diff -Nru systemd-245.4/debian/changelog systemd-245.4/debian/changelog --- systemd-245.4/debian/changelog 2020-10-08 20:14:56.000000000 +0000 +++ systemd-245.4/debian/changelog 2021-01-06 20:47:39.000000000 +0000 @@ -1,3 +1,46 @@ +systemd (245.4-4ubuntu3.4) focal; urgency=medium + + * d/p/lp1905245/0001-basic-cap-list-parse-print-numerical-capabilities.patch, + d/p/lp1905245/0002-basic-capability-util-let-cap_last_cap-return-unsign.patch, + d/p/lp1905245/0003-basic-cap-list-reduce-scope-of-variables.patch: + - print number of unknown capabilities instead of failing + (LP: #1905245) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5cd98102e16a6e4acc1444b10db3308d87930933 + * d/p/lp1890448-hwdb-Add-EliteBook-to-use-micmute-hotkey.patch: + Add EliteBook to use micmute hotkey (LP: #1890448) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=238c8c1a7b9d75f69bdeafb1d55f1faf00acb063 + * d/extra/dhclient-enter-resolved-hook: + suppress output of cmp command in dhclient hook (LP: #1878955) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=83df4fc182f8ffe87256f5d7c4b49cee5192529a + * d/p/lp1905044-test-use-cap_last_cap-for-max-supported-cap-number-n.patch: + test: use cap_last_cap() instead of capability_list_length() + (LP: #1905044) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ff21f41e624d9e603f3be463846ce981a433842a + * d/p/lp1903300/0001-network-VXLan-fix-adding-Group-address.patch, + d/p/lp1903300/0002-network-VXLan-Add-support-for-remote-address.patch, + d/p/lp1903300/0003-networkctl-Add-support-to-display-VXLan-remote-addre.patch: + set vxlan multicast group when specified (LP: #1903300) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=9deff4b7c5495dbe738561ca47daf3756df9fcde + * d/p/lp1907306/0001-sd-dhcp-client-don-t-log-timeouts-if-already-expired.patch, + d/p/lp1907306/0002-sd-dhcp-client-track-dhcp4-t1-t2-expire-times.patch, + d/p/lp1907306/0003-sd-dhcp-client-add-RFC2131-retransmission-details.patch, + d/p/lp1907306/0004-sd-dhcp-client-simplify-dhcp4-t1-t2-parsing.patch, + d/p/lp1907306/0005-sd-dhcp-client-correct-dhcpv4-renew-rebind-retransmi.patch, + d/p/lp1907306/0006-sd-dhcp-client-correct-retransmission-timeout-to-mat.patch, + d/p/lp1907306/0007-test-network-increase-wait_online-timeout-to-handle-.patch, + d/p/lp1907306/0008-sd-dhcp-client-fix-renew-rebind-timeout-calculation-.patch: + Send correct number of dhcpv4 renew and rebind requests + (LP: #1907306) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a73c51d0df284dcc38e6924d40eed810554bab2e + * d/p/lp1902960-udev-re-assign-ID_NET_DRIVER-ID_NET_LINK_FILE-ID_NET.patch: + Run net_setup_link on 'change' uevents (LP: #1902960) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=ec7ba2358aa68d8d6276ed56ef91caafc287cecf + * d/t/root-unittests: + Remove any corrupt journal files (LP: #1881947) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=5481fececdb3cb35ca7118598cad537681b5ff14 + + -- Dan Streetman Wed, 06 Jan 2021 15:47:39 -0500 + systemd (245.4-4ubuntu3.3) focal; urgency=medium [ Rafael David Tinoco ] diff -Nru systemd-245.4/debian/extra/dhclient-enter-resolved-hook systemd-245.4/debian/extra/dhclient-enter-resolved-hook --- systemd-245.4/debian/extra/dhclient-enter-resolved-hook 2020-10-08 20:14:56.000000000 +0000 +++ systemd-245.4/debian/extra/dhclient-enter-resolved-hook 2021-01-06 20:47:16.000000000 +0000 @@ -56,7 +56,7 @@ newstate="$(mktemp)" md5sum $statedir/isc-dhcp-v4-$interface.conf $statedir/isc-dhcp-v6-$interface.conf > $newstate 2> /dev/null - if ! cmp $oldstate $newstate; then + if ! cmp --quiet $oldstate $newstate; then systemctl try-reload-or-restart systemd-resolved.service fi diff -Nru systemd-245.4/debian/patches/lp1890448-hwdb-Add-EliteBook-to-use-micmute-hotkey.patch systemd-245.4/debian/patches/lp1890448-hwdb-Add-EliteBook-to-use-micmute-hotkey.patch --- systemd-245.4/debian/patches/lp1890448-hwdb-Add-EliteBook-to-use-micmute-hotkey.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1890448-hwdb-Add-EliteBook-to-use-micmute-hotkey.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,32 @@ +From b6eb208b29ae720e45a2950453fa4278a88bbcc9 Mon Sep 17 00:00:00 2001 +From: Kai-Heng Feng +Date: Tue, 16 Jun 2020 13:24:27 +0800 +Subject: [PATCH] hwdb: Add EliteBook to use micmute hotkey +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1890448 +Origin: upstream, https://github.com/systemd/systemd/commit/b6eb208b29ae720e45a2950453fa4278a88bbcc9 + +Like HP ZBooks, all EliteBooks use the same micmute scancode. +--- + hwdb.d/60-keyboard.hwdb | 8 +++----- + 1 file changed, 3 insertions(+), 5 deletions(-) + +--- a/hwdb.d/60-keyboard.hwdb ++++ b/hwdb.d/60-keyboard.hwdb +@@ -584,6 +584,9 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett + + # HP EliteBook 725 G2 + evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pnHPLicrice:pvr* ++# HP EliteBook ++evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pnHPEliteBook*:pvr* ++evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHP*:pnHPEliteBook*:pvr* + # HP ProBook 440 G2 + evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pnHP440G2:pvr* + # several HP ProBooks 4xx +@@ -610,7 +613,6 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHP:pnHP + + # HP Folio 1040g2 + evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHewlett-Packard*:pnHPEliteBookFolio1040G2:pvr* +- KEYBOARD_KEY_81=f20 # Fn+F8; Microphone mute button, should be micmute + KEYBOARD_KEY_d8=!f23 # touchpad off + KEYBOARD_KEY_d9=!f22 # touchpad on + diff -Nru systemd-245.4/debian/patches/lp1902960-udev-re-assign-ID_NET_DRIVER-ID_NET_LINK_FILE-ID_NET.patch systemd-245.4/debian/patches/lp1902960-udev-re-assign-ID_NET_DRIVER-ID_NET_LINK_FILE-ID_NET.patch --- systemd-245.4/debian/patches/lp1902960-udev-re-assign-ID_NET_DRIVER-ID_NET_LINK_FILE-ID_NET.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1902960-udev-re-assign-ID_NET_DRIVER-ID_NET_LINK_FILE-ID_NET.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,84 @@ +From e0e789c1e97e2cdf1cafe0c6b7d7e43fa054f151 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Mon, 14 Sep 2020 15:21:04 +0900 +Subject: [PATCH] udev: re-assign ID_NET_DRIVER=, ID_NET_LINK_FILE=, + ID_NET_NAME= properties on non-'add' uevent +Bug: https://github.com/systemd/systemd/issues/17532 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1902960 +Origin: upstream, https://github.com/systemd/systemd/commit/e0e789c1e97e2cdf1cafe0c6b7d7e43fa054f151 + +Previous commit makes drop ID_NET_DRIVER=, ID_NET_LINK_FILE=, and +ID_NET_NAME= properties for network interfaces on 'move' uevent. +ID_NET_DRIVER= and ID_NET_LINK_FILE= properties are used by networkctl. +ID_NET_NAME= may be used by end-user rules or programs. So, let's +re-assign them on 'move' uevent. (Note that strictly speaking, this +makes them re-assigned on all but 'remove' uevent.) +--- +NOTE: backported from upstream, to keep as much backwards compatibility as possible; +specifically 1) don't return failure if device_get_action() fails, and 2) context +adjustments since the upstream commit builds on splitting out the function +action into separate functions, which our code doesn't include. + + rules.d/80-net-setup-link.rules | 2 +- + src/udev/net/link-config.c | 30 +++++++++++++++++++++++++++--- + 2 files changed, 28 insertions(+), 4 deletions(-) + +--- a/rules.d/80-net-setup-link.rules ++++ b/rules.d/80-net-setup-link.rules +@@ -4,7 +4,7 @@ SUBSYSTEM!="net", GOTO="net_setup_link_e + + IMPORT{builtin}="path_id" + +-ACTION!="add", GOTO="net_setup_link_end" ++ACTION=="remove", GOTO="net_setup_link_end" + + IMPORT{builtin}="net_setup_link" + +--- a/src/udev/net/link-config.c ++++ b/src/udev/net/link-config.c +@@ -10,6 +10,7 @@ + #include "conf-files.h" + #include "conf-parser.h" + #include "def.h" ++#include "device-private.h" + #include "device-util.h" + #include "ethtool-util.h" + #include "fd-util.h" +@@ -351,6 +352,7 @@ int link_config_apply(link_config_ctx *c + struct ether_addr *mac = NULL; + const char *new_name = NULL; + const char *old_name; ++ DeviceAction a = _DEVICE_ACTION_INVALID; + unsigned speed, name_type = NET_NAME_UNKNOWN; + NamePolicy policy; + int r, ifindex; +@@ -364,6 +366,16 @@ int link_config_apply(link_config_ctx *c + if (r < 0) + return r; + ++ r = device_get_action(device, &a); ++ if (r < 0) ++ log_device_warning_errno(device, r, "Failed to get ACTION= property: %m"); ++ else if (!IN_SET(a, DEVICE_ACTION_ADD, DEVICE_ACTION_BIND, DEVICE_ACTION_MOVE)) { ++ log_device_debug(device, "Skipping to apply .link settings on '%s' uevent.", device_action_to_string(a)); ++ ++ *name = old_name; ++ return 0; ++ } ++ + r = ethtool_set_glinksettings(&ctx->ethtool_fd, old_name, + config->autonegotiation, config->advertise, + config->speed, config->duplex, config->port); +@@ -421,6 +433,12 @@ int link_config_apply(link_config_ctx *c + goto no_rename; + } + ++ if (a == DEVICE_ACTION_MOVE) { ++ log_device_debug(device, "Skipping to apply Name= and NamePolicy= on '%s' uevent.", device_action_to_string(a)); ++ new_name = old_name; ++ goto no_rename; ++ } ++ + if (ctx->enable_name_policy && config->name_policy) + for (NamePolicy *p = config->name_policy; *p != _NAMEPOLICY_INVALID; p++) { + policy = *p; diff -Nru systemd-245.4/debian/patches/lp1903300/0001-network-VXLan-fix-adding-Group-address.patch systemd-245.4/debian/patches/lp1903300/0001-network-VXLan-fix-adding-Group-address.patch --- systemd-245.4/debian/patches/lp1903300/0001-network-VXLan-fix-adding-Group-address.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1903300/0001-network-VXLan-fix-adding-Group-address.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,34 @@ +From 7c9b26900cc33daf080627daf5904de74c1ef267 Mon Sep 17 00:00:00 2001 +From: Susant Sahani +Date: Fri, 10 Apr 2020 15:29:10 +0200 +Subject: [PATCH 1/3] network: VXLan - fix adding Group address +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1903300 +Origin: upstream, https://github.com/systemd/systemd/pull/15397 + +--- + src/network/netdev/vxlan.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/network/netdev/vxlan.c b/src/network/netdev/vxlan.c +index ace3c5d2ed..c27c9bf512 100644 +--- a/src/network/netdev/vxlan.c ++++ b/src/network/netdev/vxlan.c +@@ -38,11 +38,11 @@ static int netdev_vxlan_fill_message_create(NetDev *netdev, Link *link, sd_netli + return log_netdev_error_errno(netdev, r, "Could not append IFLA_VXLAN_ID attribute: %m"); + } + +- if (in_addr_is_null(v->remote_family, &v->remote) == 0) { +- if (v->remote_family == AF_INET) +- r = sd_netlink_message_append_in_addr(m, IFLA_VXLAN_GROUP, &v->remote.in); ++ if (in_addr_is_null(v->group_family, &v->group) == 0) { ++ if (v->group_family == AF_INET) ++ r = sd_netlink_message_append_in_addr(m, IFLA_VXLAN_GROUP, &v->group.in); + else +- r = sd_netlink_message_append_in6_addr(m, IFLA_VXLAN_GROUP6, &v->remote.in6); ++ r = sd_netlink_message_append_in6_addr(m, IFLA_VXLAN_GROUP6, &v->group.in6); + if (r < 0) + return log_netdev_error_errno(netdev, r, "Could not append IFLA_VXLAN_GROUP attribute: %m"); + } +-- +2.25.1 + diff -Nru systemd-245.4/debian/patches/lp1903300/0002-network-VXLan-Add-support-for-remote-address.patch systemd-245.4/debian/patches/lp1903300/0002-network-VXLan-Add-support-for-remote-address.patch --- systemd-245.4/debian/patches/lp1903300/0002-network-VXLan-Add-support-for-remote-address.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1903300/0002-network-VXLan-Add-support-for-remote-address.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,44 @@ +From fc1d9c7b0c8f83446928d53d644088235bcac235 Mon Sep 17 00:00:00 2001 +From: Susant Sahani +Date: Fri, 10 Apr 2020 15:37:21 +0200 +Subject: [PATCH 2/3] network: VXLan - Add support for remote address +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1903300 +Origin: upstream, https://github.com/systemd/systemd/pull/15397 + +--- + src/network/netdev/vxlan.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/src/network/netdev/vxlan.c b/src/network/netdev/vxlan.c +index c27c9bf512..d49f39e0c9 100644 +--- a/src/network/netdev/vxlan.c ++++ b/src/network/netdev/vxlan.c +@@ -45,6 +45,13 @@ static int netdev_vxlan_fill_message_create(NetDev *netdev, Link *link, sd_netli + r = sd_netlink_message_append_in6_addr(m, IFLA_VXLAN_GROUP6, &v->group.in6); + if (r < 0) + return log_netdev_error_errno(netdev, r, "Could not append IFLA_VXLAN_GROUP attribute: %m"); ++ } else if (in_addr_is_null(v->remote_family, &v->remote) == 0) { ++ if (v->remote_family == AF_INET) ++ r = sd_netlink_message_append_in_addr(m, IFLA_VXLAN_GROUP, &v->remote.in); ++ else ++ r = sd_netlink_message_append_in6_addr(m, IFLA_VXLAN_GROUP6, &v->remote.in6); ++ if (r < 0) ++ return log_netdev_error_errno(netdev, r, "Could not append IFLA_VXLAN_GROUP attribute: %m"); + } + + if (in_addr_is_null(v->local_family, &v->local) == 0) { +@@ -348,6 +355,11 @@ static int netdev_vxlan_verify(NetDev *netdev, const char *filename) { + if (!v->dest_port && v->generic_protocol_extension) + v->dest_port = 4790; + ++ if (in_addr_is_null(v->group_family, &v->group) == 0 && in_addr_is_null(v->remote_family, &v->remote) == 0) ++ return log_netdev_warning_errno(netdev, SYNTHETIC_ERRNO(EINVAL), ++ "%s: VXLAN both 'Group=' and 'Remote=' cannot be specified. Ignoring.", ++ filename); ++ + return 0; + } + +-- +2.25.1 + diff -Nru systemd-245.4/debian/patches/lp1903300/0003-networkctl-Add-support-to-display-VXLan-remote-addre.patch systemd-245.4/debian/patches/lp1903300/0003-networkctl-Add-support-to-display-VXLan-remote-addre.patch --- systemd-245.4/debian/patches/lp1903300/0003-networkctl-Add-support-to-display-VXLan-remote-addre.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1903300/0003-networkctl-Add-support-to-display-VXLan-remote-addre.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,32 @@ +From 659f85a519f4e33c17079d613603db7c822f17aa Mon Sep 17 00:00:00 2001 +From: Susant Sahani +Date: Fri, 10 Apr 2020 15:50:23 +0200 +Subject: [PATCH 3/3] networkctl: Add support to display VXLan remote address +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1903300 +Origin: upstream, https://github.com/systemd/systemd/pull/15397 + +--- + src/network/networkctl.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +--- a/src/network/networkctl.c ++++ b/src/network/networkctl.c +@@ -1373,9 +1373,17 @@ static int link_status_one( + } + + if (IN_SET(info->vxlan_info.group_family, AF_INET, AF_INET6)) { ++ const char *p; ++ ++ r = in_addr_is_multicast(info->vxlan_info.group_family, &info->vxlan_info.group); ++ if (r <= 0) ++ p = "Remote:"; ++ else ++ p = "Group:"; ++ + r = table_add_many(table, + TABLE_EMPTY, +- TABLE_STRING, "Group:", ++ TABLE_STRING, p, + info->vxlan_info.group_family == AF_INET ? TABLE_IN_ADDR : TABLE_IN6_ADDR, + &info->vxlan_info.group); + if (r < 0) diff -Nru systemd-245.4/debian/patches/lp1905044-test-use-cap_last_cap-for-max-supported-cap-number-n.patch systemd-245.4/debian/patches/lp1905044-test-use-cap_last_cap-for-max-supported-cap-number-n.patch --- systemd-245.4/debian/patches/lp1905044-test-use-cap_last_cap-for-max-supported-cap-number-n.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1905044-test-use-cap_last_cap-for-max-supported-cap-number-n.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,123 @@ +From ebc815cd1c647faa934a446ceea91ff4bc9dffa4 Mon Sep 17 00:00:00 2001 +From: Dan Streetman +Date: Wed, 25 Nov 2020 15:22:24 -0500 +Subject: [PATCH] test: use cap_last_cap() for max supported cap number, not + capability_list_length() +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/focal/+source/systemd/+bug/1905044 +Origin: upstream, https://github.com/systemd/systemd/commit/ebc815cd1c647faa934a446ceea91ff4bc9dffa4 + +This test assumes capability_list_length() is an invalid cap number, +but that isn't true if the running kernel supports more caps than we were +compiled with, which results in the test failing. + +Instead use cap_last_cap() + 1. + +If cap_last_cap() is 63, there are no more 'invalid' cap numbers to test with, +so the invalid cap number test part is skipped. +--- + src/basic/cap-list.c | 3 ++ + src/test/test-cap-list.c | 62 +++++++++++++++++++++------------------- + 2 files changed, 36 insertions(+), 29 deletions(-) + +--- a/src/basic/cap-list.c ++++ b/src/basic/cap-list.c +@@ -50,6 +50,9 @@ int capability_from_name(const char *nam + return sc->id; + } + ++/* This is the number of capability names we are *compiled* with. ++ * For the max capability number of the currently-running kernel, ++ * use cap_last_cap(). */ + int capability_list_length(void) { + return (int) ELEMENTSOF(capability_names); + } +--- a/src/test/test-cap-list.c ++++ b/src/test/test-cap-list.c +@@ -55,7 +55,7 @@ static void test_cap_list(void) { + + static void test_capability_set_one(uint64_t c, const char *t) { + _cleanup_free_ char *t1 = NULL; +- uint64_t c1, c_masked = c & ((UINT64_C(1) << capability_list_length()) - 1); ++ uint64_t c1, c_masked = c & all_capabilities(); + + assert_se(capability_set_to_string_alloc(c, &t1) == 0); + assert_se(streq(t1, t)); +@@ -70,7 +70,7 @@ static void test_capability_set_one(uint + assert_se(c1 == c_masked); + } + +-static void test_capability_set(void) { ++static void test_capability_set_from_string(void) { + uint64_t c; + + assert_se(capability_set_from_string(NULL, &c) == 0); +@@ -87,38 +87,42 @@ static void test_capability_set(void) { + + assert_se(capability_set_from_string("0 1 2 3", &c) == 0); + assert_se(c == (UINT64_C(1) << 4) - 1); ++} ++ ++static void test_capability_set_to_string(uint64_t invalid_cap_set) { ++ uint64_t c; + +- test_capability_set_one(0, ""); +- test_capability_set_one( +- UINT64_C(1) << CAP_DAC_OVERRIDE, +- "cap_dac_override"); +- test_capability_set_one( +- UINT64_C(1) << CAP_DAC_OVERRIDE | +- UINT64_C(1) << capability_list_length(), +- "cap_dac_override"); +- test_capability_set_one( +- UINT64_C(1) << capability_list_length(), ""); +- test_capability_set_one( +- UINT64_C(1) << CAP_CHOWN | +- UINT64_C(1) << CAP_DAC_OVERRIDE | +- UINT64_C(1) << CAP_DAC_READ_SEARCH | +- UINT64_C(1) << CAP_FOWNER | +- UINT64_C(1) << CAP_SETGID | +- UINT64_C(1) << CAP_SETUID | +- UINT64_C(1) << CAP_SYS_PTRACE | +- UINT64_C(1) << CAP_SYS_ADMIN | +- UINT64_C(1) << CAP_AUDIT_CONTROL | +- UINT64_C(1) << CAP_MAC_OVERRIDE | +- UINT64_C(1) << CAP_SYSLOG | +- UINT64_C(1) << (capability_list_length() + 1), +- "cap_chown cap_dac_override cap_dac_read_search cap_fowner " +- "cap_setgid cap_setuid cap_sys_ptrace cap_sys_admin " +- "cap_audit_control cap_mac_override cap_syslog"); ++ test_capability_set_one(invalid_cap_set, ""); ++ ++ c = (UINT64_C(1) << CAP_DAC_OVERRIDE | invalid_cap_set); ++ test_capability_set_one(c, "cap_dac_override"); ++ ++ c = (UINT64_C(1) << CAP_CHOWN | ++ UINT64_C(1) << CAP_DAC_OVERRIDE | ++ UINT64_C(1) << CAP_DAC_READ_SEARCH | ++ UINT64_C(1) << CAP_FOWNER | ++ UINT64_C(1) << CAP_SETGID | ++ UINT64_C(1) << CAP_SETUID | ++ UINT64_C(1) << CAP_SYS_PTRACE | ++ UINT64_C(1) << CAP_SYS_ADMIN | ++ UINT64_C(1) << CAP_AUDIT_CONTROL | ++ UINT64_C(1) << CAP_MAC_OVERRIDE | ++ UINT64_C(1) << CAP_SYSLOG | ++ invalid_cap_set); ++ test_capability_set_one(c, ("cap_chown cap_dac_override cap_dac_read_search cap_fowner " ++ "cap_setgid cap_setuid cap_sys_ptrace cap_sys_admin " ++ "cap_audit_control cap_mac_override cap_syslog")); + } + + int main(int argc, char *argv[]) { + test_cap_list(); +- test_capability_set(); ++ test_capability_set_from_string(); ++ test_capability_set_to_string(0); ++ ++ /* once the kernel supports 63 caps, there are no 'invalid' numbers ++ * for us to test with */ ++ if (cap_last_cap() < 63) ++ test_capability_set_to_string(all_capabilities() + 1); + + return 0; + } diff -Nru systemd-245.4/debian/patches/lp1905245/0001-basic-cap-list-parse-print-numerical-capabilities.patch systemd-245.4/debian/patches/lp1905245/0001-basic-cap-list-parse-print-numerical-capabilities.patch --- systemd-245.4/debian/patches/lp1905245/0001-basic-cap-list-parse-print-numerical-capabilities.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1905245/0001-basic-cap-list-parse-print-numerical-capabilities.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,92 @@ +From 417770f3033c426ca848b158d0bf057cd8ad1329 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Thu, 9 Jul 2020 23:15:47 +0200 +Subject: [PATCH 1/3] basic/cap-list: parse/print numerical capabilities +Origin: upstream, https://github.com/systemd/systemd/pull/16424 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964926 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1905245 + +We would refuse to print capabilities which were didn't have a name +for. The kernel adds new capabilities from time to time, most recently +cap_bpf. 'systmectl show -p CapabilityBoundingSet ...' would fail with +"Failed to parse bus message: Invalid argument" because +capability_set_to_string_alloc() would fail with -EINVAL. So let's +print such capabilities in hexadecimal: + +CapabilityBoundingSet=cap_chown cap_dac_override cap_dac_read_search + cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap + cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin + cap_net_raw cap_ipc_lock cap_ipc_owner 0x10 0x11 0x12 0x13 0x14 0x15 0x16 + 0x17 0x18 0x19 0x1a ... + +For symmetry, also allow capabilities that we don't know to be specified. + +Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1853736. +--- + src/basic/cap-list.c | 10 +++++++--- + src/test/test-cap-list.c | 4 +++- + 2 files changed, 10 insertions(+), 4 deletions(-) + +diff --git a/src/basic/cap-list.c b/src/basic/cap-list.c +index 84083b4544..af27d84ba4 100644 +--- a/src/basic/cap-list.c ++++ b/src/basic/cap-list.c +@@ -9,6 +9,7 @@ + #include "extract-word.h" + #include "macro.h" + #include "parse-util.h" ++#include "stdio-util.h" + #include "util.h" + + static const struct capability_name* lookup_capability(register const char *str, register GPERF_LEN_TYPE len); +@@ -36,7 +37,7 @@ int capability_from_name(const char *name) { + /* Try to parse numeric capability */ + r = safe_atoi(name, &i); + if (r >= 0) { +- if (i >= 0 && (size_t) i < ELEMENTSOF(capability_names)) ++ if (i >= 0 && i < 64) + return i; + else + return -EINVAL; +@@ -64,11 +65,14 @@ int capability_set_to_string_alloc(uint64_t set, char **s) { + for (i = 0; i <= cap_last_cap(); i++) + if (set & (UINT64_C(1) << i)) { + const char *p; ++ char buf[2 + 16 + 1]; + size_t add; + + p = capability_to_name(i); +- if (!p) +- return -EINVAL; ++ if (!p) { ++ xsprintf(buf, "0x%lx", i); ++ p = buf; ++ } + + add = strlen(p); + +diff --git a/src/test/test-cap-list.c b/src/test/test-cap-list.c +index 563b996941..33dd2461c3 100644 +--- a/src/test/test-cap-list.c ++++ b/src/test/test-cap-list.c +@@ -31,6 +31,8 @@ static void test_cap_list(void) { + assert_se(capability_from_name("cAp_aUdIt_rEAd") == CAP_AUDIT_READ); + assert_se(capability_from_name("0") == 0); + assert_se(capability_from_name("15") == 15); ++ assert_se(capability_from_name("63") == 63); ++ assert_se(capability_from_name("64") == -EINVAL); + assert_se(capability_from_name("-1") == -EINVAL); + + for (i = 0; i < capability_list_length(); i++) { +@@ -65,7 +67,7 @@ static void test_capability_set_one(uint64_t c, const char *t) { + + free(t1); + assert_se(t1 = strjoin("'cap_chown cap_dac_override' \"cap_setgid cap_setuid\"", t, +- " hogehoge foobar 12345 3.14 -3 ", t)); ++ " hogehoge foobar 18446744073709551616 3.14 -3 ", t)); + assert_se(capability_set_from_string(t1, &c1) == 0); + assert_se(c1 == c_masked); + } +-- +2.25.1 + diff -Nru systemd-245.4/debian/patches/lp1905245/0002-basic-capability-util-let-cap_last_cap-return-unsign.patch systemd-245.4/debian/patches/lp1905245/0002-basic-capability-util-let-cap_last_cap-return-unsign.patch --- systemd-245.4/debian/patches/lp1905245/0002-basic-capability-util-let-cap_last_cap-return-unsign.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1905245/0002-basic-capability-util-let-cap_last_cap-return-unsign.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,212 @@ +From 864a25d99bb523e7a5c166771e3ddbf39baffd33 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Fri, 10 Jul 2020 16:53:51 +0200 +Subject: [PATCH 2/3] basic/capability-util: let cap_last_cap() return unsigned + integer +Origin: upstream, https://github.com/systemd/systemd/pull/16424 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964926 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1905245 + +We never return anything higher than 63, so using "long unsigned" +as the type only confused the reader. (We can still use "long unsigned" +and safe_atolu() to parse the kernel file.) +--- + src/basic/cap-list.c | 5 ++--- + src/basic/capability-util.c | 31 ++++++++++++------------------- + src/basic/capability-util.h | 2 +- + src/libsystemd/sd-bus/bus-creds.c | 5 ++--- + src/test/test-capability.c | 2 +- + 5 files changed, 18 insertions(+), 27 deletions(-) + +--- a/src/basic/cap-list.c ++++ b/src/basic/cap-list.c +@@ -57,12 +57,11 @@ int capability_list_length(void) { + + int capability_set_to_string_alloc(uint64_t set, char **s) { + _cleanup_free_ char *str = NULL; +- unsigned long i; + size_t allocated = 0, n = 0; + + assert(s); + +- for (i = 0; i <= cap_last_cap(); i++) ++ for (unsigned i = 0; i <= cap_last_cap(); i++) + if (set & (UINT64_C(1) << i)) { + const char *p; + char buf[2 + 16 + 1]; +@@ -70,7 +69,7 @@ int capability_set_to_string_alloc(uint6 + + p = capability_to_name(i); + if (!p) { +- xsprintf(buf, "0x%lx", i); ++ xsprintf(buf, "0x%x", i); + p = buf; + } + +--- a/src/basic/capability-util.c ++++ b/src/basic/capability-util.c +@@ -31,8 +31,8 @@ int have_effective_cap(int value) { + return fv == CAP_SET; + } + +-unsigned long cap_last_cap(void) { +- static thread_local unsigned long saved; ++unsigned cap_last_cap(void) { ++ static thread_local unsigned saved; + static thread_local bool valid = false; + _cleanup_free_ char *content = NULL; + unsigned long p = 0; +@@ -65,7 +65,7 @@ unsigned long cap_last_cap(void) { + if (prctl(PR_CAPBSET_READ, p) < 0) { + + /* Hmm, look downwards, until we find one that works */ +- for (p--; p > 0; p --) ++ for (p--; p > 0; p--) + if (prctl(PR_CAPBSET_READ, p) >= 0) + break; + +@@ -84,12 +84,10 @@ unsigned long cap_last_cap(void) { + } + + int capability_update_inherited_set(cap_t caps, uint64_t set) { +- unsigned long i; +- + /* Add capabilities in the set to the inherited caps, drops capabilities not in the set. + * Do not apply them yet. */ + +- for (i = 0; i <= cap_last_cap(); i++) { ++ for (unsigned i = 0; i <= cap_last_cap(); i++) { + cap_flag_value_t flag = set & (UINT64_C(1) << i) ? CAP_SET : CAP_CLEAR; + cap_value_t v; + +@@ -104,7 +102,6 @@ int capability_update_inherited_set(cap_ + + int capability_ambient_set_apply(uint64_t set, bool also_inherit) { + _cleanup_cap_free_ cap_t caps = NULL; +- unsigned long i; + int r; + + /* Check that we can use PR_CAP_AMBIENT or quit early. */ +@@ -126,7 +123,7 @@ int capability_ambient_set_apply(uint64_ + return -errno; + } + +- for (i = 0; i <= cap_last_cap(); i++) { ++ for (unsigned i = 0; i <= cap_last_cap(); i++) { + + if (set & (UINT64_C(1) << i)) { + +@@ -153,7 +150,6 @@ int capability_ambient_set_apply(uint64_ + int capability_bounding_set_drop(uint64_t keep, bool right_now) { + _cleanup_cap_free_ cap_t before_cap = NULL, after_cap = NULL; + cap_flag_value_t fv; +- unsigned long i; + int r; + + /* If we are run as PID 1 we will lack CAP_SETPCAP by default +@@ -190,7 +186,7 @@ int capability_bounding_set_drop(uint64_ + if (!after_cap) + return -errno; + +- for (i = 0; i <= cap_last_cap(); i++) { ++ for (unsigned i = 0; i <= cap_last_cap(); i++) { + cap_value_t v; + + if ((keep & (UINT64_C(1) << i))) +@@ -376,7 +372,6 @@ bool ambient_capabilities_supported(void + } + + bool capability_quintet_mangle(CapabilityQuintet *q) { +- unsigned long i; + uint64_t combined, drop = 0; + bool ambient_supported; + +@@ -388,7 +383,7 @@ bool capability_quintet_mangle(Capabilit + if (ambient_supported) + combined |= q->ambient; + +- for (i = 0; i <= cap_last_cap(); i++) { ++ for (unsigned i = 0; i <= cap_last_cap(); i++) { + unsigned long bit = UINT64_C(1) << i; + if (!FLAGS_SET(combined, bit)) + continue; +@@ -417,16 +412,15 @@ int capability_quintet_enforce(const Cap + int r; + + if (q->ambient != (uint64_t) -1) { +- unsigned long i; + bool changed = false; + + c = cap_get_proc(); + if (!c) + return -errno; + +- /* In order to raise the ambient caps set we first need to raise the matching inheritable + permitted +- * cap */ +- for (i = 0; i <= cap_last_cap(); i++) { ++ /* In order to raise the ambient caps set we first need to raise the matching ++ * inheritable + permitted cap */ ++ for (unsigned i = 0; i <= cap_last_cap(); i++) { + uint64_t m = UINT64_C(1) << i; + cap_value_t cv = (cap_value_t) i; + cap_flag_value_t old_value_inheritable, old_value_permitted; +@@ -461,7 +455,6 @@ int capability_quintet_enforce(const Cap + + if (q->inheritable != (uint64_t) -1 || q->permitted != (uint64_t) -1 || q->effective != (uint64_t) -1) { + bool changed = false; +- unsigned long i; + + if (!c) { + c = cap_get_proc(); +@@ -469,7 +462,7 @@ int capability_quintet_enforce(const Cap + return -errno; + } + +- for (i = 0; i <= cap_last_cap(); i++) { ++ for (unsigned i = 0; i <= cap_last_cap(); i++) { + uint64_t m = UINT64_C(1) << i; + cap_value_t cv = (cap_value_t) i; + +--- a/src/basic/capability-util.h ++++ b/src/basic/capability-util.h +@@ -12,7 +12,7 @@ + + #define CAP_ALL (uint64_t) -1 + +-unsigned long cap_last_cap(void); ++unsigned cap_last_cap(void); + int have_effective_cap(int value); + int capability_bounding_set_drop(uint64_t keep, bool right_now); + int capability_bounding_set_drop_usermode(uint64_t keep); +--- a/src/libsystemd/sd-bus/bus-creds.c ++++ b/src/libsystemd/sd-bus/bus-creds.c +@@ -650,16 +650,15 @@ _public_ int sd_bus_creds_get_descriptio + } + + static int has_cap(sd_bus_creds *c, size_t offset, int capability) { +- unsigned long lc; + size_t sz; + + assert(c); + assert(capability >= 0); + assert(c->capability); + +- lc = cap_last_cap(); ++ unsigned lc = cap_last_cap(); + +- if ((unsigned long) capability > lc) ++ if ((unsigned) capability > lc) + return 0; + + /* If the last cap is 63, then there are 64 caps defined, and we need 2 entries รก 32bit hence. * +--- a/src/test/test-capability.c ++++ b/src/test/test-capability.c +@@ -240,7 +240,7 @@ static void test_ensure_cap_64bit(void) + assert_se(p <= 63); + + /* Also check for the header definition */ +- assert_se(CAP_LAST_CAP <= 63); ++ assert_cc(CAP_LAST_CAP <= 63); + } + + int main(int argc, char *argv[]) { diff -Nru systemd-245.4/debian/patches/lp1905245/0003-basic-cap-list-reduce-scope-of-variables.patch systemd-245.4/debian/patches/lp1905245/0003-basic-cap-list-reduce-scope-of-variables.patch --- systemd-245.4/debian/patches/lp1905245/0003-basic-cap-list-reduce-scope-of-variables.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1905245/0003-basic-cap-list-reduce-scope-of-variables.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,68 @@ +From 5700780389ddea40df6abd4f54d32214aaf4a640 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Thu, 9 Jul 2020 23:23:07 +0200 +Subject: [PATCH 3/3] basic/cap-list: reduce scope of variables +Origin: upstream, https://github.com/systemd/systemd/pull/16424 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964926 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1905245 + +--- + src/basic/cap-list.c | 4 +--- + src/test/test-cap-list.c | 6 ++---- + 2 files changed, 3 insertions(+), 7 deletions(-) + +diff --git a/src/basic/cap-list.c b/src/basic/cap-list.c +index 2b7834ad98..b483833947 100644 +--- a/src/basic/cap-list.c ++++ b/src/basic/cap-list.c +@@ -18,7 +18,6 @@ static const struct capability_name* lookup_capability(register const char *str, + #include "cap-to-name.h" + + const char *capability_to_name(int id) { +- + if (id < 0) + return NULL; + +@@ -94,11 +93,10 @@ int capability_set_to_string_alloc(uint64_t set, char **s) { + + int capability_set_from_string(const char *s, uint64_t *set) { + uint64_t val = 0; +- const char *p; + + assert(set); + +- for (p = s;;) { ++ for (const char *p = s;;) { + _cleanup_free_ char *word = NULL; + int r; + +diff --git a/src/test/test-cap-list.c b/src/test/test-cap-list.c +index 33dd2461c3..81d5c456d7 100644 +--- a/src/test/test-cap-list.c ++++ b/src/test/test-cap-list.c +@@ -12,12 +12,10 @@ + + /* verify the capability parser */ + static void test_cap_list(void) { +- int i; +- + assert_se(!capability_to_name(-1)); + assert_se(!capability_to_name(capability_list_length())); + +- for (i = 0; i < capability_list_length(); i++) { ++ for (int i = 0; i < capability_list_length(); i++) { + const char *n; + + assert_se(n = capability_to_name(i)); +@@ -35,7 +33,7 @@ static void test_cap_list(void) { + assert_se(capability_from_name("64") == -EINVAL); + assert_se(capability_from_name("-1") == -EINVAL); + +- for (i = 0; i < capability_list_length(); i++) { ++ for (int i = 0; i < capability_list_length(); i++) { + _cleanup_cap_free_charp_ char *a = NULL; + const char *b; + unsigned u; +-- +2.25.1 + diff -Nru systemd-245.4/debian/patches/lp1907306/0001-sd-dhcp-client-don-t-log-timeouts-if-already-expired.patch systemd-245.4/debian/patches/lp1907306/0001-sd-dhcp-client-don-t-log-timeouts-if-already-expired.patch --- systemd-245.4/debian/patches/lp1907306/0001-sd-dhcp-client-don-t-log-timeouts-if-already-expired.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1907306/0001-sd-dhcp-client-don-t-log-timeouts-if-already-expired.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,60 @@ +From f3bd46c657d9ffd4c34624fbbff23d21d5848ca4 Mon Sep 17 00:00:00 2001 +From: Dan Streetman +Date: Mon, 14 Dec 2020 15:50:11 -0500 +Subject: [PATCH 1/7] sd-dhcp-client: don't log timeouts if already expired +Origin: upstream, https://github.com/systemd/systemd/commit/3a23834d6b0da391c1ba9cb79a7d7deea7125f4b +Bug: https://github.com/systemd/systemd/issues/17909 +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1907306 + +--- + src/libsystemd-network/sd-dhcp-client.c | 17 +++++++++-------- + 1 file changed, 9 insertions(+), 8 deletions(-) + +--- a/src/libsystemd-network/sd-dhcp-client.c ++++ b/src/libsystemd-network/sd-dhcp-client.c +@@ -1577,13 +1577,13 @@ static int client_set_lease_timeouts(sd_ + if (r < 0) + return r; + +- log_dhcp_client(client, "lease expires in %s", +- format_timespan(time_string, FORMAT_TIMESPAN_MAX, lifetime_timeout - time_now, USEC_PER_SEC)); +- + /* don't arm earlier timeouts if this has already expired */ + if (lifetime_timeout <= time_now) + return 0; + ++ log_dhcp_client(client, "lease expires in %s", ++ format_timespan(time_string, FORMAT_TIMESPAN_MAX, lifetime_timeout - time_now, USEC_PER_SEC)); ++ + /* arm T2 timeout */ + r = event_reset_time(client->event, &client->timeout_t2, + clock_boottime_or_monotonic(), +@@ -1593,13 +1593,13 @@ static int client_set_lease_timeouts(sd_ + if (r < 0) + return r; + +- log_dhcp_client(client, "T2 expires in %s", +- format_timespan(time_string, FORMAT_TIMESPAN_MAX, t2_timeout - time_now, USEC_PER_SEC)); +- + /* don't arm earlier timeout if this has already expired */ + if (t2_timeout <= time_now) + return 0; + ++ log_dhcp_client(client, "T2 expires in %s", ++ format_timespan(time_string, FORMAT_TIMESPAN_MAX, t2_timeout - time_now, USEC_PER_SEC)); ++ + /* arm T1 timeout */ + r = event_reset_time(client->event, &client->timeout_t1, + clock_boottime_or_monotonic(), +@@ -1609,8 +1609,9 @@ static int client_set_lease_timeouts(sd_ + if (r < 0) + return r; + +- log_dhcp_client(client, "T1 expires in %s", +- format_timespan(time_string, FORMAT_TIMESPAN_MAX, t1_timeout - time_now, USEC_PER_SEC)); ++ if (t1_timeout > time_now) ++ log_dhcp_client(client, "T1 expires in %s", ++ format_timespan(time_string, FORMAT_TIMESPAN_MAX, t1_timeout - time_now, USEC_PER_SEC)); + + return 0; + } diff -Nru systemd-245.4/debian/patches/lp1907306/0002-sd-dhcp-client-track-dhcp4-t1-t2-expire-times.patch systemd-245.4/debian/patches/lp1907306/0002-sd-dhcp-client-track-dhcp4-t1-t2-expire-times.patch --- systemd-245.4/debian/patches/lp1907306/0002-sd-dhcp-client-track-dhcp4-t1-t2-expire-times.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1907306/0002-sd-dhcp-client-track-dhcp4-t1-t2-expire-times.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,153 @@ +From 0c3c59783b127ec9a1c4860c6509d133cccffe10 Mon Sep 17 00:00:00 2001 +From: Dan Streetman +Date: Tue, 8 Dec 2020 14:37:59 -0500 +Subject: [PATCH 2/7] sd-dhcp-client: track dhcp4 t1, t2, expire times +Origin: upstream, https://github.com/systemd/systemd/commit/3a23834d6b0da391c1ba9cb79a7d7deea7125f4b +Bug: https://github.com/systemd/systemd/issues/17909 +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1907306 + +Add fields to dhcp4 client to track t1, t2, and lease expiry times +--- + src/libsystemd-network/sd-dhcp-client.c | 54 ++++++++++++------------- + 1 file changed, 27 insertions(+), 27 deletions(-) + +--- a/src/libsystemd-network/sd-dhcp-client.c ++++ b/src/libsystemd-network/sd-dhcp-client.c +@@ -87,6 +87,9 @@ struct sd_dhcp_client { + uint32_t mtu; + uint32_t xid; + usec_t start_time; ++ usec_t t1_time; ++ usec_t t2_time; ++ usec_t expire_time; + uint64_t attempt; + uint64_t max_attempts; + OrderedHashmap *options; +@@ -1499,9 +1502,6 @@ static uint64_t client_compute_timeout(s + + static int client_set_lease_timeouts(sd_dhcp_client *client) { + usec_t time_now; +- uint64_t lifetime_timeout; +- uint64_t t2_timeout; +- uint64_t t1_timeout; + char time_string[FORMAT_TIMESPAN_MAX]; + int r; + +@@ -1525,93 +1525,93 @@ static int client_set_lease_timeouts(sd_ + assert(client->request_sent <= time_now); + + /* convert the various timeouts from relative (secs) to absolute (usecs) */ +- lifetime_timeout = client_compute_timeout(client, client->lease->lifetime, 1); ++ client->expire_time = client_compute_timeout(client, client->lease->lifetime, 1); + if (client->lease->t1 > 0 && client->lease->t2 > 0) { + /* both T1 and T2 are given */ + if (client->lease->t1 < client->lease->t2 && + client->lease->t2 < client->lease->lifetime) { + /* they are both valid */ +- t2_timeout = client_compute_timeout(client, client->lease->t2, 1); +- t1_timeout = client_compute_timeout(client, client->lease->t1, 1); ++ client->t2_time = client_compute_timeout(client, client->lease->t2, 1); ++ client->t1_time = client_compute_timeout(client, client->lease->t1, 1); + } else { + /* discard both */ +- t2_timeout = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); ++ client->t2_time = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); + client->lease->t2 = (client->lease->lifetime * 7) / 8; +- t1_timeout = client_compute_timeout(client, client->lease->lifetime, 0.5); ++ client->t1_time = client_compute_timeout(client, client->lease->lifetime, 0.5); + client->lease->t1 = client->lease->lifetime / 2; + } + } else if (client->lease->t2 > 0 && client->lease->t2 < client->lease->lifetime) { + /* only T2 is given, and it is valid */ +- t2_timeout = client_compute_timeout(client, client->lease->t2, 1); +- t1_timeout = client_compute_timeout(client, client->lease->lifetime, 0.5); ++ client->t2_time = client_compute_timeout(client, client->lease->t2, 1); ++ client->t1_time = client_compute_timeout(client, client->lease->lifetime, 0.5); + client->lease->t1 = client->lease->lifetime / 2; +- if (t2_timeout <= t1_timeout) { ++ if (client->t2_time <= client->t1_time) { + /* the computed T1 would be invalid, so discard T2 */ +- t2_timeout = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); ++ client->t2_time = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); + client->lease->t2 = (client->lease->lifetime * 7) / 8; + } + } else if (client->lease->t1 > 0 && client->lease->t1 < client->lease->lifetime) { + /* only T1 is given, and it is valid */ +- t1_timeout = client_compute_timeout(client, client->lease->t1, 1); +- t2_timeout = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); ++ client->t1_time = client_compute_timeout(client, client->lease->t1, 1); ++ client->t2_time = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); + client->lease->t2 = (client->lease->lifetime * 7) / 8; +- if (t2_timeout <= t1_timeout) { ++ if (client->t2_time <= client->t1_time) { + /* the computed T2 would be invalid, so discard T1 */ +- t2_timeout = client_compute_timeout(client, client->lease->lifetime, 0.5); ++ client->t2_time = client_compute_timeout(client, client->lease->lifetime, 0.5); + client->lease->t2 = client->lease->lifetime / 2; + } + } else { + /* fall back to the default timeouts */ +- t1_timeout = client_compute_timeout(client, client->lease->lifetime, 0.5); ++ client->t1_time = client_compute_timeout(client, client->lease->lifetime, 0.5); + client->lease->t1 = client->lease->lifetime / 2; +- t2_timeout = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); ++ client->t2_time = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); + client->lease->t2 = (client->lease->lifetime * 7) / 8; + } + + /* arm lifetime timeout */ + r = event_reset_time(client->event, &client->timeout_expire, + clock_boottime_or_monotonic(), +- lifetime_timeout, 10 * USEC_PER_MSEC, ++ client->expire_time, 10 * USEC_PER_MSEC, + client_timeout_expire, client, + client->event_priority, "dhcp4-lifetime", true); + if (r < 0) + return r; + + /* don't arm earlier timeouts if this has already expired */ +- if (lifetime_timeout <= time_now) ++ if (client->expire_time <= time_now) + return 0; + + log_dhcp_client(client, "lease expires in %s", +- format_timespan(time_string, FORMAT_TIMESPAN_MAX, lifetime_timeout - time_now, USEC_PER_SEC)); ++ format_timespan(time_string, FORMAT_TIMESPAN_MAX, client->expire_time - time_now, USEC_PER_SEC)); + + /* arm T2 timeout */ + r = event_reset_time(client->event, &client->timeout_t2, + clock_boottime_or_monotonic(), +- t2_timeout, 10 * USEC_PER_MSEC, ++ client->t2_time, 10 * USEC_PER_MSEC, + client_timeout_t2, client, + client->event_priority, "dhcp4-t2-timeout", true); + if (r < 0) + return r; + + /* don't arm earlier timeout if this has already expired */ +- if (t2_timeout <= time_now) ++ if (client->t2_time <= time_now) + return 0; + + log_dhcp_client(client, "T2 expires in %s", +- format_timespan(time_string, FORMAT_TIMESPAN_MAX, t2_timeout - time_now, USEC_PER_SEC)); ++ format_timespan(time_string, FORMAT_TIMESPAN_MAX, client->t2_time - time_now, USEC_PER_SEC)); + + /* arm T1 timeout */ + r = event_reset_time(client->event, &client->timeout_t1, + clock_boottime_or_monotonic(), +- t1_timeout, 10 * USEC_PER_MSEC, ++ client->t1_time, 10 * USEC_PER_MSEC, + client_timeout_t1, client, + client->event_priority, "dhcp4-t1-timer", true); + if (r < 0) + return r; + +- if (t1_timeout > time_now) ++ if (client->t1_time > time_now) + log_dhcp_client(client, "T1 expires in %s", +- format_timespan(time_string, FORMAT_TIMESPAN_MAX, t1_timeout - time_now, USEC_PER_SEC)); ++ format_timespan(time_string, FORMAT_TIMESPAN_MAX, client->t1_time - time_now, USEC_PER_SEC)); + + return 0; + } diff -Nru systemd-245.4/debian/patches/lp1907306/0003-sd-dhcp-client-add-RFC2131-retransmission-details.patch systemd-245.4/debian/patches/lp1907306/0003-sd-dhcp-client-add-RFC2131-retransmission-details.patch --- systemd-245.4/debian/patches/lp1907306/0003-sd-dhcp-client-add-RFC2131-retransmission-details.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1907306/0003-sd-dhcp-client-add-RFC2131-retransmission-details.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,63 @@ +From 3d75a443ee819c4b2df8bfd8caee5c3ebc76fae3 Mon Sep 17 00:00:00 2001 +From: Dan Streetman +Date: Tue, 8 Dec 2020 15:33:29 -0500 +Subject: [PATCH 3/7] sd-dhcp-client: add RFC2131 retransmission details +Origin: upstream, https://github.com/systemd/systemd/commit/3a23834d6b0da391c1ba9cb79a7d7deea7125f4b +Bug: https://github.com/systemd/systemd/issues/17909 +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1907306 + +RFC2131, providing the details for dhcpv4, has specific retransmission +intervals that it outlines. This adds functions to compute the timeouts +as the RFC describes. +--- + src/libsystemd-network/sd-dhcp-client.c | 32 +++++++++++++++++++++++++ + 1 file changed, 32 insertions(+) + +--- a/src/libsystemd-network/sd-dhcp-client.c ++++ b/src/libsystemd-network/sd-dhcp-client.c +@@ -27,6 +27,7 @@ + #include "random-util.h" + #include "string-util.h" + #include "strv.h" ++#include "time-util.h" + + #define MAX_CLIENT_ID_LEN (sizeof(uint32_t) + MAX_DUID_LEN) /* Arbitrary limit */ + #define MAX_MAC_ADDR_LEN CONST_MAX(INFINIBAND_ALEN, ETH_ALEN) +@@ -629,6 +630,37 @@ static void client_stop(sd_dhcp_client * + client_initialize(client); + } + ++/* RFC2131 section 4.1: ++ * retransmission delays should include -1 to +1 sec of random 'fuzz'. */ ++#define RFC2131_RANDOM_FUZZ \ ++ ((int64_t)(random_u64() % (2 * USEC_PER_SEC)) - (int64_t)USEC_PER_SEC) ++ ++/* RFC2131 section 4.1: ++ * for retransmission delays, timeout should start at 4s then double ++ * each attempt with max of 64s, with -1 to +1 sec of random 'fuzz' added. ++ * This assumes the first call will be using attempt 1. */ ++static usec_t client_compute_request_timeout(usec_t now, uint64_t attempt) { ++ usec_t timeout = (UINT64_C(1) << MIN(attempt + 1, UINT64_C(6))) * USEC_PER_SEC; ++ ++ return usec_sub_signed(usec_add(now, timeout), RFC2131_RANDOM_FUZZ); ++} ++ ++/* RFC2131 section 4.4.5: ++ * T1 defaults to (0.5 * duration_of_lease). ++ * T2 defaults to (0.875 * duration_of_lease). */ ++#define T1_DEFAULT(lifetime) ((lifetime) / 2) ++#define T2_DEFAULT(lifetime) (((lifetime) * 7) / 8) ++ ++/* RFC2131 section 4.4.5: ++ * the client SHOULD wait one-half of the remaining time until T2 (in RENEWING state) ++ * and one-half of the remaining lease time (in REBINDING state), down to a minimum ++ * of 60 seconds. ++ * Note that while the default T1/T2 initial times do have random 'fuzz' applied, ++ * the RFC sec 4.4.5 does not mention adding any fuzz to retries. */ ++static usec_t client_compute_reacquisition_timeout(usec_t now, usec_t expire) { ++ return MAX(usec_sub_unsigned(expire, now) / 2, 60 * USEC_PER_SEC); ++} ++ + static int client_message_init( + sd_dhcp_client *client, + DHCPPacket **ret, diff -Nru systemd-245.4/debian/patches/lp1907306/0004-sd-dhcp-client-simplify-dhcp4-t1-t2-parsing.patch systemd-245.4/debian/patches/lp1907306/0004-sd-dhcp-client-simplify-dhcp4-t1-t2-parsing.patch --- systemd-245.4/debian/patches/lp1907306/0004-sd-dhcp-client-simplify-dhcp4-t1-t2-parsing.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1907306/0004-sd-dhcp-client-simplify-dhcp4-t1-t2-parsing.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,126 @@ +From b0d7d8063cb61bb204523f02fd45fb671a1f4d43 Mon Sep 17 00:00:00 2001 +From: Dan Streetman +Date: Tue, 8 Dec 2020 15:36:19 -0500 +Subject: [PATCH 4/7] sd-dhcp-client: simplify dhcp4 t1/t2 parsing +Origin: upstream, https://github.com/systemd/systemd/commit/3a23834d6b0da391c1ba9cb79a7d7deea7125f4b +Bug: https://github.com/systemd/systemd/issues/17909 +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1907306 + +The parsing of the dhcpv4 lease lifetime, as well as the t1/t2 +times, is simplified by this commit. + +This differs from previous behavior; previously, the lease lifetime and +t1/t2 values were modified by random 'fuzz' by subtracting 3, then adding +a random number between 0 and (slightly over) 2 seconds. The resulting +values were therefore always between 1-3 seconds shorter than the value +provided by the server (or the default, in case of t1/t2). Now, as +described in RFC2131, the random 'fuzz' is between -1 and +1 seconds, +meaning the actual t1 and t2 value will be up to 1 second earlier or +later than the server-provided (or default) t1/t2 value. + +This also differs in handling the lease lifetime, as described above it +previously was adjusted by the random 'fuzz', but the RFC does not state +that the lease expiration time should be adjusted, so now the code uses +exactly the lease lifetime as provided by the server with no adjustment. +--- + src/libsystemd-network/sd-dhcp-client.c | 82 ++++++++----------------- + 1 file changed, 25 insertions(+), 57 deletions(-) + +--- a/src/libsystemd-network/sd-dhcp-client.c ++++ b/src/libsystemd-network/sd-dhcp-client.c +@@ -1518,20 +1518,6 @@ static int client_handle_ack(sd_dhcp_cli + return r; + } + +-static uint64_t client_compute_timeout(sd_dhcp_client *client, uint32_t lifetime, double factor) { +- assert(client); +- assert(client->request_sent); +- assert(lifetime > 0); +- +- if (lifetime > 3) +- lifetime -= 3; +- else +- lifetime = 0; +- +- return client->request_sent + (lifetime * USEC_PER_SEC * factor) + +- + (random_u32() & 0x1fffff); +-} +- + static int client_set_lease_timeouts(sd_dhcp_client *client) { + usec_t time_now; + char time_string[FORMAT_TIMESPAN_MAX]; +@@ -1556,49 +1542,31 @@ static int client_set_lease_timeouts(sd_ + return r; + assert(client->request_sent <= time_now); + +- /* convert the various timeouts from relative (secs) to absolute (usecs) */ +- client->expire_time = client_compute_timeout(client, client->lease->lifetime, 1); +- if (client->lease->t1 > 0 && client->lease->t2 > 0) { +- /* both T1 and T2 are given */ +- if (client->lease->t1 < client->lease->t2 && +- client->lease->t2 < client->lease->lifetime) { +- /* they are both valid */ +- client->t2_time = client_compute_timeout(client, client->lease->t2, 1); +- client->t1_time = client_compute_timeout(client, client->lease->t1, 1); +- } else { +- /* discard both */ +- client->t2_time = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); +- client->lease->t2 = (client->lease->lifetime * 7) / 8; +- client->t1_time = client_compute_timeout(client, client->lease->lifetime, 0.5); +- client->lease->t1 = client->lease->lifetime / 2; +- } +- } else if (client->lease->t2 > 0 && client->lease->t2 < client->lease->lifetime) { +- /* only T2 is given, and it is valid */ +- client->t2_time = client_compute_timeout(client, client->lease->t2, 1); +- client->t1_time = client_compute_timeout(client, client->lease->lifetime, 0.5); +- client->lease->t1 = client->lease->lifetime / 2; +- if (client->t2_time <= client->t1_time) { +- /* the computed T1 would be invalid, so discard T2 */ +- client->t2_time = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); +- client->lease->t2 = (client->lease->lifetime * 7) / 8; +- } +- } else if (client->lease->t1 > 0 && client->lease->t1 < client->lease->lifetime) { +- /* only T1 is given, and it is valid */ +- client->t1_time = client_compute_timeout(client, client->lease->t1, 1); +- client->t2_time = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); +- client->lease->t2 = (client->lease->lifetime * 7) / 8; +- if (client->t2_time <= client->t1_time) { +- /* the computed T2 would be invalid, so discard T1 */ +- client->t2_time = client_compute_timeout(client, client->lease->lifetime, 0.5); +- client->lease->t2 = client->lease->lifetime / 2; +- } +- } else { +- /* fall back to the default timeouts */ +- client->t1_time = client_compute_timeout(client, client->lease->lifetime, 0.5); +- client->lease->t1 = client->lease->lifetime / 2; +- client->t2_time = client_compute_timeout(client, client->lease->lifetime, 7.0 / 8.0); +- client->lease->t2 = (client->lease->lifetime * 7) / 8; +- } ++ /* verify that 0 < t2 < lifetime */ ++ if (client->lease->t2 == 0 || client->lease->t2 >= client->lease->lifetime) ++ client->lease->t2 = T2_DEFAULT(client->lease->lifetime); ++ /* verify that 0 < t1 < lifetime */ ++ if (client->lease->t1 == 0 || client->lease->t1 >= client->lease->t2) ++ client->lease->t1 = T1_DEFAULT(client->lease->lifetime); ++ /* now, if t1 >= t2, t1 *must* be T1_DEFAULT, since the previous check ++ * could not evalate to false if t1 >= t2; so setting t2 to T2_DEFAULT ++ * guarantees t1 < t2. */ ++ if (client->lease->t1 >= client->lease->t2) ++ client->lease->t2 = T2_DEFAULT(client->lease->lifetime); ++ ++ client->expire_time = client->request_sent + client->lease->lifetime * USEC_PER_SEC; ++ client->t1_time = client->request_sent + client->lease->t1 * USEC_PER_SEC; ++ client->t2_time = client->request_sent + client->lease->t2 * USEC_PER_SEC; ++ ++ /* RFC2131 section 4.4.5: ++ * Times T1 and T2 SHOULD be chosen with some random "fuzz". ++ * Since the RFC doesn't specify here the exact 'fuzz' to use, ++ * we use the range from section 4.1: -1 to +1 sec. */ ++ client->t1_time = usec_sub_signed(client->t1_time, RFC2131_RANDOM_FUZZ); ++ client->t2_time = usec_sub_signed(client->t2_time, RFC2131_RANDOM_FUZZ); ++ ++ /* after fuzzing, ensure t2 is still >= t1 */ ++ client->t2_time = MAX(client->t1_time, client->t2_time); + + /* arm lifetime timeout */ + r = event_reset_time(client->event, &client->timeout_expire, diff -Nru systemd-245.4/debian/patches/lp1907306/0005-sd-dhcp-client-correct-dhcpv4-renew-rebind-retransmi.patch systemd-245.4/debian/patches/lp1907306/0005-sd-dhcp-client-correct-dhcpv4-renew-rebind-retransmi.patch --- systemd-245.4/debian/patches/lp1907306/0005-sd-dhcp-client-correct-dhcpv4-renew-rebind-retransmi.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1907306/0005-sd-dhcp-client-correct-dhcpv4-renew-rebind-retransmi.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,75 @@ +From c24288d21ee94856f5c60473191d41c77b71da91 Mon Sep 17 00:00:00 2001 +From: Dan Streetman +Date: Tue, 8 Dec 2020 15:40:10 -0500 +Subject: [PATCH 5/7] sd-dhcp-client: correct dhcpv4 renew/rebind retransmit + timeouts +Origin: upstream, https://github.com/systemd/systemd/commit/3a23834d6b0da391c1ba9cb79a7d7deea7125f4b +Bug: https://github.com/systemd/systemd/issues/17909 +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1907306 + +Use the request timeout algorithm specified in RFC2131 section 4.4.5 for +handling timed out RENEW and REBIND requests. + +This changes behavior, as previously only 2 RENEW and 2 REBIND requests +were sent, no matter how long the lease lifetime. Now, requests are +send according to the RFC, which results in starting with a timeout +of 1/2 the t1 or t2 period, and halving the timeout for each retry +down to a minimum of 60 seconds. + +Fixes: #17909 +--- + src/libsystemd-network/sd-dhcp-client.c | 16 +++------------- + 1 file changed, 3 insertions(+), 13 deletions(-) + +--- a/src/libsystemd-network/sd-dhcp-client.c ++++ b/src/libsystemd-network/sd-dhcp-client.c +@@ -1093,7 +1093,6 @@ static int client_timeout_resend( + DHCP_CLIENT_DONT_DESTROY(client); + usec_t next_timeout = 0; + uint64_t time_now; +- uint32_t time_left; + int r; + + assert(s); +@@ -1107,22 +1106,11 @@ static int client_timeout_resend( + switch (client->state) { + + case DHCP_STATE_RENEWING: +- +- time_left = (client->lease->t2 - client->lease->t1) / 2; +- if (time_left < 60) +- time_left = 60; +- +- next_timeout = time_now + time_left * USEC_PER_SEC; +- ++ next_timeout = client_compute_reacquisition_timeout(time_now, client->t2_time); + break; + + case DHCP_STATE_REBINDING: +- +- time_left = (client->lease->lifetime - client->lease->t2) / 2; +- if (time_left < 60) +- time_left = 60; +- +- next_timeout = time_now + time_left * USEC_PER_SEC; ++ next_timeout = client_compute_reacquisition_timeout(time_now, client->expire_time); + break; + + case DHCP_STATE_REBOOTING: +@@ -1151,6 +1139,7 @@ static int client_timeout_resend( + goto error; + + next_timeout = time_now + ((UINT64_C(1) << MIN(client->attempt, (uint64_t) 6)) - 1) * USEC_PER_SEC; ++ next_timeout += (random_u32() & 0x1fffff); + + break; + +@@ -1159,8 +1148,6 @@ static int client_timeout_resend( + goto error; + } + +- next_timeout += (random_u32() & 0x1fffff); +- + r = event_reset_time(client->event, &client->timeout_resend, + clock_boottime_or_monotonic(), + next_timeout, 10 * USEC_PER_MSEC, diff -Nru systemd-245.4/debian/patches/lp1907306/0006-sd-dhcp-client-correct-retransmission-timeout-to-mat.patch systemd-245.4/debian/patches/lp1907306/0006-sd-dhcp-client-correct-retransmission-timeout-to-mat.patch --- systemd-245.4/debian/patches/lp1907306/0006-sd-dhcp-client-correct-retransmission-timeout-to-mat.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1907306/0006-sd-dhcp-client-correct-retransmission-timeout-to-mat.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,48 @@ +From f3808b872f78b3224ecd0517f96f18a353bfba79 Mon Sep 17 00:00:00 2001 +From: Dan Streetman +Date: Wed, 9 Dec 2020 14:32:06 -0500 +Subject: [PATCH 6/7] sd-dhcp-client: correct retransmission timeout to match + RFC +Origin: upstream, https://github.com/systemd/systemd/commit/3a23834d6b0da391c1ba9cb79a7d7deea7125f4b +Bug: https://github.com/systemd/systemd/issues/17909 +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1907306 + +This changes the retransmission timeout algorithm for requests +other than RENEW and REBIND. Previously, the retransmission timeout +started at 2 seconds, then doubling each retransmission up to a max +of 64 seconds. This is changed to match what RFC2131 section 4.1 describes, +which skips the initial 2 second timeout and starts with a 4 second timeout +instead. Note that -1 to +1 seconds of random 'fuzz' is added to each +timeout, in previous and current behavior. + +This change is therefore slightly slower than the previous behavior in +attempting retransmissions when no server response is received, since the +first transmission times out in 4 seconds instead of 2. + +Since TRANSIENT_FAILURE_ATTEMPTS is set to 3, the previous length of time +before a transient failure was reported back to systemd-networkd was +2 + 4 + 8 = 14 seconds, plus, on average, 3 seconds of random 'fuzz' for +a transient failure timeout between 11 and 17 seconds. Now, since the +first timeout starts at 4, the transient failure will be reported at +4 + 8 + 16 = 28 seconds, again plus 3 random seconds for a transient +failure timeout between 25 and 31 seconds. + +Additionally, if MaxAttempts= is set, it will take slightly longer to +reach than with previous behavior. +--- + src/libsystemd-network/sd-dhcp-client.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +--- a/src/libsystemd-network/sd-dhcp-client.c ++++ b/src/libsystemd-network/sd-dhcp-client.c +@@ -1138,9 +1138,7 @@ static int client_timeout_resend( + else + goto error; + +- next_timeout = time_now + ((UINT64_C(1) << MIN(client->attempt, (uint64_t) 6)) - 1) * USEC_PER_SEC; +- next_timeout += (random_u32() & 0x1fffff); +- ++ next_timeout = client_compute_request_timeout(time_now, client->attempt); + break; + + case DHCP_STATE_STOPPED: diff -Nru systemd-245.4/debian/patches/lp1907306/0007-test-network-increase-wait_online-timeout-to-handle-.patch systemd-245.4/debian/patches/lp1907306/0007-test-network-increase-wait_online-timeout-to-handle-.patch --- systemd-245.4/debian/patches/lp1907306/0007-test-network-increase-wait_online-timeout-to-handle-.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1907306/0007-test-network-increase-wait_online-timeout-to-handle-.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,35 @@ +From b226c15cfb993dc6e00ae6180bb287fc4dd93acd Mon Sep 17 00:00:00 2001 +From: Dan Streetman +Date: Wed, 9 Dec 2020 15:24:09 -0500 +Subject: [PATCH 7/7] test-network: increase wait_online timeout to handle + longer dhcpv4 transient timeout +Origin: upstream, https://github.com/systemd/systemd/commit/3a23834d6b0da391c1ba9cb79a7d7deea7125f4b +Bug: https://github.com/systemd/systemd/issues/17909 +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1907306 + +Previous commits changed the dhcpv4 retransmission algorithm to be +slightly slower, changing the amount of time it takes to notify +systemd-networkd that the dhcpv4 configuration has (transiently) +failed from around 14 second up to 28 seconds. + +Since the test_dhcp_client_with_ipv4ll_without_dhcp_server test +configures an interface to use dhcpv4 without any operating dhcpv4 +server running, it must increase the amount of time it waits for +the test interface to reach degraded state. +--- + test/test-network/systemd-networkd-tests.py | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +--- a/test/test-network/systemd-networkd-tests.py ++++ b/test/test-network/systemd-networkd-tests.py +@@ -3443,7 +3443,9 @@ class NetworkdDHCPClientTests(unittest.T + copy_unit_to_networkd_unit_path('25-veth.netdev', 'dhcp-server-veth-peer.network', + 'dhcp-client-with-ipv4ll-fallback-without-dhcp-server.network') + start_networkd() +- self.wait_online(['veth99:degraded', 'veth-peer:routable']) ++ # we need to increase timeout above default, as this will need to wait for ++ # systemd-networkd to get the dhcpv4 transient failure event ++ self.wait_online(['veth99:degraded', 'veth-peer:routable'], timeout='60s') + + output = check_output('ip address show dev veth99') + print(output) diff -Nru systemd-245.4/debian/patches/lp1907306/0008-sd-dhcp-client-fix-renew-rebind-timeout-calculation-.patch systemd-245.4/debian/patches/lp1907306/0008-sd-dhcp-client-fix-renew-rebind-timeout-calculation-.patch --- systemd-245.4/debian/patches/lp1907306/0008-sd-dhcp-client-fix-renew-rebind-timeout-calculation-.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-245.4/debian/patches/lp1907306/0008-sd-dhcp-client-fix-renew-rebind-timeout-calculation-.patch 2021-01-06 20:47:16.000000000 +0000 @@ -0,0 +1,27 @@ +From 8bc63a0b1355a8362e50b449b2ae9979122a2521 Mon Sep 17 00:00:00 2001 +From: Dan Streetman +Date: Tue, 15 Dec 2020 17:59:12 -0500 +Subject: [PATCH] sd-dhcp-client: fix renew/rebind timeout calculation to avoid + infinite loop +Origin: upstream, https://github.com/systemd/systemd/commit/8bc63a0b1355a8362e50b449b2ae9979122a2521 +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1907306 + +unfortunately I missed adding the timeout to 'now' which results in +an endless loop of renewal timeouts. + +Fixes: 3a23834d6b0da391c1ba9cb79a7d7deea7125f4b +--- + src/libsystemd-network/sd-dhcp-client.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/libsystemd-network/sd-dhcp-client.c ++++ b/src/libsystemd-network/sd-dhcp-client.c +@@ -658,7 +658,7 @@ static usec_t client_compute_request_tim + * Note that while the default T1/T2 initial times do have random 'fuzz' applied, + * the RFC sec 4.4.5 does not mention adding any fuzz to retries. */ + static usec_t client_compute_reacquisition_timeout(usec_t now, usec_t expire) { +- return MAX(usec_sub_unsigned(expire, now) / 2, 60 * USEC_PER_SEC); ++ return now + MAX(usec_sub_unsigned(expire, now) / 2, 60 * USEC_PER_SEC); + } + + static int client_message_init( diff -Nru systemd-245.4/debian/patches/series systemd-245.4/debian/patches/series --- systemd-245.4/debian/patches/series 2020-10-08 20:14:56.000000000 +0000 +++ systemd-245.4/debian/patches/series 2021-01-06 20:47:16.000000000 +0000 @@ -88,3 +88,20 @@ lp1882596-man-fix-some-manvolnum.patch lp1895418-correct-resolved-conf-cache-default.patch lp1897744-resolve-enable-RES_TRUSTAD-towards-the-127.0.0.53-st.patch +lp1905245/0001-basic-cap-list-parse-print-numerical-capabilities.patch +lp1905245/0002-basic-capability-util-let-cap_last_cap-return-unsign.patch +lp1905245/0003-basic-cap-list-reduce-scope-of-variables.patch +lp1890448-hwdb-Add-EliteBook-to-use-micmute-hotkey.patch +lp1905044-test-use-cap_last_cap-for-max-supported-cap-number-n.patch +lp1903300/0001-network-VXLan-fix-adding-Group-address.patch +lp1903300/0002-network-VXLan-Add-support-for-remote-address.patch +lp1903300/0003-networkctl-Add-support-to-display-VXLan-remote-addre.patch +lp1907306/0001-sd-dhcp-client-don-t-log-timeouts-if-already-expired.patch +lp1907306/0002-sd-dhcp-client-track-dhcp4-t1-t2-expire-times.patch +lp1907306/0003-sd-dhcp-client-add-RFC2131-retransmission-details.patch +lp1907306/0004-sd-dhcp-client-simplify-dhcp4-t1-t2-parsing.patch +lp1907306/0005-sd-dhcp-client-correct-dhcpv4-renew-rebind-retransmi.patch +lp1907306/0006-sd-dhcp-client-correct-retransmission-timeout-to-mat.patch +lp1907306/0007-test-network-increase-wait_online-timeout-to-handle-.patch +lp1907306/0008-sd-dhcp-client-fix-renew-rebind-timeout-calculation-.patch +lp1902960-udev-re-assign-ID_NET_DRIVER-ID_NET_LINK_FILE-ID_NET.patch diff -Nru systemd-245.4/debian/tests/root-unittests systemd-245.4/debian/tests/root-unittests --- systemd-245.4/debian/tests/root-unittests 2020-10-08 20:14:56.000000000 +0000 +++ systemd-245.4/debian/tests/root-unittests 2021-01-06 20:47:16.000000000 +0000 @@ -1,6 +1,14 @@ #!/bin/sh set -eu +for j in /var/log/journal/*/*; do + echo "Verifying local journal file $j" + if ! journalctl --verify --file "$j"; then + echo "Verification failed, removing corrupt file $j" + rm -vf "$j" + fi +done + EXFAIL="" res=0