Compare commits
33 Commits
master
...
f33-riscv6
Author | SHA1 | Date | |
---|---|---|---|
bafbe7491b | |||
a056577af6 | |||
4b1c1c812f | |||
fd93247403 | |||
|
1bcc94fae9 | ||
|
823c295af0 | ||
|
f5c76bb664 | ||
|
2299ee202a | ||
|
6aa7553053 | ||
|
90382542b5 | ||
|
e6a21d2052 | ||
|
c546bbbc2d | ||
|
30c6162c54 | ||
|
779685bf4b | ||
|
b24ba6cad7 | ||
|
b0eed6b094 | ||
|
8d0eb549df | ||
|
0734f6bacd | ||
|
0c781e3fb3 | ||
|
bb07b579b9 | ||
|
22dd111420 | ||
|
0e4b90f113 | ||
|
ede219f77b | ||
|
3dbcab83bf | ||
|
12233f3769 | ||
|
ed795fb1fc | ||
c50883d629 | |||
|
6168715468 | ||
|
d3d43af8ad | ||
|
f3f602da25 | ||
|
3417440344 | ||
|
a896a747c3 | ||
|
b98737cec4 |
250
0001-Add-riscv-SECCOMP-support.patch
Normal file
250
0001-Add-riscv-SECCOMP-support.patch
Normal file
@ -0,0 +1,250 @@
|
|||||||
|
From 5231b108f5d5924381e58182f8fd2592d1077caf Mon Sep 17 00:00:00 2001
|
||||||
|
From: David Abdurachmanov <davidlt@rivosinc.com>
|
||||||
|
Date: Fri, 10 Jun 2022 15:58:34 +0300
|
||||||
|
Subject: [PATCH] Add riscv SECCOMP support
|
||||||
|
|
||||||
|
Signed-off-by: David Abdurachmanov <davidlt@rivosinc.com>
|
||||||
|
|
||||||
|
diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h
|
||||||
|
index fc79870..e4daadc 100644
|
||||||
|
--- a/src/basic/missing_syscall.h
|
||||||
|
+++ b/src/basic/missing_syscall.h
|
||||||
|
@@ -81,6 +81,8 @@ static inline int missing_pivot_root(const char *new_root, const char *put_old)
|
||||||
|
# define __NR_memfd_create 356
|
||||||
|
# elif defined __arc__
|
||||||
|
# define __NR_memfd_create 279
|
||||||
|
+# elif defined __riscv
|
||||||
|
+# define __NR_memfd_create 279
|
||||||
|
# else
|
||||||
|
# warning "__NR_memfd_create unknown for your architecture"
|
||||||
|
# endif
|
||||||
|
@@ -134,6 +136,8 @@ static inline int missing_memfd_create(const char *name, unsigned int flags) {
|
||||||
|
# endif
|
||||||
|
# elif defined(__arc__)
|
||||||
|
# define __NR_getrandom 278
|
||||||
|
+# elif defined(__riscv)
|
||||||
|
+# define __NR_getrandom 278
|
||||||
|
# else
|
||||||
|
# warning "__NR_getrandom unknown for your architecture"
|
||||||
|
# endif
|
||||||
|
@@ -179,6 +183,8 @@ static inline pid_t missing_gettid(void) {
|
||||||
|
# define __NR_name_to_handle_at 345
|
||||||
|
# elif defined(__arc__)
|
||||||
|
# define __NR_name_to_handle_at 264
|
||||||
|
+# elif defined(__riscv)
|
||||||
|
+# define __NR_name_to_handle_at 264
|
||||||
|
# elif defined _MIPS_SIM
|
||||||
|
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||||
|
# define systemd_NR_name_to_handle_at systemd_SC_arch_bias(339)
|
||||||
|
@@ -224,6 +230,8 @@ static inline int missing_name_to_handle_at(int fd, const char *name, struct fil
|
||||||
|
# define __NR_setns 346
|
||||||
|
# elif defined(__arc__)
|
||||||
|
# define __NR_setns 268
|
||||||
|
+# elif defined(__riscv)
|
||||||
|
+# define __NR_setns 268
|
||||||
|
# elif defined _MIPS_SIM
|
||||||
|
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||||
|
# define systemd_NR_setns systemd_SC_arch_bias(344)
|
||||||
|
@@ -291,6 +299,8 @@ static inline pid_t raw_getpid(void) {
|
||||||
|
# define __NR_renameat2 347
|
||||||
|
# elif defined __arc__
|
||||||
|
# define __NR_renameat2 276
|
||||||
|
+# elif defined __riscv
|
||||||
|
+# define __NR_renameat2 276
|
||||||
|
# else
|
||||||
|
# warning "__NR_renameat2 unknown for your architecture"
|
||||||
|
# endif
|
||||||
|
@@ -382,6 +392,8 @@ static inline key_serial_t missing_request_key(const char *type, const char *des
|
||||||
|
# define __NR_copy_file_range 379
|
||||||
|
# elif defined __arc__
|
||||||
|
# define __NR_copy_file_range 285
|
||||||
|
+# elif defined __riscv
|
||||||
|
+# define __NR_copy_file_range 285
|
||||||
|
# elif defined _MIPS_SIM
|
||||||
|
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||||
|
# define systemd_NR_copy_file_range systemd_SC_arch_bias(360)
|
||||||
|
@@ -432,6 +444,8 @@ static inline ssize_t missing_copy_file_range(int fd_in, loff_t *off_in,
|
||||||
|
# define __NR_bpf 351
|
||||||
|
# elif defined __tilegx__
|
||||||
|
# define __NR_bpf 280
|
||||||
|
+# elif defined __riscv
|
||||||
|
+# define __NR_bpf 280
|
||||||
|
# elif defined _MIPS_SIM
|
||||||
|
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||||
|
# define systemd_NR_bpf systemd_SC_arch_bias(355)
|
||||||
|
@@ -479,6 +493,8 @@ static inline int missing_bpf(int cmd, union bpf_attr *attr, size_t size) {
|
||||||
|
# define __NR_pkey_mprotect 386
|
||||||
|
# elif defined __s390__
|
||||||
|
# define __NR_pkey_mprotect 384
|
||||||
|
+# elif defined __riscv
|
||||||
|
+# define __NR_pkey_mprotect 288
|
||||||
|
# elif defined _MIPS_SIM
|
||||||
|
# if _MIPS_SIM == _MIPS_SIM_ABI32
|
||||||
|
# define __NR_pkey_mprotect 4363
|
||||||
|
@@ -489,6 +505,8 @@ static inline int missing_bpf(int cmd, union bpf_attr *attr, size_t size) {
|
||||||
|
# if _MIPS_SIM == _MIPS_SIM_ABI64
|
||||||
|
# define __NR_pkey_mprotect 5323
|
||||||
|
# endif
|
||||||
|
+# elif defined __riscv
|
||||||
|
+# define __NR_pkey_mprotect 288
|
||||||
|
# else
|
||||||
|
# warning "__NR_pkey_mprotect not defined for your architecture"
|
||||||
|
# endif
|
||||||
|
@@ -513,6 +531,8 @@ static inline int missing_bpf(int cmd, union bpf_attr *attr, size_t size) {
|
||||||
|
# define __NR_statx 383
|
||||||
|
# elif defined __sparc__
|
||||||
|
# define __NR_statx 360
|
||||||
|
+# elif defined __riscv
|
||||||
|
+# define __NR_statx 291
|
||||||
|
# elif defined __x86_64__
|
||||||
|
# define __NR_statx systemd_SC_arch_bias(332)
|
||||||
|
# elif defined _MIPS_SIM
|
||||||
|
diff --git a/src/basic/virt.c b/src/basic/virt.c
|
||||||
|
index 35acc73..6da76d5 100644
|
||||||
|
--- a/src/basic/virt.c
|
||||||
|
+++ b/src/basic/virt.c
|
||||||
|
@@ -84,7 +84,7 @@ static int detect_vm_cpuid(void) {
|
||||||
|
}
|
||||||
|
|
||||||
|
static int detect_vm_device_tree(void) {
|
||||||
|
-#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) || defined(__powerpc64__)
|
||||||
|
+#if defined(__arm__) || defined(__aarch64__) || defined(__powerpc__) || defined(__powerpc64__) || defined(__riscv)
|
||||||
|
_cleanup_free_ char *hvtype = NULL;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
@@ -134,7 +134,7 @@ static int detect_vm_device_tree(void) {
|
||||||
|
}
|
||||||
|
|
||||||
|
static int detect_vm_dmi(void) {
|
||||||
|
-#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
|
||||||
|
+#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__riscv)
|
||||||
|
|
||||||
|
static const char *const dmi_vendors[] = {
|
||||||
|
"/sys/class/dmi/id/product_name", /* Test this before sys_vendor to detect KVM over QEMU */
|
||||||
|
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
|
||||||
|
index 3f91b75..ab61915 100644
|
||||||
|
--- a/src/shared/seccomp-util.c
|
||||||
|
+++ b/src/shared/seccomp-util.c
|
||||||
|
@@ -90,6 +90,8 @@ const uint32_t seccomp_local_archs[] = {
|
||||||
|
SCMP_ARCH_S390X, /* native */
|
||||||
|
#elif defined(__s390__)
|
||||||
|
SCMP_ARCH_S390,
|
||||||
|
+#elif defined(__riscv) && __riscv_xlen == 64
|
||||||
|
+ SCMP_ARCH_RISCV64, /* native */
|
||||||
|
#endif
|
||||||
|
(uint32_t) -1
|
||||||
|
};
|
||||||
|
@@ -135,6 +137,8 @@ const char* seccomp_arch_to_string(uint32_t c) {
|
||||||
|
return "s390";
|
||||||
|
case SCMP_ARCH_S390X:
|
||||||
|
return "s390x";
|
||||||
|
+ case SCMP_ARCH_RISCV64:
|
||||||
|
+ return "riscv64";
|
||||||
|
default:
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
@@ -180,6 +184,8 @@ int seccomp_arch_from_string(const char *n, uint32_t *ret) {
|
||||||
|
*ret = SCMP_ARCH_S390;
|
||||||
|
else if (streq(n, "s390x"))
|
||||||
|
*ret = SCMP_ARCH_S390X;
|
||||||
|
+ else if (streq(n, "riscv64"))
|
||||||
|
+ *ret = SCMP_ARCH_RISCV64;
|
||||||
|
else
|
||||||
|
return -EINVAL;
|
||||||
|
|
||||||
|
@@ -1339,6 +1345,7 @@ int seccomp_restrict_address_families(Set *address_families, bool allow_list) {
|
||||||
|
case SCMP_ARCH_MIPS64N32:
|
||||||
|
case SCMP_ARCH_MIPSEL64:
|
||||||
|
case SCMP_ARCH_MIPS64:
|
||||||
|
+ case SCMP_ARCH_RISCV64:
|
||||||
|
/* These we know we support (i.e. are the ones that do not use socketcall()) */
|
||||||
|
supported = true;
|
||||||
|
break;
|
||||||
|
@@ -1579,7 +1586,7 @@ static int add_seccomp_syscall_filter(scmp_filter_ctx seccomp,
|
||||||
|
}
|
||||||
|
|
||||||
|
/* For known architectures, check that syscalls are indeed defined or not. */
|
||||||
|
-#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
|
||||||
|
+#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__riscv)
|
||||||
|
assert_cc(SCMP_SYS(shmget) > 0);
|
||||||
|
assert_cc(SCMP_SYS(shmat) > 0);
|
||||||
|
assert_cc(SCMP_SYS(shmdt) > 0);
|
||||||
|
@@ -1624,13 +1631,14 @@ int seccomp_memory_deny_write_execute(void) {
|
||||||
|
case SCMP_ARCH_X86_64:
|
||||||
|
case SCMP_ARCH_X32:
|
||||||
|
case SCMP_ARCH_AARCH64:
|
||||||
|
- filter_syscall = SCMP_SYS(mmap); /* amd64, x32 and arm64 have only mmap */
|
||||||
|
+ case SCMP_ARCH_RISCV64:
|
||||||
|
+ filter_syscall = SCMP_SYS(mmap); /* amd64, x32. arm64 and riscv64 have only mmap */
|
||||||
|
shmat_syscall = SCMP_SYS(shmat);
|
||||||
|
break;
|
||||||
|
|
||||||
|
/* Please add more definitions here, if you port systemd to other architectures! */
|
||||||
|
|
||||||
|
-#if !defined(__i386__) && !defined(__x86_64__) && !defined(__powerpc__) && !defined(__powerpc64__) && !defined(__arm__) && !defined(__aarch64__) && !defined(__s390__) && !defined(__s390x__)
|
||||||
|
+#if !defined(__i386__) && !defined(__x86_64__) && !defined(__powerpc__) && !defined(__powerpc64__) && !defined(__arm__) && !defined(__aarch64__) && !defined(__s390__) && !defined(__s390x__) && !defined(__riscv)
|
||||||
|
#warning "Consider adding the right mmap() syscall definitions here!"
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
diff --git a/src/test/test-execute.c b/src/test/test-execute.c
|
||||||
|
index 9ca0620..e673ea9 100644
|
||||||
|
--- a/src/test/test-execute.c
|
||||||
|
+++ b/src/test/test-execute.c
|
||||||
|
@@ -277,6 +277,9 @@ static void test_exec_personality(Manager *m) {
|
||||||
|
#elif defined(__aarch64__)
|
||||||
|
test(__func__, m, "exec-personality-aarch64.service", 0, CLD_EXITED);
|
||||||
|
|
||||||
|
+#elif defined(__riscv__) && __riscv_xlen == 64
|
||||||
|
+ test(__func__, m, "exec-personality-riscv64.service", 0, CLD_EXITED);
|
||||||
|
+
|
||||||
|
#elif defined(__i386__)
|
||||||
|
test(__func__, m, "exec-personality-x86.service", 0, CLD_EXITED);
|
||||||
|
#else
|
||||||
|
diff --git a/src/test/test-seccomp.c b/src/test/test-seccomp.c
|
||||||
|
index b685c2d..8647656 100644
|
||||||
|
--- a/src/test/test-seccomp.c
|
||||||
|
+++ b/src/test/test-seccomp.c
|
||||||
|
@@ -74,7 +74,8 @@ static void test_architecture_table(void) {
|
||||||
|
"ppc64\0"
|
||||||
|
"ppc64-le\0"
|
||||||
|
"s390\0"
|
||||||
|
- "s390x\0") {
|
||||||
|
+ "s390x\0"
|
||||||
|
+ "riscv64\0") {
|
||||||
|
uint32_t c;
|
||||||
|
|
||||||
|
assert_se(seccomp_arch_from_string(n, &c) >= 0);
|
||||||
|
@@ -538,7 +539,7 @@ static void test_memory_deny_write_execute_mmap(void) {
|
||||||
|
assert_se(seccomp_memory_deny_write_execute() >= 0);
|
||||||
|
|
||||||
|
p = mmap(NULL, page_size(), PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_ANONYMOUS, -1,0);
|
||||||
|
-#if defined(__x86_64__) || defined(__i386__) || defined(__powerpc64__) || defined(__arm__) || defined(__aarch64__)
|
||||||
|
+#if defined(__x86_64__) || defined(__i386__) || defined(__powerpc64__) || defined(__arm__) || defined(__aarch64__) || defined(__riscv)
|
||||||
|
assert_se(p == MAP_FAILED);
|
||||||
|
assert_se(errno == EPERM);
|
||||||
|
#endif
|
||||||
|
@@ -602,7 +603,7 @@ static void test_memory_deny_write_execute_shmat(void) {
|
||||||
|
|
||||||
|
p = shmat(shmid, NULL, SHM_EXEC);
|
||||||
|
log_debug_errno(p == MAP_FAILED ? errno : 0, "shmat(SHM_EXEC): %m");
|
||||||
|
-#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
|
||||||
|
+#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || defined(__riscv)
|
||||||
|
assert_se(p == MAP_FAILED);
|
||||||
|
assert_se(errno == EPERM);
|
||||||
|
#endif
|
||||||
|
diff --git a/test/test-execute/exec-personality-riscv64.service b/test/test-execute/exec-personality-riscv64.service
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000..ab20396
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/test/test-execute/exec-personality-riscv64.service
|
||||||
|
@@ -0,0 +1,7 @@
|
||||||
|
+[Unit]
|
||||||
|
+Description=Test for Personality=riscv64
|
||||||
|
+
|
||||||
|
+[Service]
|
||||||
|
+ExecStart=/bin/sh -c 'echo $(uname -m); exit $(test $(uname -m) = "riscv64")'
|
||||||
|
+Type=oneshot
|
||||||
|
+Personality=riscv64
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
@ -1,94 +0,0 @@
|
|||||||
From 1a83d7234e374e991235f4ef21c56998f93cb875 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
|
||||||
Date: Mon, 14 Sep 2020 08:58:54 +0200
|
|
||||||
Subject: [PATCH 4/4] test-path: use Type=exec
|
|
||||||
|
|
||||||
In general, Type=exec is superior to Type=simple. Let's not assume that
|
|
||||||
the service is started before it was really started.
|
|
||||||
---
|
|
||||||
test/test-path/path-changed.service | 2 +-
|
|
||||||
test/test-path/path-directorynotempty.service | 2 +-
|
|
||||||
test/test-path/path-exists.service | 2 +-
|
|
||||||
test/test-path/path-existsglob.service | 2 +-
|
|
||||||
test/test-path/path-makedirectory.service | 2 +-
|
|
||||||
test/test-path/path-modified.service | 2 +-
|
|
||||||
test/test-path/path-mycustomunit.service | 2 +-
|
|
||||||
7 files changed, 7 insertions(+), 7 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/test/test-path/path-changed.service b/test/test-path/path-changed.service
|
|
||||||
index fb465d76bb..b75552df4f 100644
|
|
||||||
--- a/test/test-path/path-changed.service
|
|
||||||
+++ b/test/test-path/path-changed.service
|
|
||||||
@@ -3,5 +3,5 @@ Description=Service Test for Path units
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
ExecStart=/bin/true
|
|
||||||
-Type=simple
|
|
||||||
+Type=exec
|
|
||||||
RemainAfterExit=true
|
|
||||||
diff --git a/test/test-path/path-directorynotempty.service b/test/test-path/path-directorynotempty.service
|
|
||||||
index fb465d76bb..b75552df4f 100644
|
|
||||||
--- a/test/test-path/path-directorynotempty.service
|
|
||||||
+++ b/test/test-path/path-directorynotempty.service
|
|
||||||
@@ -3,5 +3,5 @@ Description=Service Test for Path units
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
ExecStart=/bin/true
|
|
||||||
-Type=simple
|
|
||||||
+Type=exec
|
|
||||||
RemainAfterExit=true
|
|
||||||
diff --git a/test/test-path/path-exists.service b/test/test-path/path-exists.service
|
|
||||||
index fb465d76bb..b75552df4f 100644
|
|
||||||
--- a/test/test-path/path-exists.service
|
|
||||||
+++ b/test/test-path/path-exists.service
|
|
||||||
@@ -3,5 +3,5 @@ Description=Service Test for Path units
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
ExecStart=/bin/true
|
|
||||||
-Type=simple
|
|
||||||
+Type=exec
|
|
||||||
RemainAfterExit=true
|
|
||||||
diff --git a/test/test-path/path-existsglob.service b/test/test-path/path-existsglob.service
|
|
||||||
index fb465d76bb..b75552df4f 100644
|
|
||||||
--- a/test/test-path/path-existsglob.service
|
|
||||||
+++ b/test/test-path/path-existsglob.service
|
|
||||||
@@ -3,5 +3,5 @@ Description=Service Test for Path units
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
ExecStart=/bin/true
|
|
||||||
-Type=simple
|
|
||||||
+Type=exec
|
|
||||||
RemainAfterExit=true
|
|
||||||
diff --git a/test/test-path/path-makedirectory.service b/test/test-path/path-makedirectory.service
|
|
||||||
index fb465d76bb..b75552df4f 100644
|
|
||||||
--- a/test/test-path/path-makedirectory.service
|
|
||||||
+++ b/test/test-path/path-makedirectory.service
|
|
||||||
@@ -3,5 +3,5 @@ Description=Service Test for Path units
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
ExecStart=/bin/true
|
|
||||||
-Type=simple
|
|
||||||
+Type=exec
|
|
||||||
RemainAfterExit=true
|
|
||||||
diff --git a/test/test-path/path-modified.service b/test/test-path/path-modified.service
|
|
||||||
index fb465d76bb..b75552df4f 100644
|
|
||||||
--- a/test/test-path/path-modified.service
|
|
||||||
+++ b/test/test-path/path-modified.service
|
|
||||||
@@ -3,5 +3,5 @@ Description=Service Test for Path units
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
ExecStart=/bin/true
|
|
||||||
-Type=simple
|
|
||||||
+Type=exec
|
|
||||||
RemainAfterExit=true
|
|
||||||
diff --git a/test/test-path/path-mycustomunit.service b/test/test-path/path-mycustomunit.service
|
|
||||||
index bcdafe4f30..8fbc40d13f 100644
|
|
||||||
--- a/test/test-path/path-mycustomunit.service
|
|
||||||
+++ b/test/test-path/path-mycustomunit.service
|
|
||||||
@@ -3,5 +3,5 @@ Description=Service Test Path Unit
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
ExecStart=/bin/true
|
|
||||||
-Type=simple
|
|
||||||
+Type=exec
|
|
||||||
RemainAfterExit=true
|
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (systemd-246.6.tar.gz) = 1936b291d9831cf61f800fe718a4c2c2fe9b2a11fd817fe32bd48da2087a675dfc91013209a3478ea52e8ada593300ed906e248b8081dcf9141bf1cc17483ea9
|
SHA512 (systemd-246.15.tar.gz) = 71c8afb9de149b9f4b2f63c7a84e2ce2d897e90570692eaa75d8c99c345ad6cfc9717f93844ff1f582f65b7bdbb1166de1d4574cf6f4329edda8920a6c6bf536
|
||||||
|
@ -72,12 +72,10 @@ for file in files(buildroot):
|
|||||||
/machine.slice|
|
/machine.slice|
|
||||||
/machines.target|
|
/machines.target|
|
||||||
var-lib-machines.mount|
|
var-lib-machines.mount|
|
||||||
network/80-container|
|
|
||||||
network/80-vm|
|
|
||||||
org.freedesktop.(import|machine)1
|
org.freedesktop.(import|machine)1
|
||||||
''', n, re.X):
|
''', n, re.X):
|
||||||
o = o_container
|
o = o_container
|
||||||
elif re.search(r'''/usr/lib/systemd/network/..-wifi|
|
elif re.search(r'''/usr/lib/systemd/network/80-|
|
||||||
networkd|
|
networkd|
|
||||||
networkctl|
|
networkctl|
|
||||||
org.freedesktop.network1
|
org.freedesktop.network1
|
||||||
|
128
systemd.spec
128
systemd.spec
@ -20,8 +20,8 @@
|
|||||||
|
|
||||||
Name: systemd
|
Name: systemd
|
||||||
Url: https://www.freedesktop.org/wiki/Software/systemd
|
Url: https://www.freedesktop.org/wiki/Software/systemd
|
||||||
Version: 246.6
|
Version: 246.15
|
||||||
Release: 3%{?dist}
|
Release: 1.0.riscv64%{?dist}
|
||||||
# For a breakdown of the licensing, see README
|
# For a breakdown of the licensing, see README
|
||||||
License: LGPLv2+ and MIT and GPLv2+
|
License: LGPLv2+ and MIT and GPLv2+
|
||||||
Summary: System and Service Manager
|
Summary: System and Service Manager
|
||||||
@ -74,13 +74,14 @@ Patch0001: use-bfq-scheduler.patch
|
|||||||
Patch0002: 0001-Revert-test-path-increase-timeout.patch
|
Patch0002: 0001-Revert-test-path-increase-timeout.patch
|
||||||
Patch0003: 0002-test-path-more-debugging-information.patch
|
Patch0003: 0002-test-path-more-debugging-information.patch
|
||||||
Patch0004: 0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch
|
Patch0004: 0003-test-path-do-not-fail-the-test-if-we-fail-to-start-s.patch
|
||||||
Patch0005: 0004-test-path-use-Type-exec.patch
|
|
||||||
|
|
||||||
Patch0006: 0001-test-acl-util-output-more-debug-info.patch
|
Patch0006: 0001-test-acl-util-output-more-debug-info.patch
|
||||||
Patch0007: 0001-Do-not-assert-in-test_add_acls_for_user.patch
|
Patch0007: 0001-Do-not-assert-in-test_add_acls_for_user.patch
|
||||||
|
|
||||||
Patch0009: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch
|
Patch0009: https://github.com/systemd/systemd/pull/17050/commits/f58b96d3e8d1cb0dd3666bc74fa673918b586612.patch
|
||||||
|
|
||||||
|
Patch0040: 0001-Add-riscv-SECCOMP-support.patch
|
||||||
|
|
||||||
%ifarch %{ix86} x86_64 aarch64
|
%ifarch %{ix86} x86_64 aarch64
|
||||||
%global have_gnu_efi 1
|
%global have_gnu_efi 1
|
||||||
%endif
|
%endif
|
||||||
@ -140,8 +141,12 @@ BuildRequires: libseccomp-devel
|
|||||||
BuildRequires: meson >= 0.43
|
BuildRequires: meson >= 0.43
|
||||||
BuildRequires: gettext
|
BuildRequires: gettext
|
||||||
# We use RUNNING_ON_VALGRIND in tests, so the headers need to be available
|
# We use RUNNING_ON_VALGRIND in tests, so the headers need to be available
|
||||||
|
%ifarch %{valgrind_arches}
|
||||||
BuildRequires: valgrind-devel
|
BuildRequires: valgrind-devel
|
||||||
|
%endif
|
||||||
BuildRequires: pkgconfig(bash-completion)
|
BuildRequires: pkgconfig(bash-completion)
|
||||||
|
BuildRequires: perl
|
||||||
|
BuildRequires: perl(IPC::SysV)
|
||||||
|
|
||||||
Requires(post): coreutils
|
Requires(post): coreutils
|
||||||
Requires(post): sed
|
Requires(post): sed
|
||||||
@ -319,17 +324,16 @@ This package contains systemd-journal-gatewayd,
|
|||||||
systemd-journal-remote, and systemd-journal-upload.
|
systemd-journal-remote, and systemd-journal-upload.
|
||||||
|
|
||||||
%package networkd
|
%package networkd
|
||||||
Summary: A system service that manages network configurations
|
Summary: System daemon that manages network configurations
|
||||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||||
License: LGPLv2+
|
License: LGPLv2+
|
||||||
# https://src.fedoraproject.org/rpms/systemd/pull-request/34
|
# https://src.fedoraproject.org/rpms/systemd/pull-request/34
|
||||||
Obsoletes: systemd < 246.6-2
|
Obsoletes: systemd < 246.6-2
|
||||||
|
|
||||||
%description networkd
|
%description networkd
|
||||||
%{summary}.
|
systemd-networkd is a system service that manages networks. It detects
|
||||||
|
and configures network devices as they appear, as well as creating virtual
|
||||||
It detects and configures network devices as they appear,
|
network devices.
|
||||||
as well as creating virtual network devices.
|
|
||||||
|
|
||||||
%package tests
|
%package tests
|
||||||
Summary: Internal unit tests for systemd
|
Summary: Internal unit tests for systemd
|
||||||
@ -369,6 +373,7 @@ CONFIGURE_OPTS=(
|
|||||||
-Dsysvinit-path=/etc/rc.d/init.d
|
-Dsysvinit-path=/etc/rc.d/init.d
|
||||||
-Drc-local=/etc/rc.d/rc.local
|
-Drc-local=/etc/rc.d/rc.local
|
||||||
-Dntp-servers='0.%{ntpvendor}.pool.ntp.org 1.%{ntpvendor}.pool.ntp.org 2.%{ntpvendor}.pool.ntp.org 3.%{ntpvendor}.pool.ntp.org'
|
-Dntp-servers='0.%{ntpvendor}.pool.ntp.org 1.%{ntpvendor}.pool.ntp.org 2.%{ntpvendor}.pool.ntp.org 3.%{ntpvendor}.pool.ntp.org'
|
||||||
|
-Ddns-servers=
|
||||||
-Duser-path=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin
|
-Duser-path=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin
|
||||||
-Dservice-watchdog=
|
-Dservice-watchdog=
|
||||||
-Ddev-kvm-mode=0666
|
-Ddev-kvm-mode=0666
|
||||||
@ -602,9 +607,6 @@ getent group systemd-journal &>/dev/null || groupadd -r -g 190 systemd-journal 2
|
|||||||
getent group systemd-coredump &>/dev/null || groupadd -r systemd-coredump 2>&1 || :
|
getent group systemd-coredump &>/dev/null || groupadd -r systemd-coredump 2>&1 || :
|
||||||
getent passwd systemd-coredump &>/dev/null || useradd -r -l -g systemd-coredump -d / -s /sbin/nologin -c "systemd Core Dumper" systemd-coredump &>/dev/null || :
|
getent passwd systemd-coredump &>/dev/null || useradd -r -l -g systemd-coredump -d / -s /sbin/nologin -c "systemd Core Dumper" systemd-coredump &>/dev/null || :
|
||||||
|
|
||||||
getent group systemd-network &>/dev/null || groupadd -r -g 192 systemd-network 2>&1 || :
|
|
||||||
getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-network -d / -s /sbin/nologin -c "systemd Network Management" systemd-network &>/dev/null || :
|
|
||||||
|
|
||||||
getent group systemd-resolve &>/dev/null || groupadd -r -g 193 systemd-resolve 2>&1 || :
|
getent group systemd-resolve &>/dev/null || groupadd -r -g 193 systemd-resolve 2>&1 || :
|
||||||
getent passwd systemd-resolve &>/dev/null || useradd -r -u 193 -l -g systemd-resolve -d / -s /sbin/nologin -c "systemd Resolver" systemd-resolve &>/dev/null || :
|
getent passwd systemd-resolve &>/dev/null || useradd -r -u 193 -l -g systemd-resolve -d / -s /sbin/nologin -c "systemd Resolver" systemd-resolve &>/dev/null || :
|
||||||
|
|
||||||
@ -665,7 +667,17 @@ systemctl --global preset-all &>/dev/null || :
|
|||||||
# too before NetworkManager gets a chance. (systemd-tmpfiles invocation above
|
# too before NetworkManager gets a chance. (systemd-tmpfiles invocation above
|
||||||
# does not do this, because it's marked with ! and we don't specify --boot.)
|
# does not do this, because it's marked with ! and we don't specify --boot.)
|
||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1873856
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1873856
|
||||||
if systemctl -q is-enabled systemd-resolved.service &>/dev/null; then
|
#
|
||||||
|
# If systemd is not running, don't overwrite the symlink because that
|
||||||
|
# will immediately break DNS resolution, since systemd-resolved is
|
||||||
|
# also not running (https://bugzilla.redhat.com/show_bug.cgi?id=1891847).
|
||||||
|
#
|
||||||
|
# Also don't creat the symlink to the stub when the stub is disabled (#1891847 again).
|
||||||
|
if test -d /run/systemd/system/ &&
|
||||||
|
systemctl -q is-enabled systemd-resolved.service &>/dev/null &&
|
||||||
|
! mountpoint /etc/resolv.conf &>/dev/null &&
|
||||||
|
! systemd-analyze cat-config systemd/resolved.conf 2>/dev/null | \
|
||||||
|
grep -qE '^DNSStubListener\s*=\s*([nN][oO]?|[fF]|[fF][aA][lL][sS][eE]|0|[oO][fF][fF])$'; then
|
||||||
ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
|
ln -fsv ../run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -689,6 +701,7 @@ systemctl --no-reload preset systemd-resolved.service &>/dev/null || :
|
|||||||
if systemctl -q is-enabled systemd-resolved.service &>/dev/null; then
|
if systemctl -q is-enabled systemd-resolved.service &>/dev/null; then
|
||||||
systemctl -q is-enabled NetworkManager.service 2>/dev/null && \
|
systemctl -q is-enabled NetworkManager.service 2>/dev/null && \
|
||||||
! test -L /etc/resolv.conf 2>/dev/null && \
|
! test -L /etc/resolv.conf 2>/dev/null && \
|
||||||
|
! mountpoint /etc/resolv.conf &>/dev/null && \
|
||||||
grep -q 'Generated by NetworkManager' /etc/resolv.conf 2>/dev/null && \
|
grep -q 'Generated by NetworkManager' /etc/resolv.conf 2>/dev/null && \
|
||||||
echo -e '/etc/resolv.conf was generated by NetworkManager.\nRemoving it to let systemd-resolved manage this file.' && \
|
echo -e '/etc/resolv.conf was generated by NetworkManager.\nRemoving it to let systemd-resolved manage this file.' && \
|
||||||
mv -v /etc/resolv.conf /etc/resolv.conf.orig-with-nm && \
|
mv -v /etc/resolv.conf /etc/resolv.conf.orig-with-nm && \
|
||||||
@ -813,14 +826,29 @@ fi
|
|||||||
%systemd_postun_with_restart systemd-journal-upload.service
|
%systemd_postun_with_restart systemd-journal-upload.service
|
||||||
%firewalld_reload
|
%firewalld_reload
|
||||||
|
|
||||||
%preun networkd
|
%pre networkd
|
||||||
if [ $1 -eq 0 ] ; then
|
getent group systemd-network &>/dev/null || groupadd -r -g 192 systemd-network 2>&1 || :
|
||||||
systemctl disable --quiet \
|
getent passwd systemd-network &>/dev/null || useradd -r -u 192 -l -g systemd-network -d / -s /sbin/nologin -c "systemd Network Management" systemd-network &>/dev/null || :
|
||||||
systemd-networkd.service \
|
|
||||||
systemd-networkd-wait-online.service \
|
%post networkd
|
||||||
>/dev/null || :
|
# systemd-networkd was split out in systemd-246.6-2.
|
||||||
|
# Ideally, we would have a trigger scriptlet to record enablement
|
||||||
|
# state when upgrading from systemd <= systemd-246.6-1. But, AFAICS,
|
||||||
|
# rpm doesn't allow us to trigger on another package, short of
|
||||||
|
# querying the rpm database ourselves, which seems risky. For rpm,
|
||||||
|
# systemd and systemd-networkd are completely unrelated. So let's use
|
||||||
|
# a hack to detect if an old systemd version is currently present in
|
||||||
|
# the file system.
|
||||||
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1943263
|
||||||
|
if [ $1 -eq 1 ] && ls /usr/lib/systemd/libsystemd-shared-24[0-6].so &>/dev/null; then
|
||||||
|
echo "Skipping presets for systemd-networkd.service, seems we are upgrading from old systemd."
|
||||||
|
else
|
||||||
|
%systemd_post systemd-networkd.service systemd-networkd-wait-online.service
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
%preun networkd
|
||||||
|
%systemd_preun systemd-networkd.service systemd-networkd-wait-online.service
|
||||||
|
|
||||||
%global _docdir_fmt %{name}
|
%global _docdir_fmt %{name}
|
||||||
|
|
||||||
%files -f %{name}.lang -f .file-list-rest
|
%files -f %{name}.lang -f .file-list-rest
|
||||||
@ -868,6 +896,68 @@ fi
|
|||||||
%files standalone-sysusers -f .file-list-standalone-sysusers
|
%files standalone-sysusers -f .file-list-standalone-sysusers
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Jun 10 2022 David Abdurachmanov <davidlt@rivosinc.com> - 246.15-1.0.riscv64
|
||||||
|
- Add SECCOMP support for RISC-V 64-bit (riscv64)
|
||||||
|
|
||||||
|
* Tue Jul 20 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 246.15-1
|
||||||
|
- Various correctness and potential crash fixes (systemd-journald,
|
||||||
|
udev, systemctl, systemd, systemd-tmpfiles, systemd-resolved)
|
||||||
|
- Better handling of very long sysfs paths
|
||||||
|
- Compilation fixes for updated glibc and kernel headers
|
||||||
|
- Addition of new syscalls to seccomp filters
|
||||||
|
- Latvian and Spanish/Dvorak keyboard mappings
|
||||||
|
- Shell completion fixes
|
||||||
|
- Ignore FORCERENEW DHCP messages in systemd-networkd (TALOS-2020-1142,
|
||||||
|
CVE-2020-13529, #1959398)
|
||||||
|
- by-uuid symlinks for ubifs volumes are now created
|
||||||
|
- CVE-2021-33910, #1984020: an unchecked stack allocation could be used to
|
||||||
|
crash systemd and cause the system to reboot by creating a very long
|
||||||
|
fuse mountpoint path.
|
||||||
|
|
||||||
|
* Sat May 15 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 246.14-1
|
||||||
|
- Do not preset systemd-networkd.service and systemd-networkd-wait-online.service
|
||||||
|
on upgrades from before systemd-networkd was split out (#1943263)
|
||||||
|
- A bunch of patches for systemd-resolved (#1944171, #1949670)
|
||||||
|
- Fix for systemd-tmpfiles (#1944468)
|
||||||
|
- Various fixes for systemd, systemd-run, systemd-networkd, bootctl,
|
||||||
|
the shutdown sequence, documentation, logging, libsystemd, and shell
|
||||||
|
completions.
|
||||||
|
|
||||||
|
* Wed Mar 24 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 246.13-1
|
||||||
|
- Revert patch that seems to cause problems with dns resolution
|
||||||
|
- A few minor fixes
|
||||||
|
|
||||||
|
* Tue Mar 23 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 246.12-1
|
||||||
|
- Latest bugfix release (#1941335, some documentation and
|
||||||
|
minor memory-access-correctness fixes).
|
||||||
|
- Fix hang when processing timers during DST switch in Europe/Dublin timezone (#1941335)
|
||||||
|
|
||||||
|
* Fri Mar 12 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 246.11-1
|
||||||
|
- Latest bugfix release (#1933137, #1935084).
|
||||||
|
|
||||||
|
* Tue Feb 2 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 246.10-1
|
||||||
|
- Latest bugfix release (#1903106, #1895937).
|
||||||
|
- Fixes #1813219.
|
||||||
|
|
||||||
|
* Mon Jan 4 2021 Owen Taylor <otaylor@redhat.com> - 246.9-3
|
||||||
|
- Fix nss-resolve to properly fallback in a Flatpak sandbox
|
||||||
|
|
||||||
|
* Sat Jan 2 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 246.9-2
|
||||||
|
- Fix bfq patch again (#1813219)
|
||||||
|
|
||||||
|
* Wed Dec 16 2020 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 246.9-1
|
||||||
|
- Minor stable release
|
||||||
|
|
||||||
|
* Tue Dec 8 2020 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 246.7-2
|
||||||
|
- Rebuild with fallback hostname change reverted.
|
||||||
|
|
||||||
|
* Tue Dec 8 2020 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 246.7-1
|
||||||
|
- Update to latest stable release. Unfortunately this contains
|
||||||
|
a fairly large number of patches for a stable release (180+).
|
||||||
|
Fixes rhbz#1879216, rhbz#1890632, rhbz#1891847, rhbz#1885101.
|
||||||
|
- Unset fallback-hostname as plenty of applications expected localhost
|
||||||
|
to mean "default hostname" without ever standardising it (#1892235)
|
||||||
|
|
||||||
* Wed Sep 30 2020 Dusty Mabe <dusty@dustymabe.com> - 246.6-3
|
* Wed Sep 30 2020 Dusty Mabe <dusty@dustymabe.com> - 246.6-3
|
||||||
- Try to make files in subpackages (especially the networkd subpackage)
|
- Try to make files in subpackages (especially the networkd subpackage)
|
||||||
more appropriate.
|
more appropriate.
|
||||||
@ -889,6 +979,8 @@ fi
|
|||||||
- Update to latest stable release (a bunch of small network-related
|
- Update to latest stable release (a bunch of small network-related
|
||||||
fixes in systemd-networkd and socket handling, documentation updates,
|
fixes in systemd-networkd and socket handling, documentation updates,
|
||||||
a bunch of fixes for error handling).
|
a bunch of fixes for error handling).
|
||||||
|
|
||||||
|
* Sun Sep 13 2020 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 246.4-2
|
||||||
- Also remove existing file when creating /etc/resolv.conf symlink
|
- Also remove existing file when creating /etc/resolv.conf symlink
|
||||||
upon installation (#1873856 again)
|
upon installation (#1873856 again)
|
||||||
|
|
||||||
|
@ -20,11 +20,12 @@ new file mode 100644
|
|||||||
index 0000000000..480b941761
|
index 0000000000..480b941761
|
||||||
--- /dev/null
|
--- /dev/null
|
||||||
+++ b/rules.d/60-block-scheduler.rules
|
+++ b/rules.d/60-block-scheduler.rules
|
||||||
@@ -0,0 +1,5 @@
|
@@ -0,0 +1,6 @@
|
||||||
+# do not edit this file, it will be overwritten on update
|
+# do not edit this file, it will be overwritten on update
|
||||||
+
|
+
|
||||||
+ACTION=="add", SUBSYSTEM=="block", \
|
+ACTION=="add", SUBSYSTEM=="block", \
|
||||||
+ KERNEL=="mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|sd*[!0-9]|sr*", \
|
+ KERNEL=="mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|sd*[!0-9]|sr*", \
|
||||||
|
+ ENV{DEVTYPE}=="disk", \
|
||||||
+ ATTR{queue/scheduler}="bfq"
|
+ ATTR{queue/scheduler}="bfq"
|
||||||
diff --git a/rules.d/meson.build b/rules.d/meson.build
|
diff --git a/rules.d/meson.build b/rules.d/meson.build
|
||||||
index ca4445d774..38d6aa6970 100644
|
index ca4445d774..38d6aa6970 100644
|
||||||
|
Loading…
Reference in New Issue
Block a user