hwdb.d/60-keyboard.hwdb

@@ -2132,8 +2132,8 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnINET:pnP325J:*
 # Home: LeftCtrl + Esc -> LeftMeta  (ignore LeftCtrl, map Esc to LeftMeta)
 # Back: Backspace      -> back      (map backspace to back)
 evdev:name:FTSC1000:00 2808:509C Keyboard:dmi:*:svnXiaomiInc:pnMipad2:*
- KEYBOARD_KEY_700e0=reserved                            # LeftCtrl -> ignore
+ KEYBOARD_KEY_700e0=unknown                             # LeftCtrl -> ignore
- KEYBOARD_KEY_700e3=reserved                            # LeftMeta -> ignore
+ KEYBOARD_KEY_700e3=unknown                             # LeftMeta -> ignore
  KEYBOARD_KEY_70016=menu                                # S -> menu
  KEYBOARD_KEY_70029=leftmeta                            # Esc -> LeftMeta (Windows key / Win8 tablets home)
  KEYBOARD_KEY_7002a=back                                # Backspace -> back

man/systemd.exec.xml

@@ -3195,11 +3195,10 @@ SystemCallErrorNumber=EPERM</programlisting>
         ignored; both the backslash and the following character are preserved verbatim. Leading and trailing
         whitespace outside of the double quotes is discarded.</para>
 
-        <para>The argument passed should be an absolute filename or wildcard expression. If the file does not
+        <para>The argument passed should be an absolute filename or wildcard expression, optionally prefixed with
-        exist, cannot be read, or contains invalid content, the service will fail to start. To make the file
+        <literal>-</literal>, which indicates that if the file does not exist, it will not be read and no error or
-        optional, prefix the path with <literal>-</literal>, which causes all errors related to the file to be
+        warning message is logged. This option may be specified more than once in which case all specified files are
-        silently ignored. This option may be specified more than once in which case all specified files are read.
+        read. If the empty string is assigned to this option, the list of file to read is reset, all prior assignments
-        If the empty string is assigned to this option, the list of files to read is reset, all prior assignments
         have no effect.</para>
 
         <para>The files listed with this directive will be read shortly before the process is executed (more

meson.build

@@ -1746,8 +1746,6 @@ if conf.get('BPF_FRAMEWORK') == 1
         bpf_clang_flags = [
                 '-std=gnu17',
                 '-Wno-compare-distinct-pointer-types',
-                '-Wno-microsoft-anon-tag',
-                '-fms-extensions',
                 '-fno-stack-protector',
                 '-O2',
                 '-target',
@@ -1758,7 +1756,6 @@ if conf.get('BPF_FRAMEWORK') == 1
 
         bpf_gcc_flags = [
                 '-std=gnu17',
-                '-fms-extensions',
                 '-fno-stack-protector',
                 '-fno-ssa-phiopt',
                 '-O2',

src/basic/basic-forward.h

@@ -86,7 +86,6 @@ typedef enum CGroupFlags CGroupFlags;
 typedef enum CGroupMask CGroupMask;
 typedef enum ChaseFlags ChaseFlags;
 typedef enum ExtractFlags ExtractFlags;
-typedef enum ForkFlags ForkFlags;
 typedef enum Glyph Glyph;
 typedef enum ImageClass ImageClass;
 typedef enum JobMode JobMode;

src/basic/namespace-util.c

@@ -8,7 +8,6 @@
 #include <sys/mount.h>
 #include <unistd.h>
 
-#include "dlfcn-util.h"
 #include "errno-util.h"
 #include "fd-util.h"
 #include "fileio.h"
@@ -218,9 +217,6 @@ int namespace_open(
 int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int userns_fd, int root_fd) {
         int r;
 
-        /* Block dlopen() now, to avoid us inadvertently loading shared library from another namespace */
-        block_dlopen();
-
         if (userns_fd >= 0) {
                 /* Can't setns to your own userns, since then you could escalate from non-root to root in
                  * your own namespace, so check if namespaces are equal before attempting to enter. */

src/basic/process-util.c

@@ -1703,8 +1703,7 @@ int pidref_safe_fork_full(
          * foreign environment. Note that this has no effect on NSS! (i.e. it only has effect on uses of our
          * dlopen_safe(), which we use comprehensively in our codebase, but glibc NSS doesn't bother, of
          * course.) */
-        if (!FLAGS_SET(flags, FORK_ALLOW_DLOPEN))
+        block_dlopen();
-                block_dlopen();
 
         if (flags & (FORK_DEATHSIG_SIGTERM|FORK_DEATHSIG_SIGINT|FORK_DEATHSIG_SIGKILL))
                 if (prctl(PR_SET_PDEATHSIG, fork_flags_to_signal(flags)) < 0) {
@@ -1907,7 +1906,6 @@ int namespace_fork(
         /* This is much like safe_fork(), but forks twice, and joins the specified namespaces in the middle
          * process. This ensures that we are fully a member of the destination namespace, with pidns an all, so that
          * /proc/self/fd works correctly. */
-        assert(!FLAGS_SET(flags, FORK_ALLOW_DLOPEN)); /* never allow loading shared library from another ns */
 
         r = safe_fork_full(outer_name,
                            NULL,

src/basic/process-util.h

@@ -187,9 +187,8 @@ typedef enum ForkFlags {
         FORK_NEW_NETNS          = 1 << 20, /* Run child in its own network namespace                             💣 DO NOT USE IN THREADED PROGRAMS! 💣 */
         FORK_NEW_PIDNS          = 1 << 21, /* Run child in its own PID namespace                                 💣 DO NOT USE IN THREADED PROGRAMS! 💣 */
         FORK_FREEZE             = 1 << 22, /* Don't return in child, just call freeze() instead */
-        FORK_ALLOW_DLOPEN       = 1 << 23, /* Do not block dlopen() in child */
 
-        _FORK_PID_ONLY          = 1 << 24, /* Don't open a pidfd referencing the child process */
+        _FORK_PID_ONLY          = 1 << 23, /* Don't open a pidfd referencing the child process */
 } ForkFlags;
 
 int pidref_safe_fork_full(

src/boot/stub.c

@@ -627,23 +627,20 @@ static EFI_STATUS load_addons(
                         return log_error_status(err, "Failed to find protocol in %ls: %m", items[i]);
 
                 err = pe_memory_locate_sections(loaded_addon->ImageBase, unified_sections, sections);
-                if (err != EFI_SUCCESS) {
+                if (err != EFI_SUCCESS ||
+                    (!PE_SECTION_VECTOR_IS_SET(sections + UNIFIED_SECTION_CMDLINE) &&
+                     !PE_SECTION_VECTOR_IS_SET(sections + UNIFIED_SECTION_DTB) &&
+                     !PE_SECTION_VECTOR_IS_SET(sections + UNIFIED_SECTION_DTBAUTO) &&
+                     !PE_SECTION_VECTOR_IS_SET(sections + UNIFIED_SECTION_INITRD) &&
+                     !PE_SECTION_VECTOR_IS_SET(sections + UNIFIED_SECTION_UCODE))) {
+                        if (err == EFI_SUCCESS)
+                                err = EFI_NOT_FOUND;
                         log_error_status(err,
                                          "Unable to locate embedded .cmdline/.dtb/.dtbauto/.initrd/.ucode sections in %ls, ignoring: %m",
                                          items[i]);
                         continue;
                 }
 
-                if (!PE_SECTION_VECTOR_IS_SET(sections + UNIFIED_SECTION_CMDLINE) &&
-                    !PE_SECTION_VECTOR_IS_SET(sections + UNIFIED_SECTION_DTB) &&
-                    !PE_SECTION_VECTOR_IS_SET(sections + UNIFIED_SECTION_DTBAUTO) &&
-                    !PE_SECTION_VECTOR_IS_SET(sections + UNIFIED_SECTION_INITRD) &&
-                    !PE_SECTION_VECTOR_IS_SET(sections + UNIFIED_SECTION_UCODE)) {
-                        log_debug("No applicable .cmdline/.dtb/.dtbauto/.initrd/.ucode sections found in %ls, ignoring.",
-                                  items[i]);
-                        continue;
-                }
-
                 /* We want to enforce that addons are not UKIs, i.e.: they must not embed a kernel. */
                 if (PE_SECTION_VECTOR_IS_SET(sections + UNIFIED_SECTION_LINUX)) {
                         log_error("%ls is a UKI, not an addon, ignoring.", items[i]);

src/core/namespace.c

@@ -13,7 +13,6 @@
 #include "base-filesystem.h"
 #include "bitfield.h"
 #include "chase.h"
-#include "cryptsetup-util.h"
 #include "dev-setup.h"
 #include "devnum-util.h"
 #include "dissect-image.h"
@@ -3853,8 +3852,6 @@ int refresh_extensions_in_namespace(
         if (r > 0)
                 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Target namespace is not separate, cannot reload extensions");
 
-        (void) dlopen_cryptsetup();
-
         extension_dir = path_join(p->private_namespace_dir, "unit-extensions");
         if (!extension_dir)
                 return log_oom_debug();

src/core/service.c

@@ -14,6 +14,7 @@
 #include "bus-error.h"
 #include "bus-util.h"
 #include "chase.h"
+#include "cryptsetup-util.h"
 #include "dbus-service.h"
 #include "dbus-unit.h"
 #include "devnum-util.h"
@@ -2881,9 +2882,7 @@ static void service_enter_refresh_extensions(Service *s) {
 
         /* Given we are running from PID1, avoid doing potentially heavy I/O operations like opening images
          * directly, and instead fork a worker process. */
-        r = unit_fork_helper_process_full(UNIT(s), "(sd-refresh-extensions)", /* into_cgroup= */ false,
+        r = unit_fork_helper_process(UNIT(s), "(sd-refresh-extensions)", /* into_cgroup= */ false, &worker);
-                                          FORK_ALLOW_DLOPEN, /* permit dlopen() to avoid load of libcryptsetup in pid1 */
-                                          &worker);
         if (r < 0) {
                 log_unit_error_errno(UNIT(s), r, "Failed to fork process to refresh extensions in unit's namespace: %m");
                 goto fail;
@@ -5563,6 +5562,8 @@ static int service_live_mount(
                                 u->id);
         }
 
+        (void) dlopen_cryptsetup();
+
         service_unwatch_control_pid(s);
         s->live_mount_result = SERVICE_SUCCESS;
         s->control_command = NULL;
@@ -5583,9 +5584,7 @@ static int service_live_mount(
          * directly, and instead fork a worker process. We record the D-Bus message, so that we can reply
          * after the operation has finished. This way callers can wait on the message and know that the new
          * resource is available (or the operation failed) once they receive the response. */
-        r = unit_fork_helper_process_full(u, "(sd-mount-in-ns)", /* into_cgroup= */ false,
+        r = unit_fork_helper_process(u, "(sd-mount-in-ns)", /* into_cgroup= */ false, &worker);
-                                          FORK_ALLOW_DLOPEN,
-                                          &worker);
         if (r < 0) {
                 log_unit_error_errno(u, r,
                                      "Failed to fork process to mount '%s' on '%s' in unit's namespace: %m",

src/core/unit.c

@@ -5539,13 +5539,12 @@ int unit_set_exec_params(Unit *u, ExecParameters *p) {
         return 0;
 }
 
-int unit_fork_helper_process_full(Unit *u, const char *name, bool into_cgroup, ForkFlags flags, PidRef *ret) {
+int unit_fork_helper_process(Unit *u, const char *name, bool into_cgroup, PidRef *ret) {
         CGroupRuntime *crt = NULL;
         pid_t pid;
         int r;
 
         assert(u);
-        assert((flags & (FORK_RESET_SIGNALS|FORK_DETACH|FORK_WAIT)) == 0); /* these don't really make sense for manager */
         assert(ret);
 
         /* Forks off a helper process and makes sure it is a member of the unit's cgroup, if configured to
@@ -5560,7 +5559,7 @@ int unit_fork_helper_process_full(Unit *u, const char *name, bool into_cgroup, F
                 crt = unit_get_cgroup_runtime(u);
         }
 
-        r = safe_fork(name, FORK_REOPEN_LOG|FORK_DEATHSIG_SIGTERM|flags, &pid);
+        r = safe_fork(name, FORK_REOPEN_LOG|FORK_DEATHSIG_SIGTERM, &pid);
         if (r < 0)
                 return r;
         if (r > 0) {
@@ -5593,10 +5592,6 @@ int unit_fork_helper_process_full(Unit *u, const char *name, bool into_cgroup, F
         return 0;
 }
 
-int unit_fork_helper_process(Unit *u, const char *name, bool into_cgroup, PidRef *ret) {
-        return unit_fork_helper_process_full(u, name, into_cgroup, /* flags = */ 0, ret);
-}
-
 int unit_fork_and_watch_rm_rf(Unit *u, char **paths, PidRef *ret_pid) {
         _cleanup_(pidref_done) PidRef pid = PIDREF_NULL;
         int r;

src/core/unit.h

@@ -1005,7 +1005,6 @@ int unit_acquire_invocation_id(Unit *u);
 
 int unit_set_exec_params(Unit *u, ExecParameters *p);
 
-int unit_fork_helper_process_full(Unit *u, const char *name, bool into_cgroup, ForkFlags flags, PidRef *ret);
 int unit_fork_helper_process(Unit *u, const char *name, bool into_cgroup, PidRef *ret);
 int unit_fork_and_watch_rm_rf(Unit *u, char **paths, PidRef *ret);
 

test/integration-tests/TEST-80-NOTIFYACCESS/TEST-80-NOTIFYACCESS.units/reload-timeout.sh

@@ -12,20 +12,8 @@ sync_in() {
 }
 
 wait_for_signal() {
-    local notify="${1:?}"
-    local p
-
     sleep infinity &
-    p=$!
+    wait "$!" || :
-
-    # Notify readiness after 'sleep' is running to avoid race
-    # condition where the SIGHUP is sent before 'sleep' is ready to
-    # receive it and we get stuck
-    if [ "$notify" -eq 1 ]; then
-        systemd-notify --ready
-    fi
-
-    wait "$p" || :
 }
 
 sighup_handler() {
@@ -36,14 +24,17 @@ trap sighup_handler SIGHUP
 
 export SYSTEMD_LOG_LEVEL=debug
 
-wait_for_signal 1
+systemd-notify --ready
+
+wait_for_signal
 systemd-notify --reloading
 
-wait_for_signal 0
+wait_for_signal
 systemd-notify --reloading
 sync_in ready
+systemd-notify --ready
 
-wait_for_signal 1
+wait_for_signal
 systemd-notify --reloading --ready
 
 exec sleep infinity