From 22dae3d54ed94e9196f61e50d9bceaf2ed7fb123 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Sun, 12 Dec 2021 03:57:53 +0100 Subject: [PATCH 01/12] systemd: reformat code with nixpkgs-fmt --- pkgs/os-specific/linux/systemd/default.nix | 71 +++++++++++----------- 1 file changed, 37 insertions(+), 34 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 70036127fc896..5fbc8bc9fb7dd 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -175,40 +175,43 @@ stdenv.mkDerivation { # systemd-stable ./0020-sd-boot-Unify-error-handling.patch ./0021-sd-boot-Rework-console-input-handling.patch - ] ++ lib.optional stdenv.hostPlatform.isMusl (let - oe-core = fetchzip { - url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-14c6e5a4b72d0e4665279158a0740dd1dc21f72f.tar.bz2"; - sha256 = "1jixya4czkr5p5rdcw3d6ips8zzr82dvnanvzvgjh67730scflya"; - }; - musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; - in [ - (musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch") - (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") - (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") - (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") - (musl-patches + "/0006-Include-netinet-if_ether.h.patch") - (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") - (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") - (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") - (musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch") - (musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch") - (musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch") - (musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch") - (musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch") - (musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch") - (musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch") - (musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch") - (musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch") - (musl-patches + "/0019-Handle-missing-LOCK_EX.patch") - (musl-patches + "/0021-test-json.c-define-M_PIl.patch") - (musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch") - (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") - (musl-patches + "/0026-Handle-missing-gshadow.patch") - (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") - - # Being discussed upstream: https://lists.openembedded.org/g/openembedded-core/topic/86411771#157056 - ./musl.diff - ]); + ] ++ lib.optional stdenv.hostPlatform.isMusl ( + let + oe-core = fetchzip { + url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-14c6e5a4b72d0e4665279158a0740dd1dc21f72f.tar.bz2"; + sha256 = "1jixya4czkr5p5rdcw3d6ips8zzr82dvnanvzvgjh67730scflya"; + }; + musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; + in + [ + (musl-patches + "/0002-don-t-use-glibc-specific-qsort_r.patch") + (musl-patches + "/0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch") + (musl-patches + "/0004-add-fallback-parse_printf_format-implementation.patch") + (musl-patches + "/0005-src-basic-missing.h-check-for-missing-strndupa.patch") + (musl-patches + "/0006-Include-netinet-if_ether.h.patch") + (musl-patches + "/0007-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch") + (musl-patches + "/0008-add-missing-FTW_-macros-for-musl.patch") + (musl-patches + "/0009-fix-missing-of-__register_atfork-for-non-glibc-build.patch") + (musl-patches + "/0010-Use-uintmax_t-for-handling-rlim_t.patch") + (musl-patches + "/0011-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch") + (musl-patches + "/0012-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch") + (musl-patches + "/0013-Define-glibc-compatible-basename-for-non-glibc-syste.patch") + (musl-patches + "/0014-Do-not-disable-buffering-when-writing-to-oom_score_a.patch") + (musl-patches + "/0015-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch") + (musl-patches + "/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch") + (musl-patches + "/0017-missing_type.h-add-__compar_d_fn_t-definition.patch") + (musl-patches + "/0018-avoid-redefinition-of-prctl_mm_map-structure.patch") + (musl-patches + "/0019-Handle-missing-LOCK_EX.patch") + (musl-patches + "/0021-test-json.c-define-M_PIl.patch") + (musl-patches + "/0022-do-not-disable-buffer-in-writing-files.patch") + (musl-patches + "/0025-Handle-__cpu_mask-usage.patch") + (musl-patches + "/0026-Handle-missing-gshadow.patch") + (musl-patches + "/0028-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") + + # Being discussed upstream: https://lists.openembedded.org/g/openembedded-core/topic/86411771#157056 + ./musl.diff + ] + ); postPatch = '' substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" From cd85a49516a106e32dbaaf7ca1f2ee9a2531638c Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Sun, 12 Dec 2021 03:56:45 +0100 Subject: [PATCH 02/12] WIP: systemd: v249.5 -> v250 --- ...ts-for-uninitialised-encrypted-devic.patch | 6 +- ...on-t-try-to-unmount-nix-or-nix-store.patch | 10 +- .../systemd/0003-Fix-NixOS-containers.patch | 12 +- ...004-Look-for-fsck-in-the-right-place.patch | 8 +- ...some-NixOS-specific-unit-directories.patch | 20 +- ...f-a-useless-message-in-user-sessions.patch | 10 +- ...d-timedated-disable-methods-that-cha.patch | 12 +- .../linux/systemd/0008-Fix-hwdb-paths.patch | 6 +- ...e-usr-share-zoneinfo-to-etc-zoneinfo.patch | 24 +- ...calectl-use-etc-X11-xkb-for-list-x11.patch | 10 +- ...te-statedir-and-don-t-touch-prefixdi.patch | 14 +- ...-environment-when-calling-generators.patch | 10 +- ...3-add-rootprefix-to-lookup-dir-paths.patch | 8 +- ...-execute-scripts-in-etc-systemd-syst.patch | 12 +- ...ecute-scripts-in-etc-systemd-system-.patch | 8 +- ...s.service-Update-ConditionFileNotEmp.patch | 6 +- ...-placeholder-for-DEFAULT_PATH_NORMAL.patch | 8 +- ...pkg-config-derive-prefix-from-prefix.patch | 6 +- ...e-handle-lookup-paths-being-symlinks.patch | 16 +- .../0020-sd-boot-Unify-error-handling.patch | 401 ------------------ ...d-boot-Rework-console-input-handling.patch | 320 -------------- pkgs/os-specific/linux/systemd/default.nix | 183 +++++--- 22 files changed, 222 insertions(+), 888 deletions(-) delete mode 100644 pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch delete mode 100644 pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch diff --git a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch index ac95dc745fe19..404b0d2ee6f30 100644 --- a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch +++ b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -1,7 +1,7 @@ -From d4ea219a35a09fe02bc9e47e8530644cb4fc4146 Mon Sep 17 00:00:00 2001 +From 8622539fe2ce67934ed2e60626a2303ef8191e40 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Tue, 8 Jan 2013 15:46:30 +0100 -Subject: [PATCH 01/21] Start device units for uninitialised encrypted devices +Subject: [PATCH 01/19] Start device units for uninitialised encrypted devices This is necessary because the NixOS service that initialises the filesystem depends on the appearance of the device unit. Also, this @@ -28,5 +28,5 @@ index 25b8a590a6..d18999ea87 100644 SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}!="crypto_LUKS", SYMLINK+="gpt-auto-root" SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}=="crypto_LUKS", SYMLINK+="gpt-auto-root-luks" -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch index dd351c0010063..d37ace3250c23 100644 --- a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch +++ b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -1,7 +1,7 @@ -From 67abd8f22f70d9348bc9d8e0e93dde4d325627ba Mon Sep 17 00:00:00 2001 +From a845786195182c376b72a85433e278c35243676d Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 12 Apr 2013 13:16:57 +0200 -Subject: [PATCH 02/21] Don't try to unmount /nix or /nix/store +Subject: [PATCH 02/19] Don't try to unmount /nix or /nix/store They'll still be remounted read-only. @@ -25,10 +25,10 @@ index f683f05981..5a04c2c2a6 100644 "/etc")) return true; diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c -index c2a26242c0..9936398f32 100644 +index f5a2cb20c1..51608d24c0 100644 --- a/src/shutdown/umount.c +++ b/src/shutdown/umount.c -@@ -496,6 +496,8 @@ static int delete_md(MountPoint *m) { +@@ -502,6 +502,8 @@ static int delete_md(MountPoint *m) { static bool nonunmountable_path(const char *path) { return path_equal(path, "/") @@ -38,5 +38,5 @@ index c2a26242c0..9936398f32 100644 || path_equal(path, "/usr") #endif -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch index 2dd3d87f6ed27..56c6238b81f26 100644 --- a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch +++ b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch @@ -1,7 +1,7 @@ -From 37c9471f59bd57223014a4a645b5f96a71d78787 Mon Sep 17 00:00:00 2001 +From d33f3461fa2202ef9b0d6cdf2137c510c59fb052 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 16 Apr 2014 10:59:28 +0200 -Subject: [PATCH 03/21] Fix NixOS containers +Subject: [PATCH 03/19] Fix NixOS containers In NixOS containers, the init script is bind-mounted into the container, so checking early whether it exists will fail. @@ -10,10 +10,10 @@ container, so checking early whether it exists will fail. 1 file changed, 2 insertions(+) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 575b9da447..438ca294db 100644 +index 8f17ab8810..197e5aa252 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -5590,6 +5590,7 @@ static int run(int argc, char *argv[]) { +@@ -5625,6 +5625,7 @@ static int run(int argc, char *argv[]) { goto finish; } } else { @@ -21,7 +21,7 @@ index 575b9da447..438ca294db 100644 const char *p, *q; if (arg_pivot_root_new) -@@ -5604,6 +5605,7 @@ static int run(int argc, char *argv[]) { +@@ -5639,6 +5640,7 @@ static int run(int argc, char *argv[]) { r = -EINVAL; goto finish; } @@ -30,5 +30,5 @@ index 575b9da447..438ca294db 100644 } else { -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch index 54d9ff93b43b8..36d0ee0cde24f 100644 --- a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch +++ b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch @@ -1,14 +1,14 @@ -From 987d6f94dac8e1a75615fd9ddcfb0eb1c2c4c349 Mon Sep 17 00:00:00 2001 +From 8fd5968163f3a1cb5f196d934756ba08ccaa5b1e Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 1 May 2014 14:10:10 +0200 -Subject: [PATCH 04/21] Look for fsck in the right place +Subject: [PATCH 04/19] Look for fsck in the right place --- src/fsck/fsck.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c -index cd7adfaeb9..68cebdd158 100644 +index 745d01ff50..dd4eef45c3 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c @@ -368,7 +368,7 @@ static int run(int argc, char *argv[]) { @@ -21,5 +21,5 @@ index cd7adfaeb9..68cebdd158 100644 cmdline[i++] = "-T"; -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch index ee878b410f048..6acac84a9d28b 100644 --- a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch +++ b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch @@ -1,7 +1,7 @@ -From da4f855044b2babe052ce303cca1de736cf952cd Mon Sep 17 00:00:00 2001 +From 90d1a90d3147e9c8db5caec8befabda270e755d4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 19 Dec 2014 14:46:17 +0100 -Subject: [PATCH 05/21] Add some NixOS-specific unit directories +Subject: [PATCH 05/19] Add some NixOS-specific unit directories Look in `/nix/var/nix/profiles/default/lib/systemd/{system,user}` for units provided by packages installed into the default profile via @@ -14,10 +14,10 @@ Also, remove /usr and /lib as these don't exist on NixOS. 2 files changed, 6 insertions(+), 19 deletions(-) diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c -index 05eb17d66c..1cd141d012 100644 +index 6fb8c40e7a..142ecdecec 100644 --- a/src/basic/path-lookup.c +++ b/src/basic/path-lookup.c -@@ -91,11 +91,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { +@@ -92,11 +92,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { } static const char* const user_data_unit_paths[] = { @@ -29,7 +29,7 @@ index 05eb17d66c..1cd141d012 100644 NULL }; -@@ -613,15 +609,13 @@ int lookup_paths_init( +@@ -614,15 +610,13 @@ int lookup_paths_init( persistent_config, SYSTEM_CONFIG_UNIT_DIR, "/etc/systemd/system", @@ -46,7 +46,7 @@ index 05eb17d66c..1cd141d012 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -637,14 +631,11 @@ int lookup_paths_init( +@@ -638,14 +632,11 @@ int lookup_paths_init( persistent_config, USER_CONFIG_UNIT_DIR, "/etc/systemd/user", @@ -62,7 +62,7 @@ index 05eb17d66c..1cd141d012 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -794,7 +785,6 @@ char **generator_binary_paths(UnitFileScope scope) { +@@ -795,7 +786,6 @@ char **generator_binary_paths(UnitFileScope scope) { case UNIT_FILE_SYSTEM: add = strv_new("/run/systemd/system-generators", "/etc/systemd/system-generators", @@ -70,7 +70,7 @@ index 05eb17d66c..1cd141d012 100644 SYSTEM_GENERATOR_DIR); break; -@@ -802,7 +792,6 @@ char **generator_binary_paths(UnitFileScope scope) { +@@ -803,7 +793,6 @@ char **generator_binary_paths(UnitFileScope scope) { case UNIT_FILE_USER: add = strv_new("/run/systemd/user-generators", "/etc/systemd/user-generators", @@ -78,7 +78,7 @@ index 05eb17d66c..1cd141d012 100644 USER_GENERATOR_DIR); break; -@@ -841,12 +830,10 @@ char **env_generator_binary_paths(bool is_system) { +@@ -842,12 +831,10 @@ char **env_generator_binary_paths(bool is_system) { if (is_system) add = strv_new("/run/systemd/system-environment-generators", "/etc/systemd/system-environment-generators", @@ -122,5 +122,5 @@ index fc0f8c34fa..162432e77f 100644 systemd_sleep_dir=${root_prefix}/lib/systemd/system-sleep -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch index 482eeacb0218f..438d841bb1c7a 100644 --- a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch +++ b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch @@ -1,7 +1,7 @@ -From c06abdb631527f56a626b739340d1b275349612c Mon Sep 17 00:00:00 2001 +From 213279752124dc4a57a4189df9b5b2e96feaa0b3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 11 May 2015 15:39:38 +0200 -Subject: [PATCH 06/21] Get rid of a useless message in user sessions +Subject: [PATCH 06/19] Get rid of a useless message in user sessions Namely lots of variants of @@ -13,10 +13,10 @@ in containers. 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/manager.c b/src/core/manager.c -index 34891a8754..b9b4789720 100644 +index 9368a1dfa1..5b0bdb1bc7 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -1375,7 +1375,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { +@@ -1408,7 +1408,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { if (!unit_is_bound_by_inactive(u, &culprit)) continue; @@ -27,5 +27,5 @@ index 34891a8754..b9b4789720 100644 /* If stopping a unit fails continuously we might enter a stop loop here, hence stop acting on the * service being unnecessary after a while. */ -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch index 22e4c74d08d74..a93488afbf92a 100644 --- a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch +++ b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch @@ -1,7 +1,7 @@ -From 207c69466cdd164c42ed1901deb06f57b12f4363 Mon Sep 17 00:00:00 2001 +From 14474d5e116609ce4fac60d779b08fa3eab840c3 Mon Sep 17 00:00:00 2001 From: Gabriel Ebner Date: Sun, 6 Dec 2015 14:26:36 +0100 -Subject: [PATCH 07/21] hostnamed, localed, timedated: disable methods that +Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that change system settings. --- @@ -11,10 +11,10 @@ Subject: [PATCH 07/21] hostnamed, localed, timedated: disable methods that 3 files changed, 25 insertions(+) diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c -index 36702f2fb0..669257ea2f 100644 +index b20a93ad81..6292fca4fc 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c -@@ -797,6 +797,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ +@@ -813,6 +813,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ if (r < 0) return r; @@ -24,7 +24,7 @@ index 36702f2fb0..669257ea2f 100644 name = empty_to_null(name); context_read_etc_hostname(c); -@@ -860,6 +863,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess +@@ -876,6 +879,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess if (r < 0) return r; @@ -104,5 +104,5 @@ index 66b454269d..0a8fe25d0f 100644 if (r < 0) return r; -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch index e5a0bf7d97fa6..e1bc44a148ea0 100644 --- a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch +++ b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch @@ -1,7 +1,7 @@ -From 3ca3855259c3015615983587063fa159cfa7e93c Mon Sep 17 00:00:00 2001 +From d668df39728c992ec0c691ef6e76664e7121f5bd Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Thu, 7 Jul 2016 02:47:13 +0300 -Subject: [PATCH 08/21] Fix hwdb paths +Subject: [PATCH 08/19] Fix hwdb paths Patch by vcunat. --- @@ -24,5 +24,5 @@ index 5ddc2211e6..ee621eec46 100644 + "/etc/udev/hwdb.bin\0" + -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch index 9e22ea719e35b..68d40980ab169 100644 --- a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch +++ b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch @@ -1,7 +1,7 @@ -From 717226ad0dc37ceb6c667c1f56396848978b6e83 Mon Sep 17 00:00:00 2001 +From dd59ce5f1bbdafb0b92f8aeacc68b000ec347a61 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Tue, 11 Oct 2016 13:12:08 +0300 -Subject: [PATCH 09/21] Change /usr/share/zoneinfo to /etc/zoneinfo +Subject: [PATCH 09/19] Change /usr/share/zoneinfo to /etc/zoneinfo NixOS uses this path. --- @@ -35,10 +35,10 @@ index e486474c44..5f373d0723 100644 Etc/UTC. The resulting link should lead to the corresponding binary diff --git a/src/basic/time-util.c b/src/basic/time-util.c -index 5d162e8ffe..1bec83e555 100644 +index b659d6905d..660b1c6fed 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c -@@ -1269,7 +1269,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { +@@ -1267,7 +1267,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { assert(ret); @@ -47,7 +47,7 @@ index 5d162e8ffe..1bec83e555 100644 if (!f) return -errno; -@@ -1308,7 +1308,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { +@@ -1306,7 +1306,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { _cleanup_strv_free_ char **zones = NULL; int r; @@ -56,7 +56,7 @@ index 5d162e8ffe..1bec83e555 100644 if (!f) return -errno; -@@ -1421,7 +1421,7 @@ int verify_timezone(const char *name, int log_level) { +@@ -1419,7 +1419,7 @@ int verify_timezone(const char *name, int log_level) { if (p - name >= PATH_MAX) return -ENAMETOOLONG; @@ -65,7 +65,7 @@ index 5d162e8ffe..1bec83e555 100644 fd = open(t, O_RDONLY|O_CLOEXEC); if (fd < 0) -@@ -1512,7 +1512,7 @@ int get_timezone(char **ret) { +@@ -1510,7 +1510,7 @@ int get_timezone(char **ret) { if (r < 0) return r; /* returns EINVAL if not a symlink */ @@ -75,10 +75,10 @@ index 5d162e8ffe..1bec83e555 100644 return -EINVAL; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c -index 2cb4f80d5d..ebeaeac52f 100644 +index d28a416e5d..c7c215731d 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c -@@ -491,7 +491,7 @@ static int process_timezone(void) { +@@ -494,7 +494,7 @@ static int process_timezone(void) { if (isempty(arg_timezone)) return 0; @@ -88,10 +88,10 @@ index 2cb4f80d5d..ebeaeac52f 100644 (void) mkdir_parents(etc_localtime, 0755); if (symlink(e, etc_localtime) < 0) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 438ca294db..98bd110d92 100644 +index 197e5aa252..c674fa61d5 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -1887,8 +1887,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid +@@ -1899,8 +1899,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid static const char *timezone_from_path(const char *path) { return PATH_STARTSWITH_SET( path, @@ -137,5 +137,5 @@ index 0a8fe25d0f..2f02b9a520 100644 return -ENOMEM; -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch index ce0ad7e4ddc30..f2514de6c6629 100644 --- a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch +++ b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch @@ -1,7 +1,7 @@ -From 75d12cf65073458f091899d673c613dfc43f60c0 Mon Sep 17 00:00:00 2001 +From a93da270bed88972f4d60a1fa08f24e00712d7fb Mon Sep 17 00:00:00 2001 From: Imuli Date: Wed, 19 Oct 2016 08:46:47 -0400 -Subject: [PATCH 10/21] localectl: use /etc/X11/xkb for list-x11-* +Subject: [PATCH 10/19] localectl: use /etc/X11/xkb for list-x11-* NixOS has an option to link the xkb data files to /etc/X11, but not to /usr/share/X11. @@ -10,10 +10,10 @@ NixOS has an option to link the xkb data files to /etc/X11, but not to 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/locale/localectl.c b/src/locale/localectl.c -index 548ac8eb2c..5e372f1566 100644 +index b5624209dc..4ab7adfdb6 100644 --- a/src/locale/localectl.c +++ b/src/locale/localectl.c -@@ -280,7 +280,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { +@@ -279,7 +279,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { } state = NONE, look_for; int r; @@ -23,5 +23,5 @@ index 548ac8eb2c..5e372f1566 100644 return log_error_errno(errno, "Failed to open keyboard mapping list. %m"); -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch index a03c5a14ad898..c21a1bda41226 100644 --- a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch +++ b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch @@ -1,19 +1,19 @@ -From bce75eb4cdeb0b86df6b0a577e886c49a88303f6 Mon Sep 17 00:00:00 2001 +From 3bc3462165cd72de93a1c71f03e6c4150726b159 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Sun, 11 Feb 2018 04:37:44 +0100 -Subject: [PATCH 11/21] build: don't create statedir and don't touch prefixdir +Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir --- meson.build | 3 --- 1 file changed, 3 deletions(-) diff --git a/meson.build b/meson.build -index b5a51b6d0d..99b071542c 100644 +index c0cbadecb1..8266bf57de 100644 --- a/meson.build +++ b/meson.build -@@ -3540,9 +3540,6 @@ install_data('LICENSE.GPL2', - 'docs/GVARIANT-SERIALIZATION.md', - install_dir : docdir) +@@ -3729,9 +3729,6 @@ install_data('LICENSE.GPL2', + install_subdir('LICENSES', + install_dir : docdir) -meson.add_install_script('sh', '-c', mkdir_p.format(systemdstatedir)) -meson.add_install_script('sh', '-c', 'touch $DESTDIR@0@'.format(prefixdir)) @@ -22,5 +22,5 @@ index b5a51b6d0d..99b071542c 100644 # Ensure that changes to the docs/ directory do not break the -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch index 0576f7a62f2c9..5f27e41752328 100644 --- a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch +++ b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch @@ -1,7 +1,7 @@ -From ecdf0c5d9f88f526521f093cc9ee85f43efab4b7 Mon Sep 17 00:00:00 2001 +From 85f0ad0cb7b4f0cfd482c9611f9cbc2dacbba33a Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Fri, 2 Nov 2018 21:15:42 +0100 -Subject: [PATCH 12/21] inherit systemd environment when calling generators. +Subject: [PATCH 12/19] inherit systemd environment when calling generators. Systemd generators need access to the environment configured in stage-2-init.sh since it schedules fsck and mkfs executions based on @@ -16,10 +16,10 @@ executables that are being called from managers. 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/core/manager.c b/src/core/manager.c -index b9b4789720..79239afe4a 100644 +index 5b0bdb1bc7..1538a5200a 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -4149,10 +4149,15 @@ static int manager_run_generators(Manager *m) { +@@ -3653,10 +3653,15 @@ static int manager_run_generators(Manager *m) { argv[4] = NULL; RUN_WITH_UMASK(0022) @@ -40,5 +40,5 @@ index b9b4789720..79239afe4a 100644 finish: -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch index a424cf1061cc0..d008cf2821c7a 100644 --- a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch +++ b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch @@ -1,7 +1,7 @@ -From 39969a1b01d6c223a21c770093209b7f4047aaa4 Mon Sep 17 00:00:00 2001 +From b30d2273d3ce1480b0c4c27c25211f84e04172e9 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Thu, 9 May 2019 11:15:22 +0200 -Subject: [PATCH 13/21] add rootprefix to lookup dir paths +Subject: [PATCH 13/19] add rootprefix to lookup dir paths systemd does not longer use the UDEVLIBEXEC directory as root for discovery default udev rules. By adding `$out/lib` to the lookup paths @@ -12,7 +12,7 @@ files that I might have missed. 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/basic/def.h b/src/basic/def.h -index 2e60abb4f1..732ec51d36 100644 +index eccee3d3fa..e94a2c8bd0 100644 --- a/src/basic/def.h +++ b/src/basic/def.h @@ -39,13 +39,15 @@ @@ -34,5 +34,5 @@ index 2e60abb4f1..732ec51d36 100644 #define CONF_PATHS(n) \ CONF_PATHS_USR(n) \ -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch index 5610d4d3ecc61..49c6651c0edff 100644 --- a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch +++ b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch @@ -1,7 +1,7 @@ -From e7c960789b0ca97b24a66e9eeaa56ea645d9c66b Mon Sep 17 00:00:00 2001 +From 76da27ff77e5db07e502d4d8d26286d69c3f0319 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Thu, 25 Jul 2019 20:45:55 +0300 -Subject: [PATCH 14/21] systemd-shutdown: execute scripts in +Subject: [PATCH 14/19] systemd-shutdown: execute scripts in /etc/systemd/system-shutdown This is needed for NixOS to use such scripts as systemd directory is immutable. @@ -10,12 +10,12 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shutdown/shutdown.c b/src/shutdown/shutdown.c -index a98cfc4d8a..b0b34edda7 100644 +index 7ad9930677..fdb03a2e1a 100644 --- a/src/shutdown/shutdown.c +++ b/src/shutdown/shutdown.c -@@ -312,7 +312,7 @@ int main(int argc, char *argv[]) { +@@ -335,7 +335,7 @@ int main(int argc, char *argv[]) { _cleanup_free_ char *cgroup = NULL; - char *arguments[3], *watchdog_device; + char *arguments[3]; int cmd, r, umount_log_level = LOG_INFO; - static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, NULL}; + static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, "/etc/systemd/system-shutdown", NULL}; @@ -23,5 +23,5 @@ index a98cfc4d8a..b0b34edda7 100644 /* The log target defaults to console, but the original systemd process will pass its log target in through a * command line argument, which will override this default. Also, ensure we'll never log to the journal or -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch index 11848a623a327..78d77c0058229 100644 --- a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch +++ b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch @@ -1,7 +1,7 @@ -From 6124720aa2b9dbc07f2fb898f0db150a44a86041 Mon Sep 17 00:00:00 2001 +From 47c651f97acae814d4ff679ae04d78d4532cbca6 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov Date: Thu, 25 Jul 2019 20:46:58 +0300 -Subject: [PATCH 15/21] systemd-sleep: execute scripts in +Subject: [PATCH 15/19] systemd-sleep: execute scripts in /etc/systemd/system-sleep This is needed for NixOS to use such scripts as systemd directory is immutable. @@ -10,7 +10,7 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+) diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c -index a3aeb24633..0ed6a34d79 100644 +index 7064f3a905..b60ced9d9b 100644 --- a/src/sleep/sleep.c +++ b/src/sleep/sleep.c @@ -182,6 +182,7 @@ static int execute( @@ -22,5 +22,5 @@ index a3aeb24633..0ed6a34d79 100644 }; -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch index 156195d9a9009..3c1643e0f1ab8 100644 --- a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch +++ b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch @@ -1,7 +1,7 @@ -From bee1d855d4fb7f2d6f6b9beb1dfd14b1dea31887 Mon Sep 17 00:00:00 2001 +From df0fec7ac2f33bcca60ba9a2396af33397ba42cc Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Sat, 7 Mar 2020 22:40:27 +0100 -Subject: [PATCH 16/21] kmod-static-nodes.service: Update ConditionFileNotEmpty +Subject: [PATCH 16/19] kmod-static-nodes.service: Update ConditionFileNotEmpty On NixOS, kernel modules of the currently booted systems are located at /run/booted-system/kernel-modules/lib/modules/%v/, not /lib/modules/%v/. @@ -23,5 +23,5 @@ index 777e82d16b..b6abc2bba0 100644 [Service] Type=oneshot -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch index 1f21b628e9236..882690ad9140f 100644 --- a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch +++ b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch @@ -1,7 +1,7 @@ -From 62198599bbc559eeb8e2a3caebce7b9135085270 Mon Sep 17 00:00:00 2001 +From f21722ac0f51b0b59a5c030af3db5fe4e6397f7c Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Sun, 8 Mar 2020 01:05:54 +0100 -Subject: [PATCH 17/21] path-util.h: add placeholder for DEFAULT_PATH_NORMAL +Subject: [PATCH 17/19] path-util.h: add placeholder for DEFAULT_PATH_NORMAL This will be the $PATH used to lookup ExecStart= etc. options, which systemd itself uses extensively. @@ -10,7 +10,7 @@ systemd itself uses extensively. 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/basic/path-util.h b/src/basic/path-util.h -index 26e7362d1f..a8f8a863ec 100644 +index 518f3340bf..18e826ea0b 100644 --- a/src/basic/path-util.h +++ b/src/basic/path-util.h @@ -24,11 +24,11 @@ @@ -29,5 +29,5 @@ index 26e7362d1f..a8f8a863ec 100644 #if HAVE_SPLIT_USR # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch index 344b8b3952ff6..e602bef9c3d7f 100644 --- a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch +++ b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch @@ -1,7 +1,7 @@ -From 7654964344ba083529cb232ab229db7c0888f782 Mon Sep 17 00:00:00 2001 +From 968bd0c7bc058a4b05b6457f9ff20d02b70c9852 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 6 Dec 2020 08:34:19 +0100 -Subject: [PATCH 18/21] pkg-config: derive prefix from --prefix +Subject: [PATCH 18/19] pkg-config: derive prefix from --prefix Point prefix to the one configured, instead of `/usr` `systemd` has limited support for making the pkgconfig prefix overridable, and interpolates those @@ -29,5 +29,5 @@ index 162432e77f..2fc20daf03 100644 rootprefix=${root_prefix} sysconf_dir={{SYSCONF_DIR}} -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch index 4f950650d3206..916f95e194ac6 100644 --- a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch +++ b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch @@ -1,7 +1,7 @@ -From 4e9b4aa87d299be08cffc77a86d6f473a7a4109a Mon Sep 17 00:00:00 2001 +From 169fc6f270ff3e3903a7a31550c964152f9751ec Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Wed, 18 Aug 2021 19:10:08 +0200 -Subject: [PATCH 19/21] core: handle lookup paths being symlinks +Subject: [PATCH 19/19] core: handle lookup paths being symlinks With a recent change paths leaving the statically known lookup paths would be treated differently then those that remained within those. That @@ -15,10 +15,10 @@ directory itself is already a symlink. 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/src/basic/unit-file.c b/src/basic/unit-file.c -index 0d58b1c4fe..7314f1245f 100644 +index 30c632dfce..6179100126 100644 --- a/src/basic/unit-file.c +++ b/src/basic/unit-file.c -@@ -254,6 +254,7 @@ int unit_file_build_name_map( +@@ -255,6 +255,7 @@ int unit_file_build_name_map( _cleanup_hashmap_free_ Hashmap *ids = NULL, *names = NULL; _cleanup_set_free_free_ Set *paths = NULL; @@ -26,7 +26,7 @@ index 0d58b1c4fe..7314f1245f 100644 uint64_t timestamp_hash; char **dir; int r; -@@ -273,6 +274,34 @@ int unit_file_build_name_map( +@@ -274,6 +275,34 @@ int unit_file_build_name_map( return log_oom(); } @@ -59,9 +59,9 @@ index 0d58b1c4fe..7314f1245f 100644 + } + STRV_FOREACH(dir, (char**) lp->search_path) { - struct dirent *de; _cleanup_closedir_ DIR *d = NULL; -@@ -351,11 +380,11 @@ int unit_file_build_name_map( + +@@ -386,11 +415,11 @@ int unit_file_build_name_map( continue; } @@ -76,5 +76,5 @@ index 0d58b1c4fe..7314f1245f 100644 log_debug("%s: linked unit file: %s → %s", __func__, filename, simplified); -- -2.33.0 +2.34.0 diff --git a/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch b/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch deleted file mode 100644 index 5c82cdbd6fab3..0000000000000 --- a/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch +++ /dev/null @@ -1,401 +0,0 @@ -From 3cf1b5fb6d1dc342e836cf0990df3170d2e9db49 Mon Sep 17 00:00:00 2001 -From: Jan Janssen -Date: Wed, 11 Aug 2021 14:59:46 +0200 -Subject: [PATCH 20/21] sd-boot: Unify error handling - -log_error_stall() and log_error_status_stall() will ensure the user has -a chance to catch an error message by stalling and also forcing a -lightred/black color on it. Also, convert several Print() calls to it -since they are actually error messages. - -(cherry picked from commit 8aba0eec499b762657f528988c2f093ac490620d) ---- - src/boot/efi/boot.c | 62 ++++++++++---------------------- - src/boot/efi/random-seed.c | 73 +++++++++++++------------------------- - src/boot/efi/stub.c | 24 ++++--------- - src/boot/efi/util.c | 17 +++++++-- - src/boot/efi/util.h | 9 +++++ - 5 files changed, 75 insertions(+), 110 deletions(-) - -diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c -index 13940a6df7..54d704f0d1 100644 ---- a/src/boot/efi/boot.c -+++ b/src/boot/efi/boot.c -@@ -527,7 +527,7 @@ static BOOLEAN menu_run( - err = console_set_mode(&config->console_mode, config->console_mode_change); - if (EFI_ERROR(err)) { - uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); -- Print(L"Error switching console mode to %ld: %r.\r", (UINT64)config->console_mode, err); -+ log_error_stall(L"Error switching console mode to %lu: %r", (UINT64)config->console_mode, err); - } - } else - uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); -@@ -1221,8 +1221,7 @@ static VOID config_entry_bump_counters( - break; - - if (r != EFI_BUFFER_TOO_SMALL || file_info_size * 2 < file_info_size) { -- Print(L"\nFailed to get file info for '%s': %r\n", old_path, r); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Failed to get file info for '%s': %r", old_path, r); - return; - } - -@@ -1234,8 +1233,7 @@ static VOID config_entry_bump_counters( - StrCpy(file_info->FileName, entry->next_name); - r = uefi_call_wrapper(handle->SetInfo, 4, handle, &EfiFileInfoGuid, file_info_size, file_info); - if (EFI_ERROR(r)) { -- Print(L"\nFailed to rename '%s' to '%s', ignoring: %r\n", old_path, entry->next_name, r); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Failed to rename '%s' to '%s', ignoring: %r", old_path, entry->next_name, r); - return; - } - -@@ -2165,18 +2163,12 @@ static EFI_STATUS image_start( - EFI_STATUS err; - - path = FileDevicePath(entry->device, entry->loader); -- if (!path) { -- Print(L"Error getting device path."); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return EFI_INVALID_PARAMETER; -- } -+ if (!path) -+ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Error getting device path."); - - err = uefi_call_wrapper(BS->LoadImage, 6, FALSE, parent_image, path, NULL, 0, &image); -- if (EFI_ERROR(err)) { -- Print(L"Error loading %s: %r", entry->loader, err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error loading %s: %r", entry->loader, err); - - if (config->options_edit) - options = config->options_edit; -@@ -2190,8 +2182,7 @@ static EFI_STATUS image_start( - err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, - parent_image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); - if (EFI_ERROR(err)) { -- Print(L"Error getting LoadedImageProtocol handle: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Error getting LoadedImageProtocol handle: %r", err); - goto out_unload; - } - loaded_image->LoadOptions = options; -@@ -2202,10 +2193,8 @@ static EFI_STATUS image_start( - err = tpm_log_event(SD_TPM_PCR, - (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->LoadOptions, - loaded_image->LoadOptionsSize, loaded_image->LoadOptions); -- if (EFI_ERROR(err)) { -- Print(L"Unable to add image options measurement: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 200 * 1000); -- } -+ if (EFI_ERROR(err)) -+ log_error_stall(L"Unable to add image options measurement: %r", err); - #endif - } - -@@ -2231,9 +2220,7 @@ static EFI_STATUS reboot_into_firmware(VOID) { - return err; - - err = uefi_call_wrapper(RT->ResetSystem, 4, EfiResetCold, EFI_SUCCESS, 0, NULL); -- Print(L"Error calling ResetSystem: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -+ return log_error_status_stall(err, L"Error calling ResetSystem: %r", err); - } - - static VOID config_free(Config *config) { -@@ -2305,30 +2292,21 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - - err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, - image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); -- if (EFI_ERROR(err)) { -- Print(L"Error getting a LoadedImageProtocol handle: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err); - - /* export the device path this image is started from */ - if (disk_get_part_uuid(loaded_image->DeviceHandle, uuid) == EFI_SUCCESS) - efivar_set(LOADER_GUID, L"LoaderDevicePartUUID", uuid, 0); - - root_dir = LibOpenRoot(loaded_image->DeviceHandle); -- if (!root_dir) { -- Print(L"Unable to open root directory."); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return EFI_LOAD_ERROR; -- } -+ if (!root_dir) -+ return log_error_status_stall(EFI_LOAD_ERROR, L"Unable to open root directory.", EFI_LOAD_ERROR); - - if (secure_boot_enabled() && shim_loaded()) { - err = security_policy_install(); -- if (EFI_ERROR(err)) { -- Print(L"Error installing security policy: %r ", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error installing security policy: %r", err); - } - - /* the filesystem path to this image, to prevent adding ourselves to the menu */ -@@ -2367,8 +2345,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - } - - if (config.entry_count == 0) { -- Print(L"No loader found. Configuration files in \\loader\\entries\\*.conf are needed."); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"No loader found. Configuration files in \\loader\\entries\\*.conf are needed."); - goto out; - } - -@@ -2440,8 +2417,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - err = image_start(image, &config, entry); - if (EFI_ERROR(err)) { - graphics_mode(FALSE); -- Print(L"\nFailed to execute %s (%s): %r\n", entry->title, entry->loader, err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Failed to execute %s (%s): %r", entry->title, entry->loader, err); - goto out; - } - -diff --git a/src/boot/efi/random-seed.c b/src/boot/efi/random-seed.c -index 3e179851b0..939daf3e41 100644 ---- a/src/boot/efi/random-seed.c -+++ b/src/boot/efi/random-seed.c -@@ -35,10 +35,8 @@ static EFI_STATUS acquire_rng(UINTN size, VOID **ret) { - return log_oom(); - - err = uefi_call_wrapper(rng->GetRNG, 3, rng, NULL, size, data); -- if (EFI_ERROR(err)) { -- Print(L"Failed to acquire RNG data: %r\n", err); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to acquire RNG data: %r", err); - - *ret = TAKE_PTR(data); - return EFI_SUCCESS; -@@ -149,14 +147,12 @@ static EFI_STATUS acquire_system_token(VOID **ret, UINTN *ret_size) { - err = efivar_get_raw(LOADER_GUID, L"LoaderSystemToken", &data, &size); - if (EFI_ERROR(err)) { - if (err != EFI_NOT_FOUND) -- Print(L"Failed to read LoaderSystemToken EFI variable: %r", err); -+ log_error_stall(L"Failed to read LoaderSystemToken EFI variable: %r", err); - return err; - } - -- if (size <= 0) { -- Print(L"System token too short, ignoring."); -- return EFI_NOT_FOUND; -- } -+ if (size <= 0) -+ return log_error_status_stall(EFI_NOT_FOUND, L"System token too short, ignoring."); - - *ret = TAKE_PTR(data); - *ret_size = size; -@@ -209,8 +205,7 @@ static VOID validate_sha256(void) { - sha256_finish_ctx(&hash, result); - - if (CompareMem(result, array[i].hash, HASH_VALUE_SIZE) != 0) { -- Print(L"SHA256 failed validation.\n"); -- uefi_call_wrapper(BS->Stall, 1, 120 * 1000 * 1000); -+ log_error_stall(L"SHA256 failed validation."); - return; - } - } -@@ -246,7 +241,7 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - err = uefi_call_wrapper(root_dir->Open, 5, root_dir, &handle, (CHAR16*) L"\\loader\\random-seed", EFI_FILE_MODE_READ|EFI_FILE_MODE_WRITE, 0ULL); - if (EFI_ERROR(err)) { - if (err != EFI_NOT_FOUND && err != EFI_WRITE_PROTECTED) -- Print(L"Failed to open random seed file: %r\n", err); -+ log_error_stall(L"Failed to open random seed file: %r", err); - return err; - } - -@@ -255,15 +250,11 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - return log_oom(); - - size = info->FileSize; -- if (size < RANDOM_MAX_SIZE_MIN) { -- Print(L"Random seed file is too short?\n"); -- return EFI_INVALID_PARAMETER; -- } -+ if (size < RANDOM_MAX_SIZE_MIN) -+ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Random seed file is too short."); - -- if (size > RANDOM_MAX_SIZE_MAX) { -- Print(L"Random seed file is too large?\n"); -- return EFI_INVALID_PARAMETER; -- } -+ if (size > RANDOM_MAX_SIZE_MAX) -+ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Random seed file is too large."); - - seed = AllocatePool(size); - if (!seed) -@@ -271,20 +262,14 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - - rsize = size; - err = uefi_call_wrapper(handle->Read, 3, handle, &rsize, seed); -- if (EFI_ERROR(err)) { -- Print(L"Failed to read random seed file: %r\n", err); -- return err; -- } -- if (rsize != size) { -- Print(L"Short read on random seed file\n"); -- return EFI_PROTOCOL_ERROR; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to read random seed file: %r", err); -+ if (rsize != size) -+ return log_error_status_stall(EFI_PROTOCOL_ERROR, L"Short read on random seed file."); - - err = uefi_call_wrapper(handle->SetPosition, 2, handle, 0); -- if (EFI_ERROR(err)) { -- Print(L"Failed to seek to beginning of random seed file: %r\n", err); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to seek to beginning of random seed file: %r", err); - - /* Request some random data from the UEFI RNG. We don't need this to work safely, but it's a good - * idea to use it because it helps us for cases where users mistakenly include a random seed in -@@ -299,27 +284,19 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - /* Update the random seed on disk before we use it */ - wsize = size; - err = uefi_call_wrapper(handle->Write, 3, handle, &wsize, new_seed); -- if (EFI_ERROR(err)) { -- Print(L"Failed to write random seed file: %r\n", err); -- return err; -- } -- if (wsize != size) { -- Print(L"Short write on random seed file\n"); -- return EFI_PROTOCOL_ERROR; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to write random seed file: %r", err); -+ if (wsize != size) -+ return log_error_status_stall(EFI_PROTOCOL_ERROR, L"Short write on random seed file."); - - err = uefi_call_wrapper(handle->Flush, 1, handle); -- if (EFI_ERROR(err)) { -- Print(L"Failed to flush random seed file: %r\n"); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to flush random seed file: %r", err); - - /* We are good to go */ - err = efivar_set_raw(LOADER_GUID, L"LoaderRandomSeed", for_kernel, size, 0); -- if (EFI_ERROR(err)) { -- Print(L"Failed to write random seed to EFI variable: %r\n", err); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to write random seed to EFI variable: %r", err); - - return EFI_SUCCESS; - } -diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c -index 082fe91c9e..82da1d3ec4 100644 ---- a/src/boot/efi/stub.c -+++ b/src/boot/efi/stub.c -@@ -36,18 +36,12 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - - err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, - image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); -- if (EFI_ERROR(err)) { -- Print(L"Error getting a LoadedImageProtocol handle: %r ", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err); - - err = pe_memory_locate_sections(loaded_image->ImageBase, sections, addrs, offs, szs); -- if (EFI_ERROR(err)) { -- Print(L"Unable to locate embedded .linux section: %r ", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Unable to locate embedded .linux section: %r", err); - - if (szs[0] > 0) - cmdline = (CHAR8 *)(loaded_image->ImageBase) + addrs[0]; -@@ -72,10 +66,8 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - err = tpm_log_event(SD_TPM_PCR, - (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->LoadOptions, - loaded_image->LoadOptionsSize, loaded_image->LoadOptions); -- if (EFI_ERROR(err)) { -- Print(L"Unable to add image options measurement: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 200 * 1000); -- } -+ if (EFI_ERROR(err)) -+ log_error_stall(L"Unable to add image options measurement: %r", err); - #endif - } - -@@ -126,7 +118,5 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - (UINTN)loaded_image->ImageBase + addrs[2], szs[2]); - - graphics_mode(FALSE); -- Print(L"Execution of embedded linux image failed: %r\n", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -+ return log_error_status_stall(err, L"Execution of embedded linux image failed: %r", err); - } -diff --git a/src/boot/efi/util.c b/src/boot/efi/util.c -index 6f4e5933d3..aee076060b 100644 ---- a/src/boot/efi/util.c -+++ b/src/boot/efi/util.c -@@ -411,8 +411,21 @@ EFI_STATUS file_read(EFI_FILE_HANDLE dir, const CHAR16 *name, UINTN off, UINTN s - return err; - } - -+VOID log_error_stall(const CHAR16 *fmt, ...) { -+ va_list args; -+ -+ uefi_call_wrapper(ST->ConOut->SetAttribute, 2, ST->ConOut, EFI_LIGHTRED|EFI_BACKGROUND_BLACK); -+ -+ Print(L"\n"); -+ va_start(args, fmt); -+ VPrint(fmt, args); -+ va_end(args); -+ Print(L"\n"); -+ -+ uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+} -+ - EFI_STATUS log_oom(void) { -- Print(L"Out of memory."); -- (void) uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Out of memory."); - return EFI_OUT_OF_RESOURCES; - } -diff --git a/src/boot/efi/util.h b/src/boot/efi/util.h -index 1a42b01033..d3bf848a95 100644 ---- a/src/boot/efi/util.h -+++ b/src/boot/efi/util.h -@@ -74,4 +74,13 @@ static inline void FileHandleClosep(EFI_FILE_HANDLE *handle) { - #define UINT64_MAX ((UINT64) -1) - #endif - -+VOID log_error_stall(const CHAR16 *fmt, ...); - EFI_STATUS log_oom(void); -+ -+/* This works just like log_error_errno() from userspace, but requires you -+ * to provide err a second time if you want to use %r in the message! */ -+#define log_error_status_stall(err, fmt, ...) \ -+ ({ \ -+ log_error_stall(fmt, ##__VA_ARGS__); \ -+ err; \ -+ }) --- -2.33.0 - diff --git a/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch b/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch deleted file mode 100644 index 7cdc2491fa33e..0000000000000 --- a/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch +++ /dev/null @@ -1,320 +0,0 @@ -From 2d9fcfcfa38667ada306e095599944f941576e53 Mon Sep 17 00:00:00 2001 -From: Jan Janssen -Date: Wed, 11 Aug 2021 14:59:46 +0200 -Subject: [PATCH 21/21] sd-boot: Rework console input handling - -Fixes: #15847 -Probably fixes: #19191 - -(cherry picked from commit e98d271e57f3d0356e444b6ea2d48836ee2769b0) ---- - src/boot/efi/boot.c | 55 +++++++--------------- - src/boot/efi/console.c | 102 +++++++++++++++++++++++++++++------------ - src/boot/efi/console.h | 2 +- - 3 files changed, 91 insertions(+), 68 deletions(-) - -diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c -index 54d704f0d1..b4f3b9605a 100644 ---- a/src/boot/efi/boot.c -+++ b/src/boot/efi/boot.c -@@ -134,7 +134,7 @@ static BOOLEAN line_edit( - uefi_call_wrapper(ST->ConOut->OutputString, 2, ST->ConOut, print); - uefi_call_wrapper(ST->ConOut->SetCursorPosition, 3, ST->ConOut, cursor, y_pos); - -- err = console_key_read(&key, TRUE); -+ err = console_key_read(&key, 0); - if (EFI_ERROR(err)) - continue; - -@@ -387,7 +387,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { - Print(L"OsIndicationsSupported: %d\n", indvar); - - Print(L"\n--- press key ---\n\n"); -- console_key_read(&key, TRUE); -+ console_key_read(&key, 0); - - Print(L"timeout: %u\n", config->timeout_sec); - if (config->timeout_sec_efivar >= 0) -@@ -432,7 +432,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { - Print(L"LoaderEntryDefault: %s\n", defaultstr); - - Print(L"\n--- press key ---\n\n"); -- console_key_read(&key, TRUE); -+ console_key_read(&key, 0); - - for (UINTN i = 0; i < config->entry_count; i++) { - ConfigEntry *entry; -@@ -482,7 +482,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { - entry->path, entry->next_name); - - Print(L"\n--- press key ---\n\n"); -- console_key_read(&key, TRUE); -+ console_key_read(&key, 0); - } - - uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); -@@ -509,11 +509,10 @@ static BOOLEAN menu_run( - UINTN y_max; - CHAR16 *status; - CHAR16 *clearline; -- INTN timeout_remain; -+ UINTN timeout_remain = config->timeout_sec; - INT16 idx; - BOOLEAN exit = FALSE; - BOOLEAN run = TRUE; -- BOOLEAN wait = FALSE; - - graphics_mode(FALSE); - uefi_call_wrapper(ST->ConIn->Reset, 2, ST->ConIn, FALSE); -@@ -538,12 +537,6 @@ static BOOLEAN menu_run( - y_max = 25; - } - -- /* we check 10 times per second for a keystroke */ -- if (config->timeout_sec > 0) -- timeout_remain = config->timeout_sec * 10; -- else -- timeout_remain = -1; -- - idx_highlight = config->idx_default; - idx_highlight_prev = 0; - -@@ -643,7 +636,7 @@ static BOOLEAN menu_run( - - if (timeout_remain > 0) { - FreePool(status); -- status = PoolPrint(L"Boot in %d sec.", (timeout_remain + 5) / 10); -+ status = PoolPrint(L"Boot in %d s.", timeout_remain); - } - - /* print status at last line of screen */ -@@ -664,27 +657,18 @@ static BOOLEAN menu_run( - uefi_call_wrapper(ST->ConOut->OutputString, 2, ST->ConOut, clearline+1 + x + len); - } - -- err = console_key_read(&key, wait); -- if (EFI_ERROR(err)) { -- /* timeout reached */ -+ err = console_key_read(&key, timeout_remain > 0 ? 1000 * 1000 : 0); -+ if (err == EFI_TIMEOUT) { -+ timeout_remain--; - if (timeout_remain == 0) { - exit = TRUE; - break; - } - -- /* sleep and update status */ -- if (timeout_remain > 0) { -- uefi_call_wrapper(BS->Stall, 1, 100 * 1000); -- timeout_remain--; -- continue; -- } -- -- /* timeout disabled, wait for next key */ -- wait = TRUE; -+ /* update status */ - continue; -- } -- -- timeout_remain = -1; -+ } else -+ timeout_remain = 0; - - /* clear status after keystroke */ - if (status) { -@@ -787,7 +771,7 @@ static BOOLEAN menu_run( - config->timeout_sec_efivar, - EFI_VARIABLE_NON_VOLATILE); - if (config->timeout_sec_efivar > 0) -- status = PoolPrint(L"Menu timeout set to %d sec.", config->timeout_sec_efivar); -+ status = PoolPrint(L"Menu timeout set to %d s.", config->timeout_sec_efivar); - else - status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); - } else if (config->timeout_sec_efivar <= 0){ -@@ -795,7 +779,7 @@ static BOOLEAN menu_run( - efivar_set( - LOADER_GUID, L"LoaderConfigTimeout", NULL, EFI_VARIABLE_NON_VOLATILE); - if (config->timeout_sec_config > 0) -- status = PoolPrint(L"Menu timeout of %d sec is defined by configuration file.", -+ status = PoolPrint(L"Menu timeout of %d s is defined by configuration file.", - config->timeout_sec_config); - else - status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); -@@ -813,7 +797,7 @@ static BOOLEAN menu_run( - config->timeout_sec_efivar, - EFI_VARIABLE_NON_VOLATILE); - if (config->timeout_sec_efivar > 0) -- status = PoolPrint(L"Menu timeout set to %d sec.", -+ status = PoolPrint(L"Menu timeout set to %d s.", - config->timeout_sec_efivar); - else - status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); -@@ -2369,13 +2353,8 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - else { - UINT64 key; - -- err = console_key_read(&key, FALSE); -- -- if (err == EFI_NOT_READY) { -- uefi_call_wrapper(BS->Stall, 1, 100 * 1000); -- err = console_key_read(&key, FALSE); -- } -- -+ /* Block up to 100ms to give firmware time to get input working. */ -+ err = console_key_read(&key, 100 * 1000); - if (!EFI_ERROR(err)) { - INT16 idx; - -diff --git a/src/boot/efi/console.c b/src/boot/efi/console.c -index 83619d2147..369c549daf 100644 ---- a/src/boot/efi/console.c -+++ b/src/boot/efi/console.c -@@ -11,61 +11,105 @@ - - #define EFI_SIMPLE_TEXT_INPUT_EX_GUID &(EFI_GUID) EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL_GUID - --EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait) { -+static inline void EventClosep(EFI_EVENT *event) { -+ if (!*event) -+ return; -+ -+ uefi_call_wrapper(BS->CloseEvent, 1, *event); -+} -+ -+/* -+ * Reading input from the console sounds like an easy task to do, but thanks to broken -+ * firmware it is actually a nightmare. -+ * -+ * There is a ConIn and TextInputEx API for this. Ideally we want to use TextInputEx, -+ * because that gives us Ctrl/Alt/Shift key state information. Unfortunately, it is not -+ * always available and sometimes just non-functional. -+ * -+ * On the other hand we have ConIn, where some firmware likes to just freeze on us -+ * if we call ReadKeyStroke on it. -+ * -+ * Therefore, we use WaitForEvent on both ConIn and TextInputEx (if available) along -+ * with a timer event. The timer ensures there is no need to call into functions -+ * that might freeze on us, while still allowing us to show a timeout counter. -+ */ -+EFI_STATUS console_key_read(UINT64 *key, UINT64 timeout_usec) { - static EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *TextInputEx; - static BOOLEAN checked; - UINTN index; - EFI_INPUT_KEY k; - EFI_STATUS err; -+ _cleanup_(EventClosep) EFI_EVENT timer = NULL; -+ EFI_EVENT events[3] = { ST->ConIn->WaitForKey }; -+ UINTN n_events = 1; - - if (!checked) { - err = LibLocateProtocol(EFI_SIMPLE_TEXT_INPUT_EX_GUID, (VOID **)&TextInputEx); -- if (EFI_ERROR(err)) -+ if (EFI_ERROR(err) || -+ uefi_call_wrapper(BS->CheckEvent, 1, TextInputEx->WaitForKeyEx) == EFI_INVALID_PARAMETER) -+ /* If WaitForKeyEx fails here, the firmware pretends it talks this -+ * protocol, but it really doesn't. */ - TextInputEx = NULL; -+ else -+ events[n_events++] = TextInputEx->WaitForKeyEx; - - checked = TRUE; - } - -- /* wait until key is pressed */ -- if (wait) -- uefi_call_wrapper(BS->WaitForEvent, 3, 1, &ST->ConIn->WaitForKey, &index); -+ if (timeout_usec > 0) { -+ err = uefi_call_wrapper(BS->CreateEvent, 5, EVT_TIMER, 0, NULL, NULL, &timer); -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error creating timer event: %r", err); -+ -+ /* SetTimer expects 100ns units for some reason. */ -+ err = uefi_call_wrapper(BS->SetTimer, 3, timer, TimerRelative, timeout_usec * 10); -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error arming timer event: %r", err); - -- if (TextInputEx) { -+ events[n_events++] = timer; -+ } -+ -+ err = uefi_call_wrapper(BS->WaitForEvent, 3, n_events, events, &index); -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error waiting for events: %r", err); -+ -+ if (timeout_usec > 0 && timer == events[index]) -+ return EFI_TIMEOUT; -+ -+ /* TextInputEx might be ready too even if ConIn got to signal first. */ -+ if (TextInputEx && !EFI_ERROR(uefi_call_wrapper(BS->CheckEvent, 1, TextInputEx->WaitForKeyEx))) { - EFI_KEY_DATA keydata; - UINT64 keypress; -+ UINT32 shift = 0; - - err = uefi_call_wrapper(TextInputEx->ReadKeyStrokeEx, 2, TextInputEx, &keydata); -- if (!EFI_ERROR(err)) { -- UINT32 shift = 0; -- -- /* do not distinguish between left and right keys */ -- if (keydata.KeyState.KeyShiftState & EFI_SHIFT_STATE_VALID) { -- if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_CONTROL_PRESSED|EFI_LEFT_CONTROL_PRESSED)) -- shift |= EFI_CONTROL_PRESSED; -- if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_ALT_PRESSED|EFI_LEFT_ALT_PRESSED)) -- shift |= EFI_ALT_PRESSED; -- }; -- -- /* 32 bit modifier keys + 16 bit scan code + 16 bit unicode */ -- keypress = KEYPRESS(shift, keydata.Key.ScanCode, keydata.Key.UnicodeChar); -- if (keypress > 0) { -- *key = keypress; -- return 0; -- } -+ if (EFI_ERROR(err)) -+ return err; -+ -+ /* do not distinguish between left and right keys */ -+ if (keydata.KeyState.KeyShiftState & EFI_SHIFT_STATE_VALID) { -+ if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_CONTROL_PRESSED|EFI_LEFT_CONTROL_PRESSED)) -+ shift |= EFI_CONTROL_PRESSED; -+ if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_ALT_PRESSED|EFI_LEFT_ALT_PRESSED)) -+ shift |= EFI_ALT_PRESSED; -+ }; -+ -+ /* 32 bit modifier keys + 16 bit scan code + 16 bit unicode */ -+ keypress = KEYPRESS(shift, keydata.Key.ScanCode, keydata.Key.UnicodeChar); -+ if (keypress > 0) { -+ *key = keypress; -+ return EFI_SUCCESS; - } -+ -+ return EFI_NOT_READY; - } - -- /* fallback for firmware which does not support SimpleTextInputExProtocol -- * -- * This is also called in case ReadKeyStrokeEx did not return a key, because -- * some broken firmwares offer SimpleTextInputExProtocol, but never actually -- * handle any key. */ - err = uefi_call_wrapper(ST->ConIn->ReadKeyStroke, 2, ST->ConIn, &k); - if (EFI_ERROR(err)) - return err; - - *key = KEYPRESS(0, k.ScanCode, k.UnicodeChar); -- return 0; -+ return EFI_SUCCESS; - } - - static EFI_STATUS change_mode(UINTN mode) { -diff --git a/src/boot/efi/console.h b/src/boot/efi/console.h -index 2c69af552a..23848a9c58 100644 ---- a/src/boot/efi/console.h -+++ b/src/boot/efi/console.h -@@ -16,5 +16,5 @@ enum console_mode_change_type { - CONSOLE_MODE_MAX, - }; - --EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait); -+EFI_STATUS console_key_read(UINT64 *key, UINT64 timeout_usec); - EFI_STATUS console_set_mode(UINTN *mode, enum console_mode_change_type how); --- -2.33.0 - diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 5fbc8bc9fb7dd..c279871923923 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -123,7 +123,7 @@ assert withHomed -> withCryptsetup; assert withCryptsetup -> (cryptsetup != null); let wantCurl = withRemote || withImportd; - version = "249.5"; + version = "250"; in stdenv.mkDerivation { inherit pname version; @@ -134,12 +134,12 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - sha256 = "0bir2syy20rdi59sv8xp8nw1c92zl9z0wmv7ggsll8dca7niqwbp"; + sha256 = "1m5zs2g8xzmavhjwnlcvfxkgzpbxpdfv5r1smd1h6086w0sksn8z"; }; - # If these need to be regenerated, `git am path/to/00*.patch` them into a - # systemd worktree, rebase to the more recent systemd version, and export the - # patches again via `git -c format.signoff=false format-patch v${version}`. + # On major changes, or when otherwise required, you *must* reformat the patches, + # `git am path/to/00*.patch` them into a systemd worktree, rebase to the more recent + # systemd version, and export the patches again via `git -c format.signoff=false format-patch v${version}`. # Use `find . -name "*.patch" | sort` to get an up-to-date listing of all patches patches = [ ./0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -160,21 +160,12 @@ stdenv.mkDerivation { ./0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch ./0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch ./0018-pkg-config-derive-prefix-from-prefix.patch - # In v248 or v249 we started to get in trouble due to our # /etc/systemd/system being a symlink and thus being treated differently by # systemd. With the below patch we mitigate that effect by special casing # all our root unit dirs if they are symlinks. This does exactly what we # need (AFAICT). ./0019-core-handle-lookup-paths-being-symlinks.patch - - # In v248 compiler weirdness and refactoring lead to the bootloader - # erroring out handling keyboard input on some systems. See - # https://github.com/systemd/systemd/issues/19191 - # This should be redundant in v249.6 when it offically gets tagged in - # systemd-stable - ./0020-sd-boot-Unify-error-handling.patch - ./0021-sd-boot-Rework-console-input-handling.patch ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { @@ -286,6 +277,10 @@ stdenv.mkDerivation { { name = "libtss2-mu.so.0"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libtss2-tcti-"; pkg = opt withTpm2Tss tpm2-tss; } { name = "libfido2.so.1"; pkg = opt withFido2 libfido2; } + + # inspect-elf support + { name = "libelf.so.1"; pkg = opt withCoredump elfutils; } + { name = "libdw.so.1"; pkg = opt withCoredump elfutils; } ]; patchDlOpen = dl: @@ -445,7 +440,12 @@ stdenv.mkDerivation { "-Dsmack=true" "-Db_pie=true" "-Dinstall-sysconfdir=false" - "-Defi-ld=${stdenv.cc.bintools.targetPrefix}ld" + "-Defi-ld=gold" + "-Dsbat-distro=nixos" + "-Dsbat-distro-summary=NixOS" + "-Dsbat-distro-url=https://nixos.org/" + "-Dsbat-distro-pkgname=${pname}" + "-Dsbat-distro-version=${version}" /* As of now, systemd doesn't allow runtime configuration of these values. So the settings in /etc/login.defs have no effect on it. Many people think this @@ -499,57 +499,105 @@ stdenv.mkDerivation { "-Dutmp=false" "-Didn=false" ]; + preConfigure = + let + # A list of all the runtime binaries that the systemd exectuables, tests and libraries are referencing in their source code, scripts and unit files. + # As soon as a dependency isn't required anymore we should remove it from the list. The `where` attribute for each of the replacement patterns must be exhaustive. If another (unhandled) case is found in the source code the build fails with an error message. + binaryReplacements = [ + { search = "/usr/bin/getent"; replacement = "${getent}/bin/getent"; where = [ "src/nspawn/nspawn-setuid.c" ]; } + + { + search = "/sbin/mkswap"; + replacement = "${lib.getBin util-linux}/sbin/mkswap"; + where = [ + "man/systemd-makefs@.service.xml" + ]; + } + { search = "/sbin/swapon"; replacement = "${lib.getBin util-linux}/sbin/swapon"; where = [ "src/core/swap.c" "src/basic/unit-def.h" ]; } + { search = "/sbin/swapoff"; replacement = "${lib.getBin util-linux}/sbin/swapoff"; where = [ "src/core/swap.c" ]; } + { + search = "/bin/echo"; + replacement = "${coreutils}/bin/echo"; + where = [ + "man/systemd-analyze.xml" + "man/systemd.service.xml" + "src/analyze/test-verify.c" + "src/test/test-env-file.c" + "src/test/test-fileio.c" + "test/test-execute/exec-systemcallfilter-failing2.service" + "test/test-execute/exec-systemcallfilter-failing3.service" + "test/test-execute/exec-systemcallfilter-failing.service" + "test/testsuite-06.units/hola.service" + "test/udev-test.pl" + "test/units/hello.service" + "test/units/testsuite-07.sh" + "test/units/testsuite-15.sh" + "test/units/testsuite-17.05.sh" + "test/units/testsuite-40.sh" + "test/units/unstoppable.service" + ]; + } + { + search = "/bin/cat"; + replacement = "${coreutils}/bin/cat"; + where = [ "test/create-busybox-container" "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ]; + } + { search = "/sbin/modprobe"; replacement = "${lib.getBin kmod}/sbin/modprobe"; where = [ "units/modprobe@.service" ]; } + { + search = "/usr/lib/systemd/systemd-fsck"; + replacement = "$out/lib/systemd/systemd-fsck"; + where = [ "man/systemd-fsck@.service.xml" ]; + } + ] ++ lib.optionals withImportd [ + { + search = "\"gpg\""; + replacement = "\\\"${gnupg}/bin/gpg\\\""; + where = [ "src/import/pull-common.c" ]; + } + { + search = "\"tar\""; + replacement = "\\\"${gnutar}/bin/tar\\\""; + where = [ + "src/import/export-tar.c" + "src/import/export.c" + "src/import/import-common.c" + "src/import/import-tar.c" + "src/import/import.c" + "src/import/importd.c" + "src/import/pull-tar.c" + "src/import/pull.c" + ]; + } + ]; + + # { replacement, search, where } -> List[str] + mkSubstitute = { replacement, search, where }: + map (path: "substituteInPlace ${path} --replace '${search}' \"${replacement}\"") where; + mkEnsureSubstituted = { replacement, search, where }: + '' + if [[ $(grep -r '${search}' | grep -v "${replacement}" | grep -v NEWS | wc -l) -gt 0 ]]; then + echo "Not all references to '${search}' have been replace. Found the following matches:" + grep '${search}' -r | grep -v "${replacement}" | grep -v NEWS + exit 1 + fi + ''; - preConfigure = '' - mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") - export LC_ALL="en_US.UTF-8"; - # FIXME: patch this in systemd properly (and send upstream). - # already fixed in f00929ad622c978f8ad83590a15a765b4beecac9: (u)mount - for i in \ - src/core/mount.c \ - src/core/swap.c \ - src/cryptsetup/cryptsetup-generator.c \ - src/journal/cat.c \ - src/nspawn/nspawn.c \ - src/remount-fs/remount-fs.c \ - src/shared/generator.c \ - src/shutdown/shutdown.c \ - units/emergency.service.in \ - units/modprobe@.service \ - units/rescue.service.in \ - units/systemd-logind.service.in \ - units/systemd-nspawn@.service.in; \ - do - test -e $i - substituteInPlace $i \ - --replace /usr/bin/getent ${getent}/bin/getent \ - --replace /sbin/mkswap ${lib.getBin util-linux}/sbin/mkswap \ - --replace /sbin/swapon ${lib.getBin util-linux}/sbin/swapon \ - --replace /sbin/swapoff ${lib.getBin util-linux}/sbin/swapoff \ - --replace /bin/echo ${coreutils}/bin/echo \ - --replace /bin/cat ${coreutils}/bin/cat \ - --replace /sbin/sulogin ${lib.getBin util-linux}/sbin/sulogin \ - --replace /sbin/modprobe ${lib.getBin kmod}/sbin/modprobe \ - --replace /usr/lib/systemd/systemd-fsck $out/lib/systemd/systemd-fsck \ - --replace /bin/plymouth /run/current-system/sw/bin/plymouth # To avoid dependency - done + in + '' + mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") + export LC_ALL="en_US.UTF-8"; - for dir in tools src/resolve test src/test src/shared; do - patchShebangs $dir - done + ${lib.concatStringsSep "\n" (lib.flatten (map mkSubstitute binaryReplacements))} + ${lib.concatMapStringsSep "\n" mkEnsureSubstituted binaryReplacements} - # absolute paths to gpg & tar - substituteInPlace src/import/pull-common.c \ - --replace '"gpg"' '"${gnupg}/bin/gpg"' - for file in src/import/{{export,import,pull}-tar,import-common}.c; do - substituteInPlace $file \ - --replace '"tar"' '"${gnutar}/bin/tar"' - done + for dir in tools src/resolve test src/test src/shared; do + patchShebangs $dir + done - substituteInPlace src/libsystemd/sd-journal/catalog.c \ - --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ - ''; + substituteInPlace src/libsystemd/sd-journal/catalog.c \ + --replace /usr/lib/systemd/catalog/ $out/lib/systemd/catalog/ + ''; # These defines are overridden by CFLAGS and would trigger annoying # warning messages @@ -557,7 +605,7 @@ stdenv.mkDerivation { substituteInPlace config.h \ --replace "POLKIT_AGENT_BINARY_PATH" "_POLKIT_AGENT_BINARY_PATH" \ --replace "SYSTEMD_BINARY_PATH" "_SYSTEMD_BINARY_PATH" \ - --replace "SYSTEMD_CGROUP_AGENT_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" + --replace "SYSTEMD_CGROUP_AGENTS_PATH" "_SYSTEMD_CGROUP_AGENT_PATH" ''; NIX_CFLAGS_COMPILE = toString ([ @@ -569,8 +617,8 @@ stdenv.mkDerivation { # Set the release_agent on /sys/fs/cgroup/systemd to the # currently running systemd (/run/current-system/systemd) so # that we don't use an obsolete/garbage-collected release agent. - "-USYSTEMD_CGROUP_AGENT_PATH" - "-DSYSTEMD_CGROUP_AGENT_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" + "-USYSTEMD_CGROUP_AGENTS_PATH" + "-DSYSTEMD_CGROUP_AGENTS_PATH=\"/run/current-system/systemd/lib/systemd/systemd-cgroups-agent\"" "-USYSTEMD_BINARY_PATH" "-DSYSTEMD_BINARY_PATH=\"/run/current-system/systemd/lib/systemd/systemd\"" @@ -612,6 +660,13 @@ stdenv.mkDerivation { rm -rf $out/share/doc ''; + disallowedReferences = + [ + + ] + ++ lib.optional withTests [ glib ] + ; + # The interface version prevents NixOS from switching to an # incompatible systemd at runtime. (Switching across reboots is # fine, of course.) It should be increased whenever systemd changes From 55cbe713ef3eb789c5266a84ee6461f52d8215ad Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Sun, 12 Dec 2021 15:49:40 +0100 Subject: [PATCH 03/12] systemdMinimal: don't set {libfido2,p11-kit,libgcrypt} to null We don't have to do that as we already set all the feature flags to null. Setting individual libraries to null instead of disabling their feature flag will lead with bad example that will cause each of the features to be disabled with multiple flags in the systemdMinimal variant. If a dependency is pulled in via another feature we should disable that rather than setting it to null. Overriding a given package should be the last resort. --- pkgs/os-specific/linux/systemd/default.nix | 9 +++++---- pkgs/top-level/all-packages.nix | 4 +--- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index c279871923923..f7e2fcf47d9d0 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -61,6 +61,8 @@ , kexec-tools , bashInteractive , libmicrohttpd +, libfido2 +, p11-kit # the (optional) BPF feature requires bpftool, libbpf, clang and llmv-strip to be avilable during build time. # Only libbpf should be a runtime dependency. @@ -97,8 +99,6 @@ , withTimesyncd ? true , withTpm2Tss ? !stdenv.hostPlatform.isMusl , withUserDb ? !stdenv.hostPlatform.isMusl -, libfido2 -, p11-kit # name argument , pname ? "systemd" @@ -123,6 +123,7 @@ assert withHomed -> withCryptsetup; assert withCryptsetup -> (cryptsetup != null); let wantCurl = withRemote || withImportd; + wantGcrypt = withResolved || withImportd; version = "250"; in stdenv.mkDerivation { @@ -364,13 +365,13 @@ stdenv.mkDerivation { glib kmod libcap - libgcrypt libidn2 libuuid linuxHeaders pam ] + ++ lib.optional wantGcrypt libgcrypt ++ lib.optional withApparmor libapparmor ++ lib.optional wantCurl (lib.getDev curl) ++ lib.optionals withCompression [ bzip2 lz4 xz zstd ] @@ -409,7 +410,7 @@ stdenv.mkDerivation { # while we do not run tests we should also not build them. Removes about 600 targets "-Dtests=false" "-Danalyze=${lib.boolToString withAnalyze}" - "-Dgcrypt=${lib.boolToString (libgcrypt != null)}" + "-Dgcrypt=${lib.boolToString wantGcrypt}" "-Dimportd=${lib.boolToString withImportd}" "-Dlz4=${lib.boolToString withCompression}" "-Dhomed=${lib.boolToString withHomed}" diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 15186d004ddf1..f75fc84baa89f 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -22970,10 +22970,8 @@ with pkgs; withTpm2Tss = false; withUserDb = false; glib = null; - libgcrypt = null; + lvm2 = null; - libfido2 = null; - p11-kit = null; }; From 0de8522947a497f1920e3e118dae559e475c59c4 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Sun, 12 Dec 2021 15:58:17 +0100 Subject: [PATCH 04/12] systemd: remove unused lvm2 input --- pkgs/os-specific/linux/systemd/default.nix | 1 - pkgs/top-level/all-packages.nix | 2 -- 2 files changed, 3 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index f7e2fcf47d9d0..1d4b78a0b4622 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -29,7 +29,6 @@ # Optional dependencies , pam , cryptsetup -, lvm2 , audit , acl , lz4 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index f75fc84baa89f..de5116d7ca6ac 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -22970,8 +22970,6 @@ with pkgs; withTpm2Tss = false; withUserDb = false; glib = null; - - lvm2 = null; }; From 75775b7a2a5dc7922ef08991ea8df497dce67533 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Sun, 12 Dec 2021 15:59:20 +0100 Subject: [PATCH 05/12] systemd: introduce withTests flag This allows us to make test-only dependencies optional in builds that aren't running tests (sadly all of our builds). --- pkgs/os-specific/linux/systemd/default.nix | 8 ++++++-- pkgs/top-level/all-packages.nix | 1 - 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 1d4b78a0b4622..bff23aada54a7 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -15,6 +15,8 @@ , gperf , getent , glibcLocales + + # glib is only used during tests (test-bus-gvariant, test-bus-marshal) , glib , substituteAll , gettext @@ -98,6 +100,8 @@ , withTimesyncd ? true , withTpm2Tss ? !stdenv.hostPlatform.isMusl , withUserDb ? !stdenv.hostPlatform.isMusl + # tests assume too much system access for them to be feasible for us right now +, withTests ? false # name argument , pname ? "systemd" @@ -361,7 +365,6 @@ stdenv.mkDerivation { [ acl audit - glib kmod libcap libidn2 @@ -371,6 +374,7 @@ stdenv.mkDerivation { ] ++ lib.optional wantGcrypt libgcrypt + ++ lib.optional withTests glib ++ lib.optional withApparmor libapparmor ++ lib.optional wantCurl (lib.getDev curl) ++ lib.optionals withCompression [ bzip2 lz4 xz zstd ] @@ -405,7 +409,7 @@ stdenv.mkDerivation { "-Dsetfont-path=${kbd}/bin/setfont" "-Dtty-gid=3" # tty in NixOS has gid 3 "-Ddebug-shell=${bashInteractive}/bin/bash" - "-Dglib=${lib.boolToString (glib != null)}" + "-Dglib=${lib.boolToString withTests}" # while we do not run tests we should also not build them. Removes about 600 targets "-Dtests=false" "-Danalyze=${lib.boolToString withAnalyze}" diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index de5116d7ca6ac..8c3988762a9ee 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -22969,7 +22969,6 @@ with pkgs; withTimesyncd = false; withTpm2Tss = false; withUserDb = false; - glib = null; }; From 24608d891d09aabb4daca55696eeb485475b1e5e Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Fri, 31 Dec 2021 12:58:40 +0100 Subject: [PATCH 06/12] systemd: drop unused efi-ldsdir option Since systemd commit ce4121c6ff92c1c368874bd451b73fa9b1ddec4a the option is no longer known and we should remove it from our expression. --- pkgs/os-specific/linux/systemd/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index bff23aada54a7..f087fd775c8ca 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -485,7 +485,6 @@ stdenv.mkDerivation { ] ++ lib.optionals withEfi [ "-Defi-libdir=${toString gnu-efi}/lib" "-Defi-includedir=${toString gnu-efi}/include/efi" - "-Defi-ldsdir=${toString gnu-efi}/lib" ] ++ lib.optionals (withShellCompletions == false) [ "-Dbashcompletiondir=no" "-Dzshcompletiondir=no" From 9cd696c5965655364ddc4cb0848fc9ce3e890da5 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Fri, 31 Dec 2021 13:02:54 +0100 Subject: [PATCH 07/12] systemd: drop unused cryptsetup meson option This has never been a valid option as far as I can tell. I am not sure why we started adding it in the first place. --- pkgs/os-specific/linux/systemd/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index f087fd775c8ca..8911cc8cf6d53 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -424,7 +424,6 @@ stdenv.mkDerivation { "-Dnetworkd=${lib.boolToString withNetworkd}" "-Doomd=${lib.boolToString withOomd}" "-Dpolkit=${lib.boolToString withPolkit}" - "-Dcryptsetup=${lib.boolToString withCryptsetup}" "-Dportabled=${lib.boolToString withPortabled}" "-Dhwdb=${lib.boolToString withHwdb}" "-Dremote=${lib.boolToString withRemote}" From 58641a754c1785ed7152b1d884c66d5378ef030a Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Fri, 31 Dec 2021 13:04:15 +0100 Subject: [PATCH 08/12] systemd: drop unused kill-path option As of systemd commit add384dd4d2b96db6ace5ad9c52b1dd7553ebec2 that option doesn't have any effect anymore. Systemd defaults to calling its own systemctl instead. As of systemd commit 9a85778412fa3e3f8d4561064131ba69f3259b28 that option was finally removed from the meson_options.txt. --- pkgs/os-specific/linux/systemd/default.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 8911cc8cf6d53..090672077bfdb 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -466,7 +466,6 @@ stdenv.mkDerivation { "-Dsysvinit-path=" "-Dsysvrcnd-path=" - "-Dkill-path=${coreutils}/bin/kill" "-Dkmod-path=${kmod}/bin/kmod" "-Dsulogin-path=${util-linux}/bin/sulogin" "-Dmount-path=${util-linux}/bin/mount" From 9f4c4acd7e6a2b49bc8dd7389c163fda450fbf7f Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Fri, 31 Dec 2021 14:12:56 +0100 Subject: [PATCH 09/12] nixos/timesyncd: initialize clock file with current time When initializing a system (e.g. first boot / livecd) we have no good reference source for time. systemd-timesyncd however would revert back to its configured fallback time (in our case 01.01.1980). Since we probably don't want to hardcode a specific date as fallback we are now using the current system time (wherever that might have come from) to initialize the reference clock file. The only systems that might be remotely affected by this change are machines that have highly unreliable RTCs or those where the battery that backs the RTC is running empty. Historically these systems always had a tough time with anything time related and likely required manual intervention. For stateless systems (those that wipe / between reboots or our installer CDs) this has the consequence that time will always be reset to whatever the system comes up with on boot. This is likely the correct time coming from an RTC. No harm done here the situation is likely unchanged for them. For stateful systems (those that retain the / partition across reboots) there shouldn't be a change at all. They'll provide an initial clock value once on their lifetime (during first boot / after installation). From then onwards systemd-timesyncd will update the file with the newer fallback time (that will be picked up on the next boot). --- nixos/modules/system/boot/timesyncd.nix | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/nixos/modules/system/boot/timesyncd.nix b/nixos/modules/system/boot/timesyncd.nix index 5f35a15476965..6279957fcd63b 100644 --- a/nixos/modules/system/boot/timesyncd.nix +++ b/nixos/modules/system/boot/timesyncd.nix @@ -60,15 +60,27 @@ with lib; }; users.groups.systemd-timesync.gid = config.ids.gids.systemd-timesync; - system.activationScripts.systemd-timesyncd-migration = mkIf (versionOlder config.system.stateVersion "19.09") '' + system.activationScripts.systemd-timesyncd-migration = # workaround an issue of systemd-timesyncd not starting due to upstream systemd reverting their dynamic users changes # - https://github.com/NixOS/nixpkgs/pull/61321#issuecomment-492423742 # - https://github.com/systemd/systemd/issues/12131 - if [ -L /var/lib/systemd/timesync ]; then - rm /var/lib/systemd/timesync - mv /var/lib/private/systemd/timesync /var/lib/systemd/timesync + mkIf (versionOlder config.system.stateVersion "19.09") '' + if [ -L /var/lib/systemd/timesync ]; then + rm /var/lib/systemd/timesync + mv /var/lib/private/systemd/timesync /var/lib/systemd/timesync + fi + ''; + system.activationScripts.systemd-timesyncd-init-clock = + # Ensure that we have some stored time to prevent systemd-timesyncd to + # resort back to the fallback time. + # If the file doesn't exist we assume that our current system clock is + # good enough to provide an initial value. + '' + if ! [ -f /var/lib/systemd/timesync/clock ]; then + test -d /var/lib/systemd/timesync || mkdir -p /var/lib/systemd/timesync + touch /var/lib/systemd/timesync/clock fi - ''; + ''; }; } From 424a3b6a38f0287036eba4da60df32d7cabd4b19 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Fri, 31 Dec 2021 17:21:05 +0100 Subject: [PATCH 10/12] systemd: add the release timestamp into the build This helps systemd during runtime to make decisions about the sanity of the system clock. See the references news article for more details on the matter. --- pkgs/os-specific/linux/systemd/default.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 090672077bfdb..e91c1a068f711 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -128,6 +128,12 @@ let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; version = "250"; + + # Bump this variable on every (major) version change. See below (in the meson options list) for why. + # command: + # $ curl -s https://api.github.com/repos/systemd/systemd/releases/latest | \ + # jq '.created_at|strptime("%Y-%m-%dT%H:%M:%SZ")|mktime' + releaseTimestamp = "1640290180"; in stdenv.mkDerivation { inherit pname version; @@ -398,6 +404,14 @@ stdenv.mkDerivation { mesonFlags = [ "-Dversion-tag=${version}" + # We bump this variable on every (major) version change to ensure + # that we have known-good value for a timestamp that is in the (not so distant) past. + # This serves as a lower bound for valid system timestamps during startup. Systemd will + # reset the system timestamp if this date is +- 15 years from the system time. + # See the systemd v250 release notes for further details: + # https://github.com/systemd/systemd/blob/60e930fc3e6eb8a36fbc184773119eb8d2f30364/NEWS#L258-L266 + "-Dtime-epoch=${releaseTimestamp}" + "-Ddbuspolicydir=${placeholder "out"}/share/dbus-1/system.d" "-Ddbussessionservicedir=${placeholder "out"}/share/dbus-1/services" "-Ddbussystemservicedir=${placeholder "out"}/share/dbus-1/system-services" From a7252f37bb98411bbef7518b2b5747b9a8e07a2c Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Wed, 5 Jan 2022 17:33:24 +0100 Subject: [PATCH 11/12] fixup! WIP: systemd: v249.5 -> v250 --- .../doc/manual/release-notes/rl-2205.section.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index ca89732fa801d..b9f3654b6b7b1 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -13,6 +13,8 @@ In addition to numerous new and upgraded packages, this release has the followin - PHP 8.1 is now available +- Systemd has been upgraded to the version 250. + ## New Services {#sec-release-22.05-new-services} - [aesmd](https://github.com/intel/linux-sgx#install-the-intelr-sgx-psw), the Intel SGX Architectural Enclave Service Manager. Available as [services.aesmd](#opt-services.aesmd.enable). @@ -24,6 +26,21 @@ In addition to numerous new and upgraded packages, this release has the followin ## Backward Incompatibilities {#sec-release-22.05-incompatibilities} +- Since systemd version 250 wireguard tunnels that are managed using networkd + will install routes for each of the `AllowedIPs` entries. This is in contrast + to the previous behaviour where routes had to be added manually. + To disable the new behaviour you must set the `RoutingTable=off` option in + the `WireGuard` section within each of your netdev definitions. + For example like this: + ```nix + { + systemd.network.netdev.my-wireguard-interface = { + wireguardConfig.RouteTable = "off"; + }; + } + ``` +- + - `pkgs.ghc` now refers to `pkgs.targetPackages.haskellPackages.ghc`. This *only* makes a difference if you are cross-compiling and will ensure that `pkgs.ghc` always runs on the host platform and compiles From dc399353166888c44b8e64b64c24b0ed73da532f Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Wed, 5 Jan 2022 17:33:29 +0100 Subject: [PATCH 12/12] fixup! WIP: systemd: v249.5 -> v250 --- pkgs/os-specific/linux/systemd/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index e91c1a068f711..e928d60394e1c 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -127,7 +127,7 @@ assert withCryptsetup -> (cryptsetup != null); let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "250"; + version = "250.1"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: @@ -144,7 +144,7 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - sha256 = "1m5zs2g8xzmavhjwnlcvfxkgzpbxpdfv5r1smd1h6086w0sksn8z"; + sha256 = "1v92hrx17zjrsa2fjr8zznw0kxw5yd7bx3950z98xmnxah0swzkf"; }; # On major changes, or when otherwise required, you *must* reformat the patches,