diff -Nru systemd-229/debian/changelog systemd-229/debian/changelog --- systemd-229/debian/changelog 2021-07-13 10:31:39.000000000 -0300 +++ systemd-229/debian/changelog 2022-03-15 08:17:42.000000000 -0300 @@ -1,3 +1,13 @@ +systemd (229-4ubuntu22.32) xenial-security; urgency=medium + + * systemd fails to start if cgroup2 is mounted + - debian/patches/lp1962332-cgroup2-use-new-fstype-for-unified-hierarchy.patch: + use new fstype for unified hiearchy in src/basic/cgroup-util.c, + src/basic/missing.h, src/core/mount-setup.c, src/nspawn/nspan-cgrou.c, + src/nspawn/nspwan-mount.c. (LP: #1962332) + + -- Leonidas Da Silva Barbosa Tue, 15 Mar 2022 08:14:08 -0300 + systemd (229-4ubuntu21.31+esm1) xenial-security; urgency=medium [ Marc Deslauriers ] diff -Nru systemd-229/debian/patches/lp1962332-cgroup2-use-new-fstype-for-unified-hierarchy.patch systemd-229/debian/patches/lp1962332-cgroup2-use-new-fstype-for-unified-hierarchy.patch --- systemd-229/debian/patches/lp1962332-cgroup2-use-new-fstype-for-unified-hierarchy.patch 1969-12-31 21:00:00.000000000 -0300 +++ systemd-229/debian/patches/lp1962332-cgroup2-use-new-fstype-for-unified-hierarchy.patch 2022-03-08 08:39:09.000000000 -0300 @@ -0,0 +1,91 @@ +From 099619957a0d9ae0e6e5e221493e40fb8fc2cd81 Mon Sep 17 00:00:00 2001 +From: Alban Crequy +Date: Mon, 7 Dec 2015 01:10:50 +0100 +Subject: [PATCH] cgroup2: use new fstype for unified hierarchy + +Since Linux v4.4-rc1, __DEVEL__sane_behavior does not exist anymore and +is replaced by a new fstype "cgroup2". + +With this patch, systemd no longer supports the old (unstable) way of +doing unified hierarchy with __DEVEL__sane_behavior and systemd now +requires Linux v4.4 for unified hierarchy. + +Non-unified hierarchy is still the default and is unchanged by this +patch. + +https://github.com/torvalds/linux/commit/67e9c74b8a873408c27ac9a8e4c1d1c8d72c93ff +--- + src/basic/cgroup-util.c | 2 +- + src/basic/missing.h | 4 ++++ + src/core/mount-setup.c | 2 +- + src/nspawn/nspawn-cgroup.c | 2 +- + src/nspawn/nspawn-mount.c | 2 +- + 5 files changed, 8 insertions(+), 4 deletions(-) + +Index: systemd-229/src/basic/cgroup-util.c +=================================================================== +--- systemd-229.orig/src/basic/cgroup-util.c ++++ systemd-229/src/basic/cgroup-util.c +@@ -2127,7 +2127,7 @@ int cg_unified(void) { + if (statfs("/sys/fs/cgroup/", &fs) < 0) + return -errno; + +- if (F_TYPE_EQUAL(fs.f_type, CGROUP_SUPER_MAGIC)) ++ if (F_TYPE_EQUAL(fs.f_type, CGROUP2_SUPER_MAGIC)) + unified_cache = true; + else if (F_TYPE_EQUAL(fs.f_type, TMPFS_MAGIC)) + unified_cache = false; +Index: systemd-229/src/basic/missing.h +=================================================================== +--- systemd-229.orig/src/basic/missing.h ++++ systemd-229/src/basic/missing.h +@@ -514,6 +514,10 @@ struct btrfs_ioctl_quota_ctl_args { + #define CGROUP_SUPER_MAGIC 0x27e0eb + #endif + ++#ifndef CGROUP2_SUPER_MAGIC ++#define CGROUP2_SUPER_MAGIC 0x63677270 ++#endif ++ + #ifndef TMPFS_MAGIC + #define TMPFS_MAGIC 0x01021994 + #endif +Index: systemd-229/src/core/mount-setup.c +=================================================================== +--- systemd-229.orig/src/core/mount-setup.c ++++ systemd-229/src/core/mount-setup.c +@@ -96,7 +96,7 @@ static const MountPoint mount_table[] = + NULL, MNT_FATAL|MNT_IN_CONTAINER }, + { "tmpfs", "/run/lock", "tmpfs", "mode=1777,size=5242880", MS_NOSUID|MS_NODEV|MS_NOEXEC, + NULL, MNT_FATAL|MNT_IN_CONTAINER }, +- { "cgroup", "/sys/fs/cgroup", "cgroup", "__DEVEL__sane_behavior", MS_NOSUID|MS_NOEXEC|MS_NODEV, ++ { "cgroup", "/sys/fs/cgroup", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, + cg_is_unified_wanted, MNT_FATAL|MNT_IN_CONTAINER }, + { "tmpfs", "/sys/fs/cgroup", "tmpfs", "mode=755", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, + cg_is_legacy_wanted, MNT_FATAL|MNT_IN_CONTAINER }, +Index: systemd-229/src/nspawn/nspawn-cgroup.c +=================================================================== +--- systemd-229.orig/src/nspawn/nspawn-cgroup.c ++++ systemd-229/src/nspawn/nspawn-cgroup.c +@@ -94,7 +94,7 @@ int sync_cgroup(pid_t pid, bool unified_ + if (unified) + r = mount("cgroup", tree, "cgroup", MS_NOSUID|MS_NOEXEC|MS_NODEV, "none,name=systemd,xattr"); + else +- r = mount("cgroup", tree, "cgroup", MS_NOSUID|MS_NOEXEC|MS_NODEV, "__DEVEL__sane_behavior"); ++ r = mount("cgroup", tree, "cgroup2", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL); + if (r < 0) { + r = log_error_errno(errno, "Failed to mount unified hierarchy: %m"); + goto finish; +Index: systemd-229/src/nspawn/nspawn-mount.c +=================================================================== +--- systemd-229.orig/src/nspawn/nspawn-mount.c ++++ systemd-229/src/nspawn/nspawn-mount.c +@@ -750,7 +750,7 @@ static int mount_unified_cgroups(const c + return -EINVAL; + } + +- if (mount("cgroup", p, "cgroup", MS_NOSUID|MS_NOEXEC|MS_NODEV, "__DEVEL__sane_behavior") < 0) ++ if (mount("cgroup", p, "cgroup2", MS_NOSUID|MS_NOEXEC|MS_NODEV, NULL) < 0) + return log_error_errno(errno, "Failed to mount unified cgroup hierarchy to %s: %m", p); + + return 0; diff -Nru systemd-229/debian/patches/series systemd-229/debian/patches/series --- systemd-229/debian/patches/series 2021-07-13 12:05:24.000000000 -0300 +++ systemd-229/debian/patches/series 2022-03-08 08:37:17.000000000 -0300 @@ -158,3 +158,4 @@ lp1913763-udev-rules-add-rule-to-create-dev-ptp_hyperv.patch CVE-2020-13529.patch CVE-2021-33910.patch +lp1962332-cgroup2-use-new-fstype-for-unified-hierarchy.patch