v255 batch #370
Merged
v255 batch #370
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(cherry picked from commit 2bb1d3c)
As explained in #30891, IPv6OnlyMode= should be enabled with 464XLAT support, but we do not support it yet. Let's disable by default. Fixes #30891. (cherry picked from commit 7dc4318)
(cherry picked from commit 561d879)
Otherwise they might get stripped when reading the serialized data back. Resolves: #31214 (cherry picked from commit 5b1aa0e)
…delegation This does not change anything for DHCPv4, as a DHCPv4 address is always requested anyway. However for DHCPv6, the client may not request IA_NA addresses by UseAddress=no, or even if it is requested, the server may not provide any IA_NA addresses. Even in such cases, here the check is for delegated prefixes, hence it is not necessary to check if DHCPv6 IA_NA addresses are configured. Fixes a bug introduced by 195b83e. Fixes #31349. (cherry picked from commit b4054af)
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
(cherry picked from commit ab06b74)
For issue #31349. (cherry picked from commit 3b677c6)
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2264404. Replaces #31356. (cherry picked from commit d42b81f)
(cherry picked from commit dfdcc7c)
Skip using pidfds if we get a permission denied error. This can happen with an old policy and a new kernel that uses the new pidfs filesystem to back pidfds, instead of anonymous inodes, as the existing policy denies access. This is already the case for most uses of pidfd_open, like pidref, but not on these two. Fix them. (cherry picked from commit 857945c)
With meson build --werror --buildtype=plain -Dc_args=" -O2" the build fails:
../src/boot/efi/stub.c: In function ‘load_addons.constprop’:03:06
../src/boot/efi/stub.c:475:40: error: using a dangling pointer to ‘p’ [-Werror=dangling-pointer=]03:06
475 | dt_bases[n_dt] = xmemdup((uint8_t*)loaded_addon->ImageBase + addrs[UNIFIED_SECTION_DTB],03:06
| ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~03:06
476 | dt_sizes[n_dt]);03:06
| ~~~~~~~~~~~~~~~03:06
In file included from ../src/boot/efi/stub.c:20:03:06
../src/boot/efi/util.h:33:15: note: ‘p’ declared here03:06
33 | void *p;03:06
| ^
De-inline the function and initialize p to make gcc happy.
(cherry picked from commit 6036f62)
It has been demonstrated that tolerating an unbounded number of dnssec signature validations is a bad idea. It is easy for a maliciously crafted DNS reply to contain as many keytag collisions as desired, causing us to iterate every dnskey and signature combination in vain. The solution is to impose a maximum number of validations we will tolerate. While collisions are not hard to craft, I still expect they are unlikely in the wild so it should be safe to pick fairly small values. Here two limits are imposed: one on the maximum number of invalid signatures encountered per rrset, and another on the total number of validations performed per transaction. (cherry picked from commit 67d0ce8)
According to RFC9267, the 2500 value is not helpful, and in fact it can be harmful to permit a large number of iterations. Combined with limits on the number of signature validations, I expect this will mitigate the impact of maliciously crafted domains designed to cause excessive cryptographic work. (cherry picked from commit eba2911)
…icted With newer versions of AppArmor, unprivileged user namespace creation may be restricted by default, in which case user manager instances will not be able to apply PrivateUsers=yes (or the settings which require it). This can be tested with the kernel.apparmor_restrict_unprivileged_userns sysctl. (cherry picked from commit fec0d50)
The previous wording of the components could mean that we should only watch directories, not the socket itself. Reword so that we clearly mention that all components of the path are watched, including the socket itself. (cherry picked from commit 0e2f18e)
…ved for it (#30459) Co-authored-by: wangyuhang <wangyuhang27@huawei.com> (cherry picked from commit 8a86e15)
(cherry picked from commit ee23a85)
(cherry picked from commit 6ff8461)
This is not immediately clear for users, so spell out the preferred pattern clearly in the D-Bus documentation. (cherry picked from commit d156e66)
(cherry picked from commit 803bcc4)
Add some extra safety checks: refuse weird open flags. And while we are at it, also use stat_verify_regular() (cherry picked from commit 1f47e27)
If -Dtests=false but -Dinstall-tests=true the build will fail, as some tests will be pulled in the build but not their prerequisites. It doesn't make sense to ask for tests to be installed if they are disabled. FAILED: test-acd cc -o test-acd test-acd.p/src_libsystemd-network_test-acd.c.o -flto -Wl,--as-needed -Wl,--no-undefined -pie -fstack-protector -Wl,-z,relro -specs=/usr/share/debhelper/dh_package_notes/debian-package-notes.specs -g -O2 -ffile-prefix-map=/tmp/s=. -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection -ffat-lto-objects -Wdate-time -D_FORTIFY_SOURCE=2 '-Wl,-rpath,$ORIGIN/src/shared:XXXXXXXXXXXXXXX' -Wl,-rpath-link,/tmp/s/obj-x86_64-linux-gnu/src/shared -Wl,--start-group src/shared/libsystemd-shared-255.so src/libsystemd-network/libsystemd-network.a -Wl,--end-group -Wl,--fatal-warnings -Wl,-z,now -Wl,-z,relro -Wl,--warn-common -Wl,--gc-sections -Wl,--fatal-warnings -Wl,-z,now -Wl,-z,relro -Wl,--warn-common -Wl,--gc-sections /usr/bin/ld: /tmp/cc0oYwFZ.ltrans0.ltrans.o: in function `main': ./obj-x86_64-linux-gnu/./obj-x86_64-linux-gnu/<artificial>:85:(.text.startup+0x33): undefined reference to `test_setup_logging' collect2: error: ld returned 1 exit status (cherry picked from commit 311efaa)
…ation gracefully Our function so far assumed that the LoaderEntries's last string is or is not NUL terminated. But if it was, then we'd debug log about this, claiming there was an invalid id. sd-boot actually ends the list in a properly NUL-terminated string, hence we should just accept that. Handle that case gracefully, and add comments explaining why we have two ways why we exit the loop. This is cosmetic only, just suppresses a misleading debug log message. (cherry picked from commit 2cda44c)
Reword the description of the `IgnoreSIGPIPE=` service option to be more grammatical. (cherry picked from commit 6c6ec5f)
According to keyctl(2), the return value for KEYCTL_READ is:
The amount of data that is available in the key,
irrespective of the provided buffer size
So, we could pass in a NULL buffer to query the size, then allocate the
exact right amount of space, then call keyctl again to get the key data.
However, we must still keep the for loop to avoid TOCTOU issues: the key
might have been replaced with something bigger while we're busy
allocating the buffer to store it.
Thus, we can actually save a syscall by picking some reasonable default
buffer size and skipping the NULL call to keyctl. If our default is big
enough, we're done and have saved a syscall! If not, then the first call
behaves essentially the same as the NULL call, and we use the size it
returns to reallocate the buffer appropriately.
(cherry picked from commit d0aef63)
From readlinkat(2): Since Linux 2.6.39, pathname can be an empty string, in which case the call operates on the symbolic link referred to by dirfd (which should have been obtained using open(2) with the O_PATH and O_NOFOLLOW flags). (cherry picked from commit e4c094c)
So the tests work even if the base image filesystem is not ext4. (cherry picked from commit adafa3b)
Forward journal to console, since we won't have any journal from initrd and shutdown/exit initrd phases. Also, mention systemd.journald.max_level_console=debug that is very handy for debugging initrd shenanigans, but don't use it by default since it sends a _lot_ of stuff to the serial console, which slows down the test a lot. (cherry picked from commit e073c1d)
So it's created automagically with proper attributes. (cherry picked from commit 1b0cf03)
To make debugging test fails easier. (cherry picked from commit bce0fa7)
(cherry picked from commit 7e2bf4c)
If we're looking for output on stderr, let's make sure it's not littered with debug logs if SYSTEMD_LOG_LEVEL=debug. (cherry picked from commit 88d4b97)
Precedence for example in https://github.com/systemd/systemd/blob/ac63c8df309e37960618610d8b57ac19ac657254/rules.d/99-systemd.rules.in#L75. Add ENV to the list of keys where string substitutions can be used. While I'm at it, also sort the list in that paragraph alphabetically. (cherry picked from commit 793166a)
This value is actually arch-specific, so this commit defines it for all the arches that set it to some custom value Fixes systemd/systemd#31417 (cherry picked from commit 9e3db91)
Similarly to bbac11c we need to enable session lingering for the test user, so the long-running test units are not killed prematurely: [ 18.822261] testsuite-55.sh[403]: + systemctl start --machine testuser@.host --user testsuite-55-testchill.service [ 18.852775] systemd[1]: Started run-u17.service. [ 19.256431] (o-bridge)[526]: pam_unix(login:session): session opened for user testuser(uid=4711) by testuser(uid=0) [ 19.288346] systemd[1]: Started session-2.scope. [ 20.165874] systemd[392]: Created slice session.slice. [ 20.166459] systemd[392]: Starting dbus-broker.service... [ 20.220189] dbus-broker-launch[529]: Policy to allow eavesdropping in /usr/share/dbus-1/session.conf +31: Eavesdropping is deprecated and ignored [ 20.220189] dbus-broker-launch[529]: Policy to allow eavesdropping in /usr/share/dbus-1/session.conf +33: Eavesdropping is deprecated and ignored [ 20.220494] systemd[392]: Started dbus-broker.service. [ 20.224276] dbus-broker-launch[529]: Ready [ 20.231702] systemd[392]: Created slice testsuite.slice. [ 20.231976] systemd[392]: Created slice testsuite-55.slice. [ 20.232259] systemd[392]: Created slice testsuite-55-workload.slice. [ 31.065294] testsuite-55.sh[403]: + systemctl start --machine testuser@.host --user testsuite-55-testbloat.service [ 31.065641] (sd-pam)[528]: pam_unix(login:session): session closed for user testuser [ 31.066103] (sd-pam)[528]: pam_systemd(login:session): Failed to release session: Access denied [ 31.066152] systemd[392]: Started testsuite-55-testchill.service. [ 31.068062] systemd[1]: run-u17.service: Deactivated successfully. [ 31.068217] dbus-broker[389]: A security policy denied :1.20 to send method call /org/freedesktop/login1:org.freedesktop.login1.Manager.ReleaseSession to org.freedesktop.login1. [ 31.075901] (o-bridge)[537]: pam_unix(login:session): session opened for user testuser(uid=4711) by testuser(uid=0) [ 31.091098] systemd[1]: Stopping session-2.scope... [ 31.092158] systemd[1]: Started run-u21.service. [ 31.092993] systemd[1]: session-2.scope: Deactivated successfully. [ 31.093287] systemd[1]: Stopped session-2.scope. [ 31.095798] systemd[1]: Stopping user@4711.service... [ 31.103541] systemd[392]: Activating special unit exit.target... [ 31.108359] systemd[392]: Stopped target default.target. [ 31.109798] systemd[392]: Stopped target timers.target. [ 31.110790] systemd[392]: Stopping testsuite-55-testchill.service... [ 31.112154] systemd[392]: Stopped testsuite-55-testchill.service. [ 31.114033] systemd[392]: Removed slice testsuite-55-workload.slice. [ 31.114971] systemd[392]: Removed slice testsuite-55.slice. [ 31.115858] systemd[392]: Removed slice testsuite.slice. ... [ 31.475949] testsuite-55.sh[403]: + systemctl --machine testuser@.host --user status testsuite-55-testchill.service [ 31.490464] systemd[1]: session-3.scope: Deactivated successfully. [ 31.565929] systemd[1]: Started run-u33.service. [ 31.592437] (o-bridge)[583]: pam_unix(login:session): session opened for user testuser(uid=4711) by testuser(uid=0) [ 31.610210] systemd[1]: Started session-5.scope. [ 31.616960] testsuite-55.sh[578]: ○ testsuite-55-testchill.service - No memory pressure [ 31.616960] testsuite-55.sh[578]: Loaded: loaded (/usr/lib/systemd/tests/testdata/units/testsuite-55-testchill.service; static) [ 31.616960] testsuite-55.sh[578]: Active: inactive (dead) [ 31.617438] (sd-pam)[586]: pam_unix(login:session): session closed for user testuser Addresses systemd/systemd#31426 (comment). (cherry picked from commit ff80bd2)
…essage fields Since we use varargs for sd_message_append() we need to make sure the parameters we pass are actually 64bit wide, if "t" is used. Hence cast appropriately if necessary. I went through the whole tree, and in most cases we got it right, but there are some cases we missed so far. Inspired by: #31420 (cherry picked from commit 04a3af3)
I have a large initrd (built with mkosi-initrd) and the test-ukify takes 30 s. Let's use the usual approach of skipping the slowests tests. (pytest has marks, and it would be nicer to mark tests with pytest.mark.slow, and then use "-m 'not slow'" in the meson test invocation. But markers must be pre-registered, otherwise pytest emits a warning. There are a few ways to register markers, but they all require "project configuration", but because of how we invoke pytest, this is hard to do. So let's just use an environment variable.) (cherry picked from commit a181901)
The negative lookup can be quite slow. On my local network, skipping this test saves about half of the runtime of test-nss-hosts. (cherry picked from commit 37eba4b)
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> (cherry picked from commit 819874a)
SMBIOS support in QEMU for RISC-V is merged upstream. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> (cherry picked from commit 5041e77)
|
CI failure is a fedora gpg problem, not related to the patches here. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.