- Import a better fix from upstream for bsc#1001765

- Added:
    0001-pid1-more-informative-error-message-for-ignored-noti.patch
    0001-pid1-process-zero-length-notification-messages-again.patch
  - Updated (no code changes, only patch metadata)
    0001-If-the-notification-message-length-is-0-ignore-the-m.patch
    0001-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=958
This commit is contained in:
Franck Bui 2016-09-30 06:17:15 +00:00 committed by Git OBS Bridge
parent f782e8dfea
commit c385bc66e2
8 changed files with 169 additions and 8 deletions

View File

@ -1,4 +1,4 @@
From 531ac2b2349da02acc9c382849758e07eb92b020 Mon Sep 17 00:00:00 2001 From ddcd0b726adfd78260ec3d6a446800d85980069e Mon Sep 17 00:00:00 2001
From: Jorge Niedbalski <jorge.niedbalski@canonical.com> From: Jorge Niedbalski <jorge.niedbalski@canonical.com>
Date: Wed, 28 Sep 2016 18:25:50 -0300 Date: Wed, 28 Sep 2016 18:25:50 -0300
Subject: [PATCH 1/1] If the notification message length is 0, ignore the Subject: [PATCH 1/1] If the notification message length is 0, ignore the
@ -7,15 +7,16 @@ Subject: [PATCH 1/1] If the notification message length is 0, ignore the
Fixes #4234. Fixes #4234.
Signed-off-by: Jorge Niedbalski <jnr@metaklass.org> Signed-off-by: Jorge Niedbalski <jnr@metaklass.org>
(cherry picked from commit 531ac2b2349da02acc9c382849758e07eb92b020)
--- ---
src/core/manager.c | 4 ++++ src/core/manager.c | 4 ++++
1 file changed, 4 insertions(+) 1 file changed, 4 insertions(+)
diff --git a/src/core/manager.c b/src/core/manager.c diff --git a/src/core/manager.c b/src/core/manager.c
index fa8deb9..43e231c 100644 index 229cb31..56ca9cf 100644
--- a/src/core/manager.c --- a/src/core/manager.c
+++ b/src/core/manager.c +++ b/src/core/manager.c
@@ -1721,6 +1721,10 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t @@ -1565,6 +1565,10 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
return -errno; return -errno;
} }

View File

@ -1,22 +1,24 @@
From c47885438517ac77ee34a30ee3d09e5deb9968f6 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com> From: Franck Bui <fbui@suse.com>
Date: Thu, 29 Sep 2016 11:59:49 +0200 Date: Thu, 29 Sep 2016 19:44:34 +0200
Subject: [PATCH 1/1] pid1: don't return any error in Subject: [PATCH 1/1] pid1: don't return any error in
manager_dispatch_notify_fd() manager_dispatch_notify_fd() (#4240)
If manager_dispatch_notify_fd() fails and returns an error then the handling of If manager_dispatch_notify_fd() fails and returns an error then the handling of
service notifications will be disabled entirely leading to a compromised system. service notifications will be disabled entirely leading to a compromised system.
For example pid1 won't be able to receive the WATCHDOG messages anymore and For example pid1 won't be able to receive the WATCHDOG messages anymore and
will kill all services supposed to send such messages. will kill all services supposed to send such messages.
(cherry picked from commit 9987750e7a4c62e0eb8473603150596ba7c3a015)
--- ---
src/core/manager.c | 13 +++++++++---- src/core/manager.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-) 1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/core/manager.c b/src/core/manager.c diff --git a/src/core/manager.c b/src/core/manager.c
index 43e231c..5704005 100644 index 56ca9cf..06d78e4 100644
--- a/src/core/manager.c --- a/src/core/manager.c
+++ b/src/core/manager.c +++ b/src/core/manager.c
@@ -1716,10 +1716,14 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t @@ -1560,10 +1560,14 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC); n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
if (n < 0) { if (n < 0) {
@ -34,7 +36,7 @@ index 43e231c..5704005 100644
} }
if (n == 0) { if (n == 0) {
log_debug("Got zero-length notification message. Ignoring."); log_debug("Got zero-length notification message. Ignoring.");
@@ -1746,7 +1750,8 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t @@ -1590,7 +1594,8 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
r = fdset_new_array(&fds, fd_array, n_fds); r = fdset_new_array(&fds, fd_array, n_fds);
if (r < 0) { if (r < 0) {
close_many(fd_array, n_fds); close_many(fd_array, n_fds);

View File

@ -0,0 +1,38 @@
From eb54b43fe31392c9f77505d8f9cd86d1f050b49d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 29 Sep 2016 16:07:41 +0200
Subject: [PATCH 1/1] pid1: more informative error message for ignored
notifications
It's probably easier to diagnose a bad notification message if the
contents are printed. But still, do anything only if debugging is on.
(cherry picked from commit a86b76753d7868c2d05f046f601bc7dc89fc2203)
---
src/core/manager.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 58d346e..0d0158a 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1516,8 +1516,14 @@ static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const
if (UNIT_VTABLE(u)->notify_message)
UNIT_VTABLE(u)->notify_message(u, pid, tags, fds);
- else
- log_unit_debug(u, "Got notification message for unit. Ignoring.");
+ else if (_unlikely_(log_get_max_level() >= LOG_DEBUG)) {
+ _cleanup_free_ char *x = NULL, *y = NULL;
+
+ x = cescape(buf);
+ if (x)
+ y = ellipsize(x, 20, 90);
+ log_unit_debug(u, "Got notification message \"%s\", ignoring.", strnull(y));
+ }
}
static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
--
2.10.0

View File

@ -0,0 +1,82 @@
From 98c4bab7add94bdfb6cc238376c47a9c73a4fe39 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 29 Sep 2016 16:06:02 +0200
Subject: [PATCH 1/1] pid1: process zero-length notification messages again
This undoes 531ac2b234. I acked that patch without looking at the code
carefully enough. There are two problems:
- we want to process the fds anyway
- in principle empty notification messages are valid, and we should
process them as usual, including logging using log_unit_debug().
(cherry picked from commit 8523bf7dd514a3a2c6114b7b8fb8f308b4f09fc4)
[fbui: adjust context]
---
src/core/manager.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 06d78e4..58d346e 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1501,13 +1501,12 @@ static unsigned manager_dispatch_dbus_queue(Manager *m) {
return n;
}
-static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const char *buf, size_t n, FDSet *fds) {
+static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const char *buf, FDSet *fds) {
_cleanup_strv_free_ char **tags = NULL;
assert(m);
assert(u);
assert(buf);
- assert(n > 0);
tags = strv_split(buf, "\n\r");
if (!tags) {
@@ -1569,10 +1568,6 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
* example... */
return 0;
}
- if (n == 0) {
- log_debug("Got zero-length notification message. Ignoring.");
- return 0;
- }
CMSG_FOREACH(cmsg, &msghdr) {
if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
@@ -1609,25 +1604,27 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
return 0;
}
+ /* The message should be a string. Here we make sure it's NUL-terminated,
+ * but only the part until first NUL will be used anyway. */
buf[n] = 0;
/* Notify every unit that might be interested, but try
* to avoid notifying the same one multiple times. */
u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid);
if (u1) {
- manager_invoke_notify_message(m, u1, ucred->pid, buf, n, fds);
+ manager_invoke_notify_message(m, u1, ucred->pid, buf, fds);
found = true;
}
u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(ucred->pid));
if (u2 && u2 != u1) {
- manager_invoke_notify_message(m, u2, ucred->pid, buf, n, fds);
+ manager_invoke_notify_message(m, u2, ucred->pid, buf, fds);
found = true;
}
u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(ucred->pid));
if (u3 && u3 != u2 && u3 != u1) {
- manager_invoke_notify_message(m, u3, ucred->pid, buf, n, fds);
+ manager_invoke_notify_message(m, u3, ucred->pid, buf, fds);
found = true;
}
--
2.10.0

View File

@ -1,3 +1,18 @@
-------------------------------------------------------------------
Fri Sep 30 06:07:06 UTC 2016 - fbui@suse.com
- Import a better fix from upstream for bsc#1001765
- Added:
0001-pid1-more-informative-error-message-for-ignored-noti.patch
0001-pid1-process-zero-length-notification-messages-again.patch
- Updated (no code changes, only patch metadata)
0001-If-the-notification-message-length-is-0-ignore-the-m.patch
0001-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Sep 29 13:05:44 UTC 2016 - fbui@suse.com Thu Sep 29 13:05:44 UTC 2016 - fbui@suse.com

View File

@ -270,6 +270,8 @@ Patch533: 0001-journal-warn-when-we-fail-to-append-a-tag-to-a-journ.patch
Patch534: 0001-journal-fix-HMAC-calculation-when-appending-a-data-o.patch Patch534: 0001-journal-fix-HMAC-calculation-when-appending-a-data-o.patch
Patch535: 0001-If-the-notification-message-length-is-0-ignore-the-m.patch Patch535: 0001-If-the-notification-message-length-is-0-ignore-the-m.patch
Patch536: 0001-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch Patch536: 0001-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch
Patch537: 0001-pid1-process-zero-length-notification-messages-again.patch
Patch538: 0001-pid1-more-informative-error-message-for-ignored-noti.patch
# UDEV PATCHES # UDEV PATCHES
# ============ # ============
@ -621,6 +623,8 @@ cp %{SOURCE7} m4/
%patch534 -p1 %patch534 -p1
%patch535 -p1 %patch535 -p1
%patch536 -p1 %patch536 -p1
%patch537 -p1
%patch538 -p1
# udev patches # udev patches
%patch1002 -p1 %patch1002 -p1

View File

@ -1,3 +1,18 @@
-------------------------------------------------------------------
Fri Sep 30 06:07:06 UTC 2016 - fbui@suse.com
- Import a better fix from upstream for bsc#1001765
- Added:
0001-pid1-more-informative-error-message-for-ignored-noti.patch
0001-pid1-process-zero-length-notification-messages-again.patch
- Updated (no code changes, only patch metadata)
0001-If-the-notification-message-length-is-0-ignore-the-m.patch
0001-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Sep 29 13:05:44 UTC 2016 - fbui@suse.com Thu Sep 29 13:05:44 UTC 2016 - fbui@suse.com

View File

@ -265,6 +265,8 @@ Patch533: 0001-journal-warn-when-we-fail-to-append-a-tag-to-a-journ.patch
Patch534: 0001-journal-fix-HMAC-calculation-when-appending-a-data-o.patch Patch534: 0001-journal-fix-HMAC-calculation-when-appending-a-data-o.patch
Patch535: 0001-If-the-notification-message-length-is-0-ignore-the-m.patch Patch535: 0001-If-the-notification-message-length-is-0-ignore-the-m.patch
Patch536: 0001-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch Patch536: 0001-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch
Patch537: 0001-pid1-process-zero-length-notification-messages-again.patch
Patch538: 0001-pid1-more-informative-error-message-for-ignored-noti.patch
# UDEV PATCHES # UDEV PATCHES
# ============ # ============
@ -616,6 +618,8 @@ cp %{SOURCE7} m4/
%patch534 -p1 %patch534 -p1
%patch535 -p1 %patch535 -p1
%patch536 -p1 %patch536 -p1
%patch537 -p1
%patch538 -p1
# udev patches # udev patches
%patch1002 -p1 %patch1002 -p1