mirror of
https://github.com/systemd/systemd
synced 2024-07-01 07:34:28 +00:00
Compare commits
19 Commits
7ed6e6738c
...
45b399d4c4
Author | SHA1 | Date | |
---|---|---|---|
|
45b399d4c4 | ||
|
0e445aaa85 | ||
|
1c74db68e4 | ||
|
740cd1e0f2 | ||
|
436474dd43 | ||
|
f392be9e77 | ||
|
3cf38516bb | ||
|
7c04137a6f | ||
|
98f2a332cb | ||
|
24284098a4 | ||
|
72d121b601 | ||
|
3cdc8da5ad | ||
|
32f3617fd7 | ||
|
4e469c0af2 | ||
|
7f07f9c8cd | ||
|
d6da631aa2 | ||
|
d8c2703556 | ||
|
19e9e08e78 | ||
|
e7731c5fe6 |
|
@ -168,6 +168,11 @@
|
|||
<arg choice="plain">image-policy</arg>
|
||||
<arg choice="plain" rep="repeat"><replaceable>POLICY</replaceable></arg>
|
||||
</cmdsynopsis>
|
||||
<cmdsynopsis>
|
||||
<command>systemd-analyze</command>
|
||||
<arg choice="opt" rep="repeat">OPTIONS</arg>
|
||||
<arg choice="plain">has-tpm2</arg>
|
||||
</cmdsynopsis>
|
||||
<cmdsynopsis>
|
||||
<command>systemd-analyze</command>
|
||||
<arg choice="opt" rep="repeat">OPTIONS</arg>
|
||||
|
@ -907,6 +912,34 @@ default ignore - -</programlisting>
|
|||
</example>
|
||||
</refsect2>
|
||||
|
||||
<refsect2>
|
||||
<title><command>systemd-analyze has-tpm2</command></title>
|
||||
|
||||
<para>Reports whether the system is equipped with a usable TPM2 device. If a TPM2 device has been discovered, is supported, and is being used by firmware,
|
||||
by the OS kernel drivers and by userspace (i.e. systemd) this prints <literal>yes</literal> and exits
|
||||
with exit status zero. If no such device is discovered/supported/used, prints
|
||||
<literal>no</literal>. Otherwise prints <literal>partial</literal>. In either of these two cases
|
||||
exits with non-zero exit status. It also shows four lines indicating separately whether firmware,
|
||||
drivers, the system and the kernel discovered/support/use TPM2.</para>
|
||||
|
||||
<para>Note, this checks for TPM 2.0 devices only, and does not consider TPM 1.2 at all.</para>
|
||||
|
||||
<para>Combine with <option>--quiet</option> to suppress the output.</para>
|
||||
|
||||
<example>
|
||||
<title>Example Output</title>
|
||||
|
||||
<programlisting>yes
|
||||
+firmware
|
||||
+driver
|
||||
+system
|
||||
+subsystem
|
||||
+libraries</programlisting>
|
||||
</example>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v257"/>
|
||||
</refsect2>
|
||||
|
||||
<refsect2>
|
||||
<title><command>systemd-analyze pcrs <optional><replaceable>PCR</replaceable>…</optional></command></title>
|
||||
|
||||
|
@ -1578,6 +1611,12 @@ io.systemd.credential:vmm.notify_socket=vsock-stream:2:254570042
|
|||
<constant>12</constant>, <constant>0</constant>, <constant>11</constant> is returned if the second
|
||||
version string is respectively larger, equal, or smaller to the first. In the three-argument form,
|
||||
<constant>0</constant> or <constant>1</constant> if the condition is respectively true or false.</para>
|
||||
|
||||
<para>In case of the <command>has-tpm2</command> command returns 0 if a TPM2 device is discovered,
|
||||
supported and used by firmware, driver, and userspace (i.e. systemd). Otherwise returns the OR
|
||||
combination of the value 1 (in case firmware support is missing), 2 (in case driver support is missing)
|
||||
and 4 (in case userspace support is missing). If no TPM2 support is available at all, value 7 is hence
|
||||
returned.</para>
|
||||
</refsect1>
|
||||
|
||||
<xi:include href="common-variables.xml" />
|
||||
|
|
|
@ -177,22 +177,6 @@
|
|||
<xi:include href="version-info.xml" xpointer="v250"/></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>has-tpm2</command></term>
|
||||
|
||||
<listitem><para>Reports whether the system is equipped with a TPM2 device usable for protecting
|
||||
credentials. If a TPM2 device has been discovered, is supported, and is being used by firmware,
|
||||
by the OS kernel drivers and by userspace (i.e. systemd) this prints <literal>yes</literal> and exits
|
||||
with exit status zero. If no such device is discovered/supported/used, prints
|
||||
<literal>no</literal>. Otherwise prints <literal>partial</literal>. In either of these two cases
|
||||
exits with non-zero exit status. It also shows four lines indicating separately whether firmware,
|
||||
drivers, the system and the kernel discovered/support/use TPM2.</para>
|
||||
|
||||
<para>Combine with <option>--quiet</option> to suppress the output.</para>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v251"/></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<xi:include href="standard-options.xml" xpointer="help" />
|
||||
<xi:include href="standard-options.xml" xpointer="version" />
|
||||
</variablelist>
|
||||
|
@ -445,8 +429,7 @@
|
|||
<term><option>--quiet</option></term>
|
||||
<term><option>-q</option></term>
|
||||
|
||||
<listitem><para>When used with <command>has-tpm2</command> suppresses the output, and only returns an
|
||||
exit status indicating support for TPM2.</para>
|
||||
<listitem><para>Suppress additional output.</para>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v251"/></listitem>
|
||||
</varlistentry>
|
||||
|
@ -461,12 +444,6 @@
|
|||
<title>Exit status</title>
|
||||
|
||||
<para>On success, 0 is returned.</para>
|
||||
|
||||
<para>In case of the <command>has-tpm2</command> command returns 0 if a TPM2 device is discovered,
|
||||
supported and used by firmware, driver, and userspace (i.e. systemd). Otherwise returns the OR
|
||||
combination of the value 1 (in case firmware support is missing), 2 (in case driver support is missing)
|
||||
and 4 (in case userspace support is missing). If no TPM2 support is available at all, value 7 is hence
|
||||
returned.</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
|
|
|
@ -57,6 +57,7 @@ Packages=
|
|||
opensc
|
||||
openssl
|
||||
p11-kit
|
||||
pciutils
|
||||
python3
|
||||
qrencode
|
||||
radvd
|
||||
|
|
37
src/analyze/analyze-has-tpm2.c
Normal file
37
src/analyze/analyze-has-tpm2.c
Normal file
|
@ -0,0 +1,37 @@
|
|||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
|
||||
#include "analyze.h"
|
||||
#include "analyze-has-tpm2.h"
|
||||
#include "tpm2-util.h"
|
||||
|
||||
int verb_has_tpm2(int argc, char **argv, void *userdata) {
|
||||
Tpm2Support s;
|
||||
|
||||
s = tpm2_support();
|
||||
|
||||
if (!arg_quiet) {
|
||||
if (s == TPM2_SUPPORT_FULL)
|
||||
puts("yes");
|
||||
else if (s == TPM2_SUPPORT_NONE)
|
||||
puts("no");
|
||||
else
|
||||
puts("partial");
|
||||
|
||||
printf("%sfirmware\n"
|
||||
"%sdriver\n"
|
||||
"%ssystem\n"
|
||||
"%ssubsystem\n"
|
||||
"%slibraries\n",
|
||||
plus_minus(s & TPM2_SUPPORT_FIRMWARE),
|
||||
plus_minus(s & TPM2_SUPPORT_DRIVER),
|
||||
plus_minus(s & TPM2_SUPPORT_SYSTEM),
|
||||
plus_minus(s & TPM2_SUPPORT_SUBSYSTEM),
|
||||
plus_minus(s & TPM2_SUPPORT_LIBRARIES));
|
||||
}
|
||||
|
||||
/* Return inverted bit flags. So that TPM2_SUPPORT_FULL becomes EXIT_SUCCESS and the other values
|
||||
* become some reasonable values 1…7. i.e. the flags we return here tell what is missing rather than
|
||||
* what is there, acknowledging the fact that for process exit statuses it is customary to return
|
||||
* zero (EXIT_FAILURE) when all is good, instead of all being bad. */
|
||||
return ~s & TPM2_SUPPORT_FULL;
|
||||
}
|
4
src/analyze/analyze-has-tpm2.h
Normal file
4
src/analyze/analyze-has-tpm2.h
Normal file
|
@ -0,0 +1,4 @@
|
|||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||
#pragma once
|
||||
|
||||
int verb_has_tpm2(int argc, char *argv[], void *userdata);
|
|
@ -26,6 +26,7 @@
|
|||
#include "analyze-exit-status.h"
|
||||
#include "analyze-fdstore.h"
|
||||
#include "analyze-filesystems.h"
|
||||
#include "analyze-has-tpm2.h"
|
||||
#include "analyze-image-policy.h"
|
||||
#include "analyze-inspect-elf.h"
|
||||
#include "analyze-log-control.h"
|
||||
|
@ -206,44 +207,53 @@ static int help(int argc, char *argv[], void *userdata) {
|
|||
if (r < 0)
|
||||
return log_oom();
|
||||
|
||||
printf("%s [OPTIONS...] COMMAND ...\n\n"
|
||||
"%sProfile systemd, show unit dependencies, check unit files.%s\n"
|
||||
"\nCommands:\n"
|
||||
printf("%1$s [OPTIONS...] COMMAND ...\n\n"
|
||||
"%5$sProfile systemd, show unit dependencies, check unit files.%6$s\n"
|
||||
"\n%3$sBoot Analysis:%4$s\n"
|
||||
" [time] Print time required to boot the machine\n"
|
||||
" blame Print list of running units ordered by\n"
|
||||
" time to init\n"
|
||||
" critical-chain [UNIT...] Print a tree of the time critical chain\n"
|
||||
" of units\n"
|
||||
"\n%3$sDependency Analysis:%4$s\n"
|
||||
" plot Output SVG graphic showing service\n"
|
||||
" initialization\n"
|
||||
" dot [UNIT...] Output dependency graph in %s format\n"
|
||||
" dot [UNIT...] Output dependency graph in %7$s format\n"
|
||||
" dump [PATTERN...] Output state serialization of service\n"
|
||||
" manager\n"
|
||||
"\n%3$sConfiguration Files and Search Paths:%4$s\n"
|
||||
" cat-config NAME|PATH... Show configuration file and drop-ins\n"
|
||||
" unit-files List files and symlinks for units\n"
|
||||
" unit-paths List load directories for units\n"
|
||||
"\n%3$sEnumerate OS Concepts:%4$s\n"
|
||||
" exit-status [STATUS...] List exit status definitions\n"
|
||||
" capability [CAP...] List capability definitions\n"
|
||||
" syscall-filter [NAME...] List syscalls in seccomp filters\n"
|
||||
" filesystems [NAME...] List known filesystems\n"
|
||||
" architectures [NAME...] List known architectures\n"
|
||||
" smbios11 List strings passed via SMBIOS Type #11\n"
|
||||
"\n%3$sExpression Evaluation:%4$s\n"
|
||||
" condition CONDITION... Evaluate conditions and asserts\n"
|
||||
" compare-versions VERSION1 [OP] VERSION2\n"
|
||||
" Compare two version strings\n"
|
||||
" verify FILE... Check unit files for correctness\n"
|
||||
" image-policy POLICY... Analyze image policy string\n"
|
||||
"\n%3$sClock & Time:%4$s\n"
|
||||
" calendar SPEC... Validate repetitive calendar time\n"
|
||||
" events\n"
|
||||
" timestamp TIMESTAMP... Validate a timestamp\n"
|
||||
" timespan SPAN... Validate a time span\n"
|
||||
"\n%3$sUnit & Service Analysis:%4$s\n"
|
||||
" verify FILE... Check unit files for correctness\n"
|
||||
" security [UNIT...] Analyze security of unit\n"
|
||||
" inspect-elf FILE... Parse and print ELF package metadata\n"
|
||||
" malloc [D-BUS SERVICE...] Dump malloc stats of a D-Bus service\n"
|
||||
" fdstore SERVICE... Show file descriptor store contents of service\n"
|
||||
" image-policy POLICY... Analyze image policy string\n"
|
||||
" malloc [D-BUS SERVICE...] Dump malloc stats of a D-Bus service\n"
|
||||
"\n%3$sExecutable Analysis:%4$s\n"
|
||||
" inspect-elf FILE... Parse and print ELF package metadata\n"
|
||||
"\n%3$sTPM Operations:%4$s\n"
|
||||
" has-tpm2 Report whether TPM2 support is available\n"
|
||||
" pcrs [PCR...] Show TPM2 PCRs and their names\n"
|
||||
" srk [>FILE] Write TPM2 SRK (to FILE)\n"
|
||||
" smbios11 List strings passed via SMBIOS Type #11\n"
|
||||
"\nOptions:\n"
|
||||
"\n%3$sOptions:%4$s\n"
|
||||
" --recursive-errors=MODE Control which units are verified\n"
|
||||
" --offline=BOOL Perform a security review on unit file(s)\n"
|
||||
" --threshold=N Exit with a non-zero status when overall\n"
|
||||
|
@ -283,12 +293,14 @@ static int help(int argc, char *argv[], void *userdata) {
|
|||
" --root=PATH Operate on an alternate filesystem root\n"
|
||||
" --image=PATH Operate on disk image as filesystem root\n"
|
||||
" --image-policy=POLICY Specify disk image dissection policy\n"
|
||||
"\nSee the %s for details.\n",
|
||||
"\nSee the %2$s for details.\n",
|
||||
program_invocation_short_name,
|
||||
link,
|
||||
ansi_underline(),
|
||||
ansi_normal(),
|
||||
ansi_highlight(),
|
||||
ansi_normal(),
|
||||
dot_link,
|
||||
link);
|
||||
dot_link);
|
||||
|
||||
/* When updating this list, including descriptions, apply changes to
|
||||
* shell-completion/bash/systemd-analyze and shell-completion/zsh/_systemd-analyze too. */
|
||||
|
@ -656,6 +668,7 @@ static int run(int argc, char *argv[]) {
|
|||
{ "malloc", VERB_ANY, VERB_ANY, 0, verb_malloc },
|
||||
{ "fdstore", 2, VERB_ANY, 0, verb_fdstore },
|
||||
{ "image-policy", 2, 2, 0, verb_image_policy },
|
||||
{ "has-tpm2", VERB_ANY, 1, 0, verb_has_tpm2 },
|
||||
{ "pcrs", VERB_ANY, VERB_ANY, 0, verb_pcrs },
|
||||
{ "srk", VERB_ANY, 1, 0, verb_srk },
|
||||
{ "architectures", VERB_ANY, VERB_ANY, 0, verb_architectures },
|
||||
|
|
|
@ -14,6 +14,7 @@ systemd_analyze_sources = files(
|
|||
'analyze-exit-status.c',
|
||||
'analyze-fdstore.c',
|
||||
'analyze-filesystems.c',
|
||||
'analyze-has-tpm2.c',
|
||||
'analyze-image-policy.c',
|
||||
'analyze-inspect-elf.c',
|
||||
'analyze-log-control.c',
|
||||
|
|
|
@ -1402,11 +1402,13 @@ int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
|
|||
u->load_state = UNIT_LOADED;
|
||||
}
|
||||
|
||||
u = unit_follow_merge(u);
|
||||
|
||||
/* Load drop-in directory data. If u is an alias, we might be reloading the
|
||||
* target unit needlessly. But we cannot be sure which drops-ins have already
|
||||
* been loaded and which not, at least without doing complicated book-keeping,
|
||||
* so let's always reread all drop-ins. */
|
||||
r = unit_load_dropin(unit_follow_merge(u));
|
||||
r = unit_load_dropin(u);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
|
|
|
@ -6,6 +6,7 @@
|
|||
#include "sd-json.h"
|
||||
|
||||
#include "build.h"
|
||||
#include "build-path.h"
|
||||
#include "bus-polkit.h"
|
||||
#include "creds-util.h"
|
||||
#include "dirent-util.h"
|
||||
|
@ -689,36 +690,36 @@ static int verb_setup(int argc, char **argv, void *userdata) {
|
|||
return EXIT_SUCCESS;
|
||||
}
|
||||
|
||||
static int verb_has_tpm2(int argc, char **argv, void *userdata) {
|
||||
Tpm2Support s;
|
||||
static int chainload_analyze(int argc, char **argv, void *userdata) {
|
||||
int r;
|
||||
|
||||
s = tpm2_support();
|
||||
if (!arg_quiet)
|
||||
log_notice("The 'systemd-creds %1$s' command has been replaced by 'systemd-analyze %1$s'. Redirecting invocation.", argv[optind]);
|
||||
|
||||
if (!arg_quiet) {
|
||||
if (s == TPM2_SUPPORT_FULL)
|
||||
puts("yes");
|
||||
else if (s == TPM2_SUPPORT_NONE)
|
||||
puts("no");
|
||||
else
|
||||
puts("partial");
|
||||
_cleanup_strv_free_ char **c = strv_new("systemd-analyze");
|
||||
if (!c)
|
||||
return log_oom();
|
||||
|
||||
printf("%sfirmware\n"
|
||||
"%sdriver\n"
|
||||
"%ssystem\n"
|
||||
"%ssubsystem\n"
|
||||
"%slibraries\n",
|
||||
plus_minus(s & TPM2_SUPPORT_FIRMWARE),
|
||||
plus_minus(s & TPM2_SUPPORT_DRIVER),
|
||||
plus_minus(s & TPM2_SUPPORT_SYSTEM),
|
||||
plus_minus(s & TPM2_SUPPORT_SUBSYSTEM),
|
||||
plus_minus(s & TPM2_SUPPORT_LIBRARIES));
|
||||
if (FLAGS_SET(arg_pager_flags, PAGER_DISABLE))
|
||||
if (strv_extend(&c, "--no-pager") < 0)
|
||||
return log_oom();
|
||||
if (!arg_legend)
|
||||
if (strv_extend(&c, "--no-legend") < 0)
|
||||
return log_oom();
|
||||
if (arg_quiet)
|
||||
if (strv_extend(&c, "--quiet") < 0)
|
||||
return log_oom();
|
||||
|
||||
if (strv_extend_strv(&c, argv + optind, /* filter_duplicates= */ false) < 0)
|
||||
return log_oom();
|
||||
|
||||
if (DEBUG_LOGGING) {
|
||||
_cleanup_free_ char *joined = strv_join(c, " ");
|
||||
log_debug("Chainloading: %s", joined);
|
||||
}
|
||||
|
||||
/* Return inverted bit flags. So that TPM2_SUPPORT_FULL becomes EXIT_SUCCESS and the other values
|
||||
* become some reasonable values 1…7. i.e. the flags we return here tell what is missing rather than
|
||||
* what is there, acknowledging the fact that for process exit statuses it is customary to return
|
||||
* zero (EXIT_FAILURE) when all is good, instead of all being bad. */
|
||||
return ~s & TPM2_SUPPORT_FULL;
|
||||
r = invoke_callout_binary(BINDIR "/systemd-analyze", c);
|
||||
return log_error_errno(r, "Failed to invoke 'systemd-analyze': %m");
|
||||
}
|
||||
|
||||
static int verb_help(int argc, char **argv, void *userdata) {
|
||||
|
@ -739,7 +740,6 @@ static int verb_help(int argc, char **argv, void *userdata) {
|
|||
" ciphertext credential file\n"
|
||||
" decrypt INPUT [OUTPUT] Decrypt ciphertext credential file and write to\n"
|
||||
" plaintext credential file\n"
|
||||
" has-tpm2 Report whether TPM2 support is available\n"
|
||||
" -h --help Show this help\n"
|
||||
" --version Show package version\n"
|
||||
"\n%3$sOptions:%4$s\n"
|
||||
|
@ -1067,13 +1067,13 @@ static int parse_argv(int argc, char *argv[]) {
|
|||
static int creds_main(int argc, char *argv[]) {
|
||||
|
||||
static const Verb verbs[] = {
|
||||
{ "list", VERB_ANY, 1, VERB_DEFAULT, verb_list },
|
||||
{ "cat", 2, VERB_ANY, 0, verb_cat },
|
||||
{ "encrypt", 3, 3, 0, verb_encrypt },
|
||||
{ "decrypt", 2, 3, 0, verb_decrypt },
|
||||
{ "setup", VERB_ANY, 1, 0, verb_setup },
|
||||
{ "help", VERB_ANY, 1, 0, verb_help },
|
||||
{ "has-tpm2", VERB_ANY, 1, 0, verb_has_tpm2 },
|
||||
{ "list", VERB_ANY, 1, VERB_DEFAULT, verb_list },
|
||||
{ "cat", 2, VERB_ANY, 0, verb_cat },
|
||||
{ "encrypt", 3, 3, 0, verb_encrypt },
|
||||
{ "decrypt", 2, 3, 0, verb_decrypt },
|
||||
{ "setup", VERB_ANY, 1, 0, verb_setup },
|
||||
{ "help", VERB_ANY, 1, 0, verb_help },
|
||||
{ "has-tpm2", VERB_ANY, 1, 0, chainload_analyze },
|
||||
{}
|
||||
};
|
||||
|
||||
|
|
|
@ -1959,7 +1959,8 @@ static int clean_images(int argc, char *argv[], void *userdata) {
|
|||
static int chainload_importctl(int argc, char *argv[]) {
|
||||
int r;
|
||||
|
||||
log_notice("The 'machinectl %1$s' command has been replaced by 'importctl -m %1$s'. Redirecting invocation.", argv[optind]);
|
||||
if (!arg_quiet)
|
||||
log_notice("The 'machinectl %1$s' command has been replaced by 'importctl -m %1$s'. Redirecting invocation.", argv[optind]);
|
||||
|
||||
_cleanup_strv_free_ char **c =
|
||||
strv_new("importctl", "--class=machine");
|
||||
|
|
|
@ -2574,8 +2574,10 @@ static int context_load_partition_table(Context *context) {
|
|||
/* If we found the sector size and we're operating on a block device, use it as the file
|
||||
* system sector size as well, as we know its the sector size of the actual block device and
|
||||
* not just the offset at which we found the GPT header. */
|
||||
if (r > 0 && S_ISBLK(st.st_mode))
|
||||
if (r > 0 && S_ISBLK(st.st_mode)) {
|
||||
log_debug("Probed sector size of %s is %" PRIu32 " bytes.", context->node, ssz);
|
||||
fs_secsz = ssz;
|
||||
}
|
||||
}
|
||||
|
||||
r = fdisk_save_user_sector_size(c, /* phy= */ 0, ssz);
|
||||
|
@ -2639,7 +2641,7 @@ static int context_load_partition_table(Context *context) {
|
|||
* larger */
|
||||
grainsz = secsz < 4096 ? 4096 : secsz;
|
||||
|
||||
log_debug("Sector size of device is %lu bytes. Using grain size of %" PRIu64 ".", secsz, grainsz);
|
||||
log_debug("Sector size of device is %lu bytes. Using filesystem sector size of %" PRIu64 " and grain size of %" PRIu64 ".", secsz, fs_secsz, grainsz);
|
||||
|
||||
switch (arg_empty) {
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
integration_tests += [
|
||||
integration_test_template + {
|
||||
'name' : fs.name(meson.current_source_dir()),
|
||||
'cmdline' : integration_test_template['cmdline'] + ['selinux=1', 'lsm=selinux'],
|
||||
'cmdline' : integration_test_template['cmdline'] + ['systemd.wants=autorelabel.service', 'selinux=1', 'lsm=selinux'],
|
||||
# FIXME; Figure out why reboot sometimes hangs with 'linux' firmware.
|
||||
# Use 'auto' to automatically fallback on non-uefi architectures.
|
||||
'firmware' : 'auto',
|
||||
|
|
|
@ -4,5 +4,8 @@ integration_tests += [
|
|||
integration_test_template + {
|
||||
'name' : fs.name(meson.current_source_dir()),
|
||||
'storage' : 'persistent',
|
||||
# FIXME: Figure out why reboot sometimes hangs with 'linux' firmware.
|
||||
# Use 'auto' to automatically fallback on non-uefi architectures.
|
||||
'firmware' : 'auto',
|
||||
},
|
||||
]
|
||||
|
|
|
@ -3,5 +3,8 @@
|
|||
integration_tests += [
|
||||
integration_test_template + {
|
||||
'name' : fs.name(meson.current_source_dir()),
|
||||
# FIXME: Figure out why reboot sometimes hangs with 'linux' firmware.
|
||||
# Use 'auto' to automatically fallback on non-uefi architectures.
|
||||
'firmware' : 'auto',
|
||||
},
|
||||
]
|
||||
|
|
|
@ -27,5 +27,6 @@ integration_tests += [
|
|||
'-smbios', 'type=11,value=io.systemd.credential.binary:fstab.extra=aW5qZWN0ZWQgL2luamVjdGVkIHRtcGZzIFgtbW91bnQubWtkaXIgMCAwCg==',
|
||||
'-smbios', 'type=11,value=io.systemd.credential:getty.ttys.container=idontexist',
|
||||
],
|
||||
'firmware' : 'auto',
|
||||
},
|
||||
]
|
||||
|
|
|
@ -23,10 +23,9 @@ config["QemuArgs"] += ["-device", "pci-bridge,id=pci_bridge0,chassis_nr=64"]
|
|||
for bridge in range(1, 26):
|
||||
config["QemuArgs"] += [
|
||||
"-device",
|
||||
f"pci-bridge,id=pci_bridge{bridge},bus=pci_bridge{bridge - 1},"
|
||||
f"chassis_nr={64 + bridge}"
|
||||
f"pci-bridge,id=pci_bridge{bridge},bus=pci_bridge{bridge - 1},chassis_nr={64 + bridge},addr=1",
|
||||
]
|
||||
|
||||
config["QemuArgs"] += ["-device", f"virtio-blk-pci,drive=drive0,scsi=off,bus=pci_bridge25"]
|
||||
config["QemuArgs"] += ["-device", f"virtio-blk-pci,drive=drive0,scsi=off,bus=pci_bridge25,addr=1"]
|
||||
|
||||
json.dump(config, sys.stdout)
|
||||
|
|
|
@ -9,8 +9,8 @@ import sys
|
|||
|
||||
config = json.load(sys.stdin)
|
||||
|
||||
qemu = f"qemu-system-{os.environ["QEMU_ARCHITECTURE"]}"
|
||||
result = subprocess.run([qemu, '-device', 'help'], check=True, text=True, stdout=subprocess.PIPE)
|
||||
qemu = f"qemu-system-{os.environ['QEMU_ARCHITECTURE']}"
|
||||
result = subprocess.run([qemu, "-device", "help"], check=True, text=True, stdout=subprocess.PIPE)
|
||||
if 'name "nvme"' not in result.stdout:
|
||||
print("nvme device driver is not available, skipping test...", file=sys.stderr)
|
||||
exit(77)
|
||||
|
|
|
@ -9,8 +9,8 @@ import sys
|
|||
|
||||
config = json.load(sys.stdin)
|
||||
|
||||
qemu = f"qemu-system-{os.environ["QEMU_ARCHITECTURE"]}"
|
||||
result = subprocess.run([qemu, '-device', 'help'], check=True, text=True, stdout=subprocess.PIPE)
|
||||
qemu = f"qemu-system-{os.environ['QEMU_ARCHITECTURE']}"
|
||||
result = subprocess.run([qemu, "-device", "help"], check=True, text=True, stdout=subprocess.PIPE)
|
||||
if 'name "nvme"' not in result.stdout:
|
||||
print("nvme device driver is not available, skipping test...", file=sys.stderr)
|
||||
exit(77)
|
||||
|
|
|
@ -9,8 +9,8 @@ import sys
|
|||
|
||||
config = json.load(sys.stdin)
|
||||
|
||||
qemu = f"qemu-system-{os.environ["QEMU_ARCHITECTURE"]}"
|
||||
result = subprocess.run([qemu, '-device', 'help'], check=True, text=True, stdout=subprocess.PIPE)
|
||||
qemu = f"qemu-system-{os.environ['QEMU_ARCHITECTURE']}"
|
||||
result = subprocess.run([qemu, "-device", "help"], check=True, text=True, stdout=subprocess.PIPE)
|
||||
if 'name "virtio-scsi-pci"' not in result.stdout:
|
||||
print("virtio-scsi-pci device driver is not available, skipping test...", file=sys.stderr)
|
||||
exit(77)
|
||||
|
|
|
@ -8,5 +8,6 @@ integration_tests += [
|
|||
'after' : '@0@ tpm2.target'.format(integration_test_template['configuration']['after']),
|
||||
},
|
||||
'vm' : true,
|
||||
'firmware' : 'auto',
|
||||
},
|
||||
]
|
||||
|
|
|
@ -103,6 +103,12 @@ def main():
|
|||
journal_file = (args.meson_build_dir / (f"test/journal/{name}.journal")).absolute()
|
||||
journal_file.unlink(missing_ok=True)
|
||||
else:
|
||||
dropin += textwrap.dedent(
|
||||
"""
|
||||
[Unit]
|
||||
Wants=multi-user.target
|
||||
"""
|
||||
)
|
||||
journal_file = None
|
||||
|
||||
cmd = [
|
||||
|
|
|
@ -218,7 +218,7 @@ assert_ntp() {
|
|||
assert_timedated_signal() {
|
||||
local timestamp="${1:?}"
|
||||
local value="${2:?}"
|
||||
local args=(-q -n 1 --since="$timestamp" -p info _SYSTEMD_UNIT="busctl-monitor.service")
|
||||
local args=(-q -n 1 --since="$timestamp" -p info -t busctl)
|
||||
|
||||
journalctl --sync
|
||||
|
||||
|
@ -298,7 +298,7 @@ assert_timesyncd_signal() {
|
|||
local timestamp="${1:?}"
|
||||
local property="${2:?}"
|
||||
local value="${3:?}"
|
||||
local args=(-q --since="$timestamp" -p info _SYSTEMD_UNIT="busctl-monitor.service")
|
||||
local args=(-q --since="$timestamp" -p info -t busctl)
|
||||
|
||||
journalctl --sync
|
||||
|
||||
|
|
|
@ -231,8 +231,8 @@ testcase_nvme_subsystem() {
|
|||
/dev/disk/by-id/nvme-QEMU_NVMe_Ctrl_deadbeef_16
|
||||
/dev/disk/by-id/nvme-QEMU_NVMe_Ctrl_deadbeef_17
|
||||
# Shared namespaces
|
||||
/dev/disk/by-path/pci-*-nvme-16
|
||||
/dev/disk/by-path/pci-*-nvme-17
|
||||
/dev/disk/by-path/*pci*-nvme-16
|
||||
/dev/disk/by-path/*pci*-nvme-17
|
||||
)
|
||||
|
||||
udevadm wait --settle --timeout=30 "${expected_symlinks[@]}"
|
||||
|
|
Loading…
Reference in New Issue
Block a user