From a4f58851e2120e23427c2982f4da89bf8cbc38fd83f63657e97014382cb0b935 Mon Sep 17 00:00:00 2001
From: Thomas Renninger <trenn@suse.com>
Date: Fri, 23 Jan 2015 12:50:02 +0000
Subject: [PATCH] Accepting request 282545 from home:trenn:branches:Base:System

- Update to version 1.0.8
- Remove patch which got integrated mainline:
  0001-Continue-without-dmi-when-no-SMBIOS-or-SMBIOS-0x0-in.patch
- Fix possible security issue, build service complained about:
  missing-call-to-setgroups-before-setuid
  Add fix_setgroups_missing_call.patch

OBS-URL: https://build.opensuse.org/request/show/282545
OBS-URL: https://build.opensuse.org/package/show/Base:System/mcelog?expand=0&rev=49
---
 ...-dmi-when-no-SMBIOS-or-SMBIOS-0x0-in.patch | 39 -----------
 email.patch                                   | 66 +++++++++----------
 fix_setgroups_missing_call.patch              | 27 ++++++++
 mcelog-1.0.1.tar.bz2                          |  3 -
 mcelog-1.0.8.tar.bz2                          |  3 +
 mcelog.changes                                | 10 +++
 mcelog.spec                                   |  8 +--
 7 files changed, 77 insertions(+), 79 deletions(-)
 delete mode 100644 0001-Continue-without-dmi-when-no-SMBIOS-or-SMBIOS-0x0-in.patch
 create mode 100644 fix_setgroups_missing_call.patch
 delete mode 100644 mcelog-1.0.1.tar.bz2
 create mode 100644 mcelog-1.0.8.tar.bz2

diff --git a/0001-Continue-without-dmi-when-no-SMBIOS-or-SMBIOS-0x0-in.patch b/0001-Continue-without-dmi-when-no-SMBIOS-or-SMBIOS-0x0-in.patch
deleted file mode 100644
index 126e686..0000000
--- a/0001-Continue-without-dmi-when-no-SMBIOS-or-SMBIOS-0x0-in.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From c55a40ab8a2bef21c2cf00ffca1a1f4883192ca9 Mon Sep 17 00:00:00 2001
-From: Julian Wolf <juwolf@suse.com>
-Date: Fri, 4 Jul 2014 13:04:52 +0200
-Subject: [PATCH] Continue without dmi when no SMBIOS or SMBIOS=0x0 in
- /sys/firmware/efi/systab, bnc#829862
-
----
- dmi.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/dmi.c b/dmi.c
-index 373837e..402459a 100644
---- a/dmi.c
-+++ b/dmi.c
-@@ -174,8 +174,10 @@ check_symbol:
- 	if (fclose(efi_systab) != 0)
- 		perror(filename);
- 
--	if (!ret)
--		Eprintf("%s: SMBIOS entry point missing", filename);
-+	if (!ret || !*address){
-+		Lprintf("No valid SMBIOS entry point: Continue without DMI decoding");
-+		return 0;
-+	}
- 
- 	if (verbose)
- 		printf("%s: SMBIOS entry point at 0x%08lx\n", filename,
-@@ -224,6 +226,8 @@ int opendmi(void)
- 		}
- 		a = (struct anchor*)((char*)abase + (entry_point_addr - addr_start));
- 		goto fill_entries;
-+	}else{
-+		return -1;
- 	}
- 
- legacy:
--- 
-1.8.1.4
-
diff --git a/email.patch b/email.patch
index fcaf480..c912ea0 100644
--- a/email.patch
+++ b/email.patch
@@ -7,18 +7,18 @@
  msg.c    |    8 ++
  6 files changed, 343 insertions(+), 2 deletions(-)
 
-Index: mcelog-1.0.1/Makefile
+Index: mcelog-1.0.8/Makefile
 ===================================================================
---- mcelog-1.0.1.orig/Makefile
-+++ mcelog-1.0.1/Makefile
+--- mcelog-1.0.8.orig/Makefile	2014-12-20 19:35:05.000000000 +0100
++++ mcelog-1.0.8/Makefile	2015-01-22 14:55:13.323708502 +0100
 @@ -1,3 +1,4 @@
 +CONFIG_EMAIL := 1
  CFLAGS := -g -Os
  prefix := /usr
  etcprefix :=
-@@ -34,7 +35,8 @@ OBJ := p4.o k8.o mcelog.o dmi.o tsc.o co
+@@ -37,7 +38,8 @@
         client.o cache.o sysfs.o yellow.o page.o rbtree.o 	 \
-        xeon75xx.o sandy-bridge.o ivy-bridge.o msr.o
+        xeon75xx.o sandy-bridge.o ivy-bridge.o haswell.o msr.o bus.o unknown.o
  DISKDB_OBJ := diskdb.o dimm.o db.o
 -CLEAN := mcelog dmi tsc dbquery .depend .depend.X dbquery.o ${DISKDB_OBJ}
 +EMAIL_OBJ := email.o
@@ -26,7 +26,7 @@ Index: mcelog-1.0.1/Makefile
  DOC := mce.pdf
  
  ADD_DEFINES :=
-@@ -46,6 +48,12 @@ OBJ += ${DISKDB_OBJ}
+@@ -49,6 +51,12 @@
  all: dbquery
  endif
  
@@ -39,10 +39,10 @@ Index: mcelog-1.0.1/Makefile
  SRC := $(OBJ:.o=.c)
  
  mcelog: ${OBJ}
-Index: mcelog-1.0.1/email.c
+Index: mcelog-1.0.8/email.c
 ===================================================================
---- /dev/null
-+++ mcelog-1.0.1/email.c
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ mcelog-1.0.8/email.c	2015-01-22 14:55:13.327708502 +0100
 @@ -0,0 +1,199 @@
 +#include <unistd.h>
 +#include <signal.h>
@@ -243,10 +243,10 @@ Index: mcelog-1.0.1/email.c
 +	smtp_destroy_session (session);
 +	return 0;
 +}
-Index: mcelog-1.0.1/email.h
+Index: mcelog-1.0.8/email.h
 ===================================================================
---- /dev/null
-+++ mcelog-1.0.1/email.h
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ mcelog-1.0.8/email.h	2015-01-22 14:55:13.331708502 +0100
 @@ -0,0 +1,34 @@
 +#ifndef _MCELOG_EMAIL_H_
 +#define _MCELOG_EMAIL_H_
@@ -282,10 +282,10 @@ Index: mcelog-1.0.1/email.h
 +#endif
 +
 +#endif
-Index: mcelog-1.0.1/mcelog.c
+Index: mcelog-1.0.8/mcelog.c
 ===================================================================
---- mcelog-1.0.1.orig/mcelog.c
-+++ mcelog-1.0.1/mcelog.c
+--- mcelog-1.0.8.orig/mcelog.c	2014-12-20 19:35:05.000000000 +0100
++++ mcelog-1.0.8/mcelog.c	2015-01-22 14:55:13.335708502 +0100
 @@ -37,6 +37,7 @@
  #include <assert.h>
  #include <signal.h>
@@ -294,9 +294,9 @@ Index: mcelog-1.0.1/mcelog.c
  #include <fnmatch.h>
  #include "mcelog.h"
  #include "paths.h"
-@@ -59,6 +60,9 @@
- #include "yellow.h"
- #include "page.h"
+@@ -61,6 +62,9 @@
+ #include "bus.h"
+ #include "unknown.h"
  
 +#include "email.h"
 +int email_mode;
@@ -304,7 +304,7 @@ Index: mcelog-1.0.1/mcelog.c
  enum cputype cputype = CPU_GENERIC;	
  
  char *logfn = LOG_DEV_FILENAME; 
-@@ -70,7 +74,7 @@ static double cpumhz;
+@@ -72,7 +76,7 @@
  static int cpumhz_forced;
  int ascii_mode;
  int dump_raw_ascii;
@@ -313,7 +313,7 @@ Index: mcelog-1.0.1/mcelog.c
  static char *inputfile;
  char *processor_flags;
  static int foreground;
-@@ -928,6 +932,7 @@ void usage(void)
+@@ -944,6 +948,7 @@
  "--pidfile file	     Write pid of daemon into file\n"
  "--no-imc-log	     Disable extended iMC logging\n"
  		);
@@ -321,7 +321,7 @@ Index: mcelog-1.0.1/mcelog.c
  	diskdb_usage();
  	print_cputypes();
  	exit(1);
-@@ -995,6 +1000,7 @@ static struct option options[] = {
+@@ -1011,6 +1016,7 @@
  	{ "debug-numerrors", 0, NULL, O_DEBUG_NUMERRORS }, /* undocumented: for testing */
  	{ "no-imc-log", 0, NULL, O_NO_IMC_LOG },
  	DISKDB_OPTIONS
@@ -329,7 +329,7 @@ Index: mcelog-1.0.1/mcelog.c
  	{}
  };
  
-@@ -1170,11 +1176,86 @@ static void drop_cred(void)
+@@ -1188,11 +1194,86 @@
  	}
  }
  
@@ -416,7 +416,7 @@ Index: mcelog-1.0.1/mcelog.c
  
  	if (recordlen == 0) {
  		Wprintf("no data in mce record\n");
-@@ -1201,12 +1282,16 @@ static void process(int fd, unsigned rec
+@@ -1219,12 +1300,16 @@
  			finish = 1;
  		if (!mce_filter(mce, recordlen)) 
  			continue;
@@ -433,7 +433,7 @@ Index: mcelog-1.0.1/mcelog.c
  		flushlog();
  	}
  
-@@ -1317,6 +1402,8 @@ int main(int ac, char **av)
+@@ -1335,6 +1420,8 @@
  			exit(0);
  		} else if (diskdb_cmd(opt, ac, av)) {
  			exit(0);
@@ -442,7 +442,7 @@ Index: mcelog-1.0.1/mcelog.c
  		} else if (opt == 0)
  			break;		    
  	} 
-@@ -1345,6 +1432,10 @@ int main(int ac, char **av)
+@@ -1363,6 +1450,10 @@
  		logfn = av[optind++];
  	if (av[optind])
  		usage();
@@ -453,11 +453,11 @@ Index: mcelog-1.0.1/mcelog.c
  	checkdmi();
  	general_setup();
  		
-Index: mcelog-1.0.1/mcelog.h
+Index: mcelog-1.0.8/mcelog.h
 ===================================================================
---- mcelog-1.0.1.orig/mcelog.h
-+++ mcelog-1.0.1/mcelog.h
-@@ -123,6 +123,7 @@ enum cputype {
+--- mcelog-1.0.8.orig/mcelog.h	2014-12-20 19:35:05.000000000 +0100
++++ mcelog-1.0.8/mcelog.h	2015-01-22 14:55:13.339708502 +0100
+@@ -125,6 +125,7 @@
  enum option_ranges {
  	O_COMMON = 500,
  	O_DISKDB = 1000,
@@ -465,10 +465,10 @@ Index: mcelog-1.0.1/mcelog.h
  };
  
  enum syslog_opt { 
-Index: mcelog-1.0.1/msg.c
+Index: mcelog-1.0.8/msg.c
 ===================================================================
---- mcelog-1.0.1.orig/msg.c
-+++ mcelog-1.0.1/msg.c
+--- mcelog-1.0.8.orig/msg.c	2014-12-20 19:35:05.000000000 +0100
++++ mcelog-1.0.8/msg.c	2015-01-22 14:55:13.343708502 +0100
 @@ -8,10 +8,13 @@
  #include "mcelog.h"
  #include "msg.h"
@@ -483,7 +483,7 @@ Index: mcelog-1.0.1/msg.c
  static char *output_fn;
  
  int need_stdout(void)
-@@ -135,6 +138,11 @@ int Wprintf(char *fmt, ...)
+@@ -135,6 +138,11 @@
  		n = vfprintf(output_fh ? output_fh : stdout, fmt, ap);
  		va_end(ap);
  	}
diff --git a/fix_setgroups_missing_call.patch b/fix_setgroups_missing_call.patch
new file mode 100644
index 0000000..1dd46e6
--- /dev/null
+++ b/fix_setgroups_missing_call.patch
@@ -0,0 +1,27 @@
+Index: mcelog-1.0.8/mcelog.c
+===================================================================
+--- mcelog-1.0.8.orig/mcelog.c	2015-01-22 14:56:56.151710136 +0100
++++ mcelog-1.0.8/mcelog.c	2015-01-23 09:58:35.252799171 +0100
+@@ -37,6 +37,7 @@
+ #include <assert.h>
+ #include <signal.h>
+ #include <pwd.h>
++#include <grp.h>
+ #include <sys/wait.h>
+ #include <fnmatch.h>
+ #include "mcelog.h"
+@@ -1185,6 +1186,14 @@
+ 
+ static void drop_cred(void)
+ {
++	/* When dropping privileges from root, the `setgroups` call will
++	 * remove any extraneous groups. If we don't call this, then
++	 * even though our uid has dropped, we may still have groups
++	 * that enable us to do super-user things. This will fail if we
++	 * aren't root, so don't bother checking the return value, this
++	 * is just done as an optimistic privilege dropping function.
++	 */
++	setgroups(0, NULL);
+ 	if (runcred.uid != -1U && runcred.gid == -1U) {
+ 		struct passwd *pw = getpwuid(runcred.uid);
+ 		if (pw)
diff --git a/mcelog-1.0.1.tar.bz2 b/mcelog-1.0.1.tar.bz2
deleted file mode 100644
index 2b2a9cc..0000000
--- a/mcelog-1.0.1.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:fc82eda0f24bcf523be13ada4c8a77b6be7ba5bfc903c4a5d2bcb79ae25bbaa8
-size 274550
diff --git a/mcelog-1.0.8.tar.bz2 b/mcelog-1.0.8.tar.bz2
new file mode 100644
index 0000000..9cf1d31
--- /dev/null
+++ b/mcelog-1.0.8.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7185b745b7ec4510f1e6ba75a03a5ee9ea9f41e6c088475574e24118e27fb825
+size 277189
diff --git a/mcelog.changes b/mcelog.changes
index 8d66683..96abb4d 100644
--- a/mcelog.changes
+++ b/mcelog.changes
@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Fri Jan 23 11:04:40 UTC 2015 - trenn@suse.de
+
+- Update to version 1.0.8
+- Remove patch which got integrated mainline:
+  0001-Continue-without-dmi-when-no-SMBIOS-or-SMBIOS-0x0-in.patch
+- Fix possible security issue, build service complained about:
+  missing-call-to-setgroups-before-setuid
+  Add fix_setgroups_missing_call.patch
+
 -------------------------------------------------------------------
 Fri Nov 14 18:25:22 UTC 2014 - crrodriguez@opensuse.org
 
diff --git a/mcelog.spec b/mcelog.spec
index ca00b82..90f2e16 100644
--- a/mcelog.spec
+++ b/mcelog.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package mcelog
 #
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@ Name:           mcelog
 Summary:        Log Machine Check Events
 License:        GPL-2.0
 Group:          System/Monitoring
-Version:        1.0.1
+Version:        1.0.8
 Release:        0
 ExclusiveArch:  %{ix86} x86_64
 BuildRequires:  libesmtp-devel
@@ -43,8 +43,8 @@ Patch7:         patches/add-f12h-support.patch
 Patch8:         patches/add-f14h-support.patch
 Patch9:         patches/add-f15h-support.patch
 Patch10:        patches/add-f16h-support.patch
-Patch11:        0001-Continue-without-dmi-when-no-SMBIOS-or-SMBIOS-0x0-in.patch
-Patch12:        mcelog-socket-path.patch
+Patch11:        mcelog-socket-path.patch
+Patch12:        fix_setgroups_missing_call.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         %fillup_prereq
 Url:            https://git.kernel.org/cgit/utils/cpu/mce/mcelog.git