4365 Commits

Author SHA1 Message Date
Colin Walters
dc92b09efb Post-release version bump 2019-10-30 17:08:00 +00:00
Colin Walters
980ca07b03 Release 2019.5 v2019.5 2019-10-30 17:08:00 +00:00
OpenShift Merge Robot
632e4ebd60
Merge pull request #1962 from jlebon/pr/support-hmac
lib/deploy: Also install HMAC file into /boot
2019-10-30 14:20:08 +01:00
Jonathan Lebon
7ae8da08b9 lib/deploy: Also install HMAC file into /boot
To allow for FIPS mode, we need to also install the HMAC file from
`/usr/lib/modules` to `/boot` alongside the kernel image where the
`fips` dracut module will find it. For details, see:

https://github.com/coreos/fedora-coreos-tracker/issues/302

Note I didn't include the file in the boot checksum since it's itself a
checksum of the kernel, so we don't really gain much here other than
potentially causing an unnecessary bootcsum bump.
2019-10-29 16:45:29 -04:00
OpenShift Merge Robot
476f375cfc
Merge pull request #1953 from uajain/uajain/fix-memory-leak
async-progress: Plug memory leak while destroying GSource
2019-10-29 06:26:17 +01:00
OpenShift Merge Robot
ee3f3b4cdd
Merge pull request #1961 from jlebon/pr/refine-gsource
lib/pull: Tweak update_timeout logic again
2019-10-28 20:58:37 +01:00
Jonathan Lebon
74936f98d8 lib/pull: Tweak update_timeout logic again
I was hitting `SIGSEGV` when running `cosa build` and narrowed it down
to #1954. What's happening here is that because we're using the default
context, when we unref it in the out path, it may not actually destroy
the `GSource` if it (the context) is still ref'ed elsewhere. So then,
we'd still get events from it if subsequent operations iterated the
context.

This patch is mostly a revert of #1954, except that we still keep a ref
on the `GSource`. That way it is always safe to destroy it afterwards.
(And I've also added a comment to explain this better.)
2019-10-28 15:26:45 -04:00
Umang Jain
78c8c25d64 async-progress: Plug memory leak while destroying GSource
See https://gitlab.gnome.org/GNOME/glib/commit/71973c722
2019-10-25 20:59:15 +05:30
OpenShift Merge Robot
bd3f24e6c3
Merge pull request #1955 from cgwalters/revert-grub2-exit
Revert grub2 exit, add new grub2: Honor /boot/.grub2-bls-enabled
2019-10-25 16:07:25 +02:00
OpenShift Merge Robot
4b496264b8
Merge pull request #1956 from akiernan/us-test-export
tests/export: Guard with check for libarchive
2019-10-25 15:50:49 +02:00
Alex Kiernan
e314b31ec9 tests/export: Guard with check for libarchive
If we are built without libarchive support, this test fails:

  error: This version of ostree is not compiled with libarchive support
  ...
  ERROR: tests/test-export.sh - too few tests run (expected 5, got 0)
  ERROR: tests/test-export.sh - exited with status 1

Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
2019-10-24 19:08:59 +01:00
Colin Walters
650d6252af Revert "grub2: Exit gracefully if the configuration has BLS enabled"
This reverts commit 985a14100295c99d0c6d712bfbee0ec52a3a1601.
It turned out that some people have old bootloaders, and hence
get the "no entries" problem.  That's much, much much worse
than double entries.
2019-10-24 17:49:53 +00:00
OpenShift Merge Robot
69b604722d
Merge pull request #1954 from jlebon/pr/update-timeout
lib/pull: Avoid calling destroy on unref'ed GSource
2019-10-23 18:02:30 +02:00
OpenShift Merge Robot
53f9487c5e
Merge pull request #1952 from cgwalters/trivial-rename
build-sys: Rename internal conditionals for trivial-httpd
2019-10-23 17:53:27 +02:00
Jonathan Lebon
d4a186e80e lib/pull: Avoid calling destroy on unref'ed GSource
We're creating the timer source and then passing ownership to the
context, but because we didn't free the pointer, we would still call
`g_source_destroy` in the exit path. We'd do this right after doing
`unref` on the context too, which would have already destroyed and
unref'ed the source.

Drop that and just restrict the scope of that variable down to make
things more obvious.

Just noticed this after reviewing #1953.
2019-10-23 11:15:02 -04:00
Colin Walters
ac4e3ab3e6 build-sys: Cleanup handling for trivial-httpd-cmdline
This way it's clearer this bit is only about the CLI entrypoint
also living in `ostree trivial-httpd`, not the underlying
`ostree-trivial-httpd` binary that's separate now.

Delete the automake conditional for this, and make the manpage
conditional use `if USE_LIBSOUP` the same way the C build does.

Suggested-by: Jonathan Lebon <jonathan@jlebon.com>
2019-10-23 15:05:30 +00:00
OpenShift Merge Robot
f333ae74f4
Merge pull request #1950 from akiernan/us-revert-trivial-httpd
Revert trivial httpd changes (#1912)
2019-10-21 23:43:22 +02:00
Alex Kiernan
967ea66921 Revert "Always enable trivial-httpd for tests"
This reverts commit 82699a67dbb6bfcc9452bb969e7872809232a84f.
2019-10-19 22:20:27 +01:00
Alex Kiernan
8f0b225d60 Revert "Gate ostree-trivial-httpd on BUILDOPT_TRIVIAL_HTTPD"
This reverts commit 83d44ac20ae80d74e05d89744fd1fbd4f45b7fba.
2019-10-19 22:20:25 +01:00
OpenShift Merge Robot
1645416aac
Merge pull request #1947 from cgwalters/more-scan-build-2
More scan build 2
2019-10-18 20:59:06 +02:00
OpenShift Merge Robot
7661f3e809
Merge pull request #1949 from dbnicholson/no-g-gnuc-function
repo: Stop using deprecated G_GNUC_FUNCTION
2019-10-18 19:56:14 +02:00
Dan Nicholson
4df90d4012 repo: Stop using deprecated G_GNUC_FUNCTION
In glib 2.62 this has been changed to emitting a warning. Use G_STRFUNC
instead, which has been available for a long time and is already used in
other places in ostree.
2019-10-18 11:10:44 -06:00
Colin Walters
fbed380483 lib/checksum-utils: Use g_memdup()
This is clearer and silences a scan-build warning.
2019-10-18 15:07:39 +00:00
Colin Walters
01a3a65525 tests: [scan-build] Initialize a variable
False positive.
2019-10-18 15:07:39 +00:00
Colin Walters
57bb06419a lib: Port variant-builder.c to new style
Seeing `scan-build` warning here, prep for fixing it.
2019-10-18 15:07:39 +00:00
Colin Walters
0a808ffe20 tests: Port keyfile test to new style
Just noticed in passing.
2019-10-18 15:07:39 +00:00
Colin Walters
25c5ae5d08 lib/pull: [scan-build] Silence a dead store warning
This one was actual duplicate code.
2019-10-18 15:07:39 +00:00
Colin Walters
bc1980ca38 lib/repo: [scan-build] Quiet a dead store warning
False positive, just add a pacifier.
2019-10-18 15:07:39 +00:00
Colin Walters
a982dc97ea tree-wide: [scan-build] Fix some dead stores
No real issues, just quieting the scanner.
2019-10-18 15:07:31 +00:00
OpenShift Merge Robot
a0cdb1713d
Merge pull request #1945 from cgwalters/papr-trim
ci: Trim PAPR config to drop required flag
2019-10-16 23:12:34 +02:00
OpenShift Merge Robot
3b58d89368
Merge pull request #1943 from cgwalters/more-scan-build
More scan build
2019-10-16 20:44:15 +02:00
Colin Walters
deca9d4c7d ci: Trim PAPR config to drop required flag
Same as https://github.com/coreos/rpm-ostree/pull/1923
Quoting that rationale:

> Since we're not using Homu anymore (and Tide instead looks at
> all statuses by default), let's just drop it. This brings down the
> number of statuses on PRs by one more (and so one less context to
> override when needed).
2019-10-16 18:38:37 +00:00
OpenShift Merge Robot
c943bf40b4
Merge pull request #1912 from akiernan/us-fix-trivial-httpd
Gate ostree-trivial-httpd on BUILDOPT_TRIVIAL_HTTPD
2019-10-16 20:15:56 +02:00
OpenShift Merge Robot
38729a4f90
Merge pull request #1937 from cgwalters/zipl-backend
bootloader: Add a zipl bootloader backend
2019-10-16 17:21:10 +02:00
OpenShift Merge Robot
1139ea39db
Merge pull request #1931 from cgwalters/covscan-fixes
libotutil: Port keyfile-utils.c to new style
2019-10-16 17:05:31 +02:00
OpenShift Merge Robot
f1eb3f4e61
Merge pull request #1942 from cgwalters/build-installdeps
ci: Skip all yum operations if SKIP_INSTALLDEPS is set
2019-10-16 16:24:57 +02:00
Colin Walters
c61234a428 bootloader: Add a zipl bootloader backend
zipl is a bit special in that it parses the BLS config files
directly *but* we need to run the command to update the "boot block".

Hence, we're not generating a separate config file like the other
backends.  Instead, extend the bootloader interface with a `post_bls_sync`
method that is run in the same place we swap the `boot/loader` symlink.

We write a "stamp file" in `/boot` that says we need to run this command.
The reason we use stamp file is to prevent the case where the system is
interrupted after BLS file is updated, but before zipl is triggered,
then zipl boot records are not updated.
This opens the door to making things eventually-consistent/reconcilable
by later adding a systemd unit to run `zipl` if we're interrupted via
a systemd unit - I think we should eventually take this approach
everywhere rather than requiring `/boot/loader` to be a symlink.

Author: Colin Walters <walters@verbum.org>
Tested-by: Tuan Hoang <tmhoang@linux.ibm.com>
Co-Authored-By: Tuan Hoang <tmhoang@linux.ibm.com>
2019-10-16 14:22:02 +00:00
Colin Walters
946659aacf prune: [scan-build] Initialize a variable
Another false positive because we only read this if `opt_keep_younger_than` is `TRUE`,
but let's initialize variables on general principle.
2019-10-16 13:48:20 +00:00
Colin Walters
a8dc90b02f tree-wide: [scan-build]: Add some asserts that pointers are non-NULL
More "scan-build doesn't understand GError and our out-param conventions"
AKA "these errors would be impossible with Rust's sum type Result<> approach".
2019-10-16 13:44:46 +00:00
Colin Walters
4a38b11159 commit: [scan-build] Remove a dead assignment
The `write_commit()` API defaults to current time, and
this assignment became dead in:
8ba90a3341
2019-10-16 13:38:29 +00:00
Colin Walters
9defac5b8c ci: Skip all yum operations if SKIP_INSTALLDEPS is set
This is used by our OpenShift Prow job; we use the
cosa buildroot container:

https://github.com/coreos/coreos-assembler/pull/730

And using `yum` at all means we can flake on fetching rpm metadata.
2019-10-16 13:32:36 +00:00
Colin Walters
810f24d897 libotutil: Port keyfile-utils.c to new style
I was trying to fix a clang `scan-build` error that jlebon
ended up tracking down in
9344de1ce1

But in the process of tracing through this I found it
way easier to read as "new style" code, so this also ports the
code.

I added a `g_assert()` in there too to help assert that
`g_key_file_get_value` won't leak in the error path.
2019-10-16 13:30:21 +00:00
OpenShift Merge Robot
347e234aaa
Merge pull request #1932 from cgwalters/covscan-fixes-2
libostree: Add an assert to pacify clang-analyzer
2019-10-15 19:56:54 +02:00
OpenShift Merge Robot
0eb235fa2d
Merge pull request #1939 from jlebon/pr/fix-keyfile-leak
src/libotutil: Fix strv memory leak
2019-10-15 19:13:56 +02:00
Jonathan Lebon
9344de1ce1 src/libotutil: Fix strv memory leak
We were only freeing the array and not the members.

Caught by `clang-analyzer` in:
https://github.com/ostreedev/ostree/pull/1931
2019-10-15 11:59:45 -04:00
OpenShift Merge Robot
72c7619bff
Merge pull request #1933 from cgwalters/scan-build-0
A few more scan-build fixes
2019-10-15 17:59:00 +02:00
Colin Walters
806206fac2 repo: [scan-build]: Mark a variable used
We're just using this to auto-free, quiet the static analysis.
2019-10-15 12:41:27 +00:00
Colin Walters
51d9aa35a9 sysroot: [scan-build] Remove a dead assignment
Just quieting the scan.
2019-10-15 12:41:27 +00:00
Colin Walters
f1fdd885ab sysroot: [scan-build]: Remove a dead assignment
Clarify the conditionals here and remove a dead assignment.
2019-10-15 12:41:27 +00:00
Colin Walters
9032182e3c repo: [scan-build] Initialize a variable
Another GLib error convention issue; but eh, we might as
well be conservative and always initialize variables.
2019-10-15 12:41:27 +00:00