diff --git a/backport-core-fix-SIGABRT-on-empty-exec-command-argv.patch b/backport-core-fix-SIGABRT-on-empty-exec-command-argv.patch new file mode 100644 index 0000000..a0ce87f --- /dev/null +++ b/backport-core-fix-SIGABRT-on-empty-exec-command-argv.patch @@ -0,0 +1,63 @@ +From b050bba79ba0e6150c46d5644037f4d32efca0b4 Mon Sep 17 00:00:00 2001 +From: Henri Chain +Date: Tue, 5 Oct 2021 13:10:31 +0200 +Subject: [PATCH] core: fix SIGABRT on empty exec command argv + +This verifies that the argv part of any exec_command parameters that +are sent through dbus is not empty at deserialization time. + +There is an additional check in service.c service_verify() that again +checks if all exec_commands are correctly populated, after the service +has been loaded, whether through dbus or otherwise. + +Fixes #20933. + +(cherry picked from commit 29500cf8c47e6eb0518d171d62aa8213020c9152) +(cherry picked from commit 7a58bf7aac8b2c812ee0531b0cc426e0067edd35) + +Conflict:testsuite-23.sh is not exist, so unsynchronized modifications in testsuite-23.sh +Reference:https://github.com/systemd/systemd-stable/commit/b050bba79ba0e6150c46d5644037f4d32efca0b4 +--- + src/core/dbus-execute.c | 4 ++++ + src/core/service.c | 10 ++++++++++ + 2 files changed, 14 insertions(+) + +diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c +index f2e40a3..7315a3f 100644 +--- a/src/core/dbus-execute.c ++++ b/src/core/dbus-execute.c +@@ -1039,6 +1039,10 @@ int bus_set_transient_exec_command( + if (r < 0) + return r; + ++ if (strv_isempty(argv)) ++ return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, ++ "\"%s\" argv cannot be empty", name); ++ + r = is_ex_prop ? sd_bus_message_read_strv(message, &ex_opts) : sd_bus_message_read(message, "b", &b); + if (r < 0) + return r; +diff --git a/src/core/service.c b/src/core/service.c +index 95a3ded..3cb0c07 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -553,6 +553,16 @@ static int service_verify(Service *s) { + if (UNIT(s)->load_state != UNIT_LOADED) + return 0; + ++ for (ServiceExecCommand c = 0; c < _SERVICE_EXEC_COMMAND_MAX; c++) { ++ ExecCommand *command; ++ ++ LIST_FOREACH(command, command, s->exec_command[c]) ++ if (strv_isempty(command->argv)) ++ return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOEXEC), ++ "Service has an empty argv in %s=. Refusing.", ++ service_exec_command_to_string(c)); ++ } ++ + if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP] + && UNIT(s)->success_action == EMERGENCY_ACTION_NONE) { + /* FailureAction= only makes sense if one of the start or stop commands is specified. +-- +2.27.0 + diff --git a/backport-core-service-also-check-path-in-exec-commands.patch b/backport-core-service-also-check-path-in-exec-commands.patch new file mode 100644 index 0000000..105cfb8 --- /dev/null +++ b/backport-core-service-also-check-path-in-exec-commands.patch @@ -0,0 +1,40 @@ +From b1b3716efebb7c52254b7029a05b1ec0c8d317bd Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 6 Oct 2021 00:19:41 +0900 +Subject: [PATCH] core/service: also check path in exec commands + +(cherry picked from commit 8688a389cabdff61efe187bb85cc1776de03c460) +(cherry picked from commit b3978cf401306a793c7531299a5e9b3c63e53a27) + +Conflict:different code contexts, manual synchronization path +Reference:https://github.com/systemd/systemd-stable/commit/bf7eedbf8f8c83d9e775c80275f98f506ec963c6 +--- + src/core/service.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/src/core/service.c b/src/core/service.c +index 8c6f9837a7..3e1c0ddb5b 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -551,11 +551,17 @@ static int service_verify(Service *s) { + for (ServiceExecCommand c = 0; c < _SERVICE_EXEC_COMMAND_MAX; c++) { + ExecCommand *command; + +- LIST_FOREACH(command, command, s->exec_command[c]) ++ LIST_FOREACH(command, command, s->exec_command[c]) { ++ if (!path_is_absolute(command->path) && !filename_is_valid(command->path)) ++ return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOEXEC), ++ "Service %s= binary path \"%s\" is neither a valid executable name nor an absolute path. Refusing.", ++ command->path, ++ service_exec_command_to_string(c)); + if (strv_isempty(command->argv)) + return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOEXEC), + "Service has an empty argv in %s=. Refusing.", + service_exec_command_to_string(c)); ++ } + } + + if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP] +-- +2.27.0 + diff --git a/backport-core-when-looping-over-mount-swap-names-continue-if-.patch b/backport-core-when-looping-over-mount-swap-names-continue-if-.patch new file mode 100644 index 0000000..aefd377 --- /dev/null +++ b/backport-core-when-looping-over-mount-swap-names-continue-if-.patch @@ -0,0 +1,59 @@ +From f564342089ab56e44bf7240d19b860f2ed003e58 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 1 Jun 2021 22:20:55 +0200 +Subject: [PATCH] core: when looping over mount/swap names, continue if we find + one which doesn't translate to a valid unit name + +(cherry picked from commit 598a6a8491abd311d36b11caf262123fbbffb2c0) + +Conflict:NA +Reference:https://github.com/systemd/systemd-stable/commit/f564342089ab56e44bf7240d19b860f2ed003e58 +--- + src/core/swap.c | 3 +++ + src/core/unit.c | 11 ++++++----- + 2 files changed, 9 insertions(+), 5 deletions(-) + +diff --git a/src/core/swap.c b/src/core/swap.c +index a81b1928b8..ca09cf0e1c 100644 +--- a/src/core/swap.c ++++ b/src/core/swap.c +@@ -1448,6 +1448,9 @@ int swap_process_device_new(Manager *m, sd_device *dev) { + int q; + + q = unit_name_from_path(devlink, ".swap", &n); ++ if (IN_SET(q, -EINVAL, -ENAMETOOLONG)) /* If name too long or otherwise not convertible to ++ * unit name, we can't manage it */ ++ continue; + if (q < 0) + return q; + +diff --git a/src/core/unit.c b/src/core/unit.c +index c212f1043d..02df6d8d19 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -1275,16 +1275,17 @@ static int unit_add_mount_dependencies(Unit *u) { + Unit *m; + + r = unit_name_from_path(prefix, ".mount", &p); ++ if (IN_SET(r, -EINVAL, -ENAMETOOLONG)) ++ continue; /* If the path cannot be converted to a mount unit name, then it's ++ * not managable as a unit by systemd, and hence we don't need a ++ * dependency on it. Let's thus silently ignore the issue. */ + if (r < 0) + return r; + + m = manager_get_unit(u->manager, p); + if (!m) { +- /* Make sure to load the mount unit if +- * it exists. If so the dependencies +- * on this unit will be added later +- * during the loading of the mount +- * unit. */ ++ /* Make sure to load the mount unit if it exists. If so the dependencies on ++ * this unit will be added later during the loading of the mount unit. */ + (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m); + continue; + } +-- +2.27.0 + diff --git a/backport-dissect-ext4-and-loopback-files-are-unimpressed-by-r.patch b/backport-dissect-ext4-and-loopback-files-are-unimpressed-by-r.patch new file mode 100644 index 0000000..b73313a --- /dev/null +++ b/backport-dissect-ext4-and-loopback-files-are-unimpressed-by-r.patch @@ -0,0 +1,58 @@ +From 8c7bc71e772899a401b377711b63de32a67c951d Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Mon, 19 Apr 2021 22:47:33 +0200 +Subject: [PATCH] dissect: ext4 and loopback files are unimpressed by read-only + access + +Even if we set up a loopback device read-only and mount it read-only +this means nothing, ext4 will still write through to the backing storage +file. + +Yes, I lost 6h debugging time on this. + +Apparently, we have to specify "norecovery" when mounting such file +systems, to force them into truly read-only mode. Let's do so. + +(cherry picked from commit b620bf332f575ba9b8e4cd60c93446a0c35c23e8) + +Conflict:different code contexts, manual synchronization path +Reference:https://github.com/systemd/systemd/commit/8c7bc71e772899a401b377711b63de32a67c951d +--- + src/shared/dissect-image.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c +index 210bf31..67cb054 100644 +--- a/src/shared/dissect-image.c ++++ b/src/shared/dissect-image.c +@@ -860,6 +860,27 @@ static int mount_partition( + return -ENOMEM; + } + ++ /* So, when you request MS_RDONLY from ext4, then this means nothing. It happily still writes to the ++ * backing storage. What's worse, the BLKRO[GS]ET flag and (in case of loopback devices) ++ * LO_FLAGS_READ_ONLY don't mean anything, they affect userspace accesses only, and write accesses ++ * from the upper file system still get propagated through to the underlying file system, ++ * unrestricted. To actually get ext4/xfs/btrfs to stop writing to the device we need to specify ++ * "norecovery" as mount option, in addition to MS_RDONLY. Yes, this sucks, since it means we need to ++ * carry a per file system table here. ++ * ++ * Note that this means that we might not be able to mount corrupted file systems as read-only ++ * anymore (since in some cases the kernel implementations will refuse mounting when corrupted, ++ * read-only and "norecovery" is specified). But I think for the case of automatically determined ++ * mount options for loopback devices this is the right choice, since otherwise using the same ++ * loopback file twice even in read-only mode, is going to fail badly sooner or later. The usecase of ++ * making reuse of the immutable images "just work" is more relevant to us than having read-only ++ * access that actually modifies stuff work on such image files. Or to say this differently: if ++ * people want their file systems to be fixed up they should just open them in writable mode, where ++ * all these problems don't exist. */ ++ if (!rw && STRPTR_IN_SET(fstype, "ext3", "ext4", "xfs", "btrfs")) ++ if (!strextend_with_separator(&options, ",", "norecovery", NULL)) ++ return -ENOMEM; ++ + r = mount_verbose(LOG_DEBUG, node, p, fstype, MS_NODEV|(rw ? 0 : MS_RDONLY), options); + if (r < 0) + return r; +-- +2.27.0 + diff --git a/backport-journalctl-never-fail-at-flushing-when-the-flushed-f.patch b/backport-journalctl-never-fail-at-flushing-when-the-flushed-f.patch new file mode 100644 index 0000000..4f85de3 --- /dev/null +++ b/backport-journalctl-never-fail-at-flushing-when-the-flushed-f.patch @@ -0,0 +1,45 @@ +From 44cea384e5788a2dd4ea8197927be658f89f8877 Mon Sep 17 00:00:00 2001 +From: Franck Bui +Date: Wed, 4 Aug 2021 11:20:07 +0200 +Subject: [PATCH] journalctl: never fail at flushing when the flushed flag is + set + +Even if journald was not running, flushing the volatile journal used to work if +the journal was already flushed (ie the flushed flag +/run/systemd/journald/flushed was created). + +However since commit 4f413af2a0a, this behavior changed and now '--flush' fails +because it tries to contact journald without checking the presence of the +flushed flag anymore. + +This patch restores the previous behavior since there's no reason to fail when +journalctl can figure out that the flush is not necessary. + +(cherry picked from commit f6fca35e642a112e80cc9bddb9a2b4805ad40df2) +(cherry picked from commit dc331f4c9268d17a66f4393cfd0dba14c7022d41) + +Conflict:NA +Reference:https://github.com/systemd/systemd-stable/commit/44cea384e5788a2dd4ea8197927be658f89f8877 +--- + src/journal/journalctl.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c +index 76d05c1eee..7b73933c87 100644 +--- a/src/journal/journalctl.c ++++ b/src/journal/journalctl.c +@@ -2074,6 +2074,11 @@ static int simple_varlink_call(const char *option, const char *method) { + } + + static int flush_to_var(void) { ++ if (access("/run/systemd/journal/flushed", F_OK) >= 0) ++ return 0; /* Already flushed, no need to contact journald */ ++ if (errno != ENOENT) ++ return log_error_errno(errno, "Unable to check for existence of /run/systemd/journal/flushed: %m"); ++ + return simple_varlink_call("--flush", "io.systemd.Journal.FlushToVar"); + } + +-- +2.27.0 + diff --git a/backport-libblkid-open-device-in-nonblock-mode.patch b/backport-libblkid-open-device-in-nonblock-mode.patch new file mode 100644 index 0000000..45c1d5f --- /dev/null +++ b/backport-libblkid-open-device-in-nonblock-mode.patch @@ -0,0 +1,46 @@ +From 581e2d96fccde1d367ead9f12fadf4a1ea6affe3 Mon Sep 17 00:00:00 2001 +From: Michal Suchanek +Date: Mon, 4 Nov 2019 21:23:15 +0100 +Subject: [PATCH] libblkid: open device in nonblock mode. + +Conflict:NA +Reference:https://github.com/systemd/systemd/commit/581e2d96fccde1d367ead9f12fadf4a1ea6affe3 + +When autoclose is set (kernel default but many distributions reverse the +setting) opening a CD-rom device causes the tray to close. + +The function of blkid is to report the current state of the device and +not to change it. Hence it should use O_NONBLOCK when opening the +device to avoid closing a CD-rom tray. + +blkid is used liberally in scripts so it can potentially interfere with +the user operating the CD-rom hardware. + +[kzak@redhat.com: add O_NONBLOCK also to: + - wipefs + - blkid_new_probe_from_filename() + - blkid_evaluate_tag()] + +Signed-off-by: Michal Suchanek +Signed-off-by: Karel Zak +(cherry picked from commit 39f5af25982d8b0244000e92a9d0e0e6557d0e17) +--- + src/udev/udev-builtin-blkid.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udev/udev-builtin-blkid.c b/src/udev/udev-builtin-blkid.c +index 8798a5a5e2..1df41dab36 100644 +--- a/src/udev/udev-builtin-blkid.c ++++ b/src/udev/udev-builtin-blkid.c +@@ -264,7 +264,7 @@ static int builtin_blkid(sd_device *dev, int argc, char *argv[], bool test) { + if (r < 0) + return log_device_debug_errno(dev, r, "Failed to get device name: %m"); + +- fd = open(devnode, O_RDONLY|O_CLOEXEC); ++ fd = open(devnode, O_RDONLY|O_CLOEXEC|O_NONBLOCK); + if (fd < 0) + return log_device_debug_errno(dev, errno, "Failed to open block device %s: %m", devnode); + +-- +2.23.0 + diff --git a/backport-mount-until-make-sure-we-ll-exit-bind_remount_recurs.patch b/backport-mount-until-make-sure-we-ll-exit-bind_remount_recurs.patch new file mode 100644 index 0000000..ac0aa8e --- /dev/null +++ b/backport-mount-until-make-sure-we-ll-exit-bind_remount_recurs.patch @@ -0,0 +1,42 @@ +From 0ae299022a0d7a05e6bc044f5e54f534f6cc6dbf Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 24 Mar 2021 13:47:17 +0100 +Subject: [PATCH] mount-until: make sure we'll exit + bind_remount_recursive_with_mountinfo() loop eventually + +Just some robustness given that /proc/self/mountinfo was previously +broken in the kernel. + +(cherry picked from commit 670e8efd6083bfef6186d33fa3b7dc90810d14ca) + +Conflict:different code contexts, manual synchronization path +Reference:https://github.com/systemd/systemd-stable/commit/0ae299022a0d7a05e6bc044f5e54f534f6cc6dbf +--- + src/shared/mount-util.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/shared/mount-util.c b/src/shared/mount-util.c +index e5fc3d0..520894a 100644 +--- a/src/shared/mount-util.c ++++ b/src/shared/mount-util.c +@@ -119,6 +119,7 @@ int bind_remount_recursive_with_mountinfo( + + _cleanup_set_free_free_ Set *done = NULL; + _cleanup_free_ char *cleaned = NULL; ++ unsigned n_tries = 0; + int r; + + assert(proc_self_mountinfo); +@@ -152,6 +153,9 @@ int bind_remount_recursive_with_mountinfo( + char *x; + unsigned long orig_flags; + ++ if (n_tries++ >= 32) /* Let's not retry this loop forever */ ++ return -EBUSY; ++ + todo = set_new(&path_hash_ops); + if (!todo) + return -ENOMEM; +-- +2.27.0 + diff --git a/backport-sd-device-do-no-allocate-strings-of-unknown-length-o.patch b/backport-sd-device-do-no-allocate-strings-of-unknown-length-o.patch new file mode 100644 index 0000000..2883446 --- /dev/null +++ b/backport-sd-device-do-no-allocate-strings-of-unknown-length-o.patch @@ -0,0 +1,125 @@ +From 7e0f374aaca4d964c880d5966811ce2ecfdda94f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 5 May 2021 16:49:41 +0200 +Subject: [PATCH] sd-device: do no allocate strings of unknown length on the + stack + +Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33881. + +Not only we would duplicate unknown input on the stack, we would do it +over and over. So let's first check that the input has reasonable length, +but also allocate just one fixed size buffer. + +(cherry picked from commit e17c95af8e450caacde692875b30675cea75211f) +(cherry picked from commit 5172ef4a58bda5be18dcdbbe0abd2c6bb4f08743) + +Conflict:NA +Reference:https://github.com/systemd/systemd-stable/commit/7e0f374aaca4d964c880d5966811ce2ecfdda94f +--- + src/libsystemd/sd-device/sd-device.c | 54 ++++++++++----------- + 1 files changed, 27 insertions(+), 27 deletions(-) + +diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c +index d1aa3282bf..6e05ba586f 100644 +--- a/src/libsystemd/sd-device/sd-device.c ++++ b/src/libsystemd/sd-device/sd-device.c +@@ -246,29 +246,31 @@ _public_ int sd_device_new_from_devnum(sd_device **ret, char type, dev_t devnum) + } + + _public_ int sd_device_new_from_subsystem_sysname(sd_device **ret, const char *subsystem, const char *sysname) { +- char *name, *syspath; +- size_t len = 0; ++ char syspath[PATH_MAX], *name; + + assert_return(ret, -EINVAL); + assert_return(subsystem, -EINVAL); + assert_return(sysname, -EINVAL); ++ assert_return(strlen(sysname) < PATH_MAX - strlen("/sys/bus/"), -ENAMETOOLONG); + + if (streq(subsystem, "subsystem")) { +- syspath = strjoina("/sys/subsystem/", sysname); +- if (access(syspath, F_OK) >= 0) ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/subsystem/%s", sysname) && ++ access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); + +- syspath = strjoina("/sys/bus/", sysname); +- if (access(syspath, F_OK) >= 0) ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/bus/%s", sysname) && ++ access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); + +- syspath = strjoina("/sys/class/", sysname); +- if (access(syspath, F_OK) >= 0) ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/class/%s", sysname) && ++ access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); ++ + } else if (streq(subsystem, "module")) { +- syspath = strjoina("/sys/module/", sysname); +- if (access(syspath, F_OK) >= 0) ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/module/%s", sysname) && ++ access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); ++ + } else if (streq(subsystem, "drivers")) { + char subsys[PATH_MAX]; + char *driver; +@@ -279,39 +281,37 @@ _public_ int sd_device_new_from_subsystem_sysname(sd_device **ret, const char *s + driver[0] = '\0'; + driver++; + +- syspath = strjoina("/sys/subsystem/", subsys, "/drivers/", driver); +- if (access(syspath, F_OK) >= 0) ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/subsystem/%s/drivers/%s", subsys, driver) && ++ access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); + +- syspath = strjoina("/sys/bus/", subsys, "/drivers/", driver); +- if (access(syspath, F_OK) >= 0) ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/bus/%s/drivers/%s", subsys, driver) && ++ access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); + } + } + + /* translate sysname back to sysfs filename */ + name = strdupa(sysname); +- while (name[len] != '\0') { +- if (name[len] == '/') +- name[len] = '!'; + +- len++; +- } ++ for (size_t i = 0; name[i]; i++) ++ if (name[i] == '/') ++ name[i] = '!'; + +- syspath = strjoina("/sys/subsystem/", subsystem, "/devices/", name); +- if (access(syspath, F_OK) >= 0) ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/subsystem/%s/devices/%s", subsystem, name) && ++ access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); + +- syspath = strjoina("/sys/bus/", subsystem, "/devices/", name); +- if (access(syspath, F_OK) >= 0) ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/bus/%s/devices/%s", subsystem, name) && ++ access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); + +- syspath = strjoina("/sys/class/", subsystem, "/", name); +- if (access(syspath, F_OK) >= 0) ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/class/%s/%s", subsystem, name) && ++ access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); + +- syspath = strjoina("/sys/firmware/", subsystem, "/", sysname); +- if (access(syspath, F_OK) >= 0) ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/firmware/%s/%s", subsystem, sysname) && ++ access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); + + return -ENODEV; +-- +2.23.0 + diff --git a/backport-sd-device-minor-optimization-for-sd_device_new_from_.patch b/backport-sd-device-minor-optimization-for-sd_device_new_from_.patch new file mode 100644 index 0000000..5305fd2 --- /dev/null +++ b/backport-sd-device-minor-optimization-for-sd_device_new_from_.patch @@ -0,0 +1,41 @@ +From d7ea7c486a0101dae06a9aca290bfafa46bc1fe2 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sun, 7 Mar 2021 15:24:15 +0900 +Subject: [PATCH] sd-device: minor optimization for + sd_device_new_from_device_id() + +(cherry picked from commit ff7a8d2938b24cb7ca7b69900395ecf837a43a23) + +Conflict:input parameters of parse_ifindex() is different, and it does not affect the function of this patch, so ignore parse_ifindex() modifications +Reference:https://github.com/systemd/systemd-stable/commit/d7ea7c486a0101dae06a9aca290bfafa46bc1fe2 +--- + src/libsystemd/sd-device/sd-device.c | 11 +++++------ + 1 file changed, 5 insertions(+), 6 deletions(-) + +diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c +index bb4d453cee..da5fd2b734 100644 +--- a/src/libsystemd/sd-device/sd-device.c ++++ b/src/libsystemd/sd-device/sd-device.c +@@ -653,15 +653,14 @@ _public_ int sd_device_new_from_device_id(sd_device **ret, const char *id) { + } + + case '+': { +- char subsys[PATH_MAX]; +- char *sysname; ++ char subsys[NAME_MAX+1]; /* NAME_MAX does not include the trailing NUL. */ ++ const char *sysname; + +- (void) strscpy(subsys, sizeof(subsys), id + 1); +- sysname = strchr(subsys, ':'); ++ sysname = strchr(id + 1, ':'); + if (!sysname) + return -EINVAL; + +- sysname[0] = '\0'; ++ (void) strnscpy(subsys, sizeof(subsys), id + 1, sysname - id - 1); + sysname++; + + return sd_device_new_from_subsystem_sysname(ret, subsys, sysname); +-- +2.27.0 + diff --git a/backport-sd-device-reject-empty-driver-name.patch b/backport-sd-device-reject-empty-driver-name.patch new file mode 100644 index 0000000..ccb5dca --- /dev/null +++ b/backport-sd-device-reject-empty-driver-name.patch @@ -0,0 +1,31 @@ +From 92e5ba438d48a798807104d8aed4e480c58c6465 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 5 May 2021 17:02:49 +0200 +Subject: [PATCH] sd-device: reject empty driver name + +If ":" was the last char in the string, we would call access() on ".../drivers/", which +would pass. It probably doesn't matter, but let's reject this anyway. + +(cherry picked from commit 52a89a5f08230439f07c043d59ded1270842137b) +Conflict:NA +Reference:https://github.com/systemd/systemd-stable/commit/92e5ba438d48a798807104d8aed4e480c58c6465 +--- + src/libsystemd/sd-device/sd-device.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c +index c041660faf..d82f01a164 100644 +--- a/src/libsystemd/sd-device/sd-device.c ++++ b/src/libsystemd/sd-device/sd-device.c +@@ -274,7 +274,7 @@ _public_ int sd_device_new_from_subsystem_sysname(sd_device **ret, const char *s + const char *subsys, *sep; + + sep = strchr(sysname, ':'); +- if (sep) { ++ if (sep && sep[1] != '\0') { /* Require ":" and something non-empty after that. */ + subsys = memdupa_suffix0(sysname, sep - sysname); + + if (snprintf_ok(syspath, sizeof syspath, "/sys/subsystem/%s/drivers/%s", subsys, sep + 1) && +-- +2.27.0 + diff --git a/backport-sd-device-use-memdupa_suffix0-where-appropriate.patch b/backport-sd-device-use-memdupa_suffix0-where-appropriate.patch new file mode 100644 index 0000000..3c43d44 --- /dev/null +++ b/backport-sd-device-use-memdupa_suffix0-where-appropriate.patch @@ -0,0 +1,70 @@ +From 3e2d0c6ab2abc0ab85440580931b2462bb73cfda Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 5 May 2021 16:57:39 +0200 +Subject: [PATCH] sd-device: use memdupa_suffix0() where appropriate + +No functional change intended. + +Conflict:NA +Reference:https://github.com/systemd/systemd-stable/commit/3e2d0c6ab2abc0ab85440580931b2462bb73cfda +--- + src/libsystemd/sd-device/sd-device.c | 27 +++++++++++---------------- + 1 file changed, 11 insertions(+), 16 deletions(-) + +diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c +index da1a7a3181..16c518fced 100644 +--- a/src/libsystemd/sd-device/sd-device.c ++++ b/src/libsystemd/sd-device/sd-device.c +@@ -271,20 +271,17 @@ _public_ int sd_device_new_from_subsystem_sysname(sd_device **ret, const char *s + return sd_device_new_from_syspath(ret, syspath); + + } else if (streq(subsystem, "drivers")) { +- char subsys[PATH_MAX]; +- char *driver; ++ const char *subsys, *sep; + +- strscpy(subsys, sizeof(subsys), sysname); +- driver = strchr(subsys, ':'); +- if (driver) { +- driver[0] = '\0'; +- driver++; ++ sep = strchr(sysname, ':'); ++ if (sep) { ++ subsys = memdupa_suffix0(sysname, sep - sysname); + +- if (snprintf_ok(syspath, sizeof syspath, "/sys/subsystem/%s/drivers/%s", subsys, driver) && ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/subsystem/%s/drivers/%s", subsys, sep + 1) && + access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); + +- if (snprintf_ok(syspath, sizeof syspath, "/sys/bus/%s/drivers/%s", subsys, driver) && ++ if (snprintf_ok(syspath, sizeof syspath, "/sys/bus/%s/drivers/%s", subsys, sep + 1) && + access(syspath, F_OK) >= 0) + return sd_device_new_from_syspath(ret, syspath); + } +@@ -652,17 +649,15 @@ _public_ int sd_device_new_from_device_id(sd_device **ret, const char *id) { + } + + case '+': { +- char subsys[NAME_MAX+1]; /* NAME_MAX does not include the trailing NUL. */ +- const char *sysname; ++ const char *subsys, *sep; + +- sysname = strchr(id + 1, ':'); +- if (!sysname) ++ sep = strchr(id + 1, ':'); ++ if (!sep || sep - id - 1 > NAME_MAX) + return -EINVAL; + +- (void) strnscpy(subsys, sizeof(subsys), id + 1, sysname - id - 1); +- sysname++; ++ subsys = memdupa_suffix0(id + 1, sep - id - 1); + +- return sd_device_new_from_subsystem_sysname(ret, subsys, sysname); ++ return sd_device_new_from_subsystem_sysname(ret, subsys, sep + 1); + } + + default: +-- +2.27.0 + diff --git a/backport-sd-device-use-strjoina-more-again-in-sd_device_new_f.patch b/backport-sd-device-use-strjoina-more-again-in-sd_device_new_f.patch new file mode 100644 index 0000000..7adc6d5 --- /dev/null +++ b/backport-sd-device-use-strjoina-more-again-in-sd_device_new_f.patch @@ -0,0 +1,190 @@ +From 9962f072342f8b5c5c49c09a6792d5b67ed4fdad Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Mon, 10 May 2021 16:41:46 +0200 +Subject: [PATCH] sd-device: use strjoina() more again in + sd_device_new_from_subsystem_sysname() + +This reverts a major part of: e17c95af8e450caacde692875b30675cea75211f + +Using format strings for concatenating strings is pretty unefficient, +and using PATH_MAX buffers unpretty as well. Let's revert to using +strjoina() as before. + +However, to fix the fuzz issue at hand, let's explicitly verify the two +input strings ensuring they are valid path names. This includes a length +check (to 2K each), thus making things prettier, faster and using less +memory again. + +(cherry picked from commit f5e775973a22e10e0813b56cb3e43d5d415979f7) + +Conflict:function test_util_resolve_subsys_kernel_one() is not in 0test-udev-util.c, but in test-libudev.c +Reference:https://github.com/systemd/systemd-stable/commit/9962f072342f8b5c5c49c09a6792d5b67ed4fdad +--- + src/libsystemd/sd-device/sd-device.c | 112 +++++++++++++++++---------- + src/test/test-udev-util.c | 2 +- + 2 files changed, 73 insertions(+), 41 deletions(-) + +diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c +index d82f01a164..d92410d2d0 100644 +--- a/src/libsystemd/sd-device/sd-device.c ++++ b/src/libsystemd/sd-device/sd-device.c +@@ -244,71 +244,103 @@ _public_ int sd_device_new_from_devnum(sd_device **ret, char type, dev_t devnum) + return sd_device_new_from_syspath(ret, syspath); + } + +-_public_ int sd_device_new_from_subsystem_sysname(sd_device **ret, const char *subsystem, const char *sysname) { +- char syspath[PATH_MAX], *name; ++static int device_strjoin_new( ++ const char *a, ++ const char *b, ++ const char *c, ++ const char *d, ++ sd_device **ret) { ++ ++ const char *p; ++ int r; ++ ++ p = strjoina(a, b, c, d); ++ if (access(p, F_OK) < 0) ++ return IN_SET(errno, ENOENT, ENAMETOOLONG) ? 0 : -errno; /* If this sysfs is too long then it doesn't exist either */ ++ ++ r = sd_device_new_from_syspath(ret, p); ++ if (r < 0) ++ return r; ++ ++ return 1; ++} ++ ++_public_ int sd_device_new_from_subsystem_sysname( ++ sd_device **ret, ++ const char *subsystem, ++ const char *sysname) { ++ ++ const char *s; ++ char *name; ++ int r; + + assert_return(ret, -EINVAL); +- assert_return(subsystem, -EINVAL); +- assert_return(sysname, -EINVAL); +- assert_return(strlen(sysname) < PATH_MAX - strlen("/sys/bus/"), -ENAMETOOLONG); ++ assert_return(path_is_normalized(subsystem), -EINVAL); ++ assert_return(path_is_normalized(sysname), -EINVAL); + + if (streq(subsystem, "subsystem")) { +- if (snprintf_ok(syspath, sizeof syspath, "/sys/subsystem/%s", sysname) && +- access(syspath, F_OK) >= 0) +- return sd_device_new_from_syspath(ret, syspath); +- +- if (snprintf_ok(syspath, sizeof syspath, "/sys/bus/%s", sysname) && +- access(syspath, F_OK) >= 0) +- return sd_device_new_from_syspath(ret, syspath); + +- if (snprintf_ok(syspath, sizeof syspath, "/sys/class/%s", sysname) && +- access(syspath, F_OK) >= 0) +- return sd_device_new_from_syspath(ret, syspath); ++ FOREACH_STRING(s, "/sys/subsystem/", "/sys/bus/", "/sys/class/") { ++ r = device_strjoin_new(s, sysname, NULL, NULL, ret); ++ if (r < 0) ++ return r; ++ if (r > 0) ++ return 0; ++ } + + } else if (streq(subsystem, "module")) { +- if (snprintf_ok(syspath, sizeof syspath, "/sys/module/%s", sysname) && +- access(syspath, F_OK) >= 0) +- return sd_device_new_from_syspath(ret, syspath); ++ ++ r = device_strjoin_new("/sys/module/", sysname, NULL, NULL, ret); ++ if (r < 0) ++ return r; ++ if (r > 0) ++ return 0; + + } else if (streq(subsystem, "drivers")) { +- const char *subsys, *sep; ++ const char *sep; + + sep = strchr(sysname, ':'); + if (sep && sep[1] != '\0') { /* Require ":" and something non-empty after that. */ +- subsys = memdupa_suffix0(sysname, sep - sysname); ++ const char *subsys; + +- if (snprintf_ok(syspath, sizeof syspath, "/sys/subsystem/%s/drivers/%s", subsys, sep + 1) && +- access(syspath, F_OK) >= 0) +- return sd_device_new_from_syspath(ret, syspath); ++ subsys = memdupa_suffix0(sysname, sep - sysname); ++ sep++; + +- if (snprintf_ok(syspath, sizeof syspath, "/sys/bus/%s/drivers/%s", subsys, sep + 1) && +- access(syspath, F_OK) >= 0) +- return sd_device_new_from_syspath(ret, syspath); ++ FOREACH_STRING(s, "/sys/subsystem/", "/sys/bus/") { ++ r = device_strjoin_new(s, subsys, "/drivers/", sep, ret); ++ if (r < 0) ++ return r; ++ if (r > 0) ++ return 0; ++ } + } + } + + /* translate sysname back to sysfs filename */ + name = strdupa(sysname); +- + for (size_t i = 0; name[i]; i++) + if (name[i] == '/') + name[i] = '!'; + +- if (snprintf_ok(syspath, sizeof syspath, "/sys/subsystem/%s/devices/%s", subsystem, name) && +- access(syspath, F_OK) >= 0) +- return sd_device_new_from_syspath(ret, syspath); +- +- if (snprintf_ok(syspath, sizeof syspath, "/sys/bus/%s/devices/%s", subsystem, name) && +- access(syspath, F_OK) >= 0) +- return sd_device_new_from_syspath(ret, syspath); ++ FOREACH_STRING(s, "/sys/subsystem/", "/sys/bus/") { ++ r = device_strjoin_new(s, subsystem, "/devices/", name, ret); ++ if (r < 0) ++ return r; ++ if (r > 0) ++ return 0; ++ } + +- if (snprintf_ok(syspath, sizeof syspath, "/sys/class/%s/%s", subsystem, name) && +- access(syspath, F_OK) >= 0) +- return sd_device_new_from_syspath(ret, syspath); ++ r = device_strjoin_new("/sys/class/", subsystem, "/", name, ret); ++ if (r < 0) ++ return r; ++ if (r > 0) ++ return 0; + +- if (snprintf_ok(syspath, sizeof syspath, "/sys/firmware/%s/%s", subsystem, sysname) && +- access(syspath, F_OK) >= 0) +- return sd_device_new_from_syspath(ret, syspath); ++ r = device_strjoin_new("/sys/firmware/", subsystem, "/", sysname, ret); ++ if (r < 0) ++ return r; ++ if (r > 0) ++ return 0; + + return -ENODEV; + } +diff --git a/src/test/test-libudev.c b/src/test/test-libudev.c +index dcb5bcc..c423ace 100644 +--- a/src/test/test-libudev.c ++++ b/src/test/test-libudev.c +@@ -417,7 +417,7 @@ static void test_util_resolve_subsys_kernel(void) { + test_util_resolve_subsys_kernel_one("hoge", false, -EINVAL, NULL); + test_util_resolve_subsys_kernel_one("[hoge", false, -EINVAL, NULL); + test_util_resolve_subsys_kernel_one("[hoge/foo", false, -EINVAL, NULL); +- test_util_resolve_subsys_kernel_one("[hoge/]", false, -ENODEV, NULL); ++ test_util_resolve_subsys_kernel_one("[hoge/]", false, -EINVAL, NULL); + + test_util_resolve_subsys_kernel_one("[net/lo]", false, 0, "/sys/devices/virtual/net/lo"); + test_util_resolve_subsys_kernel_one("[net/lo]/", false, 0, "/sys/devices/virtual/net/lo"); +-- +2.27.0 + diff --git a/backport-sd-event-use-usec_add.patch b/backport-sd-event-use-usec_add.patch new file mode 100644 index 0000000..4992ac0 --- /dev/null +++ b/backport-sd-event-use-usec_add.patch @@ -0,0 +1,31 @@ +From 04a76831e7987e4e1f25f7d8639e527cc8e56b48 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 15 Jun 2021 01:01:48 +0900 +Subject: [PATCH] sd-event: use usec_add() + +(cherry picked from commit a595fb5ca9c69c589e758e9ebe3b70ac90450ba3) + +Conflict:NA +Reference:https://github.com/systemd/systemd-stable/commit/04a76831e7987e4e1f25f7d8639e527cc8e56b48 +--- + src/libsystemd/sd-event/sd-event.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c +index 909266b84d..d2b50e9347 100644 +--- a/src/libsystemd/sd-event/sd-event.c ++++ b/src/libsystemd/sd-event/sd-event.c +@@ -3694,8 +3694,8 @@ static int arm_watchdog(sd_event *e) { + assert(e->watchdog_fd >= 0); + + t = sleep_between(e, +- e->watchdog_last + (e->watchdog_period / 2), +- e->watchdog_last + (e->watchdog_period * 3 / 4)); ++ usec_add(e->watchdog_last, (e->watchdog_period / 2)), ++ usec_add(e->watchdog_last, (e->watchdog_period * 3 / 4))); + + timespec_store(&its.it_value, t); + +-- +2.27.0 + diff --git a/backport-timesync-fix-wrong-type-for-receiving-timestamp-in-n.patch b/backport-timesync-fix-wrong-type-for-receiving-timestamp-in-n.patch new file mode 100644 index 0000000..2474804 --- /dev/null +++ b/backport-timesync-fix-wrong-type-for-receiving-timestamp-in-n.patch @@ -0,0 +1,43 @@ +From 771972c70736430e50dfa1519844da21de5a4054 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Fri, 20 Aug 2021 08:40:11 +0900 +Subject: [PATCH] timesync: fix wrong type for receiving timestamp in + nanoseconds + +(cherry picked from commit 6f96bdc58746b1698bf8b3430a6c638f8949daec) + +Conflict:macro CMSG_BUFFER_TYPE is not defined, directly modify union +Reference:https://github.com/systemd/systemd-stable/commit/771972c70736430e50dfa1519844da21de5a4054 +--- + src/test/test-sizeof.c | 2 ++ + src/timesync/timesyncd-manager.c | 2 +- + 2 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/test/test-sizeof.c b/src/test/test-sizeof.c +index 7fc16a6..0a8756c 100644 +--- a/src/test/test-sizeof.c ++++ b/src/test/test-sizeof.c +@@ -75,5 +75,7 @@ int main(void) { + printf("big_enum2_pos → %zu\n", sizeof(big_enum2_pos)); + printf("big_enum2_neg → %zu\n", sizeof(big_enum2_neg)); + ++ printf("timeval: %zu\n", sizeof(struct timeval)); ++ printf("timespec: %zu\n", sizeof(struct timespec)); + return 0; + } +diff --git a/src/timesync/timesyncd-manager.c b/src/timesync/timesyncd-manager.c +index 3c3a7fe..848e87a 100644 +--- a/src/timesync/timesyncd-manager.c ++++ b/src/timesync/timesyncd-manager.c +@@ -412,7 +412,7 @@ static int manager_receive_response(sd_event_source *source, int fd, uint32_t re + }; + union { + struct cmsghdr cmsghdr; +- uint8_t buf[CMSG_SPACE(sizeof(struct timeval))]; ++ uint8_t buf[CMSG_SPACE(sizeof(struct timespec))]; + } control; + union sockaddr_union server_addr; + struct msghdr msghdr = { +-- +2.27.0 + diff --git a/backport-tmpfiles-use-a-entry-in-hashmap-as-ItemArray-in-read.patch b/backport-tmpfiles-use-a-entry-in-hashmap-as-ItemArray-in-read.patch new file mode 100644 index 0000000..a702945 --- /dev/null +++ b/backport-tmpfiles-use-a-entry-in-hashmap-as-ItemArray-in-read.patch @@ -0,0 +1,92 @@ +From b266eeb0aee24a0c5868c3a46066c0329b2d1141 Mon Sep 17 00:00:00 2001 +From: Masahiro Matsuya +Date: Wed, 31 Mar 2021 11:44:24 +0900 +Subject: [PATCH] tmpfiles: use a entry in hashmap as ItemArray in + read_config_file() + +[zjs: squash commits and use size_t as appropriate. + +Bug seems to have been introduced in 811a15877825da9e53f9a2a8603da34589af6bbb. +Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1944468.] + +(cherry picked from commit bec890e3cd6dac249cb12ce9430fdb78b6cf546b) + +Conflict:the path which modify macro ORDERED_HASHMAP_FOREACH receive params is unsynchronized, The macro definition with three input parameters is still used +Reference:https://github.com/systemd/systemd/commit/b266eeb0aee24a0c5868c3a46066c0329b2d1141 +--- + src/tmpfiles/tmpfiles.c | 47 +++++++++++++++++++++++------------------ + 1 file changed, 27 insertions(+), 20 deletions(-) + +diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c +index cc6fc0e..38136d6 100644 +--- a/src/tmpfiles/tmpfiles.c ++++ b/src/tmpfiles/tmpfiles.c +@@ -2993,7 +2993,7 @@ static int read_config_file(char **config_dirs, const char *fn, bool ignore_enoe + Iterator iterator; + unsigned v = 0; + FILE *f; +- Item *i; ++ ItemArray *ia; + int r = 0; + + assert(fn); +@@ -3046,30 +3046,37 @@ static int read_config_file(char **config_dirs, const char *fn, bool ignore_enoe + } + + /* we have to determine age parameter for each entry of type X */ +- ORDERED_HASHMAP_FOREACH(i, globs, iterator) { +- Iterator iter; +- Item *j, *candidate_item = NULL; ++ ORDERED_HASHMAP_FOREACH(ia, globs, iterator) { ++ for (size_t ni = 0; ni < ia->n_items; ni++) { ++ Iterator iter; ++ ItemArray *ja; ++ Item *i = ia->items + ni, *candidate_item = NULL; + +- if (i->type != IGNORE_DIRECTORY_PATH) +- continue; +- +- ORDERED_HASHMAP_FOREACH(j, items, iter) { +- if (!IN_SET(j->type, CREATE_DIRECTORY, TRUNCATE_DIRECTORY, CREATE_SUBVOLUME, CREATE_SUBVOLUME_INHERIT_QUOTA, CREATE_SUBVOLUME_NEW_QUOTA)) ++ if (i->type != IGNORE_DIRECTORY_PATH) + continue; + +- if (path_equal(j->path, i->path)) { +- candidate_item = j; +- break; +- } ++ ORDERED_HASHMAP_FOREACH(ja, items, iter) { ++ for (size_t nj = 0; nj < ja->n_items; nj++) { ++ Item *j = ja->items + nj; + +- if ((!candidate_item && path_startswith(i->path, j->path)) || +- (candidate_item && path_startswith(j->path, candidate_item->path) && (fnmatch(i->path, j->path, FNM_PATHNAME | FNM_PERIOD) == 0))) +- candidate_item = j; +- } ++ if (!IN_SET(j->type, CREATE_DIRECTORY, TRUNCATE_DIRECTORY, CREATE_SUBVOLUME, CREATE_SUBVOLUME_INHERIT_QUOTA, CREATE_SUBVOLUME_NEW_QUOTA)) ++ continue; + +- if (candidate_item && candidate_item->age_set) { +- i->age = candidate_item->age; +- i->age_set = true; ++ if (path_equal(j->path, i->path)) { ++ candidate_item = j; ++ break; ++ } ++ ++ if ((!candidate_item && path_startswith(i->path, j->path)) || ++ (candidate_item && path_startswith(j->path, candidate_item->path) && (fnmatch(i->path, j->path, FNM_PATHNAME | FNM_PERIOD) == 0))) ++ candidate_item = j; ++ } ++ } ++ ++ if (candidate_item && candidate_item->age_set) { ++ i->age = candidate_item->age; ++ i->age_set = true; ++ } + } + } + +-- +2.27.0 + diff --git a/backport-udev-fix-key-name-in-debug-log.patch b/backport-udev-fix-key-name-in-debug-log.patch new file mode 100644 index 0000000..090a964 --- /dev/null +++ b/backport-udev-fix-key-name-in-debug-log.patch @@ -0,0 +1,30 @@ +From 019c7e43bcac498033a6af372753eaca3f16a536 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 23 Jun 2021 16:33:14 +0900 +Subject: [PATCH] udev: fix key name in debug log + +(cherry picked from commit 51c2f543d1474c2615fb8282ea90b2954db33a7e) + +Conflict:NA +Reference:https://github.com/systemd/systemd-stable/commit/019c7e43bcac498033a6af372753eaca3f16a536 +--- + src/udev/udev-rules.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c +index 2f25e7184b..470692119d 100644 +--- a/src/udev/udev-rules.c ++++ b/src/udev/udev-rules.c +@@ -2091,7 +2091,8 @@ static int udev_rule_apply_token_to_event( + else + count = 0; + if (count > 0) +- log_rule_debug(dev, rules, "Replaced %zu character(s) from result of LINK", count); ++ log_rule_debug(dev, rules, "Replaced %zu character(s) from result of SYMLINK=\"%s\"", ++ count, token->value); + + p = skip_leading_chars(buf, NULL); + while (!isempty(p)) { +-- +2.27.0 + diff --git a/backport-udev-fix-potential-memleak.patch b/backport-udev-fix-potential-memleak.patch new file mode 100644 index 0000000..87e65cb --- /dev/null +++ b/backport-udev-fix-potential-memleak.patch @@ -0,0 +1,38 @@ +From 59bb407d19de624419026b77f152bf7bf5baef7a Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Fri, 27 Aug 2021 17:27:26 +0900 +Subject: [PATCH] udev: fix potential memleak + +(cherry picked from commit 4154524d47d24bcee3ebfed939912a847ebeb1b3) +(cherry picked from commit f4a8e2c2115fc901e588a1672f129e7e3371f5d7) + +Conflict:different code contexts, manual synchronization path +Reference:https://github.com/systemd/systemd-stable/commit/59bb407d19de624419026b77f152bf7bf5baef7a +--- + src/udev/udev-builtin-net_id.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c +index af0d2a7..b584234 100644 +--- a/src/udev/udev-builtin-net_id.c ++++ b/src/udev/udev-builtin-net_id.c +@@ -103,7 +103,6 @@ static int get_virtfn_info(sd_device *dev, struct netnames *names, struct virtfn + _cleanup_(sd_device_unrefp) sd_device *physfn_pcidev = NULL; + const char *physfn_link_file, *syspath; + _cleanup_free_ char *physfn_pci_syspath = NULL; +- _cleanup_free_ char *virtfn_pci_syspath = NULL; + struct dirent *dent; + _cleanup_closedir_ DIR *dir = NULL; + char suffix[IFNAMSIZ]; +@@ -134,7 +133,7 @@ static int get_virtfn_info(sd_device *dev, struct netnames *names, struct virtfn + return -errno; + + FOREACH_DIRENT_ALL(dent, dir, break) { +- _cleanup_free_ char *virtfn_link_file = NULL; ++ _cleanup_free_ char *virtfn_link_file = NULL, *virtfn_pci_syspath = NULL; + + if (!startswith(dent->d_name, "virtfn")) + continue; +-- +2.27.0 + diff --git a/backport-udev-ignore-the-case-that-the-device-is-already-remo.patch b/backport-udev-ignore-the-case-that-the-device-is-already-remo.patch new file mode 100644 index 0000000..1da9ab5 --- /dev/null +++ b/backport-udev-ignore-the-case-that-the-device-is-already-remo.patch @@ -0,0 +1,36 @@ +From b4ad8b418f65e8fbe8719344415758e6e62602f6 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 2 Jun 2021 19:10:49 +0900 +Subject: [PATCH] udev: ignore the case that the device is already removed + +See #19788. + +(cherry picked from commit 6be1feb1d7e30c0e7591121b74d4c3c7079de6b3) + +Conflict:NA +Reference:https://github.com/systemd/systemd-stable/commit/b4ad8b418f65e8fbe8719344415758e6e62602f6 +--- + src/udev/udev-builtin-blkid.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/src/udev/udev-builtin-blkid.c b/src/udev/udev-builtin-blkid.c +index 2daafb1150..cfb74b9cf8 100644 +--- a/src/udev/udev-builtin-blkid.c ++++ b/src/udev/udev-builtin-blkid.c +@@ -298,8 +298,11 @@ static int builtin_blkid(sd_device *dev, int argc, char *argv[], bool test) { + return log_device_debug_errno(dev, r, "Failed to get device name: %m"); + + fd = open(devnode, O_RDONLY|O_CLOEXEC|O_NONBLOCK); +- if (fd < 0) +- return log_device_debug_errno(dev, errno, "Failed to open block device %s: %m", devnode); ++ if (fd < 0) { ++ log_device_debug_errno(dev, errno, "Failed to open block device %s%s: %m", ++ devnode, errno == ENOENT ? ", ignoring" : ""); ++ return errno == ENOENT ? 0 : -errno; ++ } + + errno = 0; + r = blkid_probe_set_device(pr, fd, offset, 0); +-- +2.27.0 + diff --git a/systemd.spec b/systemd.spec index 2925136..e41343e 100644 --- a/systemd.spec +++ b/systemd.spec @@ -16,7 +16,7 @@ Name: systemd Url: https://www.freedesktop.org/wiki/Software/systemd Version: 243 -Release: 69 +Release: 70 License: MIT and LGPLv2+ and GPLv2+ Summary: System and Service Manager @@ -265,6 +265,24 @@ Patch0217: backport-mount-setup-change-the-system-mount-propagation-to-s.pa Patch0218: backport-core-transition-to-FINAL_SIGTERM-state-after-ExecSto.patch Patch0219: backport-journalctl-verify-that-old-entries-are-not-sealed-wi.patch Patch0220: backport-gdb-update-accessors-for-bucket-counts-and-entry-sizes.patch +Patch0221: backport-sd-device-do-no-allocate-strings-of-unknown-length-o.patch +Patch0222: backport-sd-device-minor-optimization-for-sd_device_new_from_.patch +Patch0223: backport-sd-device-use-memdupa_suffix0-where-appropriate.patch +Patch0224: backport-sd-device-reject-empty-driver-name.patch +Patch0225: backport-tmpfiles-use-a-entry-in-hashmap-as-ItemArray-in-read.patch +Patch0226: backport-dissect-ext4-and-loopback-files-are-unimpressed-by-r.patch +Patch0227: backport-mount-until-make-sure-we-ll-exit-bind_remount_recurs.patch +Patch0228: backport-sd-device-use-strjoina-more-again-in-sd_device_new_f.patch +Patch0229: backport-core-when-looping-over-mount-swap-names-continue-if-.patch +Patch0230: backport-libblkid-open-device-in-nonblock-mode.patch +Patch0231: backport-udev-ignore-the-case-that-the-device-is-already-remo.patch +Patch0232: backport-udev-fix-key-name-in-debug-log.patch +Patch0233: backport-sd-event-use-usec_add.patch +Patch0234: backport-timesync-fix-wrong-type-for-receiving-timestamp-in-n.patch +Patch0235: backport-udev-fix-potential-memleak.patch +Patch0236: backport-journalctl-never-fail-at-flushing-when-the-flushed-f.patch +Patch0237: backport-core-fix-SIGABRT-on-empty-exec-command-argv.patch +Patch0238: backport-core-service-also-check-path-in-exec-commands.patch #openEuler Patch9002: 1509-fix-journal-file-descriptors-leak-problems.patch @@ -1672,6 +1690,27 @@ fi %exclude /usr/share/man/man3/* %changelog +* Mon Dec 18 2023 huyubiao - 243-70 +- backport: sync patches from systemd community + add backport-sd-device-do-no-allocate-strings-of-unknown-length-o.patch + backport-sd-device-minor-optimization-for-sd_device_new_from_.patch + backport-sd-device-use-memdupa_suffix0-where-appropriate.patch + backport-sd-device-reject-empty-driver-name.patch + backport-tmpfiles-use-a-entry-in-hashmap-as-ItemArray-in-read.patch + backport-dissect-ext4-and-loopback-files-are-unimpressed-by-r.patch + backport-mount-until-make-sure-we-ll-exit-bind_remount_recurs.patch + backport-sd-device-use-strjoina-more-again-in-sd_device_new_f.patch + backport-core-when-looping-over-mount-swap-names-continue-if-.patch + backport-libblkid-open-device-in-nonblock-mode.patch + backport-udev-ignore-the-case-that-the-device-is-already-remo.patch + backport-udev-fix-key-name-in-debug-log.patch + backport-sd-event-use-usec_add.patch + backport-timesync-fix-wrong-type-for-receiving-timestamp-in-n.patch + backport-udev-fix-potential-memleak.patch + backport-journalctl-never-fail-at-flushing-when-the-flushed-f.patch + backport-core-fix-SIGABRT-on-empty-exec-command-argv.patch + backport-core-service-also-check-path-in-exec-commands.patch + * Thu Dec 14 2023 hanjinpeng - 243-69 - fix gdb debug hashmap bucket counts and entry sizes issue