Hello community, here is the log from the commit of package s390-tools for openSUSE:Factory checked in at 2020-07-30 09:55:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/s390-tools (Old) and /work/SRC/openSUSE:Factory/.s390-tools.new.3592 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "s390-tools" Thu Jul 30 09:55:55 2020 rev:32 rq:823201 version:2.11.0 Changes: -------- --- /work/SRC/openSUSE:Factory/s390-tools/s390-tools.changes 2020-04-13 12:49:49.484554908 +0200 +++ /work/SRC/openSUSE:Factory/.s390-tools.new.3592/s390-tools.changes 2020-07-30 09:55:58.667069881 +0200 @@ -1,0 +2,44 @@ +Fri Jul 24 21:17:36 UTC 2020 - Mark Post <[email protected]> + +- The location of the udevadm binary was changed from /sbin/ to /usr/bin + a while back. A symbolic link was added for compatibility. In the latest + versions, that symbolic link has been removed, requiring changes to scripts + that were depending on that. + Added the following patches for bsc#1171587 + * s390-tools-sles15sp2-lsluns-try-harder-to-find-udevadm.patch + * s390-tools-sles15sp2-znetconf-introduce-better-ways-to-locate-udevadm.patch + *s390-tools-sles15sp2-mon_tools-update-udevadm-location.patch + +------------------------------------------------------------------- +Thu Jul 23 19:28:25 UTC 2020 - Mark Post <[email protected]> + +- Added s390-tools-sles15sp2-zipl-prevent-endless-loop-during-IPL.patch + (bsc#1174309) zipl: prevent endless loop during secure IPL +- Added s390-tools-sles15sp2-zipl-check-for-valid-ipl-parmblock-lowcore-pointer.patch + (bsc#1174310) zipl: check for valid ipl parmblock lowcore pointer +- Added s390-tools-sles15sp2-01-zipl-libc-libc_stop-move-noreturn-to-declaration.patch + s390-tools-sles15sp2-02-zipl-stage3-correctly-handle-diag308-response-code.patch + (bsc1174311) zipl: Fix KVM IPL without bootindex +- Updated cputype and read_values to recognize the new z15 models. + +------------------------------------------------------------------- +Thu Jul 23 19:28:25 UTC 2020 - Mark Post <[email protected]> + +- Added s390-tools-sles15sp2-zipl-prevent-endless-loop-during-IPL.patch + (bsc#1174309) zipl: prevent endless loop during secure IPL +- Added s390-tools-sles15sp2-zipl-check-for-valid-ipl-parmblock-lowcore-pointer.patch + (bsc#1174310) zipl: check for valid ipl parmblock lowcore pointer +- Added s390-tools-sles15sp2-01-zipl-libc-libc_stop-move-noreturn-to-declaration.patch + s390-tools-sles15sp2-02-zipl-stage3-correctly-handle-diag308-response-code.patch + (bsc1174311) zipl: Fix KVM IPL without bootindex +- Updated cputype and read_values to recognize the new z15 models. + +------------------------------------------------------------------- +Mon Jun 29 19:45:01 UTC 2020 - Mark Post <[email protected]> + +- Added s390-tools-sles15sp2-vmcp-exit-code.patch (bsc#1173481) + Change the vmcp exit code and return 'CP command failed' when both + "CP command failed" and "response buffer is too small" error + conditions are true. + +------------------------------------------------------------------- New: ---- s390-tools-sles15sp2-01-zipl-libc-libc_stop-move-noreturn-to-declaration.patch s390-tools-sles15sp2-02-zipl-stage3-correctly-handle-diag308-response-code.patch s390-tools-sles15sp2-lsluns-try-harder-to-find-udevadm.patch s390-tools-sles15sp2-mon_tools-update-udevadm-location.patch s390-tools-sles15sp2-vmcp-exit-code.patch s390-tools-sles15sp2-zipl-check-for-valid-ipl-parmblock-lowcore-pointer.patch s390-tools-sles15sp2-zipl-prevent-endless-loop-during-IPL.patch s390-tools-sles15sp2-znetconf-introduce-better-ways-to-locate-udevadm.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ s390-tools.spec ++++++ --- /var/tmp/diff_new_pack.0wMfjA/_old 2020-07-30 09:56:00.803070309 +0200 +++ /var/tmp/diff_new_pack.0wMfjA/_new 2020-07-30 09:56:00.807070309 +0200 @@ -188,6 +188,14 @@ Patch99: s390-tools-sles15sp2-03-zipl-correct-secure-boot-config-handling.patch Patch100: s390-tools-sles15sp2-04-zipl-fix-zipl.conf-man-page-example-for-secure-boot.patch Patch101: s390-tools-sles15sp2-01-cpumf-add-new-deflate-counters-for-z15.patch +Patch102: s390-tools-sles15sp2-vmcp-exit-code.patch +Patch103: s390-tools-sles15sp2-zipl-prevent-endless-loop-during-IPL.patch +Patch104: s390-tools-sles15sp2-zipl-check-for-valid-ipl-parmblock-lowcore-pointer.patch +Patch105: s390-tools-sles15sp2-01-zipl-libc-libc_stop-move-noreturn-to-declaration.patch +Patch106: s390-tools-sles15sp2-02-zipl-stage3-correctly-handle-diag308-response-code.patch +Patch107: s390-tools-sles15sp2-lsluns-try-harder-to-find-udevadm.patch +Patch108: s390-tools-sles15sp2-znetconf-introduce-better-ways-to-locate-udevadm.patch +Patch109: s390-tools-sles15sp2-mon_tools-update-udevadm-location.patch # SUSE patches Patch900: s390-tools-sles12-zipl_boot_msg.patch ++++++ cputype ++++++ --- /var/tmp/diff_new_pack.0wMfjA/_old 2020-07-30 09:56:00.935070335 +0200 +++ /var/tmp/diff_new_pack.0wMfjA/_new 2020-07-30 09:56:00.935070335 +0200 @@ -60,7 +60,8 @@ 2965) echo "${machine} = z13s IBM z13s (single frame)" ;; 3906) echo "${machine} = z14 IBM z14" ;; 3907) echo "${machine} = z14 ZR1 IBM z14 ZR1" ;; - 8561) echo "${machine} = z15 IBM z15" ;; + 8561) echo "${machine} = z15 T01 IBM z15 T01" ;; + 8562) echo "${machine} = z15 T02 IBM z15 T02" ;; *) echo "An unknown machine type was reported: ${machine}" >&2 echo "Please file a bug report with this output:" >&2 /bin/cat /proc/cpuinfo >&2 ++++++ read_values.c ++++++ --- /var/tmp/diff_new_pack.0wMfjA/_old 2020-07-30 09:56:01.123070372 +0200 +++ /var/tmp/diff_new_pack.0wMfjA/_new 2020-07-30 09:56:01.123070372 +0200 @@ -72,8 +72,10 @@ { QC_TYPE_FAMILY_LINUXONE, "3906", "3906 = IBM LinuxONE Emperor II" }, { QC_TYPE_FAMILY_IBMZ, "3907", "3907 = z14 ZR1 IBM z14 ZR1" }, { QC_TYPE_FAMILY_LINUXONE, "3907", "3907 = IBM LinuxONE Rockhopper II" }, - { QC_TYPE_FAMILY_IBMZ, "8561", "8561 = z15 IBM z15" }, - { QC_TYPE_FAMILY_LINUXONE, "8561", "8561 = IBM LinuxONE III" }, + { QC_TYPE_FAMILY_IBMZ, "8561", "8561 = z15 T01 IBM z15 T01" }, + { QC_TYPE_FAMILY_LINUXONE, "8561", "8561 = IBM LinuxONE III LT1" }, + { QC_TYPE_FAMILY_IBMZ, "8562", "8562 = z15 T02 IBM z15 T02" }, + { QC_TYPE_FAMILY_LINUXONE, "8562", "8562 = IBM LinuxONE III LT2" }, }; int debug = 0; ++++++ s390-tools-sles15sp2-01-zipl-libc-libc_stop-move-noreturn-to-declaration.patch ++++++ Subject: [PATCH] [BZ 186940] zipl/libc: libc_stop move 'noreturn' to declaration From: Stefan Haberland <[email protected]> Description: zipl: Fix KVM IPL without bootindex Symptom: Failed IPL on KVM when no bootindex is specified. Problem: Without bootindex specified there is no IPL parmblock on KVM which can be read by the stage3 loader. Solution: In case diag308 gives a response code 0x102 the stage3 loader can safely assume that no secure IPL is required since no IPL report block exists. Reproduction: IPL on KVM without 'bootindex=' attached. Upstream-ID: c9066bf5497300db5e0ba11bf111683ea225d8c8 Problem-ID: 186940 Upstream-Description: zipl/libc: libc_stop move 'noreturn' to declaration Commit 86856f98dbe3 ("zipl: Make use of __noreturn macro") moved the 'noreturn' attribute from declaration to definition. With this the compiler can no longer optimize when the function is called in a separate source file. Move the attribute back to the declaration Reviewed-by: Stefan Haberland <[email protected]> Signed-off-by: Marc Hartmayer <[email protected]> Signed-off-by: Stefan Haberland <[email protected]> --- zipl/boot/libc.c | 3 +-- zipl/boot/libc.h | 4 +++- 2 files changed, 4 insertions(+), 3 deletions(-) --- a/zipl/boot/libc.c +++ b/zipl/boot/libc.c @@ -13,7 +13,6 @@ #include <stdarg.h> -#include "lib/zt_common.h" #include "boot/s390.h" #include "error.h" @@ -501,7 +500,7 @@ void initialize(void) /* * Load disabled wait PSW with reason code in address field */ -void __noreturn libc_stop(unsigned long reason) +void libc_stop(unsigned long reason) { struct psw_t psw; --- a/zipl/boot/libc.h +++ b/zipl/boot/libc.h @@ -15,6 +15,8 @@ #define NULL ((void *) 0) +#include "lib/zt_common.h" + #define EPERM 1 /* Operation not permitted */ #define ENOENT 2 /* No such file or directory */ #define ESRCH 3 /* No such process */ @@ -56,7 +58,7 @@ char *strcpy(char *, const char *); unsigned long get_zeroed_page(void); void free_page(unsigned long); void initialize(void); -void libc_stop(unsigned long); +void libc_stop(unsigned long) __noreturn; void start(void); void pgm_check_handler(void); void pgm_check_handler_fn(void); ++++++ s390-tools-sles15sp2-02-zipl-stage3-correctly-handle-diag308-response-code.patch ++++++ Subject: [PATCH] [BZ 186940] zipl/stage3: correctly handle diag308 response code From: Stefan Haberland <[email protected]> Description: zipl: Fix KVM IPL without bootindex Symptom: Failed IPL on KVM when no bootindex is specified. Problem: Without bootindex specified there is no IPL parmblock on KVM which can be read by the stage3 loader. Solution: In case diag308 gives a response code 0x102 the stage3 loader can safely assume that no secure IPL is required since no IPL report block exists. Reproduction: IPL on KVM without 'bootindex=' attached. Upstream-ID: b7f1977d3f9332f82e7f388fb18076b89b83944e Problem-ID: 186940 Upstream-Description: zipl/stage3: correctly handle diag308 response code In case diag308 gives a response code 0x102 the stage3 loader can safely assume that no secure IPL is required since no IPL report block exists. Suggested-by: Marc Hartmayer <[email protected]> Signed-off-by: Stefan Haberland <[email protected]> Reviewed-by: Marc Hartmayer <[email protected]> Reviewed-by: Philipp Rudo <[email protected]> Tested-by: Marc Hartmayer <[email protected]> Signed-off-by: Stefan Haberland <[email protected]> --- include/boot/s390.h | 1 + zipl/boot/stage3.c | 25 +++++++++++-------------- 2 files changed, 12 insertions(+), 14 deletions(-) --- a/include/boot/s390.h +++ b/include/boot/s390.h @@ -279,6 +279,7 @@ enum diag308_subcode { enum diag308_rc { DIAG308_RC_OK = 0x0001, + DIAG308_RC_NO_CONF = 0x0102, }; static __always_inline unsigned long diag308(unsigned long subcode, void *addr) --- a/zipl/boot/stage3.c +++ b/zipl/boot/stage3.c @@ -55,18 +55,6 @@ static inline void __noreturn start_kern while (1); } -unsigned int store_ipl_parmblock(struct ipl_pl_hdr *pl_hdr) -{ - int rc; - - rc = diag308(DIAG308_STORE, pl_hdr); - if (rc == DIAG308_RC_OK && - pl_hdr->version <= IPL_MAX_SUPPORTED_VERSION) - return 0; - - return 1; -} - unsigned int is_verified_address(unsigned long image_addr) { @@ -124,9 +112,18 @@ secure_boot_enabled() unsigned int rc; pl_hdr = (void *)get_zeroed_page(); - if (!pl_hdr || store_ipl_parmblock(pl_hdr)) + switch (diag308(DIAG308_STORE, pl_hdr)) { + case DIAG308_RC_OK: + rc = pl_hdr->version <= IPL_MAX_SUPPORTED_VERSION && + !!(pl_hdr->flags & IPL_FLAG_SECURE); + break; + case DIAG308_RC_NO_CONF: + rc = 0; + break; + default: panic(ESECUREBOOT, "%s", msg_sipl_noparm); - rc = !!(pl_hdr->flags & IPL_FLAG_SECURE); + break; + } free_page((unsigned long) pl_hdr); return rc; ++++++ s390-tools-sles15sp2-lsluns-try-harder-to-find-udevadm.patch ++++++ >From e679a4002ecea6d8177430d6efde2b3ef2b89d0e Mon Sep 17 00:00:00 2001 From: Julian Wiedmann <[email protected]> Date: Wed, 13 May 2020 18:19:35 +0200 Subject: [PATCH] lsluns: try harder to find udevadm MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Hard-coding udevadm's location isn't robust enough - for instance, Ubuntu 20.04 moved it to /usr/bin. First see if we can reach it through $PATH, then fall back to hard-coded locations that we know about. Also when finally falling back to udevsettle, check that it exists. Otherwise we end up throwing tons of "No such file or directory" error messages at the user. Signed-off-by: Julian Wiedmann <[email protected]> Reviewed-by: Steffen Maier <[email protected]> Reviewed-by: Fedor Loshakov <[email protected]> Signed-off-by: Jan Höppner <[email protected]> --- zconf/lsluns | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/zconf/lsluns b/zconf/lsluns index bfe48f1..7144c78 100755 --- a/zconf/lsluns +++ b/zconf/lsluns @@ -24,13 +24,22 @@ my $wlun = "0xc101000000000000"; my $lun0 = "0x0000000000000000"; my $sg_dir = "/sys/class/scsi_generic"; my $udevsettle_call; -my $udevadm = "/sbin/udevadm"; -if (! -e $udevadm) { - $udevsettle_call = "/sbin/udevsettle"; +# See if we can find udevadm through $PATH: +if (!system("udevadm --version > /dev/null 2>&1")) { + $udevsettle_call = "udevadm settle"; +# Search udevadm in well-known locations: +} elsif (-e "/sbin/udevadm") { + $udevsettle_call = "/sbin/udevadm settle"; +} elsif (-e "/usr/bin/udevadm") { + $udevsettle_call = "/usr/bin/udevadm settle"; +# Fall back to udevsettle: +} elsif (-e "/sbin/udevsettle") { + $udevsettle_call = "/sbin/udevsettle"; } else { - $udevsettle_call = "$udevadm settle"; + $udevsettle_call = ""; + print "Failed to find any candidate for udevsettle.\n"; } # read the first line of a sysfs-entry and compare it to a given string -- 2.26.2 ++++++ s390-tools-sles15sp2-mon_tools-update-udevadm-location.patch ++++++ >From 2215ba672e2f1e69b21b8b852db566b87df7adf7 Mon Sep 17 00:00:00 2001 From: Gerald Schaefer <[email protected]> Date: Mon, 6 Jul 2020 13:30:40 +0200 Subject: [PATCH] mon_tools: update udevadm location MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Modern distributions do not provide the symlink /sbin/udevadm any more. Use /usr/bin/udevadm instead for the example init script / systemd units. Note that those are meant for example purpose and would need to be adjusted by distributions, so no extra effort is taken to determine the actual location of udevadm. Signed-off-by: Gerald Schaefer <[email protected]> Signed-off-by: Jan Höppner <[email protected]> --- etc/init.d/mon_statd | 2 +- systemd/mon_fsstatd.service.in | 2 +- systemd/mon_procd.service.in | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/etc/init.d/mon_statd b/etc/init.d/mon_statd index 90bd565..68f6d91 100755 --- a/etc/init.d/mon_statd +++ b/etc/init.d/mon_statd @@ -31,7 +31,7 @@ if [ -f $CONFIG_FILE ]; then . $CONFIG_FILE fi -UDEVSETTLE=/sbin/udevadm +UDEVSETTLE=/usr/bin/udevadm if [ ! -e $UDEVSETTLE ] then UDEVSETTLE=/sbin/udevsettle diff --git a/systemd/mon_fsstatd.service.in b/systemd/mon_fsstatd.service.in index 8620d3b..cdba480 100644 --- a/systemd/mon_fsstatd.service.in +++ b/systemd/mon_fsstatd.service.in @@ -29,7 +29,7 @@ EnvironmentFile=@sysconf_path@/sysconfig/mon_fsstatd #Environment=FSSTAT_INTERVAL=30 ExecStartPre=-/sbin/modprobe monwriter -ExecStartPre=/sbin/udevadm settle --timeout=10 +ExecStartPre=/usr/bin/udevadm settle --timeout=10 ExecStart=@usrsbin_path@/mon_fsstatd -i $FSSTAT_INTERVAL ExecReload=/bin/kill -HUP $MAINPID KillMode=process diff --git a/systemd/mon_procd.service.in b/systemd/mon_procd.service.in index 512e584..1c5b3f4 100644 --- a/systemd/mon_procd.service.in +++ b/systemd/mon_procd.service.in @@ -29,7 +29,7 @@ EnvironmentFile=@sysconf_path@/sysconfig/mon_procd #Environment=PROC_INTERVAL=30 ExecStartPre=-/sbin/modprobe monwriter -ExecStartPre=/sbin/udevadm settle --timeout=10 +ExecStartPre=/usr/bin/udevadm settle --timeout=10 ExecStart=@usrsbin_path@/mon_procd -i $PROC_INTERVAL ExecReload=/bin/kill -HUP $MAINPID KillMode=process -- 2.26.2 ++++++ s390-tools-sles15sp2-vmcp-exit-code.patch ++++++ Subject: [PATCH] [BZ 186342] vmcp: Change sequence of failed exit From: Thomas Richter <[email protected]> Description: vmcp: Change sequence of failed exit Symptom: VMCP command fails to execute commands with a very large response on a very memory constraint system. A kernel log message appears in the kernel log file: 2020-05-29T10:57:16.543860-05:00 xdrf1 kernel: cma: cma_alloc: alloc failed, req-size: 8 pages, ret: -16 The vmcp command fails and indicates this in the exit code. Problem: When vmcp fails to execute a CP command with both error conditions - response buffer is too small - CP command failed then the vmcp program exits with 'response buffer too small' indication. However, an exit code indicating 'CP command failed' would be more important in this case. So change the vmcp exit code and return 'CP command failed' for above error scenario. Solution: Change the vmcp exit code and return 'CP command failed' when both error conditions are true. Reproduction: Issue vmcp varyoff command on system with low memory and many DASD devices. Upstream-ID: 53b949926f1bf0c6070650aae5f474e8df5378df Problem-ID: 186342 Upstream-Description: vmcp: Change sequence of failed exit When vmcp fails to execute a CP command with both error conditions - response buffer is too small - CP command failed then the vmcp program exits with 'response buffer too small' indication. However, an exit code indicating 'CP command failed' would be more important in this case. So change the vmcp exit code and return 'CP command failed' for above error scenario. Signed-off-by: Thomas Richter <[email protected]> Signed-off-by: Jan Hoeppner <[email protected]> Signed-off-by: Thomas Richter <[email protected]> --- vmcp/vmcp.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) --- a/vmcp/vmcp.c +++ b/vmcp/vmcp.c @@ -235,15 +235,15 @@ int main(int argc, char **argv) write_buffer(STDOUT_FILENO, cp.response, MIN(cp.response_size, cp.buffer_size)); free(cp.response); - if (ret == VMCP_ERR_TOOSMALL) { - fprintf(stderr, "Error: output (%d bytes) was truncated, try " - "--buffer to increase size\n", cp.response_size); - return VMCP_BUF; - } if (cp.cprc > 0) { fprintf(stderr, "Error: non-zero CP response for command '%s': " "#%d\n", command, cp.cprc); return VMCP_CP; } + if (ret == VMCP_ERR_TOOSMALL) { + fprintf(stderr, "Error: output (%d bytes) was truncated, try " + "--buffer to increase size\n", cp.response_size); + return VMCP_BUF; + } return EXIT_SUCCESS; } ++++++ s390-tools-sles15sp2-zipl-check-for-valid-ipl-parmblock-lowcore-pointer.patch ++++++ Subject: [PATCH] [BZ 186938] zipl: check for valid ipl parmblock lowcore pointer From: Stefan Haberland <[email protected]> Description: zipl: check for valid ipl parmblock lowcore pointer Symptom: For CCW type IPL the IPL might fail. Problem: The lowcore parmblock pointer is not valid in every case. For example it is invalid for CCW type IPL. Solution: To have an indication if the pointer is valid do a diag308 to store the parmblock and check if secure boot is enabled. If it is enabled the lowcore pointer is valid and the ipl report that is needed for secure boot can be found right behind the ipl parmblock. Reproduction: IPL from CCW devices. Upstream-ID: ee9d606f800741eedeec1dcf1d2ddbfccbc21140 Problem-ID: 186938 Signed-off-by: Stefan Haberland <[email protected]> --- include/boot/ipl.h | 1 + zipl/boot/stage3.c | 24 ++++++++++++++++++++---- 2 files changed, 21 insertions(+), 4 deletions(-) --- a/include/boot/ipl.h +++ b/include/boot/ipl.h @@ -18,6 +18,7 @@ #define IPL_RB_COMPONENT_FLAG_SIGNED 0x80 #define IPL_RB_COMPONENT_FLAG_VERIFIED 0x40 +#define IPL_MAX_SUPPORTED_VERSION 0 #define IPL_PARM_BLOCK_VERSION 0x1 /* IPL Types */ --- a/zipl/boot/stage3.c +++ b/zipl/boot/stage3.c @@ -26,6 +26,7 @@ static const char *msg_sipl_inval = "Secure boot failure: invalid load address"; static const char *msg_sipl_unverified = "Secure boot failure: unverified load address"; +static const char *msg_sipl_noparm = "Secure boot failure: unable to load ipl parameter"; static inline void __noreturn start_kernel(void) { @@ -54,6 +55,18 @@ static inline void __noreturn start_kern while (1); } +unsigned int store_ipl_parmblock(struct ipl_pl_hdr *pl_hdr) +{ + int rc; + + rc = diag308(DIAG308_STORE, pl_hdr); + if (rc == DIAG308_RC_OK && + pl_hdr->version <= IPL_MAX_SUPPORTED_VERSION) + return 0; + + return 1; +} + unsigned int is_verified_address(unsigned long image_addr) { @@ -104,12 +117,15 @@ unsigned int secure_boot_enabled() { struct ipl_pl_hdr *pl_hdr; - unsigned long tmp; + unsigned int rc; - tmp = (unsigned long) S390_lowcore.ipl_parmblock_ptr; - pl_hdr = (struct ipl_pl_hdr *) tmp; + pl_hdr = (void *)get_zeroed_page(); + if (!pl_hdr || store_ipl_parmblock(pl_hdr)) + panic(ESECUREBOOT, "%s", msg_sipl_noparm); + rc = !!(pl_hdr->flags & IPL_FLAG_SECURE); + free_page((unsigned long) pl_hdr); - return pl_hdr->flags & IPL_FLAG_SECURE; + return rc; } void start(void) ++++++ s390-tools-sles15sp2-zipl-prevent-endless-loop-during-IPL.patch ++++++ Subject: [PATCH] [BZ 186939] zipl: prevent endless loop during secure IPL From: Stefan Haberland <[email protected]> Description: zipl: prevent endless loop during secure IPL Symptom: During IPL with secure boot enabled the loader may loop infinitely. Problem: In case secure boot is enabled but no components in the IPL report are found it ends up in an endless loop in the component verification. Solution: To prevent this check if components are found and exit if not. Reproduction: IPL with secure boot enabled. Upstream-ID: d5a88c1e56852881e8b0bb4056ffaa25bea818c5 Problem-ID: 186939 Signed-off-by: Stefan Haberland <[email protected]> --- zipl/boot/stage3.c | 4 ++++ 1 file changed, 4 insertions(+) --- a/zipl/boot/stage3.c +++ b/zipl/boot/stage3.c @@ -104,6 +104,10 @@ is_verified_address(unsigned long image_ rb_hdr = (void *) rb_hdr + rb_hdr->len; } + + if (!comps) + return 0; + for_each_rb_entry(comp, comps) { if (image_addr == comp->addr && comp->flags & IPL_RB_COMPONENT_FLAG_SIGNED && ++++++ s390-tools-sles15sp2-znetconf-introduce-better-ways-to-locate-udevadm.patch ++++++ >From 1003d8141209fdbd50d02aec2cad4690aec48702 Mon Sep 17 00:00:00 2001 From: Guevenc Guelce <[email protected]> Date: Wed, 8 Jul 2020 18:31:34 +0200 Subject: [PATCH] znetconf: introduce better ways to locate udevadm MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When udevadm is going to be used, try to locate it in $PATH and if it fails, try to locate it in well-known binary paths. Signed-off-by: Guevenc Guelce <[email protected]> Signed-off-by: Jan Höppner <[email protected]> --- zconf/znetconf | 42 +++++++++++++++++++++++++++++++++--------- 1 file changed, 33 insertions(+), 9 deletions(-) diff --git a/zconf/znetconf b/zconf/znetconf index ba8dec4..497e97f 100755 --- a/zconf/znetconf +++ b/zconf/znetconf @@ -63,14 +63,8 @@ CMD=$(basename $0) LSZNET=/lib/s390-tools/lsznet.raw LSZNET_ARGS=-a LSZNET_CALL="$LSZNET $LSZNET_ARGS" -UDEVSETTLE=/sbin/udevadm -if [ ! -e $UDEVSETTLE ] -then - UDEVSETTLE=/sbin/udevsettle - UDEVSETTLE_CALL="$UDEVSETTLE --timeout=10" -else - UDEVSETTLE_CALL="$UDEVSETTLE settle --timeout=10" -fi +UDEVSETTLE=udevadm +UDEVSETTLE_CALL="$UDEVSETTLE settle --timeout=10" SYSFSDIR=$(cat /proc/mounts|awk '$3=="sysfs"{print $2; exit}') CCWGROUPBUS_DIR=$SYSFSDIR/bus/ccwgroup CCWDEV_DIR=$SYSFSDIR/bus/ccw/devices @@ -261,6 +255,35 @@ function lookup_lan_layer() #============================================================================== +function prepare_udevsettle_cmd() +{ + # is the command available in $PATH + if ! [ -x "$(command -v $UDEVSETTLE)" ] + then + # check the well known locations. + if [ -e "/sbin/udevadm" ] + then + UDEVSETTLE=/sbin/udevadm + UDEVSETTLE_CALL="$UDEVSETTLE settle --timeout=10" + elif [ -e "/usr/bin/udevadm" ] + then + UDEVSETTLE=/usr/bin/udevadm + UDEVSETTLE_CALL="$UDEVSETTLE settle --timeout=10" + elif [ -e "/sbin/udevsettle" ] + then + # Fallback to udevsettle + UDEVSETTLE=/sbin/udevsettle + UDEVSETTLE_CALL="$UDEVSETTLE --timeout=10" + else + UDEVSETTLE="" + UDEVSETTLE_CALL="" + echo "Failed to find any candidate for udevsettle" + fi + fi +} + +#============================================================================== + function lookup_type_and_lan_or_vswitch_name() { local DEVNO="$1" @@ -506,8 +529,9 @@ function wait_for_net_device() local CMD_FINDNETLINK="find $CCWGROUPBUS_DEVICEDIR/$CCWGROUPDEVNO/ -type l -name net*" local LINKNAME="" + prepare_udevsettle_cmd # polling loop to wait for net device to become available - if [ -e $UDEVSETTLE ] + if [ "$UDEVSETTLE" != "" ] then $UDEVSETTLE_CALL fi -- 2.26.2
