systemd: upgrade to 241

PATCH REBASED:
==============
0001-binfmt-Don-t-install-dependency-links-at-install-tim.patch
0004-rules-whitelist-hd-devices.patch
0007-rules-watch-metadata-changes-in-ide-devices.patch
0001-Use-getenv-when-secure-versions-are-not-available.patch
0002-don-t-use-glibc-specific-qsort_r.patch
0004-add-fallback-parse_printf_format-implementation.patch
0006-src-basic-missing.h-check-for-missing-strndupa.patch
0007-Include-netinet-if_ether.h.patch
0008-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch
0009-add-missing-FTW_-macros-for-musl.patch
0012-fix-missing-of-__register_atfork-for-non-glibc-build.patch
0013-Use-uintmax_t-for-handling-rlim_t.patch
0014-fix-missing-ULONG_LONG_MAX-definition-in-case-of-mus.patch
0021-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch

PATCH DROPPED:
==============
0005-Make-root-s-home-directory-configurable.patch
  systemd has its hardcoded assumption about /home and /, and it also respects
  $HOME environment var, so this patch is somehow useless. This patch was originally
  added but in fact had no real runtime effect except messing up some hardcoded assumptions,
  and it was accidently manipulated during systemd upgrade. We have in fact not
  used the orignal patch for more than two releases and things were working out
  well.
0006-remove-nobody-user-group-checking.patch
  The issue has been fixed upstream by the following commit.
    "check nobody user/group validity only when not cross compiling"
0008-Do-not-enable-nss-tests-if-nss-systemd-is-not-enable.patch
0009-nss-mymachines-Build-conditionally-when-ENABLE_MYHOS.patch
  The issue has been fixed upstream by the following commit.
    "meson: allow building resolved and machined without nss modules"
0001-login-use-parse_uid-when-unmounting-user-runtime-dir.patch
0001-sd-bus-make-BUS_DEFAULT_TIMEOUT-configurable.patch
  Backport
0022-build-sys-Detect-whether-struct-statx-is-defined-in-.patch
  Merged
0023-resolvconf-fixes-for-the-compatibility-interface.patch
0001-core-when-deserializing-state-always-use-read_line-L.patch
0001-chown-recursive-let-s-rework-the-recursive-logic-to-.patch
0001-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch
0001-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch
0001-timesync-changes-type-of-drift_freq-to-int64_t.patch
  Backport
0001-sysctl-Don-t-pass-null-directive-argument-to-s.patch
0002-core-Fix-use-after-free-case-in-load_from_path.patch
  Merged
0001-meson-rename-Ddebug-to-Ddebug-extra.patch
0024-journald-do-not-store-the-iovec-entry-for-process-co.patch
0025-journald-set-a-limit-on-the-number-of-fields.patch
0026-journal-fix-out-of-bounds-read-CVE-2018-16866.patch
CVE-2019-6454.patch
sd-bus-if-we-receive-an-invalid-dbus-message-ignore-.patch
0005-basic-user-util-properly-protect-use-of-gshadow.patch
0022-Use-if-instead-of-ifdef-for-ENABLE_GSHADOW.patch
  Backport
0001-Remove-fstack-protector-flags-to-workaround-musl-bui.patch
  No build failure for qemux86/qemuppc + musl

PATCH ADDED:
============
0020-missing_type.h-add-__compar_d_fn_t-definition.patch
0021-avoid-redefinition-of-prctl_mm_map-structure.patch
0022-include-sys-wait.h-to-avoid-compile-failure.patch
0023-socket-util.h-include-string.h.patch
0024-test-json.c-define-M_PIl.patch
0001-do-not-disable-buffer-in-writing-files.patch

PATCH OTHERS:
=============
0003-comparison_fn_t-is-glibc-specific-use-raw-signature-.patch
0011-src-basic-missing.h-check-for-missing-__compar_fn_t-.patch
are combined into one patch:
0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch

Add two more PACKAGECONFIG, nss-mymachines and nss-resolve  which are introduced
by the following commit.
  meson: allow building resolved and machined without nss modules

(From OE-Core rev: 816e08c18dbcf6e84dedc7a4bd96ddfbf2f86ebc)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 99 insertions, 0 deletions

diff --git a/meta/recipes-core/systemd/systemd/0015-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch b/meta/recipes-core/systemd/systemd/0015-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch
new file mode 100644
index 0000000000..fd407f604d
--- /dev/null
+++ b/meta/recipes-core/systemd/systemd/0015-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch
@@ -0,0 +1,99 @@
+From 48c628f532f6025c2d1646b6819cd81eb789d7fb Mon Sep 17 00:00:00 2001
+From: Andre McCurdy <armccurdy@gmail.com>
+Date: Tue, 10 Oct 2017 14:33:30 -0700
+Subject: [PATCH 15/24] don't pass AT_SYMLINK_NOFOLLOW flag to faccessat()
+
+Avoid using AT_SYMLINK_NOFOLLOW flag. It doesn't seem like the right
+thing to do and it's not portable (not supported by musl). See:
+
+  http://lists.landley.net/pipermail/toybox-landley.net/2014-September/003610.html
+  http://www.openwall.com/lists/musl/2015/02/05/2
+
+Note that laccess() is never passing AT_EACCESS so a lot of the
+discussion in the links above doesn't apply. Note also that
+(currently) all systemd callers of laccess() pass mode as F_OK, so
+only check for existence of a file, not access permissions.
+Therefore, in this case, the only distiction between faccessat()
+with (flag == 0) and (flag == AT_SYMLINK_NOFOLLOW) is the behaviour
+for broken symlinks; laccess() on a broken symlink will succeed with
+(flag == AT_SYMLINK_NOFOLLOW) and fail (flag == 0).
+
+The laccess() macros was added to systemd some time ago and it's not
+clear if or why it needs to return success for broken symlinks. Maybe
+just historical and not actually necessary or desired behaviour?
+
+Upstream-Status: Inappropriate [musl specific]
+
+Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
+---
+ src/basic/fs-util.h          | 22 +++++++++++++++++++++-
+ src/shared/base-filesystem.c |  6 +++---
+ 2 files changed, 24 insertions(+), 4 deletions(-)
+
+diff --git a/src/basic/fs-util.h b/src/basic/fs-util.h
+index 7ad030b..d4cb1e9 100644
+--- a/src/basic/fs-util.h
++++ b/src/basic/fs-util.h
+@@ -32,7 +32,27 @@ int fchmod_opath(int fd, mode_t m);
+ 
+ int fd_warn_permissions(const char *path, int fd);
+ 
+-#define laccess(path, mode) faccessat(AT_FDCWD, (path), (mode), AT_SYMLINK_NOFOLLOW)
++/*
++   Avoid using AT_SYMLINK_NOFOLLOW flag. It doesn't seem like the right thing to
++   do and it's not portable (not supported by musl). See:
++
++     http://lists.landley.net/pipermail/toybox-landley.net/2014-September/003610.html
++     http://www.openwall.com/lists/musl/2015/02/05/2
++
++   Note that laccess() is never passing AT_EACCESS so a lot of the discussion in
++   the links above doesn't apply. Note also that (currently) all systemd callers
++   of laccess() pass mode as F_OK, so only check for existence of a file, not
++   access permissions. Therefore, in this case, the only distiction between
++   faccessat() with (flag == 0) and (flag == AT_SYMLINK_NOFOLLOW) is the
++   behaviour for broken symlinks; laccess() on a broken symlink will succeed
++   with (flag == AT_SYMLINK_NOFOLLOW) and fail (flag == 0).
++
++   The laccess() macros was added to systemd some time ago and it's not clear if
++   or why it needs to return success for broken symlinks. Maybe just historical
++   and not actually necessary or desired behaviour?
++*/
++
++#define laccess(path, mode) faccessat(AT_FDCWD, (path), (mode), 0)
+ 
+ int touch_file(const char *path, bool parents, usec_t stamp, uid_t uid, gid_t gid, mode_t mode);
+ int touch(const char *path);
+diff --git a/src/shared/base-filesystem.c b/src/shared/base-filesystem.c
+index 89d7a7d..34b4ad5 100644
+--- a/src/shared/base-filesystem.c
++++ b/src/shared/base-filesystem.c
+@@ -53,7 +53,7 @@ int base_filesystem_create(const char *root, uid_t uid, gid_t gid) {
+                 return log_error_errno(errno, "Failed to open root file system: %m");
+ 
+         for (i = 0; i < ELEMENTSOF(table); i ++) {
+-                if (faccessat(fd, table[i].dir, F_OK, AT_SYMLINK_NOFOLLOW) >= 0)
++                if (faccessat(fd, table[i].dir, F_OK, 0) >= 0)
+                         continue;
+ 
+                 if (table[i].target) {
+@@ -61,7 +61,7 @@ int base_filesystem_create(const char *root, uid_t uid, gid_t gid) {
+ 
+                         /* check if one of the targets exists */
+                         NULSTR_FOREACH(s, table[i].target) {
+-                                if (faccessat(fd, s, F_OK, AT_SYMLINK_NOFOLLOW) < 0)
++                                if (faccessat(fd, s, F_OK, 0) < 0)
+                                         continue;
+ 
+                                 /* check if a specific file exists at the target path */
+@@ -72,7 +72,7 @@ int base_filesystem_create(const char *root, uid_t uid, gid_t gid) {
+                                         if (!p)
+                                                 return log_oom();
+ 
+-                                        if (faccessat(fd, p, F_OK, AT_SYMLINK_NOFOLLOW) < 0)
++                                        if (faccessat(fd, p, F_OK, 0) < 0)
+                                                 continue;
+                                 }
+ 
+-- 
+2.7.4
+