io.systemd.Unit.List fix context/runtime split (#38172)

This PR rearranges fields in io.systemd.Unit.List according to
@poettering guidance:

> if a property can be set in a unit file, ever, then it belongs in
context. Otherwise, it belongs to runtime.

https://github.com/systemd/systemd/issues/38124

.github/workflows/coverage.yml

@@ -50,9 +50,6 @@ jobs:
 
       - name: Configure
         run: |
-          # XXX: drop after the HyperV bug that breaks secure boot KVM guests is solved
-          sed -i "s/'firmware'\s*:\s*'auto'/'firmware' : 'uefi'/g" test/*/meson.build
-
           tee mkosi/mkosi.local.conf <<EOF
           [Distribution]
           Distribution=arch

src/basic/pidref.c

@@ -133,7 +133,9 @@ int pidref_set_pid_and_pidfd_id(
                 return r;
 
         if (pidfd_id > 0) {
-                pidref_acquire_pidfd_id(&n);
+                r = pidref_acquire_pidfd_id(&n);
+                if (r < 0 && !ERRNO_IS_NEG_NOT_SUPPORTED(r))
+                        return r;
 
                 if (n.fd_id != pidfd_id)
                         return -ESRCH;

src/core/unit.c

@@ -4857,7 +4857,7 @@ static int operation_to_signal(
 
         case KILL_TERMINATE:
         case KILL_TERMINATE_AND_LOG:
-                *ret_noteworthy = false;
+                *ret_noteworthy = k == KILL_TERMINATE_AND_LOG;
                 return c->kill_signal;
 
         case KILL_RESTART:

src/core/varlink-cgroup.c

@@ -258,18 +258,26 @@ static int controllers_build_json(sd_json_variant **ret, const char *name, void
 }
 
 int unit_cgroup_context_build_json(sd_json_variant **ret, const char *name, void *userdata) {
+        Unit *u = ASSERT_PTR(userdata);
+
         assert(ret);
         assert(name);
 
-        CGroupContext *c = userdata;
+        CGroupContext *c = unit_get_cgroup_context(u);
         if (!c) {
                 *ret = NULL;
                 return 0;
         }
 
+        /* The main principle behind context/runtime split is the following:
+         * If it make sense to place a property into a config/unit file it belongs to Context.
+         * Otherwise it's a 'Runtime'. */
+
         return sd_json_buildo(
                         ret,
 
+                        JSON_BUILD_PAIR_STRING_NON_EMPTY("Slice", unit_slice_name(u)),
+
                         /* CPU Control */
                         JSON_BUILD_PAIR_UNSIGNED_NOT_EQUAL("CPUWeight", c->cpu_weight, CGROUP_WEIGHT_INVALID),
                         JSON_BUILD_PAIR_UNSIGNED_NOT_EQUAL("StartupCPUWeight", c->startup_cpu_weight, CGROUP_WEIGHT_INVALID),
@@ -579,7 +587,6 @@ int unit_cgroup_runtime_build_json(sd_json_variant **ret, const char *name, void
                         /* ID */
                         JSON_BUILD_PAIR_UNSIGNED_NON_ZERO("ID", crt->cgroup_id),
                         JSON_BUILD_PAIR_STRING_NON_EMPTY("Path", crt->cgroup_path ? empty_to_root(crt->cgroup_path) : NULL),
-                        JSON_BUILD_PAIR_STRING_NON_EMPTY("Slice", unit_slice_name(u)),
 
                         /* Memory */
                         JSON_BUILD_PAIR_CALLBACK_NON_NULL("MemoryCurrent", memory_accounting_metric_build_json, u),

src/core/varlink-unit.c

@@ -104,6 +104,10 @@ static int unit_conditions_build_json(sd_json_variant **ret, const char *name, v
 static int unit_context_build_json(sd_json_variant **ret, const char *name, void *userdata) {
         Unit *u = ASSERT_PTR(userdata);
 
+        /* The main principle behind context/runtime split is the following:
+         * If it make sense to place a property into a config/unit file it belongs to Context.
+         * Otherwise it's a 'Runtime'. */
+
         return sd_json_buildo(
                         ASSERT_PTR(ret),
                         SD_JSON_BUILD_PAIR_STRING("Type", unit_type_to_string(u->type)),
@@ -178,9 +182,10 @@ static int unit_context_build_json(sd_json_variant **ret, const char *name, void
                         JSON_BUILD_PAIR_STRING_NON_EMPTY("UnitFilePreset", preset_action_past_tense_to_string(unit_get_unit_file_preset(u))),
                         SD_JSON_BUILD_PAIR_BOOLEAN("Transient", u->transient),
                         SD_JSON_BUILD_PAIR_BOOLEAN("Perpetual", u->perpetual),
+                        SD_JSON_BUILD_PAIR_BOOLEAN("DebugInvocation", u->debug_invocation),
 
                         /* CGroup */
-                        JSON_BUILD_PAIR_CALLBACK_NON_NULL("CGroup", unit_cgroup_context_build_json, unit_get_cgroup_context(u)));
+                        JSON_BUILD_PAIR_CALLBACK_NON_NULL("CGroup", unit_cgroup_context_build_json, u));
 
         // TODO follow up PRs:
         // JSON_BUILD_PAIR_CALLBACK_NON_NULL("Exec", exec_context_build_json, u)
@@ -300,7 +305,6 @@ static int unit_runtime_build_json(sd_json_variant **ret, const char *name, void
                         SD_JSON_BUILD_PAIR_CONDITION(!sd_id128_is_null(u->invocation_id), "InvocationID", SD_JSON_BUILD_UUID(u->invocation_id)),
                         JSON_BUILD_PAIR_CALLBACK_NON_NULL("Markers", markers_build_json, &u->markers),
                         JSON_BUILD_PAIR_CALLBACK_NON_NULL("ActivationDetails", activation_details_build_json, u->activation_details),
-                        SD_JSON_BUILD_PAIR_BOOLEAN("DebugInvocation", u->debug_invocation),
                         JSON_BUILD_PAIR_CALLBACK_NON_NULL("CGroup", unit_cgroup_runtime_build_json, u));
 }
 

src/shared/varlink-io.systemd.Unit.c

@@ -87,6 +87,9 @@ static SD_VARLINK_DEFINE_STRUCT_TYPE(
 static SD_VARLINK_DEFINE_STRUCT_TYPE(
                 CGroupContext,
 
+                SD_VARLINK_FIELD_COMMENT("Slice of the CGroup"),
+                SD_VARLINK_DEFINE_FIELD(Slice, SD_VARLINK_STRING, SD_VARLINK_NULLABLE),
+
                 /* CPU Control
                  * https://www.freedesktop.org/software/systemd/man/latest/systemd.resource-control.html#CPU%20Control */
                 SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/latest/systemd.resource-control.html#CPUWeight=weight"),
@@ -383,6 +386,8 @@ static SD_VARLINK_DEFINE_STRUCT_TYPE(
                 SD_VARLINK_DEFINE_FIELD(Transient, SD_VARLINK_BOOL, 0),
                 SD_VARLINK_FIELD_COMMENT("Whether this unit is perpetual"),
                 SD_VARLINK_DEFINE_FIELD(Perpetual, SD_VARLINK_BOOL, 0),
+                SD_VARLINK_FIELD_COMMENT("When true, logs about this unit will be at debug level regardless of other log level settings"),
+                SD_VARLINK_DEFINE_FIELD(DebugInvocation, SD_VARLINK_BOOL, 0),
                 SD_VARLINK_FIELD_COMMENT("The cgroup context of the unit"),
                 SD_VARLINK_DEFINE_FIELD_BY_TYPE(CGroup, CGroupContext, SD_VARLINK_NULLABLE));
 
@@ -401,8 +406,6 @@ static SD_VARLINK_DEFINE_STRUCT_TYPE(
                 SD_VARLINK_DEFINE_FIELD(ID, SD_VARLINK_INT, SD_VARLINK_NULLABLE),
                 SD_VARLINK_FIELD_COMMENT("Path of the CGroup"),
                 SD_VARLINK_DEFINE_FIELD(Path, SD_VARLINK_STRING, SD_VARLINK_NULLABLE),
-                SD_VARLINK_FIELD_COMMENT("Slice of the CGroup"),
-                SD_VARLINK_DEFINE_FIELD(Slice, SD_VARLINK_STRING, SD_VARLINK_NULLABLE),
 
                 /* Memory */
                 SD_VARLINK_FIELD_COMMENT("The current amount of memory used by the cgroup, in bytes"),
@@ -510,8 +513,6 @@ static SD_VARLINK_DEFINE_STRUCT_TYPE(
                 SD_VARLINK_DEFINE_FIELD(Markers, SD_VARLINK_STRING, SD_VARLINK_ARRAY|SD_VARLINK_NULLABLE),
                 SD_VARLINK_FIELD_COMMENT("Provides details about why a unit was activated"),
                 SD_VARLINK_DEFINE_FIELD_BY_TYPE(ActivationDetails, ActivationDetails, SD_VARLINK_ARRAY|SD_VARLINK_NULLABLE),
-                SD_VARLINK_FIELD_COMMENT("When true, logs about this unit will be at debug level regardless of other log level settings"),
-                SD_VARLINK_DEFINE_FIELD(DebugInvocation, SD_VARLINK_BOOL, 0),
                 SD_VARLINK_FIELD_COMMENT("The cgroup runtime of the unit"),
                 SD_VARLINK_DEFINE_FIELD_BY_TYPE(CGroup, CGroupRuntime, SD_VARLINK_NULLABLE));
 

test/integration-tests/integration-test-wrapper.py

@@ -556,15 +556,9 @@ def main() -> None:
     else:
         rtc = None
 
-    # mkosi will use the UEFI secure boot firmware by default on UEFI platforms. However, this breaks on
-    # Github Actions in combination with KVM because of a HyperV bug so make sure we use the non secure
-    # boot firmware on Github Actions.
-    # TODO: Drop after the HyperV bug that breaks secure boot KVM guests is solved
-    if args.firmware == 'auto' and os.getenv('GITHUB_ACTIONS'):
-        firmware = 'uefi'
     # Whenever possible, boot without an initrd. This requires the target distribution kernel to have the
     # necessary modules (virtio-blk, ext4) builtin.
-    elif args.firmware == 'linux-noinitrd' and (summary.distribution, summary.release) not in (
+    if args.firmware == 'linux-noinitrd' and (summary.distribution, summary.release) not in (
         ('fedora', 'rawhide'),
         ('arch', 'rolling'),
     ):