From 639acacb5d13b3f13b5aa08f625c8c761e297f6b7fe345294505c14281cca08b Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Fri, 23 Feb 2024 16:24:26 +0000 Subject: [PATCH] - Upgrade to v255.3 (commit 96edf7ad1866172b994cafb4df49e27d68ce8e87) See https://github.com/openSUSE/systemd/blob/SUSE/v255/NEWS for details. - This includes the following bug fixes: - commit 6e10405aa25fe5e76b740d9ec59730e3f4470c7a (bsc#1219766) - The following patches have been rebased: - 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch - 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch - 0009-pid1-handle-console-specificities-weirdness-for-s390.patch - 5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch - 5002-Revert-udev-revert-workarounds-for-issues-caused-by-.patch - The following patches have been removed since they're part of v255: - 5003-cgroup-rename-TasksMax-structure-to-CGroupTasksMax.patch - 5004-bus-print-properties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch - 5005-bus-print-properties-prettify-more-unset-properties.patch - systemd-boot has been added to the list of the dependencies of the systemd-testsuite package as the installation of the bootloader is now tested. - the following patches have been backported on top of v255.3: 96edf7ad18 service: Demote log level of NotifyAccess= messages to debug (bsc#1210113 jsc#PED-6214) fdde7f26d6 vconsole-setup: don't fail if the only found vc is already used by plymouth (bsc#1218618) f96c587d41 rules: set up tty permissions and group for /dev/hvc* nodes (bsc#1218137) 63a41b8899 vconsole-setup: remember the correct error value when open_terminal() fails f51a2e038c vconsole-setup: handle the case where the vc is in KD_GRAPHICS mode more gracefully (bsc#1215282) 15025a04c4 test: make sure to install the filesystem package in the test image on SUSE 06fecfb635 test: make sure that sd-boot is installed before testing bootctl 1e8788ea68 test: install systemd-boot in openSUSE test images 6e2875ad43 test/test-shutdown.py: optionally display the test I/Os in a dedicated log file 4be1a801b4 test-69: send SIGTERM to ask systemd-nspawn to properly stop the container 7bdab7b7c7 man: Document ranges for distributions config files and local config files 3f12a6c22f test: systemd-update-utmp is optional OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=1497 --- ...ering-startup-for-etc-init.d-boot.lo.patch | 9 +- ...ranslate-Required-Start-into-a-Wants.patch | 10 +- ...ole-specificities-weirdness-for-s390.patch | 11 +- ...te-devlink-with-the-newer-device-nod.patch | 6 +- ...rt-workarounds-for-issues-caused-by-.patch | 4 +- ...TasksMax-structure-to-CGroupTasksMax.patch | 283 ------------------ ...ties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch | 31 -- ...rties-prettify-more-unset-properties.patch | 38 --- ...tiveMemoryMax-EffectiveMemoryHigh-an.patch | 217 +++++++++----- ...mit-test-to-subtest-of-generic-limit.patch | 6 +- ...-Add-effective-cgroup-limits-testing.patch | 10 +- ...effective-limits-with-global-resourc.patch | 14 +- ...name-effective-limits-internal-table.patch | 28 +- files.devel | 1 + files.experimental | 101 ++++++- files.network | 9 +- files.systemd | 7 + files.udev | 7 + files.uefi-boot | 4 - systemd-v254.9+suse.30.g31f1148f75.tar.xz | 3 - systemd-v255.3+suse.15.g96edf7ad18.tar.xz | 3 + systemd.changes | 50 ++++ systemd.spec | 47 ++- 23 files changed, 389 insertions(+), 510 deletions(-) delete mode 100644 5003-cgroup-rename-TasksMax-structure-to-CGroupTasksMax.patch delete mode 100644 5004-bus-print-properties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch delete mode 100644 5005-bus-print-properties-prettify-more-unset-properties.patch delete mode 100644 systemd-v254.9+suse.30.g31f1148f75.tar.xz create mode 100644 systemd-v255.3+suse.15.g96edf7ad18.tar.xz diff --git a/0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch b/0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch index 47bb74a..7de98b0 100644 --- a/0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch +++ b/0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch @@ -1,8 +1,7 @@ -From ddf3a821b51fbd3064914eb00a03bbecce9ee361 Mon Sep 17 00:00:00 2001 +From e1562e145272efea60275ffe8e7edeb65224ab8d Mon Sep 17 00:00:00 2001 From: Thomas Blume Date: Tue, 25 Mar 2014 13:08:56 +0000 -Subject: [PATCH 03/11] rc-local: fix ordering startup for - /etc/init.d/boot.local +Subject: [PATCH] rc-local: fix ordering startup for /etc/init.d/boot.local [tblume: fixes bnc#869142] --- @@ -10,7 +9,7 @@ Subject: [PATCH 03/11] rc-local: fix ordering startup for 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/units/rc-local.service.in b/units/rc-local.service.in -index 55e83dfe00..8b20f8d1af 100644 +index 6fb0838cdb..768f720032 100644 --- a/units/rc-local.service.in +++ b/units/rc-local.service.in @@ -13,7 +13,7 @@ @@ -23,5 +22,5 @@ index 55e83dfe00..8b20f8d1af 100644 [Service] Type=forking -- -2.26.2 +2.35.3 diff --git a/0008-sysv-generator-translate-Required-Start-into-a-Wants.patch b/0008-sysv-generator-translate-Required-Start-into-a-Wants.patch index 001c0a6..ee4e615 100644 --- a/0008-sysv-generator-translate-Required-Start-into-a-Wants.patch +++ b/0008-sysv-generator-translate-Required-Start-into-a-Wants.patch @@ -1,7 +1,7 @@ -From 9e6a1f4b085b29abaf90ecd05859537b837b39fe Mon Sep 17 00:00:00 2001 +From 2c821a6c31ce3e2af53274b26fc34648933f6574 Mon Sep 17 00:00:00 2001 From: Thomas Blume Date: Wed, 4 May 2016 17:40:04 +0200 -Subject: [PATCH 8/8] sysv-generator: translate "Required-Start" into a "Wants" +Subject: [PATCH] sysv-generator: translate "Required-Start" into a "Wants" dependency 'Required-Start:' used to be supported by insserv but this functionality was @@ -19,10 +19,10 @@ see the comments in bsc#857204. 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/sysv-generator/sysv-generator.c b/src/sysv-generator/sysv-generator.c -index bf23c48662..c6e1953839 100644 +index 4485e2e368..e0833a7179 100644 --- a/src/sysv-generator/sysv-generator.c +++ b/src/sysv-generator/sysv-generator.c -@@ -409,8 +409,13 @@ static int handle_dependencies(SysvStub *s, unsigned line, const char *full_text +@@ -412,8 +412,13 @@ static int handle_dependencies(SysvStub *s, unsigned line, const char *full_text return log_oom(); r = strv_extend(&s->wants, m); @@ -38,5 +38,5 @@ index bf23c48662..c6e1953839 100644 return log_oom(); } -- -2.31.1 +2.35.3 diff --git a/0009-pid1-handle-console-specificities-weirdness-for-s390.patch b/0009-pid1-handle-console-specificities-weirdness-for-s390.patch index 14354b1..e05368d 100644 --- a/0009-pid1-handle-console-specificities-weirdness-for-s390.patch +++ b/0009-pid1-handle-console-specificities-weirdness-for-s390.patch @@ -1,8 +1,7 @@ -From dedd52f920cf7ae718bb31ac7286d3f7314540c6 Mon Sep 17 00:00:00 2001 +From 745ab2ac0f5424b0c04d9c38234bb9babcbd90ef Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Fri, 10 Jun 2016 15:19:57 +0200 -Subject: [PATCH 09/11] pid1: handle console specificities/weirdness for s390 - arch +Subject: [PATCH] pid1: handle console specificities/weirdness for s390 arch The 3270 console on S/390 can do color but not the 3215 console. @@ -30,10 +29,10 @@ whose $subject is "[PATCH] support conmode setting on command line". 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c -index d769423d6e..1a65391146 100644 +index 3355b749cc..e96b053217 100644 --- a/src/basic/terminal-util.c +++ b/src/basic/terminal-util.c -@@ -779,7 +779,20 @@ bool tty_is_vc_resolve(const char *tty) { +@@ -784,7 +784,20 @@ bool tty_is_vc_resolve(const char *tty) { } const char *default_term_for_tty(const char *tty) { @@ -56,5 +55,5 @@ index d769423d6e..1a65391146 100644 int fd_columns(int fd) { -- -2.26.2 +2.35.3 diff --git a/5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch b/5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch index 691f628..a09867e 100644 --- a/5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch +++ b/5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch @@ -1,4 +1,4 @@ -From 323274d5e7545013b09c280254879dcbf1430fbf Mon Sep 17 00:00:00 2001 +From d624ceb7f2e6e286cf876f2ff9bf90532166c7f9 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Fri, 12 Jan 2024 10:54:57 +0100 Subject: [PATCH 5001/5002] Revert "udev: update devlink with the newer device @@ -10,10 +10,10 @@ This reverts commit 277cb24ffb7a520f640eb36d11340f11bf0c7c4f. 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c -index 74a70185bc..75845413cf 100644 +index e12c26ce5a..6ba38087dc 100644 --- a/src/udev/udev-node.c +++ b/src/udev/udev-node.c -@@ -468,13 +468,13 @@ static int link_update(sd_device *dev, const char *slink, bool add) { +@@ -467,13 +467,13 @@ static int link_update(sd_device *dev, const char *slink, bool add) { /* The devlink priority is downgraded. Another device may have a higher * priority now. Let's find the device node with the highest priority. */ } else { diff --git a/5002-Revert-udev-revert-workarounds-for-issues-caused-by-.patch b/5002-Revert-udev-revert-workarounds-for-issues-caused-by-.patch index 37e58f6..da40836 100644 --- a/5002-Revert-udev-revert-workarounds-for-issues-caused-by-.patch +++ b/5002-Revert-udev-revert-workarounds-for-issues-caused-by-.patch @@ -1,4 +1,4 @@ -From 65b0ae29194a335dc2cc1410d57acf7307251791 Mon Sep 17 00:00:00 2001 +From 1861e68a986c39cfec3c7fe8a348d331d93800d7 Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Fri, 12 Jan 2024 10:55:17 +0100 Subject: [PATCH 5002/5002] Revert "udev: revert workarounds for issues caused @@ -10,7 +10,7 @@ This reverts commit b8fa62589271a0a7552c6eb02e6beac3ca759ba7. 1 file changed, 11 insertions(+) diff --git a/rules.d/60-persistent-storage.rules.in b/rules.d/60-persistent-storage.rules.in -index 835263f3cb..d5e0f5f705 100644 +index 6787430208..39a6555045 100644 --- a/rules.d/60-persistent-storage.rules.in +++ b/rules.d/60-persistent-storage.rules.in @@ -134,6 +134,17 @@ KERNEL!="sr*|mmcblk[0-9]boot[0-9]", IMPORT{builtin}="blkid" diff --git a/5003-cgroup-rename-TasksMax-structure-to-CGroupTasksMax.patch b/5003-cgroup-rename-TasksMax-structure-to-CGroupTasksMax.patch deleted file mode 100644 index f3ca94a..0000000 --- a/5003-cgroup-rename-TasksMax-structure-to-CGroupTasksMax.patch +++ /dev/null @@ -1,283 +0,0 @@ -From 14146f22cdcb6ecbf7d0f46a34843837a21aa118 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Tue, 23 Jan 2024 11:30:14 +0100 -Subject: [PATCH 5003/5011] cgroup: rename TasksMax structure to CGroupTasksMax - -Almost all our enums/structs/funcs carry the CGroup prefix if they are -defined in cgroup.h, TasksMax so far does not, even though it is -exclusively used in cgroup context. - -Change that. - -(cherry picked from commit 94f0b13b1623c083ece9c0381bd1e65500dc1363) - -[mkoutny: Adjust for missing struct UnitDefaults + contexts] ---- - src/core/cgroup.c | 16 ++++++++-------- - src/core/cgroup.h | 12 ++++++------ - src/core/dbus-cgroup.c | 10 +++++----- - src/core/load-fragment.c | 10 +++++----- - src/core/main.c | 4 ++-- - src/core/manager.c | 2 +- - src/core/manager.h | 2 +- - src/test/test-cgroup-mask.c | 2 +- - 8 files changed, 29 insertions(+), 29 deletions(-) - -diff --git a/src/core/cgroup.c b/src/core/cgroup.c -index 8a3059b042..5b7205a92e 100644 ---- a/src/core/cgroup.c -+++ b/src/core/cgroup.c -@@ -51,7 +51,7 @@ - * out specific attributes from us. */ - #define LOG_LEVEL_CGROUP_WRITE(r) (IN_SET(abs(r), ENOENT, EROFS, EACCES, EPERM) ? LOG_DEBUG : LOG_WARNING) - --uint64_t tasks_max_resolve(const TasksMax *tasks_max) { -+uint64_t cgroup_tasks_max_resolve(const CGroupTasksMax *tasks_max) { - if (tasks_max->scale == 0) - return tasks_max->value; - -@@ -170,7 +170,7 @@ void cgroup_context_init(CGroupContext *c) { - .blockio_weight = CGROUP_BLKIO_WEIGHT_INVALID, - .startup_blockio_weight = CGROUP_BLKIO_WEIGHT_INVALID, - -- .tasks_max = TASKS_MAX_UNSET, -+ .tasks_max = CGROUP_TASKS_MAX_UNSET, - - .moom_swap = MANAGED_OOM_AUTO, - .moom_mem_pressure = MANAGED_OOM_AUTO, -@@ -562,7 +562,7 @@ void cgroup_context_dump(Unit *u, FILE* f, const char *prefix) { - prefix, c->memory_zswap_max, format_cgroup_memory_limit_comparison(cdj, sizeof(cdj), u, "MemoryZSwapMax"), - prefix, c->startup_memory_zswap_max, format_cgroup_memory_limit_comparison(cdk, sizeof(cdk), u, "StartupMemoryZSwapMax"), - prefix, c->memory_limit, -- prefix, tasks_max_resolve(&c->tasks_max), -+ prefix, cgroup_tasks_max_resolve(&c->tasks_max), - prefix, cgroup_device_policy_to_string(c->device_policy), - prefix, strempty(disable_controllers_str), - prefix, delegate_str, -@@ -1760,9 +1760,9 @@ static void cgroup_context_apply( - * which is desirable so that there's an official way to release control of the sysctl from - * systemd: set the limit to unbounded and reload. */ - -- if (tasks_max_isset(&c->tasks_max)) { -+ if (cgroup_tasks_max_isset(&c->tasks_max)) { - u->manager->sysctl_pid_max_changed = true; -- r = procfs_tasks_set_limit(tasks_max_resolve(&c->tasks_max)); -+ r = procfs_tasks_set_limit(cgroup_tasks_max_resolve(&c->tasks_max)); - } else if (u->manager->sysctl_pid_max_changed) - r = procfs_tasks_set_limit(TASKS_MAX); - else -@@ -1775,10 +1775,10 @@ static void cgroup_context_apply( - /* The attribute itself is not available on the host root cgroup, and in the container case we want to - * leave it for the container manager. */ - if (!is_local_root) { -- if (tasks_max_isset(&c->tasks_max)) { -+ if (cgroup_tasks_max_isset(&c->tasks_max)) { - char buf[DECIMAL_STR_MAX(uint64_t) + 1]; - -- xsprintf(buf, "%" PRIu64 "\n", tasks_max_resolve(&c->tasks_max)); -+ xsprintf(buf, "%" PRIu64 "\n", cgroup_tasks_max_resolve(&c->tasks_max)); - (void) set_attribute_and_warn(u, "pids", "pids.max", buf); - } else - (void) set_attribute_and_warn(u, "pids", "pids.max", "max\n"); -@@ -1894,7 +1894,7 @@ static CGroupMask unit_get_cgroup_mask(Unit *u) { - mask |= CGROUP_MASK_DEVICES | CGROUP_MASK_BPF_DEVICES; - - if (c->tasks_accounting || -- tasks_max_isset(&c->tasks_max)) -+ cgroup_tasks_max_isset(&c->tasks_max)) - mask |= CGROUP_MASK_PIDS; - - return CGROUP_MASK_EXTEND_JOINED(mask); -diff --git a/src/core/cgroup.h b/src/core/cgroup.h -index 9f1963b3f2..486957b545 100644 ---- a/src/core/cgroup.h -+++ b/src/core/cgroup.h -@@ -9,20 +9,20 @@ - #include "list.h" - #include "time-util.h" - --typedef struct TasksMax { -+typedef struct CGroupTasksMax { - /* If scale == 0, just use value; otherwise, value / scale. - * See tasks_max_resolve(). */ - uint64_t value; - uint64_t scale; --} TasksMax; -+} CGroupTasksMax; - --#define TASKS_MAX_UNSET ((TasksMax) { .value = UINT64_MAX, .scale = 0 }) -+#define CGROUP_TASKS_MAX_UNSET ((CGroupTasksMax) { .value = UINT64_MAX, .scale = 0 }) - --static inline bool tasks_max_isset(const TasksMax *tasks_max) { -+static inline bool cgroup_tasks_max_isset(const CGroupTasksMax *tasks_max) { - return tasks_max->value != UINT64_MAX || tasks_max->scale != 0; - } - --uint64_t tasks_max_resolve(const TasksMax *tasks_max); -+uint64_t cgroup_tasks_max_resolve(const CGroupTasksMax *tasks_max); - - typedef struct CGroupContext CGroupContext; - typedef struct CGroupDeviceAllow CGroupDeviceAllow; -@@ -210,7 +210,7 @@ struct CGroupContext { - LIST_HEAD(CGroupSocketBindItem, socket_bind_deny); - - /* Common */ -- TasksMax tasks_max; -+ CGroupTasksMax tasks_max; - - /* Settings for systemd-oomd */ - ManagedOOMMode moom_swap; -diff --git a/src/core/dbus-cgroup.c b/src/core/dbus-cgroup.c -index 5347525844..3c35673779 100644 ---- a/src/core/dbus-cgroup.c -+++ b/src/core/dbus-cgroup.c -@@ -25,7 +25,7 @@ - #include "percent-util.h" - #include "socket-util.h" - --BUS_DEFINE_PROPERTY_GET(bus_property_get_tasks_max, "t", TasksMax, tasks_max_resolve); -+BUS_DEFINE_PROPERTY_GET(bus_property_get_tasks_max, "t", CGroupTasksMax, cgroup_tasks_max_resolve); - BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_cgroup_pressure_watch, cgroup_pressure_watch, CGroupPressureWatch); - - static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_cgroup_device_policy, cgroup_device_policy, CGroupDevicePolicy); -@@ -994,7 +994,7 @@ static int bus_cgroup_set_cpu_weight( - static int bus_cgroup_set_tasks_max( - Unit *u, - const char *name, -- TasksMax *p, -+ CGroupTasksMax *p, - sd_bus_message *message, - UnitWriteFlags flags, - sd_bus_error *error) { -@@ -1013,7 +1013,7 @@ static int bus_cgroup_set_tasks_max( - "Value specified in %s is out of range", name); - - if (!UNIT_WRITE_FLAGS_NOOP(flags)) { -- *p = (TasksMax) { .value = v, .scale = 0 }; /* When .scale==0, .value is the absolute value */ -+ *p = (CGroupTasksMax) { .value = v, .scale = 0 }; /* When .scale==0, .value is the absolute value */ - unit_invalidate_cgroup(u, CGROUP_MASK_PIDS); - - if (v == CGROUP_LIMIT_MAX) -@@ -1030,7 +1030,7 @@ static int bus_cgroup_set_tasks_max( - static int bus_cgroup_set_tasks_max_scale( - Unit *u, - const char *name, -- TasksMax *p, -+ CGroupTasksMax *p, - sd_bus_message *message, - UnitWriteFlags flags, - sd_bus_error *error) { -@@ -1049,7 +1049,7 @@ static int bus_cgroup_set_tasks_max_scale( - "Value specified in %s is out of range", name); - - if (!UNIT_WRITE_FLAGS_NOOP(flags)) { -- *p = (TasksMax) { v, UINT32_MAX }; /* .scale is not 0, so this is interpreted as v/UINT32_MAX. */ -+ *p = (CGroupTasksMax) { v, UINT32_MAX }; /* .scale is not 0, so this is interpreted as v/UINT32_MAX. */ - unit_invalidate_cgroup(u, CGROUP_MASK_PIDS); - - uint32_t scaled = DIV_ROUND_UP((uint64_t) v * 100U, (uint64_t) UINT32_MAX); -diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c -index 86235fa5b6..18ba95a6c5 100644 ---- a/src/core/load-fragment.c -+++ b/src/core/load-fragment.c -@@ -3934,23 +3934,23 @@ int config_parse_tasks_max( - void *userdata) { - - const Unit *u = userdata; -- TasksMax *tasks_max = data; -+ CGroupTasksMax *tasks_max = data; - uint64_t v; - int r; - - if (isempty(rvalue)) { -- *tasks_max = u ? u->manager->default_tasks_max : TASKS_MAX_UNSET; -+ *tasks_max = u ? u->manager->default_tasks_max : CGROUP_TASKS_MAX_UNSET; - return 0; - } - - if (streq(rvalue, "infinity")) { -- *tasks_max = TASKS_MAX_UNSET; -+ *tasks_max = CGROUP_TASKS_MAX_UNSET; - return 0; - } - - r = parse_permyriad(rvalue); - if (r >= 0) -- *tasks_max = (TasksMax) { r, 10000U }; /* r‱ */ -+ *tasks_max = (CGroupTasksMax) { r, 10000U }; /* r‱ */ - else { - r = safe_atou64(rvalue, &v); - if (r < 0) { -@@ -3963,7 +3963,7 @@ int config_parse_tasks_max( - return 0; - } - -- *tasks_max = (TasksMax) { v }; -+ *tasks_max = (CGroupTasksMax) { v }; - } - - return 0; -diff --git a/src/core/main.c b/src/core/main.c -index 14aa1f00c0..efe75d96b3 100644 ---- a/src/core/main.c -+++ b/src/core/main.c -@@ -106,7 +106,7 @@ - #include - #endif - --#define DEFAULT_TASKS_MAX ((TasksMax) { 15U, 100U }) /* 15% */ -+#define DEFAULT_TASKS_MAX ((CGroupTasksMax) { 15U, 100U }) /* 15% */ - - static enum { - ACTION_RUN, -@@ -166,7 +166,7 @@ static bool arg_default_ip_accounting; - static bool arg_default_blockio_accounting; - static bool arg_default_memory_accounting; - static bool arg_default_tasks_accounting; --static TasksMax arg_default_tasks_max; -+static CGroupTasksMax arg_default_tasks_max; - static usec_t arg_default_memory_pressure_threshold_usec; - static CGroupPressureWatch arg_default_memory_pressure_watch; - static sd_id128_t arg_machine_id; -diff --git a/src/core/manager.c b/src/core/manager.c -index 2ccb753888..5f4522392d 100644 ---- a/src/core/manager.c -+++ b/src/core/manager.c -@@ -840,7 +840,7 @@ int manager_new(RuntimeScope runtime_scope, ManagerTestRunFlags test_run_flags, - .default_timer_accuracy_usec = USEC_PER_MINUTE, - .default_memory_accounting = MEMORY_ACCOUNTING_DEFAULT, - .default_tasks_accounting = true, -- .default_tasks_max = TASKS_MAX_UNSET, -+ .default_tasks_max = CGROUP_TASKS_MAX_UNSET, - .default_timeout_start_usec = manager_default_timeout(runtime_scope), - .default_timeout_stop_usec = manager_default_timeout(runtime_scope), - .default_restart_usec = DEFAULT_RESTART_USEC, -diff --git a/src/core/manager.h b/src/core/manager.h -index a6c87dc852..e4b2393d06 100644 ---- a/src/core/manager.h -+++ b/src/core/manager.h -@@ -375,7 +375,7 @@ struct Manager { - bool default_tasks_accounting; - bool default_ip_accounting; - -- TasksMax default_tasks_max; -+ CGroupTasksMax default_tasks_max; - usec_t default_timer_accuracy_usec; - - OOMPolicy default_oom_policy; -diff --git a/src/test/test-cgroup-mask.c b/src/test/test-cgroup-mask.c -index c0bf585963..35b2599e86 100644 ---- a/src/test/test-cgroup-mask.c -+++ b/src/test/test-cgroup-mask.c -@@ -58,7 +58,7 @@ TEST_RET(cgroup_mask, .sd_booted = true) { - m->default_blockio_accounting = - m->default_io_accounting = - m->default_tasks_accounting = false; -- m->default_tasks_max = TASKS_MAX_UNSET; -+ m->default_tasks_max = CGROUP_TASKS_MAX_UNSET; - - assert_se(manager_startup(m, NULL, NULL, NULL) >= 0); - --- -2.35.3 - diff --git a/5004-bus-print-properties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch b/5004-bus-print-properties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch deleted file mode 100644 index ed0b397..0000000 --- a/5004-bus-print-properties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch +++ /dev/null @@ -1,31 +0,0 @@ -From c44ecd40ed4b4221dd9f03f5c2090d994889064c Mon Sep 17 00:00:00 2001 -From: Mike Yuan -Date: Tue, 23 Jan 2024 11:30:15 +0100 -Subject: [PATCH 5004/5011] bus-print-properties: ignore CGROUP_LIMIT_MAX for - Memory*{Current, Peak} - -MemoryCurrent and MemoryAvailable are shown as "[not set]" when UINT64_MAX -(unset). Let's do the same for the newly-added Memory*{Current,Peak} properties. - -(cherry picked from commit 3f362012ce0034dc14d3c1a1c2a3a64a11efa9da) - -[mkoutny: Drop MemoryPeak=] ---- - src/shared/bus-print-properties.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/shared/bus-print-properties.c b/src/shared/bus-print-properties.c -index db41ad2495..46724c98fa 100644 ---- a/src/shared/bus-print-properties.c -+++ b/src/shared/bus-print-properties.c -@@ -158,6 +158,7 @@ static int bus_print_property(const char *name, const char *expected_value, sd_b - (STR_IN_SET(name, "CPUShares", "StartupCPUShares") && u == CGROUP_CPU_SHARES_INVALID) || - (STR_IN_SET(name, "BlockIOWeight", "StartupBlockIOWeight") && u == CGROUP_BLKIO_WEIGHT_INVALID) || - (STR_IN_SET(name, "MemoryCurrent", "TasksCurrent") && u == UINT64_MAX) || -+ (startswith(name, "Memory") && ENDSWITH_SET(name, "Current") && u == CGROUP_LIMIT_MAX) || - (endswith(name, "NSec") && u == UINT64_MAX)) - - bus_print_property_value(name, expected_value, flags, "[not set]"); --- -2.35.3 - diff --git a/5005-bus-print-properties-prettify-more-unset-properties.patch b/5005-bus-print-properties-prettify-more-unset-properties.patch deleted file mode 100644 index ebc9eb1..0000000 --- a/5005-bus-print-properties-prettify-more-unset-properties.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 278ef74e90a13821fc2209eb09de768035e14478 Mon Sep 17 00:00:00 2001 -From: Mike Yuan -Date: Tue, 23 Jan 2024 11:30:16 +0100 -Subject: [PATCH 5005/5011] bus-print-properties: prettify more unset - properties - -(cherry picked from commit bfb6b1214a8da947cb82fed2eec3d7f2b1c6175f) - -[mkoutny: Handle MemoryAvailable= separately.] ---- - src/shared/bus-print-properties.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/src/shared/bus-print-properties.c b/src/shared/bus-print-properties.c -index 46724c98fa..f74d8994ad 100644 ---- a/src/shared/bus-print-properties.c -+++ b/src/shared/bus-print-properties.c -@@ -157,13 +157,15 @@ static int bus_print_property(const char *name, const char *expected_value, sd_b - else if ((STR_IN_SET(name, "CPUWeight", "StartupCPUWeight", "IOWeight", "StartupIOWeight") && u == CGROUP_WEIGHT_INVALID) || - (STR_IN_SET(name, "CPUShares", "StartupCPUShares") && u == CGROUP_CPU_SHARES_INVALID) || - (STR_IN_SET(name, "BlockIOWeight", "StartupBlockIOWeight") && u == CGROUP_BLKIO_WEIGHT_INVALID) || -- (STR_IN_SET(name, "MemoryCurrent", "TasksCurrent") && u == UINT64_MAX) || -+ (STR_IN_SET(name, "MemoryCurrent", "MemoryAvailable", "TasksCurrent") && u == UINT64_MAX) || - (startswith(name, "Memory") && ENDSWITH_SET(name, "Current") && u == CGROUP_LIMIT_MAX) || -+ (startswith(name, "IO") && ENDSWITH_SET(name, "Bytes", "Operations") && u == UINT64_MAX) || - (endswith(name, "NSec") && u == UINT64_MAX)) - - bus_print_property_value(name, expected_value, flags, "[not set]"); - -- else if ((STR_IN_SET(name, "DefaultMemoryLow", "DefaultMemoryMin", "MemoryLow", "MemoryHigh", "MemoryMax", "MemorySwapMax", "MemoryZSwapMax", "MemoryLimit", "MemoryAvailable") && u == CGROUP_LIMIT_MAX) || -+ else if ((ENDSWITH_SET(name, "MemoryLow", "MemoryMin", "MemoryHigh", "MemoryMax", "MemorySwapMax", "MemoryZSwapMax", "MemoryLimit") && -+ u == CGROUP_LIMIT_MAX) || - (STR_IN_SET(name, "TasksMax", "DefaultTasksMax") && u == UINT64_MAX) || - (startswith(name, "Limit") && u == UINT64_MAX) || - (startswith(name, "DefaultLimit") && u == UINT64_MAX)) --- -2.35.3 - diff --git a/5006-cgroup-Add-EffectiveMemoryMax-EffectiveMemoryHigh-an.patch b/5006-cgroup-Add-EffectiveMemoryMax-EffectiveMemoryHigh-an.patch index a3d7e4a..717746c 100644 --- a/5006-cgroup-Add-EffectiveMemoryMax-EffectiveMemoryHigh-an.patch +++ b/5006-cgroup-Add-EffectiveMemoryMax-EffectiveMemoryHigh-an.patch @@ -1,7 +1,7 @@ -From 9c86b2c20823dce7f8303648f7e8a8d76342d1d0 Mon Sep 17 00:00:00 2001 +From 840527985f03a4327fc0fe78e45d889742601698 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20Koutn=C3=BD?= -Date: Tue, 23 Jan 2024 11:30:17 +0100 -Subject: [PATCH 5006/5011] cgroup: Add EffectiveMemoryMax=, +Date: Fri, 11 Aug 2023 13:51:20 +0200 +Subject: [PATCH 5006/5010] cgroup: Add EffectiveMemoryMax=, EffectiveMemoryHigh= and EffectiveTasksMax= properties Users become perplexed when they run their workload in a unit with no @@ -28,22 +28,21 @@ reason about outer setup. Complete solution would need kernel support. (cherry picked from commit 4fb0d2dc140c9a2c01c236d2a8dc09a44157e896) -[mkoutny: adjust context, drop unapplicable XML] [mkoutny: fixes jsc#PED-5659] --- - man/org.freedesktop.systemd1.xml | 108 ++++++++++++++++++++++++++++++ + man/org.freedesktop.systemd1.xml | 126 ++++++++++++++++++++++++++++++ man/systemd.resource-control.xml | 11 ++- - src/core/cgroup.c | 48 +++++++++++++ - src/core/cgroup.h | 13 ++++ - src/core/dbus-unit.c | 25 +++++++ + src/core/cgroup.c | 48 ++++++++++++ + src/core/cgroup.h | 13 +++ + src/core/dbus-unit.c | 25 ++++++ src/shared/bus-print-properties.c | 6 +- - 6 files changed, 206 insertions(+), 5 deletions(-) + 6 files changed, 224 insertions(+), 5 deletions(-) diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml -index 2e357539fb..02db33626d 100644 +index a1bcbba02f..59733c0039 100644 --- a/man/org.freedesktop.systemd1.xml +++ b/man/org.freedesktop.systemd1.xml -@@ -2716,6 +2716,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { +@@ -2786,6 +2786,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t MemoryAvailable = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -54,7 +53,7 @@ index 2e357539fb..02db33626d 100644 readonly t CPUUsageNSec = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly ay EffectiveCPUs = [...]; -@@ -2724,6 +2728,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { +@@ -2794,6 +2798,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t TasksCurrent = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -63,9 +62,9 @@ index 2e357539fb..02db33626d 100644 readonly t IPIngressBytes = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t IPIngressPackets = ...; -@@ -3335,6 +3341,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { +@@ -3419,6 +3425,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { - + + + @@ -74,7 +73,7 @@ index 2e357539fb..02db33626d 100644 -@@ -3343,6 +3353,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { +@@ -3427,6 +3437,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { @@ -83,7 +82,7 @@ index 2e357539fb..02db33626d 100644 -@@ -3963,6 +3975,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { +@@ -4061,6 +4073,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { @@ -94,7 +93,7 @@ index 2e357539fb..02db33626d 100644 -@@ -3971,6 +3987,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { +@@ -4069,6 +4085,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice { @@ -103,7 +102,7 @@ index 2e357539fb..02db33626d 100644 -@@ -4748,6 +4766,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { +@@ -4865,6 +4883,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t MemoryAvailable = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -114,7 +113,7 @@ index 2e357539fb..02db33626d 100644 readonly t CPUUsageNSec = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly ay EffectiveCPUs = [...]; -@@ -4756,6 +4778,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { +@@ -4873,6 +4895,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t TasksCurrent = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -123,9 +122,9 @@ index 2e357539fb..02db33626d 100644 readonly t IPIngressBytes = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t IPIngressPackets = ...; -@@ -5377,6 +5401,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { +@@ -5508,6 +5532,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { - + + + @@ -134,7 +133,7 @@ index 2e357539fb..02db33626d 100644 -@@ -5385,6 +5413,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { +@@ -5516,6 +5544,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { @@ -143,7 +142,7 @@ index 2e357539fb..02db33626d 100644 -@@ -5983,6 +6013,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { +@@ -6132,6 +6162,10 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { @@ -154,7 +153,7 @@ index 2e357539fb..02db33626d 100644 -@@ -5991,6 +6025,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { +@@ -6140,6 +6174,8 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2esocket { @@ -163,7 +162,7 @@ index 2e357539fb..02db33626d 100644 -@@ -6643,6 +6679,10 @@ node /org/freedesktop/systemd1/unit/home_2emount { +@@ -6810,6 +6846,10 @@ node /org/freedesktop/systemd1/unit/home_2emount { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t MemoryAvailable = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -174,7 +173,7 @@ index 2e357539fb..02db33626d 100644 readonly t CPUUsageNSec = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly ay EffectiveCPUs = [...]; -@@ -6651,6 +6691,8 @@ node /org/freedesktop/systemd1/unit/home_2emount { +@@ -6818,6 +6858,8 @@ node /org/freedesktop/systemd1/unit/home_2emount { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t TasksCurrent = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -183,9 +182,9 @@ index 2e357539fb..02db33626d 100644 readonly t IPIngressBytes = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t IPIngressPackets = ...; -@@ -7200,6 +7242,10 @@ node /org/freedesktop/systemd1/unit/home_2emount { +@@ -7381,6 +7423,10 @@ node /org/freedesktop/systemd1/unit/home_2emount { - + + + @@ -194,7 +193,7 @@ index 2e357539fb..02db33626d 100644 -@@ -7208,6 +7254,8 @@ node /org/freedesktop/systemd1/unit/home_2emount { +@@ -7389,6 +7435,8 @@ node /org/freedesktop/systemd1/unit/home_2emount { @@ -203,7 +202,7 @@ index 2e357539fb..02db33626d 100644 -@@ -7724,6 +7772,10 @@ node /org/freedesktop/systemd1/unit/home_2emount { +@@ -7919,6 +7967,10 @@ node /org/freedesktop/systemd1/unit/home_2emount { @@ -214,7 +213,7 @@ index 2e357539fb..02db33626d 100644 -@@ -7732,6 +7784,8 @@ node /org/freedesktop/systemd1/unit/home_2emount { +@@ -7927,6 +7979,8 @@ node /org/freedesktop/systemd1/unit/home_2emount { @@ -223,7 +222,7 @@ index 2e357539fb..02db33626d 100644 -@@ -8511,6 +8565,10 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { +@@ -8720,6 +8774,10 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t MemoryAvailable = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -234,7 +233,7 @@ index 2e357539fb..02db33626d 100644 readonly t CPUUsageNSec = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly ay EffectiveCPUs = [...]; -@@ -8519,6 +8577,8 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { +@@ -8728,6 +8786,8 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t TasksCurrent = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -243,9 +242,9 @@ index 2e357539fb..02db33626d 100644 readonly t IPIngressBytes = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t IPIngressPackets = ...; -@@ -9054,6 +9114,10 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { +@@ -9277,6 +9337,10 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { - + + + @@ -254,7 +253,7 @@ index 2e357539fb..02db33626d 100644 -@@ -9062,6 +9126,8 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { +@@ -9285,6 +9349,8 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { @@ -263,7 +262,7 @@ index 2e357539fb..02db33626d 100644 -@@ -9564,6 +9630,10 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { +@@ -9801,6 +9867,10 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { @@ -274,7 +273,7 @@ index 2e357539fb..02db33626d 100644 -@@ -9572,6 +9642,8 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { +@@ -9809,6 +9879,8 @@ node /org/freedesktop/systemd1/unit/dev_2dsda3_2eswap { @@ -283,7 +282,7 @@ index 2e357539fb..02db33626d 100644 -@@ -10210,6 +10282,10 @@ node /org/freedesktop/systemd1/unit/system_2eslice { +@@ -10461,6 +10533,10 @@ node /org/freedesktop/systemd1/unit/system_2eslice { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t MemoryAvailable = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -294,7 +293,7 @@ index 2e357539fb..02db33626d 100644 readonly t CPUUsageNSec = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly ay EffectiveCPUs = [...]; -@@ -10218,6 +10294,8 @@ node /org/freedesktop/systemd1/unit/system_2eslice { +@@ -10469,6 +10545,8 @@ node /org/freedesktop/systemd1/unit/system_2eslice { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t TasksCurrent = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -303,9 +302,9 @@ index 2e357539fb..02db33626d 100644 readonly t IPIngressBytes = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t IPIngressPackets = ...; -@@ -10381,6 +10459,10 @@ node /org/freedesktop/systemd1/unit/system_2eslice { +@@ -10644,6 +10722,10 @@ node /org/freedesktop/systemd1/unit/system_2eslice { - + + + @@ -314,7 +313,7 @@ index 2e357539fb..02db33626d 100644 -@@ -10389,6 +10471,8 @@ node /org/freedesktop/systemd1/unit/system_2eslice { +@@ -10652,6 +10734,8 @@ node /org/freedesktop/systemd1/unit/system_2eslice { @@ -323,7 +322,7 @@ index 2e357539fb..02db33626d 100644 -@@ -10557,6 +10641,10 @@ node /org/freedesktop/systemd1/unit/system_2eslice { +@@ -10832,6 +10916,10 @@ node /org/freedesktop/systemd1/unit/system_2eslice { @@ -334,7 +333,7 @@ index 2e357539fb..02db33626d 100644 -@@ -10565,6 +10653,8 @@ node /org/freedesktop/systemd1/unit/system_2eslice { +@@ -10840,6 +10928,8 @@ node /org/freedesktop/systemd1/unit/system_2eslice { @@ -343,7 +342,7 @@ index 2e357539fb..02db33626d 100644 -@@ -10759,6 +10849,10 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { +@@ -11046,6 +11136,10 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t MemoryAvailable = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -354,7 +353,7 @@ index 2e357539fb..02db33626d 100644 readonly t CPUUsageNSec = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly ay EffectiveCPUs = [...]; -@@ -10767,6 +10861,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { +@@ -11054,6 +11148,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t TasksCurrent = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") @@ -363,9 +362,9 @@ index 2e357539fb..02db33626d 100644 readonly t IPIngressBytes = ...; @org.freedesktop.DBus.Property.EmitsChangedSignal("false") readonly t IPIngressPackets = ...; -@@ -10950,6 +11046,10 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { +@@ -11249,6 +11345,10 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { - + + + @@ -374,7 +373,7 @@ index 2e357539fb..02db33626d 100644 -@@ -10958,6 +11058,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { +@@ -11257,6 +11357,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { @@ -383,7 +382,7 @@ index 2e357539fb..02db33626d 100644 -@@ -11156,6 +11258,10 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { +@@ -11467,6 +11569,10 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { @@ -394,7 +393,7 @@ index 2e357539fb..02db33626d 100644 -@@ -11164,6 +11270,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { +@@ -11475,6 +11581,8 @@ node /org/freedesktop/systemd1/unit/session_2d1_2escope { @@ -403,11 +402,71 @@ index 2e357539fb..02db33626d 100644 +@@ -11866,6 +11974,9 @@ $ gdbus introspect --system --dest org.freedesktop.systemd1 \ + MemorySwapCurrent, + MemorySwapPeak, and + MemoryZSwapCurrent were added in version 255. ++ EffectiveMemoryHigh, ++ EffectiveMemoryMax, ++ EffectiveTasksMax were added in version 256. + + + Socket Unit Objects +@@ -11897,6 +12008,9 @@ $ gdbus introspect --system --dest org.freedesktop.systemd1 \ + MemorySwapCurrent, + MemorySwapPeak, and + MemoryZSwapCurrent were added in version 255. ++ EffectiveMemoryHigh, ++ EffectiveMemoryMax, ++ EffectiveTasksMax were added in version 256. + + + Mount Unit Objects +@@ -11926,6 +12040,9 @@ $ gdbus introspect --system --dest org.freedesktop.systemd1 \ + MemorySwapCurrent, + MemorySwapPeak, and + MemoryZSwapCurrent were added in version 255. ++ EffectiveMemoryHigh, ++ EffectiveMemoryMax, ++ EffectiveTasksMax were added in version 256. + + + Swap Unit Objects +@@ -11955,6 +12072,9 @@ $ gdbus introspect --system --dest org.freedesktop.systemd1 \ + MemorySwapCurrent, + MemorySwapPeak, and + MemoryZSwapCurrent were added in version 255. ++ EffectiveMemoryHigh, ++ EffectiveMemoryMax, ++ EffectiveTasksMax were added in version 256. + + + Slice Unit Objects +@@ -11975,6 +12095,9 @@ $ gdbus introspect --system --dest org.freedesktop.systemd1 \ + MemorySwapCurrent, + MemorySwapPeak, and + MemoryZSwapCurrent were added in version 255. ++ EffectiveMemoryHigh, ++ EffectiveMemoryMax, ++ EffectiveTasksMax were added in version 256. + + + Scope Unit Objects +@@ -11996,6 +12119,9 @@ $ gdbus introspect --system --dest org.freedesktop.systemd1 \ + MemorySwapCurrent, + MemorySwapPeak, and + MemoryZSwapCurrent were added in version 255. ++ EffectiveMemoryHigh, ++ EffectiveMemoryMax, ++ EffectiveTasksMax were added in version 256. + + + Job Objects diff --git a/man/systemd.resource-control.xml b/man/systemd.resource-control.xml -index 3c17efbe16..5b7900af87 100644 +index 42f265c950..bd8b6a5719 100644 --- a/man/systemd.resource-control.xml +++ b/man/systemd.resource-control.xml -@@ -392,7 +392,9 @@ CPUWeight=20 DisableControllers=cpu / \ +@@ -406,7 +406,9 @@ CPUWeight=20 DisableControllers=cpu / \ system. If assigned the special value infinity, no memory throttling is applied. This controls the memory.high control group attribute. For details about this control group attribute, see @@ -418,7 +477,7 @@ index 3c17efbe16..5b7900af87 100644 While StartupMemoryHigh= applies to the startup and shutdown phases of the system, MemoryHigh= applies to normal runtime of the system, and if the former is not set also to -@@ -418,7 +420,9 @@ CPUWeight=20 DisableControllers=cpu / \ +@@ -434,7 +436,9 @@ CPUWeight=20 DisableControllers=cpu / \ percentage value may be specified, which is taken relative to the installed physical memory on the system. If assigned the special value infinity, no memory limit is applied. This controls the memory.max control group attribute. For details about this control group attribute, see @@ -429,7 +488,7 @@ index 3c17efbe16..5b7900af87 100644 While StartupMemoryMax= applies to the startup and shutdown phases of the system, MemoryMax= applies to normal runtime of the system, and if the former is not set also to -@@ -534,7 +538,8 @@ CPUWeight=20 DisableControllers=cpu / \ +@@ -560,7 +564,8 @@ CPUWeight=20 DisableControllers=cpu / \ limit is applied. This controls the pids.max control group attribute. For details about this control group attribute, the pids controller @@ -440,10 +499,10 @@ index 3c17efbe16..5b7900af87 100644 The system default for this setting may be controlled with DefaultTasksMax= in diff --git a/src/core/cgroup.c b/src/core/cgroup.c -index 5b7205a92e..0842036559 100644 +index 61ac4df1a6..78ca67216a 100644 --- a/src/core/cgroup.c +++ b/src/core/cgroup.c -@@ -4000,6 +4000,46 @@ int unit_get_ip_accounting( +@@ -4243,6 +4243,46 @@ int unit_get_ip_accounting( return r; } @@ -490,10 +549,10 @@ index 5b7205a92e..0842036559 100644 static int unit_get_io_accounting_raw(Unit *u, uint64_t ret[static _CGROUP_IO_ACCOUNTING_METRIC_MAX]) { static const char *const field_names[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = { [CGROUP_IO_READ_BYTES] = "rbytes=", -@@ -4418,3 +4458,11 @@ static const char* const cgroup_pressure_watch_table[_CGROUP_PRESSURE_WATCH_MAX] +@@ -4663,3 +4703,11 @@ static const char* const cgroup_memory_accounting_metric_table[_CGROUP_MEMORY_AC }; - DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(cgroup_pressure_watch, CGroupPressureWatch, CGROUP_PRESSURE_WATCH_ON); + DEFINE_STRING_TABLE_LOOKUP(cgroup_memory_accounting_metric, CGroupMemoryAccountingMetric); + +static const char *const cgroup_limit_type_table[_CGROUP_LIMIT_TYPE_MAX] = { + [CGROUP_LIMIT_MEMORY_MAX] = "EffectiveMemoryMax", @@ -503,12 +562,12 @@ index 5b7205a92e..0842036559 100644 + +DEFINE_STRING_TABLE_LOOKUP(cgroup_limit_type, CGroupLimitType); diff --git a/src/core/cgroup.h b/src/core/cgroup.h -index 486957b545..a19a2fffa3 100644 +index f1b674b4b7..54bce91ea1 100644 --- a/src/core/cgroup.h +++ b/src/core/cgroup.h -@@ -245,6 +245,15 @@ typedef enum CGroupIOAccountingMetric { - _CGROUP_IO_ACCOUNTING_METRIC_INVALID = -EINVAL, - } CGroupIOAccountingMetric; +@@ -276,6 +276,15 @@ typedef enum CGroupMemoryAccountingMetric { + _CGROUP_MEMORY_ACCOUNTING_METRIC_INVALID = -EINVAL, + } CGroupMemoryAccountingMetric; +/* Used for limits whose value sets have infimum */ +typedef enum CGroupLimitType { @@ -521,27 +580,29 @@ index 486957b545..a19a2fffa3 100644 + typedef struct Unit Unit; typedef struct Manager Manager; - -@@ -337,6 +346,7 @@ int unit_get_tasks_current(Unit *u, uint64_t *ret); + typedef enum ManagerState ManagerState; +@@ -374,6 +383,7 @@ int unit_get_tasks_current(Unit *u, uint64_t *ret); int unit_get_cpu_usage(Unit *u, nsec_t *ret); int unit_get_io_accounting(Unit *u, CGroupIOAccountingMetric metric, bool allow_cache, uint64_t *ret); int unit_get_ip_accounting(Unit *u, CGroupIPAccountingMetric metric, uint64_t *ret); +int unit_get_effective_limit(Unit *u, CGroupLimitType type, uint64_t *ret); int unit_reset_cpu_accounting(Unit *u); - int unit_reset_ip_accounting(Unit *u); -@@ -378,3 +388,6 @@ FreezerAction freezer_action_from_string(const char *s) _pure_; + void unit_reset_memory_accounting_last(Unit *u); +@@ -425,5 +435,8 @@ CGroupIPAccountingMetric cgroup_ip_accounting_metric_from_string(const char *s) + const char* cgroup_io_accounting_metric_to_string(CGroupIOAccountingMetric m) _const_; + CGroupIOAccountingMetric cgroup_io_accounting_metric_from_string(const char *s) _pure_; - const char* cgroup_pressure_watch_to_string(CGroupPressureWatch a) _const_; - CGroupPressureWatch cgroup_pressure_watch_from_string(const char *s) _pure_; -+ +const char* cgroup_limit_type_to_string(CGroupLimitType m) _const_; +CGroupLimitType cgroup_limit_type_from_string(const char *s) _pure_; ++ + const char* cgroup_memory_accounting_metric_to_string(CGroupMemoryAccountingMetric m) _const_; + CGroupMemoryAccountingMetric cgroup_memory_accounting_metric_from_string(const char *s) _pure_; diff --git a/src/core/dbus-unit.c b/src/core/dbus-unit.c -index ed376cec87..b4509a990e 100644 +index 1a037b7035..ac6add4700 100644 --- a/src/core/dbus-unit.c +++ b/src/core/dbus-unit.c -@@ -1438,6 +1438,28 @@ static int property_get_io_counter( +@@ -1441,6 +1441,28 @@ static int property_get_io_counter( return sd_bus_message_append(reply, "t", value); } @@ -568,11 +629,11 @@ index ed376cec87..b4509a990e 100644 +} + int bus_unit_method_attach_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) { - _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL; -@@ -1557,10 +1579,13 @@ const sd_bus_vtable bus_unit_cgroup_vtable[] = { - SD_BUS_PROPERTY("ControlGroupId", "t", NULL, offsetof(Unit, cgroup_id), 0), - SD_BUS_PROPERTY("MemoryCurrent", "t", property_get_current_memory, 0, 0), + _cleanup_set_free_ Set *pids = NULL; +@@ -1562,10 +1584,13 @@ const sd_bus_vtable bus_unit_cgroup_vtable[] = { + SD_BUS_PROPERTY("MemorySwapPeak", "t", property_get_memory_accounting, 0, 0), + SD_BUS_PROPERTY("MemoryZSwapCurrent", "t", property_get_memory_accounting, 0, 0), SD_BUS_PROPERTY("MemoryAvailable", "t", property_get_available_memory, 0, 0), + SD_BUS_PROPERTY("EffectiveMemoryMax", "t", property_get_effective_limit, 0, 0), + SD_BUS_PROPERTY("EffectiveMemoryHigh", "t", property_get_effective_limit, 0, 0), @@ -585,7 +646,7 @@ index ed376cec87..b4509a990e 100644 SD_BUS_PROPERTY("IPIngressPackets", "t", property_get_ip_counter, 0, 0), SD_BUS_PROPERTY("IPEgressBytes", "t", property_get_ip_counter, 0, 0), diff --git a/src/shared/bus-print-properties.c b/src/shared/bus-print-properties.c -index f74d8994ad..62bbc598bb 100644 +index 6704e1ef3d..99b1cc7c70 100644 --- a/src/shared/bus-print-properties.c +++ b/src/shared/bus-print-properties.c @@ -164,9 +164,11 @@ static int bus_print_property(const char *name, const char *expected_value, sd_b diff --git a/5007-test-Convert-rlimit-test-to-subtest-of-generic-limit.patch b/5007-test-Convert-rlimit-test-to-subtest-of-generic-limit.patch index ece5242..983b9d3 100644 --- a/5007-test-Convert-rlimit-test-to-subtest-of-generic-limit.patch +++ b/5007-test-Convert-rlimit-test-to-subtest-of-generic-limit.patch @@ -1,7 +1,7 @@ -From 46451a18828473edaf7e9873a084f26f0c827a3d Mon Sep 17 00:00:00 2001 +From 207784eeaab0c274dc087056f20523d7c10939fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20Koutn=C3=BD?= -Date: Tue, 23 Jan 2024 11:30:18 +0100 -Subject: [PATCH 5007/5011] test: Convert rlimit test to subtest of generic +Date: Wed, 9 Aug 2023 22:42:36 +0200 +Subject: [PATCH 5007/5010] test: Convert rlimit test to subtest of generic limit testing No functional change intended. Preparation for new tests. diff --git a/5008-test-Add-effective-cgroup-limits-testing.patch b/5008-test-Add-effective-cgroup-limits-testing.patch index 7df8f4e..cb528f3 100644 --- a/5008-test-Add-effective-cgroup-limits-testing.patch +++ b/5008-test-Add-effective-cgroup-limits-testing.patch @@ -1,7 +1,7 @@ -From d0c92dae23e409f6a29f70f039455c08610c943f Mon Sep 17 00:00:00 2001 +From 10d8f042c0bf685d41b95d7151214999a8ff68c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20Koutn=C3=BD?= -Date: Tue, 23 Jan 2024 11:30:19 +0100 -Subject: [PATCH 5008/5011] test: Add effective cgroup limits testing +Date: Wed, 9 Aug 2023 22:43:31 +0200 +Subject: [PATCH 5008/5010] test: Add effective cgroup limits testing (cherry picked from commit ce35bb95c7b6fe9a48d2b8628bd690279b17fffa) @@ -87,10 +87,10 @@ index 0000000000..3ff8e83140 + +rm -f /run/systemd/system/"$pre"* || : diff --git a/test/units/util.sh b/test/units/util.sh -index 932fe1e603..7af98bb45e 100755 +index b5ed73237c..567cda2845 100755 --- a/test/units/util.sh +++ b/test/units/util.sh -@@ -26,6 +26,15 @@ assert_eq() {( +@@ -28,6 +28,15 @@ assert_eq() {( fi )} diff --git a/5009-cgroup-Restrict-effective-limits-with-global-resourc.patch b/5009-cgroup-Restrict-effective-limits-with-global-resourc.patch index 889ab52..6ea10d2 100644 --- a/5009-cgroup-Restrict-effective-limits-with-global-resourc.patch +++ b/5009-cgroup-Restrict-effective-limits-with-global-resourc.patch @@ -1,7 +1,7 @@ -From edfd70ab2c5490131fcf5a4348e31c19251d3479 Mon Sep 17 00:00:00 2001 +From 355275a7708d09f7be27ea239478cb3c6defbb9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20Koutn=C3=BD?= -Date: Tue, 23 Jan 2024 11:30:20 +0100 -Subject: [PATCH 5009/5011] cgroup: Restrict effective limits with global +Date: Mon, 14 Aug 2023 19:59:57 +0200 +Subject: [PATCH 5009/5010] cgroup: Restrict effective limits with global resource provision Global resource (whole system or root cg's (e.g. in a container)) is @@ -17,10 +17,10 @@ when calculating effective limits. 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/man/systemd.resource-control.xml b/man/systemd.resource-control.xml -index 5b7900af87..ded4722e7a 100644 +index bd8b6a5719..c2aa5b57e8 100644 --- a/man/systemd.resource-control.xml +++ b/man/systemd.resource-control.xml -@@ -422,7 +422,7 @@ CPUWeight=20 DisableControllers=cpu / \ +@@ -438,7 +438,7 @@ CPUWeight=20 DisableControllers=cpu / \ memory.max control group attribute. For details about this control group attribute, see Memory Interface Files. The effective configuration is reported as EffectiveMemoryMax= (the value is @@ -30,10 +30,10 @@ index 5b7900af87..ded4722e7a 100644 While StartupMemoryMax= applies to the startup and shutdown phases of the system, MemoryMax= applies to normal runtime of the system, and if the former is not set also to diff --git a/src/core/cgroup.c b/src/core/cgroup.c -index 0842036559..a53d90486c 100644 +index 78ca67216a..285fa200d6 100644 --- a/src/core/cgroup.c +++ b/src/core/cgroup.c -@@ -4006,6 +4006,17 @@ static uint64_t unit_get_effective_limit_one(Unit *u, CGroupLimitType type) { +@@ -4249,6 +4249,17 @@ static uint64_t unit_get_effective_limit_one(Unit *u, CGroupLimitType type) { assert(u); assert(UNIT_HAS_CGROUP_CONTEXT(u)); diff --git a/5010-cgroup-Rename-effective-limits-internal-table.patch b/5010-cgroup-Rename-effective-limits-internal-table.patch index 2342136..d4bcc77 100644 --- a/5010-cgroup-Rename-effective-limits-internal-table.patch +++ b/5010-cgroup-Rename-effective-limits-internal-table.patch @@ -1,7 +1,7 @@ -From 0c3448f0e341e3e1f23722e4275c4fdd4062d280 Mon Sep 17 00:00:00 2001 +From ae7d09f074e554a241ba66a2dee2a0cb4b3a0162 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20Koutn=C3=BD?= -Date: Tue, 23 Jan 2024 11:30:21 +0100 -Subject: [PATCH 5010/5011] cgroup: Rename effective limits internal table +Date: Mon, 22 Jan 2024 16:58:18 +0100 +Subject: [PATCH 5010/5010] cgroup: Rename effective limits internal table Post-merge fixup of commit 4fb0d2dc14 ("cgroup: Add EffectiveMemoryMax=, EffectiveMemoryHigh= and EffectiveTasksMax= properties"), no functional @@ -9,7 +9,6 @@ change intended. (cherry picked from commit 8ad614890bba66b5f6b590d6a3e1b8b04a920126) -[mkoutny: adjust context] [mkoutny: fixes jsc#PED-5659] --- src/core/cgroup.c | 4 ++-- @@ -18,12 +17,12 @@ change intended. 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/core/cgroup.c b/src/core/cgroup.c -index a53d90486c..2d8d61a26d 100644 +index 285fa200d6..0c30aefe80 100644 --- a/src/core/cgroup.c +++ b/src/core/cgroup.c -@@ -4470,10 +4470,10 @@ static const char* const cgroup_pressure_watch_table[_CGROUP_PRESSURE_WATCH_MAX] +@@ -4715,10 +4715,10 @@ static const char* const cgroup_memory_accounting_metric_table[_CGROUP_MEMORY_AC - DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(cgroup_pressure_watch, CGroupPressureWatch, CGROUP_PRESSURE_WATCH_ON); + DEFINE_STRING_TABLE_LOOKUP(cgroup_memory_accounting_metric, CGroupMemoryAccountingMetric); -static const char *const cgroup_limit_type_table[_CGROUP_LIMIT_TYPE_MAX] = { +static const char *const cgroup_effective_limit_type_table[_CGROUP_LIMIT_TYPE_MAX] = { @@ -35,22 +34,25 @@ index a53d90486c..2d8d61a26d 100644 -DEFINE_STRING_TABLE_LOOKUP(cgroup_limit_type, CGroupLimitType); +DEFINE_STRING_TABLE_LOOKUP(cgroup_effective_limit_type, CGroupLimitType); diff --git a/src/core/cgroup.h b/src/core/cgroup.h -index a19a2fffa3..9ff650abcf 100644 +index 54bce91ea1..6e3d05b7d2 100644 --- a/src/core/cgroup.h +++ b/src/core/cgroup.h -@@ -389,5 +389,5 @@ FreezerAction freezer_action_from_string(const char *s) _pure_; - const char* cgroup_pressure_watch_to_string(CGroupPressureWatch a) _const_; - CGroupPressureWatch cgroup_pressure_watch_from_string(const char *s) _pure_; +@@ -435,8 +435,8 @@ CGroupIPAccountingMetric cgroup_ip_accounting_metric_from_string(const char *s) + const char* cgroup_io_accounting_metric_to_string(CGroupIOAccountingMetric m) _const_; + CGroupIOAccountingMetric cgroup_io_accounting_metric_from_string(const char *s) _pure_; -const char* cgroup_limit_type_to_string(CGroupLimitType m) _const_; -CGroupLimitType cgroup_limit_type_from_string(const char *s) _pure_; +const char* cgroup_effective_limit_type_to_string(CGroupLimitType m) _const_; +CGroupLimitType cgroup_effective_limit_type_from_string(const char *s) _pure_; + + const char* cgroup_memory_accounting_metric_to_string(CGroupMemoryAccountingMetric m) _const_; + CGroupMemoryAccountingMetric cgroup_memory_accounting_metric_from_string(const char *s) _pure_; diff --git a/src/core/dbus-unit.c b/src/core/dbus-unit.c -index b4509a990e..da22e8f524 100644 +index ac6add4700..bb19831814 100644 --- a/src/core/dbus-unit.c +++ b/src/core/dbus-unit.c -@@ -1455,7 +1455,7 @@ static int property_get_effective_limit( +@@ -1458,7 +1458,7 @@ static int property_get_effective_limit( assert(reply); assert(property); diff --git a/files.devel b/files.devel index bffa68d..304b850 100644 --- a/files.devel +++ b/files.devel @@ -558,6 +558,7 @@ %{_mandir}/man3/sd_hwdb_unref.3.gz %{_mandir}/man3/sd_id128_equal.3.gz %{_mandir}/man3/sd_id128_from_string.3.gz +%{_mandir}/man3/sd_id128_get_app_specific.3.gz %{_mandir}/man3/sd_id128_get_boot.3.gz %{_mandir}/man3/sd_id128_get_boot_app_specific.3.gz %{_mandir}/man3/sd_id128_get_invocation.3.gz diff --git a/files.experimental b/files.experimental index aa23c6a..c280588 100644 --- a/files.experimental +++ b/files.experimental @@ -15,8 +15,8 @@ %{_datadir}/dbus-1/system.d/org.freedesktop.oom1.conf %{_datadir}/zsh/site-functions/_oomctl %{_mandir}/man1/oomctl.1.gz -%if %{with sd_boot} %{_mandir}/man1/systemd-measure.1.gz +%if %{with sd_boot} %{_mandir}/man1/ukify.1.gz %endif %{_mandir}/man5/oomd.conf.5.gz @@ -27,16 +27,12 @@ %{_mandir}/man8/systemd-oomd.8.gz %{_mandir}/man8/systemd-oomd.service.8.gz %if %{with sd_boot} +%{_mandir}/man8/systemd-pcrextend.8.gz %{_mandir}/man8/systemd-pcrfs-root.service.8.gz %{_mandir}/man8/systemd-pcrfs@.service.8.gz %{_mandir}/man8/systemd-pcrmachine.service.8.gz %{_mandir}/man8/systemd-pcrphase-initrd.service.8.gz %{_mandir}/man8/systemd-pcrphase-sysinit.service.8.gz -%if %{with upstream} -%{_mandir}/man8/systemd-pcrextend.8.gz -%else -%{_mandir}/man8/systemd-pcrphase.8.gz -%endif %{_mandir}/man8/systemd-pcrphase.service.8.gz %endif %{_mandir}/man8/systemd-repart.8.gz @@ -52,21 +48,16 @@ %{_systemd_util_dir}/oomd.conf %{_systemd_util_dir}/system/initrd-root-fs.target.wants/systemd-repart.service %{_systemd_util_dir}/system/sysinit.target.wants/systemd-repart.service -%if %{with sd_boot} %{_systemd_util_dir}/systemd-measure -%endif %{_systemd_util_dir}/systemd-oomd %if %{with sd_boot} -%if %{with upstream} %{_systemd_util_dir}/systemd-pcrextend -%else -%{_systemd_util_dir}/systemd-pcrphase -%endif %endif %{_systemd_util_dir}/systemd-sysupdate %{_systemd_util_dir}/systemd-userwork %if %{with sd_boot} %{_systemd_util_dir}/ukify +%{_bindir}/ukify %endif %{_sysusersdir}/systemd-oom.conf %if %{with sd_boot} @@ -90,3 +81,89 @@ %{_unitdir}/systemd-sysupdate-reboot.timer %{_unitdir}/systemd-sysupdate.service %{_unitdir}/systemd-sysupdate.timer + +%{_prefix}/lib/pcrlock.d/350-action-efi-application.pcrlock +%{_prefix}/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/300-0x00000000.pcrlock +%{_prefix}/lib/pcrlock.d/400-secureboot-separator.pcrlock.d/600-0xffffffff.pcrlock +%{_prefix}/lib/pcrlock.d/500-separator.pcrlock.d/300-0x00000000.pcrlock +%{_prefix}/lib/pcrlock.d/500-separator.pcrlock.d/600-0xffffffff.pcrlock +%{_prefix}/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/300-present.pcrlock +%{_prefix}/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d/600-absent.pcrlock +%{_prefix}/lib/pcrlock.d/750-enter-initrd.pcrlock +%{_prefix}/lib/pcrlock.d/800-leave-initrd.pcrlock +%{_prefix}/lib/pcrlock.d/850-sysinit.pcrlock +%{_prefix}/lib/pcrlock.d/900-ready.pcrlock +%{_prefix}/lib/pcrlock.d/950-shutdown.pcrlock +%{_prefix}/lib/pcrlock.d/990-final.pcrlock +%{_mandir}/man5/systemd.pcrlock.5.gz +%{_mandir}/man5/systemd.pcrlock.d.5.gz +%{_mandir}/man8/systemd-pcrlock-file-system.service.8.gz +%{_mandir}/man8/systemd-pcrlock-firmware-code.service.8.gz +%{_mandir}/man8/systemd-pcrlock-firmware-config.service.8.gz +%{_mandir}/man8/systemd-pcrlock-machine-id.service.8.gz +%{_mandir}/man8/systemd-pcrlock-make-policy.service.8.gz +%{_mandir}/man8/systemd-pcrlock-secureboot-authority.service.8.gz +%{_mandir}/man8/systemd-pcrlock-secureboot-policy.service.8.gz +%{_mandir}/man8/systemd-pcrlock.8.gz +%if %{with sd_boot} +%{_unitdir}/systemd-pcrextend.socket +%{_unitdir}/systemd-pcrextend@.service +%{_unitdir}/sockets.target.wants/systemd-pcrextend.socket +%{_unitdir}/systemd-pcrlock-file-system.service +%{_unitdir}/systemd-pcrlock-firmware-code.service +%{_unitdir}/systemd-pcrlock-firmware-config.service +%{_unitdir}/systemd-pcrlock-machine-id.service +%{_unitdir}/systemd-pcrlock-make-policy.service +%{_unitdir}/systemd-pcrlock-secureboot-authority.service +%{_unitdir}/systemd-pcrlock-secureboot-policy.service +%endif +%{_systemd_util_dir}/systemd-pcrlock + +%{_systemd_util_dir}/repart/definitions/confext.repart.d/10-root.conf +%{_systemd_util_dir}/repart/definitions/confext.repart.d/20-root-verity.conf +%{_systemd_util_dir}/repart/definitions/confext.repart.d/30-root-verity-sig.conf +%{_systemd_util_dir}/repart/definitions/portable.repart.d/10-root.conf +%{_systemd_util_dir}/repart/definitions/portable.repart.d/20-root-verity.conf +%{_systemd_util_dir}/repart/definitions/portable.repart.d/30-root-verity-sig.conf +%{_systemd_util_dir}/repart/definitions/sysext.repart.d/10-root.conf +%{_systemd_util_dir}/repart/definitions/sysext.repart.d/20-root-verity.conf +%{_systemd_util_dir}/repart/definitions/sysext.repart.d/30-root-verity-sig.conf + +%{_mandir}/man8/systemd-storagetm.8.gz +%{_mandir}/man8/systemd-storagetm.service.8.gz +%{_unitdir}/systemd-storagetm.service +%{_unitdir}/storage-target-mode.target +%{_systemd_util_dir}/systemd-storagetm + +%{_unitdir}/initrd.target.wants/systemd-bsod.service +%{_systemd_util_dir}/systemd-bsod +%{_unitdir}/systemd-bsod.service +%{_mandir}/man8/systemd-bsod.8.gz +%{_mandir}/man8/systemd-bsod.service.8.gz + +%{_bindir}/varlinkctl +%{_mandir}/man1/varlinkctl.1.gz + +%{_bindir}/systemd-vmspawn +%{_mandir}/man1/systemd-vmspawn.1.gz + +%dir %{_prefix}/lib/pcrlock.d +%dir %{_prefix}/lib/pcrlock.d/400-secureboot-separator.pcrlock.d +%dir %{_prefix}/lib/pcrlock.d/500-separator.pcrlock.d +%dir %{_prefix}/lib/pcrlock.d/700-action-efi-exit-boot-services.pcrlock.d +%dir %{_systemd_util_dir}/repart +%dir %{_systemd_util_dir}/repart/definitions +%dir %{_systemd_util_dir}/repart/definitions/confext.repart.d +%dir %{_systemd_util_dir}/repart/definitions/portable.repart.d +%dir %{_systemd_util_dir}/repart/definitions/sysext.repart.d + +%if %{with sd_boot} +%{_unitdir}/sysinit.target.wants/systemd-tpm2-setup-early.service +%{_unitdir}/sysinit.target.wants/systemd-tpm2-setup.service +%{_unitdir}/systemd-tpm2-setup-early.service +%{_unitdir}/systemd-tpm2-setup.service +%{_systemd_util_dir}/systemd-tpm2-setup +%{_mandir}/man8/systemd-tpm2-setup-early.service.8.gz +%{_mandir}/man8/systemd-tpm2-setup.8.gz +%{_mandir}/man8/systemd-tpm2-setup.service.8.gz +%endif diff --git a/files.network b/files.network index 6086712..c1b1715 100644 --- a/files.network +++ b/files.network @@ -8,6 +8,8 @@ %{_bindir}/networkctl %{_datadir}/bash-completion/completions/networkctl %{_datadir}/dbus-1/interfaces/org.freedesktop.network1.DHCPServer.xml +%{_datadir}/dbus-1/interfaces/org.freedesktop.network1.DHCPv4Client.xml +%{_datadir}/dbus-1/interfaces/org.freedesktop.network1.DHCPv6Client.xml %{_datadir}/dbus-1/interfaces/org.freedesktop.network1.Link.xml %{_datadir}/dbus-1/interfaces/org.freedesktop.network1.Manager.xml %{_datadir}/dbus-1/interfaces/org.freedesktop.network1.Network.xml @@ -27,19 +29,16 @@ %{_mandir}/man8/systemd-networkd.8.gz %{_mandir}/man8/systemd-networkd.service.8.gz %{_systemd_util_dir}/network/80-6rd-tunnel.network +%{_systemd_util_dir}/network/80-auto-link-local.network.example %{_systemd_util_dir}/network/80-container-host0.network %{_systemd_util_dir}/network/80-container-vb.network %{_systemd_util_dir}/network/80-container-ve.network %{_systemd_util_dir}/network/80-container-vz.network -%if %{with upstream} -%{_systemd_util_dir}/network/89-ethernet.network.example -%else -%{_systemd_util_dir}/network/80-ethernet.network.example -%endif %{_systemd_util_dir}/network/80-vm-vt.network %{_systemd_util_dir}/network/80-wifi-adhoc.network %{_systemd_util_dir}/network/80-wifi-ap.network.example %{_systemd_util_dir}/network/80-wifi-station.network.example +%{_systemd_util_dir}/network/89-ethernet.network.example %{_systemd_util_dir}/networkd.conf %{_systemd_util_dir}/systemd-networkd %{_systemd_util_dir}/systemd-networkd-wait-online diff --git a/files.systemd b/files.systemd index 361e6af..1516dd6 100644 --- a/files.systemd +++ b/files.systemd @@ -1,6 +1,7 @@ # # Please keep the list sorted (with `LC_ALL=C sort`). # + %dir %{_binfmtdir} %if %{without bootstrap} %dir %{_datadir}/bash-completion @@ -323,6 +324,7 @@ %{_mandir}/man8/nss-myhostname.8.gz %{_mandir}/man8/nss-systemd.8.gz %{_mandir}/man8/pam_systemd.8.gz +%{_mandir}/man8/pam_systemd_loadkey.8.gz %{_mandir}/man8/poweroff.8.gz %{_mandir}/man8/reboot.8.gz %{_mandir}/man8/shutdown.8.gz @@ -392,6 +394,7 @@ %endif %{_modprobedir}/systemd.conf %{_pam_moduledir}/pam_systemd.so +%{_pam_moduledir}/pam_systemd_loadkey.so %{_pam_vendordir}/systemd-user %{_sbindir}/halt %{_sbindir}/init @@ -411,6 +414,7 @@ %{_systemd_util_dir}/systemd-binfmt %{_systemd_util_dir}/systemd-boot-check-no-failures %{_systemd_util_dir}/systemd-cgroups-agent +%{_systemd_util_dir}/systemd-executor %{_systemd_util_dir}/systemd-hostnamed %{_systemd_util_dir}/systemd-journald %{_systemd_util_dir}/systemd-localed @@ -546,6 +550,7 @@ %{_unitdir}/sockets.target %{_unitdir}/sockets.target.wants/systemd-journald-dev-log.socket %{_unitdir}/sockets.target.wants/systemd-journald.socket +%{_unitdir}/sockets.target.wants/systemd-sysext.socket %{_unitdir}/soft-reboot.target %{_unitdir}/sound.target %{_unitdir}/swap.target @@ -607,6 +612,8 @@ %{_unitdir}/systemd-soft-reboot.service %{_unitdir}/systemd-sysctl.service %{_unitdir}/systemd-sysext.service +%{_unitdir}/systemd-sysext.socket +%{_unitdir}/systemd-sysext@.service %{_unitdir}/systemd-sysusers.service %{_unitdir}/systemd-time-wait-sync.service %{_unitdir}/systemd-timedated.service diff --git a/files.udev b/files.udev index 54fc044..e40877a 100644 --- a/files.udev +++ b/files.udev @@ -33,13 +33,16 @@ %ghost %attr(644, root, root) %{_prefix}/lib/udev/compat-symlink-generation %ghost %config(noreplace) %{_sysconfdir}/vconsole.conf %ghost %{_localstatedir}/lib/systemd/backlight +%{_bindir}/bootctl %if %{without bootstrap} %{_bindir}/kernel-install %{_bindir}/systemd-cryptenroll +%{_bindir}/systemd-cryptsetup %endif %{_bindir}/systemd-hwdb %{_bindir}/udevadm %if %{without bootstrap} +%{_datadir}/bash-completion/completions/bootctl %{_datadir}/bash-completion/completions/kernel-install %{_datadir}/bash-completion/completions/systemd-cryptenroll %{_datadir}/bash-completion/completions/udevadm @@ -49,11 +52,13 @@ %{_datadir}/pkgconfig/udev.pc %{_datadir}/polkit-1/actions/org.freedesktop.timesync1.policy %if %{without bootstrap} +%{_datadir}/zsh/site-functions/_bootctl %{_datadir}/zsh/site-functions/_kernel-install %{_datadir}/zsh/site-functions/_udevadm %{_libdir}/cryptsetup/libcryptsetup-token-systemd-fido2.so %{_libdir}/cryptsetup/libcryptsetup-token-systemd-pkcs11.so %{_libdir}/cryptsetup/libcryptsetup-token-systemd-tpm2.so +%{_mandir}/man1/bootctl.1.gz %{_mandir}/man1/systemd-cryptenroll.1.gz %{_mandir}/man5/crypttab.5.gz %{_mandir}/man5/integritytab.5.gz @@ -241,6 +246,7 @@ %{_udevrulesdir}/60-input-id.rules %{_udevrulesdir}/60-persistent-alsa.rules %{_udevrulesdir}/60-persistent-input.rules +%{_udevrulesdir}/60-persistent-storage-mtd.rules %{_udevrulesdir}/60-persistent-storage-tape.rules %{_udevrulesdir}/60-persistent-storage.rules %{_udevrulesdir}/60-persistent-v4l.rules @@ -315,6 +321,7 @@ %{_unitdir}/systemd-fsck@.service %{_unitdir}/systemd-growfs-root.service %{_unitdir}/systemd-growfs@.service +%{_unitdir}/systemd-hibernate-resume.service %{_unitdir}/systemd-hibernate.service %{_unitdir}/systemd-hwdb-update.service %{_unitdir}/systemd-hybrid-sleep.service diff --git a/files.uefi-boot b/files.uefi-boot index 5712f17..494e0d5 100644 --- a/files.uefi-boot +++ b/files.uefi-boot @@ -3,11 +3,7 @@ # %dir %{_systemd_util_dir}/boot %dir %{_systemd_util_dir}/boot/efi -%{_bindir}/bootctl %if %{without bootstrap} -%{_datadir}/bash-completion/completions/bootctl -%{_datadir}/zsh/site-functions/_bootctl -%{_mandir}/man1/bootctl.1.gz %{_mandir}/man5/loader.conf.5.gz %{_mandir}/man7/linuxaa64.efi.stub.7.gz %{_mandir}/man7/linuxia32.efi.stub.7.gz diff --git a/systemd-v254.9+suse.30.g31f1148f75.tar.xz b/systemd-v254.9+suse.30.g31f1148f75.tar.xz deleted file mode 100644 index 20d1956..0000000 --- a/systemd-v254.9+suse.30.g31f1148f75.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:67af3a7f3c6bd95e677f8bbae803429f8f1b1a7e282d31645620f7740556f29f -size 10407004 diff --git a/systemd-v255.3+suse.15.g96edf7ad18.tar.xz b/systemd-v255.3+suse.15.g96edf7ad18.tar.xz new file mode 100644 index 0000000..1bc16d0 --- /dev/null +++ b/systemd-v255.3+suse.15.g96edf7ad18.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6cd4797c9008052e3b188451be89f7196072475c971d1619cb880280336c2761 +size 10712448 diff --git a/systemd.changes b/systemd.changes index 8163e39..9117c91 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,53 @@ +------------------------------------------------------------------- +Fri Feb 23 09:09:57 UTC 2024 - Franck Bui + +- Upgrade to v255.3 (commit 96edf7ad1866172b994cafb4df49e27d68ce8e87) + + See https://github.com/openSUSE/systemd/blob/SUSE/v255/NEWS for details. + + - This includes the following bug fixes: + + - commit 6e10405aa25fe5e76b740d9ec59730e3f4470c7a (bsc#1219766) + + - The following patches have been rebased: + + - 0002-rc-local-fix-ordering-startup-for-etc-init.d-boot.lo.patch + - 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch + - 0009-pid1-handle-console-specificities-weirdness-for-s390.patch + - 5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch + - 5002-Revert-udev-revert-workarounds-for-issues-caused-by-.patch + + - The following patches have been removed since they're part of v255: + + - 5003-cgroup-rename-TasksMax-structure-to-CGroupTasksMax.patch + - 5004-bus-print-properties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch + - 5005-bus-print-properties-prettify-more-unset-properties.patch + + - systemd-boot has been added to the list of the dependencies of the + systemd-testsuite package as the installation of the bootloader is now + tested. + + - the following patches have been backported on top of v255.3: + + 96edf7ad18 service: Demote log level of NotifyAccess= messages to debug (bsc#1210113 jsc#PED-6214) + fdde7f26d6 vconsole-setup: don't fail if the only found vc is already used by plymouth (bsc#1218618) + f96c587d41 rules: set up tty permissions and group for /dev/hvc* nodes (bsc#1218137) + 63a41b8899 vconsole-setup: remember the correct error value when open_terminal() fails + f51a2e038c vconsole-setup: handle the case where the vc is in KD_GRAPHICS mode more gracefully (bsc#1215282) + 15025a04c4 test: make sure to install the filesystem package in the test image on SUSE + 06fecfb635 test: make sure that sd-boot is installed before testing bootctl + 1e8788ea68 test: install systemd-boot in openSUSE test images + 6e2875ad43 test/test-shutdown.py: optionally display the test I/Os in a dedicated log file + 4be1a801b4 test-69: send SIGTERM to ask systemd-nspawn to properly stop the container + 7bdab7b7c7 man: Document ranges for distributions config files and local config files + 3f12a6c22f test: systemd-update-utmp is optional + 1911c7fd95 man: conditionalize sd-pcrlock and sd-measure on the same variable as their binaries + 352f76f734 man: always install bootctl + b48a18c464 meson: fix installation of html doc aliases + +- bootctl has been moved to the udev package since some of its commands work on + non UEFI systems too. + ------------------------------------------------------------------- Fri Feb 23 07:51:50 UTC 2024 - Franck Bui diff --git a/systemd.spec b/systemd.spec index ed46d34..307171a 100644 --- a/systemd.spec +++ b/systemd.spec @@ -18,9 +18,9 @@ %global flavor @BUILD_FLAVOR@%{nil} -%define systemd_version 254.9 +%define systemd_version 255.3 %define systemd_release 0 -%define archive_version +suse.30.g31f1148f75 +%define archive_version +suse.15.g96edf7ad18 %if 0%{?_build_in_place} # Allow users to specify the version and the release when building the rpm in @@ -240,9 +240,6 @@ Patch5: 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch Patch5001: 5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch Patch5002: 5002-Revert-udev-revert-workarounds-for-issues-caused-by-.patch # jsc#PED-5659 -Patch5003: 5003-cgroup-rename-TasksMax-structure-to-CGroupTasksMax.patch -Patch5004: 5004-bus-print-properties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch -Patch5005: 5005-bus-print-properties-prettify-more-unset-properties.patch Patch5006: 5006-cgroup-Add-EffectiveMemoryMax-EffectiveMemoryHigh-an.patch Patch5007: 5007-test-Convert-rlimit-test-to-subtest-of-generic-limit.patch Patch5008: 5008-test-Add-effective-cgroup-limits-testing.patch @@ -638,6 +635,7 @@ Requires: attr Requires: binutils Requires: busybox-static Requires: cryptsetup +Requires: dhcp-client Requires: dosfstools Requires: jq Requires: libcap-progs @@ -648,6 +646,7 @@ Requires: libtss2-rc0 Requires: lz4 Requires: make Requires: mtools +Requires: net-tools-deprecated Requires: netcat Requires: python3-pexpect Requires: qemu @@ -659,6 +658,9 @@ Requires: pkgconfig(libfido2) Requires: pkgconfig(tss2-esys) Requires: pkgconfig(tss2-mu) Requires: pkgconfig(tss2-rc) +%if %{with sd_boot} +Requires: systemd-boot +%endif %if %{with coredump} Requires: systemd-coredump %endif @@ -786,31 +788,59 @@ export CFLAGS="%{optflags} -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" -Ddebug-shell=/bin/bash \ \ -Dbump-proc-sys-fs-nr-open=false \ + -Ddbus=false \ + -Ddefault-network=false \ + -Dglib=false \ -Dgshadow=false \ -Dldconfig=false \ + -Dlibidn=false \ -Dsmack=false \ + -Dxenctrl=false \ + -Dxkbcommon=false \ \ -Dpstore=true \ \ - -Dapparmor=%{when apparmor} \ + -Daudit=%{when_not bootstrap} \ -Dbpf-framework=%{when_not bootstrap} \ + -Dbzip2=%{when importd} \ -Defi=%{when_not bootstrap} \ -Delfutils=%{when_not bootstrap} \ + -Dfdisk=%{when_not bootstrap} \ + -Dgcrypt=%{when_not bootstrap} \ + -Dgnutls=%{when_not bootstrap} \ -Dhtml=%{when_not bootstrap} \ -Dima=%{when_not bootstrap} \ -Dkernel-install=%{when_not bootstrap} \ + -Dlibfido2=%{when_not bootstrap} \ + -Dlibidn2=%{when resolved} \ + -Dlibiptc=%{when_not bootstrap} \ + -Dlz4=%{when_not bootstrap} \ + -Dqrencode=%{when_not bootstrap} \ -Dkmod=%{when_not bootstrap} \ + -Dlibcryptsetup=%{when_not bootstrap} \ -Dlibcryptsetup-plugins=%{when_not bootstrap} \ + -Dlibcurl=%{when_not bootstrap} \ -Dman=%{when_not bootstrap} \ + -Dmicrohttpd=%{when journal_remote} \ -Dnss-myhostname=%{when_not bootstrap} \ + -Dnss-mymachines=%{when machined} \ + -Dnss-resolve=%{when resolved} \ -Dnss-systemd=%{when_not bootstrap} \ + -Dopenssl=%{when_not bootstrap} \ + -Dp11kit=%{when_not bootstrap} \ + -Dpasswdqc=%{when_not bootstrap} \ + -Dpwquality=%{when_not bootstrap} \ -Dseccomp=%{when_not bootstrap} \ - -Dselinux=%{when selinux} \ + -Dstoragetm=%{when_not bootstrap} \ -Dtpm=%{when_not bootstrap} \ -Dtpm2=%{when_not bootstrap} \ -Dtranslations=%{when_not bootstrap} \ -Duserdb=%{when_not bootstrap} \ + -Dxz=%{when_not bootstrap} \ + -Dzlib=%{when importd} \ + -Dzstd=%{when_not bootstrap} \ \ + -Dapparmor=%{when apparmor} \ -Dcoredump=%{when coredump} \ -Dhomed=%{when homed} \ -Dimportd=%{when importd} \ @@ -818,6 +848,7 @@ export CFLAGS="%{optflags} -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" -Dnetworkd=%{when networkd} \ -Dportabled=%{when portabled} \ -Dremote=%{when journal_remote} \ + -Dselinux=%{when selinux} \ \ -Dbootloader=%{when sd_boot} \ -Defi-color-highlight="black,green" \ @@ -842,6 +873,7 @@ export CFLAGS="%{optflags} -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" %else -Dukify=false \ %endif + -Dvmspawn=%{when experimental} \ \ -Dtests=%{when testsuite unsafe} \ -Dinstall-tests=%{when testsuite} @@ -1057,6 +1089,7 @@ tar -cO \ %if %{without bootstrap} %find_lang systemd %else +rm -f %{buildroot}%{_bindir}/varlinkctl rm -f %{buildroot}%{_journalcatalogdir}/* rm -fr %{buildroot}%{_docdir}/systemd %endif