From 977dc1ac484e0c201b30f551e5f2d1d32e27eccf Mon Sep 17 00:00:00 2001 From: Brad Bishop Date: Wed, 6 Feb 2019 16:01:43 -0500 Subject: poky: refresh thud: 1d987b98ed..ee7dd31944 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Update poky to thud HEAD. Alex Kiernan (2): systemd: backport fix to stop enabling ECN systemd: Add PACKAGECONFIG for gnutls Alexander Kanavin (3): lighttpd: update to 1.4.51 boost: update to 1.69.0 systemd: backport a patch to fix meson 0.49.0 issue Alexey Brodkin (1): wic: sdimage-bootpart: Use mmcblk0 drive instead of bogus mmcblk André Draszik (1): meta: remove True option to getVar calls (again) Anuj Mittal (6): eudev: upgrade 3.2.5 -> 3.2.7 gsettings-desktop-schemas: upgrade 3.28.0 -> 3.28.1 libatomic-ops: upgrade 7.6.6 -> 7.6.8 libpng: upgrade 1.6.35 -> 1.6.36 common-licenses: update Libpng license text i2c-tools: upgrade 4.0 -> 4.1 Aníbal Limón (1): meta/classes/testimage.bbclass: Only validate IMAGE_FSTYPES when is QEMU Armin Kuster (1): tzdata/tzcode-native: update to 2018i Brad Bishop (1): systemd-systemctl-native: handle Install wildcards Bruce Ashfield (3): kernel: use olddefconfig as the primary target for KERNEL_CONFIG_COMMAND linux-yocto/4.18: update to v4.18.22 linux-yocto/4.18: update to v4.18.25 Changqing Li (1): libsndfile1: Security fix CVE-2017-17456/17457 CVE-2018-19661/19662 Chen Qi (3): package.bbclass: fix python unclosed file ResourceWarning eSDK.py: avoid error in tearDownClass due to race condistion eSDK.py: unset BBPATH and BUILDDIR to avoid eSDK failure Douglas Royds (6): icecc: readlink -f on the recipe-sysroot gcc/g++ icecc: Trivial simplification icecc: Syntax error meant that we weren't waiting for tarball generation icecc: Don't generate recipe-sysroot symlinks at recipe-parsing time icecc: patchelf is needed by icecc-create-env patch: reproducibility: Fix host umask leakage Erik Botö (1): testimage: Add possibility to pass parmeters to qemu Federico Sauter (1): kernel: don't assign the build user/host Joshua Watt (1): classes/testsdk: Split implementation into classes Kai Kang (2): testimage.bbclass: remove boot parameter systemd.log_target systemd: fix compile error for x32 Kevin Hao (1): meta-yocto-bsp: Bump to the latest stable kernel for the non-x86 BSPs Khem Raj (6): grub2: Fix passing null to printf formats gnupg: Upgrade to 2.2.12 release binutils: Fix build with clang binutils: Upgrade to latest on 2.31 release branch binutils: bfd doesn't handle ELF compressed data alignment systemd: Fix memory use after free errors Manjukumar Matha (1): kernel.bbclass: Fix incorrect deploying of fitimage.initramfs Marcus Cooper (3): systemd: Security fix CVE-2018-16864 systemd: Security fix CVE-2018-16865 systemd: Security fix CVE-2018-16866 Michael Ho (1): sstate: add support for caching shared workdir tasks Naveen Saini (2): linux-yocto: update genericx86* SRCREV for 4.18 linux-yocto: update genericx86* SRCREV for 4.18 Peter Kjellerstedt (2): systemd: Correct and clean up user/group definitions systemd: Correct a conditional add to SYSTEMD_PACKAGES Richard Purdie (9): nativesdk-*-provides-dummy: Fixes to allow correct operation with opkg classes: Correctly markup regex strings testimage: Remove duplicate dependencies testimage: Simplfy DEFAULT_TEST_SUITES logic testimage: Further cleanup DEFAULT_TEST_SUITES testimage: Enable autorunning of the package manager testsuites oeqa/runtime/cases: Improve test dependency information oeqa/runtime/cases: Improve dependencies of kernel/gcc/build tests oeqa/utils/buildproject: Only clean files if we've done something Robert Yang (7): oeqa/utils/qemurunner: Print output when failed to login oeqa/utils/qemurunner: set timeout to 60s for run_serial oeqa: Fix for QEMU_USE_KVM oeqa: make it work for multiple users runqemu-gen-tapdevs: Allow run --help without sudo oeqa/manual/bsp-qemu.json: Update for QEMU_USE_KVM oeqa/selftest/runqemu: Enable kvm when QEMU_USE_KVM is set Ross Burton (2): toolchain-scripts: run post-relocate scripts for every environment runqemu: clean up subprocess usage Yeoh Ee Peng (3): scripts/oe-git-archive: fix non-existent key referencing error testimage: Add support for slirp oeqa/qemu & runtime: qemu do not need ip input from external OpenBMC compatibility updates: meta-phosphor: Brad Bishop (1): phosphor: rebase i2c-tools patches Change-Id: Idc626fc076580aeebde1420bcad01e069b559504 Signed-off-by: Brad Bishop --- poky/meta/recipes-core/meta/dummy-sdk-package.inc | 4 +- .../meta/nativesdk-buildtools-perl-dummy.bb | 22 ++- .../meta/nativesdk-sdk-provides-dummy.bb | 1 - .../recipes-core/meta/target-sdk-provides-dummy.bb | 27 +++ poky/meta/recipes-core/systemd/systemd-boot_239.bb | 3 +- ...tl.d-request-ECN-on-both-in-and-outgoing-.patch | 36 ++++ .../0001-meson-rename-Ddebug-to-Ddebug-extra.patch | 45 +++++ ...l-Don-t-pass-null-directive-argument-to-s.patch | 31 ++++ ...ync-changes-type-of-drift_freq-to-int64_t.patch | 49 +++++ ...Fix-use-after-free-case-in-load_from_path.patch | 43 +++++ ...-not-store-the-iovec-entry-for-process-co.patch | 204 +++++++++++++++++++++ ...ld-set-a-limit-on-the-number-of-fields-1k.patch | 56 ++++++ ...ote-set-a-limit-on-the-number-of-fields-i.patch | 84 +++++++++ .../0027-journal-fix-syslog_parse_identifier.patch | 77 ++++++++ ...not-remove-multiple-spaces-after-identifi.patch | 84 +++++++++ poky/meta/recipes-core/systemd/systemd_239.bb | 35 +++- poky/meta/recipes-core/udev/eudev_3.2.5.bb | 96 ---------- poky/meta/recipes-core/udev/eudev_3.2.7.bb | 96 ++++++++++ 18 files changed, 882 insertions(+), 111 deletions(-) create mode 100644 poky/meta/recipes-core/systemd/systemd/0001-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/0001-meson-rename-Ddebug-to-Ddebug-extra.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/0001-sysctl-Don-t-pass-null-directive-argument-to-s.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/0001-timesync-changes-type-of-drift_freq-to-int64_t.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/0002-core-Fix-use-after-free-case-in-load_from_path.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/0024-journald-do-not-store-the-iovec-entry-for-process-co.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields-1k.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/0026-journal-remote-set-a-limit-on-the-number-of-fields-i.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/0027-journal-fix-syslog_parse_identifier.patch create mode 100644 poky/meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch delete mode 100644 poky/meta/recipes-core/udev/eudev_3.2.5.bb create mode 100644 poky/meta/recipes-core/udev/eudev_3.2.7.bb (limited to 'poky/meta/recipes-core') diff --git a/poky/meta/recipes-core/meta/dummy-sdk-package.inc b/poky/meta/recipes-core/meta/dummy-sdk-package.inc index eafcb823a..4d653706b 100644 --- a/poky/meta/recipes-core/meta/dummy-sdk-package.inc +++ b/poky/meta/recipes-core/meta/dummy-sdk-package.inc @@ -20,7 +20,7 @@ PR[vardeps] += "DUMMYPROVIDES" python populate_packages_prepend() { p = d.getVar("PN") d.appendVar("RPROVIDES_%s" % p, "${DUMMYPROVIDES}") - #d.appendVar("RCONFLICTS_%s" % p, "${DUMMYPROVIDES}") - #d.appendVar("RREPLACES_%s" % p, "${DUMMYPROVIDES}") + d.appendVar("RCONFLICTS_%s" % p, "${DUMMYPROVIDES}") + d.appendVar("RREPLACES_%s" % p, "${DUMMYPROVIDES}") } diff --git a/poky/meta/recipes-core/meta/nativesdk-buildtools-perl-dummy.bb b/poky/meta/recipes-core/meta/nativesdk-buildtools-perl-dummy.bb index f5bcb8254..6a8748acd 100644 --- a/poky/meta/recipes-core/meta/nativesdk-buildtools-perl-dummy.bb +++ b/poky/meta/recipes-core/meta/nativesdk-buildtools-perl-dummy.bb @@ -2,7 +2,27 @@ DUMMYARCH = "buildtools-dummy-${SDKPKGSUFFIX}" DUMMYPROVIDES = "\ nativesdk-perl \ - nativesdk-perl-module-file-path" + nativesdk-libxml-parser-perl \ + nativesdk-perl-module-bytes \ + nativesdk-perl-module-carp \ + nativesdk-perl-module-constant \ + nativesdk-perl-module-data-dumper \ + nativesdk-perl-module-errno \ + nativesdk-perl-module-exporter \ + nativesdk-perl-module-file-basename \ + nativesdk-perl-module-file-compare \ + nativesdk-perl-module-file-copy \ + nativesdk-perl-module-file-find \ + nativesdk-perl-module-file-glob \ + nativesdk-perl-module-file-path \ + nativesdk-perl-module-file-stat \ + nativesdk-perl-module-getopt-long \ + nativesdk-perl-module-io-file \ + nativesdk-perl-module-posix \ + nativesdk-perl-module-thread-queue \ + nativesdk-perl-module-threads \ + /usr/bin/perl \ + " PR = "r2" diff --git a/poky/meta/recipes-core/meta/nativesdk-sdk-provides-dummy.bb b/poky/meta/recipes-core/meta/nativesdk-sdk-provides-dummy.bb index 11a727d48..b891efa5e 100644 --- a/poky/meta/recipes-core/meta/nativesdk-sdk-provides-dummy.bb +++ b/poky/meta/recipes-core/meta/nativesdk-sdk-provides-dummy.bb @@ -4,7 +4,6 @@ DUMMYARCH = "sdk-provides-dummy-${SDKPKGSUFFIX}" DUMMYPROVIDES = "\ /bin/bash \ /usr/bin/env \ - /usr/bin/perl \ pkgconfig \ libGL.so()(64bit) \ libGL.so \ diff --git a/poky/meta/recipes-core/meta/target-sdk-provides-dummy.bb b/poky/meta/recipes-core/meta/target-sdk-provides-dummy.bb index 714d15d8b..edf07c4a2 100644 --- a/poky/meta/recipes-core/meta/target-sdk-provides-dummy.bb +++ b/poky/meta/recipes-core/meta/target-sdk-provides-dummy.bb @@ -1,6 +1,33 @@ DUMMYARCH = "sdk-provides-dummy-target" DUMMYPROVIDES = "\ + busybox \ + coreutils \ + bash \ + perl \ + perl-module-re \ + perl-module-strict \ + perl-module-vars \ + perl-module-text-wrap \ + libxml-parser-perl \ + perl-module-bytes \ + perl-module-carp \ + perl-module-constant \ + perl-module-data-dumper \ + perl-module-errno \ + perl-module-exporter \ + perl-module-file-basename \ + perl-module-file-compare \ + perl-module-file-copy \ + perl-module-file-find \ + perl-module-file-glob \ + perl-module-file-path \ + perl-module-file-stat \ + perl-module-getopt-long \ + perl-module-io-file \ + perl-module-posix \ + perl-module-thread-queue \ + perl-module-threads \ /bin/sh \ /bin/bash \ /usr/bin/env \ diff --git a/poky/meta/recipes-core/systemd/systemd-boot_239.bb b/poky/meta/recipes-core/systemd/systemd-boot_239.bb index 7fe420c26..2450d52cb 100644 --- a/poky/meta/recipes-core/systemd/systemd-boot_239.bb +++ b/poky/meta/recipes-core/systemd/systemd-boot_239.bb @@ -6,6 +6,7 @@ DEPENDS = "intltool-native libcap util-linux gnu-efi gperf-native" SRC_URI += "file://0002-use-lnr-wrapper-instead-of-looking-for-relative-opti.patch \ file://0006-remove-nobody-user-group-checking.patch \ file://0001-Fix-to-run-efi_cc-and-efi_ld-correctly-when-cross-co.patch \ + file://0001-meson-rename-Ddebug-to-Ddebug-extra.patch \ " inherit meson pkgconfig gettext @@ -28,7 +29,7 @@ EXTRA_OEMESON += "-Defi=true \ python __anonymous () { import re target = d.getVar('TARGET_ARCH') - prefix = "" if d.getVar('EFI_PROVIDER', True) == "systemd-boot" else "systemd-" + prefix = "" if d.getVar('EFI_PROVIDER') == "systemd-boot" else "systemd-" if target == "x86_64": systemdimage = prefix + "bootx64.efi" else: diff --git a/poky/meta/recipes-core/systemd/systemd/0001-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch b/poky/meta/recipes-core/systemd/systemd/0001-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch new file mode 100644 index 000000000..7fd6d0188 --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/0001-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch @@ -0,0 +1,36 @@ +From 1e190dfd5bb95036f937ef1dc46f43eb0a146612 Mon Sep 17 00:00:00 2001 +From: Thomas Hindoe Paaboel Andersen +Date: Fri, 17 Aug 2018 21:31:05 +0200 +Subject: [PATCH] Revert "sysctl.d: request ECN on both in and outgoing + connections" + +Turning on ECN still causes slow or broken network on linux. Our tcp +is not yet ready for wide spread use of ECN. + +This reverts commit 919472741dba6ad0a3f6c2b76d390a02d0e2fdc3. + +https://github.com/systemd/systemd/issues/9748 + +Upstream-Status: Backport +Signed-off-by: Alex Kiernan +--- + sysctl.d/50-default.conf | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/sysctl.d/50-default.conf b/sysctl.d/50-default.conf +index b67ae87ca6b7..e263cf06284a 100644 +--- a/sysctl.d/50-default.conf ++++ b/sysctl.d/50-default.conf +@@ -33,9 +33,6 @@ net.ipv4.conf.all.promote_secondaries = 1 + # Fair Queue CoDel packet scheduler to fight bufferbloat + net.core.default_qdisc = fq_codel + +-# Request Explicit Congestion Notification (ECN) on both in and outgoing connections +-net.ipv4.tcp_ecn = 1 +- + # Enable hard and soft link protection + fs.protected_hardlinks = 1 + fs.protected_symlinks = 1 +-- +2.7.4 + diff --git a/poky/meta/recipes-core/systemd/systemd/0001-meson-rename-Ddebug-to-Ddebug-extra.patch b/poky/meta/recipes-core/systemd/systemd/0001-meson-rename-Ddebug-to-Ddebug-extra.patch new file mode 100644 index 000000000..d6d305cb3 --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/0001-meson-rename-Ddebug-to-Ddebug-extra.patch @@ -0,0 +1,45 @@ +From 8f6b442a78d0b485f044742ad90b2e8271b4e68e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Sun, 19 Aug 2018 19:11:30 +0200 +Subject: [PATCH] meson: rename -Ddebug to -Ddebug-extra + +Meson added -Doptimization and -Ddebug options, which obviously causes +a conflict with our -Ddebug options. Let's rename it. + +Fixes #9883. +Upstream-Status: Backport +Signed-off-by: Alexander Kanavin +--- + meson.build | 2 +- + meson_options.txt | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/meson.build b/meson.build +index f79ac4b12..2209c935a 100644 +--- a/meson.build ++++ b/meson.build +@@ -763,7 +763,7 @@ substs.set('DEBUGTTY', get_option('debug-tty')) + + enable_debug_hashmap = false + enable_debug_mmap_cache = false +-foreach name : get_option('debug') ++foreach name : get_option('debug-extra') + if name == 'hashmap' + enable_debug_hashmap = true + elif name == 'mmap-cache' +diff --git a/meson_options.txt b/meson_options.txt +index e3140c8c1..7b1f61bf4 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -45,7 +45,7 @@ option('debug-shell', type : 'string', value : '/bin/sh', + description : 'path to debug shell binary') + option('debug-tty', type : 'string', value : '/dev/tty9', + description : 'specify the tty device for debug shell') +-option('debug', type : 'array', choices : ['hashmap', 'mmap-cache'], value : [], ++option('debug-extra', type : 'array', choices : ['hashmap', 'mmap-cache'], value : [], + description : 'enable extra debugging') + option('memory-accounting-default', type : 'boolean', + description : 'enable MemoryAccounting= by default') +-- +2.17.1 + diff --git a/poky/meta/recipes-core/systemd/systemd/0001-sysctl-Don-t-pass-null-directive-argument-to-s.patch b/poky/meta/recipes-core/systemd/systemd/0001-sysctl-Don-t-pass-null-directive-argument-to-s.patch new file mode 100644 index 000000000..0538c7bbc --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/0001-sysctl-Don-t-pass-null-directive-argument-to-s.patch @@ -0,0 +1,31 @@ +From bfc4183ea995f1c211385d066cdb1fe9ce89f621 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sun, 16 Dec 2018 20:53:38 -0800 +Subject: [PATCH 1/2] sysctl: Don't pass null directive argument to '%s' + +value pointer here is always NULL but subsequent use of that pointer +with a %s format will always be NULL, printing p instead would be a +valid string + +Signed-off-by: Khem Raj +--- +Upstream-Status: Submitted [https://github.com/systemd/systemd/pull/11179] + src/sysctl/sysctl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c +index 1cfe51018..c67d79032 100644 +--- a/src/sysctl/sysctl.c ++++ b/src/sysctl/sysctl.c +@@ -115,7 +115,7 @@ static int parse_file(OrderedHashmap *sysctl_options, const char *path, bool ign + + value = strchr(p, '='); + if (!value) { +- log_error("Line is not an assignment at '%s:%u': %s", path, c, value); ++ log_error("Line is not an assignment at '%s:%u': %s", path, c, p); + + if (r == 0) + r = -EINVAL; +-- +2.20.1 + diff --git a/poky/meta/recipes-core/systemd/systemd/0001-timesync-changes-type-of-drift_freq-to-int64_t.patch b/poky/meta/recipes-core/systemd/systemd/0001-timesync-changes-type-of-drift_freq-to-int64_t.patch new file mode 100644 index 000000000..8d395c2fa --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/0001-timesync-changes-type-of-drift_freq-to-int64_t.patch @@ -0,0 +1,49 @@ +Backport patch to fix systemd build failure on x32. + +Upstream-Status: Backport [https://github.com/systemd/systemd/commit/75ca162] + +Signed-off-by: Kai Kang + +From 75ca1621db4647a4d62d7873cd6715e28fe0f9fa Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Sat, 23 Jun 2018 09:41:55 +0900 +Subject: [PATCH] timesync: changes type of drift_freq to int64_t + +drift_freq is used for storing timex.freq, and is a 64bit integer. +To support x32 ABI, this changes the type of drift_freq to int64_t. + +Fixes #9387. +--- + src/timesync/timesyncd-manager.c | 2 +- + src/timesync/timesyncd-manager.h | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/timesync/timesyncd-manager.c b/src/timesync/timesyncd-manager.c +index 2b731af9e..404a2b189 100644 +--- a/src/timesync/timesyncd-manager.c ++++ b/src/timesync/timesyncd-manager.c +@@ -604,7 +604,7 @@ static int manager_receive_response(sd_event_source *source, int fd, uint32_t re + m->dest_time = *recv_time; + m->spike = spike; + +- log_debug("interval/delta/delay/jitter/drift " USEC_FMT "s/%+.3fs/%.3fs/%.3fs/%+"PRI_TIMEX"ppm%s", ++ log_debug("interval/delta/delay/jitter/drift " USEC_FMT "s/%+.3fs/%.3fs/%.3fs/%+"PRIi64"ppm%s", + m->poll_interval_usec / USEC_PER_SEC, offset, delay, m->samples_jitter, m->drift_freq / 65536, + spike ? " (ignored)" : ""); + +diff --git a/src/timesync/timesyncd-manager.h b/src/timesync/timesyncd-manager.h +index d8d97cc1e..18347416d 100644 +--- a/src/timesync/timesyncd-manager.h ++++ b/src/timesync/timesyncd-manager.h +@@ -79,7 +79,7 @@ struct Manager { + /* last change */ + bool jumped; + bool sync; +- long drift_freq; ++ int64_t drift_freq; + + /* watch for time changes */ + sd_event_source *event_clock_watch; +-- +2.17.0 + diff --git a/poky/meta/recipes-core/systemd/systemd/0002-core-Fix-use-after-free-case-in-load_from_path.patch b/poky/meta/recipes-core/systemd/systemd/0002-core-Fix-use-after-free-case-in-load_from_path.patch new file mode 100644 index 000000000..4da96e292 --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/0002-core-Fix-use-after-free-case-in-load_from_path.patch @@ -0,0 +1,43 @@ +From cb67aebd63d9f0077cbf3e769f0b223c5bba20ac Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sun, 16 Dec 2018 20:58:35 -0800 +Subject: [PATCH 2/2] core: Fix use after free case in load_from_path() + +ensure that mfree() on filename is called after the logging function +which uses the string pointed by filename + +Signed-off-by: Khem Raj +--- +Upstream-Status: Submitted [https://github.com/systemd/systemd/pull/11179] + src/core/load-fragment.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c +index fc5644f48..da585786e 100644 +--- a/src/core/load-fragment.c ++++ b/src/core/load-fragment.c +@@ -4531,7 +4531,6 @@ static int load_from_path(Unit *u, const char *path) { + r = open_follow(&filename, &f, symlink_names, &id); + if (r >= 0) + break; +- filename = mfree(filename); + + /* ENOENT means that the file is missing or is a dangling symlink. + * ENOTDIR means that one of paths we expect to be is a directory +@@ -4540,9 +4539,12 @@ static int load_from_path(Unit *u, const char *path) { + */ + if (r == -EACCES) + log_debug_errno(r, "Cannot access \"%s\": %m", filename); +- else if (!IN_SET(r, -ENOENT, -ENOTDIR)) ++ else if (!IN_SET(r, -ENOENT, -ENOTDIR)) { ++ filename = mfree(filename); + return r; ++ } + ++ filename = mfree(filename); + /* Empty the symlink names for the next run */ + set_clear_free(symlink_names); + } +-- +2.20.1 + diff --git a/poky/meta/recipes-core/systemd/systemd/0024-journald-do-not-store-the-iovec-entry-for-process-co.patch b/poky/meta/recipes-core/systemd/systemd/0024-journald-do-not-store-the-iovec-entry-for-process-co.patch new file mode 100644 index 000000000..c3009545b --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/0024-journald-do-not-store-the-iovec-entry-for-process-co.patch @@ -0,0 +1,204 @@ +From fe19f5a9d0d8b9977e9507a9b66c3cc66744cd38 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 5 Dec 2018 18:38:39 +0100 +Subject: [PATCH] journald: do not store the iovec entry for process + commandline on stack + +This fixes a crash where we would read the commandline, whose length is under +control of the sending program, and then crash when trying to create a stack +allocation for it. + +CVE-2018-16864 +https://bugzilla.redhat.com/show_bug.cgi?id=1653855 + +The message actually doesn't get written to disk, because +journal_file_append_entry() returns -E2BIG. + +Patch backported from systemd master at +084eeb865ca63887098e0945fb4e93c852b91b0f. +--- + src/basic/io-util.c | 10 ++++++++++ + src/basic/io-util.h | 2 ++ + src/coredump/coredump.c | 31 +++++++++++-------------------- + src/journal/journald-server.c | 25 +++++++++++++++---------- + 4 files changed, 38 insertions(+), 30 deletions(-) + +diff --git a/src/basic/io-util.c b/src/basic/io-util.c +index 1f64cc933b..575398fbe6 100644 +--- a/src/basic/io-util.c ++++ b/src/basic/io-util.c +@@ -8,6 +8,7 @@ + #include + + #include "io-util.h" ++#include "string-util.h" + #include "time-util.h" + + int flush_fd(int fd) { +@@ -252,3 +253,12 @@ ssize_t sparse_write(int fd, const void *p, size_t sz, size_t run_length) { + + return q - (const uint8_t*) p; + } ++ ++char* set_iovec_string_field(struct iovec *iovec, size_t *n_iovec, const char *field, const char *value) { ++ char *x; ++ ++ x = strappend(field, value); ++ if (x) ++ iovec[(*n_iovec)++] = IOVEC_MAKE_STRING(x); ++ return x; ++} +diff --git a/src/basic/io-util.h b/src/basic/io-util.h +index ed189b5820..792a64ad5e 100644 +--- a/src/basic/io-util.h ++++ b/src/basic/io-util.h +@@ -71,3 +71,5 @@ static inline bool FILE_SIZE_VALID_OR_INFINITY(uint64_t l) { + #define IOVEC_MAKE(base, len) (struct iovec) IOVEC_INIT(base, len) + #define IOVEC_INIT_STRING(string) IOVEC_INIT((char*) string, strlen(string)) + #define IOVEC_MAKE_STRING(string) (struct iovec) IOVEC_INIT_STRING(string) ++ ++char* set_iovec_string_field(struct iovec *iovec, size_t *n_iovec, const char *field, const char *value); +diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c +index 20a1cbdd45..18e4f61d72 100644 +--- a/src/coredump/coredump.c ++++ b/src/coredump/coredump.c +@@ -1053,19 +1053,10 @@ static int send_iovec(const struct iovec iovec[], size_t n_iovec, int input_fd) + return 0; + } + +-static char* set_iovec_field(struct iovec *iovec, size_t *n_iovec, const char *field, const char *value) { +- char *x; +- +- x = strappend(field, value); +- if (x) +- iovec[(*n_iovec)++] = IOVEC_MAKE_STRING(x); +- return x; +-} +- + static char* set_iovec_field_free(struct iovec *iovec, size_t *n_iovec, const char *field, char *value) { + char *x; + +- x = set_iovec_field(iovec, n_iovec, field, value); ++ x = set_iovec_string_field(iovec, n_iovec, field, value); + free(value); + return x; + } +@@ -1115,36 +1106,36 @@ static int gather_pid_metadata( + disable_coredumps(); + } + +- set_iovec_field(iovec, n_iovec, "COREDUMP_UNIT=", context[CONTEXT_UNIT]); ++ set_iovec_string_field(iovec, n_iovec, "COREDUMP_UNIT=", context[CONTEXT_UNIT]); + } + + if (cg_pid_get_user_unit(pid, &t) >= 0) + set_iovec_field_free(iovec, n_iovec, "COREDUMP_USER_UNIT=", t); + + /* The next few are mandatory */ +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_PID=", context[CONTEXT_PID])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_PID=", context[CONTEXT_PID])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_UID=", context[CONTEXT_UID])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_UID=", context[CONTEXT_UID])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_GID=", context[CONTEXT_GID])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_GID=", context[CONTEXT_GID])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_SIGNAL=", context[CONTEXT_SIGNAL])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_SIGNAL=", context[CONTEXT_SIGNAL])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_RLIMIT=", context[CONTEXT_RLIMIT])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_RLIMIT=", context[CONTEXT_RLIMIT])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_HOSTNAME=", context[CONTEXT_HOSTNAME])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_HOSTNAME=", context[CONTEXT_HOSTNAME])) + return log_oom(); + +- if (!set_iovec_field(iovec, n_iovec, "COREDUMP_COMM=", context[CONTEXT_COMM])) ++ if (!set_iovec_string_field(iovec, n_iovec, "COREDUMP_COMM=", context[CONTEXT_COMM])) + return log_oom(); + + if (context[CONTEXT_EXE] && +- !set_iovec_field(iovec, n_iovec, "COREDUMP_EXE=", context[CONTEXT_EXE])) ++ !set_iovec_string_field(iovec, n_iovec, "COREDUMP_EXE=", context[CONTEXT_EXE])) + return log_oom(); + + if (sd_pid_get_session(pid, &t) >= 0) +@@ -1212,7 +1203,7 @@ static int gather_pid_metadata( + iovec[(*n_iovec)++] = IOVEC_MAKE_STRING(t); + + if (safe_atoi(context[CONTEXT_SIGNAL], &signo) >= 0 && SIGNAL_VALID(signo)) +- set_iovec_field(iovec, n_iovec, "COREDUMP_SIGNAL_NAME=SIG", signal_to_string(signo)); ++ set_iovec_string_field(iovec, n_iovec, "COREDUMP_SIGNAL_NAME=SIG", signal_to_string(signo)); + + return 0; /* we successfully acquired all metadata */ + } +diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c +index 4f1550ec5b..31be085c6b 100644 +--- a/src/journal/journald-server.c ++++ b/src/journal/journald-server.c +@@ -753,6 +753,7 @@ static void dispatch_message_real( + pid_t object_pid) { + + char source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)]; ++ _cleanup_free_ char *cmdline1 = NULL, *cmdline2 = NULL; + uid_t journal_uid; + ClientContext *o; + +@@ -769,20 +770,23 @@ static void dispatch_message_real( + IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->uid, uid_t, uid_is_valid, UID_FMT, "_UID"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->gid, gid_t, gid_is_valid, GID_FMT, "_GID"); + +- IOVEC_ADD_STRING_FIELD(iovec, n, c->comm, "_COMM"); +- IOVEC_ADD_STRING_FIELD(iovec, n, c->exe, "_EXE"); +- IOVEC_ADD_STRING_FIELD(iovec, n, c->cmdline, "_CMDLINE"); +- IOVEC_ADD_STRING_FIELD(iovec, n, c->capeff, "_CAP_EFFECTIVE"); ++ IOVEC_ADD_STRING_FIELD(iovec, n, c->comm, "_COMM"); /* At most TASK_COMM_LENGTH (16 bytes) */ ++ IOVEC_ADD_STRING_FIELD(iovec, n, c->exe, "_EXE"); /* A path, so at most PATH_MAX (4096 bytes) */ + +- IOVEC_ADD_SIZED_FIELD(iovec, n, c->label, c->label_size, "_SELINUX_CONTEXT"); ++ if (c->cmdline) ++ /* At most _SC_ARG_MAX (2MB usually), which is too much to put on stack. ++ * Let's use a heap allocation for this one. */ ++ cmdline1 = set_iovec_string_field(iovec, &n, "_CMDLINE=", c->cmdline); + ++ IOVEC_ADD_STRING_FIELD(iovec, n, c->capeff, "_CAP_EFFECTIVE"); /* Read from /proc/.../status */ ++ IOVEC_ADD_SIZED_FIELD(iovec, n, c->label, c->label_size, "_SELINUX_CONTEXT"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->auditid, uint32_t, audit_session_is_valid, "%" PRIu32, "_AUDIT_SESSION"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->loginuid, uid_t, uid_is_valid, UID_FMT, "_AUDIT_LOGINUID"); + +- IOVEC_ADD_STRING_FIELD(iovec, n, c->cgroup, "_SYSTEMD_CGROUP"); ++ IOVEC_ADD_STRING_FIELD(iovec, n, c->cgroup, "_SYSTEMD_CGROUP"); /* A path */ + IOVEC_ADD_STRING_FIELD(iovec, n, c->session, "_SYSTEMD_SESSION"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, c->owner_uid, uid_t, uid_is_valid, UID_FMT, "_SYSTEMD_OWNER_UID"); +- IOVEC_ADD_STRING_FIELD(iovec, n, c->unit, "_SYSTEMD_UNIT"); ++ IOVEC_ADD_STRING_FIELD(iovec, n, c->unit, "_SYSTEMD_UNIT"); /* Unit names are bounded by UNIT_NAME_MAX */ + IOVEC_ADD_STRING_FIELD(iovec, n, c->user_unit, "_SYSTEMD_USER_UNIT"); + IOVEC_ADD_STRING_FIELD(iovec, n, c->slice, "_SYSTEMD_SLICE"); + IOVEC_ADD_STRING_FIELD(iovec, n, c->user_slice, "_SYSTEMD_USER_SLICE"); +@@ -803,13 +807,14 @@ static void dispatch_message_real( + IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->uid, uid_t, uid_is_valid, UID_FMT, "OBJECT_UID"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->gid, gid_t, gid_is_valid, GID_FMT, "OBJECT_GID"); + ++ /* See above for size limits, only ->cmdline may be large, so use a heap allocation for it. */ + IOVEC_ADD_STRING_FIELD(iovec, n, o->comm, "OBJECT_COMM"); + IOVEC_ADD_STRING_FIELD(iovec, n, o->exe, "OBJECT_EXE"); +- IOVEC_ADD_STRING_FIELD(iovec, n, o->cmdline, "OBJECT_CMDLINE"); +- IOVEC_ADD_STRING_FIELD(iovec, n, o->capeff, "OBJECT_CAP_EFFECTIVE"); ++ if (o->cmdline) ++ cmdline2 = set_iovec_string_field(iovec, &n, "OBJECT_CMDLINE=", o->cmdline); + ++ IOVEC_ADD_STRING_FIELD(iovec, n, o->capeff, "OBJECT_CAP_EFFECTIVE"); + IOVEC_ADD_SIZED_FIELD(iovec, n, o->label, o->label_size, "OBJECT_SELINUX_CONTEXT"); +- + IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->auditid, uint32_t, audit_session_is_valid, "%" PRIu32, "OBJECT_AUDIT_SESSION"); + IOVEC_ADD_NUMERIC_FIELD(iovec, n, o->loginuid, uid_t, uid_is_valid, UID_FMT, "OBJECT_AUDIT_LOGINUID"); + +-- +2.11.0 + diff --git a/poky/meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields-1k.patch b/poky/meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields-1k.patch new file mode 100644 index 000000000..50a01efe8 --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/0025-journald-set-a-limit-on-the-number-of-fields-1k.patch @@ -0,0 +1,56 @@ +From 4566aaf97f5b4143b930d75628f3abc905249dcd Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Wed, 5 Dec 2018 22:45:02 +0100 +Subject: [PATCH] journald: set a limit on the number of fields (1k) + +We allocate a iovec entry for each field, so with many short entries, +our memory usage and processing time can be large, even with a relatively +small message size. Let's refuse overly long entries. + +CVE-2018-16865 +https://bugzilla.redhat.com/show_bug.cgi?id=1653861 + +What from I can see, the problem is not from an alloca, despite what the CVE +description says, but from the attack multiplication that comes from creating +many very small iovecs: (void* + size_t) for each three bytes of input message. + +Patch backported from systemd master at +052c57f132f04a3cf4148f87561618da1a6908b4. +--- + src/basic/journal-importer.h | 3 +++ + src/journal/journald-native.c | 5 +++++ + 2 files changed, 8 insertions(+) + +diff --git a/src/basic/journal-importer.h b/src/basic/journal-importer.h +index f49ce734a1..c4ae45d32d 100644 +--- a/src/basic/journal-importer.h ++++ b/src/basic/journal-importer.h +@@ -16,6 +16,9 @@ + #define DATA_SIZE_MAX (1024*1024*768u) + #define LINE_CHUNK 8*1024u + ++/* The maximum number of fields in an entry */ ++#define ENTRY_FIELD_COUNT_MAX 1024 ++ + struct iovec_wrapper { + struct iovec *iovec; + size_t size_bytes; +diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c +index 5ff22a10af..951d092053 100644 +--- a/src/journal/journald-native.c ++++ b/src/journal/journald-native.c +@@ -140,6 +140,11 @@ static int server_process_entry( + } + + /* A property follows */ ++ if (n > ENTRY_FIELD_COUNT_MAX) { ++ log_debug("Received an entry that has more than " STRINGIFY(ENTRY_FIELD_COUNT_MAX) " fields, ignoring entry."); ++ r = 1; ++ goto finish; ++ } + + /* n existing properties, 1 new, +1 for _TRANSPORT */ + if (!GREEDY_REALLOC(iovec, m, +-- +2.11.0 + diff --git a/poky/meta/recipes-core/systemd/systemd/0026-journal-remote-set-a-limit-on-the-number-of-fields-i.patch b/poky/meta/recipes-core/systemd/systemd/0026-journal-remote-set-a-limit-on-the-number-of-fields-i.patch new file mode 100644 index 000000000..104945cc2 --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/0026-journal-remote-set-a-limit-on-the-number-of-fields-i.patch @@ -0,0 +1,84 @@ +From 4183ec3a135663128834ca8b35d50a60999343a7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Fri, 7 Dec 2018 10:48:10 +0100 +Subject: [PATCH] journal-remote: set a limit on the number of fields in a + message + +Existing use of E2BIG is replaced with ENOBUFS (entry too long), and E2BIG is +reused for the new error condition (too many fields). + +This matches the change done for systemd-journald, hence forming the second +part of the fix for CVE-2018-16865 +(https://bugzilla.redhat.com/show_bug.cgi?id=1653861). + +Patch backported from systemd master at +ef4d6abe7c7fab6cbff975b32e76b09feee56074. +--- + src/basic/journal-importer.c | 5 ++++- + src/journal-remote/journal-remote-main.c | 10 ++++++---- + src/journal-remote/journal-remote.c | 5 ++++- + 3 files changed, 14 insertions(+), 6 deletions(-) + +diff --git a/src/basic/journal-importer.c b/src/basic/journal-importer.c +index ca203bbbfc..3ac55a66d9 100644 +--- a/src/basic/journal-importer.c ++++ b/src/basic/journal-importer.c +@@ -23,6 +23,9 @@ enum { + }; + + static int iovw_put(struct iovec_wrapper *iovw, void* data, size_t len) { ++ if (iovw->count >= ENTRY_FIELD_COUNT_MAX) ++ return -E2BIG; ++ + if (!GREEDY_REALLOC(iovw->iovec, iovw->size_bytes, iovw->count + 1)) + return log_oom(); + +@@ -98,7 +101,7 @@ static int get_line(JournalImporter *imp, char **line, size_t *size) { + imp->scanned = imp->filled; + if (imp->scanned >= DATA_SIZE_MAX) { + log_error("Entry is bigger than %u bytes.", DATA_SIZE_MAX); +- return -E2BIG; ++ return -ENOBUFS; + } + + if (imp->passive_fd) +diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c +index 8fda9d1499..f52618fb7b 100644 +--- a/src/journal-remote/journal-remote-main.c ++++ b/src/journal-remote/journal-remote-main.c +@@ -212,10 +212,12 @@ static int process_http_upload( + break; + else if (r < 0) { + log_warning("Failed to process data for connection %p", connection); +- if (r == -E2BIG) +- return mhd_respondf(connection, +- r, MHD_HTTP_PAYLOAD_TOO_LARGE, +- "Entry is too large, maximum is " STRINGIFY(DATA_SIZE_MAX) " bytes."); ++ if (r == -ENOBUFS) ++ log_warning_errno(r, "Entry is above the maximum of %u, aborting connection %p.", ++ DATA_SIZE_MAX, connection); ++ else if (r == -E2BIG) ++ log_warning_errno(r, "Entry with more fields than the maximum of %u, aborting connection %p.", ++ ENTRY_FIELD_COUNT_MAX, connection); + else + return mhd_respondf(connection, + r, MHD_HTTP_UNPROCESSABLE_ENTITY, +diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c +index beb75a1cb4..67e3a70c06 100644 +--- a/src/journal-remote/journal-remote.c ++++ b/src/journal-remote/journal-remote.c +@@ -408,7 +408,10 @@ int journal_remote_handle_raw_source( + log_debug("%zu active sources remaining", s->active); + return 0; + } else if (r == -E2BIG) { +- log_notice_errno(E2BIG, "Entry too big, skipped"); ++ log_notice("Entry with too many fields, skipped"); ++ return 1; ++ } else if (r == -ENOBUFS) { ++ log_notice("Entry too big, skipped"); + return 1; + } else if (r == -EAGAIN) { + return 0; +-- +2.11.0 + diff --git a/poky/meta/recipes-core/systemd/systemd/0027-journal-fix-syslog_parse_identifier.patch b/poky/meta/recipes-core/systemd/systemd/0027-journal-fix-syslog_parse_identifier.patch new file mode 100644 index 000000000..d4df0e12f --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/0027-journal-fix-syslog_parse_identifier.patch @@ -0,0 +1,77 @@ +From 8ccebb04e07628f7fe10131d6cd4f19d6a0d8f45 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 8 Aug 2018 15:06:36 +0900 +Subject: [PATCH] journal: fix syslog_parse_identifier() + +Fixes #9829. + +An out of bounds read was discovered in systemd-journald in the way it +parses log messages that terminate with a colon ':'. A local attacker +can use this flaw to disclose process memory data. + +Patch backported from systemd master at +a6aadf4ae0bae185dc4c414d492a4a781c80ffe5. + +This matches the change done for systemd-journald, hence forming the first +part of the fix for CVE-2018-16866. +--- + src/journal/journald-syslog.c | 6 +++--- + src/journal/test-journal-syslog.c | 10 ++++++++-- + 2 files changed, 11 insertions(+), 5 deletions(-) + +diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c +index 9dea116722..97711ac7a3 100644 +--- a/src/journal/journald-syslog.c ++++ b/src/journal/journald-syslog.c +@@ -194,7 +194,7 @@ size_t syslog_parse_identifier(const char **buf, char **identifier, char **pid) + e = l; + l--; + +- if (p[l-1] == ']') { ++ if (l > 0 && p[l-1] == ']') { + size_t k = l-1; + + for (;;) { +@@ -219,8 +219,8 @@ size_t syslog_parse_identifier(const char **buf, char **identifier, char **pid) + if (t) + *identifier = t; + +- if (strchr(WHITESPACE, p[e])) +- e++; ++ e += strspn(p + e, WHITESPACE); ++ + *buf = p + e; + return e; + } +diff --git a/src/journal/test-journal-syslog.c b/src/journal/test-journal-syslog.c +index 9ba86f6c8a..05f759817e 100644 +--- a/src/journal/test-journal-syslog.c ++++ b/src/journal/test-journal-syslog.c +@@ -5,8 +5,8 @@ + #include "macro.h" + #include "string-util.h" + +-static void test_syslog_parse_identifier(const char* str, +- const char *ident, const char*pid, int ret) { ++static void test_syslog_parse_identifier(const char *str, ++ const char *ident, const char *pid, int ret) { + const char *buf = str; + _cleanup_free_ char *ident2 = NULL, *pid2 = NULL; + int ret2; +@@ -21,7 +21,13 @@ static void test_syslog_parse_identifier(const char* str, + int main(void) { + test_syslog_parse_identifier("pidu[111]: xxx", "pidu", "111", 11); + test_syslog_parse_identifier("pidu: xxx", "pidu", NULL, 6); ++ test_syslog_parse_identifier("pidu: xxx", "pidu", NULL, 7); + test_syslog_parse_identifier("pidu xxx", NULL, NULL, 0); ++ test_syslog_parse_identifier(":", "", NULL, 1); ++ test_syslog_parse_identifier(": ", "", NULL, 3); ++ test_syslog_parse_identifier("pidu:", "pidu", NULL, 5); ++ test_syslog_parse_identifier("pidu: ", "pidu", NULL, 6); ++ test_syslog_parse_identifier("pidu : ", NULL, NULL, 0); + + return 0; + } +-- +2.11.0 + diff --git a/poky/meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch b/poky/meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch new file mode 100644 index 000000000..fa2c01034 --- /dev/null +++ b/poky/meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch @@ -0,0 +1,84 @@ +From c3a7da1bbb6d2df8ab7ea1c7ce34ded37a21959f Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Fri, 10 Aug 2018 11:07:54 +0900 +Subject: [PATCH] journal: do not remove multiple spaces after identifier in + syslog message + +Single space is used as separator. +C.f. discussions in #156. + +Fixes #9839 introduced by a6aadf4ae0bae185dc4c414d492a4a781c80ffe5. + +Patch backported from systemd master at +8595102d3ddde6d25c282f965573a6de34ab4421. + +This matches the change done for systemd-journald, hence forming the second +part of the fix for CVE-2018-16866 +--- + src/journal/journald-syslog.c | 4 +++- + src/journal/test-journal-syslog.c | 24 ++++++++++++++---------- + 2 files changed, 17 insertions(+), 11 deletions(-) + +diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c +index 97711ac7a3..e0b55cc566 100644 +--- a/src/journal/journald-syslog.c ++++ b/src/journal/journald-syslog.c +@@ -219,7 +219,9 @@ size_t syslog_parse_identifier(const char **buf, char **identifier, char **pid) + if (t) + *identifier = t; + +- e += strspn(p + e, WHITESPACE); ++ /* Single space is used as separator */ ++ if (p[e] != '\0' && strchr(WHITESPACE, p[e])) ++ e++; + + *buf = p + e; + return e; +diff --git a/src/journal/test-journal-syslog.c b/src/journal/test-journal-syslog.c +index 05f759817e..7294cde032 100644 +--- a/src/journal/test-journal-syslog.c ++++ b/src/journal/test-journal-syslog.c +@@ -6,7 +6,7 @@ + #include "string-util.h" + + static void test_syslog_parse_identifier(const char *str, +- const char *ident, const char *pid, int ret) { ++ const char *ident, const char *pid, const char *rest, int ret) { + const char *buf = str; + _cleanup_free_ char *ident2 = NULL, *pid2 = NULL; + int ret2; +@@ -16,18 +16,22 @@ static void test_syslog_parse_identifier(const char *str, + assert_se(ret == ret2); + assert_se(ident == ident2 || streq_ptr(ident, ident2)); + assert_se(pid == pid2 || streq_ptr(pid, pid2)); ++ assert_se(streq(buf, rest)); + } + + int main(void) { +- test_syslog_parse_identifier("pidu[111]: xxx", "pidu", "111", 11); +- test_syslog_parse_identifier("pidu: xxx", "pidu", NULL, 6); +- test_syslog_parse_identifier("pidu: xxx", "pidu", NULL, 7); +- test_syslog_parse_identifier("pidu xxx", NULL, NULL, 0); +- test_syslog_parse_identifier(":", "", NULL, 1); +- test_syslog_parse_identifier(": ", "", NULL, 3); +- test_syslog_parse_identifier("pidu:", "pidu", NULL, 5); +- test_syslog_parse_identifier("pidu: ", "pidu", NULL, 6); +- test_syslog_parse_identifier("pidu : ", NULL, NULL, 0); ++ test_syslog_parse_identifier("pidu[111]: xxx", "pidu", "111", "xxx", 11); ++ test_syslog_parse_identifier("pidu: xxx", "pidu", NULL, "xxx", 6); ++ test_syslog_parse_identifier("pidu: xxx", "pidu", NULL, " xxx", 6); ++ test_syslog_parse_identifier("pidu xxx", NULL, NULL, "pidu xxx", 0); ++ test_syslog_parse_identifier(" pidu xxx", NULL, NULL, " pidu xxx", 0); ++ test_syslog_parse_identifier("", NULL, NULL, "", 0); ++ test_syslog_parse_identifier(" ", NULL, NULL, " ", 0); ++ test_syslog_parse_identifier(":", "", NULL, "", 1); ++ test_syslog_parse_identifier(": ", "", NULL, " ", 2); ++ test_syslog_parse_identifier("pidu:", "pidu", NULL, "", 5); ++ test_syslog_parse_identifier("pidu: ", "pidu", NULL, "", 6); ++ test_syslog_parse_identifier("pidu : ", NULL, NULL, "pidu : ", 0); + + return 0; + } +-- +2.11.0 + diff --git a/poky/meta/recipes-core/systemd/systemd_239.bb b/poky/meta/recipes-core/systemd/systemd_239.bb index ed10f634b..6fbef4716 100644 --- a/poky/meta/recipes-core/systemd/systemd_239.bb +++ b/poky/meta/recipes-core/systemd/systemd_239.bb @@ -33,6 +33,16 @@ SRC_URI += "file://touchscreen.rules \ file://0001-core-when-deserializing-state-always-use-read_line-L.patch \ file://0001-chown-recursive-let-s-rework-the-recursive-logic-to-.patch \ file://0001-dhcp6-make-sure-we-have-enough-space-for-the-DHCP6-o.patch \ + file://0001-Revert-sysctl.d-request-ECN-on-both-in-and-outgoing-.patch \ + file://0001-timesync-changes-type-of-drift_freq-to-int64_t.patch \ + file://0001-sysctl-Don-t-pass-null-directive-argument-to-s.patch \ + file://0002-core-Fix-use-after-free-case-in-load_from_path.patch \ + file://0001-meson-rename-Ddebug-to-Ddebug-extra.patch \ + file://0024-journald-do-not-store-the-iovec-entry-for-process-co.patch \ + file://0025-journald-set-a-limit-on-the-number-of-fields-1k.patch \ + file://0026-journal-remote-set-a-limit-on-the-number-of-fields-i.patch \ + file://0027-journal-fix-syslog_parse_identifier.patch \ + file://0028-journal-do-not-remove-multiple-spaces-after-identifi.patch \ " # patches made for musl are only applied on TCLIBC is musl @@ -132,6 +142,7 @@ PACKAGECONFIG[elfutils] = "-Delfutils=true,-Delfutils=false,elfutils" PACKAGECONFIG[firstboot] = "-Dfirstboot=true,-Dfirstboot=false" # Sign the journal for anti-tampering PACKAGECONFIG[gcrypt] = "-Dgcrypt=true,-Dgcrypt=false,libgcrypt" +PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls" PACKAGECONFIG[gshadow] = "-Dgshadow=true,-Dgshadow=false" PACKAGECONFIG[hibernate] = "-Dhibernate=true,-Dhibernate=false" PACKAGECONFIG[hostnamed] = "-Dhostnamed=true,-Dhostnamed=false" @@ -332,22 +343,26 @@ DESCRIPTION_${PN}-journal-remote = "systemd-journal-remote is a command to recei SYSTEMD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'binfmt', '${PN}-binfmt', '', d)} \ ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gatewayd', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', '', '${PN}-journal-remote', '', d)} \ " SYSTEMD_SERVICE_${PN}-binfmt = "systemd-binfmt.service" -USERADD_PACKAGES = "${PN} ${PN}-extra-utils ${PN}-journal-gateway ${PN}-journal-upload ${PN}-journal-remote" -USERADD_PARAM_${PN}-journal-gateway += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '--system -d / -M --shell /bin/nologin systemd-journal-gateway;', '', d)}" -USERADD_PARAM_${PN}-journal-remote += "${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '--system -d / -M --shell /bin/nologin systemd-journal-remote;', '', d)}" -USERADD_PARAM_${PN}-journal-upload += "${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '--system -d / -M --shell /bin/nologin systemd-journal-upload;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /bin/nologin systemd-timesync;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /bin/nologin systemd-network;', '', d)}" +USERADD_PACKAGES = "${PN} ${PN}-extra-utils \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-gateway', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'microhttpd', '${PN}-journal-remote', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'journal-upload', '${PN}-journal-upload', '', d)} \ +" +GROUPADD_PARAM_${PN} = "-r systemd-journal" USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'coredump', '--system -d / -M --shell /bin/nologin systemd-coredump;', '', d)}" -USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'networkd', '--system -d / -M --shell /bin/nologin systemd-network;', '', d)}" USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'polkit', '--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd;', '', d)}" -GROUPADD_PARAM_${PN} = "-r systemd-journal" -USERADD_PARAM_${PN}-extra-utils += "--system -d / -M --shell /bin/nologin systemd-bus-proxy;" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'resolved', '--system -d / -M --shell /bin/nologin systemd-resolve;', '', d)}" +USERADD_PARAM_${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'timesyncd', '--system -d / -M --shell /bin/nologin systemd-timesync;', '', d)}" +USERADD_PARAM_${PN}-extra-utils = "--system -d / -M --shell /bin/nologin systemd-bus-proxy" +USERADD_PARAM_${PN}-journal-gateway = "--system -d / -M --shell /bin/nologin systemd-journal-gateway" +USERADD_PARAM_${PN}-journal-remote = "--system -d / -M --shell /bin/nologin systemd-journal-remote" +USERADD_PARAM_${PN}-journal-upload = "--system -d / -M --shell /bin/nologin systemd-journal-upload" FILES_${PN}-analyze = "${bindir}/systemd-analyze" diff --git a/poky/meta/recipes-core/udev/eudev_3.2.5.bb b/poky/meta/recipes-core/udev/eudev_3.2.5.bb deleted file mode 100644 index 592dd8f22..000000000 --- a/poky/meta/recipes-core/udev/eudev_3.2.5.bb +++ /dev/null @@ -1,96 +0,0 @@ -SUMMARY = "eudev is a fork of systemd's udev" -HOMEPAGE = "https://wiki.gentoo.org/wiki/Eudev" -LICENSE = "GPLv2.0+ & LGPL-2.1+" -LICENSE_libudev = "LGPL-2.1+" -LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" - -DEPENDS = "glib-2.0 glib-2.0-native gperf-native kmod libxslt-native util-linux" - -PROVIDES = "udev" - -SRC_URI = "http://dev.gentoo.org/~blueness/${BPN}/${BP}.tar.gz \ - file://0014-Revert-rules-remove-firmware-loading-rules.patch \ - file://Revert-udev-remove-userspace-firmware-loading-suppor.patch \ - file://devfs-udev.rules \ - file://init \ - file://links.conf \ - file://local.rules \ - file://permissions.rules \ - file://run.rules \ - file://udev.rules \ -" - -SRC_URI[md5sum] = "6ca08c0e14380f87df8e8aceac123671" -SRC_URI[sha256sum] = "49c2d04105cad2526302627e040fa24b1916a9a3e059539bc8bb919b973890af" - -inherit autotools update-rc.d qemu pkgconfig distro_features_check - -CONFLICT_DISTRO_FEATURES = "systemd" - -EXTRA_OECONF = " \ - --sbindir=${base_sbindir} \ - --with-rootlibdir=${base_libdir} \ - --with-rootlibexecdir=${nonarch_base_libdir}/udev \ - --with-rootprefix= \ -" - -PACKAGECONFIG ??= "hwdb" -PACKAGECONFIG[hwdb] = "--enable-hwdb,--disable-hwdb" - -do_install_append() { - install -d ${D}${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/udev - sed -i s%@UDEVD@%${base_sbindir}/udevd% ${D}${sysconfdir}/init.d/udev - - install -d ${D}${sysconfdir}/udev/rules.d - install -m 0644 ${WORKDIR}/local.rules ${D}${sysconfdir}/udev/rules.d/local.rules - - # Use classic network interface naming scheme - touch ${D}${sysconfdir}/udev/rules.d/80-net-name-slot.rules - - # hid2hci has moved to bluez4. removed in udev as of version 169 - rm -f ${D}${base_libdir}/udev/hid2hci - - # duplicate udevadm for postinst script - install -d ${D}${libexecdir} - ln ${D}${bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm -} - -do_install_prepend_class-target () { - # Remove references to buildmachine - sed -i -e 's:${RECIPE_SYSROOT_NATIVE}::g' \ - ${B}/src/udev/keyboard-keys-from-name.h -} - -INITSCRIPT_NAME = "udev" -INITSCRIPT_PARAMS = "start 04 S ." - -PACKAGES =+ "libudev" -PACKAGES =+ "eudev-hwdb" - - -FILES_${PN} += "${libexecdir} ${nonarch_base_libdir}/udev ${bindir}/udevadm" -FILES_${PN}-dev = "${datadir}/pkgconfig/udev.pc \ - ${includedir}/libudev.h ${libdir}/libudev.so \ - ${includedir}/udev.h ${libdir}/libudev.la \ - ${libdir}/libudev.a ${libdir}/pkgconfig/libudev.pc" -FILES_libudev = "${base_libdir}/libudev.so.*" -FILES_eudev-hwdb = "${sysconfdir}/udev/hwdb.d" - -RDEPENDS_eudev-hwdb += "eudev" - -RPROVIDES_${PN} = "hotplug udev" -RPROVIDES_eudev-hwdb += "udev-hwdb" - -PACKAGE_WRITE_DEPS += "qemu-native" -pkg_postinst_eudev-hwdb () { - if test -n "$D"; then - $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} - else - udevadm hwdb --update - fi -} - -pkg_prerm_eudev-hwdb () { - rm -f $D${sysconfdir}/udev/hwdb.bin -} diff --git a/poky/meta/recipes-core/udev/eudev_3.2.7.bb b/poky/meta/recipes-core/udev/eudev_3.2.7.bb new file mode 100644 index 000000000..1bea4ebd9 --- /dev/null +++ b/poky/meta/recipes-core/udev/eudev_3.2.7.bb @@ -0,0 +1,96 @@ +SUMMARY = "eudev is a fork of systemd's udev" +HOMEPAGE = "https://wiki.gentoo.org/wiki/Eudev" +LICENSE = "GPLv2.0+ & LGPL-2.1+" +LICENSE_libudev = "LGPL-2.1+" +LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" + +DEPENDS = "glib-2.0 glib-2.0-native gperf-native kmod libxslt-native util-linux" + +PROVIDES = "udev" + +SRC_URI = "http://dev.gentoo.org/~blueness/${BPN}/${BP}.tar.gz \ + file://0014-Revert-rules-remove-firmware-loading-rules.patch \ + file://Revert-udev-remove-userspace-firmware-loading-suppor.patch \ + file://devfs-udev.rules \ + file://init \ + file://links.conf \ + file://local.rules \ + file://permissions.rules \ + file://run.rules \ + file://udev.rules \ +" + +SRC_URI[md5sum] = "c75d99910c1791dd9430d26ab76059c0" +SRC_URI[sha256sum] = "3004614bd253c1f98558460215027aaf60d7592c70be27fd384ec01db87bf062" + +inherit autotools update-rc.d qemu pkgconfig distro_features_check + +CONFLICT_DISTRO_FEATURES = "systemd" + +EXTRA_OECONF = " \ + --sbindir=${base_sbindir} \ + --with-rootlibdir=${base_libdir} \ + --with-rootlibexecdir=${nonarch_base_libdir}/udev \ + --with-rootprefix= \ +" + +PACKAGECONFIG ??= "hwdb" +PACKAGECONFIG[hwdb] = "--enable-hwdb,--disable-hwdb" + +do_install_append() { + install -d ${D}${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/udev + sed -i s%@UDEVD@%${base_sbindir}/udevd% ${D}${sysconfdir}/init.d/udev + + install -d ${D}${sysconfdir}/udev/rules.d + install -m 0644 ${WORKDIR}/local.rules ${D}${sysconfdir}/udev/rules.d/local.rules + + # Use classic network interface naming scheme + touch ${D}${sysconfdir}/udev/rules.d/80-net-name-slot.rules + + # hid2hci has moved to bluez4. removed in udev as of version 169 + rm -f ${D}${base_libdir}/udev/hid2hci + + # duplicate udevadm for postinst script + install -d ${D}${libexecdir} + ln ${D}${bindir}/udevadm ${D}${libexecdir}/${MLPREFIX}udevadm +} + +do_install_prepend_class-target () { + # Remove references to buildmachine + sed -i -e 's:${RECIPE_SYSROOT_NATIVE}::g' \ + ${B}/src/udev/keyboard-keys-from-name.h +} + +INITSCRIPT_NAME = "udev" +INITSCRIPT_PARAMS = "start 04 S ." + +PACKAGES =+ "libudev" +PACKAGES =+ "eudev-hwdb" + + +FILES_${PN} += "${libexecdir} ${nonarch_base_libdir}/udev ${bindir}/udevadm" +FILES_${PN}-dev = "${datadir}/pkgconfig/udev.pc \ + ${includedir}/libudev.h ${libdir}/libudev.so \ + ${includedir}/udev.h ${libdir}/libudev.la \ + ${libdir}/libudev.a ${libdir}/pkgconfig/libudev.pc" +FILES_libudev = "${base_libdir}/libudev.so.*" +FILES_eudev-hwdb = "${sysconfdir}/udev/hwdb.d" + +RDEPENDS_eudev-hwdb += "eudev" + +RPROVIDES_${PN} = "hotplug udev" +RPROVIDES_eudev-hwdb += "udev-hwdb" + +PACKAGE_WRITE_DEPS += "qemu-native" +pkg_postinst_eudev-hwdb () { + if test -n "$D"; then + $INTERCEPT_DIR/postinst_intercept update_udev_hwdb ${PKG} mlprefix=${MLPREFIX} binprefix=${MLPREFIX} + else + udevadm hwdb --update + fi +} + +pkg_prerm_eudev-hwdb () { + rm -f $D${sysconfdir}/udev/hwdb.bin +} -- cgit v1.2.3