From 93a93e9a3b53c1a73142a305ea1f8136846942ee Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Wed, 22 Dec 2021 14:08:05 +0000 Subject: gentoo resync : 22.12.2021 --- sys-apps/systemd/files/249-fido2.patch | 58 ----------- .../systemd/files/249-home-secret-assert.patch | 106 --------------------- sys-apps/systemd/files/249-libudev-static.patch | 26 ----- sys-apps/systemd/files/249-network-renaming.patch | 41 -------- 4 files changed, 231 deletions(-) delete mode 100644 sys-apps/systemd/files/249-fido2.patch delete mode 100644 sys-apps/systemd/files/249-home-secret-assert.patch delete mode 100644 sys-apps/systemd/files/249-libudev-static.patch delete mode 100644 sys-apps/systemd/files/249-network-renaming.patch (limited to 'sys-apps/systemd/files') diff --git a/sys-apps/systemd/files/249-fido2.patch b/sys-apps/systemd/files/249-fido2.patch deleted file mode 100644 index bbfa4afb540e..000000000000 --- a/sys-apps/systemd/files/249-fido2.patch +++ /dev/null @@ -1,58 +0,0 @@ -From b6aa89b0a399992c8ea762e6ec4f30cff90618f2 Mon Sep 17 00:00:00 2001 -From: pedro martelletto -Date: Wed, 8 Sep 2021 10:42:56 +0200 -Subject: [PATCH] explicitly close FIDO2 devices - -FIDO2 device access is serialised by libfido2 using flock(). -Therefore, make sure to close a FIDO2 device once we are done -with it, or we risk opening it again at a later point and -deadlocking. Fixes #20664. ---- - src/shared/libfido2-util.c | 2 ++ - src/shared/libfido2-util.h | 5 ++++- - 2 files changed, 6 insertions(+), 1 deletion(-) - -diff --git a/src/shared/libfido2-util.c b/src/shared/libfido2-util.c -index 12c644dcfcce..6d18178b68c9 100644 ---- a/src/shared/libfido2-util.c -+++ b/src/shared/libfido2-util.c -@@ -58,6 +58,7 @@ bool (*sym_fido_dev_is_fido2)(const fido_dev_t *) = NULL; - int (*sym_fido_dev_make_cred)(fido_dev_t *, fido_cred_t *, const char *) = NULL; - fido_dev_t* (*sym_fido_dev_new)(void) = NULL; - int (*sym_fido_dev_open)(fido_dev_t *, const char *) = NULL; -+int (*sym_fido_dev_close)(fido_dev_t *) = NULL; - const char* (*sym_fido_strerr)(int) = NULL; - - int dlopen_libfido2(void) { -@@ -106,6 +107,7 @@ int dlopen_libfido2(void) { - DLSYM_ARG(fido_dev_make_cred), - DLSYM_ARG(fido_dev_new), - DLSYM_ARG(fido_dev_open), -+ DLSYM_ARG(fido_dev_close), - DLSYM_ARG(fido_strerr)); - } - -diff --git a/src/shared/libfido2-util.h b/src/shared/libfido2-util.h -index 5640cca5e39b..4ebf8ab77509 100644 ---- a/src/shared/libfido2-util.h -+++ b/src/shared/libfido2-util.h -@@ -60,6 +60,7 @@ extern bool (*sym_fido_dev_is_fido2)(const fido_dev_t *); - extern int (*sym_fido_dev_make_cred)(fido_dev_t *, fido_cred_t *, const char *); - extern fido_dev_t* (*sym_fido_dev_new)(void); - extern int (*sym_fido_dev_open)(fido_dev_t *, const char *); -+extern int (*sym_fido_dev_close)(fido_dev_t *); - extern const char* (*sym_fido_strerr)(int); - - int dlopen_libfido2(void); -@@ -75,8 +76,10 @@ static inline void fido_assert_free_wrapper(fido_assert_t **p) { - } - - static inline void fido_dev_free_wrapper(fido_dev_t **p) { -- if (*p) -+ if (*p) { -+ sym_fido_dev_close(*p); - sym_fido_dev_free(p); -+ } - } - - static inline void fido_cred_free_wrapper(fido_cred_t **p) { diff --git a/sys-apps/systemd/files/249-home-secret-assert.patch b/sys-apps/systemd/files/249-home-secret-assert.patch deleted file mode 100644 index e6e2a8e7cc78..000000000000 --- a/sys-apps/systemd/files/249-home-secret-assert.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 6a09dbb89507449d158af6c7097d2c51ce83205f Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Sun, 5 Sep 2021 11:16:26 +0900 -Subject: [PATCH] home: 'secret' argument of handle_generic_user_record_error - may be null - -When RefHome() bus method is called in acquire_home(), secret is NULL. - -Fixes #20639. ---- - src/home/pam_systemd_home.c | 19 ++++++++++++++++++- - 1 file changed, 18 insertions(+), 1 deletion(-) - -diff --git a/src/home/pam_systemd_home.c b/src/home/pam_systemd_home.c -index 836ed0d5e96d..a04d50208a8e 100644 ---- a/src/home/pam_systemd_home.c -+++ b/src/home/pam_systemd_home.c -@@ -281,7 +281,6 @@ static int handle_generic_user_record_error( - const sd_bus_error *error) { - - assert(user_name); -- assert(secret); - assert(error); - - int r; -@@ -301,6 +300,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_BAD_PASSWORD)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - /* This didn't work? Ask for an (additional?) password */ - - if (strv_isempty(secret->password)) -@@ -326,6 +327,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_BAD_PASSWORD_AND_NO_TOKEN)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - if (strv_isempty(secret->password)) { - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token of user %s not inserted.", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Try again with password: "); -@@ -350,6 +353,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PIN_NEEDED)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Security token PIN: "); - if (r != PAM_SUCCESS) - return PAM_CONV_ERR; /* no logging here */ -@@ -367,6 +372,8 @@ static int handle_generic_user_record_error( - - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_PROTECTED_AUTHENTICATION_PATH_NEEDED)) { - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please authenticate physically on security token of user %s.", user_name); - - r = user_record_set_pkcs11_protected_authentication_path_permitted(secret, true); -@@ -377,6 +384,8 @@ static int handle_generic_user_record_error( - - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_USER_PRESENCE_NEEDED)) { - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please confirm presence on security token of user %s.", user_name); - - r = user_record_set_fido2_user_presence_permitted(secret, true); -@@ -387,6 +396,8 @@ static int handle_generic_user_record_error( - - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_USER_VERIFICATION_NEEDED)) { - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Please verify user on security token of user %s.", user_name); - - r = user_record_set_fido2_user_verification_permitted(secret, true); -@@ -403,6 +414,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN incorrect for user %s.", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); - if (r != PAM_SUCCESS) -@@ -422,6 +435,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN_FEW_TRIES_LEFT)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN of user %s incorrect (only a few tries left!)", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); - if (r != PAM_SUCCESS) -@@ -441,6 +456,8 @@ static int handle_generic_user_record_error( - } else if (sd_bus_error_has_name(error, BUS_ERROR_TOKEN_BAD_PIN_ONE_TRY_LEFT)) { - _cleanup_(erase_and_freep) char *newp = NULL; - -+ assert(secret); -+ - (void) pam_prompt(handle, PAM_ERROR_MSG, NULL, "Security token PIN of user %s incorrect (only one try left!)", user_name); - r = pam_prompt(handle, PAM_PROMPT_ECHO_OFF, &newp, "Sorry, retry security token PIN: "); - if (r != PAM_SUCCESS) diff --git a/sys-apps/systemd/files/249-libudev-static.patch b/sys-apps/systemd/files/249-libudev-static.patch deleted file mode 100644 index 73375b716e9b..000000000000 --- a/sys-apps/systemd/files/249-libudev-static.patch +++ /dev/null @@ -1,26 +0,0 @@ -From f2c57d4f3805775e0ffdc80ce578eaa737017d31 Mon Sep 17 00:00:00 2001 -From: Mike Gilbert -Date: Fri, 9 Jul 2021 13:05:23 -0400 -Subject: [PATCH] libudev: add "Libs.private: -lrt -pthread" to libudev.pc - -This resolves a failure when linking cryptsetup.static against libudev.a. - -``` -libtool: link: x86_64-pc-linux-gnu-gcc -Wall -O2 -pipe -march=amdfam10 -static -O2 -o cryptsetup.static lib/utils_crypt.o lib/utils_loop.o lib/utils_io.o lib/utils_blkid.o src/utils_tools.o src/utils_password.o src/utils_luks2.o src/utils_blockdev.o src/cryptsetup.o -pthread -pthread -Wl,--as-needed ./.libs/libcryptsetup.a -largon2 -lrt -ljson-c -lpopt -luuid -lblkid -lssl -lcrypto -lz -ldl -ldevmapper -lm -lpthread -ludev -pthread -/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../x86_64-pc-linux-gnu/bin/ld: /usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../lib64/libudev.a(src_libsystemd_sd-daemon_sd-daemon.c.o): in function `sd_is_mq': -(.text.sd_is_mq+0x3a): undefined reference to `mq_getattr' -``` ---- - src/libudev/libudev.pc.in | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/libudev/libudev.pc.in b/src/libudev/libudev.pc.in -index 89028aaa6bf2..1d6487fa4084 100644 ---- a/src/libudev/libudev.pc.in -+++ b/src/libudev/libudev.pc.in -@@ -16,4 +16,5 @@ Name: libudev - Description: Library to access udev device information - Version: {{PROJECT_VERSION}} - Libs: -L${libdir} -ludev -+Libs.private: -lrt -pthread - Cflags: -I${includedir} diff --git a/sys-apps/systemd/files/249-network-renaming.patch b/sys-apps/systemd/files/249-network-renaming.patch deleted file mode 100644 index b9eecf57b10f..000000000000 --- a/sys-apps/systemd/files/249-network-renaming.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 160203e974945ce520fe8f569458634ef898c61c Mon Sep 17 00:00:00 2001 -From: Yu Watanabe -Date: Fri, 10 Sep 2021 08:09:56 +0900 -Subject: [PATCH] network: fix handling of network interface renaming - -Fixes #20657. ---- - src/network/networkd-link.c | 14 +++++++++----- - 1 file changed, 9 insertions(+), 5 deletions(-) - -diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c -index 4afd540d2015..caad6205ae83 100644 ---- a/src/network/networkd-link.c -+++ b/src/network/networkd-link.c -@@ -1470,17 +1470,21 @@ static int link_initialized(Link *link, sd_device *device) { - assert(link); - assert(device); - -- if (link->state != LINK_STATE_PENDING) -- return 0; -+ /* Always replace with the new sd_device object. As the sysname (and possibly other properties -+ * or sysattrs) may be outdated. */ -+ sd_device_ref(device); -+ sd_device_unref(link->sd_device); -+ link->sd_device = device; - -- if (link->sd_device) -+ /* Do not ignore unamanaged state case here. If an interface is renamed after being once -+ * configured, and the corresponding .network file has Name= in [Match] section, then the -+ * interface may be already in unmanaged state. See #20657. */ -+ if (!IN_SET(link->state, LINK_STATE_PENDING, LINK_STATE_UNMANAGED)) - return 0; - - log_link_debug(link, "udev initialized link"); - link_set_state(link, LINK_STATE_INITIALIZED); - -- link->sd_device = sd_device_ref(device); -- - /* udev has initialized the link, but we don't know if we have yet - * processed the NEWLINK messages with the latest state. Do a GETLINK, - * when it returns we know that the pending NEWLINKs have already been -- cgit v1.2.3