diff -Nru systemd-229/debian/changelog systemd-229/debian/changelog --- systemd-229/debian/changelog 2020-04-20 14:17:40.000000000 +0000 +++ systemd-229/debian/changelog 2020-07-07 21:28:11.000000000 +0000 @@ -1,3 +1,29 @@ +systemd (229-4ubuntu21.29) xenial; urgency=medium + + [ Dan Streetman ] + * d/p/lp1881312/0001-core-don-t-dispatch-load-queue-when-setting-Slice-fo.patch, + d/p/lp1881312/0002-run-make-slice-work-in-conjunction-with-scope.patch: + - run new scope unit in specified slice (LP: #1881312) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b5a778c3cd93e3d684602146f281f315f30778a8 + * d/p/lp1877176-sd-dhcp-client-validate-hostnames-stricter-7308.patch: + - strictly validate hostname sent to dhcp server (LP: #1877176) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=7a1f1c41dcd860fcba6be42a2153cfe4315ebf17 + * d/e/rules-ubuntu/40-vm-hotadd.rules: + - Hotadd only offline memory and CPUs + (LP: #1876018) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=43357bd260a1c3e7b4951d33cbacaebda1d086b3 + * d/p/lp1698388-journal-remote-Ensure-reallocation-of-source-buf-doe.patch: + - Fix assertion failure when journald source->filled < source->size + (LP: #1698388) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d1cc15b88113510227e5a76654e103ef54a8b8f3 + + [ Heitor Alves de Siqueira ] + * d/p/lp1876600-sd-bus-deal-with-cookie-overruns.patch: + - deal with dbus cookie overruns (LP: #1876600) + https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=8dc9ef188944349169044d8974a4ffa55c66be9d + + -- Heitor Alves de Siqueira Tue, 07 Jul 2020 17:28:11 -0400 + systemd (229-4ubuntu21.28) xenial; urgency=medium * d/t/logind: skip if nonexistent /sys/power/state (LP: #1862657) diff -Nru systemd-229/debian/extra/rules-ubuntu/40-vm-hotadd.rules systemd-229/debian/extra/rules-ubuntu/40-vm-hotadd.rules --- systemd-229/debian/extra/rules-ubuntu/40-vm-hotadd.rules 2020-04-18 13:37:15.000000000 +0000 +++ systemd-229/debian/extra/rules-ubuntu/40-vm-hotadd.rules 2020-07-03 19:14:58.000000000 +0000 @@ -6,9 +6,9 @@ LABEL="vm_hotadd_apply" # Memory hotadd request -SUBSYSTEM=="memory", ACTION=="add", DEVPATH=="/devices/system/memory/memory[0-9]*", TEST=="state", ATTR{state}="online" +SUBSYSTEM=="memory", ACTION=="add", DEVPATH=="/devices/system/memory/memory[0-9]*", TEST=="state", ATTR{state}!="online", ATTR{state}="online" # CPU hotadd request -SUBSYSTEM=="cpu", ACTION=="add", DEVPATH=="/devices/system/cpu/cpu[0-9]*", TEST=="online", ATTR{online}="1" +SUBSYSTEM=="cpu", ACTION=="add", DEVPATH=="/devices/system/cpu/cpu[0-9]*", TEST=="online", ATTR{online}!="1", ATTR{online}="1" LABEL="vm_hotadd_end" diff -Nru systemd-229/debian/patches/lp1698388-journal-remote-Ensure-reallocation-of-source-buf-doe.patch systemd-229/debian/patches/lp1698388-journal-remote-Ensure-reallocation-of-source-buf-doe.patch --- systemd-229/debian/patches/lp1698388-journal-remote-Ensure-reallocation-of-source-buf-doe.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-229/debian/patches/lp1698388-journal-remote-Ensure-reallocation-of-source-buf-doe.patch 2020-07-07 21:26:02.000000000 +0000 @@ -0,0 +1,29 @@ +From 9ba37525d0ef3d144a50ed5fd4710573e92b7ec1 Mon Sep 17 00:00:00 2001 +From: Klearchos Chaloulos +Date: Fri, 22 Apr 2016 21:04:17 +0300 +Subject: [PATCH] journal-remote : Ensure reallocation of source->buf does not + result in source->size < source->filled (#3086) +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/xenial/+source/systemd/+bug/1698388 +Origin: upstream, https://github.com/systemd/systemd/pull/3086 + +While the function journal-remote-parse.c:get_line() enforces an assertion that source->filled <= source->size, in function journal-remote-parse.c:process_source() there is a chance that source->size will be decreased to a lower value than source->filled, when source->buf is reallocated. Therefore a check is added that ensures that source->buf is reallocated only when source->filled is smaller than target / 2. +--- + src/journal-remote/journal-remote-parse.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/journal-remote/journal-remote-parse.c b/src/journal-remote/journal-remote-parse.c +index 3864647eb7..9ba9ee3fc0 100644 +--- a/src/journal-remote/journal-remote-parse.c ++++ b/src/journal-remote/journal-remote-parse.c +@@ -485,7 +485,7 @@ int process_source(RemoteSource *source, bool compress, bool seal) { + } + + target = source->size; +- while (target > 16 * LINE_CHUNK && remain < target / 2) ++ while (target > 16 * LINE_CHUNK && source->filled < target / 2) + target /= 2; + if (target < source->size) { + char *tmp; +-- +2.25.1 + diff -Nru systemd-229/debian/patches/lp1876600-sd-bus-deal-with-cookie-overruns.patch systemd-229/debian/patches/lp1876600-sd-bus-deal-with-cookie-overruns.patch --- systemd-229/debian/patches/lp1876600-sd-bus-deal-with-cookie-overruns.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-229/debian/patches/lp1876600-sd-bus-deal-with-cookie-overruns.patch 2020-07-07 21:26:02.000000000 +0000 @@ -0,0 +1,93 @@ +From 33aa4f57f12d37a6acdbc51bb0b4b917691721f4 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Mon, 25 Feb 2019 11:02:46 +0100 +Subject: [PATCH] sd-bus: deal with cookie overruns + +Apparently this happens IRL. Let's carefully deal with issues like this: +when we overrun, let's not go back to zero but instead leave the highest +cookie bit set. We use that as indication that we are in "overrun +territory", and then are particularly careful with checking cookies, +i.e. that they haven't been used for still outstanding replies yet. This +should retain the quick cookie generation behaviour we used to have, but +permits dealing with overruns. + +Replaces: #11804 +Fixes: #11809 + +Origin: backport, https://github.com/systemd/systemd/commit/1f82f5bb4237 +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1876600 +--- + src/libsystemd/sd-bus/sd-bus.c | 49 +++++++++++++++++++++++++++++++++- + 1 file changed, 48 insertions(+), 1 deletion(-) + +diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c +index b3e844a64c63..07ba48e451d2 100644 +--- a/src/libsystemd/sd-bus/sd-bus.c ++++ b/src/libsystemd/sd-bus/sd-bus.c +@@ -1548,7 +1548,50 @@ _public_ int sd_bus_get_bus_id(sd_bus *bus, sd_id128_t *id) { + return 0; + } + ++#define COOKIE_CYCLED (UINT32_C(1) << 31) ++ ++static uint64_t cookie_inc(uint64_t cookie) { ++ ++ /* Stay within the 32bit range, since classic D-Bus can't deal with more */ ++ if (cookie >= UINT32_MAX) ++ return COOKIE_CYCLED; /* Don't go back to zero, but use the highest bit for checking ++ * whether we are looping. */ ++ ++ return cookie + 1; ++} ++ ++static int next_cookie(sd_bus *b) { ++ uint64_t new_cookie; ++ ++ assert(b); ++ ++ new_cookie = cookie_inc(b->cookie); ++ ++ /* Small optimization: don't bother with checking for cookie reuse until we overran cookiespace at ++ * least once, but then do it thorougly. */ ++ if ((new_cookie & COOKIE_CYCLED) == COOKIE_CYCLED) { ++ uint32_t i; ++ ++ /* Check if the cookie is currently in use. If so, pick the next one */ ++ for (i = 0; i < COOKIE_CYCLED; i++) { ++ if (!ordered_hashmap_contains(b->reply_callbacks, &new_cookie)) ++ goto good; ++ ++ new_cookie = cookie_inc(new_cookie); ++ } ++ ++ /* Can't fulfill request */ ++ return -EBUSY; ++ } ++ ++good: ++ b->cookie = new_cookie; ++ return 0; ++} ++ + static int bus_seal_message(sd_bus *b, sd_bus_message *m, usec_t timeout) { ++ int r; ++ + assert(b); + assert(m); + +@@ -1563,7 +1606,11 @@ static int bus_seal_message(sd_bus *b, sd_bus_message *m, usec_t timeout) { + if (timeout == 0) + timeout = BUS_DEFAULT_TIMEOUT; + +- return bus_message_seal(m, ++b->cookie, timeout); ++ r = next_cookie(b); ++ if (r < 0) ++ return r; ++ ++ return bus_message_seal(m, b->cookie, timeout); + } + + static int bus_remarshal_message(sd_bus *b, sd_bus_message **m) { +-- +2.26.2 + diff -Nru systemd-229/debian/patches/lp1877176-sd-dhcp-client-validate-hostnames-stricter-7308.patch systemd-229/debian/patches/lp1877176-sd-dhcp-client-validate-hostnames-stricter-7308.patch --- systemd-229/debian/patches/lp1877176-sd-dhcp-client-validate-hostnames-stricter-7308.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-229/debian/patches/lp1877176-sd-dhcp-client-validate-hostnames-stricter-7308.patch 2020-07-07 21:26:02.000000000 +0000 @@ -0,0 +1,55 @@ +From 9740eae694e93b06658ff3b3045b22b591561e7c Mon Sep 17 00:00:00 2001 +From: Stefan Agner +Date: Thu, 16 Nov 2017 10:05:44 +0100 +Subject: [PATCH] sd-dhcp-client: validate hostnames stricter (#7308) +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/xenial/+source/systemd/+bug/1877176 +Origin: upstream, https://github.com/systemd/systemd/commit/9740eae694e93b06658ff3b3045b22b591561e7c + +Technically DNS allows any ASCII character to be used in the +domain name. Also the DHCP specification for the FQDN option +(RFC 4702) does not put restriction on labels. + +However, hostnames do have stricter requirements and typically +should only use characters from a-z (case insensitve), 0-9 and +minus. + +Currently we require hostname/FQDN to be either a hostname or +a valid DNS name. Since dns_name_is_valid() allows any ASCII +characters this allows to specify hostnames which are typically +not valid. + +Check hostname/FQDN more strictly and require them to pass both +tests. Specifically this requires the entire FQDN to be below 63. +--- + src/libsystemd-network/sd-dhcp-client.c | 4 ++-- + src/libsystemd-network/test-dhcp-client.c | 6 ++++++ + 2 files changed, 8 insertions(+), 2 deletions(-) + +--- a/src/libsystemd-network/sd-dhcp-client.c ++++ b/src/libsystemd-network/sd-dhcp-client.c +@@ -389,7 +389,9 @@ int sd_dhcp_client_set_hostname( + + assert_return(client, -EINVAL); + +- if (!hostname_is_valid(hostname, false) && !dns_name_is_valid(hostname)) ++ /* Make sure hostnames qualify as DNS and as Linux hostnames */ ++ if (hostname && ++ !(hostname_is_valid(hostname, false) && dns_name_is_valid(hostname) > 0)) + return -EINVAL; + + if (streq_ptr(client->hostname, hostname)) +--- a/src/libsystemd-network/test-dhcp-client.c ++++ b/src/libsystemd-network/test-dhcp-client.c +@@ -74,6 +74,12 @@ static void test_request_basic(sd_event + assert_se(sd_dhcp_client_set_ifindex(client, 0) == -EINVAL); + assert_se(sd_dhcp_client_set_ifindex(client, 1) == 0); + ++ assert_se(sd_dhcp_client_set_hostname(client, "host") == 0); ++ assert_se(sd_dhcp_client_set_hostname(client, "host.domain") == 0); ++ assert_se(sd_dhcp_client_set_hostname(client, NULL) == 0); ++ assert_se(sd_dhcp_client_set_hostname(client, "~host") == -EINVAL); ++ assert_se(sd_dhcp_client_set_hostname(client, "~host.domain") == -EINVAL); ++ + assert_se(sd_dhcp_client_set_request_option(client, + SD_DHCP_OPTION_SUBNET_MASK) == -EEXIST); + assert_se(sd_dhcp_client_set_request_option(client, diff -Nru systemd-229/debian/patches/lp1881312/0001-core-don-t-dispatch-load-queue-when-setting-Slice-fo.patch systemd-229/debian/patches/lp1881312/0001-core-don-t-dispatch-load-queue-when-setting-Slice-fo.patch --- systemd-229/debian/patches/lp1881312/0001-core-don-t-dispatch-load-queue-when-setting-Slice-fo.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-229/debian/patches/lp1881312/0001-core-don-t-dispatch-load-queue-when-setting-Slice-fo.patch 2020-07-07 21:26:02.000000000 +0000 @@ -0,0 +1,36 @@ +From aea529e5b2c864d536941ee18220abcc1a9015a0 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 22 Apr 2016 17:30:08 +0200 +Subject: [PATCH 1/2] core: don't dispatch load queue when setting Slice= for + transient units +Origin: upstream, https://github.com/systemd/systemd/pull/3094 +Bug: https://github.com/systemd/systemd/issues/2991 +Bug-Ubuntu: https://bugs.launchpad.net/systemd/+bug/1881312 + +Let's be more careful when setting up the Slice= property of transient units: +let's use manager_load_unit_prepare() instead of manager_load_unit(), so that +the load queue isn't dispatched right away, because our own transient unit is +in it, and we don#t want to have it loaded until we finished initializing it. +--- + src/core/dbus-unit.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/core/dbus-unit.c b/src/core/dbus-unit.c +index c507265070..1f0bc3a386 100644 +--- a/src/core/dbus-unit.c ++++ b/src/core/dbus-unit.c +@@ -1099,7 +1099,10 @@ static int bus_unit_set_transient_property( + if (!unit_name_is_valid(s, UNIT_NAME_PLAIN)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name '%s'", s); + +- r = manager_load_unit(u->manager, s, NULL, error, &slice); ++ /* Note that we do not dispatch the load queue here yet, as we don't want our own transient unit to be ++ * loaded while we are still setting it up. Or in other words, we use manager_load_unit_prepare() ++ * instead of manager_load_unit() on purpose, here. */ ++ r = manager_load_unit_prepare(u->manager, s, NULL, error, &slice); + if (r < 0) + return r; + +-- +2.25.1 + diff -Nru systemd-229/debian/patches/lp1881312/0002-run-make-slice-work-in-conjunction-with-scope.patch systemd-229/debian/patches/lp1881312/0002-run-make-slice-work-in-conjunction-with-scope.patch --- systemd-229/debian/patches/lp1881312/0002-run-make-slice-work-in-conjunction-with-scope.patch 1970-01-01 00:00:00.000000000 +0000 +++ systemd-229/debian/patches/lp1881312/0002-run-make-slice-work-in-conjunction-with-scope.patch 2020-07-07 21:26:02.000000000 +0000 @@ -0,0 +1,31 @@ +From 37e605f934892bf7458eecaeb01fc682e33cc2ad Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 22 Apr 2016 17:31:40 +0200 +Subject: [PATCH 2/2] run: make --slice= work in conjunction with --scope +Origin: upstream, https://github.com/systemd/systemd/pull/3094 +Bug: https://github.com/systemd/systemd/issues/2991 +Bug-Ubuntu: https://bugs.launchpad.net/systemd/+bug/1881312 + +Fixes: #2991 +--- + src/run/run.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/run/run.c b/src/run/run.c +index 1993a424ca..ff94ac7b11 100644 +--- a/src/run/run.c ++++ b/src/run/run.c +@@ -621,6 +621,10 @@ static int transient_scope_set_properties(sd_bus_message *m) { + if (r < 0) + return r; + ++ r = transient_cgroup_set_properties(m); ++ if (r < 0) ++ return r; ++ + r = sd_bus_message_append(m, "(sv)", "PIDs", "au", 1, (uint32_t) getpid()); + if (r < 0) + return r; +-- +2.25.1 + diff -Nru systemd-229/debian/patches/series systemd-229/debian/patches/series --- systemd-229/debian/patches/series 2020-04-20 14:14:23.000000000 +0000 +++ systemd-229/debian/patches/series 2020-07-07 21:26:02.000000000 +0000 @@ -149,3 +149,8 @@ lp1858412-journalctl-allow-running-vacuum-on-remote-journals-t.patch lp1862232-network-DHCP-ignore-error-in-setting-hostname-when-i.patch lp1837914-journal-do-not-trigger-assertion-when-journal_file_c.patch +lp1876600-sd-bus-deal-with-cookie-overruns.patch +lp1881312/0001-core-don-t-dispatch-load-queue-when-setting-Slice-fo.patch +lp1881312/0002-run-make-slice-work-in-conjunction-with-scope.patch +lp1877176-sd-dhcp-client-validate-hostnames-stricter-7308.patch +lp1698388-journal-remote-Ensure-reallocation-of-source-buf-doe.patch