system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-07-21 18:24:38 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
65882 commits 5 branches 385 tags 506 MiB
Commit graph

65882 commits

This branch
This branch
All branches
Author SHA1 Message Date
Lennart Poettering eade959b90 NEWS: more preparation for 254-rc1 2023-07-06 11:16:16 +02:00
Lennart Poettering a130b09513
Merge pull request #27713 from ddstreet/tpm2_replace_make_primary 
Tpm2 replace make primary
 2023-07-06 10:22:12 +02:00
Lennart Poettering e40cad1f3c
Merge pull request #28243 from bluca/sbat_initrd 
ukify: enable --sbat for UKIs too
 2023-07-06 10:21:44 +02:00
Yu Watanabe 52ee8ecf07 networkctl: urlify captive portal entry 2023-07-06 14:55:58 +09:00
Yu Watanabe 62eaf8d039 test-network: drop ExecReload= in networkd.service and udevd.service 
Follow-up for 0e07cdb0e7 and
f84331539d.
 2023-07-06 14:55:58 +09:00
Yu Watanabe 2c5bca1734 network/ndisc: downgrade log level 
The failures may be critical for per-link operation, but not critical
for the service.
 2023-07-06 14:55:58 +09:00
Yu Watanabe 64de00c49f network: handle captive portal with multiple routers 
Before this patch, if a network has multiple routers and one of them
provides a captive portal, then the portal was overwritten or cleared
when another RA from another router is received.

This makes captive portals managed in the similar way as DNS servers or
DNS domains. So now captive portal can safely handled even if a network
has multiple routers.
 2023-07-06 14:55:58 +09:00
Yu Watanabe 04eaf63c66 network: update comment 2023-07-06 14:55:58 +09:00
Yu Watanabe 6341ea5467 network: introduce link_get_captive_portal() 
Then, downgrade log level of the message about mis-match of captive
portals in different protocols.
 2023-07-06 14:55:46 +09:00
Yu Watanabe 21da5178ec
Merge pull request #28262 from YHNdnzj/transaction-followup 
Follow-ups for PropagatesStopTo= fix
 2023-07-06 12:55:25 +09:00
Dan Streetman 20988602ff tpm2: remove tpm2_make_primary() 
Replace use of tpm2_make_primary() with tpm2_create_loaded()
 2023-07-05 17:39:33 -04:00
Dan Streetman 98497426d6 tpm2: move local vars in tpm2_unseal() to point of use 
No functional change; cosmetic only.
 2023-07-05 17:39:18 -04:00
Dan Streetman cea525a902 tpm2: add tpm2_get_or_create_srk() 
Add function to simplify getting the TPM SRK; if one exists, it is provided,
otherwise one is created and then the new SRK provided.

This also add tpm2_create_loaded() and updates tpm2_seal() to use the new
functions instead of tpm2_make_primary().
 2023-07-05 17:39:18 -04:00
Dan Streetman d2d29c3be2 tpm2: add tpm2_persist_handle() 
Add function to convert a transient handle in the TPM into a persistent handle
in the TPM.
 2023-07-05 17:38:31 -04:00
Dan Streetman cbc92a3172 tpm2: cache TPM algorithms 
Cache the supported algorithms when creating a new context.
 2023-07-05 17:33:55 -04:00
Dan Streetman adbf0c8cfb tpm2: cache the TPM supported commands, add tpm2_supports_command() 
Cache the TPM's supported commands and provide a function to check if a command
is supported.
 2023-07-05 17:33:55 -04:00
Dan Streetman 3f27ba9954 basic/alloc-util: add greedy_realloc_append() 
Add function to perform greedy realloc as well as copying the new data into the
newly allocated space.
 2023-07-05 17:33:55 -04:00
Dan Streetman 9ea0ffe612 tpm2: replace tpm2_capability_pcrs() macro with direct c->capaiblity_pcrs use 2023-07-05 17:33:55 -04:00
Dan Streetman e3f1f21076 tpm2: add tpm2_create() 
This allows creating a new object (e.g. sealed secret) or key using the TPM.

Note that the new object/key is not loaded in the TPM after creation.
 2023-07-05 17:33:55 -04:00
Dan Streetman 180444b885 tpm2: replace magic number in hmac_sensitive initialization 
Instead of setting hmac_sensitive.sensitive.data.size to '32' use the actual
hash size as set in the hmac_template.
 2023-07-05 17:33:55 -04:00
Dan Streetman ee6a8713ab tpm2: move local vars in tpm2_seal() to point of use 
No functional change; cosmetic only.
 2023-07-05 17:33:55 -04:00
Dan Streetman efe153bdc2 tpm2: add tpm2_load_external() 
This allows loading an external object/key (e.g. an openssl public key) into
the TPM.
 2023-07-05 17:33:55 -04:00
Dan Streetman d1d0de735d tpm2: add tpm2_load() 
This function allows loading an object (e.g. a sealed secret) or key into the
TPM.
 2023-07-05 17:33:55 -04:00
Lennart Poettering 6c1d10fe03 update syscall tables for upcoming v254 2023-07-05 23:18:16 +02:00
Lennart Poettering 61905882c9 update hwdb autosuspend data for v254 2023-07-05 23:18:16 +02:00
Lennart Poettering 4560f9821b meson: run forgotten 'update-man-rules' 2023-07-05 23:18:16 +02:00
Mike Yuan bf3dfa6202
TEST-03-JOBS: test indirect PropagatesStopTo= 2023-07-06 05:12:04 +08:00
Mike Yuan 4893902be8
core/transaction: correctly skip unneeded operations for PropagatesStopTo= 
Follow-up for 48cb073db8

Break out from LIST_FOREACH correctly if nt == JOB_NOP.
Shouldn't have functional changes, just optimization.
 2023-07-06 05:12:04 +08:00
Luca Boccassi 9d54e578f7
Merge pull request #28258 from poettering/boot-feature-catchup 
sd-boot/sd-stub boot feature flag catchup
 2023-07-05 21:40:43 +01:00
Luca Boccassi 79be4b7da8
Merge pull request #28255 from yuwata/sd-device-fix-clone 
sd-device: fix device_clone_with_db()
 2023-07-05 21:38:52 +01:00
Frantisek Sumsal ba4a1cd8a8 test: replace readfp() with read_file() 
ConfigParser.readfp() has been deprecated since Python 3.2 and was
dropped completely in Python 3.11.
 2023-07-05 21:38:24 +01:00
Luca Boccassi 635c6ea622 ukify: measure sbat section too 2023-07-05 21:31:08 +01:00
Luca Boccassi a8b645dec8 ukify: enable --sbat for UKIs too 
For confidential computing they want to be able to revoke initrds too, so allow
passing a specific --sbat section when building a UKI too, not just an addon.
Merge it with the stub and kernel sections.
 2023-07-05 21:31:08 +01:00
Lennart Poettering c75f81292d hwdb update for v246-rc1 2023-07-05 22:00:38 +02:00
Lennart Poettering 983d621e11 hostname-setup: don't pass "true" to a flags parameter 2023-07-06 03:10:31 +08:00
Mike Yuan 3121374ca4
Merge pull request #28252 from yuwata/journal-open-machine 
journal: introduce journal_open_machine()
 2023-07-06 03:08:18 +08:00
Lennart Poettering e987d54baf boot: make LoaderType enum less special 
Usually (but not always) we use uppercase type naming, and do a typedef
for enums like this. Do so here too.
 2023-07-05 17:54:59 +02:00
Lennart Poettering 3a59c55f67 boot: rename entry_count → n_entries 
While we don't strictly follow the rule, most of our userspace names
these fields that count entries in some array n_xyz, hence let's do so
in the EFI boot code too, to make things less special.
 2023-07-05 17:54:59 +02:00
Lennart Poettering 92bb46c464 efi: add a bunch of reported EFI loader/stub feature flags 
We gained a bunch of new features that deserve reporting to userspace,
hence add matching flags for each.

This allows userspace to determine if installing addons in the ESP even
makes sense.

This is inspired by a similar changes in #28057
 2023-07-05 17:54:59 +02:00
Yu Watanabe 7050d928be journal-upload: add missing assertion 2023-07-06 00:06:25 +09:00
Yu Watanabe 5c6673afab journal-upload: replace deprecated sd_journal_open_container() 2023-07-06 00:06:25 +09:00
Yu Watanabe 2ec1fb31e9 journal-util: extract journal_open_machine() from journalctl 2023-07-06 00:06:25 +09:00
Yu Watanabe 4a45a2e0e3 sd-journal: introduce SD_JOURNAL_TAKE_DIRECTORY_FD flag for sd_journal_open_directory_fd() 
If it is called with the flag, then the provided file descriptor will be
owned by the sd_journal object, and will be closed in sd_journal_close().
 2023-07-06 00:06:20 +09:00
Yu Watanabe beebaeeb3f test: change partition label to test if the outdated devlinks are removed 
The change is intended to reproduce the issue #27983, though the
original issue is highly racy, and the test does not reproduce it
reliably. But, anyway, it is better to change the partition label to
test the devlink removal.
 2023-07-05 23:46:01 +09:00
Yu Watanabe 35e49f2856 sd-device: do not read uevent file in device_clone_with_db() 
Follow-up for 381f6d4ba5.

When the function is called, the device may be already removed, and
another device has the same syspath. Such situation can occur when a
partition removed and another is created. In that case, the sysfs paths
of the removed and newly created partitions can be same, but their
devnums are different, and thus the database files corresponding to the
devices are also different.

Fixes #27981.
 2023-07-05 23:45:57 +09:00
Lennart Poettering 529ba8a1a3
Merge pull request #26844 from YHNdnzj/propagate-stop-fixup 
core: introduce UNIT_ATOM_PROPAGATE_STOP_GRACEFUL for PropagatesStopTo=
 2023-07-05 15:56:21 +02:00
Luca Boccassi 11d797d3b9
Merge pull request #28207 from poettering/initrd-creds 
various credential improvements (including initrd creds, creds in generators, fstab + getty creds)
 2023-07-05 10:29:33 +01:00
Lennart Poettering 7b8e55772c
Merge pull request #28253 from yuwata/hwdb-follow-up 
hwdb: several cleanups
 2023-07-05 10:40:44 +02:00
Yu Watanabe 051c0f8926
Merge pull request #28228 from yuwata/repart-free-area 
repart: fix free area calculation
 2023-07-05 16:36:16 +09:00
Yu Watanabe 6750c1af24 unit: also condition out systemd-backlight in initrd 
Follow-up for 9173d31dfea5c2b05ff08480972c499cb7aac940.

The systemd-backlight@.service also save/restore state but the data
is in /var/.
 2023-07-05 09:01:27 +02:00