sys-apps/systemd: Move away from cros-workon

Our current cros-workon setup was awkward to use when a new patch
release happened on upstream. In this case we would go to our
`v<VERSION>-flatcar` branch and merge/cherry-pick the commits from
upstream that appeared between the release we have been using so far
and the new release. In such case, our non-upstreamed patches were
hidden somewhere in history. To fix that, I proposed having a branch
for each patch release, so the branch would always be based on an
upstream tag and have our patches on top of that. An alternative
proposition was to just use the Gentoo workflow for patches, and this
is what we are doing here.

This also slightly minimizes the difference between the Gentoo recipe
and ours.

sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0001-sysctl.d-50-default.conf-remove-.all-source-route-se.patch

@@ -0,0 +1,57 @@
+From 25b772a9ec9b4f36e9cd97948c6bafb7765d5113 Mon Sep 17 00:00:00 2001
+From: Thilo Fromm <thilo@kinvolk.io>
+Date: Thu, 10 Sep 2020 11:16:01 +0200
+Subject: [PATCH 1/3] sysctl.d/50-default.conf: remove *, .all source route
+ settings
+
+The rules were added in systemd-245 and break cluster
+networking, e.g. cilium. Please see
+https://github.com/flatcar-linux/Flatcar/issues/181
+for details.
+
+Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
+---
+ sysctl.d/50-default.conf | 21 +++++++++++++++------
+ 1 file changed, 15 insertions(+), 6 deletions(-)
+
+diff --git a/sysctl.d/50-default.conf b/sysctl.d/50-default.conf
+index 14378b24af..82cc49587b 100644
+--- a/sysctl.d/50-default.conf
++++ b/sysctl.d/50-default.conf
+@@ -23,18 +23,27 @@ kernel.core_uses_pid = 1
+ 
+ # Source route verification
+ net.ipv4.conf.default.rp_filter = 2
+-net.ipv4.conf.*.rp_filter = 2
+--net.ipv4.conf.all.rp_filter
++# the below deviates from upstream systemd-245 (and later) since the default
++# rule causes a regression with cluster networking (e.g. cilium; see
++# https://github.com/flatcar-linux/Flatcar/issues/181)
++#net.ipv4.conf.*.rp_filter = 2
++#-net.ipv4.conf.all.rp_filter
+ 
+ # Do not accept source routing
+ net.ipv4.conf.default.accept_source_route = 0
+-net.ipv4.conf.*.accept_source_route = 0
+--net.ipv4.conf.all.accept_source_route
++# the below deviates from upstream systemd-245 (and later) since the default
++# rule causes a regression with cluster networking (e.g. cilium; see
++# https://github.com/flatcar-linux/Flatcar/issues/181)
++#net.ipv4.conf.*.accept_source_route = 0
++#-net.ipv4.conf.all.accept_source_route
+ 
+ # Promote secondary addresses when the primary address is removed
+ net.ipv4.conf.default.promote_secondaries = 1
+-net.ipv4.conf.*.promote_secondaries = 1
+--net.ipv4.conf.all.promote_secondaries
++# the below deviates from upstream systemd-245 (and later) since the default
++# rule causes a regression with cluster networking (e.g. cilium; see
++# https://github.com/flatcar-linux/Flatcar/issues/181)
++#net.ipv4.conf.*.promote_secondaries = 1
++#-net.ipv4.conf.all.promote_secondaries
+ 
+ # ping(8) without CAP_NET_ADMIN and CAP_NET_RAW
+ # The upper limit is set to 2^31-1. Values greater than that get rejected by
+-- 
+2.26.2
+

sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0002-sysctl.d-50-default-better-comments-re-activate-prom.patch

@@ -0,0 +1,58 @@
+From 1e608a8f47e0472e910c08d06014d1ef9ddd0cfc Mon Sep 17 00:00:00 2001
+From: Thilo Fromm <thilo@kinvolk.io>
+Date: Thu, 10 Sep 2020 11:47:53 +0200
+Subject: [PATCH 2/3] sysctl.d/50-default: better comments, re-activate
+ promote_secondaries
+
+This change updates comments as well as re-activates the
+promote_secondaries wildcard since networkd's DHCP relies on this
+(see https://github.com/systemd/systemd/issues/7163)
+
+Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
+---
+ sysctl.d/50-default.conf | 19 ++++++++-----------
+ 1 file changed, 8 insertions(+), 11 deletions(-)
+
+diff --git a/sysctl.d/50-default.conf b/sysctl.d/50-default.conf
+index 82cc49587b..8457fb38aa 100644
+--- a/sysctl.d/50-default.conf
++++ b/sysctl.d/50-default.conf
+@@ -23,27 +23,24 @@ kernel.core_uses_pid = 1
+ 
+ # Source route verification
+ net.ipv4.conf.default.rp_filter = 2
+-# the below deviates from upstream systemd-245 (and later) since the default
+-# rule causes a regression with cluster networking (e.g. cilium; see
+-# https://github.com/flatcar-linux/Flatcar/issues/181)
++# We deviate from upstream systemd-245 (and later) since the new default
++# rp_filter wildcard rule causes a regression with cluster networking
++# (e.g. cilium; see https://github.com/flatcar-linux/Flatcar/issues/181)
+ #net.ipv4.conf.*.rp_filter = 2
+ #-net.ipv4.conf.all.rp_filter
+ 
+ # Do not accept source routing
+ net.ipv4.conf.default.accept_source_route = 0
+-# the below deviates from upstream systemd-245 (and later) since the default
+-# rule causes a regression with cluster networking (e.g. cilium; see
+-# https://github.com/flatcar-linux/Flatcar/issues/181)
++# We deviate from upstream systemd-245 (and later) since the new default
++# source route wildcard rule causes a regression with cluster networking
++# (e.g. cilium; see https://github.com/flatcar-linux/Flatcar/issues/181)
+ #net.ipv4.conf.*.accept_source_route = 0
+ #-net.ipv4.conf.all.accept_source_route
+ 
+ # Promote secondary addresses when the primary address is removed
+ net.ipv4.conf.default.promote_secondaries = 1
+-# the below deviates from upstream systemd-245 (and later) since the default
+-# rule causes a regression with cluster networking (e.g. cilium; see
+-# https://github.com/flatcar-linux/Flatcar/issues/181)
+-#net.ipv4.conf.*.promote_secondaries = 1
+-#-net.ipv4.conf.all.promote_secondaries
++net.ipv4.conf.*.promote_secondaries = 1
++-net.ipv4.conf.all.promote_secondaries
+ 
+ # ping(8) without CAP_NET_ADMIN and CAP_NET_RAW
+ # The upper limit is set to 2^31-1. Values greater than that get rejected by
+-- 
+2.26.2
+

sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0003-sysctl.d-50-default.conf-re-activate-default-accept_.patch

@@ -0,0 +1,32 @@
+From 5b1ed0e98a8a8225dc3f662483287a380643ab96 Mon Sep 17 00:00:00 2001
+From: Thilo Fromm <thilo@kinvolk.io>
+Date: Thu, 10 Sep 2020 13:39:14 +0200
+Subject: [PATCH 3/3] sysctl.d/50-default.conf: re-activate default
+ accept_source_route
+
+Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
+---
+ sysctl.d/50-default.conf | 7 ++-----
+ 1 file changed, 2 insertions(+), 5 deletions(-)
+
+diff --git a/sysctl.d/50-default.conf b/sysctl.d/50-default.conf
+index 8457fb38aa..b7dd7c7ef3 100644
+--- a/sysctl.d/50-default.conf
++++ b/sysctl.d/50-default.conf
+@@ -31,11 +31,8 @@ net.ipv4.conf.default.rp_filter = 2
+ 
+ # Do not accept source routing
+ net.ipv4.conf.default.accept_source_route = 0
+-# We deviate from upstream systemd-245 (and later) since the new default
+-# source route wildcard rule causes a regression with cluster networking
+-# (e.g. cilium; see https://github.com/flatcar-linux/Flatcar/issues/181)
+-#net.ipv4.conf.*.accept_source_route = 0
+-#-net.ipv4.conf.all.accept_source_route
++net.ipv4.conf.*.accept_source_route = 0
++-net.ipv4.conf.all.accept_source_route
+ 
+ # Promote secondary addresses when the primary address is removed
+ net.ipv4.conf.default.promote_secondaries = 1
+-- 
+2.26.2
+

sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild

@@ -7,29 +7,25 @@
 
 EAPI=7
 
-# Flatcar: Use cros setup
-CROS_WORKON_PROJECT="flatcar-linux/systemd"
-CROS_WORKON_REPO="git://github.com"
-
 if [[ ${PV} == 9999 ]]; then
-	# Flatcar: Use cros setup
-	# Use ~arch instead of empty keywords for compatibility with cros-workon
-	KEYWORDS="~amd64 ~arm64 ~arm ~x86"
+	EGIT_REPO_URI="https://github.com/systemd/systemd.git"
+	inherit git-r3
 else
-	# Flatcar: Use cros setup
-	CROS_WORKON_COMMIT="5b1ed0e98a8a8225dc3f662483287a380643ab96" # v246-flatcar
-	KEYWORDS="~alpha amd64 ~arm arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
+	if [[ ${PV} == *.* ]]; then
+		MY_PN=systemd-stable
+	else
+		MY_PN=systemd
+	fi
+	MY_PV=${PV/_/-}
+	MY_P=${MY_PN}-${MY_PV}
+	S=${WORKDIR}/${MY_P}
+	SRC_URI="https://github.com/systemd/${MY_PN}/archive/v${MY_PV}/${MY_P}.tar.gz"
+	KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 sparc x86"
 fi
 
 # Flatcar: We still have python 3.5, and have no python3.8 yet.
 PYTHON_COMPAT=( python3_{5,6,7} )
 
-# Flatcar: cros-workon must be imported first, in cases where
-# cros-workon and another eclass exports the same function (say
-# src_compile) we want the later eclass's version to win. Only need
-# src_unpack from workon.
-inherit cros-workon
-
 inherit bash-completion-r1 linux-info meson multilib-minimal ninja-utils pam python-any-r1 systemd toolchain-funcs udev user
 
 DESCRIPTION="System and service manager for Linux"
@@ -175,12 +171,26 @@ pkg_setup() {
 
 src_unpack() {
 	default
-	# Flatcar: Use cros setup.
-	cros-workon_src_unpack
+	[[ ${PV} != 9999 ]] || git-r3_src_unpack
 }
 
 src_prepare() {
-	# Flatcar: We don't have separate patches, so no patching code here.
+	# Do NOT add patches here
+	local PATCHES=()
+
+	[[ -d "${WORKDIR}"/patches ]] && PATCHES+=( "${WORKDIR}"/patches )
+
+	# Add local patches here
+	PATCHES+=(
+		# Flatcar: Adding our own patches here.
+		"${FILESDIR}/0001-sysctl.d-50-default.conf-remove-.all-source-route-se.patch"
+		"${FILESDIR}/0002-sysctl.d-50-default-better-comments-re-activate-prom.patch"
+		"${FILESDIR}/0003-sysctl.d-50-default.conf-re-activate-default-accept_.patch"
+	)
+
+	# Flatcar: We carry our own patches, we don't use the ones
+	# from Gentoo. Thus we dropped the `if ! use vanilla` code
+	# here.
 	#
 	# Flatcar: Use the resolv.conf managed by systemd-resolved.
 	# This shouldn't be necessary anymore. Added because of a bug