From 66760e12935cf0e9fe782294b9d9412f87f144fb Mon Sep 17 00:00:00 2001
From: Brandon Philips <brandon@ifup.co>
Date: Tue, 18 Mar 2014 22:00:09 -0700
Subject: [PATCH 1/3] fix(oem-gce): use cloud-config instead of run

---
 .../coreos-base/oem-gce/files/cloud-config.yml     | 14 ++++++++++++++
 .../coreos-base/oem-gce/files/{run => gce-ssh-key} |  0
 .../coreos-base/oem-gce/oem-gce-0.0.1.ebuild       |  8 +++++---
 3 files changed, 19 insertions(+), 3 deletions(-)
 create mode 100644 sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/cloud-config.yml
 rename sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/{run => gce-ssh-key} (100%)

diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/cloud-config.yml b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/cloud-config.yml
new file mode 100644
index 0000000000..691e93a139
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/cloud-config.yml
@@ -0,0 +1,14 @@
+#cloud-config
+
+coreos:
+    units:
+      - name: ec2-ssh-key.service
+        runtime: yes
+        content: |
+          [Unit]
+          Description=Sets SSH key from metadata
+
+          [Service]
+          Type=oneshot
+          StandardOutput=journal+console
+          ExecStart=/usr/share/oem/bin/gce-ssh-key
diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/run b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/gce-ssh-key
similarity index 100%
rename from sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/run
rename to sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/gce-ssh-key
diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-0.0.1.ebuild
index d4bb019993..f212cc7651 100644
--- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-0.0.1.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-0.0.1.ebuild
@@ -15,10 +15,12 @@ IUSE=""
 # no source directory
 S="${WORKDIR}"
 
+RDEPEND="dev-lang/python"
+
 src_install() {
-	exeinto "/"
-	doexe ${FILESDIR}/run
+	into "/"
+	dobin ${FILESDIR}/gce-ssh-key
 
 	insinto "/"
-	doins ${FILESDIR}/oem-release
+	doins ${FILESDIR}/cloud-config.yml
 }

From 650c8e50b51eef85ad3801cc5eb4b70a99771ba6 Mon Sep 17 00:00:00 2001
From: Brandon Philips <brandon@ifup.co>
Date: Wed, 19 Mar 2014 06:10:00 -0700
Subject: [PATCH 2/3] fix(sys-apps/systemd): add dhcp fix for gce

Thanks to Tom Gundersen for the quick fix.
---
 .../coreos-base/oem-gce/oem-gce-0.0.1.ebuild  |  2 --
 ...lient-accept-infinite-lease-lifetime.patch | 29 +++++++++++++++++++
 ...md-211-r3.ebuild => systemd-211-r4.ebuild} |  3 ++
 3 files changed, 32 insertions(+), 2 deletions(-)
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/211-0001-sd-dhcp-client-accept-infinite-lease-lifetime.patch
 rename sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/{systemd-211-r3.ebuild => systemd-211-r4.ebuild} (99%)

diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-0.0.1.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-0.0.1.ebuild
index f212cc7651..7d4861cc9e 100644
--- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-0.0.1.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-0.0.1.ebuild
@@ -15,8 +15,6 @@ IUSE=""
 # no source directory
 S="${WORKDIR}"
 
-RDEPEND="dev-lang/python"
-
 src_install() {
 	into "/"
 	dobin ${FILESDIR}/gce-ssh-key
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/211-0001-sd-dhcp-client-accept-infinite-lease-lifetime.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/211-0001-sd-dhcp-client-accept-infinite-lease-lifetime.patch
new file mode 100644
index 0000000000..0750ed0cd2
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/211-0001-sd-dhcp-client-accept-infinite-lease-lifetime.patch
@@ -0,0 +1,29 @@
+From 7bf2f4397255bc8f6cf20a0f2adab4c984ea7d14 Mon Sep 17 00:00:00 2001
+From: Tom Gundersen <teg@jklm.no>
+Date: Wed, 19 Mar 2014 10:41:29 +0100
+Subject: [PATCH] sd-dhcp-client: accept infinite lease lifetime
+
+Otherwise we would fail with -EINVAL. Thanks to Brandon Philips
+<brandon.philips@coreos.com>, for reporting the bug.
+---
+ src/libsystemd-network/sd-dhcp-client.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c
+index 8411141..ce375dd 100644
+--- a/src/libsystemd-network/sd-dhcp-client.c
++++ b/src/libsystemd-network/sd-dhcp-client.c
+@@ -747,6 +747,10 @@ static int client_set_lease_timeouts(sd_dhcp_client *client, uint64_t usec) {
+         assert(client);
+         assert(client->event);
+ 
++        /* don't set timers for infinite leases */
++        if (client->lease->lifetime == 0xffffffff)
++                return 0;
++
+         if (client->lease->lifetime < 10)
+                 return -EINVAL;
+ 
+-- 
+1.8.5.2 (Apple Git-48)
+
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-211-r3.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-211-r4.ebuild
similarity index 99%
rename from sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-211-r3.ebuild
rename to sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-211-r4.ebuild
index 86c7980158..95a03f535c 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-211-r3.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-211-r4.ebuild
@@ -132,6 +132,9 @@ src_prepare() {
 	# dns feature for more than one server
 	epatch "${FILESDIR}"/211-networkd-allow-more-than-one-static-dns-server.patch
 
+	# patch to fix dhcp on gce
+	epatch "${FILESDIR}"/211-0001-sd-dhcp-client-accept-infinite-lease-lifetime.patch
+
 if [[ ${PV} == *9999 ]]; then
 	if use doc; then
 		gtkdocize --docdir docs/ || die

From 40c707632d0e7871bfdbaff22f70aaf18dace97a Mon Sep 17 00:00:00 2001
From: Brandon Philips <brandon@ifup.co>
Date: Thu, 20 Mar 2014 11:34:54 -0700
Subject: [PATCH 3/3] fix(sys-apps/systemd): explicitly route to the gateway

Fix sent and pending upstream.
---
 ...reate-explicit-host-route-to-gateway.patch | 66 +++++++++++++++++++
 .../sys-apps/systemd/systemd-211-r4.ebuild    |  3 +-
 2 files changed, 68 insertions(+), 1 deletion(-)
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0001-network-dhcp-create-explicit-host-route-to-gateway.patch

diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0001-network-dhcp-create-explicit-host-route-to-gateway.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0001-network-dhcp-create-explicit-host-route-to-gateway.patch
new file mode 100644
index 0000000000..e1427e11fb
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/files/0001-network-dhcp-create-explicit-host-route-to-gateway.patch
@@ -0,0 +1,66 @@
+From 2b1ce33baa29bddf5367c0bcfcfb884e36641cc7 Mon Sep 17 00:00:00 2001
+From: Brandon Philips <brandon@ifup.co>
+Date: Thu, 20 Mar 2014 11:28:12 -0700
+Subject: [PATCH] network: dhcp: create explicit host route to gateway
+
+Some DHCP servers gives you a netmask of 255.255.255.255 so the gateway is not
+routable. Other DHCP client implementations look through the existing routes to
+figure out if they should add an explicit host route. See below for a link.
+
+However, it makes sense to just create the route explicitly whether it is
+needed or not since it is explicit, makes the dhcp route entries independent of
+other entries and saves us from knowing the state of the kernel tables.
+
+The code from dhcpcd that works around this issue is on line 637.
+https://android.googlesource.com/platform/external/dhcpcd/+/master/configure.c
+---
+ src/network/networkd-link.c | 26 ++++++++++++++++++++++++++
+ 1 file changed, 26 insertions(+)
+
+diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
+index 275ad97..8077ac7 100644
+--- a/src/network/networkd-link.c
++++ b/src/network/networkd-link.c
+@@ -237,6 +237,8 @@ static int link_enter_set_routes(Link *link) {
+ 
+         if (link->dhcp_lease) {
+                 _cleanup_route_free_ Route *route = NULL;
++                _cleanup_route_free_ Route *route_gw = NULL;
++                struct in_addr netmask;
+                 struct in_addr gateway;
+ 
+                 r = sd_dhcp_lease_get_router(link->dhcp_lease, &gateway);
+@@ -253,6 +255,30 @@ static int link_enter_set_routes(Link *link) {
+                         return r;
+                 }
+ 
++                r = route_new_dynamic(&route_gw);
++                if (r < 0) {
++                        log_error_link(link, "Could not allocate route: %s",
++                                       strerror(-r));
++                        return r;
++                }
++
++                /* The dhcp netmask may mask out the gateway. Add an explicit
++                 * route for the gw host so that we can route no matter the
++                 * netmask or existing kernel route tables. */
++                route_gw->family = AF_INET;
++                route_gw->dst_addr.in = gateway;
++                route_gw->dst_prefixlen = 32;
++                route_gw->scope = RT_SCOPE_LINK;
++
++                r = route_configure(route_gw, link, &route_handler);
++                if (r < 0) {
++                        log_warning_link(link,
++                                         "could not set host route: %s", strerror(-r));
++                        return r;
++                }
++
++                link->route_messages ++;
++
+                 route->family = AF_INET;
+                 route->in_addr.in = gateway;
+ 
+-- 
+1.8.5.2 (Apple Git-48)
+
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-211-r4.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-211-r4.ebuild
index 95a03f535c..5679ca4513 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-211-r4.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-211-r4.ebuild
@@ -132,8 +132,9 @@ src_prepare() {
 	# dns feature for more than one server
 	epatch "${FILESDIR}"/211-networkd-allow-more-than-one-static-dns-server.patch
 
-	# patch to fix dhcp on gce
+	# patches to fix dhcp on gce
 	epatch "${FILESDIR}"/211-0001-sd-dhcp-client-accept-infinite-lease-lifetime.patch
+	epatch "${FILESDIR}"/0001-network-dhcp-create-explicit-host-route-to-gateway.patch
 
 if [[ ${PV} == *9999 ]]; then
 	if use doc; then