From c9da5cd5a9e93ca4b8dfa8a3acc749fc6ab8ad76287ac4a382daac296810dfca Mon Sep 17 00:00:00 2001 From: Christian Goll Date: Thu, 31 Jan 2019 11:56:59 +0000 Subject: [PATCH] Accepting request 670322 from home:eeich:branches:network:cluster - Update to version 18.08.05: * Add mitigation for a potential heap overflow on 32-bit systems in xmalloc. (CVE-2019-6438, bsc#1123304). * Other fixes: + Backfill - If a job has a time_limit guess the end time of a job better if OverTimeLimit is Unlimited. + Fix "sacctmgr show events event=cluster" + Fix sacctmgr show runawayjobs from sibling cluster + Avoid bit offset of -1 in call to bit_nclear(). + Insure that "hbm" is a configured GresType on knl systems. + Fix NodeFeaturesPlugins=node_features/knl_generic to allow other gres other than knl. + cons_res: Prevent overflow on multiply. + Better debug for bad values in gres.conf. + Fix double accounting of energy at end of job. + Read gres.conf for cloud nodes on slurmctld. + Don't assume the first node of a job is the batch host when purging jobs from a node. + Better debugging when a job doesn't have a job_resrcs ptr. + Store ave watts in energy plugins. + Add XCC plugin for reading Lenovo Power. + Fix minor memory leak when scheduling rebootable nodes. + Fix debug2 prefix for sched log. + Fix printing correct SLURM_JOB_ACCOUNT_PACK_GROUP_* in env for a Het Job. + sbatch - search current working directory first for job script. + Make it so held jobs reset the AccrueTime and do not count against any AccrueTime limits. + Add SchedulerParameters option of bf_hetjob_prio=[min|avg|max] to alter the job sorting algorithm for scheduling heterogeneous jobs. + Fix initialization of assoc_mgr_locks and slurmctld_locks lock OBS-URL: https://build.opensuse.org/request/show/670322 OBS-URL: https://build.opensuse.org/package/show/network:cluster/slurm?expand=0&rev=83 --- ...-the-fix-for-CVE-2019-6438-750cc23ed.patch | 24 +++++++ slurm-18.08.4.tar.bz2 | 3 - slurm-18.08.5.tar.bz2 | 3 + slurm.changes | 68 +++++++++++++++++++ slurm.spec | 10 ++- 5 files changed, 102 insertions(+), 6 deletions(-) create mode 100644 Fix-contrib-perlapi-to-build-with-the-fix-for-CVE-2019-6438-750cc23ed.patch delete mode 100644 slurm-18.08.4.tar.bz2 create mode 100644 slurm-18.08.5.tar.bz2 diff --git a/Fix-contrib-perlapi-to-build-with-the-fix-for-CVE-2019-6438-750cc23ed.patch b/Fix-contrib-perlapi-to-build-with-the-fix-for-CVE-2019-6438-750cc23ed.patch new file mode 100644 index 0000000..32dcb2e --- /dev/null +++ b/Fix-contrib-perlapi-to-build-with-the-fix-for-CVE-2019-6438-750cc23ed.patch @@ -0,0 +1,24 @@ +From: Egbert Eich +Date: Thu Jan 31 11:05:30 2019 +0100 +Subject: Fix contrib/perlapi to build with the fix for CVE-2019-6438 (750cc23ed). +Patch-mainline: Not yet +Git-commit: a4a7f25dcb7d4387daa4367dd3c040f84b5e6f61 +References: + +Signed-off-by: Egbert Eich +--- + slurm-18.08.5/contribs/perlapi/libslurm/perl/slurm-perl.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) +diff --git a/slurm-18.08.5/contribs/perlapi/libslurm/perl/slurm-perl.h b/slurm-18.08.5/contribs/perlapi/libslurm/perl/slurm-perl.h +index 58df275..d4adbfe 100644 +--- a/contribs/perlapi/libslurm/perl/slurm-perl.h ++++ b/contribs/perlapi/libslurm/perl/slurm-perl.h +@@ -17,7 +17,7 @@ + #endif + + extern void slurm_xfree(void **, const char *, int, const char *); +-extern void *slurm_xmalloc(size_t, bool, const char *, int, const char *); ++extern void *slurm_xmalloc(uint64_t, bool, const char *, int, const char *); + + extern void slurm_api_clear_config(void); + diff --git a/slurm-18.08.4.tar.bz2 b/slurm-18.08.4.tar.bz2 deleted file mode 100644 index 3f317fd..0000000 --- a/slurm-18.08.4.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d215ef87481e48032ac7c3bcf61aac40b5258dedfbab3f56af5d53d59f22b4c8 -size 6069605 diff --git a/slurm-18.08.5.tar.bz2 b/slurm-18.08.5.tar.bz2 new file mode 100644 index 0000000..42db71f --- /dev/null +++ b/slurm-18.08.5.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:13f7a00adcf0aebb8b0409d4a07075918c9c39e00b4b1d382a119a9b9c019486 +size 6169479 diff --git a/slurm.changes b/slurm.changes index f93c247..489e7f2 100644 --- a/slurm.changes +++ b/slurm.changes @@ -1,3 +1,71 @@ +------------------------------------------------------------------- +Thu Jan 31 09:00:06 UTC 2019 - eich@suse.com + +- Update to version 18.08.05: + * Add mitigation for a potential heap overflow on 32-bit systems in xmalloc. + (CVE-2019-6438, bsc#1123304). + * Other fixes: + + Backfill - If a job has a time_limit guess the end time of a job better + if OverTimeLimit is Unlimited. + + Fix "sacctmgr show events event=cluster" + + Fix sacctmgr show runawayjobs from sibling cluster + + Avoid bit offset of -1 in call to bit_nclear(). + + Insure that "hbm" is a configured GresType on knl systems. + + Fix NodeFeaturesPlugins=node_features/knl_generic to allow other gres + other than knl. + + cons_res: Prevent overflow on multiply. + + Better debug for bad values in gres.conf. + + Fix double accounting of energy at end of job. + + Read gres.conf for cloud nodes on slurmctld. + + Don't assume the first node of a job is the batch host when purging jobs + from a node. + + Better debugging when a job doesn't have a job_resrcs ptr. + + Store ave watts in energy plugins. + + Add XCC plugin for reading Lenovo Power. + + Fix minor memory leak when scheduling rebootable nodes. + + Fix debug2 prefix for sched log. + + Fix printing correct SLURM_JOB_ACCOUNT_PACK_GROUP_* in env for a Het Job. + + sbatch - search current working directory first for job script. + + Make it so held jobs reset the AccrueTime and do not count against any + AccrueTime limits. + + Add SchedulerParameters option of bf_hetjob_prio=[min|avg|max] to alter + the job sorting algorithm for scheduling heterogeneous jobs. + + Fix initialization of assoc_mgr_locks and slurmctld_locks lock + structures. + + Fix segfault with job arrays using X11 forwarding. + + Revert regression caused by e0ee1c7054 which caused negative values and + values starting with a decimal to be invalid for PriorityWeightTRES and + TRESBillingWeight. + + Fix possibility to update a job's reservation to none. + + Suppress connection errors to primary slurmdbd when backup dbd is active. + + Suppress connection errors to primary db when backup db kicks in + + Add missing fields for sacct --completion when using jobcomp/filetxt. + + Fix incorrect values set for UserCPU, SystemCPU, and TotalCPU sacct + fields when JobAcctGatherType=jobacct_gather/cgroup. + + Fixed srun from double printing invalid option msg twice. + + Remove unused -b flag from getopt call in sbatch. + + Disable reporting of node TRES in sreport. + + Re-enabling features combined by OR within parenthesis for non-knl + setups. + + Prevent sending duplicate requests to reboot a node before ResumeTimeout. + + Down nodes that don't reboot by ResumeTimeout. + + Update seff to reflect API change from rss_max to tres_usage_in_max. + + Add missing TRES constants from perl API. + + Fix issue where sacct would return incorrect array tasks when querying + specific tasks. + + Add missing variables to slurmdb_stats_t in the perlapi. + + Fix nodes not getting reboot RPC when job requires reboot of nodes. + + Fix failing update the partition list of a job. + + Use slurm.conf gres ids instead of gres.conf names to get a gres type + name. + * Disable + slurmctld-rerun-agent_init-when-backup-controller-takes-over.patch: + Believed to be fixed by commit c1a537dbbe6 + See: https://bugs.schedmd.com/show_bug.cgi?id=5511 + * Add + Fix-contrib-perlapi-to-build-with-the-fix-for-CVE-2019-6438-750cc23ed.patch: + Fix fallout from 750cc23ed for CVE-2019-6438. + ------------------------------------------------------------------- Thu Dec 13 10:07:00 UTC 2018 - cgoll@suse.com - Update to 18.08.04, with following highlights diff --git a/slurm.spec b/slurm.spec index ef3ab4c..80592b4 100644 --- a/slurm.spec +++ b/slurm.spec @@ -12,13 +12,13 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # # Check file META in sources: update so_version to (API_CURRENT - API_AGE) %define so_version 33 -%define ver 18.08.4 +%define ver 18.08.5 # so-version is 0 and seems to be stable %define pmi_so 0 @@ -77,6 +77,7 @@ Patch9: slurmctld-rerun-agent_init-when-backup-controller-takes-over.pat Patch10: pam_slurm_adopt-avoid-running-outside-of-the-sshd-PA.patch Patch11: pam_slurm_adopt-send_user_msg-don-t-copy-undefined-d.patch Patch12: pam_slurm_adopt-use-uid-to-determine-whether-root-is.patch +Patch130: Fix-contrib-perlapi-to-build-with-the-fix-for-CVE-2019-6438-750cc23ed.patch Requires: slurm-config = %{version} Requires: slurm-node = %{version} @@ -351,10 +352,12 @@ Man pages for the SLURM cluster managment software config files. %patch6 -p1 %patch7 -p1 %patch8 -p1 -%patch9 -p1 +# Drop this fix as it is considered to be resolved by c1a537dbbe6 +##%patch9 -p1 %patch10 -p1 %patch11 -p1 %patch12 -p1 +%patch130 -p1 %build %configure --enable-shared \ @@ -878,6 +881,7 @@ exit 0 %endif %endif %{_libdir}/slurm/node_features_knl_generic.so +%{_libdir}/slurm/acct_gather_energy_xcc.so %files lua %{_libdir}/slurm/job_submit_lua.so