Merge pull request #16687 from DaanDeMeyer/bootloader-machine-id

Allow bootctl and kernel-install to be called without /etc/machine-id present
log: don't explicitly re-open log for failed assertions
2020-08-18 15:05:26 +02:00 · 2020-08-18 10:31:25 +02:00 · 2020-08-18 10:06:25 +02:00 · 2020-08-18 10:01:19 +02:00 · 2020-08-17 19:56:55 +02:00 · 2020-08-17 19:56:55 +02:00
7 changed files with 54 additions and 129 deletions
--- a/man/kernel-install.xml
+++ b/man/kernel-install.xml
@ -211,7 +211,9 @@
          <filename>/etc/machine-id</filename>
        </term>
          <listitem>
-            <para>The content of the file specifies the machine identification <replaceable>MACHINE-ID</replaceable>.</para>
+            <para>The content of this file specifies the machine identification
            <replaceable>MACHINE-ID</replaceable>. If it cannot read <filename>/etc/machine-id</filename>,
            kernel-install will use "Linux" as the machine ID instead.</para>
          </listitem>
      </varlistentry>
      <varlistentry>
--- a/src/basic/log.c
+++ b/src/basic/log.c
@ -838,7 +838,6 @@ _noreturn_ void log_assert_failed_realm(
                const char *file,
                int line,
                const char *func) {
        (void) log_open();
        log_assert(LOG_REALM_PLUS_LEVEL(realm, LOG_CRIT), text, file, line, func,
                   "Assertion '%s' failed at %s:%u, function %s(). Aborting.");
        abort();
@ -850,7 +849,6 @@ _noreturn_ void log_assert_failed_unreachable_realm(
                const char *file,
                int line,
                const char *func) {
        (void) log_open();
        log_assert(LOG_REALM_PLUS_LEVEL(realm, LOG_CRIT), text, file, line, func,
                   "Code should not be reached '%s' at %s:%u, function %s(). Aborting.");
        abort();
--- a/src/basic/missing_syscall.h
+++ b/src/basic/missing_syscall.h
@ -515,7 +515,7 @@ static inline long missing_get_mempolicy(int *mode, unsigned long *nodemask,
                           unsigned long maxnode, void *addr,
                           unsigned long flags) {
        long i;
-#  ifdef __NR_get_mempolicy
+#  if defined __NR_get_mempolicy && __NR_get_mempolicy >= 0
        i = syscall(__NR_get_mempolicy, mode, nodemask, maxnode, addr, flags);
 #  else
        errno = ENOSYS;
@ -524,25 +524,7 @@ static inline long missing_get_mempolicy(int *mode, unsigned long *nodemask,
        return i;
 }
-#define get_mempolicy missing_get_mempolicy
+#  define get_mempolicy missing_get_mempolicy
 #endif
 #if !HAVE_PIDFD_OPEN
 /* may be (invalid) negative number due to libseccomp, see PR 13319 */
 #  if ! (defined __NR_pidfd_open && __NR_pidfd_open >= 0)
 #    if defined __NR_pidfd_open
 #      undef __NR_pidfd_open
 #    endif
 #    define __NR_pidfd_open 434
 #endif
 static inline int pidfd_open(pid_t pid, unsigned flags) {
 #ifdef __NR_pidfd_open
        return syscall(__NR_pidfd_open, pid, flags);
 #else
        errno = ENOSYS;
        return -1;
 #endif
 }
 #endif
 #if !HAVE_PIDFD_SEND_SIGNAL
@ -551,20 +533,54 @@ static inline int pidfd_open(pid_t pid, unsigned flags) {
 #    if defined __NR_pidfd_send_signal
 #      undef __NR_pidfd_send_signal
 #    endif
 /* should be always defined, see kernel 39036cd2727395c3369b1051005da74059a85317 */
 #    if defined(__alpha__)
 #      define __NR_pidfd_send_signal 534
 #    else
 #      define __NR_pidfd_send_signal 424
-#endif
+#    endif
-static inline int pidfd_send_signal(int fd, int sig, siginfo_t *info, unsigned flags) {
+#  endif
-#ifdef __NR_pidfd_open
+static inline int missing_pidfd_send_signal(int fd, int sig, siginfo_t *info, unsigned flags) {
 #  ifdef __NR_pidfd_open
        return syscall(__NR_pidfd_send_signal, fd, sig, info, flags);
-#else
+#  else
        errno = ENOSYS;
        return -1;
-#endif
+#  endif
 }
 #  define pidfd_send_signal missing_pidfd_send_signal
 #endif
 #if !HAVE_PIDFD_OPEN
 /* may be (invalid) negative number due to libseccomp, see PR 13319 */
 #  if ! (defined __NR_pidfd_open && __NR_pidfd_open >= 0)
 #    if defined __NR_pidfd_open
 #      undef __NR_pidfd_open
 #    endif
 /* should be always defined, see kernel 7615d9e1780e26e0178c93c55b73309a5dc093d7 */
 #    if defined(__alpha__)
 #      define __NR_pidfd_open 544
 #    else
 #      define __NR_pidfd_open 434
 #    endif
 #  endif
 static inline int missing_pidfd_open(pid_t pid, unsigned flags) {
 #  ifdef __NR_pidfd_open
        return syscall(__NR_pidfd_open, pid, flags);
 #  else
        errno = ENOSYS;
        return -1;
 #  endif
 }
 #  define pidfd_open missing_pidfd_open
 #endif
 #if !HAVE_RT_SIGQUEUEINFO
-static inline int rt_sigqueueinfo(pid_t tgid, int sig, siginfo_t *info) {
+static inline int missing_rt_sigqueueinfo(pid_t tgid, int sig, siginfo_t *info) {
        return syscall(__NR_rt_sigqueueinfo, tgid, sig, info);
 }
 #  define rt_sigqueueinfo missing_rt_sigqueueinfo
 #endif
--- a/src/boot/bootctl.c
+++ b/src/boot/bootctl.c
@ -888,14 +888,6 @@ static int remove_subdirs(const char *root, const char *const *subdirs) {
        return r < 0 ? r : q;
 }
 static int remove_machine_id_directory(const char *root, sd_id128_t machine_id) {
        char buf[SD_ID128_STRING_MAX];
        assert(root);
        return rmdir_one(root, sd_id128_to_string(machine_id, buf));
 }
 static int remove_binaries(const char *esp_path) {
        const char *p;
        int r, q;
@ -978,8 +970,7 @@ static int remove_loader_variables(void) {
        return r;
 }
-static int install_loader_config(const char *esp_path, sd_id128_t machine_id) {
+static int install_loader_config(const char *esp_path) {
        char machine_string[SD_ID128_STRING_MAX];
        _cleanup_(unlink_and_freep) char *t = NULL;
        _cleanup_fclose_ FILE *f = NULL;
        _cleanup_close_ int fd = -1;
@ -999,8 +990,7 @@ static int install_loader_config(const char *esp_path, sd_id128_t machine_id) {
                return log_oom();
        fprintf(f, "#timeout 3\n"
-                   "#console-mode keep\n"
+                   "#console-mode keep\n");
                   "default %s-*\n", sd_id128_to_string(machine_id, machine_string));
        r = fflush_sync_and_check(f);
        if (r < 0)
@ -1016,14 +1006,6 @@ static int install_loader_config(const char *esp_path, sd_id128_t machine_id) {
        return 1;
 }
 static int install_machine_id_directory(const char *root, sd_id128_t machine_id) {
        char buf[SD_ID128_STRING_MAX];
        assert(root);
        return mkdir_one(root, sd_id128_to_string(machine_id, buf));
 }
 static int help(int argc, char *argv[], void *userdata) {
        _cleanup_free_ char *link = NULL;
        int r;
@ -1531,7 +1513,6 @@ static int verb_install(int argc, char *argv[], void *userdata) {
        sd_id128_t uuid = SD_ID128_NULL;
        uint64_t pstart = 0, psize = 0;
        uint32_t part = 0;
        sd_id128_t machine_id;
        bool install;
        int r;
@ -1543,10 +1524,6 @@ static int verb_install(int argc, char *argv[], void *userdata) {
        if (r < 0)
                return r;
        r = sd_id128_get_machine(&machine_id);
        if (r < 0)
                return log_error_errno(r, "Failed to get machine id: %m");
        install = streq(argv[0], "install");
        RUN_WITH_UMASK(0002) {
@ -1568,11 +1545,7 @@ static int verb_install(int argc, char *argv[], void *userdata) {
                        return r;
                if (install) {
-                        r = install_loader_config(arg_esp_path, machine_id);
+                        r = install_loader_config(arg_esp_path);
                        if (r < 0)
                                return r;
                        r = install_machine_id_directory(arg_dollar_boot_path(), machine_id);
                        if (r < 0)
                                return r;
@ -1594,7 +1567,7 @@ static int verb_install(int argc, char *argv[], void *userdata) {
 }
 static int verb_remove(int argc, char *argv[], void *userdata) {
-        sd_id128_t uuid = SD_ID128_NULL, machine_id;
+        sd_id128_t uuid = SD_ID128_NULL;
        int r, q;
        r = acquire_esp(false, NULL, NULL, NULL, &uuid);
@ -1605,10 +1578,6 @@ static int verb_remove(int argc, char *argv[], void *userdata) {
        if (r < 0)
                return r;
        r = sd_id128_get_machine(&machine_id);
        if (r < 0)
                return log_error_errno(r, "Failed to get machine id: %m");
        r = remove_binaries(arg_esp_path);
        q = remove_file(arg_esp_path, "/loader/loader.conf");
@ -1627,19 +1596,11 @@ static int verb_remove(int argc, char *argv[], void *userdata) {
        if (q < 0 && r >= 0)
                r = q;
        q = remove_machine_id_directory(arg_esp_path, machine_id);
        if (q < 0 && r >= 0)
                r = 1;
        if (arg_xbootldr_path) {
                /* Remove the latter two also in the XBOOTLDR partition if it exists */
                q = remove_subdirs(arg_xbootldr_path, dollar_boot_subdirs);
                if (q < 0 && r >= 0)
                        r = q;
                q = remove_machine_id_directory(arg_xbootldr_path, machine_id);
                if (q < 0 && r >= 0)
                        r = q;
        }
        (void) sync_everything();
--- a/src/kernel-install/kernel-install
+++ b/src/kernel-install/kernel-install
@ -87,6 +87,8 @@ KERNEL_IMAGE="$2"
 if [[ -f /etc/machine-id ]]; then
    read MACHINE_ID < /etc/machine-id
 else
    MACHINE_ID="Linux"
 fi
 if [[ ! $COMMAND ]] || [[ ! $KERNEL_VERSION ]]; then
@ -94,10 +96,7 @@ if [[ ! $COMMAND ]] || [[ ! $KERNEL_VERSION ]]; then
    exit 1
 fi
-if ! [[ $MACHINE_ID ]]; then
+if [[ -d /efi/loader/entries ]] || [[ -d /efi/$MACHINE_ID ]]; then
    ENTRY_DIR_ABS=$(mktemp -d /tmp/kernel-install.XXXXX) || exit 1
    trap "rm -rf '$ENTRY_DIR_ABS'" EXIT INT QUIT PIPE
 elif [[ -d /efi/loader/entries ]] || [[ -d /efi/$MACHINE_ID ]]; then
    ENTRY_DIR_ABS="/efi/$MACHINE_ID/$KERNEL_VERSION"
 elif [[ -d /boot/loader/entries ]] || [[ -d /boot/$MACHINE_ID ]]; then
    ENTRY_DIR_ABS="/boot/$MACHINE_ID/$KERNEL_VERSION"
@ -146,14 +145,6 @@ case $COMMAND in
                ((ret+=$x))
            fi
        done
        if ! [[ $MACHINE_ID ]] && ! rmdir "$ENTRY_DIR_ABS"; then
            echo "Warning: In kernel-install plugins, requiring ENTRY_DIR_ABS to be preset is deprecated." >&2
            echo "         All plugins should not put anything in ENTRY_DIR_ABS if the environment" >&2
            echo "         variable KERNEL_INSTALL_MACHINE_ID is empty." >&2
            rm -rf "$ENTRY_DIR_ABS"
            ((ret+=$?))
        fi
        ;;
    remove)
--- a/src/resolve/resolved-resolv-conf.c
+++ b/src/resolve/resolved-resolv-conf.c
@ -231,7 +231,6 @@ static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
 static void write_resolv_conf_search(
                OrderedSet *domains,
                FILE *f) {
        unsigned length = 0, count = 0;
        Iterator i;
        char *domain;
@ -241,15 +240,6 @@ static void write_resolv_conf_search(
        fputs("search", f);
        ORDERED_SET_FOREACH(domain, domains, i) {
                if (++count > MAXDNSRCH) {
                        fputs("\n# Too many search domains configured, remaining ones ignored.", f);
                        break;
                }
                length += strlen(domain) + 1;
                if (length > 256) {
                        fputs("\n# Total length of all search domains is too long, remaining ones ignored.", f);
                        break;
                }
                fputc(' ', f);
                fputs(domain, f);
        }
--- a/test/networkd-test.py
+++ b/test/networkd-test.py
@ -917,40 +917,7 @@ Domains= one two three four five six seven eight nine ten''')
            if ' one' in contents:
                break
            time.sleep(0.1)
-        self.assertRegex(contents, 'search .*one two three four')
+        self.assertRegex(contents, 'search .*one two three four five six seven eight nine ten')
        self.assertNotIn('seven\n', contents)
        self.assertIn('# Too many search domains configured, remaining ones ignored.\n', contents)
    def test_search_domains_too_long(self):
        # we don't use this interface for this test
        self.if_router = None
        name_prefix = 'a' * 60
        self.write_network('test.netdev', '''\
 [NetDev]
 Name=dummy0
 Kind=dummy
 MACAddress=12:34:56:78:9a:bc''')
        self.write_network('test.network', '''\
 [Match]
 Name=dummy0
 [Network]
 Address=192.168.42.100/24
 DNS=192.168.42.1
 Domains={p}0 {p}1 {p}2 {p}3 {p}4'''.format(p=name_prefix))
        self.start_unit('systemd-networkd')
        for timeout in range(50):
            with open(RESOLV_CONF) as f:
                contents = f.read()
            if ' one' in contents:
                break
            time.sleep(0.1)
        self.assertRegex(contents, 'search .*{p}0 {p}1 {p}2'.format(p=name_prefix))
        self.assertIn('# Total length of all search domains is too long, remaining ones ignored.', contents)
    def test_dropin(self):
        # we don't use this interface for this test
Author	SHA1	Message	Date
Zbigniew Jędrzejewski-Szmek	f9536e6793	Merge pull request #16687 from DaanDeMeyer/bootloader-machine-id Allow bootctl and kernel-install to be called without /etc/machine-id present	2020-08-18 15:05:26 +02:00
Franck Bui	21fd6bc263	log: don't explicitly re-open log for failed assertions This was needed before commit `16e4fd87c5` added a mode that opens the log fds for every single log message. This mode is used in execute.c since then making the explicit call to log_open unnecessary. This basically reverts `ea89a119cd`.	2020-08-18 10:31:25 +02:00
Dimitri John Ledkov	1c7466aa2e	resolve: lift limits on search domains count or length glibc 2.26 lifted restrictions on search domains count or length to unlimited. This has also been backported to 2.17 in some distributions (RHEL 7 and derivatives). Other softwares may have their own limits for search domains, but we should not restrict what is written out any more. https://sourceware.org/legacy-ml/libc-announce/2017/msg00001.html	2020-08-18 10:06:25 +02:00
Zbigniew Jędrzejewski-Szmek	170a8c365b	Merge pull request #16761 from keszybz/missing-syscall-cleanup Missing syscall cleanup	2020-08-18 10:01:19 +02:00
Zbigniew Jędrzejewski-Szmek	faeae444ea	missing_syscall: do not use function name that may conflict with glibc This was done for all replacements back in `5187dd2c40`, but some newer stuff didn't do this.	2020-08-17 19:56:55 +02:00
Zbigniew Jędrzejewski-Szmek	23654cee13	missing_syscall: fix pidfd_{send_signal,open} numbers for alpha Also order the syscalls by syscall number for easier comparisons with the kernel headers. Fixup for `5f152f43d0`.	2020-08-17 19:56:55 +02:00
Zbigniew Jędrzejewski-Szmek	0e68241138	missing_syscall: add forgotten check for __NR_get_mempolicy nonnegativity We do it in other cases, we should here too. Fixup for `b070c7c0e1`.	2020-08-17 19:56:25 +02:00
Daan De Meyer	6f77906ad3	kernel-install: Add fallback to "Linux" if no machine-id is found This allows kernel-install to be used by image builders such as mkosi which don't have a machine-id available when they call kernel-install.	2020-08-10 19:56:32 +01:00
Daan De Meyer	31e57550b5	bootctl: Remove dependency on machine-id. The machine-id is used to create a few directories and setup a default loader entry in loader.conf. Having bootctl create the directories itself is not particularly useful as it does not put anything in them and bootctl install is not guaranteed to be called before an initramfs tool like kernel-install so other programs will always need to have logic to create the directories themselves if they happen to be called before bootctl install is called. On top of this, when using unified kernel images, these are installed to $BOOT/EFI/Linux which removes the need to have the directories created by bootctl at all. This further indicates that these directories should be created by the program that puts something in them rather than by bootctl. Removing the machine-id dependency allows bootctl install to be called even when there's no machine-id in the image. This is useful for image builders such as mkosi which don't have a machine-id when installing systemd-boot (via bootctl) because it should only be generated by systemd when the final image is booted. The default entry in loader.conf based on the machine-id in loader.conf is also removed which shouldn't be a massive loss in usability overall. This commit reverts commit `341890d`.	2020-08-10 19:55:57 +01:00