pool/qclib
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1120172 from hardware

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1120172
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qclib?expand=0&rev=16
This commit is contained in:
Ana Guerrero 2023-10-26 15:12:03 +00:00 committed by Git OBS Bridge
commit dcba0af4ce
3 changed files with 60 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
qclib-sys-kernel-security-lockdown-enabled.patch Normal file
View File

@ -0,0 +1,51 @@
commit 73f9792009be42fe652ae897d390852f18bf445a
Author: Stefan Raspl <raspl@linux.ibm.com>
Date: Thu Sep 7 22:47:16 2023 +0200
Handle systems with /sys/kernel/security/lockdown enabled
Hypfs becomes inaccessible when /sys/kernel/security/lockdown is enabled, as
is the case with e.g. secure booted systems.
To reproduce, run
echo integrity > /sys/kernel/security/lockdown
Since qclib conceptually only requires access to /proc/sysinfo at a minimum,
we simply skip hypfs in this case.
Signed-off-by: Stefan Raspl <raspl@linux.ibm.com>
diff --git a/query_capacity_hypfs.c b/query_capacity_hypfs.c
index 9845e88b..3907c269 100644
--- a/query_capacity_hypfs.c
+++ b/query_capacity_hypfs.c
@@ -617,7 +617,7 @@ static int qc_read_diag_file(struct qc_handle *hdl, const char *dbgfs, struct hy
out_fail:
free(priv->data);
priv->data = NULL;
- rc = -1;
+ rc = 1;
out:
free(fpath);
@@ -942,14 +942,18 @@ static int qc_hypfs_open(struct qc_handle *hdl, char **buf) {
/* if z/VM diag file exists, the LPAR diag file's content
isn't valid, so we're done after handling the z/VM file */
priv->diag = QC_HYPFS_ZVM;
- if ((rc = qc_read_diag_file(hdl, dbgfs, priv)) != 0)
+ if ((rc = qc_read_diag_file(hdl, dbgfs, priv)) != 0) {
+ rc = 0; // not a fatal error - we just skip this source
goto out;
+ }
priv->avail = HYPFS_AVAIL_BIN_ZVM;
} else {
qc_debug(hdl, "No z/VM diag file found, must be an LPAR\n");
priv->diag = QC_HYPFS_LPAR;
- if ((rc = qc_read_diag_file(hdl, dbgfs, priv)) != 0)
+ if ((rc = qc_read_diag_file(hdl, dbgfs, priv)) != 0) {
+ rc = 0; // not a fatal error - we just skip this source
goto out;
+ }
priv->avail = HYPFS_AVAIL_BIN_LPAR;
}
} else {

6
qclib.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Oct 25 06:16:21 UTC 2023 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Applied a patch(bsc#1216212,bsc#1214466)
* qclib-sys-kernel-security-lockdown-enabled.patch
-------------------------------------------------------------------
Mon Oct 16 11:13:48 UTC 2023 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>

3
qclib.spec
View File

@ -36,6 +36,9 @@ BuildRequires: glibc-devel-static
BuildRequires: glibc-devel
%endif
#
Patch001: qclib-sys-kernel-security-lockdown-enabled.patch
%description
qclib provides a C API for extraction of system information for Linux on z
Systems.