Merge pull request #19945 from yuwata/news

update NEWS

NEWS

@@ -165,7 +165,7 @@ CHANGES WITH 249 in spe:
         * In .network files a new OutgoingInterface= setting has been added to
           specify the output interface in bridge FDB setups.
 
-        * In ,network files the Multipath group ID may now be configured for
+        * In .network files the Multipath group ID may now be configured for
           [NextHop] entries, via the new Group= setting.
 
         * The DHCP server logic configured in .network files gained a new
@@ -452,9 +452,6 @@ CHANGES WITH 249 in spe:
           time, birth time, change time, modification time) to look at when
           deciding whether a path has aged enough to be cleaned.
 
-        * Journal files, which are allocated in fixed incremenets, are now
-          truncated when rotated/archived to remove unused space from their tails.
-
         * A new IPv6StableSecretAddress= setting has been added to .network
           files, which takes an IPv6 address to use as secret for IPv6 address
           generation.

TODO

@@ -26,6 +26,8 @@ Janitorial Clean-ups:
 
 Features:
 
+* in sd-id128: also parse UUIDs in RFC4122 URN syntax (i.e. chop off urn:uuid: prefix)
+
 * ability to insert trusted configuration and secrets into the boot parameters
   of a kernel booting in a VM or on baremetal some way, via TPM
   protection. idea:
@@ -1029,8 +1031,6 @@ Features:
     here:
     http://blog.vmsplice.net/2020/07/rethinking-event-loop-integration-for.html
 
-* investigate endianness issues of UUID vs. GUID
-
 * dbus: when a unit failed to load (i.e. is in UNIT_ERROR state), we
   should be able to safely try another attempt when the bus call LoadUnit() is invoked.
 

man/machine-id.xml

@@ -147,15 +147,13 @@
   <refsect1>
     <title>Relation to OSF UUIDs</title>
 
-    <para>Note that the machine ID historically is not an OSF UUID as
-    defined by <ulink url="https://tools.ietf.org/html/rfc4122">RFC
-    4122</ulink>, nor a Microsoft GUID; however, starting with systemd
-    v30, newly generated machine IDs do qualify as v4 UUIDs.</para>
+    <para>Note that the machine ID historically is not an OSF UUID as defined by <ulink
+    url="https://tools.ietf.org/html/rfc4122">RFC 4122</ulink>, nor a Microsoft GUID; however, starting with
+    systemd v30, newly generated machine IDs do qualify as Variant 1 Version 4 UUIDs, as per RFC 4122.</para>
 
-    <para>In order to maintain compatibility with existing
-    installations, an application requiring a UUID should decode the
-    machine ID, and then apply the following operations to turn it
-    into a valid OSF v4 UUID. With <literal>id</literal> being an
+    <para>In order to maintain compatibility with existing installations, an application requiring a strictly
+    RFC 4122 compliant UUID should decode the machine ID, and then (non-reversibly) apply the following
+    operations to turn it into a valid RFC 4122 Variant 1 Version 4 UUID. With <literal>id</literal> being an
     unsigned character array:</para>
 
     <programlisting>/* Set UUID version to 4 --- truly random generation */

man/sd-id128.xml

@@ -50,13 +50,11 @@
   <refsect1>
     <title>Description</title>
 
-    <para><filename>sd-id128.h</filename> provides APIs to process and
-    generate 128-bit ID values. The 128-bit ID values processed and
-    generated by these APIs are a generalization of OSF UUIDs as
-    defined by <ulink url="https://tools.ietf.org/html/rfc4122">RFC
-    4122</ulink> but use a simpler string format. These functions
-    impose no structure on the used IDs, much unlike OSF UUIDs or
-    Microsoft GUIDs, but are fully compatible with those types of IDs.
+    <para><filename>sd-id128.h</filename> provides APIs to process and generate 128-bit ID values. The
+    128-bit ID values processed and generated by these APIs are a generalization of OSF UUIDs as defined by
+    <ulink url="https://tools.ietf.org/html/rfc4122">RFC 4122</ulink> but use a simpler string format. These
+    functions impose no structure on the used IDs, much unlike OSF UUIDs or Microsoft GUIDs, but are mostly
+    compatible with those types of IDs.
     </para>
 
     <para>See
@@ -101,8 +99,7 @@
 
 int main(int argc, char **argv) {
   puts("Match for coredumps: MESSAGE_ID=" SD_MESSAGE_COREDUMP_STR);
-}
-    </programlisting>
+}</programlisting>
 
     <para><function>SD_ID128_CONST_STR()</function> may be used to
     convert constant 128-bit IDs into constant strings for output. The
@@ -125,9 +122,13 @@ int main(int argc, char **argv) {
 }</programlisting>
 
     <para><constant>SD_ID128_UUID_FORMAT_STR</constant> is similar to
-    <constant>SD_ID128_FORMAT_STR</constant> but includes separating hyphens to conform to the
-    "<ulink url="https://en.wikipedia.org/wiki/Universally_unique_identifier#Format">canonical representation</ulink>".
-    </para>
+    <constant>SD_ID128_FORMAT_STR</constant> but includes separating hyphens to conform to the "<ulink
+    url="https://en.wikipedia.org/wiki/Universally_unique_identifier#Format">canonical
+    representation</ulink>". This formats the string based on <ulink
+    url="https://tools.ietf.org/html/rfc4122">RFC4122</ulink> Variant 1 rules, i.e. converting from Big
+    Endian byte order. This matches behaviour of most other Linux userspace infrastructure. It's probably
+    best to avoid UUIDs of other variants, in order to avoid unnecessary ambiguities. All 128-bit IDs
+    generated by the sd-id128 APIs strictly conform to Variant 1 Version 4 UUIDs, as per RFC 4122.</para>
 
     <para>Use <function>sd_id128_equal()</function> to compare two 128-bit IDs:</para>
 

man/sd_id128_get_machine.xml

@@ -101,10 +101,10 @@
 
     <para>Note that <function>sd_id128_get_machine_app_specific()</function>,
     <function>sd_id128_get_boot()</function>, <function>sd_id128_get_boot_app_specific()</function>, and
-    <function>sd_id128_get_invocation()</function> always return UUID v4 compatible IDs.
-    <function>sd_id128_get_machine()</function> will also return a UUID v4-compatible ID on new installations
-    but might not on older. It is possible to convert the machine ID into a UUID v4-compatible one. For more
-    information, see
+    <function>sd_id128_get_invocation()</function> always return UUID Variant 1 Version 4 compatible IDs.
+    <function>sd_id128_get_machine()</function> will also return a UUID Variant 1 Version 4 compatible ID on
+    new installations but might not on older. It is possible to convert the machine ID non-reversibly into a
+    UUID Variant 1 Version 4 compatible one. For more information, see
     <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry>. It is
     hence guaranteed that these functions will never return the ID consisting of all zero or all one bits
     (<constant>SD_ID128_NULL</constant>, <constant>SD_ID128_ALLF</constant>) — with the possible exception of

man/sd_id128_randomize.xml

@@ -42,9 +42,9 @@
     <filename>/dev/urandom</filename> kernel random number
     generator.</para>
 
-    <para>Note that <function>sd_id128_randomize()</function> always returns a UUID v4-compatible ID. It is
-    hence guaranteed that this function will never return the ID consisting of all zero or all one bits
-    (<constant>SD_ID128_NULL</constant>, <constant>SD_ID128_ALLF</constant>).</para>
+    <para>Note that <function>sd_id128_randomize()</function> always returns a UUID Variant 1 Version 4
+    compatible ID. It is hence guaranteed that this function will never return the ID consisting of all zero
+    or all one bits (<constant>SD_ID128_NULL</constant>, <constant>SD_ID128_ALLF</constant>).</para>
 
     <para>For more information about the <literal>sd_id128_t</literal>
     type, see

man/sd_id128_to_string.xml

@@ -54,6 +54,11 @@
     <constant>NULL</constant> the function will validate the passed ID string, but not actually return it in parsed
     form.</para>
 
+    <para>Note that when parsing 37 character UUIDs this is done strictly in Big Endian byte order,
+    i.e. according to <ulink url="https://tools.ietf.org/html/rfc4122">RFC4122</ulink> Variant 1
+    rules, even if the UUID encodes a different variant. This matches behaviour in various other Linux
+    userspace tools. It's probably wise to avoid UUIDs of other variant types.</para>
+
     <para>For more information about the <literal>sd_id128_t</literal>
     type see
     <citerefentry><refentrytitle>sd-id128</refentrytitle><manvolnum>3</manvolnum></citerefentry>.

meson.build

@@ -660,6 +660,7 @@ foreach header : ['crypt.h',
                   'valgrind/memcheck.h',
                   'valgrind/valgrind.h',
                   'linux/time_types.h',
+                  'sys/sdt.h',
                  ]
 
         conf.set10('HAVE_' + header.underscorify().to_upper(),

src/basic/meson.build

@@ -356,11 +356,13 @@ arch_list = [
         'mipso32',
         'powerpc',
         'powerpc64',
+        'riscv32',
         'riscv64',
         's390',
         's390x',
         'sparc',
-        'x86_64']
+        'x86_64'
+]
 
 run_target(
         'update-syscall-tables',

src/basic/missing_syscall_def.h

@@ -22,7 +22,12 @@
 #      error "Unknown MIPS ABI"
 #    endif
 #  elif defined(__powerpc__)
-#  elif defined(__riscv) && defined(__LP64__)
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#    elif __riscv_xlen == 64
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #  elif defined(__sparc__)
 #  elif defined(__x86_64__)
@@ -61,8 +66,14 @@
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_bpf 361
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_bpf 280
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_bpf 280
+#    elif __riscv_xlen == 64
+#      define systemd_NR_bpf 280
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_bpf 351
 #  elif defined(__sparc__)
@@ -119,8 +130,14 @@ assert_cc(__NR_bpf == systemd_NR_bpf);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_close_range 436
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_close_range 436
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_close_range 436
+#    elif __riscv_xlen == 64
+#      define systemd_NR_close_range 436
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_close_range 436
 #  elif defined(__sparc__)
@@ -177,8 +194,14 @@ assert_cc(__NR_close_range == systemd_NR_close_range);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_copy_file_range 379
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_copy_file_range 285
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_copy_file_range 285
+#    elif __riscv_xlen == 64
+#      define systemd_NR_copy_file_range 285
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_copy_file_range 375
 #  elif defined(__sparc__)
@@ -235,8 +258,14 @@ assert_cc(__NR_copy_file_range == systemd_NR_copy_file_range);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_epoll_pwait2 441
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_epoll_pwait2 441
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_epoll_pwait2 441
+#    elif __riscv_xlen == 64
+#      define systemd_NR_epoll_pwait2 441
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_epoll_pwait2 441
 #  elif defined(__sparc__)
@@ -293,8 +322,14 @@ assert_cc(__NR_epoll_pwait2 == systemd_NR_epoll_pwait2);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_getrandom 359
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_getrandom 278
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_getrandom 278
+#    elif __riscv_xlen == 64
+#      define systemd_NR_getrandom 278
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_getrandom 349
 #  elif defined(__sparc__)
@@ -351,8 +386,14 @@ assert_cc(__NR_getrandom == systemd_NR_getrandom);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_memfd_create 360
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_memfd_create 279
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_memfd_create 279
+#    elif __riscv_xlen == 64
+#      define systemd_NR_memfd_create 279
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_memfd_create 350
 #  elif defined(__sparc__)
@@ -409,8 +450,14 @@ assert_cc(__NR_memfd_create == systemd_NR_memfd_create);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_mount_setattr 442
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_mount_setattr 442
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_mount_setattr 442
+#    elif __riscv_xlen == 64
+#      define systemd_NR_mount_setattr 442
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_mount_setattr 442
 #  elif defined(__sparc__)
@@ -467,8 +514,14 @@ assert_cc(__NR_mount_setattr == systemd_NR_mount_setattr);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_move_mount 429
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_move_mount 429
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_move_mount 429
+#    elif __riscv_xlen == 64
+#      define systemd_NR_move_mount 429
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_move_mount 429
 #  elif defined(__sparc__)
@@ -525,8 +578,14 @@ assert_cc(__NR_move_mount == systemd_NR_move_mount);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_name_to_handle_at 345
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_name_to_handle_at 264
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_name_to_handle_at 264
+#    elif __riscv_xlen == 64
+#      define systemd_NR_name_to_handle_at 264
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_name_to_handle_at 335
 #  elif defined(__sparc__)
@@ -583,8 +642,14 @@ assert_cc(__NR_name_to_handle_at == systemd_NR_name_to_handle_at);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_open_tree 428
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_open_tree 428
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_open_tree 428
+#    elif __riscv_xlen == 64
+#      define systemd_NR_open_tree 428
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_open_tree 428
 #  elif defined(__sparc__)
@@ -641,8 +706,14 @@ assert_cc(__NR_open_tree == systemd_NR_open_tree);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_pidfd_open 434
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_pidfd_open 434
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_pidfd_open 434
+#    elif __riscv_xlen == 64
+#      define systemd_NR_pidfd_open 434
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_pidfd_open 434
 #  elif defined(__sparc__)
@@ -699,8 +770,14 @@ assert_cc(__NR_pidfd_open == systemd_NR_pidfd_open);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_pidfd_send_signal 424
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_pidfd_send_signal 424
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_pidfd_send_signal 424
+#    elif __riscv_xlen == 64
+#      define systemd_NR_pidfd_send_signal 424
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_pidfd_send_signal 424
 #  elif defined(__sparc__)
@@ -757,8 +834,14 @@ assert_cc(__NR_pidfd_send_signal == systemd_NR_pidfd_send_signal);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_pkey_mprotect 386
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_pkey_mprotect 288
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_pkey_mprotect 288
+#    elif __riscv_xlen == 64
+#      define systemd_NR_pkey_mprotect 288
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_pkey_mprotect 384
 #  elif defined(__sparc__)
@@ -815,8 +898,14 @@ assert_cc(__NR_pkey_mprotect == systemd_NR_pkey_mprotect);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_renameat2 357
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_renameat2 276
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_renameat2 276
+#    elif __riscv_xlen == 64
+#      define systemd_NR_renameat2 276
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_renameat2 347
 #  elif defined(__sparc__)
@@ -873,8 +962,14 @@ assert_cc(__NR_renameat2 == systemd_NR_renameat2);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_setns 350
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_setns 268
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_setns 268
+#    elif __riscv_xlen == 64
+#      define systemd_NR_setns 268
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_setns 339
 #  elif defined(__sparc__)
@@ -931,8 +1026,14 @@ assert_cc(__NR_setns == systemd_NR_setns);
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_statx 383
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_statx 291
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_statx 291
+#    elif __riscv_xlen == 64
+#      define systemd_NR_statx 291
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_statx 379
 #  elif defined(__sparc__)

src/basic/missing_syscalls.py

@@ -73,8 +73,14 @@ DEF_TEMPLATE_B = '''\
 #    endif
 #  elif defined(__powerpc__)
 #    define systemd_NR_{syscall} {nr_powerpc}
-#  elif defined(__riscv) && defined(__LP64__)
-#    define systemd_NR_{syscall} {nr_riscv64}
+#  elif defined(__riscv)
+#    if __riscv_xlen == 32
+#      define systemd_NR_{syscall} {nr_riscv32}
+#    elif __riscv_xlen == 64
+#      define systemd_NR_{syscall} {nr_riscv64}
+#    else
+#      error "Unknown RISC-V ABI"
+#    endif
 #  elif defined(__s390__)
 #    define systemd_NR_{syscall} {nr_s390}
 #  elif defined(__sparc__)

src/basic/syscall-list.txt

@@ -182,6 +182,9 @@ kexec_file_load
 kexec_load
 keyctl
 kill
+landlock_add_rule
+landlock_create_ruleset
+landlock_restrict_self
 lchown
 lchown32
 lgetxattr

src/basic/syscalls-alpha.txt

@@ -182,6 +182,9 @@ kexec_file_load
 kexec_load	448
 keyctl	441
 kill	37
+landlock_add_rule	555
+landlock_create_ruleset	554
+landlock_restrict_self	556
 lchown	208
 lchown32
 lgetxattr	386
@@ -401,7 +404,7 @@ pwritev	491
 pwritev2	521
 query_module	347
 quotactl	148
-quotactl_path	553
+quotactl_path
 read	3
 readahead	379
 readdir

src/basic/syscalls-arc.txt

@@ -182,6 +182,9 @@ kexec_file_load	294
 kexec_load	104
 keyctl	219
 kill	129
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown
 lchown32
 lgetxattr	9
@@ -401,7 +404,7 @@ pwritev	70
 pwritev2	287
 query_module
 quotactl	60
-quotactl_path	443
+quotactl_path
 read	63
 readahead	213
 readdir

src/basic/syscalls-arm.txt

@@ -182,6 +182,9 @@ kexec_file_load	401
 kexec_load	347
 keyctl	311
 kill	37
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown	16
 lchown32	198
 lgetxattr	230
@@ -401,7 +404,7 @@ pwritev	362
 pwritev2	393
 query_module
 quotactl	131
-quotactl_path	443
+quotactl_path
 read	3
 readahead	225
 readdir

src/basic/syscalls-arm64.txt

@@ -182,6 +182,9 @@ kexec_file_load	294
 kexec_load	104
 keyctl	219
 kill	129
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown
 lchown32
 lgetxattr	9
@@ -401,7 +404,7 @@ pwritev	70
 pwritev2	287
 query_module
 quotactl	60
-quotactl_path	443
+quotactl_path
 read	63
 readahead	213
 readdir

src/basic/syscalls-i386.txt

@@ -182,6 +182,9 @@ kexec_file_load
 kexec_load	283
 keyctl	288
 kill	37
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown	16
 lchown32	198
 lgetxattr	230
@@ -401,7 +404,7 @@ pwritev	334
 pwritev2	379
 query_module	167
 quotactl	131
-quotactl_path	443
+quotactl_path
 read	3
 readahead	225
 readdir	89

src/basic/syscalls-ia64.txt

@@ -182,6 +182,9 @@ kexec_file_load
 kexec_load	1268
 keyctl	1273
 kill	1053
+landlock_add_rule	1469
+landlock_create_ruleset	1468
+landlock_restrict_self	1470
 lchown	1124
 lchown32
 lgetxattr	1221
@@ -401,7 +404,7 @@ pwritev	1320
 pwritev2	1349
 query_module
 quotactl	1137
-quotactl_path	1467
+quotactl_path
 read	1026
 readahead	1216
 readdir

src/basic/syscalls-m68k.txt

@@ -182,6 +182,9 @@ kexec_file_load
 kexec_load	313
 keyctl	281
 kill	37
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown	182
 lchown32	212
 lgetxattr	227
@@ -401,7 +404,7 @@ pwritev	330
 pwritev2	378
 query_module	167
 quotactl	131
-quotactl_path	443
+quotactl_path
 read	3
 readahead	240
 readdir	89

src/basic/syscalls-mips64.txt

@@ -182,6 +182,9 @@ kexec_file_load
 kexec_load	5270
 keyctl	5241
 kill	5060
+landlock_add_rule	5445
+landlock_create_ruleset	5444
+landlock_restrict_self	5446
 lchown	5092
 lchown32
 lgetxattr	5184
@@ -401,7 +404,7 @@ pwritev	5290
 pwritev2	5322
 query_module	5171
 quotactl	5172
-quotactl_path	5443
+quotactl_path
 read	5000
 readahead	5179
 readdir

src/basic/syscalls-mips64n32.txt

@@ -182,6 +182,9 @@ kexec_file_load
 kexec_load	6274
 keyctl	6245
 kill	6060
+landlock_add_rule	6445
+landlock_create_ruleset	6444
+landlock_restrict_self	6446
 lchown	6092
 lchown32
 lgetxattr	6184
@@ -401,7 +404,7 @@ pwritev	6294
 pwritev2	6326
 query_module	6171
 quotactl	6172
-quotactl_path	6443
+quotactl_path
 read	6000
 readahead	6179
 readdir

src/basic/syscalls-mipso32.txt

@@ -182,6 +182,9 @@ kexec_file_load
 kexec_load	4311
 keyctl	4282
 kill	4037
+landlock_add_rule	4445
+landlock_create_ruleset	4444
+landlock_restrict_self	4446
 lchown	4016
 lchown32
 lgetxattr	4228
@@ -401,7 +404,7 @@ pwritev	4331
 pwritev2	4362
 query_module	4187
 quotactl	4131
-quotactl_path	4443
+quotactl_path
 read	4003
 readahead	4223
 readdir	4089

src/basic/syscalls-powerpc.txt

@@ -182,6 +182,9 @@ kexec_file_load	382
 kexec_load	268
 keyctl	271
 kill	37
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown	16
 lchown32
 lgetxattr	213
@@ -401,7 +404,7 @@ pwritev	321
 pwritev2	381
 query_module	166
 quotactl	131
-quotactl_path	443
+quotactl_path
 read	3
 readahead	191
 readdir	89

src/basic/syscalls-powerpc64.txt

@@ -182,6 +182,9 @@ kexec_file_load	382
 kexec_load	268
 keyctl	271
 kill	37
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown	16
 lchown32
 lgetxattr	213
@@ -401,7 +404,7 @@ pwritev	321
 pwritev2	381
 query_module	166
 quotactl	131
-quotactl_path	443
+quotactl_path
 read	3
 readahead	191
 readdir	89

src/basic/syscalls-riscv32.txt

@@ -0,0 +1,598 @@
+_llseek
+_newselect
+_sysctl
+accept	202
+accept4	242
+access
+acct	89
+add_key	217
+adjtimex
+alarm
+arc_gettls
+arc_settls
+arc_usr_cmpxchg
+arch_prctl
+arm_fadvise64_64
+atomic_barrier
+atomic_cmpxchg_32
+bdflush
+bind	200
+bpf	280
+brk	214
+cachectl
+cacheflush
+capget	90
+capset	91
+chdir	49
+chmod
+chown
+chown32
+chroot	51
+clock_adjtime
+clock_adjtime64	405
+clock_getres
+clock_getres_time64	406
+clock_gettime
+clock_gettime64	403
+clock_nanosleep
+clock_nanosleep_time64	407
+clock_settime
+clock_settime64	404
+clone	220
+clone2
+clone3
+close	57
+close_range	436
+connect	203
+copy_file_range	285
+creat
+create_module
+delete_module	106
+dipc
+dup	23
+dup2
+dup3	24
+epoll_create
+epoll_create1	20
+epoll_ctl	21
+epoll_ctl_old
+epoll_pwait	22
+epoll_pwait2	441
+epoll_wait
+epoll_wait_old
+eventfd
+eventfd2	19
+exec_with_loader
+execv
+execve	221
+execveat	281
+exit	93
+exit_group	94
+faccessat	48
+faccessat2	439
+fadvise64
+fadvise64_64	223
+fallocate	47
+fanotify_init	262
+fanotify_mark	263
+fchdir	50
+fchmod	52
+fchmodat	53
+fchown	55
+fchown32
+fchownat	54
+fcntl
+fcntl64	25
+fdatasync	83
+fgetxattr	10
+finit_module	273
+flistxattr	13
+flock	32
+fork
+fp_udfiex_crtl
+fremovexattr	16
+fsconfig	431
+fsetxattr	7
+fsmount	432
+fsopen	430
+fspick	433
+fstat
+fstat64
+fstatat64
+fstatfs
+fstatfs64	44
+fsync	82
+ftruncate
+ftruncate64	46
+futex
+futex_time64	422
+futimesat
+get_kernel_syms
+get_mempolicy	236
+get_robust_list	100
+get_thread_area
+getcpu	168
+getcwd	17
+getdents
+getdents64	61
+getdomainname
+getdtablesize
+getegid	177
+getegid32
+geteuid	175
+geteuid32
+getgid	176
+getgid32
+getgroups	158
+getgroups32
+gethostname
+getitimer	102
+getpagesize
+getpeername	205
+getpgid	155
+getpgrp
+getpid	172
+getpmsg
+getppid	173
+getpriority	141
+getrandom	278
+getresgid	150
+getresgid32
+getresuid	148
+getresuid32
+getrlimit
+getrusage	165
+getsid	156
+getsockname	204
+getsockopt	209
+gettid	178
+gettimeofday
+getuid	174
+getuid32
+getunwind
+getxattr	8
+getxgid
+getxpid
+getxuid
+idle
+init_module	105
+inotify_add_watch	27
+inotify_init
+inotify_init1	26
+inotify_rm_watch	28
+io_cancel	3
+io_destroy	1
+io_getevents
+io_pgetevents
+io_pgetevents_time64	416
+io_setup	0
+io_submit	2
+io_uring_enter	426
+io_uring_register	427
+io_uring_setup	425
+ioctl	29
+ioperm
+iopl
+ioprio_get	31
+ioprio_set	30
+ipc
+kcmp	272
+kern_features
+kexec_file_load	294
+kexec_load	104
+keyctl	219
+kill	129
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
+lchown
+lchown32
+lgetxattr	9
+link
+linkat	37
+listen	201
+listxattr	11
+llistxattr	12
+lookup_dcookie	18
+lremovexattr	15
+lseek
+lsetxattr	6
+lstat
+lstat64
+madvise	233
+mbind	235
+membarrier	283
+memfd_create	279
+memory_ordering
+migrate_pages	238
+mincore	232
+mkdir
+mkdirat	34
+mknod
+mknodat	33
+mlock	228
+mlock2	284
+mlockall	230
+mmap
+mmap2	222
+modify_ldt
+mount	40
+mount_setattr	442
+move_mount	429
+move_pages	239
+mprotect	226
+mq_getsetattr	185
+mq_notify	184
+mq_open	180
+mq_timedreceive
+mq_timedreceive_time64	419
+mq_timedsend
+mq_timedsend_time64	418
+mq_unlink	181
+mremap	216
+msgctl	187
+msgget	186
+msgrcv	188
+msgsnd	189
+msync	227
+multiplexer
+munlock	229
+munlockall	231
+munmap	215
+name_to_handle_at	264
+nanosleep
+newfstatat
+nfsservctl	42
+nice
+old_adjtimex
+old_getpagesize
+oldfstat
+oldlstat
+oldolduname
+oldstat
+oldumount
+olduname
+open
+open_by_handle_at	265
+open_tree	428
+openat	56
+openat2	437
+or1k_atomic
+osf_adjtime
+osf_afs_syscall
+osf_alt_plock
+osf_alt_setsid
+osf_alt_sigpending
+osf_asynch_daemon
+osf_audcntl
+osf_audgen
+osf_chflags
+osf_execve
+osf_exportfs
+osf_fchflags
+osf_fdatasync
+osf_fpathconf
+osf_fstat
+osf_fstatfs
+osf_fstatfs64
+osf_fuser
+osf_getaddressconf
+osf_getdirentries
+osf_getdomainname
+osf_getfh
+osf_getfsstat
+osf_gethostid
+osf_getitimer
+osf_getlogin
+osf_getmnt
+osf_getrusage
+osf_getsysinfo
+osf_gettimeofday
+osf_kloadcall
+osf_kmodcall
+osf_lstat
+osf_memcntl
+osf_mincore
+osf_mount
+osf_mremap
+osf_msfs_syscall
+osf_msleep
+osf_mvalid
+osf_mwakeup
+osf_naccept
+osf_nfssvc
+osf_ngetpeername
+osf_ngetsockname
+osf_nrecvfrom
+osf_nrecvmsg
+osf_nsendmsg
+osf_ntp_adjtime
+osf_ntp_gettime
+osf_old_creat
+osf_old_fstat
+osf_old_getpgrp
+osf_old_killpg
+osf_old_lstat
+osf_old_open
+osf_old_sigaction
+osf_old_sigblock
+osf_old_sigreturn
+osf_old_sigsetmask
+osf_old_sigvec
+osf_old_stat
+osf_old_vadvise
+osf_old_vtrace
+osf_old_wait
+osf_oldquota
+osf_pathconf
+osf_pid_block
+osf_pid_unblock
+osf_plock
+osf_priocntlset
+osf_profil
+osf_proplist_syscall
+osf_reboot
+osf_revoke
+osf_sbrk
+osf_security
+osf_select
+osf_set_program_attributes
+osf_set_speculative
+osf_sethostid
+osf_setitimer
+osf_setlogin
+osf_setsysinfo
+osf_settimeofday
+osf_shmat
+osf_signal
+osf_sigprocmask
+osf_sigsendset
+osf_sigstack
+osf_sigwaitprim
+osf_sstk
+osf_stat
+osf_statfs
+osf_statfs64
+osf_subsys_info
+osf_swapctl
+osf_swapon
+osf_syscall
+osf_sysinfo
+osf_table
+osf_uadmin
+osf_usleep_thread
+osf_uswitch
+osf_utc_adjtime
+osf_utc_gettime
+osf_utimes
+osf_utsname
+osf_wait4
+osf_waitid
+pause
+pciconfig_iobase
+pciconfig_read
+pciconfig_write
+perf_event_open	241
+perfctr
+perfmonctl
+personality	92
+pidfd_getfd	438
+pidfd_open	434
+pidfd_send_signal	424
+pipe
+pipe2	59
+pivot_root	41
+pkey_alloc	289
+pkey_free	290
+pkey_mprotect	288
+poll
+ppoll
+ppoll_time64	414
+prctl	167
+pread64	67
+preadv	69
+preadv2	286
+prlimit64	261
+process_madvise	440
+process_vm_readv	270
+process_vm_writev	271
+pselect6
+pselect6_time64	413
+ptrace	117
+pwrite64	68
+pwritev	70
+pwritev2	287
+query_module
+quotactl	60
+quotactl_path
+read	63
+readahead	213
+readdir
+readlink
+readlinkat	78
+readv	65
+reboot	142
+recv
+recvfrom	207
+recvmmsg
+recvmmsg_time64	417
+recvmsg	212
+remap_file_pages	234
+removexattr	14
+rename
+renameat
+renameat2	276
+request_key	218
+restart_syscall	128
+riscv_flush_icache	259
+rmdir
+rseq	293
+rt_sigaction	134
+rt_sigpending	136
+rt_sigprocmask	135
+rt_sigqueueinfo	138
+rt_sigreturn	139
+rt_sigsuspend	133
+rt_sigtimedwait
+rt_sigtimedwait_time64	421
+rt_tgsigqueueinfo	240
+rtas
+s390_guarded_storage
+s390_pci_mmio_read
+s390_pci_mmio_write
+s390_runtime_instr
+s390_sthyi
+sched_get_affinity
+sched_get_priority_max	125
+sched_get_priority_min	126
+sched_getaffinity	123
+sched_getattr	275
+sched_getparam	121
+sched_getscheduler	120
+sched_rr_get_interval
+sched_rr_get_interval_time64	423
+sched_set_affinity
+sched_setaffinity	122
+sched_setattr	274
+sched_setparam	118
+sched_setscheduler	119
+sched_yield	124
+seccomp	277
+select
+semctl	191
+semget	190
+semop	193
+semtimedop
+semtimedop_time64	420
+send
+sendfile
+sendfile64	71
+sendmmsg	269
+sendmsg	211
+sendto	206
+set_mempolicy	237
+set_robust_list	99
+set_thread_area
+set_tid_address	96
+setdomainname	162
+setfsgid	152
+setfsgid32
+setfsuid	151
+setfsuid32
+setgid	144
+setgid32
+setgroups	159
+setgroups32
+sethae
+sethostname	161
+setitimer	103
+setns	268
+setpgid	154
+setpgrp
+setpriority	140
+setregid	143
+setregid32
+setresgid	149
+setresgid32
+setresuid	147
+setresuid32
+setreuid	145
+setreuid32
+setrlimit
+setsid	157
+setsockopt	208
+settimeofday
+setuid	146
+setuid32
+setxattr	5
+sgetmask
+shmat	196
+shmctl	195
+shmdt	197
+shmget	194
+shutdown	210
+sigaction
+sigaltstack	132
+signal
+signalfd
+signalfd4	74
+sigpending
+sigprocmask
+sigreturn
+sigsuspend
+socket	198
+socketcall
+socketpair	199
+splice	76
+spu_create
+spu_run
+ssetmask
+stat
+stat64
+statfs
+statfs64	43
+statx	291
+stime
+subpage_prot
+swapcontext
+swapoff	225
+swapon	224
+switch_endian
+symlink
+symlinkat	36
+sync	81
+sync_file_range	84
+sync_file_range2
+syncfs	267
+sys_debug_setcontext
+syscall
+sysfs
+sysinfo	179
+syslog	116
+sysmips
+tee	77
+tgkill	131
+time
+timer_create	107
+timer_delete	111
+timer_getoverrun	109
+timer_gettime
+timer_gettime64	408
+timer_settime
+timer_settime64	409
+timerfd
+timerfd_create	85
+timerfd_gettime
+timerfd_gettime64	410
+timerfd_settime
+timerfd_settime64	411
+times	153
+tkill	130
+truncate
+truncate64	45
+ugetrlimit
+umask	166
+umount
+umount2	39
+uname	160
+unlink
+unlinkat	35
+unshare	97
+uselib
+userfaultfd	282
+ustat
+utime
+utimensat
+utimensat_time64	412
+utimes
+utrap_install
+vfork
+vhangup	58
+vm86
+vm86old
+vmsplice	75
+wait4
+waitid	95
+waitpid
+write	64
+writev	66

src/basic/syscalls-riscv64.txt

@@ -182,6 +182,9 @@ kexec_file_load	294
 kexec_load	104
 keyctl	219
 kill	129
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown
 lchown32
 lgetxattr	9
@@ -401,7 +404,7 @@ pwritev	70
 pwritev2	287
 query_module
 quotactl	60
-quotactl_path	443
+quotactl_path
 read	63
 readahead	213
 readdir

src/basic/syscalls-s390.txt

@@ -182,6 +182,9 @@ kexec_file_load	381
 kexec_load	277
 keyctl	280
 kill	37
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown	16
 lchown32	198
 lgetxattr	228
@@ -401,7 +404,7 @@ pwritev	329
 pwritev2	377
 query_module	167
 quotactl	131
-quotactl_path	443
+quotactl_path
 read	3
 readahead	222
 readdir	89

src/basic/syscalls-s390x.txt

@@ -182,6 +182,9 @@ kexec_file_load	381
 kexec_load	277
 keyctl	280
 kill	37
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown	198
 lchown32
 lgetxattr	228
@@ -401,7 +404,7 @@ pwritev	329
 pwritev2	377
 query_module	167
 quotactl	131
-quotactl_path	443
+quotactl_path
 read	3
 readahead	222
 readdir	89

src/basic/syscalls-sparc.txt

@@ -182,6 +182,9 @@ kexec_file_load
 kexec_load	306
 keyctl	283
 kill	37
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown	16
 lchown32	31
 lgetxattr	173
@@ -401,7 +404,7 @@ pwritev	325
 pwritev2	359
 query_module	184
 quotactl	165
-quotactl_path	443
+quotactl_path
 read	3
 readahead	205
 readdir	204

src/basic/syscalls-x86_64.txt

@@ -182,6 +182,9 @@ kexec_file_load	320
 kexec_load	246
 keyctl	250
 kill	62
+landlock_add_rule	445
+landlock_create_ruleset	444
+landlock_restrict_self	446
 lchown	94
 lchown32
 lgetxattr	192
@@ -401,7 +404,7 @@ pwritev	296
 pwritev2	328
 query_module	178
 quotactl	179
-quotactl_path	443
+quotactl_path
 read	0
 readahead	187
 readdir

src/libsystemd/sd-journal/journal-file.c

@@ -89,41 +89,6 @@
 #  pragma GCC diagnostic ignored "-Waddress-of-packed-member"
 #endif
 
-static int journal_file_tail_end(JournalFile *f, uint64_t *ret_offset) {
-        Object *tail;
-        uint64_t p;
-        int r;
-
-        assert(f);
-        assert(f->header);
-        assert(ret_offset);
-
-        p = le64toh(f->header->tail_object_offset);
-        if (p == 0)
-                p = le64toh(f->header->header_size);
-        else {
-                uint64_t sz;
-
-                r = journal_file_move_to_object(f, OBJECT_UNUSED, p, &tail);
-                if (r < 0)
-                        return r;
-
-                sz = le64toh(READ_NOW(tail->object.size));
-                if (sz > UINT64_MAX - sizeof(uint64_t) + 1)
-                        return -EBADMSG;
-
-                sz = ALIGN64(sz);
-                if (p > UINT64_MAX - sz)
-                        return -EBADMSG;
-
-                p += sz;
-        }
-
-        *ret_offset = p;
-
-        return 0;
-}
-
 /* This may be called from a separate thread to prevent blocking the caller for the duration of fsync().
  * As a result we use atomic operations on f->offline_state for inter-thread communications with
  * journal_file_set_offline() and journal_file_set_online(). */
@@ -157,25 +122,6 @@ static void journal_file_set_offline_internal(JournalFile *f) {
 
                         f->header->state = f->archive ? STATE_ARCHIVED : STATE_OFFLINE;
                         (void) fsync(f->fd);
-
-                        if (f->archive) {
-                                uint64_t p;
-                                int r;
-
-                                /* truncate excess from the end of archives */
-                                r = journal_file_tail_end(f, &p);
-                                if (r < 0)
-                                        log_debug_errno(r, "Failed to determine end of tail object, ignoring: %m");
-                                else {
-                                        /* arena_size can't exceed the file size, ensure it's updated before truncating */
-                                        f->header->arena_size = htole64(p - le64toh(f->header->header_size));
-
-                                        (void) fsync(f->fd);
-
-                                        if (ftruncate(f->fd, p) < 0)
-                                                log_debug_errno(errno, "Failed to truncate archive at end of tail object, ignoring: %m");
-                                }
-                        }
                         break;
 
                 case OFFLINE_OFFLINING:
@@ -1108,7 +1054,7 @@ int journal_file_append_object(
 
         int r;
         uint64_t p;
-        Object *o;
+        Object *tail, *o;
         void *t;
 
         assert(f);
@@ -1120,9 +1066,26 @@ int journal_file_append_object(
         if (r < 0)
                 return r;
 
-        r = journal_file_tail_end(f, &p);
-        if (r < 0)
-                return r;
+        p = le64toh(f->header->tail_object_offset);
+        if (p == 0)
+                p = le64toh(f->header->header_size);
+        else {
+                uint64_t sz;
+
+                r = journal_file_move_to_object(f, OBJECT_UNUSED, p, &tail);
+                if (r < 0)
+                        return r;
+
+                sz = le64toh(READ_NOW(tail->object.size));
+                if (sz > UINT64_MAX - sizeof(uint64_t) + 1)
+                        return -EBADMSG;
+
+                sz = ALIGN64(sz);
+                if (p > UINT64_MAX - sz)
+                        return -EBADMSG;
+
+                p += sz;
+        }
 
         r = journal_file_allocate(f, p, size);
         if (r < 0)

src/network/netdev/netdev.c

@@ -26,6 +26,7 @@
 #include "netlink-util.h"
 #include "networkd-manager.h"
 #include "networkd-queue.h"
+#include "networkd-setlink.h"
 #include "nlmon.h"
 #include "path-lookup.h"
 #include "siphash24.h"
@@ -550,7 +551,7 @@ static bool netdev_is_ready_to_create(NetDev *netdev, Link *link) {
         req = (Request) {
                 .link = link,
                 .type = REQUEST_TYPE_SET_LINK,
-                .set_link_operation = SET_LINK_MTU,
+                .set_link_operation_ptr = INT_TO_PTR(SET_LINK_MTU),
         };
 
         if (ordered_set_contains(link->manager->request_queue, &req))

src/network/networkd-queue.c

@@ -12,6 +12,7 @@
 #include "networkd-route.h"
 #include "networkd-routing-policy-rule.h"
 #include "networkd-queue.h"
+#include "networkd-setlink.h"
 
 static void request_free_object(RequestType type, void *object) {
         switch(type) {
@@ -123,9 +124,10 @@ static void request_hash_func(const Request *req, struct siphash *state) {
         case REQUEST_TYPE_ROUTING_POLICY_RULE:
                 routing_policy_rule_hash_func(req->rule, state);
                 break;
-        case REQUEST_TYPE_SET_LINK:
-                siphash24_compress(&req->set_link_operation, sizeof(req->set_link_operation), state);
+        case REQUEST_TYPE_SET_LINK: {
+                trivial_hash_func(req->set_link_operation_ptr, state);
                 break;
+        }
         case REQUEST_TYPE_UP_DOWN:
                 break;
         default:
@@ -172,7 +174,7 @@ static int request_compare_func(const struct Request *a, const struct Request *b
         case REQUEST_TYPE_ROUTING_POLICY_RULE:
                 return routing_policy_rule_compare_func(a->rule, b->rule);
         case REQUEST_TYPE_SET_LINK:
-                return CMP(a->set_link_operation, b->set_link_operation);
+                return trivial_compare_func(a->set_link_operation_ptr, b->set_link_operation_ptr);
         case REQUEST_TYPE_UP_DOWN:
                 return 0;
         default:

src/network/networkd-queue.h

@@ -4,7 +4,6 @@
 #include "sd-event.h"
 
 #include "networkd-link.h"
-#include "networkd-setlink.h"
 
 typedef struct Address Address;
 typedef struct AddressLabel AddressLabel;
@@ -40,8 +39,6 @@ typedef enum RequestType {
         _REQUEST_TYPE_INVALID = -EINVAL,
 } RequestType;
 
-assert_cc(sizeof(SetLinkOperation) <= sizeof(void*));
-
 typedef struct Request {
         Link *link;
         RequestType type;
@@ -56,7 +53,7 @@ typedef struct Request {
                 NextHop *nexthop;
                 Route *route;
                 RoutingPolicyRule *rule;
-                SetLinkOperation set_link_operation;
+                void *set_link_operation_ptr;
                 NetDev *netdev;
                 void *object;
         };

src/network/networkd-setlink.c

@@ -10,8 +10,8 @@
 #include "networkd-link.h"
 #include "networkd-manager.h"
 #include "networkd-queue.h"
+#include "networkd-setlink.h"
 #include "string-table.h"
-#include "sysctl-util.h"
 
 static const char *const set_link_operation_table[_SET_LINK_OPERATION_MAX] = {
         [SET_LINK_ADDRESS_GENERATION_MODE] = "IPv6LL address generation mode",
@@ -491,7 +491,7 @@ static bool link_is_ready_to_call_set_link(Request *req) {
         assert(req);
 
         link = req->link;
-        op = req->set_link_operation;
+        op = PTR_TO_INT(req->set_link_operation_ptr);
 
         if (!IN_SET(link->state, LINK_STATE_INITIALIZED, LINK_STATE_CONFIGURING, LINK_STATE_CONFIGURED))
                 return false;
@@ -572,23 +572,27 @@ static bool link_is_ready_to_call_set_link(Request *req) {
 }
 
 int request_process_set_link(Request *req) {
+        SetLinkOperation op;
         int r;
 
         assert(req);
         assert(req->link);
         assert(req->type == REQUEST_TYPE_SET_LINK);
-        assert(req->set_link_operation >= 0 && req->set_link_operation < _SET_LINK_OPERATION_MAX);
         assert(req->netlink_handler);
 
+        op = PTR_TO_INT(req->set_link_operation_ptr);
+
+        assert(op >= 0 && op < _SET_LINK_OPERATION_MAX);
+
         if (!link_is_ready_to_call_set_link(req))
                 return 0;
 
-        r = link_configure(req->link, req->set_link_operation, req->userdata, req->netlink_handler);
+        r = link_configure(req->link, op, req->userdata, req->netlink_handler);
         if (r < 0)
                 return log_link_error_errno(req->link, r, "Failed to set %s: %m",
-                                            set_link_operation_to_string(req->set_link_operation));
+                                            set_link_operation_to_string(op));
 
-        if (req->set_link_operation == SET_LINK_FLAGS)
+        if (op == SET_LINK_FLAGS)
                 req->link->set_flags_messages++;
 
         return 1;

src/network/networkd-setlink.h

@@ -21,6 +21,10 @@ typedef enum SetLinkOperation {
         _SET_LINK_OPERATION_INVALID = -EINVAL,
 } SetLinkOperation;
 
+/* SetLinkOperation is casted to int, then stored in void* with INT_TO_PTR(). */
+assert_cc(sizeof(SetLinkOperation) <= sizeof(void*));
+assert_cc(sizeof(SetLinkOperation) <= sizeof(int));
+
 int link_request_to_set_addrgen_mode(Link *link);
 int link_request_to_set_bond(Link *link);
 int link_request_to_set_bridge(Link *link);

src/shared/seccomp-util.c

@@ -691,7 +691,6 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
                 "open_by_handle_at\0"
                 "pivot_root\0"
                 "quotactl\0"
-                "quotactl_path\0"
                 "setdomainname\0"
                 "setfsuid\0"
                 "setfsuid32\0"

src/shared/udev-util.h

@@ -1,6 +1,11 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 #pragma once
 
+#if HAVE_SYS_SDT_H
+#define SDT_USE_VARIADIC
+#include <sys/sdt.h>
+#endif
+
 #include "sd-device.h"
 
 #include "time-util.h"
@@ -46,3 +51,30 @@ int udev_resolve_subsys_kernel(const char *string, char *result, size_t maxsize,
 
 int udev_queue_is_empty(void);
 int udev_queue_init(void);
+
+#if HAVE_SYS_SDT_H
+
+/* Each trace point can have different number of additional arguments. Note that when the macro is used only
+ * additional arguments are listed in the macro invocation!
+ *
+ * Default arguments for each trace point are as follows:
+ *   - arg0 - action
+ *   - arg1 - sysname
+ *   - arg2 - syspath
+ *   - arg3 - subsystem
+ */
+#define DEVICE_TRACE_POINT(name, dev, ...)                                                                 \
+        do {                                                                                               \
+                PROTECT_ERRNO;                                                                             \
+                const char *_n = NULL, *_p = NULL, *_s = NULL;                                             \
+                sd_device *_d = (dev);                                                                     \
+                sd_device_action_t _a = _SD_DEVICE_ACTION_INVALID;                                         \
+                (void) sd_device_get_action(_d, &_a);                                                      \
+                (void) sd_device_get_sysname(_d, &_n);                                                     \
+                (void) sd_device_get_syspath(_d, &_p);                                                     \
+                (void) sd_device_get_subsystem(_d, &_s);                                                   \
+                STAP_PROBEV(udev, name, device_action_to_string(_a), _n, _p, _s __VA_OPT__(,) __VA_ARGS__);\
+        } while(false);
+#else
+#define DEVICE_TRACE_POINT(name, dev, ...) ((void) 0)
+#endif

src/systemd/sd-id128.h

@@ -63,7 +63,9 @@ int sd_id128_get_boot_app_specific(sd_id128_t app_id, sd_id128_t *ret);
 #define SD_ID128_FORMAT_STR "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x"
 #define SD_ID128_FORMAT_VAL(x) (x).bytes[0], (x).bytes[1], (x).bytes[2], (x).bytes[3], (x).bytes[4], (x).bytes[5], (x).bytes[6], (x).bytes[7], (x).bytes[8], (x).bytes[9], (x).bytes[10], (x).bytes[11], (x).bytes[12], (x).bytes[13], (x).bytes[14], (x).bytes[15]
 
-/* Like SD_ID128_FORMAT_STR, but formats as UUID, not in plain format */
+/* Like SD_ID128_FORMAT_STR, but formats as UUID, not in plain format (Strictly Big Endian byte order,
+ * i.e. treats everything as RFC4122 Variant 1 UUIDs, even if variant says otherwise, but matching other
+ * Linux userspace behaviour.) */
 #define SD_ID128_UUID_FORMAT_STR "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x"
 
 #define SD_ID128_CONST_STR(x)                                           \

src/test/test-seccomp.c

@@ -805,10 +805,18 @@ static void test_load_syscall_filter_set_raw(void) {
                 assert_se(s = hashmap_new(NULL));
 #if defined __NR_access && __NR_access >= 0
                 assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_access + 1), INT_TO_PTR(-1)) >= 0);
-#else
+                log_debug("has access()");
+#endif
+#if defined __NR_faccessat && __NR_faccessat >= 0
                 assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_faccessat + 1), INT_TO_PTR(-1)) >= 0);
+                log_debug("has faccessat()");
+#endif
+#if defined __NR_faccessat2 && __NR_faccessat2 >= 0
+                assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_faccessat2 + 1), INT_TO_PTR(-1)) >= 0);
+                log_debug("has faccessat2()");
 #endif
 
+                assert_se(!hashmap_isempty(s));
                 assert_se(seccomp_load_syscall_filter_set_raw(SCMP_ACT_ALLOW, s, SCMP_ACT_ERRNO(EUCLEAN), true) >= 0);
 
                 assert_se(access("/", F_OK) < 0);
@@ -816,14 +824,16 @@ static void test_load_syscall_filter_set_raw(void) {
 
                 assert_se(poll(NULL, 0, 0) == 0);
 
-                s = hashmap_free(s);
-
-                assert_se(s = hashmap_new(NULL));
+                hashmap_clear(s);
 #if defined __NR_access && __NR_access >= 0
                 assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_access + 1), INT_TO_PTR(EILSEQ)) >= 0);
-#else
+#endif
+#if defined __NR_faccessat && __NR_faccessat >= 0
                 assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_faccessat + 1), INT_TO_PTR(EILSEQ)) >= 0);
 #endif
+#if defined __NR_faccessat2 && __NR_faccessat2 >= 0
+                assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_faccessat2 + 1), INT_TO_PTR(EILSEQ)) >= 0);
+#endif
 
                 assert_se(seccomp_load_syscall_filter_set_raw(SCMP_ACT_ALLOW, s, SCMP_ACT_ERRNO(EUCLEAN), true) >= 0);
 
@@ -832,15 +842,21 @@ static void test_load_syscall_filter_set_raw(void) {
 
                 assert_se(poll(NULL, 0, 0) == 0);
 
-                s = hashmap_free(s);
-
-                assert_se(s = hashmap_new(NULL));
+                hashmap_clear(s);
 #if defined __NR_poll && __NR_poll >= 0
                 assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_poll + 1), INT_TO_PTR(-1)) >= 0);
-#elif defined __NR_ppoll
+                log_debug("has poll()");
+#endif
+#if defined __NR_ppoll && __NR_ppoll >= 0
                 assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_ppoll + 1), INT_TO_PTR(-1)) >= 0);
+                log_debug("has ppoll()");
+#endif
+#if defined __NR_ppoll_time64 && __NR_ppoll_time64 >= 0
+                assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_ppoll_time64 + 1), INT_TO_PTR(-1)) >= 0);
+                log_debug("has ppoll_time64()");
 #endif
 
+                assert_se(!hashmap_isempty(s));
                 assert_se(seccomp_load_syscall_filter_set_raw(SCMP_ACT_ALLOW, s, SCMP_ACT_ERRNO(EUNATCH), true) >= 0);
 
                 assert_se(access("/", F_OK) < 0);
@@ -849,15 +865,16 @@ static void test_load_syscall_filter_set_raw(void) {
                 assert_se(poll(NULL, 0, 0) < 0);
                 assert_se(errno == EUNATCH);
 
-                s = hashmap_free(s);
-
-                assert_se(s = hashmap_new(NULL));
+                hashmap_clear(s);
 #if defined __NR_poll && __NR_poll >= 0
                 assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_poll + 1), INT_TO_PTR(EILSEQ)) >= 0);
-#elif defined __NR_ppoll
-                assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_ppoll + 1), INT_TO_PTR(-1)) >= 0);
+#endif
+#if defined __NR_ppoll && __NR_ppoll >= 0
                 assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_ppoll + 1), INT_TO_PTR(EILSEQ)) >= 0);
 #endif
+#if defined __NR_ppoll_time64 && __NR_ppoll_time64 >= 0
+                assert_se(hashmap_put(s, UINT32_TO_PTR(__NR_ppoll_time64 + 1), INT_TO_PTR(EILSEQ)) >= 0);
+#endif
 
                 assert_se(seccomp_load_syscall_filter_set_raw(SCMP_ACT_ALLOW, s, SCMP_ACT_ERRNO(EUNATCH), true) >= 0);
 

src/udev/udev-event.c

@@ -603,6 +603,8 @@ static int on_spawn_timeout(sd_event_source *s, uint64_t usec, void *userdata) {
 
         assert(spawn);
 
+        DEVICE_TRACE_POINT(spawn_timeout, spawn->device, spawn->cmd);
+
         kill_and_sigcont(spawn->pid, spawn->timeout_signal);
 
         log_device_error(spawn->device, "Spawned process '%s' ["PID_FMT"] timed out after %s, killing",
@@ -648,6 +650,8 @@ static int on_spawn_sigchld(sd_event_source *s, const siginfo_t *si, void *userd
                 log_device_error(spawn->device, "Process '%s' failed due to unknown reason.", spawn->cmd);
         }
 
+        DEVICE_TRACE_POINT(spawn_exit, spawn->device, spawn->cmd);
+
         sd_event_exit(sd_event_source_get_event(s), ret);
         return 1;
 }
@@ -785,6 +789,8 @@ int udev_event_spawn(UdevEvent *event,
                 (void) close_all_fds(NULL, 0);
                 (void) rlimit_nofile_safe();
 
+                DEVICE_TRACE_POINT(spawn_exec, event->dev, cmd);
+
                 execve(argv[0], argv, envp);
                 _exit(EXIT_FAILURE);
         }
@@ -1014,10 +1020,14 @@ int udev_event_execute_rules(
                         return r;
         }
 
+        DEVICE_TRACE_POINT(rules_start, dev);
+
         r = udev_rules_apply_to_event(rules, event, timeout_usec, timeout_signal, properties_list);
         if (r < 0)
                 return log_device_debug_errno(dev, r, "Failed to apply udev rules: %m");
 
+        DEVICE_TRACE_POINT(rules_finished, dev);
+
         r = rename_netif(event);
         if (r < 0)
                 return r;

src/udev/udev-rules.c

@@ -29,6 +29,7 @@
 #include "udev-builtin.h"
 #include "udev-event.h"
 #include "udev-rules.h"
+#include "udev-util.h"
 #include "user-util.h"
 #include "virt.h"
 
@@ -2261,6 +2262,9 @@ static int udev_rule_apply_line_to_event(
                 return 0;
 
         event->esc = ESCAPE_UNSET;
+
+        DEVICE_TRACE_POINT(rules_apply_line, event->dev, line->rule_file->filename, line->line_number);
+
         LIST_FOREACH_SAFE(tokens, token, next_token, line->tokens) {
                 line->current_token = token;
 

src/udev/udevd.c

@@ -617,6 +617,8 @@ static int worker_spawn(Manager *manager, struct event *event) {
                 return log_error_errno(r, "Failed to fork() worker: %m");
         }
         if (r == 0) {
+                DEVICE_TRACE_POINT(worker_spawned, event->dev, getpid());
+
                 /* Worker process */
                 r = worker_main(manager, worker_monitor, sd_device_ref(event->dev));
                 log_close();
@@ -1045,6 +1047,8 @@ static int on_uevent(sd_device_monitor *monitor, sd_device *dev, void *userdata)
 
         assert(manager);
 
+        DEVICE_TRACE_POINT(kernel_uevent_received, dev);
+
         device_ensure_usec_initialized(dev, NULL);
 
         r = event_queue_insert(manager, dev);
@@ -1180,6 +1184,8 @@ static int synthesize_change_one(sd_device *dev, sd_device *target) {
         if (r < 0)
                 return log_device_debug_errno(target, r, "Failed to trigger 'change' uevent: %m");
 
+        DEVICE_TRACE_POINT(synthetic_change_event, dev);
+
         return 0;
 }