From a69e46048010f436a894c65dcc4d406fac2ecf809a771beded6621b88f2b32e7 Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Thu, 3 Jul 2014 13:01:21 +0000 Subject: [PATCH] . OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=703 --- 0001-parse_uid-return-ENXIO-for-1-uids.patch | 45 +++++++++++ ...ping-strings-don-t-allow-smuggling-i.patch | 74 +++++++++++++++++++ ...onsider-an-unset-model-as-a-wildcard.patch | 39 ++++++++++ ...vent-loop-terminates-explicitly-clos.patch | 27 +++++++ ...idering-UID-0xFFFF-and-0xFFFFFFFF-va.patch | 2 +- ...s-close-a-bus-that-failed-to-connect.patch | 28 +++++++ ...ink-builtin-should-print-the-reason-.patch | 61 +++++++++++++++ systemd-mini.changes | 11 +++ systemd-mini.spec | 19 +++++ systemd.changes | 11 +++ systemd.spec | 19 +++++ 11 files changed, 335 insertions(+), 1 deletion(-) create mode 100644 0001-parse_uid-return-ENXIO-for-1-uids.patch create mode 100644 0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch create mode 100644 0003-localed-consider-an-unset-model-as-a-wildcard.patch create mode 100644 0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch create mode 100644 0005-bus-close-a-bus-that-failed-to-connect.patch create mode 100644 1047-udev-net_setup_link-builtin-should-print-the-reason-.patch diff --git a/0001-parse_uid-return-ENXIO-for-1-uids.patch b/0001-parse_uid-return-ENXIO-for-1-uids.patch new file mode 100644 index 00000000..bc23d1a9 --- /dev/null +++ b/0001-parse_uid-return-ENXIO-for-1-uids.patch @@ -0,0 +1,45 @@ +From f841a154efbb3162d2a732936f031ac7a6b0d4cf Mon Sep 17 00:00:00 2001 +From: Kay Sievers +Date: Tue, 1 Jul 2014 16:00:05 +0200 +Subject: [PATCH] parse_uid: return -ENXIO for -1 uids + +--- + src/shared/audit.c | 3 --- + src/shared/util.c | 4 ++-- + 2 files changed, 2 insertions(+), 5 deletions(-) + +diff --git src/shared/audit.c src/shared/audit.c +index 5466447..f101050 100644 +--- src/shared/audit.c ++++ src/shared/audit.c +@@ -77,9 +77,6 @@ int audit_loginuid_from_pid(pid_t pid, uid_t *uid) { + if (r < 0) + return r; + +- if (u == (uid_t) -1) +- return -ENXIO; +- + *uid = (uid_t) u; + return 0; + } +diff --git src/shared/util.c src/shared/util.c +index e75f6c9..9b5a47a 100644 +--- src/shared/util.c ++++ src/shared/util.c +@@ -282,11 +282,11 @@ int parse_uid(const char *s, uid_t* ret_uid) { + + /* Some libc APIs use (uid_t) -1 as special placeholder */ + if (uid == (uid_t) 0xFFFFFFFF) +- return -EINVAL; ++ return -ENXIO; + + /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */ + if (uid == (uid_t) 0xFFFF) +- return -EINVAL; ++ return -ENXIO; + + *ret_uid = uid; + return 0; +-- +1.7.9.2 + diff --git a/0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch b/0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch new file mode 100644 index 00000000..b202ce37 --- /dev/null +++ b/0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch @@ -0,0 +1,74 @@ +Based on e0a33e7ba619eb44f732aaf23cb249fa43d0ce8d Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 2 Jul 2014 13:42:25 +0200 +Subject: [PATCH] util: when unescaping strings, don't allow smuggling in of + additional NUL bytes + +Better safe than sorry. +--- + src/shared/util.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git src/shared/util.c src/shared/util.c +index ceafa01..4ad3f20 100644 +--- src/shared/util.c ++++ src/shared/util.c +@@ -1256,7 +1256,7 @@ char *cunescape_length_with_prefix(const char *s, size_t length, const char *pre + a = unhexchar(f[1]); + b = unhexchar(f[2]); + +- if (a < 0 || b < 0) { ++ if (a < 0 || b < 0 || (a == 0 && b == 0)) { + /* Invalid escape code, let's take it literal then */ + *(t++) = '\\'; + *(t++) = 'x'; +@@ -1283,7 +1283,7 @@ char *cunescape_length_with_prefix(const char *s, size_t length, const char *pre + b = unoctchar(f[1]); + c = unoctchar(f[2]); + +- if (a < 0 || b < 0 || c < 0) { ++ if (a < 0 || b < 0 || c < 0 || (a == 0 && b == 0 && c == 0)) { + /* Invalid escape code, let's take it literal then */ + *(t++) = '\\'; + *(t++) = f[0]; +@@ -1566,8 +1566,7 @@ int chvt(int vt) { + + int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) { + struct termios old_termios, new_termios; +- char c; +- char line[LINE_MAX]; ++ char c, line[LINE_MAX]; + + assert(f); + assert(ret); +@@ -1604,9 +1603,10 @@ int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) { + } + } + +- if (t != (usec_t) -1) ++ if (t != (usec_t) -1) { + if (fd_wait_for_event(fileno(f), POLLIN, t) <= 0) + return -ETIMEDOUT; ++ } + + if (!fgets(line, sizeof(line), f)) + return -EIO; +@@ -1624,6 +1624,7 @@ int read_one_char(FILE *f, char *ret, usec_t t, bool *need_nl) { + } + + int ask(char *ret, const char *replies, const char *text, ...) { ++ int r; + + assert(ret); + assert(replies); +@@ -1632,7 +1633,6 @@ int ask(char *ret, const char *replies, const char *text, ...) { + for (;;) { + va_list ap; + char c; +- int r; + bool need_nl = true; + + if (on_tty()) +-- +1.7.9.2 + diff --git a/0003-localed-consider-an-unset-model-as-a-wildcard.patch b/0003-localed-consider-an-unset-model-as-a-wildcard.patch new file mode 100644 index 00000000..3fbdb74e --- /dev/null +++ b/0003-localed-consider-an-unset-model-as-a-wildcard.patch @@ -0,0 +1,39 @@ +From 387066c2e5bda159201896b194711965b52f34a9 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Fri, 30 May 2014 18:20:16 +0200 +Subject: [PATCH] localed: consider an unset model as a wildcard + +--- + src/locale/localed.c | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git src/locale/localed.c src/locale/localed.c +index e3061c8..358f6c2 100644 +--- src/locale/localed.c ++++ src/locale/localed.c +@@ -712,15 +712,16 @@ static int find_legacy_keymap(Context *c, char **new_keymap) { + } + } + +- if (matching > 0 && +- streq_ptr(c->x11_model, a[2])) { +- matching++; +- +- if (streq_ptr(c->x11_variant, a[3])) { ++ if (matching > 0) { ++ if (isempty(c->x11_model) || streq_ptr(c->x11_model, a[2])) { + matching++; + +- if (streq_ptr(c->x11_options, a[4])) ++ if (streq_ptr(c->x11_variant, a[3])) { + matching++; ++ ++ if (streq_ptr(c->x11_options, a[4])) ++ matching++; ++ } + } + } + +-- +1.7.9.2 + diff --git a/0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch b/0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch new file mode 100644 index 00000000..51b46fb4 --- /dev/null +++ b/0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch @@ -0,0 +1,27 @@ +From 7bb4d371af5ec6b8c50b71d2a80c2866d8134d9a Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 2 Jul 2014 17:36:47 +0200 +Subject: [PATCH] sd-bus: when an event loop terminates, explicitly close the + bus + +This makes sure we actually release the bus and all the messages it +references. +--- + src/libsystemd/sd-bus/sd-bus.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git src/libsystemd/sd-bus/sd-bus.c src/libsystemd/sd-bus/sd-bus.c +index d52afe8..eb267d4 100644 +--- src/libsystemd/sd-bus/sd-bus.c ++++ src/libsystemd/sd-bus/sd-bus.c +@@ -2940,6 +2940,7 @@ static int quit_callback(sd_event_source *event, void *userdata) { + assert(event); + + sd_bus_flush(bus); ++ sd_bus_close(bus); + + return 1; + } +-- +1.7.9.2 + diff --git a/0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch b/0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch index f50e568d..23ccc1d5 100644 --- a/0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch +++ b/0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch @@ -19,7 +19,7 @@ index e7ff0f8..1709bb7 100644 + if (uid == (uid_t) 0xFFFFFFFF) + return -EINVAL; + -+ /* A long time ago UIDs where 16bit, hence explicitly avoid the 32bit -1 too */ ++ /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */ + if (uid == (uid_t) 0xFFFF) + return -EINVAL; + diff --git a/0005-bus-close-a-bus-that-failed-to-connect.patch b/0005-bus-close-a-bus-that-failed-to-connect.patch new file mode 100644 index 00000000..9633317f --- /dev/null +++ b/0005-bus-close-a-bus-that-failed-to-connect.patch @@ -0,0 +1,28 @@ +From db9bb83fa5ec72da38eb5bd0c259ef8c76a71858 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Thu, 3 Jul 2014 01:19:21 +0200 +Subject: [PATCH] bus: close a bus that failed to connect + +--- + src/libsystemd/sd-bus/sd-bus.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git src/libsystemd/sd-bus/sd-bus.c src/libsystemd/sd-bus/sd-bus.c +index c25375c..28fc19e 100644 +--- src/libsystemd/sd-bus/sd-bus.c ++++ src/libsystemd/sd-bus/sd-bus.c +@@ -1033,8 +1033,10 @@ _public_ int sd_bus_start(sd_bus *bus) { + else + return -EINVAL; + +- if (r < 0) ++ if (r < 0) { ++ sd_bus_close(bus); + return r; ++ } + + return bus_send_hello(bus); + } +-- +1.7.9.2 + diff --git a/1047-udev-net_setup_link-builtin-should-print-the-reason-.patch b/1047-udev-net_setup_link-builtin-should-print-the-reason-.patch new file mode 100644 index 00000000..47fce280 --- /dev/null +++ b/1047-udev-net_setup_link-builtin-should-print-the-reason-.patch @@ -0,0 +1,61 @@ +From 01d4590b775661ebc71c7b81b0c62ccd69395268 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 2 Jul 2014 15:13:29 +0200 +Subject: [PATCH] udev: net_setup_link builtin should print the reason why + something fails + +Let's tell users what is going wrong. +--- + src/udev/udev-builtin-net_setup_link.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git src/udev/udev-builtin-net_setup_link.c src/udev/udev-builtin-net_setup_link.c +index 3cd384e..6207269 100644 +--- src/udev/udev-builtin-net_setup_link.c ++++ src/udev/udev-builtin-net_setup_link.c +@@ -43,17 +43,17 @@ static int builtin_net_setup_link(struct udev_device *dev, int argc, char **argv + r = link_config_get(ctx, dev, &link); + if (r < 0) { + if (r == -ENOENT) { +- log_debug("No matching link configuration found"); ++ log_debug("No matching link configuration found."); + return EXIT_SUCCESS; + } else { +- log_error("Could not get link config"); ++ log_error("Could not get link config: %s", strerror(-r)); + return EXIT_FAILURE; + } + } + + r = link_config_apply(ctx, link, dev, &name); + if (r < 0) { +- log_error("Could not apply link config to %s", udev_device_get_sysname(dev)); ++ log_error("Could not apply link config to %s: %s", udev_device_get_sysname(dev), strerror(-r)); + return EXIT_FAILURE; + } + +@@ -77,18 +77,18 @@ static int builtin_net_setup_link_init(struct udev *udev) { + if (r < 0) + return r; + +- log_debug("Created link configuration context"); ++ log_debug("Created link configuration context."); + return 0; + } + + static void builtin_net_setup_link_exit(struct udev *udev) { + link_config_ctx_free(ctx); + ctx = NULL; +- log_debug("Unloaded link configuration context"); ++ log_debug("Unloaded link configuration context."); + } + + static bool builtin_net_setup_link_validate(struct udev *udev) { +- log_debug("Check if link configuration needs reloading"); ++ log_debug("Check if link configuration needs reloading."); + if (!ctx) + return false; + +-- +1.7.9.2 + diff --git a/systemd-mini.changes b/systemd-mini.changes index 1a41b8a8..90e46fec 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Thu Jul 3 12:48:27 UTC 2014 - werner@suse.de + +- Add upstream patches + 0001-parse_uid-return-ENXIO-for-1-uids.patch + 0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch + 0003-localed-consider-an-unset-model-as-a-wildcard.patch + 0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch + 0005-bus-close-a-bus-that-failed-to-connect.patch + 1047-udev-net_setup_link-builtin-should-print-the-reason-.patch + ------------------------------------------------------------------- Wed Jul 2 18:06:32 UTC 2014 - rmilasan@suse.com diff --git a/systemd-mini.spec b/systemd-mini.spec index dbc79c61..fe5fc917 100644 --- a/systemd-mini.spec +++ b/systemd-mini.spec @@ -615,6 +615,7 @@ Patch300: 0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch Patch301: 0002-journald-make-MaxFileSec-really-default-to-1month.patch # PATCH-FIX-UPSTREAM added at 2014/07/01 Patch302: 0003-units-remove-RefuseManualStart-from-units-which-are-.patch +# PATCH-FIX-UPSTREAM added at 2014/07/01 Patch303: 0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch # PATCH-FIX-UPSTREAM added at 2014/07/01 Patch304: 0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch @@ -622,6 +623,16 @@ Patch304: 0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch Patch305: 0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch # PATCH-FIX-UPSTREAM added at 2014/07/01 Patch306: 0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch307: 0001-parse_uid-return-ENXIO-for-1-uids.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch308: 0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch309: 0003-localed-consider-an-unset-model-as-a-wildcard.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch310: 0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch311: 0005-bus-close-a-bus-that-failed-to-connect.patch # UDEV PATCHES # ============ @@ -721,6 +732,8 @@ Patch1044: 1044-rules-update-qemu-hid-rules.patch Patch1045: 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch # PATCH-FIX-SUSE 1046-fix-duplicated-rules-with-layer3-interfaces.patch (bnc#882714) Patch1046: 1046-fix-duplicated-rules-with-layer3-interfaces.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch1047: 1047-udev-net_setup_link-builtin-should-print-the-reason-.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -1185,6 +1198,11 @@ cp %{SOURCE7} m4/ %patch304 -p0 %patch305 -p0 %patch306 -p0 +%patch307 -p0 +%patch308 -p0 +%patch309 -p0 +%patch310 -p0 +%patch311 -p0 # udev patches %patch1001 -p1 @@ -1240,6 +1258,7 @@ cp %{SOURCE7} m4/ %patch1044 -p0 %patch1045 -p0 %patch1046 -p1 +%patch1047 -p0 # ensure generate files are removed rm -f units/emergency.service diff --git a/systemd.changes b/systemd.changes index 1a41b8a8..90e46fec 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Thu Jul 3 12:48:27 UTC 2014 - werner@suse.de + +- Add upstream patches + 0001-parse_uid-return-ENXIO-for-1-uids.patch + 0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch + 0003-localed-consider-an-unset-model-as-a-wildcard.patch + 0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch + 0005-bus-close-a-bus-that-failed-to-connect.patch + 1047-udev-net_setup_link-builtin-should-print-the-reason-.patch + ------------------------------------------------------------------- Wed Jul 2 18:06:32 UTC 2014 - rmilasan@suse.com diff --git a/systemd.spec b/systemd.spec index bd1a737e..1927cd59 100644 --- a/systemd.spec +++ b/systemd.spec @@ -610,6 +610,7 @@ Patch300: 0001-main-uid_to_name-might-fail-due-to-OOM-protect-again.patch Patch301: 0002-journald-make-MaxFileSec-really-default-to-1month.patch # PATCH-FIX-UPSTREAM added at 2014/07/01 Patch302: 0003-units-remove-RefuseManualStart-from-units-which-are-.patch +# PATCH-FIX-UPSTREAM added at 2014/07/01 Patch303: 0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch # PATCH-FIX-UPSTREAM added at 2014/07/01 Patch304: 0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch @@ -617,6 +618,16 @@ Patch304: 0005-nspawn-block-open_by_handle_at-and-others-via-seccom.patch Patch305: 0006-tmpfiles-don-t-do-automatic-cleanup-in-XDG_RUNTIME_D.patch # PATCH-FIX-UPSTREAM added at 2014/07/01 Patch306: 0007-units-skip-mounting-tmp-if-it-is-a-symlink.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch307: 0001-parse_uid-return-ENXIO-for-1-uids.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch308: 0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch309: 0003-localed-consider-an-unset-model-as-a-wildcard.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch310: 0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch311: 0005-bus-close-a-bus-that-failed-to-connect.patch # UDEV PATCHES # ============ @@ -716,6 +727,8 @@ Patch1044: 1044-rules-update-qemu-hid-rules.patch Patch1045: 1045-rules-don-t-enable-usb-pm-for-Avocent-devices.patch # PATCH-FIX-SUSE 1046-fix-duplicated-rules-with-layer3-interfaces.patch (bnc#882714) Patch1046: 1046-fix-duplicated-rules-with-layer3-interfaces.patch +# PATCH-FIX-UPSTREAM added at 2014/07/03 +Patch1047: 1047-udev-net_setup_link-builtin-should-print-the-reason-.patch %description Systemd is a system and service manager, compatible with SysV and LSB @@ -1180,6 +1193,11 @@ cp %{SOURCE7} m4/ %patch304 -p0 %patch305 -p0 %patch306 -p0 +%patch307 -p0 +%patch308 -p0 +%patch309 -p0 +%patch310 -p0 +%patch311 -p0 # udev patches %patch1001 -p1 @@ -1235,6 +1253,7 @@ cp %{SOURCE7} m4/ %patch1044 -p0 %patch1045 -p0 %patch1046 -p1 +%patch1047 -p0 # ensure generate files are removed rm -f units/emergency.service