rpms
/
glib2
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Backport a patch to work around SELinux policies not allowing SYS_sched_setattr 

https://bugzilla.redhat.com/show_bug.cgi?id=1795524
This commit is contained in:
Kalev Lember 2020-02-12 20:50:27 +01:00
parent fdfddfe804
commit a23372a417
2 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
0001-GThread-Check-if-sched_setattr-is-allowed-by-the-sys.patch Normal file
View File

@ -0,0 +1,39 @@
From 9308ef9a4b82372c5c94e736a2ec68581309a1e3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 10 Feb 2020 14:24:48 +0200
Subject: [PATCH] GThread - Check if sched_setattr is allowed by the system
policies before depending on it
On Fedora it's apparently not allowed so we'll have to fall back to the
thread-spawner thread in GThreadPool instead.
---
glib/gthread-posix.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/glib/gthread-posix.c b/glib/gthread-posix.c
index 9df6d7994..271bb5dbc 100644
--- a/glib/gthread-posix.c
+++ b/glib/gthread-posix.c
@@ -1211,6 +1211,19 @@ g_system_thread_get_scheduler_settings (GThreadSchedulerSettings *scheduler_sett
}
while (res == -1);
+ /* Try setting them on the current thread to see if any system policies are
+ * in place that would disallow doing so */
+ res = syscall (SYS_sched_setattr, tid, scheduler_settings->attr, flags);
+ if (res == -1)
+ {
+ int errsv = errno;
+
+ g_debug ("Failed to set thread scheduler attributes: %s", g_strerror (errsv));
+ g_free (scheduler_settings->attr);
+
+ return FALSE;
+ }
+
return TRUE;
#else
return FALSE;
--
2.24.1

8
glib2.spec
View File

@ -2,7 +2,7 @@
Name: glib2
Version: 2.63.5
Release: 2%{?dist}
Release: 3%{?dist}
Summary: A library of handy utility functions
License: LGPLv2+
@ -11,6 +11,8 @@ Source0: http://download.gnome.org/sources/glib/2.63/glib-%{version}.tar.xz
# https://gitlab.gnome.org/GNOME/glib/merge_requests/1339
Patch0: CVE-2020-6750.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1795524
Patch1: 0001-GThread-Check-if-sched_setattr-is-allowed-by-the-sys.patch
BuildRequires: chrpath
BuildRequires: gcc
@ -219,6 +221,10 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
%{_datadir}/installed-tests
%changelog
* Wed Feb 12 2020 Kalev Lember <klember@redhat.com> - 2.63.5-3
- Backport a patch to work around SELinux policies not allowing
SYS_sched_setattr (#1795524)
* Fri Feb 07 2020 Michael Catanzaro <mcatanzaro@redhat.com> - 2.63.5-2
- Add patch for CVE-2020-6750 and related issues.