test-keymap-util: always use kbd-model-map we ship

This test makes assumptions on the availability of some mappings contained in
kbd-model-map and therefore strongly relies on the version shipped by
upstream. IOW the test is likely to fail if it's installed on a system with a
more comprehensive kbd-model-map.

This patch makes the upstream kbd-model-map file available via a symlink in
test/testdata/test-keymap-util dir and makes sure that this specific version is
always used by test-keymap-util regardless of whether the test is installed and
run on a different system or directly run (optionally via meson) from the
project working dir.

man/systemd-cryptenroll.xml

@@ -60,6 +60,23 @@
     area, which is not available in other encryption formats.</para>
   </refsect1>
 
+  <refsect1>
+    <title>Limitations</title>
+
+    <para>Note that currently when enrolling a new key of one of the five supported types listed above, it is
+    required to first provide a passphrase or recovery key (i.e. one of the latter two key types). For
+    example, it's currently not possible to unlock a device with a FIDO2 key in order to enroll a new FIDO2
+    key. Instead, in order to enroll a new FIDO2 key, it is necessary to provide an already enrolled regular
+    passphrase or recovery key. Thus, if in future key roll-over is desired it's generally recommended to
+    combine TPM2, FIDO2, PKCS#11 key enrollment with enrolling a regular passphrase or recovery key.</para>
+
+    <para>Also note that support for enrolling multiple FIDO2 tokens is currently not too useful, as while
+    unlocking <command>systemd-cryptsetup</command> cannot identify which token is currently plugged in and
+    thus does not know which authentication request to send to the device. This limitation does not apply to
+    tokens enrolled via PKCS#11 — because tokens of this type may be identified immediately, before
+    authentication.</para>
+  </refsect1>
+
   <refsect1>
     <title>Options</title>
 

src/locale/test-keymap-util.c

@@ -190,12 +190,17 @@ static void test_x11_convert_to_vconsole(void) {
 }
 
 int main(int argc, char **argv) {
+        _cleanup_free_ char *map = NULL;
+
         test_setup_logging(LOG_DEBUG);
 
         test_find_language_fallback();
         test_find_converted_keymap();
         test_find_legacy_keymap();
 
+        assert_se(get_testdata_dir("test-keymap-util/kbd-model-map", &map) >= 0);
+        assert_se(setenv("SYSTEMD_KBD_MODEL_MAP", map, 1) == 0);
+
         test_vconsole_convert_to_x11();
         test_x11_convert_to_vconsole();
 

src/network/netdev/veth.c

@@ -34,6 +34,12 @@ static int netdev_veth_fill_message_create(NetDev *netdev, Link *link, sd_netlin
                         return log_netdev_error_errno(netdev, r, "Could not append IFLA_ADDRESS attribute: %m");
         }
 
+        if (netdev->mtu != 0) {
+                r = sd_netlink_message_append_u32(m, IFLA_MTU, netdev->mtu);
+                if (r < 0)
+                        return log_netdev_error_errno(netdev, r, "Could not append IFLA_MTU attribute: %m");
+        }
+
         r = sd_netlink_message_close_container(m);
         if (r < 0)
                 return log_netdev_error_errno(netdev, r, "Could not append IFLA_INFO_DATA attribute: %m");

src/test/meson.build

@@ -13,7 +13,6 @@ test_include_dir = include_directories('.')
 
 path = run_command(sh, '-c', 'echo "$PATH"').stdout().strip()
 test_env = environment()
-test_env.set('SYSTEMD_KBD_MODEL_MAP', kbd_model_map)
 test_env.set('SYSTEMD_LANGUAGE_FALLBACK_MAP', language_fallback_map)
 test_env.set('PATH', project_build_root + ':' + path)
 

test/meson.build

@@ -36,6 +36,9 @@ if install_tests
         install_subdir('testsuite-63.units',
                        install_dir : testdata_dir)
 
+        install_data(kbd_model_map,
+                     install_dir : testdata_dir + '/test-keymap-util')
+
         testsuite08_dir = testdata_dir + '/testsuite-08.units'
         install_data('testsuite-08.units/-.mount',
                      install_dir : testsuite08_dir)

test/test-functions

@@ -951,13 +951,20 @@ install_multipath() {
 install_lvm() {
     image_install lvm
     image_install "${ROOTLIBDIR:?}"/system/lvm2-lvmpolld.{service,socket}
-    image_install "${ROOTLIBDIR:?}"/system/{blk-availability,lvm2-monitor,lvm2-pvscan@}.service
+    image_install "${ROOTLIBDIR:?}"/system/{blk-availability,lvm2-monitor}.service
     image_install "${ROOTLIBDIR:?}"/system-generators/lvm2-activation-generator
     image_install -o "/lib/tmpfiles.d/lvm2.conf"
     if get_bool "$LOOKS_LIKE_DEBIAN"; then
         inst_rules 56-lvm.rules 69-lvm-metad.rules
     else
-        inst_rules 11-dm-lvm.rules 69-dm-lvm-metad.rules
+        # Support the new udev autoactivation introduced in lvm 2.03.14
+        # https://sourceware.org/git/?p=lvm2.git;a=commit;h=67722b312390cdab29c076c912e14bd739c5c0f6
+        if [[ -f /lib/udev/rules.d/69-dm-lvm.rules ]]; then
+            inst_rules 11-dm-lvm.rules 69-dm-lvm.rules
+        else
+            image_install "${ROOTLIBDIR:?}"/system/lvm2-pvscan@.service
+            inst_rules 11-dm-lvm.rules 69-dm-lvm-metad.rules
+        fi
     fi
     mkdir -p "${initdir:?}/etc/lvm"
 }

test/test-keymap-util/kbd-model-map

@@ -0,0 +1 @@
+../../src/locale/kbd-model-map

test/test-network/conf/25-veth-mtu.netdev

@@ -0,0 +1,10 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[NetDev]
+Name=veth-mtu
+Kind=veth
+MACAddress=12:34:56:78:9a:be
+MTUBytes=1800
+
+[Peer]
+Name=veth-mtu-peer
+MACAddress=12:34:56:78:9a:bf

test/test-network/conf/netdev-link-local-addressing-yes.network

@@ -8,6 +8,8 @@ Name=macvlan99
 Name=macvtap99
 Name=veth99
 Name=veth-peer
+Name=veth-mtu
+Name=veth-mtu-peer
 Name=vcan99
 Name=vxcan99
 Name=vxcan-peer

test/test-network/systemd-networkd-tests.py

@@ -904,6 +904,7 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
         'test1',
         'tun99',
         'vcan99',
+        'veth-mtu',
         'veth99',
         'vlan99',
         'vrf99',
@@ -994,6 +995,7 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
         '25-tunnel-remote-any.network',
         '25-tunnel.network',
         '25-vcan.netdev',
+        '25-veth-mtu.netdev',
         '25-veth.netdev',
         '25-vrf.netdev',
         '25-vti6-tunnel-any-any.netdev',
@@ -1282,10 +1284,11 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
                 self.assertRegex(output, 'ipvtap  *mode ' + mode.lower() + ' ' + flag)
 
     def test_veth(self):
-        copy_unit_to_networkd_unit_path('25-veth.netdev', 'netdev-link-local-addressing-yes.network')
+        copy_unit_to_networkd_unit_path('25-veth.netdev', 'netdev-link-local-addressing-yes.network',
+                                        '25-veth-mtu.netdev')
         start_networkd()
 
-        self.wait_online(['veth99:degraded', 'veth-peer:degraded'])
+        self.wait_online(['veth99:degraded', 'veth-peer:degraded', 'veth-mtu:degraded', 'veth-mtu-peer:degraded'])
 
         output = check_output('ip -d link show veth99')
         print(output)
@@ -1294,6 +1297,15 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
         print(output)
         self.assertRegex(output, 'link/ether 12:34:56:78:9a:bd')
 
+        output = check_output('ip -d link show veth-mtu')
+        print(output)
+        self.assertRegex(output, 'link/ether 12:34:56:78:9a:be')
+        self.assertRegex(output, 'mtu 1800')
+        output = check_output('ip -d link show veth-mtu-peer')
+        print(output)
+        self.assertRegex(output, 'link/ether 12:34:56:78:9a:bf')
+        self.assertRegex(output, 'mtu 1800')
+
     def test_tun(self):
         copy_unit_to_networkd_unit_path('25-tun.netdev')
         start_networkd()

test/units/testsuite-64.sh

@@ -58,6 +58,43 @@ helper_wait_for_dev() {
     return 1
 }
 
+# Wrapper around `helper_wait_for_lvm_activate()` and `helper_wait_for_pvscan()`
+# functions to cover differences between pre and post lvm 2.03.14, which introduced
+# a new way of vgroup autoactivation
+# See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=67722b312390cdab29c076c912e14bd739c5c0f6
+# Arguments:
+#   $1 - device path (for helper_wait_for_pvscan())
+#   $2 - volume group name (for helper_wait_for_lvm_activate())
+#   $3 - number of retries (default: 10)
+helper_wait_for_vgroup() {
+    local dev="${1:?}"
+    local vgroup="${2:?}"
+    local ntries="${3:-10}"
+
+    if ! systemctl -q list-unit-files lvm2-pvscan@.service >/dev/null; then
+        helper_wait_for_lvm_activate "$vgroup" "$ntries"
+    else
+        helper_wait_for_pvscan "$dev" "$ntries"
+    fi
+}
+
+# Wait for the lvm-activate-$vgroup.service of a specific $vgroup to finish
+# Arguments:
+#   $1 - volume group name
+#   $2 - number of retries (default: 10)
+helper_wait_for_lvm_activate() {
+    local vgroup="${1:?}"
+    local ntries="${2:-10}"
+    local i
+
+    for ((i = 0; i < ntries; i++)); do
+        ! systemctl -q is-active "lvm-activate-$vgroup.service" || return 0
+        sleep .5
+    done
+
+    return 1
+}
+
 # Wait for the lvm2-pvscan@.service of a specific device to finish
 # Arguments:
 #   $1 - device path
@@ -65,7 +102,7 @@ helper_wait_for_dev() {
 helper_wait_for_pvscan() {
     local dev="${1:?}"
     local ntries="${2:-10}"
-    local MAJOR MINOR pvscan_svc real_dev
+    local MAJOR MINOR i pvscan_svc real_dev
 
     # Sanity check we got a valid block device (or a symlink to it)
     real_dev="$(readlink -f "$dev")"
@@ -576,7 +613,7 @@ testcase_iscsi_lvm() {
     udevadm settle
     for link in "${expected_symlinks[@]}"; do
         helper_wait_for_dev "$link"
-        helper_wait_for_pvscan "$link"
+        helper_wait_for_vgroup "$link" "$vgroup"
         test -e "$link"
     done
     udevadm settle