2026-04-11 17:44:58 +02:00
7 changed files with 16 additions and 61 deletions
--- a/hwdb.d/60-keyboard.hwdb
+++ b/hwdb.d/60-keyboard.hwdb
@ -569,8 +569,8 @@ evdev:atkbd:dmi:bvn*:bvr*:svnHP*:pnHPElitex21013G3:*
 KEYBOARD_KEY_92=brightnessdown
 KEYBOARD_KEY_97=brightnessup
-# HP Laptop 15s-eq0023nl
+# HP Laptop15s-eq0xxx
-evdev:atkbd:dmi:bvn*:bvr*:svnHP*:pnHPLaptop15s-eq0*:sku9MG38EA#ABZ:*
+evdev:atkbd:dmi:bvn*:bvr*:svnHP*:pnHPLaptop15s-eq0*:*
 KEYBOARD_KEY_9d=102nd                                  # Greater than/Less than
 # Elitebook
--- a/meson_options.txt
+++ b/meson_options.txt
@ -418,6 +418,8 @@ option('dbus', type : 'combo', choices : ['auto', 'true', 'false'],
 option('gnu-efi', type : 'combo', choices : ['auto', 'true', 'false'],
       description : 'gnu-efi support for sd-boot')
 option('efi-cc', type : 'array',
       description : 'the compiler to use for EFI modules')
 # Note that LLD does not support PE/COFF relocations
 # https://lists.llvm.org/pipermail/llvm-dev/2021-March/149234.html
 option('efi-ld', type : 'combo', choices : ['auto', 'bfd', 'gold'],
--- a/src/boot/efi/fuzz-bcd.c
+++ b/src/boot/efi/fuzz-bcd.c
@ -1,26 +0,0 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 #include "alloc-util.h"
 #include "fd-util.h"
 #include "fuzz.h"
 #include "utf8.h"
 #include "bcd.c"
 int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
        _cleanup_free_ void *p = NULL;
        /* This limit was borrowed from src/boot/efi/boot.c */
        if (size > 100*1024)
                return 0;
        if (!getenv("SYSTEMD_LOG_LEVEL"))
                log_set_max_level(LOG_CRIT);
        p = memdup(data, size);
        assert_se(p);
        char16_t *title = get_bcd_title(p, size);
        assert_se(!title || char16_strlen(title) >= 0);
        return 0;
 }
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@ -43,7 +43,11 @@ if not cc.has_header_symbol('efi.h', 'EFI_IMAGE_MACHINE_X64',
        subdir_done()
 endif
-objcopy = run_command(cc.cmd_array(), '-print-prog-name=objcopy', check: true).stdout().strip()
+objcopy = find_program('objcopy')
 efi_cc = get_option('efi-cc')
 if efi_cc.length() == 0
        efi_cc = cc.cmd_array()
 endif
 efi_ld = get_option('efi-ld')
 if efi_ld == 'auto'
@ -58,7 +62,7 @@ efi_libdir = ''
 foreach dir : [get_option('efi-libdir'),
               '/usr/lib/gnuefi' / efi_arch[0],
               run_command('realpath', '-e',
-                        '/usr/lib' / run_command(cc.cmd_array(), '-print-multi-os-directory').stdout().strip()).stdout().strip()]
+                        '/usr/lib' / run_command(efi_cc, '-print-multi-os-directory').stdout().strip()).stdout().strip()]
        if dir != '' and fs.is_dir(dir)
                efi_libdir = dir
                break
@ -271,13 +275,15 @@ if run_command('grep', '-q', '__CTOR_LIST__', efi_lds).returncode() == 0
        ]
 endif
-if cc.get_id() == 'clang' and cc.version().split('.')[0].to_int() <= 10
+efi_cc_version = run_command(efi_cc, '--version').stdout().split('\n')[0]
 if efi_cc_version.contains('clang') and efi_cc_version.split('.')[0].split(' ')[-1].to_int() <= 10
        # clang <= 10 doesn't pass -T to the linker and then even complains about it being unused
        efi_ldflags += ['-Wl,-T,' + efi_lds, '-Wno-unused-command-line-argument']
 endif
 summary({
        'EFI machine type' :                efi_arch[0],
        'EFI CC' :                          '@0@'.format(' '.join(efi_cc)),
        'EFI LD' :                          efi_ld,
        'EFI lds' :                         efi_lds,
        'EFI crt0' :                        efi_crt0,
@ -354,9 +360,6 @@ if efi_arch[1] in ['ia32', 'x86_64', 'arm', 'aarch64']
                 [],
                 'HAVE_ZSTD'],
        ]
        fuzzers += [
                [['src/boot/efi/fuzz-bcd.c']],
        ]
 endif
 systemd_boot_objects = []
@ -365,7 +368,7 @@ foreach file : fundamental_source_paths + common_sources + systemd_boot_sources
        o_file = custom_target(file.split('/')[-1] + '.o',
                               input : file,
                               output : file.split('/')[-1] + '.o',
-                               command : [cc.cmd_array(), '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags],
+                               command : [efi_cc, '-c', '@INPUT@', '-o', '@OUTPUT@', efi_cflags],
                               depend_files : efi_headers + fundamental_headers)
        if (fundamental_source_paths + common_sources + systemd_boot_sources).contains(file)
                systemd_boot_objects += o_file
@ -386,7 +389,7 @@ foreach tuple : [['systemd_boot.so', systemd_boot_efi_name, systemd_boot_objects
                tuple[0],
                input : tuple[2],
                output : tuple[0],
-                command : [cc.cmd_array(), '-o', '@OUTPUT@', efi_ldflags, efi_cflags, tuple[2], '-lefi', '-lgnuefi', '-lgcc'],
+                command : [efi_cc, '-o', '@OUTPUT@', efi_ldflags, efi_cflags, tuple[2], '-lefi', '-lgnuefi', '-lgcc'],
                install : tuple[3],
                install_dir : bootlibdir)
--- a/src/fundamental/efivars-fundamental.c
+++ b/src/fundamental/efivars-fundamental.c
@ -4,7 +4,6 @@
 static const sd_char * const table[_SECURE_BOOT_MAX] = {
        [SECURE_BOOT_UNSUPPORTED] = STR_C("unsupported"),
        [SECURE_BOOT_DISABLED]    = STR_C("disabled"),
        [SECURE_BOOT_UNKNOWN]     = STR_C("unknown"),
        [SECURE_BOOT_AUDIT]       = STR_C("audit"),
        [SECURE_BOOT_DEPLOYED]    = STR_C("deployed"),
@ -32,11 +31,6 @@ SecureBootMode decode_secure_boot_mode(
        if (!secure && !deployed && !audit && setup)
                return SECURE_BOOT_SETUP;
        /* Some firmware allows disabling secure boot while not being in
         * setup mode unless the PK is cleared. */
        if (!secure && !deployed && !audit && !setup)
                return SECURE_BOOT_DISABLED;
        /* Well, this should not happen. */
        return SECURE_BOOT_UNKNOWN;
 }
--- a/src/fundamental/efivars-fundamental.h
+++ b/src/fundamental/efivars-fundamental.h
@ -19,7 +19,6 @@
 typedef enum SecureBootMode {
        SECURE_BOOT_UNSUPPORTED,
        SECURE_BOOT_DISABLED,
        SECURE_BOOT_UNKNOWN,
        SECURE_BOOT_AUDIT,
        SECURE_BOOT_DEPLOYED,
--- a/tools/oss-fuzz.sh
+++ b/tools/oss-fuzz.sh
@ -36,13 +36,6 @@ else
    apt-get install -y gperf m4 gettext python3-pip \
        libcap-dev libmount-dev libkmod-dev \
        pkg-config wget python3-jinja2
    # gnu-efi is installed here to enable -Dgnu-efi behind which fuzz-bcd
    # is hidden. It isn't linked against efi. It doesn't
    # even include "efi.h" because "bcd.c" can work in "unit test" mode
    # where it isn't necessary.
    apt-get install -y gnu-efi zstd
    pip3 install -r .github/workflows/requirements.txt --require-hashes
    # https://github.com/google/oss-fuzz/issues/6868
@ -50,8 +43,7 @@ else
    export PYTHONPATH="$ORIG_PYTHONPATH:/usr/lib/python3/dist-packages/"
    if [[ "$SANITIZER" == undefined ]]; then
-        additional_ubsan_checks=pointer-overflow,alignment
+        UBSAN_FLAGS="-fsanitize=pointer-overflow -fno-sanitize-recover=pointer-overflow"
        UBSAN_FLAGS="-fsanitize=$additional_ubsan_checks -fno-sanitize-recover=$additional_ubsan_checks"
        CFLAGS="$CFLAGS $UBSAN_FLAGS"
        CXXFLAGS="$CXXFLAGS $UBSAN_FLAGS"
    fi
@ -64,15 +56,6 @@ fi
 ninja -v -C "$build" fuzzers
 # Compressed BCD files are kept in test/test-bcd so let's unpack them
 # and put them all in the seed corpus.
 bcd=$(mktemp -d)
 for i in test/test-bcd/*.zst; do
     unzstd "$i" -o "$bcd/$(basename "${i%.zst}")";
 done
 zip -jqr "$OUT/fuzz-bcd_seed_corpus.zip" "$bcd"
 rm -rf "$bcd"
 # The seed corpus is a separate flat archive for each fuzzer,
 # with a fixed name ${fuzzer}_seed_corpus.zip.
 for d in "$(dirname "$0")/../test/fuzz/fuzz-"*; do