diff options
Diffstat (limited to 'external/poky/meta/recipes-core/systemd')
63 files changed, 5448 insertions, 0 deletions
diff --git a/external/poky/meta/recipes-core/systemd/systemd-boot_239.bb b/external/poky/meta/recipes-core/systemd/systemd-boot_239.bb new file mode 100644 index 00000000..2450d52c --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd-boot_239.bb @@ -0,0 +1,70 @@ +require systemd.inc +FILESEXTRAPATHS =. "${FILE_DIRNAME}/systemd:" + +DEPENDS = "intltool-native libcap util-linux gnu-efi gperf-native" + +SRC_URI += "file://0002-use-lnr-wrapper-instead-of-looking-for-relative-opti.patch \ + file://0006-remove-nobody-user-group-checking.patch \ + file://0001-Fix-to-run-efi_cc-and-efi_ld-correctly-when-cross-co.patch \ + file://0001-meson-rename-Ddebug-to-Ddebug-extra.patch \ + " + +inherit meson pkgconfig gettext +inherit deploy + +EFI_CC ?= "${CC}" +EXTRA_OEMESON += "-Defi=true \ + -Dgnu-efi=true \ + -Defi-includedir=${STAGING_INCDIR}/efi \ + -Defi-ldsdir=${STAGING_LIBDIR} \ + -Defi-libdir=${STAGING_LIBDIR} \ + -Dman=false \ + -Defi-cc='${EFI_CC}' \ + -Defi-ld='${LD}' \ + " + +# install to the image as boot*.efi if its the EFI_PROVIDER, +# otherwise install as the full name. +# This allows multiple bootloaders to coexist in a single image. +python __anonymous () { + import re + target = d.getVar('TARGET_ARCH') + prefix = "" if d.getVar('EFI_PROVIDER') == "systemd-boot" else "systemd-" + if target == "x86_64": + systemdimage = prefix + "bootx64.efi" + else: + systemdimage = prefix + "bootia32.efi" + d.setVar("SYSTEMD_BOOT_IMAGE", systemdimage) + prefix = "systemd-" if prefix == "" else "" + d.setVar("SYSTEMD_BOOT_IMAGE_PREFIX", prefix) +} + +FILES_${PN} = "/boot/EFI/BOOT/${SYSTEMD_BOOT_IMAGE}" + +RDEPENDS_${PN} += "virtual/systemd-bootconf" + +# Imported from the old gummiboot recipe +TUNE_CCARGS_remove = "-mfpmath=sse" +COMPATIBLE_HOST = "(x86_64.*|i.86.*)-linux" +COMPATIBLE_HOST_x86-x32 = "null" + +do_compile() { + SYSTEMD_BOOT_EFI_ARCH="ia32" + if [ "${TARGET_ARCH}" = "x86_64" ]; then + SYSTEMD_BOOT_EFI_ARCH="x64" + fi + + ninja src/boot/efi/${SYSTEMD_BOOT_IMAGE_PREFIX}${SYSTEMD_BOOT_IMAGE} +} + +do_install() { + install -d ${D}/boot + install -d ${D}/boot/EFI + install -d ${D}/boot/EFI/BOOT + install ${B}/src/boot/efi/systemd-boot*.efi ${D}/boot/EFI/BOOT/${SYSTEMD_BOOT_IMAGE} +} + +do_deploy () { + install ${B}/src/boot/efi/systemd-boot*.efi ${DEPLOYDIR} +} +addtask deploy before do_build after do_compile diff --git a/external/poky/meta/recipes-core/systemd/systemd-bootconf_1.00.bb b/external/poky/meta/recipes-core/systemd/systemd-bootconf_1.00.bb new file mode 100644 index 00000000..e9c24664 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd-bootconf_1.00.bb @@ -0,0 +1,31 @@ +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" +SUMMARY = "Basic systemd-boot configuration files" + +RPROVIDES_${PN} += "virtual/systemd-bootconf" + +inherit systemd-boot-cfg + +S = "${WORKDIR}" + +LABELS = "boot" + +ROOT ?= "root=/dev/sda2" +APPEND_append = " ${ROOT}" + +python do_configure() { + bb.build.exec_func('build_efi_cfg', d) +} + +do_configure[vardeps] += "APPEND" + +do_install() { + install -d ${D}/boot + install -d ${D}/boot/loader + install -d ${D}/boot/loader/entries + install loader.conf ${D}/boot/loader/ + rm loader.conf + install *.conf ${D}/boot/loader/entries/ +} + +FILES_${PN} = "/boot/loader/* /boot/loader/entries/*" diff --git a/external/poky/meta/recipes-core/systemd/systemd-compat-units.bb b/external/poky/meta/recipes-core/systemd/systemd-compat-units.bb new file mode 100644 index 00000000..d228a51c --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd-compat-units.bb @@ -0,0 +1,47 @@ +SUMMARY = "Enhances systemd compatilibity with existing SysVinit scripts" +HOMEPAGE = "http://www.freedesktop.org/wiki/Software/systemd" +LICENSE = "MIT" + +PR = "r29" + +PACKAGE_WRITE_DEPS += "systemd-systemctl-native" + +S = "${WORKDIR}" + +inherit distro_features_check + +ALLOW_EMPTY_${PN} = "1" + +REQUIRED_DISTRO_FEATURES = "systemd" + +SYSTEMD_DISABLED_SYSV_SERVICES = " \ + busybox-udhcpc \ + hwclock \ + networking \ + nfsserver \ + nfscommon \ + syslog.busybox \ +" + +pkg_postinst_${PN} () { + + cd $D${sysconfdir}/init.d || exit 0 + + echo "Disabling the following sysv scripts: " + + if [ -n "$D" ]; then + OPTS="--root=$D" + else + OPTS="" + fi + + for i in ${SYSTEMD_DISABLED_SYSV_SERVICES} ; do + if [ -e $i -o -e $i.sh ] && ! [ -e $D${sysconfdir}/systemd/system/$i.service -o -e $D${systemd_unitdir}/system/$i.service ] ; then + echo -n "$i: " + systemctl $OPTS mask $i.service + fi + done + echo +} + +RDEPENDS_${PN} = "systemd" diff --git a/external/poky/meta/recipes-core/systemd/systemd-conf.bb b/external/poky/meta/recipes-core/systemd/systemd-conf.bb new file mode 100644 index 00000000..9bb27fd9 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd-conf.bb @@ -0,0 +1,53 @@ +require systemd.inc + +SUMMARY = "Systemd system configuration" +DESCRIPTION = "Systemd may require slightly different configuration for \ +different machines. For example, qemu machines require a longer \ +DefaultTimeoutStartSec setting." + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +CONFFILES_${PN} = "${sysconfdir}/machine-id \ +${sysconfdir}/systemd/coredump.conf \ +${sysconfdir}/systemd/journald.conf \ +${sysconfdir}/systemd/logind.conf \ +${sysconfdir}/systemd/system.conf \ +${sysconfdir}/systemd/user.conf" + +FILES_${PN} = "${sysconfdir}/machine-id ${sysconfdir}/systemd" + +do_configure[noexec] = '1' +do_compile[noexec] = '1' + +do_install() { + rm -rf ${D}/${sysconfdir}/systemd + install -d ${D}/${sysconfdir}/systemd + + # Create machine-id + # 20:12 < mezcalero> koen: you have three options: a) run systemd-machine-id-setup at install time, b) have / read-only and an empty file there (for stateless) and c) boot with / writable + touch ${D}${sysconfdir}/machine-id + + install -m 0644 ${S}/src/coredump/coredump.conf ${D}${sysconfdir}/systemd/coredump.conf + + install -m 0644 ${S}/src/journal/journald.conf ${D}${sysconfdir}/systemd/journald.conf + # Enable journal to forward message to syslog daemon + sed -i -e 's/.*ForwardToSyslog.*/ForwardToSyslog=yes/' ${D}${sysconfdir}/systemd/journald.conf + # Set the maximium size of runtime journal to 64M as default + sed -i -e 's/.*RuntimeMaxUse.*/RuntimeMaxUse=64M/' ${D}${sysconfdir}/systemd/journald.conf + + install -m 0644 ${S}/src/login/logind.conf.in ${D}${sysconfdir}/systemd/logind.conf + # Set KILL_USER_PROCESSES to yes + sed -i -e 's/@KILL_USER_PROCESSES@/yes/' ${D}${sysconfdir}/systemd/logind.conf + + install -m 0644 ${S}/src/core/system.conf.in ${D}${sysconfdir}/systemd/system.conf + # Set MEMORY_ACCOUNTING_DEFAULT to yes + sed -i -e 's/@MEMORY_ACCOUNTING_DEFAULT@/yes/' ${D}${sysconfdir}/systemd/system.conf + + install -m 0644 ${S}/src/core/user.conf ${D}${sysconfdir}/systemd/user.conf +} + +# Based on change from YP bug 8141, OE commit 5196d7bacaef1076c361adaa2867be31759c1b52 +do_install_append_qemuall() { + # Change DefaultTimeoutStartSec from 90s to 240s + echo "DefaultTimeoutStartSec = 240s" >> ${D}${sysconfdir}/systemd/system.conf +} diff --git a/external/poky/meta/recipes-core/systemd/systemd-machine-units_1.0.bb b/external/poky/meta/recipes-core/systemd/systemd-machine-units_1.0.bb new file mode 100644 index 00000000..02756f43 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd-machine-units_1.0.bb @@ -0,0 +1,13 @@ +SUMMARY = "Machine specific systemd units" + +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +PACKAGE_ARCH = "${MACHINE_ARCH}" + +PR = "r19" + +inherit systemd +SYSTEMD_SERVICE_${PN} = "" + +ALLOW_EMPTY_${PN} = "1" diff --git a/external/poky/meta/recipes-core/systemd/systemd-serialgetty.bb b/external/poky/meta/recipes-core/systemd/systemd-serialgetty.bb new file mode 100644 index 00000000..65a931f4 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd-serialgetty.bb @@ -0,0 +1,50 @@ +SUMMARY = "Serial terminal support for systemd" +HOMEPAGE = "https://www.freedesktop.org/wiki/Software/systemd/" +LICENSE = "GPLv2+" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6" + +PR = "r5" + +SERIAL_CONSOLES ?= "115200;ttyS0" + +SRC_URI = "file://serial-getty@.service" + +S = "${WORKDIR}" + +# As this package is tied to systemd, only build it when we're also building systemd. +inherit distro_features_check +REQUIRED_DISTRO_FEATURES = "systemd" + +do_install() { + if [ ! -z "${SERIAL_CONSOLES}" ] ; then + default_baudrate=`echo "${SERIAL_CONSOLES}" | sed 's/\;.*//'` + install -d ${D}${systemd_unitdir}/system/ + install -d ${D}${sysconfdir}/systemd/system/getty.target.wants/ + install -m 0644 ${WORKDIR}/serial-getty@.service ${D}${systemd_unitdir}/system/ + sed -i -e s/\@BAUDRATE\@/$default_baudrate/g ${D}${systemd_unitdir}/system/serial-getty@.service + + tmp="${SERIAL_CONSOLES}" + for entry in $tmp ; do + baudrate=`echo $entry | sed 's/\;.*//'` + ttydev=`echo $entry | sed -e 's/^[0-9]*\;//' -e 's/\;.*//'` + if [ "$baudrate" = "$default_baudrate" ] ; then + # enable the service + ln -sf ${systemd_unitdir}/system/serial-getty@.service \ + ${D}${sysconfdir}/systemd/system/getty.target.wants/serial-getty@$ttydev.service + else + # install custom service file for the non-default baudrate + install -m 0644 ${WORKDIR}/serial-getty@.service ${D}${systemd_unitdir}/system/serial-getty$baudrate@.service + sed -i -e s/\@BAUDRATE\@/$baudrate/g ${D}${systemd_unitdir}/system/serial-getty$baudrate@.service + # enable the service + ln -sf ${systemd_unitdir}/system/serial-getty$baudrate@.service \ + ${D}${sysconfdir}/systemd/system/getty.target.wants/serial-getty$baudrate@$ttydev.service + fi + done + fi +} + +# This is a machine specific file +FILES_${PN} = "${systemd_unitdir}/system/*.service ${sysconfdir}" +PACKAGE_ARCH = "${MACHINE_ARCH}" + +ALLOW_EMPTY_${PN} = "1" diff --git a/external/poky/meta/recipes-core/systemd/systemd-serialgetty/serial-getty@.service b/external/poky/meta/recipes-core/systemd/systemd-serialgetty/serial-getty@.service new file mode 100644 index 00000000..e8b027e9 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd-serialgetty/serial-getty@.service @@ -0,0 +1,37 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Serial Getty on %I +Documentation=man:agetty(8) man:systemd-getty-generator(8) +Documentation=http://0pointer.de/blog/projects/serial-console.html +BindsTo=dev-%i.device +After=dev-%i.device systemd-user-sessions.service plymouth-quit-wait.service +After=rc-local.service + +# If additional gettys are spawned during boot then we should make +# sure that this is synchronized before getty.target, even though +# getty.target didn't actually pull it in. +Before=getty.target +IgnoreOnIsolate=yes + +[Service] +Environment="TERM=xterm" +ExecStart=-/sbin/agetty -8 -L %I @BAUDRATE@ $TERM +Type=idle +Restart=always +RestartSec=0 +UtmpIdentifier=%I +TTYPath=/dev/%I +TTYReset=yes +TTYVHangup=yes +KillMode=process +IgnoreSIGPIPE=no +SendSIGHUP=yes + +[Install] +WantedBy=getty.target diff --git a/external/poky/meta/recipes-core/systemd/systemd-systemctl-native.bb b/external/poky/meta/recipes-core/systemd/systemd-systemctl-native.bb new file mode 100644 index 00000000..fadc8433 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd-systemctl-native.bb @@ -0,0 +1,17 @@ +SUMMARY = "Wrapper for enabling systemd services" + +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" + +PR = "r6" + +inherit native + +SRC_URI = "file://systemctl" + +S = "${WORKDIR}" + +do_install() { + install -d ${D}${bindir} + install -m 0755 ${WORKDIR}/systemctl ${D}${bindir} +} diff --git a/external/poky/meta/recipes-core/systemd/systemd-systemctl/systemctl b/external/poky/meta/recipes-core/systemd/systemd-systemctl/systemctl new file mode 100755 index 00000000..2bc64896 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd-systemctl/systemctl @@ -0,0 +1,196 @@ +#!/bin/sh +echo "Started $0 $*" + +ROOT= + +# parse command line params +action= +while [ $# != 0 ]; do + opt="$1" + + case "$opt" in + enable) + shift + + action="$opt" + services="$1" + cmd_args="1" + shift + ;; + disable) + shift + + action="$opt" + services="$1" + cmd_args="1" + shift + ;; + mask) + shift + + action="$opt" + services="$1" + cmd_args="1" + shift + ;; + preset) + shift + + action="$opt" + services="$1" + cmd_args="1" + shift + ;; + --root=*) + ROOT=${opt##--root=} + cmd_args="0" + shift + ;; + *) + if [ "$cmd_args" = "1" ]; then + services="$services $opt" + shift + else + echo "'$opt' is an unkown option; exiting with error" + exit 1 + fi + ;; + esac +done +if [ "$action" = "preset" -a "$service_file" = "" ]; then + services=$(for f in `find $ROOT/etc/systemd/system $ROOT/lib/systemd/system $ROOT/usr/lib/systemd/system -type f 2>1`; do basename $f; done) + services="$services $opt" + presetall=1 +fi + +for service in $services; do + if [ "$presetall" = "1" ]; then + action="preset" + fi + if [ "$action" = "mask" ]; then + if [ ! -d $ROOT/etc/systemd/system/ ]; then + mkdir -p $ROOT/etc/systemd/system/ + fi + cmd="ln -s /dev/null $ROOT/etc/systemd/system/$service" + echo "$cmd" + $cmd + exit 0 + fi + + service_base_file=`echo $service | sed 's/\(@\).*\(\.[^.]\+\)/\1\2/'` + if [ -z `echo $service | sed '/@/p;d'` ]; then + echo "Try to find location of $service..." + service_template=false + else + echo "Try to find location of template $service_base_file of instance $service..." + service_template=true + instance_specified=`echo $service | sed 's/^.\+@\(.*\)\.[^.]\+/\1/'` + fi + + # find service file + for p in $ROOT/etc/systemd/system \ + $ROOT/lib/systemd/system \ + $ROOT/usr/lib/systemd/system; do + if [ -e $p/$service_base_file ]; then + service_file=$p/$service_base_file + service_file=${service_file##$ROOT} + fi + done + if [ -z "$service_file" ]; then + echo "'$service_base_file' couldn't be found; exiting with error" + exit 1 + fi + echo "Found $service in $service_file" + + # If any new unit types are added to systemd they should be added + # to this regular expression. + unit_types_re='\.\(service\|socket\|device\|mount\|automount\|swap\|target\|target\.wants\|path\|timer\|snapshot\)\s*$' + if [ "$action" = "preset" ]; then + action=`egrep -sh $service $ROOT/etc/systemd/user-preset/*.preset | cut -f1 -d' '` + if [ -z "$action" ]; then + globalpreset=`egrep -sh '\*' $ROOT/etc/systemd/user-preset/*.preset | cut -f1 -d' '` + if [ -n "$globalpreset" ]; then + action="$globalpreset" + else + action="enable" + fi + fi + fi + # create the required symbolic links + wanted_by=$(sed '/^WantedBy[[:space:]]*=/s,[^=]*=,,p;d' "$ROOT/$service_file" \ + | tr ',' '\n' \ + | grep "$unit_types_re") + + required_by=$(sed '/^RequiredBy[[:space:]]*=/s,[^=]*=,,p;d' "$ROOT/$service_file" \ + | tr ',' '\n' \ + | grep "$unit_types_re") + + for dependency in WantedBy RequiredBy; do + if [ "$dependency" = "WantedBy" ]; then + suffix="wants" + dependency_list="$wanted_by" + elif [ "$dependency" = "RequiredBy" ]; then + suffix="requires" + dependency_list="$required_by" + fi + for r in $dependency_list; do + echo "$dependency=$r found in $service" + if [ -n "$instance_specified" ]; then + # substitute wildcards in the dependency + r=`echo $r | sed "s/%i/$instance_specified/g"` + fi + + if [ "$action" = "enable" ]; then + enable_service=$service + if [ "$service_template" = true -a -z "$instance_specified" ]; then + default_instance=$(sed '/^DefaultInstance[[:space:]]*=/s,[^=]*=,,p;d' "$ROOT/$service_file") + if [ -z $default_instance ]; then + echo "Template unit without instance or DefaultInstance directive, nothing to enable" + continue + else + echo "Found DefaultInstance $default_instance, enabling it" + enable_service=$(echo $service | sed "s/@/@$(echo $default_instance | sed 's/\\/\\\\/g')/") + fi + fi + mkdir -p $ROOT/etc/systemd/system/$r.$suffix + ln -s $service_file $ROOT/etc/systemd/system/$r.$suffix/$enable_service + echo "Enabled $enable_service for $r." + else + if [ "$service_template" = true -a -z "$instance_specified" ]; then + disable_service="$ROOT/etc/systemd/system/$r.$suffix/`echo $service | sed 's/@/@*/'`" + else + disable_service="$ROOT/etc/systemd/system/$r.$suffix/$service" + fi + rm -f $disable_service + [ -d $ROOT/etc/systemd/system/$r.$suffix ] && rmdir --ignore-fail-on-non-empty -p $ROOT/etc/systemd/system/$r.$suffix + echo "Disabled ${disable_service##$ROOT/etc/systemd/system/$r.$suffix/} for $r." + fi + done + done + + # create the required symbolic 'Alias' links + alias=$(sed '/^Alias[[:space:]]*=/s,[^=]*=,,p;d' "$ROOT/$service_file" \ + | tr ',' '\n' \ + | grep "$unit_types_re") + + for r in $alias; do + if [ "$action" = "enable" ]; then + mkdir -p $ROOT/etc/systemd/system + ln -s $service_file $ROOT/etc/systemd/system/$r + echo "Enabled $service for $alias." + else + rm -f $ROOT/etc/systemd/system/$r + echo "Disabled $service for $alias." + fi + done + + # call us for the other required scripts + also=$(sed '/^Also[[:space:]]*=/s,[^=]*=,,p;d' "$ROOT/$service_file" \ + | tr ',' '\n') + for a in $also; do + echo "Also=$a found in $service" + if [ "$action" = "enable" ]; then + $0 --root=$ROOT enable $a + fi + done +done diff --git a/external/poky/meta/recipes-core/systemd/systemd.inc b/external/poky/meta/recipes-core/systemd/systemd.inc new file mode 100644 index 00000000..736e0a0e --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd.inc @@ -0,0 +1,21 @@ +SUMMARY = "A System and service manager" +HOMEPAGE = "http://www.freedesktop.org/wiki/Software/systemd" + +DESCRIPTION = "systemd is a system and service manager for Linux, compatible with \ +SysV and LSB init scripts. systemd provides aggressive parallelization \ +capabilities, uses socket and D-Bus activation for starting services, \ +offers on-demand starting of daemons, keeps track of processes using \ +Linux cgroups, supports snapshotting and restoring of the system \ +state, maintains mount and automount points and implements an \ +elaborate transactional dependency-based service control logic. It can \ +work as a drop-in replacement for sysvinit." + +LICENSE = "GPLv2 & LGPLv2.1" +LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ + file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c" + +SRCREV = "de7436b02badc82200dc127ff190b8155769b8e7" + +SRC_URI = "git://github.com/systemd/systemd.git;protocol=git" + +S = "${WORKDIR}/git" diff --git a/external/poky/meta/recipes-core/systemd/systemd/00-create-volatile.conf b/external/poky/meta/recipes-core/systemd/systemd/00-create-volatile.conf new file mode 100644 index 00000000..87cbe1e7 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/00-create-volatile.conf @@ -0,0 +1,7 @@ +#This goes hand-in-hand with the base-files of OE-Core. The file must +# be sorted before 'systemd.conf' becuase this attempts to create a file +# inside /var/log. + + +d /var/volatile/log - - - - +d /var/volatile/tmp 1777 - - diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-Fix-to-run-efi_cc-and-efi_ld-correctly-when-cross-co.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-Fix-to-run-efi_cc-and-efi_ld-correctly-when-cross-co.patch new file mode 100644 index 00000000..e2e19ba0 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-Fix-to-run-efi_cc-and-efi_ld-correctly-when-cross-co.patch @@ -0,0 +1,62 @@ +From 527413ec243564a89ffaad6368d446de44415970 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Tue, 27 Feb 2018 21:42:23 -0800 +Subject: [PATCH] Fix to run efi_cc and efi_ld correctly when cross-compiling + +When cross-compiling, efi_cc and efi_ld may take the form of +'xxx-gcc --sysroot=xxx', and this would cause run_command and +the alike fail. + +Fix to split them to make commands run correctly. + +Upstream-Status: Pending + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/boot/efi/meson.build | 16 +++++++++++++--- + 1 file changed, 13 insertions(+), 3 deletions(-) + +diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build +index 992a3ba4c..9f9ec4911 100644 +--- a/src/boot/efi/meson.build ++++ b/src/boot/efi/meson.build +@@ -157,7 +157,7 @@ if have_gnu_efi + o_file = custom_target(file + '.o', + input : file, + output : file + '.o', +- command : [efi_cc, '-c', '@INPUT@', '-o', '@OUTPUT@'] ++ command : efi_cc.split() + ['-c', '@INPUT@', '-o', '@OUTPUT@'] + + compile_args, + depend_files : efi_headers) + if (common_sources + systemd_boot_sources).contains(file) +@@ -168,7 +168,17 @@ if have_gnu_efi + endif + endforeach + +- libgcc_file_name = run_command(efi_cc, '-print-libgcc-file-name').stdout().strip() ++ find_libgcc_cmd_all = efi_cc + ' -print-libgcc-file-name' ++ find_libgcc_cmd = find_libgcc_cmd_all.split()[0] ++ find_libgcc_args = [] ++ cmd_args_all = find_libgcc_cmd_all.split() ++ foreach arg : cmd_args_all ++ if arg != find_libgcc_cmd ++ find_libgcc_args += arg ++ endif ++ endforeach ++ ++ libgcc_file_name = run_command(find_libgcc_cmd, find_libgcc_args).stdout().strip() + systemd_boot_efi_name = 'systemd-boot@0@.efi'.format(EFI_MACHINE_TYPE_NAME) + stub_efi_name = 'linux@0@.efi.stub'.format(EFI_MACHINE_TYPE_NAME) + no_undefined_symbols = find_program('no-undefined-symbols.sh') +@@ -179,7 +189,7 @@ if have_gnu_efi + tuple[0], + input : tuple[2], + output : tuple[0], +- command : [efi_ld, '-o', '@OUTPUT@'] + ++ command : efi_ld.split() + ['-o', '@OUTPUT@'] + + efi_ldflags + tuple[2] + + ['-lefi', '-lgnuefi', libgcc_file_name]) + +-- +2.13.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-Remove-fstack-protector-flags-to-workaround-musl-bui.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-Remove-fstack-protector-flags-to-workaround-musl-bui.patch new file mode 100644 index 00000000..d745800c --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-Remove-fstack-protector-flags-to-workaround-musl-bui.patch @@ -0,0 +1,33 @@ +From 9e3816bcaa36e1a11647ca0cf4f8044449c77fe0 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Mon, 2 Jul 2018 15:28:22 +0800 +Subject: [PATCH] Remove fstack-protector flags to workaround musl build + +Remove fstack-protector and fstack-protector-strong flags to fix +the following build failure for qemux86 and qemuppc with musl. + + undefined reference to `__stack_chk_fail_local' + +Upstream-Status: Inappropriate [musl Specific] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + meson.build | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/meson.build b/meson.build +index f432ea072..a734a295c 100644 +--- a/meson.build ++++ b/meson.build +@@ -333,8 +333,6 @@ possible_cc_flags = [ + '-fdiagnostics-show-option', + '-fno-strict-aliasing', + '-fvisibility=hidden', +- '-fstack-protector', +- '-fstack-protector-strong', + '--param=ssp-buffer-size=4', + ] + +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch new file mode 100644 index 00000000..7fd6d018 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch @@ -0,0 +1,36 @@ +From 1e190dfd5bb95036f937ef1dc46f43eb0a146612 Mon Sep 17 00:00:00 2001 +From: Thomas Hindoe Paaboel Andersen <phomes@gmail.com> +Date: Fri, 17 Aug 2018 21:31:05 +0200 +Subject: [PATCH] Revert "sysctl.d: request ECN on both in and outgoing + connections" + +Turning on ECN still causes slow or broken network on linux. Our tcp +is not yet ready for wide spread use of ECN. + +This reverts commit 919472741dba6ad0a3f6c2b76d390a02d0e2fdc3. + +https://github.com/systemd/systemd/issues/9748 + +Upstream-Status: Backport +Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> +--- + sysctl.d/50-default.conf | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/sysctl.d/50-default.conf b/sysctl.d/50-default.conf +index b67ae87ca6b7..e263cf06284a 100644 +--- a/sysctl.d/50-default.conf ++++ b/sysctl.d/50-default.conf +@@ -33,9 +33,6 @@ net.ipv4.conf.all.promote_secondaries = 1 + # Fair Queue CoDel packet scheduler to fight bufferbloat + net.core.default_qdisc = fq_codel + +-# Request Explicit Congestion Notification (ECN) on both in and outgoing connections +-net.ipv4.tcp_ecn = 1 +- + # Enable hard and soft link protection + fs.protected_hardlinks = 1 + fs.protected_symlinks = 1 +-- +2.7.4 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-Use-getenv-when-secure-versions-are-not-available.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-Use-getenv-when-secure-versions-are-not-available.patch new file mode 100644 index 00000000..03f6ead1 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-Use-getenv-when-secure-versions-are-not-available.patch @@ -0,0 +1,33 @@ +From 6dd136512896979feb6883a16226d640a7e5ca74 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Fri, 23 Feb 2018 10:04:48 +0800 +Subject: [PATCH 01/19] Use getenv when secure versions are not available + +musl doesnt implement secure version, so we default +to it if configure does not detect a secure implementation + +Signed-off-by: Khem Raj <raj.khem@gmail.com> + +Upstream-Status: Denied + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/basic/missing.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/missing.h b/src/basic/missing.h +index 71a07d057..0e33abb9f 100644 +--- a/src/basic/missing.h ++++ b/src/basic/missing.h +@@ -592,7 +592,7 @@ struct btrfs_ioctl_quota_ctl_args { + # if HAVE___SECURE_GETENV + # define secure_getenv __secure_getenv + # else +-# error "neither secure_getenv nor __secure_getenv are available" ++# define secure_getenv getenv + # endif + #endif + +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch new file mode 100644 index 00000000..e24e7f83 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch @@ -0,0 +1,81 @@ +From 87dd61be2e28e78ce4f9f173794812e6c2d904d1 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Wed, 27 Jun 2018 16:01:22 +0800 +Subject: [PATCH 1/9] binfmt: Don't install dependency links at install time + for the binfmt services + +use [Install] blocks so that they get created when the service is enabled +like a traditional service. + +The [Install] blocks were rejected upstream as they don't have a way to +"enable" it on install without static symlinks which can't be disabled, +only masked. We however can do that in a postinst. + +Upstream-Status: Denied + +Signed-off-by: Ross Burton <ross.burton@intel.com> +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + units/meson.build | 6 ++---- + units/proc-sys-fs-binfmt_misc.automount | 3 +++ + units/systemd-binfmt.service.in | 4 ++++ + 3 files changed, 9 insertions(+), 4 deletions(-) + +diff --git a/units/meson.build b/units/meson.build +index e4ac6ced6..698734e44 100644 +--- a/units/meson.build ++++ b/units/meson.build +@@ -46,8 +46,7 @@ units = [ + ['poweroff.target', '', + 'runlevel0.target'], + ['printer.target', ''], +- ['proc-sys-fs-binfmt_misc.automount', 'ENABLE_BINFMT', +- 'sysinit.target.wants/'], ++ ['proc-sys-fs-binfmt_misc.automount', 'ENABLE_BINFMT'], + ['proc-sys-fs-binfmt_misc.mount', 'ENABLE_BINFMT'], + ['reboot.target', '', + 'runlevel6.target ctrl-alt-del.target'], +@@ -130,8 +129,7 @@ in_units = [ + ['systemd-ask-password-console.service', ''], + ['systemd-ask-password-wall.service', ''], + ['systemd-backlight@.service', 'ENABLE_BACKLIGHT'], +- ['systemd-binfmt.service', 'ENABLE_BINFMT', +- 'sysinit.target.wants/'], ++ ['systemd-binfmt.service', 'ENABLE_BINFMT'], + ['systemd-coredump@.service', 'ENABLE_COREDUMP'], + ['systemd-exit.service', ''], + ['systemd-firstboot.service', 'ENABLE_FIRSTBOOT', +diff --git a/units/proc-sys-fs-binfmt_misc.automount b/units/proc-sys-fs-binfmt_misc.automount +index 30a6bc991..4231f3b70 100644 +--- a/units/proc-sys-fs-binfmt_misc.automount ++++ b/units/proc-sys-fs-binfmt_misc.automount +@@ -18,3 +18,6 @@ ConditionPathIsReadWrite=/proc/sys/ + + [Automount] + Where=/proc/sys/fs/binfmt_misc ++ ++[Install] ++WantedBy=sysinit.target +diff --git a/units/systemd-binfmt.service.in b/units/systemd-binfmt.service.in +index e940c7c9a..6be7f5cc9 100644 +--- a/units/systemd-binfmt.service.in ++++ b/units/systemd-binfmt.service.in +@@ -14,6 +14,7 @@ Documentation=https://www.kernel.org/doc/html/latest/admin-guide/binfmt-misc.htm + Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems + DefaultDependencies=no + Conflicts=shutdown.target ++Wants=proc-sys-fs-binfmt_misc.automount + After=proc-sys-fs-binfmt_misc.automount + Before=sysinit.target shutdown.target + ConditionPathIsReadWrite=/proc/sys/ +@@ -28,3 +29,6 @@ Type=oneshot + RemainAfterExit=yes + ExecStart=@rootlibexecdir@/systemd-binfmt + TimeoutSec=90s ++ ++[Install] ++WantedBy=sysinit.target +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-chown-recursive-let-s-rework-the-recursive-logic-to-.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-chown-recursive-let-s-rework-the-recursive-logic-to-.patch new file mode 100644 index 00000000..9d350eba --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-chown-recursive-let-s-rework-the-recursive-logic-to-.patch @@ -0,0 +1,219 @@ +From 2da8ba3f507345d0401ea9d7191fa16ffa560ebc Mon Sep 17 00:00:00 2001 +From: Lennart Poettering <lennart@poettering.net> +Date: Fri, 19 Oct 2018 11:26:59 +0200 +Subject: [PATCH] chown-recursive: let's rework the recursive logic to use + O_PATH + +That way we can pin a specific inode and analyze it and manipulate it +without it being swapped out beneath our hands. + +Fixes a vulnerability originally found by Jann Horn from Google. + +CVE-2018-15687 +LP: #1796692 +https://bugzilla.redhat.com/show_bug.cgi?id=1639076 + +(cherry picked from commit 5de6cce58b3e8b79239b6e83653459d91af6e57c) + +CVE: CVE-2018-15687 +Upstream-Status: Backport + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/core/chown-recursive.c | 146 ++++++++++++++++++++++----------------------- + 1 file changed, 70 insertions(+), 76 deletions(-) + +diff --git a/src/core/chown-recursive.c b/src/core/chown-recursive.c +index c479450..27c6448 100644 +--- a/src/core/chown-recursive.c ++++ b/src/core/chown-recursive.c +@@ -1,17 +1,19 @@ + /* SPDX-License-Identifier: LGPL-2.1+ */ + +-#include <sys/types.h> +-#include <sys/stat.h> + #include <fcntl.h> ++#include <sys/stat.h> ++#include <sys/types.h> + +-#include "user-util.h" +-#include "macro.h" +-#include "fd-util.h" +-#include "dirent-util.h" + #include "chown-recursive.h" ++#include "dirent-util.h" ++#include "fd-util.h" ++#include "macro.h" ++#include "stdio-util.h" ++#include "strv.h" ++#include "user-util.h" + +-static int chown_one(int fd, const char *name, const struct stat *st, uid_t uid, gid_t gid) { +- int r; ++static int chown_one(int fd, const struct stat *st, uid_t uid, gid_t gid) { ++ char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1]; + + assert(fd >= 0); + assert(st); +@@ -20,90 +22,82 @@ static int chown_one(int fd, const char *name, const struct stat *st, uid_t uid, + (!gid_is_valid(gid) || st->st_gid == gid)) + return 0; + +- if (name) +- r = fchownat(fd, name, uid, gid, AT_SYMLINK_NOFOLLOW); +- else +- r = fchown(fd, uid, gid); +- if (r < 0) +- return -errno; ++ /* We change ownership through the /proc/self/fd/%i path, so that we have a stable reference that works with ++ * O_PATH. (Note: fchown() and fchmod() do not work with O_PATH, the kernel refuses that. */ ++ xsprintf(procfs_path, "/proc/self/fd/%i", fd); + +- /* The linux kernel alters the mode in some cases of chown(). Let's undo this. */ +- if (name) { +- if (!S_ISLNK(st->st_mode)) +- r = fchmodat(fd, name, st->st_mode, 0); +- else /* There's currently no AT_SYMLINK_NOFOLLOW for fchmodat() */ +- r = 0; +- } else +- r = fchmod(fd, st->st_mode); +- if (r < 0) ++ if (chown(procfs_path, uid, gid) < 0) + return -errno; + ++ /* The linux kernel alters the mode in some cases of chown(). Let's undo this. We do this only for non-symlinks ++ * however. That's because for symlinks the access mode is ignored anyway and because on some kernels/file ++ * systems trying to change the access mode will succeed but has no effect while on others it actively ++ * fails. */ ++ if (!S_ISLNK(st->st_mode)) ++ if (chmod(procfs_path, st->st_mode & 07777) < 0) ++ return -errno; ++ + return 1; + } + + static int chown_recursive_internal(int fd, const struct stat *st, uid_t uid, gid_t gid) { ++ _cleanup_closedir_ DIR *d = NULL; + bool changed = false; ++ struct dirent *de; + int r; + + assert(fd >= 0); + assert(st); + +- if (S_ISDIR(st->st_mode)) { +- _cleanup_closedir_ DIR *d = NULL; +- struct dirent *de; +- +- d = fdopendir(fd); +- if (!d) { +- r = -errno; +- goto finish; +- } +- fd = -1; +- +- FOREACH_DIRENT_ALL(de, d, r = -errno; goto finish) { +- struct stat fst; +- +- if (dot_or_dot_dot(de->d_name)) +- continue; +- +- if (fstatat(dirfd(d), de->d_name, &fst, AT_SYMLINK_NOFOLLOW) < 0) { +- r = -errno; +- goto finish; +- } +- +- if (S_ISDIR(fst.st_mode)) { +- int subdir_fd; +- +- subdir_fd = openat(dirfd(d), de->d_name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME); +- if (subdir_fd < 0) { +- r = -errno; +- goto finish; +- } +- +- r = chown_recursive_internal(subdir_fd, &fst, uid, gid); +- if (r < 0) +- goto finish; +- if (r > 0) +- changed = true; +- } else { +- r = chown_one(dirfd(d), de->d_name, &fst, uid, gid); +- if (r < 0) +- goto finish; +- if (r > 0) +- changed = true; +- } ++ d = fdopendir(fd); ++ if (!d) { ++ safe_close(fd); ++ return -errno; ++ } ++ ++ FOREACH_DIRENT_ALL(de, d, return -errno) { ++ _cleanup_close_ int path_fd = -1; ++ struct stat fst; ++ ++ if (dot_or_dot_dot(de->d_name)) ++ continue; ++ ++ /* Let's pin the child inode we want to fix now with an O_PATH fd, so that it cannot be swapped out ++ * while we manipulate it. */ ++ path_fd = openat(dirfd(d), de->d_name, O_PATH|O_CLOEXEC|O_NOFOLLOW); ++ if (path_fd < 0) ++ return -errno; ++ ++ if (fstat(path_fd, &fst) < 0) ++ return -errno; ++ ++ if (S_ISDIR(fst.st_mode)) { ++ int subdir_fd; ++ ++ /* Convert it to a "real" (i.e. non-O_PATH) fd now */ ++ subdir_fd = fd_reopen(path_fd, O_RDONLY|O_CLOEXEC|O_NOATIME); ++ if (subdir_fd < 0) ++ return subdir_fd; ++ ++ r = chown_recursive_internal(subdir_fd, &fst, uid, gid); /* takes possession of subdir_fd even on failure */ ++ if (r < 0) ++ return r; ++ if (r > 0) ++ changed = true; ++ } else { ++ r = chown_one(path_fd, &fst, uid, gid); ++ if (r < 0) ++ return r; ++ if (r > 0) ++ changed = true; + } ++ } + +- r = chown_one(dirfd(d), NULL, st, uid, gid); +- } else +- r = chown_one(fd, NULL, st, uid, gid); ++ r = chown_one(dirfd(d), st, uid, gid); + if (r < 0) +- goto finish; ++ return r; + +- r = r > 0 || changed; +- +-finish: +- safe_close(fd); +- return r; ++ return r > 0 || changed; + } + + int path_chown_recursive(const char *path, uid_t uid, gid_t gid) { +@@ -111,7 +105,7 @@ int path_chown_recursive(const char *path, uid_t uid, gid_t gid) { + struct stat st; + int r; + +- fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME); ++ fd = open(path, O_RDONLY|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME); + if (fd < 0) + return -errno; + +-- +2.7.4 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-core-when-deserializing-state-always-use-read_line-L.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-core-when-deserializing-state-always-use-read_line-L.patch new file mode 100644 index 00000000..215d6807 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-core-when-deserializing-state-always-use-read_line-L.patch @@ -0,0 +1,250 @@ +From 1a05ff4948d778280ec155a9abe69d3360bfddd9 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering <lennart@poettering.net> +Date: Wed, 17 Oct 2018 18:36:24 +0200 +Subject: [PATCH] =?UTF-8?q?core:=20when=20deserializing=20state=20always?= + =?UTF-8?q?=20use=20read=5Fline(=E2=80=A6,=20LONG=5FLINE=5FMAX,=20?= + =?UTF-8?q?=E2=80=A6)?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This should be much better than fgets(), as we can read substantially +longer lines and overly long lines result in proper errors. + +Fixes a vulnerability discovered by Jann Horn at Google. + +CVE-2018-15686 +LP: #1796402 +https://bugzilla.redhat.com/show_bug.cgi?id=1639071 + +(cherry picked from commit 8948b3415d762245ebf5e19d80b97d4d8cc208c1) + +CVE: CVE-2018-15686 +Upstream-Status: Backport + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/core/job.c | 19 +++++++++++-------- + src/core/manager.c | 44 ++++++++++++++++++++------------------------ + src/core/unit.c | 34 ++++++++++++++++++---------------- + src/core/unit.h | 2 +- + 4 files changed, 50 insertions(+), 49 deletions(-) + +diff --git a/src/core/job.c b/src/core/job.c +index 734756b..8552ffb 100644 +--- a/src/core/job.c ++++ b/src/core/job.c +@@ -10,6 +10,7 @@ + #include "dbus-job.h" + #include "dbus.h" + #include "escape.h" ++#include "fileio.h" + #include "job.h" + #include "log.h" + #include "macro.h" +@@ -1091,24 +1092,26 @@ int job_serialize(Job *j, FILE *f) { + } + + int job_deserialize(Job *j, FILE *f) { ++ int r; ++ + assert(j); + assert(f); + + for (;;) { +- char line[LINE_MAX], *l, *v; ++ _cleanup_free_ char *line = NULL; ++ char *l, *v; + size_t k; + +- if (!fgets(line, sizeof(line), f)) { +- if (feof(f)) +- return 0; +- return -errno; +- } ++ r = read_line(f, LONG_LINE_MAX, &line); ++ if (r < 0) ++ return log_error_errno(r, "Failed to read serialization line: %m"); ++ if (r == 0) ++ return 0; + +- char_array_0(line); + l = strstrip(line); + + /* End marker */ +- if (l[0] == 0) ++ if (isempty(l)) + return 0; + + k = strcspn(l, "="); +diff --git a/src/core/manager.c b/src/core/manager.c +index 3a7f0c4..a5780c9 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -3171,22 +3171,19 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) { + m->n_reloading++; + + for (;;) { +- char line[LINE_MAX]; ++ _cleanup_free_ char *line = NULL; + const char *val, *l; + +- if (!fgets(line, sizeof(line), f)) { +- if (feof(f)) +- r = 0; +- else +- r = -errno; +- ++ r = read_line(f, LONG_LINE_MAX, &line); ++ if (r < 0) { ++ log_error_errno(r, "Failed to read serialization line: %m"); + goto finish; + } ++ if (r == 0) ++ break; + +- char_array_0(line); + l = strstrip(line); +- +- if (l[0] == 0) ++ if (isempty(l)) /* end marker */ + break; + + if ((val = startswith(l, "current-job-id="))) { +@@ -3353,29 +3350,31 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) { + } + + for (;;) { +- Unit *u; +- char name[UNIT_NAME_MAX+2]; ++ _cleanup_free_ char *line = NULL; + const char* unit_name; ++ Unit *u; + + /* Start marker */ +- if (!fgets(name, sizeof(name), f)) { +- if (feof(f)) +- r = 0; +- else +- r = -errno; +- ++ r = read_line(f, LONG_LINE_MAX, &line); ++ if (r < 0) { ++ log_error_errno(r, "Failed to read serialization line: %m"); + goto finish; + } ++ if (r == 0) ++ break; + +- char_array_0(name); +- unit_name = strstrip(name); ++ unit_name = strstrip(line); + + r = manager_load_unit(m, unit_name, NULL, NULL, &u); + if (r < 0) { + log_notice_errno(r, "Failed to load unit \"%s\", skipping deserialization: %m", unit_name); + if (r == -ENOMEM) + goto finish; +- unit_deserialize_skip(f); ++ ++ r = unit_deserialize_skip(f); ++ if (r < 0) ++ goto finish; ++ + continue; + } + +@@ -3388,9 +3387,6 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) { + } + + finish: +- if (ferror(f)) +- r = -EIO; +- + assert(m->n_reloading > 0); + m->n_reloading--; + +diff --git a/src/core/unit.c b/src/core/unit.c +index 7da963a..e98c9c4 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -3380,21 +3380,19 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) { + assert(fds); + + for (;;) { +- char line[LINE_MAX], *l, *v; ++ _cleanup_free_ char *line = NULL; + CGroupIPAccountingMetric m; ++ char *l, *v; + size_t k; + +- if (!fgets(line, sizeof(line), f)) { +- if (feof(f)) +- return 0; +- return -errno; +- } ++ r = read_line(f, LONG_LINE_MAX, &line); ++ if (r < 0) ++ return log_error_errno(r, "Failed to read serialization line: %m"); ++ if (r == 0) /* eof */ ++ break; + +- char_array_0(line); + l = strstrip(line); +- +- /* End marker */ +- if (isempty(l)) ++ if (isempty(l)) /* End marker */ + break; + + k = strcspn(l, "="); +@@ -3671,23 +3669,27 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) { + return 0; + } + +-void unit_deserialize_skip(FILE *f) { ++int unit_deserialize_skip(FILE *f) { ++ int r; + assert(f); + + /* Skip serialized data for this unit. We don't know what it is. */ + + for (;;) { +- char line[LINE_MAX], *l; ++ _cleanup_free_ char *line = NULL; ++ char *l; + +- if (!fgets(line, sizeof line, f)) +- return; ++ r = read_line(f, LONG_LINE_MAX, &line); ++ if (r < 0) ++ return log_error_errno(r, "Failed to read serialization line: %m"); ++ if (r == 0) ++ return 0; + +- char_array_0(line); + l = strstrip(line); + + /* End marker */ + if (isempty(l)) +- return; ++ return 1; + } + } + +diff --git a/src/core/unit.h b/src/core/unit.h +index 06321bb..51c7aaa 100644 +--- a/src/core/unit.h ++++ b/src/core/unit.h +@@ -684,7 +684,7 @@ bool unit_can_serialize(Unit *u) _pure_; + + int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs); + int unit_deserialize(Unit *u, FILE *f, FDSet *fds); +-void unit_deserialize_skip(FILE *f); ++int unit_deserialize_skip(FILE *f); + + int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value); + int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value); +-- +2.7.4 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch new file mode 100644 index 00000000..0c912f25 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch @@ -0,0 +1,39 @@ +From a2622b8398ba026faf481f5eddeb53231d9de4a7 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering <lennart@poettering.net> +Date: Fri, 19 Oct 2018 12:12:33 +0200 +Subject: [PATCH] dhcp6: make sure we have enough space for the DHCP6 option + header + +Fixes a vulnerability originally discovered by Felix Wilhelm from +Google. + +CVE-2018-15688 +LP: #1795921 +https://bugzilla.redhat.com/show_bug.cgi?id=1639067 + +(cherry picked from commit 4dac5eaba4e419b29c97da38a8b1f82336c2c892) + +CVE: CVE-2018-15688 +Upstream-Status: Backport + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/libsystemd-network/dhcp6-option.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libsystemd-network/dhcp6-option.c b/src/libsystemd-network/dhcp6-option.c +index c4b402b..dcbaad0 100644 +--- a/src/libsystemd-network/dhcp6-option.c ++++ b/src/libsystemd-network/dhcp6-option.c +@@ -103,7 +103,7 @@ int dhcp6_option_append_ia(uint8_t **buf, size_t *buflen, DHCP6IA *ia) { + return -EINVAL; + } + +- if (*buflen < len) ++ if (*buflen < offsetof(DHCP6Option, data) + len) + return -ENOBUFS; + + ia_hdr = *buf; +-- +2.7.4 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-login-use-parse_uid-when-unmounting-user-runtime-dir.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-login-use-parse_uid-when-unmounting-user-runtime-dir.patch new file mode 100644 index 00000000..ba08e345 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-login-use-parse_uid-when-unmounting-user-runtime-dir.patch @@ -0,0 +1,110 @@ +From 86d18f3b09ec984ef3732567af992adb2dc77a8a Mon Sep 17 00:00:00 2001 +From: Yu Watanabe <watanabe.yu+github@gmail.com> +Date: Mon, 9 Jul 2018 14:05:20 +0900 +Subject: [PATCH] login: use parse_uid() when unmounting user runtime directory + +When unmounting user runtime directory, only UID is necessary, +and the corresponding user may not exist anymore. +This makes first try to parse the input by parse_uid(), and only if it +fails, prase the input by get_user_creds(). + +Fixes #9541. + +Upstream-Status: Backport +--- + src/login/user-runtime-dir.c | 57 ++++++++++++++++++++++++++++---------------- + 1 file changed, 36 insertions(+), 21 deletions(-) + +diff --git a/src/login/user-runtime-dir.c b/src/login/user-runtime-dir.c +index 1bb26c99e..de4061c75 100644 +--- a/src/login/user-runtime-dir.c ++++ b/src/login/user-runtime-dir.c +@@ -111,8 +111,22 @@ static int user_remove_runtime_path(const char *runtime_path) { + return r; + } + +-static int do_mount(const char *runtime_path, uid_t uid, gid_t gid) { ++static int do_mount(const char *user) { ++ char runtime_path[sizeof("/run/user") + DECIMAL_STR_MAX(uid_t)]; + size_t runtime_dir_size; ++ uid_t uid; ++ gid_t gid; ++ int r; ++ ++ r = get_user_creds(&user, &uid, &gid, NULL, NULL); ++ if (r < 0) ++ return log_error_errno(r, ++ r == -ESRCH ? "No such user \"%s\"" : ++ r == -ENOMSG ? "UID \"%s\" is invalid or has an invalid main group" ++ : "Failed to look up user \"%s\": %m", ++ user); ++ ++ xsprintf(runtime_path, "/run/user/" UID_FMT, uid); + + assert_se(gather_configuration(&runtime_dir_size) == 0); + +@@ -120,16 +134,30 @@ static int do_mount(const char *runtime_path, uid_t uid, gid_t gid) { + return user_mkdir_runtime_path(runtime_path, uid, gid, runtime_dir_size); + } + +-static int do_umount(const char *runtime_path) { ++static int do_umount(const char *user) { ++ char runtime_path[sizeof("/run/user") + DECIMAL_STR_MAX(uid_t)]; ++ uid_t uid; ++ int r; ++ ++ /* The user may be already removed. So, first try to parse the string by parse_uid(), ++ * and if it fails, fallback to get_user_creds().*/ ++ if (parse_uid(user, &uid) < 0) { ++ r = get_user_creds(&user, &uid, NULL, NULL, NULL); ++ if (r < 0) ++ return log_error_errno(r, ++ r == -ESRCH ? "No such user \"%s\"" : ++ r == -ENOMSG ? "UID \"%s\" is invalid or has an invalid main group" ++ : "Failed to look up user \"%s\": %m", ++ user); ++ } ++ ++ xsprintf(runtime_path, "/run/user/" UID_FMT, uid); ++ + log_debug("Will remove %s", runtime_path); + return user_remove_runtime_path(runtime_path); + } + + int main(int argc, char *argv[]) { +- const char *user; +- uid_t uid; +- gid_t gid; +- char runtime_path[sizeof("/run/user") + DECIMAL_STR_MAX(uid_t)]; + int r; + + log_parse_environment(); +@@ -146,23 +174,10 @@ int main(int argc, char *argv[]) { + + umask(0022); + +- user = argv[2]; +- r = get_user_creds(&user, &uid, &gid, NULL, NULL); +- if (r < 0) { +- log_error_errno(r, +- r == -ESRCH ? "No such user \"%s\"" : +- r == -ENOMSG ? "UID \"%s\" is invalid or has an invalid main group" +- : "Failed to look up user \"%s\": %m", +- user); +- return EXIT_FAILURE; +- } +- +- xsprintf(runtime_path, "/run/user/" UID_FMT, uid); +- + if (streq(argv[1], "start")) +- r = do_mount(runtime_path, uid, gid); ++ r = do_mount(argv[2]); + else if (streq(argv[1], "stop")) +- r = do_umount(runtime_path); ++ r = do_umount(argv[2]); + else + assert_not_reached("Unknown verb!"); + +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-meson-rename-Ddebug-to-Ddebug-extra.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-meson-rename-Ddebug-to-Ddebug-extra.patch new file mode 100644 index 00000000..d6d305cb --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-meson-rename-Ddebug-to-Ddebug-extra.patch @@ -0,0 +1,45 @@ +From 8f6b442a78d0b485f044742ad90b2e8271b4e68e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl> +Date: Sun, 19 Aug 2018 19:11:30 +0200 +Subject: [PATCH] meson: rename -Ddebug to -Ddebug-extra + +Meson added -Doptimization and -Ddebug options, which obviously causes +a conflict with our -Ddebug options. Let's rename it. + +Fixes #9883. +Upstream-Status: Backport +Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> +--- + meson.build | 2 +- + meson_options.txt | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/meson.build b/meson.build +index f79ac4b12..2209c935a 100644 +--- a/meson.build ++++ b/meson.build +@@ -763,7 +763,7 @@ substs.set('DEBUGTTY', get_option('debug-tty')) + + enable_debug_hashmap = false + enable_debug_mmap_cache = false +-foreach name : get_option('debug') ++foreach name : get_option('debug-extra') + if name == 'hashmap' + enable_debug_hashmap = true + elif name == 'mmap-cache' +diff --git a/meson_options.txt b/meson_options.txt +index e3140c8c1..7b1f61bf4 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -45,7 +45,7 @@ option('debug-shell', type : 'string', value : '/bin/sh', + description : 'path to debug shell binary') + option('debug-tty', type : 'string', value : '/dev/tty9', + description : 'specify the tty device for debug shell') +-option('debug', type : 'array', choices : ['hashmap', 'mmap-cache'], value : [], ++option('debug-extra', type : 'array', choices : ['hashmap', 'mmap-cache'], value : [], + description : 'enable extra debugging') + option('memory-accounting-default', type : 'boolean', + description : 'enable MemoryAccounting= by default') +-- +2.17.1 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-sd-bus-make-BUS_DEFAULT_TIMEOUT-configurable.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-sd-bus-make-BUS_DEFAULT_TIMEOUT-configurable.patch new file mode 100644 index 00000000..45c9b5b1 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-sd-bus-make-BUS_DEFAULT_TIMEOUT-configurable.patch @@ -0,0 +1,175 @@ +From 5b75a72ee968c9666b5f2ea313720b6c383cb4c2 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe <watanabe.yu+github@gmail.com> +Date: Fri, 13 Jul 2018 17:38:47 +0900 +Subject: [PATCH] sd-bus: make BUS_DEFAULT_TIMEOUT configurable + +This adds sd_bus_{get,set}_method_call_timeout(). +If the timeout is not set or set to 0, then the timeout value is +parsed from $SYSTEMD_BUS_TIMEOUT= environment variable. If the +environment variable is not set, then built-in timeout is used. +--- + doc/ENVIRONMENT.md | 5 +++++ + src/libsystemd/libsystemd.sym | 5 +++++ + src/libsystemd/sd-bus/bus-internal.h | 9 ++++---- + src/libsystemd/sd-bus/bus-message.c | 7 +++++-- + src/libsystemd/sd-bus/sd-bus.c | 40 ++++++++++++++++++++++++++++++++++-- + src/systemd/sd-bus.h | 3 +++ + 6 files changed, 61 insertions(+), 8 deletions(-) + +Upstream-Status: Backport + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> + +diff --git a/doc/ENVIRONMENT.md b/doc/ENVIRONMENT.md +index 85d26fe28c..641a03d5d7 100644 +--- a/doc/ENVIRONMENT.md ++++ b/doc/ENVIRONMENT.md +@@ -37,6 +37,11 @@ All tools: + useful for debugging, in order to test generators and other code against + specific kernel command lines. + ++* `$SYSTEMD_BUS_TIMEOUT=SECS` — specifies the maximum time to wait for method call ++ completion. If no time unit is specified, assumes seconds. The usual other units ++ are understood, too (us, ms, s, min, h, d, w, month, y). If it is not set or set ++ to 0, then the built-in default is used. ++ + systemctl: + + * `$SYSTEMCTL_FORCE_BUS=1` — if set, do not connect to PID1's private D-Bus +diff --git a/src/libsystemd/libsystemd.sym b/src/libsystemd/libsystemd.sym +index 1eec17db50..006dbc9c3f 100644 +--- a/src/libsystemd/libsystemd.sym ++++ b/src/libsystemd/libsystemd.sym +@@ -570,3 +570,8 @@ global: + sd_event_source_set_destroy_callback; + sd_event_source_get_destroy_callback; + } LIBSYSTEMD_238; ++ ++LIBSYSTEMD_240 { ++ sd_bus_set_method_call_timeout; ++ sd_bus_get_method_call_timeout; ++} LIBSYSTEMD_239; +diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h +index 2087ef8eeb..4864b1e911 100644 +--- a/src/libsystemd/sd-bus/bus-internal.h ++++ b/src/libsystemd/sd-bus/bus-internal.h +@@ -319,6 +319,9 @@ struct sd_bus { + + int *inotify_watches; + size_t n_inotify_watches; ++ ++ /* zero means use value specified by $SYSTEMD_BUS_TIMEOUT= environment variable or built-in default */ ++ usec_t method_call_timeout; + }; + + /* For method calls we time-out at 25s, like in the D-Bus reference implementation */ +@@ -336,8 +339,7 @@ struct sd_bus { + + #define BUS_CONTAINER_DEPTH 128 + +-/* Defined by the specification as maximum size of an array in +- * bytes */ ++/* Defined by the specification as maximum size of an array in bytes */ + #define BUS_ARRAY_MAX_SIZE 67108864 + + #define BUS_FDS_MAX 1024 +@@ -388,8 +390,7 @@ void bus_close_io_fds(sd_bus *b); + _slash = streq((prefix), "/") ? NULL : strrchr((prefix), '/')) + + /* If we are invoking callbacks of a bus object, ensure unreffing the +- * bus from the callback doesn't destroy the object we are working +- * on */ ++ * bus from the callback doesn't destroy the object we are working on */ + #define BUS_DONT_DESTROY(bus) \ + _cleanup_(sd_bus_unrefp) _unused_ sd_bus *_dont_destroy_##bus = sd_bus_ref(bus) + +diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c +index 8d92bc2002..dffe70a665 100644 +--- a/src/libsystemd/sd-bus/bus-message.c ++++ b/src/libsystemd/sd-bus/bus-message.c +@@ -5809,8 +5809,11 @@ int bus_message_remarshal(sd_bus *bus, sd_bus_message **m) { + return r; + + timeout = (*m)->timeout; +- if (timeout == 0 && !((*m)->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)) +- timeout = BUS_DEFAULT_TIMEOUT; ++ if (timeout == 0 && !((*m)->header->flags & BUS_MESSAGE_NO_REPLY_EXPECTED)) { ++ r = sd_bus_get_method_call_timeout(bus, &timeout); ++ if (r < 0) ++ return r; ++ } + + r = sd_bus_message_seal(n, BUS_MESSAGE_COOKIE(*m), timeout); + if (r < 0) +diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c +index 089b51a6d9..945490ebf7 100644 +--- a/src/libsystemd/sd-bus/sd-bus.c ++++ b/src/libsystemd/sd-bus/sd-bus.c +@@ -1611,8 +1611,11 @@ static int bus_seal_message(sd_bus *b, sd_bus_message *m, usec_t timeout) { + return 0; + } + +- if (timeout == 0) +- timeout = BUS_DEFAULT_TIMEOUT; ++ if (timeout == 0) { ++ r = sd_bus_get_method_call_timeout(b, &timeout); ++ if (r < 0) ++ return r; ++ } + + if (!m->sender && b->patch_sender) { + r = sd_bus_message_set_sender(m, b->patch_sender); +@@ -4075,3 +4078,36 @@ _public_ int sd_bus_get_n_queued_write(sd_bus *bus, uint64_t *ret) { + *ret = bus->wqueue_size; + return 0; + } ++ ++_public_ int sd_bus_set_method_call_timeout(sd_bus *bus, uint64_t usec) { ++ assert_return(bus, -EINVAL); ++ assert_return(bus = bus_resolve(bus), -ENOPKG); ++ ++ bus->method_call_timeout = usec; ++ return 0; ++} ++ ++_public_ int sd_bus_get_method_call_timeout(sd_bus *bus, uint64_t *ret) { ++ const char *e; ++ usec_t usec; ++ ++ assert_return(bus, -EINVAL); ++ assert_return(bus = bus_resolve(bus), -ENOPKG); ++ assert_return(ret, -EINVAL); ++ ++ if (bus->method_call_timeout != 0) { ++ *ret = bus->method_call_timeout; ++ return 0; ++ } ++ ++ e = secure_getenv("SYSTEMD_BUS_TIMEOUT"); ++ if (e && parse_sec(e, &usec) >= 0 && usec != 0) { ++ /* Save the parsed value to avoid multiple parsing. To change the timeout value, ++ * use sd_bus_set_method_call_timeout() instead of setenv(). */ ++ *ret = bus->method_call_timeout = usec; ++ return 0; ++ } ++ ++ *ret = bus->method_call_timeout = BUS_DEFAULT_TIMEOUT; ++ return 0; ++} +diff --git a/src/systemd/sd-bus.h b/src/systemd/sd-bus.h +index 54c4b1ca83..c9fd254834 100644 +--- a/src/systemd/sd-bus.h ++++ b/src/systemd/sd-bus.h +@@ -206,6 +206,9 @@ sd_event *sd_bus_get_event(sd_bus *bus); + int sd_bus_get_n_queued_read(sd_bus *bus, uint64_t *ret); + int sd_bus_get_n_queued_write(sd_bus *bus, uint64_t *ret); + ++int sd_bus_set_method_call_timeout(sd_bus *bus, uint64_t usec); ++int sd_bus_get_method_call_timeout(sd_bus *bus, uint64_t *ret); ++ + int sd_bus_add_filter(sd_bus *bus, sd_bus_slot **slot, sd_bus_message_handler_t callback, void *userdata); + int sd_bus_add_match(sd_bus *bus, sd_bus_slot **slot, const char *match, sd_bus_message_handler_t callback, void *userdata); + int sd_bus_add_match_async(sd_bus *bus, sd_bus_slot **slot, const char *match, sd_bus_message_handler_t callback, sd_bus_message_handler_t install_callback, void *userdata); +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-sysctl-Don-t-pass-null-directive-argument-to-s.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-sysctl-Don-t-pass-null-directive-argument-to-s.patch new file mode 100644 index 00000000..0538c7bb --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-sysctl-Don-t-pass-null-directive-argument-to-s.patch @@ -0,0 +1,31 @@ +From bfc4183ea995f1c211385d066cdb1fe9ce89f621 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sun, 16 Dec 2018 20:53:38 -0800 +Subject: [PATCH 1/2] sysctl: Don't pass null directive argument to '%s' + +value pointer here is always NULL but subsequent use of that pointer +with a %s format will always be NULL, printing p instead would be a +valid string + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- +Upstream-Status: Submitted [https://github.com/systemd/systemd/pull/11179] + src/sysctl/sysctl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c +index 1cfe51018..c67d79032 100644 +--- a/src/sysctl/sysctl.c ++++ b/src/sysctl/sysctl.c +@@ -115,7 +115,7 @@ static int parse_file(OrderedHashmap *sysctl_options, const char *path, bool ign + + value = strchr(p, '='); + if (!value) { +- log_error("Line is not an assignment at '%s:%u': %s", path, c, value); ++ log_error("Line is not an assignment at '%s:%u': %s", path, c, p); + + if (r == 0) + r = -EINVAL; +-- +2.20.1 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0001-timesync-changes-type-of-drift_freq-to-int64_t.patch b/external/poky/meta/recipes-core/systemd/systemd/0001-timesync-changes-type-of-drift_freq-to-int64_t.patch new file mode 100644 index 00000000..8d395c2f --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0001-timesync-changes-type-of-drift_freq-to-int64_t.patch @@ -0,0 +1,49 @@ +Backport patch to fix systemd build failure on x32. + +Upstream-Status: Backport [https://github.com/systemd/systemd/commit/75ca162] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From 75ca1621db4647a4d62d7873cd6715e28fe0f9fa Mon Sep 17 00:00:00 2001 +From: Yu Watanabe <watanabe.yu+github@gmail.com> +Date: Sat, 23 Jun 2018 09:41:55 +0900 +Subject: [PATCH] timesync: changes type of drift_freq to int64_t + +drift_freq is used for storing timex.freq, and is a 64bit integer. +To support x32 ABI, this changes the type of drift_freq to int64_t. + +Fixes #9387. +--- + src/timesync/timesyncd-manager.c | 2 +- + src/timesync/timesyncd-manager.h | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/timesync/timesyncd-manager.c b/src/timesync/timesyncd-manager.c +index 2b731af9e..404a2b189 100644 +--- a/src/timesync/timesyncd-manager.c ++++ b/src/timesync/timesyncd-manager.c +@@ -604,7 +604,7 @@ static int manager_receive_response(sd_event_source *source, int fd, uint32_t re + m->dest_time = *recv_time; + m->spike = spike; + +- log_debug("interval/delta/delay/jitter/drift " USEC_FMT "s/%+.3fs/%.3fs/%.3fs/%+"PRI_TIMEX"ppm%s", ++ log_debug("interval/delta/delay/jitter/drift " USEC_FMT "s/%+.3fs/%.3fs/%.3fs/%+"PRIi64"ppm%s", + m->poll_interval_usec / USEC_PER_SEC, offset, delay, m->samples_jitter, m->drift_freq / 65536, + spike ? " (ignored)" : ""); + +diff --git a/src/timesync/timesyncd-manager.h b/src/timesync/timesyncd-manager.h +index d8d97cc1e..18347416d 100644 +--- a/src/timesync/timesyncd-manager.h ++++ b/src/timesync/timesyncd-manager.h +@@ -79,7 +79,7 @@ struct Manager { + /* last change */ + bool jumped; + bool sync; +- long drift_freq; ++ int64_t drift_freq; + + /* watch for time changes */ + sd_event_source *event_clock_watch; +-- +2.17.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0002-core-Fix-use-after-free-case-in-load_from_path.patch b/external/poky/meta/recipes-core/systemd/systemd/0002-core-Fix-use-after-free-case-in-load_from_path.patch new file mode 100644 index 00000000..4da96e29 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0002-core-Fix-use-after-free-case-in-load_from_path.patch @@ -0,0 +1,43 @@ +From cb67aebd63d9f0077cbf3e769f0b223c5bba20ac Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sun, 16 Dec 2018 20:58:35 -0800 +Subject: [PATCH 2/2] core: Fix use after free case in load_from_path() + +ensure that mfree() on filename is called after the logging function +which uses the string pointed by filename + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- +Upstream-Status: Submitted [https://github.com/systemd/systemd/pull/11179] + src/core/load-fragment.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c +index fc5644f48..da585786e 100644 +--- a/src/core/load-fragment.c ++++ b/src/core/load-fragment.c +@@ -4531,7 +4531,6 @@ static int load_from_path(Unit *u, const char *path) { + r = open_follow(&filename, &f, symlink_names, &id); + if (r >= 0) + break; +- filename = mfree(filename); + + /* ENOENT means that the file is missing or is a dangling symlink. + * ENOTDIR means that one of paths we expect to be is a directory +@@ -4540,9 +4539,12 @@ static int load_from_path(Unit *u, const char *path) { + */ + if (r == -EACCES) + log_debug_errno(r, "Cannot access \"%s\": %m", filename); +- else if (!IN_SET(r, -ENOENT, -ENOTDIR)) ++ else if (!IN_SET(r, -ENOENT, -ENOTDIR)) { ++ filename = mfree(filename); + return r; ++ } + ++ filename = mfree(filename); + /* Empty the symlink names for the next run */ + set_clear_free(symlink_names); + } +-- +2.20.1 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0002-don-t-use-glibc-specific-qsort_r.patch b/external/poky/meta/recipes-core/systemd/systemd/0002-don-t-use-glibc-specific-qsort_r.patch new file mode 100644 index 00000000..8e0d669e --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0002-don-t-use-glibc-specific-qsort_r.patch @@ -0,0 +1,183 @@ +From d74a4de6daea5a511c2b5636bbb552c15b3a4ad9 Mon Sep 17 00:00:00 2001 +From: Emil Renner Berthing <systemd@esmil.dk> +Date: Thu, 18 Sep 2014 15:24:56 +0200 +Subject: [PATCH] don't use glibc-specific qsort_r + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/basic/format-table.c | 27 ++++++++++++++++----------- + src/basic/util.h | 7 ------- + src/hwdb/hwdb.c | 18 +++++++++++------- + src/udev/udevadm-hwdb.c | 16 ++++++++++------ + 4 files changed, 37 insertions(+), 31 deletions(-) + +diff --git a/src/basic/format-table.c b/src/basic/format-table.c +index 94e796d1ca..9b3f35c29a 100644 +--- a/src/basic/format-table.c ++++ b/src/basic/format-table.c +@@ -745,29 +745,29 @@ static int cell_data_compare(TableData *a, size_t index_a, TableData *b, size_t + return 0; + } + +-static int table_data_compare(const void *x, const void *y, void *userdata) { ++static Table *user_table; ++static int table_data_compare(const void *x, const void *y) { + const size_t *a = x, *b = y; +- Table *t = userdata; + size_t i; + int r; + +- assert(t); +- assert(t->sort_map); ++ assert(user_table); ++ assert(user_table->sort_map); + + /* Make sure the header stays at the beginning */ +- if (*a < t->n_columns && *b < t->n_columns) ++ if (*a < user_table->n_columns && *b < user_table->n_columns) + return 0; +- if (*a < t->n_columns) ++ if (*a < user_table->n_columns) + return -1; +- if (*b < t->n_columns) ++ if (*b < user_table->n_columns) + return 1; + + /* Order other lines by the sorting map */ +- for (i = 0; i < t->n_sort_map; i++) { ++ for (i = 0; i < user_table->n_sort_map; i++) { + TableData *d, *dd; + +- d = t->data[*a + t->sort_map[i]]; +- dd = t->data[*b + t->sort_map[i]]; ++ d = user_table->data[*a + user_table->sort_map[i]]; ++ dd = user_table->data[*b + user_table->sort_map[i]]; + + r = cell_data_compare(d, *a, dd, *b); + if (r != 0) +@@ -960,7 +960,12 @@ int table_print(Table *t, FILE *f) { + for (i = 0; i < n_rows; i++) + sorted[i] = i * t->n_columns; + +- qsort_r_safe(sorted, n_rows, sizeof(size_t), table_data_compare, t); ++ if (n_rows <= 1) ++ return 0; ++ assert(sorted); ++ user_table = t; ++ qsort(sorted, n_rows, sizeof(size_t), table_data_compare); ++ user_table = NULL; + } + + if (t->display_map) +diff --git a/src/basic/util.h b/src/basic/util.h +index 9699d228f9..40eaf518cb 100644 +--- a/src/basic/util.h ++++ b/src/basic/util.h +@@ -105,13 +105,6 @@ static inline void qsort_safe(void *base, size_t nmemb, size_t size, comparison_ + qsort_safe((p), (n), sizeof((p)[0]), (__compar_fn_t) _func_); \ + }) + +-static inline void qsort_r_safe(void *base, size_t nmemb, size_t size, int (*compar)(const void*, const void*, void*), void *userdata) { +- if (nmemb <= 1) +- return; +- +- assert(base); +- qsort_r(base, nmemb, size, compar, userdata); +-} + + /** + * Normal memcpy requires src to be nonnull. We do nothing if n is 0. +diff --git a/src/hwdb/hwdb.c b/src/hwdb/hwdb.c +index 317cad8a67..701d59a1eb 100644 +--- a/src/hwdb/hwdb.c ++++ b/src/hwdb/hwdb.c +@@ -135,13 +135,12 @@ static void trie_free(struct trie *trie) { + + DEFINE_TRIVIAL_CLEANUP_FUNC(struct trie*, trie_free); + +-static int trie_values_cmp(const void *v1, const void *v2, void *arg) { ++static struct trie *trie_node_add_value_trie; ++static int trie_values_cmp(const void *v1, const void *v2) { + const struct trie_value_entry *val1 = v1; + const struct trie_value_entry *val2 = v2; +- struct trie *trie = arg; +- +- return strcmp(trie->strings->buf + val1->key_off, +- trie->strings->buf + val2->key_off); ++ return strcmp(trie_node_add_value_trie->strings->buf + val1->key_off, ++ trie_node_add_value_trie->strings->buf + val2->key_off); + } + + static int trie_node_add_value(struct trie *trie, struct trie_node *node, +@@ -166,7 +165,10 @@ static int trie_node_add_value(struct trie *trie, struct trie_node *node, + .value_off = v, + }; + +- val = xbsearch_r(&search, node->values, node->values_count, sizeof(struct trie_value_entry), trie_values_cmp, trie); ++ trie_node_add_value_trie = trie; ++ val = bsearch(&search, node->values, node->values_count, sizeof(struct trie_value_entry), trie_values_cmp); ++ trie_node_add_value_trie = NULL; ++ + if (val) { + /* At this point we have 2 identical properties on the same match-string. + * Since we process files in order, we just replace the previous value. +@@ -191,7 +193,9 @@ static int trie_node_add_value(struct trie *trie, struct trie_node *node, + node->values[node->values_count].file_priority = file_priority; + node->values[node->values_count].line_number = line_number; + node->values_count++; +- qsort_r(node->values, node->values_count, sizeof(struct trie_value_entry), trie_values_cmp, trie); ++ trie_node_add_value_trie = trie; ++ qsort(node->values, node->values_count, sizeof(struct trie_value_entry), trie_values_cmp); ++ trie_node_add_value_trie = NULL; + return 0; + } + +diff --git a/src/udev/udevadm-hwdb.c b/src/udev/udevadm-hwdb.c +index 02408a4285..491d367d12 100644 +--- a/src/udev/udevadm-hwdb.c ++++ b/src/udev/udevadm-hwdb.c +@@ -114,13 +114,13 @@ static void trie_node_cleanup(struct trie_node *node) { + free(node); + } + +-static int trie_values_cmp(const void *v1, const void *v2, void *arg) { ++static struct trie *trie_node_add_value_trie; ++static int trie_values_cmp(const void *v1, const void *v2) { + const struct trie_value_entry *val1 = v1; + const struct trie_value_entry *val2 = v2; +- struct trie *trie = arg; + +- return strcmp(trie->strings->buf + val1->key_off, +- trie->strings->buf + val2->key_off); ++ return strcmp(trie_node_add_value_trie->strings->buf + val1->key_off, ++ trie_node_add_value_trie->strings->buf + val2->key_off); + } + + static int trie_node_add_value(struct trie *trie, struct trie_node *node, +@@ -141,7 +141,9 @@ static int trie_node_add_value(struct trie *trie, struct trie_node *node, + .value_off = v, + }; + +- val = xbsearch_r(&search, node->values, node->values_count, sizeof(struct trie_value_entry), trie_values_cmp, trie); ++ trie_node_add_value_trie = trie; ++ val = bsearch(&search, node->values, node->values_count, sizeof(struct trie_value_entry), trie_values_cmp); ++ trie_node_add_value_trie = NULL; + if (val) { + /* replace existing earlier key with new value */ + val->value_off = v; +@@ -158,7 +160,9 @@ static int trie_node_add_value(struct trie *trie, struct trie_node *node, + node->values[node->values_count].key_off = k; + node->values[node->values_count].value_off = v; + node->values_count++; +- qsort_r(node->values, node->values_count, sizeof(struct trie_value_entry), trie_values_cmp, trie); ++ trie_node_add_value_trie = trie; ++ qsort(node->values, node->values_count, sizeof(struct trie_value_entry), trie_values_cmp); ++ trie_node_add_value_trie = NULL; + return 0; + } + +-- +2.18.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0002-use-lnr-wrapper-instead-of-looking-for-relative-opti.patch b/external/poky/meta/recipes-core/systemd/systemd/0002-use-lnr-wrapper-instead-of-looking-for-relative-opti.patch new file mode 100644 index 00000000..1d7f5230 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0002-use-lnr-wrapper-instead-of-looking-for-relative-opti.patch @@ -0,0 +1,64 @@ +From 6e62be87a2722fbe531310a1b052c1301bdf06fb Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Wed, 27 Jun 2018 16:09:24 +0800 +Subject: [PATCH 2/9] use lnr wrapper instead of looking for --relative option + for ln + +Remove file manually to avoid the 'File Exists' error when creating +symlink. This is because the original 'ln' command uses '-f' option. + +Upstream-Status: Inappropriate [OE-Specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + meson.build | 4 ---- + tools/meson-make-symlink.sh | 3 ++- + units/meson-add-wants.sh | 7 ++++++- + 3 files changed, 8 insertions(+), 6 deletions(-) + +diff --git a/meson.build b/meson.build +index 04331dd41..6d5edcb4e 100644 +--- a/meson.build ++++ b/meson.build +@@ -558,10 +558,6 @@ endforeach + + conf.set_quoted('TELINIT', get_option('telinit-path')) + +-if run_command('ln', '--relative', '--help').returncode() != 0 +- error('ln does not support --relative (added in coreutils 8.16)') +-endif +- + ############################################################ + + gperf = find_program('gperf') +diff --git a/tools/meson-make-symlink.sh b/tools/meson-make-symlink.sh +index 501cd43d4..f4e4ac9ac 100755 +--- a/tools/meson-make-symlink.sh ++++ b/tools/meson-make-symlink.sh +@@ -8,5 +8,6 @@ mkdir -vp "$(dirname "${DESTDIR:-}$2")" + if [ "$(dirname $1)" = . ]; then + ln -vfs -T "$1" "${DESTDIR:-}$2" + else +- ln -vfs -T --relative "${DESTDIR:-}$1" "${DESTDIR:-}$2" ++ rm -f "${DESTDIR:-}$2" ++ lnr "${DESTDIR:-}$1" "${DESTDIR:-}$2" + fi +diff --git a/units/meson-add-wants.sh b/units/meson-add-wants.sh +index 70f7172ae..a42666aac 100755 +--- a/units/meson-add-wants.sh ++++ b/units/meson-add-wants.sh +@@ -25,4 +25,9 @@ case "$target" in + ;; + esac + +-ln -vfs --relative "$unitpath" "$dir" ++if [ -d "$dir" ]; then ++ rm -f "$dir/$unit" ++ lnr "$unitpath" "$dir/$unit" ++else ++ lnr "$unitpath" "$dir" ++fi +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0003-comparison_fn_t-is-glibc-specific-use-raw-signature-.patch b/external/poky/meta/recipes-core/systemd/systemd/0003-comparison_fn_t-is-glibc-specific-use-raw-signature-.patch new file mode 100644 index 00000000..115fb33c --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0003-comparison_fn_t-is-glibc-specific-use-raw-signature-.patch @@ -0,0 +1,40 @@ +From e965e748c7030df0709e63128db2f023540a06ba Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sat, 12 Sep 2015 18:53:31 +0000 +Subject: [PATCH 03/19] comparison_fn_t is glibc specific, use raw signature in + function pointer + +make it work with musl where comparison_fn_t is not provided + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/basic/util.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/basic/util.h b/src/basic/util.h +index 40eaf518c..c58392397 100644 +--- a/src/basic/util.h ++++ b/src/basic/util.h +@@ -77,7 +77,7 @@ void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size, + * that only if nmemb > 0. + */ + static inline void* bsearch_safe(const void *key, const void *base, +- size_t nmemb, size_t size, comparison_fn_t compar) { ++ size_t nmemb, size_t size, int (*compar)(const void *, const void *)) { + if (nmemb <= 0) + return NULL; + +@@ -89,7 +89,7 @@ static inline void* bsearch_safe(const void *key, const void *base, + * Normal qsort requires base to be nonnull. Here were require + * that only if nmemb > 0. + */ +-static inline void qsort_safe(void *base, size_t nmemb, size_t size, comparison_fn_t compar) { ++static inline void qsort_safe(void *base, size_t nmemb, size_t size, int (*compar)(const void *, const void *)) { + if (nmemb <= 1) + return; + +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0003-implment-systemd-sysv-install-for-OE.patch b/external/poky/meta/recipes-core/systemd/systemd/0003-implment-systemd-sysv-install-for-OE.patch new file mode 100644 index 00000000..6c595ae7 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0003-implment-systemd-sysv-install-for-OE.patch @@ -0,0 +1,43 @@ +From 0fcb6e646401205e17cc6c129441a49023c62cef Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sat, 5 Sep 2015 06:31:47 +0000 +Subject: [PATCH 3/9] implment systemd-sysv-install for OE + +Use update-rc.d for enabling/disabling and status command +to check the status of the sysv service + +Upstream-Status: Inappropriate [OE-Specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/systemctl/systemd-sysv-install.SKELETON | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/systemctl/systemd-sysv-install.SKELETON b/src/systemctl/systemd-sysv-install.SKELETON +index 8c16cf999..9f078a121 100755 +--- a/src/systemctl/systemd-sysv-install.SKELETON ++++ b/src/systemctl/systemd-sysv-install.SKELETON +@@ -32,17 +32,17 @@ case "$1" in + enable) + # call the command to enable SysV init script $NAME here + # (consider optional $ROOT) +- echo "IMPLEMENT ME: enabling SysV init.d script $NAME" ++ update-rc.d -f $NAME defaults + ;; + disable) + # call the command to disable SysV init script $NAME here + # (consider optional $ROOT) +- echo "IMPLEMENT ME: disabling SysV init.d script $NAME" ++ update-rc.d -f $NAME remove + ;; + is-enabled) + # exit with 0 if $NAME is enabled, non-zero if it is disabled + # (consider optional $ROOT) +- echo "IMPLEMENT ME: checking SysV init.d script $NAME" ++ /etc/init.d/$NAME status + ;; + *) + usage ;; +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch b/external/poky/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch new file mode 100644 index 00000000..7652a2d8 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch @@ -0,0 +1,432 @@ +From 582af7ec13131dfcc620ed81de7b211914c4cb03 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Fri, 29 Jun 2018 13:43:49 +0800 +Subject: [PATCH 04/19] add fallback parse_printf_format implementation + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Emil Renner Berthing <systemd@esmil.dk> +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + meson.build | 1 + + src/basic/meson.build | 5 + + src/basic/parse-printf-format.c | 273 ++++++++++++++++++++++++++++++++++++++++ + src/basic/parse-printf-format.h | 57 +++++++++ + src/basic/stdio-util.h | 2 +- + src/journal/journal-send.c | 2 +- + 6 files changed, 338 insertions(+), 2 deletions(-) + create mode 100644 src/basic/parse-printf-format.c + create mode 100644 src/basic/parse-printf-format.h + +diff --git a/meson.build b/meson.build +index e045b9224..8c16bc979 100644 +--- a/meson.build ++++ b/meson.build +@@ -598,6 +598,7 @@ foreach header : ['crypt.h', + 'linux/btrfs.h', + 'linux/memfd.h', + 'linux/vm_sockets.h', ++ 'printf.h', + 'sys/auxv.h', + 'valgrind/memcheck.h', + 'valgrind/valgrind.h', +diff --git a/src/basic/meson.build b/src/basic/meson.build +index 31625b178..0c27528e7 100644 +--- a/src/basic/meson.build ++++ b/src/basic/meson.build +@@ -302,6 +302,11 @@ foreach item : [['af', af_list_txt, 'af', ''], + endforeach + + basic_sources += [missing_h] + generated_gperf_headers ++ ++if conf.get('HAVE_PRINTF_H') != 1 ++ basic_sources += [files('parse-printf-format.c')] ++endif ++ + basic_gcrypt_sources = files( + 'gcrypt-util.c', + 'gcrypt-util.h') +diff --git a/src/basic/parse-printf-format.c b/src/basic/parse-printf-format.c +new file mode 100644 +index 000000000..49437e544 +--- /dev/null ++++ b/src/basic/parse-printf-format.c +@@ -0,0 +1,273 @@ ++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ ++ ++/*** ++ This file is part of systemd. ++ ++ Copyright 2014 Emil Renner Berthing <systemd@esmil.dk> ++ ++ With parts from the musl C library ++ Copyright 2005-2014 Rich Felker, et al. ++ ++ systemd is free software; you can redistribute it and/or modify it ++ under the terms of the GNU Lesser General Public License as published by ++ the Free Software Foundation; either version 2.1 of the License, or ++ (at your option) any later version. ++ ++ systemd is distributed in the hope that it will be useful, but ++ WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public License ++ along with systemd; If not, see <http://www.gnu.org/licenses/>. ++***/ ++ ++#include <stddef.h> ++#include <string.h> ++ ++#include "parse-printf-format.h" ++ ++static const char *consume_nonarg(const char *fmt) ++{ ++ do { ++ if (*fmt == '\0') ++ return fmt; ++ } while (*fmt++ != '%'); ++ return fmt; ++} ++ ++static const char *consume_num(const char *fmt) ++{ ++ for (;*fmt >= '0' && *fmt <= '9'; fmt++) ++ /* do nothing */; ++ return fmt; ++} ++ ++static const char *consume_argn(const char *fmt, size_t *arg) ++{ ++ const char *p = fmt; ++ size_t val = 0; ++ ++ if (*p < '1' || *p > '9') ++ return fmt; ++ do { ++ val = 10*val + (*p++ - '0'); ++ } while (*p >= '0' && *p <= '9'); ++ ++ if (*p != '$') ++ return fmt; ++ *arg = val; ++ return p+1; ++} ++ ++static const char *consume_flags(const char *fmt) ++{ ++ while (1) { ++ switch (*fmt) { ++ case '#': ++ case '0': ++ case '-': ++ case ' ': ++ case '+': ++ case '\'': ++ case 'I': ++ fmt++; ++ continue; ++ } ++ return fmt; ++ } ++} ++ ++enum state { ++ BARE, ++ LPRE, ++ LLPRE, ++ HPRE, ++ HHPRE, ++ BIGLPRE, ++ ZTPRE, ++ JPRE, ++ STOP ++}; ++ ++enum type { ++ NONE, ++ PTR, ++ INT, ++ UINT, ++ ULLONG, ++ LONG, ++ ULONG, ++ SHORT, ++ USHORT, ++ CHAR, ++ UCHAR, ++ LLONG, ++ SIZET, ++ IMAX, ++ UMAX, ++ PDIFF, ++ UIPTR, ++ DBL, ++ LDBL, ++ MAXTYPE ++}; ++ ++static const short pa_types[MAXTYPE] = { ++ [NONE] = PA_INT, ++ [PTR] = PA_POINTER, ++ [INT] = PA_INT, ++ [UINT] = PA_INT, ++ [ULLONG] = PA_INT | PA_FLAG_LONG_LONG, ++ [LONG] = PA_INT | PA_FLAG_LONG, ++ [ULONG] = PA_INT | PA_FLAG_LONG, ++ [SHORT] = PA_INT | PA_FLAG_SHORT, ++ [USHORT] = PA_INT | PA_FLAG_SHORT, ++ [CHAR] = PA_CHAR, ++ [UCHAR] = PA_CHAR, ++ [LLONG] = PA_INT | PA_FLAG_LONG_LONG, ++ [SIZET] = PA_INT | PA_FLAG_LONG, ++ [IMAX] = PA_INT | PA_FLAG_LONG_LONG, ++ [UMAX] = PA_INT | PA_FLAG_LONG_LONG, ++ [PDIFF] = PA_INT | PA_FLAG_LONG_LONG, ++ [UIPTR] = PA_INT | PA_FLAG_LONG, ++ [DBL] = PA_DOUBLE, ++ [LDBL] = PA_DOUBLE | PA_FLAG_LONG_DOUBLE ++}; ++ ++#define S(x) [(x)-'A'] ++#define E(x) (STOP + (x)) ++ ++static const unsigned char states[]['z'-'A'+1] = { ++ { /* 0: bare types */ ++ S('d') = E(INT), S('i') = E(INT), ++ S('o') = E(UINT),S('u') = E(UINT),S('x') = E(UINT), S('X') = E(UINT), ++ S('e') = E(DBL), S('f') = E(DBL), S('g') = E(DBL), S('a') = E(DBL), ++ S('E') = E(DBL), S('F') = E(DBL), S('G') = E(DBL), S('A') = E(DBL), ++ S('c') = E(CHAR),S('C') = E(INT), ++ S('s') = E(PTR), S('S') = E(PTR), S('p') = E(UIPTR),S('n') = E(PTR), ++ S('m') = E(NONE), ++ S('l') = LPRE, S('h') = HPRE, S('L') = BIGLPRE, ++ S('z') = ZTPRE, S('j') = JPRE, S('t') = ZTPRE ++ }, { /* 1: l-prefixed */ ++ S('d') = E(LONG), S('i') = E(LONG), ++ S('o') = E(ULONG),S('u') = E(ULONG),S('x') = E(ULONG),S('X') = E(ULONG), ++ S('e') = E(DBL), S('f') = E(DBL), S('g') = E(DBL), S('a') = E(DBL), ++ S('E') = E(DBL), S('F') = E(DBL), S('G') = E(DBL), S('A') = E(DBL), ++ S('c') = E(INT), S('s') = E(PTR), S('n') = E(PTR), ++ S('l') = LLPRE ++ }, { /* 2: ll-prefixed */ ++ S('d') = E(LLONG), S('i') = E(LLONG), ++ S('o') = E(ULLONG),S('u') = E(ULLONG), ++ S('x') = E(ULLONG),S('X') = E(ULLONG), ++ S('n') = E(PTR) ++ }, { /* 3: h-prefixed */ ++ S('d') = E(SHORT), S('i') = E(SHORT), ++ S('o') = E(USHORT),S('u') = E(USHORT), ++ S('x') = E(USHORT),S('X') = E(USHORT), ++ S('n') = E(PTR), ++ S('h') = HHPRE ++ }, { /* 4: hh-prefixed */ ++ S('d') = E(CHAR), S('i') = E(CHAR), ++ S('o') = E(UCHAR),S('u') = E(UCHAR), ++ S('x') = E(UCHAR),S('X') = E(UCHAR), ++ S('n') = E(PTR) ++ }, { /* 5: L-prefixed */ ++ S('e') = E(LDBL),S('f') = E(LDBL),S('g') = E(LDBL), S('a') = E(LDBL), ++ S('E') = E(LDBL),S('F') = E(LDBL),S('G') = E(LDBL), S('A') = E(LDBL), ++ S('n') = E(PTR) ++ }, { /* 6: z- or t-prefixed (assumed to be same size) */ ++ S('d') = E(PDIFF),S('i') = E(PDIFF), ++ S('o') = E(SIZET),S('u') = E(SIZET), ++ S('x') = E(SIZET),S('X') = E(SIZET), ++ S('n') = E(PTR) ++ }, { /* 7: j-prefixed */ ++ S('d') = E(IMAX), S('i') = E(IMAX), ++ S('o') = E(UMAX), S('u') = E(UMAX), ++ S('x') = E(UMAX), S('X') = E(UMAX), ++ S('n') = E(PTR) ++ } ++}; ++ ++size_t parse_printf_format(const char *fmt, size_t n, int *types) ++{ ++ size_t i = 0; ++ size_t last = 0; ++ ++ memset(types, 0, n); ++ ++ while (1) { ++ size_t arg; ++ unsigned int state; ++ ++ fmt = consume_nonarg(fmt); ++ if (*fmt == '\0') ++ break; ++ if (*fmt == '%') { ++ fmt++; ++ continue; ++ } ++ arg = 0; ++ fmt = consume_argn(fmt, &arg); ++ /* flags */ ++ fmt = consume_flags(fmt); ++ /* width */ ++ if (*fmt == '*') { ++ size_t warg = 0; ++ fmt = consume_argn(fmt+1, &warg); ++ if (warg == 0) ++ warg = ++i; ++ if (warg > last) ++ last = warg; ++ if (warg <= n && types[warg-1] == NONE) ++ types[warg-1] = INT; ++ } else ++ fmt = consume_num(fmt); ++ /* precision */ ++ if (*fmt == '.') { ++ fmt++; ++ if (*fmt == '*') { ++ size_t parg = 0; ++ fmt = consume_argn(fmt+1, &parg); ++ if (parg == 0) ++ parg = ++i; ++ if (parg > last) ++ last = parg; ++ if (parg <= n && types[parg-1] == NONE) ++ types[parg-1] = INT; ++ } else { ++ if (*fmt == '-') ++ fmt++; ++ fmt = consume_num(fmt); ++ } ++ } ++ /* length modifier and conversion specifier */ ++ state = BARE; ++ do { ++ unsigned char c = *fmt++; ++ ++ if (c < 'A' || c > 'z') ++ continue; ++ state = states[state]S(c); ++ if (state == 0) ++ continue; ++ } while (state < STOP); ++ ++ if (state == E(NONE)) ++ continue; ++ ++ if (arg == 0) ++ arg = ++i; ++ if (arg > last) ++ last = arg; ++ if (arg <= n) ++ types[arg-1] = state - STOP; ++ } ++ ++ if (last > n) ++ last = n; ++ for (i = 0; i < last; i++) ++ types[i] = pa_types[types[i]]; ++ ++ return last; ++} +diff --git a/src/basic/parse-printf-format.h b/src/basic/parse-printf-format.h +new file mode 100644 +index 000000000..47be7522d +--- /dev/null ++++ b/src/basic/parse-printf-format.h +@@ -0,0 +1,57 @@ ++/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ ++ ++/*** ++ This file is part of systemd. ++ ++ Copyright 2014 Emil Renner Berthing <systemd@esmil.dk> ++ ++ With parts from the GNU C Library ++ Copyright 1991-2014 Free Software Foundation, Inc. ++ ++ systemd is free software; you can redistribute it and/or modify it ++ under the terms of the GNU Lesser General Public License as published by ++ the Free Software Foundation; either version 2.1 of the License, or ++ (at your option) any later version. ++ ++ systemd is distributed in the hope that it will be useful, but ++ WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public License ++ along with systemd; If not, see <http://www.gnu.org/licenses/>. ++***/ ++ ++#pragma once ++ ++#include "config.h" ++ ++#if HAVE_PRINTF_H ++#include <printf.h> ++#else ++ ++#include <stddef.h> ++ ++enum { /* C type: */ ++ PA_INT, /* int */ ++ PA_CHAR, /* int, cast to char */ ++ PA_WCHAR, /* wide char */ ++ PA_STRING, /* const char *, a '\0'-terminated string */ ++ PA_WSTRING, /* const wchar_t *, wide character string */ ++ PA_POINTER, /* void * */ ++ PA_FLOAT, /* float */ ++ PA_DOUBLE, /* double */ ++ PA_LAST ++}; ++ ++/* Flag bits that can be set in a type returned by `parse_printf_format'. */ ++#define PA_FLAG_MASK 0xff00 ++#define PA_FLAG_LONG_LONG (1 << 8) ++#define PA_FLAG_LONG_DOUBLE PA_FLAG_LONG_LONG ++#define PA_FLAG_LONG (1 << 9) ++#define PA_FLAG_SHORT (1 << 10) ++#define PA_FLAG_PTR (1 << 11) ++ ++size_t parse_printf_format(const char *fmt, size_t n, int *types); ++ ++#endif /* HAVE_PRINTF_H */ +diff --git a/src/basic/stdio-util.h b/src/basic/stdio-util.h +index 73c03274c..30192cd71 100644 +--- a/src/basic/stdio-util.h ++++ b/src/basic/stdio-util.h +@@ -1,12 +1,12 @@ + /* SPDX-License-Identifier: LGPL-2.1+ */ + #pragma once + +-#include <printf.h> + #include <stdarg.h> + #include <stdio.h> + #include <sys/types.h> + + #include "macro.h" ++#include "parse-printf-format.h" + + #define snprintf_ok(buf, len, fmt, ...) \ + ((size_t) snprintf(buf, len, fmt, __VA_ARGS__) < (len)) +diff --git a/src/journal/journal-send.c b/src/journal/journal-send.c +index a0621524a..65bcbcd2e 100644 +--- a/src/journal/journal-send.c ++++ b/src/journal/journal-send.c +@@ -2,7 +2,6 @@ + + #include <errno.h> + #include <fcntl.h> +-#include <printf.h> + #include <stddef.h> + #include <sys/socket.h> + #include <sys/un.h> +@@ -21,6 +20,7 @@ + #include "stdio-util.h" + #include "string-util.h" + #include "util.h" ++#include "parse-printf-format.h" + + #define SNDBUF_SIZE (8*1024*1024) + +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0004-rules-whitelist-hd-devices.patch b/external/poky/meta/recipes-core/systemd/systemd/0004-rules-whitelist-hd-devices.patch new file mode 100644 index 00000000..7e37cbc2 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0004-rules-whitelist-hd-devices.patch @@ -0,0 +1,33 @@ +From 5d8128f3832fd11fd046d1d1ad86c4ee7bc1dff0 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 9 Nov 2016 19:41:13 -0800 +Subject: [PATCH 4/9] rules: whitelist hd* devices + +qemu by default emulates IDE and the linux-yocto kernel(s) use +CONFIG_IDE instead of the more modern libsata, so disks appear as +/dev/hd*. Patch rejected upstream because CONFIG_IDE is deprecated. + +Upstream-Status: Denied [https://github.com/systemd/systemd/pull/1276] + +Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + rules/60-persistent-storage.rules | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/rules/60-persistent-storage.rules b/rules/60-persistent-storage.rules +index 8ddb7577c..811e948ad 100644 +--- a/rules/60-persistent-storage.rules ++++ b/rules/60-persistent-storage.rules +@@ -7,7 +7,7 @@ ACTION=="remove", GOTO="persistent_storage_end" + ENV{UDEV_DISABLE_PERSISTENT_STORAGE_RULES_FLAG}=="1", GOTO="persistent_storage_end" + + SUBSYSTEM!="block", GOTO="persistent_storage_end" +-KERNEL!="loop*|mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|nvme*|sd*|sr*|vd*|xvd*|bcache*|cciss*|dasd*|ubd*|scm*|pmem*|nbd*", GOTO="persistent_storage_end" ++KERNEL!="loop*|mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|nvme*|sd*|sr*|vd*|xvd*|bcache*|cciss*|dasd*|ubd*|scm*|pmem*|nbd*|hd*", GOTO="persistent_storage_end" + + # ignore partitions that span the entire disk + TEST=="whole_disk", GOTO="persistent_storage_end" +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0005-Make-root-s-home-directory-configurable.patch b/external/poky/meta/recipes-core/systemd/systemd/0005-Make-root-s-home-directory-configurable.patch new file mode 100644 index 00000000..c1370872 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0005-Make-root-s-home-directory-configurable.patch @@ -0,0 +1,70 @@ +From 8b82663aeeedf9ca58e3b97116b4c4da5229e0f5 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Wed, 27 Jun 2018 16:46:45 +0800 +Subject: [PATCH 5/9] Make root's home directory configurable + +OpenEmbedded has a configurable home directory for root. Allow +systemd to be built using its idea of what root's home directory +should be. + +Upstream-Status: Denied +Upstream wants to have a unified hierarchy where everyone is +using the same root folder. +https://github.com/systemd/systemd/issues/541 + +Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca> +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + meson.build | 7 +++++++ + meson_options.txt | 2 ++ + 2 files changed, 9 insertions(+) + +diff --git a/meson.build b/meson.build +index 6d5edcb4e..323146fe1 100644 +--- a/meson.build ++++ b/meson.build +@@ -89,6 +89,11 @@ if rootlibdir == '' + rootlibdir = join_paths(rootprefixdir, libdir.split('/')[-1]) + endif + ++roothomedir = get_option('roothomedir') ++if roothomedir == '' ++ roothomedir = '/root' ++endif ++ + # Dirs of external packages + pkgconfigdatadir = join_paths(datadir, 'pkgconfig') + pkgconfiglibdir = join_paths(libdir, 'pkgconfig') +@@ -210,6 +215,7 @@ conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir) + conf.set_quoted('POLKIT_AGENT_BINARY_PATH', join_paths(bindir, 'pkttyagent')) + conf.set_quoted('LIBDIR', libdir) + conf.set_quoted('ROOTLIBDIR', rootlibdir) ++conf.set_quoted('ROOTHOMEDIR', roothomedir) + conf.set_quoted('ROOTLIBEXECDIR', rootlibexecdir) + conf.set_quoted('BOOTLIBDIR', bootlibdir) + conf.set_quoted('SYSTEMD_PULL_PATH', join_paths(rootlibexecdir, 'systemd-pull')) +@@ -228,6 +234,7 @@ substs.set('prefix', prefixdir) + substs.set('exec_prefix', prefixdir) + substs.set('libdir', libdir) + substs.set('rootlibdir', rootlibdir) ++substs.set('roothomedir', roothomedir) + substs.set('includedir', includedir) + substs.set('pkgsysconfdir', pkgsysconfdir) + substs.set('bindir', bindir) +diff --git a/meson_options.txt b/meson_options.txt +index 16c1f2b2f..aa9a33368 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -9,6 +9,8 @@ option('rootlibdir', type : 'string', + description : '''[/usr]/lib/x86_64-linux-gnu or such''') + option('rootprefix', type : 'string', + description : '''override the root prefix''') ++option('roothomedir', type : 'string', ++ description : '''override the root home directory''') + option('link-udev-shared', type : 'boolean', + description : 'link systemd-udev and its helpers to libsystemd-shared.so') + option('link-systemctl-shared', type: 'boolean', +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0005-include-gshadow-only-if-ENABLE_GSHADOW-is-1.patch b/external/poky/meta/recipes-core/systemd/systemd/0005-include-gshadow-only-if-ENABLE_GSHADOW-is-1.patch new file mode 100644 index 00000000..6d5faf5f --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0005-include-gshadow-only-if-ENABLE_GSHADOW-is-1.patch @@ -0,0 +1,29 @@ +From a2c4d46944892174930135672508389a04e191f0 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Fri, 29 Jun 2018 13:53:29 +0800 +Subject: [PATCH 05/19] include gshadow only if ENABLE_GSHADOW is 1 + +Upstream-Status: Inappropriate [musl] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/basic/user-util.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/basic/user-util.h b/src/basic/user-util.h +index b74f16885..f9c1e29c4 100644 +--- a/src/basic/user-util.h ++++ b/src/basic/user-util.h +@@ -2,7 +2,9 @@ + #pragma once + + #include <grp.h> ++#if ENABLE_GSHADOW + #include <gshadow.h> ++#endif + #include <pwd.h> + #include <shadow.h> + #include <stdbool.h> +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0006-remove-nobody-user-group-checking.patch b/external/poky/meta/recipes-core/systemd/systemd/0006-remove-nobody-user-group-checking.patch new file mode 100644 index 00000000..eb6eb8bf --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0006-remove-nobody-user-group-checking.patch @@ -0,0 +1,63 @@ +From 5199ae5dec9b8a9c9e20477d5090f1732735fbe2 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Thu, 28 Jun 2018 09:38:12 +0800 +Subject: [PATCH 6/9] remove nobody user/group checking + +Upstream-Status: Inappropriate [OE Specific] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + meson.build | 37 ------------------------------------- + 1 file changed, 37 deletions(-) + +diff --git a/meson.build b/meson.build +index 323146fe1..3bb087fef 100644 +--- a/meson.build ++++ b/meson.build +@@ -681,43 +681,6 @@ substs.set('containeruidbasemax', container_uid_base_max) + nobody_user = get_option('nobody-user') + nobody_group = get_option('nobody-group') + +-getent_result = run_command('getent', 'passwd', '65534') +-if getent_result.returncode() == 0 +- name = getent_result.stdout().split(':')[0] +- if name != nobody_user +- warning('\n' + +- 'The local user with the UID 65534 does not match the configured user name "@0@" of the nobody user (its name is @1@).\n'.format(nobody_user, name) + +- 'Your build will result in an user table setup that is incompatible with the local system.') +- endif +-endif +-id_result = run_command('id', '-u', nobody_user) +-if id_result.returncode() == 0 +- id = id_result.stdout().to_int() +- if id != 65534 +- warning('\n' + +- 'The local user with the configured user name "@0@" of the nobody user does not have UID 65534 (it has @1@).\n'.format(nobody_user, id) + +- 'Your build will result in an user table setup that is incompatible with the local system.') +- endif +-endif +- +-getent_result = run_command('getent', 'group', '65534') +-if getent_result.returncode() == 0 +- name = getent_result.stdout().split(':')[0] +- if name != nobody_group +- warning('\n' + +- 'The local group with the GID 65534 does not match the configured group name "@0@" of the nobody group (its name is @1@).\n'.format(nobody_group, name) + +- 'Your build will result in an group table setup that is incompatible with the local system.') +- endif +-endif +-id_result = run_command('id', '-g', nobody_group) +-if id_result.returncode() == 0 +- id = id_result.stdout().to_int() +- if id != 65534 +- warning('\n' + +- 'The local group with the configured group name "@0@" of the nobody group does not have UID 65534 (it has @1@).\n'.format(nobody_group, id) + +- 'Your build will result in an group table setup that is incompatible with the local system.') +- endif +-endif + if nobody_user != nobody_group and not (nobody_user == 'nobody' and nobody_group == 'nogroup') + warning('\n' + + 'The configured user name "@0@" and group name "@0@" of the nobody user/group are not equivalent.\n'.format(nobody_user, nobody_group) + +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0006-src-basic-missing.h-check-for-missing-strndupa.patch b/external/poky/meta/recipes-core/systemd/systemd/0006-src-basic-missing.h-check-for-missing-strndupa.patch new file mode 100644 index 00000000..107a7943 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0006-src-basic-missing.h-check-for-missing-strndupa.patch @@ -0,0 +1,118 @@ +From 03fd19fc87573276e0d359260c8fe591f5f0216a Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Fri, 29 Jun 2018 16:34:50 +0800 +Subject: [PATCH 06/19] src/basic/missing.h: check for missing strndupa + +include missing.h for definition of strndupa + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + meson.build | 1 + + src/basic/missing.h | 11 +++++++++++ + src/basic/mkdir.c | 1 + + src/basic/pager.c | 1 + + src/basic/parse-util.c | 1 + + src/basic/procfs-util.c | 1 + + src/shared/uid-range.c | 1 + + 7 files changed, 17 insertions(+) + +diff --git a/meson.build b/meson.build +index 8c16bc979..a734a295c 100644 +--- a/meson.build ++++ b/meson.build +@@ -503,6 +503,7 @@ foreach ident : [ + #include <unistd.h>'''], + ['explicit_bzero' , '''#include <string.h>'''], + ['reallocarray', '''#include <malloc.h>'''], ++ ['strndupa' , '''#include <string.h>'''], + ] + + have = cc.has_function(ident[0], prefix : ident[1], args : '-D_GNU_SOURCE') +diff --git a/src/basic/missing.h b/src/basic/missing.h +index 0e33abb9f..02397f1b6 100644 +--- a/src/basic/missing.h ++++ b/src/basic/missing.h +@@ -1184,6 +1184,17 @@ struct input_mask { + typedef int32_t key_serial_t; + #endif + ++#if ! HAVE_STRNDUPA ++#define strndupa(s, n) \ ++ ({ \ ++ const char *__old = (s); \ ++ size_t __len = strnlen(__old, (n)); \ ++ char *__new = (char *)alloca(__len + 1); \ ++ __new[__len] = '\0'; \ ++ (char *)memcpy(__new, __old, __len); \ ++ }) ++#endif ++ + #ifndef KEYCTL_JOIN_SESSION_KEYRING + #define KEYCTL_JOIN_SESSION_KEYRING 1 + #endif +diff --git a/src/basic/mkdir.c b/src/basic/mkdir.c +index 6ab1b4422..77c3e0863 100644 +--- a/src/basic/mkdir.c ++++ b/src/basic/mkdir.c +@@ -13,6 +13,7 @@ + #include "stat-util.h" + #include "stdio-util.h" + #include "user-util.h" ++#include "missing.h" + + int mkdir_safe_internal(const char *path, mode_t mode, uid_t uid, gid_t gid, MkdirFlags flags, mkdir_func_t _mkdir) { + struct stat st; +diff --git a/src/basic/pager.c b/src/basic/pager.c +index f24126111..8223bff02 100644 +--- a/src/basic/pager.c ++++ b/src/basic/pager.c +@@ -21,6 +21,7 @@ + #include "string-util.h" + #include "strv.h" + #include "terminal-util.h" ++#include "missing.h" + + static pid_t pager_pid = 0; + +diff --git a/src/basic/parse-util.c b/src/basic/parse-util.c +index 6becf8587..52576f536 100644 +--- a/src/basic/parse-util.c ++++ b/src/basic/parse-util.c +@@ -17,6 +17,7 @@ + #include "parse-util.h" + #include "process-util.h" + #include "string-util.h" ++#include "missing.h" + + int parse_boolean(const char *v) { + assert(v); +diff --git a/src/basic/procfs-util.c b/src/basic/procfs-util.c +index a159e344b..ebc427d6b 100644 +--- a/src/basic/procfs-util.c ++++ b/src/basic/procfs-util.c +@@ -11,6 +11,7 @@ + #include "procfs-util.h" + #include "stdio-util.h" + #include "string-util.h" ++#include "missing.h" + + int procfs_tasks_get_limit(uint64_t *ret) { + _cleanup_free_ char *value = NULL; +diff --git a/src/shared/uid-range.c b/src/shared/uid-range.c +index 434ce6ff4..37093ab7b 100644 +--- a/src/shared/uid-range.c ++++ b/src/shared/uid-range.c +@@ -8,6 +8,7 @@ + #include "macro.h" + #include "uid-range.h" + #include "user-util.h" ++#include "missing.h" + + static bool uid_range_intersect(UidRange *range, uid_t start, uid_t nr) { + assert(range); +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0007-Include-netinet-if_ether.h.patch b/external/poky/meta/recipes-core/systemd/systemd/0007-Include-netinet-if_ether.h.patch new file mode 100644 index 00000000..2df8cf95 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0007-Include-netinet-if_ether.h.patch @@ -0,0 +1,96 @@ +From aab90d0dfa934d33879eaec1a878e93b201d33f1 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Fri, 29 Jun 2018 16:44:43 +0800 +Subject: [PATCH 07/19] Include netinet/if_ether.h + +Fixes +/path/to/systemd/recipe-sysroot/usr/include/netinet/if_ether.h:101:8: error: redefinition of 'struct ethhdr' + struct ethhdr { + ^~~~~~ + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/libsystemd/sd-netlink/netlink-types.c | 1 + + src/network/netdev/tuntap.c | 1 + + src/network/networkd-brvlan.c | 1 + + src/udev/net/ethtool-util.c | 1 + + src/udev/net/ethtool-util.h | 1 + + src/udev/udev-builtin-net_setup_link.c | 1 + + 6 files changed, 6 insertions(+) + +diff --git a/src/libsystemd/sd-netlink/netlink-types.c b/src/libsystemd/sd-netlink/netlink-types.c +index c93fe9cb4..2013d06e1 100644 +--- a/src/libsystemd/sd-netlink/netlink-types.c ++++ b/src/libsystemd/sd-netlink/netlink-types.c +@@ -3,6 +3,7 @@ + #include <netinet/in.h> + #include <stdint.h> + #include <sys/socket.h> ++#include <netinet/if_ether.h> + #include <linux/netlink.h> + #include <linux/rtnetlink.h> + #include <linux/genetlink.h> +diff --git a/src/network/netdev/tuntap.c b/src/network/netdev/tuntap.c +index 21fb7ab06..0afe5170c 100644 +--- a/src/network/netdev/tuntap.c ++++ b/src/network/netdev/tuntap.c +@@ -2,6 +2,7 @@ + + #include <errno.h> + #include <fcntl.h> ++#include <netinet/if_ether.h> + #include <linux/if_tun.h> + #include <net/if.h> + #include <netinet/if_ether.h> +diff --git a/src/network/networkd-brvlan.c b/src/network/networkd-brvlan.c +index 8e8a618e2..52d523a67 100644 +--- a/src/network/networkd-brvlan.c ++++ b/src/network/networkd-brvlan.c +@@ -4,6 +4,7 @@ + ***/ + + #include <netinet/in.h> ++#include <netinet/if_ether.h> + #include <linux/if_bridge.h> + #include <stdbool.h> + +diff --git a/src/udev/net/ethtool-util.c b/src/udev/net/ethtool-util.c +index 4bb4216ac..5f7383483 100644 +--- a/src/udev/net/ethtool-util.c ++++ b/src/udev/net/ethtool-util.c +@@ -1,5 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1+ */ + ++#include <netinet/if_ether.h> + #include <net/if.h> + #include <sys/ioctl.h> + #include <linux/ethtool.h> +diff --git a/src/udev/net/ethtool-util.h b/src/udev/net/ethtool-util.h +index 064bf4d2b..ee0d4fb2a 100644 +--- a/src/udev/net/ethtool-util.h ++++ b/src/udev/net/ethtool-util.h +@@ -3,6 +3,7 @@ + + + #include <macro.h> ++#include <netinet/if_ether.h> + #include <linux/ethtool.h> + + #include "missing.h" +diff --git a/src/udev/udev-builtin-net_setup_link.c b/src/udev/udev-builtin-net_setup_link.c +index 8bed6399a..a3a96959b 100644 +--- a/src/udev/udev-builtin-net_setup_link.c ++++ b/src/udev/udev-builtin-net_setup_link.c +@@ -1,5 +1,6 @@ + /* SPDX-License-Identifier: LGPL-2.1+ */ + ++#include <netinet/if_ether.h> + #include "alloc-util.h" + #include "link-config.h" + #include "log.h" +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0007-rules-watch-metadata-changes-in-ide-devices.patch b/external/poky/meta/recipes-core/systemd/systemd/0007-rules-watch-metadata-changes-in-ide-devices.patch new file mode 100644 index 00000000..a5f65e66 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0007-rules-watch-metadata-changes-in-ide-devices.patch @@ -0,0 +1,43 @@ +From 9302b72e5e69512aaa7106197b00c55baeb35b3c Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Fri, 17 Nov 2017 09:46:00 +0800 +Subject: [PATCH 7/9] rules: watch metadata changes in ide devices + +Formatting IDE storage does not trigger "change" uevents. As a result +clients using udev API don't get any updates afterwards and get outdated +information about the device. +... +root@qemux86-64:~# mkfs.ext4 -F /dev/hda1 +Creating filesystem with 262144 4k blocks and 65536 inodes +Filesystem UUID: 98791eb2-2bf3-47ad-b4d8-4cf7e914eee2 + +root@qemux86-64:~# ls /dev/disk/by-uuid/98791eb2-2bf3-47ad-b4d8-4cf7e914eee2 +ls: cannot access '/dev/disk/by-uuid/98791eb2-2bf3-47ad-b4d8-4cf7e914eee2': No such file or directory +... +Include hd* in a match for watch option assignment. + +Upstream-Status: Denied + +qemu by default emulates IDE and the linux-yocto kernel(s) use +CONFIG_IDE instead of the more modern libsata, so disks appear as +/dev/hd*. A similar patch rejected by upstream because CONFIG_IDE +is deprecated. + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + rules/60-block.rules | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/rules/60-block.rules b/rules/60-block.rules +index 343fc06f8..b5237dac4 100644 +--- a/rules/60-block.rules ++++ b/rules/60-block.rules +@@ -8,4 +8,4 @@ ACTION=="add", SUBSYSTEM=="module", KERNEL=="block", ATTR{parameters/events_dfl_ + ACTION=="change", SUBSYSTEM=="scsi", ENV{DEVTYPE}=="scsi_device", TEST=="block", ATTR{block/*/uevent}="change" + + # watch metadata changes, caused by tools closing the device node which was opened for writing +-ACTION!="remove", SUBSYSTEM=="block", KERNEL=="loop*|nvme*|sd*|vd*|xvd*|pmem*|mmcblk*", OPTIONS+="watch" ++ACTION!="remove", SUBSYSTEM=="block", KERNEL=="loop*|nvme*|sd*|vd*|xvd*|pmem*|mmcblk*|hd*", OPTIONS+="watch" +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0008-Do-not-enable-nss-tests-if-nss-systemd-is-not-enable.patch b/external/poky/meta/recipes-core/systemd/systemd/0008-Do-not-enable-nss-tests-if-nss-systemd-is-not-enable.patch new file mode 100644 index 00000000..abecdc76 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0008-Do-not-enable-nss-tests-if-nss-systemd-is-not-enable.patch @@ -0,0 +1,29 @@ +From b6ba596fd1313a162cdc2eb88161dcf24d19ede7 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Thu, 28 Jun 2018 10:10:02 +0800 +Subject: [PATCH 8/9] Do not enable nss tests if nss-systemd is not enabled + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/test/meson.build | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/test/meson.build b/src/test/meson.build +index 7da7e3a22..7b7c257ff 100644 +--- a/src/test/meson.build ++++ b/src/test/meson.build +@@ -645,7 +645,7 @@ tests += [ + [['src/test/test-nss.c'], + [], + [libdl], +- '', 'manual'], ++ 'ENABLE_NSS_SYSTEMD', 'manual'], + + [['src/test/test-umount.c', + 'src/core/mount-setup.c', +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0008-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch b/external/poky/meta/recipes-core/systemd/systemd/0008-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch new file mode 100644 index 00000000..bee5fb65 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0008-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch @@ -0,0 +1,153 @@ +From 848e711d719a6d987bc7d14183e1c7b1f1c91c56 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Fri, 29 Jun 2018 17:10:29 +0800 +Subject: [PATCH 08/19] don't fail if GLOB_BRACE and GLOB_ALTDIRFUNC is not + defined + +If the standard library doesn't provide brace +expansion users just won't get it. + +Dont use GNU GLOB extentions on non-glibc systems + +Conditionalize use of GLOB_ALTDIRFUNC + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/basic/glob-util.c | 13 +++++++++++-- + src/test/test-glob-util.c | 15 +++++++++++++++ + src/tmpfiles/tmpfiles.c | 10 ++++++++++ + 3 files changed, 36 insertions(+), 2 deletions(-) + +diff --git a/src/basic/glob-util.c b/src/basic/glob-util.c +index 9fac676f2..8adb9559e 100644 +--- a/src/basic/glob-util.c ++++ b/src/basic/glob-util.c +@@ -10,6 +10,11 @@ + #include "macro.h" + #include "path-util.h" + #include "strv.h" ++/* Don't fail if the standard library ++ * doesn't provide brace expansion */ ++#ifndef GLOB_BRACE ++#define GLOB_BRACE 0 ++#endif + + static void closedir_wrapper(void* v) { + (void) closedir(v); +@@ -18,6 +23,7 @@ static void closedir_wrapper(void* v) { + int safe_glob(const char *path, int flags, glob_t *pglob) { + int k; + ++#ifdef GLOB_ALTDIRFUNC + /* We want to set GLOB_ALTDIRFUNC ourselves, don't allow it to be set. */ + assert(!(flags & GLOB_ALTDIRFUNC)); + +@@ -31,10 +37,13 @@ int safe_glob(const char *path, int flags, glob_t *pglob) { + pglob->gl_lstat = lstat; + if (!pglob->gl_stat) + pglob->gl_stat = stat; +- ++#endif + errno = 0; ++#ifdef GLOB_ALTDIRFUNC + k = glob(path, flags | GLOB_ALTDIRFUNC, NULL, pglob); +- ++#else ++ k = glob(path, flags, NULL, pglob); ++#endif + if (k == GLOB_NOMATCH) + return -ENOENT; + if (k == GLOB_NOSPACE) +diff --git a/src/test/test-glob-util.c b/src/test/test-glob-util.c +index d78d6223c..f5943b26d 100644 +--- a/src/test/test-glob-util.c ++++ b/src/test/test-glob-util.c +@@ -12,6 +12,11 @@ + #include "glob-util.h" + #include "macro.h" + #include "rm-rf.h" ++/* Don't fail if the standard library ++ * doesn't provide brace expansion */ ++#ifndef GLOB_BRACE ++#define GLOB_BRACE 0 ++#endif + + static void test_glob_exists(void) { + char name[] = "/tmp/test-glob_exists.XXXXXX"; +@@ -40,11 +45,13 @@ static void test_glob_no_dot(void) { + const char *fn; + + _cleanup_globfree_ glob_t g = { ++#ifdef GLOB_ALTDIRFUNC + .gl_closedir = closedir_wrapper, + .gl_readdir = (struct dirent *(*)(void *)) readdir_no_dot, + .gl_opendir = (void *(*)(const char *)) opendir, + .gl_lstat = lstat, + .gl_stat = stat, ++#endif + }; + + int r; +@@ -52,11 +59,19 @@ static void test_glob_no_dot(void) { + assert_se(mkdtemp(template)); + + fn = strjoina(template, "/*"); ++#ifdef GLOB_ALTDIRFUNC + r = glob(fn, GLOB_NOSORT|GLOB_BRACE|GLOB_ALTDIRFUNC, NULL, &g); ++#else ++ r = glob(fn, GLOB_NOSORT|GLOB_BRACE, NULL, &g); ++#endif + assert_se(r == GLOB_NOMATCH); + + fn = strjoina(template, "/.*"); ++#ifdef GLOB_ALTDIRFUNC + r = glob(fn, GLOB_NOSORT|GLOB_BRACE|GLOB_ALTDIRFUNC, NULL, &g); ++#else ++ r = glob(fn, GLOB_NOSORT|GLOB_BRACE, NULL, &g); ++#endif + assert_se(r == GLOB_NOMATCH); + + (void) rm_rf(template, REMOVE_ROOT|REMOVE_PHYSICAL); +diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c +index 927de35f3..5f0283da5 100644 +--- a/src/tmpfiles/tmpfiles.c ++++ b/src/tmpfiles/tmpfiles.c +@@ -60,6 +60,12 @@ + #include "user-util.h" + #include "util.h" + ++/* Don't fail if the standard library ++ * doesn't provide brace expansion */ ++#ifndef GLOB_BRACE ++#define GLOB_BRACE 0 ++#endif ++ + /* This reads all files listed in /etc/tmpfiles.d/?*.conf and creates + * them in the file system. This is intended to be used to create + * properly owned directories beneath /tmp, /var/tmp, /run, which are +@@ -1345,7 +1351,9 @@ finish: + + static int glob_item(Item *i, action_t action) { + _cleanup_globfree_ glob_t g = { ++#ifdef GLOB_ALTDIRFUNC + .gl_opendir = (void *(*)(const char *)) opendir_nomod, ++#endif + }; + int r = 0, k; + char **fn; +@@ -1365,7 +1373,9 @@ static int glob_item(Item *i, action_t action) { + + static int glob_item_recursively(Item *i, fdaction_t action) { + _cleanup_globfree_ glob_t g = { ++#ifdef GLOB_ALTDIRFUNC + .gl_opendir = (void *(*)(const char *)) opendir_nomod, ++#endif + }; + int r = 0, k; + char **fn; +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0009-add-missing-FTW_-macros-for-musl.patch b/external/poky/meta/recipes-core/systemd/systemd/0009-add-missing-FTW_-macros-for-musl.patch new file mode 100644 index 00000000..95287cce --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0009-add-missing-FTW_-macros-for-musl.patch @@ -0,0 +1,50 @@ +From acc2c08082795802011e3c5f8626d63210021489 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Wed, 28 Feb 2018 21:36:32 -0800 +Subject: [PATCH 09/19] add missing FTW_ macros for musl + +This is to avoid build failures like below for musl. + + locale-util.c:296:24: error: 'FTW_STOP' undeclared + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/basic/missing.h | 20 ++++++++++++++++++++ + 1 file changed, 20 insertions(+) + +diff --git a/src/basic/missing.h b/src/basic/missing.h +index 02397f1b6..6dc750eba 100644 +--- a/src/basic/missing.h ++++ b/src/basic/missing.h +@@ -189,6 +189,26 @@ struct sockaddr_vm { + #define BTRFS_QGROUP_LEVEL_SHIFT 48 + #endif + ++#ifndef FTW_ACTIONRETVAL ++#define FTW_ACTIONRETVAL 16 ++#endif ++ ++#ifndef FTW_CONTINUE ++#define FTW_CONTINUE 0 ++#endif ++ ++#ifndef FTW_STOP ++#define FTW_STOP 1 ++#endif ++ ++#ifndef FTW_SKIP_SUBTREE ++#define FTW_SKIP_SUBTREE 2 ++#endif ++ ++#ifndef FTW_SKIP_SIBLINGS ++#define FTW_SKIP_SIBLINGS 3 ++#endif ++ + #if ! HAVE_LINUX_BTRFS_H + #define BTRFS_IOC_QGROUP_ASSIGN _IOW(BTRFS_IOCTL_MAGIC, 41, \ + struct btrfs_ioctl_qgroup_assign_args) +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0009-nss-mymachines-Build-conditionally-when-ENABLE_MYHOS.patch b/external/poky/meta/recipes-core/systemd/systemd/0009-nss-mymachines-Build-conditionally-when-ENABLE_MYHOS.patch new file mode 100644 index 00000000..a635fa91 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0009-nss-mymachines-Build-conditionally-when-ENABLE_MYHOS.patch @@ -0,0 +1,43 @@ +From f9625b5f3fd5dac3f3591dbeeb24dc9d6fda790d Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Tue, 27 Feb 2018 12:56:21 +0800 +Subject: [PATCH 9/9] nss-mymachines: Build conditionally when + ENABLE_MYHOSTNAME is set + +Fixes build failures when building with --disable-myhostname + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + meson.build | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/meson.build b/meson.build +index 3bb087fef..73bd70b0b 100644 +--- a/meson.build ++++ b/meson.build +@@ -1371,12 +1371,15 @@ test_dlopen = executable( + link_with : [libbasic], + dependencies : [libdl]) + +-foreach tuple : [['myhostname', 'ENABLE_MYHOSTNAME'], +- ['systemd', 'ENABLE_NSS_SYSTEMD'], +- ['mymachines', 'ENABLE_MACHINED'], +- ['resolve', 'ENABLE_RESOLVE']] ++foreach tuple : [['myhostname', 'ENABLE_MYHOSTNAME', ''], ++ ['systemd', 'ENABLE_NSS_SYSTEMD', ''], ++ ['mymachines', 'ENABLE_MACHINED', 'ENABLE_MYHOSTNAME'], ++ ['resolve', 'ENABLE_RESOLVE', '']] + + condition = tuple[1] == '' or conf.get(tuple[1]) == 1 ++ if tuple[2] != '' and condition ++ condition = conf.get(tuple[2]) == 1 ++ endif + if condition + module = tuple[0] + +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0010-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch b/external/poky/meta/recipes-core/systemd/systemd/0010-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch new file mode 100644 index 00000000..16547981 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0010-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch @@ -0,0 +1,38 @@ +From a0bd587300744dbb8e9cfbb043233670ce781c98 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Mon, 2 Jul 2018 13:22:41 +0800 +Subject: [PATCH 10/19] socket-util: don't fail if libc doesn't support IDN + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Emil Renner Berthing <systemd@esmil.dk> +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/basic/socket-util.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c +index a913102e1..0d0154805 100644 +--- a/src/basic/socket-util.c ++++ b/src/basic/socket-util.c +@@ -32,6 +32,16 @@ + #include "utf8.h" + #include "util.h" + ++/* Don't fail if the standard library ++ * doesn't support IDN */ ++#ifndef NI_IDN ++#define NI_IDN 0 ++#endif ++ ++#ifndef NI_IDN_USE_STD3_ASCII_RULES ++#define NI_IDN_USE_STD3_ASCII_RULES 0 ++#endif ++ + #if ENABLE_IDN + # define IDN_FLAGS NI_IDN + #else +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0011-src-basic-missing.h-check-for-missing-__compar_fn_t-.patch b/external/poky/meta/recipes-core/systemd/systemd/0011-src-basic-missing.h-check-for-missing-__compar_fn_t-.patch new file mode 100644 index 00000000..1a22ffd9 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0011-src-basic-missing.h-check-for-missing-__compar_fn_t-.patch @@ -0,0 +1,48 @@ +From 045f205fd21e5e380edf813de04fcfbf5a487219 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Mon, 2 Jul 2018 13:28:25 +0800 +Subject: [PATCH 11/19] src/basic/missing.h: check for missing __compar_fn_t + typedef + +include missing.h for missing __compar_fn_t + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/basic/missing.h | 5 +++++ + src/basic/strbuf.c | 1 + + 2 files changed, 6 insertions(+) + +diff --git a/src/basic/missing.h b/src/basic/missing.h +index 6dc750eba..cd1cc109f 100644 +--- a/src/basic/missing.h ++++ b/src/basic/missing.h +@@ -1179,6 +1179,11 @@ struct input_mask { + #define RENAME_NOREPLACE (1 << 0) + #endif + ++#ifndef __COMPAR_FN_T ++#define __COMPAR_FN_T ++typedef int (*__compar_fn_t)(const void *, const void *); ++#endif ++ + #ifndef KCMP_FILE + #define KCMP_FILE 0 + #endif +diff --git a/src/basic/strbuf.c b/src/basic/strbuf.c +index e2ed776a0..4d3ebec4c 100644 +--- a/src/basic/strbuf.c ++++ b/src/basic/strbuf.c +@@ -7,6 +7,7 @@ + #include "alloc-util.h" + #include "strbuf.h" + #include "util.h" ++#include "missing.h" + + /* + * Strbuf stores given strings in a single continuous allocated memory +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0012-fix-missing-of-__register_atfork-for-non-glibc-build.patch b/external/poky/meta/recipes-core/systemd/systemd/0012-fix-missing-of-__register_atfork-for-non-glibc-build.patch new file mode 100644 index 00000000..d41bc4a0 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0012-fix-missing-of-__register_atfork-for-non-glibc-build.patch @@ -0,0 +1,45 @@ +From 1fadf805cb391e3bcbd9a0286a9e4b7adb9e7427 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Mon, 2 Jul 2018 13:34:09 +0800 +Subject: [PATCH 12/19] fix missing of __register_atfork for non-glibc builds + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/basic/process-util.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/basic/process-util.c b/src/basic/process-util.c +index 0a4f917cb..3543bc045 100644 +--- a/src/basic/process-util.c ++++ b/src/basic/process-util.c +@@ -22,6 +22,9 @@ + #if HAVE_VALGRIND_VALGRIND_H + #include <valgrind/valgrind.h> + #endif ++#ifndef __GLIBC__ ++#include <pthread.h> ++#endif + + #include "alloc-util.h" + #include "architecture.h" +@@ -1150,11 +1153,15 @@ void reset_cached_pid(void) { + cached_pid = CACHED_PID_UNSET; + } + ++#ifdef __GLIBC__ + /* We use glibc __register_atfork() + __dso_handle directly here, as they are not included in the glibc + * headers. __register_atfork() is mostly equivalent to pthread_atfork(), but doesn't require us to link against + * libpthread, as it is part of glibc anyway. */ + extern int __register_atfork(void (*prepare) (void), void (*parent) (void), void (*child) (void), void * __dso_handle); + extern void* __dso_handle __attribute__ ((__weak__)); ++#else ++#define __register_atfork(prepare,parent,child,dso) pthread_atfork(prepare,parent,child) ++#endif + + pid_t getpid_cached(void) { + static bool installed = false; +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0013-Use-uintmax_t-for-handling-rlim_t.patch b/external/poky/meta/recipes-core/systemd/systemd/0013-Use-uintmax_t-for-handling-rlim_t.patch new file mode 100644 index 00000000..69b3c151 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0013-Use-uintmax_t-for-handling-rlim_t.patch @@ -0,0 +1,90 @@ +From a0ac0cfd90af6431c64d1b276f422a2092d569b3 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Mon, 2 Jul 2018 13:44:21 +0800 +Subject: [PATCH 13/19] Use uintmax_t for handling rlim_t + +PRIu{32,64} is not right format to represent rlim_t type +therefore use %ju and typecast the rlim_t variables to +uintmax_t. + +Fixes portablility errors like + +execute.c:3446:36: error: format '%lu' expects argument of type 'long unsigned int', but argument 5 has type 'rlim_t {aka long long unsigned int}' [-Werror=format=] +| fprintf(f, "%s%s: " RLIM_FMT "\n", +| ^~~~~~~~ +| prefix, rlimit_to_string(i), c->rlimit[i]->rlim_max); +| ~~~~~~~~~~~~~~~~~~~~~~ + +Upstream-Status: Denied [https://github.com/systemd/systemd/pull/7199] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/basic/format-util.h | 8 -------- + src/basic/rlimit-util.c | 8 ++++---- + src/core/execute.c | 8 ++++---- + 3 files changed, 8 insertions(+), 16 deletions(-) + +diff --git a/src/basic/format-util.h b/src/basic/format-util.h +index 160550cd6..61245d1e3 100644 +--- a/src/basic/format-util.h ++++ b/src/basic/format-util.h +@@ -43,14 +43,6 @@ + # define PRI_TIMEX "li" + #endif + +-#if SIZEOF_RLIM_T == 8 +-# define RLIM_FMT "%" PRIu64 +-#elif SIZEOF_RLIM_T == 4 +-# define RLIM_FMT "%" PRIu32 +-#else +-# error Unknown rlim_t size +-#endif +- + #if SIZEOF_DEV_T == 8 + # define DEV_FMT "%" PRIu64 + #elif SIZEOF_DEV_T == 4 +diff --git a/src/basic/rlimit-util.c b/src/basic/rlimit-util.c +index be1ba615e..e328ce499 100644 +--- a/src/basic/rlimit-util.c ++++ b/src/basic/rlimit-util.c +@@ -299,13 +299,13 @@ int rlimit_format(const struct rlimit *rl, char **ret) { + if (rl->rlim_cur >= RLIM_INFINITY && rl->rlim_max >= RLIM_INFINITY) + s = strdup("infinity"); + else if (rl->rlim_cur >= RLIM_INFINITY) +- (void) asprintf(&s, "infinity:" RLIM_FMT, rl->rlim_max); ++ (void) asprintf(&s, "infinity:%ju", (uintmax_t)rl->rlim_max); + else if (rl->rlim_max >= RLIM_INFINITY) +- (void) asprintf(&s, RLIM_FMT ":infinity", rl->rlim_cur); ++ (void) asprintf(&s, "%ju:infinity", (uintmax_t)rl->rlim_cur); + else if (rl->rlim_cur == rl->rlim_max) +- (void) asprintf(&s, RLIM_FMT, rl->rlim_cur); ++ (void) asprintf(&s, "%ju", (uintmax_t)rl->rlim_cur); + else +- (void) asprintf(&s, RLIM_FMT ":" RLIM_FMT, rl->rlim_cur, rl->rlim_max); ++ (void) asprintf(&s, "%ju:%ju", (uintmax_t)rl->rlim_cur, (uintmax_t)rl->rlim_max); + + if (!s) + return -ENOMEM; +diff --git a/src/core/execute.c b/src/core/execute.c +index 8ac69d1a0..efedf3842 100644 +--- a/src/core/execute.c ++++ b/src/core/execute.c +@@ -3976,10 +3976,10 @@ void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) { + + for (i = 0; i < RLIM_NLIMITS; i++) + if (c->rlimit[i]) { +- fprintf(f, "Limit%s%s: " RLIM_FMT "\n", +- prefix, rlimit_to_string(i), c->rlimit[i]->rlim_max); +- fprintf(f, "Limit%s%sSoft: " RLIM_FMT "\n", +- prefix, rlimit_to_string(i), c->rlimit[i]->rlim_cur); ++ fprintf(f, "Limit%s%s: %ju\n", ++ prefix, rlimit_to_string(i), (uintmax_t)c->rlimit[i]->rlim_max); ++ fprintf(f, "Limit%s%sSoft: %ju\n", ++ prefix, rlimit_to_string(i), (uintmax_t)c->rlimit[i]->rlim_cur); + } + + if (c->ioprio_set) { +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0014-fix-missing-ULONG_LONG_MAX-definition-in-case-of-mus.patch b/external/poky/meta/recipes-core/systemd/systemd/0014-fix-missing-ULONG_LONG_MAX-definition-in-case-of-mus.patch new file mode 100644 index 00000000..258a631c --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0014-fix-missing-ULONG_LONG_MAX-definition-in-case-of-mus.patch @@ -0,0 +1,30 @@ +From cb59b3af54fb3bbd4d8264fef919810af8d08d16 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Tue, 27 Feb 2018 14:01:30 +0800 +Subject: [PATCH 14/19] fix missing ULONG_LONG_MAX definition in case of musl + +Upstream-Status: Inappropriate [musl] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/basic/missing.h | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/basic/missing.h b/src/basic/missing.h +index cd1cc109f..144058a1a 100644 +--- a/src/basic/missing.h ++++ b/src/basic/missing.h +@@ -54,6 +54,10 @@ struct sockaddr_vm { + }; + #endif /* !HAVE_LINUX_VM_SOCKETS_H */ + ++#ifndef ULONG_LONG_MAX ++#define ULONG_LONG_MAX ULLONG_MAX ++#endif ++ + #ifndef RLIMIT_RTTIME + #define RLIMIT_RTTIME 15 + #endif +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0015-test-hexdecoct.c-Include-missing.h-for-strndupa.patch b/external/poky/meta/recipes-core/systemd/systemd/0015-test-hexdecoct.c-Include-missing.h-for-strndupa.patch new file mode 100644 index 00000000..c7ca9cd4 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0015-test-hexdecoct.c-Include-missing.h-for-strndupa.patch @@ -0,0 +1,28 @@ +From b11109ecc41110c518a98b6ac39611ff86477021 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Mon, 23 Oct 2017 12:33:22 -0700 +Subject: [PATCH 15/19] test-hexdecoct.c: Include missing.h for strndupa + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/test/test-hexdecoct.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/test/test-hexdecoct.c b/src/test/test-hexdecoct.c +index da9f3008b..7ff2dfe0c 100644 +--- a/src/test/test-hexdecoct.c ++++ b/src/test/test-hexdecoct.c +@@ -6,6 +6,7 @@ + #include "hexdecoct.h" + #include "macro.h" + #include "string-util.h" ++#include "missing.h" + + static void test_hexchar(void) { + assert_se(hexchar(0xa) == 'a'); +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0016-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch b/external/poky/meta/recipes-core/systemd/systemd/0016-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch new file mode 100644 index 00000000..c06a3706 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0016-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch @@ -0,0 +1,42 @@ +From c4bbf3efefffe0a4efadbf4e3f0adb54d76fe0e7 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Wed, 28 Feb 2018 21:25:22 -0800 +Subject: [PATCH 16/19] test-sizeof.c: Disable tests for missing typedefs in + musl + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/test/test-sizeof.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/test/test-sizeof.c b/src/test/test-sizeof.c +index 7a1e496ed..386b314d5 100644 +--- a/src/test/test-sizeof.c ++++ b/src/test/test-sizeof.c +@@ -40,8 +40,10 @@ int main(void) { + info(unsigned); + info(long unsigned); + info(long long unsigned); ++#ifdef __GLIBC__ + info(__syscall_ulong_t); + info(__syscall_slong_t); ++#endif + + info(float); + info(double); +@@ -59,7 +61,9 @@ int main(void) { + info(ssize_t); + info(time_t); + info(usec_t); ++#ifdef __GLIBC__ + info(__time_t); ++#endif + info(pid_t); + info(uid_t); + info(gid_t); +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0017-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch b/external/poky/meta/recipes-core/systemd/systemd/0017-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch new file mode 100644 index 00000000..8e47c6f5 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0017-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch @@ -0,0 +1,99 @@ +From 91bb4f5c9c11464468e8d3fa4746d98d59997264 Mon Sep 17 00:00:00 2001 +From: Andre McCurdy <armccurdy@gmail.com> +Date: Tue, 10 Oct 2017 14:33:30 -0700 +Subject: [PATCH 17/19] don't pass AT_SYMLINK_NOFOLLOW flag to faccessat() + +Avoid using AT_SYMLINK_NOFOLLOW flag. It doesn't seem like the right +thing to do and it's not portable (not supported by musl). See: + + http://lists.landley.net/pipermail/toybox-landley.net/2014-September/003610.html + http://www.openwall.com/lists/musl/2015/02/05/2 + +Note that laccess() is never passing AT_EACCESS so a lot of the +discussion in the links above doesn't apply. Note also that +(currently) all systemd callers of laccess() pass mode as F_OK, so +only check for existence of a file, not access permissions. +Therefore, in this case, the only distiction between faccessat() +with (flag == 0) and (flag == AT_SYMLINK_NOFOLLOW) is the behaviour +for broken symlinks; laccess() on a broken symlink will succeed with +(flag == AT_SYMLINK_NOFOLLOW) and fail (flag == 0). + +The laccess() macros was added to systemd some time ago and it's not +clear if or why it needs to return success for broken symlinks. Maybe +just historical and not actually necessary or desired behaviour? + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Andre McCurdy <armccurdy@gmail.com> +--- + src/basic/fs-util.h | 22 +++++++++++++++++++++- + src/shared/base-filesystem.c | 6 +++--- + 2 files changed, 24 insertions(+), 4 deletions(-) + +diff --git a/src/basic/fs-util.h b/src/basic/fs-util.h +index 28566773c..14b864cc5 100644 +--- a/src/basic/fs-util.h ++++ b/src/basic/fs-util.h +@@ -32,7 +32,27 @@ int fchmod_opath(int fd, mode_t m); + + int fd_warn_permissions(const char *path, int fd); + +-#define laccess(path, mode) faccessat(AT_FDCWD, (path), (mode), AT_SYMLINK_NOFOLLOW) ++/* ++ Avoid using AT_SYMLINK_NOFOLLOW flag. It doesn't seem like the right thing to ++ do and it's not portable (not supported by musl). See: ++ ++ http://lists.landley.net/pipermail/toybox-landley.net/2014-September/003610.html ++ http://www.openwall.com/lists/musl/2015/02/05/2 ++ ++ Note that laccess() is never passing AT_EACCESS so a lot of the discussion in ++ the links above doesn't apply. Note also that (currently) all systemd callers ++ of laccess() pass mode as F_OK, so only check for existence of a file, not ++ access permissions. Therefore, in this case, the only distiction between ++ faccessat() with (flag == 0) and (flag == AT_SYMLINK_NOFOLLOW) is the ++ behaviour for broken symlinks; laccess() on a broken symlink will succeed ++ with (flag == AT_SYMLINK_NOFOLLOW) and fail (flag == 0). ++ ++ The laccess() macros was added to systemd some time ago and it's not clear if ++ or why it needs to return success for broken symlinks. Maybe just historical ++ and not actually necessary or desired behaviour? ++*/ ++ ++#define laccess(path, mode) faccessat(AT_FDCWD, (path), (mode), 0) + + int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gid, mode_t mode); + int touch(const char *path); +diff --git a/src/shared/base-filesystem.c b/src/shared/base-filesystem.c +index 89d7a7d59..34b4ad53a 100644 +--- a/src/shared/base-filesystem.c ++++ b/src/shared/base-filesystem.c +@@ -53,7 +53,7 @@ int base_filesystem_create(const char *root, uid_t uid, gid_t gid) { + return log_error_errno(errno, "Failed to open root file system: %m"); + + for (i = 0; i < ELEMENTSOF(table); i ++) { +- if (faccessat(fd, table[i].dir, F_OK, AT_SYMLINK_NOFOLLOW) >= 0) ++ if (faccessat(fd, table[i].dir, F_OK, 0) >= 0) + continue; + + if (table[i].target) { +@@ -61,7 +61,7 @@ int base_filesystem_create(const char *root, uid_t uid, gid_t gid) { + + /* check if one of the targets exists */ + NULSTR_FOREACH(s, table[i].target) { +- if (faccessat(fd, s, F_OK, AT_SYMLINK_NOFOLLOW) < 0) ++ if (faccessat(fd, s, F_OK, 0) < 0) + continue; + + /* check if a specific file exists at the target path */ +@@ -72,7 +72,7 @@ int base_filesystem_create(const char *root, uid_t uid, gid_t gid) { + if (!p) + return log_oom(); + +- if (faccessat(fd, p, F_OK, AT_SYMLINK_NOFOLLOW) < 0) ++ if (faccessat(fd, p, F_OK, 0) < 0) + continue; + } + +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0018-Define-glibc-compatible-basename-for-non-glibc-syste.patch b/external/poky/meta/recipes-core/systemd/systemd/0018-Define-glibc-compatible-basename-for-non-glibc-syste.patch new file mode 100644 index 00000000..1bd0d602 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0018-Define-glibc-compatible-basename-for-non-glibc-syste.patch @@ -0,0 +1,34 @@ +From 97fed07132533a1b2bce9c60e305a5d09aee2e9b Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sun, 27 May 2018 08:36:44 -0700 +Subject: [PATCH 18/19] Define glibc compatible basename() for non-glibc + systems + +Fixes builds with musl, even though systemd is adamant about +using non-posix basename implementation, we have a way out + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/machine/machine-dbus.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c +index 7f41465cc..cee8a5d43 100644 +--- a/src/machine/machine-dbus.c ++++ b/src/machine/machine-dbus.c +@@ -11,6 +11,10 @@ + #include <libgen.h> + #undef basename + ++#if !defined(__GLIBC__) ++#define basename(src) (strrchr(src,'/') ? strrchr(src,'/')+1 : src) ++#endif ++ + #include "alloc-util.h" + #include "bus-common-errors.h" + #include "bus-internal.h" +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0019-Do-not-disable-buffering-when-writing-to-oom_score_a.patch b/external/poky/meta/recipes-core/systemd/systemd/0019-Do-not-disable-buffering-when-writing-to-oom_score_a.patch new file mode 100644 index 00000000..942f4c09 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0019-Do-not-disable-buffering-when-writing-to-oom_score_a.patch @@ -0,0 +1,39 @@ +From 8440348bcac34249cdf6ac2dcae9ac66d3c727db Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Wed, 4 Jul 2018 15:00:44 +0800 +Subject: [PATCH 19/19] Do not disable buffering when writing to oom_score_adj + +On musl, disabling buffering when writing to oom_score_adj will +cause the following error. + + Failed to adjust OOM setting: Invalid argument + +This error appears for systemd-udevd.service and dbus.service. +This is because kernel receives '-' instead of the whole '-900' +if buffering is disabled. + +This is libc implementation specific, as glibc does not have this issue. + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/basic/process-util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/basic/process-util.c b/src/basic/process-util.c +index 3543bc045..d0572e034 100644 +--- a/src/basic/process-util.c ++++ b/src/basic/process-util.c +@@ -1473,7 +1473,7 @@ int set_oom_score_adjust(int value) { + sprintf(t, "%i", value); + + return write_string_file("/proc/self/oom_score_adj", t, +- WRITE_STRING_FILE_VERIFY_ON_FAILURE|WRITE_STRING_FILE_DISABLE_BUFFER); ++ WRITE_STRING_FILE_VERIFY_ON_FAILURE); + } + + static const char *const ioprio_class_table[] = { +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0020-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch b/external/poky/meta/recipes-core/systemd/systemd/0020-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch new file mode 100644 index 00000000..5c78cabb --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0020-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch @@ -0,0 +1,62 @@ +From dd53dc9b9542cbd2c39a39096941dfed70d06506 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Tue, 10 Jul 2018 15:40:17 +0800 +Subject: [PATCH 20/20] distinguish XSI-compliant strerror_r from GNU-specifi + strerror_r + +XSI-compliant strerror_r and GNU-specifi strerror_r are different. + + int strerror_r(int errnum, char *buf, size_t buflen); + /* XSI-compliant */ + + char *strerror_r(int errnum, char *buf, size_t buflen); + /* GNU-specific */ + +We need to distinguish between them. Otherwise, we'll get an int value +assigned to (char *) variable, resulting in segment fault. + +Upstream-Status: Inappropriate [musl specific] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/journal/journal-send.c | 5 +++++ + src/libsystemd/sd-bus/bus-error.c | 5 +++++ + 2 files changed, 10 insertions(+) + +diff --git a/src/journal/journal-send.c b/src/journal/journal-send.c +index 65bcbcd2e..aef80dd8f 100644 +--- a/src/journal/journal-send.c ++++ b/src/journal/journal-send.c +@@ -337,7 +337,12 @@ static int fill_iovec_perror_and_send(const char *message, int skip, struct iove + char* j; + + errno = 0; ++#ifndef __GLIBC__ ++ strerror_r(_saved_errno_, buffer + 8 + k, n - 8 - k); ++ j = buffer + 8 + k; ++#else + j = strerror_r(_saved_errno_, buffer + 8 + k, n - 8 - k); ++#endif + if (errno == 0) { + char error[STRLEN("ERRNO=") + DECIMAL_STR_MAX(int) + 1]; + +diff --git a/src/libsystemd/sd-bus/bus-error.c b/src/libsystemd/sd-bus/bus-error.c +index ec359ac13..d2aa86cea 100644 +--- a/src/libsystemd/sd-bus/bus-error.c ++++ b/src/libsystemd/sd-bus/bus-error.c +@@ -362,7 +362,12 @@ static void bus_error_strerror(sd_bus_error *e, int error) { + return; + + errno = 0; ++#ifndef __GLIBC__ ++ strerror_r(error, m, k); ++ x = m; ++#else + x = strerror_r(error, m, k); ++#endif + if (errno == ERANGE || strlen(x) >= k - 1) { + free(m); + k *= 2; +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0021-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch b/external/poky/meta/recipes-core/systemd/systemd/0021-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch new file mode 100644 index 00000000..668f2732 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0021-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch @@ -0,0 +1,34 @@ +From 687a5af8dc5d38f918a6ce08fed5297234bf8346 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 2 Mar 2018 18:00:17 -0800 +Subject: [PATCH] Hide __start_BUS_ERROR_MAP and __stop_BUS_ERROR_MAP + +for currently unknown reasons they get exported to the shared libries +even without being listed in the sym file + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + +Upstream-Status: Pending [ Conditional on master needing this, 239 does need it ] + + src/libsystemd/sd-bus/bus-error.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/libsystemd/sd-bus/bus-error.c b/src/libsystemd/sd-bus/bus-error.c +index 378f7a377..49d797abd 100644 +--- a/src/libsystemd/sd-bus/bus-error.c ++++ b/src/libsystemd/sd-bus/bus-error.c +@@ -71,8 +71,8 @@ BUS_ERROR_MAP_ELF_REGISTER const sd_bus_error_map bus_standard_errors[] = { + }; + + /* GCC maps this magically to the beginning and end of the BUS_ERROR_MAP section */ +-extern const sd_bus_error_map __start_BUS_ERROR_MAP[]; +-extern const sd_bus_error_map __stop_BUS_ERROR_MAP[]; ++extern const sd_bus_error_map __start_BUS_ERROR_MAP[] _hidden_; ++extern const sd_bus_error_map __stop_BUS_ERROR_MAP[] _hidden_; + + /* Additional maps registered with sd_bus_error_add_map() are in this + * NULL terminated array */ +-- +2.16.2 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0022-build-sys-Detect-whether-struct-statx-is-defined-in-.patch b/external/poky/meta/recipes-core/systemd/systemd/0022-build-sys-Detect-whether-struct-statx-is-defined-in-.patch new file mode 100644 index 00000000..962463f0 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0022-build-sys-Detect-whether-struct-statx-is-defined-in-.patch @@ -0,0 +1,109 @@ +From 75720bff62a84896e9a0654afc7cf9408cf89a38 Mon Sep 17 00:00:00 2001 +From: Filipe Brandenburger <filbranden@google.com> +Date: Sun, 15 Jul 2018 22:43:35 -0700 +Subject: [PATCH] build-sys: Detect whether struct statx is defined in + sys/stat.h +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Starting with glibc 2.27.9000-36.fc29, include file sys/stat.h will have a +definition for struct statx, in which case include file linux/stat.h should be +avoided, in order to prevent a duplicate definition. + + In file included from ../src/basic/missing.h:18, + from ../src/basic/util.h:28, + from ../src/basic/hashmap.h:10, + from ../src/shared/bus-util.h:12, + from ../src/libsystemd/sd-bus/bus-creds.c:11: + /usr/include/linux/stat.h:99:8: error: redefinition of ‘struct statx’ + struct statx { + ^~~~~ + In file included from /usr/include/sys/stat.h:446, + from ../src/basic/util.h:19, + from ../src/basic/hashmap.h:10, + from ../src/shared/bus-util.h:12, + from ../src/libsystemd/sd-bus/bus-creds.c:11: + /usr/include/bits/statx.h:36:8: note: originally defined here + struct statx + ^~~~~ + +Extend our meson.build to look for struct statx when only sys/stat.h is +included and, in that case, do not include linux/stat.h anymore. + +Tested that systemd builds correctly when using a glibc version that includes a +definition for struct statx. + +glibc Fedora RPM update: +https://src.fedoraproject.org/rpms/glibc/c/28cb5d31fc1e5887912283c889689c47076278ae + +glibc upstream commit: +https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=fd70af45528d59a00eb3190ef6706cb299488fcd +--- + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> + + meson.build | 5 +++++ + src/basic/missing.h | 5 ++++- + src/basic/xattr-util.c | 1 - + 3 files changed, 9 insertions(+), 2 deletions(-) + +Index: git/meson.build +=================================================================== +--- git.orig/meson.build ++++ git/meson.build +@@ -432,6 +432,7 @@ decl_headers = ''' + #include <sys/stat.h> + ''' + # FIXME: key_serial_t is only defined in keyutils.h, this is bound to fail ++# FIXME: these should use -D_GNU_SOURCE, since that is defined at build time + + foreach decl : ['char16_t', + 'char32_t', +@@ -446,6 +447,10 @@ foreach decl : ['char16_t', + conf.set10('HAVE_' + decl.underscorify().to_upper(), have) + endforeach + ++conf.set10('HAVE_STRUCT_STATX_IN_SYS_STAT_H', cc.sizeof('struct statx', prefix : ''' ++#include <sys/stat.h> ++''', args : '-D_GNU_SOURCE') > 0) ++ + foreach decl : [['IFLA_INET6_ADDR_GEN_MODE', 'linux/if_link.h'], + ['IN6_ADDR_GEN_MODE_STABLE_PRIVACY', 'linux/if_link.h'], + ['IFLA_VRF_TABLE', 'linux/if_link.h'], +Index: git/src/basic/missing.h +=================================================================== +--- git.orig/src/basic/missing.h ++++ git/src/basic/missing.h +@@ -15,7 +15,6 @@ + #include <linux/neighbour.h> + #include <linux/oom.h> + #include <linux/rtnetlink.h> +-#include <linux/stat.h> + #include <net/ethernet.h> + #include <stdlib.h> + #include <sys/resource.h> +@@ -25,6 +24,10 @@ + #include <uchar.h> + #include <unistd.h> + ++#if !HAVE_STRUCT_STATX_IN_SYS_STAT_H ++#include <linux/stat.h> ++#endif ++ + #if HAVE_AUDIT + #include <libaudit.h> + #endif +Index: git/src/basic/xattr-util.c +=================================================================== +--- git.orig/src/basic/xattr-util.c ++++ git/src/basic/xattr-util.c +@@ -2,7 +2,6 @@ + + #include <errno.h> + #include <fcntl.h> +-#include <linux/stat.h> + #include <stdint.h> + #include <stdlib.h> + #include <string.h> diff --git a/external/poky/meta/recipes-core/systemd/systemd/0023-resolvconf-fixes-for-the-compatibility-interface.patch b/external/poky/meta/recipes-core/systemd/systemd/0023-resolvconf-fixes-for-the-compatibility-interface.patch new file mode 100644 index 00000000..2f3e776a --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0023-resolvconf-fixes-for-the-compatibility-interface.patch @@ -0,0 +1,58 @@ +systemd-239: fixes for the compatibility interface + +[No upstream tracking] -- https://github.com/systemd/systemd/issues/9423 + +resolvconf-compat: use compat_main() when called as `resolvconf`, +since the interface is closer to that of `systemd-resolve`. + +Use a heap allocated string to set arg_ifname, since a stack allocated +one would be lost after the function returns. (This last one broke the +case where an interface name was suffixed with a dot, such as in +`resolvconf -a tap0.dhcp`.) + +Tested: + $ build/resolvconf -a nonexistent.abc </etc/resolv.conf + Unknown interface 'nonexistent': No such device + +Upstream-Status: Backport [https://github.com/systemd/systemd/commit/5a01b3f35d7b6182c78b6973db8d99bdabd4f9c3] +bug: 9423 +Signed-off-by: Simon Ausserlechner <simon.ausserlechner@siemens.com> + +diff --git a/src/resolve/resolvconf-compat.c b/src/resolve/resolvconf-compat.c +index d7e68003e..072345894 100644 +--- a/src/resolve/resolvconf-compat.c ++++ b/src/resolve/resolvconf-compat.c +@@ -53,6 +53,8 @@ static int parse_nameserver(const char *string) { + + if (strv_push(&arg_set_dns, word) < 0) + return log_oom(); ++ ++ word = NULL; + } + + return 0; +@@ -202,7 +204,7 @@ int resolvconf_parse_argv(int argc, char *argv[]) { + + dot = strchr(argv[optind], '.'); + if (dot) { +- iface = strndupa(argv[optind], dot - argv[optind]); ++ iface = strndup(argv[optind], dot - argv[optind]); + log_debug("Ignoring protocol specifier '%s'.", dot + 1); + } else + iface = argv[optind]; +diff --git a/src/resolve/resolvectl.c b/src/resolve/resolvectl.c +index e96c13fea..e9e395e3e 100644 +--- a/src/resolve/resolvectl.c ++++ b/src/resolve/resolvectl.c +@@ -3092,7 +3092,7 @@ int main(int argc, char **argv) { + goto finish; + } + +- if (streq(program_invocation_short_name, "systemd-resolve")) ++ if (STR_IN_SET(program_invocation_short_name, "systemd-resolve", "resolvconf")) + r = compat_main(argc, argv, bus); + else + r = native_main(argc, argv, bus); +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0024-journald-do-not-store-the-iovec-entry-for-process-co.patch b/external/poky/meta/recipes-core/systemd/systemd/0024-journald-do-not-store-the-iovec-entry-for-process-co.patch new file mode 100644 index 00000000..c2f78be3 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0024-journald-do-not-store-the-iovec-entry-for-process-co.patch @@ -0,0 +1,208 @@ +From 9cb07e7d82c7c4f28bbaa1478e1387e8ea3d03dd Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl> +Date: Wed, 5 Dec 2018 18:38:39 +0100 +Subject: [PATCH] journald: do not store the iovec entry for process + commandline on stack + +This fixes a crash where we would read the commandline, whose length is under +control of the sending program, and then crash when trying to create a stack +allocation for it. + +CVE-2018-16864 +https://bugzilla.redhat.com/show_bug.cgi?id=1653855 + +The message actually doesn't get written to disk, because +journal_file_append_entry() returns -E2BIG. + +Patch backported from systemd master at +084eeb865ca63887098e0945fb4e93c852b91b0f. + +CVE: CVE-2018-16864 +Upstream-Status: Backport +Signed-off-by: Marcus Cooper <marcusc@axis.com> +--- + src/basic/io-util.c | 10 ++++++++++ + src/basic/io-util.h | 2 ++ + src/coredump/coredump.c | 31 +++++++++++-------------------- + src/journal/journald-server.c | 25 +++++++++++++++---------- + 4 files changed, 38 insertions(+), 30 deletions(-) + +diff --git a/src/basic/io-util.c b/src/basic/io-util.c +index 1f64cc933b..575398fbe6 100644 +--- a/src/basic/io-util.c ++++ b/src/basic/io-util.c +@@ -8,6 +8,7 @@ + #include <unistd.h> + + #include "io-util.h" ++#include "string-util.h" + #include "time-util.h" + + int flush_fd(int fd) { +@@ -252,3 +253,12 @@ ssize_t sparse_write(int fd, const void *p, size_t sz, size_t run_length) { + + return q - (const uint8_t*) p; + } ++ ++char* set_iovec_string_field(struct iovec *iovec, size_t *n_iovec, const char *field, const char *value) { ++ char *x; ++ ++ x = strappend(field, value); ++ if (x) ++ iovec[(*n_iovec)++] = IOVEC_MAKE_STRING(x); ++ return x; ++} +diff --git a/src/basic/io-util.h b/src/basic/io-util.h +index ed189b5820..792a64ad5e 100644 +--- a/src/basic/io-util.h ++++ b/src/basic/io-util.h +@@ -71,3 +71,5 @@ static inline bool FILE_SIZE_VALID_OR_INFINITY(uint64_t l) { + #define IOVEC_MAKE(base, len) (struct iovec) IOVEC_INIT(base, len) + #define IOVEC_INIT_STRING(string) IOVEC_INIT((char*) string, strlen(string)) + #define IOVEC_MAKE_STRING(string) (struct iovec) IOVEC_INIT_STRING(string) ++ ++char* set_iovec_string_field(struct iovec *iovec, size_t *n_iovec, const char *field, const char *value); +diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c +index 20a1cbdd45..18e4f61d72 100644 +--- a/src/coredump/coredump.c ++++ b/src/coredump/coredump.c +@@ -1053,19 +1053,10 @@ static int send_iovec(const struct iovec iovec[], size_t n_iovec, int input_fd) + return 0; + } + +-static char* set_iovec_field(struct iovec *iovec, size_t *n_iovec, const char *field, const char *value) { +- char *x; +- +- x = strappend(field, value); +- if (x) +- iovec[(*n_iovec)++] = IOVEC_MAKE_STRING(x); +- return x; +-} +- + static char* set_iovec_field_free(struct iovec *iovec, size_t *n_iovec, const char *field, char *value) { + char *x; + +- x = set_iovec_field(iovec, n_iovec, field, value); ++ x = set_iovec_string_field(iovec, n_iovec, field, value); + free(value); + return x; + } +@@ -1115,36 +1106,36 @@ static int gather_pid_metadata( + disable_coredumps(); + } + +- set_iovec_field(iovec, n_iovec, "COREDUMP_UNIT=", context[CONTEXT_UNIT]); ++ set_iovec_string_field(iovec, n_iovec, "COREDUMP_UNIT=", context[CONTEXT_UNIT]); + } + + if (cg_pid_get_user_unit(pid, &t) >= 0) + set_iovec_field_free(iovec, n_iovec, "COREDUMP_USER_UNIT=", t); + + /* The next few are mandatory */ +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_PID=", context[CONTEXT_PID])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_PID=", context[CONTEXT_PID])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_UID=", context[CONTEXT_UID])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_UID=", context[CONTEXT_UID])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_GID=", context[CONTEXT_GID])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_GID=", context[CONTEXT_GID])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_SIGNAL=", context[CONTEXT_SIGNAL])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_SIGNAL=", context[CONTEXT_SIGNAL])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_RLIMIT=", context[CONTEXT_RLIMIT])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_RLIMIT=", context[CONTEXT_RLIMIT])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_HOSTNAME=", context[CONTEXT_HOSTNAME])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_HOSTNAME=", context[CONTEXT_HOSTNAME])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_COMM=", context[CONTEXT_COMM])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_COMM=", context[CONTEXT_COMM])) + return log_oom(); + + if (context[CONTEXT_EXE] && +- !set_iovec_field(iovec, n_iovec, "COREDUMP_EXE=", context[CONTEXT_EXE])) ++ !set_iovec_string_field(iovec, n_iovec, "COREDUMP_EXE=", context[CONTEXT_EXE])) + return log_oom(); + + if (sd_pid_get_session(pid, &t) >= 0) +@@ -1212,7 +1203,7 @@ static int gather_pid_metadata( + iovec[(*n_iovec)++] = IOVEC_MAKE_STRING(t); + + if (safe_atoi(context[CONTEXT_SIGNAL], &signo) >= 0 && SIGNAL_VALID(signo)) +- set_iovec_field(iovec, n_iovec, "COREDUMP_SIGNAL_NAME=SIG", signal_to_string(signo)); ++ set_iovec_string_field(iovec, n_iovec, "COREDUMP_SIGNAL_NAME=SIG", signal_to_string(signo)); + + return 0; /* we successfully acquired all metadata */ + } +diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c +index 4f1550ec5b..31be085c6b 100644 +--- a/src/journal/journald-server.c ++++ b/src/journal/journald-server.c +@@ -753,6 +753,7 @@ static void dispatch_message_real( + pid_t object_pid) { + + char source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)]; ++ _cleanup_free_ char *cmdline1 = NULL, *cmdline2 = NULL; + uid_t journal_uid; + ClientContext *o; + +@@ -769,20 +770,23 @@ static void dispatch_message_real( + IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->uid, uid_t, uid_is_valid, UID_FMT, "_UID"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->gid, gid_t, gid_is_valid, GID_FMT, "_GID"); + +- IOVEC_ADD_STRING_FIELD(iovec, n, c->comm, "_COMM"); +- IOVEC_ADD_STRING_FIELD(iovec, n, c->exe, "_EXE"); +- IOVEC_ADD_STRING_FIELD(iovec, n, c->cmdline, "_CMDLINE"); +- IOVEC_ADD_STRING_FIELD(iovec, n, c->capeff, "_CAP_EFFECTIVE"); ++ IOVEC_ADD_STRING_FIELD(iovec, n, c->comm, "_COMM"); /* At most TASK_COMM_LENGTH (16 bytes) */ ++ IOVEC_ADD_STRING_FIELD(iovec, n, c->exe, "_EXE"); /* A path, so at most PATH_MAX (4096 bytes) */ + +- IOVEC_ADD_SIZED_FIELD(iovec, n, c->label, c->label_size, "_SELINUX_CONTEXT"); ++ if (c->cmdline) ++ /* At most _SC_ARG_MAX (2MB usually), which is too much to put on stack. ++ * Let's use a heap allocation for this one. */ ++ cmdline1 = set_iovec_string_field(iovec, &n, "_CMDLINE=", c->cmdline); + ++ IOVEC_ADD_STRING_FIELD(iovec, n, c->capeff, "_CAP_EFFECTIVE"); /* Read from /proc/.../status */ ++ IOVEC_ADD_SIZED_FIELD(iovec, n, c->label, c->label_size, "_SELINUX_CONTEXT"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->auditid, uint32_t, audit_session_is_valid, "%" PRIu32, "_AUDIT_SESSION"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->loginuid, uid_t, uid_is_valid, UID_FMT, "_AUDIT_LOGINUID"); + +- IOVEC_ADD_STRING_FIELD(iovec, n, c->cgroup, "_SYSTEMD_CGROUP"); ++ IOVEC_ADD_STRING_FIELD(iovec, n, c->cgroup, "_SYSTEMD_CGROUP"); /* A path */ + IOVEC_ADD_STRING_FIELD(iovec, n, c->session, "_SYSTEMD_SESSION"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->owner_uid, uid_t, uid_is_valid, UID_FMT, "_SYSTEMD_OWNER_UID"); +- IOVEC_ADD_STRING_FIELD(iovec, n, c->unit, "_SYSTEMD_UNIT"); ++ IOVEC_ADD_STRING_FIELD(iovec, n, c->unit, "_SYSTEMD_UNIT"); /* Unit names are bounded by UNIT_NAME_MAX */ + IOVEC_ADD_STRING_FIELD(iovec, n, c->user_unit, "_SYSTEMD_USER_UNIT"); + IOVEC_ADD_STRING_FIELD(iovec, n, c->slice, "_SYSTEMD_SLICE"); + IOVEC_ADD_STRING_FIELD(iovec, n, c->user_slice, "_SYSTEMD_USER_SLICE"); +@@ -803,13 +807,14 @@ static void dispatch_message_real( + IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->uid, uid_t, uid_is_valid, UID_FMT, "OBJECT_UID"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->gid, gid_t, gid_is_valid, GID_FMT, "OBJECT_GID"); + ++ /* See above for size limits, only ->cmdline may be large, so use a heap allocation for it. */ + IOVEC_ADD_STRING_FIELD(iovec, n, o->comm, "OBJECT_COMM"); + IOVEC_ADD_STRING_FIELD(iovec, n, o->exe, "OBJECT_EXE"); +- IOVEC_ADD_STRING_FIELD(iovec, n, o->cmdline, "OBJECT_CMDLINE"); +- IOVEC_ADD_STRING_FIELD(iovec, n, o->capeff, "OBJECT_CAP_EFFECTIVE"); ++ if (o->cmdline) ++ cmdline2 = set_iovec_string_field(iovec, &n, "OBJECT_CMDLINE=", o->cmdline); + ++ IOVEC_ADD_STRING_FIELD(iovec, n, o->capeff, "OBJECT_CAP_EFFECTIVE"); + IOVEC_ADD_SIZED_FIELD(iovec, n, o->label, o->label_size, "OBJECT_SELINUX_CONTEXT"); +- + IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->auditid, uint32_t, audit_session_is_valid, "%" PRIu32, "OBJECT_AUDIT_SESSION"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->loginuid, uid_t, uid_is_valid, UID_FMT, "OBJECT_AUDIT_LOGINUID"); + +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields.patch b/external/poky/meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields.patch new file mode 100644 index 00000000..ae9ef5de --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields.patch @@ -0,0 +1,139 @@ +From 7cad044b72406cbadf048da432c29afea74c3c10 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl> +Date: Wed, 5 Dec 2018 22:45:02 +0100 +Subject: [PATCH] journald: set a limit on the number of fields + +The fix for CVE-2018-16865 is plucked from two commits that have +been pushed to systemd master. + +journald: set a limit on the number of fields (1k) + +We allocate a iovec entry for each field, so with many short entries, +our memory usage and processing time can be large, even with a relatively +small message size. Let's refuse overly long entries. + +CVE-2018-16865 +https://bugzilla.redhat.com/show_bug.cgi?id=1653861 + +What from I can see, the problem is not from an alloca, despite what the CVE +description says, but from the attack multiplication that comes from creating +many very small iovecs: (void* + size_t) for each three bytes of input message. + +Patch backported from systemd master at +052c57f132f04a3cf4148f87561618da1a6908b4. + +journal-remote: set a limit on the number of fields in a message + +Existing use of E2BIG is replaced with ENOBUFS (entry too long), and E2BIG is +reused for the new error condition (too many fields). + +This matches the change done for systemd-journald, hence forming the second +part of the fix for CVE-2018-16865 +(https://bugzilla.redhat.com/show_bug.cgi?id=1653861). + +Patch backported from systemd master at +ef4d6abe7c7fab6cbff975b32e76b09feee56074. +with the changes applied by 7fdb237f5473cb8fc2129e57e8a0039526dcb4fd +removed. + +CVE: CVE-2018-16865 +Upstream-Status: Backport +Signed-off-by: Marcus Cooper <marcusc@axis.com> +--- + src/basic/journal-importer.c | 5 ++++- + src/basic/journal-importer.h | 3 +++ + src/journal-remote/journal-remote-main.c | 7 ++++++- + src/journal-remote/journal-remote.c | 5 ++++- + src/journal/journald-native.c | 5 +++++ + 5 files changed, 22 insertions(+), 3 deletions(-) + +diff --git a/src/basic/journal-importer.c b/src/basic/journal-importer.c +index ca203bbbfc..3ac55a66d9 100644 +--- a/src/basic/journal-importer.c ++++ b/src/basic/journal-importer.c +@@ -23,6 +23,9 @@ enum { + }; + + static int iovw_put(struct iovec_wrapper *iovw, void* data, size_t len) { ++ if (iovw->count >= ENTRY_FIELD_COUNT_MAX) ++ return -E2BIG; ++ + if (!GREEDY_REALLOC(iovw->iovec, iovw->size_bytes, iovw->count + 1)) + return log_oom(); + +@@ -98,7 +101,7 @@ static int get_line(JournalImporter *imp, char **line, size_t *size) { + imp->scanned = imp->filled; + if (imp->scanned >= DATA_SIZE_MAX) { + log_error("Entry is bigger than %u bytes.", DATA_SIZE_MAX); +- return -E2BIG; ++ return -ENOBUFS; + } + + if (imp->passive_fd) +diff --git a/src/basic/journal-importer.h b/src/basic/journal-importer.h +index f49ce734a1..c4ae45d32d 100644 +--- a/src/basic/journal-importer.h ++++ b/src/basic/journal-importer.h +@@ -16,6 +16,9 @@ + #define DATA_SIZE_MAX (1024*1024*768u) + #define LINE_CHUNK 8*1024u + ++/* The maximum number of fields in an entry */ ++#define ENTRY_FIELD_COUNT_MAX 1024 ++ + struct iovec_wrapper { + struct iovec *iovec; + size_t size_bytes; +diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c +index 8fda9d1499..3a01fef646 100644 +--- a/src/journal-remote/journal-remote-main.c ++++ b/src/journal-remote/journal-remote-main.c +@@ -212,7 +212,12 @@ static int process_http_upload( + break; + else if (r < 0) { + log_warning("Failed to process data for connection %p", connection); +- if (r == -E2BIG) ++ if (r == -ENOBUFS) ++ return mhd_respondf(connection, ++ r, MHD_HTTP_PAYLOAD_TOO_LARGE, ++ "Entry is above the maximum of %u, aborting connection %p.", ++ DATA_SIZE_MAX, connection); ++ else if (r == -E2BIG) + return mhd_respondf(connection, + r, MHD_HTTP_PAYLOAD_TOO_LARGE, + "Entry is too large, maximum is " STRINGIFY(DATA_SIZE_MAX) " bytes."); +diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c +index beb75a1cb4..67e3a70c06 100644 +--- a/src/journal-remote/journal-remote.c ++++ b/src/journal-remote/journal-remote.c +@@ -408,7 +408,10 @@ int journal_remote_handle_raw_source( + log_debug("%zu active sources remaining", s->active); + return 0; + } else if (r == -E2BIG) { +- log_notice_errno(E2BIG, "Entry too big, skipped"); ++ log_notice("Entry with too many fields, skipped"); ++ return 1; ++ } else if (r == -ENOBUFS) { ++ log_notice("Entry too big, skipped"); + return 1; + } else if (r == -EAGAIN) { + return 0; +diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c +index 5ff22a10af..951d092053 100644 +--- a/src/journal/journald-native.c ++++ b/src/journal/journald-native.c +@@ -140,6 +140,11 @@ static int server_process_entry( + } + + /* A property follows */ ++ if (n > ENTRY_FIELD_COUNT_MAX) { ++ log_debug("Received an entry that has more than " STRINGIFY(ENTRY_FIELD_COUNT_MAX) " fields, ignoring entry."); ++ r = 1; ++ goto finish; ++ } + + /* n existing properties, 1 new, +1 for _TRANSPORT */ + if (!GREEDY_REALLOC(iovec, m, +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/0026-journal-fix-out-of-bounds-read-CVE-2018-16866.patch b/external/poky/meta/recipes-core/systemd/systemd/0026-journal-fix-out-of-bounds-read-CVE-2018-16866.patch new file mode 100644 index 00000000..3925a4ab --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/0026-journal-fix-out-of-bounds-read-CVE-2018-16866.patch @@ -0,0 +1,49 @@ +From ebd06c37d4311db9851f4d3fdd023de3dd590de0 Mon Sep 17 00:00:00 2001 +From: Filipe Brandenburger <filbranden@google.com> +Date: Thu, 10 Jan 2019 14:53:33 -0800 +Subject: [PATCH] journal: fix out-of-bounds read CVE-2018-16866 + +The original code didn't account for the fact that strchr() would match on the +'\0' character, making it read past the end of the buffer if no non-whitespace +character was present. + +This bug was introduced in commit ec5ff4445cca6a which was first released in +systemd v221 and later fixed in commit 8595102d3ddde6 which was released in +v240, so versions in the range [v221, v240) are affected. + +Patch backported from systemd-stable at f005e73d3723d62a39be661931fcb6347119b52b +also includes a change from systemd master which removes a heap buffer overflow +a6aadf4ae0bae185dc4c414d492a4a781c80ffe5. + +CVE: CVE-2018-16866 +Upstream-Status: Backport +Signed-off-by: Marcus Cooper <marcusc@axis.com> +--- + src/journal/journald-syslog.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c +index 9dea116722..809b318c06 100644 +--- a/src/journal/journald-syslog.c ++++ b/src/journal/journald-syslog.c +@@ -194,7 +194,7 @@ size_t syslog_parse_identifier(const char **buf, char **identifier, char **pid) + e = l; + l--; + +- if (p[l-1] == ']') { ++ if (l > 0 && p[l-1] == ']') { + size_t k = l-1; + + for (;;) { +@@ -219,7 +219,7 @@ size_t syslog_parse_identifier(const char **buf, char **identifier, char **pid) + if (t) + *identifier = t; + +- if (strchr(WHITESPACE, p[e])) ++ if (p[e] != '\0' && strchr(WHITESPACE, p[e])) + e++; + *buf = p + e; + return e; +-- +2.11.0 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/CVE-2019-6454.patch b/external/poky/meta/recipes-core/systemd/systemd/CVE-2019-6454.patch new file mode 100644 index 00000000..80170dac --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/CVE-2019-6454.patch @@ -0,0 +1,210 @@ +Description: sd-bus: enforce a size limit for dbus paths, and don't allocate + them on the stacka +Forwarded: no + +Patch from: systemd_239-7ubuntu10.8 + +For information see: +https://usn.ubuntu.com/3891-1/ +https://git.launchpad.net/ubuntu/+source/systemd/commit/?id=f8e75d5634904c8e672658856508c3a02f349adb + +CVE: CVE-2019-6454 +Upstream-Status: Backport + +Signed-off-by: George McCollister <george.mccollister@gmail.com> + +--- a/src/libsystemd/sd-bus/bus-internal.c ++++ b/src/libsystemd/sd-bus/bus-internal.c +@@ -45,7 +45,7 @@ + if (slash) + return false; + +- return true; ++ return (q - p) <= BUS_PATH_SIZE_MAX; + } + + char* object_path_startswith(const char *a, const char *b) { +--- a/src/libsystemd/sd-bus/bus-internal.h ++++ b/src/libsystemd/sd-bus/bus-internal.h +@@ -333,6 +333,10 @@ + + #define BUS_MESSAGE_SIZE_MAX (128*1024*1024) + #define BUS_AUTH_SIZE_MAX (64*1024) ++/* Note that the D-Bus specification states that bus paths shall have no size limit. We enforce here one ++ * anyway, since truly unbounded strings are a security problem. The limit we pick is relatively large however, ++ * to not clash unnecessarily with real-life applications. */ ++#define BUS_PATH_SIZE_MAX (64*1024) + + #define BUS_CONTAINER_DEPTH 128 + +--- a/src/libsystemd/sd-bus/bus-objects.c ++++ b/src/libsystemd/sd-bus/bus-objects.c +@@ -1134,7 +1134,8 @@ + const char *path, + sd_bus_error *error) { + +- char *prefix; ++ _cleanup_free_ char *prefix = NULL; ++ size_t pl; + int r; + + assert(bus); +@@ -1150,7 +1151,12 @@ + return 0; + + /* Second, add fallback vtables registered for any of the prefixes */ +- prefix = alloca(strlen(path) + 1); ++ pl = strlen(path); ++ assert(pl <= BUS_PATH_SIZE_MAX); ++ prefix = new(char, pl + 1); ++ if (!prefix) ++ return -ENOMEM; ++ + OBJECT_PATH_FOREACH_PREFIX(prefix, path) { + r = object_manager_serialize_path(bus, reply, prefix, path, true, error); + if (r < 0) +@@ -1346,6 +1352,7 @@ + } + + int bus_process_object(sd_bus *bus, sd_bus_message *m) { ++ _cleanup_free_ char *prefix = NULL; + int r; + size_t pl; + bool found_object = false; +@@ -1370,9 +1377,12 @@ + assert(m->member); + + pl = strlen(m->path); +- do { +- char prefix[pl+1]; ++ assert(pl <= BUS_PATH_SIZE_MAX); ++ prefix = new(char, pl + 1); ++ if (!prefix) ++ return -ENOMEM; + ++ do { + bus->nodes_modified = false; + + r = object_find_and_run(bus, m, m->path, false, &found_object); +@@ -1499,9 +1509,15 @@ + + n = hashmap_get(bus->nodes, path); + if (!n) { +- char *prefix; ++ _cleanup_free_ char *prefix = NULL; ++ size_t pl; ++ ++ pl = strlen(path); ++ assert(pl <= BUS_PATH_SIZE_MAX); ++ prefix = new(char, pl + 1); ++ if (!prefix) ++ return -ENOMEM; + +- prefix = alloca(strlen(path) + 1); + OBJECT_PATH_FOREACH_PREFIX(prefix, path) { + n = hashmap_get(bus->nodes, prefix); + if (n) +@@ -2091,8 +2107,9 @@ + char **names) { + + BUS_DONT_DESTROY(bus); ++ _cleanup_free_ char *prefix = NULL; + bool found_interface = false; +- char *prefix; ++ size_t pl; + int r; + + assert_return(bus, -EINVAL); +@@ -2111,6 +2128,12 @@ + if (names && names[0] == NULL) + return 0; + ++ pl = strlen(path); ++ assert(pl <= BUS_PATH_SIZE_MAX); ++ prefix = new(char, pl + 1); ++ if (!prefix) ++ return -ENOMEM; ++ + do { + bus->nodes_modified = false; + +@@ -2120,7 +2143,6 @@ + if (bus->nodes_modified) + continue; + +- prefix = alloca(strlen(path) + 1); + OBJECT_PATH_FOREACH_PREFIX(prefix, path) { + r = emit_properties_changed_on_interface(bus, prefix, path, interface, true, &found_interface, names); + if (r != 0) +@@ -2252,7 +2274,8 @@ + + static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *path) { + _cleanup_set_free_ Set *s = NULL; +- char *prefix; ++ _cleanup_free_ char *prefix = NULL; ++ size_t pl; + int r; + + assert(bus); +@@ -2297,7 +2320,12 @@ + if (bus->nodes_modified) + return 0; + +- prefix = alloca(strlen(path) + 1); ++ pl = strlen(path); ++ assert(pl <= BUS_PATH_SIZE_MAX); ++ prefix = new(char, pl + 1); ++ if (!prefix) ++ return -ENOMEM; ++ + OBJECT_PATH_FOREACH_PREFIX(prefix, path) { + r = object_added_append_all_prefix(bus, m, s, prefix, path, true); + if (r < 0) +@@ -2436,7 +2464,8 @@ + + static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char *path) { + _cleanup_set_free_ Set *s = NULL; +- char *prefix; ++ _cleanup_free_ char *prefix = NULL; ++ size_t pl; + int r; + + assert(bus); +@@ -2468,7 +2497,12 @@ + if (bus->nodes_modified) + return 0; + +- prefix = alloca(strlen(path) + 1); ++ pl = strlen(path); ++ assert(pl <= BUS_PATH_SIZE_MAX); ++ prefix = new(char, pl + 1); ++ if (!prefix) ++ return -ENOMEM; ++ + OBJECT_PATH_FOREACH_PREFIX(prefix, path) { + r = object_removed_append_all_prefix(bus, m, s, prefix, path, true); + if (r < 0) +@@ -2618,7 +2652,8 @@ + const char *path, + const char *interface) { + +- char *prefix; ++ _cleanup_free_ char *prefix = NULL; ++ size_t pl; + int r; + + assert(bus); +@@ -2632,7 +2667,12 @@ + if (bus->nodes_modified) + return 0; + +- prefix = alloca(strlen(path) + 1); ++ pl = strlen(path); ++ assert(pl <= BUS_PATH_SIZE_MAX); ++ prefix = new(char, pl + 1); ++ if (!prefix) ++ return -ENOMEM; ++ + OBJECT_PATH_FOREACH_PREFIX(prefix, path) { + r = interfaces_added_append_one_prefix(bus, m, prefix, path, interface, true); + if (r != 0) diff --git a/external/poky/meta/recipes-core/systemd/systemd/init b/external/poky/meta/recipes-core/systemd/systemd/init new file mode 100644 index 00000000..ea52be48 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/init @@ -0,0 +1,104 @@ +#!/bin/sh + +### BEGIN INIT INFO +# Provides: udev +# Required-Start: mountvirtfs +# Required-Stop: +# Default-Start: S +# Default-Stop: +# Short-Description: Start udevd, populate /dev and load drivers. +### END INIT INFO + +. /etc/init.d/functions + +export TZ=/etc/localtime + +[ -d /sys/class ] || exit 1 +[ -r /proc/mounts ] || exit 1 +[ -x @UDEVD@ ] || exit 1 +[ -f /etc/default/udev-cache ] && . /etc/default/udev-cache +[ -f /etc/udev/udev.conf ] && . /etc/udev/udev.conf + +readfile () { + filename=$1 + READDATA="" + if [ -r $filename ]; then + while read line; do + READDATA="$READDATA$line" + done < $filename + fi +} + +case "$1" in + start) + export ACTION=add + # propagate /dev from /sys + echo "Starting udev" + + # mount the devtmpfs on /dev, if not already done + LANG=C awk '$2 == "/dev" && ($3 == "devtmpfs") { exit 1 }' /proc/mounts && { + mount -n -o mode=0755 -t devtmpfs none "/dev" + } + [ -e /dev/pts ] || mkdir -m 0755 /dev/pts + [ -e /dev/shm ] || mkdir -m 1777 /dev/shm + mount -a -t tmpfs 2>/dev/null + + # cache handling + if [ "$DEVCACHE" != "" ]; then + readfile /proc/version + VERSION="$READDATA" + readfile /proc/cmdline + CMDLINE="$READDATA" + readfile /proc/devices + DEVICES="$READDATA" + readfile /proc/atags + ATAGS="$READDATA" + + if [ -e $DEVCACHE ]; then + readfile /etc/udev/cache.data + if [ "$READDATA" = "$VERSION$CMDLINE$DEVICES$ATAGS" ]; then + (cd /; tar xf $DEVCACHE > /dev/null 2>&1) + not_first_boot=1 + [ "$VERBOSE" != "no" ] && echo "udev: using cache file $DEVCACHE" + [ -e /dev/shm/udev.cache ] && rm -f /dev/shm/udev.cache + else + echo "$VERSION$CMDLINE$DEVICES$ATAGS" > /dev/shm/udev.cache + fi + else + echo "$VERSION$CMDLINE$DEVICES$ATAGS" > /dev/shm/udev.cache + fi + fi + + # make_extra_nodes + killproc systemd-udevd > "/dev/null" 2>&1 + + # trigger the sorted events + echo -e '\000\000\000\000' > /proc/sys/kernel/hotplug + @UDEVD@ -d + + udevadm control --env=STARTUP=1 + if [ "$not_first_boot" != "" ];then + udevadm trigger --action=add --subsystem-nomatch=tty --subsystem-nomatch=mem --subsystem-nomatch=vc --subsystem-nomatch=vtconsole --subsystem-nomatch=misc --subsystem-nomatch=dcon --subsystem-nomatch=pci_bus --subsystem-nomatch=graphics --subsystem-nomatch=backlight --subsystem-nomatch=video4linux --subsystem-nomatch=platform + (udevadm settle --timeout=3; udevadm control --env=STARTUP=)& + else + udevadm trigger --action=add + udevadm settle + fi + ;; + stop) + echo "Stopping udevd" + start-stop-daemon --stop --name systemd-udevd --quiet + ;; + restart) + $0 stop + sleep 1 + $0 start + ;; + status) + status systemd-udevd + ;; + *) + echo "Usage: $0 {start|stop|status|restart}" + exit 1 +esac +exit 0 diff --git a/external/poky/meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch b/external/poky/meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch new file mode 100644 index 00000000..57311faa --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch @@ -0,0 +1,61 @@ +Description: sd-bus: if we receive an invalid dbus message, ignore and + proceeed + . + dbus-daemon might have a slightly different idea of what a valid msg is + than us (for example regarding valid msg and field sizes). Let's hence + try to proceed if we can and thus drop messages rather than fail the + connection if we fail to validate a message. + . + Hopefully the differences in what is considered valid are not visible + for real-life usecases, but are specific to exploit attempts only. +Author: Lennart Poettering <lennart@poettering.net> +Forwarded: other,https://github.com/systemd/systemd/pull/11708/ + +Patch from: systemd_239-7ubuntu10.8 + +For information see: +https://usn.ubuntu.com/3891-1/ +https://git.launchpad.net/ubuntu/+source/systemd/commit/?id=f8e75d5634904c8e672658856508c3a02f349adb + +CVE: CVE-2019-6454 +Upstream-Status: Backport + +Signed-off-by: George McCollister <george.mccollister@gmail.com> + +diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c +index 30d6455b6f..441b4a816f 100644 +--- a/src/libsystemd/sd-bus/bus-socket.c ++++ b/src/libsystemd/sd-bus/bus-socket.c +@@ -1072,7 +1072,7 @@ static int bus_socket_read_message_need(sd_bus *bus, size_t *need) { + } + + static int bus_socket_make_message(sd_bus *bus, size_t size) { +- sd_bus_message *t; ++ sd_bus_message *t = NULL; + void *b; + int r; + +@@ -1097,7 +1097,9 @@ static int bus_socket_make_message(sd_bus *bus, size_t size) { + bus->fds, bus->n_fds, + NULL, + &t); +- if (r < 0) { ++ if (r == -EBADMSG) ++ log_debug_errno(r, "Received invalid message from connection %s, dropping.", strna(bus->description)); ++ else if (r < 0) { + free(b); + return r; + } +@@ -1108,7 +1110,8 @@ static int bus_socket_make_message(sd_bus *bus, size_t size) { + bus->fds = NULL; + bus->n_fds = 0; + +- bus->rqueue[bus->rqueue_size++] = t; ++ if (t) ++ bus->rqueue[bus->rqueue_size++] = t; + + return 1; + } +-- +2.17.1 + diff --git a/external/poky/meta/recipes-core/systemd/systemd/touchscreen.rules b/external/poky/meta/recipes-core/systemd/systemd/touchscreen.rules new file mode 100644 index 00000000..d83fd167 --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd/touchscreen.rules @@ -0,0 +1,18 @@ +# There are a number of modifiers that are allowed to be used in some +# of the different fields. They provide the following subsitutions: +# +# %n the "kernel number" of the device. +# For example, 'sda3' has a "kernel number" of '3' +# %e the smallest number for that name which does not matches an existing node +# %k the kernel name for the device +# %M the kernel major number for the device +# %m the kernel minor number for the device +# %b the bus id for the device +# %c the string returned by the PROGRAM +# %s{filename} the content of a sysfs attribute +# %% the '%' char itself +# + +# Create a symlink to any touchscreen input device +SUBSYSTEM=="input", KERNEL=="event[0-9]*", ATTRS{modalias}=="input:*-e0*,3,*a0,1,*18,*", SYMLINK+="input/touchscreen0" +SUBSYSTEM=="input", KERNEL=="event[0-9]*", ATTRS{modalias}=="ads7846", SYMLINK+="input/touchscreen0" diff --git a/external/poky/meta/recipes-core/systemd/systemd_239.bb b/external/poky/meta/recipes-core/systemd/systemd_239.bb new file mode 100644 index 00000000..7fbd64ce --- /dev/null +++ b/external/poky/meta/recipes-core/systemd/systemd_239.bb @@ -0,0 +1,666 @@ +require systemd.inc + +PROVIDES = "udev" + +PE = "1" + +DEPENDS = "intltool-native gperf-native libcap util-linux" + +SECTION = "base/shell" + +inherit useradd pkgconfig meson perlnative update-rc.d update-alternatives qemu systemd gettext bash-completion manpages distro_features_check + +# As this recipe builds udev, respect systemd being in DISTRO_FEATURES so +# that we don't build both udev and systemd in world builds. +REQUIRED_DISTRO_FEATURES = "systemd" + +SRC_URI += "file://touchscreen.rules \ + file://00-create-volatile.conf \ + file://init \ + file://0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch \ + file://0002-use-lnr-wrapper-instead-of-looking-for-relative-opti.patch \ + file://0003-implment-systemd-sysv-install-for-OE.patch \ + file://0004-rules-whitelist-hd-devices.patch \ + file://0005-Make-root-s-home-directory-configurable.patch \ + file://0006-remove-nobody-user-group-checking.patch \ + file://0007-rules-watch-metadata-changes-in-ide-devices.patch \ + file://0008-Do-not-enable-nss-tests-if-nss-systemd-is-not-enable.patch \ + file://0009-nss-mymachines-Build-conditionally-when-ENABLE_MYHOS.patch \ + file://0001-login-use-parse_uid-when-unmounting-user-runtime-dir.patch \ + file://0001-sd-bus-make-BUS_DEFAULT_TIMEOUT-configurable.patch \ + file://0022-build-sys-Detect-whether-struct-statx-is-defined-in-.patch \ + file://0023-resolvconf-fixes-for-the-compatibility-interface.patch \ + file://0001-core-when-deserializing-state-always-use-read_line-L.patch \ + file://0001-chown-recursive-let-s-rework-the-recursive-logic-to-.patch \ + file://0001-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch \ + file://0001-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch \ + file://0001-timesync-changes-type-of-drift_freq-to-int64_t.patch \ + file://0001-sysctl-Don-t-pass-null-directive-argument-to-s.patch \ + file://0002-core-Fix-use-after-free-case-in-load_from_path.patch \ + file://0001-meson-rename-Ddebug-to-Ddebug-extra.patch \ + file://0024-journald-do-not-store-the-iovec-entry-for-process-co.patch \ + file://0025-journald-set-a-limit-on-the-number-of-fields.patch \ + file://0026-journal-fix-out-of-bounds-read-CVE-2018-16866.patch \ + file://CVE-2019-6454.patch \ + file://sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch \ + " + +# patches made for musl are only applied on TCLIBC is musl +SRC_URI += "${SRC_URI_MUSL}" +SRC_URI_MUSL = "file://0001-Use-getenv-when-secure-versions-are-not-available.patch \ + file://0002-don-t-use-glibc-specific-qsort_r.patch \ + file://0003-comparison_fn_t-is-glibc-specific-use-raw-signature-.patch \ + file://0004-add-fallback-parse_printf_format-implementation.patch \ + file://0005-include-gshadow-only-if-ENABLE_GSHADOW-is-1.patch \ + file://0006-src-basic-missing.h-check-for-missing-strndupa.patch \ + file://0007-Include-netinet-if_ether.h.patch \ + file://0008-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch \ + file://0009-add-missing-FTW_-macros-for-musl.patch \ + file://0010-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch \ + file://0011-src-basic-missing.h-check-for-missing-__compar_fn_t-.patch \ + file://0012-fix-missing-of-__register_atfork-for-non-glibc-build.patch \ + file://0013-Use-uintmax_t-for-handling-rlim_t.patch \ + file://0014-fix-missing-ULONG_LONG_MAX-definition-in-case-of-mus.patch \ + file://0015-test-hexdecoct.c-Include-missing.h-for-strndupa.patch \ + file://0016-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch \ + file://0017-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch \ + file://0018-Define-glibc-compatible-basename-for-non-glibc-syste.patch \ + file://0019-Do-not-disable-buffering-when-writing-to-oom_score_a.patch \ + file://0020-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch \ + file://0021-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch \ + " + +# Workaround undefined reference to `__stack_chk_fail_local' on qemux86 and qemuppc for musl +SRC_URI_append_libc-musl_qemux86 = " file://0001-Remove-fstack-protector-flags-to-workaround-musl-bui.patch" +SRC_URI_append_libc-musl_qemuppc = " file://0001-Remove-fstack-protector-flags-to-workaround-musl-bui.patch" + +PAM_PLUGINS = " \ + pam-plugin-unix \ + pam-plugin-loginuid \ + pam-plugin-keyinit \ +" + +PACKAGECONFIG ??= " \ + ${@bb.utils.filter('DISTRO_FEATURES', 'efi ldconfig pam selinux usrmerge', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'rfkill', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xkbcommon', '', d)} \ + acl \ + backlight \ + binfmt \ + firstboot \ + gshadow \ + hibernate \ + hostnamed \ + ima \ + kmod \ + localed \ + logind \ + machined \ + myhostname \ + networkd \ + nss \ + polkit \ + quotacheck \ + randomseed \ + resolved \ + smack \ + sysusers \ + timedated \ + timesyncd \ + utmp \ + vconsole \ + xz \ +" + +PACKAGECONFIG_remove_libc-musl = " \ + gshadow \ + localed \ + myhostname \ + nss \ + resolved \ + selinux \ + smack \ + sysusers \ + utmp \ +" + +# Use the upstream systemd serial-getty@.service and rely on +# systemd-getty-generator instead of using the OE-core specific +# systemd-serialgetty.bb - not enabled by default. +PACKAGECONFIG[serial-getty-generator] = "" + +PACKAGECONFIG[acl] = "-Dacl=true,-Dacl=false,acl" +PACKAGECONFIG[audit] = "-Daudit=true,-Daudit=false,audit" +PACKAGECONFIG[backlight] = "-Dbacklight=true,-Dbacklight=false" +PACKAGECONFIG[binfmt] = "-Dbinfmt=true,-Dbinfmt=false" +PACKAGECONFIG[bzip2] = "-Dbzip2=true,-Dbzip2=false,bzip2" +PACKAGECONFIG[coredump] = "-Dcoredump=true,-Dcoredump=false" +PACKAGECONFIG[cryptsetup] = "-Dlibcryptsetup=true,-Dlibcryptsetup=false,cryptsetup" +PACKAGECONFIG[dbus] = "-Ddbus=true,-Ddbus=false,dbus" +PACKAGECONFIG[efi] = "-Defi=true,-Defi=false" +PACKAGECONFIG[elfutils] = "-Delfutils=true,-Delfutils=false,elfutils" +PACKAGECONFIG[firstboot] = "-Dfirstboot=true,-Dfirstboot=false" +# Sign the journal for anti-tampering +PACKAGECONFIG[gcrypt] = "-Dgcrypt=true,-Dgcrypt=false,libgcrypt" +PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" +PACKAGECONFIG[gshadow] = "-Dgshadow=true,-Dgshadow=false" +PACKAGECONFIG[hibernate] = "-Dhibernate=true,-Dhibernate=false" +PACKAGECONFIG[hostnamed] = "-Dhostnamed=true,-Dhostnamed=false" +PACKAGECONFIG[ima] = "-Dima=true,-Dima=false" +# importd requires curl/xz/zlib/bzip2/gcrypt +PACKAGECONFIG[importd] = "-Dimportd=true,-Dimportd=false" +# Update NAT firewall rules +PACKAGECONFIG[iptc] = "-Dlibiptc=true,-Dlibiptc=false,iptables" +PACKAGECONFIG[journal-upload] = "-Dlibcurl=true,-Dlibcurl=false,curl" +PACKAGECONFIG[kmod] = "-Dkmod=true,-Dkmod=false,kmod" +PACKAGECONFIG[ldconfig] = "-Dldconfig=true,-Dldconfig=false" +PACKAGECONFIG[libidn] = "-Dlibidn=true,-Dlibidn=false,libidn" +PACKAGECONFIG[localed] = "-Dlocaled=true,-Dlocaled=false" +PACKAGECONFIG[logind] = "-Dlogind=true,-Dlogind=false" +PACKAGECONFIG[lz4] = "-Dlz4=true,-Dlz4=false,lz4" +PACKAGECONFIG[machined] = "-Dmachined=true,-Dmachined=false" +PACKAGECONFIG[manpages] = "-Dman=true,-Dman=false,libxslt-native xmlto-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native" +PACKAGECONFIG[microhttpd] = "-Dmicrohttpd=true,-Dmicrohttpd=false,libmicrohttpd" +PACKAGECONFIG[myhostname] = "-Dmyhostname=true,-Dmyhostname=false" +PACKAGECONFIG[networkd] = "-Dnetworkd=true,-Dnetworkd=false" +PACKAGECONFIG[nss] = "-Dnss-systemd=true,-Dnss-systemd=false" +PACKAGECONFIG[pam] = "-Dpam=true,-Dpam=false,libpam,${PAM_PLUGINS}" +PACKAGECONFIG[polkit] = "-Dpolkit=true,-Dpolkit=false" +PACKAGECONFIG[portabled] = "-Dportabled=true,-Dportabled=false" +PACKAGECONFIG[qrencode] = "-Dqrencode=true,-Dqrencode=false,qrencode" +PACKAGECONFIG[quotacheck] = "-Dquotacheck=true,-Dquotacheck=false" +PACKAGECONFIG[randomseed] = "-Drandomseed=true,-Drandomseed=false" +PACKAGECONFIG[resolved] = "-Dresolve=true,-Dresolve=false" +PACKAGECONFIG[rfkill] = "-Drfkill=true,-Drfkill=false" +# libseccomp is found in meta-security +PACKAGECONFIG[seccomp] = "-Dseccomp=true,-Dseccomp=false,libseccomp" +PACKAGECONFIG[selinux] = "-Dselinux=true,-Dselinux=false,libselinux,initscripts-sushell" +PACKAGECONFIG[smack] = "-Dsmack=true,-Dsmack=false" +PACKAGECONFIG[sysusers] = "-Dsysusers=true,-Dsysusers=false" +PACKAGECONFIG[time-epoch] = "-Dtime-epoch=0,," +PACKAGECONFIG[timedated] = "-Dtimedated=true,-Dtimedated=false" +PACKAGECONFIG[timesyncd] = "-Dtimesyncd=true,-Dtimesyncd=false" +PACKAGECONFIG[usrmerge] = "-Dsplit-usr=false,-Dsplit-usr=true" +PACKAGECONFIG[sbinmerge] = "-Dsplit-bin=false,-Dsplit-bin=true" +PACKAGECONFIG[utmp] = "-Dutmp=true,-Dutmp=false" +PACKAGECONFIG[valgrind] = "-DVALGRIND=1,,valgrind" +PACKAGECONFIG[vconsole] = "-Dvconsole=true,-Dvconsole=false,,${PN}-vconsole-setup" +# Verify keymaps on locale change +PACKAGECONFIG[xkbcommon] = "-Dxkbcommon=true,-Dxkbcommon=false,libxkbcommon" +PACKAGECONFIG[xz] = "-Dxz=true,-Dxz=false,xz" +PACKAGECONFIG[zlib] = "-Dzlib=true,-Dzlib=false,zlib" + +# Helper variables to clarify locations. This mirrors the logic in systemd's +# build system. +rootprefix ?= "${root_prefix}" +rootlibdir ?= "${base_libdir}" +rootlibexecdir = "${rootprefix}/lib" + +# This links udev statically with systemd helper library. +# Otherwise udev package would depend on systemd package (which has the needed shared library), +# and always pull it into images. +EXTRA_OEMESON += "-Dlink-udev-shared=false" + +EXTRA_OEMESON += "-Dnobody-user=nobody \ + -Dnobody-group=nobody \ + -Droothomedir=${ROOT_HOME} \ + -Drootlibdir=${rootlibdir} \ + -Drootprefix=${rootprefix} \ + -Dsysvrcnd-path=${sysconfdir} \ + " + +# Hardcode target binary paths to avoid using paths from sysroot +EXTRA_OEMESON += "-Dkexec-path=${sbindir}/kexec \ + -Dkill-path=${base_bindir}/kill \ + -Dkmod-path=${base_bindir}/kmod \ + -Dmount-path=${base_bindir}/mount \ + -Dquotacheck-path=${sbindir}/quotacheck \ + -Dquotaon-path=${sbindir}/quotaon \ + -Dsulogin-path=${base_sbindir}/sulogin \ + -Dumount-path=${base_bindir}/umount" + +do_install() { + meson_do_install + install -d ${D}/${base_sbindir} + if ${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', 'false', 'true', d)}; then + # Provided by a separate recipe + rm ${D}${systemd_unitdir}/system/serial-getty* -f + fi + + # Provide support for initramfs + [ ! -e ${D}/init ] && ln -s ${rootlibexecdir}/systemd/systemd ${D}/init + [ ! -e ${D}/${base_sbindir}/udevd ] && ln -s ${rootlibexecdir}/systemd/systemd-udevd ${D}/${base_sbindir}/udevd + + install -d ${D}${sysconfdir}/udev/rules.d/ + install -d ${D}${sysconfdir}/tmpfiles.d + install -m 0644 ${WORKDIR}/*.rules ${D}${sysconfdir}/udev/rules.d/ + install -d ${D}${libdir}/pkgconfig + install -m 0644 ${B}/src/udev/udev.pc ${D}${libdir}/pkgconfig/ + + install -m 0644 ${WORKDIR}/00-create-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ + + if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/systemd-udevd + sed -i s%@UDEVD@%${rootlibexecdir}/systemd/systemd-udevd% ${D}${sysconfdir}/init.d/systemd-udevd + fi + + chown root:systemd-journal ${D}/${localstatedir}/log/journal + + # Delete journal README, as log can be symlinked inside volatile. + rm -f ${D}/${localstatedir}/log/README + + # journal-remote creates this at start + rm -rf ${D}/${localstatedir}/log/journal/remote + + install -d ${D}${systemd_unitdir}/system/graphical.target.wants + install -d ${D}${systemd_unitdir}/system/multi-user.target.wants + install -d ${D}${systemd_unitdir}/system/poweroff.target.wants + install -d ${D}${systemd_unitdir}/system/reboot.target.wants + install -d ${D}${systemd_unitdir}/system/rescue.target.wants + + # Create symlinks for systemd-update-utmp-runlevel.service + if ${@bb.utils.contains('PACKAGECONFIG', 'utmp', 'true', 'false', d)}; then + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/graphical.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/multi-user.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/poweroff.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/reboot.target.wants/systemd-update-utmp-runlevel.service + ln -sf ../systemd-update-utmp-runlevel.service ${D}${systemd_unitdir}/system/rescue.target.wants/systemd-update-utmp-runlevel.service + fi + + # this file is needed to exist if networkd is disabled but timesyncd is still in use since timesyncd checks it + # for existence else it fails + if [ -s ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf ]; then + ${@bb.utils.contains('PACKAGECONFIG', 'networkd', ':', 'sed -i -e "\$ad /run/systemd/netif/links 0755 root root -" ${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf', d)} + fi + if ! ${@bb.utils.contains('PACKAGECONFIG', 'resolved', 'true', 'false', d)}; then + echo 'L! ${sysconfdir}/resolv.conf - - - - ../run/systemd/resolve/resolv.conf' >>${D}${exec_prefix}/lib/tmpfiles.d/etc.conf + echo 'd /run/systemd/resolve 0755 root root -' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf + echo 'f /run/systemd/resolve/resolv.conf 0644 root root' >>${D}${exec_prefix}/lib/tmpfiles.d/systemd.conf + ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd + else + sed -i -e "s%^L! /etc/resolv.conf.*$%L! /etc/resolv.conf - - - - ../run/systemd/resolve/resolv.conf%g" ${D}${exec_prefix}/lib/tmpfiles.d/etc.conf + ln -s ../run/systemd/resolve/resolv.conf ${D}${sysconfdir}/resolv-conf.systemd + fi + install -Dm 0755 ${S}/src/systemctl/systemd-sysv-install.SKELETON ${D}${systemd_unitdir}/systemd-sysv-install + + # If polkit is setup fixup permissions and ownership + if ${@bb.utils.contains('PACKAGECONFIG', 'polkit', 'true', 'false', d)}; then + if [ -d ${D}${datadir}/polkit-1/rules.d ]; then + chmod 700 ${D}${datadir}/polkit-1/rules.d + chown polkitd:root ${D}${datadir}/polkit-1/rules.d + fi + fi + + # conf files are handled by systemd-conf + rm -f ${D}${sysconfdir}/machine-id + rm -f ${D}${sysconfdir}/systemd/coredump.conf + rm -f ${D}${sysconfdir}/systemd/journald.conf + rm -f ${D}${sysconfdir}/systemd/logind.conf + rm -f ${D}${sysconfdir}/systemd/system.conf + rm -f ${D}${sysconfdir}/systemd/user.conf + + # duplicate udevadm for postinst script + install -d ${D}${libexecdir} + ln ${D}${base_bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm +} + + +python populate_packages_prepend (){ + systemdlibdir = d.getVar("rootlibdir") + do_split_packages(d, systemdlibdir, '^lib(.*)\.so\.*', 'lib%s', 'Systemd %s library', extra_depends='', allow_links=True) +} +PACKAGES_DYNAMIC += "^lib(udev|systemd|nss).*" + +PACKAGES =+ "\ + ${PN}-gui \ + ${PN}-vconsole-setup \ + ${PN}-initramfs \ + ${PN}-analyze \ + ${PN}-kernel-install \ + ${PN}-rpm-macros \ + ${PN}-binfmt \ + ${PN}-zsh-completion \ + ${PN}-xorg-xinitrc \ + ${PN}-container \ + ${PN}-journal-gatewayd \ + ${PN}-journal-upload \ + ${PN}-journal-remote \ + ${PN}-extra-utils \ +" + +SUMMARY_${PN}-container = "Tools for containers and VMs" +DESCRIPTION_${PN}-container = "Systemd tools to spawn and manage containers and virtual machines." + +SUMMARY_${PN}-journal-gatewayd = "HTTP server for journal events" +DESCRIPTION_${PN}-journal-gatewayd = "systemd-journal-gatewayd serves journal events over the network. Clients must connect using HTTP. The server listens on port 19531 by default." + +SUMMARY_${PN}-journal-upload = "Send journal messages over the network" +DESCRIPTION_${PN}-journal-upload = "systemd-journal-upload uploads journal entries to a specified URL." + +SUMMARY_${PN}-journal-remote = "Receive journal messages over the network" +DESCRIPTION_${PN}-journal-remote = "systemd-journal-remote is a command to receive serialized journal events and store them to journal files." + +SYSTEMD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'binfmt', '${PN}-binfmt', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gatewayd', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ +" +SYSTEMD_SERVICE_${PN}-binfmt = "systemd-binfmt.service" + +USERADD_PACKAGES = "${PN} ${PN}-extra-utils \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gateway', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ +" +GROUPADD_PARAM_${PN} = "-r systemd-journal" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /bin/nologin systemd-coredump;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /bin/nologin systemd-network;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /bin/nologin systemd-timesync;', '', d)}" +USERADD_PARAM_${PN}-extra-utils = "--system -d / -M --shell /bin/nologin systemd-bus-proxy" +USERADD_PARAM_${PN}-journal-gateway = "--system -d / -M --shell /bin/nologin systemd-journal-gateway" +USERADD_PARAM_${PN}-journal-remote = "--system -d / -M --shell /bin/nologin systemd-journal-remote" +USERADD_PARAM_${PN}-journal-upload = "--system -d / -M --shell /bin/nologin systemd-journal-upload" + +FILES_${PN}-analyze = "${bindir}/systemd-analyze" + +FILES_${PN}-initramfs = "/init" +RDEPENDS_${PN}-initramfs = "${PN}" + +FILES_${PN}-gui = "${bindir}/systemadm" + +FILES_${PN}-vconsole-setup = "${rootlibexecdir}/systemd/systemd-vconsole-setup \ + ${systemd_unitdir}/system/systemd-vconsole-setup.service \ + ${systemd_unitdir}/system/sysinit.target.wants/systemd-vconsole-setup.service" + +RDEPENDS_${PN}-kernel-install += "bash" +FILES_${PN}-kernel-install = "${bindir}/kernel-install \ + ${sysconfdir}/kernel/ \ + ${exec_prefix}/lib/kernel \ + " +FILES_${PN}-rpm-macros = "${exec_prefix}/lib/rpm \ + " + +FILES_${PN}-xorg-xinitrc = "${sysconfdir}/X11/xinit/xinitrc.d/*" + +FILES_${PN}-zsh-completion = "${datadir}/zsh/site-functions" + +FILES_${PN}-binfmt = "${sysconfdir}/binfmt.d/ \ + ${exec_prefix}/lib/binfmt.d \ + ${rootlibexecdir}/systemd/systemd-binfmt \ + ${systemd_unitdir}/system/proc-sys-fs-binfmt_misc.* \ + ${systemd_unitdir}/system/systemd-binfmt.service" +RRECOMMENDS_${PN}-binfmt = "kernel-module-binfmt-misc" + +RRECOMMENDS_${PN}-vconsole-setup = "kbd kbd-consolefonts kbd-keymaps" + + +FILES_${PN}-journal-gatewayd = "${rootlibexecdir}/systemd/systemd-journal-gatewayd \ + ${systemd_system_unitdir}/systemd-journal-gatewayd.service \ + ${systemd_system_unitdir}/systemd-journal-gatewayd.socket \ + ${systemd_system_unitdir}/sockets.target.wants/systemd-journal-gatewayd.socket \ + ${datadir}/systemd/gatewayd/browse.html \ + " +SYSTEMD_SERVICE_${PN}-journal-gatewayd = "systemd-journal-gatewayd.socket" + +FILES_${PN}-journal-upload = "${rootlibexecdir}/systemd/systemd-journal-upload \ + ${systemd_system_unitdir}/systemd-journal-upload.service \ + ${sysconfdir}/systemd/journal-upload.conf \ + " +SYSTEMD_SERVICE_${PN}-journal-upload = "systemd-journal-upload.service" + +FILES_${PN}-journal-remote = "${rootlibexecdir}/systemd/systemd-journal-remote \ + ${sysconfdir}/systemd/journal-remote.conf \ + ${systemd_system_unitdir}/systemd-journal-remote.service \ + ${systemd_system_unitdir}/systemd-journal-remote.socket \ + " +SYSTEMD_SERVICE_${PN}-remote = "systemd-journal-remote.socket" + + +FILES_${PN}-container = "${sysconfdir}/dbus-1/system.d/org.freedesktop.import1.conf \ + ${sysconfdir}/dbus-1/system.d/org.freedesktop.machine1.conf \ + ${base_bindir}/machinectl \ + ${bindir}/systemd-nspawn \ + ${nonarch_libdir}/systemd/import-pubring.gpg \ + ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.import1.busname \ + ${systemd_system_unitdir}/busnames.target.wants/org.freedesktop.machine1.busname \ + ${systemd_system_unitdir}/local-fs.target.wants/var-lib-machines.mount \ + ${systemd_system_unitdir}/machine.slice \ + ${systemd_system_unitdir}/machines.target \ + ${systemd_system_unitdir}/org.freedesktop.import1.busname \ + ${systemd_system_unitdir}/org.freedesktop.machine1.busname \ + ${systemd_system_unitdir}/systemd-importd.service \ + ${systemd_system_unitdir}/systemd-machined.service \ + ${systemd_system_unitdir}/dbus-org.freedesktop.machine1.service \ + ${systemd_system_unitdir}/var-lib-machines.mount \ + ${rootlibexecdir}/systemd/systemd-import \ + ${rootlibexecdir}/systemd/systemd-importd \ + ${rootlibexecdir}/systemd/systemd-machined \ + ${rootlibexecdir}/systemd/systemd-pull \ + ${exec_prefix}/lib/tmpfiles.d/systemd-nspawn.conf \ + ${systemd_system_unitdir}/systemd-nspawn@.service \ + ${libdir}/libnss_mymachines.so.2 \ + ${datadir}/dbus-1/system-services/org.freedesktop.import1.service \ + ${datadir}/dbus-1/system-services/org.freedesktop.machine1.service \ + ${datadir}/dbus-1/system.d/org.freedesktop.import1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.machine1.conf \ + ${datadir}/polkit-1/actions/org.freedesktop.import1.policy \ + ${datadir}/polkit-1/actions/org.freedesktop.machine1.policy \ + " + +RRECOMMENDS_${PN}-container += "\ + ${PN}-journal-upload \ + ${PN}-journal-remote \ + ${PN}-journal-gatewayd \ + " + +FILES_${PN}-extra-utils = "\ + ${base_bindir}/systemd-escape \ + ${base_bindir}/systemd-inhibit \ + ${bindir}/systemd-detect-virt \ + ${bindir}/systemd-path \ + ${bindir}/systemd-run \ + ${bindir}/systemd-cat \ + ${bindir}/systemd-delta \ + ${bindir}/systemd-cgls \ + ${bindir}/systemd-cgtop \ + ${bindir}/systemd-stdio-bridge \ + ${base_bindir}/systemd-ask-password \ + ${base_bindir}/systemd-tty-ask-password-agent \ + ${systemd_unitdir}/system/systemd-ask-password-console.path \ + ${systemd_unitdir}/system/systemd-ask-password-console.service \ + ${systemd_unitdir}/system/systemd-ask-password-wall.path \ + ${systemd_unitdir}/system/systemd-ask-password-wall.service \ + ${systemd_unitdir}/system/sysinit.target.wants/systemd-ask-password-console.path \ + ${systemd_unitdir}/system/sysinit.target.wants/systemd-ask-password-wall.path \ + ${systemd_unitdir}/system/multi-user.target.wants/systemd-ask-password-wall.path \ + ${rootlibexecdir}/systemd/systemd-resolve-host \ + ${rootlibexecdir}/systemd/systemd-ac-power \ + ${rootlibexecdir}/systemd/systemd-activate \ + ${rootlibexecdir}/systemd/systemd-bus-proxyd \ + ${systemd_unitdir}/system/systemd-bus-proxyd.service \ + ${systemd_unitdir}/system/systemd-bus-proxyd.socket \ + ${rootlibexecdir}/systemd/systemd-socket-proxyd \ + ${rootlibexecdir}/systemd/systemd-reply-password \ + ${rootlibexecdir}/systemd/systemd-sleep \ + ${rootlibexecdir}/systemd/system-sleep \ + ${systemd_unitdir}/system/systemd-hibernate.service \ + ${systemd_unitdir}/system/systemd-hybrid-sleep.service \ + ${systemd_unitdir}/system/systemd-suspend.service \ + ${systemd_unitdir}/system/sleep.target \ + ${rootlibexecdir}/systemd/systemd-initctl \ + ${systemd_unitdir}/system/systemd-initctl.service \ + ${systemd_unitdir}/system/systemd-initctl.socket \ + ${systemd_unitdir}/system/sockets.target.wants/systemd-initctl.socket \ + ${rootlibexecdir}/systemd/system-generators/systemd-gpt-auto-generator \ + ${rootlibexecdir}/systemd/systemd-cgroups-agent \ +" + +FILES_${PN} = " ${base_bindir}/* \ + ${base_sbindir}/shutdown \ + ${base_sbindir}/halt \ + ${base_sbindir}/poweroff \ + ${base_sbindir}/runlevel \ + ${base_sbindir}/telinit \ + ${base_sbindir}/resolvconf \ + ${base_sbindir}/reboot \ + ${base_sbindir}/init \ + ${datadir}/dbus-1/services \ + ${datadir}/dbus-1/system-services \ + ${datadir}/polkit-1 \ + ${datadir}/${BPN} \ + ${datadir}/factory \ + ${sysconfdir}/dbus-1/ \ + ${sysconfdir}/modules-load.d/ \ + ${sysconfdir}/pam.d/ \ + ${sysconfdir}/sysctl.d/ \ + ${sysconfdir}/systemd/ \ + ${sysconfdir}/tmpfiles.d/ \ + ${sysconfdir}/xdg/ \ + ${sysconfdir}/init.d/README \ + ${sysconfdir}/resolv-conf.systemd \ + ${rootlibexecdir}/systemd/* \ + ${systemd_unitdir}/* \ + ${base_libdir}/security/*.so \ + /cgroup \ + ${bindir}/systemd* \ + ${bindir}/busctl \ + ${bindir}/coredumpctl \ + ${bindir}/localectl \ + ${bindir}/hostnamectl \ + ${bindir}/resolvectl \ + ${bindir}/timedatectl \ + ${bindir}/bootctl \ + ${bindir}/kernel-install \ + ${exec_prefix}/lib/tmpfiles.d/*.conf \ + ${exec_prefix}/lib/systemd \ + ${exec_prefix}/lib/modules-load.d \ + ${exec_prefix}/lib/sysctl.d \ + ${exec_prefix}/lib/sysusers.d \ + ${exec_prefix}/lib/environment.d \ + ${localstatedir} \ + ${nonarch_base_libdir}/udev/rules.d/70-uaccess.rules \ + ${nonarch_base_libdir}/udev/rules.d/71-seat.rules \ + ${nonarch_base_libdir}/udev/rules.d/73-seat-late.rules \ + ${nonarch_base_libdir}/udev/rules.d/99-systemd.rules \ + ${nonarch_base_libdir}/modprobe.d/systemd.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.timedate1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.locale1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.network1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.resolve1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.systemd1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.hostname1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.login1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.timesync1.conf \ + ${datadir}/dbus-1/system.d/org.freedesktop.portable1.conf \ + " + +FILES_${PN}-dev += "${base_libdir}/security/*.la ${datadir}/dbus-1/interfaces/ ${sysconfdir}/rpm/macros.systemd" + +RDEPENDS_${PN} += "kmod dbus util-linux-mount util-linux-umount udev (= ${EXTENDPKGV}) util-linux-agetty util-linux-fsck" +RDEPENDS_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'serial-getty-generator', '', 'systemd-serialgetty', d)}" +RDEPENDS_${PN} += "volatile-binds update-rc.d systemd-conf" + +RRECOMMENDS_${PN} += "systemd-extra-utils \ + systemd-compat-units udev-hwdb \ + e2fsprogs-e2fsck \ + kernel-module-autofs4 kernel-module-unix kernel-module-ipv6 \ + os-release \ +" + +INSANE_SKIP_${PN} += "dev-so libdir" +INSANE_SKIP_${PN}-dbg += "libdir" +INSANE_SKIP_${PN}-doc += " libdir" + +PACKAGES =+ "udev udev-hwdb" + +RPROVIDES_udev = "hotplug" + +RDEPENDS_udev-hwdb += "udev" + +FILES_udev += "${base_sbindir}/udevd \ + ${rootlibexecdir}/systemd/systemd-udevd \ + ${rootlibexecdir}/udev/accelerometer \ + ${rootlibexecdir}/udev/ata_id \ + ${rootlibexecdir}/udev/cdrom_id \ + ${rootlibexecdir}/udev/collect \ + ${rootlibexecdir}/udev/findkeyboards \ + ${rootlibexecdir}/udev/keyboard-force-release.sh \ + ${rootlibexecdir}/udev/keymap \ + ${rootlibexecdir}/udev/mtd_probe \ + ${rootlibexecdir}/udev/scsi_id \ + ${rootlibexecdir}/udev/v4l_id \ + ${rootlibexecdir}/udev/keymaps \ + ${rootlibexecdir}/udev/rules.d/*.rules \ + ${sysconfdir}/udev \ + ${sysconfdir}/init.d/systemd-udevd \ + ${systemd_unitdir}/system/*udev* \ + ${systemd_unitdir}/system/*.wants/*udev* \ + ${base_bindir}/udevadm \ + ${libexecdir}/${MLPREFIX}udevadm \ + ${datadir}/bash-completion/completions/udevadm \ + " + +FILES_udev-hwdb = "${rootlibexecdir}/udev/hwdb.d" + +INITSCRIPT_PACKAGES = "udev" +INITSCRIPT_NAME_udev = "systemd-udevd" +INITSCRIPT_PARAMS_udev = "start 03 S ." + +python __anonymous() { + if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): + d.setVar("INHIBIT_UPDATERCD_BBCLASS", "1") +} + +ALTERNATIVE_${PN} = "halt reboot shutdown poweroff runlevel resolv-conf" + +ALTERNATIVE_TARGET[resolv-conf] = "${sysconfdir}/resolv-conf.systemd" +ALTERNATIVE_LINK_NAME[resolv-conf] = "${sysconfdir}/resolv.conf" +ALTERNATIVE_PRIORITY[resolv-conf] ?= "50" + +ALTERNATIVE_TARGET[halt] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[halt] = "${base_sbindir}/halt" +ALTERNATIVE_PRIORITY[halt] ?= "300" + +ALTERNATIVE_TARGET[reboot] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[reboot] = "${base_sbindir}/reboot" +ALTERNATIVE_PRIORITY[reboot] ?= "300" + +ALTERNATIVE_TARGET[shutdown] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[shutdown] = "${base_sbindir}/shutdown" +ALTERNATIVE_PRIORITY[shutdown] ?= "300" + +ALTERNATIVE_TARGET[poweroff] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[poweroff] = "${base_sbindir}/poweroff" +ALTERNATIVE_PRIORITY[poweroff] ?= "300" + +ALTERNATIVE_TARGET[runlevel] = "${base_bindir}/systemctl" +ALTERNATIVE_LINK_NAME[runlevel] = "${base_sbindir}/runlevel" +ALTERNATIVE_PRIORITY[runlevel] ?= "300" + +pkg_postinst_${PN} () { + sed -e '/^hosts:/s/\s*\<myhostname\>//' \ + -e 's/\(^hosts:.*\)\(\<files\>\)\(.*\)\(\<dns\>\)\(.*\)/\1\2 myhostname \3\4\5/' \ + -i $D${sysconfdir}/nsswitch.conf +} + +pkg_prerm_${PN} () { + sed -e '/^hosts:/s/\s*\<myhostname\>//' \ + -e '/^hosts:/s/\s*myhostname//' \ + -i $D${sysconfdir}/nsswitch.conf +} + +PACKAGE_WRITE_DEPS += "qemu-native" +pkg_postinst_udev-hwdb () { + if test -n "$D"; then + $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} + else + udevadm hwdb --update + fi +} + +pkg_prerm_udev-hwdb () { + rm -f $D${sysconfdir}/udev/hwdb.bin +} |