From b492568d6a2b0cda271f28bc61ebc31df8cef296 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 19 Jun 2024 11:15:54 +0200 Subject: Adding upstream version 256.1. Signed-off-by: Daniel Baumann --- src/shared/cryptsetup-util.c | 19 ++++++++----------- src/shared/cryptsetup-util.h | 6 +++--- src/shared/install.c | 14 ++++++++++---- src/shared/logs-show.c | 6 ++++++ src/shared/tpm2-util.c | 2 ++ 5 files changed, 29 insertions(+), 18 deletions(-) (limited to 'src/shared') diff --git a/src/shared/cryptsetup-util.c b/src/shared/cryptsetup-util.c index 288e6e8..d0dd434 100644 --- a/src/shared/cryptsetup-util.c +++ b/src/shared/cryptsetup-util.c @@ -54,10 +54,10 @@ DLSYM_FUNCTION(crypt_volume_key_get); #if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE DLSYM_FUNCTION(crypt_reencrypt_init_by_passphrase); #endif -#if HAVE_CRYPT_REENCRYPT -DISABLE_WARNING_DEPRECATED_DECLARATIONS; +#if HAVE_CRYPT_REENCRYPT_RUN +DLSYM_FUNCTION(crypt_reencrypt_run); +#elif HAVE_CRYPT_REENCRYPT DLSYM_FUNCTION(crypt_reencrypt); -REENABLE_WARNING; #endif DLSYM_FUNCTION(crypt_metadata_locking); #if HAVE_CRYPT_SET_DATA_OFFSET @@ -246,11 +246,8 @@ int dlopen_cryptsetup(void) { /* libcryptsetup added crypt_reencrypt() in 2.2.0, and marked it obsolete in 2.4.0, replacing it with * crypt_reencrypt_run(), which takes one extra argument but is otherwise identical. The old call is - * still available though, and given we want to support 2.2.0 for a while longer, we'll stick to the - * old symbol. However, the old symbols now has a GCC deprecation decorator, hence let's turn off - * warnings about this for now. */ - - DISABLE_WARNING_DEPRECATED_DECLARATIONS; + * still available though, and given we want to support 2.2.0 for a while longer, we'll use the old + * symbol if the new one is not available. */ ELF_NOTE_DLOPEN("cryptsetup", "Support for disk encryption, integrity, and authentication", @@ -304,7 +301,9 @@ int dlopen_cryptsetup(void) { #if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE DLSYM_ARG(crypt_reencrypt_init_by_passphrase), #endif -#if HAVE_CRYPT_REENCRYPT +#if HAVE_CRYPT_REENCRYPT_RUN + DLSYM_ARG(crypt_reencrypt_run), +#elif HAVE_CRYPT_REENCRYPT DLSYM_ARG(crypt_reencrypt), #endif DLSYM_ARG(crypt_metadata_locking), @@ -316,8 +315,6 @@ int dlopen_cryptsetup(void) { if (r <= 0) return r; - REENABLE_WARNING; - /* Redirect the default logging calls of libcryptsetup to our own logging infra. (Note that * libcryptsetup also maintains per-"struct crypt_device" log functions, which we'll also set * whenever allocating a "struct crypt_device" context. Why set both? To be defensive: maybe some diff --git a/src/shared/cryptsetup-util.h b/src/shared/cryptsetup-util.h index f00ac36..d255e59 100644 --- a/src/shared/cryptsetup-util.h +++ b/src/shared/cryptsetup-util.h @@ -70,10 +70,10 @@ DLSYM_PROTOTYPE(crypt_volume_key_get); #if HAVE_CRYPT_REENCRYPT_INIT_BY_PASSPHRASE DLSYM_PROTOTYPE(crypt_reencrypt_init_by_passphrase); #endif -#if HAVE_CRYPT_REENCRYPT -DISABLE_WARNING_DEPRECATED_DECLARATIONS; +#if HAVE_CRYPT_REENCRYPT_RUN +DLSYM_PROTOTYPE(crypt_reencrypt_run); +#elif HAVE_CRYPT_REENCRYPT DLSYM_PROTOTYPE(crypt_reencrypt); -REENABLE_WARNING; #endif DLSYM_PROTOTYPE(crypt_metadata_locking); #if HAVE_CRYPT_SET_DATA_OFFSET diff --git a/src/shared/install.c b/src/shared/install.c index dd2bd5c..c94b456 100644 --- a/src/shared/install.c +++ b/src/shared/install.c @@ -2282,7 +2282,9 @@ static int install_context_mark_for_removal( else { log_debug_errno(r, "Unit %s not found, removing name.", i->name); r = install_changes_add(changes, n_changes, r, i->path ?: i->name, NULL); - if (r < 0) + /* In case there's no unit, we still want to remove any leftover symlink, even if + * the unit might have been removed already, hence treating ENOENT as non-fatal. */ + if (r != -ENOENT) return r; } } else if (r < 0) { @@ -2874,9 +2876,13 @@ static int do_unit_file_disable( r = install_info_add(&ctx, *name, NULL, lp->root_dir, /* auxiliary= */ false, &info); if (r >= 0) r = install_info_traverse(&ctx, lp, info, SEARCH_LOAD|SEARCH_FOLLOW_CONFIG_SYMLINKS, NULL); - - if (r < 0) - return install_changes_add(changes, n_changes, r, *name, NULL); + if (r < 0) { + r = install_changes_add(changes, n_changes, r, *name, NULL); + /* In case there's no unit, we still want to remove any leftover symlink, even if + * the unit might have been removed already, hence treating ENOENT as non-fatal. */ + if (r != -ENOENT) + return r; + } /* If we enable multiple units, some with install info and others without, * the "empty [Install] section" warning is not shown. Let's make the behavior diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c index c71c868..153a411 100644 --- a/src/shared/logs-show.c +++ b/src/shared/logs-show.c @@ -450,6 +450,9 @@ static void parse_display_realtime( assert(j); assert(ret); + // FIXME: _SOURCE_MONOTONIC_TIMESTAMP is in CLOCK_BOOTTIME, hence we cannot use it for adjusting realtime. + source_monotonic = NULL; + /* First, try _SOURCE_REALTIME_TIMESTAMP. */ if (source_realtime && safe_atou64(source_realtime, &t) >= 0 && VALID_REALTIME(t)) { *ret = t; @@ -488,6 +491,9 @@ static void parse_display_timestamp( assert(ret_display_ts); assert(ret_boot_id); + // FIXME: _SOURCE_MONOTONIC_TIMESTAMP is in CLOCK_BOOTTIME, hence we cannot use it for adjusting realtime. + source_monotonic = NULL; + if (source_realtime && safe_atou64(source_realtime, &t) >= 0 && VALID_REALTIME(t)) source_ts.realtime = t; diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c index 87ce53c..9603f18 100644 --- a/src/shared/tpm2-util.c +++ b/src/shared/tpm2-util.c @@ -2119,6 +2119,8 @@ int tpm2_create_primary( /* creationData= */ NULL, /* creationHash= */ NULL, /* creationTicket= */ NULL); + if (rc == TPM2_RC_BAD_AUTH) + return log_debug_errno(SYNTHETIC_ERRNO(EDEADLK), "Authorization failure while attempting to enroll SRK into TPM."); if (rc != TSS2_RC_SUCCESS) return log_debug_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE), "Failed to generate primary key in TPM: %s", -- cgit v1.2.3