Bulk update from Factory to SLFO (bsc#1236018) #391
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…xtend The `systemd-pcrphase` binary has been renamed to `systemd-pcrextend` since systemd/systemd@32295fa0
This patch allows forcing the input of the file path for the generated initramfs image (disabling automatic guessing of the location) using a new configuration option `force_output_file=yes`. bsc#1213648
``` > valgrind --leak-check=full --show-leak-kinds=all ./dracut-install --kerneldir /lib/modules/$(uname -r)/ --modalias ... ==22005== ==22005== HEAP SUMMARY: ==22005== in use at exit: 54,984 bytes in 1,286 blocks ==22005== total heap usage: 585,546 allocs, 584,260 frees, 165,213,417 bytes allocated ==22005== ... ==22005== ==22005== LEAK SUMMARY: ==22005== definitely lost: 4,390 bytes in 390 blocks ==22005== indirectly lost: 0 bytes in 0 blocks ==22005== possibly lost: 0 bytes in 0 blocks ==22005== still reachable: 50,594 bytes in 896 blocks ==22005== suppressed: 0 bytes in 0 blocks ==22005== ==22005== For lists of detected and suppressed errors, rerun with: -s ==22005== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0) ```
Use `regfree` to free memory allocated by `regcomp`. Quoting [1]: "If the preg argument to regexec() or regfree() is not a compiled regular expression returned by regcomp(), the result is undefined." Therefore, `regfree` must only be called if `regcomp` succeeded. [1] https://pubs.opengroup.org/onlinepubs/9699919799/functions/regcomp.html
The content of the kernel command line is assigned via `strdup`, but not freed
on exit. This happens after each call to `getarg(s)`, what makes an interesting
amount of bytes not released at every boot.
```
master> grep -r -o -e getarg -e getargs modules.d | wc -l
457
master> export CMDLINE=$(< /proc/cmdline)
master> echo ${#CMDLINE}
130
afeijoo@localhost:~/src/dracut/opensuse-fork/master> valgrind --leak-check=full --show-leak-kinds=all ./dracut-getarg security
==24270== Memcheck, a memory error detector
==24270== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==24270== Using Valgrind-3.20.0 and LibVEX; rerun with -h for copyright info
==24270== Command: ./dracut-getarg security
==24270==
apparmor
==24270==
==24270== HEAP SUMMARY:
==24270== in use at exit: 131 bytes in 1 blocks
==24270== total heap usage: 2 allocs, 1 frees, 1,155 bytes allocated
==24270==
==24270== 131 bytes in 1 blocks are definitely lost in loss record 1 of 1
==24270== at 0x4838744: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==24270== by 0x490D839: strdup (in /lib64/libc-2.31.so)
==24270== by 0x108AF6: getarg (util.c:188)
==24270== by 0x108AF6: main (util.c:300)
==24270==
==24270== LEAK SUMMARY:
==24270== definitely lost: 131 bytes in 1 blocks
==24270== indirectly lost: 0 bytes in 0 blocks
==24270== possibly lost: 0 bytes in 0 blocks
==24270== still reachable: 0 bytes in 0 blocks
==24270== suppressed: 0 bytes in 0 blocks
==24270==
==24270== For lists of detected and suppressed errors, rerun with: -s
==24270== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
```
… dir The `remove_hostonly_files` function should only remove (as its name suggests) hostonly configuration and files. The initqueue/finished scripts considered as hostonly that must be removed are added via `wait_for_dev`. But, the `hookdirs` are always created at build time, and should not be removed. This patch also allows to remove the `mkdir` workaround in the `network-manager` module (copied-pasted into the `connman` module after), and avoids having to add it tree-wide in many missing places. Fixes 87e90d7
…y included Some required libraries that used to be statically included are in the process to be opened via `dlopen()`. References: - systemd/systemd#31131 - systemd/systemd#31550 - systemd/systemd#32019
systemd/systemd@4e1f0037 added a new `tpm2.target`, which is now used by `systemd-pcrphase-initrd.service`, and `systemd-tpm2-generator`, which adds a `Wants=` dependency from `sysinit.target` to `tpm2.target` when it detects that the firmware discovered a TPM2 device but the kernel didn't.
Since systemd/systemd@ffc1ec73, /usr is mounted as read-only in the initramfs by default. Fixes dracutdevs#2588 Co-authored-by: Antonio Alvarez Feijoo <antonio.feijoo@suse.com> (cherry picked from commit dracut-ng/dracut-ng@a45048b)
If the test returns false, the %post script also exits with error and the rpm build fails. Fixes f6bfaa3
Since d2f6f44, the result code returned by dracut-install is propagated again, so `installkernel()` must return 0 to keep backwards compatibility if `dracut_instmods()` fails.
Preparation work to avoid interfering with other initrd generators.
Change /etc/modprobe.d path to /run/modprobe.d in hooks. /etc might be mounted as read-only. (cherry picked from commit dracut-ng/dracut-ng@424717a) SUSE NOTE: although the committer stated that /etc might be mounted as read-only, the real and only problem here is with the conf files modified at boot in /usr/lib/modprobe.d (for `rd.driver.blacklist` and `rd.driver.post`), because since systemd/systemd@ffc1ec73, /usr is mounted as read-only in the initrd by default.
This module loops over many bus devices, and calls `dracut_instmods` for each
one. E.g., on a Lenovo Thinkpad laptop:
```
> for i in /sys/bus/{pci/devices,platform/devices,virtio/devices,soc/devices/soc?,vmbus/devices}/*/modalias; do [[ -e $i ]] && [[ -n $(< "$i") ]] && echo $i; done | wc -l
79
```
Every call to `dracut_instmods` spawns a `dracut-install` process, which in the
previous example means calling `dracut-install` 79 times using the same
arguments.
If any call to `dracut-install` fails, dracut continues its execution (even the
errors are not shown, because it's called with `--silent`). Therefore, let's
take the contents of all the `modalias` files into an array and call
`dracut-install` only once, adding also the `-o` argument, so if any of the
modules cannot be installed, `dracut-install` does not stop.
A password cannot be entered if there is no graphical output during boot, as is the case in aarch64, where efifb does not work with qemu-system-aarch64: - virtio-gpu-pci does not expose a linear framebuffer - virtio-vga is not supported - ramfb is not enough Therefore, depend on the drm module if virtio_gpu is loaded on the system. (cherry picked from commit dracut-ng/dracut-ng@4cc962a)
When use clone ioctl to copy a file, the extended attributes of files are missing, which is inconsistent with the result by using the cp command. This commit add the process to copy extended attributes after clone_file(). Signed-off-by: Huaxin Lu <luhuaxin1@huawei.com> (cherry picked from commit dracut-ng/dracut-ng@3e1d0bc)
Unlike ordinary binaries, kernel module will be unusable if stripped with "-p". Fix this by always use "-g" only. So far it didn't cause many issues since most kernels have their modules signed or compressed so this is skipped. Signed-off-by: Kairui Song <kasong@tencent.com> (cherry picked from commit dracut-ng/dracut-ng@a1c51af)
…ec files Although the kernel modules are not included yet because they are not executable, this speeds up the `find`. (cherry picked from commit dracut-ng/dracut-ng@ad36b61)
This fixes the build with `--kernel-only` option.
/var is usually not mounted in the initrd, so it will not persist.
Required for systemd-v257, see systemd/systemd@408ab98
Some of the tmpfiles to be managed during initrd phase are now described in a separate tmpfiles.d snippet, see systemd/systemd@408ab98 Fixes: dracut-ng/dracut-ng#1046 (cherry picked from commit 0df928856150e674ce4cb04c0ceafae71d18d55b)
…evice Currently, dracut adds a systemd dropin that sets an infinite timeout _only_ for the underlying persistent devices of each host device that must be active in the initrd. E.g.: ``` localhost:~ # dracut -f --stdlog 3 --install "/mnt" --mount "/dev/sda1 /mnt btrfs rw,relatime" localhost:~ # lsinitrd | grep timeout.conf -rw-r--r-- 2 root root 0 Oct 28 14:21 etc/systemd/system/dev-disk-by\x2duuid-0d1b24c2\x2df112\x2d48ef\x2d8442\x2d1001cffc92f0.device.d/timeout.conf localhost:~ # ls -l /dev/disk/by-uuid/0d1b24c2-f112-48ef-8442-1001cffc92f0 lrwxrwxrwx 1 root root 10 Oct 28 11:43 /dev/disk/by-uuid/0d1b24c2-f112-48ef-8442-1001cffc92f0 -> ../../sda1 ``` It can be verified in the emergency shell: ``` sh-5.2# systemctl show --property JobRunningTimeoutUSec /dev/disk/by-uuid/0d1b24c2-f112-48ef-8442-1001cffc92f0 JobRunningTimeoutUSec=infinity sh-5.2# systemctl show --property JobRunningTimeoutUSec /dev/sda1 JobRunningTimeoutUSec=1min 30s ``` This can cause a problem if a user application expects to mount /dev/sda1 in the initrd (that's why it was explicitly added `--mount "/dev/sda1 ..."`), but for some reason the link is not created within 1min 30s. (cherry picked from commit dracut-ng/dracut-ng@c79fc8f) bsc#1231792
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
systemd was updated from v254 to v257 in SLFO, so dracut needs to be updated as well.