Daan De Meyer
12d58b6c74
dissect: Add --mtree-hash= option
...
Let's make including hashes in the mtree output configurable to allow
speeding up the --mtree command in cases where file hashes are not
required.
2023-07-06 12:11:45 +02:00
Daan De Meyer
2292fa1e31
dissect: Allow a few verbs to operate on directories as well as image files
...
--copy-to, --copy-from, --list and --mtree are useful for image directories
as well as image files, so for those verbs, let's check if we were passed
a directory and skip all the image file setup if that's the case.
2023-07-06 12:11:42 +02:00
Lennart Poettering
a130b09513
Merge pull request #27713 from ddstreet/tpm2_replace_make_primary
...
Tpm2 replace make primary
2023-07-06 10:22:12 +02:00
Lennart Poettering
e40cad1f3c
Merge pull request #28243 from bluca/sbat_initrd
...
ukify: enable --sbat for UKIs too
2023-07-06 10:21:44 +02:00
Yu Watanabe
21da5178ec
Merge pull request #28262 from YHNdnzj/transaction-followup
...
Follow-ups for PropagatesStopTo= fix
2023-07-06 12:55:25 +09:00
Dan Streetman
20988602ff
tpm2: remove tpm2_make_primary()
...
Replace use of tpm2_make_primary() with tpm2_create_loaded()
2023-07-05 17:39:33 -04:00
Dan Streetman
98497426d6
tpm2: move local vars in tpm2_unseal() to point of use
...
No functional change; cosmetic only.
2023-07-05 17:39:18 -04:00
Dan Streetman
cea525a902
tpm2: add tpm2_get_or_create_srk()
...
Add function to simplify getting the TPM SRK; if one exists, it is provided,
otherwise one is created and then the new SRK provided.
This also add tpm2_create_loaded() and updates tpm2_seal() to use the new
functions instead of tpm2_make_primary().
2023-07-05 17:39:18 -04:00
Dan Streetman
d2d29c3be2
tpm2: add tpm2_persist_handle()
...
Add function to convert a transient handle in the TPM into a persistent handle
in the TPM.
2023-07-05 17:38:31 -04:00
Dan Streetman
cbc92a3172
tpm2: cache TPM algorithms
...
Cache the supported algorithms when creating a new context.
2023-07-05 17:33:55 -04:00
Dan Streetman
adbf0c8cfb
tpm2: cache the TPM supported commands, add tpm2_supports_command()
...
Cache the TPM's supported commands and provide a function to check if a command
is supported.
2023-07-05 17:33:55 -04:00
Dan Streetman
3f27ba9954
basic/alloc-util: add greedy_realloc_append()
...
Add function to perform greedy realloc as well as copying the new data into the
newly allocated space.
2023-07-05 17:33:55 -04:00
Dan Streetman
9ea0ffe612
tpm2: replace tpm2_capability_pcrs() macro with direct c->capaiblity_pcrs use
2023-07-05 17:33:55 -04:00
Dan Streetman
e3f1f21076
tpm2: add tpm2_create()
...
This allows creating a new object (e.g. sealed secret) or key using the TPM.
Note that the new object/key is not loaded in the TPM after creation.
2023-07-05 17:33:55 -04:00
Dan Streetman
180444b885
tpm2: replace magic number in hmac_sensitive initialization
...
Instead of setting hmac_sensitive.sensitive.data.size to '32' use the actual
hash size as set in the hmac_template.
2023-07-05 17:33:55 -04:00
Dan Streetman
ee6a8713ab
tpm2: move local vars in tpm2_seal() to point of use
...
No functional change; cosmetic only.
2023-07-05 17:33:55 -04:00
Dan Streetman
efe153bdc2
tpm2: add tpm2_load_external()
...
This allows loading an external object/key (e.g. an openssl public key) into
the TPM.
2023-07-05 17:33:55 -04:00
Dan Streetman
d1d0de735d
tpm2: add tpm2_load()
...
This function allows loading an object (e.g. a sealed secret) or key into the
TPM.
2023-07-05 17:33:55 -04:00
Lennart Poettering
6c1d10fe03
update syscall tables for upcoming v254
2023-07-05 23:18:16 +02:00
Lennart Poettering
61905882c9
update hwdb autosuspend data for v254
2023-07-05 23:18:16 +02:00
Lennart Poettering
4560f9821b
meson: run forgotten 'update-man-rules'
2023-07-05 23:18:16 +02:00
Mike Yuan
bf3dfa6202
TEST-03-JOBS: test indirect PropagatesStopTo=
2023-07-06 05:12:04 +08:00
Mike Yuan
4893902be8
core/transaction: correctly skip unneeded operations for PropagatesStopTo=
...
Follow-up for 48cb073db8
Break out from LIST_FOREACH correctly if nt == JOB_NOP.
Shouldn't have functional changes, just optimization.
2023-07-06 05:12:04 +08:00
Luca Boccassi
9d54e578f7
Merge pull request #28258 from poettering/boot-feature-catchup
...
sd-boot/sd-stub boot feature flag catchup
2023-07-05 21:40:43 +01:00
Luca Boccassi
79be4b7da8
Merge pull request #28255 from yuwata/sd-device-fix-clone
...
sd-device: fix device_clone_with_db()
2023-07-05 21:38:52 +01:00
Frantisek Sumsal
ba4a1cd8a8
test: replace readfp() with read_file()
...
ConfigParser.readfp() has been deprecated since Python 3.2 and was
dropped completely in Python 3.11.
2023-07-05 21:38:24 +01:00
Luca Boccassi
635c6ea622
ukify: measure sbat section too
2023-07-05 21:31:08 +01:00
Luca Boccassi
a8b645dec8
ukify: enable --sbat for UKIs too
...
For confidential computing they want to be able to revoke initrds too, so allow
passing a specific --sbat section when building a UKI too, not just an addon.
Merge it with the stub and kernel sections.
2023-07-05 21:31:08 +01:00
Lennart Poettering
c75f81292d
hwdb update for v246-rc1
2023-07-05 22:00:38 +02:00
Lennart Poettering
983d621e11
hostname-setup: don't pass "true" to a flags parameter
2023-07-06 03:10:31 +08:00
Mike Yuan
3121374ca4
Merge pull request #28252 from yuwata/journal-open-machine
...
journal: introduce journal_open_machine()
2023-07-06 03:08:18 +08:00
Lennart Poettering
e987d54baf
boot: make LoaderType enum less special
...
Usually (but not always) we use uppercase type naming, and do a typedef
for enums like this. Do so here too.
2023-07-05 17:54:59 +02:00
Lennart Poettering
3a59c55f67
boot: rename entry_count → n_entries
...
While we don't strictly follow the rule, most of our userspace names
these fields that count entries in some array n_xyz, hence let's do so
in the EFI boot code too, to make things less special.
2023-07-05 17:54:59 +02:00
Lennart Poettering
92bb46c464
efi: add a bunch of reported EFI loader/stub feature flags
...
We gained a bunch of new features that deserve reporting to userspace,
hence add matching flags for each.
This allows userspace to determine if installing addons in the ESP even
makes sense.
This is inspired by a similar changes in #28057
2023-07-05 17:54:59 +02:00
Yu Watanabe
7050d928be
journal-upload: add missing assertion
2023-07-06 00:06:25 +09:00
Yu Watanabe
5c6673afab
journal-upload: replace deprecated sd_journal_open_container()
2023-07-06 00:06:25 +09:00
Yu Watanabe
2ec1fb31e9
journal-util: extract journal_open_machine() from journalctl
2023-07-06 00:06:25 +09:00
Yu Watanabe
4a45a2e0e3
sd-journal: introduce SD_JOURNAL_TAKE_DIRECTORY_FD flag for sd_journal_open_directory_fd()
...
If it is called with the flag, then the provided file descriptor will be
owned by the sd_journal object, and will be closed in sd_journal_close().
2023-07-06 00:06:20 +09:00
Yu Watanabe
beebaeeb3f
test: change partition label to test if the outdated devlinks are removed
...
The change is intended to reproduce the issue #27983 , though the
original issue is highly racy, and the test does not reproduce it
reliably. But, anyway, it is better to change the partition label to
test the devlink removal.
2023-07-05 23:46:01 +09:00
Yu Watanabe
35e49f2856
sd-device: do not read uevent file in device_clone_with_db()
...
Follow-up for 381f6d4ba5
.
When the function is called, the device may be already removed, and
another device has the same syspath. Such situation can occur when a
partition removed and another is created. In that case, the sysfs paths
of the removed and newly created partitions can be same, but their
devnums are different, and thus the database files corresponding to the
devices are also different.
Fixes #27981 .
2023-07-05 23:45:57 +09:00
Lennart Poettering
529ba8a1a3
Merge pull request #26844 from YHNdnzj/propagate-stop-fixup
...
core: introduce UNIT_ATOM_PROPAGATE_STOP_GRACEFUL for PropagatesStopTo=
2023-07-05 15:56:21 +02:00
Luca Boccassi
11d797d3b9
Merge pull request #28207 from poettering/initrd-creds
...
various credential improvements (including initrd creds, creds in generators, fstab + getty creds)
2023-07-05 10:29:33 +01:00
Lennart Poettering
7b8e55772c
Merge pull request #28253 from yuwata/hwdb-follow-up
...
hwdb: several cleanups
2023-07-05 10:40:44 +02:00
Yu Watanabe
051c0f8926
Merge pull request #28228 from yuwata/repart-free-area
...
repart: fix free area calculation
2023-07-05 16:36:16 +09:00
Yu Watanabe
6750c1af24
unit: also condition out systemd-backlight in initrd
...
Follow-up for 9173d31dfea5c2b05ff08480972c499cb7aac940.
The systemd-backlight@.service also save/restore state but the data
is in /var/.
2023-07-05 09:01:27 +02:00
Lennart Poettering
49c55abcbe
units: condition out a few services in the initrd
...
Let's make our units more robust to being added to an initrd:
1. systemd-boot-update only makes sense if sd-boot is available in /usr/
to copy into the ESP. This is generally not the case in initrds, and
even if it was, we shouldn't update the ESP from the initrd, but from
the host instead.
2. The rfkill services save/restore rfkill state, but that information
is only available once /var/ is mounted, which generally happens
after the initrd transition.
3. utmp management is partly in /var/, and legacy anyway, hence don't
bother with it in the initrd.
2023-07-05 10:58:47 +09:00
Yu Watanabe
937625c7c7
test: update test for free area calculation in repart
2023-07-05 10:40:56 +09:00
Yu Watanabe
d2eb1f8145
repart: fix free area calculation
...
Like fdisk_get_last_lba(), fdisk_partition_get_end() return the last
sector in the partition.
Fixes #28225 .
2023-07-05 10:40:56 +09:00
Yu Watanabe
beba8f2e1e
test: add reproducer for issue #28225
2023-07-05 10:40:53 +09:00
Yu Watanabe
495f387c27
hwdb: make matching modalias for Archos 101 Cesium Educ more strict
...
Follow-up for 41f34dcf3b
.
2023-07-05 10:38:00 +09:00