IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
manager_{get|set|override}_watchdog check the validity of the new
timeout or the overridden timeout values using timestamp_is_set which
does not recognize "0" as a valid value. However since f16890f, "0"
indicates a disabled watchdog and so is a value we should be able to
configure in order to disable the watchdog. A value of USEC_INFINITY is
considered a no-op. The behavior should be the same for all watchdog
timeout configurations (runtime, pretimeout, and shutdown).
Private mappings are required when F_SEAL_WRITE is set on a memfd,
because otherwise you could end up with writable mappings through
mprotect() and other calls. This is a limitation of the kernel
implementation, and might be lifted by future extensions.
Regardless, the current code tests for the full `is_sealed()` before
using MAP_PRIVATE. This might end up using MAP_SHARED for write-sealed
memfds, which will be refused by the kernel.
Fix this and make memfd_map() check for exactly `F_SEAL_WRITE`.
Rather than always setting all seals, make `memfd_set_seals()` employ
the original set of seals, that is: SEAL+GROW+SHRINK+WRITE
Historically, the memfd code was used with the out-of-tree memfd
patches, which merely supported a single seal ("SEALED", which
effectively was GROW+SHRINK+WRITE). When the code was adapted to the
upstream memfd seals, it was extended to the full seal set. With more
and more seals being added upstream, this because more problematic. In
particular, it is unclear what the function really is meant to achieve.
Instead of just adding all seals, the function is returned to its
original purpose: seal the memfd so futher modifications to its content
are prevented.
With `F_SEAL_SEAL` a memfd can disable further sealing operations,
effectively sealing the set of seals. Testing for it ensures that no
further seals can be added, it never prevents seals from being dropped,
since seals cannot be dropped, ever.
Now testing for `F_SEAL_SEAL` makes sense if you want to ensure that
some seals are *not* set. That is, you either test for the entire set of
seals to match a local set, or you verify that a specific seal is not
set. Neither is what we are doing, so it feels wrong requiring it to be
set.
By dropping the requirement for `F_SEAL_SEAL`, the same FD can be shared
with other entities while retaining the ability to further restrict the
set of seals later on (e.g., being able to mark a region as executable
later on, and then adding `F_SEAL_EXEC`).
--oem can be used to only install OEM partitions (usr, verity,
verity-sig, ...). OEM= is used to indicate OEM partitions. If unset,
defaults to !FactoryReset. We also add a credential repart.oem to
allow configuring --oem via a credential.
Let's allow the combination of these two options. When used, repart
will first try to apply the CopyBlocks= behavior. If that's not possible,
it falls back to the CopyFiles= behavior.
This is a first step in being able to also use the partition definition
files shipped in the image to build the image in mkosi instead of having
a separate set of repart definition files to build the image.
