From 27168c56bfbf8b1997a12b5ef0b4d345cd70dfb2 Mon Sep 17 00:00:00 2001
From: Markus Boehme <markubo@amazon.com>
Date: Thu, 9 Nov 2023 15:07:14 +0000
Subject: [PATCH] systemd: stop building gpt-auto-generator to avoid remounting
 /boot

During boot prairiedog figures out which partition bank is in use and
mounts the correct boot partition containing the kernel binary and
configuration at /boot. When an x86 system booted via BIOS/CSM, it was
observed that at some point after boot the EFI System Partition would be
mounted at /boot instead.

The cause for the unexpected remount is systemd-gpt-auto-generator, a
generator running during systemd start that creates mount and automount
units for well-known partition GUIDs. This undoes the work previously
performed by prairiedog. Convincing gpt-auto-generator to do right by
Bottlerocket would involve changing partition GUIDs and implementing
logic for the GPT priority fields. Alternatively, gpt-auto-generator can
be disabled at boot via the `systemd.gpt_auto=0` kernel command line
option, leaving the work of mounting partitions to prairiedog and other
already existing mount units.

Since we would disable the gpt-auto-generator via the kernel command
line for all variants, we might as well stop building and shipping it.
Add a local patch to allow selecting/deselecting gpt-auto-generator at
build-time and actually deselect it.

Signed-off-by: Markus Boehme <markubo@amazon.com>
---
 ...uto-generator-selectable-at-build-ti.patch | 66 +++++++++++++++++++
 packages/systemd/systemd.spec                 |  5 ++
 2 files changed, 71 insertions(+)
 create mode 100644 packages/systemd/9014-meson-make-gpt-auto-generator-selectable-at-build-ti.patch

diff --git a/packages/systemd/9014-meson-make-gpt-auto-generator-selectable-at-build-ti.patch b/packages/systemd/9014-meson-make-gpt-auto-generator-selectable-at-build-ti.patch
new file mode 100644
index 00000000000..82f88f6b99e
--- /dev/null
+++ b/packages/systemd/9014-meson-make-gpt-auto-generator-selectable-at-build-ti.patch
@@ -0,0 +1,66 @@
+From 33a689a000d56444ed47803b2fbec4376814e633 Mon Sep 17 00:00:00 2001
+From: Markus Boehme <markubo@amazon.com>
+Date: Thu, 9 Nov 2023 15:02:14 +0000
+Subject: [PATCH] meson: make gpt-auto-generator selectable at build-time
+
+Signed-off-by: Markus Boehme <markubo@amazon.com>
+---
+ meson.build       | 21 ++++++++++++---------
+ meson_options.txt |  2 ++
+ 2 files changed, 14 insertions(+), 9 deletions(-)
+
+diff --git a/meson.build b/meson.build
+index 3bef553..16421ce 100644
+--- a/meson.build
++++ b/meson.build
+@@ -1851,6 +1851,7 @@ foreach term : ['analyze',
+                 'efi',
+                 'environment-d',
+                 'firstboot',
++                'gpt-auto-generator',
+                 'gshadow',
+                 'hibernate',
+                 'hostnamed',
+@@ -2424,15 +2425,17 @@ if conf.get('ENABLE_HIBERNATE') == 1
+ endif
+ 
+ if conf.get('HAVE_BLKID') == 1
+-        executable(
+-                'systemd-gpt-auto-generator',
+-                'src/gpt-auto-generator/gpt-auto-generator.c',
+-                include_directories : includes,
+-                link_with : [libshared],
+-                dependencies : libblkid,
+-                install_rpath : rootpkglibdir,
+-                install : true,
+-                install_dir : systemgeneratordir)
++        if conf.get('ENABLE_GPT_AUTO_GENERATOR') == 1
++                executable(
++                        'systemd-gpt-auto-generator',
++                        'src/gpt-auto-generator/gpt-auto-generator.c',
++                        include_directories : includes,
++                        link_with : [libshared],
++                        dependencies : libblkid,
++                        install_rpath : rootpkglibdir,
++                        install : true,
++                        install_dir : systemgeneratordir)
++        endif
+ 
+         public_programs += executable(
+                 'systemd-dissect',
+diff --git a/meson_options.txt b/meson_options.txt
+index 26dfab5..2df5361 100644
+--- a/meson_options.txt
++++ b/meson_options.txt
+@@ -176,6 +176,8 @@ option('html', type : 'combo', choices : ['auto', 'true', 'false'],
+        description : 'build and install html pages')
+ option('translations', type : 'boolean', value : true,
+        description : 'build and install translations')
++option('gpt-auto-generator', type : 'boolean', value : true,
++       description : 'build and install systemd-gpt-auto-generator')
+ 
+ option('certificate-root', type : 'string', value : '/etc/ssl',
+        description : 'the prefix for TLS certificates')
+-- 
+2.40.1
+
diff --git a/packages/systemd/systemd.spec b/packages/systemd/systemd.spec
index 805ad071901..8fd4e9be135 100644
--- a/packages/systemd/systemd.spec
+++ b/packages/systemd/systemd.spec
@@ -70,6 +70,10 @@ Patch9012: 9012-core-mount-increase-mount-rate-limit-burst-to-25.patch
 # lease in EC2.
 Patch9013: 9013-sd-dhcp-lease-parse-multiple-domains-in-option-15.patch
 
+# Local patch that allows to deselect systemd-gpt-auto-generator. We deselect
+# it since prairiedog mounts /boot depending on the partition bank in use.
+Patch9014: 9014-meson-make-gpt-auto-generator-selectable-at-build-ti.patch
+
 BuildRequires: gperf
 BuildRequires: intltool
 BuildRequires: meson
@@ -192,6 +196,7 @@ CONFIGURE_OPTS=(
  -Dman=false
  -Dhtml=false
  -Dtranslations=false
+ -Dgpt-auto-generator=false
  -Dlog-message-verification=false
 
  -Dcertificate-root='%{_cross_sysconfdir}/ssl'