Lennart Poettering
c36c088a93
stub: add helper that turns PE section into char16_t* string
2024-06-26 17:09:45 +02:00
Lennart Poettering
c8af9aca9e
stub: reorder variables
2024-06-26 17:09:45 +02:00
Lennart Poettering
4087aa38c5
stub: reorder things a bit, so that initrds are generated/looked up together
2024-06-26 17:09:45 +02:00
Lennart Poettering
e864cd91d5
stub: uniformly process "measured" flags
...
Always pass the pointer through so that the functions combine the flags
directly, instead of doing that in the caller.
2024-06-26 17:09:45 +02:00
Lennart Poettering
fe0f6c099c
stub: split out function that determines main cmdline
2024-06-26 17:09:45 +02:00
Lennart Poettering
9597320f5c
stub: normalize error handling when looking for PE sections
2024-06-26 17:09:45 +02:00
Lennart Poettering
9f3bc7b505
stub: slightly reorder things
...
Let's do the section measurement first, before we use any data of it.
Let's bring up the boot splash next, so that it covers anything else we
might do.
2024-06-26 17:09:45 +02:00
Lennart Poettering
248b3257a1
stub: split out code that displays boot splash
2024-06-26 17:09:45 +02:00
Lennart Poettering
1489e66f7c
stub: split out code that loads all addons from disk into function of its own
2024-06-26 17:09:45 +02:00
Lennart Poettering
16b550d01a
stub: merge separate lists for addon cmdlines/devicetrees into one
...
Instead of keeping the lists for the global and per-UKI addons separate
throughout, just merge them. We apply them in the same order after all.
2024-06-26 17:09:45 +02:00
Lennart Poettering
acf3e58eb3
stub: don't make up errors
2024-06-26 17:09:45 +02:00
Lennart Poettering
9e2ed6c78f
stub: add DevicetreeAddon structure
...
Instead of keeping three parallel arrays of dt base, dt size and dt
filename, just introduce a proper structure and use an array of that,
greatly simplifying DT handling.
2024-06-26 17:09:45 +02:00
Lennart Poettering
dcac1e4a9b
stub: split out call that loads embedded device tree
2024-06-26 17:09:45 +02:00
Lennart Poettering
8d5669a467
stub: split out code that sets EFI vars indicating measured PCRs
2024-06-26 17:09:45 +02:00
Lennart Poettering
c802cb2f80
stub: move initialization of kernel iovec to the end, where it's used
2024-06-26 17:09:45 +02:00
Lennart Poettering
8e67de8402
stub: split out code that finds embedded initrds
2024-06-26 17:09:45 +02:00
Lennart Poettering
b199c0f26e
stub: split out code that generates embedded initrds
2024-06-26 17:09:45 +02:00
Lennart Poettering
868219655a
stub: split out calls that generate sidecar initrds
2024-06-26 17:09:44 +02:00
Lennart Poettering
ac32323271
stub: rework initrd handling around "struct iovec"
...
Let's maintain an array of "struct iovec" for the initrds. It becomes a
ton easier and shorter to process/combine the various initrds then.
2024-06-26 17:09:44 +02:00
Lennart Poettering
79d076be37
stub: split out code that finds the uname among PE sections
2024-06-26 17:09:44 +02:00
Lennart Poettering
4a033b0a11
stub: split out code that appends smbios command line
2024-06-26 17:09:44 +02:00
Lennart Poettering
cd6fe7aa7f
stub: split out code that measures our own PE sections
2024-06-26 17:09:44 +02:00
Lennart Poettering
201e0d53bd
stub: split out random seed part out of run()
2024-06-26 17:09:44 +02:00
Lennart Poettering
fb974ac485
efi: introduce PeSectionVector structure, and use it for referencing PE sections
2024-06-26 17:09:44 +02:00
Lennart Poettering
9e63e28aa6
pe: use more correct section name comparison function
...
we should only compare up to 8 chars
2024-06-26 17:09:44 +02:00
Lennart Poettering
bacc2ed0d5
pe: tighten validity checks of DOS and PE headers
...
Let's make sure we validate that the DOS/PE header offsets are actually
reasonable, and do not cause overflows when added to the base addresses.
(This shouldn're really be a problem URL, since the DOS header offset is
16bit only, but let's be extra careful with this)
2024-06-26 17:09:44 +02:00
Lennart Poettering
4a47959721
pe: be more careful when loading PE section list into memory
...
Let's put a limit on how much memory we'll allocate for the section. And
let's add a safety overflow check.
(This is more a theoretic than a real problem, since on all PE archs
NumberOfSections is 16bit only.)
2024-06-26 17:09:44 +02:00
Lennart Poettering
9573ab8f5a
util: make file_read() 64bit offset safe
...
File offsets in UEFI are 64bit on all archs, hence let's use that typo
too, and not create artificial confusion around types.
2024-06-26 17:09:44 +02:00
Luca Boccassi
582718d959
mkosi: switch opensuse to devel branch
...
The factory branch seems to have been reset to 9 years ago, switch
to devel
2024-06-26 16:02:13 +01:00
Luca Boccassi
efd5314c50
mkosi: use new standalone-shutdown package for debian's exitrd
2024-06-26 16:02:13 +01:00
Mike Yuan
6343d2ea50
man/capsule@.service: the capsule user is prefixed with "c-" rather than "p_"
2024-06-26 16:47:48 +02:00
Luca Boccassi
ea6376d17f
mkosi: bump to latest commit
2024-06-26 15:47:13 +01:00
Carlo Teubner
6733d691bb
man/capsule@.service.xml: fix typo
2024-06-26 16:45:42 +02:00
Lennart Poettering
ba694646ea
iovec-util: make "struct iovec" and some helpers also available in EFI mode
...
The construct is a POSIX invention, but it's just so useful, let's also
define it in EFI mode, so that we can use similar constructs in EFI mode
and userspace.
2024-06-26 16:01:35 +02:00
Lennart Poettering
515e1e6d35
macro: move PTR_TO_SIZE() macros to fundamental
2024-06-26 16:01:20 +02:00
Lennart Poettering
ba81c365f8
macro: also move FOREACH_ARRAY()/FOREACH_ELEMENT() to fundamental
...
This is also very useful in EFI code.
2024-06-26 16:01:06 +02:00
Lennart Poettering
72b1809bbc
macro: move sizeof_field() macro into src/fundamental/
...
Let's make this macro available for our EFI code too.
2024-06-26 16:00:43 +02:00
Daan De Meyer
17ef81a764
docs: Add section to HACKING.md on distribution packages
2024-06-26 15:56:41 +02:00
Zbigniew Jędrzejewski-Szmek
2e4596a017
polkit: allow non-local users to block sleep and shutdown
...
We already had 'auth_admin_keep' for org.freedesktop.login1.reboot and similar
actions. If a user is allowed to perform an action, I think they should be
allowed to _block_ the same action. Guarding this by auth_admin follows the
general principle of not allowing fully unprivileged users to have too much say
over the machine.
2024-06-26 15:04:06 +02:00
Zbigniew Jędrzejewski-Szmek
a87b7aa1a1
inhibit: add --no-ask-password option and allow interactive polkit auth
...
It seems entirely reasonable to make a policy which e.g. allows block operations
for interactive users after authentication. The tool should support this, so that
more complicated local policies can be used.
Related to https://github.com/systemd/systemd/pull/30307 .
2024-06-26 15:04:06 +02:00
Zbigniew Jędrzejewski-Szmek
a8c3ed5f13
Rename spawn-ask-password-agent.c to just ask-password-agent.c
...
The functions in the file were *not* using the spawn prefix,
and the prefix seems completely unnecessary.
2024-06-26 15:04:06 +02:00
Zbigniew Jędrzejewski-Szmek
1b919ca4db
Rename spawn-polkit-agent.c to just polkit-agent.c
...
The functions in the file were *not* using the spawn prefix,
and the prefix seems completely unnecessary.
2024-06-26 15:04:06 +02:00
Matthias Lisin
999a661d1e
man: Add %q specifier to repart.d, sysusers.d
2024-06-26 04:18:14 +02:00
Matthias Lisin
282bda46f1
tmpfiles: use common macro for a set of specifiers
...
This adds %q, %A and %M specifiers to tmpfiles:
- %A and %M were previously added to tmpfiles.d man page, but not to specifier_table
- %q is added via COMMON_SYSTEM_SPECIFIERS
2024-06-26 04:18:14 +02:00
Mike Yuan
6320946411
import-generator: open up NotifyAccess for varlinkctl
...
So that it can report errors through VARLINKERROR=.
2024-06-25 23:00:26 +02:00
Daan De Meyer
b6a9ad2c62
mkosi: update fedora commit reference
...
* 8153d9b0f9 Revert "Remove tmpfiles snippet for /home and /srv"
* a76669ee22 Remove tmpfiles snippet for /home and /srv
* b3e1d52cb4 Soft-disable tmpfiles --purge until a good use case comes up
* 4a29ab3f3b Version 256.1
* ebf352d292 disable auto-features when bootstrapping
* 1ae0516ae7 Version 256
* b32641170e Restore patch to drop varlink method call
* 421f0041b3 Version 256~rc4
* 65d9b49791 Fix typo
* c56891fb68 Drop sysusers.d/basic.conf
* 69472997b9 Renumber sources and make order more consistent
2024-06-25 18:31:59 +02:00
Daan De Meyer
0d40269e5a
mkosi: update debian commit reference
...
* 3b4368d4b8 d/not-installed: fix shutdown.standalone path
* 2de05155e8 Update changelog for 256.1-2 release
* cd98bcef06 autopkgtest: add dependency on libcryptsetup-dev in unit-tests suite
* e220ce22f1 Bump breaks/replaces to conflicts for DEP17
2024-06-25 18:30:41 +02:00
Luca Boccassi
4d2a86936a
Merge pull request #33451 from yuwata/core-exec-use-write
...
core: use write() instead of send()
2024-06-25 14:44:21 +02:00
Luca Boccassi
a016c8b67f
Merge pull request #33450 from yuwata/network-ndisc-do-not-override-static-routes
...
network/NDisc: do not override static routes
2024-06-25 14:40:06 +02:00
Lennart Poettering
7f1c31829b
Merge pull request #33003 from poettering/repart-progress
...
repart: draw progress bar during CopyBlocks= operation and other tweaks
2024-06-25 14:08:04 +02:00