systemd security, bug fix, and enhancement update

[239-18.0.1]

• fix _netdev is missing for iscsi entry in /etc/fstab ([email protected]) [Orabug: 25897792]
• set ‘RemoveIPC=no’ in logind.conf as default for OL7.2 [Orabug: 22224874]
• allow dm remove ioctl to co-operate with UEK3 (Vaughan Cao) [Orabug: 18467469]
• add hv dynamic memory support (Jerry Snitselaar) [Orabug: 18621475]
• Backport upstream patches for the new systemd-pstore tool (Eric DeVolder) [OraBug: 30230056]
  [239-18]
• shared/but-util: drop trusted annotation from bus_open_system_watch_bind_with_description() (#1746857)
• sd-bus: adjust indentation of comments (#1746857)
• resolved: do not run loop twice (#1746857)
• resolved: allow access to Set*Link and Revert methods through polkit (#1746857)
• resolved: query polkit only after parsing the data (#1746857)
  [239-17]
• mount: simplify /proc/self/mountinfo handler (#1696178)
• mount: rescan /proc/self/mountinfo before processing waitid() results (#1696178)
• swap: scan /proc/swaps before processing waitid() results (#1696178)
• analyze-security: fix potential division by zero (#1734400)
  [239-16]
• sd-bus: deal with cookie overruns (#1694999)
• journal-remote: do not request Content-Length if Transfer-Encoding is chunked (#1708849)
• journal: do not remove multiple spaces after identifier in syslog message (#1691817)
• cryptsetup: Do not fallback to PLAIN mapping if LUKS data device set fails. (#1719153)
• cryptsetup: call crypt_load() for LUKS only once (#1719153)
• cryptsetup: Add LUKS2 token support. (#1719153)
• udev/scsi_id: fix incorrect page length when get device identification VPD page (#1713227)
• Change job mode of manager triggered restarts to JOB_REPLACE (#11456
• bash-completion: analyze: support ‘security’ (#1733395)
• man: note that journal does not validate syslog fields (#1707175)
• rules: skip memory hotplug on ppc64 (#1713159)
  [239-15]
• tree-wide: shorten error logging a bit (#1697893)
• nspawn: simplify machine terminate bus call (#1697893)
• nspawn: merge two variable declaration lines (#1697893)
• nspawn: rework how we allocate/kill scopes (#1697893)
• unit: enqueue cgroup empty check event if the last ref on a unit is dropped (#1697893)
• Revert ‘journal: remove journal audit socket’ (#1699287)
• journal: dont enable systemd-journald-audit.socket by default (#1699287)
• logs-show: use grey color for de-emphasizing journal log output (#1695601)
• units: add [Install] section to tmp.mount (#1667065)
• nss: do not modify errno when NSS_STATUS_NOTFOUND or NSS_STATUS_SUCCESS (#1691691)
• util.h: add new UNPROTECT_ERRNO macro (#1691691)
• nss: unportect errno before writing to NSS *errnop (#1691691)
• seccomp: reduce logging about failure to add syscall to seccomp (#1658691)
• format-table: when duplicating a cell, also copy the color (#1689832)
• format-table: optionally make specific cells clickable links (#1689832)
• format-table: before outputting a color, check if colors are available (#1689832)
• format-table: add option to store/format percent and uint64_t values in cells (#1689832)
• format-table: optionally allow reversing the sort order for a column (#1689832)
• format-table: add table_update() to update existing entries (#1689832)
• format-table: add an API for getting the cell at a specific row/column (#1689832)
• format-table: always underline header line (#1689832)
• format-table: add calls to query the data in a specific cell (#1689832)
• format-table: make sure we never call memcmp() with NULL parameters (#1689832)
• format-table: use right field for display (#1689832)
• format-table: add option to uppercase cells on display (#1689832)
• format-table: never try to reuse cells that have color/url/uppercase set (#1689832)
• locale-util: add logic to output smiley emojis at various happiness levels (#1689832)
• analyze: add new security verb (#1689832)
• tests: add a rudimentary fuzzer for server_process_syslog_message (#9979) (#1696224)
• journald: make it clear that dev_kmsg_record modifies the string passed to it (#1696224)
• journald: free the allocated memory before returning from dev_kmsg_record (#1696224)
• tests: rework the code fuzzing journald (#1696224)
• journald: make server_process_native_message compatible with fuzz_journald_processing_function (#1696224)
• tests: add a fuzzer for server_process_native_message (#1696224)
• tests: add a fuzzer for sd-ndisc (#1696224)
• ndisc: fix two infinite loops (#1696224)
• tests: add reproducers for several issues uncovered with fuzz-journald-syslog (#1696224)
• tests: add a reproducer for an infinite loop in ndisc_handle_datagram (#1696224)
• tests: add a reproducer for another infinite loop in ndisc_handle_datagram (#1696224)
• fuzz: rename ‘fuzz-corpus’ directory to just ‘fuzz’ (#1696224)
• test: add testcase for issue 10007 by oss-fuzz (#1696224)
• fuzz: unify the ‘fuzz-regressions’ directory with the main corpus (#1696224)
• test-bus-marshal: use cescaping instead of hexmem (#1696224)
• meson: add -Dlog-trace to set LOG_TRACE (#1696224)
• meson: allow building resolved and machined without nss modules (#1696224)
• meson: drop duplicated condition (#1696224)
• meson: use .source_root() in more places (#1696224)
• meson: treat all fuzz cases as unit tests (#1696224)
• fuzz-bus-message: add fuzzer for message parsing (#1696224)
• bus-message: use structured initialization to avoid use of unitialized memory (#1696224)
• bus-message: avoid an infinite loop on empty structures (#1696224)
• bus-message: lets always use -EBADMSG when the message is bad (#1696224)
• bus-message: rename function for clarity (#1696224)
• bus-message: use define (#1696224)
• bus: do not print (null) if the message has unknown type (#1696224)
• bus-message: fix calculation of offsets table (#1696224)
• bus-message: remove duplicate assignment (#1696224)
• bus-message: fix calculation of offsets table for arrays (#1696224)
• bus-message: drop asserts in functions which are wrappers for varargs version (#1696224)
• bus-message: output debug information about offset troubles (#1696224)
• bus-message: fix skipping of array fields in !gvariant messages (#1696224)
• bus-message: also properly copy struct signature when skipping (#1696224)
• fuzz-bus-message: add two test cases that pass now (#1696224)
• bus-message: return -EBADMSG not -EINVAL on invalid !gvariant messages (#1696224)
• bus-message: avoid wrap-around when using length read from message (#1696224)
• util: do not use stack frame for parsing arbitrary inputs (#1696224)
• travis: enable ASan and UBSan on RHEL8 (#1683319)
• tests: keep SYS_PTRACE when running under ASan (#1683319)
• tree-wide: various ubsan zero size memory fixes (#1683319)
• util: introduce memcmp_safe() (#1683319)
• test-socket-util: avoid ‘memleak’ reported by valgrind (#1683319)
• sd-journal: escape binary data in match_make_string() (#1683319)
• capability: introduce CAP_TO_MASK_CORRECTED() macro replacing CAP_TO_MASK() (#1683319)
• sd-bus: use size_t when dealing with memory offsets (#1683319)
• sd-bus: call cap_last_cap() only once in has_cap() (#1683319)
• mount-point: honour AT_SYMLINK_FOLLOW correctly (#1683319)
• travis: switch from trusty to xenial (#1683319)
• test-socket-util: Add tests for receive_fd_iov() and friends. (#1683319)
• socket-util: Introduce send_one_fd_iov() and receive_one_fd_iov() (#1683319)
• core: swap order of ‘n_storage_fds’ and ‘n_socket_fds’ parameters (#1683334)
• execute: use our usual syntax for defining bit masks (#1683334)
• core: introduce new Type=exec service type (#1683334)
• man: document the new Type=exec type (#1683334)
• sd-bus: allow connecting to the pseudo-container ‘.host’ (#1683334)
• sd-login: lets also make sd-login understand ‘.host’ (#1683334)
• test: add test for Type=exec (#1683334)
• journal-gateway: explicitly declare local variables (#1705971)
• tools: drop unused variable (#1705971)
• journal-gateway: use localStorage[‘cursor’] only when it has valid value (#1705971)
  [239-14]
• rules: implement new memory hotplug policy (#1670728)
• rules: add the rule that adds elevator= kernel command line parameter (#1670126)
• bus-socket: Fix line_begins() to accept word matching full string (#1692991)
• Refuse dbus message paths longer than BUS_PATH_SIZE_MAX limit. (#1678641)
• Allocate temporary strings to hold dbus paths on the heap (#1678641)
• sd-bus: if we receive an invalid dbus message, ignore and proceeed (#1678641)
• Revert 'core: one step back again, for nspawn we actually can’t wait for cgroups running empty since systemd will get exactly zero notifications about it (#1703485)