the queue and dispatch +it in the next iteration. Actually we remove jobs from run_queue in +job_run_and_invalidate() before we call unit_start(). Hence if we want +to attempt to run the job again in the future we need to add it back +to run_queue. + +Fixes #21458 + +(cherry picked from commit c29e6a9530316823b0455cd83eb6d0bb8dd664f4) + +Related: #2037395 +--- + src/core/mount.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 9ff7c71edd..4e0a4f238a 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1708,9 +1708,19 @@ static bool mount_is_mounted(Mount *m) { + + static int mount_on_ratelimit_expire(sd_event_source *s, void *userdata) { + Manager *m = userdata; ++ Job *j; ++ Iterator i; + + assert(m); + ++ /* Let's enqueue all start jobs that were previously skipped because of active ratelimit. */ ++ HASHMAP_FOREACH(j, m->jobs, i) { ++ if (j->unit->type != UNIT_MOUNT) ++ continue; ++ ++ job_add_to_run_queue(j); ++ } ++ + /* By entering ratelimited state we made all mount start jobs not runnable, now rate limit is over so + * let's make sure we dispatch them in the next iteration. */ + manager_trigger_run_queue(m); diff --git a/0684-udev-net_id-introduce-naming-scheme-for-RHEL-8.5.patch b/0684-udev-net_id-introduce-naming-scheme-for-RHEL-8.5.patch new file mode 100644 index 0000000..b0cbf3c --- /dev/null +++ b/0684-udev-net_id-introduce-naming-scheme-for-RHEL-8.5.patch @@ -0,0 +1,50 @@ +From 6882d94ae68468b414597696727108d588402f43 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Wed, 12 Jan 2022 15:35:19 +0100 +Subject: [PATCH] udev/net_id: introduce naming scheme for RHEL-8.5 + +RHEL-only + +Related: #2040244 +--- + man/systemd.net-naming-scheme.xml | 6 ++++++ + src/udev/udev-builtin-net_id.c | 2 ++ + 2 files changed, 8 insertions(+) + +diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml +index 10e71dcb15..be969bc8d0 100644 +--- a/man/systemd.net-naming-scheme.xml ++++ b/man/systemd.net-naming-scheme.xml +@@ -301,6 +301,12 @@ + avoid possible naming conflict. + + ++ ++ rhel-8.5 ++ ++ Same as naming scheme rhel-8.4. ++ ++ + Note that latest may be used to denote the latest scheme known (to this + particular version of systemd. + +diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c +index 0611c08234..3a0b3b1eae 100644 +--- a/src/udev/udev-builtin-net_id.c ++++ b/src/udev/udev-builtin-net_id.c +@@ -135,6 +135,7 @@ typedef enum NamingSchemeFlags { + NAMING_RHEL_8_2 = NAMING_V239, + NAMING_RHEL_8_3 = NAMING_V239, + NAMING_RHEL_8_4 = NAMING_V239|NAMING_BRIDGE_NO_SLOT, ++ NAMING_RHEL_8_5 = NAMING_RHEL_8_4, + + _NAMING_SCHEME_FLAGS_INVALID = -1, + } NamingSchemeFlags; +@@ -152,6 +153,7 @@ static const NamingScheme naming_schemes[] = { + { "rhel-8.2", NAMING_RHEL_8_2 }, + { "rhel-8.3", NAMING_RHEL_8_3 }, + { "rhel-8.4", NAMING_RHEL_8_4 }, ++ { "rhel-8.5", NAMING_RHEL_8_5 }, + /* … add more schemes here, as the logic to name devices is updated … */ + }; + diff --git a/0685-udev-net_id-remove-extraneous-bracket.patch b/0685-udev-net_id-remove-extraneous-bracket.patch new file mode 100644 index 0000000..3c454f7 --- /dev/null +++ b/0685-udev-net_id-remove-extraneous-bracket.patch @@ -0,0 +1,25 @@ +From d5d728d24b34194438e74580c1a58f5727b59444 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Wed, 12 Jan 2022 15:35:54 +0100 +Subject: [PATCH] udev/net_id: remove extraneous bracket + +RHEL-only + +Related: #2040244 +--- + man/systemd.net-naming-scheme.xml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/man/systemd.net-naming-scheme.xml b/man/systemd.net-naming-scheme.xml +index be969bc8d0..a65da5c6c1 100644 +--- a/man/systemd.net-naming-scheme.xml ++++ b/man/systemd.net-naming-scheme.xml +@@ -307,7 +307,7 @@ + Same as naming scheme rhel-8.4. + + +- Note that latest may be used to denote the latest scheme known (to this ++ Note that latest may be used to denote the latest scheme known to this + particular version of systemd. + + diff --git a/0686-mount-do-not-update-exec-deps-on-mountinfo-changes.patch b/0686-mount-do-not-update-exec-deps-on-mountinfo-changes.patch new file mode 100644 index 0000000..01bf38f --- /dev/null +++ b/0686-mount-do-not-update-exec-deps-on-mountinfo-changes.patch @@ -0,0 +1,87 @@ +From 9807f473b1b3e2aaf86bcbc6e6b9ad1328548b22 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 15 Nov 2019 14:00:54 +0100 +Subject: [PATCH] mount: do not update exec deps on mountinfo changes + +Fixes: #13978 +(cherry picked from commit bf7eedbf8f8c83d9e775c80275f98f506ec963c6) + +Related: #2038878 +--- + src/core/mount.c | 42 ++++++++++++++++++++++++++++-------------- + 1 file changed, 28 insertions(+), 14 deletions(-) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 4e0a4f238a..73c0531158 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -535,6 +535,32 @@ static int mount_verify(Mount *m) { + return 0; + } + ++static int mount_add_non_exec_dependencies(Mount *m) { ++ int r; ++ assert(m); ++ ++ /* Adds in all dependencies directly responsible for ordering the mount, as opposed to dependencies ++ * resulting from the ExecContext and such. */ ++ ++ r = mount_add_device_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ r = mount_add_mount_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ r = mount_add_quota_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ r = mount_add_default_dependencies(m); ++ if (r < 0) ++ return r; ++ ++ return 0; ++} ++ + static int mount_add_extras(Mount *m) { + Unit *u = UNIT(m); + int r; +@@ -558,18 +584,6 @@ static int mount_add_extras(Mount *m) { + return r; + } + +- r = mount_add_device_dependencies(m); +- if (r < 0) +- return r; +- +- r = mount_add_mount_dependencies(m); +- if (r < 0) +- return r; +- +- r = mount_add_quota_dependencies(m); +- if (r < 0) +- return r; +- + r = unit_patch_contexts(u); + if (r < 0) + return r; +@@ -582,7 +596,7 @@ static int mount_add_extras(Mount *m) { + if (r < 0) + return r; + +- r = mount_add_default_dependencies(m); ++ r = mount_add_non_exec_dependencies(m); + if (r < 0) + return r; + +@@ -1526,7 +1540,7 @@ static int mount_setup_existing_unit( + } + + if (load_extras) +- return mount_add_extras(MOUNT(u)); ++ return mount_add_non_exec_dependencies(MOUNT(u)); + + return 0; + } diff --git a/0687-core-mount-add-implicit-unit-dependencies-even-if-wh.patch b/0687-core-mount-add-implicit-unit-dependencies-even-if-wh.patch new file mode 100644 index 0000000..e893fab --- /dev/null +++ b/0687-core-mount-add-implicit-unit-dependencies-even-if-wh.patch @@ -0,0 +1,46 @@ +From f68eeaf2809d6866f9cca3d7746795ffc3e71f46 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 29 Aug 2021 21:20:43 +0900 +Subject: [PATCH] core/mount: add implicit unit dependencies even if when mount + unit is generated from /proc/self/mountinfo + +Hopefully fixes #20566. + +(cherry picked from commit aebff2e7ce209fc2d75b894a3ae8b80f6f36ec11) + +Resolves: #2038878 +--- + src/core/mount.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/src/core/mount.c b/src/core/mount.c +index 73c0531158..9547cb9b29 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1437,6 +1437,7 @@ static int mount_setup_new_unit( + MountSetupFlags *flags) { + + MountParameters *p; ++ int r; + + assert(u); + assert(flags); +@@ -1458,7 +1459,6 @@ static int mount_setup_new_unit( + + if (!mount_is_extrinsic(MOUNT(u))) { + const char *target; +- int r; + + target = mount_is_network(p) ? SPECIAL_REMOTE_FS_TARGET : SPECIAL_LOCAL_FS_TARGET; + r = unit_add_dependency_by_name(u, UNIT_BEFORE, target, NULL, true, UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT); +@@ -1470,6 +1470,10 @@ static int mount_setup_new_unit( + return r; + } + ++ r = mount_add_non_exec_dependencies(MOUNT(u)); ++ if (r < 0) ++ return r; ++ + unit_add_to_load_queue(u); + flags->is_mounted = true; + flags->just_mounted = true; diff --git a/1002-core-fix-a-null-reference-case-in-load_from_path.patch b/1002-core-fix-a-null-reference-case-in-load_from_path.patch deleted file mode 100644 index 9da687e..0000000 --- a/1002-core-fix-a-null-reference-case-in-load_from_path.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 3262f6c71165c309605dd87c88c7daf7dd300e6f Mon Sep 17 00:00:00 2001 -From: Wen Yang -Date: Mon, 1 Jun 2020 17:06:53 +0800 -Subject: [PATCH] core: fix a null reference case in load_from_path() - ---- - src/core/load-fragment.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c -index 33fdb82754..be5d3c2816 100644 ---- a/src/core/load-fragment.c -+++ b/src/core/load-fragment.c -@@ -4415,7 +4415,6 @@ static int load_from_path(Unit *u, const char *path) { - r = open_follow(&filename, &f, symlink_names, &id); - if (r >= 0) - break; -- filename = mfree(filename); - - /* ENOENT means that the file is missing or is a dangling symlink. - * ENOTDIR means that one of paths we expect to be is a directory -@@ -4424,7 +4423,8 @@ static int load_from_path(Unit *u, const char *path) { - */ - if (r == -EACCES) - log_debug_errno(r, "Cannot access \"%s\": %m", filename); -- else if (!IN_SET(r, -ENOENT, -ENOTDIR)) -+ filename = mfree(filename); -+ if (!IN_SET(r, -ENOENT, -ENOTDIR)) - return r; - - /* Empty the symlink names for the next run */ --- -2.18.1 - diff --git a/1003-sysctl-Don-t-pass-null-directive-argument-to-s.patch b/1003-sysctl-Don-t-pass-null-directive-argument-to-s.patch deleted file mode 100644 index ebf2592..0000000 --- a/1003-sysctl-Don-t-pass-null-directive-argument-to-s.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 74dbb8676dcc35c9b1431254142b3cf24ac7e1a4 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Sun, 16 Dec 2018 20:53:38 -0800 -Subject: [PATCH] sysctl: Don't pass null directive argument to '%s' - -value pointer here is always NULL but subsequent use of that pointer -with a %s format will always be NULL, printing p instead would be a -valid string - -Signed-off-by: Khem Raj ---- - src/sysctl/sysctl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c -index 0151f7dabe..61447bb72e 100644 ---- a/src/sysctl/sysctl.c -+++ b/src/sysctl/sysctl.c -@@ -112,7 +112,7 @@ static int parse_file(OrderedHashmap *sysctl_options, const char *path, bool ign - - value = strchr(p, '='); - if (!value) { -- log_error("Line is not an assignment at '%s:%u': %s", path, c, value); -+ log_error("Line is not an assignment at '%s:%u': %s", path, c, p); - - if (r == 0) - r = -EINVAL; --- -2.18.1 - diff --git a/1004-test-use-builddir-systemd-runtest.env-to-set-SYSTEMD.patch b/1004-test-use-builddir-systemd-runtest.env-to-set-SYSTEMD.patch deleted file mode 100644 index f5edab5..0000000 --- a/1004-test-use-builddir-systemd-runtest.env-to-set-SYSTEMD.patch +++ /dev/null @@ -1,171 +0,0 @@ -From 89bb4cdeae7903e58fe11431fb51f8d995deb0a3 Mon Sep 17 00:00:00 2001 -From: Filipe Brandenburger -Date: Tue, 11 Sep 2018 23:55:02 -0700 -Subject: [PATCH] test: use ${builddir}/systemd-runtest.env to set - $SYSTEMD_TEST_DATA - -This simplifies get_testdata_dir() to simply checking for an environment -variable, with an additional function to locate a systemd-runtest.env file in -the same directory as the test binary and reading environment variable -assignments from that file if it exists. - -This makes it possible to: -- Run `ninja test` from the build dir and have it use ${srcdir}/test for - test unit definitions. -- Run a test directly, such as `build/test-execute` and have it locate - them correctly. -- Run installed tests (from systemd-tests package) and locate the test - units in the installed location (/usr/lib/systemd/tests/testdata), in - which case the absence of the systemd-runtest.env file will have - get_testdata_dir() use the installed location hardcoded into the - binaries. - -Explicit setting of $SYSTEMD_TEST_DATA still overrides the contents of -systemd-runtest.env. - -Signed-off-by: Wen Yang -(cherry picked from commit e2d413707fc68ed033a83e10a055ca638a1e1e18) ---- - meson.build | 10 ++++++- - src/shared/tests.c | 67 ++++++++++++++++++++++------------------------ - 2 files changed, 41 insertions(+), 36 deletions(-) - -diff --git a/meson.build b/meson.build -index 0ba3f924ea..8c4549640b 100644 ---- a/meson.build -+++ b/meson.build -@@ -213,6 +213,7 @@ conf.set_quoted('SYSTEM_SHUTDOWN_PATH', systemshutdowndir) - conf.set_quoted('SYSTEM_SLEEP_PATH', systemsleepdir) - conf.set_quoted('SYSTEMD_KBD_MODEL_MAP', join_paths(pkgdatadir, 'kbd-model-map')) - conf.set_quoted('SYSTEMD_LANGUAGE_FALLBACK_MAP', join_paths(pkgdatadir, 'language-fallback-map')) -+conf.set_quoted('SYSTEMD_TEST_DATA', join_paths(testsdir, 'testdata')) - conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir) - conf.set_quoted('POLKIT_AGENT_BINARY_PATH', join_paths(bindir, 'pkttyagent')) - conf.set_quoted('LIBDIR', libdir) -@@ -229,7 +230,6 @@ conf.set('MEMORY_ACCOUNTING_DEFAULT', memory_accounting_ - conf.set_quoted('MEMORY_ACCOUNTING_DEFAULT_YES_NO', memory_accounting_default ? 'yes' : 'no') - - conf.set_quoted('ABS_BUILD_DIR', meson.build_root()) --conf.set_quoted('ABS_SRC_DIR', meson.source_root()) - - substs.set('prefix', prefixdir) - substs.set('exec_prefix', prefixdir) -@@ -2592,6 +2592,14 @@ executable('systemd-sulogin-shell', - - ############################################################ - -+custom_target( -+ 'systemd-runtest.env', -+ output : 'systemd-runtest.env', -+ command : ['sh', '-c', '{ ' + -+ 'echo SYSTEMD_TEST_DATA=@0@; '.format(join_paths(meson.current_source_dir(), 'test')) + -+ '} >@OUTPUT@'], -+ build_by_default : true) -+ - foreach tuple : tests - sources = tuple[0] - link_with = tuple[1].length() > 0 ? tuple[1] : [libshared] -diff --git a/src/shared/tests.c b/src/shared/tests.c -index 100b62b9b0..102b343fef 100644 ---- a/src/shared/tests.c -+++ b/src/shared/tests.c -@@ -6,8 +6,11 @@ - #include - #include - --#include "tests.h" -+#include "alloc-util.h" -+#include "fileio.h" - #include "path-util.h" -+#include "strv.h" -+#include "tests.h" - - char* setup_fake_runtime_dir(void) { - char t[] = "/tmp/fake-xdg-runtime-XXXXXX", *p; -@@ -19,55 +22,49 @@ char* setup_fake_runtime_dir(void) { - return p; - } - --bool test_is_running_from_builddir(char **exedir) { -+static void load_testdata_env(void) { -+ static bool called = false; - _cleanup_free_ char *s = NULL; -- bool r; -+ _cleanup_free_ char *envpath = NULL; -+ _cleanup_strv_free_ char **pairs = NULL; -+ char **k, **v; - -- /* Check if we're running from the builddir. Optionally, this returns -- * the path to the directory where the binary is located. */ -+ if (called) -+ return; -+ called = true; - - assert_se(readlink_and_make_absolute("/proc/self/exe", &s) >= 0); -- r = path_startswith(s, ABS_BUILD_DIR); -+ dirname(s); - -- if (exedir) { -- dirname(s); -- *exedir = TAKE_PTR(s); -- } -+ envpath = path_join(NULL, s, "systemd-runtest.env"); -+ if (load_env_file_pairs(NULL, envpath, NULL, &pairs) < 0) -+ return; - -- return r; -+ STRV_FOREACH_PAIR(k, v, pairs) -+ setenv(*k, *v, 0); -+} -+ -+bool test_is_running_from_builddir(char **exedir) { -+ load_testdata_env(); -+ -+ return !!getenv("SYSTEMD_TEST_DATA"); - } - - const char* get_testdata_dir(void) { - const char *env; -- /* convenience: caller does not need to free result */ -- static char testdir[PATH_MAX]; -+ -+ load_testdata_env(); - - /* if the env var is set, use that */ - env = getenv("SYSTEMD_TEST_DATA"); -- testdir[sizeof(testdir) - 1] = '\0'; -- if (env) { -- if (access(env, F_OK) < 0) { -- fputs("ERROR: $SYSTEMD_TEST_DATA directory does not exist\n", stderr); -- exit(EXIT_FAILURE); -- } -- strncpy(testdir, env, sizeof(testdir) - 1); -- } else { -- _cleanup_free_ char *exedir = NULL; -- -- /* Check if we're running from the builddir. If so, use the compiled in path. */ -- if (test_is_running_from_builddir(&exedir)) -- assert_se(snprintf(testdir, sizeof(testdir), "%s/test", ABS_SRC_DIR) > 0); -- else -- /* Try relative path, according to the install-test layout */ -- assert_se(snprintf(testdir, sizeof(testdir), "%s/testdata", exedir) > 0); -- -- if (access(testdir, F_OK) < 0) { -- fputs("ERROR: Cannot find testdata directory, set $SYSTEMD_TEST_DATA\n", stderr); -- exit(EXIT_FAILURE); -- } -+ if (!env) -+ env = SYSTEMD_TEST_DATA; -+ if (access(env, F_OK) < 0) { -+ fprintf(stderr, "ERROR: $SYSTEMD_TEST_DATA directory [%s] does not exist\n", env); -+ exit(EXIT_FAILURE); - } - -- return testdir; -+ return env; - } - - void test_setup_logging(int level) { --- -2.18.1 - diff --git a/1005-test-use-builddir-systemd-runtest.env-for-SYSTEMD_CA.patch b/1005-test-use-builddir-systemd-runtest.env-for-SYSTEMD_CA.patch deleted file mode 100644 index b74edb7..0000000 --- a/1005-test-use-builddir-systemd-runtest.env-for-SYSTEMD_CA.patch +++ /dev/null @@ -1,139 +0,0 @@ -From c5e249d9eaabaeebc3ac447462d50adec3245f2f Mon Sep 17 00:00:00 2001 -From: Filipe Brandenburger -Date: Wed, 12 Sep 2018 00:23:40 -0700 -Subject: [PATCH] test: use ${builddir}/systemd-runtest.env for - $SYSTEMD_CATALOG_DIR - -This makes it so that tests no longer need to know the absolute paths to the -source and build dirs, instead using the systemd-runtest.env file to get these -paths when running from the build tree. - -Confirmed that test-catalog works on `ninja test`, when called standalone and -also when the environment file is not present, in which case it will use the -installed location under /usr/lib/systemd/catalog. - -The location can now also be overridden for this test by setting the -$SYSTEMD_CATALOG_DIR environment variable. - -Signed-off-by: Wen Yang -(cherry picked from commit fef716b28be6e866b8afe995805d5ebe2af6bbfa) ---- - meson.build | 4 ++-- - src/journal/test-catalog.c | 6 +----- - src/shared/tests.c | 22 ++++++++++++++++------ - src/shared/tests.h | 2 +- - src/test/meson.build | 3 +-- - 5 files changed, 21 insertions(+), 16 deletions(-) - -diff --git a/meson.build b/meson.build -index 8c4549640b..cf6990a50e 100644 ---- a/meson.build -+++ b/meson.build -@@ -214,6 +214,7 @@ conf.set_quoted('SYSTEM_SLEEP_PATH', systemsleepdir) - conf.set_quoted('SYSTEMD_KBD_MODEL_MAP', join_paths(pkgdatadir, 'kbd-model-map')) - conf.set_quoted('SYSTEMD_LANGUAGE_FALLBACK_MAP', join_paths(pkgdatadir, 'language-fallback-map')) - conf.set_quoted('SYSTEMD_TEST_DATA', join_paths(testsdir, 'testdata')) -+conf.set_quoted('SYSTEMD_CATALOG_DIR', catalogdir) - conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir) - conf.set_quoted('POLKIT_AGENT_BINARY_PATH', join_paths(bindir, 'pkttyagent')) - conf.set_quoted('LIBDIR', libdir) -@@ -229,8 +230,6 @@ conf.set_quoted('DOCUMENT_ROOT', join_paths(pkgdata - conf.set('MEMORY_ACCOUNTING_DEFAULT', memory_accounting_default ? 'true' : 'false') - conf.set_quoted('MEMORY_ACCOUNTING_DEFAULT_YES_NO', memory_accounting_default ? 'yes' : 'no') - --conf.set_quoted('ABS_BUILD_DIR', meson.build_root()) -- - substs.set('prefix', prefixdir) - substs.set('exec_prefix', prefixdir) - substs.set('libdir', libdir) -@@ -2597,6 +2596,7 @@ custom_target( - output : 'systemd-runtest.env', - command : ['sh', '-c', '{ ' + - 'echo SYSTEMD_TEST_DATA=@0@; '.format(join_paths(meson.current_source_dir(), 'test')) + -+ 'echo SYSTEMD_CATALOG_DIR=@0@; '.format(join_paths(meson.current_build_dir(), 'catalog')) + - '} >@OUTPUT@'], - build_by_default : true) - -diff --git a/src/journal/test-catalog.c b/src/journal/test-catalog.c -index 0c4da29f31..d9ee557b9c 100644 ---- a/src/journal/test-catalog.c -+++ b/src/journal/test-catalog.c -@@ -212,11 +212,7 @@ int main(int argc, char *argv[]) { - - /* If test-catalog is located at the build directory, then use catalogs in that. - * If it is not, e.g. installed by systemd-tests package, then use installed catalogs. */ -- if (test_is_running_from_builddir(NULL)) { -- assert_se(catalog_dir = path_join(NULL, ABS_BUILD_DIR, "catalog")); -- catalog_dirs = STRV_MAKE(catalog_dir); -- } else -- catalog_dirs = STRV_MAKE(CATALOG_DIR); -+ catalog_dirs = STRV_MAKE(get_catalog_dir()); - - assert_se(access(catalog_dirs[0], F_OK) >= 0); - log_notice("Using catalog directory '%s'", catalog_dirs[0]); -diff --git a/src/shared/tests.c b/src/shared/tests.c -index 102b343fef..7bd6f806b9 100644 ---- a/src/shared/tests.c -+++ b/src/shared/tests.c -@@ -44,12 +44,6 @@ static void load_testdata_env(void) { - setenv(*k, *v, 0); - } - --bool test_is_running_from_builddir(char **exedir) { -- load_testdata_env(); -- -- return !!getenv("SYSTEMD_TEST_DATA"); --} -- - const char* get_testdata_dir(void) { - const char *env; - -@@ -72,3 +66,19 @@ void test_setup_logging(int level) { - log_parse_environment(); - log_open(); - } -+ -+const char* get_catalog_dir(void) { -+ const char *env; -+ -+ load_testdata_env(); -+ -+ /* if the env var is set, use that */ -+ env = getenv("SYSTEMD_CATALOG_DIR"); -+ if (!env) -+ env = SYSTEMD_CATALOG_DIR; -+ if (access(env, F_OK) < 0) { -+ fprintf(stderr, "ERROR: $SYSTEMD_CATALOG_DIR directory [%s] does not exist\n", env); -+ exit(EXIT_FAILURE); -+ } -+ return env; -+} -diff --git a/src/shared/tests.h b/src/shared/tests.h -index 3d696d02fd..19a9fa0fee 100644 ---- a/src/shared/tests.h -+++ b/src/shared/tests.h -@@ -2,6 +2,6 @@ - #pragma once - - char* setup_fake_runtime_dir(void); --bool test_is_running_from_builddir(char **exedir); - const char* get_testdata_dir(void); -+const char* get_catalog_dir(void); - void test_setup_logging(int level); -diff --git a/src/test/meson.build b/src/test/meson.build -index 7b310d4ec7..b4b9e8a60e 100644 ---- a/src/test/meson.build -+++ b/src/test/meson.build -@@ -776,8 +776,7 @@ tests += [ - libshared], - [threads, - libxz, -- liblz4], -- '', '', '-DCATALOG_DIR="@0@"'.format(catalogdir)], -+ liblz4]], - - [['src/journal/test-compress.c'], - [libjournal_core, --- -2.18.1 - diff --git a/1007-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch b/1007-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch deleted file mode 100644 index eeb47f7..0000000 --- a/1007-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 7188a29295f3a6f2c8e0a7c5a5ae4914088ee6fc Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Tue, 20 Nov 2018 16:55:51 +0100 -Subject: [PATCH] exit-status: introduce EXIT_EXCEPTION mapping to 255 - -cherry-picked from upstream 3584d3ca. - -Conflicts: - src/basic/exit-status.c - src/basic/exit-status.h - -Signed-off-by: Yuanhong Peng ---- - src/basic/exit-status.c | 10 +++++++--- - src/basic/exit-status.h | 2 ++ - 2 files changed, 9 insertions(+), 3 deletions(-) - -diff --git a/src/basic/exit-status.c b/src/basic/exit-status.c -index 0a7a53b73d..58ebc3ca4d 100644 ---- a/src/basic/exit-status.c -+++ b/src/basic/exit-status.c -@@ -19,9 +19,10 @@ const char* exit_status_to_string(int status, ExitStatusLevel level) { - * 79…199 │ (Currently unmapped) - * 200…241 │ systemd's private error codes (might be extended to 254 in future development) - * 242…254 │ (Currently unmapped, but see above) -- * 255 │ (We should probably stay away from that one, it's frequently used by applications to indicate an -- * │ exit reason that cannot really be expressed in a single exit status value — such as a propagated -- * │ signal or such) -+ * -+ * 255 │ EXIT_EXCEPTION (We use this to propagate exit-by-signal events. It's frequently used by others apps (like bash) -+ * │ to indicate exit reason that cannot really be expressed in a single exit status value — such as a propagated -+ * │ signal or such, and we follow that logic here.) - */ - - switch (status) { /* We always cover the ISO C ones */ -@@ -158,6 +159,9 @@ const char* exit_status_to_string(int status, ExitStatusLevel level) { - - case EXIT_NUMA_POLICY: - return "NUMA_POLICY"; -+ -+ case EXIT_EXCEPTION: -+ return "EXCEPTION"; - } - } - -diff --git a/src/basic/exit-status.h b/src/basic/exit-status.h -index dc284aacb1..5637e6aa04 100644 ---- a/src/basic/exit-status.h -+++ b/src/basic/exit-status.h -@@ -70,6 +70,8 @@ enum { - EXIT_LOGS_DIRECTORY, /* 240 */ - EXIT_CONFIGURATION_DIRECTORY, - EXIT_NUMA_POLICY, -+ -+ EXIT_EXCEPTION = 255, /* Whenever we want to propagate an abnormal/signal exit, in line with bash */ - }; - - typedef enum ExitStatusLevel { --- -2.18.1 - diff --git a/1008-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch b/1008-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch deleted file mode 100644 index 94923e1..0000000 --- a/1008-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 6c76e460aed00997766a638fa8b40cc1b17a14d5 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Tue, 20 Nov 2018 13:16:48 +0100 -Subject: [PATCH] main: don't freeze PID 1 in containers, exit with - non-zero instead - -After all we have a nice way to propagate total failures, hence let's -use it. - -cherry-picked from upstream bb259772 without conflict. - -Signed-off-by: Yuanhong Peng ---- - src/core/main.c | 15 +++++++++++---- - 1 file changed, 11 insertions(+), 4 deletions(-) - -diff --git a/src/core/main.c b/src/core/main.c -index 25536054b3..1ecdc47446 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -139,7 +139,14 @@ static NUMAPolicy arg_numa_policy; - static int parse_configuration(const struct rlimit *saved_rlimit_nofile, - const struct rlimit *saved_rlimit_memlock); - --_noreturn_ static void freeze_or_reboot(void) { -+_noreturn_ static void freeze_or_exit_or_reboot(void) { -+ -+ /* If we are running in a contianer, let's prefer exiting, after all we can propagate an exit code to the -+ * container manager, and thus inform it that something went wrong. */ -+ if (detect_container() > 0) { -+ log_emergency("Exiting PID 1..."); -+ exit(EXIT_EXCEPTION); -+ } - - if (arg_crash_reboot) { - log_notice("Rebooting in 10s..."); -@@ -247,7 +254,7 @@ _noreturn_ static void crash(int sig) { - } - } - -- freeze_or_reboot(); -+ freeze_or_exit_or_reboot(); - } - - static void install_crash_handler(void) { -@@ -2664,8 +2671,8 @@ finish: - if (error_message) - manager_status_printf(NULL, STATUS_TYPE_EMERGENCY, - ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL, -- "%s, freezing.", error_message); -- freeze_or_reboot(); -+ "%s.", error_message); -+ freeze_or_exit_or_reboot(); - } - - return retval; --- -2.18.1 - diff --git a/1009-Do-not-go-into-freeze-when-systemd-crashd.patch b/1009-Do-not-go-into-freeze-when-systemd-crashd.patch deleted file mode 100644 index 2b457bc..0000000 --- a/1009-Do-not-go-into-freeze-when-systemd-crashd.patch +++ /dev/null @@ -1,111 +0,0 @@ -From d05802b22fda63164a1f12a60ebf726a44fbecb4 Mon Sep 17 00:00:00 2001 -From: Yuanhong Peng -Date: Mon, 14 Dec 2020 17:04:28 +0800 -Subject: [PATCH] Do not go into freeze when systemd crashd - -If something unexpected happens which cause systemd to freeze, the system -cannot resume without a reboot, furthermore, if a service dies or exits, -no one else can recycle all child processes of the service, which will -cause a number of zombie processes remaining in the system. So we -introduce a mechanism, when systemd enters freeze state, you can send -SIGTERM to it to force systemd to re-exec. This may helps to resume the -system if it cannot reboot. - -Signed-off-by: Yuanhong Peng ---- - src/core/main.c | 40 +++++++++++++++++++++++++++++++++++++++- - 1 file changed, 39 insertions(+), 1 deletion(-) - -diff --git a/src/core/main.c b/src/core/main.c -index 1ecdc47446..a72c685b20 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -3,6 +3,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -10,6 +11,7 @@ - #include - #include - #include -+#include - #include - #if HAVE_SECCOMP - #include -@@ -135,10 +137,41 @@ static sd_id128_t arg_machine_id; - static EmergencyAction arg_cad_burst_action; - static CPUSet arg_cpu_affinity; - static NUMAPolicy arg_numa_policy; -+static bool reexec_jmp_can = false; -+static bool reexec_jmp_inited = false; -+static sigjmp_buf reexec_jmp_buf; - - static int parse_configuration(const struct rlimit *saved_rlimit_nofile, - const struct rlimit *saved_rlimit_memlock); - -+static void reexec_handler(int sig) { -+ reexec_jmp_can = true; -+} -+ -+_noreturn_ static void freeze_wait_upgrade(void) { -+ struct sigaction sa; -+ sigset_t ss; -+ -+ sigemptyset(&ss); -+ sigaddset(&ss, SIGTERM); -+ sigprocmask(SIG_UNBLOCK, &ss, NULL); -+ -+ sa.sa_handler = reexec_handler; -+ sa.sa_flags = SA_RESTART; -+ sigaction(SIGTERM, &sa, NULL); -+ -+ log_error("freeze_wait_upgrade: %d\n", reexec_jmp_inited); -+ reexec_jmp_can = false; -+ while(1) { -+ usleep(10000); -+ if (reexec_jmp_inited && reexec_jmp_can) { -+ log_error("goto manager_reexecute.\n"); -+ siglongjmp(reexec_jmp_buf, 1); -+ } -+ waitpid(-1, NULL, WNOHANG); -+ } -+} -+ - _noreturn_ static void freeze_or_exit_or_reboot(void) { - - /* If we are running in a contianer, let's prefer exiting, after all we can propagate an exit code to the -@@ -158,7 +191,7 @@ _noreturn_ static void freeze_or_exit_or_reboot(void) { - } - - log_emergency("Freezing execution."); -- freeze(); -+ freeze_wait_upgrade(); - } - - _noreturn_ static void crash(int sig) { -@@ -1668,6 +1701,10 @@ static int invoke_main_loop( - assert(ret_switch_root_init); - assert(ret_error_message); - -+ reexec_jmp_inited = true; -+ if (sigsetjmp(reexec_jmp_buf, 1)) -+ goto manager_reexecute; -+ - for (;;) { - r = manager_loop(m); - if (r < 0) { -@@ -1710,6 +1747,7 @@ static int invoke_main_loop( - - case MANAGER_REEXECUTE: - -+manager_reexecute: - r = prepare_reexecute(m, &arg_serialization, ret_fds, false); - if (r < 0) { - *ret_error_message = "Failed to prepare for reexecution"; --- -2.18.1 - diff --git a/1010-mount-setup-change-the-system-mount-propagation-to-s.patch b/1010-mount-setup-change-the-system-mount-propagation-to-s.patch deleted file mode 100644 index 4066dfd..0000000 --- a/1010-mount-setup-change-the-system-mount-propagation-to-s.patch +++ /dev/null @@ -1,77 +0,0 @@ -From bdd65129e7fbd09c7e0c1fd7fbaffeb9b0b81e1d Mon Sep 17 00:00:00 2001 -From: Wen Yang -Date: Mon, 23 Mar 2020 10:42:46 +0800 -Subject: [PATCH] mount-setup: change the system mount propagation to - shared by default only at bootup - -The commit b3ac5f8cb987 has changed the system mount propagation to -shared by default, and according to the following patch: -https://github.com/opencontainers/runc/pull/208 -When starting the container, the pouch daemon will call runc to execute -make-private. - -However, if the systemctl daemon-reexec is executed after the container -has been started, the system mount propagation will be changed to share -again by default, and the make-private operation above will have no chance -to execute. - -cherry-picked from upstream f74349d8 without conflict. - -Signed-off-by: Yuanhong Peng ---- - src/core/main.c | 2 +- - src/core/mount-setup.c | 4 ++-- - src/core/mount-setup.h | 2 +- - 3 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/core/main.c b/src/core/main.c -index a72c685b20..55c54aecd5 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -2519,7 +2519,7 @@ int main(int argc, char *argv[]) { - if (!skip_setup) - kmod_setup(); - -- r = mount_setup(loaded_policy); -+ r = mount_setup(loaded_policy, skip_setup); - if (r < 0) { - error_message = "Failed to mount API filesystems"; - goto finish; -diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c -index b3cf13af2b..ff7fc18765 100644 ---- a/src/core/mount-setup.c -+++ b/src/core/mount-setup.c -@@ -400,7 +400,7 @@ static int relabel_cgroup_filesystems(void) { - } - #endif - --int mount_setup(bool loaded_policy) { -+int mount_setup(bool loaded_policy, bool leave_propagation) { - int r = 0; - - r = mount_points_setup(ELEMENTSOF(mount_table), loaded_policy); -@@ -444,7 +444,7 @@ int mount_setup(bool loaded_policy) { - * needed. Note that we set this only when we are invoked directly by the kernel. If we are invoked by a - * container manager we assume the container manager knows what it is doing (for example, because it set up - * some directories with different propagation modes). */ -- if (detect_container() <= 0) -+ if (detect_container() <= 0 && !leave_propagation) - if (mount(NULL, "/", NULL, MS_REC|MS_SHARED, NULL) < 0) - log_warning_errno(errno, "Failed to set up the root directory for shared mount propagation: %m"); - -diff --git a/src/core/mount-setup.h b/src/core/mount-setup.h -index 43cd8908de..7a011b25c8 100644 ---- a/src/core/mount-setup.h -+++ b/src/core/mount-setup.h -@@ -4,7 +4,7 @@ - #include - - int mount_setup_early(void); --int mount_setup(bool loaded_policy); -+int mount_setup(bool loaded_policy, bool leave_propagation); - - int mount_cgroup_controllers(char ***join_controllers); - --- -2.18.1 - diff --git a/1012-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch b/1012-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch deleted file mode 100644 index 7936d17..0000000 --- a/1012-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 334dddc80cb53561c49f9a7b4e5237a6451a9964 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Fri, 26 Oct 2018 15:31:30 +0200 -Subject: [PATCH] cgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() unsigned - -Otherwise doing comparing a CGroupMask (which is unsigned in effect) -with the result of CGROUP_CONTROLLER_TO_MASK() will result in warnings -about signedness differences. - -cherry-picked from upstream 46f84f95 without conflict. - -Signed-off-by: Yuanhong Peng ---- - src/basic/cgroup-util.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/basic/cgroup-util.h b/src/basic/cgroup-util.h -index 1210b38a83..76659c3790 100644 ---- a/src/basic/cgroup-util.h -+++ b/src/basic/cgroup-util.h -@@ -31,7 +31,7 @@ typedef enum CGroupController { - _CGROUP_CONTROLLER_INVALID = -1, - } CGroupController; - --#define CGROUP_CONTROLLER_TO_MASK(c) (1 << (c)) -+#define CGROUP_CONTROLLER_TO_MASK(c) (1U << (c)) - - /* A bit mask of well known cgroup controllers */ - typedef enum CGroupMask { --- -2.18.1 - diff --git a/1013-cgroup-update-only-siblings-that-got-realized-once.patch b/1013-cgroup-update-only-siblings-that-got-realized-once.patch deleted file mode 100644 index cd83cd1..0000000 --- a/1013-cgroup-update-only-siblings-that-got-realized-once.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 18561b46343c94af359d74a48c34974739b46eeb Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Mon, 13 Jan 2020 20:06:39 +0100 -Subject: [PATCH] cgroup: update only siblings that got realized once - -Fixes: #14475 -Replaces: #14554 - -cherry-picked from upstream e1e98911 without conflict. - -Signed-off-by: Yuanhong Peng ---- - src/core/cgroup.c | 17 ++++++++++++++++- - 1 file changed, 16 insertions(+), 1 deletion(-) - -diff --git a/src/core/cgroup.c b/src/core/cgroup.c -index e0eb184fd2..00121e3f37 100644 ---- a/src/core/cgroup.c -+++ b/src/core/cgroup.c -@@ -1964,7 +1964,15 @@ static void unit_add_siblings_to_cgroup_realize_queue(Unit *u) { - Unit *slice; - - /* This adds the siblings of the specified unit and the siblings of all parent units to the cgroup -- * queue. (But neither the specified unit itself nor the parents.) */ -+ * queue. (But neither the specified unit itself nor the parents.) -+ * -+ * Propagation of realization "side-ways" (i.e. towards siblings) is in relevant on cgroup-v1 where -+ * scheduling become very weird if two units that own processes reside in the same slice, but one is -+ * realized in the "cpu" hierarchy and once is not (for example because one has CPUWeight= set and -+ * the other does not), because that means processes need to be scheduled against groups. Let's avoid -+ * this asymmetry by always ensuring that units below a slice that are realized at all are hence -+ * always realized in *all* their hierarchies, and it is sufficient for a unit's sibling to be -+ * realized for a unit to be realized too. */ - - while ((slice = UNIT_DEREF(u->slice))) { - Iterator i; -@@ -1972,6 +1980,7 @@ static void unit_add_siblings_to_cgroup_realize_queue(Unit *u) { - void *v; - - HASHMAP_FOREACH_KEY(v, m, slice->dependencies[UNIT_BEFORE], i) { -+ - /* Skip units that have a dependency on the slice but aren't actually in it. */ - if (UNIT_DEREF(m->slice) != slice) - continue; -@@ -1980,6 +1989,11 @@ static void unit_add_siblings_to_cgroup_realize_queue(Unit *u) { - if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(m))) - continue; - -+ /* We only enqueue siblings if they were realized once at least, in the main -+ * hierarchy. */ -+ if (!m->cgroup_realized) -+ continue; -+ - /* If the unit doesn't need any new controllers and has current ones realized, it - * doesn't need any changes. */ - if (unit_has_mask_realized(m, -@@ -2264,6 +2278,7 @@ void unit_add_to_cgroup_empty_queue(Unit *u) { - /* Let's verify that the cgroup is really empty */ - if (!u->cgroup_path) - return; -+ - r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path); - if (r < 0) { - log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path); --- -2.18.1 - diff --git a/1014-core-add-a-config-item-to-support-setting-the-value-.patch b/1014-core-add-a-config-item-to-support-setting-the-value-.patch deleted file mode 100644 index 08d87b1..0000000 --- a/1014-core-add-a-config-item-to-support-setting-the-value-.patch +++ /dev/null @@ -1,121 +0,0 @@ -From 729300a386ee380406b6ea92e0924877066b1a3d Mon Sep 17 00:00:00 2001 -From: Yuanhong Peng -Date: Tue, 15 Dec 2020 11:47:49 +0800 -Subject: [PATCH] core: add a config item to support setting the value - of cpuset.clone_children when systemd is starting - -Signed-off-by: Yuanhong Peng ---- - src/core/main.c | 68 +++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 68 insertions(+) - -diff --git a/src/core/main.c b/src/core/main.c -index 55c54aecd5..f241707842 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -140,6 +140,7 @@ static NUMAPolicy arg_numa_policy; - static bool reexec_jmp_can = false; - static bool reexec_jmp_inited = false; - static sigjmp_buf reexec_jmp_buf; -+static bool arg_default_cpuset_clone_children = false; - - static int parse_configuration(const struct rlimit *saved_rlimit_nofile, - const struct rlimit *saved_rlimit_memlock); -@@ -528,6 +529,14 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat - - parse_path_argument_and_warn(value, false, &arg_watchdog_device); - -+ } else if (proc_cmdline_key_streq(key, "systemd.cpuset_clone_children") && value) { -+ -+ r = parse_boolean(value); -+ if (r < 0) -+ log_warning("Failed to parse cpuset_clone_children switch %s. Ignoring.", value); -+ else -+ arg_default_cpuset_clone_children = r; -+ - } else if (streq(key, "quiet") && !value) { - - if (arg_show_status == _SHOW_STATUS_UNSET) -@@ -756,6 +765,7 @@ static int parse_config_file(void) { - { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting }, - { "Manager", "DefaultTasksMax", config_parse_tasks_max, 0, &arg_default_tasks_max }, - { "Manager", "CtrlAltDelBurstAction", config_parse_emergency_action, 0, &arg_cad_burst_action }, -+ { "Manager", "DefaultCPUSetCloneChildren",config_parse_bool, 0, &arg_default_cpuset_clone_children }, - {} - }; - -@@ -1872,6 +1882,63 @@ static void log_execution_mode(bool *ret_first_boot) { - } - } - -+static bool is_use_triple_cgroup(void) { -+ const char * path ="/sys/fs/cgroup/cpuset"; -+ _cleanup_strv_free_ char **l = NULL; -+ char buf[128] = {0}; -+ int r; -+ -+ r = is_symlink(path); -+ if (r <= 0) -+ return false; -+ -+ r = readlink(path, buf, sizeof(buf)); -+ if (r < 0 || (unsigned int)r >= sizeof(buf)) -+ return false; -+ -+ buf[r] = '\0'; -+ l = strv_split(buf, ","); -+ if (!l) -+ return false; -+ -+ strv_sort(l); -+ if (strv_length(l) != 3) -+ return false; -+ -+ if (streq(l[0],"cpu") && streq(l[1], "cpuacct") && -+ streq(l[2], "cpuset")) { -+ log_debug(PACKAGE_STRING " use_triple_cgroup: %s", buf); -+ return true; -+ } -+ return false; -+} -+ -+static int ali_handle_cpuset_clone_children(void) -+{ -+ const char *file = "/sys/fs/cgroup/cpuset/cgroup.clone_children"; -+ _cleanup_free_ char *buf = NULL; -+ int r; -+ -+ r = read_one_line_file(file, &buf); -+ if (r < 0) { -+ log_warning_errno(r, "Cannot read %s: %m", file); -+ return r; -+ } -+ -+ if (streq(buf, "1") && arg_default_cpuset_clone_children) -+ return 0; -+ -+ if (streq(buf, "0") && (!arg_default_cpuset_clone_children)) -+ return 0; -+ -+ if (!is_use_triple_cgroup()) -+ return 0; -+ -+ r = write_string_file(file, one_zero(arg_default_cpuset_clone_children), 0); -+ log_info(PACKAGE_STRING " set %s to %s, ret=%d", file, one_zero(arg_default_cpuset_clone_children), r); -+ return r; -+} -+ - static int initialize_runtime( - bool skip_setup, - struct rlimit *saved_rlimit_nofile, -@@ -1906,6 +1973,7 @@ static int initialize_runtime( - return r; - } - -+ ali_handle_cpuset_clone_children(); - status_welcome(); - hostname_setup(); - machine_id_setup(NULL, arg_machine_id, NULL); --- -2.18.1 - diff --git a/1015-systemd-anolis-support-loongarch64.patch b/1015-systemd-anolis-support-loongarch64.patch deleted file mode 100644 index 8f23b97..0000000 --- a/1015-systemd-anolis-support-loongarch64.patch +++ /dev/null @@ -1,56 +0,0 @@ -From bd646124c244f6de65cd829b33f5912c1d540bb4 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Fri, 6 Aug 2021 08:15:19 +0000 -Subject: [PATCH] support loongarch64 for systemd - ---- - src/basic/architecture.c | 3 +++ - src/basic/architecture.h | 4 ++++ - 2 files changed, 7 insertions(+) - -diff --git a/src/basic/architecture.c b/src/basic/architecture.c -index 85837b5..3807ea5 100644 ---- a/src/basic/architecture.c -+++ b/src/basic/architecture.c -@@ -118,6 +118,8 @@ int uname_architecture(void) { - #elif defined(__arc__) - { "arc", ARCHITECTURE_ARC }, - { "arceb", ARCHITECTURE_ARC_BE }, -+#elif defined(__loongarch64) -+ { "loongarch64", ARCHITECTURE_LOONGARCH64 }, - #else - #error "Please register your architecture here!" - #endif -@@ -173,6 +175,7 @@ static const char *const architecture_table[_ARCHITECTURE_MAX] = { - [ARCHITECTURE_RISCV64] = "riscv64", - [ARCHITECTURE_ARC] = "arc", - [ARCHITECTURE_ARC_BE] = "arc-be", -+ [ARCHITECTURE_LOONGARCH64] = "loongarch64", - }; - - DEFINE_STRING_TABLE_LOOKUP(architecture, int); -diff --git a/src/basic/architecture.h b/src/basic/architecture.h -index 443e890..935622c 100644 ---- a/src/basic/architecture.h -+++ b/src/basic/architecture.h -@@ -44,6 +44,7 @@ enum { - ARCHITECTURE_RISCV64, - ARCHITECTURE_ARC, - ARCHITECTURE_ARC_BE, -+ ARCHITECTURE_LOONGARCH64, - _ARCHITECTURE_MAX, - _ARCHITECTURE_INVALID = -1 - }; -@@ -229,6 +230,9 @@ int uname_architecture(void); - # define native_architecture() ARCHITECTURE_ARC - # define LIB_ARCH_TUPLE "arc-linux" - # endif -+#elif defined(__loongarch64) -+# define native_architecture() ARCHITECTURE_LOONGARCH64 -+# define LIB_ARCH_TUPLE "loongarch64-linux-gnu" - #else - # error "Please register your architecture here!" - #endif --- -2.27.0 - diff --git a/systemd.spec b/systemd.spec index 67e3821..074c6ef 100644 --- a/systemd.spec +++ b/systemd.spec @@ -1,5 +1,3 @@ -%define anolis_release .0.2 - #global gitcommit 10e465b5321bd53c1fc59ffab27e724535c6bc0f %{?gitcommit:%global gitcommitshort %(c=%{gitcommit}; echo ${c:0:7})} @@ -15,7 +13,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 239 -Release: 51%{anolis_release}%{?dist}.3 +Release: 51%{?dist}.5 # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -720,21 +718,26 @@ Patch0665: 0665-core-return-true-from-cg_is_empty-on-ENOENT.patch Patch0666: 0666-Do-not-fail-if-the-same-alt.-name-is-set-again.patch Patch0667: 0667-meson-avoid-bogus-meson-warning.patch Patch0668: 0668-meson-do-not-fail-if-rsync-is-not-installed-with-mes.patch +Patch0669: 0669-mount-don-t-propagate-errors-from-mount_setup_unit-f.patch +Patch0670: 0670-test-make-TEST-47-less-racy.patch +Patch0671: 0671-macro-define-HAS_FEATURE_ADDRESS_SANITIZER-also-on-g.patch +Patch0672: 0672-tests-add-helper-function-to-autodetect-CI-environme.patch +Patch0673: 0673-strv-rework-FOREACH_STRING-macro.patch +Patch0674: 0674-test-systemctl-use-const-char-instead-of-char.patch +Patch0675: 0675-ci-pass-the-GITHUB_ACTIONS-variable-to-the-CentOS-co.patch +Patch0676: 0676-core-rename-unit_-start_limit-condition-assert-_test.patch +Patch0677: 0677-core-Check-unit-start-rate-limiting-earlier.patch +Patch0678: 0678-sd-event-introduce-callback-invoked-when-event-sourc.patch +Patch0679: 0679-core-rename-generalize-UNIT-u-test_start_limit-hook.patch +Patch0680: 0680-mount-make-mount-units-start-jobs-not-runnable-if-p-.patch +Patch0681: 0681-mount-retrigger-run-queue-after-ratelimit-expired-to.patch +Patch0682: 0682-pid1-add-a-manager_trigger_run_queue-helper.patch +Patch0683: 0683-unit-add-jobs-that-were-skipped-because-of-ratelimit.patch +Patch0684: 0684-udev-net_id-introduce-naming-scheme-for-RHEL-8.5.patch +Patch0685: 0685-udev-net_id-remove-extraneous-bracket.patch +Patch0686: 0686-mount-do-not-update-exec-deps-on-mountinfo-changes.patch +Patch0687: 0687-core-mount-add-implicit-unit-dependencies-even-if-wh.patch -Patch1002: 1002-core-fix-a-null-reference-case-in-load_from_path.patch -Patch1003: 1003-sysctl-Don-t-pass-null-directive-argument-to-s.patch -Patch1004: 1004-test-use-builddir-systemd-runtest.env-to-set-SYSTEMD.patch -Patch1005: 1005-test-use-builddir-systemd-runtest.env-for-SYSTEMD_CA.patch -Patch1006: 1006-strv-rework-FOREACH_STRING-macro.patch -Patch1007: 1007-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch -Patch1008: 1008-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch -Patch1009: 1009-Do-not-go-into-freeze-when-systemd-crashd.patch -Patch1010: 1010-mount-setup-change-the-system-mount-propagation-to-s.patch -Patch1011: 1011-mount-don-t-propagate-errors-from-mount_setup_unit-f.patch -Patch1012: 1012-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch -Patch1013: 1013-cgroup-update-only-siblings-that-got-realized-once.patch -Patch1014: 1014-core-add-a-config-item-to-support-setting-the-value-.patch -Patch1015: 1015-systemd-anolis-support-loongarch64.patch %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 @@ -1361,23 +1364,28 @@ fi %files tests -f .file-list-tests %changelog -* Tue Jan 25 2022 zhangwenlong - 239-51.3.0.2 -- support loongarch for systemd - -* Tue Jan 18 2022 Yuanhong Peng - 239-51.3.0.1 -- core: fix a null reference case in load_from_path() -- sysctl: Don't pass null directive argument to '%s' -- test: use ${builddir}/systemd-runtest.env to set $SYSTEMD_TEST_DATA -- test: use ${builddir}/systemd-runtest.env for $SYSTEMD_CATALOG_DIR -- strv: rework FOREACH_STRING() macro -- exit-status: introduce EXIT_EXCEPTION mapping to 255 -- main: don't freeze PID 1 in containers, exit with non-zero instead -- Do not go into freeze when systemd crashd -- mount-setup: change the system mount propagation to shared by default only at bootup -- mount: don't propagate errors from mount_setup_unit() further up -- cgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() unsigned -- cgroup: update only siblings that got realized once -- core: add a config item to support setting the value of cpuset.clone_children when systemd is starting +* Tue Jan 25 2022 systemd maintenance team - 239-51.5 +- mount: do not update exec deps on mountinfo changes (#2038878) +- core/mount: add implicit unit dependencies even if when mount unit is generated from /proc/self/mountinfo (#2038878) + +* Thu Jan 13 2022 systemd maintenance team - 239-51.4 +- mount: don't propagate errors from mount_setup_unit() further up (#2039327) +- test: make TEST-47 less racy (#2039327) +- macro: define HAS_FEATURE_ADDRESS_SANITIZER also on gcc (#2039327) +- tests: add helper function to autodetect CI environments (#2039327) +- strv: rework FOREACH_STRING() macro (#2039327) +- test,systemctl: use "const char*" instead of "char*" (#2039327) +- ci: pass the $GITHUB_ACTIONS variable to the CentOS container (#2039327) +- core: rename unit_{start_limit|condition|assert}_test() to unit_test_xyz() (#2037395) +- core: Check unit start rate limiting earlier (#2037395) +- sd-event: introduce callback invoked when event source ratelimit expires (#2037395) +- core: rename/generalize UNIT(u)->test_start_limit() hook (#2037395) +- mount: make mount units start jobs not runnable if /p/s/mountinfo ratelimit is in effect (#2037395) +- mount: retrigger run queue after ratelimit expired to run delayed mount start jobs (#2037395) +- pid1: add a manager_trigger_run_queue() helper (#2037395) +- unit: add jobs that were skipped because of ratelimit back to run_queue (#2037395) +- udev/net_id: introduce naming scheme for RHEL-8.5 (#2040244) +- udev/net_id: remove extraneous bracket (#2040244) * Fri Dec 10 2021 systemd maintenance team - 239-51.3 - Do not fail if the same alt. name is set again (#2030027) -- Gitee From 571bc0a828c7452eb08cc2b02b7f2a3ceb762ed0 Mon Sep 17 00:00:00 2001 From: Yuanhong Peng Date: Tue, 14 Dec 2021 15:45:16 +0800 Subject: [PATCH 2/3] Add optimized patches - core: fix a null reference case in load_from_path() - sysctl: Don't pass null directive argument to '%s' - exit-status: introduce EXIT_EXCEPTION mapping to 255 - main: don't freeze PID 1 in containers, exit with non-zero instead - Do not go into freeze when systemd crashd - mount-setup: change the system mount propagation to shared by default only at bootup - cgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() unsigned - cgroup: update only siblings that got realized once - core: add a config item to support setting the value of cpuset.clone_children when systemd is starting Signed-off-by: Yuanhong Peng --- ...ull-reference-case-in-load_from_path.patch | 34 +++++ ...-t-pass-null-directive-argument-to-s.patch | 30 +++++ ...roduce-EXIT_EXCEPTION-mapping-to-255.patch | 61 +++++++++ ...e-PID-1-in-containers-exit-with-non-.patch | 59 +++++++++ ...t-go-into-freeze-when-systemd-crashd.patch | 111 ++++++++++++++++ ...ge-the-system-mount-propagation-to-s.patch | 77 +++++++++++ ...-definition-of-CGROUP_CONTROLLER_TO_.patch | 32 +++++ ...only-siblings-that-got-realized-once.patch | 67 ++++++++++ ...g-item-to-support-setting-the-value-.patch | 121 ++++++++++++++++++ systemd.spec | 24 +++- 10 files changed, 615 insertions(+), 1 deletion(-) create mode 100644 1001-core-fix-a-null-reference-case-in-load_from_path.patch create mode 100644 1002-sysctl-Don-t-pass-null-directive-argument-to-s.patch create mode 100644 1003-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch create mode 100644 1004-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch create mode 100644 1005-Do-not-go-into-freeze-when-systemd-crashd.patch create mode 100644 1006-mount-setup-change-the-system-mount-propagation-to-s.patch create mode 100644 1007-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch create mode 100644 1008-cgroup-update-only-siblings-that-got-realized-once.patch create mode 100644 1009-core-add-a-config-item-to-support-setting-the-value-.patch diff --git a/1001-core-fix-a-null-reference-case-in-load_from_path.patch b/1001-core-fix-a-null-reference-case-in-load_from_path.patch new file mode 100644 index 0000000..9da687e --- /dev/null +++ b/1001-core-fix-a-null-reference-case-in-load_from_path.patch @@ -0,0 +1,34 @@ +From 3262f6c71165c309605dd87c88c7daf7dd300e6f Mon Sep 17 00:00:00 2001 +From: Wen Yang +Date: Mon, 1 Jun 2020 17:06:53 +0800 +Subject: [PATCH] core: fix a null reference case in load_from_path() + +--- + src/core/load-fragment.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c +index 33fdb82754..be5d3c2816 100644 +--- a/src/core/load-fragment.c ++++ b/src/core/load-fragment.c +@@ -4415,7 +4415,6 @@ static int load_from_path(Unit *u, const char *path) { + r = open_follow(&filename, &f, symlink_names, &id); + if (r >= 0) + break; +- filename = mfree(filename); + + /* ENOENT means that the file is missing or is a dangling symlink. + * ENOTDIR means that one of paths we expect to be is a directory +@@ -4424,7 +4423,8 @@ static int load_from_path(Unit *u, const char *path) { + */ + if (r == -EACCES) + log_debug_errno(r, "Cannot access \"%s\": %m", filename); +- else if (!IN_SET(r, -ENOENT, -ENOTDIR)) ++ filename = mfree(filename); ++ if (!IN_SET(r, -ENOENT, -ENOTDIR)) + return r; + + /* Empty the symlink names for the next run */ +-- +2.18.1 + diff --git a/1002-sysctl-Don-t-pass-null-directive-argument-to-s.patch b/1002-sysctl-Don-t-pass-null-directive-argument-to-s.patch new file mode 100644 index 0000000..ebf2592 --- /dev/null +++ b/1002-sysctl-Don-t-pass-null-directive-argument-to-s.patch @@ -0,0 +1,30 @@ +From 74dbb8676dcc35c9b1431254142b3cf24ac7e1a4 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sun, 16 Dec 2018 20:53:38 -0800 +Subject: [PATCH] sysctl: Don't pass null directive argument to '%s' + +value pointer here is always NULL but subsequent use of that pointer +with a %s format will always be NULL, printing p instead would be a +valid string + +Signed-off-by: Khem Raj +--- + src/sysctl/sysctl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c +index 0151f7dabe..61447bb72e 100644 +--- a/src/sysctl/sysctl.c ++++ b/src/sysctl/sysctl.c +@@ -112,7 +112,7 @@ static int parse_file(OrderedHashmap *sysctl_options, const char *path, bool ign + + value = strchr(p, '='); + if (!value) { +- log_error("Line is not an assignment at '%s:%u': %s", path, c, value); ++ log_error("Line is not an assignment at '%s:%u': %s", path, c, p); + + if (r == 0) + r = -EINVAL; +-- +2.18.1 + diff --git a/1003-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch b/1003-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch new file mode 100644 index 0000000..eeb47f7 --- /dev/null +++ b/1003-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch @@ -0,0 +1,61 @@ +From 7188a29295f3a6f2c8e0a7c5a5ae4914088ee6fc Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 20 Nov 2018 16:55:51 +0100 +Subject: [PATCH] exit-status: introduce EXIT_EXCEPTION mapping to 255 + +cherry-picked from upstream 3584d3ca. + +Conflicts: + src/basic/exit-status.c + src/basic/exit-status.h + +Signed-off-by: Yuanhong Peng +--- + src/basic/exit-status.c | 10 +++++++--- + src/basic/exit-status.h | 2 ++ + 2 files changed, 9 insertions(+), 3 deletions(-) + +diff --git a/src/basic/exit-status.c b/src/basic/exit-status.c +index 0a7a53b73d..58ebc3ca4d 100644 +--- a/src/basic/exit-status.c ++++ b/src/basic/exit-status.c +@@ -19,9 +19,10 @@ const char* exit_status_to_string(int status, ExitStatusLevel level) { + * 79…199 │ (Currently unmapped) + * 200…241 │ systemd's private error codes (might be extended to 254 in future development) + * 242…254 │ (Currently unmapped, but see above) +- * 255 │ (We should probably stay away from that one, it's frequently used by applications to indicate an +- * │ exit reason that cannot really be expressed in a single exit status value — such as a propagated +- * │ signal or such) ++ * ++ * 255 │ EXIT_EXCEPTION (We use this to propagate exit-by-signal events. It's frequently used by others apps (like bash) ++ * │ to indicate exit reason that cannot really be expressed in a single exit status value — such as a propagated ++ * │ signal or such, and we follow that logic here.) + */ + + switch (status) { /* We always cover the ISO C ones */ +@@ -158,6 +159,9 @@ const char* exit_status_to_string(int status, ExitStatusLevel level) { + + case EXIT_NUMA_POLICY: + return "NUMA_POLICY"; ++ ++ case EXIT_EXCEPTION: ++ return "EXCEPTION"; + } + } + +diff --git a/src/basic/exit-status.h b/src/basic/exit-status.h +index dc284aacb1..5637e6aa04 100644 +--- a/src/basic/exit-status.h ++++ b/src/basic/exit-status.h +@@ -70,6 +70,8 @@ enum { + EXIT_LOGS_DIRECTORY, /* 240 */ + EXIT_CONFIGURATION_DIRECTORY, + EXIT_NUMA_POLICY, ++ ++ EXIT_EXCEPTION = 255, /* Whenever we want to propagate an abnormal/signal exit, in line with bash */ + }; + + typedef enum ExitStatusLevel { +-- +2.18.1 + diff --git a/1004-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch b/1004-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch new file mode 100644 index 0000000..94923e1 --- /dev/null +++ b/1004-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch @@ -0,0 +1,59 @@ +From 6c76e460aed00997766a638fa8b40cc1b17a14d5 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 20 Nov 2018 13:16:48 +0100 +Subject: [PATCH] main: don't freeze PID 1 in containers, exit with + non-zero instead + +After all we have a nice way to propagate total failures, hence let's +use it. + +cherry-picked from upstream bb259772 without conflict. + +Signed-off-by: Yuanhong Peng +--- + src/core/main.c | 15 +++++++++++---- + 1 file changed, 11 insertions(+), 4 deletions(-) + +diff --git a/src/core/main.c b/src/core/main.c +index 25536054b3..1ecdc47446 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -139,7 +139,14 @@ static NUMAPolicy arg_numa_policy; + static int parse_configuration(const struct rlimit *saved_rlimit_nofile, + const struct rlimit *saved_rlimit_memlock); + +-_noreturn_ static void freeze_or_reboot(void) { ++_noreturn_ static void freeze_or_exit_or_reboot(void) { ++ ++ /* If we are running in a contianer, let's prefer exiting, after all we can propagate an exit code to the ++ * container manager, and thus inform it that something went wrong. */ ++ if (detect_container() > 0) { ++ log_emergency("Exiting PID 1..."); ++ exit(EXIT_EXCEPTION); ++ } + + if (arg_crash_reboot) { + log_notice("Rebooting in 10s..."); +@@ -247,7 +254,7 @@ _noreturn_ static void crash(int sig) { + } + } + +- freeze_or_reboot(); ++ freeze_or_exit_or_reboot(); + } + + static void install_crash_handler(void) { +@@ -2664,8 +2671,8 @@ finish: + if (error_message) + manager_status_printf(NULL, STATUS_TYPE_EMERGENCY, + ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL, +- "%s, freezing.", error_message); +- freeze_or_reboot(); ++ "%s.", error_message); ++ freeze_or_exit_or_reboot(); + } + + return retval; +-- +2.18.1 + diff --git a/1005-Do-not-go-into-freeze-when-systemd-crashd.patch b/1005-Do-not-go-into-freeze-when-systemd-crashd.patch new file mode 100644 index 0000000..2b457bc --- /dev/null +++ b/1005-Do-not-go-into-freeze-when-systemd-crashd.patch @@ -0,0 +1,111 @@ +From d05802b22fda63164a1f12a60ebf726a44fbecb4 Mon Sep 17 00:00:00 2001 +From: Yuanhong Peng +Date: Mon, 14 Dec 2020 17:04:28 +0800 +Subject: [PATCH] Do not go into freeze when systemd crashd + +If something unexpected happens which cause systemd to freeze, the system +cannot resume without a reboot, furthermore, if a service dies or exits, +no one else can recycle all child processes of the service, which will +cause a number of zombie processes remaining in the system. So we +introduce a mechanism, when systemd enters freeze state, you can send +SIGTERM to it to force systemd to re-exec. This may helps to resume the +system if it cannot reboot. + +Signed-off-by: Yuanhong Peng +--- + src/core/main.c | 40 +++++++++++++++++++++++++++++++++++++++- + 1 file changed, 39 insertions(+), 1 deletion(-) + +diff --git a/src/core/main.c b/src/core/main.c +index 1ecdc47446..a72c685b20 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -3,6 +3,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -10,6 +11,7 @@ + #include + #include + #include ++#include + #include + #if HAVE_SECCOMP + #include +@@ -135,10 +137,41 @@ static sd_id128_t arg_machine_id; + static EmergencyAction arg_cad_burst_action; + static CPUSet arg_cpu_affinity; + static NUMAPolicy arg_numa_policy; ++static bool reexec_jmp_can = false; ++static bool reexec_jmp_inited = false; ++static sigjmp_buf reexec_jmp_buf; + + static int parse_configuration(const struct rlimit *saved_rlimit_nofile, + const struct rlimit *saved_rlimit_memlock); + ++static void reexec_handler(int sig) { ++ reexec_jmp_can = true; ++} ++ ++_noreturn_ static void freeze_wait_upgrade(void) { ++ struct sigaction sa; ++ sigset_t ss; ++ ++ sigemptyset(&ss); ++ sigaddset(&ss, SIGTERM); ++ sigprocmask(SIG_UNBLOCK, &ss, NULL); ++ ++ sa.sa_handler = reexec_handler; ++ sa.sa_flags = SA_RESTART; ++ sigaction(SIGTERM, &sa, NULL); ++ ++ log_error("freeze_wait_upgrade: %d\n", reexec_jmp_inited); ++ reexec_jmp_can = false; ++ while(1) { ++ usleep(10000); ++ if (reexec_jmp_inited && reexec_jmp_can) { ++ log_error("goto manager_reexecute.\n"); ++ siglongjmp(reexec_jmp_buf, 1); ++ } ++ waitpid(-1, NULL, WNOHANG); ++ } ++} ++ + _noreturn_ static void freeze_or_exit_or_reboot(void) { + + /* If we are running in a contianer, let's prefer exiting, after all we can propagate an exit code to the +@@ -158,7 +191,7 @@ _noreturn_ static void freeze_or_exit_or_reboot(void) { + } + + log_emergency("Freezing execution."); +- freeze(); ++ freeze_wait_upgrade(); + } + + _noreturn_ static void crash(int sig) { +@@ -1668,6 +1701,10 @@ static int invoke_main_loop( + assert(ret_switch_root_init); + assert(ret_error_message); + ++ reexec_jmp_inited = true; ++ if (sigsetjmp(reexec_jmp_buf, 1)) ++ goto manager_reexecute; ++ + for (;;) { + r = manager_loop(m); + if (r < 0) { +@@ -1710,6 +1747,7 @@ static int invoke_main_loop( + + case MANAGER_REEXECUTE: + ++manager_reexecute: + r = prepare_reexecute(m, &arg_serialization, ret_fds, false); + if (r < 0) { + *ret_error_message = "Failed to prepare for reexecution"; +-- +2.18.1 + diff --git a/1006-mount-setup-change-the-system-mount-propagation-to-s.patch b/1006-mount-setup-change-the-system-mount-propagation-to-s.patch new file mode 100644 index 0000000..4066dfd --- /dev/null +++ b/1006-mount-setup-change-the-system-mount-propagation-to-s.patch @@ -0,0 +1,77 @@ +From bdd65129e7fbd09c7e0c1fd7fbaffeb9b0b81e1d Mon Sep 17 00:00:00 2001 +From: Wen Yang +Date: Mon, 23 Mar 2020 10:42:46 +0800 +Subject: [PATCH] mount-setup: change the system mount propagation to + shared by default only at bootup + +The commit b3ac5f8cb987 has changed the system mount propagation to +shared by default, and according to the following patch: +https://github.com/opencontainers/runc/pull/208 +When starting the container, the pouch daemon will call runc to execute +make-private. + +However, if the systemctl daemon-reexec is executed after the container +has been started, the system mount propagation will be changed to share +again by default, and the make-private operation above will have no chance +to execute. + +cherry-picked from upstream f74349d8 without conflict. + +Signed-off-by: Yuanhong Peng +--- + src/core/main.c | 2 +- + src/core/mount-setup.c | 4 ++-- + src/core/mount-setup.h | 2 +- + 3 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/core/main.c b/src/core/main.c +index a72c685b20..55c54aecd5 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -2519,7 +2519,7 @@ int main(int argc, char *argv[]) { + if (!skip_setup) + kmod_setup(); + +- r = mount_setup(loaded_policy); ++ r = mount_setup(loaded_policy, skip_setup); + if (r < 0) { + error_message = "Failed to mount API filesystems"; + goto finish; +diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c +index b3cf13af2b..ff7fc18765 100644 +--- a/src/core/mount-setup.c ++++ b/src/core/mount-setup.c +@@ -400,7 +400,7 @@ static int relabel_cgroup_filesystems(void) { + } + #endif + +-int mount_setup(bool loaded_policy) { ++int mount_setup(bool loaded_policy, bool leave_propagation) { + int r = 0; + + r = mount_points_setup(ELEMENTSOF(mount_table), loaded_policy); +@@ -444,7 +444,7 @@ int mount_setup(bool loaded_policy) { + * needed. Note that we set this only when we are invoked directly by the kernel. If we are invoked by a + * container manager we assume the container manager knows what it is doing (for example, because it set up + * some directories with different propagation modes). */ +- if (detect_container() <= 0) ++ if (detect_container() <= 0 && !leave_propagation) + if (mount(NULL, "/", NULL, MS_REC|MS_SHARED, NULL) < 0) + log_warning_errno(errno, "Failed to set up the root directory for shared mount propagation: %m"); + +diff --git a/src/core/mount-setup.h b/src/core/mount-setup.h +index 43cd8908de..7a011b25c8 100644 +--- a/src/core/mount-setup.h ++++ b/src/core/mount-setup.h +@@ -4,7 +4,7 @@ + #include + + int mount_setup_early(void); +-int mount_setup(bool loaded_policy); ++int mount_setup(bool loaded_policy, bool leave_propagation); + + int mount_cgroup_controllers(char ***join_controllers); + +-- +2.18.1 + diff --git a/1007-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch b/1007-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch new file mode 100644 index 0000000..7936d17 --- /dev/null +++ b/1007-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch @@ -0,0 +1,32 @@ +From 334dddc80cb53561c49f9a7b4e5237a6451a9964 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 26 Oct 2018 15:31:30 +0200 +Subject: [PATCH] cgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() unsigned + +Otherwise doing comparing a CGroupMask (which is unsigned in effect) +with the result of CGROUP_CONTROLLER_TO_MASK() will result in warnings +about signedness differences. + +cherry-picked from upstream 46f84f95 without conflict. + +Signed-off-by: Yuanhong Peng +--- + src/basic/cgroup-util.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/cgroup-util.h b/src/basic/cgroup-util.h +index 1210b38a83..76659c3790 100644 +--- a/src/basic/cgroup-util.h ++++ b/src/basic/cgroup-util.h +@@ -31,7 +31,7 @@ typedef enum CGroupController { + _CGROUP_CONTROLLER_INVALID = -1, + } CGroupController; + +-#define CGROUP_CONTROLLER_TO_MASK(c) (1 << (c)) ++#define CGROUP_CONTROLLER_TO_MASK(c) (1U << (c)) + + /* A bit mask of well known cgroup controllers */ + typedef enum CGroupMask { +-- +2.18.1 + diff --git a/1008-cgroup-update-only-siblings-that-got-realized-once.patch b/1008-cgroup-update-only-siblings-that-got-realized-once.patch new file mode 100644 index 0000000..cd83cd1 --- /dev/null +++ b/1008-cgroup-update-only-siblings-that-got-realized-once.patch @@ -0,0 +1,67 @@ +From 18561b46343c94af359d74a48c34974739b46eeb Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Mon, 13 Jan 2020 20:06:39 +0100 +Subject: [PATCH] cgroup: update only siblings that got realized once + +Fixes: #14475 +Replaces: #14554 + +cherry-picked from upstream e1e98911 without conflict. + +Signed-off-by: Yuanhong Peng +--- + src/core/cgroup.c | 17 ++++++++++++++++- + 1 file changed, 16 insertions(+), 1 deletion(-) + +diff --git a/src/core/cgroup.c b/src/core/cgroup.c +index e0eb184fd2..00121e3f37 100644 +--- a/src/core/cgroup.c ++++ b/src/core/cgroup.c +@@ -1964,7 +1964,15 @@ static void unit_add_siblings_to_cgroup_realize_queue(Unit *u) { + Unit *slice; + + /* This adds the siblings of the specified unit and the siblings of all parent units to the cgroup +- * queue. (But neither the specified unit itself nor the parents.) */ ++ * queue. (But neither the specified unit itself nor the parents.) ++ * ++ * Propagation of realization "side-ways" (i.e. towards siblings) is in relevant on cgroup-v1 where ++ * scheduling become very weird if two units that own processes reside in the same slice, but one is ++ * realized in the "cpu" hierarchy and once is not (for example because one has CPUWeight= set and ++ * the other does not), because that means processes need to be scheduled against groups. Let's avoid ++ * this asymmetry by always ensuring that units below a slice that are realized at all are hence ++ * always realized in *all* their hierarchies, and it is sufficient for a unit's sibling to be ++ * realized for a unit to be realized too. */ + + while ((slice = UNIT_DEREF(u->slice))) { + Iterator i; +@@ -1972,6 +1980,7 @@ static void unit_add_siblings_to_cgroup_realize_queue(Unit *u) { + void *v; + + HASHMAP_FOREACH_KEY(v, m, slice->dependencies[UNIT_BEFORE], i) { ++ + /* Skip units that have a dependency on the slice but aren't actually in it. */ + if (UNIT_DEREF(m->slice) != slice) + continue; +@@ -1980,6 +1989,11 @@ static void unit_add_siblings_to_cgroup_realize_queue(Unit *u) { + if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(m))) + continue; + ++ /* We only enqueue siblings if they were realized once at least, in the main ++ * hierarchy. */ ++ if (!m->cgroup_realized) ++ continue; ++ + /* If the unit doesn't need any new controllers and has current ones realized, it + * doesn't need any changes. */ + if (unit_has_mask_realized(m, +@@ -2264,6 +2278,7 @@ void unit_add_to_cgroup_empty_queue(Unit *u) { + /* Let's verify that the cgroup is really empty */ + if (!u->cgroup_path) + return; ++ + r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path); + if (r < 0) { + log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path); +-- +2.18.1 + diff --git a/1009-core-add-a-config-item-to-support-setting-the-value-.patch b/1009-core-add-a-config-item-to-support-setting-the-value-.patch new file mode 100644 index 0000000..08d87b1 --- /dev/null +++ b/1009-core-add-a-config-item-to-support-setting-the-value-.patch @@ -0,0 +1,121 @@ +From 729300a386ee380406b6ea92e0924877066b1a3d Mon Sep 17 00:00:00 2001 +From: Yuanhong Peng +Date: Tue, 15 Dec 2020 11:47:49 +0800 +Subject: [PATCH] core: add a config item to support setting the value + of cpuset.clone_children when systemd is starting + +Signed-off-by: Yuanhong Peng +--- + src/core/main.c | 68 +++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 68 insertions(+) + +diff --git a/src/core/main.c b/src/core/main.c +index 55c54aecd5..f241707842 100644 +--- a/src/core/main.c ++++ b/src/core/main.c +@@ -140,6 +140,7 @@ static NUMAPolicy arg_numa_policy; + static bool reexec_jmp_can = false; + static bool reexec_jmp_inited = false; + static sigjmp_buf reexec_jmp_buf; ++static bool arg_default_cpuset_clone_children = false; + + static int parse_configuration(const struct rlimit *saved_rlimit_nofile, + const struct rlimit *saved_rlimit_memlock); +@@ -528,6 +529,14 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat + + parse_path_argument_and_warn(value, false, &arg_watchdog_device); + ++ } else if (proc_cmdline_key_streq(key, "systemd.cpuset_clone_children") && value) { ++ ++ r = parse_boolean(value); ++ if (r < 0) ++ log_warning("Failed to parse cpuset_clone_children switch %s. Ignoring.", value); ++ else ++ arg_default_cpuset_clone_children = r; ++ + } else if (streq(key, "quiet") && !value) { + + if (arg_show_status == _SHOW_STATUS_UNSET) +@@ -756,6 +765,7 @@ static int parse_config_file(void) { + { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting }, + { "Manager", "DefaultTasksMax", config_parse_tasks_max, 0, &arg_default_tasks_max }, + { "Manager", "CtrlAltDelBurstAction", config_parse_emergency_action, 0, &arg_cad_burst_action }, ++ { "Manager", "DefaultCPUSetCloneChildren",config_parse_bool, 0, &arg_default_cpuset_clone_children }, + {} + }; + +@@ -1872,6 +1882,63 @@ static void log_execution_mode(bool *ret_first_boot) { + } + } + ++static bool is_use_triple_cgroup(void) { ++ const char * path ="/sys/fs/cgroup/cpuset"; ++ _cleanup_strv_free_ char **l = NULL; ++ char buf[128] = {0}; ++ int r; ++ ++ r = is_symlink(path); ++ if (r <= 0) ++ return false; ++ ++ r = readlink(path, buf, sizeof(buf)); ++ if (r < 0 || (unsigned int)r >= sizeof(buf)) ++ return false; ++ ++ buf[r] = '\0'; ++ l = strv_split(buf, ","); ++ if (!l) ++ return false; ++ ++ strv_sort(l); ++ if (strv_length(l) != 3) ++ return false; ++ ++ if (streq(l[0],"cpu") && streq(l[1], "cpuacct") && ++ streq(l[2], "cpuset")) { ++ log_debug(PACKAGE_STRING " use_triple_cgroup: %s", buf); ++ return true; ++ } ++ return false; ++} ++ ++static int ali_handle_cpuset_clone_children(void) ++{ ++ const char *file = "/sys/fs/cgroup/cpuset/cgroup.clone_children"; ++ _cleanup_free_ char *buf = NULL; ++ int r; ++ ++ r = read_one_line_file(file, &buf); ++ if (r < 0) { ++ log_warning_errno(r, "Cannot read %s: %m", file); ++ return r; ++ } ++ ++ if (streq(buf, "1") && arg_default_cpuset_clone_children) ++ return 0; ++ ++ if (streq(buf, "0") && (!arg_default_cpuset_clone_children)) ++ return 0; ++ ++ if (!is_use_triple_cgroup()) ++ return 0; ++ ++ r = write_string_file(file, one_zero(arg_default_cpuset_clone_children), 0); ++ log_info(PACKAGE_STRING " set %s to %s, ret=%d", file, one_zero(arg_default_cpuset_clone_children), r); ++ return r; ++} ++ + static int initialize_runtime( + bool skip_setup, + struct rlimit *saved_rlimit_nofile, +@@ -1906,6 +1973,7 @@ static int initialize_runtime( + return r; + } + ++ ali_handle_cpuset_clone_children(); + status_welcome(); + hostname_setup(); + machine_id_setup(NULL, arg_machine_id, NULL); +-- +2.18.1 + diff --git a/systemd.spec b/systemd.spec index 074c6ef..7da18e4 100644 --- a/systemd.spec +++ b/systemd.spec @@ -1,3 +1,5 @@ +%define anolis_release .0.1 + #global gitcommit 10e465b5321bd53c1fc59ffab27e724535c6bc0f %{?gitcommit:%global gitcommitshort %(c=%{gitcommit}; echo ${c:0:7})} @@ -13,7 +15,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 239 -Release: 51%{?dist}.5 +Release: 51%{anolis_release}%{?dist}.5 # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: System and Service Manager @@ -738,6 +740,15 @@ Patch0685: 0685-udev-net_id-remove-extraneous-bracket.patch Patch0686: 0686-mount-do-not-update-exec-deps-on-mountinfo-changes.patch Patch0687: 0687-core-mount-add-implicit-unit-dependencies-even-if-wh.patch +Patch1001: 1001-core-fix-a-null-reference-case-in-load_from_path.patch +Patch1002: 1002-sysctl-Don-t-pass-null-directive-argument-to-s.patch +Patch1003: 1003-exit-status-introduce-EXIT_EXCEPTION-mapping-to-255.patch +Patch1004: 1004-main-don-t-freeze-PID-1-in-containers-exit-with-non-.patch +Patch1005: 1005-Do-not-go-into-freeze-when-systemd-crashd.patch +Patch1006: 1006-mount-setup-change-the-system-mount-propagation-to-s.patch +Patch1007: 1007-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch +Patch1008: 1008-cgroup-update-only-siblings-that-got-realized-once.patch +Patch1009: 1009-core-add-a-config-item-to-support-setting-the-value-.patch %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 @@ -1364,6 +1375,17 @@ fi %files tests -f .file-list-tests %changelog +* Wed Mar 16 2022 Yuanhong Peng - 239-51.5.0.1 +- core: fix a null reference case in load_from_path() +- sysctl: Don't pass null directive argument to '%s' +- exit-status: introduce EXIT_EXCEPTION mapping to 255 +- main: don't freeze PID 1 in containers, exit with non-zero instead +- Do not go into freeze when systemd crashd +- mount-setup: change the system mount propagation to shared by default only at bootup +- cgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() unsigned +- cgroup: update only siblings that got realized once +- core: add a config item to support setting the value of cpuset.clone_children when systemd is starting + * Tue Jan 25 2022 systemd maintenance team - 239-51.5 - mount: do not update exec deps on mountinfo changes (#2038878) - core/mount: add implicit unit dependencies even if when mount unit is generated from /proc/self/mountinfo (#2038878) -- Gitee From 1bc0c8aeeb7e0690d9b28736f26d15aeb3dcb2f7 Mon Sep 17 00:00:00 2001 From: gongwen Date: Sun, 29 Aug 2021 10:56:49 +0800 Subject: [PATCH 3/3] support loongarch Signed-off-by: Yuanhong Peng --- 1010-systemd-anolis-support-loongarch64.patch | 56 +++++++++++++++++++ systemd.spec | 2 + 2 files changed, 58 insertions(+) create mode 100644 1010-systemd-anolis-support-loongarch64.patch diff --git a/1010-systemd-anolis-support-loongarch64.patch b/1010-systemd-anolis-support-loongarch64.patch new file mode 100644 index 0000000..8f23b97 --- /dev/null +++ b/1010-systemd-anolis-support-loongarch64.patch @@ -0,0 +1,56 @@ +From bd646124c244f6de65cd829b33f5912c1d540bb4 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Fri, 6 Aug 2021 08:15:19 +0000 +Subject: [PATCH] support loongarch64 for systemd + +--- + src/basic/architecture.c | 3 +++ + src/basic/architecture.h | 4 ++++ + 2 files changed, 7 insertions(+) + +diff --git a/src/basic/architecture.c b/src/basic/architecture.c +index 85837b5..3807ea5 100644 +--- a/src/basic/architecture.c ++++ b/src/basic/architecture.c +@@ -118,6 +118,8 @@ int uname_architecture(void) { + #elif defined(__arc__) + { "arc", ARCHITECTURE_ARC }, + { "arceb", ARCHITECTURE_ARC_BE }, ++#elif defined(__loongarch64) ++ { "loongarch64", ARCHITECTURE_LOONGARCH64 }, + #else + #error "Please register your architecture here!" + #endif +@@ -173,6 +175,7 @@ static const char *const architecture_table[_ARCHITECTURE_MAX] = { + [ARCHITECTURE_RISCV64] = "riscv64", + [ARCHITECTURE_ARC] = "arc", + [ARCHITECTURE_ARC_BE] = "arc-be", ++ [ARCHITECTURE_LOONGARCH64] = "loongarch64", + }; + + DEFINE_STRING_TABLE_LOOKUP(architecture, int); +diff --git a/src/basic/architecture.h b/src/basic/architecture.h +index 443e890..935622c 100644 +--- a/src/basic/architecture.h ++++ b/src/basic/architecture.h +@@ -44,6 +44,7 @@ enum { + ARCHITECTURE_RISCV64, + ARCHITECTURE_ARC, + ARCHITECTURE_ARC_BE, ++ ARCHITECTURE_LOONGARCH64, + _ARCHITECTURE_MAX, + _ARCHITECTURE_INVALID = -1 + }; +@@ -229,6 +230,9 @@ int uname_architecture(void); + # define native_architecture() ARCHITECTURE_ARC + # define LIB_ARCH_TUPLE "arc-linux" + # endif ++#elif defined(__loongarch64) ++# define native_architecture() ARCHITECTURE_LOONGARCH64 ++# define LIB_ARCH_TUPLE "loongarch64-linux-gnu" + #else + # error "Please register your architecture here!" + #endif +-- +2.27.0 + diff --git a/systemd.spec b/systemd.spec index 7da18e4..d5f0bfa 100644 --- a/systemd.spec +++ b/systemd.spec @@ -749,6 +749,7 @@ Patch1006: 1006-mount-setup-change-the-system-mount-propagation-to-s.patch Patch1007: 1007-cgroup-util-make-definition-of-CGROUP_CONTROLLER_TO_.patch Patch1008: 1008-cgroup-update-only-siblings-that-got-realized-once.patch Patch1009: 1009-core-add-a-config-item-to-support-setting-the-value-.patch +Patch1010: 1010-systemd-anolis-support-loongarch64.patch %ifarch %{ix86} x86_64 aarch64 %global have_gnu_efi 1 @@ -1385,6 +1386,7 @@ fi - cgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() unsigned - cgroup: update only siblings that got realized once - core: add a config item to support setting the value of cpuset.clone_children when systemd is starting +- support loongarch for systemd * Tue Jan 25 2022 systemd maintenance team - 239-51.5 - mount: do not update exec deps on mountinfo changes (#2038878) -- Gitee