shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-03 01:17:45 +03:00
Code
Backports of patch from systemd git to stable distributions
61,506 Commits 36 Branches 652 Tags 226 MiB
C 89.4%
Python 5.8%
Shell 2.1%
Meson 1.3%
HTML 0.9%
Other 0.4%
f381320760
Go to file
Luca Boccassi f381320760 boot: skip loading DTBs in type 1 when secure boot is enabled 
The kernel loads the DTB from EFI before ExitBootServices():

https://github.com/torvalds/linux/blob/v6.5/drivers/firmware/efi/libstub/fdt.c#L245

DTBs can map and assign arbitrary memory ranges. The kernel refuses
to load one from the dtb= kernel command line parameter when secure
boot is enabled, as it's not safe. Let's do the same for type 1
entries, as they are unverified.

This only affects arm64 and riscv64, firmwares do not support DTB
on x86.

(cherry picked from commit 4b4d612d86)
(cherry picked from commit c1404fff32)
(cherry picked from commit 7844c655be)
2023-09-20 10:14:24 +01:00
.clusterfuzzlite ci: unpin CFLite 2022-04-26 09:13:57 +00:00
.github mkosi: disable fedora builds 2023-04-28 16:29:56 +01:00
.semaphore ci: bump debian release bullseye -> bookworm 2023-07-08 10:42:52 +01:00
catalog meson: Install all catalogs 2023-02-10 20:28:11 +00:00
coccinelle basic/list: drop LIST_IS_EMPTY 2022-07-02 12:46:16 +02:00
docs tree-wide: use https for the 0pointer.de doc links 2023-07-08 10:42:52 +01:00
factory meson: also allow setting GIT_VERSION via templates 2022-04-05 22:18:31 +02:00
hwdb.d hwdb: Mute SW rfkill keys on MSI Wind U100 2023-08-10 09:43:05 +01:00
LICENSES network: change license of examples to MIT-0 2022-10-26 08:39:34 +02:00
man pkg.m4 macro needs brackets 2023-09-08 16:35:10 +01:00
mkosi.default.d mkosi: pull in libbpf1 instead of legacy libbpf0 on debian 2022-12-14 23:22:28 +00:00
modprobe.d meson: install the right README file in modprobe.d 2021-07-07 14:52:05 +02:00
network meson: Install missing network file 2023-02-10 20:28:11 +00:00
po po: Translated using Weblate (Chinese (Simplified) (zh_CN)) 2022-10-31 12:54:01 +01:00
presets units: enable systemd-network-generator by default 2021-12-16 09:49:39 +01:00
rules.d udev: set ID_PATH properties for all pci, usb, and platform devices 2023-09-08 16:35:10 +01:00
shell-completion shell-completions: code cleanup 2023-09-08 16:35:10 +01:00
src boot: skip loading DTBs in type 1 when secure boot is enabled 2023-09-20 10:14:24 +01:00
sysctl.d tree-wide: link to docs.kernel.org for kernel documentation 2022-07-04 19:56:53 +02:00
sysusers.d sysusers: also add root group 2023-02-16 18:10:56 +00:00
test wait-online: request that at least one managed online interface exists 2023-09-08 16:35:10 +01:00
tmpfiles.d tmpfiles.d: drop misleading comment 2023-03-03 12:00:07 +01:00
tools Report version string as in the Boot Loader Spec, fix boot loader upgrades 2022-10-25 13:23:57 +02:00
units units/initrd-parse-etc.service: Conflict with emergency.target 2023-08-10 09:43:05 +01:00
xorg xorg/50-systemd-user: add a full license header 2021-10-01 14:45:00 +02:00
.clang-format clang-format: Adjust style of pointers 2022-05-30 04:00:54 +09:00
.ctags editors: Prevent ctags from following symlinks 2019-02-15 11:01:20 -08:00
.dir-locals.el scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.editorconfig docs: configure editorconfig for css and html 2022-05-17 21:13:17 +02:00
.gitattributes gitattributes: introduce and use "generated" attribute 2021-10-18 09:42:55 +02:00
.gitignore core/cgroup: CPUWeight/CPUShares support idle input 2022-08-11 14:25:58 +02:00
.mailmap mailmap: two more names 2021-03-30 13:17:58 +02:00
.packit.yml packit: build on Fedora 38 2023-09-08 16:35:10 +01:00
.vimrc scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.ycm_extra_conf.py ycm: add doc string for all the functions in configuration file 2017-11-29 13:21:49 -07:00
configure configure: update meson invocation 2023-08-10 09:43:05 +01:00
LICENSE.GPL2 relicense to LGPLv2.1 (with exceptions) 2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1 licence: remove references to old FSF address 2012-12-17 11:41:31 +01:00
Makefile tree-wide: add spdx header on all scripts and helpers 2021-01-28 09:55:35 +01:00
meson_options.txt meson: fix description for link-udev-shared option 2023-06-02 13:42:21 +01:00
meson.build meson: allow to fallback to use libxcrypt.pc or glibc's libcrypt 2023-07-08 10:42:52 +01:00
mkosi.build mkosi: Make sure bpf-framework works on CentOS Stream 8 as well 2022-10-17 08:45:48 +02:00
mkosi.postinst mkosi: Ensure we build all features/components in mkosi 2022-08-23 15:19:26 +02:00
NEWS tree-wide: use https for the 0pointer.de doc links 2023-07-08 10:42:52 +01:00
README docs: update unit name for sd-tmpfiles-setup 2023-03-30 18:44:58 +02:00
README.md README.md: add a missing line break 2022-10-19 11:17:33 +02:00
TODO doc: replace wrong á preposition by à 2023-03-30 18:59:30 +02:00

README.md

Systemd

System and Service Manager

Semaphore CI 2.0 Build Status
Coverity Scan Status
OSS-Fuzz Status
CIFuzz
CII Best Practices
CentOS CI - CentOS 8
CentOS CI - Arch
CentOS CI - Arch (sanitizers)
CentOS CI - Rawhide (SELinux)
Fossies codespell report
Coverage Status
Packaging status
OpenSSF Scorecard

Details

Most documentation is available on systemd's web site.

Assorted, older, general information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Code Map for information about this repository's layout and content.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.