Merge branch 'f22' into f21

2015-10-09 11:13:05 +02:00 · 2015-10-09 11:13:05 +02:00 · 92d029b822
parent c85f2ba66f a7b60d7ccf
commit 92d029b822
4 changed files with 365 additions and 1 deletions
--- a/elfutils-0.163-default-yama-conf.patch
+++ b/elfutils-0.163-default-yama-conf.patch
@ -0,0 +1,166 @@
+commit 65a818baa4bcae96c1e9516420fcd87a2db3c863
+Author: Mark Wielaard <mjw@redhat.com>
+Date:   Tue Aug 4 12:20:20 2015 +0200
+
+    spec: Provide default-yama-scope.
+    
+    When yama is enabled in the kernel it might be used to filter any user
+    space access which requires PTRACE_MODE_ATTACH like ptrace attach, access
+    to /proc/PID/{mem,personality,stack,syscall}, and the syscalls
+    process_vm_readv and process_vm_writev which are used for interprocess
+    services, communication and introspection (like synchronisation, signaling,
+    debugging, tracing and profiling) of processes.
+    
+    These are precisely the things that libdw dwfl and ebl backends rely on.
+    So make sure they don't mysteriously fail in such cases by providing the
+    default yama scope sysctl value.
+    
+    This is implemented as a separate subpackage that just provides this
+    functionality so other packages that don't directly rely on elfutils-libs
+    can also just Require: default-yama-scope to function properly.
+    https://bugzilla.redhat.com/show_bug.cgi?id=1209492#c69
+    
+    Signed-off-by: Mark Wielaard <mjw@redhat.com>
+
+diff --git a/config/10-default-yama-scope.conf b/config/10-default-yama-scope.conf
+new file mode 100644
+index 0000000..ba78ebd
+--- /dev/null
+++ b/config/10-default-yama-scope.conf
+@@ -0,0 +1,35 @@
+# When yama is enabled in the kernel it might be used to filter any user
+# space access which requires PTRACE_MODE_ATTACH like ptrace attach, access
+# to /proc/PID/{mem,personality,stack,syscall}, and the syscalls
+# process_vm_readv and process_vm_writev which are used for interprocess
+# services, communication and introspection (like synchronisation, signaling,
+# debugging, tracing and profiling) of processes.
+#
+# Usage of ptrace attach is restricted by normal user permissions. Normal
+# unprivileged processes cannot interact through ptrace with processes
+# that they cannot send signals to or processes that are running set-uid
+# or set-gid.
+#
+# yama ptrace scope can be used to reduce these permissions even more.
+# This should normally not be done because it will break various programs
+# relying on the default ptrace security restrictions. But can be used
+# if you don't have any other way to separate processes in their own
+# domains. A different way to restrict ptrace is to set the selinux
+# deny_ptrace boolean. Both mechanisms will break some programs relying
+# on the ptrace system call and might force users to elevate their
+# priviliges to root to do their work.
+#
+# For more information see Documentation/security/Yama.txt in the kernel
+# sources. Which also describes the defaults when CONFIG_SECURITY_YAMA
+# is enabled in a kernel build (currently 1 for ptrace_scope).
+#
+# This runtime kernel parameter can be set to the following options:
+# (Note that setting this to anything except zero will break programs!)
+#
+# 0 - Default attach security permissions.
+# 1 - Restricted attach. Only child processes plus normal permissions.
+# 2 - Admin-only attach. Only executables with CAP_SYS_PTRACE.
+# 3 - No attach. No process may call ptrace at all. Irrevocable.
+#
+kernel.yama.ptrace_scope = 0
+
+diff --git a/config/ChangeLog b/config/ChangeLog
+index 00f3ddc..31eeca7 100644
+--- a/config/ChangeLog
+++ b/config/ChangeLog
+@@ -1,3 +1,10 @@
+2015-08-04  Mark Wielaard  <mjw@redhat.com>
+
+	* 10-default-yama-scope.conf: New file.
+	* Makefile.am (EXTRA_DIST): Add 10-default-yama-scope.conf.
+	* elfutils.spec.in (Requires): default-yama-scope.
+	(default-yama-scope): New package.
+
+ 2015-06-19  Mark Wielaard  <mjw@redhat.com>
+ 
+ 	* elfutils.spec.in: Update for 0.163.
+diff --git a/config/Makefile.am b/config/Makefile.am
+index 6e61b77..23f7b65 100644
+--- a/config/Makefile.am
+++ b/config/Makefile.am
+@@ -1,7 +1,7 @@
+ ## Process this file with automake to produce Makefile.in -*-Makefile-*-
+ ## Configure input file for elfutils.
+ ##
+-## Copyright (C) 2004, 2005, 2008, 2009, 2011 Red Hat, Inc.
+## Copyright (C) 2004, 2005, 2008, 2009, 2011, 2015 Red Hat, Inc.
+ ## This file is part of elfutils.
+ ##
+ ## This file is free software; you can redistribute it and/or modify
+@@ -28,7 +28,7 @@
+ ## the GNU Lesser General Public License along with this program.  If
+ ## not, see <http://www.gnu.org/licenses/>.
+ ##
+-EXTRA_DIST = elfutils.spec.in known-dwarf.awk
+EXTRA_DIST = elfutils.spec.in known-dwarf.awk 10-default-yama-scope.conf
+ 
+ if MAINTAINER_MODE
+ $(srcdir)/elfutils.spec.in: $(top_srcdir)/NEWS
+diff --git a/config/elfutils.spec.in b/config/elfutils.spec.in
+index 5407f1a..e5f6e29 100644
+--- a/config/elfutils.spec.in
+++ b/config/elfutils.spec.in
+@@ -10,6 +10,7 @@ Obsoletes: libelf libelf-devel
+ Requires: elfutils-libelf = %{version}-%{release}
+ Requires: glibc >= 2.7
+ Requires: libstdc++
+Requires: default-yama-scope
+ 
+ # ExcludeArch: xxx
+ 
+@@ -97,6 +98,22 @@ Conflicts: libelf-devel
+ The elfutils-libelf-static package contains the static archive
+ for libelf.
+ 
+%package default-yama-scope
+Summary: Default yama attach scope sysctl setting
+Group: Development/Tools
+License: GPLv2+ or LGPLv3+
+Provides: default-yama-scope
+BuildArch: noarch
+
+%description default-yama-scope
+Yama sysctl setting to enable default attach scope settings
+enabling programs to use ptrace attach, access to
+/proc/PID/{mem,personality,stack,syscall}, and the syscalls
+process_vm_readv and process_vm_writev which are used for
+interprocess services, communication and introspection
+(like synchronisation, signaling, debugging, tracing and
+profiling) of processes.
+
+ %prep
+ %setup -q
+ 
+@@ -121,6 +138,8 @@ chmod +x ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/elfutils/lib*.so*
+   rm -f .%{_libdir}/libasm.a
+ }
+ 
+install -Dm0644 config/10-default-yama-scope.conf ${RPM_BUILD_ROOT}%{_sysctldir}/10-default-yama-scope.conf
+
+ %check
+ make check
+ 
+@@ -135,6 +154,9 @@ rm -rf ${RPM_BUILD_ROOT}
+ 
+ %postun libelf -p /sbin/ldconfig
+ 
+%post default-yama-scope
+%sysctl_apply 10-default-yama-scope.conf
+
+ %files
+ %defattr(-,root,root)
+ %doc COPYING COPYING-GPLV2 COPYING-LGPLV3 README TODO CONTRIBUTING
+@@ -197,6 +219,9 @@ rm -rf ${RPM_BUILD_ROOT}
+ %files libelf-devel-static
+ %{_libdir}/libelf.a
+ 
+%files default-yama-scope
+%config(noreplace) %{_sysctldir}/10-default-yama-scope.conf
+
+ %changelog
+ * Fri Jun 19 2015 Mark Wielaard <mark@gmail.com> 0.163-1
+ - Bug fixes only, no new features.
--- a/elfutils-0.163-readelf-n-undefined-shift.patch
+++ b/elfutils-0.163-readelf-n-undefined-shift.patch
@ -0,0 +1,49 @@
+commit b00a4fa78779ff0f304fa6cb34d49622679c86d4
+Author: Mark Wielaard <mjw@redhat.com>
+Date:   Thu Sep 3 10:50:58 2015 +0200
+
+    readelf: handle_core_item large right shift triggers undefined behaviour.
+    
+    The problem is this:
+    
+      int n = ffs (w);
+      w >>= n;
+    
+    The intent is to shift away up to (and including) the first least
+    significant bit in w. But w is an unsigned int, so 32 bits. And the
+    least significant bit could be bit 32 (ffs counts from 1). Unfortunately
+    a right shift equal to (or larger than) the length in bits of the left
+    hand operand is undefined behaviour. We expect w to be zero afterwards.
+    Which would terminate the while loop in the function. But since it is
+    undefined behaviour anything can happen. In this case, what will actually
+    happen is that w is unchanged, causing an infinite loop...
+    
+    gcc -fsanitize=undefined will catch and warn about this when w = 0x80000000
+    
+    https://bugzilla.redhat.com/show_bug.cgi?id=1259259
+    
+    Signed-off-by: Mark Wielaard <mjw@redhat.com>
+
+diff --git a/src/readelf.c b/src/readelf.c
+index d3c2b6b..aab8b5c 100644
+--- a/src/readelf.c
+++ b/src/readelf.c
+@@ -8474,8 +8474,16 @@ handle_core_item (Elf *core, const Ebl_Core_Item *item, const void *desc,
+ 	    unsigned int w = negate ? ~*i : *i;
+ 	    while (w != 0)
+ 	      {
+-		int n = ffs (w);
+-		w >>= n;
+		/* Note that a right shift equal to (or greater than)
+		   the number of bits of w is undefined behaviour.  In
+		   particular when the least significant bit is bit 32
+		   (w = 0x8000000) then w >>= n is undefined.  So
+		   explicitly handle that case separately.  */
+		unsigned int n = ffs (w);
+		if (n < sizeof (w) * 8)
+		  w >>= n;
+		else
+		  w = 0;
+ 		bit += n;
+ 
+ 		if (lastbit != 0 && lastbit + 1 == bit)
--- a/elfutils-0.163-unstrip-shf_info_link.patch
+++ b/elfutils-0.163-unstrip-shf_info_link.patch
@ -0,0 +1,91 @@
+commit f9fc50c3eced243c0648fb0fbfe2c9877c25e1e4
+Author: Mark Wielaard <mjw@redhat.com>
+Date:   Wed Jul 29 17:51:27 2015 +0200
+
+    unstrip: Handle debuginfo files with missing SHF_INFO_LINK section flags.
+    
+    With GCC 5 there might be a .rela.plt section with SHF_INFO_LINK set.
+    Buggy binutils objdump might strip it from the section in the debug file.
+    Ignore such differences for relocation sections and put the flag back
+    if necessary.
+    
+    Also improve the error message a little by only discarding the already
+    matched sections if there is an prelink undo section. Otherwise we will
+    report all sections as not matching if the file wasn't prelinked instead
+    of just the non-matching sections.
+    
+    New testfiles generated by gcc5 and binutils objdump added.
+    
+    Signed-off-by: Mark Wielaard <mjw@redhat.com>
+
+diff --git a/src/unstrip.c b/src/unstrip.c
+index 4a8e5fa..8833094 100644
+--- a/src/unstrip.c
+++ b/src/unstrip.c
+@@ -867,12 +867,28 @@ compare_symbols_output (const void *a, const void *b)
+ 
+ #undef CMP
+ 
+/* Return true if the flags of the sections match, ignoring the SHF_INFO_LINK
+   flag if the section contains relocation information.  */
+static bool
+sections_flags_match (Elf64_Xword sh_flags1, Elf64_Xword sh_flags2,
+		      Elf64_Word sh_type)
+{
+  if (sh_type == SHT_REL || sh_type == SHT_RELA)
+    {
+      sh_flags1 &= ~SHF_INFO_LINK;
+      sh_flags2 &= ~SHF_INFO_LINK;
+    }
+
+  return sh_flags1 == sh_flags2;
+}
+
+ /* Return true iff the flags, size, and name match.  */
+ static bool
+ sections_match (const struct section *sections, size_t i,
+ 		const GElf_Shdr *shdr, const char *name)
+ {
+-  return (sections[i].shdr.sh_flags == shdr->sh_flags
+  return (sections_flags_match (sections[i].shdr.sh_flags, shdr->sh_flags,
+				sections[i].shdr.sh_type)
+ 	  && (sections[i].shdr.sh_size == shdr->sh_size
+ 	      || (sections[i].shdr.sh_size < shdr->sh_size
+ 		  && section_can_shrink (&sections[i].shdr)))
+@@ -930,10 +946,6 @@ find_alloc_sections_prelink (Elf *debug, Elf_Data *debug_shstrtab,
+ 			     struct section *sections,
+ 			     size_t nalloc, size_t nsections)
+ {
+-  /* Clear assignments that might have been bogus.  */
+-  for (size_t i = 0; i < nalloc; ++i)
+-    sections[i].outscn = NULL;
+-
+   Elf_Scn *undo = NULL;
+   for (size_t i = nalloc; i < nsections; ++i)
+     {
+@@ -952,6 +964,10 @@ find_alloc_sections_prelink (Elf *debug, Elf_Data *debug_shstrtab,
+   size_t undo_nalloc = 0;
+   if (undo != NULL)
+     {
+      /* Clear assignments that might have been bogus.  */
+      for (size_t i = 0; i < nalloc; ++i)
+	sections[i].outscn = NULL;
+
+       Elf_Data *undodata = elf_rawdata (undo, NULL);
+       ELF_CHECK (undodata != NULL,
+ 		 _("cannot read '.gnu.prelink_undo' section: %s"));
+@@ -1500,6 +1516,14 @@ more sections in stripped file than debug file -- arguments reversed?"));
+ 	shdr_mem.sh_size = sec->shdr.sh_size;
+ 	shdr_mem.sh_info = sec->shdr.sh_info;
+ 	shdr_mem.sh_link = sec->shdr.sh_link;
+
+	/* Buggy binutils objdump might have stripped the SHF_INFO_LINK
+	   put it back if necessary.  */
+	if ((sec->shdr.sh_type == SHT_REL || sec->shdr.sh_type == SHT_RELA)
+	    && sec->shdr.sh_flags != shdr_mem.sh_flags
+	    && (sec->shdr.sh_flags & SHF_INFO_LINK) != 0)
+	  shdr_mem.sh_flags |= SHF_INFO_LINK;
+
+ 	if (sec->shdr.sh_link != SHN_UNDEF)
+ 	  shdr_mem.sh_link = ndx_section[sec->shdr.sh_link - 1];
+ 	if (shdr_mem.sh_flags & SHF_INFO_LINK)
--- a/elfutils.spec
+++ b/elfutils.spec
@ -1,7 +1,7 @@
 Name: elfutils
 Summary: A collection of utilities and DSOs to handle compiled objects
 Version: 0.163
-%global baserelease 1
+%global baserelease 4
 URL: https://fedorahosted.org/elfutils/
 %global source_url http://fedorahosted.org/releases/e/l/elfutils/%{version}/
 License: GPLv3+ and (GPLv2+ or LGPLv3+)
@ -18,6 +18,7 @@ Group: Development/Tools
 %global separate_devel_static   1
 %global use_zlib                0
 %global use_xz                  0
+%global provide_yama_scope	0

 %if 0%{?rhel}
 %global portability             (%rhel < 6)
@ -32,6 +33,7 @@ Group: Development/Tools
 %global separate_devel_static   (%fedora >= 7)
 %global use_zlib                (%fedora >= 5)
 %global use_xz                  (%fedora >= 10)
+%global provide_yama_scope	(%fedora >= 22)
 %endif

 %if %{compat} || %{!?rhel:6}%{?rhel} < 6
@ -46,6 +48,10 @@ Source: %{?source_url}%{name}-%{version}.tar.bz2

 Patch1: %{?source_url}elfutils-portability-%{version}.patch

+Patch2: elfutils-0.163-unstrip-shf_info_link.patch
+Patch3: elfutils-0.163-default-yama-conf.patch
+Patch4: elfutils-0.163-readelf-n-undefined-shift.patch
+
 %if !%{compat}
 Release: %{baserelease}%{?dist}
 %else
@ -97,6 +103,9 @@ License: GPLv2+ or LGPLv3+
 Provides: elfutils-libs%{depsuffix} = %{version}-%{release}
 %endif
 Requires: elfutils-libelf%{depsuffix} = %{version}-%{release}
+%if %{provide_yama_scope}
+Requires: default-yama-scope
+%endif

 %description libs
 The elfutils-libs package contains libraries which implement DWARF, ELF,
@ -185,6 +194,26 @@ Requires: elfutils-libelf-devel%{depsuffix} = %{version}-%{release}
 The elfutils-libelf-static package contains the static archive
 for libelf.

+%if %{provide_yama_scope}
+%package default-yama-scope
+Summary: Default yama attach scope sysctl setting
+Group: Development/Tools
+License: GPLv2+ or LGPLv3+
+Provides: default-yama-scope
+BuildArch: noarch
+# For the sysctl_apply macro
+BuildRequires: systemd >= 215
+
+%description default-yama-scope
+Yama sysctl setting to enable default attach scope settings
+enabling programs to use ptrace attach, access to
+/proc/PID/{mem,personality,stack,syscall}, and the syscalls
+process_vm_readv and process_vm_writev which are used for
+interprocess services, communication and introspection
+(like synchronisation, signaling, debugging, tracing and
+profiling) of processes.
+%endif
+
 %prep
 %setup -q

@ -205,6 +234,10 @@ sed -i.scanf-m -e 's/%m/%a/g' src/addr2line.c tests/line2addr.c
 %endif
 %endif

+%patch2 -p1 -b .shf_info_link
+%patch3 -p1 -b .yama_scope
+%patch4 -p1 -b .right_shift
+
 find . -name \*.sh ! -perm -0100 -print | xargs chmod +x

 %build
@ -246,6 +279,10 @@ chmod +x ${RPM_BUILD_ROOT}%{_prefix}/%{_lib}/elfutils/lib*.so*

 %find_lang %{name}

+%if %{provide_yama_scope}
+install -Dm0644 config/10-default-yama-scope.conf ${RPM_BUILD_ROOT}%{_sysctldir}/10-default-yama-scope.conf
+%endif
+
 %check
 make -s %{?_smp_mflags} check || (cat tests/test-suite.log; %{nocheck})

@ -260,6 +297,11 @@ rm -rf ${RPM_BUILD_ROOT}

 %postun libelf -p /sbin/ldconfig

+%if %{provide_yama_scope}
+%post default-yama-scope
+%sysctl_apply 10-default-yama-scope.conf
+%endif
+
 %files
 %defattr(-,root,root)
 %{!?_licensedir:%global license %%doc}
@ -332,7 +374,23 @@ rm -rf ${RPM_BUILD_ROOT}
 %defattr(-,root,root)
 %{_libdir}/libelf.a

+%if %{provide_yama_scope}
+%files default-yama-scope
+%defattr(-,root,root)
+%config(noreplace) %{_sysctldir}/10-default-yama-scope.conf
+%endif
+
 %changelog
+* Mon Sep 07 2015 Mark Wielaard <mjw@redhat.com> - 0.163-4
+- Add elfutils-0.163-readelf-n-undefined-shift.patch (#1259259)
+
+* Tue Aug 04 2015 Mark Wielaard <mjw@redhat.com> - 0.163-3
+- Add elfutils-0.163-default-yama-conf.patch (#1250079)
+  Provides: default-yama-scope
+
+* Mon Aug 03 2015 Mark Wielaard <mjw@redhat.com> - 0.163-2
+- Add elfutils-0.163-unstrip-shf_info_link.patch
+
 * Fri Jun 19 2015 Mark Wielaard <mjw@redhat.com> - 0.163-1
 - Update to 0.163
  - Drop elfutils-0.162-ftruncate-allocate.patch