| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Meta's resource control demo project[0] includes a benchmark tool that can
be used to calculate the best iocost solutions for a given SSD.
[0]: https://github.com/facebookexperimental/resctl-demo
A project[1] has now been started to create a publicly available database
of results that can be used to apply them automatically.
[1]: https://github.com/iocost-benchmark/iocost-benchmarks
This change adds a new tool that gets triggered by a udev rule for any
block device and queries the hwdb for known solutions. The format for
the hwdb file that is currently generated by the github action looks like
this:
# This file was auto-generated on Tue, 23 Aug 2022 13:03:57 +0000.
# From the following commit:
# https://github.com/iocost-benchmark/iocost-benchmarks/commit/ca82acfe93c40f21d3b513c055779f43f1126f88
#
# Match key format:
# block:<devpath>:name:<model name>:
# 12 points, MOF=[1.346,1.346], aMOF=[1.249,1.249]
block:*:name:HFS256GD9TNG-62A0A:fwver:*:
IOCOST_SOLUTIONS=isolation isolated-bandwidth bandwidth naive
IOCOST_MODEL_ISOLATION=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
IOCOST_QOS_ISOLATION=rpct=0.00 rlat=8807 wpct=0.00 wlat=59023 min=100.00 max=100.00
IOCOST_MODEL_ISOLATED_BANDWIDTH=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
IOCOST_QOS_ISOLATED_BANDWIDTH=rpct=0.00 rlat=8807 wpct=0.00 wlat=59023 min=100.00 max=100.00
IOCOST_MODEL_BANDWIDTH=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
IOCOST_QOS_BANDWIDTH=rpct=0.00 rlat=8807 wpct=0.00 wlat=59023 min=100.00 max=100.00
IOCOST_MODEL_NAIVE=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
IOCOST_QOS_NAIVE=rpct=99.00 rlat=8807 wpct=99.00 wlat=59023 min=75.00 max=100.00
The IOCOST_SOLUTIONS key lists the solutions available for that device
in the preferred order for higher isolation, which is a reasonable
default for most client systems. This can be overriden to choose better
defaults for custom use cases, like the various data center workloads.
The tool can also be used to query the known solutions for a specific
device or to apply a non-default solution (say, isolation or bandwidth).
Co-authored-by: Santosh Mahto <santosh.mahto@collabora.com>
|
|\
| |
| | |
dissect: add dissection policies
|
| |
| |
| |
| | |
various components
|
|/ |
|
|
|
|
|
| |
Also add definitions for a few names that didn't have them and update
the list in the man page.
|
|
|
|
|
|
|
| |
This drops all mentions of gnu-efi and its manual build machinery. A
future commit will bring bootloader builds back. A new bootloader meson
option is now used to control whether to build sd-boot and its userspace
tooling.
|
|\
| |
| | |
man: mention two missing services
|
| | |
|
| | |
|
|/ |
|
|
|
|
|
|
| |
Follow-up for d71f5b1217986a18e8ddaef3191afddfe731b2d7,
c4ef14dc2a0eaae6b93d41e5c82f50ee86e480a4, and
d622fefc008ce1cd3bf62ced4a606d3b5277b9fa.
|
| |
|
| |
|
|
|
|
|
|
| |
It is now a supported executable, so add manpage.
Fixes https://github.com/systemd/systemd/issues/26289
|
|
|
|
|
|
|
| |
Checking for gnu-efi is not enough, since ukify can be explicitly
disabled.
Resolves: #26274
|
|
|
|
|
|
| |
Same as the sd_pid_* counterparts, but take a pid file descriptor instead of
a pid, so that the callers can be sure that the returned values are really
about the process they asked for, and not about a recycled PID.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd-boot-random-seed.service
This renames systemd-boot-system-token.service to
systemd-boot-random-seed.service and conditions it less strictly.
Previously, the job of the service was to write a "system token" EFI
variable if it was missing. It called "bootctl --graceful random-seed"
for that. With this change we condition it more liberally: instead of
calling it only when the "system token" EFI variable isn't set, we call
it whenever a boot loader interface compatible boot loader is used. This
means, previously it was invoked on the first boot only: now it is
invoked at every boot.
This doesn#t change the command that is invoked. That's because
previously already the "bootctl --graceful random-seed" did two things:
set the system token if not set yet *and* refresh the random seed in the
ESP. Previousy we put the focus on the former, now we shift the focus to
the latter.
With this simple change we can replace the logic
f913c784ad4c93894fd6cb2590738113dff5a694 added, but from a service that
can run much later and doesn't keep the ESP pinned.
|
|\
| |
| | |
ukify: add helper to create UKIs
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Systemd documents "halt" as the primary shutdown mechanism, redirecting
"reboot" and "shutdown" to the halt(8), but halt is a really strange and
obsolete concept. Who would want to really keep their machine running after
shutdown? I expect that halting is almost unused. Let's at least make it less
prominent in the docs.
While at it, use "power off" for a verb and "power-off" for noun (but "poweroff"
of the actual command name).
|
|/
|
|
| |
Forgotten in 85bc6b05491fb4c9f40f8a0e8615ac5321efbea0.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds two more phases to the PCR boot phase logic: "sysinit" +
"final".
The "sysinit" one is placed between sysinit.target and basic.target.
It's good to have a milestone in this place, since this is after all
file systems/LUKS volumes are in place (which sooner or later should
result in measurements of their own) and before services are started
(where we should be able to rely on them to be complete).
This is particularly useful to make certain secrets available for
mounting secondary file systems, but making them unavailable later.
This breaks API in a way (as measurements during runtime will change),
but given that the pcrphase stuff wasn't realeased yet should be OK.
|
|
|
|
|
|
| |
In many (most?) of our event loops we want to exit once SIGTERM/SIGINT
is seen. Add a common helper for that, that does the right things in a
single call.
|
|
|
|
|
|
|
|
|
| |
via sigprocmask()
So far we expected callers to block the signals manually. Which is
usually a good idea, since they should do that before forking off
threads and similar. But let's add a mode where we automatically block
it for the caller, to simplify things.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
For now, this simply outputs the PCR hash values expected for a kernel
image, if it's measured like sd-stub would do it.
(Later on, we can extend the tool, to optionally sign these
pre-calculated measurements, in order to implement signed PCR policies
for disk encryption.)
|
| |
|
| |
|
|
|
|
|
| |
The description for sd_bus_error_set_errnof/sd_bus_error_set_errnofv are
adjusted to use the same pattern.
|
|
|
|
| |
Forgotten in 60f0ba75569312825ff14680d05a4b4f95842951.
|
|
|
|
| |
Gotta start somewhere.
|
|
|
|
|
|
| |
We got documentation for sd-device for the first time with
b51f4eaf7b58f064092215cea9c6fc1c5af5646e, so let's celebrate by adding a
landing page that also explains the relationship with libudev.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
So, typically systemd-boot is referenced as sd-boot, due to te usual
shorter naming in ESP resources. systemd-stub didnt do that so far,
since it never appears as separate files in the ESP. However it's super
annoying that you can find "man sd-boot", but not the very closely
related "man sd-stub". Let's fix that, and also add an "sd-stub" alias
to the "systemd-stub" man page.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
A description of SD_BUS_VTABLE_CAPABILITY is added, and the discussion
on SD_BUS_VTABLE_UNPRIVILEGED in expanded. I think it would be nice
to add longer description of how access is checked (maybe in sd-bus(3)),
but I'm leaving that for later. I think the text that was added here
describes everything, even if tersely.
Fixes #21882.
|
|
|
|
|
|
|
|
|
| |
We expose various other forms of UUID helpers already, i.e.
SD_ID128_UUID_FORMAT_STR and SD_ID128_MAKE_UUID_STR(), and we parse
UUIDs, hence add a high-level helper for formatting UUIDs too.
This doesn't add any new code, it just moves some helpers
id128-util.[ch] → sd-id128.[ch], to make them public.
|
|
|
|
|
|
| |
This should be useful when a host has multiple interfaces.
Inspired by #22246.
|
| |
|
|
|
|
| |
The service also generates .link files for udevd.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
sd_event_add_inotify_fd() is like sd_event_add_inotify(), but takes an
fd to an inode instead of a path, and is hence a ton nicer.
|
|
|
|
|
|
|
| |
This adds support for dm integrity targets and an associated
/etc/integritytab file which is required as the dm integrity device
super block doesn't include all of the required metadata to bring up
the device correctly. See integritytab man page for details.
|
|
|
|
| |
Fixes: #17215
|
|
|
|
| |
id128_to_uuid_string()
|